1810 files changed, 136818 insertions, 352137 deletions

diff --git a/thirdparty/README.md b/thirdparty/README.md
index 62690e21c7..dacc870103 100644
--- a/thirdparty/README.md
+++ b/thirdparty/README.md
@@ -3,16 +3,32 @@
 
 ## b2d_convexdecomp
 
-- Upstream: https://github.com/erincatto/Box2D (Contributions/Utilities/ConvexDecomposition)
-- Version: TBD
+- Upstream: https://github.com/erincatto/Box2D/tree/master/Contributions/Utilities/ConvexDecomposition
+- Version: git (25615e0, 2015) with modifications
 - License: zlib
 
+The files were adapted to Godot by removing the dependency on b2Math (replacing
+it by b2Glue.h) and commenting out some verbose printf calls.
+Upstream code has not changed in 10 years, no need to keep track of changes.
 
-## certs
 
-- Upstream: ?
+## bullet
+
+- Upstream: https://github.com/bulletphysics/bullet3
+- Version: git (d05ad4b, 2017)
+- License: zlib
+
+Files extracted from upstream source:
+
+- src/* apart from CMakeLists.txt and premake4.lua files
+- LICENSE.txt
 
-TODO.
+
+## certs
+
+- Upstream: Mozilla, via https://packages.ubuntu.com/xenial-updates/ca-certificates
+- Version: 2016-ish
+- License: MPL 2.0
 
 
 ## enet
@@ -40,8 +56,8 @@ tarball before the next update.
 ## etc2comp
 
 - Upstream: https://github.com/google/etc2comp
-- Version: 9cd0f9c (git)
-- License: Apache
+- Version: git (9cd0f9c, 2017)
+- License: Apache 2.0
 
 Files extracted from upstream source:
 
@@ -57,7 +73,7 @@ Files extracted from upstream source:
 - Version: 1.06
 - License: OFL-1.1
 
-Use UI font if exists, because it has tight vertical metrics and good for UI.
+Use UI font variant if available, because it has tight vertical metrics and good for UI.
 
 ### Hack Regular
 
@@ -67,7 +83,9 @@ Use UI font if exists, because it has tight vertical metrics and good for UI.
 
 ### DroidSans*.ttf
 
-- Upstream: ?
+- Upstream: https://android.googlesource.com/platform/frameworks/base/+/master/data/fonts/
+- Version: ? (pre-2014 commit when DroidSansJapanese.ttf was obsoleted)
+- License: Apache 2.0
 
 
 ## freetype
@@ -108,7 +126,7 @@ Files extracted from upstream source:
 ## libogg
 
 - Upstream: https://www.xiph.org/ogg
-- Version: 1.3.2
+- Version: 1.3.3
 - License: BSD-3-Clause
 
 Files extracted from upstream source:
@@ -135,7 +153,7 @@ Files extracted from upstream source:
 ## libsimplewebm
 
 - Upstream: https://github.com/zaps166/libsimplewebm
-- Version: 05cfdc2 (git)
+- Version: git (05cfdc2, 2016)
 - License: MIT, BSD-3-Clause
 
 Files extracted from upstream source:
@@ -171,7 +189,7 @@ Files extracted from upstream source:
 
 ## libvpx
 
-- Upstream: http://www.webmproject.org/code/
+- Upstream: https://chromium.googlesource.com/webm/libvpx/
 - Version: 1.6.0
 - License: BSD-3-Clause
 
@@ -199,6 +217,35 @@ changes to ensure they build for Javascript/HTML5. Those
 changes are marked with `// -- GODOT --` comments.
 
 
+## libwebsockets
+
+- Upstream: https://github.com/warmcat/libwebsockets
+- Version: 2.4.1
+- License: LGPLv2.1 + static linking exception
+
+File extracted from upstream source:
+- Everything in `lib/` except `http2/`, `event-libs/`.
+  - From `misc/` exclude `lws-genhash.c`, `lws-ring.c`, `romfs.{c,h}`, `smtp.c`.
+  - From `plat/` exclude `lws-plat-{esp*,optee}.c`.
+  - From `server/` exclude `access-log.c`, `cgi.c`, `daemonize.c`, `lws-spa.c`, 
+`peer-limits.c`, `rewrite.c`
+- Also copy `win32helpers/` from `win32port/`
+- `mbedtls_wrapper/include/platform/ssl_port.h` has a small change to check for OSX (missing `malloc.h`).
+  The bug is fixed in upstream master via `LWS_HAVE_MALLOC_H`, but not in the 2.4.1 branch (as the file structure has changed).
+
+Important: `lws_config.h` and `lws_config_private.h` contains custom 
+Godot build configurations, check them out when updating.
+
+## mbedTLS
+
+- Upstream: https://tls.mbed.org/
+- Version: 2.7.0
+- License: Apache 2.0
+
+File extracted from upstream release tarball `mbedtls-2.7.0-apache.tgz`:
+- All `*.h` from `include/mbedtls/` to `thirdparty/include/mbedtls/`
+- All `*.c` from `library/` to `thirdparty/library/`
+
 ## minizip
 
 - Upstream: http://www.zlib.net
@@ -229,8 +276,8 @@ Collection of single-file libraries used in Godot components.
   * Version: latest, as of April 2017
   * License: Public Domain
 - `fastlz.{c,h}`
-  * Upstream: https://code.google.com/archive/p/fastlz
-  * Version: svn (r12)
+  * Upstream: https://github.com/ariya/FastLZ
+  * Version: git (f121734, 2007)
   * License: MIT
 - `hq2x.{cpp,h}`
   * Upstream: https://github.com/brunexgeek/hqx
@@ -251,7 +298,7 @@ Collection of single-file libraries used in Godot components.
 - `smaz.{c,h}`
   * Upstream: https://github.com/antirez/smaz
   * Version: git (150e125, 2009)
-  * License: BSD 3-clause
+  * License: BSD-3-Clause
   * Modifications: use `const char*` instead of `char*` for input string
 - `triangulator.{cpp,h}`
   * Upstream: https://github.com/ivanfratric/polypartition (`src/polypartition.cpp`)
@@ -269,19 +316,6 @@ Collection of single-file libraries used in Godot components.
   * Version: ?
   * License: BSD
 
-### poshlib
-
-- Upstream: http://poshlib.hookatooka.com/poshlib/trac.cgi (username guest, password guest123)
-- Version: 1.3.002
-- License: MIT
-
-Files extracted from the upstream source:
-
-- posh.c
-- posh.h
-
-(no license file was included with the upstream distribution)
-
 ### scene
 
 - `mikktspace.{c,h}`
@@ -297,20 +331,6 @@ Files extracted from the upstream source:
   * Version: 1.11
   * License: Public Domain (Unlicense) or MIT
 
-## thekla_atlas
-
-- Upstream: https://github.com/Thekla/thekla_atlas
-- Version: 80a1430 (git)
-- License: zlib
-
-Files extracted from the upstream source:
-
-- Relevant sources from src/
-- License.txt
-
-Important: Some files have Godot-made changes, those
-changes are marked with `// -- GODOT --` comments.
-
 
 ## nanosvg
 
@@ -323,34 +343,6 @@ Files extracted from the upstream source:
 - All .h files in `src/`
 - LICENSE.txt
 
-
-## openssl
-
-- Upstream: https://www.openssl.org
-- Version: 1.0.2l
-- License: OpenSSL license / BSD-like
-
-Files extracted from the upstream source:
-
-- Our `openssl/`: contains the headers installed in /usr/include/openssl;
-  gather them in the source tarball with `make links` and
-  `cp -f include/openssl/*.h ../openssl/openssl/`
-- Our `crypto/`: copy of upstream `crypto/`, with some cleanup (see below).
-- Our `ssl/`: copy of upstream `ssl/`, with some cleanup (see below).
-- Cleanup:
-  ```
-  find \( -name "Makefile" -o -name "*.S" -o -name "*.bat" -o -name "*.bc" \
-    -o -name "*.com" -o -name "*.cnf" -o -name "*.ec" -o -name "*.fre" \
-    -o -name "*.gcc" -o -name "*.in" -o -name "*.lnx" -o -name "*.m4" \
-    -o -name "*.pl" -o -name "*.pod" -o -name "*.s" -o -name "*.sh" \
-    -o -name "*.sol" -o -name "*test*" \) -delete
-  cd openssl; for file in *.h; do find ../{crypto,ssl} -name "$file" -delete; done
-  ```
-  For the rest check the `git status` and decide.
-- e_os.h
-- Apply the Godot-specific patches in the `patches/` folder.
-
-
 ## opus
 
 - Upstream: https://opus-codec.org
@@ -383,7 +375,7 @@ Files extracted from upstream source:
 ## pvrtccompressor
 
 - Upstream: https://bitbucket.org/jthlim/pvrtccompressor
-- Version: hg commit cf71777 - 2015-01-08
+- Version: hg (cf71777, 2015)
 - License: BSD-3-Clause
 
 Files extracted from upstream source:
@@ -395,9 +387,14 @@ Files extracted from upstream source:
 ## recastnavigation
 
 - Upstream: https://github.com/recastnavigation/recastnavigation
-- version: git commit ef3ea40f - 2016-02-06
+- version: git (ef3ea40f, 2017)
 - License: zlib
 
+Files extracted from upstream source:
+
+- `Recast/` folder
+- License.txt
+
 
 ## rtaudio
 
@@ -425,10 +422,25 @@ They are marked with `// -- GODOT start --` and `// -- GODOT end --`
 comments and a patch is provided in the squish/ folder.
 
 
+## thekla_atlas
+
+- Upstream: https://github.com/Thekla/thekla_atlas
+- Version: git (80a1430, 2017)
+- License: MIT
+
+Files extracted from the upstream source:
+
+- Relevant sources from src/
+- License.txt
+
+Important: Some files have Godot-made changes, those
+changes are marked with `// -- GODOT --` comments.
+
+
 ## tinyexr
 
 - Upstream: https://github.com/syoyo/tinyexr
-- Version: 0.9.5+ (git 9f784ca - 24 October 2017)
+- Version: git (e385dad, 2018)
 - License: BSD-3-Clause
 
 Files extracted from upstream source:
@@ -438,7 +450,7 @@ Files extracted from upstream source:
 
 ## zlib
 
-- Upstream: http://www.zlib.net/
+- Upstream: http://www.zlib.net
 - Version: 1.2.11
 - License: zlib
 
@@ -450,10 +462,10 @@ Files extracted from upstream source:
 ## zstd
 
 - Upstream: https://github.com/facebook/zstd
-- Version: 1.3.2
+- Version: 1.3.3
 - License: BSD-3-Clause
 
 Files extracted from upstream source:
 
 - lib/{common/,compress/,decompress/,zstd.h}
-- README.md, LICENSE
+- LICENSE
diff --git a/thirdparty/bullet/src/Bullet3Collision/BroadPhaseCollision/b3BroadphaseCallback.h b/thirdparty/bullet/Bullet3Collision/BroadPhaseCollision/b3BroadphaseCallback.h
index 1bc56cf80a..1bc56cf80a 100644
--- a/thirdparty/bullet/src/Bullet3Collision/BroadPhaseCollision/b3BroadphaseCallback.h
+++ b/thirdparty/bullet/Bullet3Collision/BroadPhaseCollision/b3BroadphaseCallback.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/BroadPhaseCollision/b3DynamicBvh.cpp b/thirdparty/bullet/Bullet3Collision/BroadPhaseCollision/b3DynamicBvh.cpp
index 0f04efe331..0f04efe331 100644
--- a/thirdparty/bullet/src/Bullet3Collision/BroadPhaseCollision/b3DynamicBvh.cpp
+++ b/thirdparty/bullet/Bullet3Collision/BroadPhaseCollision/b3DynamicBvh.cpp
diff --git a/thirdparty/bullet/src/Bullet3Collision/BroadPhaseCollision/b3DynamicBvh.h b/thirdparty/bullet/Bullet3Collision/BroadPhaseCollision/b3DynamicBvh.h
index c004b9130f..c004b9130f 100644
--- a/thirdparty/bullet/src/Bullet3Collision/BroadPhaseCollision/b3DynamicBvh.h
+++ b/thirdparty/bullet/Bullet3Collision/BroadPhaseCollision/b3DynamicBvh.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/BroadPhaseCollision/b3DynamicBvhBroadphase.cpp b/thirdparty/bullet/Bullet3Collision/BroadPhaseCollision/b3DynamicBvhBroadphase.cpp
index bc150955b8..bc150955b8 100644
--- a/thirdparty/bullet/src/Bullet3Collision/BroadPhaseCollision/b3DynamicBvhBroadphase.cpp
+++ b/thirdparty/bullet/Bullet3Collision/BroadPhaseCollision/b3DynamicBvhBroadphase.cpp
diff --git a/thirdparty/bullet/src/Bullet3Collision/BroadPhaseCollision/b3DynamicBvhBroadphase.h b/thirdparty/bullet/Bullet3Collision/BroadPhaseCollision/b3DynamicBvhBroadphase.h
index 7ac085d90c..7ac085d90c 100644
--- a/thirdparty/bullet/src/Bullet3Collision/BroadPhaseCollision/b3DynamicBvhBroadphase.h
+++ b/thirdparty/bullet/Bullet3Collision/BroadPhaseCollision/b3DynamicBvhBroadphase.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/BroadPhaseCollision/b3OverlappingPair.h b/thirdparty/bullet/Bullet3Collision/BroadPhaseCollision/b3OverlappingPair.h
index 39bf27de3e..39bf27de3e 100644
--- a/thirdparty/bullet/src/Bullet3Collision/BroadPhaseCollision/b3OverlappingPair.h
+++ b/thirdparty/bullet/Bullet3Collision/BroadPhaseCollision/b3OverlappingPair.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/BroadPhaseCollision/b3OverlappingPairCache.cpp b/thirdparty/bullet/Bullet3Collision/BroadPhaseCollision/b3OverlappingPairCache.cpp
index e4bda61624..e4bda61624 100644
--- a/thirdparty/bullet/src/Bullet3Collision/BroadPhaseCollision/b3OverlappingPairCache.cpp
+++ b/thirdparty/bullet/Bullet3Collision/BroadPhaseCollision/b3OverlappingPairCache.cpp
diff --git a/thirdparty/bullet/src/Bullet3Collision/BroadPhaseCollision/b3OverlappingPairCache.h b/thirdparty/bullet/Bullet3Collision/BroadPhaseCollision/b3OverlappingPairCache.h
index f67eb676f1..f67eb676f1 100644
--- a/thirdparty/bullet/src/Bullet3Collision/BroadPhaseCollision/b3OverlappingPairCache.h
+++ b/thirdparty/bullet/Bullet3Collision/BroadPhaseCollision/b3OverlappingPairCache.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/BroadPhaseCollision/shared/b3Aabb.h b/thirdparty/bullet/Bullet3Collision/BroadPhaseCollision/shared/b3Aabb.h
index 7f9bf990bf..7f9bf990bf 100644
--- a/thirdparty/bullet/src/Bullet3Collision/BroadPhaseCollision/shared/b3Aabb.h
+++ b/thirdparty/bullet/Bullet3Collision/BroadPhaseCollision/shared/b3Aabb.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/b3Config.h b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/b3Config.h
index 65d4a21613..65d4a21613 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/b3Config.h
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/b3Config.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/b3Contact4.h b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/b3Contact4.h
index fb25165673..fb25165673 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/b3Contact4.h
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/b3Contact4.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/b3ConvexUtility.cpp b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/b3ConvexUtility.cpp
index 55706fa631..55706fa631 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/b3ConvexUtility.cpp
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/b3ConvexUtility.cpp
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/b3ConvexUtility.h b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/b3ConvexUtility.h
index 86c4151f8c..86c4151f8c 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/b3ConvexUtility.h
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/b3ConvexUtility.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/b3CpuNarrowPhase.cpp b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/b3CpuNarrowPhase.cpp
index c3134b2c65..c3134b2c65 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/b3CpuNarrowPhase.cpp
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/b3CpuNarrowPhase.cpp
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/b3CpuNarrowPhase.h b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/b3CpuNarrowPhase.h
index 528be3346d..528be3346d 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/b3CpuNarrowPhase.h
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/b3CpuNarrowPhase.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/b3RaycastInfo.h b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/b3RaycastInfo.h
index fba8bd07a4..fba8bd07a4 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/b3RaycastInfo.h
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/b3RaycastInfo.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/b3RigidBodyCL.h b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/b3RigidBodyCL.h
index d58f71802f..d58f71802f 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/b3RigidBodyCL.h
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/b3RigidBodyCL.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3BvhSubtreeInfoData.h b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3BvhSubtreeInfoData.h
index 8788ccbb47..8788ccbb47 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3BvhSubtreeInfoData.h
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3BvhSubtreeInfoData.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3BvhTraversal.h b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3BvhTraversal.h
index 2618da24bc..2618da24bc 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3BvhTraversal.h
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3BvhTraversal.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3ClipFaces.h b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3ClipFaces.h
index 8009e7d6e0..8009e7d6e0 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3ClipFaces.h
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3ClipFaces.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3Collidable.h b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3Collidable.h
index 77cdc7b7a9..77cdc7b7a9 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3Collidable.h
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3Collidable.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3Contact4Data.h b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3Contact4Data.h
index dfd45cc566..dfd45cc566 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3Contact4Data.h
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3Contact4Data.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3ContactConvexConvexSAT.h b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3ContactConvexConvexSAT.h
index f295f01a6c..f295f01a6c 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3ContactConvexConvexSAT.h
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3ContactConvexConvexSAT.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3ContactSphereSphere.h b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3ContactSphereSphere.h
index a3fa82287b..a3fa82287b 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3ContactSphereSphere.h
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3ContactSphereSphere.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3ConvexPolyhedronData.h b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3ConvexPolyhedronData.h
index 5c5f4e297f..5c5f4e297f 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3ConvexPolyhedronData.h
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3ConvexPolyhedronData.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3FindConcaveSatAxis.h b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3FindConcaveSatAxis.h
index 89993f3565..89993f3565 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3FindConcaveSatAxis.h
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3FindConcaveSatAxis.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3FindSeparatingAxis.h b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3FindSeparatingAxis.h
index 332dbc278c..332dbc278c 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3FindSeparatingAxis.h
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3FindSeparatingAxis.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3MprPenetration.h b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3MprPenetration.h
index 6c3ad7c9dd..6c3ad7c9dd 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3MprPenetration.h
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3MprPenetration.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3NewContactReduction.h b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3NewContactReduction.h
index 718222ebca..718222ebca 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3NewContactReduction.h
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3NewContactReduction.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3QuantizedBvhNodeData.h b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3QuantizedBvhNodeData.h
index 3661e43cf1..3661e43cf1 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3QuantizedBvhNodeData.h
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3QuantizedBvhNodeData.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3ReduceContacts.h b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3ReduceContacts.h
index 35b5197006..35b5197006 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3ReduceContacts.h
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3ReduceContacts.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3RigidBodyData.h b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3RigidBodyData.h
index 50632c871f..50632c871f 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3RigidBodyData.h
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3RigidBodyData.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3UpdateAabbs.h b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3UpdateAabbs.h
index 8d40d19a03..8d40d19a03 100644
--- a/thirdparty/bullet/src/Bullet3Collision/NarrowPhaseCollision/shared/b3UpdateAabbs.h
+++ b/thirdparty/bullet/Bullet3Collision/NarrowPhaseCollision/shared/b3UpdateAabbs.h
diff --git a/thirdparty/bullet/src/Bullet3Common/b3AlignedAllocator.cpp b/thirdparty/bullet/Bullet3Common/b3AlignedAllocator.cpp
index b98e2b4d33..b98e2b4d33 100644
--- a/thirdparty/bullet/src/Bullet3Common/b3AlignedAllocator.cpp
+++ b/thirdparty/bullet/Bullet3Common/b3AlignedAllocator.cpp
diff --git a/thirdparty/bullet/src/Bullet3Common/b3AlignedAllocator.h b/thirdparty/bullet/Bullet3Common/b3AlignedAllocator.h
index be418bd55f..be418bd55f 100644
--- a/thirdparty/bullet/src/Bullet3Common/b3AlignedAllocator.h
+++ b/thirdparty/bullet/Bullet3Common/b3AlignedAllocator.h
diff --git a/thirdparty/bullet/src/Bullet3Common/b3AlignedObjectArray.h b/thirdparty/bullet/Bullet3Common/b3AlignedObjectArray.h
index 947362d08e..947362d08e 100644
--- a/thirdparty/bullet/src/Bullet3Common/b3AlignedObjectArray.h
+++ b/thirdparty/bullet/Bullet3Common/b3AlignedObjectArray.h
diff --git a/thirdparty/bullet/src/Bullet3Common/b3CommandLineArgs.h b/thirdparty/bullet/Bullet3Common/b3CommandLineArgs.h
index 38df8e2600..38df8e2600 100644
--- a/thirdparty/bullet/src/Bullet3Common/b3CommandLineArgs.h
+++ b/thirdparty/bullet/Bullet3Common/b3CommandLineArgs.h
diff --git a/thirdparty/bullet/src/Bullet3Common/b3FileUtils.h b/thirdparty/bullet/Bullet3Common/b3FileUtils.h
index 1a331029ea..1a331029ea 100644
--- a/thirdparty/bullet/src/Bullet3Common/b3FileUtils.h
+++ b/thirdparty/bullet/Bullet3Common/b3FileUtils.h
diff --git a/thirdparty/bullet/src/Bullet3Common/b3HashMap.h b/thirdparty/bullet/Bullet3Common/b3HashMap.h
index 24a59d9baa..24a59d9baa 100644
--- a/thirdparty/bullet/src/Bullet3Common/b3HashMap.h
+++ b/thirdparty/bullet/Bullet3Common/b3HashMap.h
diff --git a/thirdparty/bullet/src/Bullet3Common/b3Logging.cpp b/thirdparty/bullet/Bullet3Common/b3Logging.cpp
index a8e9507155..a8e9507155 100644
--- a/thirdparty/bullet/src/Bullet3Common/b3Logging.cpp
+++ b/thirdparty/bullet/Bullet3Common/b3Logging.cpp
diff --git a/thirdparty/bullet/src/Bullet3Common/b3Logging.h b/thirdparty/bullet/Bullet3Common/b3Logging.h
index b302effe43..b302effe43 100644
--- a/thirdparty/bullet/src/Bullet3Common/b3Logging.h
+++ b/thirdparty/bullet/Bullet3Common/b3Logging.h
diff --git a/thirdparty/bullet/src/Bullet3Common/b3Matrix3x3.h b/thirdparty/bullet/Bullet3Common/b3Matrix3x3.h
index 89b57cf59a..89b57cf59a 100644
--- a/thirdparty/bullet/src/Bullet3Common/b3Matrix3x3.h
+++ b/thirdparty/bullet/Bullet3Common/b3Matrix3x3.h
diff --git a/thirdparty/bullet/src/Bullet3Common/b3MinMax.h b/thirdparty/bullet/Bullet3Common/b3MinMax.h
index 73af23a4f9..73af23a4f9 100644
--- a/thirdparty/bullet/src/Bullet3Common/b3MinMax.h
+++ b/thirdparty/bullet/Bullet3Common/b3MinMax.h
diff --git a/thirdparty/bullet/src/Bullet3Common/b3PoolAllocator.h b/thirdparty/bullet/Bullet3Common/b3PoolAllocator.h
index 2fcdcf5b24..2fcdcf5b24 100644
--- a/thirdparty/bullet/src/Bullet3Common/b3PoolAllocator.h
+++ b/thirdparty/bullet/Bullet3Common/b3PoolAllocator.h
diff --git a/thirdparty/bullet/src/Bullet3Common/b3QuadWord.h b/thirdparty/bullet/Bullet3Common/b3QuadWord.h
index 65c9581977..65c9581977 100644
--- a/thirdparty/bullet/src/Bullet3Common/b3QuadWord.h
+++ b/thirdparty/bullet/Bullet3Common/b3QuadWord.h
diff --git a/thirdparty/bullet/src/Bullet3Common/b3Quaternion.h b/thirdparty/bullet/Bullet3Common/b3Quaternion.h
index ad20543348..ad20543348 100644
--- a/thirdparty/bullet/src/Bullet3Common/b3Quaternion.h
+++ b/thirdparty/bullet/Bullet3Common/b3Quaternion.h
diff --git a/thirdparty/bullet/src/Bullet3Common/b3Random.h b/thirdparty/bullet/Bullet3Common/b3Random.h
index dc040f1562..dc040f1562 100644
--- a/thirdparty/bullet/src/Bullet3Common/b3Random.h
+++ b/thirdparty/bullet/Bullet3Common/b3Random.h
diff --git a/thirdparty/bullet/src/Bullet3Common/b3ResizablePool.h b/thirdparty/bullet/Bullet3Common/b3ResizablePool.h
index 06ad8a778d..06ad8a778d 100644
--- a/thirdparty/bullet/src/Bullet3Common/b3ResizablePool.h
+++ b/thirdparty/bullet/Bullet3Common/b3ResizablePool.h
diff --git a/thirdparty/bullet/src/Bullet3Common/b3Scalar.h b/thirdparty/bullet/Bullet3Common/b3Scalar.h
index dbc7fea397..dbc7fea397 100644
--- a/thirdparty/bullet/src/Bullet3Common/b3Scalar.h
+++ b/thirdparty/bullet/Bullet3Common/b3Scalar.h
diff --git a/thirdparty/bullet/src/Bullet3Common/b3StackAlloc.h b/thirdparty/bullet/Bullet3Common/b3StackAlloc.h
index de7de056b5..de7de056b5 100644
--- a/thirdparty/bullet/src/Bullet3Common/b3StackAlloc.h
+++ b/thirdparty/bullet/Bullet3Common/b3StackAlloc.h
diff --git a/thirdparty/bullet/src/Bullet3Common/b3Transform.h b/thirdparty/bullet/Bullet3Common/b3Transform.h
index fa480759be..fa480759be 100644
--- a/thirdparty/bullet/src/Bullet3Common/b3Transform.h
+++ b/thirdparty/bullet/Bullet3Common/b3Transform.h
diff --git a/thirdparty/bullet/src/Bullet3Common/b3TransformUtil.h b/thirdparty/bullet/Bullet3Common/b3TransformUtil.h
index 6ce580c132..6ce580c132 100644
--- a/thirdparty/bullet/src/Bullet3Common/b3TransformUtil.h
+++ b/thirdparty/bullet/Bullet3Common/b3TransformUtil.h
diff --git a/thirdparty/bullet/src/Bullet3Common/b3Vector3.cpp b/thirdparty/bullet/Bullet3Common/b3Vector3.cpp
index 5f5ac4ac04..5f5ac4ac04 100644
--- a/thirdparty/bullet/src/Bullet3Common/b3Vector3.cpp
+++ b/thirdparty/bullet/Bullet3Common/b3Vector3.cpp
diff --git a/thirdparty/bullet/src/Bullet3Common/b3Vector3.h b/thirdparty/bullet/Bullet3Common/b3Vector3.h
index 16ec02b0ed..16ec02b0ed 100644
--- a/thirdparty/bullet/src/Bullet3Common/b3Vector3.h
+++ b/thirdparty/bullet/Bullet3Common/b3Vector3.h
diff --git a/thirdparty/bullet/src/Bullet3Common/shared/b3Float4.h b/thirdparty/bullet/Bullet3Common/shared/b3Float4.h
index 5e4b95bcee..5e4b95bcee 100644
--- a/thirdparty/bullet/src/Bullet3Common/shared/b3Float4.h
+++ b/thirdparty/bullet/Bullet3Common/shared/b3Float4.h
diff --git a/thirdparty/bullet/src/Bullet3Common/shared/b3Int2.h b/thirdparty/bullet/Bullet3Common/shared/b3Int2.h
index f1d01f81a5..f1d01f81a5 100644
--- a/thirdparty/bullet/src/Bullet3Common/shared/b3Int2.h
+++ b/thirdparty/bullet/Bullet3Common/shared/b3Int2.h
diff --git a/thirdparty/bullet/src/Bullet3Common/shared/b3Int4.h b/thirdparty/bullet/Bullet3Common/shared/b3Int4.h
index aa02d6beef..aa02d6beef 100644
--- a/thirdparty/bullet/src/Bullet3Common/shared/b3Int4.h
+++ b/thirdparty/bullet/Bullet3Common/shared/b3Int4.h
diff --git a/thirdparty/bullet/src/Bullet3Common/shared/b3Mat3x3.h b/thirdparty/bullet/Bullet3Common/shared/b3Mat3x3.h
index 7b1fef32f8..7b1fef32f8 100644
--- a/thirdparty/bullet/src/Bullet3Common/shared/b3Mat3x3.h
+++ b/thirdparty/bullet/Bullet3Common/shared/b3Mat3x3.h
diff --git a/thirdparty/bullet/src/Bullet3Common/shared/b3PlatformDefinitions.h b/thirdparty/bullet/Bullet3Common/shared/b3PlatformDefinitions.h
index 1c133fb088..1c133fb088 100644
--- a/thirdparty/bullet/src/Bullet3Common/shared/b3PlatformDefinitions.h
+++ b/thirdparty/bullet/Bullet3Common/shared/b3PlatformDefinitions.h
diff --git a/thirdparty/bullet/src/Bullet3Common/shared/b3Quat.h b/thirdparty/bullet/Bullet3Common/shared/b3Quat.h
index f262d5e08f..f262d5e08f 100644
--- a/thirdparty/bullet/src/Bullet3Common/shared/b3Quat.h
+++ b/thirdparty/bullet/Bullet3Common/shared/b3Quat.h
diff --git a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3ContactSolverInfo.h b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3ContactSolverInfo.h
index 7a12257b33..7a12257b33 100644
--- a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3ContactSolverInfo.h
+++ b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3ContactSolverInfo.h
diff --git a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3FixedConstraint.cpp b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3FixedConstraint.cpp
index 5e11e74935..5e11e74935 100644
--- a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3FixedConstraint.cpp
+++ b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3FixedConstraint.cpp
diff --git a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3FixedConstraint.h b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3FixedConstraint.h
index e884a82912..e884a82912 100644
--- a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3FixedConstraint.h
+++ b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3FixedConstraint.h
diff --git a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3Generic6DofConstraint.cpp b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3Generic6DofConstraint.cpp
index 168a773d56..168a773d56 100644
--- a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3Generic6DofConstraint.cpp
+++ b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3Generic6DofConstraint.cpp
diff --git a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3Generic6DofConstraint.h b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3Generic6DofConstraint.h
index 084d36055c..084d36055c 100644
--- a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3Generic6DofConstraint.h
+++ b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3Generic6DofConstraint.h
diff --git a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3JacobianEntry.h b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3JacobianEntry.h
index a55168eb38..a55168eb38 100644
--- a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3JacobianEntry.h
+++ b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3JacobianEntry.h
diff --git a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3PgsJacobiSolver.cpp b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3PgsJacobiSolver.cpp
index de729d4556..de729d4556 100644
--- a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3PgsJacobiSolver.cpp
+++ b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3PgsJacobiSolver.cpp
diff --git a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3PgsJacobiSolver.h b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3PgsJacobiSolver.h
index d2ca307fab..d2ca307fab 100644
--- a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3PgsJacobiSolver.h
+++ b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3PgsJacobiSolver.h
diff --git a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3Point2PointConstraint.cpp b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3Point2PointConstraint.cpp
index 02c11db320..02c11db320 100644
--- a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3Point2PointConstraint.cpp
+++ b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3Point2PointConstraint.cpp
diff --git a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3Point2PointConstraint.h b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3Point2PointConstraint.h
index 681b487334..681b487334 100644
--- a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3Point2PointConstraint.h
+++ b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3Point2PointConstraint.h
diff --git a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3SolverBody.h b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3SolverBody.h
index 0049317d98..0049317d98 100644
--- a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3SolverBody.h
+++ b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3SolverBody.h
diff --git a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3SolverConstraint.h b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3SolverConstraint.h
index bce83d4608..bce83d4608 100644
--- a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3SolverConstraint.h
+++ b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3SolverConstraint.h
diff --git a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3TypedConstraint.cpp b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3TypedConstraint.cpp
index 699c481d64..699c481d64 100644
--- a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3TypedConstraint.cpp
+++ b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3TypedConstraint.cpp
diff --git a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3TypedConstraint.h b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3TypedConstraint.h
index cf9cec0d5e..cf9cec0d5e 100644
--- a/thirdparty/bullet/src/Bullet3Dynamics/ConstraintSolver/b3TypedConstraint.h
+++ b/thirdparty/bullet/Bullet3Dynamics/ConstraintSolver/b3TypedConstraint.h
diff --git a/thirdparty/bullet/src/Bullet3Dynamics/b3CpuRigidBodyPipeline.cpp b/thirdparty/bullet/Bullet3Dynamics/b3CpuRigidBodyPipeline.cpp
index fbc84cc28d..fbc84cc28d 100644
--- a/thirdparty/bullet/src/Bullet3Dynamics/b3CpuRigidBodyPipeline.cpp
+++ b/thirdparty/bullet/Bullet3Dynamics/b3CpuRigidBodyPipeline.cpp
diff --git a/thirdparty/bullet/src/Bullet3Dynamics/b3CpuRigidBodyPipeline.h b/thirdparty/bullet/Bullet3Dynamics/b3CpuRigidBodyPipeline.h
index 2f3c2ae77e..2f3c2ae77e 100644
--- a/thirdparty/bullet/src/Bullet3Dynamics/b3CpuRigidBodyPipeline.h
+++ b/thirdparty/bullet/Bullet3Dynamics/b3CpuRigidBodyPipeline.h
diff --git a/thirdparty/bullet/src/Bullet3Dynamics/shared/b3ContactConstraint4.h b/thirdparty/bullet/Bullet3Dynamics/shared/b3ContactConstraint4.h
index 68cf65e312..68cf65e312 100644
--- a/thirdparty/bullet/src/Bullet3Dynamics/shared/b3ContactConstraint4.h
+++ b/thirdparty/bullet/Bullet3Dynamics/shared/b3ContactConstraint4.h
diff --git a/thirdparty/bullet/src/Bullet3Dynamics/shared/b3ConvertConstraint4.h b/thirdparty/bullet/Bullet3Dynamics/shared/b3ConvertConstraint4.h
index 805a2bd3ea..805a2bd3ea 100644
--- a/thirdparty/bullet/src/Bullet3Dynamics/shared/b3ConvertConstraint4.h
+++ b/thirdparty/bullet/Bullet3Dynamics/shared/b3ConvertConstraint4.h
diff --git a/thirdparty/bullet/src/Bullet3Dynamics/shared/b3Inertia.h b/thirdparty/bullet/Bullet3Dynamics/shared/b3Inertia.h
index 96fe9f8b39..96fe9f8b39 100644
--- a/thirdparty/bullet/src/Bullet3Dynamics/shared/b3Inertia.h
+++ b/thirdparty/bullet/Bullet3Dynamics/shared/b3Inertia.h
diff --git a/thirdparty/bullet/src/Bullet3Dynamics/shared/b3IntegrateTransforms.h b/thirdparty/bullet/Bullet3Dynamics/shared/b3IntegrateTransforms.h
index e96f90d3f3..e96f90d3f3 100644
--- a/thirdparty/bullet/src/Bullet3Dynamics/shared/b3IntegrateTransforms.h
+++ b/thirdparty/bullet/Bullet3Dynamics/shared/b3IntegrateTransforms.h
diff --git a/thirdparty/bullet/src/Bullet3Geometry/b3AabbUtil.h b/thirdparty/bullet/Bullet3Geometry/b3AabbUtil.h
index 4c72d5bbfc..4c72d5bbfc 100644
--- a/thirdparty/bullet/src/Bullet3Geometry/b3AabbUtil.h
+++ b/thirdparty/bullet/Bullet3Geometry/b3AabbUtil.h
diff --git a/thirdparty/bullet/src/Bullet3Geometry/b3ConvexHullComputer.cpp b/thirdparty/bullet/Bullet3Geometry/b3ConvexHullComputer.cpp
index 18835c38d5..18835c38d5 100644
--- a/thirdparty/bullet/src/Bullet3Geometry/b3ConvexHullComputer.cpp
+++ b/thirdparty/bullet/Bullet3Geometry/b3ConvexHullComputer.cpp
diff --git a/thirdparty/bullet/src/Bullet3Geometry/b3ConvexHullComputer.h b/thirdparty/bullet/Bullet3Geometry/b3ConvexHullComputer.h
index 6dcc931a78..6dcc931a78 100644
--- a/thirdparty/bullet/src/Bullet3Geometry/b3ConvexHullComputer.h
+++ b/thirdparty/bullet/Bullet3Geometry/b3ConvexHullComputer.h
diff --git a/thirdparty/bullet/src/Bullet3Geometry/b3GeometryUtil.cpp b/thirdparty/bullet/Bullet3Geometry/b3GeometryUtil.cpp
index dd80fed6bd..dd80fed6bd 100644
--- a/thirdparty/bullet/src/Bullet3Geometry/b3GeometryUtil.cpp
+++ b/thirdparty/bullet/Bullet3Geometry/b3GeometryUtil.cpp
diff --git a/thirdparty/bullet/src/Bullet3Geometry/b3GeometryUtil.h b/thirdparty/bullet/Bullet3Geometry/b3GeometryUtil.h
index 8b5fd7ad62..8b5fd7ad62 100644
--- a/thirdparty/bullet/src/Bullet3Geometry/b3GeometryUtil.h
+++ b/thirdparty/bullet/Bullet3Geometry/b3GeometryUtil.h
diff --git a/thirdparty/bullet/src/Bullet3Geometry/b3GrahamScan2dConvexHull.h b/thirdparty/bullet/Bullet3Geometry/b3GrahamScan2dConvexHull.h
index 1b933c5264..1b933c5264 100644
--- a/thirdparty/bullet/src/Bullet3Geometry/b3GrahamScan2dConvexHull.h
+++ b/thirdparty/bullet/Bullet3Geometry/b3GrahamScan2dConvexHull.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/b3GpuBroadphaseInterface.h b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/b3GpuBroadphaseInterface.h
index 0ed8aa8232..0ed8aa8232 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/b3GpuBroadphaseInterface.h
+++ b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/b3GpuBroadphaseInterface.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/b3GpuGridBroadphase.cpp b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/b3GpuGridBroadphase.cpp
index 74d0c8056c..74d0c8056c 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/b3GpuGridBroadphase.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/b3GpuGridBroadphase.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/b3GpuGridBroadphase.h b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/b3GpuGridBroadphase.h
index ec18c9f716..ec18c9f716 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/b3GpuGridBroadphase.h
+++ b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/b3GpuGridBroadphase.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/b3GpuParallelLinearBvh.cpp b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/b3GpuParallelLinearBvh.cpp
index 641df9eb12..641df9eb12 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/b3GpuParallelLinearBvh.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/b3GpuParallelLinearBvh.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/b3GpuParallelLinearBvh.h b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/b3GpuParallelLinearBvh.h
index effe617b7b..effe617b7b 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/b3GpuParallelLinearBvh.h
+++ b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/b3GpuParallelLinearBvh.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/b3GpuParallelLinearBvhBroadphase.cpp b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/b3GpuParallelLinearBvhBroadphase.cpp
index d2618024ac..d2618024ac 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/b3GpuParallelLinearBvhBroadphase.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/b3GpuParallelLinearBvhBroadphase.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/b3GpuParallelLinearBvhBroadphase.h b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/b3GpuParallelLinearBvhBroadphase.h
index e518500637..e518500637 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/b3GpuParallelLinearBvhBroadphase.h
+++ b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/b3GpuParallelLinearBvhBroadphase.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/b3GpuSapBroadphase.cpp b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/b3GpuSapBroadphase.cpp
index c45fbbdcaa..c45fbbdcaa 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/b3GpuSapBroadphase.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/b3GpuSapBroadphase.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/b3GpuSapBroadphase.h b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/b3GpuSapBroadphase.h
index 8d36ac78f2..8d36ac78f2 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/b3GpuSapBroadphase.h
+++ b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/b3GpuSapBroadphase.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/b3SapAabb.h b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/b3SapAabb.h
index ea6550fede..ea6550fede 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/b3SapAabb.h
+++ b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/b3SapAabb.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/kernels/gridBroadphase.cl b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/kernels/gridBroadphase.cl
index ded4796d33..ded4796d33 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/kernels/gridBroadphase.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/kernels/gridBroadphase.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/kernels/gridBroadphaseKernels.h b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/kernels/gridBroadphaseKernels.h
index dad42477c3..dad42477c3 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/kernels/gridBroadphaseKernels.h
+++ b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/kernels/gridBroadphaseKernels.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/kernels/parallelLinearBvh.cl b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/kernels/parallelLinearBvh.cl
index c375b9bf37..c375b9bf37 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/kernels/parallelLinearBvh.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/kernels/parallelLinearBvh.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/kernels/parallelLinearBvhKernels.h b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/kernels/parallelLinearBvhKernels.h
index 5eb8f45b16..5eb8f45b16 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/kernels/parallelLinearBvhKernels.h
+++ b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/kernels/parallelLinearBvhKernels.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/kernels/sap.cl b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/kernels/sap.cl
index 93f77a6433..93f77a6433 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/kernels/sap.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/kernels/sap.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/kernels/sapKernels.h b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/kernels/sapKernels.h
index 04d40fcf26..04d40fcf26 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/BroadphaseCollision/kernels/sapKernels.h
+++ b/thirdparty/bullet/Bullet3OpenCL/BroadphaseCollision/kernels/sapKernels.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/Initialize/b3OpenCLInclude.h b/thirdparty/bullet/Bullet3OpenCL/Initialize/b3OpenCLInclude.h
index e79182d7cb..e79182d7cb 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/Initialize/b3OpenCLInclude.h
+++ b/thirdparty/bullet/Bullet3OpenCL/Initialize/b3OpenCLInclude.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/Initialize/b3OpenCLUtils.cpp b/thirdparty/bullet/Bullet3OpenCL/Initialize/b3OpenCLUtils.cpp
index dd194fc7ba..dd194fc7ba 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/Initialize/b3OpenCLUtils.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/Initialize/b3OpenCLUtils.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/Initialize/b3OpenCLUtils.h b/thirdparty/bullet/Bullet3OpenCL/Initialize/b3OpenCLUtils.h
index db6466e76b..db6466e76b 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/Initialize/b3OpenCLUtils.h
+++ b/thirdparty/bullet/Bullet3OpenCL/Initialize/b3OpenCLUtils.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3BvhInfo.h b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3BvhInfo.h
index 872f039506..872f039506 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3BvhInfo.h
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3BvhInfo.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3ContactCache.cpp b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3ContactCache.cpp
index cb30ee939b..cb30ee939b 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3ContactCache.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3ContactCache.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3ContactCache.h b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3ContactCache.h
index d6c9b0a07e..d6c9b0a07e 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3ContactCache.h
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3ContactCache.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3ConvexHullContact.cpp b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3ConvexHullContact.cpp
index fb435aa7fd..fb435aa7fd 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3ConvexHullContact.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3ConvexHullContact.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3ConvexHullContact.h b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3ConvexHullContact.h
index e24c1579c6..e24c1579c6 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3ConvexHullContact.h
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3ConvexHullContact.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3ConvexPolyhedronCL.h b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3ConvexPolyhedronCL.h
index 337100fb1a..337100fb1a 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3ConvexPolyhedronCL.h
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3ConvexPolyhedronCL.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3GjkEpa.cpp b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3GjkEpa.cpp
index d636f983c6..d636f983c6 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3GjkEpa.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3GjkEpa.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3GjkEpa.h b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3GjkEpa.h
index 976238a04c..976238a04c 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3GjkEpa.h
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3GjkEpa.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3OptimizedBvh.cpp b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3OptimizedBvh.cpp
index e9e51d5a36..e9e51d5a36 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3OptimizedBvh.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3OptimizedBvh.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3OptimizedBvh.h b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3OptimizedBvh.h
index 0272ef83bf..0272ef83bf 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3OptimizedBvh.h
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3OptimizedBvh.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3QuantizedBvh.cpp b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3QuantizedBvh.cpp
index 52027e1118..52027e1118 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3QuantizedBvh.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3QuantizedBvh.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3QuantizedBvh.h b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3QuantizedBvh.h
index 63c523c758..63c523c758 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3QuantizedBvh.h
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3QuantizedBvh.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3StridingMeshInterface.cpp b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3StridingMeshInterface.cpp
index 4d97f7f62b..4d97f7f62b 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3StridingMeshInterface.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3StridingMeshInterface.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3StridingMeshInterface.h b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3StridingMeshInterface.h
index 9513f68f77..9513f68f77 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3StridingMeshInterface.h
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3StridingMeshInterface.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3SupportMappings.h b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3SupportMappings.h
index d073ee57c3..d073ee57c3 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3SupportMappings.h
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3SupportMappings.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3TriangleCallback.cpp b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3TriangleCallback.cpp
index 9066451884..9066451884 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3TriangleCallback.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3TriangleCallback.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3TriangleCallback.h b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3TriangleCallback.h
index 3059fa4f21..3059fa4f21 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3TriangleCallback.h
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3TriangleCallback.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3TriangleIndexVertexArray.cpp b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3TriangleIndexVertexArray.cpp
index a0f59babbe..a0f59babbe 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3TriangleIndexVertexArray.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3TriangleIndexVertexArray.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3TriangleIndexVertexArray.h b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3TriangleIndexVertexArray.h
index d26b2893bc..d26b2893bc 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3TriangleIndexVertexArray.h
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3TriangleIndexVertexArray.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3VectorFloat4.h b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3VectorFloat4.h
index f6f65f7719..f6f65f7719 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3VectorFloat4.h
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3VectorFloat4.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3VoronoiSimplexSolver.cpp b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3VoronoiSimplexSolver.cpp
index cf3d5ef49d..cf3d5ef49d 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3VoronoiSimplexSolver.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3VoronoiSimplexSolver.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3VoronoiSimplexSolver.h b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3VoronoiSimplexSolver.h
index a6e27667d8..a6e27667d8 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/b3VoronoiSimplexSolver.h
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/b3VoronoiSimplexSolver.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/bvhTraversal.cl b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/bvhTraversal.cl
index faa413441c..faa413441c 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/bvhTraversal.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/bvhTraversal.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/bvhTraversal.h b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/bvhTraversal.h
index 4b3b49eae8..4b3b49eae8 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/bvhTraversal.h
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/bvhTraversal.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/mpr.cl b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/mpr.cl
index e754f4e1da..e754f4e1da 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/mpr.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/mpr.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/mprKernels.h b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/mprKernels.h
index 7ed4b382c3..7ed4b382c3 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/mprKernels.h
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/mprKernels.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/primitiveContacts.cl b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/primitiveContacts.cl
index 9c9e920f13..9c9e920f13 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/primitiveContacts.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/primitiveContacts.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/primitiveContacts.h b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/primitiveContacts.h
index b0103fe674..b0103fe674 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/primitiveContacts.h
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/primitiveContacts.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/sat.cl b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/sat.cl
index a6565fd6fa..a6565fd6fa 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/sat.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/sat.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/satClipHullContacts.cl b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/satClipHullContacts.cl
index f433971741..f433971741 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/satClipHullContacts.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/satClipHullContacts.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/satClipHullContacts.h b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/satClipHullContacts.h
index f0ecfc7851..f0ecfc7851 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/satClipHullContacts.h
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/satClipHullContacts.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/satConcave.cl b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/satConcave.cl
index 31ca43b8cd..31ca43b8cd 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/satConcave.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/satConcave.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/satConcaveKernels.h b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/satConcaveKernels.h
index 611569cacf..611569cacf 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/satConcaveKernels.h
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/satConcaveKernels.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/satKernels.h b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/satKernels.h
index 6f8b0a90db..6f8b0a90db 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/NarrowphaseCollision/kernels/satKernels.h
+++ b/thirdparty/bullet/Bullet3OpenCL/NarrowphaseCollision/kernels/satKernels.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3BoundSearchCL.cpp b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3BoundSearchCL.cpp
index a4980f71e1..a4980f71e1 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3BoundSearchCL.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3BoundSearchCL.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3BoundSearchCL.h b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3BoundSearchCL.h
index 7e2940965c..7e2940965c 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3BoundSearchCL.h
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3BoundSearchCL.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3BufferInfoCL.h b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3BufferInfoCL.h
index 52f219ae3f..52f219ae3f 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3BufferInfoCL.h
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3BufferInfoCL.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3FillCL.cpp b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3FillCL.cpp
index f05c2648f1..f05c2648f1 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3FillCL.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3FillCL.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3FillCL.h b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3FillCL.h
index 1609676b9d..1609676b9d 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3FillCL.h
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3FillCL.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3LauncherCL.cpp b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3LauncherCL.cpp
index 94590d11ca..94590d11ca 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3LauncherCL.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3LauncherCL.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3LauncherCL.h b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3LauncherCL.h
index 1b267b31ef..1b267b31ef 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3LauncherCL.h
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3LauncherCL.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3OpenCLArray.h b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3OpenCLArray.h
index d70c30f53f..d70c30f53f 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3OpenCLArray.h
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3OpenCLArray.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3PrefixScanCL.cpp b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3PrefixScanCL.cpp
index 42cd197740..42cd197740 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3PrefixScanCL.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3PrefixScanCL.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3PrefixScanCL.h b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3PrefixScanCL.h
index a9a2e61b9e..a9a2e61b9e 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3PrefixScanCL.h
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3PrefixScanCL.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3PrefixScanFloat4CL.cpp b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3PrefixScanFloat4CL.cpp
index 80560d793d..80560d793d 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3PrefixScanFloat4CL.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3PrefixScanFloat4CL.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3PrefixScanFloat4CL.h b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3PrefixScanFloat4CL.h
index 2c8003c1bb..2c8003c1bb 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3PrefixScanFloat4CL.h
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3PrefixScanFloat4CL.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3RadixSort32CL.cpp b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3RadixSort32CL.cpp
index f11ae4bcdb..f11ae4bcdb 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3RadixSort32CL.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3RadixSort32CL.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3RadixSort32CL.h b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3RadixSort32CL.h
index 975bd80e53..975bd80e53 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/b3RadixSort32CL.h
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/b3RadixSort32CL.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/BoundSearchKernels.cl b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/BoundSearchKernels.cl
index f3b4a1e8a7..f3b4a1e8a7 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/BoundSearchKernels.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/BoundSearchKernels.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/BoundSearchKernelsCL.h b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/BoundSearchKernelsCL.h
index 9c9e847138..9c9e847138 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/BoundSearchKernelsCL.h
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/BoundSearchKernelsCL.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/CopyKernels.cl b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/CopyKernels.cl
index 2eee5752ec..2eee5752ec 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/CopyKernels.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/CopyKernels.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/CopyKernelsCL.h b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/CopyKernelsCL.h
index e5670e3cd3..e5670e3cd3 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/CopyKernelsCL.h
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/CopyKernelsCL.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/FillKernels.cl b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/FillKernels.cl
index 71c31075dd..71c31075dd 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/FillKernels.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/FillKernels.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/FillKernelsCL.h b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/FillKernelsCL.h
index 4f8b96e489..4f8b96e489 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/FillKernelsCL.h
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/FillKernelsCL.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/PrefixScanFloat4Kernels.cl b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/PrefixScanFloat4Kernels.cl
index c9da79854a..c9da79854a 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/PrefixScanFloat4Kernels.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/PrefixScanFloat4Kernels.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/PrefixScanKernels.cl b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/PrefixScanKernels.cl
index 963cc1e48e..963cc1e48e 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/PrefixScanKernels.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/PrefixScanKernels.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/PrefixScanKernelsCL.h b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/PrefixScanKernelsCL.h
index 27baab8331..27baab8331 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/PrefixScanKernelsCL.h
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/PrefixScanKernelsCL.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/PrefixScanKernelsFloat4CL.h b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/PrefixScanKernelsFloat4CL.h
index 5b13254796..5b13254796 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/PrefixScanKernelsFloat4CL.h
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/PrefixScanKernelsFloat4CL.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/RadixSort32Kernels.cl b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/RadixSort32Kernels.cl
index 7402e2f3b3..7402e2f3b3 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/RadixSort32Kernels.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/RadixSort32Kernels.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/RadixSort32KernelsCL.h b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/RadixSort32KernelsCL.h
index 8876c16aa6..8876c16aa6 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/ParallelPrimitives/kernels/RadixSort32KernelsCL.h
+++ b/thirdparty/bullet/Bullet3OpenCL/ParallelPrimitives/kernels/RadixSort32KernelsCL.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/Raycast/b3GpuRaycast.cpp b/thirdparty/bullet/Bullet3OpenCL/Raycast/b3GpuRaycast.cpp
index 161e304f09..161e304f09 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/Raycast/b3GpuRaycast.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/Raycast/b3GpuRaycast.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/Raycast/b3GpuRaycast.h b/thirdparty/bullet/Bullet3OpenCL/Raycast/b3GpuRaycast.h
index 3a5cf44b79..3a5cf44b79 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/Raycast/b3GpuRaycast.h
+++ b/thirdparty/bullet/Bullet3OpenCL/Raycast/b3GpuRaycast.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/Raycast/kernels/rayCastKernels.cl b/thirdparty/bullet/Bullet3OpenCL/Raycast/kernels/rayCastKernels.cl
index e72d96876b..e72d96876b 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/Raycast/kernels/rayCastKernels.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/Raycast/kernels/rayCastKernels.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/Raycast/kernels/rayCastKernels.h b/thirdparty/bullet/Bullet3OpenCL/Raycast/kernels/rayCastKernels.h
index 6257909a4d..6257909a4d 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/Raycast/kernels/rayCastKernels.h
+++ b/thirdparty/bullet/Bullet3OpenCL/Raycast/kernels/rayCastKernels.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuConstraint4.h b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuConstraint4.h
index c7478f54a1..c7478f54a1 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuConstraint4.h
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuConstraint4.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuGenericConstraint.cpp b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuGenericConstraint.cpp
index af687b54e9..af687b54e9 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuGenericConstraint.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuGenericConstraint.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuGenericConstraint.h b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuGenericConstraint.h
index 14b3ba7fec..14b3ba7fec 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuGenericConstraint.h
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuGenericConstraint.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuJacobiContactSolver.cpp b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuJacobiContactSolver.cpp
index 179dfc4f26..179dfc4f26 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuJacobiContactSolver.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuJacobiContactSolver.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuJacobiContactSolver.h b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuJacobiContactSolver.h
index b418f29ec4..b418f29ec4 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuJacobiContactSolver.h
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuJacobiContactSolver.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuNarrowPhase.cpp b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuNarrowPhase.cpp
index 698fa15f96..698fa15f96 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuNarrowPhase.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuNarrowPhase.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuNarrowPhase.h b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuNarrowPhase.h
index 05ff3fd09e..05ff3fd09e 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuNarrowPhase.h
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuNarrowPhase.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuNarrowPhaseInternalData.h b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuNarrowPhaseInternalData.h
index 8a7f1ea859..8a7f1ea859 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuNarrowPhaseInternalData.h
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuNarrowPhaseInternalData.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuPgsConstraintSolver.cpp b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuPgsConstraintSolver.cpp
index 0d3d50c548..0d3d50c548 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuPgsConstraintSolver.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuPgsConstraintSolver.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuPgsConstraintSolver.h b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuPgsConstraintSolver.h
index ec0e3f73d6..ec0e3f73d6 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuPgsConstraintSolver.h
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuPgsConstraintSolver.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuPgsContactSolver.cpp b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuPgsContactSolver.cpp
index f0b0abd5e0..f0b0abd5e0 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuPgsContactSolver.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuPgsContactSolver.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuPgsContactSolver.h b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuPgsContactSolver.h
index 98e2a5b8c4..98e2a5b8c4 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuPgsContactSolver.h
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuPgsContactSolver.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuRigidBodyPipeline.cpp b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuRigidBodyPipeline.cpp
index 783e443060..783e443060 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuRigidBodyPipeline.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuRigidBodyPipeline.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuRigidBodyPipeline.h b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuRigidBodyPipeline.h
index b4eac6841a..b4eac6841a 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuRigidBodyPipeline.h
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuRigidBodyPipeline.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuRigidBodyPipelineInternalData.h b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuRigidBodyPipelineInternalData.h
index 5ac92f97d6..5ac92f97d6 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuRigidBodyPipelineInternalData.h
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuRigidBodyPipelineInternalData.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuSolverBody.h b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuSolverBody.h
index f2a61801ac..f2a61801ac 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuSolverBody.h
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuSolverBody.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuSolverConstraint.h b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuSolverConstraint.h
index 60d235baab..60d235baab 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3GpuSolverConstraint.h
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3GpuSolverConstraint.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3Solver.cpp b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3Solver.cpp
index 20bf6d47c5..20bf6d47c5 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3Solver.cpp
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3Solver.cpp
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3Solver.h b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3Solver.h
index b37f2f1bec..b37f2f1bec 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/b3Solver.h
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/b3Solver.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/batchingKernels.cl b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/batchingKernels.cl
index 3b891b863d..3b891b863d 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/batchingKernels.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/batchingKernels.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/batchingKernels.h b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/batchingKernels.h
index 150eedc94b..150eedc94b 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/batchingKernels.h
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/batchingKernels.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/batchingKernelsNew.cl b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/batchingKernelsNew.cl
index ba1b66d2c3..ba1b66d2c3 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/batchingKernelsNew.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/batchingKernelsNew.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/batchingKernelsNew.h b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/batchingKernelsNew.h
index 1e5957adae..1e5957adae 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/batchingKernelsNew.h
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/batchingKernelsNew.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/integrateKernel.cl b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/integrateKernel.cl
index e22bc9bc33..e22bc9bc33 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/integrateKernel.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/integrateKernel.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/integrateKernel.h b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/integrateKernel.h
index a5a432947c..a5a432947c 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/integrateKernel.h
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/integrateKernel.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/jointSolver.cl b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/jointSolver.cl
index 7f5dabe274..7f5dabe274 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/jointSolver.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/jointSolver.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/jointSolver.h b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/jointSolver.h
index d48ecf6ea6..d48ecf6ea6 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/jointSolver.h
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/jointSolver.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/solveContact.cl b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/solveContact.cl
index 5c4d62e4ec..5c4d62e4ec 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/solveContact.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/solveContact.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/solveContact.h b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/solveContact.h
index 15a049992b..15a049992b 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/solveContact.h
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/solveContact.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/solveFriction.cl b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/solveFriction.cl
index 1d70fbbae3..1d70fbbae3 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/solveFriction.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/solveFriction.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/solveFriction.h b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/solveFriction.h
index eb58674f22..eb58674f22 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/solveFriction.h
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/solveFriction.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/solverSetup.cl b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/solverSetup.cl
index 8e2de7b5a6..8e2de7b5a6 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/solverSetup.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/solverSetup.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/solverSetup.h b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/solverSetup.h
index eb1834ee00..eb1834ee00 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/solverSetup.h
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/solverSetup.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/solverSetup2.cl b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/solverSetup2.cl
index 3dc48d4350..3dc48d4350 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/solverSetup2.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/solverSetup2.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/solverSetup2.h b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/solverSetup2.h
index 1b5819f6cf..1b5819f6cf 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/solverSetup2.h
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/solverSetup2.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/solverUtils.cl b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/solverUtils.cl
index a21a08c3b4..a21a08c3b4 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/solverUtils.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/solverUtils.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/solverUtils.h b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/solverUtils.h
index c0173ad9f4..c0173ad9f4 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/solverUtils.h
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/solverUtils.h
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/updateAabbsKernel.cl b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/updateAabbsKernel.cl
index ba8ba735d0..ba8ba735d0 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/updateAabbsKernel.cl
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/updateAabbsKernel.cl
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/updateAabbsKernel.h b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/updateAabbsKernel.h
index d70e74017a..d70e74017a 100644
--- a/thirdparty/bullet/src/Bullet3OpenCL/RigidBody/kernels/updateAabbsKernel.h
+++ b/thirdparty/bullet/Bullet3OpenCL/RigidBody/kernels/updateAabbsKernel.h
diff --git a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/autogenerated/bullet2.h b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/autogenerated/bullet2.h
index a6b57b1a12..a6b57b1a12 100644
--- a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/autogenerated/bullet2.h
+++ b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/autogenerated/bullet2.h
diff --git a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3BulletFile.cpp b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3BulletFile.cpp
index c3ceb8388c..c3ceb8388c 100644
--- a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3BulletFile.cpp
+++ b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3BulletFile.cpp
diff --git a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3BulletFile.h b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3BulletFile.h
index fb1b9b0dde..fb1b9b0dde 100644
--- a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3BulletFile.h
+++ b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3BulletFile.h
diff --git a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3Chunk.cpp b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3Chunk.cpp
index c0e1bb708c..c0e1bb708c 100644
--- a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3Chunk.cpp
+++ b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3Chunk.cpp
diff --git a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3Chunk.h b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3Chunk.h
index 03ecb6b4fa..03ecb6b4fa 100644
--- a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3Chunk.h
+++ b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3Chunk.h
diff --git a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3Common.h b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3Common.h
index 2792d84033..2792d84033 100644
--- a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3Common.h
+++ b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3Common.h
diff --git a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3DNA.cpp b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3DNA.cpp
index 0fe5056922..0fe5056922 100644
--- a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3DNA.cpp
+++ b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3DNA.cpp
diff --git a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3DNA.h b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3DNA.h
index 6e60087cce..6e60087cce 100644
--- a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3DNA.h
+++ b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3DNA.h
diff --git a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3Defines.h b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3Defines.h
index 8f28d3c441..8f28d3c441 100644
--- a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3Defines.h
+++ b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3Defines.h
diff --git a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3File.cpp b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3File.cpp
index 432f7fc2b4..432f7fc2b4 100644
--- a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3File.cpp
+++ b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3File.cpp
diff --git a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3File.h b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3File.h
index 861056806d..861056806d 100644
--- a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3File.h
+++ b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3File.h
diff --git a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3Serializer.cpp b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3Serializer.cpp
index c6a2a832ad..c6a2a832ad 100644
--- a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3Serializer.cpp
+++ b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3Serializer.cpp
diff --git a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3Serializer.h b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3Serializer.h
index 1c1ce43764..1c1ce43764 100644
--- a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/b3Serializer.h
+++ b/thirdparty/bullet/Bullet3Serialize/Bullet2FileLoader/b3Serializer.h
diff --git a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btAxisSweep3.cpp b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btAxisSweep3.cpp
index 77763305b1..77763305b1 100644
--- a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btAxisSweep3.cpp
+++ b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btAxisSweep3.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btAxisSweep3.h b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btAxisSweep3.h
index a3648df1af..a3648df1af 100644
--- a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btAxisSweep3.h
+++ b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btAxisSweep3.h
diff --git a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btAxisSweep3Internal.h b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btAxisSweep3Internal.h
index 2c4d41bc04..2c4d41bc04 100644
--- a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btAxisSweep3Internal.h
+++ b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btAxisSweep3Internal.h
diff --git a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btBroadphaseInterface.h b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btBroadphaseInterface.h
index fb68e0024e..fb68e0024e 100644
--- a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btBroadphaseInterface.h
+++ b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btBroadphaseInterface.h
diff --git a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btBroadphaseProxy.cpp b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btBroadphaseProxy.cpp
index 0fd4ef46be..0fd4ef46be 100644
--- a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btBroadphaseProxy.cpp
+++ b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btBroadphaseProxy.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btBroadphaseProxy.h b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btBroadphaseProxy.h
index adaf083a21..adaf083a21 100644
--- a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btBroadphaseProxy.h
+++ b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btBroadphaseProxy.h
diff --git a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btCollisionAlgorithm.cpp b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btCollisionAlgorithm.cpp
index c95d1be0f2..c95d1be0f2 100644
--- a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btCollisionAlgorithm.cpp
+++ b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btCollisionAlgorithm.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btCollisionAlgorithm.h b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btCollisionAlgorithm.h
index 405656236b..405656236b 100644
--- a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btCollisionAlgorithm.h
+++ b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btCollisionAlgorithm.h
diff --git a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btDbvt.cpp b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btDbvt.cpp
index d791d07418..d791d07418 100644
--- a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btDbvt.cpp
+++ b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btDbvt.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btDbvt.h b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btDbvt.h
index b5a0014580..b5a0014580 100644
--- a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btDbvt.h
+++ b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btDbvt.h
diff --git a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btDbvtBroadphase.cpp b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btDbvtBroadphase.cpp
index 4d12b1c9c7..4d12b1c9c7 100644
--- a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btDbvtBroadphase.cpp
+++ b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btDbvtBroadphase.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btDbvtBroadphase.h b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btDbvtBroadphase.h
index 8feb95d51f..8feb95d51f 100644
--- a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btDbvtBroadphase.h
+++ b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btDbvtBroadphase.h
diff --git a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btDispatcher.cpp b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btDispatcher.cpp
index 20768225b3..20768225b3 100644
--- a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btDispatcher.cpp
+++ b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btDispatcher.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btDispatcher.h b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btDispatcher.h
index 7b0f9489af..7b0f9489af 100644
--- a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btDispatcher.h
+++ b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btDispatcher.h
diff --git a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btOverlappingPairCache.cpp b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btOverlappingPairCache.cpp
index 55ebf06f1e..55ebf06f1e 100644
--- a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btOverlappingPairCache.cpp
+++ b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btOverlappingPairCache.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btOverlappingPairCache.h b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btOverlappingPairCache.h
index f7be7d45b3..f7be7d45b3 100644
--- a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btOverlappingPairCache.h
+++ b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btOverlappingPairCache.h
diff --git a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btOverlappingPairCallback.h b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btOverlappingPairCallback.h
index 3e069fa5e2..3e069fa5e2 100644
--- a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btOverlappingPairCallback.h
+++ b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btOverlappingPairCallback.h
diff --git a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btQuantizedBvh.cpp b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btQuantizedBvh.cpp
index 875d89c53e..875d89c53e 100644
--- a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btQuantizedBvh.cpp
+++ b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btQuantizedBvh.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btQuantizedBvh.h b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btQuantizedBvh.h
index 3dd5ac9bb6..3dd5ac9bb6 100644
--- a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btQuantizedBvh.h
+++ b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btQuantizedBvh.h
diff --git a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btSimpleBroadphase.cpp b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btSimpleBroadphase.cpp
index f1d5f5476e..f1d5f5476e 100644
--- a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btSimpleBroadphase.cpp
+++ b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btSimpleBroadphase.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btSimpleBroadphase.h b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btSimpleBroadphase.h
index d7a18e400a..d7a18e400a 100644
--- a/thirdparty/bullet/src/BulletCollision/BroadphaseCollision/btSimpleBroadphase.h
+++ b/thirdparty/bullet/BulletCollision/BroadphaseCollision/btSimpleBroadphase.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/SphereTriangleDetector.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/SphereTriangleDetector.cpp
index c81af95672..c81af95672 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/SphereTriangleDetector.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/SphereTriangleDetector.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/SphereTriangleDetector.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/SphereTriangleDetector.h
index 22953af43f..22953af43f 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/SphereTriangleDetector.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/SphereTriangleDetector.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btActivatingCollisionAlgorithm.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btActivatingCollisionAlgorithm.cpp
index 57f1464935..57f1464935 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btActivatingCollisionAlgorithm.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btActivatingCollisionAlgorithm.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btActivatingCollisionAlgorithm.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btActivatingCollisionAlgorithm.h
index 0e19f1ea35..0e19f1ea35 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btActivatingCollisionAlgorithm.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btActivatingCollisionAlgorithm.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btBox2dBox2dCollisionAlgorithm.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btBox2dBox2dCollisionAlgorithm.cpp
index 2c36277821..2c36277821 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btBox2dBox2dCollisionAlgorithm.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btBox2dBox2dCollisionAlgorithm.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btBox2dBox2dCollisionAlgorithm.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btBox2dBox2dCollisionAlgorithm.h
index 6ea6e89bda..6ea6e89bda 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btBox2dBox2dCollisionAlgorithm.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btBox2dBox2dCollisionAlgorithm.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btBoxBoxCollisionAlgorithm.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btBoxBoxCollisionAlgorithm.cpp
index ac68968f59..ac68968f59 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btBoxBoxCollisionAlgorithm.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btBoxBoxCollisionAlgorithm.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btBoxBoxCollisionAlgorithm.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btBoxBoxCollisionAlgorithm.h
index 59808df5a9..59808df5a9 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btBoxBoxCollisionAlgorithm.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btBoxBoxCollisionAlgorithm.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btBoxBoxDetector.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btBoxBoxDetector.cpp
index 7043bde34f..7043bde34f 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btBoxBoxDetector.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btBoxBoxDetector.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btBoxBoxDetector.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btBoxBoxDetector.h
index 3924377705..3924377705 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btBoxBoxDetector.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btBoxBoxDetector.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionConfiguration.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionConfiguration.h
index 35f77d4e65..35f77d4e65 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionConfiguration.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionConfiguration.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionCreateFunc.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionCreateFunc.h
index 62ee66c4e9..62ee66c4e9 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionCreateFunc.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionCreateFunc.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionDispatcher.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionDispatcher.cpp
index 5739a1ef01..5739a1ef01 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionDispatcher.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionDispatcher.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionDispatcher.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionDispatcher.h
index b97ee3c1ba..b97ee3c1ba 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionDispatcher.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionDispatcher.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionDispatcherMt.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionDispatcherMt.cpp
index 075860c503..075860c503 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionDispatcherMt.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionDispatcherMt.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionDispatcherMt.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionDispatcherMt.h
index f1d7eafdc9..f1d7eafdc9 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionDispatcherMt.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionDispatcherMt.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionObject.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionObject.cpp
index b595c56bc5..b595c56bc5 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionObject.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionObject.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionObject.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionObject.h
index fec831bffc..fec831bffc 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionObject.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionObject.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionObjectWrapper.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionObjectWrapper.h
index 952440b7de..952440b7de 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionObjectWrapper.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionObjectWrapper.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionWorld.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionWorld.cpp
index c3e912fdca..c3e912fdca 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionWorld.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionWorld.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionWorld.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionWorld.h
index eede2b28ca..eede2b28ca 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionWorld.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionWorld.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionWorldImporter.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionWorldImporter.cpp
index f2b0837808..f2b0837808 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionWorldImporter.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionWorldImporter.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionWorldImporter.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionWorldImporter.h
index 81c6142726..81c6142726 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCollisionWorldImporter.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCollisionWorldImporter.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCompoundCollisionAlgorithm.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCompoundCollisionAlgorithm.cpp
index 7f4dea1c6d..7f4dea1c6d 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCompoundCollisionAlgorithm.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCompoundCollisionAlgorithm.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCompoundCollisionAlgorithm.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCompoundCollisionAlgorithm.h
index d2086fbc02..d2086fbc02 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCompoundCollisionAlgorithm.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCompoundCollisionAlgorithm.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCompoundCompoundCollisionAlgorithm.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCompoundCompoundCollisionAlgorithm.cpp
index d4a1aa78e4..d4a1aa78e4 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCompoundCompoundCollisionAlgorithm.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCompoundCompoundCollisionAlgorithm.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCompoundCompoundCollisionAlgorithm.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCompoundCompoundCollisionAlgorithm.h
index f29f7a709a..f29f7a709a 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btCompoundCompoundCollisionAlgorithm.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btCompoundCompoundCollisionAlgorithm.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btConvex2dConvex2dAlgorithm.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btConvex2dConvex2dAlgorithm.cpp
index 1cb3d2e7a1..1cb3d2e7a1 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btConvex2dConvex2dAlgorithm.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btConvex2dConvex2dAlgorithm.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btConvex2dConvex2dAlgorithm.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btConvex2dConvex2dAlgorithm.h
index 24d1336778..24d1336778 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btConvex2dConvex2dAlgorithm.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btConvex2dConvex2dAlgorithm.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btConvexConcaveCollisionAlgorithm.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btConvexConcaveCollisionAlgorithm.cpp
index 39ff7934d9..39ff7934d9 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btConvexConcaveCollisionAlgorithm.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btConvexConcaveCollisionAlgorithm.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btConvexConcaveCollisionAlgorithm.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btConvexConcaveCollisionAlgorithm.h
index 93d842ef50..93d842ef50 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btConvexConcaveCollisionAlgorithm.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btConvexConcaveCollisionAlgorithm.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btConvexConvexAlgorithm.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btConvexConvexAlgorithm.cpp
index b54bd48932..b54bd48932 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btConvexConvexAlgorithm.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btConvexConvexAlgorithm.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btConvexConvexAlgorithm.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btConvexConvexAlgorithm.h
index cd75ba12d7..cd75ba12d7 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btConvexConvexAlgorithm.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btConvexConvexAlgorithm.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btConvexPlaneCollisionAlgorithm.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btConvexPlaneCollisionAlgorithm.cpp
index cce2d95bcf..cce2d95bcf 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btConvexPlaneCollisionAlgorithm.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btConvexPlaneCollisionAlgorithm.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btConvexPlaneCollisionAlgorithm.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btConvexPlaneCollisionAlgorithm.h
index d28c430c4c..d28c430c4c 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btConvexPlaneCollisionAlgorithm.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btConvexPlaneCollisionAlgorithm.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btDefaultCollisionConfiguration.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btDefaultCollisionConfiguration.cpp
index f6e4e57b0a..f6e4e57b0a 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btDefaultCollisionConfiguration.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btDefaultCollisionConfiguration.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btDefaultCollisionConfiguration.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btDefaultCollisionConfiguration.h
index 17c7596cff..17c7596cff 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btDefaultCollisionConfiguration.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btDefaultCollisionConfiguration.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btEmptyCollisionAlgorithm.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btEmptyCollisionAlgorithm.cpp
index 5fa1c8be5e..5fa1c8be5e 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btEmptyCollisionAlgorithm.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btEmptyCollisionAlgorithm.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btEmptyCollisionAlgorithm.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btEmptyCollisionAlgorithm.h
index cb0f152183..cb0f152183 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btEmptyCollisionAlgorithm.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btEmptyCollisionAlgorithm.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btGhostObject.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btGhostObject.cpp
index 86141fa689..86141fa689 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btGhostObject.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btGhostObject.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btGhostObject.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btGhostObject.h
index 8ec8613857..8ec8613857 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btGhostObject.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btGhostObject.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btHashedSimplePairCache.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btHashedSimplePairCache.cpp
index 8c8a7c3c1e..8c8a7c3c1e 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btHashedSimplePairCache.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btHashedSimplePairCache.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btHashedSimplePairCache.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btHashedSimplePairCache.h
index 2aaf6201f3..2aaf6201f3 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btHashedSimplePairCache.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btHashedSimplePairCache.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btInternalEdgeUtility.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btInternalEdgeUtility.cpp
index 6cba442ca5..6cba442ca5 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btInternalEdgeUtility.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btInternalEdgeUtility.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btInternalEdgeUtility.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btInternalEdgeUtility.h
index 7d9aafeee6..7d9aafeee6 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btInternalEdgeUtility.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btInternalEdgeUtility.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btManifoldResult.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btManifoldResult.cpp
index 23c73c8825..23c73c8825 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btManifoldResult.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btManifoldResult.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btManifoldResult.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btManifoldResult.h
index 12cdafd1b6..12cdafd1b6 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btManifoldResult.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btManifoldResult.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btSimulationIslandManager.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btSimulationIslandManager.cpp
index 1344782257..1344782257 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btSimulationIslandManager.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btSimulationIslandManager.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btSimulationIslandManager.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btSimulationIslandManager.h
index e24c6afeca..e24c6afeca 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btSimulationIslandManager.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btSimulationIslandManager.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btSphereBoxCollisionAlgorithm.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btSphereBoxCollisionAlgorithm.cpp
index e8b567e0ef..e8b567e0ef 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btSphereBoxCollisionAlgorithm.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btSphereBoxCollisionAlgorithm.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btSphereBoxCollisionAlgorithm.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btSphereBoxCollisionAlgorithm.h
index eefaedc9e7..eefaedc9e7 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btSphereBoxCollisionAlgorithm.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btSphereBoxCollisionAlgorithm.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btSphereSphereCollisionAlgorithm.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btSphereSphereCollisionAlgorithm.cpp
index 27eaec3059..27eaec3059 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btSphereSphereCollisionAlgorithm.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btSphereSphereCollisionAlgorithm.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btSphereSphereCollisionAlgorithm.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btSphereSphereCollisionAlgorithm.h
index 3517a568a9..3517a568a9 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btSphereSphereCollisionAlgorithm.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btSphereSphereCollisionAlgorithm.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btSphereTriangleCollisionAlgorithm.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btSphereTriangleCollisionAlgorithm.cpp
index 86d4e74400..86d4e74400 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btSphereTriangleCollisionAlgorithm.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btSphereTriangleCollisionAlgorithm.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btSphereTriangleCollisionAlgorithm.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btSphereTriangleCollisionAlgorithm.h
index 6b6e39a72b..6b6e39a72b 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btSphereTriangleCollisionAlgorithm.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btSphereTriangleCollisionAlgorithm.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btUnionFind.cpp b/thirdparty/bullet/BulletCollision/CollisionDispatch/btUnionFind.cpp
index 5222933595..5222933595 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btUnionFind.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btUnionFind.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btUnionFind.h b/thirdparty/bullet/BulletCollision/CollisionDispatch/btUnionFind.h
index ef2a29202f..ef2a29202f 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionDispatch/btUnionFind.h
+++ b/thirdparty/bullet/BulletCollision/CollisionDispatch/btUnionFind.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btBox2dShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btBox2dShape.cpp
index ecce028c2e..ecce028c2e 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btBox2dShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btBox2dShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btBox2dShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btBox2dShape.h
index 22bee4f2c8..22bee4f2c8 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btBox2dShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btBox2dShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btBoxShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btBoxShape.cpp
index 72eeb38911..72eeb38911 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btBoxShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btBoxShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btBoxShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btBoxShape.h
index 715e3f2ab9..715e3f2ab9 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btBoxShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btBoxShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btBvhTriangleMeshShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btBvhTriangleMeshShape.cpp
index 61f465cb72..61f465cb72 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btBvhTriangleMeshShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btBvhTriangleMeshShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btBvhTriangleMeshShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btBvhTriangleMeshShape.h
index 1fa4995d16..1fa4995d16 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btBvhTriangleMeshShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btBvhTriangleMeshShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btCapsuleShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btCapsuleShape.cpp
index 0345501ce2..0345501ce2 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btCapsuleShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btCapsuleShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btCapsuleShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btCapsuleShape.h
index 7d64b46abf..7d64b46abf 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btCapsuleShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btCapsuleShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btCollisionMargin.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btCollisionMargin.h
index 474bf1fb49..474bf1fb49 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btCollisionMargin.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btCollisionMargin.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btCollisionShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btCollisionShape.cpp
index 823e2788f2..823e2788f2 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btCollisionShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btCollisionShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btCollisionShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btCollisionShape.h
index 6c4916fbd4..6c4916fbd4 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btCollisionShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btCollisionShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btCompoundShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btCompoundShape.cpp
index e8c8c336cd..e8c8c336cd 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btCompoundShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btCompoundShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btCompoundShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btCompoundShape.h
index 4eef8dba30..4eef8dba30 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btCompoundShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btCompoundShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConcaveShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btConcaveShape.cpp
index 58ff84a5b0..58ff84a5b0 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConcaveShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btConcaveShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConcaveShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btConcaveShape.h
index 2917cc5b60..2917cc5b60 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConcaveShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btConcaveShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConeShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btConeShape.cpp
index 2d83c8bfba..2d83c8bfba 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConeShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btConeShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConeShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btConeShape.h
index 3b44e3f272..3b44e3f272 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConeShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btConeShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvex2dShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvex2dShape.cpp
index 10ea3e981a..10ea3e981a 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvex2dShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvex2dShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvex2dShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvex2dShape.h
index bbd1caf42f..bbd1caf42f 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvex2dShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvex2dShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexHullShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexHullShape.cpp
index a7a9598406..a7a9598406 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexHullShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexHullShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexHullShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexHullShape.h
index 0c12aeef15..0c12aeef15 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexHullShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexHullShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexInternalShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexInternalShape.cpp
index 083d60b1b1..083d60b1b1 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexInternalShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexInternalShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexInternalShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexInternalShape.h
index 1213b82fbe..1213b82fbe 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexInternalShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexInternalShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexPointCloudShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexPointCloudShape.cpp
index ad1d1bf78f..ad1d1bf78f 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexPointCloudShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexPointCloudShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexPointCloudShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexPointCloudShape.h
index 54b5afac3e..54b5afac3e 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexPointCloudShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexPointCloudShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexPolyhedron.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexPolyhedron.cpp
index 4f45319a83..4f45319a83 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexPolyhedron.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexPolyhedron.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexPolyhedron.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexPolyhedron.h
index d3cd066ac8..d3cd066ac8 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexPolyhedron.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexPolyhedron.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexShape.cpp
index 8d7fb054d6..8d7fb054d6 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexShape.h
index 875f2ac195..875f2ac195 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexTriangleMeshShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexTriangleMeshShape.cpp
index 0f9ced554b..0f9ced554b 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexTriangleMeshShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexTriangleMeshShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexTriangleMeshShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexTriangleMeshShape.h
index f338865ca1..f338865ca1 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btConvexTriangleMeshShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btConvexTriangleMeshShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btCylinderShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btCylinderShape.cpp
index 604b3fc770..604b3fc770 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btCylinderShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btCylinderShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btCylinderShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btCylinderShape.h
index a214a827c9..a214a827c9 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btCylinderShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btCylinderShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btEmptyShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btEmptyShape.cpp
index a9e6df5c58..a9e6df5c58 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btEmptyShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btEmptyShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btEmptyShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btEmptyShape.h
index 069a79402b..069a79402b 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btEmptyShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btEmptyShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btHeightfieldTerrainShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btHeightfieldTerrainShape.cpp
index 441a89c6bb..441a89c6bb 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btHeightfieldTerrainShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btHeightfieldTerrainShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btHeightfieldTerrainShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btHeightfieldTerrainShape.h
index 4a7a4a4bda..4a7a4a4bda 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btHeightfieldTerrainShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btHeightfieldTerrainShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btMaterial.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btMaterial.h
index 866f9b4da4..866f9b4da4 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btMaterial.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btMaterial.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btMinkowskiSumShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btMinkowskiSumShape.cpp
index 899ef50056..899ef50056 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btMinkowskiSumShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btMinkowskiSumShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btMinkowskiSumShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btMinkowskiSumShape.h
index a3f9a47239..a3f9a47239 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btMinkowskiSumShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btMinkowskiSumShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btMultiSphereShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btMultiSphereShape.cpp
index 4195fa3138..4195fa3138 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btMultiSphereShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btMultiSphereShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btMultiSphereShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btMultiSphereShape.h
index 5d3b402684..5d3b402684 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btMultiSphereShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btMultiSphereShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btMultimaterialTriangleMeshShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btMultimaterialTriangleMeshShape.cpp
index 58799ac96a..58799ac96a 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btMultimaterialTriangleMeshShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btMultimaterialTriangleMeshShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btMultimaterialTriangleMeshShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btMultimaterialTriangleMeshShape.h
index 5ebaede4a8..5ebaede4a8 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btMultimaterialTriangleMeshShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btMultimaterialTriangleMeshShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btOptimizedBvh.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btOptimizedBvh.cpp
index 6f36775f7c..6f36775f7c 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btOptimizedBvh.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btOptimizedBvh.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btOptimizedBvh.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btOptimizedBvh.h
index 715961f552..715961f552 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btOptimizedBvh.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btOptimizedBvh.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btPolyhedralConvexShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btPolyhedralConvexShape.cpp
index 4854f370f7..4854f370f7 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btPolyhedralConvexShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btPolyhedralConvexShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btPolyhedralConvexShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btPolyhedralConvexShape.h
index 7bf8e01c1f..7bf8e01c1f 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btPolyhedralConvexShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btPolyhedralConvexShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btScaledBvhTriangleMeshShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btScaledBvhTriangleMeshShape.cpp
index 6a337c786c..6a337c786c 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btScaledBvhTriangleMeshShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btScaledBvhTriangleMeshShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btScaledBvhTriangleMeshShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btScaledBvhTriangleMeshShape.h
index 39049eaf08..39049eaf08 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btScaledBvhTriangleMeshShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btScaledBvhTriangleMeshShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btShapeHull.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btShapeHull.cpp
index 3beaf86580..3beaf86580 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btShapeHull.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btShapeHull.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btShapeHull.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btShapeHull.h
index e959f198b6..e959f198b6 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btShapeHull.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btShapeHull.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btSphereShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btSphereShape.cpp
index b9a736c0fd..b9a736c0fd 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btSphereShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btSphereShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btSphereShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btSphereShape.h
index 50561f7f54..50561f7f54 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btSphereShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btSphereShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btStaticPlaneShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btStaticPlaneShape.cpp
index d17141e3f2..d17141e3f2 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btStaticPlaneShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btStaticPlaneShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btStaticPlaneShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btStaticPlaneShape.h
index 5e9eccc77d..5e9eccc77d 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btStaticPlaneShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btStaticPlaneShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btStridingMeshInterface.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btStridingMeshInterface.cpp
index 78ddeb3704..78ddeb3704 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btStridingMeshInterface.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btStridingMeshInterface.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btStridingMeshInterface.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btStridingMeshInterface.h
index 9fbe139768..9fbe139768 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btStridingMeshInterface.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btStridingMeshInterface.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTetrahedronShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btTetrahedronShape.cpp
index 52f346bf72..52f346bf72 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTetrahedronShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btTetrahedronShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTetrahedronShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btTetrahedronShape.h
index b69209835e..b69209835e 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTetrahedronShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btTetrahedronShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleBuffer.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleBuffer.cpp
index 3027e65b25..3027e65b25 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleBuffer.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleBuffer.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleBuffer.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleBuffer.h
index b71fc8b374..b71fc8b374 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleBuffer.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleBuffer.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleCallback.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleCallback.cpp
index f558bf6d24..f558bf6d24 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleCallback.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleCallback.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleCallback.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleCallback.h
index 461c57f877..461c57f877 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleCallback.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleCallback.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleIndexVertexArray.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleIndexVertexArray.cpp
index a665024cb6..a665024cb6 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleIndexVertexArray.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleIndexVertexArray.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleIndexVertexArray.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleIndexVertexArray.h
index 9e1544e87a..9e1544e87a 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleIndexVertexArray.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleIndexVertexArray.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleIndexVertexMaterialArray.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleIndexVertexMaterialArray.cpp
index dc562941ad..dc562941ad 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleIndexVertexMaterialArray.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleIndexVertexMaterialArray.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleIndexVertexMaterialArray.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleIndexVertexMaterialArray.h
index ba4f7b4607..ba4f7b4607 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleIndexVertexMaterialArray.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleIndexVertexMaterialArray.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleInfoMap.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleInfoMap.h
index 6427589590..6427589590 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleInfoMap.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleInfoMap.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleMesh.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleMesh.cpp
index e4de732093..e4de732093 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleMesh.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleMesh.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleMesh.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleMesh.h
index ac4afa7f6b..ac4afa7f6b 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleMesh.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleMesh.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleMeshShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleMeshShape.cpp
index 0e17951405..0e17951405 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleMeshShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleMeshShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleMeshShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleMeshShape.h
index 453e58005a..453e58005a 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleMeshShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleMeshShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleShape.h
index a8a80f82fe..a8a80f82fe 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btTriangleShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btTriangleShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btUniformScalingShape.cpp b/thirdparty/bullet/BulletCollision/CollisionShapes/btUniformScalingShape.cpp
index b148bbd99a..b148bbd99a 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btUniformScalingShape.cpp
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btUniformScalingShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btUniformScalingShape.h b/thirdparty/bullet/BulletCollision/CollisionShapes/btUniformScalingShape.h
index a10f58d242..a10f58d242 100644
--- a/thirdparty/bullet/src/BulletCollision/CollisionShapes/btUniformScalingShape.h
+++ b/thirdparty/bullet/BulletCollision/CollisionShapes/btUniformScalingShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/btBoxCollision.h b/thirdparty/bullet/BulletCollision/Gimpact/btBoxCollision.h
index 0a0357e5a8..0a0357e5a8 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/btBoxCollision.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/btBoxCollision.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/btClipPolygon.h b/thirdparty/bullet/BulletCollision/Gimpact/btClipPolygon.h
index de0a5231ba..de0a5231ba 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/btClipPolygon.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/btClipPolygon.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/btCompoundFromGimpact.h b/thirdparty/bullet/BulletCollision/Gimpact/btCompoundFromGimpact.h
index 19f7ecddd0..19f7ecddd0 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/btCompoundFromGimpact.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/btCompoundFromGimpact.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/btContactProcessing.cpp b/thirdparty/bullet/BulletCollision/Gimpact/btContactProcessing.cpp
index eed31d839f..eed31d839f 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/btContactProcessing.cpp
+++ b/thirdparty/bullet/BulletCollision/Gimpact/btContactProcessing.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/btContactProcessing.h b/thirdparty/bullet/BulletCollision/Gimpact/btContactProcessing.h
index d1027dbe67..d1027dbe67 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/btContactProcessing.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/btContactProcessing.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/btContactProcessingStructs.h b/thirdparty/bullet/BulletCollision/Gimpact/btContactProcessingStructs.h
index efbc4a567a..efbc4a567a 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/btContactProcessingStructs.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/btContactProcessingStructs.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/btGImpactBvh.cpp b/thirdparty/bullet/BulletCollision/Gimpact/btGImpactBvh.cpp
index 863233163a..863233163a 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/btGImpactBvh.cpp
+++ b/thirdparty/bullet/BulletCollision/Gimpact/btGImpactBvh.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/btGImpactBvh.h b/thirdparty/bullet/BulletCollision/Gimpact/btGImpactBvh.h
index e20e03cc1d..e20e03cc1d 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/btGImpactBvh.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/btGImpactBvh.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/btGImpactBvhStructs.h b/thirdparty/bullet/BulletCollision/Gimpact/btGImpactBvhStructs.h
index 9342a572d0..9342a572d0 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/btGImpactBvhStructs.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/btGImpactBvhStructs.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/btGImpactCollisionAlgorithm.cpp b/thirdparty/bullet/BulletCollision/Gimpact/btGImpactCollisionAlgorithm.cpp
index 2e87475e39..2e87475e39 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/btGImpactCollisionAlgorithm.cpp
+++ b/thirdparty/bullet/BulletCollision/Gimpact/btGImpactCollisionAlgorithm.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/btGImpactCollisionAlgorithm.h b/thirdparty/bullet/BulletCollision/Gimpact/btGImpactCollisionAlgorithm.h
index 3e5675f729..3e5675f729 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/btGImpactCollisionAlgorithm.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/btGImpactCollisionAlgorithm.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/btGImpactMassUtil.h b/thirdparty/bullet/BulletCollision/Gimpact/btGImpactMassUtil.h
index 2543aefcfc..2543aefcfc 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/btGImpactMassUtil.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/btGImpactMassUtil.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/btGImpactQuantizedBvh.cpp b/thirdparty/bullet/BulletCollision/Gimpact/btGImpactQuantizedBvh.cpp
index 4528758c37..4528758c37 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/btGImpactQuantizedBvh.cpp
+++ b/thirdparty/bullet/BulletCollision/Gimpact/btGImpactQuantizedBvh.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/btGImpactQuantizedBvh.h b/thirdparty/bullet/BulletCollision/Gimpact/btGImpactQuantizedBvh.h
index 42e5520fc0..42e5520fc0 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/btGImpactQuantizedBvh.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/btGImpactQuantizedBvh.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/btGImpactQuantizedBvhStructs.h b/thirdparty/bullet/BulletCollision/Gimpact/btGImpactQuantizedBvhStructs.h
index 7dd5a1b9d0..7dd5a1b9d0 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/btGImpactQuantizedBvhStructs.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/btGImpactQuantizedBvhStructs.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/btGImpactShape.cpp b/thirdparty/bullet/BulletCollision/Gimpact/btGImpactShape.cpp
index 30c85e3fff..30c85e3fff 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/btGImpactShape.cpp
+++ b/thirdparty/bullet/BulletCollision/Gimpact/btGImpactShape.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/btGImpactShape.h b/thirdparty/bullet/BulletCollision/Gimpact/btGImpactShape.h
index 9d7e40562c..9d7e40562c 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/btGImpactShape.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/btGImpactShape.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/btGenericPoolAllocator.cpp b/thirdparty/bullet/BulletCollision/Gimpact/btGenericPoolAllocator.cpp
index 5d07d1adb9..5d07d1adb9 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/btGenericPoolAllocator.cpp
+++ b/thirdparty/bullet/BulletCollision/Gimpact/btGenericPoolAllocator.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/btGenericPoolAllocator.h b/thirdparty/bullet/BulletCollision/Gimpact/btGenericPoolAllocator.h
index b46d851634..b46d851634 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/btGenericPoolAllocator.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/btGenericPoolAllocator.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/btGeometryOperations.h b/thirdparty/bullet/BulletCollision/Gimpact/btGeometryOperations.h
index 60f06510ad..60f06510ad 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/btGeometryOperations.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/btGeometryOperations.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/btQuantization.h b/thirdparty/bullet/BulletCollision/Gimpact/btQuantization.h
index bd2633cfc5..bd2633cfc5 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/btQuantization.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/btQuantization.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/btTriangleShapeEx.cpp b/thirdparty/bullet/BulletCollision/Gimpact/btTriangleShapeEx.cpp
index ca76cc54a1..ca76cc54a1 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/btTriangleShapeEx.cpp
+++ b/thirdparty/bullet/BulletCollision/Gimpact/btTriangleShapeEx.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/btTriangleShapeEx.h b/thirdparty/bullet/BulletCollision/Gimpact/btTriangleShapeEx.h
index 973c2ed127..973c2ed127 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/btTriangleShapeEx.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/btTriangleShapeEx.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_array.h b/thirdparty/bullet/BulletCollision/Gimpact/gim_array.h
index cda51a5fce..cda51a5fce 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_array.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/gim_array.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_basic_geometry_operations.h b/thirdparty/bullet/BulletCollision/Gimpact/gim_basic_geometry_operations.h
index 0c48cb60fc..0c48cb60fc 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_basic_geometry_operations.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/gim_basic_geometry_operations.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_bitset.h b/thirdparty/bullet/BulletCollision/Gimpact/gim_bitset.h
index 7dee48a4c7..7dee48a4c7 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_bitset.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/gim_bitset.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_box_collision.h b/thirdparty/bullet/BulletCollision/Gimpact/gim_box_collision.h
index a051b4fdbf..a051b4fdbf 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_box_collision.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/gim_box_collision.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_box_set.cpp b/thirdparty/bullet/BulletCollision/Gimpact/gim_box_set.cpp
index 0c3d7ba8db..0c3d7ba8db 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_box_set.cpp
+++ b/thirdparty/bullet/BulletCollision/Gimpact/gim_box_set.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_box_set.h b/thirdparty/bullet/BulletCollision/Gimpact/gim_box_set.h
index 61d190a7df..61d190a7df 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_box_set.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/gim_box_set.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_clip_polygon.h b/thirdparty/bullet/BulletCollision/Gimpact/gim_clip_polygon.h
index e342459ce5..e342459ce5 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_clip_polygon.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/gim_clip_polygon.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_contact.cpp b/thirdparty/bullet/BulletCollision/Gimpact/gim_contact.cpp
index 20e41de089..20e41de089 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_contact.cpp
+++ b/thirdparty/bullet/BulletCollision/Gimpact/gim_contact.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_contact.h b/thirdparty/bullet/BulletCollision/Gimpact/gim_contact.h
index b41c714b5f..b41c714b5f 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_contact.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/gim_contact.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_geom_types.h b/thirdparty/bullet/BulletCollision/Gimpact/gim_geom_types.h
index 6b8f9ea6c2..6b8f9ea6c2 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_geom_types.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/gim_geom_types.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_geometry.h b/thirdparty/bullet/BulletCollision/Gimpact/gim_geometry.h
index c67a6991c0..c67a6991c0 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_geometry.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/gim_geometry.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_hash_table.h b/thirdparty/bullet/BulletCollision/Gimpact/gim_hash_table.h
index e4237c2c57..e4237c2c57 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_hash_table.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/gim_hash_table.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_linear_math.h b/thirdparty/bullet/BulletCollision/Gimpact/gim_linear_math.h
index 64f11b4954..64f11b4954 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_linear_math.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/gim_linear_math.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_math.h b/thirdparty/bullet/BulletCollision/Gimpact/gim_math.h
index 939079e104..939079e104 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_math.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/gim_math.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_memory.cpp b/thirdparty/bullet/BulletCollision/Gimpact/gim_memory.cpp
index 1636eb7867..1636eb7867 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_memory.cpp
+++ b/thirdparty/bullet/BulletCollision/Gimpact/gim_memory.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_memory.h b/thirdparty/bullet/BulletCollision/Gimpact/gim_memory.h
index e203888a1e..e203888a1e 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_memory.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/gim_memory.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_radixsort.h b/thirdparty/bullet/BulletCollision/Gimpact/gim_radixsort.h
index c246ef1254..c246ef1254 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_radixsort.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/gim_radixsort.h
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_tri_collision.cpp b/thirdparty/bullet/BulletCollision/Gimpact/gim_tri_collision.cpp
index f9727e1d53..f9727e1d53 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_tri_collision.cpp
+++ b/thirdparty/bullet/BulletCollision/Gimpact/gim_tri_collision.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_tri_collision.h b/thirdparty/bullet/BulletCollision/Gimpact/gim_tri_collision.h
index 267f806e7e..267f806e7e 100644
--- a/thirdparty/bullet/src/BulletCollision/Gimpact/gim_tri_collision.h
+++ b/thirdparty/bullet/BulletCollision/Gimpact/gim_tri_collision.h
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btComputeGjkEpaPenetration.h b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btComputeGjkEpaPenetration.h
index 9eb880b8df..9eb880b8df 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btComputeGjkEpaPenetration.h
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btComputeGjkEpaPenetration.h
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btContinuousConvexCollision.cpp b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btContinuousConvexCollision.cpp
index 940282f576..940282f576 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btContinuousConvexCollision.cpp
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btContinuousConvexCollision.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btContinuousConvexCollision.h b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btContinuousConvexCollision.h
index bdc0572f75..bdc0572f75 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btContinuousConvexCollision.h
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btContinuousConvexCollision.h
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btConvexCast.cpp b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btConvexCast.cpp
index d2a1310b23..d2a1310b23 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btConvexCast.cpp
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btConvexCast.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btConvexCast.h b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btConvexCast.h
index bfd79d03be..bfd79d03be 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btConvexCast.h
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btConvexCast.h
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btConvexPenetrationDepthSolver.h b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btConvexPenetrationDepthSolver.h
index 29620abffb..29620abffb 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btConvexPenetrationDepthSolver.h
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btConvexPenetrationDepthSolver.h
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btDiscreteCollisionDetectorInterface.h b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btDiscreteCollisionDetectorInterface.h
index 0ea7b483cf..0ea7b483cf 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btDiscreteCollisionDetectorInterface.h
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btDiscreteCollisionDetectorInterface.h
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btGjkCollisionDescription.h b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btGjkCollisionDescription.h
index 0b49b0ecc6..0b49b0ecc6 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btGjkCollisionDescription.h
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btGjkCollisionDescription.h
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btGjkConvexCast.cpp b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btGjkConvexCast.cpp
index bef697a0a1..bef697a0a1 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btGjkConvexCast.cpp
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btGjkConvexCast.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btGjkConvexCast.h b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btGjkConvexCast.h
index 6a42ee63b0..6a42ee63b0 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btGjkConvexCast.h
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btGjkConvexCast.h
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btGjkEpa2.cpp b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btGjkEpa2.cpp
index eefb974bbd..eefb974bbd 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btGjkEpa2.cpp
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btGjkEpa2.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btGjkEpa2.h b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btGjkEpa2.h
index ac501d5ecf..ac501d5ecf 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btGjkEpa2.h
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btGjkEpa2.h
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btGjkEpa3.h b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btGjkEpa3.h
index ce1f24bc50..ce1f24bc50 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btGjkEpa3.h
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btGjkEpa3.h
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btGjkEpaPenetrationDepthSolver.cpp b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btGjkEpaPenetrationDepthSolver.cpp
index 572ec36f56..572ec36f56 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btGjkEpaPenetrationDepthSolver.cpp
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btGjkEpaPenetrationDepthSolver.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btGjkEpaPenetrationDepthSolver.h b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btGjkEpaPenetrationDepthSolver.h
index 1ed6340af3..1ed6340af3 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btGjkEpaPenetrationDepthSolver.h
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btGjkEpaPenetrationDepthSolver.h
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btGjkPairDetector.cpp b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btGjkPairDetector.cpp
index 257b026d9b..257b026d9b 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btGjkPairDetector.cpp
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btGjkPairDetector.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btGjkPairDetector.h b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btGjkPairDetector.h
index feeae68621..feeae68621 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btGjkPairDetector.h
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btGjkPairDetector.h
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btManifoldPoint.h b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btManifoldPoint.h
index 571ad2c5f7..571ad2c5f7 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btManifoldPoint.h
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btManifoldPoint.h
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btMinkowskiPenetrationDepthSolver.cpp b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btMinkowskiPenetrationDepthSolver.cpp
index fa45f49037..fa45f49037 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btMinkowskiPenetrationDepthSolver.cpp
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btMinkowskiPenetrationDepthSolver.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btMinkowskiPenetrationDepthSolver.h b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btMinkowskiPenetrationDepthSolver.h
index fd533b4fc3..fd533b4fc3 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btMinkowskiPenetrationDepthSolver.h
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btMinkowskiPenetrationDepthSolver.h
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btMprPenetration.h b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btMprPenetration.h
index a22a0bae66..a22a0bae66 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btMprPenetration.h
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btMprPenetration.h
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btPersistentManifold.cpp b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btPersistentManifold.cpp
index 23aaece22b..23aaece22b 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btPersistentManifold.cpp
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btPersistentManifold.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btPersistentManifold.h b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btPersistentManifold.h
index f872c8e1c9..f872c8e1c9 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btPersistentManifold.h
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btPersistentManifold.h
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btPointCollector.h b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btPointCollector.h
index 18da171011..18da171011 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btPointCollector.h
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btPointCollector.h
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btPolyhedralContactClipping.cpp b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btPolyhedralContactClipping.cpp
index ea380bc5f1..ea380bc5f1 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btPolyhedralContactClipping.cpp
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btPolyhedralContactClipping.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btPolyhedralContactClipping.h b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btPolyhedralContactClipping.h
index 30e3db687b..30e3db687b 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btPolyhedralContactClipping.h
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btPolyhedralContactClipping.h
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btRaycastCallback.cpp b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btRaycastCallback.cpp
index 786efd1820..786efd1820 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btRaycastCallback.cpp
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btRaycastCallback.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btRaycastCallback.h b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btRaycastCallback.h
index f2ed0cd39c..f2ed0cd39c 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btRaycastCallback.h
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btRaycastCallback.h
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btSimplexSolverInterface.h b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btSimplexSolverInterface.h
index da8a13914c..da8a13914c 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btSimplexSolverInterface.h
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btSimplexSolverInterface.h
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btSubSimplexConvexCast.cpp b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btSubSimplexConvexCast.cpp
index ec638f60ba..ec638f60ba 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btSubSimplexConvexCast.cpp
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btSubSimplexConvexCast.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btSubSimplexConvexCast.h b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btSubSimplexConvexCast.h
index 6c8127983e..6c8127983e 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btSubSimplexConvexCast.h
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btSubSimplexConvexCast.h
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btVoronoiSimplexSolver.cpp b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btVoronoiSimplexSolver.cpp
index 756373c9b5..756373c9b5 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btVoronoiSimplexSolver.cpp
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btVoronoiSimplexSolver.cpp
diff --git a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btVoronoiSimplexSolver.h b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btVoronoiSimplexSolver.h
index 80fd490f4e..80fd490f4e 100644
--- a/thirdparty/bullet/src/BulletCollision/NarrowPhaseCollision/btVoronoiSimplexSolver.h
+++ b/thirdparty/bullet/BulletCollision/NarrowPhaseCollision/btVoronoiSimplexSolver.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Character/btCharacterControllerInterface.h b/thirdparty/bullet/BulletDynamics/Character/btCharacterControllerInterface.h
index abe24b5ca6..abe24b5ca6 100644
--- a/thirdparty/bullet/src/BulletDynamics/Character/btCharacterControllerInterface.h
+++ b/thirdparty/bullet/BulletDynamics/Character/btCharacterControllerInterface.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Character/btKinematicCharacterController.cpp b/thirdparty/bullet/BulletDynamics/Character/btKinematicCharacterController.cpp
index cb1aa71a14..cb1aa71a14 100644
--- a/thirdparty/bullet/src/BulletDynamics/Character/btKinematicCharacterController.cpp
+++ b/thirdparty/bullet/BulletDynamics/Character/btKinematicCharacterController.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/Character/btKinematicCharacterController.h b/thirdparty/bullet/BulletDynamics/Character/btKinematicCharacterController.h
index 00c59c0248..00c59c0248 100644
--- a/thirdparty/bullet/src/BulletDynamics/Character/btKinematicCharacterController.h
+++ b/thirdparty/bullet/BulletDynamics/Character/btKinematicCharacterController.h
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btConeTwistConstraint.cpp b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btConeTwistConstraint.cpp
index 0572256f74..0572256f74 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btConeTwistConstraint.cpp
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btConeTwistConstraint.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btConeTwistConstraint.h b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btConeTwistConstraint.h
index 7a33d01d1e..7a33d01d1e 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btConeTwistConstraint.h
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btConeTwistConstraint.h
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btConstraintSolver.h b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btConstraintSolver.h
index 890afe6da4..890afe6da4 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btConstraintSolver.h
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btConstraintSolver.h
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btContactConstraint.cpp b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btContactConstraint.cpp
index 1098d0c96b..1098d0c96b 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btContactConstraint.cpp
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btContactConstraint.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btContactConstraint.h b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btContactConstraint.h
index adb2268353..adb2268353 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btContactConstraint.h
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btContactConstraint.h
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btContactSolverInfo.h b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btContactSolverInfo.h
index 28d0c1dd48..28d0c1dd48 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btContactSolverInfo.h
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btContactSolverInfo.h
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btFixedConstraint.cpp b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btFixedConstraint.cpp
index 75d81cc08c..75d81cc08c 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btFixedConstraint.cpp
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btFixedConstraint.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btFixedConstraint.h b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btFixedConstraint.h
index bff2008b28..bff2008b28 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btFixedConstraint.h
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btFixedConstraint.h
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btGearConstraint.cpp b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btGearConstraint.cpp
index bcd457b673..bcd457b673 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btGearConstraint.cpp
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btGearConstraint.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btGearConstraint.h b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btGearConstraint.h
index e4613455a2..e4613455a2 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btGearConstraint.h
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btGearConstraint.h
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btGeneric6DofConstraint.cpp b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btGeneric6DofConstraint.cpp
index fa17254ec3..fa17254ec3 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btGeneric6DofConstraint.cpp
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btGeneric6DofConstraint.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btGeneric6DofConstraint.h b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btGeneric6DofConstraint.h
index bea8629c32..bea8629c32 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btGeneric6DofConstraint.h
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btGeneric6DofConstraint.h
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btGeneric6DofSpring2Constraint.cpp b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btGeneric6DofSpring2Constraint.cpp
index f0976ee493..f0976ee493 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btGeneric6DofSpring2Constraint.cpp
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btGeneric6DofSpring2Constraint.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btGeneric6DofSpring2Constraint.h b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btGeneric6DofSpring2Constraint.h
index 66d1769583..66d1769583 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btGeneric6DofSpring2Constraint.h
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btGeneric6DofSpring2Constraint.h
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btGeneric6DofSpringConstraint.cpp b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btGeneric6DofSpringConstraint.cpp
index 6f765884ec..6f765884ec 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btGeneric6DofSpringConstraint.cpp
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btGeneric6DofSpringConstraint.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btGeneric6DofSpringConstraint.h b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btGeneric6DofSpringConstraint.h
index dac59c6889..dac59c6889 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btGeneric6DofSpringConstraint.h
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btGeneric6DofSpringConstraint.h
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btHinge2Constraint.cpp b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btHinge2Constraint.cpp
index 4be2aabe4d..4be2aabe4d 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btHinge2Constraint.cpp
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btHinge2Constraint.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btHinge2Constraint.h b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btHinge2Constraint.h
index 06a8e3ecd1..06a8e3ecd1 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btHinge2Constraint.h
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btHinge2Constraint.h
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btHingeConstraint.cpp b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btHingeConstraint.cpp
index 7e5e6f9e54..7e5e6f9e54 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btHingeConstraint.cpp
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btHingeConstraint.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btHingeConstraint.h b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btHingeConstraint.h
index 3c3df24dba..3c3df24dba 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btHingeConstraint.h
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btHingeConstraint.h
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btJacobianEntry.h b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btJacobianEntry.h
index 125580d199..125580d199 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btJacobianEntry.h
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btJacobianEntry.h
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btNNCGConstraintSolver.cpp b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btNNCGConstraintSolver.cpp
index f3979be358..f3979be358 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btNNCGConstraintSolver.cpp
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btNNCGConstraintSolver.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btNNCGConstraintSolver.h b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btNNCGConstraintSolver.h
index a300929cd5..a300929cd5 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btNNCGConstraintSolver.h
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btNNCGConstraintSolver.h
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btPoint2PointConstraint.cpp b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btPoint2PointConstraint.cpp
index 3c0430b903..3c0430b903 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btPoint2PointConstraint.cpp
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btPoint2PointConstraint.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btPoint2PointConstraint.h b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btPoint2PointConstraint.h
index 8fa03d719d..8fa03d719d 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btPoint2PointConstraint.h
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btPoint2PointConstraint.h
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btSequentialImpulseConstraintSolver.cpp b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btSequentialImpulseConstraintSolver.cpp
index b0d57a3e87..b0d57a3e87 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btSequentialImpulseConstraintSolver.cpp
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btSequentialImpulseConstraintSolver.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btSequentialImpulseConstraintSolver.h b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btSequentialImpulseConstraintSolver.h
index 16c7eb74c1..16c7eb74c1 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btSequentialImpulseConstraintSolver.h
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btSequentialImpulseConstraintSolver.h
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btSliderConstraint.cpp b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btSliderConstraint.cpp
index d63cef0316..d63cef0316 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btSliderConstraint.cpp
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btSliderConstraint.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btSliderConstraint.h b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btSliderConstraint.h
index 1957f08a96..1957f08a96 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btSliderConstraint.h
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btSliderConstraint.h
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btSolve2LinearConstraint.cpp b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btSolve2LinearConstraint.cpp
index 0c7dbd668b..0c7dbd668b 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btSolve2LinearConstraint.cpp
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btSolve2LinearConstraint.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btSolve2LinearConstraint.h b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btSolve2LinearConstraint.h
index e8bfabf864..e8bfabf864 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btSolve2LinearConstraint.h
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btSolve2LinearConstraint.h
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btSolverBody.h b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btSolverBody.h
index 27ccefe416..27ccefe416 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btSolverBody.h
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btSolverBody.h
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btSolverConstraint.h b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btSolverConstraint.h
index 5515e6b311..5515e6b311 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btSolverConstraint.h
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btSolverConstraint.h
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btTypedConstraint.cpp b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btTypedConstraint.cpp
index 9f04f28053..9f04f28053 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btTypedConstraint.cpp
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btTypedConstraint.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btTypedConstraint.h b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btTypedConstraint.h
index 8a2a2d1ae7..8a2a2d1ae7 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btTypedConstraint.h
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btTypedConstraint.h
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btUniversalConstraint.cpp b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btUniversalConstraint.cpp
index b009f41aec..b009f41aec 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btUniversalConstraint.cpp
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btUniversalConstraint.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btUniversalConstraint.h b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btUniversalConstraint.h
index 9e70841043..9e70841043 100644
--- a/thirdparty/bullet/src/BulletDynamics/ConstraintSolver/btUniversalConstraint.h
+++ b/thirdparty/bullet/BulletDynamics/ConstraintSolver/btUniversalConstraint.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Dynamics/btActionInterface.h b/thirdparty/bullet/BulletDynamics/Dynamics/btActionInterface.h
index e1fea3a49c..e1fea3a49c 100644
--- a/thirdparty/bullet/src/BulletDynamics/Dynamics/btActionInterface.h
+++ b/thirdparty/bullet/BulletDynamics/Dynamics/btActionInterface.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Dynamics/btDiscreteDynamicsWorld.cpp b/thirdparty/bullet/BulletDynamics/Dynamics/btDiscreteDynamicsWorld.cpp
index a196d4522e..a196d4522e 100644
--- a/thirdparty/bullet/src/BulletDynamics/Dynamics/btDiscreteDynamicsWorld.cpp
+++ b/thirdparty/bullet/BulletDynamics/Dynamics/btDiscreteDynamicsWorld.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/Dynamics/btDiscreteDynamicsWorld.h b/thirdparty/bullet/BulletDynamics/Dynamics/btDiscreteDynamicsWorld.h
index b0d19f48a3..b0d19f48a3 100644
--- a/thirdparty/bullet/src/BulletDynamics/Dynamics/btDiscreteDynamicsWorld.h
+++ b/thirdparty/bullet/BulletDynamics/Dynamics/btDiscreteDynamicsWorld.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Dynamics/btDiscreteDynamicsWorldMt.cpp b/thirdparty/bullet/BulletDynamics/Dynamics/btDiscreteDynamicsWorldMt.cpp
index 1d10bad922..1d10bad922 100644
--- a/thirdparty/bullet/src/BulletDynamics/Dynamics/btDiscreteDynamicsWorldMt.cpp
+++ b/thirdparty/bullet/BulletDynamics/Dynamics/btDiscreteDynamicsWorldMt.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/Dynamics/btDiscreteDynamicsWorldMt.h b/thirdparty/bullet/BulletDynamics/Dynamics/btDiscreteDynamicsWorldMt.h
index 2f144cdda4..2f144cdda4 100644
--- a/thirdparty/bullet/src/BulletDynamics/Dynamics/btDiscreteDynamicsWorldMt.h
+++ b/thirdparty/bullet/BulletDynamics/Dynamics/btDiscreteDynamicsWorldMt.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Dynamics/btDynamicsWorld.h b/thirdparty/bullet/BulletDynamics/Dynamics/btDynamicsWorld.h
index 42d8fc0de3..42d8fc0de3 100644
--- a/thirdparty/bullet/src/BulletDynamics/Dynamics/btDynamicsWorld.h
+++ b/thirdparty/bullet/BulletDynamics/Dynamics/btDynamicsWorld.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Dynamics/btRigidBody.cpp b/thirdparty/bullet/BulletDynamics/Dynamics/btRigidBody.cpp
index ca0714fcfa..ca0714fcfa 100644
--- a/thirdparty/bullet/src/BulletDynamics/Dynamics/btRigidBody.cpp
+++ b/thirdparty/bullet/BulletDynamics/Dynamics/btRigidBody.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/Dynamics/btRigidBody.h b/thirdparty/bullet/BulletDynamics/Dynamics/btRigidBody.h
index 372245031b..372245031b 100644
--- a/thirdparty/bullet/src/BulletDynamics/Dynamics/btRigidBody.h
+++ b/thirdparty/bullet/BulletDynamics/Dynamics/btRigidBody.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Dynamics/btSimpleDynamicsWorld.cpp b/thirdparty/bullet/BulletDynamics/Dynamics/btSimpleDynamicsWorld.cpp
index 6f63b87c80..6f63b87c80 100644
--- a/thirdparty/bullet/src/BulletDynamics/Dynamics/btSimpleDynamicsWorld.cpp
+++ b/thirdparty/bullet/BulletDynamics/Dynamics/btSimpleDynamicsWorld.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/Dynamics/btSimpleDynamicsWorld.h b/thirdparty/bullet/BulletDynamics/Dynamics/btSimpleDynamicsWorld.h
index 44b7e7fb34..44b7e7fb34 100644
--- a/thirdparty/bullet/src/BulletDynamics/Dynamics/btSimpleDynamicsWorld.h
+++ b/thirdparty/bullet/BulletDynamics/Dynamics/btSimpleDynamicsWorld.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Dynamics/btSimulationIslandManagerMt.cpp b/thirdparty/bullet/BulletDynamics/Dynamics/btSimulationIslandManagerMt.cpp
index 99b34353c7..99b34353c7 100644
--- a/thirdparty/bullet/src/BulletDynamics/Dynamics/btSimulationIslandManagerMt.cpp
+++ b/thirdparty/bullet/BulletDynamics/Dynamics/btSimulationIslandManagerMt.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/Dynamics/btSimulationIslandManagerMt.h b/thirdparty/bullet/BulletDynamics/Dynamics/btSimulationIslandManagerMt.h
index 9a781aaef1..9a781aaef1 100644
--- a/thirdparty/bullet/src/BulletDynamics/Dynamics/btSimulationIslandManagerMt.h
+++ b/thirdparty/bullet/BulletDynamics/Dynamics/btSimulationIslandManagerMt.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBody.cpp b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBody.cpp
index 62865e0c78..62865e0c78 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBody.cpp
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBody.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBody.h b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBody.h
index 655165ac18..655165ac18 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBody.h
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBody.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyConstraint.cpp b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyConstraint.cpp
index d52852dd8e..d52852dd8e 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyConstraint.cpp
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyConstraint.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyConstraint.h b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyConstraint.h
index 83521b9501..83521b9501 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyConstraint.h
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyConstraint.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyConstraintSolver.cpp b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyConstraintSolver.cpp
index 1e2d074096..1e2d074096 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyConstraintSolver.cpp
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyConstraintSolver.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyConstraintSolver.h b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyConstraintSolver.h
index 489347d874..489347d874 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyConstraintSolver.h
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyConstraintSolver.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyDynamicsWorld.cpp b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyDynamicsWorld.cpp
index 9eacc22647..9eacc22647 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyDynamicsWorld.cpp
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyDynamicsWorld.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyDynamicsWorld.h b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyDynamicsWorld.h
index c0c132bbba..c0c132bbba 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyDynamicsWorld.h
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyDynamicsWorld.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyFixedConstraint.cpp b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyFixedConstraint.cpp
index 1f94117aa9..1f94117aa9 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyFixedConstraint.cpp
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyFixedConstraint.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyFixedConstraint.h b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyFixedConstraint.h
index 036025136e..036025136e 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyFixedConstraint.h
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyFixedConstraint.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyGearConstraint.cpp b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyGearConstraint.cpp
index 5fdb7007d8..5fdb7007d8 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyGearConstraint.cpp
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyGearConstraint.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyGearConstraint.h b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyGearConstraint.h
index 0115de6241..0115de6241 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyGearConstraint.h
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyGearConstraint.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyJointFeedback.h b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyJointFeedback.h
index 5c2fa8ed5b..5c2fa8ed5b 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyJointFeedback.h
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyJointFeedback.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyJointLimitConstraint.cpp b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyJointLimitConstraint.cpp
index 6d173b66a1..6d173b66a1 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyJointLimitConstraint.cpp
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyJointLimitConstraint.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyJointLimitConstraint.h b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyJointLimitConstraint.h
index 55b8d122b9..55b8d122b9 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyJointLimitConstraint.h
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyJointLimitConstraint.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyJointMotor.cpp b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyJointMotor.cpp
index e0921178e9..e0921178e9 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyJointMotor.cpp
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyJointMotor.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyJointMotor.h b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyJointMotor.h
index 4063bed79a..4063bed79a 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyJointMotor.h
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyJointMotor.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyLink.h b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyLink.h
index 01828e5843..01828e5843 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyLink.h
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyLink.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyLinkCollider.h b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyLinkCollider.h
index 671e15d314..671e15d314 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyLinkCollider.h
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyLinkCollider.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyPoint2Point.cpp b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyPoint2Point.cpp
index 125d52ad0b..125d52ad0b 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyPoint2Point.cpp
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyPoint2Point.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyPoint2Point.h b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyPoint2Point.h
index bf39acc5b9..bf39acc5b9 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodyPoint2Point.h
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodyPoint2Point.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodySliderConstraint.cpp b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodySliderConstraint.cpp
index 3b64b8183f..3b64b8183f 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodySliderConstraint.cpp
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodySliderConstraint.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodySliderConstraint.h b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodySliderConstraint.h
index 0a6cf3df12..0a6cf3df12 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodySliderConstraint.h
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodySliderConstraint.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodySolverConstraint.h b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodySolverConstraint.h
index 6fa1550e9e..6fa1550e9e 100644
--- a/thirdparty/bullet/src/BulletDynamics/Featherstone/btMultiBodySolverConstraint.h
+++ b/thirdparty/bullet/BulletDynamics/Featherstone/btMultiBodySolverConstraint.h
diff --git a/thirdparty/bullet/src/BulletDynamics/MLCPSolvers/btDantzigLCP.cpp b/thirdparty/bullet/BulletDynamics/MLCPSolvers/btDantzigLCP.cpp
index 986f214870..986f214870 100644
--- a/thirdparty/bullet/src/BulletDynamics/MLCPSolvers/btDantzigLCP.cpp
+++ b/thirdparty/bullet/BulletDynamics/MLCPSolvers/btDantzigLCP.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/MLCPSolvers/btDantzigLCP.h b/thirdparty/bullet/BulletDynamics/MLCPSolvers/btDantzigLCP.h
index 903832770a..903832770a 100644
--- a/thirdparty/bullet/src/BulletDynamics/MLCPSolvers/btDantzigLCP.h
+++ b/thirdparty/bullet/BulletDynamics/MLCPSolvers/btDantzigLCP.h
diff --git a/thirdparty/bullet/src/BulletDynamics/MLCPSolvers/btDantzigSolver.h b/thirdparty/bullet/BulletDynamics/MLCPSolvers/btDantzigSolver.h
index 2a2f2d3d32..2a2f2d3d32 100644
--- a/thirdparty/bullet/src/BulletDynamics/MLCPSolvers/btDantzigSolver.h
+++ b/thirdparty/bullet/BulletDynamics/MLCPSolvers/btDantzigSolver.h
diff --git a/thirdparty/bullet/src/BulletDynamics/MLCPSolvers/btLemkeAlgorithm.cpp b/thirdparty/bullet/BulletDynamics/MLCPSolvers/btLemkeAlgorithm.cpp
index 1f4015c7c7..1f4015c7c7 100644
--- a/thirdparty/bullet/src/BulletDynamics/MLCPSolvers/btLemkeAlgorithm.cpp
+++ b/thirdparty/bullet/BulletDynamics/MLCPSolvers/btLemkeAlgorithm.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/MLCPSolvers/btLemkeAlgorithm.h b/thirdparty/bullet/BulletDynamics/MLCPSolvers/btLemkeAlgorithm.h
index 7555cd9d20..7555cd9d20 100644
--- a/thirdparty/bullet/src/BulletDynamics/MLCPSolvers/btLemkeAlgorithm.h
+++ b/thirdparty/bullet/BulletDynamics/MLCPSolvers/btLemkeAlgorithm.h
diff --git a/thirdparty/bullet/src/BulletDynamics/MLCPSolvers/btLemkeSolver.h b/thirdparty/bullet/BulletDynamics/MLCPSolvers/btLemkeSolver.h
index 98484c3796..98484c3796 100644
--- a/thirdparty/bullet/src/BulletDynamics/MLCPSolvers/btLemkeSolver.h
+++ b/thirdparty/bullet/BulletDynamics/MLCPSolvers/btLemkeSolver.h
diff --git a/thirdparty/bullet/src/BulletDynamics/MLCPSolvers/btMLCPSolver.cpp b/thirdparty/bullet/BulletDynamics/MLCPSolvers/btMLCPSolver.cpp
index 8f54c52626..8f54c52626 100644
--- a/thirdparty/bullet/src/BulletDynamics/MLCPSolvers/btMLCPSolver.cpp
+++ b/thirdparty/bullet/BulletDynamics/MLCPSolvers/btMLCPSolver.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/MLCPSolvers/btMLCPSolver.h b/thirdparty/bullet/BulletDynamics/MLCPSolvers/btMLCPSolver.h
index 26b482ddc1..26b482ddc1 100644
--- a/thirdparty/bullet/src/BulletDynamics/MLCPSolvers/btMLCPSolver.h
+++ b/thirdparty/bullet/BulletDynamics/MLCPSolvers/btMLCPSolver.h
diff --git a/thirdparty/bullet/src/BulletDynamics/MLCPSolvers/btMLCPSolverInterface.h b/thirdparty/bullet/BulletDynamics/MLCPSolvers/btMLCPSolverInterface.h
index 25bb3f6d32..25bb3f6d32 100644
--- a/thirdparty/bullet/src/BulletDynamics/MLCPSolvers/btMLCPSolverInterface.h
+++ b/thirdparty/bullet/BulletDynamics/MLCPSolvers/btMLCPSolverInterface.h
diff --git a/thirdparty/bullet/src/BulletDynamics/MLCPSolvers/btPATHSolver.h b/thirdparty/bullet/BulletDynamics/MLCPSolvers/btPATHSolver.h
index 9ec31a6d4e..9ec31a6d4e 100644
--- a/thirdparty/bullet/src/BulletDynamics/MLCPSolvers/btPATHSolver.h
+++ b/thirdparty/bullet/BulletDynamics/MLCPSolvers/btPATHSolver.h
diff --git a/thirdparty/bullet/src/BulletDynamics/MLCPSolvers/btSolveProjectedGaussSeidel.h b/thirdparty/bullet/BulletDynamics/MLCPSolvers/btSolveProjectedGaussSeidel.h
index c0b40ffd9f..c0b40ffd9f 100644
--- a/thirdparty/bullet/src/BulletDynamics/MLCPSolvers/btSolveProjectedGaussSeidel.h
+++ b/thirdparty/bullet/BulletDynamics/MLCPSolvers/btSolveProjectedGaussSeidel.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Vehicle/btRaycastVehicle.cpp b/thirdparty/bullet/BulletDynamics/Vehicle/btRaycastVehicle.cpp
index a7b1688469..a7b1688469 100644
--- a/thirdparty/bullet/src/BulletDynamics/Vehicle/btRaycastVehicle.cpp
+++ b/thirdparty/bullet/BulletDynamics/Vehicle/btRaycastVehicle.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/Vehicle/btRaycastVehicle.h b/thirdparty/bullet/BulletDynamics/Vehicle/btRaycastVehicle.h
index 04656b912c..04656b912c 100644
--- a/thirdparty/bullet/src/BulletDynamics/Vehicle/btRaycastVehicle.h
+++ b/thirdparty/bullet/BulletDynamics/Vehicle/btRaycastVehicle.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Vehicle/btVehicleRaycaster.h b/thirdparty/bullet/BulletDynamics/Vehicle/btVehicleRaycaster.h
index 3cc909c653..3cc909c653 100644
--- a/thirdparty/bullet/src/BulletDynamics/Vehicle/btVehicleRaycaster.h
+++ b/thirdparty/bullet/BulletDynamics/Vehicle/btVehicleRaycaster.h
diff --git a/thirdparty/bullet/src/BulletDynamics/Vehicle/btWheelInfo.cpp b/thirdparty/bullet/BulletDynamics/Vehicle/btWheelInfo.cpp
index ef93c16fff..ef93c16fff 100644
--- a/thirdparty/bullet/src/BulletDynamics/Vehicle/btWheelInfo.cpp
+++ b/thirdparty/bullet/BulletDynamics/Vehicle/btWheelInfo.cpp
diff --git a/thirdparty/bullet/src/BulletDynamics/Vehicle/btWheelInfo.h b/thirdparty/bullet/BulletDynamics/Vehicle/btWheelInfo.h
index f991a57b69..f991a57b69 100644
--- a/thirdparty/bullet/src/BulletDynamics/Vehicle/btWheelInfo.h
+++ b/thirdparty/bullet/BulletDynamics/Vehicle/btWheelInfo.h
diff --git a/thirdparty/bullet/src/BulletInverseDynamics/IDConfig.hpp b/thirdparty/bullet/BulletInverseDynamics/IDConfig.hpp
index ebb10e7a16..ebb10e7a16 100644
--- a/thirdparty/bullet/src/BulletInverseDynamics/IDConfig.hpp
+++ b/thirdparty/bullet/BulletInverseDynamics/IDConfig.hpp
diff --git a/thirdparty/bullet/src/BulletInverseDynamics/IDConfigBuiltin.hpp b/thirdparty/bullet/BulletInverseDynamics/IDConfigBuiltin.hpp
index 130c19c6d6..130c19c6d6 100644
--- a/thirdparty/bullet/src/BulletInverseDynamics/IDConfigBuiltin.hpp
+++ b/thirdparty/bullet/BulletInverseDynamics/IDConfigBuiltin.hpp
diff --git a/thirdparty/bullet/src/BulletInverseDynamics/IDConfigEigen.hpp b/thirdparty/bullet/BulletInverseDynamics/IDConfigEigen.hpp
index cbd7e8a9c4..cbd7e8a9c4 100644
--- a/thirdparty/bullet/src/BulletInverseDynamics/IDConfigEigen.hpp
+++ b/thirdparty/bullet/BulletInverseDynamics/IDConfigEigen.hpp
diff --git a/thirdparty/bullet/src/BulletInverseDynamics/IDErrorMessages.hpp b/thirdparty/bullet/BulletInverseDynamics/IDErrorMessages.hpp
index 1dc22f860a..1dc22f860a 100644
--- a/thirdparty/bullet/src/BulletInverseDynamics/IDErrorMessages.hpp
+++ b/thirdparty/bullet/BulletInverseDynamics/IDErrorMessages.hpp
diff --git a/thirdparty/bullet/src/BulletInverseDynamics/IDMath.cpp b/thirdparty/bullet/BulletInverseDynamics/IDMath.cpp
index 99fe20e492..99fe20e492 100644
--- a/thirdparty/bullet/src/BulletInverseDynamics/IDMath.cpp
+++ b/thirdparty/bullet/BulletInverseDynamics/IDMath.cpp
diff --git a/thirdparty/bullet/src/BulletInverseDynamics/IDMath.hpp b/thirdparty/bullet/BulletInverseDynamics/IDMath.hpp
index b355474d44..b355474d44 100644
--- a/thirdparty/bullet/src/BulletInverseDynamics/IDMath.hpp
+++ b/thirdparty/bullet/BulletInverseDynamics/IDMath.hpp
diff --git a/thirdparty/bullet/src/BulletInverseDynamics/MultiBodyTree.cpp b/thirdparty/bullet/BulletInverseDynamics/MultiBodyTree.cpp
index c67588d49f..c67588d49f 100644
--- a/thirdparty/bullet/src/BulletInverseDynamics/MultiBodyTree.cpp
+++ b/thirdparty/bullet/BulletInverseDynamics/MultiBodyTree.cpp
diff --git a/thirdparty/bullet/src/BulletInverseDynamics/MultiBodyTree.hpp b/thirdparty/bullet/BulletInverseDynamics/MultiBodyTree.hpp
index d235aa6e76..d235aa6e76 100644
--- a/thirdparty/bullet/src/BulletInverseDynamics/MultiBodyTree.hpp
+++ b/thirdparty/bullet/BulletInverseDynamics/MultiBodyTree.hpp
diff --git a/thirdparty/bullet/src/BulletInverseDynamics/details/IDEigenInterface.hpp b/thirdparty/bullet/BulletInverseDynamics/details/IDEigenInterface.hpp
index 836395cea2..836395cea2 100644
--- a/thirdparty/bullet/src/BulletInverseDynamics/details/IDEigenInterface.hpp
+++ b/thirdparty/bullet/BulletInverseDynamics/details/IDEigenInterface.hpp
diff --git a/thirdparty/bullet/src/BulletInverseDynamics/details/IDLinearMathInterface.hpp b/thirdparty/bullet/BulletInverseDynamics/details/IDLinearMathInterface.hpp
index 5bb4a33bdd..5bb4a33bdd 100644
--- a/thirdparty/bullet/src/BulletInverseDynamics/details/IDLinearMathInterface.hpp
+++ b/thirdparty/bullet/BulletInverseDynamics/details/IDLinearMathInterface.hpp
diff --git a/thirdparty/bullet/src/BulletInverseDynamics/details/IDMatVec.hpp b/thirdparty/bullet/BulletInverseDynamics/details/IDMatVec.hpp
index 4d3f6c87e9..4d3f6c87e9 100644
--- a/thirdparty/bullet/src/BulletInverseDynamics/details/IDMatVec.hpp
+++ b/thirdparty/bullet/BulletInverseDynamics/details/IDMatVec.hpp
diff --git a/thirdparty/bullet/src/BulletInverseDynamics/details/MultiBodyTreeImpl.cpp b/thirdparty/bullet/BulletInverseDynamics/details/MultiBodyTreeImpl.cpp
index b35c55df61..b35c55df61 100644
--- a/thirdparty/bullet/src/BulletInverseDynamics/details/MultiBodyTreeImpl.cpp
+++ b/thirdparty/bullet/BulletInverseDynamics/details/MultiBodyTreeImpl.cpp
diff --git a/thirdparty/bullet/src/BulletInverseDynamics/details/MultiBodyTreeImpl.hpp b/thirdparty/bullet/BulletInverseDynamics/details/MultiBodyTreeImpl.hpp
index 3efe9d0492..3efe9d0492 100644
--- a/thirdparty/bullet/src/BulletInverseDynamics/details/MultiBodyTreeImpl.hpp
+++ b/thirdparty/bullet/BulletInverseDynamics/details/MultiBodyTreeImpl.hpp
diff --git a/thirdparty/bullet/src/BulletInverseDynamics/details/MultiBodyTreeInitCache.cpp b/thirdparty/bullet/BulletInverseDynamics/details/MultiBodyTreeInitCache.cpp
index 47b4ab3890..47b4ab3890 100644
--- a/thirdparty/bullet/src/BulletInverseDynamics/details/MultiBodyTreeInitCache.cpp
+++ b/thirdparty/bullet/BulletInverseDynamics/details/MultiBodyTreeInitCache.cpp
diff --git a/thirdparty/bullet/src/BulletInverseDynamics/details/MultiBodyTreeInitCache.hpp b/thirdparty/bullet/BulletInverseDynamics/details/MultiBodyTreeInitCache.hpp
index 0d2aa4a071..0d2aa4a071 100644
--- a/thirdparty/bullet/src/BulletInverseDynamics/details/MultiBodyTreeInitCache.hpp
+++ b/thirdparty/bullet/BulletInverseDynamics/details/MultiBodyTreeInitCache.hpp
diff --git a/thirdparty/bullet/src/BulletSoftBody/btDefaultSoftBodySolver.cpp b/thirdparty/bullet/BulletSoftBody/btDefaultSoftBodySolver.cpp
index 9c20403074..9c20403074 100644
--- a/thirdparty/bullet/src/BulletSoftBody/btDefaultSoftBodySolver.cpp
+++ b/thirdparty/bullet/BulletSoftBody/btDefaultSoftBodySolver.cpp
diff --git a/thirdparty/bullet/src/BulletSoftBody/btDefaultSoftBodySolver.h b/thirdparty/bullet/BulletSoftBody/btDefaultSoftBodySolver.h
index 1c17ffcbb2..1c17ffcbb2 100644
--- a/thirdparty/bullet/src/BulletSoftBody/btDefaultSoftBodySolver.h
+++ b/thirdparty/bullet/BulletSoftBody/btDefaultSoftBodySolver.h
diff --git a/thirdparty/bullet/src/BulletSoftBody/btSoftBody.cpp b/thirdparty/bullet/BulletSoftBody/btSoftBody.cpp
index 48efb0d8d4..48efb0d8d4 100644
--- a/thirdparty/bullet/src/BulletSoftBody/btSoftBody.cpp
+++ b/thirdparty/bullet/BulletSoftBody/btSoftBody.cpp
diff --git a/thirdparty/bullet/src/BulletSoftBody/btSoftBody.h b/thirdparty/bullet/BulletSoftBody/btSoftBody.h
index ada0dfd1a5..ada0dfd1a5 100644
--- a/thirdparty/bullet/src/BulletSoftBody/btSoftBody.h
+++ b/thirdparty/bullet/BulletSoftBody/btSoftBody.h
diff --git a/thirdparty/bullet/src/BulletSoftBody/btSoftBodyConcaveCollisionAlgorithm.cpp b/thirdparty/bullet/BulletSoftBody/btSoftBodyConcaveCollisionAlgorithm.cpp
index ab84bddf2a..ab84bddf2a 100644
--- a/thirdparty/bullet/src/BulletSoftBody/btSoftBodyConcaveCollisionAlgorithm.cpp
+++ b/thirdparty/bullet/BulletSoftBody/btSoftBodyConcaveCollisionAlgorithm.cpp
diff --git a/thirdparty/bullet/src/BulletSoftBody/btSoftBodyConcaveCollisionAlgorithm.h b/thirdparty/bullet/BulletSoftBody/btSoftBodyConcaveCollisionAlgorithm.h
index 11c7b88f98..11c7b88f98 100644
--- a/thirdparty/bullet/src/BulletSoftBody/btSoftBodyConcaveCollisionAlgorithm.h
+++ b/thirdparty/bullet/BulletSoftBody/btSoftBodyConcaveCollisionAlgorithm.h
diff --git a/thirdparty/bullet/src/BulletSoftBody/btSoftBodyData.h b/thirdparty/bullet/BulletSoftBody/btSoftBodyData.h
index 87d8841cfa..87d8841cfa 100644
--- a/thirdparty/bullet/src/BulletSoftBody/btSoftBodyData.h
+++ b/thirdparty/bullet/BulletSoftBody/btSoftBodyData.h
diff --git a/thirdparty/bullet/src/BulletSoftBody/btSoftBodyHelpers.cpp b/thirdparty/bullet/BulletSoftBody/btSoftBodyHelpers.cpp
index 51fcd16da4..51fcd16da4 100644
--- a/thirdparty/bullet/src/BulletSoftBody/btSoftBodyHelpers.cpp
+++ b/thirdparty/bullet/BulletSoftBody/btSoftBodyHelpers.cpp
diff --git a/thirdparty/bullet/src/BulletSoftBody/btSoftBodyHelpers.h b/thirdparty/bullet/BulletSoftBody/btSoftBodyHelpers.h
index 7271530109..7271530109 100644
--- a/thirdparty/bullet/src/BulletSoftBody/btSoftBodyHelpers.h
+++ b/thirdparty/bullet/BulletSoftBody/btSoftBodyHelpers.h
diff --git a/thirdparty/bullet/src/BulletSoftBody/btSoftBodyInternals.h b/thirdparty/bullet/BulletSoftBody/btSoftBodyInternals.h
index 1ad82616ea..1ad82616ea 100644
--- a/thirdparty/bullet/src/BulletSoftBody/btSoftBodyInternals.h
+++ b/thirdparty/bullet/BulletSoftBody/btSoftBodyInternals.h
diff --git a/thirdparty/bullet/src/BulletSoftBody/btSoftBodyRigidBodyCollisionConfiguration.cpp b/thirdparty/bullet/BulletSoftBody/btSoftBodyRigidBodyCollisionConfiguration.cpp
index f5a67f6d89..f5a67f6d89 100644
--- a/thirdparty/bullet/src/BulletSoftBody/btSoftBodyRigidBodyCollisionConfiguration.cpp
+++ b/thirdparty/bullet/BulletSoftBody/btSoftBodyRigidBodyCollisionConfiguration.cpp
diff --git a/thirdparty/bullet/src/BulletSoftBody/btSoftBodyRigidBodyCollisionConfiguration.h b/thirdparty/bullet/BulletSoftBody/btSoftBodyRigidBodyCollisionConfiguration.h
index 21addcfe2e..21addcfe2e 100644
--- a/thirdparty/bullet/src/BulletSoftBody/btSoftBodyRigidBodyCollisionConfiguration.h
+++ b/thirdparty/bullet/BulletSoftBody/btSoftBodyRigidBodyCollisionConfiguration.h
diff --git a/thirdparty/bullet/src/BulletSoftBody/btSoftBodySolverVertexBuffer.h b/thirdparty/bullet/BulletSoftBody/btSoftBodySolverVertexBuffer.h
index c4733d6400..c4733d6400 100644
--- a/thirdparty/bullet/src/BulletSoftBody/btSoftBodySolverVertexBuffer.h
+++ b/thirdparty/bullet/BulletSoftBody/btSoftBodySolverVertexBuffer.h
diff --git a/thirdparty/bullet/src/BulletSoftBody/btSoftBodySolvers.h b/thirdparty/bullet/BulletSoftBody/btSoftBodySolvers.h
index 6947bc27d2..6947bc27d2 100644
--- a/thirdparty/bullet/src/BulletSoftBody/btSoftBodySolvers.h
+++ b/thirdparty/bullet/BulletSoftBody/btSoftBodySolvers.h
diff --git a/thirdparty/bullet/src/BulletSoftBody/btSoftMultiBodyDynamicsWorld.cpp b/thirdparty/bullet/BulletSoftBody/btSoftMultiBodyDynamicsWorld.cpp
index 4e76dca9db..4e76dca9db 100644
--- a/thirdparty/bullet/src/BulletSoftBody/btSoftMultiBodyDynamicsWorld.cpp
+++ b/thirdparty/bullet/BulletSoftBody/btSoftMultiBodyDynamicsWorld.cpp
diff --git a/thirdparty/bullet/src/BulletSoftBody/btSoftMultiBodyDynamicsWorld.h b/thirdparty/bullet/BulletSoftBody/btSoftMultiBodyDynamicsWorld.h
index 6d46a21db5..6d46a21db5 100644
--- a/thirdparty/bullet/src/BulletSoftBody/btSoftMultiBodyDynamicsWorld.h
+++ b/thirdparty/bullet/BulletSoftBody/btSoftMultiBodyDynamicsWorld.h
diff --git a/thirdparty/bullet/src/BulletSoftBody/btSoftRigidCollisionAlgorithm.cpp b/thirdparty/bullet/BulletSoftBody/btSoftRigidCollisionAlgorithm.cpp
index 01c148a2ca..01c148a2ca 100644
--- a/thirdparty/bullet/src/BulletSoftBody/btSoftRigidCollisionAlgorithm.cpp
+++ b/thirdparty/bullet/BulletSoftBody/btSoftRigidCollisionAlgorithm.cpp
diff --git a/thirdparty/bullet/src/BulletSoftBody/btSoftRigidCollisionAlgorithm.h b/thirdparty/bullet/BulletSoftBody/btSoftRigidCollisionAlgorithm.h
index 93fcc6065b..93fcc6065b 100644
--- a/thirdparty/bullet/src/BulletSoftBody/btSoftRigidCollisionAlgorithm.h
+++ b/thirdparty/bullet/BulletSoftBody/btSoftRigidCollisionAlgorithm.h
diff --git a/thirdparty/bullet/src/BulletSoftBody/btSoftRigidDynamicsWorld.cpp b/thirdparty/bullet/BulletSoftBody/btSoftRigidDynamicsWorld.cpp
index 204b4f576d..204b4f576d 100644
--- a/thirdparty/bullet/src/BulletSoftBody/btSoftRigidDynamicsWorld.cpp
+++ b/thirdparty/bullet/BulletSoftBody/btSoftRigidDynamicsWorld.cpp
diff --git a/thirdparty/bullet/src/BulletSoftBody/btSoftRigidDynamicsWorld.h b/thirdparty/bullet/BulletSoftBody/btSoftRigidDynamicsWorld.h
index d921a6488d..d921a6488d 100644
--- a/thirdparty/bullet/src/BulletSoftBody/btSoftRigidDynamicsWorld.h
+++ b/thirdparty/bullet/BulletSoftBody/btSoftRigidDynamicsWorld.h
diff --git a/thirdparty/bullet/src/BulletSoftBody/btSoftSoftCollisionAlgorithm.cpp b/thirdparty/bullet/BulletSoftBody/btSoftSoftCollisionAlgorithm.cpp
index 72043e69e2..72043e69e2 100644
--- a/thirdparty/bullet/src/BulletSoftBody/btSoftSoftCollisionAlgorithm.cpp
+++ b/thirdparty/bullet/BulletSoftBody/btSoftSoftCollisionAlgorithm.cpp
diff --git a/thirdparty/bullet/src/BulletSoftBody/btSoftSoftCollisionAlgorithm.h b/thirdparty/bullet/BulletSoftBody/btSoftSoftCollisionAlgorithm.h
index 4eab7aea2f..4eab7aea2f 100644
--- a/thirdparty/bullet/src/BulletSoftBody/btSoftSoftCollisionAlgorithm.h
+++ b/thirdparty/bullet/BulletSoftBody/btSoftSoftCollisionAlgorithm.h
diff --git a/thirdparty/bullet/src/BulletSoftBody/btSparseSDF.h b/thirdparty/bullet/BulletSoftBody/btSparseSDF.h
index ba437c28ef..ba437c28ef 100644
--- a/thirdparty/bullet/src/BulletSoftBody/btSparseSDF.h
+++ b/thirdparty/bullet/BulletSoftBody/btSparseSDF.h
diff --git a/thirdparty/bullet/LICENSE.txt b/thirdparty/bullet/LICENSE.txt
new file mode 100644
index 0000000000..319c84e349
--- /dev/null
+++ b/thirdparty/bullet/LICENSE.txt
@@ -0,0 +1,15 @@
+
+The files in this repository are licensed under the zlib license, except for the files under 'Extras' and examples/ThirdPartyLibs.
+
+Bullet Continuous Collision Detection and Physics Library
+http://bulletphysics.org
+
+This software is provided 'as-is', without any express or implied warranty.
+In no event will the authors be held liable for any damages arising from the use of this software.
+Permission is granted to anyone to use this software for any purpose,
+including commercial applications, and to alter it and redistribute it freely,
+subject to the following restrictions:
+
+1. The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation would be appreciated but is not required.
+2. Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software.
+3. This notice may not be removed or altered from any source distribution.
diff --git a/thirdparty/bullet/src/LinearMath/btAabbUtil2.h b/thirdparty/bullet/LinearMath/btAabbUtil2.h
index d2997b4e65..d2997b4e65 100644
--- a/thirdparty/bullet/src/LinearMath/btAabbUtil2.h
+++ b/thirdparty/bullet/LinearMath/btAabbUtil2.h
diff --git a/thirdparty/bullet/src/LinearMath/btAlignedAllocator.cpp b/thirdparty/bullet/LinearMath/btAlignedAllocator.cpp
index e5f6040c43..e5f6040c43 100644
--- a/thirdparty/bullet/src/LinearMath/btAlignedAllocator.cpp
+++ b/thirdparty/bullet/LinearMath/btAlignedAllocator.cpp
diff --git a/thirdparty/bullet/src/LinearMath/btAlignedAllocator.h b/thirdparty/bullet/LinearMath/btAlignedAllocator.h
index 9873b338d9..9873b338d9 100644
--- a/thirdparty/bullet/src/LinearMath/btAlignedAllocator.h
+++ b/thirdparty/bullet/LinearMath/btAlignedAllocator.h
diff --git a/thirdparty/bullet/src/LinearMath/btAlignedObjectArray.h b/thirdparty/bullet/LinearMath/btAlignedObjectArray.h
index f0b646529a..f0b646529a 100644
--- a/thirdparty/bullet/src/LinearMath/btAlignedObjectArray.h
+++ b/thirdparty/bullet/LinearMath/btAlignedObjectArray.h
diff --git a/thirdparty/bullet/src/LinearMath/btConvexHull.cpp b/thirdparty/bullet/LinearMath/btConvexHull.cpp
index f8b79a1aba..f8b79a1aba 100644
--- a/thirdparty/bullet/src/LinearMath/btConvexHull.cpp
+++ b/thirdparty/bullet/LinearMath/btConvexHull.cpp
diff --git a/thirdparty/bullet/src/LinearMath/btConvexHull.h b/thirdparty/bullet/LinearMath/btConvexHull.h
index 69c52bc6f8..69c52bc6f8 100644
--- a/thirdparty/bullet/src/LinearMath/btConvexHull.h
+++ b/thirdparty/bullet/LinearMath/btConvexHull.h
diff --git a/thirdparty/bullet/src/LinearMath/btConvexHullComputer.cpp b/thirdparty/bullet/LinearMath/btConvexHullComputer.cpp
index 2ea22cbe3b..2ea22cbe3b 100644
--- a/thirdparty/bullet/src/LinearMath/btConvexHullComputer.cpp
+++ b/thirdparty/bullet/LinearMath/btConvexHullComputer.cpp
diff --git a/thirdparty/bullet/src/LinearMath/btConvexHullComputer.h b/thirdparty/bullet/LinearMath/btConvexHullComputer.h
index 7240ac4fb5..7240ac4fb5 100644
--- a/thirdparty/bullet/src/LinearMath/btConvexHullComputer.h
+++ b/thirdparty/bullet/LinearMath/btConvexHullComputer.h
diff --git a/thirdparty/bullet/src/LinearMath/btCpuFeatureUtility.h b/thirdparty/bullet/LinearMath/btCpuFeatureUtility.h
index d2cab52d48..d2cab52d48 100644
--- a/thirdparty/bullet/src/LinearMath/btCpuFeatureUtility.h
+++ b/thirdparty/bullet/LinearMath/btCpuFeatureUtility.h
diff --git a/thirdparty/bullet/src/LinearMath/btDefaultMotionState.h b/thirdparty/bullet/LinearMath/btDefaultMotionState.h
index 01c5f8d932..01c5f8d932 100644
--- a/thirdparty/bullet/src/LinearMath/btDefaultMotionState.h
+++ b/thirdparty/bullet/LinearMath/btDefaultMotionState.h
diff --git a/thirdparty/bullet/src/LinearMath/btGeometryUtil.cpp b/thirdparty/bullet/LinearMath/btGeometryUtil.cpp
index 5ac230f712..5ac230f712 100644
--- a/thirdparty/bullet/src/LinearMath/btGeometryUtil.cpp
+++ b/thirdparty/bullet/LinearMath/btGeometryUtil.cpp
diff --git a/thirdparty/bullet/src/LinearMath/btGeometryUtil.h b/thirdparty/bullet/LinearMath/btGeometryUtil.h
index a4b13b4560..a4b13b4560 100644
--- a/thirdparty/bullet/src/LinearMath/btGeometryUtil.h
+++ b/thirdparty/bullet/LinearMath/btGeometryUtil.h
diff --git a/thirdparty/bullet/src/LinearMath/btGrahamScan2dConvexHull.h b/thirdparty/bullet/LinearMath/btGrahamScan2dConvexHull.h
index 13a79aa585..13a79aa585 100644
--- a/thirdparty/bullet/src/LinearMath/btGrahamScan2dConvexHull.h
+++ b/thirdparty/bullet/LinearMath/btGrahamScan2dConvexHull.h
diff --git a/thirdparty/bullet/src/LinearMath/btHashMap.h b/thirdparty/bullet/LinearMath/btHashMap.h
index 5e9cdb6054..5e9cdb6054 100644
--- a/thirdparty/bullet/src/LinearMath/btHashMap.h
+++ b/thirdparty/bullet/LinearMath/btHashMap.h
diff --git a/thirdparty/bullet/src/LinearMath/btIDebugDraw.h b/thirdparty/bullet/LinearMath/btIDebugDraw.h
index 936aaa896b..936aaa896b 100644
--- a/thirdparty/bullet/src/LinearMath/btIDebugDraw.h
+++ b/thirdparty/bullet/LinearMath/btIDebugDraw.h
diff --git a/thirdparty/bullet/src/LinearMath/btList.h b/thirdparty/bullet/LinearMath/btList.h
index eec80a7064..eec80a7064 100644
--- a/thirdparty/bullet/src/LinearMath/btList.h
+++ b/thirdparty/bullet/LinearMath/btList.h
diff --git a/thirdparty/bullet/src/LinearMath/btMatrix3x3.h b/thirdparty/bullet/LinearMath/btMatrix3x3.h
index 9f642a1779..9f642a1779 100644
--- a/thirdparty/bullet/src/LinearMath/btMatrix3x3.h
+++ b/thirdparty/bullet/LinearMath/btMatrix3x3.h
diff --git a/thirdparty/bullet/src/LinearMath/btMatrixX.h b/thirdparty/bullet/LinearMath/btMatrixX.h
index 42caed42ef..42caed42ef 100644
--- a/thirdparty/bullet/src/LinearMath/btMatrixX.h
+++ b/thirdparty/bullet/LinearMath/btMatrixX.h
diff --git a/thirdparty/bullet/src/LinearMath/btMinMax.h b/thirdparty/bullet/LinearMath/btMinMax.h
index 5b436e9ba4..5b436e9ba4 100644
--- a/thirdparty/bullet/src/LinearMath/btMinMax.h
+++ b/thirdparty/bullet/LinearMath/btMinMax.h
diff --git a/thirdparty/bullet/src/LinearMath/btMotionState.h b/thirdparty/bullet/LinearMath/btMotionState.h
index 9431814090..9431814090 100644
--- a/thirdparty/bullet/src/LinearMath/btMotionState.h
+++ b/thirdparty/bullet/LinearMath/btMotionState.h
diff --git a/thirdparty/bullet/src/LinearMath/btPolarDecomposition.cpp b/thirdparty/bullet/LinearMath/btPolarDecomposition.cpp
index b3664faa4e..b3664faa4e 100644
--- a/thirdparty/bullet/src/LinearMath/btPolarDecomposition.cpp
+++ b/thirdparty/bullet/LinearMath/btPolarDecomposition.cpp
diff --git a/thirdparty/bullet/src/LinearMath/btPolarDecomposition.h b/thirdparty/bullet/LinearMath/btPolarDecomposition.h
index 1feea0f78e..1feea0f78e 100644
--- a/thirdparty/bullet/src/LinearMath/btPolarDecomposition.h
+++ b/thirdparty/bullet/LinearMath/btPolarDecomposition.h
diff --git a/thirdparty/bullet/src/LinearMath/btPoolAllocator.h b/thirdparty/bullet/LinearMath/btPoolAllocator.h
index efdeda8ffc..efdeda8ffc 100644
--- a/thirdparty/bullet/src/LinearMath/btPoolAllocator.h
+++ b/thirdparty/bullet/LinearMath/btPoolAllocator.h
diff --git a/thirdparty/bullet/src/LinearMath/btQuadWord.h b/thirdparty/bullet/LinearMath/btQuadWord.h
index fcfb3be444..fcfb3be444 100644
--- a/thirdparty/bullet/src/LinearMath/btQuadWord.h
+++ b/thirdparty/bullet/LinearMath/btQuadWord.h
diff --git a/thirdparty/bullet/src/LinearMath/btQuaternion.h b/thirdparty/bullet/LinearMath/btQuaternion.h
index 7bd39e6a33..7bd39e6a33 100644
--- a/thirdparty/bullet/src/LinearMath/btQuaternion.h
+++ b/thirdparty/bullet/LinearMath/btQuaternion.h
diff --git a/thirdparty/bullet/src/LinearMath/btQuickprof.cpp b/thirdparty/bullet/LinearMath/btQuickprof.cpp
index aed3104a6e..aed3104a6e 100644
--- a/thirdparty/bullet/src/LinearMath/btQuickprof.cpp
+++ b/thirdparty/bullet/LinearMath/btQuickprof.cpp
diff --git a/thirdparty/bullet/src/LinearMath/btQuickprof.h b/thirdparty/bullet/LinearMath/btQuickprof.h
index 7b38d71b90..7b38d71b90 100644
--- a/thirdparty/bullet/src/LinearMath/btQuickprof.h
+++ b/thirdparty/bullet/LinearMath/btQuickprof.h
diff --git a/thirdparty/bullet/src/LinearMath/btRandom.h b/thirdparty/bullet/LinearMath/btRandom.h
index 4cbfc6bfe9..4cbfc6bfe9 100644
--- a/thirdparty/bullet/src/LinearMath/btRandom.h
+++ b/thirdparty/bullet/LinearMath/btRandom.h
diff --git a/thirdparty/bullet/src/LinearMath/btScalar.h b/thirdparty/bullet/LinearMath/btScalar.h
index bffb2ce274..bffb2ce274 100644
--- a/thirdparty/bullet/src/LinearMath/btScalar.h
+++ b/thirdparty/bullet/LinearMath/btScalar.h
diff --git a/thirdparty/bullet/src/LinearMath/btSerializer.cpp b/thirdparty/bullet/LinearMath/btSerializer.cpp
index fcd2255ad5..fcd2255ad5 100644
--- a/thirdparty/bullet/src/LinearMath/btSerializer.cpp
+++ b/thirdparty/bullet/LinearMath/btSerializer.cpp
diff --git a/thirdparty/bullet/src/LinearMath/btSerializer.h b/thirdparty/bullet/LinearMath/btSerializer.h
index 89b4d74683..89b4d74683 100644
--- a/thirdparty/bullet/src/LinearMath/btSerializer.h
+++ b/thirdparty/bullet/LinearMath/btSerializer.h
diff --git a/thirdparty/bullet/src/LinearMath/btSerializer64.cpp b/thirdparty/bullet/LinearMath/btSerializer64.cpp
index 05f59202d7..05f59202d7 100644
--- a/thirdparty/bullet/src/LinearMath/btSerializer64.cpp
+++ b/thirdparty/bullet/LinearMath/btSerializer64.cpp
diff --git a/thirdparty/bullet/src/LinearMath/btSpatialAlgebra.h b/thirdparty/bullet/LinearMath/btSpatialAlgebra.h
index 8e59658bca..8e59658bca 100644
--- a/thirdparty/bullet/src/LinearMath/btSpatialAlgebra.h
+++ b/thirdparty/bullet/LinearMath/btSpatialAlgebra.h
diff --git a/thirdparty/bullet/src/LinearMath/btStackAlloc.h b/thirdparty/bullet/LinearMath/btStackAlloc.h
index 397b084877..397b084877 100644
--- a/thirdparty/bullet/src/LinearMath/btStackAlloc.h
+++ b/thirdparty/bullet/LinearMath/btStackAlloc.h
diff --git a/thirdparty/bullet/src/LinearMath/btThreads.cpp b/thirdparty/bullet/LinearMath/btThreads.cpp
index 59a7ea36e9..59a7ea36e9 100644
--- a/thirdparty/bullet/src/LinearMath/btThreads.cpp
+++ b/thirdparty/bullet/LinearMath/btThreads.cpp
diff --git a/thirdparty/bullet/src/LinearMath/btThreads.h b/thirdparty/bullet/LinearMath/btThreads.h
index 05fd15ec82..05fd15ec82 100644
--- a/thirdparty/bullet/src/LinearMath/btThreads.h
+++ b/thirdparty/bullet/LinearMath/btThreads.h
diff --git a/thirdparty/bullet/src/LinearMath/btTransform.h b/thirdparty/bullet/LinearMath/btTransform.h
index d4f939a5d9..d4f939a5d9 100644
--- a/thirdparty/bullet/src/LinearMath/btTransform.h
+++ b/thirdparty/bullet/LinearMath/btTransform.h
diff --git a/thirdparty/bullet/src/LinearMath/btTransformUtil.h b/thirdparty/bullet/LinearMath/btTransformUtil.h
index 182cc43fab..182cc43fab 100644
--- a/thirdparty/bullet/src/LinearMath/btTransformUtil.h
+++ b/thirdparty/bullet/LinearMath/btTransformUtil.h
diff --git a/thirdparty/bullet/src/LinearMath/btVector3.cpp b/thirdparty/bullet/LinearMath/btVector3.cpp
index e05bdccd67..e05bdccd67 100644
--- a/thirdparty/bullet/src/LinearMath/btVector3.cpp
+++ b/thirdparty/bullet/LinearMath/btVector3.cpp
diff --git a/thirdparty/bullet/src/LinearMath/btVector3.h b/thirdparty/bullet/LinearMath/btVector3.h
index c69effa96e..c69effa96e 100644
--- a/thirdparty/bullet/src/LinearMath/btVector3.h
+++ b/thirdparty/bullet/LinearMath/btVector3.h
diff --git a/thirdparty/bullet/src/btBulletCollisionCommon.h b/thirdparty/bullet/btBulletCollisionCommon.h
index 948e02eb4c..948e02eb4c 100644
--- a/thirdparty/bullet/src/btBulletCollisionCommon.h
+++ b/thirdparty/bullet/btBulletCollisionCommon.h
diff --git a/thirdparty/bullet/src/btBulletDynamicsCommon.h b/thirdparty/bullet/btBulletDynamicsCommon.h
index 50282bf210..50282bf210 100644
--- a/thirdparty/bullet/src/btBulletDynamicsCommon.h
+++ b/thirdparty/bullet/btBulletDynamicsCommon.h
diff --git a/thirdparty/bullet/src/clew/clew.c b/thirdparty/bullet/clew/clew.c
index a07b0aad75..a07b0aad75 100644
--- a/thirdparty/bullet/src/clew/clew.c
+++ b/thirdparty/bullet/clew/clew.c
diff --git a/thirdparty/bullet/src/clew/clew.h b/thirdparty/bullet/clew/clew.h
index ee0fef18b4..ee0fef18b4 100644
--- a/thirdparty/bullet/src/clew/clew.h
+++ b/thirdparty/bullet/clew/clew.h
diff --git a/thirdparty/bullet/src/Bullet3Collision/CMakeLists.txt b/thirdparty/bullet/src/Bullet3Collision/CMakeLists.txt
deleted file mode 100644
index 130095cc04..0000000000
--- a/thirdparty/bullet/src/Bullet3Collision/CMakeLists.txt
+++ /dev/null
@@ -1,93 +0,0 @@
-
-INCLUDE_DIRECTORIES(
-	${BULLET_PHYSICS_SOURCE_DIR}/src
-)
-
-SET(Bullet3Collision_SRCS
-	BroadPhaseCollision/b3DynamicBvh.cpp
-	BroadPhaseCollision/b3DynamicBvhBroadphase.cpp
-	BroadPhaseCollision/b3OverlappingPairCache.cpp
-	NarrowPhaseCollision/b3ConvexUtility.cpp
-	NarrowPhaseCollision/b3CpuNarrowPhase.cpp
-)
-
-SET(Bullet3CollisionBroadPhase_HDRS
-	BroadPhaseCollision/b3BroadphaseCallback.h
-	BroadPhaseCollision/b3DynamicBvh.h
-	BroadPhaseCollision/b3DynamicBvhBroadphase.h
-	BroadPhaseCollision/b3OverlappingPair.h
-	BroadPhaseCollision/b3OverlappingPairCache.h
-)
-SET(Bullet3CollisionBroadPhaseShared_HDRS
-	BroadPhaseCollision/shared/b3Aabb.h
-)
-
-SET(Bullet3CollisionNarrowPhase_HDRS
-	NarrowPhaseCollision/b3Config.h
-	NarrowPhaseCollision/b3Contact4.h
-	NarrowPhaseCollision/b3ConvexUtility.h
-	NarrowPhaseCollision/b3CpuNarrowPhase.h
-	NarrowPhaseCollision/b3RaycastInfo.h
-	NarrowPhaseCollision/b3RigidBodyCL.h
-)
-SET(Bullet3CollisionNarrowPhaseShared_HDRS
-
-	NarrowPhaseCollision/shared/b3BvhSubtreeInfoData.h
-	NarrowPhaseCollision/shared/b3BvhTraversal.h
-	NarrowPhaseCollision/shared/b3ClipFaces.h
-	NarrowPhaseCollision/shared/b3Collidable.h
-	NarrowPhaseCollision/shared/b3Contact4Data.h
-	NarrowPhaseCollision/shared/b3ContactConvexConvexSAT.h
-	NarrowPhaseCollision/shared/b3ContactSphereSphere.h
-	NarrowPhaseCollision/shared/b3ConvexPolyhedronData.h
-	NarrowPhaseCollision/shared/b3FindConcaveSatAxis.h
-	NarrowPhaseCollision/shared/b3FindSeparatingAxis.h
-	NarrowPhaseCollision/shared/b3MprPenetration.h
-	NarrowPhaseCollision/shared/b3NewContactReduction.h
-	NarrowPhaseCollision/shared/b3QuantizedBvhNodeData.h
-	NarrowPhaseCollision/shared/b3ReduceContacts.h
-	NarrowPhaseCollision/shared/b3RigidBodyData.h
-	NarrowPhaseCollision/shared/b3UpdateAabbs.h
-)
-
-SET(Bullet3Collision_HDRS
-	${Bullet3CollisionBroadPhase_HDRS}
-	${Bullet3CollisionBroadPhaseShared_HDRS}
-	${Bullet3CollisionNarrowPhaseShared_HDRS}
-	${Bullet3CollisionNarrowPhase_HDRS}
-)
-
-ADD_LIBRARY(Bullet3Collision ${Bullet3Collision_SRCS} ${Bullet3Collision_HDRS})
-if (BUILD_SHARED_LIBS)
-  target_link_libraries(Bullet3Collision Bullet3Geometry)
-endif ()
-SET_TARGET_PROPERTIES(Bullet3Collision PROPERTIES VERSION ${BULLET_VERSION})
-SET_TARGET_PROPERTIES(Bullet3Collision PROPERTIES SOVERSION ${BULLET_VERSION})
-
-IF (INSTALL_LIBS)
-	IF (NOT INTERNAL_CREATE_DISTRIBUTABLE_MSVC_PROJECTFILES)
-		#FILES_MATCHING requires CMake 2.6
-		IF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-			IF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-				INSTALL(TARGETS Bullet3Collision DESTINATION .)
-			ELSE (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-				INSTALL(TARGETS Bullet3Collision
-					RUNTIME DESTINATION bin
-					LIBRARY DESTINATION lib${LIB_SUFFIX}
-					ARCHIVE DESTINATION lib${LIB_SUFFIX})
-				INSTALL(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
-DESTINATION ${INCLUDE_INSTALL_DIR} FILES_MATCHING PATTERN "*.h"  PATTERN
-".svn" EXCLUDE PATTERN "CMakeFiles" EXCLUDE)
-			ENDIF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-		ENDIF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-
-		IF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-			SET_TARGET_PROPERTIES(Bullet3Collision PROPERTIES FRAMEWORK true)
-			SET_TARGET_PROPERTIES(Bullet3Collision PROPERTIES PUBLIC_HEADER "${Bullet3Collision_HDRS}")
-			# Have to list out sub-directories manually:
-			#todo
-			#SET_PROPERTY(SOURCE ${Bullet3CollisionBroadPhase_HDRS} PROPERTY MACOSX_PACKAGE_LOCATION Headers/BroadPhaseCollision)
-
-		ENDIF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-	ENDIF (NOT INTERNAL_CREATE_DISTRIBUTABLE_MSVC_PROJECTFILES)
-ENDIF (INSTALL_LIBS)
diff --git a/thirdparty/bullet/src/Bullet3Collision/premake4.lua b/thirdparty/bullet/src/Bullet3Collision/premake4.lua
deleted file mode 100644
index 0b47f8ea5b..0000000000
--- a/thirdparty/bullet/src/Bullet3Collision/premake4.lua
+++ /dev/null
@@ -1,13 +0,0 @@
-	project "Bullet3Collision"
-
-	language "C++"
-				
-	kind "StaticLib"
-		
-	includedirs {".."}
-
-
-	files {
-		"**.cpp",
-		"**.h"
-	}
\ No newline at end of file
diff --git a/thirdparty/bullet/src/Bullet3Common/CMakeLists.txt b/thirdparty/bullet/src/Bullet3Common/CMakeLists.txt
deleted file mode 100644
index e899e67d94..0000000000
--- a/thirdparty/bullet/src/Bullet3Common/CMakeLists.txt
+++ /dev/null
@@ -1,63 +0,0 @@
-
-INCLUDE_DIRECTORIES(
-	${BULLET_PHYSICS_SOURCE_DIR}/src
-)
-
-SET(Bullet3Common_SRCS
-	b3AlignedAllocator.cpp
-	b3Vector3.cpp
-	b3Logging.cpp
-)
-
-SET(Bullet3Common_HDRS
-	b3AlignedAllocator.h
-	b3AlignedObjectArray.h
-	b3CommandLineArgs.h
-	b3HashMap.h
-	b3Logging.h
-	b3Matrix3x3.h
-	b3MinMax.h
-	b3PoolAllocator.h
-	b3QuadWord.h
-	b3Quaternion.h
-	b3Random.h
-	b3Scalar.h
-	b3StackAlloc.h
-	b3Transform.h
-	b3TransformUtil.h
-	b3Vector3.h
-	shared/b3Float4
-	shared/b3Int2.h
-	shared/b3Int4.h
-	shared/b3Mat3x3.h
-	shared/b3PlatformDefinitions
-	shared/b3Quat.h
-)
-
-ADD_LIBRARY(Bullet3Common ${Bullet3Common_SRCS} ${Bullet3Common_HDRS})
-SET_TARGET_PROPERTIES(Bullet3Common PROPERTIES VERSION ${BULLET_VERSION})
-SET_TARGET_PROPERTIES(Bullet3Common PROPERTIES SOVERSION ${BULLET_VERSION})
-
-IF (INSTALL_LIBS)
-	IF (NOT INTERNAL_CREATE_DISTRIBUTABLE_MSVC_PROJECTFILES)
-		#FILES_MATCHING requires CMake 2.6
-		IF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-			IF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-				INSTALL(TARGETS Bullet3Common DESTINATION .)
-			ELSE (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-				INSTALL(TARGETS Bullet3Common
-					RUNTIME DESTINATION bin
-					LIBRARY DESTINATION lib${LIB_SUFFIX}
-					ARCHIVE DESTINATION lib${LIB_SUFFIX})
-				INSTALL(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
-DESTINATION ${INCLUDE_INSTALL_DIR} FILES_MATCHING PATTERN "*.h"  PATTERN
-".svn" EXCLUDE PATTERN "CMakeFiles" EXCLUDE)
-			ENDIF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-		ENDIF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-
-		IF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-			SET_TARGET_PROPERTIES(Bullet3Common PROPERTIES FRAMEWORK true)
-			SET_TARGET_PROPERTIES(Bullet3Common PROPERTIES PUBLIC_HEADER "${Bullet3Common_HDRS}")
-		ENDIF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-	ENDIF (NOT INTERNAL_CREATE_DISTRIBUTABLE_MSVC_PROJECTFILES)
-ENDIF (INSTALL_LIBS)
diff --git a/thirdparty/bullet/src/Bullet3Common/premake4.lua b/thirdparty/bullet/src/Bullet3Common/premake4.lua
deleted file mode 100644
index 1331c6327e..0000000000
--- a/thirdparty/bullet/src/Bullet3Common/premake4.lua
+++ /dev/null
@@ -1,12 +0,0 @@
-	project "Bullet3Common"
-
-	language "C++"
-				
-	kind "StaticLib"
-		
-	includedirs {".."}
-
-	files {
-		"*.cpp",
-		"*.h"
-	}
diff --git a/thirdparty/bullet/src/Bullet3Dynamics/CMakeLists.txt b/thirdparty/bullet/src/Bullet3Dynamics/CMakeLists.txt
deleted file mode 100644
index 94c120d9b5..0000000000
--- a/thirdparty/bullet/src/Bullet3Dynamics/CMakeLists.txt
+++ /dev/null
@@ -1,61 +0,0 @@
-
-INCLUDE_DIRECTORIES(
-	${BULLET_PHYSICS_SOURCE_DIR}/src
-)
-
-SET(Bullet3Dynamics_SRCS
-	b3CpuRigidBodyPipeline.cpp
-	ConstraintSolver/b3FixedConstraint.cpp
-	ConstraintSolver/b3Generic6DofConstraint.cpp
-	ConstraintSolver/b3PgsJacobiSolver.cpp
-	ConstraintSolver/b3Point2PointConstraint.cpp
-	ConstraintSolver/b3TypedConstraint.cpp
-)
-
-SET(Bullet3Dynamics_HDRS
-	  b3CpuRigidBodyPipeline.h
-	ConstraintSolver/b3ContactSolverInfo.h
-	ConstraintSolver/b3FixedConstraint.h
-	ConstraintSolver/b3Generic6DofConstraint.h
-	ConstraintSolver/b3JacobianEntry.h
-	ConstraintSolver/b3PgsJacobiSolver.h
-	ConstraintSolver/b3Point2PointConstraint.h
-	ConstraintSolver/b3SolverBody.h
-	ConstraintSolver/b3SolverConstraint.h
-	ConstraintSolver/b3TypedConstraint.h
-	shared/b3ContactConstraint4.h
-	shared/b3ConvertConstraint4.h
-	shared/b3Inertia.h
-	shared/b3IntegrateTransforms.h
-)
-
-ADD_LIBRARY(Bullet3Dynamics ${Bullet3Dynamics_SRCS} ${Bullet3Dynamics_HDRS})
-if (BUILD_SHARED_LIBS)
-  target_link_libraries(Bullet3Dynamics Bullet3Collision)
-endif ()
-SET_TARGET_PROPERTIES(Bullet3Dynamics PROPERTIES VERSION ${BULLET_VERSION})
-SET_TARGET_PROPERTIES(Bullet3Dynamics PROPERTIES SOVERSION ${BULLET_VERSION})
-
-IF (INSTALL_LIBS)
-	IF (NOT INTERNAL_CREATE_DISTRIBUTABLE_MSVC_PROJECTFILES)
-		#FILES_MATCHING requires CMake 2.6
-		IF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-			IF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-				INSTALL(TARGETS Bullet3Dynamics DESTINATION .)
-			ELSE (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-				INSTALL(TARGETS Bullet3Dynamics
-					RUNTIME DESTINATION bin
-					LIBRARY DESTINATION lib${LIB_SUFFIX}
-					ARCHIVE DESTINATION lib${LIB_SUFFIX})
-				INSTALL(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
-DESTINATION ${INCLUDE_INSTALL_DIR} FILES_MATCHING PATTERN "*.h"  PATTERN
-".svn" EXCLUDE PATTERN "CMakeFiles" EXCLUDE)
-			ENDIF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-		ENDIF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-
-		IF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-			SET_TARGET_PROPERTIES(Bullet3Dynamics PROPERTIES FRAMEWORK true)
-			SET_TARGET_PROPERTIES(Bullet3Dynamics PROPERTIES PUBLIC_HEADER "${Bullet3Dynamics_HDRS}")
-		ENDIF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-	ENDIF (NOT INTERNAL_CREATE_DISTRIBUTABLE_MSVC_PROJECTFILES)
-ENDIF (INSTALL_LIBS)
diff --git a/thirdparty/bullet/src/Bullet3Dynamics/premake4.lua b/thirdparty/bullet/src/Bullet3Dynamics/premake4.lua
deleted file mode 100644
index 669336a6a1..0000000000
--- a/thirdparty/bullet/src/Bullet3Dynamics/premake4.lua
+++ /dev/null
@@ -1,15 +0,0 @@
-	project "Bullet3Dynamics"
-
-	language "C++"
-				
-	kind "StaticLib"
-
-	includedirs {
-		".."
-	}		
-	
-
-	files {
-		"**.cpp",
-		"**.h"
-	}
\ No newline at end of file
diff --git a/thirdparty/bullet/src/Bullet3Geometry/CMakeLists.txt b/thirdparty/bullet/src/Bullet3Geometry/CMakeLists.txt
deleted file mode 100644
index 8206872705..0000000000
--- a/thirdparty/bullet/src/Bullet3Geometry/CMakeLists.txt
+++ /dev/null
@@ -1,47 +0,0 @@
-
-INCLUDE_DIRECTORIES(
-	${BULLET_PHYSICS_SOURCE_DIR}/src
-)
-
-SET(Bullet3Geometry_SRCS
-	b3ConvexHullComputer.cpp
-	b3GeometryUtil.cpp
-)
-
-SET(Bullet3Geometry_HDRS
-	b3AabbUtil.h
-	b3ConvexHullComputer.h
-	b3GeometryUtil.h
-	b3GrahamScan2dConvexHull.h
-)
-
-ADD_LIBRARY(Bullet3Geometry ${Bullet3Geometry_SRCS} ${Bullet3Geometry_HDRS})
-if (BUILD_SHARED_LIBS)
-  target_link_libraries(Bullet3Geometry Bullet3Common)
-endif()
-SET_TARGET_PROPERTIES(Bullet3Geometry PROPERTIES VERSION ${BULLET_VERSION})
-SET_TARGET_PROPERTIES(Bullet3Geometry PROPERTIES SOVERSION ${BULLET_VERSION})
-
-IF (INSTALL_LIBS)
-	IF (NOT INTERNAL_CREATE_DISTRIBUTABLE_MSVC_PROJECTFILES)
-		#FILES_MATCHING requires CMake 2.6
-		IF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-			IF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-				INSTALL(TARGETS Bullet3Geometry DESTINATION .)
-			ELSE (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-				INSTALL(TARGETS Bullet3Geometry
-					RUNTIME DESTINATION bin
-					LIBRARY DESTINATION lib${LIB_SUFFIX}
-					ARCHIVE DESTINATION lib${LIB_SUFFIX})
-				INSTALL(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
-DESTINATION ${INCLUDE_INSTALL_DIR} FILES_MATCHING PATTERN "*.h"  PATTERN
-".svn" EXCLUDE PATTERN "CMakeFiles" EXCLUDE)
-			ENDIF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-		ENDIF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-
-		IF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-			SET_TARGET_PROPERTIES(Bullet3Geometry PROPERTIES FRAMEWORK true)
-			SET_TARGET_PROPERTIES(Bullet3Geometry PROPERTIES PUBLIC_HEADER "${Bullet3Geometry_HDRS}")
-		ENDIF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-	ENDIF (NOT INTERNAL_CREATE_DISTRIBUTABLE_MSVC_PROJECTFILES)
-ENDIF (INSTALL_LIBS)
diff --git a/thirdparty/bullet/src/Bullet3Geometry/premake4.lua b/thirdparty/bullet/src/Bullet3Geometry/premake4.lua
deleted file mode 100644
index 1a230f8c01..0000000000
--- a/thirdparty/bullet/src/Bullet3Geometry/premake4.lua
+++ /dev/null
@@ -1,13 +0,0 @@
-	project "Bullet3Geometry"
-
-	language "C++"
-				
-	kind "StaticLib"
-		
-	includedirs {".."}
-	
-
-	files {
-		"**.cpp",
-		"**.h"
-	}
\ No newline at end of file
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/CMakeLists.txt b/thirdparty/bullet/src/Bullet3OpenCL/CMakeLists.txt
deleted file mode 100644
index 1da58d4a99..0000000000
--- a/thirdparty/bullet/src/Bullet3OpenCL/CMakeLists.txt
+++ /dev/null
@@ -1,77 +0,0 @@
-INCLUDE_DIRECTORIES( ${BULLET_PHYSICS_SOURCE_DIR}/src  )
-
-ADD_DEFINITIONS(-DB3_USE_CLEW)
-
-SET(Bullet3OpenCL_clew_SRCS
-	../clew/clew.c
-	BroadphaseCollision/b3GpuGridBroadphase.cpp
-	BroadphaseCollision/b3GpuSapBroadphase.cpp
-	BroadphaseCollision/b3GpuParallelLinearBvhBroadphase.cpp
-	BroadphaseCollision/b3GpuParallelLinearBvh.cpp
-	Initialize/b3OpenCLUtils.cpp
-	NarrowphaseCollision/b3ContactCache.cpp
-	NarrowphaseCollision/b3ConvexHullContact.cpp
-	NarrowphaseCollision/b3GjkEpa.cpp
-	NarrowphaseCollision/b3OptimizedBvh.cpp
-	NarrowphaseCollision/b3QuantizedBvh.cpp
-	NarrowphaseCollision/b3StridingMeshInterface.cpp
-	NarrowphaseCollision/b3TriangleCallback.cpp
-	NarrowphaseCollision/b3TriangleIndexVertexArray.cpp
-	NarrowphaseCollision/b3VoronoiSimplexSolver.cpp
-	ParallelPrimitives/b3BoundSearchCL.cpp
-	ParallelPrimitives/b3FillCL.cpp
-	ParallelPrimitives/b3LauncherCL.cpp
-	ParallelPrimitives/b3PrefixScanCL.cpp
-	ParallelPrimitives/b3PrefixScanFloat4CL.cpp
-	ParallelPrimitives/b3RadixSort32CL.cpp
-	Raycast/b3GpuRaycast.cpp
-	RigidBody/b3GpuGenericConstraint.cpp
-	RigidBody/b3GpuJacobiContactSolver.cpp
-	RigidBody/b3GpuNarrowPhase.cpp
-	RigidBody/b3GpuPgsConstraintSolver.cpp
-	RigidBody/b3GpuPgsContactSolver.cpp
-	RigidBody/b3GpuRigidBodyPipeline.cpp
-	RigidBody/b3Solver.cpp
-)
-
-
-SET(Bullet3OpenCL_clew_HDRS
-#	${Root_HDRS}
-)
-
-
-ADD_LIBRARY(Bullet3OpenCL_clew ${Bullet3OpenCL_clew_SRCS} ${Bullet3OpenCL_clew_HDRS})
-SET_TARGET_PROPERTIES(Bullet3OpenCL_clew PROPERTIES VERSION ${BULLET_VERSION})
-SET_TARGET_PROPERTIES(Bullet3OpenCL_clew PROPERTIES SOVERSION ${BULLET_VERSION})
-IF (BUILD_SHARED_LIBS)
-  TARGET_LINK_LIBRARIES(Bullet3OpenCL_clew LinearMath Bullet3Dynamics ${CMAKE_DL_LIBS})
-ENDIF (BUILD_SHARED_LIBS)
-
-
-IF (INSTALL_LIBS)
-	IF (NOT INTERNAL_CREATE_DISTRIBUTABLE_MSVC_PROJECTFILES)
-		#INSTALL of other files requires CMake 2.6
-		IF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-			IF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-				INSTALL(TARGETS Bullet3OpenCL_clew DESTINATION .)
-			ELSE (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-				INSTALL(TARGETS Bullet3OpenCL_clew RUNTIME DESTINATION bin
-								LIBRARY DESTINATION lib${LIB_SUFFIX}
-								ARCHIVE DESTINATION lib${LIB_SUFFIX})
-				INSTALL(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
-DESTINATION ${INCLUDE_INSTALL_DIR} FILES_MATCHING PATTERN "*.h" PATTERN ".svn" EXCLUDE PATTERN "CMakeFiles" EXCLUDE)
-#				INSTALL(FILES ../btBullet3OpenCL_clewCommon.h
-#DESTINATION ${INCLUDE_INSTALL_DIR}/Bullet3OpenCL_clew)
-			ENDIF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-		ENDIF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-
-		IF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-			SET_TARGET_PROPERTIES(Bullet3OpenCL_clew PROPERTIES FRAMEWORK true)
-
-			SET_TARGET_PROPERTIES(Bullet3OpenCL_clew PROPERTIES PUBLIC_HEADER "${Root_HDRS}")
-			# Have to list out sub-directories manually:
-			SET_PROPERTY(SOURCE ${BroadphaseCollision_HDRS} PROPERTY MACOSX_PACKAGE_LOCATION Headers/BroadphaseCollision)
-
-		ENDIF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-	ENDIF (NOT INTERNAL_CREATE_DISTRIBUTABLE_MSVC_PROJECTFILES)
-ENDIF (INSTALL_LIBS)
diff --git a/thirdparty/bullet/src/Bullet3OpenCL/premake4.lua b/thirdparty/bullet/src/Bullet3OpenCL/premake4.lua
deleted file mode 100644
index 55a8613634..0000000000
--- a/thirdparty/bullet/src/Bullet3OpenCL/premake4.lua
+++ /dev/null
@@ -1,29 +0,0 @@
-function createProject(vendor)
-	hasCL = findOpenCL(vendor)
-	
-	if (hasCL) then
-		
-		project ("Bullet3OpenCL_" .. vendor)
-	
-		initOpenCL(vendor)
-			
-		kind "StaticLib"
-		
-		
-		includedirs {
-			".",".."
-		}
-		
-		files {
-			"**.cpp",
-			"**.h"
-		}
-		
-	end
-end
-
-createProject("clew")
-createProject("AMD")
-createProject("Intel")
-createProject("NVIDIA")
-createProject("Apple")
diff --git a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/CMakeLists.txt b/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/CMakeLists.txt
deleted file mode 100644
index 125576634f..0000000000
--- a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/CMakeLists.txt
+++ /dev/null
@@ -1,55 +0,0 @@
-
-INCLUDE_DIRECTORIES(
-	${BULLET_PHYSICS_SOURCE_DIR}/src
-)
-
-SET(Bullet2FileLoader_SRCS
-	b3BulletFile.cpp
-	b3Chunk.cpp
-	b3DNA.cpp
-	b3File.cpp
-	b3Serializer.cpp
-)
-
-
-SET(Bullet2FileLoader_HDRS
-	b3BulletFile.h
-	b3Chunk.h
-	b3Common.h
-	b3Defines.h
-	b3DNA.h
-	b3File.h
-	b3Serializer.h
-	autogenerated/bullet2.h
-)
-
-ADD_LIBRARY(Bullet2FileLoader ${Bullet2FileLoader_SRCS} ${Bullet2FileLoader_HDRS})
-if (BUILD_SHARED_LIBS)
-  target_link_libraries(Bullet2FileLoader Bullet3Common)
-endif ()
-SET_TARGET_PROPERTIES(Bullet2FileLoader PROPERTIES VERSION ${BULLET_VERSION})
-SET_TARGET_PROPERTIES(Bullet2FileLoader PROPERTIES SOVERSION ${BULLET_VERSION})
-
-IF (INSTALL_LIBS)
-	IF (NOT INTERNAL_CREATE_DISTRIBUTABLE_MSVC_PROJECTFILES)
-		#FILES_MATCHING requires CMake 2.6
-		IF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-			IF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-				INSTALL(TARGETS Bullet2FileLoader DESTINATION .)
-			ELSE (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-				INSTALL(TARGETS Bullet2FileLoader
-					RUNTIME DESTINATION bin
-					LIBRARY DESTINATION lib${LIB_SUFFIX}
-					ARCHIVE DESTINATION lib${LIB_SUFFIX})
-				INSTALL(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
-DESTINATION ${INCLUDE_INSTALL_DIR} FILES_MATCHING PATTERN "*.h"  PATTERN
-".svn" EXCLUDE PATTERN "CMakeFiles" EXCLUDE)
-			ENDIF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-		ENDIF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-
-		IF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-			SET_TARGET_PROPERTIES(Bullet2FileLoader PROPERTIES FRAMEWORK true)
-			SET_TARGET_PROPERTIES(Bullet2FileLoader PROPERTIES PUBLIC_HEADER "${Bullet2FileLoader_HDRS}")
-		ENDIF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-	ENDIF (NOT INTERNAL_CREATE_DISTRIBUTABLE_MSVC_PROJECTFILES)
-ENDIF (INSTALL_LIBS)
diff --git a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/premake4.lua b/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/premake4.lua
deleted file mode 100644
index ec2f0a51ae..0000000000
--- a/thirdparty/bullet/src/Bullet3Serialize/Bullet2FileLoader/premake4.lua
+++ /dev/null
@@ -1,12 +0,0 @@
-	project "Bullet2FileLoader"
-		
-	kind "StaticLib"
-	
-	includedirs {
-		"../../../src"
-	}
-	 
-	files {
-		"**.cpp",
-		"**.h"
-	}
\ No newline at end of file
diff --git a/thirdparty/bullet/src/BulletCollision/CMakeLists.txt b/thirdparty/bullet/src/BulletCollision/CMakeLists.txt
deleted file mode 100644
index 85c5fc8b64..0000000000
--- a/thirdparty/bullet/src/BulletCollision/CMakeLists.txt
+++ /dev/null
@@ -1,292 +0,0 @@
-INCLUDE_DIRECTORIES( ${BULLET_PHYSICS_SOURCE_DIR}/src  )
-
-SET(BulletCollision_SRCS
-	BroadphaseCollision/btAxisSweep3.cpp
-	BroadphaseCollision/btBroadphaseProxy.cpp
-	BroadphaseCollision/btCollisionAlgorithm.cpp
-	BroadphaseCollision/btDbvt.cpp
-	BroadphaseCollision/btDbvtBroadphase.cpp
-	BroadphaseCollision/btDispatcher.cpp
-	BroadphaseCollision/btOverlappingPairCache.cpp
-	BroadphaseCollision/btQuantizedBvh.cpp
-	BroadphaseCollision/btSimpleBroadphase.cpp
-	CollisionDispatch/btActivatingCollisionAlgorithm.cpp
-	CollisionDispatch/btBoxBoxCollisionAlgorithm.cpp
-	CollisionDispatch/btBox2dBox2dCollisionAlgorithm.cpp
-	CollisionDispatch/btBoxBoxDetector.cpp
-	CollisionDispatch/btCollisionDispatcher.cpp
-	CollisionDispatch/btCollisionDispatcherMt.cpp
-	CollisionDispatch/btCollisionObject.cpp
-	CollisionDispatch/btCollisionWorld.cpp
-	CollisionDispatch/btCollisionWorldImporter.cpp
-	CollisionDispatch/btCompoundCollisionAlgorithm.cpp
-	CollisionDispatch/btCompoundCompoundCollisionAlgorithm.cpp
-	CollisionDispatch/btConvexConcaveCollisionAlgorithm.cpp
-	CollisionDispatch/btConvexConvexAlgorithm.cpp
-	CollisionDispatch/btConvexPlaneCollisionAlgorithm.cpp
-	CollisionDispatch/btConvex2dConvex2dAlgorithm.cpp
-	CollisionDispatch/btDefaultCollisionConfiguration.cpp
-	CollisionDispatch/btEmptyCollisionAlgorithm.cpp
-	CollisionDispatch/btGhostObject.cpp
-	CollisionDispatch/btHashedSimplePairCache.cpp
-	CollisionDispatch/btInternalEdgeUtility.cpp
-	CollisionDispatch/btInternalEdgeUtility.h
-	CollisionDispatch/btManifoldResult.cpp
-	CollisionDispatch/btSimulationIslandManager.cpp
-	CollisionDispatch/btSphereBoxCollisionAlgorithm.cpp
-	CollisionDispatch/btSphereSphereCollisionAlgorithm.cpp
-	CollisionDispatch/btSphereTriangleCollisionAlgorithm.cpp
-	CollisionDispatch/btUnionFind.cpp
-	CollisionDispatch/SphereTriangleDetector.cpp
-	CollisionShapes/btBoxShape.cpp
-	CollisionShapes/btBox2dShape.cpp
-	CollisionShapes/btBvhTriangleMeshShape.cpp
-	CollisionShapes/btCapsuleShape.cpp
-	CollisionShapes/btCollisionShape.cpp
-	CollisionShapes/btCompoundShape.cpp
-	CollisionShapes/btConcaveShape.cpp
-	CollisionShapes/btConeShape.cpp
-	CollisionShapes/btConvexHullShape.cpp
-	CollisionShapes/btConvexInternalShape.cpp
-	CollisionShapes/btConvexPointCloudShape.cpp
-	CollisionShapes/btConvexPolyhedron.cpp
-	CollisionShapes/btConvexShape.cpp
-	CollisionShapes/btConvex2dShape.cpp
-	CollisionShapes/btConvexTriangleMeshShape.cpp
-	CollisionShapes/btCylinderShape.cpp
-	CollisionShapes/btEmptyShape.cpp
-	CollisionShapes/btHeightfieldTerrainShape.cpp
-	CollisionShapes/btMinkowskiSumShape.cpp
-	CollisionShapes/btMultimaterialTriangleMeshShape.cpp
-	CollisionShapes/btMultiSphereShape.cpp
-	CollisionShapes/btOptimizedBvh.cpp
-	CollisionShapes/btPolyhedralConvexShape.cpp
-	CollisionShapes/btScaledBvhTriangleMeshShape.cpp
-	CollisionShapes/btShapeHull.cpp
-	CollisionShapes/btSphereShape.cpp
-	CollisionShapes/btStaticPlaneShape.cpp
-	CollisionShapes/btStridingMeshInterface.cpp
-	CollisionShapes/btTetrahedronShape.cpp
-	CollisionShapes/btTriangleBuffer.cpp
-	CollisionShapes/btTriangleCallback.cpp
-	CollisionShapes/btTriangleIndexVertexArray.cpp
-	CollisionShapes/btTriangleIndexVertexMaterialArray.cpp
-	CollisionShapes/btTriangleMesh.cpp
-	CollisionShapes/btTriangleMeshShape.cpp
-	CollisionShapes/btUniformScalingShape.cpp
-	Gimpact/btContactProcessing.cpp
-	Gimpact/btGenericPoolAllocator.cpp
-	Gimpact/btGImpactBvh.cpp
-	Gimpact/btGImpactCollisionAlgorithm.cpp
-	Gimpact/btGImpactQuantizedBvh.cpp
-	Gimpact/btGImpactShape.cpp
-	Gimpact/btTriangleShapeEx.cpp
-	Gimpact/gim_box_set.cpp
-	Gimpact/gim_contact.cpp
-	Gimpact/gim_memory.cpp
-	Gimpact/gim_tri_collision.cpp
-	NarrowPhaseCollision/btContinuousConvexCollision.cpp
-	NarrowPhaseCollision/btConvexCast.cpp
-	NarrowPhaseCollision/btGjkConvexCast.cpp
-	NarrowPhaseCollision/btGjkEpa2.cpp
-	NarrowPhaseCollision/btGjkEpaPenetrationDepthSolver.cpp
-	NarrowPhaseCollision/btGjkPairDetector.cpp
-	NarrowPhaseCollision/btMinkowskiPenetrationDepthSolver.cpp
-	NarrowPhaseCollision/btPersistentManifold.cpp
-	NarrowPhaseCollision/btRaycastCallback.cpp
-	NarrowPhaseCollision/btSubSimplexConvexCast.cpp
-	NarrowPhaseCollision/btVoronoiSimplexSolver.cpp
-	NarrowPhaseCollision/btPolyhedralContactClipping.cpp
-)
-
-SET(Root_HDRS
-	../btBulletCollisionCommon.h
-)
-SET(BroadphaseCollision_HDRS
-    BroadphaseCollision/btAxisSweep3Internal.h
-	BroadphaseCollision/btAxisSweep3.h
-	BroadphaseCollision/btBroadphaseInterface.h
-	BroadphaseCollision/btBroadphaseProxy.h
-	BroadphaseCollision/btCollisionAlgorithm.h
-	BroadphaseCollision/btDbvt.h
-	BroadphaseCollision/btDbvtBroadphase.h
-	BroadphaseCollision/btDispatcher.h
-	BroadphaseCollision/btOverlappingPairCache.h
-	BroadphaseCollision/btOverlappingPairCallback.h
-	BroadphaseCollision/btQuantizedBvh.h
-	BroadphaseCollision/btSimpleBroadphase.h
-)
-SET(CollisionDispatch_HDRS
-	CollisionDispatch/btActivatingCollisionAlgorithm.h
-	CollisionDispatch/btBoxBoxCollisionAlgorithm.h
-	CollisionDispatch/btBox2dBox2dCollisionAlgorithm.h
-	CollisionDispatch/btBoxBoxDetector.h
-	CollisionDispatch/btCollisionConfiguration.h
-	CollisionDispatch/btCollisionCreateFunc.h
-	CollisionDispatch/btCollisionDispatcher.h
-	CollisionDispatch/btCollisionDispatcherMt.h
-	CollisionDispatch/btCollisionObject.h
-	CollisionDispatch/btCollisionObjectWrapper.h
-	CollisionDispatch/btCollisionWorld.h
-	CollisionDispatch/btCollisionWorldImporter.h
-	CollisionDispatch/btCompoundCollisionAlgorithm.h
-	CollisionDispatch/btCompoundCompoundCollisionAlgorithm.h
-	CollisionDispatch/btConvexConcaveCollisionAlgorithm.h
-	CollisionDispatch/btConvexConvexAlgorithm.h
-	CollisionDispatch/btConvex2dConvex2dAlgorithm.h
-	CollisionDispatch/btConvexPlaneCollisionAlgorithm.h
-	CollisionDispatch/btDefaultCollisionConfiguration.h
-	CollisionDispatch/btEmptyCollisionAlgorithm.h
-	CollisionDispatch/btGhostObject.h
-	CollisionDispatch/btHashedSimplePairCache.h
-	CollisionDispatch/btManifoldResult.h
-	CollisionDispatch/btSimulationIslandManager.h
-	CollisionDispatch/btSphereBoxCollisionAlgorithm.h
-	CollisionDispatch/btSphereSphereCollisionAlgorithm.h
-	CollisionDispatch/btSphereTriangleCollisionAlgorithm.h
-	CollisionDispatch/btUnionFind.h
-	CollisionDispatch/SphereTriangleDetector.h
-)
-SET(CollisionShapes_HDRS
-	CollisionShapes/btBoxShape.h
-	CollisionShapes/btBox2dShape.h
-	CollisionShapes/btBvhTriangleMeshShape.h
-	CollisionShapes/btCapsuleShape.h
-	CollisionShapes/btCollisionMargin.h
-	CollisionShapes/btCollisionShape.h
-	CollisionShapes/btCompoundShape.h
-	CollisionShapes/btConcaveShape.h
-	CollisionShapes/btConeShape.h
-	CollisionShapes/btConvexHullShape.h
-	CollisionShapes/btConvexInternalShape.h
-	CollisionShapes/btConvexPointCloudShape.h
-	CollisionShapes/btConvexPolyhedron.h
-	CollisionShapes/btConvexShape.h
-	CollisionShapes/btConvex2dShape.h
-	CollisionShapes/btConvexTriangleMeshShape.h
-	CollisionShapes/btCylinderShape.h
-	CollisionShapes/btEmptyShape.h
-	CollisionShapes/btHeightfieldTerrainShape.h
-	CollisionShapes/btMaterial.h
-	CollisionShapes/btMinkowskiSumShape.h
-	CollisionShapes/btMultimaterialTriangleMeshShape.h
-	CollisionShapes/btMultiSphereShape.h
-	CollisionShapes/btOptimizedBvh.h
-	CollisionShapes/btPolyhedralConvexShape.h
-	CollisionShapes/btScaledBvhTriangleMeshShape.h
-	CollisionShapes/btShapeHull.h
-	CollisionShapes/btSphereShape.h
-	CollisionShapes/btStaticPlaneShape.h
-	CollisionShapes/btStridingMeshInterface.h
-	CollisionShapes/btTetrahedronShape.h
-	CollisionShapes/btTriangleBuffer.h
-	CollisionShapes/btTriangleCallback.h
-	CollisionShapes/btTriangleIndexVertexArray.h
-	CollisionShapes/btTriangleIndexVertexMaterialArray.h
-	CollisionShapes/btTriangleInfoMap.h
-	CollisionShapes/btTriangleMesh.h
-	CollisionShapes/btTriangleMeshShape.h
-	CollisionShapes/btTriangleShape.h
-	CollisionShapes/btUniformScalingShape.h
-)
-SET(Gimpact_HDRS
-	Gimpact/btBoxCollision.h
-	Gimpact/btClipPolygon.h
-	Gimpact/btContactProcessingStructs.h
-	Gimpact/btContactProcessing.h
-	Gimpact/btGenericPoolAllocator.h
-	Gimpact/btGeometryOperations.h
-	Gimpact/btGImpactBvhStructs.h
-	Gimpact/btGImpactBvh.h
-	Gimpact/btGImpactCollisionAlgorithm.h
-	Gimpact/btGImpactMassUtil.h
-	Gimpact/btGImpactQuantizedBvhStructs.h
-	Gimpact/btGImpactQuantizedBvh.h
-	Gimpact/btGImpactShape.h
-	Gimpact/btQuantization.h
-	Gimpact/btTriangleShapeEx.h
-	Gimpact/gim_array.h
-	Gimpact/gim_basic_geometry_operations.h
-	Gimpact/gim_bitset.h
-	Gimpact/gim_box_collision.h
-	Gimpact/gim_box_set.h
-	Gimpact/gim_clip_polygon.h
-	Gimpact/gim_contact.h
-	Gimpact/gim_geom_types.h
-	Gimpact/gim_geometry.h
-	Gimpact/gim_hash_table.h
-	Gimpact/gim_linear_math.h
-	Gimpact/gim_math.h
-	Gimpact/gim_memory.h
-	Gimpact/gim_radixsort.h
-	Gimpact/gim_tri_collision.h
-)
-SET(NarrowPhaseCollision_HDRS
-	NarrowPhaseCollision/btContinuousConvexCollision.h
-	NarrowPhaseCollision/btConvexCast.h
-	NarrowPhaseCollision/btConvexPenetrationDepthSolver.h
-	NarrowPhaseCollision/btDiscreteCollisionDetectorInterface.h
-	NarrowPhaseCollision/btGjkConvexCast.h
-	NarrowPhaseCollision/btGjkEpa2.h
-	NarrowPhaseCollision/btGjkEpaPenetrationDepthSolver.h
-	NarrowPhaseCollision/btGjkPairDetector.h
-	NarrowPhaseCollision/btManifoldPoint.h
-	NarrowPhaseCollision/btMinkowskiPenetrationDepthSolver.h
-	NarrowPhaseCollision/btPersistentManifold.h
-	NarrowPhaseCollision/btPointCollector.h
-	NarrowPhaseCollision/btRaycastCallback.h
-	NarrowPhaseCollision/btSimplexSolverInterface.h
-	NarrowPhaseCollision/btSubSimplexConvexCast.h
-	NarrowPhaseCollision/btVoronoiSimplexSolver.h
-	NarrowPhaseCollision/btPolyhedralContactClipping.h
-)
-
-SET(BulletCollision_HDRS
-	${Root_HDRS}
-	${BroadphaseCollision_HDRS}
-	${CollisionDispatch_HDRS}
-	${CollisionShapes_HDRS}
-	${Gimpact_HDRS}
-	${NarrowPhaseCollision_HDRS}
-)
-
-
-ADD_LIBRARY(BulletCollision ${BulletCollision_SRCS} ${BulletCollision_HDRS})
-SET_TARGET_PROPERTIES(BulletCollision PROPERTIES VERSION ${BULLET_VERSION})
-SET_TARGET_PROPERTIES(BulletCollision PROPERTIES SOVERSION ${BULLET_VERSION})
-IF (BUILD_SHARED_LIBS)
-  TARGET_LINK_LIBRARIES(BulletCollision LinearMath)
-ENDIF (BUILD_SHARED_LIBS)
-
-
-IF (INSTALL_LIBS)
-	IF (NOT INTERNAL_CREATE_DISTRIBUTABLE_MSVC_PROJECTFILES)
-		#INSTALL of other files requires CMake 2.6
-		IF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-			IF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-				INSTALL(TARGETS BulletCollision DESTINATION .)
-			ELSE (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-				INSTALL(TARGETS BulletCollision RUNTIME DESTINATION bin
-								LIBRARY DESTINATION lib${LIB_SUFFIX}
-								ARCHIVE DESTINATION lib${LIB_SUFFIX})
-				INSTALL(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
-DESTINATION ${INCLUDE_INSTALL_DIR} FILES_MATCHING PATTERN "*.h" PATTERN ".svn" EXCLUDE PATTERN "CMakeFiles" EXCLUDE)
-				INSTALL(FILES ../btBulletCollisionCommon.h
-DESTINATION ${INCLUDE_INSTALL_DIR}/BulletCollision)
-			ENDIF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-		ENDIF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-
-		IF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-			SET_TARGET_PROPERTIES(BulletCollision PROPERTIES FRAMEWORK true)
-
-			SET_TARGET_PROPERTIES(BulletCollision PROPERTIES PUBLIC_HEADER "${Root_HDRS}")
-			# Have to list out sub-directories manually:
-			SET_PROPERTY(SOURCE ${BroadphaseCollision_HDRS} PROPERTY MACOSX_PACKAGE_LOCATION Headers/BroadphaseCollision)
-			SET_PROPERTY(SOURCE ${CollisionDispatch_HDRS} PROPERTY MACOSX_PACKAGE_LOCATION Headers/CollisionDispatch)
-			SET_PROPERTY(SOURCE ${CollisionShapes_HDRS} PROPERTY MACOSX_PACKAGE_LOCATION Headers/CollisionShapes)
-			SET_PROPERTY(SOURCE ${Gimpact_HDRS} PROPERTY MACOSX_PACKAGE_LOCATION Headers/Gimpact)
-			SET_PROPERTY(SOURCE ${NarrowPhaseCollision_HDRS} PROPERTY MACOSX_PACKAGE_LOCATION Headers/NarrowPhaseCollision)
-
-		ENDIF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-	ENDIF (NOT INTERNAL_CREATE_DISTRIBUTABLE_MSVC_PROJECTFILES)
-ENDIF (INSTALL_LIBS)
diff --git a/thirdparty/bullet/src/BulletCollision/premake4.lua b/thirdparty/bullet/src/BulletCollision/premake4.lua
deleted file mode 100644
index 70019df8f6..0000000000
--- a/thirdparty/bullet/src/BulletCollision/premake4.lua
+++ /dev/null
@@ -1,20 +0,0 @@
-	project "BulletCollision"
-
-	kind "StaticLib"
-	includedirs {
-		"..",
-	}
-	files {
-		"*.cpp",
-		"*.h",
-		"BroadphaseCollision/*.cpp",
-		"BroadphaseCollision/*.h",
-		"CollisionDispatch/*.cpp",
-                "CollisionDispatch/*.h",
-		"CollisionShapes/*.cpp",
-		"CollisionShapes/*.h",
-		"Gimpact/*.cpp",
-		"Gimpact/*.h",
-		"NarrowPhaseCollision/*.cpp",
-		"NarrowPhaseCollision/*.h",
-	}
diff --git a/thirdparty/bullet/src/BulletDynamics/CMakeLists.txt b/thirdparty/bullet/src/BulletDynamics/CMakeLists.txt
deleted file mode 100644
index f8a6f34baf..0000000000
--- a/thirdparty/bullet/src/BulletDynamics/CMakeLists.txt
+++ /dev/null
@@ -1,170 +0,0 @@
-INCLUDE_DIRECTORIES( ${BULLET_PHYSICS_SOURCE_DIR}/src  )
-
-
-
-SET(BulletDynamics_SRCS
-	Character/btKinematicCharacterController.cpp
-	ConstraintSolver/btConeTwistConstraint.cpp
-	ConstraintSolver/btContactConstraint.cpp
-	ConstraintSolver/btFixedConstraint.cpp
-	ConstraintSolver/btGearConstraint.cpp
-	ConstraintSolver/btGeneric6DofConstraint.cpp
-	ConstraintSolver/btGeneric6DofSpringConstraint.cpp
-	ConstraintSolver/btGeneric6DofSpring2Constraint.cpp
-	ConstraintSolver/btHinge2Constraint.cpp
-	ConstraintSolver/btHingeConstraint.cpp
-	ConstraintSolver/btPoint2PointConstraint.cpp
-	ConstraintSolver/btSequentialImpulseConstraintSolver.cpp
-	ConstraintSolver/btNNCGConstraintSolver.cpp
-	ConstraintSolver/btSliderConstraint.cpp
-	ConstraintSolver/btSolve2LinearConstraint.cpp
-	ConstraintSolver/btTypedConstraint.cpp
-	ConstraintSolver/btUniversalConstraint.cpp
-	Dynamics/btDiscreteDynamicsWorld.cpp
-	Dynamics/btDiscreteDynamicsWorldMt.cpp
-	Dynamics/btSimulationIslandManagerMt.cpp
-	Dynamics/btRigidBody.cpp
-	Dynamics/btSimpleDynamicsWorld.cpp
-#	Dynamics/Bullet-C-API.cpp
-	Vehicle/btRaycastVehicle.cpp
-	Vehicle/btWheelInfo.cpp
-	Featherstone/btMultiBody.cpp
-	Featherstone/btMultiBodyConstraintSolver.cpp
-	Featherstone/btMultiBodyDynamicsWorld.cpp
-	Featherstone/btMultiBodyJointLimitConstraint.cpp
-	Featherstone/btMultiBodyConstraint.cpp
-	Featherstone/btMultiBodyPoint2Point.cpp
-	Featherstone/btMultiBodyFixedConstraint.cpp
-	Featherstone/btMultiBodySliderConstraint.cpp
-	Featherstone/btMultiBodyJointMotor.cpp
-	Featherstone/btMultiBodyGearConstraint.cpp
-	MLCPSolvers/btDantzigLCP.cpp
-	MLCPSolvers/btMLCPSolver.cpp
-	MLCPSolvers/btLemkeAlgorithm.cpp
-)
-
-SET(Root_HDRS
-	../btBulletDynamicsCommon.h
-	../btBulletCollisionCommon.h
-)
-SET(ConstraintSolver_HDRS
-	ConstraintSolver/btConeTwistConstraint.h
-	ConstraintSolver/btConstraintSolver.h
-	ConstraintSolver/btContactConstraint.h
-	ConstraintSolver/btContactSolverInfo.h
-	ConstraintSolver/btFixedConstraint.h
-	ConstraintSolver/btGearConstraint.h
-	ConstraintSolver/btGeneric6DofConstraint.h
-	ConstraintSolver/btGeneric6DofSpringConstraint.h
-	ConstraintSolver/btGeneric6DofSpring2Constraint.h
-	ConstraintSolver/btHinge2Constraint.h
-	ConstraintSolver/btHingeConstraint.h
-	ConstraintSolver/btJacobianEntry.h
-	ConstraintSolver/btPoint2PointConstraint.h
-	ConstraintSolver/btSequentialImpulseConstraintSolver.h
-	ConstraintSolver/btNNCGConstraintSolver.h
-	ConstraintSolver/btSliderConstraint.h
-	ConstraintSolver/btSolve2LinearConstraint.h
-	ConstraintSolver/btSolverBody.h
-	ConstraintSolver/btSolverConstraint.h
-	ConstraintSolver/btTypedConstraint.h
-	ConstraintSolver/btUniversalConstraint.h
-)
-SET(Dynamics_HDRS
-	Dynamics/btActionInterface.h
-	Dynamics/btDiscreteDynamicsWorld.h
-	Dynamics/btDiscreteDynamicsWorldMt.h
-	Dynamics/btSimulationIslandManagerMt.h
-	Dynamics/btDynamicsWorld.h
-	Dynamics/btSimpleDynamicsWorld.h
-	Dynamics/btRigidBody.h
-)
-SET(Vehicle_HDRS
-	Vehicle/btRaycastVehicle.h
-	Vehicle/btVehicleRaycaster.h
-	Vehicle/btWheelInfo.h
-)
-
-SET(Featherstone_HDRS
-	Featherstone/btMultiBody.h
-	Featherstone/btMultiBodyConstraintSolver.h
-	Featherstone/btMultiBodyDynamicsWorld.h
-	Featherstone/btMultiBodyLink.h
-	Featherstone/btMultiBodyLinkCollider.h
-	Featherstone/btMultiBodySolverConstraint.h
-	Featherstone/btMultiBodyConstraint.h
-	Featherstone/btMultiBodyJointLimitConstraint.h
-	Featherstone/btMultiBodyConstraint.h
-	Featherstone/btMultiBodyPoint2Point.h
-	Featherstone/btMultiBodyFixedConstraint.h
-	Featherstone/btMultiBodySliderConstraint.h
-	Featherstone/btMultiBodyJointMotor.h
-	Featherstone/btMultiBodyGearConstraint.h	
-)
-
-SET(MLCPSolvers_HDRS
-	MLCPSolvers/btDantzigLCP.h
-	MLCPSolvers/btDantzigSolver.h
-	MLCPSolvers/btMLCPSolver.h
-	MLCPSolvers/btMLCPSolverInterface.h
-	MLCPSolvers/btPATHSolver.h
-	MLCPSolvers/btSolveProjectedGaussSeidel.h
-	MLCPSolvers/btLemkeSolver.h
-	MLCPSolvers/btLemkeAlgorithm.h
-)
-
-SET(Character_HDRS
-	Character/btCharacterControllerInterface.h
-	Character/btKinematicCharacterController.h
-)
-
-
-
-SET(BulletDynamics_HDRS
-	${Root_HDRS}
-	${ConstraintSolver_HDRS}
-	${Dynamics_HDRS}
-	${Vehicle_HDRS}
-	${Character_HDRS}
-	${Featherstone_HDRS}
-	${MLCPSolvers_HDRS}
-)
-
-
-ADD_LIBRARY(BulletDynamics ${BulletDynamics_SRCS} ${BulletDynamics_HDRS})
-SET_TARGET_PROPERTIES(BulletDynamics PROPERTIES VERSION ${BULLET_VERSION})
-SET_TARGET_PROPERTIES(BulletDynamics PROPERTIES SOVERSION ${BULLET_VERSION})
-IF (BUILD_SHARED_LIBS)
-	TARGET_LINK_LIBRARIES(BulletDynamics BulletCollision LinearMath)
-ENDIF (BUILD_SHARED_LIBS)
-
-IF (INSTALL_LIBS)
-	IF (NOT INTERNAL_CREATE_DISTRIBUTABLE_MSVC_PROJECTFILES)
-		IF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-			IF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-				INSTALL(TARGETS BulletDynamics DESTINATION .)
-			ELSE (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-				INSTALL(TARGETS BulletDynamics RUNTIME DESTINATION bin
-								LIBRARY DESTINATION lib${LIB_SUFFIX}
-								ARCHIVE DESTINATION lib${LIB_SUFFIX})
-				INSTALL(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
-DESTINATION ${INCLUDE_INSTALL_DIR} FILES_MATCHING PATTERN "*.h"  PATTERN
-".svn" EXCLUDE PATTERN "CMakeFiles" EXCLUDE)
-				INSTALL(FILES ../btBulletDynamicsCommon.h
-DESTINATION ${INCLUDE_INSTALL_DIR}/BulletDynamics)
-			ENDIF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-		ENDIF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-
-		IF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-			SET_TARGET_PROPERTIES(BulletDynamics PROPERTIES FRAMEWORK true)
-			SET_TARGET_PROPERTIES(BulletDynamics PROPERTIES PUBLIC_HEADER "${Root_HDRS}")
-			# Have to list out sub-directories manually:
-			SET_PROPERTY(SOURCE ${ConstraintSolver_HDRS} PROPERTY MACOSX_PACKAGE_LOCATION Headers/ConstraintSolver)
-			SET_PROPERTY(SOURCE ${Dynamics_HDRS} PROPERTY MACOSX_PACKAGE_LOCATION Headers/Dynamics)
-			SET_PROPERTY(SOURCE ${Vehicle_HDRS} PROPERTY MACOSX_PACKAGE_LOCATION Headers/Vehicle)
-			SET_PROPERTY(SOURCE ${Character_HDRS} PROPERTY MACOSX_PACKAGE_LOCATION Headers/Character)
-			SET_PROPERTY(SOURCE ${Featherstone_HDRS} PROPERTY MACOSX_PACKAGE_LOCATION Headers/Featherstone)
-			SET_PROPERTY(SOURCE ${MLCPSolvers_HDRS} PROPERTY MACOSX_PACKAGE_LOCATION Headers/MLCPSolvers)
-		ENDIF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-	ENDIF (NOT INTERNAL_CREATE_DISTRIBUTABLE_MSVC_PROJECTFILES)
-ENDIF (INSTALL_LIBS)
diff --git a/thirdparty/bullet/src/BulletDynamics/premake4.lua b/thirdparty/bullet/src/BulletDynamics/premake4.lua
deleted file mode 100644
index 32414dce3e..0000000000
--- a/thirdparty/bullet/src/BulletDynamics/premake4.lua
+++ /dev/null
@@ -1,21 +0,0 @@
-	project "BulletDynamics"
-	kind "StaticLib"
-	includedirs {
-		"..",
-	}
-	files {
-		"Dynamics/*.cpp",
-                "Dynamics/*.h",
-                "ConstraintSolver/*.cpp",
-                "ConstraintSolver/*.h",
-                "Featherstone/*.cpp",
-                "Featherstone/*.h",
-                "MLCPSolvers/*.cpp",
-                "MLCPSolvers/*.h",
-                "Vehicle/*.cpp",
-                "Vehicle/*.h",
-                "Character/*.cpp",
-                "Character/*.h"
-
-	}
-
diff --git a/thirdparty/bullet/src/BulletInverseDynamics/CMakeLists.txt b/thirdparty/bullet/src/BulletInverseDynamics/CMakeLists.txt
deleted file mode 100644
index 3331c27eac..0000000000
--- a/thirdparty/bullet/src/BulletInverseDynamics/CMakeLists.txt
+++ /dev/null
@@ -1,66 +0,0 @@
-INCLUDE_DIRECTORIES( ${BULLET_PHYSICS_SOURCE_DIR}/src  )
-
-SET(BulletInverseDynamics_SRCS
-	IDMath.cpp
-	MultiBodyTree.cpp
-	details/MultiBodyTreeInitCache.cpp
-	details/MultiBodyTreeImpl.cpp
-)
-
-SET(BulletInverseDynamicsRoot_HDRS
-	IDConfig.hpp
-	IDConfigEigen.hpp
-	IDMath.hpp
-	IDConfigBuiltin.hpp
-	IDErrorMessages.hpp
-	MultiBodyTree.hpp
-)
-SET(BulletInverseDynamicsDetails_HDRS
-	details/IDEigenInterface.hpp
-	details/IDMatVec.hpp
-	details/IDLinearMathInterface.hpp
-	details/MultiBodyTreeImpl.hpp
-	details/MultiBodyTreeInitCache.hpp
-)
-
-SET(BulletInverseDynamics_HDRS
-	${BulletInverseDynamicsRoot_HDRS}
-	${BulletInverseDynamicsDetails_HDRS}
-)
-
-
-ADD_LIBRARY(BulletInverseDynamics ${BulletInverseDynamics_SRCS} ${BulletInverseDynamics_HDRS})
-SET_TARGET_PROPERTIES(BulletInverseDynamics PROPERTIES VERSION ${BULLET_VERSION})
-SET_TARGET_PROPERTIES(BulletInverseDynamics PROPERTIES SOVERSION ${BULLET_VERSION})
-IF (BUILD_SHARED_LIBS)
-  TARGET_LINK_LIBRARIES(BulletInverseDynamics Bullet3Common LinearMath)
-ENDIF (BUILD_SHARED_LIBS)
-
-
-IF (INSTALL_LIBS)
-	IF (NOT INTERNAL_CREATE_DISTRIBUTABLE_MSVC_PROJECTFILES)
-		#INSTALL of other files requires CMake 2.6
-		IF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-			IF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-				INSTALL(TARGETS BulletInverseDynamics DESTINATION .)
-			ELSE (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-				INSTALL(TARGETS BulletInverseDynamics RUNTIME DESTINATION bin
-								LIBRARY DESTINATION lib${LIB_SUFFIX}
-								ARCHIVE DESTINATION lib${LIB_SUFFIX})
-				INSTALL(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
-DESTINATION ${INCLUDE_INSTALL_DIR} FILES_MATCHING PATTERN "*.h" PATTERN ".svn" EXCLUDE PATTERN "CMakeFiles" EXCLUDE)
-				INSTALL(FILES ../btBulletCollisionCommon.h
-DESTINATION ${INCLUDE_INSTALL_DIR}/BulletInverseDynamics)
-			ENDIF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-		ENDIF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-
-		IF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-			SET_TARGET_PROPERTIES(BulletInverseDynamics PROPERTIES FRAMEWORK true)
-
-			SET_TARGET_PROPERTIES(BulletInverseDynamics PROPERTIES PUBLIC_HEADER "${BulletInverseDynamicsRoot_HDRS}")
-			# Have to list out sub-directories manually:
-			SET_PROPERTY(SOURCE ${BulletInverseDynamicsDetails_HDRS} PROPERTY MACOSX_PACKAGE_LOCATION Headers/details)
-
-		ENDIF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-	ENDIF (NOT INTERNAL_CREATE_DISTRIBUTABLE_MSVC_PROJECTFILES)
-ENDIF (INSTALL_LIBS)
diff --git a/thirdparty/bullet/src/BulletInverseDynamics/premake4.lua b/thirdparty/bullet/src/BulletInverseDynamics/premake4.lua
deleted file mode 100644
index 774e037b3f..0000000000
--- a/thirdparty/bullet/src/BulletInverseDynamics/premake4.lua
+++ /dev/null
@@ -1,12 +0,0 @@
-	project "BulletInverseDynamics"
-
-	kind "StaticLib"
-	includedirs {
-		"..",
-	}
-	files {
-		"IDMath.cpp",
-		"MultiBodyTree.cpp",
-		"details/MultiBodyTreeInitCache.cpp",
-		"details/MultiBodyTreeImpl.cpp",
-	}
diff --git a/thirdparty/bullet/src/BulletSoftBody/CMakeLists.txt b/thirdparty/bullet/src/BulletSoftBody/CMakeLists.txt
deleted file mode 100644
index d43df1c67b..0000000000
--- a/thirdparty/bullet/src/BulletSoftBody/CMakeLists.txt
+++ /dev/null
@@ -1,69 +0,0 @@
-
-INCLUDE_DIRECTORIES(
-${BULLET_PHYSICS_SOURCE_DIR}/src
-
-)
-
-#SUBDIRS( Solvers )
-
-SET(BulletSoftBody_SRCS
-	btSoftBody.cpp
-	btSoftBodyConcaveCollisionAlgorithm.cpp
-	btSoftBodyHelpers.cpp
-	btSoftBodyRigidBodyCollisionConfiguration.cpp
-	btSoftRigidCollisionAlgorithm.cpp
-	btSoftRigidDynamicsWorld.cpp
-	btSoftMultiBodyDynamicsWorld.cpp
-	btSoftSoftCollisionAlgorithm.cpp
-	btDefaultSoftBodySolver.cpp
-
-)
-
-SET(BulletSoftBody_HDRS
-	btSoftBody.h
-	btSoftBodyData.h
-	btSoftBodyConcaveCollisionAlgorithm.h
-	btSoftBodyHelpers.h
-	btSoftBodyRigidBodyCollisionConfiguration.h
-	btSoftRigidCollisionAlgorithm.h
-	btSoftRigidDynamicsWorld.h
-	btSoftMultiBodyDynamicsWorld.h
-	btSoftSoftCollisionAlgorithm.h
-	btSparseSDF.h
-
-	btSoftBodySolvers.h
-	btDefaultSoftBodySolver.h
-
-	btSoftBodySolverVertexBuffer.h
-)
-
-
-
-ADD_LIBRARY(BulletSoftBody  ${BulletSoftBody_SRCS} ${BulletSoftBody_HDRS})
-SET_TARGET_PROPERTIES(BulletSoftBody PROPERTIES VERSION ${BULLET_VERSION})
-SET_TARGET_PROPERTIES(BulletSoftBody PROPERTIES SOVERSION ${BULLET_VERSION})
-IF (BUILD_SHARED_LIBS)
-	TARGET_LINK_LIBRARIES(BulletSoftBody BulletDynamics)
-ENDIF (BUILD_SHARED_LIBS)
-
-IF (INSTALL_LIBS)
-	IF (NOT INTERNAL_CREATE_DISTRIBUTABLE_MSVC_PROJECTFILES)
-		IF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-			IF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-				INSTALL(TARGETS BulletSoftBody DESTINATION .)
-			ELSE (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-			INSTALL(TARGETS BulletSoftBody RUNTIME DESTINATION bin
-							LIBRARY DESTINATION lib${LIB_SUFFIX}
-							ARCHIVE DESTINATION lib${LIB_SUFFIX})
-				INSTALL(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
-DESTINATION ${INCLUDE_INSTALL_DIR} FILES_MATCHING PATTERN "*.h"  PATTERN
-".svn" EXCLUDE PATTERN "CMakeFiles" EXCLUDE)
-			ENDIF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-		ENDIF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-
-		IF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-			SET_TARGET_PROPERTIES(BulletSoftBody PROPERTIES FRAMEWORK true)
-			SET_TARGET_PROPERTIES(BulletSoftBody PROPERTIES PUBLIC_HEADER "${BulletSoftBody_HDRS}")
-		ENDIF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-	ENDIF (NOT INTERNAL_CREATE_DISTRIBUTABLE_MSVC_PROJECTFILES)
-ENDIF (INSTALL_LIBS)
diff --git a/thirdparty/bullet/src/BulletSoftBody/premake4.lua b/thirdparty/bullet/src/BulletSoftBody/premake4.lua
deleted file mode 100644
index ce384de2c8..0000000000
--- a/thirdparty/bullet/src/BulletSoftBody/premake4.lua
+++ /dev/null
@@ -1,11 +0,0 @@
-	project "BulletSoftBody"
-		
-	kind "StaticLib"
-	
-	includedirs {
-		"..",
-	}
-	files {
-		"**.cpp",
-		"**.h"
-	}
\ No newline at end of file
diff --git a/thirdparty/bullet/src/CMakeLists.txt b/thirdparty/bullet/src/CMakeLists.txt
deleted file mode 100644
index c30125c539..0000000000
--- a/thirdparty/bullet/src/CMakeLists.txt
+++ /dev/null
@@ -1,19 +0,0 @@
-
-IF(BUILD_BULLET3)
-	SUBDIRS(  Bullet3OpenCL Bullet3Serialize/Bullet2FileLoader Bullet3Dynamics Bullet3Collision Bullet3Geometry )
-ENDIF(BUILD_BULLET3)
-
-
-SUBDIRS(   BulletInverseDynamics BulletSoftBody BulletCollision BulletDynamics LinearMath Bullet3Common)
-
-
-IF(INSTALL_LIBS)
-	#INSTALL of other files requires CMake 2.6
-	IF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-		IF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-			# Don't actually need to install any common files, the frameworks include everything
-		ELSE (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-			INSTALL(FILES btBulletCollisionCommon.h btBulletDynamicsCommon.h  DESTINATION ${INCLUDE_INSTALL_DIR})
-		ENDIF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-	ENDIF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-ENDIF(INSTALL_LIBS)
diff --git a/thirdparty/bullet/src/LinearMath/CMakeLists.txt b/thirdparty/bullet/src/LinearMath/CMakeLists.txt
deleted file mode 100644
index ede21d9a70..0000000000
--- a/thirdparty/bullet/src/LinearMath/CMakeLists.txt
+++ /dev/null
@@ -1,75 +0,0 @@
-
-INCLUDE_DIRECTORIES(
-	${BULLET_PHYSICS_SOURCE_DIR}/src
-)
-
-SET(LinearMath_SRCS
-	btAlignedAllocator.cpp
-	btConvexHull.cpp
-	btConvexHullComputer.cpp
-	btGeometryUtil.cpp
-	btPolarDecomposition.cpp
-	btQuickprof.cpp
-	btSerializer.cpp
-	btSerializer64.cpp
-	btThreads.cpp
-	btVector3.cpp
-)
-
-SET(LinearMath_HDRS
-	btAabbUtil2.h
-	btAlignedAllocator.h
-	btAlignedObjectArray.h
-	btConvexHull.h
-	btConvexHullComputer.h
-	btDefaultMotionState.h
-	btGeometryUtil.h
-	btGrahamScan2dConvexHull.h
-	btHashMap.h
-	btIDebugDraw.h
-	btList.h
-	btMatrix3x3.h
-	btMinMax.h
-	btMotionState.h
-	btPolarDecomposition.h
-	btPoolAllocator.h
-	btQuadWord.h
-	btQuaternion.h
-	btQuickprof.h
-	btRandom.h
-	btScalar.h
-	btSerializer.h
-	btStackAlloc.h
-	btThreads.h
-	btTransform.h
-	btTransformUtil.h
-	btVector3.h
-)
-
-ADD_LIBRARY(LinearMath ${LinearMath_SRCS} ${LinearMath_HDRS})
-SET_TARGET_PROPERTIES(LinearMath PROPERTIES VERSION ${BULLET_VERSION})
-SET_TARGET_PROPERTIES(LinearMath PROPERTIES SOVERSION ${BULLET_VERSION})
-
-IF (INSTALL_LIBS)
-	IF (NOT INTERNAL_CREATE_DISTRIBUTABLE_MSVC_PROJECTFILES)
-		#FILES_MATCHING requires CMake 2.6
-		IF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-			IF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-				INSTALL(TARGETS LinearMath DESTINATION .)
-			ELSE (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-				INSTALL(TARGETS LinearMath
-					RUNTIME DESTINATION bin
-					LIBRARY DESTINATION lib${LIB_SUFFIX}
-					ARCHIVE DESTINATION lib${LIB_SUFFIX})
-				INSTALL(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
-DESTINATION ${INCLUDE_INSTALL_DIR} FILES_MATCHING PATTERN "*.h"  PATTERN
-".svn" EXCLUDE PATTERN "CMakeFiles" EXCLUDE)
-			ENDIF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-		ENDIF (${CMAKE_MAJOR_VERSION}.${CMAKE_MINOR_VERSION} GREATER 2.5)
-
-		IF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-			SET_TARGET_PROPERTIES(LinearMath PROPERTIES FRAMEWORK true)
-			SET_TARGET_PROPERTIES(LinearMath PROPERTIES PUBLIC_HEADER "${LinearMath_HDRS}")
-		ENDIF (APPLE AND BUILD_SHARED_LIBS AND FRAMEWORK)
-	ENDIF (NOT INTERNAL_CREATE_DISTRIBUTABLE_MSVC_PROJECTFILES)
-ENDIF (INSTALL_LIBS)
diff --git a/thirdparty/bullet/src/LinearMath/premake4.lua b/thirdparty/bullet/src/LinearMath/premake4.lua
deleted file mode 100644
index 524e2c3161..0000000000
--- a/thirdparty/bullet/src/LinearMath/premake4.lua
+++ /dev/null
@@ -1,10 +0,0 @@
-	project "LinearMath"
-
-	kind "StaticLib"
-	includedirs {
-		"..",
-	}
-	files {
-		"*.cpp",
-		"*.h"
-	}
diff --git a/thirdparty/bullet/version.txt b/thirdparty/bullet/version.txt
deleted file mode 100644
index 9a3b592267..0000000000
--- a/thirdparty/bullet/version.txt
+++ /dev/null
@@ -1 +0,0 @@
-GitHub Master d05ad4b (23 / October / 2017) [Bullet ~2.87]
\ No newline at end of file
diff --git a/thirdparty/libogg/bitwise.c b/thirdparty/libogg/bitwise.c
index 145901d185..fa2b572029 100644
--- a/thirdparty/libogg/bitwise.c
+++ b/thirdparty/libogg/bitwise.c
@@ -11,7 +11,7 @@
  ********************************************************************
 
   function: packing variable sized words into an octet stream
-  last mod: $Id: bitwise.c 19149 2014-05-27 16:26:23Z giles $
+  last mod: $Id$
 
  ********************************************************************/
 
diff --git a/thirdparty/libogg/framing.c b/thirdparty/libogg/framing.c
index 3a2f0a6058..79fc715c8c 100644
--- a/thirdparty/libogg/framing.c
+++ b/thirdparty/libogg/framing.c
@@ -12,7 +12,7 @@
 
  function: code raw packets into framed OggSquish stream and
            decode Ogg streams back into raw packets
- last mod: $Id: framing.c 18758 2013-01-08 16:29:56Z tterribe $
+ last mod: $Id$
 
  note: The CRC code is directly derived from public domain code by
  Ross Williams (ross@guest.adelaide.edu.au).  See docs/framing.html
@@ -875,6 +875,7 @@ int ogg_stream_pagein(ogg_stream_state *os, ogg_page *og){
      some segments */
   if(continued){
     if(os->lacing_fill<1 ||
+       (os->lacing_vals[os->lacing_fill-1]&0xff)<255 ||
        os->lacing_vals[os->lacing_fill-1]==0x400){
       bos=0;
       for(;segptr<segments;segptr++){
@@ -1492,6 +1493,34 @@ const int head3_7[] = {0x4f,0x67,0x67,0x53,0,0x05,
                        1,
                        0};
 
+int compare_packet(const ogg_packet *op1, const ogg_packet *op2){
+  if(op1->packet!=op2->packet){
+    fprintf(stderr,"op1->packet != op2->packet\n");
+    return(1);
+  }
+  if(op1->bytes!=op2->bytes){
+    fprintf(stderr,"op1->bytes != op2->bytes\n");
+    return(1);
+  }
+  if(op1->b_o_s!=op2->b_o_s){
+    fprintf(stderr,"op1->b_o_s != op2->b_o_s\n");
+    return(1);
+  }
+  if(op1->e_o_s!=op2->e_o_s){
+    fprintf(stderr,"op1->e_o_s != op2->e_o_s\n");
+    return(1);
+  }
+  if(op1->granulepos!=op2->granulepos){
+    fprintf(stderr,"op1->granulepos != op2->granulepos\n");
+    return(1);
+  }
+  if(op1->packetno!=op2->packetno){
+    fprintf(stderr,"op1->packetno != op2->packetno\n");
+    return(1);
+  }
+  return(0);
+}
+
 void test_pack(const int *pl, const int **headers, int byteskip,
                int pageskip, int packetskip){
   unsigned char *data=_ogg_malloc(1024*1024); /* for scripted test cases only */
@@ -1600,7 +1629,7 @@ void test_pack(const int *pl, const int **headers, int byteskip,
               ogg_stream_packetout(&os_de,&op_de); /* just catching them all */
 
               /* verify peek and out match */
-              if(memcmp(&op_de,&op_de2,sizeof(op_de))){
+              if(compare_packet(&op_de,&op_de2)){
                 fprintf(stderr,"packetout != packetpeek! pos=%ld\n",
                         depacket);
                 exit(1);
diff --git a/thirdparty/libogg/ogg/ogg.h b/thirdparty/libogg/ogg/ogg.h
index cea4ebed75..7609fc24d6 100644
--- a/thirdparty/libogg/ogg/ogg.h
+++ b/thirdparty/libogg/ogg/ogg.h
@@ -11,7 +11,7 @@
  ********************************************************************
 
  function: toplevel libogg include
- last mod: $Id: ogg.h 18044 2011-08-01 17:55:20Z gmaxwell $
+ last mod: $Id$
 
  ********************************************************************/
 #ifndef _OGG_H
diff --git a/thirdparty/libogg/ogg/os_types.h b/thirdparty/libogg/ogg/os_types.h
index 8bf82107e5..b8f56308b5 100644
--- a/thirdparty/libogg/ogg/os_types.h
+++ b/thirdparty/libogg/ogg/os_types.h
@@ -11,7 +11,7 @@
  ********************************************************************
 
  function: #ifdef jail to whip a few platforms into the UNIX ideal.
- last mod: $Id: os_types.h 19098 2014-02-26 19:06:45Z giles $
+ last mod: $Id$
 
  ********************************************************************/
 #ifndef _OS_TYPES_H
@@ -49,23 +49,24 @@
      typedef short ogg_int16_t;
      typedef unsigned short ogg_uint16_t;
 #  else
-     /* MSVC/Borland */
-     typedef __int64 ogg_int64_t;
-     typedef __int32 ogg_int32_t;
-     typedef unsigned __int32 ogg_uint32_t;
-     typedef __int16 ogg_int16_t;
-     typedef unsigned __int16 ogg_uint16_t;
+#    if defined(_MSC_VER) && (_MSC_VER >= 1800) /* MSVC 2013 and newer */
+#      include <stdint.h>
+       typedef int16_t ogg_int16_t;
+       typedef uint16_t ogg_uint16_t;
+       typedef int32_t ogg_int32_t;
+       typedef uint32_t ogg_uint32_t;
+       typedef int64_t ogg_int64_t;
+       typedef uint64_t ogg_uint64_t;
+#    else
+       /* MSVC/Borland */
+       typedef __int64 ogg_int64_t;
+       typedef __int32 ogg_int32_t;
+       typedef unsigned __int32 ogg_uint32_t;
+       typedef __int16 ogg_int16_t;
+       typedef unsigned __int16 ogg_uint16_t;
+#    endif
 #  endif
 
-#elif defined(__MACOS__)
-
-#  include <sys/types.h>
-   typedef SInt16 ogg_int16_t;
-   typedef UInt16 ogg_uint16_t;
-   typedef SInt32 ogg_int32_t;
-   typedef UInt32 ogg_uint32_t;
-   typedef SInt64 ogg_int64_t;
-
 #elif (defined(__APPLE__) && defined(__MACH__)) /* MacOS X Framework build */
 
 #  include <inttypes.h>
diff --git a/thirdparty/libvpx/vpx_config.h b/thirdparty/libvpx/vpx_config.h
index 9ed45d4006..fb9e13c4ad 100644
--- a/thirdparty/libvpx/vpx_config.h
+++ b/thirdparty/libvpx/vpx_config.h
@@ -42,13 +42,20 @@
 	#define HAVE_SSE2 1
 	#define HAVE_SSSE3 1
 	#define HAVE_AVX2 1
-#elif defined(__arm__) || defined(__TARGET_ARCH_ARM) || defined(_M_ARM) || defined(__aarch64__)
+#elif defined(__arm__) || defined(__TARGET_ARCH_ARM) || defined(_M_ARM)
 	#define ARCH_X86 0
 	#define ARCH_X86_64 0
 
 	#define ARCH_ARM 1
 	#define HAVE_NEON 1
 	#define HAVE_NEON_ASM 1
+#elif defined(__aarch64__)
+	#define ARCH_X86 0
+	#define ARCH_X86_64 0
+
+	#define ARCH_ARM 1
+	#define HAVE_NEON 0
+	#define HAVE_NEON_ASM 0
 #else
 	#define ARCH_X86 0
 	#define ARCH_X86_64 0
diff --git a/thirdparty/lws/LICENSE.txt b/thirdparty/lws/LICENSE.txt
new file mode 100644
index 0000000000..34a42d5687
--- /dev/null
+++ b/thirdparty/lws/LICENSE.txt
@@ -0,0 +1,555 @@
+Libwebsockets and included programs are provided under the terms of the GNU
+Library General Public License (LGPL) 2.1, with the following exceptions:
+
+1) Any reference, whether in these modifications or in the GNU
+Library General Public License 2.1, to this License, these terms, the
+GNU Lesser Public License,  GNU Library General Public License, LGPL, or
+any similar reference shall refer to the GNU Library General Public
+License 2.1 as modified by these paragraphs 1) through 4).
+
+2) Static linking of programs with the libwebsockets library does not
+constitute a derivative work and does not require the author to provide 
+source code for the program, use the shared libwebsockets libraries, or
+link their program against a user-supplied version of libwebsockets.
+
+If you link the program to a modified version of libwebsockets, then the
+changes to libwebsockets must be provided under the terms of the LGPL in
+sections 1, 2, and 4.
+
+3) You do not have to provide a copy of the libwebsockets license with
+programs that are linked to the libwebsockets library, nor do you have to
+identify the libwebsockets license in your program or documentation as
+required by section 6 of the LGPL.
+
+However, programs must still identify their use of libwebsockets. The
+following example statement can be included in user documentation to
+satisfy this requirement:
+
+"[program] is based in part on the work of the libwebsockets  project
+(https://libwebsockets.org)"
+
+4) Some sources included have their own, more liberal licenses, or options
+to get original sources with the liberal terms.
+
+Original liberal license retained
+
+  - lib/sha-1.c         - 3-clause BSD license retained, link to original
+  - win32port/zlib      - ZLIB license (see zlib.h)
+
+Relicensed to libwebsocket license
+
+  - lib/base64-decode.c - relicensed to LGPL2.1+SLE, link to original
+  - lib/daemonize.c     - relicensed from Public Domain to LGPL2.1+SLE,
+                          link to original Public Domain version
+
+Public Domain (CC-zero) to simplify reuse
+
+  - test-server/*.c
+  - test-server/*.h
+  - lwsws/*
+
+------ end of exceptions
+ 
+                  GNU LESSER GENERAL PUBLIC LICENSE
+                       Version 2.1, February 1999
+
+ Copyright (C) 1991, 1999 Free Software Foundation, Inc.
+ 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+[This is the first released version of the Lesser GPL.  It also counts
+ as the successor of the GNU Library Public License, version 2, hence
+ the version number 2.1.]
+
+                            Preamble
+
+  The licenses for most software are designed to take away your
+freedom to share and change it.  By contrast, the GNU General Public
+Licenses are intended to guarantee your freedom to share and change
+free software--to make sure the software is free for all its users.
+
+  This license, the Lesser General Public License, applies to some
+specially designated software packages--typically libraries--of the
+Free Software Foundation and other authors who decide to use it.  You
+can use it too, but we suggest you first think carefully about whether
+this license or the ordinary General Public License is the better
+strategy to use in any particular case, based on the explanations below.
+
+  When we speak of free software, we are referring to freedom of use,
+not price.  Our General Public Licenses are designed to make sure that
+you have the freedom to distribute copies of free software (and charge
+for this service if you wish); that you receive source code or can get
+it if you want it; that you can change the software and use pieces of
+it in new free programs; and that you are informed that you can do
+these things.
+
+  To protect your rights, we need to make restrictions that forbid
+distributors to deny you these rights or to ask you to surrender these
+rights.  These restrictions translate to certain responsibilities for
+you if you distribute copies of the library or if you modify it.
+
+  For example, if you distribute copies of the library, whether gratis
+or for a fee, you must give the recipients all the rights that we gave
+you.  You must make sure that they, too, receive or can get the source
+code.  If you link other code with the library, you must provide
+complete object files to the recipients, so that they can relink them
+with the library after making changes to the library and recompiling
+it.  And you must show them these terms so they know their rights.
+
+  We protect your rights with a two-step method: (1) we copyright the
+library, and (2) we offer you this license, which gives you legal
+permission to copy, distribute and/or modify the library.
+
+  To protect each distributor, we want to make it very clear that
+there is no warranty for the free library.  Also, if the library is
+modified by someone else and passed on, the recipients should know
+that what they have is not the original version, so that the original
+author's reputation will not be affected by problems that might be
+introduced by others.
+
+  Finally, software patents pose a constant threat to the existence of
+any free program.  We wish to make sure that a company cannot
+effectively restrict the users of a free program by obtaining a
+restrictive license from a patent holder.  Therefore, we insist that
+any patent license obtained for a version of the library must be
+consistent with the full freedom of use specified in this license.
+
+  Most GNU software, including some libraries, is covered by the
+ordinary GNU General Public License.  This license, the GNU Lesser
+General Public License, applies to certain designated libraries, and
+is quite different from the ordinary General Public License.  We use
+this license for certain libraries in order to permit linking those
+libraries into non-free programs.
+
+  When a program is linked with a library, whether statically or using
+a shared library, the combination of the two is legally speaking a
+combined work, a derivative of the original library.  The ordinary
+General Public License therefore permits such linking only if the
+entire combination fits its criteria of freedom.  The Lesser General
+Public License permits more lax criteria for linking other code with
+the library.
+
+  We call this license the "Lesser" General Public License because it
+does Less to protect the user's freedom than the ordinary General
+Public License.  It also provides other free software developers Less
+of an advantage over competing non-free programs.  These disadvantages
+are the reason we use the ordinary General Public License for many
+libraries.  However, the Lesser license provides advantages in certain
+special circumstances.
+
+  For example, on rare occasions, there may be a special need to
+encourage the widest possible use of a certain library, so that it becomes
+a de-facto standard.  To achieve this, non-free programs must be
+allowed to use the library.  A more frequent case is that a free
+library does the same job as widely used non-free libraries.  In this
+case, there is little to gain by limiting the free library to free
+software only, so we use the Lesser General Public License.
+
+  In other cases, permission to use a particular library in non-free
+programs enables a greater number of people to use a large body of
+free software.  For example, permission to use the GNU C Library in
+non-free programs enables many more people to use the whole GNU
+operating system, as well as its variant, the GNU/Linux operating
+system.
+
+  Although the Lesser General Public License is Less protective of the
+users' freedom, it does ensure that the user of a program that is
+linked with the Library has the freedom and the wherewithal to run
+that program using a modified version of the Library.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.  Pay close attention to the difference between a
+"work based on the library" and a "work that uses the library".  The
+former contains code derived from the library, whereas the latter must
+be combined with the library in order to run.
+
+                  GNU LESSER GENERAL PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+  0. This License Agreement applies to any software library or other
+program which contains a notice placed by the copyright holder or
+other authorized party saying it may be distributed under the terms of
+this Lesser General Public License (also called "this License").
+Each licensee is addressed as "you".
+
+  A "library" means a collection of software functions and/or data
+prepared so as to be conveniently linked with application programs
+(which use some of those functions and data) to form executables.
+
+  The "Library", below, refers to any such software library or work
+which has been distributed under these terms.  A "work based on the
+Library" means either the Library or any derivative work under
+copyright law: that is to say, a work containing the Library or a
+portion of it, either verbatim or with modifications and/or translated
+straightforwardly into another language.  (Hereinafter, translation is
+included without limitation in the term "modification".)
+
+  "Source code" for a work means the preferred form of the work for
+making modifications to it.  For a library, complete source code means
+all the source code for all modules it contains, plus any associated
+interface definition files, plus the scripts used to control compilation
+and installation of the library.
+
+  Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope.  The act of
+running a program using the Library is not restricted, and output from
+such a program is covered only if its contents constitute a work based
+on the Library (independent of the use of the Library in a tool for
+writing it).  Whether that is true depends on what the Library does
+and what the program that uses the Library does.
+
+  1. You may copy and distribute verbatim copies of the Library's
+complete source code as you receive it, in any medium, provided that
+you conspicuously and appropriately publish on each copy an
+appropriate copyright notice and disclaimer of warranty; keep intact
+all the notices that refer to this License and to the absence of any
+warranty; and distribute a copy of this License along with the
+Library.
+
+  You may charge a fee for the physical act of transferring a copy,
+and you may at your option offer warranty protection in exchange for a
+fee.
+
+  2. You may modify your copy or copies of the Library or any portion
+of it, thus forming a work based on the Library, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+    a) The modified work must itself be a software library.
+
+    b) You must cause the files modified to carry prominent notices
+    stating that you changed the files and the date of any change.
+
+    c) You must cause the whole of the work to be licensed at no
+    charge to all third parties under the terms of this License.
+
+    d) If a facility in the modified Library refers to a function or a
+    table of data to be supplied by an application program that uses
+    the facility, other than as an argument passed when the facility
+    is invoked, then you must make a good faith effort to ensure that,
+    in the event an application does not supply such function or
+    table, the facility still operates, and performs whatever part of
+    its purpose remains meaningful.
+
+    (For example, a function in a library to compute square roots has
+    a purpose that is entirely well-defined independent of the
+    application.  Therefore, Subsection 2d requires that any
+    application-supplied function or table used by this function must
+    be optional: if the application does not supply it, the square
+    root function must still compute square roots.)
+
+These requirements apply to the modified work as a whole.  If
+identifiable sections of that work are not derived from the Library,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works.  But when you
+distribute the same sections as part of a whole which is a work based
+on the Library, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote
+it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Library.
+
+In addition, mere aggregation of another work not based on the Library
+with the Library (or with a work based on the Library) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+  3. You may opt to apply the terms of the ordinary GNU General Public
+License instead of this License to a given copy of the Library.  To do
+this, you must alter all the notices that refer to this License, so
+that they refer to the ordinary GNU General Public License, version 2,
+instead of to this License.  (If a newer version than version 2 of the
+ordinary GNU General Public License has appeared, then you can specify
+that version instead if you wish.)  Do not make any other change in
+these notices.
+
+  Once this change is made in a given copy, it is irreversible for
+that copy, so the ordinary GNU General Public License applies to all
+subsequent copies and derivative works made from that copy.
+
+  This option is useful when you wish to copy part of the code of
+the Library into a program that is not a library.
+
+  4. You may copy and distribute the Library (or a portion or
+derivative of it, under Section 2) in object code or executable form
+under the terms of Sections 1 and 2 above provided that you accompany
+it with the complete corresponding machine-readable source code, which
+must be distributed under the terms of Sections 1 and 2 above on a
+medium customarily used for software interchange.
+
+  If distribution of object code is made by offering access to copy
+from a designated place, then offering equivalent access to copy the
+source code from the same place satisfies the requirement to
+distribute the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+  5. A program that contains no derivative of any portion of the
+Library, but is designed to work with the Library by being compiled or
+linked with it, is called a "work that uses the Library".  Such a
+work, in isolation, is not a derivative work of the Library, and
+therefore falls outside the scope of this License.
+
+  However, linking a "work that uses the Library" with the Library
+creates an executable that is a derivative of the Library (because it
+contains portions of the Library), rather than a "work that uses the
+library".  The executable is therefore covered by this License.
+Section 6 states terms for distribution of such executables.
+
+  When a "work that uses the Library" uses material from a header file
+that is part of the Library, the object code for the work may be a
+derivative work of the Library even though the source code is not.
+Whether this is true is especially significant if the work can be
+linked without the Library, or if the work is itself a library.  The
+threshold for this to be true is not precisely defined by law.
+
+  If such an object file uses only numerical parameters, data
+structure layouts and accessors, and small macros and small inline
+functions (ten lines or less in length), then the use of the object
+file is unrestricted, regardless of whether it is legally a derivative
+work.  (Executables containing this object code plus portions of the
+Library will still fall under Section 6.)
+
+  Otherwise, if the work is a derivative of the Library, you may
+distribute the object code for the work under the terms of Section 6.
+Any executables containing that work also fall under Section 6,
+whether or not they are linked directly with the Library itself.
+
+  6. As an exception to the Sections above, you may also combine or
+link a "work that uses the Library" with the Library to produce a
+work containing portions of the Library, and distribute that work
+under terms of your choice, provided that the terms permit
+modification of the work for the customer's own use and reverse
+engineering for debugging such modifications.
+
+  You must give prominent notice with each copy of the work that the
+Library is used in it and that the Library and its use are covered by
+this License.  You must supply a copy of this License.  If the work
+during execution displays copyright notices, you must include the
+copyright notice for the Library among them, as well as a reference
+directing the user to the copy of this License.  Also, you must do one
+of these things:
+
+    a) Accompany the work with the complete corresponding
+    machine-readable source code for the Library including whatever
+    changes were used in the work (which must be distributed under
+    Sections 1 and 2 above); and, if the work is an executable linked
+    with the Library, with the complete machine-readable "work that
+    uses the Library", as object code and/or source code, so that the
+    user can modify the Library and then relink to produce a modified
+    executable containing the modified Library.  (It is understood
+    that the user who changes the contents of definitions files in the
+    Library will not necessarily be able to recompile the application
+    to use the modified definitions.)
+
+    b) Use a suitable shared library mechanism for linking with the
+    Library.  A suitable mechanism is one that (1) uses at run time a
+    copy of the library already present on the user's computer system,
+    rather than copying library functions into the executable, and (2)
+    will operate properly with a modified version of the library, if
+    the user installs one, as long as the modified version is
+    interface-compatible with the version that the work was made with.
+
+    c) Accompany the work with a written offer, valid for at
+    least three years, to give the same user the materials
+    specified in Subsection 6a, above, for a charge no more
+    than the cost of performing this distribution.
+
+    d) If distribution of the work is made by offering access to copy
+    from a designated place, offer equivalent access to copy the above
+    specified materials from the same place.
+
+    e) Verify that the user has already received a copy of these
+    materials or that you have already sent this user a copy.
+
+  For an executable, the required form of the "work that uses the
+Library" must include any data and utility programs needed for
+reproducing the executable from it.  However, as a special exception,
+the materials to be distributed need not include anything that is
+normally distributed (in either source or binary form) with the major
+components (compiler, kernel, and so on) of the operating system on
+which the executable runs, unless that component itself accompanies
+the executable.
+
+  It may happen that this requirement contradicts the license
+restrictions of other proprietary libraries that do not normally
+accompany the operating system.  Such a contradiction means you cannot
+use both them and the Library together in an executable that you
+distribute.
+
+  7. You may place library facilities that are a work based on the
+Library side-by-side in a single library together with other library
+facilities not covered by this License, and distribute such a combined
+library, provided that the separate distribution of the work based on
+the Library and of the other library facilities is otherwise
+permitted, and provided that you do these two things:
+
+    a) Accompany the combined library with a copy of the same work
+    based on the Library, uncombined with any other library
+    facilities.  This must be distributed under the terms of the
+    Sections above.
+
+    b) Give prominent notice with the combined library of the fact
+    that part of it is a work based on the Library, and explaining
+    where to find the accompanying uncombined form of the same work.
+
+  8. You may not copy, modify, sublicense, link with, or distribute
+the Library except as expressly provided under this License.  Any
+attempt otherwise to copy, modify, sublicense, link with, or
+distribute the Library is void, and will automatically terminate your
+rights under this License.  However, parties who have received copies,
+or rights, from you under this License will not have their licenses
+terminated so long as such parties remain in full compliance.
+
+  9. You are not required to accept this License, since you have not
+signed it.  However, nothing else grants you permission to modify or
+distribute the Library or its derivative works.  These actions are
+prohibited by law if you do not accept this License.  Therefore, by
+modifying or distributing the Library (or any work based on the
+Library), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Library or works based on it.
+
+  10. Each time you redistribute the Library (or any work based on the
+Library), the recipient automatically receives a license from the
+original licensor to copy, distribute, link with or modify the Library
+subject to these terms and conditions.  You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties with
+this License.
+
+  11. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Library at all.  For example, if a patent
+license would not permit royalty-free redistribution of the Library by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Library.
+
+If any portion of this section is held invalid or unenforceable under any
+particular circumstance, the balance of the section is intended to apply,
+and the section as a whole is intended to apply in other circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system which is
+implemented by public license practices.  Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+  12. If the distribution and/or use of the Library is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Library under this License may add
+an explicit geographical distribution limitation excluding those countries,
+so that distribution is permitted only in or among countries not thus
+excluded.  In such case, this License incorporates the limitation as if
+written in the body of this License.
+
+  13. The Free Software Foundation may publish revised and/or new
+versions of the Lesser General Public License from time to time.
+Such new versions will be similar in spirit to the present version,
+but may differ in detail to address new problems or concerns.
+
+Each version is given a distinguishing version number.  If the Library
+specifies a version number of this License which applies to it and
+"any later version", you have the option of following the terms and
+conditions either of that version or of any later version published by
+the Free Software Foundation.  If the Library does not specify a
+license version number, you may choose any version ever published by
+the Free Software Foundation.
+
+  14. If you wish to incorporate parts of the Library into other free
+programs whose distribution conditions are incompatible with these,
+write to the author to ask for permission.  For software which is
+copyrighted by the Free Software Foundation, write to the Free
+Software Foundation; we sometimes make exceptions for this.  Our
+decision will be guided by the two goals of preserving the free status
+of all derivatives of our free software and of promoting the sharing
+and reuse of software generally.
+
+                            NO WARRANTY
+
+  15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO
+WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
+EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
+OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY
+KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
+LIBRARY IS WITH YOU.  SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME
+THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+  16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
+WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
+AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU
+FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
+CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
+LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
+RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
+FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
+SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
+DAMAGES.
+
+                     END OF TERMS AND CONDITIONS
+
+           How to Apply These Terms to Your New Libraries
+
+  If you develop a new library, and you want it to be of the greatest
+possible use to the public, we recommend making it free software that
+everyone can redistribute and change.  You can do so by permitting
+redistribution under these terms (or, alternatively, under the terms of the
+ordinary General Public License).
+
+  To apply these terms, attach the following notices to the library.  It is
+safest to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least the
+"copyright" line and a pointer to where the full notice is found.
+
+    <one line to give the library's name and a brief idea of what it does.>
+    Copyright (C) <year>  <name of author>
+
+    This library is free software; you can redistribute it and/or
+    modify it under the terms of the GNU Lesser General Public
+    License as published by the Free Software Foundation; either
+    version 2.1 of the License, or (at your option) any later version.
+
+    This library is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+    Lesser General Public License for more details.
+
+    You should have received a copy of the GNU Lesser General Public
+    License along with this library; if not, write to the Free Software
+    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+
+Also add information on how to contact you by electronic and paper mail.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the library, if
+necessary.  Here is a sample; alter the names:
+
+  Yoyodyne, Inc., hereby disclaims all copyright interest in the
+  library `Frob' (a library for tweaking knobs) written by James Random Hacker.
+
+  <signature of Ty Coon>, 1 April 1990
+  Ty Coon, President of Vice
+
+That's all there is to it!
+
diff --git a/thirdparty/lws/alloc.c b/thirdparty/lws/alloc.c
new file mode 100644
index 0000000000..898db12464
--- /dev/null
+++ b/thirdparty/lws/alloc.c
@@ -0,0 +1,90 @@
+#include "private-libwebsockets.h"
+
+#if defined(LWS_PLAT_OPTEE)
+
+#define TEE_USER_MEM_HINT_NO_FILL_ZERO       0x80000000
+
+void *__attribute__((weak))
+	TEE_Malloc(uint32_t size, uint32_t hint)
+{
+	return NULL;
+}
+void *__attribute__((weak))
+	TEE_Realloc(void *buffer, uint32_t newSize)
+{
+	return NULL;
+}
+void __attribute__((weak))
+	TEE_Free(void *buffer)
+{
+}
+
+void *lws_realloc(void *ptr, size_t size, const char *reason)
+{
+	return TEE_Realloc(ptr, size);
+}
+
+void *lws_malloc(size_t size, const char *reason)
+{
+	return TEE_Malloc(size, TEE_USER_MEM_HINT_NO_FILL_ZERO);
+}
+
+void lws_free(void *p)
+{
+	TEE_Free(p);
+}
+
+void *lws_zalloc(size_t size, const char *reason)
+{
+	void *ptr = TEE_Malloc(size, TEE_USER_MEM_HINT_NO_FILL_ZERO);
+	if (ptr)
+		memset(ptr, 0, size);
+	return ptr;
+}
+
+void lws_set_allocator(void *(*cb)(void *ptr, size_t size, const char *reason))
+{
+	(void)cb;
+}
+#else
+
+static void *_realloc(void *ptr, size_t size, const char *reason)
+{
+	if (size) {
+#if defined(LWS_PLAT_ESP32)
+		lwsl_notice("%s: size %lu: %s\n", __func__, (unsigned long)size, reason);
+#else
+		lwsl_debug("%s: size %lu: %s\n", __func__, (unsigned long)size, reason);
+#endif
+#if defined(LWS_PLAT_OPTEE)
+		return (void *)TEE_Realloc(ptr, size);
+#else
+		return (void *)realloc(ptr, size);
+#endif
+	}
+	if (ptr)
+		free(ptr);
+
+	return NULL;
+}
+
+void *(*_lws_realloc)(void *ptr, size_t size, const char *reason) = _realloc;
+
+void *lws_realloc(void *ptr, size_t size, const char *reason)
+{
+	return _lws_realloc(ptr, size, reason);
+}
+
+void *lws_zalloc(size_t size, const char *reason)
+{
+	void *ptr = _lws_realloc(NULL, size, reason);
+	if (ptr)
+		memset(ptr, 0, size);
+	return ptr;
+}
+
+void lws_set_allocator(void *(*cb)(void *ptr, size_t size, const char *reason))
+{
+	_lws_realloc = cb;
+}
+#endif
diff --git a/thirdparty/lws/client/client-handshake.c b/thirdparty/lws/client/client-handshake.c
new file mode 100644
index 0000000000..c2720d9283
--- /dev/null
+++ b/thirdparty/lws/client/client-handshake.c
@@ -0,0 +1,1051 @@
+#include "private-libwebsockets.h"
+
+static int
+lws_getaddrinfo46(struct lws *wsi, const char *ads, struct addrinfo **result)
+{
+	struct addrinfo hints;
+
+	memset(&hints, 0, sizeof(hints));
+	*result = NULL;
+
+#ifdef LWS_WITH_IPV6
+	if (wsi->ipv6) {
+
+#if !defined(__ANDROID__)
+		hints.ai_family = AF_INET6;
+		hints.ai_flags = AI_V4MAPPED;
+#endif
+	} else
+#endif
+	{
+		hints.ai_family = PF_UNSPEC;
+		hints.ai_socktype = SOCK_STREAM;
+		hints.ai_flags = AI_CANONNAME;
+	}
+
+	return getaddrinfo(ads, NULL, &hints, result);
+}
+
+struct lws *
+lws_client_connect_2(struct lws *wsi)
+{
+	sockaddr46 sa46;
+	struct addrinfo *result;
+	struct lws_context *context = wsi->context;
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+	struct lws_pollfd pfd;
+	const char *cce = "", *iface;
+	int n, port;
+	ssize_t plen = 0;
+	const char *ads;
+#ifdef LWS_WITH_IPV6
+	char ipv6only = lws_check_opt(wsi->vhost->options,
+			LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY |
+			LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE);
+
+#if defined(__ANDROID__)
+	ipv6only = 0;
+#endif
+#endif
+
+	lwsl_client("%s\n", __func__);
+
+	if (!wsi->u.hdr.ah) {
+		cce = "ah was NULL at cc2";
+		lwsl_err("%s\n", cce);
+		goto oom4;
+	}
+
+	/*
+	 * start off allowing ipv6 on connection if vhost allows it
+	 */
+	wsi->ipv6 = LWS_IPV6_ENABLED(wsi->vhost);
+
+	/* Decide what it is we need to connect to:
+	 *
+	 * Priority 1: connect to http proxy */
+
+	if (wsi->vhost->http_proxy_port) {
+		plen = sprintf((char *)pt->serv_buf,
+			"CONNECT %s:%u HTTP/1.0\x0d\x0a"
+			"User-agent: libwebsockets\x0d\x0a",
+			lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS),
+			wsi->c_port);
+
+		if (wsi->vhost->proxy_basic_auth_token[0])
+			plen += sprintf((char *)pt->serv_buf + plen,
+					"Proxy-authorization: basic %s\x0d\x0a",
+					wsi->vhost->proxy_basic_auth_token);
+
+		plen += sprintf((char *)pt->serv_buf + plen, "\x0d\x0a");
+		ads = wsi->vhost->http_proxy_address;
+		port = wsi->vhost->http_proxy_port;
+
+#if defined(LWS_WITH_SOCKS5)
+
+	/* Priority 2: Connect to SOCK5 Proxy */
+
+	} else if (wsi->vhost->socks_proxy_port) {
+		socks_generate_msg(wsi, SOCKS_MSG_GREETING, &plen);
+		lwsl_client("Sending SOCKS Greeting\n");
+		ads = wsi->vhost->socks_proxy_address;
+		port = wsi->vhost->socks_proxy_port;
+#endif
+	} else {
+
+		/* Priority 3: Connect directly */
+
+		ads = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS);
+		port = wsi->c_port;
+	}
+
+	/*
+	 * prepare the actual connection
+	 * to whatever we decided to connect to
+	 */
+
+       lwsl_notice("%s: %p: address %s\n", __func__, wsi, ads);
+
+       n = lws_getaddrinfo46(wsi, ads, &result);
+
+#ifdef LWS_WITH_IPV6
+	if (wsi->ipv6) {
+
+		if (n) {
+			/* lws_getaddrinfo46 failed, there is no usable result */
+			lwsl_notice("%s: lws_getaddrinfo46 failed %d\n",
+					__func__, n);
+			cce = "ipv6 lws_getaddrinfo46 failed";
+			goto oom4;
+		}
+
+		memset(&sa46, 0, sizeof(sa46));
+
+		sa46.sa6.sin6_family = AF_INET6;
+		switch (result->ai_family) {
+		case AF_INET:
+			if (ipv6only)
+				break;
+			/* map IPv4 to IPv6 */
+			bzero((char *)&sa46.sa6.sin6_addr,
+						sizeof(sa46.sa6.sin6_addr));
+			sa46.sa6.sin6_addr.s6_addr[10] = 0xff;
+			sa46.sa6.sin6_addr.s6_addr[11] = 0xff;
+			memcpy(&sa46.sa6.sin6_addr.s6_addr[12],
+				&((struct sockaddr_in *)result->ai_addr)->sin_addr,
+							sizeof(struct in_addr));
+			lwsl_notice("uplevelling AF_INET to AF_INET6\n");
+			break;
+
+		case AF_INET6:
+			memcpy(&sa46.sa6.sin6_addr,
+			  &((struct sockaddr_in6 *)result->ai_addr)->sin6_addr,
+						sizeof(struct in6_addr));
+			sa46.sa6.sin6_scope_id = ((struct sockaddr_in6 *)result->ai_addr)->sin6_scope_id;
+			sa46.sa6.sin6_flowinfo = ((struct sockaddr_in6 *)result->ai_addr)->sin6_flowinfo;
+			break;
+		default:
+			lwsl_err("Unknown address family\n");
+			freeaddrinfo(result);
+			cce = "unknown address family";
+			goto oom4;
+		}
+	} else
+#endif /* use ipv6 */
+
+	/* use ipv4 */
+	{
+		void *p = NULL;
+
+		if (!n) {
+			struct addrinfo *res = result;
+
+			/* pick the first AF_INET (IPv4) result */
+
+			while (!p && res) {
+				switch (res->ai_family) {
+				case AF_INET:
+					p = &((struct sockaddr_in *)res->ai_addr)->sin_addr;
+					break;
+				}
+
+				res = res->ai_next;
+			}
+#if defined(LWS_FALLBACK_GETHOSTBYNAME)
+		} else if (n == EAI_SYSTEM) {
+			struct hostent *host;
+
+			lwsl_info("getaddrinfo (ipv4) failed, trying gethostbyname\n");
+			host = gethostbyname(ads);
+			if (host) {
+				p = host->h_addr;
+			} else {
+				lwsl_err("gethostbyname failed\n");
+				cce = "gethostbyname (ipv4) failed";
+				goto oom4;
+			}
+#endif
+		} else {
+			lwsl_err("getaddrinfo failed\n");
+			cce = "getaddrinfo failed";
+			goto oom4;
+		}
+
+		if (!p) {
+			if (result)
+				freeaddrinfo(result);
+			lwsl_err("Couldn't identify address\n");
+			cce = "unable to lookup address";
+			goto oom4;
+		}
+
+		sa46.sa4.sin_family = AF_INET;
+		sa46.sa4.sin_addr = *((struct in_addr *)p);
+		bzero(&sa46.sa4.sin_zero, 8);
+	}
+
+	if (result)
+		freeaddrinfo(result);
+
+	/* now we decided on ipv4 or ipv6, set the port */
+
+	if (!lws_socket_is_valid(wsi->desc.sockfd)) {
+
+#if defined(LWS_WITH_LIBUV)
+		if (LWS_LIBUV_ENABLED(context))
+			if (lws_libuv_check_watcher_active(wsi)) {
+				lwsl_warn("Waiting for libuv watcher to close\n");
+				cce = "waiting for libuv watcher to close";
+				goto oom4;
+			}
+#endif
+
+#ifdef LWS_WITH_IPV6
+		if (wsi->ipv6)
+			wsi->desc.sockfd = socket(AF_INET6, SOCK_STREAM, 0);
+		else
+#endif
+			wsi->desc.sockfd = socket(AF_INET, SOCK_STREAM, 0);
+
+		if (!lws_socket_is_valid(wsi->desc.sockfd)) {
+			lwsl_warn("Unable to open socket\n");
+			cce = "unable to open socket";
+			goto oom4;
+		}
+
+		if (lws_plat_set_socket_options(wsi->vhost, wsi->desc.sockfd)) {
+			lwsl_err("Failed to set wsi socket options\n");
+			compatible_close(wsi->desc.sockfd);
+			cce = "set socket opts failed";
+			goto oom4;
+		}
+
+		wsi->mode = LWSCM_WSCL_WAITING_CONNECT;
+
+		lws_libev_accept(wsi, wsi->desc);
+		lws_libuv_accept(wsi, wsi->desc);
+		lws_libevent_accept(wsi, wsi->desc);
+
+		if (insert_wsi_socket_into_fds(context, wsi)) {
+			compatible_close(wsi->desc.sockfd);
+			cce = "insert wsi failed";
+			goto oom4;
+		}
+
+		lws_change_pollfd(wsi, 0, LWS_POLLIN);
+
+		/*
+		 * past here, we can't simply free the structs as error
+		 * handling as oom4 does.  We have to run the whole close flow.
+		 */
+
+		if (!wsi->protocol)
+			wsi->protocol = &wsi->vhost->protocols[0];
+
+		wsi->protocol->callback(wsi, LWS_CALLBACK_WSI_CREATE,
+					wsi->user_space, NULL, 0);
+
+		lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_CONNECT_RESPONSE,
+				AWAITING_TIMEOUT);
+
+		iface = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_IFACE);
+
+		if (iface) {
+			n = lws_socket_bind(wsi->vhost, wsi->desc.sockfd, 0, iface);
+			if (n < 0) {
+				cce = "unable to bind socket";
+				goto failed;
+			}
+		}
+	}
+
+#ifdef LWS_WITH_IPV6
+	if (wsi->ipv6) {
+		sa46.sa6.sin6_port = htons(port);
+		n = sizeof(struct sockaddr_in6);
+	} else
+#endif
+	{
+		sa46.sa4.sin_port = htons(port);
+		n = sizeof(struct sockaddr);
+	}
+
+	if (connect(wsi->desc.sockfd, (const struct sockaddr *)&sa46, n) == -1 ||
+	    LWS_ERRNO == LWS_EISCONN) {
+		if (LWS_ERRNO == LWS_EALREADY ||
+		    LWS_ERRNO == LWS_EINPROGRESS ||
+		    LWS_ERRNO == LWS_EWOULDBLOCK
+#ifdef _WIN32
+			|| LWS_ERRNO == WSAEINVAL
+#endif
+		) {
+			lwsl_client("nonblocking connect retry (errno = %d)\n",
+				    LWS_ERRNO);
+
+			if (lws_plat_check_connection_error(wsi)) {
+				cce = "socket connect failed";
+				goto failed;
+			}
+
+			/*
+			 * must do specifically a POLLOUT poll to hear
+			 * about the connect completion
+			 */
+			if (lws_change_pollfd(wsi, 0, LWS_POLLOUT)) {
+				cce = "POLLOUT set failed";
+				goto failed;
+			}
+
+			return wsi;
+		}
+
+		if (LWS_ERRNO != LWS_EISCONN) {
+			lwsl_notice("Connect failed errno=%d\n", LWS_ERRNO);
+			cce = "connect failed";
+			goto failed;
+		}
+	}
+
+	lwsl_client("connected\n");
+
+	/* we are connected to server, or proxy */
+
+	/* http proxy */
+	if (wsi->vhost->http_proxy_port) {
+
+		/*
+		 * OK from now on we talk via the proxy, so connect to that
+		 *
+		 * (will overwrite existing pointer,
+		 * leaving old string/frag there but unreferenced)
+		 */
+		if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS,
+					  wsi->vhost->http_proxy_address))
+			goto failed;
+		wsi->c_port = wsi->vhost->http_proxy_port;
+
+		n = send(wsi->desc.sockfd, (char *)pt->serv_buf, plen,
+			 MSG_NOSIGNAL);
+		if (n < 0) {
+			lwsl_debug("ERROR writing to proxy socket\n");
+			cce = "proxy write failed";
+			goto failed;
+		}
+
+		lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_PROXY_RESPONSE,
+				AWAITING_TIMEOUT);
+
+		wsi->mode = LWSCM_WSCL_WAITING_PROXY_REPLY;
+
+		return wsi;
+	}
+#if defined(LWS_WITH_SOCKS5)
+	/* socks proxy */
+	else if (wsi->vhost->socks_proxy_port) {
+		n = send(wsi->desc.sockfd, (char *)pt->serv_buf, plen,
+			 MSG_NOSIGNAL);
+		if (n < 0) {
+			lwsl_debug("ERROR writing socks greeting\n");
+			cce = "socks write failed";
+			goto failed;
+		}
+
+		lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SOCKS_GREETING_REPLY,
+				AWAITING_TIMEOUT);
+
+		wsi->mode = LWSCM_WSCL_WAITING_SOCKS_GREETING_REPLY;
+
+		return wsi;
+	}
+#endif
+
+	/*
+	 * provoke service to issue the handshake directly
+	 * we need to do it this way because in the proxy case, this is the
+	 * next state and executed only if and when we get a good proxy
+	 * response inside the state machine... but notice in SSL case this
+	 * may not have sent anything yet with 0 return, and won't until some
+	 * many retries from main loop.  To stop that becoming endless,
+	 * cover with a timeout.
+	 */
+
+	lws_set_timeout(wsi, PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE,
+			AWAITING_TIMEOUT);
+
+	wsi->mode = LWSCM_WSCL_ISSUE_HANDSHAKE;
+	pfd.fd = wsi->desc.sockfd;
+	pfd.events = LWS_POLLIN;
+	pfd.revents = LWS_POLLIN;
+
+	n = lws_service_fd(context, &pfd);
+	if (n < 0) {
+		cce = "first service failed";
+		goto failed;
+	}
+	if (n) /* returns 1 on failure after closing wsi */
+		return NULL;
+
+	return wsi;
+
+oom4:
+	/* we're closing, losing some rx is OK */
+	lws_header_table_force_to_detachable_state(wsi);
+
+	if (wsi->mode == LWSCM_HTTP_CLIENT ||
+	    wsi->mode == LWSCM_HTTP_CLIENT_ACCEPTED ||
+	    wsi->mode == LWSCM_WSCL_WAITING_CONNECT) {
+		wsi->vhost->protocols[0].callback(wsi,
+			LWS_CALLBACK_CLIENT_CONNECTION_ERROR,
+			wsi->user_space, (void *)cce, strlen(cce));
+		wsi->already_did_cce = 1;
+	}
+	/* take care that we might be inserted in fds already */
+	if (wsi->position_in_fds_table != -1)
+		goto failed1;
+	lws_remove_from_timeout_list(wsi);
+	lws_header_table_detach(wsi, 0);
+	lws_free(wsi);
+
+	return NULL;
+
+failed:
+	wsi->vhost->protocols[0].callback(wsi,
+		LWS_CALLBACK_CLIENT_CONNECTION_ERROR,
+		wsi->user_space, (void *)cce, strlen(cce));
+	wsi->already_did_cce = 1;
+failed1:
+	lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS);
+
+	return NULL;
+}
+
+/**
+ * lws_client_reset() - retarget a connected wsi to start over with a new connection (ie, redirect)
+ *			this only works if still in HTTP, ie, not upgraded yet
+ * wsi:		connection to reset
+ * address:	network address of the new server
+ * port:	port to connect to
+ * path:	uri path to connect to on the new server
+ * host:	host header to send to the new server
+ */
+LWS_VISIBLE struct lws *
+lws_client_reset(struct lws **pwsi, int ssl, const char *address, int port,
+		 const char *path, const char *host)
+{
+	char origin[300] = "", protocol[300] = "", method[32] = "", iface[16] = "", *p;
+	struct lws *wsi = *pwsi;
+
+	if (wsi->redirects == 3) {
+		lwsl_err("%s: Too many redirects\n", __func__);
+		return NULL;
+	}
+	wsi->redirects++;
+
+	p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ORIGIN);
+	if (p)
+		strncpy(origin, p, sizeof(origin) - 1);
+
+	p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS);
+	if (p)
+		strncpy(protocol, p, sizeof(protocol) - 1);
+
+	p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_METHOD);
+	if (p)
+		strncpy(method, p, sizeof(method) - 1);
+
+	p = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_IFACE);
+	if (p)
+		strncpy(method, p, sizeof(iface) - 1);
+
+	lwsl_info("redirect ads='%s', port=%d, path='%s', ssl = %d\n",
+		   address, port, path, ssl);
+
+	/* close the connection by hand */
+
+#ifdef LWS_OPENSSL_SUPPORT
+	lws_ssl_close(wsi);
+#endif
+
+#ifdef LWS_WITH_LIBUV
+	if (LWS_LIBUV_ENABLED(wsi->context)) {
+		lwsl_debug("%s: lws_libuv_closehandle: wsi %p\n", __func__, wsi);
+		/*
+		 * libuv has to do his own close handle processing asynchronously
+		 * but once it starts we can do everything else synchronously,
+		 * including trash wsi->desc.sockfd since it took a copy.
+		 *
+		 * When it completes it will call compatible_close()
+		 */
+		lws_libuv_closehandle_manually(wsi);
+	} else
+#else
+	compatible_close(wsi->desc.sockfd);
+#endif
+
+	remove_wsi_socket_from_fds(wsi);
+
+#ifdef LWS_OPENSSL_SUPPORT
+	wsi->use_ssl = ssl;
+#else
+	if (ssl) {
+		lwsl_err("%s: not configured for ssl\n", __func__);
+		return NULL;
+	}
+#endif
+
+	wsi->desc.sockfd = LWS_SOCK_INVALID;
+	wsi->state = LWSS_CLIENT_UNCONNECTED;
+	wsi->protocol = NULL;
+	wsi->pending_timeout = NO_PENDING_TIMEOUT;
+	wsi->c_port = port;
+	wsi->hdr_parsing_completed = 0;
+	_lws_header_table_reset(wsi->u.hdr.ah);
+
+	if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS, address))
+		return NULL;
+
+	if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_HOST, host))
+		return NULL;
+
+	if (origin[0])
+		if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_ORIGIN,
+					  origin))
+			return NULL;
+	if (protocol[0])
+		if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS,
+					  protocol))
+			return NULL;
+	if (method[0])
+		if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_METHOD,
+					  method))
+			return NULL;
+
+	if (iface[0])
+		if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_IFACE,
+					  iface))
+			return NULL;
+
+	origin[0] = '/';
+	strncpy(&origin[1], path, sizeof(origin) - 2);
+	if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_URI, origin))
+		return NULL;
+
+	*pwsi = lws_client_connect_2(wsi);
+
+	return *pwsi;
+}
+
+#ifdef LWS_WITH_HTTP_PROXY
+static hubbub_error
+html_parser_cb(const hubbub_token *token, void *pw)
+{
+	struct lws_rewrite *r = (struct lws_rewrite *)pw;
+	char buf[1024], *start = buf + LWS_PRE, *p = start,
+	     *end = &buf[sizeof(buf) - 1];
+	size_t i;
+
+	switch (token->type) {
+	case HUBBUB_TOKEN_DOCTYPE:
+
+		p += lws_snprintf(p, end - p, "<!DOCTYPE %.*s %s ",
+				(int) token->data.doctype.name.len,
+				token->data.doctype.name.ptr,
+				token->data.doctype.force_quirks ?
+						"(force-quirks) " : "");
+
+		if (token->data.doctype.public_missing)
+			lwsl_debug("\tpublic: missing\n");
+		else
+			p += lws_snprintf(p, end - p, "PUBLIC \"%.*s\"\n",
+				(int) token->data.doctype.public_id.len,
+				token->data.doctype.public_id.ptr);
+
+		if (token->data.doctype.system_missing)
+			lwsl_debug("\tsystem: missing\n");
+		else
+			p += lws_snprintf(p, end - p, " \"%.*s\">\n",
+				(int) token->data.doctype.system_id.len,
+				token->data.doctype.system_id.ptr);
+
+		break;
+	case HUBBUB_TOKEN_START_TAG:
+		p += lws_snprintf(p, end - p, "<%.*s", (int)token->data.tag.name.len,
+				token->data.tag.name.ptr);
+
+/*				(token->data.tag.self_closing) ?
+						"(self-closing) " : "",
+				(token->data.tag.n_attributes > 0) ?
+						"attributes:" : "");
+*/
+		for (i = 0; i < token->data.tag.n_attributes; i++) {
+			if (!hstrcmp(&token->data.tag.attributes[i].name, "href", 4) ||
+			    !hstrcmp(&token->data.tag.attributes[i].name, "action", 6) ||
+			    !hstrcmp(&token->data.tag.attributes[i].name, "src", 3)) {
+				const char *pp = (const char *)token->data.tag.attributes[i].value.ptr;
+				int plen = (int) token->data.tag.attributes[i].value.len;
+
+				if (strncmp(pp, "http:", 5) && strncmp(pp, "https:", 6)) {
+
+					if (!hstrcmp(&token->data.tag.attributes[i].value,
+						     r->from, r->from_len)) {
+						pp += r->from_len;
+						plen -= r->from_len;
+					}
+					p += lws_snprintf(p, end - p, " %.*s=\"%s/%.*s\"",
+					       (int) token->data.tag.attributes[i].name.len,
+					       token->data.tag.attributes[i].name.ptr,
+					       r->to, plen, pp);
+					continue;
+				}
+			}
+
+			p += lws_snprintf(p, end - p, " %.*s=\"%.*s\"",
+				(int) token->data.tag.attributes[i].name.len,
+				token->data.tag.attributes[i].name.ptr,
+				(int) token->data.tag.attributes[i].value.len,
+				token->data.tag.attributes[i].value.ptr);
+		}
+		p += lws_snprintf(p, end - p, ">");
+		break;
+	case HUBBUB_TOKEN_END_TAG:
+		p += lws_snprintf(p, end - p, "</%.*s", (int) token->data.tag.name.len,
+				token->data.tag.name.ptr);
+/*
+				(token->data.tag.self_closing) ?
+						"(self-closing) " : "",
+				(token->data.tag.n_attributes > 0) ?
+						"attributes:" : "");
+*/
+		for (i = 0; i < token->data.tag.n_attributes; i++) {
+			p += lws_snprintf(p, end - p, " %.*s='%.*s'\n",
+				(int) token->data.tag.attributes[i].name.len,
+				token->data.tag.attributes[i].name.ptr,
+				(int) token->data.tag.attributes[i].value.len,
+				token->data.tag.attributes[i].value.ptr);
+		}
+		p += lws_snprintf(p, end - p, ">");
+		break;
+	case HUBBUB_TOKEN_COMMENT:
+		p += lws_snprintf(p, end - p, "<!-- %.*s -->\n",
+				(int) token->data.comment.len,
+				token->data.comment.ptr);
+		break;
+	case HUBBUB_TOKEN_CHARACTER:
+		if (token->data.character.len == 1) {
+			if (*token->data.character.ptr == '<') {
+				p += lws_snprintf(p, end - p, "&lt;");
+				break;
+			}
+			if (*token->data.character.ptr == '>') {
+				p += lws_snprintf(p, end - p, "&gt;");
+				break;
+			}
+			if (*token->data.character.ptr == '&') {
+				p += lws_snprintf(p, end - p, "&amp;");
+				break;
+			}
+		}
+
+		p += lws_snprintf(p, end - p, "%.*s", (int) token->data.character.len,
+				token->data.character.ptr);
+		break;
+	case HUBBUB_TOKEN_EOF:
+		p += lws_snprintf(p, end - p, "\n");
+		break;
+	}
+
+	if (user_callback_handle_rxflow(r->wsi->protocol->callback,
+			r->wsi, LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ,
+			r->wsi->user_space, start, p - start))
+		return -1;
+
+	return HUBBUB_OK;
+}
+#endif
+
+LWS_VISIBLE struct lws *
+lws_client_connect_via_info(struct lws_client_connect_info *i)
+{
+	struct lws *wsi;
+	int v = SPEC_LATEST_SUPPORTED;
+	const struct lws_protocols *p;
+
+	if (i->context->requested_kill)
+		return NULL;
+
+	if (!i->context->protocol_init_done)
+		lws_protocol_init(i->context);
+
+	wsi = lws_zalloc(sizeof(struct lws), "client wsi");
+	if (wsi == NULL)
+		goto bail;
+
+	wsi->context = i->context;
+	/* assert the mode and union status (hdr) clearly */
+	lws_union_transition(wsi, LWSCM_HTTP_CLIENT);
+	wsi->desc.sockfd = LWS_SOCK_INVALID;
+
+	/* 1) fill up the wsi with stuff from the connect_info as far as it
+	 * can go.  It's because not only is our connection async, we might
+	 * not even be able to get ahold of an ah at this point.
+	 */
+
+	/* -1 means just use latest supported */
+	if (i->ietf_version_or_minus_one != -1 && i->ietf_version_or_minus_one)
+		v = i->ietf_version_or_minus_one;
+
+	wsi->ietf_spec_revision = v;
+	wsi->user_space = NULL;
+	wsi->state = LWSS_CLIENT_UNCONNECTED;
+	wsi->pending_timeout = NO_PENDING_TIMEOUT;
+	wsi->position_in_fds_table = -1;
+	wsi->c_port = i->port;
+	wsi->vhost = i->vhost;
+	if (!wsi->vhost)
+		wsi->vhost = i->context->vhost_list;
+
+	wsi->protocol = &wsi->vhost->protocols[0];
+
+	/* for http[s] connection, allow protocol selection by name */
+
+	if (i->method && i->vhost && i->protocol) {
+		p = lws_vhost_name_to_protocol(i->vhost, i->protocol);
+		if (p)
+			wsi->protocol = p;
+	}
+
+	if (wsi && !wsi->user_space && i->userdata) {
+		wsi->user_space_externally_allocated = 1;
+		wsi->user_space = i->userdata;
+	} else
+		/* if we stay in http, we can assign the user space now,
+		 * otherwise do it after the protocol negotiated
+		 */
+		if (i->method)
+			if (lws_ensure_user_space(wsi))
+				goto bail;
+
+#ifdef LWS_OPENSSL_SUPPORT
+	wsi->use_ssl = i->ssl_connection;
+#else
+	if (i->ssl_connection) {
+		lwsl_err("libwebsockets not configured for ssl\n");
+		goto bail;
+	}
+#endif
+
+	/* 2) stash the things from connect_info that we can't process without
+	 * an ah.  Because if no ah, we will go on the ah waiting list and
+	 * process those things later (after the connect_info and maybe the
+	 * things pointed to have gone out of scope.
+	 */
+
+	wsi->u.hdr.stash = lws_malloc(sizeof(*wsi->u.hdr.stash), "client stash");
+	if (!wsi->u.hdr.stash) {
+		lwsl_err("%s: OOM\n", __func__);
+		goto bail;
+	}
+
+	wsi->u.hdr.stash->origin[0] = '\0';
+	wsi->u.hdr.stash->protocol[0] = '\0';
+	wsi->u.hdr.stash->method[0] = '\0';
+	wsi->u.hdr.stash->iface[0] = '\0';
+
+	strncpy(wsi->u.hdr.stash->address, i->address,
+		sizeof(wsi->u.hdr.stash->address) - 1);
+	strncpy(wsi->u.hdr.stash->path, i->path,
+		sizeof(wsi->u.hdr.stash->path) - 1);
+	strncpy(wsi->u.hdr.stash->host, i->host,
+		sizeof(wsi->u.hdr.stash->host) - 1);
+	if (i->origin)
+		strncpy(wsi->u.hdr.stash->origin, i->origin,
+			sizeof(wsi->u.hdr.stash->origin) - 1);
+	if (i->protocol)
+		strncpy(wsi->u.hdr.stash->protocol, i->protocol,
+			sizeof(wsi->u.hdr.stash->protocol) - 1);
+	if (i->method)
+		strncpy(wsi->u.hdr.stash->method, i->method,
+			sizeof(wsi->u.hdr.stash->method) - 1);
+	if (i->iface)
+		strncpy(wsi->u.hdr.stash->iface, i->iface,
+			sizeof(wsi->u.hdr.stash->iface) - 1);
+
+	wsi->u.hdr.stash->address[sizeof(wsi->u.hdr.stash->address) - 1] = '\0';
+	wsi->u.hdr.stash->path[sizeof(wsi->u.hdr.stash->path) - 1] = '\0';
+	wsi->u.hdr.stash->host[sizeof(wsi->u.hdr.stash->host) - 1] = '\0';
+	wsi->u.hdr.stash->origin[sizeof(wsi->u.hdr.stash->origin) - 1] = '\0';
+	wsi->u.hdr.stash->protocol[sizeof(wsi->u.hdr.stash->protocol) - 1] = '\0';
+	wsi->u.hdr.stash->method[sizeof(wsi->u.hdr.stash->method) - 1] = '\0';
+	wsi->u.hdr.stash->iface[sizeof(wsi->u.hdr.stash->iface) - 1] = '\0';
+
+	if (i->pwsi)
+		*i->pwsi = wsi;
+
+	/* if we went on the waiting list, no probs just return the wsi
+	 * when we get the ah, now or later, he will call
+	 * lws_client_connect_via_info2() below.
+	 */
+	if (lws_header_table_attach(wsi, 0) < 0) {
+		/*
+		 * if we failed here, the connection is already closed
+		 * and freed.
+		 */
+		goto bail1;
+	}
+
+	if (i->parent_wsi) {
+		lwsl_info("%s: created child %p of parent %p\n", __func__,
+				wsi, i->parent_wsi);
+		wsi->parent = i->parent_wsi;
+		wsi->sibling_list = i->parent_wsi->child_list;
+		i->parent_wsi->child_list = wsi;
+	}
+#ifdef LWS_WITH_HTTP_PROXY
+	if (i->uri_replace_to)
+		wsi->rw = lws_rewrite_create(wsi, html_parser_cb,
+					     i->uri_replace_from,
+					     i->uri_replace_to);
+#endif
+
+	return wsi;
+
+bail:
+	lws_free(wsi);
+
+bail1:
+	if (i->pwsi)
+		*i->pwsi = NULL;
+
+	return NULL;
+}
+
+struct lws *
+lws_client_connect_via_info2(struct lws *wsi)
+{
+	struct client_info_stash *stash = wsi->u.hdr.stash;
+
+	if (!stash)
+		return wsi;
+
+	/*
+	 * we're not necessarily in a position to action these right away,
+	 * stash them... we only need during connect phase so u.hdr is fine
+	 */
+	if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS,
+				  stash->address))
+		goto bail1;
+
+	/* these only need u.hdr lifetime as well */
+
+	if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_URI, stash->path))
+		goto bail1;
+
+	if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_HOST, stash->host))
+		goto bail1;
+
+	if (stash->origin[0])
+		if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_ORIGIN,
+					  stash->origin))
+			goto bail1;
+	/*
+	 * this is a list of protocols we tell the server we're okay with
+	 * stash it for later when we compare server response with it
+	 */
+	if (stash->protocol[0])
+		if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS,
+					  stash->protocol))
+			goto bail1;
+	if (stash->method[0])
+		if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_METHOD,
+					  stash->method))
+			goto bail1;
+	if (stash->iface[0])
+		if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_IFACE,
+					  stash->iface))
+			goto bail1;
+
+#if defined(LWS_WITH_SOCKS5)
+	if (!wsi->vhost->socks_proxy_port)
+		lws_free_set_NULL(wsi->u.hdr.stash);
+#endif
+
+	/*
+	 * Check with each extension if it is able to route and proxy this
+	 * connection for us.  For example, an extension like x-google-mux
+	 * can handle this and then we don't need an actual socket for this
+	 * connection.
+	 */
+
+	if (lws_ext_cb_all_exts(wsi->context, wsi,
+				LWS_EXT_CB_CAN_PROXY_CLIENT_CONNECTION,
+				(void *)stash->address,
+				wsi->c_port) > 0) {
+		lwsl_client("lws_client_connect: ext handling conn\n");
+
+		lws_set_timeout(wsi,
+			PENDING_TIMEOUT_AWAITING_EXTENSION_CONNECT_RESPONSE,
+			        AWAITING_TIMEOUT);
+
+		wsi->mode = LWSCM_WSCL_WAITING_EXTENSION_CONNECT;
+		return wsi;
+	}
+	lwsl_client("lws_client_connect: direct conn\n");
+	wsi->context->count_wsi_allocated++;
+
+	return lws_client_connect_2(wsi);
+
+bail1:
+#if defined(LWS_WITH_SOCKS5)
+	if (!wsi->vhost->socks_proxy_port)
+		lws_free_set_NULL(wsi->u.hdr.stash);
+#endif
+
+	return NULL;
+}
+
+LWS_VISIBLE struct lws *
+lws_client_connect_extended(struct lws_context *context, const char *address,
+			    int port, int ssl_connection, const char *path,
+			    const char *host, const char *origin,
+			    const char *protocol, int ietf_version_or_minus_one,
+			    void *userdata)
+{
+	struct lws_client_connect_info i;
+
+	memset(&i, 0, sizeof(i));
+
+	i.context = context;
+	i.address = address;
+	i.port = port;
+	i.ssl_connection = ssl_connection;
+	i.path = path;
+	i.host = host;
+	i.origin = origin;
+	i.protocol = protocol;
+	i.ietf_version_or_minus_one = ietf_version_or_minus_one;
+	i.userdata = userdata;
+
+	return lws_client_connect_via_info(&i);
+}
+
+LWS_VISIBLE struct lws *
+lws_client_connect(struct lws_context *context, const char *address,
+			    int port, int ssl_connection, const char *path,
+			    const char *host, const char *origin,
+			    const char *protocol, int ietf_version_or_minus_one)
+{
+	struct lws_client_connect_info i;
+
+	memset(&i, 0, sizeof(i));
+
+	i.context = context;
+	i.address = address;
+	i.port = port;
+	i.ssl_connection = ssl_connection;
+	i.path = path;
+	i.host = host;
+	i.origin = origin;
+	i.protocol = protocol;
+	i.ietf_version_or_minus_one = ietf_version_or_minus_one;
+	i.userdata = NULL;
+
+	return lws_client_connect_via_info(&i);
+}
+
+#if defined(LWS_WITH_SOCKS5)
+void socks_generate_msg(struct lws *wsi, enum socks_msg_type type,
+			ssize_t *msg_len)
+{
+	struct lws_context *context = wsi->context;
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+	ssize_t len = 0, n, passwd_len;
+	short net_num;
+	char *p;
+
+	switch (type) {
+	case SOCKS_MSG_GREETING:
+		/* socks version, version 5 only */
+		pt->serv_buf[len++] = SOCKS_VERSION_5;
+		/* number of methods */
+		pt->serv_buf[len++] = 2;
+		/* username password method */
+		pt->serv_buf[len++] = SOCKS_AUTH_USERNAME_PASSWORD;
+		/* no authentication method */
+		pt->serv_buf[len++] = SOCKS_AUTH_NO_AUTH;
+		break;
+
+	case SOCKS_MSG_USERNAME_PASSWORD:
+		n = strlen(wsi->vhost->socks_user);
+		passwd_len = strlen(wsi->vhost->socks_password);
+
+		/* the subnegotiation version */
+		pt->serv_buf[len++] = SOCKS_SUBNEGOTIATION_VERSION_1;
+		/* length of the user name */
+		pt->serv_buf[len++] = n;
+		/* user name */
+		strncpy((char *)&pt->serv_buf[len], wsi->vhost->socks_user,
+			context->pt_serv_buf_size - len);
+		len += n;
+		/* length of the password */
+		pt->serv_buf[len++] = passwd_len;
+		/* password */
+		strncpy((char *)&pt->serv_buf[len], wsi->vhost->socks_password,
+			context->pt_serv_buf_size - len);
+		len += passwd_len;
+		break;
+
+	case SOCKS_MSG_CONNECT:
+		p = (char*)&net_num;
+
+		/* socks version */
+		pt->serv_buf[len++] = SOCKS_VERSION_5;
+		/* socks command */
+		pt->serv_buf[len++] = SOCKS_COMMAND_CONNECT;
+		/* reserved */
+		pt->serv_buf[len++] = 0;
+		/* address type */
+		pt->serv_buf[len++] = SOCKS_ATYP_DOMAINNAME;
+		/* skip length, we fill it in at the end */
+		n = len++;
+
+		/* the address we tell SOCKS proxy to connect to */
+		strncpy((char *)&(pt->serv_buf[len]), wsi->u.hdr.stash->address,
+			context->pt_serv_buf_size - len);
+		len += strlen(wsi->u.hdr.stash->address);
+		net_num = htons(wsi->c_port);
+
+		/* the port we tell SOCKS proxy to connect to */
+		pt->serv_buf[len++] = p[0];
+		pt->serv_buf[len++] = p[1];
+
+		/* the length of the address, excluding port */
+		pt->serv_buf[n] = strlen(wsi->u.hdr.stash->address);
+		break;
+		
+	default:
+		return;
+	}
+
+	*msg_len = len;
+}
+#endif
diff --git a/thirdparty/lws/client/client-parser.c b/thirdparty/lws/client/client-parser.c
new file mode 100644
index 0000000000..0e42dac362
--- /dev/null
+++ b/thirdparty/lws/client/client-parser.c
@@ -0,0 +1,598 @@
+/*
+ * libwebsockets - small server side websockets and web server implementation
+ *
+ * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com>
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation:
+ *  version 2.1 of the License.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA  02110-1301  USA
+ */
+
+#include "private-libwebsockets.h"
+
+/*
+ * parsers.c: lws_rx_sm() needs to be roughly kept in
+ *   sync with changes here, esp related to ext draining
+ */
+
+int lws_client_rx_sm(struct lws *wsi, unsigned char c)
+{
+	int callback_action = LWS_CALLBACK_CLIENT_RECEIVE;
+	int handled, n, m, rx_draining_ext = 0;
+	unsigned short close_code;
+	struct lws_tokens eff_buf;
+	unsigned char *pp;
+
+	if (wsi->u.ws.rx_draining_ext) {
+		assert(!c);
+		eff_buf.token = NULL;
+		eff_buf.token_len = 0;
+		lws_remove_wsi_from_draining_ext_list(wsi);
+		rx_draining_ext = 1;
+		lwsl_debug("%s: doing draining flow\n", __func__);
+
+		goto drain_extension;
+	}
+
+	if (wsi->socket_is_permanently_unusable)
+		return -1;
+
+	switch (wsi->lws_rx_parse_state) {
+	case LWS_RXPS_NEW:
+		/* control frames (PING) may interrupt checkable sequences */
+		wsi->u.ws.defeat_check_utf8 = 0;
+
+		switch (wsi->ietf_spec_revision) {
+		case 13:
+			wsi->u.ws.opcode = c & 0xf;
+			/* revisit if an extension wants them... */
+			switch (wsi->u.ws.opcode) {
+			case LWSWSOPC_TEXT_FRAME:
+				wsi->u.ws.rsv_first_msg = (c & 0x70);
+				wsi->u.ws.continuation_possible = 1;
+				wsi->u.ws.check_utf8 = lws_check_opt(
+					wsi->context->options,
+					LWS_SERVER_OPTION_VALIDATE_UTF8);
+				wsi->u.ws.utf8 = 0;
+				break;
+			case LWSWSOPC_BINARY_FRAME:
+				wsi->u.ws.rsv_first_msg = (c & 0x70);
+				wsi->u.ws.check_utf8 = 0;
+				wsi->u.ws.continuation_possible = 1;
+				break;
+			case LWSWSOPC_CONTINUATION:
+				if (!wsi->u.ws.continuation_possible) {
+					lwsl_info("disordered continuation\n");
+					return -1;
+				}
+				break;
+			case LWSWSOPC_CLOSE:
+				wsi->u.ws.check_utf8 = 0;
+				wsi->u.ws.utf8 = 0;
+				break;
+			case 3:
+			case 4:
+			case 5:
+			case 6:
+			case 7:
+			case 0xb:
+			case 0xc:
+			case 0xd:
+			case 0xe:
+			case 0xf:
+				lwsl_info("illegal opcode\n");
+				return -1;
+			default:
+				wsi->u.ws.defeat_check_utf8 = 1;
+				break;
+			}
+			wsi->u.ws.rsv = (c & 0x70);
+			/* revisit if an extension wants them... */
+			if (
+#ifndef LWS_NO_EXTENSIONS
+				!wsi->count_act_ext &&
+#endif
+				wsi->u.ws.rsv) {
+				lwsl_info("illegal rsv bits set\n");
+				return -1;
+			}
+			wsi->u.ws.final = !!((c >> 7) & 1);
+			lwsl_ext("%s:    This RX frame Final %d\n", __func__,
+				 wsi->u.ws.final);
+
+			if (wsi->u.ws.owed_a_fin &&
+			    (wsi->u.ws.opcode == LWSWSOPC_TEXT_FRAME ||
+			     wsi->u.ws.opcode == LWSWSOPC_BINARY_FRAME)) {
+				lwsl_info("hey you owed us a FIN\n");
+				return -1;
+			}
+			if ((!(wsi->u.ws.opcode & 8)) && wsi->u.ws.final) {
+				wsi->u.ws.continuation_possible = 0;
+				wsi->u.ws.owed_a_fin = 0;
+			}
+
+			if ((wsi->u.ws.opcode & 8) && !wsi->u.ws.final) {
+				lwsl_info("control msg can't be fragmented\n");
+				return -1;
+			}
+			if (!wsi->u.ws.final)
+				wsi->u.ws.owed_a_fin = 1;
+
+			switch (wsi->u.ws.opcode) {
+			case LWSWSOPC_TEXT_FRAME:
+			case LWSWSOPC_BINARY_FRAME:
+				wsi->u.ws.frame_is_binary = wsi->u.ws.opcode ==
+						 LWSWSOPC_BINARY_FRAME;
+				break;
+			}
+			wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN;
+			break;
+
+		default:
+			lwsl_err("unknown spec version %02d\n",
+				 wsi->ietf_spec_revision);
+			break;
+		}
+		break;
+
+	case LWS_RXPS_04_FRAME_HDR_LEN:
+
+		wsi->u.ws.this_frame_masked = !!(c & 0x80);
+
+		switch (c & 0x7f) {
+		case 126:
+			/* control frames are not allowed to have big lengths */
+			if (wsi->u.ws.opcode & 8)
+				goto illegal_ctl_length;
+			wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_2;
+			break;
+		case 127:
+			/* control frames are not allowed to have big lengths */
+			if (wsi->u.ws.opcode & 8)
+				goto illegal_ctl_length;
+			wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_8;
+			break;
+		default:
+			wsi->u.ws.rx_packet_length = c;
+			if (wsi->u.ws.this_frame_masked)
+				wsi->lws_rx_parse_state =
+						LWS_RXPS_07_COLLECT_FRAME_KEY_1;
+			else {
+				if (c)
+					wsi->lws_rx_parse_state =
+					LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED;
+				else {
+					wsi->lws_rx_parse_state = LWS_RXPS_NEW;
+					goto spill;
+				}
+			}
+			break;
+		}
+		break;
+
+	case LWS_RXPS_04_FRAME_HDR_LEN16_2:
+		wsi->u.ws.rx_packet_length = c << 8;
+		wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_1;
+		break;
+
+	case LWS_RXPS_04_FRAME_HDR_LEN16_1:
+		wsi->u.ws.rx_packet_length |= c;
+		if (wsi->u.ws.this_frame_masked)
+			wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_1;
+		else {
+			if (wsi->u.ws.rx_packet_length)
+				wsi->lws_rx_parse_state =
+					LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED;
+			else {
+				wsi->lws_rx_parse_state = LWS_RXPS_NEW;
+				goto spill;
+			}
+		}
+		break;
+
+	case LWS_RXPS_04_FRAME_HDR_LEN64_8:
+		if (c & 0x80) {
+			lwsl_warn("b63 of length must be zero\n");
+			/* kill the connection */
+			return -1;
+		}
+#if defined __LP64__
+		wsi->u.ws.rx_packet_length = ((size_t)c) << 56;
+#else
+		wsi->u.ws.rx_packet_length = 0;
+#endif
+		wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_7;
+		break;
+
+	case LWS_RXPS_04_FRAME_HDR_LEN64_7:
+#if defined __LP64__
+		wsi->u.ws.rx_packet_length |= ((size_t)c) << 48;
+#endif
+		wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_6;
+		break;
+
+	case LWS_RXPS_04_FRAME_HDR_LEN64_6:
+#if defined __LP64__
+		wsi->u.ws.rx_packet_length |= ((size_t)c) << 40;
+#endif
+		wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_5;
+		break;
+
+	case LWS_RXPS_04_FRAME_HDR_LEN64_5:
+#if defined __LP64__
+		wsi->u.ws.rx_packet_length |= ((size_t)c) << 32;
+#endif
+		wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_4;
+		break;
+
+	case LWS_RXPS_04_FRAME_HDR_LEN64_4:
+		wsi->u.ws.rx_packet_length |= ((size_t)c) << 24;
+		wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_3;
+		break;
+
+	case LWS_RXPS_04_FRAME_HDR_LEN64_3:
+		wsi->u.ws.rx_packet_length |= ((size_t)c) << 16;
+		wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_2;
+		break;
+
+	case LWS_RXPS_04_FRAME_HDR_LEN64_2:
+		wsi->u.ws.rx_packet_length |= ((size_t)c) << 8;
+		wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_1;
+		break;
+
+	case LWS_RXPS_04_FRAME_HDR_LEN64_1:
+		wsi->u.ws.rx_packet_length |= (size_t)c;
+		if (wsi->u.ws.this_frame_masked)
+			wsi->lws_rx_parse_state =
+					LWS_RXPS_07_COLLECT_FRAME_KEY_1;
+		else {
+			if (wsi->u.ws.rx_packet_length)
+				wsi->lws_rx_parse_state =
+					LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED;
+			else {
+				wsi->lws_rx_parse_state = LWS_RXPS_NEW;
+				goto spill;
+			}
+		}
+		break;
+
+	case LWS_RXPS_07_COLLECT_FRAME_KEY_1:
+		wsi->u.ws.mask[0] = c;
+		if (c)
+			wsi->u.ws.all_zero_nonce = 0;
+		wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_2;
+		break;
+
+	case LWS_RXPS_07_COLLECT_FRAME_KEY_2:
+		wsi->u.ws.mask[1] = c;
+		if (c)
+			wsi->u.ws.all_zero_nonce = 0;
+		wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_3;
+		break;
+
+	case LWS_RXPS_07_COLLECT_FRAME_KEY_3:
+		wsi->u.ws.mask[2] = c;
+		if (c)
+			wsi->u.ws.all_zero_nonce = 0;
+		wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_4;
+		break;
+
+	case LWS_RXPS_07_COLLECT_FRAME_KEY_4:
+		wsi->u.ws.mask[3] = c;
+		if (c)
+			wsi->u.ws.all_zero_nonce = 0;
+
+		if (wsi->u.ws.rx_packet_length)
+			wsi->lws_rx_parse_state =
+					LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED;
+		else {
+			wsi->lws_rx_parse_state = LWS_RXPS_NEW;
+			goto spill;
+		}
+		break;
+
+	case LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED:
+
+		assert(wsi->u.ws.rx_ubuf);
+
+		if (wsi->u.ws.rx_draining_ext)
+			goto drain_extension;
+
+		if (wsi->u.ws.this_frame_masked && !wsi->u.ws.all_zero_nonce)
+			c ^= wsi->u.ws.mask[(wsi->u.ws.mask_idx++) & 3];
+
+		wsi->u.ws.rx_ubuf[LWS_PRE + (wsi->u.ws.rx_ubuf_head++)] = c;
+
+		if (--wsi->u.ws.rx_packet_length == 0) {
+			/* spill because we have the whole frame */
+			wsi->lws_rx_parse_state = LWS_RXPS_NEW;
+			goto spill;
+		}
+
+		/*
+		 * if there's no protocol max frame size given, we are
+		 * supposed to default to context->pt_serv_buf_size
+		 */
+		if (!wsi->protocol->rx_buffer_size &&
+		    wsi->u.ws.rx_ubuf_head != wsi->context->pt_serv_buf_size)
+			break;
+
+		if (wsi->protocol->rx_buffer_size &&
+		    wsi->u.ws.rx_ubuf_head != wsi->protocol->rx_buffer_size)
+			break;
+
+		/* spill because we filled our rx buffer */
+spill:
+
+		handled = 0;
+
+		/*
+		 * is this frame a control packet we should take care of at this
+		 * layer?  If so service it and hide it from the user callback
+		 */
+
+		switch (wsi->u.ws.opcode) {
+		case LWSWSOPC_CLOSE:
+			pp = (unsigned char *)&wsi->u.ws.rx_ubuf[LWS_PRE];
+			if (lws_check_opt(wsi->context->options,
+					  LWS_SERVER_OPTION_VALIDATE_UTF8) &&
+			    wsi->u.ws.rx_ubuf_head > 2 &&
+			    lws_check_utf8(&wsi->u.ws.utf8, pp + 2,
+					   wsi->u.ws.rx_ubuf_head - 2))
+				goto utf8_fail;
+
+			/* is this an acknowledgement of our close? */
+			if (wsi->state == LWSS_AWAITING_CLOSE_ACK) {
+				/*
+				 * fine he has told us he is closing too, let's
+				 * finish our close
+				 */
+				lwsl_parser("seen server's close ack\n");
+				return -1;
+			}
+
+			lwsl_parser("client sees server close len = %d\n",
+						 wsi->u.ws.rx_ubuf_head);
+			if (wsi->u.ws.rx_ubuf_head >= 2) {
+				close_code = (pp[0] << 8) | pp[1];
+				if (close_code < 1000 ||
+				    close_code == 1004 ||
+				    close_code == 1005 ||
+				    close_code == 1006 ||
+				    close_code == 1012 ||
+				    close_code == 1013 ||
+				    close_code == 1014 ||
+				    close_code == 1015 ||
+				    (close_code >= 1016 && close_code < 3000)
+				) {
+					pp[0] = (LWS_CLOSE_STATUS_PROTOCOL_ERR >> 8) & 0xff;
+					pp[1] = LWS_CLOSE_STATUS_PROTOCOL_ERR & 0xff;
+				}
+			}
+			if (user_callback_handle_rxflow(
+					wsi->protocol->callback, wsi,
+					LWS_CALLBACK_WS_PEER_INITIATED_CLOSE,
+					wsi->user_space, pp,
+					wsi->u.ws.rx_ubuf_head))
+				return -1;
+
+			if (lws_partial_buffered(wsi))
+				/*
+				 * if we're in the middle of something,
+				 * we can't do a normal close response and
+				 * have to just close our end.
+				 */
+				wsi->socket_is_permanently_unusable = 1;
+			else
+				/*
+				 * parrot the close packet payload back
+				 * we do not care about how it went, we are closing
+				 * immediately afterwards
+				 */
+				lws_write(wsi, (unsigned char *)
+					  &wsi->u.ws.rx_ubuf[LWS_PRE],
+					  wsi->u.ws.rx_ubuf_head,
+					  LWS_WRITE_CLOSE);
+			wsi->state = LWSS_RETURNED_CLOSE_ALREADY;
+			/* close the connection */
+			return -1;
+
+		case LWSWSOPC_PING:
+			lwsl_info("received %d byte ping, sending pong\n",
+				  wsi->u.ws.rx_ubuf_head);
+
+			/* he set a close reason on this guy, ignore PING */
+			if (wsi->u.ws.close_in_ping_buffer_len)
+				goto ping_drop;
+
+			if (wsi->u.ws.ping_pending_flag) {
+				/*
+				 * there is already a pending ping payload
+				 * we should just log and drop
+				 */
+				lwsl_parser("DROP PING since one pending\n");
+				goto ping_drop;
+			}
+
+			/* control packets can only be < 128 bytes long */
+			if (wsi->u.ws.rx_ubuf_head > 128 - 3) {
+				lwsl_parser("DROP PING payload too large\n");
+				goto ping_drop;
+			}
+
+			/* stash the pong payload */
+			memcpy(wsi->u.ws.ping_payload_buf + LWS_PRE,
+			       &wsi->u.ws.rx_ubuf[LWS_PRE],
+				wsi->u.ws.rx_ubuf_head);
+
+			wsi->u.ws.ping_payload_len = wsi->u.ws.rx_ubuf_head;
+			wsi->u.ws.ping_pending_flag = 1;
+
+			/* get it sent as soon as possible */
+			lws_callback_on_writable(wsi);
+ping_drop:
+			wsi->u.ws.rx_ubuf_head = 0;
+			handled = 1;
+			break;
+
+		case LWSWSOPC_PONG:
+			lwsl_info("client receied pong\n");
+			lwsl_hexdump(&wsi->u.ws.rx_ubuf[LWS_PRE],
+				     wsi->u.ws.rx_ubuf_head);
+
+			if (wsi->pending_timeout ==
+				       PENDING_TIMEOUT_WS_PONG_CHECK_GET_PONG) {
+				lwsl_info("%p: received expected PONG\n", wsi);
+				lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0);
+			}
+
+			/* issue it */
+			callback_action = LWS_CALLBACK_CLIENT_RECEIVE_PONG;
+			break;
+
+		case LWSWSOPC_CONTINUATION:
+		case LWSWSOPC_TEXT_FRAME:
+		case LWSWSOPC_BINARY_FRAME:
+			break;
+
+		default:
+
+			lwsl_parser("Reserved opc 0x%2X\n", wsi->u.ws.opcode);
+
+			/*
+			 * It's something special we can't understand here.
+			 * Pass the payload up to the extension's parsing
+			 * state machine.
+			 */
+
+			eff_buf.token = &wsi->u.ws.rx_ubuf[LWS_PRE];
+			eff_buf.token_len = wsi->u.ws.rx_ubuf_head;
+
+			if (lws_ext_cb_active(wsi,
+				LWS_EXT_CB_EXTENDED_PAYLOAD_RX,
+					&eff_buf, 0) <= 0) {
+				/* not handled or failed */
+				lwsl_ext("Unhandled ext opc 0x%x\n",
+					 wsi->u.ws.opcode);
+				wsi->u.ws.rx_ubuf_head = 0;
+
+				return 0;
+			}
+			handled = 1;
+			break;
+		}
+
+		/*
+		 * No it's real payload, pass it up to the user callback.
+		 * It's nicely buffered with the pre-padding taken care of
+		 * so it can be sent straight out again using lws_write
+		 */
+		if (handled)
+			goto already_done;
+
+		eff_buf.token = &wsi->u.ws.rx_ubuf[LWS_PRE];
+		eff_buf.token_len = wsi->u.ws.rx_ubuf_head;
+
+		if (wsi->u.ws.opcode == LWSWSOPC_PONG && !eff_buf.token_len)
+			goto already_done;
+
+drain_extension:
+		lwsl_ext("%s: passing %d to ext\n", __func__, eff_buf.token_len);
+
+		n = lws_ext_cb_active(wsi, LWS_EXT_CB_PAYLOAD_RX, &eff_buf, 0);
+		lwsl_ext("Ext RX returned %d\n", n);
+		if (n < 0) {
+			wsi->socket_is_permanently_unusable = 1;
+			return -1;
+		}
+
+		lwsl_ext("post inflate eff_buf len %d\n", eff_buf.token_len);
+
+		if (rx_draining_ext && !eff_buf.token_len) {
+			lwsl_debug("   --- ending drain on 0 read result\n");
+			goto already_done;
+		}
+
+		if (wsi->u.ws.check_utf8 && !wsi->u.ws.defeat_check_utf8) {
+			if (lws_check_utf8(&wsi->u.ws.utf8,
+					   (unsigned char *)eff_buf.token,
+					   eff_buf.token_len))
+				goto utf8_fail;
+
+			/* we are ending partway through utf-8 character? */
+			if (!wsi->u.ws.rx_packet_length && wsi->u.ws.final &&
+			    wsi->u.ws.utf8 && !n) {
+				lwsl_info("FINAL utf8 error\n");
+utf8_fail:
+				lwsl_info("utf8 error\n");
+				return -1;
+			}
+		}
+
+		if (eff_buf.token_len < 0 &&
+		    callback_action != LWS_CALLBACK_CLIENT_RECEIVE_PONG)
+			goto already_done;
+
+		if (!eff_buf.token)
+			goto already_done;
+
+		eff_buf.token[eff_buf.token_len] = '\0';
+
+		if (!wsi->protocol->callback)
+			goto already_done;
+
+		if (callback_action == LWS_CALLBACK_CLIENT_RECEIVE_PONG)
+			lwsl_info("Client doing pong callback\n");
+
+		if (n && eff_buf.token_len)
+			/* extension had more... main loop will come back
+			 * we want callback to be done with this set, if so,
+			 * because lws_is_final() hides it was final until the
+			 * last chunk
+			 */
+			lws_add_wsi_to_draining_ext_list(wsi);
+		else
+			lws_remove_wsi_from_draining_ext_list(wsi);
+
+		if (wsi->state == LWSS_RETURNED_CLOSE_ALREADY ||
+		    wsi->state == LWSS_WAITING_TO_SEND_CLOSE_NOTIFICATION ||
+		    wsi->state == LWSS_AWAITING_CLOSE_ACK)
+			goto already_done;
+
+		m = wsi->protocol->callback(wsi,
+			(enum lws_callback_reasons)callback_action,
+			wsi->user_space, eff_buf.token, eff_buf.token_len);
+
+		/* if user code wants to close, let caller know */
+		if (m)
+			return 1;
+
+already_done:
+		wsi->u.ws.rx_ubuf_head = 0;
+		break;
+	default:
+		lwsl_err("client rx illegal state\n");
+		return 1;
+	}
+
+	return 0;
+
+illegal_ctl_length:
+	lwsl_warn("Control frame asking for extended length is illegal\n");
+
+	/* kill the connection */
+	return -1;
+}
+
+
diff --git a/thirdparty/lws/client/client.c b/thirdparty/lws/client/client.c
new file mode 100644
index 0000000000..20450aa923
--- /dev/null
+++ b/thirdparty/lws/client/client.c
@@ -0,0 +1,1296 @@
+/*
+ * libwebsockets - small server side websockets and web server implementation
+ *
+ * Copyright (C) 2010-2014 Andy Green <andy@warmcat.com>
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation:
+ *  version 2.1 of the License.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA  02110-1301  USA
+ */
+
+#include "private-libwebsockets.h"
+
+int
+lws_handshake_client(struct lws *wsi, unsigned char **buf, size_t len)
+{
+	int m;
+
+	switch (wsi->mode) {
+	case LWSCM_WSCL_WAITING_PROXY_REPLY:
+	case LWSCM_WSCL_ISSUE_HANDSHAKE:
+	case LWSCM_WSCL_WAITING_SERVER_REPLY:
+	case LWSCM_WSCL_WAITING_EXTENSION_CONNECT:
+	case LWSCM_WS_CLIENT:
+		while (len) {
+			/*
+			 * we were accepting input but now we stopped doing so
+			 */
+			if (lws_is_flowcontrolled(wsi)) {
+				lwsl_debug("%s: caching %ld\n", __func__, (long)len);
+				lws_rxflow_cache(wsi, *buf, 0, len);
+				return 0;
+			}
+			if (wsi->u.ws.rx_draining_ext) {
+#if !defined(LWS_NO_CLIENT)
+				if (wsi->mode == LWSCM_WS_CLIENT)
+					m = lws_client_rx_sm(wsi, 0);
+				else
+#endif
+					m = lws_rx_sm(wsi, 0);
+				if (m < 0)
+					return -1;
+				continue;
+			}
+			/* account for what we're using in rxflow buffer */
+			if (wsi->rxflow_buffer)
+				wsi->rxflow_pos++;
+
+			if (lws_client_rx_sm(wsi, *(*buf)++)) {
+				lwsl_debug("client_rx_sm exited\n");
+				return -1;
+			}
+			len--;
+		}
+		lwsl_debug("%s: finished with %ld\n", __func__, (long)len);
+		return 0;
+	default:
+		break;
+	}
+
+	return 0;
+}
+
+LWS_VISIBLE LWS_EXTERN void
+lws_client_http_body_pending(struct lws *wsi, int something_left_to_send)
+{
+	wsi->client_http_body_pending = !!something_left_to_send;
+}
+
+int
+lws_client_socket_service(struct lws_context *context, struct lws *wsi,
+			  struct lws_pollfd *pollfd)
+{
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+	char *p = (char *)&pt->serv_buf[0];
+	const char *cce = NULL;
+	unsigned char c;
+	char *sb = p;
+	int n = 0;
+	ssize_t len = 0;
+#if defined(LWS_WITH_SOCKS5)
+	char conn_mode = 0, pending_timeout = 0;
+#endif
+
+	switch (wsi->mode) {
+
+	case LWSCM_WSCL_WAITING_CONNECT:
+
+		/*
+		 * we are under PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE
+		 * timeout protection set in client-handshake.c
+		 */
+
+		if (!lws_client_connect_2(wsi)) {
+			/* closed */
+			lwsl_client("closed\n");
+			return -1;
+		}
+
+		/* either still pending connection, or changed mode */
+		return 0;
+
+#if defined(LWS_WITH_SOCKS5)
+	/* SOCKS Greeting Reply */
+	case LWSCM_WSCL_WAITING_SOCKS_GREETING_REPLY:
+	case LWSCM_WSCL_WAITING_SOCKS_AUTH_REPLY:
+	case LWSCM_WSCL_WAITING_SOCKS_CONNECT_REPLY:
+
+		/* handle proxy hung up on us */
+
+		if (pollfd->revents & LWS_POLLHUP) {
+			lwsl_warn("SOCKS connection %p (fd=%d) dead\n",
+				  (void *)wsi, pollfd->fd);
+			goto bail3;
+		}
+
+		n = recv(wsi->desc.sockfd, sb, context->pt_serv_buf_size, 0);
+		if (n < 0) {
+			if (LWS_ERRNO == LWS_EAGAIN) {
+				lwsl_debug("SOCKS read EAGAIN, retrying\n");
+				return 0;
+			}
+			lwsl_err("ERROR reading from SOCKS socket\n");
+			goto bail3;
+		}
+
+		switch (wsi->mode) {
+
+		case LWSCM_WSCL_WAITING_SOCKS_GREETING_REPLY:
+			if (pt->serv_buf[0] != SOCKS_VERSION_5)
+				goto socks_reply_fail;
+
+			if (pt->serv_buf[1] == SOCKS_AUTH_NO_AUTH) {
+				lwsl_client("SOCKS greeting reply: No Auth Method\n");
+				socks_generate_msg(wsi, SOCKS_MSG_CONNECT, &len);
+				conn_mode = LWSCM_WSCL_WAITING_SOCKS_CONNECT_REPLY;
+				pending_timeout = PENDING_TIMEOUT_AWAITING_SOCKS_CONNECT_REPLY;
+				goto socks_send;
+			}
+
+			if (pt->serv_buf[1] == SOCKS_AUTH_USERNAME_PASSWORD) {
+				lwsl_client("SOCKS greeting reply: User/Pw Method\n");
+				socks_generate_msg(wsi, SOCKS_MSG_USERNAME_PASSWORD, &len);
+				conn_mode = LWSCM_WSCL_WAITING_SOCKS_AUTH_REPLY;
+				pending_timeout = PENDING_TIMEOUT_AWAITING_SOCKS_AUTH_REPLY;
+				goto socks_send;
+			}
+			goto socks_reply_fail;
+
+		case LWSCM_WSCL_WAITING_SOCKS_AUTH_REPLY:
+			if (pt->serv_buf[0] != SOCKS_SUBNEGOTIATION_VERSION_1 ||
+			    pt->serv_buf[1] != SOCKS_SUBNEGOTIATION_STATUS_SUCCESS)
+				goto socks_reply_fail;
+
+			lwsl_client("SOCKS password OK, sending connect\n");
+			socks_generate_msg(wsi, SOCKS_MSG_CONNECT, &len);
+			conn_mode = LWSCM_WSCL_WAITING_SOCKS_CONNECT_REPLY;
+			pending_timeout = PENDING_TIMEOUT_AWAITING_SOCKS_CONNECT_REPLY;
+socks_send:
+			n = send(wsi->desc.sockfd, (char *)pt->serv_buf, len,
+				 MSG_NOSIGNAL);
+			if (n < 0) {
+				lwsl_debug("ERROR writing to socks proxy\n");
+				goto bail3;
+			}
+
+			lws_set_timeout(wsi, pending_timeout, AWAITING_TIMEOUT);
+			wsi->mode = conn_mode;
+			break;
+
+socks_reply_fail:
+			lwsl_notice("socks reply: v%d, err %d\n",
+				    pt->serv_buf[0], pt->serv_buf[1]);
+			goto bail3;
+
+		case LWSCM_WSCL_WAITING_SOCKS_CONNECT_REPLY:
+			if (pt->serv_buf[0] != SOCKS_VERSION_5 ||
+			    pt->serv_buf[1] != SOCKS_REQUEST_REPLY_SUCCESS)
+				goto socks_reply_fail;
+
+			lwsl_client("socks connect OK\n");
+
+			/* free stash since we are done with it */
+			lws_free_set_NULL(wsi->u.hdr.stash);
+			if (lws_hdr_simple_create(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS,
+						  wsi->vhost->socks_proxy_address))
+				goto bail3;
+
+			wsi->c_port = wsi->vhost->socks_proxy_port;
+
+			/* clear his proxy connection timeout */
+			lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0);
+			goto start_ws_handshake;
+		}
+		break;
+#endif
+
+	case LWSCM_WSCL_WAITING_PROXY_REPLY:
+
+		/* handle proxy hung up on us */
+
+		if (pollfd->revents & LWS_POLLHUP) {
+
+			lwsl_warn("Proxy connection %p (fd=%d) dead\n",
+				  (void *)wsi, pollfd->fd);
+
+			goto bail3;
+		}
+
+		n = recv(wsi->desc.sockfd, sb, context->pt_serv_buf_size, 0);
+		if (n < 0) {
+			if (LWS_ERRNO == LWS_EAGAIN) {
+				lwsl_debug("Proxy read returned EAGAIN... retrying\n");
+				return 0;
+			}
+			lwsl_err("ERROR reading from proxy socket\n");
+			goto bail3;
+		}
+
+		pt->serv_buf[13] = '\0';
+		if (strcmp(sb, "HTTP/1.0 200 ") &&
+		    strcmp(sb, "HTTP/1.1 200 ")) {
+			lwsl_err("ERROR proxy: %s\n", sb);
+			goto bail3;
+		}
+
+		/* clear his proxy connection timeout */
+
+		lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0);
+
+		/* fallthru */
+
+	case LWSCM_WSCL_ISSUE_HANDSHAKE:
+
+		/*
+		 * we are under PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE
+		 * timeout protection set in client-handshake.c
+		 *
+		 * take care of our lws_callback_on_writable
+		 * happening at a time when there's no real connection yet
+		 */
+#if defined(LWS_WITH_SOCKS5)
+start_ws_handshake:
+#endif
+		if (lws_change_pollfd(wsi, LWS_POLLOUT, 0))
+			return -1;
+
+#ifdef LWS_OPENSSL_SUPPORT
+		/* we can retry this... just cook the SSL BIO the first time */
+
+		if (wsi->use_ssl && !wsi->ssl) {
+			if (lws_ssl_client_bio_create(wsi))
+				return -1;
+		}
+
+		if (wsi->use_ssl) {
+			n = lws_ssl_client_connect1(wsi);
+			if (!n)
+				return 0;
+			if (n < 0) {
+				cce = "lws_ssl_client_connect1 failed";
+				goto bail3;
+			}
+		} else
+			wsi->ssl = NULL;
+
+		/* fallthru */
+
+	case LWSCM_WSCL_WAITING_SSL:
+
+		if (wsi->use_ssl) {
+			n = lws_ssl_client_connect2(wsi);
+			if (!n)
+				return 0;
+			if (n < 0) {
+				cce = "lws_ssl_client_connect2 failed";
+				goto bail3;
+			}
+		} else
+			wsi->ssl = NULL;
+#endif
+
+		wsi->mode = LWSCM_WSCL_ISSUE_HANDSHAKE2;
+		lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_CLIENT_HS_SEND,
+				context->timeout_secs);
+
+		/* fallthru */
+
+	case LWSCM_WSCL_ISSUE_HANDSHAKE2:
+		p = lws_generate_client_handshake(wsi, p);
+		if (p == NULL) {
+			if (wsi->mode == LWSCM_RAW)
+				return 0;
+
+			lwsl_err("Failed to generate handshake for client\n");
+			lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS);
+			return 0;
+		}
+
+		/* send our request to the server */
+		lws_latency_pre(context, wsi);
+
+		n = lws_ssl_capable_write(wsi, (unsigned char *)sb, p - sb);
+		lws_latency(context, wsi, "send lws_issue_raw", n,
+			    n == p - sb);
+		switch (n) {
+		case LWS_SSL_CAPABLE_ERROR:
+			lwsl_debug("ERROR writing to client socket\n");
+			lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS);
+			return 0;
+		case LWS_SSL_CAPABLE_MORE_SERVICE:
+			lws_callback_on_writable(wsi);
+			break;
+		}
+
+		if (wsi->client_http_body_pending) {
+			wsi->mode = LWSCM_WSCL_ISSUE_HTTP_BODY;
+			lws_set_timeout(wsi, PENDING_TIMEOUT_CLIENT_ISSUE_PAYLOAD,
+					context->timeout_secs);
+			/* user code must ask for writable callback */
+			break;
+		}
+
+		goto client_http_body_sent;
+
+	case LWSCM_WSCL_ISSUE_HTTP_BODY:
+		if (wsi->client_http_body_pending) {
+			lws_set_timeout(wsi, PENDING_TIMEOUT_CLIENT_ISSUE_PAYLOAD,
+					context->timeout_secs);
+			/* user code must ask for writable callback */
+			break;
+		}
+client_http_body_sent:
+		wsi->u.hdr.parser_state = WSI_TOKEN_NAME_PART;
+		wsi->u.hdr.lextable_pos = 0;
+		wsi->mode = LWSCM_WSCL_WAITING_SERVER_REPLY;
+		lws_set_timeout(wsi, PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE,
+				context->timeout_secs);
+		break;
+
+	case LWSCM_WSCL_WAITING_SERVER_REPLY:
+		/*
+		 * handle server hanging up on us...
+		 * but if there is POLLIN waiting, handle that first
+		 */
+		if ((pollfd->revents & (LWS_POLLIN | LWS_POLLHUP)) ==
+								LWS_POLLHUP) {
+
+			lwsl_debug("Server connection %p (fd=%d) dead\n",
+				(void *)wsi, pollfd->fd);
+			cce = "Peer hung up";
+			goto bail3;
+		}
+
+		if (!(pollfd->revents & LWS_POLLIN))
+			break;
+
+		/* interpret the server response
+		 *
+		 *  HTTP/1.1 101 Switching Protocols
+		 *  Upgrade: websocket
+		 *  Connection: Upgrade
+		 *  Sec-WebSocket-Accept: me89jWimTRKTWwrS3aRrL53YZSo=
+		 *  Sec-WebSocket-Nonce: AQIDBAUGBwgJCgsMDQ4PEC==
+		 *  Sec-WebSocket-Protocol: chat
+		 *
+		 * we have to take some care here to only take from the
+		 * socket bytewise.  The browser may (and has been seen to
+		 * in the case that onopen() performs websocket traffic)
+		 * coalesce both handshake response and websocket traffic
+		 * in one packet, since at that point the connection is
+		 * definitively ready from browser pov.
+		 */
+		len = 1;
+		while (wsi->u.hdr.parser_state != WSI_PARSING_COMPLETE &&
+		       len > 0) {
+			n = lws_ssl_capable_read(wsi, &c, 1);
+			lws_latency(context, wsi, "send lws_issue_raw", n,
+				    n == 1);
+			switch (n) {
+			case 0:
+			case LWS_SSL_CAPABLE_ERROR:
+				cce = "read failed";
+				goto bail3;
+			case LWS_SSL_CAPABLE_MORE_SERVICE:
+				return 0;
+			}
+
+			if (lws_parse(wsi, c)) {
+				lwsl_warn("problems parsing header\n");
+				goto bail3;
+			}
+		}
+
+		/*
+		 * hs may also be coming in multiple packets, there is a 5-sec
+		 * libwebsocket timeout still active here too, so if parsing did
+		 * not complete just wait for next packet coming in this state
+		 */
+		if (wsi->u.hdr.parser_state != WSI_PARSING_COMPLETE)
+			break;
+
+		/*
+		 * otherwise deal with the handshake.  If there's any
+		 * packet traffic already arrived we'll trigger poll() again
+		 * right away and deal with it that way
+		 */
+		return lws_client_interpret_server_handshake(wsi);
+
+bail3:
+		lwsl_info("closing conn at LWS_CONNMODE...SERVER_REPLY\n");
+		if (cce)
+			lwsl_info("reason: %s\n", cce);
+		wsi->protocol->callback(wsi,
+			LWS_CALLBACK_CLIENT_CONNECTION_ERROR,
+			wsi->user_space, (void *)cce, cce ? strlen(cce) : 0);
+		wsi->already_did_cce = 1;
+		lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS);
+		return -1;
+
+	case LWSCM_WSCL_WAITING_EXTENSION_CONNECT:
+		lwsl_ext("LWSCM_WSCL_WAITING_EXTENSION_CONNECT\n");
+		break;
+
+	case LWSCM_WSCL_PENDING_CANDIDATE_CHILD:
+		lwsl_ext("LWSCM_WSCL_PENDING_CANDIDATE_CHILD\n");
+		break;
+	default:
+		break;
+	}
+
+	return 0;
+}
+
+/*
+ * In-place str to lower case
+ */
+
+static void
+strtolower(char *s)
+{
+	while (*s) {
+#ifdef LWS_PLAT_OPTEE
+		int tolower_optee(int c);
+		*s = tolower_optee((int)*s);
+#else
+		*s = tolower((int)*s);
+#endif
+		s++;
+	}
+}
+
+int LWS_WARN_UNUSED_RESULT
+lws_http_transaction_completed_client(struct lws *wsi)
+{
+	lwsl_debug("%s: wsi %p\n", __func__, wsi);
+	/* if we can't go back to accept new headers, drop the connection */
+	if (wsi->u.http.connection_type != HTTP_CONNECTION_KEEP_ALIVE) {
+		lwsl_info("%s: %p: close connection\n", __func__, wsi);
+		return 1;
+	}
+
+	/* we don't support chained client connections yet */
+	return 1;
+#if 0
+	/* otherwise set ourselves up ready to go again */
+	wsi->state = LWSS_CLIENT_HTTP_ESTABLISHED;
+	wsi->mode = LWSCM_HTTP_CLIENT_ACCEPTED;
+	wsi->u.http.rx_content_length = 0;
+	wsi->hdr_parsing_completed = 0;
+
+	/* He asked for it to stay alive indefinitely */
+	lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0);
+
+	/*
+	 * As client, nothing new is going to come until we ask for it
+	 * we can drop the ah, if any
+	 */
+	if (wsi->u.hdr.ah) {
+		lws_header_table_force_to_detachable_state(wsi);
+		lws_header_table_detach(wsi, 0);
+	}
+
+	/* If we're (re)starting on headers, need other implied init */
+	wsi->u.hdr.ues = URIES_IDLE;
+
+	lwsl_info("%s: %p: keep-alive await new transaction\n", __func__, wsi);
+
+	return 0;
+#endif
+}
+
+LWS_VISIBLE LWS_EXTERN unsigned int
+lws_http_client_http_response(struct lws *wsi)
+{
+	if (!wsi->u.http.ah)
+		return 0;
+
+	return wsi->u.http.ah->http_response;
+}
+
+int
+lws_client_interpret_server_handshake(struct lws *wsi)
+{
+	int n, len, okay = 0, port = 0, ssl = 0;
+	int close_reason = LWS_CLOSE_STATUS_PROTOCOL_ERR;
+	struct lws_context *context = wsi->context;
+	const char *pc, *prot, *ads = NULL, *path, *cce = NULL;
+	struct allocated_headers *ah = NULL;
+	char *p, *q;
+	char new_path[300];
+#ifndef LWS_NO_EXTENSIONS
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+	char *sb = (char *)&pt->serv_buf[0];
+	const struct lws_ext_options *opts;
+	const struct lws_extension *ext;
+	char ext_name[128];
+	const char *c, *a;
+	char ignore;
+	int more = 1;
+	void *v;
+#endif
+	if (wsi->u.hdr.stash)
+		lws_free_set_NULL(wsi->u.hdr.stash);
+
+	ah = wsi->u.hdr.ah;
+	if (!wsi->do_ws) {
+		/* we are being an http client...
+		 */
+		lws_union_transition(wsi, LWSCM_HTTP_CLIENT_ACCEPTED);
+		wsi->state = LWSS_CLIENT_HTTP_ESTABLISHED;
+		wsi->u.http.ah = ah;
+		ah->http_response = 0;
+	}
+
+	/*
+	 * well, what the server sent looked reasonable for syntax.
+	 * Now let's confirm it sent all the necessary headers
+	 *
+	 * http (non-ws) client will expect something like this
+	 *
+	 * HTTP/1.0.200
+	 * server:.libwebsockets
+	 * content-type:.text/html
+	 * content-length:.17703
+	 * set-cookie:.test=LWS_1456736240_336776_COOKIE;Max-Age=360000
+	 *
+	 *
+	 *
+	 */
+
+	wsi->u.http.connection_type = HTTP_CONNECTION_KEEP_ALIVE;
+	p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP);
+	if (wsi->do_ws && !p) {
+		lwsl_info("no URI\n");
+		cce = "HS: URI missing";
+		goto bail3;
+	}
+	if (!p) {
+		p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP1_0);
+		wsi->u.http.connection_type = HTTP_CONNECTION_CLOSE;
+	}
+	if (!p) {
+		cce = "HS: URI missing";
+		lwsl_info("no URI\n");
+		goto bail3;
+	}
+	n = atoi(p);
+	if (ah)
+		ah->http_response = n;
+
+	if (n == 301 || n == 302 || n == 303 || n == 307 || n == 308) {
+		p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_LOCATION);
+		if (!p) {
+			cce = "HS: Redirect code but no Location";
+			goto bail3;
+		}
+
+		/* Relative reference absolute path */
+		if (p[0] == '/')
+		{
+#ifdef LWS_OPENSSL_SUPPORT
+			ssl = wsi->use_ssl;
+#endif
+			ads = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS);
+			port = wsi->c_port;
+			path = p + 1; /* +1 as lws_client_reset expects leading / to be omitted */
+		}
+		/* Absolute (Full) URI */
+		else if (strchr(p, ':'))
+		{
+			if (lws_parse_uri(p, &prot, &ads, &port, &path)) {
+				cce = "HS: URI did not parse";
+				goto bail3;
+			}
+
+			if (!strcmp(prot, "wss") || !strcmp(prot, "https"))
+				ssl = 1;
+		}
+		/* Relative reference relative path */
+		else
+		{
+			/* This doesn't try to calculate an absolute path, that will be left to the server */
+#ifdef LWS_OPENSSL_SUPPORT
+			ssl = wsi->use_ssl;
+#endif
+			ads = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_PEER_ADDRESS);
+			port = wsi->c_port;
+			path = new_path + 1; /* +1 as lws_client_reset expects leading / to be omitted */
+			strncpy(new_path, lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_URI), sizeof(new_path));
+			new_path[sizeof(new_path) - 1] = '\0';
+			q = strrchr(new_path, '/');
+			if (q)
+			{
+				strncpy(q + 1, p, sizeof(new_path) - (q - new_path) - 1);
+				new_path[sizeof(new_path) - 1] = '\0';
+			}
+			else
+			{
+				path = p;
+			}
+		}
+
+#ifdef LWS_OPENSSL_SUPPORT
+		if (wsi->use_ssl && !ssl) {
+			cce = "HS: Redirect attempted SSL downgrade";
+			goto bail3;
+		}
+#endif
+
+		if (!lws_client_reset(&wsi, ssl, ads, port, path, ads)) {
+			/* there are two ways to fail out with NULL return...
+			 * simple, early problem where the wsi is intact, or
+			 * we went through with the reconnect attempt and the
+			 * wsi is already closed.  In the latter case, the wsi
+			 * has beet set to NULL additionally.
+			 */
+			lwsl_err("Redirect failed\n");
+			cce = "HS: Redirect failed";
+			if (wsi)
+				goto bail3;
+
+			return 1;
+		}
+		return 0;
+	}
+
+	if (!wsi->do_ws) {
+
+#ifdef LWS_WITH_HTTP_PROXY
+		wsi->perform_rewrite = 0;
+		if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE)) {
+			if (!strncmp(lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE),
+				     "text/html", 9))
+				wsi->perform_rewrite = 1;
+		}
+#endif
+
+		/* allocate the per-connection user memory (if any) */
+		if (lws_ensure_user_space(wsi)) {
+			lwsl_err("Problem allocating wsi user mem\n");
+			cce = "HS: OOM";
+			goto bail2;
+		}
+
+		/* he may choose to send us stuff in chunked transfer-coding */
+		wsi->chunked = 0;
+		wsi->chunk_remaining = 0; /* ie, next thing is chunk size */
+		if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_TRANSFER_ENCODING)) {
+			wsi->chunked = !strcmp(lws_hdr_simple_ptr(wsi,
+					       WSI_TOKEN_HTTP_TRANSFER_ENCODING),
+					"chunked");
+			/* first thing is hex, after payload there is crlf */
+			wsi->chunk_parser = ELCP_HEX;
+		}
+
+		if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH)) {
+			wsi->u.http.rx_content_length =
+					atoll(lws_hdr_simple_ptr(wsi,
+						WSI_TOKEN_HTTP_CONTENT_LENGTH));
+			lwsl_notice("%s: incoming content length %llu\n", __func__,
+					(unsigned long long)wsi->u.http.rx_content_length);
+			wsi->u.http.rx_content_remain = wsi->u.http.rx_content_length;
+		} else /* can't do 1.1 without a content length or chunked */
+			if (!wsi->chunked)
+				wsi->u.http.connection_type = HTTP_CONNECTION_CLOSE;
+
+		/*
+		 * we seem to be good to go, give client last chance to check
+		 * headers and OK it
+		 */
+		if (wsi->protocol->callback(wsi, LWS_CALLBACK_CLIENT_FILTER_PRE_ESTABLISH,
+					    wsi->user_space, NULL, 0)) {
+
+			cce = "HS: disallowed by client filter";
+			goto bail2;
+		}
+
+		/* clear his proxy connection timeout */
+		lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0);
+
+		wsi->rxflow_change_to = LWS_RXFLOW_ALLOW;
+
+		/* call him back to inform him he is up */
+		if (wsi->protocol->callback(wsi,
+					    LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP,
+					    wsi->user_space, NULL, 0)) {
+			cce = "HS: disallowed at ESTABLISHED";
+			goto bail3;
+		}
+
+		/* free up his parsing allocations */
+		lws_header_table_detach(wsi, 0);
+
+		lwsl_notice("%s: client connection up\n", __func__);
+
+		return 0;
+	}
+
+	if (lws_hdr_total_length(wsi, WSI_TOKEN_ACCEPT) == 0) {
+		lwsl_info("no ACCEPT\n");
+		cce = "HS: ACCEPT missing";
+		goto bail3;
+	}
+
+	if (p && strncmp(p, "101", 3)) {
+		lwsl_warn(
+		       "lws_client_handshake: got bad HTTP response '%s'\n", p);
+		cce = "HS: ws upgrade response not 101";
+		goto bail3;
+	}
+
+	p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_UPGRADE);
+	if (!p) {
+		lwsl_info("no UPGRADE\n");
+		cce = "HS: UPGRADE missing";
+		goto bail3;
+	}
+	strtolower(p);
+	if (strcmp(p, "websocket")) {
+		lwsl_warn(
+		      "lws_client_handshake: got bad Upgrade header '%s'\n", p);
+		cce = "HS: Upgrade to something other than websocket";
+		goto bail3;
+	}
+
+	p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_CONNECTION);
+	if (!p) {
+		lwsl_info("no Connection hdr\n");
+		cce = "HS: CONNECTION missing";
+		goto bail3;
+	}
+	strtolower(p);
+	if (strcmp(p, "upgrade")) {
+		lwsl_warn("lws_client_int_s_hs: bad header %s\n", p);
+		cce = "HS: UPGRADE malformed";
+		goto bail3;
+	}
+
+	pc = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS);
+	if (!pc) {
+		lwsl_parser("lws_client_int_s_hs: no protocol list\n");
+	} else
+		lwsl_parser("lws_client_int_s_hs: protocol list '%s'\n", pc);
+
+	/*
+	 * confirm the protocol the server wants to talk was in the list
+	 * of protocols we offered
+	 */
+
+	len = lws_hdr_total_length(wsi, WSI_TOKEN_PROTOCOL);
+	if (!len) {
+		lwsl_info("lws_client_int_s_hs: WSI_TOKEN_PROTOCOL is null\n");
+		/*
+		 * no protocol name to work from,
+		 * default to first protocol
+		 */
+		n = 0;
+		wsi->protocol = &wsi->vhost->protocols[0];
+		goto check_extensions;
+	}
+
+	p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_PROTOCOL);
+	len = strlen(p);
+
+	while (pc && *pc && !okay) {
+		if (!strncmp(pc, p, len) &&
+		    (pc[len] == ',' || pc[len] == '\0')) {
+			okay = 1;
+			continue;
+		}
+		while (*pc && *pc++ != ',')
+			;
+		while (*pc && *pc == ' ')
+			pc++;
+	}
+
+	if (!okay) {
+		lwsl_err("lws_client_int_s_hs: got bad protocol %s\n", p);
+		cce = "HS: PROTOCOL malformed";
+		goto bail2;
+	}
+
+	/*
+	 * identify the selected protocol struct and set it
+	 */
+	n = 0;
+	wsi->protocol = NULL;
+	while (wsi->vhost->protocols[n].callback && !wsi->protocol) {
+		if (strcmp(p, wsi->vhost->protocols[n].name) == 0) {
+			wsi->protocol = &wsi->vhost->protocols[n];
+			break;
+		}
+		n++;
+	}
+
+	if (wsi->protocol == NULL) {
+		lwsl_err("lws_client_int_s_hs: fail protocol %s\n", p);
+		cce = "HS: Cannot match protocol";
+		goto bail2;
+	}
+
+check_extensions:
+	/*
+	 * stitch protocol choice into the vh protocol linked list
+	 * We always insert ourselves at the start of the list
+	 *
+	 * X <-> B
+	 * X <-> pAn <-> pB
+	 */
+	//lwsl_err("%s: pre insert vhost start wsi %p, that wsi prev == %p\n",
+	//		__func__,
+	//		wsi->vhost->same_vh_protocol_list[n],
+	//		wsi->same_vh_protocol_prev);
+	wsi->same_vh_protocol_prev = /* guy who points to us */
+		&wsi->vhost->same_vh_protocol_list[n];
+	wsi->same_vh_protocol_next = /* old first guy is our next */
+			wsi->vhost->same_vh_protocol_list[n];
+	/* we become the new first guy */
+	wsi->vhost->same_vh_protocol_list[n] = wsi;
+
+	if (wsi->same_vh_protocol_next)
+		/* old first guy points back to us now */
+		wsi->same_vh_protocol_next->same_vh_protocol_prev =
+				&wsi->same_vh_protocol_next;
+
+#ifndef LWS_NO_EXTENSIONS
+	/* instantiate the accepted extensions */
+
+	if (!lws_hdr_total_length(wsi, WSI_TOKEN_EXTENSIONS)) {
+		lwsl_ext("no client extensions allowed by server\n");
+		goto check_accept;
+	}
+
+	/*
+	 * break down the list of server accepted extensions
+	 * and go through matching them or identifying bogons
+	 */
+
+	if (lws_hdr_copy(wsi, sb, context->pt_serv_buf_size, WSI_TOKEN_EXTENSIONS) < 0) {
+		lwsl_warn("ext list from server failed to copy\n");
+		cce = "HS: EXT: list too big";
+		goto bail2;
+	}
+
+	c = sb;
+	n = 0;
+	ignore = 0;
+	a = NULL;
+	while (more) {
+
+		if (*c && (*c != ',' && *c != '\t')) {
+			if (*c == ';') {
+				ignore = 1;
+				if (!a)
+					a = c + 1;
+			}
+			if (ignore || *c == ' ') {
+				c++;
+				continue;
+			}
+
+			ext_name[n] = *c++;
+			if (n < sizeof(ext_name) - 1)
+				n++;
+			continue;
+		}
+		ext_name[n] = '\0';
+		ignore = 0;
+		if (!*c)
+			more = 0;
+		else {
+			c++;
+			if (!n)
+				continue;
+		}
+
+		/* check we actually support it */
+
+		lwsl_notice("checking client ext %s\n", ext_name);
+
+		n = 0;
+		ext = wsi->vhost->extensions;
+		while (ext && ext->callback) {
+			if (strcmp(ext_name, ext->name)) {
+				ext++;
+				continue;
+			}
+
+			n = 1;
+			lwsl_notice("instantiating client ext %s\n", ext_name);
+
+			/* instantiate the extension on this conn */
+
+			wsi->active_extensions[wsi->count_act_ext] = ext;
+
+			/* allow him to construct his ext instance */
+
+			if (ext->callback(lws_get_context(wsi), ext, wsi,
+				      LWS_EXT_CB_CLIENT_CONSTRUCT,
+				      (void *)&wsi->act_ext_user[wsi->count_act_ext],
+				      (void *)&opts, 0)) {
+				lwsl_info(" ext %s failed construction\n", ext_name);
+				ext++;
+				continue;
+			}
+
+			/*
+			 * allow the user code to override ext defaults if it
+			 * wants to
+			 */
+			ext_name[0] = '\0';
+			if (user_callback_handle_rxflow(wsi->protocol->callback,
+					wsi, LWS_CALLBACK_WS_EXT_DEFAULTS,
+					(char *)ext->name, ext_name,
+					sizeof(ext_name))) {
+				cce = "HS: EXT: failed setting defaults";
+				goto bail2;
+			}
+
+			if (ext_name[0] &&
+			    lws_ext_parse_options(ext, wsi, wsi->act_ext_user[
+						  wsi->count_act_ext], opts, ext_name,
+						  strlen(ext_name))) {
+				lwsl_err("%s: unable to parse user defaults '%s'",
+					 __func__, ext_name);
+				cce = "HS: EXT: failed parsing defaults";
+				goto bail2;
+			}
+
+			/*
+			 * give the extension the server options
+			 */
+			if (a && lws_ext_parse_options(ext, wsi,
+					wsi->act_ext_user[wsi->count_act_ext],
+					opts, a, c - a)) {
+				lwsl_err("%s: unable to parse remote def '%s'",
+					 __func__, a);
+				cce = "HS: EXT: failed parsing options";
+				goto bail2;
+			}
+
+			if (ext->callback(lws_get_context(wsi), ext, wsi,
+					LWS_EXT_CB_OPTION_CONFIRM,
+				      wsi->act_ext_user[wsi->count_act_ext],
+				      NULL, 0)) {
+				lwsl_err("%s: ext %s rejects server options %s",
+					 __func__, ext->name, a);
+				cce = "HS: EXT: Rejects server options";
+				goto bail2;
+			}
+
+			wsi->count_act_ext++;
+
+			ext++;
+		}
+
+		if (n == 0) {
+			lwsl_warn("Unknown ext '%s'!\n", ext_name);
+			cce = "HS: EXT: unknown ext";
+			goto bail2;
+		}
+
+		a = NULL;
+		n = 0;
+	}
+
+check_accept:
+#endif
+
+	/*
+	 * Confirm his accept token is the one we precomputed
+	 */
+
+	p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_ACCEPT);
+	if (strcmp(p, wsi->u.hdr.ah->initial_handshake_hash_base64)) {
+		lwsl_warn("lws_client_int_s_hs: accept '%s' wrong vs '%s'\n", p,
+				  wsi->u.hdr.ah->initial_handshake_hash_base64);
+		cce = "HS: Accept hash wrong";
+		goto bail2;
+	}
+
+	/* allocate the per-connection user memory (if any) */
+	if (lws_ensure_user_space(wsi)) {
+		lwsl_err("Problem allocating wsi user mem\n");
+		cce = "HS: OOM";
+		goto bail2;
+	}
+
+	/*
+	 * we seem to be good to go, give client last chance to check
+	 * headers and OK it
+	 */
+	if (wsi->protocol->callback(wsi, LWS_CALLBACK_CLIENT_FILTER_PRE_ESTABLISH,
+				    wsi->user_space, NULL, 0)) {
+		cce = "HS: Rejected by filter cb";
+		goto bail2;
+	}
+
+	/* clear his proxy connection timeout */
+	lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0);
+
+	/* free up his parsing allocations */
+	lws_header_table_detach(wsi, 0);
+
+	lws_union_transition(wsi, LWSCM_WS_CLIENT);
+	wsi->state = LWSS_ESTABLISHED;
+	lws_restart_ws_ping_pong_timer(wsi);
+
+	wsi->rxflow_change_to = LWS_RXFLOW_ALLOW;
+
+	/*
+	 * create the frame buffer for this connection according to the
+	 * size mentioned in the protocol definition.  If 0 there, then
+	 * use a big default for compatibility
+	 */
+	n = wsi->protocol->rx_buffer_size;
+	if (!n)
+		n = context->pt_serv_buf_size;
+	n += LWS_PRE;
+	wsi->u.ws.rx_ubuf = lws_malloc(n + 4 /* 0x0000ffff zlib */, "client frame buffer");
+	if (!wsi->u.ws.rx_ubuf) {
+		lwsl_err("Out of Mem allocating rx buffer %d\n", n);
+		cce = "HS: OOM";
+		goto bail2;
+	}
+       wsi->u.ws.rx_ubuf_alloc = n;
+	lwsl_info("Allocating client RX buffer %d\n", n);
+
+#if !defined(LWS_WITH_ESP32)
+	if (setsockopt(wsi->desc.sockfd, SOL_SOCKET, SO_SNDBUF, (const char *)&n,
+		       sizeof n)) {
+		lwsl_warn("Failed to set SNDBUF to %d", n);
+		cce = "HS: SO_SNDBUF failed";
+		goto bail3;
+	}
+#endif
+
+	lwsl_debug("handshake OK for protocol %s\n", wsi->protocol->name);
+
+	/* call him back to inform him he is up */
+
+	if (wsi->protocol->callback(wsi, LWS_CALLBACK_CLIENT_ESTABLISHED,
+				    wsi->user_space, NULL, 0)) {
+		cce = "HS: Rejected at CLIENT_ESTABLISHED";
+		goto bail3;
+	}
+#ifndef LWS_NO_EXTENSIONS
+	/*
+	 * inform all extensions, not just active ones since they
+	 * already know
+	 */
+	ext = wsi->vhost->extensions;
+
+	while (ext && ext->callback) {
+		v = NULL;
+		for (n = 0; n < wsi->count_act_ext; n++)
+			if (wsi->active_extensions[n] == ext)
+				v = wsi->act_ext_user[n];
+
+		ext->callback(context, ext, wsi,
+			  LWS_EXT_CB_ANY_WSI_ESTABLISHED, v, NULL, 0);
+		ext++;
+	}
+#endif
+
+	return 0;
+
+bail3:
+	close_reason = LWS_CLOSE_STATUS_NOSTATUS;
+
+bail2:
+	if (wsi->protocol)
+		wsi->protocol->callback(wsi, LWS_CALLBACK_CLIENT_CONNECTION_ERROR,
+				wsi->user_space, (void *)cce,
+				(unsigned int)strlen(cce));
+	wsi->already_did_cce = 1;
+
+	lwsl_info("closing connection due to bail2 connection error\n");
+
+	/* closing will free up his parsing allocations */
+	lws_close_free_wsi(wsi, close_reason);
+
+	return 1;
+}
+
+
+char *
+lws_generate_client_handshake(struct lws *wsi, char *pkt)
+{
+	char buf[128], hash[20], key_b64[40], *p = pkt;
+	struct lws_context *context = wsi->context;
+	const char *meth;
+	int n;
+#ifndef LWS_NO_EXTENSIONS
+	const struct lws_extension *ext;
+	int ext_count = 0;
+#endif
+	const char *pp = lws_hdr_simple_ptr(wsi,
+				_WSI_TOKEN_CLIENT_SENT_PROTOCOLS);
+
+	meth = lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_METHOD);
+	if (!meth) {
+		meth = "GET";
+		wsi->do_ws = 1;
+	} else {
+		wsi->do_ws = 0;
+	}
+
+	if (!strcmp(meth, "RAW")) {
+		lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0);
+		lwsl_notice("client transition to raw\n");
+
+		if (pp) {
+			const struct lws_protocols *pr;
+
+			pr = lws_vhost_name_to_protocol(wsi->vhost, pp);
+
+			if (!pr) {
+				lwsl_err("protocol %s not enabled on vhost\n",
+					 pp);
+				return NULL;
+			}
+
+			lws_bind_protocol(wsi, pr);
+		}
+
+		if ((wsi->protocol->callback)(wsi,
+				LWS_CALLBACK_RAW_ADOPT,
+				wsi->user_space, NULL, 0))
+			return NULL;
+
+		lws_header_table_force_to_detachable_state(wsi);
+		lws_union_transition(wsi, LWSCM_RAW);
+		lws_header_table_detach(wsi, 1);
+
+		return NULL;
+	}
+
+	if (wsi->do_ws) {
+		/*
+		 * create the random key
+		 */
+		n = lws_get_random(context, hash, 16);
+		if (n != 16) {
+			lwsl_err("Unable to read from random dev %s\n",
+				 SYSTEM_RANDOM_FILEPATH);
+			return NULL;
+		}
+
+		lws_b64_encode_string(hash, 16, key_b64, sizeof(key_b64));
+	}
+
+	/*
+	 * 04 example client handshake
+	 *
+	 * GET /chat HTTP/1.1
+	 * Host: server.example.com
+	 * Upgrade: websocket
+	 * Connection: Upgrade
+	 * Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ==
+	 * Sec-WebSocket-Origin: http://example.com
+	 * Sec-WebSocket-Protocol: chat, superchat
+	 * Sec-WebSocket-Version: 4
+	 */
+
+	p += sprintf(p, "%s %s HTTP/1.1\x0d\x0a", meth,
+		     lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_URI));
+
+	p += sprintf(p, "Pragma: no-cache\x0d\x0a"
+			"Cache-Control: no-cache\x0d\x0a");
+
+	p += sprintf(p, "Host: %s\x0d\x0a",
+		     lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_HOST));
+
+	if (lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ORIGIN)) {
+		if (lws_check_opt(context->options, LWS_SERVER_OPTION_JUST_USE_RAW_ORIGIN))
+			p += sprintf(p, "Origin: %s\x0d\x0a",
+				     lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ORIGIN));
+		else
+			p += sprintf(p, "Origin: http://%s\x0d\x0a",
+				     lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_ORIGIN));
+	}
+
+	if (wsi->do_ws) {
+		p += sprintf(p, "Upgrade: websocket\x0d\x0a"
+				"Connection: Upgrade\x0d\x0a"
+				"Sec-WebSocket-Key: ");
+		strcpy(p, key_b64);
+		p += strlen(key_b64);
+		p += sprintf(p, "\x0d\x0a");
+		if (lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS))
+			p += sprintf(p, "Sec-WebSocket-Protocol: %s\x0d\x0a",
+			     lws_hdr_simple_ptr(wsi, _WSI_TOKEN_CLIENT_SENT_PROTOCOLS));
+
+		/* tell the server what extensions we could support */
+
+#ifndef LWS_NO_EXTENSIONS
+		ext = wsi->vhost->extensions;
+		while (ext && ext->callback) {
+			n = lws_ext_cb_all_exts(context, wsi,
+				   LWS_EXT_CB_CHECK_OK_TO_PROPOSE_EXTENSION,
+				   (char *)ext->name, 0);
+			if (n) { /* an extension vetos us */
+				lwsl_ext("ext %s vetoed\n", (char *)ext->name);
+				ext++;
+				continue;
+			}
+			n = wsi->vhost->protocols[0].callback(wsi,
+				LWS_CALLBACK_CLIENT_CONFIRM_EXTENSION_SUPPORTED,
+					wsi->user_space, (char *)ext->name, 0);
+
+			/*
+			 * zero return from callback means
+			 * go ahead and allow the extension,
+			 * it's what we get if the callback is
+			 * unhandled
+			 */
+
+			if (n) {
+				ext++;
+				continue;
+			}
+
+			/* apply it */
+
+			if (ext_count)
+				*p++ = ',';
+			else
+				p += sprintf(p, "Sec-WebSocket-Extensions: ");
+			p += sprintf(p, "%s", ext->client_offer);
+			ext_count++;
+
+			ext++;
+		}
+		if (ext_count)
+			p += sprintf(p, "\x0d\x0a");
+#endif
+
+		if (wsi->ietf_spec_revision)
+			p += sprintf(p, "Sec-WebSocket-Version: %d\x0d\x0a",
+				     wsi->ietf_spec_revision);
+
+		/* prepare the expected server accept response */
+
+		key_b64[39] = '\0'; /* enforce composed length below buf sizeof */
+		n = sprintf(buf, "%s258EAFA5-E914-47DA-95CA-C5AB0DC85B11", key_b64);
+
+		lws_SHA1((unsigned char *)buf, n, (unsigned char *)hash);
+
+		lws_b64_encode_string(hash, 20,
+				      wsi->u.hdr.ah->initial_handshake_hash_base64,
+				      sizeof(wsi->u.hdr.ah->initial_handshake_hash_base64));
+	}
+
+	/* give userland a chance to append, eg, cookies */
+
+	if (wsi->protocol->callback(wsi, LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER,
+				wsi->user_space, &p, (pkt + context->pt_serv_buf_size) - p - 12))
+		return NULL;
+
+	p += sprintf(p, "\x0d\x0a");
+
+	return p;
+}
+
diff --git a/thirdparty/lws/client/ssl-client.c b/thirdparty/lws/client/ssl-client.c
new file mode 100644
index 0000000000..b69fd2da30
--- /dev/null
+++ b/thirdparty/lws/client/ssl-client.c
@@ -0,0 +1,625 @@
+/*
+ * libwebsockets - small server side websockets and web server implementation
+ *
+ * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com>
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation:
+ *  version 2.1 of the License.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA  02110-1301  USA
+ */
+
+#include "private-libwebsockets.h"
+
+extern int openssl_websocket_private_data_index,
+    openssl_SSL_CTX_private_data_index;
+
+extern void
+lws_ssl_bind_passphrase(SSL_CTX *ssl_ctx, struct lws_context_creation_info *info);
+
+extern int lws_ssl_get_error(struct lws *wsi, int n);
+
+#if defined(USE_WOLFSSL)
+#else
+
+static int
+OpenSSL_client_verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx)
+{
+#if defined(LWS_WITH_MBEDTLS)
+	lwsl_notice("%s\n", __func__);
+
+	return 0;
+#else
+	SSL *ssl;
+	int n;
+	struct lws *wsi;
+
+	/* keep old behaviour accepting self-signed server certs */
+	if (!preverify_ok) {
+		int err = X509_STORE_CTX_get_error(x509_ctx);
+
+		if (err != X509_V_OK) {
+			ssl = X509_STORE_CTX_get_ex_data(x509_ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
+			wsi = SSL_get_ex_data(ssl, openssl_websocket_private_data_index);
+
+			if ((err == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT ||
+					err == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) &&
+					wsi->use_ssl & LCCSCF_ALLOW_SELFSIGNED) {
+				lwsl_notice("accepting self-signed certificate (verify_callback)\n");
+				X509_STORE_CTX_set_error(x509_ctx, X509_V_OK);
+				return 1;	// ok
+			} else if ((err == X509_V_ERR_CERT_NOT_YET_VALID ||
+					err == X509_V_ERR_CERT_HAS_EXPIRED) &&
+					wsi->use_ssl & LCCSCF_ALLOW_EXPIRED) {
+				if (err == X509_V_ERR_CERT_NOT_YET_VALID)
+					lwsl_notice("accepting not yet valid certificate (verify_callback)\n");
+				else if (err == X509_V_ERR_CERT_HAS_EXPIRED)
+					lwsl_notice("accepting expired certificate (verify_callback)\n");
+				X509_STORE_CTX_set_error(x509_ctx, X509_V_OK);
+				return 1;	// ok
+			}
+		}
+	}
+
+	ssl = X509_STORE_CTX_get_ex_data(x509_ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
+	wsi = SSL_get_ex_data(ssl, openssl_websocket_private_data_index);
+
+	n = lws_get_context_protocol(wsi->context, 0).callback(wsi,
+			LWS_CALLBACK_OPENSSL_PERFORM_SERVER_CERT_VERIFICATION,
+			x509_ctx, ssl, preverify_ok);
+
+	/* keep old behaviour if something wrong with server certs */
+	/* if ssl error is overruled in callback and cert is ok,
+	 * X509_STORE_CTX_set_error(x509_ctx, X509_V_OK); must be set and
+	 * return value is 0 from callback */
+	if (!preverify_ok) {
+		int err = X509_STORE_CTX_get_error(x509_ctx);
+
+		if (err != X509_V_OK) {	/* cert validation error was not handled in callback */
+			int depth = X509_STORE_CTX_get_error_depth(x509_ctx);
+			const char* msg = X509_verify_cert_error_string(err);
+			lwsl_err("SSL error: %s (preverify_ok=%d;err=%d;depth=%d)\n", msg, preverify_ok, err, depth);
+			return preverify_ok;	// not ok
+		}
+	}
+	/* convert callback return code from 0 = OK to verify callback return value 1 = OK */
+	return !n;
+#endif
+}
+#endif
+
+int
+lws_ssl_client_bio_create(struct lws *wsi)
+{
+	char hostname[128], *p;
+
+	if (lws_hdr_copy(wsi, hostname, sizeof(hostname),
+			 _WSI_TOKEN_CLIENT_HOST) <= 0) {
+		lwsl_err("%s: Unable to get hostname\n", __func__);
+
+		return -1;
+	}
+
+	/*
+	 * remove any :port part on the hostname... necessary for network
+	 * connection but typical certificates do not contain it
+	 */
+	p = hostname;
+	while (*p) {
+		if (*p == ':') {
+			*p = '\0';
+			break;
+		}
+		p++;
+	}
+
+	wsi->ssl = SSL_new(wsi->vhost->ssl_client_ctx);
+	if (!wsi->ssl) {
+		lwsl_err("SSL_new failed: %s\n",
+		         ERR_error_string(lws_ssl_get_error(wsi, 0), NULL));
+		lws_ssl_elaborate_error();
+		return -1;
+	}
+
+#if defined (LWS_HAVE_SSL_SET_INFO_CALLBACK)
+	if (wsi->vhost->ssl_info_event_mask)
+		SSL_set_info_callback(wsi->ssl, lws_ssl_info_callback);
+#endif
+
+#if defined LWS_HAVE_X509_VERIFY_PARAM_set1_host
+	X509_VERIFY_PARAM *param;
+	(void)param;
+
+	if (!(wsi->use_ssl & LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK)) {
+		param = SSL_get0_param(wsi->ssl);
+		/* Enable automatic hostname checks */
+		X509_VERIFY_PARAM_set_hostflags(param,
+						X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
+		X509_VERIFY_PARAM_set1_host(param, hostname, 0);
+	}
+
+#endif
+
+#if !defined(USE_WOLFSSL) && !defined(LWS_WITH_MBEDTLS)
+#ifndef USE_OLD_CYASSL
+	/* OpenSSL_client_verify_callback will be called @ SSL_connect() */
+	SSL_set_verify(wsi->ssl, SSL_VERIFY_PEER, OpenSSL_client_verify_callback);
+#endif
+#endif
+
+#if !defined(USE_WOLFSSL) && !defined(LWS_WITH_MBEDTLS)
+	SSL_set_mode(wsi->ssl,  SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
+#endif
+	/*
+	 * use server name indication (SNI), if supported,
+	 * when establishing connection
+	 */
+#ifdef USE_WOLFSSL
+#ifdef USE_OLD_CYASSL
+#ifdef CYASSL_SNI_HOST_NAME
+	CyaSSL_UseSNI(wsi->ssl, CYASSL_SNI_HOST_NAME, hostname, strlen(hostname));
+#endif
+#else
+#ifdef WOLFSSL_SNI_HOST_NAME
+	wolfSSL_UseSNI(wsi->ssl, WOLFSSL_SNI_HOST_NAME, hostname, strlen(hostname));
+#endif
+#endif
+#else
+#if defined(LWS_WITH_MBEDTLS)
+	if (wsi->vhost->x509_client_CA)
+		SSL_set_verify(wsi->ssl, SSL_VERIFY_PEER, OpenSSL_client_verify_callback);
+	else
+		SSL_set_verify(wsi->ssl, SSL_VERIFY_NONE, OpenSSL_client_verify_callback);
+
+#else
+#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
+	SSL_set_tlsext_host_name(wsi->ssl, hostname);
+#endif
+#endif
+#endif
+
+#ifdef USE_WOLFSSL
+	/*
+	 * wolfSSL/CyaSSL does certificate verification differently
+	 * from OpenSSL.
+	 * If we should ignore the certificate, we need to set
+	 * this before SSL_new and SSL_connect is called.
+	 * Otherwise the connect will simply fail with error code -155
+	 */
+#ifdef USE_OLD_CYASSL
+	if (wsi->use_ssl == 2)
+		CyaSSL_set_verify(wsi->ssl, SSL_VERIFY_NONE, NULL);
+#else
+	if (wsi->use_ssl == 2)
+		wolfSSL_set_verify(wsi->ssl, SSL_VERIFY_NONE, NULL);
+#endif
+#endif /* USE_WOLFSSL */
+
+#if !defined(LWS_WITH_MBEDTLS)
+	wsi->client_bio = BIO_new_socket(wsi->desc.sockfd, BIO_NOCLOSE);
+	SSL_set_bio(wsi->ssl, wsi->client_bio, wsi->client_bio);
+#else
+	SSL_set_fd(wsi->ssl, wsi->desc.sockfd);
+#endif
+
+#ifdef USE_WOLFSSL
+#ifdef USE_OLD_CYASSL
+	CyaSSL_set_using_nonblock(wsi->ssl, 1);
+#else
+	wolfSSL_set_using_nonblock(wsi->ssl, 1);
+#endif
+#else
+#if !defined(LWS_WITH_MBEDTLS)
+	BIO_set_nbio(wsi->client_bio, 1); /* nonblocking */
+#endif
+#endif
+
+#if !defined(LWS_WITH_MBEDTLS)
+	SSL_set_ex_data(wsi->ssl, openssl_websocket_private_data_index,
+			wsi);
+#endif
+
+	return 0;
+}
+
+#if defined(LWS_WITH_MBEDTLS)
+int ERR_get_error(void)
+{
+	return 0;
+}
+#endif
+
+int
+lws_ssl_client_connect1(struct lws *wsi)
+{
+	struct lws_context *context = wsi->context;
+	int n = 0;
+
+	lws_latency_pre(context, wsi);
+
+	n = SSL_connect(wsi->ssl);
+
+	lws_latency(context, wsi,
+	  "SSL_connect LWSCM_WSCL_ISSUE_HANDSHAKE", n, n > 0);
+
+	if (n < 0) {
+		n = lws_ssl_get_error(wsi, n);
+
+		if (n == SSL_ERROR_WANT_READ)
+			goto some_wait;
+
+		if (n == SSL_ERROR_WANT_WRITE) {
+			/*
+			 * wants us to retry connect due to
+			 * state of the underlying ssl layer...
+			 * but since it may be stalled on
+			 * blocked write, no incoming data may
+			 * arrive to trigger the retry.
+			 * Force (possibly many times if the SSL
+			 * state persists in returning the
+			 * condition code, but other sockets
+			 * are getting serviced inbetweentimes)
+			 * us to get called back when writable.
+			 */
+			lwsl_info("%s: WANT_WRITE... retrying\n", __func__);
+			lws_callback_on_writable(wsi);
+some_wait:
+			wsi->mode = LWSCM_WSCL_WAITING_SSL;
+
+			return 0; /* no error */
+		}
+
+		{
+			struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+			char *p = (char *)&pt->serv_buf[0];
+			char *sb = p;
+
+			lwsl_err("ssl hs1 error, X509_V_ERR = %d: %s\n",
+				 n, ERR_error_string(n, sb));
+			lws_ssl_elaborate_error();
+		}
+
+		n = -1;
+	}
+
+	if (n <= 0) {
+		/*
+		 * retry if new data comes until we
+		 * run into the connection timeout or win
+		 */
+
+		unsigned long error = ERR_get_error();
+
+		if (error != SSL_ERROR_NONE) {
+			struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+			char *p = (char *)&pt->serv_buf[0];
+			char *sb = p;
+			lwsl_err("SSL connect error %lu: %s\n",
+				error, ERR_error_string(error, sb));
+			return -1;
+		}
+
+		return 0;
+	}
+
+	return 1;
+}
+
+int
+lws_ssl_client_connect2(struct lws *wsi)
+{
+	struct lws_context *context = wsi->context;
+	struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
+	char *p = (char *)&pt->serv_buf[0];
+	char *sb = p;
+	int n = 0;
+
+	if (wsi->mode == LWSCM_WSCL_WAITING_SSL) {
+		lws_latency_pre(context, wsi);
+		n = SSL_connect(wsi->ssl);
+		lwsl_debug("%s: SSL_connect says %d\n", __func__, n);
+
+		lws_latency(context, wsi,
+			    "SSL_connect LWSCM_WSCL_WAITING_SSL", n, n > 0);
+
+		if (n < 0) {
+			n = lws_ssl_get_error(wsi, n);
+
+			if (n == SSL_ERROR_WANT_READ) {
+				lwsl_info("SSL_connect WANT_READ... retrying\n");
+
+				wsi->mode = LWSCM_WSCL_WAITING_SSL;
+
+				return 0; /* no error */
+			}
+
+			if (n == SSL_ERROR_WANT_WRITE) {
+				/*
+				 * wants us to retry connect due to
+				 * state of the underlying ssl layer...
+				 * but since it may be stalled on
+				 * blocked write, no incoming data may
+				 * arrive to trigger the retry.
+				 * Force (possibly many times if the SSL
+				 * state persists in returning the
+				 * condition code, but other sockets
+				 * are getting serviced inbetweentimes)
+				 * us to get called back when writable.
+				 */
+				lwsl_info("SSL_connect WANT_WRITE... retrying\n");
+				lws_callback_on_writable(wsi);
+
+				wsi->mode = LWSCM_WSCL_WAITING_SSL;
+
+				return 0; /* no error */
+			}
+
+			n = -1;
+		}
+
+		if (n <= 0) {
+			/*
+			 * retry if new data comes until we
+			 * run into the connection timeout or win
+			 */
+			unsigned long error = ERR_get_error();
+			if (error != SSL_ERROR_NONE) {
+				lwsl_err("SSL connect error %lu: %s\n",
+					 error, ERR_error_string(error, sb));
+				return -1;
+			}
+		}
+	}
+
+#if defined(LWS_WITH_MBEDTLS)
+	{
+		X509 *peer = SSL_get_peer_certificate(wsi->ssl);
+
+		if (!peer) {
+			lwsl_notice("peer did not provide cert\n");
+
+			return -1;
+		}
+		lwsl_notice("peer provided cert\n");
+	}
+#endif
+
+#ifndef USE_WOLFSSL
+	/*
+	 * See comment above about wolfSSL certificate
+	 * verification
+	 */
+	lws_latency_pre(context, wsi);
+	n = SSL_get_verify_result(wsi->ssl);
+	lws_latency(context, wsi,
+		"SSL_get_verify_result LWS_CONNMODE..HANDSHAKE", n, n > 0);
+
+	lwsl_debug("get_verify says %d\n", n);
+
+	if (n != X509_V_OK) {
+		if ((n == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT ||
+		     n == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) &&
+		     (wsi->use_ssl & LCCSCF_ALLOW_SELFSIGNED)) {
+			lwsl_notice("accepting self-signed certificate\n");
+		} else if ((n == X509_V_ERR_CERT_NOT_YET_VALID ||
+		            n == X509_V_ERR_CERT_HAS_EXPIRED) &&
+		     (wsi->use_ssl & LCCSCF_ALLOW_EXPIRED)) {
+			lwsl_notice("accepting expired certificate\n");
+		} else if (n == X509_V_ERR_CERT_NOT_YET_VALID) {
+			lwsl_notice("Cert is from the future... "
+				    "probably our clock... accepting...\n");
+		} else {
+			lwsl_err("server's cert didn't look good, X509_V_ERR = %d: %s\n",
+				 n, ERR_error_string(n, sb));
+			lws_ssl_elaborate_error();
+			return -1;
+		}
+	}
+
+#endif /* USE_WOLFSSL */
+
+	return 1;
+}
+
+
+int lws_context_init_client_ssl(struct lws_context_creation_info *info,
+				struct lws_vhost *vhost)
+{
+	SSL_METHOD *method = NULL;
+	struct lws wsi;
+	unsigned long error;
+	const char *ca_filepath = info->ssl_ca_filepath;
+#if !defined(LWS_WITH_MBEDTLS)
+	const char *cipher_list = info->ssl_cipher_list;
+	const char *private_key_filepath = info->ssl_private_key_filepath;
+	const char *cert_filepath = info->ssl_cert_filepath;
+	int n;
+
+	if (vhost->options & LWS_SERVER_OPTION_ONLY_RAW)
+		return 0;
+
+	/*
+	 *  for backwards-compatibility default to using ssl_... members, but
+	 * if the newer client-specific ones are given, use those
+	 */
+	if (info->client_ssl_cipher_list)
+		cipher_list = info->client_ssl_cipher_list;
+	if (info->client_ssl_cert_filepath)
+		cert_filepath = info->client_ssl_cert_filepath;
+	if (info->client_ssl_private_key_filepath)
+		private_key_filepath = info->client_ssl_private_key_filepath;
+#endif
+	if (info->client_ssl_ca_filepath)
+		ca_filepath = info->client_ssl_ca_filepath;
+
+	if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT))
+		return 0;
+
+	if (vhost->ssl_client_ctx)
+		return 0;
+
+	if (info->provided_client_ssl_ctx) {
+		/* use the provided OpenSSL context if given one */
+		vhost->ssl_client_ctx = info->provided_client_ssl_ctx;
+		/* nothing for lib to delete */
+		vhost->user_supplied_ssl_ctx = 1;
+
+		return 0;
+	}
+
+	/* basic openssl init already happened in context init */
+
+	/* choose the most recent spin of the api */
+#if defined(LWS_HAVE_TLS_CLIENT_METHOD)
+	method = (SSL_METHOD *)TLS_client_method();
+#elif defined(LWS_HAVE_TLSV1_2_CLIENT_METHOD)
+	method = (SSL_METHOD *)TLSv1_2_client_method();
+#else
+	method = (SSL_METHOD *)SSLv23_client_method();
+#endif
+	if (!method) {
+		error = ERR_get_error();
+		lwsl_err("problem creating ssl method %lu: %s\n",
+			error, ERR_error_string(error,
+				      (char *)vhost->context->pt[0].serv_buf));
+		return 1;
+	}
+	/* create context */
+	vhost->ssl_client_ctx = SSL_CTX_new(method);
+	if (!vhost->ssl_client_ctx) {
+		error = ERR_get_error();
+		lwsl_err("problem creating ssl context %lu: %s\n",
+			error, ERR_error_string(error,
+				      (char *)vhost->context->pt[0].serv_buf));
+		return 1;
+	}
+
+	lwsl_notice("created client ssl context for %s\n", vhost->name);
+
+#ifdef SSL_OP_NO_COMPRESSION
+	SSL_CTX_set_options(vhost->ssl_client_ctx, SSL_OP_NO_COMPRESSION);
+#endif
+
+#if defined(LWS_WITH_MBEDTLS)
+	if (ca_filepath) {
+		lws_filepos_t len;
+		uint8_t *buf;
+		/*
+		 * prototype this here, the shim does not export it in the
+		 * header, and we need to use the shim unchanged for ESP32 case
+		 */
+		X509 *d2i_X509(X509 **cert, const unsigned char *buffer, long len);
+
+		if (alloc_file(vhost->context, ca_filepath, &buf, &len)) {
+			lwsl_err("Load CA cert file %s failed\n", ca_filepath);
+			return 1;
+		}
+
+		vhost->x509_client_CA = d2i_X509(NULL, buf, len);
+		free(buf);
+		if (!vhost->x509_client_CA) {
+			lwsl_err("client CA: x509 parse failed\n");
+			return 1;
+		}
+
+		SSL_CTX_add_client_CA(vhost->ssl_client_ctx,
+				      vhost->x509_client_CA);
+
+		lwsl_notice("client loaded CA for verification %s\n", ca_filepath);
+	}
+#else
+	SSL_CTX_set_options(vhost->ssl_client_ctx,
+			    SSL_OP_CIPHER_SERVER_PREFERENCE);
+
+	if (cipher_list)
+		SSL_CTX_set_cipher_list(vhost->ssl_client_ctx, cipher_list);
+
+#ifdef LWS_SSL_CLIENT_USE_OS_CA_CERTS
+	if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DISABLE_OS_CA_CERTS))
+		/* loads OS default CA certs */
+		SSL_CTX_set_default_verify_paths(vhost->ssl_client_ctx);
+#endif
+
+	/* openssl init for cert verification (for client sockets) */
+	if (!ca_filepath) {
+		if (!SSL_CTX_load_verify_locations(
+			vhost->ssl_client_ctx, NULL, LWS_OPENSSL_CLIENT_CERTS))
+			lwsl_err("Unable to load SSL Client certs from %s "
+			    "(set by LWS_OPENSSL_CLIENT_CERTS) -- "
+			    "client ssl isn't going to work\n",
+			    LWS_OPENSSL_CLIENT_CERTS);
+	} else
+		if (!SSL_CTX_load_verify_locations(
+			vhost->ssl_client_ctx, ca_filepath, NULL)) {
+			lwsl_err(
+				"Unable to load SSL Client certs "
+				"file from %s -- client ssl isn't "
+				"going to work\n", info->client_ssl_ca_filepath);
+			lws_ssl_elaborate_error();
+		}
+		else
+			lwsl_info("loaded ssl_ca_filepath\n");
+
+	/*
+	 * callback allowing user code to load extra verification certs
+	 * helping the client to verify server identity
+	 */
+
+	/* support for client-side certificate authentication */
+	if (cert_filepath) {
+		lwsl_notice("%s: doing cert filepath\n", __func__);
+		n = SSL_CTX_use_certificate_chain_file(vhost->ssl_client_ctx,
+						       cert_filepath);
+		if (n < 1) {
+			lwsl_err("problem %d getting cert '%s'\n", n,
+				 cert_filepath);
+			lws_ssl_elaborate_error();
+			return 1;
+		}
+		lwsl_notice("Loaded client cert %s\n", cert_filepath);
+	}
+	if (private_key_filepath) {
+		lwsl_notice("%s: doing private key filepath\n", __func__);
+		lws_ssl_bind_passphrase(vhost->ssl_client_ctx, info);
+		/* set the private key from KeyFile */
+		if (SSL_CTX_use_PrivateKey_file(vhost->ssl_client_ctx,
+		    private_key_filepath, SSL_FILETYPE_PEM) != 1) {
+			lwsl_err("use_PrivateKey_file '%s'\n",
+				 private_key_filepath);
+			lws_ssl_elaborate_error();
+			return 1;
+		}
+		lwsl_notice("Loaded client cert private key %s\n",
+			    private_key_filepath);
+
+		/* verify private key */
+		if (!SSL_CTX_check_private_key(vhost->ssl_client_ctx)) {
+			lwsl_err("Private SSL key doesn't match cert\n");
+			return 1;
+		}
+	}
+#endif
+	/*
+	 * give him a fake wsi with context set, so he can use
+	 * lws_get_context() in the callback
+	 */
+	memset(&wsi, 0, sizeof(wsi));
+	wsi.vhost = vhost;
+	wsi.context = vhost->context;
+
+	vhost->protocols[0].callback(&wsi,
+			LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS,
+				       vhost->ssl_client_ctx, NULL, 0);
+
+	return 0;
+}
diff --git a/thirdparty/lws/context.c b/thirdparty/lws/context.c
new file mode 100644
index 0000000000..f67476b1e3
--- /dev/null
+++ b/thirdparty/lws/context.c
@@ -0,0 +1,1628 @@
+/*
+ * libwebsockets - small server side websockets and web server implementation
+ *
+ * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com>
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation:
+ *  version 2.1 of the License.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA  02110-1301  USA
+ */
+
+#include "private-libwebsockets.h"
+
+#ifndef LWS_BUILD_HASH
+#define LWS_BUILD_HASH "unknown-build-hash"
+#endif
+
+static const char *library_version = LWS_LIBRARY_VERSION " " LWS_BUILD_HASH;
+
+/**
+ * lws_get_library_version: get version and git hash library built from
+ *
+ *	returns a const char * to a string like "1.1 178d78c"
+ *	representing the library version followed by the git head hash it
+ *	was built from
+ */
+LWS_VISIBLE const char *
+lws_get_library_version(void)
+{
+	return library_version;
+}
+
+static const char * const mount_protocols[] = {
+	"http://",
+	"https://",
+	"file://",
+	"cgi://",
+	">http://",
+	">https://",
+	"callback://"
+};
+
+#if defined(LWS_WITH_HTTP2)
+/*
+ * These are the standardized defaults.
+ * Override what actually goes in the vhost settings in platform or user code.
+ * Leave these alone because they are used to determine "what is different
+ * from the protocol defaults".
+ */
+const struct http2_settings lws_h2_defaults = { {
+	1,
+	/* H2SET_HEADER_TABLE_SIZE */			4096,
+	/* *** This controls how many entries in the dynamic table ***
+	 * Allows the sender to inform the remote endpoint of the maximum
+	 * size of the header compression table used to decode header
+	 * blocks, in octets.  The encoder can select any size equal to or
+	 * less than this value by using signaling specific to the header
+	 * compression format inside a header block (see [COMPRESSION]).
+	 * The initial value is 4,096 octets.
+	 */
+	/* H2SET_ENABLE_PUSH */				   1,
+	/* H2SET_MAX_CONCURRENT_STREAMS */	  0x7fffffff,
+	/* H2SET_INITIAL_WINDOW_SIZE */		       65535,
+	/* H2SET_MAX_FRAME_SIZE */		       16384,
+	/* H2SET_MAX_HEADER_LIST_SIZE */	  0x7fffffff,
+	/*< This advisory setting informs a peer of the maximum size of
+	 * header list that the sender is prepared to accept, in octets.
+	 * The value is based on the uncompressed size of header fields,
+	 * including the length of the name and value in octets plus an
+	 * overhead of 32 octets for each header field.
+	 */
+
+}};
+
+const struct http2_settings lws_h2_stock_settings = { {
+	1,
+	/* H2SET_HEADER_TABLE_SIZE */			4096,
+	/* *** This controls how many entries in the dynamic table ***
+	 * Allows the sender to inform the remote endpoint of the maximum
+	 * size of the header compression table used to decode header
+	 * blocks, in octets.  The encoder can select any size equal to or
+	 * less than this value by using signaling specific to the header
+	 * compression format inside a header block (see [COMPRESSION]).
+	 * The initial value is 4,096 octets.
+	 *
+	 * Can't pass h2spec with less than 4096 here...
+	 */
+	/* H2SET_ENABLE_PUSH */				   1,
+	/* H2SET_MAX_CONCURRENT_STREAMS */		  24,
+	/* H2SET_INITIAL_WINDOW_SIZE */		       65535,
+	/* H2SET_MAX_FRAME_SIZE */		       16384,
+	/* H2SET_MAX_HEADER_LIST_SIZE */	  	4096,
+	/*< This advisory setting informs a peer of the maximum size of
+	 * header list that the sender is prepared to accept, in octets.
+	 * The value is based on the uncompressed size of header fields,
+	 * including the length of the name and value in octets plus an
+	 * overhead of 32 octets for each header field.
+	 */
+
+}};
+#endif
+
+LWS_VISIBLE void *
+lws_protocol_vh_priv_zalloc(struct lws_vhost *vhost,
+			    const struct lws_protocols *prot, int size)
+{
+	int n = 0;
+
+	/* allocate the vh priv array only on demand */
+	if (!vhost->protocol_vh_privs) {
+		vhost->protocol_vh_privs = (void **)lws_zalloc(
+				vhost->count_protocols * sizeof(void *), "protocol_vh_privs");
+		if (!vhost->protocol_vh_privs)
+			return NULL;
+	}
+
+	while (n < vhost->count_protocols && &vhost->protocols[n] != prot)
+		n++;
+
+	if (n == vhost->count_protocols) {
+		n = 0;
+		while (n < vhost->count_protocols &&
+		       strcmp(vhost->protocols[n].name, prot->name))
+			n++;
+
+		if (n == vhost->count_protocols)
+			return NULL;
+	}
+
+	vhost->protocol_vh_privs[n] = lws_zalloc(size, "vh priv");
+	return vhost->protocol_vh_privs[n];
+}
+
+LWS_VISIBLE void *
+lws_protocol_vh_priv_get(struct lws_vhost *vhost,
+			 const struct lws_protocols *prot)
+{
+	int n = 0;
+
+	if (!vhost || !vhost->protocol_vh_privs)
+		return NULL;
+
+	while (n < vhost->count_protocols && &vhost->protocols[n] != prot)
+		n++;
+
+	if (n == vhost->count_protocols) {
+		n = 0;
+		while (n < vhost->count_protocols &&
+		       strcmp(vhost->protocols[n].name, prot->name))
+			n++;
+
+		if (n == vhost->count_protocols) {
+			lwsl_err("%s: unknown protocol %p\n", __func__, prot);
+			return NULL;
+		}
+	}
+
+	return vhost->protocol_vh_privs[n];
+}
+
+static const struct lws_protocol_vhost_options *
+lws_vhost_protocol_options(struct lws_vhost *vh, const char *name)
+{
+	const struct lws_protocol_vhost_options *pvo = vh->pvo;
+
+	if (!name)
+		return NULL;
+
+	while (pvo) {
+		if (!strcmp(pvo->name, name))
+			return pvo;
+		pvo = pvo->next;
+	}
+
+	return NULL;
+}
+
+/*
+ * inform every vhost that hasn't already done it, that
+ * his protocols are initializing
+ */
+LWS_VISIBLE int
+lws_protocol_init(struct lws_context *context)
+{
+	struct lws_vhost *vh = context->vhost_list;
+	const struct lws_protocol_vhost_options *pvo, *pvo1;
+	struct lws wsi;
+	int n;
+
+	if (context->doing_protocol_init)
+		return 0;
+
+	context->doing_protocol_init = 1;
+
+	memset(&wsi, 0, sizeof(wsi));
+	wsi.context = context;
+
+	lwsl_info("%s\n", __func__);
+
+	while (vh) {
+		wsi.vhost = vh;
+
+		/* only do the protocol init once for a given vhost */
+		if (vh->created_vhost_protocols)
+			goto next;
+
+		/* initialize supported protocols on this vhost */
+
+		for (n = 0; n < vh->count_protocols; n++) {
+			wsi.protocol = &vh->protocols[n];
+			if (!vh->protocols[n].name)
+				continue;
+			pvo = lws_vhost_protocol_options(vh,
+							 vh->protocols[n].name);
+			if (pvo) {
+				/*
+				 * linked list of options specific to
+				 * vh + protocol
+				 */
+				pvo1 = pvo;
+				pvo = pvo1->options;
+
+				while (pvo) {
+					lwsl_notice(
+						"    vhost \"%s\", protocol \"%s\", option \"%s\"\n",
+							vh->name,
+							vh->protocols[n].name,
+							pvo->name);
+
+					if (!strcmp(pvo->name, "default")) {
+						lwsl_notice("Setting default "
+						   "protocol for vh %s to %s\n",
+						   vh->name,
+						   vh->protocols[n].name);
+						vh->default_protocol_index = n;
+					}
+					if (!strcmp(pvo->name, "raw")) {
+						lwsl_notice("Setting raw "
+						   "protocol for vh %s to %s\n",
+						   vh->name,
+						   vh->protocols[n].name);
+						vh->raw_protocol_index = n;
+					}
+					pvo = pvo->next;
+				}
+
+				pvo = pvo1->options;
+			}
+
+			/*
+			 * inform all the protocols that they are doing their
+			 * one-time initialization if they want to.
+			 *
+			 * NOTE the wsi is all zeros except for the context, vh
+			 * + protocol ptrs so lws_get_context(wsi) etc can work
+			 */
+			if (vh->protocols[n].callback(&wsi,
+					LWS_CALLBACK_PROTOCOL_INIT, NULL,
+					(void *)pvo, 0)) {
+				lwsl_err("%s: vhost %s failed init\n", __func__,
+					 vh->protocols[n].name);
+				context->doing_protocol_init = 0;
+				return 1;
+			}
+		}
+
+		vh->created_vhost_protocols = 1;
+next:
+		vh = vh->vhost_next;
+	}
+
+	context->doing_protocol_init = 0;
+
+	if (!context->protocol_init_done)
+		lws_finalize_startup(context);
+
+	context->protocol_init_done = 1;
+
+	return 0;
+}
+
+LWS_VISIBLE int
+lws_callback_http_dummy(struct lws *wsi, enum lws_callback_reasons reason,
+		    void *user, void *in, size_t len)
+{
+	struct lws_ssl_info *si;
+#ifdef LWS_WITH_CGI
+	struct lws_cgi_args *args;
+#endif
+#if defined(LWS_WITH_CGI) || defined(LWS_WITH_HTTP_PROXY)
+	char buf[512];
+	int n;
+#endif
+
+	switch (reason) {
+	case LWS_CALLBACK_HTTP:
+#ifndef LWS_NO_SERVER
+		if (lws_return_http_status(wsi, HTTP_STATUS_NOT_FOUND, NULL))
+			return -1;
+
+		if (lws_http_transaction_completed(wsi))
+#endif
+			return -1;
+		break;
+#if !defined(LWS_NO_SERVER)
+	case LWS_CALLBACK_HTTP_FILE_COMPLETION:
+		if (lws_http_transaction_completed(wsi))
+			return -1;
+		break;
+#endif
+
+	case LWS_CALLBACK_HTTP_WRITEABLE:
+#ifdef LWS_WITH_CGI
+		if (wsi->reason_bf & (LWS_CB_REASON_AUX_BF__CGI_HEADERS |
+				      LWS_CB_REASON_AUX_BF__CGI)) {
+			n = lws_cgi_write_split_stdout_headers(wsi);
+			if (n < 0) {
+				lwsl_debug("LWS_CB_REASON_AUX_BF__CGI forcing close\n");
+				return -1;
+			}
+			if (!n)
+				lws_rx_flow_control(wsi->cgi->stdwsi[LWS_STDOUT], 1);
+
+			if (wsi->reason_bf & LWS_CB_REASON_AUX_BF__CGI_HEADERS)
+				wsi->reason_bf &= ~LWS_CB_REASON_AUX_BF__CGI_HEADERS;
+			else
+				wsi->reason_bf &= ~LWS_CB_REASON_AUX_BF__CGI;
+			break;
+		}
+
+		if (wsi->reason_bf & LWS_CB_REASON_AUX_BF__CGI_CHUNK_END) {
+			if (!wsi->http2_substream) {
+				memcpy(buf + LWS_PRE, "0\x0d\x0a\x0d\x0a", 5);
+				lwsl_debug("writing chunk terminator and exiting\n");
+				n = lws_write(wsi, (unsigned char *)buf + LWS_PRE,
+						5, LWS_WRITE_HTTP);
+			} else
+				n = lws_write(wsi, (unsigned char *)buf + LWS_PRE,
+					      0, LWS_WRITE_HTTP_FINAL);
+
+			/* always close after sending it */
+			return -1;
+		}
+#endif
+#if defined(LWS_WITH_HTTP_PROXY)
+		if (wsi->reason_bf & LWS_CB_REASON_AUX_BF__PROXY) {
+			char *px = buf + LWS_PRE;
+			int lenx = sizeof(buf) - LWS_PRE;
+
+			/*
+			 * our sink is writeable and our source has something
+			 * to read.  So read a lump of source material of
+			 * suitable size to send or what's available, whichever
+			 * is the smaller.
+			 */
+			wsi->reason_bf &= ~LWS_CB_REASON_AUX_BF__PROXY;
+			if (!lws_get_child(wsi))
+				break;
+			if (lws_http_client_read(lws_get_child(wsi), &px, &lenx) < 0)
+				return -1;
+			break;
+		}
+#endif
+		break;
+
+#if defined(LWS_WITH_HTTP_PROXY)
+	case LWS_CALLBACK_RECEIVE_CLIENT_HTTP:
+		assert(lws_get_parent(wsi));
+		if (!lws_get_parent(wsi))
+			break;
+		lws_get_parent(wsi)->reason_bf |= LWS_CB_REASON_AUX_BF__PROXY;
+		lws_callback_on_writable(lws_get_parent(wsi));
+		break;
+
+	case LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ:
+		assert(lws_get_parent(wsi));
+		n = lws_write(lws_get_parent(wsi), (unsigned char *)in,
+				len, LWS_WRITE_HTTP);
+		if (n < 0)
+			return -1;
+		break;
+
+	case LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP: {
+		unsigned char *p, *end;
+		char ctype[64], ctlen = 0;
+	
+		p = (unsigned char *)buf + LWS_PRE;
+		end = p + sizeof(buf) - LWS_PRE;
+
+		if (lws_add_http_header_status(lws_get_parent(wsi),
+					       HTTP_STATUS_OK, &p, end))
+			return 1;
+		if (lws_add_http_header_by_token(lws_get_parent(wsi),
+				WSI_TOKEN_HTTP_SERVER,
+			    	(unsigned char *)"libwebsockets",
+				13, &p, end))
+			return 1;
+
+		ctlen = lws_hdr_copy(wsi, ctype, sizeof(ctype),
+				     WSI_TOKEN_HTTP_CONTENT_TYPE);
+		if (ctlen > 0) {
+			if (lws_add_http_header_by_token(lws_get_parent(wsi),
+				WSI_TOKEN_HTTP_CONTENT_TYPE,
+				(unsigned char *)ctype, ctlen, &p, end))
+				return 1;
+		}
+
+		if (lws_finalize_http_header(lws_get_parent(wsi), &p, end))
+			return 1;
+
+		*p = '\0';
+		n = lws_write(lws_get_parent(wsi),
+			      (unsigned char *)buf + LWS_PRE,
+			      p - ((unsigned char *)buf + LWS_PRE),
+			      LWS_WRITE_HTTP_HEADERS);
+		if (n < 0)
+			return -1;
+
+		break; }
+
+#endif
+
+#ifdef LWS_WITH_CGI
+	/* CGI IO events (POLLIN/OUT) appear here, our default policy is:
+	 *
+	 *  - POST data goes on subprocess stdin
+	 *  - subprocess stdout goes on http via writeable callback
+	 *  - subprocess stderr goes to the logs
+	 */
+	case LWS_CALLBACK_CGI:
+		args = (struct lws_cgi_args *)in;
+		switch (args->ch) { /* which of stdin/out/err ? */
+		case LWS_STDIN:
+			/* TBD stdin rx flow control */
+			break;
+		case LWS_STDOUT:
+			/* quench POLLIN on STDOUT until MASTER got writeable */
+			lws_rx_flow_control(args->stdwsi[LWS_STDOUT], 0);
+			wsi->reason_bf |= LWS_CB_REASON_AUX_BF__CGI;
+			/* when writing to MASTER would not block */
+			lws_callback_on_writable(wsi);
+			break;
+		case LWS_STDERR:
+			n = lws_get_socket_fd(args->stdwsi[LWS_STDERR]);
+			if (n < 0)
+				break;
+			n = read(n, buf, sizeof(buf) - 2);
+			if (n > 0) {
+				if (buf[n - 1] != '\n')
+					buf[n++] = '\n';
+				buf[n] = '\0';
+				lwsl_notice("CGI-stderr: %s\n", buf);
+			}
+			break;
+		}
+		break;
+
+	case LWS_CALLBACK_CGI_TERMINATED:
+		lwsl_debug("LWS_CALLBACK_CGI_TERMINATED: %d %" PRIu64 "\n",
+				wsi->cgi->explicitly_chunked,
+				(uint64_t)wsi->cgi->content_length);
+		if (!wsi->cgi->explicitly_chunked &&
+		    !wsi->cgi->content_length) {
+			/* send terminating chunk */
+			lwsl_debug("LWS_CALLBACK_CGI_TERMINATED: ending\n");
+			wsi->reason_bf |= LWS_CB_REASON_AUX_BF__CGI_CHUNK_END;
+			lws_callback_on_writable(wsi);
+			lws_set_timeout(wsi, PENDING_TIMEOUT_CGI, 3);
+			break;
+		}
+		return -1;
+
+	case LWS_CALLBACK_CGI_STDIN_DATA:  /* POST body for stdin */
+		args = (struct lws_cgi_args *)in;
+		args->data[args->len] = '\0';
+		n = lws_get_socket_fd(args->stdwsi[LWS_STDIN]);
+		if (n < 0)
+			return -1;
+		n = write(n, args->data, args->len);
+		if (n < args->len)
+			lwsl_notice("LWS_CALLBACK_CGI_STDIN_DATA: "
+				    "sent %d only %d went", n, args->len);
+		return n;
+#endif
+
+	case LWS_CALLBACK_SSL_INFO:
+		si = in;
+
+		(void)si;
+		lwsl_notice("LWS_CALLBACK_SSL_INFO: where: 0x%x, ret: 0x%x\n",
+			    si->where, si->ret);
+		break;
+
+	default:
+		break;
+	}
+
+	return 0;
+}
+
+/* list of supported protocols and callbacks */
+
+static const struct lws_protocols protocols_dummy[] = {
+	/* first protocol must always be HTTP handler */
+
+	{
+		"http-only",		/* name */
+		lws_callback_http_dummy,		/* callback */
+		0,	/* per_session_data_size */
+		0,			/* max frame size / rx buffer */
+		0, NULL, 0
+	},
+	/*
+	 * the other protocols are provided by lws plugins
+	 */
+	{ NULL, NULL, 0, 0, 0, NULL, 0} /* terminator */
+};
+
+#ifdef LWS_PLAT_OPTEE
+#undef LWS_HAVE_GETENV
+#endif
+
+LWS_VISIBLE struct lws_vhost *
+lws_create_vhost(struct lws_context *context,
+		 struct lws_context_creation_info *info)
+{
+	struct lws_vhost *vh = lws_zalloc(sizeof(*vh), "create vhost"),
+			 **vh1 = &context->vhost_list;
+	const struct lws_http_mount *mounts;
+	const struct lws_protocol_vhost_options *pvo;
+#ifdef LWS_WITH_PLUGINS
+	struct lws_plugin *plugin = context->plugin_list;
+#endif
+	struct lws_protocols *lwsp;
+	int m, f = !info->pvo;
+#ifdef LWS_HAVE_GETENV
+	char *p;
+#endif
+	int n;
+
+	if (!vh)
+		return NULL;
+
+	if (!info->protocols)
+		info->protocols = &protocols_dummy[0];
+
+	vh->context = context;
+	if (!info->vhost_name)
+		vh->name = "default";
+	else
+		vh->name = info->vhost_name;
+
+	if (info->options & LWS_SERVER_OPTION_ONLY_RAW)
+		lwsl_info("%s set to only support RAW\n", vh->name);
+
+#if defined(LWS_WITH_HTTP2)
+	vh->set = context->set;
+	if (info->http2_settings[0])
+		for (n = 1; n < LWS_H2_SETTINGS_LEN; n++)
+			vh->set.s[n] = info->http2_settings[n];
+#endif
+
+	vh->iface = info->iface;
+#if !defined(LWS_WITH_ESP8266) && !defined(LWS_WITH_ESP32) && !defined(OPTEE_TA) && !defined(WIN32)
+	vh->bind_iface = info->bind_iface;
+#endif
+
+	for (vh->count_protocols = 0;
+	     info->protocols[vh->count_protocols].callback;
+	     vh->count_protocols++)
+		;
+
+	vh->options = info->options;
+	vh->pvo = info->pvo;
+	vh->headers = info->headers;
+	vh->user = info->user;
+	vh->ssl_info_event_mask = info->ssl_info_event_mask;
+	if (info->keepalive_timeout)
+		vh->keepalive_timeout = info->keepalive_timeout;
+	else
+		vh->keepalive_timeout = 5;
+
+	if (info->timeout_secs_ah_idle)
+		vh->timeout_secs_ah_idle = info->timeout_secs_ah_idle;
+	else
+		vh->timeout_secs_ah_idle = 10;
+
+	/*
+	 * give the vhost a unified list of protocols including the
+	 * ones that came from plugins
+	 */
+	lwsp = lws_zalloc(sizeof(struct lws_protocols) *
+				   (vh->count_protocols +
+				   context->plugin_protocol_count + 1), "vhost-specific plugin table");
+	if (!lwsp) {
+		lwsl_err("OOM\n");
+		return NULL;
+	}
+
+	m = vh->count_protocols;
+	memcpy(lwsp, info->protocols, sizeof(struct lws_protocols) * m);
+
+	/* for compatibility, all protocols enabled on vhost if only
+	 * the default vhost exists.  Otherwise only vhosts who ask
+	 * for a protocol get it enabled.
+	 */
+
+	if (context->options & LWS_SERVER_OPTION_EXPLICIT_VHOSTS)
+		f = 0;
+	(void)f;
+#ifdef LWS_WITH_PLUGINS
+	if (plugin) {
+
+		while (plugin) {
+			for (n = 0; n < plugin->caps.count_protocols; n++) {
+				/*
+				 * for compatibility's sake, no pvo implies
+				 * allow all protocols
+				 */
+				if (f || lws_vhost_protocol_options(vh,
+				    plugin->caps.protocols[n].name)) {
+					memcpy(&lwsp[m],
+					       &plugin->caps.protocols[n],
+					       sizeof(struct lws_protocols));
+					m++;
+					vh->count_protocols++;
+				}
+			}
+			plugin = plugin->list;
+		}
+	}
+#endif
+
+	if (
+#ifdef LWS_WITH_PLUGINS
+	    (context->plugin_list) ||
+#endif
+	    context->options & LWS_SERVER_OPTION_EXPLICIT_VHOSTS)
+		vh->protocols = lwsp;
+	else {
+		vh->protocols = info->protocols;
+		lws_free(lwsp);
+	}
+
+	vh->same_vh_protocol_list = (struct lws **)
+			lws_zalloc(sizeof(struct lws *) * vh->count_protocols, "same vh list");
+
+	vh->mount_list = info->mounts;
+
+#ifdef LWS_WITH_UNIX_SOCK
+	if (LWS_UNIX_SOCK_ENABLED(context)) {
+		lwsl_notice("Creating Vhost '%s' path \"%s\", %d protocols\n",
+				vh->name, info->iface, vh->count_protocols);
+	} else
+#endif
+	lwsl_notice("Creating Vhost '%s' port %d, %d protocols, IPv6 %s\n",
+			vh->name, info->port, vh->count_protocols,
+			LWS_IPV6_ENABLED(vh) ? "on" : "off");
+
+	mounts = info->mounts;
+	while (mounts) {
+		(void)mount_protocols[0];
+		lwsl_notice("   mounting %s%s to %s\n",
+				mount_protocols[mounts->origin_protocol],
+				mounts->origin, mounts->mountpoint);
+
+		/* convert interpreter protocol names to pointers */
+		pvo = mounts->interpret;
+		while (pvo) {
+			for (n = 0; n < vh->count_protocols; n++)
+				if (!strcmp(pvo->value, vh->protocols[n].name)) {
+					((struct lws_protocol_vhost_options *)pvo)->value =
+							(const char *)(lws_intptr_t)n;
+					break;
+				}
+			if (n == vh->count_protocols)
+				lwsl_err("ignoring unknown interpret protocol %s\n",
+					 pvo->value);
+			pvo = pvo->next;
+		}
+
+		mounts = mounts->mount_next;
+	}
+
+#ifndef LWS_NO_EXTENSIONS
+#ifdef LWS_WITH_PLUGINS
+	if (context->plugin_extension_count) {
+
+		m = 0;
+		while (info->extensions && info->extensions[m].callback)
+			m++;
+
+		/*
+		 * give the vhost a unified list of extensions including the
+		 * ones that came from plugins
+		 */
+		vh->extensions = lws_zalloc(sizeof(struct lws_extension) *
+					   (m +
+					   context->plugin_extension_count + 1), "extensions");
+		if (!vh->extensions)
+			return NULL;
+
+		memcpy((struct lws_extension *)vh->extensions, info->extensions,
+		       sizeof(struct lws_extension) * m);
+		plugin = context->plugin_list;
+		while (plugin) {
+			memcpy((struct lws_extension *)&vh->extensions[m],
+				plugin->caps.extensions,
+			       sizeof(struct lws_extension) *
+			       plugin->caps.count_extensions);
+			m += plugin->caps.count_extensions;
+			plugin = plugin->list;
+		}
+	} else
+#endif
+		vh->extensions = info->extensions;
+#endif
+
+	vh->listen_port = info->port;
+#if !defined(LWS_WITH_ESP8266)
+	vh->http_proxy_port = 0;
+	vh->http_proxy_address[0] = '\0';
+#if defined(LWS_WITH_SOCKS5)
+	vh->socks_proxy_port = 0;
+	vh->socks_proxy_address[0] = '\0';
+#endif
+
+	/* either use proxy from info, or try get it from env var */
+
+	/* http proxy */
+	if (info->http_proxy_address) {
+		/* override for backwards compatibility */
+		if (info->http_proxy_port)
+			vh->http_proxy_port = info->http_proxy_port;
+		lws_set_proxy(vh, info->http_proxy_address);
+	} else {
+#ifdef LWS_HAVE_GETENV
+		p = getenv("http_proxy");
+		if (p)
+			lws_set_proxy(vh, p);
+#endif
+	}
+#if defined(LWS_WITH_SOCKS5)
+	/* socks proxy */
+	if (info->socks_proxy_address) {
+		/* override for backwards compatibility */
+		if (info->socks_proxy_port)
+			vh->socks_proxy_port = info->socks_proxy_port;
+		lws_set_socks(vh, info->socks_proxy_address);
+	} else {
+#ifdef LWS_HAVE_GETENV
+		p = getenv("socks_proxy");
+		if (p)
+			lws_set_socks(vh, p);
+#endif
+	}
+#endif
+#endif
+
+	vh->ka_time = info->ka_time;
+	vh->ka_interval = info->ka_interval;
+	vh->ka_probes = info->ka_probes;
+
+	if (vh->options & LWS_SERVER_OPTION_STS)
+		lwsl_notice("   STS enabled\n");
+
+#ifdef LWS_WITH_ACCESS_LOG
+	if (info->log_filepath) {
+		vh->log_fd = open(info->log_filepath,
+				  O_CREAT | O_APPEND | O_RDWR, 0600);
+		if (vh->log_fd == (int)LWS_INVALID_FILE) {
+			lwsl_err("unable to open log filepath %s\n",
+				 info->log_filepath);
+			goto bail;
+		}
+#ifndef WIN32
+		if (context->uid != -1)
+			if (chown(info->log_filepath, context->uid,
+				  context->gid) == -1)
+				lwsl_err("unable to chown log file %s\n",
+						info->log_filepath);
+#endif
+	} else
+		vh->log_fd = (int)LWS_INVALID_FILE;
+#endif
+	if (lws_context_init_server_ssl(info, vh))
+		goto bail;
+	if (lws_context_init_client_ssl(info, vh))
+		goto bail;
+	if (lws_context_init_server(info, vh)) {
+		lwsl_err("init server failed\n");
+		goto bail;
+	}
+
+	while (1) {
+		if (!(*vh1)) {
+			*vh1 = vh;
+			break;
+		}
+		vh1 = &(*vh1)->vhost_next;
+	};
+	/* for the case we are adding a vhost much later, after server init */
+
+	if (context->protocol_init_done)
+		lws_protocol_init(context);
+
+	return vh;
+
+bail:
+	lws_free(vh);
+
+	return NULL;
+}
+
+LWS_VISIBLE int
+lws_init_vhost_client_ssl(const struct lws_context_creation_info *info,
+			  struct lws_vhost *vhost)
+{
+	struct lws_context_creation_info i;
+
+	memcpy(&i, info, sizeof(i));
+	i.port = CONTEXT_PORT_NO_LISTEN;
+
+	return lws_context_init_client_ssl(&i, vhost);
+}
+
+LWS_VISIBLE struct lws_context *
+lws_create_context(struct lws_context_creation_info *info)
+{
+	struct lws_context *context = NULL;
+	struct lws_plat_file_ops *prev;
+#ifndef LWS_NO_DAEMONIZE
+	int pid_daemon = get_daemonize_pid();
+#endif
+	int n;
+#if defined(__ANDROID__)
+	struct rlimit rt;
+#endif
+
+	lwsl_info("Initial logging level %d\n", log_level);
+	lwsl_info("Libwebsockets version: %s\n", library_version);
+#if defined(GCC_VER)
+	lwsl_info("Compiled with  %s\n", GCC_VER);
+#endif
+#if LWS_POSIX
+#ifdef LWS_WITH_IPV6
+	if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DISABLE_IPV6))
+		lwsl_info("IPV6 compiled in and enabled\n");
+	else
+		lwsl_info("IPV6 compiled in but disabled\n");
+#else
+	lwsl_info("IPV6 not compiled in\n");
+#endif
+#if !defined(LWS_PLAT_OPTEE) && !defined(LWS_PLAT_ESP32)
+	lws_feature_status_libev(info);
+	lws_feature_status_libuv(info);
+#endif
+#endif
+	lwsl_info(" LWS_DEF_HEADER_LEN    : %u\n", LWS_DEF_HEADER_LEN);
+	lwsl_info(" LWS_MAX_PROTOCOLS     : %u\n", LWS_MAX_PROTOCOLS);
+	lwsl_info(" LWS_MAX_SMP           : %u\n", LWS_MAX_SMP);
+	lwsl_info(" sizeof (*info)        : %ld\n", (long)sizeof(*info));
+#if defined(LWS_WITH_STATS)
+	lwsl_info(" LWS_WITH_STATS        : on\n");
+#endif
+#if LWS_POSIX
+	lwsl_info(" SYSTEM_RANDOM_FILEPATH: '%s'\n", SYSTEM_RANDOM_FILEPATH);
+#endif
+#if defined(LWS_WITH_HTTP2)
+	lwsl_info(" HTTP2 support         : available\n");
+#else
+	lwsl_info(" HTTP2 support         : not configured");
+#endif
+	if (lws_plat_context_early_init())
+		return NULL;
+
+	context = lws_zalloc(sizeof(struct lws_context), "context");
+	if (!context) {
+		lwsl_err("No memory for websocket context\n");
+		return NULL;
+	}
+	if (info->pt_serv_buf_size)
+		context->pt_serv_buf_size = info->pt_serv_buf_size;
+	else
+		context->pt_serv_buf_size = 4096;
+
+#if defined(LWS_WITH_HTTP2)
+	context->set = lws_h2_stock_settings;
+#endif
+
+#if LWS_MAX_SMP > 1
+	pthread_mutex_init(&context->lock, NULL);
+#endif
+
+#if defined(LWS_WITH_ESP32)
+	context->last_free_heap = esp_get_free_heap_size();
+#endif
+
+	/* default to just the platform fops implementation */
+
+	context->fops_platform.LWS_FOP_OPEN	= _lws_plat_file_open;
+	context->fops_platform.LWS_FOP_CLOSE	= _lws_plat_file_close;
+	context->fops_platform.LWS_FOP_SEEK_CUR	= _lws_plat_file_seek_cur;
+	context->fops_platform.LWS_FOP_READ	= _lws_plat_file_read;
+	context->fops_platform.LWS_FOP_WRITE	= _lws_plat_file_write;
+	context->fops_platform.fi[0].sig	= NULL;
+
+	/*
+	 *  arrange a linear linked-list of fops starting from context->fops
+	 *
+	 * platform fops
+	 * [ -> fops_zip (copied into context so .next settable) ]
+	 * [ -> info->fops ]
+	 */
+
+	context->fops = &context->fops_platform;
+	prev = (struct lws_plat_file_ops *)context->fops;
+
+#if defined(LWS_WITH_ZIP_FOPS)
+	/* make a soft copy so we can set .next */
+	context->fops_zip = fops_zip;
+	prev->next = &context->fops_zip;
+	prev = (struct lws_plat_file_ops *)prev->next;
+#endif
+
+	/* if user provided fops, tack them on the end of the list */
+	if (info->fops)
+		prev->next = info->fops;
+
+	context->reject_service_keywords = info->reject_service_keywords;
+	if (info->external_baggage_free_on_destroy)
+		context->external_baggage_free_on_destroy =
+			info->external_baggage_free_on_destroy;
+
+	context->time_up = time(NULL);
+
+	context->simultaneous_ssl_restriction = info->simultaneous_ssl_restriction;
+
+#ifndef LWS_NO_DAEMONIZE
+	if (pid_daemon) {
+		context->started_with_parent = pid_daemon;
+		lwsl_info(" Started with daemon pid %d\n", pid_daemon);
+	}
+#endif
+#if defined(__ANDROID__)
+		n = getrlimit ( RLIMIT_NOFILE,&rt);
+		if (-1 == n) {
+			lwsl_err("Get RLIMIT_NOFILE failed!\n");
+			return NULL;
+		}
+		context->max_fds = rt.rlim_cur;
+#else
+		context->max_fds = getdtablesize();
+#endif
+
+	if (info->count_threads)
+		context->count_threads = info->count_threads;
+	else
+		context->count_threads = 1;
+
+	if (context->count_threads > LWS_MAX_SMP)
+		context->count_threads = LWS_MAX_SMP;
+
+	context->token_limits = info->token_limits;
+
+	context->options = info->options;
+
+	if (info->timeout_secs)
+		context->timeout_secs = info->timeout_secs;
+	else
+		context->timeout_secs = AWAITING_TIMEOUT;
+
+	context->ws_ping_pong_interval = info->ws_ping_pong_interval;
+
+	lwsl_info(" default timeout (secs): %u\n", context->timeout_secs);
+
+	if (info->max_http_header_data)
+		context->max_http_header_data = info->max_http_header_data;
+	else
+		if (info->max_http_header_data2)
+			context->max_http_header_data =
+					info->max_http_header_data2;
+		else
+			context->max_http_header_data = LWS_DEF_HEADER_LEN;
+	if (info->max_http_header_pool)
+		context->max_http_header_pool = info->max_http_header_pool;
+	else
+		context->max_http_header_pool = LWS_DEF_HEADER_POOL;
+
+	/*
+	 * Allocate the per-thread storage for scratchpad buffers,
+	 * and header data pool
+	 */
+	for (n = 0; n < context->count_threads; n++) {
+		context->pt[n].serv_buf = lws_malloc(context->pt_serv_buf_size,
+						     "pt_serv_buf");
+		if (!context->pt[n].serv_buf) {
+			lwsl_err("OOM\n");
+			return NULL;
+		}
+
+#ifdef LWS_WITH_LIBUV
+		context->pt[n].context = context;
+#endif
+		context->pt[n].tid = n;
+		context->pt[n].ah_list = NULL;
+		context->pt[n].ah_pool_length = 0;
+
+		lws_pt_mutex_init(&context->pt[n]);
+	}
+
+	if (info->fd_limit_per_thread)
+		context->fd_limit_per_thread = info->fd_limit_per_thread;
+	else
+		context->fd_limit_per_thread = context->max_fds /
+					       context->count_threads;
+
+	lwsl_info(" Threads: %d each %d fds\n", context->count_threads,
+		    context->fd_limit_per_thread);
+
+	if (!info->ka_interval && info->ka_time > 0) {
+		lwsl_err("info->ka_interval can't be 0 if ka_time used\n");
+		return NULL;
+	}
+
+#ifdef LWS_WITH_LIBEV
+	/* (Issue #264) In order to *avoid breaking backwards compatibility*, we
+	 * enable libev mediated SIGINT handling with a default handler of
+	 * lws_sigint_cb. The handler can be overridden or disabled
+	 * by invoking lws_sigint_cfg after creating the context, but
+	 * before invoking lws_initloop:
+	 */
+	context->use_ev_sigint = 1;
+	context->lws_ev_sigint_cb = &lws_ev_sigint_cb;
+#endif /* LWS_WITH_LIBEV */
+#ifdef LWS_WITH_LIBUV
+	/* (Issue #264) In order to *avoid breaking backwards compatibility*, we
+	 * enable libev mediated SIGINT handling with a default handler of
+	 * lws_sigint_cb. The handler can be overridden or disabled
+	 * by invoking lws_sigint_cfg after creating the context, but
+	 * before invoking lws_initloop:
+	 */
+	context->use_ev_sigint = 1;
+	context->lws_uv_sigint_cb = &lws_uv_sigint_cb;
+#endif
+#ifdef LWS_WITH_LIBEVENT
+	/* (Issue #264) In order to *avoid breaking backwards compatibility*, we
+	 * enable libev mediated SIGINT handling with a default handler of
+	 * lws_sigint_cb. The handler can be overridden or disabled
+	 * by invoking lws_sigint_cfg after creating the context, but
+	 * before invoking lws_initloop:
+	 */
+	context->use_ev_sigint = 1;
+	context->lws_event_sigint_cb = &lws_event_sigint_cb;
+#endif /* LWS_WITH_LIBEVENT */
+
+#if defined(LWS_WITH_PEER_LIMITS)
+	/* scale the peer hash table according to the max fds for the process,
+	 * so that the max list depth averages 16.  Eg, 1024 fd -> 64,
+	 * 102400 fd -> 6400
+	 */
+	context->pl_hash_elements =
+		(context->count_threads * context->fd_limit_per_thread) / 16;
+	context->pl_hash_table = lws_zalloc(sizeof(struct lws_peer *) *
+			context->pl_hash_elements, "peer limits hash table");
+	context->ip_limit_ah = info->ip_limit_ah;
+	context->ip_limit_wsi = info->ip_limit_wsi;
+#endif
+
+	lwsl_info(" mem: context:         %5lu bytes (%ld ctx + (%ld thr x %d))\n",
+		  (long)sizeof(struct lws_context) +
+		  (context->count_threads * context->pt_serv_buf_size),
+		  (long)sizeof(struct lws_context),
+		  (long)context->count_threads,
+		  context->pt_serv_buf_size);
+
+	lwsl_info(" mem: http hdr rsvd:   %5lu bytes (%u thr x (%u + %lu) x %u))\n",
+		    (long)(context->max_http_header_data +
+		     sizeof(struct allocated_headers)) *
+		    context->max_http_header_pool * context->count_threads,
+		    context->count_threads,
+		    context->max_http_header_data,
+		    (long)sizeof(struct allocated_headers),
+		    context->max_http_header_pool);
+	n = sizeof(struct lws_pollfd) * context->count_threads *
+	    context->fd_limit_per_thread;
+	context->pt[0].fds = lws_zalloc(n, "fds table");
+	if (context->pt[0].fds == NULL) {
+		lwsl_err("OOM allocating %d fds\n", context->max_fds);
+		goto bail;
+	}
+	lwsl_info(" mem: pollfd map:      %5u\n", n);
+
+	if (info->server_string) {
+		context->server_string = info->server_string;
+		context->server_string_len = (short)
+				strlen(context->server_string);
+	}
+
+#if LWS_MAX_SMP > 1
+	/* each thread serves his own chunk of fds */
+	for (n = 1; n < (int)info->count_threads; n++)
+		context->pt[n].fds = context->pt[n - 1].fds +
+				     context->fd_limit_per_thread;
+#endif
+
+	if (lws_plat_init(context, info))
+		goto bail;
+
+#if defined(LWS_WITH_HTTP2)
+	/*
+	 * let the user code see what the platform default SETTINGS were, he
+	 * can modify them when he creates the vhosts.
+	 */
+	for (n = 1; n < LWS_H2_SETTINGS_LEN; n++)
+		info->http2_settings[n] = context->set.s[n];
+#endif
+
+	lws_context_init_ssl_library(info);
+
+	context->user_space = info->user;
+
+	/*
+	 * if he's not saying he'll make his own vhosts later then act
+	 * compatibly and make a default vhost using the data in the info
+	 */
+	if (!lws_check_opt(info->options, LWS_SERVER_OPTION_EXPLICIT_VHOSTS))
+		if (!lws_create_vhost(context, info)) {
+			lwsl_err("Failed to create default vhost\n");
+			return NULL;
+		}
+
+	lws_context_init_extensions(info, context);
+
+	lwsl_info(" mem: per-conn:        %5lu bytes + protocol rx buf\n",
+		    (unsigned long)sizeof(struct lws));
+
+	strcpy(context->canonical_hostname, "unknown");
+	lws_server_get_canonical_hostname(context, info);
+
+	context->uid = info->uid;
+	context->gid = info->gid;
+
+#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP)
+	memcpy(context->caps, info->caps, sizeof(context->caps));
+	context->count_caps = info->count_caps;
+#endif
+
+	/*
+	 * drop any root privs for this process
+	 * to listen on port < 1023 we would have needed root, but now we are
+	 * listening, we don't want the power for anything else
+	 */
+	if (!lws_check_opt(info->options, LWS_SERVER_OPTION_EXPLICIT_VHOSTS))
+		lws_plat_drop_app_privileges(info);
+
+	/*
+	 * give all extensions a chance to create any per-context
+	 * allocations they need
+	 */
+	if (info->port != CONTEXT_PORT_NO_LISTEN) {
+		if (lws_ext_cb_all_exts(context, NULL,
+			LWS_EXT_CB_SERVER_CONTEXT_CONSTRUCT, NULL, 0) < 0)
+			goto bail;
+	} else
+		if (lws_ext_cb_all_exts(context, NULL,
+			LWS_EXT_CB_CLIENT_CONTEXT_CONSTRUCT, NULL, 0) < 0)
+			goto bail;
+
+	return context;
+
+bail:
+	lws_context_destroy(context);
+	return NULL;
+}
+
+LWS_VISIBLE LWS_EXTERN void
+lws_context_deprecate(struct lws_context *context, lws_reload_func cb)
+{
+	struct lws_vhost *vh = context->vhost_list, *vh1;
+	struct lws *wsi;
+
+	/*
+	 * "deprecation" means disable the context from accepting any new
+	 * connections and free up listen sockets to be used by a replacement
+	 * context.
+	 *
+	 * Otherwise the deprecated context remains operational, until its
+	 * number of connected sockets falls to zero, when it is deleted.
+	 */
+
+	/* for each vhost, close his listen socket */
+
+	while (vh) {
+		wsi = vh->lserv_wsi;
+		if (wsi) {
+			wsi->socket_is_permanently_unusable = 1;
+			lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS);
+			wsi->context->deprecation_pending_listen_close_count++;
+			/*
+			 * other vhosts can share the listen port, they
+			 * point to the same wsi.  So zap those too.
+			 */
+			vh1 = context->vhost_list;
+			while (vh1) {
+				if (vh1->lserv_wsi == wsi)
+					vh1->lserv_wsi = NULL;
+				vh1 = vh1->vhost_next;
+			}
+		}
+		vh = vh->vhost_next;
+	}
+
+	context->deprecated = 1;
+	context->deprecation_cb = cb;
+}
+
+LWS_VISIBLE LWS_EXTERN int
+lws_context_is_deprecated(struct lws_context *context)
+{
+	return context->deprecated;
+}
+
+LWS_VISIBLE void
+lws_context_destroy2(struct lws_context *context);
+
+
+static void
+lws_vhost_destroy1(struct lws_vhost *vh)
+{
+	const struct lws_protocols *protocol = NULL;
+	struct lws_context_per_thread *pt;
+	int n, m = vh->context->count_threads;
+	struct lws_context *context = vh->context;
+	struct lws wsi;
+
+	lwsl_info("%s\n", __func__);
+
+	if (vh->being_destroyed)
+		return;
+
+	vh->being_destroyed = 1;
+
+	/*
+	 * Are there other vhosts that are piggybacking on our listen socket?
+	 * If so we need to hand the listen socket off to one of the others
+	 * so it will remain open.  If not, leave it attached to the closing
+	 * vhost and it will get closed.
+	 */
+
+	if (vh->lserv_wsi)
+		lws_start_foreach_ll(struct lws_vhost *, v, context->vhost_list) {
+			if (v != vh &&
+			    !v->being_destroyed &&
+			    v->listen_port == vh->listen_port &&
+			    ((!v->iface && !vh->iface) ||
+			    (v->iface && vh->iface &&
+			    !strcmp(v->iface, vh->iface)))) {
+				/*
+				 * this can only be a listen wsi, which is
+				 * restricted... it has no protocol or other
+				 * bindings or states.  So we can simply
+				 * swap it to a vhost that has the same
+				 * iface + port, but is not closing.
+				 */
+				assert(v->lserv_wsi == NULL);
+				v->lserv_wsi = vh->lserv_wsi;
+				vh->lserv_wsi = NULL;
+				if (v->lserv_wsi)
+					v->lserv_wsi->vhost = v;
+
+				lwsl_notice("%s: listen skt from %s to %s\n",
+					    __func__, vh->name, v->name);
+				break;
+			}
+		} lws_end_foreach_ll(v, vhost_next);
+
+	/*
+	 * Forcibly close every wsi assoicated with this vhost.  That will
+	 * include the listen socket if it is still associated with the closing
+	 * vhost.
+	 */
+
+	while (m--) {
+		pt = &context->pt[m];
+
+		for (n = 0; (unsigned int)n < context->pt[m].fds_count; n++) {
+			struct lws *wsi = wsi_from_fd(context, pt->fds[n].fd);
+			if (!wsi)
+				continue;
+			if (wsi->vhost != vh)
+				continue;
+
+			lws_close_free_wsi(wsi,
+				LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY
+				/* no protocol close */);
+			n--;
+		}
+	}
+
+	/*
+	 * let the protocols destroy the per-vhost protocol objects
+	 */
+
+	memset(&wsi, 0, sizeof(wsi));
+	wsi.context = vh->context;
+	wsi.vhost = vh;
+	protocol = vh->protocols;
+	if (protocol) {
+		n = 0;
+		while (n < vh->count_protocols) {
+			wsi.protocol = protocol;
+			protocol->callback(&wsi, LWS_CALLBACK_PROTOCOL_DESTROY,
+					   NULL, NULL, 0);
+			protocol++;
+			n++;
+		}
+	}
+
+	/*
+	 * remove vhost from context list of vhosts
+	 */
+
+	lws_start_foreach_llp(struct lws_vhost **, pv, context->vhost_list) {
+		if (*pv == vh) {
+			*pv = vh->vhost_next;
+			break;
+		}
+	} lws_end_foreach_llp(pv, vhost_next);
+
+	/* add ourselves to the pending destruction list */
+
+	vh->vhost_next = vh->context->vhost_pending_destruction_list;
+	vh->context->vhost_pending_destruction_list = vh;
+}
+
+static void
+lws_vhost_destroy2(struct lws_vhost *vh)
+{
+	const struct lws_protocols *protocol = NULL;
+	struct lws_context *context = vh->context;
+	struct lws_deferred_free *df;
+	int n;
+
+	lwsl_info("%s: %p\n", __func__, vh);
+
+	/* if we are still on deferred free list, remove ourselves */
+
+	lws_start_foreach_llp(struct lws_deferred_free **, pdf,
+			      context->deferred_free_list) {
+		if ((*pdf)->payload == vh) {
+			df = *pdf;
+			*pdf = df->next;
+			lws_free(df);
+			break;
+		}
+	} lws_end_foreach_llp(pdf, next);
+
+	/* remove ourselves from the pending destruction list */
+
+	lws_start_foreach_llp(struct lws_vhost **, pv,
+			      context->vhost_pending_destruction_list) {
+		if ((*pv) == vh) {
+			*pv = (*pv)->vhost_next;
+			break;
+		}
+	} lws_end_foreach_llp(pv, vhost_next);
+
+	/*
+	 * Free all the allocations associated with the vhost
+	 */
+
+	protocol = vh->protocols;
+	if (protocol) {
+		n = 0;
+		while (n < vh->count_protocols) {
+			if (vh->protocol_vh_privs &&
+			    vh->protocol_vh_privs[n]) {
+				lws_free(vh->protocol_vh_privs[n]);
+				vh->protocol_vh_privs[n] = NULL;
+			}
+			protocol++;
+			n++;
+		}
+	}
+	if (vh->protocol_vh_privs)
+		lws_free(vh->protocol_vh_privs);
+	lws_ssl_SSL_CTX_destroy(vh);
+	lws_free(vh->same_vh_protocol_list);
+#ifdef LWS_WITH_PLUGINS
+	if (LWS_LIBUV_ENABLED(context)) {
+		if (context->plugin_list)
+			lws_free((void *)vh->protocols);
+	} else
+#endif
+	{
+		if (context->options & LWS_SERVER_OPTION_EXPLICIT_VHOSTS)
+			lws_free((void *)vh->protocols);
+	}
+
+#ifdef LWS_WITH_PLUGINS
+#ifndef LWS_NO_EXTENSIONS
+	if (context->plugin_extension_count)
+		lws_free((void *)vh->extensions);
+#endif
+#endif
+#ifdef LWS_WITH_ACCESS_LOG
+	if (vh->log_fd != (int)LWS_INVALID_FILE)
+		close(vh->log_fd);
+#endif
+
+	/*
+	 * although async event callbacks may still come for wsi handles with
+	 * pending close in the case of asycn event library like libuv,
+	 * they do not refer to the vhost.  So it's safe to free.
+	 */
+
+	lwsl_info("  %s: Freeing vhost %p\n", __func__, vh);
+
+	memset(vh, 0, sizeof(*vh));
+	lws_free(vh);
+}
+
+int
+lws_check_deferred_free(struct lws_context *context, int force)
+{
+	struct lws_deferred_free *df;
+	time_t now = lws_now_secs();
+
+	lws_start_foreach_llp(struct lws_deferred_free **, pdf,
+			      context->deferred_free_list) {
+		if (now > (*pdf)->deadline || force) {
+			df = *pdf;
+			*pdf = df->next;
+			/* finalize vh destruction */
+			lwsl_notice("deferred vh %p destroy\n", df->payload);
+			lws_vhost_destroy2(df->payload);
+			lws_free(df);
+			continue; /* after deletion we already point to next */
+		}
+	} lws_end_foreach_llp(pdf, next);
+
+	return 0;
+}
+
+LWS_VISIBLE void
+lws_vhost_destroy(struct lws_vhost *vh)
+{
+	struct lws_deferred_free *df = lws_malloc(sizeof(*df), "deferred free");
+
+	if (!df)
+		return;
+
+	lws_vhost_destroy1(vh);
+
+	/* part 2 is deferred to allow all the handle closes to complete */
+
+	df->next = vh->context->deferred_free_list;
+	df->deadline = lws_now_secs() + 5;
+	df->payload = vh;
+	vh->context->deferred_free_list = df;
+}
+
+LWS_VISIBLE void
+lws_context_destroy(struct lws_context *context)
+{
+	struct lws_context_per_thread *pt;
+	struct lws_vhost *vh = NULL;
+	struct lws wsi;
+	int n, m;
+
+	if (!context) {
+		lwsl_notice("%s: ctx %p\n", __func__, context);
+		return;
+	}
+	if (context->being_destroyed1) {
+		lwsl_notice("%s: ctx %p: already being destroyed\n",
+			    __func__, context);
+		return;
+	}
+
+	lwsl_info("%s: ctx %p\n", __func__, context);
+
+	m = context->count_threads;
+	context->being_destroyed = 1;
+	context->being_destroyed1 = 1;
+
+	memset(&wsi, 0, sizeof(wsi));
+	wsi.context = context;
+
+#ifdef LWS_LATENCY
+	if (context->worst_latency_info[0])
+		lwsl_notice("Worst latency: %s\n", context->worst_latency_info);
+#endif
+
+	while (m--) {
+		pt = &context->pt[m];
+
+		for (n = 0; (unsigned int)n < context->pt[m].fds_count; n++) {
+			struct lws *wsi = wsi_from_fd(context, pt->fds[n].fd);
+			if (!wsi)
+				continue;
+
+			lws_close_free_wsi(wsi,
+				LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY
+				/* no protocol close */);
+			n--;
+		}
+		lws_pt_mutex_destroy(pt);
+	}
+
+	/*
+	 * give all extensions a chance to clean up any per-context
+	 * allocations they might have made
+	 */
+
+	n = lws_ext_cb_all_exts(context, NULL,
+				LWS_EXT_CB_SERVER_CONTEXT_DESTRUCT, NULL, 0);
+
+	n = lws_ext_cb_all_exts(context, NULL,
+				LWS_EXT_CB_CLIENT_CONTEXT_DESTRUCT, NULL, 0);
+
+	/*
+	 * inform all the protocols that they are done and will have no more
+	 * callbacks.
+	 *
+	 * We can't free things until after the event loop shuts down.
+	 */
+	if (context->protocol_init_done)
+		vh = context->vhost_list;
+	while (vh) {
+		struct lws_vhost *vhn = vh->vhost_next;
+		lws_vhost_destroy1(vh);
+		vh = vhn;
+	}
+
+	for (n = 0; n < context->count_threads; n++) {
+		pt = &context->pt[n];
+
+		lws_libev_destroyloop(context, n);
+		lws_libuv_destroyloop(context, n);
+		lws_libevent_destroyloop(context, n);
+
+		lws_free_set_NULL(context->pt[n].serv_buf);
+
+		while (pt->ah_list)
+			_lws_destroy_ah(pt, pt->ah_list);
+	}
+	lws_plat_context_early_destroy(context);
+
+	if (context->pt[0].fds)
+		lws_free_set_NULL(context->pt[0].fds);
+
+	if (!LWS_LIBUV_ENABLED(context))
+		lws_context_destroy2(context);
+}
+
+/*
+ * call the second one after the event loop has been shut down cleanly
+ */
+
+LWS_VISIBLE void
+lws_context_destroy2(struct lws_context *context)
+{
+	struct lws_vhost *vh = NULL, *vh1;
+#if defined(LWS_WITH_PEER_LIMITS)
+	uint32_t n;
+#endif
+
+	lwsl_info("%s: ctx %p\n", __func__, context);
+
+	/*
+	 * free all the per-vhost allocations
+	 */
+
+	vh = context->vhost_list;
+	while (vh) {
+		vh1 = vh->vhost_next;
+		lws_vhost_destroy2(vh);
+		vh = vh1;
+	}
+
+	/* remove ourselves from the pending destruction list */
+
+	while (context->vhost_pending_destruction_list)
+		/* removes itself from list */
+		lws_vhost_destroy2(context->vhost_pending_destruction_list);
+
+
+	lws_stats_log_dump(context);
+
+	lws_ssl_context_destroy(context);
+	lws_plat_context_late_destroy(context);
+
+#if defined(LWS_WITH_PEER_LIMITS)
+	for (n = 0; n < context->pl_hash_elements; n++)	{
+		lws_start_foreach_llp(struct lws_peer **, peer,
+				      context->pl_hash_table[n]) {
+			struct lws_peer *df = *peer;
+			*peer = df->next;
+			lws_free(df);
+			continue;
+		} lws_end_foreach_llp(peer, next);
+	}
+	lws_free(context->pl_hash_table);
+#endif
+
+	if (context->external_baggage_free_on_destroy)
+		free(context->external_baggage_free_on_destroy);
+
+	lws_check_deferred_free(context, 1);
+
+#if LWS_MAX_SMP > 1
+	pthread_mutex_destroy(&context->lock, NULL);
+#endif
+
+	lws_free(context);
+}
diff --git a/thirdparty/lws/ext/extension-permessage-deflate.c b/thirdparty/lws/ext/extension-permessage-deflate.c
new file mode 100644
index 0000000000..e2be2ae615
--- /dev/null
+++ b/thirdparty/lws/ext/extension-permessage-deflate.c
@@ -0,0 +1,473 @@
+/*
+ * ./lib/extension-permessage-deflate.c
+ *
+ *  Copyright (C) 2016 Andy Green <andy@warmcat.com>
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation:
+ *  version 2.1 of the License.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA  02110-1301  USA
+ */
+
+#include "private-libwebsockets.h"
+#include "extension-permessage-deflate.h"
+#include <stdio.h>
+#include <string.h>
+#include <assert.h>
+
+#define LWS_ZLIB_MEMLEVEL 8
+
+const struct lws_ext_options lws_ext_pm_deflate_options[] = {
+	/* public RFC7692 settings */
+	{ "server_no_context_takeover", EXTARG_NONE },
+	{ "client_no_context_takeover", EXTARG_NONE },
+	{ "server_max_window_bits",	EXTARG_OPT_DEC },
+	{ "client_max_window_bits",	EXTARG_OPT_DEC },
+	/* ones only user code can set */
+	{ "rx_buf_size",		EXTARG_DEC },
+	{ "tx_buf_size",		EXTARG_DEC },
+	{ "compression_level",		EXTARG_DEC },
+	{ "mem_level",			EXTARG_DEC },
+	{ NULL, 0 }, /* sentinel */
+};
+
+static void
+lws_extension_pmdeflate_restrict_args(struct lws *wsi,
+				      struct lws_ext_pm_deflate_priv *priv)
+{
+	int n, extra;
+
+	/* cap the RX buf at the nearest power of 2 to protocol rx buf */
+
+	n = wsi->context->pt_serv_buf_size;
+	if (wsi->protocol->rx_buffer_size)
+		n =  wsi->protocol->rx_buffer_size;
+
+	extra = 7;
+	while (n >= 1 << (extra + 1))
+		extra++;
+
+	if (extra < priv->args[PMD_RX_BUF_PWR2]) {
+		priv->args[PMD_RX_BUF_PWR2] = extra;
+		lwsl_info(" Capping pmd rx to %d\n", 1 << extra);
+	}
+}
+
+LWS_VISIBLE int
+lws_extension_callback_pm_deflate(struct lws_context *context,
+				  const struct lws_extension *ext,
+				  struct lws *wsi,
+				  enum lws_extension_callback_reasons reason,
+				  void *user, void *in, size_t len)
+{
+	struct lws_ext_pm_deflate_priv *priv =
+				     (struct lws_ext_pm_deflate_priv *)user;
+	struct lws_tokens *eff_buf = (struct lws_tokens *)in;
+	static unsigned char trail[] = { 0, 0, 0xff, 0xff };
+	int n, ret = 0, was_fin = 0, extra;
+	struct lws_ext_option_arg *oa;
+
+	switch (reason) {
+	case LWS_EXT_CB_NAMED_OPTION_SET:
+		oa = in;
+		if (!oa->option_name)
+			break;
+		for (n = 0; n < ARRAY_SIZE(lws_ext_pm_deflate_options); n++)
+			if (!strcmp(lws_ext_pm_deflate_options[n].name, oa->option_name))
+				break;
+
+		if (n == ARRAY_SIZE(lws_ext_pm_deflate_options))
+			break;
+		oa->option_index = n;
+
+		/* fallthru */
+
+	case LWS_EXT_CB_OPTION_SET:
+		oa = in;
+		lwsl_notice("%s: option set: idx %d, %s, len %d\n", __func__,
+			  oa->option_index, oa->start, oa->len);
+		if (oa->start)
+			priv->args[oa->option_index] = atoi(oa->start);
+		else
+			priv->args[oa->option_index] = 1;
+
+		if (priv->args[PMD_CLIENT_MAX_WINDOW_BITS] == 8)
+			priv->args[PMD_CLIENT_MAX_WINDOW_BITS] = 9;
+
+		lws_extension_pmdeflate_restrict_args(wsi, priv);
+		break;
+
+	case LWS_EXT_CB_OPTION_CONFIRM:
+		if (priv->args[PMD_SERVER_MAX_WINDOW_BITS] < 8 ||
+		    priv->args[PMD_SERVER_MAX_WINDOW_BITS] > 15 ||
+		    priv->args[PMD_CLIENT_MAX_WINDOW_BITS] < 8 ||
+		    priv->args[PMD_CLIENT_MAX_WINDOW_BITS] > 15)
+			return -1;
+		break;
+
+	case LWS_EXT_CB_CLIENT_CONSTRUCT:
+	case LWS_EXT_CB_CONSTRUCT:
+
+		n = context->pt_serv_buf_size;
+		if (wsi->protocol->rx_buffer_size)
+			n =  wsi->protocol->rx_buffer_size;
+
+		if (n < 128) {
+			lwsl_info(" permessage-deflate requires the protocol (%s) to have an RX buffer >= 128\n",
+					wsi->protocol->name);
+			return -1;
+		}
+
+		/* fill in **user */
+		priv = lws_zalloc(sizeof(*priv), "pmd priv");
+		*((void **)user) = priv;
+		lwsl_ext("%s: LWS_EXT_CB_*CONSTRUCT\n", __func__);
+		memset(priv, 0, sizeof(*priv));
+
+		/* fill in pointer to options list */
+		if (in)
+			*((const struct lws_ext_options **)in) =
+					lws_ext_pm_deflate_options;
+
+		/* fallthru */
+
+	case LWS_EXT_CB_OPTION_DEFAULT:
+
+		/* set the public, RFC7692 defaults... */
+
+		priv->args[PMD_SERVER_NO_CONTEXT_TAKEOVER] = 0,
+		priv->args[PMD_CLIENT_NO_CONTEXT_TAKEOVER] = 0;
+		priv->args[PMD_SERVER_MAX_WINDOW_BITS] = 15;
+		priv->args[PMD_CLIENT_MAX_WINDOW_BITS] = 15;
+
+		/* ...and the ones the user code can override */
+
+		priv->args[PMD_RX_BUF_PWR2] = 10; /* ie, 1024 */
+		priv->args[PMD_TX_BUF_PWR2] = 10; /* ie, 1024 */
+		priv->args[PMD_COMP_LEVEL] = 1;
+		priv->args[PMD_MEM_LEVEL] = 8;
+
+		lws_extension_pmdeflate_restrict_args(wsi, priv);
+		break;
+
+	case LWS_EXT_CB_DESTROY:
+		lwsl_ext("%s: LWS_EXT_CB_DESTROY\n", __func__);
+		lws_free(priv->buf_rx_inflated);
+		lws_free(priv->buf_tx_deflated);
+		if (priv->rx_init)
+			(void)inflateEnd(&priv->rx);
+		if (priv->tx_init)
+			(void)deflateEnd(&priv->tx);
+		lws_free(priv);
+		return ret;
+
+	case LWS_EXT_CB_PAYLOAD_RX:
+		lwsl_ext(" %s: LWS_EXT_CB_PAYLOAD_RX: in %d, existing in %d\n",
+			 __func__, eff_buf->token_len, priv->rx.avail_in);
+		if (!(wsi->u.ws.rsv_first_msg & 0x40))
+			return 0;
+
+#if 0
+		for (n = 0; n < eff_buf->token_len; n++) {
+			printf("%02X ", (unsigned char)eff_buf->token[n]);
+			if ((n & 15) == 15)
+				printf("\n");
+		}
+		printf("\n");
+#endif
+		if (!priv->rx_init)
+			if (inflateInit2(&priv->rx, -priv->args[PMD_SERVER_MAX_WINDOW_BITS]) != Z_OK) {
+				lwsl_err("%s: iniflateInit failed\n", __func__);
+				return -1;
+			}
+		priv->rx_init = 1;
+		if (!priv->buf_rx_inflated)
+			priv->buf_rx_inflated = lws_malloc(LWS_PRE + 7 + 5 +
+					    (1 << priv->args[PMD_RX_BUF_PWR2]), "pmd rx inflate buf");
+		if (!priv->buf_rx_inflated) {
+			lwsl_err("%s: OOM\n", __func__);
+			return -1;
+		}
+
+		/*
+		 * We have to leave the input stream alone if we didn't
+		 * finish with it yet.  The input stream is held in the wsi
+		 * rx buffer by the caller, so this assumption is safe while
+		 * we block new rx while draining the existing rx
+		 */
+		if (!priv->rx.avail_in && eff_buf->token && eff_buf->token_len) {
+			priv->rx.next_in = (unsigned char *)eff_buf->token;
+			priv->rx.avail_in = eff_buf->token_len;
+		}
+		priv->rx.next_out = priv->buf_rx_inflated + LWS_PRE;
+		eff_buf->token = (char *)priv->rx.next_out;
+		priv->rx.avail_out = 1 << priv->args[PMD_RX_BUF_PWR2];
+
+		if (priv->rx_held_valid) {
+			lwsl_ext("-- RX piling on held byte --\n");
+			*(priv->rx.next_out++) = priv->rx_held;
+			priv->rx.avail_out--;
+			priv->rx_held_valid = 0;
+		}
+
+		/* if...
+		 *
+		 *  - he has no remaining input content for this message, and
+		 *  - and this is the final fragment, and
+		 *  - we used everything that could be drained on the input side
+		 *
+		 * ...then put back the 00 00 FF FF the sender stripped as our
+		 * input to zlib
+		 */
+		if (!priv->rx.avail_in && wsi->u.ws.final &&
+		    !wsi->u.ws.rx_packet_length) {
+			lwsl_ext("RX APPEND_TRAILER-DO\n");
+			was_fin = 1;
+			priv->rx.next_in = trail;
+			priv->rx.avail_in = sizeof(trail);
+		}
+
+		n = inflate(&priv->rx, Z_NO_FLUSH);
+		lwsl_ext("inflate ret %d, avi %d, avo %d, wsifinal %d\n", n,
+			 priv->rx.avail_in, priv->rx.avail_out, wsi->u.ws.final);
+		switch (n) {
+		case Z_NEED_DICT:
+		case Z_STREAM_ERROR:
+		case Z_DATA_ERROR:
+		case Z_MEM_ERROR:
+			lwsl_info("zlib error inflate %d: %s\n",
+				  n, priv->rx.msg);
+			return -1;
+		}
+		/*
+		 * If we did not already send in the 00 00 FF FF, and he's
+		 * out of input, he did not EXACTLY fill the output buffer
+		 * (which is ambiguous and we will force it to go around
+		 * again by withholding a byte), and he's otherwise working on
+		 * being a FIN fragment, then do the FIN message processing
+		 * of faking up the 00 00 FF FF that the sender stripped.
+		 */
+		if (!priv->rx.avail_in && wsi->u.ws.final &&
+		    !wsi->u.ws.rx_packet_length && !was_fin &&
+		    priv->rx.avail_out /* ambiguous as to if it is the end */
+		) {
+			lwsl_ext("RX APPEND_TRAILER-DO\n");
+			was_fin = 1;
+			priv->rx.next_in = trail;
+			priv->rx.avail_in = sizeof(trail);
+			n = inflate(&priv->rx, Z_SYNC_FLUSH);
+			lwsl_ext("RX trailer inf returned %d, avi %d, avo %d\n", n,
+				 priv->rx.avail_in, priv->rx.avail_out);
+			switch (n) {
+			case Z_NEED_DICT:
+			case Z_STREAM_ERROR:
+			case Z_DATA_ERROR:
+			case Z_MEM_ERROR:
+				lwsl_info("zlib error inflate %d: %s\n",
+					  n, priv->rx.msg);
+				return -1;
+			}
+		}
+		/*
+		 * we must announce in our returncode now if there is more
+		 * output to be expected from inflate, so we can decide to
+		 * set the FIN bit on this bufferload or not.  However zlib
+		 * is ambiguous when we exactly filled the inflate buffer.  It
+		 * does not give us a clue as to whether we should understand
+		 * that to mean he ended on a buffer boundary, or if there is
+		 * more in the pipeline.
+		 *
+		 * So to work around that safely, if it used all output space
+		 * exactly, we ALWAYS say there is more coming and we withhold
+		 * the last byte of the buffer to guarantee that is true.
+		 *
+		 * That still leaves us at least one byte to finish with a FIN
+		 * on, even if actually nothing more is coming from the next
+		 * inflate action itself.
+		 */
+		if (!priv->rx.avail_out) { /* he used all available out buf */
+			lwsl_ext("-- rx grabbing held --\n");
+			/* snip the last byte and hold it for next time */
+			priv->rx_held = *(--priv->rx.next_out);
+			priv->rx_held_valid = 1;
+		}
+
+		eff_buf->token_len = (char *)priv->rx.next_out - eff_buf->token;
+		priv->count_rx_between_fin += eff_buf->token_len;
+
+		lwsl_ext("  %s: RX leaving with new effbuff len %d, "
+			 "ret %d, rx.avail_in=%d, TOTAL RX since FIN %lu\n",
+			 __func__, eff_buf->token_len, priv->rx_held_valid,
+			 priv->rx.avail_in,
+			 (unsigned long)priv->count_rx_between_fin);
+
+		if (was_fin) {
+			priv->count_rx_between_fin = 0;
+			if (priv->args[PMD_SERVER_NO_CONTEXT_TAKEOVER]) {
+				(void)inflateEnd(&priv->rx);
+				priv->rx_init = 0;
+			}
+		}
+#if 0
+		for (n = 0; n < eff_buf->token_len; n++)
+			putchar(eff_buf->token[n]);
+		puts("\n");
+#endif
+
+		return priv->rx_held_valid;
+
+	case LWS_EXT_CB_PAYLOAD_TX:
+
+		if (!priv->tx_init) {
+			n = deflateInit2(&priv->tx, priv->args[PMD_COMP_LEVEL],
+					 Z_DEFLATED,
+					 -priv->args[PMD_SERVER_MAX_WINDOW_BITS +
+						     (wsi->vhost->listen_port <= 0)],
+					 priv->args[PMD_MEM_LEVEL],
+					 Z_DEFAULT_STRATEGY);
+			if (n != Z_OK) {
+				lwsl_ext("inflateInit2 failed %d\n", n);
+				return 1;
+			}
+		}
+		priv->tx_init = 1;
+		if (!priv->buf_tx_deflated)
+			priv->buf_tx_deflated = lws_malloc(LWS_PRE + 7 + 5 +
+					    (1 << priv->args[PMD_TX_BUF_PWR2]), "pmd tx deflate buf");
+		if (!priv->buf_tx_deflated) {
+			lwsl_err("%s: OOM\n", __func__);
+			return -1;
+		}
+
+		if (eff_buf->token) {
+			lwsl_ext("%s: TX: eff_buf length %d\n", __func__,
+				 eff_buf->token_len);
+			priv->tx.next_in = (unsigned char *)eff_buf->token;
+			priv->tx.avail_in = eff_buf->token_len;
+		}
+
+#if 0
+		for (n = 0; n < eff_buf->token_len; n++) {
+			printf("%02X ", (unsigned char)eff_buf->token[n]);
+			if ((n & 15) == 15)
+				printf("\n");
+		}
+		printf("\n");
+#endif
+
+		priv->tx.next_out = priv->buf_tx_deflated + LWS_PRE + 5;
+		eff_buf->token = (char *)priv->tx.next_out;
+		priv->tx.avail_out = 1 << priv->args[PMD_TX_BUF_PWR2];
+
+		n = deflate(&priv->tx, Z_SYNC_FLUSH);
+		if (n == Z_STREAM_ERROR) {
+			lwsl_ext("%s: Z_STREAM_ERROR\n", __func__);
+			return -1;
+		}
+
+		if (priv->tx_held_valid) {
+			priv->tx_held_valid = 0;
+			if (priv->tx.avail_out == 1 << priv->args[PMD_TX_BUF_PWR2])
+				/*
+				 * we can get a situation he took something in
+				 * but did not generate anything out, at the end
+				 * of a message (eg, next thing he sends is 80
+				 * 00, a zero length FIN, like Authobahn can
+				 * send).
+				 * If we have come back as a FIN, we must not
+				 * place the pending trailer 00 00 FF FF, just
+				 * the 1 byte of live data
+				 */
+				*(--eff_buf->token) = priv->tx_held[0];
+			else {
+				/* he generated data, prepend whole pending */
+				eff_buf->token -= 5;
+				for (n = 0; n < 5; n++)
+					eff_buf->token[n] = priv->tx_held[n];
+
+			}
+		}
+		priv->compressed_out = 1;
+		eff_buf->token_len = (int)(priv->tx.next_out -
+					   (unsigned char *)eff_buf->token);
+
+		/*
+		 * we must announce in our returncode now if there is more
+		 * output to be expected from inflate, so we can decide to
+		 * set the FIN bit on this bufferload or not.  However zlib
+		 * is ambiguous when we exactly filled the inflate buffer.  It
+		 * does not give us a clue as to whether we should understand
+		 * that to mean he ended on a buffer boundary, or if there is
+		 * more in the pipeline.
+		 *
+		 * Worse, the guy providing the stuff we are sending may not
+		 * know until after that this was, actually, the last chunk,
+		 * that can happen even if we did not fill the output buf, ie
+		 * he may send after this a zero-length FIN fragment.
+		 *
+		 * This is super difficult because we must snip the last 4
+		 * bytes in the case this is the last compressed output of the
+		 * message.  The only way to deal with it is defer sending the
+		 * last 5 bytes of each frame until the next one, when we will
+		 * be in a position to understand if that has a FIN or not.
+		 */
+
+		extra = !!(len & LWS_WRITE_NO_FIN) || !priv->tx.avail_out;
+
+		if (eff_buf->token_len >= 4 + extra) {
+			lwsl_ext("tx held %d\n", 4 + extra);
+			priv->tx_held_valid = extra;
+			for (n = 3 + extra; n >= 0; n--)
+				priv->tx_held[n] = *(--priv->tx.next_out);
+			eff_buf->token_len -= 4 + extra;
+		}
+		lwsl_ext("  TX rewritten with new effbuff len %d, ret %d\n",
+			 eff_buf->token_len, !priv->tx.avail_out);
+
+		return !priv->tx.avail_out; /* 1 == have more tx pending */
+
+	case LWS_EXT_CB_PACKET_TX_PRESEND:
+		if (!priv->compressed_out)
+			break;
+		priv->compressed_out = 0;
+
+		if ((*(eff_buf->token) & 0x80) &&
+		    priv->args[PMD_CLIENT_NO_CONTEXT_TAKEOVER]) {
+			lwsl_debug("PMD_CLIENT_NO_CONTEXT_TAKEOVER\n");
+			(void)deflateEnd(&priv->tx);
+			priv->tx_init = 0;
+		}
+
+		n = *(eff_buf->token) & 15;
+		/* set RSV1, but not on CONTINUATION */
+		if (n == LWSWSOPC_TEXT_FRAME || n == LWSWSOPC_BINARY_FRAME)
+			*eff_buf->token |= 0x40;
+#if 0
+		for (n = 0; n < eff_buf->token_len; n++) {
+			printf("%02X ", (unsigned char)eff_buf->token[n]);
+			if ((n & 15) == 15)
+				puts("\n");
+		}
+		puts("\n");
+#endif
+		lwsl_ext("%s: tx opcode 0x%02X\n", __func__,
+			 (unsigned char)*eff_buf->token);
+		break;
+
+	default:
+		break;
+	}
+
+	return 0;
+}
+
diff --git a/thirdparty/lws/ext/extension-permessage-deflate.h b/thirdparty/lws/ext/extension-permessage-deflate.h
new file mode 100644
index 0000000000..8737736897
--- /dev/null
+++ b/thirdparty/lws/ext/extension-permessage-deflate.h
@@ -0,0 +1,41 @@
+
+#include <zlib.h>
+
+#define DEFLATE_FRAME_COMPRESSION_LEVEL_SERVER 1
+#define DEFLATE_FRAME_COMPRESSION_LEVEL_CLIENT Z_DEFAULT_COMPRESSION
+
+enum arg_indexes {
+	PMD_SERVER_NO_CONTEXT_TAKEOVER,
+	PMD_CLIENT_NO_CONTEXT_TAKEOVER,
+	PMD_SERVER_MAX_WINDOW_BITS,
+	PMD_CLIENT_MAX_WINDOW_BITS,
+	PMD_RX_BUF_PWR2,
+	PMD_TX_BUF_PWR2,
+	PMD_COMP_LEVEL,
+	PMD_MEM_LEVEL,
+
+	PMD_ARG_COUNT
+};
+
+struct lws_ext_pm_deflate_priv {
+	z_stream rx;
+	z_stream tx;
+
+	unsigned char *buf_rx_inflated; /* RX inflated output buffer */
+	unsigned char *buf_tx_deflated; /* TX deflated output buffer */
+
+	size_t count_rx_between_fin;
+
+	unsigned char args[PMD_ARG_COUNT];
+	unsigned char tx_held[5];
+	unsigned char rx_held;
+
+	unsigned char tx_init:1;
+	unsigned char rx_init:1;
+	unsigned char compressed_out:1;
+	unsigned char rx_held_valid:1;
+	unsigned char tx_held_valid:1;
+	unsigned char rx_append_trailer:1;
+	unsigned char pending_tx_trailer:1;
+};
+
diff --git a/thirdparty/lws/ext/extension.c b/thirdparty/lws/ext/extension.c
new file mode 100644
index 0000000000..ac28204034
--- /dev/null
+++ b/thirdparty/lws/ext/extension.c
@@ -0,0 +1,344 @@
+#include "private-libwebsockets.h"
+
+#include "extension-permessage-deflate.h"
+
+LWS_VISIBLE void
+lws_context_init_extensions(struct lws_context_creation_info *info,
+			    struct lws_context *context)
+{
+	lwsl_info(" LWS_MAX_EXTENSIONS_ACTIVE: %u\n", LWS_MAX_EXTENSIONS_ACTIVE);
+}
+
+enum lws_ext_option_parser_states {
+	LEAPS_SEEK_NAME,
+	LEAPS_EAT_NAME,
+	LEAPS_SEEK_VAL,
+	LEAPS_EAT_DEC,
+	LEAPS_SEEK_ARG_TERM
+};
+
+LWS_VISIBLE int
+lws_ext_parse_options(const struct lws_extension *ext, struct lws *wsi,
+		      void *ext_user, const struct lws_ext_options *opts,
+		      const char *in, int len)
+{
+	enum lws_ext_option_parser_states leap = LEAPS_SEEK_NAME;
+	unsigned int match_map = 0, n, m, w = 0, count_options = 0,
+		     pending_close_quote = 0;
+	struct lws_ext_option_arg oa;
+
+	oa.option_name = NULL;
+
+	while (opts[count_options].name)
+		count_options++;
+	while (len) {
+		lwsl_ext("'%c' %d", *in, leap);
+		switch (leap) {
+		case LEAPS_SEEK_NAME:
+			if (*in == ' ')
+				break;
+			if (*in == ',') {
+				len = 1;
+				break;
+			}
+			match_map = (1 << count_options) - 1;
+			leap = LEAPS_EAT_NAME;
+			w = 0;
+
+		/* fallthru */
+
+		case LEAPS_EAT_NAME:
+			oa.start = NULL;
+			oa.len = 0;
+			m = match_map;
+			n = 0;
+			pending_close_quote = 0;
+			while (m) {
+				if (m & 1) {
+					lwsl_ext("    m=%d, n=%d, w=%d\n", m, n, w);
+
+					if (*in == opts[n].name[w]) {
+						if (!opts[n].name[w + 1]) {
+							oa.option_index = n;
+							lwsl_ext("hit %d\n", oa.option_index);
+							leap = LEAPS_SEEK_VAL;
+							if (len == 1)
+								goto set_arg;
+							break;
+						}
+					} else {
+						match_map &= ~(1 << n);
+						if (!match_map) {
+							lwsl_ext("empty match map\n");
+							return -1;
+						}
+					}
+				}
+				m >>= 1;
+				n++;
+			}
+			w++;
+			break;
+		case LEAPS_SEEK_VAL:
+			if (*in == ' ')
+				break;
+			if (*in == ',') {
+				len = 1;
+				break;
+			}
+			if (*in == ';' || len == 1) { /* ie,nonoptional */
+				if (opts[oa.option_index].type == EXTARG_DEC)
+					return -1;
+				leap = LEAPS_SEEK_NAME;
+				goto set_arg;
+			}
+			if (*in == '=') {
+				w = 0;
+				pending_close_quote = 0;
+				if (opts[oa.option_index].type == EXTARG_NONE)
+					return -1;
+
+				leap = LEAPS_EAT_DEC;
+				break;
+			}
+			return -1;
+
+		case LEAPS_EAT_DEC:
+			if (*in >= '0' && *in <= '9') {
+				if (!w)
+					oa.start = in;
+				w++;
+				if (len != 1)
+					break;
+			}
+			if (!w && *in =='"') {
+				pending_close_quote = 1;
+				break;
+			}
+			if (!w)
+				return -1;
+			if (pending_close_quote && *in != '"' && len != 1)
+				return -1;
+			leap = LEAPS_SEEK_ARG_TERM;
+			if (oa.start)
+				oa.len = in - oa.start;
+			if (len == 1)
+				oa.len++;
+
+set_arg:
+			ext->callback(lws_get_context(wsi),
+				ext, wsi, LWS_EXT_CB_OPTION_SET,
+				ext_user, (char *)&oa, 0);
+			if (len == 1)
+				break;
+			if (pending_close_quote && *in == '"')
+				break;
+
+			/* fallthru */
+
+		case LEAPS_SEEK_ARG_TERM:
+			if (*in == ' ')
+				break;
+			if (*in == ';') {
+				leap = LEAPS_SEEK_NAME;
+				break;
+			}
+			if (*in == ',') {
+				len = 1;
+				break;
+			}
+			return -1;
+		}
+		len--;
+		in++;
+	}
+
+	return 0;
+}
+
+
+/* 0 = nobody had nonzero return, 1 = somebody had positive return, -1 = fail */
+
+int lws_ext_cb_active(struct lws *wsi, int reason, void *arg, int len)
+{
+	int n, m, handled = 0;
+
+	for (n = 0; n < wsi->count_act_ext; n++) {
+		m = wsi->active_extensions[n]->callback(lws_get_context(wsi),
+			wsi->active_extensions[n], wsi, reason,
+			wsi->act_ext_user[n], arg, len);
+		if (m < 0) {
+			lwsl_ext("Ext '%s' failed to handle callback %d!\n",
+				 wsi->active_extensions[n]->name, reason);
+			return -1;
+		}
+		/* valgrind... */
+		if (reason == LWS_EXT_CB_DESTROY)
+			wsi->act_ext_user[n] = NULL;
+		if (m > handled)
+			handled = m;
+	}
+
+	return handled;
+}
+
+int lws_ext_cb_all_exts(struct lws_context *context, struct lws *wsi,
+			int reason, void *arg, int len)
+{
+	int n = 0, m, handled = 0;
+	const struct lws_extension *ext;
+
+	if (!wsi || !wsi->vhost)
+		return 0;
+
+	ext = wsi->vhost->extensions;
+
+	while (ext && ext->callback && !handled) {
+		m = ext->callback(context, ext, wsi, reason,
+				  (void *)(lws_intptr_t)n, arg, len);
+		if (m < 0) {
+			lwsl_ext("Ext '%s' failed to handle callback %d!\n",
+				 wsi->active_extensions[n]->name, reason);
+			return -1;
+		}
+		if (m)
+			handled = 1;
+
+		ext++;
+		n++;
+	}
+
+	return 0;
+}
+
+int
+lws_issue_raw_ext_access(struct lws *wsi, unsigned char *buf, size_t len)
+{
+	struct lws_tokens eff_buf;
+	int ret, m, n = 0;
+
+	eff_buf.token = (char *)buf;
+	eff_buf.token_len = len;
+
+	/*
+	 * while we have original buf to spill ourselves, or extensions report
+	 * more in their pipeline
+	 */
+
+	ret = 1;
+	while (ret == 1) {
+
+		/* default to nobody has more to spill */
+
+		ret = 0;
+
+		/* show every extension the new incoming data */
+		m = lws_ext_cb_active(wsi,
+			       LWS_EXT_CB_PACKET_TX_PRESEND, &eff_buf, 0);
+		if (m < 0)
+			return -1;
+		if (m) /* handled */
+			ret = 1;
+
+		if ((char *)buf != eff_buf.token)
+			/*
+			 * extension recreated it:
+			 * need to buffer this if not all sent
+			 */
+			wsi->u.ws.clean_buffer = 0;
+
+		/* assuming they left us something to send, send it */
+
+		if (eff_buf.token_len) {
+			n = lws_issue_raw(wsi, (unsigned char *)eff_buf.token,
+							    eff_buf.token_len);
+			if (n < 0) {
+				lwsl_info("closing from ext access\n");
+				return -1;
+			}
+
+			/* always either sent it all or privately buffered */
+			if (wsi->u.ws.clean_buffer)
+				len = n;
+		}
+
+		lwsl_parser("written %d bytes to client\n", n);
+
+		/* no extension has more to spill?  Then we can go */
+
+		if (!ret)
+			break;
+
+		/* we used up what we had */
+
+		eff_buf.token = NULL;
+		eff_buf.token_len = 0;
+
+		/*
+		 * Did that leave the pipe choked?
+		 * Or we had to hold on to some of it?
+		 */
+
+		if (!lws_send_pipe_choked(wsi) && !wsi->trunc_len)
+			/* no we could add more, lets's do that */
+			continue;
+
+		lwsl_debug("choked\n");
+
+		/*
+		 * Yes, he's choked.  Don't spill the rest now get a callback
+		 * when he is ready to send and take care of it there
+		 */
+		lws_callback_on_writable(wsi);
+		wsi->extension_data_pending = 1;
+		ret = 0;
+	}
+
+	return len;
+}
+
+int
+lws_any_extension_handled(struct lws *wsi, enum lws_extension_callback_reasons r,
+			  void *v, size_t len)
+{
+	struct lws_context *context = wsi->context;
+	int n, handled = 0;
+
+	/* maybe an extension will take care of it for us */
+
+	for (n = 0; n < wsi->count_act_ext && !handled; n++) {
+		if (!wsi->active_extensions[n]->callback)
+			continue;
+
+		handled |= wsi->active_extensions[n]->callback(context,
+			wsi->active_extensions[n], wsi,
+			r, wsi->act_ext_user[n], v, len);
+	}
+
+	return handled;
+}
+
+int
+lws_set_extension_option(struct lws *wsi, const char *ext_name,
+			 const char *opt_name, const char *opt_val)
+{
+	struct lws_ext_option_arg oa;
+	int idx = 0;
+
+	/* first identify if the ext is active on this wsi */
+	while (idx < wsi->count_act_ext &&
+	       strcmp(wsi->active_extensions[idx]->name, ext_name))
+		idx++;
+
+	if (idx == wsi->count_act_ext)
+		return -1; /* request ext not active on this wsi */
+
+	oa.option_name = opt_name;
+	oa.option_index = 0;
+	oa.start = opt_val;
+	oa.len = 0;
+
+	return wsi->active_extensions[idx]->callback(
+			wsi->context, wsi->active_extensions[idx], wsi,
+			LWS_EXT_CB_NAMED_OPTION_SET, wsi->act_ext_user[idx], &oa, 0);
+}
diff --git a/thirdparty/lws/handshake.c b/thirdparty/lws/handshake.c
new file mode 100644
index 0000000000..bc7609d920
--- /dev/null
+++ b/thirdparty/lws/handshake.c
@@ -0,0 +1,280 @@
+/*
+ * libwebsockets - small server side websockets and web server implementation
+ *
+ * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com>
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation:
+ *  version 2.1 of the License.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA  02110-1301  USA
+ */
+
+#include "private-libwebsockets.h"
+
+/*
+ * -04 of the protocol (actually the 80th version) has a radically different
+ * handshake.  The 04 spec gives the following idea
+ *
+ *    The handshake from the client looks as follows:
+ *
+ *      GET /chat HTTP/1.1
+ *      Host: server.example.com
+ *      Upgrade: websocket
+ *      Connection: Upgrade
+ *      Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ==
+ *      Sec-WebSocket-Origin: http://example.com
+ *      Sec-WebSocket-Protocol: chat, superchat
+ *	Sec-WebSocket-Version: 4
+ *
+ *  The handshake from the server looks as follows:
+ *
+ *       HTTP/1.1 101 Switching Protocols
+ *       Upgrade: websocket
+ *       Connection: Upgrade
+ *       Sec-WebSocket-Accept: me89jWimTRKTWwrS3aRrL53YZSo=
+ *       Sec-WebSocket-Nonce: AQIDBAUGBwgJCgsMDQ4PEC==
+ *       Sec-WebSocket-Protocol: chat
+ */
+
+#ifndef min
+#define min(a, b) ((a) < (b) ? (a) : (b))
+#endif
+
+/*
+ * We have to take care about parsing because the headers may be split
+ * into multiple fragments.  They may contain unknown headers with arbitrary
+ * argument lengths.  So, we parse using a single-character at a time state
+ * machine that is completely independent of packet size.
+ *
+ * Returns <0 for error or length of chars consumed from buf (up to len)
+ */
+
+LWS_VISIBLE int
+lws_read(struct lws *wsi, unsigned char *buf, lws_filepos_t len)
+{
+	unsigned char *last_char, *oldbuf = buf;
+	lws_filepos_t body_chunk_len;
+	size_t n;
+
+	switch (wsi->state) {
+#ifdef LWS_WITH_HTTP2
+	case LWSS_HTTP2_AWAIT_CLIENT_PREFACE:
+	case LWSS_HTTP2_ESTABLISHED_PRE_SETTINGS:
+	case LWSS_HTTP2_ESTABLISHED:
+		n = 0;
+		//lwsl_debug("%s: starting new block of %d\n", __func__, (int)len);
+		/*
+		 * wsi here is always the network connection wsi, not a stream
+		 * wsi.
+		 */
+		while (n < len) {
+			/*
+			 * we were accepting input but now we stopped doing so
+			 */
+			if (lws_is_flowcontrolled(wsi)) {
+				lws_rxflow_cache(wsi, buf, n, len);
+
+				return 1;
+			}
+
+			/* account for what we're using in rxflow buffer */
+			if (wsi->rxflow_buffer) {
+				wsi->rxflow_pos++;
+				assert(wsi->rxflow_pos <= wsi->rxflow_len);
+			}
+
+			if (lws_h2_parser(wsi, buf[n++])) {
+				lwsl_debug("%s: http2_parser bailed\n", __func__);
+				goto bail;
+			}
+		}
+		lwsl_debug("%s: used up block of %d\n", __func__, (int)len);
+		break;
+#endif
+
+	case LWSS_HTTP_ISSUING_FILE:
+		return 0;
+
+	case LWSS_CLIENT_HTTP_ESTABLISHED:
+		break;
+
+	case LWSS_HTTP:
+		wsi->hdr_parsing_completed = 0;
+
+		/* fallthru */
+
+	case LWSS_HTTP_HEADERS:
+		if (!wsi->u.hdr.ah) {
+			lwsl_err("%s: LWSS_HTTP_HEADERS: NULL ah\n", __func__);
+			assert(0);
+		}
+		lwsl_parser("issuing %d bytes to parser\n", (int)len);
+
+		lwsl_hexdump(buf, (size_t)len);
+
+		if (lws_handshake_client(wsi, &buf, (size_t)len))
+			goto bail;
+
+		last_char = buf;
+		if (lws_handshake_server(wsi, &buf, (size_t)len))
+			/* Handshake indicates this session is done. */
+			goto bail;
+
+		/* we might have transitioned to RAW */
+		if (wsi->mode == LWSCM_RAW)
+			 /* we gave the read buffer to RAW handler already */
+			goto read_ok;
+
+		/*
+		 * It's possible that we've exhausted our data already, or
+		 * rx flow control has stopped us dealing with this early,
+		 * but lws_handshake_server doesn't update len for us.
+		 * Figure out how much was read, so that we can proceed
+		 * appropriately:
+		 */
+		len -= (buf - last_char);
+		lwsl_debug("%s: thinks we have used %ld\n", __func__, (long)len);
+
+		if (!wsi->hdr_parsing_completed)
+			/* More header content on the way */
+			goto read_ok;
+
+		switch (wsi->state) {
+			case LWSS_HTTP:
+			case LWSS_HTTP_HEADERS:
+				goto read_ok;
+			case LWSS_HTTP_ISSUING_FILE:
+				goto read_ok;
+			case LWSS_HTTP_BODY:
+				wsi->u.http.rx_content_remain =
+						wsi->u.http.rx_content_length;
+				if (wsi->u.http.rx_content_remain)
+					goto http_postbody;
+
+				/* there is no POST content */
+				goto postbody_completion;
+			default:
+				break;
+		}
+		break;
+
+	case LWSS_HTTP_BODY:
+http_postbody:
+		//lwsl_notice("http post body\n");
+		while (len && wsi->u.http.rx_content_remain) {
+			/* Copy as much as possible, up to the limit of:
+			 * what we have in the read buffer (len)
+			 * remaining portion of the POST body (content_remain)
+			 */
+			body_chunk_len = min(wsi->u.http.rx_content_remain, len);
+			wsi->u.http.rx_content_remain -= body_chunk_len;
+			len -= body_chunk_len;
+#ifdef LWS_WITH_CGI
+			if (wsi->cgi) {
+				struct lws_cgi_args args;
+
+				args.ch = LWS_STDIN;
+				args.stdwsi = &wsi->cgi->stdwsi[0];
+				args.data = buf;
+				args.len = body_chunk_len;
+
+				/* returns how much used */
+				n = user_callback_handle_rxflow(
+					wsi->protocol->callback,
+					wsi, LWS_CALLBACK_CGI_STDIN_DATA,
+					wsi->user_space,
+					(void *)&args, 0);
+				if ((int)n < 0)
+					goto bail;
+			} else {
+#endif
+				n = wsi->protocol->callback(wsi,
+					LWS_CALLBACK_HTTP_BODY, wsi->user_space,
+					buf, (size_t)body_chunk_len);
+				if (n)
+					goto bail;
+				n = (size_t)body_chunk_len;
+#ifdef LWS_WITH_CGI
+			}
+#endif
+			buf += n;
+
+			if (wsi->u.http.rx_content_remain)  {
+				lws_set_timeout(wsi, PENDING_TIMEOUT_HTTP_CONTENT,
+						wsi->context->timeout_secs);
+				break;
+			}
+			/* he sent all the content in time */
+postbody_completion:
+#ifdef LWS_WITH_CGI
+			/*
+			 * If we're running a cgi, we can't let him off the
+			 * hook just because he sent his POST data
+			 */
+			if (wsi->cgi)
+				lws_set_timeout(wsi, PENDING_TIMEOUT_CGI,
+						wsi->context->timeout_secs);
+			else
+#endif
+			lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0);
+#ifdef LWS_WITH_CGI
+			if (!wsi->cgi)
+#endif
+			{
+				lwsl_notice("LWS_CALLBACK_HTTP_BODY_COMPLETION\n");
+				n = wsi->protocol->callback(wsi,
+					LWS_CALLBACK_HTTP_BODY_COMPLETION,
+					wsi->user_space, NULL, 0);
+				if (n)
+					goto bail;
+
+				if (wsi->http2_substream)
+					wsi->state = LWSS_HTTP2_ESTABLISHED;
+			}
+
+			break;
+		}
+		break;
+
+	case LWSS_ESTABLISHED:
+	case LWSS_AWAITING_CLOSE_ACK:
+	case LWSS_WAITING_TO_SEND_CLOSE_NOTIFICATION:
+	case LWSS_SHUTDOWN:
+		if (lws_handshake_client(wsi, &buf, (size_t)len))
+			goto bail;
+		switch (wsi->mode) {
+		case LWSCM_WS_SERVING:
+
+			if (lws_interpret_incoming_packet(wsi, &buf, (size_t)len) < 0) {
+				lwsl_info("interpret_incoming_packet has bailed\n");
+				goto bail;
+			}
+			break;
+		}
+		break;
+	default:
+		lwsl_err("%s: Unhandled state %d\n", __func__, wsi->state);
+		break;
+	}
+
+read_ok:
+	/* Nothing more to do for now */
+	lwsl_info("%s: read_ok, used %ld\n", __func__, (long)(buf - oldbuf));
+
+	return buf - oldbuf;
+
+bail:
+	lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS);
+
+	return -1;
+}
diff --git a/thirdparty/lws/header.c b/thirdparty/lws/header.c
new file mode 100644
index 0000000000..e2562cd6ea
--- /dev/null
+++ b/thirdparty/lws/header.c
@@ -0,0 +1,355 @@
+/*
+ * libwebsockets - small server side websockets and web server implementation
+ *
+ * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com>
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation:
+ *  version 2.1 of the License.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA  02110-1301  USA
+ */
+
+#include "private-libwebsockets.h"
+
+#include "lextable-strings.h"
+
+
+const unsigned char *lws_token_to_string(enum lws_token_indexes token)
+{
+	if ((unsigned int)token >= ARRAY_SIZE(set))
+		return NULL;
+
+	return (unsigned char *)set[token];
+}
+
+int
+lws_add_http_header_by_name(struct lws *wsi, const unsigned char *name,
+			    const unsigned char *value, int length,
+			    unsigned char **p, unsigned char *end)
+{
+#ifdef LWS_WITH_HTTP2
+	if (wsi->mode == LWSCM_HTTP2_SERVING)
+		return lws_add_http2_header_by_name(wsi, name,
+						    value, length, p, end);
+#else
+	(void)wsi;
+#endif
+	if (name) {
+		while (*p < end && *name)
+			*((*p)++) = *name++;
+		if (*p == end)
+			return 1;
+		*((*p)++) = ' ';
+	}
+	if (*p + length + 3 >= end)
+		return 1;
+
+	memcpy(*p, value, length);
+	*p += length;
+	*((*p)++) = '\x0d';
+	*((*p)++) = '\x0a';
+
+	return 0;
+}
+
+int lws_finalize_http_header(struct lws *wsi, unsigned char **p,
+			     unsigned char *end)
+{
+#ifdef LWS_WITH_HTTP2
+	if (wsi->mode == LWSCM_HTTP2_SERVING)
+		return 0;
+#else
+	(void)wsi;
+#endif
+	if ((lws_intptr_t)(end - *p) < 3)
+		return 1;
+	*((*p)++) = '\x0d';
+	*((*p)++) = '\x0a';
+
+	return 0;
+}
+
+int
+lws_add_http_header_by_token(struct lws *wsi, enum lws_token_indexes token,
+			     const unsigned char *value, int length,
+			     unsigned char **p, unsigned char *end)
+{
+	const unsigned char *name;
+#ifdef LWS_WITH_HTTP2
+	if (wsi->mode == LWSCM_HTTP2_SERVING)
+		return lws_add_http2_header_by_token(wsi, token, value,
+						     length, p, end);
+#endif
+	name = lws_token_to_string(token);
+	if (!name)
+		return 1;
+	return lws_add_http_header_by_name(wsi, name, value, length, p, end);
+}
+
+int lws_add_http_header_content_length(struct lws *wsi,
+				       lws_filepos_t content_length,
+				       unsigned char **p, unsigned char *end)
+{
+	char b[24];
+	int n;
+
+	n = sprintf(b, "%llu", (unsigned long long)content_length);
+	if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH,
+					 (unsigned char *)b, n, p, end))
+		return 1;
+	wsi->u.http.tx_content_length = content_length;
+	wsi->u.http.tx_content_remain = content_length;
+
+	return 0;
+}
+
+STORE_IN_ROM static const char * const err400[] = {
+	"Bad Request",
+	"Unauthorized",
+	"Payment Required",
+	"Forbidden",
+	"Not Found",
+	"Method Not Allowed",
+	"Not Acceptable",
+	"Proxy Auth Required",
+	"Request Timeout",
+	"Conflict",
+	"Gone",
+	"Length Required",
+	"Precondition Failed",
+	"Request Entity Too Large",
+	"Request URI too Long",
+	"Unsupported Media Type",
+	"Requested Range Not Satisfiable",
+	"Expectation Failed"
+};
+
+STORE_IN_ROM static const char * const err500[] = {
+	"Internal Server Error",
+	"Not Implemented",
+	"Bad Gateway",
+	"Service Unavailable",
+	"Gateway Timeout",
+	"HTTP Version Not Supported"
+};
+
+int
+lws_add_http_header_status(struct lws *wsi, unsigned int _code,
+			   unsigned char **p, unsigned char *end)
+{
+	STORE_IN_ROM static const char * const hver[] = {
+		"HTTP/1.0", "HTTP/1.1", "HTTP/2"
+	};
+	const struct lws_protocol_vhost_options *headers;
+	unsigned int code = _code & LWSAHH_CODE_MASK;
+	const char *description = "", *p1;
+	unsigned char code_and_desc[60];
+	int n;
+
+#ifdef LWS_WITH_ACCESS_LOG
+	wsi->access_log.response = code;
+#endif
+
+#ifdef LWS_WITH_HTTP2
+	if (wsi->mode == LWSCM_HTTP2_SERVING)
+		return lws_add_http2_header_status(wsi, code, p, end);
+#endif
+	if (code >= 400 && code < (400 + ARRAY_SIZE(err400)))
+		description = err400[code - 400];
+	if (code >= 500 && code < (500 + ARRAY_SIZE(err500)))
+		description = err500[code - 500];
+
+	if (code == 100)
+		description = "Continue";
+
+	if (code == 200)
+		description = "OK";
+
+	if (code == 304)
+		description = "Not Modified";
+	else
+		if (code >= 300 && code < 400)
+			description = "Redirect";
+
+	if (wsi->u.http.request_version < ARRAY_SIZE(hver))
+		p1 = hver[wsi->u.http.request_version];
+	else
+		p1 = hver[0];
+
+	n = sprintf((char *)code_and_desc, "%s %u %s", p1, code, description);
+
+	if (lws_add_http_header_by_name(wsi, NULL, code_and_desc, n, p, end))
+		return 1;
+
+	headers = wsi->vhost->headers;
+	while (headers) {
+		if (lws_add_http_header_by_name(wsi,
+				(const unsigned char *)headers->name,
+				(unsigned char *)headers->value,
+				strlen(headers->value), p, end))
+			return 1;
+
+		headers = headers->next;
+	}
+
+	if (wsi->context->server_string &&
+	    !(_code & LWSAHH_FLAG_NO_SERVER_NAME))
+		if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_SERVER,
+				(unsigned char *)wsi->context->server_string,
+				wsi->context->server_string_len, p, end))
+			return 1;
+
+	if (wsi->vhost->options & LWS_SERVER_OPTION_STS)
+		if (lws_add_http_header_by_name(wsi, (unsigned char *)
+				"Strict-Transport-Security:",
+				(unsigned char *)"max-age=15768000 ; "
+				"includeSubDomains", 36, p, end))
+			return 1;
+
+	return 0;
+}
+
+LWS_VISIBLE int
+lws_return_http_status(struct lws *wsi, unsigned int code,
+		       const char *html_body)
+{
+	struct lws_context *context = lws_get_context(wsi);
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+	unsigned char *p = pt->serv_buf + LWS_PRE;
+	unsigned char *start = p;
+	unsigned char *end = p + context->pt_serv_buf_size - LWS_PRE;
+	int n = 0, m = 0, len;
+	char slen[20];
+
+	if (!html_body)
+		html_body = "";
+
+	if (lws_add_http_header_status(wsi, code, &p, end))
+		return 1;
+
+	if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE,
+					 (unsigned char *)"text/html", 9,
+					 &p, end))
+		return 1;
+
+	len = 35 + strlen(html_body) + sprintf(slen, "%d", code);
+	n = sprintf(slen, "%d", len);
+
+	if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH,
+					 (unsigned char *)slen, n,
+					 &p, end))
+		return 1;
+
+	if (lws_finalize_http_header(wsi, &p, end))
+		return 1;
+
+#if defined(LWS_WITH_HTTP2)
+	if (wsi->http2_substream) {
+		unsigned char *body = p + 512;
+
+		/*
+		 * for HTTP/2, the headers must be sent separately, since they
+		 * go out in their own frame.  That puts us in a bind that
+		 * we won't always be able to get away with two lws_write()s in
+		 * sequence, since the first may use up the writability due to
+		 * the pipe being choked or SSL_WANT_.
+		 *
+		 * However we do need to send the human-readable body, and the
+		 * END_STREAM.
+		 *
+		 * Solve it by writing the headers now...
+		 */
+		m = lws_write(wsi, start, p - start, LWS_WRITE_HTTP_HEADERS);
+		if (m != (int)(p - start))
+			return 1;
+
+		/*
+		 * ... but stash the body and send it as a priority next
+		 * handle_POLLOUT
+		 */
+
+		len = sprintf((char *)body,
+			      "<html><body><h1>%u</h1>%s</body></html>",
+			      code, html_body);
+		wsi->u.http.tx_content_length = len;
+		wsi->u.http.tx_content_remain = len;
+
+		wsi->u.h2.pending_status_body = lws_malloc(len + LWS_PRE + 1,
+							"pending status body");
+		if (!wsi->u.h2.pending_status_body)
+			return -1;
+
+		strcpy(wsi->u.h2.pending_status_body + LWS_PRE,
+		       (const char *)body);
+		lws_callback_on_writable(wsi);
+
+		return 0;
+	} else
+#endif
+	{
+		/*
+		 * for http/1, we can just append the body after the finalized
+		 * headers and send it all in one go.
+		 */
+		p += lws_snprintf((char *)p, end - p - 1,
+				  "<html><body><h1>%u</h1>%s</body></html>",
+				  code, html_body);
+
+		n = (int)(p - start);
+
+		m = lws_write(wsi, start, n, LWS_WRITE_HTTP);
+		if (m != n)
+			return 1;
+	}
+
+	lwsl_notice("%s: return\n", __func__);
+
+	return m != n;
+}
+
+LWS_VISIBLE int
+lws_http_redirect(struct lws *wsi, int code, const unsigned char *loc, int len,
+		  unsigned char **p, unsigned char *end)
+{
+	unsigned char *start = *p;
+	int n;
+
+	if (lws_add_http_header_status(wsi, code, p, end))
+		return -1;
+
+	if (lws_add_http_header_by_token(wsi,
+			WSI_TOKEN_HTTP_LOCATION,
+			loc, len, p, end))
+		return -1;
+	/*
+	 * if we're going with http/1.1 and keepalive, we have to give fake
+	 * content metadata so the client knows we completed the transaction and
+	 * it can do the redirect...
+	 */
+	if (lws_add_http_header_by_token(wsi,
+			WSI_TOKEN_HTTP_CONTENT_TYPE,
+			(unsigned char *)"text/html", 9,
+			p, end))
+		return -1;
+	if (lws_add_http_header_by_token(wsi,
+			WSI_TOKEN_HTTP_CONTENT_LENGTH,
+			(unsigned char *)"0", 1, p, end))
+		return -1;
+
+	if (lws_finalize_http_header(wsi, p, end))
+		return -1;
+
+	n = lws_write(wsi, start, *p - start, LWS_WRITE_HTTP_HEADERS | LWS_WRITE_H2_STREAM_END);
+
+	return n;
+}
diff --git a/thirdparty/lws/lextable-strings.h b/thirdparty/lws/lextable-strings.h
new file mode 100644
index 0000000000..ab42c3e476
--- /dev/null
+++ b/thirdparty/lws/lextable-strings.h
@@ -0,0 +1,104 @@
+/* set of parsable strings -- ALL LOWER CASE */
+
+#if !defined(STORE_IN_ROM)
+#define STORE_IN_ROM
+#endif
+
+STORE_IN_ROM static const char * const set[] = {
+	"get ",
+	"post ",
+	"options ",
+	"host:",
+	"connection:",
+	"upgrade:",
+	"origin:",
+	"sec-websocket-draft:",
+	"\x0d\x0a",
+
+	"sec-websocket-extensions:",
+	"sec-websocket-key1:",
+	"sec-websocket-key2:",
+	"sec-websocket-protocol:",
+
+	"sec-websocket-accept:",
+	"sec-websocket-nonce:",
+	"http/1.1 ",
+	"http2-settings:",
+
+	"accept:",
+	"access-control-request-headers:",
+	"if-modified-since:",
+	"if-none-match:",
+	"accept-encoding:",
+	"accept-language:",
+	"pragma:",
+	"cache-control:",
+	"authorization:",
+	"cookie:",
+	"content-length:",
+	"content-type:",
+	"date:",
+	"range:",
+	"referer:",
+	"sec-websocket-key:",
+	"sec-websocket-version:",
+	"sec-websocket-origin:",
+
+	":authority",
+	":method",
+	":path",
+	":scheme",
+	":status",
+
+	"accept-charset:",
+	"accept-ranges:",
+	"access-control-allow-origin:",
+	"age:",
+	"allow:",
+	"content-disposition:",
+	"content-encoding:",
+	"content-language:",
+	"content-location:",
+	"content-range:",
+	"etag:",
+	"expect:",
+	"expires:",
+	"from:",
+	"if-match:",
+	"if-range:",
+	"if-unmodified-since:",
+	"last-modified:",
+	"link:",
+	"location:",
+	"max-forwards:",
+	"proxy-authenticate:",
+	"proxy-authorization:",
+	"refresh:",
+	"retry-after:",
+	"server:",
+	"set-cookie:",
+	"strict-transport-security:",
+	"transfer-encoding:",
+	"user-agent:",
+	"vary:",
+	"via:",
+	"www-authenticate:",
+
+	"patch",
+	"put",
+	"delete",
+
+	"uri-args", /* fake header used for uri-only storage */
+
+	"proxy ",
+	"x-real-ip:",
+	"http/1.0 ",
+
+	"x-forwarded-for",
+	"connect ",
+	"head ",
+	"te:",		/* http/2 wants it to reject it */
+
+	"", /* not matchable */
+
+};
diff --git a/thirdparty/lws/lextable.h b/thirdparty/lws/lextable.h
new file mode 100644
index 0000000000..f940afd25b
--- /dev/null
+++ b/thirdparty/lws/lextable.h
@@ -0,0 +1,805 @@
+/* pos 0000:   0 */    0x67 /* 'g' */, 0x40, 0x00  /* (to 0x0040 state   1) */,
+                       0x70 /* 'p' */, 0x42, 0x00  /* (to 0x0045 state   5) */,
+                       0x6F /* 'o' */, 0x51, 0x00  /* (to 0x0057 state  10) */,
+                       0x68 /* 'h' */, 0x5D, 0x00  /* (to 0x0066 state  18) */,
+                       0x63 /* 'c' */, 0x69, 0x00  /* (to 0x0075 state  23) */,
+                       0x75 /* 'u' */, 0x8A, 0x00  /* (to 0x0099 state  34) */,
+                       0x73 /* 's' */, 0xA0, 0x00  /* (to 0x00B2 state  48) */,
+                       0x0D /* '.' */, 0xD9, 0x00  /* (to 0x00EE state  68) */,
+                       0x61 /* 'a' */, 0x31, 0x01  /* (to 0x0149 state 129) */,
+                       0x69 /* 'i' */, 0x70, 0x01  /* (to 0x018B state 163) */,
+                       0x64 /* 'd' */, 0x19, 0x02  /* (to 0x0237 state 265) */,
+                       0x72 /* 'r' */, 0x22, 0x02  /* (to 0x0243 state 270) */,
+                       0x3A /* ':' */, 0x53, 0x02  /* (to 0x0277 state 299) */,
+                       0x65 /* 'e' */, 0xDF, 0x02  /* (to 0x0306 state 409) */,
+                       0x66 /* 'f' */, 0xFB, 0x02  /* (to 0x0325 state 425) */,
+                       0x6C /* 'l' */, 0x1D, 0x03  /* (to 0x034A state 458) */,
+                       0x6D /* 'm' */, 0x40, 0x03  /* (to 0x0370 state 484) */,
+                       0x74 /* 't' */, 0xAF, 0x03  /* (to 0x03E2 state 578) */,
+                       0x76 /* 'v' */, 0xD0, 0x03  /* (to 0x0406 state 606) */,
+                       0x77 /* 'w' */, 0xDD, 0x03  /* (to 0x0416 state 614) */,
+                       0x78 /* 'x' */, 0x04, 0x04  /* (to 0x0440 state 650) */,
+                       0x08, /* fail */
+/* pos 0040:   1 */    0xE5 /* 'e' -> */,
+/* pos 0041:   2 */    0xF4 /* 't' -> */,
+/* pos 0042:   3 */    0xA0 /* ' ' -> */,
+/* pos 0043:   4 */    0x00, 0x00                  /* - terminal marker  0 - */,
+/* pos 0045:   5 */    0x6F /* 'o' */, 0x0D, 0x00  /* (to 0x0052 state   6) */,
+                       0x72 /* 'r' */, 0x95, 0x01  /* (to 0x01DD state 211) */,
+                       0x61 /* 'a' */, 0xDD, 0x03  /* (to 0x0428 state 631) */,
+                       0x75 /* 'u' */, 0xDF, 0x03  /* (to 0x042D state 635) */,
+                       0x08, /* fail */
+/* pos 0052:   6 */    0xF3 /* 's' -> */,
+/* pos 0053:   7 */    0xF4 /* 't' -> */,
+/* pos 0054:   8 */    0xA0 /* ' ' -> */,
+/* pos 0055:   9 */    0x00, 0x01                  /* - terminal marker  1 - */,
+/* pos 0057:  10 */    0x70 /* 'p' */, 0x07, 0x00  /* (to 0x005E state  11) */,
+                       0x72 /* 'r' */, 0x51, 0x00  /* (to 0x00AB state  42) */,
+                       0x08, /* fail */
+/* pos 005e:  11 */    0xF4 /* 't' -> */,
+/* pos 005f:  12 */    0xE9 /* 'i' -> */,
+/* pos 0060:  13 */    0xEF /* 'o' -> */,
+/* pos 0061:  14 */    0xEE /* 'n' -> */,
+/* pos 0062:  15 */    0xF3 /* 's' -> */,
+/* pos 0063:  16 */    0xA0 /* ' ' -> */,
+/* pos 0064:  17 */    0x00, 0x02                  /* - terminal marker  2 - */,
+/* pos 0066:  18 */    0x6F /* 'o' */, 0x0A, 0x00  /* (to 0x0070 state  19) */,
+                       0x74 /* 't' */, 0xBF, 0x00  /* (to 0x0128 state 110) */,
+                       0x65 /* 'e' */, 0xF8, 0x03  /* (to 0x0464 state 676) */,
+                       0x08, /* fail */
+/* pos 0070:  19 */    0xF3 /* 's' -> */,
+/* pos 0071:  20 */    0xF4 /* 't' -> */,
+/* pos 0072:  21 */    0xBA /* ':' -> */,
+/* pos 0073:  22 */    0x00, 0x03                  /* - terminal marker  3 - */,
+/* pos 0075:  23 */    0x6F /* 'o' */, 0x07, 0x00  /* (to 0x007C state  24) */,
+                       0x61 /* 'a' */, 0x72, 0x01  /* (to 0x01EA state 217) */,
+                       0x08, /* fail */
+/* pos 007c:  24 */    0x6E /* 'n' */, 0x07, 0x00  /* (to 0x0083 state  25) */,
+                       0x6F /* 'o' */, 0x87, 0x01  /* (to 0x0206 state 243) */,
+                       0x08, /* fail */
+/* pos 0083:  25 */    0x6E /* 'n' */, 0x07, 0x00  /* (to 0x008A state  26) */,
+                       0x74 /* 't' */, 0x86, 0x01  /* (to 0x020C state 248) */,
+                       0x08, /* fail */
+/* pos 008a:  26 */    0xE5 /* 'e' -> */,
+/* pos 008b:  27 */    0xE3 /* 'c' -> */,
+/* pos 008c:  28 */    0xF4 /* 't' -> */,
+/* pos 008d:  29 */    0x69 /* 'i' */, 0x07, 0x00  /* (to 0x0094 state  30) */,
+                       0x20 /* ' ' */, 0xD2, 0x03  /* (to 0x0462 state 675) */,
+                       0x08, /* fail */
+/* pos 0094:  30 */    0xEF /* 'o' -> */,
+/* pos 0095:  31 */    0xEE /* 'n' -> */,
+/* pos 0096:  32 */    0xBA /* ':' -> */,
+/* pos 0097:  33 */    0x00, 0x04                  /* - terminal marker  4 - */,
+/* pos 0099:  34 */    0x70 /* 'p' */, 0x0A, 0x00  /* (to 0x00A3 state  35) */,
+                       0x73 /* 's' */, 0x5F, 0x03  /* (to 0x03FB state 596) */,
+                       0x72 /* 'r' */, 0x97, 0x03  /* (to 0x0436 state 642) */,
+                       0x08, /* fail */
+/* pos 00a3:  35 */    0xE7 /* 'g' -> */,
+/* pos 00a4:  36 */    0xF2 /* 'r' -> */,
+/* pos 00a5:  37 */    0xE1 /* 'a' -> */,
+/* pos 00a6:  38 */    0xE4 /* 'd' -> */,
+/* pos 00a7:  39 */    0xE5 /* 'e' -> */,
+/* pos 00a8:  40 */    0xBA /* ':' -> */,
+/* pos 00a9:  41 */    0x00, 0x05                  /* - terminal marker  5 - */,
+/* pos 00ab:  42 */    0xE9 /* 'i' -> */,
+/* pos 00ac:  43 */    0xE7 /* 'g' -> */,
+/* pos 00ad:  44 */    0xE9 /* 'i' -> */,
+/* pos 00ae:  45 */    0xEE /* 'n' -> */,
+/* pos 00af:  46 */    0xBA /* ':' -> */,
+/* pos 00b0:  47 */    0x00, 0x06                  /* - terminal marker  6 - */,
+/* pos 00b2:  48 */    0x65 /* 'e' */, 0x07, 0x00  /* (to 0x00B9 state  49) */,
+                       0x74 /* 't' */, 0x13, 0x03  /* (to 0x03C8 state 553) */,
+                       0x08, /* fail */
+/* pos 00b9:  49 */    0x63 /* 'c' */, 0x0A, 0x00  /* (to 0x00C3 state  50) */,
+                       0x72 /* 'r' */, 0xFC, 0x02  /* (to 0x03B8 state 539) */,
+                       0x74 /* 't' */, 0xFF, 0x02  /* (to 0x03BE state 544) */,
+                       0x08, /* fail */
+/* pos 00c3:  50 */    0xAD /* '-' -> */,
+/* pos 00c4:  51 */    0xF7 /* 'w' -> */,
+/* pos 00c5:  52 */    0xE5 /* 'e' -> */,
+/* pos 00c6:  53 */    0xE2 /* 'b' -> */,
+/* pos 00c7:  54 */    0xF3 /* 's' -> */,
+/* pos 00c8:  55 */    0xEF /* 'o' -> */,
+/* pos 00c9:  56 */    0xE3 /* 'c' -> */,
+/* pos 00ca:  57 */    0xEB /* 'k' -> */,
+/* pos 00cb:  58 */    0xE5 /* 'e' -> */,
+/* pos 00cc:  59 */    0xF4 /* 't' -> */,
+/* pos 00cd:  60 */    0xAD /* '-' -> */,
+/* pos 00ce:  61 */    0x64 /* 'd' */, 0x19, 0x00  /* (to 0x00E7 state  62) */,
+                       0x65 /* 'e' */, 0x20, 0x00  /* (to 0x00F1 state  70) */,
+                       0x6B /* 'k' */, 0x29, 0x00  /* (to 0x00FD state  81) */,
+                       0x70 /* 'p' */, 0x38, 0x00  /* (to 0x010F state  88) */,
+                       0x61 /* 'a' */, 0x3F, 0x00  /* (to 0x0119 state  97) */,
+                       0x6E /* 'n' */, 0x44, 0x00  /* (to 0x0121 state 104) */,
+                       0x76 /* 'v' */, 0x86, 0x01  /* (to 0x0266 state 284) */,
+                       0x6F /* 'o' */, 0x8C, 0x01  /* (to 0x026F state 292) */,
+                       0x08, /* fail */
+/* pos 00e7:  62 */    0xF2 /* 'r' -> */,
+/* pos 00e8:  63 */    0xE1 /* 'a' -> */,
+/* pos 00e9:  64 */    0xE6 /* 'f' -> */,
+/* pos 00ea:  65 */    0xF4 /* 't' -> */,
+/* pos 00eb:  66 */    0xBA /* ':' -> */,
+/* pos 00ec:  67 */    0x00, 0x07                  /* - terminal marker  7 - */,
+/* pos 00ee:  68 */    0x8A /* '.' -> */,
+/* pos 00ef:  69 */    0x00, 0x08                  /* - terminal marker  8 - */,
+/* pos 00f1:  70 */    0xF8 /* 'x' -> */,
+/* pos 00f2:  71 */    0xF4 /* 't' -> */,
+/* pos 00f3:  72 */    0xE5 /* 'e' -> */,
+/* pos 00f4:  73 */    0xEE /* 'n' -> */,
+/* pos 00f5:  74 */    0xF3 /* 's' -> */,
+/* pos 00f6:  75 */    0xE9 /* 'i' -> */,
+/* pos 00f7:  76 */    0xEF /* 'o' -> */,
+/* pos 00f8:  77 */    0xEE /* 'n' -> */,
+/* pos 00f9:  78 */    0xF3 /* 's' -> */,
+/* pos 00fa:  79 */    0xBA /* ':' -> */,
+/* pos 00fb:  80 */    0x00, 0x09                  /* - terminal marker  9 - */,
+/* pos 00fd:  81 */    0xE5 /* 'e' -> */,
+/* pos 00fe:  82 */    0xF9 /* 'y' -> */,
+/* pos 00ff:  83 */    0x31 /* '1' */, 0x0A, 0x00  /* (to 0x0109 state  84) */,
+                       0x32 /* '2' */, 0x0A, 0x00  /* (to 0x010C state  86) */,
+                       0x3A /* ':' */, 0x5F, 0x01  /* (to 0x0264 state 283) */,
+                       0x08, /* fail */
+/* pos 0109:  84 */    0xBA /* ':' -> */,
+/* pos 010a:  85 */    0x00, 0x0A                  /* - terminal marker 10 - */,
+/* pos 010c:  86 */    0xBA /* ':' -> */,
+/* pos 010d:  87 */    0x00, 0x0B                  /* - terminal marker 11 - */,
+/* pos 010f:  88 */    0xF2 /* 'r' -> */,
+/* pos 0110:  89 */    0xEF /* 'o' -> */,
+/* pos 0111:  90 */    0xF4 /* 't' -> */,
+/* pos 0112:  91 */    0xEF /* 'o' -> */,
+/* pos 0113:  92 */    0xE3 /* 'c' -> */,
+/* pos 0114:  93 */    0xEF /* 'o' -> */,
+/* pos 0115:  94 */    0xEC /* 'l' -> */,
+/* pos 0116:  95 */    0xBA /* ':' -> */,
+/* pos 0117:  96 */    0x00, 0x0C                  /* - terminal marker 12 - */,
+/* pos 0119:  97 */    0xE3 /* 'c' -> */,
+/* pos 011a:  98 */    0xE3 /* 'c' -> */,
+/* pos 011b:  99 */    0xE5 /* 'e' -> */,
+/* pos 011c: 100 */    0xF0 /* 'p' -> */,
+/* pos 011d: 101 */    0xF4 /* 't' -> */,
+/* pos 011e: 102 */    0xBA /* ':' -> */,
+/* pos 011f: 103 */    0x00, 0x0D                  /* - terminal marker 13 - */,
+/* pos 0121: 104 */    0xEF /* 'o' -> */,
+/* pos 0122: 105 */    0xEE /* 'n' -> */,
+/* pos 0123: 106 */    0xE3 /* 'c' -> */,
+/* pos 0124: 107 */    0xE5 /* 'e' -> */,
+/* pos 0125: 108 */    0xBA /* ':' -> */,
+/* pos 0126: 109 */    0x00, 0x0E                  /* - terminal marker 14 - */,
+/* pos 0128: 110 */    0xF4 /* 't' -> */,
+/* pos 0129: 111 */    0xF0 /* 'p' -> */,
+/* pos 012a: 112 */    0x2F /* '/' */, 0x07, 0x00  /* (to 0x0131 state 113) */,
+                       0x32 /* '2' */, 0x10, 0x00  /* (to 0x013D state 118) */,
+                       0x08, /* fail */
+/* pos 0131: 113 */    0xB1 /* '1' -> */,
+/* pos 0132: 114 */    0xAE /* '.' -> */,
+/* pos 0133: 115 */    0x31 /* '1' */, 0x07, 0x00  /* (to 0x013A state 116) */,
+                       0x30 /* '0' */, 0x1B, 0x03  /* (to 0x0451 state 660) */,
+                       0x08, /* fail */
+/* pos 013a: 116 */    0xA0 /* ' ' -> */,
+/* pos 013b: 117 */    0x00, 0x0F                  /* - terminal marker 15 - */,
+/* pos 013d: 118 */    0xAD /* '-' -> */,
+/* pos 013e: 119 */    0xF3 /* 's' -> */,
+/* pos 013f: 120 */    0xE5 /* 'e' -> */,
+/* pos 0140: 121 */    0xF4 /* 't' -> */,
+/* pos 0141: 122 */    0xF4 /* 't' -> */,
+/* pos 0142: 123 */    0xE9 /* 'i' -> */,
+/* pos 0143: 124 */    0xEE /* 'n' -> */,
+/* pos 0144: 125 */    0xE7 /* 'g' -> */,
+/* pos 0145: 126 */    0xF3 /* 's' -> */,
+/* pos 0146: 127 */    0xBA /* ':' -> */,
+/* pos 0147: 128 */    0x00, 0x10                  /* - terminal marker 16 - */,
+/* pos 0149: 129 */    0x63 /* 'c' */, 0x0D, 0x00  /* (to 0x0156 state 130) */,
+                       0x75 /* 'u' */, 0xAC, 0x00  /* (to 0x01F8 state 230) */,
+                       0x67 /* 'g' */, 0x7D, 0x01  /* (to 0x02CC state 358) */,
+                       0x6C /* 'l' */, 0x7E, 0x01  /* (to 0x02D0 state 361) */,
+                       0x08, /* fail */
+/* pos 0156: 130 */    0xE3 /* 'c' -> */,
+/* pos 0157: 131 */    0xE5 /* 'e' -> */,
+/* pos 0158: 132 */    0x70 /* 'p' */, 0x07, 0x00  /* (to 0x015F state 133) */,
+                       0x73 /* 's' */, 0x0E, 0x00  /* (to 0x0169 state 136) */,
+                       0x08, /* fail */
+/* pos 015f: 133 */    0xF4 /* 't' -> */,
+/* pos 0160: 134 */    0x3A /* ':' */, 0x07, 0x00  /* (to 0x0167 state 135) */,
+                       0x2D /* '-' */, 0x59, 0x00  /* (to 0x01BC state 192) */,
+                       0x08, /* fail */
+/* pos 0167: 135 */    0x00, 0x11                  /* - terminal marker 17 - */,
+/* pos 0169: 136 */    0xF3 /* 's' -> */,
+/* pos 016a: 137 */    0xAD /* '-' -> */,
+/* pos 016b: 138 */    0xE3 /* 'c' -> */,
+/* pos 016c: 139 */    0xEF /* 'o' -> */,
+/* pos 016d: 140 */    0xEE /* 'n' -> */,
+/* pos 016e: 141 */    0xF4 /* 't' -> */,
+/* pos 016f: 142 */    0xF2 /* 'r' -> */,
+/* pos 0170: 143 */    0xEF /* 'o' -> */,
+/* pos 0171: 144 */    0xEC /* 'l' -> */,
+/* pos 0172: 145 */    0xAD /* '-' -> */,
+/* pos 0173: 146 */    0x72 /* 'r' */, 0x07, 0x00  /* (to 0x017A state 147) */,
+                       0x61 /* 'a' */, 0x48, 0x01  /* (to 0x02BE state 345) */,
+                       0x08, /* fail */
+/* pos 017a: 147 */    0xE5 /* 'e' -> */,
+/* pos 017b: 148 */    0xF1 /* 'q' -> */,
+/* pos 017c: 149 */    0xF5 /* 'u' -> */,
+/* pos 017d: 150 */    0xE5 /* 'e' -> */,
+/* pos 017e: 151 */    0xF3 /* 's' -> */,
+/* pos 017f: 152 */    0xF4 /* 't' -> */,
+/* pos 0180: 153 */    0xAD /* '-' -> */,
+/* pos 0181: 154 */    0xE8 /* 'h' -> */,
+/* pos 0182: 155 */    0xE5 /* 'e' -> */,
+/* pos 0183: 156 */    0xE1 /* 'a' -> */,
+/* pos 0184: 157 */    0xE4 /* 'd' -> */,
+/* pos 0185: 158 */    0xE5 /* 'e' -> */,
+/* pos 0186: 159 */    0xF2 /* 'r' -> */,
+/* pos 0187: 160 */    0xF3 /* 's' -> */,
+/* pos 0188: 161 */    0xBA /* ':' -> */,
+/* pos 0189: 162 */    0x00, 0x12                  /* - terminal marker 18 - */,
+/* pos 018b: 163 */    0xE6 /* 'f' -> */,
+/* pos 018c: 164 */    0xAD /* '-' -> */,
+/* pos 018d: 165 */    0x6D /* 'm' */, 0x0D, 0x00  /* (to 0x019A state 166) */,
+                       0x6E /* 'n' */, 0x20, 0x00  /* (to 0x01B0 state 181) */,
+                       0x72 /* 'r' */, 0x9E, 0x01  /* (to 0x0331 state 435) */,
+                       0x75 /* 'u' */, 0xA2, 0x01  /* (to 0x0338 state 441) */,
+                       0x08, /* fail */
+/* pos 019a: 166 */    0x6F /* 'o' */, 0x07, 0x00  /* (to 0x01A1 state 167) */,
+                       0x61 /* 'a' */, 0x8E, 0x01  /* (to 0x032B state 430) */,
+                       0x08, /* fail */
+/* pos 01a1: 167 */    0xE4 /* 'd' -> */,
+/* pos 01a2: 168 */    0xE9 /* 'i' -> */,
+/* pos 01a3: 169 */    0xE6 /* 'f' -> */,
+/* pos 01a4: 170 */    0xE9 /* 'i' -> */,
+/* pos 01a5: 171 */    0xE5 /* 'e' -> */,
+/* pos 01a6: 172 */    0xE4 /* 'd' -> */,
+/* pos 01a7: 173 */    0xAD /* '-' -> */,
+/* pos 01a8: 174 */    0xF3 /* 's' -> */,
+/* pos 01a9: 175 */    0xE9 /* 'i' -> */,
+/* pos 01aa: 176 */    0xEE /* 'n' -> */,
+/* pos 01ab: 177 */    0xE3 /* 'c' -> */,
+/* pos 01ac: 178 */    0xE5 /* 'e' -> */,
+/* pos 01ad: 179 */    0xBA /* ':' -> */,
+/* pos 01ae: 180 */    0x00, 0x13                  /* - terminal marker 19 - */,
+/* pos 01b0: 181 */    0xEF /* 'o' -> */,
+/* pos 01b1: 182 */    0xEE /* 'n' -> */,
+/* pos 01b2: 183 */    0xE5 /* 'e' -> */,
+/* pos 01b3: 184 */    0xAD /* '-' -> */,
+/* pos 01b4: 185 */    0xED /* 'm' -> */,
+/* pos 01b5: 186 */    0xE1 /* 'a' -> */,
+/* pos 01b6: 187 */    0xF4 /* 't' -> */,
+/* pos 01b7: 188 */    0xE3 /* 'c' -> */,
+/* pos 01b8: 189 */    0xE8 /* 'h' -> */,
+/* pos 01b9: 190 */    0xBA /* ':' -> */,
+/* pos 01ba: 191 */    0x00, 0x14                  /* - terminal marker 20 - */,
+/* pos 01bc: 192 */    0x65 /* 'e' */, 0x0D, 0x00  /* (to 0x01C9 state 193) */,
+                       0x6C /* 'l' */, 0x14, 0x00  /* (to 0x01D3 state 202) */,
+                       0x63 /* 'c' */, 0xEB, 0x00  /* (to 0x02AD state 330) */,
+                       0x72 /* 'r' */, 0xF1, 0x00  /* (to 0x02B6 state 338) */,
+                       0x08, /* fail */
+/* pos 01c9: 193 */    0xEE /* 'n' -> */,
+/* pos 01ca: 194 */    0xE3 /* 'c' -> */,
+/* pos 01cb: 195 */    0xEF /* 'o' -> */,
+/* pos 01cc: 196 */    0xE4 /* 'd' -> */,
+/* pos 01cd: 197 */    0xE9 /* 'i' -> */,
+/* pos 01ce: 198 */    0xEE /* 'n' -> */,
+/* pos 01cf: 199 */    0xE7 /* 'g' -> */,
+/* pos 01d0: 200 */    0xBA /* ':' -> */,
+/* pos 01d1: 201 */    0x00, 0x15                  /* - terminal marker 21 - */,
+/* pos 01d3: 202 */    0xE1 /* 'a' -> */,
+/* pos 01d4: 203 */    0xEE /* 'n' -> */,
+/* pos 01d5: 204 */    0xE7 /* 'g' -> */,
+/* pos 01d6: 205 */    0xF5 /* 'u' -> */,
+/* pos 01d7: 206 */    0xE1 /* 'a' -> */,
+/* pos 01d8: 207 */    0xE7 /* 'g' -> */,
+/* pos 01d9: 208 */    0xE5 /* 'e' -> */,
+/* pos 01da: 209 */    0xBA /* ':' -> */,
+/* pos 01db: 210 */    0x00, 0x16                  /* - terminal marker 22 - */,
+/* pos 01dd: 211 */    0x61 /* 'a' */, 0x07, 0x00  /* (to 0x01E4 state 212) */,
+                       0x6F /* 'o' */, 0x9E, 0x01  /* (to 0x037E state 497) */,
+                       0x08, /* fail */
+/* pos 01e4: 212 */    0xE7 /* 'g' -> */,
+/* pos 01e5: 213 */    0xED /* 'm' -> */,
+/* pos 01e6: 214 */    0xE1 /* 'a' -> */,
+/* pos 01e7: 215 */    0xBA /* ':' -> */,
+/* pos 01e8: 216 */    0x00, 0x17                  /* - terminal marker 23 - */,
+/* pos 01ea: 217 */    0xE3 /* 'c' -> */,
+/* pos 01eb: 218 */    0xE8 /* 'h' -> */,
+/* pos 01ec: 219 */    0xE5 /* 'e' -> */,
+/* pos 01ed: 220 */    0xAD /* '-' -> */,
+/* pos 01ee: 221 */    0xE3 /* 'c' -> */,
+/* pos 01ef: 222 */    0xEF /* 'o' -> */,
+/* pos 01f0: 223 */    0xEE /* 'n' -> */,
+/* pos 01f1: 224 */    0xF4 /* 't' -> */,
+/* pos 01f2: 225 */    0xF2 /* 'r' -> */,
+/* pos 01f3: 226 */    0xEF /* 'o' -> */,
+/* pos 01f4: 227 */    0xEC /* 'l' -> */,
+/* pos 01f5: 228 */    0xBA /* ':' -> */,
+/* pos 01f6: 229 */    0x00, 0x18                  /* - terminal marker 24 - */,
+/* pos 01f8: 230 */    0xF4 /* 't' -> */,
+/* pos 01f9: 231 */    0xE8 /* 'h' -> */,
+/* pos 01fa: 232 */    0xEF /* 'o' -> */,
+/* pos 01fb: 233 */    0xF2 /* 'r' -> */,
+/* pos 01fc: 234 */    0xE9 /* 'i' -> */,
+/* pos 01fd: 235 */    0xFA /* 'z' -> */,
+/* pos 01fe: 236 */    0xE1 /* 'a' -> */,
+/* pos 01ff: 237 */    0xF4 /* 't' -> */,
+/* pos 0200: 238 */    0xE9 /* 'i' -> */,
+/* pos 0201: 239 */    0xEF /* 'o' -> */,
+/* pos 0202: 240 */    0xEE /* 'n' -> */,
+/* pos 0203: 241 */    0xBA /* ':' -> */,
+/* pos 0204: 242 */    0x00, 0x19                  /* - terminal marker 25 - */,
+/* pos 0206: 243 */    0xEB /* 'k' -> */,
+/* pos 0207: 244 */    0xE9 /* 'i' -> */,
+/* pos 0208: 245 */    0xE5 /* 'e' -> */,
+/* pos 0209: 246 */    0xBA /* ':' -> */,
+/* pos 020a: 247 */    0x00, 0x1A                  /* - terminal marker 26 - */,
+/* pos 020c: 248 */    0xE5 /* 'e' -> */,
+/* pos 020d: 249 */    0xEE /* 'n' -> */,
+/* pos 020e: 250 */    0xF4 /* 't' -> */,
+/* pos 020f: 251 */    0xAD /* '-' -> */,
+/* pos 0210: 252 */    0x6C /* 'l' */, 0x10, 0x00  /* (to 0x0220 state 253) */,
+                       0x74 /* 't' */, 0x1E, 0x00  /* (to 0x0231 state 260) */,
+                       0x64 /* 'd' */, 0xC0, 0x00  /* (to 0x02D6 state 366) */,
+                       0x65 /* 'e' */, 0xCA, 0x00  /* (to 0x02E3 state 378) */,
+                       0x72 /* 'r' */, 0xE3, 0x00  /* (to 0x02FF state 403) */,
+                       0x08, /* fail */
+/* pos 0220: 253 */    0x65 /* 'e' */, 0x0A, 0x00  /* (to 0x022A state 254) */,
+                       0x61 /* 'a' */, 0xCA, 0x00  /* (to 0x02ED state 387) */,
+                       0x6F /* 'o' */, 0xD0, 0x00  /* (to 0x02F6 state 395) */,
+                       0x08, /* fail */
+/* pos 022a: 254 */    0xEE /* 'n' -> */,
+/* pos 022b: 255 */    0xE7 /* 'g' -> */,
+/* pos 022c: 256 */    0xF4 /* 't' -> */,
+/* pos 022d: 257 */    0xE8 /* 'h' -> */,
+/* pos 022e: 258 */    0xBA /* ':' -> */,
+/* pos 022f: 259 */    0x00, 0x1B                  /* - terminal marker 27 - */,
+/* pos 0231: 260 */    0xF9 /* 'y' -> */,
+/* pos 0232: 261 */    0xF0 /* 'p' -> */,
+/* pos 0233: 262 */    0xE5 /* 'e' -> */,
+/* pos 0234: 263 */    0xBA /* ':' -> */,
+/* pos 0235: 264 */    0x00, 0x1C                  /* - terminal marker 28 - */,
+/* pos 0237: 265 */    0x61 /* 'a' */, 0x07, 0x00  /* (to 0x023E state 266) */,
+                       0x65 /* 'e' */, 0xF6, 0x01  /* (to 0x0430 state 637) */,
+                       0x08, /* fail */
+/* pos 023e: 266 */    0xF4 /* 't' -> */,
+/* pos 023f: 267 */    0xE5 /* 'e' -> */,
+/* pos 0240: 268 */    0xBA /* ':' -> */,
+/* pos 0241: 269 */    0x00, 0x1D                  /* - terminal marker 29 - */,
+/* pos 0243: 270 */    0x61 /* 'a' */, 0x07, 0x00  /* (to 0x024A state 271) */,
+                       0x65 /* 'e' */, 0x0A, 0x00  /* (to 0x0250 state 276) */,
+                       0x08, /* fail */
+/* pos 024a: 271 */    0xEE /* 'n' -> */,
+/* pos 024b: 272 */    0xE7 /* 'g' -> */,
+/* pos 024c: 273 */    0xE5 /* 'e' -> */,
+/* pos 024d: 274 */    0xBA /* ':' -> */,
+/* pos 024e: 275 */    0x00, 0x1E                  /* - terminal marker 30 - */,
+/* pos 0250: 276 */    0x66 /* 'f' */, 0x07, 0x00  /* (to 0x0257 state 277) */,
+                       0x74 /* 't' */, 0x5A, 0x01  /* (to 0x03AD state 529) */,
+                       0x08, /* fail */
+/* pos 0257: 277 */    0x65 /* 'e' */, 0x07, 0x00  /* (to 0x025E state 278) */,
+                       0x72 /* 'r' */, 0x4D, 0x01  /* (to 0x03A7 state 524) */,
+                       0x08, /* fail */
+/* pos 025e: 278 */    0xF2 /* 'r' -> */,
+/* pos 025f: 279 */    0xE5 /* 'e' -> */,
+/* pos 0260: 280 */    0xF2 /* 'r' -> */,
+/* pos 0261: 281 */    0xBA /* ':' -> */,
+/* pos 0262: 282 */    0x00, 0x1F                  /* - terminal marker 31 - */,
+/* pos 0264: 283 */    0x00, 0x20                  /* - terminal marker 32 - */,
+/* pos 0266: 284 */    0xE5 /* 'e' -> */,
+/* pos 0267: 285 */    0xF2 /* 'r' -> */,
+/* pos 0268: 286 */    0xF3 /* 's' -> */,
+/* pos 0269: 287 */    0xE9 /* 'i' -> */,
+/* pos 026a: 288 */    0xEF /* 'o' -> */,
+/* pos 026b: 289 */    0xEE /* 'n' -> */,
+/* pos 026c: 290 */    0xBA /* ':' -> */,
+/* pos 026d: 291 */    0x00, 0x21                  /* - terminal marker 33 - */,
+/* pos 026f: 292 */    0xF2 /* 'r' -> */,
+/* pos 0270: 293 */    0xE9 /* 'i' -> */,
+/* pos 0271: 294 */    0xE7 /* 'g' -> */,
+/* pos 0272: 295 */    0xE9 /* 'i' -> */,
+/* pos 0273: 296 */    0xEE /* 'n' -> */,
+/* pos 0274: 297 */    0xBA /* ':' -> */,
+/* pos 0275: 298 */    0x00, 0x22                  /* - terminal marker 34 - */,
+/* pos 0277: 299 */    0x61 /* 'a' */, 0x0D, 0x00  /* (to 0x0284 state 300) */,
+                       0x6D /* 'm' */, 0x14, 0x00  /* (to 0x028E state 309) */,
+                       0x70 /* 'p' */, 0x18, 0x00  /* (to 0x0295 state 315) */,
+                       0x73 /* 's' */, 0x1A, 0x00  /* (to 0x029A state 319) */,
+                       0x08, /* fail */
+/* pos 0284: 300 */    0xF5 /* 'u' -> */,
+/* pos 0285: 301 */    0xF4 /* 't' -> */,
+/* pos 0286: 302 */    0xE8 /* 'h' -> */,
+/* pos 0287: 303 */    0xEF /* 'o' -> */,
+/* pos 0288: 304 */    0xF2 /* 'r' -> */,
+/* pos 0289: 305 */    0xE9 /* 'i' -> */,
+/* pos 028a: 306 */    0xF4 /* 't' -> */,
+/* pos 028b: 307 */    0xF9 /* 'y' -> */,
+/* pos 028c: 308 */    0x00, 0x23                  /* - terminal marker 35 - */,
+/* pos 028e: 309 */    0xE5 /* 'e' -> */,
+/* pos 028f: 310 */    0xF4 /* 't' -> */,
+/* pos 0290: 311 */    0xE8 /* 'h' -> */,
+/* pos 0291: 312 */    0xEF /* 'o' -> */,
+/* pos 0292: 313 */    0xE4 /* 'd' -> */,
+/* pos 0293: 314 */    0x00, 0x24                  /* - terminal marker 36 - */,
+/* pos 0295: 315 */    0xE1 /* 'a' -> */,
+/* pos 0296: 316 */    0xF4 /* 't' -> */,
+/* pos 0297: 317 */    0xE8 /* 'h' -> */,
+/* pos 0298: 318 */    0x00, 0x25                  /* - terminal marker 37 - */,
+/* pos 029a: 319 */    0x63 /* 'c' */, 0x07, 0x00  /* (to 0x02A1 state 320) */,
+                       0x74 /* 't' */, 0x0A, 0x00  /* (to 0x02A7 state 325) */,
+                       0x08, /* fail */
+/* pos 02a1: 320 */    0xE8 /* 'h' -> */,
+/* pos 02a2: 321 */    0xE5 /* 'e' -> */,
+/* pos 02a3: 322 */    0xED /* 'm' -> */,
+/* pos 02a4: 323 */    0xE5 /* 'e' -> */,
+/* pos 02a5: 324 */    0x00, 0x26                  /* - terminal marker 38 - */,
+/* pos 02a7: 325 */    0xE1 /* 'a' -> */,
+/* pos 02a8: 326 */    0xF4 /* 't' -> */,
+/* pos 02a9: 327 */    0xF5 /* 'u' -> */,
+/* pos 02aa: 328 */    0xF3 /* 's' -> */,
+/* pos 02ab: 329 */    0x00, 0x27                  /* - terminal marker 39 - */,
+/* pos 02ad: 330 */    0xE8 /* 'h' -> */,
+/* pos 02ae: 331 */    0xE1 /* 'a' -> */,
+/* pos 02af: 332 */    0xF2 /* 'r' -> */,
+/* pos 02b0: 333 */    0xF3 /* 's' -> */,
+/* pos 02b1: 334 */    0xE5 /* 'e' -> */,
+/* pos 02b2: 335 */    0xF4 /* 't' -> */,
+/* pos 02b3: 336 */    0xBA /* ':' -> */,
+/* pos 02b4: 337 */    0x00, 0x28                  /* - terminal marker 40 - */,
+/* pos 02b6: 338 */    0xE1 /* 'a' -> */,
+/* pos 02b7: 339 */    0xEE /* 'n' -> */,
+/* pos 02b8: 340 */    0xE7 /* 'g' -> */,
+/* pos 02b9: 341 */    0xE5 /* 'e' -> */,
+/* pos 02ba: 342 */    0xF3 /* 's' -> */,
+/* pos 02bb: 343 */    0xBA /* ':' -> */,
+/* pos 02bc: 344 */    0x00, 0x29                  /* - terminal marker 41 - */,
+/* pos 02be: 345 */    0xEC /* 'l' -> */,
+/* pos 02bf: 346 */    0xEC /* 'l' -> */,
+/* pos 02c0: 347 */    0xEF /* 'o' -> */,
+/* pos 02c1: 348 */    0xF7 /* 'w' -> */,
+/* pos 02c2: 349 */    0xAD /* '-' -> */,
+/* pos 02c3: 350 */    0xEF /* 'o' -> */,
+/* pos 02c4: 351 */    0xF2 /* 'r' -> */,
+/* pos 02c5: 352 */    0xE9 /* 'i' -> */,
+/* pos 02c6: 353 */    0xE7 /* 'g' -> */,
+/* pos 02c7: 354 */    0xE9 /* 'i' -> */,
+/* pos 02c8: 355 */    0xEE /* 'n' -> */,
+/* pos 02c9: 356 */    0xBA /* ':' -> */,
+/* pos 02ca: 357 */    0x00, 0x2A                  /* - terminal marker 42 - */,
+/* pos 02cc: 358 */    0xE5 /* 'e' -> */,
+/* pos 02cd: 359 */    0xBA /* ':' -> */,
+/* pos 02ce: 360 */    0x00, 0x2B                  /* - terminal marker 43 - */,
+/* pos 02d0: 361 */    0xEC /* 'l' -> */,
+/* pos 02d1: 362 */    0xEF /* 'o' -> */,
+/* pos 02d2: 363 */    0xF7 /* 'w' -> */,
+/* pos 02d3: 364 */    0xBA /* ':' -> */,
+/* pos 02d4: 365 */    0x00, 0x2C                  /* - terminal marker 44 - */,
+/* pos 02d6: 366 */    0xE9 /* 'i' -> */,
+/* pos 02d7: 367 */    0xF3 /* 's' -> */,
+/* pos 02d8: 368 */    0xF0 /* 'p' -> */,
+/* pos 02d9: 369 */    0xEF /* 'o' -> */,
+/* pos 02da: 370 */    0xF3 /* 's' -> */,
+/* pos 02db: 371 */    0xE9 /* 'i' -> */,
+/* pos 02dc: 372 */    0xF4 /* 't' -> */,
+/* pos 02dd: 373 */    0xE9 /* 'i' -> */,
+/* pos 02de: 374 */    0xEF /* 'o' -> */,
+/* pos 02df: 375 */    0xEE /* 'n' -> */,
+/* pos 02e0: 376 */    0xBA /* ':' -> */,
+/* pos 02e1: 377 */    0x00, 0x2D                  /* - terminal marker 45 - */,
+/* pos 02e3: 378 */    0xEE /* 'n' -> */,
+/* pos 02e4: 379 */    0xE3 /* 'c' -> */,
+/* pos 02e5: 380 */    0xEF /* 'o' -> */,
+/* pos 02e6: 381 */    0xE4 /* 'd' -> */,
+/* pos 02e7: 382 */    0xE9 /* 'i' -> */,
+/* pos 02e8: 383 */    0xEE /* 'n' -> */,
+/* pos 02e9: 384 */    0xE7 /* 'g' -> */,
+/* pos 02ea: 385 */    0xBA /* ':' -> */,
+/* pos 02eb: 386 */    0x00, 0x2E                  /* - terminal marker 46 - */,
+/* pos 02ed: 387 */    0xEE /* 'n' -> */,
+/* pos 02ee: 388 */    0xE7 /* 'g' -> */,
+/* pos 02ef: 389 */    0xF5 /* 'u' -> */,
+/* pos 02f0: 390 */    0xE1 /* 'a' -> */,
+/* pos 02f1: 391 */    0xE7 /* 'g' -> */,
+/* pos 02f2: 392 */    0xE5 /* 'e' -> */,
+/* pos 02f3: 393 */    0xBA /* ':' -> */,
+/* pos 02f4: 394 */    0x00, 0x2F                  /* - terminal marker 47 - */,
+/* pos 02f6: 395 */    0xE3 /* 'c' -> */,
+/* pos 02f7: 396 */    0xE1 /* 'a' -> */,
+/* pos 02f8: 397 */    0xF4 /* 't' -> */,
+/* pos 02f9: 398 */    0xE9 /* 'i' -> */,
+/* pos 02fa: 399 */    0xEF /* 'o' -> */,
+/* pos 02fb: 400 */    0xEE /* 'n' -> */,
+/* pos 02fc: 401 */    0xBA /* ':' -> */,
+/* pos 02fd: 402 */    0x00, 0x30                  /* - terminal marker 48 - */,
+/* pos 02ff: 403 */    0xE1 /* 'a' -> */,
+/* pos 0300: 404 */    0xEE /* 'n' -> */,
+/* pos 0301: 405 */    0xE7 /* 'g' -> */,
+/* pos 0302: 406 */    0xE5 /* 'e' -> */,
+/* pos 0303: 407 */    0xBA /* ':' -> */,
+/* pos 0304: 408 */    0x00, 0x31                  /* - terminal marker 49 - */,
+/* pos 0306: 409 */    0x74 /* 't' */, 0x07, 0x00  /* (to 0x030D state 410) */,
+                       0x78 /* 'x' */, 0x09, 0x00  /* (to 0x0312 state 414) */,
+                       0x08, /* fail */
+/* pos 030d: 410 */    0xE1 /* 'a' -> */,
+/* pos 030e: 411 */    0xE7 /* 'g' -> */,
+/* pos 030f: 412 */    0xBA /* ':' -> */,
+/* pos 0310: 413 */    0x00, 0x32                  /* - terminal marker 50 - */,
+/* pos 0312: 414 */    0xF0 /* 'p' -> */,
+/* pos 0313: 415 */    0x65 /* 'e' */, 0x07, 0x00  /* (to 0x031A state 416) */,
+                       0x69 /* 'i' */, 0x09, 0x00  /* (to 0x031F state 420) */,
+                       0x08, /* fail */
+/* pos 031a: 416 */    0xE3 /* 'c' -> */,
+/* pos 031b: 417 */    0xF4 /* 't' -> */,
+/* pos 031c: 418 */    0xBA /* ':' -> */,
+/* pos 031d: 419 */    0x00, 0x33                  /* - terminal marker 51 - */,
+/* pos 031f: 420 */    0xF2 /* 'r' -> */,
+/* pos 0320: 421 */    0xE5 /* 'e' -> */,
+/* pos 0321: 422 */    0xF3 /* 's' -> */,
+/* pos 0322: 423 */    0xBA /* ':' -> */,
+/* pos 0323: 424 */    0x00, 0x34                  /* - terminal marker 52 - */,
+/* pos 0325: 425 */    0xF2 /* 'r' -> */,
+/* pos 0326: 426 */    0xEF /* 'o' -> */,
+/* pos 0327: 427 */    0xED /* 'm' -> */,
+/* pos 0328: 428 */    0xBA /* ':' -> */,
+/* pos 0329: 429 */    0x00, 0x35                  /* - terminal marker 53 - */,
+/* pos 032b: 430 */    0xF4 /* 't' -> */,
+/* pos 032c: 431 */    0xE3 /* 'c' -> */,
+/* pos 032d: 432 */    0xE8 /* 'h' -> */,
+/* pos 032e: 433 */    0xBA /* ':' -> */,
+/* pos 032f: 434 */    0x00, 0x36                  /* - terminal marker 54 - */,
+/* pos 0331: 435 */    0xE1 /* 'a' -> */,
+/* pos 0332: 436 */    0xEE /* 'n' -> */,
+/* pos 0333: 437 */    0xE7 /* 'g' -> */,
+/* pos 0334: 438 */    0xE5 /* 'e' -> */,
+/* pos 0335: 439 */    0xBA /* ':' -> */,
+/* pos 0336: 440 */    0x00, 0x37                  /* - terminal marker 55 - */,
+/* pos 0338: 441 */    0xEE /* 'n' -> */,
+/* pos 0339: 442 */    0xED /* 'm' -> */,
+/* pos 033a: 443 */    0xEF /* 'o' -> */,
+/* pos 033b: 444 */    0xE4 /* 'd' -> */,
+/* pos 033c: 445 */    0xE9 /* 'i' -> */,
+/* pos 033d: 446 */    0xE6 /* 'f' -> */,
+/* pos 033e: 447 */    0xE9 /* 'i' -> */,
+/* pos 033f: 448 */    0xE5 /* 'e' -> */,
+/* pos 0340: 449 */    0xE4 /* 'd' -> */,
+/* pos 0341: 450 */    0xAD /* '-' -> */,
+/* pos 0342: 451 */    0xF3 /* 's' -> */,
+/* pos 0343: 452 */    0xE9 /* 'i' -> */,
+/* pos 0344: 453 */    0xEE /* 'n' -> */,
+/* pos 0345: 454 */    0xE3 /* 'c' -> */,
+/* pos 0346: 455 */    0xE5 /* 'e' -> */,
+/* pos 0347: 456 */    0xBA /* ':' -> */,
+/* pos 0348: 457 */    0x00, 0x38                  /* - terminal marker 56 - */,
+/* pos 034a: 458 */    0x61 /* 'a' */, 0x0A, 0x00  /* (to 0x0354 state 459) */,
+                       0x69 /* 'i' */, 0x15, 0x00  /* (to 0x0362 state 472) */,
+                       0x6F /* 'o' */, 0x17, 0x00  /* (to 0x0367 state 476) */,
+                       0x08, /* fail */
+/* pos 0354: 459 */    0xF3 /* 's' -> */,
+/* pos 0355: 460 */    0xF4 /* 't' -> */,
+/* pos 0356: 461 */    0xAD /* '-' -> */,
+/* pos 0357: 462 */    0xED /* 'm' -> */,
+/* pos 0358: 463 */    0xEF /* 'o' -> */,
+/* pos 0359: 464 */    0xE4 /* 'd' -> */,
+/* pos 035a: 465 */    0xE9 /* 'i' -> */,
+/* pos 035b: 466 */    0xE6 /* 'f' -> */,
+/* pos 035c: 467 */    0xE9 /* 'i' -> */,
+/* pos 035d: 468 */    0xE5 /* 'e' -> */,
+/* pos 035e: 469 */    0xE4 /* 'd' -> */,
+/* pos 035f: 470 */    0xBA /* ':' -> */,
+/* pos 0360: 471 */    0x00, 0x39                  /* - terminal marker 57 - */,
+/* pos 0362: 472 */    0xEE /* 'n' -> */,
+/* pos 0363: 473 */    0xEB /* 'k' -> */,
+/* pos 0364: 474 */    0xBA /* ':' -> */,
+/* pos 0365: 475 */    0x00, 0x3A                  /* - terminal marker 58 - */,
+/* pos 0367: 476 */    0xE3 /* 'c' -> */,
+/* pos 0368: 477 */    0xE1 /* 'a' -> */,
+/* pos 0369: 478 */    0xF4 /* 't' -> */,
+/* pos 036a: 479 */    0xE9 /* 'i' -> */,
+/* pos 036b: 480 */    0xEF /* 'o' -> */,
+/* pos 036c: 481 */    0xEE /* 'n' -> */,
+/* pos 036d: 482 */    0xBA /* ':' -> */,
+/* pos 036e: 483 */    0x00, 0x3B                  /* - terminal marker 59 - */,
+/* pos 0370: 484 */    0xE1 /* 'a' -> */,
+/* pos 0371: 485 */    0xF8 /* 'x' -> */,
+/* pos 0372: 486 */    0xAD /* '-' -> */,
+/* pos 0373: 487 */    0xE6 /* 'f' -> */,
+/* pos 0374: 488 */    0xEF /* 'o' -> */,
+/* pos 0375: 489 */    0xF2 /* 'r' -> */,
+/* pos 0376: 490 */    0xF7 /* 'w' -> */,
+/* pos 0377: 491 */    0xE1 /* 'a' -> */,
+/* pos 0378: 492 */    0xF2 /* 'r' -> */,
+/* pos 0379: 493 */    0xE4 /* 'd' -> */,
+/* pos 037a: 494 */    0xF3 /* 's' -> */,
+/* pos 037b: 495 */    0xBA /* ':' -> */,
+/* pos 037c: 496 */    0x00, 0x3C                  /* - terminal marker 60 - */,
+/* pos 037e: 497 */    0xF8 /* 'x' -> */,
+/* pos 037f: 498 */    0xF9 /* 'y' -> */,
+/* pos 0380: 499 */    0x2D /* '-' */, 0x07, 0x00  /* (to 0x0387 state 500) */,
+                       0x20 /* ' ' */, 0xBB, 0x00  /* (to 0x043E state 649) */,
+                       0x08, /* fail */
+/* pos 0387: 500 */    0xE1 /* 'a' -> */,
+/* pos 0388: 501 */    0xF5 /* 'u' -> */,
+/* pos 0389: 502 */    0xF4 /* 't' -> */,
+/* pos 038a: 503 */    0xE8 /* 'h' -> */,
+/* pos 038b: 504 */    0x65 /* 'e' */, 0x07, 0x00  /* (to 0x0392 state 505) */,
+                       0x6F /* 'o' */, 0x0E, 0x00  /* (to 0x039C state 514) */,
+                       0x08, /* fail */
+/* pos 0392: 505 */    0xEE /* 'n' -> */,
+/* pos 0393: 506 */    0xF4 /* 't' -> */,
+/* pos 0394: 507 */    0xE9 /* 'i' -> */,
+/* pos 0395: 508 */    0xE3 /* 'c' -> */,
+/* pos 0396: 509 */    0xE1 /* 'a' -> */,
+/* pos 0397: 510 */    0xF4 /* 't' -> */,
+/* pos 0398: 511 */    0xE5 /* 'e' -> */,
+/* pos 0399: 512 */    0xBA /* ':' -> */,
+/* pos 039a: 513 */    0x00, 0x3D                  /* - terminal marker 61 - */,
+/* pos 039c: 514 */    0xF2 /* 'r' -> */,
+/* pos 039d: 515 */    0xE9 /* 'i' -> */,
+/* pos 039e: 516 */    0xFA /* 'z' -> */,
+/* pos 039f: 517 */    0xE1 /* 'a' -> */,
+/* pos 03a0: 518 */    0xF4 /* 't' -> */,
+/* pos 03a1: 519 */    0xE9 /* 'i' -> */,
+/* pos 03a2: 520 */    0xEF /* 'o' -> */,
+/* pos 03a3: 521 */    0xEE /* 'n' -> */,
+/* pos 03a4: 522 */    0xBA /* ':' -> */,
+/* pos 03a5: 523 */    0x00, 0x3E                  /* - terminal marker 62 - */,
+/* pos 03a7: 524 */    0xE5 /* 'e' -> */,
+/* pos 03a8: 525 */    0xF3 /* 's' -> */,
+/* pos 03a9: 526 */    0xE8 /* 'h' -> */,
+/* pos 03aa: 527 */    0xBA /* ':' -> */,
+/* pos 03ab: 528 */    0x00, 0x3F                  /* - terminal marker 63 - */,
+/* pos 03ad: 529 */    0xF2 /* 'r' -> */,
+/* pos 03ae: 530 */    0xF9 /* 'y' -> */,
+/* pos 03af: 531 */    0xAD /* '-' -> */,
+/* pos 03b0: 532 */    0xE1 /* 'a' -> */,
+/* pos 03b1: 533 */    0xE6 /* 'f' -> */,
+/* pos 03b2: 534 */    0xF4 /* 't' -> */,
+/* pos 03b3: 535 */    0xE5 /* 'e' -> */,
+/* pos 03b4: 536 */    0xF2 /* 'r' -> */,
+/* pos 03b5: 537 */    0xBA /* ':' -> */,
+/* pos 03b6: 538 */    0x00, 0x40                  /* - terminal marker 64 - */,
+/* pos 03b8: 539 */    0xF6 /* 'v' -> */,
+/* pos 03b9: 540 */    0xE5 /* 'e' -> */,
+/* pos 03ba: 541 */    0xF2 /* 'r' -> */,
+/* pos 03bb: 542 */    0xBA /* ':' -> */,
+/* pos 03bc: 543 */    0x00, 0x41                  /* - terminal marker 65 - */,
+/* pos 03be: 544 */    0xAD /* '-' -> */,
+/* pos 03bf: 545 */    0xE3 /* 'c' -> */,
+/* pos 03c0: 546 */    0xEF /* 'o' -> */,
+/* pos 03c1: 547 */    0xEF /* 'o' -> */,
+/* pos 03c2: 548 */    0xEB /* 'k' -> */,
+/* pos 03c3: 549 */    0xE9 /* 'i' -> */,
+/* pos 03c4: 550 */    0xE5 /* 'e' -> */,
+/* pos 03c5: 551 */    0xBA /* ':' -> */,
+/* pos 03c6: 552 */    0x00, 0x42                  /* - terminal marker 66 - */,
+/* pos 03c8: 553 */    0xF2 /* 'r' -> */,
+/* pos 03c9: 554 */    0xE9 /* 'i' -> */,
+/* pos 03ca: 555 */    0xE3 /* 'c' -> */,
+/* pos 03cb: 556 */    0xF4 /* 't' -> */,
+/* pos 03cc: 557 */    0xAD /* '-' -> */,
+/* pos 03cd: 558 */    0xF4 /* 't' -> */,
+/* pos 03ce: 559 */    0xF2 /* 'r' -> */,
+/* pos 03cf: 560 */    0xE1 /* 'a' -> */,
+/* pos 03d0: 561 */    0xEE /* 'n' -> */,
+/* pos 03d1: 562 */    0xF3 /* 's' -> */,
+/* pos 03d2: 563 */    0xF0 /* 'p' -> */,
+/* pos 03d3: 564 */    0xEF /* 'o' -> */,
+/* pos 03d4: 565 */    0xF2 /* 'r' -> */,
+/* pos 03d5: 566 */    0xF4 /* 't' -> */,
+/* pos 03d6: 567 */    0xAD /* '-' -> */,
+/* pos 03d7: 568 */    0xF3 /* 's' -> */,
+/* pos 03d8: 569 */    0xE5 /* 'e' -> */,
+/* pos 03d9: 570 */    0xE3 /* 'c' -> */,
+/* pos 03da: 571 */    0xF5 /* 'u' -> */,
+/* pos 03db: 572 */    0xF2 /* 'r' -> */,
+/* pos 03dc: 573 */    0xE9 /* 'i' -> */,
+/* pos 03dd: 574 */    0xF4 /* 't' -> */,
+/* pos 03de: 575 */    0xF9 /* 'y' -> */,
+/* pos 03df: 576 */    0xBA /* ':' -> */,
+/* pos 03e0: 577 */    0x00, 0x43                  /* - terminal marker 67 - */,
+/* pos 03e2: 578 */    0x72 /* 'r' */, 0x07, 0x00  /* (to 0x03E9 state 579) */,
+                       0x65 /* 'e' */, 0x84, 0x00  /* (to 0x0469 state 680) */,
+                       0x08, /* fail */
+/* pos 03e9: 579 */    0xE1 /* 'a' -> */,
+/* pos 03ea: 580 */    0xEE /* 'n' -> */,
+/* pos 03eb: 581 */    0xF3 /* 's' -> */,
+/* pos 03ec: 582 */    0xE6 /* 'f' -> */,
+/* pos 03ed: 583 */    0xE5 /* 'e' -> */,
+/* pos 03ee: 584 */    0xF2 /* 'r' -> */,
+/* pos 03ef: 585 */    0xAD /* '-' -> */,
+/* pos 03f0: 586 */    0xE5 /* 'e' -> */,
+/* pos 03f1: 587 */    0xEE /* 'n' -> */,
+/* pos 03f2: 588 */    0xE3 /* 'c' -> */,
+/* pos 03f3: 589 */    0xEF /* 'o' -> */,
+/* pos 03f4: 590 */    0xE4 /* 'd' -> */,
+/* pos 03f5: 591 */    0xE9 /* 'i' -> */,
+/* pos 03f6: 592 */    0xEE /* 'n' -> */,
+/* pos 03f7: 593 */    0xE7 /* 'g' -> */,
+/* pos 03f8: 594 */    0xBA /* ':' -> */,
+/* pos 03f9: 595 */    0x00, 0x44                  /* - terminal marker 68 - */,
+/* pos 03fb: 596 */    0xE5 /* 'e' -> */,
+/* pos 03fc: 597 */    0xF2 /* 'r' -> */,
+/* pos 03fd: 598 */    0xAD /* '-' -> */,
+/* pos 03fe: 599 */    0xE1 /* 'a' -> */,
+/* pos 03ff: 600 */    0xE7 /* 'g' -> */,
+/* pos 0400: 601 */    0xE5 /* 'e' -> */,
+/* pos 0401: 602 */    0xEE /* 'n' -> */,
+/* pos 0402: 603 */    0xF4 /* 't' -> */,
+/* pos 0403: 604 */    0xBA /* ':' -> */,
+/* pos 0404: 605 */    0x00, 0x45                  /* - terminal marker 69 - */,
+/* pos 0406: 606 */    0x61 /* 'a' */, 0x07, 0x00  /* (to 0x040D state 607) */,
+                       0x69 /* 'i' */, 0x09, 0x00  /* (to 0x0412 state 611) */,
+                       0x08, /* fail */
+/* pos 040d: 607 */    0xF2 /* 'r' -> */,
+/* pos 040e: 608 */    0xF9 /* 'y' -> */,
+/* pos 040f: 609 */    0xBA /* ':' -> */,
+/* pos 0410: 610 */    0x00, 0x46                  /* - terminal marker 70 - */,
+/* pos 0412: 611 */    0xE1 /* 'a' -> */,
+/* pos 0413: 612 */    0xBA /* ':' -> */,
+/* pos 0414: 613 */    0x00, 0x47                  /* - terminal marker 71 - */,
+/* pos 0416: 614 */    0xF7 /* 'w' -> */,
+/* pos 0417: 615 */    0xF7 /* 'w' -> */,
+/* pos 0418: 616 */    0xAD /* '-' -> */,
+/* pos 0419: 617 */    0xE1 /* 'a' -> */,
+/* pos 041a: 618 */    0xF5 /* 'u' -> */,
+/* pos 041b: 619 */    0xF4 /* 't' -> */,
+/* pos 041c: 620 */    0xE8 /* 'h' -> */,
+/* pos 041d: 621 */    0xE5 /* 'e' -> */,
+/* pos 041e: 622 */    0xEE /* 'n' -> */,
+/* pos 041f: 623 */    0xF4 /* 't' -> */,
+/* pos 0420: 624 */    0xE9 /* 'i' -> */,
+/* pos 0421: 625 */    0xE3 /* 'c' -> */,
+/* pos 0422: 626 */    0xE1 /* 'a' -> */,
+/* pos 0423: 627 */    0xF4 /* 't' -> */,
+/* pos 0424: 628 */    0xE5 /* 'e' -> */,
+/* pos 0425: 629 */    0xBA /* ':' -> */,
+/* pos 0426: 630 */    0x00, 0x48                  /* - terminal marker 72 - */,
+/* pos 0428: 631 */    0xF4 /* 't' -> */,
+/* pos 0429: 632 */    0xE3 /* 'c' -> */,
+/* pos 042a: 633 */    0xE8 /* 'h' -> */,
+/* pos 042b: 634 */    0x00, 0x49                  /* - terminal marker 73 - */,
+/* pos 042d: 635 */    0xF4 /* 't' -> */,
+/* pos 042e: 636 */    0x00, 0x4A                  /* - terminal marker 74 - */,
+/* pos 0430: 637 */    0xEC /* 'l' -> */,
+/* pos 0431: 638 */    0xE5 /* 'e' -> */,
+/* pos 0432: 639 */    0xF4 /* 't' -> */,
+/* pos 0433: 640 */    0xE5 /* 'e' -> */,
+/* pos 0434: 641 */    0x00, 0x4B                  /* - terminal marker 75 - */,
+/* pos 0436: 642 */    0xE9 /* 'i' -> */,
+/* pos 0437: 643 */    0xAD /* '-' -> */,
+/* pos 0438: 644 */    0xE1 /* 'a' -> */,
+/* pos 0439: 645 */    0xF2 /* 'r' -> */,
+/* pos 043a: 646 */    0xE7 /* 'g' -> */,
+/* pos 043b: 647 */    0xF3 /* 's' -> */,
+/* pos 043c: 648 */    0x00, 0x4C                  /* - terminal marker 76 - */,
+/* pos 043e: 649 */    0x00, 0x4D                  /* - terminal marker 77 - */,
+/* pos 0440: 650 */    0xAD /* '-' -> */,
+/* pos 0441: 651 */    0x72 /* 'r' */, 0x07, 0x00  /* (to 0x0448 state 652) */,
+                       0x66 /* 'f' */, 0x10, 0x00  /* (to 0x0454 state 662) */,
+                       0x08, /* fail */
+/* pos 0448: 652 */    0xE5 /* 'e' -> */,
+/* pos 0449: 653 */    0xE1 /* 'a' -> */,
+/* pos 044a: 654 */    0xEC /* 'l' -> */,
+/* pos 044b: 655 */    0xAD /* '-' -> */,
+/* pos 044c: 656 */    0xE9 /* 'i' -> */,
+/* pos 044d: 657 */    0xF0 /* 'p' -> */,
+/* pos 044e: 658 */    0xBA /* ':' -> */,
+/* pos 044f: 659 */    0x00, 0x4E                  /* - terminal marker 78 - */,
+/* pos 0451: 660 */    0xA0 /* ' ' -> */,
+/* pos 0452: 661 */    0x00, 0x4F                  /* - terminal marker 79 - */,
+/* pos 0454: 662 */    0xEF /* 'o' -> */,
+/* pos 0455: 663 */    0xF2 /* 'r' -> */,
+/* pos 0456: 664 */    0xF7 /* 'w' -> */,
+/* pos 0457: 665 */    0xE1 /* 'a' -> */,
+/* pos 0458: 666 */    0xF2 /* 'r' -> */,
+/* pos 0459: 667 */    0xE4 /* 'd' -> */,
+/* pos 045a: 668 */    0xE5 /* 'e' -> */,
+/* pos 045b: 669 */    0xE4 /* 'd' -> */,
+/* pos 045c: 670 */    0xAD /* '-' -> */,
+/* pos 045d: 671 */    0xE6 /* 'f' -> */,
+/* pos 045e: 672 */    0xEF /* 'o' -> */,
+/* pos 045f: 673 */    0xF2 /* 'r' -> */,
+/* pos 0460: 674 */    0x00, 0x50                  /* - terminal marker 80 - */,
+/* pos 0462: 675 */    0x00, 0x51                  /* - terminal marker 81 - */,
+/* pos 0464: 676 */    0xE1 /* 'a' -> */,
+/* pos 0465: 677 */    0xE4 /* 'd' -> */,
+/* pos 0466: 678 */    0xA0 /* ' ' -> */,
+/* pos 0467: 679 */    0x00, 0x52                  /* - terminal marker 82 - */,
+/* pos 0469: 680 */    0xBA /* ':' -> */,
+/* pos 046a: 681 */    0x00, 0x53                  /* - terminal marker 83 - */,
+/* total size 1132 bytes */
diff --git a/thirdparty/lws/libwebsockets.c b/thirdparty/lws/libwebsockets.c
new file mode 100644
index 0000000000..50f975d21e
--- /dev/null
+++ b/thirdparty/lws/libwebsockets.c
@@ -0,0 +1,3048 @@
+/*
+ * libwebsockets - small server side websockets and web server implementation
+ *
+ * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com>
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation:
+ *  version 2.1 of the License.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA  02110-1301  USA
+ */
+
+#include "private-libwebsockets.h"
+
+#ifdef LWS_HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+
+#ifdef LWS_WITH_IPV6
+#if defined(WIN32) || defined(_WIN32)
+#include <Iphlpapi.h>
+#else
+#include <net/if.h>
+#endif
+#endif
+
+int log_level = LLL_ERR | LLL_WARN | LLL_NOTICE;
+static void (*lwsl_emit)(int level, const char *line)
+#ifndef LWS_PLAT_OPTEE
+	= lwsl_emit_stderr
+#endif
+	;
+#ifndef LWS_PLAT_OPTEE
+static const char * const log_level_names[] = {
+	"ERR",
+	"WARN",
+	"NOTICE",
+	"INFO",
+	"DEBUG",
+	"PARSER",
+	"HEADER",
+	"EXTENSION",
+	"CLIENT",
+	"LATENCY",
+	"USER",
+	"?",
+	"?"
+};
+#endif
+
+void
+lws_free_wsi(struct lws *wsi)
+{
+	struct lws_context_per_thread *pt;
+	struct allocated_headers *ah;
+
+	if (!wsi)
+		return;
+	
+	pt = &wsi->context->pt[(int)wsi->tsi];
+
+	/*
+	 * Protocol user data may be allocated either internally by lws
+	 * or by specified the user. We should only free what we allocated.
+	 */
+	if (wsi->protocol && wsi->protocol->per_session_data_size &&
+	    wsi->user_space && !wsi->user_space_externally_allocated)
+		lws_free(wsi->user_space);
+
+	lws_free_set_NULL(wsi->rxflow_buffer);
+	lws_free_set_NULL(wsi->trunc_alloc);
+
+	/* we may not have an ah, but may be on the waiting list... */
+	lwsl_info("ah det due to close\n");
+	/* we're closing, losing some rx is OK */
+	lws_header_table_force_to_detachable_state(wsi);
+	lws_header_table_detach(wsi, 0);
+
+	if (wsi->vhost->lserv_wsi == wsi)
+		wsi->vhost->lserv_wsi = NULL;
+
+	lws_pt_lock(pt);
+	ah = pt->ah_list;
+	while (ah) {
+		if (ah->in_use && ah->wsi == wsi) {
+			lwsl_err("%s: ah leak: wsi %p\n", __func__, wsi);
+			ah->in_use = 0;
+			ah->wsi = NULL;
+			pt->ah_count_in_use--;
+			break;
+		}
+		ah = ah->next;
+	}
+
+#if defined(LWS_WITH_PEER_LIMITS)
+	lws_peer_track_wsi_close(wsi->context, wsi->peer);
+	wsi->peer = NULL;
+#endif
+
+#if defined(LWS_WITH_HTTP2)
+	if (wsi->upgraded_to_http2 || wsi->http2_substream) {
+		lws_hpack_destroy_dynamic_header(wsi);
+
+		if (wsi->u.h2.h2n)
+			lws_free_set_NULL(wsi->u.h2.h2n);
+	}
+#endif
+
+	lws_pt_unlock(pt);
+
+	/* since we will destroy the wsi, make absolutely sure now */
+
+	lws_ssl_remove_wsi_from_buffered_list(wsi);
+	lws_remove_from_timeout_list(wsi);
+
+	wsi->context->count_wsi_allocated--;
+	lwsl_debug("%s: %p, remaining wsi %d\n", __func__, wsi,
+			wsi->context->count_wsi_allocated);
+
+	lws_free(wsi);
+}
+
+void
+lws_remove_from_timeout_list(struct lws *wsi)
+{
+	struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
+
+	if (!wsi->timeout_list_prev) /* ie, not part of the list */
+		return;
+
+	lws_pt_lock(pt);
+	/* if we have a next guy, set his prev to our prev */
+	if (wsi->timeout_list)
+		wsi->timeout_list->timeout_list_prev = wsi->timeout_list_prev;
+	/* set our prev guy to our next guy instead of us */
+	*wsi->timeout_list_prev = wsi->timeout_list;
+
+	/* we're out of the list, we should not point anywhere any more */
+	wsi->timeout_list_prev = NULL;
+	wsi->timeout_list = NULL;
+	lws_pt_unlock(pt);
+}
+
+LWS_VISIBLE void
+lws_set_timeout(struct lws *wsi, enum pending_timeout reason, int secs)
+{
+	struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
+	time_t now;
+
+	if (secs == LWS_TO_KILL_SYNC) {
+		lws_remove_from_timeout_list(wsi);
+		lwsl_debug("synchronously killing %p\n", wsi);
+		lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS);
+		return;
+	}
+
+	lws_pt_lock(pt);
+
+	time(&now);
+
+	if (reason && !wsi->timeout_list_prev) {
+		/* our next guy is current first guy */
+		wsi->timeout_list = pt->timeout_list;
+		/* if there is a next guy, set his prev ptr to our next ptr */
+		if (wsi->timeout_list)
+			wsi->timeout_list->timeout_list_prev = &wsi->timeout_list;
+		/* our prev ptr is first ptr */
+		wsi->timeout_list_prev = &pt->timeout_list;
+		/* set the first guy to be us */
+		*wsi->timeout_list_prev = wsi;
+	}
+
+	lwsl_debug("%s: %p: %d secs\n", __func__, wsi, secs);
+	wsi->pending_timeout_limit = now + secs;
+	wsi->pending_timeout = reason;
+
+	lws_pt_unlock(pt);
+
+	if (!reason)
+		lws_remove_from_timeout_list(wsi);
+}
+
+static void
+lws_remove_child_from_any_parent(struct lws *wsi)
+{
+	struct lws **pwsi;
+	int seen = 0;
+
+	if (!wsi->parent)
+		return;
+
+	/* detach ourselves from parent's child list */
+	pwsi = &wsi->parent->child_list;
+	while (*pwsi) {
+		if (*pwsi == wsi) {
+			lwsl_info("%s: detach %p from parent %p\n", __func__,
+				  wsi, wsi->parent);
+
+			if (wsi->parent->protocol)
+				wsi->parent->protocol->callback(wsi,
+						LWS_CALLBACK_CHILD_CLOSING,
+					       wsi->parent->user_space, wsi, 0);
+
+			*pwsi = wsi->sibling_list;
+			seen = 1;
+			break;
+		}
+		pwsi = &(*pwsi)->sibling_list;
+	}
+	if (!seen)
+		lwsl_err("%s: failed to detach from parent\n", __func__);
+
+	wsi->parent = NULL;
+}
+
+int
+lws_bind_protocol(struct lws *wsi, const struct lws_protocols *p)
+{
+//	if (wsi->protocol == p)
+//		return 0;
+	const struct lws_protocols *vp = wsi->vhost->protocols, *vpo;
+
+	if (wsi->protocol)
+		wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP_DROP_PROTOCOL,
+					wsi->user_space, NULL, 0);
+	if (!wsi->user_space_externally_allocated)
+		lws_free_set_NULL(wsi->user_space);
+
+	lws_same_vh_protocol_remove(wsi);
+
+	wsi->protocol = p;
+	if (!p)
+		return 0;
+
+	if (lws_ensure_user_space(wsi))
+		return 1;
+
+	if (p > vp && p < &vp[wsi->vhost->count_protocols])
+		lws_same_vh_protocol_insert(wsi, p - vp);
+	else {
+		int n = wsi->vhost->count_protocols;
+		int hit = 0;
+
+		vpo = vp;
+
+		while (n--) {
+			if (p->name && vp->name && !strcmp(p->name, vp->name)) {
+				hit = 1;
+				lws_same_vh_protocol_insert(wsi, vp - vpo);
+				break;
+			}
+			vp++;
+		}
+		if (!hit)
+			lwsl_err("%s: %p is not in vhost '%s' protocols list\n",
+				 __func__, p, wsi->vhost->name);
+	}
+
+	if (wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP_BIND_PROTOCOL,
+				    wsi->user_space, NULL, 0))
+		return 1;
+
+	return 0;
+}
+
+void
+lws_close_free_wsi(struct lws *wsi, enum lws_close_status reason)
+{
+	struct lws_context_per_thread *pt;
+	struct lws *wsi1, *wsi2;
+	struct lws_context *context;
+	struct lws_tokens eff_buf;
+	int n, m, ret;
+
+	lwsl_debug("%s: %p\n", __func__, wsi);
+
+	if (!wsi)
+		return;
+
+	lws_access_log(wsi);
+#if defined(LWS_WITH_ESP8266)
+	if (wsi->premature_rx)
+		lws_free(wsi->premature_rx);
+
+	if (wsi->pending_send_completion && !wsi->close_is_pending_send_completion) {
+		lwsl_notice("delaying close\n");
+		wsi->close_is_pending_send_completion = 1;
+		return;
+	}
+#endif
+
+	/* we're closing, losing some rx is OK */
+	lws_header_table_force_to_detachable_state(wsi);
+
+	context = wsi->context;
+	pt = &context->pt[(int)wsi->tsi];
+	lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_API_CLOSE, 1);
+
+	/* if we have children, close them first */
+	if (wsi->child_list) {
+		wsi2 = wsi->child_list;
+		while (wsi2) {
+			wsi1 = wsi2->sibling_list;
+			wsi2->parent = NULL;
+			/* stop it doing shutdown processing */
+			wsi2->socket_is_permanently_unusable = 1;
+			lws_close_free_wsi(wsi2, reason);
+			wsi2 = wsi1;
+		}
+		wsi->child_list = NULL;
+	}
+
+#if defined(LWS_WITH_HTTP2)
+
+	if (wsi->u.h2.parent_wsi) {
+		lwsl_info(" wsi: %p, his parent %p: siblings:\n", wsi, wsi->u.h2.parent_wsi);
+		lws_start_foreach_llp(struct lws **, w, wsi->u.h2.parent_wsi->u.h2.child_list) {
+			lwsl_info("   \\---- child %p\n", *w);
+		} lws_end_foreach_llp(w, u.h2.sibling_list);
+	}
+
+	if (wsi->upgraded_to_http2 || wsi->http2_substream) {
+		lwsl_info("closing %p: parent %p\n", wsi, wsi->u.h2.parent_wsi);
+
+		if (wsi->u.h2.child_list) {
+			lwsl_info(" parent %p: closing children: list:\n", wsi);
+			lws_start_foreach_llp(struct lws **, w, wsi->u.h2.child_list) {
+				lwsl_info("   \\---- child %p\n", *w);
+			} lws_end_foreach_llp(w, u.h2.sibling_list);
+			/* trigger closing of all of our http2 children first */
+			lws_start_foreach_llp(struct lws **, w, wsi->u.h2.child_list) {
+				lwsl_info("   closing child %p\n", *w);
+				/* disconnect from siblings */
+				wsi2 = (*w)->u.h2.sibling_list;
+				(*w)->u.h2.sibling_list = NULL;
+				(*w)->socket_is_permanently_unusable = 1;
+				lws_close_free_wsi(*w, reason);
+				*w = wsi2;
+				continue;
+			} lws_end_foreach_llp(w, u.h2.sibling_list);
+		}
+	}
+
+	if (wsi->upgraded_to_http2) {
+		/* remove pps */
+		struct lws_h2_protocol_send *w = wsi->u.h2.h2n->pps, *w1;
+		while (w) {
+			w1 = wsi->u.h2.h2n->pps->next;
+			free(w);
+			w = w1;
+		}
+		wsi->u.h2.h2n->pps = NULL;
+	}
+
+	if (wsi->http2_substream && wsi->u.h2.parent_wsi) {
+		lwsl_info("  %p: disentangling from siblings\n", wsi);
+		lws_start_foreach_llp(struct lws **, w,
+				wsi->u.h2.parent_wsi->u.h2.child_list) {
+			/* disconnect from siblings */
+			if (*w == wsi) {
+				wsi2 = (*w)->u.h2.sibling_list;
+				(*w)->u.h2.sibling_list = NULL;
+				*w = wsi2;
+				lwsl_info("  %p disentangled from sibling %p\n", wsi, wsi2);
+				break;
+			}
+		} lws_end_foreach_llp(w, u.h2.sibling_list);
+		wsi->u.h2.parent_wsi->u.h2.child_count--;
+		wsi->u.h2.parent_wsi = NULL;
+		if (wsi->u.h2.pending_status_body)
+			lws_free_set_NULL(wsi->u.h2.pending_status_body);
+	}
+
+	if (wsi->upgraded_to_http2 && wsi->u.h2.h2n &&
+	    wsi->u.h2.h2n->rx_scratch)
+		lws_free_set_NULL(wsi->u.h2.h2n->rx_scratch);
+#endif
+
+	if (wsi->mode == LWSCM_RAW_FILEDESC) {
+		lws_remove_child_from_any_parent(wsi);
+		remove_wsi_socket_from_fds(wsi);
+		wsi->protocol->callback(wsi,
+					LWS_CALLBACK_RAW_CLOSE_FILE,
+					wsi->user_space, NULL, 0);
+		goto async_close;
+	}
+
+#ifdef LWS_WITH_CGI
+	if (wsi->mode == LWSCM_CGI) {
+		/* we are not a network connection, but a handler for CGI io */
+		if (wsi->parent && wsi->parent->cgi) {
+
+			if (wsi->cgi_channel == LWS_STDOUT)
+				lws_cgi_remove_and_kill(wsi->parent);
+
+			/* end the binding between us and master */
+			wsi->parent->cgi->stdwsi[(int)wsi->cgi_channel] = NULL;
+		}
+		wsi->socket_is_permanently_unusable = 1;
+
+		goto just_kill_connection;
+	}
+
+	if (wsi->cgi)
+		lws_cgi_remove_and_kill(wsi);
+#endif
+
+#if !defined(LWS_NO_CLIENT)
+	if (wsi->mode == LWSCM_HTTP_CLIENT ||
+	    wsi->mode == LWSCM_WSCL_WAITING_CONNECT ||
+	    wsi->mode == LWSCM_WSCL_WAITING_PROXY_REPLY ||
+	    wsi->mode == LWSCM_WSCL_ISSUE_HANDSHAKE ||
+	    wsi->mode == LWSCM_WSCL_ISSUE_HANDSHAKE2 ||
+	    wsi->mode == LWSCM_WSCL_WAITING_SSL ||
+	    wsi->mode == LWSCM_WSCL_WAITING_SERVER_REPLY ||
+	    wsi->mode == LWSCM_WSCL_WAITING_EXTENSION_CONNECT ||
+	    wsi->mode == LWSCM_WSCL_WAITING_SOCKS_GREETING_REPLY ||
+	    wsi->mode == LWSCM_WSCL_WAITING_SOCKS_CONNECT_REPLY ||
+	    wsi->mode == LWSCM_WSCL_WAITING_SOCKS_AUTH_REPLY)
+		if (wsi->u.hdr.stash)
+			lws_free_set_NULL(wsi->u.hdr.stash);
+#endif
+
+	if (wsi->mode == LWSCM_RAW) {
+		wsi->protocol->callback(wsi,
+			LWS_CALLBACK_RAW_CLOSE, wsi->user_space, NULL, 0);
+		wsi->socket_is_permanently_unusable = 1;
+		goto just_kill_connection;
+	}
+
+	if ((wsi->mode == LWSCM_HTTP_SERVING_ACCEPTED ||
+	     wsi->mode == LWSCM_HTTP2_SERVING) &&
+	    wsi->u.http.fop_fd != NULL) {
+		lws_vfs_file_close(&wsi->u.http.fop_fd);
+		wsi->vhost->protocols->callback(wsi,
+			LWS_CALLBACK_CLOSED_HTTP, wsi->user_space, NULL, 0);
+		wsi->told_user_closed = 1;
+	}
+	if (wsi->socket_is_permanently_unusable ||
+	    reason == LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY ||
+	    wsi->state == LWSS_SHUTDOWN)
+		goto just_kill_connection;
+
+	wsi->state_pre_close = wsi->state;
+
+	switch (wsi->state_pre_close) {
+	case LWSS_DEAD_SOCKET:
+		return;
+
+	/* we tried the polite way... */
+	case LWSS_WAITING_TO_SEND_CLOSE_NOTIFICATION:
+	case LWSS_AWAITING_CLOSE_ACK:
+		goto just_kill_connection;
+
+	case LWSS_FLUSHING_STORED_SEND_BEFORE_CLOSE:
+		if (wsi->trunc_len) {
+			lws_callback_on_writable(wsi);
+			return;
+		}
+		lwsl_info("%p: end FLUSHING_STORED_SEND_BEFORE_CLOSE\n", wsi);
+		goto just_kill_connection;
+	default:
+		if (wsi->trunc_len) {
+			lwsl_info("%p: start FLUSHING_STORED_SEND_BEFORE_CLOSE\n", wsi);
+			wsi->state = LWSS_FLUSHING_STORED_SEND_BEFORE_CLOSE;
+			lws_set_timeout(wsi, PENDING_FLUSH_STORED_SEND_BEFORE_CLOSE, 5);
+			return;
+		}
+		break;
+	}
+
+	if (wsi->mode == LWSCM_WSCL_WAITING_CONNECT ||
+	    wsi->mode == LWSCM_WSCL_ISSUE_HANDSHAKE)
+		goto just_kill_connection;
+
+	if (wsi->mode == LWSCM_HTTP_SERVING ||
+	    wsi->mode == LWSCM_HTTP2_SERVING) {
+		if (wsi->user_space)
+			wsi->vhost->protocols->callback(wsi,
+						LWS_CALLBACK_HTTP_DROP_PROTOCOL,
+					       wsi->user_space, NULL, 0);
+		wsi->vhost->protocols->callback(wsi, LWS_CALLBACK_CLOSED_HTTP,
+					       wsi->user_space, NULL, 0);
+		wsi->told_user_closed = 1;
+	}
+
+	/*
+	 * are his extensions okay with him closing?  Eg he might be a mux
+	 * parent and just his ch1 aspect is closing?
+	 */
+
+	if (lws_ext_cb_active(wsi, LWS_EXT_CB_CHECK_OK_TO_REALLY_CLOSE, NULL, 0) > 0) {
+		lwsl_ext("extension vetoed close\n");
+		return;
+	}
+
+	/*
+	 * flush any tx pending from extensions, since we may send close packet
+	 * if there are problems with send, just nuke the connection
+	 */
+	do {
+		ret = 0;
+		eff_buf.token = NULL;
+		eff_buf.token_len = 0;
+
+		/* show every extension the new incoming data */
+
+		m = lws_ext_cb_active(wsi,
+			  LWS_EXT_CB_FLUSH_PENDING_TX, &eff_buf, 0);
+		if (m < 0) {
+			lwsl_ext("Extension reports fatal error\n");
+			goto just_kill_connection;
+		}
+		if (m)
+			/*
+			 * at least one extension told us he has more
+			 * to spill, so we will go around again after
+			 */
+			ret = 1;
+
+		/* assuming they left us something to send, send it */
+
+		if (eff_buf.token_len)
+			if (lws_issue_raw(wsi, (unsigned char *)eff_buf.token,
+					  eff_buf.token_len) !=
+			    eff_buf.token_len) {
+				lwsl_debug("close: ext spill failed\n");
+				goto just_kill_connection;
+			}
+	} while (ret);
+
+	/*
+	 * signal we are closing, lws_write will
+	 * add any necessary version-specific stuff.  If the write fails,
+	 * no worries we are closing anyway.  If we didn't initiate this
+	 * close, then our state has been changed to
+	 * LWSS_RETURNED_CLOSE_ALREADY and we will skip this.
+	 *
+	 * Likewise if it's a second call to close this connection after we
+	 * sent the close indication to the peer already, we are in state
+	 * LWSS_AWAITING_CLOSE_ACK and will skip doing this a second time.
+	 */
+
+	if (wsi->state_pre_close == LWSS_ESTABLISHED &&
+	    (wsi->u.ws.close_in_ping_buffer_len || /* already a reason */
+	     (reason != LWS_CLOSE_STATUS_NOSTATUS &&
+	     (reason != LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY)))) {
+		lwsl_debug("sending close indication...\n");
+
+		/* if no prepared close reason, use 1000 and no aux data */
+		if (!wsi->u.ws.close_in_ping_buffer_len) {
+			wsi->u.ws.close_in_ping_buffer_len = 2;
+			wsi->u.ws.ping_payload_buf[LWS_PRE] =
+                               (reason >> 8) & 0xff;
+			wsi->u.ws.ping_payload_buf[LWS_PRE + 1] =
+				reason & 0xff;
+		}
+
+#if defined (LWS_WITH_ESP8266)
+		wsi->close_is_pending_send_completion = 1;
+#endif
+
+		lwsl_debug("waiting for chance to send close\n");
+		wsi->waiting_to_send_close_frame = 1;
+		wsi->state = LWSS_WAITING_TO_SEND_CLOSE_NOTIFICATION;
+		lws_set_timeout(wsi, PENDING_TIMEOUT_CLOSE_SEND, 2);
+		lws_callback_on_writable(wsi);
+
+		return;
+	}
+
+just_kill_connection:
+
+	lws_remove_child_from_any_parent(wsi);
+	n = 0;
+
+	if (wsi->user_space) {
+	    lwsl_debug("%s: %p: DROP_PROTOCOL %s\n", __func__, wsi,
+		       wsi->protocol->name);
+		wsi->protocol->callback(wsi,
+				        LWS_CALLBACK_HTTP_DROP_PROTOCOL,
+				        wsi->user_space, NULL, 0);
+	}
+
+	if ((wsi->mode == LWSCM_WSCL_WAITING_SERVER_REPLY ||
+			   wsi->mode == LWSCM_WSCL_WAITING_CONNECT) &&
+			   !wsi->already_did_cce) {
+				wsi->vhost->protocols[0].callback(wsi,
+						LWS_CALLBACK_CLIENT_CONNECTION_ERROR,
+						wsi->user_space, NULL, 0);
+	}
+
+	if (wsi->mode & LWSCM_FLAG_IMPLIES_CALLBACK_CLOSED_CLIENT_HTTP) {
+		wsi->vhost->protocols[0].callback(wsi,
+					LWS_CALLBACK_CLOSED_CLIENT_HTTP,
+						  wsi->user_space, NULL, 0);
+		wsi->told_user_closed = 1;
+	}
+
+
+#if LWS_POSIX
+	/*
+	 * Testing with ab shows that we have to stage the socket close when
+	 * the system is under stress... shutdown any further TX, change the
+	 * state to one that won't emit anything more, and wait with a timeout
+	 * for the POLLIN to show a zero-size rx before coming back and doing
+	 * the actual close.
+	 */
+	if (wsi->mode != LWSCM_RAW &&
+	    !(wsi->mode & LWSCM_FLAG_IMPLIES_CALLBACK_CLOSED_CLIENT_HTTP) &&
+	    wsi->state != LWSS_SHUTDOWN &&
+	    wsi->state != LWSS_CLIENT_UNCONNECTED &&
+	    reason != LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY &&
+	    !wsi->socket_is_permanently_unusable) {
+#ifdef LWS_OPENSSL_SUPPORT
+		if (lws_is_ssl(wsi) && wsi->ssl) {
+			n = SSL_shutdown(wsi->ssl);
+			/*
+			 * If finished the SSL shutdown, then do socket
+			 * shutdown, else need to retry SSL shutdown
+			 */
+			switch (n) {
+			case 0:
+				lws_change_pollfd(wsi, LWS_POLLOUT, LWS_POLLIN);
+				break;
+			case 1:
+				n = shutdown(wsi->desc.sockfd, SHUT_WR);
+				break;
+			default:
+				if (SSL_want_read(wsi->ssl)) {
+					lws_change_pollfd(wsi, 0, LWS_POLLIN);
+					n = 0;
+					break;
+				}
+				if (SSL_want_write(wsi->ssl)) {
+					lws_change_pollfd(wsi, 0, LWS_POLLOUT);
+					n = 0;
+					break;
+				}
+				n = shutdown(wsi->desc.sockfd, SHUT_WR);
+				break;
+			}
+		} else
+#endif
+		{
+			lwsl_info("%s: shutdown conn: %p (sock %d, state %d)\n",
+				  __func__, wsi, (int)(long)wsi->desc.sockfd,
+				  wsi->state);
+			if (!wsi->socket_is_permanently_unusable &&
+			    lws_sockfd_valid(wsi->desc.sockfd))
+				n = shutdown(wsi->desc.sockfd, SHUT_WR);
+		}
+		if (n)
+			lwsl_debug("closing: shutdown (state %d) ret %d\n",
+				   wsi->state, LWS_ERRNO);
+
+		/*
+		 * This causes problems on WINCE / ESP32 with disconnection
+		 * when the events are half closing connection
+		 */
+#if !defined(_WIN32_WCE) && !defined(LWS_WITH_ESP32)
+		/* libuv: no event available to guarantee completion */
+		if (!wsi->socket_is_permanently_unusable &&
+		    lws_sockfd_valid(wsi->desc.sockfd) &&
+		    !LWS_LIBUV_ENABLED(context)) {
+			lws_change_pollfd(wsi, LWS_POLLOUT, LWS_POLLIN);
+			wsi->state = LWSS_SHUTDOWN;
+			lws_set_timeout(wsi, PENDING_TIMEOUT_SHUTDOWN_FLUSH,
+					context->timeout_secs);
+
+			return;
+		}
+#endif
+	}
+#endif
+
+	lwsl_debug("%s: real just_kill_connection: %p (sockfd %d)\n", __func__,
+		   wsi, wsi->desc.sockfd);
+	
+#ifdef LWS_WITH_HTTP_PROXY
+	if (wsi->rw) {
+		lws_rewrite_destroy(wsi->rw);
+		wsi->rw = NULL;
+	}
+#endif
+	/*
+	 * we won't be servicing or receiving anything further from this guy
+	 * delete socket from the internal poll list if still present
+	 */
+	lws_ssl_remove_wsi_from_buffered_list(wsi);
+	lws_remove_from_timeout_list(wsi);
+
+	/* checking return redundant since we anyway close */
+	if (wsi->desc.sockfd != LWS_SOCK_INVALID)
+		remove_wsi_socket_from_fds(wsi);
+	else
+		lws_same_vh_protocol_remove(wsi);
+
+#if defined(LWS_WITH_ESP8266)
+	espconn_disconnect(wsi->desc.sockfd);
+#endif
+
+	wsi->state = LWSS_DEAD_SOCKET;
+
+	lws_free_set_NULL(wsi->rxflow_buffer);
+	if (wsi->state_pre_close == LWSS_ESTABLISHED ||
+	    wsi->mode == LWSCM_WS_SERVING ||
+	    wsi->mode == LWSCM_WS_CLIENT) {
+
+		if (wsi->u.ws.rx_draining_ext) {
+			struct lws **w = &pt->rx_draining_ext_list;
+
+			wsi->u.ws.rx_draining_ext = 0;
+			/* remove us from context draining ext list */
+			while (*w) {
+				if (*w == wsi) {
+					*w = wsi->u.ws.rx_draining_ext_list;
+					break;
+				}
+				w = &((*w)->u.ws.rx_draining_ext_list);
+			}
+			wsi->u.ws.rx_draining_ext_list = NULL;
+		}
+
+		if (wsi->u.ws.tx_draining_ext) {
+			struct lws **w = &pt->tx_draining_ext_list;
+
+			wsi->u.ws.tx_draining_ext = 0;
+			/* remove us from context draining ext list */
+			while (*w) {
+				if (*w == wsi) {
+					*w = wsi->u.ws.tx_draining_ext_list;
+					break;
+				}
+				w = &((*w)->u.ws.tx_draining_ext_list);
+			}
+			wsi->u.ws.tx_draining_ext_list = NULL;
+		}
+		lws_free_set_NULL(wsi->u.ws.rx_ubuf);
+
+		if (wsi->trunc_alloc)
+			/* not going to be completed... nuke it */
+			lws_free_set_NULL(wsi->trunc_alloc);
+
+		wsi->u.ws.ping_payload_len = 0;
+		wsi->u.ws.ping_pending_flag = 0;
+	}
+
+	/* tell the user it's all over for this guy */
+
+	if (!wsi->told_user_closed &&
+	    wsi->mode != LWSCM_RAW && wsi->protocol &&
+	    wsi->protocol->callback &&
+	    (wsi->state_pre_close == LWSS_ESTABLISHED ||
+	     wsi->state_pre_close == LWSS_HTTP2_ESTABLISHED ||
+	     wsi->state_pre_close == LWSS_HTTP_BODY ||
+	     wsi->state_pre_close == LWSS_HTTP ||
+	     wsi->state_pre_close == LWSS_RETURNED_CLOSE_ALREADY ||
+	     wsi->state_pre_close == LWSS_AWAITING_CLOSE_ACK ||
+	     wsi->state_pre_close == LWSS_WAITING_TO_SEND_CLOSE_NOTIFICATION ||
+	     wsi->state_pre_close == LWSS_FLUSHING_STORED_SEND_BEFORE_CLOSE ||
+	    (wsi->mode == LWSCM_WS_CLIENT && wsi->state_pre_close == LWSS_HTTP) ||
+	    (wsi->mode == LWSCM_WS_SERVING && wsi->state_pre_close == LWSS_HTTP))) {
+		lwsl_debug("calling back CLOSED %d %d\n", wsi->mode, wsi->state);
+		wsi->protocol->callback(wsi, LWS_CALLBACK_CLOSED,
+					wsi->user_space, NULL, 0);
+	} else if (wsi->mode == LWSCM_HTTP_SERVING_ACCEPTED) {
+		lwsl_debug("calling back CLOSED_HTTP\n");
+		wsi->vhost->protocols->callback(wsi, LWS_CALLBACK_CLOSED_HTTP,
+					       wsi->user_space, NULL, 0 );
+	} else
+		lwsl_debug("not calling back closed mode=%d state=%d\n",
+			   wsi->mode, wsi->state_pre_close);
+
+	/* deallocate any active extension contexts */
+
+	if (lws_ext_cb_active(wsi, LWS_EXT_CB_DESTROY, NULL, 0) < 0)
+		lwsl_warn("extension destruction failed\n");
+	/*
+	 * inform all extensions in case they tracked this guy out of band
+	 * even though not active on him specifically
+	 */
+	if (lws_ext_cb_all_exts(context, wsi,
+		       LWS_EXT_CB_DESTROY_ANY_WSI_CLOSING, NULL, 0) < 0)
+		lwsl_warn("ext destroy wsi failed\n");
+
+async_close:
+	wsi->socket_is_permanently_unusable = 1;
+
+#ifdef LWS_WITH_LIBUV
+	if (!wsi->parent_carries_io &&
+	    lws_sockfd_valid(wsi->desc.sockfd))
+		if (LWS_LIBUV_ENABLED(context)) {
+			if (wsi->listener) {
+				lwsl_debug("%s: stop listener poll\n", __func__);
+				uv_poll_stop(&wsi->w_read.uv_watcher);
+			}
+			lwsl_debug("%s: lws_libuv_closehandle: wsi %p\n",
+				   __func__, wsi);
+			/*
+			 * libuv has to do his own close handle processing
+			 * asynchronously
+			 */
+			lws_libuv_closehandle(wsi);
+
+			return;
+		}
+#endif
+
+	lws_close_free_wsi_final(wsi);
+}
+
+void
+lws_close_free_wsi_final(struct lws *wsi)
+{
+	int n;
+
+	if (lws_socket_is_valid(wsi->desc.sockfd) && !lws_ssl_close(wsi)) {
+#if LWS_POSIX
+		n = compatible_close(wsi->desc.sockfd);
+		if (n)
+			lwsl_debug("closing: close ret %d\n", LWS_ERRNO);
+
+#else
+		compatible_close(wsi->desc.sockfd);
+		(void)n;
+#endif
+		wsi->desc.sockfd = LWS_SOCK_INVALID;
+	}
+
+	/* outermost destroy notification for wsi (user_space still intact) */
+	wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_WSI_DESTROY,
+				          wsi->user_space, NULL, 0);
+
+#ifdef LWS_WITH_CGI
+	if (wsi->cgi) {
+
+		for (n = 0; n < 3; n++) {
+			if (wsi->cgi->pipe_fds[n][!!(n == 0)] == 0)
+				lwsl_err("ZERO FD IN CGI CLOSE");
+
+			if (wsi->cgi->pipe_fds[n][!!(n == 0)] >= 0)
+				close(wsi->cgi->pipe_fds[n][!!(n == 0)]);
+		}
+
+		lws_free(wsi->cgi);
+	}
+#endif
+
+	lws_free_wsi(wsi);
+}
+
+LWS_VISIBLE LWS_EXTERN const char *
+lws_get_urlarg_by_name(struct lws *wsi, const char *name, char *buf, int len)
+{
+	int n = 0, sl = strlen(name);
+
+	while (lws_hdr_copy_fragment(wsi, buf, len,
+			  WSI_TOKEN_HTTP_URI_ARGS, n) >= 0) {
+
+		if (!strncmp(buf, name, sl))
+			return buf + sl;
+
+		n++;
+	}
+
+	return NULL;
+}
+
+#if LWS_POSIX && !defined(LWS_WITH_ESP32)
+LWS_VISIBLE int
+interface_to_sa(struct lws_vhost *vh, const char *ifname,
+		struct sockaddr_in *addr, size_t addrlen)
+{
+	int ipv6 = 0;
+#ifdef LWS_WITH_IPV6
+	ipv6 = LWS_IPV6_ENABLED(vh);
+#endif
+	(void)vh;
+
+	return lws_interface_to_sa(ipv6, ifname, addr, addrlen);
+}
+#endif
+
+#ifndef LWS_PLAT_OPTEE
+#if LWS_POSIX
+static int
+lws_get_addresses(struct lws_vhost *vh, void *ads, char *name,
+		  int name_len, char *rip, int rip_len)
+{
+#if LWS_POSIX
+	struct addrinfo ai, *res;
+	struct sockaddr_in addr4;
+
+	rip[0] = '\0';
+	name[0] = '\0';
+	addr4.sin_family = AF_UNSPEC;
+
+#ifdef LWS_WITH_IPV6
+	if (LWS_IPV6_ENABLED(vh)) {
+		if (!lws_plat_inet_ntop(AF_INET6,
+					&((struct sockaddr_in6 *)ads)->sin6_addr,
+					rip, rip_len)) {
+			lwsl_err("inet_ntop: %s", strerror(LWS_ERRNO));
+			return -1;
+		}
+
+		// Strip off the IPv4 to IPv6 header if one exists
+		if (strncmp(rip, "::ffff:", 7) == 0)
+			memmove(rip, rip + 7, strlen(rip) - 6);
+
+		getnameinfo((struct sockaddr *)ads,
+			    sizeof(struct sockaddr_in6), name, name_len, NULL, 0, 0);
+
+		return 0;
+	} else
+#endif
+	{
+		struct addrinfo *result;
+
+		memset(&ai, 0, sizeof ai);
+		ai.ai_family = PF_UNSPEC;
+		ai.ai_socktype = SOCK_STREAM;
+		ai.ai_flags = AI_CANONNAME;
+#if !defined(LWS_WITH_ESP32)
+		if (getnameinfo((struct sockaddr *)ads,
+				sizeof(struct sockaddr_in),
+				name, name_len, NULL, 0, 0))
+			return -1;
+#endif
+
+		if (getaddrinfo(name, NULL, &ai, &result))
+			return -1;
+
+		res = result;
+		while (addr4.sin_family == AF_UNSPEC && res) {
+			switch (res->ai_family) {
+			case AF_INET:
+				addr4.sin_addr =
+				 ((struct sockaddr_in *)res->ai_addr)->sin_addr;
+				addr4.sin_family = AF_INET;
+				break;
+			}
+
+			res = res->ai_next;
+		}
+		freeaddrinfo(result);
+	}
+
+	if (addr4.sin_family == AF_UNSPEC)
+		return -1;
+
+	if (lws_plat_inet_ntop(AF_INET, &addr4.sin_addr, rip, rip_len) == NULL)
+		return -1;
+
+	return 0;
+#else
+	(void)vh;
+	(void)ads;
+	(void)name;
+	(void)name_len;
+	(void)rip;
+	(void)rip_len;
+
+	return -1;
+#endif
+}
+#endif
+
+
+LWS_VISIBLE const char *
+lws_get_peer_simple(struct lws *wsi, char *name, int namelen)
+{
+#if LWS_POSIX
+	socklen_t len, olen;
+#ifdef LWS_WITH_IPV6
+	struct sockaddr_in6 sin6;
+#endif
+	struct sockaddr_in sin4;
+	int af = AF_INET;
+	void *p, *q;
+
+#if defined(LWS_WITH_HTTP2)
+	if (wsi->http2_substream)
+		wsi = wsi->u.h2.parent_wsi;
+#endif
+
+	if (wsi->parent_carries_io)
+		wsi = wsi->parent;
+
+#ifdef LWS_WITH_IPV6
+	if (LWS_IPV6_ENABLED(wsi->vhost)) {
+		len = sizeof(sin6);
+		p = &sin6;
+		af = AF_INET6;
+		q = &sin6.sin6_addr;
+	} else
+#endif
+	{
+		len = sizeof(sin4);
+		p = &sin4;
+		q = &sin4.sin_addr;
+	}
+
+	olen = len;
+	if (getpeername(wsi->desc.sockfd, p, &len) < 0 || len > olen) {
+		lwsl_warn("getpeername: %s\n", strerror(LWS_ERRNO));
+		return NULL;
+	}
+
+	return lws_plat_inet_ntop(af, q, name, namelen);
+#else
+#if defined(LWS_WITH_ESP8266)
+	return lws_plat_get_peer_simple(wsi, name, namelen);
+#else
+	return NULL;
+#endif
+#endif
+}
+#endif
+
+LWS_VISIBLE void
+lws_get_peer_addresses(struct lws *wsi, lws_sockfd_type fd, char *name,
+		       int name_len, char *rip, int rip_len)
+{
+#ifndef LWS_PLAT_OPTEE
+#if LWS_POSIX
+	socklen_t len;
+#ifdef LWS_WITH_IPV6
+	struct sockaddr_in6 sin6;
+#endif
+	struct sockaddr_in sin4;
+	struct lws_context *context = wsi->context;
+	int ret = -1;
+	void *p;
+
+	rip[0] = '\0';
+	name[0] = '\0';
+
+	lws_latency_pre(context, wsi);
+
+#ifdef LWS_WITH_IPV6
+	if (LWS_IPV6_ENABLED(wsi->vhost)) {
+		len = sizeof(sin6);
+		p = &sin6;
+	} else
+#endif
+	{
+		len = sizeof(sin4);
+		p = &sin4;
+	}
+
+	if (getpeername(fd, p, &len) < 0) {
+		lwsl_warn("getpeername: %s\n", strerror(LWS_ERRNO));
+		goto bail;
+	}
+
+	ret = lws_get_addresses(wsi->vhost, p, name, name_len, rip, rip_len);
+
+bail:
+	lws_latency(context, wsi, "lws_get_peer_addresses", ret, 1);
+#endif
+#endif
+	(void)wsi;
+	(void)fd;
+	(void)name;
+	(void)name_len;
+	(void)rip;
+	(void)rip_len;
+
+}
+
+LWS_EXTERN void *
+lws_vhost_user(struct lws_vhost *vhost)
+{
+	return vhost->user;
+}
+
+LWS_EXTERN void *
+lws_context_user(struct lws_context *context)
+{
+	return context->user_space;
+}
+
+LWS_VISIBLE struct lws_vhost *
+lws_vhost_get(struct lws *wsi)
+{
+	return wsi->vhost;
+}
+
+LWS_VISIBLE struct lws_vhost *
+lws_get_vhost(struct lws *wsi)
+{
+	return wsi->vhost;
+}
+
+LWS_VISIBLE const struct lws_protocols *
+lws_protocol_get(struct lws *wsi)
+{
+	return wsi->protocol;
+}
+
+LWS_VISIBLE struct lws *
+lws_get_network_wsi(struct lws *wsi)
+{
+	if (!wsi)
+		return NULL;
+
+#if defined(LWS_WITH_HTTP2)
+	if (!wsi->http2_substream)
+		return wsi;
+
+	while (wsi->u.h2.parent_wsi)
+		wsi = wsi->u.h2.parent_wsi;
+#endif
+
+	return wsi;
+}
+
+LWS_VISIBLE LWS_EXTERN const struct lws_protocols *
+lws_vhost_name_to_protocol(struct lws_vhost *vh, const char *name)
+{
+	int n;
+
+	for (n = 0; n < vh->count_protocols; n++)
+		if (!strcmp(name, vh->protocols[n].name))
+			return &vh->protocols[n];
+
+	return NULL;
+}
+
+LWS_VISIBLE int
+lws_callback_all_protocol(struct lws_context *context,
+			  const struct lws_protocols *protocol, int reason)
+{
+	struct lws_context_per_thread *pt = &context->pt[0];
+	unsigned int n, m = context->count_threads;
+	struct lws *wsi;
+
+	while (m--) {
+		for (n = 0; n < pt->fds_count; n++) {
+			wsi = wsi_from_fd(context, pt->fds[n].fd);
+			if (!wsi)
+				continue;
+			if (wsi->protocol == protocol)
+				protocol->callback(wsi, reason, wsi->user_space,
+						   NULL, 0);
+		}
+		pt++;
+	}
+
+	return 0;
+}
+
+LWS_VISIBLE int
+lws_callback_all_protocol_vhost_args(struct lws_vhost *vh,
+			  const struct lws_protocols *protocol, int reason,
+			  void *argp, size_t len)
+{
+	struct lws_context *context = vh->context;
+	struct lws_context_per_thread *pt = &context->pt[0];
+	unsigned int n, m = context->count_threads;
+	struct lws *wsi;
+
+	while (m--) {
+		for (n = 0; n < pt->fds_count; n++) {
+			wsi = wsi_from_fd(context, pt->fds[n].fd);
+			if (!wsi)
+				continue;
+			if (wsi->vhost == vh && (wsi->protocol == protocol ||
+						 !protocol))
+				wsi->protocol->callback(wsi, reason,
+						wsi->user_space, argp, len);
+		}
+		pt++;
+	}
+
+	return 0;
+}
+
+LWS_VISIBLE int
+lws_callback_all_protocol_vhost(struct lws_vhost *vh,
+			  const struct lws_protocols *protocol, int reason)
+{
+	return lws_callback_all_protocol_vhost_args(vh, protocol, reason, NULL, 0);
+}
+
+LWS_VISIBLE LWS_EXTERN int
+lws_callback_vhost_protocols(struct lws *wsi, int reason, void *in, int len)
+{
+	int n;
+
+	for (n = 0; n < wsi->vhost->count_protocols; n++)
+		if (wsi->vhost->protocols[n].callback(wsi, reason, NULL, in, len))
+			return 1;
+
+	return 0;
+}
+
+LWS_VISIBLE LWS_EXTERN void
+lws_set_fops(struct lws_context *context, const struct lws_plat_file_ops *fops)
+{
+	context->fops = fops;
+}
+
+LWS_VISIBLE LWS_EXTERN lws_filepos_t
+lws_vfs_tell(lws_fop_fd_t fop_fd)
+{
+	return fop_fd->pos;
+}
+
+LWS_VISIBLE LWS_EXTERN lws_filepos_t
+lws_vfs_get_length(lws_fop_fd_t fop_fd)
+{
+	return fop_fd->len;
+}
+
+LWS_VISIBLE LWS_EXTERN uint32_t
+lws_vfs_get_mod_time(lws_fop_fd_t fop_fd)
+{
+	return fop_fd->mod_time;
+}
+
+LWS_VISIBLE lws_fileofs_t
+lws_vfs_file_seek_set(lws_fop_fd_t fop_fd, lws_fileofs_t offset)
+{
+	lws_fileofs_t ofs;
+
+	ofs = fop_fd->fops->LWS_FOP_SEEK_CUR(fop_fd, offset - fop_fd->pos);
+
+	return ofs;
+}
+
+
+LWS_VISIBLE lws_fileofs_t
+lws_vfs_file_seek_end(lws_fop_fd_t fop_fd, lws_fileofs_t offset)
+{
+	return fop_fd->fops->LWS_FOP_SEEK_CUR(fop_fd, fop_fd->len +
+					      fop_fd->pos + offset);
+}
+
+
+const struct lws_plat_file_ops *
+lws_vfs_select_fops(const struct lws_plat_file_ops *fops, const char *vfs_path,
+		    const char **vpath)
+{
+	const struct lws_plat_file_ops *pf;
+	const char *p = vfs_path;
+	int n;
+
+	*vpath = NULL;
+
+	/* no non-platform fops, just use that */
+
+	if (!fops->next)
+		return fops;
+
+	/*
+	 *  scan the vfs path looking for indications we are to be
+	 * handled by a specific fops
+	 */
+
+	while (p && *p) {
+		if (*p != '/') {
+			p++;
+			continue;
+		}
+		/* the first one is always platform fops, so skip */
+		pf = fops->next;
+		while (pf) {
+			n = 0;
+			while (n < ARRAY_SIZE(pf->fi) && pf->fi[n].sig) {
+				if (p >= vfs_path + pf->fi[n].len)
+					if (!strncmp(p - (pf->fi[n].len - 1),
+						    pf->fi[n].sig,
+						    pf->fi[n].len - 1)) {
+						*vpath = p + 1;
+						return pf;
+					}
+
+				n++;
+			}
+			pf = pf->next;
+		}
+		p++;
+	}
+
+	return fops;
+}
+
+LWS_VISIBLE LWS_EXTERN lws_fop_fd_t LWS_WARN_UNUSED_RESULT
+lws_vfs_file_open(const struct lws_plat_file_ops *fops, const char *vfs_path,
+		  lws_fop_flags_t *flags)
+{
+	const char *vpath = "";
+	const struct lws_plat_file_ops *selected;
+
+	selected = lws_vfs_select_fops(fops, vfs_path, &vpath);
+
+	return selected->LWS_FOP_OPEN(fops, vfs_path, vpath, flags);
+}
+
+
+/**
+ * lws_now_secs() - seconds since 1970-1-1
+ *
+ */
+LWS_VISIBLE LWS_EXTERN unsigned long
+lws_now_secs(void)
+{
+	struct timeval tv;
+
+	gettimeofday(&tv, NULL);
+
+	return tv.tv_sec;
+}
+
+
+#if LWS_POSIX
+
+LWS_VISIBLE int
+lws_get_socket_fd(struct lws *wsi)
+{
+	if (!wsi)
+		return -1;
+	return wsi->desc.sockfd;
+}
+
+#endif
+
+#ifdef LWS_LATENCY
+void
+lws_latency(struct lws_context *context, struct lws *wsi, const char *action,
+	    int ret, int completed)
+{
+	unsigned long long u;
+	char buf[256];
+
+	u = time_in_microseconds();
+
+	if (!action) {
+		wsi->latency_start = u;
+		if (!wsi->action_start)
+			wsi->action_start = u;
+		return;
+	}
+	if (completed) {
+		if (wsi->action_start == wsi->latency_start)
+			sprintf(buf,
+			  "Completion first try lat %lluus: %p: ret %d: %s\n",
+					u - wsi->latency_start,
+						      (void *)wsi, ret, action);
+		else
+			sprintf(buf,
+			  "Completion %lluus: lat %lluus: %p: ret %d: %s\n",
+				u - wsi->action_start,
+					u - wsi->latency_start,
+						      (void *)wsi, ret, action);
+		wsi->action_start = 0;
+	} else
+		sprintf(buf, "lat %lluus: %p: ret %d: %s\n",
+			      u - wsi->latency_start, (void *)wsi, ret, action);
+
+	if (u - wsi->latency_start > context->worst_latency) {
+		context->worst_latency = u - wsi->latency_start;
+		strcpy(context->worst_latency_info, buf);
+	}
+	lwsl_latency("%s", buf);
+}
+#endif
+
+LWS_VISIBLE int
+lws_rx_flow_control(struct lws *wsi, int _enable)
+{
+	int en = _enable;
+
+	lwsl_info("%s: %p 0x%x\n", __func__, wsi, _enable);
+
+	if (!(_enable & LWS_RXFLOW_REASON_APPLIES)) {
+		/*
+		 * convert user bool style to bitmap style... in user simple
+		 * bool style _enable = 0 = flow control it, = 1 = allow rx
+		 */
+		en = LWS_RXFLOW_REASON_APPLIES | LWS_RXFLOW_REASON_USER_BOOL;
+		if (_enable & 1)
+			en |= LWS_RXFLOW_REASON_APPLIES_ENABLE_BIT;
+	}
+
+	/* any bit set in rxflow_bitmap DISABLEs rxflow control */
+	if (en & LWS_RXFLOW_REASON_APPLIES_ENABLE_BIT)
+		wsi->rxflow_bitmap &= ~(en & 0xff);
+	else
+		wsi->rxflow_bitmap |= en & 0xff;
+
+	if ((LWS_RXFLOW_PENDING_CHANGE | (!wsi->rxflow_bitmap)) ==
+	    wsi->rxflow_change_to)
+		return 0;
+
+	wsi->rxflow_change_to = LWS_RXFLOW_PENDING_CHANGE | !wsi->rxflow_bitmap;
+
+	lwsl_info("%s: 0x%p: bitmap 0x%x: en 0x%x, ch 0x%x\n", __func__, wsi,
+		  wsi->rxflow_bitmap, en, wsi->rxflow_change_to);
+
+	if (_enable & LWS_RXFLOW_REASON_FLAG_PROCESS_NOW ||
+	    !wsi->rxflow_will_be_applied)
+		return _lws_rx_flow_control(wsi);
+
+	return 0;
+}
+
+LWS_VISIBLE void
+lws_rx_flow_allow_all_protocol(const struct lws_context *context,
+			       const struct lws_protocols *protocol)
+{
+	const struct lws_context_per_thread *pt = &context->pt[0];
+	struct lws *wsi;
+	unsigned int n, m = context->count_threads;
+
+	while (m--) {
+		for (n = 0; n < pt->fds_count; n++) {
+			wsi = wsi_from_fd(context, pt->fds[n].fd);
+			if (!wsi)
+				continue;
+			if (wsi->protocol == protocol)
+				lws_rx_flow_control(wsi, LWS_RXFLOW_ALLOW);
+		}
+		pt++;
+	}
+}
+
+LWS_VISIBLE extern const char *
+lws_canonical_hostname(struct lws_context *context)
+{
+	return (const char *)context->canonical_hostname;
+}
+
+int user_callback_handle_rxflow(lws_callback_function callback_function,
+				struct lws *wsi,
+				enum lws_callback_reasons reason, void *user,
+				void *in, size_t len)
+{
+	int n;
+
+	wsi->rxflow_will_be_applied = 1;
+	n = callback_function(wsi, reason, user, in, len);
+	wsi->rxflow_will_be_applied = 0;
+	if (!n)
+		n = _lws_rx_flow_control(wsi);
+
+	return n;
+}
+
+#if defined(LWS_WITH_ESP8266)
+#undef strchr
+#define strchr ets_strchr
+#endif
+
+LWS_VISIBLE int
+lws_set_proxy(struct lws_vhost *vhost, const char *proxy)
+{
+#if !defined(LWS_WITH_ESP8266)
+	char *p;
+	char authstring[96];
+
+	if (!proxy)
+		return -1;
+
+	/* we have to deal with a possible redundant leading http:// */
+	if (!strncmp(proxy, "http://", 7))
+		proxy += 7;
+
+	p = strchr(proxy, '@');
+	if (p) { /* auth is around */
+
+		if ((unsigned int)(p - proxy) > sizeof(authstring) - 1)
+			goto auth_too_long;
+
+		strncpy(authstring, proxy, p - proxy);
+		// null termination not needed on input
+		if (lws_b64_encode_string(authstring, (p - proxy),
+				vhost->proxy_basic_auth_token,
+		    sizeof vhost->proxy_basic_auth_token) < 0)
+			goto auth_too_long;
+
+		lwsl_info(" Proxy auth in use\n");
+
+		proxy = p + 1;
+	} else
+		vhost->proxy_basic_auth_token[0] = '\0';
+
+	strncpy(vhost->http_proxy_address, proxy,
+				sizeof(vhost->http_proxy_address) - 1);
+	vhost->http_proxy_address[
+				sizeof(vhost->http_proxy_address) - 1] = '\0';
+
+	p = strchr(vhost->http_proxy_address, ':');
+	if (!p && !vhost->http_proxy_port) {
+		lwsl_err("http_proxy needs to be ads:port\n");
+
+		return -1;
+	} else {
+		if (p) {
+			*p = '\0';
+			vhost->http_proxy_port = atoi(p + 1);
+		}
+	}
+
+	lwsl_info(" Proxy %s:%u\n", vhost->http_proxy_address,
+			vhost->http_proxy_port);
+
+	return 0;
+
+auth_too_long:
+	lwsl_err("proxy auth too long\n");
+#endif
+	return -1;
+}
+
+#if defined(LWS_WITH_SOCKS5)
+LWS_VISIBLE int
+lws_set_socks(struct lws_vhost *vhost, const char *socks)
+{
+#if !defined(LWS_WITH_ESP8266)
+	char *p_at, *p_colon;
+	char user[96];
+	char password[96];
+
+	if (!socks)
+		return -1;
+
+	vhost->socks_user[0] = '\0';
+	vhost->socks_password[0] = '\0';
+
+	p_at = strchr(socks, '@');
+	if (p_at) { /* auth is around */
+		if ((unsigned int)(p_at - socks) > (sizeof(user)
+			+ sizeof(password) - 2)) {
+			lwsl_err("Socks auth too long\n");
+			goto bail;
+		}
+
+		p_colon = strchr(socks, ':');
+		if (p_colon) {
+			if ((unsigned int)(p_colon - socks) > (sizeof(user)
+				- 1) ) {
+				lwsl_err("Socks user too long\n");
+				goto bail;
+			}
+			if ((unsigned int)(p_at - p_colon) > (sizeof(password)
+				- 1) ) {
+				lwsl_err("Socks password too long\n");
+				goto bail;
+			}
+
+			strncpy(vhost->socks_user, socks, p_colon - socks);
+			strncpy(vhost->socks_password, p_colon + 1,
+				p_at - (p_colon + 1));
+		}
+
+		lwsl_info(" Socks auth, user: %s, password: %s\n",
+			vhost->socks_user, vhost->socks_password );
+
+		socks = p_at + 1;
+	}
+
+	strncpy(vhost->socks_proxy_address, socks,
+				sizeof(vhost->socks_proxy_address) - 1);
+	vhost->socks_proxy_address[sizeof(vhost->socks_proxy_address) - 1]
+		= '\0';
+
+	p_colon = strchr(vhost->socks_proxy_address, ':');
+	if (!p_colon && !vhost->socks_proxy_port) {
+		lwsl_err("socks_proxy needs to be address:port\n");
+		return -1;
+	} else {
+		if (p_colon) {
+			*p_colon = '\0';
+			vhost->socks_proxy_port = atoi(p_colon + 1);
+		}
+	}
+
+	lwsl_info(" Socks %s:%u\n", vhost->socks_proxy_address,
+			vhost->socks_proxy_port);
+
+	return 0;
+
+bail:
+#endif
+	return -1;
+}
+#endif
+
+LWS_VISIBLE const struct lws_protocols *
+lws_get_protocol(struct lws *wsi)
+{
+	return wsi->protocol;
+}
+
+LWS_VISIBLE int
+lws_is_final_fragment(struct lws *wsi)
+{
+       lwsl_info("%s: final %d, rx pk length %ld, draining %ld\n", __func__,
+			wsi->u.ws.final, (long)wsi->u.ws.rx_packet_length,
+			(long)wsi->u.ws.rx_draining_ext);
+	return wsi->u.ws.final && !wsi->u.ws.rx_packet_length &&
+	       !wsi->u.ws.rx_draining_ext;
+}
+
+LWS_VISIBLE int
+lws_is_first_fragment(struct lws *wsi)
+{
+	return wsi->u.ws.first_fragment;
+}
+
+LWS_VISIBLE unsigned char
+lws_get_reserved_bits(struct lws *wsi)
+{
+	return wsi->u.ws.rsv;
+}
+
+int
+lws_ensure_user_space(struct lws *wsi)
+{
+	if (!wsi->protocol)
+		return 0;
+
+	/* allocate the per-connection user memory (if any) */
+
+	if (wsi->protocol->per_session_data_size && !wsi->user_space) {
+		wsi->user_space = lws_zalloc(wsi->protocol->per_session_data_size, "user space");
+		if (wsi->user_space == NULL) {
+			lwsl_err("%s: OOM\n", __func__);
+			return 1;
+		}
+	} else
+		lwsl_debug("%s: %p protocol pss %lu, user_space=%p\n", __func__,
+			   wsi, (long)wsi->protocol->per_session_data_size,
+			   wsi->user_space);
+	return 0;
+}
+
+LWS_VISIBLE void *
+lws_adjust_protocol_psds(struct lws *wsi, size_t new_size)
+{
+	((struct lws_protocols *)lws_get_protocol(wsi))->per_session_data_size =
+		new_size;
+
+	if (lws_ensure_user_space(wsi))
+			return NULL;
+
+	return wsi->user_space;
+}
+
+LWS_VISIBLE int
+lwsl_timestamp(int level, char *p, int len)
+{
+#ifndef LWS_PLAT_OPTEE
+	time_t o_now = time(NULL);
+	unsigned long long now;
+	struct tm *ptm = NULL;
+#ifndef WIN32
+	struct tm tm;
+#endif
+	int n;
+
+#ifndef _WIN32_WCE
+#ifdef WIN32
+	ptm = localtime(&o_now);
+#else
+	if (localtime_r(&o_now, &tm))
+		ptm = &tm;
+#endif
+#endif
+	p[0] = '\0';
+	for (n = 0; n < LLL_COUNT; n++) {
+		if (level != (1 << n))
+			continue;
+		now = time_in_microseconds() / 100;
+		if (ptm)
+			n = lws_snprintf(p, len,
+				"[%04d/%02d/%02d %02d:%02d:%02d:%04d] %s: ",
+				ptm->tm_year + 1900,
+				ptm->tm_mon + 1,
+				ptm->tm_mday,
+				ptm->tm_hour,
+				ptm->tm_min,
+				ptm->tm_sec,
+				(int)(now % 10000), log_level_names[n]);
+		else
+			n = lws_snprintf(p, len, "[%llu:%04d] %s: ",
+					(unsigned long long) now / 10000,
+					(int)(now % 10000), log_level_names[n]);
+		return n;
+	}
+#endif
+	return 0;
+}
+
+static const char * const colours[] = {
+	"[31;1m", /* LLL_ERR */
+	"[36;1m", /* LLL_WARN */
+	"[35;1m", /* LLL_NOTICE */
+	"[32;1m", /* LLL_INFO */
+	"[34;1m", /* LLL_DEBUG */
+	"[33;1m", /* LLL_PARSER */
+	"[33;1m", /* LLL_HEADER */
+	"[33;1m", /* LLL_EXT */
+	"[33;1m", /* LLL_CLIENT */
+	"[33;1m", /* LLL_LATENCY */
+	"[30;1m", /* LLL_USER */
+};
+
+#ifndef LWS_PLAT_OPTEE
+LWS_VISIBLE void lwsl_emit_stderr(int level, const char *line)
+{
+#if !defined(LWS_WITH_ESP8266)
+	char buf[50];
+	static char tty;
+	int n, m = ARRAY_SIZE(colours) - 1;
+
+	if (!tty)
+		tty = isatty(2) | 2;
+
+	lwsl_timestamp(level, buf, sizeof(buf));
+
+	if (tty == 3) {
+		n = 1 << (ARRAY_SIZE(colours) - 1);
+		while (n) {
+			if (level & n)
+				break;
+			m--;
+			n >>= 1;
+		}
+		fprintf(stderr, "%c%s%s%s%c[0m", 27, colours[m], buf, line, 27);
+	} else
+		fprintf(stderr, "%s%s", buf, line);
+#endif
+}
+#endif
+
+LWS_VISIBLE void _lws_logv(int filter, const char *format, va_list vl)
+{
+#if defined(LWS_WITH_ESP8266)
+	char buf[128];
+#else
+	char buf[256];
+#endif
+	int n;
+
+	if (!(log_level & filter))
+		return;
+
+	n = vsnprintf(buf, sizeof(buf) - 1, format, vl);
+	(void)n;
+#if defined(LWS_WITH_ESP8266)
+	buf[sizeof(buf) - 1] = '\0';
+#else
+	/* vnsprintf returns what it would have written, even if truncated */
+	if (n > sizeof(buf) - 1)
+		n = sizeof(buf) - 1;
+	if (n > 0)
+		buf[n] = '\0';
+#endif
+
+	lwsl_emit(filter, buf);
+}
+
+LWS_VISIBLE void _lws_log(int filter, const char *format, ...)
+{
+	va_list ap;
+
+	va_start(ap, format);
+	_lws_logv(filter, format, ap);
+	va_end(ap);
+}
+
+LWS_VISIBLE void lws_set_log_level(int level,
+				   void (*func)(int level, const char *line))
+{
+	log_level = level;
+	if (func)
+		lwsl_emit = func;
+}
+
+LWS_VISIBLE int lwsl_visible(int level)
+{
+	return log_level & level;
+}
+
+LWS_VISIBLE void
+lwsl_hexdump_level(int hexdump_level, const void *vbuf, size_t len)
+{
+	unsigned char *buf = (unsigned char *)vbuf;
+	unsigned int n, m, start;
+	char line[80];
+	char *p;
+
+	if (!lwsl_visible(hexdump_level))
+		return;
+
+	_lws_log(hexdump_level, "\n");
+
+	for (n = 0; n < len;) {
+		start = n;
+		p = line;
+
+		p += sprintf(p, "%04X: ", start);
+
+		for (m = 0; m < 16 && n < len; m++)
+			p += sprintf(p, "%02X ", buf[n++]);
+		while (m++ < 16)
+			p += sprintf(p, "   ");
+
+		p += sprintf(p, "   ");
+
+		for (m = 0; m < 16 && (start + m) < len; m++) {
+			if (buf[start + m] >= ' ' && buf[start + m] < 127)
+				*p++ = buf[start + m];
+			else
+				*p++ = '.';
+		}
+		while (m++ < 16)
+			*p++ = ' ';
+
+		*p++ = '\n';
+		*p = '\0';
+		_lws_log(hexdump_level, "%s", line);
+		(void)line;
+	}
+
+	_lws_log(hexdump_level, "\n");
+}
+
+LWS_VISIBLE void
+lwsl_hexdump(const void *vbuf, size_t len)
+{
+	lwsl_hexdump_level(LLL_DEBUG, vbuf, len);
+}
+
+LWS_VISIBLE int
+lws_is_ssl(struct lws *wsi)
+{
+#ifdef LWS_OPENSSL_SUPPORT
+	return wsi->use_ssl;
+#else
+	(void)wsi;
+	return 0;
+#endif
+}
+
+#ifdef LWS_OPENSSL_SUPPORT
+LWS_VISIBLE SSL*
+lws_get_ssl(struct lws *wsi)
+{
+	return wsi->ssl;
+}
+#endif
+
+LWS_VISIBLE int
+lws_partial_buffered(struct lws *wsi)
+{
+	return !!wsi->trunc_len;
+}
+
+LWS_VISIBLE size_t
+lws_get_peer_write_allowance(struct lws *wsi)
+{
+#ifdef LWS_WITH_HTTP2
+	/* only if we are using HTTP2 on this connection */
+	if (wsi->mode != LWSCM_HTTP2_SERVING)
+		return -1;
+
+	return lws_h2_tx_cr_get(wsi);
+#else
+	(void)wsi;
+	return -1;
+#endif
+}
+
+LWS_VISIBLE void
+lws_union_transition(struct lws *wsi, enum connection_mode mode)
+{
+	lwsl_debug("%s: %p: mode %d\n", __func__, wsi, mode);
+	memset(&wsi->u, 0, sizeof(wsi->u));
+	wsi->mode = mode;
+}
+
+LWS_VISIBLE struct lws_plat_file_ops *
+lws_get_fops(struct lws_context *context)
+{
+	return (struct lws_plat_file_ops *)context->fops;
+}
+
+LWS_VISIBLE LWS_EXTERN struct lws_context *
+lws_get_context(const struct lws *wsi)
+{
+	return wsi->context;
+}
+
+LWS_VISIBLE LWS_EXTERN int
+lws_get_count_threads(struct lws_context *context)
+{
+	return context->count_threads;
+}
+
+LWS_VISIBLE LWS_EXTERN void *
+lws_wsi_user(struct lws *wsi)
+{
+	return wsi->user_space;
+}
+
+LWS_VISIBLE LWS_EXTERN void
+lws_set_wsi_user(struct lws *wsi, void *data)
+{
+	if (wsi->user_space_externally_allocated)
+		wsi->user_space = data;
+	else
+		lwsl_err("%s: Cannot set internally-allocated user_space\n",
+			 __func__);
+}
+
+LWS_VISIBLE LWS_EXTERN struct lws *
+lws_get_parent(const struct lws *wsi)
+{
+	return wsi->parent;
+}
+
+LWS_VISIBLE LWS_EXTERN struct lws *
+lws_get_child(const struct lws *wsi)
+{
+	return wsi->child_list;
+}
+
+LWS_VISIBLE LWS_EXTERN void
+lws_set_parent_carries_io(struct lws *wsi)
+{
+	wsi->parent_carries_io = 1;
+}
+
+LWS_VISIBLE LWS_EXTERN void *
+lws_get_opaque_parent_data(const struct lws *wsi)
+{
+	return wsi->opaque_parent_data;
+}
+
+LWS_VISIBLE LWS_EXTERN void
+lws_set_opaque_parent_data(struct lws *wsi, void *data)
+{
+	wsi->opaque_parent_data = data;
+}
+
+LWS_VISIBLE LWS_EXTERN int
+lws_get_child_pending_on_writable(const struct lws *wsi)
+{
+	return wsi->parent_pending_cb_on_writable;
+}
+
+LWS_VISIBLE LWS_EXTERN void
+lws_clear_child_pending_on_writable(struct lws *wsi)
+{
+	wsi->parent_pending_cb_on_writable = 0;
+}
+
+LWS_VISIBLE LWS_EXTERN int
+lws_get_close_length(struct lws *wsi)
+{
+	return wsi->u.ws.close_in_ping_buffer_len;
+}
+
+LWS_VISIBLE LWS_EXTERN unsigned char *
+lws_get_close_payload(struct lws *wsi)
+{
+	return &wsi->u.ws.ping_payload_buf[LWS_PRE];
+}
+
+LWS_VISIBLE LWS_EXTERN void
+lws_close_reason(struct lws *wsi, enum lws_close_status status,
+		 unsigned char *buf, size_t len)
+{
+	unsigned char *p, *start;
+	int budget = sizeof(wsi->u.ws.ping_payload_buf) - LWS_PRE;
+
+	assert(wsi->mode == LWSCM_WS_SERVING || wsi->mode == LWSCM_WS_CLIENT);
+
+	start = p = &wsi->u.ws.ping_payload_buf[LWS_PRE];
+
+	*p++ = (((int)status) >> 8) & 0xff;
+	*p++ = ((int)status) & 0xff;
+
+	if (buf)
+		while (len-- && p < start + budget)
+			*p++ = *buf++;
+
+	wsi->u.ws.close_in_ping_buffer_len = p - start;
+}
+
+LWS_EXTERN int
+_lws_rx_flow_control(struct lws *wsi)
+{
+	struct lws *wsic = wsi->child_list;
+
+	/* if he has children, do those if they were changed */
+	while (wsic) {
+		if (wsic->rxflow_change_to & LWS_RXFLOW_PENDING_CHANGE)
+			_lws_rx_flow_control(wsic);
+
+		wsic = wsic->sibling_list;
+	}
+
+	/* there is no pending change */
+	if (!(wsi->rxflow_change_to & LWS_RXFLOW_PENDING_CHANGE))
+		return 0;
+
+	/* stuff is still buffered, not ready to really accept new input */
+	if (wsi->rxflow_buffer) {
+		/* get ourselves called back to deal with stashed buffer */
+		lws_callback_on_writable(wsi);
+		return 0;
+	}
+
+	/* pending is cleared, we can change rxflow state */
+
+	wsi->rxflow_change_to &= ~LWS_RXFLOW_PENDING_CHANGE;
+
+	lwsl_info("rxflow: wsi %p change_to %d\n", wsi,
+			      wsi->rxflow_change_to & LWS_RXFLOW_ALLOW);
+
+	/* adjust the pollfd for this wsi */
+
+	if (wsi->rxflow_change_to & LWS_RXFLOW_ALLOW) {
+		if (lws_change_pollfd(wsi, 0, LWS_POLLIN)) {
+			lwsl_info("%s: fail\n", __func__);
+			return -1;
+		}
+	} else
+		if (lws_change_pollfd(wsi, LWS_POLLIN, 0))
+			return -1;
+
+	return 0;
+}
+
+LWS_EXTERN int
+lws_check_utf8(unsigned char *state, unsigned char *buf, size_t len)
+{
+	static const unsigned char e0f4[] = {
+		0xa0 | ((2 - 1) << 2) | 1, /* e0 */
+		0x80 | ((4 - 1) << 2) | 1, /* e1 */
+		0x80 | ((4 - 1) << 2) | 1, /* e2 */
+		0x80 | ((4 - 1) << 2) | 1, /* e3 */
+		0x80 | ((4 - 1) << 2) | 1, /* e4 */
+		0x80 | ((4 - 1) << 2) | 1, /* e5 */
+		0x80 | ((4 - 1) << 2) | 1, /* e6 */
+		0x80 | ((4 - 1) << 2) | 1, /* e7 */
+		0x80 | ((4 - 1) << 2) | 1, /* e8 */
+		0x80 | ((4 - 1) << 2) | 1, /* e9 */
+		0x80 | ((4 - 1) << 2) | 1, /* ea */
+		0x80 | ((4 - 1) << 2) | 1, /* eb */
+		0x80 | ((4 - 1) << 2) | 1, /* ec */
+		0x80 | ((2 - 1) << 2) | 1, /* ed */
+		0x80 | ((4 - 1) << 2) | 1, /* ee */
+		0x80 | ((4 - 1) << 2) | 1, /* ef */
+		0x90 | ((3 - 1) << 2) | 2, /* f0 */
+		0x80 | ((4 - 1) << 2) | 2, /* f1 */
+		0x80 | ((4 - 1) << 2) | 2, /* f2 */
+		0x80 | ((4 - 1) << 2) | 2, /* f3 */
+		0x80 | ((1 - 1) << 2) | 2, /* f4 */
+
+		0,			   /* s0 */
+		0x80 | ((4 - 1) << 2) | 0, /* s2 */
+		0x80 | ((4 - 1) << 2) | 1, /* s3 */
+	};
+	unsigned char s = *state;
+
+	while (len--) {
+		unsigned char c = *buf++;
+
+		if (!s) {
+			if (c >= 0x80) {
+				if (c < 0xc2 || c > 0xf4)
+					return 1;
+				if (c < 0xe0)
+					s = 0x80 | ((4 - 1) << 2);
+				else
+					s = e0f4[c - 0xe0];
+			}
+		} else {
+			if (c < (s & 0xf0) ||
+			    c >= (s & 0xf0) + 0x10 + ((s << 2) & 0x30))
+				return 1;
+			s = e0f4[21 + (s & 3)];
+		}
+	}
+
+	*state = s;
+
+	return 0;
+}
+
+LWS_VISIBLE LWS_EXTERN int
+lws_parse_uri(char *p, const char **prot, const char **ads, int *port,
+	      const char **path)
+{
+	const char *end;
+	static const char *slash = "/";
+
+	/* cut up the location into address, port and path */
+	*prot = p;
+	while (*p && (*p != ':' || p[1] != '/' || p[2] != '/'))
+		p++;
+	if (!*p) {
+		end = p;
+		p = (char *)*prot;
+		*prot = end;
+	} else {
+		*p = '\0';
+		p += 3;
+	}
+	*ads = p;
+	if (!strcmp(*prot, "http") || !strcmp(*prot, "ws"))
+		*port = 80;
+	else if (!strcmp(*prot, "https") || !strcmp(*prot, "wss"))
+		*port = 443;
+
+       if (*p == '[')
+       {
+               ++(*ads);
+               while (*p && *p != ']')
+                       p++;
+               if (*p)
+                       *p++ = '\0';
+       }
+       else
+       {
+               while (*p && *p != ':' && *p != '/')
+                       p++;
+       }
+	if (*p == ':') {
+		*p++ = '\0';
+		*port = atoi(p);
+		while (*p && *p != '/')
+			p++;
+	}
+	*path = slash;
+	if (*p) {
+		*p++ = '\0';
+		if (*p)
+			*path = p;
+	}
+
+	return 0;
+}
+
+#ifdef LWS_NO_EXTENSIONS
+
+/* we need to provide dummy callbacks for internal exts
+ * so user code runs when faced with a lib compiled with
+ * extensions disabled.
+ */
+
+int
+lws_extension_callback_pm_deflate(struct lws_context *context,
+                                  const struct lws_extension *ext,
+                                  struct lws *wsi,
+                                  enum lws_extension_callback_reasons reason,
+                                  void *user, void *in, size_t len)
+{
+	(void)context;
+	(void)ext;
+	(void)wsi;
+	(void)reason;
+	(void)user;
+	(void)in;
+	(void)len;
+
+	return 0;
+}
+#endif
+
+LWS_EXTERN int
+lws_socket_bind(struct lws_vhost *vhost, lws_sockfd_type sockfd, int port,
+		const char *iface)
+{
+#if LWS_POSIX
+#ifdef LWS_WITH_UNIX_SOCK
+	struct sockaddr_un serv_unix;
+#endif
+#ifdef LWS_WITH_IPV6
+	struct sockaddr_in6 serv_addr6;
+#endif
+	struct sockaddr_in serv_addr4;
+#ifndef LWS_PLAT_OPTEE
+	socklen_t len = sizeof(struct sockaddr_storage);
+#endif
+	int n;
+	struct sockaddr_storage sin;
+	struct sockaddr *v;
+
+#ifdef LWS_WITH_UNIX_SOCK
+	if (LWS_UNIX_SOCK_ENABLED(vhost)) {
+		v = (struct sockaddr *)&serv_unix;
+		n = sizeof(struct sockaddr_un);
+		bzero((char *) &serv_unix, sizeof(serv_unix));
+		serv_unix.sun_family = AF_UNIX;
+		if (sizeof(serv_unix.sun_path) <= strlen(iface)) {
+			lwsl_err("\"%s\" too long for UNIX domain socket\n",
+			         iface);
+			return -1;
+		}
+		strcpy(serv_unix.sun_path, iface);
+		if (serv_unix.sun_path[0] == '@')
+			serv_unix.sun_path[0] = '\0';
+
+	} else
+#endif
+#if defined(LWS_WITH_IPV6) && !defined(LWS_WITH_ESP32)
+	if (LWS_IPV6_ENABLED(vhost)) {
+		v = (struct sockaddr *)&serv_addr6;
+		n = sizeof(struct sockaddr_in6);
+		bzero((char *) &serv_addr6, sizeof(serv_addr6));
+		if (iface) {
+			if (interface_to_sa(vhost, iface,
+				    (struct sockaddr_in *)v, n) < 0) {
+				lwsl_err("Unable to find if %s\n", iface);
+				return -1;
+			}
+			serv_addr6.sin6_scope_id = lws_get_addr_scope(iface);
+		}
+
+		serv_addr6.sin6_family = AF_INET6;
+		serv_addr6.sin6_port = htons(port);
+	} else
+#endif
+	{
+		v = (struct sockaddr *)&serv_addr4;
+		n = sizeof(serv_addr4);
+		bzero((char *) &serv_addr4, sizeof(serv_addr4));
+		serv_addr4.sin_addr.s_addr = INADDR_ANY;
+		serv_addr4.sin_family = AF_INET;
+#if !defined(LWS_WITH_ESP32)
+
+		if (iface &&
+		    interface_to_sa(vhost, iface,
+				    (struct sockaddr_in *)v, n) < 0) {
+			lwsl_err("Unable to find interface %s\n", iface);
+			return -1;
+		}
+#endif
+		serv_addr4.sin_port = htons(port);
+	} /* ipv4 */
+
+	n = bind(sockfd, v, n);
+#ifdef LWS_WITH_UNIX_SOCK
+	if (n < 0 && LWS_UNIX_SOCK_ENABLED(vhost)) {
+		lwsl_err("ERROR on binding fd %d to \"%s\" (%d %d)\n",
+				sockfd, iface, n, LWS_ERRNO);
+		return -1;
+	} else
+#endif
+	if (n < 0) {
+		lwsl_err("ERROR on binding fd %d to port %d (%d %d)\n",
+				sockfd, port, n, LWS_ERRNO);
+		return -1;
+	}
+
+#ifndef LWS_PLAT_OPTEE
+	if (getsockname(sockfd, (struct sockaddr *)&sin, &len) == -1)
+		lwsl_warn("getsockname: %s\n", strerror(LWS_ERRNO));
+	else
+#endif
+#if defined(LWS_WITH_IPV6)
+		port = (sin.ss_family == AF_INET6) ?
+				  ntohs(((struct sockaddr_in6 *) &sin)->sin6_port) :
+				  ntohs(((struct sockaddr_in *) &sin)->sin_port);
+#else
+		{
+			struct sockaddr_in sain;
+			memcpy(&sain, &sin, sizeof(sain));
+			port = ntohs(sain.sin_port);
+		}
+#endif
+#endif
+
+	return port;
+}
+
+#if defined(LWS_WITH_IPV6)
+LWS_EXTERN unsigned long
+lws_get_addr_scope(const char *ipaddr)
+{
+	unsigned long scope = 0;
+
+#ifndef WIN32
+	struct ifaddrs *addrs, *addr;
+	char ip[NI_MAXHOST];
+	unsigned int i;
+
+	getifaddrs(&addrs);
+	for (addr = addrs; addr; addr = addr->ifa_next) {
+		if (!addr->ifa_addr ||
+			addr->ifa_addr->sa_family != AF_INET6)
+			continue;
+
+		getnameinfo(addr->ifa_addr,
+				sizeof(struct sockaddr_in6),
+				ip, sizeof(ip),
+				NULL, 0, NI_NUMERICHOST);
+
+		i = 0;
+		while (ip[i])
+			if (ip[i++] == '%') {
+				ip[i - 1] = '\0';
+				break;
+			}
+
+		if (!strcmp(ip, ipaddr)) {
+			scope = if_nametoindex(addr->ifa_name);
+			break;
+		}
+	}
+	freeifaddrs(addrs);
+#else
+	PIP_ADAPTER_ADDRESSES adapter, addrs = NULL;
+	PIP_ADAPTER_UNICAST_ADDRESS addr;
+	ULONG size = 0;
+	DWORD ret;
+	struct sockaddr_in6 *sockaddr;
+	char ip[NI_MAXHOST];
+	unsigned int i;
+	int found = 0;
+
+	for (i = 0; i < 5; i++)
+	{
+		ret = GetAdaptersAddresses(AF_INET6, GAA_FLAG_INCLUDE_PREFIX,
+				NULL, addrs, &size);
+		if ((ret == NO_ERROR) || (ret == ERROR_NO_DATA)) {
+			break;
+		} else if (ret == ERROR_BUFFER_OVERFLOW)
+		{
+			if (addrs)
+				free(addrs);
+			addrs = (IP_ADAPTER_ADDRESSES *)malloc(size);
+		} else
+		{
+			if (addrs)
+			{
+				free(addrs);
+				addrs = NULL;
+			}
+			lwsl_err("Failed to get IPv6 address table (%d)", ret);
+			break;
+		}
+	}
+
+	if ((ret == NO_ERROR) && (addrs)) {
+		adapter = addrs;
+		while (adapter && !found) {
+			addr = adapter->FirstUnicastAddress;
+			while (addr && !found) {
+				if (addr->Address.lpSockaddr->sa_family == AF_INET6) {
+					sockaddr = (struct sockaddr_in6 *)
+						(addr->Address.lpSockaddr);
+
+					lws_plat_inet_ntop(sockaddr->sin6_family,
+							&sockaddr->sin6_addr,
+							ip, sizeof(ip));
+
+					if (!strcmp(ip, ipaddr)) {
+						scope = sockaddr->sin6_scope_id;
+						found = 1;
+						break;
+					}
+				}
+				addr = addr->Next;
+			}
+			adapter = adapter->Next;
+		}
+	}
+	if (addrs)
+		free(addrs);
+#endif
+
+	return scope;
+}
+#endif
+
+LWS_EXTERN void
+lws_restart_ws_ping_pong_timer(struct lws *wsi)
+{
+	if (!wsi->context->ws_ping_pong_interval)
+		return;
+	if (wsi->state != LWSS_ESTABLISHED)
+		return;
+
+	wsi->u.ws.time_next_ping_check = (time_t)lws_now_secs() +
+				    wsi->context->ws_ping_pong_interval;
+}
+
+static const char *hex = "0123456789ABCDEF";
+
+LWS_VISIBLE LWS_EXTERN const char *
+lws_sql_purify(char *escaped, const char *string, int len)
+{
+	const char *p = string;
+	char *q = escaped;
+
+	while (*p && len-- > 2) {
+		if (*p == '\'') {
+			*q++ = '\'';
+			*q++ = '\'';
+			len --;
+			p++;
+		} else
+			*q++ = *p++;
+	}
+	*q = '\0';
+
+	return escaped;
+}
+
+LWS_VISIBLE LWS_EXTERN const char *
+lws_json_purify(char *escaped, const char *string, int len)
+{
+	const char *p = string;
+	char *q = escaped;
+
+	if (!p) {
+		escaped[0] = '\0';
+		return escaped;
+	}
+
+	while (*p && len-- > 6) {
+		if (*p == '\"' || *p == '\\' || *p < 0x20) {
+			*q++ = '\\';
+			*q++ = 'u';
+			*q++ = '0';
+			*q++ = '0';
+			*q++ = hex[((*p) >> 4) & 15];
+			*q++ = hex[(*p) & 15];
+			len -= 5;
+			p++;
+		} else
+			*q++ = *p++;
+	}
+	*q = '\0';
+
+	return escaped;
+}
+
+LWS_VISIBLE LWS_EXTERN const char *
+lws_urlencode(char *escaped, const char *string, int len)
+{
+	const char *p = string;
+	char *q = escaped;
+
+	while (*p && len-- > 3) {
+		if (*p == ' ') {
+			*q++ = '+';
+			p++;
+			continue;
+		}
+		if ((*p >= '0' && *p <= '9') ||
+		    (*p >= 'A' && *p <= 'Z') ||
+		    (*p >= 'a' && *p <= 'z')) {
+			*q++ = *p++;
+			continue;
+		}
+		*q++ = '%';
+		*q++ = hex[(*p >> 4) & 0xf];
+		*q++ = hex[*p & 0xf];
+
+		len -= 2;
+		p++;
+	}
+	*q = '\0';
+
+	return escaped;
+}
+
+LWS_VISIBLE LWS_EXTERN int
+lws_urldecode(char *string, const char *escaped, int len)
+{
+	int state = 0, n;
+	char sum = 0;
+
+	while (*escaped && len) {
+		switch (state) {
+		case 0:
+			if (*escaped == '%') {
+				state++;
+				escaped++;
+				continue;
+			}
+			if (*escaped == '+') {
+				escaped++;
+				*string++ = ' ';
+				len--;
+				continue;
+			}
+			*string++ = *escaped++;
+			len--;
+			break;
+		case 1:
+			n = char_to_hex(*escaped);
+			if (n < 0)
+				return -1;
+			escaped++;
+			sum = n << 4;
+			state++;
+			break;
+
+		case 2:
+			n = char_to_hex(*escaped);
+			if (n < 0)
+				return -1;
+			escaped++;
+			*string++ = sum | n;
+			len--;
+			state = 0;
+			break;
+		}
+
+	}
+	*string = '\0';
+
+	return 0;
+}
+
+LWS_VISIBLE LWS_EXTERN int
+lws_finalize_startup(struct lws_context *context)
+{
+	struct lws_context_creation_info info;
+
+	info.uid = context->uid;
+	info.gid = context->gid;
+
+#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP)
+	memcpy(info.caps, context->caps, sizeof(info.caps));
+	info.count_caps = context->count_caps;
+#endif
+
+	if (lws_check_opt(context->options, LWS_SERVER_OPTION_EXPLICIT_VHOSTS))
+		lws_plat_drop_app_privileges(&info);
+
+	return 0;
+}
+
+int
+lws_snprintf(char *str, size_t size, const char *format, ...)
+{
+	va_list ap;
+	int n;
+
+	if (!size)
+		return 0;
+
+	va_start(ap, format);
+	n = vsnprintf(str, size, format, ap);
+	va_end(ap);
+
+	if (n >= (int)size)
+		return size;
+
+	return n;
+}
+
+
+LWS_VISIBLE LWS_EXTERN int
+lws_is_cgi(struct lws *wsi) {
+#ifdef LWS_WITH_CGI
+	return !!wsi->cgi;
+#else
+	return 0;
+#endif
+}
+
+
+
+#ifdef LWS_NO_EXTENSIONS
+LWS_EXTERN int
+lws_set_extension_option(struct lws *wsi, const char *ext_name,
+			 const char *opt_name, const char *opt_val)
+{
+	return -1;
+}
+#endif
+
+
+void
+lws_sum_stats(const struct lws_context *ctx, struct lws_conn_stats *cs)
+{
+	const struct lws_vhost *vh = ctx->vhost_list;
+
+	while (vh) {
+
+		cs->rx += vh->conn_stats.rx;
+		cs->tx += vh->conn_stats.tx;
+		cs->h1_conn += vh->conn_stats.h1_conn;
+		cs->h1_trans += vh->conn_stats.h1_trans;
+		cs->h2_trans += vh->conn_stats.h2_trans;
+		cs->ws_upg += vh->conn_stats.ws_upg;
+		cs->h2_upg += vh->conn_stats.h2_upg;
+		cs->h2_alpn += vh->conn_stats.h2_alpn;
+		cs->h2_subs += vh->conn_stats.h2_subs;
+		cs->rejected += vh->conn_stats.rejected;
+
+		vh = vh->vhost_next;
+	}
+}
+
+#ifdef LWS_WITH_SERVER_STATUS
+
+LWS_EXTERN int
+lws_json_dump_vhost(const struct lws_vhost *vh, char *buf, int len)
+{
+	static const char * const prots[] = {
+		"http://",
+		"https://",
+		"file://",
+		"cgi://",
+		">http://",
+		">https://",
+		"callback://"
+	};
+	char *orig = buf, *end = buf + len - 1, first = 1;
+	int n = 0;
+
+	if (len < 100)
+		return 0;
+
+	buf += lws_snprintf(buf, end - buf,
+			"{\n \"name\":\"%s\",\n"
+			" \"port\":\"%d\",\n"
+			" \"use_ssl\":\"%d\",\n"
+			" \"sts\":\"%d\",\n"
+			" \"rx\":\"%llu\",\n"
+			" \"tx\":\"%llu\",\n"
+			" \"h1_conn\":\"%lu\",\n"
+			" \"h1_trans\":\"%lu\",\n"
+			" \"h2_trans\":\"%lu\",\n"
+			" \"ws_upg\":\"%lu\",\n"
+			" \"rejected\":\"%lu\",\n"
+			" \"h2_upg\":\"%lu\",\n"
+			" \"h2_alpn\":\"%lu\",\n"
+			" \"h2_subs\":\"%lu\""
+			,
+			vh->name, vh->listen_port,
+#ifdef LWS_OPENSSL_SUPPORT
+			vh->use_ssl,
+#else
+			0,
+#endif
+			!!(vh->options & LWS_SERVER_OPTION_STS),
+			vh->conn_stats.rx, vh->conn_stats.tx,
+			vh->conn_stats.h1_conn,
+			vh->conn_stats.h1_trans,
+			vh->conn_stats.h2_trans,
+			vh->conn_stats.ws_upg,
+			vh->conn_stats.rejected,
+			vh->conn_stats.h2_upg,
+			vh->conn_stats.h2_alpn,
+			vh->conn_stats.h2_subs
+	);
+
+	if (vh->mount_list) {
+		const struct lws_http_mount *m = vh->mount_list;
+
+		buf += lws_snprintf(buf, end - buf, ",\n \"mounts\":[");
+		while (m) {
+			if (!first)
+				buf += lws_snprintf(buf, end - buf, ",");
+			buf += lws_snprintf(buf, end - buf,
+					"\n  {\n   \"mountpoint\":\"%s\",\n"
+					"  \"origin\":\"%s%s\",\n"
+					"  \"cache_max_age\":\"%d\",\n"
+					"  \"cache_reuse\":\"%d\",\n"
+					"  \"cache_revalidate\":\"%d\",\n"
+					"  \"cache_intermediaries\":\"%d\"\n"
+					,
+					m->mountpoint,
+					prots[m->origin_protocol],
+					m->origin,
+					m->cache_max_age,
+					m->cache_reusable,
+					m->cache_revalidate,
+					m->cache_intermediaries);
+			if (m->def)
+				buf += lws_snprintf(buf, end - buf,
+						",\n  \"default\":\"%s\"",
+						m->def);
+			buf += lws_snprintf(buf, end - buf, "\n  }");
+			first = 0;
+			m = m->mount_next;
+		}
+		buf += lws_snprintf(buf, end - buf, "\n ]");
+	}
+
+	if (vh->protocols) {
+		n = 0;
+		first = 1;
+
+		buf += lws_snprintf(buf, end - buf, ",\n \"ws-protocols\":[");
+		while (n < vh->count_protocols) {
+			if (!first)
+				buf += lws_snprintf(buf, end - buf, ",");
+			buf += lws_snprintf(buf, end - buf,
+					"\n  {\n   \"%s\":{\n"
+					"    \"status\":\"ok\"\n   }\n  }"
+					,
+					vh->protocols[n].name);
+			first = 0;
+			n++;
+		}
+		buf += lws_snprintf(buf, end - buf, "\n ]");
+	}
+
+	buf += lws_snprintf(buf, end - buf, "\n}");
+
+	return buf - orig;
+}
+
+
+LWS_EXTERN LWS_VISIBLE int
+lws_json_dump_context(const struct lws_context *context, char *buf, int len,
+		int hide_vhosts)
+{
+	char *orig = buf, *end = buf + len - 1, first = 1;
+	const struct lws_vhost *vh = context->vhost_list;
+	const struct lws_context_per_thread *pt;
+	time_t t = time(NULL);
+	int n, listening = 0, cgi_count = 0;
+	struct lws_conn_stats cs;
+	double d = 0;
+#ifdef LWS_WITH_CGI
+	struct lws_cgi * const *pcgi;
+#endif
+
+#ifdef LWS_WITH_LIBUV
+	uv_uptime(&d);
+#endif
+
+	buf += lws_snprintf(buf, end - buf, "{ "
+			    "\"version\":\"%s\",\n"
+			    "\"uptime\":\"%ld\",\n",
+			    lws_get_library_version(),
+			    (long)d);
+
+#ifdef LWS_HAVE_GETLOADAVG
+	{
+		double d[3];
+		int m;
+
+		m = getloadavg(d, 3);
+		for (n = 0; n < m; n++) {
+			buf += lws_snprintf(buf, end - buf,
+				"\"l%d\":\"%.2f\",\n",
+				n + 1, d[n]);
+		}
+	}
+#endif
+
+	buf += lws_snprintf(buf, end - buf, "\"contexts\":[\n");
+
+	buf += lws_snprintf(buf, end - buf, "{ "
+				"\"context_uptime\":\"%ld\",\n"
+				"\"cgi_spawned\":\"%d\",\n"
+				"\"pt_fd_max\":\"%d\",\n"
+				"\"ah_pool_max\":\"%d\",\n"
+				"\"deprecated\":\"%d\",\n"
+				"\"wsi_alive\":\"%d\",\n",
+				(unsigned long)(t - context->time_up),
+				context->count_cgi_spawned,
+				context->fd_limit_per_thread,
+				context->max_http_header_pool,
+				context->deprecated,
+				context->count_wsi_allocated);
+
+	buf += lws_snprintf(buf, end - buf, "\"pt\":[\n ");
+	for (n = 0; n < context->count_threads; n++) {
+		pt = &context->pt[n];
+		if (n)
+			buf += lws_snprintf(buf, end - buf, ",");
+		buf += lws_snprintf(buf, end - buf,
+				"\n  {\n"
+				"    \"fds_count\":\"%d\",\n"
+				"    \"ah_pool_inuse\":\"%d\",\n"
+				"    \"ah_wait_list\":\"%d\"\n"
+				"    }",
+				pt->fds_count,
+				pt->ah_count_in_use,
+				pt->ah_wait_list_length);
+	}
+
+	buf += lws_snprintf(buf, end - buf, "]");
+
+	buf += lws_snprintf(buf, end - buf, ", \"vhosts\":[\n ");
+
+	first = 1;
+	vh = context->vhost_list;
+	listening = 0;
+	cs = context->conn_stats;
+	lws_sum_stats(context, &cs);
+	while (vh) {
+
+		if (!hide_vhosts) {
+			if (!first)
+				if(buf != end)
+					*buf++ = ',';
+			buf += lws_json_dump_vhost(vh, buf, end - buf);
+			first = 0;
+		}
+		if (vh->lserv_wsi)
+			listening++;
+		vh = vh->vhost_next;
+	}
+
+	buf += lws_snprintf(buf, end - buf,
+			"],\n\"listen_wsi\":\"%d\",\n"
+			" \"rx\":\"%llu\",\n"
+			" \"tx\":\"%llu\",\n"
+			" \"h1_conn\":\"%lu\",\n"
+			" \"h1_trans\":\"%lu\",\n"
+			" \"h2_trans\":\"%lu\",\n"
+			" \"ws_upg\":\"%lu\",\n"
+			" \"rejected\":\"%lu\",\n"
+			" \"h2_alpn\":\"%lu\",\n"
+			" \"h2_subs\":\"%lu\",\n"
+			" \"h2_upg\":\"%lu\"",
+			listening, cs.rx, cs.tx,
+			cs.h1_conn,
+			cs.h1_trans,
+			cs.h2_trans,
+			cs.ws_upg,
+			cs.rejected,
+			cs.h2_alpn,
+			cs.h2_subs,
+			cs.h2_upg);
+
+#ifdef LWS_WITH_CGI
+	for (n = 0; n < context->count_threads; n++) {
+		pt = &context->pt[n];
+		pcgi = &pt->cgi_list;
+
+		while (*pcgi) {
+			pcgi = &(*pcgi)->cgi_list;
+
+			cgi_count++;
+		}
+	}
+#endif
+	buf += lws_snprintf(buf, end - buf, ",\n \"cgi_alive\":\"%d\"\n ",
+			cgi_count);
+
+	buf += lws_snprintf(buf, end - buf, "}");
+
+
+	buf += lws_snprintf(buf, end - buf, "]}\n ");
+
+	return buf - orig;
+}
+
+#endif
+
+#if defined(LWS_WITH_STATS)
+
+LWS_VISIBLE LWS_EXTERN uint64_t
+lws_stats_get(struct lws_context *context, int index)
+{
+	if (index >= LWSSTATS_SIZE)
+		return 0;
+
+	return context->lws_stats[index];
+}
+
+LWS_VISIBLE LWS_EXTERN void
+lws_stats_log_dump(struct lws_context *context)
+{
+	struct lws_vhost *v = context->vhost_list;
+	int n, m;
+
+	(void)m;
+
+	if (!context->updated)
+		return;
+
+	context->updated = 0;
+
+	lwsl_notice("\n");
+	lwsl_notice("LWS internal statistics dump ----->\n");
+	lwsl_notice("LWSSTATS_C_CONNECTIONS:                     %8llu\n", (unsigned long long)lws_stats_get(context, LWSSTATS_C_CONNECTIONS));
+	lwsl_notice("LWSSTATS_C_API_CLOSE:                       %8llu\n", (unsigned long long)lws_stats_get(context, LWSSTATS_C_API_CLOSE));
+	lwsl_notice("LWSSTATS_C_API_READ:                        %8llu\n", (unsigned long long)lws_stats_get(context, LWSSTATS_C_API_READ));
+	lwsl_notice("LWSSTATS_C_API_LWS_WRITE:                   %8llu\n", (unsigned long long)lws_stats_get(context, LWSSTATS_C_API_LWS_WRITE));
+	lwsl_notice("LWSSTATS_C_API_WRITE:                       %8llu\n", (unsigned long long)lws_stats_get(context, LWSSTATS_C_API_WRITE));
+	lwsl_notice("LWSSTATS_C_WRITE_PARTIALS:                  %8llu\n", (unsigned long long)lws_stats_get(context, LWSSTATS_C_WRITE_PARTIALS));
+	lwsl_notice("LWSSTATS_C_WRITEABLE_CB_REQ:                %8llu\n", (unsigned long long)lws_stats_get(context, LWSSTATS_C_WRITEABLE_CB_REQ));
+	lwsl_notice("LWSSTATS_C_WRITEABLE_CB_EFF_REQ:            %8llu\n", (unsigned long long)lws_stats_get(context, LWSSTATS_C_WRITEABLE_CB_EFF_REQ));
+	lwsl_notice("LWSSTATS_C_WRITEABLE_CB:                    %8llu\n", (unsigned long long)lws_stats_get(context, LWSSTATS_C_WRITEABLE_CB));
+	lwsl_notice("LWSSTATS_C_SSL_CONNECTIONS_ACCEPT_SPIN:     %8llu\n", (unsigned long long)lws_stats_get(context, LWSSTATS_C_SSL_CONNECTIONS_ACCEPT_SPIN));
+	lwsl_notice("LWSSTATS_C_SSL_CONNECTIONS_FAILED:          %8llu\n", (unsigned long long)lws_stats_get(context, LWSSTATS_C_SSL_CONNECTIONS_FAILED));
+	lwsl_notice("LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED:        %8llu\n", (unsigned long long)lws_stats_get(context, LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED));
+	lwsl_notice("LWSSTATS_C_SSL_CONNS_HAD_RX:                %8llu\n", (unsigned long long)lws_stats_get(context, LWSSTATS_C_SSL_CONNS_HAD_RX));
+	lwsl_notice("LWSSTATS_C_PEER_LIMIT_AH_DENIED:            %8llu\n", (unsigned long long)lws_stats_get(context, LWSSTATS_C_PEER_LIMIT_AH_DENIED));
+	lwsl_notice("LWSSTATS_C_PEER_LIMIT_WSI_DENIED:           %8llu\n", (unsigned long long)lws_stats_get(context, LWSSTATS_C_PEER_LIMIT_WSI_DENIED));
+
+	lwsl_notice("LWSSTATS_C_TIMEOUTS:                        %8llu\n", (unsigned long long)lws_stats_get(context, LWSSTATS_C_TIMEOUTS));
+	lwsl_notice("LWSSTATS_C_SERVICE_ENTRY:                   %8llu\n", (unsigned long long)lws_stats_get(context, LWSSTATS_C_SERVICE_ENTRY));
+	lwsl_notice("LWSSTATS_B_READ:                            %8llu\n", (unsigned long long)lws_stats_get(context, LWSSTATS_B_READ));
+	lwsl_notice("LWSSTATS_B_WRITE:                           %8llu\n", (unsigned long long)lws_stats_get(context, LWSSTATS_B_WRITE));
+	lwsl_notice("LWSSTATS_B_PARTIALS_ACCEPTED_PARTS:         %8llu\n", (unsigned long long)lws_stats_get(context, LWSSTATS_B_PARTIALS_ACCEPTED_PARTS));
+	lwsl_notice("LWSSTATS_MS_SSL_CONNECTIONS_ACCEPTED_DELAY: %8llums\n", (unsigned long long)lws_stats_get(context, LWSSTATS_MS_SSL_CONNECTIONS_ACCEPTED_DELAY) / 1000);
+	if (lws_stats_get(context, LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED))
+		lwsl_notice("  Avg accept delay:                         %8llums\n",
+			(unsigned long long)(lws_stats_get(context, LWSSTATS_MS_SSL_CONNECTIONS_ACCEPTED_DELAY) /
+			lws_stats_get(context, LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED)) / 1000);
+	lwsl_notice("LWSSTATS_MS_SSL_RX_DELAY:                   %8llums\n", (unsigned long long)lws_stats_get(context, LWSSTATS_MS_SSL_RX_DELAY) / 1000);
+	if (lws_stats_get(context, LWSSTATS_C_SSL_CONNS_HAD_RX))
+		lwsl_notice("  Avg accept-rx delay:                      %8llums\n",
+			(unsigned long long)(lws_stats_get(context, LWSSTATS_MS_SSL_RX_DELAY) /
+			lws_stats_get(context, LWSSTATS_C_SSL_CONNS_HAD_RX)) / 1000);
+
+	lwsl_notice("LWSSTATS_MS_WRITABLE_DELAY:                 %8lluus\n",
+			(unsigned long long)lws_stats_get(context, LWSSTATS_MS_WRITABLE_DELAY));
+	lwsl_notice("LWSSTATS_MS_WORST_WRITABLE_DELAY:           %8lluus\n",
+				(unsigned long long)lws_stats_get(context, LWSSTATS_MS_WORST_WRITABLE_DELAY));
+	if (lws_stats_get(context, LWSSTATS_C_WRITEABLE_CB))
+		lwsl_notice("  Avg writable delay:                       %8lluus\n",
+			(unsigned long long)(lws_stats_get(context, LWSSTATS_MS_WRITABLE_DELAY) /
+			lws_stats_get(context, LWSSTATS_C_WRITEABLE_CB)));
+	lwsl_notice("Simultaneous SSL restriction:               %8d/%d/%d\n", context->simultaneous_ssl,
+		context->simultaneous_ssl_restriction, context->ssl_gate_accepts);
+
+	lwsl_notice("Live wsi:                                   %8d\n", context->count_wsi_allocated);
+
+	context->updated = 1;
+
+	while (v) {
+		if (v->lserv_wsi) {
+
+			struct lws_context_per_thread *pt = &context->pt[(int)v->lserv_wsi->tsi];
+			struct lws_pollfd *pfd;
+
+			pfd = &pt->fds[v->lserv_wsi->position_in_fds_table];
+
+			lwsl_notice("  Listen port %d actual POLLIN:   %d\n",
+					v->listen_port, (int)pfd->events & LWS_POLLIN);
+		}
+
+		v = v->vhost_next;
+	}
+
+	for (n = 0; n < context->count_threads; n++) {
+		struct lws_context_per_thread *pt = &context->pt[n];
+		struct lws *wl;
+		int m = 0;
+
+		lwsl_notice("PT %d\n", n + 1);
+
+		lws_pt_lock(pt);
+
+		lwsl_notice("  AH in use / max:                  %d / %d\n",
+				pt->ah_count_in_use,
+				context->max_http_header_pool);
+
+		wl = pt->ah_wait_list;
+		while (wl) {
+			m++;
+			wl = wl->u.hdr.ah_wait_list;
+		}
+
+		lwsl_notice("  AH wait list count / actual:      %d / %d\n",
+				pt->ah_wait_list_length, m);
+
+		lws_pt_unlock(pt);
+	}
+
+#if defined(LWS_WITH_PEER_LIMITS)
+	m = 0;
+	for (n = 0; n < (int)context->pl_hash_elements; n++) {
+		lws_start_foreach_llp(struct lws_peer **, peer,
+				      context->pl_hash_table[n]) {
+			m++;
+		} lws_end_foreach_llp(peer, next);
+	}
+
+	lwsl_notice(" Peers: total active %d\n", m);
+	if (m > 10) {
+		m = 10;
+		lwsl_notice("  (showing 10 peers only)\n");
+	}
+
+	if (m) {
+		for (n = 0; n < (int)context->pl_hash_elements; n++) {
+			char buf[72];
+
+			lws_start_foreach_llp(struct lws_peer **, peer, context->pl_hash_table[n]) {
+				struct lws_peer *df = *peer;
+
+				if (!lws_plat_inet_ntop(df->af, df->addr, buf,
+							sizeof(buf) - 1))
+					strcpy(buf, "unknown");
+
+				lwsl_notice("  peer %s: count wsi: %d, count ah: %d\n",
+					    buf, df->count_wsi, df->count_ah);
+
+				if (!--m)
+					break;
+			} lws_end_foreach_llp(peer, next);
+		}
+	}
+#endif
+
+	lwsl_notice("\n");
+}
+
+void
+lws_stats_atomic_bump(struct lws_context * context,
+		struct lws_context_per_thread *pt, int index, uint64_t bump)
+{
+	lws_pt_lock(pt);
+	context->lws_stats[index] += bump;
+	if (index != LWSSTATS_C_SERVICE_ENTRY)
+		context->updated = 1;
+	lws_pt_unlock(pt);
+}
+
+void
+lws_stats_atomic_max(struct lws_context * context,
+		struct lws_context_per_thread *pt, int index, uint64_t val)
+{
+	lws_pt_lock(pt);
+	if (val > context->lws_stats[index]) {
+		context->lws_stats[index] = val;
+		context->updated = 1;
+	}
+	lws_pt_unlock(pt);
+}
+
+#endif
+
diff --git a/thirdparty/lws/libwebsockets.h b/thirdparty/lws/libwebsockets.h
new file mode 100644
index 0000000000..ef996c5d78
--- /dev/null
+++ b/thirdparty/lws/libwebsockets.h
@@ -0,0 +1,5790 @@
+/*
+ * libwebsockets - small server side websockets and web server implementation
+ *
+ * Copyright (C) 2010-2016 Andy Green <andy@warmcat.com>
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation:
+ *  version 2.1 of the License.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA  02110-1301  USA
+ */
+
+/** @file */
+
+#ifndef LIBWEBSOCKET_H_3060898B846849FF9F88F5DB59B5950C
+#define LIBWEBSOCKET_H_3060898B846849FF9F88F5DB59B5950C
+
+#ifdef __cplusplus
+#include <cstddef>
+#include <cstdarg>
+#
+extern "C" {
+#else
+#include <stdarg.h>
+#endif
+
+#include "lws_config.h"
+
+/*
+ * CARE: everything using cmake defines needs to be below here
+ */
+
+#if defined(LWS_WITH_ESP8266)
+struct sockaddr_in;
+#define LWS_POSIX 0
+#else
+#define LWS_POSIX 1
+#endif
+
+#if defined(LWS_HAS_INTPTR_T)
+#include <stdint.h>
+#define lws_intptr_t intptr_t
+#else
+typedef unsigned long long lws_intptr_t;
+#endif
+
+#if defined(WIN32) || defined(_WIN32)
+#ifndef WIN32_LEAN_AND_MEAN
+#define WIN32_LEAN_AND_MEAN
+#endif
+
+#include <winsock2.h>
+#include <ws2tcpip.h>
+#include <stddef.h>
+#include <basetsd.h>
+#ifndef _WIN32_WCE
+#include <fcntl.h>
+#else
+#define _O_RDONLY	0x0000
+#define O_RDONLY	_O_RDONLY
+#endif
+
+// Visual studio older than 2015 and WIN_CE has only _stricmp
+#if (defined(_MSC_VER) && _MSC_VER < 1900) || defined(_WIN32_WCE)
+#define strcasecmp _stricmp
+#elif !defined(__MINGW32__)
+#define strcasecmp stricmp
+#endif
+#define getdtablesize() 30000
+
+#define LWS_INLINE __inline
+#define LWS_VISIBLE
+#define LWS_WARN_UNUSED_RESULT
+#define LWS_WARN_DEPRECATED
+#define LWS_FORMAT(string_index)
+
+#ifdef LWS_DLL
+#ifdef LWS_INTERNAL
+#define LWS_EXTERN extern __declspec(dllexport)
+#else
+#define LWS_EXTERN extern __declspec(dllimport)
+#endif
+#else
+#define LWS_EXTERN
+#endif
+
+#define LWS_INVALID_FILE INVALID_HANDLE_VALUE
+#define LWS_O_RDONLY _O_RDONLY
+#define LWS_O_WRONLY _O_WRONLY
+#define LWS_O_CREAT _O_CREAT
+#define LWS_O_TRUNC _O_TRUNC
+
+#if !defined(__MINGW32__) && (!defined(_MSC_VER) || _MSC_VER < 1900) /* Visual Studio 2015 already defines this in <stdio.h> */
+#define lws_snprintf _snprintf
+#endif
+
+#ifndef __func__
+#define __func__ __FUNCTION__
+#endif
+
+#if !defined(__MINGW32__) &&(!defined(_MSC_VER) || _MSC_VER < 1900) && !defined(snprintf)
+#define snprintf(buf,len, format,...) _snprintf_s(buf, len,len, format, __VA_ARGS__)
+#endif
+
+#else /* NOT WIN32 */
+#include <unistd.h>
+#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP)
+#include <sys/capability.h>
+#endif
+
+#if defined(__NetBSD__) || defined(__FreeBSD__)
+#include <netinet/in.h>
+#endif
+
+#define LWS_INLINE inline
+#define LWS_O_RDONLY O_RDONLY
+#define LWS_O_WRONLY O_WRONLY
+#define LWS_O_CREAT O_CREAT
+#define LWS_O_TRUNC O_TRUNC
+
+#if !defined(LWS_WITH_ESP8266) && !defined(OPTEE_TA) && !defined(LWS_WITH_ESP32)
+#include <poll.h>
+#include <netdb.h>
+#define LWS_INVALID_FILE -1
+#else
+#define getdtablesize() (30)
+#if defined(LWS_WITH_ESP32)
+#define LWS_INVALID_FILE NULL
+#else
+#define LWS_INVALID_FILE NULL
+#endif
+#endif
+
+#if defined(__GNUC__)
+
+/* warn_unused_result attribute only supported by GCC 3.4 or later */
+#if __GNUC__ >= 4 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 4)
+#define LWS_WARN_UNUSED_RESULT __attribute__((warn_unused_result))
+#else
+#define LWS_WARN_UNUSED_RESULT
+#endif
+
+#define LWS_VISIBLE __attribute__((visibility("default")))
+#define LWS_WARN_DEPRECATED __attribute__ ((deprecated))
+#define LWS_FORMAT(string_index) __attribute__ ((format(printf, string_index, string_index+1)))
+#else
+#define LWS_VISIBLE
+#define LWS_WARN_UNUSED_RESULT
+#define LWS_WARN_DEPRECATED
+#define LWS_FORMAT(string_index)
+#endif
+
+#if defined(__ANDROID__)
+#include <unistd.h>
+#define getdtablesize() sysconf(_SC_OPEN_MAX)
+#endif
+
+#endif
+
+#ifdef LWS_WITH_LIBEV
+#include <ev.h>
+#endif /* LWS_WITH_LIBEV */
+#ifdef LWS_WITH_LIBUV
+#include <uv.h>
+#ifdef LWS_HAVE_UV_VERSION_H
+#include <uv-version.h>
+#endif
+#endif /* LWS_WITH_LIBUV */
+#ifdef LWS_WITH_LIBEVENT
+#include <event2/event.h>
+#endif /* LWS_WITH_LIBEVENT */
+
+#ifndef LWS_EXTERN
+#define LWS_EXTERN extern
+#endif
+
+#ifdef _WIN32
+#define random rand
+#else
+#if !defined(OPTEE_TA)
+#include <sys/time.h>
+#include <unistd.h>
+#endif
+#endif
+
+#ifdef LWS_OPENSSL_SUPPORT
+
+#ifdef USE_WOLFSSL
+#ifdef USE_OLD_CYASSL
+#include <cyassl/openssl/ssl.h>
+#include <cyassl/error-ssl.h>
+#else
+#include <wolfssl/openssl/ssl.h>
+#include <wolfssl/error-ssl.h>
+#endif /* not USE_OLD_CYASSL */
+#else
+#if defined(LWS_WITH_MBEDTLS)
+#if defined(LWS_WITH_ESP32)
+/* this filepath is passed to us but without quotes or <> */
+#undef MBEDTLS_CONFIG_FILE
+#define MBEDTLS_CONFIG_FILE <mbedtls/esp_config.h>
+#endif
+#include <mbedtls/ssl.h>
+#endif
+#include <openssl/ssl.h>
+#if !defined(LWS_WITH_MBEDTLS)
+#include <openssl/err.h>
+#endif
+#endif /* not USE_WOLFSSL */
+#endif
+
+
+#define CONTEXT_PORT_NO_LISTEN -1
+#define CONTEXT_PORT_NO_LISTEN_SERVER -2
+
+/** \defgroup log Logging
+ *
+ * ##Logging
+ *
+ * Lws provides flexible and filterable logging facilities, which can be
+ * used inside lws and in user code.
+ *
+ * Log categories may be individually filtered bitwise, and directed to built-in
+ * sinks for syslog-compatible logging, or a user-defined function.
+ */
+///@{
+
+enum lws_log_levels {
+	LLL_ERR = 1 << 0,
+	LLL_WARN = 1 << 1,
+	LLL_NOTICE = 1 << 2,
+	LLL_INFO = 1 << 3,
+	LLL_DEBUG = 1 << 4,
+	LLL_PARSER = 1 << 5,
+	LLL_HEADER = 1 << 6,
+	LLL_EXT = 1 << 7,
+	LLL_CLIENT = 1 << 8,
+	LLL_LATENCY = 1 << 9,
+	LLL_USER = 1 << 10,
+
+	LLL_COUNT = 11 /* set to count of valid flags */
+};
+
+LWS_VISIBLE LWS_EXTERN void _lws_log(int filter, const char *format, ...) LWS_FORMAT(2);
+LWS_VISIBLE LWS_EXTERN void _lws_logv(int filter, const char *format, va_list vl);
+/**
+ * lwsl_timestamp: generate logging timestamp string
+ *
+ * \param level:	logging level
+ * \param p:		char * buffer to take timestamp
+ * \param len:	length of p
+ *
+ * returns length written in p
+ */
+LWS_VISIBLE LWS_EXTERN int
+lwsl_timestamp(int level, char *p, int len);
+
+/* these guys are unconditionally included */
+
+#define lwsl_err(...) _lws_log(LLL_ERR, __VA_ARGS__)
+#define lwsl_user(...) _lws_log(LLL_USER, __VA_ARGS__)
+
+#if !defined(LWS_WITH_NO_LOGS)
+/* notice and warn are usually included by being compiled in */
+#define lwsl_warn(...) _lws_log(LLL_WARN, __VA_ARGS__)
+#define lwsl_notice(...) _lws_log(LLL_NOTICE, __VA_ARGS__)
+#endif
+/*
+ *  weaker logging can be deselected by telling CMake to build in RELEASE mode
+ *  that gets rid of the overhead of checking while keeping _warn and _err
+ *  active
+ */
+
+#if defined(LWS_WITH_ESP8266)
+#undef _DEBUG
+#endif
+
+#ifdef _DEBUG
+#if defined(LWS_WITH_NO_LOGS)
+/* notice, warn and log are always compiled in */
+#define lwsl_warn(...) _lws_log(LLL_WARN, __VA_ARGS__)
+#define lwsl_notice(...) _lws_log(LLL_NOTICE, __VA_ARGS__)
+#endif
+#define lwsl_info(...) _lws_log(LLL_INFO, __VA_ARGS__)
+#define lwsl_debug(...) _lws_log(LLL_DEBUG, __VA_ARGS__)
+#define lwsl_parser(...) _lws_log(LLL_PARSER, __VA_ARGS__)
+#define lwsl_header(...)  _lws_log(LLL_HEADER, __VA_ARGS__)
+#define lwsl_ext(...)  _lws_log(LLL_EXT, __VA_ARGS__)
+#define lwsl_client(...) _lws_log(LLL_CLIENT, __VA_ARGS__)
+#define lwsl_latency(...) _lws_log(LLL_LATENCY, __VA_ARGS__)
+
+#else /* no debug */
+#if defined(LWS_WITH_NO_LOGS)
+#define lwsl_warn(...) do {} while(0)
+#define lwsl_notice(...) do {} while(0)
+#endif
+#define lwsl_info(...) do {} while(0)
+#define lwsl_debug(...) do {} while(0)
+#define lwsl_parser(...) do {} while(0)
+#define lwsl_header(...) do {} while(0)
+#define lwsl_ext(...) do {} while(0)
+#define lwsl_client(...) do {} while(0)
+#define lwsl_latency(...) do {} while(0)
+
+#endif
+
+/**
+ * lwsl_hexdump() - helper to hexdump a buffer
+ *
+ * \param level: one of LLL_ constants
+ * \param buf: buffer start to dump
+ * \param len: length of buffer to dump
+ *
+ * If \p level is visible, does a nice hexdump -C style dump of \p buf for
+ * \p len bytes.  This can be extremely convenient while debugging.
+ */
+LWS_VISIBLE LWS_EXTERN void
+lwsl_hexdump_level(int level, const void *vbuf, size_t len);
+
+/**
+ * lwsl_hexdump() - helper to hexdump a buffer (DEBUG builds only)
+ *
+ * \param buf: buffer start to dump
+ * \param len: length of buffer to dump
+ *
+ * Calls through to lwsl_hexdump_level(LLL_DEBUG, ... for compatability.
+ * It's better to use lwsl_hexdump_level(level, ... directly so you can control
+ * the visibility.
+ */
+LWS_VISIBLE LWS_EXTERN void
+lwsl_hexdump(const void *buf, size_t len);
+
+/**
+ * lws_is_be() - returns nonzero if the platform is Big Endian
+ */
+static LWS_INLINE int lws_is_be(void) {
+	const int probe = ~0xff;
+
+	return *(const char *)&probe;
+}
+
+/**
+ * lws_set_log_level() - Set the logging bitfield
+ * \param level:	OR together the LLL_ debug contexts you want output from
+ * \param log_emit_function:	NULL to leave it as it is, or a user-supplied
+ *			function to perform log string emission instead of
+ *			the default stderr one.
+ *
+ *	log level defaults to "err", "warn" and "notice" contexts enabled and
+ *	emission on stderr.  If stderr is a tty (according to isatty()) then
+ *	the output is coloured according to the log level using ANSI escapes.
+ */
+LWS_VISIBLE LWS_EXTERN void
+lws_set_log_level(int level,
+		  void (*log_emit_function)(int level, const char *line));
+
+/**
+ * lwsl_emit_syslog() - helper log emit function writes to system log
+ *
+ * \param level: one of LLL_ log level indexes
+ * \param line: log string
+ *
+ * You use this by passing the function pointer to lws_set_log_level(), to set
+ * it as the log emit function, it is not called directly.
+ */
+LWS_VISIBLE LWS_EXTERN void
+lwsl_emit_syslog(int level, const char *line);
+
+/**
+ * lwsl_visible() - returns true if the log level should be printed
+ *
+ * \param level: one of LLL_ log level indexes
+ *
+ * This is useful if you have to do work to generate the log content, you
+ * can skip the work if the log level used to print it is not actually
+ * enabled at runtime.
+ */
+LWS_VISIBLE LWS_EXTERN int
+lwsl_visible(int level);
+
+///@}
+
+
+#include <stddef.h>
+
+#ifndef lws_container_of
+#define lws_container_of(P,T,M)	((T *)((char *)(P) - offsetof(T, M)))
+#endif
+
+
+struct lws;
+#ifndef ARRAY_SIZE
+#define ARRAY_SIZE(x) (sizeof(x) / sizeof(x[0]))
+#endif
+
+/* api change list for user code to test against */
+
+#define LWS_FEATURE_SERVE_HTTP_FILE_HAS_OTHER_HEADERS_ARG
+
+/* the struct lws_protocols has the id field present */
+#define LWS_FEATURE_PROTOCOLS_HAS_ID_FIELD
+
+/* you can call lws_get_peer_write_allowance */
+#define LWS_FEATURE_PROTOCOLS_HAS_PEER_WRITE_ALLOWANCE
+
+/* extra parameter introduced in 917f43ab821 */
+#define LWS_FEATURE_SERVE_HTTP_FILE_HAS_OTHER_HEADERS_LEN
+
+/* File operations stuff exists */
+#define LWS_FEATURE_FOPS
+
+
+#if defined(_WIN32)
+typedef SOCKET lws_sockfd_type;
+typedef HANDLE lws_filefd_type;
+#define lws_sockfd_valid(sfd) (!!sfd)
+struct lws_pollfd {
+	lws_sockfd_type fd; /**< file descriptor */
+	SHORT events; /**< which events to respond to */
+	SHORT revents; /**< which events happened */
+};
+#define LWS_POLLHUP (FD_CLOSE)
+#define LWS_POLLIN (FD_READ | FD_ACCEPT)
+#define LWS_POLLOUT (FD_WRITE)
+#else
+
+
+#if defined(LWS_WITH_ESP8266)
+
+#include <user_interface.h>
+#include <espconn.h>
+
+typedef struct espconn * lws_sockfd_type;
+typedef void * lws_filefd_type;
+#define lws_sockfd_valid(sfd) (!!sfd)
+struct pollfd {
+	lws_sockfd_type fd; /**< fd related to */
+	short events; /**< which POLL... events to respond to */
+	short revents; /**< which POLL... events occurred */
+};
+#define POLLIN		0x0001
+#define POLLPRI		0x0002
+#define POLLOUT		0x0004
+#define POLLERR		0x0008
+#define POLLHUP		0x0010
+#define POLLNVAL	0x0020
+
+struct lws_vhost;
+
+lws_sockfd_type esp8266_create_tcp_listen_socket(struct lws_vhost *vh);
+void esp8266_tcp_stream_accept(lws_sockfd_type fd, struct lws *wsi);
+
+#include <os_type.h>
+#include <osapi.h>
+#include "ets_sys.h"
+
+int ets_snprintf(char *str, size_t size, const char *format, ...) LWS_FORMAT(3);
+#define snprintf  ets_snprintf
+
+typedef os_timer_t uv_timer_t;
+typedef void uv_cb_t(uv_timer_t *);
+
+void os_timer_disarm(void *);
+void os_timer_setfn(os_timer_t *, os_timer_func_t *, void *);
+
+void ets_timer_arm_new(os_timer_t *, int, int, int);
+
+//void os_timer_arm(os_timer_t *, int, int);
+
+#define UV_VERSION_MAJOR 1
+
+#define lws_uv_getloop(a, b) (NULL)
+
+static inline void uv_timer_init(void *l, uv_timer_t *t)
+{
+	(void)l;
+	memset(t, 0, sizeof(*t));
+	os_timer_disarm(t);
+}
+
+static inline void uv_timer_start(uv_timer_t *t, uv_cb_t *cb, int first, int rep)
+{
+	os_timer_setfn(t, (os_timer_func_t *)cb, t);
+	/* ms, repeat */
+	os_timer_arm(t, first, !!rep);
+}
+
+static inline void uv_timer_stop(uv_timer_t *t)
+{
+	os_timer_disarm(t);
+}
+
+#else
+#if defined(LWS_WITH_ESP32)
+
+typedef int lws_sockfd_type;
+typedef int lws_filefd_type;
+#define lws_sockfd_valid(sfd) (sfd >= 0)
+struct pollfd {
+	lws_sockfd_type fd; /**< fd related to */
+	short events; /**< which POLL... events to respond to */
+	short revents; /**< which POLL... events occurred */
+};
+#define POLLIN		0x0001
+#define POLLPRI		0x0002
+#define POLLOUT		0x0004
+#define POLLERR		0x0008
+#define POLLHUP		0x0010
+#define POLLNVAL	0x0020
+
+#include <freertos/FreeRTOS.h>
+#include <freertos/event_groups.h>
+#include <string.h>
+#include "esp_wifi.h"
+#include "esp_system.h"
+#include "esp_event.h"
+#include "esp_event_loop.h"
+#include "nvs.h"
+#include "driver/gpio.h"
+#include "esp_spi_flash.h"
+#include "freertos/timers.h"
+
+#if !defined(CONFIG_FREERTOS_HZ)
+#define CONFIG_FREERTOS_HZ 100
+#endif
+
+typedef TimerHandle_t uv_timer_t;
+typedef void uv_cb_t(uv_timer_t *);
+typedef void * uv_handle_t;
+
+struct timer_mapping {
+	uv_cb_t *cb;
+	uv_timer_t *t;
+};
+
+#define UV_VERSION_MAJOR 1
+
+#define lws_uv_getloop(a, b) (NULL)
+
+static inline void uv_timer_init(void *l, uv_timer_t *t)
+{
+	(void)l;
+	*t = NULL;
+}
+
+extern void esp32_uvtimer_cb(TimerHandle_t t);
+
+static inline void uv_timer_start(uv_timer_t *t, uv_cb_t *cb, int first, int rep)
+{
+	struct timer_mapping *tm = (struct timer_mapping *)malloc(sizeof(*tm));
+
+	if (!tm)
+		return;
+
+	tm->t = t;
+	tm->cb = cb;
+
+	*t = xTimerCreate("x", pdMS_TO_TICKS(first), !!rep, tm,
+			  (TimerCallbackFunction_t)esp32_uvtimer_cb);
+	xTimerStart(*t, 0);
+}
+
+static inline void uv_timer_stop(uv_timer_t *t)
+{
+	xTimerStop(*t, 0);
+}
+
+static inline void uv_close(uv_handle_t *h, void *v)
+{
+	free(pvTimerGetTimerID((uv_timer_t)h));
+	xTimerDelete(*(uv_timer_t *)h, 0);
+}
+
+/* ESP32 helper declarations */
+
+#include <mdns.h>
+#include <esp_partition.h>
+
+#define LWS_PLUGIN_STATIC
+#define LWS_MAGIC_REBOOT_TYPE_ADS 0x50001ffc
+#define LWS_MAGIC_REBOOT_TYPE_REQ_FACTORY 0xb00bcafe
+#define LWS_MAGIC_REBOOT_TYPE_FORCED_FACTORY 0xfaceb00b
+#define LWS_MAGIC_REBOOT_TYPE_FORCED_FACTORY_BUTTON 0xf0cedfac
+
+
+/* user code provides these */
+
+extern void
+lws_esp32_identify_physical_device(void);
+
+/* lws-plat-esp32 provides these */
+
+typedef void (*lws_cb_scan_done)(uint16_t count, wifi_ap_record_t *recs, void *arg);
+
+enum genled_state {
+	LWSESP32_GENLED__INIT,
+	LWSESP32_GENLED__LOST_NETWORK,
+	LWSESP32_GENLED__NO_NETWORK,
+	LWSESP32_GENLED__CONN_AP,
+	LWSESP32_GENLED__GOT_IP,
+	LWSESP32_GENLED__OK,
+};
+
+struct lws_group_member {
+	struct lws_group_member *next;
+	uint64_t last_seen;
+	char model[16];
+	char role[16];
+	char host[32];
+	char mac[20];
+	int width, height;
+	struct ip4_addr addr;
+	struct ip6_addr addrv6;
+	uint8_t	flags;
+};
+
+#define LWS_SYSTEM_GROUP_MEMBER_ADD		1
+#define LWS_SYSTEM_GROUP_MEMBER_CHANGE		2
+#define LWS_SYSTEM_GROUP_MEMBER_REMOVE		3
+
+#define LWS_GROUP_FLAG_SELF 1
+
+struct lws_esp32 {
+	char sta_ip[16];
+	char sta_mask[16];
+	char sta_gw[16];
+	char serial[16];
+	char opts[16];
+	char model[16];
+	char group[16];
+	char role[16];
+	char ssid[4][16];
+	char password[4][32];
+	char active_ssid[32];
+	char access_pw[16];
+	char hostname[32];
+	char mac[20];
+	mdns_server_t *mdns;
+       	char region;
+       	char inet;
+	char conn_ap;
+
+	enum genled_state genled;
+	uint64_t genled_t;
+
+	lws_cb_scan_done scan_consumer;
+	void *scan_consumer_arg;
+	struct lws_group_member *first;
+	int extant_group_members;
+};
+
+struct lws_esp32_image {
+	uint32_t romfs;
+	uint32_t romfs_len;
+	uint32_t json;
+	uint32_t json_len;
+};
+
+extern struct lws_esp32 lws_esp32;
+struct lws_vhost;
+
+extern esp_err_t
+lws_esp32_event_passthru(void *ctx, system_event_t *event);
+extern void
+lws_esp32_wlan_config(void);
+extern void
+lws_esp32_wlan_start_ap(void);
+extern void
+lws_esp32_wlan_start_station(void);
+struct lws_context_creation_info;
+extern void
+lws_esp32_set_creation_defaults(struct lws_context_creation_info *info);
+extern struct lws_context *
+lws_esp32_init(struct lws_context_creation_info *, struct lws_vhost **pvh);
+extern int
+lws_esp32_wlan_nvs_get(int retry);
+extern esp_err_t
+lws_nvs_set_str(nvs_handle handle, const char* key, const char* value);
+extern void
+lws_esp32_restart_guided(uint32_t type);
+extern const esp_partition_t *
+lws_esp_ota_get_boot_partition(void);
+extern int
+lws_esp32_get_image_info(const esp_partition_t *part, struct lws_esp32_image *i, char *json, int json_len);
+extern int
+lws_esp32_leds_network_indication(void);
+
+extern uint32_t lws_esp32_get_reboot_type(void);
+extern uint16_t lws_esp32_sine_interp(int n);
+
+/* required in external code by esp32 plat (may just return if no leds) */
+extern void lws_esp32_leds_timer_cb(TimerHandle_t th);
+#else
+typedef int lws_sockfd_type;
+typedef int lws_filefd_type;
+#define lws_sockfd_valid(sfd) (sfd >= 0)
+#endif
+#endif
+
+#define lws_pollfd pollfd
+#define LWS_POLLHUP (POLLHUP|POLLERR)
+#define LWS_POLLIN (POLLIN)
+#define LWS_POLLOUT (POLLOUT)
+#endif
+
+
+#if (defined(WIN32) || defined(_WIN32)) && !defined(__MINGW32__)
+/* ... */
+#define ssize_t SSIZE_T
+#endif
+
+#if defined(WIN32) && defined(LWS_HAVE__STAT32I64)
+#include <sys/types.h>
+#include <sys/stat.h>
+#endif
+
+#if defined(LWS_HAVE_STDINT_H)
+#include <stdint.h>
+#else
+#if defined(WIN32) || defined(_WIN32)
+/* !!! >:-[  */
+typedef unsigned __int32 uint32_t;
+typedef unsigned __int16 uint16_t;
+typedef unsigned __int8 uint8_t;
+#else
+typedef unsigned int uint32_t;
+typedef unsigned short uint16_t;
+typedef unsigned char uint8_t;
+#endif
+#endif
+
+typedef unsigned long long lws_filepos_t;
+typedef long long lws_fileofs_t;
+typedef uint32_t lws_fop_flags_t;
+
+/** struct lws_pollargs - argument structure for all external poll related calls
+ * passed in via 'in' */
+struct lws_pollargs {
+	lws_sockfd_type fd;	/**< applicable socket descriptor */
+	int events;		/**< the new event mask */
+	int prev_events;	/**< the previous event mask */
+};
+
+struct lws_tokens;
+struct lws_token_limits;
+
+/*! \defgroup wsclose Websocket Close
+ *
+ * ##Websocket close frame control
+ *
+ * When we close a ws connection, we can send a reason code and a short
+ * UTF-8 description back with the close packet.
+ */
+///@{
+
+/*
+ * NOTE: These public enums are part of the abi.  If you want to add one,
+ * add it at where specified so existing users are unaffected.
+ */
+/** enum lws_close_status - RFC6455 close status codes */
+enum lws_close_status {
+	LWS_CLOSE_STATUS_NOSTATUS				=    0,
+	LWS_CLOSE_STATUS_NORMAL					= 1000,
+	/**< 1000 indicates a normal closure, meaning that the purpose for
+      which the connection was established has been fulfilled. */
+	LWS_CLOSE_STATUS_GOINGAWAY				= 1001,
+	/**< 1001 indicates that an endpoint is "going away", such as a server
+      going down or a browser having navigated away from a page. */
+	LWS_CLOSE_STATUS_PROTOCOL_ERR				= 1002,
+	/**< 1002 indicates that an endpoint is terminating the connection due
+      to a protocol error. */
+	LWS_CLOSE_STATUS_UNACCEPTABLE_OPCODE			= 1003,
+	/**< 1003 indicates that an endpoint is terminating the connection
+      because it has received a type of data it cannot accept (e.g., an
+      endpoint that understands only text data MAY send this if it
+      receives a binary message). */
+	LWS_CLOSE_STATUS_RESERVED				= 1004,
+	/**< Reserved.  The specific meaning might be defined in the future. */
+	LWS_CLOSE_STATUS_NO_STATUS				= 1005,
+	/**< 1005 is a reserved value and MUST NOT be set as a status code in a
+      Close control frame by an endpoint.  It is designated for use in
+      applications expecting a status code to indicate that no status
+      code was actually present. */
+	LWS_CLOSE_STATUS_ABNORMAL_CLOSE				= 1006,
+	/**< 1006 is a reserved value and MUST NOT be set as a status code in a
+      Close control frame by an endpoint.  It is designated for use in
+      applications expecting a status code to indicate that the
+      connection was closed abnormally, e.g., without sending or
+      receiving a Close control frame. */
+	LWS_CLOSE_STATUS_INVALID_PAYLOAD			= 1007,
+	/**< 1007 indicates that an endpoint is terminating the connection
+      because it has received data within a message that was not
+      consistent with the type of the message (e.g., non-UTF-8 [RFC3629]
+      data within a text message). */
+	LWS_CLOSE_STATUS_POLICY_VIOLATION			= 1008,
+	/**< 1008 indicates that an endpoint is terminating the connection
+      because it has received a message that violates its policy.  This
+      is a generic status code that can be returned when there is no
+      other more suitable status code (e.g., 1003 or 1009) or if there
+      is a need to hide specific details about the policy. */
+	LWS_CLOSE_STATUS_MESSAGE_TOO_LARGE			= 1009,
+	/**< 1009 indicates that an endpoint is terminating the connection
+      because it has received a message that is too big for it to
+      process. */
+	LWS_CLOSE_STATUS_EXTENSION_REQUIRED			= 1010,
+	/**< 1010 indicates that an endpoint (client) is terminating the
+      connection because it has expected the server to negotiate one or
+      more extension, but the server didn't return them in the response
+      message of the WebSocket handshake.  The list of extensions that
+      are needed SHOULD appear in the /reason/ part of the Close frame.
+      Note that this status code is not used by the server, because it
+      can fail the WebSocket handshake instead */
+	LWS_CLOSE_STATUS_UNEXPECTED_CONDITION			= 1011,
+	/**< 1011 indicates that a server is terminating the connection because
+      it encountered an unexpected condition that prevented it from
+      fulfilling the request. */
+	LWS_CLOSE_STATUS_TLS_FAILURE				= 1015,
+	/**< 1015 is a reserved value and MUST NOT be set as a status code in a
+      Close control frame by an endpoint.  It is designated for use in
+      applications expecting a status code to indicate that the
+      connection was closed due to a failure to perform a TLS handshake
+      (e.g., the server certificate can't be verified). */
+
+	/****** add new things just above ---^ ******/
+
+	LWS_CLOSE_STATUS_NOSTATUS_CONTEXT_DESTROY		= 9999,
+};
+
+/**
+ * lws_close_reason - Set reason and aux data to send with Close packet
+ *		If you are going to return nonzero from the callback
+ *		requesting the connection to close, you can optionally
+ *		call this to set the reason the peer will be told if
+ *		possible.
+ *
+ * \param wsi:	The websocket connection to set the close reason on
+ * \param status:	A valid close status from websocket standard
+ * \param buf:	NULL or buffer containing up to 124 bytes of auxiliary data
+ * \param len:	Length of data in \param buf to send
+ */
+LWS_VISIBLE LWS_EXTERN void
+lws_close_reason(struct lws *wsi, enum lws_close_status status,
+		 unsigned char *buf, size_t len);
+
+///@}
+
+struct lws;
+struct lws_context;
+/* needed even with extensions disabled for create context */
+struct lws_extension;
+
+/*! \defgroup lwsmeta lws-meta
+ *
+ * ##lws-meta protocol
+ *
+ * The protocol wraps other muxed connections inside one tcp connection.
+ *
+ * Commands are assigned from 0x41 up (so they are valid unicode)
+ */
+///@{
+
+enum lws_meta_commands {
+	LWS_META_CMD_OPEN_SUBCHANNEL = 'A',
+	/**< Client requests to open new subchannel
+	 */
+	LWS_META_CMD_OPEN_RESULT,
+	/**< Result of client request to open new subchannel */
+	LWS_META_CMD_CLOSE_NOTIFY,
+	/**< Notification of subchannel closure */
+	LWS_META_CMD_CLOSE_RQ,
+	/**< client requests to close a subchannel */
+	LWS_META_CMD_WRITE,
+	/**< connection writes something to specific channel index */
+
+	/****** add new things just above ---^ ******/
+};
+
+/* channel numbers are transported offset by 0x20 so they are valid unicode */
+
+#define LWS_META_TRANSPORT_OFFSET 0x20
+
+///@}
+
+/*! \defgroup usercb User Callback
+ *
+ * ##User protocol callback
+ *
+ * The protocol callback is the primary way lws interacts with
+ * user code.  For one of a list of a few dozen reasons the callback gets
+ * called at some event to be handled.
+ *
+ * All of the events can be ignored, returning 0 is taken as "OK" and returning
+ * nonzero in most cases indicates that the connection should be closed.
+ */
+///@{
+
+struct lws_ssl_info {
+	int where;
+	int ret;
+};
+
+/*
+ * NOTE: These public enums are part of the abi.  If you want to add one,
+ * add it at where specified so existing users are unaffected.
+ */
+/** enum lws_callback_reasons - reason you're getting a protocol callback */
+enum lws_callback_reasons {
+	LWS_CALLBACK_ESTABLISHED				=  0,
+	/**< (VH) after the server completes a handshake with an incoming
+	 * client.  If you built the library with ssl support, in is a
+	 * pointer to the ssl struct associated with the connection or NULL.*/
+	LWS_CALLBACK_CLIENT_CONNECTION_ERROR			=  1,
+	/**< the request client connection has been unable to complete a
+	 * handshake with the remote server.  If in is non-NULL, you can
+	 * find an error string of length len where it points to
+	 *
+	 * Diagnostic strings that may be returned include
+	 *
+	 *     	"getaddrinfo (ipv6) failed"
+	 *     	"unknown address family"
+	 *     	"getaddrinfo (ipv4) failed"
+	 *     	"set socket opts failed"
+	 *     	"insert wsi failed"
+	 *     	"lws_ssl_client_connect1 failed"
+	 *     	"lws_ssl_client_connect2 failed"
+	 *     	"Peer hung up"
+	 *     	"read failed"
+	 *     	"HS: URI missing"
+	 *     	"HS: Redirect code but no Location"
+	 *     	"HS: URI did not parse"
+	 *     	"HS: Redirect failed"
+	 *     	"HS: Server did not return 200"
+	 *     	"HS: OOM"
+	 *     	"HS: disallowed by client filter"
+	 *     	"HS: disallowed at ESTABLISHED"
+	 *     	"HS: ACCEPT missing"
+	 *     	"HS: ws upgrade response not 101"
+	 *     	"HS: UPGRADE missing"
+	 *     	"HS: Upgrade to something other than websocket"
+	 *     	"HS: CONNECTION missing"
+	 *     	"HS: UPGRADE malformed"
+	 *     	"HS: PROTOCOL malformed"
+	 *     	"HS: Cannot match protocol"
+	 *     	"HS: EXT: list too big"
+	 *     	"HS: EXT: failed setting defaults"
+	 *     	"HS: EXT: failed parsing defaults"
+	 *     	"HS: EXT: failed parsing options"
+	 *     	"HS: EXT: Rejects server options"
+	 *     	"HS: EXT: unknown ext"
+	 *     	"HS: Accept hash wrong"
+	 *     	"HS: Rejected by filter cb"
+	 *     	"HS: OOM"
+	 *     	"HS: SO_SNDBUF failed"
+	 *     	"HS: Rejected at CLIENT_ESTABLISHED"
+	 */
+	LWS_CALLBACK_CLIENT_FILTER_PRE_ESTABLISH		=  2,
+	/**< this is the last chance for the client user code to examine the
+	 * http headers and decide to reject the connection.  If the
+	 * content in the headers is interesting to the
+	 * client (url, etc) it needs to copy it out at
+	 * this point since it will be destroyed before
+	 * the CLIENT_ESTABLISHED call */
+	LWS_CALLBACK_CLIENT_ESTABLISHED				=  3,
+	/**< after your client connection completed
+	 * a handshake with the remote server */
+	LWS_CALLBACK_CLOSED					=  4,
+	/**< when the websocket session ends */
+	LWS_CALLBACK_CLOSED_HTTP				=  5,
+	/**< when a HTTP (non-websocket) session ends */
+	LWS_CALLBACK_RECEIVE					=  6,
+	/**< data has appeared for this server endpoint from a
+	 * remote client, it can be found at *in and is
+	 * len bytes long */
+	LWS_CALLBACK_RECEIVE_PONG				=  7,
+	/**< servers receive PONG packets with this callback reason */
+	LWS_CALLBACK_CLIENT_RECEIVE				=  8,
+	/**< data has appeared from the server for the client connection, it
+	 * can be found at *in and is len bytes long */
+	LWS_CALLBACK_CLIENT_RECEIVE_PONG			=  9,
+	/**< clients receive PONG packets with this callback reason */
+	LWS_CALLBACK_CLIENT_WRITEABLE				= 10,
+	/**<  If you call lws_callback_on_writable() on a connection, you will
+	 * get one of these callbacks coming when the connection socket
+	 * is able to accept another write packet without blocking.
+	 * If it already was able to take another packet without blocking,
+	 * you'll get this callback at the next call to the service loop
+	 * function.  Notice that CLIENTs get LWS_CALLBACK_CLIENT_WRITEABLE
+	 * and servers get LWS_CALLBACK_SERVER_WRITEABLE. */
+	LWS_CALLBACK_SERVER_WRITEABLE				= 11,
+	/**< See LWS_CALLBACK_CLIENT_WRITEABLE */
+	LWS_CALLBACK_HTTP					= 12,
+	/**< an http request has come from a client that is not
+	 * asking to upgrade the connection to a websocket
+	 * one.  This is a chance to serve http content,
+	 * for example, to send a script to the client
+	 * which will then open the websockets connection.
+	 * in points to the URI path requested and
+	 * lws_serve_http_file() makes it very
+	 * simple to send back a file to the client.
+	 * Normally after sending the file you are done
+	 * with the http connection, since the rest of the
+	 * activity will come by websockets from the script
+	 * that was delivered by http, so you will want to
+	 * return 1; to close and free up the connection. */
+	LWS_CALLBACK_HTTP_BODY					= 13,
+	/**< the next len bytes data from the http
+	 * request body HTTP connection is now available in in. */
+	LWS_CALLBACK_HTTP_BODY_COMPLETION			= 14,
+	/**< the expected amount of http request body has been delivered */
+	LWS_CALLBACK_HTTP_FILE_COMPLETION			= 15,
+	/**< a file requested to be sent down http link has completed. */
+	LWS_CALLBACK_HTTP_WRITEABLE				= 16,
+	/**< you can write more down the http protocol link now. */
+	LWS_CALLBACK_FILTER_NETWORK_CONNECTION			= 17,
+	/**< called when a client connects to
+	 * the server at network level; the connection is accepted but then
+	 * passed to this callback to decide whether to hang up immediately
+	 * or not, based on the client IP.  in contains the connection
+	 * socket's descriptor. Since the client connection information is
+	 * not available yet, wsi still pointing to the main server socket.
+	 * Return non-zero to terminate the connection before sending or
+	 * receiving anything. Because this happens immediately after the
+	 * network connection from the client, there's no websocket protocol
+	 * selected yet so this callback is issued only to protocol 0. */
+	LWS_CALLBACK_FILTER_HTTP_CONNECTION			= 18,
+	/**< called when the request has
+	 * been received and parsed from the client, but the response is
+	 * not sent yet.  Return non-zero to disallow the connection.
+	 * user is a pointer to the connection user space allocation,
+	 * in is the URI, eg, "/"
+	 * In your handler you can use the public APIs
+	 * lws_hdr_total_length() / lws_hdr_copy() to access all of the
+	 * headers using the header enums lws_token_indexes from
+	 * libwebsockets.h to check for and read the supported header
+	 * presence and content before deciding to allow the http
+	 * connection to proceed or to kill the connection. */
+	LWS_CALLBACK_SERVER_NEW_CLIENT_INSTANTIATED		= 19,
+	/**< A new client just had
+	 * been connected, accepted, and instantiated into the pool. This
+	 * callback allows setting any relevant property to it. Because this
+	 * happens immediately after the instantiation of a new client,
+	 * there's no websocket protocol selected yet so this callback is
+	 * issued only to protocol 0. Only wsi is defined, pointing to the
+	 * new client, and the return value is ignored. */
+	LWS_CALLBACK_FILTER_PROTOCOL_CONNECTION			= 20,
+	/**< called when the handshake has
+	 * been received and parsed from the client, but the response is
+	 * not sent yet.  Return non-zero to disallow the connection.
+	 * user is a pointer to the connection user space allocation,
+	 * in is the requested protocol name
+	 * In your handler you can use the public APIs
+	 * lws_hdr_total_length() / lws_hdr_copy() to access all of the
+	 * headers using the header enums lws_token_indexes from
+	 * libwebsockets.h to check for and read the supported header
+	 * presence and content before deciding to allow the handshake
+	 * to proceed or to kill the connection. */
+	LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS	= 21,
+	/**< if configured for
+	 * including OpenSSL support, this callback allows your user code
+	 * to perform extra SSL_CTX_load_verify_locations() or similar
+	 * calls to direct OpenSSL where to find certificates the client
+	 * can use to confirm the remote server identity.  user is the
+	 * OpenSSL SSL_CTX* */
+	LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS	= 22,
+	/**< if configured for
+	 * including OpenSSL support, this callback allows your user code
+	 * to load extra certifcates into the server which allow it to
+	 * verify the validity of certificates returned by clients.  user
+	 * is the server's OpenSSL SSL_CTX* */
+	LWS_CALLBACK_OPENSSL_PERFORM_CLIENT_CERT_VERIFICATION	= 23,
+	/**< if the libwebsockets vhost was created with the option
+	 * LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT, then this
+	 * callback is generated during OpenSSL verification of the cert
+	 * sent from the client.  It is sent to protocol[0] callback as
+	 * no protocol has been negotiated on the connection yet.
+	 * Notice that the libwebsockets context and wsi are both NULL
+	 * during this callback.  See
+	 *  http://www.openssl.org/docs/ssl/SSL_CTX_set_verify.html
+	 * to understand more detail about the OpenSSL callback that
+	 * generates this libwebsockets callback and the meanings of the
+	 * arguments passed.  In this callback, user is the x509_ctx,
+	 * in is the ssl pointer and len is preverify_ok
+	 * Notice that this callback maintains libwebsocket return
+	 * conventions, return 0 to mean the cert is OK or 1 to fail it.
+	 * This also means that if you don't handle this callback then
+	 * the default callback action of returning 0 allows the client
+	 * certificates. */
+	LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER		= 24,
+	/**< this callback happens
+	 * when a client handshake is being compiled.  user is NULL,
+	 * in is a char **, it's pointing to a char * which holds the
+	 * next location in the header buffer where you can add
+	 * headers, and len is the remaining space in the header buffer,
+	 * which is typically some hundreds of bytes.  So, to add a canned
+	 * cookie, your handler code might look similar to:
+	 *
+	 *	char **p = (char **)in;
+	 *
+	 *	if (len < 100)
+	 *		return 1;
+	 *
+	 *	*p += sprintf(*p, "Cookie: a=b\x0d\x0a");
+	 *
+	 *	return 0;
+	 *
+	 * Notice if you add anything, you just have to take care about
+	 * the CRLF on the line you added.  Obviously this callback is
+	 * optional, if you don't handle it everything is fine.
+	 *
+	 * Notice the callback is coming to protocols[0] all the time,
+	 * because there is no specific protocol negotiated yet. */
+	LWS_CALLBACK_CONFIRM_EXTENSION_OKAY			= 25,
+	/**< When the server handshake code
+	 * sees that it does support a requested extension, before
+	 * accepting the extension by additing to the list sent back to
+	 * the client it gives this callback just to check that it's okay
+	 * to use that extension.  It calls back to the requested protocol
+	 * and with in being the extension name, len is 0 and user is
+	 * valid.  Note though at this time the ESTABLISHED callback hasn't
+	 * happened yet so if you initialize user content there, user
+	 * content during this callback might not be useful for anything. */
+	LWS_CALLBACK_CLIENT_CONFIRM_EXTENSION_SUPPORTED		= 26,
+	/**< When a client
+	 * connection is being prepared to start a handshake to a server,
+	 * each supported extension is checked with protocols[0] callback
+	 * with this reason, giving the user code a chance to suppress the
+	 * claim to support that extension by returning non-zero.  If
+	 * unhandled, by default 0 will be returned and the extension
+	 * support included in the header to the server.  Notice this
+	 * callback comes to protocols[0]. */
+	LWS_CALLBACK_PROTOCOL_INIT				= 27,
+	/**< One-time call per protocol, per-vhost using it, so it can
+	 * do initial setup / allocations etc */
+	LWS_CALLBACK_PROTOCOL_DESTROY				= 28,
+	/**< One-time call per protocol, per-vhost using it, indicating
+	 * this protocol won't get used at all after this callback, the
+	 * vhost is getting destroyed.  Take the opportunity to
+	 * deallocate everything that was allocated by the protocol. */
+	LWS_CALLBACK_WSI_CREATE					= 29,
+	/**< outermost (earliest) wsi create notification to protocols[0] */
+	LWS_CALLBACK_WSI_DESTROY				= 30,
+	/**< outermost (latest) wsi destroy notification to protocols[0] */
+	LWS_CALLBACK_GET_THREAD_ID				= 31,
+	/**< lws can accept callback when writable requests from other
+	 * threads, if you implement this callback and return an opaque
+	 * current thread ID integer. */
+
+	/* external poll() management support */
+	LWS_CALLBACK_ADD_POLL_FD				= 32,
+	/**< lws normally deals with its poll() or other event loop
+	 * internally, but in the case you are integrating with another
+	 * server you will need to have lws sockets share a
+	 * polling array with the other server.  This and the other
+	 * POLL_FD related callbacks let you put your specialized
+	 * poll array interface code in the callback for protocol 0, the
+	 * first protocol you support, usually the HTTP protocol in the
+	 * serving case.
+	 * This callback happens when a socket needs to be
+	 * added to the polling loop: in points to a struct
+	 * lws_pollargs; the fd member of the struct is the file
+	 * descriptor, and events contains the active events
+	 *
+	 * If you are using the internal lws polling / event loop
+	 * you can just ignore these callbacks. */
+	LWS_CALLBACK_DEL_POLL_FD				= 33,
+	/**< This callback happens when a socket descriptor
+	 * needs to be removed from an external polling array.  in is
+	 * again the struct lws_pollargs containing the fd member
+	 * to be removed.  If you are using the internal polling
+	 * loop, you can just ignore it. */
+	LWS_CALLBACK_CHANGE_MODE_POLL_FD			= 34,
+	/**< This callback happens when lws wants to modify the events for
+	 * a connection.
+	 * in is the struct lws_pollargs with the fd to change.
+	 * The new event mask is in events member and the old mask is in
+	 * the prev_events member.
+	 * If you are using the internal polling loop, you can just ignore
+	 * it. */
+	LWS_CALLBACK_LOCK_POLL					= 35,
+	/**< These allow the external poll changes driven
+	 * by lws to participate in an external thread locking
+	 * scheme around the changes, so the whole thing is threadsafe.
+	 * These are called around three activities in the library,
+	 *	- inserting a new wsi in the wsi / fd table (len=1)
+	 *	- deleting a wsi from the wsi / fd table (len=1)
+	 *	- changing a wsi's POLLIN/OUT state (len=0)
+	 * Locking and unlocking external synchronization objects when
+	 * len == 1 allows external threads to be synchronized against
+	 * wsi lifecycle changes if it acquires the same lock for the
+	 * duration of wsi dereference from the other thread context. */
+	LWS_CALLBACK_UNLOCK_POLL				= 36,
+	/**< See LWS_CALLBACK_LOCK_POLL, ignore if using lws internal poll */
+
+	LWS_CALLBACK_OPENSSL_CONTEXT_REQUIRES_PRIVATE_KEY	= 37,
+	/**< if configured for including OpenSSL support but no private key
+	 * file has been specified (ssl_private_key_filepath is NULL), this is
+	 * called to allow the user to set the private key directly via
+	 * libopenssl and perform further operations if required; this might be
+	 * useful in situations where the private key is not directly accessible
+	 * by the OS, for example if it is stored on a smartcard.
+	 * user is the server's OpenSSL SSL_CTX* */
+	LWS_CALLBACK_WS_PEER_INITIATED_CLOSE			= 38,
+	/**< The peer has sent an unsolicited Close WS packet.  in and
+	 * len are the optional close code (first 2 bytes, network
+	 * order) and the optional additional information which is not
+	 * defined in the standard, and may be a string or non-human- readable data.
+	 * If you return 0 lws will echo the close and then close the
+	 * connection.  If you return nonzero lws will just close the
+	 * connection. */
+
+	LWS_CALLBACK_WS_EXT_DEFAULTS				= 39,
+	/**< Gives client connections an opportunity to adjust negotiated
+	 * extension defaults.  `user` is the extension name that was
+	 * negotiated (eg, "permessage-deflate").  `in` points to a
+	 * buffer and `len` is the buffer size.  The user callback can
+	 * set the buffer to a string describing options the extension
+	 * should parse.  Or just ignore for defaults. */
+
+	LWS_CALLBACK_CGI					= 40,
+	/**< CGI: CGI IO events on stdin / out / err are sent here on
+	 * protocols[0].  The provided `lws_callback_http_dummy()`
+	 * handles this and the callback should be directed there if
+	 * you use CGI. */
+	LWS_CALLBACK_CGI_TERMINATED				= 41,
+	/**< CGI: The related CGI process ended, this is called before
+	 * the wsi is closed.  Used to, eg, terminate chunking.
+	 * The provided `lws_callback_http_dummy()`
+	 * handles this and the callback should be directed there if
+	 * you use CGI.  The child PID that terminated is in len. */
+	LWS_CALLBACK_CGI_STDIN_DATA				= 42,
+	/**< CGI: Data is, to be sent to the CGI process stdin, eg from
+	 * a POST body.  The provided `lws_callback_http_dummy()`
+	 * handles this and the callback should be directed there if
+	 * you use CGI. */
+	LWS_CALLBACK_CGI_STDIN_COMPLETED			= 43,
+	/**< CGI: no more stdin is coming.  The provided
+	 * `lws_callback_http_dummy()` handles this and the callback
+	 * should be directed there if you use CGI. */
+	LWS_CALLBACK_ESTABLISHED_CLIENT_HTTP			= 44,
+	/**< The HTTP client connection has succeeded, and is now
+	 * connected to the server */
+	LWS_CALLBACK_CLOSED_CLIENT_HTTP				= 45,
+	/**< The HTTP client connection is closing */
+	LWS_CALLBACK_RECEIVE_CLIENT_HTTP			= 46,
+	/**< This simply indicates data was received on the HTTP client
+	 * connection.  It does NOT drain or provide the data.
+	 * This exists to neatly allow a proxying type situation,
+	 * where this incoming data will go out on another connection.
+	 * If the outgoing connection stalls, we should stall processing
+	 * the incoming data.  So a handler for this in that case should
+	 * simply set a flag to indicate there is incoming data ready
+	 * and ask for a writeable callback on the outgoing connection.
+	 * In the writable callback he can check the flag and then get
+	 * and drain the waiting incoming data using lws_http_client_read().
+	 * This will use callbacks to LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ
+	 * to get and drain the incoming data, where it should be sent
+	 * back out on the outgoing connection. */
+	LWS_CALLBACK_COMPLETED_CLIENT_HTTP			= 47,
+	/**< The client transaction completed... at the moment this
+	 * is the same as closing since transaction pipelining on
+	 * client side is not yet supported.  */
+	LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ			= 48,
+	/**< This is generated by lws_http_client_read() used to drain
+	 * incoming data.  In the case the incoming data was chunked,
+	 * it will be split into multiple smaller callbacks for each
+	 * chunk block, removing the chunk headers. If not chunked,
+	 * it will appear all in one callback. */
+	LWS_CALLBACK_HTTP_BIND_PROTOCOL				= 49,
+	/**< By default, all HTTP handling is done in protocols[0].
+	 * However you can bind different protocols (by name) to
+	 * different parts of the URL space using callback mounts.  This
+	 * callback occurs in the new protocol when a wsi is bound
+	 * to that protocol.  Any protocol allocation related to the
+	 * http transaction processing should be created then.
+	 * These specific callbacks are necessary because with HTTP/1.1,
+	 * a single connection may perform at series of different
+	 * transactions at different URLs, thus the lifetime of the
+	 * protocol bind is just for one transaction, not connection. */
+	LWS_CALLBACK_HTTP_DROP_PROTOCOL				= 50,
+	/**< This is called when a transaction is unbound from a protocol.
+	 * It indicates the connection completed its transaction and may
+	 * do something different now.  Any protocol allocation related
+	 * to the http transaction processing should be destroyed. */
+	LWS_CALLBACK_CHECK_ACCESS_RIGHTS			= 51,
+	/**< This gives the user code a chance to forbid an http access.
+	 * `in` points to a `struct lws_process_html_args`, which
+	 * describes the URL, and a bit mask describing the type of
+	 * authentication required.  If the callback returns nonzero,
+	 * the transaction ends with HTTP_STATUS_UNAUTHORIZED. */
+	LWS_CALLBACK_PROCESS_HTML				= 52,
+	/**< This gives your user code a chance to mangle outgoing
+	 * HTML.  `in` points to a `struct lws_process_html_args`
+	 * which describes the buffer containing outgoing HTML.
+	 * The buffer may grow up to `.max_len` (currently +128
+	 * bytes per buffer).
+	 *  */
+	LWS_CALLBACK_ADD_HEADERS				= 53,
+	/**< This gives your user code a chance to add headers to a
+	 * transaction bound to your protocol.  `in` points to a
+	 * `struct lws_process_html_args` describing a buffer and length
+	 * you can add headers into using the normal lws apis.
+	 *
+	 * Only `args->p` and `args->len` are valid, and `args->p` should
+	 * be moved on by the amount of bytes written, if any.  Eg
+	 *
+	 * 	case LWS_CALLBACK_ADD_HEADERS:
+	 *
+	 *          struct lws_process_html_args *args =
+	 *          		(struct lws_process_html_args *)in;
+	 *
+	 *	    if (lws_add_http_header_by_name(wsi,
+	 *			(unsigned char *)"set-cookie:",
+	 *			(unsigned char *)cookie, cookie_len,
+	 *			(unsigned char **)&args->p,
+	 *			(unsigned char *)args->p + args->max_len))
+	 *		return 1;
+	 *
+	 *          break;
+	 */
+	LWS_CALLBACK_SESSION_INFO				= 54,
+	/**< This is only generated by user code using generic sessions.
+	 * It's used to get a `struct lws_session_info` filled in by
+	 * generic sessions with information about the logged-in user.
+	 * See the messageboard sample for an example of how to use. */
+
+	LWS_CALLBACK_GS_EVENT					= 55,
+	/**< Indicates an event happened to the Generic Sessions session.
+	 * `in` contains a `struct lws_gs_event_args` describing the event. */
+	LWS_CALLBACK_HTTP_PMO					= 56,
+	/**< per-mount options for this connection, called before
+	 * the normal LWS_CALLBACK_HTTP when the mount has per-mount
+	 * options.
+	 */
+	LWS_CALLBACK_CLIENT_HTTP_WRITEABLE			= 57,
+	/**< when doing an HTTP type client connection, you can call
+	 * lws_client_http_body_pending(wsi, 1) from
+	 * LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER to get these callbacks
+	 * sending the HTTP headers.
+	 *
+	 * From this callback, when you have sent everything, you should let
+	 * lws know by calling lws_client_http_body_pending(wsi, 0)
+	 */
+	LWS_CALLBACK_OPENSSL_PERFORM_SERVER_CERT_VERIFICATION = 58,
+	/**< Similar to LWS_CALLBACK_OPENSSL_PERFORM_CLIENT_CERT_VERIFICATION
+	 * this callback is called during OpenSSL verification of the cert
+	 * sent from the server to the client. It is sent to protocol[0]
+	 * callback as no protocol has been negotiated on the connection yet.
+	 * Notice that the wsi is set because lws_client_connect_via_info was
+	 * successful.
+	 *
+	 * See http://www.openssl.org/docs/ssl/SSL_CTX_set_verify.html
+	 * to understand more detail about the OpenSSL callback that
+	 * generates this libwebsockets callback and the meanings of the
+	 * arguments passed. In this callback, user is the x509_ctx,
+	 * in is the ssl pointer and len is preverify_ok.
+	 *
+	 * THIS IS NOT RECOMMENDED BUT if a cert validation error shall be
+	 * overruled and cert shall be accepted as ok,
+	 * X509_STORE_CTX_set_error((X509_STORE_CTX*)user, X509_V_OK); must be
+	 * called and return value must be 0 to mean the cert is OK;
+	 * returning 1 will fail the cert in any case.
+	 *
+	 * This also means that if you don't handle this callback then
+	 * the default callback action of returning 0 will not accept the
+	 * certificate in case of a validation error decided by the SSL lib.
+	 *
+	 * This is expected and secure behaviour when validating certificates.
+	 *
+	 * Note: LCCSCF_ALLOW_SELFSIGNED and
+	 * LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK still work without this
+	 * callback being implemented.
+	 */
+	LWS_CALLBACK_RAW_RX					= 59,
+	/**< RAW mode connection RX */
+	LWS_CALLBACK_RAW_CLOSE					= 60,
+	/**< RAW mode connection is closing */
+	LWS_CALLBACK_RAW_WRITEABLE				= 61,
+	/**< RAW mode connection may be written */
+	LWS_CALLBACK_RAW_ADOPT					= 62,
+	/**< RAW mode connection was adopted (equivalent to 'wsi created') */
+	LWS_CALLBACK_RAW_ADOPT_FILE				= 63,
+	/**< RAW mode file was adopted (equivalent to 'wsi created') */
+	LWS_CALLBACK_RAW_RX_FILE				= 64,
+	/**< RAW mode file has something to read */
+	LWS_CALLBACK_RAW_WRITEABLE_FILE				= 65,
+	/**< RAW mode file is writeable */
+	LWS_CALLBACK_RAW_CLOSE_FILE				= 66,
+	/**< RAW mode wsi that adopted a file is closing */
+	LWS_CALLBACK_SSL_INFO					= 67,
+	/**< SSL connections only.  An event you registered an
+	 * interest in at the vhost has occurred on a connection
+	 * using the vhost.  in is a pointer to a
+	 * struct lws_ssl_info containing information about the
+	 * event*/
+	LWS_CALLBACK_CHILD_WRITE_VIA_PARENT			= 68,
+	/**< Child has been marked with parent_carries_io attribute, so
+	 * lws_write directs the to this callback at the parent,
+	 * in is a struct lws_write_passthru containing the args
+	 * the lws_write() was called with.
+	 */
+	LWS_CALLBACK_CHILD_CLOSING				= 69,
+	/**< Sent to parent to notify them a child is closing / being
+	 * destroyed.  in is the child wsi.
+	 */
+	LWS_CALLBACK_CGI_PROCESS_ATTACH				= 70,
+	/**< CGI: Sent when the CGI process is spawned for the wsi.  The
+	 * len parameter is the PID of the child process */
+
+	/****** add new things just above ---^ ******/
+
+	LWS_CALLBACK_USER = 1000,
+	/**<  user code can use any including above without fear of clashes */
+};
+
+
+
+/**
+ * typedef lws_callback_function() - User server actions
+ * \param wsi:	Opaque websocket instance pointer
+ * \param reason:	The reason for the call
+ * \param user:	Pointer to per-session user data allocated by library
+ * \param in:		Pointer used for some callback reasons
+ * \param len:	Length set for some callback reasons
+ *
+ *	This callback is the way the user controls what is served.  All the
+ *	protocol detail is hidden and handled by the library.
+ *
+ *	For each connection / session there is user data allocated that is
+ *	pointed to by "user".  You set the size of this user data area when
+ *	the library is initialized with lws_create_server.
+ */
+typedef int
+lws_callback_function(struct lws *wsi, enum lws_callback_reasons reason,
+		    void *user, void *in, size_t len);
+
+#define LWS_CB_REASON_AUX_BF__CGI		1
+#define LWS_CB_REASON_AUX_BF__PROXY		2
+#define LWS_CB_REASON_AUX_BF__CGI_CHUNK_END	4
+#define LWS_CB_REASON_AUX_BF__CGI_HEADERS	8
+///@}
+
+/*! \defgroup generic hash
+ * ## Generic Hash related functions
+ *
+ * Lws provides generic hash / digest accessors that abstract the ones
+ * provided by whatever OpenSSL library you are linking against.
+ *
+ * It lets you use the same code if you build against mbedtls or OpenSSL
+ * for example.
+ */
+///@{
+
+#ifdef LWS_OPENSSL_SUPPORT
+
+#if defined(LWS_WITH_MBEDTLS)
+#include <mbedtls/sha1.h>
+#include <mbedtls/sha256.h>
+#include <mbedtls/sha512.h>
+#endif
+
+#define LWS_GENHASH_TYPE_SHA1		0
+#define LWS_GENHASH_TYPE_SHA256		1
+#define LWS_GENHASH_TYPE_SHA512		2
+
+struct lws_genhash_ctx {
+        uint8_t type;
+#if defined(LWS_WITH_MBEDTLS)
+        union {
+		mbedtls_sha1_context sha1;
+		mbedtls_sha256_context sha256;
+		mbedtls_sha512_context sha512;
+        } u;
+#else
+        const EVP_MD *evp_type;
+        EVP_MD_CTX *mdctx;
+#endif
+};
+
+/** lws_genhash_size() - get hash size in bytes
+ *
+ * \param type:	one of LWS_GENHASH_TYPE_...
+ *
+ * Returns number of bytes in this type of hash
+ */
+LWS_VISIBLE LWS_EXTERN size_t LWS_WARN_UNUSED_RESULT
+lws_genhash_size(int type);
+
+/** lws_genhash_init() - prepare your struct lws_genhash_ctx for use
+ *
+ * \param ctx: your struct lws_genhash_ctx
+ * \param type:	one of LWS_GENHASH_TYPE_...
+ *
+ * Initializes the hash context for the type you requested
+ */
+LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_genhash_init(struct lws_genhash_ctx *ctx, int type);
+
+/** lws_genhash_update() - digest len bytes of the buffer starting at in
+ *
+ * \param ctx: your struct lws_genhash_ctx
+ * \param in: start of the bytes to digest
+ * \param len: count of bytes to digest
+ *
+ * Updates the state of your hash context to reflect digesting len bytes from in
+ */
+LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_genhash_update(struct lws_genhash_ctx *ctx, const void *in, size_t len);
+
+/** lws_genhash_destroy() - copy out the result digest and destroy the ctx
+ *
+ * \param ctx: your struct lws_genhash_ctx
+ * \param result: NULL, or where to copy the result hash
+ *
+ * Finalizes the hash and copies out the digest.  Destroys any allocations such
+ * that ctx can safely go out of scope after calling this.
+ *
+ * NULL result is supported so that you can destroy the ctx cleanly on error
+ * conditions, where there is no valid result.
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_genhash_destroy(struct lws_genhash_ctx *ctx, void *result);
+
+#endif
+
+///@}
+
+/*! \defgroup extensions Extension related functions
+ * ##Extension releated functions
+ *
+ *  Ws defines optional extensions, lws provides the ability to implement these
+ *  in user code if so desired.
+ *
+ *  We provide one extensions permessage-deflate.
+ */
+///@{
+
+/*
+ * NOTE: These public enums are part of the abi.  If you want to add one,
+ * add it at where specified so existing users are unaffected.
+ */
+enum lws_extension_callback_reasons {
+	LWS_EXT_CB_SERVER_CONTEXT_CONSTRUCT		=  0,
+	LWS_EXT_CB_CLIENT_CONTEXT_CONSTRUCT		=  1,
+	LWS_EXT_CB_SERVER_CONTEXT_DESTRUCT		=  2,
+	LWS_EXT_CB_CLIENT_CONTEXT_DESTRUCT		=  3,
+	LWS_EXT_CB_CONSTRUCT				=  4,
+	LWS_EXT_CB_CLIENT_CONSTRUCT			=  5,
+	LWS_EXT_CB_CHECK_OK_TO_REALLY_CLOSE		=  6,
+	LWS_EXT_CB_CHECK_OK_TO_PROPOSE_EXTENSION	=  7,
+	LWS_EXT_CB_DESTROY				=  8,
+	LWS_EXT_CB_DESTROY_ANY_WSI_CLOSING		=  9,
+	LWS_EXT_CB_ANY_WSI_ESTABLISHED			= 10,
+	LWS_EXT_CB_PACKET_RX_PREPARSE			= 11,
+	LWS_EXT_CB_PACKET_TX_PRESEND			= 12,
+	LWS_EXT_CB_PACKET_TX_DO_SEND			= 13,
+	LWS_EXT_CB_HANDSHAKE_REPLY_TX			= 14,
+	LWS_EXT_CB_FLUSH_PENDING_TX			= 15,
+	LWS_EXT_CB_EXTENDED_PAYLOAD_RX			= 16,
+	LWS_EXT_CB_CAN_PROXY_CLIENT_CONNECTION		= 17,
+	LWS_EXT_CB_1HZ					= 18,
+	LWS_EXT_CB_REQUEST_ON_WRITEABLE			= 19,
+	LWS_EXT_CB_IS_WRITEABLE				= 20,
+	LWS_EXT_CB_PAYLOAD_TX				= 21,
+	LWS_EXT_CB_PAYLOAD_RX				= 22,
+	LWS_EXT_CB_OPTION_DEFAULT			= 23,
+	LWS_EXT_CB_OPTION_SET				= 24,
+	LWS_EXT_CB_OPTION_CONFIRM			= 25,
+	LWS_EXT_CB_NAMED_OPTION_SET			= 26,
+
+	/****** add new things just above ---^ ******/
+};
+
+/** enum lws_ext_options_types */
+enum lws_ext_options_types {
+	EXTARG_NONE, /**< does not take an argument */
+	EXTARG_DEC,  /**< requires a decimal argument */
+	EXTARG_OPT_DEC /**< may have an optional decimal argument */
+
+	/* Add new things just above here ---^
+	 * This is part of the ABI, don't needlessly break compatibility */
+};
+
+/** struct lws_ext_options -	Option arguments to the extension.  These are
+ *				used in the negotiation at ws upgrade time.
+ *				The helper function lws_ext_parse_options()
+ *				uses these to generate callbacks */
+struct lws_ext_options {
+	const char *name; /**< Option name, eg, "server_no_context_takeover" */
+	enum lws_ext_options_types type; /**< What kind of args the option can take */
+
+	/* Add new things just above here ---^
+	 * This is part of the ABI, don't needlessly break compatibility */
+};
+
+/** struct lws_ext_option_arg */
+struct lws_ext_option_arg {
+	const char *option_name; /**< may be NULL, option_index used then */
+	int option_index; /**< argument ordinal to use if option_name missing */
+	const char *start; /**< value */
+	int len; /**< length of value */
+};
+
+/**
+ * typedef lws_extension_callback_function() - Hooks to allow extensions to operate
+ * \param context:	Websockets context
+ * \param ext:	This extension
+ * \param wsi:	Opaque websocket instance pointer
+ * \param reason:	The reason for the call
+ * \param user:	Pointer to ptr to per-session user data allocated by library
+ * \param in:		Pointer used for some callback reasons
+ * \param len:	Length set for some callback reasons
+ *
+ *	Each extension that is active on a particular connection receives
+ *	callbacks during the connection lifetime to allow the extension to
+ *	operate on websocket data and manage itself.
+ *
+ *	Libwebsockets takes care of allocating and freeing "user" memory for
+ *	each active extension on each connection.  That is what is pointed to
+ *	by the user parameter.
+ *
+ *	LWS_EXT_CB_CONSTRUCT:  called when the server has decided to
+ *		select this extension from the list provided by the client,
+ *		just before the server will send back the handshake accepting
+ *		the connection with this extension active.  This gives the
+ *		extension a chance to initialize its connection context found
+ *		in user.
+ *
+ *	LWS_EXT_CB_CLIENT_CONSTRUCT: same as LWS_EXT_CB_CONSTRUCT
+ *		but called when client is instantiating this extension.  Some
+ *		extensions will work the same on client and server side and then
+ *		you can just merge handlers for both CONSTRUCTS.
+ *
+ *	LWS_EXT_CB_DESTROY:  called when the connection the extension was
+ *		being used on is about to be closed and deallocated.  It's the
+ *		last chance for the extension to deallocate anything it has
+ *		allocated in the user data (pointed to by user) before the
+ *		user data is deleted.  This same callback is used whether you
+ *		are in client or server instantiation context.
+ *
+ *	LWS_EXT_CB_PACKET_RX_PREPARSE: when this extension was active on
+ *		a connection, and a packet of data arrived at the connection,
+ *		it is passed to this callback to give the extension a chance to
+ *		change the data, eg, decompress it.  user is pointing to the
+ *		extension's private connection context data, in is pointing
+ *		to an lws_tokens struct, it consists of a char * pointer called
+ *		token, and an int called token_len.  At entry, these are
+ *		set to point to the received buffer and set to the content
+ *		length.  If the extension will grow the content, it should use
+ *		a new buffer allocated in its private user context data and
+ *		set the pointed-to lws_tokens members to point to its buffer.
+ *
+ *	LWS_EXT_CB_PACKET_TX_PRESEND: this works the same way as
+ *		LWS_EXT_CB_PACKET_RX_PREPARSE above, except it gives the
+ *		extension a chance to change websocket data just before it will
+ *		be sent out.  Using the same lws_token pointer scheme in in,
+ *		the extension can change the buffer and the length to be
+ *		transmitted how it likes.  Again if it wants to grow the
+ *		buffer safely, it should copy the data into its own buffer and
+ *		set the lws_tokens token pointer to it.
+ *
+ *	LWS_EXT_CB_ARGS_VALIDATE:
+ */
+typedef int
+lws_extension_callback_function(struct lws_context *context,
+			      const struct lws_extension *ext, struct lws *wsi,
+			      enum lws_extension_callback_reasons reason,
+			      void *user, void *in, size_t len);
+
+/** struct lws_extension -	An extension we support */
+struct lws_extension {
+	const char *name; /**< Formal extension name, eg, "permessage-deflate" */
+	lws_extension_callback_function *callback; /**< Service callback */
+	const char *client_offer; /**< String containing exts and options client offers */
+
+	/* Add new things just above here ---^
+	 * This is part of the ABI, don't needlessly break compatibility */
+};
+
+/**
+ * lws_set_extension_option(): set extension option if possible
+ *
+ * \param wsi:	websocket connection
+ * \param ext_name:	name of ext, like "permessage-deflate"
+ * \param opt_name:	name of option, like "rx_buf_size"
+ * \param opt_val:	value to set option to
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_set_extension_option(struct lws *wsi, const char *ext_name,
+			 const char *opt_name, const char *opt_val);
+
+#ifndef LWS_NO_EXTENSIONS
+/* lws_get_internal_extensions() - DEPRECATED
+ *
+ * \Deprecated There is no longer a set internal extensions table.  The table is provided
+ * by user code along with application-specific settings.  See the test
+ * client and server for how to do.
+ */
+static LWS_INLINE LWS_WARN_DEPRECATED const struct lws_extension *
+lws_get_internal_extensions(void) { return NULL; }
+
+/**
+ * lws_ext_parse_options() - deal with parsing negotiated extension options
+ *
+ * \param ext: related extension struct
+ * \param wsi:	websocket connection
+ * \param ext_user: per-connection extension private data
+ * \param opts: list of supported options
+ * \param o: option string to parse
+ * \param len: length
+ */
+LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_ext_parse_options(const struct lws_extension *ext, struct lws *wsi,
+		       void *ext_user, const struct lws_ext_options *opts,
+		       const char *o, int len);
+#endif
+
+/** lws_extension_callback_pm_deflate() - extension for RFC7692
+ *
+ * \param context:	lws context
+ * \param ext:	related lws_extension struct
+ * \param wsi:	websocket connection
+ * \param reason:	incoming callback reason
+ * \param user:	per-connection extension private data
+ * \param in:	pointer parameter
+ * \param len:	length parameter
+ *
+ * Built-in callback implementing RFC7692 permessage-deflate
+ */
+LWS_EXTERN
+int lws_extension_callback_pm_deflate(
+	struct lws_context *context, const struct lws_extension *ext,
+	struct lws *wsi, enum lws_extension_callback_reasons reason,
+	void *user, void *in, size_t len);
+
+/*
+ * The internal exts are part of the public abi
+ * If we add more extensions, publish the callback here  ------v
+ */
+///@}
+
+/*! \defgroup Protocols-and-Plugins Protocols and Plugins
+ * \ingroup lwsapi
+ *
+ * ##Protocol and protocol plugin -related apis
+ *
+ * Protocols bind ws protocol names to a custom callback specific to that
+ * protocol implementaion.
+ *
+ * A list of protocols can be passed in at context creation time, but it is
+ * also legal to leave that NULL and add the protocols and their callback code
+ * using plugins.
+ *
+ * Plugins are much preferable compared to cut and pasting code into an
+ * application each time, since they can be used standalone.
+ */
+///@{
+/** struct lws_protocols -	List of protocols and handlers client or server
+ *					supports. */
+
+struct lws_protocols {
+	const char *name;
+	/**< Protocol name that must match the one given in the client
+	 * Javascript new WebSocket(url, 'protocol') name. */
+	lws_callback_function *callback;
+	/**< The service callback used for this protocol.  It allows the
+	 * service action for an entire protocol to be encapsulated in
+	 * the protocol-specific callback */
+	size_t per_session_data_size;
+	/**< Each new connection using this protocol gets
+	 * this much memory allocated on connection establishment and
+	 * freed on connection takedown.  A pointer to this per-connection
+	 * allocation is passed into the callback in the 'user' parameter */
+	size_t rx_buffer_size;
+	/**< lws allocates this much space for rx data and informs callback
+	 * when something came.  Due to rx flow control, the callback may not
+	 * be able to consume it all without having to return to the event
+	 * loop.  That is supported in lws.
+	 *
+	 * If .tx_packet_size is 0, this also controls how much may be sent at once
+	 * for backwards compatibility.
+	 */
+	unsigned int id;
+	/**< ignored by lws, but useful to contain user information bound
+	 * to the selected protocol.  For example if this protocol was
+	 * called "myprotocol-v2", you might set id to 2, and the user
+	 * code that acts differently according to the version can do so by
+	 * switch (wsi->protocol->id), user code might use some bits as
+	 * capability flags based on selected protocol version, etc. */
+	void *user; /**< ignored by lws, but user code can pass a pointer
+			here it can later access from the protocol callback */
+	size_t tx_packet_size;
+	/**< 0 indicates restrict send() size to .rx_buffer_size for backwards-
+	 * compatibility.
+	 * If greater than zero, a single send() is restricted to this amount
+	 * and any remainder is buffered by lws and sent afterwards also in
+	 * these size chunks.  Since that is expensive, it's preferable
+	 * to restrict one fragment you are trying to send to match this
+	 * size.
+	 */
+
+	/* Add new things just above here ---^
+	 * This is part of the ABI, don't needlessly break compatibility */
+};
+
+struct lws_vhost;
+
+/**
+ * lws_vhost_name_to_protocol() - get vhost's protocol object from its name
+ *
+ * \param vh: vhost to search
+ * \param name: protocol name
+ *
+ * Returns NULL or a pointer to the vhost's protocol of the requested name
+ */
+LWS_VISIBLE LWS_EXTERN const struct lws_protocols *
+lws_vhost_name_to_protocol(struct lws_vhost *vh, const char *name);
+
+/**
+ * lws_get_protocol() - Returns a protocol pointer from a websocket
+ *				  connection.
+ * \param wsi:	pointer to struct websocket you want to know the protocol of
+ *
+ *
+ *	Some apis can act on all live connections of a given protocol,
+ *	this is how you can get a pointer to the active protocol if needed.
+ */
+LWS_VISIBLE LWS_EXTERN const struct lws_protocols *
+lws_get_protocol(struct lws *wsi);
+
+/** lws_protocol_get() -  deprecated: use lws_get_protocol */
+LWS_VISIBLE LWS_EXTERN const struct lws_protocols *
+lws_protocol_get(struct lws *wsi) LWS_WARN_DEPRECATED;
+
+/**
+ * lws_protocol_vh_priv_zalloc() - Allocate and zero down a protocol's per-vhost
+ *				   storage
+ * \param vhost:	vhost the instance is related to
+ * \param prot:		protocol the instance is related to
+ * \param size:		bytes to allocate
+ *
+ * Protocols often find it useful to allocate a per-vhost struct, this is a
+ * helper to be called in the per-vhost init LWS_CALLBACK_PROTOCOL_INIT
+ */
+LWS_VISIBLE LWS_EXTERN void *
+lws_protocol_vh_priv_zalloc(struct lws_vhost *vhost, const struct lws_protocols *prot,
+			    int size);
+
+/**
+ * lws_protocol_vh_priv_get() - retreive a protocol's per-vhost storage
+ *
+ * \param vhost:	vhost the instance is related to
+ * \param prot:		protocol the instance is related to
+ *
+ * Recover a pointer to the allocated per-vhost storage for the protocol created
+ * by lws_protocol_vh_priv_zalloc() earlier
+ */
+LWS_VISIBLE LWS_EXTERN void *
+lws_protocol_vh_priv_get(struct lws_vhost *vhost, const struct lws_protocols *prot);
+
+/**
+ * lws_adjust_protocol_psds - change a vhost protocol's per session data size
+ *
+ * \param wsi: a connection with the protocol to change
+ * \param new_size: the new size of the per session data size for the protocol
+ *
+ * Returns user_space for the wsi, after allocating
+ *
+ * This should not be used except to initalize a vhost protocol's per session
+ * data size one time, before any connections are accepted.
+ *
+ * Sometimes the protocol wraps another protocol and needs to discover and set
+ * its per session data size at runtime.
+ */
+LWS_VISIBLE LWS_EXTERN void *
+lws_adjust_protocol_psds(struct lws *wsi, size_t new_size);
+
+/**
+ * lws_finalize_startup() - drop initial process privileges
+ *
+ * \param context:	lws context
+ *
+ * This is called after the end of the vhost protocol initializations, but
+ * you may choose to call it earlier
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_finalize_startup(struct lws_context *context);
+
+LWS_VISIBLE LWS_EXTERN int
+lws_protocol_init(struct lws_context *context);
+
+#ifdef LWS_WITH_PLUGINS
+
+/* PLUGINS implies LIBUV */
+
+#define LWS_PLUGIN_API_MAGIC 180
+
+/** struct lws_plugin_capability - how a plugin introduces itself to lws */
+struct lws_plugin_capability {
+	unsigned int api_magic;	/**< caller fills this in, plugin fills rest */
+	const struct lws_protocols *protocols; /**< array of supported protocols provided by plugin */
+	int count_protocols; /**< how many protocols */
+	const struct lws_extension *extensions; /**< array of extensions provided by plugin */
+	int count_extensions; /**< how many extensions */
+};
+
+typedef int (*lws_plugin_init_func)(struct lws_context *,
+				    struct lws_plugin_capability *);
+typedef int (*lws_plugin_destroy_func)(struct lws_context *);
+
+/** struct lws_plugin */
+struct lws_plugin {
+	struct lws_plugin *list; /**< linked list */
+#if (UV_VERSION_MAJOR > 0)
+	uv_lib_t lib; /**< shared library pointer */
+#else
+	void *l; /**< so we can compile on ancient libuv */
+#endif
+	char name[64]; /**< name of the plugin */
+	struct lws_plugin_capability caps; /**< plugin capabilities */
+};
+
+#endif
+
+///@}
+
+
+/*! \defgroup generic-sessions plugin: generic-sessions
+ * \ingroup Protocols-and-Plugins
+ *
+ * ##Plugin Generic-sessions related
+ *
+ * generic-sessions plugin provides a reusable, generic session and login /
+ * register / forgot password framework including email verification.
+ */
+///@{
+
+#define LWSGS_EMAIL_CONTENT_SIZE 16384
+/**< Maximum size of email we might send */
+
+/* SHA-1 binary and hexified versions */
+/** typedef struct lwsgw_hash_bin */
+typedef struct { unsigned char bin[20]; /**< binary representation of hash */} lwsgw_hash_bin;
+/** typedef struct lwsgw_hash */
+typedef struct { char id[41]; /**< ascii hex representation of hash */ } lwsgw_hash;
+
+/** enum lwsgs_auth_bits */
+enum lwsgs_auth_bits {
+	LWSGS_AUTH_LOGGED_IN = 1, /**< user is logged in as somebody */
+	LWSGS_AUTH_ADMIN = 2,	/**< logged in as the admin user */
+	LWSGS_AUTH_VERIFIED = 4,  /**< user has verified his email */
+	LWSGS_AUTH_FORGOT_FLOW = 8,	/**< he just completed "forgot password" flow */
+};
+
+/** struct lws_session_info - information about user session status */
+struct lws_session_info {
+	char username[32]; /**< username logged in as, or empty string */
+	char email[100]; /**< email address associated with login, or empty string */
+	char ip[72]; /**< ip address session was started from */
+	unsigned int mask; /**< access rights mask associated with session
+	 	 	    * see enum lwsgs_auth_bits */
+	char session[42]; /**< session id string, usable as opaque uid when not logged in */
+};
+
+/** enum lws_gs_event */
+enum lws_gs_event {
+	LWSGSE_CREATED, /**< a new user was created */
+	LWSGSE_DELETED  /**< an existing user was deleted */
+};
+
+/** struct lws_gs_event_args */
+struct lws_gs_event_args {
+	enum lws_gs_event event; /**< which event happened */
+	const char *username; /**< which username the event happened to */
+	const char *email; /**< the email address of that user */
+};
+
+///@}
+
+
+/*! \defgroup context-and-vhost context and vhost related functions
+ * ##Context and Vhost releated functions
+ * \ingroup lwsapi
+ *
+ *
+ *  LWS requires that there is one context, in which you may define multiple
+ *  vhosts.  Each vhost is a virtual host, with either its own listen port
+ *  or sharing an existing one.  Each vhost has its own SSL context that can
+ *  be set up individually or left disabled.
+ *
+ *  If you don't care about multiple "site" support, you can ignore it and
+ *  lws will create a single default vhost at context creation time.
+ */
+///@{
+
+/*
+ * NOTE: These public enums are part of the abi.  If you want to add one,
+ * add it at where specified so existing users are unaffected.
+ */
+
+/** enum lws_context_options - context and vhost options */
+enum lws_context_options {
+	LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT	= (1 << 1) |
+								  (1 << 12),
+	/**< (VH) Don't allow the connection unless the client has a
+	 * client cert that we recognize; provides
+	 * LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT */
+	LWS_SERVER_OPTION_SKIP_SERVER_CANONICAL_NAME		= (1 << 2),
+	/**< (CTX) Don't try to get the server's hostname */
+	LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT		= (1 << 3) |
+								  (1 << 12),
+	/**< (VH) Allow non-SSL (plaintext) connections on the same
+	 * port as SSL is listening... undermines the security of SSL;
+	 * provides  LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT */
+	LWS_SERVER_OPTION_LIBEV					= (1 << 4),
+	/**< (CTX) Use libev event loop */
+	LWS_SERVER_OPTION_DISABLE_IPV6				= (1 << 5),
+	/**< (VH) Disable IPV6 support */
+	LWS_SERVER_OPTION_DISABLE_OS_CA_CERTS			= (1 << 6),
+	/**< (VH) Don't load OS CA certs, you will need to load your
+	 * own CA cert(s) */
+	LWS_SERVER_OPTION_PEER_CERT_NOT_REQUIRED		= (1 << 7),
+	/**< (VH) Accept connections with no valid Cert (eg, selfsigned) */
+	LWS_SERVER_OPTION_VALIDATE_UTF8				= (1 << 8),
+	/**< (VH) Check UT-8 correctness */
+	LWS_SERVER_OPTION_SSL_ECDH				= (1 << 9) |
+								  (1 << 12),
+	/**< (VH)  initialize ECDH ciphers */
+	LWS_SERVER_OPTION_LIBUV					= (1 << 10),
+	/**< (CTX)  Use libuv event loop */
+	LWS_SERVER_OPTION_REDIRECT_HTTP_TO_HTTPS		= (1 << 11) |
+								  (1 << 12),
+	/**< (VH) Use http redirect to force http to https
+	 * (deprecated: use mount redirection) */
+	LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT			= (1 << 12),
+	/**< (CTX) Initialize the SSL library at all */
+	LWS_SERVER_OPTION_EXPLICIT_VHOSTS			= (1 << 13),
+	/**< (CTX) Only create the context when calling context
+	 * create api, implies user code will create its own vhosts */
+	LWS_SERVER_OPTION_UNIX_SOCK				= (1 << 14),
+	/**< (VH) Use Unix socket */
+	LWS_SERVER_OPTION_STS					= (1 << 15),
+	/**< (VH) Send Strict Transport Security header, making
+	 * clients subsequently go to https even if user asked for http */
+	LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY			= (1 << 16),
+	/**< (VH) Enable LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE to take effect */
+	LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE			= (1 << 17),
+	/**< (VH) if set, only ipv6 allowed on the vhost */
+	LWS_SERVER_OPTION_UV_NO_SIGSEGV_SIGFPE_SPIN		= (1 << 18),
+	/**< (CTX) Libuv only: Do not spin on SIGSEGV / SIGFPE.  A segfault
+	 * normally makes the lib spin so you can attach a debugger to it
+	 * even if it happened without a debugger in place.  You can disable
+	 * that by giving this option.
+	 */
+	LWS_SERVER_OPTION_JUST_USE_RAW_ORIGIN			= (1 << 19),
+	/**< For backwards-compatibility reasons, by default
+	 * lws prepends "http://" to the origin you give in the client
+	 * connection info struct.  If you give this flag when you create
+	 * the context, only the string you give in the client connect
+	 * info for .origin (if any) will be used directly.
+	 */
+	LWS_SERVER_OPTION_FALLBACK_TO_RAW			= (1 << 20),
+	/**< (VH) if invalid http is coming in the first line,  */
+	LWS_SERVER_OPTION_LIBEVENT				= (1 << 21),
+	/**< (CTX) Use libevent event loop */
+	LWS_SERVER_OPTION_ONLY_RAW				= (1 << 22),
+	/**< (VH) All connections to this vhost / port are RAW as soon as
+	 * the connection is accepted, no HTTP is going to be coming.
+	 */
+	LWS_SERVER_OPTION_ALLOW_LISTEN_SHARE			= (1 << 23),
+	/**< (VH) Set to allow multiple listen sockets on one interface +
+	 * address + port.  The default is to strictly allow only one
+	 * listen socket at a time.  This is automatically selected if you
+	 * have multiple service threads.
+	 */
+	LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX			= (1 << 24),
+	/**< (VH) Force setting up the vhost SSL_CTX, even though the user
+	 * code doesn't explicitly provide a cert in the info struct.  It
+	 * implies the user code is going to provide a cert at the
+	 * LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS callback, which
+	 * provides the vhost SSL_CTX * in the user parameter.
+	 */
+
+	/****** add new things just above ---^ ******/
+};
+
+#define lws_check_opt(c, f) (((c) & (f)) == (f))
+
+struct lws_plat_file_ops;
+
+/** struct lws_context_creation_info - parameters to create context and /or vhost with
+ *
+ * This is also used to create vhosts.... if LWS_SERVER_OPTION_EXPLICIT_VHOSTS
+ * is not given, then for backwards compatibility one vhost is created at
+ * context-creation time using the info from this struct.
+ *
+ * If LWS_SERVER_OPTION_EXPLICIT_VHOSTS is given, then no vhosts are created
+ * at the same time as the context, they are expected to be created afterwards.
+ */
+struct lws_context_creation_info {
+	int port;
+	/**< VHOST: Port to listen on. Use CONTEXT_PORT_NO_LISTEN to suppress
+	 * listening for a client. Use CONTEXT_PORT_NO_LISTEN_SERVER if you are
+	 * writing a server but you are using \ref sock-adopt instead of the
+	 * built-in listener */
+	const char *iface;
+	/**< VHOST: NULL to bind the listen socket to all interfaces, or the
+	 * interface name, eg, "eth2"
+	 * If options specifies LWS_SERVER_OPTION_UNIX_SOCK, this member is
+	 * the pathname of a UNIX domain socket. you can use the UNIX domain
+	 * sockets in abstract namespace, by prepending an at symbol to the
+	 * socket name. */
+	const struct lws_protocols *protocols;
+	/**< VHOST: Array of structures listing supported protocols and a protocol-
+	 * specific callback for each one.  The list is ended with an
+	 * entry that has a NULL callback pointer. */
+	const struct lws_extension *extensions;
+	/**< VHOST: NULL or array of lws_extension structs listing the
+	 * extensions this context supports. */
+	const struct lws_token_limits *token_limits;
+	/**< CONTEXT: NULL or struct lws_token_limits pointer which is initialized
+	 * with a token length limit for each possible WSI_TOKEN_ */
+	const char *ssl_private_key_password;
+	/**< VHOST: NULL or the passphrase needed for the private key. (For
+	 * backwards compatibility, this can also be used to pass the client
+	 * cert passphrase when setting up a vhost client SSL context, but it is
+	 * preferred to use .client_ssl_private_key_password for that.) */
+	const char *ssl_cert_filepath;
+	/**< VHOST: If libwebsockets was compiled to use ssl, and you want
+	 * to listen using SSL, set to the filepath to fetch the
+	 * server cert from, otherwise NULL for unencrypted.  (For backwards
+	 * compatibility, this can also be used to pass the client certificate
+	 * when setting up a vhost client SSL context, but it is preferred to
+	 * use .client_ssl_cert_filepath for that.) */
+	const char *ssl_private_key_filepath;
+	/**<  VHOST: filepath to private key if wanting SSL mode;
+	 * if this is set to NULL but ssl_cert_filepath is set, the
+	 * OPENSSL_CONTEXT_REQUIRES_PRIVATE_KEY callback is called
+	 * to allow setting of the private key directly via openSSL
+	 * library calls.   (For backwards compatibility, this can also be used
+	 * to pass the client cert private key filepath when setting up a
+	 * vhost client SSL context, but it is preferred to use
+	 * .client_ssl_private_key_filepath for that.) */
+	const char *ssl_ca_filepath;
+	/**< VHOST: CA certificate filepath or NULL.  (For backwards
+	 * compatibility, this can also be used to pass the client CA
+	 * filepath when setting up a vhost client SSL context,
+	 * but it is preferred to use .client_ssl_ca_filepath for that.) */
+	const char *ssl_cipher_list;
+	/**< VHOST: List of valid ciphers to use (eg,
+	 * "RC4-MD5:RC4-SHA:AES128-SHA:AES256-SHA:HIGH:!DSS:!aNULL"
+	 * or you can leave it as NULL to get "DEFAULT" (For backwards
+	 * compatibility, this can also be used to pass the client cipher
+	 * list when setting up a vhost client SSL context,
+	 * but it is preferred to use .client_ssl_cipher_list for that.)*/
+	const char *http_proxy_address;
+	/**< VHOST: If non-NULL, attempts to proxy via the given address.
+	 * If proxy auth is required, use format "username:password\@server:port" */
+	unsigned int http_proxy_port;
+	/**< VHOST: If http_proxy_address was non-NULL, uses this port */
+	int gid;
+	/**< CONTEXT: group id to change to after setting listen socket, or -1. */
+	int uid;
+	/**< CONTEXT: user id to change to after setting listen socket, or -1. */
+	unsigned int options;
+	/**< VHOST + CONTEXT: 0, or LWS_SERVER_OPTION_... bitfields */
+	void *user;
+	/**< VHOST + CONTEXT: optional user pointer that will be associated
+	 * with the context when creating the context (and can be retrieved by
+	 * lws_context_user(context), or with the vhost when creating the vhost
+	 * (and can be retrieved by lws_vhost_user(vhost)).  You will need to
+	 * use LWS_SERVER_OPTION_EXPLICIT_VHOSTS and create the vhost separately
+	 * if you care about giving the context and vhost different user pointer
+	 * values.
+	 */
+	int ka_time;
+	/**< CONTEXT: 0 for no TCP keepalive, otherwise apply this keepalive
+	 * timeout to all libwebsocket sockets, client or server */
+	int ka_probes;
+	/**< CONTEXT: if ka_time was nonzero, after the timeout expires how many
+	 * times to try to get a response from the peer before giving up
+	 * and killing the connection */
+	int ka_interval;
+	/**< CONTEXT: if ka_time was nonzero, how long to wait before each ka_probes
+	 * attempt */
+#ifdef LWS_OPENSSL_SUPPORT
+	SSL_CTX *provided_client_ssl_ctx;
+	/**< CONTEXT: If non-null, swap out libwebsockets ssl
+ *		implementation for the one provided by provided_ssl_ctx.
+ *		Libwebsockets no longer is responsible for freeing the context
+ *		if this option is selected. */
+#else /* maintain structure layout either way */
+	void *provided_client_ssl_ctx; /**< dummy if ssl disabled */
+#endif
+
+	short max_http_header_data;
+	/**< CONTEXT: The max amount of header payload that can be handled
+	 * in an http request (unrecognized header payload is dropped) */
+	short max_http_header_pool;
+	/**< CONTEXT: The max number of connections with http headers that
+	 * can be processed simultaneously (the corresponding memory is
+	 * allocated for the lifetime of the context).  If the pool is
+	 * busy new incoming connections must wait for accept until one
+	 * becomes free. */
+
+	unsigned int count_threads;
+	/**< CONTEXT: how many contexts to create in an array, 0 = 1 */
+	unsigned int fd_limit_per_thread;
+	/**< CONTEXT: nonzero means restrict each service thread to this
+	 * many fds, 0 means the default which is divide the process fd
+	 * limit by the number of threads. */
+	unsigned int timeout_secs;
+	/**< VHOST: various processes involving network roundtrips in the
+	 * library are protected from hanging forever by timeouts.  If
+	 * nonzero, this member lets you set the timeout used in seconds.
+	 * Otherwise a default timeout is used. */
+	const char *ecdh_curve;
+	/**< VHOST: if NULL, defaults to initializing server with "prime256v1" */
+	const char *vhost_name;
+	/**< VHOST: name of vhost, must match external DNS name used to
+	 * access the site, like "warmcat.com" as it's used to match
+	 * Host: header and / or SNI name for SSL. */
+	const char * const *plugin_dirs;
+	/**< CONTEXT: NULL, or NULL-terminated array of directories to
+	 * scan for lws protocol plugins at context creation time */
+	const struct lws_protocol_vhost_options *pvo;
+	/**< VHOST: pointer to optional linked list of per-vhost
+	 * options made accessible to protocols */
+	int keepalive_timeout;
+	/**< VHOST: (default = 0 = 60s) seconds to allow remote
+	 * client to hold on to an idle HTTP/1.1 connection */
+	const char *log_filepath;
+	/**< VHOST: filepath to append logs to... this is opened before
+	 *		any dropping of initial privileges */
+	const struct lws_http_mount *mounts;
+	/**< VHOST: optional linked list of mounts for this vhost */
+	const char *server_string;
+	/**< CONTEXT: string used in HTTP headers to identify server
+ *		software, if NULL, "libwebsockets". */
+	unsigned int pt_serv_buf_size;
+	/**< CONTEXT: 0 = default of 4096.  This buffer is used by
+	 * various service related features including file serving, it
+	 * defines the max chunk of file that can be sent at once.
+	 * At the risk of lws having to buffer failed large sends, it
+	 * can be increased to, eg, 128KiB to improve throughput. */
+	unsigned int max_http_header_data2;
+	/**< CONTEXT: if max_http_header_data is 0 and this
+	 * is nonzero, this will be used in place of the default.  It's
+	 * like this for compatibility with the original short version,
+	 * this is unsigned int length. */
+	long ssl_options_set;
+	/**< VHOST: Any bits set here will be set as SSL options */
+	long ssl_options_clear;
+	/**< VHOST: Any bits set here will be cleared as SSL options */
+	unsigned short ws_ping_pong_interval;
+	/**< CONTEXT: 0 for none, else interval in seconds between sending
+	 * PINGs on idle websocket connections.  When the PING is sent,
+	 * the PONG must come within the normal timeout_secs timeout period
+	 * or the connection will be dropped.
+	 * Any RX or TX traffic on the connection restarts the interval timer,
+	 * so a connection which always sends or receives something at intervals
+	 * less than the interval given here will never send PINGs / expect
+	 * PONGs.  Conversely as soon as the ws connection is established, an
+	 * idle connection will do the PING / PONG roundtrip as soon as
+	 * ws_ping_pong_interval seconds has passed without traffic
+	 */
+	const struct lws_protocol_vhost_options *headers;
+		/**< VHOST: pointer to optional linked list of per-vhost
+		 * canned headers that are added to server responses */
+
+	const struct lws_protocol_vhost_options *reject_service_keywords;
+	/**< CONTEXT: Optional list of keywords and rejection codes + text.
+	 *
+	 * The keywords are checked for existing in the user agent string.
+	 *
+	 * Eg, "badrobot" "404 Not Found"
+	 */
+	void *external_baggage_free_on_destroy;
+	/**< CONTEXT: NULL, or pointer to something externally malloc'd, that
+	 * should be freed when the context is destroyed.  This allows you to
+	 * automatically sync the freeing action to the context destruction
+	 * action, so there is no need for an external free() if the context
+	 * succeeded to create.
+	 */
+
+	const char *client_ssl_private_key_password;
+	/**< VHOST: Client SSL context init: NULL or the passphrase needed
+	 * for the private key */
+	const char *client_ssl_cert_filepath;
+	/**< VHOST: Client SSL context init:T he certificate the client
+	 * should present to the peer on connection */
+	const char *client_ssl_private_key_filepath;
+	/**<  VHOST: Client SSL context init: filepath to client private key
+	 * if this is set to NULL but client_ssl_cert_filepath is set, you
+	 * can handle the LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS
+	 * callback of protocols[0] to allow setting of the private key directly
+	 * via openSSL library calls */
+	const char *client_ssl_ca_filepath;
+	/**< VHOST: Client SSL context init: CA certificate filepath or NULL */
+	const char *client_ssl_cipher_list;
+	/**< VHOST: Client SSL context init: List of valid ciphers to use (eg,
+	* "RC4-MD5:RC4-SHA:AES128-SHA:AES256-SHA:HIGH:!DSS:!aNULL"
+	* or you can leave it as NULL to get "DEFAULT" */
+
+	const struct lws_plat_file_ops *fops;
+	/**< CONTEXT: NULL, or pointer to an array of fops structs, terminated
+	 * by a sentinel with NULL .open.
+	 *
+	 * If NULL, lws provides just the platform file operations struct for
+	 * backwards compatibility.
+	 */
+	int simultaneous_ssl_restriction;
+	/**< CONTEXT: 0 (no limit) or limit of simultaneous SSL sessions possible.*/
+	const char *socks_proxy_address;
+	/**< VHOST: If non-NULL, attempts to proxy via the given address.
+	 * If proxy auth is required, use format "username:password\@server:port" */
+	unsigned int socks_proxy_port;
+	/**< VHOST: If socks_proxy_address was non-NULL, uses this port */
+#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP)
+	cap_value_t caps[4];
+	/**< CONTEXT: array holding Linux capabilities you want to
+	 * continue to be available to the server after it transitions
+	 * to a noprivileged user.  Usually none are needed but for, eg,
+	 * .bind_iface, CAP_NET_RAW is required.  This gives you a way
+	 * to still have the capability but drop root.
+	 */
+	char count_caps;
+	/**< CONTEXT: count of Linux capabilities in .caps[].  0 means
+	 * no capabilities will be inherited from root (the default) */
+#endif
+	int bind_iface;
+	/**< VHOST: nonzero to strictly bind sockets to the interface name in
+	 * .iface (eg, "eth2"), using SO_BIND_TO_DEVICE.
+	 *
+	 * Requires SO_BINDTODEVICE support from your OS and CAP_NET_RAW
+	 * capability.
+	 *
+	 * Notice that common things like access network interface IP from
+	 * your local machine use your lo / loopback interface and will be
+	 * disallowed by this.
+	 */
+	int ssl_info_event_mask;
+	/**< VHOST: mask of ssl events to be reported on LWS_CALLBACK_SSL_INFO
+	 * callback for connections on this vhost.  The mask values are of
+	 * the form SSL_CB_ALERT, defined in openssl/ssl.h.  The default of
+	 * 0 means no info events will be reported.
+	 */
+	unsigned int timeout_secs_ah_idle;
+	/**< VHOST: seconds to allow a client to hold an ah without using it.
+	 * 0 defaults to 10s. */
+	unsigned short ip_limit_ah;
+	/**< CONTEXT: max number of ah a single IP may use simultaneously
+	 *	      0 is no limit. This is a soft limit: if the limit is
+	 *	      reached, connections from that IP will wait in the ah
+	 *	      waiting list and not be able to acquire an ah until
+	 *	      a connection belonging to the IP relinquishes one it
+	 *	      already has.
+	 */
+	unsigned short ip_limit_wsi;
+	/**< CONTEXT: max number of wsi a single IP may use simultaneously.
+	 *	      0 is no limit.  This is a hard limit, connections from
+	 *	      the same IP will simply be dropped once it acquires the
+	 *	      amount of simultaneous wsi / accepted connections
+	 *	      given here.
+	 */
+	uint32_t	http2_settings[7];
+	/**< CONTEXT: after context creation http2_settings[1] thru [6] have
+	 *	      been set to the lws platform default values.
+	 *   VHOST:   if http2_settings[0] is nonzero, the values given in
+	 *	      http2_settings[1]..[6] are used instead of the lws
+	 *	      platform default values.
+	 *	      Just leave all at 0 if you don't care.
+	 */
+
+	/* Add new things just above here ---^
+	 * This is part of the ABI, don't needlessly break compatibility
+	 *
+	 * The below is to ensure later library versions with new
+	 * members added above will see 0 (default) even if the app
+	 * was not built against the newer headers.
+	 */
+
+	void *_unused[8]; /**< dummy */
+};
+
+/**
+ * lws_create_context() - Create the websocket handler
+ * \param info:	pointer to struct with parameters
+ *
+ *	This function creates the listening socket (if serving) and takes care
+ *	of all initialization in one step.
+ *
+ *	If option LWS_SERVER_OPTION_EXPLICIT_VHOSTS is given, no vhost is
+ *	created; you're expected to create your own vhosts afterwards using
+ *	lws_create_vhost().  Otherwise a vhost named "default" is also created
+ *	using the information in the vhost-related members, for compatibility.
+ *
+ *	After initialization, it returns a struct lws_context * that
+ *	represents this server.  After calling, user code needs to take care
+ *	of calling lws_service() with the context pointer to get the
+ *	server's sockets serviced.  This must be done in the same process
+ *	context as the initialization call.
+ *
+ *	The protocol callback functions are called for a handful of events
+ *	including http requests coming in, websocket connections becoming
+ *	established, and data arriving; it's also called periodically to allow
+ *	async transmission.
+ *
+ *	HTTP requests are sent always to the FIRST protocol in protocol, since
+ *	at that time websocket protocol has not been negotiated.  Other
+ *	protocols after the first one never see any HTTP callback activity.
+ *
+ *	The server created is a simple http server by default; part of the
+ *	websocket standard is upgrading this http connection to a websocket one.
+ *
+ *	This allows the same server to provide files like scripts and favicon /
+ *	images or whatever over http and dynamic data over websockets all in
+ *	one place; they're all handled in the user callback.
+ */
+LWS_VISIBLE LWS_EXTERN struct lws_context *
+lws_create_context(struct lws_context_creation_info *info);
+
+/**
+ * lws_context_destroy() - Destroy the websocket context
+ * \param context:	Websocket context
+ *
+ *	This function closes any active connections and then frees the
+ *	context.  After calling this, any further use of the context is
+ *	undefined.
+ */
+LWS_VISIBLE LWS_EXTERN void
+lws_context_destroy(struct lws_context *context);
+
+LWS_VISIBLE LWS_EXTERN void
+lws_context_destroy2(struct lws_context *context);
+
+typedef int (*lws_reload_func)(void);
+
+/**
+ * lws_context_deprecate() - Deprecate the websocket context
+ *
+ * \param context:	Websocket context
+ * \param cb: Callback notified when old context listen sockets are closed
+ *
+ *	This function is used on an existing context before superceding it
+ *	with a new context.
+ *
+ *	It closes any listen sockets in the context, so new connections are
+ *	not possible.
+ *
+ *	And it marks the context to be deleted when the number of active
+ *	connections into it falls to zero.
+ *
+ *	Otherwise if you attach the deprecated context to the replacement
+ *	context when it has been created using lws_context_attach_deprecated()
+ *	both any deprecated and the new context will service their connections.
+ *
+ *	This is aimed at allowing seamless configuration reloads.
+ *
+ *	The callback cb will be called after the listen sockets are actually
+ *	closed and may be reopened.  In the callback the new context should be
+ *	configured and created.  (With libuv, socket close happens async after
+ *	more loop events).
+ */
+LWS_VISIBLE LWS_EXTERN void
+lws_context_deprecate(struct lws_context *context, lws_reload_func cb);
+
+LWS_VISIBLE LWS_EXTERN int
+lws_context_is_deprecated(struct lws_context *context);
+
+/**
+ * lws_set_proxy() - Setups proxy to lws_context.
+ * \param vhost:	pointer to struct lws_vhost you want set proxy for
+ * \param proxy: pointer to c string containing proxy in format address:port
+ *
+ * Returns 0 if proxy string was parsed and proxy was setup.
+ * Returns -1 if proxy is NULL or has incorrect format.
+ *
+ * This is only required if your OS does not provide the http_proxy
+ * environment variable (eg, OSX)
+ *
+ *   IMPORTANT! You should call this function right after creation of the
+ *   lws_context and before call to connect. If you call this
+ *   function after connect behavior is undefined.
+ *   This function will override proxy settings made on lws_context
+ *   creation with genenv() call.
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_set_proxy(struct lws_vhost *vhost, const char *proxy);
+
+/**
+ * lws_set_socks() - Setup socks to lws_context.
+ * \param vhost:	pointer to struct lws_vhost you want set socks for
+ * \param socks: pointer to c string containing socks in format address:port
+ *
+ * Returns 0 if socks string was parsed and socks was setup.
+ * Returns -1 if socks is NULL or has incorrect format.
+ *
+ * This is only required if your OS does not provide the socks_proxy
+ * environment variable (eg, OSX)
+ *
+ *   IMPORTANT! You should call this function right after creation of the
+ *   lws_context and before call to connect. If you call this
+ *   function after connect behavior is undefined.
+ *   This function will override proxy settings made on lws_context
+ *   creation with genenv() call.
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_set_socks(struct lws_vhost *vhost, const char *socks);
+
+struct lws_vhost;
+
+/**
+ * lws_create_vhost() - Create a vhost (virtual server context)
+ * \param context:	pointer to result of lws_create_context()
+ * \param info:		pointer to struct with parameters
+ *
+ * This function creates a virtual server (vhost) using the vhost-related
+ * members of the info struct.  You can create many vhosts inside one context
+ * if you created the context with the option LWS_SERVER_OPTION_EXPLICIT_VHOSTS
+ */
+LWS_VISIBLE LWS_EXTERN struct lws_vhost *
+lws_create_vhost(struct lws_context *context,
+		 struct lws_context_creation_info *info);
+
+/**
+ * lws_vhost_destroy() - Destroy a vhost (virtual server context)
+ *
+ * \param vh:	pointer to result of lws_create_vhost()
+ *
+ * This function destroys a vhost.  Normally, if you just want to exit,
+ * then lws_destroy_context() will take care of everything.  If you want
+ * to destroy an individual vhost and all connections and allocations, you
+ * can do it with this.
+ *
+ * If the vhost has a listen sockets shared by other vhosts, it will be given
+ * to one of the vhosts sharing it rather than closed.
+ */
+LWS_VISIBLE LWS_EXTERN void
+lws_vhost_destroy(struct lws_vhost *vh);
+
+/**
+ * lwsws_get_config_globals() - Parse a JSON server config file
+ * \param info:		pointer to struct with parameters
+ * \param d:		filepath of the config file
+ * \param config_strings: storage for the config strings extracted from JSON,
+ * 			  the pointer is incremented as strings are stored
+ * \param len:		pointer to the remaining length left in config_strings
+ *			  the value is decremented as strings are stored
+ *
+ * This function prepares a n lws_context_creation_info struct with global
+ * settings from a file d.
+ *
+ * Requires CMake option LWS_WITH_LEJP_CONF to have been enabled
+ */
+LWS_VISIBLE LWS_EXTERN int
+lwsws_get_config_globals(struct lws_context_creation_info *info, const char *d,
+			 char **config_strings, int *len);
+
+/**
+ * lwsws_get_config_vhosts() - Create vhosts from a JSON server config file
+ * \param context:	pointer to result of lws_create_context()
+ * \param info:		pointer to struct with parameters
+ * \param d:		filepath of the config file
+ * \param config_strings: storage for the config strings extracted from JSON,
+ * 			  the pointer is incremented as strings are stored
+ * \param len:		pointer to the remaining length left in config_strings
+ *			  the value is decremented as strings are stored
+ *
+ * This function creates vhosts into a context according to the settings in
+ *JSON files found in directory d.
+ *
+ * Requires CMake option LWS_WITH_LEJP_CONF to have been enabled
+ */
+LWS_VISIBLE LWS_EXTERN int
+lwsws_get_config_vhosts(struct lws_context *context,
+			struct lws_context_creation_info *info, const char *d,
+			char **config_strings, int *len);
+
+/** lws_vhost_get() - \deprecated deprecated: use lws_get_vhost() */
+LWS_VISIBLE LWS_EXTERN struct lws_vhost *
+lws_vhost_get(struct lws *wsi) LWS_WARN_DEPRECATED;
+
+/**
+ * lws_get_vhost() - return the vhost a wsi belongs to
+ *
+ * \param wsi: which connection
+ */
+LWS_VISIBLE LWS_EXTERN struct lws_vhost *
+lws_get_vhost(struct lws *wsi);
+
+/**
+ * lws_json_dump_vhost() - describe vhost state and stats in JSON
+ *
+ * \param vh: the vhost
+ * \param buf: buffer to fill with JSON
+ * \param len: max length of buf
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_json_dump_vhost(const struct lws_vhost *vh, char *buf, int len);
+
+/**
+ * lws_json_dump_context() - describe context state and stats in JSON
+ *
+ * \param context: the context
+ * \param buf: buffer to fill with JSON
+ * \param len: max length of buf
+ * \param hide_vhosts: nonzero to not provide per-vhost mount etc information
+ *
+ * Generates a JSON description of vhost state into buf
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_json_dump_context(const struct lws_context *context, char *buf, int len,
+		      int hide_vhosts);
+
+/**
+ * lws_vhost_user() - get the user data associated with the vhost
+ * \param vhost: Websocket vhost
+ *
+ * This returns the optional user pointer that can be attached to
+ * a vhost when it was created.  Lws never dereferences this pointer, it only
+ * sets it when the vhost is created, and returns it using this api.
+ */
+LWS_VISIBLE LWS_EXTERN void *
+lws_vhost_user(struct lws_vhost *vhost);
+
+/**
+ * lws_context_user() - get the user data associated with the context
+ * \param context: Websocket context
+ *
+ * This returns the optional user allocation that can be attached to
+ * the context the sockets live in at context_create time.  It's a way
+ * to let all sockets serviced in the same context share data without
+ * using globals statics in the user code.
+ */
+LWS_VISIBLE LWS_EXTERN void *
+lws_context_user(struct lws_context *context);
+
+/*! \defgroup vhost-mounts Vhost mounts and options
+ * \ingroup context-and-vhost-creation
+ *
+ * ##Vhost mounts and options
+ */
+///@{
+/** struct lws_protocol_vhost_options - linked list of per-vhost protocol
+ * 					name=value options
+ *
+ * This provides a general way to attach a linked-list of name=value pairs,
+ * which can also have an optional child link-list using the options member.
+ */
+struct lws_protocol_vhost_options {
+	const struct lws_protocol_vhost_options *next; /**< linked list */
+	const struct lws_protocol_vhost_options *options; /**< child linked-list of more options for this node */
+	const char *name; /**< name of name=value pair */
+	const char *value; /**< value of name=value pair */
+};
+
+/** enum lws_mount_protocols
+ * This specifies the mount protocol for a mountpoint, whether it is to be
+ * served from a filesystem, or it is a cgi etc.
+ */
+enum lws_mount_protocols {
+	LWSMPRO_HTTP		= 0, /**< http reverse proxy */
+	LWSMPRO_HTTPS		= 1, /**< https reverse proxy */
+	LWSMPRO_FILE		= 2, /**< serve from filesystem directory */
+	LWSMPRO_CGI		= 3, /**< pass to CGI to handle */
+	LWSMPRO_REDIR_HTTP	= 4, /**< redirect to http:// url */
+	LWSMPRO_REDIR_HTTPS	= 5, /**< redirect to https:// url */
+	LWSMPRO_CALLBACK	= 6, /**< hand by named protocol's callback */
+};
+
+/** struct lws_http_mount
+ *
+ * arguments for mounting something in a vhost's url namespace
+ */
+struct lws_http_mount {
+	const struct lws_http_mount *mount_next;
+	/**< pointer to next struct lws_http_mount */
+	const char *mountpoint;
+	/**< mountpoint in http pathspace, eg, "/" */
+	const char *origin;
+	/**< path to be mounted, eg, "/var/www/warmcat.com" */
+	const char *def;
+	/**< default target, eg, "index.html" */
+	const char *protocol;
+	/**<"protocol-name" to handle mount */
+
+	const struct lws_protocol_vhost_options *cgienv;
+	/**< optional linked-list of cgi options.  These are created
+	 * as environment variables for the cgi process
+	 */
+	const struct lws_protocol_vhost_options *extra_mimetypes;
+	/**< optional linked-list of mimetype mappings */
+	const struct lws_protocol_vhost_options *interpret;
+	/**< optional linked-list of files to be interpreted */
+
+	int cgi_timeout;
+	/**< seconds cgi is allowed to live, if cgi://mount type */
+	int cache_max_age;
+	/**< max-age for reuse of client cache of files, seconds */
+	unsigned int auth_mask;
+	/**< bits set here must be set for authorized client session */
+
+	unsigned int cache_reusable:1; /**< set if client cache may reuse this */
+	unsigned int cache_revalidate:1; /**< set if client cache should revalidate on use */
+	unsigned int cache_intermediaries:1; /**< set if intermediaries are allowed to cache */
+
+	unsigned char origin_protocol; /**< one of enum lws_mount_protocols */
+	unsigned char mountpoint_len; /**< length of mountpoint string */
+
+	const char *basic_auth_login_file;
+	/**<NULL, or filepath to use to check basic auth logins against */
+
+	/* Add new things just above here ---^
+	 * This is part of the ABI, don't needlessly break compatibility
+	 *
+	 * The below is to ensure later library versions with new
+	 * members added above will see 0 (default) even if the app
+	 * was not built against the newer headers.
+	 */
+
+	void *_unused[2]; /**< dummy */
+};
+///@}
+///@}
+
+/*! \defgroup client Client related functions
+ * ##Client releated functions
+ * \ingroup lwsapi
+ *
+ * */
+///@{
+
+/** enum lws_client_connect_ssl_connection_flags - flags that may be used
+ * with struct lws_client_connect_info ssl_connection member to control if
+ * and how SSL checks apply to the client connection being created
+ */
+
+enum lws_client_connect_ssl_connection_flags {
+	LCCSCF_USE_SSL 				= (1 << 0),
+	LCCSCF_ALLOW_SELFSIGNED			= (1 << 1),
+	LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK	= (1 << 2),
+	LCCSCF_ALLOW_EXPIRED			= (1 << 3)
+};
+
+/** struct lws_client_connect_info - parameters to connect with when using
+ *				    lws_client_connect_via_info() */
+
+struct lws_client_connect_info {
+	struct lws_context *context;
+	/**< lws context to create connection in */
+	const char *address;
+	/**< remote address to connect to */
+	int port;
+	/**< remote port to connect to */
+	int ssl_connection;
+	/**< nonzero for ssl */
+	const char *path;
+	/**< uri path */
+	const char *host;
+	/**< content of host header */
+	const char *origin;
+	/**< content of origin header */
+	const char *protocol;
+	/**< list of ws protocols we could accept */
+	int ietf_version_or_minus_one;
+	/**< deprecated: currently leave at 0 or -1 */
+	void *userdata;
+	/**< if non-NULL, use this as wsi user_data instead of malloc it */
+	const void *client_exts;
+	/**< UNUSED... provide in info.extensions at context creation time */
+	const char *method;
+	/**< if non-NULL, do this http method instead of ws[s] upgrade.
+	 * use "GET" to be a simple http client connection */
+	struct lws *parent_wsi;
+	/**< if another wsi is responsible for this connection, give it here.
+	 * this is used to make sure if the parent closes so do any
+	 * child connections first. */
+	const char *uri_replace_from;
+	/**< if non-NULL, when this string is found in URIs in
+	 * text/html content-encoding, it's replaced with uri_replace_to */
+	const char *uri_replace_to;
+	/**< see uri_replace_from */
+	struct lws_vhost *vhost;
+	/**< vhost to bind to (used to determine related SSL_CTX) */
+	struct lws **pwsi;
+	/**< if not NULL, store the new wsi here early in the connection
+	 * process.  Although we return the new wsi, the call to create the
+	 * client connection does progress the connection somewhat and may
+	 * meet an error that will result in the connection being scrubbed and
+	 * NULL returned.  While the wsi exists though, he may process a
+	 * callback like CLIENT_CONNECTION_ERROR with his wsi: this gives the
+	 * user callback a way to identify which wsi it is that faced the error
+	 * even before the new wsi is returned and even if ultimately no wsi
+	 * is returned.
+	 */
+	const char *iface;
+	/**< NULL to allow routing on any interface, or interface name or IP
+	 * to bind the socket to */
+
+	/* Add new things just above here ---^
+	 * This is part of the ABI, don't needlessly break compatibility
+	 *
+	 * The below is to ensure later library versions with new
+	 * members added above will see 0 (default) even if the app
+	 * was not built against the newer headers.
+	 */
+
+	void *_unused[4]; /**< dummy */
+};
+
+/**
+ * lws_client_connect_via_info() - Connect to another websocket server
+ * \param ccinfo: pointer to lws_client_connect_info struct
+ *
+ *	This function creates a connection to a remote server using the
+ *	information provided in ccinfo.
+ */
+LWS_VISIBLE LWS_EXTERN struct lws *
+lws_client_connect_via_info(struct lws_client_connect_info * ccinfo);
+
+/**
+ * lws_client_connect() - Connect to another websocket server
+ * 		\deprecated DEPRECATED use lws_client_connect_via_info
+ * \param clients:	Websocket context
+ * \param address:	Remote server address, eg, "myserver.com"
+ * \param port:	Port to connect to on the remote server, eg, 80
+ * \param ssl_connection:	0 = ws://, 1 = wss:// encrypted, 2 = wss:// allow self
+ *			signed certs
+ * \param path:	Websocket path on server
+ * \param host:	Hostname on server
+ * \param origin:	Socket origin name
+ * \param protocol:	Comma-separated list of protocols being asked for from
+ *		the server, or just one.  The server will pick the one it
+ *		likes best.  If you don't want to specify a protocol, which is
+ *		legal, use NULL here.
+ * \param ietf_version_or_minus_one: -1 to ask to connect using the default, latest
+ *		protocol supported, or the specific protocol ordinal
+ *
+ *	This function creates a connection to a remote server
+ */
+/* deprecated, use lws_client_connect_via_info() */
+LWS_VISIBLE LWS_EXTERN struct lws * LWS_WARN_UNUSED_RESULT
+lws_client_connect(struct lws_context *clients, const char *address,
+		   int port, int ssl_connection, const char *path,
+		   const char *host, const char *origin, const char *protocol,
+		   int ietf_version_or_minus_one) LWS_WARN_DEPRECATED;
+/* deprecated, use lws_client_connect_via_info() */
+/**
+ * lws_client_connect_extended() - Connect to another websocket server
+ * 			\deprecated DEPRECATED use lws_client_connect_via_info
+ * \param clients:	Websocket context
+ * \param address:	Remote server address, eg, "myserver.com"
+ * \param port:	Port to connect to on the remote server, eg, 80
+ * \param ssl_connection:	0 = ws://, 1 = wss:// encrypted, 2 = wss:// allow self
+ *			signed certs
+ * \param path:	Websocket path on server
+ * \param host:	Hostname on server
+ * \param origin:	Socket origin name
+ * \param protocol:	Comma-separated list of protocols being asked for from
+ *		the server, or just one.  The server will pick the one it
+ *		likes best.
+ * \param ietf_version_or_minus_one: -1 to ask to connect using the default, latest
+ *		protocol supported, or the specific protocol ordinal
+ * \param userdata: Pre-allocated user data
+ *
+ *	This function creates a connection to a remote server
+ */
+LWS_VISIBLE LWS_EXTERN struct lws * LWS_WARN_UNUSED_RESULT
+lws_client_connect_extended(struct lws_context *clients, const char *address,
+			    int port, int ssl_connection, const char *path,
+			    const char *host, const char *origin,
+			    const char *protocol, int ietf_version_or_minus_one,
+			    void *userdata) LWS_WARN_DEPRECATED;
+
+/**
+ * lws_init_vhost_client_ssl() - also enable client SSL on an existing vhost
+ *
+ * \param info: client ssl related info
+ * \param vhost: which vhost to initialize client ssl operations on
+ *
+ * You only need to call this if you plan on using SSL client connections on
+ * the vhost.  For non-SSL client connections, it's not necessary to call this.
+ *
+ * The following members of info are used during the call
+ *
+ *	 - options must have LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT set,
+ *	     otherwise the call does nothing
+ *	 - provided_client_ssl_ctx must be NULL to get a generated client
+ *	     ssl context, otherwise you can pass a prepared one in by setting it
+ *	 - ssl_cipher_list may be NULL or set to the client valid cipher list
+ *	 - ssl_ca_filepath may be NULL or client cert filepath
+ *	 - ssl_cert_filepath may be NULL or client cert filepath
+ *	 - ssl_private_key_filepath may be NULL or client cert private key
+ *
+ * You must create your vhost explicitly if you want to use this, so you have
+ * a pointer to the vhost.  Create the context first with the option flag
+ * LWS_SERVER_OPTION_EXPLICIT_VHOSTS and then call lws_create_vhost() with
+ * the same info struct.
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_init_vhost_client_ssl(const struct lws_context_creation_info *info,
+			  struct lws_vhost *vhost);
+/**
+ * lws_http_client_read() - consume waiting received http client data
+ *
+ * \param wsi: client connection
+ * \param buf: pointer to buffer pointer - fill with pointer to your buffer
+ * \param len: pointer to chunk length - fill with max length of buffer
+ *
+ * This is called when the user code is notified client http data has arrived.
+ * The user code may choose to delay calling it to consume the data, for example
+ * waiting until an onward connection is writeable.
+ *
+ * For non-chunked connections, up to len bytes of buf are filled with the
+ * received content.  len is set to the actual amount filled before return.
+ *
+ * For chunked connections, the linear buffer content contains the chunking
+ * headers and it cannot be passed in one lump.  Instead, this function will
+ * call back LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ with in pointing to the
+ * chunk start and len set to the chunk length.  There will be as many calls
+ * as there are chunks or partial chunks in the buffer.
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_http_client_read(struct lws *wsi, char **buf, int *len);
+
+/**
+ * lws_http_client_http_response() - get last HTTP response code
+ *
+ * \param wsi: client connection
+ *
+ * Returns the last server response code, eg, 200 for client http connections.
+ */
+LWS_VISIBLE LWS_EXTERN unsigned int
+lws_http_client_http_response(struct lws *wsi);
+
+LWS_VISIBLE LWS_EXTERN void
+lws_client_http_body_pending(struct lws *wsi, int something_left_to_send);
+
+/**
+ * lws_client_http_body_pending() - control if client connection neeeds to send body
+ *
+ * \param wsi: client connection
+ * \param something_left_to_send: nonzero if need to send more body, 0 (default)
+ * 				if nothing more to send
+ *
+ * If you will send payload data with your HTTP client connection, eg, for POST,
+ * when you set the related http headers in
+ * LWS_CALLBACK_CLIENT_APPEND_HANDSHAKE_HEADER callback you should also call
+ * this API with something_left_to_send nonzero, and call
+ * lws_callback_on_writable(wsi);
+ *
+ * After sending the headers, lws will call your callback with
+ * LWS_CALLBACK_CLIENT_HTTP_WRITEABLE reason when writable.  You can send the
+ * next part of the http body payload, calling lws_callback_on_writable(wsi);
+ * if there is more to come, or lws_client_http_body_pending(wsi, 0); to
+ * let lws know the last part is sent and the connection can move on.
+ */
+
+///@}
+
+/** \defgroup service Built-in service loop entry
+ *
+ * ##Built-in service loop entry
+ *
+ * If you're not using libev / libuv, these apis are needed to enter the poll()
+ * wait in lws and service any connections with pending events.
+ */
+///@{
+
+/**
+ * lws_service() - Service any pending websocket activity
+ * \param context:	Websocket context
+ * \param timeout_ms:	Timeout for poll; 0 means return immediately if nothing needed
+ *		service otherwise block and service immediately, returning
+ *		after the timeout if nothing needed service.
+ *
+ *	This function deals with any pending websocket traffic, for three
+ *	kinds of event.  It handles these events on both server and client
+ *	types of connection the same.
+ *
+ *	1) Accept new connections to our context's server
+ *
+ *	2) Call the receive callback for incoming frame data received by
+ *	    server or client connections.
+ *
+ *	You need to call this service function periodically to all the above
+ *	functions to happen; if your application is single-threaded you can
+ *	just call it in your main event loop.
+ *
+ *	Alternatively you can fork a new process that asynchronously handles
+ *	calling this service in a loop.  In that case you are happy if this
+ *	call blocks your thread until it needs to take care of something and
+ *	would call it with a large nonzero timeout.  Your loop then takes no
+ *	CPU while there is nothing happening.
+ *
+ *	If you are calling it in a single-threaded app, you don't want it to
+ *	wait around blocking other things in your loop from happening, so you
+ *	would call it with a timeout_ms of 0, so it returns immediately if
+ *	nothing is pending, or as soon as it services whatever was pending.
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_service(struct lws_context *context, int timeout_ms);
+
+/**
+ * lws_service_tsi() - Service any pending websocket activity
+ *
+ * \param context:	Websocket context
+ * \param timeout_ms:	Timeout for poll; 0 means return immediately if nothing needed
+ *		service otherwise block and service immediately, returning
+ *		after the timeout if nothing needed service.
+ * \param tsi:		Thread service index, starting at 0
+ *
+ * Same as lws_service(), but for a specific thread service index.  Only needed
+ * if you are spawning multiple service threads.
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_service_tsi(struct lws_context *context, int timeout_ms, int tsi);
+
+/**
+ * lws_cancel_service_pt() - Cancel servicing of pending socket activity
+ *				on one thread
+ * \param wsi:	Cancel service on the thread this wsi is serviced by
+ *
+ *	This function lets a call to lws_service() waiting for a timeout
+ *	immediately return.
+ *
+ *	It works by creating a phony event and then swallowing it silently.
+ *
+ *	The reason it may be needed is when waiting in poll(), changes to
+ *	the event masks are ignored by the OS until poll() is reentered.  This
+ *	lets you halt the poll() wait and make the reentry happen immediately
+ *	instead of having the wait out the rest of the poll timeout.
+ */
+LWS_VISIBLE LWS_EXTERN void
+lws_cancel_service_pt(struct lws *wsi);
+
+/**
+ * lws_cancel_service() - Cancel wait for new pending socket activity
+ * \param context:	Websocket context
+ *
+ *	This function let a call to lws_service() waiting for a timeout
+ *	immediately return.
+ *
+ *	What it basically does is provide a fake event that will be swallowed,
+ *	so the wait in poll() is ended.  That's useful because poll() doesn't
+ *	attend to changes in POLLIN/OUT/ERR until it re-enters the wait.
+ */
+LWS_VISIBLE LWS_EXTERN void
+lws_cancel_service(struct lws_context *context);
+
+/**
+ * lws_service_fd() - Service polled socket with something waiting
+ * \param context:	Websocket context
+ * \param pollfd:	The pollfd entry describing the socket fd and which events
+ *		happened, or NULL to tell lws to do only timeout servicing.
+ *
+ * This function takes a pollfd that has POLLIN or POLLOUT activity and
+ * services it according to the state of the associated
+ * struct lws.
+ *
+ * The one call deals with all "service" that might happen on a socket
+ * including listen accepts, http files as well as websocket protocol.
+ *
+ * If a pollfd says it has something, you can just pass it to
+ * lws_service_fd() whether it is a socket handled by lws or not.
+ * If it sees it is a lws socket, the traffic will be handled and
+ * pollfd->revents will be zeroed now.
+ *
+ * If the socket is foreign to lws, it leaves revents alone.  So you can
+ * see if you should service yourself by checking the pollfd revents
+ * after letting lws try to service it.
+ *
+ * You should also call this with pollfd = NULL to just allow the
+ * once-per-second global timeout checks; if less than a second since the last
+ * check it returns immediately then.
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_service_fd(struct lws_context *context, struct lws_pollfd *pollfd);
+
+/**
+ * lws_service_fd_tsi() - Service polled socket in specific service thread
+ * \param context:	Websocket context
+ * \param pollfd:	The pollfd entry describing the socket fd and which events
+ *		happened.
+ * \param tsi: thread service index
+ *
+ * Same as lws_service_fd() but used with multiple service threads
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_service_fd_tsi(struct lws_context *context, struct lws_pollfd *pollfd,
+		   int tsi);
+
+/**
+ * lws_service_adjust_timeout() - Check for any connection needing forced service
+ * \param context:	Websocket context
+ * \param timeout_ms:	The original poll timeout value.  You can just set this
+ *			to 1 if you don't really have a poll timeout.
+ * \param tsi: thread service index
+ *
+ * Under some conditions connections may need service even though there is no
+ * pending network action on them, this is "forced service".  For default
+ * poll() and libuv / libev, the library takes care of calling this and
+ * dealing with it for you.  But for external poll() integration, you need
+ * access to the apis.
+ *
+ * If anybody needs "forced service", returned timeout is zero.  In that case,
+ * you can call lws_service_tsi() with a timeout of -1 to only service
+ * guys who need forced service.
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_service_adjust_timeout(struct lws_context *context, int timeout_ms, int tsi);
+
+/* Backwards compatibility */
+#define lws_plat_service_tsi lws_service_tsi
+
+LWS_VISIBLE LWS_EXTERN int
+lws_handle_POLLOUT_event(struct lws *wsi, struct lws_pollfd *pollfd);
+
+///@}
+
+/*! \defgroup http HTTP
+
+    Modules related to handling HTTP
+*/
+//@{
+
+/*! \defgroup httpft HTTP File transfer
+ * \ingroup http
+
+    APIs for sending local files in response to HTTP requests
+*/
+//@{
+
+/**
+ * lws_get_mimetype() - Determine mimetype to use from filename
+ *
+ * \param file:		filename
+ * \param m:		NULL, or mount context
+ *
+ * This uses a canned list of known filetypes first, if no match and m is
+ * non-NULL, then tries a list of per-mount file suffix to mimtype mappings.
+ *
+ * Returns either NULL or a pointer to the mimetype matching the file.
+ */
+LWS_VISIBLE LWS_EXTERN const char *
+lws_get_mimetype(const char *file, const struct lws_http_mount *m);
+
+/**
+ * lws_serve_http_file() - Send a file back to the client using http
+ * \param wsi:		Websocket instance (available from user callback)
+ * \param file:		The file to issue over http
+ * \param content_type:	The http content type, eg, text/html
+ * \param other_headers:	NULL or pointer to header string
+ * \param other_headers_len:	length of the other headers if non-NULL
+ *
+ *	This function is intended to be called from the callback in response
+ *	to http requests from the client.  It allows the callback to issue
+ *	local files down the http link in a single step.
+ *
+ *	Returning <0 indicates error and the wsi should be closed.  Returning
+ *	>0 indicates the file was completely sent and
+ *	lws_http_transaction_completed() called on the wsi (and close if != 0)
+ *	==0 indicates the file transfer is started and needs more service later,
+ *	the wsi should be left alone.
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_serve_http_file(struct lws *wsi, const char *file, const char *content_type,
+		    const char *other_headers, int other_headers_len);
+
+LWS_VISIBLE LWS_EXTERN int
+lws_serve_http_file_fragment(struct lws *wsi);
+//@}
+
+
+enum http_status {
+	HTTP_STATUS_CONTINUE					= 100,
+
+	HTTP_STATUS_OK						= 200,
+	HTTP_STATUS_NO_CONTENT					= 204,
+	HTTP_STATUS_PARTIAL_CONTENT				= 206,
+
+	HTTP_STATUS_MOVED_PERMANENTLY				= 301,
+	HTTP_STATUS_FOUND					= 302,
+	HTTP_STATUS_SEE_OTHER					= 303,
+	HTTP_STATUS_NOT_MODIFIED				= 304,
+
+	HTTP_STATUS_BAD_REQUEST					= 400,
+	HTTP_STATUS_UNAUTHORIZED,
+	HTTP_STATUS_PAYMENT_REQUIRED,
+	HTTP_STATUS_FORBIDDEN,
+	HTTP_STATUS_NOT_FOUND,
+	HTTP_STATUS_METHOD_NOT_ALLOWED,
+	HTTP_STATUS_NOT_ACCEPTABLE,
+	HTTP_STATUS_PROXY_AUTH_REQUIRED,
+	HTTP_STATUS_REQUEST_TIMEOUT,
+	HTTP_STATUS_CONFLICT,
+	HTTP_STATUS_GONE,
+	HTTP_STATUS_LENGTH_REQUIRED,
+	HTTP_STATUS_PRECONDITION_FAILED,
+	HTTP_STATUS_REQ_ENTITY_TOO_LARGE,
+	HTTP_STATUS_REQ_URI_TOO_LONG,
+	HTTP_STATUS_UNSUPPORTED_MEDIA_TYPE,
+	HTTP_STATUS_REQ_RANGE_NOT_SATISFIABLE,
+	HTTP_STATUS_EXPECTATION_FAILED,
+
+	HTTP_STATUS_INTERNAL_SERVER_ERROR			= 500,
+	HTTP_STATUS_NOT_IMPLEMENTED,
+	HTTP_STATUS_BAD_GATEWAY,
+	HTTP_STATUS_SERVICE_UNAVAILABLE,
+	HTTP_STATUS_GATEWAY_TIMEOUT,
+	HTTP_STATUS_HTTP_VERSION_NOT_SUPPORTED,
+};
+/*! \defgroup html-chunked-substitution HTML Chunked Substitution
+ * \ingroup http
+ *
+ * ##HTML chunked Substitution
+ *
+ * APIs for receiving chunks of text, replacing a set of variable names via
+ * a callback, and then prepending and appending HTML chunked encoding
+ * headers.
+ */
+//@{
+
+struct lws_process_html_args {
+	char *p; /**< pointer to the buffer containing the data */
+	int len; /**< length of the original data at p */
+	int max_len; /**< maximum length we can grow the data to */
+	int final; /**< set if this is the last chunk of the file */
+};
+
+typedef const char *(*lws_process_html_state_cb)(void *data, int index);
+
+struct lws_process_html_state {
+	char *start; /**< pointer to start of match */
+	char swallow[16]; /**< matched character buffer */
+	int pos; /**< position in match */
+	void *data; /**< opaque pointer */
+	const char * const *vars; /**< list of variable names */
+	int count_vars; /**< count of variable names */
+
+	lws_process_html_state_cb replace; /**< called on match to perform substitution */
+};
+
+/*! lws_chunked_html_process() - generic chunked substitution
+ * \param args: buffer to process using chunked encoding
+ * \param s: current processing state
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_chunked_html_process(struct lws_process_html_args *args,
+			 struct lws_process_html_state *s);
+//@}
+
+/** \defgroup HTTP-headers-read HTTP headers: read
+ * \ingroup http
+ *
+ * ##HTTP header releated functions
+ *
+ *  In lws the client http headers are temporarily stored in a pool, only for the
+ *  duration of the http part of the handshake.  It's because in most cases,
+ *  the header content is ignored for the whole rest of the connection lifetime
+ *  and would then just be taking up space needlessly.
+ *
+ *  During LWS_CALLBACK_HTTP when the URI path is delivered is the last time
+ *  the http headers are still allocated, you can use these apis then to
+ *  look at and copy out interesting header content (cookies, etc)
+ *
+ *  Notice that the header total length reported does not include a terminating
+ *  '\0', however you must allocate for it when using the _copy apis.  So the
+ *  length reported for a header containing "123" is 3, but you must provide
+ *  a buffer of length 4 so that "123\0" may be copied into it, or the copy
+ *  will fail with a nonzero return code.
+ *
+ *  In the special case of URL arguments, like ?x=1&y=2, the arguments are
+ *  stored in a token named for the method, eg,  WSI_TOKEN_GET_URI if it
+ *  was a GET or WSI_TOKEN_POST_URI if POST.  You can check the total
+ *  length to confirm the method.
+ *
+ *  For URL arguments, each argument is stored urldecoded in a "fragment", so
+ *  you can use the fragment-aware api lws_hdr_copy_fragment() to access each
+ *  argument in turn: the fragments contain urldecoded strings like x=1 or y=2.
+ *
+ *  As a convenience, lws has an api that will find the fragment with a
+ *  given name= part, lws_get_urlarg_by_name().
+ */
+///@{
+
+/** struct lws_tokens
+ * you need these to look at headers that have been parsed if using the
+ * LWS_CALLBACK_FILTER_CONNECTION callback.  If a header from the enum
+ * list below is absent, .token = NULL and token_len = 0.  Otherwise .token
+ * points to .token_len chars containing that header content.
+ */
+struct lws_tokens {
+	char *token; /**< pointer to start of the token */
+	int token_len; /**< length of the token's value */
+};
+
+/* enum lws_token_indexes
+ * these have to be kept in sync with lextable.h / minilex.c
+ *
+ * NOTE: These public enums are part of the abi.  If you want to add one,
+ * add it at where specified so existing users are unaffected.
+ */
+enum lws_token_indexes {
+	WSI_TOKEN_GET_URI					=  0,
+	WSI_TOKEN_POST_URI					=  1,
+	WSI_TOKEN_OPTIONS_URI					=  2,
+	WSI_TOKEN_HOST						=  3,
+	WSI_TOKEN_CONNECTION					=  4,
+	WSI_TOKEN_UPGRADE					=  5,
+	WSI_TOKEN_ORIGIN					=  6,
+	WSI_TOKEN_DRAFT						=  7,
+	WSI_TOKEN_CHALLENGE					=  8,
+	WSI_TOKEN_EXTENSIONS					=  9,
+	WSI_TOKEN_KEY1						= 10,
+	WSI_TOKEN_KEY2						= 11,
+	WSI_TOKEN_PROTOCOL					= 12,
+	WSI_TOKEN_ACCEPT					= 13,
+	WSI_TOKEN_NONCE						= 14,
+	WSI_TOKEN_HTTP						= 15,
+	WSI_TOKEN_HTTP2_SETTINGS				= 16,
+	WSI_TOKEN_HTTP_ACCEPT					= 17,
+	WSI_TOKEN_HTTP_AC_REQUEST_HEADERS			= 18,
+	WSI_TOKEN_HTTP_IF_MODIFIED_SINCE			= 19,
+	WSI_TOKEN_HTTP_IF_NONE_MATCH				= 20,
+	WSI_TOKEN_HTTP_ACCEPT_ENCODING				= 21,
+	WSI_TOKEN_HTTP_ACCEPT_LANGUAGE				= 22,
+	WSI_TOKEN_HTTP_PRAGMA					= 23,
+	WSI_TOKEN_HTTP_CACHE_CONTROL				= 24,
+	WSI_TOKEN_HTTP_AUTHORIZATION				= 25,
+	WSI_TOKEN_HTTP_COOKIE					= 26,
+	WSI_TOKEN_HTTP_CONTENT_LENGTH				= 27,
+	WSI_TOKEN_HTTP_CONTENT_TYPE				= 28,
+	WSI_TOKEN_HTTP_DATE					= 29,
+	WSI_TOKEN_HTTP_RANGE					= 30,
+	WSI_TOKEN_HTTP_REFERER					= 31,
+	WSI_TOKEN_KEY						= 32,
+	WSI_TOKEN_VERSION					= 33,
+	WSI_TOKEN_SWORIGIN					= 34,
+
+	WSI_TOKEN_HTTP_COLON_AUTHORITY				= 35,
+	WSI_TOKEN_HTTP_COLON_METHOD				= 36,
+	WSI_TOKEN_HTTP_COLON_PATH				= 37,
+	WSI_TOKEN_HTTP_COLON_SCHEME				= 38,
+	WSI_TOKEN_HTTP_COLON_STATUS				= 39,
+
+	WSI_TOKEN_HTTP_ACCEPT_CHARSET				= 40,
+	WSI_TOKEN_HTTP_ACCEPT_RANGES				= 41,
+	WSI_TOKEN_HTTP_ACCESS_CONTROL_ALLOW_ORIGIN		= 42,
+	WSI_TOKEN_HTTP_AGE					= 43,
+	WSI_TOKEN_HTTP_ALLOW					= 44,
+	WSI_TOKEN_HTTP_CONTENT_DISPOSITION			= 45,
+	WSI_TOKEN_HTTP_CONTENT_ENCODING				= 46,
+	WSI_TOKEN_HTTP_CONTENT_LANGUAGE				= 47,
+	WSI_TOKEN_HTTP_CONTENT_LOCATION				= 48,
+	WSI_TOKEN_HTTP_CONTENT_RANGE				= 49,
+	WSI_TOKEN_HTTP_ETAG					= 50,
+	WSI_TOKEN_HTTP_EXPECT					= 51,
+	WSI_TOKEN_HTTP_EXPIRES					= 52,
+	WSI_TOKEN_HTTP_FROM					= 53,
+	WSI_TOKEN_HTTP_IF_MATCH					= 54,
+	WSI_TOKEN_HTTP_IF_RANGE					= 55,
+	WSI_TOKEN_HTTP_IF_UNMODIFIED_SINCE			= 56,
+	WSI_TOKEN_HTTP_LAST_MODIFIED				= 57,
+	WSI_TOKEN_HTTP_LINK					= 58,
+	WSI_TOKEN_HTTP_LOCATION					= 59,
+	WSI_TOKEN_HTTP_MAX_FORWARDS				= 60,
+	WSI_TOKEN_HTTP_PROXY_AUTHENTICATE			= 61,
+	WSI_TOKEN_HTTP_PROXY_AUTHORIZATION			= 62,
+	WSI_TOKEN_HTTP_REFRESH					= 63,
+	WSI_TOKEN_HTTP_RETRY_AFTER				= 64,
+	WSI_TOKEN_HTTP_SERVER					= 65,
+	WSI_TOKEN_HTTP_SET_COOKIE				= 66,
+	WSI_TOKEN_HTTP_STRICT_TRANSPORT_SECURITY		= 67,
+	WSI_TOKEN_HTTP_TRANSFER_ENCODING			= 68,
+	WSI_TOKEN_HTTP_USER_AGENT				= 69,
+	WSI_TOKEN_HTTP_VARY					= 70,
+	WSI_TOKEN_HTTP_VIA					= 71,
+	WSI_TOKEN_HTTP_WWW_AUTHENTICATE				= 72,
+
+	WSI_TOKEN_PATCH_URI					= 73,
+	WSI_TOKEN_PUT_URI					= 74,
+	WSI_TOKEN_DELETE_URI					= 75,
+
+	WSI_TOKEN_HTTP_URI_ARGS					= 76,
+	WSI_TOKEN_PROXY						= 77,
+	WSI_TOKEN_HTTP_X_REAL_IP				= 78,
+	WSI_TOKEN_HTTP1_0					= 79,
+	WSI_TOKEN_X_FORWARDED_FOR				= 80,
+	WSI_TOKEN_CONNECT					= 81,
+	WSI_TOKEN_HEAD_URI					= 82,
+	WSI_TOKEN_TE						= 83,
+	/****** add new things just above ---^ ******/
+
+	/* use token storage to stash these internally, not for
+	 * user use */
+
+	_WSI_TOKEN_CLIENT_SENT_PROTOCOLS,
+	_WSI_TOKEN_CLIENT_PEER_ADDRESS,
+	_WSI_TOKEN_CLIENT_URI,
+	_WSI_TOKEN_CLIENT_HOST,
+	_WSI_TOKEN_CLIENT_ORIGIN,
+	_WSI_TOKEN_CLIENT_METHOD,
+	_WSI_TOKEN_CLIENT_IFACE,
+
+	/* always last real token index*/
+	WSI_TOKEN_COUNT,
+
+	/* parser state additions, no storage associated */
+	WSI_TOKEN_NAME_PART,
+	WSI_TOKEN_SKIPPING,
+	WSI_TOKEN_SKIPPING_SAW_CR,
+	WSI_PARSING_COMPLETE,
+	WSI_INIT_TOKEN_MUXURL,
+};
+
+struct lws_token_limits {
+	unsigned short token_limit[WSI_TOKEN_COUNT]; /**< max chars for this token */
+};
+
+/**
+ * lws_token_to_string() - returns a textual representation of a hdr token index
+ *
+ * \param token: token index
+ */
+LWS_VISIBLE LWS_EXTERN const unsigned char *
+lws_token_to_string(enum lws_token_indexes token);
+
+/**
+ * lws_hdr_total_length: report length of all fragments of a header totalled up
+ *		The returned length does not include the space for a
+ *		terminating '\0'
+ *
+ * \param wsi: websocket connection
+ * \param h: which header index we are interested in
+ */
+LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_hdr_total_length(struct lws *wsi, enum lws_token_indexes h);
+
+/**
+ * lws_hdr_fragment_length: report length of a single fragment of a header
+ *		The returned length does not include the space for a
+ *		terminating '\0'
+ *
+ * \param wsi: websocket connection
+ * \param h: which header index we are interested in
+ * \param frag_idx: which fragment of h we want to get the length of
+ */
+LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_hdr_fragment_length(struct lws *wsi, enum lws_token_indexes h, int frag_idx);
+
+/**
+ * lws_hdr_copy() - copy a single fragment of the given header to a buffer
+ *		The buffer length len must include space for an additional
+ *		terminating '\0', or it will fail returning -1.
+ *
+ * \param wsi: websocket connection
+ * \param dest: destination buffer
+ * \param len: length of destination buffer
+ * \param h: which header index we are interested in
+ *
+ * copies the whole, aggregated header, even if it was delivered in
+ * several actual headers piece by piece
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_hdr_copy(struct lws *wsi, char *dest, int len, enum lws_token_indexes h);
+
+/**
+ * lws_hdr_copy_fragment() - copy a single fragment of the given header to a buffer
+ *		The buffer length len must include space for an additional
+ *		terminating '\0', or it will fail returning -1.
+ *		If the requested fragment index is not present, it fails
+ *		returning -1.
+ *
+ * \param wsi: websocket connection
+ * \param dest: destination buffer
+ * \param len: length of destination buffer
+ * \param h: which header index we are interested in
+ * \param frag_idx: which fragment of h we want to copy
+ *
+ * Normally this is only useful
+ * to parse URI arguments like ?x=1&y=2, token index WSI_TOKEN_HTTP_URI_ARGS
+ * fragment 0 will contain "x=1" and fragment 1 "y=2"
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_hdr_copy_fragment(struct lws *wsi, char *dest, int len,
+		      enum lws_token_indexes h, int frag_idx);
+
+/**
+ * lws_get_urlarg_by_name() - return pointer to arg value if present
+ * \param wsi: the connection to check
+ * \param name: the arg name, like "token="
+ * \param buf: the buffer to receive the urlarg (including the name= part)
+ * \param len: the length of the buffer to receive the urlarg
+ *
+ *     Returns NULL if not found or a pointer inside buf to just after the
+ *     name= part.
+ */
+LWS_VISIBLE LWS_EXTERN const char *
+lws_get_urlarg_by_name(struct lws *wsi, const char *name, char *buf, int len);
+///@}
+
+/*! \defgroup HTTP-headers-create HTTP headers: create
+ *
+ * ## HTTP headers: Create
+ *
+ * These apis allow you to create HTTP response headers in a way compatible with
+ * both HTTP/1.x and HTTP/2.
+ *
+ * They each append to a buffer taking care about the buffer end, which is
+ * passed in as a pointer.  When data is written to the buffer, the current
+ * position p is updated accordingly.
+ *
+ * All of these apis are LWS_WARN_UNUSED_RESULT as they can run out of space
+ * and fail with nonzero return.
+ */
+///@{
+
+#define LWSAHH_CODE_MASK			((1 << 16) - 1)
+#define LWSAHH_FLAG_NO_SERVER_NAME		(1 << 30)
+
+/**
+ * lws_add_http_header_status() - add the HTTP response status code
+ *
+ * \param wsi: the connection to check
+ * \param code: an HTTP code like 200, 404 etc (see enum http_status)
+ * \param p: pointer to current position in buffer pointer
+ * \param end: pointer to end of buffer
+ *
+ * Adds the initial response code, so should be called first.
+ *
+ * Code may additionally take OR'd flags:
+ *
+ *    LWSAHH_FLAG_NO_SERVER_NAME:  don't apply server name header this time
+ */
+LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_add_http_header_status(struct lws *wsi,
+			   unsigned int code, unsigned char **p,
+			   unsigned char *end);
+/**
+ * lws_add_http_header_by_name() - append named header and value
+ *
+ * \param wsi: the connection to check
+ * \param name: the hdr name, like "my-header"
+ * \param value: the value after the = for this header
+ * \param length: the length of the value
+ * \param p: pointer to current position in buffer pointer
+ * \param end: pointer to end of buffer
+ *
+ * Appends name: value to the headers
+ */
+LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_add_http_header_by_name(struct lws *wsi, const unsigned char *name,
+			    const unsigned char *value, int length,
+			    unsigned char **p, unsigned char *end);
+/**
+ * lws_add_http_header_by_token() - append given header and value
+ *
+ * \param wsi: the connection to check
+ * \param token: the token index for the hdr
+ * \param value: the value after the = for this header
+ * \param length: the length of the value
+ * \param p: pointer to current position in buffer pointer
+ * \param end: pointer to end of buffer
+ *
+ * Appends name=value to the headers, but is able to take advantage of better
+ * HTTP/2 coding mechanisms where possible.
+ */
+LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_add_http_header_by_token(struct lws *wsi, enum lws_token_indexes token,
+			     const unsigned char *value, int length,
+			     unsigned char **p, unsigned char *end);
+/**
+ * lws_add_http_header_content_length() - append content-length helper
+ *
+ * \param wsi: the connection to check
+ * \param content_length: the content length to use
+ * \param p: pointer to current position in buffer pointer
+ * \param end: pointer to end of buffer
+ *
+ * Appends content-length: content_length to the headers
+ */
+LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_add_http_header_content_length(struct lws *wsi,
+				   lws_filepos_t content_length,
+				   unsigned char **p, unsigned char *end);
+/**
+ * lws_finalize_http_header() - terminate header block
+ *
+ * \param wsi: the connection to check
+ * \param p: pointer to current position in buffer pointer
+ * \param end: pointer to end of buffer
+ *
+ * Indicates no more headers will be added
+ */
+LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_finalize_http_header(struct lws *wsi, unsigned char **p,
+			 unsigned char *end);
+///@}
+
+/** \defgroup form-parsing  Form Parsing
+ * \ingroup http
+ * ##POSTed form parsing functions
+ *
+ * These lws_spa (stateful post arguments) apis let you parse and urldecode
+ * POSTed form arguments, both using simple urlencoded and multipart transfer
+ * encoding.
+ *
+ * It's capable of handling file uploads as well a named input parsing,
+ * and the apis are the same for both form upload styles.
+ *
+ * You feed it a list of parameter names and it creates pointers to the
+ * urldecoded arguments: file upload parameters pass the file data in chunks to
+ * a user-supplied callback as they come.
+ *
+ * Since it's stateful, it handles the incoming data needing more than one
+ * POST_BODY callback and has no limit on uploaded file size.
+ */
+///@{
+
+/** enum lws_spa_fileupload_states */
+enum lws_spa_fileupload_states {
+	LWS_UFS_CONTENT,
+	/**< a chunk of file content has arrived */
+	LWS_UFS_FINAL_CONTENT,
+	/**< the last chunk (possibly zero length) of file content has arrived */
+	LWS_UFS_OPEN
+	/**< a new file is starting to arrive */
+};
+
+/**
+ * lws_spa_fileupload_cb() - callback to receive file upload data
+ *
+ * \param data: opt_data pointer set in lws_spa_create
+ * \param name: name of the form field being uploaded
+ * \param filename: original filename from client
+ * \param buf: start of data to receive
+ * \param len: length of data to receive
+ * \param state: information about how this call relates to file
+ *
+ * Notice name and filename shouldn't be trusted, as they are passed from
+ * HTTP provided by the client.
+ */
+typedef int (*lws_spa_fileupload_cb)(void *data, const char *name,
+			const char *filename, char *buf, int len,
+			enum lws_spa_fileupload_states state);
+
+/** struct lws_spa - opaque urldecode parser capable of handling multipart
+ *			and file uploads */
+struct lws_spa;
+
+/**
+ * lws_spa_create() - create urldecode parser
+ *
+ * \param wsi: lws connection (used to find Content Type)
+ * \param param_names: array of form parameter names, like "username"
+ * \param count_params: count of param_names
+ * \param max_storage: total amount of form parameter values we can store
+ * \param opt_cb: NULL, or callback to receive file upload data.
+ * \param opt_data: NULL, or user pointer provided to opt_cb.
+ *
+ * Creates a urldecode parser and initializes it.
+ *
+ * opt_cb can be NULL if you just want normal name=value parsing, however
+ * if one or more entries in your form are bulk data (file transfer), you
+ * can provide this callback and filter on the name callback parameter to
+ * treat that urldecoded data separately.  The callback should return -1
+ * in case of fatal error, and 0 if OK.
+ */
+LWS_VISIBLE LWS_EXTERN struct lws_spa *
+lws_spa_create(struct lws *wsi, const char * const *param_names,
+	       int count_params, int max_storage, lws_spa_fileupload_cb opt_cb,
+	       void *opt_data);
+
+/**
+ * lws_spa_process() - parses a chunk of input data
+ *
+ * \param spa: the parser object previously created
+ * \param in: incoming, urlencoded data
+ * \param len: count of bytes valid at \param in
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_spa_process(struct lws_spa *spa, const char *in, int len);
+
+/**
+ * lws_spa_finalize() - indicate incoming data completed
+ *
+ * \param spa: the parser object previously created
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_spa_finalize(struct lws_spa *spa);
+
+/**
+ * lws_spa_get_length() - return length of parameter value
+ *
+ * \param spa: the parser object previously created
+ * \param n: parameter ordinal to return length of value for
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_spa_get_length(struct lws_spa *spa, int n);
+
+/**
+ * lws_spa_get_string() - return pointer to parameter value
+ * \param spa: the parser object previously created
+ * \param n: parameter ordinal to return pointer to value for
+ */
+LWS_VISIBLE LWS_EXTERN const char *
+lws_spa_get_string(struct lws_spa *spa, int n);
+
+/**
+ * lws_spa_destroy() - destroy parser object
+ *
+ * \param spa: the parser object previously created
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_spa_destroy(struct lws_spa *spa);
+///@}
+
+/*! \defgroup urlendec Urlencode and Urldecode
+ * \ingroup http
+ *
+ * ##HTML chunked Substitution
+ *
+ * APIs for receiving chunks of text, replacing a set of variable names via
+ * a callback, and then prepending and appending HTML chunked encoding
+ * headers.
+ */
+//@{
+
+/**
+ * lws_urlencode() - like strncpy but with urlencoding
+ *
+ * \param escaped: output buffer
+ * \param string: input buffer ('/0' terminated)
+ * \param len: output buffer max length
+ *
+ * Because urlencoding expands the output string, it's not
+ * possible to do it in-place, ie, with escaped == string
+ */
+LWS_VISIBLE LWS_EXTERN const char *
+lws_urlencode(char *escaped, const char *string, int len);
+
+/*
+ * URLDECODE 1 / 2
+ *
+ * This simple urldecode only operates until the first '\0' and requires the
+ * data to exist all at once
+ */
+/**
+ * lws_urldecode() - like strncpy but with urldecoding
+ *
+ * \param string: output buffer
+ * \param escaped: input buffer ('\0' terminated)
+ * \param len: output buffer max length
+ *
+ * This is only useful for '\0' terminated strings
+ *
+ * Since urldecoding only shrinks the output string, it is possible to
+ * do it in-place, ie, string == escaped
+ *
+ * Returns 0 if completed OK or nonzero for urldecode violation (non-hex chars
+ * where hex required, etc)
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_urldecode(char *string, const char *escaped, int len);
+///@}
+/**
+ * lws_return_http_status() - Return simple http status
+ * \param wsi:		Websocket instance (available from user callback)
+ * \param code:		Status index, eg, 404
+ * \param html_body:		User-readable HTML description < 1KB, or NULL
+ *
+ *	Helper to report HTTP errors back to the client cleanly and
+ *	consistently
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_return_http_status(struct lws *wsi, unsigned int code,
+		       const char *html_body);
+
+/**
+ * lws_http_redirect() - write http redirect into buffer
+ *
+ * \param wsi:	websocket connection
+ * \param code:	HTTP response code (eg, 301)
+ * \param loc:	where to redirect to
+ * \param len:	length of loc
+ * \param p:	pointer current position in buffer (updated as we write)
+ * \param end:	pointer to end of buffer
+ */
+LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_http_redirect(struct lws *wsi, int code, const unsigned char *loc, int len,
+		  unsigned char **p, unsigned char *end);
+
+/**
+ * lws_http_transaction_completed() - wait for new http transaction or close
+ * \param wsi:	websocket connection
+ *
+ *	Returns 1 if the HTTP connection must close now
+ *	Returns 0 and resets connection to wait for new HTTP header /
+ *	  transaction if possible
+ */
+LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_http_transaction_completed(struct lws *wsi);
+///@}
+
+/*! \defgroup pur Sanitize / purify SQL and JSON helpers
+ *
+ * ##Sanitize / purify SQL and JSON helpers
+ *
+ * APIs for escaping untrusted JSON and SQL safely before use
+ */
+//@{
+
+/**
+ * lws_sql_purify() - like strncpy but with escaping for sql quotes
+ *
+ * \param escaped: output buffer
+ * \param string: input buffer ('/0' terminated)
+ * \param len: output buffer max length
+ *
+ * Because escaping expands the output string, it's not
+ * possible to do it in-place, ie, with escaped == string
+ */
+LWS_VISIBLE LWS_EXTERN const char *
+lws_sql_purify(char *escaped, const char *string, int len);
+
+/**
+ * lws_json_purify() - like strncpy but with escaping for json chars
+ *
+ * \param escaped: output buffer
+ * \param string: input buffer ('/0' terminated)
+ * \param len: output buffer max length
+ *
+ * Because escaping expands the output string, it's not
+ * possible to do it in-place, ie, with escaped == string
+ */
+LWS_VISIBLE LWS_EXTERN const char *
+lws_json_purify(char *escaped, const char *string, int len);
+///@}
+
+/*! \defgroup ev libev helpers
+ *
+ * ##libev helpers
+ *
+ * APIs specific to libev event loop itegration
+ */
+///@{
+
+#ifdef LWS_WITH_LIBEV
+typedef void (lws_ev_signal_cb_t)(EV_P_ struct ev_signal *w, int revents);
+
+LWS_VISIBLE LWS_EXTERN int
+lws_ev_sigint_cfg(struct lws_context *context, int use_ev_sigint,
+		  lws_ev_signal_cb_t *cb);
+
+LWS_VISIBLE LWS_EXTERN int
+lws_ev_initloop(struct lws_context *context, struct ev_loop *loop, int tsi);
+
+LWS_VISIBLE LWS_EXTERN void
+lws_ev_sigint_cb(struct ev_loop *loop, struct ev_signal *watcher, int revents);
+#endif /* LWS_WITH_LIBEV */
+
+///@}
+
+/*! \defgroup uv libuv helpers
+ *
+ * ##libuv helpers
+ *
+ * APIs specific to libuv event loop itegration
+ */
+///@{
+#ifdef LWS_WITH_LIBUV
+LWS_VISIBLE LWS_EXTERN int
+lws_uv_sigint_cfg(struct lws_context *context, int use_uv_sigint,
+		  uv_signal_cb cb);
+
+LWS_VISIBLE LWS_EXTERN void
+lws_libuv_run(const struct lws_context *context, int tsi);
+
+LWS_VISIBLE LWS_EXTERN void
+lws_libuv_stop(struct lws_context *context);
+
+LWS_VISIBLE LWS_EXTERN void
+lws_libuv_stop_without_kill(const struct lws_context *context, int tsi);
+
+LWS_VISIBLE LWS_EXTERN int
+lws_uv_initloop(struct lws_context *context, uv_loop_t *loop, int tsi);
+
+LWS_VISIBLE LWS_EXTERN uv_loop_t *
+lws_uv_getloop(struct lws_context *context, int tsi);
+
+LWS_VISIBLE LWS_EXTERN void
+lws_uv_sigint_cb(uv_signal_t *watcher, int signum);
+
+LWS_VISIBLE LWS_EXTERN void
+lws_close_all_handles_in_loop(uv_loop_t *loop);
+#endif /* LWS_WITH_LIBUV */
+///@}
+
+/*! \defgroup event libevent helpers
+ *
+ * ##libevent helpers
+ *
+ * APIs specific to libevent event loop itegration
+ */
+///@{
+
+#ifdef LWS_WITH_LIBEVENT
+typedef void (lws_event_signal_cb_t) (evutil_socket_t sock_fd, short revents,
+		  void *ctx);
+
+LWS_VISIBLE LWS_EXTERN int
+lws_event_sigint_cfg(struct lws_context *context, int use_event_sigint,
+		  lws_event_signal_cb_t cb);
+
+LWS_VISIBLE LWS_EXTERN int
+lws_event_initloop(struct lws_context *context, struct event_base *loop,
+		  int tsi);
+
+LWS_VISIBLE LWS_EXTERN void
+lws_event_sigint_cb(evutil_socket_t sock_fd, short revents,
+		  void *ctx);
+#endif /* LWS_WITH_LIBEVENT */
+
+///@}
+
+/*! \defgroup timeout Connection timeouts
+
+    APIs related to setting connection timeouts
+*/
+//@{
+
+/*
+ * NOTE: These public enums are part of the abi.  If you want to add one,
+ * add it at where specified so existing users are unaffected.
+ */
+enum pending_timeout {
+	NO_PENDING_TIMEOUT					=  0,
+	PENDING_TIMEOUT_AWAITING_PROXY_RESPONSE			=  1,
+	PENDING_TIMEOUT_AWAITING_CONNECT_RESPONSE		=  2,
+	PENDING_TIMEOUT_ESTABLISH_WITH_SERVER			=  3,
+	PENDING_TIMEOUT_AWAITING_SERVER_RESPONSE		=  4,
+	PENDING_TIMEOUT_AWAITING_PING				=  5,
+	PENDING_TIMEOUT_CLOSE_ACK				=  6,
+	PENDING_TIMEOUT_AWAITING_EXTENSION_CONNECT_RESPONSE	=  7,
+	PENDING_TIMEOUT_SENT_CLIENT_HANDSHAKE			=  8,
+	PENDING_TIMEOUT_SSL_ACCEPT				=  9,
+	PENDING_TIMEOUT_HTTP_CONTENT				= 10,
+	PENDING_TIMEOUT_AWAITING_CLIENT_HS_SEND			= 11,
+	PENDING_FLUSH_STORED_SEND_BEFORE_CLOSE			= 12,
+	PENDING_TIMEOUT_SHUTDOWN_FLUSH				= 13,
+	PENDING_TIMEOUT_CGI					= 14,
+	PENDING_TIMEOUT_HTTP_KEEPALIVE_IDLE			= 15,
+	PENDING_TIMEOUT_WS_PONG_CHECK_SEND_PING			= 16,
+	PENDING_TIMEOUT_WS_PONG_CHECK_GET_PONG			= 17,
+	PENDING_TIMEOUT_CLIENT_ISSUE_PAYLOAD			= 18,
+	PENDING_TIMEOUT_AWAITING_SOCKS_GREETING_REPLY	        = 19,
+	PENDING_TIMEOUT_AWAITING_SOCKS_CONNECT_REPLY		= 20,
+	PENDING_TIMEOUT_AWAITING_SOCKS_AUTH_REPLY		= 21,
+	PENDING_TIMEOUT_KILLED_BY_SSL_INFO			= 22,
+	PENDING_TIMEOUT_KILLED_BY_PARENT			= 23,
+	PENDING_TIMEOUT_CLOSE_SEND				= 24,
+	PENDING_TIMEOUT_HOLDING_AH				= 25,
+
+	/****** add new things just above ---^ ******/
+
+	PENDING_TIMEOUT_USER_REASON_BASE			= 1000
+};
+
+#define LWS_TO_KILL_ASYNC -1
+/**< If LWS_TO_KILL_ASYNC is given as the timeout sec in a lws_set_timeout()
+ * call, then the connection is marked to be killed at the next timeout
+ * check.  This is how you should force-close the wsi being serviced if
+ * you are doing it outside the callback (where you should close by nonzero
+ * return).
+ */
+#define LWS_TO_KILL_SYNC -2
+/**< If LWS_TO_KILL_SYNC is given as the timeout sec in a lws_set_timeout()
+ * call, then the connection is closed before returning (which may delete
+ * the wsi).  This should only be used where the wsi being closed is not the
+ * wsi currently being serviced.
+ */
+/**
+ * lws_set_timeout() - marks the wsi as subject to a timeout
+ *
+ * You will not need this unless you are doing something special
+ *
+ * \param wsi:	Websocket connection instance
+ * \param reason:	timeout reason
+ * \param secs:	how many seconds.  You may set to LWS_TO_KILL_ASYNC to
+ *		force the connection to timeout at the next opportunity, or
+ *		LWS_TO_KILL_SYNC to close it synchronously if you know the
+ *		wsi is not the one currently being serviced.
+ */
+LWS_VISIBLE LWS_EXTERN void
+lws_set_timeout(struct lws *wsi, enum pending_timeout reason, int secs);
+///@}
+
+/*! \defgroup sending-data Sending data
+
+    APIs related to writing data on a connection
+*/
+//@{
+#if !defined(LWS_SIZEOFPTR)
+#define LWS_SIZEOFPTR (sizeof (void *))
+#endif
+#if !defined(u_int64_t)
+#define u_int64_t unsigned long long
+#endif
+
+#if defined(__x86_64__)
+#define _LWS_PAD_SIZE 16	/* Intel recommended for best performance */
+#else
+#define _LWS_PAD_SIZE LWS_SIZEOFPTR   /* Size of a pointer on the target arch */
+#endif
+#define _LWS_PAD(n) (((n) % _LWS_PAD_SIZE) ? \
+		((n) + (_LWS_PAD_SIZE - ((n) % _LWS_PAD_SIZE))) : (n))
+/* last 2 is for lws-meta */
+#define LWS_PRE _LWS_PAD(4 + 10 + 2)
+/* used prior to 1.7 and retained for backward compatibility */
+#define LWS_SEND_BUFFER_PRE_PADDING LWS_PRE
+#define LWS_SEND_BUFFER_POST_PADDING 0
+
+/*
+ * NOTE: These public enums are part of the abi.  If you want to add one,
+ * add it at where specified so existing users are unaffected.
+ */
+enum lws_write_protocol {
+	LWS_WRITE_TEXT						= 0,
+	/**< Send a ws TEXT message,the pointer must have LWS_PRE valid
+	 * memory behind it.  The receiver expects only valid utf-8 in the
+	 * payload */
+	LWS_WRITE_BINARY					= 1,
+	/**< Send a ws BINARY message, the pointer must have LWS_PRE valid
+	 * memory behind it.  Any sequence of bytes is valid */
+	LWS_WRITE_CONTINUATION					= 2,
+	/**< Continue a previous ws message, the pointer must have LWS_PRE valid
+	 * memory behind it */
+	LWS_WRITE_HTTP						= 3,
+	/**< Send HTTP content */
+
+	/* LWS_WRITE_CLOSE is handled by lws_close_reason() */
+	LWS_WRITE_PING						= 5,
+	LWS_WRITE_PONG						= 6,
+
+	/* Same as write_http but we know this write ends the transaction */
+	LWS_WRITE_HTTP_FINAL					= 7,
+
+	/* HTTP2 */
+
+	LWS_WRITE_HTTP_HEADERS					= 8,
+	/**< Send http headers (http2 encodes this payload and LWS_WRITE_HTTP
+	 * payload differently, http 1.x links also handle this correctly. so
+	 * to be compatible with both in the future,header response part should
+	 * be sent using this regardless of http version expected)
+	 */
+	LWS_WRITE_HTTP_HEADERS_CONTINUATION			= 9,
+	/**< Continuation of http/2 headers
+	 */
+
+	/****** add new things just above ---^ ******/
+
+	/* flags */
+
+	LWS_WRITE_NO_FIN = 0x40,
+	/**< This part of the message is not the end of the message */
+
+	LWS_WRITE_H2_STREAM_END = 0x80,
+	/**< Flag indicates this packet should go out with STREAM_END if h2
+	 * STREAM_END is allowed on DATA or HEADERS.
+	 */
+
+	LWS_WRITE_CLIENT_IGNORE_XOR_MASK = 0x80
+	/**< client packet payload goes out on wire unmunged
+	 * only useful for security tests since normal servers cannot
+	 * decode the content if used */
+};
+
+/* used with LWS_CALLBACK_CHILD_WRITE_VIA_PARENT */
+
+struct lws_write_passthru {
+	struct lws *wsi;
+	unsigned char *buf;
+	size_t len;
+	enum lws_write_protocol wp;
+};
+
+
+/**
+ * lws_write() - Apply protocol then write data to client
+ * \param wsi:	Websocket instance (available from user callback)
+ * \param buf:	The data to send.  For data being sent on a websocket
+ *		connection (ie, not default http), this buffer MUST have
+ *		LWS_PRE bytes valid BEFORE the pointer.
+ *		This is so the protocol header data can be added in-situ.
+ * \param len:	Count of the data bytes in the payload starting from buf
+ * \param protocol:	Use LWS_WRITE_HTTP to reply to an http connection, and one
+ *		of LWS_WRITE_BINARY or LWS_WRITE_TEXT to send appropriate
+ *		data on a websockets connection.  Remember to allow the extra
+ *		bytes before and after buf if LWS_WRITE_BINARY or LWS_WRITE_TEXT
+ *		are used.
+ *
+ *	This function provides the way to issue data back to the client
+ *	for both http and websocket protocols.
+ *
+ * IMPORTANT NOTICE!
+ *
+ * When sending with websocket protocol
+ *
+ * LWS_WRITE_TEXT,
+ * LWS_WRITE_BINARY,
+ * LWS_WRITE_CONTINUATION,
+ * LWS_WRITE_PING,
+ * LWS_WRITE_PONG
+ *
+ * the send buffer has to have LWS_PRE bytes valid BEFORE
+ * the buffer pointer you pass to lws_write().
+ *
+ * This allows us to add protocol info before and after the data, and send as
+ * one packet on the network without payload copying, for maximum efficiency.
+ *
+ * So for example you need this kind of code to use lws_write with a
+ * 128-byte payload
+ *
+ *   char buf[LWS_PRE + 128];
+ *
+ *   // fill your part of the buffer... for example here it's all zeros
+ *   memset(&buf[LWS_PRE], 0, 128);
+ *
+ *   lws_write(wsi, &buf[LWS_PRE], 128, LWS_WRITE_TEXT);
+ *
+ * When sending HTTP, with
+ *
+ * LWS_WRITE_HTTP,
+ * LWS_WRITE_HTTP_HEADERS
+ * LWS_WRITE_HTTP_FINAL
+ *
+ * there is no protocol data prepended, and don't need to take care about the
+ * LWS_PRE bytes valid before the buffer pointer.
+ *
+ * LWS_PRE is at least the frame nonce + 2 header + 8 length
+ * LWS_SEND_BUFFER_POST_PADDING is deprecated, it's now 0 and can be left off.
+ * The example apps no longer use it.
+ *
+ * Pad LWS_PRE to the CPU word size, so that word references
+ * to the address immediately after the padding won't cause an unaligned access
+ * error. Sometimes for performance reasons the recommended padding is even
+ * larger than sizeof(void *).
+ *
+ *	In the case of sending using websocket protocol, be sure to allocate
+ *	valid storage before and after buf as explained above.  This scheme
+ *	allows maximum efficiency of sending data and protocol in a single
+ *	packet while not burdening the user code with any protocol knowledge.
+ *
+ *	Return may be -1 for a fatal error needing connection close, or the
+ *	number of bytes sent.
+ *
+ * Truncated Writes
+ * ================
+ *
+ * The OS may not accept everything you asked to write on the connection.
+ *
+ * Posix defines POLLOUT indication from poll() to show that the connection
+ * will accept more write data, but it doesn't specifiy how much.  It may just
+ * accept one byte of whatever you wanted to send.
+ *
+ * LWS will buffer the remainder automatically, and send it out autonomously.
+ *
+ * During that time, WRITABLE callbacks will be suppressed.
+ *
+ * This is to handle corner cases where unexpectedly the OS refuses what we
+ * usually expect it to accept.  You should try to send in chunks that are
+ * almost always accepted in order to avoid the inefficiency of the buffering.
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_write(struct lws *wsi, unsigned char *buf, size_t len,
+	  enum lws_write_protocol protocol);
+
+/* helper for case where buffer may be const */
+#define lws_write_http(wsi, buf, len) \
+	lws_write(wsi, (unsigned char *)(buf), len, LWS_WRITE_HTTP)
+///@}
+
+/** \defgroup callback-when-writeable Callback when writeable
+ *
+ * ##Callback When Writeable
+ *
+ * lws can only write data on a connection when it is able to accept more
+ * data without blocking.
+ *
+ * So a basic requirement is we should only use the lws_write() apis when the
+ * connection we want to write on says that he can accept more data.
+ *
+ * When lws cannot complete your send at the time, it will buffer the data
+ * and send it in the background, suppressing any further WRITEABLE callbacks
+ * on that connection until it completes.  So it is important to write new
+ * things in a new writeable callback.
+ *
+ * These apis reflect the various ways we can indicate we would like to be
+ * called back when one or more connections is writeable.
+ */
+///@{
+
+/**
+ * lws_callback_on_writable() - Request a callback when this socket
+ *					 becomes able to be written to without
+ *					 blocking
+ *
+ * \param wsi:	Websocket connection instance to get callback for
+ *
+ * - Which:  only this wsi
+ * - When:   when the individual connection becomes writeable
+ * - What: LWS_CALLBACK_*_WRITEABLE
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_callback_on_writable(struct lws *wsi);
+
+/**
+ * lws_callback_on_writable_all_protocol() - Request a callback for all
+ *			connections using the given protocol when it
+ *			becomes possible to write to each socket without
+ *			blocking in turn.
+ *
+ * \param context:	lws_context
+ * \param protocol:	Protocol whose connections will get callbacks
+ *
+ * - Which:  connections using this protocol on ANY VHOST
+ * - When:   when the individual connection becomes writeable
+ * - What: LWS_CALLBACK_*_WRITEABLE
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_callback_on_writable_all_protocol(const struct lws_context *context,
+				      const struct lws_protocols *protocol);
+
+/**
+ * lws_callback_on_writable_all_protocol_vhost() - Request a callback for
+ *			all connections on same vhost using the given protocol
+ *			when it becomes possible to write to each socket without
+ *			blocking in turn.
+ *
+ * \param vhost:	Only consider connections on this lws_vhost
+ * \param protocol:	Protocol whose connections will get callbacks
+ *
+ * - Which:  connections using this protocol on GIVEN VHOST ONLY
+ * - When:   when the individual connection becomes writeable
+ * - What: LWS_CALLBACK_*_WRITEABLE
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_callback_on_writable_all_protocol_vhost(const struct lws_vhost *vhost,
+				      const struct lws_protocols *protocol);
+
+/**
+ * lws_callback_all_protocol() - Callback all connections using
+ *				the given protocol with the given reason
+ *
+ * \param context:	lws_context
+ * \param protocol:	Protocol whose connections will get callbacks
+ * \param reason:	Callback reason index
+ *
+ * - Which:  connections using this protocol on ALL VHOSTS
+ * - When:   before returning
+ * - What:   reason
+ *
+ * This isn't normally what you want... normally any update of connection-
+ * specific information can wait until a network-related callback like rx,
+ * writable, or close.
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_callback_all_protocol(struct lws_context *context,
+			  const struct lws_protocols *protocol, int reason);
+
+/**
+ * lws_callback_all_protocol_vhost() - Callback all connections using
+ *			the given protocol with the given reason.  This is
+ *			deprecated since v2.4: use lws_callback_all_protocol_vhost_args
+ *
+ * \param vh:		Vhost whose connections will get callbacks
+ * \param protocol:	Which protocol to match.  NULL means all.
+ * \param reason:	Callback reason index
+ *
+ * - Which:  connections using this protocol on GIVEN VHOST ONLY
+ * - When:   now
+ * - What:   reason
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_callback_all_protocol_vhost(struct lws_vhost *vh,
+			  const struct lws_protocols *protocol, int reason)
+LWS_WARN_DEPRECATED;
+
+/**
+ * lws_callback_all_protocol_vhost_args() - Callback all connections using
+ *			the given protocol with the given reason and args
+ *
+ * \param vh:		Vhost whose connections will get callbacks
+ * \param protocol:	Which protocol to match.  NULL means all.
+ * \param reason:	Callback reason index
+ * \param argp:		Callback "in" parameter
+ * \param len:		Callback "len" parameter
+ *
+ * - Which:  connections using this protocol on GIVEN VHOST ONLY
+ * - When:   now
+ * - What:   reason
+ */
+LWS_VISIBLE int
+lws_callback_all_protocol_vhost_args(struct lws_vhost *vh,
+			  const struct lws_protocols *protocol, int reason,
+			  void *argp, size_t len);
+
+/**
+ * lws_callback_vhost_protocols() - Callback all protocols enabled on a vhost
+ *					with the given reason
+ *
+ * \param wsi:	wsi whose vhost will get callbacks
+ * \param reason:	Callback reason index
+ * \param in:		in argument to callback
+ * \param len:	len argument to callback
+ *
+ * - Which:  connections using this protocol on same VHOST as wsi ONLY
+ * - When:   now
+ * - What:   reason
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_callback_vhost_protocols(struct lws *wsi, int reason, void *in, int len);
+
+LWS_VISIBLE LWS_EXTERN int
+lws_callback_http_dummy(struct lws *wsi, enum lws_callback_reasons reason,
+		    void *user, void *in, size_t len);
+
+/**
+ * lws_get_socket_fd() - returns the socket file descriptor
+ *
+ * You will not need this unless you are doing something special
+ *
+ * \param wsi:	Websocket connection instance
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_get_socket_fd(struct lws *wsi);
+
+/**
+ * lws_get_peer_write_allowance() - get the amount of data writeable to peer
+ * 					if known
+ *
+ * \param wsi:	Websocket connection instance
+ *
+ * if the protocol does not have any guidance, returns -1.  Currently only
+ * http2 connections get send window information from this API.  But your code
+ * should use it so it can work properly with any protocol.
+ *
+ * If nonzero return is the amount of payload data the peer or intermediary has
+ * reported it has buffer space for.  That has NO relationship with the amount
+ * of buffer space your OS can accept on this connection for a write action.
+ *
+ * This number represents the maximum you could send to the peer or intermediary
+ * on this connection right now without the protocol complaining.
+ *
+ * lws manages accounting for send window updates and payload writes
+ * automatically, so this number reflects the situation at the peer or
+ * intermediary dynamically.
+ */
+LWS_VISIBLE LWS_EXTERN size_t
+lws_get_peer_write_allowance(struct lws *wsi);
+///@}
+
+enum {
+	/*
+	 * Flags for enable and disable rxflow with reason bitmap and with
+	 * backwards-compatible single bool
+	 */
+	LWS_RXFLOW_REASON_USER_BOOL		= (1 << 0),
+	LWS_RXFLOW_REASON_HTTP_RXBUFFER		= (1 << 6),
+	LWS_RXFLOW_REASON_H2_PPS_PENDING	= (1 << 7),
+
+	LWS_RXFLOW_REASON_APPLIES		= (1 << 14),
+	LWS_RXFLOW_REASON_APPLIES_ENABLE_BIT	= (1 << 13),
+	LWS_RXFLOW_REASON_APPLIES_ENABLE	= LWS_RXFLOW_REASON_APPLIES |
+						  LWS_RXFLOW_REASON_APPLIES_ENABLE_BIT,
+	LWS_RXFLOW_REASON_APPLIES_DISABLE	= LWS_RXFLOW_REASON_APPLIES,
+	LWS_RXFLOW_REASON_FLAG_PROCESS_NOW	= (1 << 12),
+
+};
+
+/**
+ * lws_rx_flow_control() - Enable and disable socket servicing for
+ *				received packets.
+ *
+ * If the output side of a server process becomes choked, this allows flow
+ * control for the input side.
+ *
+ * \param wsi:	Websocket connection instance to get callback for
+ * \param enable:	0 = disable read servicing for this connection, 1 = enable
+ *
+ * If you need more than one additive reason for rxflow control, you can give
+ * iLWS_RXFLOW_REASON_APPLIES_ENABLE or _DISABLE together with one or more of
+ * b5..b0 set to idicate which bits to enable or disable.  If any bits are
+ * enabled, rx on the connection is suppressed.
+ *
+ * LWS_RXFLOW_REASON_FLAG_PROCESS_NOW  flag may also be given to force any change
+ * in rxflowbstatus to benapplied immediately, this should be used when you are
+ * changing a wsi flow control state from outside a callback on that wsi.
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_rx_flow_control(struct lws *wsi, int enable);
+
+/**
+ * lws_rx_flow_allow_all_protocol() - Allow all connections with this protocol to receive
+ *
+ * When the user server code realizes it can accept more input, it can
+ * call this to have the RX flow restriction removed from all connections using
+ * the given protocol.
+ * \param context:	lws_context
+ * \param protocol:	all connections using this protocol will be allowed to receive
+ */
+LWS_VISIBLE LWS_EXTERN void
+lws_rx_flow_allow_all_protocol(const struct lws_context *context,
+			       const struct lws_protocols *protocol);
+
+/**
+ * lws_remaining_packet_payload() - Bytes to come before "overall"
+ *					      rx packet is complete
+ * \param wsi:		Websocket instance (available from user callback)
+ *
+ *	This function is intended to be called from the callback if the
+ *  user code is interested in "complete packets" from the client.
+ *  libwebsockets just passes through payload as it comes and issues a buffer
+ *  additionally when it hits a built-in limit.  The LWS_CALLBACK_RECEIVE
+ *  callback handler can use this API to find out if the buffer it has just
+ *  been given is the last piece of a "complete packet" from the client --
+ *  when that is the case lws_remaining_packet_payload() will return
+ *  0.
+ *
+ *  Many protocols won't care becuse their packets are always small.
+ */
+LWS_VISIBLE LWS_EXTERN size_t
+lws_remaining_packet_payload(struct lws *wsi);
+
+
+/** \defgroup sock-adopt Socket adoption helpers
+ * ##Socket adoption helpers
+ *
+ * When integrating with an external app with its own event loop, these can
+ * be used to accept connections from someone else's listening socket.
+ *
+ * When using lws own event loop, these are not needed.
+ */
+///@{
+
+/**
+ * lws_adopt_socket() - adopt foreign socket as if listen socket accepted it
+ * for the default vhost of context.
+ *
+ * \param context: lws context
+ * \param accept_fd: fd of already-accepted socket to adopt
+ *
+ * Either returns new wsi bound to accept_fd, or closes accept_fd and
+ * returns NULL, having cleaned up any new wsi pieces.
+ *
+ * LWS adopts the socket in http serving mode, it's ready to accept an upgrade
+ * to ws or just serve http.
+ */
+LWS_VISIBLE LWS_EXTERN struct lws *
+lws_adopt_socket(struct lws_context *context, lws_sockfd_type accept_fd);
+/**
+ * lws_adopt_socket_vhost() - adopt foreign socket as if listen socket accepted it
+ * for vhost
+ *
+ * \param vh: lws vhost
+ * \param accept_fd: fd of already-accepted socket to adopt
+ *
+ * Either returns new wsi bound to accept_fd, or closes accept_fd and
+ * returns NULL, having cleaned up any new wsi pieces.
+ *
+ * LWS adopts the socket in http serving mode, it's ready to accept an upgrade
+ * to ws or just serve http.
+ */
+LWS_VISIBLE LWS_EXTERN struct lws *
+lws_adopt_socket_vhost(struct lws_vhost *vh, lws_sockfd_type accept_fd);
+
+typedef enum {
+	LWS_ADOPT_RAW_FILE_DESC = 0,	/* convenience constant */
+	LWS_ADOPT_HTTP = 1,		/* flag: absent implies RAW */
+	LWS_ADOPT_SOCKET = 2,		/* flag: absent implies file descr */
+	LWS_ADOPT_ALLOW_SSL = 4,	/* flag: if set requires LWS_ADOPT_SOCKET */
+	LWS_ADOPT_WS_PARENTIO = 8,	/* flag: ws mode parent handles IO
+					 *   if given must be only flag
+					 *   wsi put directly into ws mode
+					 */
+} lws_adoption_type;
+
+typedef union {
+	lws_sockfd_type sockfd;
+	lws_filefd_type filefd;
+} lws_sock_file_fd_type;
+
+/*
+* lws_adopt_descriptor_vhost() - adopt foreign socket or file descriptor
+* if socket descriptor, should already have been accepted from listen socket
+*
+* \param vhost: lws vhost
+* \param type: OR-ed combinations of lws_adoption_type flags
+* \param fd: union with either .sockfd or .filefd set
+* \param vh_prot_name: NULL or vh protocol name to bind raw connection to
+* \param parent: NULL or struct lws to attach new_wsi to as a child
+*
+* Either returns new wsi bound to accept_fd, or closes accept_fd and
+* returns NULL, having cleaned up any new wsi pieces.
+*
+* If LWS_ADOPT_SOCKET is set, LWS adopts the socket in http serving mode, it's
+* ready to accept an upgrade to ws or just serve http.
+*
+* parent may be NULL, if given it should be an existing wsi that will become the
+* parent of the new wsi created by this call.
+*/
+LWS_VISIBLE LWS_EXTERN struct lws *
+lws_adopt_descriptor_vhost(struct lws_vhost *vh, lws_adoption_type type,
+			   lws_sock_file_fd_type fd, const char *vh_prot_name,
+			   struct lws *parent);
+
+/**
+ * lws_adopt_socket_readbuf() - adopt foreign socket and first rx as if listen socket accepted it
+ * for the default vhost of context.
+ * \param context:	lws context
+ * \param accept_fd:	fd of already-accepted socket to adopt
+ * \param readbuf:	NULL or pointer to data that must be drained before reading from
+ *		accept_fd
+ * \param len:	The length of the data held at \param readbuf
+ *
+ * Either returns new wsi bound to accept_fd, or closes accept_fd and
+ * returns NULL, having cleaned up any new wsi pieces.
+ *
+ * LWS adopts the socket in http serving mode, it's ready to accept an upgrade
+ * to ws or just serve http.
+ *
+ * If your external code did not already read from the socket, you can use
+ * lws_adopt_socket() instead.
+ *
+ * This api is guaranteed to use the data at \param readbuf first, before reading from
+ * the socket.
+ *
+ * readbuf is limited to the size of the ah rx buf, currently 2048 bytes.
+ */
+LWS_VISIBLE LWS_EXTERN struct lws *
+lws_adopt_socket_readbuf(struct lws_context *context, lws_sockfd_type accept_fd,
+                         const char *readbuf, size_t len);
+/**
+ * lws_adopt_socket_vhost_readbuf() - adopt foreign socket and first rx as if listen socket
+ * accepted it for vhost.
+ * \param vhost:	lws vhost
+ * \param accept_fd:	fd of already-accepted socket to adopt
+ * \param readbuf:	NULL or pointer to data that must be drained before reading from
+ *			accept_fd
+ * \param len:		The length of the data held at \param readbuf
+ *
+ * Either returns new wsi bound to accept_fd, or closes accept_fd and
+ * returns NULL, having cleaned up any new wsi pieces.
+ *
+ * LWS adopts the socket in http serving mode, it's ready to accept an upgrade
+ * to ws or just serve http.
+ *
+ * If your external code did not already read from the socket, you can use
+ * lws_adopt_socket() instead.
+ *
+ * This api is guaranteed to use the data at \param readbuf first, before reading from
+ * the socket.
+ *
+ * readbuf is limited to the size of the ah rx buf, currently 2048 bytes.
+ */
+LWS_VISIBLE LWS_EXTERN struct lws *
+lws_adopt_socket_vhost_readbuf(struct lws_vhost *vhost, lws_sockfd_type accept_fd,
+                               const char *readbuf, size_t len);
+///@}
+
+/** \defgroup net Network related helper APIs
+ * ##Network related helper APIs
+ *
+ * These wrap miscellaneous useful network-related functions
+ */
+///@{
+
+/**
+ * lws_canonical_hostname() - returns this host's hostname
+ *
+ * This is typically used by client code to fill in the host parameter
+ * when making a client connection.  You can only call it after the context
+ * has been created.
+ *
+ * \param context:	Websocket context
+ */
+LWS_VISIBLE LWS_EXTERN const char * LWS_WARN_UNUSED_RESULT
+lws_canonical_hostname(struct lws_context *context);
+
+/**
+ * lws_get_peer_addresses() - Get client address information
+ * \param wsi:	Local struct lws associated with
+ * \param fd:		Connection socket descriptor
+ * \param name:	Buffer to take client address name
+ * \param name_len:	Length of client address name buffer
+ * \param rip:	Buffer to take client address IP dotted quad
+ * \param rip_len:	Length of client address IP buffer
+ *
+ *	This function fills in name and rip with the name and IP of
+ *	the client connected with socket descriptor fd.  Names may be
+ *	truncated if there is not enough room.  If either cannot be
+ *	determined, they will be returned as valid zero-length strings.
+ */
+LWS_VISIBLE LWS_EXTERN void
+lws_get_peer_addresses(struct lws *wsi, lws_sockfd_type fd, char *name,
+		       int name_len, char *rip, int rip_len);
+
+/**
+ * lws_get_peer_simple() - Get client address information without RDNS
+ *
+ * \param wsi:	Local struct lws associated with
+ * \param name:	Buffer to take client address name
+ * \param namelen:	Length of client address name buffer
+ *
+ * This provides a 123.123.123.123 type IP address in name from the
+ * peer that has connected to wsi
+ */
+LWS_VISIBLE LWS_EXTERN const char *
+lws_get_peer_simple(struct lws *wsi, char *name, int namelen);
+#if !defined(LWS_WITH_ESP8266) && !defined(LWS_WITH_ESP32)
+/**
+ * lws_interface_to_sa() - Convert interface name or IP to sockaddr struct
+ *
+ * \param ipv6:	Allow IPV6 addresses
+ * \param ifname:	Interface name or IP
+ * \param addr:	struct sockaddr_in * to be written
+ * \param addrlen:	Length of addr
+ *
+ * This converts a textual network interface name to a sockaddr usable by
+ * other network functions
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_interface_to_sa(int ipv6, const char *ifname, struct sockaddr_in *addr,
+		    size_t addrlen);
+///@}
+#endif
+
+/** \defgroup misc Miscellaneous APIs
+* ##Miscellaneous APIs
+*
+* Various APIs outside of other categories
+*/
+///@{
+
+/**
+ * lws_start_foreach_ll(): linkedlist iterator helper start
+ *
+ * \param type: type of iteration, eg, struct xyz *
+ * \param it: iterator var name to create
+ * \param start: start of list
+ *
+ * This helper creates an iterator and starts a while (it) {
+ * loop.  The iterator runs through the linked list starting at start and
+ * ends when it gets a NULL.
+ * The while loop should be terminated using lws_start_foreach_ll().
+ */
+#define lws_start_foreach_ll(type, it, start)\
+{ \
+	type it = start; \
+	while (it) {
+
+/**
+ * lws_end_foreach_ll(): linkedlist iterator helper end
+ *
+ * \param it: same iterator var name given when starting
+ * \param nxt: member name in the iterator pointing to next list element
+ *
+ * This helper is the partner for lws_start_foreach_ll() that ends the
+ * while loop.
+ */
+
+#define lws_end_foreach_ll(it, nxt) \
+		it = it->nxt; \
+	} \
+}
+
+/**
+ * lws_start_foreach_llp(): linkedlist pointer iterator helper start
+ *
+ * \param type: type of iteration, eg, struct xyz **
+ * \param it: iterator var name to create
+ * \param start: start of list
+ *
+ * This helper creates an iterator and starts a while (it) {
+ * loop.  The iterator runs through the linked list starting at the
+ * address of start and ends when it gets a NULL.
+ * The while loop should be terminated using lws_start_foreach_llp().
+ *
+ * This helper variant iterates using a pointer to the previous linked-list
+ * element.  That allows you to easily delete list members by rewriting the
+ * previous pointer to the element's next pointer.
+ */
+#define lws_start_foreach_llp(type, it, start)\
+{ \
+	type it = &(start); \
+	while (*(it)) {
+
+/**
+ * lws_end_foreach_llp(): linkedlist pointer iterator helper end
+ *
+ * \param it: same iterator var name given when starting
+ * \param nxt: member name in the iterator pointing to next list element
+ *
+ * This helper is the partner for lws_start_foreach_llp() that ends the
+ * while loop.
+ */
+
+#define lws_end_foreach_llp(it, nxt) \
+		it = &(*(it))->nxt; \
+	} \
+}
+
+/**
+ * lws_snprintf(): snprintf that truncates the returned length too
+ *
+ * \param str: destination buffer
+ * \param size: bytes left in destination buffer
+ * \param format: format string
+ * \param ...: args for format
+ *
+ * This lets you correctly truncate buffers by concatenating lengths, if you
+ * reach the limit the reported length doesn't exceed the limit.
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_snprintf(char *str, size_t size, const char *format, ...) LWS_FORMAT(3);
+
+/**
+ * lws_get_random(): fill a buffer with platform random data
+ *
+ * \param context: the lws context
+ * \param buf: buffer to fill
+ * \param len: how much to fill
+ *
+ * This is intended to be called from the LWS_CALLBACK_RECEIVE callback if
+ * it's interested to see if the frame it's dealing with was sent in binary
+ * mode.
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_get_random(struct lws_context *context, void *buf, int len);
+/**
+ * lws_daemonize(): make current process run in the background
+ *
+ * \param _lock_path: the filepath to write the lock file
+ *
+ * Spawn lws as a background process, taking care of various things
+ */
+LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_daemonize(const char *_lock_path);
+/**
+ * lws_get_library_version(): return string describing the version of lws
+ *
+ * On unix, also includes the git describe
+ */
+LWS_VISIBLE LWS_EXTERN const char * LWS_WARN_UNUSED_RESULT
+lws_get_library_version(void);
+
+/**
+ * lws_wsi_user() - get the user data associated with the connection
+ * \param wsi: lws connection
+ *
+ * Not normally needed since it's passed into the callback
+ */
+LWS_VISIBLE LWS_EXTERN void *
+lws_wsi_user(struct lws *wsi);
+
+/**
+ * lws_wsi_set_user() - set the user data associated with the client connection
+ * \param wsi: lws connection
+ * \param user: user data
+ *
+ * By default lws allocates this and it's not legal to externally set it
+ * yourself.  However client connections may have it set externally when the
+ * connection is created... if so, this api can be used to modify it at
+ * runtime additionally.
+ */
+LWS_VISIBLE LWS_EXTERN void
+lws_set_wsi_user(struct lws *wsi, void *user);
+
+/**
+ * lws_parse_uri:	cut up prot:/ads:port/path into pieces
+ *			Notice it does so by dropping '\0' into input string
+ *			and the leading / on the path is consequently lost
+ *
+ * \param p:			incoming uri string.. will get written to
+ * \param prot:		result pointer for protocol part (https://)
+ * \param ads:		result pointer for address part
+ * \param port:		result pointer for port part
+ * \param path:		result pointer for path part
+ */
+LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_parse_uri(char *p, const char **prot, const char **ads, int *port,
+	      const char **path);
+
+/**
+ * lws_now_secs(): return seconds since 1970-1-1
+ */
+LWS_VISIBLE LWS_EXTERN unsigned long
+lws_now_secs(void);
+
+/**
+ * lws_get_context - Allow geting lws_context from a Websocket connection
+ * instance
+ *
+ * With this function, users can access context in the callback function.
+ * Otherwise users may have to declare context as a global variable.
+ *
+ * \param wsi:	Websocket connection instance
+ */
+LWS_VISIBLE LWS_EXTERN struct lws_context * LWS_WARN_UNUSED_RESULT
+lws_get_context(const struct lws *wsi);
+
+/**
+ * lws_get_count_threads(): how many service threads the context uses
+ *
+ * \param context: the lws context
+ *
+ * By default this is always 1, if you asked for more than lws can handle it
+ * will clip the number of threads.  So you can use this to find out how many
+ * threads are actually in use.
+ */
+LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_get_count_threads(struct lws_context *context);
+
+/**
+ * lws_get_parent() - get parent wsi or NULL
+ * \param wsi: lws connection
+ *
+ * Specialized wsi like cgi stdin/out/err are associated to a parent wsi,
+ * this allows you to get their parent.
+ */
+LWS_VISIBLE LWS_EXTERN struct lws * LWS_WARN_UNUSED_RESULT
+lws_get_parent(const struct lws *wsi);
+
+/**
+ * lws_get_child() - get child wsi or NULL
+ * \param wsi: lws connection
+ *
+ * Allows you to find a related wsi from the parent wsi.
+ */
+LWS_VISIBLE LWS_EXTERN struct lws * LWS_WARN_UNUSED_RESULT
+lws_get_child(const struct lws *wsi);
+
+/**
+ * lws_parent_carries_io() - mark wsi as needing to send messages via parent
+ *
+ * \param wsi: child lws connection
+ */
+
+LWS_VISIBLE LWS_EXTERN void
+lws_set_parent_carries_io(struct lws *wsi);
+
+LWS_VISIBLE LWS_EXTERN void *
+lws_get_opaque_parent_data(const struct lws *wsi);
+
+LWS_VISIBLE LWS_EXTERN void
+lws_set_opaque_parent_data(struct lws *wsi, void *data);
+
+LWS_VISIBLE LWS_EXTERN int
+lws_get_child_pending_on_writable(const struct lws *wsi);
+
+LWS_VISIBLE LWS_EXTERN void
+lws_clear_child_pending_on_writable(struct lws *wsi);
+
+LWS_VISIBLE LWS_EXTERN int
+lws_get_close_length(struct lws *wsi);
+
+LWS_VISIBLE LWS_EXTERN unsigned char *
+lws_get_close_payload(struct lws *wsi);
+
+/**
+ * lws_get_network_wsi() - Returns wsi that has the tcp connection for this wsi
+ *
+ * \param wsi: wsi you have
+ *
+ * Returns wsi that has the tcp connection (which may be the incoming wsi)
+ *
+ * HTTP/1 connections will always return the incoming wsi
+ * HTTP/2 connections may return a different wsi that has the tcp connection
+ */
+LWS_VISIBLE LWS_EXTERN
+struct lws *lws_get_network_wsi(struct lws *wsi);
+
+/*
+ * \deprecated DEPRECATED Note: this is not normally needed as a user api.
+ * It's provided in case it is
+ * useful when integrating with other app poll loop service code.
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_read(struct lws *wsi, unsigned char *buf, lws_filepos_t len);
+
+/**
+ * lws_set_allocator() - custom allocator support
+ *
+ * \param realloc
+ *
+ * Allows you to replace the allocator (and deallocator) used by lws
+ */
+LWS_VISIBLE LWS_EXTERN void
+lws_set_allocator(void *(*realloc)(void *ptr, size_t size, const char *reason));
+///@}
+
+/** \defgroup wsstatus Websocket status APIs
+ * ##Websocket connection status APIs
+ *
+ * These provide information about ws connection or message status
+ */
+///@{
+/**
+ * lws_send_pipe_choked() - tests if socket is writable or not
+ * \param wsi: lws connection
+ *
+ * Allows you to check if you can write more on the socket
+ */
+LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_send_pipe_choked(struct lws *wsi);
+
+/**
+ * lws_is_final_fragment() - tests if last part of ws message
+ *
+ * \param wsi: lws connection
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_is_final_fragment(struct lws *wsi);
+
+/**
+ * lws_is_first_fragment() - tests if first part of ws message
+ *
+ * \param wsi: lws connection
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_is_first_fragment(struct lws *wsi);
+
+/**
+ * lws_get_reserved_bits() - access reserved bits of ws frame
+ * \param wsi: lws connection
+ */
+LWS_VISIBLE LWS_EXTERN unsigned char
+lws_get_reserved_bits(struct lws *wsi);
+
+/**
+ * lws_partial_buffered() - find out if lws buffered the last write
+ * \param wsi:	websocket connection to check
+ *
+ * Returns 1 if you cannot use lws_write because the last
+ * write on this connection is still buffered, and can't be cleared without
+ * returning to the service loop and waiting for the connection to be
+ * writeable again.
+ *
+ * If you will try to do >1 lws_write call inside a single
+ * WRITEABLE callback, you must check this after every write and bail if
+ * set, ask for a new writeable callback and continue writing from there.
+ *
+ * This is never set at the start of a writeable callback, but any write
+ * may set it.
+ */
+LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_partial_buffered(struct lws *wsi);
+
+/**
+ * lws_frame_is_binary(): true if the current frame was sent in binary mode
+ *
+ * \param wsi: the connection we are inquiring about
+ *
+ * This is intended to be called from the LWS_CALLBACK_RECEIVE callback if
+ * it's interested to see if the frame it's dealing with was sent in binary
+ * mode.
+ */
+LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_frame_is_binary(struct lws *wsi);
+
+/**
+ * lws_is_ssl() - Find out if connection is using SSL
+ * \param wsi:	websocket connection to check
+ *
+ *	Returns 0 if the connection is not using SSL, 1 if using SSL and
+ *	using verified cert, and 2 if using SSL but the cert was not
+ *	checked (appears for client wsi told to skip check on connection)
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_is_ssl(struct lws *wsi);
+/**
+ * lws_is_cgi() - find out if this wsi is running a cgi process
+ * \param wsi: lws connection
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_is_cgi(struct lws *wsi);
+
+#ifdef LWS_OPENSSL_SUPPORT
+/**
+ * lws_get_ssl() - Return wsi's SSL context structure
+ * \param wsi:	websocket connection
+ *
+ * Returns pointer to the SSL library's context structure
+ */
+LWS_VISIBLE LWS_EXTERN SSL*
+lws_get_ssl(struct lws *wsi);
+#endif
+///@}
+
+/** \defgroup lws_ring LWS Ringbuffer APIs
+ * ##lws_ring: generic ringbuffer struct
+ *
+ * Provides an abstract ringbuffer api supporting one head and one or an
+ * unlimited number of tails.
+ *
+ * All of the members are opaque and manipulated by lws_ring_...() apis.
+ *
+ * The lws_ring and its buffer is allocated at runtime on the heap, using
+ *
+ *  - lws_ring_create()
+ *  - lws_ring_destroy()
+ *
+ * It may contain any type, the size of the "element" stored in the ring
+ * buffer and the number of elements is given at creation time.
+ *
+ * When you create the ringbuffer, you can optionally provide an element
+ * destroy callback that frees any allocations inside the element.  This is then
+ * automatically called for elements with no tail behind them, ie, elements
+ * which don't have any pending consumer are auto-freed.
+ *
+ * Whole elements may be inserted into the ringbuffer and removed from it, using
+ *
+ *  - lws_ring_insert()
+ *  - lws_ring_consume()
+ *
+ * You can find out how many whole elements are free or waiting using
+ *
+ *  - lws_ring_get_count_free_elements()
+ *  - lws_ring_get_count_waiting_elements()
+ *
+ * In addition there are special purpose optional byte-centric apis
+ *
+ *  - lws_ring_next_linear_insert_range()
+ *  - lws_ring_bump_head()
+ *
+ *  which let you, eg, read() directly into the ringbuffer without needing
+ *  an intermediate bounce buffer.
+ *
+ *  The accessors understand that the ring wraps, and optimizes insertion and
+ *  consumption into one or two memcpy()s depending on if the head or tail
+ *  wraps.
+ *
+ *  lws_ring only supports a single head, but optionally multiple tails with
+ *  an API to inform it when the "oldest" tail has moved on.  You can give
+ *  NULL where-ever an api asks for a tail pointer, and it will use an internal
+ *  single tail pointer for convenience.
+ *
+ *  The "oldest tail", which is the only tail if you give it NULL instead of
+ *  some other tail, is used to track which elements in the ringbuffer are
+ *  still unread by anyone.
+ *
+ *   - lws_ring_update_oldest_tail()
+ */
+///@{
+struct lws_ring;
+
+/**
+ * lws_ring_create(): create a new ringbuffer
+ *
+ * \param element_len: the size in bytes of one element in the ringbuffer
+ * \param count: the number of elements the ringbuffer can contain
+ * \param destroy_element: NULL, or callback to be called for each element
+ *			   that is removed from the ringbuffer due to the
+ *			   oldest tail moving beyond it
+ *
+ * Creates the ringbuffer and allocates the storage.  Returns the new
+ * lws_ring *, or NULL if the allocation failed.
+ *
+ * If non-NULL, destroy_element will get called back for every element that is
+ * retired from the ringbuffer after the oldest tail has gone past it, and for
+ * any element still left in the ringbuffer when it is destroyed.  It replaces
+ * all other element destruction code in your user code.
+ */
+LWS_VISIBLE LWS_EXTERN struct lws_ring *
+lws_ring_create(size_t element_len, size_t count,
+		void (*destroy_element)(void *element));
+
+/**
+ * lws_ring_destroy():  destroy a previously created ringbuffer
+ *
+ * \param ring: the struct lws_ring to destroy
+ *
+ * Destroys the ringbuffer allocation and the struct lws_ring itself.
+ */
+LWS_VISIBLE LWS_EXTERN void
+lws_ring_destroy(struct lws_ring *ring);
+
+/**
+ * lws_ring_get_count_free_elements():  return how many elements can fit
+ *				      in the free space
+ *
+ * \param ring: the struct lws_ring to report on
+ *
+ * Returns how much room is left in the ringbuffer for whole element insertion.
+ */
+LWS_VISIBLE LWS_EXTERN size_t
+lws_ring_get_count_free_elements(struct lws_ring *ring);
+
+/**
+ * lws_ring_get_count_waiting_elements():  return how many elements can be consumed
+ *
+ * \param ring: the struct lws_ring to report on
+ * \param tail: a pointer to the tail struct to use, or NULL for single tail
+ *
+ * Returns how many elements are waiting to be consumed from the perspective
+ * of the tail pointer given.
+ */
+LWS_VISIBLE LWS_EXTERN size_t
+lws_ring_get_count_waiting_elements(struct lws_ring *ring, uint32_t *tail);
+
+/**
+ * lws_ring_insert():  attempt to insert up to max_count elements from src
+ *
+ * \param ring: the struct lws_ring to report on
+ * \param src: the array of elements to be inserted
+ * \param max_count: the number of available elements at src
+ *
+ * Attempts to insert as many of the elements at src as possible, up to the
+ * maximum max_count.  Returns the number of elements actually inserted.
+ */
+LWS_VISIBLE LWS_EXTERN size_t
+lws_ring_insert(struct lws_ring *ring, const void *src, size_t max_count);
+
+/**
+ * lws_ring_consume():  attempt to copy out and remove up to max_count elements
+ *		        to src
+ *
+ * \param ring: the struct lws_ring to report on
+ * \param tail: a pointer to the tail struct to use, or NULL for single tail
+ * \param dest: the array of elements to be inserted. or NULL for no copy
+ * \param max_count: the number of available elements at src
+ *
+ * Attempts to copy out as many waiting elements as possible into dest, from
+ * the perspective of the given tail, up to max_count.  If dest is NULL, the
+ * copying out is not done but the elements are logically consumed as usual.
+ * NULL dest is useful in combination with lws_ring_get_element(), where you
+ * can use the element direct from the ringbuffer and then call this with NULL
+ * dest to logically consume it.
+ *
+ * Increments the tail position according to how many elements could be
+ * consumed.
+ *
+ * Returns the number of elements consumed.
+ */
+LWS_VISIBLE LWS_EXTERN size_t
+lws_ring_consume(struct lws_ring *ring, uint32_t *tail, void *dest,
+		 size_t max_count);
+
+/**
+ * lws_ring_get_element():  get a pointer to the next waiting element for tail
+ *
+ * \param ring: the struct lws_ring to report on
+ * \param tail: a pointer to the tail struct to use, or NULL for single tail
+ *
+ * Points to the next element that tail would consume, directly in the
+ * ringbuffer.  This lets you write() or otherwise use the element without
+ * having to copy it out somewhere first.
+ *
+ * After calling this, you must call lws_ring_consume(ring, &tail, NULL, 1)
+ * which will logically consume the element you used up and increment your
+ * tail (tail may also be NULL there if you use a single tail).
+ *
+ * Returns NULL if no waiting element, or a const void * pointing to it.
+ */
+LWS_VISIBLE LWS_EXTERN const void *
+lws_ring_get_element(struct lws_ring *ring, uint32_t *tail);
+
+/**
+ * lws_ring_update_oldest_tail():  free up elements older than tail for reuse
+ *
+ * \param ring: the struct lws_ring to report on
+ * \param tail: a pointer to the tail struct to use, or NULL for single tail
+ *
+ * If you are using multiple tails, you must use this API to inform the
+ * lws_ring when none of the tails still need elements in the fifo any more,
+ * by updating it when the "oldest" tail has moved on.
+ */
+LWS_VISIBLE LWS_EXTERN void
+lws_ring_update_oldest_tail(struct lws_ring *ring, uint32_t tail);
+
+/**
+ * lws_ring_get_oldest_tail():  get current oldest available data index
+ *
+ * \param ring: the struct lws_ring to report on
+ *
+ * If you are initializing a new ringbuffer consumer, you can set its tail to
+ * this to start it from the oldest ringbuffer entry still available.
+ */
+LWS_VISIBLE LWS_EXTERN uint32_t
+lws_ring_get_oldest_tail(struct lws_ring *ring);
+
+/**
+ * lws_ring_next_linear_insert_range():  used to write directly into the ring
+ *
+ * \param ring: the struct lws_ring to report on
+ * \param start: pointer to a void * set to the start of the next ringbuffer area
+ * \param bytes: pointer to a size_t set to the max length you may use from *start
+ *
+ * This provides a low-level, bytewise access directly into the ringbuffer
+ * allowing direct insertion of data without having to use a bounce buffer.
+ *
+ * The api reports the position and length of the next linear range that can
+ * be written in the ringbuffer, ie, up to the point it would wrap, and sets
+ * *start and *bytes accordingly.  You can then, eg, directly read() into
+ * *start for up to *bytes, and use lws_ring_bump_head() to update the lws_ring
+ * with what you have done.
+ *
+ * Returns nonzero if no insertion is currently possible.
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_ring_next_linear_insert_range(struct lws_ring *ring, void **start,
+				  size_t *bytes);
+
+/**
+ * lws_ring_bump_head():  used to write directly into the ring
+ *
+ * \param ring: the struct lws_ring to operate on
+ * \param bytes: the number of bytes you inserted at the current head
+ */
+LWS_VISIBLE LWS_EXTERN void
+lws_ring_bump_head(struct lws_ring *ring, size_t bytes);
+///@}
+
+/** \defgroup sha SHA and B64 helpers
+ * ##SHA and B64 helpers
+ *
+ * These provide SHA-1 and B64 helper apis
+ */
+///@{
+#ifdef LWS_SHA1_USE_OPENSSL_NAME
+#define lws_SHA1 SHA1
+#else
+/**
+ * lws_SHA1(): make a SHA-1 digest of a buffer
+ *
+ * \param d: incoming buffer
+ * \param n: length of incoming buffer
+ * \param md: buffer for message digest (must be >= 20 bytes)
+ *
+ * Reduces any size buffer into a 20-byte SHA-1 hash.
+ */
+LWS_VISIBLE LWS_EXTERN unsigned char *
+lws_SHA1(const unsigned char *d, size_t n, unsigned char *md);
+#endif
+/**
+ * lws_b64_encode_string(): encode a string into base 64
+ *
+ * \param in: incoming buffer
+ * \param in_len: length of incoming buffer
+ * \param out: result buffer
+ * \param out_size: length of result buffer
+ *
+ * Encodes a string using b64
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_b64_encode_string(const char *in, int in_len, char *out, int out_size);
+/**
+ * lws_b64_decode_string(): decode a string from base 64
+ *
+ * \param in: incoming buffer
+ * \param out: result buffer
+ * \param out_size: length of result buffer
+ *
+ * Decodes a string using b64
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_b64_decode_string(const char *in, char *out, int out_size);
+///@}
+
+
+/*! \defgroup cgi cgi handling
+ *
+ * ##CGI handling
+ *
+ * These functions allow low-level control over stdin/out/err of the cgi.
+ *
+ * However for most cases, binding the cgi to http in and out, the default
+ * lws implementation already does the right thing.
+ */
+
+enum lws_enum_stdinouterr {
+	LWS_STDIN = 0,
+	LWS_STDOUT = 1,
+	LWS_STDERR = 2,
+};
+
+enum lws_cgi_hdr_state {
+	LCHS_HEADER,
+	LCHS_CR1,
+	LCHS_LF1,
+	LCHS_CR2,
+	LCHS_LF2,
+	LHCS_RESPONSE,
+	LHCS_DUMP_HEADERS,
+	LHCS_PAYLOAD,
+	LCHS_SINGLE_0A,
+};
+
+struct lws_cgi_args {
+	struct lws **stdwsi; /**< get fd with lws_get_socket_fd() */
+	enum lws_enum_stdinouterr ch; /**< channel index */
+	unsigned char *data; /**< for messages with payload */
+	enum lws_cgi_hdr_state hdr_state; /**< track where we are in cgi headers */
+	int len; /**< length */
+};
+
+#ifdef LWS_WITH_CGI
+/**
+ * lws_cgi: spawn network-connected cgi process
+ *
+ * \param wsi: connection to own the process
+ * \param exec_array: array of "exec-name" "arg1" ... "argn" NULL
+ * \param script_uri_path_len: how many chars on the left of the uri are the
+ *        path to the cgi, or -1 to spawn without URL-related env vars
+ * \param timeout_secs: seconds script should be allowed to run
+ * \param mp_cgienv: pvo list with per-vhost cgi options to put in env
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_cgi(struct lws *wsi, const char * const *exec_array,
+	int script_uri_path_len, int timeout_secs,
+	const struct lws_protocol_vhost_options *mp_cgienv);
+
+/**
+ * lws_cgi_write_split_stdout_headers: write cgi output accounting for header part
+ *
+ * \param wsi: connection to own the process
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_cgi_write_split_stdout_headers(struct lws *wsi);
+
+/**
+ * lws_cgi_kill: terminate cgi process associated with wsi
+ *
+ * \param wsi: connection to own the process
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_cgi_kill(struct lws *wsi);
+
+/**
+ * lws_cgi_get_stdwsi: get wsi for stdin, stdout, or stderr
+ *
+ * \param wsi: parent wsi that has cgi
+ * \param ch: which of LWS_STDIN, LWS_STDOUT or LWS_STDERR
+ */
+LWS_VISIBLE LWS_EXTERN struct lws *
+lws_cgi_get_stdwsi(struct lws *wsi, enum lws_enum_stdinouterr ch);
+
+#endif
+///@}
+
+
+/*! \defgroup fops file operation wrapping
+ *
+ * ##File operation wrapping
+ *
+ * Use these helper functions if you want to access a file from the perspective
+ * of a specific wsi, which is usually the case.  If you just want contextless
+ * file access, use the fops callbacks directly with NULL wsi instead of these
+ * helpers.
+ *
+ * If so, then it calls the platform handler or user overrides where present
+ * (as defined in info->fops)
+ *
+ * The advantage from all this is user code can be portable for file operations
+ * without having to deal with differences between platforms.
+ */
+//@{
+
+/** struct lws_plat_file_ops - Platform-specific file operations
+ *
+ * These provide platform-agnostic ways to deal with filesystem access in the
+ * library and in the user code.
+ */
+
+#if defined(LWS_WITH_ESP32)
+/* sdk preprocessor defs? compiler issue? gets confused with member names */
+#define LWS_FOP_OPEN		_open
+#define LWS_FOP_CLOSE		_close
+#define LWS_FOP_SEEK_CUR	_seek_cur
+#define LWS_FOP_READ		_read
+#define LWS_FOP_WRITE		_write
+#else
+#define LWS_FOP_OPEN		open
+#define LWS_FOP_CLOSE		close
+#define LWS_FOP_SEEK_CUR	seek_cur
+#define LWS_FOP_READ		read
+#define LWS_FOP_WRITE		write
+#endif
+
+#define LWS_FOP_FLAGS_MASK		   ((1 << 23) - 1)
+#define LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP (1 << 24)
+#define LWS_FOP_FLAG_COMPR_IS_GZIP	   (1 << 25)
+#define LWS_FOP_FLAG_MOD_TIME_VALID	   (1 << 26)
+#define LWS_FOP_FLAG_VIRTUAL		   (1 << 27)
+
+struct lws_plat_file_ops;
+
+struct lws_fop_fd {
+	lws_filefd_type			fd;
+	/**< real file descriptor related to the file... */
+	const struct lws_plat_file_ops	*fops;
+	/**< fops that apply to this fop_fd */
+	void				*filesystem_priv;
+	/**< ignored by lws; owned by the fops handlers */
+	lws_filepos_t			pos;
+	/**< generic "position in file" */
+	lws_filepos_t			len;
+	/**< generic "length of file" */
+	lws_fop_flags_t			flags;
+	/**< copy of the returned flags */
+	uint32_t			mod_time;
+	/**< optional "modification time of file", only valid if .open()
+	 * set the LWS_FOP_FLAG_MOD_TIME_VALID flag */
+};
+typedef struct lws_fop_fd *lws_fop_fd_t;
+
+struct lws_fops_index {
+	const char *sig;	/* NULL or vfs signature, eg, ".zip/" */
+	uint8_t len;		/* length of above string */
+};
+
+struct lws_plat_file_ops {
+	lws_fop_fd_t (*LWS_FOP_OPEN)(const struct lws_plat_file_ops *fops,
+				     const char *filename, const char *vpath,
+				     lws_fop_flags_t *flags);
+	/**< Open file (always binary access if plat supports it)
+	 * vpath may be NULL, or if the fops understands it, the point at which
+	 * the filename's virtual part starts.
+	 * *flags & LWS_FOP_FLAGS_MASK should be set to O_RDONLY or O_RDWR.
+	 * If the file may be gzip-compressed,
+	 * LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP is set.  If it actually is
+	 * gzip-compressed, then the open handler should OR
+	 * LWS_FOP_FLAG_COMPR_IS_GZIP on to *flags before returning.
+	 */
+	int (*LWS_FOP_CLOSE)(lws_fop_fd_t *fop_fd);
+	/**< close file AND set the pointer to NULL */
+	lws_fileofs_t (*LWS_FOP_SEEK_CUR)(lws_fop_fd_t fop_fd,
+					  lws_fileofs_t offset_from_cur_pos);
+	/**< seek from current position */
+	int (*LWS_FOP_READ)(lws_fop_fd_t fop_fd, lws_filepos_t *amount,
+			    uint8_t *buf, lws_filepos_t len);
+	/**< Read from file, on exit *amount is set to amount actually read */
+	int (*LWS_FOP_WRITE)(lws_fop_fd_t fop_fd, lws_filepos_t *amount,
+			     uint8_t *buf, lws_filepos_t len);
+	/**< Write to file, on exit *amount is set to amount actually written */
+
+	struct lws_fops_index fi[3];
+	/**< vfs path signatures implying use of this fops */
+
+	const struct lws_plat_file_ops *next;
+	/**< NULL or next fops in list */
+
+	/* Add new things just above here ---^
+	 * This is part of the ABI, don't needlessly break compatibility */
+};
+
+/**
+ * lws_get_fops() - get current file ops
+ *
+ * \param context: context
+ */
+LWS_VISIBLE LWS_EXTERN struct lws_plat_file_ops * LWS_WARN_UNUSED_RESULT
+lws_get_fops(struct lws_context *context);
+LWS_VISIBLE LWS_EXTERN void
+lws_set_fops(struct lws_context *context, const struct lws_plat_file_ops *fops);
+/**
+ * lws_vfs_tell() - get current file position
+ *
+ * \param fop_fd: fop_fd we are asking about
+ */
+LWS_VISIBLE LWS_EXTERN lws_filepos_t LWS_WARN_UNUSED_RESULT
+lws_vfs_tell(lws_fop_fd_t fop_fd);
+/**
+ * lws_vfs_get_length() - get current file total length in bytes
+ *
+ * \param fop_fd: fop_fd we are asking about
+ */
+LWS_VISIBLE LWS_EXTERN lws_filepos_t LWS_WARN_UNUSED_RESULT
+lws_vfs_get_length(lws_fop_fd_t fop_fd);
+/**
+ * lws_vfs_get_mod_time() - get time file last modified
+ *
+ * \param fop_fd: fop_fd we are asking about
+ */
+LWS_VISIBLE LWS_EXTERN uint32_t LWS_WARN_UNUSED_RESULT
+lws_vfs_get_mod_time(lws_fop_fd_t fop_fd);
+/**
+ * lws_vfs_file_seek_set() - seek relative to start of file
+ *
+ * \param fop_fd: fop_fd we are seeking in
+ * \param offset: offset from start of file
+ */
+LWS_VISIBLE LWS_EXTERN lws_fileofs_t
+lws_vfs_file_seek_set(lws_fop_fd_t fop_fd, lws_fileofs_t offset);
+/**
+ * lws_vfs_file_seek_end() - seek relative to end of file
+ *
+ * \param fop_fd: fop_fd we are seeking in
+ * \param offset: offset from start of file
+ */
+LWS_VISIBLE LWS_EXTERN lws_fileofs_t
+lws_vfs_file_seek_end(lws_fop_fd_t fop_fd, lws_fileofs_t offset);
+
+extern struct lws_plat_file_ops fops_zip;
+
+/**
+ * lws_plat_file_open() - open vfs filepath
+ *
+ * \param fops: file ops struct that applies to this descriptor
+ * \param vfs_path: filename to open
+ * \param flags: pointer to open flags
+ *
+ * The vfs_path is scanned for known fops signatures, and the open directed
+ * to any matching fops open.
+ *
+ * User code should use this api to perform vfs opens.
+ *
+ * returns semi-opaque handle
+ */
+LWS_VISIBLE LWS_EXTERN lws_fop_fd_t LWS_WARN_UNUSED_RESULT
+lws_vfs_file_open(const struct lws_plat_file_ops *fops, const char *vfs_path,
+		  lws_fop_flags_t *flags);
+
+/**
+ * lws_plat_file_close() - close file
+ *
+ * \param fop_fd: file handle to close
+ */
+static LWS_INLINE int
+lws_vfs_file_close(lws_fop_fd_t *fop_fd)
+{
+	return (*fop_fd)->fops->LWS_FOP_CLOSE(fop_fd);
+}
+
+/**
+ * lws_plat_file_seek_cur() - close file
+ *
+ *
+ * \param fop_fd: file handle
+ * \param offset: position to seek to
+ */
+static LWS_INLINE lws_fileofs_t
+lws_vfs_file_seek_cur(lws_fop_fd_t fop_fd, lws_fileofs_t offset)
+{
+	return fop_fd->fops->LWS_FOP_SEEK_CUR(fop_fd, offset);
+}
+/**
+ * lws_plat_file_read() - read from file
+ *
+ * \param fop_fd: file handle
+ * \param amount: how much to read (rewritten by call)
+ * \param buf: buffer to write to
+ * \param len: max length
+ */
+static LWS_INLINE int LWS_WARN_UNUSED_RESULT
+lws_vfs_file_read(lws_fop_fd_t fop_fd, lws_filepos_t *amount,
+		   uint8_t *buf, lws_filepos_t len)
+{
+	return fop_fd->fops->LWS_FOP_READ(fop_fd, amount, buf, len);
+}
+/**
+ * lws_plat_file_write() - write from file
+ *
+ * \param fop_fd: file handle
+ * \param amount: how much to write (rewritten by call)
+ * \param buf: buffer to read from
+ * \param len: max length
+ */
+static LWS_INLINE int LWS_WARN_UNUSED_RESULT
+lws_vfs_file_write(lws_fop_fd_t fop_fd, lws_filepos_t *amount,
+		    uint8_t *buf, lws_filepos_t len)
+{
+	return fop_fd->fops->LWS_FOP_WRITE(fop_fd, amount, buf, len);
+}
+
+/* these are the platform file operations implementations... they can
+ * be called directly and used in fops arrays
+ */
+
+LWS_VISIBLE LWS_EXTERN lws_fop_fd_t
+_lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename,
+		    const char *vpath, lws_fop_flags_t *flags);
+LWS_VISIBLE LWS_EXTERN int
+_lws_plat_file_close(lws_fop_fd_t *fop_fd);
+LWS_VISIBLE LWS_EXTERN lws_fileofs_t
+_lws_plat_file_seek_cur(lws_fop_fd_t fop_fd, lws_fileofs_t offset);
+LWS_VISIBLE LWS_EXTERN int
+_lws_plat_file_read(lws_fop_fd_t fop_fd, lws_filepos_t *amount,
+		    uint8_t *buf, lws_filepos_t len);
+LWS_VISIBLE LWS_EXTERN int
+_lws_plat_file_write(lws_fop_fd_t fop_fd, lws_filepos_t *amount,
+		     uint8_t *buf, lws_filepos_t len);
+
+LWS_VISIBLE LWS_EXTERN int
+lws_alloc_vfs_file(struct lws_context *context, const char *filename,
+		   uint8_t **buf, lws_filepos_t *amount);
+//@}
+
+/** \defgroup smtp SMTP related functions
+ * ##SMTP related functions
+ * \ingroup lwsapi
+ *
+ * These apis let you communicate with a local SMTP server to send email from
+ * lws.  It handles all the SMTP sequencing and protocol actions.
+ *
+ * Your system should have postfix, sendmail or another MTA listening on port
+ * 25 and able to send email using the "mail" commandline app.  Usually distro
+ * MTAs are configured for this by default.
+ *
+ * It runs via its own libuv events if initialized (which requires giving it
+ * a libuv loop to attach to).
+ *
+ * It operates using three callbacks, on_next() queries if there is a new email
+ * to send, on_get_body() asks for the body of the email, and on_sent() is
+ * called after the email is successfully sent.
+ *
+ * To use it
+ *
+ *  - create an lws_email struct
+ *
+ *  - initialize data, loop, the email_* strings, max_content_size and
+ *    the callbacks
+ *
+ *  - call lws_email_init()
+ *
+ *  When you have at least one email to send, call lws_email_check() to
+ *  schedule starting to send it.
+ */
+//@{
+#ifdef LWS_WITH_SMTP
+
+/** enum lwsgs_smtp_states - where we are in SMTP protocol sequence */
+enum lwsgs_smtp_states {
+	LGSSMTP_IDLE, /**< awaiting new email */
+	LGSSMTP_CONNECTING, /**< opening tcp connection to MTA */
+	LGSSMTP_CONNECTED, /**< tcp connection to MTA is connected */
+	LGSSMTP_SENT_HELO, /**< sent the HELO */
+	LGSSMTP_SENT_FROM, /**< sent FROM */
+	LGSSMTP_SENT_TO, /**< sent TO */
+	LGSSMTP_SENT_DATA, /**< sent DATA request */
+	LGSSMTP_SENT_BODY, /**< sent the email body */
+	LGSSMTP_SENT_QUIT, /**< sent the session quit */
+};
+
+/** struct lws_email - abstract context for performing SMTP operations */
+struct lws_email {
+	void *data;
+	/**< opaque pointer set by user code and available to the callbacks */
+	uv_loop_t *loop;
+	/**< the libuv loop we will work on */
+
+	char email_smtp_ip[32]; /**< Fill before init, eg, "127.0.0.1" */
+	char email_helo[32];	/**< Fill before init, eg, "myserver.com" */
+	char email_from[100];	/**< Fill before init or on_next */
+	char email_to[100];	/**< Fill before init or on_next */
+
+	unsigned int max_content_size;
+	/**< largest possible email body size */
+
+	/* Fill all the callbacks before init */
+
+	int (*on_next)(struct lws_email *email);
+	/**< (Fill in before calling lws_email_init)
+	 * called when idle, 0 = another email to send, nonzero is idle.
+	 * If you return 0, all of the email_* char arrays must be set
+	 * to something useful. */
+	int (*on_sent)(struct lws_email *email);
+	/**< (Fill in before calling lws_email_init)
+	 * called when transfer of the email to the SMTP server was
+	 * successful, your callback would remove the current email
+	 * from its queue */
+	int (*on_get_body)(struct lws_email *email, char *buf, int len);
+	/**< (Fill in before calling lws_email_init)
+	 * called when the body part of the queued email is about to be
+	 * sent to the SMTP server. */
+
+
+	/* private things */
+	uv_timer_t timeout_email; /**< private */
+	enum lwsgs_smtp_states estate; /**< private */
+	uv_connect_t email_connect_req; /**< private */
+	uv_tcp_t email_client; /**< private */
+	time_t email_connect_started; /**< private */
+	char email_buf[256]; /**< private */
+	char *content; /**< private */
+};
+
+/**
+ * lws_email_init() - Initialize a struct lws_email
+ *
+ * \param email: struct lws_email to init
+ * \param loop: libuv loop to use
+ * \param max_content: max email content size
+ *
+ * Prepares a struct lws_email for use ending SMTP
+ */
+LWS_VISIBLE LWS_EXTERN int
+lws_email_init(struct lws_email *email, uv_loop_t *loop, int max_content);
+
+/**
+ * lws_email_check() - Request check for new email
+ *
+ * \param email: struct lws_email context to check
+ *
+ * Schedules a check for new emails in 1s... call this when you have queued an
+ * email for send.
+ */
+LWS_VISIBLE LWS_EXTERN void
+lws_email_check(struct lws_email *email);
+/**
+ * lws_email_destroy() - stop using the struct lws_email
+ *
+ * \param email: the struct lws_email context
+ *
+ * Stop sending email using email and free allocations
+ */
+LWS_VISIBLE LWS_EXTERN void
+lws_email_destroy(struct lws_email *email);
+
+#endif
+//@}
+
+/*
+ * Stats are all uint64_t numbers that start at 0.
+ * Index names here have the convention
+ *
+ *  _C_ counter
+ *  _B_ byte count
+ *  _MS_ millisecond count
+ */
+
+enum {
+	LWSSTATS_C_CONNECTIONS, /**< count incoming connections */
+	LWSSTATS_C_API_CLOSE, /**< count calls to close api */
+	LWSSTATS_C_API_READ, /**< count calls to read from socket api */
+	LWSSTATS_C_API_LWS_WRITE, /**< count calls to lws_write API */
+	LWSSTATS_C_API_WRITE, /**< count calls to write API */
+	LWSSTATS_C_WRITE_PARTIALS, /**< count of partial writes */
+	LWSSTATS_C_WRITEABLE_CB_REQ, /**< count of writable callback requests */
+	LWSSTATS_C_WRITEABLE_CB_EFF_REQ, /**< count of effective writable callback requests */
+	LWSSTATS_C_WRITEABLE_CB, /**< count of writable callbacks */
+	LWSSTATS_C_SSL_CONNECTIONS_FAILED, /**< count of failed SSL connections */
+	LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED, /**< count of accepted SSL connections */
+	LWSSTATS_C_SSL_CONNECTIONS_ACCEPT_SPIN, /**< count of SSL_accept() attempts */
+	LWSSTATS_C_SSL_CONNS_HAD_RX, /**< count of accepted SSL conns that have had some RX */
+	LWSSTATS_C_TIMEOUTS, /**< count of timed-out connections */
+	LWSSTATS_C_SERVICE_ENTRY, /**< count of entries to lws service loop */
+	LWSSTATS_B_READ, /**< aggregate bytes read */
+	LWSSTATS_B_WRITE, /**< aggregate bytes written */
+	LWSSTATS_B_PARTIALS_ACCEPTED_PARTS, /**< aggreate of size of accepted write data from new partials */
+	LWSSTATS_MS_SSL_CONNECTIONS_ACCEPTED_DELAY, /**< aggregate delay in accepting connection */
+	LWSSTATS_MS_WRITABLE_DELAY, /**< aggregate delay between asking for writable and getting cb */
+	LWSSTATS_MS_WORST_WRITABLE_DELAY, /**< single worst delay between asking for writable and getting cb */
+	LWSSTATS_MS_SSL_RX_DELAY, /**< aggregate delay between ssl accept complete and first RX */
+	LWSSTATS_C_PEER_LIMIT_AH_DENIED, /**< number of times we would have given an ah but for the peer limit */
+	LWSSTATS_C_PEER_LIMIT_WSI_DENIED, /**< number of times we would have given a wsi but for the peer limit */
+
+	/* Add new things just above here ---^
+	 * This is part of the ABI, don't needlessly break compatibility */
+	LWSSTATS_SIZE
+};
+
+#if defined(LWS_WITH_STATS)
+
+LWS_VISIBLE LWS_EXTERN uint64_t
+lws_stats_get(struct lws_context *context, int index);
+LWS_VISIBLE LWS_EXTERN void
+lws_stats_log_dump(struct lws_context *context);
+#else
+static LWS_INLINE uint64_t
+lws_stats_get(struct lws_context *context, int index) { return 0; }
+static LWS_INLINE void
+lws_stats_log_dump(struct lws_context *context) { }
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/thirdparty/lws/lws_config.h b/thirdparty/lws/lws_config.h
new file mode 100644
index 0000000000..3a918747b1
--- /dev/null
+++ b/thirdparty/lws/lws_config.h
@@ -0,0 +1,166 @@
+/* lws_config.h  Generated from lws_config.h.in  */
+#include "lws_config_private.h"
+
+#ifndef NDEBUG
+	#ifndef _DEBUG
+		#define _DEBUG
+	#endif
+#endif
+
+#define LWS_INSTALL_DATADIR "/usr/local/share"
+
+/* Define to 1 to use wolfSSL/CyaSSL as a replacement for OpenSSL.
+ * LWS_OPENSSL_SUPPORT needs to be set also for this to work. */
+/* #undef USE_WOLFSSL */
+
+/* Also define to 1 (in addition to USE_WOLFSSL) when using the
+  (older) CyaSSL library */
+/* #undef USE_OLD_CYASSL */
+/* #undef LWS_WITH_BORINGSSL */
+
+#define LWS_WITH_MBEDTLS
+/* #undef LWS_WITH_POLARSSL */
+/* #undef LWS_WITH_ESP8266 */
+/* #undef LWS_WITH_ESP32 */
+
+/* #undef LWS_WITH_PLUGINS */
+/* #undef LWS_WITH_NO_LOGS */
+#ifndef DEBUG_ENABLED
+#define LWS_WITH_NO_LOGS
+#endif
+
+/* The Libwebsocket version */
+#define LWS_LIBRARY_VERSION "2.4.1"
+
+#define LWS_LIBRARY_VERSION_MAJOR 2
+#define LWS_LIBRARY_VERSION_MINOR 4
+#define LWS_LIBRARY_VERSION_PATCH 1
+/* LWS_LIBRARY_VERSION_NUMBER looks like 1005001 for e.g. version 1.5.1 */
+#define LWS_LIBRARY_VERSION_NUMBER (LWS_LIBRARY_VERSION_MAJOR*1000000)+(LWS_LIBRARY_VERSION_MINOR*1000)+LWS_LIBRARY_VERSION_PATCH
+
+/* The current git commit hash that we're building from */
+#define LWS_BUILD_HASH "55f97b7806e07db2d4c8a158172cd309d0faf450"
+
+/* Build with OpenSSL support */
+#define LWS_OPENSSL_SUPPORT
+
+/* The client should load and trust CA root certs it finds in the OS */
+#define LWS_SSL_CLIENT_USE_OS_CA_CERTS
+
+/* Sets the path where the client certs should be installed. */
+#define LWS_OPENSSL_CLIENT_CERTS "../share"
+
+/* Turn off websocket extensions */
+/* #undef LWS_NO_EXTENSIONS */
+
+/* Enable libev io loop */
+/* #undef LWS_WITH_LIBEV */
+#undef LWS_WITH_LIBEV
+
+/* Enable libuv io loop */
+/* #undef LWS_WITH_LIBUV */
+#undef LWS_WITH_LIBUV
+
+/* Enable libevent io loop */
+/* #undef LWS_WITH_LIBEVENT */
+#undef LWS_WITH_LIBEVENT
+
+/* Build with support for ipv6 */
+/* #undef LWS_WITH_IPV6 */
+
+/* Build with support for UNIX domain socket */
+/* #undef LWS_WITH_UNIX_SOCK */
+#ifdef WINDOWS_ENABLED
+#undef LWS_USE_UNIX_SOCK
+#endif
+
+/* Build with support for HTTP2 */
+/* #undef LWS_WITH_HTTP2 */
+
+/* Turn on latency measuring code */
+/* #undef LWS_LATENCY */
+
+/* Don't build the daemonizeation api */
+#define LWS_NO_DAEMONIZE
+
+/* Build without server support */
+/* #undef LWS_NO_SERVER */
+
+/* Build without client support */
+/* #undef LWS_NO_CLIENT */
+
+/* If we should compile with MinGW support */
+/* #undef LWS_MINGW_SUPPORT */
+
+/* Use the BSD getifaddrs that comes with libwebsocket, for uclibc support */
+/* #undef LWS_BUILTIN_GETIFADDRS */
+
+/* use SHA1() not internal libwebsockets_SHA1 */
+/* #undef LWS_SHA1_USE_OPENSSL_NAME */
+
+/* SSL server using ECDH certificate */
+/* #undef LWS_SSL_SERVER_WITH_ECDH_CERT */
+#define LWS_HAVE_SSL_CTX_set1_param
+#define LWS_HAVE_X509_VERIFY_PARAM_set1_host
+/* #undef LWS_HAVE_RSA_SET0_KEY */
+
+/* #undef LWS_HAVE_UV_VERSION_H */
+
+/* CGI apis */
+/* #undef LWS_WITH_CGI */
+
+/* whether the Openssl is recent enough, and / or built with, ecdh */
+#define LWS_HAVE_OPENSSL_ECDH_H
+
+/* HTTP Proxy support */
+/* #undef LWS_WITH_HTTP_PROXY */
+
+/* HTTP Ranges support */
+#define LWS_WITH_RANGES
+
+/* Http access log support */
+/* #undef LWS_WITH_ACCESS_LOG */
+/* #undef LWS_WITH_SERVER_STATUS */
+
+/* #undef LWS_WITH_STATEFUL_URLDECODE */
+/* #undef LWS_WITH_PEER_LIMITS */
+
+/* Maximum supported service threads */
+#define LWS_MAX_SMP 1
+
+/* Lightweight JSON Parser */
+/* #undef LWS_WITH_LEJP */
+
+/* SMTP */
+/* #undef LWS_WITH_SMTP */
+
+/* OPTEE */
+/* #undef LWS_PLAT_OPTEE */
+
+/* ZIP FOPS */
+#define LWS_WITH_ZIP_FOPS
+#define LWS_HAVE_STDINT_H
+
+/* #undef LWS_AVOID_SIGPIPE_IGN */
+
+/* #undef LWS_FALLBACK_GETHOSTBYNAME */
+
+/* #undef LWS_WITH_STATS */
+/* #undef LWS_WITH_SOCKS5 */
+
+/* #undef LWS_HAVE_SYS_CAPABILITY_H */
+/* #undef LWS_HAVE_LIBCAP */
+
+#define LWS_HAVE_ATOLL
+/* #undef LWS_HAVE__ATOI64 */
+/* #undef LWS_HAVE__STAT32I64 */
+
+/* OpenSSL various APIs */
+
+/* #undef LWS_HAVE_TLS_CLIENT_METHOD */
+#define LWS_HAVE_TLSV1_2_CLIENT_METHOD
+#define LWS_HAVE_SSL_SET_INFO_CALLBACK
+
+#define LWS_HAS_INTPTR_T
+
+
diff --git a/thirdparty/lws/lws_config_private.h b/thirdparty/lws/lws_config_private.h
new file mode 100644
index 0000000000..475d1bd3f8
--- /dev/null
+++ b/thirdparty/lws/lws_config_private.h
@@ -0,0 +1,143 @@
+/* lws_config_private.h.in. Private compilation options. */
+#ifndef DEBUG_ENABLED
+#define NDEBUG
+#endif
+
+#ifndef NDEBUG
+	#ifndef _DEBUG
+		#define _DEBUG
+	#endif
+#endif
+
+/* Define to 1 to use CyaSSL as a replacement for OpenSSL. 
+ * LWS_OPENSSL_SUPPORT needs to be set also for this to work. */
+/* #undef USE_CYASSL */
+
+/* Define to 1 if you have the `bzero' function. */
+#define LWS_HAVE_BZERO
+/*  Windows has no bzero function */
+#ifdef WINDOWS_ENABLED
+#undef LWS_HAVE_BZERO
+#endif
+
+/* Define to 1 if you have the <dlfcn.h> header file. */
+#define LWS_HAVE_DLFCN_H
+
+/* Define to 1 if you have the <fcntl.h> header file. */
+#define LWS_HAVE_FCNTL_H
+#ifdef NO_FCNTL
+#undef LWS_HAVE_FCNTL_H
+#endif
+
+/* Define to 1 if you have the `fork' function. */
+#define LWS_HAVE_FORK
+
+/* Define to 1 if you have the `getenv’ function. */
+#define LWS_HAVE_GETENV
+
+/* Define to 1 if you have the <in6addr.h> header file. */
+/* #undef LWS_HAVE_IN6ADDR_H */
+
+/* Define to 1 if you have the <inttypes.h> header file. */
+#define LWS_HAVE_INTTYPES_H
+
+/* Define to 1 if you have the `ssl' library (-lssl). */
+/* #undef LWS_HAVE_LIBSSL */
+
+/* Define to 1 if your system has a GNU libc compatible `malloc' function, and
+   to 0 otherwise. */
+#define LWS_HAVE_MALLOC
+
+/* Define to 1 if you have the <memory.h> header file. */
+#define LWS_HAVE_MEMORY_H
+
+/* Define to 1 if you have the `memset' function. */
+#define LWS_HAVE_MEMSET
+
+/* Define to 1 if you have the <netinet/in.h> header file. */
+#define LWS_HAVE_NETINET_IN_H
+
+/* Define to 1 if your system has a GNU libc compatible `realloc' function,
+   and to 0 otherwise. */
+#define LWS_HAVE_REALLOC
+
+/* Define to 1 if you have the `socket' function. */
+#define LWS_HAVE_SOCKET
+
+/* Define to 1 if you have the <stdint.h> header file. */
+#define LWS_HAVE_STDINT_H
+
+/* Define to 1 if you have the <stdlib.h> header file. */
+#define LWS_HAVE_STDLIB_H
+
+/* Define to 1 if you have the `strerror' function. */
+#define LWS_HAVE_STRERROR
+
+/* Define to 1 if you have the <strings.h> header file. */
+#define LWS_HAVE_STRINGS_H
+
+/* Define to 1 if you have the <string.h> header file. */
+#define LWS_HAVE_STRING_H
+
+/* Define to 1 if you have the <sys/prctl.h> header file. */
+#define LWS_HAVE_SYS_PRCTL_H
+#if defined(OSX_ENABLED) || defined(IPHONE_ENABLED) || defined(__FreeBSD__) || defined(__OpenBSD__)
+#undef LWS_HAVE_SYS_PRCTL_H
+#endif
+
+/* Define to 1 if you have the <sys/socket.h> header file. */
+#define LWS_HAVE_SYS_SOCKET_H
+
+/* Define to 1 if you have the <sys/sockio.h> header file. */
+/* #undef LWS_HAVE_SYS_SOCKIO_H */
+
+/* Define to 1 if you have the <sys/stat.h> header file. */
+#define LWS_HAVE_SYS_STAT_H
+
+/* Define to 1 if you have the <sys/types.h> header file. */
+#define LWS_HAVE_SYS_TYPES_H
+
+/* Define to 1 if you have the <unistd.h> header file. */
+#define LWS_HAVE_UNISTD_H
+
+/* Define to 1 if you have the `vfork' function. */
+#define LWS_HAVE_VFORK
+
+/* Define to 1 if you have the <vfork.h> header file. */
+/* #undef LWS_HAVE_VFORK_H */
+
+/* Define to 1 if `fork' works. */
+#define LWS_HAVE_WORKING_FORK
+
+/* Define to 1 if `vfork' works. */
+#define LWS_HAVE_WORKING_VFORK
+
+/* Define to 1 if execvpe() exists */
+#define LWS_HAVE_EXECVPE
+
+/* Define to 1 if you have the <zlib.h> header file. */
+#define LWS_HAVE_ZLIB_H
+
+#define LWS_HAVE_GETLOADAVG
+
+/* Define to the sub-directory in which libtool stores uninstalled libraries.
+   */
+#undef LT_OBJDIR // We're not using libtool
+
+/* Define to rpl_malloc if the replacement function should be used. */
+/* #undef malloc */
+
+/* Define to rpl_realloc if the replacement function should be used. */
+/* #undef realloc */
+
+/* Define to 1 if we have getifaddrs */
+#define LWS_HAVE_GETIFADDRS
+#if defined(ANDROID_ENABLED)
+#undef LWS_HAVE_GETIFADDRS
+#define LWS_BUILTIN_GETIFADDRS
+#endif
+
+/* Define if the inline keyword doesn't exist. */
+/* #undef inline */
+
+
diff --git a/thirdparty/lws/mbedtls_wrapper/include/internal/ssl3.h b/thirdparty/lws/mbedtls_wrapper/include/internal/ssl3.h
new file mode 100644
index 0000000000..007b392f3e
--- /dev/null
+++ b/thirdparty/lws/mbedtls_wrapper/include/internal/ssl3.h
@@ -0,0 +1,44 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef _SSL3_H_
+#define _SSL3_H_
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+# define SSL3_AD_CLOSE_NOTIFY             0
+# define SSL3_AD_UNEXPECTED_MESSAGE      10/* fatal */
+# define SSL3_AD_BAD_RECORD_MAC          20/* fatal */
+# define SSL3_AD_DECOMPRESSION_FAILURE   30/* fatal */
+# define SSL3_AD_HANDSHAKE_FAILURE       40/* fatal */
+# define SSL3_AD_NO_CERTIFICATE          41
+# define SSL3_AD_BAD_CERTIFICATE         42
+# define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
+# define SSL3_AD_CERTIFICATE_REVOKED     44
+# define SSL3_AD_CERTIFICATE_EXPIRED     45
+# define SSL3_AD_CERTIFICATE_UNKNOWN     46
+# define SSL3_AD_ILLEGAL_PARAMETER       47/* fatal */
+
+# define SSL3_AL_WARNING                  1
+# define SSL3_AL_FATAL                    2
+
+#define SSL3_VERSION                 0x0300
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_cert.h b/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_cert.h
new file mode 100644
index 0000000000..86cf31ad51
--- /dev/null
+++ b/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_cert.h
@@ -0,0 +1,55 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef _SSL_CERT_H_
+#define _SSL_CERT_H_
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#include "ssl_types.h"
+
+/**
+ * @brief create a certification object include private key object according to input certification
+ *
+ * @param ic - input certification point
+ *
+ * @return certification object point
+ */
+CERT *__ssl_cert_new(CERT *ic);
+
+/**
+ * @brief create a certification object include private key object
+ *
+ * @param none
+ *
+ * @return certification object point
+ */
+CERT* ssl_cert_new(void);
+
+/**
+ * @brief free a certification object
+ *
+ * @param cert - certification object point
+ *
+ * @return none
+ */
+void ssl_cert_free(CERT *cert);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_code.h b/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_code.h
new file mode 100644
index 0000000000..80fdbb20f3
--- /dev/null
+++ b/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_code.h
@@ -0,0 +1,124 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef _SSL_CODE_H_
+#define _SSL_CODE_H_
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#include "ssl3.h"
+#include "tls1.h"
+#include "x509_vfy.h"
+
+/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
+# define SSL_SENT_SHUTDOWN       1
+# define SSL_RECEIVED_SHUTDOWN   2
+
+# define SSL_VERIFY_NONE                 0x00
+# define SSL_VERIFY_PEER                 0x01
+# define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
+# define SSL_VERIFY_CLIENT_ONCE          0x04
+
+/*
+ * The following 3 states are kept in ssl->rlayer.rstate when reads fail, you
+ * should not need these
+ */
+# define SSL_ST_READ_HEADER                      0xF0
+# define SSL_ST_READ_BODY                        0xF1
+# define SSL_ST_READ_DONE                        0xF2
+
+# define SSL_NOTHING            1
+# define SSL_WRITING            2
+# define SSL_READING            3
+# define SSL_X509_LOOKUP        4
+# define SSL_ASYNC_PAUSED       5
+# define SSL_ASYNC_NO_JOBS      6
+
+
+# define SSL_ERROR_NONE                  0
+# define SSL_ERROR_SSL                   1
+# define SSL_ERROR_WANT_READ             2
+# define SSL_ERROR_WANT_WRITE            3
+# define SSL_ERROR_WANT_X509_LOOKUP      4
+# define SSL_ERROR_SYSCALL               5/* look at error stack/return value/errno */
+# define SSL_ERROR_ZERO_RETURN           6
+# define SSL_ERROR_WANT_CONNECT          7
+# define SSL_ERROR_WANT_ACCEPT           8
+# define SSL_ERROR_WANT_ASYNC            9
+# define SSL_ERROR_WANT_ASYNC_JOB       10
+
+/* Message flow states */
+typedef enum {
+    /* No handshake in progress */
+    MSG_FLOW_UNINITED,
+    /* A permanent error with this connection */
+    MSG_FLOW_ERROR,
+    /* We are about to renegotiate */
+    MSG_FLOW_RENEGOTIATE,
+    /* We are reading messages */
+    MSG_FLOW_READING,
+    /* We are writing messages */
+    MSG_FLOW_WRITING,
+    /* Handshake has finished */
+    MSG_FLOW_FINISHED
+} MSG_FLOW_STATE;
+
+/* SSL subsystem states */
+typedef enum {
+    TLS_ST_BEFORE,
+    TLS_ST_OK,
+    DTLS_ST_CR_HELLO_VERIFY_REQUEST,
+    TLS_ST_CR_SRVR_HELLO,
+    TLS_ST_CR_CERT,
+    TLS_ST_CR_CERT_STATUS,
+    TLS_ST_CR_KEY_EXCH,
+    TLS_ST_CR_CERT_REQ,
+    TLS_ST_CR_SRVR_DONE,
+    TLS_ST_CR_SESSION_TICKET,
+    TLS_ST_CR_CHANGE,
+    TLS_ST_CR_FINISHED,
+    TLS_ST_CW_CLNT_HELLO,
+    TLS_ST_CW_CERT,
+    TLS_ST_CW_KEY_EXCH,
+    TLS_ST_CW_CERT_VRFY,
+    TLS_ST_CW_CHANGE,
+    TLS_ST_CW_NEXT_PROTO,
+    TLS_ST_CW_FINISHED,
+    TLS_ST_SW_HELLO_REQ,
+    TLS_ST_SR_CLNT_HELLO,
+    DTLS_ST_SW_HELLO_VERIFY_REQUEST,
+    TLS_ST_SW_SRVR_HELLO,
+    TLS_ST_SW_CERT,
+    TLS_ST_SW_KEY_EXCH,
+    TLS_ST_SW_CERT_REQ,
+    TLS_ST_SW_SRVR_DONE,
+    TLS_ST_SR_CERT,
+    TLS_ST_SR_KEY_EXCH,
+    TLS_ST_SR_CERT_VRFY,
+    TLS_ST_SR_NEXT_PROTO,
+    TLS_ST_SR_CHANGE,
+    TLS_ST_SR_FINISHED,
+    TLS_ST_SW_SESSION_TICKET,
+    TLS_ST_SW_CERT_STATUS,
+    TLS_ST_SW_CHANGE,
+    TLS_ST_SW_FINISHED
+} OSSL_HANDSHAKE_STATE;
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_dbg.h b/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_dbg.h
new file mode 100644
index 0000000000..ad32cb92ff
--- /dev/null
+++ b/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_dbg.h
@@ -0,0 +1,190 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef _SSL_DEBUG_H_
+#define _SSL_DEBUG_H_
+
+#include "platform/ssl_port.h"
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#ifdef CONFIG_OPENSSL_DEBUG_LEVEL
+    #define SSL_DEBUG_LEVEL CONFIG_OPENSSL_DEBUG_LEVEL
+#else
+    #define SSL_DEBUG_LEVEL 0
+#endif
+
+#define SSL_DEBUG_ON  (SSL_DEBUG_LEVEL + 1)
+#define SSL_DEBUG_OFF (SSL_DEBUG_LEVEL - 1)
+
+#ifdef CONFIG_OPENSSL_DEBUG
+    #ifndef SSL_DEBUG_LOG
+        #error "SSL_DEBUG_LOG is not defined"
+    #endif
+
+    #ifndef SSL_DEBUG_FL
+        #define SSL_DEBUG_FL "\n"
+    #endif
+
+    #define SSL_SHOW_LOCATION()                         \
+        SSL_DEBUG_LOG("SSL assert : %s %d\n",           \
+            __FILE__, __LINE__)
+
+    #define SSL_DEBUG(level, fmt, ...)                  \
+    {                                                   \
+        if (level > SSL_DEBUG_LEVEL) {                  \
+            SSL_DEBUG_LOG(fmt SSL_DEBUG_FL, ##__VA_ARGS__); \
+        }                                               \
+    }
+#else /* CONFIG_OPENSSL_DEBUG */
+    #define SSL_SHOW_LOCATION()
+
+    #define SSL_DEBUG(level, fmt, ...)
+#endif /* CONFIG_OPENSSL_DEBUG */
+
+/**
+ * OpenSSL assert function
+ *
+ * if select "CONFIG_OPENSSL_ASSERT_DEBUG", SSL_ASSERT* will show error file name and line
+ * if select "CONFIG_OPENSSL_ASSERT_EXIT", SSL_ASSERT* will just return error code.
+ * if select "CONFIG_OPENSSL_ASSERT_DEBUG_EXIT" SSL_ASSERT* will show error file name and line,
+ * then return error code.
+ * if select "CONFIG_OPENSSL_ASSERT_DEBUG_BLOCK", SSL_ASSERT* will show error file name and line,
+ * then block here with "while (1)"
+ *
+ * SSL_ASSERT1 may will return "-1", so function's return argument is integer.
+ * SSL_ASSERT2 may will return "NULL", so function's return argument is a point.
+ * SSL_ASSERT2 may will return nothing, so function's return argument is "void".
+ */
+#if defined(CONFIG_OPENSSL_ASSERT_DEBUG)
+    #define SSL_ASSERT1(s)                              \
+    {                                                   \
+        if (!(s)) {                                     \
+            SSL_SHOW_LOCATION();                        \
+        }                                               \
+    }
+
+    #define SSL_ASSERT2(s)                              \
+    {                                                   \
+        if (!(s)) {                                     \
+            SSL_SHOW_LOCATION();                        \
+        }                                               \
+    }
+
+    #define SSL_ASSERT3(s)                              \
+    {                                                   \
+        if (!(s)) {                                     \
+            SSL_SHOW_LOCATION();                        \
+        }                                               \
+    }
+#elif defined(CONFIG_OPENSSL_ASSERT_EXIT)
+    #define SSL_ASSERT1(s)                              \
+    {                                                   \
+        if (!(s)) {                                     \
+            return -1;                                  \
+        }                                               \
+    }
+
+    #define SSL_ASSERT2(s)                              \
+    {                                                   \
+        if (!(s)) {                                     \
+            return NULL;                                \
+        }                                               \
+    }
+
+    #define SSL_ASSERT3(s)                              \
+    {                                                   \
+        if (!(s)) {                                     \
+            return ;                                    \
+        }                                               \
+    }
+#elif defined(CONFIG_OPENSSL_ASSERT_DEBUG_EXIT)
+    #define SSL_ASSERT1(s)                              \
+    {                                                   \
+        if (!(s)) {                                     \
+            SSL_SHOW_LOCATION();                        \
+            return -1;                                  \
+        }                                               \
+    }
+
+    #define SSL_ASSERT2(s)                              \
+    {                                                   \
+        if (!(s)) {                                     \
+            SSL_SHOW_LOCATION();                        \
+            return NULL;                                \
+        }                                               \
+    }
+
+    #define SSL_ASSERT3(s)                              \
+    {                                                   \
+        if (!(s)) {                                     \
+            SSL_SHOW_LOCATION();                        \
+            return ;                                    \
+        }                                               \
+    }
+#elif defined(CONFIG_OPENSSL_ASSERT_DEBUG_BLOCK)
+    #define SSL_ASSERT1(s)                              \
+    {                                                   \
+        if (!(s)) {                                     \
+            SSL_SHOW_LOCATION();                        \
+            while (1);                                  \
+        }                                               \
+    }
+
+    #define SSL_ASSERT2(s)                              \
+    {                                                   \
+        if (!(s)) {                                     \
+            SSL_SHOW_LOCATION();                        \
+            while (1);                                  \
+        }                                               \
+    }
+
+    #define SSL_ASSERT3(s)                              \
+    {                                                   \
+        if (!(s)) {                                     \
+            SSL_SHOW_LOCATION();                        \
+            while (1);                                  \
+        }                                               \
+    }
+#else
+    #define SSL_ASSERT1(s)
+    #define SSL_ASSERT2(s)
+    #define SSL_ASSERT3(s)
+#endif
+
+#define SSL_PLATFORM_DEBUG_LEVEL SSL_DEBUG_OFF
+#define SSL_PLATFORM_ERROR_LEVEL SSL_DEBUG_ON
+
+#define SSL_CERT_DEBUG_LEVEL     SSL_DEBUG_OFF
+#define SSL_CERT_ERROR_LEVEL     SSL_DEBUG_ON
+
+#define SSL_PKEY_DEBUG_LEVEL     SSL_DEBUG_OFF
+#define SSL_PKEY_ERROR_LEVEL     SSL_DEBUG_ON
+
+#define SSL_X509_DEBUG_LEVEL     SSL_DEBUG_OFF
+#define SSL_X509_ERROR_LEVEL     SSL_DEBUG_ON
+
+#define SSL_LIB_DEBUG_LEVEL      SSL_DEBUG_OFF
+#define SSL_LIB_ERROR_LEVEL      SSL_DEBUG_ON
+
+#define SSL_STACK_DEBUG_LEVEL    SSL_DEBUG_OFF
+#define SSL_STACK_ERROR_LEVEL    SSL_DEBUG_ON
+
+#ifdef __cplusplus
+ }
+#endif
+
+#endif
diff --git a/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_lib.h b/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_lib.h
new file mode 100644
index 0000000000..42b2de7501
--- /dev/null
+++ b/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_lib.h
@@ -0,0 +1,30 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef _SSL_LIB_H_
+#define _SSL_LIB_H_
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#include "ssl_types.h"
+
+ void _ssl_set_alpn_list(const SSL *ssl);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_methods.h b/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_methods.h
new file mode 100644
index 0000000000..cd2f8c0533
--- /dev/null
+++ b/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_methods.h
@@ -0,0 +1,121 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef _SSL_METHODS_H_
+#define _SSL_METHODS_H_
+
+#include "ssl_types.h"
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/**
+ * TLS method function implement
+ */
+#define IMPLEMENT_TLS_METHOD_FUNC(func_name, \
+                    new, free, \
+                    handshake, shutdown, clear, \
+                    read, send, pending, \
+                    set_fd, get_fd, \
+                    set_bufflen, \
+                    get_verify_result, \
+                    get_state) \
+        static const SSL_METHOD_FUNC func_name LOCAL_ATRR = { \
+                new, \
+                free, \
+                handshake, \
+                shutdown, \
+                clear, \
+                read, \
+                send, \
+                pending, \
+                set_fd, \
+                get_fd, \
+                set_bufflen, \
+                get_verify_result, \
+                get_state \
+        };
+
+#define IMPLEMENT_TLS_METHOD(ver, mode, fun, func_name) \
+    const SSL_METHOD* func_name(void) { \
+        static const SSL_METHOD func_name##_data LOCAL_ATRR = { \
+                ver, \
+                mode, \
+                &(fun), \
+        }; \
+        return &func_name##_data; \
+    }
+
+#define IMPLEMENT_SSL_METHOD(ver, mode, fun, func_name) \
+    const SSL_METHOD* func_name(void) { \
+        static const SSL_METHOD func_name##_data LOCAL_ATRR = { \
+                ver, \
+                mode, \
+                &(fun), \
+        }; \
+        return &func_name##_data; \
+    }
+
+#define IMPLEMENT_X509_METHOD(func_name, \
+                new, \
+                free, \
+                load, \
+                show_info) \
+    const X509_METHOD* func_name(void) { \
+        static const X509_METHOD func_name##_data LOCAL_ATRR = { \
+                new, \
+                free, \
+                load, \
+                show_info \
+        }; \
+        return &func_name##_data; \
+    }
+
+#define IMPLEMENT_PKEY_METHOD(func_name, \
+                new, \
+                free, \
+                load) \
+    const PKEY_METHOD* func_name(void) { \
+        static const PKEY_METHOD func_name##_data LOCAL_ATRR = { \
+                new, \
+                free, \
+                load \
+        }; \
+        return &func_name##_data; \
+    }
+
+/**
+ * @brief get X509 object method
+ *
+ * @param none
+ *
+ * @return X509 object method point
+ */
+const X509_METHOD* X509_method(void);
+
+/**
+ * @brief get private key object method
+ *
+ * @param none
+ *
+ * @return private key object method point
+ */
+const PKEY_METHOD* EVP_PKEY_method(void);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_pkey.h b/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_pkey.h
new file mode 100644
index 0000000000..e790fcc995
--- /dev/null
+++ b/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_pkey.h
@@ -0,0 +1,86 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef _SSL_PKEY_H_
+#define _SSL_PKEY_H_
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#include "ssl_types.h"
+
+/**
+ * @brief create a private key object according to input private key
+ *
+ * @param ipk - input private key point
+ *
+ * @return new private key object point
+ */
+EVP_PKEY* __EVP_PKEY_new(EVP_PKEY *ipk);
+
+/**
+ * @brief create a private key object
+ *
+ * @param none
+ *
+ * @return private key object point
+ */
+EVP_PKEY* EVP_PKEY_new(void);
+
+/**
+ * @brief load a character key context into system context. If '*a' is pointed to the
+ *        private key, then load key into it. Or create a new private key object
+ *
+ * @param type   - private key type
+ * @param a      - a point pointed to a private key point
+ * @param pp     - a point pointed to the key context memory point
+ * @param length - key bytes
+ *
+ * @return private key object point
+ */
+EVP_PKEY* d2i_PrivateKey(int type,
+                         EVP_PKEY **a,
+                         const unsigned char **pp,
+                         long length);
+
+/**
+ * @brief free a private key object
+ *
+ * @param pkey - private key object point
+ *
+ * @return none
+ */
+void EVP_PKEY_free(EVP_PKEY *x);
+
+/**
+ * @brief load private key into the SSL
+ *
+ * @param type - private key type
+ * @param ssl  - SSL point
+ * @param len  - data bytes
+ * @param d    - data point
+ *
+ * @return result
+ *     0 : failed
+ *     1 : OK 
+ */
+ int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d, long len);
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_stack.h b/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_stack.h
new file mode 100644
index 0000000000..7a7051a026
--- /dev/null
+++ b/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_stack.h
@@ -0,0 +1,52 @@
+#ifndef _SSL_STACK_H_
+#define _SSL_STACK_H_
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#include "ssl_types.h"
+
+#define STACK_OF(type)  struct stack_st_##type
+
+#define SKM_DEFINE_STACK_OF(t1, t2, t3) \
+    STACK_OF(t1); \
+    static ossl_inline STACK_OF(t1) *sk_##t1##_new_null(void) \
+    { \
+        return (STACK_OF(t1) *)OPENSSL_sk_new_null(); \
+    } \
+
+#define DEFINE_STACK_OF(t) SKM_DEFINE_STACK_OF(t, t, t)
+
+/**
+ * @brief create a openssl stack object
+ *
+ * @param c - stack function
+ *
+ * @return openssl stack object point
+ */
+OPENSSL_STACK* OPENSSL_sk_new(OPENSSL_sk_compfunc c);
+
+/**
+ * @brief create a NULL function openssl stack object
+ *
+ * @param none
+ *
+ * @return openssl stack object point
+ */
+OPENSSL_STACK *OPENSSL_sk_new_null(void);
+
+/**
+ * @brief free openssl stack object
+ *
+ * @param openssl stack object point
+ *
+ * @return none
+ */
+void OPENSSL_sk_free(OPENSSL_STACK *stack);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_types.h b/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_types.h
new file mode 100644
index 0000000000..45198bc978
--- /dev/null
+++ b/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_types.h
@@ -0,0 +1,296 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef _SSL_TYPES_H_
+#define _SSL_TYPES_H_
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#include <lws_config.h>
+#if defined(LWS_WITH_ESP32)
+#undef MBEDTLS_CONFIG_FILE
+#define MBEDTLS_CONFIG_FILE <mbedtls/esp_config.h>
+#endif
+
+#include "ssl_code.h"
+
+typedef void SSL_CIPHER;
+
+typedef void X509_STORE_CTX;
+typedef void X509_STORE;
+
+typedef void RSA;
+
+typedef void STACK;
+typedef void BIO;
+
+#define ossl_inline inline
+
+#define SSL_METHOD_CALL(f, s, ...)        s->method->func->ssl_##f(s, ##__VA_ARGS__)
+#define X509_METHOD_CALL(f, x, ...)       x->method->x509_##f(x, ##__VA_ARGS__)
+#define EVP_PKEY_METHOD_CALL(f, k, ...)   k->method->pkey_##f(k, ##__VA_ARGS__)
+
+typedef int (*OPENSSL_sk_compfunc)(const void *, const void *);
+
+struct stack_st;
+typedef struct stack_st OPENSSL_STACK;
+
+struct ssl_method_st;
+typedef struct ssl_method_st SSL_METHOD;
+
+struct ssl_method_func_st;
+typedef struct ssl_method_func_st SSL_METHOD_FUNC;
+
+struct record_layer_st;
+typedef struct record_layer_st RECORD_LAYER;
+
+struct ossl_statem_st;
+typedef struct ossl_statem_st OSSL_STATEM;
+
+struct ssl_session_st;
+typedef struct ssl_session_st SSL_SESSION;
+
+struct ssl_ctx_st;
+typedef struct ssl_ctx_st SSL_CTX;
+
+struct ssl_st;
+typedef struct ssl_st SSL;
+
+struct cert_st;
+typedef struct cert_st CERT;
+
+struct x509_st;
+typedef struct x509_st X509;
+
+struct X509_VERIFY_PARAM_st;
+typedef struct X509_VERIFY_PARAM_st X509_VERIFY_PARAM;
+
+struct evp_pkey_st;
+typedef struct evp_pkey_st EVP_PKEY;
+
+struct x509_method_st;
+typedef struct x509_method_st X509_METHOD;
+
+struct pkey_method_st;
+typedef struct pkey_method_st PKEY_METHOD;
+
+struct stack_st {
+
+    char **data;
+
+    int num_alloc;
+
+    OPENSSL_sk_compfunc c;
+};
+
+struct evp_pkey_st {
+
+    void *pkey_pm;
+
+    const PKEY_METHOD *method;
+};
+
+struct x509_st {
+
+    /* X509 certification platform private point */
+    void *x509_pm;
+
+    const X509_METHOD *method;
+};
+
+struct cert_st {
+
+    int sec_level;
+
+    X509 *x509;
+
+    EVP_PKEY *pkey;
+
+};
+
+struct ossl_statem_st {
+
+    MSG_FLOW_STATE state;
+
+    int hand_state;
+};
+
+struct record_layer_st {
+
+    int rstate;
+
+    int read_ahead;
+};
+
+struct ssl_session_st {
+
+    long timeout;
+
+    long time;
+
+    X509 *peer;
+};
+
+struct X509_VERIFY_PARAM_st {
+
+    int depth;
+
+};
+
+typedef int (*next_proto_cb)(SSL *ssl, unsigned char **out,
+                             unsigned char *outlen, const unsigned char *in,
+                             unsigned int inlen, void *arg);
+
+struct ssl_ctx_st
+{
+    int version;
+
+    int references;
+
+    unsigned long options;
+
+    const SSL_METHOD *method;
+
+    CERT *cert;
+
+    X509 *client_CA;
+
+    const char **alpn_protos;
+
+    next_proto_cb alpn_cb;
+
+    int verify_mode;
+
+    int (*default_verify_callback) (int ok, X509_STORE_CTX *ctx);
+
+    long session_timeout;
+
+    int read_ahead;
+
+    int read_buffer_len;
+
+    X509_VERIFY_PARAM param;
+};
+
+struct ssl_st
+{
+    /* protocol version(one of SSL3.0, TLS1.0, etc.) */
+    int version;
+
+    unsigned long options;
+
+    /* shut things down(0x01 : sent, 0x02 : received) */
+    int shutdown;
+
+    CERT *cert;
+
+    X509 *client_CA;
+
+    SSL_CTX  *ctx;
+
+    const SSL_METHOD *method;
+
+    RECORD_LAYER rlayer;
+
+    /* where we are */
+    OSSL_STATEM statem;
+
+    SSL_SESSION *session;
+
+    int verify_mode;
+
+    int (*verify_callback) (int ok, X509_STORE_CTX *ctx);
+
+    int rwstate;
+
+    long verify_result;
+
+    X509_VERIFY_PARAM param;
+
+    int err;
+
+    void (*info_callback) (const SSL *ssl, int type, int val);
+
+    /* SSL low-level system arch point */
+    void *ssl_pm;
+};
+
+struct ssl_method_st {
+    /* protocol version(one of SSL3.0, TLS1.0, etc.) */
+    int version;
+
+    /* SSL mode(client(0) , server(1), not known(-1)) */
+    int endpoint;
+
+    const SSL_METHOD_FUNC *func;
+};
+
+struct ssl_method_func_st {
+
+    int (*ssl_new)(SSL *ssl);
+
+    void (*ssl_free)(SSL *ssl);
+
+    int (*ssl_handshake)(SSL *ssl);
+
+    int (*ssl_shutdown)(SSL *ssl);
+
+    int (*ssl_clear)(SSL *ssl);
+
+    int (*ssl_read)(SSL *ssl, void *buffer, int len);
+
+    int (*ssl_send)(SSL *ssl, const void *buffer, int len);
+
+    int (*ssl_pending)(const SSL *ssl);
+
+    void (*ssl_set_fd)(SSL *ssl, int fd, int mode);
+
+    int (*ssl_get_fd)(const SSL *ssl, int mode);
+
+    void (*ssl_set_bufflen)(SSL *ssl, int len);
+
+    long (*ssl_get_verify_result)(const SSL *ssl);
+
+    OSSL_HANDSHAKE_STATE (*ssl_get_state)(const SSL *ssl);
+};
+
+struct x509_method_st {
+
+    int (*x509_new)(X509 *x, X509 *m_x);
+
+    void (*x509_free)(X509 *x);
+
+    int (*x509_load)(X509 *x, const unsigned char *buf, int len);
+
+    int (*x509_show_info)(X509 *x);
+};
+
+struct pkey_method_st {
+
+    int (*pkey_new)(EVP_PKEY *pkey, EVP_PKEY *m_pkey);
+
+    void (*pkey_free)(EVP_PKEY *pkey);
+
+    int (*pkey_load)(EVP_PKEY *pkey, const unsigned char *buf, int len);
+};
+
+#define OPENSSL_NPN_NEGOTIATED 1
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_x509.h b/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_x509.h
new file mode 100644
index 0000000000..7594d064b4
--- /dev/null
+++ b/thirdparty/lws/mbedtls_wrapper/include/internal/ssl_x509.h
@@ -0,0 +1,110 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef _SSL_X509_H_
+#define _SSL_X509_H_
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#include "ssl_types.h"
+#include "ssl_stack.h"
+
+DEFINE_STACK_OF(X509_NAME)
+
+/**
+ * @brief create a X509 certification object according to input X509 certification
+ *
+ * @param ix - input X509 certification point
+ *
+ * @return new X509 certification object point
+ */
+X509* __X509_new(X509 *ix);
+
+/**
+ * @brief create a X509 certification object
+ *
+ * @param none
+ *
+ * @return X509 certification object point
+ */
+X509* X509_new(void);
+
+/**
+ * @brief load a character certification context into system context. If '*cert' is pointed to the
+ *        certification, then load certification into it. Or create a new X509 certification object
+ *
+ * @param cert   - a point pointed to X509 certification
+ * @param buffer - a point pointed to the certification context memory point
+ * @param length - certification bytes
+ *
+ * @return X509 certification object point
+ */
+X509* d2i_X509(X509 **cert, const unsigned char *buffer, long len);
+
+/**
+ * @brief free a X509 certification object
+ *
+ * @param x - X509 certification object point
+ *
+ * @return none
+ */
+void X509_free(X509 *x);
+
+/**
+ * @brief set SSL context client CA certification
+ *
+ * @param ctx - SSL context point
+ * @param x   - X509 certification point
+ *
+ * @return result
+ *     0 : failed
+ *     1 : OK
+ */
+int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x);
+
+/**
+ * @brief add CA client certification into the SSL
+ *
+ * @param ssl - SSL point
+ * @param x   - X509 certification point
+ *
+ * @return result
+ *     0 : failed
+ *     1 : OK
+ */
+int SSL_add_client_CA(SSL *ssl, X509 *x);
+
+/**
+ * @brief load certification into the SSL
+ *
+ * @param ssl - SSL point
+ * @param len - data bytes
+ * @param d   - data point
+ *
+ * @return result
+ *     0 : failed
+ *     1 : OK
+ *
+ */
+int SSL_use_certificate_ASN1(SSL *ssl, int len, const unsigned char *d);
+
+const char *X509_verify_cert_error_string(long n);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/thirdparty/lws/mbedtls_wrapper/include/internal/tls1.h b/thirdparty/lws/mbedtls_wrapper/include/internal/tls1.h
new file mode 100644
index 0000000000..7af1b0157d
--- /dev/null
+++ b/thirdparty/lws/mbedtls_wrapper/include/internal/tls1.h
@@ -0,0 +1,58 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef _TLS1_H_
+#define _TLS1_H_
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+# define TLS1_AD_DECRYPTION_FAILED       21
+# define TLS1_AD_RECORD_OVERFLOW         22
+# define TLS1_AD_UNKNOWN_CA              48/* fatal */
+# define TLS1_AD_ACCESS_DENIED           49/* fatal */
+# define TLS1_AD_DECODE_ERROR            50/* fatal */
+# define TLS1_AD_DECRYPT_ERROR           51
+# define TLS1_AD_EXPORT_RESTRICTION      60/* fatal */
+# define TLS1_AD_PROTOCOL_VERSION        70/* fatal */
+# define TLS1_AD_INSUFFICIENT_SECURITY   71/* fatal */
+# define TLS1_AD_INTERNAL_ERROR          80/* fatal */
+# define TLS1_AD_INAPPROPRIATE_FALLBACK  86/* fatal */
+# define TLS1_AD_USER_CANCELLED          90
+# define TLS1_AD_NO_RENEGOTIATION        100
+/* codes 110-114 are from RFC3546 */
+# define TLS1_AD_UNSUPPORTED_EXTENSION   110
+# define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111
+# define TLS1_AD_UNRECOGNIZED_NAME       112
+# define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
+# define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
+# define TLS1_AD_UNKNOWN_PSK_IDENTITY    115/* fatal */
+# define TLS1_AD_NO_APPLICATION_PROTOCOL 120 /* fatal */
+
+/* Special value for method supporting multiple versions */
+#define TLS_ANY_VERSION                 0x10000
+
+#define TLS1_VERSION                    0x0301
+#define TLS1_1_VERSION                  0x0302
+#define TLS1_2_VERSION                  0x0303
+
+#define SSL_TLSEXT_ERR_OK 0
+#define SSL_TLSEXT_ERR_NOACK 3
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/thirdparty/lws/mbedtls_wrapper/include/internal/x509_vfy.h b/thirdparty/lws/mbedtls_wrapper/include/internal/x509_vfy.h
new file mode 100644
index 0000000000..26bf6c88a8
--- /dev/null
+++ b/thirdparty/lws/mbedtls_wrapper/include/internal/x509_vfy.h
@@ -0,0 +1,116 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef _X509_VFY_H_
+#define _X509_VFY_H_
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#define         X509_V_OK                                       0
+#define         X509_V_ERR_UNSPECIFIED                          1
+#define         X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT            2
+#define         X509_V_ERR_UNABLE_TO_GET_CRL                    3
+#define         X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE     4
+#define         X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE      5
+#define         X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY   6
+#define         X509_V_ERR_CERT_SIGNATURE_FAILURE               7
+#define         X509_V_ERR_CRL_SIGNATURE_FAILURE                8
+#define         X509_V_ERR_CERT_NOT_YET_VALID                   9
+#define         X509_V_ERR_CERT_HAS_EXPIRED                     10
+#define         X509_V_ERR_CRL_NOT_YET_VALID                    11
+#define         X509_V_ERR_CRL_HAS_EXPIRED                      12
+#define         X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD       13
+#define         X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD        14
+#define         X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD       15
+#define         X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD       16
+#define         X509_V_ERR_OUT_OF_MEM                           17
+#define         X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT          18
+#define         X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN            19
+#define         X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY    20
+#define         X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE      21
+#define         X509_V_ERR_CERT_CHAIN_TOO_LONG                  22
+#define         X509_V_ERR_CERT_REVOKED                         23
+#define         X509_V_ERR_INVALID_CA                           24
+#define         X509_V_ERR_PATH_LENGTH_EXCEEDED                 25
+#define         X509_V_ERR_INVALID_PURPOSE                      26
+#define         X509_V_ERR_CERT_UNTRUSTED                       27
+#define         X509_V_ERR_CERT_REJECTED                        28
+/* These are 'informational' when looking for issuer cert */
+#define         X509_V_ERR_SUBJECT_ISSUER_MISMATCH              29
+#define         X509_V_ERR_AKID_SKID_MISMATCH                   30
+#define         X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH          31
+#define         X509_V_ERR_KEYUSAGE_NO_CERTSIGN                 32
+#define         X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER             33
+#define         X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION         34
+#define         X509_V_ERR_KEYUSAGE_NO_CRL_SIGN                 35
+#define         X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION     36
+#define         X509_V_ERR_INVALID_NON_CA                       37
+#define         X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED           38
+#define         X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE        39
+#define         X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED       40
+#define         X509_V_ERR_INVALID_EXTENSION                    41
+#define         X509_V_ERR_INVALID_POLICY_EXTENSION             42
+#define         X509_V_ERR_NO_EXPLICIT_POLICY                   43
+#define         X509_V_ERR_DIFFERENT_CRL_SCOPE                  44
+#define         X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE        45
+#define         X509_V_ERR_UNNESTED_RESOURCE                    46
+#define         X509_V_ERR_PERMITTED_VIOLATION                  47
+#define         X509_V_ERR_EXCLUDED_VIOLATION                   48
+#define         X509_V_ERR_SUBTREE_MINMAX                       49
+/* The application is not happy */
+#define         X509_V_ERR_APPLICATION_VERIFICATION             50
+#define         X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE          51
+#define         X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX        52
+#define         X509_V_ERR_UNSUPPORTED_NAME_SYNTAX              53
+#define         X509_V_ERR_CRL_PATH_VALIDATION_ERROR            54
+/* Another issuer check debug option */
+#define         X509_V_ERR_PATH_LOOP                            55
+/* Suite B mode algorithm violation */
+#define         X509_V_ERR_SUITE_B_INVALID_VERSION              56
+#define         X509_V_ERR_SUITE_B_INVALID_ALGORITHM            57
+#define         X509_V_ERR_SUITE_B_INVALID_CURVE                58
+#define         X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM  59
+#define         X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED              60
+#define         X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 61
+/* Host, email and IP check errors */
+#define         X509_V_ERR_HOSTNAME_MISMATCH                    62
+#define         X509_V_ERR_EMAIL_MISMATCH                       63
+#define         X509_V_ERR_IP_ADDRESS_MISMATCH                  64
+/* DANE TLSA errors */
+#define         X509_V_ERR_DANE_NO_MATCH                        65
+/* security level errors */
+#define         X509_V_ERR_EE_KEY_TOO_SMALL                     66
+#define         X509_V_ERR_CA_KEY_TOO_SMALL                     67
+#define         X509_V_ERR_CA_MD_TOO_WEAK                       68
+/* Caller error */
+#define         X509_V_ERR_INVALID_CALL                         69
+/* Issuer lookup error */
+#define         X509_V_ERR_STORE_LOOKUP                         70
+/* Certificate transparency */
+#define         X509_V_ERR_NO_VALID_SCTS                        71
+
+#define         X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION         72
+
+typedef void X509_STORE_CTX;
+int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
+int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/thirdparty/lws/mbedtls_wrapper/include/openssl/ssl.h b/thirdparty/lws/mbedtls_wrapper/include/openssl/ssl.h
new file mode 100644
index 0000000000..5a84b4552e
--- /dev/null
+++ b/thirdparty/lws/mbedtls_wrapper/include/openssl/ssl.h
@@ -0,0 +1,1816 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef _SSL_H_
+#define _SSL_H_
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#include <stdlib.h>
+#include "internal/ssl_x509.h"
+#include "internal/ssl_pkey.h"
+
+/*
+{
+*/
+
+#define SSL_CB_ALERT 0x4000
+
+#define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT		(1 << 0)
+#define X509_CHECK_FLAG_NO_WILDCARDS			(1 << 1)
+#define X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS		(1 << 2)
+#define X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS		(1 << 3)
+#define X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS		(1 << 4)
+
+/**
+ * @brief create a SSL context
+ *
+ * @param method - the SSL context method point
+ *
+ * @return the context point
+ */
+SSL_CTX* SSL_CTX_new(const SSL_METHOD *method);
+
+/**
+ * @brief free a SSL context
+ *
+ * @param method - the SSL context point
+ *
+ * @return none
+ */
+void SSL_CTX_free(SSL_CTX *ctx);
+
+/**
+ * @brief create a SSL
+ *
+ * @param ctx - the SSL context point
+ *
+ * @return the SSL point
+ */
+SSL* SSL_new(SSL_CTX *ctx);
+
+/**
+ * @brief free the SSL
+ *
+ * @param ssl - the SSL point
+ *
+ * @return none
+ */
+void SSL_free(SSL *ssl);
+
+/**
+ * @brief connect to the remote SSL server
+ *
+ * @param ssl - the SSL point
+ *
+ * @return result
+ *     1 : OK
+ *    -1 : failed
+ */
+int SSL_connect(SSL *ssl);
+
+/**
+ * @brief accept the remote connection
+ *
+ * @param ssl - the SSL point
+ *
+ * @return result
+ *     1 : OK
+ *    -1 : failed
+ */
+int SSL_accept(SSL *ssl);
+
+/**
+ * @brief read data from to remote
+ *
+ * @param ssl    - the SSL point which has been connected
+ * @param buffer - the received data buffer point
+ * @param len    - the received data length
+ *
+ * @return result
+ *     > 0 : OK, and return received data bytes
+ *     = 0 : connection is closed
+ *     < 0 : an error catch
+ */
+int SSL_read(SSL *ssl, void *buffer, int len);
+
+/**
+ * @brief send the data to remote
+ *
+ * @param ssl    - the SSL point which has been connected
+ * @param buffer - the send data buffer point
+ * @param len    - the send data length
+ *
+ * @return result
+ *     > 0 : OK, and return sent data bytes
+ *     = 0 : connection is closed
+ *     < 0 : an error catch
+ */
+int SSL_write(SSL *ssl, const void *buffer, int len);
+
+/**
+ * @brief get the verifying result of the SSL certification
+ *
+ * @param ssl - the SSL point
+ *
+ * @return the result of verifying
+ */
+long SSL_get_verify_result(const SSL *ssl);
+
+/**
+ * @brief shutdown the connection
+ *
+ * @param ssl - the SSL point
+ *
+ * @return result
+ *     1 : OK
+ *     0 : shutdown is not finished
+ *    -1 : an error catch
+ */
+int SSL_shutdown(SSL *ssl);
+
+/**
+ * @brief bind the socket file description into the SSL
+ *
+ * @param ssl - the SSL point
+ * @param fd  - socket handle
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_set_fd(SSL *ssl, int fd);
+
+/**
+ * @brief These functions load the private key into the SSL_CTX or SSL object
+ *
+ * @param ctx  - the SSL context point
+ * @param pkey - private key object point
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+
+/**
+ * @brief These functions load the certification into the SSL_CTX or SSL object
+ *
+ * @param ctx  - the SSL context point
+ * @param pkey - certification object point
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+
+/**
+ * @brief create the target SSL context client method
+ *
+ * @param none
+ *
+ * @return the SSLV2.3 version SSL context client method
+ */
+const SSL_METHOD* SSLv23_client_method(void);
+
+/**
+ * @brief create the target SSL context client method
+ *
+ * @param none
+ *
+ * @return the TLSV1.0 version SSL context client method
+ */
+const SSL_METHOD* TLSv1_client_method(void);
+
+/**
+ * @brief create the target SSL context client method
+ *
+ * @param none
+ *
+ * @return the SSLV1.0 version SSL context client method
+ */
+const SSL_METHOD* SSLv3_client_method(void);
+
+/**
+ * @brief create the target SSL context client method
+ *
+ * @param none
+ *
+ * @return the TLSV1.1 version SSL context client method
+ */
+const SSL_METHOD* TLSv1_1_client_method(void);
+
+/**
+ * @brief create the target SSL context client method
+ *
+ * @param none
+ *
+ * @return the TLSV1.2 version SSL context client method
+ */
+const SSL_METHOD* TLSv1_2_client_method(void);
+
+/**
+ * @brief create the target SSL context server method
+ *
+ * @param none
+ *
+ * @return the TLS any version SSL context client method
+ */
+const SSL_METHOD* TLS_client_method(void);
+
+/**
+ * @brief create the target SSL context server method
+ *
+ * @param none
+ *
+ * @return the SSLV2.3 version SSL context server method
+ */
+const SSL_METHOD* SSLv23_server_method(void);
+
+/**
+ * @brief create the target SSL context server method
+ *
+ * @param none
+ *
+ * @return the TLSV1.1 version SSL context server method
+ */
+const SSL_METHOD* TLSv1_1_server_method(void);
+
+/**
+ * @brief create the target SSL context server method
+ *
+ * @param none
+ *
+ * @return the TLSV1.2 version SSL context server method
+ */
+const SSL_METHOD* TLSv1_2_server_method(void);
+
+/**
+ * @brief create the target SSL context server method
+ *
+ * @param none
+ *
+ * @return the TLSV1.0 version SSL context server method
+ */
+const SSL_METHOD* TLSv1_server_method(void);
+
+/**
+ * @brief create the target SSL context server method
+ *
+ * @param none
+ *
+ * @return the SSLV3.0 version SSL context server method
+ */
+const SSL_METHOD* SSLv3_server_method(void);
+
+/**
+ * @brief create the target SSL context server method
+ *
+ * @param none
+ *
+ * @return the TLS any version SSL context server method
+ */
+const SSL_METHOD* TLS_server_method(void);
+
+
+/**
+ * @brief set the SSL context ALPN select callback function
+ *
+ * @param ctx - SSL context point
+ * @param cb  - ALPN select callback function
+ * @param arg - ALPN select callback function entry private data point
+ *
+ * @return none
+ */
+void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
+                                int (*cb) (SSL *ssl,
+                                           const unsigned char **out,
+                                           unsigned char *outlen,
+                                           const unsigned char *in,
+                                           unsigned int inlen,
+                                           void *arg),
+                                void *arg);
+
+
+/**
+ * @brief set the SSL context ALPN select protocol
+ *
+ * @param ctx        - SSL context point
+ * @param protos     - ALPN protocol name
+ * @param protos_len - ALPN protocol name bytes
+ *
+ * @return result
+ *     0 : OK
+ *     1 : failed
+ */
+int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos, unsigned int protos_len);
+
+/**
+ * @brief set the SSL context next ALPN select callback function
+ *
+ * @param ctx - SSL context point
+ * @param cb  - ALPN select callback function
+ * @param arg - ALPN select callback function entry private data point
+ *
+ * @return none
+ */
+void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx,
+                                      int (*cb) (SSL *ssl,
+                                                 unsigned char **out,
+                                                 unsigned char *outlen,
+                                                 const unsigned char *in,
+                                                 unsigned int inlen,
+                                                 void *arg),
+                                      void *arg);
+
+void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
+                             unsigned int *len);
+
+void _ssl_set_alpn_list(const SSL *ssl);
+
+/**
+ * @brief get SSL error code
+ *
+ * @param ssl       - SSL point
+ * @param ret_code  - SSL return code
+ *
+ * @return SSL error number
+ */
+int SSL_get_error(const SSL *ssl, int ret_code);
+
+/**
+ * @brief clear the SSL error code
+ *
+ * @param none
+ *
+ * @return none
+ */
+void ERR_clear_error(void);
+
+/**
+ * @brief get the current SSL error code
+ *
+ * @param none
+ *
+ * @return current SSL error number
+ */
+int ERR_get_error(void);
+
+/**
+ * @brief register the SSL error strings
+ *
+ * @param none
+ *
+ * @return none
+ */
+void ERR_load_SSL_strings(void);
+
+/**
+ * @brief initialize the SSL library
+ *
+ * @param none
+ *
+ * @return none
+ */
+void SSL_library_init(void);
+
+/**
+ * @brief generates a human-readable string representing the error code e
+ *        and store it into the "ret" point memory
+ *
+ * @param e   - error code
+ * @param ret - memory point to store the string
+ *
+ * @return the result string point
+ */
+char *ERR_error_string(unsigned long e, char *ret);
+
+/**
+ * @brief add the SSL context option
+ *
+ * @param ctx - SSL context point
+ * @param opt - new SSL context option
+ *
+ * @return the SSL context option
+ */
+unsigned long SSL_CTX_set_options(SSL_CTX *ctx, unsigned long opt);
+
+/**
+ * @brief add the SSL context mode
+ *
+ * @param ctx - SSL context point
+ * @param mod - new SSL context mod
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_set_mode(SSL_CTX *ctx, int mod);
+
+/*
+}
+*/
+
+/**
+ * @brief perform the SSL handshake
+ *
+ * @param ssl - SSL point
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ *    -1 : a error catch
+ */
+int SSL_do_handshake(SSL *ssl);
+
+/**
+ * @brief get the SSL current version
+ *
+ * @param ssl - SSL point
+ *
+ * @return the version string
+ */
+const char *SSL_get_version(const SSL *ssl);
+
+/**
+ * @brief set  the SSL context version
+ *
+ * @param ctx  - SSL context point
+ * @param meth - SSL method point
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
+
+/**
+ * @brief get the bytes numbers which are to be read
+ *
+ * @param ssl  - SSL point
+ *
+ * @return bytes number
+ */
+int SSL_pending(const SSL *ssl);
+
+/**
+ * @brief check if SSL want nothing
+ *
+ * @param ssl - SSL point
+ *
+ * @return result
+ *     0 : false
+ *     1 : true
+ */
+int SSL_want_nothing(const SSL *ssl);
+
+/**
+ * @brief check if SSL want to read
+ *
+ * @param ssl - SSL point
+ *
+ * @return result
+ *     0 : false
+ *     1 : true
+ */
+int SSL_want_read(const SSL *ssl);
+
+/**
+ * @brief check if SSL want to write
+ *
+ * @param ssl - SSL point
+ *
+ * @return result
+ *     0 : false
+ *     1 : true
+ */
+int SSL_want_write(const SSL *ssl);
+
+/**
+ * @brief get the SSL context current method
+ *
+ * @param ctx - SSL context point
+ *
+ * @return the SSL context current method
+ */
+const SSL_METHOD *SSL_CTX_get_ssl_method(SSL_CTX *ctx);
+
+/**
+ * @brief get the SSL current method
+ *
+ * @param ssl - SSL point
+ *
+ * @return the SSL current method
+ */
+const SSL_METHOD *SSL_get_ssl_method(SSL *ssl);
+
+/**
+ * @brief set the SSL method
+ *
+ * @param ssl  - SSL point
+ * @param meth - SSL method point
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_set_ssl_method(SSL *ssl, const SSL_METHOD *method);
+
+/**
+ * @brief add CA client certification into the SSL
+ *
+ * @param ssl - SSL point
+ * @param x   - CA certification point
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_add_client_CA(SSL *ssl, X509 *x);
+
+/**
+ * @brief add CA client certification into the SSL context
+ *
+ * @param ctx - SSL context point
+ * @param x   - CA certification point
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x);
+
+/**
+ * @brief set the SSL CA certification list
+ *
+ * @param ssl       - SSL point
+ * @param name_list - CA certification list
+ *
+ * @return none
+ */
+void SSL_set_client_CA_list(SSL *ssl, STACK_OF(X509_NAME) *name_list);
+
+/**
+ * @brief set the SSL context CA certification list
+ *
+ * @param ctx       - SSL context point
+ * @param name_list - CA certification list
+ *
+ * @return none
+ */
+void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
+
+/**
+ * @briefget the SSL CA certification list
+ *
+ * @param ssl - SSL point
+ *
+ * @return CA certification list
+ */
+STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *ssl);
+
+/**
+ * @brief get the SSL context CA certification list
+ *
+ * @param ctx - SSL context point
+ *
+ * @return CA certification list
+ */
+STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx);
+
+/**
+ * @brief get the SSL certification point
+ *
+ * @param ssl - SSL point
+ *
+ * @return SSL certification point
+ */
+X509 *SSL_get_certificate(const SSL *ssl);
+
+/**
+ * @brief get the SSL private key point
+ *
+ * @param ssl - SSL point
+ *
+ * @return SSL private key point
+ */
+EVP_PKEY *SSL_get_privatekey(const SSL *ssl);
+
+/**
+ * @brief set the SSL information callback function
+ *
+ * @param ssl - SSL point
+ * @param cb  - information callback function
+ *
+ * @return none
+ */
+void SSL_set_info_callback(SSL *ssl, void (*cb) (const SSL *ssl, int type, int val));
+
+/**
+ * @brief get the SSL state
+ *
+ * @param ssl - SSL point
+ *
+ * @return SSL state
+ */
+OSSL_HANDSHAKE_STATE SSL_get_state(const SSL *ssl);
+
+/**
+ * @brief set the SSL context read buffer length
+ *
+ * @param ctx - SSL context point
+ * @param len - read buffer length
+ *
+ * @return none
+ */
+void SSL_CTX_set_default_read_buffer_len(SSL_CTX *ctx, size_t len);
+
+/**
+ * @brief set the SSL read buffer length
+ *
+ * @param ssl - SSL point
+ * @param len - read buffer length
+ *
+ * @return none
+ */
+void SSL_set_default_read_buffer_len(SSL *ssl, size_t len);
+
+/**
+ * @brief set the SSL security level
+ *
+ * @param ssl   - SSL point
+ * @param level - security level
+ *
+ * @return none
+ */
+void SSL_set_security_level(SSL *ssl, int level);
+
+/**
+ * @brief get the SSL security level
+ *
+ * @param ssl - SSL point
+ *
+ * @return security level
+ */
+int SSL_get_security_level(const SSL *ssl);
+
+/**
+ * @brief get the SSL verifying mode of the SSL context
+ *
+ * @param ctx - SSL context point
+ *
+ * @return verifying mode
+ */
+int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
+
+/**
+ * @brief get the SSL verifying depth of the SSL context
+ *
+ * @param ctx - SSL context point
+ *
+ * @return verifying depth
+ */
+int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
+
+/**
+ * @brief set the SSL context verifying of the SSL context
+ *
+ * @param ctx             - SSL context point
+ * @param mode            - verifying mode
+ * @param verify_callback - verifying callback function
+ *
+ * @return none
+ */
+void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*verify_callback)(int, X509_STORE_CTX *));
+
+/**
+ * @brief set the SSL verifying of the SSL context
+ *
+ * @param ctx             - SSL point
+ * @param mode            - verifying mode
+ * @param verify_callback - verifying callback function
+ *
+ * @return none
+ */
+void SSL_set_verify(SSL *s, int mode, int (*verify_callback)(int, X509_STORE_CTX *));
+
+/**
+ * @brief set the SSL verify depth of the SSL context
+ *
+ * @param ctx   - SSL context point
+ * @param depth - verifying depth
+ *
+ * @return none
+ */
+void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
+
+/**
+ * @brief certification verifying callback function
+ *
+ * @param preverify_ok - verifying result
+ * @param x509_ctx     - X509 certification point
+ *
+ * @return verifying result
+ */
+int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx);
+
+/**
+ * @brief set the session timeout time
+ *
+ * @param ctx - SSL context point
+ * @param t   - new session timeout time
+ *
+ * @return old session timeout time
+ */
+long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
+
+/**
+ * @brief get the session timeout time
+ *
+ * @param ctx - SSL context point
+ *
+ * @return current session timeout time
+ */
+long SSL_CTX_get_timeout(const SSL_CTX *ctx);
+
+/**
+ * @brief set the SSL context cipher through the list string
+ *
+ * @param ctx - SSL context point
+ * @param str - cipher controller list string
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str);
+
+/**
+ * @brief set the SSL cipher through the list string
+ *
+ * @param ssl - SSL point
+ * @param str - cipher controller list string
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_set_cipher_list(SSL *ssl, const char *str);
+
+/**
+ * @brief get the SSL cipher list string
+ *
+ * @param ssl - SSL point
+ *
+ * @return cipher controller list string
+ */
+const char *SSL_get_cipher_list(const SSL *ssl, int n);
+
+/**
+ * @brief get the SSL cipher
+ *
+ * @param ssl - SSL point
+ *
+ * @return current cipher
+ */
+const SSL_CIPHER *SSL_get_current_cipher(const SSL *ssl);
+
+/**
+ * @brief get the SSL cipher string
+ *
+ * @param ssl - SSL point
+ *
+ * @return cipher string
+ */
+const char *SSL_get_cipher(const SSL *ssl);
+
+/**
+ * @brief get the SSL context object X509 certification storage
+ *
+ * @param ctx - SSL context point
+ *
+ * @return x509 certification storage
+ */
+X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx);
+
+/**
+ * @brief set the SSL context object X509 certification store
+ *
+ * @param ctx   - SSL context point
+ * @param store - X509 certification store
+ *
+ * @return none
+ */
+void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store);
+
+/**
+ * @brief get the SSL specifical statement
+ *
+ * @param ssl - SSL point
+ *
+ * @return specifical statement
+ */
+int SSL_want(const SSL *ssl);
+
+/**
+ * @brief check if the SSL is SSL_X509_LOOKUP state
+ *
+ * @param ssl - SSL point
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_want_x509_lookup(const SSL *ssl);
+
+/**
+ * @brief reset the SSL
+ *
+ * @param ssl - SSL point
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_clear(SSL *ssl);
+
+/**
+ * @brief get the socket handle of the SSL
+ *
+ * @param ssl - SSL point
+ *
+ * @return result
+ *     >= 0 : yes, and return socket handle
+ *      < 0 : a error catch
+ */
+int SSL_get_fd(const SSL *ssl);
+
+/**
+ * @brief get the read only socket handle of the SSL
+ *
+ * @param ssl - SSL point
+ *
+ * @return result
+ *     >= 0 : yes, and return socket handle
+ *      < 0 : a error catch
+ */
+int SSL_get_rfd(const SSL *ssl);
+
+/**
+ * @brief get the write only socket handle of the SSL
+ *
+ * @param ssl - SSL point
+ *
+ * @return result
+ *     >= 0 : yes, and return socket handle
+ *      < 0 : a error catch
+ */
+int SSL_get_wfd(const SSL *ssl);
+
+/**
+ * @brief set the SSL if we can read as many as data
+ *
+ * @param ssl - SSL point
+ * @param yes - enable the function
+ *
+ * @return none
+ */
+void SSL_set_read_ahead(SSL *s, int yes);
+
+/**
+ * @brief set the SSL context if we can read as many as data
+ *
+ * @param ctx - SSL context point
+ * @param yes - enbale the function
+ *
+ * @return none
+ */
+void SSL_CTX_set_read_ahead(SSL_CTX *ctx, int yes);
+
+/**
+ * @brief get the SSL ahead signal if we can read as many as data
+ *
+ * @param ssl - SSL point
+ *
+ * @return SSL context ahead signal
+ */
+int SSL_get_read_ahead(const SSL *ssl);
+
+/**
+ * @brief get the SSL context ahead signal if we can read as many as data
+ *
+ * @param ctx - SSL context point
+ *
+ * @return SSL context ahead signal
+ */
+long SSL_CTX_get_read_ahead(SSL_CTX *ctx);
+
+/**
+ * @brief check if some data can be read
+ *
+ * @param ssl - SSL point
+ *
+ * @return
+ *         1 : there are bytes to be read
+ *         0 : no data
+ */
+int SSL_has_pending(const SSL *ssl);
+
+/**
+ * @brief load the X509 certification into SSL context
+ *
+ * @param ctx - SSL context point
+ * @param x   - X509 certification point
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);//loads the certificate x into ctx
+
+/**
+ * @brief load the ASN1 certification into SSL context
+ *
+ * @param ctx - SSL context point
+ * @param len - certification length
+ * @param d   - data point
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d);
+
+/**
+ * @brief load the certification file into SSL context
+ *
+ * @param ctx  - SSL context point
+ * @param file - certification file name
+ * @param type - certification encoding type
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+
+/**
+ * @brief load the certification chain file into SSL context
+ *
+ * @param ctx  - SSL context point
+ * @param file - certification chain file name
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+
+
+/**
+ * @brief load the ASN1 private key into SSL context
+ *
+ * @param ctx - SSL context point
+ * @param d   - data point
+ * @param len - private key length
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, const unsigned char *d,  long len);//adds the private key of type pk stored at memory location d (length len) to ctx
+
+/**
+ * @brief load the private key file into SSL context
+ *
+ * @param ctx  - SSL context point
+ * @param file - private key file name
+ * @param type - private key encoding type
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+
+/**
+ * @brief load the RSA private key into SSL context
+ *
+ * @param ctx - SSL context point
+ * @param x   - RSA private key point
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+
+/**
+ * @brief load the RSA ASN1 private key into SSL context
+ *
+ * @param ctx - SSL context point
+ * @param d   - data point
+ * @param len - RSA private key length
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len);
+
+/**
+ * @brief load the RSA private key file into SSL context
+ *
+ * @param ctx  - SSL context point
+ * @param file - RSA private key file name
+ * @param type - private key encoding type
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+
+
+/**
+ * @brief check if the private key and certification is matched
+ *
+ * @param ctx  - SSL context point
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+
+/**
+ * @brief set the SSL context server information
+ *
+ * @param ctx               - SSL context point
+ * @param serverinfo        - server information string
+ * @param serverinfo_length - server information length
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo, size_t serverinfo_length);
+
+/**
+ * @brief load  the SSL context server infomation file into SSL context
+ *
+ * @param ctx  - SSL context point
+ * @param file - server information file
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file);
+
+/**
+ * @brief SSL select next function
+ *
+ * @param out        - point of output data point
+ * @param outlen     - output data length
+ * @param in         - input data
+ * @param inlen      - input data length
+ * @param client     - client data point
+ * @param client_len -client data length
+ *
+ * @return NPN state
+ *         OPENSSL_NPN_UNSUPPORTED : not support
+ *         OPENSSL_NPN_NEGOTIATED  : negotiated
+ *         OPENSSL_NPN_NO_OVERLAP  : no overlap
+ */
+int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
+                          const unsigned char *in, unsigned int inlen,
+                          const unsigned char *client, unsigned int client_len);
+
+/**
+ * @brief load the extra certification chain into the SSL context
+ *
+ * @param ctx  - SSL context point
+ * @param x509 - X509 certification
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+long SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *);
+
+/**
+ * @brief control the SSL context
+ *
+ * @param ctx  - SSL context point
+ * @param cmd  - command
+ * @param larg - parameter length
+ * @param parg - parameter point
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg);
+
+/**
+ * @brief get the SSL context cipher
+ *
+ * @param ctx - SSL context point
+ *
+ * @return SSL context cipher
+ */
+STACK *SSL_CTX_get_ciphers(const SSL_CTX *ctx);
+
+/**
+ * @brief check if the SSL context can read as many as data
+ *
+ * @param ctx - SSL context point
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+long SSL_CTX_get_default_read_ahead(SSL_CTX *ctx);
+
+/**
+ * @brief get the SSL context extra data
+ *
+ * @param ctx - SSL context point
+ * @param idx - index
+ *
+ * @return data point
+ */
+char *SSL_CTX_get_ex_data(const SSL_CTX *ctx, int idx);
+
+/**
+ * @brief get the SSL context quiet shutdown option
+ *
+ * @param ctx - SSL context point
+ *
+ * @return quiet shutdown option
+ */
+int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
+
+/**
+ * @brief load the SSL context CA file
+ *
+ * @param ctx    - SSL context point
+ * @param CAfile - CA certification file
+ * @param CApath - CA certification file path
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, const char *CApath);
+
+/**
+ * @brief add SSL context reference count by '1'
+ *
+ * @param ctx - SSL context point
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_up_ref(SSL_CTX *ctx);
+
+/**
+ * @brief set SSL context application private data
+ *
+ * @param ctx - SSL context point
+ * @param arg - private data
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_set_app_data(SSL_CTX *ctx, void *arg);
+
+/**
+ * @brief set SSL context client certification callback function
+ *
+ * @param ctx - SSL context point
+ * @param cb  - callback function
+ *
+ * @return none
+ */
+void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey));
+
+/**
+ * @brief set the SSL context if we can read as many as data
+ *
+ * @param ctx - SSL context point
+ * @param m   - enable the fuction
+ *
+ * @return none
+ */
+void SSL_CTX_set_default_read_ahead(SSL_CTX *ctx, int m);
+
+/**
+ * @brief set SSL context default verifying path
+ *
+ * @param ctx - SSL context point
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
+
+/**
+ * @brief set SSL context default verifying directory
+ *
+ * @param ctx - SSL context point
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_set_default_verify_dir(SSL_CTX *ctx);
+
+/**
+ * @brief set SSL context default verifying file
+ *
+ * @param ctx - SSL context point
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_set_default_verify_file(SSL_CTX *ctx);
+
+/**
+ * @brief set SSL context extra data
+ *
+ * @param ctx - SSL context point
+ * @param idx - data index
+ * @param arg - data point
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, char *arg);
+
+/**
+ * @brief clear the SSL context option bit of "op"
+ *
+ * @param ctx - SSL context point
+ * @param op  - option
+ *
+ * @return SSL context option
+ */
+unsigned long SSL_CTX_clear_options(SSL_CTX *ctx, unsigned long op);
+
+/**
+ * @brief get the SSL context option
+ *
+ * @param ctx - SSL context point
+ * @param op  - option
+ *
+ * @return SSL context option
+ */
+unsigned long SSL_CTX_get_options(SSL_CTX *ctx);
+
+/**
+ * @brief set the SSL context quiet shutdown mode
+ *
+ * @param ctx  - SSL context point
+ * @param mode - mode
+ *
+ * @return none
+ */
+void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);
+
+/**
+ * @brief get the SSL context X509 certification
+ *
+ * @param ctx - SSL context point
+ *
+ * @return X509 certification
+ */
+X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx);
+
+/**
+ * @brief get the SSL context private key
+ *
+ * @param ctx - SSL context point
+ *
+ * @return private key
+ */
+EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx);
+
+/**
+ * @brief set SSL context PSK identity hint
+ *
+ * @param ctx  - SSL context point
+ * @param hint - PSK identity hint
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *hint);
+
+/**
+ * @brief set SSL context PSK server callback function
+ *
+ * @param ctx      - SSL context point
+ * @param callback - callback function
+ *
+ * @return none
+ */
+void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
+                                     unsigned int (*callback)(SSL *ssl,
+                                                              const char *identity,
+                                                              unsigned char *psk,
+                                                              int max_psk_len));
+/**
+ * @brief get alert description string
+ *
+ * @param value - alert value
+ *
+ * @return alert description string
+ */
+const char *SSL_alert_desc_string(int value);
+
+/**
+ * @brief get alert description long string
+ *
+ * @param value - alert value
+ *
+ * @return alert description long string
+ */
+const char *SSL_alert_desc_string_long(int value);
+
+/**
+ * @brief get alert type string
+ *
+ * @param value - alert value
+ *
+ * @return alert type string
+ */
+const char *SSL_alert_type_string(int value);
+
+/**
+ * @brief get alert type long string
+ *
+ * @param value - alert value
+ *
+ * @return alert type long string
+ */
+const char *SSL_alert_type_string_long(int value);
+
+/**
+ * @brief get SSL context of the SSL
+ *
+ * @param ssl - SSL point
+ *
+ * @return SSL context
+ */
+SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);
+
+/**
+ * @brief get SSL application data
+ *
+ * @param ssl - SSL point
+ *
+ * @return application data
+ */
+char *SSL_get_app_data(SSL *ssl);
+
+/**
+ * @brief get SSL cipher bits
+ *
+ * @param ssl - SSL point
+ * @param alg_bits - algorithm bits
+ *
+ * @return strength bits
+ */
+int SSL_get_cipher_bits(const SSL *ssl, int *alg_bits);
+
+/**
+ * @brief get SSL cipher name
+ *
+ * @param ssl - SSL point
+ *
+ * @return SSL cipher name
+ */
+char *SSL_get_cipher_name(const SSL *ssl);
+
+/**
+ * @brief get SSL cipher version
+ *
+ * @param ssl - SSL point
+ *
+ * @return SSL cipher version
+ */
+char *SSL_get_cipher_version(const SSL *ssl);
+
+/**
+ * @brief get SSL extra data
+ *
+ * @param ssl - SSL point
+ * @param idx - data index
+ *
+ * @return extra data
+ */
+char *SSL_get_ex_data(const SSL *ssl, int idx);
+
+/**
+ * @brief get index of the SSL extra data X509 storage context
+ *
+ * @param none
+ *
+ * @return data index
+ */
+int SSL_get_ex_data_X509_STORE_CTX_idx(void);
+
+/**
+ * @brief get peer certification chain
+ *
+ * @param ssl - SSL point
+ *
+ * @return certification chain
+ */
+STACK *SSL_get_peer_cert_chain(const SSL *ssl);
+
+/**
+ * @brief get peer certification
+ *
+ * @param ssl - SSL point
+ *
+ * @return certification
+ */
+X509 *SSL_get_peer_certificate(const SSL *ssl);
+
+/**
+ * @brief get SSL quiet shutdown mode
+ *
+ * @param ssl - SSL point
+ *
+ * @return quiet shutdown mode
+ */
+int SSL_get_quiet_shutdown(const SSL *ssl);
+
+/**
+ * @brief get SSL read only IO handle
+ *
+ * @param ssl - SSL point
+ *
+ * @return IO handle
+ */
+BIO *SSL_get_rbio(const SSL *ssl);
+
+/**
+ * @brief get SSL shared ciphers
+ *
+ * @param ssl - SSL point
+ * @param buf - buffer to store the ciphers
+ * @param len - buffer len
+ *
+ * @return shared ciphers
+ */
+char *SSL_get_shared_ciphers(const SSL *ssl, char *buf, int len);
+
+/**
+ * @brief get SSL shutdown mode
+ *
+ * @param ssl - SSL point
+ *
+ * @return shutdown mode
+ */
+int SSL_get_shutdown(const SSL *ssl);
+
+/**
+ * @brief get SSL session time
+ *
+ * @param ssl - SSL point
+ *
+ * @return session time
+ */
+long SSL_get_time(const SSL *ssl);
+
+/**
+ * @brief get SSL session timeout time
+ *
+ * @param ssl - SSL point
+ *
+ * @return session timeout time
+ */
+long SSL_get_timeout(const SSL *ssl);
+
+/**
+ * @brief get SSL verifying mode
+ *
+ * @param ssl - SSL point
+ *
+ * @return verifying mode
+ */
+int SSL_get_verify_mode(const SSL *ssl);
+
+/**
+ * @brief get SSL verify parameters
+ *
+ * @param ssl - SSL point
+ *
+ * @return verify parameters
+ */
+X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl);
+
+/**
+ * @brief set expected hostname the peer cert CN should have
+ *
+ * @param param - verify parameters from SSL_get0_param()
+ *
+ * @param name - the expected hostname
+ *
+ * @param namelen - the length of the hostname, or 0 if NUL terminated
+ *
+ * @return verify parameters
+ */
+int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                const char *name, size_t namelen);
+
+/**
+ * @brief set parameters for X509 host verify action
+ *
+ * @param param -verify parameters from SSL_get0_param()
+ *
+ * @param flags - bitfield of X509_CHECK_FLAG_... parameters to set
+ *
+ * @return 1 for success, 0 for failure
+ */
+int X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+				    unsigned long flags);
+
+/**
+ * @brief clear parameters for X509 host verify action
+ *
+ * @param param -verify parameters from SSL_get0_param()
+ *
+ * @param flags - bitfield of X509_CHECK_FLAG_... parameters to clear
+ *
+ * @return 1 for success, 0 for failure
+ */
+int X509_VERIFY_PARAM_clear_hostflags(X509_VERIFY_PARAM *param,
+				      unsigned long flags);
+
+/**
+ * @brief get SSL write only IO handle
+ *
+ * @param ssl - SSL point
+ *
+ * @return IO handle
+ */
+BIO *SSL_get_wbio(const SSL *ssl);
+
+/**
+ * @brief load SSL client CA certification file
+ *
+ * @param file - file name
+ *
+ * @return certification loading object
+ */
+STACK *SSL_load_client_CA_file(const char *file);
+
+/**
+ * @brief add SSL reference by '1'
+ *
+ * @param ssl - SSL point
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_up_ref(SSL *ssl);
+
+/**
+ * @brief read and put data into buf, but not clear the SSL low-level storage
+ *
+ * @param ssl - SSL point
+ * @param buf - storage buffer point
+ * @param num - data bytes
+ *
+ * @return result
+ *     > 0 : OK, and return read bytes
+ *     = 0 : connect is closed
+ *     < 0 : a error catch
+ */
+int SSL_peek(SSL *ssl, void *buf, int num);
+
+/**
+ * @brief make SSL renegotiate
+ *
+ * @param ssl - SSL point
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_renegotiate(SSL *ssl);
+
+/**
+ * @brief get the state string where SSL is reading
+ *
+ * @param ssl - SSL point
+ *
+ * @return state string
+ */
+const char *SSL_rstate_string(SSL *ssl);
+
+/**
+ * @brief get the statement long string where SSL is reading
+ *
+ * @param ssl - SSL point
+ *
+ * @return statement long string
+ */
+const char *SSL_rstate_string_long(SSL *ssl);
+
+/**
+ * @brief set SSL accept statement
+ *
+ * @param ssl - SSL point
+ *
+ * @return none
+ */
+void SSL_set_accept_state(SSL *ssl);
+
+/**
+ * @brief set SSL application data
+ *
+ * @param ssl - SSL point
+ * @param arg - SSL application data point
+ *
+ * @return none
+ */
+void SSL_set_app_data(SSL *ssl, char *arg);
+
+/**
+ * @brief set SSL BIO
+ *
+ * @param ssl  - SSL point
+ * @param rbio - read only IO
+ * @param wbio - write only IO
+ *
+ * @return none
+ */
+void SSL_set_bio(SSL *ssl, BIO *rbio, BIO *wbio);
+
+/**
+ * @brief clear SSL option
+ *
+ * @param ssl - SSL point
+ * @param op  - clear option
+ *
+ * @return SSL option
+ */
+unsigned long SSL_clear_options(SSL *ssl, unsigned long op);
+
+/**
+ * @brief get SSL option
+ *
+ * @param ssl - SSL point
+ *
+ * @return SSL option
+ */
+unsigned long SSL_get_options(SSL *ssl);
+
+/**
+ * @brief clear SSL option
+ *
+ * @param ssl - SSL point
+ * @param op  - setting option
+ *
+ * @return SSL option
+ */
+unsigned long SSL_set_options(SSL *ssl, unsigned long op);
+
+/**
+ * @brief set SSL quiet shutdown mode
+ *
+ * @param ssl  - SSL point
+ * @param mode - quiet shutdown mode
+ *
+ * @return none
+ */
+void SSL_set_quiet_shutdown(SSL *ssl, int mode);
+
+/**
+ * @brief set SSL shutdown mode
+ *
+ * @param ssl  - SSL point
+ * @param mode - shutdown mode
+ *
+ * @return none
+ */
+void SSL_set_shutdown(SSL *ssl, int mode);
+
+/**
+ * @brief set SSL session time
+ *
+ * @param ssl - SSL point
+ * @param t   - session time
+ *
+ * @return session time
+ */
+void SSL_set_time(SSL *ssl, long t);
+
+/**
+ * @brief set SSL session timeout time
+ *
+ * @param ssl - SSL point
+ * @param t   - session timeout time
+ *
+ * @return session timeout time
+ */
+void SSL_set_timeout(SSL *ssl, long t);
+
+/**
+ * @brief get SSL statement string
+ *
+ * @param ssl - SSL point
+ *
+ * @return SSL statement string
+ */
+char *SSL_state_string(const SSL *ssl);
+
+/**
+ * @brief get SSL statement long string
+ *
+ * @param ssl - SSL point
+ *
+ * @return SSL statement long string
+ */
+char *SSL_state_string_long(const SSL *ssl);
+
+/**
+ * @brief get SSL renegotiation count
+ *
+ * @param ssl - SSL point
+ *
+ * @return renegotiation count
+ */
+long SSL_total_renegotiations(SSL *ssl);
+
+/**
+ * @brief get SSL version
+ *
+ * @param ssl - SSL point
+ *
+ * @return SSL version
+ */
+int SSL_version(const SSL *ssl);
+
+/**
+ * @brief set SSL PSK identity hint
+ *
+ * @param ssl  - SSL point
+ * @param hint - identity hint
+ *
+ * @return result
+ *     1 : OK
+ *     0 : failed
+ */
+int SSL_use_psk_identity_hint(SSL *ssl, const char *hint);
+
+/**
+ * @brief get SSL PSK identity hint
+ *
+ * @param ssl - SSL point
+ *
+ * @return identity hint
+ */
+const char *SSL_get_psk_identity_hint(SSL *ssl);
+
+/**
+ * @brief get SSL PSK identity
+ *
+ * @param ssl - SSL point
+ *
+ * @return identity
+ */
+const char *SSL_get_psk_identity(SSL *ssl);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/thirdparty/lws/mbedtls_wrapper/include/platform/ssl_pm.h b/thirdparty/lws/mbedtls_wrapper/include/platform/ssl_pm.h
new file mode 100644
index 0000000000..cbbe3aa3a2
--- /dev/null
+++ b/thirdparty/lws/mbedtls_wrapper/include/platform/ssl_pm.h
@@ -0,0 +1,61 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef _SSL_PM_H_
+#define _SSL_PM_H_
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#include <string.h>
+#include "ssl_types.h"
+#include "ssl_port.h"
+
+#define LOCAL_ATRR
+
+int ssl_pm_new(SSL *ssl);
+void ssl_pm_free(SSL *ssl);
+
+int ssl_pm_handshake(SSL *ssl);
+int ssl_pm_shutdown(SSL *ssl);
+int ssl_pm_clear(SSL *ssl);
+
+int ssl_pm_read(SSL *ssl, void *buffer, int len);
+int ssl_pm_send(SSL *ssl, const void *buffer, int len);
+int ssl_pm_pending(const SSL *ssl);
+
+void ssl_pm_set_fd(SSL *ssl, int fd, int mode);
+int ssl_pm_get_fd(const SSL *ssl, int mode);
+
+OSSL_HANDSHAKE_STATE ssl_pm_get_state(const SSL *ssl);
+
+void ssl_pm_set_bufflen(SSL *ssl, int len);
+
+int x509_pm_show_info(X509 *x);
+int x509_pm_new(X509 *x, X509 *m_x);
+void x509_pm_free(X509 *x);
+int x509_pm_load(X509 *x, const unsigned char *buffer, int len);
+
+int pkey_pm_new(EVP_PKEY *pk, EVP_PKEY *m_pk);
+void pkey_pm_free(EVP_PKEY *pk);
+int pkey_pm_load(EVP_PKEY *pk, const unsigned char *buffer, int len);
+
+long ssl_pm_get_verify_result(const SSL *ssl);
+
+#ifdef __cplusplus
+ }
+#endif
+
+#endif
diff --git a/thirdparty/lws/mbedtls_wrapper/include/platform/ssl_port.h b/thirdparty/lws/mbedtls_wrapper/include/platform/ssl_port.h
new file mode 100644
index 0000000000..fd461e9819
--- /dev/null
+++ b/thirdparty/lws/mbedtls_wrapper/include/platform/ssl_port.h
@@ -0,0 +1,52 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef _SSL_PORT_H_
+#define _SSL_PORT_H_
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/*
+#include "esp_types.h"
+#include "esp_log.h"
+*/
+#include "string.h"
+
+#ifdef __APPLE__
+#include <stdlib.h>
+#else
+#include "malloc.h"
+#endif
+
+void *ssl_mem_zalloc(size_t size);
+
+#define ssl_mem_malloc malloc
+#define ssl_mem_free   free
+
+#define ssl_memcpy     memcpy
+#define ssl_strlen     strlen
+
+#define ssl_speed_up_enter()
+#define ssl_speed_up_exit()
+
+#define SSL_DEBUG_FL
+#define SSL_DEBUG_LOG(fmt, ...) ESP_LOGI("openssl", fmt, ##__VA_ARGS__)
+
+#ifdef __cplusplus
+ }
+#endif
+
+#endif
diff --git a/thirdparty/lws/mbedtls_wrapper/library/ssl_cert.c b/thirdparty/lws/mbedtls_wrapper/library/ssl_cert.c
new file mode 100644
index 0000000000..5c608125ac
--- /dev/null
+++ b/thirdparty/lws/mbedtls_wrapper/library/ssl_cert.c
@@ -0,0 +1,87 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "ssl_cert.h"
+#include "ssl_pkey.h"
+#include "ssl_x509.h"
+#include "ssl_dbg.h"
+#include "ssl_port.h"
+
+/**
+ * @brief create a certification object according to input certification
+ */
+CERT *__ssl_cert_new(CERT *ic)
+{
+    CERT *cert;
+
+    X509 *ix;
+    EVP_PKEY *ipk;
+
+    cert = ssl_mem_zalloc(sizeof(CERT));
+    if (!cert) {
+        SSL_DEBUG(SSL_CERT_ERROR_LEVEL, "no enough memory > (cert)");
+        goto no_mem;
+    }
+
+    if (ic) {
+        ipk = ic->pkey;
+        ix = ic->x509;
+    } else {
+        ipk = NULL;
+        ix = NULL;
+    }
+
+    cert->pkey = __EVP_PKEY_new(ipk);
+    if (!cert->pkey) {
+        SSL_DEBUG(SSL_CERT_ERROR_LEVEL, "__EVP_PKEY_new() return NULL");
+        goto pkey_err;
+    }
+
+    cert->x509 = __X509_new(ix);
+    if (!cert->x509) {
+        SSL_DEBUG(SSL_CERT_ERROR_LEVEL, "__X509_new() return NULL");
+        goto x509_err;
+    }
+
+    return cert;
+
+x509_err:
+    EVP_PKEY_free(cert->pkey);
+pkey_err:
+    ssl_mem_free(cert);
+no_mem:
+    return NULL;
+}
+
+/**
+ * @brief create a certification object include private key object
+ */
+CERT *ssl_cert_new(void)
+{
+    return __ssl_cert_new(NULL);
+}
+
+/**
+ * @brief free a certification object
+ */
+void ssl_cert_free(CERT *cert)
+{
+    SSL_ASSERT3(cert);
+
+    X509_free(cert->x509);
+
+    EVP_PKEY_free(cert->pkey);
+
+    ssl_mem_free(cert);
+}
diff --git a/thirdparty/lws/mbedtls_wrapper/library/ssl_lib.c b/thirdparty/lws/mbedtls_wrapper/library/ssl_lib.c
new file mode 100644
index 0000000000..187fc9f005
--- /dev/null
+++ b/thirdparty/lws/mbedtls_wrapper/library/ssl_lib.c
@@ -0,0 +1,1668 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "ssl_lib.h"
+#include "ssl_pkey.h"
+#include "ssl_x509.h"
+#include "ssl_cert.h"
+#include "ssl_dbg.h"
+#include "ssl_port.h"
+
+#define SSL_SEND_DATA_MAX_LENGTH 1460
+
+/**
+ * @brief create a new SSL session object
+ */
+static SSL_SESSION* SSL_SESSION_new(void)
+{
+    SSL_SESSION *session;
+
+    session = ssl_mem_zalloc(sizeof(SSL_SESSION));
+    if (!session) {
+        SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "no enough memory > (session)");
+        goto failed1;
+    }
+
+    session->peer = X509_new();
+    if (!session->peer) {
+       SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "X509_new() return NULL");
+       goto failed2;
+    }
+
+    return session;
+
+failed2:
+    ssl_mem_free(session);
+failed1:
+    return NULL;
+}
+
+/**
+ * @brief free a new SSL session object
+ */
+static void SSL_SESSION_free(SSL_SESSION *session)
+{
+    X509_free(session->peer);
+    ssl_mem_free(session);
+}
+
+/**
+ * @brief Discover whether the current connection is in the error state
+ */
+int ossl_statem_in_error(const SSL *ssl)
+{
+    SSL_ASSERT1(ssl);
+
+    if (ssl->statem.state == MSG_FLOW_ERROR)
+        return 1;
+
+    return 0;
+}
+
+/**
+ * @brief get the SSL specifical statement
+ */
+int SSL_want(const SSL *ssl)
+{
+    SSL_ASSERT1(ssl);
+
+    return ssl->rwstate;
+}
+
+/**
+ * @brief check if SSL want nothing
+ */
+int SSL_want_nothing(const SSL *ssl)
+{
+    SSL_ASSERT1(ssl);
+
+    if (ssl->err)
+	    return 1;
+
+    return (SSL_want(ssl) == SSL_NOTHING);
+}
+
+/**
+ * @brief check if SSL want to read
+ */
+int SSL_want_read(const SSL *ssl)
+{
+    SSL_ASSERT1(ssl);
+
+    if (ssl->err)
+	    return 0;
+
+    return (SSL_want(ssl) == SSL_READING);
+}
+
+/**
+ * @brief check if SSL want to write
+ */
+int SSL_want_write(const SSL *ssl)
+{
+    SSL_ASSERT1(ssl);
+
+    if (ssl->err)
+	    return 0;
+
+    return (SSL_want(ssl) == SSL_WRITING);
+}
+
+/**
+ * @brief check if SSL want to lookup X509 certification
+ */
+int SSL_want_x509_lookup(const SSL *ssl)
+{
+    SSL_ASSERT1(ssl);
+
+    return (SSL_want(ssl) == SSL_WRITING);
+}
+
+/**
+ * @brief get SSL error code
+ */
+int SSL_get_error(const SSL *ssl, int ret_code)
+{
+    int ret = SSL_ERROR_SYSCALL;
+
+    SSL_ASSERT1(ssl);
+
+    if (ret_code > 0)
+        ret = SSL_ERROR_NONE;
+    else if (ret_code < 0)
+    {
+        if (SSL_want_read(ssl))
+            ret = SSL_ERROR_WANT_READ;
+        else if (SSL_want_write(ssl))
+            ret = SSL_ERROR_WANT_WRITE;
+        else
+            ret = SSL_ERROR_SYSCALL; //unknown
+    }
+    else // ret_code == 0
+    {
+        if (ssl->shutdown & SSL_RECEIVED_SHUTDOWN)
+            ret = SSL_ERROR_ZERO_RETURN;
+        else
+            ret = SSL_ERROR_SYSCALL;
+    }
+
+    return ret;
+}
+
+/**
+ * @brief get the SSL state
+ */
+OSSL_HANDSHAKE_STATE SSL_get_state(const SSL *ssl)
+{
+    OSSL_HANDSHAKE_STATE state;
+
+    SSL_ASSERT1(ssl);
+
+    state = SSL_METHOD_CALL(get_state, ssl);
+
+    return state;
+}
+
+/**
+ * @brief create a SSL context
+ */
+SSL_CTX* SSL_CTX_new(const SSL_METHOD *method)
+{
+    SSL_CTX *ctx;
+    CERT *cert;
+    X509 *client_ca;
+
+    if (!method) {
+        SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "no no_method");
+        return NULL;
+    }
+
+    client_ca = X509_new();
+    if (!client_ca) {
+        SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "X509_new() return NULL");
+        goto failed1;
+    }
+
+    cert = ssl_cert_new();
+    if (!cert) {
+        SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "ssl_cert_new() return NULL");
+        goto failed2;
+    }
+
+    ctx = (SSL_CTX *)ssl_mem_zalloc(sizeof(SSL_CTX));
+    if (!ctx) {
+        SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "no enough memory > (ctx)");
+        goto failed3;
+    }
+
+    ctx->method = method;
+    ctx->client_CA = client_ca;
+    ctx->cert = cert;
+
+    ctx->version = method->version;
+
+    return ctx;
+
+failed3:
+    ssl_cert_free(cert);
+failed2:
+    X509_free(client_ca);
+failed1:
+    return NULL;
+}
+
+/**
+ * @brief free a SSL context
+ */
+void SSL_CTX_free(SSL_CTX* ctx)
+{
+    SSL_ASSERT3(ctx);
+
+    ssl_cert_free(ctx->cert);
+
+    X509_free(ctx->client_CA);
+
+    if (ctx->alpn_protos)
+	    ssl_mem_free(ctx->alpn_protos);
+
+    ssl_mem_free(ctx);
+}
+
+/**
+ * @brief set  the SSL context version
+ */
+int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
+{
+    SSL_ASSERT1(ctx);
+    SSL_ASSERT1(meth);
+
+    ctx->method = meth;
+
+    ctx->version = meth->version;
+
+    return 1;
+}
+
+/**
+ * @brief get the SSL context current method
+ */
+const SSL_METHOD *SSL_CTX_get_ssl_method(SSL_CTX *ctx)
+{
+    SSL_ASSERT2(ctx);
+
+    return ctx->method;
+}
+
+/**
+ * @brief create a SSL
+ */
+SSL *SSL_new(SSL_CTX *ctx)
+{
+    int ret = 0;
+    SSL *ssl;
+
+    if (!ctx) {
+        SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "no ctx");
+        return NULL;
+    }
+
+    ssl = (SSL *)ssl_mem_zalloc(sizeof(SSL));
+    if (!ssl) {
+        SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "no enough memory > (ssl)");
+        goto failed1;
+    }
+
+    ssl->session = SSL_SESSION_new();
+    if (!ssl->session) {
+        SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "SSL_SESSION_new() return NULL");
+        goto failed2;
+    }
+
+    ssl->cert = __ssl_cert_new(ctx->cert);
+    if (!ssl->cert) {
+        SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "__ssl_cert_new() return NULL");
+        goto failed3;
+    }
+
+    ssl->client_CA = __X509_new(ctx->client_CA);
+    if (!ssl->client_CA) {
+        SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "__X509_new() return NULL");
+        goto failed4;
+    }
+
+    ssl->ctx = ctx;
+    ssl->method = ctx->method;
+
+    ssl->version = ctx->version;
+    ssl->options = ctx->options;
+
+    ssl->verify_mode = ctx->verify_mode;
+
+    ret = SSL_METHOD_CALL(new, ssl);
+    if (ret) {
+        SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "SSL_METHOD_CALL(new) return %d", ret);
+        goto failed5;
+    }
+
+   _ssl_set_alpn_list(ssl);
+
+    ssl->rwstate = SSL_NOTHING;
+
+    return ssl;
+
+failed5:
+    X509_free(ssl->client_CA);
+failed4:
+    ssl_cert_free(ssl->cert);
+failed3:
+    SSL_SESSION_free(ssl->session);
+failed2:
+    ssl_mem_free(ssl);
+failed1:
+    return NULL;
+}
+
+/**
+ * @brief free the SSL
+ */
+void SSL_free(SSL *ssl)
+{
+    SSL_ASSERT3(ssl);
+
+    SSL_METHOD_CALL(free, ssl);
+
+    X509_free(ssl->client_CA);
+
+    ssl_cert_free(ssl->cert);
+
+    SSL_SESSION_free(ssl->session);
+
+    ssl_mem_free(ssl);
+}
+
+/**
+ * @brief perform the SSL handshake
+ */
+int SSL_do_handshake(SSL *ssl)
+{
+    int ret;
+
+    SSL_ASSERT1(ssl);
+
+    ret = SSL_METHOD_CALL(handshake, ssl);
+
+    return ret;
+}
+
+/**
+ * @brief connect to the remote SSL server
+ */
+int SSL_connect(SSL *ssl)
+{
+    SSL_ASSERT1(ssl);
+
+    return SSL_do_handshake(ssl);
+}
+
+/**
+ * @brief accept the remote connection
+ */
+int SSL_accept(SSL *ssl)
+{
+    SSL_ASSERT1(ssl);
+
+    return SSL_do_handshake(ssl);
+}
+
+/**
+ * @brief shutdown the connection
+ */
+int SSL_shutdown(SSL *ssl)
+{
+    int ret;
+
+    SSL_ASSERT1(ssl);
+
+    if (SSL_get_state(ssl) != TLS_ST_OK) return 1;
+
+    ret = SSL_METHOD_CALL(shutdown, ssl);
+
+    return ret;
+}
+
+/**
+ * @brief reset the SSL
+ */
+int SSL_clear(SSL *ssl)
+{
+    int ret;
+
+    SSL_ASSERT1(ssl);
+
+    ret = SSL_shutdown(ssl);
+    if (1 != ret) {
+        SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "SSL_shutdown return %d", ret);
+        goto failed1;
+    }
+
+    SSL_METHOD_CALL(free, ssl);
+
+    ret = SSL_METHOD_CALL(new, ssl);
+    if (!ret) {
+        SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "SSL_METHOD_CALL(new) return %d", ret);
+        goto failed1;
+    }
+
+    return 1;
+
+failed1:
+    return ret;
+}
+
+/**
+ * @brief read data from to remote
+ */
+int SSL_read(SSL *ssl, void *buffer, int len)
+{
+    int ret;
+
+    SSL_ASSERT1(ssl);
+    SSL_ASSERT1(buffer);
+    SSL_ASSERT1(len);
+
+    ssl->rwstate = SSL_READING;
+
+    ret = SSL_METHOD_CALL(read, ssl, buffer, len);
+
+    if (ret == len)
+        ssl->rwstate = SSL_NOTHING;
+
+    return ret;
+}
+
+/**
+ * @brief send the data to remote
+ */
+int SSL_write(SSL *ssl, const void *buffer, int len)
+{
+    int ret;
+    int send_bytes;
+    const unsigned char *pbuf;
+
+    SSL_ASSERT1(ssl);
+    SSL_ASSERT1(buffer);
+    SSL_ASSERT1(len);
+
+    ssl->rwstate = SSL_WRITING;
+
+    send_bytes = len;
+    pbuf = (const unsigned char *)buffer;
+
+    do {
+        int bytes;
+
+        if (send_bytes > SSL_SEND_DATA_MAX_LENGTH)
+            bytes = SSL_SEND_DATA_MAX_LENGTH;
+        else
+            bytes = send_bytes;
+
+        ret = SSL_METHOD_CALL(send, ssl, pbuf, bytes);
+        if (ret > 0) {
+            pbuf += ret;
+            send_bytes -= ret;
+        }
+    } while (ret > 0 && send_bytes);
+
+    if (ret >= 0) {
+        ret = len - send_bytes;
+        ssl->rwstate = SSL_NOTHING;
+    } else
+        ret = -1;
+
+    return ret;
+}
+
+/**
+ * @brief get SSL context of the SSL
+ */
+SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl)
+{
+    SSL_ASSERT2(ssl);
+
+    return ssl->ctx;
+}
+
+/**
+ * @brief get the SSL current method
+ */
+const SSL_METHOD *SSL_get_ssl_method(SSL *ssl)
+{
+    SSL_ASSERT2(ssl);
+
+    return ssl->method;
+}
+
+/**
+ * @brief set the SSL method
+ */
+int SSL_set_ssl_method(SSL *ssl, const SSL_METHOD *method)
+{
+    int ret;
+
+    SSL_ASSERT1(ssl);
+    SSL_ASSERT1(method);
+
+    if (ssl->version != method->version) {
+
+        ret = SSL_shutdown(ssl);
+        if (1 != ret) {
+            SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "SSL_shutdown return %d", ret);
+            goto failed1;
+        }
+
+        SSL_METHOD_CALL(free, ssl);
+
+        ssl->method = method;
+
+        ret = SSL_METHOD_CALL(new, ssl);
+        if (!ret) {
+            SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "SSL_METHOD_CALL(new) return %d", ret);
+            goto failed1;
+        }
+    } else {
+        ssl->method = method;
+    }
+
+
+    return 1;
+
+failed1:
+    return ret;
+}
+
+/**
+ * @brief get SSL shutdown mode
+ */
+int SSL_get_shutdown(const SSL *ssl)
+{
+    SSL_ASSERT1(ssl);
+
+    return ssl->shutdown;
+}
+
+/**
+ * @brief set SSL shutdown mode
+ */
+void SSL_set_shutdown(SSL *ssl, int mode)
+{
+    SSL_ASSERT3(ssl);
+
+    ssl->shutdown = mode;
+}
+
+
+/**
+ * @brief get the number of the bytes to be read
+ */
+int SSL_pending(const SSL *ssl)
+{
+    int ret;
+
+    SSL_ASSERT1(ssl);
+
+    ret = SSL_METHOD_CALL(pending, ssl);
+
+    return ret;
+}
+
+/**
+ * @brief check if some data can be read
+ */
+int SSL_has_pending(const SSL *ssl)
+{
+    int ret;
+
+    SSL_ASSERT1(ssl);
+
+    if (SSL_pending(ssl))
+        ret = 1;
+    else
+        ret = 0;
+
+    return ret;
+}
+
+/**
+ * @brief clear the SSL context option bit of "op"
+ */
+unsigned long SSL_CTX_clear_options(SSL_CTX *ctx, unsigned long op)
+{
+    SSL_ASSERT1(ctx);
+
+    return ctx->options &= ~op;
+}
+
+/**
+ * @brief get the SSL context option
+ */
+unsigned long SSL_CTX_get_options(SSL_CTX *ctx)
+{
+    SSL_ASSERT1(ctx);
+
+    return ctx->options;
+}
+
+/**
+ * @brief set the option of the SSL context
+ */
+unsigned long SSL_CTX_set_options(SSL_CTX *ctx, unsigned long opt)
+{
+    SSL_ASSERT1(ctx);
+
+    return ctx->options |= opt;
+}
+
+/**
+ * @brief clear SSL option
+ */
+unsigned long SSL_clear_options(SSL *ssl, unsigned long op)
+{
+    SSL_ASSERT1(ssl);
+
+    return ssl->options & ~op;
+}
+
+/**
+ * @brief get SSL option
+ */
+unsigned long SSL_get_options(SSL *ssl)
+{
+    SSL_ASSERT1(ssl);
+
+    return ssl->options;
+}
+
+/**
+ * @brief clear SSL option
+ */
+unsigned long SSL_set_options(SSL *ssl, unsigned long op)
+{
+    SSL_ASSERT1(ssl);
+
+    return ssl->options |= op;
+}
+
+/**
+ * @brief get the socket handle of the SSL
+ */
+int SSL_get_fd(const SSL *ssl)
+{
+    int ret;
+
+    SSL_ASSERT1(ssl);
+
+    ret = SSL_METHOD_CALL(get_fd, ssl, 0);
+
+    return ret;
+}
+
+/**
+ * @brief get the read only socket handle of the SSL
+ */
+int SSL_get_rfd(const SSL *ssl)
+{
+    int ret;
+
+    SSL_ASSERT1(ssl);
+
+    ret = SSL_METHOD_CALL(get_fd, ssl, 0);
+
+    return ret;
+}
+
+/**
+ * @brief get the write only socket handle of the SSL
+ */
+int SSL_get_wfd(const SSL *ssl)
+{
+    int ret;
+
+    SSL_ASSERT1(ssl);
+
+    ret = SSL_METHOD_CALL(get_fd, ssl, 0);
+
+    return ret;
+}
+
+/**
+ * @brief bind the socket file description into the SSL
+ */
+int SSL_set_fd(SSL *ssl, int fd)
+{
+    SSL_ASSERT1(ssl);
+    SSL_ASSERT1(fd >= 0);
+
+    SSL_METHOD_CALL(set_fd, ssl, fd, 0);
+
+    return 1;
+}
+
+/**
+ * @brief bind the read only socket file description into the SSL
+ */
+int SSL_set_rfd(SSL *ssl, int fd)
+{
+    SSL_ASSERT1(ssl);
+    SSL_ASSERT1(fd >= 0);
+
+    SSL_METHOD_CALL(set_fd, ssl, fd, 0);
+
+    return 1;
+}
+
+/**
+ * @brief bind the write only socket file description into the SSL
+ */
+int SSL_set_wfd(SSL *ssl, int fd)
+{
+    SSL_ASSERT1(ssl);
+    SSL_ASSERT1(fd >= 0);
+
+    SSL_METHOD_CALL(set_fd, ssl, fd, 0);
+
+    return 1;
+}
+
+/**
+ * @brief get SSL version
+ */
+int SSL_version(const SSL *ssl)
+{
+    SSL_ASSERT1(ssl);
+
+    return ssl->version;
+}
+
+/**
+ * @brief get the SSL version string
+ */
+static const char* ssl_protocol_to_string(int version)
+{
+    const char *str;
+
+    if (version == TLS1_2_VERSION)
+        str = "TLSv1.2";
+    else if (version == TLS1_1_VERSION)
+        str = "TLSv1.1";
+    else if (version == TLS1_VERSION)
+        str = "TLSv1";
+    else if (version == SSL3_VERSION)
+        str = "SSLv3";
+    else
+        str = "unknown";
+
+    return str;
+}
+
+/**
+ * @brief get the SSL current version
+ */
+const char *SSL_get_version(const SSL *ssl)
+{
+    SSL_ASSERT2(ssl);
+
+    return ssl_protocol_to_string(SSL_version(ssl));
+}
+
+/**
+ * @brief get alert description string
+ */
+const char* SSL_alert_desc_string(int value)
+{
+    const char *str;
+
+    switch (value & 0xff)
+    {
+        case SSL3_AD_CLOSE_NOTIFY:
+            str = "CN";
+            break;
+        case SSL3_AD_UNEXPECTED_MESSAGE:
+            str = "UM";
+            break;
+        case SSL3_AD_BAD_RECORD_MAC:
+            str = "BM";
+            break;
+        case SSL3_AD_DECOMPRESSION_FAILURE:
+            str = "DF";
+            break;
+        case SSL3_AD_HANDSHAKE_FAILURE:
+            str = "HF";
+            break;
+        case SSL3_AD_NO_CERTIFICATE:
+            str = "NC";
+            break;
+        case SSL3_AD_BAD_CERTIFICATE:
+            str = "BC";
+            break;
+        case SSL3_AD_UNSUPPORTED_CERTIFICATE:
+            str = "UC";
+            break;
+        case SSL3_AD_CERTIFICATE_REVOKED:
+            str = "CR";
+            break;
+        case SSL3_AD_CERTIFICATE_EXPIRED:
+            str = "CE";
+            break;
+        case SSL3_AD_CERTIFICATE_UNKNOWN:
+            str = "CU";
+            break;
+        case SSL3_AD_ILLEGAL_PARAMETER:
+            str = "IP";
+            break;
+        case TLS1_AD_DECRYPTION_FAILED:
+            str = "DC";
+            break;
+        case TLS1_AD_RECORD_OVERFLOW:
+            str = "RO";
+            break;
+        case TLS1_AD_UNKNOWN_CA:
+            str = "CA";
+            break;
+        case TLS1_AD_ACCESS_DENIED:
+            str = "AD";
+            break;
+        case TLS1_AD_DECODE_ERROR:
+            str = "DE";
+            break;
+        case TLS1_AD_DECRYPT_ERROR:
+            str = "CY";
+            break;
+        case TLS1_AD_EXPORT_RESTRICTION:
+            str = "ER";
+            break;
+        case TLS1_AD_PROTOCOL_VERSION:
+            str = "PV";
+            break;
+        case TLS1_AD_INSUFFICIENT_SECURITY:
+            str = "IS";
+            break;
+        case TLS1_AD_INTERNAL_ERROR:
+            str = "IE";
+            break;
+        case TLS1_AD_USER_CANCELLED:
+            str = "US";
+            break;
+        case TLS1_AD_NO_RENEGOTIATION:
+            str = "NR";
+            break;
+        case TLS1_AD_UNSUPPORTED_EXTENSION:
+            str = "UE";
+            break;
+        case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
+            str = "CO";
+            break;
+        case TLS1_AD_UNRECOGNIZED_NAME:
+            str = "UN";
+            break;
+        case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
+            str = "BR";
+            break;
+        case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
+            str = "BH";
+            break;
+        case TLS1_AD_UNKNOWN_PSK_IDENTITY:
+            str = "UP";
+            break;
+        default:
+            str = "UK";
+            break;
+    }
+
+    return str;
+}
+
+/**
+ * @brief get alert description long string
+ */
+const char* SSL_alert_desc_string_long(int value)
+{
+    const char *str;
+
+    switch (value & 0xff)
+    {
+        case SSL3_AD_CLOSE_NOTIFY:
+            str = "close notify";
+            break;
+        case SSL3_AD_UNEXPECTED_MESSAGE:
+            str = "unexpected_message";
+            break;
+        case SSL3_AD_BAD_RECORD_MAC:
+            str = "bad record mac";
+            break;
+        case SSL3_AD_DECOMPRESSION_FAILURE:
+            str = "decompression failure";
+            break;
+        case SSL3_AD_HANDSHAKE_FAILURE:
+            str = "handshake failure";
+            break;
+        case SSL3_AD_NO_CERTIFICATE:
+            str = "no certificate";
+            break;
+        case SSL3_AD_BAD_CERTIFICATE:
+            str = "bad certificate";
+            break;
+        case SSL3_AD_UNSUPPORTED_CERTIFICATE:
+            str = "unsupported certificate";
+            break;
+        case SSL3_AD_CERTIFICATE_REVOKED:
+            str = "certificate revoked";
+            break;
+        case SSL3_AD_CERTIFICATE_EXPIRED:
+            str = "certificate expired";
+            break;
+        case SSL3_AD_CERTIFICATE_UNKNOWN:
+            str = "certificate unknown";
+            break;
+        case SSL3_AD_ILLEGAL_PARAMETER:
+            str = "illegal parameter";
+            break;
+        case TLS1_AD_DECRYPTION_FAILED:
+            str = "decryption failed";
+            break;
+        case TLS1_AD_RECORD_OVERFLOW:
+            str = "record overflow";
+            break;
+        case TLS1_AD_UNKNOWN_CA:
+            str = "unknown CA";
+            break;
+        case TLS1_AD_ACCESS_DENIED:
+            str = "access denied";
+            break;
+        case TLS1_AD_DECODE_ERROR:
+            str = "decode error";
+            break;
+        case TLS1_AD_DECRYPT_ERROR:
+            str = "decrypt error";
+            break;
+        case TLS1_AD_EXPORT_RESTRICTION:
+            str = "export restriction";
+            break;
+        case TLS1_AD_PROTOCOL_VERSION:
+            str = "protocol version";
+            break;
+        case TLS1_AD_INSUFFICIENT_SECURITY:
+            str = "insufficient security";
+            break;
+        case TLS1_AD_INTERNAL_ERROR:
+            str = "internal error";
+            break;
+        case TLS1_AD_USER_CANCELLED:
+            str = "user canceled";
+            break;
+        case TLS1_AD_NO_RENEGOTIATION:
+            str = "no renegotiation";
+            break;
+        case TLS1_AD_UNSUPPORTED_EXTENSION:
+            str = "unsupported extension";
+            break;
+        case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
+            str = "certificate unobtainable";
+            break;
+        case TLS1_AD_UNRECOGNIZED_NAME:
+            str = "unrecognized name";
+            break;
+        case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
+            str = "bad certificate status response";
+            break;
+        case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
+            str = "bad certificate hash value";
+            break;
+        case TLS1_AD_UNKNOWN_PSK_IDENTITY:
+            str = "unknown PSK identity";
+            break;
+        default:
+            str = "unknown";
+            break;
+    }
+
+    return str;
+}
+
+/**
+ * @brief get alert type string
+ */
+const char *SSL_alert_type_string(int value)
+{
+    const char *str;
+
+    switch (value >> 8)
+    {
+    case SSL3_AL_WARNING:
+        str = "W";
+        break;
+    case SSL3_AL_FATAL:
+        str = "F";
+        break;
+    default:
+        str = "U";
+        break;
+    }
+
+    return str;
+}
+
+/**
+ * @brief get alert type long string
+ */
+const char *SSL_alert_type_string_long(int value)
+{
+    const char *str;
+
+    switch (value >> 8)
+    {
+        case SSL3_AL_WARNING:
+            str = "warning";
+            break;
+        case SSL3_AL_FATAL:
+            str = "fatal";
+            break;
+        default:
+            str = "unknown";
+            break;
+    }
+
+    return str;
+}
+
+/**
+ * @brief get the state string where SSL is reading
+ */
+const char *SSL_rstate_string(SSL *ssl)
+{
+    const char *str;
+
+    SSL_ASSERT2(ssl);
+
+    switch (ssl->rlayer.rstate)
+    {
+        case SSL_ST_READ_HEADER:
+            str = "RH";
+            break;
+        case SSL_ST_READ_BODY:
+            str = "RB";
+            break;
+        case SSL_ST_READ_DONE:
+            str = "RD";
+            break;
+        default:
+            str = "unknown";
+            break;
+    }
+
+    return str;
+}
+
+/**
+ * @brief get the statement long string where SSL is reading
+ */
+const char *SSL_rstate_string_long(SSL *ssl)
+{
+    const char *str = "unknown";
+
+    SSL_ASSERT2(ssl);
+
+    switch (ssl->rlayer.rstate)
+    {
+        case SSL_ST_READ_HEADER:
+            str = "read header";
+            break;
+        case SSL_ST_READ_BODY:
+            str = "read body";
+            break;
+        case SSL_ST_READ_DONE:
+            str = "read done";
+            break;
+        default:
+            break;
+    }
+
+    return str;
+}
+
+/**
+ * @brief get SSL statement string
+ */
+char *SSL_state_string(const SSL *ssl)
+{
+    char *str = "UNKWN ";
+
+    SSL_ASSERT2(ssl);
+
+    if (ossl_statem_in_error(ssl))
+        str = "SSLERR";
+    else
+    {
+        switch (SSL_get_state(ssl))
+        {
+            case TLS_ST_BEFORE:
+                str = "PINIT ";
+                break;
+            case TLS_ST_OK:
+                str =  "SSLOK ";
+                break;
+            case TLS_ST_CW_CLNT_HELLO:
+                str = "TWCH";
+                break;
+            case TLS_ST_CR_SRVR_HELLO:
+                str = "TRSH";
+                break;
+            case TLS_ST_CR_CERT:
+                str = "TRSC";
+                break;
+            case TLS_ST_CR_KEY_EXCH:
+                str = "TRSKE";
+                break;
+            case TLS_ST_CR_CERT_REQ:
+                str = "TRCR";
+                break;
+            case TLS_ST_CR_SRVR_DONE:
+                str = "TRSD";
+                break;
+            case TLS_ST_CW_CERT:
+                str = "TWCC";
+                break;
+            case TLS_ST_CW_KEY_EXCH:
+                str = "TWCKE";
+                break;
+            case TLS_ST_CW_CERT_VRFY:
+                str = "TWCV";
+                break;
+            case TLS_ST_SW_CHANGE:
+            case TLS_ST_CW_CHANGE:
+                str = "TWCCS";
+                break;
+            case TLS_ST_SW_FINISHED:
+            case TLS_ST_CW_FINISHED:
+                str = "TWFIN";
+                break;
+            case TLS_ST_SR_CHANGE:
+            case TLS_ST_CR_CHANGE:
+                str = "TRCCS";
+                break;
+            case TLS_ST_SR_FINISHED:
+            case TLS_ST_CR_FINISHED:
+                str = "TRFIN";
+                break;
+            case TLS_ST_SW_HELLO_REQ:
+                str = "TWHR";
+                break;
+            case TLS_ST_SR_CLNT_HELLO:
+                str = "TRCH";
+                break;
+            case TLS_ST_SW_SRVR_HELLO:
+                str = "TWSH";
+                break;
+            case TLS_ST_SW_CERT:
+                str = "TWSC";
+                break;
+            case TLS_ST_SW_KEY_EXCH:
+                str = "TWSKE";
+                break;
+            case TLS_ST_SW_CERT_REQ:
+                str = "TWCR";
+                break;
+            case TLS_ST_SW_SRVR_DONE:
+                str = "TWSD";
+                break;
+            case TLS_ST_SR_CERT:
+                str = "TRCC";
+                break;
+            case TLS_ST_SR_KEY_EXCH:
+                str = "TRCKE";
+                break;
+            case TLS_ST_SR_CERT_VRFY:
+                str = "TRCV";
+                break;
+            case DTLS_ST_CR_HELLO_VERIFY_REQUEST:
+                str = "DRCHV";
+                break;
+            case DTLS_ST_SW_HELLO_VERIFY_REQUEST:
+                str = "DWCHV";
+                break;
+            default:
+                break;
+        }
+    }
+
+    return str;
+}
+
+/**
+ * @brief get SSL statement long string
+ */
+char *SSL_state_string_long(const SSL *ssl)
+{
+    char *str = "UNKWN ";
+
+    SSL_ASSERT2(ssl);
+
+    if (ossl_statem_in_error(ssl))
+        str = "SSLERR";
+    else
+    {
+        switch (SSL_get_state(ssl))
+        {
+            case TLS_ST_BEFORE:
+                str = "before SSL initialization";
+                break;
+            case TLS_ST_OK:
+                str = "SSL negotiation finished successfully";
+                break;
+            case TLS_ST_CW_CLNT_HELLO:
+                str = "SSLv3/TLS write client hello";
+                break;
+            case TLS_ST_CR_SRVR_HELLO:
+                str = "SSLv3/TLS read server hello";
+                break;
+            case TLS_ST_CR_CERT:
+                str = "SSLv3/TLS read server certificate";
+                break;
+            case TLS_ST_CR_KEY_EXCH:
+                str = "SSLv3/TLS read server key exchange";
+                break;
+            case TLS_ST_CR_CERT_REQ:
+                str = "SSLv3/TLS read server certificate request";
+                break;
+            case TLS_ST_CR_SESSION_TICKET:
+                str = "SSLv3/TLS read server session ticket";
+                break;
+            case TLS_ST_CR_SRVR_DONE:
+                str = "SSLv3/TLS read server done";
+                break;
+            case TLS_ST_CW_CERT:
+                str = "SSLv3/TLS write client certificate";
+                break;
+            case TLS_ST_CW_KEY_EXCH:
+                str = "SSLv3/TLS write client key exchange";
+                break;
+            case TLS_ST_CW_CERT_VRFY:
+                str = "SSLv3/TLS write certificate verify";
+                break;
+            case TLS_ST_CW_CHANGE:
+            case TLS_ST_SW_CHANGE:
+                str = "SSLv3/TLS write change cipher spec";
+                break;
+            case TLS_ST_CW_FINISHED:
+            case TLS_ST_SW_FINISHED:
+                str = "SSLv3/TLS write finished";
+                break;
+            case TLS_ST_CR_CHANGE:
+            case TLS_ST_SR_CHANGE:
+                str = "SSLv3/TLS read change cipher spec";
+                break;
+            case TLS_ST_CR_FINISHED:
+            case TLS_ST_SR_FINISHED:
+                str = "SSLv3/TLS read finished";
+                break;
+            case TLS_ST_SR_CLNT_HELLO:
+                str = "SSLv3/TLS read client hello";
+                break;
+            case TLS_ST_SW_HELLO_REQ:
+                str = "SSLv3/TLS write hello request";
+                break;
+            case TLS_ST_SW_SRVR_HELLO:
+                str = "SSLv3/TLS write server hello";
+                break;
+            case TLS_ST_SW_CERT:
+                str = "SSLv3/TLS write certificate";
+                break;
+            case TLS_ST_SW_KEY_EXCH:
+                str = "SSLv3/TLS write key exchange";
+                break;
+            case TLS_ST_SW_CERT_REQ:
+                str = "SSLv3/TLS write certificate request";
+                break;
+            case TLS_ST_SW_SESSION_TICKET:
+                str = "SSLv3/TLS write session ticket";
+                break;
+            case TLS_ST_SW_SRVR_DONE:
+                str = "SSLv3/TLS write server done";
+                break;
+            case TLS_ST_SR_CERT:
+                str = "SSLv3/TLS read client certificate";
+                break;
+            case TLS_ST_SR_KEY_EXCH:
+                str = "SSLv3/TLS read client key exchange";
+                break;
+            case TLS_ST_SR_CERT_VRFY:
+                str = "SSLv3/TLS read certificate verify";
+                break;
+            case DTLS_ST_CR_HELLO_VERIFY_REQUEST:
+                str = "DTLS1 read hello verify request";
+                break;
+            case DTLS_ST_SW_HELLO_VERIFY_REQUEST:
+                str = "DTLS1 write hello verify request";
+                break;
+            default:
+                break;
+        }
+    }
+
+    return str;
+}
+
+/**
+ * @brief set the SSL context read buffer length
+ */
+void SSL_CTX_set_default_read_buffer_len(SSL_CTX *ctx, size_t len)
+{
+    SSL_ASSERT3(ctx);
+
+    ctx->read_buffer_len = len;
+}
+
+/**
+ * @brief set the SSL read buffer length
+ */
+void SSL_set_default_read_buffer_len(SSL *ssl, size_t len)
+{
+    SSL_ASSERT3(ssl);
+    SSL_ASSERT3(len);
+
+    SSL_METHOD_CALL(set_bufflen, ssl, len);
+}
+
+/**
+ * @brief set the SSL information callback function
+ */
+void SSL_set_info_callback(SSL *ssl, void (*cb) (const SSL *ssl, int type, int val))
+{
+    SSL_ASSERT3(ssl);
+
+    ssl->info_callback = cb;
+}
+
+/**
+ * @brief add SSL context reference count by '1'
+ */
+int SSL_CTX_up_ref(SSL_CTX *ctx)
+{
+    SSL_ASSERT1(ctx);
+
+    /**
+     * no support multi-thread SSL here
+     */
+    ctx->references++;
+
+    return 1;
+}
+
+/**
+ * @brief set the SSL security level
+ */
+void SSL_set_security_level(SSL *ssl, int level)
+{
+    SSL_ASSERT3(ssl);
+
+    ssl->cert->sec_level = level;
+}
+
+/**
+ * @brief get the SSL security level
+ */
+int SSL_get_security_level(const SSL *ssl)
+{
+    SSL_ASSERT1(ssl);
+
+    return ssl->cert->sec_level;
+}
+
+/**
+ * @brief get the SSL verifying mode of the SSL context
+ */
+int SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
+{
+    SSL_ASSERT1(ctx);
+
+    return ctx->verify_mode;
+}
+
+/**
+ * @brief set the session timeout time
+ */
+long SSL_CTX_set_timeout(SSL_CTX *ctx, long t)
+{
+    long l;
+
+    SSL_ASSERT1(ctx);
+
+    l = ctx->session_timeout;
+    ctx->session_timeout = t;
+
+    return l;
+}
+
+/**
+ * @brief get the session timeout time
+ */
+long SSL_CTX_get_timeout(const SSL_CTX *ctx)
+{
+    SSL_ASSERT1(ctx);
+
+    return ctx->session_timeout;
+}
+
+/**
+ * @brief set the SSL if we can read as many as data
+ */
+void SSL_set_read_ahead(SSL *ssl, int yes)
+{
+    SSL_ASSERT3(ssl);
+
+    ssl->rlayer.read_ahead = yes;
+}
+
+/**
+ * @brief set the SSL context if we can read as many as data
+ */
+void SSL_CTX_set_read_ahead(SSL_CTX *ctx, int yes)
+{
+    SSL_ASSERT3(ctx);
+
+    ctx->read_ahead = yes;
+}
+
+/**
+ * @brief get the SSL ahead signal if we can read as many as data
+ */
+int SSL_get_read_ahead(const SSL *ssl)
+{
+    SSL_ASSERT1(ssl);
+
+    return ssl->rlayer.read_ahead;
+}
+
+/**
+ * @brief get the SSL context ahead signal if we can read as many as data
+ */
+long SSL_CTX_get_read_ahead(SSL_CTX *ctx)
+{
+    SSL_ASSERT1(ctx);
+
+    return ctx->read_ahead;
+}
+
+/**
+ * @brief check if the SSL context can read as many as data
+ */
+long SSL_CTX_get_default_read_ahead(SSL_CTX *ctx)
+{
+    SSL_ASSERT1(ctx);
+
+    return ctx->read_ahead;
+}
+
+/**
+ * @brief set SSL session time
+ */
+long SSL_set_time(SSL *ssl, long t)
+{
+    SSL_ASSERT1(ssl);
+
+    ssl->session->time = t;
+
+    return t;
+}
+
+/**
+ * @brief set SSL session timeout time
+ */
+long SSL_set_timeout(SSL *ssl, long t)
+{
+    SSL_ASSERT1(ssl);
+
+    ssl->session->timeout = t;
+
+    return t;
+}
+
+/**
+ * @brief get the verifying result of the SSL certification
+ */
+long SSL_get_verify_result(const SSL *ssl)
+{
+    SSL_ASSERT1(ssl);
+
+    return SSL_METHOD_CALL(get_verify_result, ssl);
+}
+
+/**
+ * @brief get the SSL verifying depth of the SSL context
+ */
+int SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
+{
+    SSL_ASSERT1(ctx);
+
+    return ctx->param.depth;
+}
+
+/**
+ * @brief set the SSL verify depth of the SSL context
+ */
+void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth)
+{
+    SSL_ASSERT3(ctx);
+
+    ctx->param.depth = depth;
+}
+
+/**
+ * @brief get the SSL verifying depth of the SSL
+ */
+int SSL_get_verify_depth(const SSL *ssl)
+{
+    SSL_ASSERT1(ssl);
+
+    return ssl->param.depth;
+}
+
+/**
+ * @brief set the SSL verify depth of the SSL
+ */
+void SSL_set_verify_depth(SSL *ssl, int depth)
+{
+    SSL_ASSERT3(ssl);
+
+    ssl->param.depth = depth;
+}
+
+/**
+ * @brief set the SSL context verifying of the SSL context
+ */
+void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*verify_callback)(int, X509_STORE_CTX *))
+{
+    SSL_ASSERT3(ctx);
+
+    ctx->verify_mode = mode;
+    ctx->default_verify_callback = verify_callback;
+}
+
+/**
+ * @brief set the SSL verifying of the SSL context
+ */
+void SSL_set_verify(SSL *ssl, int mode, int (*verify_callback)(int, X509_STORE_CTX *))
+{
+    SSL_ASSERT3(ssl);
+
+    ssl->verify_mode = mode;
+    ssl->verify_callback = verify_callback;
+}
+
+void ERR_error_string_n(unsigned long e, char *buf, size_t len)
+{
+	strncpy(buf, "unknown", len);
+}
+
+void ERR_free_strings(void)
+{
+}
+
+char *ERR_error_string(unsigned long e, char *buf)
+{
+	if (buf) {
+		strcpy(buf, "unknown");
+	}
+
+	return "unknown";
+}
+
+void *SSL_CTX_get_ex_data(const SSL_CTX *ctx, int idx)
+{
+	return NULL;
+}
+
+/*
+ * Openssl wants the valid protocol names supplied like this:
+ *
+ * (unsigned char *)"\x02h2\x08http/1.1", 6 + 9
+ *
+ * Mbedtls wants this:
+ *
+ * Pointer to a NULL-terminated list of supported protocols, in decreasing
+ * preference order. The pointer to the list is recorded by the library for
+ * later reference as required, so the lifetime of the table must be at least
+ * as long as the lifetime of the SSL configuration structure.
+ *
+ * So accept the OpenSSL style and convert to mbedtls style
+ */
+
+struct alpn_ctx {
+	unsigned char *data;
+	unsigned short len;
+};
+
+void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx, next_proto_cb cb, void *arg)
+{
+	struct alpn_ctx *ac = arg;
+	unsigned char *p = ac->data, *q;
+	unsigned char len;
+	int count = 0;
+
+	/* find out how many entries he gave us */
+
+	len = *p++;
+	while (p - ac->data < ac->len) {
+		if (len--) {
+			p++;
+			continue;
+		}
+		count++;
+		len = *p++;
+		if (!len)
+			break;
+	}
+
+	if (!count)
+		return;
+
+	/* allocate space for count + 1 pointers and the data afterwards */
+
+	ctx->alpn_protos = ssl_mem_zalloc((count + 1) * sizeof(char *) + ac->len + 1);
+	if (!ctx->alpn_protos)
+		return;
+
+	/* convert to mbedtls format */
+
+	q = (unsigned char *)ctx->alpn_protos + (count + 1) * sizeof(char *);
+	p = ac->data;
+	count = 0;
+
+	len = *p++;
+	ctx->alpn_protos[count] = (char *)q;
+	while (p - ac->data < ac->len) {
+		if (len--) {
+			*q++ = *p++;
+			continue;
+		}
+		*q++ = '\0';
+		count++;
+		len = *p++;
+		ctx->alpn_protos[count] = (char *)q;
+		if (!len)
+			break;
+	}
+	ctx->alpn_protos[count] = NULL; /* last pointer ends list with NULL */
+
+	ctx->alpn_cb = cb;
+}
diff --git a/thirdparty/lws/mbedtls_wrapper/library/ssl_methods.c b/thirdparty/lws/mbedtls_wrapper/library/ssl_methods.c
new file mode 100644
index 0000000000..0002360846
--- /dev/null
+++ b/thirdparty/lws/mbedtls_wrapper/library/ssl_methods.c
@@ -0,0 +1,81 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "ssl_methods.h"
+#include "ssl_pm.h"
+
+/**
+ * TLS method function collection
+ */
+IMPLEMENT_TLS_METHOD_FUNC(TLS_method_func,
+        ssl_pm_new, ssl_pm_free,
+        ssl_pm_handshake, ssl_pm_shutdown, ssl_pm_clear,
+        ssl_pm_read, ssl_pm_send, ssl_pm_pending,
+        ssl_pm_set_fd, ssl_pm_get_fd,
+        ssl_pm_set_bufflen,
+        ssl_pm_get_verify_result,
+        ssl_pm_get_state);
+
+/**
+ * TLS or SSL client method collection
+ */
+IMPLEMENT_TLS_METHOD(TLS_ANY_VERSION, 0, TLS_method_func, TLS_client_method);
+
+IMPLEMENT_TLS_METHOD(TLS1_2_VERSION, 0, TLS_method_func, TLSv1_2_client_method);
+
+IMPLEMENT_TLS_METHOD(TLS1_1_VERSION, 0, TLS_method_func, TLSv1_1_client_method);
+
+IMPLEMENT_TLS_METHOD(TLS1_VERSION, 0, TLS_method_func, TLSv1_client_method);
+
+IMPLEMENT_SSL_METHOD(SSL3_VERSION, 0, TLS_method_func, SSLv3_client_method);
+
+/**
+ * TLS or SSL server method collection
+ */
+IMPLEMENT_TLS_METHOD(TLS_ANY_VERSION, 1, TLS_method_func, TLS_server_method);
+
+IMPLEMENT_TLS_METHOD(TLS1_1_VERSION, 1, TLS_method_func, TLSv1_1_server_method);
+
+IMPLEMENT_TLS_METHOD(TLS1_2_VERSION, 1, TLS_method_func, TLSv1_2_server_method);
+
+IMPLEMENT_TLS_METHOD(TLS1_VERSION, 0, TLS_method_func, TLSv1_server_method);
+
+IMPLEMENT_SSL_METHOD(SSL3_VERSION, 1, TLS_method_func, SSLv3_server_method);
+
+/**
+ * TLS or SSL method collection
+ */
+IMPLEMENT_TLS_METHOD(TLS_ANY_VERSION, -1, TLS_method_func, TLS_method);
+
+IMPLEMENT_SSL_METHOD(TLS1_2_VERSION, -1, TLS_method_func, TLSv1_2_method);
+
+IMPLEMENT_SSL_METHOD(TLS1_1_VERSION, -1, TLS_method_func, TLSv1_1_method);
+
+IMPLEMENT_SSL_METHOD(TLS1_VERSION, -1, TLS_method_func, TLSv1_method);
+
+IMPLEMENT_SSL_METHOD(SSL3_VERSION, -1, TLS_method_func, SSLv3_method);
+
+/**
+ * @brief get X509 object method
+ */
+IMPLEMENT_X509_METHOD(X509_method,
+            x509_pm_new, x509_pm_free,
+            x509_pm_load, x509_pm_show_info);
+
+/**
+ * @brief get private key object method
+ */
+IMPLEMENT_PKEY_METHOD(EVP_PKEY_method,
+            pkey_pm_new, pkey_pm_free,
+            pkey_pm_load);
diff --git a/thirdparty/lws/mbedtls_wrapper/library/ssl_pkey.c b/thirdparty/lws/mbedtls_wrapper/library/ssl_pkey.c
new file mode 100644
index 0000000000..567a33e2c2
--- /dev/null
+++ b/thirdparty/lws/mbedtls_wrapper/library/ssl_pkey.c
@@ -0,0 +1,239 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "ssl_pkey.h"
+#include "ssl_methods.h"
+#include "ssl_dbg.h"
+#include "ssl_port.h"
+
+/**
+ * @brief create a private key object according to input private key
+ */
+EVP_PKEY* __EVP_PKEY_new(EVP_PKEY *ipk)
+{
+    int ret;
+    EVP_PKEY *pkey;
+
+    pkey = ssl_mem_zalloc(sizeof(EVP_PKEY));
+    if (!pkey) {
+        SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "no enough memory > (pkey)");
+        goto no_mem;
+    }
+
+    if (ipk) {
+        pkey->method = ipk->method;
+    } else {
+        pkey->method = EVP_PKEY_method();
+    }
+
+    ret = EVP_PKEY_METHOD_CALL(new, pkey, ipk);
+    if (ret) {
+        SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "EVP_PKEY_METHOD_CALL(new) return %d", ret);
+        goto failed;
+    }
+
+    return pkey;
+
+failed:
+    ssl_mem_free(pkey);
+no_mem:
+    return NULL;
+}
+
+/**
+ * @brief create a private key object
+ */
+EVP_PKEY* EVP_PKEY_new(void)
+{
+    return __EVP_PKEY_new(NULL);
+}
+
+/**
+ * @brief free a private key object
+ */
+void EVP_PKEY_free(EVP_PKEY *pkey)
+{
+    SSL_ASSERT3(pkey);
+
+    EVP_PKEY_METHOD_CALL(free, pkey);
+
+    ssl_mem_free(pkey);
+}
+
+/**
+ * @brief load a character key context into system context. If '*a' is pointed to the
+ *        private key, then load key into it. Or create a new private key object
+ */
+EVP_PKEY *d2i_PrivateKey(int type,
+                         EVP_PKEY **a,
+                         const unsigned char **pp,
+                         long length)
+{
+    int m = 0;
+    int ret;
+    EVP_PKEY *pkey;
+
+    SSL_ASSERT2(pp);
+    SSL_ASSERT2(*pp);
+    SSL_ASSERT2(length);
+
+    if (a && *a) {
+        pkey = *a;
+    } else {
+        pkey = EVP_PKEY_new();;
+        if (!pkey) {
+            SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "EVP_PKEY_new() return NULL");
+            goto failed1;
+        }
+
+        m = 1;
+    }
+
+    ret = EVP_PKEY_METHOD_CALL(load, pkey, *pp, length);
+    if (ret) {
+        SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "EVP_PKEY_METHOD_CALL(load) return %d", ret);
+        goto failed2;
+    }
+
+    if (a)
+        *a = pkey;
+
+    return pkey;
+
+failed2:
+    if (m)
+        EVP_PKEY_free(pkey);
+failed1:
+    return NULL;
+}
+
+/**
+ * @brief set the SSL context private key
+ */
+int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
+{
+    SSL_ASSERT1(ctx);
+    SSL_ASSERT1(pkey);
+
+    if (ctx->cert->pkey == pkey)
+        return 1;
+
+    if (ctx->cert->pkey)
+        EVP_PKEY_free(ctx->cert->pkey);
+
+    ctx->cert->pkey = pkey;
+
+    return 1;
+}
+
+/**
+ * @brief set the SSL private key
+ */
+int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
+{
+    SSL_ASSERT1(ssl);
+    SSL_ASSERT1(pkey);
+
+    if (ssl->cert->pkey == pkey)
+        return 1;
+
+    if (ssl->cert->pkey)
+        EVP_PKEY_free(ssl->cert->pkey);
+
+    ssl->cert->pkey = pkey;
+
+    return 1;
+}
+
+/**
+ * @brief load private key into the SSL context
+ */
+int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx,
+                                const unsigned char *d, long len)
+{
+    int ret;
+    EVP_PKEY *pk;
+
+    pk = d2i_PrivateKey(0, NULL, &d, len);
+    if (!pk) {
+        SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "d2i_PrivateKey() return NULL");
+        goto failed1;
+    }
+
+    ret = SSL_CTX_use_PrivateKey(ctx, pk);
+    if (!ret) {
+        SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "SSL_CTX_use_PrivateKey() return %d", ret);
+        goto failed2;
+    }
+
+    return 1;
+
+failed2:
+    EVP_PKEY_free(pk);
+failed1:
+    return 0;
+}
+
+/**
+ * @brief load private key into the SSL
+ */
+int SSL_use_PrivateKey_ASN1(int type, SSL *ssl,
+                                const unsigned char *d, long len)
+{
+    int ret;
+    EVP_PKEY *pk;
+
+    pk = d2i_PrivateKey(0, NULL, &d, len);
+    if (!pk) {
+        SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "d2i_PrivateKey() return NULL");
+        goto failed1;
+    }
+
+    ret = SSL_use_PrivateKey(ssl, pk);
+    if (!ret) {
+        SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "SSL_use_PrivateKey() return %d", ret);
+        goto failed2;
+    }
+
+    return 1;
+
+failed2:
+    EVP_PKEY_free(pk);
+failed1:
+    return 0;
+}
+
+/**
+ * @brief load the private key file into SSL context
+ */
+int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
+{
+    return 0;
+}
+
+/**
+ * @brief load the private key file into SSL
+ */
+int SSL_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
+{
+    return 0;
+}
+
+/**
+ * @brief load the RSA ASN1 private key into SSL context
+ */
+int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len)
+{
+    return SSL_CTX_use_PrivateKey_ASN1(0, ctx, d, len);
+}
diff --git a/thirdparty/lws/mbedtls_wrapper/library/ssl_stack.c b/thirdparty/lws/mbedtls_wrapper/library/ssl_stack.c
new file mode 100644
index 0000000000..da836daf9c
--- /dev/null
+++ b/thirdparty/lws/mbedtls_wrapper/library/ssl_stack.c
@@ -0,0 +1,74 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "ssl_stack.h"
+#include "ssl_dbg.h"
+#include "ssl_port.h"
+
+#ifndef CONFIG_MIN_NODES
+    #define MIN_NODES 4
+#else
+    #define MIN_NODES CONFIG_MIN_NODES
+#endif
+
+/**
+ * @brief create a openssl stack object
+ */
+OPENSSL_STACK* OPENSSL_sk_new(OPENSSL_sk_compfunc c)
+{
+    OPENSSL_STACK *stack;
+    char **data;
+
+    stack = ssl_mem_zalloc(sizeof(OPENSSL_STACK));
+    if (!stack) {
+        SSL_DEBUG(SSL_STACK_ERROR_LEVEL, "no enough memory > (stack)");
+        goto no_mem1;
+    }
+
+    data = ssl_mem_zalloc(sizeof(*data) * MIN_NODES);
+    if (!data) {
+        SSL_DEBUG(SSL_STACK_ERROR_LEVEL, "no enough memory > (data)");
+        goto no_mem2;
+    }
+
+    stack->data = data;
+    stack->num_alloc = MIN_NODES;
+    stack->c = c;
+
+    return stack;
+
+no_mem2:
+    ssl_mem_free(stack);
+no_mem1:
+    return NULL;
+}
+
+/**
+ * @brief create a NULL function openssl stack object
+ */
+OPENSSL_STACK *OPENSSL_sk_new_null(void)
+{
+    return OPENSSL_sk_new((OPENSSL_sk_compfunc)NULL);
+}
+
+/**
+ * @brief free openssl stack object
+ */
+void OPENSSL_sk_free(OPENSSL_STACK *stack)
+{
+    SSL_ASSERT3(stack);
+
+    ssl_mem_free(stack->data);
+    ssl_mem_free(stack);
+}
diff --git a/thirdparty/lws/mbedtls_wrapper/library/ssl_x509.c b/thirdparty/lws/mbedtls_wrapper/library/ssl_x509.c
new file mode 100644
index 0000000000..4441490a03
--- /dev/null
+++ b/thirdparty/lws/mbedtls_wrapper/library/ssl_x509.c
@@ -0,0 +1,330 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "ssl_x509.h"
+#include "ssl_methods.h"
+#include "ssl_dbg.h"
+#include "ssl_port.h"
+
+/**
+ * @brief show X509 certification information
+ */
+int __X509_show_info(X509 *x)
+{
+    return X509_METHOD_CALL(show_info, x);
+}
+
+/**
+ * @brief create a X509 certification object according to input X509 certification
+ */
+X509* __X509_new(X509 *ix)
+{
+    int ret;
+    X509 *x;
+
+    x = ssl_mem_zalloc(sizeof(X509));
+    if (!x) {
+        SSL_DEBUG(SSL_X509_ERROR_LEVEL, "no enough memory > (x)");
+        goto no_mem;
+    }
+
+    if (ix)
+        x->method = ix->method;
+    else
+        x->method = X509_method();
+
+    ret = X509_METHOD_CALL(new, x, ix);
+    if (ret) {
+        SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "X509_METHOD_CALL(new) return %d", ret);
+        goto failed;
+    }
+
+    return x;
+
+failed:
+    ssl_mem_free(x);
+no_mem:
+    return NULL;
+}
+
+/**
+ * @brief create a X509 certification object
+ */
+X509* X509_new(void)
+{
+    return __X509_new(NULL);
+}
+
+/**
+ * @brief free a X509 certification object
+ */
+void X509_free(X509 *x)
+{
+    SSL_ASSERT3(x);
+
+    X509_METHOD_CALL(free, x);
+
+    ssl_mem_free(x);
+};
+
+/**
+ * @brief load a character certification context into system context. If '*cert' is pointed to the
+ *        certification, then load certification into it. Or create a new X509 certification object
+ */
+X509* d2i_X509(X509 **cert, const unsigned char *buffer, long len)
+{
+    int m = 0;
+    int ret;
+    X509 *x;
+
+    SSL_ASSERT2(buffer);
+    SSL_ASSERT2(len);
+
+    if (cert && *cert) {
+        x = *cert;
+    } else {
+        x = X509_new();
+        if (!x) {
+            SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "X509_new() return NULL");
+            goto failed1;
+        }
+        m = 1;
+    }
+
+    ret = X509_METHOD_CALL(load, x, buffer, len);
+    if (ret) {
+        SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "X509_METHOD_CALL(load) return %d", ret);
+        goto failed2;
+    }
+
+    return x;
+
+failed2:
+    if (m)
+        X509_free(x);
+failed1:
+    return NULL;
+}
+
+/**
+ * @brief return SSL X509 verify parameters
+ */
+
+X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl)
+{
+	return &ssl->param;
+}
+
+/**
+ * @brief set X509 host verification flags
+ */
+
+int X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+				    unsigned long flags)
+{
+	/* flags not supported yet */
+	return 0;
+}
+
+/**
+ * @brief clear X509 host verification flags
+ */
+
+int X509_VERIFY_PARAM_clear_hostflags(X509_VERIFY_PARAM *param,
+				      unsigned long flags)
+{
+	/* flags not supported yet */
+	return 0;
+}
+
+/**
+ * @brief set SSL context client CA certification
+ */
+int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x)
+{
+    SSL_ASSERT1(ctx);
+    SSL_ASSERT1(x);
+
+    if (ctx->client_CA == x)
+        return 1;
+
+    X509_free(ctx->client_CA);
+
+    ctx->client_CA = x;
+
+    return 1;
+}
+
+/**
+ * @brief add CA client certification into the SSL
+ */
+int SSL_add_client_CA(SSL *ssl, X509 *x)
+{
+    SSL_ASSERT1(ssl);
+    SSL_ASSERT1(x);
+
+    if (ssl->client_CA == x)
+        return 1;
+
+    X509_free(ssl->client_CA);
+
+    ssl->client_CA = x;
+
+    return 1;
+}
+
+/**
+ * @brief set the SSL context certification
+ */
+int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
+{
+    SSL_ASSERT1(ctx);
+    SSL_ASSERT1(x);
+
+    if (ctx->cert->x509 == x)
+        return 1;
+
+    X509_free(ctx->cert->x509);
+
+    ctx->cert->x509 = x;
+
+    return 1;
+}
+
+/**
+ * @brief set the SSL certification
+ */
+int SSL_use_certificate(SSL *ssl, X509 *x)
+{
+    SSL_ASSERT1(ssl);
+    SSL_ASSERT1(x);
+
+    if (ssl->cert->x509 == x)
+        return 1;
+
+    X509_free(ssl->cert->x509);
+
+    ssl->cert->x509 = x;
+
+    return 1;
+}
+
+/**
+ * @brief get the SSL certification point
+ */
+X509 *SSL_get_certificate(const SSL *ssl)
+{
+    SSL_ASSERT2(ssl);
+
+    return ssl->cert->x509;
+}
+
+/**
+ * @brief load certification into the SSL context
+ */
+int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len,
+                                 const unsigned char *d)
+{
+    int ret;
+    X509 *x;
+
+    x = d2i_X509(NULL, d, len);
+    if (!x) {
+        SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "d2i_X509() return NULL");
+        goto failed1;
+    }
+
+    ret = SSL_CTX_use_certificate(ctx, x);
+    if (!ret) {
+        SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "SSL_CTX_use_certificate() return %d", ret);
+        goto failed2;
+    }
+
+    return 1;
+
+failed2:
+    X509_free(x);
+failed1:
+    return 0;
+}
+
+/**
+ * @brief load certification into the SSL
+ */
+int SSL_use_certificate_ASN1(SSL *ssl, int len,
+                             const unsigned char *d)
+{
+    int ret;
+    X509 *x;
+
+    x = d2i_X509(NULL, d, len);
+    if (!x) {
+        SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "d2i_X509() return NULL");
+        goto failed1;
+    }
+
+    ret = SSL_use_certificate(ssl, x);
+    if (!ret) {
+        SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "SSL_use_certificate() return %d", ret);
+        goto failed2;
+    }
+
+    return 1;
+
+failed2:
+    X509_free(x);
+failed1:
+    return 0;
+}
+
+/**
+ * @brief load the certification file into SSL context
+ */
+int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
+{
+    return 0;
+}
+
+/**
+ * @brief load the certification file into SSL
+ */
+int SSL_use_certificate_file(SSL *ssl, const char *file, int type)
+{
+    return 0;
+}
+
+/**
+ * @brief get peer certification
+ */
+X509 *SSL_get_peer_certificate(const SSL *ssl)
+{
+    SSL_ASSERT2(ssl);
+
+    return ssl->session->peer;
+}
+
+int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx)
+{
+	return X509_V_ERR_UNSPECIFIED;
+}
+
+int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx)
+{
+	return 0;
+}
+
+const char *X509_verify_cert_error_string(long n)
+{
+	return "unknown";
+}
diff --git a/thirdparty/lws/mbedtls_wrapper/platform/ssl_pm.c b/thirdparty/lws/mbedtls_wrapper/platform/ssl_pm.c
new file mode 100644
index 0000000000..536733fbab
--- /dev/null
+++ b/thirdparty/lws/mbedtls_wrapper/platform/ssl_pm.c
@@ -0,0 +1,736 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "ssl_pm.h"
+#include "ssl_port.h"
+#include "ssl_dbg.h"
+
+/* mbedtls include */
+#include "mbedtls/platform.h"
+#include "mbedtls/net_sockets.h"
+#include "mbedtls/debug.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/error.h"
+#include "mbedtls/certs.h"
+
+#define X509_INFO_STRING_LENGTH 8192
+
+struct ssl_pm
+{
+    /* local socket file description */
+    mbedtls_net_context fd;
+    /* remote client socket file description */
+    mbedtls_net_context cl_fd;
+
+    mbedtls_ssl_config conf;
+
+    mbedtls_ctr_drbg_context ctr_drbg;
+
+    mbedtls_ssl_context ssl;
+
+    mbedtls_entropy_context entropy;
+};
+
+struct x509_pm
+{
+    mbedtls_x509_crt *x509_crt;
+
+    mbedtls_x509_crt *ex_crt;
+};
+
+struct pkey_pm
+{
+    mbedtls_pk_context *pkey;
+
+    mbedtls_pk_context *ex_pkey;
+};
+
+unsigned int max_content_len;
+
+/*********************************************************************************************/
+/************************************ SSL arch interface *************************************/
+
+#ifdef CONFIG_OPENSSL_LOWLEVEL_DEBUG
+
+/* mbedtls debug level */
+#define MBEDTLS_DEBUG_LEVEL 4
+
+/**
+ * @brief mbedtls debug function
+ */
+static void ssl_platform_debug(void *ctx, int level,
+                     const char *file, int line,
+                     const char *str)
+{
+    /* Shorten 'file' from the whole file path to just the filename
+
+       This is a bit wasteful because the macros are compiled in with
+       the full _FILE_ path in each case.
+    */
+    char *file_sep = rindex(file, '/');
+    if(file_sep)
+        file = file_sep + 1;
+
+    SSL_DEBUG(SSL_DEBUG_ON, "%s:%d %s", file, line, str);
+}
+#endif
+
+/**
+ * @brief create SSL low-level object
+ */
+int ssl_pm_new(SSL *ssl)
+{
+    struct ssl_pm *ssl_pm;
+    int ret;
+
+    const unsigned char pers[] = "OpenSSL PM";
+    size_t pers_len = sizeof(pers);
+
+    int endpoint;
+    int version;
+
+    const SSL_METHOD *method = ssl->method;
+
+    ssl_pm = ssl_mem_zalloc(sizeof(struct ssl_pm));
+    if (!ssl_pm) {
+        SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "no enough memory > (ssl_pm)");
+        goto no_mem;
+    }
+
+    if (!ssl->ctx->read_buffer_len)
+	    ssl->ctx->read_buffer_len = 2048;
+
+    max_content_len = ssl->ctx->read_buffer_len;
+    // printf("ssl->ctx->read_buffer_len = %d ++++++++++++++++++++\n", ssl->ctx->read_buffer_len);
+
+    mbedtls_net_init(&ssl_pm->fd);
+    mbedtls_net_init(&ssl_pm->cl_fd);
+
+    mbedtls_ssl_config_init(&ssl_pm->conf);
+    mbedtls_ctr_drbg_init(&ssl_pm->ctr_drbg);
+    mbedtls_entropy_init(&ssl_pm->entropy);
+    mbedtls_ssl_init(&ssl_pm->ssl);
+
+    ret = mbedtls_ctr_drbg_seed(&ssl_pm->ctr_drbg, mbedtls_entropy_func, &ssl_pm->entropy, pers, pers_len);
+    if (ret) {
+        SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ctr_drbg_seed() return -0x%x", -ret);
+        goto mbedtls_err1;
+    }
+
+    if (method->endpoint) {
+        endpoint = MBEDTLS_SSL_IS_SERVER;
+    } else {
+        endpoint = MBEDTLS_SSL_IS_CLIENT;
+    }
+    ret = mbedtls_ssl_config_defaults(&ssl_pm->conf, endpoint, MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT);
+    if (ret) {
+        SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ssl_config_defaults() return -0x%x", -ret);
+        goto mbedtls_err2;
+    }
+
+    if (TLS_ANY_VERSION != ssl->version) {
+        if (TLS1_2_VERSION == ssl->version)
+            version = MBEDTLS_SSL_MINOR_VERSION_3;
+        else if (TLS1_1_VERSION == ssl->version)
+            version = MBEDTLS_SSL_MINOR_VERSION_2;
+        else if (TLS1_VERSION == ssl->version)
+            version = MBEDTLS_SSL_MINOR_VERSION_1;
+        else
+            version = MBEDTLS_SSL_MINOR_VERSION_0;
+
+        mbedtls_ssl_conf_max_version(&ssl_pm->conf, MBEDTLS_SSL_MAJOR_VERSION_3, version);
+        mbedtls_ssl_conf_min_version(&ssl_pm->conf, MBEDTLS_SSL_MAJOR_VERSION_3, version);
+    } else {
+        mbedtls_ssl_conf_max_version(&ssl_pm->conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3);
+        mbedtls_ssl_conf_min_version(&ssl_pm->conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0);
+    }
+
+    mbedtls_ssl_conf_rng(&ssl_pm->conf, mbedtls_ctr_drbg_random, &ssl_pm->ctr_drbg);
+
+#ifdef CONFIG_OPENSSL_LOWLEVEL_DEBUG
+    mbedtls_debug_set_threshold(MBEDTLS_DEBUG_LEVEL);
+    mbedtls_ssl_conf_dbg(&ssl_pm->conf, ssl_platform_debug, NULL);
+#else
+    mbedtls_ssl_conf_dbg(&ssl_pm->conf, NULL, NULL);
+#endif
+
+    ret = mbedtls_ssl_setup(&ssl_pm->ssl, &ssl_pm->conf);
+    if (ret) {
+        SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ssl_setup() return -0x%x", -ret);
+        goto mbedtls_err2;
+    }
+
+    mbedtls_ssl_set_bio(&ssl_pm->ssl, &ssl_pm->fd, mbedtls_net_send, mbedtls_net_recv, NULL);
+
+    ssl->ssl_pm = ssl_pm;
+
+    return 0;
+
+mbedtls_err2:
+    mbedtls_ssl_config_free(&ssl_pm->conf);
+    mbedtls_ctr_drbg_free(&ssl_pm->ctr_drbg);
+mbedtls_err1:
+    mbedtls_entropy_free(&ssl_pm->entropy);
+    ssl_mem_free(ssl_pm);
+no_mem:
+    return -1;
+}
+
+/**
+ * @brief free SSL low-level object
+ */
+void ssl_pm_free(SSL *ssl)
+{
+    struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm;
+
+    mbedtls_ctr_drbg_free(&ssl_pm->ctr_drbg);
+    mbedtls_entropy_free(&ssl_pm->entropy);
+    mbedtls_ssl_config_free(&ssl_pm->conf);
+    mbedtls_ssl_free(&ssl_pm->ssl);
+
+    ssl_mem_free(ssl_pm);
+    ssl->ssl_pm = NULL;
+}
+
+/**
+ * @brief reload SSL low-level certification object
+ */
+static int ssl_pm_reload_crt(SSL *ssl)
+{
+    int ret;
+    int mode;
+    struct ssl_pm *ssl_pm = ssl->ssl_pm;
+    struct x509_pm *ca_pm = (struct x509_pm *)ssl->client_CA->x509_pm;
+
+    struct pkey_pm *pkey_pm = (struct pkey_pm *)ssl->cert->pkey->pkey_pm;
+    struct x509_pm *crt_pm = (struct x509_pm *)ssl->cert->x509->x509_pm;
+
+    if (ssl->verify_mode == SSL_VERIFY_PEER)
+        mode = MBEDTLS_SSL_VERIFY_REQUIRED;
+    else if (ssl->verify_mode == SSL_VERIFY_FAIL_IF_NO_PEER_CERT)
+        mode = MBEDTLS_SSL_VERIFY_OPTIONAL;
+    else if (ssl->verify_mode == SSL_VERIFY_CLIENT_ONCE)
+        mode = MBEDTLS_SSL_VERIFY_UNSET;
+    else
+        mode = MBEDTLS_SSL_VERIFY_NONE;
+
+    mbedtls_ssl_conf_authmode(&ssl_pm->conf, mode);
+
+    if (ca_pm->x509_crt) {
+        mbedtls_ssl_conf_ca_chain(&ssl_pm->conf, ca_pm->x509_crt, NULL);
+    } else if (ca_pm->ex_crt) {
+        mbedtls_ssl_conf_ca_chain(&ssl_pm->conf, ca_pm->ex_crt, NULL);
+    }
+
+    if (crt_pm->x509_crt && pkey_pm->pkey) {
+        ret = mbedtls_ssl_conf_own_cert(&ssl_pm->conf, crt_pm->x509_crt, pkey_pm->pkey);
+    } else if (crt_pm->ex_crt && pkey_pm->ex_pkey) {
+        ret = mbedtls_ssl_conf_own_cert(&ssl_pm->conf, crt_pm->ex_crt, pkey_pm->ex_pkey);
+    } else {
+        ret = 0;
+    }
+
+    if (ret) {
+        SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ssl_conf_own_cert() return -0x%x", -ret);
+        ret = -1;
+    }
+
+    return ret;
+}
+
+/*
+ * Perform the mbedtls SSL handshake instead of mbedtls_ssl_handshake.
+ * We can add debug here.
+ */
+static int mbedtls_handshake( mbedtls_ssl_context *ssl )
+{
+    int ret = 0;
+
+    while (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) {
+        ret = mbedtls_ssl_handshake_step(ssl);
+
+        SSL_DEBUG(SSL_PLATFORM_DEBUG_LEVEL, "ssl ret %d state %d", ret, ssl->state);
+
+        if (ret != 0)
+            break;
+    }
+
+    return ret;
+}
+
+int ssl_pm_handshake(SSL *ssl)
+{
+    int ret;
+    struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm;
+
+    ret = ssl_pm_reload_crt(ssl);
+    if (ret)
+        return 0;
+
+    if (ssl_pm->ssl.state != MBEDTLS_SSL_HANDSHAKE_OVER) {
+	    ssl_speed_up_enter();
+
+	   /* mbedtls return codes
+	    * 0 = successful, or MBEDTLS_ERR_SSL_WANT_READ/WRITE
+	    * anything else = death
+	    */
+	    ret = mbedtls_handshake(&ssl_pm->ssl);
+	    ssl_speed_up_exit();
+    } else
+	    ret = 0;
+
+    /*
+     * OpenSSL return codes:
+     *   0 = did not complete, but may be retried
+     *   1 = successfully completed
+     *   <0 = death
+     */
+    if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) {
+        SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ssl_handshake() return -0x%x", -ret);
+        return 0; /* OpenSSL: did not complete but may be retried */
+    }
+
+    if (ret == 0) { /* successful */
+        struct x509_pm *x509_pm = (struct x509_pm *)ssl->session->peer->x509_pm;
+
+        x509_pm->ex_crt = (mbedtls_x509_crt *)mbedtls_ssl_get_peer_cert(&ssl_pm->ssl);
+        return 1; /* openssl successful */
+    }
+
+    /* it's had it */
+
+    ssl->err = SSL_ERROR_SYSCALL;
+
+    return -1; /* openssl death */
+}
+
+int ssl_pm_shutdown(SSL *ssl)
+{
+    int ret;
+    struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm;
+
+    ret = mbedtls_ssl_close_notify(&ssl_pm->ssl);
+    if (ret) {
+        SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ssl_close_notify() return -0x%x", -ret);
+        if (ret == MBEDTLS_ERR_NET_CONN_RESET)
+		ssl->err = SSL_ERROR_SYSCALL;
+	 ret = -1; /* OpenSSL: "Call SSL_get_error with the return value to find the reason */
+    } else {
+        struct x509_pm *x509_pm = (struct x509_pm *)ssl->session->peer->x509_pm;
+
+        x509_pm->ex_crt = NULL;
+        ret = 1; /* OpenSSL: "The shutdown was successfully completed"
+		     ...0 means retry */
+    }
+
+    return ret;
+}
+
+int ssl_pm_clear(SSL *ssl)
+{
+    return ssl_pm_shutdown(ssl);
+}
+
+
+int ssl_pm_read(SSL *ssl, void *buffer, int len)
+{
+    int ret;
+    struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm;
+
+    ret = mbedtls_ssl_read(&ssl_pm->ssl, buffer, len);
+    if (ret < 0) {
+        SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ssl_read() return -0x%x", -ret);
+        if (ret == MBEDTLS_ERR_NET_CONN_RESET)
+		ssl->err = SSL_ERROR_SYSCALL;
+        ret = -1;
+    }
+
+    return ret;
+}
+
+int ssl_pm_send(SSL *ssl, const void *buffer, int len)
+{
+    int ret;
+    struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm;
+
+    ret = mbedtls_ssl_write(&ssl_pm->ssl, buffer, len);
+    if (ret < 0) {
+	if (ret == MBEDTLS_ERR_NET_CONN_RESET)
+		ssl->err = SSL_ERROR_SYSCALL;
+        SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ssl_write() return -0x%x", -ret);
+        ret = -1;
+    }
+
+    return ret;
+}
+
+int ssl_pm_pending(const SSL *ssl)
+{
+    struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm;
+
+    return mbedtls_ssl_get_bytes_avail(&ssl_pm->ssl);
+}
+
+void ssl_pm_set_fd(SSL *ssl, int fd, int mode)
+{
+    struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm;
+
+    ssl_pm->fd.fd = fd;
+}
+
+int ssl_pm_get_fd(const SSL *ssl, int mode)
+{
+    struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm;
+
+    return ssl_pm->fd.fd;
+}
+
+OSSL_HANDSHAKE_STATE ssl_pm_get_state(const SSL *ssl)
+{
+    OSSL_HANDSHAKE_STATE state;
+
+    struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm;
+
+    switch (ssl_pm->ssl.state)
+    {
+        case MBEDTLS_SSL_CLIENT_HELLO:
+            state = TLS_ST_CW_CLNT_HELLO;
+            break;
+        case MBEDTLS_SSL_SERVER_HELLO:
+            state = TLS_ST_SW_SRVR_HELLO;
+            break;
+        case MBEDTLS_SSL_SERVER_CERTIFICATE:
+            state = TLS_ST_SW_CERT;
+            break;
+        case MBEDTLS_SSL_SERVER_HELLO_DONE:
+            state = TLS_ST_SW_SRVR_DONE;
+            break;
+        case MBEDTLS_SSL_CLIENT_KEY_EXCHANGE:
+            state = TLS_ST_CW_KEY_EXCH;
+            break;
+        case MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC:
+            state = TLS_ST_CW_CHANGE;
+            break;
+        case MBEDTLS_SSL_CLIENT_FINISHED:
+            state = TLS_ST_CW_FINISHED;
+            break;
+        case MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC:
+            state = TLS_ST_SW_CHANGE;
+            break;
+        case MBEDTLS_SSL_SERVER_FINISHED:
+            state = TLS_ST_SW_FINISHED;
+            break;
+        case MBEDTLS_SSL_CLIENT_CERTIFICATE:
+            state = TLS_ST_CW_CERT;
+            break;
+        case MBEDTLS_SSL_SERVER_KEY_EXCHANGE:
+            state = TLS_ST_SR_KEY_EXCH;
+            break;
+        case MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET:
+            state = TLS_ST_SW_SESSION_TICKET;
+            break;
+        case MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT:
+            state = TLS_ST_SW_CERT_REQ;
+            break;
+        case MBEDTLS_SSL_HANDSHAKE_OVER:
+            state = TLS_ST_OK;
+            break;
+        default :
+            state = TLS_ST_BEFORE;
+            break;
+    }
+
+    return state;
+}
+
+int x509_pm_show_info(X509 *x)
+{
+    int ret;
+    char *buf;
+    mbedtls_x509_crt *x509_crt;
+    struct x509_pm *x509_pm = x->x509_pm;
+
+    if (x509_pm->x509_crt)
+        x509_crt = x509_pm->x509_crt;
+    else if (x509_pm->ex_crt)
+        x509_crt = x509_pm->ex_crt;
+    else
+        x509_crt = NULL;
+
+    if (!x509_crt)
+        return -1;
+
+    buf = ssl_mem_malloc(X509_INFO_STRING_LENGTH);
+    if (!buf) {
+        SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "no enough memory > (buf)");
+        goto no_mem;
+    }
+
+    ret = mbedtls_x509_crt_info(buf, X509_INFO_STRING_LENGTH - 1, "", x509_crt);
+    if (ret <= 0) {
+        SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_x509_crt_info() return -0x%x", -ret);
+        goto mbedtls_err1;
+    }
+
+    buf[ret] = 0;
+
+    ssl_mem_free(buf);
+
+    SSL_DEBUG(SSL_DEBUG_ON, "%s", buf);
+
+    return 0;
+
+mbedtls_err1:
+    ssl_mem_free(buf);
+no_mem:
+    return -1;
+}
+
+int x509_pm_new(X509 *x, X509 *m_x)
+{
+    struct x509_pm *x509_pm;
+
+    x509_pm = ssl_mem_zalloc(sizeof(struct x509_pm));
+    if (!x509_pm) {
+        SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "no enough memory > (x509_pm)");
+        goto failed1;
+    }
+
+    x->x509_pm = x509_pm;
+
+    if (m_x) {
+        struct x509_pm *m_x509_pm = (struct x509_pm *)m_x->x509_pm;
+
+        x509_pm->ex_crt = m_x509_pm->x509_crt;
+    }
+
+    return 0;
+
+failed1:
+    return -1;
+}
+
+void x509_pm_free(X509 *x)
+{
+    struct x509_pm *x509_pm = (struct x509_pm *)x->x509_pm;
+
+    if (x509_pm->x509_crt) {
+        mbedtls_x509_crt_free(x509_pm->x509_crt);
+
+        ssl_mem_free(x509_pm->x509_crt);
+        x509_pm->x509_crt = NULL;
+    }
+
+    ssl_mem_free(x->x509_pm);
+    x->x509_pm = NULL;
+}
+
+int x509_pm_load(X509 *x, const unsigned char *buffer, int len)
+{
+    int ret;
+    unsigned char *load_buf;
+    struct x509_pm *x509_pm = (struct x509_pm *)x->x509_pm;
+
+	if (x509_pm->x509_crt)
+        mbedtls_x509_crt_free(x509_pm->x509_crt);
+
+    if (!x509_pm->x509_crt) {
+        x509_pm->x509_crt = ssl_mem_malloc(sizeof(mbedtls_x509_crt));
+        if (!x509_pm->x509_crt) {
+            SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "no enough memory > (x509_pm->x509_crt)");
+            goto no_mem;
+        }
+    }
+
+    load_buf = ssl_mem_malloc(len + 1);
+    if (!load_buf) {
+        SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "no enough memory > (load_buf)");
+        goto failed;
+    }
+
+    ssl_memcpy(load_buf, buffer, len);
+    load_buf[len] = '\0';
+
+    mbedtls_x509_crt_init(x509_pm->x509_crt);
+
+    ret = mbedtls_x509_crt_parse(x509_pm->x509_crt, load_buf, len + 1);
+    ssl_mem_free(load_buf);
+
+    if (ret) {
+        SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_x509_crt_parse return -0x%x", -ret);
+        goto failed;
+    }
+
+    return 0;
+
+failed:
+    mbedtls_x509_crt_free(x509_pm->x509_crt);
+    ssl_mem_free(x509_pm->x509_crt);
+    x509_pm->x509_crt = NULL;
+no_mem:
+    return -1;
+}
+
+int pkey_pm_new(EVP_PKEY *pk, EVP_PKEY *m_pkey)
+{
+    struct pkey_pm *pkey_pm;
+
+    pkey_pm = ssl_mem_zalloc(sizeof(struct pkey_pm));
+    if (!pkey_pm)
+        return -1;
+
+    pk->pkey_pm = pkey_pm;
+
+    if (m_pkey) {
+        struct pkey_pm *m_pkey_pm = (struct pkey_pm *)m_pkey->pkey_pm;
+
+        pkey_pm->ex_pkey = m_pkey_pm->pkey;
+    }
+
+    return 0;
+}
+
+void pkey_pm_free(EVP_PKEY *pk)
+{
+    struct pkey_pm *pkey_pm = (struct pkey_pm *)pk->pkey_pm;
+
+    if (pkey_pm->pkey) {
+        mbedtls_pk_free(pkey_pm->pkey);
+
+        ssl_mem_free(pkey_pm->pkey);
+        pkey_pm->pkey = NULL;
+    }
+
+    ssl_mem_free(pk->pkey_pm);
+    pk->pkey_pm = NULL;
+}
+
+int pkey_pm_load(EVP_PKEY *pk, const unsigned char *buffer, int len)
+{
+    int ret;
+    unsigned char *load_buf;
+    struct pkey_pm *pkey_pm = (struct pkey_pm *)pk->pkey_pm;
+
+    if (pkey_pm->pkey)
+        mbedtls_pk_free(pkey_pm->pkey);
+
+    if (!pkey_pm->pkey) {
+        pkey_pm->pkey = ssl_mem_malloc(sizeof(mbedtls_pk_context));
+        if (!pkey_pm->pkey) {
+            SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "no enough memory > (pkey_pm->pkey)");
+            goto no_mem;
+        }
+    }
+
+    load_buf = ssl_mem_malloc(len + 1);
+    if (!load_buf) {
+        SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "no enough memory > (load_buf)");
+        goto failed;
+    }
+
+    ssl_memcpy(load_buf, buffer, len);
+    load_buf[len] = '\0';
+
+    mbedtls_pk_init(pkey_pm->pkey);
+
+    ret = mbedtls_pk_parse_key(pkey_pm->pkey, load_buf, len + 1, NULL, 0);
+    ssl_mem_free(load_buf);
+
+    if (ret) {
+        SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_pk_parse_key return -0x%x", -ret);
+        goto failed;
+    }
+
+    return 0;
+
+failed:
+    mbedtls_pk_free(pkey_pm->pkey);
+    ssl_mem_free(pkey_pm->pkey);
+    pkey_pm->pkey = NULL;
+no_mem:
+    return -1;
+}
+
+
+
+void ssl_pm_set_bufflen(SSL *ssl, int len)
+{
+    max_content_len = len;
+}
+
+long ssl_pm_get_verify_result(const SSL *ssl)
+{
+    uint32_t ret;
+    long verify_result;
+    struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm;
+
+    ret = mbedtls_ssl_get_verify_result(&ssl_pm->ssl);
+    if (ret) {
+        SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ssl_get_verify_result() return 0x%x", ret);
+        verify_result = X509_V_ERR_UNSPECIFIED;
+    } else
+        verify_result = X509_V_OK;
+
+    return verify_result;
+}
+
+/**
+ * @brief set expected hostname on peer cert CN
+ */
+
+int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                const char *name, size_t namelen)
+{
+	SSL *ssl = (SSL *)((char *)param - offsetof(SSL, param));
+	struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm;
+	char *name_cstr = NULL;
+
+	if (namelen) {
+		name_cstr = malloc(namelen + 1);
+		if (!name_cstr)
+			return 0;
+		memcpy(name_cstr, name, namelen);
+		name_cstr[namelen] = '\0';
+		name = name_cstr;
+	}
+
+	mbedtls_ssl_set_hostname(&ssl_pm->ssl, name);
+
+	if (namelen)
+		free(name_cstr);
+
+	return 1;
+}
+
+void _ssl_set_alpn_list(const SSL *ssl)
+{
+	if (!ssl->ctx->alpn_protos)
+		return;
+	if (mbedtls_ssl_conf_alpn_protocols(&((struct ssl_pm *)(ssl->ssl_pm))->conf, ssl->ctx->alpn_protos))
+		fprintf(stderr, "mbedtls_ssl_conf_alpn_protocols failed\n");
+}
+
+void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
+                            unsigned int *len)
+{
+	const char *alp = mbedtls_ssl_get_alpn_protocol(&((struct ssl_pm *)(ssl->ssl_pm))->ssl);
+
+	*data = (const unsigned char *)alp;
+	if (alp)
+		*len = strlen(alp);
+	else
+		*len = 0;
+}
+
diff --git a/thirdparty/lws/mbedtls_wrapper/platform/ssl_port.c b/thirdparty/lws/mbedtls_wrapper/platform/ssl_port.c
new file mode 100644
index 0000000000..8c7a31338b
--- /dev/null
+++ b/thirdparty/lws/mbedtls_wrapper/platform/ssl_port.c
@@ -0,0 +1,29 @@
+// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "ssl_port.h"
+
+/*********************************************************************************************/
+/********************************* SSL general interface *************************************/
+
+void *ssl_mem_zalloc(size_t size)
+{
+    void *p = malloc(size);
+
+    if (p)
+        memset(p, 0, size);
+
+    return p;
+}
+
diff --git a/thirdparty/lws/minilex.c b/thirdparty/lws/minilex.c
new file mode 100644
index 0000000000..3cb1e33696
--- /dev/null
+++ b/thirdparty/lws/minilex.c
@@ -0,0 +1,272 @@
+/*
+ * minilex.c
+ *
+ * High efficiency lexical state parser
+ *
+ * Copyright (C)2011-2014 Andy Green <andy@warmcat.com>
+ *
+ * Licensed under LGPL2
+ *
+ * Usage: gcc minilex.c -o minilex && ./minilex > lextable.h
+ *
+ * Run it twice to test parsing on the generated table on stderr
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "lextable-strings.h"
+
+/*
+ * b7 = 0 = 1-byte seq
+ *	    0x08 = fail
+ *	    2-byte seq
+ *	    0x00 - 0x07, then terminal as given in 2nd byte
+	    3-byte seq
+ *	    no match: go fwd 3 byte, match: jump fwd by amt in +1/+2 bytes
+ *    = 1 = 1-byte seq
+ *	    no match: die, match go fwd 1 byte
+ */
+
+unsigned char lextable[] = {
+	#include "lextable.h"
+};
+
+#define PARALLEL 30
+
+struct state {
+	char c[PARALLEL];
+	int state[PARALLEL];
+	int count;
+	int bytepos;
+
+	int real_pos;
+};
+
+struct state state[1000];
+int next = 1;
+
+#define FAIL_CHAR 0x08
+
+int lextable_decode(int pos, char c)
+{
+	while (1) {
+		if (lextable[pos] & (1 << 7)) { /* 1-byte, fail on mismatch */
+			if ((lextable[pos] & 0x7f) != c)
+				return -1;
+			/* fall thru */
+			pos++;
+			if (lextable[pos] == FAIL_CHAR)
+				return -1;
+			return pos;
+		} else { /* b7 = 0, end or 3-byte */
+			if (lextable[pos] < FAIL_CHAR) /* terminal marker */
+				return pos;
+
+			if (lextable[pos] == c) /* goto */
+				return pos + (lextable[pos + 1]) +
+						(lextable[pos + 2] << 8);
+			/* fall thru goto */
+			pos += 3;
+			/* continue */
+		}
+	}
+}
+
+int main(void)
+{
+	int n = 0;
+	int m = 0;
+	int prev;
+	char c;
+	int walk;
+	int saw;
+	int y;
+	int j;
+	int pos = 0;
+
+	while (n < sizeof(set) / sizeof(set[0])) {
+
+		m = 0;
+		walk = 0;
+		prev = 0;
+
+		if (set[n][0] == '\0') {
+			n++;
+			continue;
+		}
+
+		while (set[n][m]) {
+
+			saw = 0;
+			for (y = 0; y < state[walk].count; y++)
+				if (state[walk].c[y] == set[n][m]) {
+					/* exists -- go forward */
+					walk = state[walk].state[y];
+					saw = 1;
+					break;
+				}
+
+			if (saw)
+				goto again;
+
+			/* something we didn't see before */
+
+			state[walk].c[state[walk].count] = set[n][m];
+
+			state[walk].state[state[walk].count] = next;
+			state[walk].count++;
+			walk = next++;
+again:
+			m++;
+		}
+
+		state[walk].c[0] = n++;
+		state[walk].state[0] = 0; /* terminal marker */
+		state[walk].count = 1;
+	}
+
+	walk = 0;
+	for (n = 0; n < next; n++) {
+		state[n].bytepos = walk;
+		walk += (2 * state[n].count);
+	}
+
+	/* compute everyone's position first */
+
+	pos = 0;
+	walk = 0;
+	for (n = 0; n < next; n++) {
+
+		state[n].real_pos = pos;
+
+		for (m = 0; m < state[n].count; m++) {
+
+			if (state[n].state[m] == 0)
+				pos += 2; /* terminal marker */
+			else { /* c is a character */
+				if ((state[state[n].state[m]].bytepos -
+								walk) == 2)
+					pos++;
+				else {
+					pos += 3;
+					if (m == state[n].count - 1)
+						pos++; /* fail */
+				}
+			}
+			walk += 2;
+		}
+	}
+
+	walk = 0;
+	pos = 0;
+	for (n = 0; n < next; n++) {
+		for (m = 0; m < state[n].count; m++) {
+
+			if (!m)
+				fprintf(stdout, "/* pos %04x: %3d */ ",
+							  state[n].real_pos, n);
+			else
+				fprintf(stdout, "                    ");
+
+			y = state[n].c[m];
+			saw = state[n].state[m];
+
+			if (saw == 0) { // c is a terminal then
+
+				if (y > 0x7ff) {
+					fprintf(stderr, "terminal too big\n");
+					return 2;
+				}
+
+				fprintf(stdout, "   0x%02X, 0x%02X           "
+					"       "
+					"/* - terminal marker %2d - */,\n",
+						    y >> 8, y & 0xff, y & 0x7f);
+				pos += 2;
+				walk += 2;
+				continue;
+			}
+
+			/* c is a character */
+
+			prev = y &0x7f;
+			if (prev < 32 || prev > 126)
+				prev = '.';
+
+
+			if ((state[saw].bytepos - walk) == 2) {
+				fprintf(stdout, "   0x%02X /* '%c' -> */,\n",
+						y | 0x80, prev);
+				pos++;
+				walk += 2;
+				continue;
+			}
+
+			j = state[saw].real_pos - pos;
+
+			if (j > 0xffff) {
+				fprintf(stderr,
+				  "Jump > 64K bytes ahead (%d to %d)\n",
+					state[n].real_pos, state[saw].real_pos);
+				return 1;
+			}
+			fprintf(stdout, "   0x%02X /* '%c' */, 0x%02X, 0x%02X  "
+				"/* (to 0x%04X state %3d) */,\n",
+				y, prev,
+				j & 0xff, j >> 8,
+				state[saw].real_pos, saw);
+			pos += 3;
+
+			if (m == state[n].count - 1) {
+				fprintf(stdout,
+				  "                       0x%02X, /* fail */\n",
+								FAIL_CHAR);
+				pos++; /* fail */
+			}
+
+			walk += 2;
+		}
+	}
+
+	fprintf(stdout, "/* total size %d bytes */\n", pos);
+
+	/*
+	 * Try to parse every legal input string
+	 */
+
+	for (n = 0; n < sizeof(set) / sizeof(set[0]); n++) {
+		walk = 0;
+		m = 0;
+		y = -1;
+
+		if (set[n][0] == '\0')
+			continue;
+
+		fprintf(stderr, "  trying '%s'\n", set[n]);
+
+		while (set[n][m]) {
+			walk = lextable_decode(walk, set[n][m]);
+			if (walk < 0) {
+				fprintf(stderr, "failed\n");
+				return 3;
+			}
+
+			if (lextable[walk] < FAIL_CHAR) {
+				y = (lextable[walk] << 8) + lextable[walk + 1];
+				break;
+			}
+			m++;
+		}
+
+		if (y != n) {
+			fprintf(stderr, "decode failed %d\n", y);
+			return 4;
+		}
+	}
+
+	fprintf(stderr, "All decode OK\n");
+
+	return 0;
+}
diff --git a/thirdparty/lws/misc/base64-decode.c b/thirdparty/lws/misc/base64-decode.c
new file mode 100644
index 0000000000..c8f11d21b8
--- /dev/null
+++ b/thirdparty/lws/misc/base64-decode.c
@@ -0,0 +1,206 @@
+/*
+ * This code originally came from here
+ *
+ * http://base64.sourceforge.net/b64.c
+ *
+ * with the following license:
+ *
+ * LICENCE:        Copyright (c) 2001 Bob Trower, Trantor Standard Systems Inc.
+ *
+ *                Permission is hereby granted, free of charge, to any person
+ *                obtaining a copy of this software and associated
+ *                documentation files (the "Software"), to deal in the
+ *                Software without restriction, including without limitation
+ *                the rights to use, copy, modify, merge, publish, distribute,
+ *                sublicense, and/or sell copies of the Software, and to
+ *                permit persons to whom the Software is furnished to do so,
+ *                subject to the following conditions:
+ *
+ *                The above copyright notice and this permission notice shall
+ *                be included in all copies or substantial portions of the
+ *                Software.
+ *
+ *                THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY
+ *                KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE
+ *                WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+ *                PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS
+ *                OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ *                OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+ *                OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+ *                SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * VERSION HISTORY:
+ *               Bob Trower 08/04/01 -- Create Version 0.00.00B
+ *
+ * I cleaned it up quite a bit to match the (linux kernel) style of the rest
+ * of libwebsockets; this version is under LGPL2.1 + SLE like the rest of lws
+ * since he explicitly allows sublicensing, but I give the URL above so you can
+ * get the original with Bob's super-liberal terms directly if you prefer.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "private-libwebsockets.h"
+
+static const char encode[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+			     "abcdefghijklmnopqrstuvwxyz0123456789+/";
+static const char decode[] = "|$$$}rstuvwxyz{$$$$$$$>?@ABCDEFGHIJKLMNOPQRSTUVW"
+			     "$$$$$$XYZ[\\]^_`abcdefghijklmnopq";
+
+LWS_VISIBLE int
+lws_b64_encode_string(const char *in, int in_len, char *out, int out_size)
+{
+	unsigned char triple[3];
+	int i;
+	int len;
+	int line = 0;
+	int done = 0;
+
+	while (in_len) {
+		len = 0;
+		for (i = 0; i < 3; i++) {
+			if (in_len) {
+				triple[i] = *in++;
+				len++;
+				in_len--;
+			} else
+				triple[i] = 0;
+		}
+
+		if (done + 4 >= out_size)
+			return -1;
+
+		*out++ = encode[triple[0] >> 2];
+		*out++ = encode[((triple[0] & 0x03) << 4) |
+					     ((triple[1] & 0xf0) >> 4)];
+		*out++ = (len > 1 ? encode[((triple[1] & 0x0f) << 2) |
+					     ((triple[2] & 0xc0) >> 6)] : '=');
+		*out++ = (len > 2 ? encode[triple[2] & 0x3f] : '=');
+
+		done += 4;
+		line += 4;
+	}
+
+	if (done + 1 >= out_size)
+		return -1;
+
+	*out++ = '\0';
+
+	return done;
+}
+
+/*
+ * returns length of decoded string in out, or -1 if out was too small
+ * according to out_size
+ */
+
+LWS_VISIBLE int
+lws_b64_decode_string(const char *in, char *out, int out_size)
+{
+	int len, i, c = 0, done = 0;
+	unsigned char v, quad[4];
+
+	while (*in) {
+
+		len = 0;
+		for (i = 0; i < 4 && *in; i++) {
+
+			v = 0;
+			c = 0;
+			while (*in && !v) {
+				c = v = *in++;
+				v = (v < 43 || v > 122) ? 0 : decode[v - 43];
+				if (v)
+					v = (v == '$') ? 0 : v - 61;
+			}
+			if (c) {
+				len++;
+				if (v)
+					quad[i] = v - 1;
+			} else
+				quad[i] = 0;
+		}
+
+		if (out_size < (done + len - 1))
+			/* out buffer is too small */
+			return -1;
+
+		/*
+		 * "The '==' sequence indicates that the last group contained
+		 * only one byte, and '=' indicates that it contained two
+		 * bytes." (wikipedia)
+		 */
+
+		if (!*in && c == '=')
+			len--;
+
+		if (len >= 2)
+			*out++ = quad[0] << 2 | quad[1] >> 4;
+		if (len >= 3)
+			*out++ = quad[1] << 4 | quad[2] >> 2;
+		if (len >= 4)
+			*out++ = ((quad[2] << 6) & 0xc0) | quad[3];
+
+		done += len - 1;
+	}
+
+	if (done + 1 >= out_size)
+		return -1;
+
+	*out = '\0';
+
+	return done;
+}
+
+#if 0
+int
+lws_b64_selftest(void)
+{
+	char buf[64];
+	unsigned int n,  r = 0;
+	unsigned int test;
+	/* examples from https://en.wikipedia.org/wiki/Base64 */
+	static const char * const plaintext[] = {
+		"any carnal pleasure.",
+		"any carnal pleasure",
+		"any carnal pleasur",
+		"any carnal pleasu",
+		"any carnal pleas",
+		"Admin:kloikloi"
+	};
+	static const char * const coded[] = {
+		"YW55IGNhcm5hbCBwbGVhc3VyZS4=",
+		"YW55IGNhcm5hbCBwbGVhc3VyZQ==",
+		"YW55IGNhcm5hbCBwbGVhc3Vy",
+		"YW55IGNhcm5hbCBwbGVhc3U=",
+		"YW55IGNhcm5hbCBwbGVhcw==",
+		"QWRtaW46a2xvaWtsb2k="
+	};
+
+	for (test = 0; test < sizeof plaintext / sizeof(plaintext[0]); test++) {
+
+		buf[sizeof(buf) - 1] = '\0';
+		n = lws_b64_encode_string(plaintext[test],
+				      strlen(plaintext[test]), buf, sizeof buf);
+		if (n != strlen(coded[test]) || strcmp(buf, coded[test])) {
+			lwsl_err("Failed lws_b64 encode selftest "
+					   "%d result '%s' %d\n", test, buf, n);
+			r = -1;
+		}
+
+		buf[sizeof(buf) - 1] = '\0';
+		n = lws_b64_decode_string(coded[test], buf, sizeof buf);
+		if (n != strlen(plaintext[test]) ||
+						 strcmp(buf, plaintext[test])) {
+			lwsl_err("Failed lws_b64 decode selftest "
+				 "%d result '%s' / '%s', %d / %d\n",
+				 test, buf, plaintext[test], n, strlen(plaintext[test]));
+			r = -1;
+		}
+	}
+
+	lwsl_notice("Base 64 selftests passed\n");
+
+	return r;
+}
+#endif
diff --git a/thirdparty/lws/misc/getifaddrs.c b/thirdparty/lws/misc/getifaddrs.c
new file mode 100644
index 0000000000..4f42ab4595
--- /dev/null
+++ b/thirdparty/lws/misc/getifaddrs.c
@@ -0,0 +1,270 @@
+/*
+ * Copyright (c) 2000 - 2001 Kungliga Tekniska H�gskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * originally downloaded from
+ *
+ * http://ftp.uninett.no/pub/OpenBSD/src/kerberosV/src/lib/roken/getifaddrs.c
+ */
+
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <net/if.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/ioctl.h>
+#include <unistd.h>
+#include "private-libwebsockets.h"
+
+#ifdef LWS_HAVE_SYS_SOCKIO_H
+#include <sys/sockio.h>
+#endif
+
+#ifdef LWS_HAVE_NETINET_IN6_VAR_H
+#include <netinet/in6_var.h>
+#endif
+
+#ifndef max
+#define max(a, b) ((a) > (b) ? (a) : (b))
+#endif
+
+#include "getifaddrs.h"
+
+static int
+getifaddrs2(struct ifaddrs **ifap, int af, int siocgifconf, int siocgifflags,
+	    size_t ifreq_sz)
+{
+	int ret;
+	int fd;
+	size_t buf_size;
+	char *buf;
+	struct ifconf ifconf;
+	char *p;
+	size_t sz;
+	struct sockaddr sa_zero;
+	struct ifreq *ifr;
+	struct ifaddrs *start,  **end = &start;
+
+	buf = NULL;
+
+	memset(&sa_zero, 0, sizeof(sa_zero));
+	fd = socket(af, SOCK_DGRAM, 0);
+	if (fd < 0)
+		return -1;
+
+	buf_size = 8192;
+	for (;;) {
+		buf = lws_zalloc(buf_size, "getifaddrs2");
+		if (buf == NULL) {
+			ret = ENOMEM;
+			goto error_out;
+		}
+		ifconf.ifc_len = buf_size;
+		ifconf.ifc_buf = buf;
+
+		/*
+		 * Solaris returns EINVAL when the buffer is too small.
+		 */
+		if (ioctl(fd, siocgifconf, &ifconf) < 0 && errno != EINVAL) {
+			ret = errno;
+			goto error_out;
+		}
+		/*
+		 * Can the difference between a full and a overfull buf
+		 * be determined?
+		 */
+
+		if (ifconf.ifc_len < (int)buf_size)
+			break;
+		lws_free(buf);
+		buf_size *= 2;
+	}
+
+	for (p = ifconf.ifc_buf; p < ifconf.ifc_buf + ifconf.ifc_len; p += sz) {
+		struct ifreq ifreq;
+		struct sockaddr *sa;
+		size_t salen;
+
+		ifr = (struct ifreq *)p;
+		sa  = &ifr->ifr_addr;
+
+		sz = ifreq_sz;
+		salen = sizeof(struct sockaddr);
+#ifdef LWS_HAVE_STRUCT_SOCKADDR_SA_LEN
+		salen = sa->sa_len;
+		sz = max(sz, sizeof(ifr->ifr_name) + sa->sa_len);
+#endif
+#ifdef SA_LEN
+		salen = SA_LEN(sa);
+		sz = max(sz, sizeof(ifr->ifr_name) + SA_LEN(sa));
+#endif
+		memset(&ifreq, 0, sizeof(ifreq));
+		memcpy(ifreq.ifr_name, ifr->ifr_name, sizeof(ifr->ifr_name));
+
+		if (ioctl(fd, siocgifflags, &ifreq) < 0) {
+			ret = errno;
+			goto error_out;
+		}
+
+		*end = lws_malloc(sizeof(**end), "getifaddrs");
+
+		(*end)->ifa_next = NULL;
+		(*end)->ifa_name = strdup(ifr->ifr_name);
+		(*end)->ifa_flags = ifreq.ifr_flags;
+		(*end)->ifa_addr = lws_malloc(salen, "getifaddrs");
+		memcpy((*end)->ifa_addr, sa, salen);
+		(*end)->ifa_netmask = NULL;
+
+#if 0
+		/* fix these when we actually need them */
+		if (ifreq.ifr_flags & IFF_BROADCAST) {
+			(*end)->ifa_broadaddr =
+				lws_malloc(sizeof(ifr->ifr_broadaddr), "getifaddrs");
+			memcpy((*end)->ifa_broadaddr, &ifr->ifr_broadaddr,
+						    sizeof(ifr->ifr_broadaddr));
+		} else if (ifreq.ifr_flags & IFF_POINTOPOINT) {
+			(*end)->ifa_dstaddr =
+				lws_malloc(sizeof(ifr->ifr_dstaddr), "getifaddrs");
+			memcpy((*end)->ifa_dstaddr, &ifr->ifr_dstaddr,
+						      sizeof(ifr->ifr_dstaddr));
+		} else
+			(*end)->ifa_dstaddr = NULL;
+#else
+		(*end)->ifa_dstaddr = NULL;
+#endif
+		(*end)->ifa_data = NULL;
+
+		end = &(*end)->ifa_next;
+
+	}
+	*ifap = start;
+	close(fd);
+	lws_free(buf);
+	return 0;
+
+error_out:
+	close(fd);
+	lws_free(buf);
+	errno = ret;
+
+	return -1;
+}
+
+int
+getifaddrs(struct ifaddrs **ifap)
+{
+	int ret = -1;
+	errno = ENXIO;
+#if defined(AF_INET6) && defined(SIOCGIF6CONF) && defined(SIOCGIF6FLAGS)
+	if (ret)
+		ret = getifaddrs2(ifap, AF_INET6, SIOCGIF6CONF, SIOCGIF6FLAGS,
+			   sizeof(struct in6_ifreq));
+#endif
+#if defined(LWS_HAVE_IPV6) && defined(SIOCGIFCONF)
+	if (ret)
+		ret = getifaddrs2(ifap, AF_INET6, SIOCGIFCONF, SIOCGIFFLAGS,
+			   sizeof(struct ifreq));
+#endif
+#if defined(AF_INET) && defined(SIOCGIFCONF) && defined(SIOCGIFFLAGS)
+	if (ret)
+		ret = getifaddrs2(ifap, AF_INET, SIOCGIFCONF, SIOCGIFFLAGS,
+			   sizeof(struct ifreq));
+#endif
+	return ret;
+}
+
+void
+freeifaddrs(struct ifaddrs *ifp)
+{
+	struct ifaddrs *p, *q;
+
+	for (p = ifp; p; ) {
+		lws_free(p->ifa_name);
+		lws_free(p->ifa_addr);
+		lws_free(p->ifa_dstaddr);
+		lws_free(p->ifa_netmask);
+		lws_free(p->ifa_data);
+		q = p;
+		p = p->ifa_next;
+		lws_free(q);
+	}
+}
+
+#ifdef TEST
+
+void
+print_addr(const char *s, struct sockaddr *sa)
+{
+	int i;
+	printf("  %s=%d/", s, sa->sa_family);
+#ifdef LWS_HAVE_STRUCT_SOCKADDR_SA_LEN
+	for (i = 0;
+	       i < sa->sa_len - ((lws_intptr_t)sa->sa_data - (lws_intptr_t)&sa->sa_family); i++)
+		printf("%02x", ((unsigned char *)sa->sa_data)[i]);
+#else
+	for (i = 0; i < sizeof(sa->sa_data); i++)
+		printf("%02x", ((unsigned char *)sa->sa_data)[i]);
+#endif
+	printf("\n");
+}
+
+void
+print_ifaddrs(struct ifaddrs *x)
+{
+	struct ifaddrs *p;
+
+	for (p = x; p; p = p->ifa_next) {
+		printf("%s\n", p->ifa_name);
+		printf("  flags=%x\n", p->ifa_flags);
+		if (p->ifa_addr)
+			print_addr("addr", p->ifa_addr);
+		if (p->ifa_dstaddr)
+			print_addr("dstaddr", p->ifa_dstaddr);
+		if (p->ifa_netmask)
+			print_addr("netmask", p->ifa_netmask);
+		printf("  %p\n", p->ifa_data);
+	}
+}
+
+int
+main()
+{
+	struct ifaddrs *a = NULL, *b;
+	getifaddrs2(&a, AF_INET, SIOCGIFCONF, SIOCGIFFLAGS,
+		    sizeof(struct ifreq));
+	print_ifaddrs(a);
+	printf("---\n");
+	getifaddrs(&b);
+	print_ifaddrs(b);
+	return 0;
+}
+#endif
diff --git a/thirdparty/lws/misc/getifaddrs.h b/thirdparty/lws/misc/getifaddrs.h
new file mode 100644
index 0000000000..d26670c082
--- /dev/null
+++ b/thirdparty/lws/misc/getifaddrs.h
@@ -0,0 +1,80 @@
+#ifndef LWS_HAVE_GETIFADDRS
+#define LWS_HAVE_GETIFADDRS 0
+#endif
+
+#if LWS_HAVE_GETIFADDRS
+#include <sys/types.h>
+#include <ifaddrs.h>
+#else
+#ifdef __cplusplus
+extern "C" {
+#endif
+/*
+ * Copyright (c) 2000 Kungliga Tekniska H�gskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $KTH: ifaddrs.hin,v 1.3 2000/12/11 00:01:13 assar Exp $ */
+
+#ifndef ifaddrs_h_7467027A95AD4B5C8DDD40FE7D973791
+#define ifaddrs_h_7467027A95AD4B5C8DDD40FE7D973791
+
+/*
+ * the interface is defined in terms of the fields below, and this is
+ * sometimes #define'd, so there seems to be no simple way of solving
+ * this and this seemed the best. */
+
+#undef ifa_dstaddr
+
+struct ifaddrs {
+	struct ifaddrs *ifa_next;
+	char *ifa_name;
+	unsigned int ifa_flags;
+	struct sockaddr *ifa_addr;
+	struct sockaddr *ifa_netmask;
+	struct sockaddr *ifa_dstaddr;
+	void *ifa_data;
+};
+
+#ifndef ifa_broadaddr
+#define ifa_broadaddr ifa_dstaddr
+#endif
+
+int getifaddrs(struct ifaddrs **);
+
+void freeifaddrs(struct ifaddrs *);
+
+#endif /* __ifaddrs_h__ */
+
+#ifdef __cplusplus
+}
+#endif
+#endif
diff --git a/thirdparty/lws/misc/lejp.c b/thirdparty/lws/misc/lejp.c
new file mode 100644
index 0000000000..5407c90f97
--- /dev/null
+++ b/thirdparty/lws/misc/lejp.c
@@ -0,0 +1,709 @@
+/*
+ * Lightweight Embedded JSON Parser
+ *
+ * Copyright (C) 2013 Andy Green <andy@warmcat.com>
+ * This code is licensed under LGPL 2.1
+ * http://www.gnu.org/licenses/lgpl-2.1.html
+ */
+
+#include <string.h>
+#include "lejp.h"
+
+#include <stdio.h>
+
+/**
+ * lejp_construct - prepare a struct lejp_ctx for use
+ *
+ * \param ctx:	pointer to your struct lejp_ctx
+ * \param callback:	your user callback which will received parsed tokens
+ * \param user:	optional user data pointer untouched by lejp
+ * \param paths:	your array of name elements you are interested in
+ * \param count_paths:	ARRAY_SIZE() of @paths
+ *
+ * Prepares your context struct for use with lejp
+ */
+
+void
+lejp_construct(struct lejp_ctx *ctx,
+	signed char (*callback)(struct lejp_ctx *ctx, char reason), void *user,
+			const char * const *paths, unsigned char count_paths)
+{
+	ctx->st[0].s = 0;
+	ctx->st[0].p = 0;
+	ctx->st[0].i = 0;
+	ctx->st[0].b = 0;
+	ctx->sp = 0;
+	ctx->ipos = 0;
+	ctx->ppos = 0;
+	ctx->path_match = 0;
+	ctx->path[0] = '\0';
+	ctx->callback = callback;
+	ctx->user = user;
+	ctx->paths = paths;
+	ctx->count_paths = count_paths;
+	ctx->line = 1;
+	ctx->callback(ctx, LEJPCB_CONSTRUCTED);
+}
+
+/**
+ * lejp_destruct - retire a previously constructed struct lejp_ctx
+ *
+ * \param ctx:	pointer to your struct lejp_ctx
+ *
+ * lejp does not perform any allocations, but since your user code might, this
+ * provides a one-time LEJPCB_DESTRUCTED callback at destruction time where
+ * you can clean up in your callback.
+ */
+
+void
+lejp_destruct(struct lejp_ctx *ctx)
+{
+	/* no allocations... just let callback know what it happening */
+	ctx->callback(ctx, LEJPCB_DESTRUCTED);
+}
+
+/**
+ * lejp_change_callback - switch to a different callback from now on
+ *
+ * \param ctx:	pointer to your struct lejp_ctx
+ * \param callback:	your user callback which will received parsed tokens
+ *
+ * This tells the old callback it was destroyed, in case you want to take any
+ * action because that callback "lost focus", then changes to the new
+ * callback and tells it first that it was constructed, and then started.
+ *
+ * Changing callback is a cheap and powerful trick to split out handlers
+ * according to information earlier in the parse.  For example you may have
+ * a JSON pair "schema" whose value defines what can be expected for the rest
+ * of the JSON.  Rather than having one huge callback for all cases, you can
+ * have an initial one looking for "schema" which then calls
+ * lejp_change_callback() to a handler specific for the schema.
+ *
+ * Notice that afterwards, you need to construct the context again anyway to
+ * parse another JSON object, and the callback is reset then to the main,
+ * schema-interpreting one.  The construction action is very lightweight.
+ */
+
+void
+lejp_change_callback(struct lejp_ctx *ctx,
+		     signed char (*callback)(struct lejp_ctx *ctx, char reason))
+{
+	ctx->callback(ctx, LEJPCB_DESTRUCTED);
+	ctx->callback = callback;
+	ctx->callback(ctx, LEJPCB_CONSTRUCTED);
+	ctx->callback(ctx, LEJPCB_START);
+}
+
+static void
+lejp_check_path_match(struct lejp_ctx *ctx)
+{
+	const char *p, *q;
+	int n;
+
+	/* we only need to check if a match is not active */
+	for (n = 0; !ctx->path_match && n < ctx->count_paths; n++) {
+		ctx->wildcount = 0;
+		p = ctx->path;
+		q = ctx->paths[n];
+		while (*p && *q) {
+			if (*q != '*') {
+				if (*p != *q)
+					break;
+				p++;
+				q++;
+				continue;
+			}
+			ctx->wild[ctx->wildcount++] = p - ctx->path;
+			q++;
+			/*
+			 * if * has something after it, match to .
+			 * if ends with *, eat everything.
+			 * This implies match sequences must be ordered like
+			 *  x.*.*
+			 *  x.*
+			 * if both options are possible
+			 */
+			while (*p && (*p != '.' || !*q))
+				p++;
+		}
+		if (*p || *q)
+			continue;
+
+		ctx->path_match = n + 1;
+		ctx->path_match_len = ctx->ppos;
+		return;
+	}
+
+	if (!ctx->path_match)
+		ctx->wildcount = 0;
+}
+
+int
+lejp_get_wildcard(struct lejp_ctx *ctx, int wildcard, char *dest, int len)
+{
+	int n;
+
+	if (wildcard >= ctx->wildcount || !len)
+		return 0;
+
+	n = ctx->wild[wildcard];
+
+	while (--len && n < ctx->ppos && (n == ctx->wild[wildcard] || ctx->path[n] != '.'))
+		*dest++ = ctx->path[n++];
+
+	*dest = '\0';
+	n++;
+
+	return n - ctx->wild[wildcard];
+}
+
+/**
+ * lejp_parse - interpret some more incoming data incrementally
+ *
+ * \param ctx:	previously constructed parsing context
+ * \param json:	char buffer with the new data to interpret
+ * \param len:	amount of data in the buffer
+ *
+ * Because lejp is a stream parser, it incrementally parses as new data
+ * becomes available, maintaining all state in the context struct.  So an
+ * incomplete JSON is a normal situation, getting you a LEJP_CONTINUE
+ * return, signalling there's no error but to call again with more data when
+ * it comes to complete the parsing.  Successful parsing completes with a
+ * 0 or positive integer indicating how much of the last input buffer was
+ * unused.
+ */
+
+int
+lejp_parse(struct lejp_ctx *ctx, const unsigned char *json, int len)
+{
+	unsigned char c, n, s, ret = LEJP_REJECT_UNKNOWN;
+	static const char esc_char[] = "\"\\/bfnrt";
+	static const char esc_tran[] = "\"\\/\b\f\n\r\t";
+	static const char tokens[] = "rue alse ull ";
+
+	if (!ctx->sp && !ctx->ppos)
+		ctx->callback(ctx, LEJPCB_START);
+
+	while (len--) {
+		c = *json++;
+
+		s = ctx->st[ctx->sp].s;
+
+		/* skip whitespace unless we should care */
+		if (c == ' ' || c == '\t' || c == '\n' || c == '\r' || c == '#') {
+			if (c == '\n') {
+				ctx->line++;
+				ctx->st[ctx->sp].s &= ~LEJP_FLAG_WS_COMMENTLINE;
+			}
+			if (!(s & LEJP_FLAG_WS_KEEP)) {
+				if (c == '#')
+					ctx->st[ctx->sp].s |=
+						LEJP_FLAG_WS_COMMENTLINE;
+				continue;
+			}
+		}
+
+		if (ctx->st[ctx->sp].s & LEJP_FLAG_WS_COMMENTLINE)
+			continue;
+
+		switch (s) {
+		case LEJP_IDLE:
+			if (c != '{') {
+				ret = LEJP_REJECT_IDLE_NO_BRACE;
+				goto reject;
+			}
+			if (ctx->callback(ctx, LEJPCB_OBJECT_START)) {
+				ret = LEJP_REJECT_CALLBACK;
+				goto reject;
+			}
+			ctx->st[ctx->sp].s = LEJP_MEMBERS;
+			break;
+		case LEJP_MEMBERS:
+			if (c == '}') {
+				ctx->st[ctx->sp].s = LEJP_IDLE;
+				ret = LEJP_REJECT_MEMBERS_NO_CLOSE;
+				goto reject;
+			}
+			ctx->st[ctx->sp].s = LEJP_M_P;
+			goto redo_character;
+		case LEJP_M_P:
+			if (c != '\"') {
+				ret = LEJP_REJECT_MP_NO_OPEN_QUOTE;
+				goto reject;
+			}
+			/* push */
+			ctx->st[ctx->sp].s = LEJP_MP_DELIM;
+			c = LEJP_MP_STRING;
+			goto add_stack_level;
+
+		case LEJP_MP_STRING:
+			if (c == '\"') {
+				if (!ctx->sp) {
+					ret = LEJP_REJECT_MP_STRING_UNDERRUN;
+					goto reject;
+				}
+				if (ctx->st[ctx->sp - 1].s != LEJP_MP_DELIM) {
+					ctx->buf[ctx->npos] = '\0';
+					if (ctx->callback(ctx,
+						      LEJPCB_VAL_STR_END) < 0) {
+						ret = LEJP_REJECT_CALLBACK;
+						goto reject;
+					}
+				}
+				/* pop */
+				ctx->sp--;
+				break;
+			}
+			if (c == '\\') {
+				ctx->st[ctx->sp].s = LEJP_MP_STRING_ESC;
+				break;
+			}
+			if (c < ' ') {/* "control characters" not allowed */
+				ret = LEJP_REJECT_MP_ILLEGAL_CTRL;
+				goto reject;
+			}
+			goto emit_string_char;
+
+		case LEJP_MP_STRING_ESC:
+			if (c == 'u') {
+				ctx->st[ctx->sp].s = LEJP_MP_STRING_ESC_U1;
+				ctx->uni = 0;
+				break;
+			}
+			for (n = 0; n < sizeof(esc_char); n++) {
+				if (c != esc_char[n])
+					continue;
+				/* found it */
+				c = esc_tran[n];
+				ctx->st[ctx->sp].s = LEJP_MP_STRING;
+				goto emit_string_char;
+			}
+			ret = LEJP_REJECT_MP_STRING_ESC_ILLEGAL_ESC;
+			/* illegal escape char */
+			goto reject;
+
+		case LEJP_MP_STRING_ESC_U1:
+		case LEJP_MP_STRING_ESC_U2:
+		case LEJP_MP_STRING_ESC_U3:
+		case LEJP_MP_STRING_ESC_U4:
+			ctx->uni <<= 4;
+			if (c >= '0' && c <= '9')
+				ctx->uni |= c - '0';
+			else
+				if (c >= 'a' && c <= 'f')
+					ctx->uni = c - 'a' + 10;
+				else
+					if (c >= 'A' && c <= 'F')
+						ctx->uni = c - 'A' + 10;
+					else {
+						ret = LEJP_REJECT_ILLEGAL_HEX;
+						goto reject;
+					}
+			ctx->st[ctx->sp].s++;
+			switch (s) {
+			case LEJP_MP_STRING_ESC_U2:
+				if (ctx->uni < 0x08)
+					break;
+				/*
+				 * 0x08-0xff (0x0800 - 0xffff)
+				 * emit 3-byte UTF-8
+				 */
+				c = 0xe0 | ((ctx->uni >> 4) & 0xf);
+				goto emit_string_char;
+
+			case LEJP_MP_STRING_ESC_U3:
+				if (ctx->uni >= 0x080) {
+					/*
+					 * 0x080 - 0xfff (0x0800 - 0xffff)
+					 * middle 3-byte seq
+					 * send ....XXXXXX..
+					 */
+					c = 0x80 | ((ctx->uni >> 2) & 0x3f);
+					goto emit_string_char;
+				}
+				if (ctx->uni < 0x008)
+					break;
+				/*
+				 * 0x008 - 0x7f (0x0080 - 0x07ff)
+				 * start 2-byte seq
+				 */
+				c = 0xc0 | (ctx->uni >> 2);
+				goto emit_string_char;
+
+			case LEJP_MP_STRING_ESC_U4:
+				if (ctx->uni >= 0x0080)
+					/* end of 2 or 3-byte seq */
+					c = 0x80 | (ctx->uni & 0x3f);
+				else
+					/* literal */
+					c = (unsigned char)ctx->uni;
+
+				ctx->st[ctx->sp].s = LEJP_MP_STRING;
+				goto emit_string_char;
+			default:
+				break;
+			}
+			break;
+
+		case LEJP_MP_DELIM:
+			if (c != ':') {
+				ret = LEJP_REJECT_MP_DELIM_MISSING_COLON;
+				goto reject;
+			}
+			ctx->st[ctx->sp].s = LEJP_MP_VALUE;
+			ctx->path[ctx->ppos] = '\0';
+
+			lejp_check_path_match(ctx);
+			if (ctx->callback(ctx, LEJPCB_PAIR_NAME)) {
+				ret = LEJP_REJECT_CALLBACK;
+				goto reject;
+			}
+			break;
+
+		case LEJP_MP_VALUE:
+			if (c >= '0' && c <= '9') {
+				ctx->npos = 0;
+				ctx->dcount = 0;
+				ctx->f = 0;
+				ctx->st[ctx->sp].s = LEJP_MP_VALUE_NUM_INT;
+				goto redo_character;
+			}
+			switch (c) {
+			case'\"':
+				/* push */
+				ctx->st[ctx->sp].s = LEJP_MP_COMMA_OR_END;
+				c = LEJP_MP_STRING;
+				ctx->npos = 0;
+				ctx->buf[0] = '\0';
+				if (ctx->callback(ctx, LEJPCB_VAL_STR_START)) {
+					ret = LEJP_REJECT_CALLBACK;
+					goto reject;
+				}
+				goto add_stack_level;
+
+			case '{':
+				/* push */
+				ctx->st[ctx->sp].s = LEJP_MP_COMMA_OR_END;
+				c = LEJP_MEMBERS;
+				lejp_check_path_match(ctx);
+				if (ctx->callback(ctx, LEJPCB_OBJECT_START)) {
+					ret = LEJP_REJECT_CALLBACK;
+					goto reject;
+				}
+				ctx->path_match = 0;
+				goto add_stack_level;
+
+			case '[':
+				/* push */
+				ctx->st[ctx->sp].s = LEJP_MP_ARRAY_END;
+				c = LEJP_MP_VALUE;
+				ctx->path[ctx->ppos++] = '[';
+				ctx->path[ctx->ppos++] = ']';
+				ctx->path[ctx->ppos] = '\0';
+				if (ctx->callback(ctx, LEJPCB_ARRAY_START)) {
+					ret = LEJP_REJECT_CALLBACK;
+					goto reject;
+				}
+				ctx->i[ctx->ipos++] = 0;
+				if (ctx->ipos > ARRAY_SIZE(ctx->i)) {
+					ret = LEJP_REJECT_MP_DELIM_ISTACK;
+					goto reject;
+				}
+				goto add_stack_level;
+
+			case 't': /* true */
+				ctx->uni = 0;
+				ctx->st[ctx->sp].s = LEJP_MP_VALUE_TOK;
+				break;
+
+			case 'f':
+				ctx->uni = 4;
+				ctx->st[ctx->sp].s = LEJP_MP_VALUE_TOK;
+				break;
+
+			case 'n':
+				ctx->uni = 4 + 5;
+				ctx->st[ctx->sp].s = LEJP_MP_VALUE_TOK;
+				break;
+			default:
+				ret = LEJP_REJECT_MP_DELIM_BAD_VALUE_START;
+				goto reject;
+			}
+			break;
+
+		case LEJP_MP_VALUE_NUM_INT:
+			if (!ctx->npos && c == '-') {
+				ctx->f |= LEJP_SEEN_MINUS;
+				goto append_npos;
+			}
+
+			if (ctx->dcount < 10 && c >= '0' && c <= '9') {
+				if (ctx->f & LEJP_SEEN_POINT)
+					ctx->f |= LEJP_SEEN_POST_POINT;
+				ctx->dcount++;
+				goto append_npos;
+			}
+			if (c == '.') {
+				if (ctx->dcount || (ctx->f & LEJP_SEEN_POINT)) {
+					ret = LEJP_REJECT_MP_VAL_NUM_FORMAT;
+					goto reject;
+				}
+				ctx->f |= LEJP_SEEN_POINT;
+				goto append_npos;
+			}
+			/*
+			 * before exponent, if we had . we must have had at
+			 * least one more digit
+			 */
+			if ((ctx->f &
+				(LEJP_SEEN_POINT | LEJP_SEEN_POST_POINT)) ==
+							      LEJP_SEEN_POINT) {
+				ret = LEJP_REJECT_MP_VAL_NUM_INT_NO_FRAC;
+				goto reject;
+			}
+			if (c == 'e' || c == 'E') {
+				if (ctx->f & LEJP_SEEN_EXP) {
+					ret = LEJP_REJECT_MP_VAL_NUM_FORMAT;
+					goto reject;
+				}
+				ctx->f |= LEJP_SEEN_EXP;
+				ctx->st[ctx->sp].s = LEJP_MP_VALUE_NUM_EXP;
+				goto append_npos;
+			}
+			/* if none of the above, did we even have a number? */
+			if (!ctx->dcount) {
+				ret = LEJP_REJECT_MP_VAL_NUM_FORMAT;
+				goto reject;
+			}
+
+			ctx->buf[ctx->npos] = '\0';
+			if (ctx->f & LEJP_SEEN_POINT) {
+				if (ctx->callback(ctx, LEJPCB_VAL_NUM_FLOAT)) {
+					ret = LEJP_REJECT_CALLBACK;
+					goto reject;
+				}
+			} else {
+				if (ctx->callback(ctx, LEJPCB_VAL_NUM_INT)) {
+					ret = LEJP_REJECT_CALLBACK;
+					goto reject;
+				}
+			}
+
+			/* then this is the post-number character, loop */
+			ctx->st[ctx->sp].s = LEJP_MP_COMMA_OR_END;
+			goto redo_character;
+
+		case LEJP_MP_VALUE_NUM_EXP:
+			ctx->st[ctx->sp].s = LEJP_MP_VALUE_NUM_INT;
+			if (c >= '0' && c <= '9')
+				goto redo_character;
+			if (c == '+' || c == '-')
+				goto append_npos;
+			ret = LEJP_REJECT_MP_VAL_NUM_EXP_BAD_EXP;
+			goto reject;
+
+		case LEJP_MP_VALUE_TOK: /* true, false, null */
+			if (c != tokens[ctx->uni]) {
+				ret = LEJP_REJECT_MP_VAL_TOK_UNKNOWN;
+				goto reject;
+			}
+			ctx->uni++;
+			if (tokens[ctx->uni] != ' ')
+				break;
+			switch (ctx->uni) {
+			case 3:
+				ctx->buf[0] = '1';
+				ctx->buf[1] = '\0';
+				if (ctx->callback(ctx, LEJPCB_VAL_TRUE)) {
+					ret = LEJP_REJECT_CALLBACK;
+					goto reject;
+				}
+				break;
+			case 8:
+				ctx->buf[0] = '0';
+				ctx->buf[1] = '\0';
+				if (ctx->callback(ctx, LEJPCB_VAL_FALSE)) {
+					ret = LEJP_REJECT_CALLBACK;
+					goto reject;
+				}
+				break;
+			case 12:
+				ctx->buf[0] = '\0';
+				if (ctx->callback(ctx, LEJPCB_VAL_NULL)) {
+					ret = LEJP_REJECT_CALLBACK;
+					goto reject;
+				}
+				break;
+			}
+			ctx->st[ctx->sp].s = LEJP_MP_COMMA_OR_END;
+			break;
+
+		case LEJP_MP_COMMA_OR_END:
+			ctx->path[ctx->ppos] = '\0';
+			if (c == ',') {
+				/* increment this stack level's index */
+				ctx->st[ctx->sp].s = LEJP_M_P;
+				if (!ctx->sp) {
+					ctx->ppos = 0;
+					/*
+					 * since we came back to root level,
+					 * no path can still match
+					 */
+					ctx->path_match = 0;
+					break;
+				}
+				ctx->ppos = ctx->st[ctx->sp - 1].p;
+				ctx->path[ctx->ppos] = '\0';
+				if (ctx->path_match &&
+					       ctx->ppos <= ctx->path_match_len)
+					/*
+					 * we shrank the path to be
+					 * smaller than the matching point
+					 */
+					ctx->path_match = 0;
+
+				if (ctx->st[ctx->sp - 1].s != LEJP_MP_ARRAY_END)
+					break;
+				/* top level is definitely an array... */
+				if (ctx->ipos)
+					ctx->i[ctx->ipos - 1]++;
+				ctx->st[ctx->sp].s = LEJP_MP_VALUE;
+				break;
+			}
+			if (c == ']') {
+				if (!ctx->sp) {
+					ret = LEJP_REJECT_MP_C_OR_E_UNDERF;
+					goto reject;
+				}
+				/* pop */
+				ctx->sp--;
+				if (ctx->st[ctx->sp].s != LEJP_MP_ARRAY_END) {
+					ret = LEJP_REJECT_MP_C_OR_E_NOTARRAY;
+					goto reject;
+				}
+				/* drop the path [n] bit */
+				ctx->ppos = ctx->st[ctx->sp - 1].p;
+				ctx->ipos = ctx->st[ctx->sp - 1].i;
+				ctx->path[ctx->ppos] = '\0';
+				if (ctx->path_match &&
+					       ctx->ppos <= ctx->path_match_len)
+					/*
+					 * we shrank the path to be
+					 * smaller than the matching point
+					 */
+					ctx->path_match = 0;
+
+				/* do LEJP_MP_ARRAY_END processing */
+				goto redo_character;
+			}
+			if (c == '}') {
+				if (ctx->sp == 0) {
+					lejp_check_path_match(ctx);
+					if (ctx->callback(ctx, LEJPCB_OBJECT_END)) {
+						ret = LEJP_REJECT_CALLBACK;
+						goto reject;
+					}
+					ctx->callback(ctx, LEJPCB_COMPLETE);
+					/* done, return unused amount */
+					return len;
+				}
+				/* pop */
+				ctx->sp--;
+				ctx->ppos = ctx->st[ctx->sp - 1].p;
+				ctx->ipos = ctx->st[ctx->sp - 1].i;
+				ctx->path[ctx->ppos] = '\0';
+				if (ctx->path_match &&
+					       ctx->ppos <= ctx->path_match_len)
+					/*
+					 * we shrank the path to be
+					 * smaller than the matching point
+					 */
+					ctx->path_match = 0;
+				lejp_check_path_match(ctx);
+				if (ctx->callback(ctx, LEJPCB_OBJECT_END)) {
+					ret = LEJP_REJECT_CALLBACK;
+					goto reject;
+				}
+				break;
+			}
+
+			ret = LEJP_REJECT_MP_C_OR_E_NEITHER;
+			goto reject;
+
+		case LEJP_MP_ARRAY_END:
+			ctx->path[ctx->ppos] = '\0';
+			if (c == ',') {
+				/* increment this stack level's index */
+				if (ctx->ipos)
+					ctx->i[ctx->ipos - 1]++;
+				ctx->st[ctx->sp].s = LEJP_MP_VALUE;
+				if (ctx->sp)
+					ctx->ppos = ctx->st[ctx->sp - 1].p;
+				ctx->path[ctx->ppos] = '\0';
+				break;
+			}
+			if (c != ']') {
+				ret = LEJP_REJECT_MP_ARRAY_END_MISSING;
+				goto reject;
+			}
+
+			ctx->st[ctx->sp].s = LEJP_MP_COMMA_OR_END;
+			ctx->callback(ctx, LEJPCB_ARRAY_END);
+			break;
+		}
+
+		continue;
+
+emit_string_char:
+		if (!ctx->sp || ctx->st[ctx->sp - 1].s != LEJP_MP_DELIM) {
+			/* assemble the string value into chunks */
+			ctx->buf[ctx->npos++] = c;
+			if (ctx->npos == sizeof(ctx->buf) - 1) {
+				if (ctx->callback(ctx, LEJPCB_VAL_STR_CHUNK)) {
+					ret = LEJP_REJECT_CALLBACK;
+					goto reject;
+				}
+				ctx->npos = 0;
+			}
+			continue;
+		}
+		/* name part of name:value pair */
+		ctx->path[ctx->ppos++] = c;
+		continue;
+
+add_stack_level:
+		/* push on to the object stack */
+		if (ctx->ppos && ctx->st[ctx->sp].s != LEJP_MP_COMMA_OR_END &&
+				ctx->st[ctx->sp].s != LEJP_MP_ARRAY_END)
+			ctx->path[ctx->ppos++] = '.';
+
+		ctx->st[ctx->sp].p = ctx->ppos;
+		ctx->st[ctx->sp].i = ctx->ipos;
+		if (++ctx->sp == ARRAY_SIZE(ctx->st)) {
+			ret = LEJP_REJECT_STACK_OVERFLOW;
+			goto reject;
+		}
+		ctx->path[ctx->ppos] = '\0';
+		ctx->st[ctx->sp].s = c;
+		ctx->st[ctx->sp].b = 0;
+		continue;
+
+append_npos:
+		if (ctx->npos >= sizeof(ctx->buf)) {
+			ret = LEJP_REJECT_NUM_TOO_LONG;
+			goto reject;
+		}
+		ctx->buf[ctx->npos++] = c;
+		continue;
+
+redo_character:
+		json--;
+		len++;
+	}
+
+	return LEJP_CONTINUE;
+
+reject:
+	ctx->callback(ctx, LEJPCB_FAILED);
+	return ret;
+}
diff --git a/thirdparty/lws/misc/lejp.h b/thirdparty/lws/misc/lejp.h
new file mode 100644
index 0000000000..0b37bb3e42
--- /dev/null
+++ b/thirdparty/lws/misc/lejp.h
@@ -0,0 +1,232 @@
+#include "libwebsockets.h"
+struct lejp_ctx;
+
+#ifndef ARRAY_SIZE
+#define ARRAY_SIZE(_x) (sizeof(_x) / sizeof(_x[0]))
+#endif
+#define LEJP_FLAG_WS_KEEP 64
+#define LEJP_FLAG_WS_COMMENTLINE 32
+
+enum lejp_states {
+	LEJP_IDLE = 0,
+	LEJP_MEMBERS = 1,
+	LEJP_M_P = 2,
+	LEJP_MP_STRING = LEJP_FLAG_WS_KEEP | 3,
+	LEJP_MP_STRING_ESC = LEJP_FLAG_WS_KEEP | 4,
+	LEJP_MP_STRING_ESC_U1 = LEJP_FLAG_WS_KEEP | 5,
+	LEJP_MP_STRING_ESC_U2 = LEJP_FLAG_WS_KEEP | 6,
+	LEJP_MP_STRING_ESC_U3 = LEJP_FLAG_WS_KEEP | 7,
+	LEJP_MP_STRING_ESC_U4 = LEJP_FLAG_WS_KEEP | 8,
+	LEJP_MP_DELIM = 9,
+	LEJP_MP_VALUE = 10,
+	LEJP_MP_VALUE_NUM_INT = LEJP_FLAG_WS_KEEP | 11,
+	LEJP_MP_VALUE_NUM_EXP = LEJP_FLAG_WS_KEEP | 12,
+	LEJP_MP_VALUE_TOK = LEJP_FLAG_WS_KEEP | 13,
+	LEJP_MP_COMMA_OR_END = 14,
+	LEJP_MP_ARRAY_END = 15,
+};
+
+enum lejp_reasons {
+	LEJP_CONTINUE = -1,
+	LEJP_REJECT_IDLE_NO_BRACE = -2,
+	LEJP_REJECT_MEMBERS_NO_CLOSE = -3,
+	LEJP_REJECT_MP_NO_OPEN_QUOTE = -4,
+	LEJP_REJECT_MP_STRING_UNDERRUN = -5,
+	LEJP_REJECT_MP_ILLEGAL_CTRL = -6,
+	LEJP_REJECT_MP_STRING_ESC_ILLEGAL_ESC = -7,
+	LEJP_REJECT_ILLEGAL_HEX = -8,
+	LEJP_REJECT_MP_DELIM_MISSING_COLON = -9,
+	LEJP_REJECT_MP_DELIM_BAD_VALUE_START = -10,
+	LEJP_REJECT_MP_VAL_NUM_INT_NO_FRAC = -11,
+	LEJP_REJECT_MP_VAL_NUM_FORMAT = -12,
+	LEJP_REJECT_MP_VAL_NUM_EXP_BAD_EXP = -13,
+	LEJP_REJECT_MP_VAL_TOK_UNKNOWN = -14,
+	LEJP_REJECT_MP_C_OR_E_UNDERF = -15,
+	LEJP_REJECT_MP_C_OR_E_NOTARRAY = -16,
+	LEJP_REJECT_MP_ARRAY_END_MISSING = -17,
+	LEJP_REJECT_STACK_OVERFLOW = -18,
+	LEJP_REJECT_MP_DELIM_ISTACK = -19,
+	LEJP_REJECT_NUM_TOO_LONG = -20,
+	LEJP_REJECT_MP_C_OR_E_NEITHER = -21,
+	LEJP_REJECT_UNKNOWN = -22,
+	LEJP_REJECT_CALLBACK = -23
+};
+
+#define LEJP_FLAG_CB_IS_VALUE 64
+
+enum lejp_callbacks {
+	LEJPCB_CONSTRUCTED	= 0,
+	LEJPCB_DESTRUCTED	= 1,
+
+	LEJPCB_START		= 2,
+	LEJPCB_COMPLETE		= 3,
+	LEJPCB_FAILED		= 4,
+
+	LEJPCB_PAIR_NAME	= 5,
+
+	LEJPCB_VAL_TRUE		= LEJP_FLAG_CB_IS_VALUE | 6,
+	LEJPCB_VAL_FALSE	= LEJP_FLAG_CB_IS_VALUE | 7,
+	LEJPCB_VAL_NULL		= LEJP_FLAG_CB_IS_VALUE | 8,
+	LEJPCB_VAL_NUM_INT	= LEJP_FLAG_CB_IS_VALUE | 9,
+	LEJPCB_VAL_NUM_FLOAT	= LEJP_FLAG_CB_IS_VALUE | 10,
+	LEJPCB_VAL_STR_START	= 11, /* notice handle separately */
+	LEJPCB_VAL_STR_CHUNK	= LEJP_FLAG_CB_IS_VALUE | 12,
+	LEJPCB_VAL_STR_END	= LEJP_FLAG_CB_IS_VALUE | 13,
+
+	LEJPCB_ARRAY_START	= 14,
+	LEJPCB_ARRAY_END	= 15,
+
+	LEJPCB_OBJECT_START	= 16,
+	LEJPCB_OBJECT_END	= 17
+};
+
+/**
+ * _lejp_callback() - User parser actions
+ * \param ctx:	LEJP context
+ * \param reason:	Callback reason
+ *
+ *	Your user callback is associated with the context at construction time,
+ *	and receives calls as the parsing progresses.
+ *
+ *	All of the callbacks may be ignored and just return 0.
+ *
+ *	The reasons it might get called, found in @reason, are:
+ *
+ *  LEJPCB_CONSTRUCTED:  The context was just constructed... you might want to
+ *		perform one-time allocation for the life of the context.
+ *
+ *  LEJPCB_DESTRUCTED:	The context is being destructed... if you made any
+ *		allocations at construction-time, you can free them now
+ *
+ *  LEJPCB_START:	Parsing is beginning at the first byte of input
+ *
+ *  LEJPCB_COMPLETE:	Parsing has completed successfully.  You'll get a 0 or
+ *			positive return code from lejp_parse indicating the
+ *			amount of unused bytes left in the input buffer
+ *
+ *  LEJPCB_FAILED:	Parsing failed.  You'll get a negative error code
+ *  			returned from lejp_parse
+ *
+ *  LEJPCB_PAIR_NAME:	When a "name":"value" pair has had the name parsed,
+ *			this callback occurs.  You can find the new name at
+ *			the end of ctx->path[]
+ *
+ *  LEJPCB_VAL_TRUE:	The "true" value appeared
+ *
+ *  LEJPCB_VAL_FALSE:	The "false" value appeared
+ *
+ *  LEJPCB_VAL_NULL:	The "null" value appeared
+ *
+ *  LEJPCB_VAL_NUM_INT:	A string representing an integer is in ctx->buf
+ *
+ *  LEJPCB_VAL_NUM_FLOAT: A string representing a float is in ctx->buf
+ *
+ *  LEJPCB_VAL_STR_START: We are starting to parse a string, no data yet
+ *
+ *  LEJPCB_VAL_STR_CHUNK: We parsed LEJP_STRING_CHUNK -1 bytes of string data in
+ *			ctx->buf, which is as much as we can buffer, so we are
+ *			spilling it.  If all your strings are less than
+ *			LEJP_STRING_CHUNK - 1 bytes, you will never see this
+ *			callback.
+ *
+ *  LEJPCB_VAL_STR_END:	String parsing has completed, the last chunk of the
+ *			string is in ctx->buf.
+ *
+ *  LEJPCB_ARRAY_START:	An array started
+ *
+ *  LEJPCB_ARRAY_END:	An array ended
+ *
+ *  LEJPCB_OBJECT_START: An object started
+ *
+ *  LEJPCB_OBJECT_END:	An object ended
+ */
+LWS_EXTERN signed char _lejp_callback(struct lejp_ctx *ctx, char reason);
+
+typedef signed char (*lejp_callback)(struct lejp_ctx *ctx, char reason);
+
+#ifndef LEJP_MAX_DEPTH
+#define LEJP_MAX_DEPTH 12
+#endif
+#ifndef LEJP_MAX_INDEX_DEPTH
+#define LEJP_MAX_INDEX_DEPTH 5
+#endif
+#ifndef LEJP_MAX_PATH
+#define LEJP_MAX_PATH 128
+#endif
+#ifndef LEJP_STRING_CHUNK
+/* must be >= 30 to assemble floats */
+#define LEJP_STRING_CHUNK 255
+#endif
+
+enum num_flags {
+	LEJP_SEEN_MINUS = (1 << 0),
+	LEJP_SEEN_POINT = (1 << 1),
+	LEJP_SEEN_POST_POINT = (1 << 2),
+	LEJP_SEEN_EXP = (1 << 3)
+};
+
+struct _lejp_stack {
+	char s; /* lejp_state stack*/
+	char p;	/* path length */
+	char i; /* index array length */
+	char b; /* user bitfield */
+};
+
+struct lejp_ctx {
+
+	/* sorted by type for most compact alignment
+	 *
+	 * pointers
+	 */
+
+	signed char (*callback)(struct lejp_ctx *ctx, char reason);
+	void *user;
+	const char * const *paths;
+
+	/* arrays */
+
+	struct _lejp_stack st[LEJP_MAX_DEPTH];
+	unsigned short i[LEJP_MAX_INDEX_DEPTH]; /* index array */
+	unsigned short wild[LEJP_MAX_INDEX_DEPTH]; /* index array */
+	char path[LEJP_MAX_PATH];
+	char buf[LEJP_STRING_CHUNK];
+
+	/* int */
+
+	unsigned int line;
+
+	/* short */
+
+	unsigned short uni;
+
+	/* char */
+
+	unsigned char npos;
+	unsigned char dcount;
+	unsigned char f;
+	unsigned char sp; /* stack head */
+	unsigned char ipos; /* index stack depth */
+	unsigned char ppos;
+	unsigned char count_paths;
+	unsigned char path_match;
+	unsigned char path_match_len;
+	unsigned char wildcount;
+};
+
+LWS_VISIBLE LWS_EXTERN void
+lejp_construct(struct lejp_ctx *ctx,
+	       signed char (*callback)(struct lejp_ctx *ctx, char reason),
+	       void *user, const char * const *paths, unsigned char paths_count);
+
+LWS_VISIBLE LWS_EXTERN void
+lejp_destruct(struct lejp_ctx *ctx);
+
+LWS_VISIBLE LWS_EXTERN int
+lejp_parse(struct lejp_ctx *ctx, const unsigned char *json, int len);
+
+LWS_VISIBLE LWS_EXTERN void
+lejp_change_callback(struct lejp_ctx *ctx,
+		     signed char (*callback)(struct lejp_ctx *ctx, char reason));
+
+LWS_VISIBLE LWS_EXTERN int
+lejp_get_wildcard(struct lejp_ctx *ctx, int wildcard, char *dest, int len);
diff --git a/thirdparty/lws/misc/sha-1.c b/thirdparty/lws/misc/sha-1.c
new file mode 100644
index 0000000000..9353fbefe4
--- /dev/null
+++ b/thirdparty/lws/misc/sha-1.c
@@ -0,0 +1,300 @@
+/*
+ * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the project nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+/*
+ * FIPS pub 180-1: Secure Hash Algorithm (SHA-1)
+ * based on: http://csrc.nist.gov/fips/fip180-1.txt
+ * implemented by Jun-ichiro itojun Itoh <itojun@itojun.org>
+ */
+
+#include "private-libwebsockets.h"
+
+#ifdef LWS_HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+
+struct sha1_ctxt {
+	union {
+		unsigned char		b8[20];
+		unsigned int		b32[5];
+	} h;
+	union {
+		unsigned char		b8[8];
+		u_int64_t		b64[1];
+	} c;
+	union {
+		unsigned char		b8[64];
+		unsigned int		b32[16];
+	} m;
+	unsigned char			count;
+};
+
+/* sanity check */
+#if !defined(BYTE_ORDER) || !defined(LITTLE_ENDIAN) || !defined(BIG_ENDIAN)
+# define unsupported 1
+#elif BYTE_ORDER != BIG_ENDIAN
+# if BYTE_ORDER != LITTLE_ENDIAN
+#  define unsupported 1
+# endif
+#endif
+
+#ifndef unsupported
+
+/* constant table */
+static const unsigned int _K[] =
+			{ 0x5a827999, 0x6ed9eba1, 0x8f1bbcdc, 0xca62c1d6 };
+#define	K(t)	_K[(t) / 20]
+
+#define	F0(b, c, d)	(((b) & (c)) | ((~(b)) & (d)))
+#define	F1(b, c, d)	(((b) ^ (c)) ^ (d))
+#define	F2(b, c, d)	(((b) & (c)) | ((b) & (d)) | ((c) & (d)))
+#define	F3(b, c, d)	(((b) ^ (c)) ^ (d))
+
+#define	S(n, x)		(((x) << (n)) | ((x) >> (32 - n)))
+
+#define	H(n)	(ctxt->h.b32[(n)])
+#define	COUNT	(ctxt->count)
+#define	BCOUNT	(ctxt->c.b64[0] / 8)
+#define	W(n)	(ctxt->m.b32[(n)])
+
+#define	PUTBYTE(x)	{ \
+	ctxt->m.b8[(COUNT % 64)] = (x);		\
+	COUNT++;				\
+	COUNT %= 64;				\
+	ctxt->c.b64[0] += 8;			\
+	if (COUNT % 64 == 0)			\
+		sha1_step(ctxt);		\
+	}
+
+#define	PUTPAD(x)	{ \
+	ctxt->m.b8[(COUNT % 64)] = (x);		\
+	COUNT++;				\
+	COUNT %= 64;				\
+	if (COUNT % 64 == 0)			\
+		sha1_step(ctxt);		\
+	}
+
+
+static void
+sha1_step(struct sha1_ctxt *ctxt)
+{
+	unsigned int	a, b, c, d, e, tmp;
+	size_t t, s;
+
+#if BYTE_ORDER == LITTLE_ENDIAN
+	struct sha1_ctxt tctxt;
+
+	memcpy(&tctxt.m.b8[0], &ctxt->m.b8[0], 64);
+	ctxt->m.b8[0] = tctxt.m.b8[3]; ctxt->m.b8[1] = tctxt.m.b8[2];
+	ctxt->m.b8[2] = tctxt.m.b8[1]; ctxt->m.b8[3] = tctxt.m.b8[0];
+	ctxt->m.b8[4] = tctxt.m.b8[7]; ctxt->m.b8[5] = tctxt.m.b8[6];
+	ctxt->m.b8[6] = tctxt.m.b8[5]; ctxt->m.b8[7] = tctxt.m.b8[4];
+	ctxt->m.b8[8] = tctxt.m.b8[11]; ctxt->m.b8[9] = tctxt.m.b8[10];
+	ctxt->m.b8[10] = tctxt.m.b8[9]; ctxt->m.b8[11] = tctxt.m.b8[8];
+	ctxt->m.b8[12] = tctxt.m.b8[15]; ctxt->m.b8[13] = tctxt.m.b8[14];
+	ctxt->m.b8[14] = tctxt.m.b8[13]; ctxt->m.b8[15] = tctxt.m.b8[12];
+	ctxt->m.b8[16] = tctxt.m.b8[19]; ctxt->m.b8[17] = tctxt.m.b8[18];
+	ctxt->m.b8[18] = tctxt.m.b8[17]; ctxt->m.b8[19] = tctxt.m.b8[16];
+	ctxt->m.b8[20] = tctxt.m.b8[23]; ctxt->m.b8[21] = tctxt.m.b8[22];
+	ctxt->m.b8[22] = tctxt.m.b8[21]; ctxt->m.b8[23] = tctxt.m.b8[20];
+	ctxt->m.b8[24] = tctxt.m.b8[27]; ctxt->m.b8[25] = tctxt.m.b8[26];
+	ctxt->m.b8[26] = tctxt.m.b8[25]; ctxt->m.b8[27] = tctxt.m.b8[24];
+	ctxt->m.b8[28] = tctxt.m.b8[31]; ctxt->m.b8[29] = tctxt.m.b8[30];
+	ctxt->m.b8[30] = tctxt.m.b8[29]; ctxt->m.b8[31] = tctxt.m.b8[28];
+	ctxt->m.b8[32] = tctxt.m.b8[35]; ctxt->m.b8[33] = tctxt.m.b8[34];
+	ctxt->m.b8[34] = tctxt.m.b8[33]; ctxt->m.b8[35] = tctxt.m.b8[32];
+	ctxt->m.b8[36] = tctxt.m.b8[39]; ctxt->m.b8[37] = tctxt.m.b8[38];
+	ctxt->m.b8[38] = tctxt.m.b8[37]; ctxt->m.b8[39] = tctxt.m.b8[36];
+	ctxt->m.b8[40] = tctxt.m.b8[43]; ctxt->m.b8[41] = tctxt.m.b8[42];
+	ctxt->m.b8[42] = tctxt.m.b8[41]; ctxt->m.b8[43] = tctxt.m.b8[40];
+	ctxt->m.b8[44] = tctxt.m.b8[47]; ctxt->m.b8[45] = tctxt.m.b8[46];
+	ctxt->m.b8[46] = tctxt.m.b8[45]; ctxt->m.b8[47] = tctxt.m.b8[44];
+	ctxt->m.b8[48] = tctxt.m.b8[51]; ctxt->m.b8[49] = tctxt.m.b8[50];
+	ctxt->m.b8[50] = tctxt.m.b8[49]; ctxt->m.b8[51] = tctxt.m.b8[48];
+	ctxt->m.b8[52] = tctxt.m.b8[55]; ctxt->m.b8[53] = tctxt.m.b8[54];
+	ctxt->m.b8[54] = tctxt.m.b8[53]; ctxt->m.b8[55] = tctxt.m.b8[52];
+	ctxt->m.b8[56] = tctxt.m.b8[59]; ctxt->m.b8[57] = tctxt.m.b8[58];
+	ctxt->m.b8[58] = tctxt.m.b8[57]; ctxt->m.b8[59] = tctxt.m.b8[56];
+	ctxt->m.b8[60] = tctxt.m.b8[63]; ctxt->m.b8[61] = tctxt.m.b8[62];
+	ctxt->m.b8[62] = tctxt.m.b8[61]; ctxt->m.b8[63] = tctxt.m.b8[60];
+#endif
+
+	a = H(0); b = H(1); c = H(2); d = H(3); e = H(4);
+
+	for (t = 0; t < 20; t++) {
+		s = t & 0x0f;
+		if (t >= 16)
+			W(s) = S(1, W((s+13) & 0x0f) ^ W((s+8) & 0x0f) ^
+							W((s+2) & 0x0f) ^ W(s));
+
+		tmp = S(5, a) + F0(b, c, d) + e + W(s) + K(t);
+		e = d; d = c; c = S(30, b); b = a; a = tmp;
+	}
+	for (t = 20; t < 40; t++) {
+		s = t & 0x0f;
+		W(s) = S(1, W((s+13) & 0x0f) ^ W((s+8) & 0x0f) ^
+							W((s+2) & 0x0f) ^ W(s));
+		tmp = S(5, a) + F1(b, c, d) + e + W(s) + K(t);
+		e = d; d = c; c = S(30, b); b = a; a = tmp;
+	}
+	for (t = 40; t < 60; t++) {
+		s = t & 0x0f;
+		W(s) = S(1, W((s+13) & 0x0f) ^ W((s+8) & 0x0f) ^
+							W((s+2) & 0x0f) ^ W(s));
+		tmp = S(5, a) + F2(b, c, d) + e + W(s) + K(t);
+		e = d; d = c; c = S(30, b); b = a; a = tmp;
+	}
+	for (t = 60; t < 80; t++) {
+		s = t & 0x0f;
+		W(s) = S(1, W((s+13) & 0x0f) ^ W((s+8) & 0x0f) ^
+							W((s+2) & 0x0f) ^ W(s));
+		tmp = S(5, a) + F3(b, c, d) + e + W(s) + K(t);
+		e = d; d = c; c = S(30, b); b = a; a = tmp;
+	}
+
+	H(0) = H(0) + a;
+	H(1) = H(1) + b;
+	H(2) = H(2) + c;
+	H(3) = H(3) + d;
+	H(4) = H(4) + e;
+
+	bzero(&ctxt->m.b8[0], 64);
+}
+
+/*------------------------------------------------------------*/
+
+static void
+_sha1_init(struct sha1_ctxt *ctxt)
+{
+	bzero(ctxt, sizeof(struct sha1_ctxt));
+	H(0) = 0x67452301;
+	H(1) = 0xefcdab89;
+	H(2) = 0x98badcfe;
+	H(3) = 0x10325476;
+	H(4) = 0xc3d2e1f0;
+}
+
+void
+sha1_pad(struct sha1_ctxt *ctxt)
+{
+	size_t padlen;		/*pad length in bytes*/
+	size_t padstart;
+
+	PUTPAD(0x80);
+
+	padstart = COUNT % 64;
+	padlen = 64 - padstart;
+	if (padlen < 8) {
+		bzero(&ctxt->m.b8[padstart], padlen);
+		COUNT += (unsigned char)padlen;
+		COUNT %= 64;
+		sha1_step(ctxt);
+		padstart = COUNT % 64;	/* should be 0 */
+		padlen = 64 - padstart;	/* should be 64 */
+	}
+	bzero(&ctxt->m.b8[padstart], padlen - 8);
+	COUNT += ((unsigned char)padlen - 8);
+	COUNT %= 64;
+#if BYTE_ORDER == BIG_ENDIAN
+	PUTPAD(ctxt->c.b8[0]); PUTPAD(ctxt->c.b8[1]);
+	PUTPAD(ctxt->c.b8[2]); PUTPAD(ctxt->c.b8[3]);
+	PUTPAD(ctxt->c.b8[4]); PUTPAD(ctxt->c.b8[5]);
+	PUTPAD(ctxt->c.b8[6]); PUTPAD(ctxt->c.b8[7]);
+#else
+	PUTPAD(ctxt->c.b8[7]); PUTPAD(ctxt->c.b8[6]);
+	PUTPAD(ctxt->c.b8[5]); PUTPAD(ctxt->c.b8[4]);
+	PUTPAD(ctxt->c.b8[3]); PUTPAD(ctxt->c.b8[2]);
+	PUTPAD(ctxt->c.b8[1]); PUTPAD(ctxt->c.b8[0]);
+#endif
+}
+
+void
+sha1_loop(struct sha1_ctxt *ctxt, const unsigned char *input, size_t len)
+{
+	size_t gaplen;
+	size_t gapstart;
+	size_t off;
+	size_t copysiz;
+
+	off = 0;
+
+	while (off < len) {
+		gapstart = COUNT % 64;
+		gaplen = 64 - gapstart;
+
+		copysiz = (gaplen < len - off) ? gaplen : len - off;
+		memcpy(&ctxt->m.b8[gapstart], &input[off], copysiz);
+		COUNT += (unsigned char)copysiz;
+		COUNT %= 64;
+		ctxt->c.b64[0] += copysiz * 8;
+		if (COUNT % 64 == 0)
+			sha1_step(ctxt);
+		off += copysiz;
+	}
+}
+
+void
+sha1_result(struct sha1_ctxt *ctxt, void *digest0)
+{
+	unsigned char *digest;
+
+	digest = (unsigned char *)digest0;
+	sha1_pad(ctxt);
+#if BYTE_ORDER == BIG_ENDIAN
+	memcpy(digest, &ctxt->h.b8[0], 20);
+#else
+	digest[0] = ctxt->h.b8[3]; digest[1] = ctxt->h.b8[2];
+	digest[2] = ctxt->h.b8[1]; digest[3] = ctxt->h.b8[0];
+	digest[4] = ctxt->h.b8[7]; digest[5] = ctxt->h.b8[6];
+	digest[6] = ctxt->h.b8[5]; digest[7] = ctxt->h.b8[4];
+	digest[8] = ctxt->h.b8[11]; digest[9] = ctxt->h.b8[10];
+	digest[10] = ctxt->h.b8[9]; digest[11] = ctxt->h.b8[8];
+	digest[12] = ctxt->h.b8[15]; digest[13] = ctxt->h.b8[14];
+	digest[14] = ctxt->h.b8[13]; digest[15] = ctxt->h.b8[12];
+	digest[16] = ctxt->h.b8[19]; digest[17] = ctxt->h.b8[18];
+	digest[18] = ctxt->h.b8[17]; digest[19] = ctxt->h.b8[16];
+#endif
+}
+
+/*
+ * This should look and work like the libcrypto implementation
+ */
+
+LWS_VISIBLE unsigned char *
+lws_SHA1(const unsigned char *d, size_t n, unsigned char *md)
+{
+	struct sha1_ctxt ctx;
+
+	_sha1_init(&ctx);
+	sha1_loop(&ctx, d, n);
+	sha1_result(&ctx, (void *)md);
+
+	return md;
+}
+
+#endif /*unsupported*/
diff --git a/thirdparty/lws/output.c b/thirdparty/lws/output.c
new file mode 100644
index 0000000000..ed4752490e
--- /dev/null
+++ b/thirdparty/lws/output.c
@@ -0,0 +1,877 @@
+/*
+ * libwebsockets - small server side websockets and web server implementation
+ *
+ * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com>
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation:
+ *  version 2.1 of the License.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA  02110-1301  USA
+ */
+
+#include "private-libwebsockets.h"
+
+static int
+lws_0405_frame_mask_generate(struct lws *wsi)
+{
+#if 0
+	wsi->u.ws.mask[0] = 0;
+	wsi->u.ws.mask[1] = 0;
+	wsi->u.ws.mask[2] = 0;
+	wsi->u.ws.mask[3] = 0;
+#else
+	int n;
+	/* fetch the per-frame nonce */
+
+	n = lws_get_random(lws_get_context(wsi), wsi->u.ws.mask, 4);
+	if (n != 4) {
+		lwsl_parser("Unable to read from random device %s %d\n",
+			    SYSTEM_RANDOM_FILEPATH, n);
+		return 1;
+	}
+#endif
+	/* start masking from first byte of masking key buffer */
+	wsi->u.ws.mask_idx = 0;
+
+	return 0;
+}
+
+/*
+ * notice this returns number of bytes consumed, or -1
+ */
+int lws_issue_raw(struct lws *wsi, unsigned char *buf, size_t len)
+{
+	struct lws_context *context = lws_get_context(wsi);
+	struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
+	size_t real_len = len;
+	unsigned int n;
+	int m;
+
+	lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_API_WRITE, 1);
+
+	if (!len)
+		return 0;
+	/* just ignore sends after we cleared the truncation buffer */
+	if (wsi->state == LWSS_FLUSHING_STORED_SEND_BEFORE_CLOSE &&
+	    !wsi->trunc_len)
+		return len;
+
+	if (wsi->trunc_len && (buf < wsi->trunc_alloc ||
+	    buf > (wsi->trunc_alloc + wsi->trunc_len + wsi->trunc_offset))) {
+		char dump[20];
+		strncpy(dump, (char *)buf, sizeof(dump) - 1);
+		dump[sizeof(dump) - 1] = '\0';
+#if defined(LWS_WITH_ESP8266)
+		lwsl_err("****** %p: Sending new %lu (%s), pending truncated ...\n",
+			 wsi, (unsigned long)len, dump);
+#else
+		lwsl_err("****** %p: Sending new %lu (%s), pending truncated ...\n"
+			 "       It's illegal to do an lws_write outside of\n"
+			 "       the writable callback: fix your code\n",
+			 wsi, (unsigned long)len, dump);
+#endif
+		assert(0);
+
+		return -1;
+	}
+
+	m = lws_ext_cb_active(wsi, LWS_EXT_CB_PACKET_TX_DO_SEND, &buf, len);
+	if (m < 0)
+		return -1;
+	if (m) /* handled */ {
+		n = m;
+		goto handle_truncated_send;
+	}
+
+	if (!wsi->http2_substream && !lws_socket_is_valid(wsi->desc.sockfd))
+		lwsl_warn("** error invalid sock but expected to send\n");
+
+	/* limit sending */
+	if (wsi->protocol->tx_packet_size)
+		n = wsi->protocol->tx_packet_size;
+	else {
+		n = wsi->protocol->rx_buffer_size;
+		if (!n)
+			n = context->pt_serv_buf_size;
+	}
+	n += LWS_PRE + 4;
+	if (n > len)
+		n = len;
+#if defined(LWS_WITH_ESP8266)	
+	if (wsi->pending_send_completion) {
+		n = 0;
+		goto handle_truncated_send;
+	}
+#endif
+
+	/* nope, send it on the socket directly */
+	lws_latency_pre(context, wsi);
+	n = lws_ssl_capable_write(wsi, buf, n);
+	lws_latency(context, wsi, "send lws_issue_raw", n, n == len);
+
+	switch (n) {
+	case LWS_SSL_CAPABLE_ERROR:
+		/* we're going to close, let close know sends aren't possible */
+		wsi->socket_is_permanently_unusable = 1;
+		return -1;
+	case LWS_SSL_CAPABLE_MORE_SERVICE:
+		/* nothing got sent, not fatal, retry the whole thing later */
+		n = 0;
+		break;
+	}
+
+handle_truncated_send:
+	/*
+	 * we were already handling a truncated send?
+	 */
+	if (wsi->trunc_len) {
+		lwsl_info("%p partial adv %d (vs %ld)\n", wsi, n, (long)real_len);
+		wsi->trunc_offset += n;
+		wsi->trunc_len -= n;
+
+		if (!wsi->trunc_len) {
+			lwsl_info("***** %p partial send completed\n", wsi);
+			/* done with it, but don't free it */
+			n = real_len;
+			if (wsi->state == LWSS_FLUSHING_STORED_SEND_BEFORE_CLOSE) {
+				lwsl_info("***** %p signalling to close now\n", wsi);
+				return -1; /* retry closing now */
+			}
+		}
+		/* always callback on writeable */
+		lws_callback_on_writable(wsi);
+
+		return n;
+	}
+
+	if ((unsigned int)n == real_len)
+		/* what we just sent went out cleanly */
+		return n;
+
+	/*
+	 * Newly truncated send.  Buffer the remainder (it will get
+	 * first priority next time the socket is writable)
+	 */
+	lwsl_debug("%p new partial sent %d from %lu total\n", wsi, n,
+		    (unsigned long)real_len);
+
+	lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_WRITE_PARTIALS, 1);
+	lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_B_PARTIALS_ACCEPTED_PARTS, n);
+
+	/*
+	 *  - if we still have a suitable malloc lying around, use it
+	 *  - or, if too small, reallocate it
+	 *  - or, if no buffer, create it
+	 */
+	if (!wsi->trunc_alloc || real_len - n > wsi->trunc_alloc_len) {
+		lws_free(wsi->trunc_alloc);
+
+		wsi->trunc_alloc_len = real_len - n;
+		wsi->trunc_alloc = lws_malloc(real_len - n, "truncated send alloc");
+		if (!wsi->trunc_alloc) {
+			lwsl_err("truncated send: unable to malloc %lu\n",
+				 (unsigned long)(real_len - n));
+			return -1;
+		}
+	}
+	wsi->trunc_offset = 0;
+	wsi->trunc_len = real_len - n;
+	memcpy(wsi->trunc_alloc, buf + n, real_len - n);
+
+	/* since something buffered, force it to get another chance to send */
+	lws_callback_on_writable(wsi);
+
+	return real_len;
+}
+
+LWS_VISIBLE int lws_write(struct lws *wsi, unsigned char *buf, size_t len,
+			  enum lws_write_protocol wp)
+{
+	struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
+	int masked7 = (wsi->mode == LWSCM_WS_CLIENT);
+	unsigned char is_masked_bit = 0;
+	unsigned char *dropmask = NULL;
+	struct lws_tokens eff_buf;
+	size_t orig_len = len;
+	int pre = 0, n;
+
+	if (wsi->parent_carries_io) {
+		struct lws_write_passthru pas;
+
+		pas.buf = buf;
+		pas.len = len;
+		pas.wp = wp;
+		pas.wsi = wsi;
+
+		if (wsi->parent->protocol->callback(wsi->parent,
+				LWS_CALLBACK_CHILD_WRITE_VIA_PARENT,
+				wsi->parent->user_space,
+				(void *)&pas, 0))
+			return 1;
+
+		return len;
+	}
+
+	lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_API_LWS_WRITE, 1);
+
+	if ((int)len < 0) {
+		lwsl_err("%s: suspicious len int %d, ulong %lu\n", __func__,
+				(int)len, (unsigned long)len);
+		return -1;
+	}
+
+	lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_B_WRITE, len);
+
+#ifdef LWS_WITH_ACCESS_LOG
+	wsi->access_log.sent += len;
+#endif
+	if (wsi->vhost)
+		wsi->vhost->conn_stats.tx += len;
+
+	if (wsi->state == LWSS_ESTABLISHED && wsi->u.ws.tx_draining_ext) {
+		/* remove us from the list */
+		struct lws **w = &pt->tx_draining_ext_list;
+
+		wsi->u.ws.tx_draining_ext = 0;
+		/* remove us from context draining ext list */
+		while (*w) {
+			if (*w == wsi) {
+				*w = wsi->u.ws.tx_draining_ext_list;
+				break;
+			}
+			w = &((*w)->u.ws.tx_draining_ext_list);
+		}
+		wsi->u.ws.tx_draining_ext_list = NULL;
+		wp = (wsi->u.ws.tx_draining_stashed_wp & 0xc0) |
+				LWS_WRITE_CONTINUATION;
+
+		lwsl_ext("FORCED draining wp to 0x%02X\n", wp);
+	}
+
+	lws_restart_ws_ping_pong_timer(wsi);
+
+	if ((wp & 0x1f) == LWS_WRITE_HTTP ||
+	    (wp & 0x1f) == LWS_WRITE_HTTP_FINAL ||
+	    (wp & 0x1f) == LWS_WRITE_HTTP_HEADERS_CONTINUATION ||
+	    (wp & 0x1f) == LWS_WRITE_HTTP_HEADERS)
+		goto send_raw;
+
+	/* if not in a state to send stuff, then just send nothing */
+
+	if (wsi->state != LWSS_ESTABLISHED &&
+	    ((wsi->state != LWSS_RETURNED_CLOSE_ALREADY &&
+	      wsi->state != LWSS_AWAITING_CLOSE_ACK) ||
+			    wp != LWS_WRITE_CLOSE))
+		return 0;
+
+	/* if we are continuing a frame that already had its header done */
+
+	if (wsi->u.ws.inside_frame) {
+		lwsl_debug("INSIDE FRAME\n");
+		goto do_more_inside_frame;
+	}
+
+	wsi->u.ws.clean_buffer = 1;
+
+	/*
+	 * give a chance to the extensions to modify payload
+	 * the extension may decide to produce unlimited payload erratically
+	 * (eg, compression extension), so we require only that if he produces
+	 * something, it will be a complete fragment of the length known at
+	 * the time (just the fragment length known), and if he has
+	 * more we will come back next time he is writeable and allow him to
+	 * produce more fragments until he's drained.
+	 *
+	 * This allows what is sent each time it is writeable to be limited to
+	 * a size that can be sent without partial sends or blocking, allows
+	 * interleaving of control frames and other connection service.
+	 */
+	eff_buf.token = (char *)buf;
+	eff_buf.token_len = len;
+
+	switch ((int)wp) {
+	case LWS_WRITE_PING:
+	case LWS_WRITE_PONG:
+	case LWS_WRITE_CLOSE:
+		break;
+	default:
+		lwsl_debug("LWS_EXT_CB_PAYLOAD_TX\n");
+		n = lws_ext_cb_active(wsi, LWS_EXT_CB_PAYLOAD_TX, &eff_buf, wp);
+		if (n < 0)
+			return -1;
+
+		if (n && eff_buf.token_len) {
+			lwsl_debug("drain len %d\n", (int)eff_buf.token_len);
+			/* extension requires further draining */
+			wsi->u.ws.tx_draining_ext = 1;
+			wsi->u.ws.tx_draining_ext_list = pt->tx_draining_ext_list;
+			pt->tx_draining_ext_list = wsi;
+			/* we must come back to do more */
+			lws_callback_on_writable(wsi);
+			/*
+			 * keep a copy of the write type for the overall
+			 * action that has provoked generation of these
+			 * fragments, so the last guy can use its FIN state.
+			 */
+			wsi->u.ws.tx_draining_stashed_wp = wp;
+			/* this is definitely not actually the last fragment
+			 * because the extension asserted he has more coming
+			 * So make sure this intermediate one doesn't go out
+			 * with a FIN.
+			 */
+			wp |= LWS_WRITE_NO_FIN;
+		}
+
+		if (eff_buf.token_len && wsi->u.ws.stashed_write_pending) {
+			wsi->u.ws.stashed_write_pending = 0;
+			wp = (wp &0xc0) | (int)wsi->u.ws.stashed_write_type;
+		}
+	}
+
+	/*
+	 * an extension did something we need to keep... for example, if
+	 * compression extension, it has already updated its state according
+	 * to this being issued
+	 */
+	if ((char *)buf != eff_buf.token) {
+		/*
+		 * ext might eat it, but not have anything to issue yet.
+		 * In that case we have to follow his lead, but stash and
+		 * replace the write type that was lost here the first time.
+		 */
+		if (len && !eff_buf.token_len) {
+			if (!wsi->u.ws.stashed_write_pending)
+				wsi->u.ws.stashed_write_type = (char)wp & 0x3f;
+			wsi->u.ws.stashed_write_pending = 1;
+			return len;
+		}
+		/*
+		 * extension recreated it:
+		 * need to buffer this if not all sent
+		 */
+		wsi->u.ws.clean_buffer = 0;
+	}
+
+	buf = (unsigned char *)eff_buf.token;
+	len = eff_buf.token_len;
+
+	if (!buf) {
+		lwsl_err("null buf (%d)\n", (int)len);
+		return -1;
+	}
+
+	switch (wsi->ietf_spec_revision) {
+	case 13:
+		if (masked7) {
+			pre += 4;
+			dropmask = &buf[0 - pre];
+			is_masked_bit = 0x80;
+		}
+
+		switch (wp & 0xf) {
+		case LWS_WRITE_TEXT:
+			n = LWSWSOPC_TEXT_FRAME;
+			break;
+		case LWS_WRITE_BINARY:
+			n = LWSWSOPC_BINARY_FRAME;
+			break;
+		case LWS_WRITE_CONTINUATION:
+			n = LWSWSOPC_CONTINUATION;
+			break;
+
+		case LWS_WRITE_CLOSE:
+			n = LWSWSOPC_CLOSE;
+			break;
+		case LWS_WRITE_PING:
+			n = LWSWSOPC_PING;
+			break;
+		case LWS_WRITE_PONG:
+			n = LWSWSOPC_PONG;
+			break;
+		default:
+			lwsl_warn("lws_write: unknown write opc / wp\n");
+			return -1;
+		}
+
+		if (!(wp & LWS_WRITE_NO_FIN))
+			n |= 1 << 7;
+
+		if (len < 126) {
+			pre += 2;
+			buf[-pre] = n;
+			buf[-pre + 1] = (unsigned char)(len | is_masked_bit);
+		} else {
+			if (len < 65536) {
+				pre += 4;
+				buf[-pre] = n;
+				buf[-pre + 1] = 126 | is_masked_bit;
+				buf[-pre + 2] = (unsigned char)(len >> 8);
+				buf[-pre + 3] = (unsigned char)len;
+			} else {
+				pre += 10;
+				buf[-pre] = n;
+				buf[-pre + 1] = 127 | is_masked_bit;
+#if defined __LP64__
+					buf[-pre + 2] = (len >> 56) & 0x7f;
+					buf[-pre + 3] = len >> 48;
+					buf[-pre + 4] = len >> 40;
+					buf[-pre + 5] = len >> 32;
+#else
+					buf[-pre + 2] = 0;
+					buf[-pre + 3] = 0;
+					buf[-pre + 4] = 0;
+					buf[-pre + 5] = 0;
+#endif
+				buf[-pre + 6] = (unsigned char)(len >> 24);
+				buf[-pre + 7] = (unsigned char)(len >> 16);
+				buf[-pre + 8] = (unsigned char)(len >> 8);
+				buf[-pre + 9] = (unsigned char)len;
+			}
+		}
+		break;
+	}
+
+do_more_inside_frame:
+
+	/*
+	 * Deal with masking if we are in client -> server direction and
+	 * the wp demands it
+	 */
+
+	if (masked7) {
+		if (!wsi->u.ws.inside_frame)
+			if (lws_0405_frame_mask_generate(wsi)) {
+				lwsl_err("frame mask generation failed\n");
+				return -1;
+			}
+
+		/*
+		 * in v7, just mask the payload
+		 */
+		if (dropmask) { /* never set if already inside frame */
+			for (n = 4; n < (int)len + 4; n++)
+				dropmask[n] = dropmask[n] ^ wsi->u.ws.mask[
+					(wsi->u.ws.mask_idx++) & 3];
+
+			/* copy the frame nonce into place */
+			memcpy(dropmask, wsi->u.ws.mask, 4);
+		}
+	}
+
+send_raw:
+	switch ((int)(wp & 0x1f)) {
+	case LWS_WRITE_CLOSE:
+/*		lwsl_hexdump(&buf[-pre], len); */
+	case LWS_WRITE_HTTP:
+	case LWS_WRITE_HTTP_FINAL:
+	case LWS_WRITE_HTTP_HEADERS:
+	case LWS_WRITE_HTTP_HEADERS_CONTINUATION:
+	case LWS_WRITE_PONG:
+	case LWS_WRITE_PING:
+#ifdef LWS_WITH_HTTP2
+		if (wsi->mode == LWSCM_HTTP2_SERVING) {
+			unsigned char flags = 0;
+
+			n = LWS_H2_FRAME_TYPE_DATA;
+			if ((wp & 0x1f) == LWS_WRITE_HTTP_HEADERS) {
+				n = LWS_H2_FRAME_TYPE_HEADERS;
+				if (!(wp & LWS_WRITE_NO_FIN))
+					flags = LWS_H2_FLAG_END_HEADERS;
+				if (wsi->u.h2.send_END_STREAM || (wp & LWS_WRITE_H2_STREAM_END)) {
+					flags |= LWS_H2_FLAG_END_STREAM;
+					wsi->u.h2.send_END_STREAM = 1;
+				}
+			}
+
+			if ((wp & 0x1f) == LWS_WRITE_HTTP_HEADERS_CONTINUATION) {
+				n = LWS_H2_FRAME_TYPE_CONTINUATION;
+				if (!(wp & LWS_WRITE_NO_FIN))
+					flags = LWS_H2_FLAG_END_HEADERS;
+				if (wsi->u.h2.send_END_STREAM || (wp & LWS_WRITE_H2_STREAM_END)) {
+					flags |= LWS_H2_FLAG_END_STREAM;
+					wsi->u.h2.send_END_STREAM = 1;
+				}
+			}
+
+			if (((wp & 0x1f) == LWS_WRITE_HTTP ||
+			     (wp & 0x1f) == LWS_WRITE_HTTP_FINAL) &&
+			    wsi->u.http.tx_content_length) {
+				wsi->u.http.tx_content_remain -= len;
+				lwsl_info("%s: content_remain = %llu\n", __func__,
+					  (unsigned long long)wsi->u.http.tx_content_remain);
+				if (!wsi->u.http.tx_content_remain) {
+					lwsl_info("%s: selecting final write mode\n", __func__);
+					wp = LWS_WRITE_HTTP_FINAL;
+				}
+			}
+
+			if ((wp & 0x1f) == LWS_WRITE_HTTP_FINAL || (wp & LWS_WRITE_H2_STREAM_END)) {
+			    //lws_get_network_wsi(wsi)->u.h2.END_STREAM) {
+				lwsl_info("%s: setting END_STREAM\n", __func__);
+				flags |= LWS_H2_FLAG_END_STREAM;
+				wsi->u.h2.send_END_STREAM = 1;
+			}
+
+			return lws_h2_frame_write(wsi, n, flags,
+					wsi->u.h2.my_sid, len, buf);
+		}
+#endif
+		return lws_issue_raw(wsi, (unsigned char *)buf - pre, len + pre);
+	default:
+		break;
+	}
+
+	/*
+	 * give any active extensions a chance to munge the buffer
+	 * before send.  We pass in a pointer to an lws_tokens struct
+	 * prepared with the default buffer and content length that's in
+	 * there.  Rather than rewrite the default buffer, extensions
+	 * that expect to grow the buffer can adapt .token to
+	 * point to their own per-connection buffer in the extension
+	 * user allocation.  By default with no extensions or no
+	 * extension callback handling, just the normal input buffer is
+	 * used then so it is efficient.
+	 *
+	 * callback returns 1 in case it wants to spill more buffers
+	 *
+	 * This takes care of holding the buffer if send is incomplete, ie,
+	 * if wsi->u.ws.clean_buffer is 0 (meaning an extension meddled with
+	 * the buffer).  If wsi->u.ws.clean_buffer is 1, it will instead
+	 * return to the user code how much OF THE USER BUFFER was consumed.
+	 */
+
+	n = lws_issue_raw_ext_access(wsi, buf - pre, len + pre);
+	wsi->u.ws.inside_frame = 1;
+	if (n <= 0)
+		return n;
+
+	if (n == (int)len + pre) {
+		/* everything in the buffer was handled (or rebuffered...) */
+		wsi->u.ws.inside_frame = 0;
+		return orig_len;
+	}
+
+	/*
+	 * it is how many bytes of user buffer got sent... may be < orig_len
+	 * in which case callback when writable has already been arranged
+	 * and user code can call lws_write() again with the rest
+	 * later.
+	 */
+
+	return n - pre;
+}
+
+LWS_VISIBLE int lws_serve_http_file_fragment(struct lws *wsi)
+{
+	struct lws_context *context = wsi->context;
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+	struct lws_process_html_args args;
+	lws_filepos_t amount, poss;
+	unsigned char *p, *pstart;
+#if defined(LWS_WITH_RANGES)
+	unsigned char finished = 0;
+#endif
+	int n, m;
+
+	lwsl_debug("wsi->http2_substream %d\n", wsi->http2_substream);
+
+	while (!lws_send_pipe_choked(wsi)) {
+
+		if (wsi->trunc_len) {
+			if (lws_issue_raw(wsi, wsi->trunc_alloc +
+					  wsi->trunc_offset,
+					  wsi->trunc_len) < 0) {
+				lwsl_info("%s: closing\n", __func__);
+				goto file_had_it;
+			}
+			continue;
+		}
+
+		if (wsi->u.http.filepos == wsi->u.http.filelen)
+			goto all_sent;
+
+		n = 0;
+
+		pstart = pt->serv_buf + LWS_H2_FRAME_HEADER_LENGTH;
+
+		p = pstart;
+
+#if defined(LWS_WITH_RANGES)
+		if (wsi->u.http.range.count_ranges && !wsi->u.http.range.inside) {
+
+			lwsl_notice("%s: doing range start %llu\n", __func__, wsi->u.http.range.start);
+
+			if ((long long)lws_vfs_file_seek_cur(wsi->u.http.fop_fd,
+						   wsi->u.http.range.start -
+						   wsi->u.http.filepos) < 0)
+				goto file_had_it;
+
+			wsi->u.http.filepos = wsi->u.http.range.start;
+
+			if (wsi->u.http.range.count_ranges > 1) {
+				n =  lws_snprintf((char *)p, context->pt_serv_buf_size - LWS_H2_FRAME_HEADER_LENGTH,
+					"_lws\x0d\x0a"
+					"Content-Type: %s\x0d\x0a"
+					"Content-Range: bytes %llu-%llu/%llu\x0d\x0a"
+					"\x0d\x0a",
+					wsi->u.http.multipart_content_type,
+					wsi->u.http.range.start,
+					wsi->u.http.range.end,
+					wsi->u.http.range.extent);
+				p += n;
+			}
+
+			wsi->u.http.range.budget = wsi->u.http.range.end -
+						   wsi->u.http.range.start + 1;
+			wsi->u.http.range.inside = 1;
+		}
+#endif
+
+		poss = context->pt_serv_buf_size - n - LWS_H2_FRAME_HEADER_LENGTH;
+
+		/*
+		 * if there is a hint about how much we will do well to send at one time,
+		 * restrict ourselves to only trying to send that.
+		 */
+		if (wsi->protocol->tx_packet_size &&
+		    poss > wsi->protocol->tx_packet_size)
+			poss = wsi->protocol->tx_packet_size;
+
+#if defined(LWS_WITH_HTTP2)
+		m = lws_h2_tx_cr_get(wsi);
+		if (!m) {
+			lwsl_info("%s: came here with no tx credit", __func__);
+			return 0;
+		}
+		if (m < poss)
+			poss = m;
+		/*
+		 * consumption of the actual payload amount sent will be handled
+		 * when the http2 data frame is sent
+		 */
+#endif
+
+#if defined(LWS_WITH_RANGES)
+		if (wsi->u.http.range.count_ranges) {
+			if (wsi->u.http.range.count_ranges > 1)
+				poss -= 7; /* allow for final boundary */
+			if (poss > wsi->u.http.range.budget)
+				poss = wsi->u.http.range.budget;
+		}
+#endif
+		if (wsi->sending_chunked) {
+			/* we need to drop the chunk size in here */
+			p += 10;
+			/* allow for the chunk to grow by 128 in translation */
+			poss -= 10 + 128;
+		}
+
+		if (lws_vfs_file_read(wsi->u.http.fop_fd, &amount, p, poss) < 0)
+			goto file_had_it; /* caller will close */
+
+		if (wsi->sending_chunked)
+			n = (int)amount;
+		else
+			n = (p - pstart) + (int)amount;
+
+		lwsl_debug("%s: sending %d\n", __func__, n);
+
+		if (n) {
+			lws_set_timeout(wsi, PENDING_TIMEOUT_HTTP_CONTENT,
+					context->timeout_secs);
+
+			if (wsi->sending_chunked) {
+				args.p = (char *)p;
+				args.len = n;
+				args.max_len = (unsigned int)poss + 128;
+				args.final = wsi->u.http.filepos + n ==
+					     wsi->u.http.filelen;
+				if (user_callback_handle_rxflow(
+				     wsi->vhost->protocols[(int)wsi->protocol_interpret_idx].callback, wsi,
+				     LWS_CALLBACK_PROCESS_HTML,
+				     wsi->user_space, &args, 0) < 0)
+					goto file_had_it;
+				n = args.len;
+				p = (unsigned char *)args.p;
+			} else
+				p = pstart;
+
+#if defined(LWS_WITH_RANGES)
+			if (wsi->u.http.range.send_ctr + 1 ==
+				wsi->u.http.range.count_ranges && // last range
+			    wsi->u.http.range.count_ranges > 1 && // was 2+ ranges (ie, multipart)
+			    wsi->u.http.range.budget - amount == 0) {// final part
+				n += lws_snprintf((char *)pstart + n, 6,
+					"_lws\x0d\x0a"); // append trailing boundary
+				lwsl_debug("added trailing boundary\n");
+			}
+#endif
+			m = lws_write(wsi, p, n,
+				      wsi->u.http.filepos == wsi->u.http.filelen ?
+					LWS_WRITE_HTTP_FINAL :
+					LWS_WRITE_HTTP
+				);
+			if (m < 0)
+				goto file_had_it;
+
+			wsi->u.http.filepos += amount;
+
+#if defined(LWS_WITH_RANGES)
+			if (wsi->u.http.range.count_ranges >= 1) {
+				wsi->u.http.range.budget -= amount;
+				if (wsi->u.http.range.budget == 0) {
+					lwsl_notice("range budget exhausted\n");
+					wsi->u.http.range.inside = 0;
+					wsi->u.http.range.send_ctr++;
+
+					if (lws_ranges_next(&wsi->u.http.range) < 1) {
+						finished = 1;
+						goto all_sent;
+					}
+				}
+			}
+#endif
+
+			if (m != n) {
+				/* adjust for what was not sent */
+				if (lws_vfs_file_seek_cur(wsi->u.http.fop_fd,
+							   m - n) ==
+							     (unsigned long)-1)
+					goto file_had_it;
+			}
+		}
+
+all_sent:
+		if ((!wsi->trunc_len && wsi->u.http.filepos >= wsi->u.http.filelen)
+#if defined(LWS_WITH_RANGES)
+		    || finished)
+#else
+		)
+#endif
+		     {
+			wsi->state = LWSS_HTTP;
+			/* we might be in keepalive, so close it off here */
+			lws_vfs_file_close(&wsi->u.http.fop_fd);
+			
+			lwsl_debug("file completed\n");
+
+			if (wsi->protocol->callback &&
+			    user_callback_handle_rxflow(wsi->protocol->callback,
+					    	    	wsi, LWS_CALLBACK_HTTP_FILE_COMPLETION,
+					    	    	wsi->user_space, NULL,
+					    	    	0) < 0) {
+					/*
+					 * For http/1.x, the choices from
+					 * transaction_completed are either
+					 * 0 to use the connection for pipelined
+					 * or nonzero to hang it up.
+					 *
+					 * However for http/2. while we are
+					 * still interested in hanging up the
+					 * nwsi if there was a network-level
+					 * fatal error, simply completing the
+					 * transaction is a matter of the stream
+					 * state, not the root connection at the
+					 * network level
+					 */
+					if (wsi->http2_substream)
+						return 1;
+					else
+						return -1;
+				}
+
+			return 1;  /* >0 indicates completed */
+		}
+	}
+
+	lws_callback_on_writable(wsi);
+
+	return 0; /* indicates further processing must be done */
+
+file_had_it:
+	lws_vfs_file_close(&wsi->u.http.fop_fd);
+
+	return -1;
+}
+
+#if LWS_POSIX
+LWS_VISIBLE int
+lws_ssl_capable_read_no_ssl(struct lws *wsi, unsigned char *buf, int len)
+{
+	struct lws_context *context = wsi->context;
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+	int n;
+
+	lws_stats_atomic_bump(context, pt, LWSSTATS_C_API_READ, 1);
+
+	n = recv(wsi->desc.sockfd, (char *)buf, len, 0);
+	if (n >= 0) {
+		if (wsi->vhost)
+			wsi->vhost->conn_stats.rx += n;
+		lws_stats_atomic_bump(context, pt, LWSSTATS_B_READ, n);
+		lws_restart_ws_ping_pong_timer(wsi);
+		return n;
+	}
+#if LWS_POSIX
+	if (LWS_ERRNO == LWS_EAGAIN ||
+	    LWS_ERRNO == LWS_EWOULDBLOCK ||
+	    LWS_ERRNO == LWS_EINTR)
+		return LWS_SSL_CAPABLE_MORE_SERVICE;
+#endif
+	lwsl_notice("error on reading from skt : %d\n", LWS_ERRNO);
+	return LWS_SSL_CAPABLE_ERROR;
+}
+
+LWS_VISIBLE int
+lws_ssl_capable_write_no_ssl(struct lws *wsi, unsigned char *buf, int len)
+{
+	int n = 0;
+
+#if LWS_POSIX
+	n = send(wsi->desc.sockfd, (char *)buf, len, MSG_NOSIGNAL);
+//	lwsl_info("%s: sent len %d result %d", __func__, len, n);
+	if (n >= 0)
+		return n;
+
+	if (LWS_ERRNO == LWS_EAGAIN ||
+	    LWS_ERRNO == LWS_EWOULDBLOCK ||
+	    LWS_ERRNO == LWS_EINTR) {
+		if (LWS_ERRNO == LWS_EWOULDBLOCK) {
+			lws_set_blocking_send(wsi);
+		}
+
+		return LWS_SSL_CAPABLE_MORE_SERVICE;
+	}
+#else
+	(void)n;
+	(void)wsi;
+	(void)buf;
+	(void)len;
+	// !!!
+#endif
+
+	lwsl_debug("ERROR writing len %d to skt fd %d err %d / errno %d\n",
+			len, wsi->desc.sockfd, n, LWS_ERRNO);
+	return LWS_SSL_CAPABLE_ERROR;
+}
+#endif
+LWS_VISIBLE int
+lws_ssl_pending_no_ssl(struct lws *wsi)
+{
+	(void)wsi;
+#if defined(LWS_WITH_ESP32)
+	return 100;
+#else
+	return 0;
+#endif
+}
diff --git a/thirdparty/lws/plat/lws-plat-unix.c b/thirdparty/lws/plat/lws-plat-unix.c
new file mode 100644
index 0000000000..a51e67bb81
--- /dev/null
+++ b/thirdparty/lws/plat/lws-plat-unix.c
@@ -0,0 +1,850 @@
+/*
+ * libwebsockets - small server side websockets and web server implementation
+ *
+ * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com>
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation:
+ *  version 2.1 of the License.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA  02110-1301  USA
+ */
+
+#include "private-libwebsockets.h"
+
+#include <pwd.h>
+#include <grp.h>
+
+#ifdef LWS_WITH_PLUGINS
+#include <dlfcn.h>
+#endif
+#include <dirent.h>
+
+unsigned long long time_in_microseconds(void)
+{
+	struct timeval tv;
+
+	gettimeofday(&tv, NULL);
+	return ((unsigned long long)tv.tv_sec * 1000000LL) + tv.tv_usec;
+}
+
+LWS_VISIBLE int
+lws_get_random(struct lws_context *context, void *buf, int len)
+{
+	return read(context->fd_random, (char *)buf, len);
+}
+
+LWS_VISIBLE int
+lws_send_pipe_choked(struct lws *wsi)
+{
+	struct lws_pollfd fds;
+	struct lws *wsi_eff = wsi;
+
+#if defined(LWS_WITH_HTTP2)
+	wsi_eff = lws_get_network_wsi(wsi);
+#endif
+	/* treat the fact we got a truncated send pending as if we're choked */
+	if (wsi_eff->trunc_len)
+		return 1;
+
+	fds.fd = wsi_eff->desc.sockfd;
+	fds.events = POLLOUT;
+	fds.revents = 0;
+
+	if (poll(&fds, 1, 0) != 1)
+		return 1;
+
+	if ((fds.revents & POLLOUT) == 0)
+		return 1;
+
+	/* okay to send another packet without blocking */
+
+	return 0;
+}
+
+LWS_VISIBLE int
+lws_poll_listen_fd(struct lws_pollfd *fd)
+{
+	return poll(fd, 1, 0);
+}
+
+LWS_VISIBLE void
+lws_cancel_service_pt(struct lws *wsi)
+{
+	struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
+	char buf = 0;
+
+	if (write(pt->dummy_pipe_fds[1], &buf, sizeof(buf)) != 1)
+		lwsl_err("Cannot write to dummy pipe");
+}
+
+LWS_VISIBLE void
+lws_cancel_service(struct lws_context *context)
+{
+	struct lws_context_per_thread *pt = &context->pt[0];
+	char buf = 0, m = context->count_threads;
+
+	while (m--) {
+		if (write(pt->dummy_pipe_fds[1], &buf, sizeof(buf)) != 1)
+			lwsl_err("Cannot write to dummy pipe");
+		pt++;
+	}
+}
+
+LWS_VISIBLE void lwsl_emit_syslog(int level, const char *line)
+{
+	int syslog_level = LOG_DEBUG;
+
+	switch (level) {
+	case LLL_ERR:
+		syslog_level = LOG_ERR;
+		break;
+	case LLL_WARN:
+		syslog_level = LOG_WARNING;
+		break;
+	case LLL_NOTICE:
+		syslog_level = LOG_NOTICE;
+		break;
+	case LLL_INFO:
+		syslog_level = LOG_INFO;
+		break;
+	}
+	syslog(syslog_level, "%s", line);
+}
+
+LWS_VISIBLE LWS_EXTERN int
+_lws_plat_service_tsi(struct lws_context *context, int timeout_ms, int tsi)
+{
+	struct lws_context_per_thread *pt;
+	int n = -1, m, c;
+	char buf;
+
+	/* stay dead once we are dead */
+
+	if (!context || !context->vhost_list)
+		return 1;
+
+	pt = &context->pt[tsi];
+
+	lws_stats_atomic_bump(context, pt, LWSSTATS_C_SERVICE_ENTRY, 1);
+
+	if (timeout_ms < 0)
+		goto faked_service;
+
+	lws_libev_run(context, tsi);
+	lws_libuv_run(context, tsi);
+	lws_libevent_run(context, tsi);
+
+	if (!context->service_tid_detected) {
+		struct lws _lws;
+
+		memset(&_lws, 0, sizeof(_lws));
+		_lws.context = context;
+
+		context->service_tid_detected =
+			context->vhost_list->protocols[0].callback(
+			&_lws, LWS_CALLBACK_GET_THREAD_ID, NULL, NULL, 0);
+		context->service_tid = context->service_tid_detected;
+		context->service_tid_detected = 1;
+	}
+
+	/*
+	 * is there anybody with pending stuff that needs service forcing?
+	 */
+	if (!lws_service_adjust_timeout(context, 1, tsi)) {
+		/* -1 timeout means just do forced service */
+		_lws_plat_service_tsi(context, -1, pt->tid);
+		/* still somebody left who wants forced service? */
+		if (!lws_service_adjust_timeout(context, 1, pt->tid))
+			/* yes... come back again quickly */
+			timeout_ms = 0;
+	}
+
+	n = poll(pt->fds, pt->fds_count, timeout_ms);
+
+#ifdef LWS_OPENSSL_SUPPORT
+	if (!n && !pt->rx_draining_ext_list &&
+	    !lws_ssl_anybody_has_buffered_read_tsi(context, tsi)) {
+#else
+	if (!pt->rx_draining_ext_list && !n) /* poll timeout */ {
+#endif
+		lws_service_fd_tsi(context, NULL, tsi);
+		return 0;
+	}
+
+faked_service:
+	m = lws_service_flag_pending(context, tsi);
+	if (m)
+		c = -1; /* unknown limit */
+	else
+		if (n < 0) {
+			if (LWS_ERRNO != LWS_EINTR)
+				return -1;
+			return 0;
+		} else
+			c = n;
+
+	/* any socket with events to service? */
+	for (n = 0; n < pt->fds_count && c; n++) {
+		if (!pt->fds[n].revents)
+			continue;
+
+		c--;
+
+		if (pt->fds[n].fd == pt->dummy_pipe_fds[0]) {
+			if (read(pt->fds[n].fd, &buf, 1) != 1)
+				lwsl_err("Cannot read from dummy pipe.");
+			continue;
+		}
+
+		m = lws_service_fd_tsi(context, &pt->fds[n], tsi);
+		if (m < 0)
+			return -1;
+		/* if something closed, retry this slot */
+		if (m)
+			n--;
+	}
+
+	return 0;
+}
+
+LWS_VISIBLE int
+lws_plat_check_connection_error(struct lws *wsi)
+{
+	return 0;
+}
+
+LWS_VISIBLE int
+lws_plat_service(struct lws_context *context, int timeout_ms)
+{
+	return _lws_plat_service_tsi(context, timeout_ms, 0);
+}
+
+LWS_VISIBLE int
+lws_plat_set_socket_options(struct lws_vhost *vhost, int fd)
+{
+	int optval = 1;
+	socklen_t optlen = sizeof(optval);
+
+#if defined(__APPLE__) || \
+    defined(__FreeBSD__) || defined(__FreeBSD_kernel__) || \
+    defined(__NetBSD__) || \
+    defined(__OpenBSD__) || \
+    defined(__HAIKU__)
+	struct protoent *tcp_proto;
+#endif
+
+	if (vhost->ka_time) {
+		/* enable keepalive on this socket */
+		optval = 1;
+		if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE,
+			       (const void *)&optval, optlen) < 0)
+			return 1;
+
+#if defined(__APPLE__) || \
+    defined(__FreeBSD__) || defined(__FreeBSD_kernel__) || \
+    defined(__NetBSD__) || \
+    defined(__CYGWIN__) || defined(__OpenBSD__) || defined (__sun) || \
+    defined(__HAIKU__)
+
+		/*
+		 * didn't find a way to set these per-socket, need to
+		 * tune kernel systemwide values
+		 */
+#else
+		/* set the keepalive conditions we want on it too */
+		optval = vhost->ka_time;
+		if (setsockopt(fd, IPPROTO_TCP, TCP_KEEPIDLE,
+			       (const void *)&optval, optlen) < 0)
+			return 1;
+
+		optval = vhost->ka_interval;
+		if (setsockopt(fd, IPPROTO_TCP, TCP_KEEPINTVL,
+			       (const void *)&optval, optlen) < 0)
+			return 1;
+
+		optval = vhost->ka_probes;
+		if (setsockopt(fd, IPPROTO_TCP, TCP_KEEPCNT,
+			       (const void *)&optval, optlen) < 0)
+			return 1;
+#endif
+	}
+
+#if defined(SO_BINDTODEVICE)
+	if (vhost->bind_iface && vhost->iface) {
+		lwsl_info("binding listen skt to %s using SO_BINDTODEVICE\n", vhost->iface);
+		if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, vhost->iface,
+				strlen(vhost->iface)) < 0) {
+			lwsl_warn("Failed to bind to device %s\n", vhost->iface);
+			return 1;
+		}
+	}
+#endif
+
+	/* Disable Nagle */
+	optval = 1;
+#if defined (__sun)
+	if (setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, (const void *)&optval, optlen) < 0)
+		return 1;
+#elif !defined(__APPLE__) && \
+      !defined(__FreeBSD__) && !defined(__FreeBSD_kernel__) &&        \
+      !defined(__NetBSD__) && \
+      !defined(__OpenBSD__) && \
+      !defined(__HAIKU__)
+	if (setsockopt(fd, SOL_TCP, TCP_NODELAY, (const void *)&optval, optlen) < 0)
+		return 1;
+#else
+	tcp_proto = getprotobyname("TCP");
+	if (setsockopt(fd, tcp_proto->p_proto, TCP_NODELAY, &optval, optlen) < 0)
+		return 1;
+#endif
+
+	/* We are nonblocking... */
+	if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0)
+		return 1;
+
+	return 0;
+}
+
+#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP)
+static void
+_lws_plat_apply_caps(int mode, cap_value_t *cv, int count)
+{
+	cap_t caps;
+
+	if (!count)
+		return;
+
+	caps = cap_get_proc();
+
+	cap_set_flag(caps, mode, count, cv, CAP_SET);
+	cap_set_proc(caps);
+	prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0);
+	cap_free(caps);
+}
+#endif
+
+LWS_VISIBLE void
+lws_plat_drop_app_privileges(struct lws_context_creation_info *info)
+{
+#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP)
+	int n;
+#endif
+
+	if (info->gid && info->gid != -1)
+		if (setgid(info->gid))
+			lwsl_warn("setgid: %s\n", strerror(LWS_ERRNO));
+
+	if (info->uid && info->uid != -1) {
+		struct passwd *p = getpwuid(info->uid);
+
+		if (p) {
+
+#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP)
+			_lws_plat_apply_caps(CAP_PERMITTED, info->caps, info->count_caps);
+#endif
+
+			initgroups(p->pw_name, info->gid);
+			if (setuid(info->uid))
+				lwsl_warn("setuid: %s\n", strerror(LWS_ERRNO));
+			else
+				lwsl_notice("Set privs to user '%s'\n", p->pw_name);
+
+#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP)
+			_lws_plat_apply_caps(CAP_EFFECTIVE, info->caps, info->count_caps);
+
+			if (info->count_caps)
+				for (n = 0; n < info->count_caps; n++)
+					lwsl_notice("   RETAINING CAPABILITY %d\n", (int)info->caps[n]);
+#endif
+
+		} else
+			lwsl_warn("getpwuid: unable to find uid %d", info->uid);
+	}
+}
+
+#ifdef LWS_WITH_PLUGINS
+
+#if defined(LWS_WITH_LIBUV) && UV_VERSION_MAJOR > 0
+
+/* libuv.c implements these in a cross-platform way */
+
+#else
+
+static int filter(const struct dirent *ent)
+{
+	if (!strcmp(ent->d_name, ".") || !strcmp(ent->d_name, ".."))
+		return 0;
+
+	return 1;
+}
+
+LWS_VISIBLE int
+lws_plat_plugins_init(struct lws_context * context, const char * const *d)
+{
+	struct lws_plugin_capability lcaps;
+	struct lws_plugin *plugin;
+	lws_plugin_init_func initfunc;
+	struct dirent **namelist;
+	int n, i, m, ret = 0;
+	char path[256];
+	void *l;
+
+	lwsl_notice("  Plugins:\n");
+
+	while (d && *d) {
+		n = scandir(*d, &namelist, filter, alphasort);
+		if (n < 0) {
+			lwsl_err("Scandir on %s failed\n", *d);
+			return 1;
+		}
+
+		for (i = 0; i < n; i++) {
+			if (strlen(namelist[i]->d_name) < 7)
+				goto inval;
+
+			lwsl_notice("   %s\n", namelist[i]->d_name);
+
+			lws_snprintf(path, sizeof(path) - 1, "%s/%s", *d,
+				 namelist[i]->d_name);
+			l = dlopen(path, RTLD_NOW);
+			if (!l) {
+				lwsl_err("Error loading DSO: %s\n", dlerror());
+				while (i++ < n)
+					free(namelist[i]);
+				goto bail;
+			}
+			/* we could open it, can we get his init function? */
+			m = lws_snprintf(path, sizeof(path) - 1, "init_%s",
+				     namelist[i]->d_name + 3 /* snip lib... */);
+			path[m - 3] = '\0'; /* snip the .so */
+			initfunc = dlsym(l, path);
+			if (!initfunc) {
+				lwsl_err("Failed to get init on %s: %s",
+						namelist[i]->d_name, dlerror());
+				dlclose(l);
+			}
+			lcaps.api_magic = LWS_PLUGIN_API_MAGIC;
+			m = initfunc(context, &lcaps);
+			if (m) {
+				lwsl_err("Initializing %s failed %d\n",
+					namelist[i]->d_name, m);
+				dlclose(l);
+				goto skip;
+			}
+
+			plugin = lws_malloc(sizeof(*plugin), "plugin");
+			if (!plugin) {
+				lwsl_err("OOM\n");
+				goto bail;
+			}
+			plugin->list = context->plugin_list;
+			context->plugin_list = plugin;
+			strncpy(plugin->name, namelist[i]->d_name, sizeof(plugin->name) - 1);
+			plugin->name[sizeof(plugin->name) - 1] = '\0';
+			plugin->l = l;
+			plugin->caps = lcaps;
+			context->plugin_protocol_count += lcaps.count_protocols;
+			context->plugin_extension_count += lcaps.count_extensions;
+
+			free(namelist[i]);
+			continue;
+
+	skip:
+			dlclose(l);
+	inval:
+			free(namelist[i]);
+		}
+		free(namelist);
+		d++;
+	}
+
+bail:
+	free(namelist);
+
+	return ret;
+}
+
+LWS_VISIBLE int
+lws_plat_plugins_destroy(struct lws_context * context)
+{
+	struct lws_plugin *plugin = context->plugin_list, *p;
+	lws_plugin_destroy_func func;
+	char path[256];
+	int m;
+
+	if (!plugin)
+		return 0;
+
+	lwsl_notice("%s\n", __func__);
+
+	while (plugin) {
+		p = plugin;
+		m = lws_snprintf(path, sizeof(path) - 1, "destroy_%s", plugin->name + 3);
+		path[m - 3] = '\0';
+		func = dlsym(plugin->l, path);
+		if (!func) {
+			lwsl_err("Failed to get destroy on %s: %s",
+					plugin->name, dlerror());
+			goto next;
+		}
+		m = func(context);
+		if (m)
+			lwsl_err("Initializing %s failed %d\n",
+				plugin->name, m);
+next:
+		dlclose(p->l);
+		plugin = p->list;
+		p->list = NULL;
+		free(p);
+	}
+
+	context->plugin_list = NULL;
+
+	return 0;
+}
+
+#endif
+#endif
+
+
+#if 0
+static void
+sigabrt_handler(int x)
+{
+	printf("%s\n", __func__);
+}
+#endif
+
+LWS_VISIBLE int
+lws_plat_context_early_init(void)
+{
+#if !defined(LWS_AVOID_SIGPIPE_IGN)
+	signal(SIGPIPE, SIG_IGN);
+#endif
+
+	return 0;
+}
+
+LWS_VISIBLE void
+lws_plat_context_early_destroy(struct lws_context *context)
+{
+}
+
+LWS_VISIBLE void
+lws_plat_context_late_destroy(struct lws_context *context)
+{
+	struct lws_context_per_thread *pt = &context->pt[0];
+	int m = context->count_threads;
+
+#ifdef LWS_WITH_PLUGINS
+	if (context->plugin_list)
+		lws_plat_plugins_destroy(context);
+#endif
+
+	if (context->lws_lookup)
+		lws_free(context->lws_lookup);
+
+	while (m--) {
+		if (pt->dummy_pipe_fds[0])
+			close(pt->dummy_pipe_fds[0]);
+		if (pt->dummy_pipe_fds[1])
+			close(pt->dummy_pipe_fds[1]);
+		pt++;
+	}
+	if (!context->fd_random)
+		lwsl_err("ZERO RANDOM FD\n");
+	if (context->fd_random != LWS_INVALID_FILE)
+		close(context->fd_random);
+}
+
+/* cast a struct sockaddr_in6 * into addr for ipv6 */
+
+LWS_VISIBLE int
+lws_interface_to_sa(int ipv6, const char *ifname, struct sockaddr_in *addr,
+		    size_t addrlen)
+{
+	int rc = -1;
+
+	struct ifaddrs *ifr;
+	struct ifaddrs *ifc;
+#ifdef LWS_WITH_IPV6
+	struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
+#endif
+
+	getifaddrs(&ifr);
+	for (ifc = ifr; ifc != NULL && rc; ifc = ifc->ifa_next) {
+		if (!ifc->ifa_addr)
+			continue;
+
+		lwsl_info(" interface %s vs %s\n", ifc->ifa_name, ifname);
+
+		if (strcmp(ifc->ifa_name, ifname))
+			continue;
+
+		switch (ifc->ifa_addr->sa_family) {
+		case AF_INET:
+#ifdef LWS_WITH_IPV6
+			if (ipv6) {
+				/* map IPv4 to IPv6 */
+				bzero((char *)&addr6->sin6_addr,
+						sizeof(struct in6_addr));
+				addr6->sin6_addr.s6_addr[10] = 0xff;
+				addr6->sin6_addr.s6_addr[11] = 0xff;
+				memcpy(&addr6->sin6_addr.s6_addr[12],
+					&((struct sockaddr_in *)ifc->ifa_addr)->sin_addr,
+							sizeof(struct in_addr));
+			} else
+#endif
+				memcpy(addr,
+					(struct sockaddr_in *)ifc->ifa_addr,
+						    sizeof(struct sockaddr_in));
+			break;
+#ifdef LWS_WITH_IPV6
+		case AF_INET6:
+			memcpy(&addr6->sin6_addr,
+			  &((struct sockaddr_in6 *)ifc->ifa_addr)->sin6_addr,
+						       sizeof(struct in6_addr));
+			break;
+#endif
+		default:
+			continue;
+		}
+		rc = 0;
+	}
+
+	freeifaddrs(ifr);
+
+	if (rc == -1) {
+		/* check if bind to IP address */
+#ifdef LWS_WITH_IPV6
+		if (inet_pton(AF_INET6, ifname, &addr6->sin6_addr) == 1)
+			rc = 0;
+		else
+#endif
+		if (inet_pton(AF_INET, ifname, &addr->sin_addr) == 1)
+			rc = 0;
+	}
+
+	return rc;
+}
+
+LWS_VISIBLE void
+lws_plat_insert_socket_into_fds(struct lws_context *context, struct lws *wsi)
+{
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+
+	lws_libev_io(wsi, LWS_EV_START | LWS_EV_READ);
+	lws_libuv_io(wsi, LWS_EV_START | LWS_EV_READ);
+	lws_libevent_io(wsi, LWS_EV_START | LWS_EV_READ);
+
+	pt->fds[pt->fds_count++].revents = 0;
+}
+
+LWS_VISIBLE void
+lws_plat_delete_socket_from_fds(struct lws_context *context,
+						struct lws *wsi, int m)
+{
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+
+	lws_libev_io(wsi, LWS_EV_STOP | LWS_EV_READ | LWS_EV_WRITE);
+	lws_libuv_io(wsi, LWS_EV_STOP | LWS_EV_READ | LWS_EV_WRITE);
+	lws_libevent_io(wsi, LWS_EV_STOP | LWS_EV_READ | LWS_EV_WRITE);
+
+	pt->fds_count--;
+}
+
+LWS_VISIBLE void
+lws_plat_service_periodic(struct lws_context *context)
+{
+	/* if our parent went down, don't linger around */
+	if (context->started_with_parent &&
+	    kill(context->started_with_parent, 0) < 0)
+		kill(getpid(), SIGTERM);
+}
+
+LWS_VISIBLE int
+lws_plat_change_pollfd(struct lws_context *context,
+		      struct lws *wsi, struct lws_pollfd *pfd)
+{
+	return 0;
+}
+
+LWS_VISIBLE const char *
+lws_plat_inet_ntop(int af, const void *src, char *dst, int cnt)
+{
+	return inet_ntop(af, src, dst, cnt);
+}
+
+LWS_VISIBLE int
+lws_plat_inet_pton(int af, const char *src, void *dst)
+{
+	return inet_pton(af, src, dst);
+}
+
+LWS_VISIBLE lws_fop_fd_t
+_lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename,
+		    const char *vpath, lws_fop_flags_t *flags)
+{
+	struct stat stat_buf;
+	int ret = open(filename, (*flags) & LWS_FOP_FLAGS_MASK, 0664);
+	lws_fop_fd_t fop_fd;
+
+	if (ret < 0)
+		return NULL;
+
+	if (fstat(ret, &stat_buf) < 0)
+		goto bail;
+
+	fop_fd = malloc(sizeof(*fop_fd));
+	if (!fop_fd)
+		goto bail;
+
+	fop_fd->fops = fops;
+	fop_fd->flags = *flags;
+	fop_fd->fd = ret;
+	fop_fd->filesystem_priv = NULL; /* we don't use it */
+	fop_fd->len = stat_buf.st_size;
+	fop_fd->pos = 0;
+
+	return fop_fd;
+
+bail:
+	close(ret);
+	return NULL;
+}
+
+LWS_VISIBLE int
+_lws_plat_file_close(lws_fop_fd_t *fop_fd)
+{
+	int fd = (*fop_fd)->fd;
+
+	free(*fop_fd);
+	*fop_fd = NULL;
+
+	return close(fd);
+}
+
+LWS_VISIBLE lws_fileofs_t
+_lws_plat_file_seek_cur(lws_fop_fd_t fop_fd, lws_fileofs_t offset)
+{
+	lws_fileofs_t r;
+
+	if (offset > 0 && offset > fop_fd->len - fop_fd->pos)
+		offset = fop_fd->len - fop_fd->pos;
+
+	if ((lws_fileofs_t)fop_fd->pos + offset < 0)
+		offset = -fop_fd->pos;
+
+	r = lseek(fop_fd->fd, offset, SEEK_CUR);
+
+	if (r >= 0)
+		fop_fd->pos = r;
+	else
+		lwsl_err("error seeking from cur %ld, offset %ld\n",
+                        (long)fop_fd->pos, (long)offset);
+
+	return r;
+}
+
+LWS_VISIBLE int
+_lws_plat_file_read(lws_fop_fd_t fop_fd, lws_filepos_t *amount,
+		    uint8_t *buf, lws_filepos_t len)
+{
+	long n;
+
+	n = read((int)fop_fd->fd, buf, len);
+	if (n == -1) {
+		*amount = 0;
+		return -1;
+	}
+	fop_fd->pos += n;
+	lwsl_debug("%s: read %ld of req %ld, pos %ld, len %ld\n", __func__, n,
+                  (long)len, (long)fop_fd->pos, (long)fop_fd->len);
+	*amount = n;
+
+	return 0;
+}
+
+LWS_VISIBLE int
+_lws_plat_file_write(lws_fop_fd_t fop_fd, lws_filepos_t *amount,
+		     uint8_t *buf, lws_filepos_t len)
+{
+	long n;
+
+	n = write((int)fop_fd->fd, buf, len);
+	if (n == -1) {
+		*amount = 0;
+		return -1;
+	}
+
+	fop_fd->pos += n;
+	*amount = n;
+
+	return 0;
+}
+
+
+LWS_VISIBLE int
+lws_plat_init(struct lws_context *context,
+	      struct lws_context_creation_info *info)
+{
+	struct lws_context_per_thread *pt = &context->pt[0];
+	int n = context->count_threads, fd;
+
+	/* master context has the global fd lookup array */
+	context->lws_lookup = lws_zalloc(sizeof(struct lws *) *
+					 context->max_fds, "lws_lookup");
+	if (context->lws_lookup == NULL) {
+		lwsl_err("OOM on lws_lookup array for %d connections\n",
+			 context->max_fds);
+		return 1;
+	}
+
+	lwsl_info(" mem: platform fd map: %5lu bytes\n",
+		    (unsigned long)(sizeof(struct lws *) * context->max_fds));
+	fd = open(SYSTEM_RANDOM_FILEPATH, O_RDONLY);
+
+	context->fd_random = fd;
+	if (context->fd_random < 0) {
+		lwsl_err("Unable to open random device %s %d\n",
+			 SYSTEM_RANDOM_FILEPATH, context->fd_random);
+		return 1;
+	}
+
+	if (!lws_libev_init_fd_table(context) &&
+	    !lws_libuv_init_fd_table(context) &&
+	    !lws_libevent_init_fd_table(context)) {
+		/* otherwise libev/uv/event handled it instead */
+
+		while (n--) {
+			if (pipe(pt->dummy_pipe_fds)) {
+				lwsl_err("Unable to create pipe\n");
+				return 1;
+			}
+
+			/* use the read end of pipe as first item */
+			pt->fds[0].fd = pt->dummy_pipe_fds[0];
+			pt->fds[0].events = LWS_POLLIN;
+			pt->fds[0].revents = 0;
+			pt->fds_count = 1;
+			pt++;
+		}
+	}
+
+#ifdef LWS_WITH_PLUGINS
+	if (info->plugin_dirs)
+		lws_plat_plugins_init(context, info->plugin_dirs);
+#endif
+
+	return 0;
+}
diff --git a/thirdparty/lws/plat/lws-plat-win.c b/thirdparty/lws/plat/lws-plat-win.c
new file mode 100644
index 0000000000..f5b178ce85
--- /dev/null
+++ b/thirdparty/lws/plat/lws-plat-win.c
@@ -0,0 +1,745 @@
+#ifndef _WINSOCK_DEPRECATED_NO_WARNINGS
+#define _WINSOCK_DEPRECATED_NO_WARNINGS
+#endif
+#include "private-libwebsockets.h"
+
+unsigned long long
+time_in_microseconds()
+{
+#ifndef DELTA_EPOCH_IN_MICROSECS
+#define DELTA_EPOCH_IN_MICROSECS 11644473600000000ULL
+#endif
+	FILETIME filetime;
+	ULARGE_INTEGER datetime;
+
+#ifdef _WIN32_WCE
+	GetCurrentFT(&filetime);
+#else
+	GetSystemTimeAsFileTime(&filetime);
+#endif
+
+	/*
+	 * As per Windows documentation for FILETIME, copy the resulting FILETIME structure to a
+	 * ULARGE_INTEGER structure using memcpy (using memcpy instead of direct assignment can
+	 * prevent alignment faults on 64-bit Windows).
+	 */
+	memcpy(&datetime, &filetime, sizeof(datetime));
+
+	/* Windows file times are in 100s of nanoseconds. */
+	return (datetime.QuadPart - DELTA_EPOCH_IN_MICROSECS) / 10;
+}
+
+#ifdef _WIN32_WCE
+time_t time(time_t *t)
+{
+	time_t ret = time_in_microseconds() / 1000000;
+
+	if(t != NULL)
+		*t = ret;
+
+	return ret;
+}
+#endif
+
+/* file descriptor hash management */
+
+struct lws *
+wsi_from_fd(const struct lws_context *context, lws_sockfd_type fd)
+{
+	int h = LWS_FD_HASH(fd);
+	int n = 0;
+
+	for (n = 0; n < context->fd_hashtable[h].length; n++)
+		if (context->fd_hashtable[h].wsi[n]->desc.sockfd == fd)
+			return context->fd_hashtable[h].wsi[n];
+
+	return NULL;
+}
+
+int
+insert_wsi(struct lws_context *context, struct lws *wsi)
+{
+	int h = LWS_FD_HASH(wsi->desc.sockfd);
+
+	if (context->fd_hashtable[h].length == (getdtablesize() - 1)) {
+		lwsl_err("hash table overflow\n");
+		return 1;
+	}
+
+	context->fd_hashtable[h].wsi[context->fd_hashtable[h].length++] = wsi;
+
+	return 0;
+}
+
+int
+delete_from_fd(struct lws_context *context, lws_sockfd_type fd)
+{
+	int h = LWS_FD_HASH(fd);
+	int n = 0;
+
+	for (n = 0; n < context->fd_hashtable[h].length; n++)
+		if (context->fd_hashtable[h].wsi[n]->desc.sockfd == fd) {
+			while (n < context->fd_hashtable[h].length) {
+				context->fd_hashtable[h].wsi[n] =
+						context->fd_hashtable[h].wsi[n + 1];
+				n++;
+			}
+			context->fd_hashtable[h].length--;
+
+			return 0;
+		}
+
+	lwsl_err("Failed to find fd %d requested for "
+		 "delete in hashtable\n", fd);
+	return 1;
+}
+
+LWS_VISIBLE int lws_get_random(struct lws_context *context,
+								 void *buf, int len)
+{
+	int n;
+	char *p = (char *)buf;
+
+	for (n = 0; n < len; n++)
+		p[n] = (unsigned char)rand();
+
+	return n;
+}
+
+LWS_VISIBLE int lws_send_pipe_choked(struct lws *wsi)
+{
+	/* treat the fact we got a truncated send pending as if we're choked */
+	if (wsi->trunc_len)
+		return 1;
+
+	return (int)wsi->sock_send_blocking;
+}
+
+LWS_VISIBLE int lws_poll_listen_fd(struct lws_pollfd *fd)
+{
+	fd_set readfds;
+	struct timeval tv = { 0, 0 };
+
+	assert((fd->events & LWS_POLLIN) == LWS_POLLIN);
+
+	FD_ZERO(&readfds);
+	FD_SET(fd->fd, &readfds);
+
+	return select(fd->fd + 1, &readfds, NULL, NULL, &tv);
+}
+
+LWS_VISIBLE void
+lws_cancel_service(struct lws_context *context)
+{
+	struct lws_context_per_thread *pt = &context->pt[0];
+	int n = context->count_threads;
+
+	while (n--) {
+		WSASetEvent(pt->events[0]);
+		pt++;
+	}
+}
+
+LWS_VISIBLE void
+lws_cancel_service_pt(struct lws *wsi)
+{
+	struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
+	WSASetEvent(pt->events[0]);
+}
+
+LWS_VISIBLE void lwsl_emit_syslog(int level, const char *line)
+{
+	lwsl_emit_stderr(level, line);
+}
+
+LWS_VISIBLE LWS_EXTERN int
+_lws_plat_service_tsi(struct lws_context *context, int timeout_ms, int tsi)
+{
+	struct lws_context_per_thread *pt;
+	WSANETWORKEVENTS networkevents;
+	struct lws_pollfd *pfd;
+	struct lws *wsi;
+	unsigned int i;
+	DWORD ev;
+	int n, m;
+
+	/* stay dead once we are dead */
+	if (context == NULL || !context->vhost_list)
+		return 1;
+
+	pt = &context->pt[tsi];
+
+	if (!context->service_tid_detected) {
+		struct lws _lws;
+
+		memset(&_lws, 0, sizeof(_lws));
+		_lws.context = context;
+
+		context->service_tid_detected = context->vhost_list->
+			protocols[0].callback(&_lws, LWS_CALLBACK_GET_THREAD_ID,
+						  NULL, NULL, 0);
+		context->service_tid = context->service_tid_detected;
+		context->service_tid_detected = 1;
+	}
+
+	if (timeout_ms < 0)
+	{
+			if (lws_service_flag_pending(context, tsi)) {
+			/* any socket with events to service? */
+			for (n = 0; n < (int)pt->fds_count; n++) {
+				if (!pt->fds[n].revents)
+					continue;
+
+				m = lws_service_fd_tsi(context, &pt->fds[n], tsi);
+				if (m < 0)
+					return -1;
+				/* if something closed, retry this slot */
+				if (m)
+					n--;
+			}
+		}
+		return 0;
+	}
+
+	for (i = 0; i < pt->fds_count; ++i) {
+		pfd = &pt->fds[i];
+
+		if (!(pfd->events & LWS_POLLOUT))
+			continue;
+
+		wsi = wsi_from_fd(context, pfd->fd);
+		if (wsi->listener)
+			continue;
+		if (!wsi || wsi->sock_send_blocking)
+			continue;
+		pfd->revents = LWS_POLLOUT;
+		n = lws_service_fd(context, pfd);
+		if (n < 0)
+			return -1;
+		/* if something closed, retry this slot */
+		if (n)
+			i--;
+
+		if (wsi->trunc_len)
+			WSASetEvent(pt->events[0]);
+	}
+
+	/*
+	 * is there anybody with pending stuff that needs service forcing?
+	 */
+	if (!lws_service_adjust_timeout(context, 1, tsi)) {
+		/* -1 timeout means just do forced service */
+		_lws_plat_service_tsi(context, -1, pt->tid);
+		/* still somebody left who wants forced service? */
+		if (!lws_service_adjust_timeout(context, 1, pt->tid))
+			/* yes... come back again quickly */
+			timeout_ms = 0;
+	}
+
+	ev = WSAWaitForMultipleEvents( 1,  pt->events , FALSE, timeout_ms, FALSE);
+	if (ev == WSA_WAIT_EVENT_0) {
+		unsigned int eIdx;
+
+		WSAResetEvent(pt->events[0]);
+
+		for (eIdx = 0; eIdx < pt->fds_count; ++eIdx) {
+			if (WSAEnumNetworkEvents(pt->fds[eIdx].fd, 0, &networkevents) == SOCKET_ERROR) {
+				lwsl_err("WSAEnumNetworkEvents() failed with error %d\n", LWS_ERRNO);
+				return -1;
+			}
+
+			pfd = &pt->fds[eIdx];
+			pfd->revents = (short)networkevents.lNetworkEvents;
+
+			if ((networkevents.lNetworkEvents & FD_CONNECT) &&
+				 networkevents.iErrorCode[FD_CONNECT_BIT] &&
+				 networkevents.iErrorCode[FD_CONNECT_BIT] != LWS_EALREADY &&
+				 networkevents.iErrorCode[FD_CONNECT_BIT] != LWS_EINPROGRESS &&
+				 networkevents.iErrorCode[FD_CONNECT_BIT] != LWS_EWOULDBLOCK &&
+				 networkevents.iErrorCode[FD_CONNECT_BIT] != WSAEINVAL) {
+				lwsl_debug("Unable to connect errno=%d\n",
+					   networkevents.iErrorCode[FD_CONNECT_BIT]);
+				pfd->revents |= LWS_POLLHUP;
+			}
+
+			if (pfd->revents & LWS_POLLOUT) {
+				wsi = wsi_from_fd(context, pfd->fd);
+				if (wsi)
+					wsi->sock_send_blocking = 0;
+			}
+			 /* if something closed, retry this slot */
+			if (pfd->revents & LWS_POLLHUP)
+					--eIdx;
+
+			if( pfd->revents != 0 ) {
+				lws_service_fd_tsi(context, pfd, tsi);
+
+			}
+		}
+	}
+
+	context->service_tid = 0;
+
+	if (ev == WSA_WAIT_TIMEOUT) {
+		lws_service_fd(context, NULL);
+	}
+	return 0;;
+}
+
+LWS_VISIBLE int
+lws_plat_service(struct lws_context *context, int timeout_ms)
+{
+	return _lws_plat_service_tsi(context, timeout_ms, 0);
+}
+
+LWS_VISIBLE int
+lws_plat_set_socket_options(struct lws_vhost *vhost, lws_sockfd_type fd)
+{
+	int optval = 1;
+	int optlen = sizeof(optval);
+	u_long optl = 1;
+	DWORD dwBytesRet;
+	struct tcp_keepalive alive;
+	int protonbr;
+#ifndef _WIN32_WCE
+	struct protoent *tcp_proto;
+#endif
+
+	if (vhost->ka_time) {
+		/* enable keepalive on this socket */
+		optval = 1;
+		if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE,
+						 (const char *)&optval, optlen) < 0)
+			return 1;
+
+		alive.onoff = TRUE;
+		alive.keepalivetime = vhost->ka_time;
+		alive.keepaliveinterval = vhost->ka_interval;
+
+		if (WSAIoctl(fd, SIO_KEEPALIVE_VALS, &alive, sizeof(alive),
+						  NULL, 0, &dwBytesRet, NULL, NULL))
+			return 1;
+	}
+
+	/* Disable Nagle */
+	optval = 1;
+#ifndef _WIN32_WCE
+	tcp_proto = getprotobyname("TCP");
+	if (!tcp_proto) {
+		lwsl_err("getprotobyname() failed with error %d\n", LWS_ERRNO);
+		return 1;
+	}
+	protonbr = tcp_proto->p_proto;
+#else
+	protonbr = 6;
+#endif
+
+	setsockopt(fd, protonbr, TCP_NODELAY, (const char *)&optval, optlen);
+
+	/* We are nonblocking... */
+	ioctlsocket(fd, FIONBIO, &optl);
+
+	return 0;
+}
+
+LWS_VISIBLE void
+lws_plat_drop_app_privileges(struct lws_context_creation_info *info)
+{
+}
+
+LWS_VISIBLE int
+lws_plat_context_early_init(void)
+{
+	WORD wVersionRequested;
+	WSADATA wsaData;
+	int err;
+
+	/* Use the MAKEWORD(lowbyte, highbyte) macro from Windef.h */
+	wVersionRequested = MAKEWORD(2, 2);
+
+	err = WSAStartup(wVersionRequested, &wsaData);
+	if (!err)
+		return 0;
+	/*
+	 * Tell the user that we could not find a usable
+	 * Winsock DLL
+	 */
+	lwsl_err("WSAStartup failed with error: %d\n", err);
+
+	return 1;
+}
+
+LWS_VISIBLE void
+lws_plat_context_early_destroy(struct lws_context *context)
+{
+	struct lws_context_per_thread *pt = &context->pt[0];
+	int n = context->count_threads;
+
+	while (n--) {
+		if (pt->events) {
+			WSACloseEvent(pt->events[0]);
+			lws_free(pt->events);
+		}
+		pt++;
+	}
+}
+
+LWS_VISIBLE void
+lws_plat_context_late_destroy(struct lws_context *context)
+{
+	int n;
+
+	for (n = 0; n < FD_HASHTABLE_MODULUS; n++) {
+		if (context->fd_hashtable[n].wsi)
+			lws_free(context->fd_hashtable[n].wsi);
+	}
+
+	WSACleanup();
+}
+
+LWS_VISIBLE LWS_EXTERN int
+lws_interface_to_sa(int ipv6,
+		const char *ifname, struct sockaddr_in *addr, size_t addrlen)
+{
+#ifdef LWS_WITH_IPV6
+	struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
+
+	if (ipv6) {
+		if (lws_plat_inet_pton(AF_INET6, ifname, &addr6->sin6_addr) == 1) {
+			return 0;
+		}
+	}
+#endif
+
+	long long address = inet_addr(ifname);
+
+	if (address == INADDR_NONE) {
+		struct hostent *entry = gethostbyname(ifname);
+		if (entry)
+			address = ((struct in_addr *)entry->h_addr_list[0])->s_addr;
+	}
+
+	if (address == INADDR_NONE)
+		return -1;
+
+	addr->sin_addr.s_addr = (lws_intptr_t)address;
+
+	return 0;
+}
+
+LWS_VISIBLE void
+lws_plat_insert_socket_into_fds(struct lws_context *context, struct lws *wsi)
+{
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+
+	pt->fds[pt->fds_count++].revents = 0;
+	pt->events[pt->fds_count] = pt->events[0];
+	WSAEventSelect(wsi->desc.sockfd, pt->events[0],
+			   LWS_POLLIN | LWS_POLLHUP | FD_CONNECT);
+}
+
+LWS_VISIBLE void
+lws_plat_delete_socket_from_fds(struct lws_context *context,
+						struct lws *wsi, int m)
+{
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+
+	pt->events[m + 1] = pt->events[pt->fds_count--];
+}
+
+LWS_VISIBLE void
+lws_plat_service_periodic(struct lws_context *context)
+{
+}
+
+LWS_VISIBLE int
+lws_plat_check_connection_error(struct lws *wsi)
+{
+	int optVal;
+	int optLen = sizeof(int);
+
+	if (getsockopt(wsi->desc.sockfd, SOL_SOCKET, SO_ERROR,
+			   (char*)&optVal, &optLen) != SOCKET_ERROR && optVal &&
+		optVal != LWS_EALREADY && optVal != LWS_EINPROGRESS &&
+		optVal != LWS_EWOULDBLOCK && optVal != WSAEINVAL) {
+		   lwsl_debug("Connect failed SO_ERROR=%d\n", optVal);
+		   return 1;
+	}
+
+	return 0;
+}
+
+LWS_VISIBLE int
+lws_plat_change_pollfd(struct lws_context *context,
+			  struct lws *wsi, struct lws_pollfd *pfd)
+{
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+	long networkevents = LWS_POLLHUP | FD_CONNECT;
+
+	if ((pfd->events & LWS_POLLIN))
+		networkevents |= LWS_POLLIN;
+
+	if ((pfd->events & LWS_POLLOUT))
+		networkevents |= LWS_POLLOUT;
+
+	if (WSAEventSelect(wsi->desc.sockfd,
+			pt->events[0],
+						   networkevents) != SOCKET_ERROR)
+		return 0;
+
+	lwsl_err("WSAEventSelect() failed with error %d\n", LWS_ERRNO);
+
+	return 1;
+}
+
+LWS_VISIBLE const char *
+lws_plat_inet_ntop(int af, const void *src, char *dst, int cnt)
+{
+	WCHAR *buffer;
+	DWORD bufferlen = cnt;
+	BOOL ok = FALSE;
+
+	buffer = lws_malloc(bufferlen * 2, "inet_ntop");
+	if (!buffer) {
+		lwsl_err("Out of memory\n");
+		return NULL;
+	}
+
+	if (af == AF_INET) {
+		struct sockaddr_in srcaddr;
+		bzero(&srcaddr, sizeof(srcaddr));
+		srcaddr.sin_family = AF_INET;
+		memcpy(&(srcaddr.sin_addr), src, sizeof(srcaddr.sin_addr));
+
+		if (!WSAAddressToStringW((struct sockaddr*)&srcaddr, sizeof(srcaddr), 0, buffer, &bufferlen))
+			ok = TRUE;
+#ifdef LWS_WITH_IPV6
+	} else if (af == AF_INET6) {
+		struct sockaddr_in6 srcaddr;
+		bzero(&srcaddr, sizeof(srcaddr));
+		srcaddr.sin6_family = AF_INET6;
+		memcpy(&(srcaddr.sin6_addr), src, sizeof(srcaddr.sin6_addr));
+
+		if (!WSAAddressToStringW((struct sockaddr*)&srcaddr, sizeof(srcaddr), 0, buffer, &bufferlen))
+			ok = TRUE;
+#endif
+	} else
+		lwsl_err("Unsupported type\n");
+
+	if (!ok) {
+		int rv = WSAGetLastError();
+		lwsl_err("WSAAddressToString() : %d\n", rv);
+	} else {
+		if (WideCharToMultiByte(CP_ACP, 0, buffer, bufferlen, dst, cnt, 0, NULL) <= 0)
+			ok = FALSE;
+	}
+
+	lws_free(buffer);
+	return ok ? dst : NULL;
+}
+
+LWS_VISIBLE int
+lws_plat_inet_pton(int af, const char *src, void *dst)
+{
+	WCHAR *buffer;
+	DWORD bufferlen = strlen(src) + 1;
+	BOOL ok = FALSE;
+
+	buffer = lws_malloc(bufferlen * 2, "inet_pton");
+	if (!buffer) {
+		lwsl_err("Out of memory\n");
+		return -1;
+	}
+
+	if (MultiByteToWideChar(CP_ACP, 0, src, bufferlen, buffer, bufferlen) <= 0) {
+		lwsl_err("Failed to convert multi byte to wide char\n");
+		lws_free(buffer);
+		return -1;
+	}
+
+	if (af == AF_INET) {
+		struct sockaddr_in dstaddr;
+		int dstaddrlen = sizeof(dstaddr);
+		bzero(&dstaddr, sizeof(dstaddr));
+		dstaddr.sin_family = AF_INET;
+
+		if (!WSAStringToAddressW(buffer, af, 0, (struct sockaddr *) &dstaddr, &dstaddrlen)) {
+			ok = TRUE;
+			memcpy(dst, &dstaddr.sin_addr, sizeof(dstaddr.sin_addr));
+		}
+#ifdef LWS_WITH_IPV6
+	} else if (af == AF_INET6) {
+		struct sockaddr_in6 dstaddr;
+		int dstaddrlen = sizeof(dstaddr);
+		bzero(&dstaddr, sizeof(dstaddr));
+		dstaddr.sin6_family = AF_INET6;
+
+		if (!WSAStringToAddressW(buffer, af, 0, (struct sockaddr *) &dstaddr, &dstaddrlen)) {
+			ok = TRUE;
+			memcpy(dst, &dstaddr.sin6_addr, sizeof(dstaddr.sin6_addr));
+		}
+#endif
+	} else
+		lwsl_err("Unsupported type\n");
+
+	if (!ok) {
+		int rv = WSAGetLastError();
+		lwsl_err("WSAAddressToString() : %d\n", rv);
+	}
+
+	lws_free(buffer);
+	return ok ? 1 : -1;
+}
+
+LWS_VISIBLE lws_fop_fd_t
+_lws_plat_file_open(const struct lws_plat_file_ops *fops, const char *filename,
+		    const char *vpath, lws_fop_flags_t *flags)
+{
+	HANDLE ret;
+	WCHAR buf[MAX_PATH];
+	lws_fop_fd_t fop_fd;
+	LARGE_INTEGER llFileSize = {0};
+
+	MultiByteToWideChar(CP_UTF8, 0, filename, -1, buf, ARRAY_SIZE(buf));
+	if (((*flags) & 7) == _O_RDONLY) {
+		ret = CreateFileW(buf, GENERIC_READ, FILE_SHARE_READ,
+			  NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
+	} else {
+		ret = CreateFileW(buf, GENERIC_WRITE, 0, NULL,
+			  CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
+	}
+
+	if (ret == LWS_INVALID_FILE)
+		goto bail;
+
+	fop_fd = malloc(sizeof(*fop_fd));
+	if (!fop_fd)
+		goto bail;
+
+	fop_fd->fops = fops;
+	fop_fd->fd = ret;
+	fop_fd->filesystem_priv = NULL; /* we don't use it */
+	fop_fd->flags = *flags;
+	fop_fd->len = GetFileSize(ret, NULL);
+	if(GetFileSizeEx(ret, &llFileSize))
+		fop_fd->len = llFileSize.QuadPart;
+
+	fop_fd->pos = 0;
+
+	return fop_fd;
+
+bail:
+	return NULL;
+}
+
+LWS_VISIBLE int
+_lws_plat_file_close(lws_fop_fd_t *fop_fd)
+{
+	HANDLE fd = (*fop_fd)->fd;
+
+	free(*fop_fd);
+	*fop_fd = NULL;
+
+	CloseHandle((HANDLE)fd);
+
+	return 0;
+}
+
+LWS_VISIBLE lws_fileofs_t
+_lws_plat_file_seek_cur(lws_fop_fd_t fop_fd, lws_fileofs_t offset)
+{
+	LARGE_INTEGER l;
+
+	l.QuadPart = offset;
+	return SetFilePointerEx((HANDLE)fop_fd->fd, l, NULL, FILE_CURRENT);
+}
+
+LWS_VISIBLE int
+_lws_plat_file_read(lws_fop_fd_t fop_fd, lws_filepos_t *amount,
+		    uint8_t *buf, lws_filepos_t len)
+{
+	DWORD _amount;
+
+	if (!ReadFile((HANDLE)fop_fd->fd, buf, (DWORD)len, &_amount, NULL)) {
+		*amount = 0;
+
+		return 1;
+	}
+
+	fop_fd->pos += _amount;
+	*amount = (unsigned long)_amount;
+
+	return 0;
+}
+
+LWS_VISIBLE int
+_lws_plat_file_write(lws_fop_fd_t fop_fd, lws_filepos_t *amount,
+			 uint8_t* buf, lws_filepos_t len)
+{
+	DWORD _amount;
+
+	if (!WriteFile((HANDLE)fop_fd->fd, buf, (DWORD)len, &_amount, NULL)) {
+		*amount = 0;
+
+		return 1;
+	}
+
+	fop_fd->pos += _amount;
+	*amount = (unsigned long)_amount;
+
+	return 0;
+}
+
+LWS_VISIBLE int
+lws_plat_init(struct lws_context *context,
+		  struct lws_context_creation_info *info)
+{
+	struct lws_context_per_thread *pt = &context->pt[0];
+	int i, n = context->count_threads;
+
+	for (i = 0; i < FD_HASHTABLE_MODULUS; i++) {
+		context->fd_hashtable[i].wsi =
+			lws_zalloc(sizeof(struct lws*) * context->max_fds, "win hashtable");
+
+		if (!context->fd_hashtable[i].wsi)
+			return -1;
+	}
+
+	while (n--) {
+		pt->events = lws_malloc(sizeof(WSAEVENT) *
+					(context->fd_limit_per_thread + 1), "event table");
+		if (pt->events == NULL) {
+			lwsl_err("Unable to allocate events array for %d connections\n",
+					context->fd_limit_per_thread + 1);
+			return 1;
+		}
+
+		pt->fds_count = 0;
+		pt->events[0] = WSACreateEvent();
+
+		pt++;
+	}
+
+	context->fd_random = 0;
+
+#ifdef LWS_WITH_PLUGINS
+	if (info->plugin_dirs)
+		lws_plat_plugins_init(context, info->plugin_dirs);
+#endif
+
+	return 0;
+}
+
+
+int kill(int pid, int sig)
+{
+	lwsl_err("Sorry Windows doesn't support kill().");
+	exit(0);
+}
+
+int fork(void)
+{
+	lwsl_err("Sorry Windows doesn't support fork().");
+	exit(0);
+}
+
diff --git a/thirdparty/lws/pollfd.c b/thirdparty/lws/pollfd.c
new file mode 100644
index 0000000000..4d6704d41c
--- /dev/null
+++ b/thirdparty/lws/pollfd.c
@@ -0,0 +1,557 @@
+/*
+ * libwebsockets - small server side websockets and web server implementation
+ *
+ * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com>
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation:
+ *  version 2.1 of the License.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA  02110-1301  USA
+ */
+
+#include "private-libwebsockets.h"
+
+int
+_lws_change_pollfd(struct lws *wsi, int _and, int _or, struct lws_pollargs *pa)
+{
+	struct lws_context_per_thread *pt;
+	struct lws_context *context;
+	int ret = 0, pa_events = 1;
+	struct lws_pollfd *pfd;
+	int sampled_tid, tid;
+
+	if (!wsi || wsi->position_in_fds_table < 0)
+		return 0;
+
+	if (wsi->handling_pollout && !_and && _or == LWS_POLLOUT) {
+		/*
+		 * Happening alongside service thread handling POLLOUT.
+		 * The danger is when he is finished, he will disable POLLOUT,
+		 * countermanding what we changed here.
+		 *
+		 * Instead of changing the fds, inform the service thread
+		 * what happened, and ask it to leave POLLOUT active on exit
+		 */
+		wsi->leave_pollout_active = 1;
+		/*
+		 * by definition service thread is not in poll wait, so no need
+		 * to cancel service
+		 */
+
+		lwsl_debug("%s: using leave_pollout_active\n", __func__);
+
+		return 0;
+	}
+
+	context = wsi->context;
+	pt = &context->pt[(int)wsi->tsi];
+	assert(wsi->position_in_fds_table >= 0 &&
+	       wsi->position_in_fds_table < pt->fds_count);
+
+	pfd = &pt->fds[wsi->position_in_fds_table];
+	pa->fd = wsi->desc.sockfd;
+	pa->prev_events = pfd->events;
+	pa->events = pfd->events = (pfd->events & ~_and) | _or;
+
+	if (wsi->http2_substream)
+		return 0;
+
+	if (wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_CHANGE_MODE_POLL_FD,
+					   wsi->user_space, (void *)pa, 0)) {
+		ret = -1;
+		goto bail;
+	}
+
+	if (_and & LWS_POLLIN) {
+		lws_libev_io(wsi, LWS_EV_STOP | LWS_EV_READ);
+		lws_libuv_io(wsi, LWS_EV_STOP | LWS_EV_READ);
+		lws_libevent_io(wsi, LWS_EV_STOP | LWS_EV_READ);
+	}
+	if (_or & LWS_POLLIN) {
+		lws_libev_io(wsi, LWS_EV_START | LWS_EV_READ);
+		lws_libuv_io(wsi, LWS_EV_START | LWS_EV_READ);
+		lws_libevent_io(wsi, LWS_EV_START | LWS_EV_READ);
+	}
+	if (_and & LWS_POLLOUT) {
+		lws_libev_io(wsi, LWS_EV_STOP | LWS_EV_WRITE);
+		lws_libuv_io(wsi, LWS_EV_STOP | LWS_EV_WRITE);
+		lws_libevent_io(wsi, LWS_EV_STOP | LWS_EV_WRITE);
+	}
+	if (_or & LWS_POLLOUT) {
+		lws_libev_io(wsi, LWS_EV_START | LWS_EV_WRITE);
+		lws_libuv_io(wsi, LWS_EV_START | LWS_EV_WRITE);
+		lws_libevent_io(wsi, LWS_EV_START | LWS_EV_WRITE);
+	}
+
+	/*
+	 * if we changed something in this pollfd...
+	 *   ... and we're running in a different thread context
+	 *     than the service thread...
+	 *       ... and the service thread is waiting ...
+	 *         then cancel it to force a restart with our changed events
+	 */
+#if LWS_POSIX
+	pa_events = pa->prev_events != pa->events;
+#endif
+
+	if (pa_events) {
+
+		if (lws_plat_change_pollfd(context, wsi, pfd)) {
+			lwsl_info("%s failed\n", __func__);
+			ret = -1;
+			goto bail;
+		}
+
+		sampled_tid = context->service_tid;
+		if (sampled_tid) {
+			tid = wsi->vhost->protocols[0].callback(wsi,
+				     LWS_CALLBACK_GET_THREAD_ID, NULL, NULL, 0);
+			if (tid == -1) {
+				ret = -1;
+				goto bail;
+			}
+			if (tid != sampled_tid)
+				lws_cancel_service_pt(wsi);
+		}
+	}
+bail:
+	return ret;
+}
+
+#ifndef LWS_NO_SERVER
+static void
+lws_accept_modulation(struct lws_context_per_thread *pt, int allow)
+{
+// multithread listen seems broken
+#if 0
+	struct lws_vhost *vh = context->vhost_list;
+	struct lws_pollargs pa1;
+
+	while (vh) {
+		if (allow)
+			_lws_change_pollfd(pt->wsi_listening,
+					   0, LWS_POLLIN, &pa1);
+		else
+			_lws_change_pollfd(pt->wsi_listening,
+					   LWS_POLLIN, 0, &pa1);
+		vh = vh->vhost_next;
+	}
+#endif
+}
+#endif
+
+int
+insert_wsi_socket_into_fds(struct lws_context *context, struct lws *wsi)
+{
+	struct lws_pollargs pa = { wsi->desc.sockfd, LWS_POLLIN, 0 };
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+	int ret = 0;
+
+
+	lwsl_debug("%s: %p: tsi=%d, sock=%d, pos-in-fds=%d\n",
+		  __func__, wsi, wsi->tsi, wsi->desc.sockfd, pt->fds_count);
+
+	if ((unsigned int)pt->fds_count >= context->fd_limit_per_thread) {
+		lwsl_err("Too many fds (%d vs %d)\n", context->max_fds,
+				context->fd_limit_per_thread	);
+		return 1;
+	}
+
+#if !defined(_WIN32) && !defined(LWS_WITH_ESP8266)
+	if (wsi->desc.sockfd >= context->max_fds) {
+		lwsl_err("Socket fd %d is too high (%d)\n",
+			 wsi->desc.sockfd, context->max_fds);
+		return 1;
+	}
+#endif
+
+	assert(wsi);
+	assert(wsi->vhost);
+	assert(lws_socket_is_valid(wsi->desc.sockfd));
+
+	if (wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_LOCK_POLL,
+					   wsi->user_space, (void *) &pa, 1))
+		return -1;
+
+	lws_pt_lock(pt);
+	pt->count_conns++;
+	insert_wsi(context, wsi);
+#if defined(LWS_WITH_ESP8266)
+	if (wsi->position_in_fds_table == -1)
+#endif
+		wsi->position_in_fds_table = pt->fds_count;
+
+	pt->fds[wsi->position_in_fds_table].fd = wsi->desc.sockfd;
+#if LWS_POSIX
+	pt->fds[wsi->position_in_fds_table].events = LWS_POLLIN;
+#else
+	pt->fds[wsi->position_in_fds_table].events = 0;
+#endif
+	pa.events = pt->fds[pt->fds_count].events;
+
+	lws_plat_insert_socket_into_fds(context, wsi);
+
+	/* external POLL support via protocol 0 */
+	if (wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_ADD_POLL_FD,
+					   wsi->user_space, (void *) &pa, 0))
+		ret =  -1;
+#ifndef LWS_NO_SERVER
+	/* if no more room, defeat accepts on this thread */
+	if ((unsigned int)pt->fds_count == context->fd_limit_per_thread - 1)
+		lws_accept_modulation(pt, 0);
+#endif
+	lws_pt_unlock(pt);
+
+	if (wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_UNLOCK_POLL,
+					   wsi->user_space, (void *)&pa, 1))
+		ret = -1;
+
+	return ret;
+}
+
+int
+remove_wsi_socket_from_fds(struct lws *wsi)
+{
+	struct lws_context *context = wsi->context;
+	struct lws_pollargs pa = { wsi->desc.sockfd, 0, 0 };
+#if !defined(LWS_WITH_ESP8266)
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+	struct lws *end_wsi;
+	int v;
+#endif
+	int m, ret = 0;
+
+	if (wsi->parent_carries_io) {
+		lws_same_vh_protocol_remove(wsi);
+		return 0;
+	}
+
+#if !defined(_WIN32) && !defined(LWS_WITH_ESP8266)
+	if (wsi->desc.sockfd > context->max_fds) {
+		lwsl_err("fd %d too high (%d)\n", wsi->desc.sockfd,
+			 context->max_fds);
+		return 1;
+	}
+#endif
+
+	if (wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_LOCK_POLL,
+					   wsi->user_space, (void *)&pa, 1))
+		return -1;
+
+	lws_same_vh_protocol_remove(wsi);
+
+	/* the guy who is to be deleted's slot index in pt->fds */
+	m = wsi->position_in_fds_table;
+	
+#if !defined(LWS_WITH_ESP8266)
+	lws_libev_io(wsi, LWS_EV_STOP | LWS_EV_READ | LWS_EV_WRITE |
+			  LWS_EV_PREPARE_DELETION);
+	lws_libuv_io(wsi, LWS_EV_STOP | LWS_EV_READ | LWS_EV_WRITE |
+			  LWS_EV_PREPARE_DELETION);
+
+	lws_pt_lock(pt);
+
+	lwsl_debug("%s: wsi=%p, sock=%d, fds pos=%d, end guy pos=%d, endfd=%d\n",
+		  __func__, wsi, wsi->desc.sockfd, wsi->position_in_fds_table,
+		  pt->fds_count, pt->fds[pt->fds_count].fd);
+
+	/* have the last guy take up the now vacant slot */
+	pt->fds[m] = pt->fds[pt->fds_count - 1];
+#endif
+	/* this decrements pt->fds_count */
+	lws_plat_delete_socket_from_fds(context, wsi, m);
+#if !defined(LWS_WITH_ESP8266)
+	v = (int) pt->fds[m].fd;
+	/* end guy's "position in fds table" is now the deletion guy's old one */
+	end_wsi = wsi_from_fd(context, v);
+	if (!end_wsi) {
+		lwsl_err("no wsi found for sock fd %d at pos %d, pt->fds_count=%d\n",
+				(int)pt->fds[m].fd, m, pt->fds_count);
+		assert(0);
+	} else
+		end_wsi->position_in_fds_table = m;
+
+	/* deletion guy's lws_lookup entry needs nuking */
+	delete_from_fd(context, wsi->desc.sockfd);
+	/* removed wsi has no position any more */
+	wsi->position_in_fds_table = -1;
+
+	/* remove also from external POLL support via protocol 0 */
+	if (lws_socket_is_valid(wsi->desc.sockfd))
+		if (wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_DEL_POLL_FD,
+						   wsi->user_space, (void *) &pa, 0))
+			ret = -1;
+#ifndef LWS_NO_SERVER
+	if (!context->being_destroyed)
+		/* if this made some room, accept connects on this thread */
+		if ((unsigned int)pt->fds_count < context->fd_limit_per_thread - 1)
+			lws_accept_modulation(pt, 1);
+#endif
+	lws_pt_unlock(pt);
+
+	if (wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_UNLOCK_POLL,
+					      wsi->user_space, (void *) &pa, 1))
+		ret = -1;
+#endif
+	return ret;
+}
+
+int
+lws_change_pollfd(struct lws *wsi, int _and, int _or)
+{
+	struct lws_context_per_thread *pt;
+	struct lws_context *context;
+	struct lws_pollargs pa;
+	int ret = 0;
+
+	if (!wsi || !wsi->protocol || wsi->position_in_fds_table < 0)
+		return 1;
+
+	context = lws_get_context(wsi);
+	if (!context)
+		return 1;
+
+	if (wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_LOCK_POLL,
+					      wsi->user_space,  (void *) &pa, 0))
+		return -1;
+
+	pt = &context->pt[(int)wsi->tsi];
+
+	lws_pt_lock(pt);
+	ret = _lws_change_pollfd(wsi, _and, _or, &pa);
+	lws_pt_unlock(pt);
+	if (wsi->vhost->protocols[0].callback(wsi, LWS_CALLBACK_UNLOCK_POLL,
+					   wsi->user_space, (void *) &pa, 0))
+		ret = -1;
+
+	return ret;
+}
+
+LWS_VISIBLE int
+lws_callback_on_writable(struct lws *wsi)
+{
+	struct lws_context_per_thread *pt;
+#ifdef LWS_WITH_HTTP2
+	struct lws *network_wsi, *wsi2;
+	int already;
+#endif
+	int n;
+
+	if (wsi->state == LWSS_SHUTDOWN)
+		return 0;
+
+	if (wsi->socket_is_permanently_unusable)
+		return 0;
+
+	pt = &wsi->context->pt[(int)wsi->tsi];
+
+	if (wsi->parent_carries_io) {
+#if defined(LWS_WITH_STATS)
+		if (!wsi->active_writable_req_us) {
+			wsi->active_writable_req_us = time_in_microseconds();
+			lws_stats_atomic_bump(wsi->context, pt,
+					      LWSSTATS_C_WRITEABLE_CB_EFF_REQ, 1);
+		}
+#endif
+		n = lws_callback_on_writable(wsi->parent);
+		if (n < 0)
+			return n;
+
+		wsi->parent_pending_cb_on_writable = 1;
+		return 1;
+	}
+
+	lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_WRITEABLE_CB_REQ, 1);
+#if defined(LWS_WITH_STATS)
+	if (!wsi->active_writable_req_us) {
+		wsi->active_writable_req_us = time_in_microseconds();
+		lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_WRITEABLE_CB_EFF_REQ, 1);
+	}
+#endif
+
+#ifdef LWS_WITH_HTTP2
+	lwsl_info("%s: %p\n", __func__, wsi);
+
+	if (wsi->mode != LWSCM_HTTP2_SERVING)
+		goto network_sock;
+
+	if (wsi->u.h2.requested_POLLOUT) {
+		lwsl_info("already pending writable\n");
+		return 1;
+	}
+
+	/* is this for DATA or for control messages? */
+	if (wsi->upgraded_to_http2 && !wsi->u.h2.h2n->pps &&
+	    !lws_h2_tx_cr_get(wsi)) {
+		/*
+		 * other side is not able to cope with us sending DATA
+		 * anything so no matter if we have POLLOUT on our side if it's
+		 * DATA we want to send.
+		 *
+		 * Delay waiting for our POLLOUT until peer indicates he has
+		 * space for more using tx window command in http2 layer
+		 */
+		lwsl_notice("%s: %p: skint (%d)\n", __func__, wsi, wsi->u.h2.tx_cr);
+		wsi->u.h2.skint = 1;
+		return 0;
+	}
+
+	wsi->u.h2.skint = 0;
+	network_wsi = lws_get_network_wsi(wsi);
+	already = network_wsi->u.h2.requested_POLLOUT;
+
+	/* mark everybody above him as requesting pollout */
+
+	wsi2 = wsi;
+	while (wsi2) {
+		wsi2->u.h2.requested_POLLOUT = 1;
+		lwsl_info("mark %p pending writable\n", wsi2);
+		wsi2 = wsi2->u.h2.parent_wsi;
+	}
+
+	/* for network action, act only on the network wsi */
+
+	wsi = network_wsi;
+	if (already)
+		return 1;
+network_sock:
+#endif
+
+	if (lws_ext_cb_active(wsi, LWS_EXT_CB_REQUEST_ON_WRITEABLE, NULL, 0))
+		return 1;
+
+	if (wsi->position_in_fds_table < 0) {
+		lwsl_debug("%s: failed to find socket %d\n", __func__, wsi->desc.sockfd);
+		return -1;
+	}
+
+	if (lws_change_pollfd(wsi, 0, LWS_POLLOUT))
+		return -1;
+
+	return 1;
+}
+
+/*
+ * stitch protocol choice into the vh protocol linked list
+ * We always insert ourselves at the start of the list
+ *
+ * X <-> B
+ * X <-> pAn <-> pB
+ *
+ * Illegal to attach more than once without detach inbetween
+ */
+void
+lws_same_vh_protocol_insert(struct lws *wsi, int n)
+{
+	if (wsi->same_vh_protocol_prev || wsi->same_vh_protocol_next) {
+		lws_same_vh_protocol_remove(wsi);
+		lwsl_notice("Attempted to attach wsi twice to same vh prot\n");
+	}
+
+	wsi->same_vh_protocol_prev = &wsi->vhost->same_vh_protocol_list[n];
+	/* old first guy is our next */
+	wsi->same_vh_protocol_next =  wsi->vhost->same_vh_protocol_list[n];
+	/* we become the new first guy */
+	wsi->vhost->same_vh_protocol_list[n] = wsi;
+
+	if (wsi->same_vh_protocol_next)
+		/* old first guy points back to us now */
+		wsi->same_vh_protocol_next->same_vh_protocol_prev =
+				&wsi->same_vh_protocol_next;
+}
+
+void
+lws_same_vh_protocol_remove(struct lws *wsi)
+{
+	/*
+	 * detach ourselves from vh protocol list if we're on one
+	 * A -> B -> C
+	 * A -> C , or, B -> C, or A -> B
+	 *
+	 * OK to call on already-detached wsi
+	 */
+	lwsl_info("%s: removing same prot wsi %p\n", __func__, wsi);
+
+	if (wsi->same_vh_protocol_prev) {
+		assert (*(wsi->same_vh_protocol_prev) == wsi);
+		lwsl_info("have prev %p, setting him to our next %p\n",
+			 wsi->same_vh_protocol_prev,
+			 wsi->same_vh_protocol_next);
+
+		/* guy who pointed to us should point to our next */
+		*(wsi->same_vh_protocol_prev) = wsi->same_vh_protocol_next;
+	}
+
+	/* our next should point back to our prev */
+	if (wsi->same_vh_protocol_next) {
+		wsi->same_vh_protocol_next->same_vh_protocol_prev =
+				wsi->same_vh_protocol_prev;
+	}
+
+	wsi->same_vh_protocol_prev = NULL;
+	wsi->same_vh_protocol_next = NULL;
+}
+
+
+LWS_VISIBLE int
+lws_callback_on_writable_all_protocol_vhost(const struct lws_vhost *vhost,
+				      const struct lws_protocols *protocol)
+{
+	struct lws *wsi;
+
+	if (protocol < vhost->protocols ||
+	    protocol >= (vhost->protocols + vhost->count_protocols)) {
+		lwsl_err("%s: protocol %p is not from vhost %p (%p - %p)\n",
+			__func__, protocol, vhost->protocols, vhost,
+			(vhost->protocols + vhost->count_protocols));
+
+		return -1;
+	}
+
+	wsi = vhost->same_vh_protocol_list[protocol - vhost->protocols];
+	while (wsi) {
+		assert(wsi->protocol == protocol);
+		assert(*wsi->same_vh_protocol_prev == wsi);
+		if (wsi->same_vh_protocol_next)
+			assert(wsi->same_vh_protocol_next->same_vh_protocol_prev ==
+					&wsi->same_vh_protocol_next);
+
+		lws_callback_on_writable(wsi);
+		wsi = wsi->same_vh_protocol_next;
+	}
+
+	return 0;
+}
+
+LWS_VISIBLE int
+lws_callback_on_writable_all_protocol(const struct lws_context *context,
+				      const struct lws_protocols *protocol)
+{
+	struct lws_vhost *vhost = context->vhost_list;
+	int n;
+
+	while (vhost) {
+		for (n = 0; n < vhost->count_protocols; n++)
+			if (protocol->callback ==
+			    vhost->protocols[n].callback &&
+			    !strcmp(protocol->name, vhost->protocols[n].name))
+				break;
+		if (n != vhost->count_protocols)
+			lws_callback_on_writable_all_protocol_vhost(
+				vhost, &vhost->protocols[n]);
+
+		vhost = vhost->vhost_next;
+	}
+
+	return 0;
+}
diff --git a/thirdparty/lws/private-libwebsockets.h b/thirdparty/lws/private-libwebsockets.h
new file mode 100644
index 0000000000..4f0b374332
--- /dev/null
+++ b/thirdparty/lws/private-libwebsockets.h
@@ -0,0 +1,2618 @@
+/*
+ * libwebsockets - small server side websockets and web server implementation
+ *
+ * Copyright (C) 2010 - 2016 Andy Green <andy@warmcat.com>
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation:
+ *  version 2.1 of the License.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA  02110-1301  USA
+ */
+
+#include "lws_config.h"
+#include "lws_config_private.h"
+
+
+#if defined(LWS_WITH_CGI) && defined(LWS_HAVE_VFORK)
+#define  _GNU_SOURCE
+#endif
+
+#if defined(__COVERITY__)
+typedef struct { long double x, y; } _Float128;
+#endif
+
+#ifdef LWS_HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include <ctype.h>
+#include <limits.h>
+#include <stdarg.h>
+#include <inttypes.h>
+
+#if defined(LWS_WITH_ESP32)
+#define MSG_NOSIGNAL 0
+#define SOMAXCONN 3
+#endif
+
+#if defined(LWS_WITH_ESP8266)
+#include <user_interface.h>
+#define assert(n)
+
+/* rom-provided stdc functions for free, ensure use these instead of libc ones */
+
+int ets_vsprintf(char *str, const char *format, va_list argptr);
+int ets_vsnprintf(char *buffer, size_t sizeOfBuffer,  const char *format, va_list argptr);
+int ets_snprintf(char *str, size_t size, const char *format, ...);
+int ets_sprintf(char *str, const char *format, ...);
+int os_printf_plus(const char *format, ...);
+#undef malloc
+#undef realloc
+#undef free
+void *pvPortMalloc(size_t s, const char *f, int line);
+#define malloc(s) pvPortMalloc(s, "", 0)
+void *pvPortRealloc(void *p, size_t s, const char *f, int line);
+#define realloc(p, s) pvPortRealloc(p, s, "", 0)
+void vPortFree(void *p, const char *f, int line);
+#define free(p) vPortFree(p, "", 0)
+#undef memcpy
+void *ets_memcpy(void *dest, const void *src, size_t n);
+#define memcpy ets_memcpy
+void *ets_memset(void *dest, int v, size_t n);
+#define memset ets_memset
+char *ets_strcpy(char *dest, const char *src);
+#define strcpy ets_strcpy
+char *ets_strncpy(char *dest, const char *src, size_t n);
+#define strncpy ets_strncpy
+char *ets_strstr(const char *haystack, const char *needle);
+#define strstr ets_strstr
+int ets_strcmp(const char *s1, const char *s2);
+int ets_strncmp(const char *s1, const char *s2, size_t n);
+#define strcmp ets_strcmp
+#define strncmp ets_strncmp
+size_t ets_strlen(const char *s);
+#define strlen ets_strlen
+void *ets_memmove(void *dest, const void *src, size_t n);
+#define memmove ets_memmove
+char *ets_strchr(const char *s, int c);
+#define strchr_ets_strchr
+#undef _DEBUG
+#include <osapi.h>
+
+#else
+#define STORE_IN_ROM
+#include <assert.h>
+#endif
+#if LWS_MAX_SMP > 1
+#include <pthread.h>
+#endif
+
+#ifdef LWS_HAVE_SYS_STAT_H
+#include <sys/stat.h>
+#endif
+
+#if defined(WIN32) || defined(_WIN32)
+
+#ifndef WIN32_LEAN_AND_MEAN
+#define WIN32_LEAN_AND_MEAN
+#endif
+
+#if (WINVER < 0x0501)
+#undef WINVER
+#undef _WIN32_WINNT
+#define WINVER 0x0501
+#define _WIN32_WINNT WINVER
+#endif
+#define LWS_NO_DAEMONIZE
+#define LWS_ERRNO WSAGetLastError()
+#define LWS_EAGAIN WSAEWOULDBLOCK
+#define LWS_EALREADY WSAEALREADY
+#define LWS_EINPROGRESS WSAEINPROGRESS
+#define LWS_EINTR WSAEINTR
+#define LWS_EISCONN WSAEISCONN
+#define LWS_EWOULDBLOCK WSAEWOULDBLOCK
+#define MSG_NOSIGNAL 0
+#define SHUT_RDWR SD_BOTH
+#define SOL_TCP IPPROTO_TCP
+#define SHUT_WR SD_SEND
+
+#define compatible_close(fd) closesocket(fd)
+#define lws_set_blocking_send(wsi) wsi->sock_send_blocking = 1
+#define lws_socket_is_valid(x) (!!x)
+#define LWS_SOCK_INVALID 0
+#include <winsock2.h>
+#include <ws2tcpip.h>
+#include <windows.h>
+#include <tchar.h>
+#ifdef LWS_HAVE_IN6ADDR_H
+#include <in6addr.h>
+#endif
+#include <mstcpip.h>
+#include <io.h>
+
+#if !defined(LWS_HAVE_ATOLL)
+#if defined(LWS_HAVE__ATOI64)
+#define atoll _atoi64
+#else
+#warning No atoll or _atoi64 available, using atoi
+#define atoll atoi
+#endif
+#endif
+
+#ifndef __func__
+#define __func__ __FUNCTION__
+#endif
+
+#ifdef LWS_HAVE__VSNPRINTF
+#define vsnprintf _vsnprintf
+#endif
+
+/* we don't have an implementation for this on windows... */
+int kill(int pid, int sig);
+int fork(void);
+#ifndef SIGINT
+#define SIGINT 2
+#endif
+
+#else /* not windows --> */
+
+#include <fcntl.h>
+#include <strings.h>
+#include <unistd.h>
+#include <sys/types.h>
+
+#ifndef __cplusplus
+#include <errno.h>
+#endif
+#include <netdb.h>
+#include <signal.h>
+#ifdef LWS_WITH_ESP8266
+#include <sockets.h>
+#define vsnprintf ets_vsnprintf
+#define snprintf ets_snprintf
+#define sprintf ets_sprintf
+
+int kill(int pid, int sig);
+
+#else
+#include <sys/socket.h>
+#endif
+#ifdef LWS_WITH_HTTP_PROXY
+#include <hubbub/hubbub.h>
+#include <hubbub/parser.h>
+#endif
+#if defined(LWS_BUILTIN_GETIFADDRS)
+ #include "./misc/getifaddrs.h"
+#else
+ #if !defined(LWS_WITH_ESP8266) && !defined(LWS_WITH_ESP32)
+ #if defined(__HAIKU__)
+   #define _BSD_SOURCE
+ #endif
+ #include <ifaddrs.h>
+ #endif
+#endif
+#if defined (__ANDROID__)
+#include <syslog.h>
+#include <sys/resource.h>
+#elif defined (__sun) || defined(__HAIKU__)
+#include <syslog.h>
+#else
+#if !defined(LWS_WITH_ESP8266)  && !defined(LWS_WITH_ESP32)
+#include <sys/syslog.h>
+#endif
+#endif
+#include <netdb.h>
+#if !defined(LWS_WITH_ESP8266) && !defined(LWS_WITH_ESP32)
+#include <sys/mman.h>
+#include <sys/un.h>
+#include <netinet/in.h>
+#include <netinet/tcp.h>
+#include <arpa/inet.h>
+#include <poll.h>
+#endif
+#ifdef LWS_WITH_LIBEV
+#include <ev.h>
+#endif
+#ifdef LWS_WITH_LIBUV
+#include <uv.h>
+#endif
+#ifdef LWS_WITH_LIBEVENT
+#include <event2/event.h>
+#endif
+
+#ifndef LWS_NO_FORK
+#ifdef LWS_HAVE_SYS_PRCTL_H
+#include <sys/prctl.h>
+#endif
+#endif
+
+#include <sys/time.h>
+
+#define LWS_ERRNO errno
+#define LWS_EAGAIN EAGAIN
+#define LWS_EALREADY EALREADY
+#define LWS_EINPROGRESS EINPROGRESS
+#define LWS_EINTR EINTR
+#define LWS_EISCONN EISCONN
+#define LWS_EWOULDBLOCK EWOULDBLOCK
+
+#define lws_set_blocking_send(wsi)
+
+#if defined(LWS_WITH_ESP8266)
+#define lws_socket_is_valid(x) ((x) != NULL)
+#define LWS_SOCK_INVALID (NULL)
+struct lws;
+const char *
+lws_plat_get_peer_simple(struct lws *wsi, char *name, int namelen);
+#else
+#define lws_socket_is_valid(x) (x >= 0)
+#define LWS_SOCK_INVALID (-1)
+#endif
+#endif
+
+#ifndef LWS_HAVE_BZERO
+#ifndef bzero
+#define bzero(b, len) (memset((b), '\0', (len)), (void) 0)
+#endif
+#endif
+
+#ifndef LWS_HAVE_STRERROR
+#define strerror(x) ""
+#endif
+
+#ifdef LWS_OPENSSL_SUPPORT
+
+#ifdef USE_WOLFSSL
+#ifdef USE_OLD_CYASSL
+#include <cyassl/openssl/ssl.h>
+#include <cyassl/error-ssl.h>
+#else
+#include <wolfssl/openssl/ssl.h>
+#include <wolfssl/error-ssl.h>
+#define OPENSSL_NO_TLSEXT
+#endif /* not USE_OLD_CYASSL */
+#else
+#if defined(LWS_WITH_ESP32)
+#define OPENSSL_NO_TLSEXT
+#else
+#if defined(LWS_WITH_MBEDTLS)
+#include <mbedtls/ssl.h>
+#include <mbedtls/x509_crt.h>
+#else
+#include <openssl/ssl.h>
+#include <openssl/evp.h>
+#include <openssl/err.h>
+#include <openssl/md5.h>
+#include <openssl/sha.h>
+#ifdef LWS_HAVE_OPENSSL_ECDH_H
+#include <openssl/ecdh.h>
+#endif
+#include <openssl/x509v3.h>
+#endif
+#if defined(OPENSSL_VERSION_NUMBER)
+#if (OPENSSL_VERSION_NUMBER < 0x0009080afL)
+/* later openssl defines this to negate the presence of tlsext... but it was only
+ * introduced at 0.9.8j.  Earlier versions don't know it exists so don't
+ * define it... making it look like the feature exists...
+ */
+#define OPENSSL_NO_TLSEXT
+#endif
+#endif
+#endif /* not ESP32 */
+#endif /* not USE_WOLFSSL */
+#endif
+
+#include "libwebsockets.h"
+#if defined(WIN32) || defined(_WIN32)
+#else
+static inline int compatible_close(int fd) { return close(fd); }
+#endif
+
+#if defined(WIN32) || defined(_WIN32)
+#include <gettimeofday.h>
+#endif
+
+#if defined(LWS_WITH_ESP8266)
+#undef compatible_close
+#define compatible_close(fd) { fd->state=ESPCONN_CLOSE; espconn_delete(fd); }
+lws_sockfd_type
+esp8266_create_tcp_stream_socket(void);
+void
+esp8266_tcp_stream_bind(lws_sockfd_type fd, int port, struct lws *wsi);
+#ifndef BIG_ENDIAN
+#define BIG_ENDIAN    4321  /* to show byte order (taken from gcc) */
+#endif
+#ifndef LITTLE_ENDIAN
+#define LITTLE_ENDIAN 1234
+#endif
+#ifndef BYTE_ORDER
+#define BYTE_ORDER LITTLE_ENDIAN
+#endif
+#endif
+
+
+#if defined(WIN32) || defined(_WIN32)
+
+#ifndef BIG_ENDIAN
+#define BIG_ENDIAN    4321  /* to show byte order (taken from gcc) */
+#endif
+#ifndef LITTLE_ENDIAN
+#define LITTLE_ENDIAN 1234
+#endif
+#ifndef BYTE_ORDER
+#define BYTE_ORDER LITTLE_ENDIAN
+#endif
+#ifndef u_int64_t
+typedef unsigned __int64 u_int64_t;
+#endif
+
+#undef __P
+#ifndef __P
+#if __STDC__
+#define __P(protos) protos
+#else
+#define __P(protos) ()
+#endif
+#endif
+
+#else
+
+#include <sys/stat.h>
+#include <sys/time.h>
+
+#if defined(__APPLE__)
+#include <machine/endian.h>
+#elif defined(__FreeBSD__)
+#include <sys/endian.h>
+#elif defined(__linux__)
+#include <endian.h>
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if defined(__QNX__)
+	#include <gulliver.h>
+	#if defined(__LITTLEENDIAN__)
+		#define BYTE_ORDER __LITTLEENDIAN__
+		#define LITTLE_ENDIAN __LITTLEENDIAN__
+		#define BIG_ENDIAN 4321  /* to show byte order (taken from gcc); for suppres warning that BIG_ENDIAN is not defined. */
+	#endif
+	#if defined(__BIGENDIAN__)
+		#define BYTE_ORDER __BIGENDIAN__
+		#define LITTLE_ENDIAN 1234  /* to show byte order (taken from gcc); for suppres warning that LITTLE_ENDIAN is not defined. */
+		#define BIG_ENDIAN __BIGENDIAN__
+	#endif
+#endif
+
+#if defined(__sun) && defined(__GNUC__)
+
+#include <arpa/nameser_compat.h>
+
+#if !defined (BYTE_ORDER)
+# define BYTE_ORDER __BYTE_ORDER__
+#endif
+
+#if !defined(LITTLE_ENDIAN)
+# define LITTLE_ENDIAN __ORDER_LITTLE_ENDIAN__
+#endif
+
+#if !defined(BIG_ENDIAN)
+# define BIG_ENDIAN __ORDER_BIG_ENDIAN__
+#endif
+
+#endif /* sun + GNUC */
+
+#if !defined(BYTE_ORDER)
+# define BYTE_ORDER __BYTE_ORDER
+#endif
+#if !defined(LITTLE_ENDIAN)
+# define LITTLE_ENDIAN __LITTLE_ENDIAN
+#endif
+#if !defined(BIG_ENDIAN)
+# define BIG_ENDIAN __BIG_ENDIAN
+#endif
+
+#endif
+
+/*
+ * Mac OSX as well as iOS do not define the MSG_NOSIGNAL flag,
+ * but happily have something equivalent in the SO_NOSIGPIPE flag.
+ */
+#ifdef __APPLE__
+#define MSG_NOSIGNAL SO_NOSIGPIPE
+#endif
+
+/*
+ * Solaris 11.X only supports POSIX 2001, MSG_NOSIGNAL appears in
+ * POSIX 2008.
+ */
+#ifdef __sun
+#define MSG_NOSIGNAL 0
+#endif
+
+#ifdef _WIN32
+#ifndef FD_HASHTABLE_MODULUS
+#define FD_HASHTABLE_MODULUS 32
+#endif
+#endif
+
+#ifndef LWS_DEF_HEADER_LEN
+#define LWS_DEF_HEADER_LEN 4096
+#endif
+#ifndef LWS_DEF_HEADER_POOL
+#define LWS_DEF_HEADER_POOL 4
+#endif
+#ifndef LWS_MAX_PROTOCOLS
+#define LWS_MAX_PROTOCOLS 5
+#endif
+#ifndef LWS_MAX_EXTENSIONS_ACTIVE
+#define LWS_MAX_EXTENSIONS_ACTIVE 2
+#endif
+#ifndef LWS_MAX_EXT_OFFERS
+#define LWS_MAX_EXT_OFFERS 8
+#endif
+#ifndef SPEC_LATEST_SUPPORTED
+#define SPEC_LATEST_SUPPORTED 13
+#endif
+#ifndef AWAITING_TIMEOUT
+#define AWAITING_TIMEOUT 20
+#endif
+#ifndef CIPHERS_LIST_STRING
+#define CIPHERS_LIST_STRING "DEFAULT"
+#endif
+#ifndef LWS_SOMAXCONN
+#define LWS_SOMAXCONN SOMAXCONN
+#endif
+
+#define MAX_WEBSOCKET_04_KEY_LEN 128
+
+#ifndef SYSTEM_RANDOM_FILEPATH
+#define SYSTEM_RANDOM_FILEPATH "/dev/urandom"
+#endif
+
+enum lws_websocket_opcodes_07 {
+	LWSWSOPC_CONTINUATION = 0,
+	LWSWSOPC_TEXT_FRAME = 1,
+	LWSWSOPC_BINARY_FRAME = 2,
+
+	LWSWSOPC_NOSPEC__MUX = 7,
+
+	/* control extensions 8+ */
+
+	LWSWSOPC_CLOSE = 8,
+	LWSWSOPC_PING = 9,
+	LWSWSOPC_PONG = 0xa,
+};
+
+
+enum lws_connection_states {
+	LWSS_HTTP,
+	LWSS_HTTP_ISSUING_FILE,
+	LWSS_HTTP_HEADERS,
+	LWSS_HTTP_BODY,
+	LWSS_DEAD_SOCKET,
+	LWSS_ESTABLISHED,
+	LWSS_CLIENT_HTTP_ESTABLISHED,
+	LWSS_CLIENT_UNCONNECTED,
+	LWSS_WAITING_TO_SEND_CLOSE_NOTIFICATION,
+	LWSS_RETURNED_CLOSE_ALREADY,
+	LWSS_AWAITING_CLOSE_ACK,
+	LWSS_FLUSHING_STORED_SEND_BEFORE_CLOSE,
+	LWSS_SHUTDOWN,
+
+	LWSS_HTTP2_AWAIT_CLIENT_PREFACE,
+	LWSS_HTTP2_ESTABLISHED_PRE_SETTINGS,
+	LWSS_HTTP2_ESTABLISHED,
+
+	LWSS_CGI,
+};
+
+enum http_version {
+	HTTP_VERSION_1_0,
+	HTTP_VERSION_1_1,
+	HTTP_VERSION_2
+};
+
+enum http_connection_type {
+	HTTP_CONNECTION_CLOSE,
+	HTTP_CONNECTION_KEEP_ALIVE
+};
+
+enum lws_rx_parse_state {
+	LWS_RXPS_NEW,
+
+	LWS_RXPS_04_mask_1,
+	LWS_RXPS_04_mask_2,
+	LWS_RXPS_04_mask_3,
+
+	LWS_RXPS_04_FRAME_HDR_1,
+	LWS_RXPS_04_FRAME_HDR_LEN,
+	LWS_RXPS_04_FRAME_HDR_LEN16_2,
+	LWS_RXPS_04_FRAME_HDR_LEN16_1,
+	LWS_RXPS_04_FRAME_HDR_LEN64_8,
+	LWS_RXPS_04_FRAME_HDR_LEN64_7,
+	LWS_RXPS_04_FRAME_HDR_LEN64_6,
+	LWS_RXPS_04_FRAME_HDR_LEN64_5,
+	LWS_RXPS_04_FRAME_HDR_LEN64_4,
+	LWS_RXPS_04_FRAME_HDR_LEN64_3,
+	LWS_RXPS_04_FRAME_HDR_LEN64_2,
+	LWS_RXPS_04_FRAME_HDR_LEN64_1,
+
+	LWS_RXPS_07_COLLECT_FRAME_KEY_1,
+	LWS_RXPS_07_COLLECT_FRAME_KEY_2,
+	LWS_RXPS_07_COLLECT_FRAME_KEY_3,
+	LWS_RXPS_07_COLLECT_FRAME_KEY_4,
+
+	LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED
+};
+
+#define LWSCM_FLAG_IMPLIES_CALLBACK_CLOSED_CLIENT_HTTP 32
+
+enum connection_mode {
+	LWSCM_HTTP_SERVING,
+	LWSCM_HTTP_SERVING_ACCEPTED, /* actual HTTP service going on */
+	LWSCM_PRE_WS_SERVING_ACCEPT,
+
+	LWSCM_WS_SERVING,
+	LWSCM_WS_CLIENT,
+
+	LWSCM_HTTP2_SERVING,
+
+	/* transient, ssl delay hiding */
+	LWSCM_SSL_ACK_PENDING,
+	LWSCM_SSL_INIT,
+	/* as above, but complete into LWSCM_RAW */
+	LWSCM_SSL_ACK_PENDING_RAW,
+	LWSCM_SSL_INIT_RAW,
+
+	/* special internal types */
+	LWSCM_SERVER_LISTENER,
+	LWSCM_CGI, /* stdin, stdout, stderr for another cgi master wsi */
+	LWSCM_RAW, /* raw with bulk handling */
+	LWSCM_RAW_FILEDESC, /* raw without bulk handling */
+
+	/* HTTP Client related */
+	LWSCM_HTTP_CLIENT = LWSCM_FLAG_IMPLIES_CALLBACK_CLOSED_CLIENT_HTTP,
+	LWSCM_HTTP_CLIENT_ACCEPTED, /* actual HTTP service going on */
+	LWSCM_WSCL_WAITING_CONNECT,
+	LWSCM_WSCL_WAITING_PROXY_REPLY,
+	LWSCM_WSCL_ISSUE_HANDSHAKE,
+	LWSCM_WSCL_ISSUE_HANDSHAKE2,
+	LWSCM_WSCL_ISSUE_HTTP_BODY,
+	LWSCM_WSCL_WAITING_SSL,
+	LWSCM_WSCL_WAITING_SERVER_REPLY,
+	LWSCM_WSCL_WAITING_EXTENSION_CONNECT,
+	LWSCM_WSCL_PENDING_CANDIDATE_CHILD,
+	LWSCM_WSCL_WAITING_SOCKS_GREETING_REPLY,
+	LWSCM_WSCL_WAITING_SOCKS_CONNECT_REPLY,
+	LWSCM_WSCL_WAITING_SOCKS_AUTH_REPLY,
+
+	/****** add new things just above ---^ ******/
+
+
+};
+
+/* enums of socks version */
+enum socks_version {
+	SOCKS_VERSION_4 = 4,
+	SOCKS_VERSION_5 = 5
+};
+
+/* enums of subnegotiation version */
+enum socks_subnegotiation_version {
+	SOCKS_SUBNEGOTIATION_VERSION_1 = 1,
+};
+
+/* enums of socks commands */
+enum socks_command {
+	SOCKS_COMMAND_CONNECT = 1,
+	SOCKS_COMMAND_BIND = 2,
+	SOCKS_COMMAND_UDP_ASSOCIATE = 3
+};
+
+/* enums of socks address type */
+enum socks_atyp {
+	SOCKS_ATYP_IPV4 = 1,
+	SOCKS_ATYP_DOMAINNAME = 3,
+	SOCKS_ATYP_IPV6 = 4
+};
+
+/* enums of socks authentication methods */
+enum socks_auth_method {
+	SOCKS_AUTH_NO_AUTH = 0,
+	SOCKS_AUTH_GSSAPI = 1,
+	SOCKS_AUTH_USERNAME_PASSWORD = 2
+};
+
+/* enums of subnegotiation status */
+enum socks_subnegotiation_status {
+	SOCKS_SUBNEGOTIATION_STATUS_SUCCESS = 0,
+};
+
+/* enums of socks request reply */
+enum socks_request_reply {
+	SOCKS_REQUEST_REPLY_SUCCESS = 0,
+	SOCKS_REQUEST_REPLY_FAILURE_GENERAL = 1,
+	SOCKS_REQUEST_REPLY_CONNECTION_NOT_ALLOWED = 2,
+	SOCKS_REQUEST_REPLY_NETWORK_UNREACHABLE = 3,
+	SOCKS_REQUEST_REPLY_HOST_UNREACHABLE = 4,
+	SOCKS_REQUEST_REPLY_CONNECTION_REFUSED = 5,
+	SOCKS_REQUEST_REPLY_TTL_EXPIRED = 6,
+	SOCKS_REQUEST_REPLY_COMMAND_NOT_SUPPORTED = 7,
+	SOCKS_REQUEST_REPLY_ATYP_NOT_SUPPORTED = 8
+};
+
+/* enums used to generate socks messages */
+enum socks_msg_type {
+	/* greeting */
+	SOCKS_MSG_GREETING,
+	/* credential, user name and password */
+	SOCKS_MSG_USERNAME_PASSWORD,
+	/* connect command */
+	SOCKS_MSG_CONNECT
+};
+
+enum {
+	LWS_RXFLOW_ALLOW = (1 << 0),
+	LWS_RXFLOW_PENDING_CHANGE = (1 << 1),
+};
+
+struct lws_ring {
+	void *buf;
+	void (*destroy_element)(void *element);
+	size_t buflen;
+	size_t element_len;
+	uint32_t head;
+	uint32_t oldest_tail;
+};
+
+/* this is not usable directly by user code any more, lws_close_reason() */
+#define LWS_WRITE_CLOSE 4
+
+struct lws_protocols;
+struct lws;
+
+#if defined(LWS_WITH_LIBEV) || defined(LWS_WITH_LIBUV) || defined(LWS_WITH_LIBEVENT)
+
+struct lws_io_watcher {
+#ifdef LWS_WITH_LIBEV
+	ev_io ev_watcher;
+#endif
+#ifdef LWS_WITH_LIBUV
+	uv_poll_t uv_watcher;
+#endif
+#ifdef LWS_WITH_LIBEVENT
+	struct event *event_watcher;
+#endif
+	struct lws_context *context;
+
+	uint8_t actual_events;
+};
+
+struct lws_signal_watcher {
+#ifdef LWS_WITH_LIBEV
+	ev_signal ev_watcher;
+#endif
+#ifdef LWS_WITH_LIBUV
+	uv_signal_t uv_watcher;
+#endif
+#ifdef LWS_WITH_LIBEVENT
+	struct event *event_watcher;
+#endif
+	struct lws_context *context;
+};
+#endif
+
+#ifdef _WIN32
+#define LWS_FD_HASH(fd) ((fd ^ (fd >> 8) ^ (fd >> 16)) % FD_HASHTABLE_MODULUS)
+struct lws_fd_hashtable {
+	struct lws **wsi;
+	int length;
+};
+#endif
+
+/*
+ * This is totally opaque to code using the library.  It's exported as a
+ * forward-reference pointer-only declaration; the user can use the pointer with
+ * other APIs to get information out of it.
+ */
+
+#if defined(LWS_WITH_ESP32)
+typedef uint16_t ah_data_idx_t;
+#else
+typedef uint32_t ah_data_idx_t;
+#endif
+
+struct lws_fragments {
+	ah_data_idx_t	offset;
+	uint16_t	len;
+	uint8_t		nfrag; /* which ah->frag[] continues this content, or 0 */
+	uint8_t		flags; /* only http2 cares */
+};
+
+/*
+ * these are assigned from a pool held in the context.
+ * Both client and server mode uses them for http header analysis
+ */
+
+struct allocated_headers {
+	struct allocated_headers *next; /* linked list */
+	struct lws *wsi; /* owner */
+	char *data; /* prepared by context init to point to dedicated storage */
+	ah_data_idx_t data_length;
+	/*
+	 * the randomly ordered fragments, indexed by frag_index and
+	 * lws_fragments->nfrag for continuation.
+	 */
+	struct lws_fragments frags[WSI_TOKEN_COUNT];
+	time_t assigned;
+	/*
+	 * for each recognized token, frag_index says which frag[] his data
+	 * starts in (0 means the token did not appear)
+	 * the actual header data gets dumped as it comes in, into data[]
+	 */
+	uint8_t frag_index[WSI_TOKEN_COUNT];
+#if defined(LWS_WITH_ESP32)
+	uint8_t rx[256];
+#else
+	uint8_t rx[2048];
+#endif
+
+	int16_t rxpos;
+	int16_t rxlen;
+	uint32_t pos;
+	uint32_t http_response;
+	int hdr_token_idx;
+
+#ifndef LWS_NO_CLIENT
+	char initial_handshake_hash_base64[30];
+#endif
+
+	uint8_t in_use;
+	uint8_t nfrag;
+};
+
+/*
+ * so we can have n connections being serviced simultaneously,
+ * these things need to be isolated per-thread.
+ */
+
+struct lws_context_per_thread {
+#if LWS_MAX_SMP > 1
+	pthread_mutex_t lock;
+#endif
+	struct lws_pollfd *fds;
+#if defined(LWS_WITH_ESP8266)
+	struct lws **lws_vs_fds_index;
+#endif
+	struct lws *rx_draining_ext_list;
+	struct lws *tx_draining_ext_list;
+	struct lws *timeout_list;
+#if defined(LWS_WITH_LIBUV) || defined(LWS_WITH_LIBEVENT)
+	struct lws_context *context;
+#endif
+#ifdef LWS_WITH_CGI
+	struct lws_cgi *cgi_list;
+#endif
+	void *http_header_data;
+	struct allocated_headers *ah_list;
+	struct lws *ah_wait_list;
+	int ah_wait_list_length;
+#ifdef LWS_OPENSSL_SUPPORT
+	struct lws *pending_read_list; /* linked list */
+#endif
+#if defined(LWS_WITH_LIBEV)
+	struct ev_loop *io_loop_ev;
+#endif
+#if defined(LWS_WITH_LIBUV)
+	uv_loop_t *io_loop_uv;
+	uv_signal_t signals[8];
+	uv_timer_t uv_timeout_watcher;
+	uv_idle_t uv_idle;
+#endif
+#if defined(LWS_WITH_LIBEVENT)
+	struct event_base *io_loop_event_base;
+#endif
+#if defined(LWS_WITH_LIBEV)
+	struct lws_io_watcher w_accept;
+#endif
+#if defined(LWS_WITH_LIBEV) || defined(LWS_WITH_LIBUV) || defined(LWS_WITH_LIBEVENT)
+	struct lws_signal_watcher w_sigint;
+	unsigned char ev_loop_foreign:1;
+#endif
+
+	unsigned long count_conns;
+	/*
+	 * usable by anything in the service code, but only if the scope
+	 * does not last longer than the service action (since next service
+	 * of any socket can likewise use it and overwrite)
+	 */
+	unsigned char *serv_buf;
+#ifdef _WIN32
+	WSAEVENT *events;
+#else
+	lws_sockfd_type dummy_pipe_fds[2];
+#endif
+	unsigned int fds_count;
+	uint32_t ah_pool_length;
+
+	short ah_count_in_use;
+	unsigned char tid;
+	unsigned char lock_depth;
+};
+
+struct lws_conn_stats {
+	unsigned long long rx, tx;
+	unsigned long h1_conn, h1_trans, h2_trans, ws_upg, h2_alpn, h2_subs,
+		      h2_upg, rejected;
+};
+
+void
+lws_sum_stats(const struct lws_context *ctx, struct lws_conn_stats *cs);
+
+
+enum lws_h2_settings {
+	H2SET_HEADER_TABLE_SIZE = 1,
+	H2SET_ENABLE_PUSH,
+	H2SET_MAX_CONCURRENT_STREAMS,
+	H2SET_INITIAL_WINDOW_SIZE,
+	H2SET_MAX_FRAME_SIZE,
+	H2SET_MAX_HEADER_LIST_SIZE,
+
+	H2SET_COUNT /* always last */
+};
+
+struct http2_settings {
+	uint32_t s[H2SET_COUNT];
+};
+
+/*
+ * virtual host -related context information
+ *   vhostwide SSL context
+ *   vhostwide proxy
+ *
+ * hierarchy:
+ *
+ * context -> vhost -> wsi
+ *
+ * incoming connection non-SSL vhost binding:
+ *
+ *    listen socket -> wsi -> select vhost after first headers
+ *
+ * incoming connection SSL vhost binding:
+ *
+ *    SSL SNI -> wsi -> bind after SSL negotiation
+ */
+
+struct lws_vhost {
+#if !defined(LWS_WITH_ESP8266)
+	char http_proxy_address[128];
+	char proxy_basic_auth_token[128];
+#if defined(LWS_WITH_HTTP2)
+	struct http2_settings set;
+#endif
+#if defined(LWS_WITH_SOCKS5)
+	char socks_proxy_address[128];
+	char socks_user[96];
+	char socks_password[96];
+#endif
+#endif
+#if defined(LWS_WITH_ESP8266)
+	/* listen sockets need a place to hang their hat */
+	esp_tcp tcp;
+#endif
+	struct lws_conn_stats conn_stats;
+	struct lws_context *context;
+	struct lws_vhost *vhost_next;
+	const struct lws_http_mount *mount_list;
+	struct lws *lserv_wsi;
+	const char *name;
+	const char *iface;
+#if !defined(LWS_WITH_ESP8266) && !defined(LWS_WITH_ESP32) && !defined(OPTEE_TA) && !defined(WIN32)
+	int bind_iface;
+#endif
+	const struct lws_protocols *protocols;
+	void **protocol_vh_privs;
+	const struct lws_protocol_vhost_options *pvo;
+	const struct lws_protocol_vhost_options *headers;
+	struct lws **same_vh_protocol_list;
+#ifdef LWS_OPENSSL_SUPPORT
+	SSL_CTX *ssl_ctx;
+	SSL_CTX *ssl_client_ctx;
+#endif
+#if defined(LWS_WITH_MBEDTLS)
+	X509 *x509_client_CA;
+#endif
+#ifndef LWS_NO_EXTENSIONS
+	const struct lws_extension *extensions;
+#endif
+	void *user;
+
+	int listen_port;
+	unsigned int http_proxy_port;
+#if defined(LWS_WITH_SOCKS5)
+	unsigned int socks_proxy_port;
+#endif
+	unsigned int options;
+	int count_protocols;
+	int ka_time;
+	int ka_probes;
+	int ka_interval;
+	int keepalive_timeout;
+	int timeout_secs_ah_idle;
+	int ssl_info_event_mask;
+#ifdef LWS_WITH_ACCESS_LOG
+	int log_fd;
+#endif
+
+#ifdef LWS_OPENSSL_SUPPORT
+	int use_ssl;
+	int allow_non_ssl_on_ssl_port;
+	unsigned int user_supplied_ssl_ctx:1;
+#endif
+
+	unsigned int created_vhost_protocols:1;
+	unsigned int being_destroyed:1;
+
+	unsigned char default_protocol_index;
+	unsigned char raw_protocol_index;
+};
+
+struct lws_deferred_free
+{
+	struct lws_deferred_free *next;
+	time_t deadline;
+	void *payload;
+};
+
+typedef union {
+#ifdef LWS_WITH_IPV6
+	struct sockaddr_in6 sa6;
+#endif
+	struct sockaddr_in sa4;
+} sockaddr46;
+
+
+#if defined(LWS_WITH_PEER_LIMITS)
+struct lws_peer {
+	struct lws_peer *next;
+	struct lws_peer *peer_wait_list;
+
+	time_t time_created;
+	time_t time_closed_all;
+
+	uint8_t addr[32];
+	uint32_t hash;
+	uint32_t count_wsi;
+	uint32_t count_ah;
+
+	uint32_t total_wsi;
+	uint32_t total_ah;
+
+	uint8_t af;
+};
+#endif
+
+/*
+ * the rest is managed per-context, that includes
+ *
+ *  - processwide single fd -> wsi lookup
+ *  - contextwide headers pool
+ */
+
+struct lws_context {
+	time_t last_timeout_check_s;
+	time_t last_ws_ping_pong_check_s;
+	time_t time_up;
+	const struct lws_plat_file_ops *fops;
+	struct lws_plat_file_ops fops_platform;
+#if defined(LWS_WITH_HTTP2)
+	struct http2_settings set;
+#endif
+#if defined(LWS_WITH_ZIP_FOPS)
+	struct lws_plat_file_ops fops_zip;
+#endif
+	struct lws_context_per_thread pt[LWS_MAX_SMP];
+	struct lws_conn_stats conn_stats;
+#if LWS_MAX_SMP > 1
+	pthread_mutex_t lock;
+	int lock_depth;
+#endif
+#ifdef _WIN32
+/* different implementation between unix and windows */
+	struct lws_fd_hashtable fd_hashtable[FD_HASHTABLE_MODULUS];
+#else
+#if defined(LWS_WITH_ESP8266)
+	struct espconn **connpool; /* .reverse points to the wsi */
+	void *rxd;
+	int rxd_len;
+	os_timer_t to_timer;
+#else
+	struct lws **lws_lookup;  /* fd to wsi */
+#endif
+#endif
+	struct lws_vhost *vhost_list;
+	struct lws_vhost *vhost_pending_destruction_list;
+	struct lws_plugin *plugin_list;
+	struct lws_deferred_free *deferred_free_list;
+#if defined(LWS_WITH_PEER_LIMITS)
+	struct lws_peer **pl_hash_table;
+	struct lws_peer *peer_wait_list;
+	time_t next_cull;
+#endif
+
+	void *external_baggage_free_on_destroy;
+	const struct lws_token_limits *token_limits;
+	void *user_space;
+	const char *server_string;
+	const struct lws_protocol_vhost_options *reject_service_keywords;
+	lws_reload_func deprecation_cb;
+
+#if defined(LWS_HAVE_SYS_CAPABILITY_H) && defined(LWS_HAVE_LIBCAP)
+	cap_value_t caps[4];
+	char count_caps;
+#endif
+
+#if defined(LWS_WITH_LIBEV)
+	lws_ev_signal_cb_t * lws_ev_sigint_cb;
+#endif
+#if defined(LWS_WITH_LIBUV)
+	uv_signal_cb lws_uv_sigint_cb;
+	uv_loop_t pu_loop;
+#endif
+#if defined(LWS_WITH_LIBEVENT)
+	lws_event_signal_cb_t * lws_event_sigint_cb;
+#endif
+	char canonical_hostname[128];
+#ifdef LWS_LATENCY
+	unsigned long worst_latency;
+	char worst_latency_info[256];
+#endif
+
+#if defined(LWS_WITH_STATS)
+	uint64_t lws_stats[LWSSTATS_SIZE];
+	uint64_t last_dump;
+	int updated;
+#endif
+#if defined(LWS_WITH_ESP32)
+	unsigned long time_last_state_dump;
+	uint32_t last_free_heap;
+#endif
+
+	int max_fds;
+#if defined(LWS_WITH_LIBEV) || defined(LWS_WITH_LIBUV) || defined(LWS_WITH_LIBEVENT)
+	int use_ev_sigint;
+#endif
+	int started_with_parent;
+	int uid, gid;
+
+	int fd_random;
+
+	int count_wsi_allocated;
+	int count_cgi_spawned;
+	unsigned int options;
+	unsigned int fd_limit_per_thread;
+	unsigned int timeout_secs;
+	unsigned int pt_serv_buf_size;
+	int max_http_header_data;
+	int simultaneous_ssl_restriction;
+	int simultaneous_ssl;
+#if defined(LWS_WITH_PEER_LIMITS)
+	uint32_t pl_hash_elements;	/* protected by context->lock */
+	uint32_t count_peers;		/* protected by context->lock */
+	unsigned short ip_limit_ah;
+	unsigned short ip_limit_wsi;
+#endif
+	unsigned int deprecated:1;
+	unsigned int being_destroyed:1;
+	unsigned int being_destroyed1:1;
+	unsigned int requested_kill:1;
+	unsigned int protocol_init_done:1;
+	unsigned int ssl_gate_accepts:1;
+	unsigned int doing_protocol_init;
+	/*
+	 * set to the Thread ID that's doing the service loop just before entry
+	 * to poll indicates service thread likely idling in poll()
+	 * volatile because other threads may check it as part of processing
+	 * for pollfd event change.
+	 */
+	volatile int service_tid;
+	int service_tid_detected;
+
+	short max_http_header_pool;
+	short count_threads;
+	short plugin_protocol_count;
+	short plugin_extension_count;
+	short server_string_len;
+	unsigned short ws_ping_pong_interval;
+	unsigned short deprecation_pending_listen_close_count;
+
+	uint8_t max_fi;
+};
+
+int
+lws_check_deferred_free(struct lws_context *context, int force);
+
+#define lws_get_context_protocol(ctx, x) ctx->vhost_list->protocols[x]
+#define lws_get_vh_protocol(vh, x) vh->protocols[x]
+
+LWS_EXTERN void
+lws_close_free_wsi_final(struct lws *wsi);
+LWS_EXTERN void
+lws_libuv_closehandle(struct lws *wsi);
+LWS_EXTERN void
+lws_libuv_closehandle_manually(struct lws *wsi);
+LWS_EXTERN int
+lws_libuv_check_watcher_active(struct lws *wsi);
+
+LWS_VISIBLE LWS_EXTERN int
+lws_plat_plugins_init(struct lws_context * context, const char * const *d);
+
+LWS_VISIBLE LWS_EXTERN int
+lws_plat_plugins_destroy(struct lws_context * context);
+
+LWS_EXTERN void
+lws_restart_ws_ping_pong_timer(struct lws *wsi);
+
+struct lws *
+lws_adopt_socket_vhost(struct lws_vhost *vh, lws_sockfd_type accept_fd);
+
+
+enum {
+	LWS_EV_READ = (1 << 0),
+	LWS_EV_WRITE = (1 << 1),
+	LWS_EV_START = (1 << 2),
+	LWS_EV_STOP = (1 << 3),
+
+	LWS_EV_PREPARE_DELETION = (1 << 31),
+};
+
+#if defined(LWS_WITH_LIBEV)
+LWS_EXTERN void
+lws_libev_accept(struct lws *new_wsi, lws_sock_file_fd_type desc);
+LWS_EXTERN void
+lws_libev_io(struct lws *wsi, int flags);
+LWS_EXTERN int
+lws_libev_init_fd_table(struct lws_context *context);
+LWS_EXTERN void
+lws_libev_destroyloop(struct lws_context *context, int tsi);
+LWS_EXTERN void
+lws_libev_run(const struct lws_context *context, int tsi);
+#define LWS_LIBEV_ENABLED(context) lws_check_opt(context->options, LWS_SERVER_OPTION_LIBEV)
+LWS_EXTERN void lws_feature_status_libev(struct lws_context_creation_info *info);
+#else
+#define lws_libev_accept(_a, _b) ((void) 0)
+#define lws_libev_io(_a, _b) ((void) 0)
+#define lws_libev_init_fd_table(_a) (0)
+#define lws_libev_run(_a, _b) ((void) 0)
+#define lws_libev_destroyloop(_a, _b) ((void) 0)
+#define LWS_LIBEV_ENABLED(context) (0)
+#if LWS_POSIX && !defined(LWS_WITH_ESP32)
+#define lws_feature_status_libev(_a) \
+			lwsl_info("libev support not compiled in\n")
+#else
+#define lws_feature_status_libev(_a)
+#endif
+#endif
+
+#if defined(LWS_WITH_LIBUV)
+LWS_EXTERN void
+lws_libuv_accept(struct lws *new_wsi, lws_sock_file_fd_type desc);
+LWS_EXTERN void
+lws_libuv_io(struct lws *wsi, int flags);
+LWS_EXTERN int
+lws_libuv_init_fd_table(struct lws_context *context);
+LWS_EXTERN void
+lws_libuv_run(const struct lws_context *context, int tsi);
+LWS_EXTERN void
+lws_libuv_destroyloop(struct lws_context *context, int tsi);
+LWS_EXTERN int
+lws_uv_initvhost(struct lws_vhost* vh, struct lws*);
+#define LWS_LIBUV_ENABLED(context) lws_check_opt(context->options, LWS_SERVER_OPTION_LIBUV)
+LWS_EXTERN void lws_feature_status_libuv(struct lws_context_creation_info *info);
+#else
+#define lws_libuv_accept(_a, _b) ((void) 0)
+#define lws_libuv_io(_a, _b) ((void) 0)
+#define lws_libuv_init_fd_table(_a) (0)
+#define lws_libuv_run(_a, _b) ((void) 0)
+#define lws_libuv_destroyloop(_a, _b) ((void) 0)
+#define LWS_LIBUV_ENABLED(context) (0)
+#if LWS_POSIX && !defined(LWS_WITH_ESP32)
+#define lws_feature_status_libuv(_a) \
+			lwsl_notice("libuv support not compiled in\n")
+#else
+#define lws_feature_status_libuv(_a)
+#endif
+#endif
+
+#if defined(LWS_WITH_LIBEVENT)
+LWS_EXTERN void
+lws_libevent_accept(struct lws *new_wsi, lws_sock_file_fd_type desc);
+LWS_EXTERN void
+lws_libevent_io(struct lws *wsi, int flags);
+LWS_EXTERN int
+lws_libevent_init_fd_table(struct lws_context *context);
+LWS_EXTERN void
+lws_libevent_destroyloop(struct lws_context *context, int tsi);
+LWS_EXTERN void
+lws_libevent_run(const struct lws_context *context, int tsi);
+#define LWS_LIBEVENT_ENABLED(context) lws_check_opt(context->options, LWS_SERVER_OPTION_LIBEVENT)
+LWS_EXTERN void lws_feature_status_libevent(struct lws_context_creation_info *info);
+#else
+#define lws_libevent_accept(_a, _b) ((void) 0)
+#define lws_libevent_io(_a, _b) ((void) 0)
+#define lws_libevent_init_fd_table(_a) (0)
+#define lws_libevent_run(_a, _b) ((void) 0)
+#define lws_libevent_destroyloop(_a, _b) ((void) 0)
+#define LWS_LIBEVENT_ENABLED(context) (0)
+#if LWS_POSIX && !defined(LWS_WITH_ESP32)
+#define lws_feature_status_libevent(_a) \
+			lwsl_notice("libevent support not compiled in\n")
+#else
+#define lws_feature_status_libevent(_a)
+#endif
+#endif
+
+
+#ifdef LWS_WITH_IPV6
+#define LWS_IPV6_ENABLED(vh) \
+	(!lws_check_opt(vh->context->options, LWS_SERVER_OPTION_DISABLE_IPV6) && \
+	 !lws_check_opt(vh->options, LWS_SERVER_OPTION_DISABLE_IPV6))
+#else
+#define LWS_IPV6_ENABLED(context) (0)
+#endif
+
+#ifdef LWS_WITH_UNIX_SOCK
+#define LWS_UNIX_SOCK_ENABLED(vhost) \
+	(vhost->options & LWS_SERVER_OPTION_UNIX_SOCK)
+#else
+#define LWS_UNIX_SOCK_ENABLED(vhost) (0)
+#endif
+
+enum uri_path_states {
+	URIPS_IDLE,
+	URIPS_SEEN_SLASH,
+	URIPS_SEEN_SLASH_DOT,
+	URIPS_SEEN_SLASH_DOT_DOT,
+};
+
+enum uri_esc_states {
+	URIES_IDLE,
+	URIES_SEEN_PERCENT,
+	URIES_SEEN_PERCENT_H1,
+};
+
+/* notice that these union members:
+ *
+ *  hdr
+ *  http
+ *  http2
+ *
+ * all have a pointer to allocated_headers struct as their first member.
+ *
+ * It means for allocated_headers access, the three union paths can all be
+ * used interchangeably to access the same data
+ */
+
+
+#ifndef LWS_NO_CLIENT
+struct client_info_stash {
+	char address[256];
+	char path[4096];
+	char host[256];
+	char origin[256];
+	char protocol[256];
+	char method[16];
+	char iface[16];
+};
+#endif
+
+struct _lws_header_related {
+	/* MUST be first in struct */
+	struct allocated_headers *ah;
+	struct lws *ah_wait_list;
+	unsigned char *preamble_rx;
+#ifndef LWS_NO_CLIENT
+	struct client_info_stash *stash;
+#endif
+	unsigned int preamble_rx_len;
+	enum uri_path_states ups;
+	enum uri_esc_states ues;
+	short lextable_pos;
+	unsigned int current_token_limit;
+
+	char esc_stash;
+	char post_literal_equal;
+	unsigned char parser_state; /* enum lws_token_indexes */
+};
+
+#if defined(LWS_WITH_RANGES)
+enum range_states {
+	LWSRS_NO_ACTIVE_RANGE,
+	LWSRS_BYTES_EQ,
+	LWSRS_FIRST,
+	LWSRS_STARTING,
+	LWSRS_ENDING,
+	LWSRS_COMPLETED,
+	LWSRS_SYNTAX,
+};
+
+struct lws_range_parsing {
+	unsigned long long start, end, extent, agg, budget;
+	const char buf[128];
+	int pos;
+	enum range_states state;
+	char start_valid, end_valid, ctr, count_ranges, did_try, inside, send_ctr;
+};
+
+int
+lws_ranges_init(struct lws *wsi, struct lws_range_parsing *rp, unsigned long long extent);
+int
+lws_ranges_next(struct lws_range_parsing *rp);
+void
+lws_ranges_reset(struct lws_range_parsing *rp);
+#endif
+
+struct _lws_http_mode_related {
+	/* MUST be first in struct */
+	struct allocated_headers *ah; /* mirroring  _lws_header_related */
+	struct lws *ah_wait_list;
+	unsigned char *preamble_rx;
+#ifndef LWS_NO_CLIENT
+	struct client_info_stash *stash;
+#endif
+	unsigned int preamble_rx_len;
+	struct lws *new_wsi_list;
+	lws_filepos_t filepos;
+	lws_filepos_t filelen;
+	lws_fop_fd_t fop_fd;
+
+#if defined(LWS_WITH_RANGES)
+	struct lws_range_parsing range;
+	char multipart_content_type[64];
+#endif
+
+	enum http_version request_version;
+	enum http_connection_type connection_type;
+	lws_filepos_t tx_content_length;
+	lws_filepos_t tx_content_remain;
+	lws_filepos_t rx_content_length;
+	lws_filepos_t rx_content_remain;
+};
+
+#define LWS_H2_FRAME_HEADER_LENGTH 9
+
+#ifdef LWS_WITH_HTTP2
+
+enum lws_h2_wellknown_frame_types {
+	LWS_H2_FRAME_TYPE_DATA,
+	LWS_H2_FRAME_TYPE_HEADERS,
+	LWS_H2_FRAME_TYPE_PRIORITY,
+	LWS_H2_FRAME_TYPE_RST_STREAM,
+	LWS_H2_FRAME_TYPE_SETTINGS,
+	LWS_H2_FRAME_TYPE_PUSH_PROMISE,
+	LWS_H2_FRAME_TYPE_PING,
+	LWS_H2_FRAME_TYPE_GOAWAY,
+	LWS_H2_FRAME_TYPE_WINDOW_UPDATE,
+	LWS_H2_FRAME_TYPE_CONTINUATION,
+
+	LWS_H2_FRAME_TYPE_COUNT /* always last */
+};
+
+enum lws_h2_flags {
+	LWS_H2_FLAG_END_STREAM = 1,
+	LWS_H2_FLAG_END_HEADERS = 4,
+	LWS_H2_FLAG_PADDED = 8,
+	LWS_H2_FLAG_PRIORITY = 0x20,
+
+	LWS_H2_FLAG_SETTINGS_ACK = 1,
+};
+
+enum lws_h2_errors {
+	H2_ERR_NO_ERROR,		   /* Graceful shutdown */
+	H2_ERR_PROTOCOL_ERROR,	   /* Protocol error detected */
+	H2_ERR_INTERNAL_ERROR,	   /* Implementation fault */
+	H2_ERR_FLOW_CONTROL_ERROR,  /* Flow-control limits exceeded */
+	H2_ERR_SETTINGS_TIMEOUT,	   /* Settings not acknowledged */
+	H2_ERR_STREAM_CLOSED,	   /* Frame received for closed stream */
+	H2_ERR_FRAME_SIZE_ERROR,	   /* Frame size incorrect */
+	H2_ERR_REFUSED_STREAM,	   /* Stream not processed */
+	H2_ERR_CANCEL,		   /* Stream cancelled */
+	H2_ERR_COMPRESSION_ERROR,   /* Compression state not updated */
+	H2_ERR_CONNECT_ERROR,	   /* TCP connection error for CONNECT method */
+	H2_ERR_ENHANCE_YOUR_CALM,   /* Processing capacity exceeded */
+	H2_ERR_INADEQUATE_SECURITY, /* Negotiated TLS parameters not acceptable */
+	H2_ERR_HTTP_1_1_REQUIRED,   /* Use HTTP/1.1 for the request */
+};
+
+enum lws_h2_states {
+	LWS_H2_STATE_IDLE,
+	/*
+	 * Send PUSH_PROMISE    -> LWS_H2_STATE_RESERVED_LOCAL
+	 * Recv PUSH_PROMISE    -> LWS_H2_STATE_RESERVED_REMOTE
+	 * Send HEADERS         -> LWS_H2_STATE_OPEN
+	 * Recv HEADERS         -> LWS_H2_STATE_OPEN
+	 *
+	 *  - Only PUSH_PROMISE + HEADERS valid to send
+	 *  - Only HEADERS or PRIORITY valid to receive
+	 */
+	LWS_H2_STATE_RESERVED_LOCAL,
+	/*
+	 * Send RST_STREAM      -> LWS_H2_STATE_CLOSED
+	 * Recv RST_STREAM      -> LWS_H2_STATE_CLOSED
+	 * Send HEADERS         -> LWS_H2_STATE_HALF_CLOSED_REMOTE
+	 *
+	 * - Only HEADERS, RST_STREAM, or PRIORITY valid to send
+	 * - Only RST_STREAM, PRIORITY, or WINDOW_UPDATE valid to receive
+	 */
+	LWS_H2_STATE_RESERVED_REMOTE,
+	/*
+	 * Send RST_STREAM      -> LWS_H2_STATE_CLOSED
+	 * Recv RST_STREAM      -> LWS_H2_STATE_CLOSED
+	 * Recv HEADERS         -> LWS_H2_STATE_HALF_CLOSED_LOCAL
+	 *
+	 *  - Only RST_STREAM, WINDOW_UPDATE, or PRIORITY valid to send
+	 *  - Only HEADERS, RST_STREAM, or PRIORITY valid to receive
+	 */
+	LWS_H2_STATE_OPEN,
+	/*
+	 * Send RST_STREAM      -> LWS_H2_STATE_CLOSED
+	 * Recv RST_STREAM      -> LWS_H2_STATE_CLOSED
+	 * Send END_STREAM flag -> LWS_H2_STATE_HALF_CLOSED_LOCAL
+	 * Recv END_STREAM flag -> LWS_H2_STATE_HALF_CLOSED_REMOTE
+	 */
+	LWS_H2_STATE_HALF_CLOSED_REMOTE,
+	/*
+	 * Send RST_STREAM      -> LWS_H2_STATE_CLOSED
+	 * Recv RST_STREAM      -> LWS_H2_STATE_CLOSED
+	 * Send END_STREAM flag -> LWS_H2_STATE_CLOSED
+	 *
+	 *  - Any frame valid to send
+	 *  - Only WINDOW_UPDATE, PRIORITY, or RST_STREAM valid to receive
+	 */
+	LWS_H2_STATE_HALF_CLOSED_LOCAL,
+	/*
+	 * Send RST_STREAM      -> LWS_H2_STATE_CLOSED
+	 * Recv RST_STREAM      -> LWS_H2_STATE_CLOSED
+	 * Recv END_STREAM flag -> LWS_H2_STATE_CLOSED
+	 *
+	 *  - Only WINDOW_UPDATE, PRIORITY, and RST_STREAM valid to send
+	 *  - Any frame valid to receive
+	 */
+	LWS_H2_STATE_CLOSED,
+	/*
+	 *  - Only PRIORITY, WINDOW_UPDATE (IGNORE) and RST_STREAM (IGNORE)
+	 *     may be received
+	 *
+	 *  - Only PRIORITY valid to send
+	 */
+};
+
+#define LWS_H2_STREAM_ID_MASTER 0
+#define LWS_H2_SETTINGS_LEN 6
+
+enum http2_hpack_state {
+	HPKS_TYPE,
+
+	HPKS_IDX_EXT,
+
+	HPKS_HLEN,
+	HPKS_HLEN_EXT,
+
+	HPKS_DATA,
+};
+
+/*
+ * lws general parsimonious header strategy is only store values from known
+ * headers, and refer to them by index.
+ *
+ * That means if we can't map the peer header name to one that lws knows, we
+ * will drop the content but track the indexing with associated_lws_hdr_idx =
+ * LWS_HPACK_IGNORE_ENTRY.
+ */
+
+enum http2_hpack_type {
+	HPKT_INDEXED_HDR_7,		/* 1xxxxxxx: just "header field" */
+	HPKT_INDEXED_HDR_6_VALUE_INCR,  /* 01xxxxxx: NEW indexed hdr with value */
+	HPKT_LITERAL_HDR_VALUE_INCR,	/* 01000000: NEW literal hdr with value */
+	HPKT_INDEXED_HDR_4_VALUE,	/* 0000xxxx: indexed hdr with value */
+	HPKT_INDEXED_HDR_4_VALUE_NEVER,	/* 0001xxxx: indexed hdr with value NEVER NEW */
+	HPKT_LITERAL_HDR_VALUE,		/* 00000000: literal hdr with value */
+	HPKT_LITERAL_HDR_VALUE_NEVER,	/* 00010000: literal hdr with value NEVER NEW */
+	HPKT_SIZE_5
+};
+
+#define LWS_HPACK_IGNORE_ENTRY 0xffff
+
+
+struct hpack_dt_entry {
+	char *value; /* malloc'd */
+	uint16_t value_len;
+	uint16_t hdr_len; /* virtual, for accounting */
+	uint16_t lws_hdr_idx; /* LWS_HPACK_IGNORE_ENTRY = IGNORE */
+};
+
+struct hpack_dynamic_table {
+	struct hpack_dt_entry *entries; /* malloc'd */
+	uint32_t virtual_payload_usage;
+	uint32_t virtual_payload_max;
+	uint16_t pos;
+	uint16_t used_entries;
+	uint16_t num_entries;
+};
+
+enum lws_h2_protocol_send_type {
+	LWS_PPS_NONE,
+	LWS_H2_PPS_MY_SETTINGS,
+	LWS_H2_PPS_ACK_SETTINGS,
+	LWS_H2_PPS_PONG,
+	LWS_H2_PPS_GOAWAY,
+	LWS_H2_PPS_RST_STREAM,
+	LWS_H2_PPS_UPDATE_WINDOW,
+};
+
+struct lws_h2_protocol_send {
+	struct lws_h2_protocol_send *next; /* linked list */
+	enum lws_h2_protocol_send_type type;
+
+	union uu {
+		struct {
+			char		str[32];
+			uint32_t	highest_sid;
+			uint32_t	err;
+		} ga;
+		struct {
+			uint32_t	sid;
+			uint32_t	err;
+		} rs;
+		struct {
+			uint8_t		ping_payload[8];
+		} ping;
+		struct {
+			uint32_t	sid;
+			uint32_t	credit;
+		} update_window;
+	} u;
+};
+
+struct lws_h2_ghost_sid {
+	struct lws_h2_ghost_sid *next;
+	uint32_t sid;
+};
+
+#define LWS_H2_RX_SCRATCH_SIZE 512
+
+/*
+ * http/2 connection info that is only used by the root connection that has
+ * the network connection.
+ *
+ * h2 tends to spawn many child connections from one network connection, so
+ * it's necessary to make members only needed by the network connection
+ * distinct and only malloc'd on network connections.
+ *
+ * There's only one HPACK parser per network connection.
+ *
+ * But there is an ah per logical child connection... the network connection
+ * fills it but it belongs to the logical child.
+ */
+struct lws_h2_netconn {
+	struct http2_settings set;
+	struct hpack_dynamic_table hpack_dyn_table;
+	uint8_t	ping_payload[8];
+	uint8_t one_setting[LWS_H2_SETTINGS_LEN];
+	char goaway_str[32]; /* for rx */
+	struct lws *swsi;
+	struct lws_h2_protocol_send *pps; /* linked list */
+	char *rx_scratch;
+
+	enum http2_hpack_state hpack;
+	enum http2_hpack_type hpack_type;
+
+	unsigned int huff:1;
+	unsigned int value:1;
+	unsigned int unknown_header:1;
+	unsigned int cont_exp:1;
+	unsigned int cont_exp_headers:1;
+	unsigned int we_told_goaway:1;
+	unsigned int pad_length:1;
+	unsigned int collected_priority:1;
+	unsigned int is_first_header_char:1;
+	unsigned int seen_nonpseudoheader:1;
+	unsigned int zero_huff_padding:1;
+	unsigned int last_action_dyntable_resize:1;
+
+	uint32_t hdr_idx;
+	uint32_t hpack_len;
+	uint32_t hpack_e_dep;
+	uint32_t count;
+	uint32_t preamble;
+	uint32_t length;
+	uint32_t sid;
+	uint32_t inside;
+	uint32_t highest_sid;
+	uint32_t highest_sid_opened;
+	uint32_t cont_exp_sid;
+	uint32_t dep;
+	uint32_t goaway_last_sid;
+	uint32_t goaway_err;
+	uint32_t hpack_hdr_len;
+
+	uint32_t rx_scratch_pos;
+	uint32_t rx_scratch_len;
+
+	uint16_t hpack_pos;
+
+	uint8_t frame_state;
+	uint8_t type;
+	uint8_t flags;
+	uint8_t padding;
+	uint8_t weight_temp;
+	uint8_t huff_pad;
+	char first_hdr_char;
+	uint8_t hpack_m;
+	uint8_t ext_count;
+};
+
+struct _lws_h2_related {
+	/*
+	 * having this first lets us also re-use all HTTP union code
+	 * and in turn, http_mode_related has allocated headers in right
+	 * place so we can use the header apis on the wsi directly still
+	 */
+	struct _lws_http_mode_related http; /* MUST BE FIRST IN STRUCT */
+
+	struct lws_h2_netconn *h2n; /* malloc'd for root net conn */
+	struct lws *parent_wsi;
+	struct lws *child_list;
+	struct lws *sibling_list;
+
+	char *pending_status_body;
+
+	int tx_cr;
+	int peer_tx_cr_est;
+	unsigned int my_sid;
+	unsigned int child_count;
+	int my_priority;
+	uint32_t dependent_on;
+
+	unsigned int END_STREAM:1;
+	unsigned int END_HEADERS:1;
+	unsigned int send_END_STREAM:1;
+	unsigned int GOING_AWAY;
+	unsigned int requested_POLLOUT:1;
+	unsigned int skint:1;
+
+	uint16_t round_robin_POLLOUT;
+	uint16_t count_POLLOUT_children;
+	uint8_t h2_state; /* the RFC7540 state of the connection */
+	uint8_t weight;
+
+	uint8_t initialized;
+};
+
+#define HTTP2_IS_TOPLEVEL_WSI(wsi) (!wsi->u.h2.parent_wsi)
+
+#endif
+
+struct _lws_websocket_related {
+	/* cheapest way to deal with ah overlap with ws union transition */
+	struct _lws_header_related hdr;
+	char *rx_ubuf;
+	unsigned int rx_ubuf_alloc;
+	struct lws *rx_draining_ext_list;
+	struct lws *tx_draining_ext_list;
+	time_t time_next_ping_check;
+	size_t rx_packet_length;
+	unsigned int rx_ubuf_head;
+	unsigned char mask[4];
+	/* Also used for close content... control opcode == < 128 */
+	unsigned char ping_payload_buf[128 - 3 + LWS_PRE];
+
+	unsigned char ping_payload_len;
+	unsigned char mask_idx;
+	unsigned char opcode;
+	unsigned char rsv;
+	unsigned char rsv_first_msg;
+	/* zero if no info, or length including 2-byte close code */
+	unsigned char close_in_ping_buffer_len;
+	unsigned char utf8;
+	unsigned char stashed_write_type;
+	unsigned char tx_draining_stashed_wp;
+
+	unsigned int final:1;
+	unsigned int frame_is_binary:1;
+	unsigned int all_zero_nonce:1;
+	unsigned int this_frame_masked:1;
+	unsigned int inside_frame:1; /* next write will be more of frame */
+	unsigned int clean_buffer:1; /* buffer not rewritten by extension */
+	unsigned int payload_is_close:1; /* process as PONG, but it is close */
+	unsigned int ping_pending_flag:1;
+	unsigned int continuation_possible:1;
+	unsigned int owed_a_fin:1;
+	unsigned int check_utf8:1;
+	unsigned int defeat_check_utf8:1;
+	unsigned int pmce_compressed_message:1;
+	unsigned int stashed_write_pending:1;
+	unsigned int rx_draining_ext:1;
+	unsigned int tx_draining_ext:1;
+	unsigned int send_check_ping:1;
+	unsigned int first_fragment:1;
+};
+
+#ifdef LWS_WITH_CGI
+
+#define LWS_HTTP_CHUNK_HDR_SIZE 16
+
+enum {
+	SIGNIFICANT_HDR_CONTENT_LENGTH,
+	SIGNIFICANT_HDR_LOCATION,
+	SIGNIFICANT_HDR_STATUS,
+	SIGNIFICANT_HDR_TRANSFER_ENCODING,
+
+	SIGNIFICANT_HDR_COUNT
+};
+
+/* wsi who is master of the cgi points to an lws_cgi */
+
+struct lws_cgi {
+	struct lws_cgi *cgi_list;
+	struct lws *stdwsi[3]; /* points to the associated stdin/out/err wsis */
+	struct lws *wsi; /* owner */
+	unsigned char *headers_buf;
+	unsigned char *headers_start;
+	unsigned char *headers_pos;
+	unsigned char *headers_dumped;
+	unsigned char *headers_end;
+	lws_filepos_t content_length;
+	lws_filepos_t content_length_seen;
+	int pipe_fds[3][2];
+	int match[SIGNIFICANT_HDR_COUNT];
+	int pid;
+	int response_code;
+	int lp;
+	char l[12];
+
+	unsigned int being_closed:1;
+	unsigned int explicitly_chunked:1;
+
+	unsigned char chunked_grace;
+};
+#endif
+
+signed char char_to_hex(const char c);
+
+#ifndef LWS_NO_CLIENT
+enum lws_chunk_parser {
+	ELCP_HEX,
+	ELCP_CR,
+	ELCP_CONTENT,
+	ELCP_POST_CR,
+	ELCP_POST_LF,
+};
+#endif
+
+enum lws_parse_urldecode_results {
+	LPUR_CONTINUE,
+	LPUR_SWALLOW,
+	LPUR_FORBID,
+	LPUR_EXCESSIVE,
+};
+
+struct lws_rewrite;
+
+#ifdef LWS_WITH_ACCESS_LOG
+struct lws_access_log {
+	char *header_log;
+	char *user_agent;
+	char *referrer;
+	unsigned long sent;
+	int response;
+};
+#endif
+
+struct lws {
+
+	/* structs */
+	/* members with mutually exclusive lifetimes are unionized */
+
+	union u {
+		struct _lws_http_mode_related http;
+#ifdef LWS_WITH_HTTP2
+		struct _lws_h2_related h2;
+#endif
+		struct _lws_header_related hdr;
+		struct _lws_websocket_related ws;
+	} u;
+
+	/* lifetime members */
+
+#if defined(LWS_WITH_LIBEV) || defined(LWS_WITH_LIBUV) || defined(LWS_WITH_LIBEVENT)
+	struct lws_io_watcher w_read;
+#endif
+#if defined(LWS_WITH_LIBEV) || defined(LWS_WITH_LIBEVENT)
+	struct lws_io_watcher w_write;
+#endif
+#ifdef LWS_WITH_ACCESS_LOG
+	struct lws_access_log access_log;
+#endif
+	time_t pending_timeout_limit;
+
+	/* pointers */
+
+	struct lws_context *context;
+	struct lws_vhost *vhost;
+	struct lws *parent; /* points to parent, if any */
+	struct lws *child_list; /* points to first child */
+	struct lws *sibling_list; /* subsequent children at same level */
+#ifdef LWS_WITH_CGI
+	struct lws_cgi *cgi; /* wsi being cgi master have one of these */
+#endif
+	const struct lws_protocols *protocol;
+	struct lws **same_vh_protocol_prev, *same_vh_protocol_next;
+	struct lws *timeout_list;
+	struct lws **timeout_list_prev;
+#if defined(LWS_WITH_PEER_LIMITS)
+	struct lws_peer *peer;
+#endif
+
+	void *user_space;
+	void *opaque_parent_data;
+	/* rxflow handling */
+	unsigned char *rxflow_buffer;
+	/* truncated send handling */
+	unsigned char *trunc_alloc; /* non-NULL means buffering in progress */
+
+#if defined (LWS_WITH_ESP8266)
+	void *premature_rx;
+	unsigned short prem_rx_size, prem_rx_pos;
+#endif
+
+#ifndef LWS_NO_EXTENSIONS
+	const struct lws_extension *active_extensions[LWS_MAX_EXTENSIONS_ACTIVE];
+	void *act_ext_user[LWS_MAX_EXTENSIONS_ACTIVE];
+#endif
+#ifdef LWS_OPENSSL_SUPPORT
+	SSL *ssl;
+	BIO *client_bio;
+	struct lws *pending_read_list_prev, *pending_read_list_next;
+#if defined(LWS_WITH_STATS)
+	uint64_t accept_start_us;
+	char seen_rx;
+#endif
+#endif
+#ifdef LWS_WITH_HTTP_PROXY
+	struct lws_rewrite *rw;
+#endif
+#ifdef LWS_LATENCY
+	unsigned long action_start;
+	unsigned long latency_start;
+#endif
+	lws_sock_file_fd_type desc; /* .filefd / .sockfd */
+#if defined(LWS_WITH_STATS)
+	uint64_t active_writable_req_us;
+#endif
+	/* ints */
+	int position_in_fds_table;
+	uint32_t rxflow_len;
+	uint32_t rxflow_pos;
+	unsigned int trunc_alloc_len; /* size of malloc */
+	unsigned int trunc_offset; /* where we are in terms of spilling */
+	unsigned int trunc_len; /* how much is buffered */
+#ifndef LWS_NO_CLIENT
+	int chunk_remaining;
+#endif
+	unsigned int cache_secs;
+
+	unsigned int hdr_parsing_completed:1;
+	unsigned int http2_substream:1;
+	unsigned int upgraded_to_http2:1;
+	unsigned int listener:1;
+	unsigned int user_space_externally_allocated:1;
+	unsigned int socket_is_permanently_unusable:1;
+	unsigned int rxflow_change_to:2;
+	unsigned int more_rx_waiting:1; /* has to live here since ah may stick to end */
+	unsigned int conn_stat_done:1;
+	unsigned int cache_reuse:1;
+	unsigned int cache_revalidate:1;
+	unsigned int cache_intermediaries:1;
+	unsigned int favoured_pollin:1;
+	unsigned int sending_chunked:1;
+	unsigned int already_did_cce:1;
+	unsigned int told_user_closed:1;
+	unsigned int waiting_to_send_close_frame:1;
+	unsigned int ipv6:1;
+	unsigned int parent_carries_io:1;
+	unsigned int parent_pending_cb_on_writable:1;
+	unsigned int cgi_stdout_zero_length:1;
+	unsigned int seen_zero_length_recv:1;
+	unsigned int rxflow_will_be_applied:1;
+
+#if defined(LWS_WITH_ESP8266)
+	unsigned int pending_send_completion:3;
+	unsigned int close_is_pending_send_completion:1;
+#endif
+#ifdef LWS_WITH_ACCESS_LOG
+	unsigned int access_log_pending:1;
+#endif
+#ifndef LWS_NO_CLIENT
+	unsigned int do_ws:1; /* whether we are doing http or ws flow */
+	unsigned int chunked:1; /* if the clientside connection is chunked */
+	unsigned int client_rx_avail:1;
+	unsigned int client_http_body_pending:1;
+#endif
+#ifdef LWS_WITH_HTTP_PROXY
+	unsigned int perform_rewrite:1;
+#endif
+#ifndef LWS_NO_EXTENSIONS
+	unsigned int extension_data_pending:1;
+#endif
+#ifdef LWS_OPENSSL_SUPPORT
+	unsigned int use_ssl:4;
+#endif
+#ifdef _WIN32
+	unsigned int sock_send_blocking:1;
+#endif
+#ifdef LWS_OPENSSL_SUPPORT
+	unsigned int redirect_to_https:1;
+#endif
+
+	/* volatile to make sure code is aware other thread can change */
+	volatile unsigned int handling_pollout:1;
+	volatile unsigned int leave_pollout_active:1;
+
+#ifndef LWS_NO_CLIENT
+	unsigned short c_port;
+#endif
+
+	/* chars */
+#ifndef LWS_NO_EXTENSIONS
+	unsigned char count_act_ext;
+#endif
+	uint8_t ietf_spec_revision;
+	char mode; /* enum connection_mode */
+	char state; /* enum lws_connection_states */
+	char state_pre_close;
+	char lws_rx_parse_state; /* enum lws_rx_parse_state */
+	char rx_frame_type; /* enum lws_write_protocol */
+	char pending_timeout; /* enum pending_timeout */
+	char tsi; /* thread service index we belong to */
+	char protocol_interpret_idx;
+	char redirects;
+	uint8_t rxflow_bitmap;
+#ifdef LWS_WITH_CGI
+	char cgi_channel; /* which of stdin/out/err */
+	char hdr_state;
+#endif
+#ifndef LWS_NO_CLIENT
+	char chunk_parser; /* enum lws_chunk_parser */
+#endif
+#if defined(LWS_WITH_CGI) || !defined(LWS_NO_CLIENT)
+	char reason_bf; /* internal writeable callback reason bitfield */
+#endif
+};
+
+#define lws_is_flowcontrolled(w) (!!(wsi->rxflow_bitmap))
+
+LWS_EXTERN int log_level;
+
+LWS_EXTERN int
+lws_socket_bind(struct lws_vhost *vhost, lws_sockfd_type sockfd, int port,
+		const char *iface);
+
+#if defined(LWS_WITH_IPV6)
+LWS_EXTERN unsigned long
+lws_get_addr_scope(const char *ipaddr);
+#endif
+
+LWS_EXTERN void
+lws_close_free_wsi(struct lws *wsi, enum lws_close_status);
+
+LWS_EXTERN void
+lws_free_wsi(struct lws *wsi);
+
+LWS_EXTERN int
+remove_wsi_socket_from_fds(struct lws *wsi);
+LWS_EXTERN int
+lws_rxflow_cache(struct lws *wsi, unsigned char *buf, int n, int len);
+
+#ifndef LWS_LATENCY
+static inline void
+lws_latency(struct lws_context *context, struct lws *wsi, const char *action,
+	    int ret, int completion) {
+	do {
+		(void)context; (void)wsi; (void)action; (void)ret;
+		(void)completion;
+	} while (0);
+}
+static inline void
+lws_latency_pre(struct lws_context *context, struct lws *wsi) {
+	do { (void)context; (void)wsi; } while (0);
+}
+#else
+#define lws_latency_pre(_context, _wsi) lws_latency(_context, _wsi, NULL, 0, 0)
+extern void
+lws_latency(struct lws_context *context, struct lws *wsi, const char *action,
+	    int ret, int completion);
+#endif
+
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_client_rx_sm(struct lws *wsi, unsigned char c);
+
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_parse(struct lws *wsi, unsigned char c);
+
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_parse_urldecode(struct lws *wsi, uint8_t *_c);
+
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_http_action(struct lws *wsi);
+
+LWS_EXTERN int
+lws_b64_selftest(void);
+
+LWS_EXTERN int
+lws_service_flag_pending(struct lws_context *context, int tsi);
+
+#if defined(_WIN32) || defined(LWS_WITH_ESP8266)
+LWS_EXTERN struct lws *
+wsi_from_fd(const struct lws_context *context, lws_sockfd_type fd);
+
+LWS_EXTERN int
+insert_wsi(struct lws_context *context, struct lws *wsi);
+
+LWS_EXTERN int
+delete_from_fd(struct lws_context *context, lws_sockfd_type fd);
+#else
+#define wsi_from_fd(A,B)  A->lws_lookup[B]
+#define insert_wsi(A,B)   assert(A->lws_lookup[B->desc.sockfd] == 0); A->lws_lookup[B->desc.sockfd]=B
+#define delete_from_fd(A,B) A->lws_lookup[B]=0
+#endif
+
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+insert_wsi_socket_into_fds(struct lws_context *context, struct lws *wsi);
+
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_issue_raw(struct lws *wsi, unsigned char *buf, size_t len);
+
+
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_service_timeout_check(struct lws *wsi, unsigned int sec);
+
+LWS_EXTERN void
+lws_remove_from_timeout_list(struct lws *wsi);
+
+LWS_EXTERN struct lws * LWS_WARN_UNUSED_RESULT
+lws_client_connect_2(struct lws *wsi);
+
+LWS_VISIBLE struct lws * LWS_WARN_UNUSED_RESULT
+lws_client_reset(struct lws **wsi, int ssl, const char *address, int port,
+		 const char *path, const char *host);
+
+LWS_EXTERN struct lws * LWS_WARN_UNUSED_RESULT
+lws_create_new_server_wsi(struct lws_vhost *vhost);
+
+LWS_EXTERN char * LWS_WARN_UNUSED_RESULT
+lws_generate_client_handshake(struct lws *wsi, char *pkt);
+
+LWS_EXTERN int
+lws_handle_POLLOUT_event(struct lws *wsi, struct lws_pollfd *pollfd);
+
+LWS_EXTERN struct lws *
+lws_client_connect_via_info2(struct lws *wsi);
+
+LWS_EXTERN int
+_lws_destroy_ah(struct lws_context_per_thread *pt, struct allocated_headers *ah);
+
+/*
+ * EXTENSIONS
+ */
+
+#ifndef LWS_NO_EXTENSIONS
+LWS_VISIBLE void
+lws_context_init_extensions(struct lws_context_creation_info *info,
+			    struct lws_context *context);
+LWS_EXTERN int
+lws_any_extension_handled(struct lws *wsi, enum lws_extension_callback_reasons r,
+			  void *v, size_t len);
+
+LWS_EXTERN int
+lws_ext_cb_active(struct lws *wsi, int reason, void *buf, int len);
+LWS_EXTERN int
+lws_ext_cb_all_exts(struct lws_context *context, struct lws *wsi, int reason,
+		    void *arg, int len);
+
+#else
+#define lws_any_extension_handled(_a, _b, _c, _d) (0)
+#define lws_ext_cb_active(_a, _b, _c, _d) (0)
+#define lws_ext_cb_all_exts(_a, _b, _c, _d, _e) (0)
+#define lws_issue_raw_ext_access lws_issue_raw
+#define lws_context_init_extensions(_a, _b)
+#endif
+
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_client_interpret_server_handshake(struct lws *wsi);
+
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_rx_sm(struct lws *wsi, unsigned char c);
+
+LWS_EXTERN int
+lws_payload_until_length_exhausted(struct lws *wsi, unsigned char **buf, size_t *len);
+
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_issue_raw_ext_access(struct lws *wsi, unsigned char *buf, size_t len);
+
+LWS_EXTERN void
+lws_union_transition(struct lws *wsi, enum connection_mode mode);
+
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+user_callback_handle_rxflow(lws_callback_function, struct lws *wsi,
+			    enum lws_callback_reasons reason, void *user,
+			    void *in, size_t len);
+#ifdef LWS_WITH_HTTP2
+struct lws * lws_h2_get_nth_child(struct lws *wsi, int n);
+LWS_EXTERN void lws_h2_init(struct lws *wsi);
+LWS_EXTERN int
+lws_h2_settings(struct lws *nwsi, struct http2_settings *settings,
+				     unsigned char *buf, int len);
+LWS_EXTERN int
+lws_h2_parser(struct lws *wsi, unsigned char c);
+LWS_EXTERN int lws_h2_do_pps_send(struct lws *wsi);
+LWS_EXTERN int lws_h2_frame_write(struct lws *wsi, int type, int flags,
+				     unsigned int sid, unsigned int len,
+				     unsigned char *buf);
+LWS_EXTERN struct lws *
+lws_h2_wsi_from_id(struct lws *wsi, unsigned int sid);
+LWS_EXTERN int lws_hpack_interpret(struct lws *wsi,
+				   unsigned char c);
+LWS_EXTERN int
+lws_add_http2_header_by_name(struct lws *wsi,
+			     const unsigned char *name,
+			     const unsigned char *value, int length,
+			     unsigned char **p, unsigned char *end);
+LWS_EXTERN int
+lws_add_http2_header_by_token(struct lws *wsi,
+			    enum lws_token_indexes token,
+			    const unsigned char *value, int length,
+			    unsigned char **p, unsigned char *end);
+LWS_EXTERN int
+lws_add_http2_header_status(struct lws *wsi,
+			    unsigned int code, unsigned char **p,
+			    unsigned char *end);
+LWS_EXTERN int
+lws_h2_configure_if_upgraded(struct lws *wsi);
+LWS_EXTERN void
+lws_hpack_destroy_dynamic_header(struct lws *wsi);
+LWS_EXTERN int
+lws_hpack_dynamic_size(struct lws *wsi, int size);
+LWS_EXTERN int
+lws_h2_goaway(struct lws *wsi, uint32_t err, const char *reason);
+LWS_EXTERN int
+lws_h2_tx_cr_get(struct lws *wsi);
+LWS_EXTERN void
+lws_h2_tx_cr_consume(struct lws *wsi, int consumed);
+LWS_EXTERN int
+lws_hdr_extant(struct lws *wsi, enum lws_token_indexes h);
+LWS_EXTERN void
+lws_pps_schedule(struct lws *wsi, struct lws_h2_protocol_send *pss);
+
+LWS_EXTERN const struct http2_settings lws_h2_defaults;
+#else
+#define lws_h2_configure_if_upgraded(x)
+#endif
+
+LWS_EXTERN int
+lws_plat_set_socket_options(struct lws_vhost *vhost, lws_sockfd_type fd);
+
+LWS_EXTERN int
+lws_plat_check_connection_error(struct lws *wsi);
+
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_header_table_attach(struct lws *wsi, int autoservice);
+
+LWS_EXTERN int
+lws_header_table_detach(struct lws *wsi, int autoservice);
+
+LWS_EXTERN void
+lws_header_table_reset(struct lws *wsi, int autoservice);
+void
+_lws_header_table_reset(struct allocated_headers *ah);
+
+void
+lws_header_table_force_to_detachable_state(struct lws *wsi);
+int
+lws_header_table_is_in_detachable_state(struct lws *wsi);
+
+LWS_EXTERN char * LWS_WARN_UNUSED_RESULT
+lws_hdr_simple_ptr(struct lws *wsi, enum lws_token_indexes h);
+
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_hdr_simple_create(struct lws *wsi, enum lws_token_indexes h, const char *s);
+
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_ensure_user_space(struct lws *wsi);
+
+LWS_EXTERN int
+lws_change_pollfd(struct lws *wsi, int _and, int _or);
+
+#ifndef LWS_NO_SERVER
+int lws_context_init_server(struct lws_context_creation_info *info,
+			    struct lws_vhost *vhost);
+LWS_EXTERN struct lws_vhost *
+lws_select_vhost(struct lws_context *context, int port, const char *servername);
+LWS_EXTERN int
+handshake_0405(struct lws_context *context, struct lws *wsi);
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_interpret_incoming_packet(struct lws *wsi, unsigned char **buf, size_t len);
+LWS_EXTERN void
+lws_server_get_canonical_hostname(struct lws_context *context,
+				  struct lws_context_creation_info *info);
+#else
+#define lws_context_init_server(_a, _b) (0)
+#define lws_interpret_incoming_packet(_a, _b, _c) (0)
+#define lws_server_get_canonical_hostname(_a, _b)
+#endif
+
+#ifndef LWS_NO_DAEMONIZE
+LWS_EXTERN int get_daemonize_pid();
+#else
+#define get_daemonize_pid() (0)
+#endif
+
+#if !defined(LWS_WITH_ESP8266)
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+interface_to_sa(struct lws_vhost *vh, const char *ifname,
+		struct sockaddr_in *addr, size_t addrlen);
+#endif
+LWS_EXTERN void lwsl_emit_stderr(int level, const char *line);
+
+enum lws_ssl_capable_status {
+	LWS_SSL_CAPABLE_ERROR = -1,
+	LWS_SSL_CAPABLE_MORE_SERVICE = -2,
+};
+
+#ifndef LWS_OPENSSL_SUPPORT
+#define LWS_SSL_ENABLED(context) (0)
+#define lws_context_init_server_ssl(_a, _b) (0)
+#define lws_ssl_destroy(_a)
+#define lws_context_init_http2_ssl(_a)
+#define lws_ssl_capable_read lws_ssl_capable_read_no_ssl
+#define lws_ssl_capable_write lws_ssl_capable_write_no_ssl
+#define lws_ssl_pending lws_ssl_pending_no_ssl
+#define lws_server_socket_service_ssl(_b, _c) (0)
+#define lws_ssl_close(_a) (0)
+#define lws_ssl_context_destroy(_a)
+#define lws_ssl_SSL_CTX_destroy(_a)
+#define lws_ssl_remove_wsi_from_buffered_list(_a)
+#define lws_context_init_ssl_library(_a)
+#define lws_ssl_anybody_has_buffered_read_tsi(_a, _b) (0)
+#else
+#define LWS_SSL_ENABLED(context) (context->use_ssl)
+LWS_EXTERN int openssl_websocket_private_data_index;
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_ssl_capable_read(struct lws *wsi, unsigned char *buf, int len);
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_ssl_capable_write(struct lws *wsi, unsigned char *buf, int len);
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_ssl_pending(struct lws *wsi);
+LWS_EXTERN int
+lws_context_init_ssl_library(struct lws_context_creation_info *info);
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_server_socket_service_ssl(struct lws *new_wsi, lws_sockfd_type accept_fd);
+LWS_EXTERN int
+lws_ssl_close(struct lws *wsi);
+LWS_EXTERN void
+lws_ssl_SSL_CTX_destroy(struct lws_vhost *vhost);
+LWS_EXTERN void
+lws_ssl_context_destroy(struct lws_context *context);
+LWS_VISIBLE void
+lws_ssl_remove_wsi_from_buffered_list(struct lws *wsi);
+LWS_EXTERN int
+lws_ssl_client_bio_create(struct lws *wsi);
+LWS_EXTERN int
+lws_ssl_client_connect1(struct lws *wsi);
+LWS_EXTERN int
+lws_ssl_client_connect2(struct lws *wsi);
+LWS_EXTERN void
+lws_ssl_elaborate_error(void);
+LWS_EXTERN int
+lws_ssl_anybody_has_buffered_read_tsi(struct lws_context *context, int tsi);
+#ifndef LWS_NO_SERVER
+LWS_EXTERN int
+lws_context_init_server_ssl(struct lws_context_creation_info *info,
+			    struct lws_vhost *vhost);
+#else
+#define lws_context_init_server_ssl(_a, _b) (0)
+#endif
+LWS_EXTERN void
+lws_ssl_destroy(struct lws_vhost *vhost);
+/* HTTP2-related */
+
+#ifdef LWS_WITH_HTTP2
+LWS_EXTERN void
+lws_context_init_http2_ssl(struct lws_vhost *vhost);
+#else
+#define lws_context_init_http2_ssl(_a)
+#endif
+#endif
+
+#if LWS_MAX_SMP > 1
+static LWS_INLINE void
+lws_pt_mutex_init(struct lws_context_per_thread *pt)
+{
+	pthread_mutex_init(&pt->lock, NULL);
+}
+
+static LWS_INLINE void
+lws_pt_mutex_destroy(struct lws_context_per_thread *pt)
+{
+	pthread_mutex_destroy(&pt->lock);
+}
+
+static LWS_INLINE void
+lws_pt_lock(struct lws_context_per_thread *pt)
+{
+	if (!pt->lock_depth++)
+		pthread_mutex_lock(&pt->lock);
+}
+
+static LWS_INLINE void
+lws_pt_unlock(struct lws_context_per_thread *pt)
+{
+	if (!(--pt->lock_depth))
+		pthread_mutex_unlock(&pt->lock);
+}
+static LWS_INLINE void
+lws_context_lock(struct lws_context *context)
+{
+	if (!context->lock_depth++)
+		pthread_mutex_lock(&context->lock);
+}
+
+static LWS_INLINE void
+lws_context_unlock(struct lws_context *context)
+{
+	if (!(--context->lock_depth))
+		pthread_mutex_unlock(&context->lock);
+}
+
+#else
+#define lws_pt_mutex_init(_a) (void)(_a)
+#define lws_pt_mutex_destroy(_a) (void)(_a)
+#define lws_pt_lock(_a) (void)(_a)
+#define lws_pt_unlock(_a) (void)(_a)
+#define lws_context_lock(_a) (void)(_a)
+#define lws_context_unlock(_a) (void)(_a)
+#endif
+
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_ssl_capable_read_no_ssl(struct lws *wsi, unsigned char *buf, int len);
+
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_ssl_capable_write_no_ssl(struct lws *wsi, unsigned char *buf, int len);
+
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_ssl_pending_no_ssl(struct lws *wsi);
+
+#ifdef LWS_WITH_HTTP_PROXY
+struct lws_rewrite {
+	hubbub_parser *parser;
+	hubbub_parser_optparams params;
+	const char *from, *to;
+	int from_len, to_len;
+	unsigned char *p, *end;
+	struct lws *wsi;
+};
+static LWS_INLINE int hstrcmp(hubbub_string *s, const char *p, int len)
+{
+	if (s->len != len)
+		return 1;
+
+	return strncmp((const char *)s->ptr, p, len);
+}
+typedef hubbub_error (*hubbub_callback_t)(const hubbub_token *token, void *pw);
+LWS_EXTERN struct lws_rewrite *
+lws_rewrite_create(struct lws *wsi, hubbub_callback_t cb, const char *from, const char *to);
+LWS_EXTERN void
+lws_rewrite_destroy(struct lws_rewrite *r);
+LWS_EXTERN int
+lws_rewrite_parse(struct lws_rewrite *r, const unsigned char *in, int in_len);
+#endif
+
+#ifndef LWS_NO_CLIENT
+LWS_EXTERN int lws_client_socket_service(struct lws_context *context,
+					 struct lws *wsi,
+					 struct lws_pollfd *pollfd);
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_http_transaction_completed_client(struct lws *wsi);
+#ifdef LWS_OPENSSL_SUPPORT
+LWS_EXTERN int
+lws_context_init_client_ssl(struct lws_context_creation_info *info,
+			    struct lws_vhost *vhost);
+
+LWS_EXTERN void
+lws_ssl_info_callback(const SSL *ssl, int where, int ret);
+
+#else
+	#define lws_context_init_client_ssl(_a, _b) (0)
+#endif
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_handshake_client(struct lws *wsi, unsigned char **buf, size_t len);
+LWS_EXTERN void
+lws_decode_ssl_error(void);
+#else
+#define lws_context_init_client_ssl(_a, _b) (0)
+#define lws_handshake_client(_a, _b, _c) (0)
+#endif
+
+LWS_EXTERN int
+_lws_rx_flow_control(struct lws *wsi);
+
+LWS_EXTERN int
+_lws_change_pollfd(struct lws *wsi, int _and, int _or, struct lws_pollargs *pa);
+
+#ifndef LWS_NO_SERVER
+LWS_EXTERN int
+lws_server_socket_service(struct lws_context *context, struct lws *wsi,
+			  struct lws_pollfd *pollfd);
+LWS_EXTERN int
+lws_handshake_server(struct lws *wsi, unsigned char **buf, size_t len);
+#else
+#define lws_server_socket_service(_a, _b, _c) (0)
+#define lws_handshake_server(_a, _b, _c) (0)
+#endif
+
+#ifdef LWS_WITH_ACCESS_LOG
+LWS_EXTERN int
+lws_access_log(struct lws *wsi);
+LWS_EXTERN void
+lws_prepare_access_log_info(struct lws *wsi, char *uri_ptr, int meth);
+#else
+#define lws_access_log(_a)
+#endif
+
+LWS_EXTERN int
+lws_cgi_kill_terminated(struct lws_context_per_thread *pt);
+
+LWS_EXTERN void
+lws_cgi_remove_and_kill(struct lws *wsi);
+
+int
+lws_protocol_init(struct lws_context *context);
+
+int
+lws_bind_protocol(struct lws *wsi, const struct lws_protocols *p);
+
+const struct lws_http_mount *
+lws_find_mount(struct lws *wsi, const char *uri_ptr, int uri_len);
+
+/*
+ * custom allocator
+ */
+LWS_EXTERN void *
+lws_realloc(void *ptr, size_t size, const char *reason);
+
+LWS_EXTERN void * LWS_WARN_UNUSED_RESULT
+lws_zalloc(size_t size, const char *reason);
+
+#ifdef LWS_PLAT_OPTEE
+void *lws_malloc(size_t size, const char *reason);
+void lws_free(void *p);
+#define lws_free_set_NULL(P)    do { lws_free(P); (P) = NULL; } while(0)
+#else
+#define lws_malloc(S, R)	lws_realloc(NULL, S, R)
+#define lws_free(P)	lws_realloc(P, 0, "lws_free")
+#define lws_free_set_NULL(P)	do { lws_realloc(P, 0, "free"); (P) = NULL; } while(0)
+#endif
+
+const struct lws_plat_file_ops *
+lws_vfs_select_fops(const struct lws_plat_file_ops *fops, const char *vfs_path,
+		    const char **vpath);
+
+/* lws_plat_ */
+LWS_EXTERN void
+lws_plat_delete_socket_from_fds(struct lws_context *context,
+				struct lws *wsi, int m);
+LWS_EXTERN void
+lws_plat_insert_socket_into_fds(struct lws_context *context,
+				struct lws *wsi);
+LWS_EXTERN void
+lws_plat_service_periodic(struct lws_context *context);
+
+LWS_EXTERN int
+lws_plat_change_pollfd(struct lws_context *context, struct lws *wsi,
+		       struct lws_pollfd *pfd);
+LWS_EXTERN void
+lws_add_wsi_to_draining_ext_list(struct lws *wsi);
+LWS_EXTERN void
+lws_remove_wsi_from_draining_ext_list(struct lws *wsi);
+LWS_EXTERN int
+lws_plat_context_early_init(void);
+LWS_EXTERN void
+lws_plat_context_early_destroy(struct lws_context *context);
+LWS_EXTERN void
+lws_plat_context_late_destroy(struct lws_context *context);
+LWS_EXTERN int
+lws_poll_listen_fd(struct lws_pollfd *fd);
+LWS_EXTERN int
+lws_plat_service(struct lws_context *context, int timeout_ms);
+LWS_EXTERN LWS_VISIBLE int
+_lws_plat_service_tsi(struct lws_context *context, int timeout_ms, int tsi);
+LWS_EXTERN int
+lws_plat_init(struct lws_context *context,
+	      struct lws_context_creation_info *info);
+LWS_EXTERN void
+lws_plat_drop_app_privileges(struct lws_context_creation_info *info);
+LWS_EXTERN unsigned long long
+time_in_microseconds(void);
+LWS_EXTERN const char * LWS_WARN_UNUSED_RESULT
+lws_plat_inet_ntop(int af, const void *src, char *dst, int cnt);
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_plat_inet_pton(int af, const char *src, void *dst);
+
+LWS_EXTERN int LWS_WARN_UNUSED_RESULT
+lws_check_utf8(unsigned char *state, unsigned char *buf, size_t len);
+LWS_EXTERN int alloc_file(struct lws_context *context, const char *filename, uint8_t **buf,
+		                lws_filepos_t *amount);
+LWS_EXTERN int alloc_pem_to_der_file(struct lws_context *context, const char *filename, uint8_t **buf,
+	       lws_filepos_t *amount);
+
+LWS_EXTERN void
+lws_same_vh_protocol_remove(struct lws *wsi);
+LWS_EXTERN void
+lws_same_vh_protocol_insert(struct lws *wsi, int n);
+
+#if defined(LWS_WITH_STATS)
+void
+lws_stats_atomic_bump(struct lws_context * context,
+		struct lws_context_per_thread *pt, int index, uint64_t bump);
+void
+lws_stats_atomic_max(struct lws_context * context,
+		struct lws_context_per_thread *pt, int index, uint64_t val);
+#else
+static inline uint64_t lws_stats_atomic_bump(struct lws_context * context,
+		struct lws_context_per_thread *pt, int index, uint64_t bump) {
+	(void)context; (void)pt; (void)index; (void)bump; return 0; }
+static inline uint64_t lws_stats_atomic_max(struct lws_context * context,
+		struct lws_context_per_thread *pt, int index, uint64_t val) {
+	(void)context; (void)pt; (void)index; (void)val; return 0; }
+#endif
+
+/* socks */
+void socks_generate_msg(struct lws *wsi, enum socks_msg_type type,
+			ssize_t *msg_len);
+
+#if defined(LWS_WITH_PEER_LIMITS)
+void
+lws_peer_track_wsi_close(struct lws_context *context, struct lws_peer *peer);
+int
+lws_peer_confirm_ah_attach_ok(struct lws_context *context, struct lws_peer *peer);
+void
+lws_peer_track_ah_detach(struct lws_context *context, struct lws_peer *peer);
+void
+lws_peer_cull_peer_wait_list(struct lws_context *context);
+struct lws_peer *
+lws_get_or_create_peer(struct lws_vhost *vhost, lws_sockfd_type sockfd);
+void
+lws_peer_add_wsi(struct lws_context *context, struct lws_peer *peer,
+		 struct lws *wsi);
+#endif
+
+#ifdef __cplusplus
+};
+#endif
diff --git a/thirdparty/lws/server/fops-zip.c b/thirdparty/lws/server/fops-zip.c
new file mode 100644
index 0000000000..2b254f67af
--- /dev/null
+++ b/thirdparty/lws/server/fops-zip.c
@@ -0,0 +1,669 @@
+/*
+ * libwebsockets - small server side websockets and web server implementation
+ *
+ * Original code used in this source file:
+ *
+ * https://github.com/PerBothner/DomTerm.git @912add15f3d0aec
+ *
+ * ./lws-term/io.c
+ * ./lws-term/junzip.c
+ *
+ * Copyright (C) 2017  Per Bothner <per@bothner.com>
+ *
+ * MIT License
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * ( copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ *
+ *
+ * lws rewrite:
+ *
+ * Copyright (C) 2017  Andy Green <andy@warmcat.com>
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation:
+ *  version 2.1 of the License.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA  02110-1301  USA
+ */
+
+#include "private-libwebsockets.h"
+
+#include <zlib.h>
+
+/*
+ * This code works with zip format containers which may have files compressed
+ * with gzip deflate (type 8) or store uncompressed (type 0).
+ *
+ * Linux zip produces such zipfiles by default, eg
+ *
+ *  $ zip ../myzip.zip file1 file2 file3
+ */
+
+#define ZIP_COMPRESSION_METHOD_STORE 0
+#define ZIP_COMPRESSION_METHOD_DEFLATE 8
+
+typedef struct {
+	lws_filepos_t		filename_start;
+	uint32_t		crc32;
+	uint32_t		comp_size;
+	uint32_t		uncomp_size;
+	uint32_t		offset;
+	uint32_t		mod_time;
+	uint16_t		filename_len;
+	uint16_t		extra;
+	uint16_t		method;
+	uint16_t		file_com_len;
+} lws_fops_zip_hdr_t;
+
+typedef struct {
+	struct lws_fop_fd	fop_fd; /* MUST BE FIRST logical fop_fd into
+	 	 	 	 	 * file inside zip: fops_zip fops */
+	lws_fop_fd_t		zip_fop_fd; /* logical fop fd on to zip file
+	 	 	 	 	     * itself: using platform fops */
+	lws_fops_zip_hdr_t	hdr;
+	z_stream		inflate;
+	lws_filepos_t		content_start;
+	lws_filepos_t		exp_uncomp_pos;
+	union {
+		uint8_t		trailer8[8];
+		uint32_t	trailer32[2];
+	} u;
+	uint8_t			rbuf[128]; /* decompression chunk size */
+	int			entry_count;
+
+	unsigned int		decompress:1; /* 0 = direct from file */
+	unsigned int		add_gzip_container:1;
+} *lws_fops_zip_t;
+
+struct lws_plat_file_ops fops_zip;
+#define fop_fd_to_priv(FD) ((lws_fops_zip_t)(FD))
+
+static const uint8_t hd[] = { 31, 139, 8, 0, 0, 0, 0, 0, 0, 3 };
+
+enum {
+	ZC_SIGNATURE				= 0,
+	ZC_VERSION_MADE_BY 			= 4,
+	ZC_VERSION_NEEDED_TO_EXTRACT 		= 6,
+	ZC_GENERAL_PURPOSE_BIT_FLAG 		= 8,
+	ZC_COMPRESSION_METHOD 			= 10,
+	ZC_LAST_MOD_FILE_TIME 			= 12,
+	ZC_LAST_MOD_FILE_DATE 			= 14,
+	ZC_CRC32 				= 16,
+	ZC_COMPRESSED_SIZE 			= 20,
+	ZC_UNCOMPRESSED_SIZE 			= 24,
+	ZC_FILE_NAME_LENGTH 			= 28,
+	ZC_EXTRA_FIELD_LENGTH 			= 30,
+
+	ZC_FILE_COMMENT_LENGTH 			= 32,
+	ZC_DISK_NUMBER_START 			= 34,
+	ZC_INTERNAL_FILE_ATTRIBUTES 		= 36,
+	ZC_EXTERNAL_FILE_ATTRIBUTES 		= 38,
+	ZC_REL_OFFSET_LOCAL_HEADER 		= 42,
+	ZC_DIRECTORY_LENGTH 			= 46,
+
+	ZE_SIGNATURE_OFFSET 			= 0,
+	ZE_DESK_NUMBER 				= 4,
+	ZE_CENTRAL_DIRECTORY_DISK_NUMBER 	= 6,
+	ZE_NUM_ENTRIES_THIS_DISK 		= 8,
+	ZE_NUM_ENTRIES 				= 10,
+	ZE_CENTRAL_DIRECTORY_SIZE 		= 12,
+	ZE_CENTRAL_DIR_OFFSET 			= 16,
+	ZE_ZIP_COMMENT_LENGTH 			= 20,
+	ZE_DIRECTORY_LENGTH 			= 22,
+
+	ZL_REL_OFFSET_CONTENT			= 28,
+	ZL_HEADER_LENGTH			= 30,
+
+	LWS_FZ_ERR_SEEK_END_RECORD		= 1,
+	LWS_FZ_ERR_READ_END_RECORD,
+	LWS_FZ_ERR_END_RECORD_MAGIC,
+	LWS_FZ_ERR_END_RECORD_SANITY,
+	LWS_FZ_ERR_CENTRAL_SEEK,
+	LWS_FZ_ERR_CENTRAL_READ,
+	LWS_FZ_ERR_CENTRAL_SANITY,
+	LWS_FZ_ERR_NAME_TOO_LONG,
+	LWS_FZ_ERR_NAME_SEEK,
+	LWS_FZ_ERR_NAME_READ,
+	LWS_FZ_ERR_CONTENT_SANITY,
+	LWS_FZ_ERR_CONTENT_SEEK,
+	LWS_FZ_ERR_SCAN_SEEK,
+	LWS_FZ_ERR_NOT_FOUND,
+	LWS_FZ_ERR_ZLIB_INIT,
+	LWS_FZ_ERR_READ_CONTENT,
+	LWS_FZ_ERR_SEEK_COMPRESSED,
+};
+
+static uint16_t
+get_u16(void *p)
+{
+	const uint8_t *c = (const uint8_t *)p;
+
+	return (uint16_t)((c[0] | (c[1] << 8)));
+}
+
+static uint32_t
+get_u32(void *p)
+{
+	const uint8_t *c = (const uint8_t *)p;
+
+	return (uint32_t)((c[0] | (c[1] << 8) | (c[2] << 16) | (c[3] << 24)));
+}
+
+int
+lws_fops_zip_scan(lws_fops_zip_t priv, const char *name, int len)
+{
+	lws_filepos_t amount;
+	uint8_t buf[96];
+	int i;
+
+	if (lws_vfs_file_seek_end(priv->zip_fop_fd, -ZE_DIRECTORY_LENGTH) < 0)
+		return LWS_FZ_ERR_SEEK_END_RECORD;
+
+	if (lws_vfs_file_read(priv->zip_fop_fd, &amount, buf,
+			      ZE_DIRECTORY_LENGTH))
+		return LWS_FZ_ERR_READ_END_RECORD;
+
+	if (amount != ZE_DIRECTORY_LENGTH)
+		return LWS_FZ_ERR_READ_END_RECORD;
+
+	/*
+	 * We require the zip to have the last record right at the end
+	 * Linux zip always does this if no zip comment.
+	 */
+	if (buf[0] != 'P' || buf[1] != 'K' || buf[2] != 5 || buf[3] != 6)
+		return LWS_FZ_ERR_END_RECORD_MAGIC;
+
+	i = get_u16(buf + ZE_NUM_ENTRIES);
+
+	if (get_u16(buf + ZE_DESK_NUMBER) ||
+	    get_u16(buf + ZE_CENTRAL_DIRECTORY_DISK_NUMBER) ||
+	    i != get_u16(buf + ZE_NUM_ENTRIES_THIS_DISK))
+		return LWS_FZ_ERR_END_RECORD_SANITY;
+
+	/* end record is OK... look for our file in the central dir */
+
+	if (lws_vfs_file_seek_set(priv->zip_fop_fd,
+				  get_u32(buf + ZE_CENTRAL_DIR_OFFSET)) < 0)
+		return LWS_FZ_ERR_CENTRAL_SEEK;
+
+	while (i--) {
+		priv->content_start = lws_vfs_tell(priv->zip_fop_fd);
+
+		if (lws_vfs_file_read(priv->zip_fop_fd, &amount, buf,
+				      ZC_DIRECTORY_LENGTH))
+			return LWS_FZ_ERR_CENTRAL_READ;
+
+		if (amount != ZC_DIRECTORY_LENGTH)
+			return LWS_FZ_ERR_CENTRAL_READ;
+
+		if (get_u32(buf + ZC_SIGNATURE) != 0x02014B50)
+			return LWS_FZ_ERR_CENTRAL_SANITY;
+
+               lwsl_debug("cstart 0x%lx\n", (unsigned long)priv->content_start);
+
+		priv->hdr.filename_len = get_u16(buf + ZC_FILE_NAME_LENGTH);
+		priv->hdr.extra = get_u16(buf + ZC_EXTRA_FIELD_LENGTH);
+		priv->hdr.filename_start = lws_vfs_tell(priv->zip_fop_fd);
+
+		priv->hdr.method = get_u16(buf + ZC_COMPRESSION_METHOD);
+		priv->hdr.crc32 = get_u32(buf + ZC_CRC32);
+		priv->hdr.comp_size = get_u32(buf + ZC_COMPRESSED_SIZE);
+		priv->hdr.uncomp_size = get_u32(buf + ZC_UNCOMPRESSED_SIZE);
+		priv->hdr.offset = get_u32(buf + ZC_REL_OFFSET_LOCAL_HEADER);
+		priv->hdr.mod_time = get_u32(buf + ZC_LAST_MOD_FILE_TIME);
+		priv->hdr.file_com_len = get_u16(buf + ZC_FILE_COMMENT_LENGTH);
+
+		if (priv->hdr.filename_len != len)
+			goto next;
+
+		if (len >= sizeof(buf) - 1)
+			return LWS_FZ_ERR_NAME_TOO_LONG;
+
+		if (priv->zip_fop_fd->fops->LWS_FOP_READ(priv->zip_fop_fd,
+							&amount, buf, len))
+			return LWS_FZ_ERR_NAME_READ;
+		if (amount != len)
+			return LWS_FZ_ERR_NAME_READ;
+
+		buf[len] = '\0';
+		lwsl_debug("check %s vs %s\n", buf, name);
+
+		if (strcmp((const char *)buf, name))
+			goto next;
+
+		/* we found a match */
+		if (lws_vfs_file_seek_set(priv->zip_fop_fd, priv->hdr.offset) < 0)
+			return LWS_FZ_ERR_NAME_SEEK;
+		if (priv->zip_fop_fd->fops->LWS_FOP_READ(priv->zip_fop_fd,
+							&amount, buf,
+							ZL_HEADER_LENGTH))
+			return LWS_FZ_ERR_NAME_READ;
+		if (amount != ZL_HEADER_LENGTH)
+			return LWS_FZ_ERR_NAME_READ;
+
+		priv->content_start = priv->hdr.offset +
+				      ZL_HEADER_LENGTH +
+				      priv->hdr.filename_len +
+				      get_u16(buf + ZL_REL_OFFSET_CONTENT);
+
+		lwsl_debug("content supposed to start at 0x%lx\n",
+                          (unsigned long)priv->content_start);
+
+		if (priv->content_start > priv->zip_fop_fd->len)
+			return LWS_FZ_ERR_CONTENT_SANITY;
+
+		if (lws_vfs_file_seek_set(priv->zip_fop_fd,
+					  priv->content_start) < 0)
+			return LWS_FZ_ERR_CONTENT_SEEK;
+
+		/* we are aligned at the start of the content */
+
+		priv->exp_uncomp_pos = 0;
+
+		return 0;
+
+next:
+		if (i && lws_vfs_file_seek_set(priv->zip_fop_fd,
+					       priv->content_start +
+					       ZC_DIRECTORY_LENGTH +
+					       priv->hdr.filename_len +
+					       priv->hdr.extra +
+					       priv->hdr.file_com_len) < 0)
+			return LWS_FZ_ERR_SCAN_SEEK;
+	}
+
+	return LWS_FZ_ERR_NOT_FOUND;
+}
+
+static int
+lws_fops_zip_reset_inflate(lws_fops_zip_t priv)
+{
+	if (priv->decompress)
+		inflateEnd(&priv->inflate);
+
+	priv->inflate.zalloc = Z_NULL;
+	priv->inflate.zfree = Z_NULL;
+	priv->inflate.opaque = Z_NULL;
+	priv->inflate.avail_in = 0;
+	priv->inflate.next_in = Z_NULL;
+
+	if (inflateInit2(&priv->inflate, -MAX_WBITS) != Z_OK) {
+		lwsl_err("inflate init failed\n");
+		return LWS_FZ_ERR_ZLIB_INIT;
+	}
+
+	if (lws_vfs_file_seek_set(priv->zip_fop_fd, priv->content_start) < 0)
+		return LWS_FZ_ERR_CONTENT_SEEK;
+
+	priv->exp_uncomp_pos = 0;
+
+	return 0;
+}
+
+static lws_fop_fd_t
+lws_fops_zip_open(const struct lws_plat_file_ops *fops, const char *vfs_path,
+		  const char *vpath, lws_fop_flags_t *flags)
+{
+	lws_fop_flags_t local_flags = 0;
+	lws_fops_zip_t priv;
+	char rp[192];
+	int m;
+
+	/*
+	 * vpath points at the / after the fops signature in vfs_path, eg
+	 * with a vfs_path "/var/www/docs/manual.zip/index.html", vpath
+	 * will come pointing at "/index.html"
+	 */
+
+	priv = lws_zalloc(sizeof(*priv), "fops_zip priv");
+	if (!priv)
+		return NULL;
+
+	priv->fop_fd.fops = &fops_zip;
+
+	m = sizeof(rp) - 1;
+	if ((vpath - vfs_path - 1) < m)
+		m = vpath - vfs_path - 1;
+	strncpy(rp, vfs_path, m);
+	rp[m] = '\0';
+
+	/* open the zip file itself using the incoming fops, not fops_zip */
+
+	priv->zip_fop_fd = fops->LWS_FOP_OPEN(fops, rp, NULL, &local_flags);
+	if (!priv->zip_fop_fd) {
+		lwsl_err("unable to open zip %s\n", rp);
+		goto bail1;
+	}
+
+	if (*vpath == '/')
+		vpath++;
+
+	m = lws_fops_zip_scan(priv, vpath, strlen(vpath));
+	if (m) {
+		lwsl_err("unable to find record matching '%s' %d\n", vpath, m);
+		goto bail2;
+	}
+
+	/* the directory metadata tells us modification time, so pass it on */
+	priv->fop_fd.mod_time = priv->hdr.mod_time;
+	*flags |= LWS_FOP_FLAG_MOD_TIME_VALID | LWS_FOP_FLAG_VIRTUAL;
+	priv->fop_fd.flags = *flags;
+
+	/* The zip fop_fd is left pointing at the start of the content.
+	 *
+	 * 1) Content could be uncompressed (STORE), and we can always serve
+	 *    that directly
+	 *
+	 * 2) Content could be compressed (GZIP), and the client can handle
+	 *    receiving GZIP... we can wrap it in a GZIP header and trailer
+	 *    and serve the content part directly.  The flag indicating we
+	 *    are providing GZIP directly is set so lws will send the right
+	 *    headers.
+	 *
+	 * 3) Content could be compressed (GZIP) but the client can't handle
+	 *    receiving GZIP... we can decompress it and serve as it is
+	 *    inflated piecemeal.
+	 *
+	 * 4) Content may be compressed some unknown way... fail
+	 *
+	 */
+	if (priv->hdr.method == ZIP_COMPRESSION_METHOD_STORE) {
+		/*
+		 * it is stored uncompressed, leave it indicated as
+		 * uncompressed, and just serve it from inside the
+		 * zip with no gzip container;
+		 */
+
+		lwsl_info("direct zip serving (stored)\n");
+
+		priv->fop_fd.len = priv->hdr.uncomp_size;
+
+		return &priv->fop_fd;
+	}
+
+	if ((*flags & LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP) &&
+	    priv->hdr.method == ZIP_COMPRESSION_METHOD_DEFLATE) {
+
+		/*
+		 * We can serve the gzipped file contents directly as gzip
+		 * from inside the zip container; client says it is OK.
+		 *
+		 * To convert to standalone gzip, we have to add a 10-byte
+		 * constant header and a variable 8-byte trailer around the
+		 * content.
+		 *
+		 * The 8-byte trailer is prepared now and held in the priv.
+		 */
+
+		lwsl_info("direct zip serving (gzipped)\n");
+
+		priv->fop_fd.len = sizeof(hd) + priv->hdr.comp_size +
+				   sizeof(priv->u);
+
+		if (lws_is_be()) {
+			uint8_t *p = priv->u.trailer8;
+
+			*p++ = (uint8_t)priv->hdr.crc32;
+			*p++ = (uint8_t)(priv->hdr.crc32 >> 8);
+			*p++ = (uint8_t)(priv->hdr.crc32 >> 16);
+			*p++ = (uint8_t)(priv->hdr.crc32 >> 24);
+			*p++ = (uint8_t)priv->hdr.uncomp_size;
+			*p++ = (uint8_t)(priv->hdr.uncomp_size >> 8);
+			*p++ = (uint8_t)(priv->hdr.uncomp_size >> 16);
+			*p   = (uint8_t)(priv->hdr.uncomp_size >> 24);
+		} else {
+			priv->u.trailer32[0] = priv->hdr.crc32;
+			priv->u.trailer32[1] = priv->hdr.uncomp_size;
+		}
+
+		*flags |= LWS_FOP_FLAG_COMPR_IS_GZIP;
+		priv->fop_fd.flags = *flags;
+		priv->add_gzip_container = 1;
+
+		return &priv->fop_fd;
+	}
+
+	if (priv->hdr.method == ZIP_COMPRESSION_METHOD_DEFLATE) {
+
+		/* we must decompress it to serve it */
+
+		lwsl_info("decompressed zip serving\n");
+
+		priv->fop_fd.len = priv->hdr.uncomp_size;
+
+		if (lws_fops_zip_reset_inflate(priv)) {
+			lwsl_err("inflate init failed\n");
+			goto bail2;
+		}
+
+		priv->decompress = 1;
+
+		return &priv->fop_fd;
+	}
+
+	/* we can't handle it ... */
+
+	lwsl_err("zipped file %s compressed in unknown way (%d)\n", vfs_path,
+		 priv->hdr.method);
+
+bail2:
+	lws_vfs_file_close(&priv->zip_fop_fd);
+bail1:
+	free(priv);
+
+	return NULL;
+}
+
+/* ie, we are closing the fop_fd for the file inside the gzip */
+
+static int
+lws_fops_zip_close(lws_fop_fd_t *fd)
+{
+	lws_fops_zip_t priv = fop_fd_to_priv(*fd);
+
+	if (priv->decompress)
+		inflateEnd(&priv->inflate);
+
+	lws_vfs_file_close(&priv->zip_fop_fd); /* close the gzip fop_fd */
+
+	free(priv);
+	*fd = NULL;
+
+	return 0;
+}
+
+static lws_fileofs_t
+lws_fops_zip_seek_cur(lws_fop_fd_t fd, lws_fileofs_t offset_from_cur_pos)
+{
+	fd->pos += offset_from_cur_pos;
+
+	return fd->pos;
+}
+
+static int
+lws_fops_zip_read(lws_fop_fd_t fd, lws_filepos_t *amount, uint8_t *buf,
+		  lws_filepos_t len)
+{
+	lws_fops_zip_t priv = fop_fd_to_priv(fd);
+	lws_filepos_t ramount, rlen, cur = lws_vfs_tell(fd);
+	int ret;
+
+	if (priv->decompress) {
+
+		if (priv->exp_uncomp_pos != fd->pos) {
+			/*
+			 *  there has been a seek in the uncompressed fop_fd
+			 * we have to restart the decompression and loop eating
+			 * the decompressed data up to the seek point
+			 */
+			lwsl_info("seek in decompressed\n");
+
+			lws_fops_zip_reset_inflate(priv);
+
+			while (priv->exp_uncomp_pos != fd->pos) {
+				rlen = len;
+				if (rlen > fd->pos - priv->exp_uncomp_pos)
+					rlen = fd->pos - priv->exp_uncomp_pos;
+				if (lws_fops_zip_read(fd, amount, buf, rlen))
+					return LWS_FZ_ERR_SEEK_COMPRESSED;
+			}
+			*amount = 0;
+		}
+
+		priv->inflate.avail_out = (unsigned int)len;
+		priv->inflate.next_out = buf;
+
+spin:
+		if (!priv->inflate.avail_in) {
+			rlen = sizeof(priv->rbuf);
+			if (rlen > priv->hdr.comp_size -
+				   (cur - priv->content_start))
+				rlen = priv->hdr.comp_size -
+				       (priv->hdr.comp_size -
+					priv->content_start);
+
+			if (priv->zip_fop_fd->fops->LWS_FOP_READ(
+					priv->zip_fop_fd, &ramount, priv->rbuf,
+					rlen))
+				return LWS_FZ_ERR_READ_CONTENT;
+
+			cur += ramount;
+
+			priv->inflate.avail_in = (unsigned int)ramount;
+			priv->inflate.next_in = priv->rbuf;
+		}
+
+		ret = inflate(&priv->inflate, Z_NO_FLUSH);
+		if (ret == Z_STREAM_ERROR)
+			return ret;
+
+		switch (ret) {
+		case Z_NEED_DICT:
+			ret = Z_DATA_ERROR;
+			/* and fall through */
+		case Z_DATA_ERROR:
+		case Z_MEM_ERROR:
+
+			return ret;
+		}
+
+		if (!priv->inflate.avail_in && priv->inflate.avail_out &&
+		     cur != priv->content_start + priv->hdr.comp_size)
+			goto spin;
+
+		*amount = len - priv->inflate.avail_out;
+
+		priv->exp_uncomp_pos += *amount;
+		fd->pos += *amount;
+
+		return 0;
+	}
+
+	if (priv->add_gzip_container) {
+
+		lwsl_info("%s: gzip + container\n", __func__);
+		*amount = 0;
+
+		/* place the canned header at the start */
+
+		if (len && fd->pos < sizeof(hd)) {
+			rlen = sizeof(hd) - fd->pos;
+			if (rlen > len)
+				rlen = len;
+			/* provide stuff from canned header */
+			memcpy(buf, hd + fd->pos, (size_t)rlen);
+			fd->pos += rlen;
+			buf += rlen;
+			len -= rlen;
+			*amount += rlen;
+		}
+
+		/* serve gzipped data direct from zipfile */
+
+		if (len && fd->pos >= sizeof(hd) &&
+		    fd->pos < priv->hdr.comp_size + sizeof(hd)) {
+
+			rlen = priv->hdr.comp_size - (priv->zip_fop_fd->pos -
+						      priv->content_start);
+			if (rlen > len)
+				rlen = len;
+
+			if (rlen &&
+			    priv->zip_fop_fd->pos < (priv->hdr.comp_size +
+					    	     priv->content_start)) {
+				if (lws_vfs_file_read(priv->zip_fop_fd,
+						      &ramount, buf, rlen))
+					return LWS_FZ_ERR_READ_CONTENT;
+				*amount += ramount;
+				fd->pos += ramount; // virtual pos
+				buf += ramount;
+				len -= ramount;
+			}
+		}
+
+		/* place the prepared trailer at the end */
+
+		if (len && fd->pos >= priv->hdr.comp_size + sizeof(hd) &&
+		    fd->pos < priv->hdr.comp_size + sizeof(hd) +
+		    	      sizeof(priv->u)) {
+			cur = fd->pos - priv->hdr.comp_size - sizeof(hd);
+			rlen = sizeof(priv->u) - cur;
+			if (rlen > len)
+				rlen = len;
+
+			memcpy(buf, priv->u.trailer8 + cur, (size_t)rlen);
+
+			*amount += rlen;
+			fd->pos += rlen;
+		}
+
+		return 0;
+	}
+
+	lwsl_info("%s: store\n", __func__);
+
+	if (len > priv->hdr.uncomp_size - (cur - priv->content_start))
+		len = priv->hdr.comp_size - (priv->hdr.comp_size -
+					     priv->content_start);
+
+	if (priv->zip_fop_fd->fops->LWS_FOP_READ(priv->zip_fop_fd,
+						 amount, buf, len))
+		return LWS_FZ_ERR_READ_CONTENT;
+
+	return 0;
+}
+
+struct lws_plat_file_ops fops_zip = {
+	lws_fops_zip_open,
+	lws_fops_zip_close,
+	lws_fops_zip_seek_cur,
+	lws_fops_zip_read,
+	NULL,
+	{ { ".zip/", 5 }, { ".jar/", 5 }, { ".war/", 5 } },
+	NULL,
+};
diff --git a/thirdparty/lws/server/lejp-conf.c b/thirdparty/lws/server/lejp-conf.c
new file mode 100644
index 0000000000..c2b684c278
--- /dev/null
+++ b/thirdparty/lws/server/lejp-conf.c
@@ -0,0 +1,929 @@
+/*
+ * libwebsockets web server application
+ *
+ * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com>
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation:
+ *  version 2.1 of the License.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA  02110-1301  USA
+ */
+
+#include "private-libwebsockets.h"
+#include "../misc/lejp.h"
+
+#ifndef _WIN32
+/* this is needed for Travis CI */
+#include <dirent.h>
+#endif
+
+#define ESC_INSTALL_DATADIR "_lws_ddir_"
+
+static const char * const paths_global[] = {
+	"global.uid",
+	"global.gid",
+	"global.count-threads",
+	"global.init-ssl",
+	"global.server-string",
+	"global.plugin-dir",
+	"global.ws-pingpong-secs",
+	"global.timeout-secs",
+	"global.reject-service-keywords[].*",
+	"global.reject-service-keywords[]",
+};
+
+enum lejp_global_paths {
+	LEJPGP_UID,
+	LEJPGP_GID,
+	LEJPGP_COUNT_THREADS,
+	LWJPGP_INIT_SSL,
+	LEJPGP_SERVER_STRING,
+	LEJPGP_PLUGIN_DIR,
+	LWJPGP_PINGPONG_SECS,
+	LWJPGP_TIMEOUT_SECS,
+	LWJPGP_REJECT_SERVICE_KEYWORDS_NAME,
+	LWJPGP_REJECT_SERVICE_KEYWORDS
+};
+
+static const char * const paths_vhosts[] = {
+	"vhosts[]",
+	"vhosts[].mounts[]",
+	"vhosts[].name",
+	"vhosts[].port",
+	"vhosts[].interface",
+	"vhosts[].unix-socket",
+	"vhosts[].sts",
+	"vhosts[].host-ssl-key",
+	"vhosts[].host-ssl-cert",
+	"vhosts[].host-ssl-ca",
+	"vhosts[].access-log",
+	"vhosts[].mounts[].mountpoint",
+	"vhosts[].mounts[].origin",
+	"vhosts[].mounts[].protocol",
+	"vhosts[].mounts[].default",
+	"vhosts[].mounts[].auth-mask",
+	"vhosts[].mounts[].cgi-timeout",
+	"vhosts[].mounts[].cgi-env[].*",
+	"vhosts[].mounts[].cache-max-age",
+	"vhosts[].mounts[].cache-reuse",
+	"vhosts[].mounts[].cache-revalidate",
+	"vhosts[].mounts[].basic-auth",
+	"vhosts[].mounts[].cache-intermediaries",
+	"vhosts[].mounts[].extra-mimetypes.*",
+	"vhosts[].mounts[].interpret.*",
+	"vhosts[].ws-protocols[].*.*",
+	"vhosts[].ws-protocols[].*",
+	"vhosts[].ws-protocols[]",
+	"vhosts[].keepalive_timeout",
+	"vhosts[].enable-client-ssl",
+	"vhosts[].ciphers",
+	"vhosts[].ecdh-curve",
+	"vhosts[].noipv6",
+	"vhosts[].ipv6only",
+	"vhosts[].ssl-option-set",
+	"vhosts[].ssl-option-clear",
+	"vhosts[].mounts[].pmo[].*",
+	"vhosts[].headers[].*",
+	"vhosts[].headers[]",
+	"vhosts[].client-ssl-key",
+	"vhosts[].client-ssl-cert",
+	"vhosts[].client-ssl-ca",
+	"vhosts[].client-ssl-ciphers",
+	"vhosts[].onlyraw",
+};
+
+enum lejp_vhost_paths {
+	LEJPVP,
+	LEJPVP_MOUNTS,
+	LEJPVP_NAME,
+	LEJPVP_PORT,
+	LEJPVP_INTERFACE,
+	LEJPVP_UNIXSKT,
+	LEJPVP_STS,
+	LEJPVP_HOST_SSL_KEY,
+	LEJPVP_HOST_SSL_CERT,
+	LEJPVP_HOST_SSL_CA,
+	LEJPVP_ACCESS_LOG,
+	LEJPVP_MOUNTPOINT,
+	LEJPVP_ORIGIN,
+	LEJPVP_MOUNT_PROTOCOL,
+	LEJPVP_DEFAULT,
+	LEJPVP_DEFAULT_AUTH_MASK,
+	LEJPVP_CGI_TIMEOUT,
+	LEJPVP_CGI_ENV,
+	LEJPVP_MOUNT_CACHE_MAX_AGE,
+	LEJPVP_MOUNT_CACHE_REUSE,
+	LEJPVP_MOUNT_CACHE_REVALIDATE,
+	LEJPVP_MOUNT_BASIC_AUTH,
+	LEJPVP_MOUNT_CACHE_INTERMEDIARIES,
+	LEJPVP_MOUNT_EXTRA_MIMETYPES,
+	LEJPVP_MOUNT_INTERPRET,
+	LEJPVP_PROTOCOL_NAME_OPT,
+	LEJPVP_PROTOCOL_NAME,
+	LEJPVP_PROTOCOL,
+	LEJPVP_KEEPALIVE_TIMEOUT,
+	LEJPVP_ENABLE_CLIENT_SSL,
+	LEJPVP_CIPHERS,
+	LEJPVP_ECDH_CURVE,
+	LEJPVP_NOIPV6,
+	LEJPVP_IPV6ONLY,
+	LEJPVP_SSL_OPTION_SET,
+	LEJPVP_SSL_OPTION_CLEAR,
+	LEJPVP_PMO,
+	LEJPVP_HEADERS_NAME,
+	LEJPVP_HEADERS,
+	LEJPVP_CLIENT_SSL_KEY,
+	LEJPVP_CLIENT_SSL_CERT,
+	LEJPVP_CLIENT_SSL_CA,
+	LEJPVP_CLIENT_CIPHERS,
+	LEJPVP_FLAG_ONLYRAW,
+};
+
+static const char * const parser_errs[] = {
+	"",
+	"",
+	"No opening '{'",
+	"Expected closing '}'",
+	"Expected '\"'",
+	"String underrun",
+	"Illegal unescaped control char",
+	"Illegal escape format",
+	"Illegal hex number",
+	"Expected ':'",
+	"Illegal value start",
+	"Digit required after decimal point",
+	"Bad number format",
+	"Bad exponent format",
+	"Unknown token",
+	"Too many ']'",
+	"Mismatched ']'",
+	"Expected ']'",
+	"JSON nesting limit exceeded",
+	"Nesting tracking used up",
+	"Number too long",
+	"Comma or block end expected",
+	"Unknown",
+	"Parser callback errored (see earlier error)",
+};
+
+#define MAX_PLUGIN_DIRS 10
+
+struct jpargs {
+	struct lws_context_creation_info *info;
+	struct lws_context *context;
+	const struct lws_protocols *protocols;
+	const struct lws_extension *extensions;
+	char *p, *end, valid;
+	struct lws_http_mount *head, *last;
+
+	struct lws_protocol_vhost_options *pvo;
+	struct lws_protocol_vhost_options *pvo_em;
+	struct lws_protocol_vhost_options *pvo_int;
+	struct lws_http_mount m;
+	const char **plugin_dirs;
+	int count_plugin_dirs;
+
+	unsigned int enable_client_ssl:1;
+	unsigned int fresh_mount:1;
+	unsigned int any_vhosts:1;
+};
+
+static void *
+lwsws_align(struct jpargs *a)
+{
+	if ((lws_intptr_t)(a->p) & 15)
+		a->p += 16 - ((lws_intptr_t)(a->p) & 15);
+
+	return a->p;
+}
+
+static int
+arg_to_bool(const char *s)
+{
+	static const char * const on[] = { "on", "yes", "true" };
+	int n = atoi(s);
+
+	if (n)
+		return 1;
+
+	for (n = 0; n < ARRAY_SIZE(on); n++)
+		if (!strcasecmp(s, on[n]))
+			return 1;
+
+	return 0;
+}
+
+static signed char
+lejp_globals_cb(struct lejp_ctx *ctx, char reason)
+{
+	struct jpargs *a = (struct jpargs *)ctx->user;
+	struct lws_protocol_vhost_options *rej;
+	int n;
+
+	/* we only match on the prepared path strings */
+	if (!(reason & LEJP_FLAG_CB_IS_VALUE) || !ctx->path_match)
+		return 0;
+
+	/* this catches, eg, vhosts[].headers[].xxx */
+	if (reason == LEJPCB_VAL_STR_END &&
+	    ctx->path_match == LWJPGP_REJECT_SERVICE_KEYWORDS_NAME + 1) {
+		rej = lwsws_align(a);
+		a->p += sizeof(*rej);
+
+		n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p);
+		rej->next = a->info->reject_service_keywords;
+		a->info->reject_service_keywords = rej;
+		rej->name = a->p;
+		 lwsl_notice("  adding rej %s=%s\n", a->p, ctx->buf);
+		a->p += n - 1;
+		*(a->p++) = '\0';
+		rej->value = a->p;
+		rej->options = NULL;
+		goto dostring;
+	}
+
+	switch (ctx->path_match - 1) {
+	case LEJPGP_UID:
+		a->info->uid = atoi(ctx->buf);
+		return 0;
+	case LEJPGP_GID:
+		a->info->gid = atoi(ctx->buf);
+		return 0;
+	case LEJPGP_COUNT_THREADS:
+		a->info->count_threads = atoi(ctx->buf);
+		return 0;
+	case LWJPGP_INIT_SSL:
+		if (arg_to_bool(ctx->buf))
+			a->info->options |= LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT;
+		return 0;
+	case LEJPGP_SERVER_STRING:
+		a->info->server_string = a->p;
+		break;
+	case LEJPGP_PLUGIN_DIR:
+		if (a->count_plugin_dirs == MAX_PLUGIN_DIRS - 1) {
+			lwsl_err("Too many plugin dirs\n");
+			return -1;
+		}
+		a->plugin_dirs[a->count_plugin_dirs++] = a->p;
+		break;
+
+	case LWJPGP_PINGPONG_SECS:
+		a->info->ws_ping_pong_interval = atoi(ctx->buf);
+		return 0;
+
+	case LWJPGP_TIMEOUT_SECS:
+		a->info->timeout_secs = atoi(ctx->buf);
+		return 0;
+
+	default:
+		return 0;
+	}
+
+dostring:
+	a->p += lws_snprintf(a->p, a->end - a->p, "%s", ctx->buf);
+	*(a->p)++ = '\0';
+
+	return 0;
+}
+
+static signed char
+lejp_vhosts_cb(struct lejp_ctx *ctx, char reason)
+{
+	struct jpargs *a = (struct jpargs *)ctx->user;
+	struct lws_protocol_vhost_options *pvo, *mp_cgienv, *headers;
+	struct lws_http_mount *m;
+	char *p, *p1;
+	int n;
+
+#if 0
+	lwsl_notice(" %d: %s (%d)\n", reason, ctx->path, ctx->path_match);
+	for (n = 0; n < ctx->wildcount; n++)
+		lwsl_notice("    %d\n", ctx->wild[n]);
+#endif
+
+	if (reason == LEJPCB_OBJECT_START && ctx->path_match == LEJPVP + 1) {
+		/* set the defaults for this vhost */
+		a->valid = 1;
+		a->head = NULL;
+		a->last = NULL;
+		a->info->port = 0;
+		a->info->iface = NULL;
+		a->info->protocols = a->protocols;
+		a->info->extensions = a->extensions;
+		a->info->ssl_cert_filepath = NULL;
+		a->info->ssl_private_key_filepath = NULL;
+		a->info->ssl_ca_filepath = NULL;
+		a->info->client_ssl_cert_filepath = NULL;
+		a->info->client_ssl_private_key_filepath = NULL;
+		a->info->client_ssl_ca_filepath = NULL;
+		a->info->client_ssl_cipher_list = "ECDHE-ECDSA-AES256-GCM-SHA384:"
+			"ECDHE-RSA-AES256-GCM-SHA384:"
+			"DHE-RSA-AES256-GCM-SHA384:"
+			"ECDHE-RSA-AES256-SHA384:"
+			"HIGH:!aNULL:!eNULL:!EXPORT:"
+			"!DES:!MD5:!PSK:!RC4:!HMAC_SHA1:"
+			"!SHA1:!DHE-RSA-AES128-GCM-SHA256:"
+			"!DHE-RSA-AES128-SHA256:"
+			"!AES128-GCM-SHA256:"
+			"!AES128-SHA256:"
+			"!DHE-RSA-AES256-SHA256:"
+			"!AES256-GCM-SHA384:"
+			"!AES256-SHA256";
+		a->info->timeout_secs = 5;
+		a->info->ssl_cipher_list = "ECDHE-ECDSA-AES256-GCM-SHA384:"
+				       "ECDHE-RSA-AES256-GCM-SHA384:"
+				       "DHE-RSA-AES256-GCM-SHA384:"
+				       "ECDHE-RSA-AES256-SHA384:"
+				       "HIGH:!aNULL:!eNULL:!EXPORT:"
+				       "!DES:!MD5:!PSK:!RC4:!HMAC_SHA1:"
+				       "!SHA1:!DHE-RSA-AES128-GCM-SHA256:"
+				       "!DHE-RSA-AES128-SHA256:"
+				       "!AES128-GCM-SHA256:"
+				       "!AES128-SHA256:"
+				       "!DHE-RSA-AES256-SHA256:"
+				       "!AES256-GCM-SHA384:"
+				       "!AES256-SHA256";
+		a->info->pvo = NULL;
+		a->info->headers = NULL;
+		a->info->keepalive_timeout = 5;
+		a->info->log_filepath = NULL;
+		a->info->options &= ~(LWS_SERVER_OPTION_UNIX_SOCK |
+				      LWS_SERVER_OPTION_STS | LWS_SERVER_OPTION_ONLY_RAW);
+		a->enable_client_ssl = 0;
+	}
+
+	if (reason == LEJPCB_OBJECT_START &&
+	    ctx->path_match == LEJPVP_MOUNTS + 1) {
+		a->fresh_mount = 1;
+		memset(&a->m, 0, sizeof(a->m));
+	}
+
+	/* this catches, eg, vhosts[].ws-protocols[].xxx-protocol */
+	if (reason == LEJPCB_OBJECT_START &&
+	    ctx->path_match == LEJPVP_PROTOCOL_NAME + 1) {
+		a->pvo = lwsws_align(a);
+		a->p += sizeof(*a->pvo);
+
+		n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p);
+		/* ie, enable this protocol, no options yet */
+		a->pvo->next = a->info->pvo;
+		a->info->pvo = a->pvo;
+		a->pvo->name = a->p;
+		lwsl_notice("  adding protocol %s\n", a->p);
+		a->p += n;
+		a->pvo->value = a->p;
+		a->pvo->options = NULL;
+		goto dostring;
+	}
+
+	/* this catches, eg, vhosts[].headers[].xxx */
+	if (reason == LEJPCB_VAL_STR_END &&
+	    ctx->path_match == LEJPVP_HEADERS_NAME + 1) {
+		headers = lwsws_align(a);
+		a->p += sizeof(*headers);
+
+		n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p);
+		/* ie, enable this protocol, no options yet */
+		headers->next = a->info->headers;
+		a->info->headers = headers;
+		headers->name = a->p;
+		// lwsl_notice("  adding header %s=%s\n", a->p, ctx->buf);
+		a->p += n - 1;
+		*(a->p++) = ':';
+		if (a->p < a->end)
+			*(a->p++) = '\0';
+		else
+			*(a->p - 1) = '\0';
+		headers->value = a->p;
+		headers->options = NULL;
+		goto dostring;
+	}
+
+	if (reason == LEJPCB_OBJECT_END &&
+	    (ctx->path_match == LEJPVP + 1 || !ctx->path[0]) &&
+	    a->valid) {
+
+		struct lws_vhost *vhost;
+
+		//lwsl_notice("%s\n", ctx->path);
+		if (!a->info->port) {
+			lwsl_err("Port required (eg, 443)");
+			return 1;
+		}
+		a->valid = 0;
+		a->info->mounts = a->head;
+
+		vhost = lws_create_vhost(a->context, a->info);
+		if (!vhost) {
+			lwsl_err("Failed to create vhost %s\n",
+				 a->info->vhost_name);
+			return 1;
+		}
+		a->any_vhosts = 1;
+
+		if (a->enable_client_ssl) {
+			const char *cert_filepath = a->info->client_ssl_cert_filepath;
+			const char *private_key_filepath = a->info->client_ssl_private_key_filepath;
+			const char *ca_filepath = a->info->client_ssl_ca_filepath;
+			const char *cipher_list = a->info->client_ssl_cipher_list;
+			memset(a->info, 0, sizeof(*a->info));
+			a->info->client_ssl_cert_filepath = cert_filepath;
+			a->info->client_ssl_private_key_filepath = private_key_filepath;
+			a->info->client_ssl_ca_filepath = ca_filepath;
+			a->info->client_ssl_cipher_list = cipher_list;
+			a->info->options = LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT;
+			lws_init_vhost_client_ssl(a->info, vhost);
+		}
+
+		return 0;
+	}
+
+	if (reason == LEJPCB_OBJECT_END &&
+	    ctx->path_match == LEJPVP_MOUNTS + 1) {
+		static const char * const mount_protocols[] = {
+			"http://",
+			"https://",
+			"file://",
+			"cgi://",
+			">http://",
+			">https://",
+			"callback://",
+			"gzip://",
+		};
+
+		if (!a->fresh_mount)
+			return 0;
+
+		if (!a->m.mountpoint || !a->m.origin) {
+			lwsl_err("mountpoint and origin required\n");
+			return 1;
+		}
+		lwsl_debug("adding mount %s\n", a->m.mountpoint);
+		m = lwsws_align(a);
+		memcpy(m, &a->m, sizeof(*m));
+		if (a->last)
+			a->last->mount_next = m;
+
+		for (n = 0; n < ARRAY_SIZE(mount_protocols); n++)
+			if (!strncmp(a->m.origin, mount_protocols[n],
+			     strlen(mount_protocols[n]))) {
+				lwsl_info("----%s\n", a->m.origin);
+				m->origin_protocol = n;
+				m->origin = a->m.origin +
+					    strlen(mount_protocols[n]);
+				break;
+			}
+
+		if (n == ARRAY_SIZE(mount_protocols)) {
+			lwsl_err("unsupported protocol:// %s\n", a->m.origin);
+			return 1;
+		}
+
+		a->p += sizeof(*m);
+		if (!a->head)
+			a->head = m;
+
+		a->last = m;
+		a->fresh_mount = 0;
+	}
+
+	/* we only match on the prepared path strings */
+	if (!(reason & LEJP_FLAG_CB_IS_VALUE) || !ctx->path_match)
+		return 0;
+
+	switch (ctx->path_match - 1) {
+	case LEJPVP_NAME:
+		a->info->vhost_name = a->p;
+		break;
+	case LEJPVP_PORT:
+		a->info->port = atoi(ctx->buf);
+		return 0;
+	case LEJPVP_INTERFACE:
+		a->info->iface = a->p;
+		break;
+	case LEJPVP_UNIXSKT:
+		if (arg_to_bool(ctx->buf))
+			a->info->options |= LWS_SERVER_OPTION_UNIX_SOCK;
+		else
+			a->info->options &= ~(LWS_SERVER_OPTION_UNIX_SOCK);
+		return 0;
+	case LEJPVP_STS:
+		if (arg_to_bool(ctx->buf))
+			a->info->options |= LWS_SERVER_OPTION_STS;
+		else
+			a->info->options &= ~(LWS_SERVER_OPTION_STS);
+		return 0;
+	case LEJPVP_HOST_SSL_KEY:
+		a->info->ssl_private_key_filepath = a->p;
+		break;
+	case LEJPVP_HOST_SSL_CERT:
+		a->info->ssl_cert_filepath = a->p;
+		break;
+	case LEJPVP_HOST_SSL_CA:
+		a->info->ssl_ca_filepath = a->p;
+		break;
+	case LEJPVP_ACCESS_LOG:
+		a->info->log_filepath = a->p;
+		break;
+	case LEJPVP_MOUNTPOINT:
+		a->m.mountpoint = a->p;
+		a->m.mountpoint_len = (unsigned char)strlen(ctx->buf);
+		break;
+	case LEJPVP_ORIGIN:
+		if (!strncmp(ctx->buf, "callback://", 11))
+			a->m.protocol = a->p + 11;
+
+		if (!a->m.origin)
+			a->m.origin = a->p;
+		break;
+	case LEJPVP_DEFAULT:
+		a->m.def = a->p;
+		break;
+	case LEJPVP_DEFAULT_AUTH_MASK:
+		a->m.auth_mask = atoi(ctx->buf);
+		return 0;
+	case LEJPVP_MOUNT_CACHE_MAX_AGE:
+		a->m.cache_max_age = atoi(ctx->buf);
+		return 0;
+	case LEJPVP_MOUNT_CACHE_REUSE:
+		a->m.cache_reusable = arg_to_bool(ctx->buf);
+		return 0;
+	case LEJPVP_MOUNT_CACHE_REVALIDATE:
+		a->m.cache_revalidate = arg_to_bool(ctx->buf);
+		return 0;
+	case LEJPVP_MOUNT_CACHE_INTERMEDIARIES:
+		a->m.cache_intermediaries = arg_to_bool(ctx->buf);;
+		return 0;
+	case LEJPVP_MOUNT_BASIC_AUTH:
+		a->m.basic_auth_login_file = a->p;
+		break;
+	case LEJPVP_CGI_TIMEOUT:
+		a->m.cgi_timeout = atoi(ctx->buf);
+		return 0;
+	case LEJPVP_KEEPALIVE_TIMEOUT:
+		a->info->keepalive_timeout = atoi(ctx->buf);
+		return 0;
+	case LEJPVP_CLIENT_CIPHERS:
+		a->info->client_ssl_cipher_list = a->p;
+		break;
+	case LEJPVP_CIPHERS:
+		a->info->ssl_cipher_list = a->p;
+		break;
+	case LEJPVP_ECDH_CURVE:
+		a->info->ecdh_curve = a->p;
+		break;
+	case LEJPVP_PMO:
+	case LEJPVP_CGI_ENV:
+		mp_cgienv = lwsws_align(a);
+		a->p += sizeof(*a->m.cgienv);
+
+		mp_cgienv->next = a->m.cgienv;
+		a->m.cgienv = mp_cgienv;
+
+		n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p);
+		mp_cgienv->name = a->p;
+		a->p += n;
+		mp_cgienv->value = a->p;
+		mp_cgienv->options = NULL;
+		//lwsl_notice("    adding pmo / cgi-env '%s' = '%s'\n", mp_cgienv->name,
+		//		mp_cgienv->value);
+		goto dostring;
+
+	case LEJPVP_PROTOCOL_NAME_OPT:
+		/* this catches, eg,
+		 * vhosts[].ws-protocols[].xxx-protocol.yyy-option
+		 * ie, these are options attached to a protocol with { }
+		 */
+		pvo = lwsws_align(a);
+		a->p += sizeof(*a->pvo);
+
+		n = lejp_get_wildcard(ctx, 1, a->p, a->end - a->p);
+		/* ie, enable this protocol, no options yet */
+		pvo->next = a->pvo->options;
+		a->pvo->options = pvo;
+		pvo->name = a->p;
+		a->p += n;
+		pvo->value = a->p;
+		pvo->options = NULL;
+		break;
+
+	case LEJPVP_MOUNT_EXTRA_MIMETYPES:
+		a->pvo_em = lwsws_align(a);
+		a->p += sizeof(*a->pvo_em);
+
+		n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p);
+		/* ie, enable this protocol, no options yet */
+		a->pvo_em->next = a->m.extra_mimetypes;
+		a->m.extra_mimetypes = a->pvo_em;
+		a->pvo_em->name = a->p;
+		lwsl_notice("  adding extra-mimetypes %s -> %s\n", a->p, ctx->buf);
+		a->p += n;
+		a->pvo_em->value = a->p;
+		a->pvo_em->options = NULL;
+		break;
+
+	case LEJPVP_MOUNT_INTERPRET:
+		a->pvo_int = lwsws_align(a);
+		a->p += sizeof(*a->pvo_int);
+
+		n = lejp_get_wildcard(ctx, 0, a->p, a->end - a->p);
+		/* ie, enable this protocol, no options yet */
+		a->pvo_int->next = a->m.interpret;
+		a->m.interpret = a->pvo_int;
+		a->pvo_int->name = a->p;
+		lwsl_notice("  adding interpret %s -> %s\n", a->p,
+			    ctx->buf);
+		a->p += n;
+		a->pvo_int->value = a->p;
+		a->pvo_int->options = NULL;
+		break;
+
+	case LEJPVP_ENABLE_CLIENT_SSL:
+		a->enable_client_ssl = arg_to_bool(ctx->buf);
+		return 0;
+	case LEJPVP_CLIENT_SSL_KEY:
+		a->info->client_ssl_private_key_filepath = a->p;
+		break;
+	case LEJPVP_CLIENT_SSL_CERT:
+		a->info->client_ssl_cert_filepath = a->p;
+		break;
+	case LEJPVP_CLIENT_SSL_CA:
+		a->info->client_ssl_ca_filepath = a->p;
+		break;
+
+	case LEJPVP_NOIPV6:
+		if (arg_to_bool(ctx->buf))
+			a->info->options |= LWS_SERVER_OPTION_DISABLE_IPV6;
+		else
+			a->info->options &= ~(LWS_SERVER_OPTION_DISABLE_IPV6);
+		return 0;
+
+	case LEJPVP_FLAG_ONLYRAW:
+		if (arg_to_bool(ctx->buf))
+			a->info->options |= LWS_SERVER_OPTION_ONLY_RAW;
+		else
+			a->info->options &= ~(LWS_SERVER_OPTION_ONLY_RAW);
+		return 0;
+
+	case LEJPVP_IPV6ONLY:
+		a->info->options |= LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY;
+		if (arg_to_bool(ctx->buf))
+			a->info->options |= LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE;
+		else
+			a->info->options &= ~(LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE);
+		return 0;
+
+	case LEJPVP_SSL_OPTION_SET:
+		a->info->ssl_options_set |= atol(ctx->buf);
+		return 0;
+	case LEJPVP_SSL_OPTION_CLEAR:
+		a->info->ssl_options_clear |= atol(ctx->buf);
+		return 0;
+
+	default:
+		return 0;
+	}
+
+dostring:
+	p = ctx->buf;
+	p1 = strstr(p, ESC_INSTALL_DATADIR);
+	if (p1) {
+		n = p1 - p;
+		if (n > a->end - a->p)
+			n = a->end - a->p;
+		strncpy(a->p, p, n);
+		a->p += n;
+		a->p += lws_snprintf(a->p, a->end - a->p, "%s", LWS_INSTALL_DATADIR);
+		p += n + strlen(ESC_INSTALL_DATADIR);
+	}
+
+	a->p += lws_snprintf(a->p, a->end - a->p, "%s", p);
+	*(a->p)++ = '\0';
+
+	return 0;
+}
+
+/*
+ * returns 0 = OK, 1 = can't open, 2 = parsing error
+ */
+
+static int
+lwsws_get_config(void *user, const char *f, const char * const *paths,
+		 int count_paths, lejp_callback cb)
+{
+	unsigned char buf[128];
+	struct lejp_ctx ctx;
+	int n, m, fd;
+
+	fd = open(f, O_RDONLY);
+	if (fd < 0) {
+		lwsl_err("Cannot open %s\n", f);
+		return 2;
+	}
+	lwsl_info("%s: %s\n", __func__, f);
+	lejp_construct(&ctx, cb, user, paths, count_paths);
+
+	do {
+		n = read(fd, buf, sizeof(buf));
+		if (!n)
+			break;
+
+		m = (int)(signed char)lejp_parse(&ctx, buf, n);
+	} while (m == LEJP_CONTINUE);
+
+	close(fd);
+	n = ctx.line;
+	lejp_destruct(&ctx);
+
+	if (m < 0) {
+		lwsl_err("%s(%u): parsing error %d: %s\n", f, n, m,
+			 parser_errs[-m]);
+		return 2;
+	}
+
+	return 0;
+}
+
+#if defined(LWS_WITH_LIBUV) && UV_VERSION_MAJOR > 0
+
+static int
+lwsws_get_config_d(void *user, const char *d, const char * const *paths,
+		   int count_paths, lejp_callback cb)
+{
+	uv_dirent_t dent;
+	uv_fs_t req;
+	char path[256];
+	int ret = 0, ir;
+	uv_loop_t loop;
+
+	ir = uv_loop_init(&loop);
+	if (ir) {
+		lwsl_err("%s: loop init failed %d\n", __func__, ir);
+	}
+
+	if (!uv_fs_scandir(&loop, &req, d, 0, NULL)) {
+		lwsl_err("Scandir on %s failed\n", d);
+		return 2;
+	}
+
+	while (uv_fs_scandir_next(&req, &dent) != UV_EOF) {
+		lws_snprintf(path, sizeof(path) - 1, "%s/%s", d, dent.name);
+		ret = lwsws_get_config(user, path, paths, count_paths, cb);
+		if (ret)
+			goto bail;
+	}
+
+bail:
+	uv_fs_req_cleanup(&req);
+	while (uv_loop_close(&loop))
+		;
+
+	return ret;
+}
+
+#else
+
+#ifndef _WIN32
+static int filter(const struct dirent *ent)
+{
+	if (!strcmp(ent->d_name, ".") || !strcmp(ent->d_name, ".."))
+		return 0;
+
+	return 1;
+}
+#endif
+
+static int
+lwsws_get_config_d(void *user, const char *d, const char * const *paths,
+		   int count_paths, lejp_callback cb)
+{
+#ifndef _WIN32
+	struct dirent **namelist;
+	char path[256];
+	int n, i, ret = 0;
+
+	n = scandir(d, &namelist, filter, alphasort);
+	if (n < 0) {
+		lwsl_err("Scandir on %s failed\n", d);
+		return 1;
+	}
+
+	for (i = 0; i < n; i++) {
+		if (strchr(namelist[i]->d_name, '~'))
+			goto skip;
+		lws_snprintf(path, sizeof(path) - 1, "%s/%s", d,
+			 namelist[i]->d_name);
+		ret = lwsws_get_config(user, path, paths, count_paths, cb);
+		if (ret) {
+			while (i++ < n)
+				free(namelist[i]);
+			goto bail;
+		}
+skip:
+		free(namelist[i]);
+	}
+
+bail:
+	free(namelist);
+
+	return ret;
+#else
+	return 0;
+#endif
+}
+
+#endif
+
+int
+lwsws_get_config_globals(struct lws_context_creation_info *info, const char *d,
+			 char **cs, int *len)
+{
+	struct jpargs a;
+	const char * const *old = info->plugin_dirs;
+	char dd[128];
+
+	memset(&a, 0, sizeof(a));
+
+	a.info = info;
+	a.p = *cs;
+	a.end = (a.p + *len) - 1;
+	a.valid = 0;
+
+	lwsws_align(&a);
+	info->plugin_dirs = (void *)a.p;
+	a.plugin_dirs = (void *)a.p; /* writeable version */
+	a.p += MAX_PLUGIN_DIRS * sizeof(void *);
+
+	/* copy any default paths */
+
+	while (old && *old) {
+		a.plugin_dirs[a.count_plugin_dirs++] = *old;
+		old++;
+	}
+
+	lws_snprintf(dd, sizeof(dd) - 1, "%s/conf", d);
+	if (lwsws_get_config(&a, dd, paths_global,
+			     ARRAY_SIZE(paths_global), lejp_globals_cb) > 1)
+		return 1;
+	lws_snprintf(dd, sizeof(dd) - 1, "%s/conf.d", d);
+	if (lwsws_get_config_d(&a, dd, paths_global,
+			       ARRAY_SIZE(paths_global), lejp_globals_cb) > 1)
+		return 1;
+
+	a.plugin_dirs[a.count_plugin_dirs] = NULL;
+
+	*cs = a.p;
+	*len = a.end - a.p;
+
+	return 0;
+}
+
+int
+lwsws_get_config_vhosts(struct lws_context *context,
+			struct lws_context_creation_info *info, const char *d,
+			char **cs, int *len)
+{
+	struct jpargs a;
+	char dd[128];
+
+	memset(&a, 0, sizeof(a));
+
+	a.info = info;
+	a.p = *cs;
+	a.end = a.p + *len;
+	a.valid = 0;
+	a.context = context;
+	a.protocols = info->protocols;
+	a.extensions = info->extensions;
+
+	lws_snprintf(dd, sizeof(dd) - 1, "%s/conf", d);
+	if (lwsws_get_config(&a, dd, paths_vhosts,
+			     ARRAY_SIZE(paths_vhosts), lejp_vhosts_cb) > 1)
+		return 1;
+	lws_snprintf(dd, sizeof(dd) - 1, "%s/conf.d", d);
+	if (lwsws_get_config_d(&a, dd, paths_vhosts,
+			       ARRAY_SIZE(paths_vhosts), lejp_vhosts_cb) > 1)
+		return 1;
+
+	*cs = a.p;
+	*len = a.end - a.p;
+
+	if (!a.any_vhosts) {
+		lwsl_err("Need at least one vhost\n");
+		return 1;
+	}
+
+//	lws_finalize_startup(context);
+
+	return 0;
+}
diff --git a/thirdparty/lws/server/parsers.c b/thirdparty/lws/server/parsers.c
new file mode 100644
index 0000000000..fb345ab04c
--- /dev/null
+++ b/thirdparty/lws/server/parsers.c
@@ -0,0 +1,1783 @@
+/*
+ * libwebsockets - small server side websockets and web server implementation
+ *
+ * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com>
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation:
+ *  version 2.1 of the License.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA  02110-1301  USA
+ */
+
+#include "private-libwebsockets.h"
+
+const unsigned char lextable[] = {
+	#include "lextable.h"
+};
+
+#define FAIL_CHAR 0x08
+
+int LWS_WARN_UNUSED_RESULT
+lextable_decode(int pos, char c)
+{
+	if (c >= 'A' && c <= 'Z')
+		c += 'a' - 'A';
+
+	while (1) {
+		if (lextable[pos] & (1 << 7)) { /* 1-byte, fail on mismatch */
+			if ((lextable[pos] & 0x7f) != c)
+				return -1;
+			/* fall thru */
+			pos++;
+			if (lextable[pos] == FAIL_CHAR)
+				return -1;
+			return pos;
+		}
+
+		if (lextable[pos] == FAIL_CHAR)
+			return -1;
+
+		/* b7 = 0, end or 3-byte */
+		if (lextable[pos] < FAIL_CHAR) /* terminal marker */
+			return pos;
+
+		if (lextable[pos] == c) /* goto */
+			return pos + (lextable[pos + 1]) +
+						(lextable[pos + 2] << 8);
+		/* fall thru goto */
+		pos += 3;
+		/* continue */
+	}
+}
+
+static struct allocated_headers *
+_lws_create_ah(struct lws_context_per_thread *pt, ah_data_idx_t data_size)
+{
+	struct allocated_headers *ah = lws_zalloc(sizeof(*ah), "ah struct");
+
+	if (!ah)
+		return NULL;
+
+	ah->data = lws_malloc(data_size, "ah data");
+	if (!ah->data) {
+		lws_free(ah);
+
+		return NULL;
+	}
+	ah->next = pt->ah_list;
+	pt->ah_list = ah;
+	ah->data_length = data_size;
+	pt->ah_pool_length++;
+
+	lwsl_info("%s: created ah %p (size %d): pool length %d\n", __func__,
+		    ah, (int)data_size, pt->ah_pool_length);
+
+	return ah;
+}
+
+int
+_lws_destroy_ah(struct lws_context_per_thread *pt, struct allocated_headers *ah)
+{
+	lws_start_foreach_llp(struct allocated_headers **, a, pt->ah_list) {
+		if ((*a) == ah) {
+			*a = ah->next;
+			pt->ah_pool_length--;
+			lwsl_info("%s: freed ah %p : pool length %d\n",
+				    __func__, ah, pt->ah_pool_length);
+			if (ah->data)
+				lws_free(ah->data);
+			lws_free(ah);
+
+			return 0;
+		}
+	} lws_end_foreach_llp(a, next);
+
+	return 1;
+}
+
+void
+_lws_header_table_reset(struct allocated_headers *ah)
+{
+	/* init the ah to reflect no headers or data have appeared yet */
+	memset(ah->frag_index, 0, sizeof(ah->frag_index));
+	memset(ah->frags, 0, sizeof(ah->frags));
+	ah->nfrag = 0;
+	ah->pos = 0;
+	ah->http_response = 0;
+}
+
+// doesn't scrub the ah rxbuffer by default, parent must do if needed
+
+void
+lws_header_table_reset(struct lws *wsi, int autoservice)
+{
+	struct allocated_headers *ah = wsi->u.hdr.ah;
+	struct lws_context_per_thread *pt;
+	struct lws_pollfd *pfd;
+
+	/* if we have the idea we're resetting 'our' ah, must be bound to one */
+	assert(ah);
+	/* ah also concurs with ownership */
+	assert(ah->wsi == wsi);
+
+	_lws_header_table_reset(ah);
+
+        wsi->u.hdr.parser_state = WSI_TOKEN_NAME_PART;
+        wsi->u.hdr.lextable_pos = 0;
+
+	/* since we will restart the ah, our new headers are not completed */
+	wsi->hdr_parsing_completed = 0;
+
+	/* while we hold the ah, keep a timeout on the wsi */
+	lws_set_timeout(wsi, PENDING_TIMEOUT_HOLDING_AH,
+			wsi->vhost->timeout_secs_ah_idle);
+
+	time(&ah->assigned);
+
+	/*
+	 * if we inherited pending rx (from socket adoption deferred
+	 * processing), apply and free it.
+	 */
+	if (wsi->u.hdr.preamble_rx) {
+		memcpy(ah->rx, wsi->u.hdr.preamble_rx,
+		       wsi->u.hdr.preamble_rx_len);
+		ah->rxlen = wsi->u.hdr.preamble_rx_len;
+		lws_free_set_NULL(wsi->u.hdr.preamble_rx);
+
+		if (autoservice) {
+			lwsl_debug("%s: service on readbuf ah\n", __func__);
+
+			pt = &wsi->context->pt[(int)wsi->tsi];
+			/*
+			 * Unlike a normal connect, we have the headers already
+			 * (or the first part of them anyway)
+			 */
+			pfd = &pt->fds[wsi->position_in_fds_table];
+			pfd->revents |= LWS_POLLIN;
+			lwsl_err("%s: calling service\n", __func__);
+			lws_service_fd_tsi(wsi->context, pfd, wsi->tsi);
+		}
+	}
+}
+
+static void
+_lws_header_ensure_we_are_on_waiting_list(struct lws *wsi)
+{
+	struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
+	struct lws_pollargs pa;
+	struct lws **pwsi = &pt->ah_wait_list;
+
+	while (*pwsi) {
+		if (*pwsi == wsi)
+			return;
+		pwsi = &(*pwsi)->u.hdr.ah_wait_list;
+	}
+
+	lwsl_info("%s: wsi: %p\n", __func__, wsi);
+	wsi->u.hdr.ah_wait_list = pt->ah_wait_list;
+	pt->ah_wait_list = wsi;
+	pt->ah_wait_list_length++;
+
+	/* we cannot accept input then */
+
+	_lws_change_pollfd(wsi, LWS_POLLIN, 0, &pa);
+}
+
+static int
+__lws_remove_from_ah_waiting_list(struct lws *wsi)
+{
+        struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
+	struct lws **pwsi =&pt->ah_wait_list;
+
+	while (*pwsi) {
+		if (*pwsi == wsi) {
+			lwsl_info("%s: wsi %p\n", __func__, wsi);
+			/* point prev guy to our next */
+			*pwsi = wsi->u.hdr.ah_wait_list;
+			/* we shouldn't point anywhere now */
+			wsi->u.hdr.ah_wait_list = NULL;
+			pt->ah_wait_list_length--;
+
+			return 1;
+		}
+		pwsi = &(*pwsi)->u.hdr.ah_wait_list;
+	}
+
+	return 0;
+}
+
+int LWS_WARN_UNUSED_RESULT
+lws_header_table_attach(struct lws *wsi, int autoservice)
+{
+	struct lws_context *context = wsi->context;
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+	struct lws_pollargs pa;
+	int n;
+
+	lwsl_info("%s: wsi %p: ah %p (tsi %d, count = %d) in\n", __func__,
+		  (void *)wsi, (void *)wsi->u.hdr.ah, wsi->tsi,
+		  pt->ah_count_in_use);
+
+	/* if we are already bound to one, just clear it down */
+	if (wsi->u.hdr.ah) {
+		lwsl_info("%s: cleardown\n", __func__);
+		goto reset;
+	}
+
+	lws_pt_lock(pt);
+
+	n = pt->ah_count_in_use == context->max_http_header_pool;
+#if defined(LWS_WITH_PEER_LIMITS)
+	if (!n) {
+		n = lws_peer_confirm_ah_attach_ok(context, wsi->peer);
+		if (n)
+			lws_stats_atomic_bump(wsi->context, pt,
+				LWSSTATS_C_PEER_LIMIT_AH_DENIED, 1);
+	}
+#endif
+	if (n) {
+		/*
+		 * Pool is either all busy, or we don't want to give this
+		 * particular guy an ah right now...
+		 *
+		 * Make sure we are on the waiting list, and return that we
+		 * weren't able to provide the ah
+		 */
+		_lws_header_ensure_we_are_on_waiting_list(wsi);
+
+		goto bail;
+	}
+
+	__lws_remove_from_ah_waiting_list(wsi);
+
+	wsi->u.hdr.ah = _lws_create_ah(pt, context->max_http_header_data);
+	if (!wsi->u.hdr.ah) { /* we could not create an ah */
+		_lws_header_ensure_we_are_on_waiting_list(wsi);
+
+		goto bail;
+	}
+
+	wsi->u.hdr.ah->in_use = 1;
+	wsi->u.hdr.ah->wsi = wsi; /* mark our owner */
+	pt->ah_count_in_use++;
+
+#if defined(LWS_WITH_PEER_LIMITS)
+	if (wsi->peer)
+		wsi->peer->count_ah++;
+#endif
+
+	_lws_change_pollfd(wsi, 0, LWS_POLLIN, &pa);
+
+	lwsl_info("%s: did attach wsi %p: ah %p: count %d (on exit)\n", __func__,
+		  (void *)wsi, (void *)wsi->u.hdr.ah, pt->ah_count_in_use);
+
+	lws_pt_unlock(pt);
+
+reset:
+
+	/* and reset the rx state */
+	wsi->u.hdr.ah->rxpos = 0;
+	wsi->u.hdr.ah->rxlen = 0;
+
+	lws_header_table_reset(wsi, autoservice);
+
+#ifndef LWS_NO_CLIENT
+	if (wsi->state == LWSS_CLIENT_UNCONNECTED)
+		if (!lws_client_connect_via_info2(wsi))
+			/* our client connect has failed, the wsi
+			 * has been closed
+			 */
+			return -1;
+#endif
+
+	return 0;
+
+bail:
+	lws_pt_unlock(pt);
+
+	return 1;
+}
+
+void
+lws_header_table_force_to_detachable_state(struct lws *wsi)
+{
+	if (wsi->u.hdr.ah) {
+		wsi->u.hdr.ah->rxpos = -1;
+		wsi->u.hdr.ah->rxlen = -1;
+		wsi->hdr_parsing_completed = 1;
+	}
+}
+
+int
+lws_header_table_is_in_detachable_state(struct lws *wsi)
+{
+	struct allocated_headers *ah = wsi->u.hdr.ah;
+
+	return ah && ah->rxpos == ah->rxlen && wsi->hdr_parsing_completed;
+}
+
+int lws_header_table_detach(struct lws *wsi, int autoservice)
+{
+	struct lws_context *context = wsi->context;
+	struct allocated_headers *ah = wsi->u.hdr.ah;
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+	struct lws_pollargs pa;
+	struct lws **pwsi, **pwsi_eligible;
+	time_t now;
+
+	lws_pt_lock(pt);
+	__lws_remove_from_ah_waiting_list(wsi);
+	lws_pt_unlock(pt);
+
+	if (!ah)
+		return 0;
+
+	lwsl_info("%s: wsi %p: ah %p (tsi=%d, count = %d)\n", __func__,
+		  (void *)wsi, (void *)ah, wsi->tsi,
+		  pt->ah_count_in_use);
+
+	if (wsi->u.hdr.preamble_rx)
+		lws_free_set_NULL(wsi->u.hdr.preamble_rx);
+
+	/* may not be detached while he still has unprocessed rx */
+	if (!lws_header_table_is_in_detachable_state(wsi)) {
+		lwsl_err("%s: %p: CANNOT DETACH rxpos:%d, rxlen:%d, "
+			 "wsi->hdr_parsing_completed = %d\n", __func__, wsi,
+			 ah->rxpos, ah->rxlen, wsi->hdr_parsing_completed);
+		return 0;
+	}
+
+	lws_pt_lock(pt);
+
+	/* we did have an ah attached */
+	time(&now);
+	if (ah->assigned && now - ah->assigned > 3) {
+		/*
+		 * we're detaching the ah, but it was held an
+		 * unreasonably long time
+		 */
+		lwsl_debug("%s: wsi %p: ah held %ds, "
+			    "ah.rxpos %d, ah.rxlen %d, mode/state %d %d,"
+			    "wsi->more_rx_waiting %d\n", __func__, wsi,
+			    (int)(now - ah->assigned),
+			    ah->rxpos, ah->rxlen, wsi->mode, wsi->state,
+			    wsi->more_rx_waiting);
+	}
+
+	ah->assigned = 0;
+
+	/* if we think we're detaching one, there should be one in use */
+	assert(pt->ah_count_in_use > 0);
+	/* and this specific one should have been in use */
+	assert(ah->in_use);
+	wsi->u.hdr.ah = NULL;
+	ah->wsi = NULL; /* no owner */
+#if defined(LWS_WITH_PEER_LIMITS)
+	lws_peer_track_ah_detach(context, wsi->peer);
+#endif
+
+	pwsi = &pt->ah_wait_list;
+
+	/* oh there is nobody on the waiting list... leave the ah unattached */
+	if (!*pwsi)
+		goto nobody_usable_waiting;
+
+	/*
+	 * at least one wsi on the same tsi is waiting, give it to oldest guy
+	 * who is allowed to take it (if any)
+	 */
+	lwsl_info("pt wait list %p\n", *pwsi);
+	wsi = NULL;
+	pwsi_eligible = NULL;
+
+	while (*pwsi) {
+#if defined(LWS_WITH_PEER_LIMITS)
+		/* are we willing to give this guy an ah? */
+		if (!lws_peer_confirm_ah_attach_ok(context, (*pwsi)->peer))
+#endif
+		{
+			wsi = *pwsi;
+			pwsi_eligible = pwsi;
+		}
+#if defined(LWS_WITH_PEER_LIMITS)
+		else
+			if (!(*pwsi)->u.hdr.ah_wait_list)
+				lws_stats_atomic_bump(context, pt,
+					LWSSTATS_C_PEER_LIMIT_AH_DENIED, 1);
+#endif
+		pwsi = &(*pwsi)->u.hdr.ah_wait_list;
+	}
+
+	if (!wsi) /* everybody waiting already has too many ah... */
+		goto nobody_usable_waiting;
+
+	lwsl_info("%s: last eligible wsi in wait list %p\n", __func__, wsi);
+
+	wsi->u.hdr.ah = ah;
+	ah->wsi = wsi; /* new owner */
+
+	/* and reset the rx state */
+	ah->rxpos = 0;
+	ah->rxlen = 0;
+	lws_header_table_reset(wsi, autoservice);
+#if defined(LWS_WITH_PEER_LIMITS)
+	if (wsi->peer)
+		wsi->peer->count_ah++;
+#endif
+
+	/* clients acquire the ah and then insert themselves in fds table... */
+	if (wsi->position_in_fds_table != -1) {
+		lwsl_info("%s: Enabling %p POLLIN\n", __func__, wsi);
+
+		/* he has been stuck waiting for an ah, but now his wait is
+		 * over, let him progress */
+
+		_lws_change_pollfd(wsi, 0, LWS_POLLIN, &pa);
+	}
+
+	/* point prev guy to next guy in list instead */
+	*pwsi_eligible = wsi->u.hdr.ah_wait_list;
+	/* the guy who got one is out of the list */
+	wsi->u.hdr.ah_wait_list = NULL;
+	pt->ah_wait_list_length--;
+
+#ifndef LWS_NO_CLIENT
+	if (wsi->state == LWSS_CLIENT_UNCONNECTED) {
+		lws_pt_unlock(pt);
+
+		if (!lws_client_connect_via_info2(wsi)) {
+			/* our client connect has failed, the wsi
+			 * has been closed
+			 */
+
+			return -1;
+		}
+		return 0;
+	}
+#endif
+
+	assert(!!pt->ah_wait_list_length == !!(lws_intptr_t)pt->ah_wait_list);
+bail:
+	lwsl_info("%s: wsi %p: ah %p (tsi=%d, count = %d)\n", __func__,
+		  (void *)wsi, (void *)ah, pt->tid, pt->ah_count_in_use);
+
+	lws_pt_unlock(pt);
+
+	return 0;
+
+nobody_usable_waiting:
+	lwsl_info("%s: nobody usable waiting\n", __func__);
+	_lws_destroy_ah(pt, ah);
+	pt->ah_count_in_use--;
+
+	goto bail;
+}
+
+LWS_VISIBLE int
+lws_hdr_fragment_length(struct lws *wsi, enum lws_token_indexes h, int frag_idx)
+{
+	int n;
+
+	if (!wsi->u.hdr.ah)
+		return 0;
+
+	n = wsi->u.hdr.ah->frag_index[h];
+	if (!n)
+		return 0;
+	do {
+		if (!frag_idx)
+			return wsi->u.hdr.ah->frags[n].len;
+		n = wsi->u.hdr.ah->frags[n].nfrag;
+	} while (frag_idx-- && n);
+
+	return 0;
+}
+
+LWS_VISIBLE int lws_hdr_total_length(struct lws *wsi, enum lws_token_indexes h)
+{
+	int n;
+	int len = 0;
+
+	if (!wsi->u.hdr.ah)
+		return 0;
+
+	n = wsi->u.hdr.ah->frag_index[h];
+	if (!n)
+		return 0;
+	do {
+		len += wsi->u.hdr.ah->frags[n].len;
+		n = wsi->u.hdr.ah->frags[n].nfrag;
+	} while (n);
+
+	return len;
+}
+
+LWS_VISIBLE int lws_hdr_copy_fragment(struct lws *wsi, char *dst, int len,
+				      enum lws_token_indexes h, int frag_idx)
+{
+	int n = 0;
+	int f;
+
+	if (!wsi->u.hdr.ah)
+		return -1;
+
+	f = wsi->u.hdr.ah->frag_index[h];
+
+	if (!f)
+		return -1;
+
+	while (n < frag_idx) {
+		f = wsi->u.hdr.ah->frags[f].nfrag;
+		if (!f)
+			return -1;
+		n++;
+	}
+
+	if (wsi->u.hdr.ah->frags[f].len >= len)
+		return -1;
+
+	memcpy(dst, wsi->u.hdr.ah->data + wsi->u.hdr.ah->frags[f].offset,
+	       wsi->u.hdr.ah->frags[f].len);
+	dst[wsi->u.hdr.ah->frags[f].len] = '\0';
+
+	return wsi->u.hdr.ah->frags[f].len;
+}
+
+LWS_VISIBLE int lws_hdr_copy(struct lws *wsi, char *dst, int len,
+			     enum lws_token_indexes h)
+{
+	int toklen = lws_hdr_total_length(wsi, h);
+	int n;
+
+	if (toklen >= len)
+		return -1;
+
+	if (!wsi->u.hdr.ah)
+		return -1;
+
+	n = wsi->u.hdr.ah->frag_index[h];
+	if (!n)
+		return 0;
+
+	do {
+		if (wsi->u.hdr.ah->frags[n].len >= len)
+			return -1;
+		strncpy(dst, &wsi->u.hdr.ah->data[wsi->u.hdr.ah->frags[n].offset],
+		        wsi->u.hdr.ah->frags[n].len);
+		dst += wsi->u.hdr.ah->frags[n].len;
+		len -= wsi->u.hdr.ah->frags[n].len;
+		n = wsi->u.hdr.ah->frags[n].nfrag;
+	} while (n);
+	*dst = '\0';
+
+	return toklen;
+}
+
+char *lws_hdr_simple_ptr(struct lws *wsi, enum lws_token_indexes h)
+{
+	int n;
+
+	n = wsi->u.hdr.ah->frag_index[h];
+	if (!n)
+		return NULL;
+
+	return wsi->u.hdr.ah->data + wsi->u.hdr.ah->frags[n].offset;
+}
+
+int LWS_WARN_UNUSED_RESULT
+lws_pos_in_bounds(struct lws *wsi)
+{
+	if (wsi->u.hdr.ah->pos <
+	    (unsigned int)wsi->context->max_http_header_data)
+		return 0;
+
+	if (wsi->u.hdr.ah->pos == wsi->context->max_http_header_data) {
+		lwsl_err("Ran out of header data space\n");
+		return 1;
+	}
+
+	/*
+	 * with these tests everywhere, it should never be able to exceed
+	 * the limit, only meet it
+	 */
+	lwsl_err("%s: pos %d, limit %d\n", __func__, wsi->u.hdr.ah->pos,
+		 wsi->context->max_http_header_data);
+	assert(0);
+
+	return 1;
+}
+
+int LWS_WARN_UNUSED_RESULT
+lws_hdr_simple_create(struct lws *wsi, enum lws_token_indexes h, const char *s)
+{
+	wsi->u.hdr.ah->nfrag++;
+	if (wsi->u.hdr.ah->nfrag == ARRAY_SIZE(wsi->u.hdr.ah->frags)) {
+		lwsl_warn("More hdr frags than we can deal with, dropping\n");
+		return -1;
+	}
+
+	wsi->u.hdr.ah->frag_index[h] = wsi->u.hdr.ah->nfrag;
+
+	wsi->u.hdr.ah->frags[wsi->u.hdr.ah->nfrag].offset = wsi->u.hdr.ah->pos;
+	wsi->u.hdr.ah->frags[wsi->u.hdr.ah->nfrag].len = 0;
+	wsi->u.hdr.ah->frags[wsi->u.hdr.ah->nfrag].nfrag = 0;
+
+	do {
+		if (lws_pos_in_bounds(wsi))
+			return -1;
+
+		wsi->u.hdr.ah->data[wsi->u.hdr.ah->pos++] = *s;
+		if (*s)
+			wsi->u.hdr.ah->frags[wsi->u.hdr.ah->nfrag].len++;
+	} while (*s++);
+
+	return 0;
+}
+
+signed char char_to_hex(const char c)
+{
+	if (c >= '0' && c <= '9')
+		return c - '0';
+
+	if (c >= 'a' && c <= 'f')
+		return c - 'a' + 10;
+
+	if (c >= 'A' && c <= 'F')
+		return c - 'A' + 10;
+
+	return -1;
+}
+
+static int LWS_WARN_UNUSED_RESULT
+issue_char(struct lws *wsi, unsigned char c)
+{
+	unsigned short frag_len;
+
+	if (lws_pos_in_bounds(wsi))
+		return -1;
+
+	frag_len = wsi->u.hdr.ah->frags[wsi->u.hdr.ah->nfrag].len;
+	/*
+	 * If we haven't hit the token limit, just copy the character into
+	 * the header
+	 */
+	if (frag_len < wsi->u.hdr.current_token_limit) {
+		wsi->u.hdr.ah->data[wsi->u.hdr.ah->pos++] = c;
+		if (c)
+			wsi->u.hdr.ah->frags[wsi->u.hdr.ah->nfrag].len++;
+		return 0;
+	}
+
+	/* Insert a null character when we *hit* the limit: */
+	if (frag_len == wsi->u.hdr.current_token_limit) {
+		if (lws_pos_in_bounds(wsi))
+			return -1;
+
+		wsi->u.hdr.ah->data[wsi->u.hdr.ah->pos++] = '\0';
+		lwsl_warn("header %i exceeds limit %d\n",
+			  wsi->u.hdr.parser_state,
+			  wsi->u.hdr.current_token_limit);
+	}
+
+	return 1;
+}
+
+int
+lws_parse_urldecode(struct lws *wsi, uint8_t *_c)
+{
+	struct allocated_headers *ah = wsi->u.hdr.ah;
+	unsigned int enc = 0;
+	uint8_t c = *_c;
+
+	/*
+	 * PRIORITY 1
+	 * special URI processing... convert %xx
+	 */
+	switch (wsi->u.hdr.ues) {
+	case URIES_IDLE:
+		if (c == '%') {
+			wsi->u.hdr.ues = URIES_SEEN_PERCENT;
+			goto swallow;
+		}
+		break;
+	case URIES_SEEN_PERCENT:
+		if (char_to_hex(c) < 0)
+			/* illegal post-% char */
+			goto forbid;
+
+		wsi->u.hdr.esc_stash = c;
+		wsi->u.hdr.ues = URIES_SEEN_PERCENT_H1;
+		goto swallow;
+
+	case URIES_SEEN_PERCENT_H1:
+		if (char_to_hex(c) < 0)
+			/* illegal post-% char */
+			goto forbid;
+
+		*_c = (char_to_hex(wsi->u.hdr.esc_stash) << 4) |
+				char_to_hex(c);
+		c = *_c;
+		enc = 1;
+		wsi->u.hdr.ues = URIES_IDLE;
+		break;
+	}
+
+	/*
+	 * PRIORITY 2
+	 * special URI processing...
+	 *  convert /.. or /... or /../ etc to /
+	 *  convert /./ to /
+	 *  convert // or /// etc to /
+	 *  leave /.dir or whatever alone
+	 */
+
+	switch (wsi->u.hdr.ups) {
+	case URIPS_IDLE:
+		if (!c)
+			return -1;
+		/* genuine delimiter */
+		if ((c == '&' || c == ';') && !enc) {
+			if (issue_char(wsi, c) < 0)
+				return -1;
+			/* swallow the terminator */
+			ah->frags[ah->nfrag].len--;
+			/* link to next fragment */
+			ah->frags[ah->nfrag].nfrag = ah->nfrag + 1;
+			ah->nfrag++;
+			if (ah->nfrag >= ARRAY_SIZE(ah->frags))
+				goto excessive;
+			/* start next fragment after the & */
+			wsi->u.hdr.post_literal_equal = 0;
+			ah->frags[ah->nfrag].offset = ah->pos;
+			ah->frags[ah->nfrag].len = 0;
+			ah->frags[ah->nfrag].nfrag = 0;
+			goto swallow;
+		}
+		/* uriencoded = in the name part, disallow */
+		if (c == '=' && enc &&
+		    ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS] &&
+		    !wsi->u.hdr.post_literal_equal) {
+			c = '_';
+			*_c =c;
+		}
+
+		/* after the real =, we don't care how many = */
+		if (c == '=' && !enc)
+			wsi->u.hdr.post_literal_equal = 1;
+
+		/* + to space */
+		if (c == '+' && !enc) {
+			c = ' ';
+			*_c = c;
+		}
+		/* issue the first / always */
+		if (c == '/' && !ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS])
+			wsi->u.hdr.ups = URIPS_SEEN_SLASH;
+		break;
+	case URIPS_SEEN_SLASH:
+		/* swallow subsequent slashes */
+		if (c == '/')
+			goto swallow;
+		/* track and swallow the first . after / */
+		if (c == '.') {
+			wsi->u.hdr.ups = URIPS_SEEN_SLASH_DOT;
+			goto swallow;
+		}
+		wsi->u.hdr.ups = URIPS_IDLE;
+		break;
+	case URIPS_SEEN_SLASH_DOT:
+		/* swallow second . */
+		if (c == '.') {
+			wsi->u.hdr.ups = URIPS_SEEN_SLASH_DOT_DOT;
+			goto swallow;
+		}
+		/* change /./ to / */
+		if (c == '/') {
+			wsi->u.hdr.ups = URIPS_SEEN_SLASH;
+			goto swallow;
+		}
+		/* it was like /.dir ... regurgitate the . */
+		wsi->u.hdr.ups = URIPS_IDLE;
+		if (issue_char(wsi, '.') < 0)
+			return -1;
+		break;
+
+	case URIPS_SEEN_SLASH_DOT_DOT:
+
+		/* /../ or /..[End of URI] --> backup to last / */
+		if (c == '/' || c == '?') {
+			/*
+			 * back up one dir level if possible
+			 * safe against header fragmentation because
+			 * the method URI can only be in 1 fragment
+			 */
+			if (ah->frags[ah->nfrag].len > 2) {
+				ah->pos--;
+				ah->frags[ah->nfrag].len--;
+				do {
+					ah->pos--;
+					ah->frags[ah->nfrag].len--;
+				} while (ah->frags[ah->nfrag].len > 1 &&
+					 ah->data[ah->pos] != '/');
+			}
+			wsi->u.hdr.ups = URIPS_SEEN_SLASH;
+			if (ah->frags[ah->nfrag].len > 1)
+				break;
+			goto swallow;
+		}
+
+		/*  /..[^/] ... regurgitate and allow */
+
+		if (issue_char(wsi, '.') < 0)
+			return -1;
+		if (issue_char(wsi, '.') < 0)
+			return -1;
+		wsi->u.hdr.ups = URIPS_IDLE;
+		break;
+	}
+
+	if (c == '?' && !enc &&
+	    !ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS]) { /* start of URI arguments */
+		if (wsi->u.hdr.ues != URIES_IDLE)
+			goto forbid;
+
+		/* seal off uri header */
+		if (issue_char(wsi, '\0') < 0)
+			return -1;
+
+		/* move to using WSI_TOKEN_HTTP_URI_ARGS */
+		ah->nfrag++;
+		if (ah->nfrag >= ARRAY_SIZE(ah->frags))
+			goto excessive;
+		ah->frags[ah->nfrag].offset = ah->pos;
+		ah->frags[ah->nfrag].len = 0;
+		ah->frags[ah->nfrag].nfrag = 0;
+
+		wsi->u.hdr.post_literal_equal = 0;
+		ah->frag_index[WSI_TOKEN_HTTP_URI_ARGS] = ah->nfrag;
+		wsi->u.hdr.ups = URIPS_IDLE;
+		goto swallow;
+	}
+
+	return LPUR_CONTINUE;
+
+swallow:
+	return LPUR_SWALLOW;
+
+forbid:
+	return LPUR_FORBID;
+
+excessive:
+	return LPUR_EXCESSIVE;
+}
+
+static const unsigned char methods[] = {
+	WSI_TOKEN_GET_URI,
+	WSI_TOKEN_POST_URI,
+	WSI_TOKEN_OPTIONS_URI,
+	WSI_TOKEN_PUT_URI,
+	WSI_TOKEN_PATCH_URI,
+	WSI_TOKEN_DELETE_URI,
+	WSI_TOKEN_CONNECT,
+	WSI_TOKEN_HEAD_URI,
+};
+
+int LWS_WARN_UNUSED_RESULT
+lws_parse(struct lws *wsi, unsigned char c)
+{
+	struct allocated_headers *ah = wsi->u.hdr.ah;
+	struct lws_context *context = wsi->context;
+	unsigned int n, m;
+	int r;
+
+	assert(wsi->u.hdr.ah);
+
+	switch (wsi->u.hdr.parser_state) {
+	default:
+
+		lwsl_parser("WSI_TOK_(%d) '%c'\n", wsi->u.hdr.parser_state, c);
+
+		/* collect into malloc'd buffers */
+		/* optional initial space swallow */
+		if (!ah->frags[ah->frag_index[wsi->u.hdr.parser_state]].len &&
+		    c == ' ')
+			break;
+
+		for (m = 0; m < ARRAY_SIZE(methods); m++)
+			if (wsi->u.hdr.parser_state == methods[m])
+				break;
+		if (m == ARRAY_SIZE(methods))
+			/* it was not any of the methods */
+			goto check_eol;
+
+		/* special URI processing... end at space */
+
+		if (c == ' ') {
+			/* enforce starting with / */
+			if (!ah->frags[ah->nfrag].len)
+				if (issue_char(wsi, '/') < 0)
+					return -1;
+
+			if (wsi->u.hdr.ups == URIPS_SEEN_SLASH_DOT_DOT) {
+				/*
+				 * back up one dir level if possible
+				 * safe against header fragmentation because
+				 * the method URI can only be in 1 fragment
+				 */
+				if (ah->frags[ah->nfrag].len > 2) {
+					ah->pos--;
+					ah->frags[ah->nfrag].len--;
+					do {
+						ah->pos--;
+						ah->frags[ah->nfrag].len--;
+					} while (ah->frags[ah->nfrag].len > 1 &&
+						 ah->data[ah->pos] != '/');
+				}
+			}
+
+			/* begin parsing HTTP version: */
+			if (issue_char(wsi, '\0') < 0)
+				return -1;
+			wsi->u.hdr.parser_state = WSI_TOKEN_HTTP;
+			goto start_fragment;
+		}
+
+		r = lws_parse_urldecode(wsi, &c);
+		switch (r) {
+		case LPUR_CONTINUE:
+			break;
+		case LPUR_SWALLOW:
+			goto swallow;
+		case LPUR_FORBID:
+			goto forbid;
+		case LPUR_EXCESSIVE:
+			goto excessive;
+		default:
+			return -1;
+		}
+check_eol:
+		/* bail at EOL */
+		if (wsi->u.hdr.parser_state != WSI_TOKEN_CHALLENGE &&
+		    c == '\x0d') {
+			if (wsi->u.hdr.ues != URIES_IDLE)
+				goto forbid;
+
+			c = '\0';
+			wsi->u.hdr.parser_state = WSI_TOKEN_SKIPPING_SAW_CR;
+			lwsl_parser("*\n");
+		}
+
+		n = issue_char(wsi, c);
+		if ((int)n < 0)
+			return -1;
+		if (n > 0)
+			wsi->u.hdr.parser_state = WSI_TOKEN_SKIPPING;
+
+swallow:
+		/* per-protocol end of headers management */
+
+		if (wsi->u.hdr.parser_state == WSI_TOKEN_CHALLENGE)
+			goto set_parsing_complete;
+		break;
+
+		/* collecting and checking a name part */
+	case WSI_TOKEN_NAME_PART:
+		lwsl_parser("WSI_TOKEN_NAME_PART '%c' 0x%02X (mode=%d) wsi->u.hdr.lextable_pos=%d\n", c, c, wsi->mode, wsi->u.hdr.lextable_pos);
+
+		wsi->u.hdr.lextable_pos =
+				lextable_decode(wsi->u.hdr.lextable_pos, c);
+		/*
+		 * Server needs to look out for unknown methods...
+		 */
+		if (wsi->u.hdr.lextable_pos < 0 &&
+		    (wsi->mode == LWSCM_HTTP_SERVING)) {
+			/* this is not a header we know about */
+			for (m = 0; m < ARRAY_SIZE(methods); m++)
+				if (ah->frag_index[methods[m]]) {
+					/*
+					 * already had the method, no idea what
+					 * this crap from the client is, ignore
+					 */
+					wsi->u.hdr.parser_state = WSI_TOKEN_SKIPPING;
+					break;
+				}
+			/*
+			 * hm it's an unknown http method from a client in fact,
+			 * it cannot be valid http
+			 */
+			if (m == ARRAY_SIZE(methods)) {
+				/*
+				 * are we set up to accept raw in these cases?
+				 */
+				if (lws_check_opt(wsi->vhost->options,
+					   LWS_SERVER_OPTION_FALLBACK_TO_RAW))
+					return 2; /* transition to raw */
+
+				lwsl_info("Unknown method - dropping\n");
+				goto forbid;
+			}
+			break;
+		}
+		/*
+		 * ...otherwise for a client, let him ignore unknown headers
+		 * coming from the server
+		 */
+		if (wsi->u.hdr.lextable_pos < 0) {
+			wsi->u.hdr.parser_state = WSI_TOKEN_SKIPPING;
+			break;
+		}
+
+		if (lextable[wsi->u.hdr.lextable_pos] < FAIL_CHAR) {
+			/* terminal state */
+
+			n = ((unsigned int)lextable[wsi->u.hdr.lextable_pos] << 8) |
+					lextable[wsi->u.hdr.lextable_pos + 1];
+
+			lwsl_parser("known hdr %d\n", n);
+			for (m = 0; m < ARRAY_SIZE(methods); m++)
+				if (n == methods[m] &&
+				    ah->frag_index[methods[m]]) {
+					lwsl_warn("Duplicated method\n");
+					return -1;
+				}
+
+			/*
+			 * WSORIGIN is protocol equiv to ORIGIN,
+			 * JWebSocket likes to send it, map to ORIGIN
+			 */
+			if (n == WSI_TOKEN_SWORIGIN)
+				n = WSI_TOKEN_ORIGIN;
+
+			wsi->u.hdr.parser_state = (enum lws_token_indexes)
+							(WSI_TOKEN_GET_URI + n);
+
+			if (context->token_limits)
+				wsi->u.hdr.current_token_limit =
+					context->token_limits->token_limit[
+						       wsi->u.hdr.parser_state];
+			else
+				wsi->u.hdr.current_token_limit =
+					wsi->context->max_http_header_data;
+
+			if (wsi->u.hdr.parser_state == WSI_TOKEN_CHALLENGE)
+				goto set_parsing_complete;
+
+			goto start_fragment;
+		}
+		break;
+
+start_fragment:
+		ah->nfrag++;
+excessive:
+		if (ah->nfrag == ARRAY_SIZE(ah->frags)) {
+			lwsl_warn("More hdr frags than we can deal with\n");
+			return -1;
+		}
+
+		ah->frags[ah->nfrag].offset = ah->pos;
+		ah->frags[ah->nfrag].len = 0;
+		ah->frags[ah->nfrag].nfrag = 0;
+		ah->frags[ah->nfrag].flags = 2;
+
+		n = ah->frag_index[wsi->u.hdr.parser_state];
+		if (!n) { /* first fragment */
+			ah->frag_index[wsi->u.hdr.parser_state] = ah->nfrag;
+			ah->hdr_token_idx = wsi->u.hdr.parser_state;
+			break;
+		}
+		/* continuation */
+		while (ah->frags[n].nfrag)
+			n = ah->frags[n].nfrag;
+		ah->frags[n].nfrag = ah->nfrag;
+
+		if (issue_char(wsi, ' ') < 0)
+			return -1;
+		break;
+
+		/* skipping arg part of a name we didn't recognize */
+	case WSI_TOKEN_SKIPPING:
+		lwsl_parser("WSI_TOKEN_SKIPPING '%c'\n", c);
+
+		if (c == '\x0d')
+			wsi->u.hdr.parser_state = WSI_TOKEN_SKIPPING_SAW_CR;
+		break;
+
+	case WSI_TOKEN_SKIPPING_SAW_CR:
+		lwsl_parser("WSI_TOKEN_SKIPPING_SAW_CR '%c'\n", c);
+		if (wsi->u.hdr.ues != URIES_IDLE)
+			goto forbid;
+		if (c == '\x0a') {
+			wsi->u.hdr.parser_state = WSI_TOKEN_NAME_PART;
+			wsi->u.hdr.lextable_pos = 0;
+		} else
+			wsi->u.hdr.parser_state = WSI_TOKEN_SKIPPING;
+		break;
+		/* we're done, ignore anything else */
+
+	case WSI_PARSING_COMPLETE:
+		lwsl_parser("WSI_PARSING_COMPLETE '%c'\n", c);
+		break;
+	}
+
+	return 0;
+
+set_parsing_complete:
+	if (wsi->u.hdr.ues != URIES_IDLE)
+		goto forbid;
+	if (lws_hdr_total_length(wsi, WSI_TOKEN_UPGRADE)) {
+		if (lws_hdr_total_length(wsi, WSI_TOKEN_VERSION))
+			wsi->ietf_spec_revision =
+			       atoi(lws_hdr_simple_ptr(wsi, WSI_TOKEN_VERSION));
+
+		lwsl_parser("v%02d hdrs completed\n", wsi->ietf_spec_revision);
+	}
+	wsi->u.hdr.parser_state = WSI_PARSING_COMPLETE;
+	wsi->hdr_parsing_completed = 1;
+
+	return 0;
+
+forbid:
+	lwsl_notice(" forbidding on uri sanitation\n");
+	lws_return_http_status(wsi, HTTP_STATUS_FORBIDDEN, NULL);
+
+	return -1;
+}
+
+LWS_VISIBLE int lws_frame_is_binary(struct lws *wsi)
+{
+	return wsi->u.ws.frame_is_binary;
+}
+
+void
+lws_add_wsi_to_draining_ext_list(struct lws *wsi)
+{
+	struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
+
+	if (wsi->u.ws.rx_draining_ext)
+		return;
+
+	lwsl_ext("%s: RX EXT DRAINING: Adding to list\n", __func__);
+
+	wsi->u.ws.rx_draining_ext = 1;
+	wsi->u.ws.rx_draining_ext_list = pt->rx_draining_ext_list;
+	pt->rx_draining_ext_list = wsi;
+}
+
+void
+lws_remove_wsi_from_draining_ext_list(struct lws *wsi)
+{
+	struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
+	struct lws **w = &pt->rx_draining_ext_list;
+
+	if (!wsi->u.ws.rx_draining_ext)
+		return;
+
+	lwsl_ext("%s: RX EXT DRAINING: Removing from list\n", __func__);
+
+	wsi->u.ws.rx_draining_ext = 0;
+
+	/* remove us from context draining ext list */
+	while (*w) {
+		if (*w == wsi) {
+			/* if us, point it instead to who we were pointing to */
+			*w = wsi->u.ws.rx_draining_ext_list;
+			break;
+		}
+		w = &((*w)->u.ws.rx_draining_ext_list);
+	}
+	wsi->u.ws.rx_draining_ext_list = NULL;
+}
+
+/*
+ * client-parser.c: lws_client_rx_sm() needs to be roughly kept in
+ *   sync with changes here, esp related to ext draining
+ */
+
+int
+lws_rx_sm(struct lws *wsi, unsigned char c)
+{
+	int callback_action = LWS_CALLBACK_RECEIVE;
+	int ret = 0, n, rx_draining_ext = 0;
+	struct lws_tokens eff_buf;
+
+	eff_buf.token = NULL;
+	eff_buf.token_len = 0;
+	if (wsi->socket_is_permanently_unusable)
+		return -1;
+
+	switch (wsi->lws_rx_parse_state) {
+	case LWS_RXPS_NEW:
+		if (wsi->u.ws.rx_draining_ext) {
+			eff_buf.token = NULL;
+			eff_buf.token_len = 0;
+			lws_remove_wsi_from_draining_ext_list(wsi);
+			rx_draining_ext = 1;
+			lwsl_debug("%s: doing draining flow\n", __func__);
+
+			goto drain_extension;
+		}
+		switch (wsi->ietf_spec_revision) {
+		case 13:
+			/*
+			 * no prepended frame key any more
+			 */
+			wsi->u.ws.all_zero_nonce = 1;
+			goto handle_first;
+
+		default:
+			lwsl_warn("lws_rx_sm: unknown spec version %d\n",
+						       wsi->ietf_spec_revision);
+			break;
+		}
+		break;
+	case LWS_RXPS_04_mask_1:
+		wsi->u.ws.mask[1] = c;
+		if (c)
+			wsi->u.ws.all_zero_nonce = 0;
+		wsi->lws_rx_parse_state = LWS_RXPS_04_mask_2;
+		break;
+	case LWS_RXPS_04_mask_2:
+		wsi->u.ws.mask[2] = c;
+		if (c)
+			wsi->u.ws.all_zero_nonce = 0;
+		wsi->lws_rx_parse_state = LWS_RXPS_04_mask_3;
+		break;
+	case LWS_RXPS_04_mask_3:
+		wsi->u.ws.mask[3] = c;
+		if (c)
+			wsi->u.ws.all_zero_nonce = 0;
+
+		/*
+		 * start from the zero'th byte in the XOR key buffer since
+		 * this is the start of a frame with a new key
+		 */
+
+		wsi->u.ws.mask_idx = 0;
+
+		wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_1;
+		break;
+
+	/*
+	 *  04 logical framing from the spec (all this is masked when incoming
+	 *  and has to be unmasked)
+	 *
+	 * We ignore the possibility of extension data because we don't
+	 * negotiate any extensions at the moment.
+	 *
+	 *    0                   1                   2                   3
+	 *    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+	 *   +-+-+-+-+-------+-+-------------+-------------------------------+
+	 *   |F|R|R|R| opcode|R| Payload len |    Extended payload length    |
+	 *   |I|S|S|S|  (4)  |S|     (7)     |             (16/63)           |
+	 *   |N|V|V|V|       |V|             |   (if payload len==126/127)   |
+	 *   | |1|2|3|       |4|             |                               |
+	 *   +-+-+-+-+-------+-+-------------+ - - - - - - - - - - - - - - - +
+	 *   |     Extended payload length continued, if payload len == 127  |
+	 *   + - - - - - - - - - - - - - - - +-------------------------------+
+	 *   |                               |         Extension data        |
+	 *   +-------------------------------+ - - - - - - - - - - - - - - - +
+	 *   :                                                               :
+	 *   +---------------------------------------------------------------+
+	 *   :                       Application data                        :
+	 *   +---------------------------------------------------------------+
+	 *
+	 *  We pass payload through to userland as soon as we get it, ignoring
+	 *  FIN.  It's up to userland to buffer it up if it wants to see a
+	 *  whole unfragmented block of the original size (which may be up to
+	 *  2^63 long!)
+	 */
+
+	case LWS_RXPS_04_FRAME_HDR_1:
+handle_first:
+
+		wsi->u.ws.opcode = c & 0xf;
+		wsi->u.ws.rsv = c & 0x70;
+		wsi->u.ws.final = !!((c >> 7) & 1);
+
+		switch (wsi->u.ws.opcode) {
+		case LWSWSOPC_TEXT_FRAME:
+		case LWSWSOPC_BINARY_FRAME:
+			wsi->u.ws.rsv_first_msg = (c & 0x70);
+			wsi->u.ws.frame_is_binary =
+			     wsi->u.ws.opcode == LWSWSOPC_BINARY_FRAME;
+			wsi->u.ws.first_fragment = 1;
+			break;
+		case 3:
+		case 4:
+		case 5:
+		case 6:
+		case 7:
+		case 0xb:
+		case 0xc:
+		case 0xd:
+		case 0xe:
+		case 0xf:
+			lwsl_info("illegal opcode\n");
+			return -1;
+		}
+		wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN;
+		break;
+
+	case LWS_RXPS_04_FRAME_HDR_LEN:
+
+		wsi->u.ws.this_frame_masked = !!(c & 0x80);
+
+		switch (c & 0x7f) {
+		case 126:
+			/* control frames are not allowed to have big lengths */
+			if (wsi->u.ws.opcode & 8)
+				goto illegal_ctl_length;
+
+			wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_2;
+			break;
+		case 127:
+			/* control frames are not allowed to have big lengths */
+			if (wsi->u.ws.opcode & 8)
+				goto illegal_ctl_length;
+
+			wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_8;
+			break;
+		default:
+			wsi->u.ws.rx_packet_length = c & 0x7f;
+			if (wsi->u.ws.this_frame_masked)
+				wsi->lws_rx_parse_state =
+						LWS_RXPS_07_COLLECT_FRAME_KEY_1;
+			else
+				if (wsi->u.ws.rx_packet_length)
+					wsi->lws_rx_parse_state =
+					LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED;
+				else {
+					wsi->lws_rx_parse_state = LWS_RXPS_NEW;
+					goto spill;
+				}
+			break;
+		}
+		break;
+
+	case LWS_RXPS_04_FRAME_HDR_LEN16_2:
+		wsi->u.ws.rx_packet_length = c << 8;
+		wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN16_1;
+		break;
+
+	case LWS_RXPS_04_FRAME_HDR_LEN16_1:
+		wsi->u.ws.rx_packet_length |= c;
+		if (wsi->u.ws.this_frame_masked)
+			wsi->lws_rx_parse_state =
+					LWS_RXPS_07_COLLECT_FRAME_KEY_1;
+		else
+			wsi->lws_rx_parse_state =
+				LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED;
+		break;
+
+	case LWS_RXPS_04_FRAME_HDR_LEN64_8:
+		if (c & 0x80) {
+			lwsl_warn("b63 of length must be zero\n");
+			/* kill the connection */
+			return -1;
+		}
+#if defined __LP64__
+		wsi->u.ws.rx_packet_length = ((size_t)c) << 56;
+#else
+		wsi->u.ws.rx_packet_length = 0;
+#endif
+		wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_7;
+		break;
+
+	case LWS_RXPS_04_FRAME_HDR_LEN64_7:
+#if defined __LP64__
+		wsi->u.ws.rx_packet_length |= ((size_t)c) << 48;
+#endif
+		wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_6;
+		break;
+
+	case LWS_RXPS_04_FRAME_HDR_LEN64_6:
+#if defined __LP64__
+		wsi->u.ws.rx_packet_length |= ((size_t)c) << 40;
+#endif
+		wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_5;
+		break;
+
+	case LWS_RXPS_04_FRAME_HDR_LEN64_5:
+#if defined __LP64__
+		wsi->u.ws.rx_packet_length |= ((size_t)c) << 32;
+#endif
+		wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_4;
+		break;
+
+	case LWS_RXPS_04_FRAME_HDR_LEN64_4:
+		wsi->u.ws.rx_packet_length |= ((size_t)c) << 24;
+		wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_3;
+		break;
+
+	case LWS_RXPS_04_FRAME_HDR_LEN64_3:
+		wsi->u.ws.rx_packet_length |= ((size_t)c) << 16;
+		wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_2;
+		break;
+
+	case LWS_RXPS_04_FRAME_HDR_LEN64_2:
+		wsi->u.ws.rx_packet_length |= ((size_t)c) << 8;
+		wsi->lws_rx_parse_state = LWS_RXPS_04_FRAME_HDR_LEN64_1;
+		break;
+
+	case LWS_RXPS_04_FRAME_HDR_LEN64_1:
+		wsi->u.ws.rx_packet_length |= ((size_t)c);
+		if (wsi->u.ws.this_frame_masked)
+			wsi->lws_rx_parse_state =
+					LWS_RXPS_07_COLLECT_FRAME_KEY_1;
+		else
+			wsi->lws_rx_parse_state =
+				LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED;
+		break;
+
+	case LWS_RXPS_07_COLLECT_FRAME_KEY_1:
+		wsi->u.ws.mask[0] = c;
+		if (c)
+			wsi->u.ws.all_zero_nonce = 0;
+		wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_2;
+		break;
+
+	case LWS_RXPS_07_COLLECT_FRAME_KEY_2:
+		wsi->u.ws.mask[1] = c;
+		if (c)
+			wsi->u.ws.all_zero_nonce = 0;
+		wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_3;
+		break;
+
+	case LWS_RXPS_07_COLLECT_FRAME_KEY_3:
+		wsi->u.ws.mask[2] = c;
+		if (c)
+			wsi->u.ws.all_zero_nonce = 0;
+		wsi->lws_rx_parse_state = LWS_RXPS_07_COLLECT_FRAME_KEY_4;
+		break;
+
+	case LWS_RXPS_07_COLLECT_FRAME_KEY_4:
+		wsi->u.ws.mask[3] = c;
+		if (c)
+			wsi->u.ws.all_zero_nonce = 0;
+		wsi->lws_rx_parse_state =
+					LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED;
+		wsi->u.ws.mask_idx = 0;
+		if (wsi->u.ws.rx_packet_length == 0) {
+			wsi->lws_rx_parse_state = LWS_RXPS_NEW;
+			goto spill;
+		}
+		break;
+
+
+	case LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED:
+		assert(wsi->u.ws.rx_ubuf);
+
+		if (wsi->u.ws.rx_draining_ext)
+			goto drain_extension;
+
+		if (wsi->u.ws.rx_ubuf_head + LWS_PRE >=
+		    wsi->u.ws.rx_ubuf_alloc) {
+			lwsl_err("Attempted overflow \n");
+			return -1;
+		}
+		if (wsi->u.ws.all_zero_nonce)
+			wsi->u.ws.rx_ubuf[LWS_PRE +
+					 (wsi->u.ws.rx_ubuf_head++)] = c;
+		else
+			wsi->u.ws.rx_ubuf[LWS_PRE +
+			       (wsi->u.ws.rx_ubuf_head++)] =
+				   c ^ wsi->u.ws.mask[
+					    (wsi->u.ws.mask_idx++) & 3];
+
+		if (--wsi->u.ws.rx_packet_length == 0) {
+			/* spill because we have the whole frame */
+			wsi->lws_rx_parse_state = LWS_RXPS_NEW;
+			goto spill;
+		}
+
+		/*
+		 * if there's no protocol max frame size given, we are
+		 * supposed to default to context->pt_serv_buf_size
+		 */
+		if (!wsi->protocol->rx_buffer_size &&
+		    wsi->u.ws.rx_ubuf_head != wsi->context->pt_serv_buf_size)
+			break;
+
+		if (wsi->protocol->rx_buffer_size &&
+		    wsi->u.ws.rx_ubuf_head != wsi->protocol->rx_buffer_size)
+			break;
+
+		/* spill because we filled our rx buffer */
+spill:
+		/*
+		 * is this frame a control packet we should take care of at this
+		 * layer?  If so service it and hide it from the user callback
+		 */
+
+		lwsl_parser("spill on %s\n", wsi->protocol->name);
+
+		switch (wsi->u.ws.opcode) {
+		case LWSWSOPC_CLOSE:
+
+			/* is this an acknowledgement of our close? */
+			if (wsi->state == LWSS_AWAITING_CLOSE_ACK) {
+				/*
+				 * fine he has told us he is closing too, let's
+				 * finish our close
+				 */
+				lwsl_parser("seen client close ack\n");
+				return -1;
+			}
+			if (wsi->state == LWSS_RETURNED_CLOSE_ALREADY)
+				/* if he sends us 2 CLOSE, kill him */
+				return -1;
+
+			if (lws_partial_buffered(wsi)) {
+				/*
+				 * if we're in the middle of something,
+				 * we can't do a normal close response and
+				 * have to just close our end.
+				 */
+				wsi->socket_is_permanently_unusable = 1;
+				lwsl_parser("Closing on peer close due to Pending tx\n");
+				return -1;
+			}
+
+			if (user_callback_handle_rxflow(
+					wsi->protocol->callback, wsi,
+					LWS_CALLBACK_WS_PEER_INITIATED_CLOSE,
+					wsi->user_space,
+					&wsi->u.ws.rx_ubuf[LWS_PRE],
+					wsi->u.ws.rx_ubuf_head))
+				return -1;
+
+			lwsl_parser("server sees client close packet\n");
+			wsi->state = LWSS_RETURNED_CLOSE_ALREADY;
+			/* deal with the close packet contents as a PONG */
+			wsi->u.ws.payload_is_close = 1;
+			goto process_as_ping;
+
+		case LWSWSOPC_PING:
+			lwsl_info("received %d byte ping, sending pong\n",
+						 wsi->u.ws.rx_ubuf_head);
+
+			if (wsi->u.ws.ping_pending_flag) {
+				/*
+				 * there is already a pending ping payload
+				 * we should just log and drop
+				 */
+				lwsl_parser("DROP PING since one pending\n");
+				goto ping_drop;
+			}
+process_as_ping:
+			/* control packets can only be < 128 bytes long */
+			if (wsi->u.ws.rx_ubuf_head > 128 - 3) {
+				lwsl_parser("DROP PING payload too large\n");
+				goto ping_drop;
+			}
+
+			/* stash the pong payload */
+			memcpy(wsi->u.ws.ping_payload_buf + LWS_PRE,
+			       &wsi->u.ws.rx_ubuf[LWS_PRE],
+				wsi->u.ws.rx_ubuf_head);
+
+			wsi->u.ws.ping_payload_len = wsi->u.ws.rx_ubuf_head;
+			wsi->u.ws.ping_pending_flag = 1;
+
+			/* get it sent as soon as possible */
+			lws_callback_on_writable(wsi);
+ping_drop:
+			wsi->u.ws.rx_ubuf_head = 0;
+			return 0;
+
+		case LWSWSOPC_PONG:
+			lwsl_info("received pong\n");
+			lwsl_hexdump(&wsi->u.ws.rx_ubuf[LWS_PRE],
+			             wsi->u.ws.rx_ubuf_head);
+
+			if (wsi->pending_timeout == PENDING_TIMEOUT_WS_PONG_CHECK_GET_PONG) {
+				lwsl_info("received expected PONG on wsi %p\n", wsi);
+				lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0);
+			}
+
+			/* issue it */
+			callback_action = LWS_CALLBACK_RECEIVE_PONG;
+			break;
+
+		case LWSWSOPC_TEXT_FRAME:
+		case LWSWSOPC_BINARY_FRAME:
+		case LWSWSOPC_CONTINUATION:
+			break;
+
+		default:
+			lwsl_parser("passing opc %x up to exts\n",
+				    wsi->u.ws.opcode);
+			/*
+			 * It's something special we can't understand here.
+			 * Pass the payload up to the extension's parsing
+			 * state machine.
+			 */
+
+			eff_buf.token = &wsi->u.ws.rx_ubuf[LWS_PRE];
+			eff_buf.token_len = wsi->u.ws.rx_ubuf_head;
+
+			if (lws_ext_cb_active(wsi, LWS_EXT_CB_EXTENDED_PAYLOAD_RX,
+					      &eff_buf, 0) <= 0)
+				/* not handle or fail */
+				lwsl_ext("ext opc opcode 0x%x unknown\n",
+					 wsi->u.ws.opcode);
+
+			wsi->u.ws.rx_ubuf_head = 0;
+			return 0;
+		}
+
+		/*
+		 * No it's real payload, pass it up to the user callback.
+		 * It's nicely buffered with the pre-padding taken care of
+		 * so it can be sent straight out again using lws_write
+		 */
+
+		eff_buf.token = &wsi->u.ws.rx_ubuf[LWS_PRE];
+		eff_buf.token_len = wsi->u.ws.rx_ubuf_head;
+
+		if (wsi->u.ws.opcode == LWSWSOPC_PONG && !eff_buf.token_len)
+			goto already_done;
+
+drain_extension:
+		lwsl_ext("%s: passing %d to ext\n", __func__, eff_buf.token_len);
+
+		if (wsi->state == LWSS_RETURNED_CLOSE_ALREADY ||
+		    wsi->state == LWSS_AWAITING_CLOSE_ACK)
+			goto already_done;
+
+		n = lws_ext_cb_active(wsi, LWS_EXT_CB_PAYLOAD_RX, &eff_buf, 0);
+		/*
+		 * eff_buf may be pointing somewhere completely different now,
+		 * it's the output
+		 */
+		wsi->u.ws.first_fragment = 0;
+		if (n < 0) {
+			/*
+			 * we may rely on this to get RX, just drop connection
+			 */
+			wsi->socket_is_permanently_unusable = 1;
+			return -1;
+		}
+
+		if (rx_draining_ext && eff_buf.token_len == 0)
+			goto already_done;
+
+		if (n && eff_buf.token_len)
+			/* extension had more... main loop will come back */
+			lws_add_wsi_to_draining_ext_list(wsi);
+		else
+			lws_remove_wsi_from_draining_ext_list(wsi);
+
+		if (eff_buf.token_len > 0 ||
+		    callback_action == LWS_CALLBACK_RECEIVE_PONG) {
+			eff_buf.token[eff_buf.token_len] = '\0';
+
+			if (wsi->protocol->callback) {
+
+				if (callback_action == LWS_CALLBACK_RECEIVE_PONG)
+					lwsl_info("Doing pong callback\n");
+
+				ret = user_callback_handle_rxflow(
+						wsi->protocol->callback,
+						wsi,
+						(enum lws_callback_reasons)callback_action,
+						wsi->user_space,
+						eff_buf.token,
+						eff_buf.token_len);
+			}
+			else
+				lwsl_err("No callback on payload spill!\n");
+		}
+
+already_done:
+		wsi->u.ws.rx_ubuf_head = 0;
+		break;
+	}
+
+	return ret;
+
+illegal_ctl_length:
+
+	lwsl_warn("Control frame with xtended length is illegal\n");
+	/* kill the connection */
+	return -1;
+}
+
+LWS_VISIBLE size_t
+lws_remaining_packet_payload(struct lws *wsi)
+{
+	return wsi->u.ws.rx_packet_length;
+}
+
+/* Once we reach LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED, we know how much
+ * to expect in that state and can deal with it in bulk more efficiently.
+ */
+
+int
+lws_payload_until_length_exhausted(struct lws *wsi, unsigned char **buf,
+				   size_t *len)
+{
+	unsigned char *buffer = *buf, mask[4];
+	int buffer_size, n;
+	unsigned int avail;
+	char *rx_ubuf;
+
+	if (wsi->protocol->rx_buffer_size)
+		buffer_size = wsi->protocol->rx_buffer_size;
+	else
+		buffer_size = wsi->context->pt_serv_buf_size;
+	avail = buffer_size - wsi->u.ws.rx_ubuf_head;
+
+	/* do not consume more than we should */
+	if (avail > wsi->u.ws.rx_packet_length)
+		avail = wsi->u.ws.rx_packet_length;
+
+	/* do not consume more than what is in the buffer */
+	if (avail > *len)
+		avail = *len;
+
+	/* we want to leave 1 byte for the parser to handle properly */
+	if (avail <= 1)
+		return 0;
+
+	avail--;
+	rx_ubuf = wsi->u.ws.rx_ubuf + LWS_PRE + wsi->u.ws.rx_ubuf_head;
+	if (wsi->u.ws.all_zero_nonce)
+		memcpy(rx_ubuf, buffer, avail);
+	else {
+
+		for (n = 0; n < 4; n++)
+			mask[n] = wsi->u.ws.mask[(wsi->u.ws.mask_idx + n) & 3];
+
+		/* deal with 4-byte chunks using unwrapped loop */
+		n = avail >> 2;
+		while (n--) {
+			*(rx_ubuf++) = *(buffer++) ^ mask[0];
+			*(rx_ubuf++) = *(buffer++) ^ mask[1];
+			*(rx_ubuf++) = *(buffer++) ^ mask[2];
+			*(rx_ubuf++) = *(buffer++) ^ mask[3];
+		}
+		/* and the remaining bytes bytewise */
+		for (n = 0; n < (int)(avail & 3); n++)
+			*(rx_ubuf++) = *(buffer++) ^ mask[n];
+
+		wsi->u.ws.mask_idx = (wsi->u.ws.mask_idx + avail) & 3;
+	}
+
+	(*buf) += avail;
+	wsi->u.ws.rx_ubuf_head += avail;
+	wsi->u.ws.rx_packet_length -= avail;
+	*len -= avail;
+
+	return avail;
+}
diff --git a/thirdparty/lws/server/ranges.c b/thirdparty/lws/server/ranges.c
new file mode 100644
index 0000000000..bc1578d733
--- /dev/null
+++ b/thirdparty/lws/server/ranges.c
@@ -0,0 +1,214 @@
+/*
+ * libwebsockets - small server side websockets and web server implementation
+ *
+ * RFC7233 ranges parser
+ *
+ * Copyright (C) 2016 Andy Green <andy@warmcat.com>
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation:
+ *  version 2.1 of the License.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA  02110-1301  USA
+ */
+
+#include "private-libwebsockets.h"
+
+/*
+ * RFC7233 examples
+ *
+ * o  The first 500 bytes (byte offsets 0-499, inclusive):
+ *
+ *      bytes=0-499
+ *
+ * o  The second 500 bytes (byte offsets 500-999, inclusive):
+ *
+ *      bytes=500-999
+ *
+ * o  The final 500 bytes (byte offsets 9500-9999, inclusive):
+ *
+ *      bytes=-500
+ *
+ * Or:
+ *
+ *      bytes=9500-
+ *
+ * o  The first and last bytes only (bytes 0 and 9999):
+ *
+ *      bytes=0-0,-1
+ *
+ * o  Other valid (but not canonical) specifications of the second 500
+ *    bytes (byte offsets 500-999, inclusive):
+ *
+ *      bytes=500-600,601-999
+ *      bytes=500-700,601-999
+ */
+
+/*
+ * returns 1 if the range struct represents a usable range
+ *   if no ranges header, you get one of these for the whole
+ *   file.  Otherwise you get one for each valid range in the
+ *   header.
+ *
+ * returns 0 if no further valid range forthcoming; rp->state
+ *   may be LWSRS_SYNTAX or LWSRS_COMPLETED
+ */
+
+int
+lws_ranges_next(struct lws_range_parsing *rp)
+{
+	static const char * const beq = "bytes=";
+	char c;
+
+	while (1) {
+
+		c = rp->buf[rp->pos];
+
+		switch (rp->state) {
+		case LWSRS_SYNTAX:
+		case LWSRS_COMPLETED:
+			return 0;
+
+		case LWSRS_NO_ACTIVE_RANGE:
+			rp->state = LWSRS_COMPLETED;
+			return 0;
+
+		case LWSRS_BYTES_EQ: // looking for "bytes="
+			if (c != beq[rp->pos]) {
+				rp->state = LWSRS_SYNTAX;
+				return -1;
+			}
+			if (rp->pos == 5)
+				rp->state = LWSRS_FIRST;
+			break;
+
+		case LWSRS_FIRST:
+			rp->start = 0;
+			rp->end = 0;
+			rp->start_valid = 0;
+			rp->end_valid = 0;
+
+			rp->state = LWSRS_STARTING;
+
+			// fallthru
+
+		case LWSRS_STARTING:
+			if (c == '-') {
+				rp->state = LWSRS_ENDING;
+				break;
+			}
+
+			if (!(c >= '0' && c <= '9')) {
+				rp->state = LWSRS_SYNTAX;
+				return 0;
+			}
+			rp->start = (rp->start * 10) + (c - '0');
+			rp->start_valid = 1;
+			break;
+
+		case LWSRS_ENDING:
+			if (c == ',' || c == '\0') {
+				rp->state = LWSRS_FIRST;
+				if (c == ',')
+					rp->pos++;
+
+				/*
+				 * By the end of this, start and end are
+				 * always valid if the range still is
+				 */
+
+				if (!rp->start_valid) { /* eg, -500 */
+					if (rp->end > rp->extent)
+						rp->end = rp->extent;
+
+					rp->start = rp->extent - rp->end;
+					rp->end = rp->extent - 1;
+				} else
+					if (!rp->end_valid)
+						rp->end = rp->extent - 1;
+
+				rp->did_try = 1;
+
+				/* end must be >= start or ignore it */
+				if (rp->end < rp->start) {
+					if (c == ',')
+						break;
+					rp->state = LWSRS_COMPLETED;
+					return 0;
+				}
+
+				return 1; /* issue range */
+			}
+
+			if (!(c >= '0' && c <= '9')) {
+				rp->state = LWSRS_SYNTAX;
+				return 0;
+			}
+			rp->end = (rp->end * 10) + (c - '0');
+			rp->end_valid = 1;
+			break;
+		}
+
+		rp->pos++;
+	}
+}
+
+void
+lws_ranges_reset(struct lws_range_parsing *rp)
+{
+	rp->pos = 0;
+	rp->ctr = 0;
+	rp->start = 0;
+	rp->end = 0;
+	rp->start_valid = 0;
+	rp->end_valid = 0;
+	rp->state = LWSRS_BYTES_EQ;
+}
+
+/*
+ * returns count of valid ranges
+ */
+int
+lws_ranges_init(struct lws *wsi, struct lws_range_parsing *rp,
+		unsigned long long extent)
+{
+	rp->agg = 0;
+	rp->send_ctr = 0;
+	rp->inside = 0;
+	rp->count_ranges = 0;
+	rp->did_try = 0;
+	lws_ranges_reset(rp);
+	rp->state = LWSRS_COMPLETED;
+
+	rp->extent = extent;
+
+	if (lws_hdr_copy(wsi, (char *)rp->buf, sizeof(rp->buf),
+			 WSI_TOKEN_HTTP_RANGE) <= 0)
+		return 0;
+
+	rp->state = LWSRS_BYTES_EQ;
+
+	while (lws_ranges_next(rp)) {
+		rp->count_ranges++;
+		rp->agg += rp->end - rp->start + 1;
+	}
+
+	lwsl_debug("%s: count %d\n", __func__, rp->count_ranges);
+	lws_ranges_reset(rp);
+
+	if (rp->did_try && !rp->count_ranges)
+		return -1; /* "not satisfiable */
+
+	lws_ranges_next(rp);
+
+	return rp->count_ranges;
+}
diff --git a/thirdparty/lws/server/server-handshake.c b/thirdparty/lws/server/server-handshake.c
new file mode 100644
index 0000000000..3d319c35d6
--- /dev/null
+++ b/thirdparty/lws/server/server-handshake.c
@@ -0,0 +1,360 @@
+/*
+ * libwebsockets - small server side websockets and web server implementation
+ *
+ * Copyright (C) 2010-2013 Andy Green <andy@warmcat.com>
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation:
+ *  version 2.1 of the License.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA  02110-1301  USA
+ */
+
+#include "private-libwebsockets.h"
+
+#define LWS_CPYAPP(ptr, str) { strcpy(ptr, str); ptr += strlen(str); }
+
+#ifndef LWS_NO_EXTENSIONS
+static int
+lws_extension_server_handshake(struct lws *wsi, char **p, int budget)
+{
+	struct lws_context *context = wsi->context;
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+	char ext_name[64], *args, *end = (*p) + budget - 1;
+	const struct lws_ext_options *opts, *po;
+	const struct lws_extension *ext;
+	struct lws_ext_option_arg oa;
+	int n, m, more = 1;
+	int ext_count = 0;
+	char ignore;
+	char *c;
+
+	/*
+	 * Figure out which extensions the client has that we want to
+	 * enable on this connection, and give him back the list
+	 */
+	if (!lws_hdr_total_length(wsi, WSI_TOKEN_EXTENSIONS))
+		return 0;
+
+	/*
+	 * break down the list of client extensions
+	 * and go through them
+	 */
+
+	if (lws_hdr_copy(wsi, (char *)pt->serv_buf, context->pt_serv_buf_size,
+			 WSI_TOKEN_EXTENSIONS) < 0)
+		return 1;
+
+	c = (char *)pt->serv_buf;
+	lwsl_parser("WSI_TOKEN_EXTENSIONS = '%s'\n", c);
+	wsi->count_act_ext = 0;
+	ignore = 0;
+	n = 0;
+	args = NULL;
+
+	/*
+	 * We may get a simple request
+	 *
+	 * Sec-WebSocket-Extensions: permessage-deflate
+	 *
+	 * or an elaborated one with requested options
+	 *
+	 * Sec-WebSocket-Extensions: permessage-deflate; \
+	 *			     server_no_context_takeover; \
+	 *			     client_no_context_takeover
+	 */
+
+	while (more) {
+
+		if (*c && (*c != ',' && *c != '\t')) {
+			if (*c == ';') {
+				ignore = 1;
+				args = c + 1;
+			}
+			if (ignore || *c == ' ') {
+				c++;
+				continue;
+			}
+			ext_name[n] = *c++;
+			if (n < sizeof(ext_name) - 1)
+				n++;
+			continue;
+		}
+		ext_name[n] = '\0';
+
+		ignore = 0;
+		if (!*c)
+			more = 0;
+		else {
+			c++;
+			if (!n)
+				continue;
+		}
+
+		while (args && *args && *args == ' ')
+			args++;
+
+		/* check a client's extension against our support */
+
+		ext = wsi->vhost->extensions;
+
+		while (ext && ext->callback) {
+
+			if (strcmp(ext_name, ext->name)) {
+				ext++;
+				continue;
+			}
+
+			/*
+			 * oh, we do support this one he asked for... but let's
+			 * confirm he only gave it once
+			 */
+			for (m = 0; m < wsi->count_act_ext; m++)
+				if (wsi->active_extensions[m] == ext) {
+					lwsl_info("extension mentioned twice\n");
+					return 1; /* shenanigans */
+				}
+
+			/*
+			 * ask user code if it's OK to apply it on this
+			 * particular connection + protocol
+			 */
+			m = (wsi->protocol->callback)(wsi,
+				LWS_CALLBACK_CONFIRM_EXTENSION_OKAY,
+				wsi->user_space, ext_name, 0);
+
+			/*
+			 * zero return from callback means go ahead and allow
+			 * the extension, it's what we get if the callback is
+			 * unhandled
+			 */
+			if (m) {
+				ext++;
+				continue;
+			}
+
+			/* apply it */
+
+			ext_count++;
+
+			/* instantiate the extension on this conn */
+
+			wsi->active_extensions[wsi->count_act_ext] = ext;
+
+			/* allow him to construct his context */
+
+			if (ext->callback(lws_get_context(wsi), ext, wsi,
+					  LWS_EXT_CB_CONSTRUCT,
+					  (void *)&wsi->act_ext_user[
+					                    wsi->count_act_ext],
+					  (void *)&opts, 0)) {
+				lwsl_info("ext %s failed construction\n",
+					    ext_name);
+				ext_count--;
+				ext++;
+
+				continue;
+			}
+
+			if (ext_count > 1)
+				*(*p)++ = ',';
+			else
+				LWS_CPYAPP(*p,
+					  "\x0d\x0aSec-WebSocket-Extensions: ");
+			*p += lws_snprintf(*p, (end - *p), "%s", ext_name);
+
+			/*
+			 *  go through the options trying to apply the
+			 * recognized ones
+			 */
+
+			lwsl_debug("ext args %s", args);
+
+			while (args && *args && *args != ',') {
+				while (*args == ' ')
+					args++;
+				po = opts;
+				while (po->name) {
+					lwsl_debug("'%s' '%s'\n", po->name, args);
+					/* only support arg-less options... */
+					if (po->type == EXTARG_NONE &&
+					    !strncmp(args, po->name,
+							    strlen(po->name))) {
+						oa.option_name = NULL;
+						oa.option_index = po - opts;
+						oa.start = NULL;
+						lwsl_debug("setting %s\n", po->name);
+						if (!ext->callback(
+								lws_get_context(wsi), ext, wsi,
+								  LWS_EXT_CB_OPTION_SET,
+								  wsi->act_ext_user[
+								         wsi->count_act_ext],
+								  &oa, (end - *p))) {
+
+							*p += lws_snprintf(*p, (end - *p), "; %s", po->name);
+							lwsl_debug("adding option %s\n", po->name);
+						}
+					}
+					po++;
+				}
+				while (*args && *args != ',' && *args != ';')
+					args++;
+			}
+
+			wsi->count_act_ext++;
+			lwsl_parser("count_act_ext <- %d\n",
+				    wsi->count_act_ext);
+
+			ext++;
+		}
+
+		n = 0;
+		args = NULL;
+	}
+
+	return 0;
+}
+#endif
+int
+handshake_0405(struct lws_context *context, struct lws *wsi)
+{
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+	struct lws_process_html_args args;
+	unsigned char hash[20];
+	int n, accept_len;
+	char *response;
+	char *p;
+
+	if (!lws_hdr_total_length(wsi, WSI_TOKEN_HOST) ||
+	    !lws_hdr_total_length(wsi, WSI_TOKEN_KEY)) {
+		lwsl_parser("handshake_04 missing pieces\n");
+		/* completed header processing, but missing some bits */
+		goto bail;
+	}
+
+	if (lws_hdr_total_length(wsi, WSI_TOKEN_KEY) >= MAX_WEBSOCKET_04_KEY_LEN) {
+		lwsl_warn("Client key too long %d\n", MAX_WEBSOCKET_04_KEY_LEN);
+		goto bail;
+	}
+
+	/*
+	 * since key length is restricted above (currently 128), cannot
+	 * overflow
+	 */
+	n = sprintf((char *)pt->serv_buf,
+		    "%s258EAFA5-E914-47DA-95CA-C5AB0DC85B11",
+		    lws_hdr_simple_ptr(wsi, WSI_TOKEN_KEY));
+
+	lws_SHA1(pt->serv_buf, n, hash);
+
+	accept_len = lws_b64_encode_string((char *)hash, 20,
+			(char *)pt->serv_buf, context->pt_serv_buf_size);
+	if (accept_len < 0) {
+		lwsl_warn("Base64 encoded hash too long\n");
+		goto bail;
+	}
+
+	/* allocate the per-connection user memory (if any) */
+	if (lws_ensure_user_space(wsi))
+		goto bail;
+
+	/* create the response packet */
+
+	/* make a buffer big enough for everything */
+
+	response = (char *)pt->serv_buf + MAX_WEBSOCKET_04_KEY_LEN + LWS_PRE;
+	p = response;
+	LWS_CPYAPP(p, "HTTP/1.1 101 Switching Protocols\x0d\x0a"
+		      "Upgrade: WebSocket\x0d\x0a"
+		      "Connection: Upgrade\x0d\x0a"
+		      "Sec-WebSocket-Accept: ");
+	strcpy(p, (char *)pt->serv_buf);
+	p += accept_len;
+
+	/* we can only return the protocol header if:
+	 *  - one came in, and ... */
+	if (lws_hdr_total_length(wsi, WSI_TOKEN_PROTOCOL) &&
+	    /*  - it is not an empty string */
+	    wsi->protocol->name &&
+	    wsi->protocol->name[0]) {
+		LWS_CPYAPP(p, "\x0d\x0aSec-WebSocket-Protocol: ");
+		p += lws_snprintf(p, 128, "%s", wsi->protocol->name);
+	}
+
+#ifndef LWS_NO_EXTENSIONS
+	/*
+	 * Figure out which extensions the client has that we want to
+	 * enable on this connection, and give him back the list.
+	 *
+	 * Give him a limited write bugdet
+	 */
+	if (lws_extension_server_handshake(wsi, &p, 192))
+		goto bail;
+#endif
+	LWS_CPYAPP(p, "\x0d\x0a");
+
+	args.p = p;
+	args.max_len = ((char *)pt->serv_buf + context->pt_serv_buf_size) - p;
+	if (user_callback_handle_rxflow(wsi->protocol->callback, wsi,
+					LWS_CALLBACK_ADD_HEADERS,
+					wsi->user_space, &args, 0))
+		goto bail;
+
+	p = args.p;
+
+	/* end of response packet */
+
+	LWS_CPYAPP(p, "\x0d\x0a");
+
+	if (!lws_any_extension_handled(wsi, LWS_EXT_CB_HANDSHAKE_REPLY_TX,
+				       response, p - response)) {
+
+		/* okay send the handshake response accepting the connection */
+
+		lwsl_parser("issuing resp pkt %d len\n", (int)(p - response));
+#if defined(DEBUG) && ! defined(LWS_WITH_ESP8266)
+		fwrite(response, 1,  p - response, stderr);
+#endif
+		n = lws_write(wsi, (unsigned char *)response,
+			      p - response, LWS_WRITE_HTTP_HEADERS);
+		if (n != (p - response)) {
+			lwsl_debug("handshake_0405: ERROR writing to socket\n");
+			goto bail;
+		}
+
+	}
+
+	/* alright clean up and set ourselves into established state */
+
+	wsi->state = LWSS_ESTABLISHED;
+	wsi->lws_rx_parse_state = LWS_RXPS_NEW;
+
+	{
+		const char * uri_ptr =
+			lws_hdr_simple_ptr(wsi, WSI_TOKEN_GET_URI);
+		int uri_len = lws_hdr_total_length(wsi, WSI_TOKEN_GET_URI);
+		const struct lws_http_mount *hit =
+			lws_find_mount(wsi, uri_ptr, uri_len);
+		if (hit && hit->cgienv &&
+		    wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP_PMO,
+			wsi->user_space, (void *)hit->cgienv, 0))
+			return 1;
+	}
+
+	return 0;
+
+
+bail:
+	/* caller will free up his parsing allocations */
+	return -1;
+}
+
diff --git a/thirdparty/lws/server/server.c b/thirdparty/lws/server/server.c
new file mode 100644
index 0000000000..db05954257
--- /dev/null
+++ b/thirdparty/lws/server/server.c
@@ -0,0 +1,3025 @@
+/*
+ * libwebsockets - small server side websockets and web server implementation
+ *
+ * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com>
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation:
+ *  version 2.1 of the License.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA  02110-1301  USA
+ */
+
+#include "private-libwebsockets.h"
+
+const char * const method_names[] = {
+	"GET", "POST", "OPTIONS", "PUT", "PATCH", "DELETE", "CONNECT", "HEAD",
+#ifdef LWS_WITH_HTTP2
+	":path",
+#endif
+	};
+
+#if defined (LWS_WITH_ESP8266)
+#undef memcpy
+void *memcpy(void *dest, const void *src, size_t n)
+{
+	return ets_memcpy(dest, src, n);
+}
+#endif
+
+int
+lws_context_init_server(struct lws_context_creation_info *info,
+			struct lws_vhost *vhost)
+{
+#if LWS_POSIX
+	int n, opt = 1, limit = 1;
+#endif
+	lws_sockfd_type sockfd;
+	struct lws_vhost *vh;
+	struct lws *wsi;
+	int m = 0;
+
+	(void)method_names;
+	(void)opt;
+	/* set up our external listening socket we serve on */
+
+	if (info->port == CONTEXT_PORT_NO_LISTEN ||
+	    info->port == CONTEXT_PORT_NO_LISTEN_SERVER)
+		return 0;
+
+	vh = vhost->context->vhost_list;
+	while (vh) {
+		if (vh->listen_port == info->port) {
+			if ((!info->iface && !vh->iface) ||
+			    (info->iface && vh->iface &&
+			    !strcmp(info->iface, vh->iface))) {
+				vhost->listen_port = info->port;
+				vhost->iface = info->iface;
+				lwsl_notice(" using listen skt from vhost %s\n",
+					    vh->name);
+				return 0;
+			}
+		}
+		vh = vh->vhost_next;
+	}
+
+#if LWS_POSIX
+	(void)n;
+#if defined(__linux__)
+	limit = vhost->context->count_threads;
+#endif
+
+	for (m = 0; m < limit; m++) {
+#ifdef LWS_WITH_UNIX_SOCK
+	if (LWS_UNIX_SOCK_ENABLED(vhost))
+		sockfd = socket(AF_UNIX, SOCK_STREAM, 0);
+	else
+#endif
+#ifdef LWS_WITH_IPV6
+	if (LWS_IPV6_ENABLED(vhost))
+		sockfd = socket(AF_INET6, SOCK_STREAM, 0);
+	else
+#endif
+		sockfd = socket(AF_INET, SOCK_STREAM, 0);
+
+	if (sockfd == -1) {
+#else
+#if defined(LWS_WITH_ESP8266)
+	sockfd = esp8266_create_tcp_listen_socket(vhost);
+	if (!lws_sockfd_valid(sockfd)) {
+#endif
+#endif
+		lwsl_err("ERROR opening socket\n");
+		return 1;
+	}
+#if LWS_POSIX && !defined(LWS_WITH_ESP32)
+
+#if (defined(WIN32) || defined(_WIN32)) && defined(SO_EXCLUSIVEADDRUSE)
+	/*
+	 * only accept that we are the only listener on the port
+	 * https://msdn.microsoft.com/zh-tw/library/
+	 *    windows/desktop/ms740621(v=vs.85).aspx
+	 *
+	 * for lws, to match Linux, we default to exclusive listen
+	 */
+	if (!lws_check_opt(vhost->options,
+			LWS_SERVER_OPTION_ALLOW_LISTEN_SHARE)) {
+		if (setsockopt(sockfd, SOL_SOCKET, SO_EXCLUSIVEADDRUSE,
+			       (const void *)&opt, sizeof(opt)) < 0) {
+			lwsl_err("reuseaddr failed\n");
+			compatible_close(sockfd);
+			return 1;
+		}
+	} else
+#endif
+
+	/*
+	 * allow us to restart even if old sockets in TIME_WAIT
+	 */
+	if (setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR,
+		       (const void *)&opt, sizeof(opt)) < 0) {
+		lwsl_err("reuseaddr failed\n");
+		compatible_close(sockfd);
+		return 1;
+	}
+
+#if defined(LWS_WITH_IPV6) && defined(IPV6_V6ONLY)
+	if (LWS_IPV6_ENABLED(vhost)) {
+		if (vhost->options & LWS_SERVER_OPTION_IPV6_V6ONLY_MODIFY) {
+			int value = (vhost->options &
+				LWS_SERVER_OPTION_IPV6_V6ONLY_VALUE) ? 1 : 0;
+			if (setsockopt(sockfd, IPPROTO_IPV6, IPV6_V6ONLY,
+				      (const void*)&value, sizeof(value)) < 0) {
+				compatible_close(sockfd);
+				return 1;
+			}
+		}
+	}
+#endif
+
+#if defined(__linux__) && defined(SO_REUSEPORT)
+	n = lws_check_opt(vhost->options, LWS_SERVER_OPTION_ALLOW_LISTEN_SHARE);
+#if LWS_MAX_SMP > 1
+	n = 1;
+#endif
+
+	if (n)
+		if (vhost->context->count_threads > 1)
+			if (setsockopt(sockfd, SOL_SOCKET, SO_REUSEPORT,
+					(const void *)&opt, sizeof(opt)) < 0) {
+				compatible_close(sockfd);
+				return 1;
+			}
+#endif
+#endif
+	lws_plat_set_socket_options(vhost, sockfd);
+
+#if LWS_POSIX
+	n = lws_socket_bind(vhost, sockfd, info->port, info->iface);
+	if (n < 0)
+		goto bail;
+	info->port = n;
+#endif
+	vhost->listen_port = info->port;
+	vhost->iface = info->iface;
+
+	wsi = lws_zalloc(sizeof(struct lws), "listen wsi");
+	if (wsi == NULL) {
+		lwsl_err("Out of mem\n");
+		goto bail;
+	}
+	wsi->context = vhost->context;
+	wsi->desc.sockfd = sockfd;
+	wsi->mode = LWSCM_SERVER_LISTENER;
+	wsi->protocol = vhost->protocols;
+	wsi->tsi = m;
+	wsi->vhost = vhost;
+	wsi->listener = 1;
+
+#ifdef LWS_WITH_LIBUV
+	if (LWS_LIBUV_ENABLED(vhost->context))
+		lws_uv_initvhost(vhost, wsi);
+#endif
+
+	if (insert_wsi_socket_into_fds(vhost->context, wsi))
+		goto bail;
+
+	vhost->context->count_wsi_allocated++;
+	vhost->lserv_wsi = wsi;
+
+#if LWS_POSIX
+	n = listen(wsi->desc.sockfd, LWS_SOMAXCONN);
+	if (n < 0) {
+		lwsl_err("listen failed with error %d\n", LWS_ERRNO);
+		vhost->lserv_wsi = NULL;
+		vhost->context->count_wsi_allocated--;
+		remove_wsi_socket_from_fds(wsi);
+		goto bail;
+	}
+	} /* for each thread able to independently listen */
+#else
+#if defined(LWS_WITH_ESP8266)
+	esp8266_tcp_stream_bind(wsi->desc.sockfd, info->port, wsi);
+#endif
+#endif
+	if (!lws_check_opt(info->options, LWS_SERVER_OPTION_EXPLICIT_VHOSTS)) {
+#ifdef LWS_WITH_UNIX_SOCK
+		if (LWS_UNIX_SOCK_ENABLED(vhost))
+			lwsl_info(" Listening on \"%s\"\n", info->iface);
+		else
+#endif
+			lwsl_info(" Listening on port %d\n", info->port);
+        }
+
+	return 0;
+
+bail:
+	compatible_close(sockfd);
+
+	return 1;
+}
+
+#if defined(LWS_WITH_ESP8266)
+#undef strchr
+#define strchr ets_strchr
+#endif
+
+struct lws_vhost *
+lws_select_vhost(struct lws_context *context, int port, const char *servername)
+{
+	struct lws_vhost *vhost = context->vhost_list;
+	const char *p;
+	int n, m, colon;
+
+	n = strlen(servername);
+	colon = n;
+	p = strchr(servername, ':');
+	if (p)
+		colon = p - servername;
+
+	/* Priotity 1: first try exact matches */
+
+	while (vhost) {
+		if (port == vhost->listen_port &&
+		    !strncmp(vhost->name, servername, colon)) {
+			lwsl_info("SNI: Found: %s\n", servername);
+			return vhost;
+		}
+		vhost = vhost->vhost_next;
+	}
+
+	/*
+	 * Priority 2: if no exact matches, try matching *.vhost-name
+	 * unintentional matches are possible but resolve to x.com for *.x.com
+	 * which is reasonable.  If exact match exists we already chose it and
+	 * never reach here.  SSL will still fail it if the cert doesn't allow
+	 * *.x.com.
+	 */
+	vhost = context->vhost_list;
+	while (vhost) {
+		m = strlen(vhost->name);
+		if (port == vhost->listen_port &&
+		    m <= (colon - 2) &&
+		    servername[colon - m - 1] == '.' &&
+		    !strncmp(vhost->name, servername + colon - m, m)) {
+			lwsl_info("SNI: Found %s on wildcard: %s\n",
+				    servername, vhost->name);
+			return vhost;
+		}
+		vhost = vhost->vhost_next;
+	}
+
+	/* Priority 3: match the first vhost on our port */
+
+	vhost = context->vhost_list;
+	while (vhost) {
+		if (port == vhost->listen_port) {
+			lwsl_info("vhost match to %s based on port %d\n",
+					vhost->name, port);
+			return vhost;
+		}
+		vhost = vhost->vhost_next;
+	}
+
+	/* no match */
+
+	return NULL;
+}
+
+LWS_VISIBLE LWS_EXTERN const char *
+lws_get_mimetype(const char *file, const struct lws_http_mount *m)
+{
+	int n = strlen(file);
+	const struct lws_protocol_vhost_options *pvo = NULL;
+
+	if (m)
+		pvo = m->extra_mimetypes;
+
+	if (n < 5)
+		return NULL;
+
+	if (!strcmp(&file[n - 4], ".ico"))
+		return "image/x-icon";
+
+	if (!strcmp(&file[n - 4], ".gif"))
+		return "image/gif";
+
+	if (!strcmp(&file[n - 3], ".js"))
+		return "text/javascript";
+
+	if (!strcmp(&file[n - 4], ".png"))
+		return "image/png";
+
+	if (!strcmp(&file[n - 4], ".jpg"))
+		return "image/jpeg";
+
+	if (!strcmp(&file[n - 3], ".gz"))
+		return "application/gzip";
+
+	if (!strcmp(&file[n - 4], ".JPG"))
+		return "image/jpeg";
+
+	if (!strcmp(&file[n - 5], ".html"))
+		return "text/html";
+
+	if (!strcmp(&file[n - 4], ".css"))
+		return "text/css";
+
+	if (!strcmp(&file[n - 4], ".txt"))
+		return "text/plain";
+
+	if (!strcmp(&file[n - 4], ".svg"))
+		return "image/svg+xml";
+
+	if (!strcmp(&file[n - 4], ".ttf"))
+		return "application/x-font-ttf";
+
+	if (!strcmp(&file[n - 4], ".otf"))
+		return "application/font-woff";
+
+	if (!strcmp(&file[n - 5], ".woff"))
+		return "application/font-woff";
+
+	if (!strcmp(&file[n - 4], ".xml"))
+		return "application/xml";
+
+	while (pvo) {
+		if (pvo->name[0] == '*') /* ie, match anything */
+			return pvo->value;
+
+		if (!strcmp(&file[n - strlen(pvo->name)], pvo->name))
+			return pvo->value;
+
+		pvo = pvo->next;
+	}
+
+	return NULL;
+}
+static lws_fop_flags_t
+lws_vfs_prepare_flags(struct lws *wsi)
+{
+	lws_fop_flags_t f = 0;
+
+	if (!lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_ACCEPT_ENCODING))
+		return f;
+
+	if (strstr(lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_ACCEPT_ENCODING),
+		   "gzip")) {
+		lwsl_info("client indicates GZIP is acceptable\n");
+		f |= LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP;
+	}
+
+	return f;
+}
+
+static int
+lws_http_serve(struct lws *wsi, char *uri, const char *origin,
+	       const struct lws_http_mount *m)
+{
+	const struct lws_protocol_vhost_options *pvo = m->interpret;
+	struct lws_process_html_args args;
+	const char *mimetype;
+#if !defined(_WIN32_WCE) && !defined(LWS_WITH_ESP8266)
+	const struct lws_plat_file_ops *fops;
+	const char *vpath;
+	lws_fop_flags_t fflags = LWS_O_RDONLY;
+#if defined(WIN32) && defined(LWS_HAVE__STAT32I64)
+	struct _stat32i64 st;
+#else
+	struct stat st;
+#endif
+	int spin = 0;
+#endif
+	char path[256], sym[512];
+	unsigned char *p = (unsigned char *)sym + 32 + LWS_PRE, *start = p;
+	unsigned char *end = p + sizeof(sym) - 32 - LWS_PRE;
+#if !defined(WIN32) && LWS_POSIX && !defined(LWS_WITH_ESP32)
+	size_t len;
+#endif
+	int n;
+
+	lws_snprintf(path, sizeof(path) - 1, "%s/%s", origin, uri);
+
+#if !defined(_WIN32_WCE) && !defined(LWS_WITH_ESP8266)
+
+	fflags |= lws_vfs_prepare_flags(wsi);
+
+	do {
+		spin++;
+		fops = lws_vfs_select_fops(wsi->context->fops, path, &vpath);
+
+		if (wsi->u.http.fop_fd)
+			lws_vfs_file_close(&wsi->u.http.fop_fd);
+
+		wsi->u.http.fop_fd = fops->LWS_FOP_OPEN(wsi->context->fops,
+							path, vpath, &fflags);
+		if (!wsi->u.http.fop_fd) {
+			lwsl_err("Unable to open '%s'\n", path);
+
+			return -1;
+		}
+
+		/* if it can't be statted, don't try */
+		if (fflags & LWS_FOP_FLAG_VIRTUAL)
+			break;
+#if defined(LWS_WITH_ESP32)
+		break;
+#endif
+#if !defined(WIN32)
+		if (fstat(wsi->u.http.fop_fd->fd, &st)) {
+			lwsl_info("unable to stat %s\n", path);
+			goto bail;
+		}
+#else
+#if defined(LWS_HAVE__STAT32I64)
+		if (_stat32i64(path, &st)) {
+			lwsl_info("unable to stat %s\n", path);
+			goto bail;
+		}
+#else
+		if (stat(path, &st)) {
+			lwsl_info("unable to stat %s\n", path);
+			goto bail;
+		}
+#endif
+#endif
+
+		wsi->u.http.fop_fd->mod_time = (uint32_t)st.st_mtime;
+		fflags |= LWS_FOP_FLAG_MOD_TIME_VALID;
+
+#if !defined(WIN32) && LWS_POSIX && !defined(LWS_WITH_ESP32)
+		if ((S_IFMT & st.st_mode) == S_IFLNK) {
+			len = readlink(path, sym, sizeof(sym) - 1);
+			if (len) {
+				lwsl_err("Failed to read link %s\n", path);
+				goto bail;
+			}
+			sym[len] = '\0';
+			lwsl_debug("symlink %s -> %s\n", path, sym);
+			lws_snprintf(path, sizeof(path) - 1, "%s", sym);
+		}
+#endif
+		if ((S_IFMT & st.st_mode) == S_IFDIR) {
+			lwsl_debug("default filename append to dir\n");
+			lws_snprintf(path, sizeof(path) - 1, "%s/%s/index.html",
+				 origin, uri);
+		}
+
+	} while ((S_IFMT & st.st_mode) != S_IFREG && spin < 5);
+
+	if (spin == 5)
+		lwsl_err("symlink loop %s \n", path);
+
+	n = sprintf(sym, "%08llX%08lX",
+		    (unsigned long long)lws_vfs_get_length(wsi->u.http.fop_fd),
+		    (unsigned long)lws_vfs_get_mod_time(wsi->u.http.fop_fd));
+
+	/* disable ranges if IF_RANGE token invalid */
+
+	if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_IF_RANGE))
+		if (strcmp(sym, lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP_IF_RANGE)))
+			/* differs - defeat Range: */
+			wsi->u.http.ah->frag_index[WSI_TOKEN_HTTP_RANGE] = 0;
+
+	if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_IF_NONE_MATCH)) {
+		/*
+		 * he thinks he has some version of it already,
+		 * check if the tag matches
+		 */
+		if (!strcmp(sym, lws_hdr_simple_ptr(wsi,
+					WSI_TOKEN_HTTP_IF_NONE_MATCH))) {
+
+			lwsl_debug("%s: ETAG match %s %s\n", __func__,
+				   uri, origin);
+
+			/* we don't need to send the payload */
+			if (lws_add_http_header_status(wsi,
+					HTTP_STATUS_NOT_MODIFIED, &p, end))
+				return -1;
+
+			if (lws_add_http_header_by_token(wsi,
+					WSI_TOKEN_HTTP_ETAG,
+					(unsigned char *)sym, n, &p, end))
+				return -1;
+
+			if (lws_finalize_http_header(wsi, &p, end))
+				return -1;
+
+			n = lws_write(wsi, start, p - start,
+				      LWS_WRITE_HTTP_HEADERS |
+				      LWS_WRITE_H2_STREAM_END);
+			if (n != (p - start)) {
+				lwsl_err("_write returned %d from %ld\n", n,
+					 (long)(p - start));
+				return -1;
+			}
+
+			lws_vfs_file_close(&wsi->u.http.fop_fd);
+
+			return lws_http_transaction_completed(wsi);
+		}
+	}
+
+	if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_ETAG,
+			(unsigned char *)sym, n, &p, end))
+		return -1;
+#endif
+
+	mimetype = lws_get_mimetype(path, m);
+	if (!mimetype) {
+		lwsl_err("unknown mimetype for %s\n", path);
+               goto bail;
+	}
+	if (!mimetype[0])
+		lwsl_debug("sending no mimetype for %s\n", path);
+
+	wsi->sending_chunked = 0;
+
+	/*
+	 * check if this is in the list of file suffixes to be interpreted by
+	 * a protocol
+	 */
+	while (pvo) {
+		n = strlen(path);
+		if (n > (int)strlen(pvo->name) &&
+		    !strcmp(&path[n - strlen(pvo->name)], pvo->name)) {
+			wsi->sending_chunked = 1;
+			wsi->protocol_interpret_idx =
+					(char)(lws_intptr_t)pvo->value;
+			lwsl_info("want %s interpreted by %s\n", path,
+				    wsi->vhost->protocols[
+				         (int)(lws_intptr_t)(pvo->value)].name);
+			wsi->protocol = &wsi->vhost->protocols[
+			                       (int)(lws_intptr_t)(pvo->value)];
+			if (lws_ensure_user_space(wsi))
+				return -1;
+			break;
+		}
+		pvo = pvo->next;
+	}
+
+	if (m->protocol) {
+		const struct lws_protocols *pp = lws_vhost_name_to_protocol(
+						       wsi->vhost, m->protocol);
+
+		if (lws_bind_protocol(wsi, pp))
+			return 1;
+		args.p = (char *)p;
+		args.max_len = end - p;
+		if (pp->callback(wsi, LWS_CALLBACK_ADD_HEADERS,
+					  wsi->user_space, &args, 0))
+			return -1;
+		p = (unsigned char *)args.p;
+	}
+
+	n = lws_serve_http_file(wsi, path, mimetype, (char *)start, p - start);
+
+	if (n < 0 || ((n > 0) && lws_http_transaction_completed(wsi)))
+		return -1; /* error or can't reuse connection: close the socket */
+
+	return 0;
+bail:
+
+	return -1;
+}
+
+const struct lws_http_mount *
+lws_find_mount(struct lws *wsi, const char *uri_ptr, int uri_len)
+{
+	const struct lws_http_mount *hm, *hit = NULL;
+	int best = 0;
+
+	hm = wsi->vhost->mount_list;
+	while (hm) {
+		if (uri_len >= hm->mountpoint_len &&
+		    !strncmp(uri_ptr, hm->mountpoint, hm->mountpoint_len) &&
+		    (uri_ptr[hm->mountpoint_len] == '\0' ||
+		     uri_ptr[hm->mountpoint_len] == '/' ||
+		     hm->mountpoint_len == 1)
+		    ) {
+			if (hm->origin_protocol == LWSMPRO_CALLBACK ||
+			    ((hm->origin_protocol == LWSMPRO_CGI ||
+			     lws_hdr_total_length(wsi, WSI_TOKEN_GET_URI) ||
+			     (wsi->http2_substream &&
+				lws_hdr_total_length(wsi,
+						WSI_TOKEN_HTTP_COLON_PATH)) ||
+			     hm->protocol) &&
+			    hm->mountpoint_len > best)) {
+				best = hm->mountpoint_len;
+				hit = hm;
+			}
+		}
+		hm = hm->mount_next;
+	}
+
+	return hit;
+}
+
+#if LWS_POSIX
+
+static int
+lws_find_string_in_file(const char *filename, const char *string, int stringlen)
+{
+	char buf[128];
+	int fd, match = 0, pos = 0, n = 0, hit = 0;
+
+	fd = open(filename, O_RDONLY);
+	if (fd < 0) {
+		lwsl_err("can't open auth file: %s\n", filename);
+		return 1;
+	}
+
+	while (1) {
+		if (pos == n) {
+			n = read(fd, buf, sizeof(buf));
+			if (n <= 0) {
+				if (match == stringlen)
+					hit = 1;
+				break;
+			}
+			pos = 0;
+		}
+
+		if (match == stringlen) {
+			if (buf[pos] == '\r' || buf[pos] == '\n') {
+				hit = 1;
+				break;
+			}
+			match = 0;
+		}
+
+		if (buf[pos] == string[match])
+			match++;
+		else
+			match = 0;
+
+		pos++;
+	}
+
+	close(fd);
+
+	return hit;
+}
+
+static int
+lws_unauthorised_basic_auth(struct lws *wsi)
+{
+	struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
+	unsigned char *start = pt->serv_buf + LWS_PRE,
+		      *p = start, *end = p + 512;
+	char buf[64];
+	int n;
+
+	/* no auth... tell him it is required */
+
+	if (lws_add_http_header_status(wsi, HTTP_STATUS_UNAUTHORIZED, &p, end))
+		return -1;
+
+	n = lws_snprintf(buf, sizeof(buf), "Basic realm=\"lwsws\"");
+	if (lws_add_http_header_by_token(wsi,
+			WSI_TOKEN_HTTP_WWW_AUTHENTICATE,
+			(unsigned char *)buf, n, &p, end))
+		return -1;
+
+	if (lws_finalize_http_header(wsi, &p, end))
+		return -1;
+
+	n = lws_write(wsi, start, p - start, LWS_WRITE_HTTP_HEADERS |
+					     LWS_WRITE_H2_STREAM_END);
+	if (n < 0)
+		return -1;
+
+	return lws_http_transaction_completed(wsi);
+
+}
+
+#endif
+
+int lws_clean_url(char *p)
+{
+	if (p[0] == 'h' && p[1] == 't' && p[2] == 't' && p[3] == 'p') {
+		p += 4;
+		if (*p == 's')
+		p++;
+		if (*p == ':') {
+			p++;
+			if (*p == '/')
+			p++;
+		}
+	}
+
+	while (*p) {
+		if (p[0] == '/' && p[1] == '/') {
+			char *p1 = p;
+			while (*p1) {
+				*p1 = p1[1];
+				p1++;
+			}
+			continue;
+		}
+		p++;
+	}
+
+	return 0;
+}
+
+
+static const unsigned char methods[] = {
+	WSI_TOKEN_GET_URI,
+	WSI_TOKEN_POST_URI,
+	WSI_TOKEN_OPTIONS_URI,
+	WSI_TOKEN_PUT_URI,
+	WSI_TOKEN_PATCH_URI,
+	WSI_TOKEN_DELETE_URI,
+	WSI_TOKEN_CONNECT,
+	WSI_TOKEN_HEAD_URI,
+#ifdef LWS_WITH_HTTP2
+	WSI_TOKEN_HTTP_COLON_PATH,
+#endif
+};
+
+static int
+lws_http_get_uri_and_method(struct lws *wsi, char **puri_ptr, int *puri_len)
+{
+	int n, count = 0;
+
+	for (n = 0; n < ARRAY_SIZE(methods); n++)
+		if (lws_hdr_total_length(wsi, methods[n]))
+			count++;
+	if (!count) {
+		lwsl_warn("Missing URI in HTTP request\n");
+		return -1;
+	}
+
+	if (count != 1 &&
+	    !(wsi->http2_substream &&
+	      lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_COLON_PATH))) {
+		lwsl_warn("multiple methods?\n");
+		return -1;
+	}
+
+	for (n = 0; n < ARRAY_SIZE(methods); n++)
+		if (lws_hdr_total_length(wsi, methods[n])) {
+			*puri_ptr = lws_hdr_simple_ptr(wsi, methods[n]);
+			*puri_len = lws_hdr_total_length(wsi, methods[n]);
+			return n;
+		}
+
+	return -1;
+}
+
+int
+lws_http_action(struct lws *wsi)
+{
+	struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
+	enum http_connection_type connection_type;
+	enum http_version request_version;
+	char content_length_str[32];
+	struct lws_process_html_args args;
+	const struct lws_http_mount *hit = NULL;
+	unsigned int n;
+	char http_version_str[10];
+	char http_conn_str[20];
+	int http_version_len;
+	char *uri_ptr = NULL, *s;
+	int uri_len = 0, meth;
+	static const char * const oprot[] = {
+		"http://", "https://"
+	};
+
+	meth = lws_http_get_uri_and_method(wsi, &uri_ptr, &uri_len);
+	if (meth < 0 || meth >= ARRAY_SIZE(method_names))
+		goto bail_nuke_ah;
+
+	/* we insist on absolute paths */
+
+	if (!uri_ptr || uri_ptr[0] != '/') {
+		lws_return_http_status(wsi, HTTP_STATUS_FORBIDDEN, NULL);
+
+		goto bail_nuke_ah;
+	}
+
+	lwsl_info("Method: '%s' (%d), request for '%s'\n", method_names[meth],
+		  meth, uri_ptr);
+
+	if (lws_ensure_user_space(wsi))
+		goto bail_nuke_ah;
+
+	/* HTTP header had a content length? */
+
+	wsi->u.http.rx_content_length = 0;
+	if (lws_hdr_total_length(wsi, WSI_TOKEN_POST_URI) ||
+		lws_hdr_total_length(wsi, WSI_TOKEN_PATCH_URI) ||
+		lws_hdr_total_length(wsi, WSI_TOKEN_PUT_URI))
+		wsi->u.http.rx_content_length = 100 * 1024 * 1024;
+
+	if (lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_CONTENT_LENGTH)) {
+		lws_hdr_copy(wsi, content_length_str,
+			     sizeof(content_length_str) - 1,
+			     WSI_TOKEN_HTTP_CONTENT_LENGTH);
+		wsi->u.http.rx_content_length = atoll(content_length_str);
+	}
+
+	if (wsi->http2_substream) {
+		wsi->u.http.request_version = HTTP_VERSION_2;
+	} else {
+		/* http_version? Default to 1.0, override with token: */
+		request_version = HTTP_VERSION_1_0;
+
+		/* Works for single digit HTTP versions. : */
+		http_version_len = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP);
+		if (http_version_len > 7) {
+			lws_hdr_copy(wsi, http_version_str,
+				     sizeof(http_version_str) - 1,
+				     WSI_TOKEN_HTTP);
+			if (http_version_str[5] == '1' &&
+			    http_version_str[7] == '1')
+				request_version = HTTP_VERSION_1_1;
+		}
+		wsi->u.http.request_version = request_version;
+
+		/* HTTP/1.1 defaults to "keep-alive", 1.0 to "close" */
+		if (request_version == HTTP_VERSION_1_1)
+			connection_type = HTTP_CONNECTION_KEEP_ALIVE;
+		else
+			connection_type = HTTP_CONNECTION_CLOSE;
+
+		/* Override default if http "Connection:" header: */
+		if (lws_hdr_total_length(wsi, WSI_TOKEN_CONNECTION)) {
+			lws_hdr_copy(wsi, http_conn_str,
+				     sizeof(http_conn_str) - 1,
+				     WSI_TOKEN_CONNECTION);
+			http_conn_str[sizeof(http_conn_str) - 1] = '\0';
+			if (!strcasecmp(http_conn_str, "keep-alive"))
+				connection_type = HTTP_CONNECTION_KEEP_ALIVE;
+			else
+				if (!strcasecmp(http_conn_str, "close"))
+					connection_type = HTTP_CONNECTION_CLOSE;
+		}
+		wsi->u.http.connection_type = connection_type;
+	}
+
+	n = wsi->protocol->callback(wsi, LWS_CALLBACK_FILTER_HTTP_CONNECTION,
+				    wsi->user_space, uri_ptr, uri_len);
+	if (n) {
+		lwsl_info("LWS_CALLBACK_HTTP closing\n");
+
+		return 1;
+	}
+	/*
+	 * if there is content supposed to be coming,
+	 * put a timeout on it having arrived
+	 */
+	lws_set_timeout(wsi, PENDING_TIMEOUT_HTTP_CONTENT,
+			wsi->context->timeout_secs);
+#ifdef LWS_OPENSSL_SUPPORT
+	if (wsi->redirect_to_https) {
+		/*
+		 * we accepted http:// only so we could redirect to
+		 * https://, so issue the redirect.  Create the redirection
+		 * URI from the host: header and ignore the path part
+		 */
+		unsigned char *start = pt->serv_buf + LWS_PRE, *p = start,
+			      *end = p + 512;
+
+		if (!lws_hdr_total_length(wsi, WSI_TOKEN_HOST))
+			goto bail_nuke_ah;
+
+		n = sprintf((char *)end, "https://%s/",
+			    lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST));
+
+		n = lws_http_redirect(wsi, HTTP_STATUS_MOVED_PERMANENTLY,
+				      end, n, &p, end);
+		if ((int)n < 0)
+			goto bail_nuke_ah;
+
+		return lws_http_transaction_completed(wsi);
+	}
+#endif
+
+#ifdef LWS_WITH_ACCESS_LOG
+	lws_prepare_access_log_info(wsi, uri_ptr, meth);
+#endif
+
+	/* can we serve it from the mount list? */
+
+	hit = lws_find_mount(wsi, uri_ptr, uri_len);
+	if (!hit) {
+		/* deferred cleanup and reset to protocols[0] */
+
+		lwsl_info("no hit\n");
+
+		if (lws_bind_protocol(wsi, &wsi->vhost->protocols[0]))
+			return 1;
+
+		n = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP,
+				    wsi->user_space, uri_ptr, uri_len);
+
+		goto after;
+	}
+
+	s = uri_ptr + hit->mountpoint_len;
+
+	/*
+	 * if we have a mountpoint like https://xxx.com/yyy
+	 * there is an implied / at the end for our purposes since
+	 * we can only mount on a "directory".
+	 *
+	 * But if we just go with that, the browser cannot understand
+	 * that he is actually looking down one "directory level", so
+	 * even though we give him /yyy/abc.html he acts like the
+	 * current directory level is /.  So relative urls like "x.png"
+	 * wrongly look outside the mountpoint.
+	 *
+	 * Therefore if we didn't come in on a url with an explicit
+	 * / at the end, we must redirect to add it so the browser
+	 * understands he is one "directory level" down.
+	 */
+	if ((hit->mountpoint_len > 1 ||
+	     (hit->origin_protocol == LWSMPRO_REDIR_HTTP ||
+	      hit->origin_protocol == LWSMPRO_REDIR_HTTPS)) &&
+	    (*s != '/' ||
+	     (hit->origin_protocol == LWSMPRO_REDIR_HTTP ||
+	      hit->origin_protocol == LWSMPRO_REDIR_HTTPS)) &&
+	    (hit->origin_protocol != LWSMPRO_CGI &&
+	     hit->origin_protocol != LWSMPRO_CALLBACK)) {
+		unsigned char *start = pt->serv_buf + LWS_PRE,
+			      *p = start, *end = p + 512;
+
+		lwsl_debug("Doing 301 '%s' org %s\n", s, hit->origin);
+
+		/* > at start indicates deal with by redirect */
+		if (hit->origin_protocol == LWSMPRO_REDIR_HTTP ||
+		    hit->origin_protocol == LWSMPRO_REDIR_HTTPS)
+			n = lws_snprintf((char *)end, 256, "%s%s",
+				    oprot[hit->origin_protocol & 1],
+				    hit->origin);
+		else {
+			if (!lws_hdr_total_length(wsi, WSI_TOKEN_HOST)) {
+				if (!lws_hdr_total_length(wsi,
+						WSI_TOKEN_HTTP_COLON_AUTHORITY))
+					goto bail_nuke_ah;
+				n = lws_snprintf((char *)end, 256,
+				    "%s%s%s/", oprot[!!lws_is_ssl(wsi)],
+				    lws_hdr_simple_ptr(wsi,
+						WSI_TOKEN_HTTP_COLON_AUTHORITY),
+				    uri_ptr);
+			} else
+				n = lws_snprintf((char *)end, 256,
+				    "%s%s%s/", oprot[!!lws_is_ssl(wsi)],
+				    lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST),
+				    uri_ptr);
+		}
+
+		lws_clean_url((char *)end);
+		n = lws_http_redirect(wsi, HTTP_STATUS_MOVED_PERMANENTLY,
+				      end, n, &p, end);
+		if ((int)n < 0)
+			goto bail_nuke_ah;
+
+		return lws_http_transaction_completed(wsi);
+	}
+
+#if LWS_POSIX
+	/* basic auth? */
+
+	if (hit->basic_auth_login_file) {
+		char b64[160], plain[(sizeof(b64) * 3) / 4];
+		int m;
+
+		/* Did he send auth? */
+		if (!lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_AUTHORIZATION))
+			return lws_unauthorised_basic_auth(wsi);
+
+		n = HTTP_STATUS_FORBIDDEN;
+
+		m = lws_hdr_copy(wsi, b64, sizeof(b64),
+				 WSI_TOKEN_HTTP_AUTHORIZATION);
+		if (m < 7) {
+			lwsl_err("b64 auth too long\n");
+			goto transaction_result_n;
+		}
+
+		b64[5] = '\0';
+		if (strcasecmp(b64, "Basic")) {
+			lwsl_err("auth missing basic: %s\n", b64);
+			goto transaction_result_n;
+		}
+
+		/* It'll be like Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l */
+
+		m = lws_b64_decode_string(b64 + 6, plain, sizeof(plain));
+		if (m < 0) {
+			lwsl_err("plain auth too long\n");
+			goto transaction_result_n;
+		}
+
+		if (!lws_find_string_in_file(hit->basic_auth_login_file,
+					     plain, m)) {
+			lwsl_err("basic auth lookup failed\n");
+			return lws_unauthorised_basic_auth(wsi);
+		}
+
+		lwsl_notice("basic auth accepted\n");
+
+		/* accept the auth */
+	}
+#endif
+
+#if defined(LWS_WITH_HTTP_PROXY)
+	/*
+	 * The mount is a reverse proxy?
+	 */
+
+	if (hit->origin_protocol == LWSMPRO_HTTPS ||
+	    hit->origin_protocol == LWSMPRO_HTTP)  {
+		struct lws_client_connect_info i;
+		char ads[96], rpath[256], *pcolon, *pslash, *p;
+		int n, na;
+
+		memset(&i, 0, sizeof(i));
+		i.context = lws_get_context(wsi);
+
+		pcolon = strchr(hit->origin, ':');
+		pslash = strchr(hit->origin, '/');
+		if (!pslash) {
+			lwsl_err("Proxy mount origin '%s' must have /\n",
+				 hit->origin);
+			return -1;
+		}
+		if (pcolon > pslash)
+			pcolon = NULL;
+		
+		if (pcolon)
+			n = pcolon - hit->origin;
+		else
+			n = pslash - hit->origin;
+
+		if (n >= sizeof(ads) - 2)
+			n = sizeof(ads) - 2;
+
+		memcpy(ads, hit->origin, n);
+		ads[n] = '\0';
+
+		i.address = ads;
+		i.port = 80;
+		if (hit->origin_protocol == LWSMPRO_HTTPS) { 
+			i.port = 443;
+			i.ssl_connection = 1;
+		}
+		if (pcolon)
+			i.port = atoi(pcolon + 1);
+		
+		lws_snprintf(rpath, sizeof(rpath) - 1, "/%s/%s", pslash + 1,
+			     uri_ptr + hit->mountpoint_len);
+		lws_clean_url(rpath);
+		na = lws_hdr_total_length(wsi, WSI_TOKEN_HTTP_URI_ARGS);
+		if (na) {
+			p = rpath + strlen(rpath);
+			*p++ = '?';
+			lws_hdr_copy(wsi, p, &rpath[sizeof(rpath) - 1] - p,
+				     WSI_TOKEN_HTTP_URI_ARGS);
+			while (--na) {
+				if (*p == '\0')
+					*p = '&';
+				p++;
+			}
+		}
+				
+
+		i.path = rpath;
+		i.host = i.address;
+		i.origin = NULL;
+		i.method = "GET";
+		i.parent_wsi = wsi;
+		i.uri_replace_from = hit->origin;
+		i.uri_replace_to = hit->mountpoint;
+
+		lwsl_notice("proxying to %s port %d url %s, ssl %d, from %s, to %s\n",
+				i.address, i.port, i.path, i.ssl_connection,
+				i.uri_replace_from, i.uri_replace_to);
+	
+		if (!lws_client_connect_via_info(&i)) {
+			lwsl_err("proxy connect fail\n");
+			return 1;
+		}
+
+		return 0;
+	}
+#endif
+
+	/*
+	 * A particular protocol callback is mounted here?
+	 *
+	 * For the duration of this http transaction, bind us to the
+	 * associated protocol
+	 */
+	if (hit->origin_protocol == LWSMPRO_CALLBACK || hit->protocol) {
+		const struct lws_protocols *pp;
+		const char *name = hit->origin;
+		if (hit->protocol)
+			name = hit->protocol;
+
+		pp = lws_vhost_name_to_protocol(wsi->vhost, name);
+		if (!pp) {
+			n = -1;
+			lwsl_err("Unable to find plugin '%s'\n",
+				 hit->origin);
+			return 1;
+		}
+
+		if (lws_bind_protocol(wsi, pp))
+			return 1;
+
+		args.p = uri_ptr;
+		args.len = uri_len;
+		args.max_len = hit->auth_mask;
+		args.final = 0; /* used to signal callback dealt with it */
+
+		n = wsi->protocol->callback(wsi, LWS_CALLBACK_CHECK_ACCESS_RIGHTS,
+					    wsi->user_space, &args, 0);
+		if (n) {
+			lws_return_http_status(wsi, HTTP_STATUS_UNAUTHORIZED,
+					       NULL);
+			goto bail_nuke_ah;
+		}
+		if (args.final) /* callback completely handled it well */
+			return 0;
+
+		if (hit->cgienv && wsi->protocol->callback(wsi,
+				LWS_CALLBACK_HTTP_PMO,
+				wsi->user_space, (void *)hit->cgienv, 0))
+			return 1;
+
+		if (lws_hdr_total_length(wsi, WSI_TOKEN_POST_URI)) {
+			n = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP,
+					    wsi->user_space,
+					    uri_ptr + hit->mountpoint_len,
+					    uri_len - hit->mountpoint_len);
+			goto after;
+		}
+	}
+
+#ifdef LWS_WITH_CGI
+	/* did we hit something with a cgi:// origin? */
+	if (hit->origin_protocol == LWSMPRO_CGI) {
+		const char *cmd[] = {
+			NULL, /* replace with cgi path */
+			NULL
+		};
+
+		lwsl_debug("%s: cgi\n", __func__);
+		cmd[0] = hit->origin;
+
+		n = 5;
+		if (hit->cgi_timeout)
+			n = hit->cgi_timeout;
+
+		n = lws_cgi(wsi, cmd, hit->mountpoint_len, n,
+			    hit->cgienv);
+		if (n) {
+			lwsl_err("%s: cgi failed\n", __func__);
+			return -1;
+		}
+
+		goto deal_body;
+	}
+#endif
+
+	n = strlen(s);
+	if (s[0] == '\0' || (n == 1 && s[n - 1] == '/'))
+		s = (char *)hit->def;
+	if (!s)
+		s = "index.html";
+
+	wsi->cache_secs = hit->cache_max_age;
+	wsi->cache_reuse = hit->cache_reusable;
+	wsi->cache_revalidate = hit->cache_revalidate;
+	wsi->cache_intermediaries = hit->cache_intermediaries;
+
+	n = lws_http_serve(wsi, s, hit->origin, hit);
+	if (n) {
+		/*
+		 * 	lws_return_http_status(wsi, HTTP_STATUS_NOT_FOUND, NULL);
+		 */
+		if (hit->protocol) {
+			const struct lws_protocols *pp = lws_vhost_name_to_protocol(
+					wsi->vhost, hit->protocol);
+
+			if (lws_bind_protocol(wsi, pp))
+				return 1;
+
+			n = pp->callback(wsi, LWS_CALLBACK_HTTP,
+					 wsi->user_space,
+					 uri_ptr + hit->mountpoint_len,
+					 uri_len - hit->mountpoint_len);
+		} else
+			n = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP,
+				    wsi->user_space, uri_ptr, uri_len);
+	}
+
+after:
+	if (n) {
+		lwsl_info("LWS_CALLBACK_HTTP closing\n");
+
+		return 1;
+	}
+
+#ifdef LWS_WITH_CGI
+deal_body:
+#endif
+	/*
+	 * If we're not issuing a file, check for content_length or
+	 * HTTP keep-alive. No keep-alive header allocation for
+	 * ISSUING_FILE, as this uses HTTP/1.0.
+	 *
+	 * In any case, return 0 and let lws_read decide how to
+	 * proceed based on state
+	 */
+	if (wsi->state != LWSS_HTTP_ISSUING_FILE) {
+		/* Prepare to read body if we have a content length: */
+		lwsl_debug("wsi->u.http.rx_content_length %lld %d %d\n",
+			   (long long)wsi->u.http.rx_content_length,
+			   wsi->upgraded_to_http2, wsi->http2_substream);
+		if (wsi->u.http.rx_content_length > 0) {
+			lwsl_notice("%s: %p: LWSS_HTTP_BODY state set\n",
+				    __func__, wsi);
+			wsi->state = LWSS_HTTP_BODY;
+			wsi->u.http.rx_content_remain =
+					wsi->u.http.rx_content_length;
+		}
+	}
+
+	return 0;
+
+bail_nuke_ah:
+	/* we're closing, losing some rx is OK */
+	lws_header_table_force_to_detachable_state(wsi);
+	lws_header_table_detach(wsi, 1);
+
+	return 1;
+
+#if LWS_POSIX
+transaction_result_n:
+	lws_return_http_status(wsi, n, NULL);
+
+	return lws_http_transaction_completed(wsi);
+#endif
+}
+
+static int
+lws_server_init_wsi_for_ws(struct lws *wsi)
+{
+	int n;
+
+	wsi->state = LWSS_ESTABLISHED;
+	lws_restart_ws_ping_pong_timer(wsi);
+
+	/*
+	 * create the frame buffer for this connection according to the
+	 * size mentioned in the protocol definition.  If 0 there, use
+	 * a big default for compatibility
+	 */
+
+	n = wsi->protocol->rx_buffer_size;
+	if (!n)
+		n = wsi->context->pt_serv_buf_size;
+	n += LWS_PRE;
+	wsi->u.ws.rx_ubuf = lws_malloc(n + 4 /* 0x0000ffff zlib */, "rx_ubuf");
+	if (!wsi->u.ws.rx_ubuf) {
+		lwsl_err("Out of Mem allocating rx buffer %d\n", n);
+		return 1;
+	}
+	wsi->u.ws.rx_ubuf_alloc = n;
+	lwsl_debug("Allocating RX buffer %d\n", n);
+
+#if LWS_POSIX && !defined(LWS_WITH_ESP32)
+	if (!wsi->parent_carries_io)
+		if (setsockopt(wsi->desc.sockfd, SOL_SOCKET, SO_SNDBUF,
+		       (const char *)&n, sizeof n)) {
+			lwsl_warn("Failed to set SNDBUF to %d", n);
+			return 1;
+		}
+#endif
+
+	/* notify user code that we're ready to roll */
+
+	if (wsi->protocol->callback)
+		if (wsi->protocol->callback(wsi, LWS_CALLBACK_ESTABLISHED,
+					    wsi->user_space,
+#ifdef LWS_OPENSSL_SUPPORT
+					    wsi->ssl,
+#else
+					    NULL,
+#endif
+					    0))
+			return 1;
+
+	return 0;
+}
+
+int
+lws_handshake_server(struct lws *wsi, unsigned char **buf, size_t len)
+{
+	int protocol_len, n = 0, hit, non_space_char_found = 0, m;
+	struct lws_context *context = lws_get_context(wsi);
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+	struct _lws_header_related hdr;
+	struct allocated_headers *ah;
+	unsigned char *obuf = *buf;
+	char protocol_list[128];
+	char protocol_name[64];
+	size_t olen = len;
+	char *p;
+
+	if (len >= 10000000) {
+		lwsl_err("%s: assert: len %ld\n", __func__, (long)len);
+		assert(0);
+	}
+
+	if (!wsi->u.hdr.ah) {
+		lwsl_err("%s: assert: NULL ah\n", __func__);
+		assert(0);
+	}
+
+	lwsl_hexdump(*buf, len);
+
+	while (len--) {
+		wsi->more_rx_waiting = !!len;
+
+		if (wsi->mode != LWSCM_HTTP_SERVING &&
+		    wsi->mode != LWSCM_HTTP2_SERVING &&
+		    wsi->mode != LWSCM_HTTP_SERVING_ACCEPTED) {
+			lwsl_err("%s: bad wsi mode %d\n", __func__, wsi->mode);
+			goto bail_nuke_ah;
+		}
+
+		m = lws_parse(wsi, *(*buf)++);
+		if (m) {
+			if (m == 2) {
+				/*
+				 * we are transitioning from http with
+				 * an AH, to raw.  Drop the ah and set
+				 * the mode.
+				 */
+raw_transition:
+				lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0);
+				lws_bind_protocol(wsi, &wsi->vhost->protocols[
+				                        wsi->vhost->
+				                        raw_protocol_index]);
+				lwsl_info("transition to raw vh %s prot %d\n",
+					  wsi->vhost->name,
+					  wsi->vhost->raw_protocol_index);
+				if ((wsi->protocol->callback)(wsi,
+						LWS_CALLBACK_RAW_ADOPT,
+						wsi->user_space, NULL, 0))
+					goto bail_nuke_ah;
+
+				lws_header_table_force_to_detachable_state(wsi);
+				lws_union_transition(wsi, LWSCM_RAW);
+				lws_header_table_detach(wsi, 1);
+
+				if (m == 2 && (wsi->protocol->callback)(wsi,
+						LWS_CALLBACK_RAW_RX,
+						wsi->user_space, obuf, olen))
+					return 1;
+
+				return 0;
+			}
+			lwsl_info("lws_parse failed\n");
+			goto bail_nuke_ah;
+		}
+
+		if (wsi->u.hdr.parser_state != WSI_PARSING_COMPLETE)
+			continue;
+
+		lwsl_parser("%s: lws_parse sees parsing complete\n", __func__);
+		lwsl_debug("%s: wsi->more_rx_waiting=%d\n", __func__,
+				wsi->more_rx_waiting);
+
+		/* select vhost */
+
+		if (lws_hdr_total_length(wsi, WSI_TOKEN_HOST)) {
+			struct lws_vhost *vhost = lws_select_vhost(
+				context, wsi->vhost->listen_port,
+				lws_hdr_simple_ptr(wsi, WSI_TOKEN_HOST));
+
+			if (vhost)
+				wsi->vhost = vhost;
+		} else
+			lwsl_info("no host\n");
+
+		if (wsi->mode != LWSCM_HTTP2_SERVING) {
+			wsi->vhost->conn_stats.h1_trans++;
+			if (!wsi->conn_stat_done) {
+				wsi->vhost->conn_stats.h1_conn++;
+				wsi->conn_stat_done = 1;
+			}
+		}
+
+		/* check for unwelcome guests */
+
+		if (wsi->context->reject_service_keywords) {
+			const struct lws_protocol_vhost_options *rej =
+					wsi->context->reject_service_keywords;
+			char ua[384], *msg = NULL;
+
+			if (lws_hdr_copy(wsi, ua, sizeof(ua) - 1,
+					 WSI_TOKEN_HTTP_USER_AGENT) > 0) {
+				ua[sizeof(ua) - 1] = '\0';
+				while (rej) {
+					if (strstr(ua, rej->name)) {
+#ifdef LWS_WITH_ACCESS_LOG
+						char *uri_ptr = NULL;
+						int meth, uri_len;
+#endif
+
+						msg = strchr(rej->value, ' ');
+						if (msg)
+							msg++;
+						lws_return_http_status(wsi,
+							atoi(rej->value), msg);
+#ifdef LWS_WITH_ACCESS_LOG
+						meth = lws_http_get_uri_and_method(wsi,
+								&uri_ptr, &uri_len);
+						if (meth >= 0)
+							lws_prepare_access_log_info(wsi,
+								uri_ptr, meth);
+
+						/* wsi close will do the log */
+#endif
+						wsi->vhost->conn_stats.rejected++;
+						/*
+						 * We don't want anything from
+						 * this rejected guy.  Follow
+						 * the close flow, not the
+						 * transaction complete flow.
+						 */
+						goto bail_nuke_ah;
+					}
+					rej = rej->next;
+				}
+			}
+		}
+
+
+		if (lws_hdr_total_length(wsi, WSI_TOKEN_CONNECT)) {
+			lwsl_info("Changing to RAW mode\n");
+			m = 0;
+			goto raw_transition;
+		}
+
+		wsi->mode = LWSCM_PRE_WS_SERVING_ACCEPT;
+		lws_set_timeout(wsi, NO_PENDING_TIMEOUT, 0);
+
+		/* is this websocket protocol or normal http 1.0? */
+
+		if (lws_hdr_total_length(wsi, WSI_TOKEN_UPGRADE)) {
+			if (!strcasecmp(lws_hdr_simple_ptr(wsi, WSI_TOKEN_UPGRADE),
+					"websocket")) {
+				wsi->vhost->conn_stats.ws_upg++;
+				lwsl_info("Upgrade to ws\n");
+				goto upgrade_ws;
+			}
+#ifdef LWS_WITH_HTTP2
+			if (!strcasecmp(lws_hdr_simple_ptr(wsi, WSI_TOKEN_UPGRADE),
+					"h2c")) {
+				wsi->vhost->conn_stats.h2_upg++;
+				lwsl_info("Upgrade to h2c\n");
+				goto upgrade_h2c;
+			}
+#endif
+			lwsl_info("Unknown upgrade\n");
+			/* dunno what he wanted to upgrade to */
+			goto bail_nuke_ah;
+		}
+
+		/* no upgrade ack... he remained as HTTP */
+
+		lwsl_info("No upgrade\n");
+		ah = wsi->u.hdr.ah;
+
+		lws_union_transition(wsi, LWSCM_HTTP_SERVING_ACCEPTED);
+		wsi->state = LWSS_HTTP;
+		wsi->u.http.fop_fd = NULL;
+
+		/* expose it at the same offset as u.hdr */
+		wsi->u.http.ah = ah;
+		lwsl_debug("%s: wsi %p: ah %p\n", __func__, (void *)wsi,
+			   (void *)wsi->u.hdr.ah);
+
+		n = lws_http_action(wsi);
+
+		return n;
+
+#ifdef LWS_WITH_HTTP2
+upgrade_h2c:
+		if (!lws_hdr_total_length(wsi, WSI_TOKEN_HTTP2_SETTINGS)) {
+			lwsl_info("missing http2_settings\n");
+			goto bail_nuke_ah;
+		}
+
+		lwsl_info("h2c upgrade...\n");
+
+		p = lws_hdr_simple_ptr(wsi, WSI_TOKEN_HTTP2_SETTINGS);
+		/* convert the peer's HTTP-Settings */
+		n = lws_b64_decode_string(p, protocol_list,
+					  sizeof(protocol_list));
+		if (n < 0) {
+			lwsl_parser("HTTP2_SETTINGS too long\n");
+			return 1;
+		}
+
+		/* adopt the header info */
+
+		ah = wsi->u.hdr.ah;
+
+		lws_union_transition(wsi, LWSCM_HTTP2_SERVING);
+
+		/* http2 union member has http union struct at start */
+		wsi->u.http.ah = ah;
+
+		if (!wsi->u.h2.h2n) {
+			wsi->u.h2.h2n = lws_zalloc(sizeof(*wsi->u.h2.h2n), "h2n");
+			if (!wsi->u.h2.h2n)
+				return 1;
+		}
+
+		lws_h2_init(wsi);
+
+		/* HTTP2 union */
+
+		lws_h2_settings(wsi, &wsi->u.h2.h2n->set,
+				(unsigned char *)protocol_list, n);
+
+		lws_hpack_dynamic_size(wsi, wsi->u.h2.h2n->set.s[
+		                                      H2SET_HEADER_TABLE_SIZE]);
+
+		strcpy(protocol_list, "HTTP/1.1 101 Switching Protocols\x0d\x0a"
+				      "Connection: Upgrade\x0d\x0a"
+				      "Upgrade: h2c\x0d\x0a\x0d\x0a");
+		n = lws_issue_raw(wsi, (unsigned char *)protocol_list,
+					strlen(protocol_list));
+		if (n != strlen(protocol_list)) {
+			lwsl_debug("http2 switch: ERROR writing to socket\n");
+			return 1;
+		}
+
+		wsi->state = LWSS_HTTP2_AWAIT_CLIENT_PREFACE;
+
+		return 0;
+#endif
+
+upgrade_ws:
+		if (!wsi->protocol)
+			lwsl_err("NULL protocol at lws_read\n");
+
+		/*
+		 * It's websocket
+		 *
+		 * Select the first protocol we support from the list
+		 * the client sent us.
+		 *
+		 * Copy it to remove header fragmentation
+		 */
+
+		if (lws_hdr_copy(wsi, protocol_list, sizeof(protocol_list) - 1,
+				 WSI_TOKEN_PROTOCOL) < 0) {
+			lwsl_err("protocol list too long");
+			goto bail_nuke_ah;
+		}
+
+		protocol_len = lws_hdr_total_length(wsi, WSI_TOKEN_PROTOCOL);
+		protocol_list[protocol_len] = '\0';
+		p = protocol_list;
+		hit = 0;
+
+		while (*p && !hit) {
+			n = 0;
+			non_space_char_found = 0;
+			while (n < sizeof(protocol_name) - 1 &&
+			       *p && *p != ',') {
+				/* ignore leading spaces */
+				if (!non_space_char_found && *p == ' ') {
+					n++;
+					continue;
+				}
+				non_space_char_found = 1;
+				protocol_name[n++] = *p++;
+			}
+			protocol_name[n] = '\0';
+			if (*p)
+				p++;
+
+			lwsl_info("checking %s\n", protocol_name);
+
+			n = 0;
+			while (wsi->vhost->protocols[n].callback) {
+				lwsl_info("try %s\n",
+					  wsi->vhost->protocols[n].name);
+
+				if (wsi->vhost->protocols[n].name &&
+				    !strcmp(wsi->vhost->protocols[n].name,
+					    protocol_name)) {
+					wsi->protocol = &wsi->vhost->protocols[n];
+					hit = 1;
+					break;
+				}
+
+				n++;
+			}
+		}
+
+		/* we didn't find a protocol he wanted? */
+
+		if (!hit) {
+			if (lws_hdr_simple_ptr(wsi, WSI_TOKEN_PROTOCOL)) {
+				lwsl_info("No protocol from \"%s\" supported\n",
+					 protocol_list);
+				goto bail_nuke_ah;
+			}
+			/*
+			 * some clients only have one protocol and
+			 * do not send the protocol list header...
+			 * allow it and match to the vhost's default
+			 * protocol (which itself defaults to zero)
+			 */
+			lwsl_info("defaulting to prot handler %d\n",
+				wsi->vhost->default_protocol_index);
+			n = wsi->vhost->default_protocol_index;
+			wsi->protocol = &wsi->vhost->protocols[
+				      (int)wsi->vhost->default_protocol_index];
+		}
+
+		/* allocate wsi->user storage */
+		if (lws_ensure_user_space(wsi))
+			goto bail_nuke_ah;
+
+		/*
+		 * Give the user code a chance to study the request and
+		 * have the opportunity to deny it
+		 */
+		if ((wsi->protocol->callback)(wsi,
+				LWS_CALLBACK_FILTER_PROTOCOL_CONNECTION,
+				wsi->user_space,
+			      lws_hdr_simple_ptr(wsi, WSI_TOKEN_PROTOCOL), 0)) {
+			lwsl_warn("User code denied connection\n");
+			goto bail_nuke_ah;
+		}
+
+		/*
+		 * Perform the handshake according to the protocol version the
+		 * client announced
+		 */
+
+		switch (wsi->ietf_spec_revision) {
+		case 13:
+			lwsl_parser("lws_parse calling handshake_04\n");
+			if (handshake_0405(context, wsi)) {
+				lwsl_info("hs0405 has failed the connection\n");
+				goto bail_nuke_ah;
+			}
+			break;
+
+		default:
+			lwsl_info("Unknown client spec version %d\n",
+				  wsi->ietf_spec_revision);
+			goto bail_nuke_ah;
+		}
+
+		lws_same_vh_protocol_insert(wsi, n);
+
+		/* we are upgrading to ws, so http/1.1 and keepalive +
+		 * pipelined header considerations about keeping the ah around
+		 * no longer apply.  However it's common for the first ws
+		 * protocol data to have been coalesced with the browser
+		 * upgrade request and to already be in the ah rx buffer.
+		 */
+
+		lwsl_info("%s: %p: inheriting ws ah (rxpos:%d, rxlen:%d)\n",
+			  __func__, wsi, wsi->u.hdr.ah->rxpos,
+			  wsi->u.hdr.ah->rxlen);
+		lws_pt_lock(pt);
+		hdr = wsi->u.hdr;
+
+		lws_union_transition(wsi, LWSCM_WS_SERVING);
+		/*
+		 * first service is WS mode will notice this, use the RX and
+		 * then detach the ah (caution: we are not in u.hdr union
+		 * mode any more then... ah_temp member is at start the same
+		 * though)
+		 *
+		 * Because rxpos/rxlen shows something in the ah, we will get
+		 * service guaranteed next time around the event loop
+		 *
+		 * All union members begin with hdr, so we can use it even
+		 * though we transitioned to ws union mode (the ah detach
+		 * code uses it anyway).
+		 */
+		wsi->u.hdr = hdr;
+		lws_pt_unlock(pt);
+
+		lws_server_init_wsi_for_ws(wsi);
+		lwsl_parser("accepted v%02d connection\n",
+			    wsi->ietf_spec_revision);
+
+		/* !!! drop ah unreservedly after ESTABLISHED */
+		if (!wsi->more_rx_waiting) {
+			lws_header_table_force_to_detachable_state(wsi);
+			lws_header_table_detach(wsi, 1);
+		}
+
+		return 0;
+	} /* while all chars are handled */
+
+	return 0;
+
+bail_nuke_ah:
+	/* drop the header info */
+	/* we're closing, losing some rx is OK */
+	lws_header_table_force_to_detachable_state(wsi);
+	lws_header_table_detach(wsi, 1);
+
+	return 1;
+}
+
+
+static int
+lws_get_idlest_tsi(struct lws_context *context)
+{
+	unsigned int lowest = ~0;
+	int n = 0, hit = -1;
+
+	for (; n < context->count_threads; n++) {
+		if ((unsigned int)context->pt[n].fds_count !=
+		    context->fd_limit_per_thread - 1 &&
+		    (unsigned int)context->pt[n].fds_count < lowest) {
+			lowest = context->pt[n].fds_count;
+			hit = n;
+		}
+	}
+
+	return hit;
+}
+
+struct lws *
+lws_create_new_server_wsi(struct lws_vhost *vhost)
+{
+	struct lws *new_wsi;
+	int n = lws_get_idlest_tsi(vhost->context);
+
+	if (n < 0) {
+		lwsl_err("no space for new conn\n");
+		return NULL;
+	}
+
+	new_wsi = lws_zalloc(sizeof(struct lws), "new server wsi");
+	if (new_wsi == NULL) {
+		lwsl_err("Out of memory for new connection\n");
+		return NULL;
+	}
+
+	new_wsi->tsi = n;
+	lwsl_debug("new wsi %p joining vhost %s, tsi %d\n", new_wsi,
+		   vhost->name, new_wsi->tsi);
+
+	new_wsi->vhost = vhost;
+	new_wsi->context = vhost->context;
+	new_wsi->pending_timeout = NO_PENDING_TIMEOUT;
+	new_wsi->rxflow_change_to = LWS_RXFLOW_ALLOW;
+
+	/* initialize the instance struct */
+
+	new_wsi->state = LWSS_HTTP;
+	new_wsi->mode = LWSCM_HTTP_SERVING;
+	new_wsi->hdr_parsing_completed = 0;
+
+#ifdef LWS_OPENSSL_SUPPORT
+	new_wsi->use_ssl = LWS_SSL_ENABLED(vhost);
+#endif
+
+	/*
+	 * these can only be set once the protocol is known
+	 * we set an un-established connection's protocol pointer
+	 * to the start of the supported list, so it can look
+	 * for matching ones during the handshake
+	 */
+	new_wsi->protocol = vhost->protocols;
+	new_wsi->user_space = NULL;
+	new_wsi->ietf_spec_revision = 0;
+	new_wsi->desc.sockfd = LWS_SOCK_INVALID;
+	new_wsi->position_in_fds_table = -1;
+
+	vhost->context->count_wsi_allocated++;
+
+	/*
+	 * outermost create notification for wsi
+	 * no user_space because no protocol selection
+	 */
+	vhost->protocols[0].callback(new_wsi, LWS_CALLBACK_WSI_CREATE,
+				       NULL, NULL, 0);
+
+	return new_wsi;
+}
+
+LWS_VISIBLE int LWS_WARN_UNUSED_RESULT
+lws_http_transaction_completed(struct lws *wsi)
+{
+	int n = NO_PENDING_TIMEOUT;
+
+	lwsl_info("%s: wsi %p\n", __func__, wsi);
+
+	lws_access_log(wsi);
+
+	if (!wsi->hdr_parsing_completed) {
+		lwsl_notice("%s: ignoring, ah parsing incomplete\n", __func__);
+		return 0;
+	}
+
+	lwsl_debug("%s: wsi %p\n", __func__, wsi);
+	/* if we can't go back to accept new headers, drop the connection */
+	if (wsi->http2_substream)
+		return 0;
+
+	if (wsi->seen_zero_length_recv)
+		return 1;
+
+	if (wsi->u.http.connection_type != HTTP_CONNECTION_KEEP_ALIVE) {
+		lwsl_info("%s: %p: close connection\n", __func__, wsi);
+		return 1;
+	}
+
+	if (lws_bind_protocol(wsi, &wsi->vhost->protocols[0]))
+		return 1;
+
+	/* otherwise set ourselves up ready to go again */
+	wsi->state = LWSS_HTTP;
+	wsi->mode = LWSCM_HTTP_SERVING;
+	wsi->u.http.tx_content_length = 0;
+	wsi->u.http.tx_content_remain = 0;
+	wsi->hdr_parsing_completed = 0;
+#ifdef LWS_WITH_ACCESS_LOG
+	wsi->access_log.sent = 0;
+#endif
+
+	if (wsi->vhost->keepalive_timeout)
+		n = PENDING_TIMEOUT_HTTP_KEEPALIVE_IDLE;
+	lws_set_timeout(wsi, n, wsi->vhost->keepalive_timeout);
+
+	/*
+	 * We already know we are on http1.1 / keepalive and the next thing
+	 * coming will be another header set.
+	 *
+	 * If there is no pending rx and we still have the ah, drop it and
+	 * reacquire a new ah when the new headers start to arrive.  (Otherwise
+	 * we needlessly hog an ah indefinitely.)
+	 *
+	 * However if there is pending rx and we know from the keepalive state
+	 * that is already at least the start of another header set, simply
+	 * reset the existing header table and keep it.
+	 */
+	if (wsi->u.hdr.ah) {
+		lwsl_debug("%s: wsi->more_rx_waiting=%d\n", __func__,
+				wsi->more_rx_waiting);
+
+		if (!wsi->more_rx_waiting) {
+			lws_header_table_force_to_detachable_state(wsi);
+			lws_header_table_detach(wsi, 1);
+#ifdef LWS_OPENSSL_SUPPORT
+			/*
+			 * additionally... if we are hogging an SSL instance
+			 * with no pending pipelined headers (or ah now), and
+			 * SSL is scarce, drop this connection without waiting
+			 */
+
+			if (wsi->vhost->use_ssl &&
+			    wsi->context->simultaneous_ssl_restriction &&
+			    wsi->context->simultaneous_ssl ==
+				   wsi->context->simultaneous_ssl_restriction) {
+				lwsl_info("%s: simultaneous_ssl_restriction\n",
+					  __func__);
+				return 1;
+			}
+#endif
+		} else {
+			lws_header_table_reset(wsi, 1);
+			/*
+			 * If we kept the ah, we should restrict the amount
+			 * of time we are willing to keep it.  Otherwise it
+			 * will be bound the whole time the connection remains
+			 * open.
+			 */
+			lws_set_timeout(wsi, PENDING_TIMEOUT_HOLDING_AH,
+					wsi->vhost->keepalive_timeout);
+		}
+	}
+
+	/* If we're (re)starting on headers, need other implied init */
+	wsi->u.hdr.ues = URIES_IDLE;
+
+	lwsl_info("%s: %p: keep-alive await new transaction\n", __func__, wsi);
+
+	return 0;
+}
+
+/* if not a socket, it's a raw, non-ssl file descriptor */
+
+LWS_VISIBLE struct lws *
+lws_adopt_descriptor_vhost(struct lws_vhost *vh, lws_adoption_type type,
+			   lws_sock_file_fd_type fd, const char *vh_prot_name,
+			   struct lws *parent)
+{
+	struct lws_context *context = vh->context;
+	struct lws *new_wsi;
+	struct lws_context_per_thread *pt;
+	int n, ssl = 0;
+
+#if defined(LWS_WITH_PEER_LIMITS)
+	struct lws_peer *peer = NULL;
+
+	if (type & LWS_ADOPT_SOCKET && !(type & LWS_ADOPT_WS_PARENTIO)) {
+		peer = lws_get_or_create_peer(vh, fd.sockfd);
+
+		if (!peer) {
+			lwsl_err("OOM creating peer\n");
+			return NULL;
+		}
+		if (context->ip_limit_wsi &&
+		    peer->count_wsi >= context->ip_limit_wsi) {
+			lwsl_notice("Peer reached wsi limit %d\n",
+					context->ip_limit_wsi);
+			lws_stats_atomic_bump(context, &context->pt[0],
+					      LWSSTATS_C_PEER_LIMIT_WSI_DENIED, 1);
+			return NULL;
+		}
+	}
+#endif
+
+	new_wsi = lws_create_new_server_wsi(vh);
+	if (!new_wsi) {
+		if (type & LWS_ADOPT_SOCKET && !(type & LWS_ADOPT_WS_PARENTIO))
+			compatible_close(fd.sockfd);
+		return NULL;
+	}
+#if defined(LWS_WITH_PEER_LIMITS)
+	if (peer)
+		lws_peer_add_wsi(context, peer, new_wsi);
+#endif
+	pt = &context->pt[(int)new_wsi->tsi];
+	lws_stats_atomic_bump(context, pt, LWSSTATS_C_CONNECTIONS, 1);
+
+	if (parent) {
+		new_wsi->parent = parent;
+		new_wsi->sibling_list = parent->child_list;
+		parent->child_list = new_wsi;
+
+		if (type & LWS_ADOPT_WS_PARENTIO)
+			new_wsi->parent_carries_io = 1;
+	}
+
+	new_wsi->desc = fd;
+
+	if (vh_prot_name) {
+		new_wsi->protocol = lws_vhost_name_to_protocol(new_wsi->vhost,
+							       vh_prot_name);
+		if (!new_wsi->protocol) {
+			lwsl_err("Protocol %s not enabled on vhost %s\n",
+				 vh_prot_name, new_wsi->vhost->name);
+			goto bail;
+		}
+               if (lws_ensure_user_space(new_wsi)) {
+                       lwsl_notice("OOM trying to get user_space\n");
+			goto bail;
+               }
+               if (type & LWS_ADOPT_WS_PARENTIO) {
+			new_wsi->desc.sockfd = LWS_SOCK_INVALID;
+			lwsl_debug("binding to %s\n", new_wsi->protocol->name);
+			lws_bind_protocol(new_wsi, new_wsi->protocol);
+			lws_union_transition(new_wsi, LWSCM_WS_SERVING);
+			lws_server_init_wsi_for_ws(new_wsi);
+
+			return new_wsi;
+               }
+	} else
+		if (type & LWS_ADOPT_HTTP) /* he will transition later */
+			new_wsi->protocol =
+				&vh->protocols[vh->default_protocol_index];
+		else { /* this is the only time he will transition */
+			lws_bind_protocol(new_wsi,
+				&vh->protocols[vh->raw_protocol_index]);
+			lws_union_transition(new_wsi, LWSCM_RAW);
+		}
+
+	if (type & LWS_ADOPT_SOCKET) { /* socket desc */
+		lwsl_debug("%s: new wsi %p, sockfd %d\n", __func__, new_wsi,
+			   (int)(lws_intptr_t)fd.sockfd);
+
+		if (type & LWS_ADOPT_HTTP)
+			/* the transport is accepted...
+			 * give him time to negotiate */
+			lws_set_timeout(new_wsi,
+					PENDING_TIMEOUT_ESTABLISH_WITH_SERVER,
+					context->timeout_secs);
+
+#if LWS_POSIX == 0
+#if defined(LWS_WITH_ESP8266)
+		esp8266_tcp_stream_accept(accept_fd, new_wsi);
+#endif
+#endif
+	} else /* file desc */
+		lwsl_debug("%s: new wsi %p, filefd %d\n", __func__, new_wsi,
+			   (int)(lws_intptr_t)fd.filefd);
+
+	/*
+	 * A new connection was accepted. Give the user a chance to
+	 * set properties of the newly created wsi. There's no protocol
+	 * selected yet so we issue this to the vhosts's default protocol,
+	 * itself by default protocols[0]
+	 */
+	n = LWS_CALLBACK_SERVER_NEW_CLIENT_INSTANTIATED;
+	if (!(type & LWS_ADOPT_HTTP)) {
+		if (!(type & LWS_ADOPT_SOCKET))
+			n = LWS_CALLBACK_RAW_ADOPT_FILE;
+		else
+			n = LWS_CALLBACK_RAW_ADOPT;
+	}
+
+	if (!LWS_SSL_ENABLED(new_wsi->vhost) || !(type & LWS_ADOPT_ALLOW_SSL) ||
+	    !(type & LWS_ADOPT_SOCKET)) {
+		/* non-SSL */
+		if (!(type & LWS_ADOPT_HTTP)) {
+			if (!(type & LWS_ADOPT_SOCKET))
+				new_wsi->mode = LWSCM_RAW_FILEDESC;
+			else
+				new_wsi->mode = LWSCM_RAW;
+		}
+	} else {
+		/* SSL */
+		if (!(type & LWS_ADOPT_HTTP))
+			new_wsi->mode = LWSCM_SSL_INIT_RAW;
+		else
+			new_wsi->mode = LWSCM_SSL_INIT;
+
+		ssl = 1;
+	}
+
+	lws_libev_accept(new_wsi, new_wsi->desc);
+	lws_libuv_accept(new_wsi, new_wsi->desc);
+	lws_libevent_accept(new_wsi, new_wsi->desc);
+
+	if (!ssl) {
+		if (insert_wsi_socket_into_fds(context, new_wsi)) {
+			lwsl_err("%s: fail inserting socket\n", __func__);
+			goto fail;
+		}
+	} else
+		if (lws_server_socket_service_ssl(new_wsi, fd.sockfd)) {
+			lwsl_info("%s: fail ssl negotiation\n", __func__);
+			goto fail;
+		}
+
+	/*
+	 *  by deferring callback to this point, after insertion to fds,
+	 * lws_callback_on_writable() can work from the callback
+	 */
+	if ((new_wsi->protocol->callback)(
+			new_wsi, n, new_wsi->user_space, NULL, 0))
+		goto fail;
+
+	if (type & LWS_ADOPT_HTTP) {
+		if (!lws_header_table_attach(new_wsi, 0))
+			lwsl_debug("Attached ah immediately\n");
+		else
+			lwsl_info("%s: waiting for ah\n", __func__);
+	}
+
+	return new_wsi;
+
+fail:
+	if (type & LWS_ADOPT_SOCKET)
+		lws_close_free_wsi(new_wsi, LWS_CLOSE_STATUS_NOSTATUS);
+
+	return NULL;
+
+bail:
+       lwsl_notice("%s: exiting on bail\n", __func__);
+	if (parent)
+		parent->child_list = new_wsi->sibling_list;
+	if (new_wsi->user_space)
+		lws_free(new_wsi->user_space);
+	lws_free(new_wsi);
+       compatible_close(fd.sockfd);
+
+	return NULL;
+}
+
+LWS_VISIBLE struct lws *
+lws_adopt_socket_vhost(struct lws_vhost *vh, lws_sockfd_type accept_fd)
+{
+	lws_sock_file_fd_type fd;
+
+	fd.sockfd = accept_fd;
+	return lws_adopt_descriptor_vhost(vh, LWS_ADOPT_SOCKET |
+			LWS_ADOPT_HTTP | LWS_ADOPT_ALLOW_SSL, fd, NULL, NULL);
+}
+
+LWS_VISIBLE struct lws *
+lws_adopt_socket(struct lws_context *context, lws_sockfd_type accept_fd)
+{
+	return lws_adopt_socket_vhost(context->vhost_list, accept_fd);
+}
+
+/* Common read-buffer adoption for lws_adopt_*_readbuf */
+static struct lws*
+adopt_socket_readbuf(struct lws *wsi, const char *readbuf, size_t len)
+{
+	struct lws_context_per_thread *pt;
+	struct allocated_headers *ah;
+	struct lws_pollfd *pfd;
+
+	if (!wsi)
+		return NULL;
+
+	if (!readbuf || len == 0)
+		return wsi;
+
+	if (len > sizeof(ah->rx)) {
+		lwsl_err("%s: rx in too big\n", __func__);
+		goto bail;
+	}
+
+	/*
+	 * we can't process the initial read data until we can attach an ah.
+	 *
+	 * if one is available, get it and place the data in his ah rxbuf...
+	 * wsi with ah that have pending rxbuf get auto-POLLIN service.
+	 *
+	 * no autoservice because we didn't get a chance to attach the
+	 * readbuf data to wsi or ah yet, and we will do it next if we get
+	 * the ah.
+	 */
+	if (wsi->u.hdr.ah || !lws_header_table_attach(wsi, 0)) {
+		ah = wsi->u.hdr.ah;
+		memcpy(ah->rx, readbuf, len);
+		ah->rxpos = 0;
+		ah->rxlen = (int16_t)len;
+
+		lwsl_notice("%s: calling service on readbuf ah\n", __func__);
+		pt = &wsi->context->pt[(int)wsi->tsi];
+
+		/* unlike a normal connect, we have the headers already
+		 * (or the first part of them anyway).
+		 * libuv won't come back and service us without a network
+		 * event, so we need to do the header service right here.
+		 */
+		pfd = &pt->fds[wsi->position_in_fds_table];
+		pfd->revents |= LWS_POLLIN;
+		lwsl_err("%s: calling service\n", __func__);
+		if (lws_service_fd_tsi(wsi->context, pfd, wsi->tsi))
+			/* service closed us */
+			return NULL;
+
+		return wsi;
+	}
+	lwsl_err("%s: deferring handling ah\n", __func__);
+	/*
+	 * hum if no ah came, we are on the wait list and must defer
+	 * dealing with this until the ah arrives.
+	 *
+	 * later successful lws_header_table_attach() will apply the
+	 * below to the rx buffer (via lws_header_table_reset()).
+	 */
+	wsi->u.hdr.preamble_rx = lws_malloc(len, "preamble_rx");
+	if (!wsi->u.hdr.preamble_rx) {
+		lwsl_err("OOM\n");
+		goto bail;
+	}
+	memcpy(wsi->u.hdr.preamble_rx, readbuf, len);
+	wsi->u.hdr.preamble_rx_len = len;
+
+	return wsi;
+
+bail:
+	lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS);
+
+	return NULL;
+}
+
+LWS_VISIBLE struct lws *
+lws_adopt_socket_readbuf(struct lws_context *context, lws_sockfd_type accept_fd,
+			 const char *readbuf, size_t len)
+{
+        return adopt_socket_readbuf(lws_adopt_socket(context, accept_fd),
+        			    readbuf, len);
+}
+
+LWS_VISIBLE struct lws *
+lws_adopt_socket_vhost_readbuf(struct lws_vhost *vhost,
+			       lws_sockfd_type accept_fd,
+			       const char *readbuf, size_t len)
+{
+        return adopt_socket_readbuf(lws_adopt_socket_vhost(vhost, accept_fd),
+        			    readbuf, len);
+}
+
+LWS_VISIBLE int
+lws_server_socket_service(struct lws_context *context, struct lws *wsi,
+			  struct lws_pollfd *pollfd)
+{
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+	lws_sockfd_type accept_fd = LWS_SOCK_INVALID;
+	struct allocated_headers *ah;
+	lws_sock_file_fd_type fd;
+	int opts = LWS_ADOPT_SOCKET | LWS_ADOPT_ALLOW_SSL;
+#if LWS_POSIX
+	struct sockaddr_storage cli_addr;
+	socklen_t clilen;
+#endif
+	int n, len;
+
+	switch (wsi->mode) {
+
+	case LWSCM_HTTP_SERVING:
+	case LWSCM_HTTP_SERVING_ACCEPTED:
+	case LWSCM_HTTP2_SERVING:
+	case LWSCM_RAW:
+
+		/* handle http headers coming in */
+
+		/* pending truncated sends have uber priority */
+
+		if (wsi->trunc_len) {
+			if (!(pollfd->revents & LWS_POLLOUT))
+				break;
+
+			if (lws_issue_raw(wsi, wsi->trunc_alloc +
+					       wsi->trunc_offset,
+					  wsi->trunc_len) < 0)
+				goto fail;
+			/*
+			 * we can't afford to allow input processing to send
+			 * something new, so spin around he event loop until
+			 * he doesn't have any partials
+			 */
+			break;
+		}
+
+		/* any incoming data ready? */
+
+		if (!(pollfd->revents & pollfd->events & LWS_POLLIN))
+			goto try_pollout;
+
+		/*
+		 * If we previously just did POLLIN when IN and OUT were
+		 * signalled (because POLLIN processing may have used up
+		 * the POLLOUT), don't let that happen twice in a row...
+		 * next time we see the situation favour POLLOUT
+		 */
+#if !defined(LWS_WITH_ESP8266)
+		if (wsi->favoured_pollin &&
+		    (pollfd->revents & pollfd->events & LWS_POLLOUT)) {
+			lwsl_notice("favouring pollout\n");
+			wsi->favoured_pollin = 0;
+			goto try_pollout;
+		}
+#endif
+
+		/* these states imply we MUST have an ah attached */
+
+		if (wsi->mode != LWSCM_RAW && (wsi->state == LWSS_HTTP ||
+		    wsi->state == LWSS_HTTP_ISSUING_FILE ||
+		    wsi->state == LWSS_HTTP_HEADERS)) {
+			if (!wsi->u.hdr.ah) {
+				/* no autoservice beacuse we will do it next */
+				if (lws_header_table_attach(wsi, 0)) {
+					lwsl_info("wsi %p: ah get fail\n", wsi);
+					goto try_pollout;
+				}
+			}
+			ah = wsi->u.hdr.ah;
+
+			/* if nothing in ah rx buffer, get some fresh rx */
+			if (ah->rxpos == ah->rxlen) {
+				ah->rxlen = lws_ssl_capable_read(wsi, ah->rx,
+						   sizeof(ah->rx));
+				ah->rxpos = 0;
+				switch (ah->rxlen) {
+				case 0:
+					lwsl_info("%s: read 0 len a\n", __func__);
+					wsi->seen_zero_length_recv = 1;
+					lws_change_pollfd(wsi, LWS_POLLIN, 0);
+					goto try_pollout;
+					/* fallthru */
+				case LWS_SSL_CAPABLE_ERROR:
+					goto fail;
+				case LWS_SSL_CAPABLE_MORE_SERVICE:
+					ah->rxlen = ah->rxpos = 0;
+					goto try_pollout;
+				}
+
+				/*
+				 *  make sure ah does not get detached if we
+				 * have live data in the rx
+				 */
+				if (ah->rxlen)
+					wsi->more_rx_waiting = 1;
+			}
+
+			if (!(ah->rxpos != ah->rxlen && ah->rxlen)) {
+				lwsl_err("%s: assert: rxpos %d, rxlen %d\n",
+					 __func__, ah->rxpos, ah->rxlen);
+
+				assert(0);
+			}
+			
+			/* just ignore incoming if waiting for close */
+			if (wsi->state != LWSS_FLUSHING_STORED_SEND_BEFORE_CLOSE &&
+			    wsi->state != LWSS_HTTP_ISSUING_FILE) {
+				/*
+				 * otherwise give it to whoever wants it
+				 * according to the connection state
+				 */
+
+				n = lws_read(wsi, ah->rx + ah->rxpos,
+					     ah->rxlen - ah->rxpos);
+				if (n < 0) /* we closed wsi */
+					return 1;
+
+				if (!wsi->u.hdr.ah)
+					break;
+				if ( wsi->u.hdr.ah->rxlen)
+					 wsi->u.hdr.ah->rxpos += n;
+
+				lwsl_debug("%s: wsi %p: ah read rxpos %d, rxlen %d\n",
+					   __func__, wsi, wsi->u.hdr.ah->rxpos,
+					   wsi->u.hdr.ah->rxlen);
+
+				if (lws_header_table_is_in_detachable_state(wsi) &&
+				    (wsi->mode != LWSCM_HTTP_SERVING &&
+				     wsi->mode != LWSCM_HTTP_SERVING_ACCEPTED &&
+				     wsi->mode != LWSCM_HTTP2_SERVING))
+					lws_header_table_detach(wsi, 1);
+
+				break;
+			}
+
+			goto try_pollout;
+		}
+
+		len = lws_ssl_capable_read(wsi, pt->serv_buf,
+					   context->pt_serv_buf_size);
+		lwsl_debug("%s: wsi %p read %d\r\n", __func__, wsi, len);
+		switch (len) {
+		case 0:
+			lwsl_info("%s: read 0 len b\n", __func__);
+
+			/* fallthru */
+		case LWS_SSL_CAPABLE_ERROR:
+			goto fail;
+		case LWS_SSL_CAPABLE_MORE_SERVICE:
+			goto try_pollout;
+		}
+		
+		if (len < 0) /* coverity */
+			goto fail;
+
+		if (wsi->mode == LWSCM_RAW) {
+			n = user_callback_handle_rxflow(wsi->protocol->callback,
+					wsi, LWS_CALLBACK_RAW_RX,
+					wsi->user_space, pt->serv_buf, len);
+			if (n < 0) {
+				lwsl_info("LWS_CALLBACK_RAW_RX_fail\n");
+				goto fail;
+			}
+			goto try_pollout;
+		}
+
+		/* just ignore incoming if waiting for close */
+		if (wsi->state != LWSS_FLUSHING_STORED_SEND_BEFORE_CLOSE &&
+		    wsi->state != LWSS_HTTP_ISSUING_FILE) {
+			/*
+			 * this may want to send
+			 * (via HTTP callback for example)
+			 */
+			n = lws_read(wsi, pt->serv_buf, len);
+			if (n < 0) /* we closed wsi */
+				return 1;
+			/*
+			 *  he may have used up the
+			 * writability above, if we will defer POLLOUT
+			 * processing in favour of POLLIN, note it
+			 */
+			if (pollfd->revents & LWS_POLLOUT)
+				wsi->favoured_pollin = 1;
+			break;
+		}
+		/*
+		 *  he may have used up the
+		 * writability above, if we will defer POLLOUT
+		 * processing in favour of POLLIN, note it
+		 */
+		if (pollfd->revents & LWS_POLLOUT)
+			wsi->favoured_pollin = 1;
+
+try_pollout:
+		
+		/* this handles POLLOUT for http serving fragments */
+
+		if (!(pollfd->revents & LWS_POLLOUT))
+			break;
+
+		/* one shot */
+		if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) {
+			lwsl_notice("%s a\n", __func__);
+			goto fail;
+		}
+
+		if (wsi->mode == LWSCM_RAW) {
+			lws_stats_atomic_bump(wsi->context, pt,
+						LWSSTATS_C_WRITEABLE_CB, 1);
+#if defined(LWS_WITH_STATS)
+			if (wsi->active_writable_req_us) {
+				uint64_t ul = time_in_microseconds() -
+						wsi->active_writable_req_us;
+
+				lws_stats_atomic_bump(wsi->context, pt,
+						LWSSTATS_MS_WRITABLE_DELAY, ul);
+				lws_stats_atomic_max(wsi->context, pt,
+					  LWSSTATS_MS_WORST_WRITABLE_DELAY, ul);
+				wsi->active_writable_req_us = 0;
+			}
+#endif
+			n = user_callback_handle_rxflow(wsi->protocol->callback,
+					wsi, LWS_CALLBACK_RAW_WRITEABLE,
+					wsi->user_space, NULL, 0);
+			if (n < 0) {
+				lwsl_info("writeable_fail\n");
+				goto fail;
+			}
+			break;
+		}
+
+		if (!wsi->hdr_parsing_completed)
+			break;
+
+		if (wsi->state != LWSS_HTTP_ISSUING_FILE) {
+
+			lws_stats_atomic_bump(wsi->context, pt,
+						LWSSTATS_C_WRITEABLE_CB, 1);
+#if defined(LWS_WITH_STATS)
+			if (wsi->active_writable_req_us) {
+				uint64_t ul = time_in_microseconds() -
+						wsi->active_writable_req_us;
+
+				lws_stats_atomic_bump(wsi->context, pt,
+						LWSSTATS_MS_WRITABLE_DELAY, ul);
+				lws_stats_atomic_max(wsi->context, pt,
+					  LWSSTATS_MS_WORST_WRITABLE_DELAY, ul);
+				wsi->active_writable_req_us = 0;
+			}
+#endif
+
+			n = user_callback_handle_rxflow(wsi->protocol->callback,
+					wsi, LWS_CALLBACK_HTTP_WRITEABLE,
+					wsi->user_space, NULL, 0);
+			if (n < 0) {
+				lwsl_info("writeable_fail\n");
+				goto fail;
+			}
+			break;
+		}
+
+		/* >0 == completion, <0 == error
+		 *
+		 * We'll get a LWS_CALLBACK_HTTP_FILE_COMPLETION callback when
+		 * it's done.  That's the case even if we just completed the
+		 * send, so wait for that.
+		 */
+		n = lws_serve_http_file_fragment(wsi);
+		if (n < 0)
+			goto fail;
+
+		break;
+
+	case LWSCM_SERVER_LISTENER:
+
+#if LWS_POSIX
+		/* pollin means a client has connected to us then */
+
+		do {
+			if (!(pollfd->revents & LWS_POLLIN) ||
+			    !(pollfd->events & LWS_POLLIN))
+				break;
+
+#ifdef LWS_OPENSSL_SUPPORT
+			/*
+			 * can we really accept it, with regards to SSL limit?
+			 * another vhost may also have had POLLIN on his listener this
+			 * round and used it up already
+			 */
+
+			if (wsi->vhost->use_ssl &&
+			    context->simultaneous_ssl_restriction &&
+			    context->simultaneous_ssl ==
+					  context->simultaneous_ssl_restriction)
+				/* no... ignore it, he won't come again until we are
+				 * below the simultaneous_ssl_restriction limit and
+				 * POLLIN is enabled on him again
+				 */
+				break;
+#endif
+			/* listen socket got an unencrypted connection... */
+
+			clilen = sizeof(cli_addr);
+			lws_latency_pre(context, wsi);
+
+			/*
+			 * We cannot identify the peer who is in the listen
+			 * socket connect queue before we accept it; even if
+			 * we could, not accepting it due to PEER_LIMITS would
+			 * block the connect queue for other legit peers.
+			 */
+			accept_fd  = accept(pollfd->fd, (struct sockaddr *)&cli_addr,
+					    &clilen);
+			lws_latency(context, wsi, "listener accept", accept_fd,
+				    accept_fd >= 0);
+			if (accept_fd < 0) {
+				if (LWS_ERRNO == LWS_EAGAIN ||
+				    LWS_ERRNO == LWS_EWOULDBLOCK) {
+					break;
+				}
+				lwsl_err("ERROR on accept: %s\n", strerror(LWS_ERRNO));
+				break;
+			}
+
+			lws_plat_set_socket_options(wsi->vhost, accept_fd);
+
+#if defined(LWS_WITH_IPV6)
+			lwsl_debug("accepted new conn port %u on fd=%d\n",
+				((cli_addr.ss_family == AF_INET6) ?
+				ntohs(((struct sockaddr_in6 *) &cli_addr)->sin6_port) :
+				ntohs(((struct sockaddr_in *) &cli_addr)->sin_port)),
+				accept_fd);
+#else
+			lwsl_debug("accepted new conn port %u on fd=%d\n",
+				   ntohs(((struct sockaddr_in *) &cli_addr)->sin_port),
+				   accept_fd);
+#endif
+
+#else
+			/* not very beautiful... */
+			accept_fd = (lws_sockfd_type)pollfd;
+#endif
+			/*
+			 * look at who we connected to and give user code a chance
+			 * to reject based on client IP.  There's no protocol selected
+			 * yet so we issue this to protocols[0]
+			 */
+			if ((wsi->vhost->protocols[0].callback)(wsi,
+					LWS_CALLBACK_FILTER_NETWORK_CONNECTION,
+					NULL, (void *)(lws_intptr_t)accept_fd, 0)) {
+				lwsl_debug("Callback denied network connection\n");
+				compatible_close(accept_fd);
+				break;
+			}
+
+			if (!(wsi->vhost->options & LWS_SERVER_OPTION_ONLY_RAW))
+				opts |= LWS_ADOPT_HTTP;
+			else
+				opts = LWS_ADOPT_SOCKET;
+
+			fd.sockfd = accept_fd;
+			if (!lws_adopt_descriptor_vhost(wsi->vhost, opts, fd,
+							NULL, NULL))
+				/* already closed cleanly as necessary */
+				return 1;
+
+#if LWS_POSIX
+		} while (pt->fds_count < context->fd_limit_per_thread - 1 &&
+			 lws_poll_listen_fd(&pt->fds[wsi->position_in_fds_table]) > 0);
+#endif
+		return 0;
+
+	default:
+		break;
+	}
+
+	if (!lws_server_socket_service_ssl(wsi, accept_fd))
+		return 0;
+
+fail:
+	lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS);
+
+	return 1;
+}
+
+LWS_VISIBLE int
+lws_serve_http_file(struct lws *wsi, const char *file, const char *content_type,
+		    const char *other_headers, int other_headers_len)
+{
+	static const char * const intermediates[] = { "private", "public" };
+	struct lws_context *context = lws_get_context(wsi);
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+#if defined(LWS_WITH_RANGES)
+	struct lws_range_parsing *rp = &wsi->u.http.range;
+#endif
+	char cache_control[50], *cc = "no-store";
+	unsigned char *response = pt->serv_buf + LWS_PRE;
+	unsigned char *p = response;
+	unsigned char *end = p + context->pt_serv_buf_size - LWS_PRE;
+	lws_filepos_t computed_total_content_length;
+	int ret = 0, cclen = 8, n = HTTP_STATUS_OK;
+	lws_fop_flags_t fflags = LWS_O_RDONLY;
+#if defined(LWS_WITH_RANGES)
+	int ranges;
+#endif
+	const struct lws_plat_file_ops *fops;
+	const char *vpath;
+
+	/*
+	 * We either call the platform fops .open with first arg platform fops,
+	 * or we call fops_zip .open with first arg platform fops, and fops_zip
+	 * open will decide whether to switch to fops_zip or stay with fops_def.
+	 *
+	 * If wsi->u.http.fop_fd is already set, the caller already opened it
+	 */
+	if (!wsi->u.http.fop_fd) {
+		fops = lws_vfs_select_fops(wsi->context->fops, file, &vpath);
+		fflags |= lws_vfs_prepare_flags(wsi);
+		wsi->u.http.fop_fd = fops->LWS_FOP_OPEN(wsi->context->fops,
+							file, vpath, &fflags);
+		if (!wsi->u.http.fop_fd) {
+			lwsl_err("Unable to open '%s'\n", file);
+
+			return -1;
+		}
+	}
+	wsi->u.http.filelen = lws_vfs_get_length(wsi->u.http.fop_fd);
+	computed_total_content_length = wsi->u.http.filelen;
+
+#if defined(LWS_WITH_RANGES)
+	ranges = lws_ranges_init(wsi, rp, wsi->u.http.filelen);
+
+	lwsl_debug("Range count %d\n", ranges);
+	/*
+	 * no ranges -> 200;
+	 *  1 range  -> 206 + Content-Type: normal; Content-Range;
+	 *  more     -> 206 + Content-Type: multipart/byteranges
+	 *  		Repeat the true Content-Type in each multipart header
+	 *  		along with Content-Range
+	 */
+	if (ranges < 0) {
+		/* it means he expressed a range in Range:, but it was illegal */
+		lws_return_http_status(wsi, HTTP_STATUS_REQ_RANGE_NOT_SATISFIABLE,
+				       NULL);
+		if (lws_http_transaction_completed(wsi))
+			return -1; /* <0 means just hang up */
+
+		lws_vfs_file_close(&wsi->u.http.fop_fd);
+
+		return 0; /* == 0 means we dealt with the transaction complete */
+	}
+	if (ranges)
+		n = HTTP_STATUS_PARTIAL_CONTENT;
+#endif
+
+	if (lws_add_http_header_status(wsi, n, &p, end))
+		return -1;
+
+	if ((wsi->u.http.fop_fd->flags & (LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP |
+		       LWS_FOP_FLAG_COMPR_IS_GZIP)) ==
+	    (LWS_FOP_FLAG_COMPR_ACCEPTABLE_GZIP | LWS_FOP_FLAG_COMPR_IS_GZIP)) {
+		if (lws_add_http_header_by_token(wsi,
+			WSI_TOKEN_HTTP_CONTENT_ENCODING,
+			(unsigned char *)"gzip", 4, &p, end))
+			return -1;
+		lwsl_info("file is being provided in gzip\n");
+	}
+
+	if (
+#if defined(LWS_WITH_RANGES)
+	    ranges < 2 &&
+#endif
+	    content_type && content_type[0])
+		if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE,
+						 (unsigned char *)content_type,
+						 strlen(content_type), &p, end))
+			return -1;
+
+#if defined(LWS_WITH_RANGES)
+	if (ranges >= 2) { /* multipart byteranges */
+		strncpy(wsi->u.http.multipart_content_type, content_type,
+			sizeof(wsi->u.http.multipart_content_type) - 1);
+		wsi->u.http.multipart_content_type[
+		         sizeof(wsi->u.http.multipart_content_type) - 1] = '\0';
+		if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_TYPE,
+			 (unsigned char *)"multipart/byteranges; boundary=_lws",
+			 20, &p, end))
+			return -1;
+
+		/*
+		 *  our overall content length has to include
+		 *
+		 *  - (n + 1) x "_lws\r\n"
+		 *  - n x Content-Type: xxx/xxx\r\n
+		 *  - n x Content-Range: bytes xxx-yyy/zzz\r\n
+		 *  - n x /r/n
+		 *  - the actual payloads (aggregated in rp->agg)
+		 *
+		 *  Precompute it for the main response header
+		 */
+
+		computed_total_content_length = (lws_filepos_t)rp->agg +
+						6 /* final _lws\r\n */;
+
+		lws_ranges_reset(rp);
+		while (lws_ranges_next(rp)) {
+			n = lws_snprintf(cache_control, sizeof(cache_control),
+					"bytes %llu-%llu/%llu",
+					rp->start, rp->end, rp->extent);
+
+			computed_total_content_length +=
+				6 /* header _lws\r\n */ +
+				/* Content-Type: xxx/xxx\r\n */
+				14 + strlen(content_type) + 2 +
+				/* Content-Range: xxxx\r\n */
+				15 + n + 2 +
+				2; /* /r/n */
+		}
+
+		lws_ranges_reset(rp);
+		lws_ranges_next(rp);
+	}
+
+	if (ranges == 1) {
+		computed_total_content_length = (lws_filepos_t)rp->agg;
+		n = lws_snprintf(cache_control, sizeof(cache_control),
+				 "bytes %llu-%llu/%llu",
+				 rp->start, rp->end, rp->extent);
+
+		if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CONTENT_RANGE,
+						 (unsigned char *)cache_control,
+						 n, &p, end))
+			return -1;
+	}
+
+	wsi->u.http.range.inside = 0;
+
+	if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_ACCEPT_RANGES,
+					 (unsigned char *)"bytes", 5, &p, end))
+		return -1;
+#endif
+
+	if (!wsi->sending_chunked) {
+		if (lws_add_http_header_content_length(wsi,
+						       computed_total_content_length,
+						       &p, end))
+			return -1;
+	} else {
+		if (lws_add_http_header_by_token(wsi,
+						 WSI_TOKEN_HTTP_TRANSFER_ENCODING,
+						 (unsigned char *)"chunked",
+						 7, &p, end))
+			return -1;
+	}
+
+	if (wsi->cache_secs && wsi->cache_reuse) {
+		if (wsi->cache_revalidate) {
+			cc = cache_control;
+			cclen = sprintf(cache_control, "%s max-age: %u",
+				    intermediates[wsi->cache_intermediaries],
+				    wsi->cache_secs);
+		} else {
+			cc = "no-cache";
+			cclen = 8;
+		}
+	}
+
+	if (lws_add_http_header_by_token(wsi, WSI_TOKEN_HTTP_CACHE_CONTROL,
+			(unsigned char *)cc, cclen, &p, end))
+		return -1;
+
+	if (wsi->u.http.connection_type == HTTP_CONNECTION_KEEP_ALIVE)
+		if (lws_add_http_header_by_token(wsi, WSI_TOKEN_CONNECTION,
+				(unsigned char *)"keep-alive", 10, &p, end))
+			return -1;
+
+	if (other_headers) {
+		if ((end - p) < other_headers_len)
+			return -1;
+		memcpy(p, other_headers, other_headers_len);
+		p += other_headers_len;
+	}
+
+	if (lws_finalize_http_header(wsi, &p, end))
+		return -1;
+
+	ret = lws_write(wsi, response, p - response, LWS_WRITE_HTTP_HEADERS);
+	if (ret != (p - response)) {
+		lwsl_err("_write returned %d from %ld\n", ret,
+			 (long)(p - response));
+		return -1;
+	}
+
+	wsi->u.http.filepos = 0;
+	wsi->state = LWSS_HTTP_ISSUING_FILE;
+
+	lws_callback_on_writable(wsi);
+
+	return 0;
+}
+
+int
+lws_interpret_incoming_packet(struct lws *wsi, unsigned char **buf, size_t len)
+{
+	int m;
+
+	lwsl_parser("%s: received %d byte packet\n", __func__, (int)len);
+#if 0
+	lwsl_hexdump(*buf, len);
+#endif
+
+	/* let the rx protocol state machine have as much as it needs */
+
+	while (len) {
+		/*
+		 * we were accepting input but now we stopped doing so
+		 */
+		if (wsi->rxflow_bitmap) {
+			lws_rxflow_cache(wsi, *buf, 0, len);
+			lwsl_parser("%s: cached %ld\n", __func__, (long)len);
+			return 1;
+		}
+
+		if (wsi->u.ws.rx_draining_ext) {
+			m = lws_rx_sm(wsi, 0);
+			if (m < 0)
+				return -1;
+			continue;
+		}
+
+		/* account for what we're using in rxflow buffer */
+		if (wsi->rxflow_buffer) {
+			wsi->rxflow_pos++;
+			if (wsi->rxflow_pos > wsi->rxflow_len) {
+				lwsl_err("bumped rxflow buffer too far (%d / %d)", wsi->rxflow_pos, wsi->rxflow_len);
+				assert(0);
+			}
+		}
+
+		/* consume payload bytes efficiently */
+		if (wsi->lws_rx_parse_state ==
+		    LWS_RXPS_PAYLOAD_UNTIL_LENGTH_EXHAUSTED) {
+			m = lws_payload_until_length_exhausted(wsi, buf, &len);
+			if (wsi->rxflow_buffer)
+				wsi->rxflow_pos += m;
+		}
+
+		if (wsi->rxflow_buffer && wsi->rxflow_pos == wsi->rxflow_len) {
+			lwsl_debug("%s: %p flow buf: drained\n", __func__, wsi);
+			lws_free_set_NULL(wsi->rxflow_buffer);
+			/* having drained the rxflow buffer, can rearm POLLIN */
+#ifdef LWS_NO_SERVER
+			m =
+#endif
+			_lws_rx_flow_control(wsi);
+			/* m ignored, needed for NO_SERVER case */
+		}
+
+		/* process the byte */
+		m = lws_rx_sm(wsi, *(*buf)++);
+		if (m < 0)
+			return -1;
+		len--;
+	}
+
+	lwsl_parser("%s: exit with %d unused\n", __func__, (int)len);
+
+	return 0;
+}
+
+LWS_VISIBLE void
+lws_server_get_canonical_hostname(struct lws_context *context,
+				  struct lws_context_creation_info *info)
+{
+	if (lws_check_opt(info->options,
+			LWS_SERVER_OPTION_SKIP_SERVER_CANONICAL_NAME))
+		return;
+#if LWS_POSIX && !defined(LWS_WITH_ESP32)
+	/* find canonical hostname */
+	gethostname((char *)context->canonical_hostname,
+		    sizeof(context->canonical_hostname) - 1);
+
+	lwsl_info(" canonical_hostname = %s\n", context->canonical_hostname);
+#else
+	(void)context;
+#endif
+}
+
+
+LWS_VISIBLE LWS_EXTERN int
+lws_chunked_html_process(struct lws_process_html_args *args,
+			 struct lws_process_html_state *s)
+{
+	char *sp, buffer[32];
+	const char *pc;
+	int old_len, n;
+
+	/* do replacements */
+	sp = args->p;
+	old_len = args->len;
+	args->len = 0;
+	s->start = sp;
+	while (sp < args->p + old_len) {
+
+		if (args->len + 7 >= args->max_len) {
+			lwsl_err("Used up interpret padding\n");
+			return -1;
+		}
+
+		if ((!s->pos && *sp == '$') || s->pos) {
+			int hits = 0, hit = 0;
+
+			if (!s->pos)
+				s->start = sp;
+			s->swallow[s->pos++] = *sp;
+			if (s->pos == sizeof(s->swallow) - 1)
+				goto skip;
+			for (n = 0; n < s->count_vars; n++)
+				if (!strncmp(s->swallow, s->vars[n], s->pos)) {
+					hits++;
+					hit = n;
+				}
+			if (!hits) {
+skip:
+				s->swallow[s->pos] = '\0';
+				memcpy(s->start, s->swallow, s->pos);
+				args->len++;
+				s->pos = 0;
+				sp = s->start + 1;
+				continue;
+			}
+			if (hits == 1 && s->pos == strlen(s->vars[hit])) {
+				pc = s->replace(s->data, hit);
+				if (!pc)
+					pc = "NULL";
+				n = strlen(pc);
+				s->swallow[s->pos] = '\0';
+				if (n != s->pos) {
+					memmove(s->start + n,
+						s->start + s->pos,
+						old_len - (sp - args->p));
+					old_len += (n - s->pos) + 1;
+				}
+				memcpy(s->start, pc, n);
+				args->len++;
+				sp = s->start + 1;
+
+				s->pos = 0;
+			}
+			sp++;
+			continue;
+		}
+
+		args->len++;
+		sp++;
+	}
+
+	/* no space left for final chunk trailer */
+	if (args->final && args->len + 7 >= args->max_len)
+		return -1;
+
+	n = sprintf(buffer, "%X\x0d\x0a", args->len);
+
+	args->p -= n;
+	memcpy(args->p, buffer, n);
+	args->len += n;
+
+	if (args->final) {
+		sp = args->p + args->len;
+		*sp++ = '\x0d';
+		*sp++ = '\x0a';
+		*sp++ = '0';
+		*sp++ = '\x0d';
+		*sp++ = '\x0a';
+		*sp++ = '\x0d';
+		*sp++ = '\x0a';
+		args->len += 7;
+	} else {
+		sp = args->p + args->len;
+		*sp++ = '\x0d';
+		*sp++ = '\x0a';
+		args->len += 2;
+	}
+
+	return 0;
+}
diff --git a/thirdparty/lws/server/ssl-server.c b/thirdparty/lws/server/ssl-server.c
new file mode 100644
index 0000000000..a9516f2239
--- /dev/null
+++ b/thirdparty/lws/server/ssl-server.c
@@ -0,0 +1,477 @@
+/*
+ * libwebsockets - small server side websockets and web server implementation
+ *
+ * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com>
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation:
+ *  version 2.1 of the License.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA  02110-1301  USA
+ */
+
+#include "private-libwebsockets.h"
+
+extern int openssl_websocket_private_data_index,
+    openssl_SSL_CTX_private_data_index;
+
+extern void
+lws_ssl_bind_passphrase(SSL_CTX *ssl_ctx, struct lws_context_creation_info *info);
+
+#if !defined(LWS_WITH_MBEDTLS)
+static int
+OpenSSL_verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx)
+{
+	SSL *ssl;
+	int n;
+	struct lws *wsi;
+
+	ssl = X509_STORE_CTX_get_ex_data(x509_ctx,
+		SSL_get_ex_data_X509_STORE_CTX_idx());
+
+	/*
+	 * !!! nasty openssl requires the index to come as a library-scope
+	 * static
+	 */
+	wsi = SSL_get_ex_data(ssl, openssl_websocket_private_data_index);
+
+	n = wsi->vhost->protocols[0].callback(wsi,
+			LWS_CALLBACK_OPENSSL_PERFORM_CLIENT_CERT_VERIFICATION,
+					   x509_ctx, ssl, preverify_ok);
+
+	/* convert return code from 0 = OK to 1 = OK */
+	return !n;
+}
+#endif
+
+static int
+lws_context_ssl_init_ecdh(struct lws_vhost *vhost)
+{
+#ifdef LWS_SSL_SERVER_WITH_ECDH_CERT
+	EC_KEY *EC_key = NULL;
+	EVP_PKEY *pkey;
+	int KeyType;
+	X509 *x;
+
+	if (!lws_check_opt(vhost->context->options, LWS_SERVER_OPTION_SSL_ECDH))
+		return 0;
+
+	lwsl_notice(" Using ECDH certificate support\n");
+
+	/* Get X509 certificate from ssl context */
+	x = sk_X509_value(vhost->ssl_ctx->extra_certs, 0);
+	if (!x) {
+		lwsl_err("%s: x is NULL\n", __func__);
+		return 1;
+	}
+	/* Get the public key from certificate */
+	pkey = X509_get_pubkey(x);
+	if (!pkey) {
+		lwsl_err("%s: pkey is NULL\n", __func__);
+
+		return 1;
+	}
+	/* Get the key type */
+	KeyType = EVP_PKEY_type(pkey->type);
+
+	if (EVP_PKEY_EC != KeyType) {
+		lwsl_notice("Key type is not EC\n");
+		return 0;
+	}
+	/* Get the key */
+	EC_key = EVP_PKEY_get1_EC_KEY(pkey);
+	/* Set ECDH parameter */
+	if (!EC_key) {
+		lwsl_err("%s: ECDH key is NULL \n", __func__);
+		return 1;
+	}
+	SSL_CTX_set_tmp_ecdh(vhost->ssl_ctx, EC_key);
+	EC_KEY_free(EC_key);
+#endif
+	return 0;
+}
+
+static int
+lws_context_ssl_init_ecdh_curve(struct lws_context_creation_info *info,
+				struct lws_vhost *vhost)
+{
+#if defined(LWS_HAVE_OPENSSL_ECDH_H) && !defined(LWS_WITH_MBEDTLS)
+	EC_KEY *ecdh;
+	int ecdh_nid;
+	const char *ecdh_curve = "prime256v1";
+
+	if (info->ecdh_curve)
+		ecdh_curve = info->ecdh_curve;
+
+	ecdh_nid = OBJ_sn2nid(ecdh_curve);
+	if (NID_undef == ecdh_nid) {
+		lwsl_err("SSL: Unknown curve name '%s'", ecdh_curve);
+		return 1;
+	}
+
+	ecdh = EC_KEY_new_by_curve_name(ecdh_nid);
+	if (NULL == ecdh) {
+		lwsl_err("SSL: Unable to create curve '%s'", ecdh_curve);
+		return 1;
+	}
+	SSL_CTX_set_tmp_ecdh(vhost->ssl_ctx, ecdh);
+	EC_KEY_free(ecdh);
+
+	SSL_CTX_set_options(vhost->ssl_ctx, SSL_OP_SINGLE_ECDH_USE);
+
+	lwsl_notice(" SSL ECDH curve '%s'\n", ecdh_curve);
+#else
+#if !defined(LWS_WITH_MBEDTLS)
+	lwsl_notice(" OpenSSL doesn't support ECDH\n");
+#endif
+#endif
+	return 0;
+}
+
+#if !defined(LWS_WITH_MBEDTLS) && defined(SSL_TLSEXT_ERR_NOACK) && !defined(OPENSSL_NO_TLSEXT)
+static int
+lws_ssl_server_name_cb(SSL *ssl, int *ad, void *arg)
+{
+	struct lws_context *context = (struct lws_context *)arg;
+	struct lws_vhost *vhost, *vh;
+	const char *servername;
+
+	if (!ssl)
+		return SSL_TLSEXT_ERR_NOACK;
+
+	/*
+	 * We can only get ssl accepted connections by using a vhost's ssl_ctx
+	 * find out which listening one took us and only match vhosts on the
+	 * same port.
+	 */
+	vh = context->vhost_list;
+	while (vh) {
+		if (!vh->being_destroyed && vh->ssl_ctx == SSL_get_SSL_CTX(ssl))
+			break;
+		vh = vh->vhost_next;
+	}
+
+	if (!vh) {
+		assert(vh); /* can't match the incoming vh? */
+		return SSL_TLSEXT_ERR_OK;
+	}
+
+	servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
+	if (!servername) {
+		/* the client doesn't know what hostname it wants */
+		lwsl_info("SNI: Unknown ServerName: %s\n", servername);
+
+		return SSL_TLSEXT_ERR_OK;
+	}
+
+	vhost = lws_select_vhost(context, vh->listen_port, servername);
+	if (!vhost) {
+		lwsl_info("SNI: none: %s:%d\n", servername, vh->listen_port);
+
+		return SSL_TLSEXT_ERR_OK;
+	}
+
+	lwsl_info("SNI: Found: %s:%d\n", servername, vh->listen_port);
+
+	/* select the ssl ctx from the selected vhost for this conn */
+	SSL_set_SSL_CTX(ssl, vhost->ssl_ctx);
+
+	return SSL_TLSEXT_ERR_OK;
+}
+#endif
+
+LWS_VISIBLE int
+lws_context_init_server_ssl(struct lws_context_creation_info *info,
+			    struct lws_vhost *vhost)
+{
+	struct lws_context *context = vhost->context;
+	struct lws wsi;
+	unsigned long error;
+	int n;
+
+	if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT)) {
+		vhost->use_ssl = 0;
+		return 0;
+	}
+
+	/*
+	 * If he is giving a cert filepath, take it as a sign he wants to use
+	 * it on this vhost.  User code can leave the cert filepath NULL and
+	 * set the LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX option itself, in
+	 * which case he's expected to set up the cert himself at
+	 * LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS, which
+	 * provides the vhost SSL_CTX * in the user parameter.
+	 */
+	if (info->ssl_cert_filepath)
+		info->options |= LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX;
+
+	if (info->port != CONTEXT_PORT_NO_LISTEN) {
+
+		vhost->use_ssl = lws_check_opt(info->options,
+					LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX);
+
+		if (vhost->use_ssl && info->ssl_cipher_list)
+			lwsl_notice(" SSL ciphers: '%s'\n", info->ssl_cipher_list);
+
+		if (vhost->use_ssl)
+			lwsl_notice(" Using SSL mode\n");
+		else
+			lwsl_notice(" Using non-SSL mode\n");
+	}
+
+	/*
+	 * give him a fake wsi with context + vhost set, so he can use
+	 * lws_get_context() in the callback
+	 */
+	memset(&wsi, 0, sizeof(wsi));
+	wsi.vhost = vhost;
+	wsi.context = context;
+
+	(void)n;
+	(void)error;
+
+	/*
+	 * Firefox insists on SSLv23 not SSLv3
+	 * Konq disables SSLv2 by default now, SSLv23 works
+	 *
+	 * SSLv23_server_method() is the openssl method for "allow all TLS
+	 * versions", compared to e.g. TLSv1_2_server_method() which only allows
+	 * tlsv1.2. Unwanted versions must be disabled using SSL_CTX_set_options()
+	 */
+#if !defined(LWS_WITH_MBEDTLS)
+	{
+		SSL_METHOD *method;
+
+		method = (SSL_METHOD *)SSLv23_server_method();
+		if (!method) {
+			error = ERR_get_error();
+			lwsl_err("problem creating ssl method %lu: %s\n",
+					error, ERR_error_string(error,
+					      (char *)context->pt[0].serv_buf));
+			return 1;
+		}
+		vhost->ssl_ctx = SSL_CTX_new(method);	/* create context */
+		if (!vhost->ssl_ctx) {
+			error = ERR_get_error();
+			lwsl_err("problem creating ssl context %lu: %s\n",
+					error, ERR_error_string(error,
+					      (char *)context->pt[0].serv_buf));
+			return 1;
+		}
+	}
+#else
+	{
+		const SSL_METHOD *method = TLSv1_2_server_method();
+
+		vhost->ssl_ctx = SSL_CTX_new(method);	/* create context */
+		if (!vhost->ssl_ctx) {
+			lwsl_err("problem creating ssl context\n");
+			return 1;
+		}
+
+	}
+#endif
+#if !defined(LWS_WITH_MBEDTLS)
+
+	/* associate the lws context with the SSL_CTX */
+
+	SSL_CTX_set_ex_data(vhost->ssl_ctx,
+			openssl_SSL_CTX_private_data_index, (char *)vhost->context);
+	/* Disable SSLv2 and SSLv3 */
+	SSL_CTX_set_options(vhost->ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
+#ifdef SSL_OP_NO_COMPRESSION
+	SSL_CTX_set_options(vhost->ssl_ctx, SSL_OP_NO_COMPRESSION);
+#endif
+	SSL_CTX_set_options(vhost->ssl_ctx, SSL_OP_SINGLE_DH_USE);
+	SSL_CTX_set_options(vhost->ssl_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
+
+	if (info->ssl_cipher_list)
+		SSL_CTX_set_cipher_list(vhost->ssl_ctx,
+						info->ssl_cipher_list);
+#endif
+
+	/* as a server, are we requiring clients to identify themselves? */
+
+	if (lws_check_opt(info->options,
+			  LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT)) {
+		int verify_options = SSL_VERIFY_PEER;
+
+		if (!lws_check_opt(info->options,
+				   LWS_SERVER_OPTION_PEER_CERT_NOT_REQUIRED))
+			verify_options |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
+
+#if !defined(LWS_WITH_MBEDTLS)
+		SSL_CTX_set_session_id_context(vhost->ssl_ctx,
+				(unsigned char *)context, sizeof(void *));
+
+		/* absolutely require the client cert */
+
+		SSL_CTX_set_verify(vhost->ssl_ctx,
+		       verify_options, OpenSSL_verify_callback);
+#endif
+	}
+
+#if !defined(LWS_WITH_MBEDTLS) && !defined(OPENSSL_NO_TLSEXT)
+	SSL_CTX_set_tlsext_servername_callback(vhost->ssl_ctx,
+					       lws_ssl_server_name_cb);
+	SSL_CTX_set_tlsext_servername_arg(vhost->ssl_ctx, context);
+#endif
+
+	/*
+	 * give user code a chance to load certs into the server
+	 * allowing it to verify incoming client certs
+	 */
+#if !defined(LWS_WITH_MBEDTLS)
+	if (info->ssl_ca_filepath &&
+	    !SSL_CTX_load_verify_locations(vhost->ssl_ctx,
+					   info->ssl_ca_filepath, NULL)) {
+		lwsl_err("%s: SSL_CTX_load_verify_locations unhappy\n", __func__);
+	}
+#endif
+	if (vhost->use_ssl) {
+		if (lws_context_ssl_init_ecdh_curve(info, vhost))
+			return -1;
+
+		vhost->protocols[0].callback(&wsi,
+			LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS,
+			vhost->ssl_ctx, NULL, 0);
+	}
+
+	if (lws_check_opt(info->options, LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT))
+		/* Normally SSL listener rejects non-ssl, optionally allow */
+		vhost->allow_non_ssl_on_ssl_port = 1;
+
+	if (info->ssl_options_set)
+		SSL_CTX_set_options(vhost->ssl_ctx, info->ssl_options_set);
+
+/* SSL_clear_options introduced in 0.9.8m */
+#if !defined(LWS_WITH_MBEDTLS)
+#if (OPENSSL_VERSION_NUMBER >= 0x009080df) && !defined(USE_WOLFSSL)
+	if (info->ssl_options_clear)
+		SSL_CTX_clear_options(vhost->ssl_ctx, info->ssl_options_clear);
+#endif
+#endif
+
+	lwsl_info(" SSL options 0x%lX\n", SSL_CTX_get_options(vhost->ssl_ctx));
+
+	if (vhost->use_ssl && info->ssl_cert_filepath) {
+		/*
+		 * The user code can choose to either pass the cert and
+		 * key filepaths using the info members like this, or it can
+		 * leave them NULL; force the vhost SSL_CTX init using the info
+		 * options flag LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX; and
+		 * set up the cert himself using the user callback
+		 * LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS, which
+		 * happened just above and has the vhost SSL_CTX * in the user
+		 * parameter.
+		 */
+#if !defined(LWS_WITH_MBEDTLS)
+		/* set the local certificate from CertFile */
+		n = SSL_CTX_use_certificate_chain_file(vhost->ssl_ctx,
+					info->ssl_cert_filepath);
+		if (n != 1) {
+			error = ERR_get_error();
+			lwsl_err("problem getting cert '%s' %lu: %s\n",
+				info->ssl_cert_filepath,
+				error,
+				ERR_error_string(error,
+					      (char *)context->pt[0].serv_buf));
+			return 1;
+		}
+		lws_ssl_bind_passphrase(vhost->ssl_ctx, info);
+#else
+		uint8_t *p;
+		lws_filepos_t flen;
+		int err;
+
+		if (alloc_pem_to_der_file(vhost->context, info->ssl_cert_filepath, &p,
+				                &flen)) {
+			lwsl_err("couldn't find cert file %s\n",
+				 info->ssl_cert_filepath);
+
+			return 1;
+		}
+		err = SSL_CTX_use_certificate_ASN1(vhost->ssl_ctx, flen, p);
+		if (!err) {
+			lwsl_err("Problem loading cert\n");
+			return 1;
+		}
+#if !defined(LWS_WITH_ESP32)
+		free(p);
+		p = NULL;
+#endif
+
+		if (info->ssl_private_key_filepath) {
+			if (alloc_pem_to_der_file(vhost->context,
+				       info->ssl_private_key_filepath, &p, &flen)) {
+				lwsl_err("couldn't find cert file %s\n",
+					 info->ssl_cert_filepath);
+
+				return 1;
+			}
+			err = SSL_CTX_use_PrivateKey_ASN1(0, vhost->ssl_ctx, p, flen);
+			if (!err) {
+				lwsl_err("Problem loading key\n");
+
+				return 1;
+			}
+		}
+
+#if !defined(LWS_WITH_ESP32)
+		free(p);
+		p = NULL;
+#endif
+#endif
+		if (info->ssl_private_key_filepath != NULL) {
+#if !defined(LWS_WITH_MBEDTLS)
+			/* set the private key from KeyFile */
+			if (SSL_CTX_use_PrivateKey_file(vhost->ssl_ctx,
+				     info->ssl_private_key_filepath,
+						       SSL_FILETYPE_PEM) != 1) {
+				error = ERR_get_error();
+				lwsl_err("ssl problem getting key '%s' %lu: %s\n",
+					 info->ssl_private_key_filepath, error,
+					 ERR_error_string(error,
+					      (char *)context->pt[0].serv_buf));
+				return 1;
+			}
+#endif
+		} else
+			if (vhost->protocols[0].callback(&wsi,
+				LWS_CALLBACK_OPENSSL_CONTEXT_REQUIRES_PRIVATE_KEY,
+				vhost->ssl_ctx, NULL, 0)) {
+				lwsl_err("ssl private key not set\n");
+
+				return 1;
+			}
+#if !defined(LWS_WITH_MBEDTLS)
+		/* verify private key */
+		if (!SSL_CTX_check_private_key(vhost->ssl_ctx)) {
+			lwsl_err("Private SSL key doesn't match cert\n");
+			return 1;
+		}
+#endif
+	}
+	if (vhost->use_ssl) {
+		if (lws_context_ssl_init_ecdh(vhost))
+			return 1;
+
+		/*
+		 * SSL is happy and has a cert it's content with
+		 * If we're supporting HTTP2, initialize that
+		 */
+		lws_context_init_http2_ssl(vhost);
+	}
+
+	return 0;
+}
+
diff --git a/thirdparty/lws/service.c b/thirdparty/lws/service.c
new file mode 100644
index 0000000000..6748e30bd4
--- /dev/null
+++ b/thirdparty/lws/service.c
@@ -0,0 +1,1699 @@
+/*
+ * libwebsockets - small server side websockets and web server implementation
+ *
+ * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com>
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation:
+ *  version 2.1 of the License.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA  02110-1301  USA
+ */
+
+#include "private-libwebsockets.h"
+
+static int
+lws_calllback_as_writeable(struct lws *wsi)
+{
+	struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
+	int n;
+
+	lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_WRITEABLE_CB, 1);
+#if defined(LWS_WITH_STATS)
+	if (wsi->active_writable_req_us) {
+		uint64_t ul = time_in_microseconds() -
+			      wsi->active_writable_req_us;
+
+		lws_stats_atomic_bump(wsi->context, pt,
+				      LWSSTATS_MS_WRITABLE_DELAY, ul);
+		lws_stats_atomic_max(wsi->context, pt,
+				     LWSSTATS_MS_WORST_WRITABLE_DELAY, ul);
+		wsi->active_writable_req_us = 0;
+	}
+#endif
+
+	switch (wsi->mode) {
+	case LWSCM_RAW:
+		n = LWS_CALLBACK_RAW_WRITEABLE;
+		break;
+	case LWSCM_RAW_FILEDESC:
+		n = LWS_CALLBACK_RAW_WRITEABLE_FILE;
+		break;
+	case LWSCM_WS_CLIENT:
+		n = LWS_CALLBACK_CLIENT_WRITEABLE;
+		break;
+	case LWSCM_WSCL_ISSUE_HTTP_BODY:
+		n = LWS_CALLBACK_CLIENT_HTTP_WRITEABLE;
+		break;
+	case LWSCM_WS_SERVING:
+		n = LWS_CALLBACK_SERVER_WRITEABLE;
+		break;
+	default:
+		n = LWS_CALLBACK_HTTP_WRITEABLE;
+		break;
+	}
+
+	return user_callback_handle_rxflow(wsi->protocol->callback,
+					   wsi, (enum lws_callback_reasons) n,
+					   wsi->user_space, NULL, 0);
+}
+
+LWS_VISIBLE int
+lws_handle_POLLOUT_event(struct lws *wsi, struct lws_pollfd *pollfd)
+{
+	int write_type = LWS_WRITE_PONG;
+	struct lws_tokens eff_buf;
+#ifdef LWS_WITH_HTTP2
+	struct lws **wsi2, *wsi2a;
+#endif
+	int ret, m, n;
+
+	wsi->leave_pollout_active = 0;
+	wsi->handling_pollout = 1;
+	/*
+	 * if another thread wants POLLOUT on us, from here on while
+	 * handling_pollout is set, he will only set leave_pollout_active.
+	 * If we are going to disable POLLOUT, we will check that first.
+	 */
+
+	/*
+	 * user callback is lowest priority to get these notifications
+	 * actually, since other pending things cannot be disordered
+	 */
+
+	/* Priority 1: pending truncated sends are incomplete ws fragments
+	 *	       If anything else sent first the protocol would be
+	 *	       corrupted.
+	 */
+	if (wsi->trunc_len) {
+		//lwsl_notice("%s: completing partial\n", __func__);
+		if (lws_issue_raw(wsi, wsi->trunc_alloc + wsi->trunc_offset,
+				  wsi->trunc_len) < 0) {
+			lwsl_info("%s signalling to close\n", __func__);
+			goto bail_die;
+		}
+		/* leave POLLOUT active either way */
+		goto bail_ok;
+	} else
+		if (wsi->state == LWSS_FLUSHING_STORED_SEND_BEFORE_CLOSE) {
+			wsi->socket_is_permanently_unusable = 1;
+			goto bail_die; /* retry closing now */
+		}
+
+	if (wsi->mode == LWSCM_WSCL_ISSUE_HTTP_BODY)
+		goto user_service;
+
+#ifdef LWS_WITH_HTTP2
+	/*
+	 * Priority 2: protocol packets
+	 */
+	if (wsi->upgraded_to_http2 && wsi->u.h2.h2n->pps) {
+		lwsl_info("servicing pps\n");
+		if (lws_h2_do_pps_send(wsi)) {
+			wsi->socket_is_permanently_unusable = 1;
+			goto bail_die;
+		}
+		if (wsi->u.h2.h2n->pps)
+			goto bail_ok;
+
+		/* we can resume whatever we were doing */
+		lws_rx_flow_control(wsi, LWS_RXFLOW_REASON_APPLIES_ENABLE |
+					 LWS_RXFLOW_REASON_H2_PPS_PENDING);
+
+		goto bail_ok; /* leave POLLOUT active */
+	}
+#endif
+
+#ifdef LWS_WITH_CGI
+	if (wsi->cgi) {
+		/* also one shot */
+		if (pollfd)
+			if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) {
+				lwsl_info("failed at set pollfd\n");
+				return 1;
+			}
+		goto user_service_go_again;
+	}
+#endif
+
+	/* Priority 3: pending control packets (pong or close)
+	 *
+	 * 3a: close notification packet requested from close api
+	 */
+
+	if (wsi->state == LWSS_WAITING_TO_SEND_CLOSE_NOTIFICATION) {
+		lwsl_debug("sending close packet\n");
+		wsi->waiting_to_send_close_frame = 0;
+		n = lws_write(wsi, &wsi->u.ws.ping_payload_buf[LWS_PRE],
+			      wsi->u.ws.close_in_ping_buffer_len,
+			      LWS_WRITE_CLOSE);
+		if (n >= 0) {
+			wsi->state = LWSS_AWAITING_CLOSE_ACK;
+			lws_set_timeout(wsi, PENDING_TIMEOUT_CLOSE_ACK, 1);
+			lwsl_debug("sent close indication, awaiting ack\n");
+
+			goto bail_ok;
+		}
+
+		goto bail_die;
+	}
+
+	/* else, the send failed and we should just hang up */
+
+	if ((wsi->state == LWSS_ESTABLISHED &&
+	     wsi->u.ws.ping_pending_flag) ||
+	    (wsi->state == LWSS_RETURNED_CLOSE_ALREADY &&
+	     wsi->u.ws.payload_is_close)) {
+
+		if (wsi->u.ws.payload_is_close)
+			write_type = LWS_WRITE_CLOSE;
+
+		n = lws_write(wsi, &wsi->u.ws.ping_payload_buf[LWS_PRE],
+			      wsi->u.ws.ping_payload_len, write_type);
+		if (n < 0)
+			goto bail_die;
+
+		/* well he is sent, mark him done */
+		wsi->u.ws.ping_pending_flag = 0;
+		if (wsi->u.ws.payload_is_close)
+			/* oh... a close frame was it... then we are done */
+			goto bail_die;
+
+		/* otherwise for PING, leave POLLOUT active either way */
+		goto bail_ok;
+	}
+
+	if (wsi->state == LWSS_ESTABLISHED &&
+	    !wsi->socket_is_permanently_unusable &&
+	    wsi->u.ws.send_check_ping) {
+
+		lwsl_info("issuing ping on wsi %p\n", wsi);
+		wsi->u.ws.send_check_ping = 0;
+		n = lws_write(wsi, &wsi->u.ws.ping_payload_buf[LWS_PRE],
+			      0, LWS_WRITE_PING);
+		if (n < 0)
+			goto bail_die;
+
+		/*
+		 * we apparently were able to send the PING in a reasonable time
+		 * now reset the clock on our peer to be able to send the
+		 * PONG in a reasonable time.
+		 */
+
+		lws_set_timeout(wsi, PENDING_TIMEOUT_WS_PONG_CHECK_GET_PONG,
+				wsi->context->timeout_secs);
+
+		goto bail_ok;
+	}
+
+	/* Priority 4: if we are closing, not allowed to send more data frags
+	 *	       which means user callback or tx ext flush banned now
+	 */
+	if (wsi->state == LWSS_RETURNED_CLOSE_ALREADY)
+		goto user_service;
+
+	/* Priority 5: Tx path extension with more to send
+	 *
+	 *	       These are handled as new fragments each time around
+	 *	       So while we must block new writeable callback to enforce
+	 *	       payload ordering, but since they are always complete
+	 *	       fragments control packets can interleave OK.
+	 */
+	if (wsi->state == LWSS_ESTABLISHED && wsi->u.ws.tx_draining_ext) {
+		lwsl_ext("SERVICING TX EXT DRAINING\n");
+		if (lws_write(wsi, NULL, 0, LWS_WRITE_CONTINUATION) < 0)
+			goto bail_die;
+		/* leave POLLOUT active */
+		goto bail_ok;
+	}
+
+	/* Priority 6: user can get the callback
+	 */
+	m = lws_ext_cb_active(wsi, LWS_EXT_CB_IS_WRITEABLE, NULL, 0);
+	if (m)
+		goto bail_die;
+#ifndef LWS_NO_EXTENSIONS
+	if (!wsi->extension_data_pending)
+		goto user_service;
+#endif
+	/*
+	 * check in on the active extensions, see if they
+	 * had pending stuff to spill... they need to get the
+	 * first look-in otherwise sequence will be disordered
+	 *
+	 * NULL, zero-length eff_buf means just spill pending
+	 */
+
+	ret = 1;
+	if (wsi->mode == LWSCM_RAW || wsi->mode == LWSCM_RAW_FILEDESC)
+		ret = 0;
+
+	while (ret == 1) {
+
+		/* default to nobody has more to spill */
+
+		ret = 0;
+		eff_buf.token = NULL;
+		eff_buf.token_len = 0;
+
+		/* give every extension a chance to spill */
+
+		m = lws_ext_cb_active(wsi, LWS_EXT_CB_PACKET_TX_PRESEND,
+				      &eff_buf, 0);
+		if (m < 0) {
+			lwsl_err("ext reports fatal error\n");
+			goto bail_die;
+		}
+		if (m)
+			/*
+			 * at least one extension told us he has more
+			 * to spill, so we will go around again after
+			 */
+			ret = 1;
+
+		/* assuming they gave us something to send, send it */
+
+		if (eff_buf.token_len) {
+			n = lws_issue_raw(wsi, (unsigned char *)eff_buf.token,
+					  eff_buf.token_len);
+			if (n < 0) {
+				lwsl_info("closing from POLLOUT spill\n");
+				goto bail_die;
+			}
+			/*
+			 * Keep amount spilled small to minimize chance of this
+			 */
+			if (n != eff_buf.token_len) {
+				lwsl_err("Unable to spill ext %d vs %d\n",
+							  eff_buf.token_len, n);
+				goto bail_die;
+			}
+		} else
+			continue;
+
+		/* no extension has more to spill */
+
+		if (!ret)
+			continue;
+
+		/*
+		 * There's more to spill from an extension, but we just sent
+		 * something... did that leave the pipe choked?
+		 */
+
+		if (!lws_send_pipe_choked(wsi))
+			/* no we could add more */
+			continue;
+
+		lwsl_info("choked in POLLOUT service\n");
+
+		/*
+		 * Yes, he's choked.  Leave the POLLOUT masked on so we will
+		 * come back here when he is unchoked.  Don't call the user
+		 * callback to enforce ordering of spilling, he'll get called
+		 * when we come back here and there's nothing more to spill.
+		 */
+
+		goto bail_ok;
+	}
+#ifndef LWS_NO_EXTENSIONS
+	wsi->extension_data_pending = 0;
+#endif
+user_service:
+	/* one shot */
+
+	if (wsi->parent_carries_io) {
+		wsi->handling_pollout = 0;
+		wsi->leave_pollout_active = 0;
+
+		return lws_calllback_as_writeable(wsi);
+	}
+
+	if (pollfd) {
+		int eff = wsi->leave_pollout_active;
+
+		if (!eff)
+			if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) {
+				lwsl_info("failed at set pollfd\n");
+				goto bail_die;
+			}
+
+		wsi->handling_pollout = 0;
+
+		/* cannot get leave_pollout_active set after the above */
+		if (!eff && wsi->leave_pollout_active)
+			/* got set inbetween sampling eff and clearing
+			 * handling_pollout, force POLLOUT on */
+			lws_calllback_as_writeable(wsi);
+
+		wsi->leave_pollout_active = 0;
+	}
+
+	if (wsi->mode != LWSCM_WSCL_ISSUE_HTTP_BODY &&
+	    !wsi->hdr_parsing_completed)
+		goto bail_ok;
+
+
+#ifdef LWS_WITH_CGI
+user_service_go_again:
+#endif
+
+#ifdef LWS_WITH_HTTP2
+	/*
+	 * we are the 'network wsi' for potentially many muxed child wsi with
+	 * no network connection of their own, who have to use us for all their
+	 * network actions.  So we use a round-robin scheme to share out the
+	 * POLLOUT notifications to our children.
+	 *
+	 * But because any child could exhaust the socket's ability to take
+	 * writes, we can only let one child get notified each time.
+	 *
+	 * In addition children may be closed / deleted / added between POLLOUT
+	 * notifications, so we can't hold pointers
+	 */
+
+	if (wsi->mode != LWSCM_HTTP2_SERVING) {
+		lwsl_info("%s: non http2\n", __func__);
+		goto notify;
+	}
+
+	wsi->u.h2.requested_POLLOUT = 0;
+	if (!wsi->u.h2.initialized) {
+		lwsl_info("pollout on uninitialized http2 conn\n");
+		goto bail_ok;
+	}
+
+//	if (SSL_want_read(wsi->ssl) || SSL_want_write(wsi->ssl)) {
+//		lws_callback_on_writable(wsi);
+//		goto bail_ok;
+//	}
+
+	lwsl_info("%s: %p: children waiting for POLLOUT service:\n", __func__, wsi);
+	wsi2a = wsi->u.h2.child_list;
+	while (wsi2a) {
+		if (wsi2a->u.h2.requested_POLLOUT)
+			lwsl_debug("  * %p\n", wsi2a);
+		else
+			lwsl_debug("    %p\n", wsi2a);
+
+		wsi2a = wsi2a->u.h2.sibling_list;
+	}
+
+	wsi2 = &wsi->u.h2.child_list;
+	if (!*wsi2)
+		goto bail_ok;
+
+	do {
+		struct lws *w, **wa;
+	
+		wa = &(*wsi2)->u.h2.sibling_list;
+		if (!(*wsi2)->u.h2.requested_POLLOUT) {
+			lwsl_debug("  child %p doesn't want POLLOUT\n", *wsi2);
+			goto next_child;
+		}
+
+		/*
+		 * we're going to do writable callback for this child.
+		 * move him to be the last child
+		 */
+
+		lwsl_debug("servicing child %p\n", *wsi2);
+
+		w = *wsi2;
+		while (w) {
+			if (!w->u.h2.sibling_list) { /* w is the current last */
+				lwsl_debug("w=%p, *wsi2 = %p\n", w, *wsi2);
+				if (w == *wsi2) /* we are already last */
+					break;
+				w->u.h2.sibling_list = *wsi2; /* last points to us as new last */
+				*wsi2 = (*wsi2)->u.h2.sibling_list; /* guy pointing to us until now points to our old next */
+				w->u.h2.sibling_list->u.h2.sibling_list = NULL; /* we point to nothing because we are last */
+				w = w->u.h2.sibling_list; /* w becomes us */
+				break;
+			}
+			w = w->u.h2.sibling_list;
+		}
+
+		w->u.h2.requested_POLLOUT = 0;
+		lwsl_info("%s: child %p (state %d)\n", __func__, (*wsi2), (*wsi2)->state);
+
+		if (w->u.h2.pending_status_body) {
+			w->u.h2.send_END_STREAM = 1;
+			n = lws_write(w,
+				      (uint8_t *)w->u.h2.pending_status_body + LWS_PRE,
+				      strlen(w->u.h2.pending_status_body + LWS_PRE),
+				      LWS_WRITE_HTTP_FINAL);
+			lws_free_set_NULL(w->u.h2.pending_status_body);
+			lws_close_free_wsi(w, LWS_CLOSE_STATUS_NOSTATUS);
+			wa = &wsi->u.h2.child_list;
+			goto next_child;
+		}
+
+		if (w->state == LWSS_HTTP_ISSUING_FILE) {
+
+			w->leave_pollout_active = 0;
+
+			/* >0 == completion, <0 == error
+			 *
+			 * We'll get a LWS_CALLBACK_HTTP_FILE_COMPLETION callback when
+			 * it's done.  That's the case even if we just completed the
+			 * send, so wait for that.
+			 */
+			n = lws_serve_http_file_fragment(w);
+			lwsl_debug("lws_serve_http_file_fragment says %d\n", n);
+
+			/*
+			 * We will often hear about out having sent the final
+			 * DATA here... if so close the actual wsi
+			 */
+			if (n < 0 || w->u.h2.send_END_STREAM) {
+				lwsl_debug("Closing POLLOUT child %p\n", w);
+				lws_close_free_wsi(w, LWS_CLOSE_STATUS_NOSTATUS);
+				wa = &wsi->u.h2.child_list;
+				goto next_child;
+			}
+			if (n > 0)
+				if (lws_http_transaction_completed(w))
+					goto bail_die;
+			if (!n) {
+				lws_callback_on_writable(w);
+				(w)->u.h2.requested_POLLOUT = 1;
+			}
+
+			goto next_child;
+		}
+
+		if (lws_calllback_as_writeable(w) || w->u.h2.send_END_STREAM) {
+			lwsl_debug("Closing POLLOUT child\n");
+			lws_close_free_wsi(w, LWS_CLOSE_STATUS_NOSTATUS);
+			wa = &wsi->u.h2.child_list;
+		}
+
+next_child:
+		wsi2 = wa;
+	} while (wsi2 && *wsi2 && !lws_send_pipe_choked(wsi));
+
+	lwsl_info("%s: %p: children waiting for POLLOUT service: %p\n", __func__, wsi, wsi->u.h2.child_list);
+	wsi2a = wsi->u.h2.child_list;
+	while (wsi2a) {
+		if (wsi2a->u.h2.requested_POLLOUT)
+			lwsl_debug("  * %p\n", wsi2a);
+		else
+			lwsl_debug("    %p\n", wsi2a);
+
+		wsi2a = wsi2a->u.h2.sibling_list;
+	}
+
+
+	wsi2a = wsi->u.h2.child_list;
+	while (wsi2a) {
+		if (wsi2a->u.h2.requested_POLLOUT) {
+			lws_change_pollfd(wsi, 0, LWS_POLLOUT);
+			break;
+		}
+		wsi2a = wsi2a->u.h2.sibling_list;
+	}
+
+	goto bail_ok;
+
+
+notify:
+#endif
+	wsi->leave_pollout_active = 0;
+
+	n = lws_calllback_as_writeable(wsi);
+	wsi->handling_pollout = 0;
+
+	if (wsi->leave_pollout_active)
+		lws_change_pollfd(wsi, 0, LWS_POLLOUT);
+
+	return n;
+
+	/*
+	 * since these don't disable the POLLOUT, they are always doing the
+	 * right thing for leave_pollout_active whether it was set or not.
+	 */
+
+bail_ok:
+	wsi->handling_pollout = 0;
+	wsi->leave_pollout_active = 0;
+
+	return 0;
+
+bail_die:
+	wsi->handling_pollout = 0;
+	wsi->leave_pollout_active = 0;
+
+	return -1;
+}
+
+int
+lws_service_timeout_check(struct lws *wsi, unsigned int sec)
+{
+	struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
+	int n = 0;
+
+	(void)n;
+
+	/*
+	 * if extensions want in on it (eg, we are a mux parent)
+	 * give them a chance to service child timeouts
+	 */
+	if (lws_ext_cb_active(wsi, LWS_EXT_CB_1HZ, NULL, sec) < 0)
+		return 0;
+
+	if (!wsi->pending_timeout)
+		return 0;
+
+	/*
+	 * if we went beyond the allowed time, kill the
+	 * connection
+	 */
+	if ((time_t)sec > wsi->pending_timeout_limit) {
+
+		if (wsi->desc.sockfd != LWS_SOCK_INVALID &&
+		    wsi->position_in_fds_table >= 0)
+			n = pt->fds[wsi->position_in_fds_table].events;
+
+		lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_TIMEOUTS, 1);
+
+		/* no need to log normal idle keepalive timeout */
+		if (wsi->pending_timeout != PENDING_TIMEOUT_HTTP_KEEPALIVE_IDLE)
+			lwsl_info("wsi %p: TIMEDOUT WAITING on %d "
+				  "(did hdr %d, ah %p, wl %d, pfd "
+				  "events %d) %llu vs %llu\n",
+				  (void *)wsi, wsi->pending_timeout,
+				  wsi->hdr_parsing_completed, wsi->u.hdr.ah,
+				  pt->ah_wait_list_length, n,
+				  (unsigned long long)sec,
+				  (unsigned long long)wsi->pending_timeout_limit);
+
+		/*
+		 * Since he failed a timeout, he already had a chance to do
+		 * something and was unable to... that includes situations like
+		 * half closed connections.  So process this "failed timeout"
+		 * close as a violent death and don't try to do protocol
+		 * cleanup like flush partials.
+		 */
+		wsi->socket_is_permanently_unusable = 1;
+		if (wsi->mode == LWSCM_WSCL_WAITING_SSL)
+			wsi->vhost->protocols[0].callback(wsi,
+				LWS_CALLBACK_CLIENT_CONNECTION_ERROR,
+				wsi->user_space,
+				(void *)"Timed out waiting SSL", 21);
+
+		lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS);
+
+		return 1;
+	}
+
+	return 0;
+}
+
+int lws_rxflow_cache(struct lws *wsi, unsigned char *buf, int n, int len)
+{
+#if defined(LWS_WITH_HTTP2)
+	if (wsi->upgraded_to_http2) {
+		struct lws_h2_netconn *h2n = wsi->u.h2.h2n;
+
+		assert(h2n->rx_scratch);
+		buf += n;
+		len -= n;
+		assert ((char *)buf >= (char *)h2n->rx_scratch &&
+			(char *)&buf[len] <= (char *)&h2n->rx_scratch[LWS_H2_RX_SCRATCH_SIZE]);
+
+		h2n->rx_scratch_pos = ((char *)buf - (char *)h2n->rx_scratch);
+		h2n->rx_scratch_len = len;
+
+		lwsl_info("%s: %p: pausing h2 rx_scratch\n", __func__, wsi);
+
+		return 0;
+	}
+#endif
+	/* his RX is flowcontrolled, don't send remaining now */
+	if (wsi->rxflow_buffer) {
+		if (buf >= wsi->rxflow_buffer &&
+		    &buf[len - 1] < &wsi->rxflow_buffer[wsi->rxflow_len]) {
+			/* rxflow while we were spilling prev rxflow */
+			lwsl_info("%s: staying in rxflow buf\n", __func__);
+			return 1;
+		} else {
+			lwsl_err("%s: conflicting rxflow buf, "
+				 "current %p len %d, new %p len %d\n", __func__,
+				 wsi->rxflow_buffer, wsi->rxflow_len, buf, len);
+			assert(0);
+			return 1;
+		}
+	}
+
+	/* a new rxflow, buffer it and warn caller */
+	lwsl_info("%s: new rxflow input buffer len %d\n", __func__, len - n);
+	wsi->rxflow_buffer = lws_malloc(len - n, "rxflow buf");
+	if (!wsi->rxflow_buffer)
+		return -1;
+
+	wsi->rxflow_len = len - n;
+	wsi->rxflow_pos = 0;
+	memcpy(wsi->rxflow_buffer, buf + n, len - n);
+
+	return 0;
+}
+
+/* this is used by the platform service code to stop us waiting for network
+ * activity in poll() when we have something that already needs service
+ */
+
+LWS_VISIBLE LWS_EXTERN int
+lws_service_adjust_timeout(struct lws_context *context, int timeout_ms, int tsi)
+{
+	struct lws_context_per_thread *pt = &context->pt[tsi];
+	struct allocated_headers *ah;
+
+	/* Figure out if we really want to wait in poll()
+	 * We only need to wait if really nothing already to do and we have
+	 * to wait for something from network
+	 */
+
+	/* 1) if we know we are draining rx ext, do not wait in poll */
+	if (pt->rx_draining_ext_list)
+		return 0;
+
+#ifdef LWS_OPENSSL_SUPPORT
+	/* 2) if we know we have non-network pending data, do not wait in poll */
+	if (lws_ssl_anybody_has_buffered_read_tsi(context, tsi)) {
+		lwsl_info("ssl buffered read\n");
+		return 0;
+	}
+#endif
+
+	/* 3) if any ah has pending rx, do not wait in poll */
+	ah = pt->ah_list;
+	while (ah) {
+		if (ah->rxpos != ah->rxlen) {
+			if (!ah->wsi) {
+				assert(0);
+			}
+			return 0;
+		}
+		ah = ah->next;
+	}
+
+	return timeout_ms;
+}
+
+/*
+ * guys that need POLLIN service again without waiting for network action
+ * can force POLLIN here if not flowcontrolled, so they will get service.
+ *
+ * Return nonzero if anybody got their POLLIN faked
+ */
+int
+lws_service_flag_pending(struct lws_context *context, int tsi)
+{
+	struct lws_context_per_thread *pt = &context->pt[tsi];
+	struct allocated_headers *ah;
+#ifdef LWS_OPENSSL_SUPPORT
+	struct lws *wsi_next;
+#endif
+	struct lws *wsi;
+	int forced = 0;
+
+	/* POLLIN faking */
+
+	/*
+	 * 1) For all guys with already-available ext data to drain, if they are
+	 * not flowcontrolled, fake their POLLIN status
+	 */
+	wsi = pt->rx_draining_ext_list;
+	while (wsi) {
+		pt->fds[wsi->position_in_fds_table].revents |=
+			pt->fds[wsi->position_in_fds_table].events & LWS_POLLIN;
+		if (pt->fds[wsi->position_in_fds_table].revents & LWS_POLLIN) {
+			forced = 1;
+			break;
+		}
+		wsi = wsi->u.ws.rx_draining_ext_list;
+	}
+
+#ifdef LWS_OPENSSL_SUPPORT
+	/*
+	 * 2) For all guys with buffered SSL read data already saved up, if they
+	 * are not flowcontrolled, fake their POLLIN status so they'll get
+	 * service to use up the buffered incoming data, even though their
+	 * network socket may have nothing
+	 */
+	wsi = pt->pending_read_list;
+	while (wsi) {
+		wsi_next = wsi->pending_read_list_next;
+		pt->fds[wsi->position_in_fds_table].revents |=
+			pt->fds[wsi->position_in_fds_table].events & LWS_POLLIN;
+		if (pt->fds[wsi->position_in_fds_table].revents & LWS_POLLIN) {
+			forced = 1;
+			/*
+			 * he's going to get serviced now, take him off the
+			 * list of guys with buffered SSL.  If he still has some
+			 * at the end of the service, he'll get put back on the
+			 * list then.
+			 */
+			lws_ssl_remove_wsi_from_buffered_list(wsi);
+		}
+
+		wsi = wsi_next;
+	}
+#endif
+	/*
+	 * 3) For any wsi who have an ah with pending RX who did not
+	 * complete their current headers, and are not flowcontrolled,
+	 * fake their POLLIN status so they will be able to drain the
+	 * rx buffered in the ah
+	 */
+	ah = pt->ah_list;
+	while (ah) {
+		if (ah->rxpos != ah->rxlen && !ah->wsi->hdr_parsing_completed) {
+			pt->fds[ah->wsi->position_in_fds_table].revents |=
+				pt->fds[ah->wsi->position_in_fds_table].events &
+					LWS_POLLIN;
+			if (pt->fds[ah->wsi->position_in_fds_table].revents &
+			    LWS_POLLIN) {
+				forced = 1;
+				break;
+			}
+		}
+		ah = ah->next;
+	}
+
+	return forced;
+}
+
+#ifndef LWS_NO_CLIENT
+
+LWS_VISIBLE int
+lws_http_client_read(struct lws *wsi, char **buf, int *len)
+{
+	int rlen, n;
+
+	rlen = lws_ssl_capable_read(wsi, (unsigned char *)*buf, *len);
+	*len = 0;
+
+	/* allow the source to signal he has data again next time */
+	lws_change_pollfd(wsi, 0, LWS_POLLIN);
+
+	if (rlen == LWS_SSL_CAPABLE_ERROR) {
+		lwsl_notice("%s: SSL capable error\n", __func__);
+		return -1;
+	}
+
+	if (rlen == 0)
+		return -1;
+
+	if (rlen < 0)
+		return 0;
+
+	*len = rlen;
+	wsi->client_rx_avail = 0;
+
+	/*
+	 * server may insist on transfer-encoding: chunked,
+	 * so http client must deal with it
+	 */
+spin_chunks:
+	while (wsi->chunked && (wsi->chunk_parser != ELCP_CONTENT) && *len) {
+		switch (wsi->chunk_parser) {
+		case ELCP_HEX:
+			if ((*buf)[0] == '\x0d') {
+				wsi->chunk_parser = ELCP_CR;
+				break;
+			}
+			n = char_to_hex((*buf)[0]);
+			if (n < 0) {
+				lwsl_debug("chunking failure\n");
+				return -1;
+			}
+			wsi->chunk_remaining <<= 4;
+			wsi->chunk_remaining |= n;
+			break;
+		case ELCP_CR:
+			if ((*buf)[0] != '\x0a') {
+				lwsl_debug("chunking failure\n");
+				return -1;
+			}
+			wsi->chunk_parser = ELCP_CONTENT;
+			lwsl_info("chunk %d\n", wsi->chunk_remaining);
+			if (wsi->chunk_remaining)
+				break;
+			lwsl_info("final chunk\n");
+			goto completed;
+
+		case ELCP_CONTENT:
+			break;
+
+		case ELCP_POST_CR:
+			if ((*buf)[0] != '\x0d') {
+				lwsl_debug("chunking failure\n");
+
+				return -1;
+			}
+
+			wsi->chunk_parser = ELCP_POST_LF;
+			break;
+
+		case ELCP_POST_LF:
+			if ((*buf)[0] != '\x0a')
+				return -1;
+
+			wsi->chunk_parser = ELCP_HEX;
+			wsi->chunk_remaining = 0;
+			break;
+		}
+		(*buf)++;
+		(*len)--;
+	}
+
+	if (wsi->chunked && !wsi->chunk_remaining)
+		return 0;
+
+	if (wsi->u.http.rx_content_remain &&
+	    wsi->u.http.rx_content_remain < *len)
+		n = (int)wsi->u.http.rx_content_remain;
+	else
+		n = *len;
+
+	if (wsi->chunked && wsi->chunk_remaining &&
+	    wsi->chunk_remaining < n)
+		n = wsi->chunk_remaining;
+
+#ifdef LWS_WITH_HTTP_PROXY
+	/* hubbub */
+	if (wsi->perform_rewrite)
+		lws_rewrite_parse(wsi->rw, (unsigned char *)*buf, n);
+	else
+#endif
+		if (user_callback_handle_rxflow(wsi->protocol->callback,
+				wsi, LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ,
+				wsi->user_space, *buf, n)) {
+			lwsl_debug("%s: LWS_CALLBACK_RECEIVE_CLIENT_HTTP_READ returned -1\n", __func__);
+
+			return -1;
+		}
+
+	if (wsi->chunked && wsi->chunk_remaining) {
+		(*buf) += n;
+		wsi->chunk_remaining -= n;
+		*len -= n;
+	}
+
+	if (wsi->chunked && !wsi->chunk_remaining)
+		wsi->chunk_parser = ELCP_POST_CR;
+
+	if (wsi->chunked && *len)
+		goto spin_chunks;
+
+	if (wsi->chunked)
+		return 0;
+
+	/* if we know the content length, decrement the content remaining */
+	if (wsi->u.http.rx_content_length > 0)
+		wsi->u.http.rx_content_remain -= n;
+
+	if (wsi->u.http.rx_content_remain || !wsi->u.http.rx_content_length)
+		return 0;
+
+completed:
+	if (user_callback_handle_rxflow(wsi->protocol->callback,
+			wsi, LWS_CALLBACK_COMPLETED_CLIENT_HTTP,
+			wsi->user_space, NULL, 0)) {
+		lwsl_debug("Completed call returned -1\n");
+		return -1;
+	}
+
+	if (lws_http_transaction_completed_client(wsi)) {
+		lwsl_notice("%s: transaction completed says -1\n", __func__);
+		return -1;
+	}
+
+	return 0;
+}
+#endif
+
+static int
+lws_is_ws_with_ext(struct lws *wsi)
+{
+#if defined(LWS_NO_EXTENSIONS)
+	return 0;
+#else
+	return wsi->state == LWSS_ESTABLISHED &&
+	       !!wsi->count_act_ext;
+#endif
+}
+
+LWS_VISIBLE int
+lws_service_fd_tsi(struct lws_context *context, struct lws_pollfd *pollfd, int tsi)
+{
+	struct lws_context_per_thread *pt = &context->pt[tsi];
+	lws_sockfd_type our_fd = 0, tmp_fd;
+	struct allocated_headers *ah;
+	struct lws_tokens eff_buf;
+	unsigned int pending = 0;
+	struct lws *wsi, *wsi1;
+	char draining_flow = 0;
+	int timed_out = 0;
+	time_t now;
+	int n = 0, m;
+	int more;
+
+	if (!context->protocol_init_done)
+		lws_protocol_init(context);
+
+	time(&now);
+
+	/*
+	 * handle case that system time was uninitialized when lws started
+	 * at boot, and got initialized a little later
+	 */
+	if (context->time_up < 1464083026 && now > 1464083026)
+		context->time_up = now;
+
+	/* TODO: if using libev, we should probably use timeout watchers... */
+	if (context->last_timeout_check_s != now) {
+		context->last_timeout_check_s = now;
+
+#if defined(LWS_WITH_STATS)
+		if (!tsi && now - context->last_dump > 10) {
+			lws_stats_log_dump(context);
+			context->last_dump = now;
+		}
+#endif
+
+		lws_plat_service_periodic(context);
+
+		lws_check_deferred_free(context, 0);
+
+#if defined(LWS_WITH_PEER_LIMITS)
+		lws_peer_cull_peer_wait_list(context);
+#endif
+
+		/* retire unused deprecated context */
+#if !defined(LWS_PLAT_OPTEE) && !defined(LWS_WITH_ESP32)
+#if LWS_POSIX && !defined(_WIN32)
+		if (context->deprecated && !context->count_wsi_allocated) {
+			lwsl_notice("%s: ending deprecated context\n", __func__);
+			kill(getpid(), SIGINT);
+			return 0;
+		}
+#endif
+#endif
+		/* global timeout check once per second */
+
+		if (pollfd)
+			our_fd = pollfd->fd;
+
+		/*
+		 * Phase 1: check every wsi on the timeout check list
+		 */
+
+		wsi = context->pt[tsi].timeout_list;
+		while (wsi) {
+			/* we have to take copies, because he may be deleted */
+			wsi1 = wsi->timeout_list;
+			tmp_fd = wsi->desc.sockfd;
+			if (lws_service_timeout_check(wsi, (unsigned int)now)) {
+				/* he did time out... */
+				if (tmp_fd == our_fd)
+					/* it was the guy we came to service! */
+					timed_out = 1;
+					/* he's gone, no need to mark as handled */
+			}
+			wsi = wsi1;
+		}
+
+		/*
+		 * Phase 2: double-check active ah timeouts independent of wsi
+		 *	    timeout status
+		 */
+
+		ah = pt->ah_list;
+		while (ah) {
+			int len;
+			char buf[256];
+			const unsigned char *c;
+
+			if (!ah->in_use || !ah->wsi || !ah->assigned ||
+			    (ah->wsi->vhost && now - ah->assigned <
+			    ah->wsi->vhost->timeout_secs_ah_idle + 60)) {
+				ah = ah->next;
+				continue;
+			}
+
+			/*
+			 * a single ah session somehow got held for
+			 * an unreasonable amount of time.
+			 *
+			 * Dump info on the connection...
+			 */
+			wsi = ah->wsi;
+			buf[0] = '\0';
+			lws_get_peer_simple(wsi, buf, sizeof(buf));
+			lwsl_notice("ah excessive hold: wsi %p\n"
+				    "  peer address: %s\n"
+				    "  ah rxpos %u, rxlen %u, pos %u\n",
+				    wsi, buf, ah->rxpos, ah->rxlen,
+				    ah->pos);
+			buf[0] = '\0';
+			m = 0;
+			do {
+				c = lws_token_to_string(m);
+				if (!c)
+					break;
+
+				len = lws_hdr_total_length(wsi, m);
+				if (!len || len > sizeof(buf) - 1) {
+					m++;
+					continue;
+				}
+
+				if (lws_hdr_copy(wsi, buf,
+						 sizeof buf, m) > 0) {
+					buf[sizeof(buf) - 1] = '\0';
+
+					lwsl_notice("   %s = %s\n",
+						    (const char *)c, buf);
+				}
+				m++;
+			} while (1);
+
+			/* ... and then drop the connection */
+
+			if (wsi->desc.sockfd == our_fd)
+				/* it was the guy we came to service! */
+				timed_out = 1;
+
+			lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS);
+
+			ah = ah->next;
+		}
+
+#ifdef LWS_WITH_CGI
+		/*
+		 * Phase 3: handle cgi timeouts
+		 */
+		lws_cgi_kill_terminated(pt);
+#endif
+#if 0
+		{
+			char s[300], *p = s;
+
+			for (n = 0; n < context->count_threads; n++)
+				p += sprintf(p, " %7lu (%5d), ",
+					     context->pt[n].count_conns,
+					     context->pt[n].fds_count);
+
+			lwsl_notice("load: %s\n", s);
+		}
+#endif
+	}
+
+	/*
+	 * at intervals, check for ws connections needing ping-pong checks
+	 */
+
+	if (context->ws_ping_pong_interval &&
+	    context->last_ws_ping_pong_check_s < now + 10) {
+		struct lws_vhost *vh = context->vhost_list;
+		context->last_ws_ping_pong_check_s = now;
+
+		while (vh) {
+			for (n = 0; n < vh->count_protocols; n++) {
+				wsi = vh->same_vh_protocol_list[n];
+
+				while (wsi) {
+					if (wsi->state == LWSS_ESTABLISHED &&
+					    !wsi->socket_is_permanently_unusable &&
+					    !wsi->u.ws.send_check_ping &&
+					    wsi->u.ws.time_next_ping_check &&
+					    wsi->u.ws.time_next_ping_check < now) {
+
+						lwsl_info("requesting ping-pong on wsi %p\n", wsi);
+						wsi->u.ws.send_check_ping = 1;
+						lws_set_timeout(wsi, PENDING_TIMEOUT_WS_PONG_CHECK_SEND_PING,
+								context->timeout_secs);
+						lws_callback_on_writable(wsi);
+						wsi->u.ws.time_next_ping_check = now +
+								wsi->context->ws_ping_pong_interval;
+					}
+					wsi = wsi->same_vh_protocol_next;
+				}
+			}
+			vh = vh->vhost_next;
+		}
+	}
+
+
+	/* the socket we came to service timed out, nothing to do */
+	if (timed_out)
+		return 0;
+
+	/* just here for timeout management? */
+	if (!pollfd)
+		return 0;
+
+	/* no, here to service a socket descriptor */
+	wsi = wsi_from_fd(context, pollfd->fd);
+	if (!wsi)
+		/* not lws connection ... leave revents alone and return */
+		return 0;
+
+	/*
+	 * so that caller can tell we handled, past here we need to
+	 * zero down pollfd->revents after handling
+	 */
+
+#if LWS_POSIX
+	/* handle session socket closed */
+
+	if ((!(pollfd->revents & pollfd->events & LWS_POLLIN)) &&
+	    (pollfd->revents & LWS_POLLHUP)) {
+		wsi->socket_is_permanently_unusable = 1;
+		lwsl_debug("Session Socket %p (fd=%d) dead\n",
+						       (void *)wsi, pollfd->fd);
+
+		goto close_and_handled;
+	}
+
+#ifdef _WIN32
+	if (pollfd->revents & LWS_POLLOUT)
+		wsi->sock_send_blocking = FALSE;
+#endif
+
+#endif
+
+	if ((!(pollfd->revents & pollfd->events & LWS_POLLIN)) &&
+			(pollfd->revents & LWS_POLLHUP)) {
+		lwsl_debug("pollhup\n");
+		wsi->socket_is_permanently_unusable = 1;
+		goto close_and_handled;
+	}
+
+#ifdef LWS_OPENSSL_SUPPORT
+	if ((wsi->state == LWSS_SHUTDOWN) && lws_is_ssl(wsi) && wsi->ssl) {
+		n = SSL_shutdown(wsi->ssl);
+		lwsl_debug("SSL_shutdown=%d for fd %d\n", n, wsi->desc.sockfd);
+		switch (n) {
+		case 1:
+			n = shutdown(wsi->desc.sockfd, SHUT_WR);
+			goto close_and_handled;
+
+		case 0:
+			lws_change_pollfd(wsi, 0, LWS_POLLIN);
+			n = 0;
+			goto handled;
+
+		default:
+			n = SSL_get_error(wsi->ssl, n);
+			if (n != SSL_ERROR_SYSCALL && n != SSL_ERROR_SSL) {
+				if (SSL_want_read(wsi->ssl)) {
+					lwsl_debug("(wants read)\n");
+					lws_change_pollfd(wsi, 0, LWS_POLLIN);
+					n = 0;
+					goto handled;
+				}
+				if (SSL_want_write(wsi->ssl)) {
+					lwsl_debug("(wants write)\n");
+					lws_change_pollfd(wsi, 0, LWS_POLLOUT);
+					n = 0;
+					goto handled;
+				}
+			}
+
+			/* actual error occurred, just close the connection */
+			n = shutdown(wsi->desc.sockfd, SHUT_WR);
+			goto close_and_handled;
+		}
+	}
+#endif
+
+	/* okay, what we came here to do... */
+
+	switch (wsi->mode) {
+	case LWSCM_HTTP_SERVING:
+	case LWSCM_HTTP_CLIENT:
+	case LWSCM_HTTP_SERVING_ACCEPTED:
+	case LWSCM_SERVER_LISTENER:
+	case LWSCM_SSL_ACK_PENDING:
+	case LWSCM_SSL_ACK_PENDING_RAW:
+		if (wsi->state == LWSS_CLIENT_HTTP_ESTABLISHED)
+			goto handled;
+
+#ifdef LWS_WITH_CGI
+		if (wsi->cgi && (pollfd->revents & LWS_POLLOUT)) {
+			n = lws_handle_POLLOUT_event(wsi, pollfd);
+			if (n)
+				goto close_and_handled;
+			goto handled;
+		}
+#endif
+		/* fallthru */
+	case LWSCM_RAW:
+		n = lws_server_socket_service(context, wsi, pollfd);
+		if (n) /* closed by above */
+			return 1;
+		goto handled;
+
+	case LWSCM_RAW_FILEDESC:
+
+		if (pollfd->revents & LWS_POLLOUT) {
+			n = lws_calllback_as_writeable(wsi);
+			if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) {
+				lwsl_info("failed at set pollfd\n");
+				return 1;
+			}
+			if (n)
+				goto close_and_handled;
+		}
+		n = LWS_CALLBACK_RAW_RX;
+		if (wsi->mode == LWSCM_RAW_FILEDESC)
+			n = LWS_CALLBACK_RAW_RX_FILE;
+
+		if (pollfd->revents & LWS_POLLIN) {
+			if (user_callback_handle_rxflow(
+					wsi->protocol->callback,
+					wsi, n,
+					wsi->user_space, NULL, 0)) {
+				lwsl_debug("raw rx callback closed it\n");
+				goto close_and_handled;
+			}
+		}
+
+		if (pollfd->revents & LWS_POLLHUP)
+			goto close_and_handled;
+		n = 0;
+		goto handled;
+
+	case LWSCM_WS_SERVING:
+	case LWSCM_WS_CLIENT:
+	case LWSCM_HTTP2_SERVING:
+	case LWSCM_HTTP_CLIENT_ACCEPTED:
+
+		/* 1: something requested a callback when it was OK to write */
+
+		if ((pollfd->revents & LWS_POLLOUT) &&
+		    ((wsi->state == LWSS_ESTABLISHED ||
+		     wsi->state == LWSS_HTTP2_ESTABLISHED ||
+		     wsi->state == LWSS_HTTP2_ESTABLISHED_PRE_SETTINGS ||
+		     wsi->state == LWSS_RETURNED_CLOSE_ALREADY ||
+		     wsi->state == LWSS_WAITING_TO_SEND_CLOSE_NOTIFICATION ||
+		     wsi->state == LWSS_FLUSHING_STORED_SEND_BEFORE_CLOSE)) &&
+		    lws_handle_POLLOUT_event(wsi, pollfd)) {
+			if (wsi->state == LWSS_RETURNED_CLOSE_ALREADY)
+				wsi->state = LWSS_FLUSHING_STORED_SEND_BEFORE_CLOSE;
+			lwsl_info("lws_service_fd: closing\n");
+			goto close_and_handled;
+		}
+
+		if (wsi->state == LWSS_RETURNED_CLOSE_ALREADY ||
+		    wsi->state == LWSS_WAITING_TO_SEND_CLOSE_NOTIFICATION ||
+		    wsi->state == LWSS_AWAITING_CLOSE_ACK) {
+			/*
+			 * we stopped caring about anything except control
+			 * packets.  Force flow control off, defeat tx
+			 * draining.
+			 */
+			lws_rx_flow_control(wsi, 1);
+			wsi->u.ws.tx_draining_ext = 0;
+		}
+
+		if (wsi->u.ws.tx_draining_ext)
+			/* we cannot deal with new RX until the TX ext
+			 * path has been drained.  It's because new
+			 * rx will, eg, crap on the wsi rx buf that
+			 * may be needed to retain state.
+			 *
+			 * TX ext drain path MUST go through event loop
+			 * to avoid blocking.
+			 */
+			break;
+
+		if (lws_is_flowcontrolled(wsi))
+			/* We cannot deal with any kind of new RX
+			 * because we are RX-flowcontrolled.
+			 */
+			break;
+
+#if defined(LWS_WITH_HTTP2)
+		if (wsi->http2_substream || wsi->upgraded_to_http2) {
+			wsi1 = lws_get_network_wsi(wsi);
+			if (wsi1 && wsi1->trunc_len)
+				/* We cannot deal with any kind of new RX
+				 * because we are dealing with a partial send
+				 * (new RX may trigger new http_action() that
+				 * expect to be able to send)
+				 */
+				break;
+		}
+#endif
+
+		/* 2: RX Extension needs to be drained
+		 */
+
+		if (wsi->state == LWSS_ESTABLISHED &&
+		    wsi->u.ws.rx_draining_ext) {
+
+			lwsl_ext("%s: RX EXT DRAINING: Service\n", __func__);
+#ifndef LWS_NO_CLIENT
+			if (wsi->mode == LWSCM_WS_CLIENT) {
+				n = lws_client_rx_sm(wsi, 0);
+				if (n < 0)
+					/* we closed wsi */
+					n = 0;
+			} else
+#endif
+				n = lws_rx_sm(wsi, 0);
+
+			goto handled;
+		}
+
+		if (wsi->u.ws.rx_draining_ext)
+			/*
+			 * We have RX EXT content to drain, but can't do it
+			 * right now.  That means we cannot do anything lower
+			 * priority either.
+			 */
+			break;
+
+		/* 3: RX Flowcontrol buffer / h2 rx scratch needs to be drained
+		 */
+
+		if (wsi->rxflow_buffer) {
+			lwsl_info("draining rxflow (len %d)\n",
+				wsi->rxflow_len - wsi->rxflow_pos);
+			assert(wsi->rxflow_pos < wsi->rxflow_len);
+			/* well, drain it */
+			eff_buf.token = (char *)wsi->rxflow_buffer +
+						wsi->rxflow_pos;
+			eff_buf.token_len = wsi->rxflow_len - wsi->rxflow_pos;
+			draining_flow = 1;
+			goto drain;
+		}
+
+#if defined(LWS_WITH_HTTP2)
+		if (wsi->upgraded_to_http2) {
+			struct lws_h2_netconn *h2n = wsi->u.h2.h2n;
+
+			if (h2n->rx_scratch_len) {
+				lwsl_info("%s: %p: resuming h2 rx_scratch pos = %d len = %d\n",
+					  __func__, wsi, h2n->rx_scratch_pos, h2n->rx_scratch_len);
+				eff_buf.token = (char *)h2n->rx_scratch +
+						h2n->rx_scratch_pos;
+				eff_buf.token_len = h2n->rx_scratch_len;
+
+				h2n->rx_scratch_len = 0;
+				goto drain;
+			}
+		}
+#endif
+
+		/* 4: any incoming (or ah-stashed incoming rx) data ready?
+		 * notice if rx flow going off raced poll(), rx flow wins
+		 */
+
+		if (!(pollfd->revents & pollfd->events & LWS_POLLIN))
+			break;
+read:
+		if (lws_is_flowcontrolled(wsi)) {
+			lwsl_info("%s: %p should be rxflow (bm 0x%x)..\n",
+				    __func__, wsi, wsi->rxflow_bitmap);
+			break;
+		}
+
+		/* all the union members start with hdr, so even in ws mode
+		 * we can deal with the ah via u.hdr
+		 */
+		if (wsi->u.hdr.ah) {
+			lwsl_info("%s: %p: inherited ah rx\n", __func__, wsi);
+			eff_buf.token_len = wsi->u.hdr.ah->rxlen -
+					    wsi->u.hdr.ah->rxpos;
+			eff_buf.token = (char *)wsi->u.hdr.ah->rx +
+					wsi->u.hdr.ah->rxpos;
+		} else {
+			if (wsi->mode != LWSCM_HTTP_CLIENT_ACCEPTED) {
+				/*
+				 * extension may not consume everything (eg, pmd may be constrained
+				 * as to what it can output...) has to go in per-wsi rx buf area.
+				 * Otherwise in large temp serv_buf area.
+				 */
+
+#if defined(LWS_WITH_HTTP2)
+				if (wsi->upgraded_to_http2) {
+					if (!wsi->u.h2.h2n->rx_scratch) {
+						wsi->u.h2.h2n->rx_scratch = lws_malloc(LWS_H2_RX_SCRATCH_SIZE, "h2 rx scratch");
+						if (!wsi->u.h2.h2n->rx_scratch)
+							goto close_and_handled;
+					}
+					eff_buf.token = wsi->u.h2.h2n->rx_scratch;
+					eff_buf.token_len = LWS_H2_RX_SCRATCH_SIZE;
+				} else
+#endif
+				{
+					eff_buf.token = (char *)pt->serv_buf;
+					if (lws_is_ws_with_ext(wsi)) {
+						eff_buf.token_len = wsi->u.ws.rx_ubuf_alloc;
+					} else {
+						eff_buf.token_len = context->pt_serv_buf_size;
+					}
+
+					if ((unsigned int)eff_buf.token_len > context->pt_serv_buf_size)
+						eff_buf.token_len = context->pt_serv_buf_size;
+				}
+
+				if ((int)pending > eff_buf.token_len)
+					pending = eff_buf.token_len;
+
+				eff_buf.token_len = lws_ssl_capable_read(wsi,
+					(unsigned char *)eff_buf.token, pending ? pending :
+					eff_buf.token_len);
+				switch (eff_buf.token_len) {
+				case 0:
+					lwsl_info("%s: zero length read\n", __func__);
+					goto close_and_handled;
+				case LWS_SSL_CAPABLE_MORE_SERVICE:
+					lwsl_info("SSL Capable more service\n");
+					n = 0;
+					goto handled;
+				case LWS_SSL_CAPABLE_ERROR:
+					lwsl_info("Closing when error\n");
+					goto close_and_handled;
+				}
+				// lwsl_notice("Actual RX %d\n", eff_buf.token_len);
+			}
+		}
+
+drain:
+#ifndef LWS_NO_CLIENT
+		if (wsi->mode == LWSCM_HTTP_CLIENT_ACCEPTED &&
+		    !wsi->told_user_closed) {
+
+			/*
+			 * In SSL mode we get POLLIN notification about
+			 * encrypted data in.
+			 *
+			 * But that is not necessarily related to decrypted
+			 * data out becoming available; in may need to perform
+			 * other in or out before that happens.
+			 *
+			 * simply mark ourselves as having readable data
+			 * and turn off our POLLIN
+			 */
+			wsi->client_rx_avail = 1;
+			lws_change_pollfd(wsi, LWS_POLLIN, 0);
+
+			/* let user code know, he'll usually ask for writeable
+			 * callback and drain / re-enable it there
+			 */
+			if (user_callback_handle_rxflow(
+					wsi->protocol->callback,
+					wsi, LWS_CALLBACK_RECEIVE_CLIENT_HTTP,
+					wsi->user_space, NULL, 0)) {
+				lwsl_info("RECEIVE_CLIENT_HTTP closed it\n");
+				goto close_and_handled;
+			}
+
+			n = 0;
+			goto handled;
+		}
+#endif
+		/*
+		 * give any active extensions a chance to munge the buffer
+		 * before parse.  We pass in a pointer to an lws_tokens struct
+		 * prepared with the default buffer and content length that's in
+		 * there.  Rather than rewrite the default buffer, extensions
+		 * that expect to grow the buffer can adapt .token to
+		 * point to their own per-connection buffer in the extension
+		 * user allocation.  By default with no extensions or no
+		 * extension callback handling, just the normal input buffer is
+		 * used then so it is efficient.
+		 */
+		do {
+			more = 0;
+
+			m = lws_ext_cb_active(wsi, LWS_EXT_CB_PACKET_RX_PREPARSE,
+					      &eff_buf, 0);
+			if (m < 0)
+				goto close_and_handled;
+			if (m)
+				more = 1;
+
+			/* service incoming data */
+
+			if (eff_buf.token_len) {
+				/*
+				 * if draining from rxflow buffer, not
+				 * critical to track what was used since at the
+				 * use it bumps wsi->rxflow_pos.  If we come
+				 * around again it will pick up from where it
+				 * left off.
+				 */
+				n = lws_read(wsi, (unsigned char *)eff_buf.token,
+					     eff_buf.token_len);
+				if (n < 0) {
+					/* we closed wsi */
+					n = 0;
+					goto handled;
+				}
+			}
+
+			eff_buf.token = NULL;
+			eff_buf.token_len = 0;
+		} while (more);
+
+		if (wsi->u.hdr.ah) {
+			lwsl_debug("%s: %p: detaching\n", __func__, wsi);
+			lws_header_table_force_to_detachable_state(wsi);
+			/* we can run the normal ah detach flow despite
+			 * being in ws union mode, since all union members
+			 * start with hdr */
+			lws_header_table_detach(wsi, 0);
+		}
+
+		pending = lws_ssl_pending(wsi);
+		if (pending) {
+			if (lws_is_ws_with_ext(wsi))
+				pending = pending > wsi->u.ws.rx_ubuf_alloc ?
+					wsi->u.ws.rx_ubuf_alloc : pending;
+			else
+				pending = pending > context->pt_serv_buf_size ?
+					context->pt_serv_buf_size : pending;
+			goto read;
+		}
+
+		if (draining_flow && wsi->rxflow_buffer &&
+		    wsi->rxflow_pos == wsi->rxflow_len) {
+			lwsl_info("%s: %p flow buf: drained\n", __func__, wsi);
+			lws_free_set_NULL(wsi->rxflow_buffer);
+			/* having drained the rxflow buffer, can rearm POLLIN */
+#ifdef LWS_NO_SERVER
+			n =
+#endif
+			_lws_rx_flow_control(wsi);
+			/* n ignored, needed for NO_SERVER case */
+		}
+
+		break;
+#ifdef LWS_WITH_CGI
+	case LWSCM_CGI: /* we exist to handle a cgi's stdin/out/err data...
+			 * do the callback on our master wsi
+			 */
+		{
+			struct lws_cgi_args args;
+
+			if (wsi->cgi_channel >= LWS_STDOUT &&
+			    !(pollfd->revents & pollfd->events & LWS_POLLIN))
+				break;
+			if (wsi->cgi_channel == LWS_STDIN &&
+			    !(pollfd->revents & pollfd->events & LWS_POLLOUT))
+				break;
+
+			if (wsi->cgi_channel == LWS_STDIN)
+				if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) {
+					lwsl_info("failed at set pollfd\n");
+					return 1;
+				}
+
+			args.ch = wsi->cgi_channel;
+			args.stdwsi = &wsi->parent->cgi->stdwsi[0];
+			args.hdr_state = wsi->hdr_state;
+
+			lwsl_debug("CGI LWS_STDOUT %p mode %d state %d\n",
+				   wsi->parent, wsi->parent->mode,
+				   wsi->parent->state);
+
+			if (user_callback_handle_rxflow(
+					wsi->parent->protocol->callback,
+					wsi->parent, LWS_CALLBACK_CGI,
+					wsi->parent->user_space,
+					(void *)&args, 0))
+				return 1;
+
+			break;
+		}
+#endif
+	default:
+#ifdef LWS_NO_CLIENT
+		break;
+#else
+		if ((pollfd->revents & LWS_POLLOUT) &&
+		    lws_handle_POLLOUT_event(wsi, pollfd)) {
+			lwsl_debug("POLLOUT event closed it\n");
+			goto close_and_handled;
+		}
+
+		n = lws_client_socket_service(context, wsi, pollfd);
+		if (n)
+			return 1;
+		goto handled;
+#endif
+	}
+
+	n = 0;
+	goto handled;
+
+close_and_handled:
+	lwsl_debug("%p: Close and handled\n", wsi);
+	lws_close_free_wsi(wsi, LWS_CLOSE_STATUS_NOSTATUS);
+	/*
+	 * pollfd may point to something else after the close
+	 * due to pollfd swapping scheme on delete on some platforms
+	 * we can't clear revents now because it'd be the wrong guy's revents
+	 */
+	return 1;
+
+handled:
+	pollfd->revents = 0;
+	return n;
+}
+
+LWS_VISIBLE int
+lws_service_fd(struct lws_context *context, struct lws_pollfd *pollfd)
+{
+	return lws_service_fd_tsi(context, pollfd, 0);
+}
+
+LWS_VISIBLE int
+lws_service(struct lws_context *context, int timeout_ms)
+{
+	return lws_plat_service(context, timeout_ms);
+}
+
+LWS_VISIBLE int
+lws_service_tsi(struct lws_context *context, int timeout_ms, int tsi)
+{
+	return _lws_plat_service_tsi(context, timeout_ms, tsi);
+}
+
diff --git a/thirdparty/lws/ssl.c b/thirdparty/lws/ssl.c
new file mode 100644
index 0000000000..0a647b469c
--- /dev/null
+++ b/thirdparty/lws/ssl.c
@@ -0,0 +1,976 @@
+/*
+ * libwebsockets - small server side websockets and web server implementation
+ *
+ * Copyright (C) 2010-2017 Andy Green <andy@warmcat.com>
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation:
+ *  version 2.1 of the License.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA  02110-1301  USA
+ */
+
+#include "private-libwebsockets.h"
+
+/* workaround for mingw */
+#if !defined(ECONNABORTED)
+#define ECONNABORTED 103
+#endif
+
+int lws_alloc_vfs_file(struct lws_context *context, const char *filename, uint8_t **buf,
+		lws_filepos_t *amount)
+{
+	lws_filepos_t len;
+	lws_fop_flags_t	flags = LWS_O_RDONLY;
+	lws_fop_fd_t fops_fd = lws_vfs_file_open(
+				lws_get_fops(context), filename, &flags);
+	int ret = 1;
+
+	if (!fops_fd)
+		return 1;
+
+	len = lws_vfs_get_length(fops_fd);
+
+	*buf = lws_malloc((size_t)len, "lws_alloc_vfs_file");
+	if (!*buf)
+		goto bail;
+
+	if (lws_vfs_file_read(fops_fd, amount, *buf, len))
+		goto bail;
+
+	ret = 0;
+bail:
+	lws_vfs_file_close(&fops_fd);
+
+	return ret;
+}
+
+#if defined(LWS_WITH_MBEDTLS)
+#if defined(LWS_WITH_ESP32)
+int alloc_file(struct lws_context *context, const char *filename, uint8_t **buf,
+	       lws_filepos_t *amount)
+{
+	nvs_handle nvh;
+	size_t s;
+	int n = 0;
+
+	ESP_ERROR_CHECK(nvs_open("lws-station", NVS_READWRITE, &nvh));
+	if (nvs_get_blob(nvh, filename, NULL, &s) != ESP_OK) {
+		n = 1;
+		goto bail;
+	}
+	*buf = lws_malloc(s, "alloc_file");
+	if (!*buf) {
+		n = 2;
+		goto bail;
+	}
+	if (nvs_get_blob(nvh, filename, (char *)*buf, &s) != ESP_OK) {
+		lws_free(*buf);
+		n = 1;
+		goto bail;
+	}
+
+	*amount = s;
+
+bail:
+	nvs_close(nvh);
+
+	return n;
+}
+#else
+int alloc_file(struct lws_context *context, const char *filename, uint8_t **buf,
+		lws_filepos_t *amount)
+{
+	FILE *f;
+	size_t s;
+	int n = 0;
+
+	f = fopen(filename, "rb");
+	if (f == NULL) {
+		n = 1;
+		goto bail;
+	}
+
+	if (fseek(f, 0, SEEK_END) != 0) {
+		n = 1;
+		goto bail;
+	}
+
+	s = ftell(f);
+	if (s == -1) {
+		n = 1;
+		goto bail;
+	}
+
+	if (fseek(f, 0, SEEK_SET) != 0) {
+		n = 1;
+		goto bail;
+	}
+
+	*buf = lws_malloc(s, "alloc_file");
+	if (!*buf) {
+		n = 2;
+		goto bail;
+	}
+
+	if (fread(*buf, s, 1, f) != 1) {
+		lws_free(*buf);
+		n = 1;
+		goto bail;
+	}
+
+	*amount = s;
+
+bail:
+	if (f)
+		fclose(f);
+
+	return n;
+
+}
+#endif
+int alloc_pem_to_der_file(struct lws_context *context, const char *filename, uint8_t **buf,
+	       lws_filepos_t *amount)
+{
+	uint8_t *pem, *p, *q, *end;
+	lws_filepos_t len;
+	int n;
+
+	n = alloc_file(context, filename, &pem, &len);
+	if (n)
+		return n;
+
+	/* trim the first line */
+
+	p = pem;
+	end = p + len;
+	if (strncmp((char *)p, "-----", 5))
+		goto bail;
+	p += 5;
+	while (p < end && *p != '\n' && *p != '-')
+		p++;
+
+	if (*p != '-')
+		goto bail;
+
+	while (p < end && *p != '\n')
+		p++;
+
+	if (p >= end)
+		goto bail;
+
+	p++;
+
+	/* trim the last line */
+
+	q = end - 2;
+
+	while (q > pem && *q != '\n')
+		q--;
+
+	if (*q != '\n')
+		goto bail;
+
+	*q = '\0';
+
+	*amount = lws_b64_decode_string((char *)p, (char *)pem, len);
+	*buf = pem;
+
+	return 0;
+
+bail:
+	lws_free(pem);
+
+	return 4;
+}
+#endif
+
+int openssl_websocket_private_data_index,
+    openssl_SSL_CTX_private_data_index;
+
+int lws_ssl_get_error(struct lws *wsi, int n)
+{
+	int m;
+
+	if (!wsi->ssl)
+		return 99;
+
+	m = SSL_get_error(wsi->ssl, n);
+	lwsl_debug("%s: %p %d -> %d\n", __func__, wsi->ssl, n, m);
+
+	return m;
+}
+
+/* Copies a string describing the code returned by lws_ssl_get_error(),
+ * which may also contain system error information in the case of SSL_ERROR_SYSCALL,
+ * into buf up to len.
+ * Returns a pointer to buf.
+ *
+ * Note: the lws_ssl_get_error() code is *not* an error code that can be passed
+ * to ERR_error_string(),
+ *
+ * ret is the return value originally passed to lws_ssl_get_error(), needed to disambiguate
+ * SYS_ERROR_SYSCALL.
+ *
+ * See man page for SSL_get_error().
+ *
+ * Not thread safe, uses strerror()
+ */
+char* lws_ssl_get_error_string(int status, int ret, char *buf, size_t len) {
+	switch (status) {
+	case SSL_ERROR_NONE: return strncpy(buf, "SSL_ERROR_NONE", len);
+	case SSL_ERROR_ZERO_RETURN: return strncpy(buf, "SSL_ERROR_ZERO_RETURN", len);
+	case SSL_ERROR_WANT_READ: return strncpy(buf, "SSL_ERROR_WANT_READ", len);
+	case SSL_ERROR_WANT_WRITE: return strncpy(buf, "SSL_ERROR_WANT_WRITE", len);
+	case SSL_ERROR_WANT_CONNECT: return strncpy(buf, "SSL_ERROR_WANT_CONNECT", len);
+	case SSL_ERROR_WANT_ACCEPT: return strncpy(buf, "SSL_ERROR_WANT_ACCEPT", len);
+	case SSL_ERROR_WANT_X509_LOOKUP: return strncpy(buf, "SSL_ERROR_WANT_X509_LOOKUP", len);
+	case SSL_ERROR_SYSCALL:
+		switch (ret) {
+                case 0:
+                        lws_snprintf(buf, len, "SSL_ERROR_SYSCALL: EOF");
+                        return buf;
+                case -1:
+#ifndef LWS_PLAT_OPTEE
+			lws_snprintf(buf, len, "SSL_ERROR_SYSCALL: %s", strerror(errno));
+#else
+			lws_snprintf(buf, len, "SSL_ERROR_SYSCALL: %d", errno);
+#endif
+			return buf;
+                default:
+                        return strncpy(buf, "SSL_ERROR_SYSCALL", len);
+	}
+	case SSL_ERROR_SSL: return "SSL_ERROR_SSL";
+	default: return "SSL_ERROR_UNKNOWN";
+	}
+}
+
+void
+lws_ssl_elaborate_error(void)
+{
+#if defined(LWS_WITH_MBEDTLS)
+#else
+	char buf[256];
+	u_long err;
+
+	while ((err = ERR_get_error()) != 0) {
+		ERR_error_string_n(err, buf, sizeof(buf));
+		lwsl_info("*** %s\n", buf);
+	}
+#endif
+}
+
+#if !defined(LWS_WITH_MBEDTLS)
+
+static int
+lws_context_init_ssl_pem_passwd_cb(char * buf, int size, int rwflag, void *userdata)
+{
+	struct lws_context_creation_info * info =
+			(struct lws_context_creation_info *)userdata;
+
+	strncpy(buf, info->ssl_private_key_password, size);
+	buf[size - 1] = '\0';
+
+	return strlen(buf);
+}
+
+void
+lws_ssl_bind_passphrase(SSL_CTX *ssl_ctx, struct lws_context_creation_info *info)
+{
+	if (!info->ssl_private_key_password)
+		return;
+	/*
+	 * password provided, set ssl callback and user data
+	 * for checking password which will be trigered during
+	 * SSL_CTX_use_PrivateKey_file function
+	 */
+	SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, (void *)info);
+	SSL_CTX_set_default_passwd_cb(ssl_ctx, lws_context_init_ssl_pem_passwd_cb);
+}
+#endif
+
+int
+lws_context_init_ssl_library(struct lws_context_creation_info *info)
+{
+#ifdef USE_WOLFSSL
+#ifdef USE_OLD_CYASSL
+	lwsl_info(" Compiled with CyaSSL support\n");
+#else
+	lwsl_info(" Compiled with wolfSSL support\n");
+#endif
+#else
+#if defined(LWS_WITH_BORINGSSL)
+	lwsl_info(" Compiled with BoringSSL support\n");
+#else
+#if defined(LWS_WITH_MBEDTLS)
+	lwsl_info(" Compiled with MbedTLS support\n");
+#else
+	lwsl_info(" Compiled with OpenSSL support\n");
+#endif
+#endif
+#endif
+	if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT)) {
+		lwsl_info(" SSL disabled: no LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT\n");
+		return 0;
+	}
+
+	/* basic openssl init */
+
+	lwsl_info("Doing SSL library init\n");
+
+#if !defined(LWS_WITH_MBEDTLS)
+	SSL_library_init();
+	OpenSSL_add_all_algorithms();
+	SSL_load_error_strings();
+
+	openssl_websocket_private_data_index =
+		SSL_get_ex_new_index(0, "lws", NULL, NULL, NULL);
+
+	openssl_SSL_CTX_private_data_index = SSL_CTX_get_ex_new_index(0,
+			NULL, NULL, NULL, NULL);
+#endif
+
+	return 0;
+}
+
+LWS_VISIBLE void
+lws_ssl_destroy(struct lws_vhost *vhost)
+{
+	if (!lws_check_opt(vhost->context->options,
+			   LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT))
+		return;
+
+	if (vhost->ssl_ctx)
+		SSL_CTX_free(vhost->ssl_ctx);
+	if (!vhost->user_supplied_ssl_ctx && vhost->ssl_client_ctx)
+		SSL_CTX_free(vhost->ssl_client_ctx);
+
+#if defined(LWS_WITH_MBEDTLS)
+	if (vhost->x509_client_CA)
+		X509_free(vhost->x509_client_CA);
+#else
+// after 1.1.0 no need
+#if (OPENSSL_VERSION_NUMBER <  0x10100000)
+// <= 1.0.1f = old api, 1.0.1g+ = new api
+#if (OPENSSL_VERSION_NUMBER <= 0x1000106f) || defined(USE_WOLFSSL)
+	ERR_remove_state(0);
+#else
+#if OPENSSL_VERSION_NUMBER >= 0x1010005f && \
+    !defined(LIBRESSL_VERSION_NUMBER) && \
+    !defined(OPENSSL_IS_BORINGSSL)
+	ERR_remove_thread_state();
+#else
+	ERR_remove_thread_state(NULL);
+#endif
+#endif
+	// after 1.1.0 no need
+#if  (OPENSSL_VERSION_NUMBER >= 0x10002000) && (OPENSSL_VERSION_NUMBER <= 0x10100000)
+	SSL_COMP_free_compression_methods();
+#endif
+	ERR_free_strings();
+	EVP_cleanup();
+	CRYPTO_cleanup_all_ex_data();
+#endif
+#endif
+}
+
+int
+lws_ssl_anybody_has_buffered_read_tsi(struct lws_context *context, int tsi)
+{
+	struct lws_context_per_thread *pt = &context->pt[tsi];
+	struct lws *wsi, *wsi_next;
+
+	wsi = pt->pending_read_list;
+	while (wsi) {
+		wsi_next = wsi->pending_read_list_next;
+		pt->fds[wsi->position_in_fds_table].revents |=
+			pt->fds[wsi->position_in_fds_table].events & LWS_POLLIN;
+		if (pt->fds[wsi->position_in_fds_table].revents & LWS_POLLIN)
+			return 1;
+
+		wsi = wsi_next;
+	}
+
+	return 0;
+}
+
+LWS_VISIBLE void
+lws_ssl_remove_wsi_from_buffered_list(struct lws *wsi)
+{
+	struct lws_context *context = wsi->context;
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+
+	if (!wsi->pending_read_list_prev &&
+	    !wsi->pending_read_list_next &&
+	    pt->pending_read_list != wsi)
+		/* we are not on the list */
+		return;
+
+	/* point previous guy's next to our next */
+	if (!wsi->pending_read_list_prev)
+		pt->pending_read_list = wsi->pending_read_list_next;
+	else
+		wsi->pending_read_list_prev->pending_read_list_next =
+			wsi->pending_read_list_next;
+
+	/* point next guy's previous to our previous */
+	if (wsi->pending_read_list_next)
+		wsi->pending_read_list_next->pending_read_list_prev =
+			wsi->pending_read_list_prev;
+
+	wsi->pending_read_list_prev = NULL;
+	wsi->pending_read_list_next = NULL;
+}
+
+LWS_VISIBLE int
+lws_ssl_capable_read(struct lws *wsi, unsigned char *buf, int len)
+{
+	struct lws_context *context = wsi->context;
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+	int n = 0, m;
+
+	if (!wsi->ssl)
+		return lws_ssl_capable_read_no_ssl(wsi, buf, len);
+
+	lws_stats_atomic_bump(context, pt, LWSSTATS_C_API_READ, 1);
+
+	errno = 0;
+	n = SSL_read(wsi->ssl, buf, len);
+#if defined(LWS_WITH_ESP32)
+	if (!n && errno == ENOTCONN) {
+		lwsl_debug("%p: SSL_read ENOTCONN\n", wsi);
+		return LWS_SSL_CAPABLE_ERROR;
+	}
+#endif
+#if defined(LWS_WITH_STATS)
+	if (!wsi->seen_rx) {
+                lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_MS_SSL_RX_DELAY,
+				time_in_microseconds() - wsi->accept_start_us);
+                lws_stats_atomic_bump(wsi->context, pt, LWSSTATS_C_SSL_CONNS_HAD_RX, 1);
+		wsi->seen_rx = 1;
+	}
+#endif
+
+
+	lwsl_debug("%p: SSL_read says %d\n", wsi, n);
+	/* manpage: returning 0 means connection shut down */
+	if (!n) {
+		wsi->socket_is_permanently_unusable = 1;
+
+		return LWS_SSL_CAPABLE_ERROR;
+	}
+
+	if (n < 0) {
+		m = lws_ssl_get_error(wsi, n);
+		lwsl_debug("%p: ssl err %d errno %d\n", wsi, m, errno);
+		if (m == SSL_ERROR_ZERO_RETURN ||
+		    m == SSL_ERROR_SYSCALL)
+			return LWS_SSL_CAPABLE_ERROR;
+
+		if (SSL_want_read(wsi->ssl)) {
+			lwsl_debug("%s: WANT_READ\n", __func__);
+			lwsl_debug("%p: LWS_SSL_CAPABLE_MORE_SERVICE\n", wsi);
+			return LWS_SSL_CAPABLE_MORE_SERVICE;
+		}
+		if (SSL_want_write(wsi->ssl)) {
+			lwsl_debug("%s: WANT_WRITE\n", __func__);
+			lwsl_debug("%p: LWS_SSL_CAPABLE_MORE_SERVICE\n", wsi);
+			return LWS_SSL_CAPABLE_MORE_SERVICE;
+		}
+		wsi->socket_is_permanently_unusable = 1;
+
+		return LWS_SSL_CAPABLE_ERROR;
+	}
+
+	lws_stats_atomic_bump(context, pt, LWSSTATS_B_READ, n);
+
+	if (wsi->vhost)
+		wsi->vhost->conn_stats.rx += n;
+
+	lws_restart_ws_ping_pong_timer(wsi);
+
+	/*
+	 * if it was our buffer that limited what we read,
+	 * check if SSL has additional data pending inside SSL buffers.
+	 *
+	 * Because these won't signal at the network layer with POLLIN
+	 * and if we don't realize, this data will sit there forever
+	 */
+	if (n != len)
+		goto bail;
+	if (!wsi->ssl)
+		goto bail;
+
+	if (!SSL_pending(wsi->ssl))
+		goto bail;
+
+	if (wsi->pending_read_list_next)
+		return n;
+	if (wsi->pending_read_list_prev)
+		return n;
+	if (pt->pending_read_list == wsi)
+		return n;
+
+	/* add us to the linked list of guys with pending ssl */
+	if (pt->pending_read_list)
+		pt->pending_read_list->pending_read_list_prev = wsi;
+
+	wsi->pending_read_list_next = pt->pending_read_list;
+	wsi->pending_read_list_prev = NULL;
+	pt->pending_read_list = wsi;
+
+	return n;
+bail:
+	lws_ssl_remove_wsi_from_buffered_list(wsi);
+
+	return n;
+}
+
+LWS_VISIBLE int
+lws_ssl_pending(struct lws *wsi)
+{
+	if (!wsi->ssl)
+		return 0;
+
+	return SSL_pending(wsi->ssl);
+}
+
+LWS_VISIBLE int
+lws_ssl_capable_write(struct lws *wsi, unsigned char *buf, int len)
+{
+	int n, m;
+
+	if (!wsi->ssl)
+		return lws_ssl_capable_write_no_ssl(wsi, buf, len);
+
+	n = SSL_write(wsi->ssl, buf, len);
+	if (n > 0)
+		return n;
+
+	m = lws_ssl_get_error(wsi, n);
+	if (m != SSL_ERROR_SYSCALL) {
+
+		if (SSL_want_read(wsi->ssl)) {
+			lwsl_notice("%s: want read\n", __func__);
+
+			return LWS_SSL_CAPABLE_MORE_SERVICE;
+		}
+
+		if (SSL_want_write(wsi->ssl)) {
+			lws_set_blocking_send(wsi);
+
+			lwsl_notice("%s: want write\n", __func__);
+
+			return LWS_SSL_CAPABLE_MORE_SERVICE;
+		}
+	}
+
+	lwsl_debug("%s failed: %s\n",__func__, ERR_error_string(m, NULL));
+	lws_ssl_elaborate_error();
+
+	wsi->socket_is_permanently_unusable = 1;
+
+	return LWS_SSL_CAPABLE_ERROR;
+}
+
+static int
+lws_gate_accepts(struct lws_context *context, int on)
+{
+	struct lws_vhost *v = context->vhost_list;
+
+	lwsl_info("gating accepts %d\n", on);
+	context->ssl_gate_accepts = !on;
+#if defined(LWS_WITH_STATS)
+	context->updated = 1;
+#endif
+
+	while (v) {
+		if (v->use_ssl &&  v->lserv_wsi) /* gate ability to accept incoming connections */
+			if (lws_change_pollfd(v->lserv_wsi, (LWS_POLLIN) * !on,
+					      (LWS_POLLIN) * on))
+				lwsl_info("Unable to set accept POLLIN %d\n", on);
+
+		v = v->vhost_next;
+	}
+
+	return 0;
+}
+
+void
+lws_ssl_info_callback(const SSL *ssl, int where, int ret)
+{
+	struct lws *wsi;
+	struct lws_context *context;
+	struct lws_ssl_info si;
+
+	context = (struct lws_context *)SSL_CTX_get_ex_data(
+					SSL_get_SSL_CTX(ssl),
+					openssl_SSL_CTX_private_data_index);
+	if (!context)
+		return;
+	wsi = wsi_from_fd(context, SSL_get_fd(ssl));
+	if (!wsi)
+		return;
+
+	if (!(where & wsi->vhost->ssl_info_event_mask))
+		return;
+
+	si.where = where;
+	si.ret = ret;
+
+	if (user_callback_handle_rxflow(wsi->protocol->callback,
+						   wsi, LWS_CALLBACK_SSL_INFO,
+						   wsi->user_space, &si, 0))
+		lws_set_timeout(wsi, PENDING_TIMEOUT_KILLED_BY_SSL_INFO, -1);
+}
+
+
+LWS_VISIBLE int
+lws_ssl_close(struct lws *wsi)
+{
+	lws_sockfd_type n;
+
+	if (!wsi->ssl)
+		return 0; /* not handled */
+
+#if defined (LWS_HAVE_SSL_SET_INFO_CALLBACK)
+	/* kill ssl callbacks, becausse we will remove the fd from the
+	 * table linking it to the wsi
+	 */
+	if (wsi->vhost->ssl_info_event_mask)
+		SSL_set_info_callback(wsi->ssl, NULL);
+#endif
+
+	n = SSL_get_fd(wsi->ssl);
+	if (!wsi->socket_is_permanently_unusable)
+		SSL_shutdown(wsi->ssl);
+	compatible_close(n);
+	SSL_free(wsi->ssl);
+	wsi->ssl = NULL;
+
+	if (wsi->context->simultaneous_ssl_restriction &&
+	    wsi->context->simultaneous_ssl-- ==
+			    wsi->context->simultaneous_ssl_restriction)
+		/* we made space and can do an accept */
+		lws_gate_accepts(wsi->context, 1);
+#if defined(LWS_WITH_STATS)
+	wsi->context->updated = 1;
+#endif
+
+	return 1; /* handled */
+}
+
+/* leave all wsi close processing to the caller */
+
+LWS_VISIBLE int
+lws_server_socket_service_ssl(struct lws *wsi, lws_sockfd_type accept_fd)
+{
+	struct lws_context *context = wsi->context;
+	struct lws_vhost *vh;
+	struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
+	int n, m;
+#if !defined(USE_WOLFSSL) && !defined(LWS_WITH_MBEDTLS)
+	BIO *bio;
+#endif
+        char buf[256];
+
+        (void)buf;
+
+	if (!LWS_SSL_ENABLED(wsi->vhost))
+		return 0;
+
+	switch (wsi->mode) {
+	case LWSCM_SSL_INIT:
+	case LWSCM_SSL_INIT_RAW:
+		if (wsi->ssl)
+			lwsl_err("%s: leaking ssl\n", __func__);
+		if (accept_fd == LWS_SOCK_INVALID)
+			assert(0);
+		if (context->simultaneous_ssl_restriction &&
+		    context->simultaneous_ssl >= context->simultaneous_ssl_restriction) {
+			lwsl_notice("unable to deal with SSL connection\n");
+			return 1;
+		}
+		errno = 0;
+		wsi->ssl = SSL_new(wsi->vhost->ssl_ctx);
+		if (wsi->ssl == NULL) {
+			lwsl_err("SSL_new failed: %d (errno %d)\n",
+				 lws_ssl_get_error(wsi, 0), errno);
+
+			lws_ssl_elaborate_error();
+			if (accept_fd != LWS_SOCK_INVALID)
+				compatible_close(accept_fd);
+			goto fail;
+		}
+#if defined (LWS_HAVE_SSL_SET_INFO_CALLBACK)
+		if (wsi->vhost->ssl_info_event_mask)
+			SSL_set_info_callback(wsi->ssl, lws_ssl_info_callback);
+#endif
+		if (context->simultaneous_ssl_restriction &&
+		    ++context->simultaneous_ssl == context->simultaneous_ssl_restriction)
+			/* that was the last allowed SSL connection */
+			lws_gate_accepts(context, 0);
+#if defined(LWS_WITH_STATS)
+	context->updated = 1;
+#endif
+
+#if !defined(LWS_WITH_MBEDTLS)
+		SSL_set_ex_data(wsi->ssl,
+			openssl_websocket_private_data_index, wsi);
+#endif
+		SSL_set_fd(wsi->ssl, accept_fd);
+
+#ifdef USE_WOLFSSL
+#ifdef USE_OLD_CYASSL
+		CyaSSL_set_using_nonblock(wsi->ssl, 1);
+#else
+		wolfSSL_set_using_nonblock(wsi->ssl, 1);
+#endif
+#else
+#if defined(LWS_WITH_MBEDTLS)
+		lws_plat_set_socket_options(wsi->vhost, accept_fd);
+#else
+		SSL_set_mode(wsi->ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
+		bio = SSL_get_rbio(wsi->ssl);
+		if (bio)
+			BIO_set_nbio(bio, 1); /* nonblocking */
+		else
+			lwsl_notice("NULL rbio\n");
+		bio = SSL_get_wbio(wsi->ssl);
+		if (bio)
+			BIO_set_nbio(bio, 1); /* nonblocking */
+		else
+			lwsl_notice("NULL rbio\n");
+#endif
+#endif
+
+		/*
+		 * we are not accepted yet, but we need to enter ourselves
+		 * as a live connection.  That way we can retry when more
+		 * pieces come if we're not sorted yet
+		 */
+
+		if (wsi->mode == LWSCM_SSL_INIT)
+			wsi->mode = LWSCM_SSL_ACK_PENDING;
+		else
+			wsi->mode = LWSCM_SSL_ACK_PENDING_RAW;
+
+		if (insert_wsi_socket_into_fds(context, wsi)) {
+			lwsl_err("%s: failed to insert into fds\n", __func__);
+			goto fail;
+		}
+
+		lws_set_timeout(wsi, PENDING_TIMEOUT_SSL_ACCEPT,
+				context->timeout_secs);
+
+		lwsl_debug("inserted SSL accept into fds, trying SSL_accept\n");
+
+		/* fallthru */
+
+	case LWSCM_SSL_ACK_PENDING:
+	case LWSCM_SSL_ACK_PENDING_RAW:
+		if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) {
+			lwsl_err("%s: lws_change_pollfd failed\n", __func__);
+			goto fail;
+		}
+
+		lws_latency_pre(context, wsi);
+
+		if (wsi->vhost->allow_non_ssl_on_ssl_port) {
+
+			n = recv(wsi->desc.sockfd, (char *)pt->serv_buf,
+				 context->pt_serv_buf_size, MSG_PEEK);
+
+		/*
+		 * optionally allow non-SSL connect on SSL listening socket
+		 * This is disabled by default, if enabled it goes around any
+		 * SSL-level access control (eg, client-side certs) so leave
+		 * it disabled unless you know it's not a problem for you
+		 */
+
+			if (n >= 1 && pt->serv_buf[0] >= ' ') {
+				/*
+				* TLS content-type for Handshake is 0x16, and
+				* for ChangeCipherSpec Record, it's 0x14
+				*
+				* A non-ssl session will start with the HTTP
+				* method in ASCII.  If we see it's not a legit
+				* SSL handshake kill the SSL for this
+				* connection and try to handle as a HTTP
+				* connection upgrade directly.
+				*/
+				wsi->use_ssl = 0;
+
+				SSL_shutdown(wsi->ssl);
+				SSL_free(wsi->ssl);
+				wsi->ssl = NULL;
+				if (lws_check_opt(context->options,
+				    LWS_SERVER_OPTION_REDIRECT_HTTP_TO_HTTPS))
+					wsi->redirect_to_https = 1;
+				goto accepted;
+			}
+			if (!n) /*
+				 * connection is gone, or nothing to read
+				 * if it's gone, we will timeout on
+				 * PENDING_TIMEOUT_SSL_ACCEPT
+				 */
+				break;
+			if (n < 0 && (LWS_ERRNO == LWS_EAGAIN ||
+				      LWS_ERRNO == LWS_EWOULDBLOCK)) {
+				/*
+				 * well, we get no way to know ssl or not
+				 * so go around again waiting for something
+				 * to come and give us a hint, or timeout the
+				 * connection.
+				 */
+				m = SSL_ERROR_WANT_READ;
+				goto go_again;
+			}
+		}
+
+		/* normal SSL connection processing path */
+
+#if defined(LWS_WITH_STATS)
+		if (!wsi->accept_start_us)
+			wsi->accept_start_us = time_in_microseconds();
+#endif
+		errno = 0;
+		lws_stats_atomic_bump(wsi->context, pt,
+				      LWSSTATS_C_SSL_CONNECTIONS_ACCEPT_SPIN, 1);
+		n = SSL_accept(wsi->ssl);
+		lws_latency(context, wsi,
+			"SSL_accept LWSCM_SSL_ACK_PENDING\n", n, n == 1);
+		lwsl_info("SSL_accept says %d\n", n);
+		if (n == 1)
+			goto accepted;
+
+		m = lws_ssl_get_error(wsi, n);
+
+#if defined(LWS_WITH_MBEDTLS)
+		if (m == SSL_ERROR_SYSCALL && errno == 11)
+			m = SSL_ERROR_WANT_READ;
+#endif
+		if (m == SSL_ERROR_SYSCALL || m == SSL_ERROR_SSL)
+			goto failed;
+
+go_again:
+		if (m == SSL_ERROR_WANT_READ || SSL_want_read(wsi->ssl)) {
+			if (lws_change_pollfd(wsi, 0, LWS_POLLIN)) {
+				lwsl_info("%s: WANT_READ change_pollfd failed\n", __func__);
+				goto fail;
+			}
+
+			lwsl_info("SSL_ERROR_WANT_READ\n");
+			break;
+		}
+		if (m == SSL_ERROR_WANT_WRITE || SSL_want_write(wsi->ssl)) {
+			lwsl_debug("%s: WANT_WRITE\n", __func__);
+
+			if (lws_change_pollfd(wsi, 0, LWS_POLLOUT)) {
+				lwsl_info("%s: WANT_WRITE change_pollfd failed\n", __func__);
+				goto fail;
+			}
+
+			break;
+		}
+failed:
+		lws_stats_atomic_bump(wsi->context, pt,
+				      LWSSTATS_C_SSL_CONNECTIONS_FAILED, 1);
+                lwsl_info("SSL_accept failed socket %u: %s\n", wsi->desc.sockfd,
+                         lws_ssl_get_error_string(m, n, buf, sizeof(buf)));
+		lws_ssl_elaborate_error();
+		goto fail;
+
+accepted:
+		lws_stats_atomic_bump(wsi->context, pt,
+				      LWSSTATS_C_SSL_CONNECTIONS_ACCEPTED, 1);
+#if defined(LWS_WITH_STATS)
+		lws_stats_atomic_bump(wsi->context, pt,
+				      LWSSTATS_MS_SSL_CONNECTIONS_ACCEPTED_DELAY,
+				      time_in_microseconds() - wsi->accept_start_us);
+		wsi->accept_start_us = time_in_microseconds();
+#endif
+
+		/* adapt our vhost to match the SNI SSL_CTX that was chosen */
+		vh = context->vhost_list;
+		while (vh) {
+			if (!vh->being_destroyed &&
+			    vh->ssl_ctx == SSL_get_SSL_CTX(wsi->ssl)) {
+				lwsl_info("setting wsi to vh %s\n", vh->name);
+				wsi->vhost = vh;
+				break;
+			}
+			vh = vh->vhost_next;
+		}
+
+		/* OK, we are accepted... give him some time to negotiate */
+		lws_set_timeout(wsi, PENDING_TIMEOUT_ESTABLISH_WITH_SERVER,
+				context->timeout_secs);
+
+		if (wsi->mode == LWSCM_SSL_ACK_PENDING_RAW)
+			wsi->mode = LWSCM_RAW;
+		else
+			wsi->mode = LWSCM_HTTP_SERVING;
+#if defined(LWS_WITH_HTTP2)
+		if (lws_h2_configure_if_upgraded(wsi))
+			goto fail;
+#endif
+		lwsl_debug("accepted new SSL conn\n");
+		break;
+	}
+
+	return 0;
+
+fail:
+	return 1;
+}
+
+void
+lws_ssl_SSL_CTX_destroy(struct lws_vhost *vhost)
+{
+	if (vhost->ssl_ctx)
+		SSL_CTX_free(vhost->ssl_ctx);
+
+	if (!vhost->user_supplied_ssl_ctx && vhost->ssl_client_ctx)
+		SSL_CTX_free(vhost->ssl_client_ctx);
+}
+
+void
+lws_ssl_context_destroy(struct lws_context *context)
+{
+
+#if !defined(LWS_WITH_MBEDTLS)
+
+// after 1.1.0 no need
+#if (OPENSSL_VERSION_NUMBER <  0x10100000)
+// <= 1.0.1f = old api, 1.0.1g+ = new api
+#if (OPENSSL_VERSION_NUMBER <= 0x1000106f) || defined(USE_WOLFSSL)
+	ERR_remove_state(0);
+#else
+#if OPENSSL_VERSION_NUMBER >= 0x1010005f && \
+    !defined(LIBRESSL_VERSION_NUMBER) && \
+    !defined(OPENSSL_IS_BORINGSSL)
+	ERR_remove_thread_state();
+#else
+	ERR_remove_thread_state(NULL);
+#endif
+#endif
+	// after 1.1.0 no need
+#if  (OPENSSL_VERSION_NUMBER >= 0x10002000) && (OPENSSL_VERSION_NUMBER <= 0x10100000)
+	SSL_COMP_free_compression_methods();
+#endif
+	ERR_free_strings();
+	EVP_cleanup();
+	CRYPTO_cleanup_all_ex_data();
+#endif
+#endif
+}
diff --git a/thirdparty/lws/win32helpers/getopt.c b/thirdparty/lws/win32helpers/getopt.c
new file mode 100644
index 0000000000..3bb21f6f28
--- /dev/null
+++ b/thirdparty/lws/win32helpers/getopt.c
@@ -0,0 +1,153 @@
+/*	$NetBSD: getopt.c,v 1.16 1999/12/02 13:15:56 kleink Exp $	*/
+
+/*
+ * Copyright (c) 1987, 1993, 1994
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *	This product includes software developed by the University of
+ *	California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#if 0
+static char sccsid[] = "@(#)getopt.c	8.3 (Berkeley) 4/27/95";
+#endif
+
+#include <assert.h>
+#include <errno.h>
+#include <stdio.h>
+#include <string.h>
+
+#define __P(x) x
+#define _DIAGASSERT(x) assert(x)
+
+#ifdef __weak_alias
+__weak_alias(getopt,_getopt);
+#endif
+
+
+int	opterr = 1,		/* if error message should be printed */
+	optind = 1,		/* index into parent argv vector */
+	optopt,			/* character checked for validity */
+	optreset;		/* reset getopt */
+char	*optarg;		/* argument associated with option */
+
+static char * _progname __P((char *));
+int getopt_internal __P((int, char * const *, const char *));
+
+static char *
+_progname(nargv0)
+	char * nargv0;
+{
+	char * tmp;
+
+	_DIAGASSERT(nargv0 != NULL);
+
+	tmp = strrchr(nargv0, '/');
+	if (tmp)
+		tmp++;
+	else
+		tmp = nargv0;
+	return(tmp);
+}
+
+#define	BADCH	(int)'?'
+#define	BADARG	(int)':'
+#define	EMSG	""
+
+/*
+ * getopt --
+ *	Parse argc/argv argument vector.
+ */
+int
+getopt(nargc, nargv, ostr)
+	int nargc;
+	char * const nargv[];
+	const char *ostr;
+{
+	static char *__progname = 0;
+	static char *place = EMSG;		/* option letter processing */
+	char *oli;				/* option letter list index */
+        __progname = __progname?__progname:_progname(*nargv);
+
+	_DIAGASSERT(nargv != NULL);
+	_DIAGASSERT(ostr != NULL);
+
+	if (optreset || !*place) {		/* update scanning pointer */
+		optreset = 0;
+		if (optind >= nargc || *(place = nargv[optind]) != '-') {
+			place = EMSG;
+			return (-1);
+		}
+		if (place[1] && *++place == '-'	/* found "--" */
+		    && place[1] == '\0') {
+			++optind;
+			place = EMSG;
+			return (-1);
+		}
+	}					/* option letter okay? */
+	if ((optopt = (int)*place++) == (int)':' ||
+	    !(oli = strchr(ostr, optopt))) {
+		/*
+		 * if the user didn't specify '-' as an option,
+		 * assume it means -1.
+		 */
+		if (optopt == (int)'-')
+			return (-1);
+		if (!*place)
+			++optind;
+		if (opterr && *ostr != ':')
+			(void)fprintf(stderr,
+			    "%s: illegal option -- %c\n", __progname, optopt);
+		return (BADCH);
+	}
+	if (*++oli != ':') {			/* don't need argument */
+		optarg = NULL;
+		if (!*place)
+			++optind;
+	}
+	else {					/* need an argument */
+		if (*place)			/* no white space */
+			optarg = place;
+		else if (nargc <= ++optind) {	/* no arg */
+			place = EMSG;
+			if (*ostr == ':')
+				return (BADARG);
+			if (opterr)
+				(void)fprintf(stderr,
+				    "%s: option requires an argument -- %c\n",
+				    __progname, optopt);
+			return (BADCH);
+		}
+	 	else				/* white space */
+			optarg = nargv[optind];
+		place = EMSG;
+		++optind;
+	}
+	return (optopt);			/* dump back option letter */
+}
+
diff --git a/thirdparty/lws/win32helpers/getopt.h b/thirdparty/lws/win32helpers/getopt.h
new file mode 100644
index 0000000000..7137f0379c
--- /dev/null
+++ b/thirdparty/lws/win32helpers/getopt.h
@@ -0,0 +1,33 @@
+#ifndef __GETOPT_H__
+#define __GETOPT_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+extern int opterr;		/* if error message should be printed */
+extern int optind;		/* index into parent argv vector */
+extern int optopt;		/* character checked for validity */
+extern int optreset;		/* reset getopt */
+extern char *optarg;		/* argument associated with option */
+
+struct option
+{
+  const char *name;
+  int has_arg;
+  int *flag;
+  int val;
+};
+
+#define no_argument       0
+#define required_argument 1
+#define optional_argument 2
+
+int getopt(int, char**, char*);
+int getopt_long(int, char**, char*, struct option*, int*);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __GETOPT_H__ */
diff --git a/thirdparty/lws/win32helpers/getopt_long.c b/thirdparty/lws/win32helpers/getopt_long.c
new file mode 100644
index 0000000000..5bcf40060f
--- /dev/null
+++ b/thirdparty/lws/win32helpers/getopt_long.c
@@ -0,0 +1,237 @@
+
+/*
+ * Copyright (c) 1987, 1993, 1994, 1996
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *	This product includes software developed by the University of
+ *	California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+#include <assert.h>
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "getopt.h"
+
+extern int	  opterr;	/* if error message should be printed */
+extern int	  optind;	/* index into parent argv vector */
+extern int	  optopt;	/* character checked for validity */
+extern int	  optreset;	/* reset getopt */
+extern char *optarg;	/* argument associated with option */
+
+#define __P(x) x
+#define _DIAGASSERT(x) assert(x)
+
+static char * __progname __P((char *));
+int getopt_internal __P((int, char * const *, const char *));
+
+static char *
+__progname(nargv0)
+	char * nargv0;
+{
+	char * tmp;
+
+	_DIAGASSERT(nargv0 != NULL);
+
+	tmp = strrchr(nargv0, '/');
+	if (tmp)
+		tmp++;
+	else
+		tmp = nargv0;
+	return(tmp);
+}
+
+#define	BADCH	(int)'?'
+#define	BADARG	(int)':'
+#define	EMSG	""
+
+/*
+ * getopt --
+ *	Parse argc/argv argument vector.
+ */
+int
+getopt_internal(nargc, nargv, ostr)
+	int nargc;
+	char * const *nargv;
+	const char *ostr;
+{
+	static char *place = EMSG;		/* option letter processing */
+	char *oli;				/* option letter list index */
+
+	_DIAGASSERT(nargv != NULL);
+	_DIAGASSERT(ostr != NULL);
+
+	if (optreset || !*place) {		/* update scanning pointer */
+		optreset = 0;
+		if (optind >= nargc || *(place = nargv[optind]) != '-') {
+			place = EMSG;
+			return (-1);
+		}
+		if (place[1] && *++place == '-') {	/* found "--" */
+			/* ++optind; */
+			place = EMSG;
+			return (-2);
+		}
+	}					/* option letter okay? */
+	if ((optopt = (int)*place++) == (int)':' ||
+	    !(oli = strchr(ostr, optopt))) {
+		/*
+		 * if the user didn't specify '-' as an option,
+		 * assume it means -1.
+		 */
+		if (optopt == (int)'-')
+			return (-1);
+		if (!*place)
+			++optind;
+		if (opterr && *ostr != ':')
+			(void)fprintf(stderr,
+			    "%s: illegal option -- %c\n", __progname(nargv[0]), optopt);
+		return (BADCH);
+	}
+	if (*++oli != ':') {			/* don't need argument */
+		optarg = NULL;
+		if (!*place)
+			++optind;
+	} else {				/* need an argument */
+		if (*place)			/* no white space */
+			optarg = place;
+		else if (nargc <= ++optind) {	/* no arg */
+			place = EMSG;
+			if ((opterr) && (*ostr != ':'))
+				(void)fprintf(stderr,
+				    "%s: option requires an argument -- %c\n",
+				    __progname(nargv[0]), optopt);
+			return (BADARG);
+		} else				/* white space */
+			optarg = nargv[optind];
+		place = EMSG;
+		++optind;
+	}
+	return (optopt);			/* dump back option letter */
+}
+
+#if 0
+/*
+ * getopt --
+ *	Parse argc/argv argument vector.
+ */
+int
+getopt2(nargc, nargv, ostr)
+	int nargc;
+	char * const *nargv;
+	const char *ostr;
+{
+	int retval;
+
+	if ((retval = getopt_internal(nargc, nargv, ostr)) == -2) {
+		retval = -1;
+		++optind; 
+	}
+	return(retval);
+}
+#endif
+
+/*
+ * getopt_long --
+ *	Parse argc/argv argument vector.
+ */
+int
+getopt_long(nargc, nargv, options, long_options, index)
+	int nargc;
+	char ** nargv;
+	char * options;
+	struct option * long_options;
+	int * index;
+{
+	int retval;
+
+	_DIAGASSERT(nargv != NULL);
+	_DIAGASSERT(options != NULL);
+	_DIAGASSERT(long_options != NULL);
+	/* index may be NULL */
+
+	if ((retval = getopt_internal(nargc, nargv, options)) == -2) {
+		char *current_argv = nargv[optind++] + 2, *has_equal;
+		int i, current_argv_len, match = -1;
+
+		if (*current_argv == '\0') {
+			return(-1);
+		}
+		if ((has_equal = strchr(current_argv, '=')) != NULL) {
+			current_argv_len = has_equal - current_argv;
+			has_equal++;
+		} else
+			current_argv_len = strlen(current_argv);
+
+		for (i = 0; long_options[i].name; i++) { 
+			if (strncmp(current_argv, long_options[i].name, current_argv_len))
+				continue;
+
+			if (strlen(long_options[i].name) == (unsigned)current_argv_len) { 
+				match = i;
+				break;
+			}
+			if (match == -1)
+				match = i;
+		}
+		if (match != -1) {
+			if (long_options[match].has_arg == required_argument ||
+			    long_options[match].has_arg == optional_argument) {
+				if (has_equal)
+					optarg = has_equal;
+				else
+					optarg = nargv[optind++];
+			}
+			if ((long_options[match].has_arg == required_argument)
+			    && (optarg == NULL)) {
+				/*
+				 * Missing argument, leading :
+				 * indicates no error should be generated
+				 */
+				if ((opterr) && (*options != ':'))
+					(void)fprintf(stderr,
+				      "%s: option requires an argument -- %s\n",
+				      __progname(nargv[0]), current_argv);
+				return (BADARG);
+			}
+		} else { /* No matching argument */
+			if ((opterr) && (*options != ':'))
+				(void)fprintf(stderr,
+				    "%s: illegal option -- %s\n", __progname(nargv[0]), current_argv);
+			return (BADCH);
+		}
+		if (long_options[match].flag) {
+			*long_options[match].flag = long_options[match].val;
+			retval = 0;
+		} else 
+			retval = long_options[match].val;
+		if (index)
+			*index = match;
+	}
+	return(retval);
+}
diff --git a/thirdparty/lws/win32helpers/gettimeofday.c b/thirdparty/lws/win32helpers/gettimeofday.c
new file mode 100644
index 0000000000..35dd73531d
--- /dev/null
+++ b/thirdparty/lws/win32helpers/gettimeofday.c
@@ -0,0 +1,36 @@
+#include <time.h>
+#include <windows.h> //I've omitted context line
+
+#include "gettimeofday.h"
+
+int gettimeofday(struct timeval *tv, struct timezone *tz)
+{
+	FILETIME ft;
+	unsigned __int64 tmpres = 0;
+	static int tzflag;
+
+	if (NULL != tv) {
+		GetSystemTimeAsFileTime(&ft);
+
+		tmpres |= ft.dwHighDateTime;
+		tmpres <<= 32;
+		tmpres |= ft.dwLowDateTime;
+
+		/*converting file time to unix epoch*/
+		tmpres /= 10;  /*convert into microseconds*/
+		tmpres -= DELTA_EPOCH_IN_MICROSECS;
+		tv->tv_sec = (long)(tmpres / 1000000UL);
+		tv->tv_usec = (long)(tmpres % 1000000UL);
+	}
+ 
+	if (NULL != tz) {
+		if (!tzflag) {
+			_tzset();
+			tzflag++;
+		}
+		tz->tz_minuteswest = _timezone / 60;
+		tz->tz_dsttime = _daylight;
+	}
+
+	return 0;
+}
diff --git a/thirdparty/lws/win32helpers/gettimeofday.h b/thirdparty/lws/win32helpers/gettimeofday.h
new file mode 100644
index 0000000000..33e7a750fe
--- /dev/null
+++ b/thirdparty/lws/win32helpers/gettimeofday.h
@@ -0,0 +1,27 @@
+#ifndef _GET_TIME_OF_DAY_H
+#define _GET_TIME_OF_DAY_H
+
+#include <time.h>
+
+#if defined(_MSC_VER) || defined(_MSC_EXTENSIONS)
+  #define DELTA_EPOCH_IN_MICROSECS  11644473600000000Ui64
+#else
+  #define DELTA_EPOCH_IN_MICROSECS  11644473600000000ULL
+#endif
+
+#ifdef LWS_MINGW_SUPPORT
+  #include <winsock2.h>
+#endif
+
+#ifndef _TIMEZONE_DEFINED 
+struct timezone 
+{
+  int  tz_minuteswest; /* minutes W of Greenwich */
+  int  tz_dsttime;     /* type of dst correction */
+};
+
+#endif
+
+int gettimeofday(struct timeval *tv, struct timezone *tz);
+
+#endif
diff --git a/thirdparty/mbedtls/include/mbedtls/aes.h b/thirdparty/mbedtls/include/mbedtls/aes.h
new file mode 100644
index 0000000000..46016dcb7f
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/aes.h
@@ -0,0 +1,417 @@
+/**
+ * \file aes.h
+ *
+ * \brief   The Advanced Encryption Standard (AES) specifies a FIPS-approved
+ *          cryptographic algorithm that can be used to protect electronic
+ *          data.
+ *
+ *          The AES algorithm is a symmetric block cipher that can
+ *          encrypt and decrypt information. For more information, see
+ *          <em>FIPS Publication 197: Advanced Encryption Standard</em> and
+ *          <em>ISO/IEC 18033-2:2006: Information technology -- Security
+ *          techniques -- Encryption algorithms -- Part 2: Asymmetric
+ *          ciphers</em>.
+ */
+/*  Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved.
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef MBEDTLS_AES_H
+#define MBEDTLS_AES_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+#include <stdint.h>
+
+/* padlock.c and aesni.c rely on these values! */
+#define MBEDTLS_AES_ENCRYPT     1 /**< AES encryption. */
+#define MBEDTLS_AES_DECRYPT     0 /**< AES decryption. */
+
+/* Error codes in range 0x0020-0x0022 */
+#define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH                -0x0020  /**< Invalid key length. */
+#define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH              -0x0022  /**< Invalid data input length. */
+
+/* Error codes in range 0x0023-0x0025 */
+#define MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE               -0x0023  /**< Feature not available. For example, an unsupported AES key size. */
+#define MBEDTLS_ERR_AES_HW_ACCEL_FAILED                   -0x0025  /**< AES hardware accelerator failed. */
+
+#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
+#if !defined(MBEDTLS_AES_ALT)
+// Regular implementation
+//
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief The AES context-type definition.
+ */
+typedef struct
+{
+    int nr;                     /*!< The number of rounds. */
+    uint32_t *rk;               /*!< AES round keys. */
+    uint32_t buf[68];           /*!< Unaligned data buffer. This buffer can
+                                     hold 32 extra Bytes, which can be used for
+                                     one of the following purposes:
+                                     <ul><li>Alignment if VIA padlock is
+                                             used.</li>
+                                     <li>Simplifying key expansion in the 256-bit
+                                         case by generating an extra round key.
+                                         </li></ul> */
+}
+mbedtls_aes_context;
+
+/**
+ * \brief          This function initializes the specified AES context.
+ *
+ *                 It must be the first API called before using
+ *                 the context.
+ *
+ * \param ctx      The AES context to initialize.
+ */
+void mbedtls_aes_init( mbedtls_aes_context *ctx );
+
+/**
+ * \brief          This function releases and clears the specified AES context.
+ *
+ * \param ctx      The AES context to clear.
+ */
+void mbedtls_aes_free( mbedtls_aes_context *ctx );
+
+/**
+ * \brief          This function sets the encryption key.
+ *
+ * \param ctx      The AES context to which the key should be bound.
+ * \param key      The encryption key.
+ * \param keybits  The size of data passed in bits. Valid options are:
+ *                 <ul><li>128 bits</li>
+ *                 <li>192 bits</li>
+ *                 <li>256 bits</li></ul>
+ *
+ * \return         \c 0 on success or #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
+ *                 on failure.
+ */
+int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
+                    unsigned int keybits );
+
+/**
+ * \brief          This function sets the decryption key.
+ *
+ * \param ctx      The AES context to which the key should be bound.
+ * \param key      The decryption key.
+ * \param keybits  The size of data passed. Valid options are:
+ *                 <ul><li>128 bits</li>
+ *                 <li>192 bits</li>
+ *                 <li>256 bits</li></ul>
+ *
+ * \return         \c 0 on success, or #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
+ */
+int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
+                    unsigned int keybits );
+
+/**
+ * \brief          This function performs an AES single-block encryption or
+ *                 decryption operation.
+ *
+ *                 It performs the operation defined in the \p mode parameter
+ *                 (encrypt or decrypt), on the input data buffer defined in
+ *                 the \p input parameter.
+ *
+ *                 mbedtls_aes_init(), and either mbedtls_aes_setkey_enc() or
+ *                 mbedtls_aes_setkey_dec() must be called before the first
+ *                 call to this API with the same context.
+ *
+ * \param ctx      The AES context to use for encryption or decryption.
+ * \param mode     The AES operation: #MBEDTLS_AES_ENCRYPT or
+ *                 #MBEDTLS_AES_DECRYPT.
+ * \param input    The 16-Byte buffer holding the input data.
+ * \param output   The 16-Byte buffer holding the output data.
+
+ * \return         \c 0 on success.
+ */
+int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
+                    int mode,
+                    const unsigned char input[16],
+                    unsigned char output[16] );
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+/**
+ * \brief  This function performs an AES-CBC encryption or decryption operation
+ *         on full blocks.
+ *
+ *         It performs the operation defined in the \p mode
+ *         parameter (encrypt/decrypt), on the input data buffer defined in
+ *         the \p input parameter.
+ *
+ *         It can be called as many times as needed, until all the input
+ *         data is processed. mbedtls_aes_init(), and either
+ *         mbedtls_aes_setkey_enc() or mbedtls_aes_setkey_dec() must be called
+ *         before the first call to this API with the same context.
+ *
+ * \note   This function operates on aligned blocks, that is, the input size
+ *         must be a multiple of the AES block size of 16 Bytes.
+ *
+ * \note   Upon exit, the content of the IV is updated so that you can
+ *         call the same function again on the next
+ *         block(s) of data and get the same result as if it was
+ *         encrypted in one call. This allows a "streaming" usage.
+ *         If you need to retain the contents of the IV, you should
+ *         either save it manually or use the cipher module instead.
+ *
+ *
+ * \param ctx      The AES context to use for encryption or decryption.
+ * \param mode     The AES operation: #MBEDTLS_AES_ENCRYPT or
+ *                 #MBEDTLS_AES_DECRYPT.
+ * \param length   The length of the input data in Bytes. This must be a
+ *                 multiple of the block size (16 Bytes).
+ * \param iv       Initialization vector (updated after use).
+ * \param input    The buffer holding the input data.
+ * \param output   The buffer holding the output data.
+ *
+ * \return         \c 0 on success, or #MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
+ *                 on failure.
+ */
+int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
+                    int mode,
+                    size_t length,
+                    unsigned char iv[16],
+                    const unsigned char *input,
+                    unsigned char *output );
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+/**
+ * \brief This function performs an AES-CFB128 encryption or decryption
+ *        operation.
+ *
+ *        It performs the operation defined in the \p mode
+ *        parameter (encrypt or decrypt), on the input data buffer
+ *        defined in the \p input parameter.
+ *
+ *        For CFB, you must set up the context with mbedtls_aes_setkey_enc(),
+ *        regardless of whether you are performing an encryption or decryption
+ *        operation, that is, regardless of the \p mode parameter. This is
+ *        because CFB mode uses the same key schedule for encryption and
+ *        decryption.
+ *
+ * \note  Upon exit, the content of the IV is updated so that you can
+ *        call the same function again on the next
+ *        block(s) of data and get the same result as if it was
+ *        encrypted in one call. This allows a "streaming" usage.
+ *        If you need to retain the contents of the
+ *        IV, you must either save it manually or use the cipher
+ *        module instead.
+ *
+ *
+ * \param ctx      The AES context to use for encryption or decryption.
+ * \param mode     The AES operation: #MBEDTLS_AES_ENCRYPT or
+ *                 #MBEDTLS_AES_DECRYPT.
+ * \param length   The length of the input data.
+ * \param iv_off   The offset in IV (updated after use).
+ * \param iv       The initialization vector (updated after use).
+ * \param input    The buffer holding the input data.
+ * \param output   The buffer holding the output data.
+ *
+ * \return         \c 0 on success.
+ */
+int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
+                       int mode,
+                       size_t length,
+                       size_t *iv_off,
+                       unsigned char iv[16],
+                       const unsigned char *input,
+                       unsigned char *output );
+
+/**
+ * \brief This function performs an AES-CFB8 encryption or decryption
+ *        operation.
+ *
+ *        It performs the operation defined in the \p mode
+ *        parameter (encrypt/decrypt), on the input data buffer defined
+ *        in the \p input parameter.
+ *
+ *        Due to the nature of CFB, you must use the same key schedule for
+ *        both encryption and decryption operations. Therefore, you must
+ *        use the context initialized with mbedtls_aes_setkey_enc() for
+ *        both #MBEDTLS_AES_ENCRYPT and #MBEDTLS_AES_DECRYPT.
+ *
+ * \note  Upon exit, the content of the IV is updated so that you can
+ *        call the same function again on the next
+ *        block(s) of data and get the same result as if it was
+ *        encrypted in one call. This allows a "streaming" usage.
+ *        If you need to retain the contents of the
+ *        IV, you should either save it manually or use the cipher
+ *        module instead.
+ *
+ *
+ * \param ctx      The AES context to use for encryption or decryption.
+ * \param mode     The AES operation: #MBEDTLS_AES_ENCRYPT or
+ *                 #MBEDTLS_AES_DECRYPT
+ * \param length   The length of the input data.
+ * \param iv       The initialization vector (updated after use).
+ * \param input    The buffer holding the input data.
+ * \param output   The buffer holding the output data.
+ *
+ * \return         \c 0 on success.
+ */
+int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
+                    int mode,
+                    size_t length,
+                    unsigned char iv[16],
+                    const unsigned char *input,
+                    unsigned char *output );
+#endif /*MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+/**
+ * \brief      This function performs an AES-CTR encryption or decryption
+ *             operation.
+ *
+ *             This function performs the operation defined in the \p mode
+ *             parameter (encrypt/decrypt), on the input data buffer
+ *             defined in the \p input parameter.
+ *
+ *             Due to the nature of CTR, you must use the same key schedule
+ *             for both encryption and decryption operations. Therefore, you
+ *             must use the context initialized with mbedtls_aes_setkey_enc()
+ *             for both #MBEDTLS_AES_ENCRYPT and #MBEDTLS_AES_DECRYPT.
+ *
+ * \warning    You must keep the maximum use of your counter in mind.
+ *
+ * \param ctx              The AES context to use for encryption or decryption.
+ * \param length           The length of the input data.
+ * \param nc_off           The offset in the current \p stream_block, for
+ *                         resuming within the current cipher stream. The
+ *                         offset pointer should be 0 at the start of a stream.
+ * \param nonce_counter    The 128-bit nonce and counter.
+ * \param stream_block     The saved stream block for resuming. This is
+ *                         overwritten by the function.
+ * \param input            The buffer holding the input data.
+ * \param output           The buffer holding the output data.
+ *
+ * \return     \c 0 on success.
+ */
+int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
+                       size_t length,
+                       size_t *nc_off,
+                       unsigned char nonce_counter[16],
+                       unsigned char stream_block[16],
+                       const unsigned char *input,
+                       unsigned char *output );
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+/**
+ * \brief           Internal AES block encryption function. This is only
+ *                  exposed to allow overriding it using
+ *                  \c MBEDTLS_AES_ENCRYPT_ALT.
+ *
+ * \param ctx       The AES context to use for encryption.
+ * \param input     The plaintext block.
+ * \param output    The output (ciphertext) block.
+ *
+ * \return          \c 0 on success.
+ */
+int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
+                                  const unsigned char input[16],
+                                  unsigned char output[16] );
+
+/**
+ * \brief           Internal AES block decryption function. This is only
+ *                  exposed to allow overriding it using see
+ *                  \c MBEDTLS_AES_DECRYPT_ALT.
+ *
+ * \param ctx       The AES context to use for decryption.
+ * \param input     The ciphertext block.
+ * \param output    The output (plaintext) block.
+ *
+ * \return          \c 0 on success.
+ */
+int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
+                                  const unsigned char input[16],
+                                  unsigned char output[16] );
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief           Deprecated internal AES block encryption function
+ *                  without return value.
+ *
+ * \deprecated      Superseded by mbedtls_aes_encrypt_ext() in 2.5.0.
+ *
+ * \param ctx       The AES context to use for encryption.
+ * \param input     Plaintext block.
+ * \param output    Output (ciphertext) block.
+ */
+MBEDTLS_DEPRECATED void mbedtls_aes_encrypt( mbedtls_aes_context *ctx,
+                                             const unsigned char input[16],
+                                             unsigned char output[16] );
+
+/**
+ * \brief           Deprecated internal AES block decryption function
+ *                  without return value.
+ *
+ * \deprecated      Superseded by mbedtls_aes_decrypt_ext() in 2.5.0.
+ *
+ * \param ctx       The AES context to use for decryption.
+ * \param input     Ciphertext block.
+ * \param output    Output (plaintext) block.
+ */
+MBEDTLS_DEPRECATED void mbedtls_aes_decrypt( mbedtls_aes_context *ctx,
+                                             const unsigned char input[16],
+                                             unsigned char output[16] );
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
+#ifdef __cplusplus
+}
+#endif
+
+#else  /* MBEDTLS_AES_ALT */
+#include "aes_alt.h"
+#endif /* MBEDTLS_AES_ALT */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          Checkup routine.
+ *
+ * \return         \c 0 on success, or \c 1 on failure.
+ */
+int mbedtls_aes_self_test( int verbose );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* aes.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/aesni.h b/thirdparty/mbedtls/include/mbedtls/aesni.h
new file mode 100644
index 0000000000..746baa0e17
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/aesni.h
@@ -0,0 +1,112 @@
+/**
+ * \file aesni.h
+ *
+ * \brief AES-NI for hardware AES acceleration on some Intel processors
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_AESNI_H
+#define MBEDTLS_AESNI_H
+
+#include "aes.h"
+
+#define MBEDTLS_AESNI_AES      0x02000000u
+#define MBEDTLS_AESNI_CLMUL    0x00000002u
+
+#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) &&  \
+    ( defined(__amd64__) || defined(__x86_64__) )   &&  \
+    ! defined(MBEDTLS_HAVE_X86_64)
+#define MBEDTLS_HAVE_X86_64
+#endif
+
+#if defined(MBEDTLS_HAVE_X86_64)
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          AES-NI features detection routine
+ *
+ * \param what     The feature to detect
+ *                 (MBEDTLS_AESNI_AES or MBEDTLS_AESNI_CLMUL)
+ *
+ * \return         1 if CPU has support for the feature, 0 otherwise
+ */
+int mbedtls_aesni_has_support( unsigned int what );
+
+/**
+ * \brief          AES-NI AES-ECB block en(de)cryption
+ *
+ * \param ctx      AES context
+ * \param mode     MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
+ * \param input    16-byte input block
+ * \param output   16-byte output block
+ *
+ * \return         0 on success (cannot fail)
+ */
+int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx,
+                     int mode,
+                     const unsigned char input[16],
+                     unsigned char output[16] );
+
+/**
+ * \brief          GCM multiplication: c = a * b in GF(2^128)
+ *
+ * \param c        Result
+ * \param a        First operand
+ * \param b        Second operand
+ *
+ * \note           Both operands and result are bit strings interpreted as
+ *                 elements of GF(2^128) as per the GCM spec.
+ */
+void mbedtls_aesni_gcm_mult( unsigned char c[16],
+                     const unsigned char a[16],
+                     const unsigned char b[16] );
+
+/**
+ * \brief           Compute decryption round keys from encryption round keys
+ *
+ * \param invkey    Round keys for the equivalent inverse cipher
+ * \param fwdkey    Original round keys (for encryption)
+ * \param nr        Number of rounds (that is, number of round keys minus one)
+ */
+void mbedtls_aesni_inverse_key( unsigned char *invkey,
+                        const unsigned char *fwdkey, int nr );
+
+/**
+ * \brief           Perform key expansion (for encryption)
+ *
+ * \param rk        Destination buffer where the round keys are written
+ * \param key       Encryption key
+ * \param bits      Key size in bits (must be 128, 192 or 256)
+ *
+ * \return          0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
+ */
+int mbedtls_aesni_setkey_enc( unsigned char *rk,
+                      const unsigned char *key,
+                      size_t bits );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_HAVE_X86_64 */
+
+#endif /* MBEDTLS_AESNI_H */
diff --git a/thirdparty/mbedtls/include/mbedtls/arc4.h b/thirdparty/mbedtls/include/mbedtls/arc4.h
new file mode 100644
index 0000000000..f9d93f822f
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/arc4.h
@@ -0,0 +1,149 @@
+/**
+ * \file arc4.h
+ *
+ * \brief The ARCFOUR stream cipher
+ *
+ * \warning   ARC4 is considered a weak cipher and its use constitutes a
+ *            security risk. We recommend considering stronger ciphers instead.
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ *
+ */
+#ifndef MBEDTLS_ARC4_H
+#define MBEDTLS_ARC4_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+
+#define MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED                  -0x0019  /**< ARC4 hardware accelerator failed. */
+
+#if !defined(MBEDTLS_ARC4_ALT)
+// Regular implementation
+//
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief     ARC4 context structure
+ *
+ * \warning   ARC4 is considered a weak cipher and its use constitutes a
+ *            security risk. We recommend considering stronger ciphers instead.
+ *
+ */
+typedef struct
+{
+    int x;                      /*!< permutation index */
+    int y;                      /*!< permutation index */
+    unsigned char m[256];       /*!< permutation table */
+}
+mbedtls_arc4_context;
+
+/**
+ * \brief          Initialize ARC4 context
+ *
+ * \param ctx      ARC4 context to be initialized
+ *
+ * \warning        ARC4 is considered a weak cipher and its use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ *
+ */
+void mbedtls_arc4_init( mbedtls_arc4_context *ctx );
+
+/**
+ * \brief          Clear ARC4 context
+ *
+ * \param ctx      ARC4 context to be cleared
+ *
+ * \warning        ARC4 is considered a weak cipher and its use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ *
+ */
+void mbedtls_arc4_free( mbedtls_arc4_context *ctx );
+
+/**
+ * \brief          ARC4 key schedule
+ *
+ * \param ctx      ARC4 context to be setup
+ * \param key      the secret key
+ * \param keylen   length of the key, in bytes
+ *
+ * \warning        ARC4 is considered a weak cipher and its use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ *
+ */
+void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key,
+                 unsigned int keylen );
+
+/**
+ * \brief          ARC4 cipher function
+ *
+ * \param ctx      ARC4 context
+ * \param length   length of the input data
+ * \param input    buffer holding the input data
+ * \param output   buffer for the output data
+ *
+ * \return         0 if successful
+ *
+ * \warning        ARC4 is considered a weak cipher and its use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ *
+ */
+int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input,
+                unsigned char *output );
+
+#ifdef __cplusplus
+}
+#endif
+
+#else  /* MBEDTLS_ARC4_ALT */
+#include "arc4_alt.h"
+#endif /* MBEDTLS_ARC4_ALT */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if the test failed
+ *
+ * \warning        ARC4 is considered a weak cipher and its use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ *
+ */
+int mbedtls_arc4_self_test( int verbose );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* arc4.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/asn1.h b/thirdparty/mbedtls/include/mbedtls/asn1.h
new file mode 100644
index 0000000000..fde328a128
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/asn1.h
@@ -0,0 +1,343 @@
+/**
+ * \file asn1.h
+ *
+ * \brief Generic ASN.1 parsing
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_ASN1_H
+#define MBEDTLS_ASN1_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+
+#if defined(MBEDTLS_BIGNUM_C)
+#include "bignum.h"
+#endif
+
+/**
+ * \addtogroup asn1_module
+ * \{
+ */
+
+/**
+ * \name ASN1 Error codes
+ * These error codes are OR'ed to X509 error codes for
+ * higher error granularity.
+ * ASN1 is a standard to specify data structures.
+ * \{
+ */
+#define MBEDTLS_ERR_ASN1_OUT_OF_DATA                      -0x0060  /**< Out of data when parsing an ASN1 data structure. */
+#define MBEDTLS_ERR_ASN1_UNEXPECTED_TAG                   -0x0062  /**< ASN1 tag was of an unexpected value. */
+#define MBEDTLS_ERR_ASN1_INVALID_LENGTH                   -0x0064  /**< Error when trying to determine the length or invalid length. */
+#define MBEDTLS_ERR_ASN1_LENGTH_MISMATCH                  -0x0066  /**< Actual length differs from expected length. */
+#define MBEDTLS_ERR_ASN1_INVALID_DATA                     -0x0068  /**< Data is invalid. (not used) */
+#define MBEDTLS_ERR_ASN1_ALLOC_FAILED                     -0x006A  /**< Memory allocation failed */
+#define MBEDTLS_ERR_ASN1_BUF_TOO_SMALL                    -0x006C  /**< Buffer too small when writing ASN.1 data structure. */
+
+/* \} name */
+
+/**
+ * \name DER constants
+ * These constants comply with the DER encoded ASN.1 type tags.
+ * DER encoding uses hexadecimal representation.
+ * An example DER sequence is:\n
+ * - 0x02 -- tag indicating INTEGER
+ * - 0x01 -- length in octets
+ * - 0x05 -- value
+ * Such sequences are typically read into \c ::mbedtls_x509_buf.
+ * \{
+ */
+#define MBEDTLS_ASN1_BOOLEAN                 0x01
+#define MBEDTLS_ASN1_INTEGER                 0x02
+#define MBEDTLS_ASN1_BIT_STRING              0x03
+#define MBEDTLS_ASN1_OCTET_STRING            0x04
+#define MBEDTLS_ASN1_NULL                    0x05
+#define MBEDTLS_ASN1_OID                     0x06
+#define MBEDTLS_ASN1_UTF8_STRING             0x0C
+#define MBEDTLS_ASN1_SEQUENCE                0x10
+#define MBEDTLS_ASN1_SET                     0x11
+#define MBEDTLS_ASN1_PRINTABLE_STRING        0x13
+#define MBEDTLS_ASN1_T61_STRING              0x14
+#define MBEDTLS_ASN1_IA5_STRING              0x16
+#define MBEDTLS_ASN1_UTC_TIME                0x17
+#define MBEDTLS_ASN1_GENERALIZED_TIME        0x18
+#define MBEDTLS_ASN1_UNIVERSAL_STRING        0x1C
+#define MBEDTLS_ASN1_BMP_STRING              0x1E
+#define MBEDTLS_ASN1_PRIMITIVE               0x00
+#define MBEDTLS_ASN1_CONSTRUCTED             0x20
+#define MBEDTLS_ASN1_CONTEXT_SPECIFIC        0x80
+/* \} name */
+/* \} addtogroup asn1_module */
+
+/** Returns the size of the binary string, without the trailing \\0 */
+#define MBEDTLS_OID_SIZE(x) (sizeof(x) - 1)
+
+/**
+ * Compares an mbedtls_asn1_buf structure to a reference OID.
+ *
+ * Only works for 'defined' oid_str values (MBEDTLS_OID_HMAC_SHA1), you cannot use a
+ * 'unsigned char *oid' here!
+ */
+#define MBEDTLS_OID_CMP(oid_str, oid_buf)                                   \
+        ( ( MBEDTLS_OID_SIZE(oid_str) != (oid_buf)->len ) ||                \
+          memcmp( (oid_str), (oid_buf)->p, (oid_buf)->len) != 0 )
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \name Functions to parse ASN.1 data structures
+ * \{
+ */
+
+/**
+ * Type-length-value structure that allows for ASN1 using DER.
+ */
+typedef struct mbedtls_asn1_buf
+{
+    int tag;                /**< ASN1 type, e.g. MBEDTLS_ASN1_UTF8_STRING. */
+    size_t len;             /**< ASN1 length, in octets. */
+    unsigned char *p;       /**< ASN1 data, e.g. in ASCII. */
+}
+mbedtls_asn1_buf;
+
+/**
+ * Container for ASN1 bit strings.
+ */
+typedef struct mbedtls_asn1_bitstring
+{
+    size_t len;                 /**< ASN1 length, in octets. */
+    unsigned char unused_bits;  /**< Number of unused bits at the end of the string */
+    unsigned char *p;           /**< Raw ASN1 data for the bit string */
+}
+mbedtls_asn1_bitstring;
+
+/**
+ * Container for a sequence of ASN.1 items
+ */
+typedef struct mbedtls_asn1_sequence
+{
+    mbedtls_asn1_buf buf;                   /**< Buffer containing the given ASN.1 item. */
+    struct mbedtls_asn1_sequence *next;    /**< The next entry in the sequence. */
+}
+mbedtls_asn1_sequence;
+
+/**
+ * Container for a sequence or list of 'named' ASN.1 data items
+ */
+typedef struct mbedtls_asn1_named_data
+{
+    mbedtls_asn1_buf oid;                   /**< The object identifier. */
+    mbedtls_asn1_buf val;                   /**< The named value. */
+    struct mbedtls_asn1_named_data *next;  /**< The next entry in the sequence. */
+    unsigned char next_merged;      /**< Merge next item into the current one? */
+}
+mbedtls_asn1_named_data;
+
+/**
+ * \brief       Get the length of an ASN.1 element.
+ *              Updates the pointer to immediately behind the length.
+ *
+ * \param p     The position in the ASN.1 data
+ * \param end   End of data
+ * \param len   The variable that will receive the value
+ *
+ * \return      0 if successful, MBEDTLS_ERR_ASN1_OUT_OF_DATA on reaching
+ *              end of data, MBEDTLS_ERR_ASN1_INVALID_LENGTH if length is
+ *              unparseable.
+ */
+int mbedtls_asn1_get_len( unsigned char **p,
+                  const unsigned char *end,
+                  size_t *len );
+
+/**
+ * \brief       Get the tag and length of the tag. Check for the requested tag.
+ *              Updates the pointer to immediately behind the tag and length.
+ *
+ * \param p     The position in the ASN.1 data
+ * \param end   End of data
+ * \param len   The variable that will receive the length
+ * \param tag   The expected tag
+ *
+ * \return      0 if successful, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG if tag did
+ *              not match requested tag, or another specific ASN.1 error code.
+ */
+int mbedtls_asn1_get_tag( unsigned char **p,
+                  const unsigned char *end,
+                  size_t *len, int tag );
+
+/**
+ * \brief       Retrieve a boolean ASN.1 tag and its value.
+ *              Updates the pointer to immediately behind the full tag.
+ *
+ * \param p     The position in the ASN.1 data
+ * \param end   End of data
+ * \param val   The variable that will receive the value
+ *
+ * \return      0 if successful or a specific ASN.1 error code.
+ */
+int mbedtls_asn1_get_bool( unsigned char **p,
+                   const unsigned char *end,
+                   int *val );
+
+/**
+ * \brief       Retrieve an integer ASN.1 tag and its value.
+ *              Updates the pointer to immediately behind the full tag.
+ *
+ * \param p     The position in the ASN.1 data
+ * \param end   End of data
+ * \param val   The variable that will receive the value
+ *
+ * \return      0 if successful or a specific ASN.1 error code.
+ */
+int mbedtls_asn1_get_int( unsigned char **p,
+                  const unsigned char *end,
+                  int *val );
+
+/**
+ * \brief       Retrieve a bitstring ASN.1 tag and its value.
+ *              Updates the pointer to immediately behind the full tag.
+ *
+ * \param p     The position in the ASN.1 data
+ * \param end   End of data
+ * \param bs    The variable that will receive the value
+ *
+ * \return      0 if successful or a specific ASN.1 error code.
+ */
+int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end,
+                        mbedtls_asn1_bitstring *bs);
+
+/**
+ * \brief       Retrieve a bitstring ASN.1 tag without unused bits and its
+ *              value.
+ *              Updates the pointer to the beginning of the bit/octet string.
+ *
+ * \param p     The position in the ASN.1 data
+ * \param end   End of data
+ * \param len   Length of the actual bit/octect string in bytes
+ *
+ * \return      0 if successful or a specific ASN.1 error code.
+ */
+int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end,
+                             size_t *len );
+
+/**
+ * \brief       Parses and splits an ASN.1 "SEQUENCE OF <tag>"
+ *              Updated the pointer to immediately behind the full sequence tag.
+ *
+ * \param p     The position in the ASN.1 data
+ * \param end   End of data
+ * \param cur   First variable in the chain to fill
+ * \param tag   Type of sequence
+ *
+ * \return      0 if successful or a specific ASN.1 error code.
+ */
+int mbedtls_asn1_get_sequence_of( unsigned char **p,
+                          const unsigned char *end,
+                          mbedtls_asn1_sequence *cur,
+                          int tag);
+
+#if defined(MBEDTLS_BIGNUM_C)
+/**
+ * \brief       Retrieve a MPI value from an integer ASN.1 tag.
+ *              Updates the pointer to immediately behind the full tag.
+ *
+ * \param p     The position in the ASN.1 data
+ * \param end   End of data
+ * \param X     The MPI that will receive the value
+ *
+ * \return      0 if successful or a specific ASN.1 or MPI error code.
+ */
+int mbedtls_asn1_get_mpi( unsigned char **p,
+                  const unsigned char *end,
+                  mbedtls_mpi *X );
+#endif /* MBEDTLS_BIGNUM_C */
+
+/**
+ * \brief       Retrieve an AlgorithmIdentifier ASN.1 sequence.
+ *              Updates the pointer to immediately behind the full
+ *              AlgorithmIdentifier.
+ *
+ * \param p     The position in the ASN.1 data
+ * \param end   End of data
+ * \param alg   The buffer to receive the OID
+ * \param params The buffer to receive the params (if any)
+ *
+ * \return      0 if successful or a specific ASN.1 or MPI error code.
+ */
+int mbedtls_asn1_get_alg( unsigned char **p,
+                  const unsigned char *end,
+                  mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params );
+
+/**
+ * \brief       Retrieve an AlgorithmIdentifier ASN.1 sequence with NULL or no
+ *              params.
+ *              Updates the pointer to immediately behind the full
+ *              AlgorithmIdentifier.
+ *
+ * \param p     The position in the ASN.1 data
+ * \param end   End of data
+ * \param alg   The buffer to receive the OID
+ *
+ * \return      0 if successful or a specific ASN.1 or MPI error code.
+ */
+int mbedtls_asn1_get_alg_null( unsigned char **p,
+                       const unsigned char *end,
+                       mbedtls_asn1_buf *alg );
+
+/**
+ * \brief       Find a specific named_data entry in a sequence or list based on
+ *              the OID.
+ *
+ * \param list  The list to seek through
+ * \param oid   The OID to look for
+ * \param len   Size of the OID
+ *
+ * \return      NULL if not found, or a pointer to the existing entry.
+ */
+mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data *list,
+                                       const char *oid, size_t len );
+
+/**
+ * \brief       Free a mbedtls_asn1_named_data entry
+ *
+ * \param entry The named data entry to free
+ */
+void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *entry );
+
+/**
+ * \brief       Free all entries in a mbedtls_asn1_named_data list
+ *              Head will be set to NULL
+ *
+ * \param head  Pointer to the head of the list of named data entries to free
+ */
+void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* asn1.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/asn1write.h b/thirdparty/mbedtls/include/mbedtls/asn1write.h
new file mode 100644
index 0000000000..f76fc807d0
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/asn1write.h
@@ -0,0 +1,240 @@
+/**
+ * \file asn1write.h
+ *
+ * \brief ASN.1 buffer writing functionality
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_ASN1_WRITE_H
+#define MBEDTLS_ASN1_WRITE_H
+
+#include "asn1.h"
+
+#define MBEDTLS_ASN1_CHK_ADD(g, f) do { if( ( ret = f ) < 0 ) return( ret ); else   \
+                                g += ret; } while( 0 )
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief           Write a length field in ASN.1 format
+ *                  Note: function works backwards in data buffer
+ *
+ * \param p         reference to current position pointer
+ * \param start     start of the buffer (for bounds-checking)
+ * \param len       the length to write
+ *
+ * \return          the length written or a negative error code
+ */
+int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len );
+
+/**
+ * \brief           Write a ASN.1 tag in ASN.1 format
+ *                  Note: function works backwards in data buffer
+ *
+ * \param p         reference to current position pointer
+ * \param start     start of the buffer (for bounds-checking)
+ * \param tag       the tag to write
+ *
+ * \return          the length written or a negative error code
+ */
+int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start,
+                    unsigned char tag );
+
+/**
+ * \brief           Write raw buffer data
+ *                  Note: function works backwards in data buffer
+ *
+ * \param p         reference to current position pointer
+ * \param start     start of the buffer (for bounds-checking)
+ * \param buf       data buffer to write
+ * \param size      length of the data buffer
+ *
+ * \return          the length written or a negative error code
+ */
+int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
+                           const unsigned char *buf, size_t size );
+
+#if defined(MBEDTLS_BIGNUM_C)
+/**
+ * \brief           Write a big number (MBEDTLS_ASN1_INTEGER) in ASN.1 format
+ *                  Note: function works backwards in data buffer
+ *
+ * \param p         reference to current position pointer
+ * \param start     start of the buffer (for bounds-checking)
+ * \param X         the MPI to write
+ *
+ * \return          the length written or a negative error code
+ */
+int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start, const mbedtls_mpi *X );
+#endif /* MBEDTLS_BIGNUM_C */
+
+/**
+ * \brief           Write a NULL tag (MBEDTLS_ASN1_NULL) with zero data in ASN.1 format
+ *                  Note: function works backwards in data buffer
+ *
+ * \param p         reference to current position pointer
+ * \param start     start of the buffer (for bounds-checking)
+ *
+ * \return          the length written or a negative error code
+ */
+int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start );
+
+/**
+ * \brief           Write an OID tag (MBEDTLS_ASN1_OID) and data in ASN.1 format
+ *                  Note: function works backwards in data buffer
+ *
+ * \param p         reference to current position pointer
+ * \param start     start of the buffer (for bounds-checking)
+ * \param oid       the OID to write
+ * \param oid_len   length of the OID
+ *
+ * \return          the length written or a negative error code
+ */
+int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start,
+                    const char *oid, size_t oid_len );
+
+/**
+ * \brief           Write an AlgorithmIdentifier sequence in ASN.1 format
+ *                  Note: function works backwards in data buffer
+ *
+ * \param p         reference to current position pointer
+ * \param start     start of the buffer (for bounds-checking)
+ * \param oid       the OID of the algorithm
+ * \param oid_len   length of the OID
+ * \param par_len   length of parameters, which must be already written.
+ *                  If 0, NULL parameters are added
+ *
+ * \return          the length written or a negative error code
+ */
+int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start,
+                                     const char *oid, size_t oid_len,
+                                     size_t par_len );
+
+/**
+ * \brief           Write a boolean tag (MBEDTLS_ASN1_BOOLEAN) and value in ASN.1 format
+ *                  Note: function works backwards in data buffer
+ *
+ * \param p         reference to current position pointer
+ * \param start     start of the buffer (for bounds-checking)
+ * \param boolean   0 or 1
+ *
+ * \return          the length written or a negative error code
+ */
+int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, int boolean );
+
+/**
+ * \brief           Write an int tag (MBEDTLS_ASN1_INTEGER) and value in ASN.1 format
+ *                  Note: function works backwards in data buffer
+ *
+ * \param p         reference to current position pointer
+ * \param start     start of the buffer (for bounds-checking)
+ * \param val       the integer value
+ *
+ * \return          the length written or a negative error code
+ */
+int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val );
+
+/**
+ * \brief           Write a printable string tag (MBEDTLS_ASN1_PRINTABLE_STRING) and
+ *                  value in ASN.1 format
+ *                  Note: function works backwards in data buffer
+ *
+ * \param p         reference to current position pointer
+ * \param start     start of the buffer (for bounds-checking)
+ * \param text      the text to write
+ * \param text_len  length of the text
+ *
+ * \return          the length written or a negative error code
+ */
+int mbedtls_asn1_write_printable_string( unsigned char **p, unsigned char *start,
+                                 const char *text, size_t text_len );
+
+/**
+ * \brief           Write an IA5 string tag (MBEDTLS_ASN1_IA5_STRING) and
+ *                  value in ASN.1 format
+ *                  Note: function works backwards in data buffer
+ *
+ * \param p         reference to current position pointer
+ * \param start     start of the buffer (for bounds-checking)
+ * \param text      the text to write
+ * \param text_len  length of the text
+ *
+ * \return          the length written or a negative error code
+ */
+int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start,
+                           const char *text, size_t text_len );
+
+/**
+ * \brief           Write a bitstring tag (MBEDTLS_ASN1_BIT_STRING) and
+ *                  value in ASN.1 format
+ *                  Note: function works backwards in data buffer
+ *
+ * \param p         reference to current position pointer
+ * \param start     start of the buffer (for bounds-checking)
+ * \param buf       the bitstring
+ * \param bits      the total number of bits in the bitstring
+ *
+ * \return          the length written or a negative error code
+ */
+int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start,
+                          const unsigned char *buf, size_t bits );
+
+/**
+ * \brief           Write an octet string tag (MBEDTLS_ASN1_OCTET_STRING) and
+ *                  value in ASN.1 format
+ *                  Note: function works backwards in data buffer
+ *
+ * \param p         reference to current position pointer
+ * \param start     start of the buffer (for bounds-checking)
+ * \param buf       data buffer to write
+ * \param size      length of the data buffer
+ *
+ * \return          the length written or a negative error code
+ */
+int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start,
+                             const unsigned char *buf, size_t size );
+
+/**
+ * \brief           Create or find a specific named_data entry for writing in a
+ *                  sequence or list based on the OID. If not already in there,
+ *                  a new entry is added to the head of the list.
+ *                  Warning: Destructive behaviour for the val data!
+ *
+ * \param list      Pointer to the location of the head of the list to seek
+ *                  through (will be updated in case of a new entry)
+ * \param oid       The OID to look for
+ * \param oid_len   Size of the OID
+ * \param val       Data to store (can be NULL if you want to fill it by hand)
+ * \param val_len   Minimum length of the data buffer needed
+ *
+ * \return      NULL if if there was a memory allocation error, or a pointer
+ *              to the new / existing entry.
+ */
+mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( mbedtls_asn1_named_data **list,
+                                        const char *oid, size_t oid_len,
+                                        const unsigned char *val,
+                                        size_t val_len );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_ASN1_WRITE_H */
diff --git a/thirdparty/mbedtls/include/mbedtls/base64.h b/thirdparty/mbedtls/include/mbedtls/base64.h
new file mode 100644
index 0000000000..7a64f52163
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/base64.h
@@ -0,0 +1,89 @@
+/**
+ * \file base64.h
+ *
+ * \brief RFC 1521 base64 encoding/decoding
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_BASE64_H
+#define MBEDTLS_BASE64_H
+
+#include <stddef.h>
+
+#define MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL               -0x002A  /**< Output buffer too small. */
+#define MBEDTLS_ERR_BASE64_INVALID_CHARACTER              -0x002C  /**< Invalid character in input. */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          Encode a buffer into base64 format
+ *
+ * \param dst      destination buffer
+ * \param dlen     size of the destination buffer
+ * \param olen     number of bytes written
+ * \param src      source buffer
+ * \param slen     amount of data to be encoded
+ *
+ * \return         0 if successful, or MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL.
+ *                 *olen is always updated to reflect the amount
+ *                 of data that has (or would have) been written.
+ *                 If that length cannot be represented, then no data is
+ *                 written to the buffer and *olen is set to the maximum
+ *                 length representable as a size_t.
+ *
+ * \note           Call this function with dlen = 0 to obtain the
+ *                 required buffer size in *olen
+ */
+int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
+                   const unsigned char *src, size_t slen );
+
+/**
+ * \brief          Decode a base64-formatted buffer
+ *
+ * \param dst      destination buffer (can be NULL for checking size)
+ * \param dlen     size of the destination buffer
+ * \param olen     number of bytes written
+ * \param src      source buffer
+ * \param slen     amount of data to be decoded
+ *
+ * \return         0 if successful, MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL, or
+ *                 MBEDTLS_ERR_BASE64_INVALID_CHARACTER if the input data is
+ *                 not correct. *olen is always updated to reflect the amount
+ *                 of data that has (or would have) been written.
+ *
+ * \note           Call this function with *dst = NULL or dlen = 0 to obtain
+ *                 the required buffer size in *olen
+ */
+int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
+                   const unsigned char *src, size_t slen );
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if the test failed
+ */
+int mbedtls_base64_self_test( int verbose );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* base64.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/bignum.h b/thirdparty/mbedtls/include/mbedtls/bignum.h
new file mode 100644
index 0000000000..3bf02a7ee1
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/bignum.h
@@ -0,0 +1,766 @@
+/**
+ * \file bignum.h
+ *
+ * \brief Multi-precision integer library
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_BIGNUM_H
+#define MBEDTLS_BIGNUM_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+#include <stdint.h>
+
+#if defined(MBEDTLS_FS_IO)
+#include <stdio.h>
+#endif
+
+#define MBEDTLS_ERR_MPI_FILE_IO_ERROR                     -0x0002  /**< An error occurred while reading from or writing to a file. */
+#define MBEDTLS_ERR_MPI_BAD_INPUT_DATA                    -0x0004  /**< Bad input parameters to function. */
+#define MBEDTLS_ERR_MPI_INVALID_CHARACTER                 -0x0006  /**< There is an invalid character in the digit string. */
+#define MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL                  -0x0008  /**< The buffer is too small to write to. */
+#define MBEDTLS_ERR_MPI_NEGATIVE_VALUE                    -0x000A  /**< The input arguments are negative or result in illegal output. */
+#define MBEDTLS_ERR_MPI_DIVISION_BY_ZERO                  -0x000C  /**< The input argument for division is zero, which is not allowed. */
+#define MBEDTLS_ERR_MPI_NOT_ACCEPTABLE                    -0x000E  /**< The input arguments are not acceptable. */
+#define MBEDTLS_ERR_MPI_ALLOC_FAILED                      -0x0010  /**< Memory allocation failed. */
+
+#define MBEDTLS_MPI_CHK(f) do { if( ( ret = f ) != 0 ) goto cleanup; } while( 0 )
+
+/*
+ * Maximum size MPIs are allowed to grow to in number of limbs.
+ */
+#define MBEDTLS_MPI_MAX_LIMBS                             10000
+
+#if !defined(MBEDTLS_MPI_WINDOW_SIZE)
+/*
+ * Maximum window size used for modular exponentiation. Default: 6
+ * Minimum value: 1. Maximum value: 6.
+ *
+ * Result is an array of ( 2 << MBEDTLS_MPI_WINDOW_SIZE ) MPIs used
+ * for the sliding window calculation. (So 64 by default)
+ *
+ * Reduction in size, reduces speed.
+ */
+#define MBEDTLS_MPI_WINDOW_SIZE                           6        /**< Maximum windows size used. */
+#endif /* !MBEDTLS_MPI_WINDOW_SIZE */
+
+#if !defined(MBEDTLS_MPI_MAX_SIZE)
+/*
+ * Maximum size of MPIs allowed in bits and bytes for user-MPIs.
+ * ( Default: 512 bytes => 4096 bits, Maximum tested: 2048 bytes => 16384 bits )
+ *
+ * Note: Calculations can temporarily result in larger MPIs. So the number
+ * of limbs required (MBEDTLS_MPI_MAX_LIMBS) is higher.
+ */
+#define MBEDTLS_MPI_MAX_SIZE                              1024     /**< Maximum number of bytes for usable MPIs. */
+#endif /* !MBEDTLS_MPI_MAX_SIZE */
+
+#define MBEDTLS_MPI_MAX_BITS                              ( 8 * MBEDTLS_MPI_MAX_SIZE )    /**< Maximum number of bits for usable MPIs. */
+
+/*
+ * When reading from files with mbedtls_mpi_read_file() and writing to files with
+ * mbedtls_mpi_write_file() the buffer should have space
+ * for a (short) label, the MPI (in the provided radix), the newline
+ * characters and the '\0'.
+ *
+ * By default we assume at least a 10 char label, a minimum radix of 10
+ * (decimal) and a maximum of 4096 bit numbers (1234 decimal chars).
+ * Autosized at compile time for at least a 10 char label, a minimum radix
+ * of 10 (decimal) for a number of MBEDTLS_MPI_MAX_BITS size.
+ *
+ * This used to be statically sized to 1250 for a maximum of 4096 bit
+ * numbers (1234 decimal chars).
+ *
+ * Calculate using the formula:
+ *  MBEDTLS_MPI_RW_BUFFER_SIZE = ceil(MBEDTLS_MPI_MAX_BITS / ln(10) * ln(2)) +
+ *                                LabelSize + 6
+ */
+#define MBEDTLS_MPI_MAX_BITS_SCALE100          ( 100 * MBEDTLS_MPI_MAX_BITS )
+#define MBEDTLS_LN_2_DIV_LN_10_SCALE100                 332
+#define MBEDTLS_MPI_RW_BUFFER_SIZE             ( ((MBEDTLS_MPI_MAX_BITS_SCALE100 + MBEDTLS_LN_2_DIV_LN_10_SCALE100 - 1) / MBEDTLS_LN_2_DIV_LN_10_SCALE100) + 10 + 6 )
+
+/*
+ * Define the base integer type, architecture-wise.
+ *
+ * 32 or 64-bit integer types can be forced regardless of the underlying
+ * architecture by defining MBEDTLS_HAVE_INT32 or MBEDTLS_HAVE_INT64
+ * respectively and undefining MBEDTLS_HAVE_ASM.
+ *
+ * Double-width integers (e.g. 128-bit in 64-bit architectures) can be
+ * disabled by defining MBEDTLS_NO_UDBL_DIVISION.
+ */
+#if !defined(MBEDTLS_HAVE_INT32)
+    #if defined(_MSC_VER) && defined(_M_AMD64)
+        /* Always choose 64-bit when using MSC */
+        #if !defined(MBEDTLS_HAVE_INT64)
+            #define MBEDTLS_HAVE_INT64
+        #endif /* !MBEDTLS_HAVE_INT64 */
+        typedef  int64_t mbedtls_mpi_sint;
+        typedef uint64_t mbedtls_mpi_uint;
+    #elif defined(__GNUC__) && (                         \
+        defined(__amd64__) || defined(__x86_64__)     || \
+        defined(__ppc64__) || defined(__powerpc64__)  || \
+        defined(__ia64__)  || defined(__alpha__)      || \
+        ( defined(__sparc__) && defined(__arch64__) ) || \
+        defined(__s390x__) || defined(__mips64) )
+        #if !defined(MBEDTLS_HAVE_INT64)
+            #define MBEDTLS_HAVE_INT64
+        #endif /* MBEDTLS_HAVE_INT64 */
+        typedef  int64_t mbedtls_mpi_sint;
+        typedef uint64_t mbedtls_mpi_uint;
+        #if !defined(MBEDTLS_NO_UDBL_DIVISION)
+            /* mbedtls_t_udbl defined as 128-bit unsigned int */
+            typedef unsigned int mbedtls_t_udbl __attribute__((mode(TI)));
+            #define MBEDTLS_HAVE_UDBL
+        #endif /* !MBEDTLS_NO_UDBL_DIVISION */
+    #elif defined(__ARMCC_VERSION) && defined(__aarch64__)
+        /*
+         * __ARMCC_VERSION is defined for both armcc and armclang and
+         * __aarch64__ is only defined by armclang when compiling 64-bit code
+         */
+        #if !defined(MBEDTLS_HAVE_INT64)
+            #define MBEDTLS_HAVE_INT64
+        #endif /* !MBEDTLS_HAVE_INT64 */
+        typedef  int64_t mbedtls_mpi_sint;
+        typedef uint64_t mbedtls_mpi_uint;
+        #if !defined(MBEDTLS_NO_UDBL_DIVISION)
+            /* mbedtls_t_udbl defined as 128-bit unsigned int */
+            typedef __uint128_t mbedtls_t_udbl;
+            #define MBEDTLS_HAVE_UDBL
+        #endif /* !MBEDTLS_NO_UDBL_DIVISION */
+    #elif defined(MBEDTLS_HAVE_INT64)
+        /* Force 64-bit integers with unknown compiler */
+        typedef  int64_t mbedtls_mpi_sint;
+        typedef uint64_t mbedtls_mpi_uint;
+    #endif
+#endif /* !MBEDTLS_HAVE_INT32 */
+
+#if !defined(MBEDTLS_HAVE_INT64)
+    /* Default to 32-bit compilation */
+    #if !defined(MBEDTLS_HAVE_INT32)
+        #define MBEDTLS_HAVE_INT32
+    #endif /* !MBEDTLS_HAVE_INT32 */
+    typedef  int32_t mbedtls_mpi_sint;
+    typedef uint32_t mbedtls_mpi_uint;
+    #if !defined(MBEDTLS_NO_UDBL_DIVISION)
+        typedef uint64_t mbedtls_t_udbl;
+        #define MBEDTLS_HAVE_UDBL
+    #endif /* !MBEDTLS_NO_UDBL_DIVISION */
+#endif /* !MBEDTLS_HAVE_INT64 */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          MPI structure
+ */
+typedef struct
+{
+    int s;              /*!<  integer sign      */
+    size_t n;           /*!<  total # of limbs  */
+    mbedtls_mpi_uint *p;          /*!<  pointer to limbs  */
+}
+mbedtls_mpi;
+
+/**
+ * \brief           Initialize one MPI (make internal references valid)
+ *                  This just makes it ready to be set or freed,
+ *                  but does not define a value for the MPI.
+ *
+ * \param X         One MPI to initialize.
+ */
+void mbedtls_mpi_init( mbedtls_mpi *X );
+
+/**
+ * \brief          Unallocate one MPI
+ *
+ * \param X        One MPI to unallocate.
+ */
+void mbedtls_mpi_free( mbedtls_mpi *X );
+
+/**
+ * \brief          Enlarge to the specified number of limbs
+ *
+ * \param X        MPI to grow
+ * \param nblimbs  The target number of limbs
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
+ */
+int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs );
+
+/**
+ * \brief          Resize down, keeping at least the specified number of limbs
+ *
+ * \param X        MPI to shrink
+ * \param nblimbs  The minimum number of limbs to keep
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
+ */
+int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs );
+
+/**
+ * \brief          Copy the contents of Y into X
+ *
+ * \param X        Destination MPI
+ * \param Y        Source MPI
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
+ */
+int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y );
+
+/**
+ * \brief          Swap the contents of X and Y
+ *
+ * \param X        First MPI value
+ * \param Y        Second MPI value
+ */
+void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y );
+
+/**
+ * \brief          Safe conditional assignement X = Y if assign is 1
+ *
+ * \param X        MPI to conditionally assign to
+ * \param Y        Value to be assigned
+ * \param assign   1: perform the assignment, 0: keep X's original value
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed,
+ *
+ * \note           This function is equivalent to
+ *                      if( assign ) mbedtls_mpi_copy( X, Y );
+ *                 except that it avoids leaking any information about whether
+ *                 the assignment was done or not (the above code may leak
+ *                 information through branch prediction and/or memory access
+ *                 patterns analysis).
+ */
+int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign );
+
+/**
+ * \brief          Safe conditional swap X <-> Y if swap is 1
+ *
+ * \param X        First mbedtls_mpi value
+ * \param Y        Second mbedtls_mpi value
+ * \param assign   1: perform the swap, 0: keep X and Y's original values
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed,
+ *
+ * \note           This function is equivalent to
+ *                      if( assign ) mbedtls_mpi_swap( X, Y );
+ *                 except that it avoids leaking any information about whether
+ *                 the assignment was done or not (the above code may leak
+ *                 information through branch prediction and/or memory access
+ *                 patterns analysis).
+ */
+int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char assign );
+
+/**
+ * \brief          Set value from integer
+ *
+ * \param X        MPI to set
+ * \param z        Value to use
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
+ */
+int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z );
+
+/**
+ * \brief          Get a specific bit from X
+ *
+ * \param X        MPI to use
+ * \param pos      Zero-based index of the bit in X
+ *
+ * \return         Either a 0 or a 1
+ */
+int mbedtls_mpi_get_bit( const mbedtls_mpi *X, size_t pos );
+
+/**
+ * \brief          Set a bit of X to a specific value of 0 or 1
+ *
+ * \note           Will grow X if necessary to set a bit to 1 in a not yet
+ *                 existing limb. Will not grow if bit should be set to 0
+ *
+ * \param X        MPI to use
+ * \param pos      Zero-based index of the bit in X
+ * \param val      The value to set the bit to (0 or 1)
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed,
+ *                 MBEDTLS_ERR_MPI_BAD_INPUT_DATA if val is not 0 or 1
+ */
+int mbedtls_mpi_set_bit( mbedtls_mpi *X, size_t pos, unsigned char val );
+
+/**
+ * \brief          Return the number of zero-bits before the least significant
+ *                 '1' bit
+ *
+ * Note: Thus also the zero-based index of the least significant '1' bit
+ *
+ * \param X        MPI to use
+ */
+size_t mbedtls_mpi_lsb( const mbedtls_mpi *X );
+
+/**
+ * \brief          Return the number of bits up to and including the most
+ *                 significant '1' bit'
+ *
+ * Note: Thus also the one-based index of the most significant '1' bit
+ *
+ * \param X        MPI to use
+ */
+size_t mbedtls_mpi_bitlen( const mbedtls_mpi *X );
+
+/**
+ * \brief          Return the total size in bytes
+ *
+ * \param X        MPI to use
+ */
+size_t mbedtls_mpi_size( const mbedtls_mpi *X );
+
+/**
+ * \brief          Import from an ASCII string
+ *
+ * \param X        Destination MPI
+ * \param radix    Input numeric base
+ * \param s        Null-terminated string buffer
+ *
+ * \return         0 if successful, or a MBEDTLS_ERR_MPI_XXX error code
+ */
+int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s );
+
+/**
+ * \brief          Export into an ASCII string
+ *
+ * \param X        Source MPI
+ * \param radix    Output numeric base
+ * \param buf      Buffer to write the string to
+ * \param buflen   Length of buf
+ * \param olen     Length of the string written, including final NUL byte
+ *
+ * \return         0 if successful, or a MBEDTLS_ERR_MPI_XXX error code.
+ *                 *olen is always updated to reflect the amount
+ *                 of data that has (or would have) been written.
+ *
+ * \note           Call this function with buflen = 0 to obtain the
+ *                 minimum required buffer size in *olen.
+ */
+int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix,
+                              char *buf, size_t buflen, size_t *olen );
+
+#if defined(MBEDTLS_FS_IO)
+/**
+ * \brief          Read MPI from a line in an opened file
+ *
+ * \param X        Destination MPI
+ * \param radix    Input numeric base
+ * \param fin      Input file handle
+ *
+ * \return         0 if successful, MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if
+ *                 the file read buffer is too small or a
+ *                 MBEDTLS_ERR_MPI_XXX error code
+ *
+ * \note           On success, this function advances the file stream
+ *                 to the end of the current line or to EOF.
+ *
+ *                 The function returns 0 on an empty line.
+ *
+ *                 Leading whitespaces are ignored, as is a
+ *                 '0x' prefix for radix 16.
+ *
+ */
+int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin );
+
+/**
+ * \brief          Write X into an opened file, or stdout if fout is NULL
+ *
+ * \param p        Prefix, can be NULL
+ * \param X        Source MPI
+ * \param radix    Output numeric base
+ * \param fout     Output file handle (can be NULL)
+ *
+ * \return         0 if successful, or a MBEDTLS_ERR_MPI_XXX error code
+ *
+ * \note           Set fout == NULL to print X on the console.
+ */
+int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, int radix, FILE *fout );
+#endif /* MBEDTLS_FS_IO */
+
+/**
+ * \brief          Import X from unsigned binary data, big endian
+ *
+ * \param X        Destination MPI
+ * \param buf      Input buffer
+ * \param buflen   Input buffer size
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
+ */
+int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, size_t buflen );
+
+/**
+ * \brief          Export X into unsigned binary data, big endian.
+ *                 Always fills the whole buffer, which will start with zeros
+ *                 if the number is smaller.
+ *
+ * \param X        Source MPI
+ * \param buf      Output buffer
+ * \param buflen   Output buffer size
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if buf isn't large enough
+ */
+int mbedtls_mpi_write_binary( const mbedtls_mpi *X, unsigned char *buf, size_t buflen );
+
+/**
+ * \brief          Left-shift: X <<= count
+ *
+ * \param X        MPI to shift
+ * \param count    Amount to shift
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
+ */
+int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count );
+
+/**
+ * \brief          Right-shift: X >>= count
+ *
+ * \param X        MPI to shift
+ * \param count    Amount to shift
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
+ */
+int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count );
+
+/**
+ * \brief          Compare unsigned values
+ *
+ * \param X        Left-hand MPI
+ * \param Y        Right-hand MPI
+ *
+ * \return         1 if |X| is greater than |Y|,
+ *                -1 if |X| is lesser  than |Y| or
+ *                 0 if |X| is equal to |Y|
+ */
+int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y );
+
+/**
+ * \brief          Compare signed values
+ *
+ * \param X        Left-hand MPI
+ * \param Y        Right-hand MPI
+ *
+ * \return         1 if X is greater than Y,
+ *                -1 if X is lesser  than Y or
+ *                 0 if X is equal to Y
+ */
+int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y );
+
+/**
+ * \brief          Compare signed values
+ *
+ * \param X        Left-hand MPI
+ * \param z        The integer value to compare to
+ *
+ * \return         1 if X is greater than z,
+ *                -1 if X is lesser  than z or
+ *                 0 if X is equal to z
+ */
+int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z );
+
+/**
+ * \brief          Unsigned addition: X = |A| + |B|
+ *
+ * \param X        Destination MPI
+ * \param A        Left-hand MPI
+ * \param B        Right-hand MPI
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
+ */
+int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B );
+
+/**
+ * \brief          Unsigned subtraction: X = |A| - |B|
+ *
+ * \param X        Destination MPI
+ * \param A        Left-hand MPI
+ * \param B        Right-hand MPI
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_NEGATIVE_VALUE if B is greater than A
+ */
+int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B );
+
+/**
+ * \brief          Signed addition: X = A + B
+ *
+ * \param X        Destination MPI
+ * \param A        Left-hand MPI
+ * \param B        Right-hand MPI
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
+ */
+int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B );
+
+/**
+ * \brief          Signed subtraction: X = A - B
+ *
+ * \param X        Destination MPI
+ * \param A        Left-hand MPI
+ * \param B        Right-hand MPI
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
+ */
+int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B );
+
+/**
+ * \brief          Signed addition: X = A + b
+ *
+ * \param X        Destination MPI
+ * \param A        Left-hand MPI
+ * \param b        The integer value to add
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
+ */
+int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b );
+
+/**
+ * \brief          Signed subtraction: X = A - b
+ *
+ * \param X        Destination MPI
+ * \param A        Left-hand MPI
+ * \param b        The integer value to subtract
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
+ */
+int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b );
+
+/**
+ * \brief          Baseline multiplication: X = A * B
+ *
+ * \param X        Destination MPI
+ * \param A        Left-hand MPI
+ * \param B        Right-hand MPI
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
+ */
+int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B );
+
+/**
+ * \brief          Baseline multiplication: X = A * b
+ *
+ * \param X        Destination MPI
+ * \param A        Left-hand MPI
+ * \param b        The unsigned integer value to multiply with
+ *
+ * \note           b is unsigned
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
+ */
+int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint b );
+
+/**
+ * \brief          Division by mbedtls_mpi: A = Q * B + R
+ *
+ * \param Q        Destination MPI for the quotient
+ * \param R        Destination MPI for the rest value
+ * \param A        Left-hand MPI
+ * \param B        Right-hand MPI
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed,
+ *                 MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if B == 0
+ *
+ * \note           Either Q or R can be NULL.
+ */
+int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B );
+
+/**
+ * \brief          Division by int: A = Q * b + R
+ *
+ * \param Q        Destination MPI for the quotient
+ * \param R        Destination MPI for the rest value
+ * \param A        Left-hand MPI
+ * \param b        Integer to divide by
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed,
+ *                 MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if b == 0
+ *
+ * \note           Either Q or R can be NULL.
+ */
+int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, mbedtls_mpi_sint b );
+
+/**
+ * \brief          Modulo: R = A mod B
+ *
+ * \param R        Destination MPI for the rest value
+ * \param A        Left-hand MPI
+ * \param B        Right-hand MPI
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed,
+ *                 MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if B == 0,
+ *                 MBEDTLS_ERR_MPI_NEGATIVE_VALUE if B < 0
+ */
+int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B );
+
+/**
+ * \brief          Modulo: r = A mod b
+ *
+ * \param r        Destination mbedtls_mpi_uint
+ * \param A        Left-hand MPI
+ * \param b        Integer to divide by
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed,
+ *                 MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if b == 0,
+ *                 MBEDTLS_ERR_MPI_NEGATIVE_VALUE if b < 0
+ */
+int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A, mbedtls_mpi_sint b );
+
+/**
+ * \brief          Sliding-window exponentiation: X = A^E mod N
+ *
+ * \param X        Destination MPI
+ * \param A        Left-hand MPI
+ * \param E        Exponent MPI
+ * \param N        Modular MPI
+ * \param _RR      Speed-up MPI used for recalculations
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed,
+ *                 MBEDTLS_ERR_MPI_BAD_INPUT_DATA if N is negative or even or
+ *                 if E is negative
+ *
+ * \note           _RR is used to avoid re-computing R*R mod N across
+ *                 multiple calls, which speeds up things a bit. It can
+ *                 be set to NULL if the extra performance is unneeded.
+ */
+int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *E, const mbedtls_mpi *N, mbedtls_mpi *_RR );
+
+/**
+ * \brief          Fill an MPI X with size bytes of random
+ *
+ * \param X        Destination MPI
+ * \param size     Size in bytes
+ * \param f_rng    RNG function
+ * \param p_rng    RNG parameter
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
+ *
+ * \note           The bytes obtained from the PRNG are interpreted
+ *                 as a big-endian representation of an MPI; this can
+ *                 be relevant in applications like deterministic ECDSA.
+ */
+int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size,
+                     int (*f_rng)(void *, unsigned char *, size_t),
+                     void *p_rng );
+
+/**
+ * \brief          Greatest common divisor: G = gcd(A, B)
+ *
+ * \param G        Destination MPI
+ * \param A        Left-hand MPI
+ * \param B        Right-hand MPI
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
+ */
+int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B );
+
+/**
+ * \brief          Modular inverse: X = A^-1 mod N
+ *
+ * \param X        Destination MPI
+ * \param A        Left-hand MPI
+ * \param N        Right-hand MPI
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed,
+ *                 MBEDTLS_ERR_MPI_BAD_INPUT_DATA if N is <= 1,
+                   MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if A has no inverse mod N.
+ */
+int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *N );
+
+/**
+ * \brief          Miller-Rabin primality test
+ *
+ * \param X        MPI to check
+ * \param f_rng    RNG function
+ * \param p_rng    RNG parameter
+ *
+ * \return         0 if successful (probably prime),
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed,
+ *                 MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if X is not prime
+ */
+int mbedtls_mpi_is_prime( const mbedtls_mpi *X,
+                  int (*f_rng)(void *, unsigned char *, size_t),
+                  void *p_rng );
+
+/**
+ * \brief          Prime number generation
+ *
+ * \param X        Destination MPI
+ * \param nbits    Required size of X in bits
+ *                 ( 3 <= nbits <= MBEDTLS_MPI_MAX_BITS )
+ * \param dh_flag  If 1, then (X-1)/2 will be prime too
+ * \param f_rng    RNG function
+ * \param p_rng    RNG parameter
+ *
+ * \return         0 if successful (probably prime),
+ *                 MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed,
+ *                 MBEDTLS_ERR_MPI_BAD_INPUT_DATA if nbits is < 3
+ */
+int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int dh_flag,
+                   int (*f_rng)(void *, unsigned char *, size_t),
+                   void *p_rng );
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if the test failed
+ */
+int mbedtls_mpi_self_test( int verbose );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* bignum.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/blowfish.h b/thirdparty/mbedtls/include/mbedtls/blowfish.h
new file mode 100644
index 0000000000..c0ef5a04cc
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/blowfish.h
@@ -0,0 +1,205 @@
+/**
+ * \file blowfish.h
+ *
+ * \brief Blowfish block cipher
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_BLOWFISH_H
+#define MBEDTLS_BLOWFISH_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+#include <stdint.h>
+
+#define MBEDTLS_BLOWFISH_ENCRYPT     1
+#define MBEDTLS_BLOWFISH_DECRYPT     0
+#define MBEDTLS_BLOWFISH_MAX_KEY_BITS     448
+#define MBEDTLS_BLOWFISH_MIN_KEY_BITS     32
+#define MBEDTLS_BLOWFISH_ROUNDS      16         /**< Rounds to use. When increasing this value, make sure to extend the initialisation vectors */
+#define MBEDTLS_BLOWFISH_BLOCKSIZE   8          /* Blowfish uses 64 bit blocks */
+
+#define MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH                -0x0016  /**< Invalid key length. */
+#define MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED                   -0x0017  /**< Blowfish hardware accelerator failed. */
+#define MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH              -0x0018  /**< Invalid data input length. */
+
+#if !defined(MBEDTLS_BLOWFISH_ALT)
+// Regular implementation
+//
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          Blowfish context structure
+ */
+typedef struct
+{
+    uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2];    /*!<  Blowfish round keys    */
+    uint32_t S[4][256];                 /*!<  key dependent S-boxes  */
+}
+mbedtls_blowfish_context;
+
+/**
+ * \brief          Initialize Blowfish context
+ *
+ * \param ctx      Blowfish context to be initialized
+ */
+void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx );
+
+/**
+ * \brief          Clear Blowfish context
+ *
+ * \param ctx      Blowfish context to be cleared
+ */
+void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx );
+
+/**
+ * \brief          Blowfish key schedule
+ *
+ * \param ctx      Blowfish context to be initialized
+ * \param key      encryption key
+ * \param keybits  must be between 32 and 448 bits
+ *
+ * \return         0 if successful, or MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH
+ */
+int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char *key,
+                     unsigned int keybits );
+
+/**
+ * \brief          Blowfish-ECB block encryption/decryption
+ *
+ * \param ctx      Blowfish context
+ * \param mode     MBEDTLS_BLOWFISH_ENCRYPT or MBEDTLS_BLOWFISH_DECRYPT
+ * \param input    8-byte input block
+ * \param output   8-byte output block
+ *
+ * \return         0 if successful
+ */
+int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx,
+                        int mode,
+                        const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                        unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] );
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+/**
+ * \brief          Blowfish-CBC buffer encryption/decryption
+ *                 Length should be a multiple of the block
+ *                 size (8 bytes)
+ *
+ * \note           Upon exit, the content of the IV is updated so that you can
+ *                 call the function same function again on the following
+ *                 block(s) of data and get the same result as if it was
+ *                 encrypted in one call. This allows a "streaming" usage.
+ *                 If on the other hand you need to retain the contents of the
+ *                 IV, you should either save it manually or use the cipher
+ *                 module instead.
+ *
+ * \param ctx      Blowfish context
+ * \param mode     MBEDTLS_BLOWFISH_ENCRYPT or MBEDTLS_BLOWFISH_DECRYPT
+ * \param length   length of the input data
+ * \param iv       initialization vector (updated after use)
+ * \param input    buffer holding the input data
+ * \param output   buffer holding the output data
+ *
+ * \return         0 if successful, or
+ *                 MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH
+ */
+int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
+                        int mode,
+                        size_t length,
+                        unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                        const unsigned char *input,
+                        unsigned char *output );
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+/**
+ * \brief          Blowfish CFB buffer encryption/decryption.
+ *
+ * \note           Upon exit, the content of the IV is updated so that you can
+ *                 call the function same function again on the following
+ *                 block(s) of data and get the same result as if it was
+ *                 encrypted in one call. This allows a "streaming" usage.
+ *                 If on the other hand you need to retain the contents of the
+ *                 IV, you should either save it manually or use the cipher
+ *                 module instead.
+ *
+ * \param ctx      Blowfish context
+ * \param mode     MBEDTLS_BLOWFISH_ENCRYPT or MBEDTLS_BLOWFISH_DECRYPT
+ * \param length   length of the input data
+ * \param iv_off   offset in IV (updated after use)
+ * \param iv       initialization vector (updated after use)
+ * \param input    buffer holding the input data
+ * \param output   buffer holding the output data
+ *
+ * \return         0 if successful
+ */
+int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
+                          int mode,
+                          size_t length,
+                          size_t *iv_off,
+                          unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                          const unsigned char *input,
+                          unsigned char *output );
+#endif /*MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+/**
+ * \brief               Blowfish-CTR buffer encryption/decryption
+ *
+ * Warning: You have to keep the maximum use of your counter in mind!
+ *
+ * \param ctx           Blowfish context
+ * \param length        The length of the data
+ * \param nc_off        The offset in the current stream_block (for resuming
+ *                      within current cipher stream). The offset pointer to
+ *                      should be 0 at the start of a stream.
+ * \param nonce_counter The 64-bit nonce and counter.
+ * \param stream_block  The saved stream-block for resuming. Is overwritten
+ *                      by the function.
+ * \param input         The input data stream
+ * \param output        The output data stream
+ *
+ * \return         0 if successful
+ */
+int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx,
+                        size_t length,
+                        size_t *nc_off,
+                        unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                        unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                        const unsigned char *input,
+                        unsigned char *output );
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+#ifdef __cplusplus
+}
+#endif
+
+#else  /* MBEDTLS_BLOWFISH_ALT */
+#include "blowfish_alt.h"
+#endif /* MBEDTLS_BLOWFISH_ALT */
+
+#endif /* blowfish.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/bn_mul.h b/thirdparty/mbedtls/include/mbedtls/bn_mul.h
new file mode 100644
index 0000000000..354c1cc1ab
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/bn_mul.h
@@ -0,0 +1,886 @@
+/**
+ * \file bn_mul.h
+ *
+ * \brief Multi-precision integer library
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ *      Multiply source vector [s] with b, add result
+ *       to destination vector [d] and set carry c.
+ *
+ *      Currently supports:
+ *
+ *         . IA-32 (386+)         . AMD64 / EM64T
+ *         . IA-32 (SSE2)         . Motorola 68000
+ *         . PowerPC, 32-bit      . MicroBlaze
+ *         . PowerPC, 64-bit      . TriCore
+ *         . SPARC v8             . ARM v3+
+ *         . Alpha                . MIPS32
+ *         . C, longlong          . C, generic
+ */
+#ifndef MBEDTLS_BN_MUL_H
+#define MBEDTLS_BN_MUL_H
+
+#include "bignum.h"
+
+#if defined(MBEDTLS_HAVE_ASM)
+
+#ifndef asm
+#define asm __asm
+#endif
+
+/* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */
+#if defined(__GNUC__) && \
+    ( !defined(__ARMCC_VERSION) || __ARMCC_VERSION >= 6000000 )
+#if defined(__i386__)
+
+#define MULADDC_INIT                        \
+    asm(                                    \
+        "movl   %%ebx, %0           \n\t"   \
+        "movl   %5, %%esi           \n\t"   \
+        "movl   %6, %%edi           \n\t"   \
+        "movl   %7, %%ecx           \n\t"   \
+        "movl   %8, %%ebx           \n\t"
+
+#define MULADDC_CORE                        \
+        "lodsl                      \n\t"   \
+        "mull   %%ebx               \n\t"   \
+        "addl   %%ecx,   %%eax      \n\t"   \
+        "adcl   $0,      %%edx      \n\t"   \
+        "addl   (%%edi), %%eax      \n\t"   \
+        "adcl   $0,      %%edx      \n\t"   \
+        "movl   %%edx,   %%ecx      \n\t"   \
+        "stosl                      \n\t"
+
+#if defined(MBEDTLS_HAVE_SSE2)
+
+#define MULADDC_HUIT                            \
+        "movd     %%ecx,     %%mm1      \n\t"   \
+        "movd     %%ebx,     %%mm0      \n\t"   \
+        "movd     (%%edi),   %%mm3      \n\t"   \
+        "paddq    %%mm3,     %%mm1      \n\t"   \
+        "movd     (%%esi),   %%mm2      \n\t"   \
+        "pmuludq  %%mm0,     %%mm2      \n\t"   \
+        "movd     4(%%esi),  %%mm4      \n\t"   \
+        "pmuludq  %%mm0,     %%mm4      \n\t"   \
+        "movd     8(%%esi),  %%mm6      \n\t"   \
+        "pmuludq  %%mm0,     %%mm6      \n\t"   \
+        "movd     12(%%esi), %%mm7      \n\t"   \
+        "pmuludq  %%mm0,     %%mm7      \n\t"   \
+        "paddq    %%mm2,     %%mm1      \n\t"   \
+        "movd     4(%%edi),  %%mm3      \n\t"   \
+        "paddq    %%mm4,     %%mm3      \n\t"   \
+        "movd     8(%%edi),  %%mm5      \n\t"   \
+        "paddq    %%mm6,     %%mm5      \n\t"   \
+        "movd     12(%%edi), %%mm4      \n\t"   \
+        "paddq    %%mm4,     %%mm7      \n\t"   \
+        "movd     %%mm1,     (%%edi)    \n\t"   \
+        "movd     16(%%esi), %%mm2      \n\t"   \
+        "pmuludq  %%mm0,     %%mm2      \n\t"   \
+        "psrlq    $32,       %%mm1      \n\t"   \
+        "movd     20(%%esi), %%mm4      \n\t"   \
+        "pmuludq  %%mm0,     %%mm4      \n\t"   \
+        "paddq    %%mm3,     %%mm1      \n\t"   \
+        "movd     24(%%esi), %%mm6      \n\t"   \
+        "pmuludq  %%mm0,     %%mm6      \n\t"   \
+        "movd     %%mm1,     4(%%edi)   \n\t"   \
+        "psrlq    $32,       %%mm1      \n\t"   \
+        "movd     28(%%esi), %%mm3      \n\t"   \
+        "pmuludq  %%mm0,     %%mm3      \n\t"   \
+        "paddq    %%mm5,     %%mm1      \n\t"   \
+        "movd     16(%%edi), %%mm5      \n\t"   \
+        "paddq    %%mm5,     %%mm2      \n\t"   \
+        "movd     %%mm1,     8(%%edi)   \n\t"   \
+        "psrlq    $32,       %%mm1      \n\t"   \
+        "paddq    %%mm7,     %%mm1      \n\t"   \
+        "movd     20(%%edi), %%mm5      \n\t"   \
+        "paddq    %%mm5,     %%mm4      \n\t"   \
+        "movd     %%mm1,     12(%%edi)  \n\t"   \
+        "psrlq    $32,       %%mm1      \n\t"   \
+        "paddq    %%mm2,     %%mm1      \n\t"   \
+        "movd     24(%%edi), %%mm5      \n\t"   \
+        "paddq    %%mm5,     %%mm6      \n\t"   \
+        "movd     %%mm1,     16(%%edi)  \n\t"   \
+        "psrlq    $32,       %%mm1      \n\t"   \
+        "paddq    %%mm4,     %%mm1      \n\t"   \
+        "movd     28(%%edi), %%mm5      \n\t"   \
+        "paddq    %%mm5,     %%mm3      \n\t"   \
+        "movd     %%mm1,     20(%%edi)  \n\t"   \
+        "psrlq    $32,       %%mm1      \n\t"   \
+        "paddq    %%mm6,     %%mm1      \n\t"   \
+        "movd     %%mm1,     24(%%edi)  \n\t"   \
+        "psrlq    $32,       %%mm1      \n\t"   \
+        "paddq    %%mm3,     %%mm1      \n\t"   \
+        "movd     %%mm1,     28(%%edi)  \n\t"   \
+        "addl     $32,       %%edi      \n\t"   \
+        "addl     $32,       %%esi      \n\t"   \
+        "psrlq    $32,       %%mm1      \n\t"   \
+        "movd     %%mm1,     %%ecx      \n\t"
+
+#define MULADDC_STOP                    \
+        "emms                   \n\t"   \
+        "movl   %4, %%ebx       \n\t"   \
+        "movl   %%ecx, %1       \n\t"   \
+        "movl   %%edi, %2       \n\t"   \
+        "movl   %%esi, %3       \n\t"   \
+        : "=m" (t), "=m" (c), "=m" (d), "=m" (s)        \
+        : "m" (t), "m" (s), "m" (d), "m" (c), "m" (b)   \
+        : "eax", "ecx", "edx", "esi", "edi"             \
+    );
+
+#else
+
+#define MULADDC_STOP                    \
+        "movl   %4, %%ebx       \n\t"   \
+        "movl   %%ecx, %1       \n\t"   \
+        "movl   %%edi, %2       \n\t"   \
+        "movl   %%esi, %3       \n\t"   \
+        : "=m" (t), "=m" (c), "=m" (d), "=m" (s)        \
+        : "m" (t), "m" (s), "m" (d), "m" (c), "m" (b)   \
+        : "eax", "ecx", "edx", "esi", "edi"             \
+    );
+#endif /* SSE2 */
+#endif /* i386 */
+
+#if defined(__amd64__) || defined (__x86_64__)
+
+#define MULADDC_INIT                        \
+    asm(                                    \
+        "xorq   %%r8, %%r8          \n\t"
+
+#define MULADDC_CORE                        \
+        "movq   (%%rsi), %%rax      \n\t"   \
+        "mulq   %%rbx               \n\t"   \
+        "addq   $8,      %%rsi      \n\t"   \
+        "addq   %%rcx,   %%rax      \n\t"   \
+        "movq   %%r8,    %%rcx      \n\t"   \
+        "adcq   $0,      %%rdx      \n\t"   \
+        "nop                        \n\t"   \
+        "addq   %%rax,   (%%rdi)    \n\t"   \
+        "adcq   %%rdx,   %%rcx      \n\t"   \
+        "addq   $8,      %%rdi      \n\t"
+
+#define MULADDC_STOP                        \
+        : "+c" (c), "+D" (d), "+S" (s)      \
+        : "b" (b)                           \
+        : "rax", "rdx", "r8"                \
+    );
+
+#endif /* AMD64 */
+
+#if defined(__mc68020__) || defined(__mcpu32__)
+
+#define MULADDC_INIT                    \
+    asm(                                \
+        "movl   %3, %%a2        \n\t"   \
+        "movl   %4, %%a3        \n\t"   \
+        "movl   %5, %%d3        \n\t"   \
+        "movl   %6, %%d2        \n\t"   \
+        "moveq  #0, %%d0        \n\t"
+
+#define MULADDC_CORE                    \
+        "movel  %%a2@+, %%d1    \n\t"   \
+        "mulul  %%d2, %%d4:%%d1 \n\t"   \
+        "addl   %%d3, %%d1      \n\t"   \
+        "addxl  %%d0, %%d4      \n\t"   \
+        "moveq  #0,   %%d3      \n\t"   \
+        "addl   %%d1, %%a3@+    \n\t"   \
+        "addxl  %%d4, %%d3      \n\t"
+
+#define MULADDC_STOP                    \
+        "movl   %%d3, %0        \n\t"   \
+        "movl   %%a3, %1        \n\t"   \
+        "movl   %%a2, %2        \n\t"   \
+        : "=m" (c), "=m" (d), "=m" (s)              \
+        : "m" (s), "m" (d), "m" (c), "m" (b)        \
+        : "d0", "d1", "d2", "d3", "d4", "a2", "a3"  \
+    );
+
+#define MULADDC_HUIT                        \
+        "movel  %%a2@+,  %%d1       \n\t"   \
+        "mulul  %%d2,    %%d4:%%d1  \n\t"   \
+        "addxl  %%d3,    %%d1       \n\t"   \
+        "addxl  %%d0,    %%d4       \n\t"   \
+        "addl   %%d1,    %%a3@+     \n\t"   \
+        "movel  %%a2@+,  %%d1       \n\t"   \
+        "mulul  %%d2,    %%d3:%%d1  \n\t"   \
+        "addxl  %%d4,    %%d1       \n\t"   \
+        "addxl  %%d0,    %%d3       \n\t"   \
+        "addl   %%d1,    %%a3@+     \n\t"   \
+        "movel  %%a2@+,  %%d1       \n\t"   \
+        "mulul  %%d2,    %%d4:%%d1  \n\t"   \
+        "addxl  %%d3,    %%d1       \n\t"   \
+        "addxl  %%d0,    %%d4       \n\t"   \
+        "addl   %%d1,    %%a3@+     \n\t"   \
+        "movel  %%a2@+,  %%d1       \n\t"   \
+        "mulul  %%d2,    %%d3:%%d1  \n\t"   \
+        "addxl  %%d4,    %%d1       \n\t"   \
+        "addxl  %%d0,    %%d3       \n\t"   \
+        "addl   %%d1,    %%a3@+     \n\t"   \
+        "movel  %%a2@+,  %%d1       \n\t"   \
+        "mulul  %%d2,    %%d4:%%d1  \n\t"   \
+        "addxl  %%d3,    %%d1       \n\t"   \
+        "addxl  %%d0,    %%d4       \n\t"   \
+        "addl   %%d1,    %%a3@+     \n\t"   \
+        "movel  %%a2@+,  %%d1       \n\t"   \
+        "mulul  %%d2,    %%d3:%%d1  \n\t"   \
+        "addxl  %%d4,    %%d1       \n\t"   \
+        "addxl  %%d0,    %%d3       \n\t"   \
+        "addl   %%d1,    %%a3@+     \n\t"   \
+        "movel  %%a2@+,  %%d1       \n\t"   \
+        "mulul  %%d2,    %%d4:%%d1  \n\t"   \
+        "addxl  %%d3,    %%d1       \n\t"   \
+        "addxl  %%d0,    %%d4       \n\t"   \
+        "addl   %%d1,    %%a3@+     \n\t"   \
+        "movel  %%a2@+,  %%d1       \n\t"   \
+        "mulul  %%d2,    %%d3:%%d1  \n\t"   \
+        "addxl  %%d4,    %%d1       \n\t"   \
+        "addxl  %%d0,    %%d3       \n\t"   \
+        "addl   %%d1,    %%a3@+     \n\t"   \
+        "addxl  %%d0,    %%d3       \n\t"
+
+#endif /* MC68000 */
+
+#if defined(__powerpc64__) || defined(__ppc64__)
+
+#if defined(__MACH__) && defined(__APPLE__)
+
+#define MULADDC_INIT                        \
+    asm(                                    \
+        "ld     r3, %3              \n\t"   \
+        "ld     r4, %4              \n\t"   \
+        "ld     r5, %5              \n\t"   \
+        "ld     r6, %6              \n\t"   \
+        "addi   r3, r3, -8          \n\t"   \
+        "addi   r4, r4, -8          \n\t"   \
+        "addic  r5, r5,  0          \n\t"
+
+#define MULADDC_CORE                        \
+        "ldu    r7, 8(r3)           \n\t"   \
+        "mulld  r8, r7, r6          \n\t"   \
+        "mulhdu r9, r7, r6          \n\t"   \
+        "adde   r8, r8, r5          \n\t"   \
+        "ld     r7, 8(r4)           \n\t"   \
+        "addze  r5, r9              \n\t"   \
+        "addc   r8, r8, r7          \n\t"   \
+        "stdu   r8, 8(r4)           \n\t"
+
+#define MULADDC_STOP                        \
+        "addze  r5, r5              \n\t"   \
+        "addi   r4, r4, 8           \n\t"   \
+        "addi   r3, r3, 8           \n\t"   \
+        "std    r5, %0              \n\t"   \
+        "std    r4, %1              \n\t"   \
+        "std    r3, %2              \n\t"   \
+        : "=m" (c), "=m" (d), "=m" (s)              \
+        : "m" (s), "m" (d), "m" (c), "m" (b)        \
+        : "r3", "r4", "r5", "r6", "r7", "r8", "r9"  \
+    );
+
+
+#else /* __MACH__ && __APPLE__ */
+
+#define MULADDC_INIT                        \
+    asm(                                    \
+        "ld     %%r3, %3            \n\t"   \
+        "ld     %%r4, %4            \n\t"   \
+        "ld     %%r5, %5            \n\t"   \
+        "ld     %%r6, %6            \n\t"   \
+        "addi   %%r3, %%r3, -8      \n\t"   \
+        "addi   %%r4, %%r4, -8      \n\t"   \
+        "addic  %%r5, %%r5,  0      \n\t"
+
+#define MULADDC_CORE                        \
+        "ldu    %%r7, 8(%%r3)       \n\t"   \
+        "mulld  %%r8, %%r7, %%r6    \n\t"   \
+        "mulhdu %%r9, %%r7, %%r6    \n\t"   \
+        "adde   %%r8, %%r8, %%r5    \n\t"   \
+        "ld     %%r7, 8(%%r4)       \n\t"   \
+        "addze  %%r5, %%r9          \n\t"   \
+        "addc   %%r8, %%r8, %%r7    \n\t"   \
+        "stdu   %%r8, 8(%%r4)       \n\t"
+
+#define MULADDC_STOP                        \
+        "addze  %%r5, %%r5          \n\t"   \
+        "addi   %%r4, %%r4, 8       \n\t"   \
+        "addi   %%r3, %%r3, 8       \n\t"   \
+        "std    %%r5, %0            \n\t"   \
+        "std    %%r4, %1            \n\t"   \
+        "std    %%r3, %2            \n\t"   \
+        : "=m" (c), "=m" (d), "=m" (s)              \
+        : "m" (s), "m" (d), "m" (c), "m" (b)        \
+        : "r3", "r4", "r5", "r6", "r7", "r8", "r9"  \
+    );
+
+#endif /* __MACH__ && __APPLE__ */
+
+#elif defined(__powerpc__) || defined(__ppc__) /* end PPC64/begin PPC32  */
+
+#if defined(__MACH__) && defined(__APPLE__)
+
+#define MULADDC_INIT                    \
+    asm(                                \
+        "lwz    r3, %3          \n\t"   \
+        "lwz    r4, %4          \n\t"   \
+        "lwz    r5, %5          \n\t"   \
+        "lwz    r6, %6          \n\t"   \
+        "addi   r3, r3, -4      \n\t"   \
+        "addi   r4, r4, -4      \n\t"   \
+        "addic  r5, r5,  0      \n\t"
+
+#define MULADDC_CORE                    \
+        "lwzu   r7, 4(r3)       \n\t"   \
+        "mullw  r8, r7, r6      \n\t"   \
+        "mulhwu r9, r7, r6      \n\t"   \
+        "adde   r8, r8, r5      \n\t"   \
+        "lwz    r7, 4(r4)       \n\t"   \
+        "addze  r5, r9          \n\t"   \
+        "addc   r8, r8, r7      \n\t"   \
+        "stwu   r8, 4(r4)       \n\t"
+
+#define MULADDC_STOP                    \
+        "addze  r5, r5          \n\t"   \
+        "addi   r4, r4, 4       \n\t"   \
+        "addi   r3, r3, 4       \n\t"   \
+        "stw    r5, %0          \n\t"   \
+        "stw    r4, %1          \n\t"   \
+        "stw    r3, %2          \n\t"   \
+        : "=m" (c), "=m" (d), "=m" (s)              \
+        : "m" (s), "m" (d), "m" (c), "m" (b)        \
+        : "r3", "r4", "r5", "r6", "r7", "r8", "r9"  \
+    );
+
+#else /* __MACH__ && __APPLE__ */
+
+#define MULADDC_INIT                        \
+    asm(                                    \
+        "lwz    %%r3, %3            \n\t"   \
+        "lwz    %%r4, %4            \n\t"   \
+        "lwz    %%r5, %5            \n\t"   \
+        "lwz    %%r6, %6            \n\t"   \
+        "addi   %%r3, %%r3, -4      \n\t"   \
+        "addi   %%r4, %%r4, -4      \n\t"   \
+        "addic  %%r5, %%r5,  0      \n\t"
+
+#define MULADDC_CORE                        \
+        "lwzu   %%r7, 4(%%r3)       \n\t"   \
+        "mullw  %%r8, %%r7, %%r6    \n\t"   \
+        "mulhwu %%r9, %%r7, %%r6    \n\t"   \
+        "adde   %%r8, %%r8, %%r5    \n\t"   \
+        "lwz    %%r7, 4(%%r4)       \n\t"   \
+        "addze  %%r5, %%r9          \n\t"   \
+        "addc   %%r8, %%r8, %%r7    \n\t"   \
+        "stwu   %%r8, 4(%%r4)       \n\t"
+
+#define MULADDC_STOP                        \
+        "addze  %%r5, %%r5          \n\t"   \
+        "addi   %%r4, %%r4, 4       \n\t"   \
+        "addi   %%r3, %%r3, 4       \n\t"   \
+        "stw    %%r5, %0            \n\t"   \
+        "stw    %%r4, %1            \n\t"   \
+        "stw    %%r3, %2            \n\t"   \
+        : "=m" (c), "=m" (d), "=m" (s)              \
+        : "m" (s), "m" (d), "m" (c), "m" (b)        \
+        : "r3", "r4", "r5", "r6", "r7", "r8", "r9"  \
+    );
+
+#endif /* __MACH__ && __APPLE__ */
+
+#endif /* PPC32 */
+
+/*
+ * The Sparc(64) assembly is reported to be broken.
+ * Disable it for now, until we're able to fix it.
+ */
+#if 0 && defined(__sparc__)
+#if defined(__sparc64__)
+
+#define MULADDC_INIT                                    \
+    asm(                                                \
+                "ldx     %3, %%o0               \n\t"   \
+                "ldx     %4, %%o1               \n\t"   \
+                "ld      %5, %%o2               \n\t"   \
+                "ld      %6, %%o3               \n\t"
+
+#define MULADDC_CORE                                    \
+                "ld      [%%o0], %%o4           \n\t"   \
+                "inc     4, %%o0                \n\t"   \
+                "ld      [%%o1], %%o5           \n\t"   \
+                "umul    %%o3, %%o4, %%o4       \n\t"   \
+                "addcc   %%o4, %%o2, %%o4       \n\t"   \
+                "rd      %%y, %%g1              \n\t"   \
+                "addx    %%g1, 0, %%g1          \n\t"   \
+                "addcc   %%o4, %%o5, %%o4       \n\t"   \
+                "st      %%o4, [%%o1]           \n\t"   \
+                "addx    %%g1, 0, %%o2          \n\t"   \
+                "inc     4, %%o1                \n\t"
+
+        #define MULADDC_STOP                            \
+                "st      %%o2, %0               \n\t"   \
+                "stx     %%o1, %1               \n\t"   \
+                "stx     %%o0, %2               \n\t"   \
+        : "=m" (c), "=m" (d), "=m" (s)          \
+        : "m" (s), "m" (d), "m" (c), "m" (b)    \
+        : "g1", "o0", "o1", "o2", "o3", "o4",   \
+          "o5"                                  \
+        );
+
+#else /* __sparc64__ */
+
+#define MULADDC_INIT                                    \
+    asm(                                                \
+                "ld      %3, %%o0               \n\t"   \
+                "ld      %4, %%o1               \n\t"   \
+                "ld      %5, %%o2               \n\t"   \
+                "ld      %6, %%o3               \n\t"
+
+#define MULADDC_CORE                                    \
+                "ld      [%%o0], %%o4           \n\t"   \
+                "inc     4, %%o0                \n\t"   \
+                "ld      [%%o1], %%o5           \n\t"   \
+                "umul    %%o3, %%o4, %%o4       \n\t"   \
+                "addcc   %%o4, %%o2, %%o4       \n\t"   \
+                "rd      %%y, %%g1              \n\t"   \
+                "addx    %%g1, 0, %%g1          \n\t"   \
+                "addcc   %%o4, %%o5, %%o4       \n\t"   \
+                "st      %%o4, [%%o1]           \n\t"   \
+                "addx    %%g1, 0, %%o2          \n\t"   \
+                "inc     4, %%o1                \n\t"
+
+#define MULADDC_STOP                                    \
+                "st      %%o2, %0               \n\t"   \
+                "st      %%o1, %1               \n\t"   \
+                "st      %%o0, %2               \n\t"   \
+        : "=m" (c), "=m" (d), "=m" (s)          \
+        : "m" (s), "m" (d), "m" (c), "m" (b)    \
+        : "g1", "o0", "o1", "o2", "o3", "o4",   \
+          "o5"                                  \
+        );
+
+#endif /* __sparc64__ */
+#endif /* __sparc__ */
+
+#if defined(__microblaze__) || defined(microblaze)
+
+#define MULADDC_INIT                    \
+    asm(                                \
+        "lwi   r3,   %3         \n\t"   \
+        "lwi   r4,   %4         \n\t"   \
+        "lwi   r5,   %5         \n\t"   \
+        "lwi   r6,   %6         \n\t"   \
+        "andi  r7,   r6, 0xffff \n\t"   \
+        "bsrli r6,   r6, 16     \n\t"
+
+#define MULADDC_CORE                    \
+        "lhui  r8,   r3,   0    \n\t"   \
+        "addi  r3,   r3,   2    \n\t"   \
+        "lhui  r9,   r3,   0    \n\t"   \
+        "addi  r3,   r3,   2    \n\t"   \
+        "mul   r10,  r9,  r6    \n\t"   \
+        "mul   r11,  r8,  r7    \n\t"   \
+        "mul   r12,  r9,  r7    \n\t"   \
+        "mul   r13,  r8,  r6    \n\t"   \
+        "bsrli  r8, r10,  16    \n\t"   \
+        "bsrli  r9, r11,  16    \n\t"   \
+        "add   r13, r13,  r8    \n\t"   \
+        "add   r13, r13,  r9    \n\t"   \
+        "bslli r10, r10,  16    \n\t"   \
+        "bslli r11, r11,  16    \n\t"   \
+        "add   r12, r12, r10    \n\t"   \
+        "addc  r13, r13,  r0    \n\t"   \
+        "add   r12, r12, r11    \n\t"   \
+        "addc  r13, r13,  r0    \n\t"   \
+        "lwi   r10,  r4,   0    \n\t"   \
+        "add   r12, r12, r10    \n\t"   \
+        "addc  r13, r13,  r0    \n\t"   \
+        "add   r12, r12,  r5    \n\t"   \
+        "addc   r5, r13,  r0    \n\t"   \
+        "swi   r12,  r4,   0    \n\t"   \
+        "addi   r4,  r4,   4    \n\t"
+
+#define MULADDC_STOP                    \
+        "swi   r5,   %0         \n\t"   \
+        "swi   r4,   %1         \n\t"   \
+        "swi   r3,   %2         \n\t"   \
+        : "=m" (c), "=m" (d), "=m" (s)              \
+        : "m" (s), "m" (d), "m" (c), "m" (b)        \
+        : "r3", "r4"  "r5", "r6", "r7", "r8",       \
+          "r9", "r10", "r11", "r12", "r13"          \
+    );
+
+#endif /* MicroBlaze */
+
+#if defined(__tricore__)
+
+#define MULADDC_INIT                            \
+    asm(                                        \
+        "ld.a   %%a2, %3                \n\t"   \
+        "ld.a   %%a3, %4                \n\t"   \
+        "ld.w   %%d4, %5                \n\t"   \
+        "ld.w   %%d1, %6                \n\t"   \
+        "xor    %%d5, %%d5              \n\t"
+
+#define MULADDC_CORE                            \
+        "ld.w   %%d0,   [%%a2+]         \n\t"   \
+        "madd.u %%e2, %%e4, %%d0, %%d1  \n\t"   \
+        "ld.w   %%d0,   [%%a3]          \n\t"   \
+        "addx   %%d2,    %%d2,  %%d0    \n\t"   \
+        "addc   %%d3,    %%d3,    0     \n\t"   \
+        "mov    %%d4,    %%d3           \n\t"   \
+        "st.w  [%%a3+],  %%d2           \n\t"
+
+#define MULADDC_STOP                            \
+        "st.w   %0, %%d4                \n\t"   \
+        "st.a   %1, %%a3                \n\t"   \
+        "st.a   %2, %%a2                \n\t"   \
+        : "=m" (c), "=m" (d), "=m" (s)          \
+        : "m" (s), "m" (d), "m" (c), "m" (b)    \
+        : "d0", "d1", "e2", "d4", "a2", "a3"    \
+    );
+
+#endif /* TriCore */
+
+/*
+ * gcc -O0 by default uses r7 for the frame pointer, so it complains about our
+ * use of r7 below, unless -fomit-frame-pointer is passed. Unfortunately,
+ * passing that option is not easy when building with yotta.
+ *
+ * On the other hand, -fomit-frame-pointer is implied by any -Ox options with
+ * x !=0, which we can detect using __OPTIMIZE__ (which is also defined by
+ * clang and armcc5 under the same conditions).
+ *
+ * So, only use the optimized assembly below for optimized build, which avoids
+ * the build error and is pretty reasonable anyway.
+ */
+#if defined(__GNUC__) && !defined(__OPTIMIZE__)
+#define MULADDC_CANNOT_USE_R7
+#endif
+
+#if defined(__arm__) && !defined(MULADDC_CANNOT_USE_R7)
+
+#if defined(__thumb__) && !defined(__thumb2__)
+
+#define MULADDC_INIT                                    \
+    asm(                                                \
+            "ldr    r0, %3                      \n\t"   \
+            "ldr    r1, %4                      \n\t"   \
+            "ldr    r2, %5                      \n\t"   \
+            "ldr    r3, %6                      \n\t"   \
+            "lsr    r7, r3, #16                 \n\t"   \
+            "mov    r9, r7                      \n\t"   \
+            "lsl    r7, r3, #16                 \n\t"   \
+            "lsr    r7, r7, #16                 \n\t"   \
+            "mov    r8, r7                      \n\t"
+
+#define MULADDC_CORE                                    \
+            "ldmia  r0!, {r6}                   \n\t"   \
+            "lsr    r7, r6, #16                 \n\t"   \
+            "lsl    r6, r6, #16                 \n\t"   \
+            "lsr    r6, r6, #16                 \n\t"   \
+            "mov    r4, r8                      \n\t"   \
+            "mul    r4, r6                      \n\t"   \
+            "mov    r3, r9                      \n\t"   \
+            "mul    r6, r3                      \n\t"   \
+            "mov    r5, r9                      \n\t"   \
+            "mul    r5, r7                      \n\t"   \
+            "mov    r3, r8                      \n\t"   \
+            "mul    r7, r3                      \n\t"   \
+            "lsr    r3, r6, #16                 \n\t"   \
+            "add    r5, r5, r3                  \n\t"   \
+            "lsr    r3, r7, #16                 \n\t"   \
+            "add    r5, r5, r3                  \n\t"   \
+            "add    r4, r4, r2                  \n\t"   \
+            "mov    r2, #0                      \n\t"   \
+            "adc    r5, r2                      \n\t"   \
+            "lsl    r3, r6, #16                 \n\t"   \
+            "add    r4, r4, r3                  \n\t"   \
+            "adc    r5, r2                      \n\t"   \
+            "lsl    r3, r7, #16                 \n\t"   \
+            "add    r4, r4, r3                  \n\t"   \
+            "adc    r5, r2                      \n\t"   \
+            "ldr    r3, [r1]                    \n\t"   \
+            "add    r4, r4, r3                  \n\t"   \
+            "adc    r2, r5                      \n\t"   \
+            "stmia  r1!, {r4}                   \n\t"
+
+#define MULADDC_STOP                                    \
+            "str    r2, %0                      \n\t"   \
+            "str    r1, %1                      \n\t"   \
+            "str    r0, %2                      \n\t"   \
+         : "=m" (c),  "=m" (d), "=m" (s)        \
+         : "m" (s), "m" (d), "m" (c), "m" (b)   \
+         : "r0", "r1", "r2", "r3", "r4", "r5",  \
+           "r6", "r7", "r8", "r9", "cc"         \
+         );
+
+#else
+
+#define MULADDC_INIT                                    \
+    asm(                                                \
+            "ldr    r0, %3                      \n\t"   \
+            "ldr    r1, %4                      \n\t"   \
+            "ldr    r2, %5                      \n\t"   \
+            "ldr    r3, %6                      \n\t"
+
+#define MULADDC_CORE                                    \
+            "ldr    r4, [r0], #4                \n\t"   \
+            "mov    r5, #0                      \n\t"   \
+            "ldr    r6, [r1]                    \n\t"   \
+            "umlal  r2, r5, r3, r4              \n\t"   \
+            "adds   r7, r6, r2                  \n\t"   \
+            "adc    r2, r5, #0                  \n\t"   \
+            "str    r7, [r1], #4                \n\t"
+
+#define MULADDC_STOP                                    \
+            "str    r2, %0                      \n\t"   \
+            "str    r1, %1                      \n\t"   \
+            "str    r0, %2                      \n\t"   \
+         : "=m" (c),  "=m" (d), "=m" (s)        \
+         : "m" (s), "m" (d), "m" (c), "m" (b)   \
+         : "r0", "r1", "r2", "r3", "r4", "r5",  \
+           "r6", "r7", "cc"                     \
+         );
+
+#endif /* Thumb */
+
+#endif /* ARMv3 */
+
+#if defined(__alpha__)
+
+#define MULADDC_INIT                    \
+    asm(                                \
+        "ldq    $1, %3          \n\t"   \
+        "ldq    $2, %4          \n\t"   \
+        "ldq    $3, %5          \n\t"   \
+        "ldq    $4, %6          \n\t"
+
+#define MULADDC_CORE                    \
+        "ldq    $6,  0($1)      \n\t"   \
+        "addq   $1,  8, $1      \n\t"   \
+        "mulq   $6, $4, $7      \n\t"   \
+        "umulh  $6, $4, $6      \n\t"   \
+        "addq   $7, $3, $7      \n\t"   \
+        "cmpult $7, $3, $3      \n\t"   \
+        "ldq    $5,  0($2)      \n\t"   \
+        "addq   $7, $5, $7      \n\t"   \
+        "cmpult $7, $5, $5      \n\t"   \
+        "stq    $7,  0($2)      \n\t"   \
+        "addq   $2,  8, $2      \n\t"   \
+        "addq   $6, $3, $3      \n\t"   \
+        "addq   $5, $3, $3      \n\t"
+
+#define MULADDC_STOP                                    \
+        "stq    $3, %0          \n\t"   \
+        "stq    $2, %1          \n\t"   \
+        "stq    $1, %2          \n\t"   \
+        : "=m" (c), "=m" (d), "=m" (s)              \
+        : "m" (s), "m" (d), "m" (c), "m" (b)        \
+        : "$1", "$2", "$3", "$4", "$5", "$6", "$7"  \
+    );
+#endif /* Alpha */
+
+#if defined(__mips__) && !defined(__mips64)
+
+#define MULADDC_INIT                    \
+    asm(                                \
+        "lw     $10, %3         \n\t"   \
+        "lw     $11, %4         \n\t"   \
+        "lw     $12, %5         \n\t"   \
+        "lw     $13, %6         \n\t"
+
+#define MULADDC_CORE                    \
+        "lw     $14, 0($10)     \n\t"   \
+        "multu  $13, $14        \n\t"   \
+        "addi   $10, $10, 4     \n\t"   \
+        "mflo   $14             \n\t"   \
+        "mfhi   $9              \n\t"   \
+        "addu   $14, $12, $14   \n\t"   \
+        "lw     $15, 0($11)     \n\t"   \
+        "sltu   $12, $14, $12   \n\t"   \
+        "addu   $15, $14, $15   \n\t"   \
+        "sltu   $14, $15, $14   \n\t"   \
+        "addu   $12, $12, $9    \n\t"   \
+        "sw     $15, 0($11)     \n\t"   \
+        "addu   $12, $12, $14   \n\t"   \
+        "addi   $11, $11, 4     \n\t"
+
+#define MULADDC_STOP                    \
+        "sw     $12, %0         \n\t"   \
+        "sw     $11, %1         \n\t"   \
+        "sw     $10, %2         \n\t"   \
+        : "=m" (c), "=m" (d), "=m" (s)                      \
+        : "m" (s), "m" (d), "m" (c), "m" (b)                \
+        : "$9", "$10", "$11", "$12", "$13", "$14", "$15"    \
+    );
+
+#endif /* MIPS */
+#endif /* GNUC */
+
+#if (defined(_MSC_VER) && defined(_M_IX86)) || defined(__WATCOMC__)
+
+#define MULADDC_INIT                            \
+    __asm   mov     esi, s                      \
+    __asm   mov     edi, d                      \
+    __asm   mov     ecx, c                      \
+    __asm   mov     ebx, b
+
+#define MULADDC_CORE                            \
+    __asm   lodsd                               \
+    __asm   mul     ebx                         \
+    __asm   add     eax, ecx                    \
+    __asm   adc     edx, 0                      \
+    __asm   add     eax, [edi]                  \
+    __asm   adc     edx, 0                      \
+    __asm   mov     ecx, edx                    \
+    __asm   stosd
+
+#if defined(MBEDTLS_HAVE_SSE2)
+
+#define EMIT __asm _emit
+
+#define MULADDC_HUIT                            \
+    EMIT 0x0F  EMIT 0x6E  EMIT 0xC9             \
+    EMIT 0x0F  EMIT 0x6E  EMIT 0xC3             \
+    EMIT 0x0F  EMIT 0x6E  EMIT 0x1F             \
+    EMIT 0x0F  EMIT 0xD4  EMIT 0xCB             \
+    EMIT 0x0F  EMIT 0x6E  EMIT 0x16             \
+    EMIT 0x0F  EMIT 0xF4  EMIT 0xD0             \
+    EMIT 0x0F  EMIT 0x6E  EMIT 0x66  EMIT 0x04  \
+    EMIT 0x0F  EMIT 0xF4  EMIT 0xE0             \
+    EMIT 0x0F  EMIT 0x6E  EMIT 0x76  EMIT 0x08  \
+    EMIT 0x0F  EMIT 0xF4  EMIT 0xF0             \
+    EMIT 0x0F  EMIT 0x6E  EMIT 0x7E  EMIT 0x0C  \
+    EMIT 0x0F  EMIT 0xF4  EMIT 0xF8             \
+    EMIT 0x0F  EMIT 0xD4  EMIT 0xCA             \
+    EMIT 0x0F  EMIT 0x6E  EMIT 0x5F  EMIT 0x04  \
+    EMIT 0x0F  EMIT 0xD4  EMIT 0xDC             \
+    EMIT 0x0F  EMIT 0x6E  EMIT 0x6F  EMIT 0x08  \
+    EMIT 0x0F  EMIT 0xD4  EMIT 0xEE             \
+    EMIT 0x0F  EMIT 0x6E  EMIT 0x67  EMIT 0x0C  \
+    EMIT 0x0F  EMIT 0xD4  EMIT 0xFC             \
+    EMIT 0x0F  EMIT 0x7E  EMIT 0x0F             \
+    EMIT 0x0F  EMIT 0x6E  EMIT 0x56  EMIT 0x10  \
+    EMIT 0x0F  EMIT 0xF4  EMIT 0xD0             \
+    EMIT 0x0F  EMIT 0x73  EMIT 0xD1  EMIT 0x20  \
+    EMIT 0x0F  EMIT 0x6E  EMIT 0x66  EMIT 0x14  \
+    EMIT 0x0F  EMIT 0xF4  EMIT 0xE0             \
+    EMIT 0x0F  EMIT 0xD4  EMIT 0xCB             \
+    EMIT 0x0F  EMIT 0x6E  EMIT 0x76  EMIT 0x18  \
+    EMIT 0x0F  EMIT 0xF4  EMIT 0xF0             \
+    EMIT 0x0F  EMIT 0x7E  EMIT 0x4F  EMIT 0x04  \
+    EMIT 0x0F  EMIT 0x73  EMIT 0xD1  EMIT 0x20  \
+    EMIT 0x0F  EMIT 0x6E  EMIT 0x5E  EMIT 0x1C  \
+    EMIT 0x0F  EMIT 0xF4  EMIT 0xD8             \
+    EMIT 0x0F  EMIT 0xD4  EMIT 0xCD             \
+    EMIT 0x0F  EMIT 0x6E  EMIT 0x6F  EMIT 0x10  \
+    EMIT 0x0F  EMIT 0xD4  EMIT 0xD5             \
+    EMIT 0x0F  EMIT 0x7E  EMIT 0x4F  EMIT 0x08  \
+    EMIT 0x0F  EMIT 0x73  EMIT 0xD1  EMIT 0x20  \
+    EMIT 0x0F  EMIT 0xD4  EMIT 0xCF             \
+    EMIT 0x0F  EMIT 0x6E  EMIT 0x6F  EMIT 0x14  \
+    EMIT 0x0F  EMIT 0xD4  EMIT 0xE5             \
+    EMIT 0x0F  EMIT 0x7E  EMIT 0x4F  EMIT 0x0C  \
+    EMIT 0x0F  EMIT 0x73  EMIT 0xD1  EMIT 0x20  \
+    EMIT 0x0F  EMIT 0xD4  EMIT 0xCA             \
+    EMIT 0x0F  EMIT 0x6E  EMIT 0x6F  EMIT 0x18  \
+    EMIT 0x0F  EMIT 0xD4  EMIT 0xF5             \
+    EMIT 0x0F  EMIT 0x7E  EMIT 0x4F  EMIT 0x10  \
+    EMIT 0x0F  EMIT 0x73  EMIT 0xD1  EMIT 0x20  \
+    EMIT 0x0F  EMIT 0xD4  EMIT 0xCC             \
+    EMIT 0x0F  EMIT 0x6E  EMIT 0x6F  EMIT 0x1C  \
+    EMIT 0x0F  EMIT 0xD4  EMIT 0xDD             \
+    EMIT 0x0F  EMIT 0x7E  EMIT 0x4F  EMIT 0x14  \
+    EMIT 0x0F  EMIT 0x73  EMIT 0xD1  EMIT 0x20  \
+    EMIT 0x0F  EMIT 0xD4  EMIT 0xCE             \
+    EMIT 0x0F  EMIT 0x7E  EMIT 0x4F  EMIT 0x18  \
+    EMIT 0x0F  EMIT 0x73  EMIT 0xD1  EMIT 0x20  \
+    EMIT 0x0F  EMIT 0xD4  EMIT 0xCB             \
+    EMIT 0x0F  EMIT 0x7E  EMIT 0x4F  EMIT 0x1C  \
+    EMIT 0x83  EMIT 0xC7  EMIT 0x20             \
+    EMIT 0x83  EMIT 0xC6  EMIT 0x20             \
+    EMIT 0x0F  EMIT 0x73  EMIT 0xD1  EMIT 0x20  \
+    EMIT 0x0F  EMIT 0x7E  EMIT 0xC9
+
+#define MULADDC_STOP                            \
+    EMIT 0x0F  EMIT 0x77                        \
+    __asm   mov     c, ecx                      \
+    __asm   mov     d, edi                      \
+    __asm   mov     s, esi                      \
+
+#else
+
+#define MULADDC_STOP                            \
+    __asm   mov     c, ecx                      \
+    __asm   mov     d, edi                      \
+    __asm   mov     s, esi                      \
+
+#endif /* SSE2 */
+#endif /* MSVC */
+
+#endif /* MBEDTLS_HAVE_ASM */
+
+#if !defined(MULADDC_CORE)
+#if defined(MBEDTLS_HAVE_UDBL)
+
+#define MULADDC_INIT                    \
+{                                       \
+    mbedtls_t_udbl r;                           \
+    mbedtls_mpi_uint r0, r1;
+
+#define MULADDC_CORE                    \
+    r   = *(s++) * (mbedtls_t_udbl) b;          \
+    r0  = (mbedtls_mpi_uint) r;                   \
+    r1  = (mbedtls_mpi_uint)( r >> biL );         \
+    r0 += c;  r1 += (r0 <  c);          \
+    r0 += *d; r1 += (r0 < *d);          \
+    c = r1; *(d++) = r0;
+
+#define MULADDC_STOP                    \
+}
+
+#else
+#define MULADDC_INIT                    \
+{                                       \
+    mbedtls_mpi_uint s0, s1, b0, b1;              \
+    mbedtls_mpi_uint r0, r1, rx, ry;              \
+    b0 = ( b << biH ) >> biH;           \
+    b1 = ( b >> biH );
+
+#define MULADDC_CORE                    \
+    s0 = ( *s << biH ) >> biH;          \
+    s1 = ( *s >> biH ); s++;            \
+    rx = s0 * b1; r0 = s0 * b0;         \
+    ry = s1 * b0; r1 = s1 * b1;         \
+    r1 += ( rx >> biH );                \
+    r1 += ( ry >> biH );                \
+    rx <<= biH; ry <<= biH;             \
+    r0 += rx; r1 += (r0 < rx);          \
+    r0 += ry; r1 += (r0 < ry);          \
+    r0 +=  c; r1 += (r0 <  c);          \
+    r0 += *d; r1 += (r0 < *d);          \
+    c = r1; *(d++) = r0;
+
+#define MULADDC_STOP                    \
+}
+
+#endif /* C (generic)  */
+#endif /* C (longlong) */
+
+#endif /* bn_mul.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/camellia.h b/thirdparty/mbedtls/include/mbedtls/camellia.h
new file mode 100644
index 0000000000..cf07629d9b
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/camellia.h
@@ -0,0 +1,237 @@
+/**
+ * \file camellia.h
+ *
+ * \brief Camellia block cipher
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_CAMELLIA_H
+#define MBEDTLS_CAMELLIA_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+#include <stdint.h>
+
+#define MBEDTLS_CAMELLIA_ENCRYPT     1
+#define MBEDTLS_CAMELLIA_DECRYPT     0
+
+#define MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH           -0x0024  /**< Invalid key length. */
+#define MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH         -0x0026  /**< Invalid data input length. */
+#define MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED              -0x0027  /**< Camellia hardware accelerator failed. */
+
+#if !defined(MBEDTLS_CAMELLIA_ALT)
+// Regular implementation
+//
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          CAMELLIA context structure
+ */
+typedef struct
+{
+    int nr;                     /*!<  number of rounds  */
+    uint32_t rk[68];            /*!<  CAMELLIA round keys    */
+}
+mbedtls_camellia_context;
+
+/**
+ * \brief          Initialize CAMELLIA context
+ *
+ * \param ctx      CAMELLIA context to be initialized
+ */
+void mbedtls_camellia_init( mbedtls_camellia_context *ctx );
+
+/**
+ * \brief          Clear CAMELLIA context
+ *
+ * \param ctx      CAMELLIA context to be cleared
+ */
+void mbedtls_camellia_free( mbedtls_camellia_context *ctx );
+
+/**
+ * \brief          CAMELLIA key schedule (encryption)
+ *
+ * \param ctx      CAMELLIA context to be initialized
+ * \param key      encryption key
+ * \param keybits  must be 128, 192 or 256
+ *
+ * \return         0 if successful, or MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH
+ */
+int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, const unsigned char *key,
+                         unsigned int keybits );
+
+/**
+ * \brief          CAMELLIA key schedule (decryption)
+ *
+ * \param ctx      CAMELLIA context to be initialized
+ * \param key      decryption key
+ * \param keybits  must be 128, 192 or 256
+ *
+ * \return         0 if successful, or MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH
+ */
+int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, const unsigned char *key,
+                         unsigned int keybits );
+
+/**
+ * \brief          CAMELLIA-ECB block encryption/decryption
+ *
+ * \param ctx      CAMELLIA context
+ * \param mode     MBEDTLS_CAMELLIA_ENCRYPT or MBEDTLS_CAMELLIA_DECRYPT
+ * \param input    16-byte input block
+ * \param output   16-byte output block
+ *
+ * \return         0 if successful
+ */
+int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx,
+                    int mode,
+                    const unsigned char input[16],
+                    unsigned char output[16] );
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+/**
+ * \brief          CAMELLIA-CBC buffer encryption/decryption
+ *                 Length should be a multiple of the block
+ *                 size (16 bytes)
+ *
+ * \note           Upon exit, the content of the IV is updated so that you can
+ *                 call the function same function again on the following
+ *                 block(s) of data and get the same result as if it was
+ *                 encrypted in one call. This allows a "streaming" usage.
+ *                 If on the other hand you need to retain the contents of the
+ *                 IV, you should either save it manually or use the cipher
+ *                 module instead.
+ *
+ * \param ctx      CAMELLIA context
+ * \param mode     MBEDTLS_CAMELLIA_ENCRYPT or MBEDTLS_CAMELLIA_DECRYPT
+ * \param length   length of the input data
+ * \param iv       initialization vector (updated after use)
+ * \param input    buffer holding the input data
+ * \param output   buffer holding the output data
+ *
+ * \return         0 if successful, or
+ *                 MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH
+ */
+int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx,
+                    int mode,
+                    size_t length,
+                    unsigned char iv[16],
+                    const unsigned char *input,
+                    unsigned char *output );
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+/**
+ * \brief          CAMELLIA-CFB128 buffer encryption/decryption
+ *
+ * Note: Due to the nature of CFB you should use the same key schedule for
+ * both encryption and decryption. So a context initialized with
+ * mbedtls_camellia_setkey_enc() for both MBEDTLS_CAMELLIA_ENCRYPT and CAMELLIE_DECRYPT.
+ *
+ * \note           Upon exit, the content of the IV is updated so that you can
+ *                 call the function same function again on the following
+ *                 block(s) of data and get the same result as if it was
+ *                 encrypted in one call. This allows a "streaming" usage.
+ *                 If on the other hand you need to retain the contents of the
+ *                 IV, you should either save it manually or use the cipher
+ *                 module instead.
+ *
+ * \param ctx      CAMELLIA context
+ * \param mode     MBEDTLS_CAMELLIA_ENCRYPT or MBEDTLS_CAMELLIA_DECRYPT
+ * \param length   length of the input data
+ * \param iv_off   offset in IV (updated after use)
+ * \param iv       initialization vector (updated after use)
+ * \param input    buffer holding the input data
+ * \param output   buffer holding the output data
+ *
+ * \return         0 if successful, or
+ *                 MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH
+ */
+int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx,
+                       int mode,
+                       size_t length,
+                       size_t *iv_off,
+                       unsigned char iv[16],
+                       const unsigned char *input,
+                       unsigned char *output );
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+/**
+ * \brief               CAMELLIA-CTR buffer encryption/decryption
+ *
+ * Warning: You have to keep the maximum use of your counter in mind!
+ *
+ * Note: Due to the nature of CTR you should use the same key schedule for
+ * both encryption and decryption. So a context initialized with
+ * mbedtls_camellia_setkey_enc() for both MBEDTLS_CAMELLIA_ENCRYPT and MBEDTLS_CAMELLIA_DECRYPT.
+ *
+ * \param ctx           CAMELLIA context
+ * \param length        The length of the data
+ * \param nc_off        The offset in the current stream_block (for resuming
+ *                      within current cipher stream). The offset pointer to
+ *                      should be 0 at the start of a stream.
+ * \param nonce_counter The 128-bit nonce and counter.
+ * \param stream_block  The saved stream-block for resuming. Is overwritten
+ *                      by the function.
+ * \param input         The input data stream
+ * \param output        The output data stream
+ *
+ * \return         0 if successful
+ */
+int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx,
+                       size_t length,
+                       size_t *nc_off,
+                       unsigned char nonce_counter[16],
+                       unsigned char stream_block[16],
+                       const unsigned char *input,
+                       unsigned char *output );
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+#ifdef __cplusplus
+}
+#endif
+
+#else  /* MBEDTLS_CAMELLIA_ALT */
+#include "camellia_alt.h"
+#endif /* MBEDTLS_CAMELLIA_ALT */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if the test failed
+ */
+int mbedtls_camellia_self_test( int verbose );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* camellia.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/ccm.h b/thirdparty/mbedtls/include/mbedtls/ccm.h
new file mode 100644
index 0000000000..5a9ee4a1cd
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/ccm.h
@@ -0,0 +1,173 @@
+/**
+ * \file ccm.h
+ *
+ * \brief CCM combines Counter mode encryption with CBC-MAC authentication
+ *        for 128-bit block ciphers.
+ *
+ * Input to CCM includes the following elements:
+ * <ul><li>Payload - data that is both authenticated and encrypted.</li>
+ * <li>Associated data (Adata) - data that is authenticated but not
+ * encrypted, For example, a header.</li>
+ * <li>Nonce - A unique value that is assigned to the payload and the
+ * associated data.</li></ul>
+ *
+ */
+/*
+ *  Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef MBEDTLS_CCM_H
+#define MBEDTLS_CCM_H
+
+#include "cipher.h"
+
+#define MBEDTLS_ERR_CCM_BAD_INPUT       -0x000D /**< Bad input parameters to the function. */
+#define MBEDTLS_ERR_CCM_AUTH_FAILED     -0x000F /**< Authenticated decryption failed. */
+#define MBEDTLS_ERR_CCM_HW_ACCEL_FAILED -0x0011 /**< CCM hardware accelerator failed. */
+
+#if !defined(MBEDTLS_CCM_ALT)
+// Regular implementation
+//
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief    The CCM context-type definition. The CCM context is passed
+ *           to the APIs called.
+ */
+typedef struct {
+    mbedtls_cipher_context_t cipher_ctx;    /*!< The cipher context used. */
+}
+mbedtls_ccm_context;
+
+/**
+ * \brief           This function initializes the specified CCM context,
+ *                  to make references valid, and prepare the context
+ *                  for mbedtls_ccm_setkey() or mbedtls_ccm_free().
+ *
+ * \param ctx       The CCM context to initialize.
+ */
+void mbedtls_ccm_init( mbedtls_ccm_context *ctx );
+
+/**
+ * \brief           This function initializes the CCM context set in the
+ *                  \p ctx parameter and sets the encryption key.
+ *
+ * \param ctx       The CCM context to initialize.
+ * \param cipher    The 128-bit block cipher to use.
+ * \param key       The encryption key.
+ * \param keybits   The key size in bits. This must be acceptable by the cipher.
+ *
+ * \return          \c 0 on success, or a cipher-specific error code.
+ */
+int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
+                        mbedtls_cipher_id_t cipher,
+                        const unsigned char *key,
+                        unsigned int keybits );
+
+/**
+ * \brief   This function releases and clears the specified CCM context
+ *          and underlying cipher sub-context.
+ *
+ * \param ctx       The CCM context to clear.
+ */
+void mbedtls_ccm_free( mbedtls_ccm_context *ctx );
+
+/**
+ * \brief           This function encrypts a buffer using CCM.
+ *
+ * \param ctx       The CCM context to use for encryption.
+ * \param length    The length of the input data in Bytes.
+ * \param iv        Initialization vector (nonce).
+ * \param iv_len    The length of the IV in Bytes: 7, 8, 9, 10, 11, 12, or 13.
+ * \param add       The additional data field.
+ * \param add_len   The length of additional data in Bytes.
+ *                  Must be less than 2^16 - 2^8.
+ * \param input     The buffer holding the input data.
+ * \param output    The buffer holding the output data.
+ *                  Must be at least \p length Bytes wide.
+ * \param tag       The buffer holding the tag.
+ * \param tag_len   The length of the tag to generate in Bytes:
+ *                  4, 6, 8, 10, 14 or 16.
+ *
+ * \note            The tag is written to a separate buffer. To concatenate
+ *                  the \p tag with the \p output, as done in <em>RFC-3610:
+ *                  Counter with CBC-MAC (CCM)</em>, use
+ *                  \p tag = \p output + \p length, and make sure that the
+ *                  output buffer is at least \p length + \p tag_len wide.
+ *
+ * \return          \c 0 on success.
+ */
+int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
+                         const unsigned char *iv, size_t iv_len,
+                         const unsigned char *add, size_t add_len,
+                         const unsigned char *input, unsigned char *output,
+                         unsigned char *tag, size_t tag_len );
+
+/**
+ * \brief           This function performs a CCM authenticated decryption of a
+ *                  buffer.
+ *
+ * \param ctx       The CCM context to use for decryption.
+ * \param length    The length of the input data in Bytes.
+ * \param iv        Initialization vector.
+ * \param iv_len    The length of the IV in Bytes: 7, 8, 9, 10, 11, 12, or 13.
+ * \param add       The additional data field.
+ * \param add_len   The length of additional data in Bytes.
+ * \param input     The buffer holding the input data.
+ * \param output    The buffer holding the output data.
+ * \param tag       The buffer holding the tag.
+ * \param tag_len   The length of the tag in Bytes.
+ *
+ * \return          0 if successful and authenticated, or
+ *                  #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match.
+ */
+int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
+                      const unsigned char *iv, size_t iv_len,
+                      const unsigned char *add, size_t add_len,
+                      const unsigned char *input, unsigned char *output,
+                      const unsigned char *tag, size_t tag_len );
+
+#ifdef __cplusplus
+}
+#endif
+
+#else  /* MBEDTLS_CCM_ALT */
+#include "ccm_alt.h"
+#endif /* MBEDTLS_CCM_ALT */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
+/**
+ * \brief          The CCM checkup routine.
+ *
+ * \return         \c 0 on success, or \c 1 on failure.
+ */
+int mbedtls_ccm_self_test( int verbose );
+#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_CCM_H */
diff --git a/thirdparty/mbedtls/include/mbedtls/certs.h b/thirdparty/mbedtls/include/mbedtls/certs.h
new file mode 100644
index 0000000000..8dab7b5ce8
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/certs.h
@@ -0,0 +1,100 @@
+/**
+ * \file certs.h
+ *
+ * \brief Sample certificates and DHM parameters for testing
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_CERTS_H
+#define MBEDTLS_CERTS_H
+
+#include <stddef.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+/* Concatenation of all CA certificates in PEM format if available */
+extern const char   mbedtls_test_cas_pem[];
+extern const size_t mbedtls_test_cas_pem_len;
+#endif
+
+/* List of all CA certificates, terminated by NULL */
+extern const char * mbedtls_test_cas[];
+extern const size_t mbedtls_test_cas_len[];
+
+/*
+ * Convenience for users who just want a certificate:
+ * RSA by default, or ECDSA if RSA is not available
+ */
+extern const char * mbedtls_test_ca_crt;
+extern const size_t mbedtls_test_ca_crt_len;
+extern const char * mbedtls_test_ca_key;
+extern const size_t mbedtls_test_ca_key_len;
+extern const char * mbedtls_test_ca_pwd;
+extern const size_t mbedtls_test_ca_pwd_len;
+extern const char * mbedtls_test_srv_crt;
+extern const size_t mbedtls_test_srv_crt_len;
+extern const char * mbedtls_test_srv_key;
+extern const size_t mbedtls_test_srv_key_len;
+extern const char * mbedtls_test_cli_crt;
+extern const size_t mbedtls_test_cli_crt_len;
+extern const char * mbedtls_test_cli_key;
+extern const size_t mbedtls_test_cli_key_len;
+
+#if defined(MBEDTLS_ECDSA_C)
+extern const char   mbedtls_test_ca_crt_ec[];
+extern const size_t mbedtls_test_ca_crt_ec_len;
+extern const char   mbedtls_test_ca_key_ec[];
+extern const size_t mbedtls_test_ca_key_ec_len;
+extern const char   mbedtls_test_ca_pwd_ec[];
+extern const size_t mbedtls_test_ca_pwd_ec_len;
+extern const char   mbedtls_test_srv_crt_ec[];
+extern const size_t mbedtls_test_srv_crt_ec_len;
+extern const char   mbedtls_test_srv_key_ec[];
+extern const size_t mbedtls_test_srv_key_ec_len;
+extern const char   mbedtls_test_cli_crt_ec[];
+extern const size_t mbedtls_test_cli_crt_ec_len;
+extern const char   mbedtls_test_cli_key_ec[];
+extern const size_t mbedtls_test_cli_key_ec_len;
+#endif
+
+#if defined(MBEDTLS_RSA_C)
+extern const char   mbedtls_test_ca_crt_rsa[];
+extern const size_t mbedtls_test_ca_crt_rsa_len;
+extern const char   mbedtls_test_ca_key_rsa[];
+extern const size_t mbedtls_test_ca_key_rsa_len;
+extern const char   mbedtls_test_ca_pwd_rsa[];
+extern const size_t mbedtls_test_ca_pwd_rsa_len;
+extern const char   mbedtls_test_srv_crt_rsa[];
+extern const size_t mbedtls_test_srv_crt_rsa_len;
+extern const char   mbedtls_test_srv_key_rsa[];
+extern const size_t mbedtls_test_srv_key_rsa_len;
+extern const char   mbedtls_test_cli_crt_rsa[];
+extern const size_t mbedtls_test_cli_crt_rsa_len;
+extern const char   mbedtls_test_cli_key_rsa[];
+extern const size_t mbedtls_test_cli_key_rsa_len;
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* certs.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/check_config.h b/thirdparty/mbedtls/include/mbedtls/check_config.h
new file mode 100644
index 0000000000..1143aa2687
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/check_config.h
@@ -0,0 +1,670 @@
+/**
+ * \file check_config.h
+ *
+ * \brief Consistency checks for configuration options
+ */
+/*
+ *  Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/*
+ * It is recommended to include this file from your config.h
+ * in order to catch dependency issues early.
+ */
+
+#ifndef MBEDTLS_CHECK_CONFIG_H
+#define MBEDTLS_CHECK_CONFIG_H
+
+/*
+ * We assume CHAR_BIT is 8 in many places. In practice, this is true on our
+ * target platforms, so not an issue, but let's just be extra sure.
+ */
+#include <limits.h>
+#if CHAR_BIT != 8
+#error "mbed TLS requires a platform with 8-bit chars"
+#endif
+
+#if defined(_WIN32)
+#if !defined(MBEDTLS_PLATFORM_C)
+#error "MBEDTLS_PLATFORM_C is required on Windows"
+#endif
+
+/* Fix the config here. Not convenient to put an #ifdef _WIN32 in config.h as
+ * it would confuse config.pl. */
+#if !defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) && \
+    !defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO)
+#define MBEDTLS_PLATFORM_SNPRINTF_ALT
+#endif
+#endif /* _WIN32 */
+
+#if defined(TARGET_LIKE_MBED) && \
+    ( defined(MBEDTLS_NET_C) || defined(MBEDTLS_TIMING_C) )
+#error "The NET and TIMING modules are not available for mbed OS - please use the network and timing functions provided by mbed OS"
+#endif
+
+#if defined(MBEDTLS_DEPRECATED_WARNING) && \
+    !defined(__GNUC__) && !defined(__clang__)
+#error "MBEDTLS_DEPRECATED_WARNING only works with GCC and Clang"
+#endif
+
+#if defined(MBEDTLS_HAVE_TIME_DATE) && !defined(MBEDTLS_HAVE_TIME)
+#error "MBEDTLS_HAVE_TIME_DATE without MBEDTLS_HAVE_TIME does not make sense"
+#endif
+
+#if defined(MBEDTLS_AESNI_C) && !defined(MBEDTLS_HAVE_ASM)
+#error "MBEDTLS_AESNI_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_AES_C)
+#error "MBEDTLS_CTR_DRBG_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_DHM_C) && !defined(MBEDTLS_BIGNUM_C)
+#error "MBEDTLS_DHM_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_CMAC_C) && \
+    !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_DES_C)
+#error "MBEDTLS_CMAC_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_ECP_C)
+#error "MBEDTLS_ECDH_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_ECDSA_C) &&            \
+    ( !defined(MBEDTLS_ECP_C) ||           \
+      !defined(MBEDTLS_ASN1_PARSE_C) ||    \
+      !defined(MBEDTLS_ASN1_WRITE_C) )
+#error "MBEDTLS_ECDSA_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_ECJPAKE_C) &&           \
+    ( !defined(MBEDTLS_ECP_C) || !defined(MBEDTLS_MD_C) )
+#error "MBEDTLS_ECJPAKE_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC) && !defined(MBEDTLS_HMAC_DRBG_C)
+#error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_ECP_C) && ( !defined(MBEDTLS_BIGNUM_C) || (   \
+    !defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) &&                  \
+    !defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) &&                  \
+    !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) &&                  \
+    !defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) &&                  \
+    !defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) &&                  \
+    !defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)   &&                  \
+    !defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)   &&                  \
+    !defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)   &&                  \
+    !defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) &&                  \
+    !defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) &&                  \
+    !defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) ) )
+#error "MBEDTLS_ECP_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_ENTROPY_C) && (!defined(MBEDTLS_SHA512_C) &&      \
+                                    !defined(MBEDTLS_SHA256_C))
+#error "MBEDTLS_ENTROPY_C defined, but not all prerequisites"
+#endif
+#if defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_SHA512_C) &&         \
+    defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) && (MBEDTLS_CTR_DRBG_ENTROPY_LEN > 64)
+#error "MBEDTLS_CTR_DRBG_ENTROPY_LEN value too high"
+#endif
+#if defined(MBEDTLS_ENTROPY_C) &&                                            \
+    ( !defined(MBEDTLS_SHA512_C) || defined(MBEDTLS_ENTROPY_FORCE_SHA256) ) \
+    && defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) && (MBEDTLS_CTR_DRBG_ENTROPY_LEN > 32)
+#error "MBEDTLS_CTR_DRBG_ENTROPY_LEN value too high"
+#endif
+#if defined(MBEDTLS_ENTROPY_C) && \
+    defined(MBEDTLS_ENTROPY_FORCE_SHA256) && !defined(MBEDTLS_SHA256_C)
+#error "MBEDTLS_ENTROPY_FORCE_SHA256 defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_TEST_NULL_ENTROPY) && \
+    ( !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) )
+#error "MBEDTLS_TEST_NULL_ENTROPY defined, but not all prerequisites"
+#endif
+#if defined(MBEDTLS_TEST_NULL_ENTROPY) && \
+     ( defined(MBEDTLS_ENTROPY_NV_SEED) || defined(MBEDTLS_ENTROPY_HARDWARE_ALT) || \
+    defined(MBEDTLS_HAVEGE_C) )
+#error "MBEDTLS_TEST_NULL_ENTROPY defined, but entropy sources too"
+#endif
+
+#if defined(MBEDTLS_GCM_C) && (                                        \
+        !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) )
+#error "MBEDTLS_GCM_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
+#error "MBEDTLS_ECP_RANDOMIZE_JAC_ALT defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_ECP_ADD_MIXED_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
+#error "MBEDTLS_ECP_ADD_MIXED_ALT defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
+#error "MBEDTLS_ECP_DOUBLE_JAC_ALT defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
+#error "MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
+#error "MBEDTLS_ECP_NORMALIZE_JAC_ALT defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
+#error "MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
+#error "MBEDTLS_ECP_RANDOMIZE_MXZ_ALT defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) && !defined(MBEDTLS_ECP_INTERNAL_ALT)
+#error "MBEDTLS_ECP_NORMALIZE_MXZ_ALT defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_HAVEGE_C) && !defined(MBEDTLS_TIMING_C)
+#error "MBEDTLS_HAVEGE_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_HMAC_DRBG_C) && !defined(MBEDTLS_MD_C)
+#error "MBEDTLS_HMAC_DRBG_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) &&                 \
+    ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) )
+#error "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) &&                 \
+    ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) )
+#error "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) && !defined(MBEDTLS_DHM_C)
+#error "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) &&                     \
+    !defined(MBEDTLS_ECDH_C)
+#error "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) &&                   \
+    ( !defined(MBEDTLS_DHM_C) || !defined(MBEDTLS_RSA_C) ||           \
+      !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_PKCS1_V15) )
+#error "MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) &&                 \
+    ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_RSA_C) ||          \
+      !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_PKCS1_V15) )
+#error "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) &&                 \
+    ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_ECDSA_C) ||          \
+      !defined(MBEDTLS_X509_CRT_PARSE_C) )
+#error "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) &&                   \
+    ( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \
+      !defined(MBEDTLS_PKCS1_V15) )
+#error "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) &&                       \
+    ( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \
+      !defined(MBEDTLS_PKCS1_V15) )
+#error "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) &&                    \
+    ( !defined(MBEDTLS_ECJPAKE_C) || !defined(MBEDTLS_SHA256_C) ||      \
+      !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) )
+#error "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) &&                          \
+    ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) )
+#error "MBEDTLS_MEMORY_BUFFER_ALLOC_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_HAVE_ASM)
+#error "MBEDTLS_PADLOCK_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PEM_PARSE_C) && !defined(MBEDTLS_BASE64_C)
+#error "MBEDTLS_PEM_PARSE_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PEM_WRITE_C) && !defined(MBEDTLS_BASE64_C)
+#error "MBEDTLS_PEM_WRITE_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PK_C) && \
+    ( !defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_ECP_C) )
+#error "MBEDTLS_PK_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PK_PARSE_C) && !defined(MBEDTLS_PK_C)
+#error "MBEDTLS_PK_PARSE_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PK_WRITE_C) && !defined(MBEDTLS_PK_C)
+#error "MBEDTLS_PK_WRITE_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PKCS11_C) && !defined(MBEDTLS_PK_C)
+#error "MBEDTLS_PKCS11_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_EXIT_ALT) && !defined(MBEDTLS_PLATFORM_C)
+#error "MBEDTLS_PLATFORM_EXIT_ALT defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) && !defined(MBEDTLS_PLATFORM_C)
+#error "MBEDTLS_PLATFORM_EXIT_MACRO defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) &&\
+    ( defined(MBEDTLS_PLATFORM_STD_EXIT) ||\
+        defined(MBEDTLS_PLATFORM_EXIT_ALT) )
+#error "MBEDTLS_PLATFORM_EXIT_MACRO and MBEDTLS_PLATFORM_STD_EXIT/MBEDTLS_PLATFORM_EXIT_ALT cannot be defined simultaneously"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_TIME_ALT) &&\
+    ( !defined(MBEDTLS_PLATFORM_C) ||\
+        !defined(MBEDTLS_HAVE_TIME) )
+#error "MBEDTLS_PLATFORM_TIME_ALT defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_TIME_MACRO) &&\
+    ( !defined(MBEDTLS_PLATFORM_C) ||\
+        !defined(MBEDTLS_HAVE_TIME) )
+#error "MBEDTLS_PLATFORM_TIME_MACRO defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO) &&\
+    ( !defined(MBEDTLS_PLATFORM_C) ||\
+        !defined(MBEDTLS_HAVE_TIME) )
+#error "MBEDTLS_PLATFORM_TIME_TYPE_MACRO defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_TIME_MACRO) &&\
+    ( defined(MBEDTLS_PLATFORM_STD_TIME) ||\
+        defined(MBEDTLS_PLATFORM_TIME_ALT) )
+#error "MBEDTLS_PLATFORM_TIME_MACRO and MBEDTLS_PLATFORM_STD_TIME/MBEDTLS_PLATFORM_TIME_ALT cannot be defined simultaneously"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO) &&\
+    ( defined(MBEDTLS_PLATFORM_STD_TIME) ||\
+        defined(MBEDTLS_PLATFORM_TIME_ALT) )
+#error "MBEDTLS_PLATFORM_TIME_TYPE_MACRO and MBEDTLS_PLATFORM_STD_TIME/MBEDTLS_PLATFORM_TIME_ALT cannot be defined simultaneously"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C)
+#error "MBEDTLS_PLATFORM_FPRINTF_ALT defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C)
+#error "MBEDTLS_PLATFORM_FPRINTF_MACRO defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) &&\
+    ( defined(MBEDTLS_PLATFORM_STD_FPRINTF) ||\
+        defined(MBEDTLS_PLATFORM_FPRINTF_ALT) )
+#error "MBEDTLS_PLATFORM_FPRINTF_MACRO and MBEDTLS_PLATFORM_STD_FPRINTF/MBEDTLS_PLATFORM_FPRINTF_ALT cannot be defined simultaneously"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_FREE_MACRO) &&\
+    ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) )
+#error "MBEDTLS_PLATFORM_FREE_MACRO defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_FREE_MACRO) &&\
+    defined(MBEDTLS_PLATFORM_STD_FREE)
+#error "MBEDTLS_PLATFORM_FREE_MACRO and MBEDTLS_PLATFORM_STD_FREE cannot be defined simultaneously"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_FREE_MACRO) && !defined(MBEDTLS_PLATFORM_CALLOC_MACRO)
+#error "MBEDTLS_PLATFORM_CALLOC_MACRO must be defined if MBEDTLS_PLATFORM_FREE_MACRO is"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) &&\
+    ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) )
+#error "MBEDTLS_PLATFORM_CALLOC_MACRO defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) &&\
+    defined(MBEDTLS_PLATFORM_STD_CALLOC)
+#error "MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_STD_CALLOC cannot be defined simultaneously"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) && !defined(MBEDTLS_PLATFORM_FREE_MACRO)
+#error "MBEDTLS_PLATFORM_FREE_MACRO must be defined if MBEDTLS_PLATFORM_CALLOC_MACRO is"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_MEMORY) && !defined(MBEDTLS_PLATFORM_C)
+#error "MBEDTLS_PLATFORM_MEMORY defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_PRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C)
+#error "MBEDTLS_PLATFORM_PRINTF_ALT defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C)
+#error "MBEDTLS_PLATFORM_PRINTF_MACRO defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) &&\
+    ( defined(MBEDTLS_PLATFORM_STD_PRINTF) ||\
+        defined(MBEDTLS_PLATFORM_PRINTF_ALT) )
+#error "MBEDTLS_PLATFORM_PRINTF_MACRO and MBEDTLS_PLATFORM_STD_PRINTF/MBEDTLS_PLATFORM_PRINTF_ALT cannot be defined simultaneously"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C)
+#error "MBEDTLS_PLATFORM_SNPRINTF_ALT defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C)
+#error "MBEDTLS_PLATFORM_SNPRINTF_MACRO defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) &&\
+    ( defined(MBEDTLS_PLATFORM_STD_SNPRINTF) ||\
+        defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) )
+#error "MBEDTLS_PLATFORM_SNPRINTF_MACRO and MBEDTLS_PLATFORM_STD_SNPRINTF/MBEDTLS_PLATFORM_SNPRINTF_ALT cannot be defined simultaneously"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_STD_MEM_HDR) &&\
+    !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS)
+#error "MBEDTLS_PLATFORM_STD_MEM_HDR defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_STD_CALLOC) && !defined(MBEDTLS_PLATFORM_MEMORY)
+#error "MBEDTLS_PLATFORM_STD_CALLOC defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_STD_CALLOC) && !defined(MBEDTLS_PLATFORM_MEMORY)
+#error "MBEDTLS_PLATFORM_STD_CALLOC defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_STD_FREE) && !defined(MBEDTLS_PLATFORM_MEMORY)
+#error "MBEDTLS_PLATFORM_STD_FREE defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_STD_EXIT) &&\
+    !defined(MBEDTLS_PLATFORM_EXIT_ALT)
+#error "MBEDTLS_PLATFORM_STD_EXIT defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_STD_TIME) &&\
+    ( !defined(MBEDTLS_PLATFORM_TIME_ALT) ||\
+        !defined(MBEDTLS_HAVE_TIME) )
+#error "MBEDTLS_PLATFORM_STD_TIME defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_STD_FPRINTF) &&\
+    !defined(MBEDTLS_PLATFORM_FPRINTF_ALT)
+#error "MBEDTLS_PLATFORM_STD_FPRINTF defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_STD_PRINTF) &&\
+    !defined(MBEDTLS_PLATFORM_PRINTF_ALT)
+#error "MBEDTLS_PLATFORM_STD_PRINTF defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_STD_SNPRINTF) &&\
+    !defined(MBEDTLS_PLATFORM_SNPRINTF_ALT)
+#error "MBEDTLS_PLATFORM_STD_SNPRINTF defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_ENTROPY_NV_SEED) &&\
+    ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_ENTROPY_C) )
+#error "MBEDTLS_ENTROPY_NV_SEED defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT) &&\
+    !defined(MBEDTLS_ENTROPY_NV_SEED)
+#error "MBEDTLS_PLATFORM_NV_SEED_ALT defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ) &&\
+    !defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
+#error "MBEDTLS_PLATFORM_STD_NV_SEED_READ defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE) &&\
+    !defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
+#error "MBEDTLS_PLATFORM_STD_NV_SEED_WRITE defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) &&\
+    ( defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ) ||\
+      defined(MBEDTLS_PLATFORM_NV_SEED_ALT) )
+#error "MBEDTLS_PLATFORM_NV_SEED_READ_MACRO and MBEDTLS_PLATFORM_STD_NV_SEED_READ cannot be defined simultaneously"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO) &&\
+    ( defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE) ||\
+      defined(MBEDTLS_PLATFORM_NV_SEED_ALT) )
+#error "MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO and MBEDTLS_PLATFORM_STD_NV_SEED_WRITE cannot be defined simultaneously"
+#endif
+
+#if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) ||         \
+    !defined(MBEDTLS_OID_C) )
+#error "MBEDTLS_RSA_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_PKCS1_V21) &&         \
+    !defined(MBEDTLS_PKCS1_V15) )
+#error "MBEDTLS_RSA_C defined, but none of the PKCS1 versions enabled"
+#endif
+
+#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) &&                        \
+    ( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_PKCS1_V21) )
+#error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) && ( !defined(MBEDTLS_MD5_C) ||     \
+    !defined(MBEDTLS_SHA1_C) )
+#error "MBEDTLS_SSL_PROTO_SSL3 defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1) && ( !defined(MBEDTLS_MD5_C) ||     \
+    !defined(MBEDTLS_SHA1_C) )
+#error "MBEDTLS_SSL_PROTO_TLS1 defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_1) && ( !defined(MBEDTLS_MD5_C) ||     \
+    !defined(MBEDTLS_SHA1_C) )
+#error "MBEDTLS_SSL_PROTO_TLS1_1 defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && ( !defined(MBEDTLS_SHA1_C) &&     \
+    !defined(MBEDTLS_SHA256_C) && !defined(MBEDTLS_SHA512_C) )
+#error "MBEDTLS_SSL_PROTO_TLS1_2 defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)     && \
+    !defined(MBEDTLS_SSL_PROTO_TLS1_1)  && \
+    !defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#error "MBEDTLS_SSL_PROTO_DTLS defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_SSL_CLI_C) && !defined(MBEDTLS_SSL_TLS_C)
+#error "MBEDTLS_SSL_CLI_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_SSL_TLS_C) && ( !defined(MBEDTLS_CIPHER_C) ||     \
+    !defined(MBEDTLS_MD_C) )
+#error "MBEDTLS_SSL_TLS_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_SSL_SRV_C) && !defined(MBEDTLS_SSL_TLS_C)
+#error "MBEDTLS_SSL_SRV_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_SSL_TLS_C) && (!defined(MBEDTLS_SSL_PROTO_SSL3) && \
+    !defined(MBEDTLS_SSL_PROTO_TLS1) && !defined(MBEDTLS_SSL_PROTO_TLS1_1) && \
+    !defined(MBEDTLS_SSL_PROTO_TLS1_2))
+#error "MBEDTLS_SSL_TLS_C defined, but no protocols are active"
+#endif
+
+#if defined(MBEDTLS_SSL_TLS_C) && (defined(MBEDTLS_SSL_PROTO_SSL3) && \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1) && !defined(MBEDTLS_SSL_PROTO_TLS1))
+#error "Illegal protocol selection"
+#endif
+
+#if defined(MBEDTLS_SSL_TLS_C) && (defined(MBEDTLS_SSL_PROTO_TLS1) && \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2) && !defined(MBEDTLS_SSL_PROTO_TLS1_1))
+#error "Illegal protocol selection"
+#endif
+
+#if defined(MBEDTLS_SSL_TLS_C) && (defined(MBEDTLS_SSL_PROTO_SSL3) && \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2) && (!defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    !defined(MBEDTLS_SSL_PROTO_TLS1_1)))
+#error "Illegal protocol selection"
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && !defined(MBEDTLS_SSL_PROTO_DTLS)
+#error "MBEDTLS_SSL_DTLS_HELLO_VERIFY  defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && \
+    !defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
+#error "MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE  defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) &&                              \
+    ( !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) )
+#error "MBEDTLS_SSL_DTLS_ANTI_REPLAY  defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) &&                              \
+    ( !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) )
+#error "MBEDTLS_SSL_DTLS_BADMAC_LIMIT  defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) &&   \
+    !defined(MBEDTLS_SSL_PROTO_TLS1)   &&      \
+    !defined(MBEDTLS_SSL_PROTO_TLS1_1) &&      \
+    !defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#error "MBEDTLS_SSL_ENCRYPT_THEN_MAC defined, but not all prerequsites"
+#endif
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) && \
+    !defined(MBEDTLS_SSL_PROTO_TLS1)   &&          \
+    !defined(MBEDTLS_SSL_PROTO_TLS1_1) &&          \
+    !defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#error "MBEDTLS_SSL_EXTENDED_MASTER_SECRET defined, but not all prerequsites"
+#endif
+
+#if defined(MBEDTLS_SSL_TICKET_C) && !defined(MBEDTLS_CIPHER_C)
+#error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) && \
+    !defined(MBEDTLS_SSL_PROTO_SSL3) && !defined(MBEDTLS_SSL_PROTO_TLS1)
+#error "MBEDTLS_SSL_CBC_RECORD_SPLITTING defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && \
+        !defined(MBEDTLS_X509_CRT_PARSE_C)
+#error "MBEDTLS_SSL_SERVER_NAME_INDICATION defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_THREADING_PTHREAD)
+#if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL)
+#error "MBEDTLS_THREADING_PTHREAD defined, but not all prerequisites"
+#endif
+#define MBEDTLS_THREADING_IMPL
+#endif
+
+#if defined(MBEDTLS_THREADING_ALT)
+#if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL)
+#error "MBEDTLS_THREADING_ALT defined, but not all prerequisites"
+#endif
+#define MBEDTLS_THREADING_IMPL
+#endif
+
+#if defined(MBEDTLS_THREADING_C) && !defined(MBEDTLS_THREADING_IMPL)
+#error "MBEDTLS_THREADING_C defined, single threading implementation required"
+#endif
+#undef MBEDTLS_THREADING_IMPL
+
+#if defined(MBEDTLS_VERSION_FEATURES) && !defined(MBEDTLS_VERSION_C)
+#error "MBEDTLS_VERSION_FEATURES defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_X509_USE_C) && ( !defined(MBEDTLS_BIGNUM_C) ||  \
+    !defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_PARSE_C) ||      \
+    !defined(MBEDTLS_PK_PARSE_C) )
+#error "MBEDTLS_X509_USE_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_X509_CREATE_C) && ( !defined(MBEDTLS_BIGNUM_C) ||  \
+    !defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_WRITE_C) ||       \
+    !defined(MBEDTLS_PK_WRITE_C) )
+#error "MBEDTLS_X509_CREATE_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) )
+#error "MBEDTLS_X509_CRT_PARSE_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_X509_CRL_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) )
+#error "MBEDTLS_X509_CRL_PARSE_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_X509_CSR_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) )
+#error "MBEDTLS_X509_CSR_PARSE_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_X509_CRT_WRITE_C) && ( !defined(MBEDTLS_X509_CREATE_C) )
+#error "MBEDTLS_X509_CRT_WRITE_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_X509_CSR_WRITE_C) && ( !defined(MBEDTLS_X509_CREATE_C) )
+#error "MBEDTLS_X509_CSR_WRITE_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_HAVE_INT32) && defined(MBEDTLS_HAVE_INT64)
+#error "MBEDTLS_HAVE_INT32 and MBEDTLS_HAVE_INT64 cannot be defined simultaneously"
+#endif /* MBEDTLS_HAVE_INT32 && MBEDTLS_HAVE_INT64 */
+
+#if ( defined(MBEDTLS_HAVE_INT32) || defined(MBEDTLS_HAVE_INT64) ) && \
+    defined(MBEDTLS_HAVE_ASM)
+#error "MBEDTLS_HAVE_INT32/MBEDTLS_HAVE_INT64 and MBEDTLS_HAVE_ASM cannot be defined simultaneously"
+#endif /* (MBEDTLS_HAVE_INT32 || MBEDTLS_HAVE_INT64) && MBEDTLS_HAVE_ASM */
+
+/*
+ * Avoid warning from -pedantic. This is a convenient place for this
+ * workaround since this is included by every single file before the
+ * #if defined(MBEDTLS_xxx_C) that results in emtpy translation units.
+ */
+typedef int mbedtls_iso_c_forbids_empty_translation_units;
+
+#endif /* MBEDTLS_CHECK_CONFIG_H */
diff --git a/thirdparty/mbedtls/include/mbedtls/cipher.h b/thirdparty/mbedtls/include/mbedtls/cipher.h
new file mode 100644
index 0000000000..d1f4efef8e
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/cipher.h
@@ -0,0 +1,752 @@
+/**
+ * \file cipher.h
+ *
+ * \brief The generic cipher wrapper.
+ *
+ * \author Adriaan de Jong <dejong@fox-it.com>
+ */
+/*
+ *  Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef MBEDTLS_CIPHER_H
+#define MBEDTLS_CIPHER_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)
+#define MBEDTLS_CIPHER_MODE_AEAD
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#define MBEDTLS_CIPHER_MODE_WITH_PADDING
+#endif
+
+#if defined(MBEDTLS_ARC4_C)
+#define MBEDTLS_CIPHER_MODE_STREAM
+#endif
+
+#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
+#define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE  -0x6080  /**< The selected feature is not available. */
+#define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA       -0x6100  /**< Bad input parameters. */
+#define MBEDTLS_ERR_CIPHER_ALLOC_FAILED         -0x6180  /**< Failed to allocate memory. */
+#define MBEDTLS_ERR_CIPHER_INVALID_PADDING      -0x6200  /**< Input data contains invalid padding and is rejected. */
+#define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED  -0x6280  /**< Decryption of block requires a full block. */
+#define MBEDTLS_ERR_CIPHER_AUTH_FAILED          -0x6300  /**< Authentication failed (for AEAD modes). */
+#define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT      -0x6380  /**< The context is invalid. For example, because it was freed. */
+#define MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED      -0x6400  /**< Cipher hardware accelerator failed. */
+
+#define MBEDTLS_CIPHER_VARIABLE_IV_LEN     0x01    /**< Cipher accepts IVs of variable length. */
+#define MBEDTLS_CIPHER_VARIABLE_KEY_LEN    0x02    /**< Cipher accepts keys of variable length. */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief     An enumeration of supported ciphers.
+ *
+ * \warning   ARC4 and DES are considered weak ciphers and their use
+ *            constitutes a security risk. We recommend considering stronger
+ *            ciphers instead.
+ */
+typedef enum {
+    MBEDTLS_CIPHER_ID_NONE = 0,
+    MBEDTLS_CIPHER_ID_NULL,
+    MBEDTLS_CIPHER_ID_AES,
+    MBEDTLS_CIPHER_ID_DES,
+    MBEDTLS_CIPHER_ID_3DES,
+    MBEDTLS_CIPHER_ID_CAMELLIA,
+    MBEDTLS_CIPHER_ID_BLOWFISH,
+    MBEDTLS_CIPHER_ID_ARC4,
+} mbedtls_cipher_id_t;
+
+/**
+ * \brief     An enumeration of supported (cipher, mode) pairs.
+ *
+ * \warning   ARC4 and DES are considered weak ciphers and their use
+ *            constitutes a security risk. We recommend considering stronger
+ *            ciphers instead.
+ */
+typedef enum {
+    MBEDTLS_CIPHER_NONE = 0,
+    MBEDTLS_CIPHER_NULL,
+    MBEDTLS_CIPHER_AES_128_ECB,
+    MBEDTLS_CIPHER_AES_192_ECB,
+    MBEDTLS_CIPHER_AES_256_ECB,
+    MBEDTLS_CIPHER_AES_128_CBC,
+    MBEDTLS_CIPHER_AES_192_CBC,
+    MBEDTLS_CIPHER_AES_256_CBC,
+    MBEDTLS_CIPHER_AES_128_CFB128,
+    MBEDTLS_CIPHER_AES_192_CFB128,
+    MBEDTLS_CIPHER_AES_256_CFB128,
+    MBEDTLS_CIPHER_AES_128_CTR,
+    MBEDTLS_CIPHER_AES_192_CTR,
+    MBEDTLS_CIPHER_AES_256_CTR,
+    MBEDTLS_CIPHER_AES_128_GCM,
+    MBEDTLS_CIPHER_AES_192_GCM,
+    MBEDTLS_CIPHER_AES_256_GCM,
+    MBEDTLS_CIPHER_CAMELLIA_128_ECB,
+    MBEDTLS_CIPHER_CAMELLIA_192_ECB,
+    MBEDTLS_CIPHER_CAMELLIA_256_ECB,
+    MBEDTLS_CIPHER_CAMELLIA_128_CBC,
+    MBEDTLS_CIPHER_CAMELLIA_192_CBC,
+    MBEDTLS_CIPHER_CAMELLIA_256_CBC,
+    MBEDTLS_CIPHER_CAMELLIA_128_CFB128,
+    MBEDTLS_CIPHER_CAMELLIA_192_CFB128,
+    MBEDTLS_CIPHER_CAMELLIA_256_CFB128,
+    MBEDTLS_CIPHER_CAMELLIA_128_CTR,
+    MBEDTLS_CIPHER_CAMELLIA_192_CTR,
+    MBEDTLS_CIPHER_CAMELLIA_256_CTR,
+    MBEDTLS_CIPHER_CAMELLIA_128_GCM,
+    MBEDTLS_CIPHER_CAMELLIA_192_GCM,
+    MBEDTLS_CIPHER_CAMELLIA_256_GCM,
+    MBEDTLS_CIPHER_DES_ECB,
+    MBEDTLS_CIPHER_DES_CBC,
+    MBEDTLS_CIPHER_DES_EDE_ECB,
+    MBEDTLS_CIPHER_DES_EDE_CBC,
+    MBEDTLS_CIPHER_DES_EDE3_ECB,
+    MBEDTLS_CIPHER_DES_EDE3_CBC,
+    MBEDTLS_CIPHER_BLOWFISH_ECB,
+    MBEDTLS_CIPHER_BLOWFISH_CBC,
+    MBEDTLS_CIPHER_BLOWFISH_CFB64,
+    MBEDTLS_CIPHER_BLOWFISH_CTR,
+    MBEDTLS_CIPHER_ARC4_128,
+    MBEDTLS_CIPHER_AES_128_CCM,
+    MBEDTLS_CIPHER_AES_192_CCM,
+    MBEDTLS_CIPHER_AES_256_CCM,
+    MBEDTLS_CIPHER_CAMELLIA_128_CCM,
+    MBEDTLS_CIPHER_CAMELLIA_192_CCM,
+    MBEDTLS_CIPHER_CAMELLIA_256_CCM,
+} mbedtls_cipher_type_t;
+
+/** Supported cipher modes. */
+typedef enum {
+    MBEDTLS_MODE_NONE = 0,
+    MBEDTLS_MODE_ECB,
+    MBEDTLS_MODE_CBC,
+    MBEDTLS_MODE_CFB,
+    MBEDTLS_MODE_OFB, /* Unused! */
+    MBEDTLS_MODE_CTR,
+    MBEDTLS_MODE_GCM,
+    MBEDTLS_MODE_STREAM,
+    MBEDTLS_MODE_CCM,
+} mbedtls_cipher_mode_t;
+
+/** Supported cipher padding types. */
+typedef enum {
+    MBEDTLS_PADDING_PKCS7 = 0,     /**< PKCS7 padding (default).        */
+    MBEDTLS_PADDING_ONE_AND_ZEROS, /**< ISO/IEC 7816-4 padding.         */
+    MBEDTLS_PADDING_ZEROS_AND_LEN, /**< ANSI X.923 padding.             */
+    MBEDTLS_PADDING_ZEROS,         /**< zero padding (not reversible). */
+    MBEDTLS_PADDING_NONE,          /**< never pad (full blocks only).   */
+} mbedtls_cipher_padding_t;
+
+/** Type of operation. */
+typedef enum {
+    MBEDTLS_OPERATION_NONE = -1,
+    MBEDTLS_DECRYPT = 0,
+    MBEDTLS_ENCRYPT,
+} mbedtls_operation_t;
+
+enum {
+    /** Undefined key length. */
+    MBEDTLS_KEY_LENGTH_NONE = 0,
+    /** Key length, in bits (including parity), for DES keys. */
+    MBEDTLS_KEY_LENGTH_DES  = 64,
+    /** Key length in bits, including parity, for DES in two-key EDE. */
+    MBEDTLS_KEY_LENGTH_DES_EDE = 128,
+    /** Key length in bits, including parity, for DES in three-key EDE. */
+    MBEDTLS_KEY_LENGTH_DES_EDE3 = 192,
+};
+
+/** Maximum length of any IV, in Bytes. */
+#define MBEDTLS_MAX_IV_LENGTH      16
+/** Maximum block size of any cipher, in Bytes. */
+#define MBEDTLS_MAX_BLOCK_LENGTH   16
+
+/**
+ * Base cipher information (opaque struct).
+ */
+typedef struct mbedtls_cipher_base_t mbedtls_cipher_base_t;
+
+/**
+ * CMAC context (opaque struct).
+ */
+typedef struct mbedtls_cmac_context_t mbedtls_cmac_context_t;
+
+/**
+ * Cipher information. Allows calling cipher functions
+ * in a generic way.
+ */
+typedef struct {
+    /** Full cipher identifier. For example,
+     * MBEDTLS_CIPHER_AES_256_CBC.
+     */
+    mbedtls_cipher_type_t type;
+
+    /** The cipher mode. For example, MBEDTLS_MODE_CBC. */
+    mbedtls_cipher_mode_t mode;
+
+    /** The cipher key length, in bits. This is the
+     * default length for variable sized ciphers.
+     * Includes parity bits for ciphers like DES.
+     */
+    unsigned int key_bitlen;
+
+    /** Name of the cipher. */
+    const char * name;
+
+    /** IV or nonce size, in Bytes.
+     * For ciphers that accept variable IV sizes,
+     * this is the recommended size.
+     */
+    unsigned int iv_size;
+
+    /** Flags to set. For example, if the cipher supports variable IV sizes or variable key sizes. */
+    int flags;
+
+    /** The block size, in Bytes. */
+    unsigned int block_size;
+
+    /** Struct for base cipher information and functions. */
+    const mbedtls_cipher_base_t *base;
+
+} mbedtls_cipher_info_t;
+
+/**
+ * Generic cipher context.
+ */
+typedef struct {
+    /** Information about the associated cipher. */
+    const mbedtls_cipher_info_t *cipher_info;
+
+    /** Key length to use. */
+    int key_bitlen;
+
+    /** Operation that the key of the context has been
+     * initialized for.
+     */
+    mbedtls_operation_t operation;
+
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+    /** Padding functions to use, if relevant for
+     * the specific cipher mode.
+     */
+    void (*add_padding)( unsigned char *output, size_t olen, size_t data_len );
+    int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len );
+#endif
+
+    /** Buffer for input that has not been processed yet. */
+    unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH];
+
+    /** Number of Bytes that have not been processed yet. */
+    size_t unprocessed_len;
+
+    /** Current IV or NONCE_COUNTER for CTR-mode. */
+    unsigned char iv[MBEDTLS_MAX_IV_LENGTH];
+
+    /** IV size in Bytes, for ciphers with variable-length IVs. */
+    size_t iv_size;
+
+    /** The cipher-specific context. */
+    void *cipher_ctx;
+
+#if defined(MBEDTLS_CMAC_C)
+    /** CMAC-specific context. */
+    mbedtls_cmac_context_t *cmac_ctx;
+#endif
+} mbedtls_cipher_context_t;
+
+/**
+ * \brief This function retrieves the list of ciphers supported by the generic
+ * cipher module.
+ *
+ * \return      A statically-allocated array of ciphers. The last entry
+ *              is zero.
+ */
+const int *mbedtls_cipher_list( void );
+
+/**
+ * \brief               This function retrieves the cipher-information
+ *                      structure associated with the given cipher name.
+ *
+ * \param cipher_name   Name of the cipher to search for.
+ *
+ * \return              The cipher information structure associated with the
+ *                      given \p cipher_name, or NULL if not found.
+ */
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name );
+
+/**
+ * \brief               This function retrieves the cipher-information
+ *                      structure associated with the given cipher type.
+ *
+ * \param cipher_type   Type of the cipher to search for.
+ *
+ * \return              The cipher information structure associated with the
+ *                      given \p cipher_type, or NULL if not found.
+ */
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type );
+
+/**
+ * \brief               This function retrieves the cipher-information
+ *                      structure associated with the given cipher ID,
+ *                      key size and mode.
+ *
+ * \param cipher_id     The ID of the cipher to search for. For example,
+ *                      #MBEDTLS_CIPHER_ID_AES.
+ * \param key_bitlen    The length of the key in bits.
+ * \param mode          The cipher mode. For example, #MBEDTLS_MODE_CBC.
+ *
+ * \return              The cipher information structure associated with the
+ *                      given \p cipher_id, or NULL if not found.
+ */
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id,
+                                              int key_bitlen,
+                                              const mbedtls_cipher_mode_t mode );
+
+/**
+ * \brief               This function initializes a \p cipher_context as NONE.
+ */
+void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx );
+
+/**
+ * \brief               This function frees and clears the cipher-specific
+ *                      context of \p ctx. Freeing \p ctx itself remains the
+ *                      responsibility of the caller.
+ */
+void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx );
+
+
+/**
+ * \brief               This function initializes and fills the cipher-context
+ *                      structure with the appropriate values. It also clears
+ *                      the structure.
+ *
+ * \param ctx           The context to initialize. May not be NULL.
+ * \param cipher_info   The cipher to use.
+ *
+ * \return              \c 0 on success,
+ *                      #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on parameter failure,
+ *                      #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the
+ *                      cipher-specific context failed.
+ *
+ * \internal Currently, the function also clears the structure.
+ * In future versions, the caller will be required to call
+ * mbedtls_cipher_init() on the structure first.
+ */
+int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info );
+
+/**
+ * \brief        This function returns the block size of the given cipher.
+ *
+ * \param ctx    The context of the cipher. Must be initialized.
+ *
+ * \return       The size of the blocks of the cipher, or zero if \p ctx
+ *               has not been initialized.
+ */
+static inline unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_context_t *ctx )
+{
+    if( NULL == ctx || NULL == ctx->cipher_info )
+        return 0;
+
+    return ctx->cipher_info->block_size;
+}
+
+/**
+ * \brief        This function returns the mode of operation for
+ *               the cipher. For example, MBEDTLS_MODE_CBC.
+ *
+ * \param ctx    The context of the cipher. Must be initialized.
+ *
+ * \return       The mode of operation, or #MBEDTLS_MODE_NONE if
+ *               \p ctx has not been initialized.
+ */
+static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( const mbedtls_cipher_context_t *ctx )
+{
+    if( NULL == ctx || NULL == ctx->cipher_info )
+        return MBEDTLS_MODE_NONE;
+
+    return ctx->cipher_info->mode;
+}
+
+/**
+ * \brief       This function returns the size of the IV or nonce
+ *              of the cipher, in Bytes.
+ *
+ * \param ctx   The context of the cipher. Must be initialized.
+ *
+ * \return      <ul><li>If no IV has been set: the recommended IV size.
+ *              0 for ciphers not using IV or nonce.</li>
+ *              <li>If IV has already been set: the actual size.</li></ul>
+ */
+static inline int mbedtls_cipher_get_iv_size( const mbedtls_cipher_context_t *ctx )
+{
+    if( NULL == ctx || NULL == ctx->cipher_info )
+        return 0;
+
+    if( ctx->iv_size != 0 )
+        return (int) ctx->iv_size;
+
+    return (int) ctx->cipher_info->iv_size;
+}
+
+/**
+ * \brief               This function returns the type of the given cipher.
+ *
+ * \param ctx           The context of the cipher. Must be initialized.
+ *
+ * \return              The type of the cipher, or #MBEDTLS_CIPHER_NONE if
+ *                      \p ctx has not been initialized.
+ */
+static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( const mbedtls_cipher_context_t *ctx )
+{
+    if( NULL == ctx || NULL == ctx->cipher_info )
+        return MBEDTLS_CIPHER_NONE;
+
+    return ctx->cipher_info->type;
+}
+
+/**
+ * \brief               This function returns the name of the given cipher
+ *                      as a string.
+ *
+ * \param ctx           The context of the cipher. Must be initialized.
+ *
+ * \return              The name of the cipher, or NULL if \p ctx has not
+ *                      been not initialized.
+ */
+static inline const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_t *ctx )
+{
+    if( NULL == ctx || NULL == ctx->cipher_info )
+        return 0;
+
+    return ctx->cipher_info->name;
+}
+
+/**
+ * \brief               This function returns the key length of the cipher.
+ *
+ * \param ctx           The context of the cipher. Must be initialized.
+ *
+ * \return              The key length of the cipher in bits, or
+ *                      #MBEDTLS_KEY_LENGTH_NONE if ctx \p has not been
+ *                      initialized.
+ */
+static inline int mbedtls_cipher_get_key_bitlen( const mbedtls_cipher_context_t *ctx )
+{
+    if( NULL == ctx || NULL == ctx->cipher_info )
+        return MBEDTLS_KEY_LENGTH_NONE;
+
+    return (int) ctx->cipher_info->key_bitlen;
+}
+
+/**
+ * \brief          This function returns the operation of the given cipher.
+ *
+ * \param ctx      The context of the cipher. Must be initialized.
+ *
+ * \return         The type of operation: #MBEDTLS_ENCRYPT or
+ *                 #MBEDTLS_DECRYPT, or #MBEDTLS_OPERATION_NONE if \p ctx
+ *                 has not been initialized.
+ */
+static inline mbedtls_operation_t mbedtls_cipher_get_operation( const mbedtls_cipher_context_t *ctx )
+{
+    if( NULL == ctx || NULL == ctx->cipher_info )
+        return MBEDTLS_OPERATION_NONE;
+
+    return ctx->operation;
+}
+
+/**
+ * \brief               This function sets the key to use with the given context.
+ *
+ * \param ctx           The generic cipher context. May not be NULL. Must have
+ *                      been initialized using mbedtls_cipher_info_from_type()
+ *                      or mbedtls_cipher_info_from_string().
+ * \param key           The key to use.
+ * \param key_bitlen    The key length to use, in bits.
+ * \param operation     The operation that the key will be used for:
+ *                      #MBEDTLS_ENCRYPT or #MBEDTLS_DECRYPT.
+ *
+ * \returns             \c 0 on success, #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if
+ *                      parameter verification fails, or a cipher-specific
+ *                      error code.
+ */
+int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key,
+                   int key_bitlen, const mbedtls_operation_t operation );
+
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+/**
+ * \brief               This function sets the padding mode, for cipher modes
+ *                      that use padding.
+ *
+ *                      The default passing mode is PKCS7 padding.
+ *
+ * \param ctx           The generic cipher context.
+ * \param mode          The padding mode.
+ *
+ * \returns             \c 0 on success, #MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE
+ *                      if the selected padding mode is not supported, or
+ *                      #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode
+ *                      does not support padding.
+ */
+int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode );
+#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
+
+/**
+ * \brief           This function sets the initialization vector (IV)
+ *                  or nonce.
+ *
+ * \param ctx       The generic cipher context.
+ * \param iv        The IV to use, or NONCE_COUNTER for CTR-mode ciphers.
+ * \param iv_len    The IV length for ciphers with variable-size IV.
+ *                  This parameter is discarded by ciphers with fixed-size IV.
+ *
+ * \returns         \c 0 on success, or #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+ *
+ * \note            Some ciphers do not use IVs nor nonce. For these
+ *                  ciphers, this function has no effect.
+ */
+int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
+                   const unsigned char *iv, size_t iv_len );
+
+/**
+ * \brief         This function resets the cipher state.
+ *
+ * \param ctx     The generic cipher context.
+ *
+ * \returns       \c 0 on success, #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+ *                if parameter verification fails.
+ */
+int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx );
+
+#if defined(MBEDTLS_GCM_C)
+/**
+ * \brief               This function adds additional data for AEAD ciphers.
+ *                      Only supported with GCM. Must be called
+ *                      exactly once, after mbedtls_cipher_reset().
+ *
+ * \param ctx           The generic cipher context.
+ * \param ad            The additional data to use.
+ * \param ad_len        the Length of \p ad.
+ *
+ * \return              \c 0 on success, or a specific error code on failure.
+ */
+int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
+                      const unsigned char *ad, size_t ad_len );
+#endif /* MBEDTLS_GCM_C */
+
+/**
+ * \brief               The generic cipher update function. It encrypts or
+ *                      decrypts using the given cipher context. Writes as
+ *                      many block-sized blocks of data as possible to output.
+ *                      Any data that cannot be written immediately is either
+ *                      added to the next block, or flushed when
+ *                      mbedtls_cipher_finish() is called.
+ *                      Exception: For MBEDTLS_MODE_ECB, expects a single block
+ *                      in size. For example, 16 Bytes for AES.
+ *
+ * \param ctx           The generic cipher context.
+ * \param input         The buffer holding the input data.
+ * \param ilen          The length of the input data.
+ * \param output        The buffer for the output data. Must be able to hold at
+ *                      least \p ilen + block_size. Must not be the same buffer
+ *                      as input.
+ * \param olen          The length of the output data, to be updated with the
+ *                      actual number of Bytes written.
+ *
+ * \returns             \c 0 on success, #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if
+ *                      parameter verification fails,
+ *                      #MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE on an
+ *                      unsupported mode for a cipher, or a cipher-specific
+ *                      error code.
+ *
+ * \note                If the underlying cipher is GCM, all calls to this
+ *                      function, except the last one before
+ *                      mbedtls_cipher_finish(). Must have \p ilen as a
+ *                      multiple of the block_size.
+ */
+int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
+                   size_t ilen, unsigned char *output, size_t *olen );
+
+/**
+ * \brief               The generic cipher finalization function. If data still
+ *                      needs to be flushed from an incomplete block, the data
+ *                      contained in it is padded to the size of
+ *                      the last block, and written to the \p output buffer.
+ *
+ * \param ctx           The generic cipher context.
+ * \param output        The buffer to write data to. Needs block_size available.
+ * \param olen          The length of the data written to the \p output buffer.
+ *
+ * \returns             \c 0 on success, #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if
+ *                      parameter verification fails,
+ *                      #MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED if decryption
+ *                      expected a full block but was not provided one,
+ *                      #MBEDTLS_ERR_CIPHER_INVALID_PADDING on invalid padding
+ *                      while decrypting, or a cipher-specific error code
+ *                      on failure for any other reason.
+ */
+int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
+                   unsigned char *output, size_t *olen );
+
+#if defined(MBEDTLS_GCM_C)
+/**
+ * \brief               This function writes a tag for AEAD ciphers.
+ *                      Only supported with GCM.
+ *                      Must be called after mbedtls_cipher_finish().
+ *
+ * \param ctx           The generic cipher context.
+ * \param tag           The buffer to write the tag to.
+ * \param tag_len       The length of the tag to write.
+ *
+ * \return              \c 0 on success, or a specific error code on failure.
+ */
+int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
+                      unsigned char *tag, size_t tag_len );
+
+/**
+ * \brief               This function checks the tag for AEAD ciphers.
+ *                      Only supported with GCM.
+ *                      Must be called after mbedtls_cipher_finish().
+ *
+ * \param ctx           The generic cipher context.
+ * \param tag           The buffer holding the tag.
+ * \param tag_len       The length of the tag to check.
+ *
+ * \return              \c 0 on success, or a specific error code on failure.
+ */
+int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
+                      const unsigned char *tag, size_t tag_len );
+#endif /* MBEDTLS_GCM_C */
+
+/**
+ * \brief               The generic all-in-one encryption/decryption function,
+ *                      for all ciphers except AEAD constructs.
+ *
+ * \param ctx           The generic cipher context.
+ * \param iv            The IV to use, or NONCE_COUNTER for CTR-mode ciphers.
+ * \param iv_len        The IV length for ciphers with variable-size IV.
+ *                      This parameter is discarded by ciphers with fixed-size
+ *                      IV.
+ * \param input         The buffer holding the input data.
+ * \param ilen          The length of the input data.
+ * \param output        The buffer for the output data. Must be able to hold at
+ *                      least \p ilen + block_size. Must not be the same buffer
+ *                      as input.
+ * \param olen          The length of the output data, to be updated with the
+ *                      actual number of Bytes written.
+ *
+ * \note                Some ciphers do not use IVs nor nonce. For these
+ *                      ciphers, use \p iv = NULL and \p iv_len = 0.
+ *
+ * \returns             \c 0 on success, or
+ *                      #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, or
+ *                      #MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED if decryption
+ *                      expected a full block but was not provided one, or
+ *                      #MBEDTLS_ERR_CIPHER_INVALID_PADDING on invalid padding
+ *                      while decrypting, or a cipher-specific error code on
+ *                      failure for any other reason.
+ */
+int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
+                  const unsigned char *iv, size_t iv_len,
+                  const unsigned char *input, size_t ilen,
+                  unsigned char *output, size_t *olen );
+
+#if defined(MBEDTLS_CIPHER_MODE_AEAD)
+/**
+ * \brief               The generic autenticated encryption (AEAD) function.
+ *
+ * \param ctx           The generic cipher context.
+ * \param iv            The IV to use, or NONCE_COUNTER for CTR-mode ciphers.
+ * \param iv_len        The IV length for ciphers with variable-size IV.
+ *                      This parameter is discarded by ciphers with fixed-size IV.
+ * \param ad            The additional data to authenticate.
+ * \param ad_len        The length of \p ad.
+ * \param input         The buffer holding the input data.
+ * \param ilen          The length of the input data.
+ * \param output        The buffer for the output data.
+ *                      Must be able to hold at least \p ilen.
+ * \param olen          The length of the output data, to be updated with the
+ *                      actual number of Bytes written.
+ * \param tag           The buffer for the authentication tag.
+ * \param tag_len       The desired length of the authentication tag.
+ *
+ * \returns             \c 0 on success, or
+ *                      #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, or
+ *                      a cipher-specific error code.
+ */
+int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
+                         const unsigned char *iv, size_t iv_len,
+                         const unsigned char *ad, size_t ad_len,
+                         const unsigned char *input, size_t ilen,
+                         unsigned char *output, size_t *olen,
+                         unsigned char *tag, size_t tag_len );
+
+/**
+ * \brief               The generic autenticated decryption (AEAD) function.
+ *
+ * \param ctx           The generic cipher context.
+ * \param iv            The IV to use, or NONCE_COUNTER for CTR-mode ciphers.
+ * \param iv_len        The IV length for ciphers with variable-size IV.
+ *                      This parameter is discarded by ciphers with fixed-size IV.
+ * \param ad            The additional data to be authenticated.
+ * \param ad_len        The length of \p ad.
+ * \param input         The buffer holding the input data.
+ * \param ilen          The length of the input data.
+ * \param output        The buffer for the output data.
+ *                      Must be able to hold at least \p ilen.
+ * \param olen          The length of the output data, to be updated with the
+ *                      actual number of Bytes written.
+ * \param tag           The buffer holding the authentication tag.
+ * \param tag_len       The length of the authentication tag.
+ *
+ * \returns             \c 0 on success, or
+ *                      #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, or
+ *                      #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic,
+ *                      or a cipher-specific error code on failure for any other reason.
+ *
+ * \note                If the data is not authentic, then the output buffer
+ *                      is zeroed out to prevent the unauthentic plaintext being
+ *                      used, making this interface safer.
+ */
+int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
+                         const unsigned char *iv, size_t iv_len,
+                         const unsigned char *ad, size_t ad_len,
+                         const unsigned char *input, size_t ilen,
+                         unsigned char *output, size_t *olen,
+                         const unsigned char *tag, size_t tag_len );
+#endif /* MBEDTLS_CIPHER_MODE_AEAD */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_CIPHER_H */
diff --git a/thirdparty/mbedtls/include/mbedtls/cipher_internal.h b/thirdparty/mbedtls/include/mbedtls/cipher_internal.h
new file mode 100644
index 0000000000..969ff9ccb8
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/cipher_internal.h
@@ -0,0 +1,110 @@
+/**
+ * \file cipher_internal.h
+ *
+ * \brief Cipher wrappers.
+ *
+ * \author Adriaan de Jong <dejong@fox-it.com>
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_CIPHER_WRAP_H
+#define MBEDTLS_CIPHER_WRAP_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "cipher.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * Base cipher information. The non-mode specific functions and values.
+ */
+struct mbedtls_cipher_base_t
+{
+    /** Base Cipher type (e.g. MBEDTLS_CIPHER_ID_AES) */
+    mbedtls_cipher_id_t cipher;
+
+    /** Encrypt using ECB */
+    int (*ecb_func)( void *ctx, mbedtls_operation_t mode,
+                     const unsigned char *input, unsigned char *output );
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    /** Encrypt using CBC */
+    int (*cbc_func)( void *ctx, mbedtls_operation_t mode, size_t length,
+                     unsigned char *iv, const unsigned char *input,
+                     unsigned char *output );
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    /** Encrypt using CFB (Full length) */
+    int (*cfb_func)( void *ctx, mbedtls_operation_t mode, size_t length, size_t *iv_off,
+                     unsigned char *iv, const unsigned char *input,
+                     unsigned char *output );
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    /** Encrypt using CTR */
+    int (*ctr_func)( void *ctx, size_t length, size_t *nc_off,
+                     unsigned char *nonce_counter, unsigned char *stream_block,
+                     const unsigned char *input, unsigned char *output );
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    /** Encrypt using STREAM */
+    int (*stream_func)( void *ctx, size_t length,
+                        const unsigned char *input, unsigned char *output );
+#endif
+
+    /** Set key for encryption purposes */
+    int (*setkey_enc_func)( void *ctx, const unsigned char *key,
+                            unsigned int key_bitlen );
+
+    /** Set key for decryption purposes */
+    int (*setkey_dec_func)( void *ctx, const unsigned char *key,
+                            unsigned int key_bitlen);
+
+    /** Allocate a new context */
+    void * (*ctx_alloc_func)( void );
+
+    /** Free the given context */
+    void (*ctx_free_func)( void *ctx );
+
+};
+
+typedef struct
+{
+    mbedtls_cipher_type_t type;
+    const mbedtls_cipher_info_t *info;
+} mbedtls_cipher_definition_t;
+
+extern const mbedtls_cipher_definition_t mbedtls_cipher_definitions[];
+
+extern int mbedtls_cipher_supported[];
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_CIPHER_WRAP_H */
diff --git a/thirdparty/mbedtls/include/mbedtls/cmac.h b/thirdparty/mbedtls/include/mbedtls/cmac.h
new file mode 100644
index 0000000000..628c9daba2
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/cmac.h
@@ -0,0 +1,208 @@
+/**
+ * \file cmac.h
+ *
+ * \brief The Cipher-based Message Authentication Code (CMAC) Mode for
+ *        Authentication.
+ */
+/*
+ *  Copyright (C) 2015-2018, Arm Limited (or its affiliates), All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef MBEDTLS_CMAC_H
+#define MBEDTLS_CMAC_H
+
+#include "mbedtls/cipher.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED -0x007A  /**< CMAC hardware accelerator failed. */
+
+#define MBEDTLS_AES_BLOCK_SIZE          16
+#define MBEDTLS_DES3_BLOCK_SIZE         8
+
+#if defined(MBEDTLS_AES_C)
+#define MBEDTLS_CIPHER_BLKSIZE_MAX      16  /* The longest block used by CMAC is that of AES. */
+#else
+#define MBEDTLS_CIPHER_BLKSIZE_MAX      8   /* The longest block used by CMAC is that of 3DES. */
+#endif
+
+#if !defined(MBEDTLS_CMAC_ALT)
+
+/**
+ * The CMAC context structure.
+ */
+struct mbedtls_cmac_context_t
+{
+    /** The internal state of the CMAC algorithm.  */
+    unsigned char       state[MBEDTLS_CIPHER_BLKSIZE_MAX];
+
+    /** Unprocessed data - either data that was not block aligned and is still
+     *  pending processing, or the final block. */
+    unsigned char       unprocessed_block[MBEDTLS_CIPHER_BLKSIZE_MAX];
+
+    /** The length of data pending processing. */
+    size_t              unprocessed_len;
+};
+
+/**
+ * \brief               This function sets the CMAC key, and prepares to authenticate
+ *                      the input data.
+ *                      Must be called with an initialized cipher context.
+ *
+ * \param ctx           The cipher context used for the CMAC operation, initialized
+ *                      as one of the following types:<ul>
+ *                      <li>MBEDTLS_CIPHER_AES_128_ECB</li>
+ *                      <li>MBEDTLS_CIPHER_AES_192_ECB</li>
+ *                      <li>MBEDTLS_CIPHER_AES_256_ECB</li>
+ *                      <li>MBEDTLS_CIPHER_DES_EDE3_ECB</li></ul>
+ * \param key           The CMAC key.
+ * \param keybits       The length of the CMAC key in bits.
+ *                      Must be supported by the cipher.
+ *
+ * \return              \c 0 on success, or a cipher-specific error code.
+ */
+int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
+                                const unsigned char *key, size_t keybits );
+
+/**
+ * \brief               This function feeds an input buffer into an ongoing CMAC
+ *                      computation.
+ *
+ *                      It is called between mbedtls_cipher_cmac_starts() or
+ *                      mbedtls_cipher_cmac_reset(), and mbedtls_cipher_cmac_finish().
+ *                      Can be called repeatedly.
+ *
+ * \param ctx           The cipher context used for the CMAC operation.
+ * \param input         The buffer holding the input data.
+ * \param ilen          The length of the input data.
+ *
+ * \returns             \c 0 on success, or #MBEDTLS_ERR_MD_BAD_INPUT_DATA
+ *                      if parameter verification fails.
+ */
+int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
+                                const unsigned char *input, size_t ilen );
+
+/**
+ * \brief               This function finishes the CMAC operation, and writes
+ *                      the result to the output buffer.
+ *
+ *                      It is called after mbedtls_cipher_cmac_update().
+ *                      It can be followed by mbedtls_cipher_cmac_reset() and
+ *                      mbedtls_cipher_cmac_update(), or mbedtls_cipher_free().
+ *
+ * \param ctx           The cipher context used for the CMAC operation.
+ * \param output        The output buffer for the CMAC checksum result.
+ *
+ * \returns             \c 0 on success, or #MBEDTLS_ERR_MD_BAD_INPUT_DATA
+ *                      if parameter verification fails.
+ */
+int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
+                                unsigned char *output );
+
+/**
+ * \brief               This function prepares the authentication of another
+ *                      message with the same key as the previous CMAC
+ *                      operation.
+ *
+ *                      It is called after mbedtls_cipher_cmac_finish()
+ *                      and before mbedtls_cipher_cmac_update().
+ *
+ * \param ctx           The cipher context used for the CMAC operation.
+ *
+ * \returns             \c 0 on success, or #MBEDTLS_ERR_MD_BAD_INPUT_DATA
+ *                      if parameter verification fails.
+ */
+int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx );
+
+/**
+ * \brief               This function calculates the full generic CMAC
+ *                      on the input buffer with the provided key.
+ *
+ *                      The function allocates the context, performs the
+ *                      calculation, and frees the context.
+ *
+ *                      The CMAC result is calculated as
+ *                      output = generic CMAC(cmac key, input buffer).
+ *
+ *
+ * \param cipher_info   The cipher information.
+ * \param key           The CMAC key.
+ * \param keylen        The length of the CMAC key in bits.
+ * \param input         The buffer holding the input data.
+ * \param ilen          The length of the input data.
+ * \param output        The buffer for the generic CMAC result.
+ *
+ * \returns             \c 0 on success, or #MBEDTLS_ERR_MD_BAD_INPUT_DATA
+ *                      if parameter verification fails.
+ */
+int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info,
+                         const unsigned char *key, size_t keylen,
+                         const unsigned char *input, size_t ilen,
+                         unsigned char *output );
+
+#if defined(MBEDTLS_AES_C)
+/**
+ * \brief           This function implements the AES-CMAC-PRF-128 pseudorandom
+ *                  function, as defined in
+ *                  <em>RFC-4615: The Advanced Encryption Standard-Cipher-based
+ *                  Message Authentication Code-Pseudo-Random Function-128
+ *                  (AES-CMAC-PRF-128) Algorithm for the Internet Key
+ *                  Exchange Protocol (IKE).</em>
+ *
+ * \param key       The key to use.
+ * \param key_len   The key length in Bytes.
+ * \param input     The buffer holding the input data.
+ * \param in_len    The length of the input data in Bytes.
+ * \param output    The buffer holding the generated 16 Bytes of
+ *                  pseudorandom output.
+ *
+ * \return          \c 0 on success.
+ */
+int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len,
+                              const unsigned char *input, size_t in_len,
+                              unsigned char output[16] );
+#endif /* MBEDTLS_AES_C */
+
+#ifdef __cplusplus
+}
+#endif
+
+#else  /* !MBEDTLS_CMAC_ALT */
+#include "cmac_alt.h"
+#endif /* !MBEDTLS_CMAC_ALT */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if defined(MBEDTLS_SELF_TEST) && ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) )
+/**
+ * \brief          The CMAC checkup routine.
+ *
+ * \return         \c 0 on success, or \c 1 on failure.
+ */
+int mbedtls_cmac_self_test( int verbose );
+#endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_CMAC_H */
diff --git a/thirdparty/mbedtls/include/mbedtls/compat-1.3.h b/thirdparty/mbedtls/include/mbedtls/compat-1.3.h
new file mode 100644
index 0000000000..600a0f154c
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/compat-1.3.h
@@ -0,0 +1,2524 @@
+/**
+ * \file compat-1.3.h
+ *
+ * \brief Compatibility definitions for using mbed TLS with client code written
+ *  for the PolarSSL naming conventions.
+ *
+ * \deprecated Use the new names directly instead
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
+
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#warning "Including compat-1.3.h is deprecated"
+#endif
+
+#ifndef MBEDTLS_COMPAT13_H
+#define MBEDTLS_COMPAT13_H
+
+/*
+ * config.h options
+ */
+#if defined MBEDTLS_AESNI_C
+#define POLARSSL_AESNI_C MBEDTLS_AESNI_C
+#endif
+#if defined MBEDTLS_AES_ALT
+#define POLARSSL_AES_ALT MBEDTLS_AES_ALT
+#endif
+#if defined MBEDTLS_AES_C
+#define POLARSSL_AES_C MBEDTLS_AES_C
+#endif
+#if defined MBEDTLS_AES_ROM_TABLES
+#define POLARSSL_AES_ROM_TABLES MBEDTLS_AES_ROM_TABLES
+#endif
+#if defined MBEDTLS_ARC4_ALT
+#define POLARSSL_ARC4_ALT MBEDTLS_ARC4_ALT
+#endif
+#if defined MBEDTLS_ARC4_C
+#define POLARSSL_ARC4_C MBEDTLS_ARC4_C
+#endif
+#if defined MBEDTLS_ASN1_PARSE_C
+#define POLARSSL_ASN1_PARSE_C MBEDTLS_ASN1_PARSE_C
+#endif
+#if defined MBEDTLS_ASN1_WRITE_C
+#define POLARSSL_ASN1_WRITE_C MBEDTLS_ASN1_WRITE_C
+#endif
+#if defined MBEDTLS_BASE64_C
+#define POLARSSL_BASE64_C MBEDTLS_BASE64_C
+#endif
+#if defined MBEDTLS_BIGNUM_C
+#define POLARSSL_BIGNUM_C MBEDTLS_BIGNUM_C
+#endif
+#if defined MBEDTLS_BLOWFISH_ALT
+#define POLARSSL_BLOWFISH_ALT MBEDTLS_BLOWFISH_ALT
+#endif
+#if defined MBEDTLS_BLOWFISH_C
+#define POLARSSL_BLOWFISH_C MBEDTLS_BLOWFISH_C
+#endif
+#if defined MBEDTLS_CAMELLIA_ALT
+#define POLARSSL_CAMELLIA_ALT MBEDTLS_CAMELLIA_ALT
+#endif
+#if defined MBEDTLS_CAMELLIA_C
+#define POLARSSL_CAMELLIA_C MBEDTLS_CAMELLIA_C
+#endif
+#if defined MBEDTLS_CAMELLIA_SMALL_MEMORY
+#define POLARSSL_CAMELLIA_SMALL_MEMORY MBEDTLS_CAMELLIA_SMALL_MEMORY
+#endif
+#if defined MBEDTLS_CCM_C
+#define POLARSSL_CCM_C MBEDTLS_CCM_C
+#endif
+#if defined MBEDTLS_CERTS_C
+#define POLARSSL_CERTS_C MBEDTLS_CERTS_C
+#endif
+#if defined MBEDTLS_CIPHER_C
+#define POLARSSL_CIPHER_C MBEDTLS_CIPHER_C
+#endif
+#if defined MBEDTLS_CIPHER_MODE_CBC
+#define POLARSSL_CIPHER_MODE_CBC MBEDTLS_CIPHER_MODE_CBC
+#endif
+#if defined MBEDTLS_CIPHER_MODE_CFB
+#define POLARSSL_CIPHER_MODE_CFB MBEDTLS_CIPHER_MODE_CFB
+#endif
+#if defined MBEDTLS_CIPHER_MODE_CTR
+#define POLARSSL_CIPHER_MODE_CTR MBEDTLS_CIPHER_MODE_CTR
+#endif
+#if defined MBEDTLS_CIPHER_NULL_CIPHER
+#define POLARSSL_CIPHER_NULL_CIPHER MBEDTLS_CIPHER_NULL_CIPHER
+#endif
+#if defined MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
+#define POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
+#endif
+#if defined MBEDTLS_CIPHER_PADDING_PKCS7
+#define POLARSSL_CIPHER_PADDING_PKCS7 MBEDTLS_CIPHER_PADDING_PKCS7
+#endif
+#if defined MBEDTLS_CIPHER_PADDING_ZEROS
+#define POLARSSL_CIPHER_PADDING_ZEROS MBEDTLS_CIPHER_PADDING_ZEROS
+#endif
+#if defined MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
+#define POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
+#endif
+#if defined MBEDTLS_CTR_DRBG_C
+#define POLARSSL_CTR_DRBG_C MBEDTLS_CTR_DRBG_C
+#endif
+#if defined MBEDTLS_DEBUG_C
+#define POLARSSL_DEBUG_C MBEDTLS_DEBUG_C
+#endif
+#if defined MBEDTLS_DEPRECATED_REMOVED
+#define POLARSSL_DEPRECATED_REMOVED MBEDTLS_DEPRECATED_REMOVED
+#endif
+#if defined MBEDTLS_DEPRECATED_WARNING
+#define POLARSSL_DEPRECATED_WARNING MBEDTLS_DEPRECATED_WARNING
+#endif
+#if defined MBEDTLS_DES_ALT
+#define POLARSSL_DES_ALT MBEDTLS_DES_ALT
+#endif
+#if defined MBEDTLS_DES_C
+#define POLARSSL_DES_C MBEDTLS_DES_C
+#endif
+#if defined MBEDTLS_DHM_C
+#define POLARSSL_DHM_C MBEDTLS_DHM_C
+#endif
+#if defined MBEDTLS_ECDH_C
+#define POLARSSL_ECDH_C MBEDTLS_ECDH_C
+#endif
+#if defined MBEDTLS_ECDSA_C
+#define POLARSSL_ECDSA_C MBEDTLS_ECDSA_C
+#endif
+#if defined MBEDTLS_ECDSA_DETERMINISTIC
+#define POLARSSL_ECDSA_DETERMINISTIC MBEDTLS_ECDSA_DETERMINISTIC
+#endif
+#if defined MBEDTLS_ECP_C
+#define POLARSSL_ECP_C MBEDTLS_ECP_C
+#endif
+#if defined MBEDTLS_ECP_DP_BP256R1_ENABLED
+#define POLARSSL_ECP_DP_BP256R1_ENABLED MBEDTLS_ECP_DP_BP256R1_ENABLED
+#endif
+#if defined MBEDTLS_ECP_DP_BP384R1_ENABLED
+#define POLARSSL_ECP_DP_BP384R1_ENABLED MBEDTLS_ECP_DP_BP384R1_ENABLED
+#endif
+#if defined MBEDTLS_ECP_DP_BP512R1_ENABLED
+#define POLARSSL_ECP_DP_BP512R1_ENABLED MBEDTLS_ECP_DP_BP512R1_ENABLED
+#endif
+#if defined MBEDTLS_ECP_DP_CURVE25519_ENABLED
+#define POLARSSL_ECP_DP_M255_ENABLED MBEDTLS_ECP_DP_CURVE25519_ENABLED
+#endif
+#if defined MBEDTLS_ECP_DP_SECP192K1_ENABLED
+#define POLARSSL_ECP_DP_SECP192K1_ENABLED MBEDTLS_ECP_DP_SECP192K1_ENABLED
+#endif
+#if defined MBEDTLS_ECP_DP_SECP192R1_ENABLED
+#define POLARSSL_ECP_DP_SECP192R1_ENABLED MBEDTLS_ECP_DP_SECP192R1_ENABLED
+#endif
+#if defined MBEDTLS_ECP_DP_SECP224K1_ENABLED
+#define POLARSSL_ECP_DP_SECP224K1_ENABLED MBEDTLS_ECP_DP_SECP224K1_ENABLED
+#endif
+#if defined MBEDTLS_ECP_DP_SECP224R1_ENABLED
+#define POLARSSL_ECP_DP_SECP224R1_ENABLED MBEDTLS_ECP_DP_SECP224R1_ENABLED
+#endif
+#if defined MBEDTLS_ECP_DP_SECP256K1_ENABLED
+#define POLARSSL_ECP_DP_SECP256K1_ENABLED MBEDTLS_ECP_DP_SECP256K1_ENABLED
+#endif
+#if defined MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#define POLARSSL_ECP_DP_SECP256R1_ENABLED MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#endif
+#if defined MBEDTLS_ECP_DP_SECP384R1_ENABLED
+#define POLARSSL_ECP_DP_SECP384R1_ENABLED MBEDTLS_ECP_DP_SECP384R1_ENABLED
+#endif
+#if defined MBEDTLS_ECP_DP_SECP521R1_ENABLED
+#define POLARSSL_ECP_DP_SECP521R1_ENABLED MBEDTLS_ECP_DP_SECP521R1_ENABLED
+#endif
+#if defined MBEDTLS_ECP_FIXED_POINT_OPTIM
+#define POLARSSL_ECP_FIXED_POINT_OPTIM MBEDTLS_ECP_FIXED_POINT_OPTIM
+#endif
+#if defined MBEDTLS_ECP_MAX_BITS
+#define POLARSSL_ECP_MAX_BITS MBEDTLS_ECP_MAX_BITS
+#endif
+#if defined MBEDTLS_ECP_NIST_OPTIM
+#define POLARSSL_ECP_NIST_OPTIM MBEDTLS_ECP_NIST_OPTIM
+#endif
+#if defined MBEDTLS_ECP_WINDOW_SIZE
+#define POLARSSL_ECP_WINDOW_SIZE MBEDTLS_ECP_WINDOW_SIZE
+#endif
+#if defined MBEDTLS_ENABLE_WEAK_CIPHERSUITES
+#define POLARSSL_ENABLE_WEAK_CIPHERSUITES MBEDTLS_ENABLE_WEAK_CIPHERSUITES
+#endif
+#if defined MBEDTLS_ENTROPY_C
+#define POLARSSL_ENTROPY_C MBEDTLS_ENTROPY_C
+#endif
+#if defined MBEDTLS_ENTROPY_FORCE_SHA256
+#define POLARSSL_ENTROPY_FORCE_SHA256 MBEDTLS_ENTROPY_FORCE_SHA256
+#endif
+#if defined MBEDTLS_ERROR_C
+#define POLARSSL_ERROR_C MBEDTLS_ERROR_C
+#endif
+#if defined MBEDTLS_ERROR_STRERROR_DUMMY
+#define POLARSSL_ERROR_STRERROR_DUMMY MBEDTLS_ERROR_STRERROR_DUMMY
+#endif
+#if defined MBEDTLS_FS_IO
+#define POLARSSL_FS_IO MBEDTLS_FS_IO
+#endif
+#if defined MBEDTLS_GCM_C
+#define POLARSSL_GCM_C MBEDTLS_GCM_C
+#endif
+#if defined MBEDTLS_GENPRIME
+#define POLARSSL_GENPRIME MBEDTLS_GENPRIME
+#endif
+#if defined MBEDTLS_HAVEGE_C
+#define POLARSSL_HAVEGE_C MBEDTLS_HAVEGE_C
+#endif
+#if defined MBEDTLS_HAVE_ASM
+#define POLARSSL_HAVE_ASM MBEDTLS_HAVE_ASM
+#endif
+#if defined MBEDTLS_HAVE_SSE2
+#define POLARSSL_HAVE_SSE2 MBEDTLS_HAVE_SSE2
+#endif
+#if defined MBEDTLS_HAVE_TIME
+#define POLARSSL_HAVE_TIME MBEDTLS_HAVE_TIME
+#endif
+#if defined MBEDTLS_HMAC_DRBG_C
+#define POLARSSL_HMAC_DRBG_C MBEDTLS_HMAC_DRBG_C
+#endif
+#if defined MBEDTLS_HMAC_DRBG_MAX_INPUT
+#define POLARSSL_HMAC_DRBG_MAX_INPUT MBEDTLS_HMAC_DRBG_MAX_INPUT
+#endif
+#if defined MBEDTLS_HMAC_DRBG_MAX_REQUEST
+#define POLARSSL_HMAC_DRBG_MAX_REQUEST MBEDTLS_HMAC_DRBG_MAX_REQUEST
+#endif
+#if defined MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT
+#define POLARSSL_HMAC_DRBG_MAX_SEED_INPUT MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT
+#endif
+#if defined MBEDTLS_HMAC_DRBG_RESEED_INTERVAL
+#define POLARSSL_HMAC_DRBG_RESEED_INTERVAL MBEDTLS_HMAC_DRBG_RESEED_INTERVAL
+#endif
+#if defined MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
+#define POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
+#endif
+#if defined MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
+#define POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
+#endif
+#if defined MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+#define POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+#endif
+#if defined MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+#define POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+#endif
+#if defined MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+#define POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+#endif
+#if defined MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+#define POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+#endif
+#if defined MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
+#define POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
+#endif
+#if defined MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+#define POLARSSL_KEY_EXCHANGE_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+#endif
+#if defined MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+#define POLARSSL_KEY_EXCHANGE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+#endif
+#if defined MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
+#define POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
+#endif
+#if defined MBEDTLS_MD2_ALT
+#define POLARSSL_MD2_ALT MBEDTLS_MD2_ALT
+#endif
+#if defined MBEDTLS_MD2_C
+#define POLARSSL_MD2_C MBEDTLS_MD2_C
+#endif
+#if defined MBEDTLS_MD2_PROCESS_ALT
+#define POLARSSL_MD2_PROCESS_ALT MBEDTLS_MD2_PROCESS_ALT
+#endif
+#if defined MBEDTLS_MD4_ALT
+#define POLARSSL_MD4_ALT MBEDTLS_MD4_ALT
+#endif
+#if defined MBEDTLS_MD4_C
+#define POLARSSL_MD4_C MBEDTLS_MD4_C
+#endif
+#if defined MBEDTLS_MD4_PROCESS_ALT
+#define POLARSSL_MD4_PROCESS_ALT MBEDTLS_MD4_PROCESS_ALT
+#endif
+#if defined MBEDTLS_MD5_ALT
+#define POLARSSL_MD5_ALT MBEDTLS_MD5_ALT
+#endif
+#if defined MBEDTLS_MD5_C
+#define POLARSSL_MD5_C MBEDTLS_MD5_C
+#endif
+#if defined MBEDTLS_MD5_PROCESS_ALT
+#define POLARSSL_MD5_PROCESS_ALT MBEDTLS_MD5_PROCESS_ALT
+#endif
+#if defined MBEDTLS_MD_C
+#define POLARSSL_MD_C MBEDTLS_MD_C
+#endif
+#if defined MBEDTLS_MEMORY_ALIGN_MULTIPLE
+#define POLARSSL_MEMORY_ALIGN_MULTIPLE MBEDTLS_MEMORY_ALIGN_MULTIPLE
+#endif
+#if defined MBEDTLS_MEMORY_BACKTRACE
+#define POLARSSL_MEMORY_BACKTRACE MBEDTLS_MEMORY_BACKTRACE
+#endif
+#if defined MBEDTLS_MEMORY_BUFFER_ALLOC_C
+#define POLARSSL_MEMORY_BUFFER_ALLOC_C MBEDTLS_MEMORY_BUFFER_ALLOC_C
+#endif
+#if defined MBEDTLS_MEMORY_DEBUG
+#define POLARSSL_MEMORY_DEBUG MBEDTLS_MEMORY_DEBUG
+#endif
+#if defined MBEDTLS_MPI_MAX_SIZE
+#define POLARSSL_MPI_MAX_SIZE MBEDTLS_MPI_MAX_SIZE
+#endif
+#if defined MBEDTLS_MPI_WINDOW_SIZE
+#define POLARSSL_MPI_WINDOW_SIZE MBEDTLS_MPI_WINDOW_SIZE
+#endif
+#if defined MBEDTLS_NET_C
+#define POLARSSL_NET_C MBEDTLS_NET_C
+#endif
+#if defined MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+#define POLARSSL_NO_DEFAULT_ENTROPY_SOURCES MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+#endif
+#if defined MBEDTLS_NO_PLATFORM_ENTROPY
+#define POLARSSL_NO_PLATFORM_ENTROPY MBEDTLS_NO_PLATFORM_ENTROPY
+#endif
+#if defined MBEDTLS_OID_C
+#define POLARSSL_OID_C MBEDTLS_OID_C
+#endif
+#if defined MBEDTLS_PADLOCK_C
+#define POLARSSL_PADLOCK_C MBEDTLS_PADLOCK_C
+#endif
+#if defined MBEDTLS_PEM_PARSE_C
+#define POLARSSL_PEM_PARSE_C MBEDTLS_PEM_PARSE_C
+#endif
+#if defined MBEDTLS_PEM_WRITE_C
+#define POLARSSL_PEM_WRITE_C MBEDTLS_PEM_WRITE_C
+#endif
+#if defined MBEDTLS_PKCS11_C
+#define POLARSSL_PKCS11_C MBEDTLS_PKCS11_C
+#endif
+#if defined MBEDTLS_PKCS12_C
+#define POLARSSL_PKCS12_C MBEDTLS_PKCS12_C
+#endif
+#if defined MBEDTLS_PKCS1_V15
+#define POLARSSL_PKCS1_V15 MBEDTLS_PKCS1_V15
+#endif
+#if defined MBEDTLS_PKCS1_V21
+#define POLARSSL_PKCS1_V21 MBEDTLS_PKCS1_V21
+#endif
+#if defined MBEDTLS_PKCS5_C
+#define POLARSSL_PKCS5_C MBEDTLS_PKCS5_C
+#endif
+#if defined MBEDTLS_PK_C
+#define POLARSSL_PK_C MBEDTLS_PK_C
+#endif
+#if defined MBEDTLS_PK_PARSE_C
+#define POLARSSL_PK_PARSE_C MBEDTLS_PK_PARSE_C
+#endif
+#if defined MBEDTLS_PK_PARSE_EC_EXTENDED
+#define POLARSSL_PK_PARSE_EC_EXTENDED MBEDTLS_PK_PARSE_EC_EXTENDED
+#endif
+#if defined MBEDTLS_PK_RSA_ALT_SUPPORT
+#define POLARSSL_PK_RSA_ALT_SUPPORT MBEDTLS_PK_RSA_ALT_SUPPORT
+#endif
+#if defined MBEDTLS_PK_WRITE_C
+#define POLARSSL_PK_WRITE_C MBEDTLS_PK_WRITE_C
+#endif
+#if defined MBEDTLS_PLATFORM_C
+#define POLARSSL_PLATFORM_C MBEDTLS_PLATFORM_C
+#endif
+#if defined MBEDTLS_PLATFORM_EXIT_ALT
+#define POLARSSL_PLATFORM_EXIT_ALT MBEDTLS_PLATFORM_EXIT_ALT
+#endif
+#if defined MBEDTLS_PLATFORM_EXIT_MACRO
+#define POLARSSL_PLATFORM_EXIT_MACRO MBEDTLS_PLATFORM_EXIT_MACRO
+#endif
+#if defined MBEDTLS_PLATFORM_FPRINTF_ALT
+#define POLARSSL_PLATFORM_FPRINTF_ALT MBEDTLS_PLATFORM_FPRINTF_ALT
+#endif
+#if defined MBEDTLS_PLATFORM_FPRINTF_MACRO
+#define POLARSSL_PLATFORM_FPRINTF_MACRO MBEDTLS_PLATFORM_FPRINTF_MACRO
+#endif
+#if defined MBEDTLS_PLATFORM_FREE_MACRO
+#define POLARSSL_PLATFORM_FREE_MACRO MBEDTLS_PLATFORM_FREE_MACRO
+#endif
+#if defined MBEDTLS_PLATFORM_MEMORY
+#define POLARSSL_PLATFORM_MEMORY MBEDTLS_PLATFORM_MEMORY
+#endif
+#if defined MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+#define POLARSSL_PLATFORM_NO_STD_FUNCTIONS MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+#endif
+#if defined MBEDTLS_PLATFORM_PRINTF_ALT
+#define POLARSSL_PLATFORM_PRINTF_ALT MBEDTLS_PLATFORM_PRINTF_ALT
+#endif
+#if defined MBEDTLS_PLATFORM_PRINTF_MACRO
+#define POLARSSL_PLATFORM_PRINTF_MACRO MBEDTLS_PLATFORM_PRINTF_MACRO
+#endif
+#if defined MBEDTLS_PLATFORM_SNPRINTF_ALT
+#define POLARSSL_PLATFORM_SNPRINTF_ALT MBEDTLS_PLATFORM_SNPRINTF_ALT
+#endif
+#if defined MBEDTLS_PLATFORM_SNPRINTF_MACRO
+#define POLARSSL_PLATFORM_SNPRINTF_MACRO MBEDTLS_PLATFORM_SNPRINTF_MACRO
+#endif
+#if defined MBEDTLS_PLATFORM_STD_EXIT
+#define POLARSSL_PLATFORM_STD_EXIT MBEDTLS_PLATFORM_STD_EXIT
+#endif
+#if defined MBEDTLS_PLATFORM_STD_FPRINTF
+#define POLARSSL_PLATFORM_STD_FPRINTF MBEDTLS_PLATFORM_STD_FPRINTF
+#endif
+#if defined MBEDTLS_PLATFORM_STD_FREE
+#define POLARSSL_PLATFORM_STD_FREE MBEDTLS_PLATFORM_STD_FREE
+#endif
+#if defined MBEDTLS_PLATFORM_STD_MEM_HDR
+#define POLARSSL_PLATFORM_STD_MEM_HDR MBEDTLS_PLATFORM_STD_MEM_HDR
+#endif
+#if defined MBEDTLS_PLATFORM_STD_PRINTF
+#define POLARSSL_PLATFORM_STD_PRINTF MBEDTLS_PLATFORM_STD_PRINTF
+#endif
+#if defined MBEDTLS_PLATFORM_STD_SNPRINTF
+#define POLARSSL_PLATFORM_STD_SNPRINTF MBEDTLS_PLATFORM_STD_SNPRINTF
+#endif
+#if defined MBEDTLS_PSK_MAX_LEN
+#define POLARSSL_PSK_MAX_LEN MBEDTLS_PSK_MAX_LEN
+#endif
+#if defined MBEDTLS_REMOVE_ARC4_CIPHERSUITES
+#define POLARSSL_REMOVE_ARC4_CIPHERSUITES MBEDTLS_REMOVE_ARC4_CIPHERSUITES
+#endif
+#if defined MBEDTLS_RIPEMD160_ALT
+#define POLARSSL_RIPEMD160_ALT MBEDTLS_RIPEMD160_ALT
+#endif
+#if defined MBEDTLS_RIPEMD160_C
+#define POLARSSL_RIPEMD160_C MBEDTLS_RIPEMD160_C
+#endif
+#if defined MBEDTLS_RIPEMD160_PROCESS_ALT
+#define POLARSSL_RIPEMD160_PROCESS_ALT MBEDTLS_RIPEMD160_PROCESS_ALT
+#endif
+#if defined MBEDTLS_RSA_C
+#define POLARSSL_RSA_C MBEDTLS_RSA_C
+#endif
+#if defined MBEDTLS_RSA_NO_CRT
+#define POLARSSL_RSA_NO_CRT MBEDTLS_RSA_NO_CRT
+#endif
+#if defined MBEDTLS_SELF_TEST
+#define POLARSSL_SELF_TEST MBEDTLS_SELF_TEST
+#endif
+#if defined MBEDTLS_SHA1_ALT
+#define POLARSSL_SHA1_ALT MBEDTLS_SHA1_ALT
+#endif
+#if defined MBEDTLS_SHA1_C
+#define POLARSSL_SHA1_C MBEDTLS_SHA1_C
+#endif
+#if defined MBEDTLS_SHA1_PROCESS_ALT
+#define POLARSSL_SHA1_PROCESS_ALT MBEDTLS_SHA1_PROCESS_ALT
+#endif
+#if defined MBEDTLS_SHA256_ALT
+#define POLARSSL_SHA256_ALT MBEDTLS_SHA256_ALT
+#endif
+#if defined MBEDTLS_SHA256_C
+#define POLARSSL_SHA256_C MBEDTLS_SHA256_C
+#endif
+#if defined MBEDTLS_SHA256_PROCESS_ALT
+#define POLARSSL_SHA256_PROCESS_ALT MBEDTLS_SHA256_PROCESS_ALT
+#endif
+#if defined MBEDTLS_SHA512_ALT
+#define POLARSSL_SHA512_ALT MBEDTLS_SHA512_ALT
+#endif
+#if defined MBEDTLS_SHA512_C
+#define POLARSSL_SHA512_C MBEDTLS_SHA512_C
+#endif
+#if defined MBEDTLS_SHA512_PROCESS_ALT
+#define POLARSSL_SHA512_PROCESS_ALT MBEDTLS_SHA512_PROCESS_ALT
+#endif
+#if defined MBEDTLS_SSL_ALL_ALERT_MESSAGES
+#define POLARSSL_SSL_ALL_ALERT_MESSAGES MBEDTLS_SSL_ALL_ALERT_MESSAGES
+#endif
+#if defined MBEDTLS_SSL_ALPN
+#define POLARSSL_SSL_ALPN MBEDTLS_SSL_ALPN
+#endif
+#if defined MBEDTLS_SSL_CACHE_C
+#define POLARSSL_SSL_CACHE_C MBEDTLS_SSL_CACHE_C
+#endif
+#if defined MBEDTLS_SSL_CBC_RECORD_SPLITTING
+#define POLARSSL_SSL_CBC_RECORD_SPLITTING MBEDTLS_SSL_CBC_RECORD_SPLITTING
+#endif
+#if defined MBEDTLS_SSL_CLI_C
+#define POLARSSL_SSL_CLI_C MBEDTLS_SSL_CLI_C
+#endif
+#if defined MBEDTLS_SSL_COOKIE_C
+#define POLARSSL_SSL_COOKIE_C MBEDTLS_SSL_COOKIE_C
+#endif
+#if defined MBEDTLS_SSL_COOKIE_TIMEOUT
+#define POLARSSL_SSL_COOKIE_TIMEOUT MBEDTLS_SSL_COOKIE_TIMEOUT
+#endif
+#if defined MBEDTLS_SSL_DEBUG_ALL
+#define POLARSSL_SSL_DEBUG_ALL MBEDTLS_SSL_DEBUG_ALL
+#endif
+#if defined MBEDTLS_SSL_DTLS_ANTI_REPLAY
+#define POLARSSL_SSL_DTLS_ANTI_REPLAY MBEDTLS_SSL_DTLS_ANTI_REPLAY
+#endif
+#if defined MBEDTLS_SSL_DTLS_BADMAC_LIMIT
+#define POLARSSL_SSL_DTLS_BADMAC_LIMIT MBEDTLS_SSL_DTLS_BADMAC_LIMIT
+#endif
+#if defined MBEDTLS_SSL_DTLS_HELLO_VERIFY
+#define POLARSSL_SSL_DTLS_HELLO_VERIFY MBEDTLS_SSL_DTLS_HELLO_VERIFY
+#endif
+#if defined MBEDTLS_SSL_ENCRYPT_THEN_MAC
+#define POLARSSL_SSL_ENCRYPT_THEN_MAC MBEDTLS_SSL_ENCRYPT_THEN_MAC
+#endif
+#if defined MBEDTLS_SSL_EXTENDED_MASTER_SECRET
+#define POLARSSL_SSL_EXTENDED_MASTER_SECRET MBEDTLS_SSL_EXTENDED_MASTER_SECRET
+#endif
+#if defined MBEDTLS_SSL_FALLBACK_SCSV
+#define POLARSSL_SSL_FALLBACK_SCSV MBEDTLS_SSL_FALLBACK_SCSV
+#endif
+#if defined MBEDTLS_SSL_HW_RECORD_ACCEL
+#define POLARSSL_SSL_HW_RECORD_ACCEL MBEDTLS_SSL_HW_RECORD_ACCEL
+#endif
+#if defined MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+#define POLARSSL_SSL_MAX_FRAGMENT_LENGTH MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+#endif
+#if defined MBEDTLS_SSL_PROTO_DTLS
+#define POLARSSL_SSL_PROTO_DTLS MBEDTLS_SSL_PROTO_DTLS
+#endif
+#if defined MBEDTLS_SSL_PROTO_SSL3
+#define POLARSSL_SSL_PROTO_SSL3 MBEDTLS_SSL_PROTO_SSL3
+#endif
+#if defined MBEDTLS_SSL_PROTO_TLS1
+#define POLARSSL_SSL_PROTO_TLS1 MBEDTLS_SSL_PROTO_TLS1
+#endif
+#if defined MBEDTLS_SSL_PROTO_TLS1_1
+#define POLARSSL_SSL_PROTO_TLS1_1 MBEDTLS_SSL_PROTO_TLS1_1
+#endif
+#if defined MBEDTLS_SSL_PROTO_TLS1_2
+#define POLARSSL_SSL_PROTO_TLS1_2 MBEDTLS_SSL_PROTO_TLS1_2
+#endif
+#if defined MBEDTLS_SSL_RENEGOTIATION
+#define POLARSSL_SSL_RENEGOTIATION MBEDTLS_SSL_RENEGOTIATION
+#endif
+#if defined MBEDTLS_SSL_SERVER_NAME_INDICATION
+#define POLARSSL_SSL_SERVER_NAME_INDICATION MBEDTLS_SSL_SERVER_NAME_INDICATION
+#endif
+#if defined MBEDTLS_SSL_SESSION_TICKETS
+#define POLARSSL_SSL_SESSION_TICKETS MBEDTLS_SSL_SESSION_TICKETS
+#endif
+#if defined MBEDTLS_SSL_SRV_C
+#define POLARSSL_SSL_SRV_C MBEDTLS_SSL_SRV_C
+#endif
+#if defined MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
+#define POLARSSL_SSL_SRV_RESPECT_CLIENT_PREFERENCE MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
+#endif
+#if defined MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
+#define POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
+#endif
+#if defined MBEDTLS_SSL_TLS_C
+#define POLARSSL_SSL_TLS_C MBEDTLS_SSL_TLS_C
+#endif
+#if defined MBEDTLS_SSL_TRUNCATED_HMAC
+#define POLARSSL_SSL_TRUNCATED_HMAC MBEDTLS_SSL_TRUNCATED_HMAC
+#endif
+#if defined MBEDTLS_THREADING_ALT
+#define POLARSSL_THREADING_ALT MBEDTLS_THREADING_ALT
+#endif
+#if defined MBEDTLS_THREADING_C
+#define POLARSSL_THREADING_C MBEDTLS_THREADING_C
+#endif
+#if defined MBEDTLS_THREADING_PTHREAD
+#define POLARSSL_THREADING_PTHREAD MBEDTLS_THREADING_PTHREAD
+#endif
+#if defined MBEDTLS_TIMING_ALT
+#define POLARSSL_TIMING_ALT MBEDTLS_TIMING_ALT
+#endif
+#if defined MBEDTLS_TIMING_C
+#define POLARSSL_TIMING_C MBEDTLS_TIMING_C
+#endif
+#if defined MBEDTLS_VERSION_C
+#define POLARSSL_VERSION_C MBEDTLS_VERSION_C
+#endif
+#if defined MBEDTLS_VERSION_FEATURES
+#define POLARSSL_VERSION_FEATURES MBEDTLS_VERSION_FEATURES
+#endif
+#if defined MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
+#define POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3 MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
+#endif
+#if defined MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
+#define POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
+#endif
+#if defined MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
+#define POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
+#endif
+#if defined MBEDTLS_X509_CHECK_KEY_USAGE
+#define POLARSSL_X509_CHECK_KEY_USAGE MBEDTLS_X509_CHECK_KEY_USAGE
+#endif
+#if defined MBEDTLS_X509_CREATE_C
+#define POLARSSL_X509_CREATE_C MBEDTLS_X509_CREATE_C
+#endif
+#if defined MBEDTLS_X509_CRL_PARSE_C
+#define POLARSSL_X509_CRL_PARSE_C MBEDTLS_X509_CRL_PARSE_C
+#endif
+#if defined MBEDTLS_X509_CRT_PARSE_C
+#define POLARSSL_X509_CRT_PARSE_C MBEDTLS_X509_CRT_PARSE_C
+#endif
+#if defined MBEDTLS_X509_CRT_WRITE_C
+#define POLARSSL_X509_CRT_WRITE_C MBEDTLS_X509_CRT_WRITE_C
+#endif
+#if defined MBEDTLS_X509_CSR_PARSE_C
+#define POLARSSL_X509_CSR_PARSE_C MBEDTLS_X509_CSR_PARSE_C
+#endif
+#if defined MBEDTLS_X509_CSR_WRITE_C
+#define POLARSSL_X509_CSR_WRITE_C MBEDTLS_X509_CSR_WRITE_C
+#endif
+#if defined MBEDTLS_X509_MAX_INTERMEDIATE_CA
+#define POLARSSL_X509_MAX_INTERMEDIATE_CA MBEDTLS_X509_MAX_INTERMEDIATE_CA
+#endif
+#if defined MBEDTLS_X509_RSASSA_PSS_SUPPORT
+#define POLARSSL_X509_RSASSA_PSS_SUPPORT MBEDTLS_X509_RSASSA_PSS_SUPPORT
+#endif
+#if defined MBEDTLS_X509_USE_C
+#define POLARSSL_X509_USE_C MBEDTLS_X509_USE_C
+#endif
+#if defined MBEDTLS_XTEA_ALT
+#define POLARSSL_XTEA_ALT MBEDTLS_XTEA_ALT
+#endif
+#if defined MBEDTLS_XTEA_C
+#define POLARSSL_XTEA_C MBEDTLS_XTEA_C
+#endif
+#if defined MBEDTLS_ZLIB_SUPPORT
+#define POLARSSL_ZLIB_SUPPORT MBEDTLS_ZLIB_SUPPORT
+#endif
+
+/*
+ * Misc names (macros, types, functions, enum constants...)
+ */
+#define AES_DECRYPT MBEDTLS_AES_DECRYPT
+#define AES_ENCRYPT MBEDTLS_AES_ENCRYPT
+#define ASN1_BIT_STRING MBEDTLS_ASN1_BIT_STRING
+#define ASN1_BMP_STRING MBEDTLS_ASN1_BMP_STRING
+#define ASN1_BOOLEAN MBEDTLS_ASN1_BOOLEAN
+#define ASN1_CHK_ADD MBEDTLS_ASN1_CHK_ADD
+#define ASN1_CONSTRUCTED MBEDTLS_ASN1_CONSTRUCTED
+#define ASN1_CONTEXT_SPECIFIC MBEDTLS_ASN1_CONTEXT_SPECIFIC
+#define ASN1_GENERALIZED_TIME MBEDTLS_ASN1_GENERALIZED_TIME
+#define ASN1_IA5_STRING MBEDTLS_ASN1_IA5_STRING
+#define ASN1_INTEGER MBEDTLS_ASN1_INTEGER
+#define ASN1_NULL MBEDTLS_ASN1_NULL
+#define ASN1_OCTET_STRING MBEDTLS_ASN1_OCTET_STRING
+#define ASN1_OID MBEDTLS_ASN1_OID
+#define ASN1_PRIMITIVE MBEDTLS_ASN1_PRIMITIVE
+#define ASN1_PRINTABLE_STRING MBEDTLS_ASN1_PRINTABLE_STRING
+#define ASN1_SEQUENCE MBEDTLS_ASN1_SEQUENCE
+#define ASN1_SET MBEDTLS_ASN1_SET
+#define ASN1_T61_STRING MBEDTLS_ASN1_T61_STRING
+#define ASN1_UNIVERSAL_STRING MBEDTLS_ASN1_UNIVERSAL_STRING
+#define ASN1_UTC_TIME MBEDTLS_ASN1_UTC_TIME
+#define ASN1_UTF8_STRING MBEDTLS_ASN1_UTF8_STRING
+#define BADCERT_CN_MISMATCH MBEDTLS_X509_BADCERT_CN_MISMATCH
+#define BADCERT_EXPIRED MBEDTLS_X509_BADCERT_EXPIRED
+#define BADCERT_FUTURE MBEDTLS_X509_BADCERT_FUTURE
+#define BADCERT_MISSING MBEDTLS_X509_BADCERT_MISSING
+#define BADCERT_NOT_TRUSTED MBEDTLS_X509_BADCERT_NOT_TRUSTED
+#define BADCERT_OTHER MBEDTLS_X509_BADCERT_OTHER
+#define BADCERT_REVOKED MBEDTLS_X509_BADCERT_REVOKED
+#define BADCERT_SKIP_VERIFY MBEDTLS_X509_BADCERT_SKIP_VERIFY
+#define BADCRL_EXPIRED MBEDTLS_X509_BADCRL_EXPIRED
+#define BADCRL_FUTURE MBEDTLS_X509_BADCRL_FUTURE
+#define BADCRL_NOT_TRUSTED MBEDTLS_X509_BADCRL_NOT_TRUSTED
+#define BLOWFISH_BLOCKSIZE MBEDTLS_BLOWFISH_BLOCKSIZE
+#define BLOWFISH_DECRYPT MBEDTLS_BLOWFISH_DECRYPT
+#define BLOWFISH_ENCRYPT MBEDTLS_BLOWFISH_ENCRYPT
+#define BLOWFISH_MAX_KEY MBEDTLS_BLOWFISH_MAX_KEY_BITS
+#define BLOWFISH_MIN_KEY MBEDTLS_BLOWFISH_MIN_KEY_BITS
+#define BLOWFISH_ROUNDS MBEDTLS_BLOWFISH_ROUNDS
+#define CAMELLIA_DECRYPT MBEDTLS_CAMELLIA_DECRYPT
+#define CAMELLIA_ENCRYPT MBEDTLS_CAMELLIA_ENCRYPT
+#define COLLECT_SIZE MBEDTLS_HAVEGE_COLLECT_SIZE
+#define CTR_DRBG_BLOCKSIZE MBEDTLS_CTR_DRBG_BLOCKSIZE
+#define CTR_DRBG_ENTROPY_LEN MBEDTLS_CTR_DRBG_ENTROPY_LEN
+#define CTR_DRBG_KEYBITS MBEDTLS_CTR_DRBG_KEYBITS
+#define CTR_DRBG_KEYSIZE MBEDTLS_CTR_DRBG_KEYSIZE
+#define CTR_DRBG_MAX_INPUT MBEDTLS_CTR_DRBG_MAX_INPUT
+#define CTR_DRBG_MAX_REQUEST MBEDTLS_CTR_DRBG_MAX_REQUEST
+#define CTR_DRBG_MAX_SEED_INPUT MBEDTLS_CTR_DRBG_MAX_SEED_INPUT
+#define CTR_DRBG_PR_OFF MBEDTLS_CTR_DRBG_PR_OFF
+#define CTR_DRBG_PR_ON MBEDTLS_CTR_DRBG_PR_ON
+#define CTR_DRBG_RESEED_INTERVAL MBEDTLS_CTR_DRBG_RESEED_INTERVAL
+#define CTR_DRBG_SEEDLEN MBEDTLS_CTR_DRBG_SEEDLEN
+#define DEPRECATED MBEDTLS_DEPRECATED
+#define DES_DECRYPT MBEDTLS_DES_DECRYPT
+#define DES_ENCRYPT MBEDTLS_DES_ENCRYPT
+#define DES_KEY_SIZE MBEDTLS_DES_KEY_SIZE
+#define ENTROPY_BLOCK_SIZE MBEDTLS_ENTROPY_BLOCK_SIZE
+#define ENTROPY_MAX_GATHER MBEDTLS_ENTROPY_MAX_GATHER
+#define ENTROPY_MAX_SEED_SIZE MBEDTLS_ENTROPY_MAX_SEED_SIZE
+#define ENTROPY_MAX_SOURCES MBEDTLS_ENTROPY_MAX_SOURCES
+#define ENTROPY_MIN_HARDCLOCK MBEDTLS_ENTROPY_MIN_HARDCLOCK
+#define ENTROPY_MIN_HAVEGE MBEDTLS_ENTROPY_MIN_HAVEGE
+#define ENTROPY_MIN_PLATFORM MBEDTLS_ENTROPY_MIN_PLATFORM
+#define ENTROPY_SOURCE_MANUAL MBEDTLS_ENTROPY_SOURCE_MANUAL
+#define EXT_AUTHORITY_KEY_IDENTIFIER MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER
+#define EXT_BASIC_CONSTRAINTS MBEDTLS_X509_EXT_BASIC_CONSTRAINTS
+#define EXT_CERTIFICATE_POLICIES MBEDTLS_X509_EXT_CERTIFICATE_POLICIES
+#define EXT_CRL_DISTRIBUTION_POINTS MBEDTLS_X509_EXT_CRL_DISTRIBUTION_POINTS
+#define EXT_EXTENDED_KEY_USAGE MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE
+#define EXT_FRESHEST_CRL MBEDTLS_X509_EXT_FRESHEST_CRL
+#define EXT_INIHIBIT_ANYPOLICY MBEDTLS_X509_EXT_INIHIBIT_ANYPOLICY
+#define EXT_ISSUER_ALT_NAME MBEDTLS_X509_EXT_ISSUER_ALT_NAME
+#define EXT_KEY_USAGE MBEDTLS_X509_EXT_KEY_USAGE
+#define EXT_NAME_CONSTRAINTS MBEDTLS_X509_EXT_NAME_CONSTRAINTS
+#define EXT_NS_CERT_TYPE MBEDTLS_X509_EXT_NS_CERT_TYPE
+#define EXT_POLICY_CONSTRAINTS MBEDTLS_X509_EXT_POLICY_CONSTRAINTS
+#define EXT_POLICY_MAPPINGS MBEDTLS_X509_EXT_POLICY_MAPPINGS
+#define EXT_SUBJECT_ALT_NAME MBEDTLS_X509_EXT_SUBJECT_ALT_NAME
+#define EXT_SUBJECT_DIRECTORY_ATTRS MBEDTLS_X509_EXT_SUBJECT_DIRECTORY_ATTRS
+#define EXT_SUBJECT_KEY_IDENTIFIER MBEDTLS_X509_EXT_SUBJECT_KEY_IDENTIFIER
+#define GCM_DECRYPT MBEDTLS_GCM_DECRYPT
+#define GCM_ENCRYPT MBEDTLS_GCM_ENCRYPT
+#define KU_CRL_SIGN MBEDTLS_X509_KU_CRL_SIGN
+#define KU_DATA_ENCIPHERMENT MBEDTLS_X509_KU_DATA_ENCIPHERMENT
+#define KU_DIGITAL_SIGNATURE MBEDTLS_X509_KU_DIGITAL_SIGNATURE
+#define KU_KEY_AGREEMENT MBEDTLS_X509_KU_KEY_AGREEMENT
+#define KU_KEY_CERT_SIGN MBEDTLS_X509_KU_KEY_CERT_SIGN
+#define KU_KEY_ENCIPHERMENT MBEDTLS_X509_KU_KEY_ENCIPHERMENT
+#define KU_NON_REPUDIATION MBEDTLS_X509_KU_NON_REPUDIATION
+#define LN_2_DIV_LN_10_SCALE100 MBEDTLS_LN_2_DIV_LN_10_SCALE100
+#define MEMORY_VERIFY_ALLOC MBEDTLS_MEMORY_VERIFY_ALLOC
+#define MEMORY_VERIFY_ALWAYS MBEDTLS_MEMORY_VERIFY_ALWAYS
+#define MEMORY_VERIFY_FREE MBEDTLS_MEMORY_VERIFY_FREE
+#define MEMORY_VERIFY_NONE MBEDTLS_MEMORY_VERIFY_NONE
+#define MPI_CHK MBEDTLS_MPI_CHK
+#define NET_PROTO_TCP MBEDTLS_NET_PROTO_TCP
+#define NET_PROTO_UDP MBEDTLS_NET_PROTO_UDP
+#define NS_CERT_TYPE_EMAIL MBEDTLS_X509_NS_CERT_TYPE_EMAIL
+#define NS_CERT_TYPE_EMAIL_CA MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA
+#define NS_CERT_TYPE_OBJECT_SIGNING MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING
+#define NS_CERT_TYPE_OBJECT_SIGNING_CA MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA
+#define NS_CERT_TYPE_RESERVED MBEDTLS_X509_NS_CERT_TYPE_RESERVED
+#define NS_CERT_TYPE_SSL_CA MBEDTLS_X509_NS_CERT_TYPE_SSL_CA
+#define NS_CERT_TYPE_SSL_CLIENT MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT
+#define NS_CERT_TYPE_SSL_SERVER MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER
+#define OID_ANSI_X9_62 MBEDTLS_OID_ANSI_X9_62
+#define OID_ANSI_X9_62_FIELD_TYPE MBEDTLS_OID_ANSI_X9_62_FIELD_TYPE
+#define OID_ANSI_X9_62_PRIME_FIELD MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD
+#define OID_ANSI_X9_62_SIG MBEDTLS_OID_ANSI_X9_62_SIG
+#define OID_ANSI_X9_62_SIG_SHA2 MBEDTLS_OID_ANSI_X9_62_SIG_SHA2
+#define OID_ANY_EXTENDED_KEY_USAGE MBEDTLS_OID_ANY_EXTENDED_KEY_USAGE
+#define OID_AT MBEDTLS_OID_AT
+#define OID_AT_CN MBEDTLS_OID_AT_CN
+#define OID_AT_COUNTRY MBEDTLS_OID_AT_COUNTRY
+#define OID_AT_DN_QUALIFIER MBEDTLS_OID_AT_DN_QUALIFIER
+#define OID_AT_GENERATION_QUALIFIER MBEDTLS_OID_AT_GENERATION_QUALIFIER
+#define OID_AT_GIVEN_NAME MBEDTLS_OID_AT_GIVEN_NAME
+#define OID_AT_INITIALS MBEDTLS_OID_AT_INITIALS
+#define OID_AT_LOCALITY MBEDTLS_OID_AT_LOCALITY
+#define OID_AT_ORGANIZATION MBEDTLS_OID_AT_ORGANIZATION
+#define OID_AT_ORG_UNIT MBEDTLS_OID_AT_ORG_UNIT
+#define OID_AT_POSTAL_ADDRESS MBEDTLS_OID_AT_POSTAL_ADDRESS
+#define OID_AT_POSTAL_CODE MBEDTLS_OID_AT_POSTAL_CODE
+#define OID_AT_PSEUDONYM MBEDTLS_OID_AT_PSEUDONYM
+#define OID_AT_SERIAL_NUMBER MBEDTLS_OID_AT_SERIAL_NUMBER
+#define OID_AT_STATE MBEDTLS_OID_AT_STATE
+#define OID_AT_SUR_NAME MBEDTLS_OID_AT_SUR_NAME
+#define OID_AT_TITLE MBEDTLS_OID_AT_TITLE
+#define OID_AT_UNIQUE_IDENTIFIER MBEDTLS_OID_AT_UNIQUE_IDENTIFIER
+#define OID_AUTHORITY_KEY_IDENTIFIER MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER
+#define OID_BASIC_CONSTRAINTS MBEDTLS_OID_BASIC_CONSTRAINTS
+#define OID_CERTICOM MBEDTLS_OID_CERTICOM
+#define OID_CERTIFICATE_POLICIES MBEDTLS_OID_CERTIFICATE_POLICIES
+#define OID_CLIENT_AUTH MBEDTLS_OID_CLIENT_AUTH
+#define OID_CMP MBEDTLS_OID_CMP
+#define OID_CODE_SIGNING MBEDTLS_OID_CODE_SIGNING
+#define OID_COUNTRY_US MBEDTLS_OID_COUNTRY_US
+#define OID_CRL_DISTRIBUTION_POINTS MBEDTLS_OID_CRL_DISTRIBUTION_POINTS
+#define OID_CRL_NUMBER MBEDTLS_OID_CRL_NUMBER
+#define OID_DES_CBC MBEDTLS_OID_DES_CBC
+#define OID_DES_EDE3_CBC MBEDTLS_OID_DES_EDE3_CBC
+#define OID_DIGEST_ALG_MD2 MBEDTLS_OID_DIGEST_ALG_MD2
+#define OID_DIGEST_ALG_MD4 MBEDTLS_OID_DIGEST_ALG_MD4
+#define OID_DIGEST_ALG_MD5 MBEDTLS_OID_DIGEST_ALG_MD5
+#define OID_DIGEST_ALG_SHA1 MBEDTLS_OID_DIGEST_ALG_SHA1
+#define OID_DIGEST_ALG_SHA224 MBEDTLS_OID_DIGEST_ALG_SHA224
+#define OID_DIGEST_ALG_SHA256 MBEDTLS_OID_DIGEST_ALG_SHA256
+#define OID_DIGEST_ALG_SHA384 MBEDTLS_OID_DIGEST_ALG_SHA384
+#define OID_DIGEST_ALG_SHA512 MBEDTLS_OID_DIGEST_ALG_SHA512
+#define OID_DOMAIN_COMPONENT MBEDTLS_OID_DOMAIN_COMPONENT
+#define OID_ECDSA_SHA1 MBEDTLS_OID_ECDSA_SHA1
+#define OID_ECDSA_SHA224 MBEDTLS_OID_ECDSA_SHA224
+#define OID_ECDSA_SHA256 MBEDTLS_OID_ECDSA_SHA256
+#define OID_ECDSA_SHA384 MBEDTLS_OID_ECDSA_SHA384
+#define OID_ECDSA_SHA512 MBEDTLS_OID_ECDSA_SHA512
+#define OID_EC_ALG_ECDH MBEDTLS_OID_EC_ALG_ECDH
+#define OID_EC_ALG_UNRESTRICTED MBEDTLS_OID_EC_ALG_UNRESTRICTED
+#define OID_EC_BRAINPOOL_V1 MBEDTLS_OID_EC_BRAINPOOL_V1
+#define OID_EC_GRP_BP256R1 MBEDTLS_OID_EC_GRP_BP256R1
+#define OID_EC_GRP_BP384R1 MBEDTLS_OID_EC_GRP_BP384R1
+#define OID_EC_GRP_BP512R1 MBEDTLS_OID_EC_GRP_BP512R1
+#define OID_EC_GRP_SECP192K1 MBEDTLS_OID_EC_GRP_SECP192K1
+#define OID_EC_GRP_SECP192R1 MBEDTLS_OID_EC_GRP_SECP192R1
+#define OID_EC_GRP_SECP224K1 MBEDTLS_OID_EC_GRP_SECP224K1
+#define OID_EC_GRP_SECP224R1 MBEDTLS_OID_EC_GRP_SECP224R1
+#define OID_EC_GRP_SECP256K1 MBEDTLS_OID_EC_GRP_SECP256K1
+#define OID_EC_GRP_SECP256R1 MBEDTLS_OID_EC_GRP_SECP256R1
+#define OID_EC_GRP_SECP384R1 MBEDTLS_OID_EC_GRP_SECP384R1
+#define OID_EC_GRP_SECP521R1 MBEDTLS_OID_EC_GRP_SECP521R1
+#define OID_EMAIL_PROTECTION MBEDTLS_OID_EMAIL_PROTECTION
+#define OID_EXTENDED_KEY_USAGE MBEDTLS_OID_EXTENDED_KEY_USAGE
+#define OID_FRESHEST_CRL MBEDTLS_OID_FRESHEST_CRL
+#define OID_GOV MBEDTLS_OID_GOV
+#define OID_HMAC_SHA1 MBEDTLS_OID_HMAC_SHA1
+#define OID_ID_CE MBEDTLS_OID_ID_CE
+#define OID_INIHIBIT_ANYPOLICY MBEDTLS_OID_INIHIBIT_ANYPOLICY
+#define OID_ISO_CCITT_DS MBEDTLS_OID_ISO_CCITT_DS
+#define OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ISO_IDENTIFIED_ORG
+#define OID_ISO_ITU_COUNTRY MBEDTLS_OID_ISO_ITU_COUNTRY
+#define OID_ISO_ITU_US_ORG MBEDTLS_OID_ISO_ITU_US_ORG
+#define OID_ISO_MEMBER_BODIES MBEDTLS_OID_ISO_MEMBER_BODIES
+#define OID_ISSUER_ALT_NAME MBEDTLS_OID_ISSUER_ALT_NAME
+#define OID_KEY_USAGE MBEDTLS_OID_KEY_USAGE
+#define OID_KP MBEDTLS_OID_KP
+#define OID_MGF1 MBEDTLS_OID_MGF1
+#define OID_NAME_CONSTRAINTS MBEDTLS_OID_NAME_CONSTRAINTS
+#define OID_NETSCAPE MBEDTLS_OID_NETSCAPE
+#define OID_NS_BASE_URL MBEDTLS_OID_NS_BASE_URL
+#define OID_NS_CA_POLICY_URL MBEDTLS_OID_NS_CA_POLICY_URL
+#define OID_NS_CA_REVOCATION_URL MBEDTLS_OID_NS_CA_REVOCATION_URL
+#define OID_NS_CERT MBEDTLS_OID_NS_CERT
+#define OID_NS_CERT_SEQUENCE MBEDTLS_OID_NS_CERT_SEQUENCE
+#define OID_NS_CERT_TYPE MBEDTLS_OID_NS_CERT_TYPE
+#define OID_NS_COMMENT MBEDTLS_OID_NS_COMMENT
+#define OID_NS_DATA_TYPE MBEDTLS_OID_NS_DATA_TYPE
+#define OID_NS_RENEWAL_URL MBEDTLS_OID_NS_RENEWAL_URL
+#define OID_NS_REVOCATION_URL MBEDTLS_OID_NS_REVOCATION_URL
+#define OID_NS_SSL_SERVER_NAME MBEDTLS_OID_NS_SSL_SERVER_NAME
+#define OID_OCSP_SIGNING MBEDTLS_OID_OCSP_SIGNING
+#define OID_OIW_SECSIG MBEDTLS_OID_OIW_SECSIG
+#define OID_OIW_SECSIG_ALG MBEDTLS_OID_OIW_SECSIG_ALG
+#define OID_OIW_SECSIG_SHA1 MBEDTLS_OID_OIW_SECSIG_SHA1
+#define OID_ORGANIZATION MBEDTLS_OID_ORGANIZATION
+#define OID_ORG_ANSI_X9_62 MBEDTLS_OID_ORG_ANSI_X9_62
+#define OID_ORG_CERTICOM MBEDTLS_OID_ORG_CERTICOM
+#define OID_ORG_DOD MBEDTLS_OID_ORG_DOD
+#define OID_ORG_GOV MBEDTLS_OID_ORG_GOV
+#define OID_ORG_NETSCAPE MBEDTLS_OID_ORG_NETSCAPE
+#define OID_ORG_OIW MBEDTLS_OID_ORG_OIW
+#define OID_ORG_RSA_DATA_SECURITY MBEDTLS_OID_ORG_RSA_DATA_SECURITY
+#define OID_ORG_TELETRUST MBEDTLS_OID_ORG_TELETRUST
+#define OID_PKCS MBEDTLS_OID_PKCS
+#define OID_PKCS1 MBEDTLS_OID_PKCS1
+#define OID_PKCS12 MBEDTLS_OID_PKCS12
+#define OID_PKCS12_PBE MBEDTLS_OID_PKCS12_PBE
+#define OID_PKCS12_PBE_SHA1_DES2_EDE_CBC MBEDTLS_OID_PKCS12_PBE_SHA1_DES2_EDE_CBC
+#define OID_PKCS12_PBE_SHA1_DES3_EDE_CBC MBEDTLS_OID_PKCS12_PBE_SHA1_DES3_EDE_CBC
+#define OID_PKCS12_PBE_SHA1_RC2_128_CBC MBEDTLS_OID_PKCS12_PBE_SHA1_RC2_128_CBC
+#define OID_PKCS12_PBE_SHA1_RC2_40_CBC MBEDTLS_OID_PKCS12_PBE_SHA1_RC2_40_CBC
+#define OID_PKCS12_PBE_SHA1_RC4_128 MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_128
+#define OID_PKCS12_PBE_SHA1_RC4_40 MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_40
+#define OID_PKCS1_MD2 MBEDTLS_OID_PKCS1_MD2
+#define OID_PKCS1_MD4 MBEDTLS_OID_PKCS1_MD4
+#define OID_PKCS1_MD5 MBEDTLS_OID_PKCS1_MD5
+#define OID_PKCS1_RSA MBEDTLS_OID_PKCS1_RSA
+#define OID_PKCS1_SHA1 MBEDTLS_OID_PKCS1_SHA1
+#define OID_PKCS1_SHA224 MBEDTLS_OID_PKCS1_SHA224
+#define OID_PKCS1_SHA256 MBEDTLS_OID_PKCS1_SHA256
+#define OID_PKCS1_SHA384 MBEDTLS_OID_PKCS1_SHA384
+#define OID_PKCS1_SHA512 MBEDTLS_OID_PKCS1_SHA512
+#define OID_PKCS5 MBEDTLS_OID_PKCS5
+#define OID_PKCS5_PBES2 MBEDTLS_OID_PKCS5_PBES2
+#define OID_PKCS5_PBE_MD2_DES_CBC MBEDTLS_OID_PKCS5_PBE_MD2_DES_CBC
+#define OID_PKCS5_PBE_MD2_RC2_CBC MBEDTLS_OID_PKCS5_PBE_MD2_RC2_CBC
+#define OID_PKCS5_PBE_MD5_DES_CBC MBEDTLS_OID_PKCS5_PBE_MD5_DES_CBC
+#define OID_PKCS5_PBE_MD5_RC2_CBC MBEDTLS_OID_PKCS5_PBE_MD5_RC2_CBC
+#define OID_PKCS5_PBE_SHA1_DES_CBC MBEDTLS_OID_PKCS5_PBE_SHA1_DES_CBC
+#define OID_PKCS5_PBE_SHA1_RC2_CBC MBEDTLS_OID_PKCS5_PBE_SHA1_RC2_CBC
+#define OID_PKCS5_PBKDF2 MBEDTLS_OID_PKCS5_PBKDF2
+#define OID_PKCS5_PBMAC1 MBEDTLS_OID_PKCS5_PBMAC1
+#define OID_PKCS9 MBEDTLS_OID_PKCS9
+#define OID_PKCS9_CSR_EXT_REQ MBEDTLS_OID_PKCS9_CSR_EXT_REQ
+#define OID_PKCS9_EMAIL MBEDTLS_OID_PKCS9_EMAIL
+#define OID_PKIX MBEDTLS_OID_PKIX
+#define OID_POLICY_CONSTRAINTS MBEDTLS_OID_POLICY_CONSTRAINTS
+#define OID_POLICY_MAPPINGS MBEDTLS_OID_POLICY_MAPPINGS
+#define OID_PRIVATE_KEY_USAGE_PERIOD MBEDTLS_OID_PRIVATE_KEY_USAGE_PERIOD
+#define OID_RSASSA_PSS MBEDTLS_OID_RSASSA_PSS
+#define OID_RSA_COMPANY MBEDTLS_OID_RSA_COMPANY
+#define OID_RSA_SHA_OBS MBEDTLS_OID_RSA_SHA_OBS
+#define OID_SERVER_AUTH MBEDTLS_OID_SERVER_AUTH
+#define OID_SIZE MBEDTLS_OID_SIZE
+#define OID_SUBJECT_ALT_NAME MBEDTLS_OID_SUBJECT_ALT_NAME
+#define OID_SUBJECT_DIRECTORY_ATTRS MBEDTLS_OID_SUBJECT_DIRECTORY_ATTRS
+#define OID_SUBJECT_KEY_IDENTIFIER MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER
+#define OID_TELETRUST MBEDTLS_OID_TELETRUST
+#define OID_TIME_STAMPING MBEDTLS_OID_TIME_STAMPING
+#define PADLOCK_ACE MBEDTLS_PADLOCK_ACE
+#define PADLOCK_ALIGN16 MBEDTLS_PADLOCK_ALIGN16
+#define PADLOCK_PHE MBEDTLS_PADLOCK_PHE
+#define PADLOCK_PMM MBEDTLS_PADLOCK_PMM
+#define PADLOCK_RNG MBEDTLS_PADLOCK_RNG
+#define PKCS12_DERIVE_IV MBEDTLS_PKCS12_DERIVE_IV
+#define PKCS12_DERIVE_KEY MBEDTLS_PKCS12_DERIVE_KEY
+#define PKCS12_DERIVE_MAC_KEY MBEDTLS_PKCS12_DERIVE_MAC_KEY
+#define PKCS12_PBE_DECRYPT MBEDTLS_PKCS12_PBE_DECRYPT
+#define PKCS12_PBE_ENCRYPT MBEDTLS_PKCS12_PBE_ENCRYPT
+#define PKCS5_DECRYPT MBEDTLS_PKCS5_DECRYPT
+#define PKCS5_ENCRYPT MBEDTLS_PKCS5_ENCRYPT
+#define POLARSSL_AESNI_AES MBEDTLS_AESNI_AES
+#define POLARSSL_AESNI_CLMUL MBEDTLS_AESNI_CLMUL
+#define POLARSSL_AESNI_H MBEDTLS_AESNI_H
+#define POLARSSL_AES_H MBEDTLS_AES_H
+#define POLARSSL_ARC4_H MBEDTLS_ARC4_H
+#define POLARSSL_ASN1_H MBEDTLS_ASN1_H
+#define POLARSSL_ASN1_WRITE_H MBEDTLS_ASN1_WRITE_H
+#define POLARSSL_BASE64_H MBEDTLS_BASE64_H
+#define POLARSSL_BIGNUM_H MBEDTLS_BIGNUM_H
+#define POLARSSL_BLOWFISH_H MBEDTLS_BLOWFISH_H
+#define POLARSSL_BN_MUL_H MBEDTLS_BN_MUL_H
+#define POLARSSL_CAMELLIA_H MBEDTLS_CAMELLIA_H
+#define POLARSSL_CCM_H MBEDTLS_CCM_H
+#define POLARSSL_CERTS_H MBEDTLS_CERTS_H
+#define POLARSSL_CHECK_CONFIG_H MBEDTLS_CHECK_CONFIG_H
+#define POLARSSL_CIPHERSUITE_NODTLS MBEDTLS_CIPHERSUITE_NODTLS
+#define POLARSSL_CIPHERSUITE_SHORT_TAG MBEDTLS_CIPHERSUITE_SHORT_TAG
+#define POLARSSL_CIPHERSUITE_WEAK MBEDTLS_CIPHERSUITE_WEAK
+#define POLARSSL_CIPHER_AES_128_CBC MBEDTLS_CIPHER_AES_128_CBC
+#define POLARSSL_CIPHER_AES_128_CCM MBEDTLS_CIPHER_AES_128_CCM
+#define POLARSSL_CIPHER_AES_128_CFB128 MBEDTLS_CIPHER_AES_128_CFB128
+#define POLARSSL_CIPHER_AES_128_CTR MBEDTLS_CIPHER_AES_128_CTR
+#define POLARSSL_CIPHER_AES_128_ECB MBEDTLS_CIPHER_AES_128_ECB
+#define POLARSSL_CIPHER_AES_128_GCM MBEDTLS_CIPHER_AES_128_GCM
+#define POLARSSL_CIPHER_AES_192_CBC MBEDTLS_CIPHER_AES_192_CBC
+#define POLARSSL_CIPHER_AES_192_CCM MBEDTLS_CIPHER_AES_192_CCM
+#define POLARSSL_CIPHER_AES_192_CFB128 MBEDTLS_CIPHER_AES_192_CFB128
+#define POLARSSL_CIPHER_AES_192_CTR MBEDTLS_CIPHER_AES_192_CTR
+#define POLARSSL_CIPHER_AES_192_ECB MBEDTLS_CIPHER_AES_192_ECB
+#define POLARSSL_CIPHER_AES_192_GCM MBEDTLS_CIPHER_AES_192_GCM
+#define POLARSSL_CIPHER_AES_256_CBC MBEDTLS_CIPHER_AES_256_CBC
+#define POLARSSL_CIPHER_AES_256_CCM MBEDTLS_CIPHER_AES_256_CCM
+#define POLARSSL_CIPHER_AES_256_CFB128 MBEDTLS_CIPHER_AES_256_CFB128
+#define POLARSSL_CIPHER_AES_256_CTR MBEDTLS_CIPHER_AES_256_CTR
+#define POLARSSL_CIPHER_AES_256_ECB MBEDTLS_CIPHER_AES_256_ECB
+#define POLARSSL_CIPHER_AES_256_GCM MBEDTLS_CIPHER_AES_256_GCM
+#define POLARSSL_CIPHER_ARC4_128 MBEDTLS_CIPHER_ARC4_128
+#define POLARSSL_CIPHER_BLOWFISH_CBC MBEDTLS_CIPHER_BLOWFISH_CBC
+#define POLARSSL_CIPHER_BLOWFISH_CFB64 MBEDTLS_CIPHER_BLOWFISH_CFB64
+#define POLARSSL_CIPHER_BLOWFISH_CTR MBEDTLS_CIPHER_BLOWFISH_CTR
+#define POLARSSL_CIPHER_BLOWFISH_ECB MBEDTLS_CIPHER_BLOWFISH_ECB
+#define POLARSSL_CIPHER_CAMELLIA_128_CBC MBEDTLS_CIPHER_CAMELLIA_128_CBC
+#define POLARSSL_CIPHER_CAMELLIA_128_CCM MBEDTLS_CIPHER_CAMELLIA_128_CCM
+#define POLARSSL_CIPHER_CAMELLIA_128_CFB128 MBEDTLS_CIPHER_CAMELLIA_128_CFB128
+#define POLARSSL_CIPHER_CAMELLIA_128_CTR MBEDTLS_CIPHER_CAMELLIA_128_CTR
+#define POLARSSL_CIPHER_CAMELLIA_128_ECB MBEDTLS_CIPHER_CAMELLIA_128_ECB
+#define POLARSSL_CIPHER_CAMELLIA_128_GCM MBEDTLS_CIPHER_CAMELLIA_128_GCM
+#define POLARSSL_CIPHER_CAMELLIA_192_CBC MBEDTLS_CIPHER_CAMELLIA_192_CBC
+#define POLARSSL_CIPHER_CAMELLIA_192_CCM MBEDTLS_CIPHER_CAMELLIA_192_CCM
+#define POLARSSL_CIPHER_CAMELLIA_192_CFB128 MBEDTLS_CIPHER_CAMELLIA_192_CFB128
+#define POLARSSL_CIPHER_CAMELLIA_192_CTR MBEDTLS_CIPHER_CAMELLIA_192_CTR
+#define POLARSSL_CIPHER_CAMELLIA_192_ECB MBEDTLS_CIPHER_CAMELLIA_192_ECB
+#define POLARSSL_CIPHER_CAMELLIA_192_GCM MBEDTLS_CIPHER_CAMELLIA_192_GCM
+#define POLARSSL_CIPHER_CAMELLIA_256_CBC MBEDTLS_CIPHER_CAMELLIA_256_CBC
+#define POLARSSL_CIPHER_CAMELLIA_256_CCM MBEDTLS_CIPHER_CAMELLIA_256_CCM
+#define POLARSSL_CIPHER_CAMELLIA_256_CFB128 MBEDTLS_CIPHER_CAMELLIA_256_CFB128
+#define POLARSSL_CIPHER_CAMELLIA_256_CTR MBEDTLS_CIPHER_CAMELLIA_256_CTR
+#define POLARSSL_CIPHER_CAMELLIA_256_ECB MBEDTLS_CIPHER_CAMELLIA_256_ECB
+#define POLARSSL_CIPHER_CAMELLIA_256_GCM MBEDTLS_CIPHER_CAMELLIA_256_GCM
+#define POLARSSL_CIPHER_DES_CBC MBEDTLS_CIPHER_DES_CBC
+#define POLARSSL_CIPHER_DES_ECB MBEDTLS_CIPHER_DES_ECB
+#define POLARSSL_CIPHER_DES_EDE3_CBC MBEDTLS_CIPHER_DES_EDE3_CBC
+#define POLARSSL_CIPHER_DES_EDE3_ECB MBEDTLS_CIPHER_DES_EDE3_ECB
+#define POLARSSL_CIPHER_DES_EDE_CBC MBEDTLS_CIPHER_DES_EDE_CBC
+#define POLARSSL_CIPHER_DES_EDE_ECB MBEDTLS_CIPHER_DES_EDE_ECB
+#define POLARSSL_CIPHER_H MBEDTLS_CIPHER_H
+#define POLARSSL_CIPHER_ID_3DES MBEDTLS_CIPHER_ID_3DES
+#define POLARSSL_CIPHER_ID_AES MBEDTLS_CIPHER_ID_AES
+#define POLARSSL_CIPHER_ID_ARC4 MBEDTLS_CIPHER_ID_ARC4
+#define POLARSSL_CIPHER_ID_BLOWFISH MBEDTLS_CIPHER_ID_BLOWFISH
+#define POLARSSL_CIPHER_ID_CAMELLIA MBEDTLS_CIPHER_ID_CAMELLIA
+#define POLARSSL_CIPHER_ID_DES MBEDTLS_CIPHER_ID_DES
+#define POLARSSL_CIPHER_ID_NONE MBEDTLS_CIPHER_ID_NONE
+#define POLARSSL_CIPHER_ID_NULL MBEDTLS_CIPHER_ID_NULL
+#define POLARSSL_CIPHER_MODE_AEAD MBEDTLS_CIPHER_MODE_AEAD
+#define POLARSSL_CIPHER_MODE_STREAM MBEDTLS_CIPHER_MODE_STREAM
+#define POLARSSL_CIPHER_MODE_WITH_PADDING MBEDTLS_CIPHER_MODE_WITH_PADDING
+#define POLARSSL_CIPHER_NONE MBEDTLS_CIPHER_NONE
+#define POLARSSL_CIPHER_NULL MBEDTLS_CIPHER_NULL
+#define POLARSSL_CIPHER_VARIABLE_IV_LEN MBEDTLS_CIPHER_VARIABLE_IV_LEN
+#define POLARSSL_CIPHER_VARIABLE_KEY_LEN MBEDTLS_CIPHER_VARIABLE_KEY_LEN
+#define POLARSSL_CIPHER_WRAP_H MBEDTLS_CIPHER_WRAP_H
+#define POLARSSL_CONFIG_H MBEDTLS_CONFIG_H
+#define POLARSSL_CTR_DRBG_H MBEDTLS_CTR_DRBG_H
+#define POLARSSL_DEBUG_H MBEDTLS_DEBUG_H
+#define POLARSSL_DECRYPT MBEDTLS_DECRYPT
+#define POLARSSL_DES_H MBEDTLS_DES_H
+#define POLARSSL_DHM_H MBEDTLS_DHM_H
+#define POLARSSL_DHM_RFC3526_MODP_2048_G MBEDTLS_DHM_RFC3526_MODP_2048_G
+#define POLARSSL_DHM_RFC3526_MODP_2048_P MBEDTLS_DHM_RFC3526_MODP_2048_P
+#define POLARSSL_DHM_RFC3526_MODP_3072_G MBEDTLS_DHM_RFC3526_MODP_3072_G
+#define POLARSSL_DHM_RFC3526_MODP_3072_P MBEDTLS_DHM_RFC3526_MODP_3072_P
+#define POLARSSL_DHM_RFC5114_MODP_2048_G MBEDTLS_DHM_RFC5114_MODP_2048_G
+#define POLARSSL_DHM_RFC5114_MODP_2048_P MBEDTLS_DHM_RFC5114_MODP_2048_P
+#define POLARSSL_ECDH_H MBEDTLS_ECDH_H
+#define POLARSSL_ECDH_OURS MBEDTLS_ECDH_OURS
+#define POLARSSL_ECDH_THEIRS MBEDTLS_ECDH_THEIRS
+#define POLARSSL_ECDSA_H MBEDTLS_ECDSA_H
+#define POLARSSL_ECP_DP_BP256R1 MBEDTLS_ECP_DP_BP256R1
+#define POLARSSL_ECP_DP_BP384R1 MBEDTLS_ECP_DP_BP384R1
+#define POLARSSL_ECP_DP_BP512R1 MBEDTLS_ECP_DP_BP512R1
+#define POLARSSL_ECP_DP_M255 MBEDTLS_ECP_DP_CURVE25519
+#define POLARSSL_ECP_DP_MAX MBEDTLS_ECP_DP_MAX
+#define POLARSSL_ECP_DP_NONE MBEDTLS_ECP_DP_NONE
+#define POLARSSL_ECP_DP_SECP192K1 MBEDTLS_ECP_DP_SECP192K1
+#define POLARSSL_ECP_DP_SECP192R1 MBEDTLS_ECP_DP_SECP192R1
+#define POLARSSL_ECP_DP_SECP224K1 MBEDTLS_ECP_DP_SECP224K1
+#define POLARSSL_ECP_DP_SECP224R1 MBEDTLS_ECP_DP_SECP224R1
+#define POLARSSL_ECP_DP_SECP256K1 MBEDTLS_ECP_DP_SECP256K1
+#define POLARSSL_ECP_DP_SECP256R1 MBEDTLS_ECP_DP_SECP256R1
+#define POLARSSL_ECP_DP_SECP384R1 MBEDTLS_ECP_DP_SECP384R1
+#define POLARSSL_ECP_DP_SECP521R1 MBEDTLS_ECP_DP_SECP521R1
+#define POLARSSL_ECP_H MBEDTLS_ECP_H
+#define POLARSSL_ECP_MAX_BYTES MBEDTLS_ECP_MAX_BYTES
+#define POLARSSL_ECP_MAX_PT_LEN MBEDTLS_ECP_MAX_PT_LEN
+#define POLARSSL_ECP_PF_COMPRESSED MBEDTLS_ECP_PF_COMPRESSED
+#define POLARSSL_ECP_PF_UNCOMPRESSED MBEDTLS_ECP_PF_UNCOMPRESSED
+#define POLARSSL_ECP_TLS_NAMED_CURVE MBEDTLS_ECP_TLS_NAMED_CURVE
+#define POLARSSL_ENCRYPT MBEDTLS_ENCRYPT
+#define POLARSSL_ENTROPY_H MBEDTLS_ENTROPY_H
+#define POLARSSL_ENTROPY_POLL_H MBEDTLS_ENTROPY_POLL_H
+#define POLARSSL_ENTROPY_SHA256_ACCUMULATOR MBEDTLS_ENTROPY_SHA256_ACCUMULATOR
+#define POLARSSL_ENTROPY_SHA512_ACCUMULATOR MBEDTLS_ENTROPY_SHA512_ACCUMULATOR
+#define POLARSSL_ERROR_H MBEDTLS_ERROR_H
+#define POLARSSL_ERR_AES_INVALID_INPUT_LENGTH MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
+#define POLARSSL_ERR_AES_INVALID_KEY_LENGTH MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
+#define POLARSSL_ERR_ASN1_BUF_TOO_SMALL MBEDTLS_ERR_ASN1_BUF_TOO_SMALL
+#define POLARSSL_ERR_ASN1_INVALID_DATA MBEDTLS_ERR_ASN1_INVALID_DATA
+#define POLARSSL_ERR_ASN1_INVALID_LENGTH MBEDTLS_ERR_ASN1_INVALID_LENGTH
+#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH MBEDTLS_ERR_ASN1_LENGTH_MISMATCH
+#define POLARSSL_ERR_ASN1_MALLOC_FAILED MBEDTLS_ERR_ASN1_ALLOC_FAILED
+#define POLARSSL_ERR_ASN1_OUT_OF_DATA MBEDTLS_ERR_ASN1_OUT_OF_DATA
+#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+#define POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL
+#define POLARSSL_ERR_BASE64_INVALID_CHARACTER MBEDTLS_ERR_BASE64_INVALID_CHARACTER
+#define POLARSSL_ERR_BLOWFISH_INVALID_INPUT_LENGTH MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH
+#define POLARSSL_ERR_BLOWFISH_INVALID_KEY_LENGTH MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH
+#define POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH
+#define POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH
+#define POLARSSL_ERR_CCM_AUTH_FAILED MBEDTLS_ERR_CCM_AUTH_FAILED
+#define POLARSSL_ERR_CCM_BAD_INPUT MBEDTLS_ERR_CCM_BAD_INPUT
+#define POLARSSL_ERR_CIPHER_ALLOC_FAILED MBEDTLS_ERR_CIPHER_ALLOC_FAILED
+#define POLARSSL_ERR_CIPHER_AUTH_FAILED MBEDTLS_ERR_CIPHER_AUTH_FAILED
+#define POLARSSL_ERR_CIPHER_BAD_INPUT_DATA MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+#define POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE
+#define POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
+#define POLARSSL_ERR_CIPHER_INVALID_PADDING MBEDTLS_ERR_CIPHER_INVALID_PADDING
+#define POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED
+#define POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR
+#define POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG
+#define POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG
+#define POLARSSL_ERR_DES_INVALID_INPUT_LENGTH MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH
+#define POLARSSL_ERR_DHM_BAD_INPUT_DATA MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+#define POLARSSL_ERR_DHM_CALC_SECRET_FAILED MBEDTLS_ERR_DHM_CALC_SECRET_FAILED
+#define POLARSSL_ERR_DHM_FILE_IO_ERROR MBEDTLS_ERR_DHM_FILE_IO_ERROR
+#define POLARSSL_ERR_DHM_INVALID_FORMAT MBEDTLS_ERR_DHM_INVALID_FORMAT
+#define POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED
+#define POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED
+#define POLARSSL_ERR_DHM_MALLOC_FAILED MBEDTLS_ERR_DHM_ALLOC_FAILED
+#define POLARSSL_ERR_DHM_READ_PARAMS_FAILED MBEDTLS_ERR_DHM_READ_PARAMS_FAILED
+#define POLARSSL_ERR_DHM_READ_PUBLIC_FAILED MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED
+#define POLARSSL_ERR_ECP_BAD_INPUT_DATA MBEDTLS_ERR_ECP_BAD_INPUT_DATA
+#define POLARSSL_ERR_ECP_BUFFER_TOO_SMALL MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL
+#define POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE
+#define POLARSSL_ERR_ECP_INVALID_KEY MBEDTLS_ERR_ECP_INVALID_KEY
+#define POLARSSL_ERR_ECP_MALLOC_FAILED MBEDTLS_ERR_ECP_ALLOC_FAILED
+#define POLARSSL_ERR_ECP_RANDOM_FAILED MBEDTLS_ERR_ECP_RANDOM_FAILED
+#define POLARSSL_ERR_ECP_SIG_LEN_MISMATCH MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH
+#define POLARSSL_ERR_ECP_VERIFY_FAILED MBEDTLS_ERR_ECP_VERIFY_FAILED
+#define POLARSSL_ERR_ENTROPY_FILE_IO_ERROR MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR
+#define POLARSSL_ERR_ENTROPY_MAX_SOURCES MBEDTLS_ERR_ENTROPY_MAX_SOURCES
+#define POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED
+#define POLARSSL_ERR_ENTROPY_SOURCE_FAILED MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
+#define POLARSSL_ERR_GCM_AUTH_FAILED MBEDTLS_ERR_GCM_AUTH_FAILED
+#define POLARSSL_ERR_GCM_BAD_INPUT MBEDTLS_ERR_GCM_BAD_INPUT
+#define POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
+#define POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR
+#define POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG
+#define POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG
+#define POLARSSL_ERR_MD_ALLOC_FAILED MBEDTLS_ERR_MD_ALLOC_FAILED
+#define POLARSSL_ERR_MD_BAD_INPUT_DATA MBEDTLS_ERR_MD_BAD_INPUT_DATA
+#define POLARSSL_ERR_MD_FEATURE_UNAVAILABLE MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE
+#define POLARSSL_ERR_MD_FILE_IO_ERROR MBEDTLS_ERR_MD_FILE_IO_ERROR
+#define POLARSSL_ERR_MPI_BAD_INPUT_DATA MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+#define POLARSSL_ERR_MPI_BUFFER_TOO_SMALL MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL
+#define POLARSSL_ERR_MPI_DIVISION_BY_ZERO MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+#define POLARSSL_ERR_MPI_FILE_IO_ERROR MBEDTLS_ERR_MPI_FILE_IO_ERROR
+#define POLARSSL_ERR_MPI_INVALID_CHARACTER MBEDTLS_ERR_MPI_INVALID_CHARACTER
+#define POLARSSL_ERR_MPI_MALLOC_FAILED MBEDTLS_ERR_MPI_ALLOC_FAILED
+#define POLARSSL_ERR_MPI_NEGATIVE_VALUE MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+#define POLARSSL_ERR_MPI_NOT_ACCEPTABLE MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
+#define POLARSSL_ERR_NET_ACCEPT_FAILED MBEDTLS_ERR_NET_ACCEPT_FAILED
+#define POLARSSL_ERR_NET_BIND_FAILED MBEDTLS_ERR_NET_BIND_FAILED
+#define POLARSSL_ERR_NET_CONNECT_FAILED MBEDTLS_ERR_NET_CONNECT_FAILED
+#define POLARSSL_ERR_NET_CONN_RESET MBEDTLS_ERR_NET_CONN_RESET
+#define POLARSSL_ERR_NET_LISTEN_FAILED MBEDTLS_ERR_NET_LISTEN_FAILED
+#define POLARSSL_ERR_NET_RECV_FAILED MBEDTLS_ERR_NET_RECV_FAILED
+#define POLARSSL_ERR_NET_SEND_FAILED MBEDTLS_ERR_NET_SEND_FAILED
+#define POLARSSL_ERR_NET_SOCKET_FAILED MBEDTLS_ERR_NET_SOCKET_FAILED
+#define POLARSSL_ERR_NET_TIMEOUT MBEDTLS_ERR_SSL_TIMEOUT
+#define POLARSSL_ERR_NET_UNKNOWN_HOST MBEDTLS_ERR_NET_UNKNOWN_HOST
+#define POLARSSL_ERR_NET_WANT_READ MBEDTLS_ERR_SSL_WANT_READ
+#define POLARSSL_ERR_NET_WANT_WRITE MBEDTLS_ERR_SSL_WANT_WRITE
+#define POLARSSL_ERR_OID_BUF_TOO_SMALL MBEDTLS_ERR_OID_BUF_TOO_SMALL
+#define POLARSSL_ERR_OID_NOT_FOUND MBEDTLS_ERR_OID_NOT_FOUND
+#define POLARSSL_ERR_PADLOCK_DATA_MISALIGNED MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED
+#define POLARSSL_ERR_PEM_BAD_INPUT_DATA MBEDTLS_ERR_PEM_BAD_INPUT_DATA
+#define POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE
+#define POLARSSL_ERR_PEM_INVALID_DATA MBEDTLS_ERR_PEM_INVALID_DATA
+#define POLARSSL_ERR_PEM_INVALID_ENC_IV MBEDTLS_ERR_PEM_INVALID_ENC_IV
+#define POLARSSL_ERR_PEM_MALLOC_FAILED MBEDTLS_ERR_PEM_ALLOC_FAILED
+#define POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT
+#define POLARSSL_ERR_PEM_PASSWORD_MISMATCH MBEDTLS_ERR_PEM_PASSWORD_MISMATCH
+#define POLARSSL_ERR_PEM_PASSWORD_REQUIRED MBEDTLS_ERR_PEM_PASSWORD_REQUIRED
+#define POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG
+#define POLARSSL_ERR_PKCS12_BAD_INPUT_DATA MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA
+#define POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE
+#define POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH
+#define POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT
+#define POLARSSL_ERR_PKCS5_BAD_INPUT_DATA MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA
+#define POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE
+#define POLARSSL_ERR_PKCS5_INVALID_FORMAT MBEDTLS_ERR_PKCS5_INVALID_FORMAT
+#define POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH
+#define POLARSSL_ERR_PK_BAD_INPUT_DATA MBEDTLS_ERR_PK_BAD_INPUT_DATA
+#define POLARSSL_ERR_PK_FEATURE_UNAVAILABLE MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE
+#define POLARSSL_ERR_PK_FILE_IO_ERROR MBEDTLS_ERR_PK_FILE_IO_ERROR
+#define POLARSSL_ERR_PK_INVALID_ALG MBEDTLS_ERR_PK_INVALID_ALG
+#define POLARSSL_ERR_PK_INVALID_PUBKEY MBEDTLS_ERR_PK_INVALID_PUBKEY
+#define POLARSSL_ERR_PK_KEY_INVALID_FORMAT MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
+#define POLARSSL_ERR_PK_KEY_INVALID_VERSION MBEDTLS_ERR_PK_KEY_INVALID_VERSION
+#define POLARSSL_ERR_PK_MALLOC_FAILED MBEDTLS_ERR_PK_ALLOC_FAILED
+#define POLARSSL_ERR_PK_PASSWORD_MISMATCH MBEDTLS_ERR_PK_PASSWORD_MISMATCH
+#define POLARSSL_ERR_PK_PASSWORD_REQUIRED MBEDTLS_ERR_PK_PASSWORD_REQUIRED
+#define POLARSSL_ERR_PK_SIG_LEN_MISMATCH MBEDTLS_ERR_PK_SIG_LEN_MISMATCH
+#define POLARSSL_ERR_PK_TYPE_MISMATCH MBEDTLS_ERR_PK_TYPE_MISMATCH
+#define POLARSSL_ERR_PK_UNKNOWN_NAMED_CURVE MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE
+#define POLARSSL_ERR_PK_UNKNOWN_PK_ALG MBEDTLS_ERR_PK_UNKNOWN_PK_ALG
+#define POLARSSL_ERR_RSA_BAD_INPUT_DATA MBEDTLS_ERR_RSA_BAD_INPUT_DATA
+#define POLARSSL_ERR_RSA_INVALID_PADDING MBEDTLS_ERR_RSA_INVALID_PADDING
+#define POLARSSL_ERR_RSA_KEY_CHECK_FAILED MBEDTLS_ERR_RSA_KEY_CHECK_FAILED
+#define POLARSSL_ERR_RSA_KEY_GEN_FAILED MBEDTLS_ERR_RSA_KEY_GEN_FAILED
+#define POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE
+#define POLARSSL_ERR_RSA_PRIVATE_FAILED MBEDTLS_ERR_RSA_PRIVATE_FAILED
+#define POLARSSL_ERR_RSA_PUBLIC_FAILED MBEDTLS_ERR_RSA_PUBLIC_FAILED
+#define POLARSSL_ERR_RSA_RNG_FAILED MBEDTLS_ERR_RSA_RNG_FAILED
+#define POLARSSL_ERR_RSA_VERIFY_FAILED MBEDTLS_ERR_RSA_VERIFY_FAILED
+#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE
+#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST
+#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY
+#define POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC
+#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO
+#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE
+#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS
+#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP
+#define POLARSSL_ERR_SSL_BAD_HS_FINISHED MBEDTLS_ERR_SSL_BAD_HS_FINISHED
+#define POLARSSL_ERR_SSL_BAD_HS_NEW_SESSION_TICKET MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET
+#define POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION
+#define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO
+#define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE
+#define POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE
+#define POLARSSL_ERR_SSL_BAD_INPUT_DATA MBEDTLS_ERR_SSL_BAD_INPUT_DATA
+#define POLARSSL_ERR_SSL_BUFFER_TOO_SMALL MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL
+#define POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED
+#define POLARSSL_ERR_SSL_CERTIFICATE_REQUIRED MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED
+#define POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE
+#define POLARSSL_ERR_SSL_COMPRESSION_FAILED MBEDTLS_ERR_SSL_COMPRESSION_FAILED
+#define POLARSSL_ERR_SSL_CONN_EOF MBEDTLS_ERR_SSL_CONN_EOF
+#define POLARSSL_ERR_SSL_COUNTER_WRAPPING MBEDTLS_ERR_SSL_COUNTER_WRAPPING
+#define POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE
+#define POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE
+#define POLARSSL_ERR_SSL_HELLO_VERIFY_REQUIRED MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED
+#define POLARSSL_ERR_SSL_HW_ACCEL_FAILED MBEDTLS_ERR_SSL_HW_ACCEL_FAILED
+#define POLARSSL_ERR_SSL_HW_ACCEL_FALLTHROUGH MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH
+#define POLARSSL_ERR_SSL_INTERNAL_ERROR MBEDTLS_ERR_SSL_INTERNAL_ERROR
+#define POLARSSL_ERR_SSL_INVALID_MAC MBEDTLS_ERR_SSL_INVALID_MAC
+#define POLARSSL_ERR_SSL_INVALID_RECORD MBEDTLS_ERR_SSL_INVALID_RECORD
+#define POLARSSL_ERR_SSL_MALLOC_FAILED MBEDTLS_ERR_SSL_ALLOC_FAILED
+#define POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN
+#define POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE
+#define POLARSSL_ERR_SSL_NO_RNG MBEDTLS_ERR_SSL_NO_RNG
+#define POLARSSL_ERR_SSL_NO_USABLE_CIPHERSUITE MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE
+#define POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY
+#define POLARSSL_ERR_SSL_PEER_VERIFY_FAILED MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED
+#define POLARSSL_ERR_SSL_PK_TYPE_MISMATCH MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH
+#define POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED
+#define POLARSSL_ERR_SSL_SESSION_TICKET_EXPIRED MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED
+#define POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE
+#define POLARSSL_ERR_SSL_UNKNOWN_CIPHER MBEDTLS_ERR_SSL_UNKNOWN_CIPHER
+#define POLARSSL_ERR_SSL_UNKNOWN_IDENTITY MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY
+#define POLARSSL_ERR_SSL_WAITING_SERVER_HELLO_RENEGO MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO
+#define POLARSSL_ERR_THREADING_BAD_INPUT_DATA MBEDTLS_ERR_THREADING_BAD_INPUT_DATA
+#define POLARSSL_ERR_THREADING_FEATURE_UNAVAILABLE MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE
+#define POLARSSL_ERR_THREADING_MUTEX_ERROR MBEDTLS_ERR_THREADING_MUTEX_ERROR
+#define POLARSSL_ERR_X509_BAD_INPUT_DATA MBEDTLS_ERR_X509_BAD_INPUT_DATA
+#define POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT
+#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED MBEDTLS_ERR_X509_CERT_VERIFY_FAILED
+#define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE
+#define POLARSSL_ERR_X509_FILE_IO_ERROR MBEDTLS_ERR_X509_FILE_IO_ERROR
+#define POLARSSL_ERR_X509_INVALID_ALG MBEDTLS_ERR_X509_INVALID_ALG
+#define POLARSSL_ERR_X509_INVALID_DATE MBEDTLS_ERR_X509_INVALID_DATE
+#define POLARSSL_ERR_X509_INVALID_EXTENSIONS MBEDTLS_ERR_X509_INVALID_EXTENSIONS
+#define POLARSSL_ERR_X509_INVALID_FORMAT MBEDTLS_ERR_X509_INVALID_FORMAT
+#define POLARSSL_ERR_X509_INVALID_NAME MBEDTLS_ERR_X509_INVALID_NAME
+#define POLARSSL_ERR_X509_INVALID_SERIAL MBEDTLS_ERR_X509_INVALID_SERIAL
+#define POLARSSL_ERR_X509_INVALID_SIGNATURE MBEDTLS_ERR_X509_INVALID_SIGNATURE
+#define POLARSSL_ERR_X509_INVALID_VERSION MBEDTLS_ERR_X509_INVALID_VERSION
+#define POLARSSL_ERR_X509_MALLOC_FAILED MBEDTLS_ERR_X509_ALLOC_FAILED
+#define POLARSSL_ERR_X509_SIG_MISMATCH MBEDTLS_ERR_X509_SIG_MISMATCH
+#define POLARSSL_ERR_X509_UNKNOWN_OID MBEDTLS_ERR_X509_UNKNOWN_OID
+#define POLARSSL_ERR_X509_UNKNOWN_SIG_ALG MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG
+#define POLARSSL_ERR_X509_UNKNOWN_VERSION MBEDTLS_ERR_X509_UNKNOWN_VERSION
+#define POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH
+#define POLARSSL_GCM_H MBEDTLS_GCM_H
+#define POLARSSL_HAVEGE_H MBEDTLS_HAVEGE_H
+#define POLARSSL_HAVE_INT32 MBEDTLS_HAVE_INT32
+#define POLARSSL_HAVE_INT64 MBEDTLS_HAVE_INT64
+#define POLARSSL_HAVE_UDBL MBEDTLS_HAVE_UDBL
+#define POLARSSL_HAVE_X86 MBEDTLS_HAVE_X86
+#define POLARSSL_HAVE_X86_64 MBEDTLS_HAVE_X86_64
+#define POLARSSL_HMAC_DRBG_H MBEDTLS_HMAC_DRBG_H
+#define POLARSSL_HMAC_DRBG_PR_OFF MBEDTLS_HMAC_DRBG_PR_OFF
+#define POLARSSL_HMAC_DRBG_PR_ON MBEDTLS_HMAC_DRBG_PR_ON
+#define POLARSSL_KEY_EXCHANGE_DHE_PSK MBEDTLS_KEY_EXCHANGE_DHE_PSK
+#define POLARSSL_KEY_EXCHANGE_DHE_RSA MBEDTLS_KEY_EXCHANGE_DHE_RSA
+#define POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
+#define POLARSSL_KEY_EXCHANGE_ECDHE_PSK MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
+#define POLARSSL_KEY_EXCHANGE_ECDHE_RSA MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
+#define POLARSSL_KEY_EXCHANGE_ECDH_ECDSA MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
+#define POLARSSL_KEY_EXCHANGE_ECDH_RSA MBEDTLS_KEY_EXCHANGE_ECDH_RSA
+#define POLARSSL_KEY_EXCHANGE_NONE MBEDTLS_KEY_EXCHANGE_NONE
+#define POLARSSL_KEY_EXCHANGE_PSK MBEDTLS_KEY_EXCHANGE_PSK
+#define POLARSSL_KEY_EXCHANGE_RSA MBEDTLS_KEY_EXCHANGE_RSA
+#define POLARSSL_KEY_EXCHANGE_RSA_PSK MBEDTLS_KEY_EXCHANGE_RSA_PSK
+#define POLARSSL_KEY_EXCHANGE__SOME__ECDHE_ENABLED MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED
+#define POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED
+#define POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED
+#define POLARSSL_KEY_LENGTH_DES MBEDTLS_KEY_LENGTH_DES
+#define POLARSSL_KEY_LENGTH_DES_EDE MBEDTLS_KEY_LENGTH_DES_EDE
+#define POLARSSL_KEY_LENGTH_DES_EDE3 MBEDTLS_KEY_LENGTH_DES_EDE3
+#define POLARSSL_KEY_LENGTH_NONE MBEDTLS_KEY_LENGTH_NONE
+#define POLARSSL_MAX_BLOCK_LENGTH MBEDTLS_MAX_BLOCK_LENGTH
+#define POLARSSL_MAX_IV_LENGTH MBEDTLS_MAX_IV_LENGTH
+#define POLARSSL_MD2_H MBEDTLS_MD2_H
+#define POLARSSL_MD4_H MBEDTLS_MD4_H
+#define POLARSSL_MD5_H MBEDTLS_MD5_H
+#define POLARSSL_MD_H MBEDTLS_MD_H
+#define POLARSSL_MD_MAX_SIZE MBEDTLS_MD_MAX_SIZE
+#define POLARSSL_MD_MD2 MBEDTLS_MD_MD2
+#define POLARSSL_MD_MD4 MBEDTLS_MD_MD4
+#define POLARSSL_MD_MD5 MBEDTLS_MD_MD5
+#define POLARSSL_MD_NONE MBEDTLS_MD_NONE
+#define POLARSSL_MD_RIPEMD160 MBEDTLS_MD_RIPEMD160
+#define POLARSSL_MD_SHA1 MBEDTLS_MD_SHA1
+#define POLARSSL_MD_SHA224 MBEDTLS_MD_SHA224
+#define POLARSSL_MD_SHA256 MBEDTLS_MD_SHA256
+#define POLARSSL_MD_SHA384 MBEDTLS_MD_SHA384
+#define POLARSSL_MD_SHA512 MBEDTLS_MD_SHA512
+#define POLARSSL_MD_WRAP_H MBEDTLS_MD_WRAP_H
+#define POLARSSL_MEMORY_BUFFER_ALLOC_H MBEDTLS_MEMORY_BUFFER_ALLOC_H
+#define POLARSSL_MODE_CBC MBEDTLS_MODE_CBC
+#define POLARSSL_MODE_CCM MBEDTLS_MODE_CCM
+#define POLARSSL_MODE_CFB MBEDTLS_MODE_CFB
+#define POLARSSL_MODE_CTR MBEDTLS_MODE_CTR
+#define POLARSSL_MODE_ECB MBEDTLS_MODE_ECB
+#define POLARSSL_MODE_GCM MBEDTLS_MODE_GCM
+#define POLARSSL_MODE_NONE MBEDTLS_MODE_NONE
+#define POLARSSL_MODE_OFB MBEDTLS_MODE_OFB
+#define POLARSSL_MODE_STREAM MBEDTLS_MODE_STREAM
+#define POLARSSL_MPI_MAX_BITS MBEDTLS_MPI_MAX_BITS
+#define POLARSSL_MPI_MAX_BITS_SCALE100 MBEDTLS_MPI_MAX_BITS_SCALE100
+#define POLARSSL_MPI_MAX_LIMBS MBEDTLS_MPI_MAX_LIMBS
+#define POLARSSL_MPI_RW_BUFFER_SIZE MBEDTLS_MPI_RW_BUFFER_SIZE
+#define POLARSSL_NET_H MBEDTLS_NET_SOCKETS_H
+#define POLARSSL_NET_LISTEN_BACKLOG MBEDTLS_NET_LISTEN_BACKLOG
+#define POLARSSL_OID_H MBEDTLS_OID_H
+#define POLARSSL_OPERATION_NONE MBEDTLS_OPERATION_NONE
+#define POLARSSL_PADDING_NONE MBEDTLS_PADDING_NONE
+#define POLARSSL_PADDING_ONE_AND_ZEROS MBEDTLS_PADDING_ONE_AND_ZEROS
+#define POLARSSL_PADDING_PKCS7 MBEDTLS_PADDING_PKCS7
+#define POLARSSL_PADDING_ZEROS MBEDTLS_PADDING_ZEROS
+#define POLARSSL_PADDING_ZEROS_AND_LEN MBEDTLS_PADDING_ZEROS_AND_LEN
+#define POLARSSL_PADLOCK_H MBEDTLS_PADLOCK_H
+#define POLARSSL_PEM_H MBEDTLS_PEM_H
+#define POLARSSL_PKCS11_H MBEDTLS_PKCS11_H
+#define POLARSSL_PKCS12_H MBEDTLS_PKCS12_H
+#define POLARSSL_PKCS5_H MBEDTLS_PKCS5_H
+#define POLARSSL_PK_DEBUG_ECP MBEDTLS_PK_DEBUG_ECP
+#define POLARSSL_PK_DEBUG_MAX_ITEMS MBEDTLS_PK_DEBUG_MAX_ITEMS
+#define POLARSSL_PK_DEBUG_MPI MBEDTLS_PK_DEBUG_MPI
+#define POLARSSL_PK_DEBUG_NONE MBEDTLS_PK_DEBUG_NONE
+#define POLARSSL_PK_ECDSA MBEDTLS_PK_ECDSA
+#define POLARSSL_PK_ECKEY MBEDTLS_PK_ECKEY
+#define POLARSSL_PK_ECKEY_DH MBEDTLS_PK_ECKEY_DH
+#define POLARSSL_PK_H MBEDTLS_PK_H
+#define POLARSSL_PK_NONE MBEDTLS_PK_NONE
+#define POLARSSL_PK_RSA MBEDTLS_PK_RSA
+#define POLARSSL_PK_RSASSA_PSS MBEDTLS_PK_RSASSA_PSS
+#define POLARSSL_PK_RSA_ALT MBEDTLS_PK_RSA_ALT
+#define POLARSSL_PK_WRAP_H MBEDTLS_PK_WRAP_H
+#define POLARSSL_PLATFORM_H MBEDTLS_PLATFORM_H
+#define POLARSSL_PREMASTER_SIZE MBEDTLS_PREMASTER_SIZE
+#define POLARSSL_RIPEMD160_H MBEDTLS_RIPEMD160_H
+#define POLARSSL_RSA_H MBEDTLS_RSA_H
+#define POLARSSL_SHA1_H MBEDTLS_SHA1_H
+#define POLARSSL_SHA256_H MBEDTLS_SHA256_H
+#define POLARSSL_SHA512_H MBEDTLS_SHA512_H
+#define POLARSSL_SSL_CACHE_H MBEDTLS_SSL_CACHE_H
+#define POLARSSL_SSL_CIPHERSUITES_H MBEDTLS_SSL_CIPHERSUITES_H
+#define POLARSSL_SSL_COOKIE_H MBEDTLS_SSL_COOKIE_H
+#define POLARSSL_SSL_H MBEDTLS_SSL_H
+#define POLARSSL_THREADING_H MBEDTLS_THREADING_H
+#define POLARSSL_THREADING_IMPL MBEDTLS_THREADING_IMPL
+#define POLARSSL_TIMING_H MBEDTLS_TIMING_H
+#define POLARSSL_VERSION_H MBEDTLS_VERSION_H
+#define POLARSSL_VERSION_MAJOR MBEDTLS_VERSION_MAJOR
+#define POLARSSL_VERSION_MINOR MBEDTLS_VERSION_MINOR
+#define POLARSSL_VERSION_NUMBER MBEDTLS_VERSION_NUMBER
+#define POLARSSL_VERSION_PATCH MBEDTLS_VERSION_PATCH
+#define POLARSSL_VERSION_STRING MBEDTLS_VERSION_STRING
+#define POLARSSL_VERSION_STRING_FULL MBEDTLS_VERSION_STRING_FULL
+#define POLARSSL_X509_CRL_H MBEDTLS_X509_CRL_H
+#define POLARSSL_X509_CRT_H MBEDTLS_X509_CRT_H
+#define POLARSSL_X509_CSR_H MBEDTLS_X509_CSR_H
+#define POLARSSL_X509_H MBEDTLS_X509_H
+#define POLARSSL_XTEA_H MBEDTLS_XTEA_H
+#define RSA_CRYPT MBEDTLS_RSA_CRYPT
+#define RSA_PKCS_V15 MBEDTLS_RSA_PKCS_V15
+#define RSA_PKCS_V21 MBEDTLS_RSA_PKCS_V21
+#define RSA_PRIVATE MBEDTLS_RSA_PRIVATE
+#define RSA_PUBLIC MBEDTLS_RSA_PUBLIC
+#define RSA_SALT_LEN_ANY MBEDTLS_RSA_SALT_LEN_ANY
+#define RSA_SIGN MBEDTLS_RSA_SIGN
+#define SSL_ALERT_LEVEL_FATAL MBEDTLS_SSL_ALERT_LEVEL_FATAL
+#define SSL_ALERT_LEVEL_WARNING MBEDTLS_SSL_ALERT_LEVEL_WARNING
+#define SSL_ALERT_MSG_ACCESS_DENIED MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED
+#define SSL_ALERT_MSG_BAD_CERT MBEDTLS_SSL_ALERT_MSG_BAD_CERT
+#define SSL_ALERT_MSG_BAD_RECORD_MAC MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC
+#define SSL_ALERT_MSG_CERT_EXPIRED MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED
+#define SSL_ALERT_MSG_CERT_REVOKED MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED
+#define SSL_ALERT_MSG_CERT_UNKNOWN MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN
+#define SSL_ALERT_MSG_CLOSE_NOTIFY MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY
+#define SSL_ALERT_MSG_DECODE_ERROR MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR
+#define SSL_ALERT_MSG_DECOMPRESSION_FAILURE MBEDTLS_SSL_ALERT_MSG_DECOMPRESSION_FAILURE
+#define SSL_ALERT_MSG_DECRYPTION_FAILED MBEDTLS_SSL_ALERT_MSG_DECRYPTION_FAILED
+#define SSL_ALERT_MSG_DECRYPT_ERROR MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR
+#define SSL_ALERT_MSG_EXPORT_RESTRICTION MBEDTLS_SSL_ALERT_MSG_EXPORT_RESTRICTION
+#define SSL_ALERT_MSG_HANDSHAKE_FAILURE MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE
+#define SSL_ALERT_MSG_ILLEGAL_PARAMETER MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER
+#define SSL_ALERT_MSG_INAPROPRIATE_FALLBACK MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK
+#define SSL_ALERT_MSG_INSUFFICIENT_SECURITY MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY
+#define SSL_ALERT_MSG_INTERNAL_ERROR MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR
+#define SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL
+#define SSL_ALERT_MSG_NO_CERT MBEDTLS_SSL_ALERT_MSG_NO_CERT
+#define SSL_ALERT_MSG_NO_RENEGOTIATION MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION
+#define SSL_ALERT_MSG_PROTOCOL_VERSION MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION
+#define SSL_ALERT_MSG_RECORD_OVERFLOW MBEDTLS_SSL_ALERT_MSG_RECORD_OVERFLOW
+#define SSL_ALERT_MSG_UNEXPECTED_MESSAGE MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE
+#define SSL_ALERT_MSG_UNKNOWN_CA MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA
+#define SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY
+#define SSL_ALERT_MSG_UNRECOGNIZED_NAME MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME
+#define SSL_ALERT_MSG_UNSUPPORTED_CERT MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT
+#define SSL_ALERT_MSG_UNSUPPORTED_EXT MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT
+#define SSL_ALERT_MSG_USER_CANCELED MBEDTLS_SSL_ALERT_MSG_USER_CANCELED
+#define SSL_ANTI_REPLAY_DISABLED MBEDTLS_SSL_ANTI_REPLAY_DISABLED
+#define SSL_ANTI_REPLAY_ENABLED MBEDTLS_SSL_ANTI_REPLAY_ENABLED
+#define SSL_ARC4_DISABLED MBEDTLS_SSL_ARC4_DISABLED
+#define SSL_ARC4_ENABLED MBEDTLS_SSL_ARC4_ENABLED
+#define SSL_BUFFER_LEN MBEDTLS_SSL_BUFFER_LEN
+#define SSL_CACHE_DEFAULT_MAX_ENTRIES MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES
+#define SSL_CACHE_DEFAULT_TIMEOUT MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT
+#define SSL_CBC_RECORD_SPLITTING_DISABLED MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED
+#define SSL_CBC_RECORD_SPLITTING_ENABLED MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED
+#define SSL_CERTIFICATE_REQUEST MBEDTLS_SSL_CERTIFICATE_REQUEST
+#define SSL_CERTIFICATE_VERIFY MBEDTLS_SSL_CERTIFICATE_VERIFY
+#define SSL_CERT_TYPE_ECDSA_SIGN MBEDTLS_SSL_CERT_TYPE_ECDSA_SIGN
+#define SSL_CERT_TYPE_RSA_SIGN MBEDTLS_SSL_CERT_TYPE_RSA_SIGN
+#define SSL_CHANNEL_INBOUND MBEDTLS_SSL_CHANNEL_INBOUND
+#define SSL_CHANNEL_OUTBOUND MBEDTLS_SSL_CHANNEL_OUTBOUND
+#define SSL_CIPHERSUITES MBEDTLS_SSL_CIPHERSUITES
+#define SSL_CLIENT_CERTIFICATE MBEDTLS_SSL_CLIENT_CERTIFICATE
+#define SSL_CLIENT_CHANGE_CIPHER_SPEC MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC
+#define SSL_CLIENT_FINISHED MBEDTLS_SSL_CLIENT_FINISHED
+#define SSL_CLIENT_HELLO MBEDTLS_SSL_CLIENT_HELLO
+#define SSL_CLIENT_KEY_EXCHANGE MBEDTLS_SSL_CLIENT_KEY_EXCHANGE
+#define SSL_COMPRESSION_ADD MBEDTLS_SSL_COMPRESSION_ADD
+#define SSL_COMPRESS_DEFLATE MBEDTLS_SSL_COMPRESS_DEFLATE
+#define SSL_COMPRESS_NULL MBEDTLS_SSL_COMPRESS_NULL
+#define SSL_DEBUG_BUF MBEDTLS_SSL_DEBUG_BUF
+#define SSL_DEBUG_CRT MBEDTLS_SSL_DEBUG_CRT
+#define SSL_DEBUG_ECP MBEDTLS_SSL_DEBUG_ECP
+#define SSL_DEBUG_MPI MBEDTLS_SSL_DEBUG_MPI
+#define SSL_DEBUG_MSG MBEDTLS_SSL_DEBUG_MSG
+#define SSL_DEBUG_RET MBEDTLS_SSL_DEBUG_RET
+#define SSL_DEFAULT_TICKET_LIFETIME MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME
+#define SSL_DTLS_TIMEOUT_DFL_MAX MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MAX
+#define SSL_DTLS_TIMEOUT_DFL_MIN MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MIN
+#define SSL_EMPTY_RENEGOTIATION_INFO MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO
+#define SSL_ETM_DISABLED MBEDTLS_SSL_ETM_DISABLED
+#define SSL_ETM_ENABLED MBEDTLS_SSL_ETM_ENABLED
+#define SSL_EXTENDED_MS_DISABLED MBEDTLS_SSL_EXTENDED_MS_DISABLED
+#define SSL_EXTENDED_MS_ENABLED MBEDTLS_SSL_EXTENDED_MS_ENABLED
+#define SSL_FALLBACK_SCSV MBEDTLS_SSL_FALLBACK_SCSV
+#define SSL_FLUSH_BUFFERS MBEDTLS_SSL_FLUSH_BUFFERS
+#define SSL_HANDSHAKE_OVER MBEDTLS_SSL_HANDSHAKE_OVER
+#define SSL_HANDSHAKE_WRAPUP MBEDTLS_SSL_HANDSHAKE_WRAPUP
+#define SSL_HASH_MD5 MBEDTLS_SSL_HASH_MD5
+#define SSL_HASH_NONE MBEDTLS_SSL_HASH_NONE
+#define SSL_HASH_SHA1 MBEDTLS_SSL_HASH_SHA1
+#define SSL_HASH_SHA224 MBEDTLS_SSL_HASH_SHA224
+#define SSL_HASH_SHA256 MBEDTLS_SSL_HASH_SHA256
+#define SSL_HASH_SHA384 MBEDTLS_SSL_HASH_SHA384
+#define SSL_HASH_SHA512 MBEDTLS_SSL_HASH_SHA512
+#define SSL_HELLO_REQUEST MBEDTLS_SSL_HELLO_REQUEST
+#define SSL_HS_CERTIFICATE MBEDTLS_SSL_HS_CERTIFICATE
+#define SSL_HS_CERTIFICATE_REQUEST MBEDTLS_SSL_HS_CERTIFICATE_REQUEST
+#define SSL_HS_CERTIFICATE_VERIFY MBEDTLS_SSL_HS_CERTIFICATE_VERIFY
+#define SSL_HS_CLIENT_HELLO MBEDTLS_SSL_HS_CLIENT_HELLO
+#define SSL_HS_CLIENT_KEY_EXCHANGE MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE
+#define SSL_HS_FINISHED MBEDTLS_SSL_HS_FINISHED
+#define SSL_HS_HELLO_REQUEST MBEDTLS_SSL_HS_HELLO_REQUEST
+#define SSL_HS_HELLO_VERIFY_REQUEST MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST
+#define SSL_HS_NEW_SESSION_TICKET MBEDTLS_SSL_HS_NEW_SESSION_TICKET
+#define SSL_HS_SERVER_HELLO MBEDTLS_SSL_HS_SERVER_HELLO
+#define SSL_HS_SERVER_HELLO_DONE MBEDTLS_SSL_HS_SERVER_HELLO_DONE
+#define SSL_HS_SERVER_KEY_EXCHANGE MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE
+#define SSL_INITIAL_HANDSHAKE MBEDTLS_SSL_INITIAL_HANDSHAKE
+#define SSL_IS_CLIENT MBEDTLS_SSL_IS_CLIENT
+#define SSL_IS_FALLBACK MBEDTLS_SSL_IS_FALLBACK
+#define SSL_IS_NOT_FALLBACK MBEDTLS_SSL_IS_NOT_FALLBACK
+#define SSL_IS_SERVER MBEDTLS_SSL_IS_SERVER
+#define SSL_LEGACY_ALLOW_RENEGOTIATION MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION
+#define SSL_LEGACY_BREAK_HANDSHAKE MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE
+#define SSL_LEGACY_NO_RENEGOTIATION MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION
+#define SSL_LEGACY_RENEGOTIATION MBEDTLS_SSL_LEGACY_RENEGOTIATION
+#define SSL_MAC_ADD MBEDTLS_SSL_MAC_ADD
+#define SSL_MAJOR_VERSION_3 MBEDTLS_SSL_MAJOR_VERSION_3
+#define SSL_MAX_CONTENT_LEN MBEDTLS_SSL_MAX_CONTENT_LEN
+#define SSL_MAX_FRAG_LEN_1024 MBEDTLS_SSL_MAX_FRAG_LEN_1024
+#define SSL_MAX_FRAG_LEN_2048 MBEDTLS_SSL_MAX_FRAG_LEN_2048
+#define SSL_MAX_FRAG_LEN_4096 MBEDTLS_SSL_MAX_FRAG_LEN_4096
+#define SSL_MAX_FRAG_LEN_512 MBEDTLS_SSL_MAX_FRAG_LEN_512
+#define SSL_MAX_FRAG_LEN_INVALID MBEDTLS_SSL_MAX_FRAG_LEN_INVALID
+#define SSL_MAX_FRAG_LEN_NONE MBEDTLS_SSL_MAX_FRAG_LEN_NONE
+#define SSL_MAX_MAJOR_VERSION MBEDTLS_SSL_MAX_MAJOR_VERSION
+#define SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MAX_MINOR_VERSION
+#define SSL_MINOR_VERSION_0 MBEDTLS_SSL_MINOR_VERSION_0
+#define SSL_MINOR_VERSION_1 MBEDTLS_SSL_MINOR_VERSION_1
+#define SSL_MINOR_VERSION_2 MBEDTLS_SSL_MINOR_VERSION_2
+#define SSL_MINOR_VERSION_3 MBEDTLS_SSL_MINOR_VERSION_3
+#define SSL_MIN_MAJOR_VERSION MBEDTLS_SSL_MIN_MAJOR_VERSION
+#define SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MIN_MINOR_VERSION
+#define SSL_MSG_ALERT MBEDTLS_SSL_MSG_ALERT
+#define SSL_MSG_APPLICATION_DATA MBEDTLS_SSL_MSG_APPLICATION_DATA
+#define SSL_MSG_CHANGE_CIPHER_SPEC MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC
+#define SSL_MSG_HANDSHAKE MBEDTLS_SSL_MSG_HANDSHAKE
+#define SSL_PADDING_ADD MBEDTLS_SSL_PADDING_ADD
+#define SSL_RENEGOTIATION MBEDTLS_SSL_RENEGOTIATION
+#define SSL_RENEGOTIATION_DISABLED MBEDTLS_SSL_RENEGOTIATION_DISABLED
+#define SSL_RENEGOTIATION_DONE MBEDTLS_SSL_RENEGOTIATION_DONE
+#define SSL_RENEGOTIATION_ENABLED MBEDTLS_SSL_RENEGOTIATION_ENABLED
+#define SSL_RENEGOTIATION_NOT_ENFORCED MBEDTLS_SSL_RENEGOTIATION_NOT_ENFORCED
+#define SSL_RENEGOTIATION_PENDING MBEDTLS_SSL_RENEGOTIATION_PENDING
+#define SSL_RENEGO_MAX_RECORDS_DEFAULT MBEDTLS_SSL_RENEGO_MAX_RECORDS_DEFAULT
+#define SSL_RETRANS_FINISHED MBEDTLS_SSL_RETRANS_FINISHED
+#define SSL_RETRANS_PREPARING MBEDTLS_SSL_RETRANS_PREPARING
+#define SSL_RETRANS_SENDING MBEDTLS_SSL_RETRANS_SENDING
+#define SSL_RETRANS_WAITING MBEDTLS_SSL_RETRANS_WAITING
+#define SSL_SECURE_RENEGOTIATION MBEDTLS_SSL_SECURE_RENEGOTIATION
+#define SSL_SERVER_CERTIFICATE MBEDTLS_SSL_SERVER_CERTIFICATE
+#define SSL_SERVER_CHANGE_CIPHER_SPEC MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC
+#define SSL_SERVER_FINISHED MBEDTLS_SSL_SERVER_FINISHED
+#define SSL_SERVER_HELLO MBEDTLS_SSL_SERVER_HELLO
+#define SSL_SERVER_HELLO_DONE MBEDTLS_SSL_SERVER_HELLO_DONE
+#define SSL_SERVER_HELLO_VERIFY_REQUEST_SENT MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT
+#define SSL_SERVER_KEY_EXCHANGE MBEDTLS_SSL_SERVER_KEY_EXCHANGE
+#define SSL_SERVER_NEW_SESSION_TICKET MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET
+#define SSL_SESSION_TICKETS_DISABLED MBEDTLS_SSL_SESSION_TICKETS_DISABLED
+#define SSL_SESSION_TICKETS_ENABLED MBEDTLS_SSL_SESSION_TICKETS_ENABLED
+#define SSL_SIG_ANON MBEDTLS_SSL_SIG_ANON
+#define SSL_SIG_ECDSA MBEDTLS_SSL_SIG_ECDSA
+#define SSL_SIG_RSA MBEDTLS_SSL_SIG_RSA
+#define SSL_TRANSPORT_DATAGRAM MBEDTLS_SSL_TRANSPORT_DATAGRAM
+#define SSL_TRANSPORT_STREAM MBEDTLS_SSL_TRANSPORT_STREAM
+#define SSL_TRUNCATED_HMAC_LEN MBEDTLS_SSL_TRUNCATED_HMAC_LEN
+#define SSL_TRUNC_HMAC_DISABLED MBEDTLS_SSL_TRUNC_HMAC_DISABLED
+#define SSL_TRUNC_HMAC_ENABLED MBEDTLS_SSL_TRUNC_HMAC_ENABLED
+#define SSL_VERIFY_DATA_MAX_LEN MBEDTLS_SSL_VERIFY_DATA_MAX_LEN
+#define SSL_VERIFY_NONE MBEDTLS_SSL_VERIFY_NONE
+#define SSL_VERIFY_OPTIONAL MBEDTLS_SSL_VERIFY_OPTIONAL
+#define SSL_VERIFY_REQUIRED MBEDTLS_SSL_VERIFY_REQUIRED
+#define TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
+#define TLS_DHE_PSK_WITH_AES_128_CBC_SHA MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
+#define TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
+#define TLS_DHE_PSK_WITH_AES_128_CCM MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM
+#define TLS_DHE_PSK_WITH_AES_128_CCM_8 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8
+#define TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
+#define TLS_DHE_PSK_WITH_AES_256_CBC_SHA MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
+#define TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
+#define TLS_DHE_PSK_WITH_AES_256_CCM MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM
+#define TLS_DHE_PSK_WITH_AES_256_CCM_8 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8
+#define TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
+#define TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+#define TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
+#define TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+#define TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
+#define TLS_DHE_PSK_WITH_NULL_SHA MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA
+#define TLS_DHE_PSK_WITH_NULL_SHA256 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256
+#define TLS_DHE_PSK_WITH_NULL_SHA384 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384
+#define TLS_DHE_PSK_WITH_RC4_128_SHA MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
+#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
+#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
+#define TLS_DHE_RSA_WITH_AES_128_CCM MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM
+#define TLS_DHE_RSA_WITH_AES_128_CCM_8 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8
+#define TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
+#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
+#define TLS_DHE_RSA_WITH_AES_256_CCM MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM
+#define TLS_DHE_RSA_WITH_AES_256_CCM_8 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8
+#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
+#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
+#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+#define TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
+#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
+#define TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+#define TLS_DHE_RSA_WITH_DES_CBC_SHA MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA
+#define TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
+#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
+#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
+#define TLS_ECDHE_ECDSA_WITH_AES_128_CCM MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM
+#define TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
+#define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
+#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
+#define TLS_ECDHE_ECDSA_WITH_AES_256_CCM MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM
+#define TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
+#define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+#define TLS_ECDHE_ECDSA_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA
+#define TLS_ECDHE_ECDSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
+#define TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
+#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
+#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
+#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
+#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
+#define TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+#define TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+#define TLS_ECDHE_PSK_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA
+#define TLS_ECDHE_PSK_WITH_NULL_SHA256 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256
+#define TLS_ECDHE_PSK_WITH_NULL_SHA384 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384
+#define TLS_ECDHE_PSK_WITH_RC4_128_SHA MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
+#define TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
+#define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
+#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
+#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+#define TLS_ECDHE_RSA_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
+#define TLS_ECDHE_RSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
+#define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
+#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
+#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
+#define TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
+#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
+#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
+#define TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
+#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+#define TLS_ECDH_ECDSA_WITH_NULL_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA
+#define TLS_ECDH_ECDSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
+#define TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
+#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
+#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
+#define TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
+#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
+#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
+#define TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
+#define TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
+#define TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
+#define TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
+#define TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
+#define TLS_ECDH_RSA_WITH_NULL_SHA MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA
+#define TLS_ECDH_RSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
+#define TLS_EXT_ALPN MBEDTLS_TLS_EXT_ALPN
+#define TLS_EXT_ENCRYPT_THEN_MAC MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC
+#define TLS_EXT_EXTENDED_MASTER_SECRET MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET
+#define TLS_EXT_MAX_FRAGMENT_LENGTH MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH
+#define TLS_EXT_RENEGOTIATION_INFO MBEDTLS_TLS_EXT_RENEGOTIATION_INFO
+#define TLS_EXT_SERVERNAME MBEDTLS_TLS_EXT_SERVERNAME
+#define TLS_EXT_SERVERNAME_HOSTNAME MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME
+#define TLS_EXT_SESSION_TICKET MBEDTLS_TLS_EXT_SESSION_TICKET
+#define TLS_EXT_SIG_ALG MBEDTLS_TLS_EXT_SIG_ALG
+#define TLS_EXT_SUPPORTED_ELLIPTIC_CURVES MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES
+#define TLS_EXT_SUPPORTED_POINT_FORMATS MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS
+#define TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT
+#define TLS_EXT_TRUNCATED_HMAC MBEDTLS_TLS_EXT_TRUNCATED_HMAC
+#define TLS_PSK_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
+#define TLS_PSK_WITH_AES_128_CBC_SHA MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
+#define TLS_PSK_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
+#define TLS_PSK_WITH_AES_128_CCM MBEDTLS_TLS_PSK_WITH_AES_128_CCM
+#define TLS_PSK_WITH_AES_128_CCM_8 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8
+#define TLS_PSK_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
+#define TLS_PSK_WITH_AES_256_CBC_SHA MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
+#define TLS_PSK_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
+#define TLS_PSK_WITH_AES_256_CCM MBEDTLS_TLS_PSK_WITH_AES_256_CCM
+#define TLS_PSK_WITH_AES_256_CCM_8 MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8
+#define TLS_PSK_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
+#define TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
+#define TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
+#define TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
+#define TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
+#define TLS_PSK_WITH_NULL_SHA MBEDTLS_TLS_PSK_WITH_NULL_SHA
+#define TLS_PSK_WITH_NULL_SHA256 MBEDTLS_TLS_PSK_WITH_NULL_SHA256
+#define TLS_PSK_WITH_NULL_SHA384 MBEDTLS_TLS_PSK_WITH_NULL_SHA384
+#define TLS_PSK_WITH_RC4_128_SHA MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
+#define TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
+#define TLS_RSA_PSK_WITH_AES_128_CBC_SHA MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
+#define TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
+#define TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
+#define TLS_RSA_PSK_WITH_AES_256_CBC_SHA MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
+#define TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
+#define TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
+#define TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
+#define TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
+#define TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
+#define TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
+#define TLS_RSA_PSK_WITH_NULL_SHA MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA
+#define TLS_RSA_PSK_WITH_NULL_SHA256 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256
+#define TLS_RSA_PSK_WITH_NULL_SHA384 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384
+#define TLS_RSA_PSK_WITH_RC4_128_SHA MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
+#define TLS_RSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
+#define TLS_RSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
+#define TLS_RSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
+#define TLS_RSA_WITH_AES_128_CCM MBEDTLS_TLS_RSA_WITH_AES_128_CCM
+#define TLS_RSA_WITH_AES_128_CCM_8 MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8
+#define TLS_RSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
+#define TLS_RSA_WITH_AES_256_CBC_SHA MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
+#define TLS_RSA_WITH_AES_256_CBC_SHA256 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
+#define TLS_RSA_WITH_AES_256_CCM MBEDTLS_TLS_RSA_WITH_AES_256_CCM
+#define TLS_RSA_WITH_AES_256_CCM_8 MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8
+#define TLS_RSA_WITH_AES_256_GCM_SHA384 MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
+#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
+#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
+#define TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
+#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
+#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
+#define TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
+#define TLS_RSA_WITH_DES_CBC_SHA MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA
+#define TLS_RSA_WITH_NULL_MD5 MBEDTLS_TLS_RSA_WITH_NULL_MD5
+#define TLS_RSA_WITH_NULL_SHA MBEDTLS_TLS_RSA_WITH_NULL_SHA
+#define TLS_RSA_WITH_NULL_SHA256 MBEDTLS_TLS_RSA_WITH_NULL_SHA256
+#define TLS_RSA_WITH_RC4_128_MD5 MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
+#define TLS_RSA_WITH_RC4_128_SHA MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
+#define X509_CRT_VERSION_1 MBEDTLS_X509_CRT_VERSION_1
+#define X509_CRT_VERSION_2 MBEDTLS_X509_CRT_VERSION_2
+#define X509_CRT_VERSION_3 MBEDTLS_X509_CRT_VERSION_3
+#define X509_FORMAT_DER MBEDTLS_X509_FORMAT_DER
+#define X509_FORMAT_PEM MBEDTLS_X509_FORMAT_PEM
+#define X509_MAX_DN_NAME_SIZE MBEDTLS_X509_MAX_DN_NAME_SIZE
+#define X509_RFC5280_MAX_SERIAL_LEN MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN
+#define X509_RFC5280_UTC_TIME_LEN MBEDTLS_X509_RFC5280_UTC_TIME_LEN
+#define XTEA_DECRYPT MBEDTLS_XTEA_DECRYPT
+#define XTEA_ENCRYPT MBEDTLS_XTEA_ENCRYPT
+#define _asn1_bitstring mbedtls_asn1_bitstring
+#define _asn1_buf mbedtls_asn1_buf
+#define _asn1_named_data mbedtls_asn1_named_data
+#define _asn1_sequence mbedtls_asn1_sequence
+#define _ssl_cache_context mbedtls_ssl_cache_context
+#define _ssl_cache_entry mbedtls_ssl_cache_entry
+#define _ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t
+#define _ssl_context mbedtls_ssl_context
+#define _ssl_flight_item mbedtls_ssl_flight_item
+#define _ssl_handshake_params mbedtls_ssl_handshake_params
+#define _ssl_key_cert mbedtls_ssl_key_cert
+#define _ssl_premaster_secret mbedtls_ssl_premaster_secret
+#define _ssl_session mbedtls_ssl_session
+#define _ssl_transform mbedtls_ssl_transform
+#define _x509_crl mbedtls_x509_crl
+#define _x509_crl_entry mbedtls_x509_crl_entry
+#define _x509_crt mbedtls_x509_crt
+#define _x509_csr mbedtls_x509_csr
+#define _x509_time mbedtls_x509_time
+#define _x509write_cert mbedtls_x509write_cert
+#define _x509write_csr mbedtls_x509write_csr
+#define aes_context mbedtls_aes_context
+#define aes_crypt_cbc mbedtls_aes_crypt_cbc
+#define aes_crypt_cfb128 mbedtls_aes_crypt_cfb128
+#define aes_crypt_cfb8 mbedtls_aes_crypt_cfb8
+#define aes_crypt_ctr mbedtls_aes_crypt_ctr
+#define aes_crypt_ecb mbedtls_aes_crypt_ecb
+#define aes_free mbedtls_aes_free
+#define aes_init mbedtls_aes_init
+#define aes_self_test mbedtls_aes_self_test
+#define aes_setkey_dec mbedtls_aes_setkey_dec
+#define aes_setkey_enc mbedtls_aes_setkey_enc
+#define aesni_crypt_ecb mbedtls_aesni_crypt_ecb
+#define aesni_gcm_mult mbedtls_aesni_gcm_mult
+#define aesni_inverse_key mbedtls_aesni_inverse_key
+#define aesni_setkey_enc mbedtls_aesni_setkey_enc
+#define aesni_supports mbedtls_aesni_has_support
+#define alarmed mbedtls_timing_alarmed
+#define arc4_context mbedtls_arc4_context
+#define arc4_crypt mbedtls_arc4_crypt
+#define arc4_free mbedtls_arc4_free
+#define arc4_init mbedtls_arc4_init
+#define arc4_self_test mbedtls_arc4_self_test
+#define arc4_setup mbedtls_arc4_setup
+#define asn1_bitstring mbedtls_asn1_bitstring
+#define asn1_buf mbedtls_asn1_buf
+#define asn1_find_named_data mbedtls_asn1_find_named_data
+#define asn1_free_named_data mbedtls_asn1_free_named_data
+#define asn1_free_named_data_list mbedtls_asn1_free_named_data_list
+#define asn1_get_alg mbedtls_asn1_get_alg
+#define asn1_get_alg_null mbedtls_asn1_get_alg_null
+#define asn1_get_bitstring mbedtls_asn1_get_bitstring
+#define asn1_get_bitstring_null mbedtls_asn1_get_bitstring_null
+#define asn1_get_bool mbedtls_asn1_get_bool
+#define asn1_get_int mbedtls_asn1_get_int
+#define asn1_get_len mbedtls_asn1_get_len
+#define asn1_get_mpi mbedtls_asn1_get_mpi
+#define asn1_get_sequence_of mbedtls_asn1_get_sequence_of
+#define asn1_get_tag mbedtls_asn1_get_tag
+#define asn1_named_data mbedtls_asn1_named_data
+#define asn1_sequence mbedtls_asn1_sequence
+#define asn1_store_named_data mbedtls_asn1_store_named_data
+#define asn1_write_algorithm_identifier mbedtls_asn1_write_algorithm_identifier
+#define asn1_write_bitstring mbedtls_asn1_write_bitstring
+#define asn1_write_bool mbedtls_asn1_write_bool
+#define asn1_write_ia5_string mbedtls_asn1_write_ia5_string
+#define asn1_write_int mbedtls_asn1_write_int
+#define asn1_write_len mbedtls_asn1_write_len
+#define asn1_write_mpi mbedtls_asn1_write_mpi
+#define asn1_write_null mbedtls_asn1_write_null
+#define asn1_write_octet_string mbedtls_asn1_write_octet_string
+#define asn1_write_oid mbedtls_asn1_write_oid
+#define asn1_write_printable_string mbedtls_asn1_write_printable_string
+#define asn1_write_raw_buffer mbedtls_asn1_write_raw_buffer
+#define asn1_write_tag mbedtls_asn1_write_tag
+#define base64_decode mbedtls_base64_decode
+#define base64_encode mbedtls_base64_encode
+#define base64_self_test mbedtls_base64_self_test
+#define blowfish_context mbedtls_blowfish_context
+#define blowfish_crypt_cbc mbedtls_blowfish_crypt_cbc
+#define blowfish_crypt_cfb64 mbedtls_blowfish_crypt_cfb64
+#define blowfish_crypt_ctr mbedtls_blowfish_crypt_ctr
+#define blowfish_crypt_ecb mbedtls_blowfish_crypt_ecb
+#define blowfish_free mbedtls_blowfish_free
+#define blowfish_init mbedtls_blowfish_init
+#define blowfish_setkey mbedtls_blowfish_setkey
+#define camellia_context mbedtls_camellia_context
+#define camellia_crypt_cbc mbedtls_camellia_crypt_cbc
+#define camellia_crypt_cfb128 mbedtls_camellia_crypt_cfb128
+#define camellia_crypt_ctr mbedtls_camellia_crypt_ctr
+#define camellia_crypt_ecb mbedtls_camellia_crypt_ecb
+#define camellia_free mbedtls_camellia_free
+#define camellia_init mbedtls_camellia_init
+#define camellia_self_test mbedtls_camellia_self_test
+#define camellia_setkey_dec mbedtls_camellia_setkey_dec
+#define camellia_setkey_enc mbedtls_camellia_setkey_enc
+#define ccm_auth_decrypt mbedtls_ccm_auth_decrypt
+#define ccm_context mbedtls_ccm_context
+#define ccm_encrypt_and_tag mbedtls_ccm_encrypt_and_tag
+#define ccm_free mbedtls_ccm_free
+#define ccm_init mbedtls_ccm_init
+#define ccm_self_test mbedtls_ccm_self_test
+#define cipher_auth_decrypt mbedtls_cipher_auth_decrypt
+#define cipher_auth_encrypt mbedtls_cipher_auth_encrypt
+#define cipher_base_t mbedtls_cipher_base_t
+#define cipher_check_tag mbedtls_cipher_check_tag
+#define cipher_context_t mbedtls_cipher_context_t
+#define cipher_crypt mbedtls_cipher_crypt
+#define cipher_definition_t mbedtls_cipher_definition_t
+#define cipher_definitions mbedtls_cipher_definitions
+#define cipher_finish mbedtls_cipher_finish
+#define cipher_free mbedtls_cipher_free
+#define cipher_get_block_size mbedtls_cipher_get_block_size
+#define cipher_get_cipher_mode mbedtls_cipher_get_cipher_mode
+#define cipher_get_iv_size mbedtls_cipher_get_iv_size
+#define cipher_get_key_size mbedtls_cipher_get_key_bitlen
+#define cipher_get_name mbedtls_cipher_get_name
+#define cipher_get_operation mbedtls_cipher_get_operation
+#define cipher_get_type mbedtls_cipher_get_type
+#define cipher_id_t mbedtls_cipher_id_t
+#define cipher_info_from_string mbedtls_cipher_info_from_string
+#define cipher_info_from_type mbedtls_cipher_info_from_type
+#define cipher_info_from_values mbedtls_cipher_info_from_values
+#define cipher_info_t mbedtls_cipher_info_t
+#define cipher_init mbedtls_cipher_init
+#define cipher_init_ctx mbedtls_cipher_setup
+#define cipher_list mbedtls_cipher_list
+#define cipher_mode_t mbedtls_cipher_mode_t
+#define cipher_padding_t mbedtls_cipher_padding_t
+#define cipher_reset mbedtls_cipher_reset
+#define cipher_set_iv mbedtls_cipher_set_iv
+#define cipher_set_padding_mode mbedtls_cipher_set_padding_mode
+#define cipher_setkey mbedtls_cipher_setkey
+#define cipher_type_t mbedtls_cipher_type_t
+#define cipher_update mbedtls_cipher_update
+#define cipher_update_ad mbedtls_cipher_update_ad
+#define cipher_write_tag mbedtls_cipher_write_tag
+#define ctr_drbg_context mbedtls_ctr_drbg_context
+#define ctr_drbg_free mbedtls_ctr_drbg_free
+#define ctr_drbg_init mbedtls_ctr_drbg_init
+#define ctr_drbg_random mbedtls_ctr_drbg_random
+#define ctr_drbg_random_with_add mbedtls_ctr_drbg_random_with_add
+#define ctr_drbg_reseed mbedtls_ctr_drbg_reseed
+#define ctr_drbg_self_test mbedtls_ctr_drbg_self_test
+#define ctr_drbg_set_entropy_len mbedtls_ctr_drbg_set_entropy_len
+#define ctr_drbg_set_prediction_resistance mbedtls_ctr_drbg_set_prediction_resistance
+#define ctr_drbg_set_reseed_interval mbedtls_ctr_drbg_set_reseed_interval
+#define ctr_drbg_update mbedtls_ctr_drbg_update
+#define ctr_drbg_update_seed_file mbedtls_ctr_drbg_update_seed_file
+#define ctr_drbg_write_seed_file mbedtls_ctr_drbg_write_seed_file
+#define debug_print_buf mbedtls_debug_print_buf
+#define debug_print_crt mbedtls_debug_print_crt
+#define debug_print_ecp mbedtls_debug_print_ecp
+#define debug_print_mpi mbedtls_debug_print_mpi
+#define debug_print_msg mbedtls_debug_print_msg
+#define debug_print_ret mbedtls_debug_print_ret
+#define debug_set_threshold mbedtls_debug_set_threshold
+#define des3_context mbedtls_des3_context
+#define des3_crypt_cbc mbedtls_des3_crypt_cbc
+#define des3_crypt_ecb mbedtls_des3_crypt_ecb
+#define des3_free mbedtls_des3_free
+#define des3_init mbedtls_des3_init
+#define des3_set2key_dec mbedtls_des3_set2key_dec
+#define des3_set2key_enc mbedtls_des3_set2key_enc
+#define des3_set3key_dec mbedtls_des3_set3key_dec
+#define des3_set3key_enc mbedtls_des3_set3key_enc
+#define des_context mbedtls_des_context
+#define des_crypt_cbc mbedtls_des_crypt_cbc
+#define des_crypt_ecb mbedtls_des_crypt_ecb
+#define des_free mbedtls_des_free
+#define des_init mbedtls_des_init
+#define des_key_check_key_parity mbedtls_des_key_check_key_parity
+#define des_key_check_weak mbedtls_des_key_check_weak
+#define des_key_set_parity mbedtls_des_key_set_parity
+#define des_self_test mbedtls_des_self_test
+#define des_setkey_dec mbedtls_des_setkey_dec
+#define des_setkey_enc mbedtls_des_setkey_enc
+#define dhm_calc_secret mbedtls_dhm_calc_secret
+#define dhm_context mbedtls_dhm_context
+#define dhm_free mbedtls_dhm_free
+#define dhm_init mbedtls_dhm_init
+#define dhm_make_params mbedtls_dhm_make_params
+#define dhm_make_public mbedtls_dhm_make_public
+#define dhm_parse_dhm mbedtls_dhm_parse_dhm
+#define dhm_parse_dhmfile mbedtls_dhm_parse_dhmfile
+#define dhm_read_params mbedtls_dhm_read_params
+#define dhm_read_public mbedtls_dhm_read_public
+#define dhm_self_test mbedtls_dhm_self_test
+#define ecdh_calc_secret mbedtls_ecdh_calc_secret
+#define ecdh_compute_shared mbedtls_ecdh_compute_shared
+#define ecdh_context mbedtls_ecdh_context
+#define ecdh_free mbedtls_ecdh_free
+#define ecdh_gen_public mbedtls_ecdh_gen_public
+#define ecdh_get_params mbedtls_ecdh_get_params
+#define ecdh_init mbedtls_ecdh_init
+#define ecdh_make_params mbedtls_ecdh_make_params
+#define ecdh_make_public mbedtls_ecdh_make_public
+#define ecdh_read_params mbedtls_ecdh_read_params
+#define ecdh_read_public mbedtls_ecdh_read_public
+#define ecdh_side mbedtls_ecdh_side
+#define ecdsa_context mbedtls_ecdsa_context
+#define ecdsa_free mbedtls_ecdsa_free
+#define ecdsa_from_keypair mbedtls_ecdsa_from_keypair
+#define ecdsa_genkey mbedtls_ecdsa_genkey
+#define ecdsa_info mbedtls_ecdsa_info
+#define ecdsa_init mbedtls_ecdsa_init
+#define ecdsa_read_signature mbedtls_ecdsa_read_signature
+#define ecdsa_sign mbedtls_ecdsa_sign
+#define ecdsa_sign_det mbedtls_ecdsa_sign_det
+#define ecdsa_verify mbedtls_ecdsa_verify
+#define ecdsa_write_signature mbedtls_ecdsa_write_signature
+#define ecdsa_write_signature_det mbedtls_ecdsa_write_signature_det
+#define eckey_info mbedtls_eckey_info
+#define eckeydh_info mbedtls_eckeydh_info
+#define ecp_check_privkey mbedtls_ecp_check_privkey
+#define ecp_check_pub_priv mbedtls_ecp_check_pub_priv
+#define ecp_check_pubkey mbedtls_ecp_check_pubkey
+#define ecp_copy mbedtls_ecp_copy
+#define ecp_curve_info mbedtls_ecp_curve_info
+#define ecp_curve_info_from_grp_id mbedtls_ecp_curve_info_from_grp_id
+#define ecp_curve_info_from_name mbedtls_ecp_curve_info_from_name
+#define ecp_curve_info_from_tls_id mbedtls_ecp_curve_info_from_tls_id
+#define ecp_curve_list mbedtls_ecp_curve_list
+#define ecp_gen_key mbedtls_ecp_gen_key
+#define ecp_gen_keypair mbedtls_ecp_gen_keypair
+#define ecp_group mbedtls_ecp_group
+#define ecp_group_copy mbedtls_ecp_group_copy
+#define ecp_group_free mbedtls_ecp_group_free
+#define ecp_group_id mbedtls_ecp_group_id
+#define ecp_group_init mbedtls_ecp_group_init
+#define ecp_grp_id_list mbedtls_ecp_grp_id_list
+#define ecp_is_zero mbedtls_ecp_is_zero
+#define ecp_keypair mbedtls_ecp_keypair
+#define ecp_keypair_free mbedtls_ecp_keypair_free
+#define ecp_keypair_init mbedtls_ecp_keypair_init
+#define ecp_mul mbedtls_ecp_mul
+#define ecp_point mbedtls_ecp_point
+#define ecp_point_free mbedtls_ecp_point_free
+#define ecp_point_init mbedtls_ecp_point_init
+#define ecp_point_read_binary mbedtls_ecp_point_read_binary
+#define ecp_point_read_string mbedtls_ecp_point_read_string
+#define ecp_point_write_binary mbedtls_ecp_point_write_binary
+#define ecp_self_test mbedtls_ecp_self_test
+#define ecp_set_zero mbedtls_ecp_set_zero
+#define ecp_tls_read_group mbedtls_ecp_tls_read_group
+#define ecp_tls_read_point mbedtls_ecp_tls_read_point
+#define ecp_tls_write_group mbedtls_ecp_tls_write_group
+#define ecp_tls_write_point mbedtls_ecp_tls_write_point
+#define ecp_use_known_dp mbedtls_ecp_group_load
+#define entropy_add_source mbedtls_entropy_add_source
+#define entropy_context mbedtls_entropy_context
+#define entropy_free mbedtls_entropy_free
+#define entropy_func mbedtls_entropy_func
+#define entropy_gather mbedtls_entropy_gather
+#define entropy_init mbedtls_entropy_init
+#define entropy_self_test mbedtls_entropy_self_test
+#define entropy_update_manual mbedtls_entropy_update_manual
+#define entropy_update_seed_file mbedtls_entropy_update_seed_file
+#define entropy_write_seed_file mbedtls_entropy_write_seed_file
+#define error_strerror mbedtls_strerror
+#define f_source_ptr mbedtls_entropy_f_source_ptr
+#define gcm_auth_decrypt mbedtls_gcm_auth_decrypt
+#define gcm_context mbedtls_gcm_context
+#define gcm_crypt_and_tag mbedtls_gcm_crypt_and_tag
+#define gcm_finish mbedtls_gcm_finish
+#define gcm_free mbedtls_gcm_free
+#define gcm_init mbedtls_gcm_init
+#define gcm_self_test mbedtls_gcm_self_test
+#define gcm_starts mbedtls_gcm_starts
+#define gcm_update mbedtls_gcm_update
+#define get_timer mbedtls_timing_get_timer
+#define hardclock mbedtls_timing_hardclock
+#define hardclock_poll mbedtls_hardclock_poll
+#define havege_free mbedtls_havege_free
+#define havege_init mbedtls_havege_init
+#define havege_poll mbedtls_havege_poll
+#define havege_random mbedtls_havege_random
+#define havege_state mbedtls_havege_state
+#define hmac_drbg_context mbedtls_hmac_drbg_context
+#define hmac_drbg_free mbedtls_hmac_drbg_free
+#define hmac_drbg_init mbedtls_hmac_drbg_init
+#define hmac_drbg_random mbedtls_hmac_drbg_random
+#define hmac_drbg_random_with_add mbedtls_hmac_drbg_random_with_add
+#define hmac_drbg_reseed mbedtls_hmac_drbg_reseed
+#define hmac_drbg_self_test mbedtls_hmac_drbg_self_test
+#define hmac_drbg_set_entropy_len mbedtls_hmac_drbg_set_entropy_len
+#define hmac_drbg_set_prediction_resistance mbedtls_hmac_drbg_set_prediction_resistance
+#define hmac_drbg_set_reseed_interval mbedtls_hmac_drbg_set_reseed_interval
+#define hmac_drbg_update mbedtls_hmac_drbg_update
+#define hmac_drbg_update_seed_file mbedtls_hmac_drbg_update_seed_file
+#define hmac_drbg_write_seed_file mbedtls_hmac_drbg_write_seed_file
+#define hr_time mbedtls_timing_hr_time
+#define key_exchange_type_t mbedtls_key_exchange_type_t
+#define md mbedtls_md
+#define md2 mbedtls_md2
+#define md2_context mbedtls_md2_context
+#define md2_finish mbedtls_md2_finish
+#define md2_free mbedtls_md2_free
+#define md2_info mbedtls_md2_info
+#define md2_init mbedtls_md2_init
+#define md2_process mbedtls_md2_process
+#define md2_self_test mbedtls_md2_self_test
+#define md2_starts mbedtls_md2_starts
+#define md2_update mbedtls_md2_update
+#define md4 mbedtls_md4
+#define md4_context mbedtls_md4_context
+#define md4_finish mbedtls_md4_finish
+#define md4_free mbedtls_md4_free
+#define md4_info mbedtls_md4_info
+#define md4_init mbedtls_md4_init
+#define md4_process mbedtls_md4_process
+#define md4_self_test mbedtls_md4_self_test
+#define md4_starts mbedtls_md4_starts
+#define md4_update mbedtls_md4_update
+#define md5 mbedtls_md5
+#define md5_context mbedtls_md5_context
+#define md5_finish mbedtls_md5_finish
+#define md5_free mbedtls_md5_free
+#define md5_info mbedtls_md5_info
+#define md5_init mbedtls_md5_init
+#define md5_process mbedtls_md5_process
+#define md5_self_test mbedtls_md5_self_test
+#define md5_starts mbedtls_md5_starts
+#define md5_update mbedtls_md5_update
+#define md_context_t mbedtls_md_context_t
+#define md_file mbedtls_md_file
+#define md_finish mbedtls_md_finish
+#define md_free mbedtls_md_free
+#define md_get_name mbedtls_md_get_name
+#define md_get_size mbedtls_md_get_size
+#define md_get_type mbedtls_md_get_type
+#define md_hmac mbedtls_md_hmac
+#define md_hmac_finish mbedtls_md_hmac_finish
+#define md_hmac_reset mbedtls_md_hmac_reset
+#define md_hmac_starts mbedtls_md_hmac_starts
+#define md_hmac_update mbedtls_md_hmac_update
+#define md_info_from_string mbedtls_md_info_from_string
+#define md_info_from_type mbedtls_md_info_from_type
+#define md_info_t mbedtls_md_info_t
+#define md_init mbedtls_md_init
+#define md_init_ctx mbedtls_md_init_ctx
+#define md_list mbedtls_md_list
+#define md_process mbedtls_md_process
+#define md_starts mbedtls_md_starts
+#define md_type_t mbedtls_md_type_t
+#define md_update mbedtls_md_update
+#define memory_buffer_alloc_cur_get mbedtls_memory_buffer_alloc_cur_get
+#define memory_buffer_alloc_free mbedtls_memory_buffer_alloc_free
+#define memory_buffer_alloc_init mbedtls_memory_buffer_alloc_init
+#define memory_buffer_alloc_max_get mbedtls_memory_buffer_alloc_max_get
+#define memory_buffer_alloc_max_reset mbedtls_memory_buffer_alloc_max_reset
+#define memory_buffer_alloc_self_test mbedtls_memory_buffer_alloc_self_test
+#define memory_buffer_alloc_status mbedtls_memory_buffer_alloc_status
+#define memory_buffer_alloc_verify mbedtls_memory_buffer_alloc_verify
+#define memory_buffer_set_verify mbedtls_memory_buffer_set_verify
+#define mpi mbedtls_mpi
+#define mpi_add_abs mbedtls_mpi_add_abs
+#define mpi_add_int mbedtls_mpi_add_int
+#define mpi_add_mpi mbedtls_mpi_add_mpi
+#define mpi_cmp_abs mbedtls_mpi_cmp_abs
+#define mpi_cmp_int mbedtls_mpi_cmp_int
+#define mpi_cmp_mpi mbedtls_mpi_cmp_mpi
+#define mpi_copy mbedtls_mpi_copy
+#define mpi_div_int mbedtls_mpi_div_int
+#define mpi_div_mpi mbedtls_mpi_div_mpi
+#define mpi_exp_mod mbedtls_mpi_exp_mod
+#define mpi_fill_random mbedtls_mpi_fill_random
+#define mpi_free mbedtls_mpi_free
+#define mpi_gcd mbedtls_mpi_gcd
+#define mpi_gen_prime mbedtls_mpi_gen_prime
+#define mpi_get_bit mbedtls_mpi_get_bit
+#define mpi_grow mbedtls_mpi_grow
+#define mpi_init mbedtls_mpi_init
+#define mpi_inv_mod mbedtls_mpi_inv_mod
+#define mpi_is_prime mbedtls_mpi_is_prime
+#define mpi_lsb mbedtls_mpi_lsb
+#define mpi_lset mbedtls_mpi_lset
+#define mpi_mod_int mbedtls_mpi_mod_int
+#define mpi_mod_mpi mbedtls_mpi_mod_mpi
+#define mpi_msb mbedtls_mpi_bitlen
+#define mpi_mul_int mbedtls_mpi_mul_int
+#define mpi_mul_mpi mbedtls_mpi_mul_mpi
+#define mpi_read_binary mbedtls_mpi_read_binary
+#define mpi_read_file mbedtls_mpi_read_file
+#define mpi_read_string mbedtls_mpi_read_string
+#define mpi_safe_cond_assign mbedtls_mpi_safe_cond_assign
+#define mpi_safe_cond_swap mbedtls_mpi_safe_cond_swap
+#define mpi_self_test mbedtls_mpi_self_test
+#define mpi_set_bit mbedtls_mpi_set_bit
+#define mpi_shift_l mbedtls_mpi_shift_l
+#define mpi_shift_r mbedtls_mpi_shift_r
+#define mpi_shrink mbedtls_mpi_shrink
+#define mpi_size mbedtls_mpi_size
+#define mpi_sub_abs mbedtls_mpi_sub_abs
+#define mpi_sub_int mbedtls_mpi_sub_int
+#define mpi_sub_mpi mbedtls_mpi_sub_mpi
+#define mpi_swap mbedtls_mpi_swap
+#define mpi_write_binary mbedtls_mpi_write_binary
+#define mpi_write_file mbedtls_mpi_write_file
+#define mpi_write_string mbedtls_mpi_write_string
+#define net_accept mbedtls_net_accept
+#define net_bind mbedtls_net_bind
+#define net_close mbedtls_net_free
+#define net_connect mbedtls_net_connect
+#define net_recv mbedtls_net_recv
+#define net_recv_timeout mbedtls_net_recv_timeout
+#define net_send mbedtls_net_send
+#define net_set_block mbedtls_net_set_block
+#define net_set_nonblock mbedtls_net_set_nonblock
+#define net_usleep mbedtls_net_usleep
+#define oid_descriptor_t mbedtls_oid_descriptor_t
+#define oid_get_attr_short_name mbedtls_oid_get_attr_short_name
+#define oid_get_cipher_alg mbedtls_oid_get_cipher_alg
+#define oid_get_ec_grp mbedtls_oid_get_ec_grp
+#define oid_get_extended_key_usage mbedtls_oid_get_extended_key_usage
+#define oid_get_md_alg mbedtls_oid_get_md_alg
+#define oid_get_numeric_string mbedtls_oid_get_numeric_string
+#define oid_get_oid_by_ec_grp mbedtls_oid_get_oid_by_ec_grp
+#define oid_get_oid_by_md mbedtls_oid_get_oid_by_md
+#define oid_get_oid_by_pk_alg mbedtls_oid_get_oid_by_pk_alg
+#define oid_get_oid_by_sig_alg mbedtls_oid_get_oid_by_sig_alg
+#define oid_get_pk_alg mbedtls_oid_get_pk_alg
+#define oid_get_pkcs12_pbe_alg mbedtls_oid_get_pkcs12_pbe_alg
+#define oid_get_sig_alg mbedtls_oid_get_sig_alg
+#define oid_get_sig_alg_desc mbedtls_oid_get_sig_alg_desc
+#define oid_get_x509_ext_type mbedtls_oid_get_x509_ext_type
+#define operation_t mbedtls_operation_t
+#define padlock_supports mbedtls_padlock_has_support
+#define padlock_xcryptcbc mbedtls_padlock_xcryptcbc
+#define padlock_xcryptecb mbedtls_padlock_xcryptecb
+#define pem_context mbedtls_pem_context
+#define pem_free mbedtls_pem_free
+#define pem_init mbedtls_pem_init
+#define pem_read_buffer mbedtls_pem_read_buffer
+#define pem_write_buffer mbedtls_pem_write_buffer
+#define pk_can_do mbedtls_pk_can_do
+#define pk_check_pair mbedtls_pk_check_pair
+#define pk_context mbedtls_pk_context
+#define pk_debug mbedtls_pk_debug
+#define pk_debug_item mbedtls_pk_debug_item
+#define pk_debug_type mbedtls_pk_debug_type
+#define pk_decrypt mbedtls_pk_decrypt
+#define pk_ec mbedtls_pk_ec
+#define pk_encrypt mbedtls_pk_encrypt
+#define pk_free mbedtls_pk_free
+#define pk_get_len mbedtls_pk_get_len
+#define pk_get_name mbedtls_pk_get_name
+#define pk_get_size mbedtls_pk_get_bitlen
+#define pk_get_type mbedtls_pk_get_type
+#define pk_info_from_type mbedtls_pk_info_from_type
+#define pk_info_t mbedtls_pk_info_t
+#define pk_init mbedtls_pk_init
+#define pk_init_ctx mbedtls_pk_setup
+#define pk_init_ctx_rsa_alt mbedtls_pk_setup_rsa_alt
+#define pk_load_file mbedtls_pk_load_file
+#define pk_parse_key mbedtls_pk_parse_key
+#define pk_parse_keyfile mbedtls_pk_parse_keyfile
+#define pk_parse_public_key mbedtls_pk_parse_public_key
+#define pk_parse_public_keyfile mbedtls_pk_parse_public_keyfile
+#define pk_parse_subpubkey mbedtls_pk_parse_subpubkey
+#define pk_rsa mbedtls_pk_rsa
+#define pk_rsa_alt_decrypt_func mbedtls_pk_rsa_alt_decrypt_func
+#define pk_rsa_alt_key_len_func mbedtls_pk_rsa_alt_key_len_func
+#define pk_rsa_alt_sign_func mbedtls_pk_rsa_alt_sign_func
+#define pk_rsassa_pss_options mbedtls_pk_rsassa_pss_options
+#define pk_sign mbedtls_pk_sign
+#define pk_type_t mbedtls_pk_type_t
+#define pk_verify mbedtls_pk_verify
+#define pk_verify_ext mbedtls_pk_verify_ext
+#define pk_write_key_der mbedtls_pk_write_key_der
+#define pk_write_key_pem mbedtls_pk_write_key_pem
+#define pk_write_pubkey mbedtls_pk_write_pubkey
+#define pk_write_pubkey_der mbedtls_pk_write_pubkey_der
+#define pk_write_pubkey_pem mbedtls_pk_write_pubkey_pem
+#define pkcs11_context mbedtls_pkcs11_context
+#define pkcs11_decrypt mbedtls_pkcs11_decrypt
+#define pkcs11_priv_key_free mbedtls_pkcs11_priv_key_free
+#define pkcs11_priv_key_init mbedtls_pkcs11_priv_key_bind
+#define pkcs11_sign mbedtls_pkcs11_sign
+#define pkcs11_x509_cert_init mbedtls_pkcs11_x509_cert_bind
+#define pkcs12_derivation mbedtls_pkcs12_derivation
+#define pkcs12_pbe mbedtls_pkcs12_pbe
+#define pkcs12_pbe_sha1_rc4_128 mbedtls_pkcs12_pbe_sha1_rc4_128
+#define pkcs5_pbes2 mbedtls_pkcs5_pbes2
+#define pkcs5_pbkdf2_hmac mbedtls_pkcs5_pbkdf2_hmac
+#define pkcs5_self_test mbedtls_pkcs5_self_test
+#define platform_entropy_poll mbedtls_platform_entropy_poll
+#define platform_set_exit mbedtls_platform_set_exit
+#define platform_set_fprintf mbedtls_platform_set_fprintf
+#define platform_set_printf mbedtls_platform_set_printf
+#define platform_set_snprintf mbedtls_platform_set_snprintf
+#define polarssl_exit mbedtls_exit
+#define polarssl_fprintf mbedtls_fprintf
+#define polarssl_free mbedtls_free
+#define polarssl_mutex_free mbedtls_mutex_free
+#define polarssl_mutex_init mbedtls_mutex_init
+#define polarssl_mutex_lock mbedtls_mutex_lock
+#define polarssl_mutex_unlock mbedtls_mutex_unlock
+#define polarssl_printf mbedtls_printf
+#define polarssl_snprintf mbedtls_snprintf
+#define polarssl_strerror mbedtls_strerror
+#define ripemd160 mbedtls_ripemd160
+#define ripemd160_context mbedtls_ripemd160_context
+#define ripemd160_finish mbedtls_ripemd160_finish
+#define ripemd160_free mbedtls_ripemd160_free
+#define ripemd160_info mbedtls_ripemd160_info
+#define ripemd160_init mbedtls_ripemd160_init
+#define ripemd160_process mbedtls_ripemd160_process
+#define ripemd160_self_test mbedtls_ripemd160_self_test
+#define ripemd160_starts mbedtls_ripemd160_starts
+#define ripemd160_update mbedtls_ripemd160_update
+#define rsa_alt_context mbedtls_rsa_alt_context
+#define rsa_alt_info mbedtls_rsa_alt_info
+#define rsa_check_privkey mbedtls_rsa_check_privkey
+#define rsa_check_pub_priv mbedtls_rsa_check_pub_priv
+#define rsa_check_pubkey mbedtls_rsa_check_pubkey
+#define rsa_context mbedtls_rsa_context
+#define rsa_copy mbedtls_rsa_copy
+#define rsa_free mbedtls_rsa_free
+#define rsa_gen_key mbedtls_rsa_gen_key
+#define rsa_info mbedtls_rsa_info
+#define rsa_init mbedtls_rsa_init
+#define rsa_pkcs1_decrypt mbedtls_rsa_pkcs1_decrypt
+#define rsa_pkcs1_encrypt mbedtls_rsa_pkcs1_encrypt
+#define rsa_pkcs1_sign mbedtls_rsa_pkcs1_sign
+#define rsa_pkcs1_verify mbedtls_rsa_pkcs1_verify
+#define rsa_private mbedtls_rsa_private
+#define rsa_public mbedtls_rsa_public
+#define rsa_rsaes_oaep_decrypt mbedtls_rsa_rsaes_oaep_decrypt
+#define rsa_rsaes_oaep_encrypt mbedtls_rsa_rsaes_oaep_encrypt
+#define rsa_rsaes_pkcs1_v15_decrypt mbedtls_rsa_rsaes_pkcs1_v15_decrypt
+#define rsa_rsaes_pkcs1_v15_encrypt mbedtls_rsa_rsaes_pkcs1_v15_encrypt
+#define rsa_rsassa_pkcs1_v15_sign mbedtls_rsa_rsassa_pkcs1_v15_sign
+#define rsa_rsassa_pkcs1_v15_verify mbedtls_rsa_rsassa_pkcs1_v15_verify
+#define rsa_rsassa_pss_sign mbedtls_rsa_rsassa_pss_sign
+#define rsa_rsassa_pss_verify mbedtls_rsa_rsassa_pss_verify
+#define rsa_rsassa_pss_verify_ext mbedtls_rsa_rsassa_pss_verify_ext
+#define rsa_self_test mbedtls_rsa_self_test
+#define rsa_set_padding mbedtls_rsa_set_padding
+#define safer_memcmp mbedtls_ssl_safer_memcmp
+#define set_alarm mbedtls_set_alarm
+#define sha1 mbedtls_sha1
+#define sha1_context mbedtls_sha1_context
+#define sha1_finish mbedtls_sha1_finish
+#define sha1_free mbedtls_sha1_free
+#define sha1_info mbedtls_sha1_info
+#define sha1_init mbedtls_sha1_init
+#define sha1_process mbedtls_sha1_process
+#define sha1_self_test mbedtls_sha1_self_test
+#define sha1_starts mbedtls_sha1_starts
+#define sha1_update mbedtls_sha1_update
+#define sha224_info mbedtls_sha224_info
+#define sha256 mbedtls_sha256
+#define sha256_context mbedtls_sha256_context
+#define sha256_finish mbedtls_sha256_finish
+#define sha256_free mbedtls_sha256_free
+#define sha256_info mbedtls_sha256_info
+#define sha256_init mbedtls_sha256_init
+#define sha256_process mbedtls_sha256_process
+#define sha256_self_test mbedtls_sha256_self_test
+#define sha256_starts mbedtls_sha256_starts
+#define sha256_update mbedtls_sha256_update
+#define sha384_info mbedtls_sha384_info
+#define sha512 mbedtls_sha512
+#define sha512_context mbedtls_sha512_context
+#define sha512_finish mbedtls_sha512_finish
+#define sha512_free mbedtls_sha512_free
+#define sha512_info mbedtls_sha512_info
+#define sha512_init mbedtls_sha512_init
+#define sha512_process mbedtls_sha512_process
+#define sha512_self_test mbedtls_sha512_self_test
+#define sha512_starts mbedtls_sha512_starts
+#define sha512_update mbedtls_sha512_update
+#define source_state mbedtls_entropy_source_state
+#define ssl_cache_context mbedtls_ssl_cache_context
+#define ssl_cache_entry mbedtls_ssl_cache_entry
+#define ssl_cache_free mbedtls_ssl_cache_free
+#define ssl_cache_get mbedtls_ssl_cache_get
+#define ssl_cache_init mbedtls_ssl_cache_init
+#define ssl_cache_set mbedtls_ssl_cache_set
+#define ssl_cache_set_max_entries mbedtls_ssl_cache_set_max_entries
+#define ssl_cache_set_timeout mbedtls_ssl_cache_set_timeout
+#define ssl_check_cert_usage mbedtls_ssl_check_cert_usage
+#define ssl_ciphersuite_from_id mbedtls_ssl_ciphersuite_from_id
+#define ssl_ciphersuite_from_string mbedtls_ssl_ciphersuite_from_string
+#define ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t
+#define ssl_ciphersuite_uses_ec mbedtls_ssl_ciphersuite_uses_ec
+#define ssl_ciphersuite_uses_psk mbedtls_ssl_ciphersuite_uses_psk
+#define ssl_close_notify mbedtls_ssl_close_notify
+#define ssl_context mbedtls_ssl_context
+#define ssl_cookie_check mbedtls_ssl_cookie_check
+#define ssl_cookie_check_t mbedtls_ssl_cookie_check_t
+#define ssl_cookie_ctx mbedtls_ssl_cookie_ctx
+#define ssl_cookie_free mbedtls_ssl_cookie_free
+#define ssl_cookie_init mbedtls_ssl_cookie_init
+#define ssl_cookie_set_timeout mbedtls_ssl_cookie_set_timeout
+#define ssl_cookie_setup mbedtls_ssl_cookie_setup
+#define ssl_cookie_write mbedtls_ssl_cookie_write
+#define ssl_cookie_write_t mbedtls_ssl_cookie_write_t
+#define ssl_derive_keys mbedtls_ssl_derive_keys
+#define ssl_dtls_replay_check mbedtls_ssl_dtls_replay_check
+#define ssl_dtls_replay_update mbedtls_ssl_dtls_replay_update
+#define ssl_fetch_input mbedtls_ssl_fetch_input
+#define ssl_flight_item mbedtls_ssl_flight_item
+#define ssl_flush_output mbedtls_ssl_flush_output
+#define ssl_free mbedtls_ssl_free
+#define ssl_get_alpn_protocol mbedtls_ssl_get_alpn_protocol
+#define ssl_get_bytes_avail mbedtls_ssl_get_bytes_avail
+#define ssl_get_ciphersuite mbedtls_ssl_get_ciphersuite
+#define ssl_get_ciphersuite_id mbedtls_ssl_get_ciphersuite_id
+#define ssl_get_ciphersuite_name mbedtls_ssl_get_ciphersuite_name
+#define ssl_get_ciphersuite_sig_pk_alg mbedtls_ssl_get_ciphersuite_sig_pk_alg
+#define ssl_get_peer_cert mbedtls_ssl_get_peer_cert
+#define ssl_get_record_expansion mbedtls_ssl_get_record_expansion
+#define ssl_get_session mbedtls_ssl_get_session
+#define ssl_get_verify_result mbedtls_ssl_get_verify_result
+#define ssl_get_version mbedtls_ssl_get_version
+#define ssl_handshake mbedtls_ssl_handshake
+#define ssl_handshake_client_step mbedtls_ssl_handshake_client_step
+#define ssl_handshake_free mbedtls_ssl_handshake_free
+#define ssl_handshake_params mbedtls_ssl_handshake_params
+#define ssl_handshake_server_step mbedtls_ssl_handshake_server_step
+#define ssl_handshake_step mbedtls_ssl_handshake_step
+#define ssl_handshake_wrapup mbedtls_ssl_handshake_wrapup
+#define ssl_hdr_len mbedtls_ssl_hdr_len
+#define ssl_hs_hdr_len mbedtls_ssl_hs_hdr_len
+#define ssl_hw_record_activate mbedtls_ssl_hw_record_activate
+#define ssl_hw_record_finish mbedtls_ssl_hw_record_finish
+#define ssl_hw_record_init mbedtls_ssl_hw_record_init
+#define ssl_hw_record_read mbedtls_ssl_hw_record_read
+#define ssl_hw_record_reset mbedtls_ssl_hw_record_reset
+#define ssl_hw_record_write mbedtls_ssl_hw_record_write
+#define ssl_init mbedtls_ssl_init
+#define ssl_key_cert mbedtls_ssl_key_cert
+#define ssl_legacy_renegotiation mbedtls_ssl_conf_legacy_renegotiation
+#define ssl_list_ciphersuites mbedtls_ssl_list_ciphersuites
+#define ssl_md_alg_from_hash mbedtls_ssl_md_alg_from_hash
+#define ssl_optimize_checksum mbedtls_ssl_optimize_checksum
+#define ssl_own_cert mbedtls_ssl_own_cert
+#define ssl_own_key mbedtls_ssl_own_key
+#define ssl_parse_certificate mbedtls_ssl_parse_certificate
+#define ssl_parse_change_cipher_spec mbedtls_ssl_parse_change_cipher_spec
+#define ssl_parse_finished mbedtls_ssl_parse_finished
+#define ssl_pk_alg_from_sig mbedtls_ssl_pk_alg_from_sig
+#define ssl_pkcs11_decrypt mbedtls_ssl_pkcs11_decrypt
+#define ssl_pkcs11_key_len mbedtls_ssl_pkcs11_key_len
+#define ssl_pkcs11_sign mbedtls_ssl_pkcs11_sign
+#define ssl_psk_derive_premaster mbedtls_ssl_psk_derive_premaster
+#define ssl_read mbedtls_ssl_read
+#define ssl_read_record mbedtls_ssl_read_record
+#define ssl_read_version mbedtls_ssl_read_version
+#define ssl_recv_flight_completed mbedtls_ssl_recv_flight_completed
+#define ssl_renegotiate mbedtls_ssl_renegotiate
+#define ssl_resend mbedtls_ssl_resend
+#define ssl_reset_checksum mbedtls_ssl_reset_checksum
+#define ssl_send_alert_message mbedtls_ssl_send_alert_message
+#define ssl_send_fatal_handshake_failure mbedtls_ssl_send_fatal_handshake_failure
+#define ssl_send_flight_completed mbedtls_ssl_send_flight_completed
+#define ssl_session mbedtls_ssl_session
+#define ssl_session_free mbedtls_ssl_session_free
+#define ssl_session_init mbedtls_ssl_session_init
+#define ssl_session_reset mbedtls_ssl_session_reset
+#define ssl_set_alpn_protocols mbedtls_ssl_conf_alpn_protocols
+#define ssl_set_arc4_support mbedtls_ssl_conf_arc4_support
+#define ssl_set_authmode mbedtls_ssl_conf_authmode
+#define ssl_set_bio mbedtls_ssl_set_bio
+#define ssl_set_ca_chain mbedtls_ssl_conf_ca_chain
+#define ssl_set_cbc_record_splitting mbedtls_ssl_conf_cbc_record_splitting
+#define ssl_set_ciphersuites mbedtls_ssl_conf_ciphersuites
+#define ssl_set_ciphersuites_for_version mbedtls_ssl_conf_ciphersuites_for_version
+#define ssl_set_client_transport_id mbedtls_ssl_set_client_transport_id
+#define ssl_set_curves mbedtls_ssl_conf_curves
+#define ssl_set_dbg mbedtls_ssl_conf_dbg
+#define ssl_set_dh_param mbedtls_ssl_conf_dh_param
+#define ssl_set_dh_param_ctx mbedtls_ssl_conf_dh_param_ctx
+#define ssl_set_dtls_anti_replay mbedtls_ssl_conf_dtls_anti_replay
+#define ssl_set_dtls_badmac_limit mbedtls_ssl_conf_dtls_badmac_limit
+#define ssl_set_dtls_cookies mbedtls_ssl_conf_dtls_cookies
+#define ssl_set_encrypt_then_mac mbedtls_ssl_conf_encrypt_then_mac
+#define ssl_set_endpoint mbedtls_ssl_conf_endpoint
+#define ssl_set_extended_master_secret mbedtls_ssl_conf_extended_master_secret
+#define ssl_set_fallback mbedtls_ssl_conf_fallback
+#define ssl_set_handshake_timeout mbedtls_ssl_conf_handshake_timeout
+#define ssl_set_hostname mbedtls_ssl_set_hostname
+#define ssl_set_max_frag_len mbedtls_ssl_conf_max_frag_len
+#define ssl_set_max_version mbedtls_ssl_conf_max_version
+#define ssl_set_min_version mbedtls_ssl_conf_min_version
+#define ssl_set_own_cert mbedtls_ssl_conf_own_cert
+#define ssl_set_psk mbedtls_ssl_conf_psk
+#define ssl_set_psk_cb mbedtls_ssl_conf_psk_cb
+#define ssl_set_renegotiation mbedtls_ssl_conf_renegotiation
+#define ssl_set_renegotiation_enforced mbedtls_ssl_conf_renegotiation_enforced
+#define ssl_set_renegotiation_period mbedtls_ssl_conf_renegotiation_period
+#define ssl_set_rng mbedtls_ssl_conf_rng
+#define ssl_set_session mbedtls_ssl_set_session
+#define ssl_set_session_cache mbedtls_ssl_conf_session_cache
+#define ssl_set_session_tickets mbedtls_ssl_conf_session_tickets
+#define ssl_set_sni mbedtls_ssl_conf_sni
+#define ssl_set_transport mbedtls_ssl_conf_transport
+#define ssl_set_truncated_hmac mbedtls_ssl_conf_truncated_hmac
+#define ssl_set_verify mbedtls_ssl_conf_verify
+#define ssl_sig_from_pk mbedtls_ssl_sig_from_pk
+#define ssl_states mbedtls_ssl_states
+#define ssl_transform mbedtls_ssl_transform
+#define ssl_transform_free mbedtls_ssl_transform_free
+#define ssl_write mbedtls_ssl_write
+#define ssl_write_certificate mbedtls_ssl_write_certificate
+#define ssl_write_change_cipher_spec mbedtls_ssl_write_change_cipher_spec
+#define ssl_write_finished mbedtls_ssl_write_finished
+#define ssl_write_record mbedtls_ssl_write_record
+#define ssl_write_version mbedtls_ssl_write_version
+#define supported_ciphers mbedtls_cipher_supported
+#define t_sint mbedtls_mpi_sint
+#define t_udbl mbedtls_t_udbl
+#define t_uint mbedtls_mpi_uint
+#define test_ca_crt mbedtls_test_ca_crt
+#define test_ca_crt_ec mbedtls_test_ca_crt_ec
+#define test_ca_crt_rsa mbedtls_test_ca_crt_rsa
+#define test_ca_key mbedtls_test_ca_key
+#define test_ca_key_ec mbedtls_test_ca_key_ec
+#define test_ca_key_rsa mbedtls_test_ca_key_rsa
+#define test_ca_list mbedtls_test_cas_pem
+#define test_ca_pwd mbedtls_test_ca_pwd
+#define test_ca_pwd_ec mbedtls_test_ca_pwd_ec
+#define test_ca_pwd_rsa mbedtls_test_ca_pwd_rsa
+#define test_cli_crt mbedtls_test_cli_crt
+#define test_cli_crt_ec mbedtls_test_cli_crt_ec
+#define test_cli_crt_rsa mbedtls_test_cli_crt_rsa
+#define test_cli_key mbedtls_test_cli_key
+#define test_cli_key_ec mbedtls_test_cli_key_ec
+#define test_cli_key_rsa mbedtls_test_cli_key_rsa
+#define test_srv_crt mbedtls_test_srv_crt
+#define test_srv_crt_ec mbedtls_test_srv_crt_ec
+#define test_srv_crt_rsa mbedtls_test_srv_crt_rsa
+#define test_srv_key mbedtls_test_srv_key
+#define test_srv_key_ec mbedtls_test_srv_key_ec
+#define test_srv_key_rsa mbedtls_test_srv_key_rsa
+#define threading_mutex_t mbedtls_threading_mutex_t
+#define threading_set_alt mbedtls_threading_set_alt
+#define timing_self_test mbedtls_timing_self_test
+#define version_check_feature mbedtls_version_check_feature
+#define version_get_number mbedtls_version_get_number
+#define version_get_string mbedtls_version_get_string
+#define version_get_string_full mbedtls_version_get_string_full
+#define x509_bitstring mbedtls_x509_bitstring
+#define x509_buf mbedtls_x509_buf
+#define x509_crl mbedtls_x509_crl
+#define x509_crl_entry mbedtls_x509_crl_entry
+#define x509_crl_free mbedtls_x509_crl_free
+#define x509_crl_info mbedtls_x509_crl_info
+#define x509_crl_init mbedtls_x509_crl_init
+#define x509_crl_parse mbedtls_x509_crl_parse
+#define x509_crl_parse_der mbedtls_x509_crl_parse_der
+#define x509_crl_parse_file mbedtls_x509_crl_parse_file
+#define x509_crt mbedtls_x509_crt
+#define x509_crt_check_extended_key_usage mbedtls_x509_crt_check_extended_key_usage
+#define x509_crt_check_key_usage mbedtls_x509_crt_check_key_usage
+#define x509_crt_free mbedtls_x509_crt_free
+#define x509_crt_info mbedtls_x509_crt_info
+#define x509_crt_init mbedtls_x509_crt_init
+#define x509_crt_parse mbedtls_x509_crt_parse
+#define x509_crt_parse_der mbedtls_x509_crt_parse_der
+#define x509_crt_parse_file mbedtls_x509_crt_parse_file
+#define x509_crt_parse_path mbedtls_x509_crt_parse_path
+#define x509_crt_revoked mbedtls_x509_crt_is_revoked
+#define x509_crt_verify mbedtls_x509_crt_verify
+#define x509_csr mbedtls_x509_csr
+#define x509_csr_free mbedtls_x509_csr_free
+#define x509_csr_info mbedtls_x509_csr_info
+#define x509_csr_init mbedtls_x509_csr_init
+#define x509_csr_parse mbedtls_x509_csr_parse
+#define x509_csr_parse_der mbedtls_x509_csr_parse_der
+#define x509_csr_parse_file mbedtls_x509_csr_parse_file
+#define x509_dn_gets mbedtls_x509_dn_gets
+#define x509_get_alg mbedtls_x509_get_alg
+#define x509_get_alg_null mbedtls_x509_get_alg_null
+#define x509_get_ext mbedtls_x509_get_ext
+#define x509_get_name mbedtls_x509_get_name
+#define x509_get_rsassa_pss_params mbedtls_x509_get_rsassa_pss_params
+#define x509_get_serial mbedtls_x509_get_serial
+#define x509_get_sig mbedtls_x509_get_sig
+#define x509_get_sig_alg mbedtls_x509_get_sig_alg
+#define x509_get_time mbedtls_x509_get_time
+#define x509_key_size_helper mbedtls_x509_key_size_helper
+#define x509_name mbedtls_x509_name
+#define x509_self_test mbedtls_x509_self_test
+#define x509_sequence mbedtls_x509_sequence
+#define x509_serial_gets mbedtls_x509_serial_gets
+#define x509_set_extension mbedtls_x509_set_extension
+#define x509_sig_alg_gets mbedtls_x509_sig_alg_gets
+#define x509_string_to_names mbedtls_x509_string_to_names
+#define x509_time mbedtls_x509_time
+#define x509_time_expired mbedtls_x509_time_is_past
+#define x509_time_future mbedtls_x509_time_is_future
+#define x509_write_extensions mbedtls_x509_write_extensions
+#define x509_write_names mbedtls_x509_write_names
+#define x509_write_sig mbedtls_x509_write_sig
+#define x509write_cert mbedtls_x509write_cert
+#define x509write_crt_der mbedtls_x509write_crt_der
+#define x509write_crt_free mbedtls_x509write_crt_free
+#define x509write_crt_init mbedtls_x509write_crt_init
+#define x509write_crt_pem mbedtls_x509write_crt_pem
+#define x509write_crt_set_authority_key_identifier mbedtls_x509write_crt_set_authority_key_identifier
+#define x509write_crt_set_basic_constraints mbedtls_x509write_crt_set_basic_constraints
+#define x509write_crt_set_extension mbedtls_x509write_crt_set_extension
+#define x509write_crt_set_issuer_key mbedtls_x509write_crt_set_issuer_key
+#define x509write_crt_set_issuer_name mbedtls_x509write_crt_set_issuer_name
+#define x509write_crt_set_key_usage mbedtls_x509write_crt_set_key_usage
+#define x509write_crt_set_md_alg mbedtls_x509write_crt_set_md_alg
+#define x509write_crt_set_ns_cert_type mbedtls_x509write_crt_set_ns_cert_type
+#define x509write_crt_set_serial mbedtls_x509write_crt_set_serial
+#define x509write_crt_set_subject_key mbedtls_x509write_crt_set_subject_key
+#define x509write_crt_set_subject_key_identifier mbedtls_x509write_crt_set_subject_key_identifier
+#define x509write_crt_set_subject_name mbedtls_x509write_crt_set_subject_name
+#define x509write_crt_set_validity mbedtls_x509write_crt_set_validity
+#define x509write_crt_set_version mbedtls_x509write_crt_set_version
+#define x509write_csr mbedtls_x509write_csr
+#define x509write_csr_der mbedtls_x509write_csr_der
+#define x509write_csr_free mbedtls_x509write_csr_free
+#define x509write_csr_init mbedtls_x509write_csr_init
+#define x509write_csr_pem mbedtls_x509write_csr_pem
+#define x509write_csr_set_extension mbedtls_x509write_csr_set_extension
+#define x509write_csr_set_key mbedtls_x509write_csr_set_key
+#define x509write_csr_set_key_usage mbedtls_x509write_csr_set_key_usage
+#define x509write_csr_set_md_alg mbedtls_x509write_csr_set_md_alg
+#define x509write_csr_set_ns_cert_type mbedtls_x509write_csr_set_ns_cert_type
+#define x509write_csr_set_subject_name mbedtls_x509write_csr_set_subject_name
+#define xtea_context mbedtls_xtea_context
+#define xtea_crypt_cbc mbedtls_xtea_crypt_cbc
+#define xtea_crypt_ecb mbedtls_xtea_crypt_ecb
+#define xtea_free mbedtls_xtea_free
+#define xtea_init mbedtls_xtea_init
+#define xtea_self_test mbedtls_xtea_self_test
+#define xtea_setup mbedtls_xtea_setup
+
+#endif /* compat-1.3.h */
+#endif /* MBEDTLS_DEPRECATED_REMOVED */
diff --git a/thirdparty/mbedtls/include/mbedtls/config.h b/thirdparty/mbedtls/include/mbedtls/config.h
new file mode 100644
index 0000000000..79eedffddd
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/config.h
@@ -0,0 +1,2817 @@
+/**
+ * \file config.h
+ *
+ * \brief Configuration options (set of defines)
+ *
+ *  This set of compile-time options may be used to enable
+ *  or disable features selectively, and reduce the global
+ *  memory footprint.
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef MBEDTLS_CONFIG_H
+#define MBEDTLS_CONFIG_H
+
+#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
+#define _CRT_SECURE_NO_DEPRECATE 1
+#endif
+
+/**
+ * \name SECTION: System support
+ *
+ * This section sets system specific settings.
+ * \{
+ */
+
+/**
+ * \def MBEDTLS_HAVE_ASM
+ *
+ * The compiler has support for asm().
+ *
+ * Requires support for asm() in compiler.
+ *
+ * Used in:
+ *      library/timing.c
+ *      library/padlock.c
+ *      include/mbedtls/bn_mul.h
+ *
+ * Comment to disable the use of assembly code.
+ */
+#define MBEDTLS_HAVE_ASM
+
+/**
+ * \def MBEDTLS_NO_UDBL_DIVISION
+ *
+ * The platform lacks support for double-width integer division (64-bit
+ * division on a 32-bit platform, 128-bit division on a 64-bit platform).
+ *
+ * Used in:
+ *      include/mbedtls/bignum.h
+ *      library/bignum.c
+ *
+ * The bignum code uses double-width division to speed up some operations.
+ * Double-width division is often implemented in software that needs to
+ * be linked with the program. The presence of a double-width integer
+ * type is usually detected automatically through preprocessor macros,
+ * but the automatic detection cannot know whether the code needs to
+ * and can be linked with an implementation of division for that type.
+ * By default division is assumed to be usable if the type is present.
+ * Uncomment this option to prevent the use of double-width division.
+ *
+ * Note that division for the native integer type is always required.
+ * Furthermore, a 64-bit type is always required even on a 32-bit
+ * platform, but it need not support multiplication or division. In some
+ * cases it is also desirable to disable some double-width operations. For
+ * example, if double-width division is implemented in software, disabling
+ * it can reduce code size in some embedded targets.
+ */
+//#define MBEDTLS_NO_UDBL_DIVISION
+
+/**
+ * \def MBEDTLS_HAVE_SSE2
+ *
+ * CPU supports SSE2 instruction set.
+ *
+ * Uncomment if the CPU supports SSE2 (IA-32 specific).
+ */
+//#define MBEDTLS_HAVE_SSE2
+
+/**
+ * \def MBEDTLS_HAVE_TIME
+ *
+ * System has time.h and time().
+ * The time does not need to be correct, only time differences are used,
+ * by contrast with MBEDTLS_HAVE_TIME_DATE
+ *
+ * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT,
+ * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and
+ * MBEDTLS_PLATFORM_STD_TIME.
+ *
+ * Comment if your system does not support time functions
+ */
+#define MBEDTLS_HAVE_TIME
+
+/**
+ * \def MBEDTLS_HAVE_TIME_DATE
+ *
+ * System has time.h and time(), gmtime() and the clock is correct.
+ * The time needs to be correct (not necesarily very accurate, but at least
+ * the date should be correct). This is used to verify the validity period of
+ * X.509 certificates.
+ *
+ * Comment if your system does not have a correct clock.
+ */
+#define MBEDTLS_HAVE_TIME_DATE
+
+/**
+ * \def MBEDTLS_PLATFORM_MEMORY
+ *
+ * Enable the memory allocation layer.
+ *
+ * By default mbed TLS uses the system-provided calloc() and free().
+ * This allows different allocators (self-implemented or provided) to be
+ * provided to the platform abstraction layer.
+ *
+ * Enabling MBEDTLS_PLATFORM_MEMORY without the
+ * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide
+ * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and
+ * free() function pointer at runtime.
+ *
+ * Enabling MBEDTLS_PLATFORM_MEMORY and specifying
+ * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the
+ * alternate function at compile time.
+ *
+ * Requires: MBEDTLS_PLATFORM_C
+ *
+ * Enable this layer to allow use of alternative memory allocators.
+ */
+//#define MBEDTLS_PLATFORM_MEMORY
+
+/**
+ * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+ *
+ * Do not assign standard functions in the platform layer (e.g. calloc() to
+ * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF)
+ *
+ * This makes sure there are no linking errors on platforms that do not support
+ * these functions. You will HAVE to provide alternatives, either at runtime
+ * via the platform_set_xxx() functions or at compile time by setting
+ * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a
+ * MBEDTLS_PLATFORM_XXX_MACRO.
+ *
+ * Requires: MBEDTLS_PLATFORM_C
+ *
+ * Uncomment to prevent default assignment of standard functions in the
+ * platform layer.
+ */
+//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+
+/**
+ * \def MBEDTLS_PLATFORM_EXIT_ALT
+ *
+ * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the
+ * function in the platform abstraction layer.
+ *
+ * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will
+ * provide a function "mbedtls_platform_set_printf()" that allows you to set an
+ * alternative printf function pointer.
+ *
+ * All these define require MBEDTLS_PLATFORM_C to be defined!
+ *
+ * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows;
+ * it will be enabled automatically by check_config.h
+ *
+ * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as
+ * MBEDTLS_PLATFORM_XXX_MACRO!
+ *
+ * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME
+ *
+ * Uncomment a macro to enable alternate implementation of specific base
+ * platform function
+ */
+//#define MBEDTLS_PLATFORM_EXIT_ALT
+//#define MBEDTLS_PLATFORM_TIME_ALT
+//#define MBEDTLS_PLATFORM_FPRINTF_ALT
+//#define MBEDTLS_PLATFORM_PRINTF_ALT
+//#define MBEDTLS_PLATFORM_SNPRINTF_ALT
+//#define MBEDTLS_PLATFORM_NV_SEED_ALT
+//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
+
+/**
+ * \def MBEDTLS_DEPRECATED_WARNING
+ *
+ * Mark deprecated functions so that they generate a warning if used.
+ * Functions deprecated in one version will usually be removed in the next
+ * version. You can enable this to help you prepare the transition to a new
+ * major version by making sure your code is not using these functions.
+ *
+ * This only works with GCC and Clang. With other compilers, you may want to
+ * use MBEDTLS_DEPRECATED_REMOVED
+ *
+ * Uncomment to get warnings on using deprecated functions.
+ */
+//#define MBEDTLS_DEPRECATED_WARNING
+
+/**
+ * \def MBEDTLS_DEPRECATED_REMOVED
+ *
+ * Remove deprecated functions so that they generate an error if used.
+ * Functions deprecated in one version will usually be removed in the next
+ * version. You can enable this to help you prepare the transition to a new
+ * major version by making sure your code is not using these functions.
+ *
+ * Uncomment to get errors on using deprecated functions.
+ */
+//#define MBEDTLS_DEPRECATED_REMOVED
+
+/* \} name SECTION: System support */
+
+/**
+ * \name SECTION: mbed TLS feature support
+ *
+ * This section sets support for features that are or are not needed
+ * within the modules that are enabled.
+ * \{
+ */
+
+/**
+ * \def MBEDTLS_TIMING_ALT
+ *
+ * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(),
+ * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay()
+ *
+ * Only works if you have MBEDTLS_TIMING_C enabled.
+ *
+ * You will need to provide a header "timing_alt.h" and an implementation at
+ * compile time.
+ */
+//#define MBEDTLS_TIMING_ALT
+
+/**
+ * \def MBEDTLS_AES_ALT
+ *
+ * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your
+ * alternate core implementation of a symmetric crypto, an arithmetic or hash
+ * module (e.g. platform specific assembly optimized implementations). Keep
+ * in mind that the function prototypes should remain the same.
+ *
+ * This replaces the whole module. If you only want to replace one of the
+ * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags.
+ *
+ * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer
+ * provide the "struct mbedtls_aes_context" definition and omit the base
+ * function declarations and implementations. "aes_alt.h" will be included from
+ * "aes.h" to include the new function definitions.
+ *
+ * Uncomment a macro to enable alternate implementation of the corresponding
+ * module.
+ *
+ * \warning   MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their
+ *            use constitutes a security risk. If possible, we recommend
+ *            avoiding dependencies on them, and considering stronger message
+ *            digests and ciphers instead.
+ *
+ */
+//#define MBEDTLS_AES_ALT
+//#define MBEDTLS_ARC4_ALT
+//#define MBEDTLS_BLOWFISH_ALT
+//#define MBEDTLS_CAMELLIA_ALT
+//#define MBEDTLS_CCM_ALT
+//#define MBEDTLS_CMAC_ALT
+//#define MBEDTLS_DES_ALT
+//#define MBEDTLS_DHM_ALT
+//#define MBEDTLS_ECJPAKE_ALT
+//#define MBEDTLS_GCM_ALT
+//#define MBEDTLS_MD2_ALT
+//#define MBEDTLS_MD4_ALT
+//#define MBEDTLS_MD5_ALT
+//#define MBEDTLS_RIPEMD160_ALT
+//#define MBEDTLS_RSA_ALT
+//#define MBEDTLS_SHA1_ALT
+//#define MBEDTLS_SHA256_ALT
+//#define MBEDTLS_SHA512_ALT
+//#define MBEDTLS_XTEA_ALT
+/*
+ * When replacing the elliptic curve module, pleace consider, that it is
+ * implemented with two .c files:
+ *      - ecp.c
+ *      - ecp_curves.c
+ * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
+ * macros as described above. The only difference is that you have to make sure
+ * that you provide functionality for both .c files.
+ */
+//#define MBEDTLS_ECP_ALT
+
+/**
+ * \def MBEDTLS_MD2_PROCESS_ALT
+ *
+ * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you
+ * alternate core implementation of symmetric crypto or hash function. Keep in
+ * mind that function prototypes should remain the same.
+ *
+ * This replaces only one function. The header file from mbed TLS is still
+ * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags.
+ *
+ * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will
+ * no longer provide the mbedtls_sha1_process() function, but it will still provide
+ * the other function (using your mbedtls_sha1_process() function) and the definition
+ * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
+ * with this definition.
+ *
+ * \note Because of a signature change, the core AES encryption and decryption routines are
+ *       currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt,
+ *       respectively. When setting up alternative implementations, these functions should
+ *       be overriden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt
+ *       must stay untouched.
+ *
+ * \note If you use the AES_xxx_ALT macros, then is is recommended to also set
+ *       MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
+ *       tables.
+ *
+ * Uncomment a macro to enable alternate implementation of the corresponding
+ * function.
+ *
+ * \warning   MD2, MD4, MD5, DES and SHA-1 are considered weak and their use
+ *            constitutes a security risk. If possible, we recommend avoiding
+ *            dependencies on them, and considering stronger message digests
+ *            and ciphers instead.
+ *
+ */
+//#define MBEDTLS_MD2_PROCESS_ALT
+//#define MBEDTLS_MD4_PROCESS_ALT
+//#define MBEDTLS_MD5_PROCESS_ALT
+//#define MBEDTLS_RIPEMD160_PROCESS_ALT
+//#define MBEDTLS_SHA1_PROCESS_ALT
+//#define MBEDTLS_SHA256_PROCESS_ALT
+//#define MBEDTLS_SHA512_PROCESS_ALT
+//#define MBEDTLS_DES_SETKEY_ALT
+//#define MBEDTLS_DES_CRYPT_ECB_ALT
+//#define MBEDTLS_DES3_CRYPT_ECB_ALT
+//#define MBEDTLS_AES_SETKEY_ENC_ALT
+//#define MBEDTLS_AES_SETKEY_DEC_ALT
+//#define MBEDTLS_AES_ENCRYPT_ALT
+//#define MBEDTLS_AES_DECRYPT_ALT
+//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
+//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
+//#define MBEDTLS_ECDSA_VERIFY_ALT
+//#define MBEDTLS_ECDSA_SIGN_ALT
+//#define MBEDTLS_ECDSA_GENKEY_ALT
+
+/**
+ * \def MBEDTLS_ECP_INTERNAL_ALT
+ *
+ * Expose a part of the internal interface of the Elliptic Curve Point module.
+ *
+ * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your
+ * alternative core implementation of elliptic curve arithmetic. Keep in mind
+ * that function prototypes should remain the same.
+ *
+ * This partially replaces one function. The header file from mbed TLS is still
+ * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation
+ * is still present and it is used for group structures not supported by the
+ * alternative.
+ *
+ * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT
+ * and implementing the following functions:
+ *      unsigned char mbedtls_internal_ecp_grp_capable(
+ *          const mbedtls_ecp_group *grp )
+ *      int  mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp )
+ *      void mbedtls_internal_ecp_deinit( const mbedtls_ecp_group *grp )
+ * The mbedtls_internal_ecp_grp_capable function should return 1 if the
+ * replacement functions implement arithmetic for the given group and 0
+ * otherwise.
+ * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_deinit are
+ * called before and after each point operation and provide an opportunity to
+ * implement optimized set up and tear down instructions.
+ *
+ * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and
+ * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac
+ * function, but will use your mbedtls_internal_ecp_double_jac if the group is
+ * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when
+ * receives it as an argument). If the group is not supported then the original
+ * implementation is used. The other functions and the definition of
+ * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your
+ * implementation of mbedtls_internal_ecp_double_jac and
+ * mbedtls_internal_ecp_grp_capable must be compatible with this definition.
+ *
+ * Uncomment a macro to enable alternate implementation of the corresponding
+ * function.
+ */
+/* Required for all the functions in this section */
+//#define MBEDTLS_ECP_INTERNAL_ALT
+/* Support for Weierstrass curves with Jacobi representation */
+//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
+//#define MBEDTLS_ECP_ADD_MIXED_ALT
+//#define MBEDTLS_ECP_DOUBLE_JAC_ALT
+//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
+//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
+/* Support for curves with Montgomery arithmetic */
+//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
+//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
+//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
+
+/**
+ * \def MBEDTLS_TEST_NULL_ENTROPY
+ *
+ * Enables testing and use of mbed TLS without any configured entropy sources.
+ * This permits use of the library on platforms before an entropy source has
+ * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the
+ * MBEDTLS_ENTROPY_NV_SEED switches).
+ *
+ * WARNING! This switch MUST be disabled in production builds, and is suitable
+ * only for development.
+ * Enabling the switch negates any security provided by the library.
+ *
+ * Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+ *
+ */
+//#define MBEDTLS_TEST_NULL_ENTROPY
+
+/**
+ * \def MBEDTLS_ENTROPY_HARDWARE_ALT
+ *
+ * Uncomment this macro to let mbed TLS use your own implementation of a
+ * hardware entropy collector.
+ *
+ * Your function must be called \c mbedtls_hardware_poll(), have the same
+ * prototype as declared in entropy_poll.h, and accept NULL as first argument.
+ *
+ * Uncomment to use your own hardware entropy collector.
+ */
+//#define MBEDTLS_ENTROPY_HARDWARE_ALT
+
+/**
+ * \def MBEDTLS_AES_ROM_TABLES
+ *
+ * Store the AES tables in ROM.
+ *
+ * Uncomment this macro to store the AES tables in ROM.
+ */
+//#define MBEDTLS_AES_ROM_TABLES
+
+/**
+ * \def MBEDTLS_CAMELLIA_SMALL_MEMORY
+ *
+ * Use less ROM for the Camellia implementation (saves about 768 bytes).
+ *
+ * Uncomment this macro to use less memory for Camellia.
+ */
+//#define MBEDTLS_CAMELLIA_SMALL_MEMORY
+
+/**
+ * \def MBEDTLS_CIPHER_MODE_CBC
+ *
+ * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
+ */
+#define MBEDTLS_CIPHER_MODE_CBC
+
+/**
+ * \def MBEDTLS_CIPHER_MODE_CFB
+ *
+ * Enable Cipher Feedback mode (CFB) for symmetric ciphers.
+ */
+#define MBEDTLS_CIPHER_MODE_CFB
+
+/**
+ * \def MBEDTLS_CIPHER_MODE_CTR
+ *
+ * Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
+ */
+#define MBEDTLS_CIPHER_MODE_CTR
+
+/**
+ * \def MBEDTLS_CIPHER_NULL_CIPHER
+ *
+ * Enable NULL cipher.
+ * Warning: Only do so when you know what you are doing. This allows for
+ * encryption or channels without any security!
+ *
+ * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable
+ * the following ciphersuites:
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA
+ *      MBEDTLS_TLS_RSA_WITH_NULL_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_NULL_SHA
+ *      MBEDTLS_TLS_RSA_WITH_NULL_MD5
+ *      MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA
+ *      MBEDTLS_TLS_PSK_WITH_NULL_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_NULL_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_NULL_SHA
+ *
+ * Uncomment this macro to enable the NULL cipher and ciphersuites
+ */
+//#define MBEDTLS_CIPHER_NULL_CIPHER
+
+/**
+ * \def MBEDTLS_CIPHER_PADDING_PKCS7
+ *
+ * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for
+ * specific padding modes in the cipher layer with cipher modes that support
+ * padding (e.g. CBC)
+ *
+ * If you disable all padding modes, only full blocks can be used with CBC.
+ *
+ * Enable padding modes in the cipher layer.
+ */
+#define MBEDTLS_CIPHER_PADDING_PKCS7
+#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
+#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
+#define MBEDTLS_CIPHER_PADDING_ZEROS
+
+/**
+ * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES
+ *
+ * Enable weak ciphersuites in SSL / TLS.
+ * Warning: Only do so when you know what you are doing. This allows for
+ * channels with virtually no security at all!
+ *
+ * This enables the following ciphersuites:
+ *      MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA
+ *
+ * Uncomment this macro to enable weak ciphersuites
+ *
+ * \warning   DES is considered a weak cipher and its use constitutes a
+ *            security risk. We recommend considering stronger ciphers instead.
+ */
+//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
+
+/**
+ * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES
+ *
+ * Remove RC4 ciphersuites by default in SSL / TLS.
+ * This flag removes the ciphersuites based on RC4 from the default list as
+ * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to
+ * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them
+ * explicitly.
+ *
+ * Uncomment this macro to remove RC4 ciphersuites by default.
+ */
+#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
+
+/**
+ * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ *
+ * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve
+ * module.  By default all supported curves are enabled.
+ *
+ * Comment macros to disable the curve and functions for it
+ */
+#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
+#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
+#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
+#define MBEDTLS_ECP_DP_BP256R1_ENABLED
+#define MBEDTLS_ECP_DP_BP384R1_ENABLED
+#define MBEDTLS_ECP_DP_BP512R1_ENABLED
+#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
+
+/**
+ * \def MBEDTLS_ECP_NIST_OPTIM
+ *
+ * Enable specific 'modulo p' routines for each NIST prime.
+ * Depending on the prime and architecture, makes operations 4 to 8 times
+ * faster on the corresponding curve.
+ *
+ * Comment this macro to disable NIST curves optimisation.
+ */
+#define MBEDTLS_ECP_NIST_OPTIM
+
+/**
+ * \def MBEDTLS_ECDSA_DETERMINISTIC
+ *
+ * Enable deterministic ECDSA (RFC 6979).
+ * Standard ECDSA is "fragile" in the sense that lack of entropy when signing
+ * may result in a compromise of the long-term signing key. This is avoided by
+ * the deterministic variant.
+ *
+ * Requires: MBEDTLS_HMAC_DRBG_C
+ *
+ * Comment this macro to disable deterministic ECDSA.
+ */
+#define MBEDTLS_ECDSA_DETERMINISTIC
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+ *
+ * Enable the PSK based ciphersuite modes in SSL / TLS.
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
+ *
+ * Enable the DHE-PSK based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_DHM_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
+ *
+ * \warning    Using DHE constitutes a security risk as it
+ *             is not possible to validate custom DH parameters.
+ *             If possible, it is recommended users should consider
+ *             preferring other methods of key exchange.
+ *             See dhm.h for more details.
+ *
+ */
+#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+ *
+ * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
+ *
+ * Enable the RSA-PSK based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ *           MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+ *
+ * Enable the RSA-only based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ *           MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
+ */
+#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
+ *
+ * Enable the DHE-RSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ *           MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
+ *
+ * \warning    Using DHE constitutes a security risk as it
+ *             is not possible to validate custom DH parameters.
+ *             If possible, it is recommended users should consider
+ *             preferring other methods of key exchange.
+ *             See dhm.h for more details.
+ *
+ */
+#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+ *
+ * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ *           MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+ *
+ * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C,
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+ *
+ * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
+ *
+ * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
+ *
+ * Enable the ECJPAKE based ciphersuite modes in SSL / TLS.
+ *
+ * \warning This is currently experimental. EC J-PAKE support is based on the
+ * Thread v1.0.0 specification; incompatible changes to the specification
+ * might still happen. For this reason, this is disabled by default.
+ *
+ * Requires: MBEDTLS_ECJPAKE_C
+ *           MBEDTLS_SHA256_C
+ *           MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
+ */
+//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
+
+/**
+ * \def MBEDTLS_PK_PARSE_EC_EXTENDED
+ *
+ * Enhance support for reading EC keys using variants of SEC1 not allowed by
+ * RFC 5915 and RFC 5480.
+ *
+ * Currently this means parsing the SpecifiedECDomain choice of EC
+ * parameters (only known groups are supported, not arbitrary domains, to
+ * avoid validation issues).
+ *
+ * Disable if you only need to support RFC 5915 + 5480 key formats.
+ */
+#define MBEDTLS_PK_PARSE_EC_EXTENDED
+
+/**
+ * \def MBEDTLS_ERROR_STRERROR_DUMMY
+ *
+ * Enable a dummy error function to make use of mbedtls_strerror() in
+ * third party libraries easier when MBEDTLS_ERROR_C is disabled
+ * (no effect when MBEDTLS_ERROR_C is enabled).
+ *
+ * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're
+ * not using mbedtls_strerror() or error_strerror() in your application.
+ *
+ * Disable if you run into name conflicts and want to really remove the
+ * mbedtls_strerror()
+ */
+#define MBEDTLS_ERROR_STRERROR_DUMMY
+
+/**
+ * \def MBEDTLS_GENPRIME
+ *
+ * Enable the prime-number generation code.
+ *
+ * Requires: MBEDTLS_BIGNUM_C
+ */
+#define MBEDTLS_GENPRIME
+
+/**
+ * \def MBEDTLS_FS_IO
+ *
+ * Enable functions that use the filesystem.
+ */
+#define MBEDTLS_FS_IO
+
+/**
+ * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+ *
+ * Do not add default entropy sources. These are the platform specific,
+ * mbedtls_timing_hardclock and HAVEGE based poll functions.
+ *
+ * This is useful to have more control over the added entropy sources in an
+ * application.
+ *
+ * Uncomment this macro to prevent loading of default entropy functions.
+ */
+//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+
+/**
+ * \def MBEDTLS_NO_PLATFORM_ENTROPY
+ *
+ * Do not use built-in platform entropy functions.
+ * This is useful if your platform does not support
+ * standards like the /dev/urandom or Windows CryptoAPI.
+ *
+ * Uncomment this macro to disable the built-in platform entropy functions.
+ */
+//#define MBEDTLS_NO_PLATFORM_ENTROPY
+
+/**
+ * \def MBEDTLS_ENTROPY_FORCE_SHA256
+ *
+ * Force the entropy accumulator to use a SHA-256 accumulator instead of the
+ * default SHA-512 based one (if both are available).
+ *
+ * Requires: MBEDTLS_SHA256_C
+ *
+ * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option
+ * if you have performance concerns.
+ *
+ * This option is only useful if both MBEDTLS_SHA256_C and
+ * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
+ */
+//#define MBEDTLS_ENTROPY_FORCE_SHA256
+
+/**
+ * \def MBEDTLS_ENTROPY_NV_SEED
+ *
+ * Enable the non-volatile (NV) seed file-based entropy source.
+ * (Also enables the NV seed read/write functions in the platform layer)
+ *
+ * This is crucial (if not required) on systems that do not have a
+ * cryptographic entropy source (in hardware or kernel) available.
+ *
+ * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C
+ *
+ * \note The read/write functions that are used by the entropy source are
+ *       determined in the platform layer, and can be modified at runtime and/or
+ *       compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used.
+ *
+ * \note If you use the default implementation functions that read a seedfile
+ *       with regular fopen(), please make sure you make a seedfile with the
+ *       proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at
+ *       least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from
+ *       and written to or you will get an entropy source error! The default
+ *       implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE
+ *       bytes from the file.
+ *
+ * \note The entropy collector will write to the seed file before entropy is
+ *       given to an external source, to update it.
+ */
+//#define MBEDTLS_ENTROPY_NV_SEED
+
+/**
+ * \def MBEDTLS_MEMORY_DEBUG
+ *
+ * Enable debugging of buffer allocator memory issues. Automatically prints
+ * (to stderr) all (fatal) messages on memory allocation issues. Enables
+ * function for 'debug output' of allocated memory.
+ *
+ * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
+ *
+ * Uncomment this macro to let the buffer allocator print out error messages.
+ */
+//#define MBEDTLS_MEMORY_DEBUG
+
+/**
+ * \def MBEDTLS_MEMORY_BACKTRACE
+ *
+ * Include backtrace information with each allocated block.
+ *
+ * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
+ *           GLIBC-compatible backtrace() an backtrace_symbols() support
+ *
+ * Uncomment this macro to include backtrace information
+ */
+//#define MBEDTLS_MEMORY_BACKTRACE
+
+/**
+ * \def MBEDTLS_PK_RSA_ALT_SUPPORT
+ *
+ * Support external private RSA keys (eg from a HSM) in the PK layer.
+ *
+ * Comment this macro to disable support for external private RSA keys.
+ */
+#define MBEDTLS_PK_RSA_ALT_SUPPORT
+
+/**
+ * \def MBEDTLS_PKCS1_V15
+ *
+ * Enable support for PKCS#1 v1.5 encoding.
+ *
+ * Requires: MBEDTLS_RSA_C
+ *
+ * This enables support for PKCS#1 v1.5 operations.
+ */
+#define MBEDTLS_PKCS1_V15
+
+/**
+ * \def MBEDTLS_PKCS1_V21
+ *
+ * Enable support for PKCS#1 v2.1 encoding.
+ *
+ * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C
+ *
+ * This enables support for RSAES-OAEP and RSASSA-PSS operations.
+ */
+#define MBEDTLS_PKCS1_V21
+
+/**
+ * \def MBEDTLS_RSA_NO_CRT
+ *
+ * Do not use the Chinese Remainder Theorem for the RSA private operation.
+ *
+ * Uncomment this macro to disable the use of CRT in RSA.
+ *
+ */
+//#define MBEDTLS_RSA_NO_CRT
+
+/**
+ * \def MBEDTLS_SELF_TEST
+ *
+ * Enable the checkup functions (*_self_test).
+ */
+#define MBEDTLS_SELF_TEST
+
+/**
+ * \def MBEDTLS_SHA256_SMALLER
+ *
+ * Enable an implementation of SHA-256 that has lower ROM footprint but also
+ * lower performance.
+ *
+ * The default implementation is meant to be a reasonnable compromise between
+ * performance and size. This version optimizes more aggressively for size at
+ * the expense of performance. Eg on Cortex-M4 it reduces the size of
+ * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about
+ * 30%.
+ *
+ * Uncomment to enable the smaller implementation of SHA256.
+ */
+//#define MBEDTLS_SHA256_SMALLER
+
+/**
+ * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
+ *
+ * Enable sending of alert messages in case of encountered errors as per RFC.
+ * If you choose not to send the alert messages, mbed TLS can still communicate
+ * with other servers, only debugging of failures is harder.
+ *
+ * The advantage of not sending alert messages, is that no information is given
+ * about reasons for failures thus preventing adversaries of gaining intel.
+ *
+ * Enable sending of all alert messages
+ */
+#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
+
+/**
+ * \def MBEDTLS_SSL_DEBUG_ALL
+ *
+ * Enable the debug messages in SSL module for all issues.
+ * Debug messages have been disabled in some places to prevent timing
+ * attacks due to (unbalanced) debugging function calls.
+ *
+ * If you need all error reporting you should enable this during debugging,
+ * but remove this for production servers that should log as well.
+ *
+ * Uncomment this macro to report all debug messages on errors introducing
+ * a timing side-channel.
+ *
+ */
+//#define MBEDTLS_SSL_DEBUG_ALL
+
+/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC
+ *
+ * Enable support for Encrypt-then-MAC, RFC 7366.
+ *
+ * This allows peers that both support it to use a more robust protection for
+ * ciphersuites using CBC, providing deep resistance against timing attacks
+ * on the padding or underlying cipher.
+ *
+ * This only affects CBC ciphersuites, and is useless if none is defined.
+ *
+ * Requires: MBEDTLS_SSL_PROTO_TLS1    or
+ *           MBEDTLS_SSL_PROTO_TLS1_1  or
+ *           MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Comment this macro to disable support for Encrypt-then-MAC
+ */
+#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
+
+/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET
+ *
+ * Enable support for Extended Master Secret, aka Session Hash
+ * (draft-ietf-tls-session-hash-02).
+ *
+ * This was introduced as "the proper fix" to the Triple Handshake familiy of
+ * attacks, but it is recommended to always use it (even if you disable
+ * renegotiation), since it actually fixes a more fundamental issue in the
+ * original SSL/TLS design, and has implications beyond Triple Handshake.
+ *
+ * Requires: MBEDTLS_SSL_PROTO_TLS1    or
+ *           MBEDTLS_SSL_PROTO_TLS1_1  or
+ *           MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Comment this macro to disable support for Extended Master Secret.
+ */
+#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
+
+/**
+ * \def MBEDTLS_SSL_FALLBACK_SCSV
+ *
+ * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00).
+ *
+ * For servers, it is recommended to always enable this, unless you support
+ * only one version of TLS, or know for sure that none of your clients
+ * implements a fallback strategy.
+ *
+ * For clients, you only need this if you're using a fallback strategy, which
+ * is not recommended in the first place, unless you absolutely need it to
+ * interoperate with buggy (version-intolerant) servers.
+ *
+ * Comment this macro to disable support for FALLBACK_SCSV
+ */
+#define MBEDTLS_SSL_FALLBACK_SCSV
+
+/**
+ * \def MBEDTLS_SSL_HW_RECORD_ACCEL
+ *
+ * Enable hooking functions in SSL module for hardware acceleration of
+ * individual records.
+ *
+ * Uncomment this macro to enable hooking functions.
+ */
+//#define MBEDTLS_SSL_HW_RECORD_ACCEL
+
+/**
+ * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING
+ *
+ * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0.
+ *
+ * This is a countermeasure to the BEAST attack, which also minimizes the risk
+ * of interoperability issues compared to sending 0-length records.
+ *
+ * Comment this macro to disable 1/n-1 record splitting.
+ */
+#define MBEDTLS_SSL_CBC_RECORD_SPLITTING
+
+/**
+ * \def MBEDTLS_SSL_RENEGOTIATION
+ *
+ * Disable support for TLS renegotiation.
+ *
+ * The two main uses of renegotiation are (1) refresh keys on long-lived
+ * connections and (2) client authentication after the initial handshake.
+ * If you don't need renegotiation, it's probably better to disable it, since
+ * it has been associated with security issues in the past and is easy to
+ * misuse/misunderstand.
+ *
+ * Comment this to disable support for renegotiation.
+ *
+ * \note   Even if this option is disabled, both client and server are aware
+ *         of the Renegotiation Indication Extension (RFC 5746) used to
+ *         prevent the SSL renegotiation attack (see RFC 5746 Sect. 1).
+ *         (See \c mbedtls_ssl_conf_legacy_renegotiation for the
+ *          configuration of this extension).
+ *
+ */
+#define MBEDTLS_SSL_RENEGOTIATION
+
+/**
+ * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
+ *
+ * Enable support for receiving and parsing SSLv2 Client Hello messages for the
+ * SSL Server module (MBEDTLS_SSL_SRV_C).
+ *
+ * Uncomment this macro to enable support for SSLv2 Client Hello messages.
+ */
+//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
+
+/**
+ * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
+ *
+ * Pick the ciphersuite according to the client's preferences rather than ours
+ * in the SSL Server module (MBEDTLS_SSL_SRV_C).
+ *
+ * Uncomment this macro to respect client's ciphersuite order
+ */
+//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
+
+/**
+ * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+ *
+ * Enable support for RFC 6066 max_fragment_length extension in SSL.
+ *
+ * Comment this macro to disable support for the max_fragment_length extension
+ */
+#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+
+/**
+ * \def MBEDTLS_SSL_PROTO_SSL3
+ *
+ * Enable support for SSL 3.0.
+ *
+ * Requires: MBEDTLS_MD5_C
+ *           MBEDTLS_SHA1_C
+ *
+ * Comment this macro to disable support for SSL 3.0
+ */
+//#define MBEDTLS_SSL_PROTO_SSL3
+
+/**
+ * \def MBEDTLS_SSL_PROTO_TLS1
+ *
+ * Enable support for TLS 1.0.
+ *
+ * Requires: MBEDTLS_MD5_C
+ *           MBEDTLS_SHA1_C
+ *
+ * Comment this macro to disable support for TLS 1.0
+ */
+#define MBEDTLS_SSL_PROTO_TLS1
+
+/**
+ * \def MBEDTLS_SSL_PROTO_TLS1_1
+ *
+ * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled).
+ *
+ * Requires: MBEDTLS_MD5_C
+ *           MBEDTLS_SHA1_C
+ *
+ * Comment this macro to disable support for TLS 1.1 / DTLS 1.0
+ */
+#define MBEDTLS_SSL_PROTO_TLS1_1
+
+/**
+ * \def MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled).
+ *
+ * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C
+ *           (Depends on ciphersuites)
+ *
+ * Comment this macro to disable support for TLS 1.2 / DTLS 1.2
+ */
+#define MBEDTLS_SSL_PROTO_TLS1_2
+
+/**
+ * \def MBEDTLS_SSL_PROTO_DTLS
+ *
+ * Enable support for DTLS (all available versions).
+ *
+ * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0,
+ * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2.
+ *
+ * Requires: MBEDTLS_SSL_PROTO_TLS1_1
+ *        or MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Comment this macro to disable support for DTLS
+ */
+#define MBEDTLS_SSL_PROTO_DTLS
+
+/**
+ * \def MBEDTLS_SSL_ALPN
+ *
+ * Enable support for RFC 7301 Application Layer Protocol Negotiation.
+ *
+ * Comment this macro to disable support for ALPN.
+ */
+#define MBEDTLS_SSL_ALPN
+
+/**
+ * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY
+ *
+ * Enable support for the anti-replay mechanism in DTLS.
+ *
+ * Requires: MBEDTLS_SSL_TLS_C
+ *           MBEDTLS_SSL_PROTO_DTLS
+ *
+ * \warning Disabling this is often a security risk!
+ * See mbedtls_ssl_conf_dtls_anti_replay() for details.
+ *
+ * Comment this to disable anti-replay in DTLS.
+ */
+#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
+
+/**
+ * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY
+ *
+ * Enable support for HelloVerifyRequest on DTLS servers.
+ *
+ * This feature is highly recommended to prevent DTLS servers being used as
+ * amplifiers in DoS attacks against other hosts. It should always be enabled
+ * unless you know for sure amplification cannot be a problem in the
+ * environment in which your server operates.
+ *
+ * \warning Disabling this can ba a security risk! (see above)
+ *
+ * Requires: MBEDTLS_SSL_PROTO_DTLS
+ *
+ * Comment this to disable support for HelloVerifyRequest.
+ */
+#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
+
+/**
+ * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
+ *
+ * Enable server-side support for clients that reconnect from the same port.
+ *
+ * Some clients unexpectedly close the connection and try to reconnect using the
+ * same source port. This needs special support from the server to handle the
+ * new connection securely, as described in section 4.2.8 of RFC 6347. This
+ * flag enables that support.
+ *
+ * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY
+ *
+ * Comment this to disable support for clients reusing the source port.
+ */
+#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
+
+/**
+ * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT
+ *
+ * Enable support for a limit of records with bad MAC.
+ *
+ * See mbedtls_ssl_conf_dtls_badmac_limit().
+ *
+ * Requires: MBEDTLS_SSL_PROTO_DTLS
+ */
+#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
+
+/**
+ * \def MBEDTLS_SSL_SESSION_TICKETS
+ *
+ * Enable support for RFC 5077 session tickets in SSL.
+ * Client-side, provides full support for session tickets (maintainance of a
+ * session store remains the responsibility of the application, though).
+ * Server-side, you also need to provide callbacks for writing and parsing
+ * tickets, including authenticated encryption and key management. Example
+ * callbacks are provided by MBEDTLS_SSL_TICKET_C.
+ *
+ * Comment this macro to disable support for SSL session tickets
+ */
+#define MBEDTLS_SSL_SESSION_TICKETS
+
+/**
+ * \def MBEDTLS_SSL_EXPORT_KEYS
+ *
+ * Enable support for exporting key block and master secret.
+ * This is required for certain users of TLS, e.g. EAP-TLS.
+ *
+ * Comment this macro to disable support for key export
+ */
+#define MBEDTLS_SSL_EXPORT_KEYS
+
+/**
+ * \def MBEDTLS_SSL_SERVER_NAME_INDICATION
+ *
+ * Enable support for RFC 6066 server name indication (SNI) in SSL.
+ *
+ * Requires: MBEDTLS_X509_CRT_PARSE_C
+ *
+ * Comment this macro to disable support for server name indication in SSL
+ */
+#define MBEDTLS_SSL_SERVER_NAME_INDICATION
+
+/**
+ * \def MBEDTLS_SSL_TRUNCATED_HMAC
+ *
+ * Enable support for RFC 6066 truncated HMAC in SSL.
+ *
+ * Comment this macro to disable support for truncated HMAC in SSL
+ */
+#define MBEDTLS_SSL_TRUNCATED_HMAC
+
+/**
+ * \def MBEDTLS_THREADING_ALT
+ *
+ * Provide your own alternate threading implementation.
+ *
+ * Requires: MBEDTLS_THREADING_C
+ *
+ * Uncomment this to allow your own alternate threading implementation.
+ */
+//#define MBEDTLS_THREADING_ALT
+
+/**
+ * \def MBEDTLS_THREADING_PTHREAD
+ *
+ * Enable the pthread wrapper layer for the threading layer.
+ *
+ * Requires: MBEDTLS_THREADING_C
+ *
+ * Uncomment this to enable pthread mutexes.
+ */
+//#define MBEDTLS_THREADING_PTHREAD
+
+/**
+ * \def MBEDTLS_VERSION_FEATURES
+ *
+ * Allow run-time checking of compile-time enabled features. Thus allowing users
+ * to check at run-time if the library is for instance compiled with threading
+ * support via mbedtls_version_check_feature().
+ *
+ * Requires: MBEDTLS_VERSION_C
+ *
+ * Comment this to disable run-time checking and save ROM space
+ */
+#define MBEDTLS_VERSION_FEATURES
+
+/**
+ * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
+ *
+ * If set, the X509 parser will not break-off when parsing an X509 certificate
+ * and encountering an extension in a v1 or v2 certificate.
+ *
+ * Uncomment to prevent an error.
+ */
+//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
+
+/**
+ * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
+ *
+ * If set, the X509 parser will not break-off when parsing an X509 certificate
+ * and encountering an unknown critical extension.
+ *
+ * \warning Depending on your PKI use, enabling this can be a security risk!
+ *
+ * Uncomment to prevent an error.
+ */
+//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
+
+/**
+ * \def MBEDTLS_X509_CHECK_KEY_USAGE
+ *
+ * Enable verification of the keyUsage extension (CA and leaf certificates).
+ *
+ * Disabling this avoids problems with mis-issued and/or misused
+ * (intermediate) CA and leaf certificates.
+ *
+ * \warning Depending on your PKI use, disabling this can be a security risk!
+ *
+ * Comment to skip keyUsage checking for both CA and leaf certificates.
+ */
+#define MBEDTLS_X509_CHECK_KEY_USAGE
+
+/**
+ * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
+ *
+ * Enable verification of the extendedKeyUsage extension (leaf certificates).
+ *
+ * Disabling this avoids problems with mis-issued and/or misused certificates.
+ *
+ * \warning Depending on your PKI use, disabling this can be a security risk!
+ *
+ * Comment to skip extendedKeyUsage checking for certificates.
+ */
+#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
+
+/**
+ * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT
+ *
+ * Enable parsing and verification of X.509 certificates, CRLs and CSRS
+ * signed with RSASSA-PSS (aka PKCS#1 v2.1).
+ *
+ * Comment this macro to disallow using RSASSA-PSS in certificates.
+ */
+#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
+
+/**
+ * \def MBEDTLS_ZLIB_SUPPORT
+ *
+ * If set, the SSL/TLS module uses ZLIB to support compression and
+ * decompression of packet data.
+ *
+ * \warning TLS-level compression MAY REDUCE SECURITY! See for example the
+ * CRIME attack. Before enabling this option, you should examine with care if
+ * CRIME or similar exploits may be a applicable to your use case.
+ *
+ * \note Currently compression can't be used with DTLS.
+ *
+ * Used in: library/ssl_tls.c
+ *          library/ssl_cli.c
+ *          library/ssl_srv.c
+ *
+ * This feature requires zlib library and headers to be present.
+ *
+ * Uncomment to enable use of ZLIB
+ */
+//#define MBEDTLS_ZLIB_SUPPORT
+/* \} name SECTION: mbed TLS feature support */
+
+/**
+ * \name SECTION: mbed TLS modules
+ *
+ * This section enables or disables entire modules in mbed TLS
+ * \{
+ */
+
+/**
+ * \def MBEDTLS_AESNI_C
+ *
+ * Enable AES-NI support on x86-64.
+ *
+ * Module:  library/aesni.c
+ * Caller:  library/aes.c
+ *
+ * Requires: MBEDTLS_HAVE_ASM
+ *
+ * This modules adds support for the AES-NI instructions on x86-64
+ */
+#define MBEDTLS_AESNI_C
+
+/**
+ * \def MBEDTLS_AES_C
+ *
+ * Enable the AES block cipher.
+ *
+ * Module:  library/aes.c
+ * Caller:  library/ssl_tls.c
+ *          library/pem.c
+ *          library/ctr_drbg.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
+ *
+ * PEM_PARSE uses AES for decrypting encrypted keys.
+ */
+#define MBEDTLS_AES_C
+
+/**
+ * \def MBEDTLS_ARC4_C
+ *
+ * Enable the ARCFOUR stream cipher.
+ *
+ * Module:  library/arc4.c
+ * Caller:  library/ssl_tls.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
+ *      MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
+ *
+ * \warning   ARC4 is considered a weak cipher and its use constitutes a
+ *            security risk. If possible, we recommend avoidng dependencies on
+ *            it, and considering stronger ciphers instead.
+ *
+ */
+#define MBEDTLS_ARC4_C
+
+/**
+ * \def MBEDTLS_ASN1_PARSE_C
+ *
+ * Enable the generic ASN1 parser.
+ *
+ * Module:  library/asn1.c
+ * Caller:  library/x509.c
+ *          library/dhm.c
+ *          library/pkcs12.c
+ *          library/pkcs5.c
+ *          library/pkparse.c
+ */
+#define MBEDTLS_ASN1_PARSE_C
+
+/**
+ * \def MBEDTLS_ASN1_WRITE_C
+ *
+ * Enable the generic ASN1 writer.
+ *
+ * Module:  library/asn1write.c
+ * Caller:  library/ecdsa.c
+ *          library/pkwrite.c
+ *          library/x509_create.c
+ *          library/x509write_crt.c
+ *          library/x509write_csr.c
+ */
+#define MBEDTLS_ASN1_WRITE_C
+
+/**
+ * \def MBEDTLS_BASE64_C
+ *
+ * Enable the Base64 module.
+ *
+ * Module:  library/base64.c
+ * Caller:  library/pem.c
+ *
+ * This module is required for PEM support (required by X.509).
+ */
+#define MBEDTLS_BASE64_C
+
+/**
+ * \def MBEDTLS_BIGNUM_C
+ *
+ * Enable the multi-precision integer library.
+ *
+ * Module:  library/bignum.c
+ * Caller:  library/dhm.c
+ *          library/ecp.c
+ *          library/ecdsa.c
+ *          library/rsa.c
+ *          library/rsa_internal.c
+ *          library/ssl_tls.c
+ *
+ * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support.
+ */
+#define MBEDTLS_BIGNUM_C
+
+/**
+ * \def MBEDTLS_BLOWFISH_C
+ *
+ * Enable the Blowfish block cipher.
+ *
+ * Module:  library/blowfish.c
+ */
+#define MBEDTLS_BLOWFISH_C
+
+/**
+ * \def MBEDTLS_CAMELLIA_C
+ *
+ * Enable the Camellia block cipher.
+ *
+ * Module:  library/camellia.c
+ * Caller:  library/ssl_tls.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ */
+#define MBEDTLS_CAMELLIA_C
+
+/**
+ * \def MBEDTLS_CCM_C
+ *
+ * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
+ *
+ * Module:  library/ccm.c
+ *
+ * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
+ *
+ * This module enables the AES-CCM ciphersuites, if other requisites are
+ * enabled as well.
+ */
+#define MBEDTLS_CCM_C
+
+/**
+ * \def MBEDTLS_CERTS_C
+ *
+ * Enable the test certificates.
+ *
+ * Module:  library/certs.c
+ * Caller:
+ *
+ * This module is used for testing (ssl_client/server).
+ */
+#define MBEDTLS_CERTS_C
+
+/**
+ * \def MBEDTLS_CIPHER_C
+ *
+ * Enable the generic cipher layer.
+ *
+ * Module:  library/cipher.c
+ * Caller:  library/ssl_tls.c
+ *
+ * Uncomment to enable generic cipher wrappers.
+ */
+#define MBEDTLS_CIPHER_C
+
+/**
+ * \def MBEDTLS_CMAC_C
+ *
+ * Enable the CMAC (Cipher-based Message Authentication Code) mode for block
+ * ciphers.
+ *
+ * Module:  library/cmac.c
+ *
+ * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C
+ *
+ */
+//#define MBEDTLS_CMAC_C
+
+/**
+ * \def MBEDTLS_CTR_DRBG_C
+ *
+ * Enable the CTR_DRBG AES-256-based random generator.
+ *
+ * Module:  library/ctr_drbg.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_AES_C
+ *
+ * This module provides the CTR_DRBG AES-256 random number generator.
+ */
+#define MBEDTLS_CTR_DRBG_C
+
+/**
+ * \def MBEDTLS_DEBUG_C
+ *
+ * Enable the debug functions.
+ *
+ * Module:  library/debug.c
+ * Caller:  library/ssl_cli.c
+ *          library/ssl_srv.c
+ *          library/ssl_tls.c
+ *
+ * This module provides debugging functions.
+ */
+#define MBEDTLS_DEBUG_C
+
+/**
+ * \def MBEDTLS_DES_C
+ *
+ * Enable the DES block cipher.
+ *
+ * Module:  library/des.c
+ * Caller:  library/pem.c
+ *          library/ssl_tls.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
+ *
+ * PEM_PARSE uses DES/3DES for decrypting encrypted keys.
+ *
+ * \warning   DES is considered a weak cipher and its use constitutes a
+ *            security risk. We recommend considering stronger ciphers instead.
+ */
+#define MBEDTLS_DES_C
+
+/**
+ * \def MBEDTLS_DHM_C
+ *
+ * Enable the Diffie-Hellman-Merkle module.
+ *
+ * Module:  library/dhm.c
+ * Caller:  library/ssl_cli.c
+ *          library/ssl_srv.c
+ *
+ * This module is used by the following key exchanges:
+ *      DHE-RSA, DHE-PSK
+ *
+ * \warning    Using DHE constitutes a security risk as it
+ *             is not possible to validate custom DH parameters.
+ *             If possible, it is recommended users should consider
+ *             preferring other methods of key exchange.
+ *             See dhm.h for more details.
+ *
+ */
+#define MBEDTLS_DHM_C
+
+/**
+ * \def MBEDTLS_ECDH_C
+ *
+ * Enable the elliptic curve Diffie-Hellman library.
+ *
+ * Module:  library/ecdh.c
+ * Caller:  library/ssl_cli.c
+ *          library/ssl_srv.c
+ *
+ * This module is used by the following key exchanges:
+ *      ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
+ *
+ * Requires: MBEDTLS_ECP_C
+ */
+#define MBEDTLS_ECDH_C
+
+/**
+ * \def MBEDTLS_ECDSA_C
+ *
+ * Enable the elliptic curve DSA library.
+ *
+ * Module:  library/ecdsa.c
+ * Caller:
+ *
+ * This module is used by the following key exchanges:
+ *      ECDHE-ECDSA
+ *
+ * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C
+ */
+#define MBEDTLS_ECDSA_C
+
+/**
+ * \def MBEDTLS_ECJPAKE_C
+ *
+ * Enable the elliptic curve J-PAKE library.
+ *
+ * \warning This is currently experimental. EC J-PAKE support is based on the
+ * Thread v1.0.0 specification; incompatible changes to the specification
+ * might still happen. For this reason, this is disabled by default.
+ *
+ * Module:  library/ecjpake.c
+ * Caller:
+ *
+ * This module is used by the following key exchanges:
+ *      ECJPAKE
+ *
+ * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C
+ */
+//#define MBEDTLS_ECJPAKE_C
+
+/**
+ * \def MBEDTLS_ECP_C
+ *
+ * Enable the elliptic curve over GF(p) library.
+ *
+ * Module:  library/ecp.c
+ * Caller:  library/ecdh.c
+ *          library/ecdsa.c
+ *          library/ecjpake.c
+ *
+ * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED
+ */
+#define MBEDTLS_ECP_C
+
+/**
+ * \def MBEDTLS_ENTROPY_C
+ *
+ * Enable the platform-specific entropy code.
+ *
+ * Module:  library/entropy.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C
+ *
+ * This module provides a generic entropy pool
+ */
+#define MBEDTLS_ENTROPY_C
+
+/**
+ * \def MBEDTLS_ERROR_C
+ *
+ * Enable error code to error string conversion.
+ *
+ * Module:  library/error.c
+ * Caller:
+ *
+ * This module enables mbedtls_strerror().
+ */
+#define MBEDTLS_ERROR_C
+
+/**
+ * \def MBEDTLS_GCM_C
+ *
+ * Enable the Galois/Counter Mode (GCM) for AES.
+ *
+ * Module:  library/gcm.c
+ *
+ * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
+ *
+ * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
+ * requisites are enabled as well.
+ */
+#define MBEDTLS_GCM_C
+
+/**
+ * \def MBEDTLS_HAVEGE_C
+ *
+ * Enable the HAVEGE random generator.
+ *
+ * Warning: the HAVEGE random generator is not suitable for virtualized
+ *          environments
+ *
+ * Warning: the HAVEGE random generator is dependent on timing and specific
+ *          processor traits. It is therefore not advised to use HAVEGE as
+ *          your applications primary random generator or primary entropy pool
+ *          input. As a secondary input to your entropy pool, it IS able add
+ *          the (limited) extra entropy it provides.
+ *
+ * Module:  library/havege.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_TIMING_C
+ *
+ * Uncomment to enable the HAVEGE random generator.
+ */
+//#define MBEDTLS_HAVEGE_C
+
+/**
+ * \def MBEDTLS_HMAC_DRBG_C
+ *
+ * Enable the HMAC_DRBG random generator.
+ *
+ * Module:  library/hmac_drbg.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_MD_C
+ *
+ * Uncomment to enable the HMAC_DRBG random number geerator.
+ */
+#define MBEDTLS_HMAC_DRBG_C
+
+/**
+ * \def MBEDTLS_MD_C
+ *
+ * Enable the generic message digest layer.
+ *
+ * Module:  library/md.c
+ * Caller:
+ *
+ * Uncomment to enable generic message digest wrappers.
+ */
+#define MBEDTLS_MD_C
+
+/**
+ * \def MBEDTLS_MD2_C
+ *
+ * Enable the MD2 hash algorithm.
+ *
+ * Module:  library/md2.c
+ * Caller:
+ *
+ * Uncomment to enable support for (rare) MD2-signed X.509 certs.
+ *
+ * \warning   MD2 is considered a weak message digest and its use constitutes a
+ *            security risk. If possible, we recommend avoiding dependencies on
+ *            it, and considering stronger message digests instead.
+ *
+ */
+//#define MBEDTLS_MD2_C
+
+/**
+ * \def MBEDTLS_MD4_C
+ *
+ * Enable the MD4 hash algorithm.
+ *
+ * Module:  library/md4.c
+ * Caller:
+ *
+ * Uncomment to enable support for (rare) MD4-signed X.509 certs.
+ *
+ * \warning   MD4 is considered a weak message digest and its use constitutes a
+ *            security risk. If possible, we recommend avoiding dependencies on
+ *            it, and considering stronger message digests instead.
+ *
+ */
+//#define MBEDTLS_MD4_C
+
+/**
+ * \def MBEDTLS_MD5_C
+ *
+ * Enable the MD5 hash algorithm.
+ *
+ * Module:  library/md5.c
+ * Caller:  library/md.c
+ *          library/pem.c
+ *          library/ssl_tls.c
+ *
+ * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2
+ * depending on the handshake parameters. Further, it is used for checking
+ * MD5-signed certificates, and for PBKDF1 when decrypting PEM-encoded
+ * encrypted keys.
+ *
+ * \warning   MD5 is considered a weak message digest and its use constitutes a
+ *            security risk. If possible, we recommend avoiding dependencies on
+ *            it, and considering stronger message digests instead.
+ *
+ */
+#define MBEDTLS_MD5_C
+
+/**
+ * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C
+ *
+ * Enable the buffer allocator implementation that makes use of a (stack)
+ * based buffer to 'allocate' dynamic memory. (replaces calloc() and free()
+ * calls)
+ *
+ * Module:  library/memory_buffer_alloc.c
+ *
+ * Requires: MBEDTLS_PLATFORM_C
+ *           MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS)
+ *
+ * Enable this module to enable the buffer memory allocator.
+ */
+//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
+
+/**
+ * \def MBEDTLS_NET_C
+ *
+ * Enable the TCP and UDP over IPv6/IPv4 networking routines.
+ *
+ * \note This module only works on POSIX/Unix (including Linux, BSD and OS X)
+ * and Windows. For other platforms, you'll want to disable it, and write your
+ * own networking callbacks to be passed to \c mbedtls_ssl_set_bio().
+ *
+ * \note See also our Knowledge Base article about porting to a new
+ * environment:
+ * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
+ *
+ * Module:  library/net_sockets.c
+ *
+ * This module provides networking routines.
+ */
+#define MBEDTLS_NET_C
+
+/**
+ * \def MBEDTLS_OID_C
+ *
+ * Enable the OID database.
+ *
+ * Module:  library/oid.c
+ * Caller:  library/asn1write.c
+ *          library/pkcs5.c
+ *          library/pkparse.c
+ *          library/pkwrite.c
+ *          library/rsa.c
+ *          library/x509.c
+ *          library/x509_create.c
+ *          library/x509_crl.c
+ *          library/x509_crt.c
+ *          library/x509_csr.c
+ *          library/x509write_crt.c
+ *          library/x509write_csr.c
+ *
+ * This modules translates between OIDs and internal values.
+ */
+#define MBEDTLS_OID_C
+
+/**
+ * \def MBEDTLS_PADLOCK_C
+ *
+ * Enable VIA Padlock support on x86.
+ *
+ * Module:  library/padlock.c
+ * Caller:  library/aes.c
+ *
+ * Requires: MBEDTLS_HAVE_ASM
+ *
+ * This modules adds support for the VIA PadLock on x86.
+ */
+#define MBEDTLS_PADLOCK_C
+
+/**
+ * \def MBEDTLS_PEM_PARSE_C
+ *
+ * Enable PEM decoding / parsing.
+ *
+ * Module:  library/pem.c
+ * Caller:  library/dhm.c
+ *          library/pkparse.c
+ *          library/x509_crl.c
+ *          library/x509_crt.c
+ *          library/x509_csr.c
+ *
+ * Requires: MBEDTLS_BASE64_C
+ *
+ * This modules adds support for decoding / parsing PEM files.
+ */
+#define MBEDTLS_PEM_PARSE_C
+
+/**
+ * \def MBEDTLS_PEM_WRITE_C
+ *
+ * Enable PEM encoding / writing.
+ *
+ * Module:  library/pem.c
+ * Caller:  library/pkwrite.c
+ *          library/x509write_crt.c
+ *          library/x509write_csr.c
+ *
+ * Requires: MBEDTLS_BASE64_C
+ *
+ * This modules adds support for encoding / writing PEM files.
+ */
+#define MBEDTLS_PEM_WRITE_C
+
+/**
+ * \def MBEDTLS_PK_C
+ *
+ * Enable the generic public (asymetric) key layer.
+ *
+ * Module:  library/pk.c
+ * Caller:  library/ssl_tls.c
+ *          library/ssl_cli.c
+ *          library/ssl_srv.c
+ *
+ * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C
+ *
+ * Uncomment to enable generic public key wrappers.
+ */
+#define MBEDTLS_PK_C
+
+/**
+ * \def MBEDTLS_PK_PARSE_C
+ *
+ * Enable the generic public (asymetric) key parser.
+ *
+ * Module:  library/pkparse.c
+ * Caller:  library/x509_crt.c
+ *          library/x509_csr.c
+ *
+ * Requires: MBEDTLS_PK_C
+ *
+ * Uncomment to enable generic public key parse functions.
+ */
+#define MBEDTLS_PK_PARSE_C
+
+/**
+ * \def MBEDTLS_PK_WRITE_C
+ *
+ * Enable the generic public (asymetric) key writer.
+ *
+ * Module:  library/pkwrite.c
+ * Caller:  library/x509write.c
+ *
+ * Requires: MBEDTLS_PK_C
+ *
+ * Uncomment to enable generic public key write functions.
+ */
+#define MBEDTLS_PK_WRITE_C
+
+/**
+ * \def MBEDTLS_PKCS5_C
+ *
+ * Enable PKCS#5 functions.
+ *
+ * Module:  library/pkcs5.c
+ *
+ * Requires: MBEDTLS_MD_C
+ *
+ * This module adds support for the PKCS#5 functions.
+ */
+#define MBEDTLS_PKCS5_C
+
+/**
+ * \def MBEDTLS_PKCS11_C
+ *
+ * Enable wrapper for PKCS#11 smartcard support.
+ *
+ * Module:  library/pkcs11.c
+ * Caller:  library/pk.c
+ *
+ * Requires: MBEDTLS_PK_C
+ *
+ * This module enables SSL/TLS PKCS #11 smartcard support.
+ * Requires the presence of the PKCS#11 helper library (libpkcs11-helper)
+ */
+//#define MBEDTLS_PKCS11_C
+
+/**
+ * \def MBEDTLS_PKCS12_C
+ *
+ * Enable PKCS#12 PBE functions.
+ * Adds algorithms for parsing PKCS#8 encrypted private keys
+ *
+ * Module:  library/pkcs12.c
+ * Caller:  library/pkparse.c
+ *
+ * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C
+ * Can use:  MBEDTLS_ARC4_C
+ *
+ * This module enables PKCS#12 functions.
+ */
+#define MBEDTLS_PKCS12_C
+
+/**
+ * \def MBEDTLS_PLATFORM_C
+ *
+ * Enable the platform abstraction layer that allows you to re-assign
+ * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit().
+ *
+ * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT
+ * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned
+ * above to be specified at runtime or compile time respectively.
+ *
+ * \note This abstraction layer must be enabled on Windows (including MSYS2)
+ * as other module rely on it for a fixed snprintf implementation.
+ *
+ * Module:  library/platform.c
+ * Caller:  Most other .c files
+ *
+ * This module enables abstraction of common (libc) functions.
+ */
+#define MBEDTLS_PLATFORM_C
+
+/**
+ * \def MBEDTLS_RIPEMD160_C
+ *
+ * Enable the RIPEMD-160 hash algorithm.
+ *
+ * Module:  library/ripemd160.c
+ * Caller:  library/md.c
+ *
+ */
+#define MBEDTLS_RIPEMD160_C
+
+/**
+ * \def MBEDTLS_RSA_C
+ *
+ * Enable the RSA public-key cryptosystem.
+ *
+ * Module:  library/rsa.c
+ *          library/rsa_internal.c
+ * Caller:  library/ssl_cli.c
+ *          library/ssl_srv.c
+ *          library/ssl_tls.c
+ *          library/x509.c
+ *
+ * This module is used by the following key exchanges:
+ *      RSA, DHE-RSA, ECDHE-RSA, RSA-PSK
+ *
+ * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C
+ */
+#define MBEDTLS_RSA_C
+
+/**
+ * \def MBEDTLS_SHA1_C
+ *
+ * Enable the SHA1 cryptographic hash algorithm.
+ *
+ * Module:  library/sha1.c
+ * Caller:  library/md.c
+ *          library/ssl_cli.c
+ *          library/ssl_srv.c
+ *          library/ssl_tls.c
+ *          library/x509write_crt.c
+ *
+ * This module is required for SSL/TLS up to version 1.1, for TLS 1.2
+ * depending on the handshake parameters, and for SHA1-signed certificates.
+ *
+ * \warning   SHA-1 is considered a weak message digest and its use constitutes
+ *            a security risk. If possible, we recommend avoiding dependencies
+ *            on it, and considering stronger message digests instead.
+ *
+ */
+#define MBEDTLS_SHA1_C
+
+/**
+ * \def MBEDTLS_SHA256_C
+ *
+ * Enable the SHA-224 and SHA-256 cryptographic hash algorithms.
+ *
+ * Module:  library/sha256.c
+ * Caller:  library/entropy.c
+ *          library/md.c
+ *          library/ssl_cli.c
+ *          library/ssl_srv.c
+ *          library/ssl_tls.c
+ *
+ * This module adds support for SHA-224 and SHA-256.
+ * This module is required for the SSL/TLS 1.2 PRF function.
+ */
+#define MBEDTLS_SHA256_C
+
+/**
+ * \def MBEDTLS_SHA512_C
+ *
+ * Enable the SHA-384 and SHA-512 cryptographic hash algorithms.
+ *
+ * Module:  library/sha512.c
+ * Caller:  library/entropy.c
+ *          library/md.c
+ *          library/ssl_cli.c
+ *          library/ssl_srv.c
+ *
+ * This module adds support for SHA-384 and SHA-512.
+ */
+#define MBEDTLS_SHA512_C
+
+/**
+ * \def MBEDTLS_SSL_CACHE_C
+ *
+ * Enable simple SSL cache implementation.
+ *
+ * Module:  library/ssl_cache.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_SSL_CACHE_C
+ */
+#define MBEDTLS_SSL_CACHE_C
+
+/**
+ * \def MBEDTLS_SSL_COOKIE_C
+ *
+ * Enable basic implementation of DTLS cookies for hello verification.
+ *
+ * Module:  library/ssl_cookie.c
+ * Caller:
+ */
+#define MBEDTLS_SSL_COOKIE_C
+
+/**
+ * \def MBEDTLS_SSL_TICKET_C
+ *
+ * Enable an implementation of TLS server-side callbacks for session tickets.
+ *
+ * Module:  library/ssl_ticket.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_CIPHER_C
+ */
+#define MBEDTLS_SSL_TICKET_C
+
+/**
+ * \def MBEDTLS_SSL_CLI_C
+ *
+ * Enable the SSL/TLS client code.
+ *
+ * Module:  library/ssl_cli.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_SSL_TLS_C
+ *
+ * This module is required for SSL/TLS client support.
+ */
+#define MBEDTLS_SSL_CLI_C
+
+/**
+ * \def MBEDTLS_SSL_SRV_C
+ *
+ * Enable the SSL/TLS server code.
+ *
+ * Module:  library/ssl_srv.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_SSL_TLS_C
+ *
+ * This module is required for SSL/TLS server support.
+ */
+#define MBEDTLS_SSL_SRV_C
+
+/**
+ * \def MBEDTLS_SSL_TLS_C
+ *
+ * Enable the generic SSL/TLS code.
+ *
+ * Module:  library/ssl_tls.c
+ * Caller:  library/ssl_cli.c
+ *          library/ssl_srv.c
+ *
+ * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C
+ *           and at least one of the MBEDTLS_SSL_PROTO_XXX defines
+ *
+ * This module is required for SSL/TLS.
+ */
+#define MBEDTLS_SSL_TLS_C
+
+/**
+ * \def MBEDTLS_THREADING_C
+ *
+ * Enable the threading abstraction layer.
+ * By default mbed TLS assumes it is used in a non-threaded environment or that
+ * contexts are not shared between threads. If you do intend to use contexts
+ * between threads, you will need to enable this layer to prevent race
+ * conditions. See also our Knowledge Base article about threading:
+ * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading
+ *
+ * Module:  library/threading.c
+ *
+ * This allows different threading implementations (self-implemented or
+ * provided).
+ *
+ * You will have to enable either MBEDTLS_THREADING_ALT or
+ * MBEDTLS_THREADING_PTHREAD.
+ *
+ * Enable this layer to allow use of mutexes within mbed TLS
+ */
+//#define MBEDTLS_THREADING_C
+
+/**
+ * \def MBEDTLS_TIMING_C
+ *
+ * Enable the semi-portable timing interface.
+ *
+ * \note The provided implementation only works on POSIX/Unix (including Linux,
+ * BSD and OS X) and Windows. On other platforms, you can either disable that
+ * module and provide your own implementations of the callbacks needed by
+ * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide
+ * your own implementation of the whole module by setting
+ * \c MBEDTLS_TIMING_ALT in the current file.
+ *
+ * \note See also our Knowledge Base article about porting to a new
+ * environment:
+ * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
+ *
+ * Module:  library/timing.c
+ * Caller:  library/havege.c
+ *
+ * This module is used by the HAVEGE random number generator.
+ */
+#define MBEDTLS_TIMING_C
+
+/**
+ * \def MBEDTLS_VERSION_C
+ *
+ * Enable run-time version information.
+ *
+ * Module:  library/version.c
+ *
+ * This module provides run-time version information.
+ */
+#define MBEDTLS_VERSION_C
+
+/**
+ * \def MBEDTLS_X509_USE_C
+ *
+ * Enable X.509 core for using certificates.
+ *
+ * Module:  library/x509.c
+ * Caller:  library/x509_crl.c
+ *          library/x509_crt.c
+ *          library/x509_csr.c
+ *
+ * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C,
+ *           MBEDTLS_PK_PARSE_C
+ *
+ * This module is required for the X.509 parsing modules.
+ */
+#define MBEDTLS_X509_USE_C
+
+/**
+ * \def MBEDTLS_X509_CRT_PARSE_C
+ *
+ * Enable X.509 certificate parsing.
+ *
+ * Module:  library/x509_crt.c
+ * Caller:  library/ssl_cli.c
+ *          library/ssl_srv.c
+ *          library/ssl_tls.c
+ *
+ * Requires: MBEDTLS_X509_USE_C
+ *
+ * This module is required for X.509 certificate parsing.
+ */
+#define MBEDTLS_X509_CRT_PARSE_C
+
+/**
+ * \def MBEDTLS_X509_CRL_PARSE_C
+ *
+ * Enable X.509 CRL parsing.
+ *
+ * Module:  library/x509_crl.c
+ * Caller:  library/x509_crt.c
+ *
+ * Requires: MBEDTLS_X509_USE_C
+ *
+ * This module is required for X.509 CRL parsing.
+ */
+#define MBEDTLS_X509_CRL_PARSE_C
+
+/**
+ * \def MBEDTLS_X509_CSR_PARSE_C
+ *
+ * Enable X.509 Certificate Signing Request (CSR) parsing.
+ *
+ * Module:  library/x509_csr.c
+ * Caller:  library/x509_crt_write.c
+ *
+ * Requires: MBEDTLS_X509_USE_C
+ *
+ * This module is used for reading X.509 certificate request.
+ */
+#define MBEDTLS_X509_CSR_PARSE_C
+
+/**
+ * \def MBEDTLS_X509_CREATE_C
+ *
+ * Enable X.509 core for creating certificates.
+ *
+ * Module:  library/x509_create.c
+ *
+ * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C
+ *
+ * This module is the basis for creating X.509 certificates and CSRs.
+ */
+#define MBEDTLS_X509_CREATE_C
+
+/**
+ * \def MBEDTLS_X509_CRT_WRITE_C
+ *
+ * Enable creating X.509 certificates.
+ *
+ * Module:  library/x509_crt_write.c
+ *
+ * Requires: MBEDTLS_X509_CREATE_C
+ *
+ * This module is required for X.509 certificate creation.
+ */
+#define MBEDTLS_X509_CRT_WRITE_C
+
+/**
+ * \def MBEDTLS_X509_CSR_WRITE_C
+ *
+ * Enable creating X.509 Certificate Signing Requests (CSR).
+ *
+ * Module:  library/x509_csr_write.c
+ *
+ * Requires: MBEDTLS_X509_CREATE_C
+ *
+ * This module is required for X.509 certificate request writing.
+ */
+#define MBEDTLS_X509_CSR_WRITE_C
+
+/**
+ * \def MBEDTLS_XTEA_C
+ *
+ * Enable the XTEA block cipher.
+ *
+ * Module:  library/xtea.c
+ * Caller:
+ */
+#define MBEDTLS_XTEA_C
+
+/* \} name SECTION: mbed TLS modules */
+
+/**
+ * \name SECTION: Module configuration options
+ *
+ * This section allows for the setting of module specific sizes and
+ * configuration options. The default values are already present in the
+ * relevant header files and should suffice for the regular use cases.
+ *
+ * Our advice is to enable options and change their values here
+ * only if you have a good reason and know the consequences.
+ *
+ * Please check the respective header file for documentation on these
+ * parameters (to prevent duplicate documentation).
+ * \{
+ */
+
+/* MPI / BIGNUM options */
+//#define MBEDTLS_MPI_WINDOW_SIZE            6 /**< Maximum windows size used. */
+//#define MBEDTLS_MPI_MAX_SIZE            1024 /**< Maximum number of bytes for usable MPIs. */
+
+/* CTR_DRBG options */
+//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN               48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
+//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL        10000 /**< Interval before reseed is performed by default */
+//#define MBEDTLS_CTR_DRBG_MAX_INPUT                256 /**< Maximum number of additional input bytes */
+//#define MBEDTLS_CTR_DRBG_MAX_REQUEST             1024 /**< Maximum number of requested bytes per call */
+//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT           384 /**< Maximum size of (re)seed buffer */
+
+/* HMAC_DRBG options */
+//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL   10000 /**< Interval before reseed is performed by default */
+//#define MBEDTLS_HMAC_DRBG_MAX_INPUT           256 /**< Maximum number of additional input bytes */
+//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST        1024 /**< Maximum number of requested bytes per call */
+//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT      384 /**< Maximum size of (re)seed buffer */
+
+/* ECP options */
+//#define MBEDTLS_ECP_MAX_BITS             521 /**< Maximum bit size of groups */
+//#define MBEDTLS_ECP_WINDOW_SIZE            6 /**< Maximum window size used */
+//#define MBEDTLS_ECP_FIXED_POINT_OPTIM      1 /**< Enable fixed-point speed-up */
+
+/* Entropy options */
+//#define MBEDTLS_ENTROPY_MAX_SOURCES                20 /**< Maximum number of sources supported */
+//#define MBEDTLS_ENTROPY_MAX_GATHER                128 /**< Maximum amount requested from entropy sources */
+//#define MBEDTLS_ENTROPY_MIN_HARDWARE               32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
+
+/* Memory buffer allocator options */
+//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE      4 /**< Align on multiples of this value */
+
+/* Platform options */
+//#define MBEDTLS_PLATFORM_STD_MEM_HDR   <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
+//#define MBEDTLS_PLATFORM_STD_CALLOC        calloc /**< Default allocator to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_FREE            free /**< Default free to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_EXIT            exit /**< Default exit to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_TIME            time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
+//#define MBEDTLS_PLATFORM_STD_FPRINTF      fprintf /**< Default fprintf to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_PRINTF        printf /**< Default printf to use, can be undefined */
+/* Note: your snprintf must correclty zero-terminate the buffer! */
+//#define MBEDTLS_PLATFORM_STD_SNPRINTF    snprintf /**< Default snprintf to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS       0 /**< Default exit value to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE       1 /**< Default exit value to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ   mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE  mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE  "seedfile" /**< Seed file to read/write with default implementation */
+
+/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
+/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
+//#define MBEDTLS_PLATFORM_CALLOC_MACRO        calloc /**< Default allocator macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_FREE_MACRO            free /**< Default free macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_EXIT_MACRO            exit /**< Default exit macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_TIME_MACRO            time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
+//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO       time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
+//#define MBEDTLS_PLATFORM_FPRINTF_MACRO      fprintf /**< Default fprintf macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_PRINTF_MACRO        printf /**< Default printf macro to use, can be undefined */
+/* Note: your snprintf must correclty zero-terminate the buffer! */
+//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO    snprintf /**< Default snprintf macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO   mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
+//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO  mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
+
+/* SSL Cache options */
+//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT       86400 /**< 1 day  */
+//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES      50 /**< Maximum entries in cache */
+
+/* SSL options */
+//#define MBEDTLS_SSL_MAX_CONTENT_LEN             16384 /**< Maxium fragment length in bytes, determines the size of each of the two internal I/O buffers */
+//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME     86400 /**< Lifetime of session tickets (if enabled) */
+//#define MBEDTLS_PSK_MAX_LEN               32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
+//#define MBEDTLS_SSL_COOKIE_TIMEOUT        60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
+
+/**
+ * Complete list of ciphersuites to use, in order of preference.
+ *
+ * \warning No dependency checking is done on that field! This option can only
+ * be used to restrict the set of available ciphersuites. It is your
+ * responsibility to make sure the needed modules are active.
+ *
+ * Use this to save a few hundred bytes of ROM (default ordering of all
+ * available ciphersuites) and a few to a few hundred bytes of RAM.
+ *
+ * The value below is only an example, not the default.
+ */
+//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+
+/* X509 options */
+//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA   8   /**< Maximum number of intermediate CAs in a verification chain. */
+//#define MBEDTLS_X509_MAX_FILE_PATH_LEN     512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
+
+/**
+ * Allow SHA-1 in the default TLS configuration for certificate signing.
+ * Without this build-time option, SHA-1 support must be activated explicitly
+ * through mbedtls_ssl_conf_cert_profile. Turning on this option is not
+ * recommended because of it is possible to generate SHA-1 collisions, however
+ * this may be safe for legacy infrastructure where additional controls apply.
+ *
+ * \warning   SHA-1 is considered a weak message digest and its use constitutes
+ *            a security risk. If possible, we recommend avoiding dependencies
+ *            on it, and considering stronger message digests instead.
+ *
+ */
+// #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
+
+/**
+ * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake
+ * signature and ciphersuite selection. Without this build-time option, SHA-1
+ * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes.
+ * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by
+ * default. At the time of writing, there is no practical attack on the use
+ * of SHA-1 in handshake signatures, hence this option is turned on by default
+ * to preserve compatibility with existing peers, but the general
+ * warning applies nonetheless:
+ *
+ * \warning   SHA-1 is considered a weak message digest and its use constitutes
+ *            a security risk. If possible, we recommend avoiding dependencies
+ *            on it, and considering stronger message digests instead.
+ *
+ */
+#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
+
+/* \} name SECTION: Customisation configuration options */
+
+/* Target and application specific configurations */
+//#define YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE "mbedtls/target_config.h"
+
+#if defined(TARGET_LIKE_MBED) && defined(YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE)
+#include YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE
+#endif
+
+/*
+ * Allow user to override any previous default.
+ *
+ * Use two macro names for that, as:
+ * - with yotta the prefix YOTTA_CFG_ is forced
+ * - without yotta is looks weird to have a YOTTA prefix.
+ */
+#if defined(YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE)
+#include YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE
+#elif defined(MBEDTLS_USER_CONFIG_FILE)
+#include MBEDTLS_USER_CONFIG_FILE
+#endif
+
+#include "check_config.h"
+
+#endif /* MBEDTLS_CONFIG_H */
diff --git a/thirdparty/mbedtls/include/mbedtls/ctr_drbg.h b/thirdparty/mbedtls/include/mbedtls/ctr_drbg.h
new file mode 100644
index 0000000000..121575a51b
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/ctr_drbg.h
@@ -0,0 +1,322 @@
+/**
+ * \file ctr_drbg.h
+ *
+ * \brief    CTR_DRBG is based on AES-256, as defined in <em>NIST SP 800-90A:
+ *           Recommendation for Random Number Generation Using Deterministic
+ *           Random Bit Generators</em>.
+ *
+ */
+/*
+ *  Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef MBEDTLS_CTR_DRBG_H
+#define MBEDTLS_CTR_DRBG_H
+
+#include "aes.h"
+
+#if defined(MBEDTLS_THREADING_C)
+#include "mbedtls/threading.h"
+#endif
+
+#define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED        -0x0034  /**< The entropy source failed. */
+#define MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG              -0x0036  /**< The requested random buffer length is too big. */
+#define MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG                -0x0038  /**< The input (entropy + additional data) is too large. */
+#define MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR                -0x003A  /**< Read or write error in file. */
+
+#define MBEDTLS_CTR_DRBG_BLOCKSIZE          16 /**< The block size used by the cipher. */
+#define MBEDTLS_CTR_DRBG_KEYSIZE            32 /**< The key size used by the cipher. */
+#define MBEDTLS_CTR_DRBG_KEYBITS            ( MBEDTLS_CTR_DRBG_KEYSIZE * 8 ) /**< The key size for the DRBG operation, in bits. */
+#define MBEDTLS_CTR_DRBG_SEEDLEN            ( MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE ) /**< The seed length, calculated as (counter + AES key). */
+
+/**
+ * \name SECTION: Module settings
+ *
+ * The configuration options you can set for this module are in this section.
+ * Either change them in config.h or define them using the compiler command
+ * line.
+ * \{
+ */
+
+#if !defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN)
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256)
+#define MBEDTLS_CTR_DRBG_ENTROPY_LEN        48
+/**< The amount of entropy used per seed by default:
+ * <ul><li>48 with SHA-512.</li>
+ * <li>32 with SHA-256.</li></ul>
+ */
+#else
+#define MBEDTLS_CTR_DRBG_ENTROPY_LEN        32
+/**< Amount of entropy used per seed by default:
+ * <ul><li>48 with SHA-512.</li>
+ * <li>32 with SHA-256.</li></ul>
+ */
+#endif
+#endif
+
+#if !defined(MBEDTLS_CTR_DRBG_RESEED_INTERVAL)
+#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL    10000
+/**< The interval before reseed is performed by default. */
+#endif
+
+#if !defined(MBEDTLS_CTR_DRBG_MAX_INPUT)
+#define MBEDTLS_CTR_DRBG_MAX_INPUT          256
+/**< The maximum number of additional input Bytes. */
+#endif
+
+#if !defined(MBEDTLS_CTR_DRBG_MAX_REQUEST)
+#define MBEDTLS_CTR_DRBG_MAX_REQUEST        1024
+/**< The maximum number of requested Bytes per call. */
+#endif
+
+#if !defined(MBEDTLS_CTR_DRBG_MAX_SEED_INPUT)
+#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT     384
+/**< The maximum size of seed or reseed buffer. */
+#endif
+
+/* \} name SECTION: Module settings */
+
+#define MBEDTLS_CTR_DRBG_PR_OFF             0
+/**< Prediction resistance is disabled. */
+#define MBEDTLS_CTR_DRBG_PR_ON              1
+/**< Prediction resistance is enabled. */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          The CTR_DRBG context structure.
+ */
+typedef struct
+{
+    unsigned char counter[16];  /*!< The counter (V). */
+    int reseed_counter;         /*!< The reseed counter. */
+    int prediction_resistance;  /*!< This determines whether prediction
+                                     resistance is enabled, that is
+                                     whether to systematically reseed before
+                                     each random generation. */
+    size_t entropy_len;         /*!< The amount of entropy grabbed on each
+                                     seed or reseed operation. */
+    int reseed_interval;        /*!< The reseed interval. */
+
+    mbedtls_aes_context aes_ctx;        /*!< The AES context. */
+
+    /*
+     * Callbacks (Entropy)
+     */
+    int (*f_entropy)(void *, unsigned char *, size_t);
+                                /*!< The entropy callback function. */
+
+    void *p_entropy;            /*!< The context for the entropy function. */
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_threading_mutex_t mutex;
+#endif
+}
+mbedtls_ctr_drbg_context;
+
+/**
+ * \brief               This function initializes the CTR_DRBG context,
+ *                      and prepares it for mbedtls_ctr_drbg_seed()
+ *                      or mbedtls_ctr_drbg_free().
+ *
+ * \param ctx           The CTR_DRBG context to initialize.
+ */
+void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx );
+
+/**
+ * \brief               This function seeds and sets up the CTR_DRBG
+ *                      entropy source for future reseeds.
+ *
+ * \note Personalization data can be provided in addition to the more generic
+ *       entropy source, to make this instantiation as unique as possible.
+ *
+ * \param ctx           The CTR_DRBG context to seed.
+ * \param f_entropy     The entropy callback, taking as arguments the
+ *                      \p p_entropy context, the buffer to fill, and the
+                        length of the buffer.
+ * \param p_entropy     The entropy context.
+ * \param custom        Personalization data, that is device-specific
+                        identifiers. Can be NULL.
+ * \param len           The length of the personalization data.
+ *
+ * \return              \c 0 on success, or
+ *                      #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure.
+ */
+int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx,
+                   int (*f_entropy)(void *, unsigned char *, size_t),
+                   void *p_entropy,
+                   const unsigned char *custom,
+                   size_t len );
+
+/**
+ * \brief               This function clears CTR_CRBG context data.
+ *
+ * \param ctx           The CTR_DRBG context to clear.
+ */
+void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx );
+
+/**
+ * \brief               This function turns prediction resistance on or off.
+ *                      The default value is off.
+ *
+ * \note                If enabled, entropy is gathered at the beginning of
+ *                      every call to mbedtls_ctr_drbg_random_with_add().
+ *                      Only use this if your entropy source has sufficient
+ *                      throughput.
+ *
+ * \param ctx           The CTR_DRBG context.
+ * \param resistance    #MBEDTLS_CTR_DRBG_PR_ON or #MBEDTLS_CTR_DRBG_PR_OFF.
+ */
+void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx,
+                                         int resistance );
+
+/**
+ * \brief               This function sets the amount of entropy grabbed on each
+ *                      seed or reseed. The default value is
+ *                      #MBEDTLS_CTR_DRBG_ENTROPY_LEN.
+ *
+ * \param ctx           The CTR_DRBG context.
+ * \param len           The amount of entropy to grab.
+ */
+void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx,
+                               size_t len );
+
+/**
+ * \brief               This function sets the reseed interval.
+ *                      The default value is #MBEDTLS_CTR_DRBG_RESEED_INTERVAL.
+ *
+ * \param ctx           The CTR_DRBG context.
+ * \param interval      The reseed interval.
+ */
+void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx,
+                                   int interval );
+
+/**
+ * \brief               This function reseeds the CTR_DRBG context, that is
+ *                      extracts data from the entropy source.
+ *
+ * \param ctx           The CTR_DRBG context.
+ * \param additional    Additional data to add to the state. Can be NULL.
+ * \param len           The length of the additional data.
+ *
+ * \return   \c 0 on success, or
+ *           #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure.
+ */
+int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
+                     const unsigned char *additional, size_t len );
+
+/**
+ * \brief               This function updates the state of the CTR_DRBG context.
+ *
+ * \param ctx           The CTR_DRBG context.
+ * \param additional    The data to update the state with.
+ * \param add_len       Length of \p additional data.
+ *
+ * \note     If \p add_len is greater than #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT,
+ *           only the first #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT Bytes are used.
+ *           The remaining Bytes are silently discarded.
+ */
+void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx,
+                      const unsigned char *additional, size_t add_len );
+
+/**
+ * \brief   This function updates a CTR_DRBG instance with additional
+ *          data and uses it to generate random data.
+ *
+ * \note    The function automatically reseeds if the reseed counter is exceeded.
+ *
+ * \param p_rng         The CTR_DRBG context. This must be a pointer to a
+ *                      #mbedtls_ctr_drbg_context structure.
+ * \param output        The buffer to fill.
+ * \param output_len    The length of the buffer.
+ * \param additional    Additional data to update. Can be NULL.
+ * \param add_len       The length of the additional data.
+ *
+ * \return    \c 0 on success, or
+ *            #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or
+ *            #MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG on failure.
+ */
+int mbedtls_ctr_drbg_random_with_add( void *p_rng,
+                              unsigned char *output, size_t output_len,
+                              const unsigned char *additional, size_t add_len );
+
+/**
+ * \brief   This function uses CTR_DRBG to generate random data.
+ *
+ * \note    The function automatically reseeds if the reseed counter is exceeded.
+ *
+ * \param p_rng         The CTR_DRBG context. This must be a pointer to a
+ *                      #mbedtls_ctr_drbg_context structure.
+ * \param output        The buffer to fill.
+ * \param output_len    The length of the buffer.
+ *
+ * \return              \c 0 on success, or
+ *                      #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or
+ *                      #MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG on failure.
+ */
+int mbedtls_ctr_drbg_random( void *p_rng,
+                     unsigned char *output, size_t output_len );
+
+#if defined(MBEDTLS_FS_IO)
+/**
+ * \brief               This function writes a seed file.
+ *
+ * \param ctx           The CTR_DRBG context.
+ * \param path          The name of the file.
+ *
+ * \return              \c 0 on success,
+ *                      #MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR on file error, or
+ *                      #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on
+ *                      failure.
+ */
+int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path );
+
+/**
+ * \brief               This function reads and updates a seed file. The seed
+ *                      is added to this instance.
+ *
+ * \param ctx           The CTR_DRBG context.
+ * \param path          The name of the file.
+ *
+ * \return              \c 0 on success,
+ *                      #MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR on file error,
+ *                      #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or
+ *                      #MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG on failure.
+ */
+int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path );
+#endif /* MBEDTLS_FS_IO */
+
+/**
+ * \brief               The CTR_DRBG checkup routine.
+ *
+ * \return              \c 0 on success, or \c 1 on failure.
+ */
+int mbedtls_ctr_drbg_self_test( int verbose );
+
+/* Internal functions (do not call directly) */
+int mbedtls_ctr_drbg_seed_entropy_len( mbedtls_ctr_drbg_context *,
+                               int (*)(void *, unsigned char *, size_t), void *,
+                               const unsigned char *, size_t, size_t );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* ctr_drbg.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/debug.h b/thirdparty/mbedtls/include/mbedtls/debug.h
new file mode 100644
index 0000000000..ef8db67ff1
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/debug.h
@@ -0,0 +1,229 @@
+/**
+ * \file debug.h
+ *
+ * \brief Functions for controlling and providing debug output from the library.
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_DEBUG_H
+#define MBEDTLS_DEBUG_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "ssl.h"
+
+#if defined(MBEDTLS_ECP_C)
+#include "ecp.h"
+#endif
+
+#if defined(MBEDTLS_DEBUG_C)
+
+#define MBEDTLS_DEBUG_STRIP_PARENS( ... )   __VA_ARGS__
+
+#define MBEDTLS_SSL_DEBUG_MSG( level, args )                    \
+    mbedtls_debug_print_msg( ssl, level, __FILE__, __LINE__,    \
+                             MBEDTLS_DEBUG_STRIP_PARENS args )
+
+#define MBEDTLS_SSL_DEBUG_RET( level, text, ret )                \
+    mbedtls_debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret )
+
+#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len )           \
+    mbedtls_debug_print_buf( ssl, level, __FILE__, __LINE__, text, buf, len )
+
+#if defined(MBEDTLS_BIGNUM_C)
+#define MBEDTLS_SSL_DEBUG_MPI( level, text, X )                  \
+    mbedtls_debug_print_mpi( ssl, level, __FILE__, __LINE__, text, X )
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+#define MBEDTLS_SSL_DEBUG_ECP( level, text, X )                  \
+    mbedtls_debug_print_ecp( ssl, level, __FILE__, __LINE__, text, X )
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt )                \
+    mbedtls_debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt )
+#endif
+
+#else /* MBEDTLS_DEBUG_C */
+
+#define MBEDTLS_SSL_DEBUG_MSG( level, args )            do { } while( 0 )
+#define MBEDTLS_SSL_DEBUG_RET( level, text, ret )       do { } while( 0 )
+#define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len )  do { } while( 0 )
+#define MBEDTLS_SSL_DEBUG_MPI( level, text, X )         do { } while( 0 )
+#define MBEDTLS_SSL_DEBUG_ECP( level, text, X )         do { } while( 0 )
+#define MBEDTLS_SSL_DEBUG_CRT( level, text, crt )       do { } while( 0 )
+
+#endif /* MBEDTLS_DEBUG_C */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief   Set the threshold error level to handle globally all debug output.
+ *          Debug messages that have a level over the threshold value are
+ *          discarded.
+ *          (Default value: 0 = No debug )
+ *
+ * \param threshold     theshold level of messages to filter on. Messages at a
+ *                      higher level will be discarded.
+ *                          - Debug levels
+ *                              - 0 No debug
+ *                              - 1 Error
+ *                              - 2 State change
+ *                              - 3 Informational
+ *                              - 4 Verbose
+ */
+void mbedtls_debug_set_threshold( int threshold );
+
+/**
+ * \brief    Print a message to the debug output. This function is always used
+ *          through the MBEDTLS_SSL_DEBUG_MSG() macro, which supplies the ssl
+ *          context, file and line number parameters.
+ *
+ * \param ssl       SSL context
+ * \param level     error level of the debug message
+ * \param file      file the message has occurred in
+ * \param line      line number the message has occurred at
+ * \param format    format specifier, in printf format
+ * \param ...       variables used by the format specifier
+ *
+ * \attention       This function is intended for INTERNAL usage within the
+ *                  library only.
+ */
+void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
+                              const char *file, int line,
+                              const char *format, ... );
+
+/**
+ * \brief   Print the return value of a function to the debug output. This
+ *          function is always used through the MBEDTLS_SSL_DEBUG_RET() macro,
+ *          which supplies the ssl context, file and line number parameters.
+ *
+ * \param ssl       SSL context
+ * \param level     error level of the debug message
+ * \param file      file the error has occurred in
+ * \param line      line number the error has occurred in
+ * \param text      the name of the function that returned the error
+ * \param ret       the return code value
+ *
+ * \attention       This function is intended for INTERNAL usage within the
+ *                  library only.
+ */
+void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level,
+                      const char *file, int line,
+                      const char *text, int ret );
+
+/**
+ * \brief   Output a buffer of size len bytes to the debug output. This function
+ *          is always used through the MBEDTLS_SSL_DEBUG_BUF() macro,
+ *          which supplies the ssl context, file and line number parameters.
+ *
+ * \param ssl       SSL context
+ * \param level     error level of the debug message
+ * \param file      file the error has occurred in
+ * \param line      line number the error has occurred in
+ * \param text      a name or label for the buffer being dumped. Normally the
+ *                  variable or buffer name
+ * \param buf       the buffer to be outputted
+ * \param len       length of the buffer
+ *
+ * \attention       This function is intended for INTERNAL usage within the
+ *                  library only.
+ */
+void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
+                      const char *file, int line, const char *text,
+                      const unsigned char *buf, size_t len );
+
+#if defined(MBEDTLS_BIGNUM_C)
+/**
+ * \brief   Print a MPI variable to the debug output. This function is always
+ *          used through the MBEDTLS_SSL_DEBUG_MPI() macro, which supplies the
+ *          ssl context, file and line number parameters.
+ *
+ * \param ssl       SSL context
+ * \param level     error level of the debug message
+ * \param file      file the error has occurred in
+ * \param line      line number the error has occurred in
+ * \param text      a name or label for the MPI being output. Normally the
+ *                  variable name
+ * \param X         the MPI variable
+ *
+ * \attention       This function is intended for INTERNAL usage within the
+ *                  library only.
+ */
+void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level,
+                      const char *file, int line,
+                      const char *text, const mbedtls_mpi *X );
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+/**
+ * \brief   Print an ECP point to the debug output. This function is always
+ *          used through the MBEDTLS_SSL_DEBUG_ECP() macro, which supplies the
+ *          ssl context, file and line number parameters.
+ *
+ * \param ssl       SSL context
+ * \param level     error level of the debug message
+ * \param file      file the error has occurred in
+ * \param line      line number the error has occurred in
+ * \param text      a name or label for the ECP point being output. Normally the
+ *                  variable name
+ * \param X         the ECP point
+ *
+ * \attention       This function is intended for INTERNAL usage within the
+ *                  library only.
+ */
+void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level,
+                      const char *file, int line,
+                      const char *text, const mbedtls_ecp_point *X );
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+/**
+ * \brief   Print a X.509 certificate structure to the debug output. This
+ *          function is always used through the MBEDTLS_SSL_DEBUG_CRT() macro,
+ *          which supplies the ssl context, file and line number parameters.
+ *
+ * \param ssl       SSL context
+ * \param level     error level of the debug message
+ * \param file      file the error has occurred in
+ * \param line      line number the error has occurred in
+ * \param text      a name or label for the certificate being output
+ * \param crt       X.509 certificate structure
+ *
+ * \attention       This function is intended for INTERNAL usage within the
+ *                  library only.
+ */
+void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level,
+                      const char *file, int line,
+                      const char *text, const mbedtls_x509_crt *crt );
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* debug.h */
+
diff --git a/thirdparty/mbedtls/include/mbedtls/des.h b/thirdparty/mbedtls/include/mbedtls/des.h
new file mode 100644
index 0000000000..5a1a636522
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/des.h
@@ -0,0 +1,357 @@
+/**
+ * \file des.h
+ *
+ * \brief DES block cipher
+ *
+ * \warning   DES is considered a weak cipher and its use constitutes a
+ *            security risk. We recommend considering stronger ciphers
+ *            instead.
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ *
+ */
+#ifndef MBEDTLS_DES_H
+#define MBEDTLS_DES_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+#include <stdint.h>
+
+#define MBEDTLS_DES_ENCRYPT     1
+#define MBEDTLS_DES_DECRYPT     0
+
+#define MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH              -0x0032  /**< The data input has an invalid length. */
+#define MBEDTLS_ERR_DES_HW_ACCEL_FAILED                   -0x0033  /**< DES hardware accelerator failed. */
+
+#define MBEDTLS_DES_KEY_SIZE    8
+
+#if !defined(MBEDTLS_DES_ALT)
+// Regular implementation
+//
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          DES context structure
+ *
+ * \warning        DES is considered a weak cipher and its use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+typedef struct
+{
+    uint32_t sk[32];            /*!<  DES subkeys       */
+}
+mbedtls_des_context;
+
+/**
+ * \brief          Triple-DES context structure
+ */
+typedef struct
+{
+    uint32_t sk[96];            /*!<  3DES subkeys      */
+}
+mbedtls_des3_context;
+
+/**
+ * \brief          Initialize DES context
+ *
+ * \param ctx      DES context to be initialized
+ *
+ * \warning        DES is considered a weak cipher and its use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+void mbedtls_des_init( mbedtls_des_context *ctx );
+
+/**
+ * \brief          Clear DES context
+ *
+ * \param ctx      DES context to be cleared
+ *
+ * \warning        DES is considered a weak cipher and its use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+void mbedtls_des_free( mbedtls_des_context *ctx );
+
+/**
+ * \brief          Initialize Triple-DES context
+ *
+ * \param ctx      DES3 context to be initialized
+ */
+void mbedtls_des3_init( mbedtls_des3_context *ctx );
+
+/**
+ * \brief          Clear Triple-DES context
+ *
+ * \param ctx      DES3 context to be cleared
+ */
+void mbedtls_des3_free( mbedtls_des3_context *ctx );
+
+/**
+ * \brief          Set key parity on the given key to odd.
+ *
+ *                 DES keys are 56 bits long, but each byte is padded with
+ *                 a parity bit to allow verification.
+ *
+ * \param key      8-byte secret key
+ *
+ * \warning        DES is considered a weak cipher and its use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] );
+
+/**
+ * \brief          Check that key parity on the given key is odd.
+ *
+ *                 DES keys are 56 bits long, but each byte is padded with
+ *                 a parity bit to allow verification.
+ *
+ * \param key      8-byte secret key
+ *
+ * \return         0 is parity was ok, 1 if parity was not correct.
+ *
+ * \warning        DES is considered a weak cipher and its use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
+
+/**
+ * \brief          Check that key is not a weak or semi-weak DES key
+ *
+ * \param key      8-byte secret key
+ *
+ * \return         0 if no weak key was found, 1 if a weak key was identified.
+ *
+ * \warning        DES is considered a weak cipher and its use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
+
+/**
+ * \brief          DES key schedule (56-bit, encryption)
+ *
+ * \param ctx      DES context to be initialized
+ * \param key      8-byte secret key
+ *
+ * \return         0
+ *
+ * \warning        DES is considered a weak cipher and its use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
+
+/**
+ * \brief          DES key schedule (56-bit, decryption)
+ *
+ * \param ctx      DES context to be initialized
+ * \param key      8-byte secret key
+ *
+ * \return         0
+ *
+ * \warning        DES is considered a weak cipher and its use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
+
+/**
+ * \brief          Triple-DES key schedule (112-bit, encryption)
+ *
+ * \param ctx      3DES context to be initialized
+ * \param key      16-byte secret key
+ *
+ * \return         0
+ */
+int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx,
+                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
+
+/**
+ * \brief          Triple-DES key schedule (112-bit, decryption)
+ *
+ * \param ctx      3DES context to be initialized
+ * \param key      16-byte secret key
+ *
+ * \return         0
+ */
+int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx,
+                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
+
+/**
+ * \brief          Triple-DES key schedule (168-bit, encryption)
+ *
+ * \param ctx      3DES context to be initialized
+ * \param key      24-byte secret key
+ *
+ * \return         0
+ */
+int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx,
+                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
+
+/**
+ * \brief          Triple-DES key schedule (168-bit, decryption)
+ *
+ * \param ctx      3DES context to be initialized
+ * \param key      24-byte secret key
+ *
+ * \return         0
+ */
+int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx,
+                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
+
+/**
+ * \brief          DES-ECB block encryption/decryption
+ *
+ * \param ctx      DES context
+ * \param input    64-bit input block
+ * \param output   64-bit output block
+ *
+ * \return         0 if successful
+ *
+ * \warning        DES is considered a weak cipher and its use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx,
+                    const unsigned char input[8],
+                    unsigned char output[8] );
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+/**
+ * \brief          DES-CBC buffer encryption/decryption
+ *
+ * \note           Upon exit, the content of the IV is updated so that you can
+ *                 call the function same function again on the following
+ *                 block(s) of data and get the same result as if it was
+ *                 encrypted in one call. This allows a "streaming" usage.
+ *                 If on the other hand you need to retain the contents of the
+ *                 IV, you should either save it manually or use the cipher
+ *                 module instead.
+ *
+ * \param ctx      DES context
+ * \param mode     MBEDTLS_DES_ENCRYPT or MBEDTLS_DES_DECRYPT
+ * \param length   length of the input data
+ * \param iv       initialization vector (updated after use)
+ * \param input    buffer holding the input data
+ * \param output   buffer holding the output data
+ *
+ * \warning        DES is considered a weak cipher and its use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
+                    int mode,
+                    size_t length,
+                    unsigned char iv[8],
+                    const unsigned char *input,
+                    unsigned char *output );
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+/**
+ * \brief          3DES-ECB block encryption/decryption
+ *
+ * \param ctx      3DES context
+ * \param input    64-bit input block
+ * \param output   64-bit output block
+ *
+ * \return         0 if successful
+ */
+int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx,
+                     const unsigned char input[8],
+                     unsigned char output[8] );
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+/**
+ * \brief          3DES-CBC buffer encryption/decryption
+ *
+ * \note           Upon exit, the content of the IV is updated so that you can
+ *                 call the function same function again on the following
+ *                 block(s) of data and get the same result as if it was
+ *                 encrypted in one call. This allows a "streaming" usage.
+ *                 If on the other hand you need to retain the contents of the
+ *                 IV, you should either save it manually or use the cipher
+ *                 module instead.
+ *
+ * \param ctx      3DES context
+ * \param mode     MBEDTLS_DES_ENCRYPT or MBEDTLS_DES_DECRYPT
+ * \param length   length of the input data
+ * \param iv       initialization vector (updated after use)
+ * \param input    buffer holding the input data
+ * \param output   buffer holding the output data
+ *
+ * \return         0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH
+ */
+int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
+                     int mode,
+                     size_t length,
+                     unsigned char iv[8],
+                     const unsigned char *input,
+                     unsigned char *output );
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+/**
+ * \brief          Internal function for key expansion.
+ *                 (Only exposed to allow overriding it,
+ *                 see MBEDTLS_DES_SETKEY_ALT)
+ *
+ * \param SK       Round keys
+ * \param key      Base key
+ *
+ * \warning        DES is considered a weak cipher and its use constitutes a
+ *                 security risk. We recommend considering stronger ciphers
+ *                 instead.
+ */
+void mbedtls_des_setkey( uint32_t SK[32],
+                         const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
+#ifdef __cplusplus
+}
+#endif
+
+#else  /* MBEDTLS_DES_ALT */
+#include "des_alt.h"
+#endif /* MBEDTLS_DES_ALT */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if the test failed
+ */
+int mbedtls_des_self_test( int verbose );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* des.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/dhm.h b/thirdparty/mbedtls/include/mbedtls/dhm.h
new file mode 100644
index 0000000000..da2e66b111
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/dhm.h
@@ -0,0 +1,1061 @@
+/**
+ * \file dhm.h
+ *
+ * \brief Diffie-Hellman-Merkle key exchange.
+ *
+ * <em>RFC-3526: More Modular Exponential (MODP) Diffie-Hellman groups for
+ * Internet Key Exchange (IKE)</em> defines a number of standardized
+ * Diffie-Hellman groups for IKE.
+ *
+ * <em>RFC-5114: Additional Diffie-Hellman Groups for Use with IETF
+ * Standards</em> defines a number of standardized Diffie-Hellman
+ * groups that can be used.
+ *
+ * \warning  The security of the DHM key exchange relies on the proper choice
+ *           of prime modulus - optimally, it should be a safe prime. The usage
+ *           of non-safe primes both decreases the difficulty of the underlying
+ *           discrete logarithm problem and can lead to small subgroup attacks
+ *           leaking private exponent bits when invalid public keys are used
+ *           and not detected. This is especially relevant if the same DHM
+ *           parameters are reused for multiple key exchanges as in static DHM,
+ *           while the criticality of small-subgroup attacks is lower for
+ *           ephemeral DHM.
+ *
+ * \warning  For performance reasons, the code does neither perform primality
+ *           nor safe primality tests, nor the expensive checks for invalid
+ *           subgroups. Moreover, even if these were performed, non-standardized
+ *           primes cannot be trusted because of the possibility of backdoors
+ *           that can't be effectively checked for.
+ *
+ * \warning  Diffie-Hellman-Merkle is therefore a security risk when not using
+ *           standardized primes generated using a trustworthy ("nothing up
+ *           my sleeve") method, such as the RFC 3526 / 7919 primes. In the TLS
+ *           protocol, DH parameters need to be negotiated, so using the default
+ *           primes systematically is not always an option. If possible, use
+ *           Elliptic Curve Diffie-Hellman (ECDH), which has better performance,
+ *           and for which the TLS protocol mandates the use of standard
+ *           parameters.
+ *
+ */
+/*
+ *  Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef MBEDTLS_DHM_H
+#define MBEDTLS_DHM_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+#include "bignum.h"
+#if !defined(MBEDTLS_DHM_ALT)
+
+/*
+ * DHM Error codes
+ */
+#define MBEDTLS_ERR_DHM_BAD_INPUT_DATA                    -0x3080  /**< Bad input parameters. */
+#define MBEDTLS_ERR_DHM_READ_PARAMS_FAILED                -0x3100  /**< Reading of the DHM parameters failed. */
+#define MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED                -0x3180  /**< Making of the DHM parameters failed. */
+#define MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED                -0x3200  /**< Reading of the public values failed. */
+#define MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED                -0x3280  /**< Making of the public value failed. */
+#define MBEDTLS_ERR_DHM_CALC_SECRET_FAILED                -0x3300  /**< Calculation of the DHM secret failed. */
+#define MBEDTLS_ERR_DHM_INVALID_FORMAT                    -0x3380  /**< The ASN.1 data is not formatted correctly. */
+#define MBEDTLS_ERR_DHM_ALLOC_FAILED                      -0x3400  /**< Allocation of memory failed. */
+#define MBEDTLS_ERR_DHM_FILE_IO_ERROR                     -0x3480  /**< Read or write of file failed. */
+#define MBEDTLS_ERR_DHM_HW_ACCEL_FAILED                   -0x3500  /**< DHM hardware accelerator failed. */
+#define MBEDTLS_ERR_DHM_SET_GROUP_FAILED                  -0x3580  /**< Setting the modulus and generator failed. */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          The DHM context structure.
+ */
+typedef struct
+{
+    size_t len;         /*!<  The size of \p P in Bytes. */
+    mbedtls_mpi P;      /*!<  The prime modulus. */
+    mbedtls_mpi G;      /*!<  The generator. */
+    mbedtls_mpi X;      /*!<  Our secret value. */
+    mbedtls_mpi GX;     /*!<  Our public key = \c G^X mod \c P. */
+    mbedtls_mpi GY;     /*!<  The public key of the peer = \c G^Y mod \c P. */
+    mbedtls_mpi K;      /*!<  The shared secret = \c G^(XY) mod \c P. */
+    mbedtls_mpi RP;     /*!<  The cached value = \c R^2 mod \c P. */
+    mbedtls_mpi Vi;     /*!<  The blinding value. */
+    mbedtls_mpi Vf;     /*!<  The unblinding value. */
+    mbedtls_mpi pX;     /*!<  The previous \c X. */
+}
+mbedtls_dhm_context;
+
+/**
+ * \brief          This function initializes the DHM context.
+ *
+ * \param ctx      The DHM context to initialize.
+ */
+void mbedtls_dhm_init( mbedtls_dhm_context *ctx );
+
+/**
+ * \brief          This function parses the ServerKeyExchange parameters.
+ *
+ * \param ctx      The DHM context.
+ * \param p        On input, *p must be the start of the input buffer.
+ *                 On output, *p is updated to point to the end of the data
+ *                 that has been read. On success, this is the first byte
+ *                 past the end of the ServerKeyExchange parameters.
+ *                 On error, this is the point at which an error has been
+ *                 detected, which is usually not useful except to debug
+ *                 failures.
+ * \param end      The end of the input buffer.
+ *
+ * \return         \c 0 on success, or an \c MBEDTLS_ERR_DHM_XXX error code
+ *                 on failure.
+ */
+int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx,
+                     unsigned char **p,
+                     const unsigned char *end );
+
+/**
+ * \brief          This function sets up and writes the ServerKeyExchange
+ *                 parameters.
+ *
+ * \param ctx      The DHM context.
+ * \param x_size   The private value size in Bytes.
+ * \param olen     The number of characters written.
+ * \param output   The destination buffer.
+ * \param f_rng    The RNG function.
+ * \param p_rng    The RNG parameter.
+ *
+ * \note           The destination buffer must be large enough to hold
+ *                 the reduced binary presentation of the modulus, the generator
+ *                 and the public key, each wrapped with a 2-byte length field.
+ *                 It is the responsibility of the caller to ensure that enough
+ *                 space is available. Refer to \c mbedtls_mpi_size to computing
+ *                 the byte-size of an MPI.
+ *
+ * \note           This function assumes that \c ctx->P and \c ctx->G
+ *                 have already been properly set. For that, use
+ *                 mbedtls_dhm_set_group() below in conjunction with
+ *                 mbedtls_mpi_read_binary() and mbedtls_mpi_read_string().
+ *
+ * \return         \c 0 on success, or an \c MBEDTLS_ERR_DHM_XXX error code
+ *                 on failure.
+ */
+int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
+                     unsigned char *output, size_t *olen,
+                     int (*f_rng)(void *, unsigned char *, size_t),
+                     void *p_rng );
+
+/**
+ * \brief          Set prime modulus and generator
+ *
+ * \param ctx      The DHM context.
+ * \param P        The MPI holding DHM prime modulus.
+ * \param G        The MPI holding DHM generator.
+ *
+ * \note           This function can be used to set P, G
+ *                 in preparation for \c mbedtls_dhm_make_params.
+ *
+ * \return         \c 0 if successful, or an \c MBEDTLS_ERR_DHM_XXX error code
+ *                 on failure.
+ */
+int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx,
+                           const mbedtls_mpi *P,
+                           const mbedtls_mpi *G );
+
+/**
+ * \brief          This function imports the public value G^Y of the peer.
+ *
+ * \param ctx      The DHM context.
+ * \param input    The input buffer.
+ * \param ilen     The size of the input buffer.
+ *
+ * \return         \c 0 on success, or an \c MBEDTLS_ERR_DHM_XXX error code
+ *                 on failure.
+ */
+int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx,
+                     const unsigned char *input, size_t ilen );
+
+/**
+ * \brief          This function creates its own private value \c X and
+ *                 exports \c G^X.
+ *
+ * \param ctx      The DHM context.
+ * \param x_size   The private value size in Bytes.
+ * \param output   The destination buffer.
+ * \param olen     The length of the destination buffer. Must be at least
+                   equal to ctx->len (the size of \c P).
+ * \param f_rng    The RNG function.
+ * \param p_rng    The RNG parameter.
+ *
+ * \note           The destination buffer will always be fully written
+ *                 so as to contain a big-endian presentation of G^X mod P.
+ *                 If it is larger than ctx->len, it will accordingly be
+ *                 padded with zero-bytes in the beginning.
+ *
+ * \return         \c 0 on success, or an \c MBEDTLS_ERR_DHM_XXX error code
+ *                 on failure.
+ */
+int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size,
+                     unsigned char *output, size_t olen,
+                     int (*f_rng)(void *, unsigned char *, size_t),
+                     void *p_rng );
+
+/**
+ * \brief               This function derives and exports the shared secret
+ *                      \c (G^Y)^X mod \c P.
+ *
+ * \param ctx           The DHM context.
+ * \param output        The destination buffer.
+ * \param output_size   The size of the destination buffer. Must be at least
+ *                      the size of ctx->len.
+ * \param olen          On exit, holds the actual number of Bytes written.
+ * \param f_rng         The RNG function, for blinding purposes.
+ * \param p_rng         The RNG parameter.
+ *
+ * \return         \c 0 on success, or an \c MBEDTLS_ERR_DHM_XXX error code
+ *                 on failure.
+ *
+ * \note           If non-NULL, \p f_rng is used to blind the input as
+ *                 a countermeasure against timing attacks. Blinding is used
+ *                 only if our secret value \p X is re-used and omitted
+ *                 otherwise. Therefore, we recommend always passing a
+ *                 non-NULL \p f_rng argument.
+ */
+int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx,
+                     unsigned char *output, size_t output_size, size_t *olen,
+                     int (*f_rng)(void *, unsigned char *, size_t),
+                     void *p_rng );
+
+/**
+ * \brief          This function frees and clears the components of a DHM key.
+ *
+ * \param ctx      The DHM context to free and clear.
+ */
+void mbedtls_dhm_free( mbedtls_dhm_context *ctx );
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+/** \ingroup x509_module */
+/**
+ * \brief             This function parses DHM parameters in PEM or DER format.
+ *
+ * \param dhm         The DHM context to initialize.
+ * \param dhmin       The input buffer.
+ * \param dhminlen    The size of the buffer, including the terminating null
+ *                    Byte for PEM data.
+ *
+ * \return            \c 0 on success, or a specific DHM or PEM error code
+ *                    on failure.
+ */
+int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin,
+                   size_t dhminlen );
+
+#if defined(MBEDTLS_FS_IO)
+/** \ingroup x509_module */
+/**
+ * \brief          This function loads and parses DHM parameters from a file.
+ *
+ * \param dhm      The DHM context to load the parameters to.
+ * \param path     The filename to read the DHM parameters from.
+ *
+ * \return         \c 0 on success, or a specific DHM or PEM error code
+ *                 on failure.
+ */
+int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path );
+#endif /* MBEDTLS_FS_IO */
+#endif /* MBEDTLS_ASN1_PARSE_C */
+
+#ifdef __cplusplus
+}
+#endif
+
+#else /* MBEDTLS_DHM_ALT */
+#include "dhm_alt.h"
+#endif /* MBEDTLS_DHM_ALT */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          The DMH checkup routine.
+ *
+ * \return         \c 0 on success, or \c 1 on failure.
+ */
+int mbedtls_dhm_self_test( int verbose );
+
+#ifdef __cplusplus
+}
+#endif
+
+/**
+ * RFC 3526, RFC 5114 and RFC 7919 standardize a number of
+ * Diffie-Hellman groups, some of which are included here
+ * for use within the SSL/TLS module and the user's convenience
+ * when configuring the Diffie-Hellman parameters by hand
+ * through \c mbedtls_ssl_conf_dh_param.
+ *
+ * The following lists the source of the above groups in the standards:
+ * - RFC 5114 section 2.2:  2048-bit MODP Group with 224-bit Prime Order Subgroup
+ * - RFC 3526 section 3:    2048-bit MODP Group
+ * - RFC 3526 section 4:    3072-bit MODP Group
+ * - RFC 3526 section 5:    4096-bit MODP Group
+ * - RFC 7919 section A.1:  ffdhe2048
+ * - RFC 7919 section A.2:  ffdhe3072
+ * - RFC 7919 section A.3:  ffdhe4096
+ * - RFC 7919 section A.4:  ffdhe6144
+ * - RFC 7919 section A.5:  ffdhe8192
+ *
+ * The constants with suffix "_p" denote the chosen prime moduli, while
+ * the constants with suffix "_g" denote the chosen generator
+ * of the associated prime field.
+ *
+ * The constants further suffixed with "_bin" are provided in binary format,
+ * while all other constants represent null-terminated strings holding the
+ * hexadecimal presentation of the respective numbers.
+ *
+ * The primes from RFC 3526 and RFC 7919 have been generating by the following
+ * trust-worthy procedure:
+ * - Fix N in { 2048, 3072, 4096, 6144, 8192 } and consider the N-bit number
+ *   the first and last 64 bits are all 1, and the remaining N - 128 bits of
+ *   which are 0x7ff...ff.
+ * - Add the smallest multiple of the first N - 129 bits of the binary expansion
+ *   of pi (for RFC 5236) or e (for RFC 7919) to this intermediate bit-string
+ *   such that the resulting integer is a safe-prime.
+ * - The result is the respective RFC 3526 / 7919 prime, and the corresponding
+ *   generator is always chosen to be 2 (which is a square for these prime,
+ *   hence the corresponding subgroup has order (p-1)/2 and avoids leaking a
+ *   bit in the private exponent).
+ *
+ */
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED __attribute__((deprecated))
+MBEDTLS_DEPRECATED typedef char const * mbedtls_deprecated_constant_t;
+#define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL )       \
+    ( (mbedtls_deprecated_constant_t) ( VAL ) )
+#else
+#define MBEDTLS_DEPRECATED_STRING_CONSTANT( VAL ) VAL
+#endif /* ! MBEDTLS_DEPRECATED_WARNING */
+
+/**
+ * \warning The origin of the primes in RFC 5114 is not documented and
+ *          their use therefore constitutes a security risk!
+ *
+ * \deprecated The hex-encoded primes from RFC 5114 are deprecated and are
+ *             likely to be removed in a future version of the library without
+ *             replacement.
+ */
+
+/**
+ * The hexadecimal presentation of the prime underlying the
+ * 2048-bit MODP Group with 224-bit Prime Order Subgroup, as defined
+ * in <em>RFC-5114: Additional Diffie-Hellman Groups for Use with
+ * IETF Standards</em>.
+ */
+#define MBEDTLS_DHM_RFC5114_MODP_P                              \
+    MBEDTLS_DEPRECATED_STRING_CONSTANT(                         \
+        "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1"      \
+        "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15"      \
+        "EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212"      \
+        "9037C9EDEFDA4DF8D91E8FEF55B7394B7AD5B7D0B6C12207"      \
+        "C9F98D11ED34DBF6C6BA0B2C8BBC27BE6A00E0A0B9C49708"      \
+        "B3BF8A317091883681286130BC8985DB1602E714415D9330"      \
+        "278273C7DE31EFDC7310F7121FD5A07415987D9ADC0A486D"      \
+        "CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8"      \
+        "BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763"      \
+        "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71"      \
+        "CF9DE5384E71B81C0AC4DFFE0C10E64F" )
+
+/**
+ * The hexadecimal presentation of the chosen generator of the 2048-bit MODP
+ * Group with 224-bit Prime Order Subgroup, as defined in <em>RFC-5114:
+ * Additional Diffie-Hellman Groups for Use with IETF Standards</em>.
+ */
+#define MBEDTLS_DHM_RFC5114_MODP_2048_G                         \
+    MBEDTLS_DEPRECATED_STRING_CONSTANT(                         \
+        "AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"      \
+        "74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA"      \
+        "AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7"      \
+        "C17669101999024AF4D027275AC1348BB8A762D0521BC98A"      \
+        "E247150422EA1ED409939D54DA7460CDB5F6C6B250717CBE"      \
+        "F180EB34118E98D119529A45D6F834566E3025E316A330EF"      \
+        "BB77A86F0C1AB15B051AE3D428C8F8ACB70A8137150B8EEB"      \
+        "10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381"      \
+        "B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269"      \
+        "EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179"      \
+        "81BC087F2A7065B384B890D3191F2BFA" )
+
+/**
+ * The hexadecimal presentation of the prime underlying the 2048-bit MODP
+ * Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
+ * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
+ *
+ * \deprecated The hex-encoded primes from RFC 3625 are deprecated and
+ *             superseded by the corresponding macros providing them as
+ *             binary constants. Their hex-encoded constants are likely
+ *             to be removed in a future version of the library.
+ *
+ */
+#define MBEDTLS_DHM_RFC3526_MODP_2048_P                         \
+    MBEDTLS_DEPRECATED_STRING_CONSTANT(                         \
+        "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"      \
+        "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"      \
+        "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"      \
+        "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"      \
+        "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"      \
+        "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"      \
+        "83655D23DCA3AD961C62F356208552BB9ED529077096966D"      \
+        "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"      \
+        "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"      \
+        "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"      \
+        "15728E5A8AACAA68FFFFFFFFFFFFFFFF" )
+
+/**
+ * The hexadecimal presentation of the chosen generator of the 2048-bit MODP
+ * Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
+ * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
+ */
+#define MBEDTLS_DHM_RFC3526_MODP_2048_G                         \
+    MBEDTLS_DEPRECATED_STRING_CONSTANT( "02" )
+
+/**
+ * The hexadecimal presentation of the prime underlying the 3072-bit MODP
+ * Group, as defined in <em>RFC-3072: More Modular Exponential (MODP)
+ * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
+ */
+#define MBEDTLS_DHM_RFC3526_MODP_3072_P                         \
+    MBEDTLS_DEPRECATED_STRING_CONSTANT(                         \
+        "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"      \
+        "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"      \
+        "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"      \
+        "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"      \
+        "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"      \
+        "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"      \
+        "83655D23DCA3AD961C62F356208552BB9ED529077096966D"      \
+        "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"      \
+        "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"      \
+        "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"      \
+        "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"      \
+        "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"      \
+        "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"      \
+        "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"      \
+        "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"      \
+        "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF" )
+
+/**
+ * The hexadecimal presentation of the chosen generator of the 3072-bit MODP
+ * Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
+ * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
+ */
+#define MBEDTLS_DHM_RFC3526_MODP_3072_G                      \
+    MBEDTLS_DEPRECATED_STRING_CONSTANT( "02" )
+
+/**
+ * The hexadecimal presentation of the prime underlying the 4096-bit MODP
+ * Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
+ * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
+ */
+#define MBEDTLS_DHM_RFC3526_MODP_4096_P                      \
+    MBEDTLS_DEPRECATED_STRING_CONSTANT(                      \
+        "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"   \
+        "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"   \
+        "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"   \
+        "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"   \
+        "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"   \
+        "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"   \
+        "83655D23DCA3AD961C62F356208552BB9ED529077096966D"   \
+        "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"   \
+        "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"   \
+        "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"   \
+        "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"   \
+        "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"   \
+        "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"   \
+        "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"   \
+        "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"   \
+        "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7"   \
+        "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA"   \
+        "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6"   \
+        "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED"   \
+        "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9"   \
+        "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199"   \
+        "FFFFFFFFFFFFFFFF" )
+
+/**
+ * The hexadecimal presentation of the chosen generator of the 4096-bit MODP
+ * Group, as defined in <em>RFC-3526: More Modular Exponential (MODP)
+ * Diffie-Hellman groups for Internet Key Exchange (IKE)</em>.
+ */
+#define MBEDTLS_DHM_RFC3526_MODP_4096_G                      \
+    MBEDTLS_DEPRECATED_STRING_CONSTANT( "02" )
+
+#endif /* MBEDTLS_DEPRECATED_REMOVED */
+
+/*
+ * Trustworthy DHM parameters in binary form
+ */
+
+#define MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN {        \
+     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+     0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \
+     0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \
+     0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \
+     0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \
+     0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \
+     0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \
+     0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \
+     0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \
+     0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \
+     0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \
+     0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \
+     0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \
+     0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \
+     0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \
+     0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \
+     0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \
+     0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \
+     0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \
+     0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \
+     0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \
+     0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \
+     0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \
+     0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \
+     0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \
+     0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \
+     0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \
+     0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \
+     0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \
+     0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \
+     0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, \
+     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+
+#define MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN { 0x02 }
+
+#define MBEDTLS_DHM_RFC3526_MODP_3072_P_BIN {       \
+    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+    0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, \
+    0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, \
+    0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, \
+    0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22, \
+    0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, \
+    0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, \
+    0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37, \
+    0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, \
+    0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, \
+    0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, \
+    0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, \
+    0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, \
+    0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6, \
+    0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, \
+    0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, \
+    0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A, \
+    0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, \
+    0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, \
+    0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, \
+    0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, \
+    0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, \
+    0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C, \
+    0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, \
+    0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, \
+    0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F, \
+    0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, \
+    0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, \
+    0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, \
+    0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, \
+    0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, \
+    0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33, \
+    0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, \
+    0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, \
+    0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D, \
+    0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, \
+    0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, \
+    0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, \
+    0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, \
+    0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, \
+    0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64, \
+    0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, \
+    0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, \
+    0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2, \
+    0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, \
+    0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, \
+    0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x3A, 0xD2, 0xCA, \
+    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+
+#define MBEDTLS_DHM_RFC3526_MODP_3072_G_BIN { 0x02 }
+
+#define MBEDTLS_DHM_RFC3526_MODP_4096_P_BIN  {       \
+    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,  \
+    0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,  \
+    0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,  \
+    0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,  \
+    0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,  \
+    0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,  \
+    0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,  \
+    0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,  \
+    0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,  \
+    0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,  \
+    0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,  \
+    0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,  \
+    0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,  \
+    0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,  \
+    0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,  \
+    0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,  \
+    0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,  \
+    0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,  \
+    0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,  \
+    0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,  \
+    0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,  \
+    0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,  \
+    0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C,  \
+    0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,  \
+    0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03,  \
+    0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,  \
+    0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,  \
+    0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,  \
+    0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5,  \
+    0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,  \
+    0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D,  \
+    0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33,  \
+    0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,  \
+    0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A,  \
+    0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,  \
+    0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,  \
+    0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7,  \
+    0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D,  \
+    0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,  \
+    0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64,  \
+    0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64,  \
+    0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,  \
+    0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C,  \
+    0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2,  \
+    0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,  \
+    0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E,  \
+    0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01,  \
+    0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,  \
+    0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26,  \
+    0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C,  \
+    0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,  \
+    0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8,  \
+    0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9,  \
+    0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,  \
+    0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D,  \
+    0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2,  \
+    0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,  \
+    0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF,  \
+    0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C,  \
+    0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,  \
+    0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1,  \
+    0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F,  \
+    0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99,  \
+    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+
+#define MBEDTLS_DHM_RFC3526_MODP_4096_G_BIN { 0x02 }
+
+#define MBEDTLS_DHM_RFC7919_FFDHE2048_P_BIN {        \
+     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+     0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
+     0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
+     0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
+     0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
+     0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
+     0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
+     0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
+     0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
+     0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
+     0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
+     0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
+     0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
+     0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
+     0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
+     0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
+     0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
+     0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
+     0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
+     0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
+     0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
+     0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
+     0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
+     0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
+     0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
+     0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
+     0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
+     0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
+     0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
+     0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
+     0x88, 0x6B, 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97, \
+     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, }
+
+#define MBEDTLS_DHM_RFC7919_FFDHE2048_G_BIN { 0x02 }
+
+#define MBEDTLS_DHM_RFC7919_FFDHE3072_P_BIN { \
+     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+     0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
+     0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
+     0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
+     0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
+     0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
+     0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
+     0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
+     0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
+     0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
+     0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
+     0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
+     0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
+     0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
+     0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
+     0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
+     0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
+     0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
+     0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
+     0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
+     0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
+     0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
+     0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
+     0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
+     0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
+     0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
+     0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
+     0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
+     0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
+     0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
+     0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
+     0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
+     0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
+     0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
+     0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
+     0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
+     0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
+     0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
+     0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
+     0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
+     0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
+     0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
+     0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
+     0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
+     0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
+     0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
+     0x25, 0xE4, 0x1D, 0x2B, 0x66, 0xC6, 0x2E, 0x37, \
+     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+
+#define MBEDTLS_DHM_RFC7919_FFDHE3072_G_BIN { 0x02 }
+
+#define MBEDTLS_DHM_RFC7919_FFDHE4096_P_BIN {        \
+     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+     0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
+     0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
+     0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
+     0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
+     0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
+     0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
+     0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
+     0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
+     0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
+     0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
+     0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
+     0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
+     0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
+     0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
+     0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
+     0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
+     0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
+     0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
+     0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
+     0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
+     0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
+     0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
+     0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
+     0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
+     0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
+     0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
+     0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
+     0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
+     0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
+     0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
+     0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
+     0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
+     0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
+     0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
+     0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
+     0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
+     0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
+     0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
+     0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
+     0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
+     0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
+     0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
+     0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
+     0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
+     0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
+     0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \
+     0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \
+     0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \
+     0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \
+     0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \
+     0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \
+     0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \
+     0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \
+     0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \
+     0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \
+     0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \
+     0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \
+     0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \
+     0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \
+     0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \
+     0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \
+     0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x65, 0x5F, 0x6A, \
+     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+
+#define MBEDTLS_DHM_RFC7919_FFDHE4096_G_BIN { 0x02 }
+
+#define MBEDTLS_DHM_RFC7919_FFDHE6144_P_BIN {        \
+     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+     0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
+     0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
+     0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
+     0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
+     0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
+     0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
+     0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
+     0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
+     0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
+     0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
+     0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
+     0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
+     0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
+     0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
+     0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
+     0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
+     0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
+     0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
+     0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
+     0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
+     0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
+     0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
+     0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
+     0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
+     0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
+     0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
+     0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
+     0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
+     0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
+     0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
+     0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
+     0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
+     0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
+     0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
+     0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
+     0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
+     0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
+     0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
+     0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
+     0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
+     0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
+     0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
+     0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
+     0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
+     0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
+     0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \
+     0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \
+     0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \
+     0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \
+     0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \
+     0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \
+     0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \
+     0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \
+     0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \
+     0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \
+     0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \
+     0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \
+     0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \
+     0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \
+     0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \
+     0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \
+     0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, \
+     0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, \
+     0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, \
+     0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, \
+     0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, \
+     0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, \
+     0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, \
+     0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, \
+     0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, \
+     0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, \
+     0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, \
+     0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, \
+     0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, \
+     0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, \
+     0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, \
+     0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, \
+     0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, \
+     0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, \
+     0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, \
+     0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, \
+     0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, \
+     0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, \
+     0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, \
+     0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, \
+     0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, \
+     0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, \
+     0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, \
+     0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, \
+     0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, \
+     0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, \
+     0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, \
+     0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, \
+     0xA4, 0x0E, 0x32, 0x9C, 0xD0, 0xE4, 0x0E, 0x65, \
+     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+
+#define MBEDTLS_DHM_RFC7919_FFDHE6144_G_BIN { 0x02 }
+
+#define MBEDTLS_DHM_RFC7919_FFDHE8192_P_BIN {        \
+     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \
+     0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, \
+     0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, \
+     0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, \
+     0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, \
+     0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, \
+     0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, \
+     0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, \
+     0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, \
+     0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, \
+     0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, \
+     0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, \
+     0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, \
+     0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, \
+     0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, \
+     0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, \
+     0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, \
+     0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, \
+     0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, \
+     0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, \
+     0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, \
+     0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, \
+     0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, \
+     0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, \
+     0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, \
+     0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, \
+     0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, \
+     0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, \
+     0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, \
+     0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, \
+     0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC, \
+     0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B, \
+     0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38, \
+     0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07, \
+     0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE, \
+     0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C, \
+     0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70, \
+     0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44, \
+     0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3, \
+     0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF, \
+     0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E, \
+     0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D, \
+     0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA, \
+     0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E, \
+     0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF, \
+     0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C, \
+     0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1, \
+     0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB, \
+     0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6, \
+     0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18, \
+     0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04, \
+     0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A, \
+     0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A, \
+     0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32, \
+     0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4, \
+     0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38, \
+     0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A, \
+     0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C, \
+     0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC, \
+     0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF, \
+     0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B, \
+     0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1, \
+     0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02, \
+     0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A, \
+     0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A, \
+     0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6, \
+     0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8, \
+     0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C, \
+     0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A, \
+     0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71, \
+     0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F, \
+     0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77, \
+     0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10, \
+     0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8, \
+     0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3, \
+     0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E, \
+     0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3, \
+     0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4, \
+     0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1, \
+     0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92, \
+     0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6, \
+     0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82, \
+     0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE, \
+     0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C, \
+     0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E, \
+     0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46, \
+     0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A, \
+     0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17, \
+     0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03, \
+     0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04, \
+     0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6, \
+     0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69, \
+     0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1, \
+     0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4, \
+     0xA4, 0x0E, 0x32, 0x9C, 0xCF, 0xF4, 0x6A, 0xAA, \
+     0x36, 0xAD, 0x00, 0x4C, 0xF6, 0x00, 0xC8, 0x38, \
+     0x1E, 0x42, 0x5A, 0x31, 0xD9, 0x51, 0xAE, 0x64, \
+     0xFD, 0xB2, 0x3F, 0xCE, 0xC9, 0x50, 0x9D, 0x43, \
+     0x68, 0x7F, 0xEB, 0x69, 0xED, 0xD1, 0xCC, 0x5E, \
+     0x0B, 0x8C, 0xC3, 0xBD, 0xF6, 0x4B, 0x10, 0xEF, \
+     0x86, 0xB6, 0x31, 0x42, 0xA3, 0xAB, 0x88, 0x29, \
+     0x55, 0x5B, 0x2F, 0x74, 0x7C, 0x93, 0x26, 0x65, \
+     0xCB, 0x2C, 0x0F, 0x1C, 0xC0, 0x1B, 0xD7, 0x02, \
+     0x29, 0x38, 0x88, 0x39, 0xD2, 0xAF, 0x05, 0xE4, \
+     0x54, 0x50, 0x4A, 0xC7, 0x8B, 0x75, 0x82, 0x82, \
+     0x28, 0x46, 0xC0, 0xBA, 0x35, 0xC3, 0x5F, 0x5C, \
+     0x59, 0x16, 0x0C, 0xC0, 0x46, 0xFD, 0x82, 0x51, \
+     0x54, 0x1F, 0xC6, 0x8C, 0x9C, 0x86, 0xB0, 0x22, \
+     0xBB, 0x70, 0x99, 0x87, 0x6A, 0x46, 0x0E, 0x74, \
+     0x51, 0xA8, 0xA9, 0x31, 0x09, 0x70, 0x3F, 0xEE, \
+     0x1C, 0x21, 0x7E, 0x6C, 0x38, 0x26, 0xE5, 0x2C, \
+     0x51, 0xAA, 0x69, 0x1E, 0x0E, 0x42, 0x3C, 0xFC, \
+     0x99, 0xE9, 0xE3, 0x16, 0x50, 0xC1, 0x21, 0x7B, \
+     0x62, 0x48, 0x16, 0xCD, 0xAD, 0x9A, 0x95, 0xF9, \
+     0xD5, 0xB8, 0x01, 0x94, 0x88, 0xD9, 0xC0, 0xA0, \
+     0xA1, 0xFE, 0x30, 0x75, 0xA5, 0x77, 0xE2, 0x31, \
+     0x83, 0xF8, 0x1D, 0x4A, 0x3F, 0x2F, 0xA4, 0x57, \
+     0x1E, 0xFC, 0x8C, 0xE0, 0xBA, 0x8A, 0x4F, 0xE8, \
+     0xB6, 0x85, 0x5D, 0xFE, 0x72, 0xB0, 0xA6, 0x6E, \
+     0xDE, 0xD2, 0xFB, 0xAB, 0xFB, 0xE5, 0x8A, 0x30, \
+     0xFA, 0xFA, 0xBE, 0x1C, 0x5D, 0x71, 0xA8, 0x7E, \
+     0x2F, 0x74, 0x1E, 0xF8, 0xC1, 0xFE, 0x86, 0xFE, \
+     0xA6, 0xBB, 0xFD, 0xE5, 0x30, 0x67, 0x7F, 0x0D, \
+     0x97, 0xD1, 0x1D, 0x49, 0xF7, 0xA8, 0x44, 0x3D, \
+     0x08, 0x22, 0xE5, 0x06, 0xA9, 0xF4, 0x61, 0x4E, \
+     0x01, 0x1E, 0x2A, 0x94, 0x83, 0x8F, 0xF8, 0x8C, \
+     0xD6, 0x8C, 0x8B, 0xB7, 0xC5, 0xC6, 0x42, 0x4C, \
+     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
+
+#define MBEDTLS_DHM_RFC7919_FFDHE8192_G_BIN { 0x02 }
+
+#endif /* dhm.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/ecdh.h b/thirdparty/mbedtls/include/mbedtls/ecdh.h
new file mode 100644
index 0000000000..99cfde00d0
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/ecdh.h
@@ -0,0 +1,277 @@
+/**
+ * \file ecdh.h
+ *
+ * \brief The Elliptic Curve Diffie-Hellman (ECDH) protocol APIs.
+ *
+ * ECDH is an anonymous key agreement protocol allowing two parties to
+ * establish a shared secret over an insecure channel. Each party must have an
+ * elliptic-curve public–private key pair.
+ *
+ * For more information, see <em>NIST SP 800-56A Rev. 2: Recommendation for
+ * Pair-Wise Key Establishment Schemes Using Discrete Logarithm
+ * Cryptography</em>.
+ */
+/*
+ *  Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef MBEDTLS_ECDH_H
+#define MBEDTLS_ECDH_H
+
+#include "ecp.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * Defines the source of the imported EC key:
+ * <ul><li>Our key.</li>
+ * <li>The key of the peer.</li></ul>
+ */
+typedef enum
+{
+    MBEDTLS_ECDH_OURS,
+    MBEDTLS_ECDH_THEIRS,
+} mbedtls_ecdh_side;
+
+/**
+ * \brief           The ECDH context structure.
+ */
+typedef struct
+{
+    mbedtls_ecp_group grp;   /*!< The elliptic curve used. */
+    mbedtls_mpi d;           /*!< The private key. */
+    mbedtls_ecp_point Q;     /*!< The public key. */
+    mbedtls_ecp_point Qp;    /*!< The value of the public key of the peer. */
+    mbedtls_mpi z;           /*!< The shared secret. */
+    int point_format;        /*!< The format of point export in TLS messages. */
+    mbedtls_ecp_point Vi;    /*!< The blinding value. */
+    mbedtls_ecp_point Vf;    /*!< The unblinding value. */
+    mbedtls_mpi _d;          /*!< The previous \p d. */
+}
+mbedtls_ecdh_context;
+
+/**
+ * \brief           This function generates an ECDH keypair on an elliptic
+ *                  curve.
+ *
+ *                  This function performs the first of two core computations
+ *                  implemented during the ECDH key exchange. The second core
+ *                  computation is performed by mbedtls_ecdh_compute_shared().
+ *
+ * \param grp       The ECP group.
+ * \param d         The destination MPI (private key).
+ * \param Q         The destination point (public key).
+ * \param f_rng     The RNG function.
+ * \param p_rng     The RNG parameter.
+ *
+ * \return          \c 0 on success, or an \c MBEDTLS_ERR_ECP_XXX or
+ *                  \c MBEDTLS_MPI_XXX error code on failure.
+ *
+ * \see             ecp.h
+ */
+int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
+                     int (*f_rng)(void *, unsigned char *, size_t),
+                     void *p_rng );
+
+/**
+ * \brief           This function computes the shared secret.
+ *
+ *                  This function performs the second of two core computations
+ *                  implemented during the ECDH key exchange. The first core
+ *                  computation is performed by mbedtls_ecdh_gen_public().
+ *
+ * \param grp       The ECP group.
+ * \param z         The destination MPI (shared secret).
+ * \param Q         The public key from another party.
+ * \param d         Our secret exponent (private key).
+ * \param f_rng     The RNG function.
+ * \param p_rng     The RNG parameter.
+ *
+ * \return          \c 0 on success, or an \c MBEDTLS_ERR_ECP_XXX or
+ *                  \c MBEDTLS_MPI_XXX error code on failure.
+ *
+ * \see             ecp.h
+ *
+ * \note            If \p f_rng is not NULL, it is used to implement
+ *                  countermeasures against potential elaborate timing
+ *                  attacks. For more information, see mbedtls_ecp_mul().
+ */
+int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z,
+                         const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
+                         int (*f_rng)(void *, unsigned char *, size_t),
+                         void *p_rng );
+
+/**
+ * \brief           This function initializes an ECDH context.
+ *
+ * \param ctx       The ECDH context to initialize.
+ */
+void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx );
+
+/**
+ * \brief           This function frees a context.
+ *
+ * \param ctx       The context to free.
+ */
+void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx );
+
+/**
+ * \brief           This function generates a public key and a TLS
+ *                  ServerKeyExchange payload.
+ *
+ *                  This is the first function used by a TLS server for ECDHE
+ *                  ciphersuites.
+ *
+ * \param ctx       The ECDH context.
+ * \param olen      The number of characters written.
+ * \param buf       The destination buffer.
+ * \param blen      The length of the destination buffer.
+ * \param f_rng     The RNG function.
+ * \param p_rng     The RNG parameter.
+ *
+ * \note            This function assumes that the ECP group (grp) of the
+ *                  \p ctx context has already been properly set,
+ *                  for example, using mbedtls_ecp_group_load().
+ *
+ * \return          \c 0 on success, or an \c MBEDTLS_ERR_ECP_XXX error code
+ *                  on failure.
+ *
+ * \see             ecp.h
+ */
+int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
+                      unsigned char *buf, size_t blen,
+                      int (*f_rng)(void *, unsigned char *, size_t),
+                      void *p_rng );
+
+/**
+ * \brief           This function parses and processes a TLS ServerKeyExhange
+ *                  payload.
+ *
+ *                  This is the first function used by a TLS client for ECDHE
+ *                  ciphersuites.
+ *
+ * \param ctx       The ECDH context.
+ * \param buf       The pointer to the start of the input buffer.
+ * \param end       The address for one Byte past the end of the buffer.
+ *
+ * \return          \c 0 on success, or an \c MBEDTLS_ERR_ECP_XXX error code
+ *                  on failure.
+ *
+ * \see             ecp.h
+ */
+int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx,
+                      const unsigned char **buf, const unsigned char *end );
+
+/**
+ * \brief           This function sets up an ECDH context from an EC key.
+ *
+ *                  It is used by clients and servers in place of the
+ *                  ServerKeyEchange for static ECDH, and imports ECDH
+ *                  parameters from the EC key information of a certificate.
+ *
+ * \param ctx       The ECDH context to set up.
+ * \param key       The EC key to use.
+ * \param side      Defines the source of the key:
+ *                  <ul><li>1: Our key.</li>
+                    <li>0: The key of the peer.</li></ul>
+ *
+ * \return          \c 0 on success, or an \c MBEDTLS_ERR_ECP_XXX error code
+ *                  on failure.
+ *
+ * \see             ecp.h
+ */
+int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key,
+                     mbedtls_ecdh_side side );
+
+/**
+ * \brief           This function generates a public key and a TLS
+ *                  ClientKeyExchange payload.
+ *
+ *                  This is the second function used by a TLS client for ECDH(E)
+ *                  ciphersuites.
+ *
+ * \param ctx       The ECDH context.
+ * \param olen      The number of Bytes written.
+ * \param buf       The destination buffer.
+ * \param blen      The size of the destination buffer.
+ * \param f_rng     The RNG function.
+ * \param p_rng     The RNG parameter.
+ *
+ * \return          \c 0 on success, or an \c MBEDTLS_ERR_ECP_XXX error code
+ *                  on failure.
+ *
+ * \see             ecp.h
+ */
+int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
+                      unsigned char *buf, size_t blen,
+                      int (*f_rng)(void *, unsigned char *, size_t),
+                      void *p_rng );
+
+/**
+ * \brief       This function parses and processes a TLS ClientKeyExchange
+ *              payload.
+ *
+ *              This is the second function used by a TLS server for ECDH(E)
+ *              ciphersuites.
+ *
+ * \param ctx   The ECDH context.
+ * \param buf   The start of the input buffer.
+ * \param blen  The length of the input buffer.
+ *
+ * \return      \c 0 on success, or an \c MBEDTLS_ERR_ECP_XXX error code
+ *              on failure.
+ *
+ * \see         ecp.h
+ */
+int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx,
+                      const unsigned char *buf, size_t blen );
+
+/**
+ * \brief           This function derives and exports the shared secret.
+ *
+ *                  This is the last function used by both TLS client
+ *                  and servers.
+ *
+ * \param ctx       The ECDH context.
+ * \param olen      The number of Bytes written.
+ * \param buf       The destination buffer.
+ * \param blen      The length of the destination buffer.
+ * \param f_rng     The RNG function.
+ * \param p_rng     The RNG parameter.
+ *
+ * \return          \c 0 on success, or an \c MBEDTLS_ERR_ECP_XXX error code
+ *                  on failure.
+ *
+ * \see             ecp.h
+ *
+ * \note            If \p f_rng is not NULL, it is used to implement
+ *                  countermeasures against potential elaborate timing
+ *                  attacks. For more information, see mbedtls_ecp_mul().
+ */
+int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
+                      unsigned char *buf, size_t blen,
+                      int (*f_rng)(void *, unsigned char *, size_t),
+                      void *p_rng );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* ecdh.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/ecdsa.h b/thirdparty/mbedtls/include/mbedtls/ecdsa.h
new file mode 100644
index 0000000000..aa23d67f99
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/ecdsa.h
@@ -0,0 +1,334 @@
+/**
+ * \file ecdsa.h
+ *
+ * \brief The Elliptic Curve Digital Signature Algorithm (ECDSA).
+ *
+ * ECDSA is defined in <em>Standards for Efficient Cryptography Group (SECG):
+ * SEC1 Elliptic Curve Cryptography</em>.
+ * The use of ECDSA for TLS is defined in <em>RFC-4492: Elliptic Curve
+ * Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS)</em>.
+ *
+ */
+/*
+ *  Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef MBEDTLS_ECDSA_H
+#define MBEDTLS_ECDSA_H
+
+#include "ecp.h"
+#include "md.h"
+
+/*
+ * RFC-4492 page 20:
+ *
+ *     Ecdsa-Sig-Value ::= SEQUENCE {
+ *         r       INTEGER,
+ *         s       INTEGER
+ *     }
+ *
+ * Size is at most
+ *    1 (tag) + 1 (len) + 1 (initial 0) + ECP_MAX_BYTES for each of r and s,
+ *    twice that + 1 (tag) + 2 (len) for the sequence
+ * (assuming ECP_MAX_BYTES is less than 126 for r and s,
+ * and less than 124 (total len <= 255) for the sequence)
+ */
+#if MBEDTLS_ECP_MAX_BYTES > 124
+#error "MBEDTLS_ECP_MAX_BYTES bigger than expected, please fix MBEDTLS_ECDSA_MAX_LEN"
+#endif
+/** The maximal size of an ECDSA signature in Bytes. */
+#define MBEDTLS_ECDSA_MAX_LEN  ( 3 + 2 * ( 3 + MBEDTLS_ECP_MAX_BYTES ) )
+
+/**
+ * \brief           The ECDSA context structure.
+ */
+typedef mbedtls_ecp_keypair mbedtls_ecdsa_context;
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief           This function computes the ECDSA signature of a
+ *                  previously-hashed message.
+ *
+ * \note            The deterministic version is usually preferred.
+ *
+ * \param grp       The ECP group.
+ * \param r         The first output integer.
+ * \param s         The second output integer.
+ * \param d         The private signing key.
+ * \param buf       The message hash.
+ * \param blen      The length of \p buf.
+ * \param f_rng     The RNG function.
+ * \param p_rng     The RNG parameter.
+ *
+ * \note            If the bitlength of the message hash is larger than the
+ *                  bitlength of the group order, then the hash is truncated
+ *                  as defined in <em>Standards for Efficient Cryptography Group
+ *                  (SECG): SEC1 Elliptic Curve Cryptography</em>, section
+ *                  4.1.3, step 5.
+ *
+ * \return          \c 0 on success, or an \c MBEDTLS_ERR_ECP_XXX
+ *                  or \c MBEDTLS_MPI_XXX error code on failure.
+ *
+ * \see             ecp.h
+ */
+int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
+                const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
+                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+/**
+ * \brief           This function computes the ECDSA signature of a
+ *                  previously-hashed message, deterministic version.
+ *                  For more information, see <em>RFC-6979: Deterministic
+ *                  Usage of the Digital Signature Algorithm (DSA) and Elliptic
+ *                  Curve Digital Signature Algorithm (ECDSA)</em>.
+ *
+ * \param grp       The ECP group.
+ * \param r         The first output integer.
+ * \param s         The second output integer.
+ * \param d         The private signing key.
+ * \param buf       The message hash.
+ * \param blen      The length of \p buf.
+ * \param md_alg    The MD algorithm used to hash the message.
+ *
+ * \note            If the bitlength of the message hash is larger than the
+ *                  bitlength of the group order, then the hash is truncated as
+ *                  defined in <em>Standards for Efficient Cryptography Group
+ *                  (SECG): SEC1 Elliptic Curve Cryptography</em>, section
+ *                  4.1.3, step 5.
+ *
+ * \return          \c 0 on success,
+ *                  or an \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX
+ *                  error code on failure.
+ *
+ * \see             ecp.h
+ */
+int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
+                    const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
+                    mbedtls_md_type_t md_alg );
+#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
+
+/**
+ * \brief           This function verifies the ECDSA signature of a
+ *                  previously-hashed message.
+ *
+ * \param grp       The ECP group.
+ * \param buf       The message hash.
+ * \param blen      The length of \p buf.
+ * \param Q         The public key to use for verification.
+ * \param r         The first integer of the signature.
+ * \param s         The second integer of the signature.
+ *
+ * \note            If the bitlength of the message hash is larger than the
+ *                  bitlength of the group order, then the hash is truncated as
+ *                  defined in <em>Standards for Efficient Cryptography Group
+ *                  (SECG): SEC1 Elliptic Curve Cryptography</em>, section
+ *                  4.1.4, step 3.
+ *
+ * \return          \c 0 on success,
+ *                  #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if signature is invalid,
+ *                  or an \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX
+ *                  error code on failure for any other reason.
+ *
+ * \see             ecp.h
+ */
+int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
+                  const unsigned char *buf, size_t blen,
+                  const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s);
+
+/**
+ * \brief           This function computes the ECDSA signature and writes it
+ *                  to a buffer, serialized as defined in <em>RFC-4492:
+ *                  Elliptic Curve Cryptography (ECC) Cipher Suites for
+ *                  Transport Layer Security (TLS)</em>.
+ *
+ * \warning         It is not thread-safe to use the same context in
+ *                  multiple threads.
+ *
+ * \note            The deterministic version is used if
+ *                  #MBEDTLS_ECDSA_DETERMINISTIC is defined. For more
+ *                  information, see <em>RFC-6979: Deterministic Usage
+ *                  of the Digital Signature Algorithm (DSA) and Elliptic
+ *                  Curve Digital Signature Algorithm (ECDSA)</em>.
+ *
+ * \param ctx       The ECDSA context.
+ * \param md_alg    The message digest that was used to hash the message.
+ * \param hash      The message hash.
+ * \param hlen      The length of the hash.
+ * \param sig       The buffer that holds the signature.
+ * \param slen      The length of the signature written.
+ * \param f_rng     The RNG function.
+ * \param p_rng     The RNG parameter.
+ *
+ * \note            The \p sig buffer must be at least twice as large as the
+ *                  size of the curve used, plus 9. For example, 73 Bytes if
+ *                  a 256-bit curve is used. A buffer length of
+ *                  #MBEDTLS_ECDSA_MAX_LEN is always safe.
+ *
+ * \note            If the bitlength of the message hash is larger than the
+ *                  bitlength of the group order, then the hash is truncated as
+ *                  defined in <em>Standards for Efficient Cryptography Group
+ *                  (SECG): SEC1 Elliptic Curve Cryptography</em>, section
+ *                  4.1.3, step 5.
+ *
+ * \return          \c 0 on success,
+ *                  or an \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or
+ *                  \c MBEDTLS_ERR_ASN1_XXX error code on failure.
+ *
+ * \see             ecp.h
+ */
+int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, mbedtls_md_type_t md_alg,
+                           const unsigned char *hash, size_t hlen,
+                           unsigned char *sig, size_t *slen,
+                           int (*f_rng)(void *, unsigned char *, size_t),
+                           void *p_rng );
+
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED    __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief   This function computes an ECDSA signature and writes it to a buffer,
+ *          serialized as defined in <em>RFC-4492: Elliptic Curve Cryptography
+ *          (ECC) Cipher Suites for Transport Layer Security (TLS)</em>.
+ *
+ *          The deterministic version is defined in <em>RFC-6979:
+ *          Deterministic Usage of the Digital Signature Algorithm (DSA) and
+ *          Elliptic Curve Digital Signature Algorithm (ECDSA)</em>.
+ *
+ * \warning         It is not thread-safe to use the same context in
+ *                  multiple threads.
+
+ *
+ * \deprecated      Superseded by mbedtls_ecdsa_write_signature() in 2.0.0
+ *
+ * \param ctx       The ECDSA context.
+ * \param hash      The Message hash.
+ * \param hlen      The length of the hash.
+ * \param sig       The buffer that holds the signature.
+ * \param slen      The length of the signature written.
+ * \param md_alg    The MD algorithm used to hash the message.
+ *
+ * \note            The \p sig buffer must be at least twice as large as the
+ *                  size of the curve used, plus 9. For example, 73 Bytes if a
+ *                  256-bit curve is used. A buffer length of
+ *                  #MBEDTLS_ECDSA_MAX_LEN is always safe.
+ *
+ * \note            If the bitlength of the message hash is larger than the
+ *                  bitlength of the group order, then the hash is truncated as
+ *                  defined in <em>Standards for Efficient Cryptography Group
+ *                  (SECG): SEC1 Elliptic Curve Cryptography</em>, section
+ *                  4.1.3, step 5.
+ *
+ * \return          \c 0 on success,
+ *                  or an \c MBEDTLS_ERR_ECP_XXX, \c MBEDTLS_ERR_MPI_XXX or
+ *                  \c MBEDTLS_ERR_ASN1_XXX error code on failure.
+ *
+ * \see             ecp.h
+ */
+int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx,
+                               const unsigned char *hash, size_t hlen,
+                               unsigned char *sig, size_t *slen,
+                               mbedtls_md_type_t md_alg ) MBEDTLS_DEPRECATED;
+#undef MBEDTLS_DEPRECATED
+#endif /* MBEDTLS_DEPRECATED_REMOVED */
+#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
+
+/**
+ * \brief           This function reads and verifies an ECDSA signature.
+ *
+ * \param ctx       The ECDSA context.
+ * \param hash      The message hash.
+ * \param hlen      The size of the hash.
+ * \param sig       The signature to read and verify.
+ * \param slen      The size of \p sig.
+ *
+ * \note            If the bitlength of the message hash is larger than the
+ *                  bitlength of the group order, then the hash is truncated as
+ *                  defined in <em>Standards for Efficient Cryptography Group
+ *                  (SECG): SEC1 Elliptic Curve Cryptography</em>, section
+ *                  4.1.4, step 3.
+ *
+ * \return          \c 0 on success,
+ *                  #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if signature is invalid,
+ *                  #MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH if the signature is
+ *                  valid but its actual length is less than \p siglen,
+ *                  or an \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_ERR_MPI_XXX
+ *                  error code on failure for any other reason.
+ *
+ * \see             ecp.h
+ */
+int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx,
+                          const unsigned char *hash, size_t hlen,
+                          const unsigned char *sig, size_t slen );
+
+/**
+ * \brief          This function generates an ECDSA keypair on the given curve.
+ *
+ * \param ctx      The ECDSA context to store the keypair in.
+ * \param gid      The elliptic curve to use. One of the various
+ *                 \c MBEDTLS_ECP_DP_XXX macros depending on configuration.
+ * \param f_rng    The RNG function.
+ * \param p_rng    The RNG parameter.
+ *
+ * \return         \c 0 on success, or an \c MBEDTLS_ERR_ECP_XXX code on
+ *                 failure.
+ *
+ * \see            ecp.h
+ */
+int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
+                  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+
+/**
+ * \brief           This function sets an ECDSA context from an EC key pair.
+ *
+ * \param ctx       The ECDSA context to set.
+ * \param key       The EC key to use.
+ *
+ * \return          \c 0 on success, or an \c MBEDTLS_ERR_ECP_XXX code on
+ *                  failure.
+ *
+ * \see             ecp.h
+ */
+int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key );
+
+/**
+ * \brief           This function initializes an ECDSA context.
+ *
+ * \param ctx       The ECDSA context to initialize.
+ */
+void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx );
+
+/**
+ * \brief           This function frees an ECDSA context.
+ *
+ * \param ctx       The ECDSA context to free.
+ */
+void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* ecdsa.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/ecjpake.h b/thirdparty/mbedtls/include/mbedtls/ecjpake.h
new file mode 100644
index 0000000000..d86e8207f1
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/ecjpake.h
@@ -0,0 +1,255 @@
+/**
+ * \file ecjpake.h
+ *
+ * \brief Elliptic curve J-PAKE
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_ECJPAKE_H
+#define MBEDTLS_ECJPAKE_H
+
+/*
+ * J-PAKE is a password-authenticated key exchange that allows deriving a
+ * strong shared secret from a (potentially low entropy) pre-shared
+ * passphrase, with forward secrecy and mutual authentication.
+ * https://en.wikipedia.org/wiki/Password_Authenticated_Key_Exchange_by_Juggling
+ *
+ * This file implements the Elliptic Curve variant of J-PAKE,
+ * as defined in Chapter 7.4 of the Thread v1.0 Specification,
+ * available to members of the Thread Group http://threadgroup.org/
+ *
+ * As the J-PAKE algorithm is inherently symmetric, so is our API.
+ * Each party needs to send its first round message, in any order, to the
+ * other party, then each sends its second round message, in any order.
+ * The payloads are serialized in a way suitable for use in TLS, but could
+ * also be use outside TLS.
+ */
+
+#include "ecp.h"
+#include "md.h"
+
+#if !defined(MBEDTLS_ECJPAKE_ALT)
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * Roles in the EC J-PAKE exchange
+ */
+typedef enum {
+    MBEDTLS_ECJPAKE_CLIENT = 0,         /**< Client                         */
+    MBEDTLS_ECJPAKE_SERVER,             /**< Server                         */
+} mbedtls_ecjpake_role;
+
+/**
+ * EC J-PAKE context structure.
+ *
+ * J-PAKE is a symmetric protocol, except for the identifiers used in
+ * Zero-Knowledge Proofs, and the serialization of the second message
+ * (KeyExchange) as defined by the Thread spec.
+ *
+ * In order to benefit from this symmetry, we choose a different naming
+ * convetion from the Thread v1.0 spec. Correspondance is indicated in the
+ * description as a pair C: client name, S: server name
+ */
+typedef struct
+{
+    const mbedtls_md_info_t *md_info;   /**< Hash to use                    */
+    mbedtls_ecp_group grp;              /**< Elliptic curve                 */
+    mbedtls_ecjpake_role role;          /**< Are we client or server?       */
+    int point_format;                   /**< Format for point export        */
+
+    mbedtls_ecp_point Xm1;              /**< My public key 1   C: X1, S: X3 */
+    mbedtls_ecp_point Xm2;              /**< My public key 2   C: X2, S: X4 */
+    mbedtls_ecp_point Xp1;              /**< Peer public key 1 C: X3, S: X1 */
+    mbedtls_ecp_point Xp2;              /**< Peer public key 2 C: X4, S: X2 */
+    mbedtls_ecp_point Xp;               /**< Peer public key   C: Xs, S: Xc */
+
+    mbedtls_mpi xm1;                    /**< My private key 1  C: x1, S: x3 */
+    mbedtls_mpi xm2;                    /**< My private key 2  C: x2, S: x4 */
+
+    mbedtls_mpi s;                      /**< Pre-shared secret (passphrase) */
+} mbedtls_ecjpake_context;
+
+/**
+ * \brief           Initialize a context
+ *                  (just makes it ready for setup() or free()).
+ *
+ * \param ctx       context to initialize
+ */
+void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx );
+
+/**
+ * \brief           Set up a context for use
+ *
+ * \note            Currently the only values for hash/curve allowed by the
+ *                  standard are MBEDTLS_MD_SHA256/MBEDTLS_ECP_DP_SECP256R1.
+ *
+ * \param ctx       context to set up
+ * \param role      Our role: client or server
+ * \param hash      hash function to use (MBEDTLS_MD_XXX)
+ * \param curve     elliptic curve identifier (MBEDTLS_ECP_DP_XXX)
+ * \param secret    pre-shared secret (passphrase)
+ * \param len       length of the shared secret
+ *
+ * \return          0 if successfull,
+ *                  a negative error code otherwise
+ */
+int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx,
+                           mbedtls_ecjpake_role role,
+                           mbedtls_md_type_t hash,
+                           mbedtls_ecp_group_id curve,
+                           const unsigned char *secret,
+                           size_t len );
+
+/**
+ * \brief           Check if a context is ready for use
+ *
+ * \param ctx       Context to check
+ *
+ * \return          0 if the context is ready for use,
+ *                  MBEDTLS_ERR_ECP_BAD_INPUT_DATA otherwise
+ */
+int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx );
+
+/**
+ * \brief           Generate and write the first round message
+ *                  (TLS: contents of the Client/ServerHello extension,
+ *                  excluding extension type and length bytes)
+ *
+ * \param ctx       Context to use
+ * \param buf       Buffer to write the contents to
+ * \param len       Buffer size
+ * \param olen      Will be updated with the number of bytes written
+ * \param f_rng     RNG function
+ * \param p_rng     RNG parameter
+ *
+ * \return          0 if successfull,
+ *                  a negative error code otherwise
+ */
+int mbedtls_ecjpake_write_round_one( mbedtls_ecjpake_context *ctx,
+                            unsigned char *buf, size_t len, size_t *olen,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng );
+
+/**
+ * \brief           Read and process the first round message
+ *                  (TLS: contents of the Client/ServerHello extension,
+ *                  excluding extension type and length bytes)
+ *
+ * \param ctx       Context to use
+ * \param buf       Pointer to extension contents
+ * \param len       Extension length
+ *
+ * \return          0 if successfull,
+ *                  a negative error code otherwise
+ */
+int mbedtls_ecjpake_read_round_one( mbedtls_ecjpake_context *ctx,
+                                    const unsigned char *buf,
+                                    size_t len );
+
+/**
+ * \brief           Generate and write the second round message
+ *                  (TLS: contents of the Client/ServerKeyExchange)
+ *
+ * \param ctx       Context to use
+ * \param buf       Buffer to write the contents to
+ * \param len       Buffer size
+ * \param olen      Will be updated with the number of bytes written
+ * \param f_rng     RNG function
+ * \param p_rng     RNG parameter
+ *
+ * \return          0 if successfull,
+ *                  a negative error code otherwise
+ */
+int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx,
+                            unsigned char *buf, size_t len, size_t *olen,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng );
+
+/**
+ * \brief           Read and process the second round message
+ *                  (TLS: contents of the Client/ServerKeyExchange)
+ *
+ * \param ctx       Context to use
+ * \param buf       Pointer to the message
+ * \param len       Message length
+ *
+ * \return          0 if successfull,
+ *                  a negative error code otherwise
+ */
+int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx,
+                                    const unsigned char *buf,
+                                    size_t len );
+
+/**
+ * \brief           Derive the shared secret
+ *                  (TLS: Pre-Master Secret)
+ *
+ * \param ctx       Context to use
+ * \param buf       Buffer to write the contents to
+ * \param len       Buffer size
+ * \param olen      Will be updated with the number of bytes written
+ * \param f_rng     RNG function
+ * \param p_rng     RNG parameter
+ *
+ * \return          0 if successfull,
+ *                  a negative error code otherwise
+ */
+int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx,
+                            unsigned char *buf, size_t len, size_t *olen,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng );
+
+/**
+ * \brief           Free a context's content
+ *
+ * \param ctx       context to free
+ */
+void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx );
+
+#ifdef __cplusplus
+}
+#endif
+
+#else  /* MBEDTLS_ECJPAKE_ALT */
+#include "ecjpake_alt.h"
+#endif /* MBEDTLS_ECJPAKE_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if a test failed
+ */
+int mbedtls_ecjpake_self_test( int verbose );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* ecjpake.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/ecp.h b/thirdparty/mbedtls/include/mbedtls/ecp.h
new file mode 100644
index 0000000000..b00ba4da87
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/ecp.h
@@ -0,0 +1,686 @@
+/**
+ * \file ecp.h
+ *
+ * \brief Elliptic curves over GF(p)
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_ECP_H
+#define MBEDTLS_ECP_H
+
+#include "bignum.h"
+
+/*
+ * ECP error codes
+ */
+#define MBEDTLS_ERR_ECP_BAD_INPUT_DATA                    -0x4F80  /**< Bad input parameters to function. */
+#define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL                  -0x4F00  /**< The buffer is too small to write to. */
+#define MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE               -0x4E80  /**< Requested curve not available. */
+#define MBEDTLS_ERR_ECP_VERIFY_FAILED                     -0x4E00  /**< The signature is not valid. */
+#define MBEDTLS_ERR_ECP_ALLOC_FAILED                      -0x4D80  /**< Memory allocation failed. */
+#define MBEDTLS_ERR_ECP_RANDOM_FAILED                     -0x4D00  /**< Generation of random value, such as (ephemeral) key, failed. */
+#define MBEDTLS_ERR_ECP_INVALID_KEY                       -0x4C80  /**< Invalid private or public key. */
+#define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH                  -0x4C00  /**< Signature is valid but shorter than the user-supplied length. */
+#define MBEDTLS_ERR_ECP_HW_ACCEL_FAILED                   -0x4B80  /**< ECP hardware accelerator failed. */
+
+#if !defined(MBEDTLS_ECP_ALT)
+/*
+ * default mbed TLS elliptic curve arithmetic implementation
+ *
+ * (in case MBEDTLS_ECP_ALT is defined then the developer has to provide an
+ * alternative implementation for the whole module and it will replace this
+ * one.)
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * Domain parameters (curve, subgroup and generator) identifiers.
+ *
+ * Only curves over prime fields are supported.
+ *
+ * \warning This library does not support validation of arbitrary domain
+ * parameters. Therefore, only well-known domain parameters from trusted
+ * sources should be used. See mbedtls_ecp_group_load().
+ */
+typedef enum
+{
+    MBEDTLS_ECP_DP_NONE = 0,
+    MBEDTLS_ECP_DP_SECP192R1,      /*!< 192-bits NIST curve  */
+    MBEDTLS_ECP_DP_SECP224R1,      /*!< 224-bits NIST curve  */
+    MBEDTLS_ECP_DP_SECP256R1,      /*!< 256-bits NIST curve  */
+    MBEDTLS_ECP_DP_SECP384R1,      /*!< 384-bits NIST curve  */
+    MBEDTLS_ECP_DP_SECP521R1,      /*!< 521-bits NIST curve  */
+    MBEDTLS_ECP_DP_BP256R1,        /*!< 256-bits Brainpool curve */
+    MBEDTLS_ECP_DP_BP384R1,        /*!< 384-bits Brainpool curve */
+    MBEDTLS_ECP_DP_BP512R1,        /*!< 512-bits Brainpool curve */
+    MBEDTLS_ECP_DP_CURVE25519,           /*!< Curve25519               */
+    MBEDTLS_ECP_DP_SECP192K1,      /*!< 192-bits "Koblitz" curve */
+    MBEDTLS_ECP_DP_SECP224K1,      /*!< 224-bits "Koblitz" curve */
+    MBEDTLS_ECP_DP_SECP256K1,      /*!< 256-bits "Koblitz" curve */
+} mbedtls_ecp_group_id;
+
+/**
+ * Number of supported curves (plus one for NONE).
+ *
+ * (Montgomery curves excluded for now.)
+ */
+#define MBEDTLS_ECP_DP_MAX     12
+
+/**
+ * Curve information for use by other modules
+ */
+typedef struct
+{
+    mbedtls_ecp_group_id grp_id;    /*!< Internal identifier        */
+    uint16_t tls_id;                /*!< TLS NamedCurve identifier  */
+    uint16_t bit_size;              /*!< Curve size in bits         */
+    const char *name;               /*!< Human-friendly name        */
+} mbedtls_ecp_curve_info;
+
+/**
+ * \brief           ECP point structure (jacobian coordinates)
+ *
+ * \note            All functions expect and return points satisfying
+ *                  the following condition: Z == 0 or Z == 1. (Other
+ *                  values of Z are used by internal functions only.)
+ *                  The point is zero, or "at infinity", if Z == 0.
+ *                  Otherwise, X and Y are its standard (affine) coordinates.
+ */
+typedef struct
+{
+    mbedtls_mpi X;          /*!<  the point's X coordinate  */
+    mbedtls_mpi Y;          /*!<  the point's Y coordinate  */
+    mbedtls_mpi Z;          /*!<  the point's Z coordinate  */
+}
+mbedtls_ecp_point;
+
+/**
+ * \brief           ECP group structure
+ *
+ * We consider two types of curves equations:
+ * 1. Short Weierstrass y^2 = x^3 + A x + B     mod P   (SEC1 + RFC 4492)
+ * 2. Montgomery,       y^2 = x^3 + A x^2 + x   mod P   (Curve25519 + draft)
+ * In both cases, a generator G for a prime-order subgroup is fixed. In the
+ * short weierstrass, this subgroup is actually the whole curve, and its
+ * cardinal is denoted by N.
+ *
+ * In the case of Short Weierstrass curves, our code requires that N is an odd
+ * prime. (Use odd in mbedtls_ecp_mul() and prime in mbedtls_ecdsa_sign() for blinding.)
+ *
+ * In the case of Montgomery curves, we don't store A but (A + 2) / 4 which is
+ * the quantity actually used in the formulas. Also, nbits is not the size of N
+ * but the required size for private keys.
+ *
+ * If modp is NULL, reduction modulo P is done using a generic algorithm.
+ * Otherwise, it must point to a function that takes an mbedtls_mpi in the range
+ * 0..2^(2*pbits)-1 and transforms it in-place in an integer of little more
+ * than pbits, so that the integer may be efficiently brought in the 0..P-1
+ * range by a few additions or substractions. It must return 0 on success and
+ * non-zero on failure.
+ */
+typedef struct
+{
+    mbedtls_ecp_group_id id;    /*!<  internal group identifier                     */
+    mbedtls_mpi P;              /*!<  prime modulus of the base field               */
+    mbedtls_mpi A;              /*!<  1. A in the equation, or 2. (A + 2) / 4       */
+    mbedtls_mpi B;              /*!<  1. B in the equation, or 2. unused            */
+    mbedtls_ecp_point G;        /*!<  generator of the (sub)group used              */
+    mbedtls_mpi N;              /*!<  1. the order of G, or 2. unused               */
+    size_t pbits;       /*!<  number of bits in P                           */
+    size_t nbits;       /*!<  number of bits in 1. P, or 2. private keys    */
+    unsigned int h;     /*!<  internal: 1 if the constants are static       */
+    int (*modp)(mbedtls_mpi *); /*!<  function for fast reduction mod P             */
+    int (*t_pre)(mbedtls_ecp_point *, void *);  /*!< unused                         */
+    int (*t_post)(mbedtls_ecp_point *, void *); /*!< unused                         */
+    void *t_data;                       /*!< unused                         */
+    mbedtls_ecp_point *T;       /*!<  pre-computed points for ecp_mul_comb()        */
+    size_t T_size;      /*!<  number for pre-computed points                */
+}
+mbedtls_ecp_group;
+
+/**
+ * \brief           ECP key pair structure
+ *
+ * A generic key pair that could be used for ECDSA, fixed ECDH, etc.
+ *
+ * \note Members purposefully in the same order as struc mbedtls_ecdsa_context.
+ */
+typedef struct
+{
+    mbedtls_ecp_group grp;      /*!<  Elliptic curve and base point     */
+    mbedtls_mpi d;              /*!<  our secret value                  */
+    mbedtls_ecp_point Q;        /*!<  our public value                  */
+}
+mbedtls_ecp_keypair;
+
+/**
+ * \name SECTION: Module settings
+ *
+ * The configuration options you can set for this module are in this section.
+ * Either change them in config.h or define them on the compiler command line.
+ * \{
+ */
+
+#if !defined(MBEDTLS_ECP_MAX_BITS)
+/**
+ * Maximum size of the groups (that is, of N and P)
+ */
+#define MBEDTLS_ECP_MAX_BITS     521   /**< Maximum bit size of groups */
+#endif
+
+#define MBEDTLS_ECP_MAX_BYTES    ( ( MBEDTLS_ECP_MAX_BITS + 7 ) / 8 )
+#define MBEDTLS_ECP_MAX_PT_LEN   ( 2 * MBEDTLS_ECP_MAX_BYTES + 1 )
+
+#if !defined(MBEDTLS_ECP_WINDOW_SIZE)
+/*
+ * Maximum "window" size used for point multiplication.
+ * Default: 6.
+ * Minimum value: 2. Maximum value: 7.
+ *
+ * Result is an array of at most ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) )
+ * points used for point multiplication. This value is directly tied to EC
+ * peak memory usage, so decreasing it by one should roughly cut memory usage
+ * by two (if large curves are in use).
+ *
+ * Reduction in size may reduce speed, but larger curves are impacted first.
+ * Sample performances (in ECDHE handshakes/s, with FIXED_POINT_OPTIM = 1):
+ *      w-size:     6       5       4       3       2
+ *      521       145     141     135     120      97
+ *      384       214     209     198     177     146
+ *      256       320     320     303     262     226
+
+ *      224       475     475     453     398     342
+ *      192       640     640     633     587     476
+ */
+#define MBEDTLS_ECP_WINDOW_SIZE    6   /**< Maximum window size used */
+#endif /* MBEDTLS_ECP_WINDOW_SIZE */
+
+#if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM)
+/*
+ * Trade memory for speed on fixed-point multiplication.
+ *
+ * This speeds up repeated multiplication of the generator (that is, the
+ * multiplication in ECDSA signatures, and half of the multiplications in
+ * ECDSA verification and ECDHE) by a factor roughly 3 to 4.
+ *
+ * The cost is increasing EC peak memory usage by a factor roughly 2.
+ *
+ * Change this value to 0 to reduce peak memory usage.
+ */
+#define MBEDTLS_ECP_FIXED_POINT_OPTIM  1   /**< Enable fixed-point speed-up */
+#endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */
+
+/* \} name SECTION: Module settings */
+
+/*
+ * Point formats, from RFC 4492's enum ECPointFormat
+ */
+#define MBEDTLS_ECP_PF_UNCOMPRESSED    0   /**< Uncompressed point format */
+#define MBEDTLS_ECP_PF_COMPRESSED      1   /**< Compressed point format */
+
+/*
+ * Some other constants from RFC 4492
+ */
+#define MBEDTLS_ECP_TLS_NAMED_CURVE    3   /**< ECCurveType's named_curve */
+
+/**
+ * \brief           Get the list of supported curves in order of preferrence
+ *                  (full information)
+ *
+ * \return          A statically allocated array, the last entry is 0.
+ */
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void );
+
+/**
+ * \brief           Get the list of supported curves in order of preferrence
+ *                  (grp_id only)
+ *
+ * \return          A statically allocated array,
+ *                  terminated with MBEDTLS_ECP_DP_NONE.
+ */
+const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void );
+
+/**
+ * \brief           Get curve information from an internal group identifier
+ *
+ * \param grp_id    A MBEDTLS_ECP_DP_XXX value
+ *
+ * \return          The associated curve information or NULL
+ */
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id( mbedtls_ecp_group_id grp_id );
+
+/**
+ * \brief           Get curve information from a TLS NamedCurve value
+ *
+ * \param tls_id    A MBEDTLS_ECP_DP_XXX value
+ *
+ * \return          The associated curve information or NULL
+ */
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id( uint16_t tls_id );
+
+/**
+ * \brief           Get curve information from a human-readable name
+ *
+ * \param name      The name
+ *
+ * \return          The associated curve information or NULL
+ */
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name( const char *name );
+
+/**
+ * \brief           Initialize a point (as zero)
+ */
+void mbedtls_ecp_point_init( mbedtls_ecp_point *pt );
+
+/**
+ * \brief           Initialize a group (to something meaningless)
+ */
+void mbedtls_ecp_group_init( mbedtls_ecp_group *grp );
+
+/**
+ * \brief           Initialize a key pair (as an invalid one)
+ */
+void mbedtls_ecp_keypair_init( mbedtls_ecp_keypair *key );
+
+/**
+ * \brief           Free the components of a point
+ */
+void mbedtls_ecp_point_free( mbedtls_ecp_point *pt );
+
+/**
+ * \brief           Free the components of an ECP group
+ */
+void mbedtls_ecp_group_free( mbedtls_ecp_group *grp );
+
+/**
+ * \brief           Free the components of a key pair
+ */
+void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key );
+
+/**
+ * \brief           Copy the contents of point Q into P
+ *
+ * \param P         Destination point
+ * \param Q         Source point
+ *
+ * \return          0 if successful,
+ *                  MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
+ */
+int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q );
+
+/**
+ * \brief           Copy the contents of a group object
+ *
+ * \param dst       Destination group
+ * \param src       Source group
+ *
+ * \return          0 if successful,
+ *                  MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
+ */
+int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst, const mbedtls_ecp_group *src );
+
+/**
+ * \brief           Set a point to zero
+ *
+ * \param pt        Destination point
+ *
+ * \return          0 if successful,
+ *                  MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
+ */
+int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt );
+
+/**
+ * \brief           Tell if a point is zero
+ *
+ * \param pt        Point to test
+ *
+ * \return          1 if point is zero, 0 otherwise
+ */
+int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt );
+
+/**
+ * \brief           Compare two points
+ *
+ * \note            This assumes the points are normalized. Otherwise,
+ *                  they may compare as "not equal" even if they are.
+ *
+ * \param P         First point to compare
+ * \param Q         Second point to compare
+ *
+ * \return          0 if the points are equal,
+ *                  MBEDTLS_ERR_ECP_BAD_INPUT_DATA otherwise
+ */
+int mbedtls_ecp_point_cmp( const mbedtls_ecp_point *P,
+                           const mbedtls_ecp_point *Q );
+
+/**
+ * \brief           Import a non-zero point from two ASCII strings
+ *
+ * \param P         Destination point
+ * \param radix     Input numeric base
+ * \param x         First affine coordinate as a null-terminated string
+ * \param y         Second affine coordinate as a null-terminated string
+ *
+ * \return          0 if successful, or a MBEDTLS_ERR_MPI_XXX error code
+ */
+int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix,
+                           const char *x, const char *y );
+
+/**
+ * \brief           Export a point into unsigned binary data
+ *
+ * \param grp       Group to which the point should belong
+ * \param P         Point to export
+ * \param format    Point format, should be a MBEDTLS_ECP_PF_XXX macro
+ * \param olen      Length of the actual output
+ * \param buf       Output buffer
+ * \param buflen    Length of the output buffer
+ *
+ * \return          0 if successful,
+ *                  or MBEDTLS_ERR_ECP_BAD_INPUT_DATA
+ *                  or MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL
+ */
+int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *P,
+                            int format, size_t *olen,
+                            unsigned char *buf, size_t buflen );
+
+/**
+ * \brief           Import a point from unsigned binary data
+ *
+ * \param grp       Group to which the point should belong
+ * \param P         Point to import
+ * \param buf       Input buffer
+ * \param ilen      Actual length of input
+ *
+ * \return          0 if successful,
+ *                  MBEDTLS_ERR_ECP_BAD_INPUT_DATA if input is invalid,
+ *                  MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed,
+ *                  MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the point format
+ *                  is not implemented.
+ *
+ * \note            This function does NOT check that the point actually
+ *                  belongs to the given group, see mbedtls_ecp_check_pubkey() for
+ *                  that.
+ */
+int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P,
+                           const unsigned char *buf, size_t ilen );
+
+/**
+ * \brief           Import a point from a TLS ECPoint record
+ *
+ * \param grp       ECP group used
+ * \param pt        Destination point
+ * \param buf       $(Start of input buffer)
+ * \param len       Buffer length
+ *
+ * \note            buf is updated to point right after the ECPoint on exit
+ *
+ * \return          0 if successful,
+ *                  MBEDTLS_ERR_MPI_XXX if initialization failed
+ *                  MBEDTLS_ERR_ECP_BAD_INPUT_DATA if input is invalid
+ */
+int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt,
+                        const unsigned char **buf, size_t len );
+
+/**
+ * \brief           Export a point as a TLS ECPoint record
+ *
+ * \param grp       ECP group used
+ * \param pt        Point to export
+ * \param format    Export format
+ * \param olen      length of data written
+ * \param buf       Buffer to write to
+ * \param blen      Buffer length
+ *
+ * \return          0 if successful,
+ *                  or MBEDTLS_ERR_ECP_BAD_INPUT_DATA
+ *                  or MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL
+ */
+int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt,
+                         int format, size_t *olen,
+                         unsigned char *buf, size_t blen );
+
+/**
+ * \brief           Set a group using well-known domain parameters
+ *
+ * \param grp       Destination group
+ * \param id        Index in the list of well-known domain parameters
+ *
+ * \return          0 if successful,
+ *                  MBEDTLS_ERR_MPI_XXX if initialization failed
+ *                  MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE for unkownn groups
+ *
+ * \note            Index should be a value of RFC 4492's enum NamedCurve,
+ *                  usually in the form of a MBEDTLS_ECP_DP_XXX macro.
+ */
+int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id );
+
+/**
+ * \brief           Set a group from a TLS ECParameters record
+ *
+ * \param grp       Destination group
+ * \param buf       &(Start of input buffer)
+ * \param len       Buffer length
+ *
+ * \note            buf is updated to point right after ECParameters on exit
+ *
+ * \return          0 if successful,
+ *                  MBEDTLS_ERR_MPI_XXX if initialization failed
+ *                  MBEDTLS_ERR_ECP_BAD_INPUT_DATA if input is invalid
+ */
+int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp, const unsigned char **buf, size_t len );
+
+/**
+ * \brief           Write the TLS ECParameters record for a group
+ *
+ * \param grp       ECP group used
+ * \param olen      Number of bytes actually written
+ * \param buf       Buffer to write to
+ * \param blen      Buffer length
+ *
+ * \return          0 if successful,
+ *                  or MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL
+ */
+int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen,
+                         unsigned char *buf, size_t blen );
+
+/**
+ * \brief           Multiplication by an integer: R = m * P
+ *                  (Not thread-safe to use same group in multiple threads)
+ *
+ * \note            In order to prevent timing attacks, this function
+ *                  executes the exact same sequence of (base field)
+ *                  operations for any valid m. It avoids any if-branch or
+ *                  array index depending on the value of m.
+ *
+ * \note            If f_rng is not NULL, it is used to randomize intermediate
+ *                  results in order to prevent potential timing attacks
+ *                  targeting these results. It is recommended to always
+ *                  provide a non-NULL f_rng (the overhead is negligible).
+ *
+ * \param grp       ECP group
+ * \param R         Destination point
+ * \param m         Integer by which to multiply
+ * \param P         Point to multiply
+ * \param f_rng     RNG function (see notes)
+ * \param p_rng     RNG parameter
+ *
+ * \return          0 if successful,
+ *                  MBEDTLS_ERR_ECP_INVALID_KEY if m is not a valid privkey
+ *                  or P is not a valid pubkey,
+ *                  MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
+ */
+int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+             const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+
+/**
+ * \brief           Multiplication and addition of two points by integers:
+ *                  R = m * P + n * Q
+ *                  (Not thread-safe to use same group in multiple threads)
+ *
+ * \note            In contrast to mbedtls_ecp_mul(), this function does not guarantee
+ *                  a constant execution flow and timing.
+ *
+ * \param grp       ECP group
+ * \param R         Destination point
+ * \param m         Integer by which to multiply P
+ * \param P         Point to multiply by m
+ * \param n         Integer by which to multiply Q
+ * \param Q         Point to be multiplied by n
+ *
+ * \return          0 if successful,
+ *                  MBEDTLS_ERR_ECP_INVALID_KEY if m or n is not a valid privkey
+ *                  or P or Q is not a valid pubkey,
+ *                  MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
+ */
+int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+             const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+             const mbedtls_mpi *n, const mbedtls_ecp_point *Q );
+
+/**
+ * \brief           Check that a point is a valid public key on this curve
+ *
+ * \param grp       Curve/group the point should belong to
+ * \param pt        Point to check
+ *
+ * \return          0 if point is a valid public key,
+ *                  MBEDTLS_ERR_ECP_INVALID_KEY otherwise.
+ *
+ * \note            This function only checks the point is non-zero, has valid
+ *                  coordinates and lies on the curve, but not that it is
+ *                  indeed a multiple of G. This is additional check is more
+ *                  expensive, isn't required by standards, and shouldn't be
+ *                  necessary if the group used has a small cofactor. In
+ *                  particular, it is useless for the NIST groups which all
+ *                  have a cofactor of 1.
+ *
+ * \note            Uses bare components rather than an mbedtls_ecp_keypair structure
+ *                  in order to ease use with other structures such as
+ *                  mbedtls_ecdh_context of mbedtls_ecdsa_context.
+ */
+int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt );
+
+/**
+ * \brief           Check that an mbedtls_mpi is a valid private key for this curve
+ *
+ * \param grp       Group used
+ * \param d         Integer to check
+ *
+ * \return          0 if point is a valid private key,
+ *                  MBEDTLS_ERR_ECP_INVALID_KEY otherwise.
+ *
+ * \note            Uses bare components rather than an mbedtls_ecp_keypair structure
+ *                  in order to ease use with other structures such as
+ *                  mbedtls_ecdh_context of mbedtls_ecdsa_context.
+ */
+int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, const mbedtls_mpi *d );
+
+/**
+ * \brief           Generate a keypair with configurable base point
+ *
+ * \param grp       ECP group
+ * \param G         Chosen base point
+ * \param d         Destination MPI (secret part)
+ * \param Q         Destination point (public part)
+ * \param f_rng     RNG function
+ * \param p_rng     RNG parameter
+ *
+ * \return          0 if successful,
+ *                  or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
+ *
+ * \note            Uses bare components rather than an mbedtls_ecp_keypair structure
+ *                  in order to ease use with other structures such as
+ *                  mbedtls_ecdh_context of mbedtls_ecdsa_context.
+ */
+int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp,
+                     const mbedtls_ecp_point *G,
+                     mbedtls_mpi *d, mbedtls_ecp_point *Q,
+                     int (*f_rng)(void *, unsigned char *, size_t),
+                     void *p_rng );
+
+/**
+ * \brief           Generate a keypair
+ *
+ * \param grp       ECP group
+ * \param d         Destination MPI (secret part)
+ * \param Q         Destination point (public part)
+ * \param f_rng     RNG function
+ * \param p_rng     RNG parameter
+ *
+ * \return          0 if successful,
+ *                  or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
+ *
+ * \note            Uses bare components rather than an mbedtls_ecp_keypair structure
+ *                  in order to ease use with other structures such as
+ *                  mbedtls_ecdh_context of mbedtls_ecdsa_context.
+ */
+int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
+                     int (*f_rng)(void *, unsigned char *, size_t),
+                     void *p_rng );
+
+/**
+ * \brief           Generate a keypair
+ *
+ * \param grp_id    ECP group identifier
+ * \param key       Destination keypair
+ * \param f_rng     RNG function
+ * \param p_rng     RNG parameter
+ *
+ * \return          0 if successful,
+ *                  or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
+ */
+int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
+                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+
+/**
+ * \brief           Check a public-private key pair
+ *
+ * \param pub       Keypair structure holding a public key
+ * \param prv       Keypair structure holding a private (plus public) key
+ *
+ * \return          0 if successful (keys are valid and match), or
+ *                  MBEDTLS_ERR_ECP_BAD_INPUT_DATA, or
+ *                  a MBEDTLS_ERR_ECP_XXX or MBEDTLS_ERR_MPI_XXX code.
+ */
+int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv );
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if a test failed
+ */
+int mbedtls_ecp_self_test( int verbose );
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#ifdef __cplusplus
+}
+#endif
+
+#else  /* MBEDTLS_ECP_ALT */
+#include "ecp_alt.h"
+#endif /* MBEDTLS_ECP_ALT */
+
+#endif /* ecp.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/ecp_internal.h b/thirdparty/mbedtls/include/mbedtls/ecp_internal.h
new file mode 100644
index 0000000000..8a6d517ed0
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/ecp_internal.h
@@ -0,0 +1,293 @@
+/**
+ * \file ecp_internal.h
+ *
+ * \brief Function declarations for alternative implementation of elliptic curve
+ * point arithmetic.
+ */
+/*
+ *  Copyright (C) 2016, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/*
+ * References:
+ *
+ * [1] BERNSTEIN, Daniel J. Curve25519: new Diffie-Hellman speed records.
+ *     <http://cr.yp.to/ecdh/curve25519-20060209.pdf>
+ *
+ * [2] CORON, Jean-S'ebastien. Resistance against differential power analysis
+ *     for elliptic curve cryptosystems. In : Cryptographic Hardware and
+ *     Embedded Systems. Springer Berlin Heidelberg, 1999. p. 292-302.
+ *     <http://link.springer.com/chapter/10.1007/3-540-48059-5_25>
+ *
+ * [3] HEDABOU, Mustapha, PINEL, Pierre, et B'EN'ETEAU, Lucien. A comb method to
+ *     render ECC resistant against Side Channel Attacks. IACR Cryptology
+ *     ePrint Archive, 2004, vol. 2004, p. 342.
+ *     <http://eprint.iacr.org/2004/342.pdf>
+ *
+ * [4] Certicom Research. SEC 2: Recommended Elliptic Curve Domain Parameters.
+ *     <http://www.secg.org/sec2-v2.pdf>
+ *
+ * [5] HANKERSON, Darrel, MENEZES, Alfred J., VANSTONE, Scott. Guide to Elliptic
+ *     Curve Cryptography.
+ *
+ * [6] Digital Signature Standard (DSS), FIPS 186-4.
+ *     <http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf>
+ *
+ * [7] Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer 
+ *     Security (TLS), RFC 4492.
+ *     <https://tools.ietf.org/search/rfc4492>
+ *
+ * [8] <http://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian.html>
+ *
+ * [9] COHEN, Henri. A Course in Computational Algebraic Number Theory.
+ *     Springer Science & Business Media, 1 Aug 2000
+ */
+
+#ifndef MBEDTLS_ECP_INTERNAL_H
+#define MBEDTLS_ECP_INTERNAL_H
+
+#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+
+/**
+ * \brief           Indicate if the Elliptic Curve Point module extension can
+ *                  handle the group.
+ *
+ * \param grp       The pointer to the elliptic curve group that will be the
+ *                  basis of the cryptographic computations.
+ *
+ * \return          Non-zero if successful.
+ */
+unsigned char mbedtls_internal_ecp_grp_capable( const mbedtls_ecp_group *grp );
+
+/**
+ * \brief           Initialise the Elliptic Curve Point module extension.
+ *
+ *                  If mbedtls_internal_ecp_grp_capable returns true for a
+ *                  group, this function has to be able to initialise the
+ *                  module for it.
+ *
+ *                  This module can be a driver to a crypto hardware
+ *                  accelerator, for which this could be an initialise function.
+ *
+ * \param grp       The pointer to the group the module needs to be
+ *                  initialised for.
+ *
+ * \return          0 if successful.
+ */
+int mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp );
+
+/**
+ * \brief           Frees and deallocates the Elliptic Curve Point module
+ *                  extension.
+ *
+ * \param grp       The pointer to the group the module was initialised for.
+ */
+void mbedtls_internal_ecp_free( const mbedtls_ecp_group *grp );
+
+#if defined(ECP_SHORTWEIERSTRASS)
+
+#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT)
+/**
+ * \brief           Randomize jacobian coordinates:
+ *                  (X, Y, Z) -> (l^2 X, l^3 Y, l Z) for random l.
+ *
+ * \param grp       Pointer to the group representing the curve.
+ *
+ * \param pt        The point on the curve to be randomised, given with Jacobian
+ *                  coordinates.
+ *
+ * \param f_rng     A function pointer to the random number generator.
+ *
+ * \param p_rng     A pointer to the random number generator state.
+ *
+ * \return          0 if successful.
+ */
+int mbedtls_internal_ecp_randomize_jac( const mbedtls_ecp_group *grp,
+        mbedtls_ecp_point *pt, int (*f_rng)(void *, unsigned char *, size_t),
+        void *p_rng );
+#endif
+
+#if defined(MBEDTLS_ECP_ADD_MIXED_ALT)
+/**
+ * \brief           Addition: R = P + Q, mixed affine-Jacobian coordinates.
+ *
+ *                  The coordinates of Q must be normalized (= affine),
+ *                  but those of P don't need to. R is not normalized.
+ *
+ *                  This function is used only as a subrutine of
+ *                  ecp_mul_comb().
+ *
+ *                  Special cases: (1) P or Q is zero, (2) R is zero,
+ *                      (3) P == Q.
+ *                  None of these cases can happen as intermediate step in
+ *                  ecp_mul_comb():
+ *                      - at each step, P, Q and R are multiples of the base
+ *                      point, the factor being less than its order, so none of
+ *                      them is zero;
+ *                      - Q is an odd multiple of the base point, P an even
+ *                      multiple, due to the choice of precomputed points in the
+ *                      modified comb method.
+ *                  So branches for these cases do not leak secret information.
+ *
+ *                  We accept Q->Z being unset (saving memory in tables) as
+ *                  meaning 1.
+ *
+ *                  Cost in field operations if done by [5] 3.22:
+ *                      1A := 8M + 3S
+ *
+ * \param grp       Pointer to the group representing the curve.
+ *
+ * \param R         Pointer to a point structure to hold the result.
+ *
+ * \param P         Pointer to the first summand, given with Jacobian
+ *                  coordinates
+ *
+ * \param Q         Pointer to the second summand, given with affine
+ *                  coordinates.
+ *
+ * \return          0 if successful.
+ */
+int mbedtls_internal_ecp_add_mixed( const mbedtls_ecp_group *grp,
+        mbedtls_ecp_point *R, const mbedtls_ecp_point *P,
+        const mbedtls_ecp_point *Q );
+#endif
+
+/**
+ * \brief           Point doubling R = 2 P, Jacobian coordinates.
+ *
+ *                  Cost:   1D := 3M + 4S    (A ==  0)
+ *                          4M + 4S          (A == -3)
+ *                          3M + 6S + 1a     otherwise
+ *                  when the implementation is based on the "dbl-1998-cmo-2"
+ *                  doubling formulas in [8] and standard optimizations are
+ *                  applied when curve parameter A is one of { 0, -3 }.
+ *
+ * \param grp       Pointer to the group representing the curve.
+ *
+ * \param R         Pointer to a point structure to hold the result.
+ *
+ * \param P         Pointer to the point that has to be doubled, given with
+ *                  Jacobian coordinates.
+ *
+ * \return          0 if successful.
+ */
+#if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT)
+int mbedtls_internal_ecp_double_jac( const mbedtls_ecp_group *grp,
+        mbedtls_ecp_point *R, const mbedtls_ecp_point *P );
+#endif
+
+/**
+ * \brief           Normalize jacobian coordinates of an array of (pointers to)
+ *                  points.
+ *
+ *                  Using Montgomery's trick to perform only one inversion mod P
+ *                  the cost is:
+ *                      1N(t) := 1I + (6t - 3)M + 1S
+ *                  (See for example Algorithm 10.3.4. in [9])
+ *
+ *                  This function is used only as a subrutine of
+ *                  ecp_mul_comb().
+ *
+ *                  Warning: fails (returning an error) if one of the points is
+ *                  zero!
+ *                  This should never happen, see choice of w in ecp_mul_comb().
+ *
+ * \param grp       Pointer to the group representing the curve.
+ *
+ * \param T         Array of pointers to the points to normalise.
+ *
+ * \param t_len     Number of elements in the array.
+ *
+ * \return          0 if successful,
+ *                      an error if one of the points is zero.
+ */
+#if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT)
+int mbedtls_internal_ecp_normalize_jac_many( const mbedtls_ecp_group *grp,
+        mbedtls_ecp_point *T[], size_t t_len );
+#endif
+
+/**
+ * \brief           Normalize jacobian coordinates so that Z == 0 || Z == 1.
+ *
+ *                  Cost in field operations if done by [5] 3.2.1:
+ *                      1N := 1I + 3M + 1S
+ *
+ * \param grp       Pointer to the group representing the curve.
+ *
+ * \param pt        pointer to the point to be normalised. This is an
+ *                  input/output parameter.
+ *
+ * \return          0 if successful.
+ */
+#if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT)
+int mbedtls_internal_ecp_normalize_jac( const mbedtls_ecp_group *grp,
+        mbedtls_ecp_point *pt );
+#endif
+
+#endif /* ECP_SHORTWEIERSTRASS */
+
+#if defined(ECP_MONTGOMERY)
+
+#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT)
+int mbedtls_internal_ecp_double_add_mxz( const mbedtls_ecp_group *grp,
+        mbedtls_ecp_point *R, mbedtls_ecp_point *S, const mbedtls_ecp_point *P,
+        const mbedtls_ecp_point *Q, const mbedtls_mpi *d );
+#endif
+
+/**
+ * \brief           Randomize projective x/z coordinates:
+ *                      (X, Z) -> (l X, l Z) for random l
+ *
+ * \param grp       pointer to the group representing the curve
+ *
+ * \param P         the point on the curve to be randomised given with
+ *                  projective coordinates. This is an input/output parameter.
+ *
+ * \param f_rng     a function pointer to the random number generator
+ *
+ * \param p_rng     a pointer to the random number generator state
+ *
+ * \return          0 if successful
+ */
+#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT)
+int mbedtls_internal_ecp_randomize_mxz( const mbedtls_ecp_group *grp,
+        mbedtls_ecp_point *P, int (*f_rng)(void *, unsigned char *, size_t),
+        void *p_rng );
+#endif
+
+/**
+ * \brief           Normalize Montgomery x/z coordinates: X = X/Z, Z = 1.
+ *
+ * \param grp       pointer to the group representing the curve
+ *
+ * \param P         pointer to the point to be normalised. This is an
+ *                  input/output parameter.
+ *
+ * \return          0 if successful
+ */
+#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT)
+int mbedtls_internal_ecp_normalize_mxz( const mbedtls_ecp_group *grp,
+        mbedtls_ecp_point *P );
+#endif
+
+#endif /* ECP_MONTGOMERY */
+
+#endif /* MBEDTLS_ECP_INTERNAL_ALT */
+
+#endif /* ecp_internal.h */
+
diff --git a/thirdparty/mbedtls/include/mbedtls/entropy.h b/thirdparty/mbedtls/include/mbedtls/entropy.h
new file mode 100644
index 0000000000..fcb4d02557
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/entropy.h
@@ -0,0 +1,289 @@
+/**
+ * \file entropy.h
+ *
+ * \brief Entropy accumulator implementation
+ */
+/*
+ *  Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_ENTROPY_H
+#define MBEDTLS_ENTROPY_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+
+#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256)
+#include "sha512.h"
+#define MBEDTLS_ENTROPY_SHA512_ACCUMULATOR
+#else
+#if defined(MBEDTLS_SHA256_C)
+#define MBEDTLS_ENTROPY_SHA256_ACCUMULATOR
+#include "sha256.h"
+#endif
+#endif
+
+#if defined(MBEDTLS_THREADING_C)
+#include "threading.h"
+#endif
+
+#if defined(MBEDTLS_HAVEGE_C)
+#include "havege.h"
+#endif
+
+#define MBEDTLS_ERR_ENTROPY_SOURCE_FAILED                 -0x003C  /**< Critical entropy source failure. */
+#define MBEDTLS_ERR_ENTROPY_MAX_SOURCES                   -0x003E  /**< No more sources can be added. */
+#define MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED            -0x0040  /**< No sources have been added to poll. */
+#define MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE              -0x003D  /**< No strong sources have been added to poll. */
+#define MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR                 -0x003F  /**< Read/write error in file. */
+
+/**
+ * \name SECTION: Module settings
+ *
+ * The configuration options you can set for this module are in this section.
+ * Either change them in config.h or define them on the compiler command line.
+ * \{
+ */
+
+#if !defined(MBEDTLS_ENTROPY_MAX_SOURCES)
+#define MBEDTLS_ENTROPY_MAX_SOURCES     20      /**< Maximum number of sources supported */
+#endif
+
+#if !defined(MBEDTLS_ENTROPY_MAX_GATHER)
+#define MBEDTLS_ENTROPY_MAX_GATHER      128     /**< Maximum amount requested from entropy sources */
+#endif
+
+/* \} name SECTION: Module settings */
+
+#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
+#define MBEDTLS_ENTROPY_BLOCK_SIZE      64      /**< Block size of entropy accumulator (SHA-512) */
+#else
+#define MBEDTLS_ENTROPY_BLOCK_SIZE      32      /**< Block size of entropy accumulator (SHA-256) */
+#endif
+
+#define MBEDTLS_ENTROPY_MAX_SEED_SIZE   1024    /**< Maximum size of seed we read from seed file */
+#define MBEDTLS_ENTROPY_SOURCE_MANUAL   MBEDTLS_ENTROPY_MAX_SOURCES
+
+#define MBEDTLS_ENTROPY_SOURCE_STRONG   1       /**< Entropy source is strong   */
+#define MBEDTLS_ENTROPY_SOURCE_WEAK     0       /**< Entropy source is weak     */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief           Entropy poll callback pointer
+ *
+ * \param data      Callback-specific data pointer
+ * \param output    Data to fill
+ * \param len       Maximum size to provide
+ * \param olen      The actual amount of bytes put into the buffer (Can be 0)
+ *
+ * \return          0 if no critical failures occurred,
+ *                  MBEDTLS_ERR_ENTROPY_SOURCE_FAILED otherwise
+ */
+typedef int (*mbedtls_entropy_f_source_ptr)(void *data, unsigned char *output, size_t len,
+                            size_t *olen);
+
+/**
+ * \brief           Entropy source state
+ */
+typedef struct
+{
+    mbedtls_entropy_f_source_ptr    f_source;   /**< The entropy source callback */
+    void *          p_source;   /**< The callback data pointer */
+    size_t          size;       /**< Amount received in bytes */
+    size_t          threshold;  /**< Minimum bytes required before release */
+    int             strong;     /**< Is the source strong? */
+}
+mbedtls_entropy_source_state;
+
+/**
+ * \brief           Entropy context structure
+ */
+typedef struct
+{
+    int accumulator_started;
+#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
+    mbedtls_sha512_context  accumulator;
+#else
+    mbedtls_sha256_context  accumulator;
+#endif
+    int             source_count;
+    mbedtls_entropy_source_state    source[MBEDTLS_ENTROPY_MAX_SOURCES];
+#if defined(MBEDTLS_HAVEGE_C)
+    mbedtls_havege_state    havege_data;
+#endif
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_threading_mutex_t mutex;    /*!< mutex                  */
+#endif
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+    int initial_entropy_run;
+#endif
+}
+mbedtls_entropy_context;
+
+/**
+ * \brief           Initialize the context
+ *
+ * \param ctx       Entropy context to initialize
+ */
+void mbedtls_entropy_init( mbedtls_entropy_context *ctx );
+
+/**
+ * \brief           Free the data in the context
+ *
+ * \param ctx       Entropy context to free
+ */
+void mbedtls_entropy_free( mbedtls_entropy_context *ctx );
+
+/**
+ * \brief           Adds an entropy source to poll
+ *                  (Thread-safe if MBEDTLS_THREADING_C is enabled)
+ *
+ * \param ctx       Entropy context
+ * \param f_source  Entropy function
+ * \param p_source  Function data
+ * \param threshold Minimum required from source before entropy is released
+ *                  ( with mbedtls_entropy_func() ) (in bytes)
+ * \param strong    MBEDTLS_ENTROPY_SOURCE_STRONG or
+ *                  MBEDTSL_ENTROPY_SOURCE_WEAK.
+ *                  At least one strong source needs to be added.
+ *                  Weaker sources (such as the cycle counter) can be used as
+ *                  a complement.
+ *
+ * \return          0 if successful or MBEDTLS_ERR_ENTROPY_MAX_SOURCES
+ */
+int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx,
+                        mbedtls_entropy_f_source_ptr f_source, void *p_source,
+                        size_t threshold, int strong );
+
+/**
+ * \brief           Trigger an extra gather poll for the accumulator
+ *                  (Thread-safe if MBEDTLS_THREADING_C is enabled)
+ *
+ * \param ctx       Entropy context
+ *
+ * \return          0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
+ */
+int mbedtls_entropy_gather( mbedtls_entropy_context *ctx );
+
+/**
+ * \brief           Retrieve entropy from the accumulator
+ *                  (Maximum length: MBEDTLS_ENTROPY_BLOCK_SIZE)
+ *                  (Thread-safe if MBEDTLS_THREADING_C is enabled)
+ *
+ * \param data      Entropy context
+ * \param output    Buffer to fill
+ * \param len       Number of bytes desired, must be at most MBEDTLS_ENTROPY_BLOCK_SIZE
+ *
+ * \return          0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
+ */
+int mbedtls_entropy_func( void *data, unsigned char *output, size_t len );
+
+/**
+ * \brief           Add data to the accumulator manually
+ *                  (Thread-safe if MBEDTLS_THREADING_C is enabled)
+ *
+ * \param ctx       Entropy context
+ * \param data      Data to add
+ * \param len       Length of data
+ *
+ * \return          0 if successful
+ */
+int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx,
+                           const unsigned char *data, size_t len );
+
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+/**
+ * \brief           Trigger an update of the seed file in NV by using the
+ *                  current entropy pool.
+ *
+ * \param ctx       Entropy context
+ *
+ * \return          0 if successful
+ */
+int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx );
+#endif /* MBEDTLS_ENTROPY_NV_SEED */
+
+#if defined(MBEDTLS_FS_IO)
+/**
+ * \brief               Write a seed file
+ *
+ * \param ctx           Entropy context
+ * \param path          Name of the file
+ *
+ * \return              0 if successful,
+ *                      MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error, or
+ *                      MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
+ */
+int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path );
+
+/**
+ * \brief               Read and update a seed file. Seed is added to this
+ *                      instance. No more than MBEDTLS_ENTROPY_MAX_SEED_SIZE bytes are
+ *                      read from the seed file. The rest is ignored.
+ *
+ * \param ctx           Entropy context
+ * \param path          Name of the file
+ *
+ * \return              0 if successful,
+ *                      MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error,
+ *                      MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
+ */
+int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *path );
+#endif /* MBEDTLS_FS_IO */
+
+#if defined(MBEDTLS_SELF_TEST)
+/**
+ * \brief          Checkup routine
+ *
+ *                 This module self-test also calls the entropy self-test,
+ *                 mbedtls_entropy_source_self_test();
+ *
+ * \return         0 if successful, or 1 if a test failed
+ */
+int mbedtls_entropy_self_test( int verbose );
+
+#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
+/**
+ * \brief          Checkup routine
+ *
+ *                 Verifies the integrity of the hardware entropy source
+ *                 provided by the function 'mbedtls_hardware_poll()'.
+ *
+ *                 Note this is the only hardware entropy source that is known
+ *                 at link time, and other entropy sources configured
+ *                 dynamically at runtime by the function
+ *                 mbedtls_entropy_add_source() will not be tested.
+ *
+ * \return         0 if successful, or 1 if a test failed
+ */
+int mbedtls_entropy_source_self_test( int verbose );
+#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */
+#endif /* MBEDTLS_SELF_TEST */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* entropy.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/entropy_poll.h b/thirdparty/mbedtls/include/mbedtls/entropy_poll.h
new file mode 100644
index 0000000000..94dd657eb9
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/entropy_poll.h
@@ -0,0 +1,110 @@
+/**
+ * \file entropy_poll.h
+ *
+ * \brief Platform-specific and custom entropy polling functions
+ */
+/*
+ *  Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_ENTROPY_POLL_H
+#define MBEDTLS_ENTROPY_POLL_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * Default thresholds for built-in sources, in bytes
+ */
+#define MBEDTLS_ENTROPY_MIN_PLATFORM     32     /**< Minimum for platform source    */
+#define MBEDTLS_ENTROPY_MIN_HAVEGE       32     /**< Minimum for HAVEGE             */
+#define MBEDTLS_ENTROPY_MIN_HARDCLOCK     4     /**< Minimum for mbedtls_timing_hardclock()        */
+#if !defined(MBEDTLS_ENTROPY_MIN_HARDWARE)
+#define MBEDTLS_ENTROPY_MIN_HARDWARE     32     /**< Minimum for the hardware source */
+#endif
+
+/**
+ * \brief           Entropy poll callback that provides 0 entropy.
+ */
+#if defined(MBEDTLS_TEST_NULL_ENTROPY)
+    int mbedtls_null_entropy_poll( void *data,
+                                unsigned char *output, size_t len, size_t *olen );
+#endif
+
+#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
+/**
+ * \brief           Platform-specific entropy poll callback
+ */
+int mbedtls_platform_entropy_poll( void *data,
+                           unsigned char *output, size_t len, size_t *olen );
+#endif
+
+#if defined(MBEDTLS_HAVEGE_C)
+/**
+ * \brief           HAVEGE based entropy poll callback
+ *
+ * Requires an HAVEGE state as its data pointer.
+ */
+int mbedtls_havege_poll( void *data,
+                 unsigned char *output, size_t len, size_t *olen );
+#endif
+
+#if defined(MBEDTLS_TIMING_C)
+/**
+ * \brief           mbedtls_timing_hardclock-based entropy poll callback
+ */
+int mbedtls_hardclock_poll( void *data,
+                    unsigned char *output, size_t len, size_t *olen );
+#endif
+
+#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
+/**
+ * \brief           Entropy poll callback for a hardware source
+ *
+ * \warning         This is not provided by mbed TLS!
+ *                  See \c MBEDTLS_ENTROPY_HARDWARE_ALT in config.h.
+ *
+ * \note            This must accept NULL as its first argument.
+ */
+int mbedtls_hardware_poll( void *data,
+                           unsigned char *output, size_t len, size_t *olen );
+#endif
+
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+/**
+ * \brief           Entropy poll callback for a non-volatile seed file
+ *
+ * \note            This must accept NULL as its first argument.
+ */
+int mbedtls_nv_seed_poll( void *data,
+                          unsigned char *output, size_t len, size_t *olen );
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* entropy_poll.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/error.h b/thirdparty/mbedtls/include/mbedtls/error.h
new file mode 100644
index 0000000000..8b4d3a8755
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/error.h
@@ -0,0 +1,117 @@
+/**
+ * \file error.h
+ *
+ * \brief Error to string translation
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_ERROR_H
+#define MBEDTLS_ERROR_H
+
+#include <stddef.h>
+
+/**
+ * Error code layout.
+ *
+ * Currently we try to keep all error codes within the negative space of 16
+ * bits signed integers to support all platforms (-0x0001 - -0x7FFF). In
+ * addition we'd like to give two layers of information on the error if
+ * possible.
+ *
+ * For that purpose the error codes are segmented in the following manner:
+ *
+ * 16 bit error code bit-segmentation
+ *
+ * 1 bit  - Unused (sign bit)
+ * 3 bits - High level module ID
+ * 5 bits - Module-dependent error code
+ * 7 bits - Low level module errors
+ *
+ * For historical reasons, low-level error codes are divided in even and odd,
+ * even codes were assigned first, and -1 is reserved for other errors.
+ *
+ * Low-level module errors (0x0002-0x007E, 0x0003-0x007F)
+ *
+ * Module   Nr  Codes assigned
+ * MPI       7  0x0002-0x0010
+ * GCM       3  0x0012-0x0014   0x0013-0x0013
+ * BLOWFISH  3  0x0016-0x0018   0x0017-0x0017
+ * THREADING 3  0x001A-0x001E
+ * AES       4  0x0020-0x0022   0x0023-0x0025
+ * CAMELLIA  3  0x0024-0x0026   0x0027-0x0027
+ * XTEA      2  0x0028-0x0028   0x0029-0x0029
+ * BASE64    2  0x002A-0x002C
+ * OID       1  0x002E-0x002E   0x000B-0x000B
+ * PADLOCK   1  0x0030-0x0030
+ * DES       2  0x0032-0x0032   0x0033-0x0033
+ * CTR_DBRG  4  0x0034-0x003A
+ * ENTROPY   3  0x003C-0x0040   0x003D-0x003F
+ * NET      11  0x0042-0x0052   0x0043-0x0045
+ * ASN1      7  0x0060-0x006C
+ * CMAC      1  0x007A-0x007A
+ * PBKDF2    1  0x007C-0x007C
+ * HMAC_DRBG 4                  0x0003-0x0009
+ * CCM       3                  0x000D-0x0011
+ * ARC4      1                  0x0019-0x0019
+ * MD2       1                  0x002B-0x002B
+ * MD4       1                  0x002D-0x002D
+ * MD5       1                  0x002F-0x002F
+ * RIPEMD160 1                  0x0031-0x0031
+ * SHA1      1                  0x0035-0x0035
+ * SHA256    1                  0x0037-0x0037
+ * SHA512    1                  0x0039-0x0039
+ *
+ * High-level module nr (3 bits - 0x0...-0x7...)
+ * Name      ID  Nr of Errors
+ * PEM       1   9
+ * PKCS#12   1   4 (Started from top)
+ * X509      2   20
+ * PKCS5     2   4 (Started from top)
+ * DHM       3   11
+ * PK        3   15 (Started from top)
+ * RSA       4   11
+ * ECP       4   9 (Started from top)
+ * MD        5   5
+ * CIPHER    6   8
+ * SSL       6   17 (Started from top)
+ * SSL       7   31
+ *
+ * Module dependent error code (5 bits 0x.00.-0x.F8.)
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief Translate a mbed TLS error code into a string representation,
+ *        Result is truncated if necessary and always includes a terminating
+ *        null byte.
+ *
+ * \param errnum    error code
+ * \param buffer    buffer to place representation in
+ * \param buflen    length of the buffer
+ */
+void mbedtls_strerror( int errnum, char *buffer, size_t buflen );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* error.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/gcm.h b/thirdparty/mbedtls/include/mbedtls/gcm.h
new file mode 100644
index 0000000000..1e5a507a26
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/gcm.h
@@ -0,0 +1,263 @@
+/**
+ * \file gcm.h
+ *
+ * \brief Galois/Counter Mode (GCM) for 128-bit block ciphers, as defined
+ *        in <em>D. McGrew, J. Viega, The Galois/Counter Mode of Operation
+ *        (GCM), Natl. Inst. Stand. Technol.</em>
+ *
+ * For more information on GCM, see <em>NIST SP 800-38D: Recommendation for
+ * Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC</em>.
+ *
+ */
+/*
+ *  Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef MBEDTLS_GCM_H
+#define MBEDTLS_GCM_H
+
+#include "cipher.h"
+
+#include <stdint.h>
+
+#define MBEDTLS_GCM_ENCRYPT     1
+#define MBEDTLS_GCM_DECRYPT     0
+
+#define MBEDTLS_ERR_GCM_AUTH_FAILED                       -0x0012  /**< Authenticated decryption failed. */
+#define MBEDTLS_ERR_GCM_HW_ACCEL_FAILED                   -0x0013  /**< GCM hardware accelerator failed. */
+#define MBEDTLS_ERR_GCM_BAD_INPUT                         -0x0014  /**< Bad input parameters to function. */
+
+#if !defined(MBEDTLS_GCM_ALT)
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          The GCM context structure.
+ */
+typedef struct {
+    mbedtls_cipher_context_t cipher_ctx;  /*!< The cipher context used. */
+    uint64_t HL[16];                      /*!< Precalculated HTable low. */
+    uint64_t HH[16];                      /*!< Precalculated HTable high. */
+    uint64_t len;                         /*!< The total length of the encrypted data. */
+    uint64_t add_len;                     /*!< The total length of the additional data. */
+    unsigned char base_ectr[16];          /*!< The first ECTR for tag. */
+    unsigned char y[16];                  /*!< The Y working value. */
+    unsigned char buf[16];                /*!< The buf working value. */
+    int mode;                             /*!< The operation to perform:
+                                               #MBEDTLS_GCM_ENCRYPT or
+                                               #MBEDTLS_GCM_DECRYPT. */
+}
+mbedtls_gcm_context;
+
+/**
+ * \brief           This function initializes the specified GCM context,
+ *                  to make references valid, and prepares the context
+ *                  for mbedtls_gcm_setkey() or mbedtls_gcm_free().
+ *
+ *                  The function does not bind the GCM context to a particular
+ *                  cipher, nor set the key. For this purpose, use
+ *                  mbedtls_gcm_setkey().
+ *
+ * \param ctx       The GCM context to initialize.
+ */
+void mbedtls_gcm_init( mbedtls_gcm_context *ctx );
+
+/**
+ * \brief           This function associates a GCM context with a
+ *                  cipher algorithm and a key.
+ *
+ * \param ctx       The GCM context to initialize.
+ * \param cipher    The 128-bit block cipher to use.
+ * \param key       The encryption key.
+ * \param keybits   The key size in bits. Valid options are:
+ *                  <ul><li>128 bits</li>
+ *                  <li>192 bits</li>
+ *                  <li>256 bits</li></ul>
+ *
+ * \return          \c 0 on success, or a cipher specific error code.
+ */
+int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx,
+                        mbedtls_cipher_id_t cipher,
+                        const unsigned char *key,
+                        unsigned int keybits );
+
+/**
+ * \brief           This function performs GCM encryption or decryption of a buffer.
+ *
+ * \note For encryption, the output buffer can be the same as the input buffer.
+ *       For decryption, the output buffer cannot be the same as input buffer.
+ *       If the buffers overlap, the output buffer must trail at least 8 Bytes
+ *       behind the input buffer.
+ *
+ * \param ctx       The GCM context to use for encryption or decryption.
+ * \param mode      The operation to perform: #MBEDTLS_GCM_ENCRYPT or
+ *                  #MBEDTLS_GCM_DECRYPT.
+ * \param length    The length of the input data. This must be a multiple of 16 except in the last call before mbedtls_gcm_finish().
+ * \param iv        The initialization vector.
+ * \param iv_len    The length of the IV.
+ * \param add       The buffer holding the additional data.
+ * \param add_len   The length of the additional data.
+ * \param input     The buffer holding the input data.
+ * \param output    The buffer for holding the output data.
+ * \param tag_len   The length of the tag to generate.
+ * \param tag       The buffer for holding the tag.
+ *
+ * \return         \c 0 on success.
+ */
+int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx,
+                       int mode,
+                       size_t length,
+                       const unsigned char *iv,
+                       size_t iv_len,
+                       const unsigned char *add,
+                       size_t add_len,
+                       const unsigned char *input,
+                       unsigned char *output,
+                       size_t tag_len,
+                       unsigned char *tag );
+
+/**
+ * \brief           This function performs a GCM authenticated decryption of a
+ *                  buffer.
+ *
+ * \note For decryption, the output buffer cannot be the same as input buffer.
+ *       If the buffers overlap, the output buffer must trail at least 8 Bytes
+ *       behind the input buffer.
+ *
+ * \param ctx       The GCM context.
+ * \param length    The length of the input data. This must be a multiple of 16 except in the last call before mbedtls_gcm_finish().
+ * \param iv        The initialization vector.
+ * \param iv_len    The length of the IV.
+ * \param add       The buffer holding the additional data.
+ * \param add_len   The length of the additional data.
+ * \param tag       The buffer holding the tag.
+ * \param tag_len   The length of the tag.
+ * \param input     The buffer holding the input data.
+ * \param output    The buffer for holding the output data.
+ *
+ * \return         0 if successful and authenticated, or
+ *                 #MBEDTLS_ERR_GCM_AUTH_FAILED if tag does not match.
+ */
+int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx,
+                      size_t length,
+                      const unsigned char *iv,
+                      size_t iv_len,
+                      const unsigned char *add,
+                      size_t add_len,
+                      const unsigned char *tag,
+                      size_t tag_len,
+                      const unsigned char *input,
+                      unsigned char *output );
+
+/**
+ * \brief           This function starts a GCM encryption or decryption
+ *                  operation.
+ *
+ * \param ctx       The GCM context.
+ * \param mode      The operation to perform: #MBEDTLS_GCM_ENCRYPT or
+ *                  #MBEDTLS_GCM_DECRYPT.
+ * \param iv        The initialization vector.
+ * \param iv_len    The length of the IV.
+ * \param add       The buffer holding the additional data, or NULL if \p add_len is 0.
+ * \param add_len   The length of the additional data. If 0, \p  add is NULL.
+ *
+ * \return         \c 0 on success.
+ */
+int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
+                int mode,
+                const unsigned char *iv,
+                size_t iv_len,
+                const unsigned char *add,
+                size_t add_len );
+
+/**
+ * \brief           This function feeds an input buffer into an ongoing GCM
+ *                  encryption or decryption operation.
+ *
+ *    `             The function expects input to be a multiple of 16
+ *                  Bytes. Only the last call before calling
+ *                  mbedtls_gcm_finish() can be less than 16 Bytes.
+ *
+ * \note For decryption, the output buffer cannot be the same as input buffer.
+ *       If the buffers overlap, the output buffer must trail at least 8 Bytes
+ *       behind the input buffer.
+ *
+ * \param ctx       The GCM context.
+ * \param length    The length of the input data. This must be a multiple of 16 except in the last call before mbedtls_gcm_finish().
+ * \param input     The buffer holding the input data.
+ * \param output    The buffer for holding the output data.
+ *
+ * \return         \c 0 on success, or #MBEDTLS_ERR_GCM_BAD_INPUT on failure.
+ */
+int mbedtls_gcm_update( mbedtls_gcm_context *ctx,
+                size_t length,
+                const unsigned char *input,
+                unsigned char *output );
+
+/**
+ * \brief           This function finishes the GCM operation and generates
+ *                  the authentication tag.
+ *
+ *                  It wraps up the GCM stream, and generates the
+ *                  tag. The tag can have a maximum length of 16 Bytes.
+ *
+ * \param ctx       The GCM context.
+ * \param tag       The buffer for holding the tag.
+ * \param tag_len   The length of the tag to generate. Must be at least four.
+ *
+ * \return          \c 0 on success, or #MBEDTLS_ERR_GCM_BAD_INPUT on failure.
+ */
+int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
+                unsigned char *tag,
+                size_t tag_len );
+
+/**
+ * \brief           This function clears a GCM context and the underlying
+ *                  cipher sub-context.
+ *
+ * \param ctx       The GCM context to clear.
+ */
+void mbedtls_gcm_free( mbedtls_gcm_context *ctx );
+
+#ifdef __cplusplus
+}
+#endif
+
+#else  /* !MBEDTLS_GCM_ALT */
+#include "gcm_alt.h"
+#endif /* !MBEDTLS_GCM_ALT */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          The GCM checkup routine.
+ *
+ * \return         \c 0 on success, or \c 1 on failure.
+ */
+int mbedtls_gcm_self_test( int verbose );
+
+#ifdef __cplusplus
+}
+#endif
+
+
+#endif /* gcm.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/havege.h b/thirdparty/mbedtls/include/mbedtls/havege.h
new file mode 100644
index 0000000000..d4cb3ed38d
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/havege.h
@@ -0,0 +1,75 @@
+/**
+ * \file havege.h
+ *
+ * \brief HAVEGE: HArdware Volatile Entropy Gathering and Expansion
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_HAVEGE_H
+#define MBEDTLS_HAVEGE_H
+
+#include <stddef.h>
+
+#define MBEDTLS_HAVEGE_COLLECT_SIZE 1024
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          HAVEGE state structure
+ */
+typedef struct
+{
+    int PT1, PT2, offset[2];
+    int pool[MBEDTLS_HAVEGE_COLLECT_SIZE];
+    int WALK[8192];
+}
+mbedtls_havege_state;
+
+/**
+ * \brief          HAVEGE initialization
+ *
+ * \param hs       HAVEGE state to be initialized
+ */
+void mbedtls_havege_init( mbedtls_havege_state *hs );
+
+/**
+ * \brief          Clear HAVEGE state
+ *
+ * \param hs       HAVEGE state to be cleared
+ */
+void mbedtls_havege_free( mbedtls_havege_state *hs );
+
+/**
+ * \brief          HAVEGE rand function
+ *
+ * \param p_rng    A HAVEGE state
+ * \param output   Buffer to fill
+ * \param len      Length of buffer
+ *
+ * \return         0
+ */
+int mbedtls_havege_random( void *p_rng, unsigned char *output, size_t len );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* havege.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/hmac_drbg.h b/thirdparty/mbedtls/include/mbedtls/hmac_drbg.h
new file mode 100644
index 0000000000..e0821cf788
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/hmac_drbg.h
@@ -0,0 +1,300 @@
+/**
+ * \file hmac_drbg.h
+ *
+ * \brief HMAC_DRBG (NIST SP 800-90A)
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_HMAC_DRBG_H
+#define MBEDTLS_HMAC_DRBG_H
+
+#include "md.h"
+
+#if defined(MBEDTLS_THREADING_C)
+#include "mbedtls/threading.h"
+#endif
+
+/*
+ * Error codes
+ */
+#define MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG              -0x0003  /**< Too many random requested in single call. */
+#define MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG                -0x0005  /**< Input too large (Entropy + additional). */
+#define MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR                -0x0007  /**< Read/write error in file. */
+#define MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED        -0x0009  /**< The entropy source failed. */
+
+/**
+ * \name SECTION: Module settings
+ *
+ * The configuration options you can set for this module are in this section.
+ * Either change them in config.h or define them on the compiler command line.
+ * \{
+ */
+
+#if !defined(MBEDTLS_HMAC_DRBG_RESEED_INTERVAL)
+#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL   10000   /**< Interval before reseed is performed by default */
+#endif
+
+#if !defined(MBEDTLS_HMAC_DRBG_MAX_INPUT)
+#define MBEDTLS_HMAC_DRBG_MAX_INPUT         256     /**< Maximum number of additional input bytes */
+#endif
+
+#if !defined(MBEDTLS_HMAC_DRBG_MAX_REQUEST)
+#define MBEDTLS_HMAC_DRBG_MAX_REQUEST       1024    /**< Maximum number of requested bytes per call */
+#endif
+
+#if !defined(MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT)
+#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT    384     /**< Maximum size of (re)seed buffer */
+#endif
+
+/* \} name SECTION: Module settings */
+
+#define MBEDTLS_HMAC_DRBG_PR_OFF   0   /**< No prediction resistance       */
+#define MBEDTLS_HMAC_DRBG_PR_ON    1   /**< Prediction resistance enabled  */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * HMAC_DRBG context.
+ */
+typedef struct
+{
+    /* Working state: the key K is not stored explicitely,
+     * but is implied by the HMAC context */
+    mbedtls_md_context_t md_ctx;                    /*!< HMAC context (inc. K)  */
+    unsigned char V[MBEDTLS_MD_MAX_SIZE];  /*!< V in the spec          */
+    int reseed_counter;                     /*!< reseed counter         */
+
+    /* Administrative state */
+    size_t entropy_len;         /*!< entropy bytes grabbed on each (re)seed */
+    int prediction_resistance;  /*!< enable prediction resistance (Automatic
+                                     reseed before every random generation) */
+    int reseed_interval;        /*!< reseed interval   */
+
+    /* Callbacks */
+    int (*f_entropy)(void *, unsigned char *, size_t); /*!< entropy function */
+    void *p_entropy;            /*!< context for the entropy function        */
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_threading_mutex_t mutex;
+#endif
+} mbedtls_hmac_drbg_context;
+
+/**
+ * \brief               HMAC_DRBG context initialization
+ *                      Makes the context ready for mbedtls_hmac_drbg_seed(),
+ *                      mbedtls_hmac_drbg_seed_buf() or
+ *                      mbedtls_hmac_drbg_free().
+ *
+ * \param ctx           HMAC_DRBG context to be initialized
+ */
+void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx );
+
+/**
+ * \brief               HMAC_DRBG initial seeding
+ *                      Seed and setup entropy source for future reseeds.
+ *
+ * \param ctx           HMAC_DRBG context to be seeded
+ * \param md_info       MD algorithm to use for HMAC_DRBG
+ * \param f_entropy     Entropy callback (p_entropy, buffer to fill, buffer
+ *                      length)
+ * \param p_entropy     Entropy context
+ * \param custom        Personalization data (Device specific identifiers)
+ *                      (Can be NULL)
+ * \param len           Length of personalization data
+ *
+ * \note                The "security strength" as defined by NIST is set to:
+ *                      128 bits if md_alg is SHA-1,
+ *                      192 bits if md_alg is SHA-224,
+ *                      256 bits if md_alg is SHA-256 or higher.
+ *                      Note that SHA-256 is just as efficient as SHA-224.
+ *
+ * \return              0 if successful, or
+ *                      MBEDTLS_ERR_MD_BAD_INPUT_DATA, or
+ *                      MBEDTLS_ERR_MD_ALLOC_FAILED, or
+ *                      MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED.
+ */
+int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx,
+                    const mbedtls_md_info_t * md_info,
+                    int (*f_entropy)(void *, unsigned char *, size_t),
+                    void *p_entropy,
+                    const unsigned char *custom,
+                    size_t len );
+
+/**
+ * \brief               Initilisation of simpified HMAC_DRBG (never reseeds).
+ *                      (For use with deterministic ECDSA.)
+ *
+ * \param ctx           HMAC_DRBG context to be initialised
+ * \param md_info       MD algorithm to use for HMAC_DRBG
+ * \param data          Concatenation of entropy string and additional data
+ * \param data_len      Length of data in bytes
+ *
+ * \return              0 if successful, or
+ *                      MBEDTLS_ERR_MD_BAD_INPUT_DATA, or
+ *                      MBEDTLS_ERR_MD_ALLOC_FAILED.
+ */
+int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx,
+                        const mbedtls_md_info_t * md_info,
+                        const unsigned char *data, size_t data_len );
+
+/**
+ * \brief               Enable / disable prediction resistance (Default: Off)
+ *
+ * Note: If enabled, entropy is used for ctx->entropy_len before each call!
+ *       Only use this if you have ample supply of good entropy!
+ *
+ * \param ctx           HMAC_DRBG context
+ * \param resistance    MBEDTLS_HMAC_DRBG_PR_ON or MBEDTLS_HMAC_DRBG_PR_OFF
+ */
+void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx,
+                                          int resistance );
+
+/**
+ * \brief               Set the amount of entropy grabbed on each reseed
+ *                      (Default: given by the security strength, which
+ *                      depends on the hash used, see \c mbedtls_hmac_drbg_init() )
+ *
+ * \param ctx           HMAC_DRBG context
+ * \param len           Amount of entropy to grab, in bytes
+ */
+void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx,
+                                size_t len );
+
+/**
+ * \brief               Set the reseed interval
+ *                      (Default: MBEDTLS_HMAC_DRBG_RESEED_INTERVAL)
+ *
+ * \param ctx           HMAC_DRBG context
+ * \param interval      Reseed interval
+ */
+void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx,
+                                    int interval );
+
+/**
+ * \brief               HMAC_DRBG update state
+ *
+ * \param ctx           HMAC_DRBG context
+ * \param additional    Additional data to update state with, or NULL
+ * \param add_len       Length of additional data, or 0
+ *
+ * \note                Additional data is optional, pass NULL and 0 as second
+ *                      third argument if no additional data is being used.
+ */
+void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx,
+                       const unsigned char *additional, size_t add_len );
+
+/**
+ * \brief               HMAC_DRBG reseeding (extracts data from entropy source)
+ *
+ * \param ctx           HMAC_DRBG context
+ * \param additional    Additional data to add to state (Can be NULL)
+ * \param len           Length of additional data
+ *
+ * \return              0 if successful, or
+ *                      MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
+ */
+int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx,
+                      const unsigned char *additional, size_t len );
+
+/**
+ * \brief               HMAC_DRBG generate random with additional update input
+ *
+ * Note: Automatically reseeds if reseed_counter is reached or PR is enabled.
+ *
+ * \param p_rng         HMAC_DRBG context
+ * \param output        Buffer to fill
+ * \param output_len    Length of the buffer
+ * \param additional    Additional data to update with (can be NULL)
+ * \param add_len       Length of additional data (can be 0)
+ *
+ * \return              0 if successful, or
+ *                      MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or
+ *                      MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG, or
+ *                      MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG.
+ */
+int mbedtls_hmac_drbg_random_with_add( void *p_rng,
+                               unsigned char *output, size_t output_len,
+                               const unsigned char *additional,
+                               size_t add_len );
+
+/**
+ * \brief               HMAC_DRBG generate random
+ *
+ * Note: Automatically reseeds if reseed_counter is reached or PR is enabled.
+ *
+ * \param p_rng         HMAC_DRBG context
+ * \param output        Buffer to fill
+ * \param out_len       Length of the buffer
+ *
+ * \return              0 if successful, or
+ *                      MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or
+ *                      MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG
+ */
+int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len );
+
+/**
+ * \brief               Free an HMAC_DRBG context
+ *
+ * \param ctx           HMAC_DRBG context to free.
+ */
+void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx );
+
+#if defined(MBEDTLS_FS_IO)
+/**
+ * \brief               Write a seed file
+ *
+ * \param ctx           HMAC_DRBG context
+ * \param path          Name of the file
+ *
+ * \return              0 if successful, 1 on file error, or
+ *                      MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
+ */
+int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path );
+
+/**
+ * \brief               Read and update a seed file. Seed is added to this
+ *                      instance
+ *
+ * \param ctx           HMAC_DRBG context
+ * \param path          Name of the file
+ *
+ * \return              0 if successful, 1 on file error,
+ *                      MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED or
+ *                      MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG
+ */
+int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path );
+#endif /* MBEDTLS_FS_IO */
+
+
+#if defined(MBEDTLS_SELF_TEST)
+/**
+ * \brief               Checkup routine
+ *
+ * \return              0 if successful, or 1 if the test failed
+ */
+int mbedtls_hmac_drbg_self_test( int verbose );
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* hmac_drbg.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/md.h b/thirdparty/mbedtls/include/mbedtls/md.h
new file mode 100644
index 0000000000..06538c3827
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/md.h
@@ -0,0 +1,453 @@
+ /**
+ * \file md.h
+ *
+ * \brief The generic message-digest wrapper.
+ *
+ * \author Adriaan de Jong <dejong@fox-it.com>
+ */
+/*
+ *  Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef MBEDTLS_MD_H
+#define MBEDTLS_MD_H
+
+#include <stddef.h>
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE                -0x5080  /**< The selected feature is not available. */
+#define MBEDTLS_ERR_MD_BAD_INPUT_DATA                     -0x5100  /**< Bad input parameters to function. */
+#define MBEDTLS_ERR_MD_ALLOC_FAILED                       -0x5180  /**< Failed to allocate memory. */
+#define MBEDTLS_ERR_MD_FILE_IO_ERROR                      -0x5200  /**< Opening or reading of file failed. */
+#define MBEDTLS_ERR_MD_HW_ACCEL_FAILED                    -0x5280  /**< MD hardware accelerator failed. */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief     Enumeration of supported message digests
+ *
+ * \warning   MD2, MD4, MD5 and SHA-1 are considered weak message digests and
+ *            their use constitutes a security risk. We recommend considering
+ *            stronger message digests instead.
+ *
+ */
+typedef enum {
+    MBEDTLS_MD_NONE=0,
+    MBEDTLS_MD_MD2,
+    MBEDTLS_MD_MD4,
+    MBEDTLS_MD_MD5,
+    MBEDTLS_MD_SHA1,
+    MBEDTLS_MD_SHA224,
+    MBEDTLS_MD_SHA256,
+    MBEDTLS_MD_SHA384,
+    MBEDTLS_MD_SHA512,
+    MBEDTLS_MD_RIPEMD160,
+} mbedtls_md_type_t;
+
+#if defined(MBEDTLS_SHA512_C)
+#define MBEDTLS_MD_MAX_SIZE         64  /* longest known is SHA512 */
+#else
+#define MBEDTLS_MD_MAX_SIZE         32  /* longest known is SHA256 or less */
+#endif
+
+/**
+ * Opaque struct defined in md_internal.h.
+ */
+typedef struct mbedtls_md_info_t mbedtls_md_info_t;
+
+/**
+ * The generic message-digest context.
+ */
+typedef struct {
+    /** Information about the associated message digest. */
+    const mbedtls_md_info_t *md_info;
+
+    /** The digest-specific context. */
+    void *md_ctx;
+
+    /** The HMAC part of the context. */
+    void *hmac_ctx;
+} mbedtls_md_context_t;
+
+/**
+ * \brief           This function returns the list of digests supported by the
+ *                  generic digest module.
+ *
+ * \return          A statically allocated array of digests. Each element
+ *                  in the returned list is an integer belonging to the
+ *                  message-digest enumeration #mbedtls_md_type_t.
+ *                  The last entry is 0.
+ */
+const int *mbedtls_md_list( void );
+
+/**
+ * \brief           This function returns the message-digest information
+ *                  associated with the given digest name.
+ *
+ * \param md_name   The name of the digest to search for.
+ *
+ * \return          The message-digest information associated with \p md_name,
+ *                  or NULL if not found.
+ */
+const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name );
+
+/**
+ * \brief           This function returns the message-digest information
+ *                  associated with the given digest type.
+ *
+ * \param md_type   The type of digest to search for.
+ *
+ * \return          The message-digest information associated with \p md_type,
+ *                  or NULL if not found.
+ */
+const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type );
+
+/**
+ * \brief           This function initializes a message-digest context without
+ *                  binding it to a particular message-digest algorithm.
+ *
+ *                  This function should always be called first. It prepares the
+ *                  context for mbedtls_md_setup() for binding it to a
+ *                  message-digest algorithm.
+ */
+void mbedtls_md_init( mbedtls_md_context_t *ctx );
+
+/**
+ * \brief           This function clears the internal structure of \p ctx and
+ *                  frees any embedded internal structure, but does not free
+ *                  \p ctx itself.
+ *
+ *                  If you have called mbedtls_md_setup() on \p ctx, you must
+ *                  call mbedtls_md_free() when you are no longer using the
+ *                  context.
+ *                  Calling this function if you have previously
+ *                  called mbedtls_md_init() and nothing else is optional.
+ *                  You must not call this function if you have not called
+ *                  mbedtls_md_init().
+ */
+void mbedtls_md_free( mbedtls_md_context_t *ctx );
+
+#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED    __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief           This function selects the message digest algorithm to use,
+ *                  and allocates internal structures.
+ *
+ *                  It should be called after mbedtls_md_init() or mbedtls_md_free().
+ *                  Makes it necessary to call mbedtls_md_free() later.
+ *
+ * \deprecated      Superseded by mbedtls_md_setup() in 2.0.0
+ *
+ * \param ctx       The context to set up.
+ * \param md_info   The information structure of the message-digest algorithm
+ *                  to use.
+ *
+ * \returns         \c 0 on success,
+ *                  #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter failure,
+ *                  #MBEDTLS_ERR_MD_ALLOC_FAILED memory allocation failure.
+ */
+int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ) MBEDTLS_DEPRECATED;
+#undef MBEDTLS_DEPRECATED
+#endif /* MBEDTLS_DEPRECATED_REMOVED */
+
+/**
+ * \brief           This function selects the message digest algorithm to use,
+ *                  and allocates internal structures.
+ *
+ *                  It should be called after mbedtls_md_init() or
+ *                  mbedtls_md_free(). Makes it necessary to call
+ *                  mbedtls_md_free() later.
+ *
+ * \param ctx       The context to set up.
+ * \param md_info   The information structure of the message-digest algorithm
+ *                  to use.
+ * \param hmac      <ul><li>0: HMAC is not used. Saves some memory.</li>
+ *                  <li>non-zero: HMAC is used with this context.</li></ul>
+ *
+ * \returns         \c 0 on success,
+ *                  #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter failure, or
+ *                  #MBEDTLS_ERR_MD_ALLOC_FAILED on memory allocation failure.
+ */
+int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac );
+
+/**
+ * \brief           This function clones the state of an message-digest
+ *                  context.
+ *
+ * \note            You must call mbedtls_md_setup() on \c dst before calling
+ *                  this function.
+ *
+ * \note            The two contexts must have the same type,
+ *                  for example, both are SHA-256.
+ *
+ * \warning         This function clones the message-digest state, not the
+ *                  HMAC state.
+ *
+ * \param dst       The destination context.
+ * \param src       The context to be cloned.
+ *
+ * \return          \c 0 on success,
+ *                  #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter failure.
+ */
+int mbedtls_md_clone( mbedtls_md_context_t *dst,
+                      const mbedtls_md_context_t *src );
+
+/**
+ * \brief           This function extracts the message-digest size from the
+ *                  message-digest information structure.
+ *
+ * \param md_info   The information structure of the message-digest algorithm
+ *                  to use.
+ *
+ * \return          The size of the message-digest output in Bytes.
+ */
+unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info );
+
+/**
+ * \brief           This function extracts the message-digest type from the
+ *                  message-digest information structure.
+ *
+ * \param md_info   The information structure of the message-digest algorithm
+ *                  to use.
+ *
+ * \return          The type of the message digest.
+ */
+mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info );
+
+/**
+ * \brief           This function extracts the message-digest name from the
+ *                  message-digest information structure.
+ *
+ * \param md_info   The information structure of the message-digest algorithm
+ *                  to use.
+ *
+ * \return          The name of the message digest.
+ */
+const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info );
+
+/**
+ * \brief           This function starts a message-digest computation.
+ *
+ *                  You must call this function after setting up the context
+ *                  with mbedtls_md_setup(), and before passing data with
+ *                  mbedtls_md_update().
+ *
+ * \param ctx       The generic message-digest context.
+ *
+ * \returns         \c 0 on success, #MBEDTLS_ERR_MD_BAD_INPUT_DATA if
+ *                  parameter verification fails.
+ */
+int mbedtls_md_starts( mbedtls_md_context_t *ctx );
+
+/**
+ * \brief           This function feeds an input buffer into an ongoing
+ *                  message-digest computation.
+ *
+ *                  You must call mbedtls_md_starts() before calling this
+ *                  function. You may call this function multiple times.
+ *                  Afterwards, call mbedtls_md_finish().
+ *
+ * \param ctx       The generic message-digest context.
+ * \param input     The buffer holding the input data.
+ * \param ilen      The length of the input data.
+ *
+ * \returns         \c 0 on success, #MBEDTLS_ERR_MD_BAD_INPUT_DATA if
+ *                  parameter verification fails.
+ */
+int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen );
+
+/**
+ * \brief           This function finishes the digest operation,
+ *                  and writes the result to the output buffer.
+ *
+ *                  Call this function after a call to mbedtls_md_starts(),
+ *                  followed by any number of calls to mbedtls_md_update().
+ *                  Afterwards, you may either clear the context with
+ *                  mbedtls_md_free(), or call mbedtls_md_starts() to reuse
+ *                  the context for another digest operation with the same
+ *                  algorithm.
+ *
+ * \param ctx       The generic message-digest context.
+ * \param output    The buffer for the generic message-digest checksum result.
+ *
+ * \returns         \c 0 on success, or #MBEDTLS_ERR_MD_BAD_INPUT_DATA if
+ *                  parameter verification fails.
+ */
+int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output );
+
+/**
+ * \brief          This function calculates the message-digest of a buffer,
+ *                 with respect to a configurable message-digest algorithm
+ *                 in a single call.
+ *
+ *                 The result is calculated as
+ *                 Output = message_digest(input buffer).
+ *
+ * \param md_info  The information structure of the message-digest algorithm
+ *                 to use.
+ * \param input    The buffer holding the data.
+ * \param ilen     The length of the input data.
+ * \param output   The generic message-digest checksum result.
+ *
+ * \returns        \c 0 on success, or #MBEDTLS_ERR_MD_BAD_INPUT_DATA if
+ *                 parameter verification fails.
+ */
+int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
+        unsigned char *output );
+
+#if defined(MBEDTLS_FS_IO)
+/**
+ * \brief          This function calculates the message-digest checksum
+ *                 result of the contents of the provided file.
+ *
+ *                 The result is calculated as
+ *                 Output = message_digest(file contents).
+ *
+ * \param md_info  The information structure of the message-digest algorithm
+ *                 to use.
+ * \param path     The input file name.
+ * \param output   The generic message-digest checksum result.
+ *
+ * \return         \c 0 on success,
+ *                 #MBEDTLS_ERR_MD_FILE_IO_ERROR if file input failed, or
+ *                 #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info was NULL.
+ */
+int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path,
+                     unsigned char *output );
+#endif /* MBEDTLS_FS_IO */
+
+/**
+ * \brief           This function sets the HMAC key and prepares to
+ *                  authenticate a new message.
+ *
+ *                  Call this function after mbedtls_md_setup(), to use
+ *                  the MD context for an HMAC calculation, then call
+ *                  mbedtls_md_hmac_update() to provide the input data, and
+ *                  mbedtls_md_hmac_finish() to get the HMAC value.
+ *
+ * \param ctx       The message digest context containing an embedded HMAC
+ *                  context.
+ * \param key       The HMAC secret key.
+ * \param keylen    The length of the HMAC key in Bytes.
+ *
+ * \returns         \c 0 on success, or #MBEDTLS_ERR_MD_BAD_INPUT_DATA if
+ *                  parameter verification fails.
+ */
+int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key,
+                    size_t keylen );
+
+/**
+ * \brief           This function feeds an input buffer into an ongoing HMAC
+ *                  computation.
+ *
+ *                  Call mbedtls_md_hmac_starts() or mbedtls_md_hmac_reset()
+ *                  before calling this function.
+ *                  You may call this function multiple times to pass the
+ *                  input piecewise.
+ *                  Afterwards, call mbedtls_md_hmac_finish().
+ *
+ * \param ctx       The message digest context containing an embedded HMAC
+ *                  context.
+ * \param input     The buffer holding the input data.
+ * \param ilen      The length of the input data.
+ *
+ * \returns         \c 0 on success, or #MBEDTLS_ERR_MD_BAD_INPUT_DATA if
+ *                  parameter verification fails.
+ */
+int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input,
+                    size_t ilen );
+
+/**
+ * \brief           This function finishes the HMAC operation, and writes
+ *                  the result to the output buffer.
+ *
+ *                  Call this function after mbedtls_md_hmac_starts() and
+ *                  mbedtls_md_hmac_update() to get the HMAC value. Afterwards
+ *                  you may either call mbedtls_md_free() to clear the context,
+ *                  or call mbedtls_md_hmac_reset() to reuse the context with
+ *                  the same HMAC key.
+ *
+ * \param ctx       The message digest context containing an embedded HMAC
+ *                  context.
+ * \param output    The generic HMAC checksum result.
+ *
+ * \returns         \c 0 on success, or #MBEDTLS_ERR_MD_BAD_INPUT_DATA if
+ *                  parameter verification fails.
+ */
+int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output);
+
+/**
+ * \brief           This function prepares to authenticate a new message with
+ *                  the same key as the previous HMAC operation.
+ *
+ *                  You may call this function after mbedtls_md_hmac_finish().
+ *                  Afterwards call mbedtls_md_hmac_update() to pass the new
+ *                  input.
+ *
+ * \param ctx       The message digest context containing an embedded HMAC
+ *                  context.
+ *
+ * \returns         \c 0 on success, or #MBEDTLS_ERR_MD_BAD_INPUT_DATA if
+ *                  parameter verification fails.
+ */
+int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx );
+
+/**
+ * \brief          This function calculates the full generic HMAC
+ *                 on the input buffer with the provided key.
+ *
+ *                 The function allocates the context, performs the
+ *                 calculation, and frees the context.
+ *
+ *                 The HMAC result is calculated as
+ *                 output = generic HMAC(hmac key, input buffer).
+ *
+ * \param md_info  The information structure of the message-digest algorithm
+ *                 to use.
+ * \param key      The HMAC secret key.
+ * \param keylen   The length of the HMAC secret key in Bytes.
+ * \param input    The buffer holding the input data.
+ * \param ilen     The length of the input data.
+ * \param output   The generic HMAC result.
+ *
+ * \returns        \c 0 on success, or #MBEDTLS_ERR_MD_BAD_INPUT_DATA if
+ *                 parameter verification fails.
+ */
+int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen,
+                const unsigned char *input, size_t ilen,
+                unsigned char *output );
+
+/* Internal use */
+int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_MD_H */
diff --git a/thirdparty/mbedtls/include/mbedtls/md2.h b/thirdparty/mbedtls/include/mbedtls/md2.h
new file mode 100644
index 0000000000..2ff3f171a3
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/md2.h
@@ -0,0 +1,333 @@
+/**
+ * \file md2.h
+ *
+ * \brief MD2 message digest algorithm (hash function)
+ *
+ * \warning MD2 is considered a weak message digest and its use constitutes a
+ *          security risk. We recommend considering stronger message digests
+ *          instead.
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ *
+ */
+#ifndef MBEDTLS_MD2_H
+#define MBEDTLS_MD2_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+
+#define MBEDTLS_ERR_MD2_HW_ACCEL_FAILED                   -0x002B  /**< MD2 hardware accelerator failed */
+
+#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
+#if !defined(MBEDTLS_MD2_ALT)
+// Regular implementation
+//
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          MD2 context structure
+ *
+ * \warning        MD2 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+typedef struct
+{
+    unsigned char cksum[16];    /*!< checksum of the data block */
+    unsigned char state[48];    /*!< intermediate digest state  */
+    unsigned char buffer[16];   /*!< data block being processed */
+    size_t left;                /*!< amount of data in buffer   */
+}
+mbedtls_md2_context;
+
+/**
+ * \brief          Initialize MD2 context
+ *
+ * \param ctx      MD2 context to be initialized
+ *
+ * \warning        MD2 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_md2_init( mbedtls_md2_context *ctx );
+
+/**
+ * \brief          Clear MD2 context
+ *
+ * \param ctx      MD2 context to be cleared
+ *
+ * \warning        MD2 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_md2_free( mbedtls_md2_context *ctx );
+
+/**
+ * \brief          Clone (the state of) an MD2 context
+ *
+ * \param dst      The destination context
+ * \param src      The context to be cloned
+ *
+ * \warning        MD2 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_md2_clone( mbedtls_md2_context *dst,
+                        const mbedtls_md2_context *src );
+
+/**
+ * \brief          MD2 context setup
+ *
+ * \param ctx      context to be initialized
+ *
+ * \return         0 if successful
+ *
+ * \warning        MD2 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx );
+
+/**
+ * \brief          MD2 process buffer
+ *
+ * \param ctx      MD2 context
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ *
+ * \return         0 if successful
+ *
+ * \warning        MD2 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_md2_update_ret( mbedtls_md2_context *ctx,
+                            const unsigned char *input,
+                            size_t ilen );
+
+/**
+ * \brief          MD2 final digest
+ *
+ * \param ctx      MD2 context
+ * \param output   MD2 checksum result
+ *
+ * \return         0 if successful
+ *
+ * \warning        MD2 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx,
+                            unsigned char output[16] );
+
+/**
+ * \brief          MD2 process data block (internal use only)
+ *
+ * \param ctx      MD2 context
+ *
+ * \return         0 if successful
+ *
+ * \warning        MD2 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_internal_md2_process( mbedtls_md2_context *ctx );
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief          MD2 context setup
+ *
+ * \deprecated     Superseded by mbedtls_md2_starts_ret() in 2.7.0
+ *
+ * \param ctx      context to be initialized
+ *
+ * \warning        MD2 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_md2_starts(
+                                                    mbedtls_md2_context *ctx )
+{
+    mbedtls_md2_starts_ret( ctx );
+}
+
+/**
+ * \brief          MD2 process buffer
+ *
+ * \deprecated     Superseded by mbedtls_md2_update_ret() in 2.7.0
+ *
+ * \param ctx      MD2 context
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ *
+ * \warning        MD2 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_md2_update(
+                                                mbedtls_md2_context *ctx,
+                                                const unsigned char *input,
+                                                size_t ilen )
+{
+    mbedtls_md2_update_ret( ctx, input, ilen );
+}
+
+/**
+ * \brief          MD2 final digest
+ *
+ * \deprecated     Superseded by mbedtls_md2_finish_ret() in 2.7.0
+ *
+ * \param ctx      MD2 context
+ * \param output   MD2 checksum result
+ *
+ * \warning        MD2 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_md2_finish(
+                                                    mbedtls_md2_context *ctx,
+                                                    unsigned char output[16] )
+{
+    mbedtls_md2_finish_ret( ctx, output );
+}
+
+/**
+ * \brief          MD2 process data block (internal use only)
+ *
+ * \deprecated     Superseded by mbedtls_internal_md2_process() in 2.7.0
+ *
+ * \param ctx      MD2 context
+ *
+ * \warning        MD2 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_md2_process(
+                                                    mbedtls_md2_context *ctx )
+{
+    mbedtls_internal_md2_process( ctx );
+}
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
+#ifdef __cplusplus
+}
+#endif
+
+#else  /* MBEDTLS_MD2_ALT */
+#include "md2_alt.h"
+#endif /* MBEDTLS_MD2_ALT */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          Output = MD2( input buffer )
+ *
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ * \param output   MD2 checksum result
+ *
+ * \warning        MD2 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_md2_ret( const unsigned char *input,
+                     size_t ilen,
+                     unsigned char output[16] );
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief          Output = MD2( input buffer )
+ *
+ * \deprecated     Superseded by mbedtls_md2_ret() in 2.7.0
+ *
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ * \param output   MD2 checksum result
+ *
+ * \warning        MD2 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_md2( const unsigned char *input,
+                                                   size_t ilen,
+                                                   unsigned char output[16] )
+{
+    mbedtls_md2_ret( input, ilen, output );
+}
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if the test failed
+ *
+ * \warning        MD2 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_md2_self_test( int verbose );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* mbedtls_md2.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/md4.h b/thirdparty/mbedtls/include/mbedtls/md4.h
new file mode 100644
index 0000000000..a2ab57f078
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/md4.h
@@ -0,0 +1,338 @@
+/**
+ * \file md4.h
+ *
+ * \brief MD4 message digest algorithm (hash function)
+ *
+ * \warning MD4 is considered a weak message digest and its use constitutes a
+ *          security risk. We recommend considering stronger message digests
+ *          instead.
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ *
+ */
+#ifndef MBEDTLS_MD4_H
+#define MBEDTLS_MD4_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+#include <stdint.h>
+
+#define MBEDTLS_ERR_MD4_HW_ACCEL_FAILED                   -0x002D  /**< MD4 hardware accelerator failed */
+
+#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
+#if !defined(MBEDTLS_MD4_ALT)
+// Regular implementation
+//
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          MD4 context structure
+ *
+ * \warning        MD4 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+typedef struct
+{
+    uint32_t total[2];          /*!< number of bytes processed  */
+    uint32_t state[4];          /*!< intermediate digest state  */
+    unsigned char buffer[64];   /*!< data block being processed */
+}
+mbedtls_md4_context;
+
+/**
+ * \brief          Initialize MD4 context
+ *
+ * \param ctx      MD4 context to be initialized
+ *
+ * \warning        MD4 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_md4_init( mbedtls_md4_context *ctx );
+
+/**
+ * \brief          Clear MD4 context
+ *
+ * \param ctx      MD4 context to be cleared
+ *
+ * \warning        MD4 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_md4_free( mbedtls_md4_context *ctx );
+
+/**
+ * \brief          Clone (the state of) an MD4 context
+ *
+ * \param dst      The destination context
+ * \param src      The context to be cloned
+ *
+ * \warning        MD4 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_md4_clone( mbedtls_md4_context *dst,
+                        const mbedtls_md4_context *src );
+
+/**
+ * \brief          MD4 context setup
+ *
+ * \param ctx      context to be initialized
+ *
+ * \return         0 if successful
+ *
+ * \warning        MD4 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ */
+int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx );
+
+/**
+ * \brief          MD4 process buffer
+ *
+ * \param ctx      MD4 context
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ *
+ * \return         0 if successful
+ *
+ * \warning        MD4 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_md4_update_ret( mbedtls_md4_context *ctx,
+                            const unsigned char *input,
+                            size_t ilen );
+
+/**
+ * \brief          MD4 final digest
+ *
+ * \param ctx      MD4 context
+ * \param output   MD4 checksum result
+ *
+ * \return         0 if successful
+ *
+ * \warning        MD4 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx,
+                            unsigned char output[16] );
+
+/**
+ * \brief          MD4 process data block (internal use only)
+ *
+ * \param ctx      MD4 context
+ * \param data     buffer holding one block of data
+ *
+ * \return         0 if successful
+ *
+ * \warning        MD4 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
+                                  const unsigned char data[64] );
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief          MD4 context setup
+ *
+ * \deprecated     Superseded by mbedtls_md4_starts_ret() in 2.7.0
+ *
+ * \param ctx      context to be initialized
+ *
+ * \warning        MD4 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_md4_starts(
+                                                    mbedtls_md4_context *ctx )
+{
+    mbedtls_md4_starts_ret( ctx );
+}
+
+/**
+ * \brief          MD4 process buffer
+ *
+ * \deprecated     Superseded by mbedtls_md4_update_ret() in 2.7.0
+ *
+ * \param ctx      MD4 context
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ *
+ * \warning        MD4 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_md4_update(
+                                                    mbedtls_md4_context *ctx,
+                                                    const unsigned char *input,
+                                                    size_t ilen )
+{
+    mbedtls_md4_update_ret( ctx, input, ilen );
+}
+
+/**
+ * \brief          MD4 final digest
+ *
+ * \deprecated     Superseded by mbedtls_md4_finish_ret() in 2.7.0
+ *
+ * \param ctx      MD4 context
+ * \param output   MD4 checksum result
+ *
+ * \warning        MD4 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_md4_finish(
+                                                    mbedtls_md4_context *ctx,
+                                                    unsigned char output[16] )
+{
+    mbedtls_md4_finish_ret( ctx, output );
+}
+
+/**
+ * \brief          MD4 process data block (internal use only)
+ *
+ * \deprecated     Superseded by mbedtls_internal_md4_process() in 2.7.0
+ *
+ * \param ctx      MD4 context
+ * \param data     buffer holding one block of data
+ *
+ * \warning        MD4 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_md4_process(
+                                                mbedtls_md4_context *ctx,
+                                                const unsigned char data[64] )
+{
+    mbedtls_internal_md4_process( ctx, data );
+}
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
+#ifdef __cplusplus
+}
+#endif
+
+#else  /* MBEDTLS_MD4_ALT */
+#include "md4_alt.h"
+#endif /* MBEDTLS_MD4_ALT */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          Output = MD4( input buffer )
+ *
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ * \param output   MD4 checksum result
+ *
+ * \return         0 if successful
+ *
+ * \warning        MD4 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_md4_ret( const unsigned char *input,
+                     size_t ilen,
+                     unsigned char output[16] );
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief          Output = MD4( input buffer )
+ *
+ * \deprecated     Superseded by mbedtls_md4_ret() in 2.7.0
+ *
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ * \param output   MD4 checksum result
+ *
+ * \warning        MD4 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_md4( const unsigned char *input,
+                                                   size_t ilen,
+                                                   unsigned char output[16] )
+{
+    mbedtls_md4_ret( input, ilen, output );
+}
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if the test failed
+ *
+ * \warning        MD4 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_md4_self_test( int verbose );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* mbedtls_md4.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/md5.h b/thirdparty/mbedtls/include/mbedtls/md5.h
new file mode 100644
index 0000000000..d49391f811
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/md5.h
@@ -0,0 +1,338 @@
+/**
+ * \file md5.h
+ *
+ * \brief MD5 message digest algorithm (hash function)
+ *
+ * \warning   MD5 is considered a weak message digest and its use constitutes a
+ *            security risk. We recommend considering stronger message
+ *            digests instead.
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_MD5_H
+#define MBEDTLS_MD5_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+#include <stdint.h>
+
+#define MBEDTLS_ERR_MD5_HW_ACCEL_FAILED                   -0x002F  /**< MD5 hardware accelerator failed */
+
+#if !defined(MBEDTLS_MD5_ALT)
+// Regular implementation
+//
+
+#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          MD5 context structure
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+typedef struct
+{
+    uint32_t total[2];          /*!< number of bytes processed  */
+    uint32_t state[4];          /*!< intermediate digest state  */
+    unsigned char buffer[64];   /*!< data block being processed */
+}
+mbedtls_md5_context;
+
+/**
+ * \brief          Initialize MD5 context
+ *
+ * \param ctx      MD5 context to be initialized
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_md5_init( mbedtls_md5_context *ctx );
+
+/**
+ * \brief          Clear MD5 context
+ *
+ * \param ctx      MD5 context to be cleared
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_md5_free( mbedtls_md5_context *ctx );
+
+/**
+ * \brief          Clone (the state of) an MD5 context
+ *
+ * \param dst      The destination context
+ * \param src      The context to be cloned
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_md5_clone( mbedtls_md5_context *dst,
+                        const mbedtls_md5_context *src );
+
+/**
+ * \brief          MD5 context setup
+ *
+ * \param ctx      context to be initialized
+ *
+ * \return         0 if successful
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx );
+
+/**
+ * \brief          MD5 process buffer
+ *
+ * \param ctx      MD5 context
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ *
+ * \return         0 if successful
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_md5_update_ret( mbedtls_md5_context *ctx,
+                            const unsigned char *input,
+                            size_t ilen );
+
+/**
+ * \brief          MD5 final digest
+ *
+ * \param ctx      MD5 context
+ * \param output   MD5 checksum result
+ *
+ * \return         0 if successful
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx,
+                            unsigned char output[16] );
+
+/**
+ * \brief          MD5 process data block (internal use only)
+ *
+ * \param ctx      MD5 context
+ * \param data     buffer holding one block of data
+ *
+ * \return         0 if successful
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_internal_md5_process( mbedtls_md5_context *ctx,
+                                  const unsigned char data[64] );
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief          MD5 context setup
+ *
+ * \deprecated     Superseded by mbedtls_md5_starts_ret() in 2.7.0
+ *
+ * \param ctx      context to be initialized
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_md5_starts(
+                                                    mbedtls_md5_context *ctx )
+{
+    mbedtls_md5_starts_ret( ctx );
+}
+
+/**
+ * \brief          MD5 process buffer
+ *
+ * \deprecated     Superseded by mbedtls_md5_update_ret() in 2.7.0
+ *
+ * \param ctx      MD5 context
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_md5_update(
+                                                    mbedtls_md5_context *ctx,
+                                                    const unsigned char *input,
+                                                    size_t ilen )
+{
+    mbedtls_md5_update_ret( ctx, input, ilen );
+}
+
+/**
+ * \brief          MD5 final digest
+ *
+ * \deprecated     Superseded by mbedtls_md5_finish_ret() in 2.7.0
+ *
+ * \param ctx      MD5 context
+ * \param output   MD5 checksum result
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_md5_finish(
+                                                    mbedtls_md5_context *ctx,
+                                                    unsigned char output[16] )
+{
+    mbedtls_md5_finish_ret( ctx, output );
+}
+
+/**
+ * \brief          MD5 process data block (internal use only)
+ *
+ * \deprecated     Superseded by mbedtls_internal_md5_process() in 2.7.0
+ *
+ * \param ctx      MD5 context
+ * \param data     buffer holding one block of data
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_md5_process(
+                                                mbedtls_md5_context *ctx,
+                                                const unsigned char data[64] )
+{
+    mbedtls_internal_md5_process( ctx, data );
+}
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
+#ifdef __cplusplus
+}
+#endif
+
+#else  /* MBEDTLS_MD5_ALT */
+#include "md5_alt.h"
+#endif /* MBEDTLS_MD5_ALT */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          Output = MD5( input buffer )
+ *
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ * \param output   MD5 checksum result
+ *
+ * \return         0 if successful
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_md5_ret( const unsigned char *input,
+                     size_t ilen,
+                     unsigned char output[16] );
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief          Output = MD5( input buffer )
+ *
+ * \deprecated     Superseded by mbedtls_md5_ret() in 2.7.0
+ *
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ * \param output   MD5 checksum result
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_md5( const unsigned char *input,
+                                                   size_t ilen,
+                                                   unsigned char output[16] )
+{
+    mbedtls_md5_ret( input, ilen, output );
+}
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if the test failed
+ *
+ * \warning        MD5 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_md5_self_test( int verbose );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* mbedtls_md5.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/md_internal.h b/thirdparty/mbedtls/include/mbedtls/md_internal.h
new file mode 100644
index 0000000000..04de482918
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/md_internal.h
@@ -0,0 +1,115 @@
+/**
+ * \file md_internal.h
+ *
+ * \brief Message digest wrappers.
+ *
+ * \warning This in an internal header. Do not include directly.
+ *
+ * \author Adriaan de Jong <dejong@fox-it.com>
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_MD_WRAP_H
+#define MBEDTLS_MD_WRAP_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "md.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * Message digest information.
+ * Allows message digest functions to be called in a generic way.
+ */
+struct mbedtls_md_info_t
+{
+    /** Digest identifier */
+    mbedtls_md_type_t type;
+
+    /** Name of the message digest */
+    const char * name;
+
+    /** Output length of the digest function in bytes */
+    int size;
+
+    /** Block length of the digest function in bytes */
+    int block_size;
+
+    /** Digest initialisation function */
+    int (*starts_func)( void *ctx );
+
+    /** Digest update function */
+    int (*update_func)( void *ctx, const unsigned char *input, size_t ilen );
+
+    /** Digest finalisation function */
+    int (*finish_func)( void *ctx, unsigned char *output );
+
+    /** Generic digest function */
+    int (*digest_func)( const unsigned char *input, size_t ilen,
+                        unsigned char *output );
+
+    /** Allocate a new context */
+    void * (*ctx_alloc_func)( void );
+
+    /** Free the given context */
+    void (*ctx_free_func)( void *ctx );
+
+    /** Clone state from a context */
+    void (*clone_func)( void *dst, const void *src );
+
+    /** Internal use only */
+    int (*process_func)( void *ctx, const unsigned char *input );
+};
+
+#if defined(MBEDTLS_MD2_C)
+extern const mbedtls_md_info_t mbedtls_md2_info;
+#endif
+#if defined(MBEDTLS_MD4_C)
+extern const mbedtls_md_info_t mbedtls_md4_info;
+#endif
+#if defined(MBEDTLS_MD5_C)
+extern const mbedtls_md_info_t mbedtls_md5_info;
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+extern const mbedtls_md_info_t mbedtls_ripemd160_info;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+extern const mbedtls_md_info_t mbedtls_sha1_info;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+extern const mbedtls_md_info_t mbedtls_sha224_info;
+extern const mbedtls_md_info_t mbedtls_sha256_info;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+extern const mbedtls_md_info_t mbedtls_sha384_info;
+extern const mbedtls_md_info_t mbedtls_sha512_info;
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_MD_WRAP_H */
diff --git a/thirdparty/mbedtls/include/mbedtls/memory_buffer_alloc.h b/thirdparty/mbedtls/include/mbedtls/memory_buffer_alloc.h
new file mode 100644
index 0000000000..705f9a6369
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/memory_buffer_alloc.h
@@ -0,0 +1,151 @@
+/**
+ * \file memory_buffer_alloc.h
+ *
+ * \brief Buffer-based memory allocator
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_MEMORY_BUFFER_ALLOC_H
+#define MBEDTLS_MEMORY_BUFFER_ALLOC_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+
+/**
+ * \name SECTION: Module settings
+ *
+ * The configuration options you can set for this module are in this section.
+ * Either change them in config.h or define them on the compiler command line.
+ * \{
+ */
+
+#if !defined(MBEDTLS_MEMORY_ALIGN_MULTIPLE)
+#define MBEDTLS_MEMORY_ALIGN_MULTIPLE       4 /**< Align on multiples of this value */
+#endif
+
+/* \} name SECTION: Module settings */
+
+#define MBEDTLS_MEMORY_VERIFY_NONE         0
+#define MBEDTLS_MEMORY_VERIFY_ALLOC        (1 << 0)
+#define MBEDTLS_MEMORY_VERIFY_FREE         (1 << 1)
+#define MBEDTLS_MEMORY_VERIFY_ALWAYS       (MBEDTLS_MEMORY_VERIFY_ALLOC | MBEDTLS_MEMORY_VERIFY_FREE)
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief   Initialize use of stack-based memory allocator.
+ *          The stack-based allocator does memory management inside the
+ *          presented buffer and does not call calloc() and free().
+ *          It sets the global mbedtls_calloc() and mbedtls_free() pointers
+ *          to its own functions.
+ *          (Provided mbedtls_calloc() and mbedtls_free() are thread-safe if
+ *           MBEDTLS_THREADING_C is defined)
+ *
+ * \note    This code is not optimized and provides a straight-forward
+ *          implementation of a stack-based memory allocator.
+ *
+ * \param buf   buffer to use as heap
+ * \param len   size of the buffer
+ */
+void mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len );
+
+/**
+ * \brief   Free the mutex for thread-safety and clear remaining memory
+ */
+void mbedtls_memory_buffer_alloc_free( void );
+
+/**
+ * \brief   Determine when the allocator should automatically verify the state
+ *          of the entire chain of headers / meta-data.
+ *          (Default: MBEDTLS_MEMORY_VERIFY_NONE)
+ *
+ * \param verify    One of MBEDTLS_MEMORY_VERIFY_NONE, MBEDTLS_MEMORY_VERIFY_ALLOC,
+ *                  MBEDTLS_MEMORY_VERIFY_FREE or MBEDTLS_MEMORY_VERIFY_ALWAYS
+ */
+void mbedtls_memory_buffer_set_verify( int verify );
+
+#if defined(MBEDTLS_MEMORY_DEBUG)
+/**
+ * \brief   Print out the status of the allocated memory (primarily for use
+ *          after a program should have de-allocated all memory)
+ *          Prints out a list of 'still allocated' blocks and their stack
+ *          trace if MBEDTLS_MEMORY_BACKTRACE is defined.
+ */
+void mbedtls_memory_buffer_alloc_status( void );
+
+/**
+ * \brief   Get the peak heap usage so far
+ *
+ * \param max_used      Peak number of bytes in use or committed. This
+ *                      includes bytes in allocated blocks too small to split
+ *                      into smaller blocks but larger than the requested size.
+ * \param max_blocks    Peak number of blocks in use, including free and used
+ */
+void mbedtls_memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks );
+
+/**
+ * \brief   Reset peak statistics
+ */
+void mbedtls_memory_buffer_alloc_max_reset( void );
+
+/**
+ * \brief   Get the current heap usage
+ *
+ * \param cur_used      Current number of bytes in use or committed. This
+ *                      includes bytes in allocated blocks too small to split
+ *                      into smaller blocks but larger than the requested size.
+ * \param cur_blocks    Current number of blocks in use, including free and used
+ */
+void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks );
+#endif /* MBEDTLS_MEMORY_DEBUG */
+
+/**
+ * \brief   Verifies that all headers in the memory buffer are correct
+ *          and contain sane values. Helps debug buffer-overflow errors.
+ *
+ *          Prints out first failure if MBEDTLS_MEMORY_DEBUG is defined.
+ *          Prints out full header information if MBEDTLS_MEMORY_DEBUG
+ *          is defined. (Includes stack trace information for each block if
+ *          MBEDTLS_MEMORY_BACKTRACE is defined as well).
+ *
+ * \return             0 if verified, 1 otherwise
+ */
+int mbedtls_memory_buffer_alloc_verify( void );
+
+#if defined(MBEDTLS_SELF_TEST)
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if a test failed
+ */
+int mbedtls_memory_buffer_alloc_self_test( int verbose );
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* memory_buffer_alloc.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/net.h b/thirdparty/mbedtls/include/mbedtls/net.h
new file mode 100644
index 0000000000..28ae8217c0
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/net.h
@@ -0,0 +1,32 @@
+/**
+ * \file net.h
+ *
+ * \brief Deprecated header file that includes mbedtls/net_sockets.h
+ *
+ * \deprecated Superseded by mbedtls/net_sockets.h
+ */
+/*
+ *  Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#include "mbedtls/net_sockets.h"
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#warning "Deprecated header file: Superseded by mbedtls/net_sockets.h"
+#endif /* MBEDTLS_DEPRECATED_WARNING */
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
diff --git a/thirdparty/mbedtls/include/mbedtls/net_sockets.h b/thirdparty/mbedtls/include/mbedtls/net_sockets.h
new file mode 100644
index 0000000000..54e612cc5e
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/net_sockets.h
@@ -0,0 +1,226 @@
+/**
+ * \file net_sockets.h
+ *
+ * \brief Network communication functions
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_NET_SOCKETS_H
+#define MBEDTLS_NET_SOCKETS_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "ssl.h"
+
+#include <stddef.h>
+#include <stdint.h>
+
+#define MBEDTLS_ERR_NET_SOCKET_FAILED                     -0x0042  /**< Failed to open a socket. */
+#define MBEDTLS_ERR_NET_CONNECT_FAILED                    -0x0044  /**< The connection to the given server / port failed. */
+#define MBEDTLS_ERR_NET_BIND_FAILED                       -0x0046  /**< Binding of the socket failed. */
+#define MBEDTLS_ERR_NET_LISTEN_FAILED                     -0x0048  /**< Could not listen on the socket. */
+#define MBEDTLS_ERR_NET_ACCEPT_FAILED                     -0x004A  /**< Could not accept the incoming connection. */
+#define MBEDTLS_ERR_NET_RECV_FAILED                       -0x004C  /**< Reading information from the socket failed. */
+#define MBEDTLS_ERR_NET_SEND_FAILED                       -0x004E  /**< Sending information through the socket failed. */
+#define MBEDTLS_ERR_NET_CONN_RESET                        -0x0050  /**< Connection was reset by peer. */
+#define MBEDTLS_ERR_NET_UNKNOWN_HOST                      -0x0052  /**< Failed to get an IP address for the given hostname. */
+#define MBEDTLS_ERR_NET_BUFFER_TOO_SMALL                  -0x0043  /**< Buffer is too small to hold the data. */
+#define MBEDTLS_ERR_NET_INVALID_CONTEXT                   -0x0045  /**< The context is invalid, eg because it was free()ed. */
+
+#define MBEDTLS_NET_LISTEN_BACKLOG         10 /**< The backlog that listen() should use. */
+
+#define MBEDTLS_NET_PROTO_TCP 0 /**< The TCP transport protocol */
+#define MBEDTLS_NET_PROTO_UDP 1 /**< The UDP transport protocol */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * Wrapper type for sockets.
+ *
+ * Currently backed by just a file descriptor, but might be more in the future
+ * (eg two file descriptors for combined IPv4 + IPv6 support, or additional
+ * structures for hand-made UDP demultiplexing).
+ */
+typedef struct
+{
+    int fd;             /**< The underlying file descriptor                 */
+}
+mbedtls_net_context;
+
+/**
+ * \brief          Initialize a context
+ *                 Just makes the context ready to be used or freed safely.
+ *
+ * \param ctx      Context to initialize
+ */
+void mbedtls_net_init( mbedtls_net_context *ctx );
+
+/**
+ * \brief          Initiate a connection with host:port in the given protocol
+ *
+ * \param ctx      Socket to use
+ * \param host     Host to connect to
+ * \param port     Port to connect to
+ * \param proto    Protocol: MBEDTLS_NET_PROTO_TCP or MBEDTLS_NET_PROTO_UDP
+ *
+ * \return         0 if successful, or one of:
+ *                      MBEDTLS_ERR_NET_SOCKET_FAILED,
+ *                      MBEDTLS_ERR_NET_UNKNOWN_HOST,
+ *                      MBEDTLS_ERR_NET_CONNECT_FAILED
+ *
+ * \note           Sets the socket in connected mode even with UDP.
+ */
+int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char *port, int proto );
+
+/**
+ * \brief          Create a receiving socket on bind_ip:port in the chosen
+ *                 protocol. If bind_ip == NULL, all interfaces are bound.
+ *
+ * \param ctx      Socket to use
+ * \param bind_ip  IP to bind to, can be NULL
+ * \param port     Port number to use
+ * \param proto    Protocol: MBEDTLS_NET_PROTO_TCP or MBEDTLS_NET_PROTO_UDP
+ *
+ * \return         0 if successful, or one of:
+ *                      MBEDTLS_ERR_NET_SOCKET_FAILED,
+ *                      MBEDTLS_ERR_NET_BIND_FAILED,
+ *                      MBEDTLS_ERR_NET_LISTEN_FAILED
+ *
+ * \note           Regardless of the protocol, opens the sockets and binds it.
+ *                 In addition, make the socket listening if protocol is TCP.
+ */
+int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto );
+
+/**
+ * \brief           Accept a connection from a remote client
+ *
+ * \param bind_ctx  Relevant socket
+ * \param client_ctx Will contain the connected client socket
+ * \param client_ip Will contain the client IP address
+ * \param buf_size  Size of the client_ip buffer
+ * \param ip_len    Will receive the size of the client IP written
+ *
+ * \return          0 if successful, or
+ *                  MBEDTLS_ERR_NET_ACCEPT_FAILED, or
+ *                  MBEDTLS_ERR_NET_BUFFER_TOO_SMALL if buf_size is too small,
+ *                  MBEDTLS_ERR_SSL_WANT_READ if bind_fd was set to
+ *                  non-blocking and accept() would block.
+ */
+int mbedtls_net_accept( mbedtls_net_context *bind_ctx,
+                        mbedtls_net_context *client_ctx,
+                        void *client_ip, size_t buf_size, size_t *ip_len );
+
+/**
+ * \brief          Set the socket blocking
+ *
+ * \param ctx      Socket to set
+ *
+ * \return         0 if successful, or a non-zero error code
+ */
+int mbedtls_net_set_block( mbedtls_net_context *ctx );
+
+/**
+ * \brief          Set the socket non-blocking
+ *
+ * \param ctx      Socket to set
+ *
+ * \return         0 if successful, or a non-zero error code
+ */
+int mbedtls_net_set_nonblock( mbedtls_net_context *ctx );
+
+/**
+ * \brief          Portable usleep helper
+ *
+ * \param usec     Amount of microseconds to sleep
+ *
+ * \note           Real amount of time slept will not be less than
+ *                 select()'s timeout granularity (typically, 10ms).
+ */
+void mbedtls_net_usleep( unsigned long usec );
+
+/**
+ * \brief          Read at most 'len' characters. If no error occurs,
+ *                 the actual amount read is returned.
+ *
+ * \param ctx      Socket
+ * \param buf      The buffer to write to
+ * \param len      Maximum length of the buffer
+ *
+ * \return         the number of bytes received,
+ *                 or a non-zero error code; with a non-blocking socket,
+ *                 MBEDTLS_ERR_SSL_WANT_READ indicates read() would block.
+ */
+int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len );
+
+/**
+ * \brief          Write at most 'len' characters. If no error occurs,
+ *                 the actual amount read is returned.
+ *
+ * \param ctx      Socket
+ * \param buf      The buffer to read from
+ * \param len      The length of the buffer
+ *
+ * \return         the number of bytes sent,
+ *                 or a non-zero error code; with a non-blocking socket,
+ *                 MBEDTLS_ERR_SSL_WANT_WRITE indicates write() would block.
+ */
+int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len );
+
+/**
+ * \brief          Read at most 'len' characters, blocking for at most
+ *                 'timeout' seconds. If no error occurs, the actual amount
+ *                 read is returned.
+ *
+ * \param ctx      Socket
+ * \param buf      The buffer to write to
+ * \param len      Maximum length of the buffer
+ * \param timeout  Maximum number of milliseconds to wait for data
+ *                 0 means no timeout (wait forever)
+ *
+ * \return         the number of bytes received,
+ *                 or a non-zero error code:
+ *                 MBEDTLS_ERR_SSL_TIMEOUT if the operation timed out,
+ *                 MBEDTLS_ERR_SSL_WANT_READ if interrupted by a signal.
+ *
+ * \note           This function will block (until data becomes available or
+ *                 timeout is reached) even if the socket is set to
+ *                 non-blocking. Handling timeouts with non-blocking reads
+ *                 requires a different strategy.
+ */
+int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, size_t len,
+                      uint32_t timeout );
+
+/**
+ * \brief          Gracefully shutdown the connection and free associated data
+ *
+ * \param ctx      The context to free
+ */
+void mbedtls_net_free( mbedtls_net_context *ctx );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* net_sockets.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/oid.h b/thirdparty/mbedtls/include/mbedtls/oid.h
new file mode 100644
index 0000000000..bf2ef5ece4
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/oid.h
@@ -0,0 +1,571 @@
+/**
+ * \file oid.h
+ *
+ * \brief Object Identifier (OID) database
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_OID_H
+#define MBEDTLS_OID_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "asn1.h"
+#include "pk.h"
+
+#include <stddef.h>
+
+#if defined(MBEDTLS_CIPHER_C)
+#include "cipher.h"
+#endif
+
+#if defined(MBEDTLS_MD_C)
+#include "md.h"
+#endif
+
+#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
+#include "x509.h"
+#endif
+
+#define MBEDTLS_ERR_OID_NOT_FOUND                         -0x002E  /**< OID is not found. */
+#define MBEDTLS_ERR_OID_BUF_TOO_SMALL                     -0x000B  /**< output buffer is too small */
+
+/*
+ * Top level OID tuples
+ */
+#define MBEDTLS_OID_ISO_MEMBER_BODIES           "\x2a"          /* {iso(1) member-body(2)} */
+#define MBEDTLS_OID_ISO_IDENTIFIED_ORG          "\x2b"          /* {iso(1) identified-organization(3)} */
+#define MBEDTLS_OID_ISO_CCITT_DS                "\x55"          /* {joint-iso-ccitt(2) ds(5)} */
+#define MBEDTLS_OID_ISO_ITU_COUNTRY             "\x60"          /* {joint-iso-itu-t(2) country(16)} */
+
+/*
+ * ISO Member bodies OID parts
+ */
+#define MBEDTLS_OID_COUNTRY_US                  "\x86\x48"      /* {us(840)} */
+#define MBEDTLS_OID_ORG_RSA_DATA_SECURITY       "\x86\xf7\x0d"  /* {rsadsi(113549)} */
+#define MBEDTLS_OID_RSA_COMPANY                 MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US \
+                                        MBEDTLS_OID_ORG_RSA_DATA_SECURITY /* {iso(1) member-body(2) us(840) rsadsi(113549)} */
+#define MBEDTLS_OID_ORG_ANSI_X9_62              "\xce\x3d" /* ansi-X9-62(10045) */
+#define MBEDTLS_OID_ANSI_X9_62                  MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US \
+                                        MBEDTLS_OID_ORG_ANSI_X9_62
+
+/*
+ * ISO Identified organization OID parts
+ */
+#define MBEDTLS_OID_ORG_DOD                     "\x06"          /* {dod(6)} */
+#define MBEDTLS_OID_ORG_OIW                     "\x0e"
+#define MBEDTLS_OID_OIW_SECSIG                  MBEDTLS_OID_ORG_OIW "\x03"
+#define MBEDTLS_OID_OIW_SECSIG_ALG              MBEDTLS_OID_OIW_SECSIG "\x02"
+#define MBEDTLS_OID_OIW_SECSIG_SHA1             MBEDTLS_OID_OIW_SECSIG_ALG "\x1a"
+#define MBEDTLS_OID_ORG_CERTICOM                "\x81\x04"  /* certicom(132) */
+#define MBEDTLS_OID_CERTICOM                    MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_CERTICOM
+#define MBEDTLS_OID_ORG_TELETRUST               "\x24" /* teletrust(36) */
+#define MBEDTLS_OID_TELETRUST                   MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_TELETRUST
+
+/*
+ * ISO ITU OID parts
+ */
+#define MBEDTLS_OID_ORGANIZATION                "\x01"          /* {organization(1)} */
+#define MBEDTLS_OID_ISO_ITU_US_ORG              MBEDTLS_OID_ISO_ITU_COUNTRY MBEDTLS_OID_COUNTRY_US MBEDTLS_OID_ORGANIZATION /* {joint-iso-itu-t(2) country(16) us(840) organization(1)} */
+
+#define MBEDTLS_OID_ORG_GOV                     "\x65"          /* {gov(101)} */
+#define MBEDTLS_OID_GOV                         MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ORG_GOV /* {joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101)} */
+
+#define MBEDTLS_OID_ORG_NETSCAPE                "\x86\xF8\x42"  /* {netscape(113730)} */
+#define MBEDTLS_OID_NETSCAPE                    MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ORG_NETSCAPE /* Netscape OID {joint-iso-itu-t(2) country(16) us(840) organization(1) netscape(113730)} */
+
+/* ISO arc for standard certificate and CRL extensions */
+#define MBEDTLS_OID_ID_CE                       MBEDTLS_OID_ISO_CCITT_DS "\x1D" /**< id-ce OBJECT IDENTIFIER  ::=  {joint-iso-ccitt(2) ds(5) 29} */
+
+/**
+ * Private Internet Extensions
+ * { iso(1) identified-organization(3) dod(6) internet(1)
+ *                      security(5) mechanisms(5) pkix(7) }
+ */
+#define MBEDTLS_OID_PKIX                        MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_DOD "\x01\x05\x05\x07"
+
+/*
+ * Arc for standard naming attributes
+ */
+#define MBEDTLS_OID_AT                          MBEDTLS_OID_ISO_CCITT_DS "\x04" /**< id-at OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 4} */
+#define MBEDTLS_OID_AT_CN                       MBEDTLS_OID_AT "\x03" /**< id-at-commonName AttributeType:= {id-at 3} */
+#define MBEDTLS_OID_AT_SUR_NAME                 MBEDTLS_OID_AT "\x04" /**< id-at-surName AttributeType:= {id-at 4} */
+#define MBEDTLS_OID_AT_SERIAL_NUMBER            MBEDTLS_OID_AT "\x05" /**< id-at-serialNumber AttributeType:= {id-at 5} */
+#define MBEDTLS_OID_AT_COUNTRY                  MBEDTLS_OID_AT "\x06" /**< id-at-countryName AttributeType:= {id-at 6} */
+#define MBEDTLS_OID_AT_LOCALITY                 MBEDTLS_OID_AT "\x07" /**< id-at-locality AttributeType:= {id-at 7} */
+#define MBEDTLS_OID_AT_STATE                    MBEDTLS_OID_AT "\x08" /**< id-at-state AttributeType:= {id-at 8} */
+#define MBEDTLS_OID_AT_ORGANIZATION             MBEDTLS_OID_AT "\x0A" /**< id-at-organizationName AttributeType:= {id-at 10} */
+#define MBEDTLS_OID_AT_ORG_UNIT                 MBEDTLS_OID_AT "\x0B" /**< id-at-organizationalUnitName AttributeType:= {id-at 11} */
+#define MBEDTLS_OID_AT_TITLE                    MBEDTLS_OID_AT "\x0C" /**< id-at-title AttributeType:= {id-at 12} */
+#define MBEDTLS_OID_AT_POSTAL_ADDRESS           MBEDTLS_OID_AT "\x10" /**< id-at-postalAddress AttributeType:= {id-at 16} */
+#define MBEDTLS_OID_AT_POSTAL_CODE              MBEDTLS_OID_AT "\x11" /**< id-at-postalCode AttributeType:= {id-at 17} */
+#define MBEDTLS_OID_AT_GIVEN_NAME               MBEDTLS_OID_AT "\x2A" /**< id-at-givenName AttributeType:= {id-at 42} */
+#define MBEDTLS_OID_AT_INITIALS                 MBEDTLS_OID_AT "\x2B" /**< id-at-initials AttributeType:= {id-at 43} */
+#define MBEDTLS_OID_AT_GENERATION_QUALIFIER     MBEDTLS_OID_AT "\x2C" /**< id-at-generationQualifier AttributeType:= {id-at 44} */
+#define MBEDTLS_OID_AT_UNIQUE_IDENTIFIER        MBEDTLS_OID_AT "\x2D" /**< id-at-uniqueIdentifier AttributType:= {id-at 45} */
+#define MBEDTLS_OID_AT_DN_QUALIFIER             MBEDTLS_OID_AT "\x2E" /**< id-at-dnQualifier AttributeType:= {id-at 46} */
+#define MBEDTLS_OID_AT_PSEUDONYM                MBEDTLS_OID_AT "\x41" /**< id-at-pseudonym AttributeType:= {id-at 65} */
+
+#define MBEDTLS_OID_DOMAIN_COMPONENT            "\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x19" /** id-domainComponent AttributeType:= {itu-t(0) data(9) pss(2342) ucl(19200300) pilot(100) pilotAttributeType(1) domainComponent(25)} */
+
+/*
+ * OIDs for standard certificate extensions
+ */
+#define MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER    MBEDTLS_OID_ID_CE "\x23" /**< id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::=  { id-ce 35 } */
+#define MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER      MBEDTLS_OID_ID_CE "\x0E" /**< id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::=  { id-ce 14 } */
+#define MBEDTLS_OID_KEY_USAGE                   MBEDTLS_OID_ID_CE "\x0F" /**< id-ce-keyUsage OBJECT IDENTIFIER ::=  { id-ce 15 } */
+#define MBEDTLS_OID_CERTIFICATE_POLICIES        MBEDTLS_OID_ID_CE "\x20" /**< id-ce-certificatePolicies OBJECT IDENTIFIER ::=  { id-ce 32 } */
+#define MBEDTLS_OID_POLICY_MAPPINGS             MBEDTLS_OID_ID_CE "\x21" /**< id-ce-policyMappings OBJECT IDENTIFIER ::=  { id-ce 33 } */
+#define MBEDTLS_OID_SUBJECT_ALT_NAME            MBEDTLS_OID_ID_CE "\x11" /**< id-ce-subjectAltName OBJECT IDENTIFIER ::=  { id-ce 17 } */
+#define MBEDTLS_OID_ISSUER_ALT_NAME             MBEDTLS_OID_ID_CE "\x12" /**< id-ce-issuerAltName OBJECT IDENTIFIER ::=  { id-ce 18 } */
+#define MBEDTLS_OID_SUBJECT_DIRECTORY_ATTRS     MBEDTLS_OID_ID_CE "\x09" /**< id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::=  { id-ce 9 } */
+#define MBEDTLS_OID_BASIC_CONSTRAINTS           MBEDTLS_OID_ID_CE "\x13" /**< id-ce-basicConstraints OBJECT IDENTIFIER ::=  { id-ce 19 } */
+#define MBEDTLS_OID_NAME_CONSTRAINTS            MBEDTLS_OID_ID_CE "\x1E" /**< id-ce-nameConstraints OBJECT IDENTIFIER ::=  { id-ce 30 } */
+#define MBEDTLS_OID_POLICY_CONSTRAINTS          MBEDTLS_OID_ID_CE "\x24" /**< id-ce-policyConstraints OBJECT IDENTIFIER ::=  { id-ce 36 } */
+#define MBEDTLS_OID_EXTENDED_KEY_USAGE          MBEDTLS_OID_ID_CE "\x25" /**< id-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-ce 37 } */
+#define MBEDTLS_OID_CRL_DISTRIBUTION_POINTS     MBEDTLS_OID_ID_CE "\x1F" /**< id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::=  { id-ce 31 } */
+#define MBEDTLS_OID_INIHIBIT_ANYPOLICY          MBEDTLS_OID_ID_CE "\x36" /**< id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::=  { id-ce 54 } */
+#define MBEDTLS_OID_FRESHEST_CRL                MBEDTLS_OID_ID_CE "\x2E" /**< id-ce-freshestCRL OBJECT IDENTIFIER ::=  { id-ce 46 } */
+
+/*
+ * Netscape certificate extensions
+ */
+#define MBEDTLS_OID_NS_CERT                 MBEDTLS_OID_NETSCAPE "\x01"
+#define MBEDTLS_OID_NS_CERT_TYPE            MBEDTLS_OID_NS_CERT  "\x01"
+#define MBEDTLS_OID_NS_BASE_URL             MBEDTLS_OID_NS_CERT  "\x02"
+#define MBEDTLS_OID_NS_REVOCATION_URL       MBEDTLS_OID_NS_CERT  "\x03"
+#define MBEDTLS_OID_NS_CA_REVOCATION_URL    MBEDTLS_OID_NS_CERT  "\x04"
+#define MBEDTLS_OID_NS_RENEWAL_URL          MBEDTLS_OID_NS_CERT  "\x07"
+#define MBEDTLS_OID_NS_CA_POLICY_URL        MBEDTLS_OID_NS_CERT  "\x08"
+#define MBEDTLS_OID_NS_SSL_SERVER_NAME      MBEDTLS_OID_NS_CERT  "\x0C"
+#define MBEDTLS_OID_NS_COMMENT              MBEDTLS_OID_NS_CERT  "\x0D"
+#define MBEDTLS_OID_NS_DATA_TYPE            MBEDTLS_OID_NETSCAPE "\x02"
+#define MBEDTLS_OID_NS_CERT_SEQUENCE        MBEDTLS_OID_NS_DATA_TYPE "\x05"
+
+/*
+ * OIDs for CRL extensions
+ */
+#define MBEDTLS_OID_PRIVATE_KEY_USAGE_PERIOD    MBEDTLS_OID_ID_CE "\x10"
+#define MBEDTLS_OID_CRL_NUMBER                  MBEDTLS_OID_ID_CE "\x14" /**< id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 } */
+
+/*
+ * X.509 v3 Extended key usage OIDs
+ */
+#define MBEDTLS_OID_ANY_EXTENDED_KEY_USAGE      MBEDTLS_OID_EXTENDED_KEY_USAGE "\x00" /**< anyExtendedKeyUsage OBJECT IDENTIFIER ::= { id-ce-extKeyUsage 0 } */
+
+#define MBEDTLS_OID_KP                          MBEDTLS_OID_PKIX "\x03" /**< id-kp OBJECT IDENTIFIER ::= { id-pkix 3 } */
+#define MBEDTLS_OID_SERVER_AUTH                 MBEDTLS_OID_KP "\x01" /**< id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 } */
+#define MBEDTLS_OID_CLIENT_AUTH                 MBEDTLS_OID_KP "\x02" /**< id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 } */
+#define MBEDTLS_OID_CODE_SIGNING                MBEDTLS_OID_KP "\x03" /**< id-kp-codeSigning OBJECT IDENTIFIER ::= { id-kp 3 } */
+#define MBEDTLS_OID_EMAIL_PROTECTION            MBEDTLS_OID_KP "\x04" /**< id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 } */
+#define MBEDTLS_OID_TIME_STAMPING               MBEDTLS_OID_KP "\x08" /**< id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 } */
+#define MBEDTLS_OID_OCSP_SIGNING                MBEDTLS_OID_KP "\x09" /**< id-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-kp 9 } */
+
+/*
+ * PKCS definition OIDs
+ */
+
+#define MBEDTLS_OID_PKCS                MBEDTLS_OID_RSA_COMPANY "\x01" /**< pkcs OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) 1 } */
+#define MBEDTLS_OID_PKCS1               MBEDTLS_OID_PKCS "\x01" /**< pkcs-1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 } */
+#define MBEDTLS_OID_PKCS5               MBEDTLS_OID_PKCS "\x05" /**< pkcs-5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 5 } */
+#define MBEDTLS_OID_PKCS9               MBEDTLS_OID_PKCS "\x09" /**< pkcs-9 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 } */
+#define MBEDTLS_OID_PKCS12              MBEDTLS_OID_PKCS "\x0c" /**< pkcs-12 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 12 } */
+
+/*
+ * PKCS#1 OIDs
+ */
+#define MBEDTLS_OID_PKCS1_RSA           MBEDTLS_OID_PKCS1 "\x01" /**< rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } */
+#define MBEDTLS_OID_PKCS1_MD2           MBEDTLS_OID_PKCS1 "\x02" /**< md2WithRSAEncryption ::= { pkcs-1 2 } */
+#define MBEDTLS_OID_PKCS1_MD4           MBEDTLS_OID_PKCS1 "\x03" /**< md4WithRSAEncryption ::= { pkcs-1 3 } */
+#define MBEDTLS_OID_PKCS1_MD5           MBEDTLS_OID_PKCS1 "\x04" /**< md5WithRSAEncryption ::= { pkcs-1 4 } */
+#define MBEDTLS_OID_PKCS1_SHA1          MBEDTLS_OID_PKCS1 "\x05" /**< sha1WithRSAEncryption ::= { pkcs-1 5 } */
+#define MBEDTLS_OID_PKCS1_SHA224        MBEDTLS_OID_PKCS1 "\x0e" /**< sha224WithRSAEncryption ::= { pkcs-1 14 } */
+#define MBEDTLS_OID_PKCS1_SHA256        MBEDTLS_OID_PKCS1 "\x0b" /**< sha256WithRSAEncryption ::= { pkcs-1 11 } */
+#define MBEDTLS_OID_PKCS1_SHA384        MBEDTLS_OID_PKCS1 "\x0c" /**< sha384WithRSAEncryption ::= { pkcs-1 12 } */
+#define MBEDTLS_OID_PKCS1_SHA512        MBEDTLS_OID_PKCS1 "\x0d" /**< sha512WithRSAEncryption ::= { pkcs-1 13 } */
+
+#define MBEDTLS_OID_RSA_SHA_OBS         "\x2B\x0E\x03\x02\x1D"
+
+#define MBEDTLS_OID_PKCS9_EMAIL         MBEDTLS_OID_PKCS9 "\x01" /**< emailAddress AttributeType ::= { pkcs-9 1 } */
+
+/* RFC 4055 */
+#define MBEDTLS_OID_RSASSA_PSS          MBEDTLS_OID_PKCS1 "\x0a" /**< id-RSASSA-PSS ::= { pkcs-1 10 } */
+#define MBEDTLS_OID_MGF1                MBEDTLS_OID_PKCS1 "\x08" /**< id-mgf1 ::= { pkcs-1 8 } */
+
+/*
+ * Digest algorithms
+ */
+#define MBEDTLS_OID_DIGEST_ALG_MD2              MBEDTLS_OID_RSA_COMPANY "\x02\x02" /**< id-mbedtls_md2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 2 } */
+#define MBEDTLS_OID_DIGEST_ALG_MD4              MBEDTLS_OID_RSA_COMPANY "\x02\x04" /**< id-mbedtls_md4 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 4 } */
+#define MBEDTLS_OID_DIGEST_ALG_MD5              MBEDTLS_OID_RSA_COMPANY "\x02\x05" /**< id-mbedtls_md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } */
+#define MBEDTLS_OID_DIGEST_ALG_SHA1             MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_SHA1 /**< id-mbedtls_sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */
+#define MBEDTLS_OID_DIGEST_ALG_SHA224           MBEDTLS_OID_GOV "\x03\x04\x02\x04" /**< id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 4 } */
+#define MBEDTLS_OID_DIGEST_ALG_SHA256           MBEDTLS_OID_GOV "\x03\x04\x02\x01" /**< id-mbedtls_sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 1 } */
+
+#define MBEDTLS_OID_DIGEST_ALG_SHA384           MBEDTLS_OID_GOV "\x03\x04\x02\x02" /**< id-sha384 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 2 } */
+
+#define MBEDTLS_OID_DIGEST_ALG_SHA512           MBEDTLS_OID_GOV "\x03\x04\x02\x03" /**< id-mbedtls_sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 3 } */
+
+#define MBEDTLS_OID_HMAC_SHA1                   MBEDTLS_OID_RSA_COMPANY "\x02\x07" /**< id-hmacWithSHA1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 7 } */
+
+/*
+ * Encryption algorithms
+ */
+#define MBEDTLS_OID_DES_CBC                     MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_ALG "\x07" /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */
+#define MBEDTLS_OID_DES_EDE3_CBC                MBEDTLS_OID_RSA_COMPANY "\x03\x07" /**< des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) -- us(840) rsadsi(113549) encryptionAlgorithm(3) 7 } */
+
+/*
+ * PKCS#5 OIDs
+ */
+#define MBEDTLS_OID_PKCS5_PBKDF2                MBEDTLS_OID_PKCS5 "\x0c" /**< id-PBKDF2 OBJECT IDENTIFIER ::= {pkcs-5 12} */
+#define MBEDTLS_OID_PKCS5_PBES2                 MBEDTLS_OID_PKCS5 "\x0d" /**< id-PBES2 OBJECT IDENTIFIER ::= {pkcs-5 13} */
+#define MBEDTLS_OID_PKCS5_PBMAC1                MBEDTLS_OID_PKCS5 "\x0e" /**< id-PBMAC1 OBJECT IDENTIFIER ::= {pkcs-5 14} */
+
+/*
+ * PKCS#5 PBES1 algorithms
+ */
+#define MBEDTLS_OID_PKCS5_PBE_MD2_DES_CBC       MBEDTLS_OID_PKCS5 "\x01" /**< pbeWithMD2AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 1} */
+#define MBEDTLS_OID_PKCS5_PBE_MD2_RC2_CBC       MBEDTLS_OID_PKCS5 "\x04" /**< pbeWithMD2AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 4} */
+#define MBEDTLS_OID_PKCS5_PBE_MD5_DES_CBC       MBEDTLS_OID_PKCS5 "\x03" /**< pbeWithMD5AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 3} */
+#define MBEDTLS_OID_PKCS5_PBE_MD5_RC2_CBC       MBEDTLS_OID_PKCS5 "\x06" /**< pbeWithMD5AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 6} */
+#define MBEDTLS_OID_PKCS5_PBE_SHA1_DES_CBC      MBEDTLS_OID_PKCS5 "\x0a" /**< pbeWithSHA1AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 10} */
+#define MBEDTLS_OID_PKCS5_PBE_SHA1_RC2_CBC      MBEDTLS_OID_PKCS5 "\x0b" /**< pbeWithSHA1AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 11} */
+
+/*
+ * PKCS#8 OIDs
+ */
+#define MBEDTLS_OID_PKCS9_CSR_EXT_REQ           MBEDTLS_OID_PKCS9 "\x0e" /**< extensionRequest OBJECT IDENTIFIER ::= {pkcs-9 14} */
+
+/*
+ * PKCS#12 PBE OIDs
+ */
+#define MBEDTLS_OID_PKCS12_PBE                      MBEDTLS_OID_PKCS12 "\x01" /**< pkcs-12PbeIds OBJECT IDENTIFIER ::= {pkcs-12 1} */
+
+#define MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_128         MBEDTLS_OID_PKCS12_PBE "\x01" /**< pbeWithSHAAnd128BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 1} */
+#define MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_40          MBEDTLS_OID_PKCS12_PBE "\x02" /**< pbeWithSHAAnd40BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 2} */
+#define MBEDTLS_OID_PKCS12_PBE_SHA1_DES3_EDE_CBC    MBEDTLS_OID_PKCS12_PBE "\x03" /**< pbeWithSHAAnd3-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 3} */
+#define MBEDTLS_OID_PKCS12_PBE_SHA1_DES2_EDE_CBC    MBEDTLS_OID_PKCS12_PBE "\x04" /**< pbeWithSHAAnd2-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 4} */
+#define MBEDTLS_OID_PKCS12_PBE_SHA1_RC2_128_CBC     MBEDTLS_OID_PKCS12_PBE "\x05" /**< pbeWithSHAAnd128BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 5} */
+#define MBEDTLS_OID_PKCS12_PBE_SHA1_RC2_40_CBC      MBEDTLS_OID_PKCS12_PBE "\x06" /**< pbeWithSHAAnd40BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 6} */
+
+/*
+ * EC key algorithms from RFC 5480
+ */
+
+/* id-ecPublicKey OBJECT IDENTIFIER ::= {
+ *       iso(1) member-body(2) us(840) ansi-X9-62(10045) keyType(2) 1 } */
+#define MBEDTLS_OID_EC_ALG_UNRESTRICTED         MBEDTLS_OID_ANSI_X9_62 "\x02\01"
+
+/*   id-ecDH OBJECT IDENTIFIER ::= {
+ *     iso(1) identified-organization(3) certicom(132)
+ *     schemes(1) ecdh(12) } */
+#define MBEDTLS_OID_EC_ALG_ECDH                 MBEDTLS_OID_CERTICOM "\x01\x0c"
+
+/*
+ * ECParameters namedCurve identifiers, from RFC 5480, RFC 5639, and SEC2
+ */
+
+/* secp192r1 OBJECT IDENTIFIER ::= {
+ *   iso(1) member-body(2) us(840) ansi-X9-62(10045) curves(3) prime(1) 1 } */
+#define MBEDTLS_OID_EC_GRP_SECP192R1        MBEDTLS_OID_ANSI_X9_62 "\x03\x01\x01"
+
+/* secp224r1 OBJECT IDENTIFIER ::= {
+ *   iso(1) identified-organization(3) certicom(132) curve(0) 33 } */
+#define MBEDTLS_OID_EC_GRP_SECP224R1        MBEDTLS_OID_CERTICOM "\x00\x21"
+
+/* secp256r1 OBJECT IDENTIFIER ::= {
+ *   iso(1) member-body(2) us(840) ansi-X9-62(10045) curves(3) prime(1) 7 } */
+#define MBEDTLS_OID_EC_GRP_SECP256R1        MBEDTLS_OID_ANSI_X9_62 "\x03\x01\x07"
+
+/* secp384r1 OBJECT IDENTIFIER ::= {
+ *   iso(1) identified-organization(3) certicom(132) curve(0) 34 } */
+#define MBEDTLS_OID_EC_GRP_SECP384R1        MBEDTLS_OID_CERTICOM "\x00\x22"
+
+/* secp521r1 OBJECT IDENTIFIER ::= {
+ *   iso(1) identified-organization(3) certicom(132) curve(0) 35 } */
+#define MBEDTLS_OID_EC_GRP_SECP521R1        MBEDTLS_OID_CERTICOM "\x00\x23"
+
+/* secp192k1 OBJECT IDENTIFIER ::= {
+ *   iso(1) identified-organization(3) certicom(132) curve(0) 31 } */
+#define MBEDTLS_OID_EC_GRP_SECP192K1        MBEDTLS_OID_CERTICOM "\x00\x1f"
+
+/* secp224k1 OBJECT IDENTIFIER ::= {
+ *   iso(1) identified-organization(3) certicom(132) curve(0) 32 } */
+#define MBEDTLS_OID_EC_GRP_SECP224K1        MBEDTLS_OID_CERTICOM "\x00\x20"
+
+/* secp256k1 OBJECT IDENTIFIER ::= {
+ *   iso(1) identified-organization(3) certicom(132) curve(0) 10 } */
+#define MBEDTLS_OID_EC_GRP_SECP256K1        MBEDTLS_OID_CERTICOM "\x00\x0a"
+
+/* RFC 5639 4.1
+ * ecStdCurvesAndGeneration OBJECT IDENTIFIER::= {iso(1)
+ * identified-organization(3) teletrust(36) algorithm(3) signature-
+ * algorithm(3) ecSign(2) 8}
+ * ellipticCurve OBJECT IDENTIFIER ::= {ecStdCurvesAndGeneration 1}
+ * versionOne OBJECT IDENTIFIER ::= {ellipticCurve 1} */
+#define MBEDTLS_OID_EC_BRAINPOOL_V1         MBEDTLS_OID_TELETRUST "\x03\x03\x02\x08\x01\x01"
+
+/* brainpoolP256r1 OBJECT IDENTIFIER ::= {versionOne 7} */
+#define MBEDTLS_OID_EC_GRP_BP256R1          MBEDTLS_OID_EC_BRAINPOOL_V1 "\x07"
+
+/* brainpoolP384r1 OBJECT IDENTIFIER ::= {versionOne 11} */
+#define MBEDTLS_OID_EC_GRP_BP384R1          MBEDTLS_OID_EC_BRAINPOOL_V1 "\x0B"
+
+/* brainpoolP512r1 OBJECT IDENTIFIER ::= {versionOne 13} */
+#define MBEDTLS_OID_EC_GRP_BP512R1          MBEDTLS_OID_EC_BRAINPOOL_V1 "\x0D"
+
+/*
+ * SEC1 C.1
+ *
+ * prime-field OBJECT IDENTIFIER ::= { id-fieldType 1 }
+ * id-fieldType OBJECT IDENTIFIER ::= { ansi-X9-62 fieldType(1)}
+ */
+#define MBEDTLS_OID_ANSI_X9_62_FIELD_TYPE   MBEDTLS_OID_ANSI_X9_62 "\x01"
+#define MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD  MBEDTLS_OID_ANSI_X9_62_FIELD_TYPE "\x01"
+
+/*
+ * ECDSA signature identifiers, from RFC 5480
+ */
+#define MBEDTLS_OID_ANSI_X9_62_SIG          MBEDTLS_OID_ANSI_X9_62 "\x04" /* signatures(4) */
+#define MBEDTLS_OID_ANSI_X9_62_SIG_SHA2     MBEDTLS_OID_ANSI_X9_62_SIG "\x03" /* ecdsa-with-SHA2(3) */
+
+/* ecdsa-with-SHA1 OBJECT IDENTIFIER ::= {
+ *   iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) 1 } */
+#define MBEDTLS_OID_ECDSA_SHA1              MBEDTLS_OID_ANSI_X9_62_SIG "\x01"
+
+/* ecdsa-with-SHA224 OBJECT IDENTIFIER ::= {
+ *   iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4)
+ *   ecdsa-with-SHA2(3) 1 } */
+#define MBEDTLS_OID_ECDSA_SHA224            MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 "\x01"
+
+/* ecdsa-with-SHA256 OBJECT IDENTIFIER ::= {
+ *   iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4)
+ *   ecdsa-with-SHA2(3) 2 } */
+#define MBEDTLS_OID_ECDSA_SHA256            MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 "\x02"
+
+/* ecdsa-with-SHA384 OBJECT IDENTIFIER ::= {
+ *   iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4)
+ *   ecdsa-with-SHA2(3) 3 } */
+#define MBEDTLS_OID_ECDSA_SHA384            MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 "\x03"
+
+/* ecdsa-with-SHA512 OBJECT IDENTIFIER ::= {
+ *   iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4)
+ *   ecdsa-with-SHA2(3) 4 } */
+#define MBEDTLS_OID_ECDSA_SHA512            MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 "\x04"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief Base OID descriptor structure
+ */
+typedef struct {
+    const char *asn1;               /*!< OID ASN.1 representation       */
+    size_t asn1_len;                /*!< length of asn1                 */
+    const char *name;               /*!< official name (e.g. from RFC)  */
+    const char *description;        /*!< human friendly description     */
+} mbedtls_oid_descriptor_t;
+
+/**
+ * \brief           Translate an ASN.1 OID into its numeric representation
+ *                  (e.g. "\x2A\x86\x48\x86\xF7\x0D" into "1.2.840.113549")
+ *
+ * \param buf       buffer to put representation in
+ * \param size      size of the buffer
+ * \param oid       OID to translate
+ *
+ * \return          Length of the string written (excluding final NULL) or
+ *                  MBEDTLS_ERR_OID_BUF_TOO_SMALL in case of error
+ */
+int mbedtls_oid_get_numeric_string( char *buf, size_t size, const mbedtls_asn1_buf *oid );
+
+#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
+/**
+ * \brief          Translate an X.509 extension OID into local values
+ *
+ * \param oid      OID to use
+ * \param ext_type place to store the extension type
+ *
+ * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
+ */
+int mbedtls_oid_get_x509_ext_type( const mbedtls_asn1_buf *oid, int *ext_type );
+#endif
+
+/**
+ * \brief          Translate an X.509 attribute type OID into the short name
+ *                 (e.g. the OID for an X520 Common Name into "CN")
+ *
+ * \param oid      OID to use
+ * \param short_name    place to store the string pointer
+ *
+ * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
+ */
+int mbedtls_oid_get_attr_short_name( const mbedtls_asn1_buf *oid, const char **short_name );
+
+/**
+ * \brief          Translate PublicKeyAlgorithm OID into pk_type
+ *
+ * \param oid      OID to use
+ * \param pk_alg   place to store public key algorithm
+ *
+ * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
+ */
+int mbedtls_oid_get_pk_alg( const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_alg );
+
+/**
+ * \brief          Translate pk_type into PublicKeyAlgorithm OID
+ *
+ * \param pk_alg   Public key type to look for
+ * \param oid      place to store ASN.1 OID string pointer
+ * \param olen     length of the OID
+ *
+ * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
+ */
+int mbedtls_oid_get_oid_by_pk_alg( mbedtls_pk_type_t pk_alg,
+                           const char **oid, size_t *olen );
+
+#if defined(MBEDTLS_ECP_C)
+/**
+ * \brief          Translate NamedCurve OID into an EC group identifier
+ *
+ * \param oid      OID to use
+ * \param grp_id   place to store group id
+ *
+ * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
+ */
+int mbedtls_oid_get_ec_grp( const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *grp_id );
+
+/**
+ * \brief          Translate EC group identifier into NamedCurve OID
+ *
+ * \param grp_id   EC group identifier
+ * \param oid      place to store ASN.1 OID string pointer
+ * \param olen     length of the OID
+ *
+ * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
+ */
+int mbedtls_oid_get_oid_by_ec_grp( mbedtls_ecp_group_id grp_id,
+                           const char **oid, size_t *olen );
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_MD_C)
+/**
+ * \brief          Translate SignatureAlgorithm OID into md_type and pk_type
+ *
+ * \param oid      OID to use
+ * \param md_alg   place to store message digest algorithm
+ * \param pk_alg   place to store public key algorithm
+ *
+ * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
+ */
+int mbedtls_oid_get_sig_alg( const mbedtls_asn1_buf *oid,
+                     mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg );
+
+/**
+ * \brief          Translate SignatureAlgorithm OID into description
+ *
+ * \param oid      OID to use
+ * \param desc     place to store string pointer
+ *
+ * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
+ */
+int mbedtls_oid_get_sig_alg_desc( const mbedtls_asn1_buf *oid, const char **desc );
+
+/**
+ * \brief          Translate md_type and pk_type into SignatureAlgorithm OID
+ *
+ * \param md_alg   message digest algorithm
+ * \param pk_alg   public key algorithm
+ * \param oid      place to store ASN.1 OID string pointer
+ * \param olen     length of the OID
+ *
+ * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
+ */
+int mbedtls_oid_get_oid_by_sig_alg( mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
+                            const char **oid, size_t *olen );
+
+/**
+ * \brief          Translate hash algorithm OID into md_type
+ *
+ * \param oid      OID to use
+ * \param md_alg   place to store message digest algorithm
+ *
+ * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
+ */
+int mbedtls_oid_get_md_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg );
+#endif /* MBEDTLS_MD_C */
+
+/**
+ * \brief          Translate Extended Key Usage OID into description
+ *
+ * \param oid      OID to use
+ * \param desc     place to store string pointer
+ *
+ * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
+ */
+int mbedtls_oid_get_extended_key_usage( const mbedtls_asn1_buf *oid, const char **desc );
+
+/**
+ * \brief          Translate md_type into hash algorithm OID
+ *
+ * \param md_alg   message digest algorithm
+ * \param oid      place to store ASN.1 OID string pointer
+ * \param olen     length of the OID
+ *
+ * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
+ */
+int mbedtls_oid_get_oid_by_md( mbedtls_md_type_t md_alg, const char **oid, size_t *olen );
+
+#if defined(MBEDTLS_CIPHER_C)
+/**
+ * \brief          Translate encryption algorithm OID into cipher_type
+ *
+ * \param oid           OID to use
+ * \param cipher_alg    place to store cipher algorithm
+ *
+ * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
+ */
+int mbedtls_oid_get_cipher_alg( const mbedtls_asn1_buf *oid, mbedtls_cipher_type_t *cipher_alg );
+#endif /* MBEDTLS_CIPHER_C */
+
+#if defined(MBEDTLS_PKCS12_C)
+/**
+ * \brief          Translate PKCS#12 PBE algorithm OID into md_type and
+ *                 cipher_type
+ *
+ * \param oid           OID to use
+ * \param md_alg        place to store message digest algorithm
+ * \param cipher_alg    place to store cipher algorithm
+ *
+ * \return         0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
+ */
+int mbedtls_oid_get_pkcs12_pbe_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg,
+                            mbedtls_cipher_type_t *cipher_alg );
+#endif /* MBEDTLS_PKCS12_C */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* oid.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/padlock.h b/thirdparty/mbedtls/include/mbedtls/padlock.h
new file mode 100644
index 0000000000..677936ebf8
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/padlock.h
@@ -0,0 +1,108 @@
+/**
+ * \file padlock.h
+ *
+ * \brief VIA PadLock ACE for HW encryption/decryption supported by some
+ *        processors
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_PADLOCK_H
+#define MBEDTLS_PADLOCK_H
+
+#include "aes.h"
+
+#define MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED               -0x0030  /**< Input data should be aligned. */
+
+#if defined(__has_feature)
+#if __has_feature(address_sanitizer)
+#define MBEDTLS_HAVE_ASAN
+#endif
+#endif
+
+/* Some versions of ASan result in errors about not enough registers */
+#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) && \
+    !defined(MBEDTLS_HAVE_ASAN)
+
+#ifndef MBEDTLS_HAVE_X86
+#define MBEDTLS_HAVE_X86
+#endif
+
+#include <stdint.h>
+
+#define MBEDTLS_PADLOCK_RNG 0x000C
+#define MBEDTLS_PADLOCK_ACE 0x00C0
+#define MBEDTLS_PADLOCK_PHE 0x0C00
+#define MBEDTLS_PADLOCK_PMM 0x3000
+
+#define MBEDTLS_PADLOCK_ALIGN16(x) (uint32_t *) (16 + ((int32_t) x & ~15))
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          PadLock detection routine
+ *
+ * \param feature  The feature to detect
+ *
+ * \return         1 if CPU has support for the feature, 0 otherwise
+ */
+int mbedtls_padlock_has_support( int feature );
+
+/**
+ * \brief          PadLock AES-ECB block en(de)cryption
+ *
+ * \param ctx      AES context
+ * \param mode     MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
+ * \param input    16-byte input block
+ * \param output   16-byte output block
+ *
+ * \return         0 if success, 1 if operation failed
+ */
+int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx,
+                       int mode,
+                       const unsigned char input[16],
+                       unsigned char output[16] );
+
+/**
+ * \brief          PadLock AES-CBC buffer en(de)cryption
+ *
+ * \param ctx      AES context
+ * \param mode     MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
+ * \param length   length of the input data
+ * \param iv       initialization vector (updated after use)
+ * \param input    buffer holding the input data
+ * \param output   buffer holding the output data
+ *
+ * \return         0 if success, 1 if operation failed
+ */
+int mbedtls_padlock_xcryptcbc( mbedtls_aes_context *ctx,
+                       int mode,
+                       size_t length,
+                       unsigned char iv[16],
+                       const unsigned char *input,
+                       unsigned char *output );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* HAVE_X86  */
+
+#endif /* padlock.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/pem.h b/thirdparty/mbedtls/include/mbedtls/pem.h
new file mode 100644
index 0000000000..2cf4c0a709
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/pem.h
@@ -0,0 +1,130 @@
+/**
+ * \file pem.h
+ *
+ * \brief Privacy Enhanced Mail (PEM) decoding
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_PEM_H
+#define MBEDTLS_PEM_H
+
+#include <stddef.h>
+
+/**
+ * \name PEM Error codes
+ * These error codes are returned in case of errors reading the
+ * PEM data.
+ * \{
+ */
+#define MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT          -0x1080  /**< No PEM header or footer found. */
+#define MBEDTLS_ERR_PEM_INVALID_DATA                      -0x1100  /**< PEM string is not as expected. */
+#define MBEDTLS_ERR_PEM_ALLOC_FAILED                      -0x1180  /**< Failed to allocate memory. */
+#define MBEDTLS_ERR_PEM_INVALID_ENC_IV                    -0x1200  /**< RSA IV is not in hex-format. */
+#define MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG                   -0x1280  /**< Unsupported key encryption algorithm. */
+#define MBEDTLS_ERR_PEM_PASSWORD_REQUIRED                 -0x1300  /**< Private key password can't be empty. */
+#define MBEDTLS_ERR_PEM_PASSWORD_MISMATCH                 -0x1380  /**< Given private key password does not allow for correct decryption. */
+#define MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE               -0x1400  /**< Unavailable feature, e.g. hashing/encryption combination. */
+#define MBEDTLS_ERR_PEM_BAD_INPUT_DATA                    -0x1480  /**< Bad input parameters to function. */
+/* \} name */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+/**
+ * \brief       PEM context structure
+ */
+typedef struct
+{
+    unsigned char *buf;     /*!< buffer for decoded data             */
+    size_t buflen;          /*!< length of the buffer                */
+    unsigned char *info;    /*!< buffer for extra header information */
+}
+mbedtls_pem_context;
+
+/**
+ * \brief       PEM context setup
+ *
+ * \param ctx   context to be initialized
+ */
+void mbedtls_pem_init( mbedtls_pem_context *ctx );
+
+/**
+ * \brief       Read a buffer for PEM information and store the resulting
+ *              data into the specified context buffers.
+ *
+ * \param ctx       context to use
+ * \param header    header string to seek and expect
+ * \param footer    footer string to seek and expect
+ * \param data      source data to look in (must be nul-terminated)
+ * \param pwd       password for decryption (can be NULL)
+ * \param pwdlen    length of password
+ * \param use_len   destination for total length used (set after header is
+ *                  correctly read, so unless you get
+ *                  MBEDTLS_ERR_PEM_BAD_INPUT_DATA or
+ *                  MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT, use_len is
+ *                  the length to skip)
+ *
+ * \note            Attempts to check password correctness by verifying if
+ *                  the decrypted text starts with an ASN.1 sequence of
+ *                  appropriate length
+ *
+ * \return          0 on success, or a specific PEM error code
+ */
+int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer,
+                     const unsigned char *data,
+                     const unsigned char *pwd,
+                     size_t pwdlen, size_t *use_len );
+
+/**
+ * \brief       PEM context memory freeing
+ *
+ * \param ctx   context to be freed
+ */
+void mbedtls_pem_free( mbedtls_pem_context *ctx );
+#endif /* MBEDTLS_PEM_PARSE_C */
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+/**
+ * \brief           Write a buffer of PEM information from a DER encoded
+ *                  buffer.
+ *
+ * \param header    header string to write
+ * \param footer    footer string to write
+ * \param der_data  DER data to write
+ * \param der_len   length of the DER data
+ * \param buf       buffer to write to
+ * \param buf_len   length of output buffer
+ * \param olen      total length written / required (if buf_len is not enough)
+ *
+ * \return          0 on success, or a specific PEM or BASE64 error code. On
+ *                  MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL olen is the required
+ *                  size.
+ */
+int mbedtls_pem_write_buffer( const char *header, const char *footer,
+                      const unsigned char *der_data, size_t der_len,
+                      unsigned char *buf, size_t buf_len, size_t *olen );
+#endif /* MBEDTLS_PEM_WRITE_C */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* pem.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/pk.h b/thirdparty/mbedtls/include/mbedtls/pk.h
new file mode 100644
index 0000000000..1059bdaa5b
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/pk.h
@@ -0,0 +1,618 @@
+/**
+ * \file pk.h
+ *
+ * \brief Public Key abstraction layer
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef MBEDTLS_PK_H
+#define MBEDTLS_PK_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "md.h"
+
+#if defined(MBEDTLS_RSA_C)
+#include "rsa.h"
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+#include "ecp.h"
+#endif
+
+#if defined(MBEDTLS_ECDSA_C)
+#include "ecdsa.h"
+#endif
+
+#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
+#define MBEDTLS_ERR_PK_ALLOC_FAILED        -0x3F80  /**< Memory allocation failed. */
+#define MBEDTLS_ERR_PK_TYPE_MISMATCH       -0x3F00  /**< Type mismatch, eg attempt to encrypt with an ECDSA key */
+#define MBEDTLS_ERR_PK_BAD_INPUT_DATA      -0x3E80  /**< Bad input parameters to function. */
+#define MBEDTLS_ERR_PK_FILE_IO_ERROR       -0x3E00  /**< Read/write of file failed. */
+#define MBEDTLS_ERR_PK_KEY_INVALID_VERSION -0x3D80  /**< Unsupported key version */
+#define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT  -0x3D00  /**< Invalid key tag or value. */
+#define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG      -0x3C80  /**< Key algorithm is unsupported (only RSA and EC are supported). */
+#define MBEDTLS_ERR_PK_PASSWORD_REQUIRED   -0x3C00  /**< Private key password can't be empty. */
+#define MBEDTLS_ERR_PK_PASSWORD_MISMATCH   -0x3B80  /**< Given private key password does not allow for correct decryption. */
+#define MBEDTLS_ERR_PK_INVALID_PUBKEY      -0x3B00  /**< The pubkey tag or value is invalid (only RSA and EC are supported). */
+#define MBEDTLS_ERR_PK_INVALID_ALG         -0x3A80  /**< The algorithm tag or value is invalid. */
+#define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x3A00  /**< Elliptic curve is unsupported (only NIST curves are supported). */
+#define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x3980  /**< Unavailable feature, e.g. RSA disabled for RSA key. */
+#define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH    -0x3900  /**< The signature is valid but its length is less than expected. */
+#define MBEDTLS_ERR_PK_HW_ACCEL_FAILED     -0x3880  /**< PK hardware accelerator failed. */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          Public key types
+ */
+typedef enum {
+    MBEDTLS_PK_NONE=0,
+    MBEDTLS_PK_RSA,
+    MBEDTLS_PK_ECKEY,
+    MBEDTLS_PK_ECKEY_DH,
+    MBEDTLS_PK_ECDSA,
+    MBEDTLS_PK_RSA_ALT,
+    MBEDTLS_PK_RSASSA_PSS,
+} mbedtls_pk_type_t;
+
+/**
+ * \brief           Options for RSASSA-PSS signature verification.
+ *                  See \c mbedtls_rsa_rsassa_pss_verify_ext()
+ */
+typedef struct
+{
+    mbedtls_md_type_t mgf1_hash_id;
+    int expected_salt_len;
+
+} mbedtls_pk_rsassa_pss_options;
+
+/**
+ * \brief           Types for interfacing with the debug module
+ */
+typedef enum
+{
+    MBEDTLS_PK_DEBUG_NONE = 0,
+    MBEDTLS_PK_DEBUG_MPI,
+    MBEDTLS_PK_DEBUG_ECP,
+} mbedtls_pk_debug_type;
+
+/**
+ * \brief           Item to send to the debug module
+ */
+typedef struct
+{
+    mbedtls_pk_debug_type type;
+    const char *name;
+    void *value;
+} mbedtls_pk_debug_item;
+
+/** Maximum number of item send for debugging, plus 1 */
+#define MBEDTLS_PK_DEBUG_MAX_ITEMS 3
+
+/**
+ * \brief           Public key information and operations
+ */
+typedef struct mbedtls_pk_info_t mbedtls_pk_info_t;
+
+/**
+ * \brief           Public key container
+ */
+typedef struct
+{
+    const mbedtls_pk_info_t *   pk_info; /**< Public key informations        */
+    void *                      pk_ctx;  /**< Underlying public key context  */
+} mbedtls_pk_context;
+
+#if defined(MBEDTLS_RSA_C)
+/**
+ * Quick access to an RSA context inside a PK context.
+ *
+ * \warning You must make sure the PK context actually holds an RSA context
+ * before using this function!
+ */
+static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk )
+{
+    return( (mbedtls_rsa_context *) (pk).pk_ctx );
+}
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_ECP_C)
+/**
+ * Quick access to an EC context inside a PK context.
+ *
+ * \warning You must make sure the PK context actually holds an EC context
+ * before using this function!
+ */
+static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk )
+{
+    return( (mbedtls_ecp_keypair *) (pk).pk_ctx );
+}
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
+/**
+ * \brief           Types for RSA-alt abstraction
+ */
+typedef int (*mbedtls_pk_rsa_alt_decrypt_func)( void *ctx, int mode, size_t *olen,
+                    const unsigned char *input, unsigned char *output,
+                    size_t output_max_len );
+typedef int (*mbedtls_pk_rsa_alt_sign_func)( void *ctx,
+                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+                    int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
+                    const unsigned char *hash, unsigned char *sig );
+typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx );
+#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
+
+/**
+ * \brief           Return information associated with the given PK type
+ *
+ * \param pk_type   PK type to search for.
+ *
+ * \return          The PK info associated with the type or NULL if not found.
+ */
+const mbedtls_pk_info_t *mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type );
+
+/**
+ * \brief           Initialize a mbedtls_pk_context (as NONE)
+ */
+void mbedtls_pk_init( mbedtls_pk_context *ctx );
+
+/**
+ * \brief           Free a mbedtls_pk_context
+ */
+void mbedtls_pk_free( mbedtls_pk_context *ctx );
+
+/**
+ * \brief           Initialize a PK context with the information given
+ *                  and allocates the type-specific PK subcontext.
+ *
+ * \param ctx       Context to initialize. Must be empty (type NONE).
+ * \param info      Information to use
+ *
+ * \return          0 on success,
+ *                  MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input,
+ *                  MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.
+ *
+ * \note            For contexts holding an RSA-alt key, use
+ *                  \c mbedtls_pk_setup_rsa_alt() instead.
+ */
+int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
+
+#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
+/**
+ * \brief           Initialize an RSA-alt context
+ *
+ * \param ctx       Context to initialize. Must be empty (type NONE).
+ * \param key       RSA key pointer
+ * \param decrypt_func  Decryption function
+ * \param sign_func     Signing function
+ * \param key_len_func  Function returning key length in bytes
+ *
+ * \return          0 on success, or MBEDTLS_ERR_PK_BAD_INPUT_DATA if the
+ *                  context wasn't already initialized as RSA_ALT.
+ *
+ * \note            This function replaces \c mbedtls_pk_setup() for RSA-alt.
+ */
+int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key,
+                         mbedtls_pk_rsa_alt_decrypt_func decrypt_func,
+                         mbedtls_pk_rsa_alt_sign_func sign_func,
+                         mbedtls_pk_rsa_alt_key_len_func key_len_func );
+#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
+
+/**
+ * \brief           Get the size in bits of the underlying key
+ *
+ * \param ctx       Context to use
+ *
+ * \return          Key size in bits, or 0 on error
+ */
+size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx );
+
+/**
+ * \brief           Get the length in bytes of the underlying key
+ * \param ctx       Context to use
+ *
+ * \return          Key length in bytes, or 0 on error
+ */
+static inline size_t mbedtls_pk_get_len( const mbedtls_pk_context *ctx )
+{
+    return( ( mbedtls_pk_get_bitlen( ctx ) + 7 ) / 8 );
+}
+
+/**
+ * \brief           Tell if a context can do the operation given by type
+ *
+ * \param ctx       Context to test
+ * \param type      Target type
+ *
+ * \return          0 if context can't do the operations,
+ *                  1 otherwise.
+ */
+int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type );
+
+/**
+ * \brief           Verify signature (including padding if relevant).
+ *
+ * \param ctx       PK context to use
+ * \param md_alg    Hash algorithm used (see notes)
+ * \param hash      Hash of the message to sign
+ * \param hash_len  Hash length or 0 (see notes)
+ * \param sig       Signature to verify
+ * \param sig_len   Signature length
+ *
+ * \return          0 on success (signature is valid),
+ *                  MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if the signature is
+ *                  valid but its actual length is less than sig_len,
+ *                  or a specific error code.
+ *
+ * \note            For RSA keys, the default padding type is PKCS#1 v1.5.
+ *                  Use \c mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, ... )
+ *                  to verify RSASSA_PSS signatures.
+ *
+ * \note            If hash_len is 0, then the length associated with md_alg
+ *                  is used instead, or an error returned if it is invalid.
+ *
+ * \note            md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0
+ */
+int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
+               const unsigned char *hash, size_t hash_len,
+               const unsigned char *sig, size_t sig_len );
+
+/**
+ * \brief           Verify signature, with options.
+ *                  (Includes verification of the padding depending on type.)
+ *
+ * \param type      Signature type (inc. possible padding type) to verify
+ * \param options   Pointer to type-specific options, or NULL
+ * \param ctx       PK context to use
+ * \param md_alg    Hash algorithm used (see notes)
+ * \param hash      Hash of the message to sign
+ * \param hash_len  Hash length or 0 (see notes)
+ * \param sig       Signature to verify
+ * \param sig_len   Signature length
+ *
+ * \return          0 on success (signature is valid),
+ *                  MBEDTLS_ERR_PK_TYPE_MISMATCH if the PK context can't be
+ *                  used for this type of signatures,
+ *                  MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if the signature is
+ *                  valid but its actual length is less than sig_len,
+ *                  or a specific error code.
+ *
+ * \note            If hash_len is 0, then the length associated with md_alg
+ *                  is used instead, or an error returned if it is invalid.
+ *
+ * \note            md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0
+ *
+ * \note            If type is MBEDTLS_PK_RSASSA_PSS, then options must point
+ *                  to a mbedtls_pk_rsassa_pss_options structure,
+ *                  otherwise it must be NULL.
+ */
+int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
+                   mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
+                   const unsigned char *hash, size_t hash_len,
+                   const unsigned char *sig, size_t sig_len );
+
+/**
+ * \brief           Make signature, including padding if relevant.
+ *
+ * \param ctx       PK context to use - must hold a private key
+ * \param md_alg    Hash algorithm used (see notes)
+ * \param hash      Hash of the message to sign
+ * \param hash_len  Hash length or 0 (see notes)
+ * \param sig       Place to write the signature
+ * \param sig_len   Number of bytes written
+ * \param f_rng     RNG function
+ * \param p_rng     RNG parameter
+ *
+ * \return          0 on success, or a specific error code.
+ *
+ * \note            For RSA keys, the default padding type is PKCS#1 v1.5.
+ *                  There is no interface in the PK module to make RSASSA-PSS
+ *                  signatures yet.
+ *
+ * \note            If hash_len is 0, then the length associated with md_alg
+ *                  is used instead, or an error returned if it is invalid.
+ *
+ * \note            For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0.
+ *                  For ECDSA, md_alg may never be MBEDTLS_MD_NONE.
+ */
+int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
+             const unsigned char *hash, size_t hash_len,
+             unsigned char *sig, size_t *sig_len,
+             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+
+/**
+ * \brief           Decrypt message (including padding if relevant).
+ *
+ * \param ctx       PK context to use - must hold a private key
+ * \param input     Input to decrypt
+ * \param ilen      Input size
+ * \param output    Decrypted output
+ * \param olen      Decrypted message length
+ * \param osize     Size of the output buffer
+ * \param f_rng     RNG function
+ * \param p_rng     RNG parameter
+ *
+ * \note            For RSA keys, the default padding type is PKCS#1 v1.5.
+ *
+ * \return          0 on success, or a specific error code.
+ */
+int mbedtls_pk_decrypt( mbedtls_pk_context *ctx,
+                const unsigned char *input, size_t ilen,
+                unsigned char *output, size_t *olen, size_t osize,
+                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+
+/**
+ * \brief           Encrypt message (including padding if relevant).
+ *
+ * \param ctx       PK context to use
+ * \param input     Message to encrypt
+ * \param ilen      Message size
+ * \param output    Encrypted output
+ * \param olen      Encrypted output length
+ * \param osize     Size of the output buffer
+ * \param f_rng     RNG function
+ * \param p_rng     RNG parameter
+ *
+ * \note            For RSA keys, the default padding type is PKCS#1 v1.5.
+ *
+ * \return          0 on success, or a specific error code.
+ */
+int mbedtls_pk_encrypt( mbedtls_pk_context *ctx,
+                const unsigned char *input, size_t ilen,
+                unsigned char *output, size_t *olen, size_t osize,
+                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+
+/**
+ * \brief           Check if a public-private pair of keys matches.
+ *
+ * \param pub       Context holding a public key.
+ * \param prv       Context holding a private (and public) key.
+ *
+ * \return          0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA
+ */
+int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv );
+
+/**
+ * \brief           Export debug information
+ *
+ * \param ctx       Context to use
+ * \param items     Place to write debug items
+ *
+ * \return          0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA
+ */
+int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items );
+
+/**
+ * \brief           Access the type name
+ *
+ * \param ctx       Context to use
+ *
+ * \return          Type name on success, or "invalid PK"
+ */
+const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx );
+
+/**
+ * \brief           Get the key type
+ *
+ * \param ctx       Context to use
+ *
+ * \return          Type on success, or MBEDTLS_PK_NONE
+ */
+mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx );
+
+#if defined(MBEDTLS_PK_PARSE_C)
+/** \ingroup pk_module */
+/**
+ * \brief           Parse a private key in PEM or DER format
+ *
+ * \param ctx       key to be initialized
+ * \param key       input buffer
+ * \param keylen    size of the buffer
+ *                  (including the terminating null byte for PEM data)
+ * \param pwd       password for decryption (optional)
+ * \param pwdlen    size of the password
+ *
+ * \note            On entry, ctx must be empty, either freshly initialised
+ *                  with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a
+ *                  specific key type, check the result with mbedtls_pk_can_do().
+ *
+ * \note            The key is also checked for correctness.
+ *
+ * \return          0 if successful, or a specific PK or PEM error code
+ */
+int mbedtls_pk_parse_key( mbedtls_pk_context *ctx,
+                  const unsigned char *key, size_t keylen,
+                  const unsigned char *pwd, size_t pwdlen );
+
+/** \ingroup pk_module */
+/**
+ * \brief           Parse a public key in PEM or DER format
+ *
+ * \param ctx       key to be initialized
+ * \param key       input buffer
+ * \param keylen    size of the buffer
+ *                  (including the terminating null byte for PEM data)
+ *
+ * \note            On entry, ctx must be empty, either freshly initialised
+ *                  with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a
+ *                  specific key type, check the result with mbedtls_pk_can_do().
+ *
+ * \note            The key is also checked for correctness.
+ *
+ * \return          0 if successful, or a specific PK or PEM error code
+ */
+int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,
+                         const unsigned char *key, size_t keylen );
+
+#if defined(MBEDTLS_FS_IO)
+/** \ingroup pk_module */
+/**
+ * \brief           Load and parse a private key
+ *
+ * \param ctx       key to be initialized
+ * \param path      filename to read the private key from
+ * \param password  password to decrypt the file (can be NULL)
+ *
+ * \note            On entry, ctx must be empty, either freshly initialised
+ *                  with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a
+ *                  specific key type, check the result with mbedtls_pk_can_do().
+ *
+ * \note            The key is also checked for correctness.
+ *
+ * \return          0 if successful, or a specific PK or PEM error code
+ */
+int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx,
+                      const char *path, const char *password );
+
+/** \ingroup pk_module */
+/**
+ * \brief           Load and parse a public key
+ *
+ * \param ctx       key to be initialized
+ * \param path      filename to read the public key from
+ *
+ * \note            On entry, ctx must be empty, either freshly initialised
+ *                  with mbedtls_pk_init() or reset with mbedtls_pk_free(). If
+ *                  you need a specific key type, check the result with
+ *                  mbedtls_pk_can_do().
+ *
+ * \note            The key is also checked for correctness.
+ *
+ * \return          0 if successful, or a specific PK or PEM error code
+ */
+int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path );
+#endif /* MBEDTLS_FS_IO */
+#endif /* MBEDTLS_PK_PARSE_C */
+
+#if defined(MBEDTLS_PK_WRITE_C)
+/**
+ * \brief           Write a private key to a PKCS#1 or SEC1 DER structure
+ *                  Note: data is written at the end of the buffer! Use the
+ *                        return value to determine where you should start
+ *                        using the buffer
+ *
+ * \param ctx       private to write away
+ * \param buf       buffer to write to
+ * \param size      size of the buffer
+ *
+ * \return          length of data written if successful, or a specific
+ *                  error code
+ */
+int mbedtls_pk_write_key_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
+
+/**
+ * \brief           Write a public key to a SubjectPublicKeyInfo DER structure
+ *                  Note: data is written at the end of the buffer! Use the
+ *                        return value to determine where you should start
+ *                        using the buffer
+ *
+ * \param ctx       public key to write away
+ * \param buf       buffer to write to
+ * \param size      size of the buffer
+ *
+ * \return          length of data written if successful, or a specific
+ *                  error code
+ */
+int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+/**
+ * \brief           Write a public key to a PEM string
+ *
+ * \param ctx       public key to write away
+ * \param buf       buffer to write to
+ * \param size      size of the buffer
+ *
+ * \return          0 if successful, or a specific error code
+ */
+int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
+
+/**
+ * \brief           Write a private key to a PKCS#1 or SEC1 PEM string
+ *
+ * \param ctx       private to write away
+ * \param buf       buffer to write to
+ * \param size      size of the buffer
+ *
+ * \return          0 if successful, or a specific error code
+ */
+int mbedtls_pk_write_key_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
+#endif /* MBEDTLS_PEM_WRITE_C */
+#endif /* MBEDTLS_PK_WRITE_C */
+
+/*
+ * WARNING: Low-level functions. You probably do not want to use these unless
+ *          you are certain you do ;)
+ */
+
+#if defined(MBEDTLS_PK_PARSE_C)
+/**
+ * \brief           Parse a SubjectPublicKeyInfo DER structure
+ *
+ * \param p         the position in the ASN.1 data
+ * \param end       end of the buffer
+ * \param pk        the key to fill
+ *
+ * \return          0 if successful, or a specific PK error code
+ */
+int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end,
+                        mbedtls_pk_context *pk );
+#endif /* MBEDTLS_PK_PARSE_C */
+
+#if defined(MBEDTLS_PK_WRITE_C)
+/**
+ * \brief           Write a subjectPublicKey to ASN.1 data
+ *                  Note: function works backwards in data buffer
+ *
+ * \param p         reference to current position pointer
+ * \param start     start of the buffer (for bounds-checking)
+ * \param key       public key to write away
+ *
+ * \return          the length written or a negative error code
+ */
+int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
+                     const mbedtls_pk_context *key );
+#endif /* MBEDTLS_PK_WRITE_C */
+
+/*
+ * Internal module functions. You probably do not want to use these unless you
+ * know you do.
+ */
+#if defined(MBEDTLS_FS_IO)
+int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n );
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_PK_H */
diff --git a/thirdparty/mbedtls/include/mbedtls/pk_internal.h b/thirdparty/mbedtls/include/mbedtls/pk_internal.h
new file mode 100644
index 0000000000..3dae0fc5b2
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/pk_internal.h
@@ -0,0 +1,115 @@
+/**
+ * \file pk_internal.h
+ *
+ * \brief Public Key abstraction layer: wrapper functions
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef MBEDTLS_PK_WRAP_H
+#define MBEDTLS_PK_WRAP_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "pk.h"
+
+struct mbedtls_pk_info_t
+{
+    /** Public key type */
+    mbedtls_pk_type_t type;
+
+    /** Type name */
+    const char *name;
+
+    /** Get key size in bits */
+    size_t (*get_bitlen)( const void * );
+
+    /** Tell if the context implements this type (e.g. ECKEY can do ECDSA) */
+    int (*can_do)( mbedtls_pk_type_t type );
+
+    /** Verify signature */
+    int (*verify_func)( void *ctx, mbedtls_md_type_t md_alg,
+                        const unsigned char *hash, size_t hash_len,
+                        const unsigned char *sig, size_t sig_len );
+
+    /** Make signature */
+    int (*sign_func)( void *ctx, mbedtls_md_type_t md_alg,
+                      const unsigned char *hash, size_t hash_len,
+                      unsigned char *sig, size_t *sig_len,
+                      int (*f_rng)(void *, unsigned char *, size_t),
+                      void *p_rng );
+
+    /** Decrypt message */
+    int (*decrypt_func)( void *ctx, const unsigned char *input, size_t ilen,
+                         unsigned char *output, size_t *olen, size_t osize,
+                         int (*f_rng)(void *, unsigned char *, size_t),
+                         void *p_rng );
+
+    /** Encrypt message */
+    int (*encrypt_func)( void *ctx, const unsigned char *input, size_t ilen,
+                         unsigned char *output, size_t *olen, size_t osize,
+                         int (*f_rng)(void *, unsigned char *, size_t),
+                         void *p_rng );
+
+    /** Check public-private key pair */
+    int (*check_pair_func)( const void *pub, const void *prv );
+
+    /** Allocate a new context */
+    void * (*ctx_alloc_func)( void );
+
+    /** Free the given context */
+    void (*ctx_free_func)( void *ctx );
+
+    /** Interface with the debug module */
+    void (*debug_func)( const void *ctx, mbedtls_pk_debug_item *items );
+
+};
+#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
+/* Container for RSA-alt */
+typedef struct
+{
+    void *key;
+    mbedtls_pk_rsa_alt_decrypt_func decrypt_func;
+    mbedtls_pk_rsa_alt_sign_func sign_func;
+    mbedtls_pk_rsa_alt_key_len_func key_len_func;
+} mbedtls_rsa_alt_context;
+#endif
+
+#if defined(MBEDTLS_RSA_C)
+extern const mbedtls_pk_info_t mbedtls_rsa_info;
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+extern const mbedtls_pk_info_t mbedtls_eckey_info;
+extern const mbedtls_pk_info_t mbedtls_eckeydh_info;
+#endif
+
+#if defined(MBEDTLS_ECDSA_C)
+extern const mbedtls_pk_info_t mbedtls_ecdsa_info;
+#endif
+
+#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
+extern const mbedtls_pk_info_t mbedtls_rsa_alt_info;
+#endif
+
+#endif /* MBEDTLS_PK_WRAP_H */
diff --git a/thirdparty/mbedtls/include/mbedtls/pkcs11.h b/thirdparty/mbedtls/include/mbedtls/pkcs11.h
new file mode 100644
index 0000000000..bf65c55a79
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/pkcs11.h
@@ -0,0 +1,174 @@
+/**
+ * \file pkcs11.h
+ *
+ * \brief Wrapper for PKCS#11 library libpkcs11-helper
+ *
+ * \author Adriaan de Jong <dejong@fox-it.com>
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_PKCS11_H
+#define MBEDTLS_PKCS11_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PKCS11_C)
+
+#include "x509_crt.h"
+
+#include <pkcs11-helper-1.0/pkcs11h-certificate.h>
+
+#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * Context for PKCS #11 private keys.
+ */
+typedef struct {
+        pkcs11h_certificate_t pkcs11h_cert;
+        int len;
+} mbedtls_pkcs11_context;
+
+/**
+ * Initialize a mbedtls_pkcs11_context.
+ * (Just making memory references valid.)
+ */
+void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx );
+
+/**
+ * Fill in a mbed TLS certificate, based on the given PKCS11 helper certificate.
+ *
+ * \param cert          X.509 certificate to fill
+ * \param pkcs11h_cert  PKCS #11 helper certificate
+ *
+ * \return              0 on success.
+ */
+int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11h_cert );
+
+/**
+ * Set up a mbedtls_pkcs11_context storing the given certificate. Note that the
+ * mbedtls_pkcs11_context will take over control of the certificate, freeing it when
+ * done.
+ *
+ * \param priv_key      Private key structure to fill.
+ * \param pkcs11_cert   PKCS #11 helper certificate
+ *
+ * \return              0 on success
+ */
+int mbedtls_pkcs11_priv_key_bind( mbedtls_pkcs11_context *priv_key,
+        pkcs11h_certificate_t pkcs11_cert );
+
+/**
+ * Free the contents of the given private key context. Note that the structure
+ * itself is not freed.
+ *
+ * \param priv_key      Private key structure to cleanup
+ */
+void mbedtls_pkcs11_priv_key_free( mbedtls_pkcs11_context *priv_key );
+
+/**
+ * \brief          Do an RSA private key decrypt, then remove the message
+ *                 padding
+ *
+ * \param ctx      PKCS #11 context
+ * \param mode     must be MBEDTLS_RSA_PRIVATE, for compatibility with rsa.c's signature
+ * \param input    buffer holding the encrypted data
+ * \param output   buffer that will hold the plaintext
+ * \param olen     will contain the plaintext length
+ * \param output_max_len    maximum length of the output buffer
+ *
+ * \return         0 if successful, or an MBEDTLS_ERR_RSA_XXX error code
+ *
+ * \note           The output buffer must be as large as the size
+ *                 of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise
+ *                 an error is thrown.
+ */
+int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx,
+                       int mode, size_t *olen,
+                       const unsigned char *input,
+                       unsigned char *output,
+                       size_t output_max_len );
+
+/**
+ * \brief          Do a private RSA to sign a message digest
+ *
+ * \param ctx      PKCS #11 context
+ * \param mode     must be MBEDTLS_RSA_PRIVATE, for compatibility with rsa.c's signature
+ * \param md_alg   a MBEDTLS_MD_XXX (use MBEDTLS_MD_NONE for signing raw data)
+ * \param hashlen  message digest length (for MBEDTLS_MD_NONE only)
+ * \param hash     buffer holding the message digest
+ * \param sig      buffer that will hold the ciphertext
+ *
+ * \return         0 if the signing operation was successful,
+ *                 or an MBEDTLS_ERR_RSA_XXX error code
+ *
+ * \note           The "sig" buffer must be as large as the size
+ *                 of ctx->N (eg. 128 bytes if RSA-1024 is used).
+ */
+int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx,
+                    int mode,
+                    mbedtls_md_type_t md_alg,
+                    unsigned int hashlen,
+                    const unsigned char *hash,
+                    unsigned char *sig );
+
+/**
+ * SSL/TLS wrappers for PKCS#11 functions
+ */
+static inline int mbedtls_ssl_pkcs11_decrypt( void *ctx, int mode, size_t *olen,
+                        const unsigned char *input, unsigned char *output,
+                        size_t output_max_len )
+{
+    return mbedtls_pkcs11_decrypt( (mbedtls_pkcs11_context *) ctx, mode, olen, input, output,
+                           output_max_len );
+}
+
+static inline int mbedtls_ssl_pkcs11_sign( void *ctx,
+                     int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+                     int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
+                     const unsigned char *hash, unsigned char *sig )
+{
+    ((void) f_rng);
+    ((void) p_rng);
+    return mbedtls_pkcs11_sign( (mbedtls_pkcs11_context *) ctx, mode, md_alg,
+                        hashlen, hash, sig );
+}
+
+static inline size_t mbedtls_ssl_pkcs11_key_len( void *ctx )
+{
+    return ( (mbedtls_pkcs11_context *) ctx )->len;
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_PKCS11_C */
+
+#endif /* MBEDTLS_PKCS11_H */
diff --git a/thirdparty/mbedtls/include/mbedtls/pkcs12.h b/thirdparty/mbedtls/include/mbedtls/pkcs12.h
new file mode 100644
index 0000000000..a621ef5b15
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/pkcs12.h
@@ -0,0 +1,120 @@
+/**
+ * \file pkcs12.h
+ *
+ * \brief PKCS#12 Personal Information Exchange Syntax
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_PKCS12_H
+#define MBEDTLS_PKCS12_H
+
+#include "md.h"
+#include "cipher.h"
+#include "asn1.h"
+
+#include <stddef.h>
+
+#define MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA                 -0x1F80  /**< Bad input parameters to function. */
+#define MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE            -0x1F00  /**< Feature not available, e.g. unsupported encryption scheme. */
+#define MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT             -0x1E80  /**< PBE ASN.1 data not as expected. */
+#define MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH              -0x1E00  /**< Given private key password does not allow for correct decryption. */
+
+#define MBEDTLS_PKCS12_DERIVE_KEY       1   /**< encryption/decryption key */
+#define MBEDTLS_PKCS12_DERIVE_IV        2   /**< initialization vector     */
+#define MBEDTLS_PKCS12_DERIVE_MAC_KEY   3   /**< integrity / MAC key       */
+
+#define MBEDTLS_PKCS12_PBE_DECRYPT      0
+#define MBEDTLS_PKCS12_PBE_ENCRYPT      1
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief            PKCS12 Password Based function (encryption / decryption)
+ *                   for pbeWithSHAAnd128BitRC4
+ *
+ * \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure
+ * \param mode       either MBEDTLS_PKCS12_PBE_ENCRYPT or MBEDTLS_PKCS12_PBE_DECRYPT
+ * \param pwd        the password used (may be NULL if no password is used)
+ * \param pwdlen     length of the password (may be 0)
+ * \param input      the input data
+ * \param len        data length
+ * \param output     the output buffer
+ *
+ * \return           0 if successful, or a MBEDTLS_ERR_XXX code
+ */
+int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode,
+                             const unsigned char *pwd,  size_t pwdlen,
+                             const unsigned char *input, size_t len,
+                             unsigned char *output );
+
+/**
+ * \brief            PKCS12 Password Based function (encryption / decryption)
+ *                   for cipher-based and mbedtls_md-based PBE's
+ *
+ * \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure
+ * \param mode       either MBEDTLS_PKCS12_PBE_ENCRYPT or MBEDTLS_PKCS12_PBE_DECRYPT
+ * \param cipher_type the cipher used
+ * \param md_type     the mbedtls_md used
+ * \param pwd        the password used (may be NULL if no password is used)
+ * \param pwdlen     length of the password (may be 0)
+ * \param input      the input data
+ * \param len        data length
+ * \param output     the output buffer
+ *
+ * \return           0 if successful, or a MBEDTLS_ERR_XXX code
+ */
+int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode,
+                mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
+                const unsigned char *pwd,  size_t pwdlen,
+                const unsigned char *input, size_t len,
+                unsigned char *output );
+
+/**
+ * \brief            The PKCS#12 derivation function uses a password and a salt
+ *                   to produce pseudo-random bits for a particular "purpose".
+ *
+ *                   Depending on the given id, this function can produce an
+ *                   encryption/decryption key, an nitialization vector or an
+ *                   integrity key.
+ *
+ * \param data       buffer to store the derived data in
+ * \param datalen    length to fill
+ * \param pwd        password to use (may be NULL if no password is used)
+ * \param pwdlen     length of the password (may be 0)
+ * \param salt       salt buffer to use
+ * \param saltlen    length of the salt
+ * \param mbedtls_md         mbedtls_md type to use during the derivation
+ * \param id         id that describes the purpose (can be MBEDTLS_PKCS12_DERIVE_KEY,
+ *                   MBEDTLS_PKCS12_DERIVE_IV or MBEDTLS_PKCS12_DERIVE_MAC_KEY)
+ * \param iterations number of iterations
+ *
+ * \return          0 if successful, or a MD, BIGNUM type error.
+ */
+int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen,
+                       const unsigned char *pwd, size_t pwdlen,
+                       const unsigned char *salt, size_t saltlen,
+                       mbedtls_md_type_t mbedtls_md, int id, int iterations );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* pkcs12.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/pkcs5.h b/thirdparty/mbedtls/include/mbedtls/pkcs5.h
new file mode 100644
index 0000000000..9a3c9fddcc
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/pkcs5.h
@@ -0,0 +1,95 @@
+/**
+ * \file pkcs5.h
+ *
+ * \brief PKCS#5 functions
+ *
+ * \author Mathias Olsson <mathias@kompetensum.com>
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_PKCS5_H
+#define MBEDTLS_PKCS5_H
+
+#include "asn1.h"
+#include "md.h"
+
+#include <stddef.h>
+#include <stdint.h>
+
+#define MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA                  -0x2f80  /**< Bad input parameters to function. */
+#define MBEDTLS_ERR_PKCS5_INVALID_FORMAT                  -0x2f00  /**< Unexpected ASN.1 data. */
+#define MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE             -0x2e80  /**< Requested encryption or digest alg not available. */
+#define MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH               -0x2e00  /**< Given private key password does not allow for correct decryption. */
+
+#define MBEDTLS_PKCS5_DECRYPT      0
+#define MBEDTLS_PKCS5_ENCRYPT      1
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          PKCS#5 PBES2 function
+ *
+ * \param pbe_params the ASN.1 algorithm parameters
+ * \param mode       either MBEDTLS_PKCS5_DECRYPT or MBEDTLS_PKCS5_ENCRYPT
+ * \param pwd        password to use when generating key
+ * \param pwdlen     length of password
+ * \param data       data to process
+ * \param datalen    length of data
+ * \param output     output buffer
+ *
+ * \returns        0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
+ */
+int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode,
+                 const unsigned char *pwd,  size_t pwdlen,
+                 const unsigned char *data, size_t datalen,
+                 unsigned char *output );
+
+/**
+ * \brief          PKCS#5 PBKDF2 using HMAC
+ *
+ * \param ctx      Generic HMAC context
+ * \param password Password to use when generating key
+ * \param plen     Length of password
+ * \param salt     Salt to use when generating key
+ * \param slen     Length of salt
+ * \param iteration_count       Iteration count
+ * \param key_length            Length of generated key in bytes
+ * \param output   Generated key. Must be at least as big as key_length
+ *
+ * \returns        0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
+ */
+int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *password,
+                       size_t plen, const unsigned char *salt, size_t slen,
+                       unsigned int iteration_count,
+                       uint32_t key_length, unsigned char *output );
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if the test failed
+ */
+int mbedtls_pkcs5_self_test( int verbose );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* pkcs5.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/platform.h b/thirdparty/mbedtls/include/mbedtls/platform.h
new file mode 100644
index 0000000000..ed10775848
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/platform.h
@@ -0,0 +1,348 @@
+/**
+ * \file platform.h
+ *
+ * \brief The Mbed TLS platform abstraction layer.
+ */
+/*
+ *  Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_PLATFORM_H
+#define MBEDTLS_PLATFORM_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_HAVE_TIME)
+#include "mbedtls/platform_time.h"
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \name SECTION: Module settings
+ *
+ * The configuration options you can set for this module are in this section.
+ * Either change them in config.h or define them on the compiler command line.
+ * \{
+ */
+
+#if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS)
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#if !defined(MBEDTLS_PLATFORM_STD_SNPRINTF)
+#if defined(_WIN32)
+#define MBEDTLS_PLATFORM_STD_SNPRINTF   mbedtls_platform_win32_snprintf /**< The default \c snprintf function to use.  */
+#else
+#define MBEDTLS_PLATFORM_STD_SNPRINTF   snprintf /**< The default \c snprintf function to use.  */
+#endif
+#endif
+#if !defined(MBEDTLS_PLATFORM_STD_PRINTF)
+#define MBEDTLS_PLATFORM_STD_PRINTF   printf /**< The default \c printf function to use. */
+#endif
+#if !defined(MBEDTLS_PLATFORM_STD_FPRINTF)
+#define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< The default \c fprintf function to use. */
+#endif
+#if !defined(MBEDTLS_PLATFORM_STD_CALLOC)
+#define MBEDTLS_PLATFORM_STD_CALLOC   calloc /**< The default \c calloc function to use. */
+#endif
+#if !defined(MBEDTLS_PLATFORM_STD_FREE)
+#define MBEDTLS_PLATFORM_STD_FREE       free /**< The default \c free function to use. */
+#endif
+#if !defined(MBEDTLS_PLATFORM_STD_EXIT)
+#define MBEDTLS_PLATFORM_STD_EXIT      exit /**< The default \c exit function to use. */
+#endif
+#if !defined(MBEDTLS_PLATFORM_STD_TIME)
+#define MBEDTLS_PLATFORM_STD_TIME       time    /**< The default \c time function to use. */
+#endif
+#if !defined(MBEDTLS_PLATFORM_STD_EXIT_SUCCESS)
+#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS  EXIT_SUCCESS /**< The default exit value to use. */
+#endif
+#if !defined(MBEDTLS_PLATFORM_STD_EXIT_FAILURE)
+#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE  EXIT_FAILURE /**< The default exit value to use. */
+#endif
+#if defined(MBEDTLS_FS_IO)
+#if !defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ)
+#define MBEDTLS_PLATFORM_STD_NV_SEED_READ   mbedtls_platform_std_nv_seed_read
+#endif
+#if !defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE)
+#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE  mbedtls_platform_std_nv_seed_write
+#endif
+#if !defined(MBEDTLS_PLATFORM_STD_NV_SEED_FILE)
+#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE   "seedfile"
+#endif
+#endif /* MBEDTLS_FS_IO */
+#else /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */
+#if defined(MBEDTLS_PLATFORM_STD_MEM_HDR)
+#include MBEDTLS_PLATFORM_STD_MEM_HDR
+#endif
+#endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */
+
+
+/* \} name SECTION: Module settings */
+
+/*
+ * The function pointers for calloc and free
+ */
+#if defined(MBEDTLS_PLATFORM_MEMORY)
+#if defined(MBEDTLS_PLATFORM_FREE_MACRO) && \
+    defined(MBEDTLS_PLATFORM_CALLOC_MACRO)
+#define mbedtls_free       MBEDTLS_PLATFORM_FREE_MACRO
+#define mbedtls_calloc     MBEDTLS_PLATFORM_CALLOC_MACRO
+#else
+/* For size_t */
+#include <stddef.h>
+extern void * (*mbedtls_calloc)( size_t n, size_t size );
+extern void (*mbedtls_free)( void *ptr );
+
+/**
+ * \brief   This function allows configuring custom memory-management functions.
+ *
+ * \param calloc_func   The \c calloc function implementation.
+ * \param free_func     The \c free function implementation.
+ *
+ * \return              \c 0.
+ */
+int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ),
+                              void (*free_func)( void * ) );
+#endif /* MBEDTLS_PLATFORM_FREE_MACRO && MBEDTLS_PLATFORM_CALLOC_MACRO */
+#else /* !MBEDTLS_PLATFORM_MEMORY */
+#define mbedtls_free       free
+#define mbedtls_calloc     calloc
+#endif /* MBEDTLS_PLATFORM_MEMORY && !MBEDTLS_PLATFORM_{FREE,CALLOC}_MACRO */
+
+/*
+ * The function pointers for fprintf
+ */
+#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT)
+/* We need FILE * */
+#include <stdio.h>
+extern int (*mbedtls_fprintf)( FILE *stream, const char *format, ... );
+
+/**
+ * \brief   This function allows configuring a custom \p fprintf function pointer.
+ *
+ * \param fprintf_func   The \c fprintf function implementation.
+ *
+ * \return               \c 0.
+ */
+int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *stream, const char *,
+                                               ... ) );
+#else
+#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO)
+#define mbedtls_fprintf    MBEDTLS_PLATFORM_FPRINTF_MACRO
+#else
+#define mbedtls_fprintf    fprintf
+#endif /* MBEDTLS_PLATFORM_FPRINTF_MACRO */
+#endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */
+
+/*
+ * The function pointers for printf
+ */
+#if defined(MBEDTLS_PLATFORM_PRINTF_ALT)
+extern int (*mbedtls_printf)( const char *format, ... );
+
+/**
+ * \brief    This function allows configuring a custom \c printf function
+ *           pointer.
+ *
+ * \param printf_func   The \c printf function implementation.
+ *
+ * \return              \c 0 on success.
+ */
+int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) );
+#else /* !MBEDTLS_PLATFORM_PRINTF_ALT */
+#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO)
+#define mbedtls_printf     MBEDTLS_PLATFORM_PRINTF_MACRO
+#else
+#define mbedtls_printf     printf
+#endif /* MBEDTLS_PLATFORM_PRINTF_MACRO */
+#endif /* MBEDTLS_PLATFORM_PRINTF_ALT */
+
+/*
+ * The function pointers for snprintf
+ *
+ * The snprintf implementation should conform to C99:
+ * - it *must* always correctly zero-terminate the buffer
+ *   (except when n == 0, then it must leave the buffer untouched)
+ * - however it is acceptable to return -1 instead of the required length when
+ *   the destination buffer is too short.
+ */
+#if defined(_WIN32)
+/* For Windows (inc. MSYS2), we provide our own fixed implementation */
+int mbedtls_platform_win32_snprintf( char *s, size_t n, const char *fmt, ... );
+#endif
+
+#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT)
+extern int (*mbedtls_snprintf)( char * s, size_t n, const char * format, ... );
+
+/**
+ * \brief   This function allows configuring a custom \c snprintf function
+ *          pointer.
+ *
+ * \param snprintf_func   The \c snprintf function implementation.
+ *
+ * \return    \c 0 on success.
+ */
+int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n,
+                                                 const char * format, ... ) );
+#else /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
+#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO)
+#define mbedtls_snprintf   MBEDTLS_PLATFORM_SNPRINTF_MACRO
+#else
+#define mbedtls_snprintf   snprintf
+#endif /* MBEDTLS_PLATFORM_SNPRINTF_MACRO */
+#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
+
+/*
+ * The function pointers for exit
+ */
+#if defined(MBEDTLS_PLATFORM_EXIT_ALT)
+extern void (*mbedtls_exit)( int status );
+
+/**
+ * \brief   This function allows configuring a custom \c exit function
+ *          pointer.
+ *
+ * \param exit_func   The \c exit function implementation.
+ *
+ * \return  \c 0 on success.
+ */
+int mbedtls_platform_set_exit( void (*exit_func)( int status ) );
+#else
+#if defined(MBEDTLS_PLATFORM_EXIT_MACRO)
+#define mbedtls_exit   MBEDTLS_PLATFORM_EXIT_MACRO
+#else
+#define mbedtls_exit   exit
+#endif /* MBEDTLS_PLATFORM_EXIT_MACRO */
+#endif /* MBEDTLS_PLATFORM_EXIT_ALT */
+
+/*
+ * The default exit values
+ */
+#if defined(MBEDTLS_PLATFORM_STD_EXIT_SUCCESS)
+#define MBEDTLS_EXIT_SUCCESS MBEDTLS_PLATFORM_STD_EXIT_SUCCESS
+#else
+#define MBEDTLS_EXIT_SUCCESS 0
+#endif
+#if defined(MBEDTLS_PLATFORM_STD_EXIT_FAILURE)
+#define MBEDTLS_EXIT_FAILURE MBEDTLS_PLATFORM_STD_EXIT_FAILURE
+#else
+#define MBEDTLS_EXIT_FAILURE 1
+#endif
+
+/*
+ * The function pointers for reading from and writing a seed file to
+ * Non-Volatile storage (NV) in a platform-independent way
+ *
+ * Only enabled when the NV seed entropy source is enabled
+ */
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+#if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) && defined(MBEDTLS_FS_IO)
+/* Internal standard platform definitions */
+int mbedtls_platform_std_nv_seed_read( unsigned char *buf, size_t buf_len );
+int mbedtls_platform_std_nv_seed_write( unsigned char *buf, size_t buf_len );
+#endif
+
+#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
+extern int (*mbedtls_nv_seed_read)( unsigned char *buf, size_t buf_len );
+extern int (*mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len );
+
+/**
+ * \brief   This function allows configuring custom seed file writing and
+ *          reading functions.
+ *
+ * \param   nv_seed_read_func   The seed reading function implementation.
+ * \param   nv_seed_write_func  The seed writing function implementation.
+ *
+ * \return  \c 0 on success.
+ */
+int mbedtls_platform_set_nv_seed(
+            int (*nv_seed_read_func)( unsigned char *buf, size_t buf_len ),
+            int (*nv_seed_write_func)( unsigned char *buf, size_t buf_len )
+            );
+#else
+#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) && \
+    defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO)
+#define mbedtls_nv_seed_read    MBEDTLS_PLATFORM_NV_SEED_READ_MACRO
+#define mbedtls_nv_seed_write   MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO
+#else
+#define mbedtls_nv_seed_read    mbedtls_platform_std_nv_seed_read
+#define mbedtls_nv_seed_write   mbedtls_platform_std_nv_seed_write
+#endif
+#endif /* MBEDTLS_PLATFORM_NV_SEED_ALT */
+#endif /* MBEDTLS_ENTROPY_NV_SEED */
+
+#if !defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT)
+
+/**
+ * \brief   The platform context structure.
+ *
+ * \note    This structure may be used to assist platform-specific
+ *          setup or teardown operations.
+ */
+typedef struct {
+    char dummy; /**< Placeholder member, as empty structs are not portable. */
+}
+mbedtls_platform_context;
+
+#else
+#include "platform_alt.h"
+#endif /* !MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */
+
+/**
+ * \brief   This function performs any platform initialization operations.
+ *
+ * \param   ctx     The Mbed TLS context.
+ *
+ * \return  \c 0 on success.
+ *
+ * \note    This function is intended to allow platform-specific initialization,
+ *          and should be called before any other library functions. Its
+ *          implementation is platform-specific, and unless
+ *          platform-specific code is provided, it does nothing.
+ *
+ *          Its use and whether it is necessary to call it is dependent on the
+ *          platform.
+ */
+int mbedtls_platform_setup( mbedtls_platform_context *ctx );
+/**
+ * \brief   This function performs any platform teardown operations.
+ *
+ * \param   ctx     The Mbed TLS context.
+ *
+ * \note    This function should be called after every other Mbed TLS module
+ *          has been correctly freed using the appropriate free function.
+ *          Its implementation is platform-specific, and unless
+ *          platform-specific code is provided, it does nothing.
+ *
+ *          Its use and whether it is necessary to call it is dependent on the
+ *          platform.
+ */
+void mbedtls_platform_teardown( mbedtls_platform_context *ctx );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* platform.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/platform_time.h b/thirdparty/mbedtls/include/mbedtls/platform_time.h
new file mode 100644
index 0000000000..2ed36f56c9
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/platform_time.h
@@ -0,0 +1,82 @@
+/**
+ * \file platform_time.h
+ *
+ * \brief mbed TLS Platform time abstraction
+ */
+/*
+ *  Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_PLATFORM_TIME_H
+#define MBEDTLS_PLATFORM_TIME_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \name SECTION: Module settings
+ *
+ * The configuration options you can set for this module are in this section.
+ * Either change them in config.h or define them on the compiler command line.
+ * \{
+ */
+
+/*
+ * The time_t datatype
+ */
+#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO)
+typedef MBEDTLS_PLATFORM_TIME_TYPE_MACRO mbedtls_time_t;
+#else
+/* For time_t */
+#include <time.h>
+typedef time_t mbedtls_time_t;
+#endif /* MBEDTLS_PLATFORM_TIME_TYPE_MACRO */
+
+/*
+ * The function pointers for time
+ */
+#if defined(MBEDTLS_PLATFORM_TIME_ALT)
+extern mbedtls_time_t (*mbedtls_time)( mbedtls_time_t* time );
+
+/**
+ * \brief   Set your own time function pointer
+ *
+ * \param   time_func   the time function implementation
+ *
+ * \return              0
+ */
+int mbedtls_platform_set_time( mbedtls_time_t (*time_func)( mbedtls_time_t* time ) );
+#else
+#if defined(MBEDTLS_PLATFORM_TIME_MACRO)
+#define mbedtls_time    MBEDTLS_PLATFORM_TIME_MACRO
+#else
+#define mbedtls_time   time
+#endif /* MBEDTLS_PLATFORM_TIME_MACRO */
+#endif /* MBEDTLS_PLATFORM_TIME_ALT */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* platform_time.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/ripemd160.h b/thirdparty/mbedtls/include/mbedtls/ripemd160.h
new file mode 100644
index 0000000000..c21868b185
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/ripemd160.h
@@ -0,0 +1,260 @@
+/**
+ * \file ripemd160.h
+ *
+ * \brief RIPE MD-160 message digest
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_RIPEMD160_H
+#define MBEDTLS_RIPEMD160_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+#include <stdint.h>
+
+#define MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED             -0x0031  /**< RIPEMD160 hardware accelerator failed */
+
+#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
+#if !defined(MBEDTLS_RIPEMD160_ALT)
+// Regular implementation
+//
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          RIPEMD-160 context structure
+ */
+typedef struct
+{
+    uint32_t total[2];          /*!< number of bytes processed  */
+    uint32_t state[5];          /*!< intermediate digest state  */
+    unsigned char buffer[64];   /*!< data block being processed */
+}
+mbedtls_ripemd160_context;
+
+/**
+ * \brief          Initialize RIPEMD-160 context
+ *
+ * \param ctx      RIPEMD-160 context to be initialized
+ */
+void mbedtls_ripemd160_init( mbedtls_ripemd160_context *ctx );
+
+/**
+ * \brief          Clear RIPEMD-160 context
+ *
+ * \param ctx      RIPEMD-160 context to be cleared
+ */
+void mbedtls_ripemd160_free( mbedtls_ripemd160_context *ctx );
+
+/**
+ * \brief          Clone (the state of) an RIPEMD-160 context
+ *
+ * \param dst      The destination context
+ * \param src      The context to be cloned
+ */
+void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst,
+                        const mbedtls_ripemd160_context *src );
+
+/**
+ * \brief          RIPEMD-160 context setup
+ *
+ * \param ctx      context to be initialized
+ *
+ * \return         0 if successful
+ */
+int mbedtls_ripemd160_starts_ret( mbedtls_ripemd160_context *ctx );
+
+/**
+ * \brief          RIPEMD-160 process buffer
+ *
+ * \param ctx      RIPEMD-160 context
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ *
+ * \return         0 if successful
+ */
+int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx,
+                                  const unsigned char *input,
+                                  size_t ilen );
+
+/**
+ * \brief          RIPEMD-160 final digest
+ *
+ * \param ctx      RIPEMD-160 context
+ * \param output   RIPEMD-160 checksum result
+ *
+ * \return         0 if successful
+ */
+int mbedtls_ripemd160_finish_ret( mbedtls_ripemd160_context *ctx,
+                                  unsigned char output[20] );
+
+/**
+ * \brief          RIPEMD-160 process data block (internal use only)
+ *
+ * \param ctx      RIPEMD-160 context
+ * \param data     buffer holding one block of data
+ *
+ * \return         0 if successful
+ */
+int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx,
+                                        const unsigned char data[64] );
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief          RIPEMD-160 context setup
+ *
+ * \deprecated     Superseded by mbedtls_ripemd160_starts_ret() in 2.7.0
+ *
+ * \param ctx      context to be initialized
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_ripemd160_starts(
+                                            mbedtls_ripemd160_context *ctx )
+{
+    mbedtls_ripemd160_starts_ret( ctx );
+}
+
+/**
+ * \brief          RIPEMD-160 process buffer
+ *
+ * \deprecated     Superseded by mbedtls_ripemd160_update_ret() in 2.7.0
+ *
+ * \param ctx      RIPEMD-160 context
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_ripemd160_update(
+                                                mbedtls_ripemd160_context *ctx,
+                                                const unsigned char *input,
+                                                size_t ilen )
+{
+    mbedtls_ripemd160_update_ret( ctx, input, ilen );
+}
+
+/**
+ * \brief          RIPEMD-160 final digest
+ *
+ * \deprecated     Superseded by mbedtls_ripemd160_finish_ret() in 2.7.0
+ *
+ * \param ctx      RIPEMD-160 context
+ * \param output   RIPEMD-160 checksum result
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_ripemd160_finish(
+                                                mbedtls_ripemd160_context *ctx,
+                                                unsigned char output[20] )
+{
+    mbedtls_ripemd160_finish_ret( ctx, output );
+}
+
+/**
+ * \brief          RIPEMD-160 process data block (internal use only)
+ *
+ * \deprecated     Superseded by mbedtls_internal_ripemd160_process() in 2.7.0
+ *
+ * \param ctx      RIPEMD-160 context
+ * \param data     buffer holding one block of data
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_ripemd160_process(
+                                            mbedtls_ripemd160_context *ctx,
+                                            const unsigned char data[64] )
+{
+    mbedtls_internal_ripemd160_process( ctx, data );
+}
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
+#ifdef __cplusplus
+}
+#endif
+
+#else  /* MBEDTLS_RIPEMD160_ALT */
+#include "ripemd160_alt.h"
+#endif /* MBEDTLS_RIPEMD160_ALT */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          Output = RIPEMD-160( input buffer )
+ *
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ * \param output   RIPEMD-160 checksum result
+ *
+ * \return         0 if successful
+ */
+int mbedtls_ripemd160_ret( const unsigned char *input,
+                           size_t ilen,
+                           unsigned char output[20] );
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief          Output = RIPEMD-160( input buffer )
+ *
+ * \deprecated     Superseded by mbedtls_ripemd160_ret() in 2.7.0
+ *
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ * \param output   RIPEMD-160 checksum result
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_ripemd160(
+                                                    const unsigned char *input,
+                                                    size_t ilen,
+                                                    unsigned char output[20] )
+{
+    mbedtls_ripemd160_ret( input, ilen, output );
+}
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if the test failed
+ */
+int mbedtls_ripemd160_self_test( int verbose );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* mbedtls_ripemd160.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/rsa.h b/thirdparty/mbedtls/include/mbedtls/rsa.h
new file mode 100644
index 0000000000..fb2f77f94f
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/rsa.h
@@ -0,0 +1,1126 @@
+/**
+ * \file rsa.h
+ *
+ * \brief The RSA public-key cryptosystem.
+ *
+ * For more information, see <em>Public-Key Cryptography Standards (PKCS)
+ * #1 v1.5: RSA Encryption</em> and <em>Public-Key Cryptography Standards
+ * (PKCS) #1 v2.1: RSA Cryptography Specifications</em>.
+ *
+ */
+/*
+ *  Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_RSA_H
+#define MBEDTLS_RSA_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "bignum.h"
+#include "md.h"
+
+#if defined(MBEDTLS_THREADING_C)
+#include "threading.h"
+#endif
+
+/*
+ * RSA Error codes
+ */
+#define MBEDTLS_ERR_RSA_BAD_INPUT_DATA                    -0x4080  /**< Bad input parameters to function. */
+#define MBEDTLS_ERR_RSA_INVALID_PADDING                   -0x4100  /**< Input data contains invalid padding and is rejected. */
+#define MBEDTLS_ERR_RSA_KEY_GEN_FAILED                    -0x4180  /**< Something failed during generation of a key. */
+#define MBEDTLS_ERR_RSA_KEY_CHECK_FAILED                  -0x4200  /**< Key failed to pass the validity check of the library. */
+#define MBEDTLS_ERR_RSA_PUBLIC_FAILED                     -0x4280  /**< The public key operation failed. */
+#define MBEDTLS_ERR_RSA_PRIVATE_FAILED                    -0x4300  /**< The private key operation failed. */
+#define MBEDTLS_ERR_RSA_VERIFY_FAILED                     -0x4380  /**< The PKCS#1 verification failed. */
+#define MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE                  -0x4400  /**< The output buffer for decryption is not large enough. */
+#define MBEDTLS_ERR_RSA_RNG_FAILED                        -0x4480  /**< The random generator failed to generate non-zeros. */
+#define MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION             -0x4500  /**< The implementation does not offer the requested operation, for example, because of security violations or lack of functionality. */
+#define MBEDTLS_ERR_RSA_HW_ACCEL_FAILED                   -0x4580  /**< RSA hardware accelerator failed. */
+
+/*
+ * RSA constants
+ */
+#define MBEDTLS_RSA_PUBLIC      0 /**< Request private key operation. */
+#define MBEDTLS_RSA_PRIVATE     1 /**< Request public key operation. */
+
+#define MBEDTLS_RSA_PKCS_V15    0 /**< Use PKCS-1 v1.5 encoding. */
+#define MBEDTLS_RSA_PKCS_V21    1 /**< Use PKCS-1 v2.1 encoding. */
+
+#define MBEDTLS_RSA_SIGN        1 /**< Identifier for RSA signature operations. */
+#define MBEDTLS_RSA_CRYPT       2 /**< Identifier for RSA encryption and decryption operations. */
+
+#define MBEDTLS_RSA_SALT_LEN_ANY    -1
+
+/*
+ * The above constants may be used even if the RSA module is compile out,
+ * eg for alternative (PKCS#11) RSA implemenations in the PK layers.
+ */
+
+#if !defined(MBEDTLS_RSA_ALT)
+// Regular implementation
+//
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief   The RSA context structure.
+ *
+ * \note    Direct manipulation of the members of this structure
+ *          is deprecated. All manipulation should instead be done through
+ *          the public interface functions.
+ */
+typedef struct
+{
+    int ver;                    /*!<  Always 0.*/
+    size_t len;                 /*!<  The size of \p N in Bytes. */
+
+    mbedtls_mpi N;                      /*!<  The public modulus. */
+    mbedtls_mpi E;                      /*!<  The public exponent. */
+
+    mbedtls_mpi D;                      /*!<  The private exponent. */
+    mbedtls_mpi P;                      /*!<  The first prime factor. */
+    mbedtls_mpi Q;                      /*!<  The second prime factor. */
+
+    mbedtls_mpi DP;                     /*!<  \p D % (P - 1)       */
+    mbedtls_mpi DQ;                     /*!<  \p D % (Q - 1)       */
+    mbedtls_mpi QP;                     /*!<  1 / (Q % P)       */
+
+    mbedtls_mpi RN;                     /*!<  cached R^2 mod \p N  */
+
+    mbedtls_mpi RP;                     /*!<  cached R^2 mod \p P  */
+    mbedtls_mpi RQ;                     /*!<  cached R^2 mod \p Q  */
+
+    mbedtls_mpi Vi;                     /*!<  The cached blinding value. */
+    mbedtls_mpi Vf;                     /*!<  The cached un-blinding value. */
+
+    int padding;                /*!< Selects padding mode:
+                                     #MBEDTLS_RSA_PKCS_V15 for 1.5 padding and
+                                     #MBEDTLS_RSA_PKCS_V21 for OAEP or PSS. */
+    int hash_id;                /*!< Hash identifier of mbedtls_md_type_t type,
+                                     as specified in md.h for use in the MGF
+                                     mask generating function used in the
+                                     EME-OAEP and EMSA-PSS encodings. */
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_threading_mutex_t mutex;    /*!<  Thread-safety mutex. */
+#endif
+}
+mbedtls_rsa_context;
+
+/**
+ * \brief          This function initializes an RSA context.
+ *
+ * \note           Set padding to #MBEDTLS_RSA_PKCS_V21 for the RSAES-OAEP
+ *                 encryption scheme and the RSASSA-PSS signature scheme.
+ *
+ * \param ctx      The RSA context to initialize.
+ * \param padding  Selects padding mode: #MBEDTLS_RSA_PKCS_V15 or
+ *                 #MBEDTLS_RSA_PKCS_V21.
+ * \param hash_id  The hash identifier of #mbedtls_md_type_t type, if
+ *                 \p padding is #MBEDTLS_RSA_PKCS_V21.
+ *
+ * \note           The \p hash_id parameter is ignored when using
+ *                 #MBEDTLS_RSA_PKCS_V15 padding.
+ *
+ * \note           The choice of padding mode is strictly enforced for private key
+ *                 operations, since there might be security concerns in
+ *                 mixing padding modes. For public key operations it is
+ *                 a default value, which can be overriden by calling specific
+ *                 \c rsa_rsaes_xxx or \c rsa_rsassa_xxx functions.
+ *
+ * \note           The hash selected in \p hash_id is always used for OEAP
+ *                 encryption. For PSS signatures, it is always used for
+ *                 making signatures, but can be overriden for verifying them.
+ *                 If set to #MBEDTLS_MD_NONE, it is always overriden.
+ */
+void mbedtls_rsa_init( mbedtls_rsa_context *ctx,
+                       int padding,
+                       int hash_id);
+
+/**
+ * \brief          This function imports a set of core parameters into an
+ *                 RSA context.
+ *
+ * \param ctx      The initialized RSA context to store the parameters in.
+ * \param N        The RSA modulus, or NULL.
+ * \param P        The first prime factor of \p N, or NULL.
+ * \param Q        The second prime factor of \p N, or NULL.
+ * \param D        The private exponent, or NULL.
+ * \param E        The public exponent, or NULL.
+ *
+ * \note           This function can be called multiple times for successive
+ *                 imports, if the parameters are not simultaneously present.
+ *
+ *                 Any sequence of calls to this function should be followed
+ *                 by a call to mbedtls_rsa_complete(), which checks and
+ *                 completes the provided information to a ready-for-use
+ *                 public or private RSA key.
+ *
+ * \note           See mbedtls_rsa_complete() for more information on which
+ *                 parameters are necessary to set up a private or public
+ *                 RSA key.
+ *
+ * \note           The imported parameters are copied and need not be preserved
+ *                 for the lifetime of the RSA context being set up.
+ *
+ * \return         \c 0 on success, or a non-zero error code on failure.
+ */
+int mbedtls_rsa_import( mbedtls_rsa_context *ctx,
+                        const mbedtls_mpi *N,
+                        const mbedtls_mpi *P, const mbedtls_mpi *Q,
+                        const mbedtls_mpi *D, const mbedtls_mpi *E );
+
+/**
+ * \brief          This function imports core RSA parameters, in raw big-endian
+ *                 binary format, into an RSA context.
+ *
+ * \param ctx      The initialized RSA context to store the parameters in.
+ * \param N        The RSA modulus, or NULL.
+ * \param N_len    The Byte length of \p N, ignored if \p N == NULL.
+ * \param P        The first prime factor of \p N, or NULL.
+ * \param P_len    The Byte length of \p P, ignored if \p P == NULL.
+ * \param Q        The second prime factor of \p N, or NULL.
+ * \param Q_len    The Byte length of \p Q, ignored if \p Q == NULL.
+ * \param D        The private exponent, or NULL.
+ * \param D_len    The Byte length of \p D, ignored if \p D == NULL.
+ * \param E        The public exponent, or NULL.
+ * \param E_len    The Byte length of \p E, ignored if \p E == NULL.
+ *
+ * \note           This function can be called multiple times for successive
+ *                 imports, if the parameters are not simultaneously present.
+ *
+ *                 Any sequence of calls to this function should be followed
+ *                 by a call to mbedtls_rsa_complete(), which checks and
+ *                 completes the provided information to a ready-for-use
+ *                 public or private RSA key.
+ *
+ * \note           See mbedtls_rsa_complete() for more information on which
+ *                 parameters are necessary to set up a private or public
+ *                 RSA key.
+ *
+ * \note           The imported parameters are copied and need not be preserved
+ *                 for the lifetime of the RSA context being set up.
+ *
+ * \return         \c 0 on success, or a non-zero error code on failure.
+ */
+int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx,
+                            unsigned char const *N, size_t N_len,
+                            unsigned char const *P, size_t P_len,
+                            unsigned char const *Q, size_t Q_len,
+                            unsigned char const *D, size_t D_len,
+                            unsigned char const *E, size_t E_len );
+
+/**
+ * \brief          This function completes an RSA context from
+ *                 a set of imported core parameters.
+ *
+ *                 To setup an RSA public key, precisely \p N and \p E
+ *                 must have been imported.
+ *
+ *                 To setup an RSA private key, sufficient information must
+ *                 be present for the other parameters to be derivable.
+ *
+ *                 The default implementation supports the following:
+ *                 <ul><li>Derive \p P, \p Q from \p N, \p D, \p E.</li>
+ *                 <li>Derive \p N, \p D from \p P, \p Q, \p E.</li></ul>
+ *                 Alternative implementations need not support these.
+ *
+ *                 If this function runs successfully, it guarantees that
+ *                 the RSA context can be used for RSA operations without
+ *                 the risk of failure or crash.
+ *
+ * \param ctx      The initialized RSA context holding imported parameters.
+ *
+ * \return         \c 0 on success, or #MBEDTLS_ERR_RSA_BAD_INPUT_DATA if the
+ *                 attempted derivations failed.
+ *
+ * \warning        This function need not perform consistency checks
+ *                 for the imported parameters. In particular, parameters that
+ *                 are not needed by the implementation might be silently
+ *                 discarded and left unchecked. To check the consistency
+ *                 of the key material, see mbedtls_rsa_check_privkey().
+ *
+ */
+int mbedtls_rsa_complete( mbedtls_rsa_context *ctx );
+
+/**
+ * \brief          This function exports the core parameters of an RSA key.
+ *
+ *                 If this function runs successfully, the non-NULL buffers
+ *                 pointed to by \p N, \p P, \p Q, \p D, and \p E are fully
+ *                 written, with additional unused space filled leading by
+ *                 zero Bytes.
+ *
+ *                 Possible reasons for returning
+ *                 #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION:<ul>
+ *                 <li>An alternative RSA implementation is in use, which
+ *                 stores the key externally, and either cannot or should
+ *                 not export it into RAM.</li>
+ *                 <li>A SW or HW implementation might not support a certain
+ *                 deduction. For example, \p P, \p Q from \p N, \p D,
+ *                 and \p E if the former are not part of the
+ *                 implementation.</li></ul>
+ *
+ *                 If the function fails due to an unsupported operation,
+ *                 the RSA context stays intact and remains usable.
+ *
+ * \param ctx      The initialized RSA context.
+ * \param N        The MPI to hold the RSA modulus, or NULL.
+ * \param P        The MPI to hold the first prime factor of \p N, or NULL.
+ * \param Q        The MPI to hold the second prime factor of \p N, or NULL.
+ * \param D        The MPI to hold the private exponent, or NULL.
+ * \param E        The MPI to hold the public exponent, or NULL.
+ *
+ * \return         \c 0 on success,
+ *                 #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION if exporting the
+ *                 requested parameters cannot be done due to missing
+ *                 functionality or because of security policies,
+ *                 or a non-zero return code on any other failure.
+ *
+ */
+int mbedtls_rsa_export( const mbedtls_rsa_context *ctx,
+                        mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q,
+                        mbedtls_mpi *D, mbedtls_mpi *E );
+
+/**
+ * \brief          This function exports core parameters of an RSA key
+ *                 in raw big-endian binary format.
+ *
+ *                 If this function runs successfully, the non-NULL buffers
+ *                 pointed to by \p N, \p P, \p Q, \p D, and \p E are fully
+ *                 written, with additional unused space filled leading by
+ *                 zero Bytes.
+ *
+ *                 Possible reasons for returning
+ *                 #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION:<ul>
+ *                 <li>An alternative RSA implementation is in use, which
+ *                 stores the key externally, and either cannot or should
+ *                 not export it into RAM.</li>
+ *                 <li>A SW or HW implementation might not support a certain
+ *                 deduction. For example, \p P, \p Q from \p N, \p D,
+ *                 and \p E if the former are not part of the
+ *                 implementation.</li></ul>
+ *                 If the function fails due to an unsupported operation,
+ *                 the RSA context stays intact and remains usable.
+ *
+ * \param ctx      The initialized RSA context.
+ * \param N        The Byte array to store the RSA modulus, or NULL.
+ * \param N_len    The size of the buffer for the modulus.
+ * \param P        The Byte array to hold the first prime factor of \p N, or
+ *                 NULL.
+ * \param P_len    The size of the buffer for the first prime factor.
+ * \param Q        The Byte array to hold the second prime factor of \p N, or
+                   NULL.
+ * \param Q_len    The size of the buffer for the second prime factor.
+ * \param D        The Byte array to hold the private exponent, or NULL.
+ * \param D_len    The size of the buffer for the private exponent.
+ * \param E        The Byte array to hold the public exponent, or NULL.
+ * \param E_len    The size of the buffer for the public exponent.
+ *
+ * \note           The length fields are ignored if the corresponding
+ *                 buffer pointers are NULL.
+ *
+ * \return         \c 0 on success,
+ *                 #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION if exporting the
+ *                 requested parameters cannot be done due to missing
+ *                 functionality or because of security policies,
+ *                 or a non-zero return code on any other failure.
+ */
+int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx,
+                            unsigned char *N, size_t N_len,
+                            unsigned char *P, size_t P_len,
+                            unsigned char *Q, size_t Q_len,
+                            unsigned char *D, size_t D_len,
+                            unsigned char *E, size_t E_len );
+
+/**
+ * \brief          This function exports CRT parameters of a private RSA key.
+ *
+ * \param ctx      The initialized RSA context.
+ * \param DP       The MPI to hold D modulo P-1, or NULL.
+ * \param DQ       The MPI to hold D modulo Q-1, or NULL.
+ * \param QP       The MPI to hold modular inverse of Q modulo P, or NULL.
+ *
+ * \return         \c 0 on success, non-zero error code otherwise.
+ *
+ * \note           Alternative RSA implementations not using CRT-parameters
+ *                 internally can implement this function based on
+ *                 mbedtls_rsa_deduce_opt().
+ *
+ */
+int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx,
+                            mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP );
+
+/**
+ * \brief          This function sets padding for an already initialized RSA
+ *                 context. See mbedtls_rsa_init() for details.
+ *
+ * \param ctx      The RSA context to be set.
+ * \param padding  Selects padding mode: #MBEDTLS_RSA_PKCS_V15 or
+ *                 #MBEDTLS_RSA_PKCS_V21.
+ * \param hash_id  The #MBEDTLS_RSA_PKCS_V21 hash identifier.
+ */
+void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding,
+                              int hash_id);
+
+/**
+ * \brief          This function retrieves the length of RSA modulus in Bytes.
+ *
+ * \param ctx      The initialized RSA context.
+ *
+ * \return         The length of the RSA modulus in Bytes.
+ *
+ */
+size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx );
+
+/**
+ * \brief          This function generates an RSA keypair.
+ *
+ * \param ctx      The RSA context used to hold the key.
+ * \param f_rng    The RNG function.
+ * \param p_rng    The RNG parameter.
+ * \param nbits    The size of the public key in bits.
+ * \param exponent The public exponent. For example, 65537.
+ *
+ * \note           mbedtls_rsa_init() must be called before this function,
+ *                 to set up the RSA context.
+ *
+ * \return         \c 0 on success, or an \c MBEDTLS_ERR_RSA_XXX error code
+                   on failure.
+ */
+int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx,
+                         int (*f_rng)(void *, unsigned char *, size_t),
+                         void *p_rng,
+                         unsigned int nbits, int exponent );
+
+/**
+ * \brief          This function checks if a context contains at least an RSA
+ *                 public key.
+ *
+ *                 If the function runs successfully, it is guaranteed that
+ *                 enough information is present to perform an RSA public key
+ *                 operation using mbedtls_rsa_public().
+ *
+ * \param ctx      The RSA context to check.
+ *
+ * \return         \c 0 on success, or an \c MBEDTLS_ERR_RSA_XXX error code
+ *                 on failure.
+ *
+ */
+int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx );
+
+/**
+ * \brief      This function checks if a context contains an RSA private key
+ *             and perform basic consistency checks.
+ *
+ * \param ctx  The RSA context to check.
+ *
+ * \return     \c 0 on success, or an \c MBEDTLS_ERR_RSA_XXX error code on
+ *             failure.
+ *
+ * \note       The consistency checks performed by this function not only
+ *             ensure that mbedtls_rsa_private() can be called successfully
+ *             on the given context, but that the various parameters are
+ *             mutually consistent with high probability, in the sense that
+ *             mbedtls_rsa_public() and mbedtls_rsa_private() are inverses.
+ *
+ * \warning    This function should catch accidental misconfigurations
+ *             like swapping of parameters, but it cannot establish full
+ *             trust in neither the quality nor the consistency of the key
+ *             material that was used to setup the given RSA context:
+ *             <ul><li>Consistency: Imported parameters that are irrelevant
+ *             for the implementation might be silently dropped. If dropped,
+ *             the current function does not have access to them,
+ *             and therefore cannot check them. See mbedtls_rsa_complete().
+ *             If you want to check the consistency of the entire
+ *             content of an PKCS1-encoded RSA private key, for example, you
+ *             should use mbedtls_rsa_validate_params() before setting
+ *             up the RSA context.
+ *             Additionally, if the implementation performs empirical checks,
+ *             these checks substantiate but do not guarantee consistency.</li>
+ *             <li>Quality: This function is not expected to perform
+ *             extended quality assessments like checking that the prime
+ *             factors are safe. Additionally, it is the responsibility of the
+ *             user to ensure the trustworthiness of the source of his RSA
+ *             parameters, which goes beyond what is effectively checkable
+ *             by the library.</li></ul>
+ */
+int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx );
+
+/**
+ * \brief          This function checks a public-private RSA key pair.
+ *
+ *                 It checks each of the contexts, and makes sure they match.
+ *
+ * \param pub      The RSA context holding the public key.
+ * \param prv      The RSA context holding the private key.
+ *
+ * \return         \c 0 on success, or an \c MBEDTLS_ERR_RSA_XXX error code
+ *                 on failure.
+ */
+int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub,
+                                const mbedtls_rsa_context *prv );
+
+/**
+ * \brief          This function performs an RSA public key operation.
+ *
+ * \param ctx      The RSA context.
+ * \param input    The input buffer.
+ * \param output   The output buffer.
+ *
+ * \return         \c 0 on success, or an \c MBEDTLS_ERR_RSA_XXX error code
+ *                 on failure.
+ *
+ * \note           This function does not handle message padding.
+ *
+ * \note           Make sure to set \p input[0] = 0 or ensure that
+ *                 input is smaller than \p N.
+ *
+ * \note           The input and output buffers must be large
+ *                 enough. For example, 128 Bytes if RSA-1024 is used.
+ */
+int mbedtls_rsa_public( mbedtls_rsa_context *ctx,
+                const unsigned char *input,
+                unsigned char *output );
+
+/**
+ * \brief          This function performs an RSA private key operation.
+ *
+ * \param ctx      The RSA context.
+ * \param f_rng    The RNG function. Needed for blinding.
+ * \param p_rng    The RNG parameter.
+ * \param input    The input buffer.
+ * \param output   The output buffer.
+ *
+ * \return         \c 0 on success, or an \c MBEDTLS_ERR_RSA_XXX error code
+ *                 on failure.
+ *
+ * \note           The input and output buffers must be large
+ *                 enough. For example, 128 Bytes if RSA-1024 is used.
+ */
+int mbedtls_rsa_private( mbedtls_rsa_context *ctx,
+                 int (*f_rng)(void *, unsigned char *, size_t),
+                 void *p_rng,
+                 const unsigned char *input,
+                 unsigned char *output );
+
+/**
+ * \brief          This function adds the message padding, then performs an RSA
+ *                 operation.
+ *
+ *                 It is the generic wrapper for performing a PKCS#1 encryption
+ *                 operation using the \p mode from the context.
+ *
+ *
+ * \param ctx      The RSA context.
+ * \param f_rng    The RNG function. Needed for padding, PKCS#1 v2.1
+ *                 encoding, and #MBEDTLS_RSA_PRIVATE.
+ * \param p_rng    The RNG parameter.
+ * \param mode     #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE.
+ * \param ilen     The length of the plaintext.
+ * \param input    The buffer holding the data to encrypt.
+ * \param output   The buffer used to hold the ciphertext.
+ *
+ * \deprecated     It is deprecated and discouraged to call this function
+ *                 in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library
+ *                 are likely to remove the \p mode argument and have it
+ *                 implicitly set to #MBEDTLS_RSA_PUBLIC.
+ *
+ * \note           Alternative implementations of RSA need not support
+ *                 mode being set to #MBEDTLS_RSA_PRIVATE and might instead
+ *                 return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION.
+ *
+ * \return         \c 0 on success, or an \c MBEDTLS_ERR_RSA_XXX error code
+ *                 on failure.
+ *
+ * \note           The input and output buffers must be as large as the size
+ *                 of \p ctx->N. For example, 128 Bytes if RSA-1024 is used.
+ */
+int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
+                       int (*f_rng)(void *, unsigned char *, size_t),
+                       void *p_rng,
+                       int mode, size_t ilen,
+                       const unsigned char *input,
+                       unsigned char *output );
+
+/**
+ * \brief          This function performs a PKCS#1 v1.5 encryption operation
+ *                 (RSAES-PKCS1-v1_5-ENCRYPT).
+ *
+ * \param ctx      The RSA context.
+ * \param f_rng    The RNG function. Needed for padding and
+ *                 #MBEDTLS_RSA_PRIVATE.
+ * \param p_rng    The RNG parameter.
+ * \param mode     #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE.
+ * \param ilen     The length of the plaintext.
+ * \param input    The buffer holding the data to encrypt.
+ * \param output   The buffer used to hold the ciphertext.
+ *
+ * \deprecated     It is deprecated and discouraged to call this function
+ *                 in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library
+ *                 are likely to remove the \p mode argument and have it
+ *                 implicitly set to #MBEDTLS_RSA_PUBLIC.
+ *
+ * \note           Alternative implementations of RSA need not support
+ *                 mode being set to #MBEDTLS_RSA_PRIVATE and might instead
+ *                 return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION.
+ *
+ * \return         \c 0 on success, or an \c MBEDTLS_ERR_RSA_XXX error code
+ *                 on failure.
+ *
+ * \note           The output buffer must be as large as the size
+ *                 of \p ctx->N. For example, 128 Bytes if RSA-1024 is used.
+ */
+int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
+                                 int (*f_rng)(void *, unsigned char *, size_t),
+                                 void *p_rng,
+                                 int mode, size_t ilen,
+                                 const unsigned char *input,
+                                 unsigned char *output );
+
+/**
+ * \brief            This function performs a PKCS#1 v2.1 OAEP encryption
+ *                   operation (RSAES-OAEP-ENCRYPT).
+ *
+ * \param ctx        The RSA context.
+ * \param f_rng      The RNG function. Needed for padding and PKCS#1 v2.1
+ *                   encoding and #MBEDTLS_RSA_PRIVATE.
+ * \param p_rng      The RNG parameter.
+ * \param mode       #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE.
+ * \param label      The buffer holding the custom label to use.
+ * \param label_len  The length of the label.
+ * \param ilen       The length of the plaintext.
+ * \param input      The buffer holding the data to encrypt.
+ * \param output     The buffer used to hold the ciphertext.
+ *
+ * \deprecated     It is deprecated and discouraged to call this function
+ *                 in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library
+ *                 are likely to remove the \p mode argument and have it
+ *                 implicitly set to #MBEDTLS_RSA_PUBLIC.
+ *
+ * \note           Alternative implementations of RSA need not support
+ *                 mode being set to #MBEDTLS_RSA_PRIVATE and might instead
+ *                 return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION.
+ *
+ * \return         \c 0 on success, or an \c MBEDTLS_ERR_RSA_XXX error code
+ *                 on failure.
+ *
+ * \note           The output buffer must be as large as the size
+ *                 of ctx->N. For example, 128 Bytes if RSA-1024 is used.
+ */
+int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng,
+                            int mode,
+                            const unsigned char *label, size_t label_len,
+                            size_t ilen,
+                            const unsigned char *input,
+                            unsigned char *output );
+
+/**
+ * \brief          This function performs an RSA operation, then removes the
+ *                 message padding.
+ *
+ *                 It is the generic wrapper for performing a PKCS#1 decryption
+ *                 operation using the \p mode from the context.
+ *
+ * \param ctx      The RSA context.
+ * \param f_rng    The RNG function. Only needed for #MBEDTLS_RSA_PRIVATE.
+ * \param p_rng    The RNG parameter.
+ * \param mode     #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE.
+ * \param olen     The length of the plaintext.
+ * \param input    The buffer holding the encrypted data.
+ * \param output   The buffer used to hold the plaintext.
+ * \param output_max_len    The maximum length of the output buffer.
+ *
+ * \deprecated     It is deprecated and discouraged to call this function
+ *                 in #MBEDTLS_RSA_PUBLIC mode. Future versions of the library
+ *                 are likely to remove the \p mode argument and have it
+ *                 implicitly set to #MBEDTLS_RSA_PRIVATE.
+ *
+ * \note           Alternative implementations of RSA need not support
+ *                 mode being set to #MBEDTLS_RSA_PUBLIC and might instead
+ *                 return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION.
+ *
+ * \return         \c 0 on success, or an \c MBEDTLS_ERR_RSA_XXX error code
+ *                 on failure.
+ *
+ * \note           The output buffer length \c output_max_len should be
+ *                 as large as the size \p ctx->len of \p ctx->N (for example,
+ *                 128 Bytes if RSA-1024 is used) to be able to hold an
+ *                 arbitrary decrypted message. If it is not large enough to
+ *                 hold the decryption of the particular ciphertext provided,
+ *                 the function returns \c MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE.
+ *
+ * \note           The input buffer must be as large as the size
+ *                 of \p ctx->N. For example, 128 Bytes if RSA-1024 is used.
+ */
+int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx,
+                       int (*f_rng)(void *, unsigned char *, size_t),
+                       void *p_rng,
+                       int mode, size_t *olen,
+                       const unsigned char *input,
+                       unsigned char *output,
+                       size_t output_max_len );
+
+/**
+ * \brief          This function performs a PKCS#1 v1.5 decryption
+ *                 operation (RSAES-PKCS1-v1_5-DECRYPT).
+ *
+ * \param ctx      The RSA context.
+ * \param f_rng    The RNG function. Only needed for #MBEDTLS_RSA_PRIVATE.
+ * \param p_rng    The RNG parameter.
+ * \param mode     #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE.
+ * \param olen     The length of the plaintext.
+ * \param input    The buffer holding the encrypted data.
+ * \param output   The buffer to hold the plaintext.
+ * \param output_max_len    The maximum length of the output buffer.
+ *
+ * \deprecated     It is deprecated and discouraged to call this function
+ *                 in #MBEDTLS_RSA_PUBLIC mode. Future versions of the library
+ *                 are likely to remove the \p mode argument and have it
+ *                 implicitly set to #MBEDTLS_RSA_PRIVATE.
+ *
+ * \note           Alternative implementations of RSA need not support
+ *                 mode being set to #MBEDTLS_RSA_PUBLIC and might instead
+ *                 return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION.
+ *
+ * \return         \c 0 on success, or an \c MBEDTLS_ERR_RSA_XXX error code
+ *                 on failure.
+ *
+ * \note           The output buffer length \c output_max_len should be
+ *                 as large as the size \p ctx->len of \p ctx->N, for example,
+ *                 128 Bytes if RSA-1024 is used, to be able to hold an
+ *                 arbitrary decrypted message. If it is not large enough to
+ *                 hold the decryption of the particular ciphertext provided,
+ *                 the function returns #MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE.
+ *
+ * \note           The input buffer must be as large as the size
+ *                 of \p ctx->N. For example, 128 Bytes if RSA-1024 is used.
+ */
+int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx,
+                                 int (*f_rng)(void *, unsigned char *, size_t),
+                                 void *p_rng,
+                                 int mode, size_t *olen,
+                                 const unsigned char *input,
+                                 unsigned char *output,
+                                 size_t output_max_len );
+
+/**
+ * \brief          This function performs a PKCS#1 v2.1 OAEP decryption
+ *                 operation (RSAES-OAEP-DECRYPT).
+ *
+ * \param ctx        The RSA context.
+ * \param f_rng      The RNG function. Only needed for #MBEDTLS_RSA_PRIVATE.
+ * \param p_rng      The RNG parameter.
+ * \param mode       #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE.
+ * \param label      The buffer holding the custom label to use.
+ * \param label_len  The length of the label.
+ * \param olen       The length of the plaintext.
+ * \param input      The buffer holding the encrypted data.
+ * \param output     The buffer to hold the plaintext.
+ * \param output_max_len    The maximum length of the output buffer.
+ *
+ * \deprecated     It is deprecated and discouraged to call this function
+ *                 in #MBEDTLS_RSA_PUBLIC mode. Future versions of the library
+ *                 are likely to remove the \p mode argument and have it
+ *                 implicitly set to #MBEDTLS_RSA_PRIVATE.
+ *
+ * \note           Alternative implementations of RSA need not support
+ *                 mode being set to #MBEDTLS_RSA_PUBLIC and might instead
+ *                 return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION.
+ *
+ * \return         \c 0 on success, or an \c MBEDTLS_ERR_RSA_XXX error code
+ *                 on failure.
+ *
+ * \note           The output buffer length \c output_max_len should be
+ *                 as large as the size \p ctx->len of \p ctx->N, for
+ *                 example, 128 Bytes if RSA-1024 is used, to be able to
+ *                 hold an arbitrary decrypted message. If it is not
+ *                 large enough to hold the decryption of the particular
+ *                 ciphertext provided, the function returns
+ *                 #MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE.
+ *
+ * \note           The input buffer must be as large as the size
+ *                 of \p ctx->N. For example, 128 Bytes if RSA-1024 is used.
+ */
+int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng,
+                            int mode,
+                            const unsigned char *label, size_t label_len,
+                            size_t *olen,
+                            const unsigned char *input,
+                            unsigned char *output,
+                            size_t output_max_len );
+
+/**
+ * \brief          This function performs a private RSA operation to sign
+ *                 a message digest using PKCS#1.
+ *
+ *                 It is the generic wrapper for performing a PKCS#1
+ *                 signature using the \p mode from the context.
+ *
+ * \param ctx      The RSA context.
+ * \param f_rng    The RNG function. Needed for PKCS#1 v2.1 encoding and for
+ *                 #MBEDTLS_RSA_PRIVATE.
+ * \param p_rng    The RNG parameter.
+ * \param mode     #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE.
+ * \param md_alg   The message-digest algorithm used to hash the original data.
+ *                 Use #MBEDTLS_MD_NONE for signing raw data.
+ * \param hashlen  The length of the message digest. Only used if \p md_alg is #MBEDTLS_MD_NONE.
+ * \param hash     The buffer holding the message digest.
+ * \param sig      The buffer to hold the ciphertext.
+ *
+ * \deprecated     It is deprecated and discouraged to call this function
+ *                 in #MBEDTLS_RSA_PUBLIC mode. Future versions of the library
+ *                 are likely to remove the \p mode argument and have it
+ *                 implicitly set to #MBEDTLS_RSA_PRIVATE.
+ *
+ * \note           Alternative implementations of RSA need not support
+ *                 mode being set to #MBEDTLS_RSA_PUBLIC and might instead
+ *                 return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION.
+ *
+ * \return         \c 0 if the signing operation was successful,
+ *                 or an \c MBEDTLS_ERR_RSA_XXX error code on failure.
+ *
+ * \note           The \p sig buffer must be as large as the size
+ *                 of \p ctx->N. For example, 128 Bytes if RSA-1024 is used.
+ *
+ * \note           For PKCS#1 v2.1 encoding, see comments on
+ *                 mbedtls_rsa_rsassa_pss_sign() for details on
+ *                 \p md_alg and \p hash_id.
+ */
+int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
+                    int (*f_rng)(void *, unsigned char *, size_t),
+                    void *p_rng,
+                    int mode,
+                    mbedtls_md_type_t md_alg,
+                    unsigned int hashlen,
+                    const unsigned char *hash,
+                    unsigned char *sig );
+
+/**
+ * \brief          This function performs a PKCS#1 v1.5 signature
+ *                 operation (RSASSA-PKCS1-v1_5-SIGN).
+ *
+ * \param ctx      The RSA context.
+ * \param f_rng    The RNG function. Only needed for #MBEDTLS_RSA_PRIVATE.
+ * \param p_rng    The RNG parameter.
+ * \param mode     #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE.
+ * \param md_alg   The message-digest algorithm used to hash the original data.
+ *                 Use #MBEDTLS_MD_NONE for signing raw data.
+ * \param hashlen  The length of the message digest. Only used if \p md_alg is #MBEDTLS_MD_NONE.
+ * \param hash     The buffer holding the message digest.
+ * \param sig      The buffer to hold the ciphertext.
+ *
+ * \deprecated     It is deprecated and discouraged to call this function
+ *                 in #MBEDTLS_RSA_PUBLIC mode. Future versions of the library
+ *                 are likely to remove the \p mode argument and have it
+ *                 implicitly set to #MBEDTLS_RSA_PRIVATE.
+ *
+ * \note           Alternative implementations of RSA need not support
+ *                 mode being set to #MBEDTLS_RSA_PUBLIC and might instead
+ *                 return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION.
+ *
+ * \return         \c 0 if the signing operation was successful,
+ *                 or an \c MBEDTLS_ERR_RSA_XXX error code
+ *                 on failure.
+ *
+ * \note           The \p sig buffer must be as large as the size
+ *                 of \p ctx->N. For example, 128 Bytes if RSA-1024 is used.
+ */
+int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
+                               int (*f_rng)(void *, unsigned char *, size_t),
+                               void *p_rng,
+                               int mode,
+                               mbedtls_md_type_t md_alg,
+                               unsigned int hashlen,
+                               const unsigned char *hash,
+                               unsigned char *sig );
+
+/**
+ * \brief          This function performs a PKCS#1 v2.1 PSS signature
+ *                 operation (RSASSA-PSS-SIGN).
+ *
+ * \param ctx      The RSA context.
+ * \param f_rng    The RNG function. Needed for PKCS#1 v2.1 encoding and for
+ *                 #MBEDTLS_RSA_PRIVATE.
+ * \param p_rng    The RNG parameter.
+ * \param mode     #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE.
+ * \param md_alg   The message-digest algorithm used to hash the original data.
+ *                 Use #MBEDTLS_MD_NONE for signing raw data.
+ * \param hashlen  The length of the message digest. Only used if \p md_alg is #MBEDTLS_MD_NONE.
+ * \param hash     The buffer holding the message digest.
+ * \param sig      The buffer to hold the ciphertext.
+ *
+ * \deprecated     It is deprecated and discouraged to call this function
+ *                 in #MBEDTLS_RSA_PUBLIC mode. Future versions of the library
+ *                 are likely to remove the \p mode argument and have it
+ *                 implicitly set to #MBEDTLS_RSA_PRIVATE.
+ *
+ * \note           Alternative implementations of RSA need not support
+ *                 mode being set to #MBEDTLS_RSA_PUBLIC and might instead
+ *                 return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION.
+ *
+ * \return         \c 0 if the signing operation was successful,
+ *                 or an \c MBEDTLS_ERR_RSA_XXX error code
+ *                 on failure.
+ *
+ * \note           The \p sig buffer must be as large as the size
+ *                 of \p ctx->N. For example, 128 Bytes if RSA-1024 is used.
+ *
+ * \note           The \p hash_id in the RSA context is the one used for the
+ *                 encoding. \p md_alg in the function call is the type of hash
+ *                 that is encoded. According to <em>RFC-3447: Public-Key
+ *                 Cryptography Standards (PKCS) #1 v2.1: RSA Cryptography
+ *                 Specifications</em> it is advised to keep both hashes the
+ *                 same.
+ */
+int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
+                         int (*f_rng)(void *, unsigned char *, size_t),
+                         void *p_rng,
+                         int mode,
+                         mbedtls_md_type_t md_alg,
+                         unsigned int hashlen,
+                         const unsigned char *hash,
+                         unsigned char *sig );
+
+/**
+ * \brief          This function performs a public RSA operation and checks
+ *                 the message digest.
+ *
+ *                 This is the generic wrapper for performing a PKCS#1
+ *                 verification using the mode from the context.
+ *
+ * \param ctx      The RSA public key context.
+ * \param f_rng    The RNG function. Only needed for #MBEDTLS_RSA_PRIVATE.
+ * \param p_rng    The RNG parameter.
+ * \param mode     #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE.
+ * \param md_alg   The message-digest algorithm used to hash the original data.
+ *                 Use #MBEDTLS_MD_NONE for signing raw data.
+ * \param hashlen  The length of the message digest. Only used if \p md_alg is #MBEDTLS_MD_NONE.
+ * \param hash     The buffer holding the message digest.
+ * \param sig      The buffer holding the ciphertext.
+ *
+ * \deprecated     It is deprecated and discouraged to call this function
+ *                 in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library
+ *                 are likely to remove the \p mode argument and have it
+ *                 set to #MBEDTLS_RSA_PUBLIC.
+ *
+ * \note           Alternative implementations of RSA need not support
+ *                 mode being set to #MBEDTLS_RSA_PRIVATE and might instead
+ *                 return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION.
+ *
+ * \return         \c 0 if the verify operation was successful,
+ *                 or an \c MBEDTLS_ERR_RSA_XXX error code
+ *                 on failure.
+ *
+ * \note           The \p sig buffer must be as large as the size
+ *                 of \p ctx->N. For example, 128 Bytes if RSA-1024 is used.
+ *
+ * \note           For PKCS#1 v2.1 encoding, see comments on
+ *                 mbedtls_rsa_rsassa_pss_verify() about \p md_alg and
+ *                 \p hash_id.
+ */
+int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx,
+                      int (*f_rng)(void *, unsigned char *, size_t),
+                      void *p_rng,
+                      int mode,
+                      mbedtls_md_type_t md_alg,
+                      unsigned int hashlen,
+                      const unsigned char *hash,
+                      const unsigned char *sig );
+
+/**
+ * \brief          This function performs a PKCS#1 v1.5 verification
+ *                 operation (RSASSA-PKCS1-v1_5-VERIFY).
+ *
+ * \param ctx      The RSA public key context.
+ * \param f_rng    The RNG function. Only needed for #MBEDTLS_RSA_PRIVATE.
+ * \param p_rng    The RNG parameter.
+ * \param mode     #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE.
+ * \param md_alg   The message-digest algorithm used to hash the original data.
+ *                 Use #MBEDTLS_MD_NONE for signing raw data.
+ * \param hashlen  The length of the message digest. Only used if \p md_alg is #MBEDTLS_MD_NONE.
+ * \param hash     The buffer holding the message digest.
+ * \param sig      The buffer holding the ciphertext.
+ *
+ * \deprecated     It is deprecated and discouraged to call this function
+ *                 in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library
+ *                 are likely to remove the \p mode argument and have it
+ *                 set to #MBEDTLS_RSA_PUBLIC.
+ *
+ * \note           Alternative implementations of RSA need not support
+ *                 mode being set to #MBEDTLS_RSA_PRIVATE and might instead
+ *                 return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION.
+ *
+ * \return         \c 0 if the verify operation was successful,
+ *                 or an \c MBEDTLS_ERR_RSA_XXX error code
+ *                 on failure.
+ *
+ * \note           The \p sig buffer must be as large as the size
+ *                 of \p ctx->N. For example, 128 Bytes if RSA-1024 is used.
+ */
+int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx,
+                                 int (*f_rng)(void *, unsigned char *, size_t),
+                                 void *p_rng,
+                                 int mode,
+                                 mbedtls_md_type_t md_alg,
+                                 unsigned int hashlen,
+                                 const unsigned char *hash,
+                                 const unsigned char *sig );
+
+/**
+ * \brief          This function performs a PKCS#1 v2.1 PSS verification
+ *                 operation (RSASSA-PSS-VERIFY).
+ *
+ *                 The hash function for the MGF mask generating function
+ *                 is that specified in the RSA context.
+ *
+ * \param ctx      The RSA public key context.
+ * \param f_rng    The RNG function. Only needed for #MBEDTLS_RSA_PRIVATE.
+ * \param p_rng    The RNG parameter.
+ * \param mode     #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE.
+ * \param md_alg   The message-digest algorithm used to hash the original data.
+ *                 Use #MBEDTLS_MD_NONE for signing raw data.
+ * \param hashlen  The length of the message digest. Only used if \p md_alg is #MBEDTLS_MD_NONE.
+ * \param hash     The buffer holding the message digest.
+ * \param sig      The buffer holding the ciphertext.
+ *
+ * \deprecated     It is deprecated and discouraged to call this function
+ *                 in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library
+ *                 are likely to remove the \p mode argument and have it
+ *                 implicitly set to #MBEDTLS_RSA_PUBLIC.
+ *
+ * \note           Alternative implementations of RSA need not support
+ *                 mode being set to #MBEDTLS_RSA_PRIVATE and might instead
+ *                 return #MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION.
+ *
+ * \return         \c 0 if the verify operation was successful,
+ *                 or an \c MBEDTLS_ERR_RSA_XXX error code
+ *                 on failure.
+ *
+ * \note           The \p sig buffer must be as large as the size
+ *                 of \p ctx->N. For example, 128 Bytes if RSA-1024 is used.
+ *
+ * \note           The \p hash_id in the RSA context is the one used for the
+ *                 verification. \p md_alg in the function call is the type of
+ *                 hash that is verified. According to <em>RFC-3447: Public-Key
+ *                 Cryptography Standards (PKCS) #1 v2.1: RSA Cryptography
+ *                 Specifications</em> it is advised to keep both hashes the
+ *                 same. If \p hash_id in the RSA context is unset,
+ *                 the \p md_alg from the function call is used.
+ */
+int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
+                           int (*f_rng)(void *, unsigned char *, size_t),
+                           void *p_rng,
+                           int mode,
+                           mbedtls_md_type_t md_alg,
+                           unsigned int hashlen,
+                           const unsigned char *hash,
+                           const unsigned char *sig );
+
+/**
+ * \brief          This function performs a PKCS#1 v2.1 PSS verification
+ *                 operation (RSASSA-PSS-VERIFY).
+ *
+ *                 The hash function for the MGF mask generating function
+ *                 is that specified in \p mgf1_hash_id.
+ *
+ * \param ctx      The RSA public key context.
+ * \param f_rng    The RNG function. Only needed for #MBEDTLS_RSA_PRIVATE.
+ * \param p_rng    The RNG parameter.
+ * \param mode     #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE.
+ * \param md_alg   The message-digest algorithm used to hash the original data.
+ *                 Use #MBEDTLS_MD_NONE for signing raw data.
+ * \param hashlen  The length of the message digest. Only used if \p md_alg is #MBEDTLS_MD_NONE.
+ * \param hash     The buffer holding the message digest.
+ * \param mgf1_hash_id The message digest used for mask generation.
+ * \param expected_salt_len The length of the salt used in padding. Use
+ *                 #MBEDTLS_RSA_SALT_LEN_ANY to accept any salt length.
+ * \param sig      The buffer holding the ciphertext.
+ *
+ * \return         \c 0 if the verify operation was successful,
+ *                 or an \c MBEDTLS_ERR_RSA_XXX error code
+ *                 on failure.
+ *
+ * \note           The \p sig buffer must be as large as the size
+ *                 of \p ctx->N. For example, 128 Bytes if RSA-1024 is used.
+ *
+ * \note           The \p hash_id in the RSA context is ignored.
+ */
+int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
+                               int (*f_rng)(void *, unsigned char *, size_t),
+                               void *p_rng,
+                               int mode,
+                               mbedtls_md_type_t md_alg,
+                               unsigned int hashlen,
+                               const unsigned char *hash,
+                               mbedtls_md_type_t mgf1_hash_id,
+                               int expected_salt_len,
+                               const unsigned char *sig );
+
+/**
+ * \brief          This function copies the components of an RSA context.
+ *
+ * \param dst      The destination context.
+ * \param src      The source context.
+ *
+ * \return         \c 0 on success,
+ *                 #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory allocation failure.
+ */
+int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src );
+
+/**
+ * \brief          This function frees the components of an RSA key.
+ *
+ * \param ctx      The RSA Context to free.
+ */
+void mbedtls_rsa_free( mbedtls_rsa_context *ctx );
+
+#ifdef __cplusplus
+}
+#endif
+
+#else  /* MBEDTLS_RSA_ALT */
+#include "rsa_alt.h"
+#endif /* MBEDTLS_RSA_ALT */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          The RSA checkup routine.
+ *
+ * \return         \c 0 on success, or \c 1 on failure.
+ */
+int mbedtls_rsa_self_test( int verbose );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* rsa.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/rsa_internal.h b/thirdparty/mbedtls/include/mbedtls/rsa_internal.h
new file mode 100644
index 0000000000..bcb3c9401d
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/rsa_internal.h
@@ -0,0 +1,216 @@
+/**
+ * \file rsa_internal.h
+ *
+ * \brief Context-independent RSA helper functions
+ */
+/*
+ *  Copyright (C) 2006-2017, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ *
+ *
+ *  This file declares some RSA-related helper functions useful when
+ *  implementing the RSA interface. They are public and provided in a
+ *  separate compilation unit in order to make it easy for designers of
+ *  alternative RSA implementations to use them in their code, as it is
+ *  conceived that the functionality they provide will be necessary
+ *  for most complete implementations.
+ *
+ *  End-users of Mbed TLS not intending to re-implement the RSA functionality
+ *  are not expected to get into the need of making use of these functions directly,
+ *  but instead should be able to use the functions declared in rsa.h.
+ *
+ *  There are two classes of helper functions:
+ *  (1) Parameter-generating helpers. These are:
+ *      - mbedtls_rsa_deduce_primes
+ *      - mbedtls_rsa_deduce_private_exponent
+ *      - mbedtls_rsa_deduce_crt
+ *       Each of these functions takes a set of core RSA parameters
+ *       and generates some other, or CRT related parameters.
+ *  (2) Parameter-checking helpers. These are:
+ *      - mbedtls_rsa_validate_params
+ *      - mbedtls_rsa_validate_crt
+ *      They take a set of core or CRT related RSA parameters
+ *      and check their validity.
+ *
+ */
+
+#ifndef MBEDTLS_RSA_INTERNAL_H
+#define MBEDTLS_RSA_INTERNAL_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "bignum.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+/**
+ * \brief          Compute RSA prime moduli P, Q from public modulus N=PQ
+ *                 and a pair of private and public key.
+ *
+ * \note           This is a 'static' helper function not operating on
+ *                 an RSA context. Alternative implementations need not
+ *                 overwrite it.
+ *
+ * \param N        RSA modulus N = PQ, with P, Q to be found
+ * \param E        RSA public exponent
+ * \param D        RSA private exponent
+ * \param P        Pointer to MPI holding first prime factor of N on success
+ * \param Q        Pointer to MPI holding second prime factor of N on success
+ *
+ * \return
+ *                 - 0 if successful. In this case, P and Q constitute a
+ *                   factorization of N.
+ *                 - A non-zero error code otherwise.
+ *
+ * \note           It is neither checked that P, Q are prime nor that
+ *                 D, E are modular inverses wrt. P-1 and Q-1. For that,
+ *                 use the helper function \c mbedtls_rsa_validate_params.
+ *
+ */
+int mbedtls_rsa_deduce_primes( mbedtls_mpi const *N, mbedtls_mpi const *E,
+                               mbedtls_mpi const *D,
+                               mbedtls_mpi *P, mbedtls_mpi *Q );
+
+/**
+ * \brief          Compute RSA private exponent from
+ *                 prime moduli and public key.
+ *
+ * \note           This is a 'static' helper function not operating on
+ *                 an RSA context. Alternative implementations need not
+ *                 overwrite it.
+ *
+ * \param P        First prime factor of RSA modulus
+ * \param Q        Second prime factor of RSA modulus
+ * \param E        RSA public exponent
+ * \param D        Pointer to MPI holding the private exponent on success.
+ *
+ * \return
+ *                 - 0 if successful. In this case, D is set to a simultaneous
+ *                   modular inverse of E modulo both P-1 and Q-1.
+ *                 - A non-zero error code otherwise.
+ *
+ * \note           This function does not check whether P and Q are primes.
+ *
+ */
+int mbedtls_rsa_deduce_private_exponent( mbedtls_mpi const *P,
+                                         mbedtls_mpi const *Q,
+                                         mbedtls_mpi const *E,
+                                         mbedtls_mpi *D );
+
+
+/**
+ * \brief          Generate RSA-CRT parameters
+ *
+ * \note           This is a 'static' helper function not operating on
+ *                 an RSA context. Alternative implementations need not
+ *                 overwrite it.
+ *
+ * \param P        First prime factor of N
+ * \param Q        Second prime factor of N
+ * \param D        RSA private exponent
+ * \param DP       Output variable for D modulo P-1
+ * \param DQ       Output variable for D modulo Q-1
+ * \param QP       Output variable for the modular inverse of Q modulo P.
+ *
+ * \return         0 on success, non-zero error code otherwise.
+ *
+ * \note           This function does not check whether P, Q are
+ *                 prime and whether D is a valid private exponent.
+ *
+ */
+int mbedtls_rsa_deduce_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q,
+                            const mbedtls_mpi *D, mbedtls_mpi *DP,
+                            mbedtls_mpi *DQ, mbedtls_mpi *QP );
+
+
+/**
+ * \brief          Check validity of core RSA parameters
+ *
+ * \note           This is a 'static' helper function not operating on
+ *                 an RSA context. Alternative implementations need not
+ *                 overwrite it.
+ *
+ * \param N        RSA modulus N = PQ
+ * \param P        First prime factor of N
+ * \param Q        Second prime factor of N
+ * \param D        RSA private exponent
+ * \param E        RSA public exponent
+ * \param f_rng    PRNG to be used for primality check, or NULL
+ * \param p_rng    PRNG context for f_rng, or NULL
+ *
+ * \return
+ *                 - 0 if the following conditions are satisfied
+ *                   if all relevant parameters are provided:
+ *                    - P prime if f_rng != NULL (%)
+ *                    - Q prime if f_rng != NULL (%)
+ *                    - 1 < N = P * Q
+ *                    - 1 < D, E < N
+ *                    - D and E are modular inverses modulo P-1 and Q-1
+ *                   (%) This is only done if MBEDTLS_GENPRIME is defined.
+ *                 - A non-zero error code otherwise.
+ *
+ * \note           The function can be used with a restricted set of arguments
+ *                 to perform specific checks only. E.g., calling it with
+ *                 (-,P,-,-,-) and a PRNG amounts to a primality check for P.
+ */
+int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P,
+                                 const mbedtls_mpi *Q, const mbedtls_mpi *D,
+                                 const mbedtls_mpi *E,
+                                 int (*f_rng)(void *, unsigned char *, size_t),
+                                 void *p_rng );
+
+/**
+ * \brief          Check validity of RSA CRT parameters
+ *
+ * \note           This is a 'static' helper function not operating on
+ *                 an RSA context. Alternative implementations need not
+ *                 overwrite it.
+ *
+ * \param P        First prime factor of RSA modulus
+ * \param Q        Second prime factor of RSA modulus
+ * \param D        RSA private exponent
+ * \param DP       MPI to check for D modulo P-1
+ * \param DQ       MPI to check for D modulo P-1
+ * \param QP       MPI to check for the modular inverse of Q modulo P.
+ *
+ * \return
+ *                 - 0 if the following conditions are satisfied:
+ *                    - D = DP mod P-1 if P, D, DP != NULL
+ *                    - Q = DQ mod P-1 if P, D, DQ != NULL
+ *                    - QP = Q^-1 mod P if P, Q, QP != NULL
+ *                 - \c MBEDTLS_ERR_RSA_KEY_CHECK_FAILED if check failed,
+ *                   potentially including \c MBEDTLS_ERR_MPI_XXX if some
+ *                   MPI calculations failed.
+ *                 - \c MBEDTLS_ERR_RSA_BAD_INPUT_DATA if insufficient
+ *                   data was provided to check DP, DQ or QP.
+ *
+ * \note           The function can be used with a restricted set of arguments
+ *                 to perform specific checks only. E.g., calling it with the
+ *                 parameters (P, -, D, DP, -, -) will check DP = D mod P-1.
+ */
+int mbedtls_rsa_validate_crt( const mbedtls_mpi *P,  const mbedtls_mpi *Q,
+                              const mbedtls_mpi *D,  const mbedtls_mpi *DP,
+                              const mbedtls_mpi *DQ, const mbedtls_mpi *QP );
+
+#endif /* rsa_internal.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/sha1.h b/thirdparty/mbedtls/include/mbedtls/sha1.h
new file mode 100644
index 0000000000..e4f8650216
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/sha1.h
@@ -0,0 +1,346 @@
+/**
+ * \file sha1.h
+ *
+ * \brief The SHA-1 cryptographic hash function.
+ *
+ * \warning   SHA-1 is considered a weak message digest and its use constitutes
+ *            a security risk. We recommend considering stronger message
+ *            digests instead.
+ */
+/*
+ *  Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_SHA1_H
+#define MBEDTLS_SHA1_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+#include <stdint.h>
+
+#define MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED                  -0x0035  /**< SHA-1 hardware accelerator failed */
+
+#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
+#if !defined(MBEDTLS_SHA1_ALT)
+// Regular implementation
+//
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          The SHA-1 context structure.
+ *
+ * \warning        SHA-1 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+typedef struct
+{
+    uint32_t total[2];          /*!< The number of Bytes processed.  */
+    uint32_t state[5];          /*!< The intermediate digest state.  */
+    unsigned char buffer[64];   /*!< The data block being processed. */
+}
+mbedtls_sha1_context;
+
+/**
+ * \brief          This function initializes a SHA-1 context.
+ *
+ * \param ctx      The SHA-1 context to initialize.
+ *
+ * \warning        SHA-1 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_sha1_init( mbedtls_sha1_context *ctx );
+
+/**
+ * \brief          This function clears a SHA-1 context.
+ *
+ * \param ctx      The SHA-1 context to clear.
+ *
+ * \warning        SHA-1 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_sha1_free( mbedtls_sha1_context *ctx );
+
+/**
+ * \brief          This function clones the state of a SHA-1 context.
+ *
+ * \param dst      The destination context.
+ * \param src      The context to clone.
+ *
+ * \warning        SHA-1 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
+                         const mbedtls_sha1_context *src );
+
+/**
+ * \brief          This function starts a SHA-1 checksum calculation.
+ *
+ * \param ctx      The context to initialize.
+ *
+ * \return         \c 0 if successful
+ *
+ * \warning        SHA-1 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx );
+
+/**
+ * \brief          This function feeds an input buffer into an ongoing SHA-1
+ *                 checksum calculation.
+ *
+ * \param ctx      The SHA-1 context.
+ * \param input    The buffer holding the input data.
+ * \param ilen     The length of the input data.
+ *
+ * \return         \c 0 if successful
+ *
+ * \warning        SHA-1 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx,
+                             const unsigned char *input,
+                             size_t ilen );
+
+/**
+ * \brief          This function finishes the SHA-1 operation, and writes
+ *                 the result to the output buffer.
+ *
+ * \param ctx      The SHA-1 context.
+ * \param output   The SHA-1 checksum result.
+ *
+ * \return         \c 0 if successful
+ *
+ * \warning        SHA-1 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx,
+                             unsigned char output[20] );
+
+/**
+ * \brief          SHA-1 process data block (internal use only)
+ *
+ * \param ctx      SHA-1 context
+ * \param data     The data block being processed.
+ *
+ * \return         \c 0 if successful
+ *
+ * \warning        SHA-1 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
+                                   const unsigned char data[64] );
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief          SHA-1 context setup
+ *
+ * \deprecated     Superseded by mbedtls_sha1_starts_ret() in 2.7.0
+ *
+ * \param ctx      The SHA-1 context to be initialized.
+ *
+ * \warning        SHA-1 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_sha1_starts(
+                                                mbedtls_sha1_context *ctx )
+{
+    mbedtls_sha1_starts_ret( ctx );
+}
+
+/**
+ * \brief          SHA-1 process buffer
+ *
+ * \deprecated     Superseded by mbedtls_sha1_update_ret() in 2.7.0
+ *
+ * \param ctx      The SHA-1 context.
+ * \param input    The buffer holding the input data.
+ * \param ilen     The length of the input data.
+ *
+ * \warning        SHA-1 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_sha1_update(
+                                                mbedtls_sha1_context *ctx,
+                                                const unsigned char *input,
+                                                size_t ilen )
+{
+    mbedtls_sha1_update_ret( ctx, input, ilen );
+}
+
+/**
+ * \brief          SHA-1 final digest
+ *
+ * \deprecated     Superseded by mbedtls_sha1_finish_ret() in 2.7.0
+ *
+ * \param ctx      The SHA-1 context.
+ * \param output   The SHA-1 checksum result.
+ *
+ * \warning        SHA-1 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_sha1_finish(
+                                                mbedtls_sha1_context *ctx,
+                                                unsigned char output[20] )
+{
+    mbedtls_sha1_finish_ret( ctx, output );
+}
+
+/**
+ * \brief          SHA-1 process data block (internal use only)
+ *
+ * \deprecated     Superseded by mbedtls_internal_sha1_process() in 2.7.0
+ *
+ * \param ctx      The SHA-1 context.
+ * \param data     The data block being processed.
+ *
+ * \warning        SHA-1 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_sha1_process(
+                                                mbedtls_sha1_context *ctx,
+                                                const unsigned char data[64] )
+{
+    mbedtls_internal_sha1_process( ctx, data );
+}
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
+#ifdef __cplusplus
+}
+#endif
+
+#else  /* MBEDTLS_SHA1_ALT */
+#include "sha1_alt.h"
+#endif /* MBEDTLS_SHA1_ALT */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          This function calculates the SHA-1 checksum of a buffer.
+ *
+ *                 The function allocates the context, performs the
+ *                 calculation, and frees the context.
+ *
+ *                 The SHA-1 result is calculated as
+ *                 output = SHA-1(input buffer).
+ *
+ * \param input    The buffer holding the input data.
+ * \param ilen     The length of the input data.
+ * \param output   The SHA-1 checksum result.
+ *
+ * \return         \c 0 if successful
+ *
+ * \warning        SHA-1 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_sha1_ret( const unsigned char *input,
+                      size_t ilen,
+                      unsigned char output[20] );
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief          Output = SHA-1( input buffer )
+ *
+ * \deprecated     Superseded by mbedtls_sha1_ret() in 2.7.0
+ *
+ * \param input    The buffer holding the input data.
+ * \param ilen     The length of the input data.
+ * \param output   The SHA-1 checksum result.
+ *
+ * \warning        SHA-1 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_sha1( const unsigned char *input,
+                                                    size_t ilen,
+                                                    unsigned char output[20] )
+{
+    mbedtls_sha1_ret( input, ilen, output );
+}
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
+/**
+ * \brief          The SHA-1 checkup routine.
+ *
+ * \return         \c 0 on success, or \c 1 on failure.
+ *
+ * \warning        SHA-1 is considered a weak message digest and its use
+ *                 constitutes a security risk. We recommend considering
+ *                 stronger message digests instead.
+ *
+ */
+int mbedtls_sha1_self_test( int verbose );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* mbedtls_sha1.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/sha256.h b/thirdparty/mbedtls/include/mbedtls/sha256.h
new file mode 100644
index 0000000000..a2b6e11644
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/sha256.h
@@ -0,0 +1,302 @@
+/**
+ * \file sha256.h
+ *
+ * \brief The SHA-224 and SHA-256 cryptographic hash function.
+ */
+/*
+ *  Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_SHA256_H
+#define MBEDTLS_SHA256_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+#include <stdint.h>
+
+#define MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED                -0x0037  /**< SHA-256 hardware accelerator failed */
+
+#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+#if !defined(MBEDTLS_SHA256_ALT)
+// Regular implementation
+//
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          The SHA-256 context structure.
+ *
+ *                 The structure is used both for SHA-256 and for SHA-224
+ *                 checksum calculations. The choice between these two is
+ *                 made in the call to mbedtls_sha256_starts_ret().
+ */
+typedef struct
+{
+    uint32_t total[2];          /*!< The number of Bytes processed.  */
+    uint32_t state[8];          /*!< The intermediate digest state.  */
+    unsigned char buffer[64];   /*!< The data block being processed. */
+    int is224;                  /*!< Determines which function to use.
+                                     <ul><li>0: Use SHA-256.</li>
+                                     <li>1: Use SHA-224.</li></ul> */
+}
+mbedtls_sha256_context;
+
+/**
+ * \brief          This function initializes a SHA-256 context.
+ *
+ * \param ctx      The SHA-256 context to initialize.
+ */
+void mbedtls_sha256_init( mbedtls_sha256_context *ctx );
+
+/**
+ * \brief          This function clears a SHA-256 context.
+ *
+ * \param ctx      The SHA-256 context to clear.
+ */
+void mbedtls_sha256_free( mbedtls_sha256_context *ctx );
+
+/**
+ * \brief          This function clones the state of a SHA-256 context.
+ *
+ * \param dst      The destination context.
+ * \param src      The context to clone.
+ */
+void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
+                           const mbedtls_sha256_context *src );
+
+/**
+ * \brief          This function starts a SHA-224 or SHA-256 checksum
+ *                 calculation.
+ *
+ * \param ctx      The context to initialize.
+ * \param is224    Determines which function to use.
+ *                 <ul><li>0: Use SHA-256.</li>
+ *                 <li>1: Use SHA-224.</li></ul>
+ *
+ * \return         \c 0 on success.
+ */
+int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 );
+
+/**
+ * \brief          This function feeds an input buffer into an ongoing
+ *                 SHA-256 checksum calculation.
+ *
+ * \param ctx      SHA-256 context
+ * \param input    buffer holding the data
+ * \param ilen     length of the input data
+ *
+ * \return         \c 0 on success.
+ */
+int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
+                               const unsigned char *input,
+                               size_t ilen );
+
+/**
+ * \brief          This function finishes the SHA-256 operation, and writes
+ *                 the result to the output buffer.
+ *
+ * \param ctx      The SHA-256 context.
+ * \param output   The SHA-224 or SHA-256 checksum result.
+ *
+ * \return         \c 0 on success.
+ */
+int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
+                               unsigned char output[32] );
+
+/**
+ * \brief          This function processes a single data block within
+ *                 the ongoing SHA-256 computation. This function is for
+ *                 internal use only.
+ *
+ * \param ctx      The SHA-256 context.
+ * \param data     The buffer holding one block of data.
+ *
+ * \return         \c 0 on success.
+ */
+int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
+                                     const unsigned char data[64] );
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief          This function starts a SHA-256 checksum calculation.
+ *
+ * \deprecated     Superseded by mbedtls_sha256_starts_ret() in 2.7.0.
+ *
+ * \param ctx      The SHA-256 context to initialize.
+ * \param is224    Determines which function to use.
+ *                 <ul><li>0: Use SHA-256.</li>
+ *                 <li>1: Use SHA-224.</li></ul>
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_sha256_starts(
+                                                mbedtls_sha256_context *ctx,
+                                                int is224 )
+{
+    mbedtls_sha256_starts_ret( ctx, is224 );
+}
+
+/**
+ * \brief          This function feeds an input buffer into an ongoing
+ *                 SHA-256 checksum calculation.
+ *
+ * \deprecated     Superseded by mbedtls_sha256_update_ret() in 2.7.0.
+ *
+ * \param ctx      The SHA-256 context to initialize.
+ * \param input    The buffer holding the data.
+ * \param ilen     The length of the input data.
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_sha256_update(
+                                                mbedtls_sha256_context *ctx,
+                                                const unsigned char *input,
+                                                size_t ilen )
+{
+    mbedtls_sha256_update_ret( ctx, input, ilen );
+}
+
+/**
+ * \brief          This function finishes the SHA-256 operation, and writes
+ *                 the result to the output buffer.
+ *
+ * \deprecated     Superseded by mbedtls_sha256_finish_ret() in 2.7.0.
+ *
+ * \param ctx      The SHA-256 context.
+ * \param output   The SHA-224or SHA-256 checksum result.
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_sha256_finish(
+                                                mbedtls_sha256_context *ctx,
+                                                unsigned char output[32] )
+{
+    mbedtls_sha256_finish_ret( ctx, output );
+}
+
+/**
+ * \brief          This function processes a single data block within
+ *                 the ongoing SHA-256 computation. This function is for
+ *                 internal use only.
+ *
+ * \deprecated     Superseded by mbedtls_internal_sha256_process() in 2.7.0.
+ *
+ * \param ctx      The SHA-256 context.
+ * \param data     The buffer holding one block of data.
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_sha256_process(
+                                                mbedtls_sha256_context *ctx,
+                                                const unsigned char data[64] )
+{
+    mbedtls_internal_sha256_process( ctx, data );
+}
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+#ifdef __cplusplus
+}
+#endif
+
+#else  /* MBEDTLS_SHA256_ALT */
+#include "sha256_alt.h"
+#endif /* MBEDTLS_SHA256_ALT */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          This function calculates the SHA-224 or SHA-256
+ *                 checksum of a buffer.
+ *
+ *                 The function allocates the context, performs the
+ *                 calculation, and frees the context.
+ *
+ *                 The SHA-256 result is calculated as
+ *                 output = SHA-256(input buffer).
+ *
+ * \param input    The buffer holding the input data.
+ * \param ilen     The length of the input data.
+ * \param output   The SHA-224 or SHA-256 checksum result.
+ * \param is224    Determines which function to use.
+ *                 <ul><li>0: Use SHA-256.</li>
+ *                 <li>1: Use SHA-224.</li></ul>
+ */
+int mbedtls_sha256_ret( const unsigned char *input,
+                        size_t ilen,
+                        unsigned char output[32],
+                        int is224 );
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+
+/**
+ * \brief          This function calculates the SHA-224 or SHA-256 checksum
+ *                 of a buffer.
+ *
+ *                 The function allocates the context, performs the
+ *                 calculation, and frees the context.
+ *
+ *                 The SHA-256 result is calculated as
+ *                 output = SHA-256(input buffer).
+ *
+ * \deprecated     Superseded by mbedtls_sha256_ret() in 2.7.0.
+ *
+ * \param input    The buffer holding the data.
+ * \param ilen     The length of the input data.
+ * \param output   The SHA-224 or SHA-256 checksum result.
+ * \param is224    Determines which function to use.
+ *                 <ul><li>0: Use SHA-256.</li>
+ *                 <li>1: Use SHA-224.</li></ul>
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_sha256(
+                                                    const unsigned char *input,
+                                                    size_t ilen,
+                                                    unsigned char output[32],
+                                                    int is224 )
+{
+    mbedtls_sha256_ret( input, ilen, output, is224 );
+}
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
+/**
+ * \brief          The SHA-224 and SHA-256 checkup routine.
+ *
+ * \return         \c 0 on success, or \c 1 on failure.
+ */
+int mbedtls_sha256_self_test( int verbose );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* mbedtls_sha256.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/sha512.h b/thirdparty/mbedtls/include/mbedtls/sha512.h
new file mode 100644
index 0000000000..52ae204d44
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/sha512.h
@@ -0,0 +1,303 @@
+/**
+ * \file sha512.h
+ *
+ * \brief The SHA-384 and SHA-512 cryptographic hash function.
+ */
+/*
+ *  Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_SHA512_H
+#define MBEDTLS_SHA512_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+#include <stdint.h>
+
+#define MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED                -0x0039  /**< SHA-512 hardware accelerator failed */
+
+#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+#if !defined(MBEDTLS_SHA512_ALT)
+// Regular implementation
+//
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          The SHA-512 context structure.
+ *
+ *                 The structure is used both for SHA-384 and for SHA-512
+ *                 checksum calculations. The choice between these two is
+ *                 made in the call to mbedtls_sha512_starts_ret().
+ */
+typedef struct
+{
+    uint64_t total[2];          /*!< The number of Bytes processed. */
+    uint64_t state[8];          /*!< The intermediate digest state. */
+    unsigned char buffer[128];  /*!< The data block being processed. */
+    int is384;                  /*!< Determines which function to use.
+                                 *   <ul><li>0: Use SHA-512.</li>
+                                 *   <li>1: Use SHA-384.</li></ul> */
+}
+mbedtls_sha512_context;
+
+/**
+ * \brief          This function initializes a SHA-512 context.
+ *
+ * \param ctx      The SHA-512 context to initialize.
+ */
+void mbedtls_sha512_init( mbedtls_sha512_context *ctx );
+
+/**
+ * \brief          This function clears a SHA-512 context.
+ *
+ * \param ctx      The SHA-512 context to clear.
+ */
+void mbedtls_sha512_free( mbedtls_sha512_context *ctx );
+
+/**
+ * \brief          This function clones the state of a SHA-512 context.
+ *
+ * \param dst      The destination context.
+ * \param src      The context to clone.
+ */
+void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
+                           const mbedtls_sha512_context *src );
+
+/**
+ * \brief          This function starts a SHA-384 or SHA-512 checksum
+ *                 calculation.
+ *
+ * \param ctx      The SHA-512 context to initialize.
+ * \param is384    Determines which function to use.
+ *                 <ul><li>0: Use SHA-512.</li>
+ *                 <li>1: Use SHA-384.</li></ul>
+ *
+ * \return         \c 0 on success.
+ */
+int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 );
+
+/**
+ * \brief          This function feeds an input buffer into an ongoing
+ *                 SHA-512 checksum calculation.
+ *
+ * \param ctx      The SHA-512 context.
+ * \param input    The buffer holding the input data.
+ * \param ilen     The length of the input data.
+ *
+ * \return         \c 0 on success.
+ */
+int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx,
+                    const unsigned char *input,
+                    size_t ilen );
+
+/**
+ * \brief          This function finishes the SHA-512 operation, and writes
+ *                 the result to the output buffer. This function is for
+ *                 internal use only.
+ *
+ * \param ctx      The SHA-512 context.
+ * \param output   The SHA-384 or SHA-512 checksum result.
+ *
+ * \return         \c 0 on success.
+ */
+int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx,
+                               unsigned char output[64] );
+
+/**
+ * \brief          This function processes a single data block within
+ *                 the ongoing SHA-512 computation.
+ *
+ * \param ctx      The SHA-512 context.
+ * \param data     The buffer holding one block of data.
+ *
+ * \return         \c 0 on success.
+ */
+int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx,
+                                     const unsigned char data[128] );
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief          This function starts a SHA-384 or SHA-512 checksum
+ *                 calculation.
+ *
+ * \deprecated     Superseded by mbedtls_sha512_starts_ret() in 2.7.0
+ *
+ * \param ctx      The SHA-512 context to initialize.
+ * \param is384    Determines which function to use.
+ *                 <ul><li>0: Use SHA-512.</li>
+ *                 <li>1: Use SHA-384.</li></ul>
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_sha512_starts(
+                                                mbedtls_sha512_context *ctx,
+                                                int is384 )
+{
+    mbedtls_sha512_starts_ret( ctx, is384 );
+}
+
+/**
+ * \brief          This function feeds an input buffer into an ongoing
+ *                 SHA-512 checksum calculation.
+ *
+ * \deprecated     Superseded by mbedtls_sha512_update_ret() in 2.7.0
+ *
+ * \param ctx      The SHA-512 context.
+ * \param input    The buffer holding the data.
+ * \param ilen     The length of the input data.
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_sha512_update(
+                                                mbedtls_sha512_context *ctx,
+                                                const unsigned char *input,
+                                                size_t ilen )
+{
+    mbedtls_sha512_update_ret( ctx, input, ilen );
+}
+
+/**
+ * \brief          This function finishes the SHA-512 operation, and writes
+ *                 the result to the output buffer.
+ *
+ * \deprecated     Superseded by mbedtls_sha512_finish_ret() in 2.7.0
+ *
+ * \param ctx      The SHA-512 context.
+ * \param output   The SHA-384 or SHA-512 checksum result.
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_sha512_finish(
+                                                mbedtls_sha512_context *ctx,
+                                                unsigned char output[64] )
+{
+    mbedtls_sha512_finish_ret( ctx, output );
+}
+
+/**
+ * \brief          This function processes a single data block within
+ *                 the ongoing SHA-512 computation. This function is for
+ *                 internal use only.
+ *
+ * \deprecated     Superseded by mbedtls_internal_sha512_process() in 2.7.0
+ *
+ * \param ctx      The SHA-512 context.
+ * \param data     The buffer holding one block of data.
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_sha512_process(
+                                            mbedtls_sha512_context *ctx,
+                                            const unsigned char data[128] )
+{
+    mbedtls_internal_sha512_process( ctx, data );
+}
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+
+#ifdef __cplusplus
+}
+#endif
+
+#else  /* MBEDTLS_SHA512_ALT */
+#include "sha512_alt.h"
+#endif /* MBEDTLS_SHA512_ALT */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          This function calculates the SHA-512 or SHA-384
+ *                 checksum of a buffer.
+ *
+ *                 The function allocates the context, performs the
+ *                 calculation, and frees the context.
+ *
+ *                 The SHA-512 result is calculated as
+ *                 output = SHA-512(input buffer).
+ *
+ * \param input    The buffer holding the input data.
+ * \param ilen     The length of the input data.
+ * \param output   The SHA-384 or SHA-512 checksum result.
+ * \param is384    Determines which function to use.
+ *                 <ul><li>0: Use SHA-512.</li>
+ *                 <li>1: Use SHA-384.</li></ul>
+ *
+ * \return         \c 0 on success.
+ */
+int mbedtls_sha512_ret( const unsigned char *input,
+                        size_t ilen,
+                        unsigned char output[64],
+                        int is384 );
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED      __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+/**
+ * \brief          This function calculates the SHA-512 or SHA-384
+ *                 checksum of a buffer.
+ *
+ *                 The function allocates the context, performs the
+ *                 calculation, and frees the context.
+ *
+ *                 The SHA-512 result is calculated as
+ *                 output = SHA-512(input buffer).
+ *
+ * \deprecated     Superseded by mbedtls_sha512_ret() in 2.7.0
+ *
+ * \param input    The buffer holding the data.
+ * \param ilen     The length of the input data.
+ * \param output   The SHA-384 or SHA-512 checksum result.
+ * \param is384    Determines which function to use.
+ *                 <ul><li>0: Use SHA-512.</li>
+ *                 <li>1: Use SHA-384.</li></ul>
+ */
+MBEDTLS_DEPRECATED static inline void mbedtls_sha512(
+                                                    const unsigned char *input,
+                                                    size_t ilen,
+                                                    unsigned char output[64],
+                                                    int is384 )
+{
+    mbedtls_sha512_ret( input, ilen, output, is384 );
+}
+
+#undef MBEDTLS_DEPRECATED
+#endif /* !MBEDTLS_DEPRECATED_REMOVED */
+ /**
+ * \brief          The SHA-384 or SHA-512 checkup routine.
+ *
+ * \return         \c 0 on success, or \c 1 on failure.
+ */
+int mbedtls_sha512_self_test( int verbose );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* mbedtls_sha512.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/ssl.h b/thirdparty/mbedtls/include/mbedtls/ssl.h
new file mode 100644
index 0000000000..51e843ae24
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/ssl.h
@@ -0,0 +1,2623 @@
+/**
+ * \file ssl.h
+ *
+ * \brief SSL/TLS functions.
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_SSL_H
+#define MBEDTLS_SSL_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "bignum.h"
+#include "ecp.h"
+
+#include "ssl_ciphersuites.h"
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#include "x509_crt.h"
+#include "x509_crl.h"
+#endif
+
+#if defined(MBEDTLS_DHM_C)
+#include "dhm.h"
+#endif
+
+#if defined(MBEDTLS_ECDH_C)
+#include "ecdh.h"
+#endif
+
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+#include "zlib.h"
+#endif
+
+#if defined(MBEDTLS_HAVE_TIME)
+#include "mbedtls/platform_time.h"
+#endif
+
+/*
+ * SSL Error codes
+ */
+#define MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE               -0x7080  /**< The requested feature is not available. */
+#define MBEDTLS_ERR_SSL_BAD_INPUT_DATA                    -0x7100  /**< Bad input parameters to function. */
+#define MBEDTLS_ERR_SSL_INVALID_MAC                       -0x7180  /**< Verification of the message MAC failed. */
+#define MBEDTLS_ERR_SSL_INVALID_RECORD                    -0x7200  /**< An invalid SSL record was received. */
+#define MBEDTLS_ERR_SSL_CONN_EOF                          -0x7280  /**< The connection indicated an EOF. */
+#define MBEDTLS_ERR_SSL_UNKNOWN_CIPHER                    -0x7300  /**< An unknown cipher was received. */
+#define MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN                  -0x7380  /**< The server has no ciphersuites in common with the client. */
+#define MBEDTLS_ERR_SSL_NO_RNG                            -0x7400  /**< No RNG was provided to the SSL module. */
+#define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE             -0x7480  /**< No client certification received from the client, but required by the authentication mode. */
+#define MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE             -0x7500  /**< Our own certificate(s) is/are too large to send in an SSL message. */
+#define MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED              -0x7580  /**< The own certificate is not set, but needed by the server. */
+#define MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED              -0x7600  /**< The own private key or pre-shared key is not set, but needed. */
+#define MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED                 -0x7680  /**< No CA Chain is set, but required to operate. */
+#define MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE                -0x7700  /**< An unexpected message was received from our peer. */
+#define MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE               -0x7780  /**< A fatal alert message was received from our peer. */
+#define MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED                -0x7800  /**< Verification of our peer failed. */
+#define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY                 -0x7880  /**< The peer notified us that the connection is going to be closed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO               -0x7900  /**< Processing of the ClientHello handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO               -0x7980  /**< Processing of the ServerHello handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE                -0x7A00  /**< Processing of the Certificate handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST        -0x7A80  /**< Processing of the CertificateRequest handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE        -0x7B00  /**< Processing of the ServerKeyExchange handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE          -0x7B80  /**< Processing of the ServerHelloDone handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE        -0x7C00  /**< Processing of the ClientKeyExchange handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP     -0x7C80  /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS     -0x7D00  /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY         -0x7D80  /**< Processing of the CertificateVerify handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC         -0x7E00  /**< Processing of the ChangeCipherSpec handshake message failed. */
+#define MBEDTLS_ERR_SSL_BAD_HS_FINISHED                   -0x7E80  /**< Processing of the Finished handshake message failed. */
+#define MBEDTLS_ERR_SSL_ALLOC_FAILED                      -0x7F00  /**< Memory allocation failed */
+#define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED                   -0x7F80  /**< Hardware acceleration function returned with error */
+#define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH              -0x6F80  /**< Hardware acceleration function skipped / left alone data */
+#define MBEDTLS_ERR_SSL_COMPRESSION_FAILED                -0x6F00  /**< Processing of the compression / decompression failed */
+#define MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION           -0x6E80  /**< Handshake protocol not within min/max boundaries */
+#define MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET         -0x6E00  /**< Processing of the NewSessionTicket handshake message failed. */
+#define MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED            -0x6D80  /**< Session ticket has expired. */
+#define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH                  -0x6D00  /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */
+#define MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY                  -0x6C80  /**< Unknown identity received (eg, PSK identity) */
+#define MBEDTLS_ERR_SSL_INTERNAL_ERROR                    -0x6C00  /**< Internal error (eg, unexpected failure in lower-level module) */
+#define MBEDTLS_ERR_SSL_COUNTER_WRAPPING                  -0x6B80  /**< A counter would wrap (eg, too many messages exchanged). */
+#define MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO       -0x6B00  /**< Unexpected message at ServerHello in renegotiation. */
+#define MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED             -0x6A80  /**< DTLS client must retry for hello verification */
+#define MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL                  -0x6A00  /**< A buffer is too small to receive or write a message */
+#define MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE             -0x6980  /**< None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages). */
+#define MBEDTLS_ERR_SSL_WANT_READ                         -0x6900  /**< Connection requires a read call. */
+#define MBEDTLS_ERR_SSL_WANT_WRITE                        -0x6880  /**< Connection requires a write call. */
+#define MBEDTLS_ERR_SSL_TIMEOUT                           -0x6800  /**< The operation timed out. */
+#define MBEDTLS_ERR_SSL_CLIENT_RECONNECT                  -0x6780  /**< The client initiated a reconnect from the same port. */
+#define MBEDTLS_ERR_SSL_UNEXPECTED_RECORD                 -0x6700  /**< Record header looks valid but is not expected. */
+#define MBEDTLS_ERR_SSL_NON_FATAL                         -0x6680  /**< The alert message received indicates a non-fatal error. */
+#define MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH               -0x6600  /**< Couldn't set the hash for verifying CertificateVerify */
+
+/*
+ * Various constants
+ */
+#define MBEDTLS_SSL_MAJOR_VERSION_3             3
+#define MBEDTLS_SSL_MINOR_VERSION_0             0   /*!< SSL v3.0 */
+#define MBEDTLS_SSL_MINOR_VERSION_1             1   /*!< TLS v1.0 */
+#define MBEDTLS_SSL_MINOR_VERSION_2             2   /*!< TLS v1.1 */
+#define MBEDTLS_SSL_MINOR_VERSION_3             3   /*!< TLS v1.2 */
+
+#define MBEDTLS_SSL_TRANSPORT_STREAM            0   /*!< TLS      */
+#define MBEDTLS_SSL_TRANSPORT_DATAGRAM          1   /*!< DTLS     */
+
+#define MBEDTLS_SSL_MAX_HOST_NAME_LEN           255 /*!< Maximum host name defined in RFC 1035 */
+
+/* RFC 6066 section 4, see also mfl_code_to_length in ssl_tls.c
+ * NONE must be zero so that memset()ing structure to zero works */
+#define MBEDTLS_SSL_MAX_FRAG_LEN_NONE           0   /*!< don't use this extension   */
+#define MBEDTLS_SSL_MAX_FRAG_LEN_512            1   /*!< MaxFragmentLength 2^9      */
+#define MBEDTLS_SSL_MAX_FRAG_LEN_1024           2   /*!< MaxFragmentLength 2^10     */
+#define MBEDTLS_SSL_MAX_FRAG_LEN_2048           3   /*!< MaxFragmentLength 2^11     */
+#define MBEDTLS_SSL_MAX_FRAG_LEN_4096           4   /*!< MaxFragmentLength 2^12     */
+#define MBEDTLS_SSL_MAX_FRAG_LEN_INVALID        5   /*!< first invalid value        */
+
+#define MBEDTLS_SSL_IS_CLIENT                   0
+#define MBEDTLS_SSL_IS_SERVER                   1
+
+#define MBEDTLS_SSL_IS_NOT_FALLBACK             0
+#define MBEDTLS_SSL_IS_FALLBACK                 1
+
+#define MBEDTLS_SSL_EXTENDED_MS_DISABLED        0
+#define MBEDTLS_SSL_EXTENDED_MS_ENABLED         1
+
+#define MBEDTLS_SSL_ETM_DISABLED                0
+#define MBEDTLS_SSL_ETM_ENABLED                 1
+
+#define MBEDTLS_SSL_COMPRESS_NULL               0
+#define MBEDTLS_SSL_COMPRESS_DEFLATE            1
+
+#define MBEDTLS_SSL_VERIFY_NONE                 0
+#define MBEDTLS_SSL_VERIFY_OPTIONAL             1
+#define MBEDTLS_SSL_VERIFY_REQUIRED             2
+#define MBEDTLS_SSL_VERIFY_UNSET                3 /* Used only for sni_authmode */
+
+#define MBEDTLS_SSL_LEGACY_RENEGOTIATION        0
+#define MBEDTLS_SSL_SECURE_RENEGOTIATION        1
+
+#define MBEDTLS_SSL_RENEGOTIATION_DISABLED      0
+#define MBEDTLS_SSL_RENEGOTIATION_ENABLED       1
+
+#define MBEDTLS_SSL_ANTI_REPLAY_DISABLED        0
+#define MBEDTLS_SSL_ANTI_REPLAY_ENABLED         1
+
+#define MBEDTLS_SSL_RENEGOTIATION_NOT_ENFORCED  -1
+#define MBEDTLS_SSL_RENEGO_MAX_RECORDS_DEFAULT  16
+
+#define MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION     0
+#define MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION  1
+#define MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE      2
+
+#define MBEDTLS_SSL_TRUNC_HMAC_DISABLED         0
+#define MBEDTLS_SSL_TRUNC_HMAC_ENABLED          1
+#define MBEDTLS_SSL_TRUNCATED_HMAC_LEN          10  /* 80 bits, rfc 6066 section 7 */
+
+#define MBEDTLS_SSL_SESSION_TICKETS_DISABLED     0
+#define MBEDTLS_SSL_SESSION_TICKETS_ENABLED      1
+
+#define MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED    0
+#define MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED     1
+
+#define MBEDTLS_SSL_ARC4_ENABLED                0
+#define MBEDTLS_SSL_ARC4_DISABLED               1
+
+#define MBEDTLS_SSL_PRESET_DEFAULT              0
+#define MBEDTLS_SSL_PRESET_SUITEB               2
+
+#define MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED       1
+#define MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED      0
+
+/*
+ * Default range for DTLS retransmission timer value, in milliseconds.
+ * RFC 6347 4.2.4.1 says from 1 second to 60 seconds.
+ */
+#define MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MIN    1000
+#define MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MAX   60000
+
+/**
+ * \name SECTION: Module settings
+ *
+ * The configuration options you can set for this module are in this section.
+ * Either change them in config.h or define them on the compiler command line.
+ * \{
+ */
+
+#if !defined(MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME)
+#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME     86400 /**< Lifetime of session tickets (if enabled) */
+#endif
+
+/*
+ * Maxium fragment length in bytes,
+ * determines the size of each of the two internal I/O buffers.
+ *
+ * Note: the RFC defines the default size of SSL / TLS messages. If you
+ * change the value here, other clients / servers may not be able to
+ * communicate with you anymore. Only change this value if you control
+ * both sides of the connection and have it reduced at both sides, or
+ * if you're using the Max Fragment Length extension and you know all your
+ * peers are using it too!
+ */
+#if !defined(MBEDTLS_SSL_MAX_CONTENT_LEN)
+#define MBEDTLS_SSL_MAX_CONTENT_LEN         16384   /**< Size of the input / output buffer */
+#endif
+
+/* \} name SECTION: Module settings */
+
+/*
+ * Length of the verify data for secure renegotiation
+ */
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+#define MBEDTLS_SSL_VERIFY_DATA_MAX_LEN 36
+#else
+#define MBEDTLS_SSL_VERIFY_DATA_MAX_LEN 12
+#endif
+
+/*
+ * Signaling ciphersuite values (SCSV)
+ */
+#define MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO    0xFF   /**< renegotiation info ext */
+#define MBEDTLS_SSL_FALLBACK_SCSV_VALUE         0x5600 /**< RFC 7507 section 2 */
+
+/*
+ * Supported Signature and Hash algorithms (For TLS 1.2)
+ * RFC 5246 section 7.4.1.4.1
+ */
+#define MBEDTLS_SSL_HASH_NONE                0
+#define MBEDTLS_SSL_HASH_MD5                 1
+#define MBEDTLS_SSL_HASH_SHA1                2
+#define MBEDTLS_SSL_HASH_SHA224              3
+#define MBEDTLS_SSL_HASH_SHA256              4
+#define MBEDTLS_SSL_HASH_SHA384              5
+#define MBEDTLS_SSL_HASH_SHA512              6
+
+#define MBEDTLS_SSL_SIG_ANON                 0
+#define MBEDTLS_SSL_SIG_RSA                  1
+#define MBEDTLS_SSL_SIG_ECDSA                3
+
+/*
+ * Client Certificate Types
+ * RFC 5246 section 7.4.4 plus RFC 4492 section 5.5
+ */
+#define MBEDTLS_SSL_CERT_TYPE_RSA_SIGN       1
+#define MBEDTLS_SSL_CERT_TYPE_ECDSA_SIGN    64
+
+/*
+ * Message, alert and handshake types
+ */
+#define MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC     20
+#define MBEDTLS_SSL_MSG_ALERT                  21
+#define MBEDTLS_SSL_MSG_HANDSHAKE              22
+#define MBEDTLS_SSL_MSG_APPLICATION_DATA       23
+
+#define MBEDTLS_SSL_ALERT_LEVEL_WARNING         1
+#define MBEDTLS_SSL_ALERT_LEVEL_FATAL           2
+
+#define MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY           0  /* 0x00 */
+#define MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE    10  /* 0x0A */
+#define MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC        20  /* 0x14 */
+#define MBEDTLS_SSL_ALERT_MSG_DECRYPTION_FAILED     21  /* 0x15 */
+#define MBEDTLS_SSL_ALERT_MSG_RECORD_OVERFLOW       22  /* 0x16 */
+#define MBEDTLS_SSL_ALERT_MSG_DECOMPRESSION_FAILURE 30  /* 0x1E */
+#define MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE     40  /* 0x28 */
+#define MBEDTLS_SSL_ALERT_MSG_NO_CERT               41  /* 0x29 */
+#define MBEDTLS_SSL_ALERT_MSG_BAD_CERT              42  /* 0x2A */
+#define MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT      43  /* 0x2B */
+#define MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED          44  /* 0x2C */
+#define MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED          45  /* 0x2D */
+#define MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN          46  /* 0x2E */
+#define MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER     47  /* 0x2F */
+#define MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA            48  /* 0x30 */
+#define MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED         49  /* 0x31 */
+#define MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR          50  /* 0x32 */
+#define MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR         51  /* 0x33 */
+#define MBEDTLS_SSL_ALERT_MSG_EXPORT_RESTRICTION    60  /* 0x3C */
+#define MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION      70  /* 0x46 */
+#define MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY 71  /* 0x47 */
+#define MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR        80  /* 0x50 */
+#define MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK 86  /* 0x56 */
+#define MBEDTLS_SSL_ALERT_MSG_USER_CANCELED         90  /* 0x5A */
+#define MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION     100  /* 0x64 */
+#define MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT      110  /* 0x6E */
+#define MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME    112  /* 0x70 */
+#define MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY 115  /* 0x73 */
+#define MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL 120 /* 0x78 */
+
+#define MBEDTLS_SSL_HS_HELLO_REQUEST            0
+#define MBEDTLS_SSL_HS_CLIENT_HELLO             1
+#define MBEDTLS_SSL_HS_SERVER_HELLO             2
+#define MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST     3
+#define MBEDTLS_SSL_HS_NEW_SESSION_TICKET       4
+#define MBEDTLS_SSL_HS_CERTIFICATE             11
+#define MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE     12
+#define MBEDTLS_SSL_HS_CERTIFICATE_REQUEST     13
+#define MBEDTLS_SSL_HS_SERVER_HELLO_DONE       14
+#define MBEDTLS_SSL_HS_CERTIFICATE_VERIFY      15
+#define MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE     16
+#define MBEDTLS_SSL_HS_FINISHED                20
+
+/*
+ * TLS extensions
+ */
+#define MBEDTLS_TLS_EXT_SERVERNAME                   0
+#define MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME          0
+
+#define MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH          1
+
+#define MBEDTLS_TLS_EXT_TRUNCATED_HMAC               4
+
+#define MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES   10
+#define MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS     11
+
+#define MBEDTLS_TLS_EXT_SIG_ALG                     13
+
+#define MBEDTLS_TLS_EXT_ALPN                        16
+
+#define MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC            22 /* 0x16 */
+#define MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET  0x0017 /* 23 */
+
+#define MBEDTLS_TLS_EXT_SESSION_TICKET              35
+
+#define MBEDTLS_TLS_EXT_ECJPAKE_KKPP               256 /* experimental */
+
+#define MBEDTLS_TLS_EXT_RENEGOTIATION_INFO      0xFF01
+
+/*
+ * Size defines
+ */
+#if !defined(MBEDTLS_PSK_MAX_LEN)
+#define MBEDTLS_PSK_MAX_LEN            32 /* 256 bits */
+#endif
+
+/* Dummy type used only for its size */
+union mbedtls_ssl_premaster_secret
+{
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
+    unsigned char _pms_rsa[48];                         /* RFC 5246 8.1.1 */
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
+    unsigned char _pms_dhm[MBEDTLS_MPI_MAX_SIZE];      /* RFC 5246 8.1.2 */
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)    || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)  || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)     || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
+    unsigned char _pms_ecdh[MBEDTLS_ECP_MAX_BYTES];    /* RFC 4492 5.10 */
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
+    unsigned char _pms_psk[4 + 2 * MBEDTLS_PSK_MAX_LEN];       /* RFC 4279 2 */
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+    unsigned char _pms_dhe_psk[4 + MBEDTLS_MPI_MAX_SIZE
+                                 + MBEDTLS_PSK_MAX_LEN];       /* RFC 4279 3 */
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
+    unsigned char _pms_rsa_psk[52 + MBEDTLS_PSK_MAX_LEN];      /* RFC 4279 4 */
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
+    unsigned char _pms_ecdhe_psk[4 + MBEDTLS_ECP_MAX_BYTES
+                                   + MBEDTLS_PSK_MAX_LEN];     /* RFC 5489 2 */
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    unsigned char _pms_ecjpake[32];     /* Thread spec: SHA-256 output */
+#endif
+};
+
+#define MBEDTLS_PREMASTER_SIZE     sizeof( union mbedtls_ssl_premaster_secret )
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * SSL state machine
+ */
+typedef enum
+{
+    MBEDTLS_SSL_HELLO_REQUEST,
+    MBEDTLS_SSL_CLIENT_HELLO,
+    MBEDTLS_SSL_SERVER_HELLO,
+    MBEDTLS_SSL_SERVER_CERTIFICATE,
+    MBEDTLS_SSL_SERVER_KEY_EXCHANGE,
+    MBEDTLS_SSL_CERTIFICATE_REQUEST,
+    MBEDTLS_SSL_SERVER_HELLO_DONE,
+    MBEDTLS_SSL_CLIENT_CERTIFICATE,
+    MBEDTLS_SSL_CLIENT_KEY_EXCHANGE,
+    MBEDTLS_SSL_CERTIFICATE_VERIFY,
+    MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC,
+    MBEDTLS_SSL_CLIENT_FINISHED,
+    MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC,
+    MBEDTLS_SSL_SERVER_FINISHED,
+    MBEDTLS_SSL_FLUSH_BUFFERS,
+    MBEDTLS_SSL_HANDSHAKE_WRAPUP,
+    MBEDTLS_SSL_HANDSHAKE_OVER,
+    MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET,
+    MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT,
+}
+mbedtls_ssl_states;
+
+/**
+ * \brief          Callback type: send data on the network.
+ *
+ * \note           That callback may be either blocking or non-blocking.
+ *
+ * \param ctx      Context for the send callback (typically a file descriptor)
+ * \param buf      Buffer holding the data to send
+ * \param len      Length of the data to send
+ *
+ * \return         The callback must return the number of bytes sent if any,
+ *                 or a non-zero error code.
+ *                 If performing non-blocking I/O, \c MBEDTLS_ERR_SSL_WANT_WRITE
+ *                 must be returned when the operation would block.
+ *
+ * \note           The callback is allowed to send fewer bytes than requested.
+ *                 It must always return the number of bytes actually sent.
+ */
+typedef int mbedtls_ssl_send_t( void *ctx,
+                                const unsigned char *buf,
+                                size_t len );
+
+/**
+ * \brief          Callback type: receive data from the network.
+ *
+ * \note           That callback may be either blocking or non-blocking.
+ *
+ * \param ctx      Context for the receive callback (typically a file
+ *                 descriptor)
+ * \param buf      Buffer to write the received data to
+ * \param len      Length of the receive buffer
+ *
+ * \return         The callback must return the number of bytes received,
+ *                 or a non-zero error code.
+ *                 If performing non-blocking I/O, \c MBEDTLS_ERR_SSL_WANT_READ
+ *                 must be returned when the operation would block.
+ *
+ * \note           The callback may receive fewer bytes than the length of the
+ *                 buffer. It must always return the number of bytes actually
+ *                 received and written to the buffer.
+ */
+typedef int mbedtls_ssl_recv_t( void *ctx,
+                                unsigned char *buf,
+                                size_t len );
+
+/**
+ * \brief          Callback type: receive data from the network, with timeout
+ *
+ * \note           That callback must block until data is received, or the
+ *                 timeout delay expires, or the operation is interrupted by a
+ *                 signal.
+ *
+ * \param ctx      Context for the receive callback (typically a file descriptor)
+ * \param buf      Buffer to write the received data to
+ * \param len      Length of the receive buffer
+ * \param timeout  Maximum nomber of millisecondes to wait for data
+ *                 0 means no timeout (potentially waiting forever)
+ *
+ * \return         The callback must return the number of bytes received,
+ *                 or a non-zero error code:
+ *                 \c MBEDTLS_ERR_SSL_TIMEOUT if the operation timed out,
+ *                 \c MBEDTLS_ERR_SSL_WANT_READ if interrupted by a signal.
+ *
+ * \note           The callback may receive fewer bytes than the length of the
+ *                 buffer. It must always return the number of bytes actually
+ *                 received and written to the buffer.
+ */
+typedef int mbedtls_ssl_recv_timeout_t( void *ctx,
+                                        unsigned char *buf,
+                                        size_t len,
+                                        uint32_t timeout );
+/**
+ * \brief          Callback type: set a pair of timers/delays to watch
+ *
+ * \param ctx      Context pointer
+ * \param int_ms   Intermediate delay in milliseconds
+ * \param fin_ms   Final delay in milliseconds
+ *                 0 cancels the current timer.
+ *
+ * \note           This callback must at least store the necessary information
+ *                 for the associated \c mbedtls_ssl_get_timer_t callback to
+ *                 return correct information.
+ *
+ * \note           If using a event-driven style of programming, an event must
+ *                 be generated when the final delay is passed. The event must
+ *                 cause a call to \c mbedtls_ssl_handshake() with the proper
+ *                 SSL context to be scheduled. Care must be taken to ensure
+ *                 that at most one such call happens at a time.
+ *
+ * \note           Only one timer at a time must be running. Calling this
+ *                 function while a timer is running must cancel it. Cancelled
+ *                 timers must not generate any event.
+ */
+typedef void mbedtls_ssl_set_timer_t( void * ctx,
+                                      uint32_t int_ms,
+                                      uint32_t fin_ms );
+
+/**
+ * \brief          Callback type: get status of timers/delays
+ *
+ * \param ctx      Context pointer
+ *
+ * \return         This callback must return:
+ *                 -1 if cancelled (fin_ms == 0),
+ *                  0 if none of the delays have passed,
+ *                  1 if only the intermediate delay has passed,
+ *                  2 if the final delay has passed.
+ */
+typedef int mbedtls_ssl_get_timer_t( void * ctx );
+
+
+/* Defined below */
+typedef struct mbedtls_ssl_session mbedtls_ssl_session;
+typedef struct mbedtls_ssl_context mbedtls_ssl_context;
+typedef struct mbedtls_ssl_config  mbedtls_ssl_config;
+
+/* Defined in ssl_internal.h */
+typedef struct mbedtls_ssl_transform mbedtls_ssl_transform;
+typedef struct mbedtls_ssl_handshake_params mbedtls_ssl_handshake_params;
+typedef struct mbedtls_ssl_sig_hash_set_t mbedtls_ssl_sig_hash_set_t;
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+typedef struct mbedtls_ssl_key_cert mbedtls_ssl_key_cert;
+#endif
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+typedef struct mbedtls_ssl_flight_item mbedtls_ssl_flight_item;
+#endif
+
+/*
+ * This structure is used for storing current session data.
+ */
+struct mbedtls_ssl_session
+{
+#if defined(MBEDTLS_HAVE_TIME)
+    mbedtls_time_t start;       /*!< starting time      */
+#endif
+    int ciphersuite;            /*!< chosen ciphersuite */
+    int compression;            /*!< chosen compression */
+    size_t id_len;              /*!< session id length  */
+    unsigned char id[32];       /*!< session identifier */
+    unsigned char master[48];   /*!< the master secret  */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    mbedtls_x509_crt *peer_cert;        /*!< peer X.509 cert chain */
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+    uint32_t verify_result;          /*!<  verification result     */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
+    unsigned char *ticket;      /*!< RFC 5077 session ticket */
+    size_t ticket_len;          /*!< session ticket length   */
+    uint32_t ticket_lifetime;   /*!< ticket lifetime hint    */
+#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    unsigned char mfl_code;     /*!< MaxFragmentLength negotiated by peer */
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+    int trunc_hmac;             /*!< flag for truncated hmac activation   */
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    int encrypt_then_mac;       /*!< flag for EtM activation                */
+#endif
+};
+
+/**
+ * SSL/TLS configuration to be shared between mbedtls_ssl_context structures.
+ */
+struct mbedtls_ssl_config
+{
+    /* Group items by size (largest first) to minimize padding overhead */
+
+    /*
+     * Pointers
+     */
+
+    const int *ciphersuite_list[4]; /*!< allowed ciphersuites per version   */
+
+    /** Callback for printing debug output                                  */
+    void (*f_dbg)(void *, int, const char *, int, const char *);
+    void *p_dbg;                    /*!< context for the debug function     */
+
+    /** Callback for getting (pseudo-)random numbers                        */
+    int  (*f_rng)(void *, unsigned char *, size_t);
+    void *p_rng;                    /*!< context for the RNG function       */
+
+    /** Callback to retrieve a session from the cache                       */
+    int (*f_get_cache)(void *, mbedtls_ssl_session *);
+    /** Callback to store a session into the cache                          */
+    int (*f_set_cache)(void *, const mbedtls_ssl_session *);
+    void *p_cache;                  /*!< context for cache callbacks        */
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    /** Callback for setting cert according to SNI extension                */
+    int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *, size_t);
+    void *p_sni;                    /*!< context for SNI callback           */
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    /** Callback to customize X.509 certificate chain verification          */
+    int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *);
+    void *p_vrfy;                   /*!< context for X.509 verify calllback */
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+    /** Callback to retrieve PSK key from identity                          */
+    int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *, size_t);
+    void *p_psk;                    /*!< context for PSK callback           */
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
+    /** Callback to create & write a cookie for ClientHello veirifcation    */
+    int (*f_cookie_write)( void *, unsigned char **, unsigned char *,
+                           const unsigned char *, size_t );
+    /** Callback to verify validity of a ClientHello cookie                 */
+    int (*f_cookie_check)( void *, const unsigned char *, size_t,
+                           const unsigned char *, size_t );
+    void *p_cookie;                 /*!< context for the cookie callbacks   */
+#endif
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_SRV_C)
+    /** Callback to create & write a session ticket                         */
+    int (*f_ticket_write)( void *, const mbedtls_ssl_session *,
+            unsigned char *, const unsigned char *, size_t *, uint32_t * );
+    /** Callback to parse a session ticket into a session structure         */
+    int (*f_ticket_parse)( void *, mbedtls_ssl_session *, unsigned char *, size_t);
+    void *p_ticket;                 /*!< context for the ticket callbacks   */
+#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+    /** Callback to export key block and master secret                      */
+    int (*f_export_keys)( void *, const unsigned char *,
+            const unsigned char *, size_t, size_t, size_t );
+    void *p_export_keys;            /*!< context for key export callback    */
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    const mbedtls_x509_crt_profile *cert_profile; /*!< verification profile */
+    mbedtls_ssl_key_cert *key_cert; /*!< own certificate/key pair(s)        */
+    mbedtls_x509_crt *ca_chain;     /*!< trusted CAs                        */
+    mbedtls_x509_crl *ca_crl;       /*!< trusted CAs CRLs                   */
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
+    const int *sig_hashes;          /*!< allowed signature hashes           */
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+    const mbedtls_ecp_group_id *curve_list; /*!< allowed curves             */
+#endif
+
+#if defined(MBEDTLS_DHM_C)
+    mbedtls_mpi dhm_P;              /*!< prime modulus for DHM              */
+    mbedtls_mpi dhm_G;              /*!< generator for DHM                  */
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+    unsigned char *psk;             /*!< pre-shared key                     */
+    size_t         psk_len;         /*!< length of the pre-shared key       */
+    unsigned char *psk_identity;    /*!< identity for PSK negotiation       */
+    size_t         psk_identity_len;/*!< length of identity                 */
+#endif
+
+#if defined(MBEDTLS_SSL_ALPN)
+    const char **alpn_list;         /*!< ordered list of protocols          */
+#endif
+
+    /*
+     * Numerical settings (int then char)
+     */
+
+    uint32_t read_timeout;          /*!< timeout for mbedtls_ssl_read (ms)  */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    uint32_t hs_timeout_min;        /*!< initial value of the handshake
+                                         retransmission timeout (ms)        */
+    uint32_t hs_timeout_max;        /*!< maximum value of the handshake
+                                         retransmission timeout (ms)        */
+#endif
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    int renego_max_records;         /*!< grace period for renegotiation     */
+    unsigned char renego_period[8]; /*!< value of the record counters
+                                         that triggers renegotiation        */
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
+    unsigned int badmac_limit;      /*!< limit of records with a bad MAC    */
+#endif
+
+#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
+    unsigned int dhm_min_bitlen;    /*!< min. bit length of the DHM prime   */
+#endif
+
+    unsigned char max_major_ver;    /*!< max. major version used            */
+    unsigned char max_minor_ver;    /*!< max. minor version used            */
+    unsigned char min_major_ver;    /*!< min. major version used            */
+    unsigned char min_minor_ver;    /*!< min. minor version used            */
+
+    /*
+     * Flags (bitfields)
+     */
+
+    unsigned int endpoint : 1;      /*!< 0: client, 1: server               */
+    unsigned int transport : 1;     /*!< stream (TLS) or datagram (DTLS)    */
+    unsigned int authmode : 2;      /*!< MBEDTLS_SSL_VERIFY_XXX             */
+    /* needed even with renego disabled for LEGACY_BREAK_HANDSHAKE          */
+    unsigned int allow_legacy_renegotiation : 2 ; /*!< MBEDTLS_LEGACY_XXX   */
+#if defined(MBEDTLS_ARC4_C)
+    unsigned int arc4_disabled : 1; /*!< blacklist RC4 ciphersuites?        */
+#endif
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    unsigned int mfl_code : 3;      /*!< desired fragment length            */
+#endif
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    unsigned int encrypt_then_mac : 1 ; /*!< negotiate encrypt-then-mac?    */
+#endif
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+    unsigned int extended_ms : 1;   /*!< negotiate extended master secret?  */
+#endif
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+    unsigned int anti_replay : 1;   /*!< detect and prevent replay?         */
+#endif
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+    unsigned int cbc_record_splitting : 1;  /*!< do cbc record splitting    */
+#endif
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    unsigned int disable_renegotiation : 1; /*!< disable renegotiation?     */
+#endif
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+    unsigned int trunc_hmac : 1;    /*!< negotiate truncated hmac?          */
+#endif
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    unsigned int session_tickets : 1;   /*!< use session tickets?           */
+#endif
+#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
+    unsigned int fallback : 1;      /*!< is this a fallback?                */
+#endif
+#if defined(MBEDTLS_SSL_SRV_C)
+    unsigned int cert_req_ca_list : 1;  /*!< enable sending CA list in
+                                          Certificate Request messages?     */
+#endif
+};
+
+
+struct mbedtls_ssl_context
+{
+    const mbedtls_ssl_config *conf; /*!< configuration information          */
+
+    /*
+     * Miscellaneous
+     */
+    int state;                  /*!< SSL handshake: current state     */
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    int renego_status;          /*!< Initial, in progress, pending?   */
+    int renego_records_seen;    /*!< Records since renego request, or with DTLS,
+                                  number of retransmissions of request if
+                                  renego_max_records is < 0           */
+#endif
+
+    int major_ver;              /*!< equal to  MBEDTLS_SSL_MAJOR_VERSION_3    */
+    int minor_ver;              /*!< either 0 (SSL3) or 1 (TLS1.0)    */
+
+#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
+    unsigned badmac_seen;       /*!< records with a bad MAC received    */
+#endif
+
+    mbedtls_ssl_send_t *f_send; /*!< Callback for network send */
+    mbedtls_ssl_recv_t *f_recv; /*!< Callback for network receive */
+    mbedtls_ssl_recv_timeout_t *f_recv_timeout;
+                                /*!< Callback for network receive with timeout */
+
+    void *p_bio;                /*!< context for I/O operations   */
+
+    /*
+     * Session layer
+     */
+    mbedtls_ssl_session *session_in;            /*!<  current session data (in)   */
+    mbedtls_ssl_session *session_out;           /*!<  current session data (out)  */
+    mbedtls_ssl_session *session;               /*!<  negotiated session data     */
+    mbedtls_ssl_session *session_negotiate;     /*!<  session data in negotiation */
+
+    mbedtls_ssl_handshake_params *handshake;    /*!<  params required only during
+                                              the handshake process        */
+
+    /*
+     * Record layer transformations
+     */
+    mbedtls_ssl_transform *transform_in;        /*!<  current transform params (in)   */
+    mbedtls_ssl_transform *transform_out;       /*!<  current transform params (in)   */
+    mbedtls_ssl_transform *transform;           /*!<  negotiated transform params     */
+    mbedtls_ssl_transform *transform_negotiate; /*!<  transform params in negotiation */
+
+    /*
+     * Timers
+     */
+    void *p_timer;              /*!< context for the timer callbacks */
+
+    mbedtls_ssl_set_timer_t *f_set_timer;       /*!< set timer callback */
+    mbedtls_ssl_get_timer_t *f_get_timer;       /*!< get timer callback */
+
+    /*
+     * Record layer (incoming data)
+     */
+    unsigned char *in_buf;      /*!< input buffer                     */
+    unsigned char *in_ctr;      /*!< 64-bit incoming message counter
+                                     TLS: maintained by us
+                                     DTLS: read from peer             */
+    unsigned char *in_hdr;      /*!< start of record header           */
+    unsigned char *in_len;      /*!< two-bytes message length field   */
+    unsigned char *in_iv;       /*!< ivlen-byte IV                    */
+    unsigned char *in_msg;      /*!< message contents (in_iv+ivlen)   */
+    unsigned char *in_offt;     /*!< read offset in application data  */
+
+    int in_msgtype;             /*!< record header: message type      */
+    size_t in_msglen;           /*!< record header: message length    */
+    size_t in_left;             /*!< amount of data read so far       */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    uint16_t in_epoch;          /*!< DTLS epoch for incoming records  */
+    size_t next_record_offset;  /*!< offset of the next record in datagram
+                                     (equal to in_left if none)       */
+#endif
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+    uint64_t in_window_top;     /*!< last validated record seq_num    */
+    uint64_t in_window;         /*!< bitmask for replay detection     */
+#endif
+
+    size_t in_hslen;            /*!< current handshake message length,
+                                     including the handshake header   */
+    int nb_zero;                /*!< # of 0-length encrypted messages */
+
+    int keep_current_message;   /*!< drop or reuse current message
+                                     on next call to record layer? */
+
+    /*
+     * Record layer (outgoing data)
+     */
+    unsigned char *out_buf;     /*!< output buffer                    */
+    unsigned char *out_ctr;     /*!< 64-bit outgoing message counter  */
+    unsigned char *out_hdr;     /*!< start of record header           */
+    unsigned char *out_len;     /*!< two-bytes message length field   */
+    unsigned char *out_iv;      /*!< ivlen-byte IV                    */
+    unsigned char *out_msg;     /*!< message contents (out_iv+ivlen)  */
+
+    int out_msgtype;            /*!< record header: message type      */
+    size_t out_msglen;          /*!< record header: message length    */
+    size_t out_left;            /*!< amount of data not yet written   */
+
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    unsigned char *compress_buf;        /*!<  zlib data buffer        */
+#endif
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+    signed char split_done;     /*!< current record already splitted? */
+#endif
+
+    /*
+     * PKI layer
+     */
+    int client_auth;                    /*!<  flag for client auth.   */
+
+    /*
+     * User settings
+     */
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    char *hostname;             /*!< expected peer CN for verification
+                                     (and SNI if available)                 */
+#endif
+
+#if defined(MBEDTLS_SSL_ALPN)
+    const char *alpn_chosen;    /*!<  negotiated protocol                   */
+#endif
+
+    /*
+     * Information for DTLS hello verify
+     */
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
+    unsigned char  *cli_id;         /*!<  transport-level ID of the client  */
+    size_t          cli_id_len;     /*!<  length of cli_id                  */
+#endif
+
+    /*
+     * Secure renegotiation
+     */
+    /* needed to know when to send extension on server */
+    int secure_renegotiation;           /*!<  does peer support legacy or
+                                              secure renegotiation           */
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    size_t verify_data_len;             /*!<  length of verify data stored   */
+    char own_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!<  previous handshake verify data */
+    char peer_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!<  previous handshake verify data */
+#endif
+};
+
+#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+
+#define MBEDTLS_SSL_CHANNEL_OUTBOUND    0
+#define MBEDTLS_SSL_CHANNEL_INBOUND     1
+
+extern int (*mbedtls_ssl_hw_record_init)(mbedtls_ssl_context *ssl,
+                const unsigned char *key_enc, const unsigned char *key_dec,
+                size_t keylen,
+                const unsigned char *iv_enc,  const unsigned char *iv_dec,
+                size_t ivlen,
+                const unsigned char *mac_enc, const unsigned char *mac_dec,
+                size_t maclen);
+extern int (*mbedtls_ssl_hw_record_activate)(mbedtls_ssl_context *ssl, int direction);
+extern int (*mbedtls_ssl_hw_record_reset)(mbedtls_ssl_context *ssl);
+extern int (*mbedtls_ssl_hw_record_write)(mbedtls_ssl_context *ssl);
+extern int (*mbedtls_ssl_hw_record_read)(mbedtls_ssl_context *ssl);
+extern int (*mbedtls_ssl_hw_record_finish)(mbedtls_ssl_context *ssl);
+#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
+
+/**
+ * \brief Returns the list of ciphersuites supported by the SSL/TLS module.
+ *
+ * \return              a statically allocated array of ciphersuites, the last
+ *                      entry is 0.
+ */
+const int *mbedtls_ssl_list_ciphersuites( void );
+
+/**
+ * \brief               Return the name of the ciphersuite associated with the
+ *                      given ID
+ *
+ * \param ciphersuite_id SSL ciphersuite ID
+ *
+ * \return              a string containing the ciphersuite name
+ */
+const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id );
+
+/**
+ * \brief               Return the ID of the ciphersuite associated with the
+ *                      given name
+ *
+ * \param ciphersuite_name SSL ciphersuite name
+ *
+ * \return              the ID with the ciphersuite or 0 if not found
+ */
+int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name );
+
+/**
+ * \brief          Initialize an SSL context
+ *                 Just makes the context ready for mbedtls_ssl_setup() or
+ *                 mbedtls_ssl_free()
+ *
+ * \param ssl      SSL context
+ */
+void mbedtls_ssl_init( mbedtls_ssl_context *ssl );
+
+/**
+ * \brief          Set up an SSL context for use
+ *
+ * \note           No copy of the configuration context is made, it can be
+ *                 shared by many mbedtls_ssl_context structures.
+ *
+ * \warning        Modifying the conf structure after it has been used in this
+ *                 function is unsupported!
+ *
+ * \param ssl      SSL context
+ * \param conf     SSL configuration to use
+ *
+ * \return         0 if successful, or MBEDTLS_ERR_SSL_ALLOC_FAILED if
+ *                 memory allocation failed
+ */
+int mbedtls_ssl_setup( mbedtls_ssl_context *ssl,
+                       const mbedtls_ssl_config *conf );
+
+/**
+ * \brief          Reset an already initialized SSL context for re-use
+ *                 while retaining application-set variables, function
+ *                 pointers and data.
+ *
+ * \param ssl      SSL context
+ * \return         0 if successful, or MBEDTLS_ERR_SSL_ALLOC_FAILED,
+                   MBEDTLS_ERR_SSL_HW_ACCEL_FAILED or
+ *                 MBEDTLS_ERR_SSL_COMPRESSION_FAILED
+ */
+int mbedtls_ssl_session_reset( mbedtls_ssl_context *ssl );
+
+/**
+ * \brief          Set the current endpoint type
+ *
+ * \param conf     SSL configuration
+ * \param endpoint must be MBEDTLS_SSL_IS_CLIENT or MBEDTLS_SSL_IS_SERVER
+ */
+void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint );
+
+/**
+ * \brief           Set the transport type (TLS or DTLS).
+ *                  Default: TLS
+ *
+ * \note            For DTLS, you must either provide a recv callback that
+ *                  doesn't block, or one that handles timeouts, see
+ *                  \c mbedtls_ssl_set_bio(). You also need to provide timer
+ *                  callbacks with \c mbedtls_ssl_set_timer_cb().
+ *
+ * \param conf      SSL configuration
+ * \param transport transport type:
+ *                  MBEDTLS_SSL_TRANSPORT_STREAM for TLS,
+ *                  MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS.
+ */
+void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport );
+
+/**
+ * \brief          Set the certificate verification mode
+ *                 Default: NONE on server, REQUIRED on client
+ *
+ * \param conf     SSL configuration
+ * \param authmode can be:
+ *
+ *  MBEDTLS_SSL_VERIFY_NONE:      peer certificate is not checked
+ *                        (default on server)
+ *                        (insecure on client)
+ *
+ *  MBEDTLS_SSL_VERIFY_OPTIONAL:  peer certificate is checked, however the
+ *                        handshake continues even if verification failed;
+ *                        mbedtls_ssl_get_verify_result() can be called after the
+ *                        handshake is complete.
+ *
+ *  MBEDTLS_SSL_VERIFY_REQUIRED:  peer *must* present a valid certificate,
+ *                        handshake is aborted if verification failed.
+ *                        (default on client)
+ *
+ * \note On client, MBEDTLS_SSL_VERIFY_REQUIRED is the recommended mode.
+ * With MBEDTLS_SSL_VERIFY_OPTIONAL, the user needs to call mbedtls_ssl_get_verify_result() at
+ * the right time(s), which may not be obvious, while REQUIRED always perform
+ * the verification as soon as possible. For example, REQUIRED was protecting
+ * against the "triple handshake" attack even before it was found.
+ */
+void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode );
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+/**
+ * \brief          Set the verification callback (Optional).
+ *
+ *                 If set, the verify callback is called for each
+ *                 certificate in the chain. For implementation
+ *                 information, please see \c mbedtls_x509_crt_verify()
+ *
+ * \param conf     SSL configuration
+ * \param f_vrfy   verification function
+ * \param p_vrfy   verification parameter
+ */
+void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf,
+                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                     void *p_vrfy );
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+/**
+ * \brief          Set the random number generator callback
+ *
+ * \param conf     SSL configuration
+ * \param f_rng    RNG function
+ * \param p_rng    RNG parameter
+ */
+void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf,
+                  int (*f_rng)(void *, unsigned char *, size_t),
+                  void *p_rng );
+
+/**
+ * \brief          Set the debug callback
+ *
+ *                 The callback has the following argument:
+ *                 void *           opaque context for the callback
+ *                 int              debug level
+ *                 const char *     file name
+ *                 int              line number
+ *                 const char *     message
+ *
+ * \param conf     SSL configuration
+ * \param f_dbg    debug function
+ * \param p_dbg    debug parameter
+ */
+void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf,
+                  void (*f_dbg)(void *, int, const char *, int, const char *),
+                  void  *p_dbg );
+
+/**
+ * \brief          Set the underlying BIO callbacks for write, read and
+ *                 read-with-timeout.
+ *
+ * \param ssl      SSL context
+ * \param p_bio    parameter (context) shared by BIO callbacks
+ * \param f_send   write callback
+ * \param f_recv   read callback
+ * \param f_recv_timeout blocking read callback with timeout.
+ *
+ * \note           One of f_recv or f_recv_timeout can be NULL, in which case
+ *                 the other is used. If both are non-NULL, f_recv_timeout is
+ *                 used and f_recv is ignored (as if it were NULL).
+ *
+ * \note           The two most common use cases are:
+ *                 - non-blocking I/O, f_recv != NULL, f_recv_timeout == NULL
+ *                 - blocking I/O, f_recv == NULL, f_recv_timout != NULL
+ *
+ * \note           For DTLS, you need to provide either a non-NULL
+ *                 f_recv_timeout callback, or a f_recv that doesn't block.
+ *
+ * \note           See the documentations of \c mbedtls_ssl_sent_t,
+ *                 \c mbedtls_ssl_recv_t and \c mbedtls_ssl_recv_timeout_t for
+ *                 the conventions those callbacks must follow.
+ *
+ * \note           On some platforms, net_sockets.c provides
+ *                 \c mbedtls_net_send(), \c mbedtls_net_recv() and
+ *                 \c mbedtls_net_recv_timeout() that are suitable to be used
+ *                 here.
+ */
+void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl,
+                          void *p_bio,
+                          mbedtls_ssl_send_t *f_send,
+                          mbedtls_ssl_recv_t *f_recv,
+                          mbedtls_ssl_recv_timeout_t *f_recv_timeout );
+
+/**
+ * \brief          Set the timeout period for mbedtls_ssl_read()
+ *                 (Default: no timeout.)
+ *
+ * \param conf     SSL configuration context
+ * \param timeout  Timeout value in milliseconds.
+ *                 Use 0 for no timeout (default).
+ *
+ * \note           With blocking I/O, this will only work if a non-NULL
+ *                 \c f_recv_timeout was set with \c mbedtls_ssl_set_bio().
+ *                 With non-blocking I/O, this will only work if timer
+ *                 callbacks were set with \c mbedtls_ssl_set_timer_cb().
+ *
+ * \note           With non-blocking I/O, you may also skip this function
+ *                 altogether and handle timeouts at the application layer.
+ */
+void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout );
+
+/**
+ * \brief          Set the timer callbacks (Mandatory for DTLS.)
+ *
+ * \param ssl      SSL context
+ * \param p_timer  parameter (context) shared by timer callbacks
+ * \param f_set_timer   set timer callback
+ * \param f_get_timer   get timer callback. Must return:
+ *
+ * \note           See the documentation of \c mbedtls_ssl_set_timer_t and
+ *                 \c mbedtls_ssl_get_timer_t for the conventions this pair of
+ *                 callbacks must follow.
+ *
+ * \note           On some platforms, timing.c provides
+ *                 \c mbedtls_timing_set_delay() and
+ *                 \c mbedtls_timing_get_delay() that are suitable for using
+ *                 here, except if using an event-driven style.
+ *
+ * \note           See also the "DTLS tutorial" article in our knowledge base.
+ *                 https://tls.mbed.org/kb/how-to/dtls-tutorial
+ */
+void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl,
+                               void *p_timer,
+                               mbedtls_ssl_set_timer_t *f_set_timer,
+                               mbedtls_ssl_get_timer_t *f_get_timer );
+
+/**
+ * \brief           Callback type: generate and write session ticket
+ *
+ * \note            This describes what a callback implementation should do.
+ *                  This callback should generate an encrypted and
+ *                  authenticated ticket for the session and write it to the
+ *                  output buffer. Here, ticket means the opaque ticket part
+ *                  of the NewSessionTicket structure of RFC 5077.
+ *
+ * \param p_ticket  Context for the callback
+ * \param session   SSL session to be written in the ticket
+ * \param start     Start of the output buffer
+ * \param end       End of the output buffer
+ * \param tlen      On exit, holds the length written
+ * \param lifetime  On exit, holds the lifetime of the ticket in seconds
+ *
+ * \return          0 if successful, or
+ *                  a specific MBEDTLS_ERR_XXX code.
+ */
+typedef int mbedtls_ssl_ticket_write_t( void *p_ticket,
+                                        const mbedtls_ssl_session *session,
+                                        unsigned char *start,
+                                        const unsigned char *end,
+                                        size_t *tlen,
+                                        uint32_t *lifetime );
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+/**
+ * \brief           Callback type: Export key block and master secret
+ *
+ * \note            This is required for certain uses of TLS, e.g. EAP-TLS
+ *                  (RFC 5216) and Thread. The key pointers are ephemeral and
+ *                  therefore must not be stored. The master secret and keys
+ *                  should not be used directly except as an input to a key
+ *                  derivation function.
+ *
+ * \param p_expkey  Context for the callback
+ * \param ms        Pointer to master secret (fixed length: 48 bytes)
+ * \param kb        Pointer to key block, see RFC 5246 section 6.3
+ *                  (variable length: 2 * maclen + 2 * keylen + 2 * ivlen).
+ * \param maclen    MAC length
+ * \param keylen    Key length
+ * \param ivlen     IV length
+ *
+ * \return          0 if successful, or
+ *                  a specific MBEDTLS_ERR_XXX code.
+ */
+typedef int mbedtls_ssl_export_keys_t( void *p_expkey,
+                                const unsigned char *ms,
+                                const unsigned char *kb,
+                                size_t maclen,
+                                size_t keylen,
+                                size_t ivlen );
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+
+/**
+ * \brief           Callback type: parse and load session ticket
+ *
+ * \note            This describes what a callback implementation should do.
+ *                  This callback should parse a session ticket as generated
+ *                  by the corresponding mbedtls_ssl_ticket_write_t function,
+ *                  and, if the ticket is authentic and valid, load the
+ *                  session.
+ *
+ * \note            The implementation is allowed to modify the first len
+ *                  bytes of the input buffer, eg to use it as a temporary
+ *                  area for the decrypted ticket contents.
+ *
+ * \param p_ticket  Context for the callback
+ * \param session   SSL session to be loaded
+ * \param buf       Start of the buffer containing the ticket
+ * \param len       Length of the ticket.
+ *
+ * \return          0 if successful, or
+ *                  MBEDTLS_ERR_SSL_INVALID_MAC if not authentic, or
+ *                  MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED if expired, or
+ *                  any other non-zero code for other failures.
+ */
+typedef int mbedtls_ssl_ticket_parse_t( void *p_ticket,
+                                        mbedtls_ssl_session *session,
+                                        unsigned char *buf,
+                                        size_t len );
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_SRV_C)
+/**
+ * \brief           Configure SSL session ticket callbacks (server only).
+ *                  (Default: none.)
+ *
+ * \note            On server, session tickets are enabled by providing
+ *                  non-NULL callbacks.
+ *
+ * \note            On client, use \c mbedtls_ssl_conf_session_tickets().
+ *
+ * \param conf      SSL configuration context
+ * \param f_ticket_write    Callback for writing a ticket
+ * \param f_ticket_parse    Callback for parsing a ticket
+ * \param p_ticket          Context shared by the two callbacks
+ */
+void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf,
+        mbedtls_ssl_ticket_write_t *f_ticket_write,
+        mbedtls_ssl_ticket_parse_t *f_ticket_parse,
+        void *p_ticket );
+#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+/**
+ * \brief           Configure key export callback.
+ *                  (Default: none.)
+ *
+ * \note            See \c mbedtls_ssl_export_keys_t.
+ *
+ * \param conf      SSL configuration context
+ * \param f_export_keys     Callback for exporting keys
+ * \param p_export_keys     Context for the callback
+ */
+void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf,
+        mbedtls_ssl_export_keys_t *f_export_keys,
+        void *p_export_keys );
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+
+/**
+ * \brief          Callback type: generate a cookie
+ *
+ * \param ctx      Context for the callback
+ * \param p        Buffer to write to,
+ *                 must be updated to point right after the cookie
+ * \param end      Pointer to one past the end of the output buffer
+ * \param info     Client ID info that was passed to
+ *                 \c mbedtls_ssl_set_client_transport_id()
+ * \param ilen     Length of info in bytes
+ *
+ * \return         The callback must return 0 on success,
+ *                 or a negative error code.
+ */
+typedef int mbedtls_ssl_cookie_write_t( void *ctx,
+                                unsigned char **p, unsigned char *end,
+                                const unsigned char *info, size_t ilen );
+
+/**
+ * \brief          Callback type: verify a cookie
+ *
+ * \param ctx      Context for the callback
+ * \param cookie   Cookie to verify
+ * \param clen     Length of cookie
+ * \param info     Client ID info that was passed to
+ *                 \c mbedtls_ssl_set_client_transport_id()
+ * \param ilen     Length of info in bytes
+ *
+ * \return         The callback must return 0 if cookie is valid,
+ *                 or a negative error code.
+ */
+typedef int mbedtls_ssl_cookie_check_t( void *ctx,
+                                const unsigned char *cookie, size_t clen,
+                                const unsigned char *info, size_t ilen );
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
+/**
+ * \brief           Register callbacks for DTLS cookies
+ *                  (Server only. DTLS only.)
+ *
+ *                  Default: dummy callbacks that fail, in order to force you to
+ *                  register working callbacks (and initialize their context).
+ *
+ *                  To disable HelloVerifyRequest, register NULL callbacks.
+ *
+ * \warning         Disabling hello verification allows your server to be used
+ *                  for amplification in DoS attacks against other hosts.
+ *                  Only disable if you known this can't happen in your
+ *                  particular environment.
+ *
+ * \note            See comments on \c mbedtls_ssl_handshake() about handling
+ *                  the MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED that is expected
+ *                  on the first handshake attempt when this is enabled.
+ *
+ * \note            This is also necessary to handle client reconnection from
+ *                  the same port as described in RFC 6347 section 4.2.8 (only
+ *                  the variant with cookies is supported currently). See
+ *                  comments on \c mbedtls_ssl_read() for details.
+ *
+ * \param conf              SSL configuration
+ * \param f_cookie_write    Cookie write callback
+ * \param f_cookie_check    Cookie check callback
+ * \param p_cookie          Context for both callbacks
+ */
+void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf,
+                           mbedtls_ssl_cookie_write_t *f_cookie_write,
+                           mbedtls_ssl_cookie_check_t *f_cookie_check,
+                           void *p_cookie );
+
+/**
+ * \brief          Set client's transport-level identification info.
+ *                 (Server only. DTLS only.)
+ *
+ *                 This is usually the IP address (and port), but could be
+ *                 anything identify the client depending on the underlying
+ *                 network stack. Used for HelloVerifyRequest with DTLS.
+ *                 This is *not* used to route the actual packets.
+ *
+ * \param ssl      SSL context
+ * \param info     Transport-level info identifying the client (eg IP + port)
+ * \param ilen     Length of info in bytes
+ *
+ * \note           An internal copy is made, so the info buffer can be reused.
+ *
+ * \return         0 on success,
+ *                 MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used on client,
+ *                 MBEDTLS_ERR_SSL_ALLOC_FAILED if out of memory.
+ */
+int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl,
+                                 const unsigned char *info,
+                                 size_t ilen );
+
+#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */
+
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+/**
+ * \brief          Enable or disable anti-replay protection for DTLS.
+ *                 (DTLS only, no effect on TLS.)
+ *                 Default: enabled.
+ *
+ * \param conf     SSL configuration
+ * \param mode     MBEDTLS_SSL_ANTI_REPLAY_ENABLED or MBEDTLS_SSL_ANTI_REPLAY_DISABLED.
+ *
+ * \warning        Disabling this is a security risk unless the application
+ *                 protocol handles duplicated packets in a safe way. You
+ *                 should not disable this without careful consideration.
+ *                 However, if your application already detects duplicated
+ *                 packets and needs information about them to adjust its
+ *                 transmission strategy, then you'll want to disable this.
+ */
+void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode );
+#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
+
+#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
+/**
+ * \brief          Set a limit on the number of records with a bad MAC
+ *                 before terminating the connection.
+ *                 (DTLS only, no effect on TLS.)
+ *                 Default: 0 (disabled).
+ *
+ * \param conf     SSL configuration
+ * \param limit    Limit, or 0 to disable.
+ *
+ * \note           If the limit is N, then the connection is terminated when
+ *                 the Nth non-authentic record is seen.
+ *
+ * \note           Records with an invalid header are not counted, only the
+ *                 ones going through the authentication-decryption phase.
+ *
+ * \note           This is a security trade-off related to the fact that it's
+ *                 often relatively easy for an active attacker ot inject UDP
+ *                 datagrams. On one hand, setting a low limit here makes it
+ *                 easier for such an attacker to forcibly terminated a
+ *                 connection. On the other hand, a high limit or no limit
+ *                 might make us waste resources checking authentication on
+ *                 many bogus packets.
+ */
+void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit );
+#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+/**
+ * \brief          Set retransmit timeout values for the DTLS handshake.
+ *                 (DTLS only, no effect on TLS.)
+ *
+ * \param conf     SSL configuration
+ * \param min      Initial timeout value in milliseconds.
+ *                 Default: 1000 (1 second).
+ * \param max      Maximum timeout value in milliseconds.
+ *                 Default: 60000 (60 seconds).
+ *
+ * \note           Default values are from RFC 6347 section 4.2.4.1.
+ *
+ * \note           The 'min' value should typically be slightly above the
+ *                 expected round-trip time to your peer, plus whatever time
+ *                 it takes for the peer to process the message. For example,
+ *                 if your RTT is about 600ms and you peer needs up to 1s to
+ *                 do the cryptographic operations in the handshake, then you
+ *                 should set 'min' slightly above 1600. Lower values of 'min'
+ *                 might cause spurious resends which waste network resources,
+ *                 while larger value of 'min' will increase overall latency
+ *                 on unreliable network links.
+ *
+ * \note           The more unreliable your network connection is, the larger
+ *                 your max / min ratio needs to be in order to achieve
+ *                 reliable handshakes.
+ *
+ * \note           Messages are retransmitted up to log2(ceil(max/min)) times.
+ *                 For example, if min = 1s and max = 5s, the retransmit plan
+ *                 goes: send ... 1s -> resend ... 2s -> resend ... 4s ->
+ *                 resend ... 5s -> give up and return a timeout error.
+ */
+void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max );
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+#if defined(MBEDTLS_SSL_SRV_C)
+/**
+ * \brief          Set the session cache callbacks (server-side only)
+ *                 If not set, no session resuming is done (except if session
+ *                 tickets are enabled too).
+ *
+ *                 The session cache has the responsibility to check for stale
+ *                 entries based on timeout. See RFC 5246 for recommendations.
+ *
+ *                 Warning: session.peer_cert is cleared by the SSL/TLS layer on
+ *                 connection shutdown, so do not cache the pointer! Either set
+ *                 it to NULL or make a full copy of the certificate.
+ *
+ *                 The get callback is called once during the initial handshake
+ *                 to enable session resuming. The get function has the
+ *                 following parameters: (void *parameter, mbedtls_ssl_session *session)
+ *                 If a valid entry is found, it should fill the master of
+ *                 the session object with the cached values and return 0,
+ *                 return 1 otherwise. Optionally peer_cert can be set as well
+ *                 if it is properly present in cache entry.
+ *
+ *                 The set callback is called once during the initial handshake
+ *                 to enable session resuming after the entire handshake has
+ *                 been finished. The set function has the following parameters:
+ *                 (void *parameter, const mbedtls_ssl_session *session). The function
+ *                 should create a cache entry for future retrieval based on
+ *                 the data in the session structure and should keep in mind
+ *                 that the mbedtls_ssl_session object presented (and all its referenced
+ *                 data) is cleared by the SSL/TLS layer when the connection is
+ *                 terminated. It is recommended to add metadata to determine if
+ *                 an entry is still valid in the future. Return 0 if
+ *                 successfully cached, return 1 otherwise.
+ *
+ * \param conf           SSL configuration
+ * \param p_cache        parmater (context) for both callbacks
+ * \param f_get_cache    session get callback
+ * \param f_set_cache    session set callback
+ */
+void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf,
+        void *p_cache,
+        int (*f_get_cache)(void *, mbedtls_ssl_session *),
+        int (*f_set_cache)(void *, const mbedtls_ssl_session *) );
+#endif /* MBEDTLS_SSL_SRV_C */
+
+#if defined(MBEDTLS_SSL_CLI_C)
+/**
+ * \brief          Request resumption of session (client-side only)
+ *                 Session data is copied from presented session structure.
+ *
+ * \param ssl      SSL context
+ * \param session  session context
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed,
+ *                 MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used server-side or
+ *                 arguments are otherwise invalid
+ *
+ * \sa             mbedtls_ssl_get_session()
+ */
+int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session );
+#endif /* MBEDTLS_SSL_CLI_C */
+
+/**
+ * \brief               Set the list of allowed ciphersuites and the preference
+ *                      order. First in the list has the highest preference.
+ *                      (Overrides all version-specific lists)
+ *
+ *                      The ciphersuites array is not copied, and must remain
+ *                      valid for the lifetime of the ssl_config.
+ *
+ *                      Note: The server uses its own preferences
+ *                      over the preference of the client unless
+ *                      MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE is defined!
+ *
+ * \param conf          SSL configuration
+ * \param ciphersuites  0-terminated list of allowed ciphersuites
+ */
+void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
+                                   const int *ciphersuites );
+
+/**
+ * \brief               Set the list of allowed ciphersuites and the
+ *                      preference order for a specific version of the protocol.
+ *                      (Only useful on the server side)
+ *
+ *                      The ciphersuites array is not copied, and must remain
+ *                      valid for the lifetime of the ssl_config.
+ *
+ * \param conf          SSL configuration
+ * \param ciphersuites  0-terminated list of allowed ciphersuites
+ * \param major         Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3
+ *                      supported)
+ * \param minor         Minor version number (MBEDTLS_SSL_MINOR_VERSION_0,
+ *                      MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2,
+ *                      MBEDTLS_SSL_MINOR_VERSION_3 supported)
+ *
+ * \note                With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0
+ *                      and MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2
+ */
+void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf,
+                                       const int *ciphersuites,
+                                       int major, int minor );
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+/**
+ * \brief          Set the X.509 security profile used for verification
+ *
+ * \note           The restrictions are enforced for all certificates in the
+ *                 chain. However, signatures in the handshake are not covered
+ *                 by this setting but by \b mbedtls_ssl_conf_sig_hashes().
+ *
+ * \param conf     SSL configuration
+ * \param profile  Profile to use
+ */
+void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf,
+                                    const mbedtls_x509_crt_profile *profile );
+
+/**
+ * \brief          Set the data required to verify peer certificate
+ *
+ * \param conf     SSL configuration
+ * \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs)
+ * \param ca_crl   trusted CA CRLs
+ */
+void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf,
+                               mbedtls_x509_crt *ca_chain,
+                               mbedtls_x509_crl *ca_crl );
+
+/**
+ * \brief          Set own certificate chain and private key
+ *
+ * \note           own_cert should contain in order from the bottom up your
+ *                 certificate chain. The top certificate (self-signed)
+ *                 can be omitted.
+ *
+ * \note           On server, this function can be called multiple times to
+ *                 provision more than one cert/key pair (eg one ECDSA, one
+ *                 RSA with SHA-256, one RSA with SHA-1). An adequate
+ *                 certificate will be selected according to the client's
+ *                 advertised capabilities. In case mutliple certificates are
+ *                 adequate, preference is given to the one set by the first
+ *                 call to this function, then second, etc.
+ *
+ * \note           On client, only the first call has any effect. That is,
+ *                 only one client certificate can be provisioned. The
+ *                 server's preferences in its CertficateRequest message will
+ *                 be ignored and our only cert will be sent regardless of
+ *                 whether it matches those preferences - the server can then
+ *                 decide what it wants to do with it.
+ *
+ * \param conf     SSL configuration
+ * \param own_cert own public certificate chain
+ * \param pk_key   own private key
+ *
+ * \return         0 on success or MBEDTLS_ERR_SSL_ALLOC_FAILED
+ */
+int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf,
+                              mbedtls_x509_crt *own_cert,
+                              mbedtls_pk_context *pk_key );
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+/**
+ * \brief          Set the Pre Shared Key (PSK) and the expected identity name
+ *
+ * \note           This is mainly useful for clients. Servers will usually
+ *                 want to use \c mbedtls_ssl_conf_psk_cb() instead.
+ *
+ * \note           Currently clients can only register one pre-shared key.
+ *                 In other words, the servers' identity hint is ignored.
+ *                 Support for setting multiple PSKs on clients and selecting
+ *                 one based on the identity hint is not a planned feature but
+ *                 feedback is welcomed.
+ *
+ * \param conf     SSL configuration
+ * \param psk      pointer to the pre-shared key
+ * \param psk_len  pre-shared key length
+ * \param psk_identity      pointer to the pre-shared key identity
+ * \param psk_identity_len  identity key length
+ *
+ * \return         0 if successful or MBEDTLS_ERR_SSL_ALLOC_FAILED
+ */
+int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
+                const unsigned char *psk, size_t psk_len,
+                const unsigned char *psk_identity, size_t psk_identity_len );
+
+
+/**
+ * \brief          Set the Pre Shared Key (PSK) for the current handshake
+ *
+ * \note           This should only be called inside the PSK callback,
+ *                 ie the function passed to \c mbedtls_ssl_conf_psk_cb().
+ *
+ * \param ssl      SSL context
+ * \param psk      pointer to the pre-shared key
+ * \param psk_len  pre-shared key length
+ *
+ * \return         0 if successful or MBEDTLS_ERR_SSL_ALLOC_FAILED
+ */
+int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl,
+                            const unsigned char *psk, size_t psk_len );
+
+/**
+ * \brief          Set the PSK callback (server-side only).
+ *
+ *                 If set, the PSK callback is called for each
+ *                 handshake where a PSK ciphersuite was negotiated.
+ *                 The caller provides the identity received and wants to
+ *                 receive the actual PSK data and length.
+ *
+ *                 The callback has the following parameters: (void *parameter,
+ *                 mbedtls_ssl_context *ssl, const unsigned char *psk_identity,
+ *                 size_t identity_len)
+ *                 If a valid PSK identity is found, the callback should use
+ *                 \c mbedtls_ssl_set_hs_psk() on the ssl context to set the
+ *                 correct PSK and return 0.
+ *                 Any other return value will result in a denied PSK identity.
+ *
+ * \note           If you set a PSK callback using this function, then you
+ *                 don't need to set a PSK key and identity using
+ *                 \c mbedtls_ssl_conf_psk().
+ *
+ * \param conf     SSL configuration
+ * \param f_psk    PSK identity function
+ * \param p_psk    PSK identity parameter
+ */
+void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf,
+                     int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *,
+                                  size_t),
+                     void *p_psk );
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
+
+#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED    __attribute__((deprecated))
+#else
+#define MBEDTLS_DEPRECATED
+#endif
+
+/**
+ * \brief          Set the Diffie-Hellman public P and G values,
+ *                 read as hexadecimal strings (server-side only)
+ *                 (Default values: MBEDTLS_DHM_RFC3526_MODP_2048_[PG])
+ *
+ * \param conf     SSL configuration
+ * \param dhm_P    Diffie-Hellman-Merkle modulus
+ * \param dhm_G    Diffie-Hellman-Merkle generator
+ *
+ * \deprecated     Superseded by \c mbedtls_ssl_conf_dh_param_bin.
+ *
+ * \return         0 if successful
+ */
+MBEDTLS_DEPRECATED int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf,
+                                                  const char *dhm_P,
+                                                  const char *dhm_G );
+
+#endif /* MBEDTLS_DEPRECATED_REMOVED */
+
+/**
+ * \brief          Set the Diffie-Hellman public P and G values
+ *                 from big-endian binary presentations.
+ *                 (Default values: MBEDTLS_DHM_RFC3526_MODP_2048_[PG]_BIN)
+ *
+ * \param conf     SSL configuration
+ * \param dhm_P    Diffie-Hellman-Merkle modulus in big-endian binary form
+ * \param P_len    Length of DHM modulus
+ * \param dhm_G    Diffie-Hellman-Merkle generator in big-endian binary form
+ * \param G_len    Length of DHM generator
+ *
+ * \return         0 if successful
+ */
+int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf,
+                                   const unsigned char *dhm_P, size_t P_len,
+                                   const unsigned char *dhm_G,  size_t G_len );
+
+/**
+ * \brief          Set the Diffie-Hellman public P and G values,
+ *                 read from existing context (server-side only)
+ *
+ * \param conf     SSL configuration
+ * \param dhm_ctx  Diffie-Hellman-Merkle context
+ *
+ * \return         0 if successful
+ */
+int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx );
+#endif /* MBEDTLS_DHM_C && defined(MBEDTLS_SSL_SRV_C) */
+
+#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
+/**
+ * \brief          Set the minimum length for Diffie-Hellman parameters.
+ *                 (Client-side only.)
+ *                 (Default: 1024 bits.)
+ *
+ * \param conf     SSL configuration
+ * \param bitlen   Minimum bit length of the DHM prime
+ */
+void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf,
+                                      unsigned int bitlen );
+#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_CLI_C */
+
+#if defined(MBEDTLS_ECP_C)
+/**
+ * \brief          Set the allowed curves in order of preference.
+ *                 (Default: all defined curves.)
+ *
+ *                 On server: this only affects selection of the ECDHE curve;
+ *                 the curves used for ECDH and ECDSA are determined by the
+ *                 list of available certificates instead.
+ *
+ *                 On client: this affects the list of curves offered for any
+ *                 use. The server can override our preference order.
+ *
+ *                 Both sides: limits the set of curves accepted for use in
+ *                 ECDHE and in the peer's end-entity certificate.
+ *
+ * \note           This has no influence on which curves are allowed inside the
+ *                 certificate chains, see \c mbedtls_ssl_conf_cert_profile()
+ *                 for that. For the end-entity certificate however, the key
+ *                 will be accepted only if it is allowed both by this list
+ *                 and by the cert profile.
+ *
+ * \note           This list should be ordered by decreasing preference
+ *                 (preferred curve first).
+ *
+ * \param conf     SSL configuration
+ * \param curves   Ordered list of allowed curves,
+ *                 terminated by MBEDTLS_ECP_DP_NONE.
+ */
+void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf,
+                              const mbedtls_ecp_group_id *curves );
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
+/**
+ * \brief          Set the allowed hashes for signatures during the handshake.
+ *                 (Default: all available hashes except MD5.)
+ *
+ * \note           This only affects which hashes are offered and can be used
+ *                 for signatures during the handshake. Hashes for message
+ *                 authentication and the TLS PRF are controlled by the
+ *                 ciphersuite, see \c mbedtls_ssl_conf_ciphersuites(). Hashes
+ *                 used for certificate signature are controlled by the
+ *                 verification profile, see \c mbedtls_ssl_conf_cert_profile().
+ *
+ * \note           This list should be ordered by decreasing preference
+ *                 (preferred hash first).
+ *
+ * \param conf     SSL configuration
+ * \param hashes   Ordered list of allowed signature hashes,
+ *                 terminated by \c MBEDTLS_MD_NONE.
+ */
+void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf,
+                                  const int *hashes );
+#endif /* MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+/**
+ * \brief          Set or reset the hostname to check against the received 
+ *                 server certificate. It sets the ServerName TLS extension, 
+ *                 too, if that extension is enabled. (client-side only)
+ *
+ * \param ssl      SSL context
+ * \param hostname the server hostname, may be NULL to clear hostname
+ 
+ * \note           Maximum hostname length MBEDTLS_SSL_MAX_HOST_NAME_LEN.
+ *
+ * \return         0 if successful, MBEDTLS_ERR_SSL_ALLOC_FAILED on 
+ *                 allocation failure, MBEDTLS_ERR_SSL_BAD_INPUT_DATA on 
+ *                 too long input hostname.
+ *
+ *                 Hostname set to the one provided on success (cleared
+ *                 when NULL). On allocation failure hostname is cleared. 
+ *                 On too long input failure, old hostname is unchanged.
+ */
+int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname );
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+/**
+ * \brief          Set own certificate and key for the current handshake
+ *
+ * \note           Same as \c mbedtls_ssl_conf_own_cert() but for use within
+ *                 the SNI callback.
+ *
+ * \param ssl      SSL context
+ * \param own_cert own public certificate chain
+ * \param pk_key   own private key
+ *
+ * \return         0 on success or MBEDTLS_ERR_SSL_ALLOC_FAILED
+ */
+int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *ssl,
+                                 mbedtls_x509_crt *own_cert,
+                                 mbedtls_pk_context *pk_key );
+
+/**
+ * \brief          Set the data required to verify peer certificate for the
+ *                 current handshake
+ *
+ * \note           Same as \c mbedtls_ssl_conf_ca_chain() but for use within
+ *                 the SNI callback.
+ *
+ * \param ssl      SSL context
+ * \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs)
+ * \param ca_crl   trusted CA CRLs
+ */
+void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl,
+                                  mbedtls_x509_crt *ca_chain,
+                                  mbedtls_x509_crl *ca_crl );
+
+/**
+ * \brief          Set authmode for the current handshake.
+ *
+ * \note           Same as \c mbedtls_ssl_conf_authmode() but for use within
+ *                 the SNI callback.
+ *
+ * \param ssl      SSL context
+ * \param authmode MBEDTLS_SSL_VERIFY_NONE, MBEDTLS_SSL_VERIFY_OPTIONAL or
+ *                 MBEDTLS_SSL_VERIFY_REQUIRED
+ */
+void mbedtls_ssl_set_hs_authmode( mbedtls_ssl_context *ssl,
+                                  int authmode );
+
+/**
+ * \brief          Set server side ServerName TLS extension callback
+ *                 (optional, server-side only).
+ *
+ *                 If set, the ServerName callback is called whenever the
+ *                 server receives a ServerName TLS extension from the client
+ *                 during a handshake. The ServerName callback has the
+ *                 following parameters: (void *parameter, mbedtls_ssl_context *ssl,
+ *                 const unsigned char *hostname, size_t len). If a suitable
+ *                 certificate is found, the callback must set the
+ *                 certificate(s) and key(s) to use with \c
+ *                 mbedtls_ssl_set_hs_own_cert() (can be called repeatedly),
+ *                 and may optionally adjust the CA and associated CRL with \c
+ *                 mbedtls_ssl_set_hs_ca_chain() as well as the client
+ *                 authentication mode with \c mbedtls_ssl_set_hs_authmode(),
+ *                 then must return 0. If no matching name is found, the
+ *                 callback must either set a default cert, or
+ *                 return non-zero to abort the handshake at this point.
+ *
+ * \param conf     SSL configuration
+ * \param f_sni    verification function
+ * \param p_sni    verification parameter
+ */
+void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf,
+                  int (*f_sni)(void *, mbedtls_ssl_context *, const unsigned char *,
+                               size_t),
+                  void *p_sni );
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+/**
+ * \brief          Set the EC J-PAKE password for current handshake.
+ *
+ * \note           An internal copy is made, and destroyed as soon as the
+ *                 handshake is completed, or when the SSL context is reset or
+ *                 freed.
+ *
+ * \note           The SSL context needs to be already set up. The right place
+ *                 to call this function is between \c mbedtls_ssl_setup() or
+ *                 \c mbedtls_ssl_reset() and \c mbedtls_ssl_handshake().
+ *
+ * \param ssl      SSL context
+ * \param pw       EC J-PAKE password (pre-shared secret)
+ * \param pw_len   length of pw in bytes
+ *
+ * \return         0 on success, or a negative error code.
+ */
+int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl,
+                                         const unsigned char *pw,
+                                         size_t pw_len );
+#endif /*MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_SSL_ALPN)
+/**
+ * \brief          Set the supported Application Layer Protocols.
+ *
+ * \param conf     SSL configuration
+ * \param protos   Pointer to a NULL-terminated list of supported protocols,
+ *                 in decreasing preference order. The pointer to the list is
+ *                 recorded by the library for later reference as required, so
+ *                 the lifetime of the table must be atleast as long as the
+ *                 lifetime of the SSL configuration structure.
+ *
+ * \return         0 on success, or MBEDTLS_ERR_SSL_BAD_INPUT_DATA.
+ */
+int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos );
+
+/**
+ * \brief          Get the name of the negotiated Application Layer Protocol.
+ *                 This function should be called after the handshake is
+ *                 completed.
+ *
+ * \param ssl      SSL context
+ *
+ * \return         Protcol name, or NULL if no protocol was negotiated.
+ */
+const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl );
+#endif /* MBEDTLS_SSL_ALPN */
+
+/**
+ * \brief          Set the maximum supported version sent from the client side
+ *                 and/or accepted at the server side
+ *                 (Default: MBEDTLS_SSL_MAX_MAJOR_VERSION, MBEDTLS_SSL_MAX_MINOR_VERSION)
+ *
+ * \note           This ignores ciphersuites from higher versions.
+ *
+ * \note           With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and
+ *                 MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2
+ *
+ * \param conf     SSL configuration
+ * \param major    Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 supported)
+ * \param minor    Minor version number (MBEDTLS_SSL_MINOR_VERSION_0,
+ *                 MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2,
+ *                 MBEDTLS_SSL_MINOR_VERSION_3 supported)
+ */
+void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor );
+
+/**
+ * \brief          Set the minimum accepted SSL/TLS protocol version
+ *                 (Default: TLS 1.0)
+ *
+ * \note           Input outside of the SSL_MAX_XXXXX_VERSION and
+ *                 SSL_MIN_XXXXX_VERSION range is ignored.
+ *
+ * \note           MBEDTLS_SSL_MINOR_VERSION_0 (SSL v3) should be avoided.
+ *
+ * \note           With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and
+ *                 MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2
+ *
+ * \param conf     SSL configuration
+ * \param major    Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 supported)
+ * \param minor    Minor version number (MBEDTLS_SSL_MINOR_VERSION_0,
+ *                 MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2,
+ *                 MBEDTLS_SSL_MINOR_VERSION_3 supported)
+ */
+void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor );
+
+#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
+/**
+ * \brief          Set the fallback flag (client-side only).
+ *                 (Default: MBEDTLS_SSL_IS_NOT_FALLBACK).
+ *
+ * \note           Set to MBEDTLS_SSL_IS_FALLBACK when preparing a fallback
+ *                 connection, that is a connection with max_version set to a
+ *                 lower value than the value you're willing to use. Such
+ *                 fallback connections are not recommended but are sometimes
+ *                 necessary to interoperate with buggy (version-intolerant)
+ *                 servers.
+ *
+ * \warning        You should NOT set this to MBEDTLS_SSL_IS_FALLBACK for
+ *                 non-fallback connections! This would appear to work for a
+ *                 while, then cause failures when the server is upgraded to
+ *                 support a newer TLS version.
+ *
+ * \param conf     SSL configuration
+ * \param fallback MBEDTLS_SSL_IS_NOT_FALLBACK or MBEDTLS_SSL_IS_FALLBACK
+ */
+void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback );
+#endif /* MBEDTLS_SSL_FALLBACK_SCSV && MBEDTLS_SSL_CLI_C */
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+/**
+ * \brief           Enable or disable Encrypt-then-MAC
+ *                  (Default: MBEDTLS_SSL_ETM_ENABLED)
+ *
+ * \note            This should always be enabled, it is a security
+ *                  improvement, and should not cause any interoperability
+ *                  issue (used only if the peer supports it too).
+ *
+ * \param conf      SSL configuration
+ * \param etm       MBEDTLS_SSL_ETM_ENABLED or MBEDTLS_SSL_ETM_DISABLED
+ */
+void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm );
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+/**
+ * \brief           Enable or disable Extended Master Secret negotiation.
+ *                  (Default: MBEDTLS_SSL_EXTENDED_MS_ENABLED)
+ *
+ * \note            This should always be enabled, it is a security fix to the
+ *                  protocol, and should not cause any interoperability issue
+ *                  (used only if the peer supports it too).
+ *
+ * \param conf      SSL configuration
+ * \param ems       MBEDTLS_SSL_EXTENDED_MS_ENABLED or MBEDTLS_SSL_EXTENDED_MS_DISABLED
+ */
+void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems );
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
+
+#if defined(MBEDTLS_ARC4_C)
+/**
+ * \brief          Disable or enable support for RC4
+ *                 (Default: MBEDTLS_SSL_ARC4_DISABLED)
+ *
+ * \warning        Use of RC4 in DTLS/TLS has been prohibited by RFC 7465
+ *                 for security reasons. Use at your own risk.
+ *
+ * \note           This function is deprecated and will likely be removed in
+ *                 a future version of the library.
+ *                 RC4 is disabled by default at compile time and needs to be
+ *                 actively enabled for use with legacy systems.
+ *
+ * \param conf     SSL configuration
+ * \param arc4     MBEDTLS_SSL_ARC4_ENABLED or MBEDTLS_SSL_ARC4_DISABLED
+ */
+void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 );
+#endif /* MBEDTLS_ARC4_C */
+
+#if defined(MBEDTLS_SSL_SRV_C)
+/**
+ * \brief          Whether to send a list of acceptable CAs in
+ *                 CertificateRequest messages.
+ *                 (Default: do send)
+ *
+ * \param conf     SSL configuration
+ * \param cert_req_ca_list   MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED or
+ *                          MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED
+ */
+void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf,
+                                          char cert_req_ca_list );
+#endif /* MBEDTLS_SSL_SRV_C */
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+/**
+ * \brief          Set the maximum fragment length to emit and/or negotiate
+ *                 (Default: MBEDTLS_SSL_MAX_CONTENT_LEN, usually 2^14 bytes)
+ *                 (Server: set maximum fragment length to emit,
+ *                 usually negotiated by the client during handshake
+ *                 (Client: set maximum fragment length to emit *and*
+ *                 negotiate with the server during handshake)
+ *
+ * \param conf     SSL configuration
+ * \param mfl_code Code for maximum fragment length (allowed values:
+ *                 MBEDTLS_SSL_MAX_FRAG_LEN_512,  MBEDTLS_SSL_MAX_FRAG_LEN_1024,
+ *                 MBEDTLS_SSL_MAX_FRAG_LEN_2048, MBEDTLS_SSL_MAX_FRAG_LEN_4096)
+ *
+ * \return         0 if successful or MBEDTLS_ERR_SSL_BAD_INPUT_DATA
+ */
+int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code );
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+/**
+ * \brief          Activate negotiation of truncated HMAC
+ *                 (Default: MBEDTLS_SSL_TRUNC_HMAC_DISABLED)
+ *
+ * \param conf     SSL configuration
+ * \param truncate Enable or disable (MBEDTLS_SSL_TRUNC_HMAC_ENABLED or
+ *                                    MBEDTLS_SSL_TRUNC_HMAC_DISABLED)
+ */
+void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate );
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+/**
+ * \brief          Enable / Disable 1/n-1 record splitting
+ *                 (Default: MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED)
+ *
+ * \note           Only affects SSLv3 and TLS 1.0, not higher versions.
+ *                 Does not affect non-CBC ciphersuites in any version.
+ *
+ * \param conf     SSL configuration
+ * \param split    MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED or
+ *                 MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED
+ */
+void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split );
+#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
+/**
+ * \brief          Enable / Disable session tickets (client only).
+ *                 (Default: MBEDTLS_SSL_SESSION_TICKETS_ENABLED.)
+ *
+ * \note           On server, use \c mbedtls_ssl_conf_session_tickets_cb().
+ *
+ * \param conf     SSL configuration
+ * \param use_tickets   Enable or disable (MBEDTLS_SSL_SESSION_TICKETS_ENABLED or
+ *                                         MBEDTLS_SSL_SESSION_TICKETS_DISABLED)
+ */
+void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets );
+#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+/**
+ * \brief          Enable / Disable renegotiation support for connection when
+ *                 initiated by peer
+ *                 (Default: MBEDTLS_SSL_RENEGOTIATION_DISABLED)
+ *
+ * \warning        It is recommended to always disable renegotation unless you
+ *                 know you need it and you know what you're doing. In the
+ *                 past, there have been several issues associated with
+ *                 renegotiation or a poor understanding of its properties.
+ *
+ * \note           Server-side, enabling renegotiation also makes the server
+ *                 susceptible to a resource DoS by a malicious client.
+ *
+ * \param conf    SSL configuration
+ * \param renegotiation     Enable or disable (MBEDTLS_SSL_RENEGOTIATION_ENABLED or
+ *                                             MBEDTLS_SSL_RENEGOTIATION_DISABLED)
+ */
+void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation );
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+/**
+ * \brief          Prevent or allow legacy renegotiation.
+ *                 (Default: MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION)
+ *
+ *                 MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION allows connections to
+ *                 be established even if the peer does not support
+ *                 secure renegotiation, but does not allow renegotiation
+ *                 to take place if not secure.
+ *                 (Interoperable and secure option)
+ *
+ *                 MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION allows renegotiations
+ *                 with non-upgraded peers. Allowing legacy renegotiation
+ *                 makes the connection vulnerable to specific man in the
+ *                 middle attacks. (See RFC 5746)
+ *                 (Most interoperable and least secure option)
+ *
+ *                 MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE breaks off connections
+ *                 if peer does not support secure renegotiation. Results
+ *                 in interoperability issues with non-upgraded peers
+ *                 that do not support renegotiation altogether.
+ *                 (Most secure option, interoperability issues)
+ *
+ * \param conf     SSL configuration
+ * \param allow_legacy  Prevent or allow (SSL_NO_LEGACY_RENEGOTIATION,
+ *                                        SSL_ALLOW_LEGACY_RENEGOTIATION or
+ *                                        MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE)
+ */
+void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy );
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+/**
+ * \brief          Enforce renegotiation requests.
+ *                 (Default: enforced, max_records = 16)
+ *
+ *                 When we request a renegotiation, the peer can comply or
+ *                 ignore the request. This function allows us to decide
+ *                 whether to enforce our renegotiation requests by closing
+ *                 the connection if the peer doesn't comply.
+ *
+ *                 However, records could already be in transit from the peer
+ *                 when the request is emitted. In order to increase
+ *                 reliability, we can accept a number of records before the
+ *                 expected handshake records.
+ *
+ *                 The optimal value is highly dependent on the specific usage
+ *                 scenario.
+ *
+ * \note           With DTLS and server-initiated renegotiation, the
+ *                 HelloRequest is retransmited every time mbedtls_ssl_read() times
+ *                 out or receives Application Data, until:
+ *                 - max_records records have beens seen, if it is >= 0, or
+ *                 - the number of retransmits that would happen during an
+ *                 actual handshake has been reached.
+ *                 Please remember the request might be lost a few times
+ *                 if you consider setting max_records to a really low value.
+ *
+ * \warning        On client, the grace period can only happen during
+ *                 mbedtls_ssl_read(), as opposed to mbedtls_ssl_write() and mbedtls_ssl_renegotiate()
+ *                 which always behave as if max_record was 0. The reason is,
+ *                 if we receive application data from the server, we need a
+ *                 place to write it, which only happens during mbedtls_ssl_read().
+ *
+ * \param conf     SSL configuration
+ * \param max_records Use MBEDTLS_SSL_RENEGOTIATION_NOT_ENFORCED if you don't want to
+ *                 enforce renegotiation, or a non-negative value to enforce
+ *                 it but allow for a grace period of max_records records.
+ */
+void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records );
+
+/**
+ * \brief          Set record counter threshold for periodic renegotiation.
+ *                 (Default: 2^48 - 1)
+ *
+ *                 Renegotiation is automatically triggered when a record
+ *                 counter (outgoing or ingoing) crosses the defined
+ *                 threshold. The default value is meant to prevent the
+ *                 connection from being closed when the counter is about to
+ *                 reached its maximal value (it is not allowed to wrap).
+ *
+ *                 Lower values can be used to enforce policies such as "keys
+ *                 must be refreshed every N packets with cipher X".
+ *
+ *                 The renegotiation period can be disabled by setting
+ *                 conf->disable_renegotiation to
+ *                 MBEDTLS_SSL_RENEGOTIATION_DISABLED.
+ *
+ * \note           When the configured transport is
+ *                 MBEDTLS_SSL_TRANSPORT_DATAGRAM the maximum renegotiation
+ *                 period is 2^48 - 1, and for MBEDTLS_SSL_TRANSPORT_STREAM,
+ *                 the maximum renegotiation period is 2^64 - 1.
+ *
+ * \param conf     SSL configuration
+ * \param period   The threshold value: a big-endian 64-bit number.
+ */
+void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf,
+                                   const unsigned char period[8] );
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+/**
+ * \brief          Return the number of data bytes available to read
+ *
+ * \param ssl      SSL context
+ *
+ * \return         how many bytes are available in the read buffer
+ */
+size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl );
+
+/**
+ * \brief          Return the result of the certificate verification
+ *
+ * \param ssl      SSL context
+ *
+ * \return         0 if successful,
+ *                 -1 if result is not available (eg because the handshake was
+ *                 aborted too early), or
+ *                 a combination of BADCERT_xxx and BADCRL_xxx flags, see
+ *                 x509.h
+ */
+uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl );
+
+/**
+ * \brief          Return the name of the current ciphersuite
+ *
+ * \param ssl      SSL context
+ *
+ * \return         a string containing the ciphersuite name
+ */
+const char *mbedtls_ssl_get_ciphersuite( const mbedtls_ssl_context *ssl );
+
+/**
+ * \brief          Return the current SSL version (SSLv3/TLSv1/etc)
+ *
+ * \param ssl      SSL context
+ *
+ * \return         a string containing the SSL version
+ */
+const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl );
+
+/**
+ * \brief          Return the (maximum) number of bytes added by the record
+ *                 layer: header + encryption/MAC overhead (inc. padding)
+ *
+ * \param ssl      SSL context
+ *
+ * \return         Current maximum record expansion in bytes, or
+ *                 MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if compression is
+ *                 enabled, which makes expansion much less predictable
+ */
+int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl );
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+/**
+ * \brief          Return the maximum fragment length (payload, in bytes).
+ *                 This is the value negotiated with peer if any,
+ *                 or the locally configured value.
+ *
+ * \note           With DTLS, \c mbedtls_ssl_write() will return an error if
+ *                 called with a larger length value.
+ *                 With TLS, \c mbedtls_ssl_write() will fragment the input if
+ *                 necessary and return the number of bytes written; it is up
+ *                 to the caller to call \c mbedtls_ssl_write() again in
+ *                 order to send the remaining bytes if any.
+ *
+ * \param ssl      SSL context
+ *
+ * \return         Current maximum fragment length.
+ */
+size_t mbedtls_ssl_get_max_frag_len( const mbedtls_ssl_context *ssl );
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+/**
+ * \brief          Return the peer certificate from the current connection
+ *
+ *                 Note: Can be NULL in case no certificate was sent during
+ *                 the handshake. Different calls for the same connection can
+ *                 return the same or different pointers for the same
+ *                 certificate and even a different certificate altogether.
+ *                 The peer cert CAN change in a single connection if
+ *                 renegotiation is performed.
+ *
+ * \param ssl      SSL context
+ *
+ * \return         the current peer certificate
+ */
+const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ssl );
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_SSL_CLI_C)
+/**
+ * \brief          Save session in order to resume it later (client-side only)
+ *                 Session data is copied to presented session structure.
+ *
+ * \warning        Currently, peer certificate is lost in the operation.
+ *
+ * \param ssl      SSL context
+ * \param session  session context
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed,
+ *                 MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used server-side or
+ *                 arguments are otherwise invalid
+ *
+ * \sa             mbedtls_ssl_set_session()
+ */
+int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, mbedtls_ssl_session *session );
+#endif /* MBEDTLS_SSL_CLI_C */
+
+/**
+ * \brief          Perform the SSL handshake
+ *
+ * \param ssl      SSL context
+ *
+ * \return         0 if successful, or
+ *                 MBEDTLS_ERR_SSL_WANT_READ or MBEDTLS_ERR_SSL_WANT_WRITE, or
+ *                 MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED (see below), or
+ *                 a specific SSL error code.
+ *
+ * \note           If this function returns something other than 0 or
+ *                 MBEDTLS_ERR_SSL_WANT_READ/WRITE, then the ssl context
+ *                 becomes unusable, and you should either free it or call
+ *                 \c mbedtls_ssl_session_reset() on it before re-using it for
+ *                 a new connection; the current connection must be closed.
+ *
+ * \note           If DTLS is in use, then you may choose to handle
+ *                 MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED specially for logging
+ *                 purposes, as it is an expected return value rather than an
+ *                 actual error, but you still need to reset/free the context.
+ */
+int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl );
+
+/**
+ * \brief          Perform a single step of the SSL handshake
+ *
+ * \note           The state of the context (ssl->state) will be at
+ *                 the next state after execution of this function. Do not
+ *                 call this function if state is MBEDTLS_SSL_HANDSHAKE_OVER.
+ *
+ * \note           If this function returns something other than 0 or
+ *                 MBEDTLS_ERR_SSL_WANT_READ/WRITE, then the ssl context
+ *                 becomes unusable, and you should either free it or call
+ *                 \c mbedtls_ssl_session_reset() on it before re-using it for
+ *                 a new connection; the current connection must be closed.
+ *
+ * \param ssl      SSL context
+ *
+ * \return         0 if successful, or
+ *                 MBEDTLS_ERR_SSL_WANT_READ or MBEDTLS_ERR_SSL_WANT_WRITE, or
+ *                 a specific SSL error code.
+ */
+int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl );
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+/**
+ * \brief          Initiate an SSL renegotiation on the running connection.
+ *                 Client: perform the renegotiation right now.
+ *                 Server: request renegotiation, which will be performed
+ *                 during the next call to mbedtls_ssl_read() if honored by
+ *                 client.
+ *
+ * \param ssl      SSL context
+ *
+ * \return         0 if successful, or any mbedtls_ssl_handshake() return
+ *                 value.
+ *
+ * \note           If this function returns something other than 0 or
+ *                 MBEDTLS_ERR_SSL_WANT_READ/WRITE, then the ssl context
+ *                 becomes unusable, and you should either free it or call
+ *                 \c mbedtls_ssl_session_reset() on it before re-using it for
+ *                 a new connection; the current connection must be closed.
+ */
+int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl );
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+/**
+ * \brief          Read at most 'len' application data bytes
+ *
+ * \param ssl      SSL context
+ * \param buf      buffer that will hold the data
+ * \param len      maximum number of bytes to read
+ *
+ * \return         the number of bytes read, or
+ *                 0 for EOF, or
+ *                 MBEDTLS_ERR_SSL_WANT_READ or MBEDTLS_ERR_SSL_WANT_WRITE, or
+ *                 MBEDTLS_ERR_SSL_CLIENT_RECONNECT (see below), or
+ *                 another negative error code.
+ *
+ * \note           If this function returns something other than a positive
+ *                 value or MBEDTLS_ERR_SSL_WANT_READ/WRITE or
+ *                 MBEDTLS_ERR_SSL_CLIENT_RECONNECT, then the ssl context
+ *                 becomes unusable, and you should either free it or call
+ *                 \c mbedtls_ssl_session_reset() on it before re-using it for
+ *                 a new connection; the current connection must be closed.
+ *
+ * \note           When this function return MBEDTLS_ERR_SSL_CLIENT_RECONNECT
+ *                 (which can only happen server-side), it means that a client
+ *                 is initiating a new connection using the same source port.
+ *                 You can either treat that as a connection close and wait
+ *                 for the client to resend a ClientHello, or directly
+ *                 continue with \c mbedtls_ssl_handshake() with the same
+ *                 context (as it has beeen reset internally). Either way, you
+ *                 should make sure this is seen by the application as a new
+ *                 connection: application state, if any, should be reset, and
+ *                 most importantly the identity of the client must be checked
+ *                 again. WARNING: not validating the identity of the client
+ *                 again, or not transmitting the new identity to the
+ *                 application layer, would allow authentication bypass!
+ */
+int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len );
+
+/**
+ * \brief          Try to write exactly 'len' application data bytes
+ *
+ * \warning        This function will do partial writes in some cases. If the
+ *                 return value is non-negative but less than length, the
+ *                 function must be called again with updated arguments:
+ *                 buf + ret, len - ret (if ret is the return value) until
+ *                 it returns a value equal to the last 'len' argument.
+ *
+ * \param ssl      SSL context
+ * \param buf      buffer holding the data
+ * \param len      how many bytes must be written
+ *
+ * \return         the number of bytes actually written (may be less than len),
+ *                 or MBEDTLS_ERR_SSL_WANT_WRITE or MBEDTLS_ERR_SSL_WANT_READ,
+ *                 or another negative error code.
+ *
+ * \note           If this function returns something other than a positive
+ *                 value or MBEDTLS_ERR_SSL_WANT_READ/WRITE, the ssl context
+ *                 becomes unusable, and you should either free it or call
+ *                 \c mbedtls_ssl_session_reset() on it before re-using it for
+ *                 a new connection; the current connection must be closed.
+ *
+ * \note           When this function returns MBEDTLS_ERR_SSL_WANT_WRITE/READ,
+ *                 it must be called later with the *same* arguments,
+ *                 until it returns a positive value.
+ *
+ * \note           If the requested length is greater than the maximum
+ *                 fragment length (either the built-in limit or the one set
+ *                 or negotiated with the peer), then:
+ *                 - with TLS, less bytes than requested are written.
+ *                 - with DTLS, MBEDTLS_ERR_SSL_BAD_INPUT_DATA is returned.
+ *                 \c mbedtls_ssl_get_max_frag_len() may be used to query the
+ *                 active maximum fragment length.
+ */
+int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len );
+
+/**
+ * \brief           Send an alert message
+ *
+ * \param ssl       SSL context
+ * \param level     The alert level of the message
+ *                  (MBEDTLS_SSL_ALERT_LEVEL_WARNING or MBEDTLS_SSL_ALERT_LEVEL_FATAL)
+ * \param message   The alert message (SSL_ALERT_MSG_*)
+ *
+ * \return          0 if successful, or a specific SSL error code.
+ *
+ * \note           If this function returns something other than 0 or
+ *                 MBEDTLS_ERR_SSL_WANT_READ/WRITE, then the ssl context
+ *                 becomes unusable, and you should either free it or call
+ *                 \c mbedtls_ssl_session_reset() on it before re-using it for
+ *                 a new connection; the current connection must be closed.
+ */
+int mbedtls_ssl_send_alert_message( mbedtls_ssl_context *ssl,
+                            unsigned char level,
+                            unsigned char message );
+/**
+ * \brief          Notify the peer that the connection is being closed
+ *
+ * \param ssl      SSL context
+ *
+ * \return          0 if successful, or a specific SSL error code.
+ *
+ * \note           If this function returns something other than 0 or
+ *                 MBEDTLS_ERR_SSL_WANT_READ/WRITE, then the ssl context
+ *                 becomes unusable, and you should either free it or call
+ *                 \c mbedtls_ssl_session_reset() on it before re-using it for
+ *                 a new connection; the current connection must be closed.
+ */
+int mbedtls_ssl_close_notify( mbedtls_ssl_context *ssl );
+
+/**
+ * \brief          Free referenced items in an SSL context and clear memory
+ *
+ * \param ssl      SSL context
+ */
+void mbedtls_ssl_free( mbedtls_ssl_context *ssl );
+
+/**
+ * \brief          Initialize an SSL configuration context
+ *                 Just makes the context ready for
+ *                 mbedtls_ssl_config_defaults() or mbedtls_ssl_config_free().
+ *
+ * \note           You need to call mbedtls_ssl_config_defaults() unless you
+ *                 manually set all of the relevent fields yourself.
+ *
+ * \param conf     SSL configuration context
+ */
+void mbedtls_ssl_config_init( mbedtls_ssl_config *conf );
+
+/**
+ * \brief          Load reasonnable default SSL configuration values.
+ *                 (You need to call mbedtls_ssl_config_init() first.)
+ *
+ * \param conf     SSL configuration context
+ * \param endpoint MBEDTLS_SSL_IS_CLIENT or MBEDTLS_SSL_IS_SERVER
+ * \param transport MBEDTLS_SSL_TRANSPORT_STREAM for TLS, or
+ *                  MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS
+ * \param preset   a MBEDTLS_SSL_PRESET_XXX value
+ *
+ * \note           See \c mbedtls_ssl_conf_transport() for notes on DTLS.
+ *
+ * \return         0 if successful, or
+ *                 MBEDTLS_ERR_XXX_ALLOC_FAILED on memory allocation error.
+ */
+int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
+                                 int endpoint, int transport, int preset );
+
+/**
+ * \brief          Free an SSL configuration context
+ *
+ * \param conf     SSL configuration context
+ */
+void mbedtls_ssl_config_free( mbedtls_ssl_config *conf );
+
+/**
+ * \brief          Initialize SSL session structure
+ *
+ * \param session  SSL session
+ */
+void mbedtls_ssl_session_init( mbedtls_ssl_session *session );
+
+/**
+ * \brief          Free referenced items in an SSL session including the
+ *                 peer certificate and clear memory
+ *
+ * \param session  SSL session
+ */
+void mbedtls_ssl_session_free( mbedtls_ssl_session *session );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* ssl.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/ssl_cache.h b/thirdparty/mbedtls/include/mbedtls/ssl_cache.h
new file mode 100644
index 0000000000..ec081e6d24
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/ssl_cache.h
@@ -0,0 +1,144 @@
+/**
+ * \file ssl_cache.h
+ *
+ * \brief SSL session cache implementation
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_SSL_CACHE_H
+#define MBEDTLS_SSL_CACHE_H
+
+#include "ssl.h"
+
+#if defined(MBEDTLS_THREADING_C)
+#include "threading.h"
+#endif
+
+/**
+ * \name SECTION: Module settings
+ *
+ * The configuration options you can set for this module are in this section.
+ * Either change them in config.h or define them on the compiler command line.
+ * \{
+ */
+
+#if !defined(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT)
+#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT       86400   /*!< 1 day  */
+#endif
+
+#if !defined(MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES)
+#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES      50   /*!< Maximum entries in cache */
+#endif
+
+/* \} name SECTION: Module settings */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct mbedtls_ssl_cache_context mbedtls_ssl_cache_context;
+typedef struct mbedtls_ssl_cache_entry mbedtls_ssl_cache_entry;
+
+/**
+ * \brief   This structure is used for storing cache entries
+ */
+struct mbedtls_ssl_cache_entry
+{
+#if defined(MBEDTLS_HAVE_TIME)
+    mbedtls_time_t timestamp;           /*!< entry timestamp    */
+#endif
+    mbedtls_ssl_session session;        /*!< entry session      */
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    mbedtls_x509_buf peer_cert;         /*!< entry peer_cert    */
+#endif
+    mbedtls_ssl_cache_entry *next;      /*!< chain pointer      */
+};
+
+/**
+ * \brief Cache context
+ */
+struct mbedtls_ssl_cache_context
+{
+    mbedtls_ssl_cache_entry *chain;     /*!< start of the chain     */
+    int timeout;                /*!< cache entry timeout    */
+    int max_entries;            /*!< maximum entries        */
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_threading_mutex_t mutex;    /*!< mutex                  */
+#endif
+};
+
+/**
+ * \brief          Initialize an SSL cache context
+ *
+ * \param cache    SSL cache context
+ */
+void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache );
+
+/**
+ * \brief          Cache get callback implementation
+ *                 (Thread-safe if MBEDTLS_THREADING_C is enabled)
+ *
+ * \param data     SSL cache context
+ * \param session  session to retrieve entry for
+ */
+int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session );
+
+/**
+ * \brief          Cache set callback implementation
+ *                 (Thread-safe if MBEDTLS_THREADING_C is enabled)
+ *
+ * \param data     SSL cache context
+ * \param session  session to store entry for
+ */
+int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session );
+
+#if defined(MBEDTLS_HAVE_TIME)
+/**
+ * \brief          Set the cache timeout
+ *                 (Default: MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT (1 day))
+ *
+ *                 A timeout of 0 indicates no timeout.
+ *
+ * \param cache    SSL cache context
+ * \param timeout  cache entry timeout in seconds
+ */
+void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout );
+#endif /* MBEDTLS_HAVE_TIME */
+
+/**
+ * \brief          Set the maximum number of cache entries
+ *                 (Default: MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES (50))
+ *
+ * \param cache    SSL cache context
+ * \param max      cache entry maximum
+ */
+void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max );
+
+/**
+ * \brief          Free referenced items in a cache context and clear memory
+ *
+ * \param cache    SSL cache context
+ */
+void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* ssl_cache.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/ssl_ciphersuites.h b/thirdparty/mbedtls/include/mbedtls/ssl_ciphersuites.h
new file mode 100644
index 0000000000..545468a510
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/ssl_ciphersuites.h
@@ -0,0 +1,486 @@
+/**
+ * \file ssl_ciphersuites.h
+ *
+ * \brief SSL Ciphersuites for mbed TLS
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_SSL_CIPHERSUITES_H
+#define MBEDTLS_SSL_CIPHERSUITES_H
+
+#include "pk.h"
+#include "cipher.h"
+#include "md.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * Supported ciphersuites (Official IANA names)
+ */
+#define MBEDTLS_TLS_RSA_WITH_NULL_MD5                    0x01   /**< Weak! */
+#define MBEDTLS_TLS_RSA_WITH_NULL_SHA                    0x02   /**< Weak! */
+
+#define MBEDTLS_TLS_RSA_WITH_RC4_128_MD5                 0x04
+#define MBEDTLS_TLS_RSA_WITH_RC4_128_SHA                 0x05
+#define MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA                 0x09   /**< Weak! Not in TLS 1.2 */
+
+#define MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA            0x0A
+
+#define MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA             0x15   /**< Weak! Not in TLS 1.2 */
+#define MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA        0x16
+
+#define MBEDTLS_TLS_PSK_WITH_NULL_SHA                    0x2C   /**< Weak! */
+#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA                0x2D   /**< Weak! */
+#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA                0x2E   /**< Weak! */
+#define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA             0x2F
+
+#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA         0x33
+#define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA             0x35
+#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA         0x39
+
+#define MBEDTLS_TLS_RSA_WITH_NULL_SHA256                 0x3B   /**< Weak! */
+#define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256          0x3C   /**< TLS 1.2 */
+#define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256          0x3D   /**< TLS 1.2 */
+
+#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA        0x41
+#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA    0x45
+
+#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256      0x67   /**< TLS 1.2 */
+#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256      0x6B   /**< TLS 1.2 */
+
+#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA        0x84
+#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA    0x88
+
+#define MBEDTLS_TLS_PSK_WITH_RC4_128_SHA                 0x8A
+#define MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA            0x8B
+#define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA             0x8C
+#define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA             0x8D
+
+#define MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA             0x8E
+#define MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA        0x8F
+#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA         0x90
+#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA         0x91
+
+#define MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA             0x92
+#define MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA        0x93
+#define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA         0x94
+#define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA         0x95
+
+#define MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256          0x9C   /**< TLS 1.2 */
+#define MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384          0x9D   /**< TLS 1.2 */
+#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256      0x9E   /**< TLS 1.2 */
+#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384      0x9F   /**< TLS 1.2 */
+
+#define MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256          0xA8   /**< TLS 1.2 */
+#define MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384          0xA9   /**< TLS 1.2 */
+#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256      0xAA   /**< TLS 1.2 */
+#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384      0xAB   /**< TLS 1.2 */
+#define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256      0xAC   /**< TLS 1.2 */
+#define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384      0xAD   /**< TLS 1.2 */
+
+#define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256          0xAE
+#define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384          0xAF
+#define MBEDTLS_TLS_PSK_WITH_NULL_SHA256                 0xB0   /**< Weak! */
+#define MBEDTLS_TLS_PSK_WITH_NULL_SHA384                 0xB1   /**< Weak! */
+
+#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256      0xB2
+#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384      0xB3
+#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256             0xB4   /**< Weak! */
+#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384             0xB5   /**< Weak! */
+
+#define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256      0xB6
+#define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384      0xB7
+#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256             0xB8   /**< Weak! */
+#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384             0xB9   /**< Weak! */
+
+#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256     0xBA   /**< TLS 1.2 */
+#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE   /**< TLS 1.2 */
+
+#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256     0xC0   /**< TLS 1.2 */
+#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4   /**< TLS 1.2 */
+
+#define MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA             0xC001 /**< Weak! */
+#define MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA          0xC002 /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA     0xC003 /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA      0xC004 /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA      0xC005 /**< Not in SSL3! */
+
+#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA            0xC006 /**< Weak! */
+#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA         0xC007 /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA    0xC008 /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA     0xC009 /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA     0xC00A /**< Not in SSL3! */
+
+#define MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA               0xC00B /**< Weak! */
+#define MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA            0xC00C /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA       0xC00D /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA        0xC00E /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA        0xC00F /**< Not in SSL3! */
+
+#define MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA              0xC010 /**< Weak! */
+#define MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA           0xC011 /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA      0xC012 /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA       0xC013 /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA       0xC014 /**< Not in SSL3! */
+
+#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256  0xC023 /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384  0xC024 /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256   0xC025 /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384   0xC026 /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256    0xC027 /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384    0xC028 /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256     0xC029 /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384     0xC02A /**< TLS 1.2 */
+
+#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256  0xC02B /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384  0xC02C /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256   0xC02D /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384   0xC02E /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256    0xC02F /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384    0xC030 /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256     0xC031 /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384     0xC032 /**< TLS 1.2 */
+
+#define MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA           0xC033 /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA      0xC034 /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA       0xC035 /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA       0xC036 /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256    0xC037 /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384    0xC038 /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA              0xC039 /**< Weak! No SSL3! */
+#define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256           0xC03A /**< Weak! No SSL3! */
+#define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384           0xC03B /**< Weak! No SSL3! */
+
+#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072 /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073 /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256  0xC074 /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384  0xC075 /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256   0xC076 /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384   0xC077 /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256    0xC078 /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384    0xC079 /**< Not in SSL3! */
+
+#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256         0xC07A /**< TLS 1.2 */
+#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384         0xC07B /**< TLS 1.2 */
+#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256     0xC07C /**< TLS 1.2 */
+#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384     0xC07D /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086 /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087 /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256  0xC088 /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384  0xC089 /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256   0xC08A /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384   0xC08B /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256    0xC08C /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384    0xC08D /**< TLS 1.2 */
+
+#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256       0xC08E /**< TLS 1.2 */
+#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384       0xC08F /**< TLS 1.2 */
+#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256   0xC090 /**< TLS 1.2 */
+#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384   0xC091 /**< TLS 1.2 */
+#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256   0xC092 /**< TLS 1.2 */
+#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384   0xC093 /**< TLS 1.2 */
+
+#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256       0xC094
+#define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384       0xC095
+#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256   0xC096
+#define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384   0xC097
+#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256   0xC098
+#define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384   0xC099
+#define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A /**< Not in SSL3! */
+#define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B /**< Not in SSL3! */
+
+#define MBEDTLS_TLS_RSA_WITH_AES_128_CCM                0xC09C  /**< TLS 1.2 */
+#define MBEDTLS_TLS_RSA_WITH_AES_256_CCM                0xC09D  /**< TLS 1.2 */
+#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM            0xC09E  /**< TLS 1.2 */
+#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM            0xC09F  /**< TLS 1.2 */
+#define MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8              0xC0A0  /**< TLS 1.2 */
+#define MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8              0xC0A1  /**< TLS 1.2 */
+#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8          0xC0A2  /**< TLS 1.2 */
+#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8          0xC0A3  /**< TLS 1.2 */
+#define MBEDTLS_TLS_PSK_WITH_AES_128_CCM                0xC0A4  /**< TLS 1.2 */
+#define MBEDTLS_TLS_PSK_WITH_AES_256_CCM                0xC0A5  /**< TLS 1.2 */
+#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM            0xC0A6  /**< TLS 1.2 */
+#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM            0xC0A7  /**< TLS 1.2 */
+#define MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8              0xC0A8  /**< TLS 1.2 */
+#define MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8              0xC0A9  /**< TLS 1.2 */
+#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8          0xC0AA  /**< TLS 1.2 */
+#define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8          0xC0AB  /**< TLS 1.2 */
+/* The last two are named with PSK_DHE in the RFC, which looks like a typo */
+
+#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM        0xC0AC  /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM        0xC0AD  /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8      0xC0AE  /**< TLS 1.2 */
+#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8      0xC0AF  /**< TLS 1.2 */
+
+#define MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8          0xC0FF  /**< experimental */
+
+/* Reminder: update mbedtls_ssl_premaster_secret when adding a new key exchange.
+ * Reminder: update MBEDTLS_KEY_EXCHANGE__xxx below
+ */
+typedef enum {
+    MBEDTLS_KEY_EXCHANGE_NONE = 0,
+    MBEDTLS_KEY_EXCHANGE_RSA,
+    MBEDTLS_KEY_EXCHANGE_DHE_RSA,
+    MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
+    MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
+    MBEDTLS_KEY_EXCHANGE_PSK,
+    MBEDTLS_KEY_EXCHANGE_DHE_PSK,
+    MBEDTLS_KEY_EXCHANGE_RSA_PSK,
+    MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
+    MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
+    MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
+    MBEDTLS_KEY_EXCHANGE_ECJPAKE,
+} mbedtls_key_exchange_type_t;
+
+/* Key exchanges using a certificate */
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)           || \
+    defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)       || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)     || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)   || \
+    defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)       || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)      || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
+#define MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED
+#endif
+
+/* Key exchanges allowing client certificate requests */
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)           ||       \
+    defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)       ||       \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)      ||       \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)     ||       \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)    ||       \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) 
+#define MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED
+#endif
+
+/* Key exchanges involving server signature in ServerKeyExchange */
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)       || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)     || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
+#define MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED
+#endif
+
+/* Key exchanges using ECDH */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)      || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
+#define MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED
+#endif
+
+/* Key exchanges that don't involve ephemeral keys */
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)           || \
+    defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)           || \
+    defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)       || \
+    defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED)
+#define MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED
+#endif
+
+/* Key exchanges that involve ephemeral keys */
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)       || \
+    defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)       || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)     || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)     || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)   || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+#define MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED
+#endif
+
+/* Key exchanges using a PSK */
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)           || \
+    defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)       || \
+    defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)       || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
+#define MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED
+#endif
+
+/* Key exchanges using DHE */
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)       || \
+    defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+#define MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED
+#endif
+
+/* Key exchanges using ECDHE */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)     || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)   || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
+#define MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED
+#endif
+
+typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t;
+
+#define MBEDTLS_CIPHERSUITE_WEAK       0x01    /**< Weak ciphersuite flag  */
+#define MBEDTLS_CIPHERSUITE_SHORT_TAG  0x02    /**< Short authentication tag,
+                                                     eg for CCM_8 */
+#define MBEDTLS_CIPHERSUITE_NODTLS     0x04    /**< Can't be used with DTLS */
+
+/**
+ * \brief   This structure is used for storing ciphersuite information
+ */
+struct mbedtls_ssl_ciphersuite_t
+{
+    int id;
+    const char * name;
+
+    mbedtls_cipher_type_t cipher;
+    mbedtls_md_type_t mac;
+    mbedtls_key_exchange_type_t key_exchange;
+
+    int min_major_ver;
+    int min_minor_ver;
+    int max_major_ver;
+    int max_minor_ver;
+
+    unsigned char flags;
+};
+
+const int *mbedtls_ssl_list_ciphersuites( void );
+
+const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name );
+const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite_id );
+
+#if defined(MBEDTLS_PK_C)
+mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info );
+mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info );
+#endif
+
+int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info );
+int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info );
+
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED)
+static inline int mbedtls_ssl_ciphersuite_has_pfs( const mbedtls_ssl_ciphersuite_t *info )
+{
+    switch( info->key_exchange )
+    {
+        case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
+        case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
+        case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
+        case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
+        case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
+        case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
+            return( 1 );
+
+        default:
+            return( 0 );
+    }
+}
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED)
+static inline int mbedtls_ssl_ciphersuite_no_pfs( const mbedtls_ssl_ciphersuite_t *info )
+{
+    switch( info->key_exchange )
+    {
+        case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
+        case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
+        case MBEDTLS_KEY_EXCHANGE_RSA:
+        case MBEDTLS_KEY_EXCHANGE_PSK:
+        case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
+            return( 1 );
+
+        default:
+            return( 0 );
+    }
+}
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED)
+static inline int mbedtls_ssl_ciphersuite_uses_ecdh( const mbedtls_ssl_ciphersuite_t *info )
+{
+    switch( info->key_exchange )
+    {
+        case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
+        case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
+            return( 1 );
+
+        default:
+            return( 0 );
+    }
+}
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED */
+
+static inline int mbedtls_ssl_ciphersuite_cert_req_allowed( const mbedtls_ssl_ciphersuite_t *info )
+{
+    switch( info->key_exchange )
+    {
+        case MBEDTLS_KEY_EXCHANGE_RSA:
+        case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
+        case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
+        case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
+        case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
+        case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
+            return( 1 );
+
+        default:
+            return( 0 );
+    }
+}
+
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED)
+static inline int mbedtls_ssl_ciphersuite_uses_dhe( const mbedtls_ssl_ciphersuite_t *info )
+{
+    switch( info->key_exchange )
+    {
+        case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
+        case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
+            return( 1 );
+
+        default:
+            return( 0 );
+    }
+}
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED) */
+
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED)
+static inline int mbedtls_ssl_ciphersuite_uses_ecdhe( const mbedtls_ssl_ciphersuite_t *info )
+{
+    switch( info->key_exchange )
+    {
+        case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
+        case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
+        case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
+            return( 1 );
+
+        default:
+            return( 0 );
+    }
+}
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED) */
+
+#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
+static inline int mbedtls_ssl_ciphersuite_uses_server_signature( const mbedtls_ssl_ciphersuite_t *info )
+{
+    switch( info->key_exchange )
+    {
+        case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
+        case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
+        case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
+            return( 1 );
+
+        default:
+            return( 0 );
+    }
+}
+#endif /* MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* ssl_ciphersuites.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/ssl_cookie.h b/thirdparty/mbedtls/include/mbedtls/ssl_cookie.h
new file mode 100644
index 0000000000..80b65bbbb9
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/ssl_cookie.h
@@ -0,0 +1,109 @@
+/**
+ * \file ssl_cookie.h
+ *
+ * \brief DTLS cookie callbacks implementation
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_SSL_COOKIE_H
+#define MBEDTLS_SSL_COOKIE_H
+
+#include "ssl.h"
+
+#if defined(MBEDTLS_THREADING_C)
+#include "threading.h"
+#endif
+
+/**
+ * \name SECTION: Module settings
+ *
+ * The configuration options you can set for this module are in this section.
+ * Either change them in config.h or define them on the compiler command line.
+ * \{
+ */
+#ifndef MBEDTLS_SSL_COOKIE_TIMEOUT
+#define MBEDTLS_SSL_COOKIE_TIMEOUT     60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
+#endif
+
+/* \} name SECTION: Module settings */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          Context for the default cookie functions.
+ */
+typedef struct
+{
+    mbedtls_md_context_t    hmac_ctx;   /*!< context for the HMAC portion   */
+#if !defined(MBEDTLS_HAVE_TIME)
+    unsigned long   serial;     /*!< serial number for expiration   */
+#endif
+    unsigned long   timeout;    /*!< timeout delay, in seconds if HAVE_TIME,
+                                     or in number of tickets issued */
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_threading_mutex_t mutex;
+#endif
+} mbedtls_ssl_cookie_ctx;
+
+/**
+ * \brief          Initialize cookie context
+ */
+void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx );
+
+/**
+ * \brief          Setup cookie context (generate keys)
+ */
+int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx,
+                      int (*f_rng)(void *, unsigned char *, size_t),
+                      void *p_rng );
+
+/**
+ * \brief          Set expiration delay for cookies
+ *                 (Default MBEDTLS_SSL_COOKIE_TIMEOUT)
+ *
+ * \param ctx      Cookie contex
+ * \param delay    Delay, in seconds if HAVE_TIME, or in number of cookies
+ *                 issued in the meantime.
+ *                 0 to disable expiration (NOT recommended)
+ */
+void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay );
+
+/**
+ * \brief          Free cookie context
+ */
+void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx );
+
+/**
+ * \brief          Generate cookie, see \c mbedtls_ssl_cookie_write_t
+ */
+mbedtls_ssl_cookie_write_t mbedtls_ssl_cookie_write;
+
+/**
+ * \brief          Verify cookie, see \c mbedtls_ssl_cookie_write_t
+ */
+mbedtls_ssl_cookie_check_t mbedtls_ssl_cookie_check;
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* ssl_cookie.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/ssl_internal.h b/thirdparty/mbedtls/include/mbedtls/ssl_internal.h
new file mode 100644
index 0000000000..9f583a8777
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/ssl_internal.h
@@ -0,0 +1,656 @@
+/**
+ * \file ssl_internal.h
+ *
+ * \brief Internal functions shared by the SSL modules
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_SSL_INTERNAL_H
+#define MBEDTLS_SSL_INTERNAL_H
+
+#include "ssl.h"
+#include "cipher.h"
+
+#if defined(MBEDTLS_MD5_C)
+#include "md5.h"
+#endif
+
+#if defined(MBEDTLS_SHA1_C)
+#include "sha1.h"
+#endif
+
+#if defined(MBEDTLS_SHA256_C)
+#include "sha256.h"
+#endif
+
+#if defined(MBEDTLS_SHA512_C)
+#include "sha512.h"
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+#include "ecjpake.h"
+#endif
+
+#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
+/* Determine minimum supported version */
+#define MBEDTLS_SSL_MIN_MAJOR_VERSION           MBEDTLS_SSL_MAJOR_VERSION_3
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+#define MBEDTLS_SSL_MIN_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_0
+#else
+#if defined(MBEDTLS_SSL_PROTO_TLS1)
+#define MBEDTLS_SSL_MIN_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_1
+#else
+#if defined(MBEDTLS_SSL_PROTO_TLS1_1)
+#define MBEDTLS_SSL_MIN_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_2
+#else
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#define MBEDTLS_SSL_MIN_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_3
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */
+#endif /* MBEDTLS_SSL_PROTO_TLS1   */
+#endif /* MBEDTLS_SSL_PROTO_SSL3   */
+
+/* Determine maximum supported version */
+#define MBEDTLS_SSL_MAX_MAJOR_VERSION           MBEDTLS_SSL_MAJOR_VERSION_3
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#define MBEDTLS_SSL_MAX_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_3
+#else
+#if defined(MBEDTLS_SSL_PROTO_TLS1_1)
+#define MBEDTLS_SSL_MAX_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_2
+#else
+#if defined(MBEDTLS_SSL_PROTO_TLS1)
+#define MBEDTLS_SSL_MAX_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_1
+#else
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+#define MBEDTLS_SSL_MAX_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_0
+#endif /* MBEDTLS_SSL_PROTO_SSL3   */
+#endif /* MBEDTLS_SSL_PROTO_TLS1   */
+#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+#define MBEDTLS_SSL_INITIAL_HANDSHAKE           0
+#define MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS   1   /* In progress */
+#define MBEDTLS_SSL_RENEGOTIATION_DONE          2   /* Done or aborted */
+#define MBEDTLS_SSL_RENEGOTIATION_PENDING       3   /* Requested (server only) */
+
+/*
+ * DTLS retransmission states, see RFC 6347 4.2.4
+ *
+ * The SENDING state is merged in PREPARING for initial sends,
+ * but is distinct for resends.
+ *
+ * Note: initial state is wrong for server, but is not used anyway.
+ */
+#define MBEDTLS_SSL_RETRANS_PREPARING       0
+#define MBEDTLS_SSL_RETRANS_SENDING         1
+#define MBEDTLS_SSL_RETRANS_WAITING         2
+#define MBEDTLS_SSL_RETRANS_FINISHED        3
+
+/*
+ * Allow extra bytes for record, authentication and encryption overhead:
+ * counter (8) + header (5) + IV(16) + MAC (16-48) + padding (0-256)
+ * and allow for a maximum of 1024 of compression expansion if
+ * enabled.
+ */
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+#define MBEDTLS_SSL_COMPRESSION_ADD          1024
+#else
+#define MBEDTLS_SSL_COMPRESSION_ADD             0
+#endif
+
+#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_MODE_CBC)
+/* Ciphersuites using HMAC */
+#if defined(MBEDTLS_SHA512_C)
+#define MBEDTLS_SSL_MAC_ADD                 48  /* SHA-384 used for HMAC */
+#elif defined(MBEDTLS_SHA256_C)
+#define MBEDTLS_SSL_MAC_ADD                 32  /* SHA-256 used for HMAC */
+#else
+#define MBEDTLS_SSL_MAC_ADD                 20  /* SHA-1   used for HMAC */
+#endif
+#else
+/* AEAD ciphersuites: GCM and CCM use a 128 bits tag */
+#define MBEDTLS_SSL_MAC_ADD                 16
+#endif
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#define MBEDTLS_SSL_PADDING_ADD            256
+#else
+#define MBEDTLS_SSL_PADDING_ADD              0
+#endif
+
+#define MBEDTLS_SSL_PAYLOAD_LEN ( MBEDTLS_SSL_MAX_CONTENT_LEN    \
+                        + MBEDTLS_SSL_COMPRESSION_ADD            \
+                        + MBEDTLS_MAX_IV_LENGTH                  \
+                        + MBEDTLS_SSL_MAC_ADD                    \
+                        + MBEDTLS_SSL_PADDING_ADD                \
+                        )
+
+/*
+ * Check that we obey the standard's message size bounds
+ */
+
+#if MBEDTLS_SSL_MAX_CONTENT_LEN > 16384
+#error Bad configuration - record content too large.
+#endif
+
+#if MBEDTLS_SSL_PAYLOAD_LEN > 16384 + 2048
+#error Bad configuration - protected record payload too large.
+#endif
+
+/* Note: Even though the TLS record header is only 5 bytes
+   long, we're internally using 8 bytes to store the
+   implicit sequence number. */
+#define MBEDTLS_SSL_HEADER_LEN 13
+
+#define MBEDTLS_SSL_BUFFER_LEN  \
+    ( ( MBEDTLS_SSL_HEADER_LEN ) + ( MBEDTLS_SSL_PAYLOAD_LEN ) )
+
+/*
+ * TLS extension flags (for extensions with outgoing ServerHello content
+ * that need it (e.g. for RENEGOTIATION_INFO the server already knows because
+ * of state of the renegotiation flag, so no indicator is required)
+ */
+#define MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT (1 << 0)
+#define MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK                 (1 << 1)
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
+/*
+ * Abstraction for a grid of allowed signature-hash-algorithm pairs.
+ */
+struct mbedtls_ssl_sig_hash_set_t
+{
+    /* At the moment, we only need to remember a single suitable
+     * hash algorithm per signature algorithm. As long as that's
+     * the case - and we don't need a general lookup function -
+     * we can implement the sig-hash-set as a map from signatures
+     * to hash algorithms. */
+    mbedtls_md_type_t rsa;
+    mbedtls_md_type_t ecdsa;
+};
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
+          MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */
+
+/*
+ * This structure contains the parameters only needed during handshake.
+ */
+struct mbedtls_ssl_handshake_params
+{
+    /*
+     * Handshake specific crypto variables
+     */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
+    mbedtls_ssl_sig_hash_set_t hash_algs;             /*!<  Set of suitable sig-hash pairs */
+#endif
+#if defined(MBEDTLS_DHM_C)
+    mbedtls_dhm_context dhm_ctx;                /*!<  DHM key exchange        */
+#endif
+#if defined(MBEDTLS_ECDH_C)
+    mbedtls_ecdh_context ecdh_ctx;              /*!<  ECDH key exchange       */
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    mbedtls_ecjpake_context ecjpake_ctx;        /*!< EC J-PAKE key exchange */
+#if defined(MBEDTLS_SSL_CLI_C)
+    unsigned char *ecjpake_cache;               /*!< Cache for ClientHello ext */
+    size_t ecjpake_cache_len;                   /*!< Length of cached data */
+#endif
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    const mbedtls_ecp_curve_info **curves;      /*!<  Supported elliptic curves */
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+    unsigned char *psk;                 /*!<  PSK from the callback         */
+    size_t psk_len;                     /*!<  Length of PSK from callback   */
+#endif
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    mbedtls_ssl_key_cert *key_cert;     /*!< chosen key/cert pair (server)  */
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    int sni_authmode;                   /*!< authmode from SNI callback     */
+    mbedtls_ssl_key_cert *sni_key_cert; /*!< key/cert list from SNI         */
+    mbedtls_x509_crt *sni_ca_chain;     /*!< trusted CAs from SNI callback  */
+    mbedtls_x509_crl *sni_ca_crl;       /*!< trusted CAs CRLs from SNI      */
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    unsigned int out_msg_seq;           /*!<  Outgoing handshake sequence number */
+    unsigned int in_msg_seq;            /*!<  Incoming handshake sequence number */
+
+    unsigned char *verify_cookie;       /*!<  Cli: HelloVerifyRequest cookie
+                                              Srv: unused                    */
+    unsigned char verify_cookie_len;    /*!<  Cli: cookie length
+                                              Srv: flag for sending a cookie */
+
+    unsigned char *hs_msg;              /*!<  Reassembled handshake message  */
+
+    uint32_t retransmit_timeout;        /*!<  Current value of timeout       */
+    unsigned char retransmit_state;     /*!<  Retransmission state           */
+    mbedtls_ssl_flight_item *flight;            /*!<  Current outgoing flight        */
+    mbedtls_ssl_flight_item *cur_msg;           /*!<  Current message in flight      */
+    unsigned int in_flight_start_seq;   /*!<  Minimum message sequence in the
+                                              flight being received          */
+    mbedtls_ssl_transform *alt_transform_out;   /*!<  Alternative transform for
+                                              resending messages             */
+    unsigned char alt_out_ctr[8];       /*!<  Alternative record epoch/counter
+                                              for resending messages         */
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    /*
+     * Checksum contexts
+     */
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+       mbedtls_md5_context fin_md5;
+      mbedtls_sha1_context fin_sha1;
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA256_C)
+    mbedtls_sha256_context fin_sha256;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+    mbedtls_sha512_context fin_sha512;
+#endif
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+    void (*update_checksum)(mbedtls_ssl_context *, const unsigned char *, size_t);
+    void (*calc_verify)(mbedtls_ssl_context *, unsigned char *);
+    void (*calc_finished)(mbedtls_ssl_context *, unsigned char *, int);
+    int  (*tls_prf)(const unsigned char *, size_t, const char *,
+                    const unsigned char *, size_t,
+                    unsigned char *, size_t);
+
+    size_t pmslen;                      /*!<  premaster length        */
+
+    unsigned char randbytes[64];        /*!<  random bytes            */
+    unsigned char premaster[MBEDTLS_PREMASTER_SIZE];
+                                        /*!<  premaster secret        */
+
+    int resume;                         /*!<  session resume indicator*/
+    int max_major_ver;                  /*!< max. major version client*/
+    int max_minor_ver;                  /*!< max. minor version client*/
+    int cli_exts;                       /*!< client extension presence*/
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    int new_session_ticket;             /*!< use NewSessionTicket?    */
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+    int extended_ms;                    /*!< use Extended Master Secret? */
+#endif
+};
+
+/*
+ * This structure contains a full set of runtime transform parameters
+ * either in negotiation or active.
+ */
+struct mbedtls_ssl_transform
+{
+    /*
+     * Session specific crypto layer
+     */
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
+                                        /*!<  Chosen cipersuite_info  */
+    unsigned int keylen;                /*!<  symmetric key length (bytes)  */
+    size_t minlen;                      /*!<  min. ciphertext length  */
+    size_t ivlen;                       /*!<  IV length               */
+    size_t fixed_ivlen;                 /*!<  Fixed part of IV (AEAD) */
+    size_t maclen;                      /*!<  MAC length              */
+
+    unsigned char iv_enc[16];           /*!<  IV (encryption)         */
+    unsigned char iv_dec[16];           /*!<  IV (decryption)         */
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+    /* Needed only for SSL v3.0 secret */
+    unsigned char mac_enc[20];          /*!<  SSL v3.0 secret (enc)   */
+    unsigned char mac_dec[20];          /*!<  SSL v3.0 secret (dec)   */
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+
+    mbedtls_md_context_t md_ctx_enc;            /*!<  MAC (encryption)        */
+    mbedtls_md_context_t md_ctx_dec;            /*!<  MAC (decryption)        */
+
+    mbedtls_cipher_context_t cipher_ctx_enc;    /*!<  encryption context      */
+    mbedtls_cipher_context_t cipher_ctx_dec;    /*!<  decryption context      */
+
+    /*
+     * Session specific compression layer
+     */
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    z_stream ctx_deflate;               /*!<  compression context     */
+    z_stream ctx_inflate;               /*!<  decompression context   */
+#endif
+};
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+/*
+ * List of certificate + private key pairs
+ */
+struct mbedtls_ssl_key_cert
+{
+    mbedtls_x509_crt *cert;                 /*!< cert                       */
+    mbedtls_pk_context *key;                /*!< private key                */
+    mbedtls_ssl_key_cert *next;             /*!< next key/cert pair         */
+};
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+/*
+ * List of handshake messages kept around for resending
+ */
+struct mbedtls_ssl_flight_item
+{
+    unsigned char *p;       /*!< message, including handshake headers   */
+    size_t len;             /*!< length of p                            */
+    unsigned char type;     /*!< type of the message: handshake or CCS  */
+    mbedtls_ssl_flight_item *next;  /*!< next handshake message(s)              */
+};
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
+
+/* Find an entry in a signature-hash set matching a given hash algorithm. */
+mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find( mbedtls_ssl_sig_hash_set_t *set,
+                                                 mbedtls_pk_type_t sig_alg );
+/* Add a signature-hash-pair to a signature-hash set */
+void mbedtls_ssl_sig_hash_set_add( mbedtls_ssl_sig_hash_set_t *set,
+                                   mbedtls_pk_type_t sig_alg,
+                                   mbedtls_md_type_t md_alg );
+/* Allow exactly one hash algorithm for each signature. */
+void mbedtls_ssl_sig_hash_set_const_hash( mbedtls_ssl_sig_hash_set_t *set,
+                                          mbedtls_md_type_t md_alg );
+
+/* Setup an empty signature-hash set */
+static inline void mbedtls_ssl_sig_hash_set_init( mbedtls_ssl_sig_hash_set_t *set )
+{
+    mbedtls_ssl_sig_hash_set_const_hash( set, MBEDTLS_MD_NONE );
+}
+
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2) &&
+          MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */
+
+/**
+ * \brief           Free referenced items in an SSL transform context and clear
+ *                  memory
+ *
+ * \param transform SSL transform context
+ */
+void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform );
+
+/**
+ * \brief           Free referenced items in an SSL handshake context and clear
+ *                  memory
+ *
+ * \param handshake SSL handshake context
+ */
+void mbedtls_ssl_handshake_free( mbedtls_ssl_handshake_params *handshake );
+
+int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl );
+void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl );
+
+int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl );
+
+void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl );
+
+int mbedtls_ssl_read_record_layer( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl );
+void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl );
+
+/**
+ * \brief       Update record layer
+ *
+ *              This function roughly separates the implementation
+ *              of the logic of (D)TLS from the implementation
+ *              of the secure transport.
+ *
+ * \param  ssl  SSL context to use
+ *
+ * \return      0 or non-zero error code.
+ *
+ * \note        A clarification on what is called 'record layer' here
+ *              is in order, as many sensible definitions are possible:
+ *
+ *              The record layer takes as input an untrusted underlying
+ *              transport (stream or datagram) and transforms it into
+ *              a serially multiplexed, secure transport, which
+ *              conceptually provides the following:
+ *
+ *              (1) Three datagram based, content-agnostic transports
+ *                  for handshake, alert and CCS messages.
+ *              (2) One stream- or datagram-based transport
+ *                  for application data.
+ *              (3) Functionality for changing the underlying transform
+ *                  securing the contents.
+ *
+ *              The interface to this functionality is given as follows:
+ *
+ *              a Updating
+ *                [Currently implemented by mbedtls_ssl_read_record]
+ *
+ *                Check if and on which of the four 'ports' data is pending:
+ *                Nothing, a controlling datagram of type (1), or application
+ *                data (2). In any case data is present, internal buffers
+ *                provide access to the data for the user to process it.
+ *                Consumption of type (1) datagrams is done automatically
+ *                on the next update, invalidating that the internal buffers
+ *                for previous datagrams, while consumption of application
+ *                data (2) is user-controlled.
+ *
+ *              b Reading of application data
+ *                [Currently manual adaption of ssl->in_offt pointer]
+ *
+ *                As mentioned in the last paragraph, consumption of data
+ *                is different from the automatic consumption of control
+ *                datagrams (1) because application data is treated as a stream.
+ *
+ *              c Tracking availability of application data
+ *                [Currently manually through decreasing ssl->in_msglen]
+ *
+ *                For efficiency and to retain datagram semantics for
+ *                application data in case of DTLS, the record layer
+ *                provides functionality for checking how much application
+ *                data is still available in the internal buffer.
+ *
+ *              d Changing the transformation securing the communication.
+ *
+ *              Given an opaque implementation of the record layer in the
+ *              above sense, it should be possible to implement the logic
+ *              of (D)TLS on top of it without the need to know anything
+ *              about the record layer's internals. This is done e.g.
+ *              in all the handshake handling functions, and in the
+ *              application data reading function mbedtls_ssl_read.
+ *
+ * \note        The above tries to give a conceptual picture of the
+ *              record layer, but the current implementation deviates
+ *              from it in some places. For example, our implementation of
+ *              the update functionality through mbedtls_ssl_read_record
+ *              discards datagrams depending on the current state, which
+ *              wouldn't fall under the record layer's responsibility
+ *              following the above definition.
+ *
+ */
+int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want );
+
+int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl );
+
+int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl );
+
+int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl );
+
+int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl );
+
+void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl,
+                            const mbedtls_ssl_ciphersuite_t *ciphersuite_info );
+
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex );
+#endif
+
+#if defined(MBEDTLS_PK_C)
+unsigned char mbedtls_ssl_sig_from_pk( mbedtls_pk_context *pk );
+unsigned char mbedtls_ssl_sig_from_pk_alg( mbedtls_pk_type_t type );
+mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig );
+#endif
+
+mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash );
+unsigned char mbedtls_ssl_hash_from_md_alg( int md );
+int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md );
+
+#if defined(MBEDTLS_ECP_C)
+int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id );
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
+int mbedtls_ssl_check_sig_hash( const mbedtls_ssl_context *ssl,
+                                mbedtls_md_type_t md );
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+static inline mbedtls_pk_context *mbedtls_ssl_own_key( mbedtls_ssl_context *ssl )
+{
+    mbedtls_ssl_key_cert *key_cert;
+
+    if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL )
+        key_cert = ssl->handshake->key_cert;
+    else
+        key_cert = ssl->conf->key_cert;
+
+    return( key_cert == NULL ? NULL : key_cert->key );
+}
+
+static inline mbedtls_x509_crt *mbedtls_ssl_own_cert( mbedtls_ssl_context *ssl )
+{
+    mbedtls_ssl_key_cert *key_cert;
+
+    if( ssl->handshake != NULL && ssl->handshake->key_cert != NULL )
+        key_cert = ssl->handshake->key_cert;
+    else
+        key_cert = ssl->conf->key_cert;
+
+    return( key_cert == NULL ? NULL : key_cert->cert );
+}
+
+/*
+ * Check usage of a certificate wrt extensions:
+ * keyUsage, extendedKeyUsage (later), and nSCertType (later).
+ *
+ * Warning: cert_endpoint is the endpoint of the cert (ie, of our peer when we
+ * check a cert we received from them)!
+ *
+ * Return 0 if everything is OK, -1 if not.
+ */
+int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
+                          const mbedtls_ssl_ciphersuite_t *ciphersuite,
+                          int cert_endpoint,
+                          uint32_t *flags );
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+void mbedtls_ssl_write_version( int major, int minor, int transport,
+                        unsigned char ver[2] );
+void mbedtls_ssl_read_version( int *major, int *minor, int transport,
+                       const unsigned char ver[2] );
+
+static inline size_t mbedtls_ssl_hdr_len( const mbedtls_ssl_context *ssl )
+{
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+        return( 13 );
+#else
+    ((void) ssl);
+#endif
+    return( 5 );
+}
+
+static inline size_t mbedtls_ssl_hs_hdr_len( const mbedtls_ssl_context *ssl )
+{
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+        return( 12 );
+#else
+    ((void) ssl);
+#endif
+    return( 4 );
+}
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl );
+void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl );
+int mbedtls_ssl_resend( mbedtls_ssl_context *ssl );
+#endif
+
+/* Visible for testing purposes only */
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+int mbedtls_ssl_dtls_replay_check( mbedtls_ssl_context *ssl );
+void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl );
+#endif
+
+/* constant-time buffer comparison */
+static inline int mbedtls_ssl_safer_memcmp( const void *a, const void *b, size_t n )
+{
+    size_t i;
+    volatile const unsigned char *A = (volatile const unsigned char *) a;
+    volatile const unsigned char *B = (volatile const unsigned char *) b;
+    volatile unsigned char diff = 0;
+
+    for( i = 0; i < n; i++ )
+        diff |= A[i] ^ B[i];
+
+    return( diff );
+}
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl,
+                                        unsigned char *output,
+                                        unsigned char *data, size_t data_len );
+#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \
+          MBEDTLS_SSL_PROTO_TLS1_1 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2)
+int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
+                                        unsigned char *output,
+                                        unsigned char *data, size_t data_len,
+                                        mbedtls_md_type_t md_alg );
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
+          MBEDTLS_SSL_PROTO_TLS1_2 */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* ssl_internal.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/ssl_ticket.h b/thirdparty/mbedtls/include/mbedtls/ssl_ticket.h
new file mode 100644
index 0000000000..93ad46ac9c
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/ssl_ticket.h
@@ -0,0 +1,136 @@
+/**
+ * \file ssl_ticket.h
+ *
+ * \brief TLS server ticket callbacks implementation
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_SSL_TICKET_H
+#define MBEDTLS_SSL_TICKET_H
+
+/*
+ * This implementation of the session ticket callbacks includes key
+ * management, rotating the keys periodically in order to preserve forward
+ * secrecy, when MBEDTLS_HAVE_TIME is defined.
+ */
+
+#include "ssl.h"
+#include "cipher.h"
+
+#if defined(MBEDTLS_THREADING_C)
+#include "threading.h"
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief   Information for session ticket protection
+ */
+typedef struct
+{
+    unsigned char name[4];          /*!< random key identifier              */
+    uint32_t generation_time;       /*!< key generation timestamp (seconds) */
+    mbedtls_cipher_context_t ctx;   /*!< context for auth enc/decryption    */
+}
+mbedtls_ssl_ticket_key;
+
+/**
+ * \brief   Context for session ticket handling functions
+ */
+typedef struct
+{
+    mbedtls_ssl_ticket_key keys[2]; /*!< ticket protection keys             */
+    unsigned char active;           /*!< index of the currently active key  */
+
+    uint32_t ticket_lifetime;       /*!< lifetime of tickets in seconds     */
+
+    /** Callback for getting (pseudo-)random numbers                        */
+    int  (*f_rng)(void *, unsigned char *, size_t);
+    void *p_rng;                    /*!< context for the RNG function       */
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_threading_mutex_t mutex;
+#endif
+}
+mbedtls_ssl_ticket_context;
+
+/**
+ * \brief           Initialize a ticket context.
+ *                  (Just make it ready for mbedtls_ssl_ticket_setup()
+ *                  or mbedtls_ssl_ticket_free().)
+ *
+ * \param ctx       Context to be initialized
+ */
+void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx );
+
+/**
+ * \brief           Prepare context to be actually used
+ *
+ * \param ctx       Context to be set up
+ * \param f_rng     RNG callback function
+ * \param p_rng     RNG callback context
+ * \param cipher    AEAD cipher to use for ticket protection.
+ *                  Recommended value: MBEDTLS_CIPHER_AES_256_GCM.
+ * \param lifetime  Tickets lifetime in seconds
+ *                  Recommended value: 86400 (one day).
+ *
+ * \note            It is highly recommended to select a cipher that is at
+ *                  least as strong as the the strongest ciphersuite
+ *                  supported. Usually that means a 256-bit key.
+ *
+ * \note            The lifetime of the keys is twice the lifetime of tickets.
+ *                  It is recommended to pick a reasonnable lifetime so as not
+ *                  to negate the benefits of forward secrecy.
+ *
+ * \return          0 if successful,
+ *                  or a specific MBEDTLS_ERR_XXX error code
+ */
+int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
+    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+    mbedtls_cipher_type_t cipher,
+    uint32_t lifetime );
+
+/**
+ * \brief           Implementation of the ticket write callback
+ *
+ * \note            See \c mbedlts_ssl_ticket_write_t for description
+ */
+mbedtls_ssl_ticket_write_t mbedtls_ssl_ticket_write;
+
+/**
+ * \brief           Implementation of the ticket parse callback
+ *
+ * \note            See \c mbedlts_ssl_ticket_parse_t for description
+ */
+mbedtls_ssl_ticket_parse_t mbedtls_ssl_ticket_parse;
+
+/**
+ * \brief           Free a context's content and zeroize it.
+ *
+ * \param ctx       Context to be cleaned up
+ */
+void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* ssl_ticket.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/threading.h b/thirdparty/mbedtls/include/mbedtls/threading.h
new file mode 100644
index 0000000000..58e6db2f3a
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/threading.h
@@ -0,0 +1,107 @@
+/**
+ * \file threading.h
+ *
+ * \brief Threading abstraction layer
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_THREADING_H
+#define MBEDTLS_THREADING_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stdlib.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE         -0x001A  /**< The selected feature is not available. */
+#define MBEDTLS_ERR_THREADING_BAD_INPUT_DATA              -0x001C  /**< Bad input parameters to function. */
+#define MBEDTLS_ERR_THREADING_MUTEX_ERROR                 -0x001E  /**< Locking / unlocking / free failed with error code. */
+
+#if defined(MBEDTLS_THREADING_PTHREAD)
+#include <pthread.h>
+typedef struct
+{
+    pthread_mutex_t mutex;
+    char is_valid;
+} mbedtls_threading_mutex_t;
+#endif
+
+#if defined(MBEDTLS_THREADING_ALT)
+/* You should define the mbedtls_threading_mutex_t type in your header */
+#include "threading_alt.h"
+
+/**
+ * \brief           Set your alternate threading implementation function
+ *                  pointers and initialize global mutexes. If used, this
+ *                  function must be called once in the main thread before any
+ *                  other mbed TLS function is called, and
+ *                  mbedtls_threading_free_alt() must be called once in the main
+ *                  thread after all other mbed TLS functions.
+ *
+ * \note            mutex_init() and mutex_free() don't return a status code.
+ *                  If mutex_init() fails, it should leave its argument (the
+ *                  mutex) in a state such that mutex_lock() will fail when
+ *                  called with this argument.
+ *
+ * \param mutex_init    the init function implementation
+ * \param mutex_free    the free function implementation
+ * \param mutex_lock    the lock function implementation
+ * \param mutex_unlock  the unlock function implementation
+ */
+void mbedtls_threading_set_alt( void (*mutex_init)( mbedtls_threading_mutex_t * ),
+                       void (*mutex_free)( mbedtls_threading_mutex_t * ),
+                       int (*mutex_lock)( mbedtls_threading_mutex_t * ),
+                       int (*mutex_unlock)( mbedtls_threading_mutex_t * ) );
+
+/**
+ * \brief               Free global mutexes.
+ */
+void mbedtls_threading_free_alt( void );
+#endif /* MBEDTLS_THREADING_ALT */
+
+#if defined(MBEDTLS_THREADING_C)
+/*
+ * The function pointers for mutex_init, mutex_free, mutex_ and mutex_unlock
+ *
+ * All these functions are expected to work or the result will be undefined.
+ */
+extern void (*mbedtls_mutex_init)( mbedtls_threading_mutex_t *mutex );
+extern void (*mbedtls_mutex_free)( mbedtls_threading_mutex_t *mutex );
+extern int (*mbedtls_mutex_lock)( mbedtls_threading_mutex_t *mutex );
+extern int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t *mutex );
+
+/*
+ * Global mutexes
+ */
+extern mbedtls_threading_mutex_t mbedtls_threading_readdir_mutex;
+extern mbedtls_threading_mutex_t mbedtls_threading_gmtime_mutex;
+#endif /* MBEDTLS_THREADING_C */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* threading.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/timing.h b/thirdparty/mbedtls/include/mbedtls/timing.h
new file mode 100644
index 0000000000..2c497bf4eb
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/timing.h
@@ -0,0 +1,161 @@
+/**
+ * \file timing.h
+ *
+ * \brief Portable interface to timeouts and to the CPU cycle counter
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_TIMING_H
+#define MBEDTLS_TIMING_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if !defined(MBEDTLS_TIMING_ALT)
+// Regular implementation
+//
+
+#include <stdint.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          timer structure
+ */
+struct mbedtls_timing_hr_time
+{
+    unsigned char opaque[32];
+};
+
+/**
+ * \brief          Context for mbedtls_timing_set/get_delay()
+ */
+typedef struct
+{
+    struct mbedtls_timing_hr_time   timer;
+    uint32_t                        int_ms;
+    uint32_t                        fin_ms;
+} mbedtls_timing_delay_context;
+
+extern volatile int mbedtls_timing_alarmed;
+
+/**
+ * \brief          Return the CPU cycle counter value
+ *
+ * \warning        This is only a best effort! Do not rely on this!
+ *                 In particular, it is known to be unreliable on virtual
+ *                 machines.
+ *
+ * \note           This value starts at an unspecified origin and
+ *                 may wrap around.
+ */
+unsigned long mbedtls_timing_hardclock( void );
+
+/**
+ * \brief          Return the elapsed time in milliseconds
+ *
+ * \param val      points to a timer structure
+ * \param reset    If 0, query the elapsed time. Otherwise (re)start the timer.
+ *
+ * \return         Elapsed time since the previous reset in ms. When
+ *                 restarting, this is always 0.
+ *
+ * \note           To initialize a timer, call this function with reset=1.
+ *
+ *                 Determining the elapsed time and resetting the timer is not
+ *                 atomic on all platforms, so after the sequence
+ *                 `{ get_timer(1); ...; time1 = get_timer(1); ...; time2 =
+ *                 get_timer(0) }` the value time1+time2 is only approximately
+ *                 the delay since the first reset.
+ */
+unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset );
+
+/**
+ * \brief          Setup an alarm clock
+ *
+ * \param seconds  delay before the "mbedtls_timing_alarmed" flag is set
+ *                 (must be >=0)
+ *
+ * \warning        Only one alarm at a time  is supported. In a threaded
+ *                 context, this means one for the whole process, not one per
+ *                 thread.
+ */
+void mbedtls_set_alarm( int seconds );
+
+/**
+ * \brief          Set a pair of delays to watch
+ *                 (See \c mbedtls_timing_get_delay().)
+ *
+ * \param data     Pointer to timing data.
+ *                 Must point to a valid \c mbedtls_timing_delay_context struct.
+ * \param int_ms   First (intermediate) delay in milliseconds.
+ *                 The effect if int_ms > fin_ms is unspecified.
+ * \param fin_ms   Second (final) delay in milliseconds.
+ *                 Pass 0 to cancel the current delay.
+ *
+ * \note           To set a single delay, either use \c mbedtls_timing_set_timer
+ *                 directly or use this function with int_ms == fin_ms.
+ */
+void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms );
+
+/**
+ * \brief          Get the status of delays
+ *                 (Memory helper: number of delays passed.)
+ *
+ * \param data     Pointer to timing data
+ *                 Must point to a valid \c mbedtls_timing_delay_context struct.
+ *
+ * \return         -1 if cancelled (fin_ms = 0),
+ *                  0 if none of the delays are passed,
+ *                  1 if only the intermediate delay is passed,
+ *                  2 if the final delay is passed.
+ */
+int mbedtls_timing_get_delay( void *data );
+
+#ifdef __cplusplus
+}
+#endif
+
+#else  /* MBEDTLS_TIMING_ALT */
+#include "timing_alt.h"
+#endif /* MBEDTLS_TIMING_ALT */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if defined(MBEDTLS_SELF_TEST)
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if a test failed
+ */
+int mbedtls_timing_self_test( int verbose );
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* timing.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/version.h b/thirdparty/mbedtls/include/mbedtls/version.h
new file mode 100644
index 0000000000..961be59c35
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/version.h
@@ -0,0 +1,112 @@
+/**
+ * \file version.h
+ *
+ * \brief Run-time version information
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ * This set of compile-time defines and run-time variables can be used to
+ * determine the version number of the mbed TLS library used.
+ */
+#ifndef MBEDTLS_VERSION_H
+#define MBEDTLS_VERSION_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+/**
+ * The version number x.y.z is split into three parts.
+ * Major, Minor, Patchlevel
+ */
+#define MBEDTLS_VERSION_MAJOR  2
+#define MBEDTLS_VERSION_MINOR  7
+#define MBEDTLS_VERSION_PATCH  0
+
+/**
+ * The single version number has the following structure:
+ *    MMNNPP00
+ *    Major version | Minor version | Patch version
+ */
+#define MBEDTLS_VERSION_NUMBER         0x02070000
+#define MBEDTLS_VERSION_STRING         "2.7.0"
+#define MBEDTLS_VERSION_STRING_FULL    "mbed TLS 2.7.0"
+
+#if defined(MBEDTLS_VERSION_C)
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * Get the version number.
+ *
+ * \return          The constructed version number in the format
+ *                  MMNNPP00 (Major, Minor, Patch).
+ */
+unsigned int mbedtls_version_get_number( void );
+
+/**
+ * Get the version string ("x.y.z").
+ *
+ * \param string    The string that will receive the value.
+ *                  (Should be at least 9 bytes in size)
+ */
+void mbedtls_version_get_string( char *string );
+
+/**
+ * Get the full version string ("mbed TLS x.y.z").
+ *
+ * \param string    The string that will receive the value. The mbed TLS version
+ *                  string will use 18 bytes AT MOST including a terminating
+ *                  null byte.
+ *                  (So the buffer should be at least 18 bytes to receive this
+ *                  version string).
+ */
+void mbedtls_version_get_string_full( char *string );
+
+/**
+ * \brief           Check if support for a feature was compiled into this
+ *                  mbed TLS binary. This allows you to see at runtime if the
+ *                  library was for instance compiled with or without
+ *                  Multi-threading support.
+ *
+ * \note            only checks against defines in the sections "System
+ *                  support", "mbed TLS modules" and "mbed TLS feature
+ *                  support" in config.h
+ *
+ * \param feature   The string for the define to check (e.g. "MBEDTLS_AES_C")
+ *
+ * \return          0 if the feature is present,
+ *                  -1 if the feature is not present and
+ *                  -2 if support for feature checking as a whole was not
+ *                  compiled in.
+ */
+int mbedtls_version_check_feature( const char *feature );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_VERSION_C */
+
+#endif /* version.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/x509.h b/thirdparty/mbedtls/include/mbedtls/x509.h
new file mode 100644
index 0000000000..d6db9c6e37
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/x509.h
@@ -0,0 +1,333 @@
+/**
+ * \file x509.h
+ *
+ * \brief X.509 generic defines and structures
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_X509_H
+#define MBEDTLS_X509_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "asn1.h"
+#include "pk.h"
+
+#if defined(MBEDTLS_RSA_C)
+#include "rsa.h"
+#endif
+
+/**
+ * \addtogroup x509_module
+ * \{
+ */
+
+#if !defined(MBEDTLS_X509_MAX_INTERMEDIATE_CA)
+/**
+ * Maximum number of intermediate CAs in a verification chain.
+ * That is, maximum length of the chain, excluding the end-entity certificate
+ * and the trusted root certificate.
+ *
+ * Set this to a low value to prevent an adversary from making you waste
+ * resources verifying an overlong certificate chain.
+ */
+#define MBEDTLS_X509_MAX_INTERMEDIATE_CA   8
+#endif
+
+/**
+ * \name X509 Error codes
+ * \{
+ */
+#define MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE              -0x2080  /**< Unavailable feature, e.g. RSA hashing/encryption combination. */
+#define MBEDTLS_ERR_X509_UNKNOWN_OID                      -0x2100  /**< Requested OID is unknown. */
+#define MBEDTLS_ERR_X509_INVALID_FORMAT                   -0x2180  /**< The CRT/CRL/CSR format is invalid, e.g. different type expected. */
+#define MBEDTLS_ERR_X509_INVALID_VERSION                  -0x2200  /**< The CRT/CRL/CSR version element is invalid. */
+#define MBEDTLS_ERR_X509_INVALID_SERIAL                   -0x2280  /**< The serial tag or value is invalid. */
+#define MBEDTLS_ERR_X509_INVALID_ALG                      -0x2300  /**< The algorithm tag or value is invalid. */
+#define MBEDTLS_ERR_X509_INVALID_NAME                     -0x2380  /**< The name tag or value is invalid. */
+#define MBEDTLS_ERR_X509_INVALID_DATE                     -0x2400  /**< The date tag or value is invalid. */
+#define MBEDTLS_ERR_X509_INVALID_SIGNATURE                -0x2480  /**< The signature tag or value invalid. */
+#define MBEDTLS_ERR_X509_INVALID_EXTENSIONS               -0x2500  /**< The extension tag or value is invalid. */
+#define MBEDTLS_ERR_X509_UNKNOWN_VERSION                  -0x2580  /**< CRT/CRL/CSR has an unsupported version number. */
+#define MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG                  -0x2600  /**< Signature algorithm (oid) is unsupported. */
+#define MBEDTLS_ERR_X509_SIG_MISMATCH                     -0x2680  /**< Signature algorithms do not match. (see \c ::mbedtls_x509_crt sig_oid) */
+#define MBEDTLS_ERR_X509_CERT_VERIFY_FAILED               -0x2700  /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */
+#define MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT              -0x2780  /**< Format not recognized as DER or PEM. */
+#define MBEDTLS_ERR_X509_BAD_INPUT_DATA                   -0x2800  /**< Input invalid. */
+#define MBEDTLS_ERR_X509_ALLOC_FAILED                     -0x2880  /**< Allocation of memory failed. */
+#define MBEDTLS_ERR_X509_FILE_IO_ERROR                    -0x2900  /**< Read/write of file failed. */
+#define MBEDTLS_ERR_X509_BUFFER_TOO_SMALL                 -0x2980  /**< Destination buffer is too small. */
+#define MBEDTLS_ERR_X509_FATAL_ERROR                      -0x3000  /**< A fatal error occured, eg the chain is too long or the vrfy callback failed. */
+/* \} name */
+
+/**
+ * \name X509 Verify codes
+ * \{
+ */
+/* Reminder: update x509_crt_verify_strings[] in library/x509_crt.c */
+#define MBEDTLS_X509_BADCERT_EXPIRED             0x01  /**< The certificate validity has expired. */
+#define MBEDTLS_X509_BADCERT_REVOKED             0x02  /**< The certificate has been revoked (is on a CRL). */
+#define MBEDTLS_X509_BADCERT_CN_MISMATCH         0x04  /**< The certificate Common Name (CN) does not match with the expected CN. */
+#define MBEDTLS_X509_BADCERT_NOT_TRUSTED         0x08  /**< The certificate is not correctly signed by the trusted CA. */
+#define MBEDTLS_X509_BADCRL_NOT_TRUSTED          0x10  /**< The CRL is not correctly signed by the trusted CA. */
+#define MBEDTLS_X509_BADCRL_EXPIRED              0x20  /**< The CRL is expired. */
+#define MBEDTLS_X509_BADCERT_MISSING             0x40  /**< Certificate was missing. */
+#define MBEDTLS_X509_BADCERT_SKIP_VERIFY         0x80  /**< Certificate verification was skipped. */
+#define MBEDTLS_X509_BADCERT_OTHER             0x0100  /**< Other reason (can be used by verify callback) */
+#define MBEDTLS_X509_BADCERT_FUTURE            0x0200  /**< The certificate validity starts in the future. */
+#define MBEDTLS_X509_BADCRL_FUTURE             0x0400  /**< The CRL is from the future */
+#define MBEDTLS_X509_BADCERT_KEY_USAGE         0x0800  /**< Usage does not match the keyUsage extension. */
+#define MBEDTLS_X509_BADCERT_EXT_KEY_USAGE     0x1000  /**< Usage does not match the extendedKeyUsage extension. */
+#define MBEDTLS_X509_BADCERT_NS_CERT_TYPE      0x2000  /**< Usage does not match the nsCertType extension. */
+#define MBEDTLS_X509_BADCERT_BAD_MD            0x4000  /**< The certificate is signed with an unacceptable hash. */
+#define MBEDTLS_X509_BADCERT_BAD_PK            0x8000  /**< The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA). */
+#define MBEDTLS_X509_BADCERT_BAD_KEY         0x010000  /**< The certificate is signed with an unacceptable key (eg bad curve, RSA too short). */
+#define MBEDTLS_X509_BADCRL_BAD_MD           0x020000  /**< The CRL is signed with an unacceptable hash. */
+#define MBEDTLS_X509_BADCRL_BAD_PK           0x040000  /**< The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA). */
+#define MBEDTLS_X509_BADCRL_BAD_KEY          0x080000  /**< The CRL is signed with an unacceptable key (eg bad curve, RSA too short). */
+
+/* \} name */
+/* \} addtogroup x509_module */
+
+/*
+ * X.509 v3 Key Usage Extension flags
+ * Reminder: update x509_info_key_usage() when adding new flags.
+ */
+#define MBEDTLS_X509_KU_DIGITAL_SIGNATURE            (0x80)  /* bit 0 */
+#define MBEDTLS_X509_KU_NON_REPUDIATION              (0x40)  /* bit 1 */
+#define MBEDTLS_X509_KU_KEY_ENCIPHERMENT             (0x20)  /* bit 2 */
+#define MBEDTLS_X509_KU_DATA_ENCIPHERMENT            (0x10)  /* bit 3 */
+#define MBEDTLS_X509_KU_KEY_AGREEMENT                (0x08)  /* bit 4 */
+#define MBEDTLS_X509_KU_KEY_CERT_SIGN                (0x04)  /* bit 5 */
+#define MBEDTLS_X509_KU_CRL_SIGN                     (0x02)  /* bit 6 */
+#define MBEDTLS_X509_KU_ENCIPHER_ONLY                (0x01)  /* bit 7 */
+#define MBEDTLS_X509_KU_DECIPHER_ONLY              (0x8000)  /* bit 8 */
+
+/*
+ * Netscape certificate types
+ * (http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn3.html)
+ */
+
+#define MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT         (0x80)  /* bit 0 */
+#define MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER         (0x40)  /* bit 1 */
+#define MBEDTLS_X509_NS_CERT_TYPE_EMAIL              (0x20)  /* bit 2 */
+#define MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING     (0x10)  /* bit 3 */
+#define MBEDTLS_X509_NS_CERT_TYPE_RESERVED           (0x08)  /* bit 4 */
+#define MBEDTLS_X509_NS_CERT_TYPE_SSL_CA             (0x04)  /* bit 5 */
+#define MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA           (0x02)  /* bit 6 */
+#define MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA  (0x01)  /* bit 7 */
+
+/*
+ * X.509 extension types
+ *
+ * Comments refer to the status for using certificates. Status can be
+ * different for writing certificates or reading CRLs or CSRs.
+ */
+#define MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER    (1 << 0)
+#define MBEDTLS_X509_EXT_SUBJECT_KEY_IDENTIFIER      (1 << 1)
+#define MBEDTLS_X509_EXT_KEY_USAGE                   (1 << 2)
+#define MBEDTLS_X509_EXT_CERTIFICATE_POLICIES        (1 << 3)
+#define MBEDTLS_X509_EXT_POLICY_MAPPINGS             (1 << 4)
+#define MBEDTLS_X509_EXT_SUBJECT_ALT_NAME            (1 << 5)    /* Supported (DNS) */
+#define MBEDTLS_X509_EXT_ISSUER_ALT_NAME             (1 << 6)
+#define MBEDTLS_X509_EXT_SUBJECT_DIRECTORY_ATTRS     (1 << 7)
+#define MBEDTLS_X509_EXT_BASIC_CONSTRAINTS           (1 << 8)    /* Supported */
+#define MBEDTLS_X509_EXT_NAME_CONSTRAINTS            (1 << 9)
+#define MBEDTLS_X509_EXT_POLICY_CONSTRAINTS          (1 << 10)
+#define MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE          (1 << 11)
+#define MBEDTLS_X509_EXT_CRL_DISTRIBUTION_POINTS     (1 << 12)
+#define MBEDTLS_X509_EXT_INIHIBIT_ANYPOLICY          (1 << 13)
+#define MBEDTLS_X509_EXT_FRESHEST_CRL                (1 << 14)
+
+#define MBEDTLS_X509_EXT_NS_CERT_TYPE                (1 << 16)
+
+/*
+ * Storage format identifiers
+ * Recognized formats: PEM and DER
+ */
+#define MBEDTLS_X509_FORMAT_DER                 1
+#define MBEDTLS_X509_FORMAT_PEM                 2
+
+#define MBEDTLS_X509_MAX_DN_NAME_SIZE         256 /**< Maximum value size of a DN entry */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \addtogroup x509_module
+ * \{ */
+
+/**
+ * \name Structures for parsing X.509 certificates, CRLs and CSRs
+ * \{
+ */
+
+/**
+ * Type-length-value structure that allows for ASN1 using DER.
+ */
+typedef mbedtls_asn1_buf mbedtls_x509_buf;
+
+/**
+ * Container for ASN1 bit strings.
+ */
+typedef mbedtls_asn1_bitstring mbedtls_x509_bitstring;
+
+/**
+ * Container for ASN1 named information objects.
+ * It allows for Relative Distinguished Names (e.g. cn=localhost,ou=code,etc.).
+ */
+typedef mbedtls_asn1_named_data mbedtls_x509_name;
+
+/**
+ * Container for a sequence of ASN.1 items
+ */
+typedef mbedtls_asn1_sequence mbedtls_x509_sequence;
+
+/** Container for date and time (precision in seconds). */
+typedef struct mbedtls_x509_time
+{
+    int year, mon, day;         /**< Date. */
+    int hour, min, sec;         /**< Time. */
+}
+mbedtls_x509_time;
+
+/** \} name Structures for parsing X.509 certificates, CRLs and CSRs */
+/** \} addtogroup x509_module */
+
+/**
+ * \brief          Store the certificate DN in printable form into buf;
+ *                 no more than size characters will be written.
+ *
+ * \param buf      Buffer to write to
+ * \param size     Maximum size of buffer
+ * \param dn       The X509 name to represent
+ *
+ * \return         The length of the string written (not including the
+ *                 terminated nul byte), or a negative error code.
+ */
+int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn );
+
+/**
+ * \brief          Store the certificate serial in printable form into buf;
+ *                 no more than size characters will be written.
+ *
+ * \param buf      Buffer to write to
+ * \param size     Maximum size of buffer
+ * \param serial   The X509 serial to represent
+ *
+ * \return         The length of the string written (not including the
+ *                 terminated nul byte), or a negative error code.
+ */
+int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *serial );
+
+/**
+ * \brief          Check a given mbedtls_x509_time against the system time
+ *                 and tell if it's in the past.
+ *
+ * \note           Intended usage is "if( is_past( valid_to ) ) ERROR".
+ *                 Hence the return value of 1 if on internal errors.
+ *
+ * \param to       mbedtls_x509_time to check
+ *
+ * \return         1 if the given time is in the past or an error occured,
+ *                 0 otherwise.
+ */
+int mbedtls_x509_time_is_past( const mbedtls_x509_time *to );
+
+/**
+ * \brief          Check a given mbedtls_x509_time against the system time
+ *                 and tell if it's in the future.
+ *
+ * \note           Intended usage is "if( is_future( valid_from ) ) ERROR".
+ *                 Hence the return value of 1 if on internal errors.
+ *
+ * \param from     mbedtls_x509_time to check
+ *
+ * \return         1 if the given time is in the future or an error occured,
+ *                 0 otherwise.
+ */
+int mbedtls_x509_time_is_future( const mbedtls_x509_time *from );
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if the test failed
+ */
+int mbedtls_x509_self_test( int verbose );
+
+/*
+ * Internal module functions. You probably do not want to use these unless you
+ * know you do.
+ */
+int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end,
+                   mbedtls_x509_name *cur );
+int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end,
+                       mbedtls_x509_buf *alg );
+int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end,
+                  mbedtls_x509_buf *alg, mbedtls_x509_buf *params );
+#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
+int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params,
+                                mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md,
+                                int *salt_len );
+#endif
+int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig );
+int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params,
+                      mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg,
+                      void **sig_opts );
+int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end,
+                   mbedtls_x509_time *t );
+int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end,
+                     mbedtls_x509_buf *serial );
+int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end,
+                  mbedtls_x509_buf *ext, int tag );
+int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid,
+                       mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
+                       const void *sig_opts );
+int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name );
+int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name );
+int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len,
+                        int critical, const unsigned char *val,
+                        size_t val_len );
+int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start,
+                           mbedtls_asn1_named_data *first );
+int mbedtls_x509_write_names( unsigned char **p, unsigned char *start,
+                      mbedtls_asn1_named_data *first );
+int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start,
+                    const char *oid, size_t oid_len,
+                    unsigned char *sig, size_t size );
+
+#define MBEDTLS_X509_SAFE_SNPRINTF                          \
+    do {                                                    \
+        if( ret < 0 || (size_t) ret >= n )                  \
+            return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL );    \
+                                                            \
+        n -= (size_t) ret;                                  \
+        p += (size_t) ret;                                  \
+    } while( 0 )
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* x509.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/x509_crl.h b/thirdparty/mbedtls/include/mbedtls/x509_crl.h
new file mode 100644
index 0000000000..08a4283a67
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/x509_crl.h
@@ -0,0 +1,174 @@
+/**
+ * \file x509_crl.h
+ *
+ * \brief X.509 certificate revocation list parsing
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_X509_CRL_H
+#define MBEDTLS_X509_CRL_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "x509.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \addtogroup x509_module
+ * \{ */
+
+/**
+ * \name Structures and functions for parsing CRLs
+ * \{
+ */
+
+/**
+ * Certificate revocation list entry.
+ * Contains the CA-specific serial numbers and revocation dates.
+ */
+typedef struct mbedtls_x509_crl_entry
+{
+    mbedtls_x509_buf raw;
+
+    mbedtls_x509_buf serial;
+
+    mbedtls_x509_time revocation_date;
+
+    mbedtls_x509_buf entry_ext;
+
+    struct mbedtls_x509_crl_entry *next;
+}
+mbedtls_x509_crl_entry;
+
+/**
+ * Certificate revocation list structure.
+ * Every CRL may have multiple entries.
+ */
+typedef struct mbedtls_x509_crl
+{
+    mbedtls_x509_buf raw;           /**< The raw certificate data (DER). */
+    mbedtls_x509_buf tbs;           /**< The raw certificate body (DER). The part that is To Be Signed. */
+
+    int version;            /**< CRL version (1=v1, 2=v2) */
+    mbedtls_x509_buf sig_oid;       /**< CRL signature type identifier */
+
+    mbedtls_x509_buf issuer_raw;    /**< The raw issuer data (DER). */
+
+    mbedtls_x509_name issuer;       /**< The parsed issuer data (named information object). */
+
+    mbedtls_x509_time this_update;
+    mbedtls_x509_time next_update;
+
+    mbedtls_x509_crl_entry entry;   /**< The CRL entries containing the certificate revocation times for this CA. */
+
+    mbedtls_x509_buf crl_ext;
+
+    mbedtls_x509_buf sig_oid2;
+    mbedtls_x509_buf sig;
+    mbedtls_md_type_t sig_md;           /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */
+    mbedtls_pk_type_t sig_pk;           /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
+    void *sig_opts;             /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */
+
+    struct mbedtls_x509_crl *next;
+}
+mbedtls_x509_crl;
+
+/**
+ * \brief          Parse a DER-encoded CRL and append it to the chained list
+ *
+ * \param chain    points to the start of the chain
+ * \param buf      buffer holding the CRL data in DER format
+ * \param buflen   size of the buffer
+ *                 (including the terminating null byte for PEM data)
+ *
+ * \return         0 if successful, or a specific X509 or PEM error code
+ */
+int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain,
+                        const unsigned char *buf, size_t buflen );
+/**
+ * \brief          Parse one or more CRLs and append them to the chained list
+ *
+ * \note           Mutliple CRLs are accepted only if using PEM format
+ *
+ * \param chain    points to the start of the chain
+ * \param buf      buffer holding the CRL data in PEM or DER format
+ * \param buflen   size of the buffer
+ *                 (including the terminating null byte for PEM data)
+ *
+ * \return         0 if successful, or a specific X509 or PEM error code
+ */
+int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen );
+
+#if defined(MBEDTLS_FS_IO)
+/**
+ * \brief          Load one or more CRLs and append them to the chained list
+ *
+ * \note           Mutliple CRLs are accepted only if using PEM format
+ *
+ * \param chain    points to the start of the chain
+ * \param path     filename to read the CRLs from (in PEM or DER encoding)
+ *
+ * \return         0 if successful, or a specific X509 or PEM error code
+ */
+int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path );
+#endif /* MBEDTLS_FS_IO */
+
+/**
+ * \brief          Returns an informational string about the CRL.
+ *
+ * \param buf      Buffer to write to
+ * \param size     Maximum size of buffer
+ * \param prefix   A line prefix
+ * \param crl      The X509 CRL to represent
+ *
+ * \return         The length of the string written (not including the
+ *                 terminated nul byte), or a negative error code.
+ */
+int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix,
+                   const mbedtls_x509_crl *crl );
+
+/**
+ * \brief          Initialize a CRL (chain)
+ *
+ * \param crl      CRL chain to initialize
+ */
+void mbedtls_x509_crl_init( mbedtls_x509_crl *crl );
+
+/**
+ * \brief          Unallocate all CRL data
+ *
+ * \param crl      CRL chain to free
+ */
+void mbedtls_x509_crl_free( mbedtls_x509_crl *crl );
+
+/* \} name */
+/* \} addtogroup x509_module */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* mbedtls_x509_crl.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/x509_crt.h b/thirdparty/mbedtls/include/mbedtls/x509_crt.h
new file mode 100644
index 0000000000..2dbb7ec964
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/x509_crt.h
@@ -0,0 +1,663 @@
+/**
+ * \file x509_crt.h
+ *
+ * \brief X.509 certificate parsing and writing
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_X509_CRT_H
+#define MBEDTLS_X509_CRT_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "x509.h"
+#include "x509_crl.h"
+
+/**
+ * \addtogroup x509_module
+ * \{
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \name Structures and functions for parsing and writing X.509 certificates
+ * \{
+ */
+
+/**
+ * Container for an X.509 certificate. The certificate may be chained.
+ */
+typedef struct mbedtls_x509_crt
+{
+    mbedtls_x509_buf raw;               /**< The raw certificate data (DER). */
+    mbedtls_x509_buf tbs;               /**< The raw certificate body (DER). The part that is To Be Signed. */
+
+    int version;                /**< The X.509 version. (1=v1, 2=v2, 3=v3) */
+    mbedtls_x509_buf serial;            /**< Unique id for certificate issued by a specific CA. */
+    mbedtls_x509_buf sig_oid;           /**< Signature algorithm, e.g. sha1RSA */
+
+    mbedtls_x509_buf issuer_raw;        /**< The raw issuer data (DER). Used for quick comparison. */
+    mbedtls_x509_buf subject_raw;       /**< The raw subject data (DER). Used for quick comparison. */
+
+    mbedtls_x509_name issuer;           /**< The parsed issuer data (named information object). */
+    mbedtls_x509_name subject;          /**< The parsed subject data (named information object). */
+
+    mbedtls_x509_time valid_from;       /**< Start time of certificate validity. */
+    mbedtls_x509_time valid_to;         /**< End time of certificate validity. */
+
+    mbedtls_pk_context pk;              /**< Container for the public key context. */
+
+    mbedtls_x509_buf issuer_id;         /**< Optional X.509 v2/v3 issuer unique identifier. */
+    mbedtls_x509_buf subject_id;        /**< Optional X.509 v2/v3 subject unique identifier. */
+    mbedtls_x509_buf v3_ext;            /**< Optional X.509 v3 extensions.  */
+    mbedtls_x509_sequence subject_alt_names;    /**< Optional list of Subject Alternative Names (Only dNSName supported). */
+
+    int ext_types;              /**< Bit string containing detected and parsed extensions */
+    int ca_istrue;              /**< Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. */
+    int max_pathlen;            /**< Optional Basic Constraint extension value: The maximum path length to the root certificate. Path length is 1 higher than RFC 5280 'meaning', so 1+ */
+
+    unsigned int key_usage;     /**< Optional key usage extension value: See the values in x509.h */
+
+    mbedtls_x509_sequence ext_key_usage; /**< Optional list of extended key usage OIDs. */
+
+    unsigned char ns_cert_type; /**< Optional Netscape certificate type extension value: See the values in x509.h */
+
+    mbedtls_x509_buf sig;               /**< Signature: hash of the tbs part signed with the private key. */
+    mbedtls_md_type_t sig_md;           /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */
+    mbedtls_pk_type_t sig_pk;           /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
+    void *sig_opts;             /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */
+
+    struct mbedtls_x509_crt *next;     /**< Next certificate in the CA-chain. */
+}
+mbedtls_x509_crt;
+
+/**
+ * Build flag from an algorithm/curve identifier (pk, md, ecp)
+ * Since 0 is always XXX_NONE, ignore it.
+ */
+#define MBEDTLS_X509_ID_FLAG( id )   ( 1 << ( id - 1 ) )
+
+/**
+ * Security profile for certificate verification.
+ *
+ * All lists are bitfields, built by ORing flags from MBEDTLS_X509_ID_FLAG().
+ */
+typedef struct
+{
+    uint32_t allowed_mds;       /**< MDs for signatures         */
+    uint32_t allowed_pks;       /**< PK algs for signatures     */
+    uint32_t allowed_curves;    /**< Elliptic curves for ECDSA  */
+    uint32_t rsa_min_bitlen;    /**< Minimum size for RSA keys  */
+}
+mbedtls_x509_crt_profile;
+
+#define MBEDTLS_X509_CRT_VERSION_1              0
+#define MBEDTLS_X509_CRT_VERSION_2              1
+#define MBEDTLS_X509_CRT_VERSION_3              2
+
+#define MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN 32
+#define MBEDTLS_X509_RFC5280_UTC_TIME_LEN   15
+
+#if !defined( MBEDTLS_X509_MAX_FILE_PATH_LEN )
+#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512
+#endif
+
+/**
+ * Container for writing a certificate (CRT)
+ */
+typedef struct mbedtls_x509write_cert
+{
+    int version;
+    mbedtls_mpi serial;
+    mbedtls_pk_context *subject_key;
+    mbedtls_pk_context *issuer_key;
+    mbedtls_asn1_named_data *subject;
+    mbedtls_asn1_named_data *issuer;
+    mbedtls_md_type_t md_alg;
+    char not_before[MBEDTLS_X509_RFC5280_UTC_TIME_LEN + 1];
+    char not_after[MBEDTLS_X509_RFC5280_UTC_TIME_LEN + 1];
+    mbedtls_asn1_named_data *extensions;
+}
+mbedtls_x509write_cert;
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+/**
+ * Default security profile. Should provide a good balance between security
+ * and compatibility with current deployments.
+ */
+extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default;
+
+/**
+ * Expected next default profile. Recommended for new deployments.
+ * Currently targets a 128-bit security level, except for RSA-2048.
+ */
+extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next;
+
+/**
+ * NSA Suite B profile.
+ */
+extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb;
+
+/**
+ * \brief          Parse a single DER formatted certificate and add it
+ *                 to the chained list.
+ *
+ * \param chain    points to the start of the chain
+ * \param buf      buffer holding the certificate DER data
+ * \param buflen   size of the buffer
+ *
+ * \return         0 if successful, or a specific X509 or PEM error code
+ */
+int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, const unsigned char *buf,
+                        size_t buflen );
+
+/**
+ * \brief          Parse one or more certificates and add them
+ *                 to the chained list. Parses permissively. If some
+ *                 certificates can be parsed, the result is the number
+ *                 of failed certificates it encountered. If none complete
+ *                 correctly, the first error is returned.
+ *
+ * \param chain    points to the start of the chain
+ * \param buf      buffer holding the certificate data in PEM or DER format
+ * \param buflen   size of the buffer
+ *                 (including the terminating null byte for PEM data)
+ *
+ * \return         0 if all certificates parsed successfully, a positive number
+ *                 if partly successful or a specific X509 or PEM error code
+ */
+int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen );
+
+#if defined(MBEDTLS_FS_IO)
+/**
+ * \brief          Load one or more certificates and add them
+ *                 to the chained list. Parses permissively. If some
+ *                 certificates can be parsed, the result is the number
+ *                 of failed certificates it encountered. If none complete
+ *                 correctly, the first error is returned.
+ *
+ * \param chain    points to the start of the chain
+ * \param path     filename to read the certificates from
+ *
+ * \return         0 if all certificates parsed successfully, a positive number
+ *                 if partly successful or a specific X509 or PEM error code
+ */
+int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path );
+
+/**
+ * \brief          Load one or more certificate files from a path and add them
+ *                 to the chained list. Parses permissively. If some
+ *                 certificates can be parsed, the result is the number
+ *                 of failed certificates it encountered. If none complete
+ *                 correctly, the first error is returned.
+ *
+ * \param chain    points to the start of the chain
+ * \param path     directory / folder to read the certificate files from
+ *
+ * \return         0 if all certificates parsed successfully, a positive number
+ *                 if partly successful or a specific X509 or PEM error code
+ */
+int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path );
+#endif /* MBEDTLS_FS_IO */
+
+/**
+ * \brief          Returns an informational string about the
+ *                 certificate.
+ *
+ * \param buf      Buffer to write to
+ * \param size     Maximum size of buffer
+ * \param prefix   A line prefix
+ * \param crt      The X509 certificate to represent
+ *
+ * \return         The length of the string written (not including the
+ *                 terminated nul byte), or a negative error code.
+ */
+int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix,
+                   const mbedtls_x509_crt *crt );
+
+/**
+ * \brief          Returns an informational string about the
+ *                 verification status of a certificate.
+ *
+ * \param buf      Buffer to write to
+ * \param size     Maximum size of buffer
+ * \param prefix   A line prefix
+ * \param flags    Verification flags created by mbedtls_x509_crt_verify()
+ *
+ * \return         The length of the string written (not including the
+ *                 terminated nul byte), or a negative error code.
+ */
+int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
+                          uint32_t flags );
+
+/**
+ * \brief          Verify the certificate signature
+ *
+ *                 The verify callback is a user-supplied callback that
+ *                 can clear / modify / add flags for a certificate. If set,
+ *                 the verification callback is called for each
+ *                 certificate in the chain (from the trust-ca down to the
+ *                 presented crt). The parameters for the callback are:
+ *                 (void *parameter, mbedtls_x509_crt *crt, int certificate_depth,
+ *                 int *flags). With the flags representing current flags for
+ *                 that specific certificate and the certificate depth from
+ *                 the bottom (Peer cert depth = 0).
+ *
+ *                 All flags left after returning from the callback
+ *                 are also returned to the application. The function should
+ *                 return 0 for anything (including invalid certificates)
+ *                 other than fatal error, as a non-zero return code
+ *                 immediately aborts the verification process. For fatal
+ *                 errors, a specific error code should be used (different
+ *                 from MBEDTLS_ERR_X509_CERT_VERIFY_FAILED which should not
+ *                 be returned at this point), or MBEDTLS_ERR_X509_FATAL_ERROR
+ *                 can be used if no better code is available.
+ *
+ * \note           In case verification failed, the results can be displayed
+ *                 using \c mbedtls_x509_crt_verify_info()
+ *
+ * \note           Same as \c mbedtls_x509_crt_verify_with_profile() with the
+ *                 default security profile.
+ *
+ * \note           It is your responsibility to provide up-to-date CRLs for
+ *                 all trusted CAs. If no CRL is provided for the CA that was
+ *                 used to sign the certificate, CRL verification is skipped
+ *                 silently, that is *without* setting any flag.
+ *
+ * \param crt      a certificate (chain) to be verified
+ * \param trust_ca the list of trusted CAs
+ * \param ca_crl   the list of CRLs for trusted CAs (see note above)
+ * \param cn       expected Common Name (can be set to
+ *                 NULL if the CN must not be verified)
+ * \param flags    result of the verification
+ * \param f_vrfy   verification function
+ * \param p_vrfy   verification parameter
+ *
+ * \return         0 (and flags set to 0) if the chain was verified and valid,
+ *                 MBEDTLS_ERR_X509_CERT_VERIFY_FAILED if the chain was verified
+ *                 but found to be invalid, in which case *flags will have one
+ *                 or more MBEDTLS_X509_BADCERT_XXX or MBEDTLS_X509_BADCRL_XXX
+ *                 flags set, or another error (and flags set to 0xffffffff)
+ *                 in case of a fatal error encountered during the
+ *                 verification process.
+ */
+int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
+                     mbedtls_x509_crt *trust_ca,
+                     mbedtls_x509_crl *ca_crl,
+                     const char *cn, uint32_t *flags,
+                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                     void *p_vrfy );
+
+/**
+ * \brief          Verify the certificate signature according to profile
+ *
+ * \note           Same as \c mbedtls_x509_crt_verify(), but with explicit
+ *                 security profile.
+ *
+ * \note           The restrictions on keys (RSA minimum size, allowed curves
+ *                 for ECDSA) apply to all certificates: trusted root,
+ *                 intermediate CAs if any, and end entity certificate.
+ *
+ * \param crt      a certificate (chain) to be verified
+ * \param trust_ca the list of trusted CAs
+ * \param ca_crl   the list of CRLs for trusted CAs
+ * \param profile  security profile for verification
+ * \param cn       expected Common Name (can be set to
+ *                 NULL if the CN must not be verified)
+ * \param flags    result of the verification
+ * \param f_vrfy   verification function
+ * \param p_vrfy   verification parameter
+ *
+ * \return         0 if successful or MBEDTLS_ERR_X509_CERT_VERIFY_FAILED
+ *                 in which case *flags will have one or more
+ *                 MBEDTLS_X509_BADCERT_XXX or MBEDTLS_X509_BADCRL_XXX flags
+ *                 set,
+ *                 or another error in case of a fatal error encountered
+ *                 during the verification process.
+ */
+int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
+                     mbedtls_x509_crt *trust_ca,
+                     mbedtls_x509_crl *ca_crl,
+                     const mbedtls_x509_crt_profile *profile,
+                     const char *cn, uint32_t *flags,
+                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                     void *p_vrfy );
+
+#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
+/**
+ * \brief          Check usage of certificate against keyUsage extension.
+ *
+ * \param crt      Leaf certificate used.
+ * \param usage    Intended usage(s) (eg MBEDTLS_X509_KU_KEY_ENCIPHERMENT
+ *                 before using the certificate to perform an RSA key
+ *                 exchange).
+ *
+ * \note           Except for decipherOnly and encipherOnly, a bit set in the
+ *                 usage argument means this bit MUST be set in the
+ *                 certificate. For decipherOnly and encipherOnly, it means
+ *                 that bit MAY be set.
+ *
+ * \return         0 is these uses of the certificate are allowed,
+ *                 MBEDTLS_ERR_X509_BAD_INPUT_DATA if the keyUsage extension
+ *                 is present but does not match the usage argument.
+ *
+ * \note           You should only call this function on leaf certificates, on
+ *                 (intermediate) CAs the keyUsage extension is automatically
+ *                 checked by \c mbedtls_x509_crt_verify().
+ */
+int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt,
+                                      unsigned int usage );
+#endif /* MBEDTLS_X509_CHECK_KEY_USAGE) */
+
+#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
+/**
+ * \brief           Check usage of certificate against extendedKeyUsage.
+ *
+ * \param crt       Leaf certificate used.
+ * \param usage_oid Intended usage (eg MBEDTLS_OID_SERVER_AUTH or
+ *                  MBEDTLS_OID_CLIENT_AUTH).
+ * \param usage_len Length of usage_oid (eg given by MBEDTLS_OID_SIZE()).
+ *
+ * \return          0 if this use of the certificate is allowed,
+ *                  MBEDTLS_ERR_X509_BAD_INPUT_DATA if not.
+ *
+ * \note            Usually only makes sense on leaf certificates.
+ */
+int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt,
+                                               const char *usage_oid,
+                                               size_t usage_len );
+#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */
+
+#if defined(MBEDTLS_X509_CRL_PARSE_C)
+/**
+ * \brief          Verify the certificate revocation status
+ *
+ * \param crt      a certificate to be verified
+ * \param crl      the CRL to verify against
+ *
+ * \return         1 if the certificate is revoked, 0 otherwise
+ *
+ */
+int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl );
+#endif /* MBEDTLS_X509_CRL_PARSE_C */
+
+/**
+ * \brief          Initialize a certificate (chain)
+ *
+ * \param crt      Certificate chain to initialize
+ */
+void mbedtls_x509_crt_init( mbedtls_x509_crt *crt );
+
+/**
+ * \brief          Unallocate all certificate data
+ *
+ * \param crt      Certificate chain to free
+ */
+void mbedtls_x509_crt_free( mbedtls_x509_crt *crt );
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+/* \} name */
+/* \} addtogroup x509_module */
+
+#if defined(MBEDTLS_X509_CRT_WRITE_C)
+/**
+ * \brief           Initialize a CRT writing context
+ *
+ * \param ctx       CRT context to initialize
+ */
+void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx );
+
+/**
+ * \brief           Set the verion for a Certificate
+ *                  Default: MBEDTLS_X509_CRT_VERSION_3
+ *
+ * \param ctx       CRT context to use
+ * \param version   version to set (MBEDTLS_X509_CRT_VERSION_1, MBEDTLS_X509_CRT_VERSION_2 or
+ *                                  MBEDTLS_X509_CRT_VERSION_3)
+ */
+void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version );
+
+/**
+ * \brief           Set the serial number for a Certificate.
+ *
+ * \param ctx       CRT context to use
+ * \param serial    serial number to set
+ *
+ * \return          0 if successful
+ */
+int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial );
+
+/**
+ * \brief           Set the validity period for a Certificate
+ *                  Timestamps should be in string format for UTC timezone
+ *                  i.e. "YYYYMMDDhhmmss"
+ *                  e.g. "20131231235959" for December 31st 2013
+ *                       at 23:59:59
+ *
+ * \param ctx       CRT context to use
+ * \param not_before    not_before timestamp
+ * \param not_after     not_after timestamp
+ *
+ * \return          0 if timestamp was parsed successfully, or
+ *                  a specific error code
+ */
+int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char *not_before,
+                                const char *not_after );
+
+/**
+ * \brief           Set the issuer name for a Certificate
+ *                  Issuer names should contain a comma-separated list
+ *                  of OID types and values:
+ *                  e.g. "C=UK,O=ARM,CN=mbed TLS CA"
+ *
+ * \param ctx           CRT context to use
+ * \param issuer_name   issuer name to set
+ *
+ * \return          0 if issuer name was parsed successfully, or
+ *                  a specific error code
+ */
+int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx,
+                                   const char *issuer_name );
+
+/**
+ * \brief           Set the subject name for a Certificate
+ *                  Subject names should contain a comma-separated list
+ *                  of OID types and values:
+ *                  e.g. "C=UK,O=ARM,CN=mbed TLS Server 1"
+ *
+ * \param ctx           CRT context to use
+ * \param subject_name  subject name to set
+ *
+ * \return          0 if subject name was parsed successfully, or
+ *                  a specific error code
+ */
+int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx,
+                                    const char *subject_name );
+
+/**
+ * \brief           Set the subject public key for the certificate
+ *
+ * \param ctx       CRT context to use
+ * \param key       public key to include
+ */
+void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key );
+
+/**
+ * \brief           Set the issuer key used for signing the certificate
+ *
+ * \param ctx       CRT context to use
+ * \param key       private key to sign with
+ */
+void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key );
+
+/**
+ * \brief           Set the MD algorithm to use for the signature
+ *                  (e.g. MBEDTLS_MD_SHA1)
+ *
+ * \param ctx       CRT context to use
+ * \param md_alg    MD algorithm to use
+ */
+void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg );
+
+/**
+ * \brief           Generic function to add to or replace an extension in the
+ *                  CRT
+ *
+ * \param ctx       CRT context to use
+ * \param oid       OID of the extension
+ * \param oid_len   length of the OID
+ * \param critical  if the extension is critical (per the RFC's definition)
+ * \param val       value of the extension OCTET STRING
+ * \param val_len   length of the value data
+ *
+ * \return          0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
+ */
+int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx,
+                                 const char *oid, size_t oid_len,
+                                 int critical,
+                                 const unsigned char *val, size_t val_len );
+
+/**
+ * \brief           Set the basicConstraints extension for a CRT
+ *
+ * \param ctx       CRT context to use
+ * \param is_ca     is this a CA certificate
+ * \param max_pathlen   maximum length of certificate chains below this
+ *                      certificate (only for CA certificates, -1 is
+ *                      inlimited)
+ *
+ * \return          0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
+ */
+int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
+                                         int is_ca, int max_pathlen );
+
+#if defined(MBEDTLS_SHA1_C)
+/**
+ * \brief           Set the subjectKeyIdentifier extension for a CRT
+ *                  Requires that mbedtls_x509write_crt_set_subject_key() has been
+ *                  called before
+ *
+ * \param ctx       CRT context to use
+ *
+ * \return          0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
+ */
+int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx );
+
+/**
+ * \brief           Set the authorityKeyIdentifier extension for a CRT
+ *                  Requires that mbedtls_x509write_crt_set_issuer_key() has been
+ *                  called before
+ *
+ * \param ctx       CRT context to use
+ *
+ * \return          0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
+ */
+int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx );
+#endif /* MBEDTLS_SHA1_C */
+
+/**
+ * \brief           Set the Key Usage Extension flags
+ *                  (e.g. MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN)
+ *
+ * \param ctx       CRT context to use
+ * \param key_usage key usage flags to set
+ *
+ * \return          0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
+ */
+int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx,
+                                         unsigned int key_usage );
+
+/**
+ * \brief           Set the Netscape Cert Type flags
+ *                  (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL)
+ *
+ * \param ctx           CRT context to use
+ * \param ns_cert_type  Netscape Cert Type flags to set
+ *
+ * \return          0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
+ */
+int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx,
+                                    unsigned char ns_cert_type );
+
+/**
+ * \brief           Free the contents of a CRT write context
+ *
+ * \param ctx       CRT context to free
+ */
+void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx );
+
+/**
+ * \brief           Write a built up certificate to a X509 DER structure
+ *                  Note: data is written at the end of the buffer! Use the
+ *                        return value to determine where you should start
+ *                        using the buffer
+ *
+ * \param ctx       certificate to write away
+ * \param buf       buffer to write to
+ * \param size      size of the buffer
+ * \param f_rng     RNG function (for signature, see note)
+ * \param p_rng     RNG parameter
+ *
+ * \return          length of data written if successful, or a specific
+ *                  error code
+ *
+ * \note            f_rng may be NULL if RSA is used for signature and the
+ *                  signature is made offline (otherwise f_rng is desirable
+ *                  for countermeasures against timing attacks).
+ *                  ECDSA signatures always require a non-NULL f_rng.
+ */
+int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
+                       int (*f_rng)(void *, unsigned char *, size_t),
+                       void *p_rng );
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+/**
+ * \brief           Write a built up certificate to a X509 PEM string
+ *
+ * \param ctx       certificate to write away
+ * \param buf       buffer to write to
+ * \param size      size of the buffer
+ * \param f_rng     RNG function (for signature, see note)
+ * \param p_rng     RNG parameter
+ *
+ * \return          0 if successful, or a specific error code
+ *
+ * \note            f_rng may be NULL if RSA is used for signature and the
+ *                  signature is made offline (otherwise f_rng is desirable
+ *                  for countermeasures against timing attacks).
+ *                  ECDSA signatures always require a non-NULL f_rng.
+ */
+int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
+                       int (*f_rng)(void *, unsigned char *, size_t),
+                       void *p_rng );
+#endif /* MBEDTLS_PEM_WRITE_C */
+#endif /* MBEDTLS_X509_CRT_WRITE_C */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* mbedtls_x509_crt.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/x509_csr.h b/thirdparty/mbedtls/include/mbedtls/x509_csr.h
new file mode 100644
index 0000000000..0c6ccad78d
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/x509_csr.h
@@ -0,0 +1,299 @@
+/**
+ * \file x509_csr.h
+ *
+ * \brief X.509 certificate signing request parsing and writing
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_X509_CSR_H
+#define MBEDTLS_X509_CSR_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "x509.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \addtogroup x509_module
+ * \{ */
+
+/**
+ * \name Structures and functions for X.509 Certificate Signing Requests (CSR)
+ * \{
+ */
+
+/**
+ * Certificate Signing Request (CSR) structure.
+ */
+typedef struct mbedtls_x509_csr
+{
+    mbedtls_x509_buf raw;           /**< The raw CSR data (DER). */
+    mbedtls_x509_buf cri;           /**< The raw CertificateRequestInfo body (DER). */
+
+    int version;            /**< CSR version (1=v1). */
+
+    mbedtls_x509_buf  subject_raw;  /**< The raw subject data (DER). */
+    mbedtls_x509_name subject;      /**< The parsed subject data (named information object). */
+
+    mbedtls_pk_context pk;          /**< Container for the public key context. */
+
+    mbedtls_x509_buf sig_oid;
+    mbedtls_x509_buf sig;
+    mbedtls_md_type_t sig_md;       /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */
+    mbedtls_pk_type_t sig_pk;       /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
+    void *sig_opts;         /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */
+}
+mbedtls_x509_csr;
+
+/**
+ * Container for writing a CSR
+ */
+typedef struct mbedtls_x509write_csr
+{
+    mbedtls_pk_context *key;
+    mbedtls_asn1_named_data *subject;
+    mbedtls_md_type_t md_alg;
+    mbedtls_asn1_named_data *extensions;
+}
+mbedtls_x509write_csr;
+
+#if defined(MBEDTLS_X509_CSR_PARSE_C)
+/**
+ * \brief          Load a Certificate Signing Request (CSR) in DER format
+ *
+ * \note           CSR attributes (if any) are currently silently ignored.
+ *
+ * \param csr      CSR context to fill
+ * \param buf      buffer holding the CRL data
+ * \param buflen   size of the buffer
+ *
+ * \return         0 if successful, or a specific X509 error code
+ */
+int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr,
+                        const unsigned char *buf, size_t buflen );
+
+/**
+ * \brief          Load a Certificate Signing Request (CSR), DER or PEM format
+ *
+ * \note           See notes for \c mbedtls_x509_csr_parse_der()
+ *
+ * \param csr      CSR context to fill
+ * \param buf      buffer holding the CRL data
+ * \param buflen   size of the buffer
+ *                 (including the terminating null byte for PEM data)
+ *
+ * \return         0 if successful, or a specific X509 or PEM error code
+ */
+int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen );
+
+#if defined(MBEDTLS_FS_IO)
+/**
+ * \brief          Load a Certificate Signing Request (CSR)
+ *
+ * \note           See notes for \c mbedtls_x509_csr_parse()
+ *
+ * \param csr      CSR context to fill
+ * \param path     filename to read the CSR from
+ *
+ * \return         0 if successful, or a specific X509 or PEM error code
+ */
+int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path );
+#endif /* MBEDTLS_FS_IO */
+
+/**
+ * \brief          Returns an informational string about the
+ *                 CSR.
+ *
+ * \param buf      Buffer to write to
+ * \param size     Maximum size of buffer
+ * \param prefix   A line prefix
+ * \param csr      The X509 CSR to represent
+ *
+ * \return         The length of the string written (not including the
+ *                 terminated nul byte), or a negative error code.
+ */
+int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix,
+                   const mbedtls_x509_csr *csr );
+
+/**
+ * \brief          Initialize a CSR
+ *
+ * \param csr      CSR to initialize
+ */
+void mbedtls_x509_csr_init( mbedtls_x509_csr *csr );
+
+/**
+ * \brief          Unallocate all CSR data
+ *
+ * \param csr      CSR to free
+ */
+void mbedtls_x509_csr_free( mbedtls_x509_csr *csr );
+#endif /* MBEDTLS_X509_CSR_PARSE_C */
+
+/* \} name */
+/* \} addtogroup x509_module */
+
+#if defined(MBEDTLS_X509_CSR_WRITE_C)
+/**
+ * \brief           Initialize a CSR context
+ *
+ * \param ctx       CSR context to initialize
+ */
+void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx );
+
+/**
+ * \brief           Set the subject name for a CSR
+ *                  Subject names should contain a comma-separated list
+ *                  of OID types and values:
+ *                  e.g. "C=UK,O=ARM,CN=mbed TLS Server 1"
+ *
+ * \param ctx           CSR context to use
+ * \param subject_name  subject name to set
+ *
+ * \return          0 if subject name was parsed successfully, or
+ *                  a specific error code
+ */
+int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx,
+                                    const char *subject_name );
+
+/**
+ * \brief           Set the key for a CSR (public key will be included,
+ *                  private key used to sign the CSR when writing it)
+ *
+ * \param ctx       CSR context to use
+ * \param key       Asymetric key to include
+ */
+void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key );
+
+/**
+ * \brief           Set the MD algorithm to use for the signature
+ *                  (e.g. MBEDTLS_MD_SHA1)
+ *
+ * \param ctx       CSR context to use
+ * \param md_alg    MD algorithm to use
+ */
+void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg );
+
+/**
+ * \brief           Set the Key Usage Extension flags
+ *                  (e.g. MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN)
+ *
+ * \param ctx       CSR context to use
+ * \param key_usage key usage flags to set
+ *
+ * \return          0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
+ */
+int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage );
+
+/**
+ * \brief           Set the Netscape Cert Type flags
+ *                  (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL)
+ *
+ * \param ctx           CSR context to use
+ * \param ns_cert_type  Netscape Cert Type flags to set
+ *
+ * \return          0 if successful, or MBEDTLS_ERR_X509_ALLOC_FAILED
+ */
+int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx,
+                                    unsigned char ns_cert_type );
+
+/**
+ * \brief           Generic function to add to or replace an extension in the
+ *                  CSR
+ *
+ * \param ctx       CSR context to use
+ * \param oid       OID of the extension
+ * \param oid_len   length of the OID
+ * \param val       value of the extension OCTET STRING
+ * \param val_len   length of the value data
+ *
+ * \return          0 if successful, or a MBEDTLS_ERR_X509_ALLOC_FAILED
+ */
+int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx,
+                                 const char *oid, size_t oid_len,
+                                 const unsigned char *val, size_t val_len );
+
+/**
+ * \brief           Free the contents of a CSR context
+ *
+ * \param ctx       CSR context to free
+ */
+void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx );
+
+/**
+ * \brief           Write a CSR (Certificate Signing Request) to a
+ *                  DER structure
+ *                  Note: data is written at the end of the buffer! Use the
+ *                        return value to determine where you should start
+ *                        using the buffer
+ *
+ * \param ctx       CSR to write away
+ * \param buf       buffer to write to
+ * \param size      size of the buffer
+ * \param f_rng     RNG function (for signature, see note)
+ * \param p_rng     RNG parameter
+ *
+ * \return          length of data written if successful, or a specific
+ *                  error code
+ *
+ * \note            f_rng may be NULL if RSA is used for signature and the
+ *                  signature is made offline (otherwise f_rng is desirable
+ *                  for countermeasures against timing attacks).
+ *                  ECDSA signatures always require a non-NULL f_rng.
+ */
+int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
+                       int (*f_rng)(void *, unsigned char *, size_t),
+                       void *p_rng );
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+/**
+ * \brief           Write a CSR (Certificate Signing Request) to a
+ *                  PEM string
+ *
+ * \param ctx       CSR to write away
+ * \param buf       buffer to write to
+ * \param size      size of the buffer
+ * \param f_rng     RNG function (for signature, see note)
+ * \param p_rng     RNG parameter
+ *
+ * \return          0 if successful, or a specific error code
+ *
+ * \note            f_rng may be NULL if RSA is used for signature and the
+ *                  signature is made offline (otherwise f_rng is desirable
+ *                  for countermeasures against timing attacks).
+ *                  ECDSA signatures always require a non-NULL f_rng.
+ */
+int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
+                       int (*f_rng)(void *, unsigned char *, size_t),
+                       void *p_rng );
+#endif /* MBEDTLS_PEM_WRITE_C */
+#endif /* MBEDTLS_X509_CSR_WRITE_C */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* mbedtls_x509_csr.h */
diff --git a/thirdparty/mbedtls/include/mbedtls/xtea.h b/thirdparty/mbedtls/include/mbedtls/xtea.h
new file mode 100644
index 0000000000..34ccee3c22
--- /dev/null
+++ b/thirdparty/mbedtls/include/mbedtls/xtea.h
@@ -0,0 +1,141 @@
+/**
+ * \file xtea.h
+ *
+ * \brief XTEA block cipher (32-bit)
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_XTEA_H
+#define MBEDTLS_XTEA_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+#include <stdint.h>
+
+#define MBEDTLS_XTEA_ENCRYPT     1
+#define MBEDTLS_XTEA_DECRYPT     0
+
+#define MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH             -0x0028  /**< The data input has an invalid length. */
+#define MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED                  -0x0029  /**< XTEA hardware accelerator failed. */
+
+#if !defined(MBEDTLS_XTEA_ALT)
+// Regular implementation
+//
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          XTEA context structure
+ */
+typedef struct
+{
+    uint32_t k[4];       /*!< key */
+}
+mbedtls_xtea_context;
+
+/**
+ * \brief          Initialize XTEA context
+ *
+ * \param ctx      XTEA context to be initialized
+ */
+void mbedtls_xtea_init( mbedtls_xtea_context *ctx );
+
+/**
+ * \brief          Clear XTEA context
+ *
+ * \param ctx      XTEA context to be cleared
+ */
+void mbedtls_xtea_free( mbedtls_xtea_context *ctx );
+
+/**
+ * \brief          XTEA key schedule
+ *
+ * \param ctx      XTEA context to be initialized
+ * \param key      the secret key
+ */
+void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] );
+
+/**
+ * \brief          XTEA cipher function
+ *
+ * \param ctx      XTEA context
+ * \param mode     MBEDTLS_XTEA_ENCRYPT or MBEDTLS_XTEA_DECRYPT
+ * \param input    8-byte input block
+ * \param output   8-byte output block
+ *
+ * \return         0 if successful
+ */
+int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx,
+                    int mode,
+                    const unsigned char input[8],
+                    unsigned char output[8] );
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+/**
+ * \brief          XTEA CBC cipher function
+ *
+ * \param ctx      XTEA context
+ * \param mode     MBEDTLS_XTEA_ENCRYPT or MBEDTLS_XTEA_DECRYPT
+ * \param length   the length of input, multiple of 8
+ * \param iv       initialization vector for CBC mode
+ * \param input    input block
+ * \param output   output block
+ *
+ * \return         0 if successful,
+ *                 MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH if the length % 8 != 0
+ */
+int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx,
+                    int mode,
+                    size_t length,
+                    unsigned char iv[8],
+                    const unsigned char *input,
+                    unsigned char *output);
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#ifdef __cplusplus
+}
+#endif
+
+#else  /* MBEDTLS_XTEA_ALT */
+#include "xtea_alt.h"
+#endif /* MBEDTLS_XTEA_ALT */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if the test failed
+ */
+int mbedtls_xtea_self_test( int verbose );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* xtea.h */
diff --git a/thirdparty/mbedtls/library/aes.c b/thirdparty/mbedtls/library/aes.c
new file mode 100644
index 0000000000..dba4a5f578
--- /dev/null
+++ b/thirdparty/mbedtls/library/aes.c
@@ -0,0 +1,1526 @@
+/*
+ *  FIPS-197 compliant AES implementation
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ *  The AES block cipher was designed by Vincent Rijmen and Joan Daemen.
+ *
+ *  http://csrc.nist.gov/encryption/aes/rijndael/Rijndael.pdf
+ *  http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_AES_C)
+
+#include <string.h>
+
+#include "mbedtls/aes.h"
+#if defined(MBEDTLS_PADLOCK_C)
+#include "mbedtls/padlock.h"
+#endif
+#if defined(MBEDTLS_AESNI_C)
+#include "mbedtls/aesni.h"
+#endif
+
+#if defined(MBEDTLS_SELF_TEST)
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif /* MBEDTLS_PLATFORM_C */
+#endif /* MBEDTLS_SELF_TEST */
+
+#if !defined(MBEDTLS_AES_ALT)
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
+}
+
+/*
+ * 32-bit integer manipulation macros (little endian)
+ */
+#ifndef GET_UINT32_LE
+#define GET_UINT32_LE(n,b,i)                            \
+{                                                       \
+    (n) = ( (uint32_t) (b)[(i)    ]       )             \
+        | ( (uint32_t) (b)[(i) + 1] <<  8 )             \
+        | ( (uint32_t) (b)[(i) + 2] << 16 )             \
+        | ( (uint32_t) (b)[(i) + 3] << 24 );            \
+}
+#endif
+
+#ifndef PUT_UINT32_LE
+#define PUT_UINT32_LE(n,b,i)                                    \
+{                                                               \
+    (b)[(i)    ] = (unsigned char) ( ( (n)       ) & 0xFF );    \
+    (b)[(i) + 1] = (unsigned char) ( ( (n) >>  8 ) & 0xFF );    \
+    (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF );    \
+    (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF );    \
+}
+#endif
+
+#if defined(MBEDTLS_PADLOCK_C) &&                      \
+    ( defined(MBEDTLS_HAVE_X86) || defined(MBEDTLS_PADLOCK_ALIGN16) )
+static int aes_padlock_ace = -1;
+#endif
+
+#if defined(MBEDTLS_AES_ROM_TABLES)
+/*
+ * Forward S-box
+ */
+static const unsigned char FSb[256] =
+{
+    0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5,
+    0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76,
+    0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0,
+    0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0,
+    0xB7, 0xFD, 0x93, 0x26, 0x36, 0x3F, 0xF7, 0xCC,
+    0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15,
+    0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A,
+    0x07, 0x12, 0x80, 0xE2, 0xEB, 0x27, 0xB2, 0x75,
+    0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0,
+    0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84,
+    0x53, 0xD1, 0x00, 0xED, 0x20, 0xFC, 0xB1, 0x5B,
+    0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF,
+    0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85,
+    0x45, 0xF9, 0x02, 0x7F, 0x50, 0x3C, 0x9F, 0xA8,
+    0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5,
+    0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2,
+    0xCD, 0x0C, 0x13, 0xEC, 0x5F, 0x97, 0x44, 0x17,
+    0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73,
+    0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88,
+    0x46, 0xEE, 0xB8, 0x14, 0xDE, 0x5E, 0x0B, 0xDB,
+    0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C,
+    0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79,
+    0xE7, 0xC8, 0x37, 0x6D, 0x8D, 0xD5, 0x4E, 0xA9,
+    0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08,
+    0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6,
+    0xE8, 0xDD, 0x74, 0x1F, 0x4B, 0xBD, 0x8B, 0x8A,
+    0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E,
+    0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E,
+    0xE1, 0xF8, 0x98, 0x11, 0x69, 0xD9, 0x8E, 0x94,
+    0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF,
+    0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68,
+    0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16
+};
+
+/*
+ * Forward tables
+ */
+#define FT \
+\
+    V(A5,63,63,C6), V(84,7C,7C,F8), V(99,77,77,EE), V(8D,7B,7B,F6), \
+    V(0D,F2,F2,FF), V(BD,6B,6B,D6), V(B1,6F,6F,DE), V(54,C5,C5,91), \
+    V(50,30,30,60), V(03,01,01,02), V(A9,67,67,CE), V(7D,2B,2B,56), \
+    V(19,FE,FE,E7), V(62,D7,D7,B5), V(E6,AB,AB,4D), V(9A,76,76,EC), \
+    V(45,CA,CA,8F), V(9D,82,82,1F), V(40,C9,C9,89), V(87,7D,7D,FA), \
+    V(15,FA,FA,EF), V(EB,59,59,B2), V(C9,47,47,8E), V(0B,F0,F0,FB), \
+    V(EC,AD,AD,41), V(67,D4,D4,B3), V(FD,A2,A2,5F), V(EA,AF,AF,45), \
+    V(BF,9C,9C,23), V(F7,A4,A4,53), V(96,72,72,E4), V(5B,C0,C0,9B), \
+    V(C2,B7,B7,75), V(1C,FD,FD,E1), V(AE,93,93,3D), V(6A,26,26,4C), \
+    V(5A,36,36,6C), V(41,3F,3F,7E), V(02,F7,F7,F5), V(4F,CC,CC,83), \
+    V(5C,34,34,68), V(F4,A5,A5,51), V(34,E5,E5,D1), V(08,F1,F1,F9), \
+    V(93,71,71,E2), V(73,D8,D8,AB), V(53,31,31,62), V(3F,15,15,2A), \
+    V(0C,04,04,08), V(52,C7,C7,95), V(65,23,23,46), V(5E,C3,C3,9D), \
+    V(28,18,18,30), V(A1,96,96,37), V(0F,05,05,0A), V(B5,9A,9A,2F), \
+    V(09,07,07,0E), V(36,12,12,24), V(9B,80,80,1B), V(3D,E2,E2,DF), \
+    V(26,EB,EB,CD), V(69,27,27,4E), V(CD,B2,B2,7F), V(9F,75,75,EA), \
+    V(1B,09,09,12), V(9E,83,83,1D), V(74,2C,2C,58), V(2E,1A,1A,34), \
+    V(2D,1B,1B,36), V(B2,6E,6E,DC), V(EE,5A,5A,B4), V(FB,A0,A0,5B), \
+    V(F6,52,52,A4), V(4D,3B,3B,76), V(61,D6,D6,B7), V(CE,B3,B3,7D), \
+    V(7B,29,29,52), V(3E,E3,E3,DD), V(71,2F,2F,5E), V(97,84,84,13), \
+    V(F5,53,53,A6), V(68,D1,D1,B9), V(00,00,00,00), V(2C,ED,ED,C1), \
+    V(60,20,20,40), V(1F,FC,FC,E3), V(C8,B1,B1,79), V(ED,5B,5B,B6), \
+    V(BE,6A,6A,D4), V(46,CB,CB,8D), V(D9,BE,BE,67), V(4B,39,39,72), \
+    V(DE,4A,4A,94), V(D4,4C,4C,98), V(E8,58,58,B0), V(4A,CF,CF,85), \
+    V(6B,D0,D0,BB), V(2A,EF,EF,C5), V(E5,AA,AA,4F), V(16,FB,FB,ED), \
+    V(C5,43,43,86), V(D7,4D,4D,9A), V(55,33,33,66), V(94,85,85,11), \
+    V(CF,45,45,8A), V(10,F9,F9,E9), V(06,02,02,04), V(81,7F,7F,FE), \
+    V(F0,50,50,A0), V(44,3C,3C,78), V(BA,9F,9F,25), V(E3,A8,A8,4B), \
+    V(F3,51,51,A2), V(FE,A3,A3,5D), V(C0,40,40,80), V(8A,8F,8F,05), \
+    V(AD,92,92,3F), V(BC,9D,9D,21), V(48,38,38,70), V(04,F5,F5,F1), \
+    V(DF,BC,BC,63), V(C1,B6,B6,77), V(75,DA,DA,AF), V(63,21,21,42), \
+    V(30,10,10,20), V(1A,FF,FF,E5), V(0E,F3,F3,FD), V(6D,D2,D2,BF), \
+    V(4C,CD,CD,81), V(14,0C,0C,18), V(35,13,13,26), V(2F,EC,EC,C3), \
+    V(E1,5F,5F,BE), V(A2,97,97,35), V(CC,44,44,88), V(39,17,17,2E), \
+    V(57,C4,C4,93), V(F2,A7,A7,55), V(82,7E,7E,FC), V(47,3D,3D,7A), \
+    V(AC,64,64,C8), V(E7,5D,5D,BA), V(2B,19,19,32), V(95,73,73,E6), \
+    V(A0,60,60,C0), V(98,81,81,19), V(D1,4F,4F,9E), V(7F,DC,DC,A3), \
+    V(66,22,22,44), V(7E,2A,2A,54), V(AB,90,90,3B), V(83,88,88,0B), \
+    V(CA,46,46,8C), V(29,EE,EE,C7), V(D3,B8,B8,6B), V(3C,14,14,28), \
+    V(79,DE,DE,A7), V(E2,5E,5E,BC), V(1D,0B,0B,16), V(76,DB,DB,AD), \
+    V(3B,E0,E0,DB), V(56,32,32,64), V(4E,3A,3A,74), V(1E,0A,0A,14), \
+    V(DB,49,49,92), V(0A,06,06,0C), V(6C,24,24,48), V(E4,5C,5C,B8), \
+    V(5D,C2,C2,9F), V(6E,D3,D3,BD), V(EF,AC,AC,43), V(A6,62,62,C4), \
+    V(A8,91,91,39), V(A4,95,95,31), V(37,E4,E4,D3), V(8B,79,79,F2), \
+    V(32,E7,E7,D5), V(43,C8,C8,8B), V(59,37,37,6E), V(B7,6D,6D,DA), \
+    V(8C,8D,8D,01), V(64,D5,D5,B1), V(D2,4E,4E,9C), V(E0,A9,A9,49), \
+    V(B4,6C,6C,D8), V(FA,56,56,AC), V(07,F4,F4,F3), V(25,EA,EA,CF), \
+    V(AF,65,65,CA), V(8E,7A,7A,F4), V(E9,AE,AE,47), V(18,08,08,10), \
+    V(D5,BA,BA,6F), V(88,78,78,F0), V(6F,25,25,4A), V(72,2E,2E,5C), \
+    V(24,1C,1C,38), V(F1,A6,A6,57), V(C7,B4,B4,73), V(51,C6,C6,97), \
+    V(23,E8,E8,CB), V(7C,DD,DD,A1), V(9C,74,74,E8), V(21,1F,1F,3E), \
+    V(DD,4B,4B,96), V(DC,BD,BD,61), V(86,8B,8B,0D), V(85,8A,8A,0F), \
+    V(90,70,70,E0), V(42,3E,3E,7C), V(C4,B5,B5,71), V(AA,66,66,CC), \
+    V(D8,48,48,90), V(05,03,03,06), V(01,F6,F6,F7), V(12,0E,0E,1C), \
+    V(A3,61,61,C2), V(5F,35,35,6A), V(F9,57,57,AE), V(D0,B9,B9,69), \
+    V(91,86,86,17), V(58,C1,C1,99), V(27,1D,1D,3A), V(B9,9E,9E,27), \
+    V(38,E1,E1,D9), V(13,F8,F8,EB), V(B3,98,98,2B), V(33,11,11,22), \
+    V(BB,69,69,D2), V(70,D9,D9,A9), V(89,8E,8E,07), V(A7,94,94,33), \
+    V(B6,9B,9B,2D), V(22,1E,1E,3C), V(92,87,87,15), V(20,E9,E9,C9), \
+    V(49,CE,CE,87), V(FF,55,55,AA), V(78,28,28,50), V(7A,DF,DF,A5), \
+    V(8F,8C,8C,03), V(F8,A1,A1,59), V(80,89,89,09), V(17,0D,0D,1A), \
+    V(DA,BF,BF,65), V(31,E6,E6,D7), V(C6,42,42,84), V(B8,68,68,D0), \
+    V(C3,41,41,82), V(B0,99,99,29), V(77,2D,2D,5A), V(11,0F,0F,1E), \
+    V(CB,B0,B0,7B), V(FC,54,54,A8), V(D6,BB,BB,6D), V(3A,16,16,2C)
+
+#define V(a,b,c,d) 0x##a##b##c##d
+static const uint32_t FT0[256] = { FT };
+#undef V
+
+#define V(a,b,c,d) 0x##b##c##d##a
+static const uint32_t FT1[256] = { FT };
+#undef V
+
+#define V(a,b,c,d) 0x##c##d##a##b
+static const uint32_t FT2[256] = { FT };
+#undef V
+
+#define V(a,b,c,d) 0x##d##a##b##c
+static const uint32_t FT3[256] = { FT };
+#undef V
+
+#undef FT
+
+/*
+ * Reverse S-box
+ */
+static const unsigned char RSb[256] =
+{
+    0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38,
+    0xBF, 0x40, 0xA3, 0x9E, 0x81, 0xF3, 0xD7, 0xFB,
+    0x7C, 0xE3, 0x39, 0x82, 0x9B, 0x2F, 0xFF, 0x87,
+    0x34, 0x8E, 0x43, 0x44, 0xC4, 0xDE, 0xE9, 0xCB,
+    0x54, 0x7B, 0x94, 0x32, 0xA6, 0xC2, 0x23, 0x3D,
+    0xEE, 0x4C, 0x95, 0x0B, 0x42, 0xFA, 0xC3, 0x4E,
+    0x08, 0x2E, 0xA1, 0x66, 0x28, 0xD9, 0x24, 0xB2,
+    0x76, 0x5B, 0xA2, 0x49, 0x6D, 0x8B, 0xD1, 0x25,
+    0x72, 0xF8, 0xF6, 0x64, 0x86, 0x68, 0x98, 0x16,
+    0xD4, 0xA4, 0x5C, 0xCC, 0x5D, 0x65, 0xB6, 0x92,
+    0x6C, 0x70, 0x48, 0x50, 0xFD, 0xED, 0xB9, 0xDA,
+    0x5E, 0x15, 0x46, 0x57, 0xA7, 0x8D, 0x9D, 0x84,
+    0x90, 0xD8, 0xAB, 0x00, 0x8C, 0xBC, 0xD3, 0x0A,
+    0xF7, 0xE4, 0x58, 0x05, 0xB8, 0xB3, 0x45, 0x06,
+    0xD0, 0x2C, 0x1E, 0x8F, 0xCA, 0x3F, 0x0F, 0x02,
+    0xC1, 0xAF, 0xBD, 0x03, 0x01, 0x13, 0x8A, 0x6B,
+    0x3A, 0x91, 0x11, 0x41, 0x4F, 0x67, 0xDC, 0xEA,
+    0x97, 0xF2, 0xCF, 0xCE, 0xF0, 0xB4, 0xE6, 0x73,
+    0x96, 0xAC, 0x74, 0x22, 0xE7, 0xAD, 0x35, 0x85,
+    0xE2, 0xF9, 0x37, 0xE8, 0x1C, 0x75, 0xDF, 0x6E,
+    0x47, 0xF1, 0x1A, 0x71, 0x1D, 0x29, 0xC5, 0x89,
+    0x6F, 0xB7, 0x62, 0x0E, 0xAA, 0x18, 0xBE, 0x1B,
+    0xFC, 0x56, 0x3E, 0x4B, 0xC6, 0xD2, 0x79, 0x20,
+    0x9A, 0xDB, 0xC0, 0xFE, 0x78, 0xCD, 0x5A, 0xF4,
+    0x1F, 0xDD, 0xA8, 0x33, 0x88, 0x07, 0xC7, 0x31,
+    0xB1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xEC, 0x5F,
+    0x60, 0x51, 0x7F, 0xA9, 0x19, 0xB5, 0x4A, 0x0D,
+    0x2D, 0xE5, 0x7A, 0x9F, 0x93, 0xC9, 0x9C, 0xEF,
+    0xA0, 0xE0, 0x3B, 0x4D, 0xAE, 0x2A, 0xF5, 0xB0,
+    0xC8, 0xEB, 0xBB, 0x3C, 0x83, 0x53, 0x99, 0x61,
+    0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26,
+    0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D
+};
+
+/*
+ * Reverse tables
+ */
+#define RT \
+\
+    V(50,A7,F4,51), V(53,65,41,7E), V(C3,A4,17,1A), V(96,5E,27,3A), \
+    V(CB,6B,AB,3B), V(F1,45,9D,1F), V(AB,58,FA,AC), V(93,03,E3,4B), \
+    V(55,FA,30,20), V(F6,6D,76,AD), V(91,76,CC,88), V(25,4C,02,F5), \
+    V(FC,D7,E5,4F), V(D7,CB,2A,C5), V(80,44,35,26), V(8F,A3,62,B5), \
+    V(49,5A,B1,DE), V(67,1B,BA,25), V(98,0E,EA,45), V(E1,C0,FE,5D), \
+    V(02,75,2F,C3), V(12,F0,4C,81), V(A3,97,46,8D), V(C6,F9,D3,6B), \
+    V(E7,5F,8F,03), V(95,9C,92,15), V(EB,7A,6D,BF), V(DA,59,52,95), \
+    V(2D,83,BE,D4), V(D3,21,74,58), V(29,69,E0,49), V(44,C8,C9,8E), \
+    V(6A,89,C2,75), V(78,79,8E,F4), V(6B,3E,58,99), V(DD,71,B9,27), \
+    V(B6,4F,E1,BE), V(17,AD,88,F0), V(66,AC,20,C9), V(B4,3A,CE,7D), \
+    V(18,4A,DF,63), V(82,31,1A,E5), V(60,33,51,97), V(45,7F,53,62), \
+    V(E0,77,64,B1), V(84,AE,6B,BB), V(1C,A0,81,FE), V(94,2B,08,F9), \
+    V(58,68,48,70), V(19,FD,45,8F), V(87,6C,DE,94), V(B7,F8,7B,52), \
+    V(23,D3,73,AB), V(E2,02,4B,72), V(57,8F,1F,E3), V(2A,AB,55,66), \
+    V(07,28,EB,B2), V(03,C2,B5,2F), V(9A,7B,C5,86), V(A5,08,37,D3), \
+    V(F2,87,28,30), V(B2,A5,BF,23), V(BA,6A,03,02), V(5C,82,16,ED), \
+    V(2B,1C,CF,8A), V(92,B4,79,A7), V(F0,F2,07,F3), V(A1,E2,69,4E), \
+    V(CD,F4,DA,65), V(D5,BE,05,06), V(1F,62,34,D1), V(8A,FE,A6,C4), \
+    V(9D,53,2E,34), V(A0,55,F3,A2), V(32,E1,8A,05), V(75,EB,F6,A4), \
+    V(39,EC,83,0B), V(AA,EF,60,40), V(06,9F,71,5E), V(51,10,6E,BD), \
+    V(F9,8A,21,3E), V(3D,06,DD,96), V(AE,05,3E,DD), V(46,BD,E6,4D), \
+    V(B5,8D,54,91), V(05,5D,C4,71), V(6F,D4,06,04), V(FF,15,50,60), \
+    V(24,FB,98,19), V(97,E9,BD,D6), V(CC,43,40,89), V(77,9E,D9,67), \
+    V(BD,42,E8,B0), V(88,8B,89,07), V(38,5B,19,E7), V(DB,EE,C8,79), \
+    V(47,0A,7C,A1), V(E9,0F,42,7C), V(C9,1E,84,F8), V(00,00,00,00), \
+    V(83,86,80,09), V(48,ED,2B,32), V(AC,70,11,1E), V(4E,72,5A,6C), \
+    V(FB,FF,0E,FD), V(56,38,85,0F), V(1E,D5,AE,3D), V(27,39,2D,36), \
+    V(64,D9,0F,0A), V(21,A6,5C,68), V(D1,54,5B,9B), V(3A,2E,36,24), \
+    V(B1,67,0A,0C), V(0F,E7,57,93), V(D2,96,EE,B4), V(9E,91,9B,1B), \
+    V(4F,C5,C0,80), V(A2,20,DC,61), V(69,4B,77,5A), V(16,1A,12,1C), \
+    V(0A,BA,93,E2), V(E5,2A,A0,C0), V(43,E0,22,3C), V(1D,17,1B,12), \
+    V(0B,0D,09,0E), V(AD,C7,8B,F2), V(B9,A8,B6,2D), V(C8,A9,1E,14), \
+    V(85,19,F1,57), V(4C,07,75,AF), V(BB,DD,99,EE), V(FD,60,7F,A3), \
+    V(9F,26,01,F7), V(BC,F5,72,5C), V(C5,3B,66,44), V(34,7E,FB,5B), \
+    V(76,29,43,8B), V(DC,C6,23,CB), V(68,FC,ED,B6), V(63,F1,E4,B8), \
+    V(CA,DC,31,D7), V(10,85,63,42), V(40,22,97,13), V(20,11,C6,84), \
+    V(7D,24,4A,85), V(F8,3D,BB,D2), V(11,32,F9,AE), V(6D,A1,29,C7), \
+    V(4B,2F,9E,1D), V(F3,30,B2,DC), V(EC,52,86,0D), V(D0,E3,C1,77), \
+    V(6C,16,B3,2B), V(99,B9,70,A9), V(FA,48,94,11), V(22,64,E9,47), \
+    V(C4,8C,FC,A8), V(1A,3F,F0,A0), V(D8,2C,7D,56), V(EF,90,33,22), \
+    V(C7,4E,49,87), V(C1,D1,38,D9), V(FE,A2,CA,8C), V(36,0B,D4,98), \
+    V(CF,81,F5,A6), V(28,DE,7A,A5), V(26,8E,B7,DA), V(A4,BF,AD,3F), \
+    V(E4,9D,3A,2C), V(0D,92,78,50), V(9B,CC,5F,6A), V(62,46,7E,54), \
+    V(C2,13,8D,F6), V(E8,B8,D8,90), V(5E,F7,39,2E), V(F5,AF,C3,82), \
+    V(BE,80,5D,9F), V(7C,93,D0,69), V(A9,2D,D5,6F), V(B3,12,25,CF), \
+    V(3B,99,AC,C8), V(A7,7D,18,10), V(6E,63,9C,E8), V(7B,BB,3B,DB), \
+    V(09,78,26,CD), V(F4,18,59,6E), V(01,B7,9A,EC), V(A8,9A,4F,83), \
+    V(65,6E,95,E6), V(7E,E6,FF,AA), V(08,CF,BC,21), V(E6,E8,15,EF), \
+    V(D9,9B,E7,BA), V(CE,36,6F,4A), V(D4,09,9F,EA), V(D6,7C,B0,29), \
+    V(AF,B2,A4,31), V(31,23,3F,2A), V(30,94,A5,C6), V(C0,66,A2,35), \
+    V(37,BC,4E,74), V(A6,CA,82,FC), V(B0,D0,90,E0), V(15,D8,A7,33), \
+    V(4A,98,04,F1), V(F7,DA,EC,41), V(0E,50,CD,7F), V(2F,F6,91,17), \
+    V(8D,D6,4D,76), V(4D,B0,EF,43), V(54,4D,AA,CC), V(DF,04,96,E4), \
+    V(E3,B5,D1,9E), V(1B,88,6A,4C), V(B8,1F,2C,C1), V(7F,51,65,46), \
+    V(04,EA,5E,9D), V(5D,35,8C,01), V(73,74,87,FA), V(2E,41,0B,FB), \
+    V(5A,1D,67,B3), V(52,D2,DB,92), V(33,56,10,E9), V(13,47,D6,6D), \
+    V(8C,61,D7,9A), V(7A,0C,A1,37), V(8E,14,F8,59), V(89,3C,13,EB), \
+    V(EE,27,A9,CE), V(35,C9,61,B7), V(ED,E5,1C,E1), V(3C,B1,47,7A), \
+    V(59,DF,D2,9C), V(3F,73,F2,55), V(79,CE,14,18), V(BF,37,C7,73), \
+    V(EA,CD,F7,53), V(5B,AA,FD,5F), V(14,6F,3D,DF), V(86,DB,44,78), \
+    V(81,F3,AF,CA), V(3E,C4,68,B9), V(2C,34,24,38), V(5F,40,A3,C2), \
+    V(72,C3,1D,16), V(0C,25,E2,BC), V(8B,49,3C,28), V(41,95,0D,FF), \
+    V(71,01,A8,39), V(DE,B3,0C,08), V(9C,E4,B4,D8), V(90,C1,56,64), \
+    V(61,84,CB,7B), V(70,B6,32,D5), V(74,5C,6C,48), V(42,57,B8,D0)
+
+#define V(a,b,c,d) 0x##a##b##c##d
+static const uint32_t RT0[256] = { RT };
+#undef V
+
+#define V(a,b,c,d) 0x##b##c##d##a
+static const uint32_t RT1[256] = { RT };
+#undef V
+
+#define V(a,b,c,d) 0x##c##d##a##b
+static const uint32_t RT2[256] = { RT };
+#undef V
+
+#define V(a,b,c,d) 0x##d##a##b##c
+static const uint32_t RT3[256] = { RT };
+#undef V
+
+#undef RT
+
+/*
+ * Round constants
+ */
+static const uint32_t RCON[10] =
+{
+    0x00000001, 0x00000002, 0x00000004, 0x00000008,
+    0x00000010, 0x00000020, 0x00000040, 0x00000080,
+    0x0000001B, 0x00000036
+};
+
+#else /* MBEDTLS_AES_ROM_TABLES */
+
+/*
+ * Forward S-box & tables
+ */
+static unsigned char FSb[256];
+static uint32_t FT0[256];
+static uint32_t FT1[256];
+static uint32_t FT2[256];
+static uint32_t FT3[256];
+
+/*
+ * Reverse S-box & tables
+ */
+static unsigned char RSb[256];
+static uint32_t RT0[256];
+static uint32_t RT1[256];
+static uint32_t RT2[256];
+static uint32_t RT3[256];
+
+/*
+ * Round constants
+ */
+static uint32_t RCON[10];
+
+/*
+ * Tables generation code
+ */
+#define ROTL8(x) ( ( x << 8 ) & 0xFFFFFFFF ) | ( x >> 24 )
+#define XTIME(x) ( ( x << 1 ) ^ ( ( x & 0x80 ) ? 0x1B : 0x00 ) )
+#define MUL(x,y) ( ( x && y ) ? pow[(log[x]+log[y]) % 255] : 0 )
+
+static int aes_init_done = 0;
+
+static void aes_gen_tables( void )
+{
+    int i, x, y, z;
+    int pow[256];
+    int log[256];
+
+    /*
+     * compute pow and log tables over GF(2^8)
+     */
+    for( i = 0, x = 1; i < 256; i++ )
+    {
+        pow[i] = x;
+        log[x] = i;
+        x = ( x ^ XTIME( x ) ) & 0xFF;
+    }
+
+    /*
+     * calculate the round constants
+     */
+    for( i = 0, x = 1; i < 10; i++ )
+    {
+        RCON[i] = (uint32_t) x;
+        x = XTIME( x ) & 0xFF;
+    }
+
+    /*
+     * generate the forward and reverse S-boxes
+     */
+    FSb[0x00] = 0x63;
+    RSb[0x63] = 0x00;
+
+    for( i = 1; i < 256; i++ )
+    {
+        x = pow[255 - log[i]];
+
+        y  = x; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF;
+        x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF;
+        x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF;
+        x ^= y; y = ( ( y << 1 ) | ( y >> 7 ) ) & 0xFF;
+        x ^= y ^ 0x63;
+
+        FSb[i] = (unsigned char) x;
+        RSb[x] = (unsigned char) i;
+    }
+
+    /*
+     * generate the forward and reverse tables
+     */
+    for( i = 0; i < 256; i++ )
+    {
+        x = FSb[i];
+        y = XTIME( x ) & 0xFF;
+        z =  ( y ^ x ) & 0xFF;
+
+        FT0[i] = ( (uint32_t) y       ) ^
+                 ( (uint32_t) x <<  8 ) ^
+                 ( (uint32_t) x << 16 ) ^
+                 ( (uint32_t) z << 24 );
+
+        FT1[i] = ROTL8( FT0[i] );
+        FT2[i] = ROTL8( FT1[i] );
+        FT3[i] = ROTL8( FT2[i] );
+
+        x = RSb[i];
+
+        RT0[i] = ( (uint32_t) MUL( 0x0E, x )       ) ^
+                 ( (uint32_t) MUL( 0x09, x ) <<  8 ) ^
+                 ( (uint32_t) MUL( 0x0D, x ) << 16 ) ^
+                 ( (uint32_t) MUL( 0x0B, x ) << 24 );
+
+        RT1[i] = ROTL8( RT0[i] );
+        RT2[i] = ROTL8( RT1[i] );
+        RT3[i] = ROTL8( RT2[i] );
+    }
+}
+
+#endif /* MBEDTLS_AES_ROM_TABLES */
+
+void mbedtls_aes_init( mbedtls_aes_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_aes_context ) );
+}
+
+void mbedtls_aes_free( mbedtls_aes_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    mbedtls_zeroize( ctx, sizeof( mbedtls_aes_context ) );
+}
+
+/*
+ * AES key schedule (encryption)
+ */
+#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT)
+int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
+                    unsigned int keybits )
+{
+    unsigned int i;
+    uint32_t *RK;
+
+#if !defined(MBEDTLS_AES_ROM_TABLES)
+    if( aes_init_done == 0 )
+    {
+        aes_gen_tables();
+        aes_init_done = 1;
+
+    }
+#endif
+
+    switch( keybits )
+    {
+        case 128: ctx->nr = 10; break;
+        case 192: ctx->nr = 12; break;
+        case 256: ctx->nr = 14; break;
+        default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH );
+    }
+
+#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16)
+    if( aes_padlock_ace == -1 )
+        aes_padlock_ace = mbedtls_padlock_has_support( MBEDTLS_PADLOCK_ACE );
+
+    if( aes_padlock_ace )
+        ctx->rk = RK = MBEDTLS_PADLOCK_ALIGN16( ctx->buf );
+    else
+#endif
+    ctx->rk = RK = ctx->buf;
+
+#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
+    if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) )
+        return( mbedtls_aesni_setkey_enc( (unsigned char *) ctx->rk, key, keybits ) );
+#endif
+
+    for( i = 0; i < ( keybits >> 5 ); i++ )
+    {
+        GET_UINT32_LE( RK[i], key, i << 2 );
+    }
+
+    switch( ctx->nr )
+    {
+        case 10:
+
+            for( i = 0; i < 10; i++, RK += 4 )
+            {
+                RK[4]  = RK[0] ^ RCON[i] ^
+                ( (uint32_t) FSb[ ( RK[3] >>  8 ) & 0xFF ]       ) ^
+                ( (uint32_t) FSb[ ( RK[3] >> 16 ) & 0xFF ] <<  8 ) ^
+                ( (uint32_t) FSb[ ( RK[3] >> 24 ) & 0xFF ] << 16 ) ^
+                ( (uint32_t) FSb[ ( RK[3]       ) & 0xFF ] << 24 );
+
+                RK[5]  = RK[1] ^ RK[4];
+                RK[6]  = RK[2] ^ RK[5];
+                RK[7]  = RK[3] ^ RK[6];
+            }
+            break;
+
+        case 12:
+
+            for( i = 0; i < 8; i++, RK += 6 )
+            {
+                RK[6]  = RK[0] ^ RCON[i] ^
+                ( (uint32_t) FSb[ ( RK[5] >>  8 ) & 0xFF ]       ) ^
+                ( (uint32_t) FSb[ ( RK[5] >> 16 ) & 0xFF ] <<  8 ) ^
+                ( (uint32_t) FSb[ ( RK[5] >> 24 ) & 0xFF ] << 16 ) ^
+                ( (uint32_t) FSb[ ( RK[5]       ) & 0xFF ] << 24 );
+
+                RK[7]  = RK[1] ^ RK[6];
+                RK[8]  = RK[2] ^ RK[7];
+                RK[9]  = RK[3] ^ RK[8];
+                RK[10] = RK[4] ^ RK[9];
+                RK[11] = RK[5] ^ RK[10];
+            }
+            break;
+
+        case 14:
+
+            for( i = 0; i < 7; i++, RK += 8 )
+            {
+                RK[8]  = RK[0] ^ RCON[i] ^
+                ( (uint32_t) FSb[ ( RK[7] >>  8 ) & 0xFF ]       ) ^
+                ( (uint32_t) FSb[ ( RK[7] >> 16 ) & 0xFF ] <<  8 ) ^
+                ( (uint32_t) FSb[ ( RK[7] >> 24 ) & 0xFF ] << 16 ) ^
+                ( (uint32_t) FSb[ ( RK[7]       ) & 0xFF ] << 24 );
+
+                RK[9]  = RK[1] ^ RK[8];
+                RK[10] = RK[2] ^ RK[9];
+                RK[11] = RK[3] ^ RK[10];
+
+                RK[12] = RK[4] ^
+                ( (uint32_t) FSb[ ( RK[11]       ) & 0xFF ]       ) ^
+                ( (uint32_t) FSb[ ( RK[11] >>  8 ) & 0xFF ] <<  8 ) ^
+                ( (uint32_t) FSb[ ( RK[11] >> 16 ) & 0xFF ] << 16 ) ^
+                ( (uint32_t) FSb[ ( RK[11] >> 24 ) & 0xFF ] << 24 );
+
+                RK[13] = RK[5] ^ RK[12];
+                RK[14] = RK[6] ^ RK[13];
+                RK[15] = RK[7] ^ RK[14];
+            }
+            break;
+    }
+
+    return( 0 );
+}
+#endif /* !MBEDTLS_AES_SETKEY_ENC_ALT */
+
+/*
+ * AES key schedule (decryption)
+ */
+#if !defined(MBEDTLS_AES_SETKEY_DEC_ALT)
+int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
+                    unsigned int keybits )
+{
+    int i, j, ret;
+    mbedtls_aes_context cty;
+    uint32_t *RK;
+    uint32_t *SK;
+
+    mbedtls_aes_init( &cty );
+
+#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16)
+    if( aes_padlock_ace == -1 )
+        aes_padlock_ace = mbedtls_padlock_has_support( MBEDTLS_PADLOCK_ACE );
+
+    if( aes_padlock_ace )
+        ctx->rk = RK = MBEDTLS_PADLOCK_ALIGN16( ctx->buf );
+    else
+#endif
+    ctx->rk = RK = ctx->buf;
+
+    /* Also checks keybits */
+    if( ( ret = mbedtls_aes_setkey_enc( &cty, key, keybits ) ) != 0 )
+        goto exit;
+
+    ctx->nr = cty.nr;
+
+#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
+    if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) )
+    {
+        mbedtls_aesni_inverse_key( (unsigned char *) ctx->rk,
+                           (const unsigned char *) cty.rk, ctx->nr );
+        goto exit;
+    }
+#endif
+
+    SK = cty.rk + cty.nr * 4;
+
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+
+    for( i = ctx->nr - 1, SK -= 8; i > 0; i--, SK -= 8 )
+    {
+        for( j = 0; j < 4; j++, SK++ )
+        {
+            *RK++ = RT0[ FSb[ ( *SK       ) & 0xFF ] ] ^
+                    RT1[ FSb[ ( *SK >>  8 ) & 0xFF ] ] ^
+                    RT2[ FSb[ ( *SK >> 16 ) & 0xFF ] ] ^
+                    RT3[ FSb[ ( *SK >> 24 ) & 0xFF ] ];
+        }
+    }
+
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+
+exit:
+    mbedtls_aes_free( &cty );
+
+    return( ret );
+}
+#endif /* !MBEDTLS_AES_SETKEY_DEC_ALT */
+
+#define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3)     \
+{                                               \
+    X0 = *RK++ ^ FT0[ ( Y0       ) & 0xFF ] ^   \
+                 FT1[ ( Y1 >>  8 ) & 0xFF ] ^   \
+                 FT2[ ( Y2 >> 16 ) & 0xFF ] ^   \
+                 FT3[ ( Y3 >> 24 ) & 0xFF ];    \
+                                                \
+    X1 = *RK++ ^ FT0[ ( Y1       ) & 0xFF ] ^   \
+                 FT1[ ( Y2 >>  8 ) & 0xFF ] ^   \
+                 FT2[ ( Y3 >> 16 ) & 0xFF ] ^   \
+                 FT3[ ( Y0 >> 24 ) & 0xFF ];    \
+                                                \
+    X2 = *RK++ ^ FT0[ ( Y2       ) & 0xFF ] ^   \
+                 FT1[ ( Y3 >>  8 ) & 0xFF ] ^   \
+                 FT2[ ( Y0 >> 16 ) & 0xFF ] ^   \
+                 FT3[ ( Y1 >> 24 ) & 0xFF ];    \
+                                                \
+    X3 = *RK++ ^ FT0[ ( Y3       ) & 0xFF ] ^   \
+                 FT1[ ( Y0 >>  8 ) & 0xFF ] ^   \
+                 FT2[ ( Y1 >> 16 ) & 0xFF ] ^   \
+                 FT3[ ( Y2 >> 24 ) & 0xFF ];    \
+}
+
+#define AES_RROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3)     \
+{                                               \
+    X0 = *RK++ ^ RT0[ ( Y0       ) & 0xFF ] ^   \
+                 RT1[ ( Y3 >>  8 ) & 0xFF ] ^   \
+                 RT2[ ( Y2 >> 16 ) & 0xFF ] ^   \
+                 RT3[ ( Y1 >> 24 ) & 0xFF ];    \
+                                                \
+    X1 = *RK++ ^ RT0[ ( Y1       ) & 0xFF ] ^   \
+                 RT1[ ( Y0 >>  8 ) & 0xFF ] ^   \
+                 RT2[ ( Y3 >> 16 ) & 0xFF ] ^   \
+                 RT3[ ( Y2 >> 24 ) & 0xFF ];    \
+                                                \
+    X2 = *RK++ ^ RT0[ ( Y2       ) & 0xFF ] ^   \
+                 RT1[ ( Y1 >>  8 ) & 0xFF ] ^   \
+                 RT2[ ( Y0 >> 16 ) & 0xFF ] ^   \
+                 RT3[ ( Y3 >> 24 ) & 0xFF ];    \
+                                                \
+    X3 = *RK++ ^ RT0[ ( Y3       ) & 0xFF ] ^   \
+                 RT1[ ( Y2 >>  8 ) & 0xFF ] ^   \
+                 RT2[ ( Y1 >> 16 ) & 0xFF ] ^   \
+                 RT3[ ( Y0 >> 24 ) & 0xFF ];    \
+}
+
+/*
+ * AES-ECB block encryption
+ */
+#if !defined(MBEDTLS_AES_ENCRYPT_ALT)
+int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
+                                  const unsigned char input[16],
+                                  unsigned char output[16] )
+{
+    int i;
+    uint32_t *RK, X0, X1, X2, X3, Y0, Y1, Y2, Y3;
+
+    RK = ctx->rk;
+
+    GET_UINT32_LE( X0, input,  0 ); X0 ^= *RK++;
+    GET_UINT32_LE( X1, input,  4 ); X1 ^= *RK++;
+    GET_UINT32_LE( X2, input,  8 ); X2 ^= *RK++;
+    GET_UINT32_LE( X3, input, 12 ); X3 ^= *RK++;
+
+    for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- )
+    {
+        AES_FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 );
+        AES_FROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 );
+    }
+
+    AES_FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 );
+
+    X0 = *RK++ ^ \
+            ( (uint32_t) FSb[ ( Y0       ) & 0xFF ]       ) ^
+            ( (uint32_t) FSb[ ( Y1 >>  8 ) & 0xFF ] <<  8 ) ^
+            ( (uint32_t) FSb[ ( Y2 >> 16 ) & 0xFF ] << 16 ) ^
+            ( (uint32_t) FSb[ ( Y3 >> 24 ) & 0xFF ] << 24 );
+
+    X1 = *RK++ ^ \
+            ( (uint32_t) FSb[ ( Y1       ) & 0xFF ]       ) ^
+            ( (uint32_t) FSb[ ( Y2 >>  8 ) & 0xFF ] <<  8 ) ^
+            ( (uint32_t) FSb[ ( Y3 >> 16 ) & 0xFF ] << 16 ) ^
+            ( (uint32_t) FSb[ ( Y0 >> 24 ) & 0xFF ] << 24 );
+
+    X2 = *RK++ ^ \
+            ( (uint32_t) FSb[ ( Y2       ) & 0xFF ]       ) ^
+            ( (uint32_t) FSb[ ( Y3 >>  8 ) & 0xFF ] <<  8 ) ^
+            ( (uint32_t) FSb[ ( Y0 >> 16 ) & 0xFF ] << 16 ) ^
+            ( (uint32_t) FSb[ ( Y1 >> 24 ) & 0xFF ] << 24 );
+
+    X3 = *RK++ ^ \
+            ( (uint32_t) FSb[ ( Y3       ) & 0xFF ]       ) ^
+            ( (uint32_t) FSb[ ( Y0 >>  8 ) & 0xFF ] <<  8 ) ^
+            ( (uint32_t) FSb[ ( Y1 >> 16 ) & 0xFF ] << 16 ) ^
+            ( (uint32_t) FSb[ ( Y2 >> 24 ) & 0xFF ] << 24 );
+
+    PUT_UINT32_LE( X0, output,  0 );
+    PUT_UINT32_LE( X1, output,  4 );
+    PUT_UINT32_LE( X2, output,  8 );
+    PUT_UINT32_LE( X3, output, 12 );
+
+    return( 0 );
+}
+#endif /* !MBEDTLS_AES_ENCRYPT_ALT */
+
+void mbedtls_aes_encrypt( mbedtls_aes_context *ctx,
+                          const unsigned char input[16],
+                          unsigned char output[16] )
+{
+    mbedtls_internal_aes_encrypt( ctx, input, output );
+}
+
+/*
+ * AES-ECB block decryption
+ */
+#if !defined(MBEDTLS_AES_DECRYPT_ALT)
+int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
+                                  const unsigned char input[16],
+                                  unsigned char output[16] )
+{
+    int i;
+    uint32_t *RK, X0, X1, X2, X3, Y0, Y1, Y2, Y3;
+
+    RK = ctx->rk;
+
+    GET_UINT32_LE( X0, input,  0 ); X0 ^= *RK++;
+    GET_UINT32_LE( X1, input,  4 ); X1 ^= *RK++;
+    GET_UINT32_LE( X2, input,  8 ); X2 ^= *RK++;
+    GET_UINT32_LE( X3, input, 12 ); X3 ^= *RK++;
+
+    for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- )
+    {
+        AES_RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 );
+        AES_RROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 );
+    }
+
+    AES_RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 );
+
+    X0 = *RK++ ^ \
+            ( (uint32_t) RSb[ ( Y0       ) & 0xFF ]       ) ^
+            ( (uint32_t) RSb[ ( Y3 >>  8 ) & 0xFF ] <<  8 ) ^
+            ( (uint32_t) RSb[ ( Y2 >> 16 ) & 0xFF ] << 16 ) ^
+            ( (uint32_t) RSb[ ( Y1 >> 24 ) & 0xFF ] << 24 );
+
+    X1 = *RK++ ^ \
+            ( (uint32_t) RSb[ ( Y1       ) & 0xFF ]       ) ^
+            ( (uint32_t) RSb[ ( Y0 >>  8 ) & 0xFF ] <<  8 ) ^
+            ( (uint32_t) RSb[ ( Y3 >> 16 ) & 0xFF ] << 16 ) ^
+            ( (uint32_t) RSb[ ( Y2 >> 24 ) & 0xFF ] << 24 );
+
+    X2 = *RK++ ^ \
+            ( (uint32_t) RSb[ ( Y2       ) & 0xFF ]       ) ^
+            ( (uint32_t) RSb[ ( Y1 >>  8 ) & 0xFF ] <<  8 ) ^
+            ( (uint32_t) RSb[ ( Y0 >> 16 ) & 0xFF ] << 16 ) ^
+            ( (uint32_t) RSb[ ( Y3 >> 24 ) & 0xFF ] << 24 );
+
+    X3 = *RK++ ^ \
+            ( (uint32_t) RSb[ ( Y3       ) & 0xFF ]       ) ^
+            ( (uint32_t) RSb[ ( Y2 >>  8 ) & 0xFF ] <<  8 ) ^
+            ( (uint32_t) RSb[ ( Y1 >> 16 ) & 0xFF ] << 16 ) ^
+            ( (uint32_t) RSb[ ( Y0 >> 24 ) & 0xFF ] << 24 );
+
+    PUT_UINT32_LE( X0, output,  0 );
+    PUT_UINT32_LE( X1, output,  4 );
+    PUT_UINT32_LE( X2, output,  8 );
+    PUT_UINT32_LE( X3, output, 12 );
+
+    return( 0 );
+}
+#endif /* !MBEDTLS_AES_DECRYPT_ALT */
+
+void mbedtls_aes_decrypt( mbedtls_aes_context *ctx,
+                          const unsigned char input[16],
+                          unsigned char output[16] )
+{
+    mbedtls_internal_aes_decrypt( ctx, input, output );
+}
+
+/*
+ * AES-ECB block encryption/decryption
+ */
+int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
+                    int mode,
+                    const unsigned char input[16],
+                    unsigned char output[16] )
+{
+#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
+    if( mbedtls_aesni_has_support( MBEDTLS_AESNI_AES ) )
+        return( mbedtls_aesni_crypt_ecb( ctx, mode, input, output ) );
+#endif
+
+#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86)
+    if( aes_padlock_ace )
+    {
+        if( mbedtls_padlock_xcryptecb( ctx, mode, input, output ) == 0 )
+            return( 0 );
+
+        // If padlock data misaligned, we just fall back to
+        // unaccelerated mode
+        //
+    }
+#endif
+
+    if( mode == MBEDTLS_AES_ENCRYPT )
+        return( mbedtls_internal_aes_encrypt( ctx, input, output ) );
+    else
+        return( mbedtls_internal_aes_decrypt( ctx, input, output ) );
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+/*
+ * AES-CBC buffer encryption/decryption
+ */
+int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
+                    int mode,
+                    size_t length,
+                    unsigned char iv[16],
+                    const unsigned char *input,
+                    unsigned char *output )
+{
+    int i;
+    unsigned char temp[16];
+
+    if( length % 16 )
+        return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
+
+#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86)
+    if( aes_padlock_ace )
+    {
+        if( mbedtls_padlock_xcryptcbc( ctx, mode, length, iv, input, output ) == 0 )
+            return( 0 );
+
+        // If padlock data misaligned, we just fall back to
+        // unaccelerated mode
+        //
+    }
+#endif
+
+    if( mode == MBEDTLS_AES_DECRYPT )
+    {
+        while( length > 0 )
+        {
+            memcpy( temp, input, 16 );
+            mbedtls_aes_crypt_ecb( ctx, mode, input, output );
+
+            for( i = 0; i < 16; i++ )
+                output[i] = (unsigned char)( output[i] ^ iv[i] );
+
+            memcpy( iv, temp, 16 );
+
+            input  += 16;
+            output += 16;
+            length -= 16;
+        }
+    }
+    else
+    {
+        while( length > 0 )
+        {
+            for( i = 0; i < 16; i++ )
+                output[i] = (unsigned char)( input[i] ^ iv[i] );
+
+            mbedtls_aes_crypt_ecb( ctx, mode, output, output );
+            memcpy( iv, output, 16 );
+
+            input  += 16;
+            output += 16;
+            length -= 16;
+        }
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+/*
+ * AES-CFB128 buffer encryption/decryption
+ */
+int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
+                       int mode,
+                       size_t length,
+                       size_t *iv_off,
+                       unsigned char iv[16],
+                       const unsigned char *input,
+                       unsigned char *output )
+{
+    int c;
+    size_t n = *iv_off;
+
+    if( mode == MBEDTLS_AES_DECRYPT )
+    {
+        while( length-- )
+        {
+            if( n == 0 )
+                mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv );
+
+            c = *input++;
+            *output++ = (unsigned char)( c ^ iv[n] );
+            iv[n] = (unsigned char) c;
+
+            n = ( n + 1 ) & 0x0F;
+        }
+    }
+    else
+    {
+        while( length-- )
+        {
+            if( n == 0 )
+                mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv );
+
+            iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
+
+            n = ( n + 1 ) & 0x0F;
+        }
+    }
+
+    *iv_off = n;
+
+    return( 0 );
+}
+
+/*
+ * AES-CFB8 buffer encryption/decryption
+ */
+int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
+                       int mode,
+                       size_t length,
+                       unsigned char iv[16],
+                       const unsigned char *input,
+                       unsigned char *output )
+{
+    unsigned char c;
+    unsigned char ov[17];
+
+    while( length-- )
+    {
+        memcpy( ov, iv, 16 );
+        mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv );
+
+        if( mode == MBEDTLS_AES_DECRYPT )
+            ov[16] = *input;
+
+        c = *output++ = (unsigned char)( iv[0] ^ *input++ );
+
+        if( mode == MBEDTLS_AES_ENCRYPT )
+            ov[16] = c;
+
+        memcpy( iv, ov + 1, 16 );
+    }
+
+    return( 0 );
+}
+#endif /*MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+/*
+ * AES-CTR buffer encryption/decryption
+ */
+int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
+                       size_t length,
+                       size_t *nc_off,
+                       unsigned char nonce_counter[16],
+                       unsigned char stream_block[16],
+                       const unsigned char *input,
+                       unsigned char *output )
+{
+    int c, i;
+    size_t n = *nc_off;
+
+    while( length-- )
+    {
+        if( n == 0 ) {
+            mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, nonce_counter, stream_block );
+
+            for( i = 16; i > 0; i-- )
+                if( ++nonce_counter[i - 1] != 0 )
+                    break;
+        }
+        c = *input++;
+        *output++ = (unsigned char)( c ^ stream_block[n] );
+
+        n = ( n + 1 ) & 0x0F;
+    }
+
+    *nc_off = n;
+
+    return( 0 );
+}
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+#endif /* !MBEDTLS_AES_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+/*
+ * AES test vectors from:
+ *
+ * http://csrc.nist.gov/archive/aes/rijndael/rijndael-vals.zip
+ */
+static const unsigned char aes_test_ecb_dec[3][16] =
+{
+    { 0x44, 0x41, 0x6A, 0xC2, 0xD1, 0xF5, 0x3C, 0x58,
+      0x33, 0x03, 0x91, 0x7E, 0x6B, 0xE9, 0xEB, 0xE0 },
+    { 0x48, 0xE3, 0x1E, 0x9E, 0x25, 0x67, 0x18, 0xF2,
+      0x92, 0x29, 0x31, 0x9C, 0x19, 0xF1, 0x5B, 0xA4 },
+    { 0x05, 0x8C, 0xCF, 0xFD, 0xBB, 0xCB, 0x38, 0x2D,
+      0x1F, 0x6F, 0x56, 0x58, 0x5D, 0x8A, 0x4A, 0xDE }
+};
+
+static const unsigned char aes_test_ecb_enc[3][16] =
+{
+    { 0xC3, 0x4C, 0x05, 0x2C, 0xC0, 0xDA, 0x8D, 0x73,
+      0x45, 0x1A, 0xFE, 0x5F, 0x03, 0xBE, 0x29, 0x7F },
+    { 0xF3, 0xF6, 0x75, 0x2A, 0xE8, 0xD7, 0x83, 0x11,
+      0x38, 0xF0, 0x41, 0x56, 0x06, 0x31, 0xB1, 0x14 },
+    { 0x8B, 0x79, 0xEE, 0xCC, 0x93, 0xA0, 0xEE, 0x5D,
+      0xFF, 0x30, 0xB4, 0xEA, 0x21, 0x63, 0x6D, 0xA4 }
+};
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static const unsigned char aes_test_cbc_dec[3][16] =
+{
+    { 0xFA, 0xCA, 0x37, 0xE0, 0xB0, 0xC8, 0x53, 0x73,
+      0xDF, 0x70, 0x6E, 0x73, 0xF7, 0xC9, 0xAF, 0x86 },
+    { 0x5D, 0xF6, 0x78, 0xDD, 0x17, 0xBA, 0x4E, 0x75,
+      0xB6, 0x17, 0x68, 0xC6, 0xAD, 0xEF, 0x7C, 0x7B },
+    { 0x48, 0x04, 0xE1, 0x81, 0x8F, 0xE6, 0x29, 0x75,
+      0x19, 0xA3, 0xE8, 0x8C, 0x57, 0x31, 0x04, 0x13 }
+};
+
+static const unsigned char aes_test_cbc_enc[3][16] =
+{
+    { 0x8A, 0x05, 0xFC, 0x5E, 0x09, 0x5A, 0xF4, 0x84,
+      0x8A, 0x08, 0xD3, 0x28, 0xD3, 0x68, 0x8E, 0x3D },
+    { 0x7B, 0xD9, 0x66, 0xD5, 0x3A, 0xD8, 0xC1, 0xBB,
+      0x85, 0xD2, 0xAD, 0xFA, 0xE8, 0x7B, 0xB1, 0x04 },
+    { 0xFE, 0x3C, 0x53, 0x65, 0x3E, 0x2F, 0x45, 0xB5,
+      0x6F, 0xCD, 0x88, 0xB2, 0xCC, 0x89, 0x8F, 0xF0 }
+};
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+/*
+ * AES-CFB128 test vectors from:
+ *
+ * http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
+ */
+static const unsigned char aes_test_cfb128_key[3][32] =
+{
+    { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6,
+      0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C },
+    { 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52,
+      0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5,
+      0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B },
+    { 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE,
+      0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81,
+      0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7,
+      0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 }
+};
+
+static const unsigned char aes_test_cfb128_iv[16] =
+{
+    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+    0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
+};
+
+static const unsigned char aes_test_cfb128_pt[64] =
+{
+    0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
+    0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A,
+    0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
+    0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51,
+    0x30, 0xC8, 0x1C, 0x46, 0xA3, 0x5C, 0xE4, 0x11,
+    0xE5, 0xFB, 0xC1, 0x19, 0x1A, 0x0A, 0x52, 0xEF,
+    0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17,
+    0xAD, 0x2B, 0x41, 0x7B, 0xE6, 0x6C, 0x37, 0x10
+};
+
+static const unsigned char aes_test_cfb128_ct[3][64] =
+{
+    { 0x3B, 0x3F, 0xD9, 0x2E, 0xB7, 0x2D, 0xAD, 0x20,
+      0x33, 0x34, 0x49, 0xF8, 0xE8, 0x3C, 0xFB, 0x4A,
+      0xC8, 0xA6, 0x45, 0x37, 0xA0, 0xB3, 0xA9, 0x3F,
+      0xCD, 0xE3, 0xCD, 0xAD, 0x9F, 0x1C, 0xE5, 0x8B,
+      0x26, 0x75, 0x1F, 0x67, 0xA3, 0xCB, 0xB1, 0x40,
+      0xB1, 0x80, 0x8C, 0xF1, 0x87, 0xA4, 0xF4, 0xDF,
+      0xC0, 0x4B, 0x05, 0x35, 0x7C, 0x5D, 0x1C, 0x0E,
+      0xEA, 0xC4, 0xC6, 0x6F, 0x9F, 0xF7, 0xF2, 0xE6 },
+    { 0xCD, 0xC8, 0x0D, 0x6F, 0xDD, 0xF1, 0x8C, 0xAB,
+      0x34, 0xC2, 0x59, 0x09, 0xC9, 0x9A, 0x41, 0x74,
+      0x67, 0xCE, 0x7F, 0x7F, 0x81, 0x17, 0x36, 0x21,
+      0x96, 0x1A, 0x2B, 0x70, 0x17, 0x1D, 0x3D, 0x7A,
+      0x2E, 0x1E, 0x8A, 0x1D, 0xD5, 0x9B, 0x88, 0xB1,
+      0xC8, 0xE6, 0x0F, 0xED, 0x1E, 0xFA, 0xC4, 0xC9,
+      0xC0, 0x5F, 0x9F, 0x9C, 0xA9, 0x83, 0x4F, 0xA0,
+      0x42, 0xAE, 0x8F, 0xBA, 0x58, 0x4B, 0x09, 0xFF },
+    { 0xDC, 0x7E, 0x84, 0xBF, 0xDA, 0x79, 0x16, 0x4B,
+      0x7E, 0xCD, 0x84, 0x86, 0x98, 0x5D, 0x38, 0x60,
+      0x39, 0xFF, 0xED, 0x14, 0x3B, 0x28, 0xB1, 0xC8,
+      0x32, 0x11, 0x3C, 0x63, 0x31, 0xE5, 0x40, 0x7B,
+      0xDF, 0x10, 0x13, 0x24, 0x15, 0xE5, 0x4B, 0x92,
+      0xA1, 0x3E, 0xD0, 0xA8, 0x26, 0x7A, 0xE2, 0xF9,
+      0x75, 0xA3, 0x85, 0x74, 0x1A, 0xB9, 0xCE, 0xF8,
+      0x20, 0x31, 0x62, 0x3D, 0x55, 0xB1, 0xE4, 0x71 }
+};
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+/*
+ * AES-CTR test vectors from:
+ *
+ * http://www.faqs.org/rfcs/rfc3686.html
+ */
+
+static const unsigned char aes_test_ctr_key[3][16] =
+{
+    { 0xAE, 0x68, 0x52, 0xF8, 0x12, 0x10, 0x67, 0xCC,
+      0x4B, 0xF7, 0xA5, 0x76, 0x55, 0x77, 0xF3, 0x9E },
+    { 0x7E, 0x24, 0x06, 0x78, 0x17, 0xFA, 0xE0, 0xD7,
+      0x43, 0xD6, 0xCE, 0x1F, 0x32, 0x53, 0x91, 0x63 },
+    { 0x76, 0x91, 0xBE, 0x03, 0x5E, 0x50, 0x20, 0xA8,
+      0xAC, 0x6E, 0x61, 0x85, 0x29, 0xF9, 0xA0, 0xDC }
+};
+
+static const unsigned char aes_test_ctr_nonce_counter[3][16] =
+{
+    { 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
+    { 0x00, 0x6C, 0xB6, 0xDB, 0xC0, 0x54, 0x3B, 0x59,
+      0xDA, 0x48, 0xD9, 0x0B, 0x00, 0x00, 0x00, 0x01 },
+    { 0x00, 0xE0, 0x01, 0x7B, 0x27, 0x77, 0x7F, 0x3F,
+      0x4A, 0x17, 0x86, 0xF0, 0x00, 0x00, 0x00, 0x01 }
+};
+
+static const unsigned char aes_test_ctr_pt[3][48] =
+{
+    { 0x53, 0x69, 0x6E, 0x67, 0x6C, 0x65, 0x20, 0x62,
+      0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x6D, 0x73, 0x67 },
+
+    { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+      0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
+      0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+      0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F },
+
+    { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+      0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
+      0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+      0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F,
+      0x20, 0x21, 0x22, 0x23 }
+};
+
+static const unsigned char aes_test_ctr_ct[3][48] =
+{
+    { 0xE4, 0x09, 0x5D, 0x4F, 0xB7, 0xA7, 0xB3, 0x79,
+      0x2D, 0x61, 0x75, 0xA3, 0x26, 0x13, 0x11, 0xB8 },
+    { 0x51, 0x04, 0xA1, 0x06, 0x16, 0x8A, 0x72, 0xD9,
+      0x79, 0x0D, 0x41, 0xEE, 0x8E, 0xDA, 0xD3, 0x88,
+      0xEB, 0x2E, 0x1E, 0xFC, 0x46, 0xDA, 0x57, 0xC8,
+      0xFC, 0xE6, 0x30, 0xDF, 0x91, 0x41, 0xBE, 0x28 },
+    { 0xC1, 0xCF, 0x48, 0xA8, 0x9F, 0x2F, 0xFD, 0xD9,
+      0xCF, 0x46, 0x52, 0xE9, 0xEF, 0xDB, 0x72, 0xD7,
+      0x45, 0x40, 0xA4, 0x2B, 0xDE, 0x6D, 0x78, 0x36,
+      0xD5, 0x9A, 0x5C, 0xEA, 0xAE, 0xF3, 0x10, 0x53,
+      0x25, 0xB2, 0x07, 0x2F }
+};
+
+static const int aes_test_ctr_len[3] =
+    { 16, 32, 36 };
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+/*
+ * Checkup routine
+ */
+int mbedtls_aes_self_test( int verbose )
+{
+    int ret = 0, i, j, u, mode;
+    unsigned int keybits;
+    unsigned char key[32];
+    unsigned char buf[64];
+    const unsigned char *aes_tests;
+#if defined(MBEDTLS_CIPHER_MODE_CBC) || defined(MBEDTLS_CIPHER_MODE_CFB)
+    unsigned char iv[16];
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    unsigned char prv[16];
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR) || defined(MBEDTLS_CIPHER_MODE_CFB)
+    size_t offset;
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    int len;
+    unsigned char nonce_counter[16];
+    unsigned char stream_block[16];
+#endif
+    mbedtls_aes_context ctx;
+
+    memset( key, 0, 32 );
+    mbedtls_aes_init( &ctx );
+
+    /*
+     * ECB mode
+     */
+    for( i = 0; i < 6; i++ )
+    {
+        u = i >> 1;
+        keybits = 128 + u * 64;
+        mode = i & 1;
+
+        if( verbose != 0 )
+            mbedtls_printf( "  AES-ECB-%3d (%s): ", keybits,
+                            ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
+
+        memset( buf, 0, 16 );
+
+        if( mode == MBEDTLS_AES_DECRYPT )
+        {
+            ret = mbedtls_aes_setkey_dec( &ctx, key, keybits );
+            aes_tests = aes_test_ecb_dec[u];
+        }
+        else
+        {
+            ret = mbedtls_aes_setkey_enc( &ctx, key, keybits );
+            aes_tests = aes_test_ecb_enc[u];
+        }
+
+        /*
+         * AES-192 is an optional feature that may be unavailable when
+         * there is an alternative underlying implementation i.e. when
+         * MBEDTLS_AES_ALT is defined.
+         */
+        if( ret == MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE && keybits == 192 )
+        {
+            mbedtls_printf( "skipped\n" );
+            continue;
+        }
+        else if( ret != 0 )
+        {
+            goto exit;
+        }
+
+        for( j = 0; j < 10000; j++ )
+        {
+            ret = mbedtls_aes_crypt_ecb( &ctx, mode, buf, buf );
+            if( ret != 0 )
+                goto exit;
+        }
+
+        if( memcmp( buf, aes_tests, 16 ) != 0 )
+        {
+            ret = 1;
+            goto exit;
+        }
+
+        if( verbose != 0 )
+            mbedtls_printf( "passed\n" );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    /*
+     * CBC mode
+     */
+    for( i = 0; i < 6; i++ )
+    {
+        u = i >> 1;
+        keybits = 128 + u * 64;
+        mode = i & 1;
+
+        if( verbose != 0 )
+            mbedtls_printf( "  AES-CBC-%3d (%s): ", keybits,
+                            ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
+
+        memset( iv , 0, 16 );
+        memset( prv, 0, 16 );
+        memset( buf, 0, 16 );
+
+        if( mode == MBEDTLS_AES_DECRYPT )
+        {
+            ret = mbedtls_aes_setkey_dec( &ctx, key, keybits );
+            aes_tests = aes_test_cbc_dec[u];
+        }
+        else
+        {
+            ret = mbedtls_aes_setkey_enc( &ctx, key, keybits );
+            aes_tests = aes_test_cbc_enc[u];
+        }
+
+        /*
+         * AES-192 is an optional feature that may be unavailable when
+         * there is an alternative underlying implementation i.e. when
+         * MBEDTLS_AES_ALT is defined.
+         */
+        if( ret == MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE && keybits == 192 )
+        {
+            mbedtls_printf( "skipped\n" );
+            continue;
+        }
+        else if( ret != 0 )
+        {
+            goto exit;
+        }
+
+        for( j = 0; j < 10000; j++ )
+        {
+            if( mode == MBEDTLS_AES_ENCRYPT )
+            {
+                unsigned char tmp[16];
+
+                memcpy( tmp, prv, 16 );
+                memcpy( prv, buf, 16 );
+                memcpy( buf, tmp, 16 );
+            }
+
+            ret = mbedtls_aes_crypt_cbc( &ctx, mode, 16, iv, buf, buf );
+            if( ret != 0 )
+                goto exit;
+
+        }
+
+        if( memcmp( buf, aes_tests, 16 ) != 0 )
+        {
+            ret = 1;
+            goto exit;
+        }
+
+        if( verbose != 0 )
+            mbedtls_printf( "passed\n" );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    /*
+     * CFB128 mode
+     */
+    for( i = 0; i < 6; i++ )
+    {
+        u = i >> 1;
+        keybits = 128 + u * 64;
+        mode = i & 1;
+
+        if( verbose != 0 )
+            mbedtls_printf( "  AES-CFB128-%3d (%s): ", keybits,
+                            ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
+
+        memcpy( iv,  aes_test_cfb128_iv, 16 );
+        memcpy( key, aes_test_cfb128_key[u], keybits / 8 );
+
+        offset = 0;
+        ret = mbedtls_aes_setkey_enc( &ctx, key, keybits );
+        /*
+         * AES-192 is an optional feature that may be unavailable when
+         * there is an alternative underlying implementation i.e. when
+         * MBEDTLS_AES_ALT is defined.
+         */
+        if( ret == MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE && keybits == 192 )
+        {
+            mbedtls_printf( "skipped\n" );
+            continue;
+        }
+        else if( ret != 0 )
+        {
+            goto exit;
+        }
+
+        if( mode == MBEDTLS_AES_DECRYPT )
+        {
+            memcpy( buf, aes_test_cfb128_ct[u], 64 );
+            aes_tests = aes_test_cfb128_pt;
+        }
+        else
+        {
+            memcpy( buf, aes_test_cfb128_pt, 64 );
+            aes_tests = aes_test_cfb128_ct[u];
+        }
+
+        ret = mbedtls_aes_crypt_cfb128( &ctx, mode, 64, &offset, iv, buf, buf );
+        if( ret != 0 )
+            goto exit;
+
+        if( memcmp( buf, aes_tests, 64 ) != 0 )
+        {
+            ret = 1;
+            goto exit;
+        }
+
+        if( verbose != 0 )
+            mbedtls_printf( "passed\n" );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    /*
+     * CTR mode
+     */
+    for( i = 0; i < 6; i++ )
+    {
+        u = i >> 1;
+        mode = i & 1;
+
+        if( verbose != 0 )
+            mbedtls_printf( "  AES-CTR-128 (%s): ",
+                            ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
+
+        memcpy( nonce_counter, aes_test_ctr_nonce_counter[u], 16 );
+        memcpy( key, aes_test_ctr_key[u], 16 );
+
+        offset = 0;
+        if( ( ret = mbedtls_aes_setkey_enc( &ctx, key, 128 ) ) != 0 )
+            goto exit;
+
+        len = aes_test_ctr_len[u];
+
+        if( mode == MBEDTLS_AES_DECRYPT )
+        {
+            memcpy( buf, aes_test_ctr_ct[u], len );
+            aes_tests = aes_test_ctr_pt[u];
+        }
+        else
+        {
+            memcpy( buf, aes_test_ctr_pt[u], len );
+            aes_tests = aes_test_ctr_ct[u];
+        }
+
+        ret = mbedtls_aes_crypt_ctr( &ctx, len, &offset, nonce_counter,
+                                     stream_block, buf, buf );
+        if( ret != 0 )
+            goto exit;
+
+        if( memcmp( buf, aes_tests, len ) != 0 )
+        {
+            ret = 1;
+            goto exit;
+        }
+
+        if( verbose != 0 )
+            mbedtls_printf( "passed\n" );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+    ret = 0;
+
+exit:
+    if( ret != 0 && verbose != 0 )
+        mbedtls_printf( "failed\n" );
+
+    mbedtls_aes_free( &ctx );
+
+    return( ret );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_AES_C */
diff --git a/thirdparty/mbedtls/library/aesni.c b/thirdparty/mbedtls/library/aesni.c
new file mode 100644
index 0000000000..1ca3c3ef5b
--- /dev/null
+++ b/thirdparty/mbedtls/library/aesni.c
@@ -0,0 +1,464 @@
+/*
+ *  AES-NI support functions
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/*
+ * [AES-WP] http://software.intel.com/en-us/articles/intel-advanced-encryption-standard-aes-instructions-set
+ * [CLMUL-WP] http://software.intel.com/en-us/articles/intel-carry-less-multiplication-instruction-and-its-usage-for-computing-the-gcm-mode/
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_AESNI_C)
+
+#include "mbedtls/aesni.h"
+
+#include <string.h>
+
+#ifndef asm
+#define asm __asm
+#endif
+
+#if defined(MBEDTLS_HAVE_X86_64)
+
+/*
+ * AES-NI support detection routine
+ */
+int mbedtls_aesni_has_support( unsigned int what )
+{
+    static int done = 0;
+    static unsigned int c = 0;
+
+    if( ! done )
+    {
+        asm( "movl  $1, %%eax   \n\t"
+             "cpuid             \n\t"
+             : "=c" (c)
+             :
+             : "eax", "ebx", "edx" );
+        done = 1;
+    }
+
+    return( ( c & what ) != 0 );
+}
+
+/*
+ * Binutils needs to be at least 2.19 to support AES-NI instructions.
+ * Unfortunately, a lot of users have a lower version now (2014-04).
+ * Emit bytecode directly in order to support "old" version of gas.
+ *
+ * Opcodes from the Intel architecture reference manual, vol. 3.
+ * We always use registers, so we don't need prefixes for memory operands.
+ * Operand macros are in gas order (src, dst) as opposed to Intel order
+ * (dst, src) in order to blend better into the surrounding assembly code.
+ */
+#define AESDEC      ".byte 0x66,0x0F,0x38,0xDE,"
+#define AESDECLAST  ".byte 0x66,0x0F,0x38,0xDF,"
+#define AESENC      ".byte 0x66,0x0F,0x38,0xDC,"
+#define AESENCLAST  ".byte 0x66,0x0F,0x38,0xDD,"
+#define AESIMC      ".byte 0x66,0x0F,0x38,0xDB,"
+#define AESKEYGENA  ".byte 0x66,0x0F,0x3A,0xDF,"
+#define PCLMULQDQ   ".byte 0x66,0x0F,0x3A,0x44,"
+
+#define xmm0_xmm0   "0xC0"
+#define xmm0_xmm1   "0xC8"
+#define xmm0_xmm2   "0xD0"
+#define xmm0_xmm3   "0xD8"
+#define xmm0_xmm4   "0xE0"
+#define xmm1_xmm0   "0xC1"
+#define xmm1_xmm2   "0xD1"
+
+/*
+ * AES-NI AES-ECB block en(de)cryption
+ */
+int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx,
+                     int mode,
+                     const unsigned char input[16],
+                     unsigned char output[16] )
+{
+    asm( "movdqu    (%3), %%xmm0    \n\t" // load input
+         "movdqu    (%1), %%xmm1    \n\t" // load round key 0
+         "pxor      %%xmm1, %%xmm0  \n\t" // round 0
+         "add       $16, %1         \n\t" // point to next round key
+         "subl      $1, %0          \n\t" // normal rounds = nr - 1
+         "test      %2, %2          \n\t" // mode?
+         "jz        2f              \n\t" // 0 = decrypt
+
+         "1:                        \n\t" // encryption loop
+         "movdqu    (%1), %%xmm1    \n\t" // load round key
+         AESENC     xmm1_xmm0      "\n\t" // do round
+         "add       $16, %1         \n\t" // point to next round key
+         "subl      $1, %0          \n\t" // loop
+         "jnz       1b              \n\t"
+         "movdqu    (%1), %%xmm1    \n\t" // load round key
+         AESENCLAST xmm1_xmm0      "\n\t" // last round
+         "jmp       3f              \n\t"
+
+         "2:                        \n\t" // decryption loop
+         "movdqu    (%1), %%xmm1    \n\t"
+         AESDEC     xmm1_xmm0      "\n\t" // do round
+         "add       $16, %1         \n\t"
+         "subl      $1, %0          \n\t"
+         "jnz       2b              \n\t"
+         "movdqu    (%1), %%xmm1    \n\t" // load round key
+         AESDECLAST xmm1_xmm0      "\n\t" // last round
+
+         "3:                        \n\t"
+         "movdqu    %%xmm0, (%4)    \n\t" // export output
+         :
+         : "r" (ctx->nr), "r" (ctx->rk), "r" (mode), "r" (input), "r" (output)
+         : "memory", "cc", "xmm0", "xmm1" );
+
+
+    return( 0 );
+}
+
+/*
+ * GCM multiplication: c = a times b in GF(2^128)
+ * Based on [CLMUL-WP] algorithms 1 (with equation 27) and 5.
+ */
+void mbedtls_aesni_gcm_mult( unsigned char c[16],
+                     const unsigned char a[16],
+                     const unsigned char b[16] )
+{
+    unsigned char aa[16], bb[16], cc[16];
+    size_t i;
+
+    /* The inputs are in big-endian order, so byte-reverse them */
+    for( i = 0; i < 16; i++ )
+    {
+        aa[i] = a[15 - i];
+        bb[i] = b[15 - i];
+    }
+
+    asm( "movdqu (%0), %%xmm0               \n\t" // a1:a0
+         "movdqu (%1), %%xmm1               \n\t" // b1:b0
+
+         /*
+          * Caryless multiplication xmm2:xmm1 = xmm0 * xmm1
+          * using [CLMUL-WP] algorithm 1 (p. 13).
+          */
+         "movdqa %%xmm1, %%xmm2             \n\t" // copy of b1:b0
+         "movdqa %%xmm1, %%xmm3             \n\t" // same
+         "movdqa %%xmm1, %%xmm4             \n\t" // same
+         PCLMULQDQ xmm0_xmm1 ",0x00         \n\t" // a0*b0 = c1:c0
+         PCLMULQDQ xmm0_xmm2 ",0x11         \n\t" // a1*b1 = d1:d0
+         PCLMULQDQ xmm0_xmm3 ",0x10         \n\t" // a0*b1 = e1:e0
+         PCLMULQDQ xmm0_xmm4 ",0x01         \n\t" // a1*b0 = f1:f0
+         "pxor %%xmm3, %%xmm4               \n\t" // e1+f1:e0+f0
+         "movdqa %%xmm4, %%xmm3             \n\t" // same
+         "psrldq $8, %%xmm4                 \n\t" // 0:e1+f1
+         "pslldq $8, %%xmm3                 \n\t" // e0+f0:0
+         "pxor %%xmm4, %%xmm2               \n\t" // d1:d0+e1+f1
+         "pxor %%xmm3, %%xmm1               \n\t" // c1+e0+f1:c0
+
+         /*
+          * Now shift the result one bit to the left,
+          * taking advantage of [CLMUL-WP] eq 27 (p. 20)
+          */
+         "movdqa %%xmm1, %%xmm3             \n\t" // r1:r0
+         "movdqa %%xmm2, %%xmm4             \n\t" // r3:r2
+         "psllq $1, %%xmm1                  \n\t" // r1<<1:r0<<1
+         "psllq $1, %%xmm2                  \n\t" // r3<<1:r2<<1
+         "psrlq $63, %%xmm3                 \n\t" // r1>>63:r0>>63
+         "psrlq $63, %%xmm4                 \n\t" // r3>>63:r2>>63
+         "movdqa %%xmm3, %%xmm5             \n\t" // r1>>63:r0>>63
+         "pslldq $8, %%xmm3                 \n\t" // r0>>63:0
+         "pslldq $8, %%xmm4                 \n\t" // r2>>63:0
+         "psrldq $8, %%xmm5                 \n\t" // 0:r1>>63
+         "por %%xmm3, %%xmm1                \n\t" // r1<<1|r0>>63:r0<<1
+         "por %%xmm4, %%xmm2                \n\t" // r3<<1|r2>>62:r2<<1
+         "por %%xmm5, %%xmm2                \n\t" // r3<<1|r2>>62:r2<<1|r1>>63
+
+         /*
+          * Now reduce modulo the GCM polynomial x^128 + x^7 + x^2 + x + 1
+          * using [CLMUL-WP] algorithm 5 (p. 20).
+          * Currently xmm2:xmm1 holds x3:x2:x1:x0 (already shifted).
+          */
+         /* Step 2 (1) */
+         "movdqa %%xmm1, %%xmm3             \n\t" // x1:x0
+         "movdqa %%xmm1, %%xmm4             \n\t" // same
+         "movdqa %%xmm1, %%xmm5             \n\t" // same
+         "psllq $63, %%xmm3                 \n\t" // x1<<63:x0<<63 = stuff:a
+         "psllq $62, %%xmm4                 \n\t" // x1<<62:x0<<62 = stuff:b
+         "psllq $57, %%xmm5                 \n\t" // x1<<57:x0<<57 = stuff:c
+
+         /* Step 2 (2) */
+         "pxor %%xmm4, %%xmm3               \n\t" // stuff:a+b
+         "pxor %%xmm5, %%xmm3               \n\t" // stuff:a+b+c
+         "pslldq $8, %%xmm3                 \n\t" // a+b+c:0
+         "pxor %%xmm3, %%xmm1               \n\t" // x1+a+b+c:x0 = d:x0
+
+         /* Steps 3 and 4 */
+         "movdqa %%xmm1,%%xmm0              \n\t" // d:x0
+         "movdqa %%xmm1,%%xmm4              \n\t" // same
+         "movdqa %%xmm1,%%xmm5              \n\t" // same
+         "psrlq $1, %%xmm0                  \n\t" // e1:x0>>1 = e1:e0'
+         "psrlq $2, %%xmm4                  \n\t" // f1:x0>>2 = f1:f0'
+         "psrlq $7, %%xmm5                  \n\t" // g1:x0>>7 = g1:g0'
+         "pxor %%xmm4, %%xmm0               \n\t" // e1+f1:e0'+f0'
+         "pxor %%xmm5, %%xmm0               \n\t" // e1+f1+g1:e0'+f0'+g0'
+         // e0'+f0'+g0' is almost e0+f0+g0, ex\tcept for some missing
+         // bits carried from d. Now get those\t bits back in.
+         "movdqa %%xmm1,%%xmm3              \n\t" // d:x0
+         "movdqa %%xmm1,%%xmm4              \n\t" // same
+         "movdqa %%xmm1,%%xmm5              \n\t" // same
+         "psllq $63, %%xmm3                 \n\t" // d<<63:stuff
+         "psllq $62, %%xmm4                 \n\t" // d<<62:stuff
+         "psllq $57, %%xmm5                 \n\t" // d<<57:stuff
+         "pxor %%xmm4, %%xmm3               \n\t" // d<<63+d<<62:stuff
+         "pxor %%xmm5, %%xmm3               \n\t" // missing bits of d:stuff
+         "psrldq $8, %%xmm3                 \n\t" // 0:missing bits of d
+         "pxor %%xmm3, %%xmm0               \n\t" // e1+f1+g1:e0+f0+g0
+         "pxor %%xmm1, %%xmm0               \n\t" // h1:h0
+         "pxor %%xmm2, %%xmm0               \n\t" // x3+h1:x2+h0
+
+         "movdqu %%xmm0, (%2)               \n\t" // done
+         :
+         : "r" (aa), "r" (bb), "r" (cc)
+         : "memory", "cc", "xmm0", "xmm1", "xmm2", "xmm3", "xmm4", "xmm5" );
+
+    /* Now byte-reverse the outputs */
+    for( i = 0; i < 16; i++ )
+        c[i] = cc[15 - i];
+
+    return;
+}
+
+/*
+ * Compute decryption round keys from encryption round keys
+ */
+void mbedtls_aesni_inverse_key( unsigned char *invkey,
+                        const unsigned char *fwdkey, int nr )
+{
+    unsigned char *ik = invkey;
+    const unsigned char *fk = fwdkey + 16 * nr;
+
+    memcpy( ik, fk, 16 );
+
+    for( fk -= 16, ik += 16; fk > fwdkey; fk -= 16, ik += 16 )
+        asm( "movdqu (%0), %%xmm0       \n\t"
+             AESIMC  xmm0_xmm0         "\n\t"
+             "movdqu %%xmm0, (%1)       \n\t"
+             :
+             : "r" (fk), "r" (ik)
+             : "memory", "xmm0" );
+
+    memcpy( ik, fk, 16 );
+}
+
+/*
+ * Key expansion, 128-bit case
+ */
+static void aesni_setkey_enc_128( unsigned char *rk,
+                                  const unsigned char *key )
+{
+    asm( "movdqu (%1), %%xmm0               \n\t" // copy the original key
+         "movdqu %%xmm0, (%0)               \n\t" // as round key 0
+         "jmp 2f                            \n\t" // skip auxiliary routine
+
+         /*
+          * Finish generating the next round key.
+          *
+          * On entry xmm0 is r3:r2:r1:r0 and xmm1 is X:stuff:stuff:stuff
+          * with X = rot( sub( r3 ) ) ^ RCON.
+          *
+          * On exit, xmm0 is r7:r6:r5:r4
+          * with r4 = X + r0, r5 = r4 + r1, r6 = r5 + r2, r7 = r6 + r3
+          * and those are written to the round key buffer.
+          */
+         "1:                                \n\t"
+         "pshufd $0xff, %%xmm1, %%xmm1      \n\t" // X:X:X:X
+         "pxor %%xmm0, %%xmm1               \n\t" // X+r3:X+r2:X+r1:r4
+         "pslldq $4, %%xmm0                 \n\t" // r2:r1:r0:0
+         "pxor %%xmm0, %%xmm1               \n\t" // X+r3+r2:X+r2+r1:r5:r4
+         "pslldq $4, %%xmm0                 \n\t" // etc
+         "pxor %%xmm0, %%xmm1               \n\t"
+         "pslldq $4, %%xmm0                 \n\t"
+         "pxor %%xmm1, %%xmm0               \n\t" // update xmm0 for next time!
+         "add $16, %0                       \n\t" // point to next round key
+         "movdqu %%xmm0, (%0)               \n\t" // write it
+         "ret                               \n\t"
+
+         /* Main "loop" */
+         "2:                                \n\t"
+         AESKEYGENA xmm0_xmm1 ",0x01        \n\tcall 1b \n\t"
+         AESKEYGENA xmm0_xmm1 ",0x02        \n\tcall 1b \n\t"
+         AESKEYGENA xmm0_xmm1 ",0x04        \n\tcall 1b \n\t"
+         AESKEYGENA xmm0_xmm1 ",0x08        \n\tcall 1b \n\t"
+         AESKEYGENA xmm0_xmm1 ",0x10        \n\tcall 1b \n\t"
+         AESKEYGENA xmm0_xmm1 ",0x20        \n\tcall 1b \n\t"
+         AESKEYGENA xmm0_xmm1 ",0x40        \n\tcall 1b \n\t"
+         AESKEYGENA xmm0_xmm1 ",0x80        \n\tcall 1b \n\t"
+         AESKEYGENA xmm0_xmm1 ",0x1B        \n\tcall 1b \n\t"
+         AESKEYGENA xmm0_xmm1 ",0x36        \n\tcall 1b \n\t"
+         :
+         : "r" (rk), "r" (key)
+         : "memory", "cc", "0" );
+}
+
+/*
+ * Key expansion, 192-bit case
+ */
+static void aesni_setkey_enc_192( unsigned char *rk,
+                                  const unsigned char *key )
+{
+    asm( "movdqu (%1), %%xmm0   \n\t" // copy original round key
+         "movdqu %%xmm0, (%0)   \n\t"
+         "add $16, %0           \n\t"
+         "movq 16(%1), %%xmm1   \n\t"
+         "movq %%xmm1, (%0)     \n\t"
+         "add $8, %0            \n\t"
+         "jmp 2f                \n\t" // skip auxiliary routine
+
+         /*
+          * Finish generating the next 6 quarter-keys.
+          *
+          * On entry xmm0 is r3:r2:r1:r0, xmm1 is stuff:stuff:r5:r4
+          * and xmm2 is stuff:stuff:X:stuff with X = rot( sub( r3 ) ) ^ RCON.
+          *
+          * On exit, xmm0 is r9:r8:r7:r6 and xmm1 is stuff:stuff:r11:r10
+          * and those are written to the round key buffer.
+          */
+         "1:                            \n\t"
+         "pshufd $0x55, %%xmm2, %%xmm2  \n\t" // X:X:X:X
+         "pxor %%xmm0, %%xmm2           \n\t" // X+r3:X+r2:X+r1:r4
+         "pslldq $4, %%xmm0             \n\t" // etc
+         "pxor %%xmm0, %%xmm2           \n\t"
+         "pslldq $4, %%xmm0             \n\t"
+         "pxor %%xmm0, %%xmm2           \n\t"
+         "pslldq $4, %%xmm0             \n\t"
+         "pxor %%xmm2, %%xmm0           \n\t" // update xmm0 = r9:r8:r7:r6
+         "movdqu %%xmm0, (%0)           \n\t"
+         "add $16, %0                   \n\t"
+         "pshufd $0xff, %%xmm0, %%xmm2  \n\t" // r9:r9:r9:r9
+         "pxor %%xmm1, %%xmm2           \n\t" // stuff:stuff:r9+r5:r10
+         "pslldq $4, %%xmm1             \n\t" // r2:r1:r0:0
+         "pxor %%xmm2, %%xmm1           \n\t" // xmm1 = stuff:stuff:r11:r10
+         "movq %%xmm1, (%0)             \n\t"
+         "add $8, %0                    \n\t"
+         "ret                           \n\t"
+
+         "2:                            \n\t"
+         AESKEYGENA xmm1_xmm2 ",0x01    \n\tcall 1b \n\t"
+         AESKEYGENA xmm1_xmm2 ",0x02    \n\tcall 1b \n\t"
+         AESKEYGENA xmm1_xmm2 ",0x04    \n\tcall 1b \n\t"
+         AESKEYGENA xmm1_xmm2 ",0x08    \n\tcall 1b \n\t"
+         AESKEYGENA xmm1_xmm2 ",0x10    \n\tcall 1b \n\t"
+         AESKEYGENA xmm1_xmm2 ",0x20    \n\tcall 1b \n\t"
+         AESKEYGENA xmm1_xmm2 ",0x40    \n\tcall 1b \n\t"
+         AESKEYGENA xmm1_xmm2 ",0x80    \n\tcall 1b \n\t"
+
+         :
+         : "r" (rk), "r" (key)
+         : "memory", "cc", "0" );
+}
+
+/*
+ * Key expansion, 256-bit case
+ */
+static void aesni_setkey_enc_256( unsigned char *rk,
+                                  const unsigned char *key )
+{
+    asm( "movdqu (%1), %%xmm0           \n\t"
+         "movdqu %%xmm0, (%0)           \n\t"
+         "add $16, %0                   \n\t"
+         "movdqu 16(%1), %%xmm1         \n\t"
+         "movdqu %%xmm1, (%0)           \n\t"
+         "jmp 2f                        \n\t" // skip auxiliary routine
+
+         /*
+          * Finish generating the next two round keys.
+          *
+          * On entry xmm0 is r3:r2:r1:r0, xmm1 is r7:r6:r5:r4 and
+          * xmm2 is X:stuff:stuff:stuff with X = rot( sub( r7 )) ^ RCON
+          *
+          * On exit, xmm0 is r11:r10:r9:r8 and xmm1 is r15:r14:r13:r12
+          * and those have been written to the output buffer.
+          */
+         "1:                                \n\t"
+         "pshufd $0xff, %%xmm2, %%xmm2      \n\t"
+         "pxor %%xmm0, %%xmm2               \n\t"
+         "pslldq $4, %%xmm0                 \n\t"
+         "pxor %%xmm0, %%xmm2               \n\t"
+         "pslldq $4, %%xmm0                 \n\t"
+         "pxor %%xmm0, %%xmm2               \n\t"
+         "pslldq $4, %%xmm0                 \n\t"
+         "pxor %%xmm2, %%xmm0               \n\t"
+         "add $16, %0                       \n\t"
+         "movdqu %%xmm0, (%0)               \n\t"
+
+         /* Set xmm2 to stuff:Y:stuff:stuff with Y = subword( r11 )
+          * and proceed to generate next round key from there */
+         AESKEYGENA xmm0_xmm2 ",0x00        \n\t"
+         "pshufd $0xaa, %%xmm2, %%xmm2      \n\t"
+         "pxor %%xmm1, %%xmm2               \n\t"
+         "pslldq $4, %%xmm1                 \n\t"
+         "pxor %%xmm1, %%xmm2               \n\t"
+         "pslldq $4, %%xmm1                 \n\t"
+         "pxor %%xmm1, %%xmm2               \n\t"
+         "pslldq $4, %%xmm1                 \n\t"
+         "pxor %%xmm2, %%xmm1               \n\t"
+         "add $16, %0                       \n\t"
+         "movdqu %%xmm1, (%0)               \n\t"
+         "ret                               \n\t"
+
+         /*
+          * Main "loop" - Generating one more key than necessary,
+          * see definition of mbedtls_aes_context.buf
+          */
+         "2:                                \n\t"
+         AESKEYGENA xmm1_xmm2 ",0x01        \n\tcall 1b \n\t"
+         AESKEYGENA xmm1_xmm2 ",0x02        \n\tcall 1b \n\t"
+         AESKEYGENA xmm1_xmm2 ",0x04        \n\tcall 1b \n\t"
+         AESKEYGENA xmm1_xmm2 ",0x08        \n\tcall 1b \n\t"
+         AESKEYGENA xmm1_xmm2 ",0x10        \n\tcall 1b \n\t"
+         AESKEYGENA xmm1_xmm2 ",0x20        \n\tcall 1b \n\t"
+         AESKEYGENA xmm1_xmm2 ",0x40        \n\tcall 1b \n\t"
+         :
+         : "r" (rk), "r" (key)
+         : "memory", "cc", "0" );
+}
+
+/*
+ * Key expansion, wrapper
+ */
+int mbedtls_aesni_setkey_enc( unsigned char *rk,
+                      const unsigned char *key,
+                      size_t bits )
+{
+    switch( bits )
+    {
+        case 128: aesni_setkey_enc_128( rk, key ); break;
+        case 192: aesni_setkey_enc_192( rk, key ); break;
+        case 256: aesni_setkey_enc_256( rk, key ); break;
+        default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH );
+    }
+
+    return( 0 );
+}
+
+#endif /* MBEDTLS_HAVE_X86_64 */
+
+#endif /* MBEDTLS_AESNI_C */
diff --git a/thirdparty/mbedtls/library/arc4.c b/thirdparty/mbedtls/library/arc4.c
new file mode 100644
index 0000000000..05b33d3fdb
--- /dev/null
+++ b/thirdparty/mbedtls/library/arc4.c
@@ -0,0 +1,205 @@
+/*
+ *  An implementation of the ARCFOUR algorithm
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ *  The ARCFOUR algorithm was publicly disclosed on 94/09.
+ *
+ *  http://groups.google.com/group/sci.crypt/msg/10a300c9d21afca0
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_ARC4_C)
+
+#include "mbedtls/arc4.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_SELF_TEST)
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif /* MBEDTLS_PLATFORM_C */
+#endif /* MBEDTLS_SELF_TEST */
+
+#if !defined(MBEDTLS_ARC4_ALT)
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
+}
+
+void mbedtls_arc4_init( mbedtls_arc4_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_arc4_context ) );
+}
+
+void mbedtls_arc4_free( mbedtls_arc4_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    mbedtls_zeroize( ctx, sizeof( mbedtls_arc4_context ) );
+}
+
+/*
+ * ARC4 key schedule
+ */
+void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key,
+                 unsigned int keylen )
+{
+    int i, j, a;
+    unsigned int k;
+    unsigned char *m;
+
+    ctx->x = 0;
+    ctx->y = 0;
+    m = ctx->m;
+
+    for( i = 0; i < 256; i++ )
+        m[i] = (unsigned char) i;
+
+    j = k = 0;
+
+    for( i = 0; i < 256; i++, k++ )
+    {
+        if( k >= keylen ) k = 0;
+
+        a = m[i];
+        j = ( j + a + key[k] ) & 0xFF;
+        m[i] = m[j];
+        m[j] = (unsigned char) a;
+    }
+}
+
+/*
+ * ARC4 cipher function
+ */
+int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input,
+                unsigned char *output )
+{
+    int x, y, a, b;
+    size_t i;
+    unsigned char *m;
+
+    x = ctx->x;
+    y = ctx->y;
+    m = ctx->m;
+
+    for( i = 0; i < length; i++ )
+    {
+        x = ( x + 1 ) & 0xFF; a = m[x];
+        y = ( y + a ) & 0xFF; b = m[y];
+
+        m[x] = (unsigned char) b;
+        m[y] = (unsigned char) a;
+
+        output[i] = (unsigned char)
+            ( input[i] ^ m[(unsigned char)( a + b )] );
+    }
+
+    ctx->x = x;
+    ctx->y = y;
+
+    return( 0 );
+}
+
+#endif /* !MBEDTLS_ARC4_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+/*
+ * ARC4 tests vectors as posted by Eric Rescorla in sep. 1994:
+ *
+ * http://groups.google.com/group/comp.security.misc/msg/10a300c9d21afca0
+ */
+static const unsigned char arc4_test_key[3][8] =
+{
+    { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF },
+    { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF },
+    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
+};
+
+static const unsigned char arc4_test_pt[3][8] =
+{
+    { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF },
+    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
+};
+
+static const unsigned char arc4_test_ct[3][8] =
+{
+    { 0x75, 0xB7, 0x87, 0x80, 0x99, 0xE0, 0xC5, 0x96 },
+    { 0x74, 0x94, 0xC2, 0xE7, 0x10, 0x4B, 0x08, 0x79 },
+    { 0xDE, 0x18, 0x89, 0x41, 0xA3, 0x37, 0x5D, 0x3A }
+};
+
+/*
+ * Checkup routine
+ */
+int mbedtls_arc4_self_test( int verbose )
+{
+    int i, ret = 0;
+    unsigned char ibuf[8];
+    unsigned char obuf[8];
+    mbedtls_arc4_context ctx;
+
+    mbedtls_arc4_init( &ctx );
+
+    for( i = 0; i < 3; i++ )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "  ARC4 test #%d: ", i + 1 );
+
+        memcpy( ibuf, arc4_test_pt[i], 8 );
+
+        mbedtls_arc4_setup( &ctx, arc4_test_key[i], 8 );
+        mbedtls_arc4_crypt( &ctx, 8, ibuf, obuf );
+
+        if( memcmp( obuf, arc4_test_ct[i], 8 ) != 0 )
+        {
+            if( verbose != 0 )
+                mbedtls_printf( "failed\n" );
+
+            ret = 1;
+            goto exit;
+        }
+
+        if( verbose != 0 )
+            mbedtls_printf( "passed\n" );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+exit:
+    mbedtls_arc4_free( &ctx );
+
+    return( ret );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_ARC4_C */
diff --git a/thirdparty/mbedtls/library/asn1parse.c b/thirdparty/mbedtls/library/asn1parse.c
new file mode 100644
index 0000000000..4dd65c03c0
--- /dev/null
+++ b/thirdparty/mbedtls/library/asn1parse.c
@@ -0,0 +1,393 @@
+/*
+ *  Generic ASN.1 parsing
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+
+#include "mbedtls/asn1.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_BIGNUM_C)
+#include "mbedtls/bignum.h"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define mbedtls_calloc    calloc
+#define mbedtls_free       free
+#endif
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
+}
+
+/*
+ * ASN.1 DER decoding routines
+ */
+int mbedtls_asn1_get_len( unsigned char **p,
+                  const unsigned char *end,
+                  size_t *len )
+{
+    if( ( end - *p ) < 1 )
+        return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+
+    if( ( **p & 0x80 ) == 0 )
+        *len = *(*p)++;
+    else
+    {
+        switch( **p & 0x7F )
+        {
+        case 1:
+            if( ( end - *p ) < 2 )
+                return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+
+            *len = (*p)[1];
+            (*p) += 2;
+            break;
+
+        case 2:
+            if( ( end - *p ) < 3 )
+                return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+
+            *len = ( (size_t)(*p)[1] << 8 ) | (*p)[2];
+            (*p) += 3;
+            break;
+
+        case 3:
+            if( ( end - *p ) < 4 )
+                return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+
+            *len = ( (size_t)(*p)[1] << 16 ) |
+                   ( (size_t)(*p)[2] << 8  ) | (*p)[3];
+            (*p) += 4;
+            break;
+
+        case 4:
+            if( ( end - *p ) < 5 )
+                return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+
+            *len = ( (size_t)(*p)[1] << 24 ) | ( (size_t)(*p)[2] << 16 ) |
+                   ( (size_t)(*p)[3] << 8  ) |           (*p)[4];
+            (*p) += 5;
+            break;
+
+        default:
+            return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
+        }
+    }
+
+    if( *len > (size_t) ( end - *p ) )
+        return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+
+    return( 0 );
+}
+
+int mbedtls_asn1_get_tag( unsigned char **p,
+                  const unsigned char *end,
+                  size_t *len, int tag )
+{
+    if( ( end - *p ) < 1 )
+        return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+
+    if( **p != tag )
+        return( MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+
+    (*p)++;
+
+    return( mbedtls_asn1_get_len( p, end, len ) );
+}
+
+int mbedtls_asn1_get_bool( unsigned char **p,
+                   const unsigned char *end,
+                   int *val )
+{
+    int ret;
+    size_t len;
+
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_BOOLEAN ) ) != 0 )
+        return( ret );
+
+    if( len != 1 )
+        return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
+
+    *val = ( **p != 0 ) ? 1 : 0;
+    (*p)++;
+
+    return( 0 );
+}
+
+int mbedtls_asn1_get_int( unsigned char **p,
+                  const unsigned char *end,
+                  int *val )
+{
+    int ret;
+    size_t len;
+
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 )
+        return( ret );
+
+    if( len == 0 || len > sizeof( int ) || ( **p & 0x80 ) != 0 )
+        return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
+
+    *val = 0;
+
+    while( len-- > 0 )
+    {
+        *val = ( *val << 8 ) | **p;
+        (*p)++;
+    }
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_BIGNUM_C)
+int mbedtls_asn1_get_mpi( unsigned char **p,
+                  const unsigned char *end,
+                  mbedtls_mpi *X )
+{
+    int ret;
+    size_t len;
+
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 )
+        return( ret );
+
+    ret = mbedtls_mpi_read_binary( X, *p, len );
+
+    *p += len;
+
+    return( ret );
+}
+#endif /* MBEDTLS_BIGNUM_C */
+
+int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end,
+                        mbedtls_asn1_bitstring *bs)
+{
+    int ret;
+
+    /* Certificate type is a single byte bitstring */
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &bs->len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 )
+        return( ret );
+
+    /* Check length, subtract one for actual bit string length */
+    if( bs->len < 1 )
+        return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+    bs->len -= 1;
+
+    /* Get number of unused bits, ensure unused bits <= 7 */
+    bs->unused_bits = **p;
+    if( bs->unused_bits > 7 )
+        return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
+    (*p)++;
+
+    /* Get actual bitstring */
+    bs->p = *p;
+    *p += bs->len;
+
+    if( *p != end )
+        return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    return( 0 );
+}
+
+/*
+ * Get a bit string without unused bits
+ */
+int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end,
+                             size_t *len )
+{
+    int ret;
+
+    if( ( ret = mbedtls_asn1_get_tag( p, end, len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 )
+        return( ret );
+
+    if( (*len)-- < 2 || *(*p)++ != 0 )
+        return( MBEDTLS_ERR_ASN1_INVALID_DATA );
+
+    return( 0 );
+}
+
+
+
+/*
+ *  Parses and splits an ASN.1 "SEQUENCE OF <tag>"
+ */
+int mbedtls_asn1_get_sequence_of( unsigned char **p,
+                          const unsigned char *end,
+                          mbedtls_asn1_sequence *cur,
+                          int tag)
+{
+    int ret;
+    size_t len;
+    mbedtls_asn1_buf *buf;
+
+    /* Get main sequence tag */
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+        return( ret );
+
+    if( *p + len != end )
+        return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    while( *p < end )
+    {
+        buf = &(cur->buf);
+        buf->tag = **p;
+
+        if( ( ret = mbedtls_asn1_get_tag( p, end, &buf->len, tag ) ) != 0 )
+            return( ret );
+
+        buf->p = *p;
+        *p += buf->len;
+
+        /* Allocate and assign next pointer */
+        if( *p < end )
+        {
+            cur->next = (mbedtls_asn1_sequence*)mbedtls_calloc( 1,
+                                            sizeof( mbedtls_asn1_sequence ) );
+
+            if( cur->next == NULL )
+                return( MBEDTLS_ERR_ASN1_ALLOC_FAILED );
+
+            cur = cur->next;
+        }
+    }
+
+    /* Set final sequence entry's next pointer to NULL */
+    cur->next = NULL;
+
+    if( *p != end )
+        return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    return( 0 );
+}
+
+int mbedtls_asn1_get_alg( unsigned char **p,
+                  const unsigned char *end,
+                  mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params )
+{
+    int ret;
+    size_t len;
+
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+        return( ret );
+
+    if( ( end - *p ) < 1 )
+        return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+
+    alg->tag = **p;
+    end = *p + len;
+
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &alg->len, MBEDTLS_ASN1_OID ) ) != 0 )
+        return( ret );
+
+    alg->p = *p;
+    *p += alg->len;
+
+    if( *p == end )
+    {
+        mbedtls_zeroize( params, sizeof(mbedtls_asn1_buf) );
+        return( 0 );
+    }
+
+    params->tag = **p;
+    (*p)++;
+
+    if( ( ret = mbedtls_asn1_get_len( p, end, &params->len ) ) != 0 )
+        return( ret );
+
+    params->p = *p;
+    *p += params->len;
+
+    if( *p != end )
+        return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    return( 0 );
+}
+
+int mbedtls_asn1_get_alg_null( unsigned char **p,
+                       const unsigned char *end,
+                       mbedtls_asn1_buf *alg )
+{
+    int ret;
+    mbedtls_asn1_buf params;
+
+    memset( &params, 0, sizeof(mbedtls_asn1_buf) );
+
+    if( ( ret = mbedtls_asn1_get_alg( p, end, alg, &params ) ) != 0 )
+        return( ret );
+
+    if( ( params.tag != MBEDTLS_ASN1_NULL && params.tag != 0 ) || params.len != 0 )
+        return( MBEDTLS_ERR_ASN1_INVALID_DATA );
+
+    return( 0 );
+}
+
+void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *cur )
+{
+    if( cur == NULL )
+        return;
+
+    mbedtls_free( cur->oid.p );
+    mbedtls_free( cur->val.p );
+
+    mbedtls_zeroize( cur, sizeof( mbedtls_asn1_named_data ) );
+}
+
+void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head )
+{
+    mbedtls_asn1_named_data *cur;
+
+    while( ( cur = *head ) != NULL )
+    {
+        *head = cur->next;
+        mbedtls_asn1_free_named_data( cur );
+        mbedtls_free( cur );
+    }
+}
+
+mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data *list,
+                                       const char *oid, size_t len )
+{
+    while( list != NULL )
+    {
+        if( list->oid.len == len &&
+            memcmp( list->oid.p, oid, len ) == 0 )
+        {
+            break;
+        }
+
+        list = list->next;
+    }
+
+    return( list );
+}
+
+#endif /* MBEDTLS_ASN1_PARSE_C */
diff --git a/thirdparty/mbedtls/library/asn1write.c b/thirdparty/mbedtls/library/asn1write.c
new file mode 100644
index 0000000000..69b61b205f
--- /dev/null
+++ b/thirdparty/mbedtls/library/asn1write.c
@@ -0,0 +1,390 @@
+/*
+ * ASN.1 buffer writing functionality
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_ASN1_WRITE_C)
+
+#include "mbedtls/asn1write.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define mbedtls_calloc    calloc
+#define mbedtls_free       free
+#endif
+
+int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len )
+{
+    if( len < 0x80 )
+    {
+        if( *p - start < 1 )
+            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+        *--(*p) = (unsigned char) len;
+        return( 1 );
+    }
+
+    if( len <= 0xFF )
+    {
+        if( *p - start < 2 )
+            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+        *--(*p) = (unsigned char) len;
+        *--(*p) = 0x81;
+        return( 2 );
+    }
+
+    if( len <= 0xFFFF )
+    {
+        if( *p - start < 3 )
+            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+        *--(*p) = ( len       ) & 0xFF;
+        *--(*p) = ( len >>  8 ) & 0xFF;
+        *--(*p) = 0x82;
+        return( 3 );
+    }
+
+    if( len <= 0xFFFFFF )
+    {
+        if( *p - start < 4 )
+            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+        *--(*p) = ( len       ) & 0xFF;
+        *--(*p) = ( len >>  8 ) & 0xFF;
+        *--(*p) = ( len >> 16 ) & 0xFF;
+        *--(*p) = 0x83;
+        return( 4 );
+    }
+
+    if( len <= 0xFFFFFFFF )
+    {
+        if( *p - start < 5 )
+            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+        *--(*p) = ( len       ) & 0xFF;
+        *--(*p) = ( len >>  8 ) & 0xFF;
+        *--(*p) = ( len >> 16 ) & 0xFF;
+        *--(*p) = ( len >> 24 ) & 0xFF;
+        *--(*p) = 0x84;
+        return( 5 );
+    }
+
+    return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
+}
+
+int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag )
+{
+    if( *p - start < 1 )
+        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+    *--(*p) = tag;
+
+    return( 1 );
+}
+
+int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
+                           const unsigned char *buf, size_t size )
+{
+    size_t len = 0;
+
+    if( *p < start || (size_t)( *p - start ) < size )
+        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+    len = size;
+    (*p) -= len;
+    memcpy( *p, buf, len );
+
+    return( (int) len );
+}
+
+#if defined(MBEDTLS_BIGNUM_C)
+int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start, const mbedtls_mpi *X )
+{
+    int ret;
+    size_t len = 0;
+
+    // Write the MPI
+    //
+    len = mbedtls_mpi_size( X );
+
+    if( *p < start || (size_t)( *p - start ) < len )
+        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+    (*p) -= len;
+    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( X, *p, len ) );
+
+    // DER format assumes 2s complement for numbers, so the leftmost bit
+    // should be 0 for positive numbers and 1 for negative numbers.
+    //
+    if( X->s ==1 && **p & 0x80 )
+    {
+        if( *p - start < 1 )
+            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+        *--(*p) = 0x00;
+        len += 1;
+    }
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_INTEGER ) );
+
+    ret = (int) len;
+
+cleanup:
+    return( ret );
+}
+#endif /* MBEDTLS_BIGNUM_C */
+
+int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start )
+{
+    int ret;
+    size_t len = 0;
+
+    // Write NULL
+    //
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, 0) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_NULL ) );
+
+    return( (int) len );
+}
+
+int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start,
+                    const char *oid, size_t oid_len )
+{
+    int ret;
+    size_t len = 0;
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
+                                  (const unsigned char *) oid, oid_len ) );
+    MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_len( p, start, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OID ) );
+
+    return( (int) len );
+}
+
+int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start,
+                                     const char *oid, size_t oid_len,
+                                     size_t par_len )
+{
+    int ret;
+    size_t len = 0;
+
+    if( par_len == 0 )
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_null( p, start ) );
+    else
+        len += par_len;
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) );
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start,
+                                       MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
+
+    return( (int) len );
+}
+
+int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, int boolean )
+{
+    int ret;
+    size_t len = 0;
+
+    if( *p - start < 1 )
+        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+    *--(*p) = (boolean) ? 255 : 0;
+    len++;
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BOOLEAN ) );
+
+    return( (int) len );
+}
+
+int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val )
+{
+    int ret;
+    size_t len = 0;
+
+    // TODO negative values and values larger than 128
+    // DER format assumes 2s complement for numbers, so the leftmost bit
+    // should be 0 for positive numbers and 1 for negative numbers.
+    //
+    if( *p - start < 1 )
+        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+    len += 1;
+    *--(*p) = val;
+
+    if( val > 0 && **p & 0x80 )
+    {
+        if( *p - start < 1 )
+            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+        *--(*p) = 0x00;
+        len += 1;
+    }
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_INTEGER ) );
+
+    return( (int) len );
+}
+
+int mbedtls_asn1_write_printable_string( unsigned char **p, unsigned char *start,
+                                 const char *text, size_t text_len )
+{
+    int ret;
+    size_t len = 0;
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
+                  (const unsigned char *) text, text_len ) );
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_PRINTABLE_STRING ) );
+
+    return( (int) len );
+}
+
+int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start,
+                           const char *text, size_t text_len )
+{
+    int ret;
+    size_t len = 0;
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
+                  (const unsigned char *) text, text_len ) );
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_IA5_STRING ) );
+
+    return( (int) len );
+}
+
+int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start,
+                          const unsigned char *buf, size_t bits )
+{
+    int ret;
+    size_t len = 0, size;
+
+    size = ( bits / 8 ) + ( ( bits % 8 ) ? 1 : 0 );
+
+    // Calculate byte length
+    //
+    if( *p < start || (size_t)( *p - start ) < size + 1 )
+        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+    len = size + 1;
+    (*p) -= size;
+    memcpy( *p, buf, size );
+
+    // Write unused bits
+    //
+    *--(*p) = (unsigned char) (size * 8 - bits);
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) );
+
+    return( (int) len );
+}
+
+int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start,
+                             const unsigned char *buf, size_t size )
+{
+    int ret;
+    size_t len = 0;
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, buf, size ) );
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OCTET_STRING ) );
+
+    return( (int) len );
+}
+
+mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( mbedtls_asn1_named_data **head,
+                                        const char *oid, size_t oid_len,
+                                        const unsigned char *val,
+                                        size_t val_len )
+{
+    mbedtls_asn1_named_data *cur;
+
+    if( ( cur = mbedtls_asn1_find_named_data( *head, oid, oid_len ) ) == NULL )
+    {
+        // Add new entry if not present yet based on OID
+        //
+        cur = (mbedtls_asn1_named_data*)mbedtls_calloc( 1,
+                                            sizeof(mbedtls_asn1_named_data) );
+        if( cur == NULL )
+            return( NULL );
+
+        cur->oid.len = oid_len;
+        cur->oid.p = mbedtls_calloc( 1, oid_len );
+        if( cur->oid.p == NULL )
+        {
+            mbedtls_free( cur );
+            return( NULL );
+        }
+
+        memcpy( cur->oid.p, oid, oid_len );
+
+        cur->val.len = val_len;
+        cur->val.p = mbedtls_calloc( 1, val_len );
+        if( cur->val.p == NULL )
+        {
+            mbedtls_free( cur->oid.p );
+            mbedtls_free( cur );
+            return( NULL );
+        }
+
+        cur->next = *head;
+        *head = cur;
+    }
+    else if( cur->val.len < val_len )
+    {
+        /*
+         * Enlarge existing value buffer if needed
+         * Preserve old data until the allocation succeeded, to leave list in
+         * a consistent state in case allocation fails.
+         */
+        void *p = mbedtls_calloc( 1, val_len );
+        if( p == NULL )
+            return( NULL );
+
+        mbedtls_free( cur->val.p );
+        cur->val.p = p;
+        cur->val.len = val_len;
+    }
+
+    if( val != NULL )
+        memcpy( cur->val.p, val, val_len );
+
+    return( cur );
+}
+#endif /* MBEDTLS_ASN1_WRITE_C */
diff --git a/thirdparty/mbedtls/library/base64.c b/thirdparty/mbedtls/library/base64.c
new file mode 100644
index 0000000000..f06b57b31f
--- /dev/null
+++ b/thirdparty/mbedtls/library/base64.c
@@ -0,0 +1,293 @@
+/*
+ *  RFC 1521 base64 encoding/decoding
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_BASE64_C)
+
+#include "mbedtls/base64.h"
+
+#include <stdint.h>
+
+#if defined(MBEDTLS_SELF_TEST)
+#include <string.h>
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif /* MBEDTLS_PLATFORM_C */
+#endif /* MBEDTLS_SELF_TEST */
+
+static const unsigned char base64_enc_map[64] =
+{
+    'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J',
+    'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T',
+    'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd',
+    'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n',
+    'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x',
+    'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7',
+    '8', '9', '+', '/'
+};
+
+static const unsigned char base64_dec_map[128] =
+{
+    127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
+    127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
+    127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
+    127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
+    127, 127, 127,  62, 127, 127, 127,  63,  52,  53,
+     54,  55,  56,  57,  58,  59,  60,  61, 127, 127,
+    127,  64, 127, 127, 127,   0,   1,   2,   3,   4,
+      5,   6,   7,   8,   9,  10,  11,  12,  13,  14,
+     15,  16,  17,  18,  19,  20,  21,  22,  23,  24,
+     25, 127, 127, 127, 127, 127, 127,  26,  27,  28,
+     29,  30,  31,  32,  33,  34,  35,  36,  37,  38,
+     39,  40,  41,  42,  43,  44,  45,  46,  47,  48,
+     49,  50,  51, 127, 127, 127, 127, 127
+};
+
+#define BASE64_SIZE_T_MAX   ( (size_t) -1 ) /* SIZE_T_MAX is not standard */
+
+/*
+ * Encode a buffer into base64 format
+ */
+int mbedtls_base64_encode( unsigned char *dst, size_t dlen, size_t *olen,
+                   const unsigned char *src, size_t slen )
+{
+    size_t i, n;
+    int C1, C2, C3;
+    unsigned char *p;
+
+    if( slen == 0 )
+    {
+        *olen = 0;
+        return( 0 );
+    }
+
+    n = slen / 3 + ( slen % 3 != 0 );
+
+    if( n > ( BASE64_SIZE_T_MAX - 1 ) / 4 )
+    {
+        *olen = BASE64_SIZE_T_MAX;
+        return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
+    }
+
+    n *= 4;
+
+    if( ( dlen < n + 1 ) || ( NULL == dst ) )
+    {
+        *olen = n + 1;
+        return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
+    }
+
+    n = ( slen / 3 ) * 3;
+
+    for( i = 0, p = dst; i < n; i += 3 )
+    {
+        C1 = *src++;
+        C2 = *src++;
+        C3 = *src++;
+
+        *p++ = base64_enc_map[(C1 >> 2) & 0x3F];
+        *p++ = base64_enc_map[(((C1 &  3) << 4) + (C2 >> 4)) & 0x3F];
+        *p++ = base64_enc_map[(((C2 & 15) << 2) + (C3 >> 6)) & 0x3F];
+        *p++ = base64_enc_map[C3 & 0x3F];
+    }
+
+    if( i < slen )
+    {
+        C1 = *src++;
+        C2 = ( ( i + 1 ) < slen ) ? *src++ : 0;
+
+        *p++ = base64_enc_map[(C1 >> 2) & 0x3F];
+        *p++ = base64_enc_map[(((C1 & 3) << 4) + (C2 >> 4)) & 0x3F];
+
+        if( ( i + 1 ) < slen )
+             *p++ = base64_enc_map[((C2 & 15) << 2) & 0x3F];
+        else *p++ = '=';
+
+        *p++ = '=';
+    }
+
+    *olen = p - dst;
+    *p = 0;
+
+    return( 0 );
+}
+
+/*
+ * Decode a base64-formatted buffer
+ */
+int mbedtls_base64_decode( unsigned char *dst, size_t dlen, size_t *olen,
+                   const unsigned char *src, size_t slen )
+{
+    size_t i, n;
+    uint32_t j, x;
+    unsigned char *p;
+
+    /* First pass: check for validity and get output length */
+    for( i = n = j = 0; i < slen; i++ )
+    {
+        /* Skip spaces before checking for EOL */
+        x = 0;
+        while( i < slen && src[i] == ' ' )
+        {
+            ++i;
+            ++x;
+        }
+
+        /* Spaces at end of buffer are OK */
+        if( i == slen )
+            break;
+
+        if( ( slen - i ) >= 2 &&
+            src[i] == '\r' && src[i + 1] == '\n' )
+            continue;
+
+        if( src[i] == '\n' )
+            continue;
+
+        /* Space inside a line is an error */
+        if( x != 0 )
+            return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
+
+        if( src[i] == '=' && ++j > 2 )
+            return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
+
+        if( src[i] > 127 || base64_dec_map[src[i]] == 127 )
+            return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
+
+        if( base64_dec_map[src[i]] < 64 && j != 0 )
+            return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
+
+        n++;
+    }
+
+    if( n == 0 )
+    {
+        *olen = 0;
+        return( 0 );
+    }
+
+    /* The following expression is to calculate the following formula without
+     * risk of integer overflow in n:
+     *     n = ( ( n * 6 ) + 7 ) >> 3;
+     */
+    n = ( 6 * ( n >> 3 ) ) + ( ( 6 * ( n & 0x7 ) + 7 ) >> 3 );
+    n -= j;
+
+    if( dst == NULL || dlen < n )
+    {
+        *olen = n;
+        return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
+    }
+
+   for( j = 3, n = x = 0, p = dst; i > 0; i--, src++ )
+   {
+        if( *src == '\r' || *src == '\n' || *src == ' ' )
+            continue;
+
+        j -= ( base64_dec_map[*src] == 64 );
+        x  = ( x << 6 ) | ( base64_dec_map[*src] & 0x3F );
+
+        if( ++n == 4 )
+        {
+            n = 0;
+            if( j > 0 ) *p++ = (unsigned char)( x >> 16 );
+            if( j > 1 ) *p++ = (unsigned char)( x >>  8 );
+            if( j > 2 ) *p++ = (unsigned char)( x       );
+        }
+    }
+
+    *olen = p - dst;
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_SELF_TEST)
+
+static const unsigned char base64_test_dec[64] =
+{
+    0x24, 0x48, 0x6E, 0x56, 0x87, 0x62, 0x5A, 0xBD,
+    0xBF, 0x17, 0xD9, 0xA2, 0xC4, 0x17, 0x1A, 0x01,
+    0x94, 0xED, 0x8F, 0x1E, 0x11, 0xB3, 0xD7, 0x09,
+    0x0C, 0xB6, 0xE9, 0x10, 0x6F, 0x22, 0xEE, 0x13,
+    0xCA, 0xB3, 0x07, 0x05, 0x76, 0xC9, 0xFA, 0x31,
+    0x6C, 0x08, 0x34, 0xFF, 0x8D, 0xC2, 0x6C, 0x38,
+    0x00, 0x43, 0xE9, 0x54, 0x97, 0xAF, 0x50, 0x4B,
+    0xD1, 0x41, 0xBA, 0x95, 0x31, 0x5A, 0x0B, 0x97
+};
+
+static const unsigned char base64_test_enc[] =
+    "JEhuVodiWr2/F9mixBcaAZTtjx4Rs9cJDLbpEG8i7hPK"
+    "swcFdsn6MWwINP+Nwmw4AEPpVJevUEvRQbqVMVoLlw==";
+
+/*
+ * Checkup routine
+ */
+int mbedtls_base64_self_test( int verbose )
+{
+    size_t len;
+    const unsigned char *src;
+    unsigned char buffer[128];
+
+    if( verbose != 0 )
+        mbedtls_printf( "  Base64 encoding test: " );
+
+    src = base64_test_dec;
+
+    if( mbedtls_base64_encode( buffer, sizeof( buffer ), &len, src, 64 ) != 0 ||
+         memcmp( base64_test_enc, buffer, 88 ) != 0 )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "failed\n" );
+
+        return( 1 );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n  Base64 decoding test: " );
+
+    src = base64_test_enc;
+
+    if( mbedtls_base64_decode( buffer, sizeof( buffer ), &len, src, 88 ) != 0 ||
+         memcmp( base64_test_dec, buffer, 64 ) != 0 )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "failed\n" );
+
+        return( 1 );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n\n" );
+
+    return( 0 );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_BASE64_C */
diff --git a/thirdparty/mbedtls/library/bignum.c b/thirdparty/mbedtls/library/bignum.c
new file mode 100644
index 0000000000..d27c130bcb
--- /dev/null
+++ b/thirdparty/mbedtls/library/bignum.c
@@ -0,0 +1,2457 @@
+/*
+ *  Multi-precision integer library
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/*
+ *  The following sources were referenced in the design of this Multi-precision
+ *  Integer library:
+ *
+ *  [1] Handbook of Applied Cryptography - 1997
+ *      Menezes, van Oorschot and Vanstone
+ *
+ *  [2] Multi-Precision Math
+ *      Tom St Denis
+ *      https://github.com/libtom/libtommath/blob/develop/tommath.pdf
+ *
+ *  [3] GNU Multi-Precision Arithmetic Library
+ *      https://gmplib.org/manual/index.html
+ *
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_BIGNUM_C)
+
+#include "mbedtls/bignum.h"
+#include "mbedtls/bn_mul.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#include <stdlib.h>
+#define mbedtls_printf     printf
+#define mbedtls_calloc    calloc
+#define mbedtls_free       free
+#endif
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_mpi_zeroize( mbedtls_mpi_uint *v, size_t n ) {
+    volatile mbedtls_mpi_uint *p = v; while( n-- ) *p++ = 0;
+}
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+#define ciL    (sizeof(mbedtls_mpi_uint))         /* chars in limb  */
+#define biL    (ciL << 3)               /* bits  in limb  */
+#define biH    (ciL << 2)               /* half limb size */
+
+#define MPI_SIZE_T_MAX  ( (size_t) -1 ) /* SIZE_T_MAX is not standard */
+
+/*
+ * Convert between bits/chars and number of limbs
+ * Divide first in order to avoid potential overflows
+ */
+#define BITS_TO_LIMBS(i)  ( (i) / biL + ( (i) % biL != 0 ) )
+#define CHARS_TO_LIMBS(i) ( (i) / ciL + ( (i) % ciL != 0 ) )
+
+/*
+ * Initialize one MPI
+ */
+void mbedtls_mpi_init( mbedtls_mpi *X )
+{
+    if( X == NULL )
+        return;
+
+    X->s = 1;
+    X->n = 0;
+    X->p = NULL;
+}
+
+/*
+ * Unallocate one MPI
+ */
+void mbedtls_mpi_free( mbedtls_mpi *X )
+{
+    if( X == NULL )
+        return;
+
+    if( X->p != NULL )
+    {
+        mbedtls_mpi_zeroize( X->p, X->n );
+        mbedtls_free( X->p );
+    }
+
+    X->s = 1;
+    X->n = 0;
+    X->p = NULL;
+}
+
+/*
+ * Enlarge to the specified number of limbs
+ */
+int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs )
+{
+    mbedtls_mpi_uint *p;
+
+    if( nblimbs > MBEDTLS_MPI_MAX_LIMBS )
+        return( MBEDTLS_ERR_MPI_ALLOC_FAILED );
+
+    if( X->n < nblimbs )
+    {
+        if( ( p = (mbedtls_mpi_uint*)mbedtls_calloc( nblimbs, ciL ) ) == NULL )
+            return( MBEDTLS_ERR_MPI_ALLOC_FAILED );
+
+        if( X->p != NULL )
+        {
+            memcpy( p, X->p, X->n * ciL );
+            mbedtls_mpi_zeroize( X->p, X->n );
+            mbedtls_free( X->p );
+        }
+
+        X->n = nblimbs;
+        X->p = p;
+    }
+
+    return( 0 );
+}
+
+/*
+ * Resize down as much as possible,
+ * while keeping at least the specified number of limbs
+ */
+int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs )
+{
+    mbedtls_mpi_uint *p;
+    size_t i;
+
+    /* Actually resize up in this case */
+    if( X->n <= nblimbs )
+        return( mbedtls_mpi_grow( X, nblimbs ) );
+
+    for( i = X->n - 1; i > 0; i-- )
+        if( X->p[i] != 0 )
+            break;
+    i++;
+
+    if( i < nblimbs )
+        i = nblimbs;
+
+    if( ( p = (mbedtls_mpi_uint*)mbedtls_calloc( i, ciL ) ) == NULL )
+        return( MBEDTLS_ERR_MPI_ALLOC_FAILED );
+
+    if( X->p != NULL )
+    {
+        memcpy( p, X->p, i * ciL );
+        mbedtls_mpi_zeroize( X->p, X->n );
+        mbedtls_free( X->p );
+    }
+
+    X->n = i;
+    X->p = p;
+
+    return( 0 );
+}
+
+/*
+ * Copy the contents of Y into X
+ */
+int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y )
+{
+    int ret;
+    size_t i;
+
+    if( X == Y )
+        return( 0 );
+
+    if( Y->p == NULL )
+    {
+        mbedtls_mpi_free( X );
+        return( 0 );
+    }
+
+    for( i = Y->n - 1; i > 0; i-- )
+        if( Y->p[i] != 0 )
+            break;
+    i++;
+
+    X->s = Y->s;
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, i ) );
+
+    memset( X->p, 0, X->n * ciL );
+    memcpy( X->p, Y->p, i * ciL );
+
+cleanup:
+
+    return( ret );
+}
+
+/*
+ * Swap the contents of X and Y
+ */
+void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y )
+{
+    mbedtls_mpi T;
+
+    memcpy( &T,  X, sizeof( mbedtls_mpi ) );
+    memcpy(  X,  Y, sizeof( mbedtls_mpi ) );
+    memcpy(  Y, &T, sizeof( mbedtls_mpi ) );
+}
+
+/*
+ * Conditionally assign X = Y, without leaking information
+ * about whether the assignment was made or not.
+ * (Leaking information about the respective sizes of X and Y is ok however.)
+ */
+int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign )
+{
+    int ret = 0;
+    size_t i;
+
+    /* make sure assign is 0 or 1 in a time-constant manner */
+    assign = (assign | (unsigned char)-assign) >> 7;
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, Y->n ) );
+
+    X->s = X->s * ( 1 - assign ) + Y->s * assign;
+
+    for( i = 0; i < Y->n; i++ )
+        X->p[i] = X->p[i] * ( 1 - assign ) + Y->p[i] * assign;
+
+    for( ; i < X->n; i++ )
+        X->p[i] *= ( 1 - assign );
+
+cleanup:
+    return( ret );
+}
+
+/*
+ * Conditionally swap X and Y, without leaking information
+ * about whether the swap was made or not.
+ * Here it is not ok to simply swap the pointers, which whould lead to
+ * different memory access patterns when X and Y are used afterwards.
+ */
+int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char swap )
+{
+    int ret, s;
+    size_t i;
+    mbedtls_mpi_uint tmp;
+
+    if( X == Y )
+        return( 0 );
+
+    /* make sure swap is 0 or 1 in a time-constant manner */
+    swap = (swap | (unsigned char)-swap) >> 7;
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, Y->n ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( Y, X->n ) );
+
+    s = X->s;
+    X->s = X->s * ( 1 - swap ) + Y->s * swap;
+    Y->s = Y->s * ( 1 - swap ) +    s * swap;
+
+
+    for( i = 0; i < X->n; i++ )
+    {
+        tmp = X->p[i];
+        X->p[i] = X->p[i] * ( 1 - swap ) + Y->p[i] * swap;
+        Y->p[i] = Y->p[i] * ( 1 - swap ) +     tmp * swap;
+    }
+
+cleanup:
+    return( ret );
+}
+
+/*
+ * Set value from integer
+ */
+int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z )
+{
+    int ret;
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, 1 ) );
+    memset( X->p, 0, X->n * ciL );
+
+    X->p[0] = ( z < 0 ) ? -z : z;
+    X->s    = ( z < 0 ) ? -1 : 1;
+
+cleanup:
+
+    return( ret );
+}
+
+/*
+ * Get a specific bit
+ */
+int mbedtls_mpi_get_bit( const mbedtls_mpi *X, size_t pos )
+{
+    if( X->n * biL <= pos )
+        return( 0 );
+
+    return( ( X->p[pos / biL] >> ( pos % biL ) ) & 0x01 );
+}
+
+/*
+ * Set a bit to a specific value of 0 or 1
+ */
+int mbedtls_mpi_set_bit( mbedtls_mpi *X, size_t pos, unsigned char val )
+{
+    int ret = 0;
+    size_t off = pos / biL;
+    size_t idx = pos % biL;
+
+    if( val != 0 && val != 1 )
+        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+
+    if( X->n * biL <= pos )
+    {
+        if( val == 0 )
+            return( 0 );
+
+        MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, off + 1 ) );
+    }
+
+    X->p[off] &= ~( (mbedtls_mpi_uint) 0x01 << idx );
+    X->p[off] |= (mbedtls_mpi_uint) val << idx;
+
+cleanup:
+
+    return( ret );
+}
+
+/*
+ * Return the number of less significant zero-bits
+ */
+size_t mbedtls_mpi_lsb( const mbedtls_mpi *X )
+{
+    size_t i, j, count = 0;
+
+    for( i = 0; i < X->n; i++ )
+        for( j = 0; j < biL; j++, count++ )
+            if( ( ( X->p[i] >> j ) & 1 ) != 0 )
+                return( count );
+
+    return( 0 );
+}
+
+/*
+ * Count leading zero bits in a given integer
+ */
+static size_t mbedtls_clz( const mbedtls_mpi_uint x )
+{
+    size_t j;
+    mbedtls_mpi_uint mask = (mbedtls_mpi_uint) 1 << (biL - 1);
+
+    for( j = 0; j < biL; j++ )
+    {
+        if( x & mask ) break;
+
+        mask >>= 1;
+    }
+
+    return j;
+}
+
+/*
+ * Return the number of bits
+ */
+size_t mbedtls_mpi_bitlen( const mbedtls_mpi *X )
+{
+    size_t i, j;
+
+    if( X->n == 0 )
+        return( 0 );
+
+    for( i = X->n - 1; i > 0; i-- )
+        if( X->p[i] != 0 )
+            break;
+
+    j = biL - mbedtls_clz( X->p[i] );
+
+    return( ( i * biL ) + j );
+}
+
+/*
+ * Return the total size in bytes
+ */
+size_t mbedtls_mpi_size( const mbedtls_mpi *X )
+{
+    return( ( mbedtls_mpi_bitlen( X ) + 7 ) >> 3 );
+}
+
+/*
+ * Convert an ASCII character to digit value
+ */
+static int mpi_get_digit( mbedtls_mpi_uint *d, int radix, char c )
+{
+    *d = 255;
+
+    if( c >= 0x30 && c <= 0x39 ) *d = c - 0x30;
+    if( c >= 0x41 && c <= 0x46 ) *d = c - 0x37;
+    if( c >= 0x61 && c <= 0x66 ) *d = c - 0x57;
+
+    if( *d >= (mbedtls_mpi_uint) radix )
+        return( MBEDTLS_ERR_MPI_INVALID_CHARACTER );
+
+    return( 0 );
+}
+
+/*
+ * Import from an ASCII string
+ */
+int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s )
+{
+    int ret;
+    size_t i, j, slen, n;
+    mbedtls_mpi_uint d;
+    mbedtls_mpi T;
+
+    if( radix < 2 || radix > 16 )
+        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+
+    mbedtls_mpi_init( &T );
+
+    slen = strlen( s );
+
+    if( radix == 16 )
+    {
+        if( slen > MPI_SIZE_T_MAX >> 2 )
+            return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+
+        n = BITS_TO_LIMBS( slen << 2 );
+
+        MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, n ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) );
+
+        for( i = slen, j = 0; i > 0; i--, j++ )
+        {
+            if( i == 1 && s[i - 1] == '-' )
+            {
+                X->s = -1;
+                break;
+            }
+
+            MBEDTLS_MPI_CHK( mpi_get_digit( &d, radix, s[i - 1] ) );
+            X->p[j / ( 2 * ciL )] |= d << ( ( j % ( 2 * ciL ) ) << 2 );
+        }
+    }
+    else
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) );
+
+        for( i = 0; i < slen; i++ )
+        {
+            if( i == 0 && s[i] == '-' )
+            {
+                X->s = -1;
+                continue;
+            }
+
+            MBEDTLS_MPI_CHK( mpi_get_digit( &d, radix, s[i] ) );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &T, X, radix ) );
+
+            if( X->s == 1 )
+            {
+                MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( X, &T, d ) );
+            }
+            else
+            {
+                MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( X, &T, d ) );
+            }
+        }
+    }
+
+cleanup:
+
+    mbedtls_mpi_free( &T );
+
+    return( ret );
+}
+
+/*
+ * Helper to write the digits high-order first
+ */
+static int mpi_write_hlp( mbedtls_mpi *X, int radix, char **p )
+{
+    int ret;
+    mbedtls_mpi_uint r;
+
+    if( radix < 2 || radix > 16 )
+        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mod_int( &r, X, radix ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_div_int( X, NULL, X, radix ) );
+
+    if( mbedtls_mpi_cmp_int( X, 0 ) != 0 )
+        MBEDTLS_MPI_CHK( mpi_write_hlp( X, radix, p ) );
+
+    if( r < 10 )
+        *(*p)++ = (char)( r + 0x30 );
+    else
+        *(*p)++ = (char)( r + 0x37 );
+
+cleanup:
+
+    return( ret );
+}
+
+/*
+ * Export into an ASCII string
+ */
+int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix,
+                              char *buf, size_t buflen, size_t *olen )
+{
+    int ret = 0;
+    size_t n;
+    char *p;
+    mbedtls_mpi T;
+
+    if( radix < 2 || radix > 16 )
+        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+
+    n = mbedtls_mpi_bitlen( X );
+    if( radix >=  4 ) n >>= 1;
+    if( radix >= 16 ) n >>= 1;
+    /*
+     * Round up the buffer length to an even value to ensure that there is
+     * enough room for hexadecimal values that can be represented in an odd
+     * number of digits.
+     */
+    n += 3 + ( ( n + 1 ) & 1 );
+
+    if( buflen < n )
+    {
+        *olen = n;
+        return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL );
+    }
+
+    p = buf;
+    mbedtls_mpi_init( &T );
+
+    if( X->s == -1 )
+        *p++ = '-';
+
+    if( radix == 16 )
+    {
+        int c;
+        size_t i, j, k;
+
+        for( i = X->n, k = 0; i > 0; i-- )
+        {
+            for( j = ciL; j > 0; j-- )
+            {
+                c = ( X->p[i - 1] >> ( ( j - 1 ) << 3) ) & 0xFF;
+
+                if( c == 0 && k == 0 && ( i + j ) != 2 )
+                    continue;
+
+                *(p++) = "0123456789ABCDEF" [c / 16];
+                *(p++) = "0123456789ABCDEF" [c % 16];
+                k = 1;
+            }
+        }
+    }
+    else
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &T, X ) );
+
+        if( T.s == -1 )
+            T.s = 1;
+
+        MBEDTLS_MPI_CHK( mpi_write_hlp( &T, radix, &p ) );
+    }
+
+    *p++ = '\0';
+    *olen = p - buf;
+
+cleanup:
+
+    mbedtls_mpi_free( &T );
+
+    return( ret );
+}
+
+#if defined(MBEDTLS_FS_IO)
+/*
+ * Read X from an opened file
+ */
+int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin )
+{
+    mbedtls_mpi_uint d;
+    size_t slen;
+    char *p;
+    /*
+     * Buffer should have space for (short) label and decimal formatted MPI,
+     * newline characters and '\0'
+     */
+    char s[ MBEDTLS_MPI_RW_BUFFER_SIZE ];
+
+    memset( s, 0, sizeof( s ) );
+    if( fgets( s, sizeof( s ) - 1, fin ) == NULL )
+        return( MBEDTLS_ERR_MPI_FILE_IO_ERROR );
+
+    slen = strlen( s );
+    if( slen == sizeof( s ) - 2 )
+        return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL );
+
+    if( slen > 0 && s[slen - 1] == '\n' ) { slen--; s[slen] = '\0'; }
+    if( slen > 0 && s[slen - 1] == '\r' ) { slen--; s[slen] = '\0'; }
+
+    p = s + slen;
+    while( p-- > s )
+        if( mpi_get_digit( &d, radix, *p ) != 0 )
+            break;
+
+    return( mbedtls_mpi_read_string( X, radix, p + 1 ) );
+}
+
+/*
+ * Write X into an opened file (or stdout if fout == NULL)
+ */
+int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, int radix, FILE *fout )
+{
+    int ret;
+    size_t n, slen, plen;
+    /*
+     * Buffer should have space for (short) label and decimal formatted MPI,
+     * newline characters and '\0'
+     */
+    char s[ MBEDTLS_MPI_RW_BUFFER_SIZE ];
+
+    memset( s, 0, sizeof( s ) );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_write_string( X, radix, s, sizeof( s ) - 2, &n ) );
+
+    if( p == NULL ) p = "";
+
+    plen = strlen( p );
+    slen = strlen( s );
+    s[slen++] = '\r';
+    s[slen++] = '\n';
+
+    if( fout != NULL )
+    {
+        if( fwrite( p, 1, plen, fout ) != plen ||
+            fwrite( s, 1, slen, fout ) != slen )
+            return( MBEDTLS_ERR_MPI_FILE_IO_ERROR );
+    }
+    else
+        mbedtls_printf( "%s%s", p, s );
+
+cleanup:
+
+    return( ret );
+}
+#endif /* MBEDTLS_FS_IO */
+
+/*
+ * Import X from unsigned binary data, big endian
+ */
+int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, size_t buflen )
+{
+    int ret;
+    size_t i, j;
+    size_t const limbs = CHARS_TO_LIMBS( buflen );
+
+    /* Ensure that target MPI has exactly the necessary number of limbs */
+    if( X->n != limbs )
+    {
+        mbedtls_mpi_free( X );
+        mbedtls_mpi_init( X );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, limbs ) );
+    }
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) );
+
+    for( i = buflen, j = 0; i > 0; i--, j++ )
+        X->p[j / ciL] |= ((mbedtls_mpi_uint) buf[i - 1]) << ((j % ciL) << 3);
+
+cleanup:
+
+    return( ret );
+}
+
+/*
+ * Export X into unsigned binary data, big endian
+ */
+int mbedtls_mpi_write_binary( const mbedtls_mpi *X, unsigned char *buf, size_t buflen )
+{
+    size_t i, j, n;
+
+    n = mbedtls_mpi_size( X );
+
+    if( buflen < n )
+        return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL );
+
+    memset( buf, 0, buflen );
+
+    for( i = buflen - 1, j = 0; n > 0; i--, j++, n-- )
+        buf[i] = (unsigned char)( X->p[j / ciL] >> ((j % ciL) << 3) );
+
+    return( 0 );
+}
+
+/*
+ * Left-shift: X <<= count
+ */
+int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count )
+{
+    int ret;
+    size_t i, v0, t1;
+    mbedtls_mpi_uint r0 = 0, r1;
+
+    v0 = count / (biL    );
+    t1 = count & (biL - 1);
+
+    i = mbedtls_mpi_bitlen( X ) + count;
+
+    if( X->n * biL < i )
+        MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, BITS_TO_LIMBS( i ) ) );
+
+    ret = 0;
+
+    /*
+     * shift by count / limb_size
+     */
+    if( v0 > 0 )
+    {
+        for( i = X->n; i > v0; i-- )
+            X->p[i - 1] = X->p[i - v0 - 1];
+
+        for( ; i > 0; i-- )
+            X->p[i - 1] = 0;
+    }
+
+    /*
+     * shift by count % limb_size
+     */
+    if( t1 > 0 )
+    {
+        for( i = v0; i < X->n; i++ )
+        {
+            r1 = X->p[i] >> (biL - t1);
+            X->p[i] <<= t1;
+            X->p[i] |= r0;
+            r0 = r1;
+        }
+    }
+
+cleanup:
+
+    return( ret );
+}
+
+/*
+ * Right-shift: X >>= count
+ */
+int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count )
+{
+    size_t i, v0, v1;
+    mbedtls_mpi_uint r0 = 0, r1;
+
+    v0 = count /  biL;
+    v1 = count & (biL - 1);
+
+    if( v0 > X->n || ( v0 == X->n && v1 > 0 ) )
+        return mbedtls_mpi_lset( X, 0 );
+
+    /*
+     * shift by count / limb_size
+     */
+    if( v0 > 0 )
+    {
+        for( i = 0; i < X->n - v0; i++ )
+            X->p[i] = X->p[i + v0];
+
+        for( ; i < X->n; i++ )
+            X->p[i] = 0;
+    }
+
+    /*
+     * shift by count % limb_size
+     */
+    if( v1 > 0 )
+    {
+        for( i = X->n; i > 0; i-- )
+        {
+            r1 = X->p[i - 1] << (biL - v1);
+            X->p[i - 1] >>= v1;
+            X->p[i - 1] |= r0;
+            r0 = r1;
+        }
+    }
+
+    return( 0 );
+}
+
+/*
+ * Compare unsigned values
+ */
+int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y )
+{
+    size_t i, j;
+
+    for( i = X->n; i > 0; i-- )
+        if( X->p[i - 1] != 0 )
+            break;
+
+    for( j = Y->n; j > 0; j-- )
+        if( Y->p[j - 1] != 0 )
+            break;
+
+    if( i == 0 && j == 0 )
+        return( 0 );
+
+    if( i > j ) return(  1 );
+    if( j > i ) return( -1 );
+
+    for( ; i > 0; i-- )
+    {
+        if( X->p[i - 1] > Y->p[i - 1] ) return(  1 );
+        if( X->p[i - 1] < Y->p[i - 1] ) return( -1 );
+    }
+
+    return( 0 );
+}
+
+/*
+ * Compare signed values
+ */
+int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y )
+{
+    size_t i, j;
+
+    for( i = X->n; i > 0; i-- )
+        if( X->p[i - 1] != 0 )
+            break;
+
+    for( j = Y->n; j > 0; j-- )
+        if( Y->p[j - 1] != 0 )
+            break;
+
+    if( i == 0 && j == 0 )
+        return( 0 );
+
+    if( i > j ) return(  X->s );
+    if( j > i ) return( -Y->s );
+
+    if( X->s > 0 && Y->s < 0 ) return(  1 );
+    if( Y->s > 0 && X->s < 0 ) return( -1 );
+
+    for( ; i > 0; i-- )
+    {
+        if( X->p[i - 1] > Y->p[i - 1] ) return(  X->s );
+        if( X->p[i - 1] < Y->p[i - 1] ) return( -X->s );
+    }
+
+    return( 0 );
+}
+
+/*
+ * Compare signed values
+ */
+int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z )
+{
+    mbedtls_mpi Y;
+    mbedtls_mpi_uint p[1];
+
+    *p  = ( z < 0 ) ? -z : z;
+    Y.s = ( z < 0 ) ? -1 : 1;
+    Y.n = 1;
+    Y.p = p;
+
+    return( mbedtls_mpi_cmp_mpi( X, &Y ) );
+}
+
+/*
+ * Unsigned addition: X = |A| + |B|  (HAC 14.7)
+ */
+int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B )
+{
+    int ret;
+    size_t i, j;
+    mbedtls_mpi_uint *o, *p, c, tmp;
+
+    if( X == B )
+    {
+        const mbedtls_mpi *T = A; A = X; B = T;
+    }
+
+    if( X != A )
+        MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, A ) );
+
+    /*
+     * X should always be positive as a result of unsigned additions.
+     */
+    X->s = 1;
+
+    for( j = B->n; j > 0; j-- )
+        if( B->p[j - 1] != 0 )
+            break;
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, j ) );
+
+    o = B->p; p = X->p; c = 0;
+
+    /*
+     * tmp is used because it might happen that p == o
+     */
+    for( i = 0; i < j; i++, o++, p++ )
+    {
+        tmp= *o;
+        *p +=  c; c  = ( *p <  c );
+        *p += tmp; c += ( *p < tmp );
+    }
+
+    while( c != 0 )
+    {
+        if( i >= X->n )
+        {
+            MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, i + 1 ) );
+            p = X->p + i;
+        }
+
+        *p += c; c = ( *p < c ); i++; p++;
+    }
+
+cleanup:
+
+    return( ret );
+}
+
+/*
+ * Helper for mbedtls_mpi subtraction
+ */
+static void mpi_sub_hlp( size_t n, mbedtls_mpi_uint *s, mbedtls_mpi_uint *d )
+{
+    size_t i;
+    mbedtls_mpi_uint c, z;
+
+    for( i = c = 0; i < n; i++, s++, d++ )
+    {
+        z = ( *d <  c );     *d -=  c;
+        c = ( *d < *s ) + z; *d -= *s;
+    }
+
+    while( c != 0 )
+    {
+        z = ( *d < c ); *d -= c;
+        c = z; i++; d++;
+    }
+}
+
+/*
+ * Unsigned subtraction: X = |A| - |B|  (HAC 14.9)
+ */
+int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B )
+{
+    mbedtls_mpi TB;
+    int ret;
+    size_t n;
+
+    if( mbedtls_mpi_cmp_abs( A, B ) < 0 )
+        return( MBEDTLS_ERR_MPI_NEGATIVE_VALUE );
+
+    mbedtls_mpi_init( &TB );
+
+    if( X == B )
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, B ) );
+        B = &TB;
+    }
+
+    if( X != A )
+        MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, A ) );
+
+    /*
+     * X should always be positive as a result of unsigned subtractions.
+     */
+    X->s = 1;
+
+    ret = 0;
+
+    for( n = B->n; n > 0; n-- )
+        if( B->p[n - 1] != 0 )
+            break;
+
+    mpi_sub_hlp( n, B->p, X->p );
+
+cleanup:
+
+    mbedtls_mpi_free( &TB );
+
+    return( ret );
+}
+
+/*
+ * Signed addition: X = A + B
+ */
+int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B )
+{
+    int ret, s = A->s;
+
+    if( A->s * B->s < 0 )
+    {
+        if( mbedtls_mpi_cmp_abs( A, B ) >= 0 )
+        {
+            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, A, B ) );
+            X->s =  s;
+        }
+        else
+        {
+            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, B, A ) );
+            X->s = -s;
+        }
+    }
+    else
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( X, A, B ) );
+        X->s = s;
+    }
+
+cleanup:
+
+    return( ret );
+}
+
+/*
+ * Signed subtraction: X = A - B
+ */
+int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B )
+{
+    int ret, s = A->s;
+
+    if( A->s * B->s > 0 )
+    {
+        if( mbedtls_mpi_cmp_abs( A, B ) >= 0 )
+        {
+            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, A, B ) );
+            X->s =  s;
+        }
+        else
+        {
+            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, B, A ) );
+            X->s = -s;
+        }
+    }
+    else
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( X, A, B ) );
+        X->s = s;
+    }
+
+cleanup:
+
+    return( ret );
+}
+
+/*
+ * Signed addition: X = A + b
+ */
+int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b )
+{
+    mbedtls_mpi _B;
+    mbedtls_mpi_uint p[1];
+
+    p[0] = ( b < 0 ) ? -b : b;
+    _B.s = ( b < 0 ) ? -1 : 1;
+    _B.n = 1;
+    _B.p = p;
+
+    return( mbedtls_mpi_add_mpi( X, A, &_B ) );
+}
+
+/*
+ * Signed subtraction: X = A - b
+ */
+int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b )
+{
+    mbedtls_mpi _B;
+    mbedtls_mpi_uint p[1];
+
+    p[0] = ( b < 0 ) ? -b : b;
+    _B.s = ( b < 0 ) ? -1 : 1;
+    _B.n = 1;
+    _B.p = p;
+
+    return( mbedtls_mpi_sub_mpi( X, A, &_B ) );
+}
+
+/*
+ * Helper for mbedtls_mpi multiplication
+ */
+static
+#if defined(__APPLE__) && defined(__arm__)
+/*
+ * Apple LLVM version 4.2 (clang-425.0.24) (based on LLVM 3.2svn)
+ * appears to need this to prevent bad ARM code generation at -O3.
+ */
+__attribute__ ((noinline))
+#endif
+void mpi_mul_hlp( size_t i, mbedtls_mpi_uint *s, mbedtls_mpi_uint *d, mbedtls_mpi_uint b )
+{
+    mbedtls_mpi_uint c = 0, t = 0;
+
+#if defined(MULADDC_HUIT)
+    for( ; i >= 8; i -= 8 )
+    {
+        MULADDC_INIT
+        MULADDC_HUIT
+        MULADDC_STOP
+    }
+
+    for( ; i > 0; i-- )
+    {
+        MULADDC_INIT
+        MULADDC_CORE
+        MULADDC_STOP
+    }
+#else /* MULADDC_HUIT */
+    for( ; i >= 16; i -= 16 )
+    {
+        MULADDC_INIT
+        MULADDC_CORE   MULADDC_CORE
+        MULADDC_CORE   MULADDC_CORE
+        MULADDC_CORE   MULADDC_CORE
+        MULADDC_CORE   MULADDC_CORE
+
+        MULADDC_CORE   MULADDC_CORE
+        MULADDC_CORE   MULADDC_CORE
+        MULADDC_CORE   MULADDC_CORE
+        MULADDC_CORE   MULADDC_CORE
+        MULADDC_STOP
+    }
+
+    for( ; i >= 8; i -= 8 )
+    {
+        MULADDC_INIT
+        MULADDC_CORE   MULADDC_CORE
+        MULADDC_CORE   MULADDC_CORE
+
+        MULADDC_CORE   MULADDC_CORE
+        MULADDC_CORE   MULADDC_CORE
+        MULADDC_STOP
+    }
+
+    for( ; i > 0; i-- )
+    {
+        MULADDC_INIT
+        MULADDC_CORE
+        MULADDC_STOP
+    }
+#endif /* MULADDC_HUIT */
+
+    t++;
+
+    do {
+        *d += c; c = ( *d < c ); d++;
+    }
+    while( c != 0 );
+}
+
+/*
+ * Baseline multiplication: X = A * B  (HAC 14.12)
+ */
+int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B )
+{
+    int ret;
+    size_t i, j;
+    mbedtls_mpi TA, TB;
+
+    mbedtls_mpi_init( &TA ); mbedtls_mpi_init( &TB );
+
+    if( X == A ) { MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TA, A ) ); A = &TA; }
+    if( X == B ) { MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, B ) ); B = &TB; }
+
+    for( i = A->n; i > 0; i-- )
+        if( A->p[i - 1] != 0 )
+            break;
+
+    for( j = B->n; j > 0; j-- )
+        if( B->p[j - 1] != 0 )
+            break;
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, i + j ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) );
+
+    for( i++; j > 0; j-- )
+        mpi_mul_hlp( i - 1, A->p, X->p + j - 1, B->p[j - 1] );
+
+    X->s = A->s * B->s;
+
+cleanup:
+
+    mbedtls_mpi_free( &TB ); mbedtls_mpi_free( &TA );
+
+    return( ret );
+}
+
+/*
+ * Baseline multiplication: X = A * b
+ */
+int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint b )
+{
+    mbedtls_mpi _B;
+    mbedtls_mpi_uint p[1];
+
+    _B.s = 1;
+    _B.n = 1;
+    _B.p = p;
+    p[0] = b;
+
+    return( mbedtls_mpi_mul_mpi( X, A, &_B ) );
+}
+
+/*
+ * Unsigned integer divide - double mbedtls_mpi_uint dividend, u1/u0, and
+ * mbedtls_mpi_uint divisor, d
+ */
+static mbedtls_mpi_uint mbedtls_int_div_int( mbedtls_mpi_uint u1,
+            mbedtls_mpi_uint u0, mbedtls_mpi_uint d, mbedtls_mpi_uint *r )
+{
+#if defined(MBEDTLS_HAVE_UDBL)
+    mbedtls_t_udbl dividend, quotient;
+#else
+    const mbedtls_mpi_uint radix = (mbedtls_mpi_uint) 1 << biH;
+    const mbedtls_mpi_uint uint_halfword_mask = ( (mbedtls_mpi_uint) 1 << biH ) - 1;
+    mbedtls_mpi_uint d0, d1, q0, q1, rAX, r0, quotient;
+    mbedtls_mpi_uint u0_msw, u0_lsw;
+    size_t s;
+#endif
+
+    /*
+     * Check for overflow
+     */
+    if( 0 == d || u1 >= d )
+    {
+        if (r != NULL) *r = ~0;
+
+        return ( ~0 );
+    }
+
+#if defined(MBEDTLS_HAVE_UDBL)
+    dividend  = (mbedtls_t_udbl) u1 << biL;
+    dividend |= (mbedtls_t_udbl) u0;
+    quotient = dividend / d;
+    if( quotient > ( (mbedtls_t_udbl) 1 << biL ) - 1 )
+        quotient = ( (mbedtls_t_udbl) 1 << biL ) - 1;
+
+    if( r != NULL )
+        *r = (mbedtls_mpi_uint)( dividend - (quotient * d ) );
+
+    return (mbedtls_mpi_uint) quotient;
+#else
+
+    /*
+     * Algorithm D, Section 4.3.1 - The Art of Computer Programming
+     *   Vol. 2 - Seminumerical Algorithms, Knuth
+     */
+
+    /*
+     * Normalize the divisor, d, and dividend, u0, u1
+     */
+    s = mbedtls_clz( d );
+    d = d << s;
+
+    u1 = u1 << s;
+    u1 |= ( u0 >> ( biL - s ) ) & ( -(mbedtls_mpi_sint)s >> ( biL - 1 ) );
+    u0 =  u0 << s;
+
+    d1 = d >> biH;
+    d0 = d & uint_halfword_mask;
+
+    u0_msw = u0 >> biH;
+    u0_lsw = u0 & uint_halfword_mask;
+
+    /*
+     * Find the first quotient and remainder
+     */
+    q1 = u1 / d1;
+    r0 = u1 - d1 * q1;
+
+    while( q1 >= radix || ( q1 * d0 > radix * r0 + u0_msw ) )
+    {
+        q1 -= 1;
+        r0 += d1;
+
+        if ( r0 >= radix ) break;
+    }
+
+    rAX = ( u1 * radix ) + ( u0_msw - q1 * d );
+    q0 = rAX / d1;
+    r0 = rAX - q0 * d1;
+
+    while( q0 >= radix || ( q0 * d0 > radix * r0 + u0_lsw ) )
+    {
+        q0 -= 1;
+        r0 += d1;
+
+        if ( r0 >= radix ) break;
+    }
+
+    if (r != NULL)
+        *r = ( rAX * radix + u0_lsw - q0 * d ) >> s;
+
+    quotient = q1 * radix + q0;
+
+    return quotient;
+#endif
+}
+
+/*
+ * Division by mbedtls_mpi: A = Q * B + R  (HAC 14.20)
+ */
+int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B )
+{
+    int ret;
+    size_t i, n, t, k;
+    mbedtls_mpi X, Y, Z, T1, T2;
+
+    if( mbedtls_mpi_cmp_int( B, 0 ) == 0 )
+        return( MBEDTLS_ERR_MPI_DIVISION_BY_ZERO );
+
+    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z );
+    mbedtls_mpi_init( &T1 ); mbedtls_mpi_init( &T2 );
+
+    if( mbedtls_mpi_cmp_abs( A, B ) < 0 )
+    {
+        if( Q != NULL ) MBEDTLS_MPI_CHK( mbedtls_mpi_lset( Q, 0 ) );
+        if( R != NULL ) MBEDTLS_MPI_CHK( mbedtls_mpi_copy( R, A ) );
+        return( 0 );
+    }
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &X, A ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &Y, B ) );
+    X.s = Y.s = 1;
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &Z, A->n + 2 ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &Z,  0 ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &T1, 2 ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &T2, 3 ) );
+
+    k = mbedtls_mpi_bitlen( &Y ) % biL;
+    if( k < biL - 1 )
+    {
+        k = biL - 1 - k;
+        MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &X, k ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &Y, k ) );
+    }
+    else k = 0;
+
+    n = X.n - 1;
+    t = Y.n - 1;
+    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &Y, biL * ( n - t ) ) );
+
+    while( mbedtls_mpi_cmp_mpi( &X, &Y ) >= 0 )
+    {
+        Z.p[n - t]++;
+        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &X, &X, &Y ) );
+    }
+    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &Y, biL * ( n - t ) ) );
+
+    for( i = n; i > t ; i-- )
+    {
+        if( X.p[i] >= Y.p[t] )
+            Z.p[i - t - 1] = ~0;
+        else
+        {
+            Z.p[i - t - 1] = mbedtls_int_div_int( X.p[i], X.p[i - 1],
+                                                            Y.p[t], NULL);
+        }
+
+        Z.p[i - t - 1]++;
+        do
+        {
+            Z.p[i - t - 1]--;
+
+            MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &T1, 0 ) );
+            T1.p[0] = ( t < 1 ) ? 0 : Y.p[t - 1];
+            T1.p[1] = Y.p[t];
+            MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &T1, &T1, Z.p[i - t - 1] ) );
+
+            MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &T2, 0 ) );
+            T2.p[0] = ( i < 2 ) ? 0 : X.p[i - 2];
+            T2.p[1] = ( i < 1 ) ? 0 : X.p[i - 1];
+            T2.p[2] = X.p[i];
+        }
+        while( mbedtls_mpi_cmp_mpi( &T1, &T2 ) > 0 );
+
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &T1, &Y, Z.p[i - t - 1] ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &T1,  biL * ( i - t - 1 ) ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &X, &X, &T1 ) );
+
+        if( mbedtls_mpi_cmp_int( &X, 0 ) < 0 )
+        {
+            MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &T1, &Y ) );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &T1, biL * ( i - t - 1 ) ) );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &X, &X, &T1 ) );
+            Z.p[i - t - 1]--;
+        }
+    }
+
+    if( Q != NULL )
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_copy( Q, &Z ) );
+        Q->s = A->s * B->s;
+    }
+
+    if( R != NULL )
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &X, k ) );
+        X.s = A->s;
+        MBEDTLS_MPI_CHK( mbedtls_mpi_copy( R, &X ) );
+
+        if( mbedtls_mpi_cmp_int( R, 0 ) == 0 )
+            R->s = 1;
+    }
+
+cleanup:
+
+    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z );
+    mbedtls_mpi_free( &T1 ); mbedtls_mpi_free( &T2 );
+
+    return( ret );
+}
+
+/*
+ * Division by int: A = Q * b + R
+ */
+int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, mbedtls_mpi_sint b )
+{
+    mbedtls_mpi _B;
+    mbedtls_mpi_uint p[1];
+
+    p[0] = ( b < 0 ) ? -b : b;
+    _B.s = ( b < 0 ) ? -1 : 1;
+    _B.n = 1;
+    _B.p = p;
+
+    return( mbedtls_mpi_div_mpi( Q, R, A, &_B ) );
+}
+
+/*
+ * Modulo: R = A mod B
+ */
+int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B )
+{
+    int ret;
+
+    if( mbedtls_mpi_cmp_int( B, 0 ) < 0 )
+        return( MBEDTLS_ERR_MPI_NEGATIVE_VALUE );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_div_mpi( NULL, R, A, B ) );
+
+    while( mbedtls_mpi_cmp_int( R, 0 ) < 0 )
+      MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( R, R, B ) );
+
+    while( mbedtls_mpi_cmp_mpi( R, B ) >= 0 )
+      MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( R, R, B ) );
+
+cleanup:
+
+    return( ret );
+}
+
+/*
+ * Modulo: r = A mod b
+ */
+int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A, mbedtls_mpi_sint b )
+{
+    size_t i;
+    mbedtls_mpi_uint x, y, z;
+
+    if( b == 0 )
+        return( MBEDTLS_ERR_MPI_DIVISION_BY_ZERO );
+
+    if( b < 0 )
+        return( MBEDTLS_ERR_MPI_NEGATIVE_VALUE );
+
+    /*
+     * handle trivial cases
+     */
+    if( b == 1 )
+    {
+        *r = 0;
+        return( 0 );
+    }
+
+    if( b == 2 )
+    {
+        *r = A->p[0] & 1;
+        return( 0 );
+    }
+
+    /*
+     * general case
+     */
+    for( i = A->n, y = 0; i > 0; i-- )
+    {
+        x  = A->p[i - 1];
+        y  = ( y << biH ) | ( x >> biH );
+        z  = y / b;
+        y -= z * b;
+
+        x <<= biH;
+        y  = ( y << biH ) | ( x >> biH );
+        z  = y / b;
+        y -= z * b;
+    }
+
+    /*
+     * If A is negative, then the current y represents a negative value.
+     * Flipping it to the positive side.
+     */
+    if( A->s < 0 && y != 0 )
+        y = b - y;
+
+    *r = y;
+
+    return( 0 );
+}
+
+/*
+ * Fast Montgomery initialization (thanks to Tom St Denis)
+ */
+static void mpi_montg_init( mbedtls_mpi_uint *mm, const mbedtls_mpi *N )
+{
+    mbedtls_mpi_uint x, m0 = N->p[0];
+    unsigned int i;
+
+    x  = m0;
+    x += ( ( m0 + 2 ) & 4 ) << 1;
+
+    for( i = biL; i >= 8; i /= 2 )
+        x *= ( 2 - ( m0 * x ) );
+
+    *mm = ~x + 1;
+}
+
+/*
+ * Montgomery multiplication: A = A * B * R^-1 mod N  (HAC 14.36)
+ */
+static int mpi_montmul( mbedtls_mpi *A, const mbedtls_mpi *B, const mbedtls_mpi *N, mbedtls_mpi_uint mm,
+                         const mbedtls_mpi *T )
+{
+    size_t i, n, m;
+    mbedtls_mpi_uint u0, u1, *d;
+
+    if( T->n < N->n + 1 || T->p == NULL )
+        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+
+    memset( T->p, 0, T->n * ciL );
+
+    d = T->p;
+    n = N->n;
+    m = ( B->n < n ) ? B->n : n;
+
+    for( i = 0; i < n; i++ )
+    {
+        /*
+         * T = (T + u0*B + u1*N) / 2^biL
+         */
+        u0 = A->p[i];
+        u1 = ( d[0] + u0 * B->p[0] ) * mm;
+
+        mpi_mul_hlp( m, B->p, d, u0 );
+        mpi_mul_hlp( n, N->p, d, u1 );
+
+        *d++ = u0; d[n + 1] = 0;
+    }
+
+    memcpy( A->p, d, ( n + 1 ) * ciL );
+
+    if( mbedtls_mpi_cmp_abs( A, N ) >= 0 )
+        mpi_sub_hlp( n, N->p, A->p );
+    else
+        /* prevent timing attacks */
+        mpi_sub_hlp( n, A->p, T->p );
+
+    return( 0 );
+}
+
+/*
+ * Montgomery reduction: A = A * R^-1 mod N
+ */
+static int mpi_montred( mbedtls_mpi *A, const mbedtls_mpi *N, mbedtls_mpi_uint mm, const mbedtls_mpi *T )
+{
+    mbedtls_mpi_uint z = 1;
+    mbedtls_mpi U;
+
+    U.n = U.s = (int) z;
+    U.p = &z;
+
+    return( mpi_montmul( A, &U, N, mm, T ) );
+}
+
+/*
+ * Sliding-window exponentiation: X = A^E mod N  (HAC 14.85)
+ */
+int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *E, const mbedtls_mpi *N, mbedtls_mpi *_RR )
+{
+    int ret;
+    size_t wbits, wsize, one = 1;
+    size_t i, j, nblimbs;
+    size_t bufsize, nbits;
+    mbedtls_mpi_uint ei, mm, state;
+    mbedtls_mpi RR, T, W[ 2 << MBEDTLS_MPI_WINDOW_SIZE ], Apos;
+    int neg;
+
+    if( mbedtls_mpi_cmp_int( N, 0 ) < 0 || ( N->p[0] & 1 ) == 0 )
+        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+
+    if( mbedtls_mpi_cmp_int( E, 0 ) < 0 )
+        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+
+    /*
+     * Init temps and window size
+     */
+    mpi_montg_init( &mm, N );
+    mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &T );
+    mbedtls_mpi_init( &Apos );
+    memset( W, 0, sizeof( W ) );
+
+    i = mbedtls_mpi_bitlen( E );
+
+    wsize = ( i > 671 ) ? 6 : ( i > 239 ) ? 5 :
+            ( i >  79 ) ? 4 : ( i >  23 ) ? 3 : 1;
+
+    if( wsize > MBEDTLS_MPI_WINDOW_SIZE )
+        wsize = MBEDTLS_MPI_WINDOW_SIZE;
+
+    j = N->n + 1;
+    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, j ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[1],  j ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &T, j * 2 ) );
+
+    /*
+     * Compensate for negative A (and correct at the end)
+     */
+    neg = ( A->s == -1 );
+    if( neg )
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &Apos, A ) );
+        Apos.s = 1;
+        A = &Apos;
+    }
+
+    /*
+     * If 1st call, pre-compute R^2 mod N
+     */
+    if( _RR == NULL || _RR->p == NULL )
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &RR, 1 ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &RR, N->n * 2 * biL ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &RR, &RR, N ) );
+
+        if( _RR != NULL )
+            memcpy( _RR, &RR, sizeof( mbedtls_mpi ) );
+    }
+    else
+        memcpy( &RR, _RR, sizeof( mbedtls_mpi ) );
+
+    /*
+     * W[1] = A * R^2 * R^-1 mod N = A * R mod N
+     */
+    if( mbedtls_mpi_cmp_mpi( A, N ) >= 0 )
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &W[1], A, N ) );
+    else
+        MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[1], A ) );
+
+    MBEDTLS_MPI_CHK( mpi_montmul( &W[1], &RR, N, mm, &T ) );
+
+    /*
+     * X = R^2 * R^-1 mod N = R mod N
+     */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, &RR ) );
+    MBEDTLS_MPI_CHK( mpi_montred( X, N, mm, &T ) );
+
+    if( wsize > 1 )
+    {
+        /*
+         * W[1 << (wsize - 1)] = W[1] ^ (wsize - 1)
+         */
+        j =  one << ( wsize - 1 );
+
+        MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[j], N->n + 1 ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[j], &W[1]    ) );
+
+        for( i = 0; i < wsize - 1; i++ )
+            MBEDTLS_MPI_CHK( mpi_montmul( &W[j], &W[j], N, mm, &T ) );
+
+        /*
+         * W[i] = W[i - 1] * W[1]
+         */
+        for( i = j + 1; i < ( one << wsize ); i++ )
+        {
+            MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[i], N->n + 1 ) );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[i], &W[i - 1] ) );
+
+            MBEDTLS_MPI_CHK( mpi_montmul( &W[i], &W[1], N, mm, &T ) );
+        }
+    }
+
+    nblimbs = E->n;
+    bufsize = 0;
+    nbits   = 0;
+    wbits   = 0;
+    state   = 0;
+
+    while( 1 )
+    {
+        if( bufsize == 0 )
+        {
+            if( nblimbs == 0 )
+                break;
+
+            nblimbs--;
+
+            bufsize = sizeof( mbedtls_mpi_uint ) << 3;
+        }
+
+        bufsize--;
+
+        ei = (E->p[nblimbs] >> bufsize) & 1;
+
+        /*
+         * skip leading 0s
+         */
+        if( ei == 0 && state == 0 )
+            continue;
+
+        if( ei == 0 && state == 1 )
+        {
+            /*
+             * out of window, square X
+             */
+            MBEDTLS_MPI_CHK( mpi_montmul( X, X, N, mm, &T ) );
+            continue;
+        }
+
+        /*
+         * add ei to current window
+         */
+        state = 2;
+
+        nbits++;
+        wbits |= ( ei << ( wsize - nbits ) );
+
+        if( nbits == wsize )
+        {
+            /*
+             * X = X^wsize R^-1 mod N
+             */
+            for( i = 0; i < wsize; i++ )
+                MBEDTLS_MPI_CHK( mpi_montmul( X, X, N, mm, &T ) );
+
+            /*
+             * X = X * W[wbits] R^-1 mod N
+             */
+            MBEDTLS_MPI_CHK( mpi_montmul( X, &W[wbits], N, mm, &T ) );
+
+            state--;
+            nbits = 0;
+            wbits = 0;
+        }
+    }
+
+    /*
+     * process the remaining bits
+     */
+    for( i = 0; i < nbits; i++ )
+    {
+        MBEDTLS_MPI_CHK( mpi_montmul( X, X, N, mm, &T ) );
+
+        wbits <<= 1;
+
+        if( ( wbits & ( one << wsize ) ) != 0 )
+            MBEDTLS_MPI_CHK( mpi_montmul( X, &W[1], N, mm, &T ) );
+    }
+
+    /*
+     * X = A^E * R * R^-1 mod N = A^E mod N
+     */
+    MBEDTLS_MPI_CHK( mpi_montred( X, N, mm, &T ) );
+
+    if( neg && E->n != 0 && ( E->p[0] & 1 ) != 0 )
+    {
+        X->s = -1;
+        MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( X, N, X ) );
+    }
+
+cleanup:
+
+    for( i = ( one << ( wsize - 1 ) ); i < ( one << wsize ); i++ )
+        mbedtls_mpi_free( &W[i] );
+
+    mbedtls_mpi_free( &W[1] ); mbedtls_mpi_free( &T ); mbedtls_mpi_free( &Apos );
+
+    if( _RR == NULL || _RR->p == NULL )
+        mbedtls_mpi_free( &RR );
+
+    return( ret );
+}
+
+/*
+ * Greatest common divisor: G = gcd(A, B)  (HAC 14.54)
+ */
+int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B )
+{
+    int ret;
+    size_t lz, lzt;
+    mbedtls_mpi TG, TA, TB;
+
+    mbedtls_mpi_init( &TG ); mbedtls_mpi_init( &TA ); mbedtls_mpi_init( &TB );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TA, A ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, B ) );
+
+    lz = mbedtls_mpi_lsb( &TA );
+    lzt = mbedtls_mpi_lsb( &TB );
+
+    if( lzt < lz )
+        lz = lzt;
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TA, lz ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, lz ) );
+
+    TA.s = TB.s = 1;
+
+    while( mbedtls_mpi_cmp_int( &TA, 0 ) != 0 )
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TA, mbedtls_mpi_lsb( &TA ) ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, mbedtls_mpi_lsb( &TB ) ) );
+
+        if( mbedtls_mpi_cmp_mpi( &TA, &TB ) >= 0 )
+        {
+            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &TA, &TA, &TB ) );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TA, 1 ) );
+        }
+        else
+        {
+            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &TB, &TB, &TA ) );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, 1 ) );
+        }
+    }
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &TB, lz ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( G, &TB ) );
+
+cleanup:
+
+    mbedtls_mpi_free( &TG ); mbedtls_mpi_free( &TA ); mbedtls_mpi_free( &TB );
+
+    return( ret );
+}
+
+/*
+ * Fill X with size bytes of random.
+ *
+ * Use a temporary bytes representation to make sure the result is the same
+ * regardless of the platform endianness (useful when f_rng is actually
+ * deterministic, eg for tests).
+ */
+int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size,
+                     int (*f_rng)(void *, unsigned char *, size_t),
+                     void *p_rng )
+{
+    int ret;
+    unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
+
+    if( size > MBEDTLS_MPI_MAX_SIZE )
+        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+
+    MBEDTLS_MPI_CHK( f_rng( p_rng, buf, size ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( X, buf, size ) );
+
+cleanup:
+    mbedtls_zeroize( buf, sizeof( buf ) );
+    return( ret );
+}
+
+/*
+ * Modular inverse: X = A^-1 mod N  (HAC 14.61 / 14.64)
+ */
+int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *N )
+{
+    int ret;
+    mbedtls_mpi G, TA, TU, U1, U2, TB, TV, V1, V2;
+
+    if( mbedtls_mpi_cmp_int( N, 1 ) <= 0 )
+        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+
+    mbedtls_mpi_init( &TA ); mbedtls_mpi_init( &TU ); mbedtls_mpi_init( &U1 ); mbedtls_mpi_init( &U2 );
+    mbedtls_mpi_init( &G ); mbedtls_mpi_init( &TB ); mbedtls_mpi_init( &TV );
+    mbedtls_mpi_init( &V1 ); mbedtls_mpi_init( &V2 );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &G, A, N ) );
+
+    if( mbedtls_mpi_cmp_int( &G, 1 ) != 0 )
+    {
+        ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE;
+        goto cleanup;
+    }
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &TA, A, N ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TU, &TA ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, N ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TV, N ) );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &U1, 1 ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &U2, 0 ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &V1, 0 ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &V2, 1 ) );
+
+    do
+    {
+        while( ( TU.p[0] & 1 ) == 0 )
+        {
+            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TU, 1 ) );
+
+            if( ( U1.p[0] & 1 ) != 0 || ( U2.p[0] & 1 ) != 0 )
+            {
+                MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &U1, &U1, &TB ) );
+                MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &U2, &U2, &TA ) );
+            }
+
+            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &U1, 1 ) );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &U2, 1 ) );
+        }
+
+        while( ( TV.p[0] & 1 ) == 0 )
+        {
+            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TV, 1 ) );
+
+            if( ( V1.p[0] & 1 ) != 0 || ( V2.p[0] & 1 ) != 0 )
+            {
+                MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &V1, &V1, &TB ) );
+                MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V2, &V2, &TA ) );
+            }
+
+            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &V1, 1 ) );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &V2, 1 ) );
+        }
+
+        if( mbedtls_mpi_cmp_mpi( &TU, &TV ) >= 0 )
+        {
+            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &TU, &TU, &TV ) );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &U1, &U1, &V1 ) );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &U2, &U2, &V2 ) );
+        }
+        else
+        {
+            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &TV, &TV, &TU ) );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V1, &V1, &U1 ) );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V2, &V2, &U2 ) );
+        }
+    }
+    while( mbedtls_mpi_cmp_int( &TU, 0 ) != 0 );
+
+    while( mbedtls_mpi_cmp_int( &V1, 0 ) < 0 )
+        MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &V1, &V1, N ) );
+
+    while( mbedtls_mpi_cmp_mpi( &V1, N ) >= 0 )
+        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &V1, &V1, N ) );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, &V1 ) );
+
+cleanup:
+
+    mbedtls_mpi_free( &TA ); mbedtls_mpi_free( &TU ); mbedtls_mpi_free( &U1 ); mbedtls_mpi_free( &U2 );
+    mbedtls_mpi_free( &G ); mbedtls_mpi_free( &TB ); mbedtls_mpi_free( &TV );
+    mbedtls_mpi_free( &V1 ); mbedtls_mpi_free( &V2 );
+
+    return( ret );
+}
+
+#if defined(MBEDTLS_GENPRIME)
+
+static const int small_prime[] =
+{
+        3,    5,    7,   11,   13,   17,   19,   23,
+       29,   31,   37,   41,   43,   47,   53,   59,
+       61,   67,   71,   73,   79,   83,   89,   97,
+      101,  103,  107,  109,  113,  127,  131,  137,
+      139,  149,  151,  157,  163,  167,  173,  179,
+      181,  191,  193,  197,  199,  211,  223,  227,
+      229,  233,  239,  241,  251,  257,  263,  269,
+      271,  277,  281,  283,  293,  307,  311,  313,
+      317,  331,  337,  347,  349,  353,  359,  367,
+      373,  379,  383,  389,  397,  401,  409,  419,
+      421,  431,  433,  439,  443,  449,  457,  461,
+      463,  467,  479,  487,  491,  499,  503,  509,
+      521,  523,  541,  547,  557,  563,  569,  571,
+      577,  587,  593,  599,  601,  607,  613,  617,
+      619,  631,  641,  643,  647,  653,  659,  661,
+      673,  677,  683,  691,  701,  709,  719,  727,
+      733,  739,  743,  751,  757,  761,  769,  773,
+      787,  797,  809,  811,  821,  823,  827,  829,
+      839,  853,  857,  859,  863,  877,  881,  883,
+      887,  907,  911,  919,  929,  937,  941,  947,
+      953,  967,  971,  977,  983,  991,  997, -103
+};
+
+/*
+ * Small divisors test (X must be positive)
+ *
+ * Return values:
+ * 0: no small factor (possible prime, more tests needed)
+ * 1: certain prime
+ * MBEDTLS_ERR_MPI_NOT_ACCEPTABLE: certain non-prime
+ * other negative: error
+ */
+static int mpi_check_small_factors( const mbedtls_mpi *X )
+{
+    int ret = 0;
+    size_t i;
+    mbedtls_mpi_uint r;
+
+    if( ( X->p[0] & 1 ) == 0 )
+        return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE );
+
+    for( i = 0; small_prime[i] > 0; i++ )
+    {
+        if( mbedtls_mpi_cmp_int( X, small_prime[i] ) <= 0 )
+            return( 1 );
+
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_int( &r, X, small_prime[i] ) );
+
+        if( r == 0 )
+            return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE );
+    }
+
+cleanup:
+    return( ret );
+}
+
+/*
+ * Miller-Rabin pseudo-primality test  (HAC 4.24)
+ */
+static int mpi_miller_rabin( const mbedtls_mpi *X,
+                             int (*f_rng)(void *, unsigned char *, size_t),
+                             void *p_rng )
+{
+    int ret, count;
+    size_t i, j, k, n, s;
+    mbedtls_mpi W, R, T, A, RR;
+
+    mbedtls_mpi_init( &W ); mbedtls_mpi_init( &R ); mbedtls_mpi_init( &T ); mbedtls_mpi_init( &A );
+    mbedtls_mpi_init( &RR );
+
+    /*
+     * W = |X| - 1
+     * R = W >> lsb( W )
+     */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &W, X, 1 ) );
+    s = mbedtls_mpi_lsb( &W );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R, &W ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &R, s ) );
+
+    i = mbedtls_mpi_bitlen( X );
+    /*
+     * HAC, table 4.4
+     */
+    n = ( ( i >= 1300 ) ?  2 : ( i >=  850 ) ?  3 :
+          ( i >=  650 ) ?  4 : ( i >=  350 ) ?  8 :
+          ( i >=  250 ) ? 12 : ( i >=  150 ) ? 18 : 27 );
+
+    for( i = 0; i < n; i++ )
+    {
+        /*
+         * pick a random A, 1 < A < |X| - 1
+         */
+        MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &A, X->n * ciL, f_rng, p_rng ) );
+
+        if( mbedtls_mpi_cmp_mpi( &A, &W ) >= 0 )
+        {
+            j = mbedtls_mpi_bitlen( &A ) - mbedtls_mpi_bitlen( &W );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &A, j + 1 ) );
+        }
+        A.p[0] |= 3;
+
+        count = 0;
+        do {
+            MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &A, X->n * ciL, f_rng, p_rng ) );
+
+            j = mbedtls_mpi_bitlen( &A );
+            k = mbedtls_mpi_bitlen( &W );
+            if (j > k) {
+                MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &A, j - k ) );
+            }
+
+            if (count++ > 30) {
+                return MBEDTLS_ERR_MPI_NOT_ACCEPTABLE;
+            }
+
+        } while ( mbedtls_mpi_cmp_mpi( &A, &W ) >= 0 ||
+                  mbedtls_mpi_cmp_int( &A, 1 )  <= 0    );
+
+        /*
+         * A = A^R mod |X|
+         */
+        MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &A, &A, &R, X, &RR ) );
+
+        if( mbedtls_mpi_cmp_mpi( &A, &W ) == 0 ||
+            mbedtls_mpi_cmp_int( &A,  1 ) == 0 )
+            continue;
+
+        j = 1;
+        while( j < s && mbedtls_mpi_cmp_mpi( &A, &W ) != 0 )
+        {
+            /*
+             * A = A * A mod |X|
+             */
+            MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &A, &A ) );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &A, &T, X  ) );
+
+            if( mbedtls_mpi_cmp_int( &A, 1 ) == 0 )
+                break;
+
+            j++;
+        }
+
+        /*
+         * not prime if A != |X| - 1 or A == 1
+         */
+        if( mbedtls_mpi_cmp_mpi( &A, &W ) != 0 ||
+            mbedtls_mpi_cmp_int( &A,  1 ) == 0 )
+        {
+            ret = MBEDTLS_ERR_MPI_NOT_ACCEPTABLE;
+            break;
+        }
+    }
+
+cleanup:
+    mbedtls_mpi_free( &W ); mbedtls_mpi_free( &R ); mbedtls_mpi_free( &T ); mbedtls_mpi_free( &A );
+    mbedtls_mpi_free( &RR );
+
+    return( ret );
+}
+
+/*
+ * Pseudo-primality test: small factors, then Miller-Rabin
+ */
+int mbedtls_mpi_is_prime( const mbedtls_mpi *X,
+                  int (*f_rng)(void *, unsigned char *, size_t),
+                  void *p_rng )
+{
+    int ret;
+    mbedtls_mpi XX;
+
+    XX.s = 1;
+    XX.n = X->n;
+    XX.p = X->p;
+
+    if( mbedtls_mpi_cmp_int( &XX, 0 ) == 0 ||
+        mbedtls_mpi_cmp_int( &XX, 1 ) == 0 )
+        return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE );
+
+    if( mbedtls_mpi_cmp_int( &XX, 2 ) == 0 )
+        return( 0 );
+
+    if( ( ret = mpi_check_small_factors( &XX ) ) != 0 )
+    {
+        if( ret == 1 )
+            return( 0 );
+
+        return( ret );
+    }
+
+    return( mpi_miller_rabin( &XX, f_rng, p_rng ) );
+}
+
+/*
+ * Prime number generation
+ */
+int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int dh_flag,
+                   int (*f_rng)(void *, unsigned char *, size_t),
+                   void *p_rng )
+{
+    int ret;
+    size_t k, n;
+    mbedtls_mpi_uint r;
+    mbedtls_mpi Y;
+
+    if( nbits < 3 || nbits > MBEDTLS_MPI_MAX_BITS )
+        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+
+    mbedtls_mpi_init( &Y );
+
+    n = BITS_TO_LIMBS( nbits );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( X, n * ciL, f_rng, p_rng ) );
+
+    k = mbedtls_mpi_bitlen( X );
+    if( k > nbits ) MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( X, k - nbits + 1 ) );
+
+    mbedtls_mpi_set_bit( X, nbits-1, 1 );
+
+    X->p[0] |= 1;
+
+    if( dh_flag == 0 )
+    {
+        while( ( ret = mbedtls_mpi_is_prime( X, f_rng, p_rng ) ) != 0 )
+        {
+            if( ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE )
+                goto cleanup;
+
+            MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( X, X, 2 ) );
+        }
+    }
+    else
+    {
+        /*
+         * An necessary condition for Y and X = 2Y + 1 to be prime
+         * is X = 2 mod 3 (which is equivalent to Y = 2 mod 3).
+         * Make sure it is satisfied, while keeping X = 3 mod 4
+         */
+
+        X->p[0] |= 2;
+
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_int( &r, X, 3 ) );
+        if( r == 0 )
+            MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( X, X, 8 ) );
+        else if( r == 1 )
+            MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( X, X, 4 ) );
+
+        /* Set Y = (X-1) / 2, which is X / 2 because X is odd */
+        MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &Y, X ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &Y, 1 ) );
+
+        while( 1 )
+        {
+            /*
+             * First, check small factors for X and Y
+             * before doing Miller-Rabin on any of them
+             */
+            if( ( ret = mpi_check_small_factors(  X         ) ) == 0 &&
+                ( ret = mpi_check_small_factors( &Y         ) ) == 0 &&
+                ( ret = mpi_miller_rabin(  X, f_rng, p_rng  ) ) == 0 &&
+                ( ret = mpi_miller_rabin( &Y, f_rng, p_rng  ) ) == 0 )
+            {
+                break;
+            }
+
+            if( ret != MBEDTLS_ERR_MPI_NOT_ACCEPTABLE )
+                goto cleanup;
+
+            /*
+             * Next candidates. We want to preserve Y = (X-1) / 2 and
+             * Y = 1 mod 2 and Y = 2 mod 3 (eq X = 3 mod 4 and X = 2 mod 3)
+             * so up Y by 6 and X by 12.
+             */
+            MBEDTLS_MPI_CHK( mbedtls_mpi_add_int(  X,  X, 12 ) );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &Y, &Y, 6  ) );
+        }
+    }
+
+cleanup:
+
+    mbedtls_mpi_free( &Y );
+
+    return( ret );
+}
+
+#endif /* MBEDTLS_GENPRIME */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+#define GCD_PAIR_COUNT  3
+
+static const int gcd_pairs[GCD_PAIR_COUNT][3] =
+{
+    { 693, 609, 21 },
+    { 1764, 868, 28 },
+    { 768454923, 542167814, 1 }
+};
+
+/*
+ * Checkup routine
+ */
+int mbedtls_mpi_self_test( int verbose )
+{
+    int ret, i;
+    mbedtls_mpi A, E, N, X, Y, U, V;
+
+    mbedtls_mpi_init( &A ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &N ); mbedtls_mpi_init( &X );
+    mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &U ); mbedtls_mpi_init( &V );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &A, 16,
+        "EFE021C2645FD1DC586E69184AF4A31E" \
+        "D5F53E93B5F123FA41680867BA110131" \
+        "944FE7952E2517337780CB0DB80E61AA" \
+        "E7C8DDC6C5C6AADEB34EB38A2F40D5E6" ) );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &E, 16,
+        "B2E7EFD37075B9F03FF989C7C5051C20" \
+        "34D2A323810251127E7BF8625A4F49A5" \
+        "F3E27F4DA8BD59C47D6DAABA4C8127BD" \
+        "5B5C25763222FEFCCFC38B832366C29E" ) );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &N, 16,
+        "0066A198186C18C10B2F5ED9B522752A" \
+        "9830B69916E535C8F047518A889A43A5" \
+        "94B6BED27A168D31D4A52F88925AA8F5" ) );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &X, &A, &N ) );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &U, 16,
+        "602AB7ECA597A3D6B56FF9829A5E8B85" \
+        "9E857EA95A03512E2BAE7391688D264A" \
+        "A5663B0341DB9CCFD2C4C5F421FEC814" \
+        "8001B72E848A38CAE1C65F78E56ABDEF" \
+        "E12D3C039B8A02D6BE593F0BBBDA56F1" \
+        "ECF677152EF804370C1A305CAF3B5BF1" \
+        "30879B56C61DE584A0F53A2447A51E" ) );
+
+    if( verbose != 0 )
+        mbedtls_printf( "  MPI test #1 (mul_mpi): " );
+
+    if( mbedtls_mpi_cmp_mpi( &X, &U ) != 0 )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "failed\n" );
+
+        ret = 1;
+        goto cleanup;
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n" );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_div_mpi( &X, &Y, &A, &N ) );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &U, 16,
+        "256567336059E52CAE22925474705F39A94" ) );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &V, 16,
+        "6613F26162223DF488E9CD48CC132C7A" \
+        "0AC93C701B001B092E4E5B9F73BCD27B" \
+        "9EE50D0657C77F374E903CDFA4C642" ) );
+
+    if( verbose != 0 )
+        mbedtls_printf( "  MPI test #2 (div_mpi): " );
+
+    if( mbedtls_mpi_cmp_mpi( &X, &U ) != 0 ||
+        mbedtls_mpi_cmp_mpi( &Y, &V ) != 0 )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "failed\n" );
+
+        ret = 1;
+        goto cleanup;
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n" );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &X, &A, &E, &N, NULL ) );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &U, 16,
+        "36E139AEA55215609D2816998ED020BB" \
+        "BD96C37890F65171D948E9BC7CBAA4D9" \
+        "325D24D6A3C12710F10A09FA08AB87" ) );
+
+    if( verbose != 0 )
+        mbedtls_printf( "  MPI test #3 (exp_mod): " );
+
+    if( mbedtls_mpi_cmp_mpi( &X, &U ) != 0 )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "failed\n" );
+
+        ret = 1;
+        goto cleanup;
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n" );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &X, &A, &N ) );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &U, 16,
+        "003A0AAEDD7E784FC07D8F9EC6E3BFD5" \
+        "C3DBA76456363A10869622EAC2DD84EC" \
+        "C5B8A74DAC4D09E03B5E0BE779F2DF61" ) );
+
+    if( verbose != 0 )
+        mbedtls_printf( "  MPI test #4 (inv_mod): " );
+
+    if( mbedtls_mpi_cmp_mpi( &X, &U ) != 0 )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "failed\n" );
+
+        ret = 1;
+        goto cleanup;
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n" );
+
+    if( verbose != 0 )
+        mbedtls_printf( "  MPI test #5 (simple gcd): " );
+
+    for( i = 0; i < GCD_PAIR_COUNT; i++ )
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &X, gcd_pairs[i][0] ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &Y, gcd_pairs[i][1] ) );
+
+        MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &A, &X, &Y ) );
+
+        if( mbedtls_mpi_cmp_int( &A, gcd_pairs[i][2] ) != 0 )
+        {
+            if( verbose != 0 )
+                mbedtls_printf( "failed at %d\n", i );
+
+            ret = 1;
+            goto cleanup;
+        }
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n" );
+
+cleanup:
+
+    if( ret != 0 && verbose != 0 )
+        mbedtls_printf( "Unexpected error, return code = %08X\n", ret );
+
+    mbedtls_mpi_free( &A ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &N ); mbedtls_mpi_free( &X );
+    mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &U ); mbedtls_mpi_free( &V );
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+    return( ret );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_BIGNUM_C */
diff --git a/thirdparty/mbedtls/library/blowfish.c b/thirdparty/mbedtls/library/blowfish.c
new file mode 100644
index 0000000000..9003f0dfeb
--- /dev/null
+++ b/thirdparty/mbedtls/library/blowfish.c
@@ -0,0 +1,656 @@
+/*
+ *  Blowfish implementation
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ *  The Blowfish block cipher was designed by Bruce Schneier in 1993.
+ *  http://www.schneier.com/blowfish.html
+ *  http://en.wikipedia.org/wiki/Blowfish_%28cipher%29
+ *
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_BLOWFISH_C)
+
+#include "mbedtls/blowfish.h"
+
+#include <string.h>
+
+#if !defined(MBEDTLS_BLOWFISH_ALT)
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
+}
+
+/*
+ * 32-bit integer manipulation macros (big endian)
+ */
+#ifndef GET_UINT32_BE
+#define GET_UINT32_BE(n,b,i)                            \
+{                                                       \
+    (n) = ( (uint32_t) (b)[(i)    ] << 24 )             \
+        | ( (uint32_t) (b)[(i) + 1] << 16 )             \
+        | ( (uint32_t) (b)[(i) + 2] <<  8 )             \
+        | ( (uint32_t) (b)[(i) + 3]       );            \
+}
+#endif
+
+#ifndef PUT_UINT32_BE
+#define PUT_UINT32_BE(n,b,i)                            \
+{                                                       \
+    (b)[(i)    ] = (unsigned char) ( (n) >> 24 );       \
+    (b)[(i) + 1] = (unsigned char) ( (n) >> 16 );       \
+    (b)[(i) + 2] = (unsigned char) ( (n) >>  8 );       \
+    (b)[(i) + 3] = (unsigned char) ( (n)       );       \
+}
+#endif
+
+static const uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2] = {
+        0x243F6A88L, 0x85A308D3L, 0x13198A2EL, 0x03707344L,
+        0xA4093822L, 0x299F31D0L, 0x082EFA98L, 0xEC4E6C89L,
+        0x452821E6L, 0x38D01377L, 0xBE5466CFL, 0x34E90C6CL,
+        0xC0AC29B7L, 0xC97C50DDL, 0x3F84D5B5L, 0xB5470917L,
+        0x9216D5D9L, 0x8979FB1BL
+};
+
+/* declarations of data at the end of this file */
+static const uint32_t S[4][256];
+
+static uint32_t F( mbedtls_blowfish_context *ctx, uint32_t x )
+{
+   unsigned short a, b, c, d;
+   uint32_t  y;
+
+   d = (unsigned short)(x & 0xFF);
+   x >>= 8;
+   c = (unsigned short)(x & 0xFF);
+   x >>= 8;
+   b = (unsigned short)(x & 0xFF);
+   x >>= 8;
+   a = (unsigned short)(x & 0xFF);
+   y = ctx->S[0][a] + ctx->S[1][b];
+   y = y ^ ctx->S[2][c];
+   y = y + ctx->S[3][d];
+
+   return( y );
+}
+
+static void blowfish_enc( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
+{
+    uint32_t  Xl, Xr, temp;
+    short i;
+
+    Xl = *xl;
+    Xr = *xr;
+
+    for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS; ++i )
+    {
+        Xl = Xl ^ ctx->P[i];
+        Xr = F( ctx, Xl ) ^ Xr;
+
+        temp = Xl;
+        Xl = Xr;
+        Xr = temp;
+    }
+
+    temp = Xl;
+    Xl = Xr;
+    Xr = temp;
+
+    Xr = Xr ^ ctx->P[MBEDTLS_BLOWFISH_ROUNDS];
+    Xl = Xl ^ ctx->P[MBEDTLS_BLOWFISH_ROUNDS + 1];
+
+    *xl = Xl;
+    *xr = Xr;
+}
+
+static void blowfish_dec( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
+{
+    uint32_t  Xl, Xr, temp;
+    short i;
+
+    Xl = *xl;
+    Xr = *xr;
+
+    for( i = MBEDTLS_BLOWFISH_ROUNDS + 1; i > 1; --i )
+    {
+        Xl = Xl ^ ctx->P[i];
+        Xr = F( ctx, Xl ) ^ Xr;
+
+        temp = Xl;
+        Xl = Xr;
+        Xr = temp;
+    }
+
+    temp = Xl;
+    Xl = Xr;
+    Xr = temp;
+
+    Xr = Xr ^ ctx->P[1];
+    Xl = Xl ^ ctx->P[0];
+
+    *xl = Xl;
+    *xr = Xr;
+}
+
+void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_blowfish_context ) );
+}
+
+void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    mbedtls_zeroize( ctx, sizeof( mbedtls_blowfish_context ) );
+}
+
+/*
+ * Blowfish key schedule
+ */
+int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char *key,
+                     unsigned int keybits )
+{
+    unsigned int i, j, k;
+    uint32_t data, datal, datar;
+
+    if( keybits < MBEDTLS_BLOWFISH_MIN_KEY_BITS || keybits > MBEDTLS_BLOWFISH_MAX_KEY_BITS ||
+        ( keybits % 8 ) )
+    {
+        return( MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH );
+    }
+
+    keybits >>= 3;
+
+    for( i = 0; i < 4; i++ )
+    {
+        for( j = 0; j < 256; j++ )
+            ctx->S[i][j] = S[i][j];
+    }
+
+    j = 0;
+    for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; ++i )
+    {
+        data = 0x00000000;
+        for( k = 0; k < 4; ++k )
+        {
+            data = ( data << 8 ) | key[j++];
+            if( j >= keybits )
+                j = 0;
+        }
+        ctx->P[i] = P[i] ^ data;
+    }
+
+    datal = 0x00000000;
+    datar = 0x00000000;
+
+    for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; i += 2 )
+    {
+        blowfish_enc( ctx, &datal, &datar );
+        ctx->P[i] = datal;
+        ctx->P[i + 1] = datar;
+    }
+
+    for( i = 0; i < 4; i++ )
+    {
+       for( j = 0; j < 256; j += 2 )
+       {
+            blowfish_enc( ctx, &datal, &datar );
+            ctx->S[i][j] = datal;
+            ctx->S[i][j + 1] = datar;
+        }
+    }
+    return( 0 );
+}
+
+/*
+ * Blowfish-ECB block encryption/decryption
+ */
+int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx,
+                    int mode,
+                    const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                    unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] )
+{
+    uint32_t X0, X1;
+
+    GET_UINT32_BE( X0, input,  0 );
+    GET_UINT32_BE( X1, input,  4 );
+
+    if( mode == MBEDTLS_BLOWFISH_DECRYPT )
+    {
+        blowfish_dec( ctx, &X0, &X1 );
+    }
+    else /* MBEDTLS_BLOWFISH_ENCRYPT */
+    {
+        blowfish_enc( ctx, &X0, &X1 );
+    }
+
+    PUT_UINT32_BE( X0, output,  0 );
+    PUT_UINT32_BE( X1, output,  4 );
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+/*
+ * Blowfish-CBC buffer encryption/decryption
+ */
+int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
+                    int mode,
+                    size_t length,
+                    unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                    const unsigned char *input,
+                    unsigned char *output )
+{
+    int i;
+    unsigned char temp[MBEDTLS_BLOWFISH_BLOCKSIZE];
+
+    if( length % MBEDTLS_BLOWFISH_BLOCKSIZE )
+        return( MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH );
+
+    if( mode == MBEDTLS_BLOWFISH_DECRYPT )
+    {
+        while( length > 0 )
+        {
+            memcpy( temp, input, MBEDTLS_BLOWFISH_BLOCKSIZE );
+            mbedtls_blowfish_crypt_ecb( ctx, mode, input, output );
+
+            for( i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE;i++ )
+                output[i] = (unsigned char)( output[i] ^ iv[i] );
+
+            memcpy( iv, temp, MBEDTLS_BLOWFISH_BLOCKSIZE );
+
+            input  += MBEDTLS_BLOWFISH_BLOCKSIZE;
+            output += MBEDTLS_BLOWFISH_BLOCKSIZE;
+            length -= MBEDTLS_BLOWFISH_BLOCKSIZE;
+        }
+    }
+    else
+    {
+        while( length > 0 )
+        {
+            for( i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE; i++ )
+                output[i] = (unsigned char)( input[i] ^ iv[i] );
+
+            mbedtls_blowfish_crypt_ecb( ctx, mode, output, output );
+            memcpy( iv, output, MBEDTLS_BLOWFISH_BLOCKSIZE );
+
+            input  += MBEDTLS_BLOWFISH_BLOCKSIZE;
+            output += MBEDTLS_BLOWFISH_BLOCKSIZE;
+            length -= MBEDTLS_BLOWFISH_BLOCKSIZE;
+        }
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+/*
+ * Blowfish CFB buffer encryption/decryption
+ */
+int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
+                       int mode,
+                       size_t length,
+                       size_t *iv_off,
+                       unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                       const unsigned char *input,
+                       unsigned char *output )
+{
+    int c;
+    size_t n = *iv_off;
+
+    if( mode == MBEDTLS_BLOWFISH_DECRYPT )
+    {
+        while( length-- )
+        {
+            if( n == 0 )
+                mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv );
+
+            c = *input++;
+            *output++ = (unsigned char)( c ^ iv[n] );
+            iv[n] = (unsigned char) c;
+
+            n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE;
+        }
+    }
+    else
+    {
+        while( length-- )
+        {
+            if( n == 0 )
+                mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv );
+
+            iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
+
+            n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE;
+        }
+    }
+
+    *iv_off = n;
+
+    return( 0 );
+}
+#endif /*MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+/*
+ * Blowfish CTR buffer encryption/decryption
+ */
+int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx,
+                       size_t length,
+                       size_t *nc_off,
+                       unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                       unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE],
+                       const unsigned char *input,
+                       unsigned char *output )
+{
+    int c, i;
+    size_t n = *nc_off;
+
+    while( length-- )
+    {
+        if( n == 0 ) {
+            mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, nonce_counter,
+                                stream_block );
+
+            for( i = MBEDTLS_BLOWFISH_BLOCKSIZE; i > 0; i-- )
+                if( ++nonce_counter[i - 1] != 0 )
+                    break;
+        }
+        c = *input++;
+        *output++ = (unsigned char)( c ^ stream_block[n] );
+
+        n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE;
+    }
+
+    *nc_off = n;
+
+    return( 0 );
+}
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+static const uint32_t S[4][256] = {
+    {   0xD1310BA6L, 0x98DFB5ACL, 0x2FFD72DBL, 0xD01ADFB7L,
+        0xB8E1AFEDL, 0x6A267E96L, 0xBA7C9045L, 0xF12C7F99L,
+        0x24A19947L, 0xB3916CF7L, 0x0801F2E2L, 0x858EFC16L,
+        0x636920D8L, 0x71574E69L, 0xA458FEA3L, 0xF4933D7EL,
+        0x0D95748FL, 0x728EB658L, 0x718BCD58L, 0x82154AEEL,
+        0x7B54A41DL, 0xC25A59B5L, 0x9C30D539L, 0x2AF26013L,
+        0xC5D1B023L, 0x286085F0L, 0xCA417918L, 0xB8DB38EFL,
+        0x8E79DCB0L, 0x603A180EL, 0x6C9E0E8BL, 0xB01E8A3EL,
+        0xD71577C1L, 0xBD314B27L, 0x78AF2FDAL, 0x55605C60L,
+        0xE65525F3L, 0xAA55AB94L, 0x57489862L, 0x63E81440L,
+        0x55CA396AL, 0x2AAB10B6L, 0xB4CC5C34L, 0x1141E8CEL,
+        0xA15486AFL, 0x7C72E993L, 0xB3EE1411L, 0x636FBC2AL,
+        0x2BA9C55DL, 0x741831F6L, 0xCE5C3E16L, 0x9B87931EL,
+        0xAFD6BA33L, 0x6C24CF5CL, 0x7A325381L, 0x28958677L,
+        0x3B8F4898L, 0x6B4BB9AFL, 0xC4BFE81BL, 0x66282193L,
+        0x61D809CCL, 0xFB21A991L, 0x487CAC60L, 0x5DEC8032L,
+        0xEF845D5DL, 0xE98575B1L, 0xDC262302L, 0xEB651B88L,
+        0x23893E81L, 0xD396ACC5L, 0x0F6D6FF3L, 0x83F44239L,
+        0x2E0B4482L, 0xA4842004L, 0x69C8F04AL, 0x9E1F9B5EL,
+        0x21C66842L, 0xF6E96C9AL, 0x670C9C61L, 0xABD388F0L,
+        0x6A51A0D2L, 0xD8542F68L, 0x960FA728L, 0xAB5133A3L,
+        0x6EEF0B6CL, 0x137A3BE4L, 0xBA3BF050L, 0x7EFB2A98L,
+        0xA1F1651DL, 0x39AF0176L, 0x66CA593EL, 0x82430E88L,
+        0x8CEE8619L, 0x456F9FB4L, 0x7D84A5C3L, 0x3B8B5EBEL,
+        0xE06F75D8L, 0x85C12073L, 0x401A449FL, 0x56C16AA6L,
+        0x4ED3AA62L, 0x363F7706L, 0x1BFEDF72L, 0x429B023DL,
+        0x37D0D724L, 0xD00A1248L, 0xDB0FEAD3L, 0x49F1C09BL,
+        0x075372C9L, 0x80991B7BL, 0x25D479D8L, 0xF6E8DEF7L,
+        0xE3FE501AL, 0xB6794C3BL, 0x976CE0BDL, 0x04C006BAL,
+        0xC1A94FB6L, 0x409F60C4L, 0x5E5C9EC2L, 0x196A2463L,
+        0x68FB6FAFL, 0x3E6C53B5L, 0x1339B2EBL, 0x3B52EC6FL,
+        0x6DFC511FL, 0x9B30952CL, 0xCC814544L, 0xAF5EBD09L,
+        0xBEE3D004L, 0xDE334AFDL, 0x660F2807L, 0x192E4BB3L,
+        0xC0CBA857L, 0x45C8740FL, 0xD20B5F39L, 0xB9D3FBDBL,
+        0x5579C0BDL, 0x1A60320AL, 0xD6A100C6L, 0x402C7279L,
+        0x679F25FEL, 0xFB1FA3CCL, 0x8EA5E9F8L, 0xDB3222F8L,
+        0x3C7516DFL, 0xFD616B15L, 0x2F501EC8L, 0xAD0552ABL,
+        0x323DB5FAL, 0xFD238760L, 0x53317B48L, 0x3E00DF82L,
+        0x9E5C57BBL, 0xCA6F8CA0L, 0x1A87562EL, 0xDF1769DBL,
+        0xD542A8F6L, 0x287EFFC3L, 0xAC6732C6L, 0x8C4F5573L,
+        0x695B27B0L, 0xBBCA58C8L, 0xE1FFA35DL, 0xB8F011A0L,
+        0x10FA3D98L, 0xFD2183B8L, 0x4AFCB56CL, 0x2DD1D35BL,
+        0x9A53E479L, 0xB6F84565L, 0xD28E49BCL, 0x4BFB9790L,
+        0xE1DDF2DAL, 0xA4CB7E33L, 0x62FB1341L, 0xCEE4C6E8L,
+        0xEF20CADAL, 0x36774C01L, 0xD07E9EFEL, 0x2BF11FB4L,
+        0x95DBDA4DL, 0xAE909198L, 0xEAAD8E71L, 0x6B93D5A0L,
+        0xD08ED1D0L, 0xAFC725E0L, 0x8E3C5B2FL, 0x8E7594B7L,
+        0x8FF6E2FBL, 0xF2122B64L, 0x8888B812L, 0x900DF01CL,
+        0x4FAD5EA0L, 0x688FC31CL, 0xD1CFF191L, 0xB3A8C1ADL,
+        0x2F2F2218L, 0xBE0E1777L, 0xEA752DFEL, 0x8B021FA1L,
+        0xE5A0CC0FL, 0xB56F74E8L, 0x18ACF3D6L, 0xCE89E299L,
+        0xB4A84FE0L, 0xFD13E0B7L, 0x7CC43B81L, 0xD2ADA8D9L,
+        0x165FA266L, 0x80957705L, 0x93CC7314L, 0x211A1477L,
+        0xE6AD2065L, 0x77B5FA86L, 0xC75442F5L, 0xFB9D35CFL,
+        0xEBCDAF0CL, 0x7B3E89A0L, 0xD6411BD3L, 0xAE1E7E49L,
+        0x00250E2DL, 0x2071B35EL, 0x226800BBL, 0x57B8E0AFL,
+        0x2464369BL, 0xF009B91EL, 0x5563911DL, 0x59DFA6AAL,
+        0x78C14389L, 0xD95A537FL, 0x207D5BA2L, 0x02E5B9C5L,
+        0x83260376L, 0x6295CFA9L, 0x11C81968L, 0x4E734A41L,
+        0xB3472DCAL, 0x7B14A94AL, 0x1B510052L, 0x9A532915L,
+        0xD60F573FL, 0xBC9BC6E4L, 0x2B60A476L, 0x81E67400L,
+        0x08BA6FB5L, 0x571BE91FL, 0xF296EC6BL, 0x2A0DD915L,
+        0xB6636521L, 0xE7B9F9B6L, 0xFF34052EL, 0xC5855664L,
+        0x53B02D5DL, 0xA99F8FA1L, 0x08BA4799L, 0x6E85076AL   },
+    {   0x4B7A70E9L, 0xB5B32944L, 0xDB75092EL, 0xC4192623L,
+        0xAD6EA6B0L, 0x49A7DF7DL, 0x9CEE60B8L, 0x8FEDB266L,
+        0xECAA8C71L, 0x699A17FFL, 0x5664526CL, 0xC2B19EE1L,
+        0x193602A5L, 0x75094C29L, 0xA0591340L, 0xE4183A3EL,
+        0x3F54989AL, 0x5B429D65L, 0x6B8FE4D6L, 0x99F73FD6L,
+        0xA1D29C07L, 0xEFE830F5L, 0x4D2D38E6L, 0xF0255DC1L,
+        0x4CDD2086L, 0x8470EB26L, 0x6382E9C6L, 0x021ECC5EL,
+        0x09686B3FL, 0x3EBAEFC9L, 0x3C971814L, 0x6B6A70A1L,
+        0x687F3584L, 0x52A0E286L, 0xB79C5305L, 0xAA500737L,
+        0x3E07841CL, 0x7FDEAE5CL, 0x8E7D44ECL, 0x5716F2B8L,
+        0xB03ADA37L, 0xF0500C0DL, 0xF01C1F04L, 0x0200B3FFL,
+        0xAE0CF51AL, 0x3CB574B2L, 0x25837A58L, 0xDC0921BDL,
+        0xD19113F9L, 0x7CA92FF6L, 0x94324773L, 0x22F54701L,
+        0x3AE5E581L, 0x37C2DADCL, 0xC8B57634L, 0x9AF3DDA7L,
+        0xA9446146L, 0x0FD0030EL, 0xECC8C73EL, 0xA4751E41L,
+        0xE238CD99L, 0x3BEA0E2FL, 0x3280BBA1L, 0x183EB331L,
+        0x4E548B38L, 0x4F6DB908L, 0x6F420D03L, 0xF60A04BFL,
+        0x2CB81290L, 0x24977C79L, 0x5679B072L, 0xBCAF89AFL,
+        0xDE9A771FL, 0xD9930810L, 0xB38BAE12L, 0xDCCF3F2EL,
+        0x5512721FL, 0x2E6B7124L, 0x501ADDE6L, 0x9F84CD87L,
+        0x7A584718L, 0x7408DA17L, 0xBC9F9ABCL, 0xE94B7D8CL,
+        0xEC7AEC3AL, 0xDB851DFAL, 0x63094366L, 0xC464C3D2L,
+        0xEF1C1847L, 0x3215D908L, 0xDD433B37L, 0x24C2BA16L,
+        0x12A14D43L, 0x2A65C451L, 0x50940002L, 0x133AE4DDL,
+        0x71DFF89EL, 0x10314E55L, 0x81AC77D6L, 0x5F11199BL,
+        0x043556F1L, 0xD7A3C76BL, 0x3C11183BL, 0x5924A509L,
+        0xF28FE6EDL, 0x97F1FBFAL, 0x9EBABF2CL, 0x1E153C6EL,
+        0x86E34570L, 0xEAE96FB1L, 0x860E5E0AL, 0x5A3E2AB3L,
+        0x771FE71CL, 0x4E3D06FAL, 0x2965DCB9L, 0x99E71D0FL,
+        0x803E89D6L, 0x5266C825L, 0x2E4CC978L, 0x9C10B36AL,
+        0xC6150EBAL, 0x94E2EA78L, 0xA5FC3C53L, 0x1E0A2DF4L,
+        0xF2F74EA7L, 0x361D2B3DL, 0x1939260FL, 0x19C27960L,
+        0x5223A708L, 0xF71312B6L, 0xEBADFE6EL, 0xEAC31F66L,
+        0xE3BC4595L, 0xA67BC883L, 0xB17F37D1L, 0x018CFF28L,
+        0xC332DDEFL, 0xBE6C5AA5L, 0x65582185L, 0x68AB9802L,
+        0xEECEA50FL, 0xDB2F953BL, 0x2AEF7DADL, 0x5B6E2F84L,
+        0x1521B628L, 0x29076170L, 0xECDD4775L, 0x619F1510L,
+        0x13CCA830L, 0xEB61BD96L, 0x0334FE1EL, 0xAA0363CFL,
+        0xB5735C90L, 0x4C70A239L, 0xD59E9E0BL, 0xCBAADE14L,
+        0xEECC86BCL, 0x60622CA7L, 0x9CAB5CABL, 0xB2F3846EL,
+        0x648B1EAFL, 0x19BDF0CAL, 0xA02369B9L, 0x655ABB50L,
+        0x40685A32L, 0x3C2AB4B3L, 0x319EE9D5L, 0xC021B8F7L,
+        0x9B540B19L, 0x875FA099L, 0x95F7997EL, 0x623D7DA8L,
+        0xF837889AL, 0x97E32D77L, 0x11ED935FL, 0x16681281L,
+        0x0E358829L, 0xC7E61FD6L, 0x96DEDFA1L, 0x7858BA99L,
+        0x57F584A5L, 0x1B227263L, 0x9B83C3FFL, 0x1AC24696L,
+        0xCDB30AEBL, 0x532E3054L, 0x8FD948E4L, 0x6DBC3128L,
+        0x58EBF2EFL, 0x34C6FFEAL, 0xFE28ED61L, 0xEE7C3C73L,
+        0x5D4A14D9L, 0xE864B7E3L, 0x42105D14L, 0x203E13E0L,
+        0x45EEE2B6L, 0xA3AAABEAL, 0xDB6C4F15L, 0xFACB4FD0L,
+        0xC742F442L, 0xEF6ABBB5L, 0x654F3B1DL, 0x41CD2105L,
+        0xD81E799EL, 0x86854DC7L, 0xE44B476AL, 0x3D816250L,
+        0xCF62A1F2L, 0x5B8D2646L, 0xFC8883A0L, 0xC1C7B6A3L,
+        0x7F1524C3L, 0x69CB7492L, 0x47848A0BL, 0x5692B285L,
+        0x095BBF00L, 0xAD19489DL, 0x1462B174L, 0x23820E00L,
+        0x58428D2AL, 0x0C55F5EAL, 0x1DADF43EL, 0x233F7061L,
+        0x3372F092L, 0x8D937E41L, 0xD65FECF1L, 0x6C223BDBL,
+        0x7CDE3759L, 0xCBEE7460L, 0x4085F2A7L, 0xCE77326EL,
+        0xA6078084L, 0x19F8509EL, 0xE8EFD855L, 0x61D99735L,
+        0xA969A7AAL, 0xC50C06C2L, 0x5A04ABFCL, 0x800BCADCL,
+        0x9E447A2EL, 0xC3453484L, 0xFDD56705L, 0x0E1E9EC9L,
+        0xDB73DBD3L, 0x105588CDL, 0x675FDA79L, 0xE3674340L,
+        0xC5C43465L, 0x713E38D8L, 0x3D28F89EL, 0xF16DFF20L,
+        0x153E21E7L, 0x8FB03D4AL, 0xE6E39F2BL, 0xDB83ADF7L   },
+    {   0xE93D5A68L, 0x948140F7L, 0xF64C261CL, 0x94692934L,
+        0x411520F7L, 0x7602D4F7L, 0xBCF46B2EL, 0xD4A20068L,
+        0xD4082471L, 0x3320F46AL, 0x43B7D4B7L, 0x500061AFL,
+        0x1E39F62EL, 0x97244546L, 0x14214F74L, 0xBF8B8840L,
+        0x4D95FC1DL, 0x96B591AFL, 0x70F4DDD3L, 0x66A02F45L,
+        0xBFBC09ECL, 0x03BD9785L, 0x7FAC6DD0L, 0x31CB8504L,
+        0x96EB27B3L, 0x55FD3941L, 0xDA2547E6L, 0xABCA0A9AL,
+        0x28507825L, 0x530429F4L, 0x0A2C86DAL, 0xE9B66DFBL,
+        0x68DC1462L, 0xD7486900L, 0x680EC0A4L, 0x27A18DEEL,
+        0x4F3FFEA2L, 0xE887AD8CL, 0xB58CE006L, 0x7AF4D6B6L,
+        0xAACE1E7CL, 0xD3375FECL, 0xCE78A399L, 0x406B2A42L,
+        0x20FE9E35L, 0xD9F385B9L, 0xEE39D7ABL, 0x3B124E8BL,
+        0x1DC9FAF7L, 0x4B6D1856L, 0x26A36631L, 0xEAE397B2L,
+        0x3A6EFA74L, 0xDD5B4332L, 0x6841E7F7L, 0xCA7820FBL,
+        0xFB0AF54EL, 0xD8FEB397L, 0x454056ACL, 0xBA489527L,
+        0x55533A3AL, 0x20838D87L, 0xFE6BA9B7L, 0xD096954BL,
+        0x55A867BCL, 0xA1159A58L, 0xCCA92963L, 0x99E1DB33L,
+        0xA62A4A56L, 0x3F3125F9L, 0x5EF47E1CL, 0x9029317CL,
+        0xFDF8E802L, 0x04272F70L, 0x80BB155CL, 0x05282CE3L,
+        0x95C11548L, 0xE4C66D22L, 0x48C1133FL, 0xC70F86DCL,
+        0x07F9C9EEL, 0x41041F0FL, 0x404779A4L, 0x5D886E17L,
+        0x325F51EBL, 0xD59BC0D1L, 0xF2BCC18FL, 0x41113564L,
+        0x257B7834L, 0x602A9C60L, 0xDFF8E8A3L, 0x1F636C1BL,
+        0x0E12B4C2L, 0x02E1329EL, 0xAF664FD1L, 0xCAD18115L,
+        0x6B2395E0L, 0x333E92E1L, 0x3B240B62L, 0xEEBEB922L,
+        0x85B2A20EL, 0xE6BA0D99L, 0xDE720C8CL, 0x2DA2F728L,
+        0xD0127845L, 0x95B794FDL, 0x647D0862L, 0xE7CCF5F0L,
+        0x5449A36FL, 0x877D48FAL, 0xC39DFD27L, 0xF33E8D1EL,
+        0x0A476341L, 0x992EFF74L, 0x3A6F6EABL, 0xF4F8FD37L,
+        0xA812DC60L, 0xA1EBDDF8L, 0x991BE14CL, 0xDB6E6B0DL,
+        0xC67B5510L, 0x6D672C37L, 0x2765D43BL, 0xDCD0E804L,
+        0xF1290DC7L, 0xCC00FFA3L, 0xB5390F92L, 0x690FED0BL,
+        0x667B9FFBL, 0xCEDB7D9CL, 0xA091CF0BL, 0xD9155EA3L,
+        0xBB132F88L, 0x515BAD24L, 0x7B9479BFL, 0x763BD6EBL,
+        0x37392EB3L, 0xCC115979L, 0x8026E297L, 0xF42E312DL,
+        0x6842ADA7L, 0xC66A2B3BL, 0x12754CCCL, 0x782EF11CL,
+        0x6A124237L, 0xB79251E7L, 0x06A1BBE6L, 0x4BFB6350L,
+        0x1A6B1018L, 0x11CAEDFAL, 0x3D25BDD8L, 0xE2E1C3C9L,
+        0x44421659L, 0x0A121386L, 0xD90CEC6EL, 0xD5ABEA2AL,
+        0x64AF674EL, 0xDA86A85FL, 0xBEBFE988L, 0x64E4C3FEL,
+        0x9DBC8057L, 0xF0F7C086L, 0x60787BF8L, 0x6003604DL,
+        0xD1FD8346L, 0xF6381FB0L, 0x7745AE04L, 0xD736FCCCL,
+        0x83426B33L, 0xF01EAB71L, 0xB0804187L, 0x3C005E5FL,
+        0x77A057BEL, 0xBDE8AE24L, 0x55464299L, 0xBF582E61L,
+        0x4E58F48FL, 0xF2DDFDA2L, 0xF474EF38L, 0x8789BDC2L,
+        0x5366F9C3L, 0xC8B38E74L, 0xB475F255L, 0x46FCD9B9L,
+        0x7AEB2661L, 0x8B1DDF84L, 0x846A0E79L, 0x915F95E2L,
+        0x466E598EL, 0x20B45770L, 0x8CD55591L, 0xC902DE4CL,
+        0xB90BACE1L, 0xBB8205D0L, 0x11A86248L, 0x7574A99EL,
+        0xB77F19B6L, 0xE0A9DC09L, 0x662D09A1L, 0xC4324633L,
+        0xE85A1F02L, 0x09F0BE8CL, 0x4A99A025L, 0x1D6EFE10L,
+        0x1AB93D1DL, 0x0BA5A4DFL, 0xA186F20FL, 0x2868F169L,
+        0xDCB7DA83L, 0x573906FEL, 0xA1E2CE9BL, 0x4FCD7F52L,
+        0x50115E01L, 0xA70683FAL, 0xA002B5C4L, 0x0DE6D027L,
+        0x9AF88C27L, 0x773F8641L, 0xC3604C06L, 0x61A806B5L,
+        0xF0177A28L, 0xC0F586E0L, 0x006058AAL, 0x30DC7D62L,
+        0x11E69ED7L, 0x2338EA63L, 0x53C2DD94L, 0xC2C21634L,
+        0xBBCBEE56L, 0x90BCB6DEL, 0xEBFC7DA1L, 0xCE591D76L,
+        0x6F05E409L, 0x4B7C0188L, 0x39720A3DL, 0x7C927C24L,
+        0x86E3725FL, 0x724D9DB9L, 0x1AC15BB4L, 0xD39EB8FCL,
+        0xED545578L, 0x08FCA5B5L, 0xD83D7CD3L, 0x4DAD0FC4L,
+        0x1E50EF5EL, 0xB161E6F8L, 0xA28514D9L, 0x6C51133CL,
+        0x6FD5C7E7L, 0x56E14EC4L, 0x362ABFCEL, 0xDDC6C837L,
+        0xD79A3234L, 0x92638212L, 0x670EFA8EL, 0x406000E0L  },
+    {   0x3A39CE37L, 0xD3FAF5CFL, 0xABC27737L, 0x5AC52D1BL,
+        0x5CB0679EL, 0x4FA33742L, 0xD3822740L, 0x99BC9BBEL,
+        0xD5118E9DL, 0xBF0F7315L, 0xD62D1C7EL, 0xC700C47BL,
+        0xB78C1B6BL, 0x21A19045L, 0xB26EB1BEL, 0x6A366EB4L,
+        0x5748AB2FL, 0xBC946E79L, 0xC6A376D2L, 0x6549C2C8L,
+        0x530FF8EEL, 0x468DDE7DL, 0xD5730A1DL, 0x4CD04DC6L,
+        0x2939BBDBL, 0xA9BA4650L, 0xAC9526E8L, 0xBE5EE304L,
+        0xA1FAD5F0L, 0x6A2D519AL, 0x63EF8CE2L, 0x9A86EE22L,
+        0xC089C2B8L, 0x43242EF6L, 0xA51E03AAL, 0x9CF2D0A4L,
+        0x83C061BAL, 0x9BE96A4DL, 0x8FE51550L, 0xBA645BD6L,
+        0x2826A2F9L, 0xA73A3AE1L, 0x4BA99586L, 0xEF5562E9L,
+        0xC72FEFD3L, 0xF752F7DAL, 0x3F046F69L, 0x77FA0A59L,
+        0x80E4A915L, 0x87B08601L, 0x9B09E6ADL, 0x3B3EE593L,
+        0xE990FD5AL, 0x9E34D797L, 0x2CF0B7D9L, 0x022B8B51L,
+        0x96D5AC3AL, 0x017DA67DL, 0xD1CF3ED6L, 0x7C7D2D28L,
+        0x1F9F25CFL, 0xADF2B89BL, 0x5AD6B472L, 0x5A88F54CL,
+        0xE029AC71L, 0xE019A5E6L, 0x47B0ACFDL, 0xED93FA9BL,
+        0xE8D3C48DL, 0x283B57CCL, 0xF8D56629L, 0x79132E28L,
+        0x785F0191L, 0xED756055L, 0xF7960E44L, 0xE3D35E8CL,
+        0x15056DD4L, 0x88F46DBAL, 0x03A16125L, 0x0564F0BDL,
+        0xC3EB9E15L, 0x3C9057A2L, 0x97271AECL, 0xA93A072AL,
+        0x1B3F6D9BL, 0x1E6321F5L, 0xF59C66FBL, 0x26DCF319L,
+        0x7533D928L, 0xB155FDF5L, 0x03563482L, 0x8ABA3CBBL,
+        0x28517711L, 0xC20AD9F8L, 0xABCC5167L, 0xCCAD925FL,
+        0x4DE81751L, 0x3830DC8EL, 0x379D5862L, 0x9320F991L,
+        0xEA7A90C2L, 0xFB3E7BCEL, 0x5121CE64L, 0x774FBE32L,
+        0xA8B6E37EL, 0xC3293D46L, 0x48DE5369L, 0x6413E680L,
+        0xA2AE0810L, 0xDD6DB224L, 0x69852DFDL, 0x09072166L,
+        0xB39A460AL, 0x6445C0DDL, 0x586CDECFL, 0x1C20C8AEL,
+        0x5BBEF7DDL, 0x1B588D40L, 0xCCD2017FL, 0x6BB4E3BBL,
+        0xDDA26A7EL, 0x3A59FF45L, 0x3E350A44L, 0xBCB4CDD5L,
+        0x72EACEA8L, 0xFA6484BBL, 0x8D6612AEL, 0xBF3C6F47L,
+        0xD29BE463L, 0x542F5D9EL, 0xAEC2771BL, 0xF64E6370L,
+        0x740E0D8DL, 0xE75B1357L, 0xF8721671L, 0xAF537D5DL,
+        0x4040CB08L, 0x4EB4E2CCL, 0x34D2466AL, 0x0115AF84L,
+        0xE1B00428L, 0x95983A1DL, 0x06B89FB4L, 0xCE6EA048L,
+        0x6F3F3B82L, 0x3520AB82L, 0x011A1D4BL, 0x277227F8L,
+        0x611560B1L, 0xE7933FDCL, 0xBB3A792BL, 0x344525BDL,
+        0xA08839E1L, 0x51CE794BL, 0x2F32C9B7L, 0xA01FBAC9L,
+        0xE01CC87EL, 0xBCC7D1F6L, 0xCF0111C3L, 0xA1E8AAC7L,
+        0x1A908749L, 0xD44FBD9AL, 0xD0DADECBL, 0xD50ADA38L,
+        0x0339C32AL, 0xC6913667L, 0x8DF9317CL, 0xE0B12B4FL,
+        0xF79E59B7L, 0x43F5BB3AL, 0xF2D519FFL, 0x27D9459CL,
+        0xBF97222CL, 0x15E6FC2AL, 0x0F91FC71L, 0x9B941525L,
+        0xFAE59361L, 0xCEB69CEBL, 0xC2A86459L, 0x12BAA8D1L,
+        0xB6C1075EL, 0xE3056A0CL, 0x10D25065L, 0xCB03A442L,
+        0xE0EC6E0EL, 0x1698DB3BL, 0x4C98A0BEL, 0x3278E964L,
+        0x9F1F9532L, 0xE0D392DFL, 0xD3A0342BL, 0x8971F21EL,
+        0x1B0A7441L, 0x4BA3348CL, 0xC5BE7120L, 0xC37632D8L,
+        0xDF359F8DL, 0x9B992F2EL, 0xE60B6F47L, 0x0FE3F11DL,
+        0xE54CDA54L, 0x1EDAD891L, 0xCE6279CFL, 0xCD3E7E6FL,
+        0x1618B166L, 0xFD2C1D05L, 0x848FD2C5L, 0xF6FB2299L,
+        0xF523F357L, 0xA6327623L, 0x93A83531L, 0x56CCCD02L,
+        0xACF08162L, 0x5A75EBB5L, 0x6E163697L, 0x88D273CCL,
+        0xDE966292L, 0x81B949D0L, 0x4C50901BL, 0x71C65614L,
+        0xE6C6C7BDL, 0x327A140AL, 0x45E1D006L, 0xC3F27B9AL,
+        0xC9AA53FDL, 0x62A80F00L, 0xBB25BFE2L, 0x35BDD2F6L,
+        0x71126905L, 0xB2040222L, 0xB6CBCF7CL, 0xCD769C2BL,
+        0x53113EC0L, 0x1640E3D3L, 0x38ABBD60L, 0x2547ADF0L,
+        0xBA38209CL, 0xF746CE76L, 0x77AFA1C5L, 0x20756060L,
+        0x85CBFE4EL, 0x8AE88DD8L, 0x7AAAF9B0L, 0x4CF9AA7EL,
+        0x1948C25CL, 0x02FB8A8CL, 0x01C36AE4L, 0xD6EBE1F9L,
+        0x90D4F869L, 0xA65CDEA0L, 0x3F09252DL, 0xC208E69FL,
+        0xB74E6132L, 0xCE77E25BL, 0x578FDFE3L, 0x3AC372E6L  }
+};
+
+#endif /* !MBEDTLS_BLOWFISH_ALT */
+#endif /* MBEDTLS_BLOWFISH_C */
diff --git a/thirdparty/mbedtls/library/camellia.c b/thirdparty/mbedtls/library/camellia.c
new file mode 100644
index 0000000000..ac6f96a83a
--- /dev/null
+++ b/thirdparty/mbedtls/library/camellia.c
@@ -0,0 +1,1072 @@
+/*
+ *  Camellia implementation
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ *  The Camellia block cipher was designed by NTT and Mitsubishi Electric
+ *  Corporation.
+ *
+ *  http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/01espec.pdf
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_CAMELLIA_C)
+
+#include "mbedtls/camellia.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_SELF_TEST)
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif /* MBEDTLS_PLATFORM_C */
+#endif /* MBEDTLS_SELF_TEST */
+
+#if !defined(MBEDTLS_CAMELLIA_ALT)
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
+}
+
+/*
+ * 32-bit integer manipulation macros (big endian)
+ */
+#ifndef GET_UINT32_BE
+#define GET_UINT32_BE(n,b,i)                            \
+{                                                       \
+    (n) = ( (uint32_t) (b)[(i)    ] << 24 )             \
+        | ( (uint32_t) (b)[(i) + 1] << 16 )             \
+        | ( (uint32_t) (b)[(i) + 2] <<  8 )             \
+        | ( (uint32_t) (b)[(i) + 3]       );            \
+}
+#endif
+
+#ifndef PUT_UINT32_BE
+#define PUT_UINT32_BE(n,b,i)                            \
+{                                                       \
+    (b)[(i)    ] = (unsigned char) ( (n) >> 24 );       \
+    (b)[(i) + 1] = (unsigned char) ( (n) >> 16 );       \
+    (b)[(i) + 2] = (unsigned char) ( (n) >>  8 );       \
+    (b)[(i) + 3] = (unsigned char) ( (n)       );       \
+}
+#endif
+
+static const unsigned char SIGMA_CHARS[6][8] =
+{
+    { 0xa0, 0x9e, 0x66, 0x7f, 0x3b, 0xcc, 0x90, 0x8b },
+    { 0xb6, 0x7a, 0xe8, 0x58, 0x4c, 0xaa, 0x73, 0xb2 },
+    { 0xc6, 0xef, 0x37, 0x2f, 0xe9, 0x4f, 0x82, 0xbe },
+    { 0x54, 0xff, 0x53, 0xa5, 0xf1, 0xd3, 0x6f, 0x1c },
+    { 0x10, 0xe5, 0x27, 0xfa, 0xde, 0x68, 0x2d, 0x1d },
+    { 0xb0, 0x56, 0x88, 0xc2, 0xb3, 0xe6, 0xc1, 0xfd }
+};
+
+#if defined(MBEDTLS_CAMELLIA_SMALL_MEMORY)
+
+static const unsigned char FSb[256] =
+{
+    112,130, 44,236,179, 39,192,229,228,133, 87, 53,234, 12,174, 65,
+     35,239,107,147, 69, 25,165, 33,237, 14, 79, 78, 29,101,146,189,
+    134,184,175,143,124,235, 31,206, 62, 48,220, 95, 94,197, 11, 26,
+    166,225, 57,202,213, 71, 93, 61,217,  1, 90,214, 81, 86,108, 77,
+    139, 13,154,102,251,204,176, 45,116, 18, 43, 32,240,177,132,153,
+    223, 76,203,194, 52,126,118,  5,109,183,169, 49,209, 23,  4,215,
+     20, 88, 58, 97,222, 27, 17, 28, 50, 15,156, 22, 83, 24,242, 34,
+    254, 68,207,178,195,181,122,145, 36,  8,232,168, 96,252,105, 80,
+    170,208,160,125,161,137, 98,151, 84, 91, 30,149,224,255,100,210,
+     16,196,  0, 72,163,247,117,219,138,  3,230,218,  9, 63,221,148,
+    135, 92,131,  2,205, 74,144, 51,115,103,246,243,157,127,191,226,
+     82,155,216, 38,200, 55,198, 59,129,150,111, 75, 19,190, 99, 46,
+    233,121,167,140,159,110,188,142, 41,245,249,182, 47,253,180, 89,
+    120,152,  6,106,231, 70,113,186,212, 37,171, 66,136,162,141,250,
+    114,  7,185, 85,248,238,172, 10, 54, 73, 42,104, 60, 56,241,164,
+     64, 40,211,123,187,201, 67,193, 21,227,173,244,119,199,128,158
+};
+
+#define SBOX1(n) FSb[(n)]
+#define SBOX2(n) (unsigned char)((FSb[(n)] >> 7 ^ FSb[(n)] << 1) & 0xff)
+#define SBOX3(n) (unsigned char)((FSb[(n)] >> 1 ^ FSb[(n)] << 7) & 0xff)
+#define SBOX4(n) FSb[((n) << 1 ^ (n) >> 7) &0xff]
+
+#else /* MBEDTLS_CAMELLIA_SMALL_MEMORY */
+
+static const unsigned char FSb[256] =
+{
+ 112, 130,  44, 236, 179,  39, 192, 229, 228, 133,  87,  53, 234,  12, 174,  65,
+  35, 239, 107, 147,  69,  25, 165,  33, 237,  14,  79,  78,  29, 101, 146, 189,
+ 134, 184, 175, 143, 124, 235,  31, 206,  62,  48, 220,  95,  94, 197,  11,  26,
+ 166, 225,  57, 202, 213,  71,  93,  61, 217,   1,  90, 214,  81,  86, 108,  77,
+ 139,  13, 154, 102, 251, 204, 176,  45, 116,  18,  43,  32, 240, 177, 132, 153,
+ 223,  76, 203, 194,  52, 126, 118,   5, 109, 183, 169,  49, 209,  23,   4, 215,
+  20,  88,  58,  97, 222,  27,  17,  28,  50,  15, 156,  22,  83,  24, 242,  34,
+ 254,  68, 207, 178, 195, 181, 122, 145,  36,   8, 232, 168,  96, 252, 105,  80,
+ 170, 208, 160, 125, 161, 137,  98, 151,  84,  91,  30, 149, 224, 255, 100, 210,
+  16, 196,   0,  72, 163, 247, 117, 219, 138,   3, 230, 218,   9,  63, 221, 148,
+ 135,  92, 131,   2, 205,  74, 144,  51, 115, 103, 246, 243, 157, 127, 191, 226,
+  82, 155, 216,  38, 200,  55, 198,  59, 129, 150, 111,  75,  19, 190,  99,  46,
+ 233, 121, 167, 140, 159, 110, 188, 142,  41, 245, 249, 182,  47, 253, 180,  89,
+ 120, 152,   6, 106, 231,  70, 113, 186, 212,  37, 171,  66, 136, 162, 141, 250,
+ 114,   7, 185,  85, 248, 238, 172,  10,  54,  73,  42, 104,  60,  56, 241, 164,
+ 64,  40, 211, 123, 187, 201,  67, 193,  21, 227, 173, 244, 119, 199, 128, 158
+};
+
+static const unsigned char FSb2[256] =
+{
+ 224,   5,  88, 217, 103,  78, 129, 203, 201,  11, 174, 106, 213,  24,  93, 130,
+  70, 223, 214,  39, 138,  50,  75,  66, 219,  28, 158, 156,  58, 202,  37, 123,
+  13, 113,  95,  31, 248, 215,  62, 157, 124,  96, 185, 190, 188, 139,  22,  52,
+  77, 195, 114, 149, 171, 142, 186, 122, 179,   2, 180, 173, 162, 172, 216, 154,
+  23,  26,  53, 204, 247, 153,  97,  90, 232,  36,  86,  64, 225,  99,   9,  51,
+ 191, 152, 151, 133, 104, 252, 236,  10, 218, 111,  83,  98, 163,  46,   8, 175,
+  40, 176, 116, 194, 189,  54,  34,  56, 100,  30,  57,  44, 166,  48, 229,  68,
+ 253, 136, 159, 101, 135, 107, 244,  35,  72,  16, 209,  81, 192, 249, 210, 160,
+  85, 161,  65, 250,  67,  19, 196,  47, 168, 182,  60,  43, 193, 255, 200, 165,
+  32, 137,   0, 144,  71, 239, 234, 183,  21,   6, 205, 181,  18, 126, 187,  41,
+  15, 184,   7,   4, 155, 148,  33, 102, 230, 206, 237, 231,  59, 254, 127, 197,
+ 164,  55, 177,  76, 145, 110, 141, 118,   3,  45, 222, 150,  38, 125, 198,  92,
+ 211, 242,  79,  25,  63, 220, 121,  29,  82, 235, 243, 109,  94, 251, 105, 178,
+ 240,  49,  12, 212, 207, 140, 226, 117, 169,  74,  87, 132,  17,  69,  27, 245,
+ 228,  14, 115, 170, 241, 221,  89,  20, 108, 146,  84, 208, 120, 112, 227,  73,
+ 128,  80, 167, 246, 119, 147, 134, 131,  42, 199,  91, 233, 238, 143,   1,  61
+};
+
+static const unsigned char FSb3[256] =
+{
+  56,  65,  22, 118, 217, 147,  96, 242, 114, 194, 171, 154, 117,   6,  87, 160,
+ 145, 247, 181, 201, 162, 140, 210, 144, 246,   7, 167,  39, 142, 178,  73, 222,
+  67,  92, 215, 199,  62, 245, 143, 103,  31,  24, 110, 175,  47, 226, 133,  13,
+  83, 240, 156, 101, 234, 163, 174, 158, 236, 128,  45, 107, 168,  43,  54, 166,
+ 197, 134,  77,  51, 253, 102,  88, 150,  58,   9, 149,  16, 120, 216,  66, 204,
+ 239,  38, 229,  97,  26,  63,  59, 130, 182, 219, 212, 152, 232, 139,   2, 235,
+  10,  44,  29, 176, 111, 141, 136,  14,  25, 135,  78,  11, 169,  12, 121,  17,
+ 127,  34, 231,  89, 225, 218,  61, 200,  18,   4, 116,  84,  48, 126, 180,  40,
+  85, 104,  80, 190, 208, 196,  49, 203,  42, 173,  15, 202, 112, 255,  50, 105,
+   8,  98,   0,  36, 209, 251, 186, 237,  69, 129, 115, 109, 132, 159, 238,  74,
+ 195,  46, 193,   1, 230,  37,  72, 153, 185, 179, 123, 249, 206, 191, 223, 113,
+  41, 205, 108,  19, 100, 155,  99, 157, 192,  75, 183, 165, 137,  95, 177,  23,
+ 244, 188, 211,  70, 207,  55,  94,  71, 148, 250, 252,  91, 151, 254,  90, 172,
+  60,  76,   3,  53, 243,  35, 184,  93, 106, 146, 213,  33,  68,  81, 198, 125,
+  57, 131, 220, 170, 124, 119,  86,   5,  27, 164,  21,  52,  30,  28, 248,  82,
+  32,  20, 233, 189, 221, 228, 161, 224, 138, 241, 214, 122, 187, 227,  64,  79
+};
+
+static const unsigned char FSb4[256] =
+{
+ 112,  44, 179, 192, 228,  87, 234, 174,  35, 107,  69, 165, 237,  79,  29, 146,
+ 134, 175, 124,  31,  62, 220,  94,  11, 166,  57, 213,  93, 217,  90,  81, 108,
+ 139, 154, 251, 176, 116,  43, 240, 132, 223, 203,  52, 118, 109, 169, 209,   4,
+  20,  58, 222,  17,  50, 156,  83, 242, 254, 207, 195, 122,  36, 232,  96, 105,
+ 170, 160, 161,  98,  84,  30, 224, 100,  16,   0, 163, 117, 138, 230,   9, 221,
+ 135, 131, 205, 144, 115, 246, 157, 191,  82, 216, 200, 198, 129, 111,  19,  99,
+ 233, 167, 159, 188,  41, 249,  47, 180, 120,   6, 231, 113, 212, 171, 136, 141,
+ 114, 185, 248, 172,  54,  42,  60, 241,  64, 211, 187,  67,  21, 173, 119, 128,
+ 130, 236,  39, 229, 133,  53,  12,  65, 239, 147,  25,  33,  14,  78, 101, 189,
+ 184, 143, 235, 206,  48,  95, 197,  26, 225, 202,  71,  61,   1, 214,  86,  77,
+  13, 102, 204,  45,  18,  32, 177, 153,  76, 194, 126,   5, 183,  49,  23, 215,
+  88,  97,  27,  28,  15,  22,  24,  34,  68, 178, 181, 145,   8, 168, 252,  80,
+ 208, 125, 137, 151,  91, 149, 255, 210, 196,  72, 247, 219,   3, 218,  63, 148,
+  92,   2,  74,  51, 103, 243, 127, 226, 155,  38,  55,  59, 150,  75, 190,  46,
+ 121, 140, 110, 142, 245, 182, 253,  89, 152, 106,  70, 186,  37,  66, 162, 250,
+  7,  85, 238,  10,  73, 104,  56, 164,  40, 123, 201, 193, 227, 244, 199, 158
+};
+
+#define SBOX1(n) FSb[(n)]
+#define SBOX2(n) FSb2[(n)]
+#define SBOX3(n) FSb3[(n)]
+#define SBOX4(n) FSb4[(n)]
+
+#endif /* MBEDTLS_CAMELLIA_SMALL_MEMORY */
+
+static const unsigned char shifts[2][4][4] =
+{
+    {
+        { 1, 1, 1, 1 }, /* KL */
+        { 0, 0, 0, 0 }, /* KR */
+        { 1, 1, 1, 1 }, /* KA */
+        { 0, 0, 0, 0 }  /* KB */
+    },
+    {
+        { 1, 0, 1, 1 }, /* KL */
+        { 1, 1, 0, 1 }, /* KR */
+        { 1, 1, 1, 0 }, /* KA */
+        { 1, 1, 0, 1 }  /* KB */
+    }
+};
+
+static const signed char indexes[2][4][20] =
+{
+    {
+        {  0,  1,  2,  3,  8,  9, 10, 11, 38, 39,
+          36, 37, 23, 20, 21, 22, 27, -1, -1, 26 }, /* KL -> RK */
+        { -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+          -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 }, /* KR -> RK */
+        {  4,  5,  6,  7, 12, 13, 14, 15, 16, 17,
+          18, 19, -1, 24, 25, -1, 31, 28, 29, 30 }, /* KA -> RK */
+        { -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+          -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 }  /* KB -> RK */
+    },
+    {
+        {  0,  1,  2,  3, 61, 62, 63, 60, -1, -1,
+          -1, -1, 27, 24, 25, 26, 35, 32, 33, 34 }, /* KL -> RK */
+        { -1, -1, -1, -1,  8,  9, 10, 11, 16, 17,
+          18, 19, -1, -1, -1, -1, 39, 36, 37, 38 }, /* KR -> RK */
+        { -1, -1, -1, -1, 12, 13, 14, 15, 58, 59,
+          56, 57, 31, 28, 29, 30, -1, -1, -1, -1 }, /* KA -> RK */
+        {  4,  5,  6,  7, 65, 66, 67, 64, 20, 21,
+          22, 23, -1, -1, -1, -1, 43, 40, 41, 42 }  /* KB -> RK */
+    }
+};
+
+static const signed char transposes[2][20] =
+{
+    {
+        21, 22, 23, 20,
+        -1, -1, -1, -1,
+        18, 19, 16, 17,
+        11,  8,  9, 10,
+        15, 12, 13, 14
+    },
+    {
+        25, 26, 27, 24,
+        29, 30, 31, 28,
+        18, 19, 16, 17,
+        -1, -1, -1, -1,
+        -1, -1, -1, -1
+    }
+};
+
+/* Shift macro for 128 bit strings with rotation smaller than 32 bits (!) */
+#define ROTL(DEST, SRC, SHIFT)                                      \
+{                                                                   \
+    (DEST)[0] = (SRC)[0] << (SHIFT) ^ (SRC)[1] >> (32 - (SHIFT));   \
+    (DEST)[1] = (SRC)[1] << (SHIFT) ^ (SRC)[2] >> (32 - (SHIFT));   \
+    (DEST)[2] = (SRC)[2] << (SHIFT) ^ (SRC)[3] >> (32 - (SHIFT));   \
+    (DEST)[3] = (SRC)[3] << (SHIFT) ^ (SRC)[0] >> (32 - (SHIFT));   \
+}
+
+#define FL(XL, XR, KL, KR)                                          \
+{                                                                   \
+    (XR) = ((((XL) & (KL)) << 1) | (((XL) & (KL)) >> 31)) ^ (XR);   \
+    (XL) = ((XR) | (KR)) ^ (XL);                                    \
+}
+
+#define FLInv(YL, YR, KL, KR)                                       \
+{                                                                   \
+    (YL) = ((YR) | (KR)) ^ (YL);                                    \
+    (YR) = ((((YL) & (KL)) << 1) | (((YL) & (KL)) >> 31)) ^ (YR);   \
+}
+
+#define SHIFT_AND_PLACE(INDEX, OFFSET)                      \
+{                                                           \
+    TK[0] = KC[(OFFSET) * 4 + 0];                           \
+    TK[1] = KC[(OFFSET) * 4 + 1];                           \
+    TK[2] = KC[(OFFSET) * 4 + 2];                           \
+    TK[3] = KC[(OFFSET) * 4 + 3];                           \
+                                                            \
+    for( i = 1; i <= 4; i++ )                               \
+        if( shifts[(INDEX)][(OFFSET)][i -1] )               \
+            ROTL(TK + i * 4, TK, ( 15 * i ) % 32);          \
+                                                            \
+    for( i = 0; i < 20; i++ )                               \
+        if( indexes[(INDEX)][(OFFSET)][i] != -1 ) {         \
+            RK[indexes[(INDEX)][(OFFSET)][i]] = TK[ i ];    \
+        }                                                   \
+}
+
+static void camellia_feistel( const uint32_t x[2], const uint32_t k[2],
+                              uint32_t z[2])
+{
+    uint32_t I0, I1;
+    I0 = x[0] ^ k[0];
+    I1 = x[1] ^ k[1];
+
+    I0 = ((uint32_t) SBOX1((I0 >> 24) & 0xFF) << 24) |
+         ((uint32_t) SBOX2((I0 >> 16) & 0xFF) << 16) |
+         ((uint32_t) SBOX3((I0 >>  8) & 0xFF) <<  8) |
+         ((uint32_t) SBOX4((I0      ) & 0xFF)      );
+    I1 = ((uint32_t) SBOX2((I1 >> 24) & 0xFF) << 24) |
+         ((uint32_t) SBOX3((I1 >> 16) & 0xFF) << 16) |
+         ((uint32_t) SBOX4((I1 >>  8) & 0xFF) <<  8) |
+         ((uint32_t) SBOX1((I1      ) & 0xFF)      );
+
+    I0 ^= (I1 << 8) | (I1 >> 24);
+    I1 ^= (I0 << 16) | (I0 >> 16);
+    I0 ^= (I1 >> 8) | (I1 << 24);
+    I1 ^= (I0 >> 8) | (I0 << 24);
+
+    z[0] ^= I1;
+    z[1] ^= I0;
+}
+
+void mbedtls_camellia_init( mbedtls_camellia_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_camellia_context ) );
+}
+
+void mbedtls_camellia_free( mbedtls_camellia_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    mbedtls_zeroize( ctx, sizeof( mbedtls_camellia_context ) );
+}
+
+/*
+ * Camellia key schedule (encryption)
+ */
+int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, const unsigned char *key,
+                         unsigned int keybits )
+{
+    int idx;
+    size_t i;
+    uint32_t *RK;
+    unsigned char t[64];
+    uint32_t SIGMA[6][2];
+    uint32_t KC[16];
+    uint32_t TK[20];
+
+    RK = ctx->rk;
+
+    memset( t, 0, 64 );
+    memset( RK, 0, sizeof(ctx->rk) );
+
+    switch( keybits )
+    {
+        case 128: ctx->nr = 3; idx = 0; break;
+        case 192:
+        case 256: ctx->nr = 4; idx = 1; break;
+        default : return( MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH );
+    }
+
+    for( i = 0; i < keybits / 8; ++i )
+        t[i] = key[i];
+
+    if( keybits == 192 ) {
+        for( i = 0; i < 8; i++ )
+            t[24 + i] = ~t[16 + i];
+    }
+
+    /*
+     * Prepare SIGMA values
+     */
+    for( i = 0; i < 6; i++ ) {
+        GET_UINT32_BE( SIGMA[i][0], SIGMA_CHARS[i], 0 );
+        GET_UINT32_BE( SIGMA[i][1], SIGMA_CHARS[i], 4 );
+    }
+
+    /*
+     * Key storage in KC
+     * Order: KL, KR, KA, KB
+     */
+    memset( KC, 0, sizeof(KC) );
+
+    /* Store KL, KR */
+    for( i = 0; i < 8; i++ )
+        GET_UINT32_BE( KC[i], t, i * 4 );
+
+    /* Generate KA */
+    for( i = 0; i < 4; ++i )
+        KC[8 + i] = KC[i] ^ KC[4 + i];
+
+    camellia_feistel( KC + 8, SIGMA[0], KC + 10 );
+    camellia_feistel( KC + 10, SIGMA[1], KC + 8 );
+
+    for( i = 0; i < 4; ++i )
+        KC[8 + i] ^= KC[i];
+
+    camellia_feistel( KC + 8, SIGMA[2], KC + 10 );
+    camellia_feistel( KC + 10, SIGMA[3], KC + 8 );
+
+    if( keybits > 128 ) {
+        /* Generate KB */
+        for( i = 0; i < 4; ++i )
+            KC[12 + i] = KC[4 + i] ^ KC[8 + i];
+
+        camellia_feistel( KC + 12, SIGMA[4], KC + 14 );
+        camellia_feistel( KC + 14, SIGMA[5], KC + 12 );
+    }
+
+    /*
+     * Generating subkeys
+     */
+
+    /* Manipulating KL */
+    SHIFT_AND_PLACE( idx, 0 );
+
+    /* Manipulating KR */
+    if( keybits > 128 ) {
+        SHIFT_AND_PLACE( idx, 1 );
+    }
+
+    /* Manipulating KA */
+    SHIFT_AND_PLACE( idx, 2 );
+
+    /* Manipulating KB */
+    if( keybits > 128 ) {
+        SHIFT_AND_PLACE( idx, 3 );
+    }
+
+    /* Do transpositions */
+    for( i = 0; i < 20; i++ ) {
+        if( transposes[idx][i] != -1 ) {
+            RK[32 + 12 * idx + i] = RK[transposes[idx][i]];
+        }
+    }
+
+    return( 0 );
+}
+
+/*
+ * Camellia key schedule (decryption)
+ */
+int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, const unsigned char *key,
+                         unsigned int keybits )
+{
+    int idx, ret;
+    size_t i;
+    mbedtls_camellia_context cty;
+    uint32_t *RK;
+    uint32_t *SK;
+
+    mbedtls_camellia_init( &cty );
+
+    /* Also checks keybits */
+    if( ( ret = mbedtls_camellia_setkey_enc( &cty, key, keybits ) ) != 0 )
+        goto exit;
+
+    ctx->nr = cty.nr;
+    idx = ( ctx->nr == 4 );
+
+    RK = ctx->rk;
+    SK = cty.rk + 24 * 2 + 8 * idx * 2;
+
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+
+    for( i = 22 + 8 * idx, SK -= 6; i > 0; i--, SK -= 4 )
+    {
+        *RK++ = *SK++;
+        *RK++ = *SK++;
+    }
+
+    SK -= 2;
+
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+    *RK++ = *SK++;
+
+exit:
+    mbedtls_camellia_free( &cty );
+
+    return( ret );
+}
+
+/*
+ * Camellia-ECB block encryption/decryption
+ */
+int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx,
+                    int mode,
+                    const unsigned char input[16],
+                    unsigned char output[16] )
+{
+    int NR;
+    uint32_t *RK, X[4];
+
+    ( (void) mode );
+
+    NR = ctx->nr;
+    RK = ctx->rk;
+
+    GET_UINT32_BE( X[0], input,  0 );
+    GET_UINT32_BE( X[1], input,  4 );
+    GET_UINT32_BE( X[2], input,  8 );
+    GET_UINT32_BE( X[3], input, 12 );
+
+    X[0] ^= *RK++;
+    X[1] ^= *RK++;
+    X[2] ^= *RK++;
+    X[3] ^= *RK++;
+
+    while( NR ) {
+        --NR;
+        camellia_feistel( X, RK, X + 2 );
+        RK += 2;
+        camellia_feistel( X + 2, RK, X );
+        RK += 2;
+        camellia_feistel( X, RK, X + 2 );
+        RK += 2;
+        camellia_feistel( X + 2, RK, X );
+        RK += 2;
+        camellia_feistel( X, RK, X + 2 );
+        RK += 2;
+        camellia_feistel( X + 2, RK, X );
+        RK += 2;
+
+        if( NR ) {
+            FL(X[0], X[1], RK[0], RK[1]);
+            RK += 2;
+            FLInv(X[2], X[3], RK[0], RK[1]);
+            RK += 2;
+        }
+    }
+
+    X[2] ^= *RK++;
+    X[3] ^= *RK++;
+    X[0] ^= *RK++;
+    X[1] ^= *RK++;
+
+    PUT_UINT32_BE( X[2], output,  0 );
+    PUT_UINT32_BE( X[3], output,  4 );
+    PUT_UINT32_BE( X[0], output,  8 );
+    PUT_UINT32_BE( X[1], output, 12 );
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+/*
+ * Camellia-CBC buffer encryption/decryption
+ */
+int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx,
+                    int mode,
+                    size_t length,
+                    unsigned char iv[16],
+                    const unsigned char *input,
+                    unsigned char *output )
+{
+    int i;
+    unsigned char temp[16];
+
+    if( length % 16 )
+        return( MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH );
+
+    if( mode == MBEDTLS_CAMELLIA_DECRYPT )
+    {
+        while( length > 0 )
+        {
+            memcpy( temp, input, 16 );
+            mbedtls_camellia_crypt_ecb( ctx, mode, input, output );
+
+            for( i = 0; i < 16; i++ )
+                output[i] = (unsigned char)( output[i] ^ iv[i] );
+
+            memcpy( iv, temp, 16 );
+
+            input  += 16;
+            output += 16;
+            length -= 16;
+        }
+    }
+    else
+    {
+        while( length > 0 )
+        {
+            for( i = 0; i < 16; i++ )
+                output[i] = (unsigned char)( input[i] ^ iv[i] );
+
+            mbedtls_camellia_crypt_ecb( ctx, mode, output, output );
+            memcpy( iv, output, 16 );
+
+            input  += 16;
+            output += 16;
+            length -= 16;
+        }
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+/*
+ * Camellia-CFB128 buffer encryption/decryption
+ */
+int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx,
+                       int mode,
+                       size_t length,
+                       size_t *iv_off,
+                       unsigned char iv[16],
+                       const unsigned char *input,
+                       unsigned char *output )
+{
+    int c;
+    size_t n = *iv_off;
+
+    if( mode == MBEDTLS_CAMELLIA_DECRYPT )
+    {
+        while( length-- )
+        {
+            if( n == 0 )
+                mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv );
+
+            c = *input++;
+            *output++ = (unsigned char)( c ^ iv[n] );
+            iv[n] = (unsigned char) c;
+
+            n = ( n + 1 ) & 0x0F;
+        }
+    }
+    else
+    {
+        while( length-- )
+        {
+            if( n == 0 )
+                mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv );
+
+            iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
+
+            n = ( n + 1 ) & 0x0F;
+        }
+    }
+
+    *iv_off = n;
+
+    return( 0 );
+}
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+/*
+ * Camellia-CTR buffer encryption/decryption
+ */
+int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx,
+                       size_t length,
+                       size_t *nc_off,
+                       unsigned char nonce_counter[16],
+                       unsigned char stream_block[16],
+                       const unsigned char *input,
+                       unsigned char *output )
+{
+    int c, i;
+    size_t n = *nc_off;
+
+    while( length-- )
+    {
+        if( n == 0 ) {
+            mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, nonce_counter,
+                                stream_block );
+
+            for( i = 16; i > 0; i-- )
+                if( ++nonce_counter[i - 1] != 0 )
+                    break;
+        }
+        c = *input++;
+        *output++ = (unsigned char)( c ^ stream_block[n] );
+
+        n = ( n + 1 ) & 0x0F;
+    }
+
+    *nc_off = n;
+
+    return( 0 );
+}
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+#endif /* !MBEDTLS_CAMELLIA_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/*
+ * Camellia test vectors from:
+ *
+ * http://info.isl.ntt.co.jp/crypt/eng/camellia/technology.html:
+ *   http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/cryptrec/intermediate.txt
+ *   http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/cryptrec/t_camellia.txt
+ *                      (For each bitlength: Key 0, Nr 39)
+ */
+#define CAMELLIA_TESTS_ECB  2
+
+static const unsigned char camellia_test_ecb_key[3][CAMELLIA_TESTS_ECB][32] =
+{
+    {
+        { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+          0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 },
+        { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
+    },
+    {
+        { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+          0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
+          0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 },
+        { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
+    },
+    {
+        { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+          0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
+          0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
+          0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff },
+        { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
+    },
+};
+
+static const unsigned char camellia_test_ecb_plain[CAMELLIA_TESTS_ECB][16] =
+{
+    { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+      0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 },
+    { 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
+};
+
+static const unsigned char camellia_test_ecb_cipher[3][CAMELLIA_TESTS_ECB][16] =
+{
+    {
+        { 0x67, 0x67, 0x31, 0x38, 0x54, 0x96, 0x69, 0x73,
+          0x08, 0x57, 0x06, 0x56, 0x48, 0xea, 0xbe, 0x43 },
+        { 0x38, 0x3C, 0x6C, 0x2A, 0xAB, 0xEF, 0x7F, 0xDE,
+          0x25, 0xCD, 0x47, 0x0B, 0xF7, 0x74, 0xA3, 0x31 }
+    },
+    {
+        { 0xb4, 0x99, 0x34, 0x01, 0xb3, 0xe9, 0x96, 0xf8,
+          0x4e, 0xe5, 0xce, 0xe7, 0xd7, 0x9b, 0x09, 0xb9 },
+        { 0xD1, 0x76, 0x3F, 0xC0, 0x19, 0xD7, 0x7C, 0xC9,
+          0x30, 0xBF, 0xF2, 0xA5, 0x6F, 0x7C, 0x93, 0x64 }
+    },
+    {
+        { 0x9a, 0xcc, 0x23, 0x7d, 0xff, 0x16, 0xd7, 0x6c,
+          0x20, 0xef, 0x7c, 0x91, 0x9e, 0x3a, 0x75, 0x09 },
+        { 0x05, 0x03, 0xFB, 0x10, 0xAB, 0x24, 0x1E, 0x7C,
+          0xF4, 0x5D, 0x8C, 0xDE, 0xEE, 0x47, 0x43, 0x35 }
+    }
+};
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#define CAMELLIA_TESTS_CBC  3
+
+static const unsigned char camellia_test_cbc_key[3][32] =
+{
+        { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6,
+          0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C }
+    ,
+        { 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52,
+          0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5,
+          0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B }
+    ,
+        { 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE,
+          0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81,
+          0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7,
+          0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 }
+};
+
+static const unsigned char camellia_test_cbc_iv[16] =
+
+    { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+      0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F }
+;
+
+static const unsigned char camellia_test_cbc_plain[CAMELLIA_TESTS_CBC][16] =
+{
+    { 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
+      0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A },
+    { 0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
+      0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51 },
+    { 0x30, 0xC8, 0x1C, 0x46, 0xA3, 0x5C, 0xE4, 0x11,
+      0xE5, 0xFB, 0xC1, 0x19, 0x1A, 0x0A, 0x52, 0xEF }
+
+};
+
+static const unsigned char camellia_test_cbc_cipher[3][CAMELLIA_TESTS_CBC][16] =
+{
+    {
+        { 0x16, 0x07, 0xCF, 0x49, 0x4B, 0x36, 0xBB, 0xF0,
+          0x0D, 0xAE, 0xB0, 0xB5, 0x03, 0xC8, 0x31, 0xAB },
+        { 0xA2, 0xF2, 0xCF, 0x67, 0x16, 0x29, 0xEF, 0x78,
+          0x40, 0xC5, 0xA5, 0xDF, 0xB5, 0x07, 0x48, 0x87 },
+        { 0x0F, 0x06, 0x16, 0x50, 0x08, 0xCF, 0x8B, 0x8B,
+          0x5A, 0x63, 0x58, 0x63, 0x62, 0x54, 0x3E, 0x54 }
+    },
+    {
+        { 0x2A, 0x48, 0x30, 0xAB, 0x5A, 0xC4, 0xA1, 0xA2,
+          0x40, 0x59, 0x55, 0xFD, 0x21, 0x95, 0xCF, 0x93 },
+        { 0x5D, 0x5A, 0x86, 0x9B, 0xD1, 0x4C, 0xE5, 0x42,
+          0x64, 0xF8, 0x92, 0xA6, 0xDD, 0x2E, 0xC3, 0xD5 },
+        { 0x37, 0xD3, 0x59, 0xC3, 0x34, 0x98, 0x36, 0xD8,
+          0x84, 0xE3, 0x10, 0xAD, 0xDF, 0x68, 0xC4, 0x49 }
+    },
+    {
+        { 0xE6, 0xCF, 0xA3, 0x5F, 0xC0, 0x2B, 0x13, 0x4A,
+          0x4D, 0x2C, 0x0B, 0x67, 0x37, 0xAC, 0x3E, 0xDA },
+        { 0x36, 0xCB, 0xEB, 0x73, 0xBD, 0x50, 0x4B, 0x40,
+          0x70, 0xB1, 0xB7, 0xDE, 0x2B, 0x21, 0xEB, 0x50 },
+        { 0xE3, 0x1A, 0x60, 0x55, 0x29, 0x7D, 0x96, 0xCA,
+          0x33, 0x30, 0xCD, 0xF1, 0xB1, 0x86, 0x0A, 0x83 }
+    }
+};
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+/*
+ * Camellia-CTR test vectors from:
+ *
+ * http://www.faqs.org/rfcs/rfc5528.html
+ */
+
+static const unsigned char camellia_test_ctr_key[3][16] =
+{
+    { 0xAE, 0x68, 0x52, 0xF8, 0x12, 0x10, 0x67, 0xCC,
+      0x4B, 0xF7, 0xA5, 0x76, 0x55, 0x77, 0xF3, 0x9E },
+    { 0x7E, 0x24, 0x06, 0x78, 0x17, 0xFA, 0xE0, 0xD7,
+      0x43, 0xD6, 0xCE, 0x1F, 0x32, 0x53, 0x91, 0x63 },
+    { 0x76, 0x91, 0xBE, 0x03, 0x5E, 0x50, 0x20, 0xA8,
+      0xAC, 0x6E, 0x61, 0x85, 0x29, 0xF9, 0xA0, 0xDC }
+};
+
+static const unsigned char camellia_test_ctr_nonce_counter[3][16] =
+{
+    { 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
+    { 0x00, 0x6C, 0xB6, 0xDB, 0xC0, 0x54, 0x3B, 0x59,
+      0xDA, 0x48, 0xD9, 0x0B, 0x00, 0x00, 0x00, 0x01 },
+    { 0x00, 0xE0, 0x01, 0x7B, 0x27, 0x77, 0x7F, 0x3F,
+      0x4A, 0x17, 0x86, 0xF0, 0x00, 0x00, 0x00, 0x01 }
+};
+
+static const unsigned char camellia_test_ctr_pt[3][48] =
+{
+    { 0x53, 0x69, 0x6E, 0x67, 0x6C, 0x65, 0x20, 0x62,
+      0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x6D, 0x73, 0x67 },
+
+    { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+      0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
+      0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+      0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F },
+
+    { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+      0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
+      0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+      0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F,
+      0x20, 0x21, 0x22, 0x23 }
+};
+
+static const unsigned char camellia_test_ctr_ct[3][48] =
+{
+    { 0xD0, 0x9D, 0xC2, 0x9A, 0x82, 0x14, 0x61, 0x9A,
+      0x20, 0x87, 0x7C, 0x76, 0xDB, 0x1F, 0x0B, 0x3F },
+    { 0xDB, 0xF3, 0xC7, 0x8D, 0xC0, 0x83, 0x96, 0xD4,
+      0xDA, 0x7C, 0x90, 0x77, 0x65, 0xBB, 0xCB, 0x44,
+      0x2B, 0x8E, 0x8E, 0x0F, 0x31, 0xF0, 0xDC, 0xA7,
+      0x2C, 0x74, 0x17, 0xE3, 0x53, 0x60, 0xE0, 0x48 },
+    { 0xB1, 0x9D, 0x1F, 0xCD, 0xCB, 0x75, 0xEB, 0x88,
+      0x2F, 0x84, 0x9C, 0xE2, 0x4D, 0x85, 0xCF, 0x73,
+      0x9C, 0xE6, 0x4B, 0x2B, 0x5C, 0x9D, 0x73, 0xF1,
+      0x4F, 0x2D, 0x5D, 0x9D, 0xCE, 0x98, 0x89, 0xCD,
+      0xDF, 0x50, 0x86, 0x96 }
+};
+
+static const int camellia_test_ctr_len[3] =
+    { 16, 32, 36 };
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+/*
+ * Checkup routine
+ */
+int mbedtls_camellia_self_test( int verbose )
+{
+    int i, j, u, v;
+    unsigned char key[32];
+    unsigned char buf[64];
+    unsigned char src[16];
+    unsigned char dst[16];
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    unsigned char iv[16];
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    size_t offset, len;
+    unsigned char nonce_counter[16];
+    unsigned char stream_block[16];
+#endif
+
+    mbedtls_camellia_context ctx;
+
+    memset( key, 0, 32 );
+
+    for( j = 0; j < 6; j++ ) {
+        u = j >> 1;
+    v = j & 1;
+
+    if( verbose != 0 )
+        mbedtls_printf( "  CAMELLIA-ECB-%3d (%s): ", 128 + u * 64,
+                         (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc");
+
+    for( i = 0; i < CAMELLIA_TESTS_ECB; i++ ) {
+        memcpy( key, camellia_test_ecb_key[u][i], 16 + 8 * u );
+
+        if( v == MBEDTLS_CAMELLIA_DECRYPT ) {
+            mbedtls_camellia_setkey_dec( &ctx, key, 128 + u * 64 );
+            memcpy( src, camellia_test_ecb_cipher[u][i], 16 );
+            memcpy( dst, camellia_test_ecb_plain[i], 16 );
+        } else { /* MBEDTLS_CAMELLIA_ENCRYPT */
+            mbedtls_camellia_setkey_enc( &ctx, key, 128 + u * 64 );
+            memcpy( src, camellia_test_ecb_plain[i], 16 );
+            memcpy( dst, camellia_test_ecb_cipher[u][i], 16 );
+        }
+
+        mbedtls_camellia_crypt_ecb( &ctx, v, src, buf );
+
+        if( memcmp( buf, dst, 16 ) != 0 )
+        {
+            if( verbose != 0 )
+                mbedtls_printf( "failed\n" );
+
+            return( 1 );
+        }
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n" );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    /*
+     * CBC mode
+     */
+    for( j = 0; j < 6; j++ )
+    {
+        u = j >> 1;
+        v = j  & 1;
+
+        if( verbose != 0 )
+            mbedtls_printf( "  CAMELLIA-CBC-%3d (%s): ", 128 + u * 64,
+                             ( v == MBEDTLS_CAMELLIA_DECRYPT ) ? "dec" : "enc" );
+
+        memcpy( src, camellia_test_cbc_iv, 16 );
+        memcpy( dst, camellia_test_cbc_iv, 16 );
+        memcpy( key, camellia_test_cbc_key[u], 16 + 8 * u );
+
+        if( v == MBEDTLS_CAMELLIA_DECRYPT ) {
+            mbedtls_camellia_setkey_dec( &ctx, key, 128 + u * 64 );
+        } else {
+            mbedtls_camellia_setkey_enc( &ctx, key, 128 + u * 64 );
+        }
+
+        for( i = 0; i < CAMELLIA_TESTS_CBC; i++ ) {
+
+            if( v == MBEDTLS_CAMELLIA_DECRYPT ) {
+                memcpy( iv , src, 16 );
+                memcpy( src, camellia_test_cbc_cipher[u][i], 16 );
+                memcpy( dst, camellia_test_cbc_plain[i], 16 );
+            } else { /* MBEDTLS_CAMELLIA_ENCRYPT */
+                memcpy( iv , dst, 16 );
+                memcpy( src, camellia_test_cbc_plain[i], 16 );
+                memcpy( dst, camellia_test_cbc_cipher[u][i], 16 );
+            }
+
+            mbedtls_camellia_crypt_cbc( &ctx, v, 16, iv, src, buf );
+
+            if( memcmp( buf, dst, 16 ) != 0 )
+            {
+                if( verbose != 0 )
+                    mbedtls_printf( "failed\n" );
+
+                return( 1 );
+            }
+        }
+
+        if( verbose != 0 )
+            mbedtls_printf( "passed\n" );
+    }
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    /*
+     * CTR mode
+     */
+    for( i = 0; i < 6; i++ )
+    {
+        u = i >> 1;
+        v = i  & 1;
+
+        if( verbose != 0 )
+            mbedtls_printf( "  CAMELLIA-CTR-128 (%s): ",
+                             ( v == MBEDTLS_CAMELLIA_DECRYPT ) ? "dec" : "enc" );
+
+        memcpy( nonce_counter, camellia_test_ctr_nonce_counter[u], 16 );
+        memcpy( key, camellia_test_ctr_key[u], 16 );
+
+        offset = 0;
+        mbedtls_camellia_setkey_enc( &ctx, key, 128 );
+
+        if( v == MBEDTLS_CAMELLIA_DECRYPT )
+        {
+            len = camellia_test_ctr_len[u];
+            memcpy( buf, camellia_test_ctr_ct[u], len );
+
+            mbedtls_camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
+                                buf, buf );
+
+            if( memcmp( buf, camellia_test_ctr_pt[u], len ) != 0 )
+            {
+                if( verbose != 0 )
+                    mbedtls_printf( "failed\n" );
+
+                return( 1 );
+            }
+        }
+        else
+        {
+            len = camellia_test_ctr_len[u];
+            memcpy( buf, camellia_test_ctr_pt[u], len );
+
+            mbedtls_camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
+                                buf, buf );
+
+            if( memcmp( buf, camellia_test_ctr_ct[u], len ) != 0 )
+            {
+                if( verbose != 0 )
+                    mbedtls_printf( "failed\n" );
+
+                return( 1 );
+            }
+        }
+
+        if( verbose != 0 )
+            mbedtls_printf( "passed\n" );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+    return( 0 );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_CAMELLIA_C */
diff --git a/thirdparty/mbedtls/library/ccm.c b/thirdparty/mbedtls/library/ccm.c
new file mode 100644
index 0000000000..9101e5f7c7
--- /dev/null
+++ b/thirdparty/mbedtls/library/ccm.c
@@ -0,0 +1,467 @@
+/*
+ *  NIST SP800-38C compliant CCM implementation
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/*
+ * Definition of CCM:
+ * http://csrc.nist.gov/publications/nistpubs/800-38C/SP800-38C_updated-July20_2007.pdf
+ * RFC 3610 "Counter with CBC-MAC (CCM)"
+ *
+ * Related:
+ * RFC 5116 "An Interface and Algorithms for Authenticated Encryption"
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_CCM_C)
+
+#include "mbedtls/ccm.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif /* MBEDTLS_PLATFORM_C */
+#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
+
+#if !defined(MBEDTLS_CCM_ALT)
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
+}
+
+#define CCM_ENCRYPT 0
+#define CCM_DECRYPT 1
+
+/*
+ * Initialize context
+ */
+void mbedtls_ccm_init( mbedtls_ccm_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_ccm_context ) );
+}
+
+int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
+                        mbedtls_cipher_id_t cipher,
+                        const unsigned char *key,
+                        unsigned int keybits )
+{
+    int ret;
+    const mbedtls_cipher_info_t *cipher_info;
+
+    cipher_info = mbedtls_cipher_info_from_values( cipher, keybits, MBEDTLS_MODE_ECB );
+    if( cipher_info == NULL )
+        return( MBEDTLS_ERR_CCM_BAD_INPUT );
+
+    if( cipher_info->block_size != 16 )
+        return( MBEDTLS_ERR_CCM_BAD_INPUT );
+
+    mbedtls_cipher_free( &ctx->cipher_ctx );
+
+    if( ( ret = mbedtls_cipher_setup( &ctx->cipher_ctx, cipher_info ) ) != 0 )
+        return( ret );
+
+    if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keybits,
+                               MBEDTLS_ENCRYPT ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    return( 0 );
+}
+
+/*
+ * Free context
+ */
+void mbedtls_ccm_free( mbedtls_ccm_context *ctx )
+{
+    mbedtls_cipher_free( &ctx->cipher_ctx );
+    mbedtls_zeroize( ctx, sizeof( mbedtls_ccm_context ) );
+}
+
+/*
+ * Macros for common operations.
+ * Results in smaller compiled code than static inline functions.
+ */
+
+/*
+ * Update the CBC-MAC state in y using a block in b
+ * (Always using b as the source helps the compiler optimise a bit better.)
+ */
+#define UPDATE_CBC_MAC                                                      \
+    for( i = 0; i < 16; i++ )                                               \
+        y[i] ^= b[i];                                                       \
+                                                                            \
+    if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, y, 16, y, &olen ) ) != 0 ) \
+        return( ret );
+
+/*
+ * Encrypt or decrypt a partial block with CTR
+ * Warning: using b for temporary storage! src and dst must not be b!
+ * This avoids allocating one more 16 bytes buffer while allowing src == dst.
+ */
+#define CTR_CRYPT( dst, src, len  )                                            \
+    if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctr, 16, b, &olen ) ) != 0 )  \
+        return( ret );                                                         \
+                                                                               \
+    for( i = 0; i < len; i++ )                                                 \
+        dst[i] = src[i] ^ b[i];
+
+/*
+ * Authenticated encryption or decryption
+ */
+static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length,
+                           const unsigned char *iv, size_t iv_len,
+                           const unsigned char *add, size_t add_len,
+                           const unsigned char *input, unsigned char *output,
+                           unsigned char *tag, size_t tag_len )
+{
+    int ret;
+    unsigned char i;
+    unsigned char q;
+    size_t len_left, olen;
+    unsigned char b[16];
+    unsigned char y[16];
+    unsigned char ctr[16];
+    const unsigned char *src;
+    unsigned char *dst;
+
+    /*
+     * Check length requirements: SP800-38C A.1
+     * Additional requirement: a < 2^16 - 2^8 to simplify the code.
+     * 'length' checked later (when writing it to the first block)
+     */
+    if( tag_len < 4 || tag_len > 16 || tag_len % 2 != 0 )
+        return( MBEDTLS_ERR_CCM_BAD_INPUT );
+
+    /* Also implies q is within bounds */
+    if( iv_len < 7 || iv_len > 13 )
+        return( MBEDTLS_ERR_CCM_BAD_INPUT );
+
+    if( add_len > 0xFF00 )
+        return( MBEDTLS_ERR_CCM_BAD_INPUT );
+
+    q = 16 - 1 - (unsigned char) iv_len;
+
+    /*
+     * First block B_0:
+     * 0        .. 0        flags
+     * 1        .. iv_len   nonce (aka iv)
+     * iv_len+1 .. 15       length
+     *
+     * With flags as (bits):
+     * 7        0
+     * 6        add present?
+     * 5 .. 3   (t - 2) / 2
+     * 2 .. 0   q - 1
+     */
+    b[0] = 0;
+    b[0] |= ( add_len > 0 ) << 6;
+    b[0] |= ( ( tag_len - 2 ) / 2 ) << 3;
+    b[0] |= q - 1;
+
+    memcpy( b + 1, iv, iv_len );
+
+    for( i = 0, len_left = length; i < q; i++, len_left >>= 8 )
+        b[15-i] = (unsigned char)( len_left & 0xFF );
+
+    if( len_left > 0 )
+        return( MBEDTLS_ERR_CCM_BAD_INPUT );
+
+
+    /* Start CBC-MAC with first block */
+    memset( y, 0, 16 );
+    UPDATE_CBC_MAC;
+
+    /*
+     * If there is additional data, update CBC-MAC with
+     * add_len, add, 0 (padding to a block boundary)
+     */
+    if( add_len > 0 )
+    {
+        size_t use_len;
+        len_left = add_len;
+        src = add;
+
+        memset( b, 0, 16 );
+        b[0] = (unsigned char)( ( add_len >> 8 ) & 0xFF );
+        b[1] = (unsigned char)( ( add_len      ) & 0xFF );
+
+        use_len = len_left < 16 - 2 ? len_left : 16 - 2;
+        memcpy( b + 2, src, use_len );
+        len_left -= use_len;
+        src += use_len;
+
+        UPDATE_CBC_MAC;
+
+        while( len_left > 0 )
+        {
+            use_len = len_left > 16 ? 16 : len_left;
+
+            memset( b, 0, 16 );
+            memcpy( b, src, use_len );
+            UPDATE_CBC_MAC;
+
+            len_left -= use_len;
+            src += use_len;
+        }
+    }
+
+    /*
+     * Prepare counter block for encryption:
+     * 0        .. 0        flags
+     * 1        .. iv_len   nonce (aka iv)
+     * iv_len+1 .. 15       counter (initially 1)
+     *
+     * With flags as (bits):
+     * 7 .. 3   0
+     * 2 .. 0   q - 1
+     */
+    ctr[0] = q - 1;
+    memcpy( ctr + 1, iv, iv_len );
+    memset( ctr + 1 + iv_len, 0, q );
+    ctr[15] = 1;
+
+    /*
+     * Authenticate and {en,de}crypt the message.
+     *
+     * The only difference between encryption and decryption is
+     * the respective order of authentication and {en,de}cryption.
+     */
+    len_left = length;
+    src = input;
+    dst = output;
+
+    while( len_left > 0 )
+    {
+        size_t use_len = len_left > 16 ? 16 : len_left;
+
+        if( mode == CCM_ENCRYPT )
+        {
+            memset( b, 0, 16 );
+            memcpy( b, src, use_len );
+            UPDATE_CBC_MAC;
+        }
+
+        CTR_CRYPT( dst, src, use_len );
+
+        if( mode == CCM_DECRYPT )
+        {
+            memset( b, 0, 16 );
+            memcpy( b, dst, use_len );
+            UPDATE_CBC_MAC;
+        }
+
+        dst += use_len;
+        src += use_len;
+        len_left -= use_len;
+
+        /*
+         * Increment counter.
+         * No need to check for overflow thanks to the length check above.
+         */
+        for( i = 0; i < q; i++ )
+            if( ++ctr[15-i] != 0 )
+                break;
+    }
+
+    /*
+     * Authentication: reset counter and crypt/mask internal tag
+     */
+    for( i = 0; i < q; i++ )
+        ctr[15-i] = 0;
+
+    CTR_CRYPT( y, y, 16 );
+    memcpy( tag, y, tag_len );
+
+    return( 0 );
+}
+
+/*
+ * Authenticated encryption
+ */
+int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
+                         const unsigned char *iv, size_t iv_len,
+                         const unsigned char *add, size_t add_len,
+                         const unsigned char *input, unsigned char *output,
+                         unsigned char *tag, size_t tag_len )
+{
+    return( ccm_auth_crypt( ctx, CCM_ENCRYPT, length, iv, iv_len,
+                            add, add_len, input, output, tag, tag_len ) );
+}
+
+/*
+ * Authenticated decryption
+ */
+int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
+                      const unsigned char *iv, size_t iv_len,
+                      const unsigned char *add, size_t add_len,
+                      const unsigned char *input, unsigned char *output,
+                      const unsigned char *tag, size_t tag_len )
+{
+    int ret;
+    unsigned char check_tag[16];
+    unsigned char i;
+    int diff;
+
+    if( ( ret = ccm_auth_crypt( ctx, CCM_DECRYPT, length,
+                                iv, iv_len, add, add_len,
+                                input, output, check_tag, tag_len ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    /* Check tag in "constant-time" */
+    for( diff = 0, i = 0; i < tag_len; i++ )
+        diff |= tag[i] ^ check_tag[i];
+
+    if( diff != 0 )
+    {
+        mbedtls_zeroize( output, length );
+        return( MBEDTLS_ERR_CCM_AUTH_FAILED );
+    }
+
+    return( 0 );
+}
+
+#endif /* !MBEDTLS_CCM_ALT */
+
+#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
+/*
+ * Examples 1 to 3 from SP800-38C Appendix C
+ */
+
+#define NB_TESTS 3
+
+/*
+ * The data is the same for all tests, only the used length changes
+ */
+static const unsigned char key[] = {
+    0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
+    0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f
+};
+
+static const unsigned char iv[] = {
+    0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+    0x18, 0x19, 0x1a, 0x1b
+};
+
+static const unsigned char ad[] = {
+    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+    0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+    0x10, 0x11, 0x12, 0x13
+};
+
+static const unsigned char msg[] = {
+    0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+    0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
+    0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
+};
+
+static const size_t iv_len [NB_TESTS] = { 7, 8,  12 };
+static const size_t add_len[NB_TESTS] = { 8, 16, 20 };
+static const size_t msg_len[NB_TESTS] = { 4, 16, 24 };
+static const size_t tag_len[NB_TESTS] = { 4, 6,  8  };
+
+static const unsigned char res[NB_TESTS][32] = {
+    {   0x71, 0x62, 0x01, 0x5b, 0x4d, 0xac, 0x25, 0x5d },
+    {   0xd2, 0xa1, 0xf0, 0xe0, 0x51, 0xea, 0x5f, 0x62,
+        0x08, 0x1a, 0x77, 0x92, 0x07, 0x3d, 0x59, 0x3d,
+        0x1f, 0xc6, 0x4f, 0xbf, 0xac, 0xcd },
+    {   0xe3, 0xb2, 0x01, 0xa9, 0xf5, 0xb7, 0x1a, 0x7a,
+        0x9b, 0x1c, 0xea, 0xec, 0xcd, 0x97, 0xe7, 0x0b,
+        0x61, 0x76, 0xaa, 0xd9, 0xa4, 0x42, 0x8a, 0xa5,
+        0x48, 0x43, 0x92, 0xfb, 0xc1, 0xb0, 0x99, 0x51 }
+};
+
+int mbedtls_ccm_self_test( int verbose )
+{
+    mbedtls_ccm_context ctx;
+    unsigned char out[32];
+    size_t i;
+    int ret;
+
+    mbedtls_ccm_init( &ctx );
+
+    if( mbedtls_ccm_setkey( &ctx, MBEDTLS_CIPHER_ID_AES, key, 8 * sizeof key ) != 0 )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "  CCM: setup failed" );
+
+        return( 1 );
+    }
+
+    for( i = 0; i < NB_TESTS; i++ )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "  CCM-AES #%u: ", (unsigned int) i + 1 );
+
+        ret = mbedtls_ccm_encrypt_and_tag( &ctx, msg_len[i],
+                                   iv, iv_len[i], ad, add_len[i],
+                                   msg, out,
+                                   out + msg_len[i], tag_len[i] );
+
+        if( ret != 0 ||
+            memcmp( out, res[i], msg_len[i] + tag_len[i] ) != 0 )
+        {
+            if( verbose != 0 )
+                mbedtls_printf( "failed\n" );
+
+            return( 1 );
+        }
+
+        ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len[i],
+                                iv, iv_len[i], ad, add_len[i],
+                                res[i], out,
+                                res[i] + msg_len[i], tag_len[i] );
+
+        if( ret != 0 ||
+            memcmp( out, msg, msg_len[i] ) != 0 )
+        {
+            if( verbose != 0 )
+                mbedtls_printf( "failed\n" );
+
+            return( 1 );
+        }
+
+        if( verbose != 0 )
+            mbedtls_printf( "passed\n" );
+    }
+
+    mbedtls_ccm_free( &ctx );
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+    return( 0 );
+}
+
+#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
+
+#endif /* MBEDTLS_CCM_C */
diff --git a/thirdparty/mbedtls/library/certs.c b/thirdparty/mbedtls/library/certs.c
new file mode 100644
index 0000000000..f1379b8cb1
--- /dev/null
+++ b/thirdparty/mbedtls/library/certs.c
@@ -0,0 +1,403 @@
+/*
+ *  X.509 test certificates
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/certs.h"
+
+#if defined(MBEDTLS_CERTS_C)
+
+#if defined(MBEDTLS_ECDSA_C)
+#define TEST_CA_CRT_EC                                                  \
+"-----BEGIN CERTIFICATE-----\r\n"                                       \
+"MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT\r\n"  \
+"Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF\r\n"  \
+"QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT\r\n"  \
+"Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF\r\n"  \
+"QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu\r\n"  \
+"ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy\r\n"  \
+"aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g\r\n"  \
+"JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7\r\n"  \
+"NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE\r\n"  \
+"AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w\r\n"  \
+"CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56\r\n"  \
+"t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv\r\n"  \
+"uCjn8pwUOkABXK8Mss90fzCfCEOtIA==\r\n"                                  \
+"-----END CERTIFICATE-----\r\n"
+const char mbedtls_test_ca_crt_ec[] = TEST_CA_CRT_EC;
+const size_t mbedtls_test_ca_crt_ec_len = sizeof( mbedtls_test_ca_crt_ec );
+
+const char mbedtls_test_ca_key_ec[] =
+"-----BEGIN EC PRIVATE KEY-----\r\n"
+"Proc-Type: 4,ENCRYPTED\r\n"
+"DEK-Info: DES-EDE3-CBC,307EAB469933D64E\r\n"
+"\r\n"
+"IxbrRmKcAzctJqPdTQLA4SWyBYYGYJVkYEna+F7Pa5t5Yg/gKADrFKcm6B72e7DG\r\n"
+"ihExtZI648s0zdYw6qSJ74vrPSuWDe5qm93BqsfVH9svtCzWHW0pm1p0KTBCFfUq\r\n"
+"UsuWTITwJImcnlAs1gaRZ3sAWm7cOUidL0fo2G0fYUFNcYoCSLffCFTEHBuPnagb\r\n"
+"a77x/sY1Bvii8S9/XhDTb6pTMx06wzrm\r\n"
+"-----END EC PRIVATE KEY-----\r\n";
+const size_t mbedtls_test_ca_key_ec_len = sizeof( mbedtls_test_ca_key_ec );
+
+const char mbedtls_test_ca_pwd_ec[] = "PolarSSLTest";
+const size_t mbedtls_test_ca_pwd_ec_len = sizeof( mbedtls_test_ca_pwd_ec ) - 1;
+
+const char mbedtls_test_srv_crt_ec[] =
+"-----BEGIN CERTIFICATE-----\r\n"
+"MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n"
+"A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n"
+"MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n"
+"A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\r\n"
+"CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\r\n"
+"2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\r\n"
+"BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\r\n"
+"PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh\r\n"
+"clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\r\n"
+"CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S\r\n"
+"C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V\r\n"
+"fGa5kHvHARBPc8YAIVIqDvHH1Q==\r\n"
+"-----END CERTIFICATE-----\r\n";
+const size_t mbedtls_test_srv_crt_ec_len = sizeof( mbedtls_test_srv_crt_ec );
+
+const char mbedtls_test_srv_key_ec[] =
+"-----BEGIN EC PRIVATE KEY-----\r\n"
+"MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\r\n"
+"AwEHoUQDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/\r\n"
+"6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/w==\r\n"
+"-----END EC PRIVATE KEY-----\r\n";
+const size_t mbedtls_test_srv_key_ec_len = sizeof( mbedtls_test_srv_key_ec );
+
+const char mbedtls_test_cli_crt_ec[] =
+"-----BEGIN CERTIFICATE-----\r\n"
+"MIICLDCCAbKgAwIBAgIBDTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n"
+"A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n"
+"MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjBBMQswCQYDVQQGEwJOTDERMA8G\r\n"
+"A1UEChMIUG9sYXJTU0wxHzAdBgNVBAMTFlBvbGFyU1NMIFRlc3QgQ2xpZW50IDIw\r\n"
+"WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARX5a6xc9/TrLuTuIH/Eq7u5lOszlVT\r\n"
+"9jQOzC7jYyUL35ji81xgNpbA1RgUcOV/n9VLRRjlsGzVXPiWj4dwo+THo4GdMIGa\r\n"
+"MAkGA1UdEwQCMAAwHQYDVR0OBBYEFHoAX4Zk/OBd5REQO7LmO8QmP8/iMG4GA1Ud\r\n"
+"IwRnMGWAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8oUKkQDA+MQswCQYDVQQGEwJOTDER\r\n"
+"MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC\r\n"
+"CQDBQ+J+YkPM6DAKBggqhkjOPQQDAgNoADBlAjBKZQ17IIOimbmoD/yN7o89u3BM\r\n"
+"lgOsjnhw3fIOoLIWy2WOGsk/LGF++DzvrRzuNiACMQCd8iem1XS4JK7haj8xocpU\r\n"
+"LwjQje5PDGHfd3h9tP38Qknu5bJqws0md2KOKHyeV0U=\r\n"
+"-----END CERTIFICATE-----\r\n";
+const size_t mbedtls_test_cli_crt_ec_len = sizeof( mbedtls_test_cli_crt_ec );
+
+const char mbedtls_test_cli_key_ec[] =
+"-----BEGIN EC PRIVATE KEY-----\r\n"
+"MHcCAQEEIPb3hmTxZ3/mZI3vyk7p3U3wBf+WIop6hDhkFzJhmLcqoAoGCCqGSM49\r\n"
+"AwEHoUQDQgAEV+WusXPf06y7k7iB/xKu7uZTrM5VU/Y0Dswu42MlC9+Y4vNcYDaW\r\n"
+"wNUYFHDlf5/VS0UY5bBs1Vz4lo+HcKPkxw==\r\n"
+"-----END EC PRIVATE KEY-----\r\n";
+const size_t mbedtls_test_cli_key_ec_len = sizeof( mbedtls_test_cli_key_ec );
+#endif /* MBEDTLS_ECDSA_C */
+
+#if defined(MBEDTLS_RSA_C)
+
+#if defined(MBEDTLS_SHA256_C)
+#define TEST_CA_CRT_RSA_SHA256                                          \
+"-----BEGIN CERTIFICATE-----\r\n"                                       \
+"MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n"  \
+"MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n"  \
+"MTcwNTA0MTY1NzAxWhcNMjcwNTA1MTY1NzAxWjA7MQswCQYDVQQGEwJOTDERMA8G\r\n"  \
+"A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G\r\n"  \
+"CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx\r\n"  \
+"mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny\r\n"  \
+"50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n"  \
+"YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n"  \
+"R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n"  \
+"KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n"  \
+"gZUwgZIwHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68x/3/MGMGA1UdIwRcMFqA\r\n"  \
+"FLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UE\r\n"  \
+"CgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQAwDAYDVR0T\r\n"  \
+"BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAHK/HHrTZMnnVMpde1io+voAtql7j\r\n"  \
+"4sRhLrjD7o3THtwRbDa2diCvpq0Sq23Ng2LMYoXsOxoL/RQK3iN7UKxV3MKPEr0w\r\n"  \
+"XQS+kKQqiT2bsfrjnWMVHZtUOMpm6FNqcdGm/Rss3vKda2lcKl8kUnq/ylc1+QbB\r\n"  \
+"G6A6tUvQcr2ZyWfVg+mM5XkhTrOOXus2OLikb4WwEtJTJRNE0f+yPODSUz0/vT57\r\n"  \
+"ApH0CnB80bYJshYHPHHymOtleAB8KSYtqm75g/YNobjnjB6cm4HkW3OZRVIl6fYY\r\n"  \
+"n20NRVA1Vjs6GAROr4NqW4k/+LofY9y0LLDE+p0oIEKXIsIvhPr39swxSA==\r\n"      \
+"-----END CERTIFICATE-----\r\n"
+
+const char   mbedtls_test_ca_crt_rsa[]   = TEST_CA_CRT_RSA_SHA256;
+const size_t mbedtls_test_ca_crt_rsa_len = sizeof( mbedtls_test_ca_crt_rsa );
+#define TEST_CA_CRT_RSA_SOME
+
+static const char mbedtls_test_ca_crt_rsa_sha256[] = TEST_CA_CRT_RSA_SHA256;
+
+#endif
+
+#if !defined(TEST_CA_CRT_RSA_SOME) || defined(MBEDTLS_SHA1_C)
+#define TEST_CA_CRT_RSA_SHA1                                            \
+"-----BEGIN CERTIFICATE-----\r\n"                                       \
+"MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n"  \
+"MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n"  \
+"MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G\r\n"  \
+"A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G\r\n"  \
+"CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx\r\n"  \
+"mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny\r\n"  \
+"50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n"  \
+"YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n"  \
+"R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n"  \
+"KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n"  \
+"gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH\r\n"  \
+"/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV\r\n"  \
+"BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz\r\n"  \
+"dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ\r\n"  \
+"SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H\r\n"  \
+"DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF\r\n"  \
+"pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf\r\n"  \
+"m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ\r\n"  \
+"7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA==\r\n"      \
+"-----END CERTIFICATE-----\r\n"
+
+#if !defined (TEST_CA_CRT_RSA_SOME)
+const char   mbedtls_test_ca_crt_rsa[]   = TEST_CA_CRT_RSA_SHA1;
+const size_t mbedtls_test_ca_crt_rsa_len = sizeof( mbedtls_test_ca_crt_rsa );
+#endif
+
+static const char mbedtls_test_ca_crt_rsa_sha1[] = TEST_CA_CRT_RSA_SHA1;
+
+#endif
+
+const char mbedtls_test_ca_key_rsa[] =
+"-----BEGIN RSA PRIVATE KEY-----\r\n"
+"Proc-Type: 4,ENCRYPTED\r\n"
+"DEK-Info: DES-EDE3-CBC,A8A95B05D5B7206B\r\n"
+"\r\n"
+"9Qd9GeArejl1GDVh2lLV1bHt0cPtfbh5h/5zVpAVaFpqtSPMrElp50Rntn9et+JA\r\n"
+"7VOyboR+Iy2t/HU4WvA687k3Bppe9GwKHjHhtl//8xFKwZr3Xb5yO5JUP8AUctQq\r\n"
+"Nb8CLlZyuUC+52REAAthdWgsX+7dJO4yabzUcQ22Tp9JSD0hiL43BlkWYUNK3dAo\r\n"
+"PZlmiptjnzVTjg1MxsBSydZinWOLBV8/JQgxSPo2yD4uEfig28qbvQ2wNIn0pnAb\r\n"
+"GxnSAOazkongEGfvcjIIs+LZN9gXFhxcOh6kc4Q/c99B7QWETwLLkYgZ+z1a9VY9\r\n"
+"gEU7CwCxYCD+h9hY6FPmsK0/lC4O7aeRKpYq00rPPxs6i7phiexg6ax6yTMmArQq\r\n"
+"QmK3TAsJm8V/J5AWpLEV6jAFgRGymGGHnof0DXzVWZidrcZJWTNuGEX90nB3ee2w\r\n"
+"PXJEFWKoD3K3aFcSLdHYr3mLGxP7H9ThQai9VsycxZKS5kwvBKQ//YMrmFfwPk8x\r\n"
+"vTeY4KZMaUrveEel5tWZC94RSMKgxR6cyE1nBXyTQnDOGbfpNNgBKxyKbINWoOJU\r\n"
+"WJZAwlsQn+QzCDwpri7+sV1mS3gBE6UY7aQmnmiiaC2V3Hbphxct/en5QsfDOt1X\r\n"
+"JczSfpRWLlbPznZg8OQh/VgCMA58N5DjOzTIK7sJJ5r+94ZBTCpgAMbF588f0NTR\r\n"
+"KCe4yrxGJR7X02M4nvD4IwOlpsQ8xQxZtOSgXv4LkxvdU9XJJKWZ/XNKJeWztxSe\r\n"
+"Z1vdTc2YfsDBA2SEv33vxHx2g1vqtw8SjDRT2RaQSS0QuSaMJimdOX6mTOCBKk1J\r\n"
+"9Q5mXTrER+/LnK0jEmXsBXWA5bqqVZIyahXSx4VYZ7l7w/PHiUDtDgyRhMMKi4n2\r\n"
+"iQvQcWSQTjrpnlJbca1/DkpRt3YwrvJwdqb8asZU2VrNETh5x0QVefDRLFiVpif/\r\n"
+"tUaeAe/P1F8OkS7OIZDs1SUbv/sD2vMbhNkUoCms3/PvNtdnvgL4F0zhaDpKCmlT\r\n"
+"P8vx49E7v5CyRNmED9zZg4o3wmMqrQO93PtTug3Eu9oVx1zPQM1NVMyBa2+f29DL\r\n"
+"1nuTCeXdo9+ni45xx+jAI4DCwrRdhJ9uzZyC6962H37H6D+5naNvClFR1s6li1Gb\r\n"
+"nqPoiy/OBsEx9CaDGcqQBp5Wme/3XW+6z1ISOx+igwNTVCT14mHdBMbya0eIKft5\r\n"
+"X+GnwtgEMyCYyyWuUct8g4RzErcY9+yW9Om5Hzpx4zOuW4NPZgPDTgK+t2RSL/Yq\r\n"
+"rE1njrgeGYcVeG3f+OftH4s6fPbq7t1A5ZgUscbLMBqr9tK+OqygR4EgKBPsH6Cz\r\n"
+"L6zlv/2RV0qAHvVuDJcIDIgwY5rJtINEm32rhOeFNJwZS5MNIC1czXZx5//ugX7l\r\n"
+"I4sy5nbVhwSjtAk8Xg5dZbdTZ6mIrb7xqH+fdakZor1khG7bC2uIwibD3cSl2XkR\r\n"
+"wN48lslbHnqqagr6Xm1nNOSVl8C/6kbJEsMpLhAezfRtGwvOucoaE+WbeUNolGde\r\n"
+"P/eQiddSf0brnpiLJRh7qZrl9XuqYdpUqnoEdMAfotDOID8OtV7gt8a48ad8VPW2\r\n"
+"-----END RSA PRIVATE KEY-----\r\n";
+const size_t mbedtls_test_ca_key_rsa_len = sizeof( mbedtls_test_ca_key_rsa );
+
+const char mbedtls_test_ca_pwd_rsa[] = "PolarSSLTest";
+const size_t mbedtls_test_ca_pwd_rsa_len = sizeof( mbedtls_test_ca_pwd_rsa ) - 1;
+
+const char mbedtls_test_srv_crt_rsa[] =
+"-----BEGIN CERTIFICATE-----\r\n"
+"MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n"
+"MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n"
+"MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n"
+"A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n"
+"AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n"
+"owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n"
+"NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n"
+"tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n"
+"hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n"
+"HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n"
+"VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n"
+"FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAJxnXClY\r\n"
+"oHkbp70cqBrsGXLybA74czbO5RdLEgFs7rHVS9r+c293luS/KdliLScZqAzYVylw\r\n"
+"UfRWvKMoWhHYKp3dEIS4xTXk6/5zXxhv9Rw8SGc8qn6vITHk1S1mPevtekgasY5Y\r\n"
+"iWQuM3h4YVlRH3HHEMAD1TnAexfXHHDFQGe+Bd1iAbz1/sH9H8l4StwX6egvTK3M\r\n"
+"wXRwkKkvjKaEDA9ATbZx0mI8LGsxSuCqe9r9dyjmttd47J1p1Rulz3CLzaRcVIuS\r\n"
+"RRQfaD8neM9c1S/iJ/amTVqJxA1KOdOS5780WhPfSArA+g4qAmSjelc3p4wWpha8\r\n"
+"zhuYwjVuX6JHG0c=\r\n"
+"-----END CERTIFICATE-----\r\n";
+const size_t mbedtls_test_srv_crt_rsa_len = sizeof( mbedtls_test_srv_crt_rsa );
+
+const char mbedtls_test_srv_key_rsa[] =
+"-----BEGIN RSA PRIVATE KEY-----\r\n"
+"MIIEpAIBAAKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r\r\n"
+"lqdStJDvLXJ6PiSa/LY0rCT1d+AmZIycsCh9odrqjObJHJa8/sEEUrM21KP64bF2\r\n"
+"2JDBYbRmUjaiJlOqq3ReB30Zgtsq2B+g2Q0cLUlm91slc0boC4pPaQy1AJDh2oIQ\r\n"
+"Zn2uVCuLZXmRoeJhw81ASQjuaAzxi4bSRr/QuKoRAx5/VqgaHkQYDw+Fi9qLRF7i\r\n"
+"GMZiL8dmjfpd2H3zJ4kpAcWQDj8n8TDISg7v1t7HxydrxwU9esQCPJodPg/oNJhb\r\n"
+"y3NLUpbYEaIsgIhpOVrTD7DeWS8Rx/fqEgEwlwIDAQABAoIBAQCXR0S8EIHFGORZ\r\n"
+"++AtOg6eENxD+xVs0f1IeGz57Tjo3QnXX7VBZNdj+p1ECvhCE/G7XnkgU5hLZX+G\r\n"
+"Z0jkz/tqJOI0vRSdLBbipHnWouyBQ4e/A1yIJdlBtqXxJ1KE/ituHRbNc4j4kL8Z\r\n"
+"/r6pvwnTI0PSx2Eqs048YdS92LT6qAv4flbNDxMn2uY7s4ycS4Q8w1JXnCeaAnYm\r\n"
+"WYI5wxO+bvRELR2Mcz5DmVnL8jRyml6l6582bSv5oufReFIbyPZbQWlXgYnpu6He\r\n"
+"GTc7E1zKYQGG/9+DQUl/1vQuCPqQwny0tQoX2w5tdYpdMdVm+zkLtbajzdTviJJa\r\n"
+"TWzL6lt5AoGBAN86+SVeJDcmQJcv4Eq6UhtRr4QGMiQMz0Sod6ettYxYzMgxtw28\r\n"
+"CIrgpozCc+UaZJLo7UxvC6an85r1b2nKPCLQFaggJ0H4Q0J/sZOhBIXaoBzWxveK\r\n"
+"nupceKdVxGsFi8CDy86DBfiyFivfBj+47BbaQzPBj7C4rK7UlLjab2rDAoGBAN2u\r\n"
+"AM2gchoFiu4v1HFL8D7lweEpi6ZnMJjnEu/dEgGQJFjwdpLnPbsj4c75odQ4Gz8g\r\n"
+"sw9lao9VVzbusoRE/JGI4aTdO0pATXyG7eG1Qu+5Yc1YGXcCrliA2xM9xx+d7f+s\r\n"
+"mPzN+WIEg5GJDYZDjAzHG5BNvi/FfM1C9dOtjv2dAoGAF0t5KmwbjWHBhcVqO4Ic\r\n"
+"BVvN3BIlc1ue2YRXEDlxY5b0r8N4XceMgKmW18OHApZxfl8uPDauWZLXOgl4uepv\r\n"
+"whZC3EuWrSyyICNhLY21Ah7hbIEBPF3L3ZsOwC+UErL+dXWLdB56Jgy3gZaBeW7b\r\n"
+"vDrEnocJbqCm7IukhXHOBK8CgYEAwqdHB0hqyNSzIOGY7v9abzB6pUdA3BZiQvEs\r\n"
+"3LjHVd4HPJ2x0N8CgrBIWOE0q8+0hSMmeE96WW/7jD3fPWwCR5zlXknxBQsfv0gP\r\n"
+"3BC5PR0Qdypz+d+9zfMf625kyit4T/hzwhDveZUzHnk1Cf+IG7Q+TOEnLnWAWBED\r\n"
+"ISOWmrUCgYAFEmRxgwAc/u+D6t0syCwAYh6POtscq9Y0i9GyWk89NzgC4NdwwbBH\r\n"
+"4AgahOxIxXx2gxJnq3yfkJfIjwf0s2DyP0kY2y6Ua1OeomPeY9mrIS4tCuDQ6LrE\r\n"
+"TB6l9VGoxJL4fyHnZb8L5gGvnB1bbD8cL6YPaDiOhcRseC9vBiEuVg==\r\n"
+"-----END RSA PRIVATE KEY-----\r\n";
+const size_t mbedtls_test_srv_key_rsa_len = sizeof( mbedtls_test_srv_key_rsa );
+
+const char mbedtls_test_cli_crt_rsa[] =
+"-----BEGIN CERTIFICATE-----\r\n"
+"MIIDhTCCAm2gAwIBAgIBBDANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER\r\n"
+"MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n"
+"MTcwNTA1MTMwNzU5WhcNMjcwNTA2MTMwNzU5WjA8MQswCQYDVQQGEwJOTDERMA8G\r\n"
+"A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENsaWVudCAyMIIBIjAN\r\n"
+"BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f\r\n"
+"M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu\r\n"
+"1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw\r\n"
+"MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v\r\n"
+"4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/\r\n"
+"/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB\r\n"
+"o4GSMIGPMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITBjBgNVHSMEXDBa\r\n"
+"gBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNV\r\n"
+"BAoMCFBvbGFyU1NMMRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEAMAkGA1Ud\r\n"
+"EwQCMAAwDQYJKoZIhvcNAQELBQADggEBAC7yO786NvcHpK8UovKIG9cB32oSQQom\r\n"
+"LoR0eHDRzdqEkoq7yGZufHFiRAAzbMqJfogRtxlrWAeB4y/jGaMBV25IbFOIcH2W\r\n"
+"iCEaMMbG+VQLKNvuC63kmw/Zewc9ThM6Pa1Hcy0axT0faf1B/U01j0FIcw/6mTfK\r\n"
+"D8w48OIwc1yr0JtutCVjig5DC0yznGMt32RyseOLcUe+lfq005v2PAiCozr5X8rE\r\n"
+"ofGZpiM2NqRPePgYy+Vc75Zk28xkRQq1ncprgQb3S4vTsZdScpM9hLf+eMlrgqlj\r\n"
+"c5PLSkXBeLE5+fedkyfTaLxxQlgCpuoOhKBm04/R1pWNzUHyqagjO9Q=\r\n"
+"-----END CERTIFICATE-----\r\n";
+const size_t mbedtls_test_cli_crt_rsa_len = sizeof( mbedtls_test_cli_crt_rsa );
+
+const char mbedtls_test_cli_key_rsa[] =
+"-----BEGIN RSA PRIVATE KEY-----\r\n"
+"MIIEpAIBAAKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6fM60Nj4o8VmXl3ETZzGaF\r\n"
+"B9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu1C93KYRhTYJQj6eVSHD1\r\n"
+"bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEwMjDV0/YI0FZPRo7yX/k9\r\n"
+"Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v4Jv4EFbMs44TFeY0BGbH\r\n"
+"7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx//DZrtenNLQNiTrM9AM+v\r\n"
+"dqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQABAoIBAGdNtfYDiap6bzst\r\n"
+"yhCiI8m9TtrhZw4MisaEaN/ll3XSjaOG2dvV6xMZCMV+5TeXDHOAZnY18Yi18vzz\r\n"
+"4Ut2TnNFzizCECYNaA2fST3WgInnxUkV3YXAyP6CNxJaCmv2aA0yFr2kFVSeaKGt\r\n"
+"ymvljNp2NVkvm7Th8fBQBO7I7AXhz43k0mR7XmPgewe8ApZOG3hstkOaMvbWAvWA\r\n"
+"zCZupdDjZYjOJqlA4eEA4H8/w7F83r5CugeBE8LgEREjLPiyejrU5H1fubEY+h0d\r\n"
+"l5HZBJ68ybTXfQ5U9o/QKA3dd0toBEhhdRUDGzWtjvwkEQfqF1reGWj/tod/gCpf\r\n"
+"DFi6X0ECgYEA4wOv/pjSC3ty6TuOvKX2rOUiBrLXXv2JSxZnMoMiWI5ipLQt+RYT\r\n"
+"VPafL/m7Dn6MbwjayOkcZhBwk5CNz5A6Q4lJ64Mq/lqHznRCQQ2Mc1G8eyDF/fYL\r\n"
+"Ze2pLvwP9VD5jTc2miDfw+MnvJhywRRLcemDFP8k4hQVtm8PMp3ZmNECgYEA4gz7\r\n"
+"wzObR4gn8ibe617uQPZjWzUj9dUHYd+in1gwBCIrtNnaRn9I9U/Q6tegRYpii4ys\r\n"
+"c176NmU+umy6XmuSKV5qD9bSpZWG2nLFnslrN15Lm3fhZxoeMNhBaEDTnLT26yoi\r\n"
+"33gp0mSSWy94ZEqipms+ULF6sY1ZtFW6tpGFoy8CgYAQHhnnvJflIs2ky4q10B60\r\n"
+"ZcxFp3rtDpkp0JxhFLhiizFrujMtZSjYNm5U7KkgPVHhLELEUvCmOnKTt4ap/vZ0\r\n"
+"BxJNe1GZH3pW6SAvGDQpl9sG7uu/vTFP+lCxukmzxB0DrrDcvorEkKMom7ZCCRvW\r\n"
+"KZsZ6YeH2Z81BauRj218kQKBgQCUV/DgKP2985xDTT79N08jUo3hTP5MVYCCuj/+\r\n"
+"UeEw1TvZcx3LJby7P6Xad6a1/BqveaGyFKIfEFIaBUBItk801sDDpDaYc4gL00Xc\r\n"
+"7lFuBHOZkxJYlss5QrGpuOEl9ZwUt5IrFLBdYaKqNHzNVC1pCPfb/JyH6Dr2HUxq\r\n"
+"gxUwAQKBgQCcU6G2L8AG9d9c0UpOyL1tMvFe5Ttw0KjlQVdsh1MP6yigYo9DYuwu\r\n"
+"bHFVW2r0dBTqegP2/KTOxKzaHfC1qf0RGDsUoJCNJrd1cwoCLG8P2EF4w3OBrKqv\r\n"
+"8u4ytY0F+Vlanj5lm3TaoHSVF1+NWPyOTiwevIECGKwSxvlki4fDAA==\r\n"
+"-----END RSA PRIVATE KEY-----\r\n";
+const size_t mbedtls_test_cli_key_rsa_len = sizeof( mbedtls_test_cli_key_rsa );
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+/* Concatenation of all available CA certificates */
+const char mbedtls_test_cas_pem[] =
+#ifdef TEST_CA_CRT_RSA_SHA1
+    TEST_CA_CRT_RSA_SHA1
+#endif
+#ifdef TEST_CA_CRT_RSA_SHA256
+    TEST_CA_CRT_RSA_SHA256
+#endif
+#ifdef TEST_CA_CRT_EC
+    TEST_CA_CRT_EC
+#endif
+    "";
+const size_t mbedtls_test_cas_pem_len = sizeof( mbedtls_test_cas_pem );
+#endif
+
+/* List of all available CA certificates */
+const char * mbedtls_test_cas[] = {
+#if defined(TEST_CA_CRT_RSA_SHA1)
+    mbedtls_test_ca_crt_rsa_sha1,
+#endif
+#if defined(TEST_CA_CRT_RSA_SHA256)
+    mbedtls_test_ca_crt_rsa_sha256,
+#endif
+#if defined(MBEDTLS_ECDSA_C)
+    mbedtls_test_ca_crt_ec,
+#endif
+    NULL
+};
+const size_t mbedtls_test_cas_len[] = {
+#if defined(TEST_CA_CRT_RSA_SHA1)
+    sizeof( mbedtls_test_ca_crt_rsa_sha1 ),
+#endif
+#if defined(TEST_CA_CRT_RSA_SHA256)
+    sizeof( mbedtls_test_ca_crt_rsa_sha256 ),
+#endif
+#if defined(MBEDTLS_ECDSA_C)
+    sizeof( mbedtls_test_ca_crt_ec ),
+#endif
+    0
+};
+
+#if defined(MBEDTLS_RSA_C)
+const char *mbedtls_test_ca_crt  = mbedtls_test_ca_crt_rsa; /* SHA1 or SHA256 */
+const char *mbedtls_test_ca_key  = mbedtls_test_ca_key_rsa;
+const char *mbedtls_test_ca_pwd  = mbedtls_test_ca_pwd_rsa;
+const char *mbedtls_test_srv_crt = mbedtls_test_srv_crt_rsa;
+const char *mbedtls_test_srv_key = mbedtls_test_srv_key_rsa;
+const char *mbedtls_test_cli_crt = mbedtls_test_cli_crt_rsa;
+const char *mbedtls_test_cli_key = mbedtls_test_cli_key_rsa;
+const size_t mbedtls_test_ca_crt_len  = sizeof( mbedtls_test_ca_crt_rsa );
+const size_t mbedtls_test_ca_key_len  = sizeof( mbedtls_test_ca_key_rsa );
+const size_t mbedtls_test_ca_pwd_len  = sizeof( mbedtls_test_ca_pwd_rsa ) - 1;
+const size_t mbedtls_test_srv_crt_len = sizeof( mbedtls_test_srv_crt_rsa );
+const size_t mbedtls_test_srv_key_len = sizeof( mbedtls_test_srv_key_rsa );
+const size_t mbedtls_test_cli_crt_len = sizeof( mbedtls_test_cli_crt_rsa );
+const size_t mbedtls_test_cli_key_len = sizeof( mbedtls_test_cli_key_rsa );
+#else /* ! MBEDTLS_RSA_C, so MBEDTLS_ECDSA_C */
+const char *mbedtls_test_ca_crt  = mbedtls_test_ca_crt_ec;
+const char *mbedtls_test_ca_key  = mbedtls_test_ca_key_ec;
+const char *mbedtls_test_ca_pwd  = mbedtls_test_ca_pwd_ec;
+const char *mbedtls_test_srv_crt = mbedtls_test_srv_crt_ec;
+const char *mbedtls_test_srv_key = mbedtls_test_srv_key_ec;
+const char *mbedtls_test_cli_crt = mbedtls_test_cli_crt_ec;
+const char *mbedtls_test_cli_key = mbedtls_test_cli_key_ec;
+const size_t mbedtls_test_ca_crt_len  = sizeof( mbedtls_test_ca_crt_ec );
+const size_t mbedtls_test_ca_key_len  = sizeof( mbedtls_test_ca_key_ec );
+const size_t mbedtls_test_ca_pwd_len  = sizeof( mbedtls_test_ca_pwd_ec ) - 1;
+const size_t mbedtls_test_srv_crt_len = sizeof( mbedtls_test_srv_crt_ec );
+const size_t mbedtls_test_srv_key_len = sizeof( mbedtls_test_srv_key_ec );
+const size_t mbedtls_test_cli_crt_len = sizeof( mbedtls_test_cli_crt_ec );
+const size_t mbedtls_test_cli_key_len = sizeof( mbedtls_test_cli_key_ec );
+#endif /* MBEDTLS_RSA_C */
+
+#endif /* MBEDTLS_CERTS_C */
diff --git a/thirdparty/mbedtls/library/cipher.c b/thirdparty/mbedtls/library/cipher.c
new file mode 100644
index 0000000000..ff0327380c
--- /dev/null
+++ b/thirdparty/mbedtls/library/cipher.c
@@ -0,0 +1,917 @@
+/**
+ * \file cipher.c
+ *
+ * \brief Generic cipher wrapper for mbed TLS
+ *
+ * \author Adriaan de Jong <dejong@fox-it.com>
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_CIPHER_C)
+
+#include "mbedtls/cipher.h"
+#include "mbedtls/cipher_internal.h"
+
+#include <stdlib.h>
+#include <string.h>
+
+#if defined(MBEDTLS_GCM_C)
+#include "mbedtls/gcm.h"
+#endif
+
+#if defined(MBEDTLS_CCM_C)
+#include "mbedtls/ccm.h"
+#endif
+
+#if defined(MBEDTLS_CMAC_C)
+#include "mbedtls/cmac.h"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#define mbedtls_calloc calloc
+#define mbedtls_free   free
+#endif
+
+#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER)
+#define MBEDTLS_CIPHER_MODE_STREAM
+#endif
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
+}
+
+static int supported_init = 0;
+
+const int *mbedtls_cipher_list( void )
+{
+    const mbedtls_cipher_definition_t *def;
+    int *type;
+
+    if( ! supported_init )
+    {
+        def = mbedtls_cipher_definitions;
+        type = mbedtls_cipher_supported;
+
+        while( def->type != 0 )
+            *type++ = (*def++).type;
+
+        *type = 0;
+
+        supported_init = 1;
+    }
+
+    return( mbedtls_cipher_supported );
+}
+
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type )
+{
+    const mbedtls_cipher_definition_t *def;
+
+    for( def = mbedtls_cipher_definitions; def->info != NULL; def++ )
+        if( def->type == cipher_type )
+            return( def->info );
+
+    return( NULL );
+}
+
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name )
+{
+    const mbedtls_cipher_definition_t *def;
+
+    if( NULL == cipher_name )
+        return( NULL );
+
+    for( def = mbedtls_cipher_definitions; def->info != NULL; def++ )
+        if( !  strcmp( def->info->name, cipher_name ) )
+            return( def->info );
+
+    return( NULL );
+}
+
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id,
+                                              int key_bitlen,
+                                              const mbedtls_cipher_mode_t mode )
+{
+    const mbedtls_cipher_definition_t *def;
+
+    for( def = mbedtls_cipher_definitions; def->info != NULL; def++ )
+        if( def->info->base->cipher == cipher_id &&
+            def->info->key_bitlen == (unsigned) key_bitlen &&
+            def->info->mode == mode )
+            return( def->info );
+
+    return( NULL );
+}
+
+void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
+}
+
+void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+#if defined(MBEDTLS_CMAC_C)
+    if( ctx->cmac_ctx )
+    {
+       mbedtls_zeroize( ctx->cmac_ctx, sizeof( mbedtls_cmac_context_t ) );
+       mbedtls_free( ctx->cmac_ctx );
+    }
+#endif
+
+    if( ctx->cipher_ctx )
+        ctx->cipher_info->base->ctx_free_func( ctx->cipher_ctx );
+
+    mbedtls_zeroize( ctx, sizeof(mbedtls_cipher_context_t) );
+}
+
+int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info )
+{
+    if( NULL == cipher_info || NULL == ctx )
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+    memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
+
+    if( NULL == ( ctx->cipher_ctx = cipher_info->base->ctx_alloc_func() ) )
+        return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED );
+
+    ctx->cipher_info = cipher_info;
+
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+    /*
+     * Ignore possible errors caused by a cipher mode that doesn't use padding
+     */
+#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+    (void) mbedtls_cipher_set_padding_mode( ctx, MBEDTLS_PADDING_PKCS7 );
+#else
+    (void) mbedtls_cipher_set_padding_mode( ctx, MBEDTLS_PADDING_NONE );
+#endif
+#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
+
+    return( 0 );
+}
+
+int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key,
+        int key_bitlen, const mbedtls_operation_t operation )
+{
+    if( NULL == ctx || NULL == ctx->cipher_info )
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+    if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN ) == 0 &&
+        (int) ctx->cipher_info->key_bitlen != key_bitlen )
+    {
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+    }
+
+    ctx->key_bitlen = key_bitlen;
+    ctx->operation = operation;
+
+    /*
+     * For CFB and CTR mode always use the encryption key schedule
+     */
+    if( MBEDTLS_ENCRYPT == operation ||
+        MBEDTLS_MODE_CFB == ctx->cipher_info->mode ||
+        MBEDTLS_MODE_CTR == ctx->cipher_info->mode )
+    {
+        return ctx->cipher_info->base->setkey_enc_func( ctx->cipher_ctx, key,
+                ctx->key_bitlen );
+    }
+
+    if( MBEDTLS_DECRYPT == operation )
+        return ctx->cipher_info->base->setkey_dec_func( ctx->cipher_ctx, key,
+                ctx->key_bitlen );
+
+    return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+}
+
+int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
+                   const unsigned char *iv, size_t iv_len )
+{
+    size_t actual_iv_size;
+
+    if( NULL == ctx || NULL == ctx->cipher_info || NULL == iv )
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+    /* avoid buffer overflow in ctx->iv */
+    if( iv_len > MBEDTLS_MAX_IV_LENGTH )
+        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+
+    if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_IV_LEN ) != 0 )
+        actual_iv_size = iv_len;
+    else
+    {
+        actual_iv_size = ctx->cipher_info->iv_size;
+
+        /* avoid reading past the end of input buffer */
+        if( actual_iv_size > iv_len )
+            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+    }
+
+    memcpy( ctx->iv, iv, actual_iv_size );
+    ctx->iv_size = actual_iv_size;
+
+    return( 0 );
+}
+
+int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx )
+{
+    if( NULL == ctx || NULL == ctx->cipher_info )
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+    ctx->unprocessed_len = 0;
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_GCM_C)
+int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
+                      const unsigned char *ad, size_t ad_len )
+{
+    if( NULL == ctx || NULL == ctx->cipher_info )
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+    if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
+    {
+        return mbedtls_gcm_starts( (mbedtls_gcm_context *) ctx->cipher_ctx, ctx->operation,
+                           ctx->iv, ctx->iv_size, ad, ad_len );
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_GCM_C */
+
+int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
+                   size_t ilen, unsigned char *output, size_t *olen )
+{
+    int ret;
+    size_t block_size = 0;
+
+    if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen )
+    {
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+    }
+
+    *olen = 0;
+    block_size = mbedtls_cipher_get_block_size( ctx );
+
+    if( ctx->cipher_info->mode == MBEDTLS_MODE_ECB )
+    {
+        if( ilen != block_size )
+            return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
+
+        *olen = ilen;
+
+        if( 0 != ( ret = ctx->cipher_info->base->ecb_func( ctx->cipher_ctx,
+                    ctx->operation, input, output ) ) )
+        {
+            return( ret );
+        }
+
+        return( 0 );
+    }
+
+#if defined(MBEDTLS_GCM_C)
+    if( ctx->cipher_info->mode == MBEDTLS_MODE_GCM )
+    {
+        *olen = ilen;
+        return mbedtls_gcm_update( (mbedtls_gcm_context *) ctx->cipher_ctx, ilen, input,
+                           output );
+    }
+#endif
+
+    if ( 0 == block_size )
+    {
+        return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT;
+    }
+
+    if( input == output &&
+       ( ctx->unprocessed_len != 0 || ilen % block_size ) )
+    {
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+    }
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    if( ctx->cipher_info->mode == MBEDTLS_MODE_CBC )
+    {
+        size_t copy_len = 0;
+
+        /*
+         * If there is not enough data for a full block, cache it.
+         */
+        if( ( ctx->operation == MBEDTLS_DECRYPT &&
+                ilen <= block_size - ctx->unprocessed_len ) ||
+             ( ctx->operation == MBEDTLS_ENCRYPT &&
+                ilen < block_size - ctx->unprocessed_len ) )
+        {
+            memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
+                    ilen );
+
+            ctx->unprocessed_len += ilen;
+            return( 0 );
+        }
+
+        /*
+         * Process cached data first
+         */
+        if( 0 != ctx->unprocessed_len )
+        {
+            copy_len = block_size - ctx->unprocessed_len;
+
+            memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
+                    copy_len );
+
+            if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
+                    ctx->operation, block_size, ctx->iv,
+                    ctx->unprocessed_data, output ) ) )
+            {
+                return( ret );
+            }
+
+            *olen += block_size;
+            output += block_size;
+            ctx->unprocessed_len = 0;
+
+            input += copy_len;
+            ilen -= copy_len;
+        }
+
+        /*
+         * Cache final, incomplete block
+         */
+        if( 0 != ilen )
+        {
+            if( 0 == block_size )
+            {
+                return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT;
+            }
+
+            copy_len = ilen % block_size;
+            if( copy_len == 0 && ctx->operation == MBEDTLS_DECRYPT )
+                copy_len = block_size;
+
+            memcpy( ctx->unprocessed_data, &( input[ilen - copy_len] ),
+                    copy_len );
+
+            ctx->unprocessed_len += copy_len;
+            ilen -= copy_len;
+        }
+
+        /*
+         * Process remaining full blocks
+         */
+        if( ilen )
+        {
+            if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
+                    ctx->operation, ilen, ctx->iv, input, output ) ) )
+            {
+                return( ret );
+            }
+
+            *olen += ilen;
+        }
+
+        return( 0 );
+    }
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    if( ctx->cipher_info->mode == MBEDTLS_MODE_CFB )
+    {
+        if( 0 != ( ret = ctx->cipher_info->base->cfb_func( ctx->cipher_ctx,
+                ctx->operation, ilen, &ctx->unprocessed_len, ctx->iv,
+                input, output ) ) )
+        {
+            return( ret );
+        }
+
+        *olen = ilen;
+
+        return( 0 );
+    }
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    if( ctx->cipher_info->mode == MBEDTLS_MODE_CTR )
+    {
+        if( 0 != ( ret = ctx->cipher_info->base->ctr_func( ctx->cipher_ctx,
+                ilen, &ctx->unprocessed_len, ctx->iv,
+                ctx->unprocessed_data, input, output ) ) )
+        {
+            return( ret );
+        }
+
+        *olen = ilen;
+
+        return( 0 );
+    }
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    if( ctx->cipher_info->mode == MBEDTLS_MODE_STREAM )
+    {
+        if( 0 != ( ret = ctx->cipher_info->base->stream_func( ctx->cipher_ctx,
+                                                    ilen, input, output ) ) )
+        {
+            return( ret );
+        }
+
+        *olen = ilen;
+
+        return( 0 );
+    }
+#endif /* MBEDTLS_CIPHER_MODE_STREAM */
+
+    return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+/*
+ * PKCS7 (and PKCS5) padding: fill with ll bytes, with ll = padding_len
+ */
+static void add_pkcs_padding( unsigned char *output, size_t output_len,
+        size_t data_len )
+{
+    size_t padding_len = output_len - data_len;
+    unsigned char i;
+
+    for( i = 0; i < padding_len; i++ )
+        output[data_len + i] = (unsigned char) padding_len;
+}
+
+static int get_pkcs_padding( unsigned char *input, size_t input_len,
+        size_t *data_len )
+{
+    size_t i, pad_idx;
+    unsigned char padding_len, bad = 0;
+
+    if( NULL == input || NULL == data_len )
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+    padding_len = input[input_len - 1];
+    *data_len = input_len - padding_len;
+
+    /* Avoid logical || since it results in a branch */
+    bad |= padding_len > input_len;
+    bad |= padding_len == 0;
+
+    /* The number of bytes checked must be independent of padding_len,
+     * so pick input_len, which is usually 8 or 16 (one block) */
+    pad_idx = input_len - padding_len;
+    for( i = 0; i < input_len; i++ )
+        bad |= ( input[i] ^ padding_len ) * ( i >= pad_idx );
+
+    return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
+}
+#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */
+
+#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS)
+/*
+ * One and zeros padding: fill with 80 00 ... 00
+ */
+static void add_one_and_zeros_padding( unsigned char *output,
+                                       size_t output_len, size_t data_len )
+{
+    size_t padding_len = output_len - data_len;
+    unsigned char i = 0;
+
+    output[data_len] = 0x80;
+    for( i = 1; i < padding_len; i++ )
+        output[data_len + i] = 0x00;
+}
+
+static int get_one_and_zeros_padding( unsigned char *input, size_t input_len,
+                                      size_t *data_len )
+{
+    size_t i;
+    unsigned char done = 0, prev_done, bad;
+
+    if( NULL == input || NULL == data_len )
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+    bad = 0x80;
+    *data_len = 0;
+    for( i = input_len; i > 0; i-- )
+    {
+        prev_done = done;
+        done |= ( input[i - 1] != 0 );
+        *data_len |= ( i - 1 ) * ( done != prev_done );
+        bad ^= input[i - 1] * ( done != prev_done );
+    }
+
+    return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
+
+}
+#endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */
+
+#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN)
+/*
+ * Zeros and len padding: fill with 00 ... 00 ll, where ll is padding length
+ */
+static void add_zeros_and_len_padding( unsigned char *output,
+                                       size_t output_len, size_t data_len )
+{
+    size_t padding_len = output_len - data_len;
+    unsigned char i = 0;
+
+    for( i = 1; i < padding_len; i++ )
+        output[data_len + i - 1] = 0x00;
+    output[output_len - 1] = (unsigned char) padding_len;
+}
+
+static int get_zeros_and_len_padding( unsigned char *input, size_t input_len,
+                                      size_t *data_len )
+{
+    size_t i, pad_idx;
+    unsigned char padding_len, bad = 0;
+
+    if( NULL == input || NULL == data_len )
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+    padding_len = input[input_len - 1];
+    *data_len = input_len - padding_len;
+
+    /* Avoid logical || since it results in a branch */
+    bad |= padding_len > input_len;
+    bad |= padding_len == 0;
+
+    /* The number of bytes checked must be independent of padding_len */
+    pad_idx = input_len - padding_len;
+    for( i = 0; i < input_len - 1; i++ )
+        bad |= input[i] * ( i >= pad_idx );
+
+    return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
+}
+#endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */
+
+#if defined(MBEDTLS_CIPHER_PADDING_ZEROS)
+/*
+ * Zero padding: fill with 00 ... 00
+ */
+static void add_zeros_padding( unsigned char *output,
+                               size_t output_len, size_t data_len )
+{
+    size_t i;
+
+    for( i = data_len; i < output_len; i++ )
+        output[i] = 0x00;
+}
+
+static int get_zeros_padding( unsigned char *input, size_t input_len,
+                              size_t *data_len )
+{
+    size_t i;
+    unsigned char done = 0, prev_done;
+
+    if( NULL == input || NULL == data_len )
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+    *data_len = 0;
+    for( i = input_len; i > 0; i-- )
+    {
+        prev_done = done;
+        done |= ( input[i-1] != 0 );
+        *data_len |= i * ( done != prev_done );
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_CIPHER_PADDING_ZEROS */
+
+/*
+ * No padding: don't pad :)
+ *
+ * There is no add_padding function (check for NULL in mbedtls_cipher_finish)
+ * but a trivial get_padding function
+ */
+static int get_no_padding( unsigned char *input, size_t input_len,
+                              size_t *data_len )
+{
+    if( NULL == input || NULL == data_len )
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+    *data_len = input_len;
+
+    return( 0 );
+}
+#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
+
+int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
+                   unsigned char *output, size_t *olen )
+{
+    if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen )
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+    *olen = 0;
+
+    if( MBEDTLS_MODE_CFB == ctx->cipher_info->mode ||
+        MBEDTLS_MODE_CTR == ctx->cipher_info->mode ||
+        MBEDTLS_MODE_GCM == ctx->cipher_info->mode ||
+        MBEDTLS_MODE_STREAM == ctx->cipher_info->mode )
+    {
+        return( 0 );
+    }
+
+    if( MBEDTLS_MODE_ECB == ctx->cipher_info->mode )
+    {
+        if( ctx->unprocessed_len != 0 )
+            return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
+
+        return( 0 );
+    }
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    if( MBEDTLS_MODE_CBC == ctx->cipher_info->mode )
+    {
+        int ret = 0;
+
+        if( MBEDTLS_ENCRYPT == ctx->operation )
+        {
+            /* check for 'no padding' mode */
+            if( NULL == ctx->add_padding )
+            {
+                if( 0 != ctx->unprocessed_len )
+                    return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
+
+                return( 0 );
+            }
+
+            ctx->add_padding( ctx->unprocessed_data, mbedtls_cipher_get_iv_size( ctx ),
+                    ctx->unprocessed_len );
+        }
+        else if( mbedtls_cipher_get_block_size( ctx ) != ctx->unprocessed_len )
+        {
+            /*
+             * For decrypt operations, expect a full block,
+             * or an empty block if no padding
+             */
+            if( NULL == ctx->add_padding && 0 == ctx->unprocessed_len )
+                return( 0 );
+
+            return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
+        }
+
+        /* cipher block */
+        if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
+                ctx->operation, mbedtls_cipher_get_block_size( ctx ), ctx->iv,
+                ctx->unprocessed_data, output ) ) )
+        {
+            return( ret );
+        }
+
+        /* Set output size for decryption */
+        if( MBEDTLS_DECRYPT == ctx->operation )
+            return ctx->get_padding( output, mbedtls_cipher_get_block_size( ctx ),
+                                     olen );
+
+        /* Set output size for encryption */
+        *olen = mbedtls_cipher_get_block_size( ctx );
+        return( 0 );
+    }
+#else
+    ((void) output);
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+    return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode )
+{
+    if( NULL == ctx ||
+        MBEDTLS_MODE_CBC != ctx->cipher_info->mode )
+    {
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+    }
+
+    switch( mode )
+    {
+#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+    case MBEDTLS_PADDING_PKCS7:
+        ctx->add_padding = add_pkcs_padding;
+        ctx->get_padding = get_pkcs_padding;
+        break;
+#endif
+#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS)
+    case MBEDTLS_PADDING_ONE_AND_ZEROS:
+        ctx->add_padding = add_one_and_zeros_padding;
+        ctx->get_padding = get_one_and_zeros_padding;
+        break;
+#endif
+#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN)
+    case MBEDTLS_PADDING_ZEROS_AND_LEN:
+        ctx->add_padding = add_zeros_and_len_padding;
+        ctx->get_padding = get_zeros_and_len_padding;
+        break;
+#endif
+#if defined(MBEDTLS_CIPHER_PADDING_ZEROS)
+    case MBEDTLS_PADDING_ZEROS:
+        ctx->add_padding = add_zeros_padding;
+        ctx->get_padding = get_zeros_padding;
+        break;
+#endif
+    case MBEDTLS_PADDING_NONE:
+        ctx->add_padding = NULL;
+        ctx->get_padding = get_no_padding;
+        break;
+
+    default:
+        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
+
+#if defined(MBEDTLS_GCM_C)
+int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
+                      unsigned char *tag, size_t tag_len )
+{
+    if( NULL == ctx || NULL == ctx->cipher_info || NULL == tag )
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+    if( MBEDTLS_ENCRYPT != ctx->operation )
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+    if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
+        return mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx, tag, tag_len );
+
+    return( 0 );
+}
+
+int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
+                      const unsigned char *tag, size_t tag_len )
+{
+    int ret;
+
+    if( NULL == ctx || NULL == ctx->cipher_info ||
+        MBEDTLS_DECRYPT != ctx->operation )
+    {
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+    }
+
+    if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
+    {
+        unsigned char check_tag[16];
+        size_t i;
+        int diff;
+
+        if( tag_len > sizeof( check_tag ) )
+            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+        if( 0 != ( ret = mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx,
+                                     check_tag, tag_len ) ) )
+        {
+            return( ret );
+        }
+
+        /* Check the tag in "constant-time" */
+        for( diff = 0, i = 0; i < tag_len; i++ )
+            diff |= tag[i] ^ check_tag[i];
+
+        if( diff != 0 )
+            return( MBEDTLS_ERR_CIPHER_AUTH_FAILED );
+
+        return( 0 );
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_GCM_C */
+
+/*
+ * Packet-oriented wrapper for non-AEAD modes
+ */
+int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
+                  const unsigned char *iv, size_t iv_len,
+                  const unsigned char *input, size_t ilen,
+                  unsigned char *output, size_t *olen )
+{
+    int ret;
+    size_t finish_olen;
+
+    if( ( ret = mbedtls_cipher_set_iv( ctx, iv, iv_len ) ) != 0 )
+        return( ret );
+
+    if( ( ret = mbedtls_cipher_reset( ctx ) ) != 0 )
+        return( ret );
+
+    if( ( ret = mbedtls_cipher_update( ctx, input, ilen, output, olen ) ) != 0 )
+        return( ret );
+
+    if( ( ret = mbedtls_cipher_finish( ctx, output + *olen, &finish_olen ) ) != 0 )
+        return( ret );
+
+    *olen += finish_olen;
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_AEAD)
+/*
+ * Packet-oriented encryption for AEAD modes
+ */
+int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
+                         const unsigned char *iv, size_t iv_len,
+                         const unsigned char *ad, size_t ad_len,
+                         const unsigned char *input, size_t ilen,
+                         unsigned char *output, size_t *olen,
+                         unsigned char *tag, size_t tag_len )
+{
+#if defined(MBEDTLS_GCM_C)
+    if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
+    {
+        *olen = ilen;
+        return( mbedtls_gcm_crypt_and_tag( ctx->cipher_ctx, MBEDTLS_GCM_ENCRYPT, ilen,
+                                   iv, iv_len, ad, ad_len, input, output,
+                                   tag_len, tag ) );
+    }
+#endif /* MBEDTLS_GCM_C */
+#if defined(MBEDTLS_CCM_C)
+    if( MBEDTLS_MODE_CCM == ctx->cipher_info->mode )
+    {
+        *olen = ilen;
+        return( mbedtls_ccm_encrypt_and_tag( ctx->cipher_ctx, ilen,
+                                     iv, iv_len, ad, ad_len, input, output,
+                                     tag, tag_len ) );
+    }
+#endif /* MBEDTLS_CCM_C */
+
+    return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+}
+
+/*
+ * Packet-oriented decryption for AEAD modes
+ */
+int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
+                         const unsigned char *iv, size_t iv_len,
+                         const unsigned char *ad, size_t ad_len,
+                         const unsigned char *input, size_t ilen,
+                         unsigned char *output, size_t *olen,
+                         const unsigned char *tag, size_t tag_len )
+{
+#if defined(MBEDTLS_GCM_C)
+    if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
+    {
+        int ret;
+
+        *olen = ilen;
+        ret = mbedtls_gcm_auth_decrypt( ctx->cipher_ctx, ilen,
+                                iv, iv_len, ad, ad_len,
+                                tag, tag_len, input, output );
+
+        if( ret == MBEDTLS_ERR_GCM_AUTH_FAILED )
+            ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
+
+        return( ret );
+    }
+#endif /* MBEDTLS_GCM_C */
+#if defined(MBEDTLS_CCM_C)
+    if( MBEDTLS_MODE_CCM == ctx->cipher_info->mode )
+    {
+        int ret;
+
+        *olen = ilen;
+        ret = mbedtls_ccm_auth_decrypt( ctx->cipher_ctx, ilen,
+                                iv, iv_len, ad, ad_len,
+                                input, output, tag, tag_len );
+
+        if( ret == MBEDTLS_ERR_CCM_AUTH_FAILED )
+            ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
+
+        return( ret );
+    }
+#endif /* MBEDTLS_CCM_C */
+
+    return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+}
+#endif /* MBEDTLS_CIPHER_MODE_AEAD */
+
+#endif /* MBEDTLS_CIPHER_C */
diff --git a/thirdparty/mbedtls/library/cipher_wrap.c b/thirdparty/mbedtls/library/cipher_wrap.c
new file mode 100644
index 0000000000..dc76af8ff4
--- /dev/null
+++ b/thirdparty/mbedtls/library/cipher_wrap.c
@@ -0,0 +1,1451 @@
+/**
+ * \file cipher_wrap.c
+ *
+ * \brief Generic cipher wrapper for mbed TLS
+ *
+ * \author Adriaan de Jong <dejong@fox-it.com>
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_CIPHER_C)
+
+#include "mbedtls/cipher_internal.h"
+
+#if defined(MBEDTLS_AES_C)
+#include "mbedtls/aes.h"
+#endif
+
+#if defined(MBEDTLS_ARC4_C)
+#include "mbedtls/arc4.h"
+#endif
+
+#if defined(MBEDTLS_CAMELLIA_C)
+#include "mbedtls/camellia.h"
+#endif
+
+#if defined(MBEDTLS_DES_C)
+#include "mbedtls/des.h"
+#endif
+
+#if defined(MBEDTLS_BLOWFISH_C)
+#include "mbedtls/blowfish.h"
+#endif
+
+#if defined(MBEDTLS_GCM_C)
+#include "mbedtls/gcm.h"
+#endif
+
+#if defined(MBEDTLS_CCM_C)
+#include "mbedtls/ccm.h"
+#endif
+
+#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
+#include <string.h>
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define mbedtls_calloc    calloc
+#define mbedtls_free       free
+#endif
+
+#if defined(MBEDTLS_GCM_C)
+/* shared by all GCM ciphers */
+static void *gcm_ctx_alloc( void )
+{
+    void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_gcm_context ) );
+
+    if( ctx != NULL )
+        mbedtls_gcm_init( (mbedtls_gcm_context *) ctx );
+
+    return( ctx );
+}
+
+static void gcm_ctx_free( void *ctx )
+{
+    mbedtls_gcm_free( ctx );
+    mbedtls_free( ctx );
+}
+#endif /* MBEDTLS_GCM_C */
+
+#if defined(MBEDTLS_CCM_C)
+/* shared by all CCM ciphers */
+static void *ccm_ctx_alloc( void )
+{
+    void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ccm_context ) );
+
+    if( ctx != NULL )
+        mbedtls_ccm_init( (mbedtls_ccm_context *) ctx );
+
+    return( ctx );
+}
+
+static void ccm_ctx_free( void *ctx )
+{
+    mbedtls_ccm_free( ctx );
+    mbedtls_free( ctx );
+}
+#endif /* MBEDTLS_CCM_C */
+
+#if defined(MBEDTLS_AES_C)
+
+static int aes_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation,
+        const unsigned char *input, unsigned char *output )
+{
+    return mbedtls_aes_crypt_ecb( (mbedtls_aes_context *) ctx, operation, input, output );
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static int aes_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length,
+        unsigned char *iv, const unsigned char *input, unsigned char *output )
+{
+    return mbedtls_aes_crypt_cbc( (mbedtls_aes_context *) ctx, operation, length, iv, input,
+                          output );
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+static int aes_crypt_cfb128_wrap( void *ctx, mbedtls_operation_t operation,
+        size_t length, size_t *iv_off, unsigned char *iv,
+        const unsigned char *input, unsigned char *output )
+{
+    return mbedtls_aes_crypt_cfb128( (mbedtls_aes_context *) ctx, operation, length, iv_off, iv,
+                             input, output );
+}
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+static int aes_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off,
+        unsigned char *nonce_counter, unsigned char *stream_block,
+        const unsigned char *input, unsigned char *output )
+{
+    return mbedtls_aes_crypt_ctr( (mbedtls_aes_context *) ctx, length, nc_off, nonce_counter,
+                          stream_block, input, output );
+}
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+static int aes_setkey_dec_wrap( void *ctx, const unsigned char *key,
+                                unsigned int key_bitlen )
+{
+    return mbedtls_aes_setkey_dec( (mbedtls_aes_context *) ctx, key, key_bitlen );
+}
+
+static int aes_setkey_enc_wrap( void *ctx, const unsigned char *key,
+                                unsigned int key_bitlen )
+{
+    return mbedtls_aes_setkey_enc( (mbedtls_aes_context *) ctx, key, key_bitlen );
+}
+
+static void * aes_ctx_alloc( void )
+{
+    mbedtls_aes_context *aes = mbedtls_calloc( 1, sizeof( mbedtls_aes_context ) );
+
+    if( aes == NULL )
+        return( NULL );
+
+    mbedtls_aes_init( aes );
+
+    return( aes );
+}
+
+static void aes_ctx_free( void *ctx )
+{
+    mbedtls_aes_free( (mbedtls_aes_context *) ctx );
+    mbedtls_free( ctx );
+}
+
+static const mbedtls_cipher_base_t aes_info = {
+    MBEDTLS_CIPHER_ID_AES,
+    aes_crypt_ecb_wrap,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    aes_crypt_cbc_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    aes_crypt_cfb128_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    aes_crypt_ctr_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    aes_setkey_enc_wrap,
+    aes_setkey_dec_wrap,
+    aes_ctx_alloc,
+    aes_ctx_free
+};
+
+static const mbedtls_cipher_info_t aes_128_ecb_info = {
+    MBEDTLS_CIPHER_AES_128_ECB,
+    MBEDTLS_MODE_ECB,
+    128,
+    "AES-128-ECB",
+    16,
+    0,
+    16,
+    &aes_info
+};
+
+static const mbedtls_cipher_info_t aes_192_ecb_info = {
+    MBEDTLS_CIPHER_AES_192_ECB,
+    MBEDTLS_MODE_ECB,
+    192,
+    "AES-192-ECB",
+    16,
+    0,
+    16,
+    &aes_info
+};
+
+static const mbedtls_cipher_info_t aes_256_ecb_info = {
+    MBEDTLS_CIPHER_AES_256_ECB,
+    MBEDTLS_MODE_ECB,
+    256,
+    "AES-256-ECB",
+    16,
+    0,
+    16,
+    &aes_info
+};
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static const mbedtls_cipher_info_t aes_128_cbc_info = {
+    MBEDTLS_CIPHER_AES_128_CBC,
+    MBEDTLS_MODE_CBC,
+    128,
+    "AES-128-CBC",
+    16,
+    0,
+    16,
+    &aes_info
+};
+
+static const mbedtls_cipher_info_t aes_192_cbc_info = {
+    MBEDTLS_CIPHER_AES_192_CBC,
+    MBEDTLS_MODE_CBC,
+    192,
+    "AES-192-CBC",
+    16,
+    0,
+    16,
+    &aes_info
+};
+
+static const mbedtls_cipher_info_t aes_256_cbc_info = {
+    MBEDTLS_CIPHER_AES_256_CBC,
+    MBEDTLS_MODE_CBC,
+    256,
+    "AES-256-CBC",
+    16,
+    0,
+    16,
+    &aes_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+static const mbedtls_cipher_info_t aes_128_cfb128_info = {
+    MBEDTLS_CIPHER_AES_128_CFB128,
+    MBEDTLS_MODE_CFB,
+    128,
+    "AES-128-CFB128",
+    16,
+    0,
+    16,
+    &aes_info
+};
+
+static const mbedtls_cipher_info_t aes_192_cfb128_info = {
+    MBEDTLS_CIPHER_AES_192_CFB128,
+    MBEDTLS_MODE_CFB,
+    192,
+    "AES-192-CFB128",
+    16,
+    0,
+    16,
+    &aes_info
+};
+
+static const mbedtls_cipher_info_t aes_256_cfb128_info = {
+    MBEDTLS_CIPHER_AES_256_CFB128,
+    MBEDTLS_MODE_CFB,
+    256,
+    "AES-256-CFB128",
+    16,
+    0,
+    16,
+    &aes_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+static const mbedtls_cipher_info_t aes_128_ctr_info = {
+    MBEDTLS_CIPHER_AES_128_CTR,
+    MBEDTLS_MODE_CTR,
+    128,
+    "AES-128-CTR",
+    16,
+    0,
+    16,
+    &aes_info
+};
+
+static const mbedtls_cipher_info_t aes_192_ctr_info = {
+    MBEDTLS_CIPHER_AES_192_CTR,
+    MBEDTLS_MODE_CTR,
+    192,
+    "AES-192-CTR",
+    16,
+    0,
+    16,
+    &aes_info
+};
+
+static const mbedtls_cipher_info_t aes_256_ctr_info = {
+    MBEDTLS_CIPHER_AES_256_CTR,
+    MBEDTLS_MODE_CTR,
+    256,
+    "AES-256-CTR",
+    16,
+    0,
+    16,
+    &aes_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+#if defined(MBEDTLS_GCM_C)
+static int gcm_aes_setkey_wrap( void *ctx, const unsigned char *key,
+                                unsigned int key_bitlen )
+{
+    return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_AES,
+                     key, key_bitlen );
+}
+
+static const mbedtls_cipher_base_t gcm_aes_info = {
+    MBEDTLS_CIPHER_ID_AES,
+    NULL,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    gcm_aes_setkey_wrap,
+    gcm_aes_setkey_wrap,
+    gcm_ctx_alloc,
+    gcm_ctx_free,
+};
+
+static const mbedtls_cipher_info_t aes_128_gcm_info = {
+    MBEDTLS_CIPHER_AES_128_GCM,
+    MBEDTLS_MODE_GCM,
+    128,
+    "AES-128-GCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &gcm_aes_info
+};
+
+static const mbedtls_cipher_info_t aes_192_gcm_info = {
+    MBEDTLS_CIPHER_AES_192_GCM,
+    MBEDTLS_MODE_GCM,
+    192,
+    "AES-192-GCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &gcm_aes_info
+};
+
+static const mbedtls_cipher_info_t aes_256_gcm_info = {
+    MBEDTLS_CIPHER_AES_256_GCM,
+    MBEDTLS_MODE_GCM,
+    256,
+    "AES-256-GCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &gcm_aes_info
+};
+#endif /* MBEDTLS_GCM_C */
+
+#if defined(MBEDTLS_CCM_C)
+static int ccm_aes_setkey_wrap( void *ctx, const unsigned char *key,
+                                unsigned int key_bitlen )
+{
+    return mbedtls_ccm_setkey( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_AES,
+                     key, key_bitlen );
+}
+
+static const mbedtls_cipher_base_t ccm_aes_info = {
+    MBEDTLS_CIPHER_ID_AES,
+    NULL,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    ccm_aes_setkey_wrap,
+    ccm_aes_setkey_wrap,
+    ccm_ctx_alloc,
+    ccm_ctx_free,
+};
+
+static const mbedtls_cipher_info_t aes_128_ccm_info = {
+    MBEDTLS_CIPHER_AES_128_CCM,
+    MBEDTLS_MODE_CCM,
+    128,
+    "AES-128-CCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &ccm_aes_info
+};
+
+static const mbedtls_cipher_info_t aes_192_ccm_info = {
+    MBEDTLS_CIPHER_AES_192_CCM,
+    MBEDTLS_MODE_CCM,
+    192,
+    "AES-192-CCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &ccm_aes_info
+};
+
+static const mbedtls_cipher_info_t aes_256_ccm_info = {
+    MBEDTLS_CIPHER_AES_256_CCM,
+    MBEDTLS_MODE_CCM,
+    256,
+    "AES-256-CCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &ccm_aes_info
+};
+#endif /* MBEDTLS_CCM_C */
+
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_CAMELLIA_C)
+
+static int camellia_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation,
+        const unsigned char *input, unsigned char *output )
+{
+    return mbedtls_camellia_crypt_ecb( (mbedtls_camellia_context *) ctx, operation, input,
+                               output );
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static int camellia_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation,
+        size_t length, unsigned char *iv,
+        const unsigned char *input, unsigned char *output )
+{
+    return mbedtls_camellia_crypt_cbc( (mbedtls_camellia_context *) ctx, operation, length, iv,
+                               input, output );
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+static int camellia_crypt_cfb128_wrap( void *ctx, mbedtls_operation_t operation,
+        size_t length, size_t *iv_off, unsigned char *iv,
+        const unsigned char *input, unsigned char *output )
+{
+    return mbedtls_camellia_crypt_cfb128( (mbedtls_camellia_context *) ctx, operation, length,
+                                  iv_off, iv, input, output );
+}
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+static int camellia_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off,
+        unsigned char *nonce_counter, unsigned char *stream_block,
+        const unsigned char *input, unsigned char *output )
+{
+    return mbedtls_camellia_crypt_ctr( (mbedtls_camellia_context *) ctx, length, nc_off,
+                               nonce_counter, stream_block, input, output );
+}
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+static int camellia_setkey_dec_wrap( void *ctx, const unsigned char *key,
+                                     unsigned int key_bitlen )
+{
+    return mbedtls_camellia_setkey_dec( (mbedtls_camellia_context *) ctx, key, key_bitlen );
+}
+
+static int camellia_setkey_enc_wrap( void *ctx, const unsigned char *key,
+                                     unsigned int key_bitlen )
+{
+    return mbedtls_camellia_setkey_enc( (mbedtls_camellia_context *) ctx, key, key_bitlen );
+}
+
+static void * camellia_ctx_alloc( void )
+{
+    mbedtls_camellia_context *ctx;
+    ctx = mbedtls_calloc( 1, sizeof( mbedtls_camellia_context ) );
+
+    if( ctx == NULL )
+        return( NULL );
+
+    mbedtls_camellia_init( ctx );
+
+    return( ctx );
+}
+
+static void camellia_ctx_free( void *ctx )
+{
+    mbedtls_camellia_free( (mbedtls_camellia_context *) ctx );
+    mbedtls_free( ctx );
+}
+
+static const mbedtls_cipher_base_t camellia_info = {
+    MBEDTLS_CIPHER_ID_CAMELLIA,
+    camellia_crypt_ecb_wrap,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    camellia_crypt_cbc_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    camellia_crypt_cfb128_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    camellia_crypt_ctr_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    camellia_setkey_enc_wrap,
+    camellia_setkey_dec_wrap,
+    camellia_ctx_alloc,
+    camellia_ctx_free
+};
+
+static const mbedtls_cipher_info_t camellia_128_ecb_info = {
+    MBEDTLS_CIPHER_CAMELLIA_128_ECB,
+    MBEDTLS_MODE_ECB,
+    128,
+    "CAMELLIA-128-ECB",
+    16,
+    0,
+    16,
+    &camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_192_ecb_info = {
+    MBEDTLS_CIPHER_CAMELLIA_192_ECB,
+    MBEDTLS_MODE_ECB,
+    192,
+    "CAMELLIA-192-ECB",
+    16,
+    0,
+    16,
+    &camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_256_ecb_info = {
+    MBEDTLS_CIPHER_CAMELLIA_256_ECB,
+    MBEDTLS_MODE_ECB,
+    256,
+    "CAMELLIA-256-ECB",
+    16,
+    0,
+    16,
+    &camellia_info
+};
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static const mbedtls_cipher_info_t camellia_128_cbc_info = {
+    MBEDTLS_CIPHER_CAMELLIA_128_CBC,
+    MBEDTLS_MODE_CBC,
+    128,
+    "CAMELLIA-128-CBC",
+    16,
+    0,
+    16,
+    &camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_192_cbc_info = {
+    MBEDTLS_CIPHER_CAMELLIA_192_CBC,
+    MBEDTLS_MODE_CBC,
+    192,
+    "CAMELLIA-192-CBC",
+    16,
+    0,
+    16,
+    &camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_256_cbc_info = {
+    MBEDTLS_CIPHER_CAMELLIA_256_CBC,
+    MBEDTLS_MODE_CBC,
+    256,
+    "CAMELLIA-256-CBC",
+    16,
+    0,
+    16,
+    &camellia_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+static const mbedtls_cipher_info_t camellia_128_cfb128_info = {
+    MBEDTLS_CIPHER_CAMELLIA_128_CFB128,
+    MBEDTLS_MODE_CFB,
+    128,
+    "CAMELLIA-128-CFB128",
+    16,
+    0,
+    16,
+    &camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_192_cfb128_info = {
+    MBEDTLS_CIPHER_CAMELLIA_192_CFB128,
+    MBEDTLS_MODE_CFB,
+    192,
+    "CAMELLIA-192-CFB128",
+    16,
+    0,
+    16,
+    &camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_256_cfb128_info = {
+    MBEDTLS_CIPHER_CAMELLIA_256_CFB128,
+    MBEDTLS_MODE_CFB,
+    256,
+    "CAMELLIA-256-CFB128",
+    16,
+    0,
+    16,
+    &camellia_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+static const mbedtls_cipher_info_t camellia_128_ctr_info = {
+    MBEDTLS_CIPHER_CAMELLIA_128_CTR,
+    MBEDTLS_MODE_CTR,
+    128,
+    "CAMELLIA-128-CTR",
+    16,
+    0,
+    16,
+    &camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_192_ctr_info = {
+    MBEDTLS_CIPHER_CAMELLIA_192_CTR,
+    MBEDTLS_MODE_CTR,
+    192,
+    "CAMELLIA-192-CTR",
+    16,
+    0,
+    16,
+    &camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_256_ctr_info = {
+    MBEDTLS_CIPHER_CAMELLIA_256_CTR,
+    MBEDTLS_MODE_CTR,
+    256,
+    "CAMELLIA-256-CTR",
+    16,
+    0,
+    16,
+    &camellia_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+#if defined(MBEDTLS_GCM_C)
+static int gcm_camellia_setkey_wrap( void *ctx, const unsigned char *key,
+                                     unsigned int key_bitlen )
+{
+    return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA,
+                     key, key_bitlen );
+}
+
+static const mbedtls_cipher_base_t gcm_camellia_info = {
+    MBEDTLS_CIPHER_ID_CAMELLIA,
+    NULL,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    gcm_camellia_setkey_wrap,
+    gcm_camellia_setkey_wrap,
+    gcm_ctx_alloc,
+    gcm_ctx_free,
+};
+
+static const mbedtls_cipher_info_t camellia_128_gcm_info = {
+    MBEDTLS_CIPHER_CAMELLIA_128_GCM,
+    MBEDTLS_MODE_GCM,
+    128,
+    "CAMELLIA-128-GCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &gcm_camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_192_gcm_info = {
+    MBEDTLS_CIPHER_CAMELLIA_192_GCM,
+    MBEDTLS_MODE_GCM,
+    192,
+    "CAMELLIA-192-GCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &gcm_camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_256_gcm_info = {
+    MBEDTLS_CIPHER_CAMELLIA_256_GCM,
+    MBEDTLS_MODE_GCM,
+    256,
+    "CAMELLIA-256-GCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &gcm_camellia_info
+};
+#endif /* MBEDTLS_GCM_C */
+
+#if defined(MBEDTLS_CCM_C)
+static int ccm_camellia_setkey_wrap( void *ctx, const unsigned char *key,
+                                     unsigned int key_bitlen )
+{
+    return mbedtls_ccm_setkey( (mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA,
+                     key, key_bitlen );
+}
+
+static const mbedtls_cipher_base_t ccm_camellia_info = {
+    MBEDTLS_CIPHER_ID_CAMELLIA,
+    NULL,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    ccm_camellia_setkey_wrap,
+    ccm_camellia_setkey_wrap,
+    ccm_ctx_alloc,
+    ccm_ctx_free,
+};
+
+static const mbedtls_cipher_info_t camellia_128_ccm_info = {
+    MBEDTLS_CIPHER_CAMELLIA_128_CCM,
+    MBEDTLS_MODE_CCM,
+    128,
+    "CAMELLIA-128-CCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &ccm_camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_192_ccm_info = {
+    MBEDTLS_CIPHER_CAMELLIA_192_CCM,
+    MBEDTLS_MODE_CCM,
+    192,
+    "CAMELLIA-192-CCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &ccm_camellia_info
+};
+
+static const mbedtls_cipher_info_t camellia_256_ccm_info = {
+    MBEDTLS_CIPHER_CAMELLIA_256_CCM,
+    MBEDTLS_MODE_CCM,
+    256,
+    "CAMELLIA-256-CCM",
+    12,
+    MBEDTLS_CIPHER_VARIABLE_IV_LEN,
+    16,
+    &ccm_camellia_info
+};
+#endif /* MBEDTLS_CCM_C */
+
+#endif /* MBEDTLS_CAMELLIA_C */
+
+#if defined(MBEDTLS_DES_C)
+
+static int des_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation,
+        const unsigned char *input, unsigned char *output )
+{
+    ((void) operation);
+    return mbedtls_des_crypt_ecb( (mbedtls_des_context *) ctx, input, output );
+}
+
+static int des3_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation,
+        const unsigned char *input, unsigned char *output )
+{
+    ((void) operation);
+    return mbedtls_des3_crypt_ecb( (mbedtls_des3_context *) ctx, input, output );
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static int des_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length,
+        unsigned char *iv, const unsigned char *input, unsigned char *output )
+{
+    return mbedtls_des_crypt_cbc( (mbedtls_des_context *) ctx, operation, length, iv, input,
+                          output );
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static int des3_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation, size_t length,
+        unsigned char *iv, const unsigned char *input, unsigned char *output )
+{
+    return mbedtls_des3_crypt_cbc( (mbedtls_des3_context *) ctx, operation, length, iv, input,
+                           output );
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+static int des_setkey_dec_wrap( void *ctx, const unsigned char *key,
+                                unsigned int key_bitlen )
+{
+    ((void) key_bitlen);
+
+    return mbedtls_des_setkey_dec( (mbedtls_des_context *) ctx, key );
+}
+
+static int des_setkey_enc_wrap( void *ctx, const unsigned char *key,
+                                unsigned int key_bitlen )
+{
+    ((void) key_bitlen);
+
+    return mbedtls_des_setkey_enc( (mbedtls_des_context *) ctx, key );
+}
+
+static int des3_set2key_dec_wrap( void *ctx, const unsigned char *key,
+                                  unsigned int key_bitlen )
+{
+    ((void) key_bitlen);
+
+    return mbedtls_des3_set2key_dec( (mbedtls_des3_context *) ctx, key );
+}
+
+static int des3_set2key_enc_wrap( void *ctx, const unsigned char *key,
+                                  unsigned int key_bitlen )
+{
+    ((void) key_bitlen);
+
+    return mbedtls_des3_set2key_enc( (mbedtls_des3_context *) ctx, key );
+}
+
+static int des3_set3key_dec_wrap( void *ctx, const unsigned char *key,
+                                  unsigned int key_bitlen )
+{
+    ((void) key_bitlen);
+
+    return mbedtls_des3_set3key_dec( (mbedtls_des3_context *) ctx, key );
+}
+
+static int des3_set3key_enc_wrap( void *ctx, const unsigned char *key,
+                                  unsigned int key_bitlen )
+{
+    ((void) key_bitlen);
+
+    return mbedtls_des3_set3key_enc( (mbedtls_des3_context *) ctx, key );
+}
+
+static void * des_ctx_alloc( void )
+{
+    mbedtls_des_context *des = mbedtls_calloc( 1, sizeof( mbedtls_des_context ) );
+
+    if( des == NULL )
+        return( NULL );
+
+    mbedtls_des_init( des );
+
+    return( des );
+}
+
+static void des_ctx_free( void *ctx )
+{
+    mbedtls_des_free( (mbedtls_des_context *) ctx );
+    mbedtls_free( ctx );
+}
+
+static void * des3_ctx_alloc( void )
+{
+    mbedtls_des3_context *des3;
+    des3 = mbedtls_calloc( 1, sizeof( mbedtls_des3_context ) );
+
+    if( des3 == NULL )
+        return( NULL );
+
+    mbedtls_des3_init( des3 );
+
+    return( des3 );
+}
+
+static void des3_ctx_free( void *ctx )
+{
+    mbedtls_des3_free( (mbedtls_des3_context *) ctx );
+    mbedtls_free( ctx );
+}
+
+static const mbedtls_cipher_base_t des_info = {
+    MBEDTLS_CIPHER_ID_DES,
+    des_crypt_ecb_wrap,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    des_crypt_cbc_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    des_setkey_enc_wrap,
+    des_setkey_dec_wrap,
+    des_ctx_alloc,
+    des_ctx_free
+};
+
+static const mbedtls_cipher_info_t des_ecb_info = {
+    MBEDTLS_CIPHER_DES_ECB,
+    MBEDTLS_MODE_ECB,
+    MBEDTLS_KEY_LENGTH_DES,
+    "DES-ECB",
+    8,
+    0,
+    8,
+    &des_info
+};
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static const mbedtls_cipher_info_t des_cbc_info = {
+    MBEDTLS_CIPHER_DES_CBC,
+    MBEDTLS_MODE_CBC,
+    MBEDTLS_KEY_LENGTH_DES,
+    "DES-CBC",
+    8,
+    0,
+    8,
+    &des_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+static const mbedtls_cipher_base_t des_ede_info = {
+    MBEDTLS_CIPHER_ID_DES,
+    des3_crypt_ecb_wrap,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    des3_crypt_cbc_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    des3_set2key_enc_wrap,
+    des3_set2key_dec_wrap,
+    des3_ctx_alloc,
+    des3_ctx_free
+};
+
+static const mbedtls_cipher_info_t des_ede_ecb_info = {
+    MBEDTLS_CIPHER_DES_EDE_ECB,
+    MBEDTLS_MODE_ECB,
+    MBEDTLS_KEY_LENGTH_DES_EDE,
+    "DES-EDE-ECB",
+    8,
+    0,
+    8,
+    &des_ede_info
+};
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static const mbedtls_cipher_info_t des_ede_cbc_info = {
+    MBEDTLS_CIPHER_DES_EDE_CBC,
+    MBEDTLS_MODE_CBC,
+    MBEDTLS_KEY_LENGTH_DES_EDE,
+    "DES-EDE-CBC",
+    8,
+    0,
+    8,
+    &des_ede_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+static const mbedtls_cipher_base_t des_ede3_info = {
+    MBEDTLS_CIPHER_ID_3DES,
+    des3_crypt_ecb_wrap,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    des3_crypt_cbc_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    des3_set3key_enc_wrap,
+    des3_set3key_dec_wrap,
+    des3_ctx_alloc,
+    des3_ctx_free
+};
+
+static const mbedtls_cipher_info_t des_ede3_ecb_info = {
+    MBEDTLS_CIPHER_DES_EDE3_ECB,
+    MBEDTLS_MODE_ECB,
+    MBEDTLS_KEY_LENGTH_DES_EDE3,
+    "DES-EDE3-ECB",
+    8,
+    0,
+    8,
+    &des_ede3_info
+};
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static const mbedtls_cipher_info_t des_ede3_cbc_info = {
+    MBEDTLS_CIPHER_DES_EDE3_CBC,
+    MBEDTLS_MODE_CBC,
+    MBEDTLS_KEY_LENGTH_DES_EDE3,
+    "DES-EDE3-CBC",
+    8,
+    0,
+    8,
+    &des_ede3_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_BLOWFISH_C)
+
+static int blowfish_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation,
+        const unsigned char *input, unsigned char *output )
+{
+    return mbedtls_blowfish_crypt_ecb( (mbedtls_blowfish_context *) ctx, operation, input,
+                               output );
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static int blowfish_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation,
+        size_t length, unsigned char *iv, const unsigned char *input,
+        unsigned char *output )
+{
+    return mbedtls_blowfish_crypt_cbc( (mbedtls_blowfish_context *) ctx, operation, length, iv,
+                               input, output );
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+static int blowfish_crypt_cfb64_wrap( void *ctx, mbedtls_operation_t operation,
+        size_t length, size_t *iv_off, unsigned char *iv,
+        const unsigned char *input, unsigned char *output )
+{
+    return mbedtls_blowfish_crypt_cfb64( (mbedtls_blowfish_context *) ctx, operation, length,
+                                 iv_off, iv, input, output );
+}
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+static int blowfish_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off,
+        unsigned char *nonce_counter, unsigned char *stream_block,
+        const unsigned char *input, unsigned char *output )
+{
+    return mbedtls_blowfish_crypt_ctr( (mbedtls_blowfish_context *) ctx, length, nc_off,
+                               nonce_counter, stream_block, input, output );
+}
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+
+static int blowfish_setkey_wrap( void *ctx, const unsigned char *key,
+                                 unsigned int key_bitlen )
+{
+    return mbedtls_blowfish_setkey( (mbedtls_blowfish_context *) ctx, key, key_bitlen );
+}
+
+static void * blowfish_ctx_alloc( void )
+{
+    mbedtls_blowfish_context *ctx;
+    ctx = mbedtls_calloc( 1, sizeof( mbedtls_blowfish_context ) );
+
+    if( ctx == NULL )
+        return( NULL );
+
+    mbedtls_blowfish_init( ctx );
+
+    return( ctx );
+}
+
+static void blowfish_ctx_free( void *ctx )
+{
+    mbedtls_blowfish_free( (mbedtls_blowfish_context *) ctx );
+    mbedtls_free( ctx );
+}
+
+static const mbedtls_cipher_base_t blowfish_info = {
+    MBEDTLS_CIPHER_ID_BLOWFISH,
+    blowfish_crypt_ecb_wrap,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    blowfish_crypt_cbc_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    blowfish_crypt_cfb64_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    blowfish_crypt_ctr_wrap,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    NULL,
+#endif
+    blowfish_setkey_wrap,
+    blowfish_setkey_wrap,
+    blowfish_ctx_alloc,
+    blowfish_ctx_free
+};
+
+static const mbedtls_cipher_info_t blowfish_ecb_info = {
+    MBEDTLS_CIPHER_BLOWFISH_ECB,
+    MBEDTLS_MODE_ECB,
+    128,
+    "BLOWFISH-ECB",
+    8,
+    MBEDTLS_CIPHER_VARIABLE_KEY_LEN,
+    8,
+    &blowfish_info
+};
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static const mbedtls_cipher_info_t blowfish_cbc_info = {
+    MBEDTLS_CIPHER_BLOWFISH_CBC,
+    MBEDTLS_MODE_CBC,
+    128,
+    "BLOWFISH-CBC",
+    8,
+    MBEDTLS_CIPHER_VARIABLE_KEY_LEN,
+    8,
+    &blowfish_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+static const mbedtls_cipher_info_t blowfish_cfb64_info = {
+    MBEDTLS_CIPHER_BLOWFISH_CFB64,
+    MBEDTLS_MODE_CFB,
+    128,
+    "BLOWFISH-CFB64",
+    8,
+    MBEDTLS_CIPHER_VARIABLE_KEY_LEN,
+    8,
+    &blowfish_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+static const mbedtls_cipher_info_t blowfish_ctr_info = {
+    MBEDTLS_CIPHER_BLOWFISH_CTR,
+    MBEDTLS_MODE_CTR,
+    128,
+    "BLOWFISH-CTR",
+    8,
+    MBEDTLS_CIPHER_VARIABLE_KEY_LEN,
+    8,
+    &blowfish_info
+};
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+#endif /* MBEDTLS_BLOWFISH_C */
+
+#if defined(MBEDTLS_ARC4_C)
+static int arc4_crypt_stream_wrap( void *ctx, size_t length,
+                                   const unsigned char *input,
+                                   unsigned char *output )
+{
+    return( mbedtls_arc4_crypt( (mbedtls_arc4_context *) ctx, length, input, output ) );
+}
+
+static int arc4_setkey_wrap( void *ctx, const unsigned char *key,
+                             unsigned int key_bitlen )
+{
+    /* we get key_bitlen in bits, arc4 expects it in bytes */
+    if( key_bitlen % 8 != 0 )
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+    mbedtls_arc4_setup( (mbedtls_arc4_context *) ctx, key, key_bitlen / 8 );
+    return( 0 );
+}
+
+static void * arc4_ctx_alloc( void )
+{
+    mbedtls_arc4_context *ctx;
+    ctx = mbedtls_calloc( 1, sizeof( mbedtls_arc4_context ) );
+
+    if( ctx == NULL )
+        return( NULL );
+
+    mbedtls_arc4_init( ctx );
+
+    return( ctx );
+}
+
+static void arc4_ctx_free( void *ctx )
+{
+    mbedtls_arc4_free( (mbedtls_arc4_context *) ctx );
+    mbedtls_free( ctx );
+}
+
+static const mbedtls_cipher_base_t arc4_base_info = {
+    MBEDTLS_CIPHER_ID_ARC4,
+    NULL,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    arc4_crypt_stream_wrap,
+#endif
+    arc4_setkey_wrap,
+    arc4_setkey_wrap,
+    arc4_ctx_alloc,
+    arc4_ctx_free
+};
+
+static const mbedtls_cipher_info_t arc4_128_info = {
+    MBEDTLS_CIPHER_ARC4_128,
+    MBEDTLS_MODE_STREAM,
+    128,
+    "ARC4-128",
+    0,
+    0,
+    1,
+    &arc4_base_info
+};
+#endif /* MBEDTLS_ARC4_C */
+
+#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
+static int null_crypt_stream( void *ctx, size_t length,
+                              const unsigned char *input,
+                              unsigned char *output )
+{
+    ((void) ctx);
+    memmove( output, input, length );
+    return( 0 );
+}
+
+static int null_setkey( void *ctx, const unsigned char *key,
+                        unsigned int key_bitlen )
+{
+    ((void) ctx);
+    ((void) key);
+    ((void) key_bitlen);
+
+    return( 0 );
+}
+
+static void * null_ctx_alloc( void )
+{
+    return( (void *) 1 );
+}
+
+static void null_ctx_free( void *ctx )
+{
+    ((void) ctx);
+}
+
+static const mbedtls_cipher_base_t null_base_info = {
+    MBEDTLS_CIPHER_ID_NULL,
+    NULL,
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    NULL,
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_STREAM)
+    null_crypt_stream,
+#endif
+    null_setkey,
+    null_setkey,
+    null_ctx_alloc,
+    null_ctx_free
+};
+
+static const mbedtls_cipher_info_t null_cipher_info = {
+    MBEDTLS_CIPHER_NULL,
+    MBEDTLS_MODE_STREAM,
+    0,
+    "NULL",
+    0,
+    0,
+    1,
+    &null_base_info
+};
+#endif /* defined(MBEDTLS_CIPHER_NULL_CIPHER) */
+
+const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] =
+{
+#if defined(MBEDTLS_AES_C)
+    { MBEDTLS_CIPHER_AES_128_ECB,          &aes_128_ecb_info },
+    { MBEDTLS_CIPHER_AES_192_ECB,          &aes_192_ecb_info },
+    { MBEDTLS_CIPHER_AES_256_ECB,          &aes_256_ecb_info },
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_CIPHER_AES_128_CBC,          &aes_128_cbc_info },
+    { MBEDTLS_CIPHER_AES_192_CBC,          &aes_192_cbc_info },
+    { MBEDTLS_CIPHER_AES_256_CBC,          &aes_256_cbc_info },
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    { MBEDTLS_CIPHER_AES_128_CFB128,       &aes_128_cfb128_info },
+    { MBEDTLS_CIPHER_AES_192_CFB128,       &aes_192_cfb128_info },
+    { MBEDTLS_CIPHER_AES_256_CFB128,       &aes_256_cfb128_info },
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    { MBEDTLS_CIPHER_AES_128_CTR,          &aes_128_ctr_info },
+    { MBEDTLS_CIPHER_AES_192_CTR,          &aes_192_ctr_info },
+    { MBEDTLS_CIPHER_AES_256_CTR,          &aes_256_ctr_info },
+#endif
+#if defined(MBEDTLS_GCM_C)
+    { MBEDTLS_CIPHER_AES_128_GCM,          &aes_128_gcm_info },
+    { MBEDTLS_CIPHER_AES_192_GCM,          &aes_192_gcm_info },
+    { MBEDTLS_CIPHER_AES_256_GCM,          &aes_256_gcm_info },
+#endif
+#if defined(MBEDTLS_CCM_C)
+    { MBEDTLS_CIPHER_AES_128_CCM,          &aes_128_ccm_info },
+    { MBEDTLS_CIPHER_AES_192_CCM,          &aes_192_ccm_info },
+    { MBEDTLS_CIPHER_AES_256_CCM,          &aes_256_ccm_info },
+#endif
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_ARC4_C)
+    { MBEDTLS_CIPHER_ARC4_128,             &arc4_128_info },
+#endif
+
+#if defined(MBEDTLS_BLOWFISH_C)
+    { MBEDTLS_CIPHER_BLOWFISH_ECB,         &blowfish_ecb_info },
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_CIPHER_BLOWFISH_CBC,         &blowfish_cbc_info },
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    { MBEDTLS_CIPHER_BLOWFISH_CFB64,       &blowfish_cfb64_info },
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    { MBEDTLS_CIPHER_BLOWFISH_CTR,         &blowfish_ctr_info },
+#endif
+#endif /* MBEDTLS_BLOWFISH_C */
+
+#if defined(MBEDTLS_CAMELLIA_C)
+    { MBEDTLS_CIPHER_CAMELLIA_128_ECB,     &camellia_128_ecb_info },
+    { MBEDTLS_CIPHER_CAMELLIA_192_ECB,     &camellia_192_ecb_info },
+    { MBEDTLS_CIPHER_CAMELLIA_256_ECB,     &camellia_256_ecb_info },
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_CIPHER_CAMELLIA_128_CBC,     &camellia_128_cbc_info },
+    { MBEDTLS_CIPHER_CAMELLIA_192_CBC,     &camellia_192_cbc_info },
+    { MBEDTLS_CIPHER_CAMELLIA_256_CBC,     &camellia_256_cbc_info },
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    { MBEDTLS_CIPHER_CAMELLIA_128_CFB128,  &camellia_128_cfb128_info },
+    { MBEDTLS_CIPHER_CAMELLIA_192_CFB128,  &camellia_192_cfb128_info },
+    { MBEDTLS_CIPHER_CAMELLIA_256_CFB128,  &camellia_256_cfb128_info },
+#endif
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    { MBEDTLS_CIPHER_CAMELLIA_128_CTR,     &camellia_128_ctr_info },
+    { MBEDTLS_CIPHER_CAMELLIA_192_CTR,     &camellia_192_ctr_info },
+    { MBEDTLS_CIPHER_CAMELLIA_256_CTR,     &camellia_256_ctr_info },
+#endif
+#if defined(MBEDTLS_GCM_C)
+    { MBEDTLS_CIPHER_CAMELLIA_128_GCM,     &camellia_128_gcm_info },
+    { MBEDTLS_CIPHER_CAMELLIA_192_GCM,     &camellia_192_gcm_info },
+    { MBEDTLS_CIPHER_CAMELLIA_256_GCM,     &camellia_256_gcm_info },
+#endif
+#if defined(MBEDTLS_CCM_C)
+    { MBEDTLS_CIPHER_CAMELLIA_128_CCM,     &camellia_128_ccm_info },
+    { MBEDTLS_CIPHER_CAMELLIA_192_CCM,     &camellia_192_ccm_info },
+    { MBEDTLS_CIPHER_CAMELLIA_256_CCM,     &camellia_256_ccm_info },
+#endif
+#endif /* MBEDTLS_CAMELLIA_C */
+
+#if defined(MBEDTLS_DES_C)
+    { MBEDTLS_CIPHER_DES_ECB,              &des_ecb_info },
+    { MBEDTLS_CIPHER_DES_EDE_ECB,          &des_ede_ecb_info },
+    { MBEDTLS_CIPHER_DES_EDE3_ECB,         &des_ede3_ecb_info },
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_CIPHER_DES_CBC,              &des_cbc_info },
+    { MBEDTLS_CIPHER_DES_EDE_CBC,          &des_ede_cbc_info },
+    { MBEDTLS_CIPHER_DES_EDE3_CBC,         &des_ede3_cbc_info },
+#endif
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
+    { MBEDTLS_CIPHER_NULL,                 &null_cipher_info },
+#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
+
+    { MBEDTLS_CIPHER_NONE, NULL }
+};
+
+#define NUM_CIPHERS sizeof mbedtls_cipher_definitions / sizeof mbedtls_cipher_definitions[0]
+int mbedtls_cipher_supported[NUM_CIPHERS];
+
+#endif /* MBEDTLS_CIPHER_C */
diff --git a/thirdparty/mbedtls/library/cmac.c b/thirdparty/mbedtls/library/cmac.c
new file mode 100644
index 0000000000..9dbff90386
--- /dev/null
+++ b/thirdparty/mbedtls/library/cmac.c
@@ -0,0 +1,1080 @@
+/**
+ * \file cmac.c
+ *
+ * \brief NIST SP800-38B compliant CMAC implementation for AES and 3DES
+ *
+ *  Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/*
+ * References:
+ *
+ * - NIST SP 800-38B Recommendation for Block Cipher Modes of Operation: The
+ *      CMAC Mode for Authentication
+ *   http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38b.pdf
+ *
+ * - RFC 4493 - The AES-CMAC Algorithm
+ *   https://tools.ietf.org/html/rfc4493
+ *
+ * - RFC 4615 - The Advanced Encryption Standard-Cipher-based Message
+ *      Authentication Code-Pseudo-Random Function-128 (AES-CMAC-PRF-128)
+ *      Algorithm for the Internet Key Exchange Protocol (IKE)
+ *   https://tools.ietf.org/html/rfc4615
+ *
+ *   Additional test vectors: ISO/IEC 9797-1
+ *
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_CMAC_C)
+
+#include "mbedtls/cmac.h"
+
+#include <string.h>
+
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define mbedtls_calloc     calloc
+#define mbedtls_free       free
+#if defined(MBEDTLS_SELF_TEST)
+#include <stdio.h>
+#define mbedtls_printf     printf
+#endif /* MBEDTLS_SELF_TEST */
+#endif /* MBEDTLS_PLATFORM_C */
+
+#if !defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST)
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
+}
+
+/*
+ * Multiplication by u in the Galois field of GF(2^n)
+ *
+ * As explained in NIST SP 800-38B, this can be computed:
+ *
+ *   If MSB(p) = 0, then p = (p << 1)
+ *   If MSB(p) = 1, then p = (p << 1) ^ R_n
+ *   with R_64 = 0x1B and  R_128 = 0x87
+ *
+ * Input and output MUST NOT point to the same buffer
+ * Block size must be 8 bytes or 16 bytes - the block sizes for DES and AES.
+ */
+static int cmac_multiply_by_u( unsigned char *output,
+                               const unsigned char *input,
+                               size_t blocksize )
+{
+    const unsigned char R_128 = 0x87;
+    const unsigned char R_64 = 0x1B;
+    unsigned char R_n, mask;
+    unsigned char overflow = 0x00;
+    int i;
+
+    if( blocksize == MBEDTLS_AES_BLOCK_SIZE )
+    {
+        R_n = R_128;
+    }
+    else if( blocksize == MBEDTLS_DES3_BLOCK_SIZE )
+    {
+        R_n = R_64;
+    }
+    else
+    {
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+    }
+
+    for( i = (int)blocksize - 1; i >= 0; i-- )
+    {
+        output[i] = input[i] << 1 | overflow;
+        overflow = input[i] >> 7;
+    }
+
+    /* mask = ( input[0] >> 7 ) ? 0xff : 0x00
+     * using bit operations to avoid branches */
+
+    /* MSVC has a warning about unary minus on unsigned, but this is
+     * well-defined and precisely what we want to do here */
+#if defined(_MSC_VER)
+#pragma warning( push )
+#pragma warning( disable : 4146 )
+#endif
+    mask = - ( input[0] >> 7 );
+#if defined(_MSC_VER)
+#pragma warning( pop )
+#endif
+
+    output[ blocksize - 1 ] ^= R_n & mask;
+
+    return( 0 );
+}
+
+/*
+ * Generate subkeys
+ *
+ * - as specified by RFC 4493, section 2.3 Subkey Generation Algorithm
+ */
+static int cmac_generate_subkeys( mbedtls_cipher_context_t *ctx,
+                                  unsigned char* K1, unsigned char* K2 )
+{
+    int ret;
+    unsigned char L[MBEDTLS_CIPHER_BLKSIZE_MAX];
+    size_t olen, block_size;
+
+    mbedtls_zeroize( L, sizeof( L ) );
+
+    block_size = ctx->cipher_info->block_size;
+
+    /* Calculate Ek(0) */
+    if( ( ret = mbedtls_cipher_update( ctx, L, block_size, L, &olen ) ) != 0 )
+        goto exit;
+
+    /*
+     * Generate K1 and K2
+     */
+    if( ( ret = cmac_multiply_by_u( K1, L , block_size ) ) != 0 )
+        goto exit;
+
+    if( ( ret = cmac_multiply_by_u( K2, K1 , block_size ) ) != 0 )
+        goto exit;
+
+exit:
+    mbedtls_zeroize( L, sizeof( L ) );
+
+    return( ret );
+}
+#endif /* !defined(MBEDTLS_CMAC_ALT) || defined(MBEDTLS_SELF_TEST) */
+
+#if !defined(MBEDTLS_CMAC_ALT)
+static void cmac_xor_block( unsigned char *output, const unsigned char *input1,
+                            const unsigned char *input2,
+                            const size_t block_size )
+{
+    size_t idx;
+
+    for( idx = 0; idx < block_size; idx++ )
+        output[ idx ] = input1[ idx ] ^ input2[ idx ];
+}
+
+/*
+ * Create padded last block from (partial) last block.
+ *
+ * We can't use the padding option from the cipher layer, as it only works for
+ * CBC and we use ECB mode, and anyway we need to XOR K1 or K2 in addition.
+ */
+static void cmac_pad( unsigned char padded_block[MBEDTLS_CIPHER_BLKSIZE_MAX],
+                      size_t padded_block_len,
+                      const unsigned char *last_block,
+                      size_t last_block_len )
+{
+    size_t j;
+
+    for( j = 0; j < padded_block_len; j++ )
+    {
+        if( j < last_block_len )
+            padded_block[j] = last_block[j];
+        else if( j == last_block_len )
+            padded_block[j] = 0x80;
+        else
+            padded_block[j] = 0x00;
+    }
+}
+
+int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
+                                const unsigned char *key, size_t keybits )
+{
+    mbedtls_cipher_type_t type;
+    mbedtls_cmac_context_t *cmac_ctx;
+    int retval;
+
+    if( ctx == NULL || ctx->cipher_info == NULL || key == NULL )
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+    if( ( retval = mbedtls_cipher_setkey( ctx, key, (int)keybits,
+                                          MBEDTLS_ENCRYPT ) ) != 0 )
+        return( retval );
+
+    type = ctx->cipher_info->type;
+
+    switch( type )
+    {
+        case MBEDTLS_CIPHER_AES_128_ECB:
+        case MBEDTLS_CIPHER_AES_192_ECB:
+        case MBEDTLS_CIPHER_AES_256_ECB:
+        case MBEDTLS_CIPHER_DES_EDE3_ECB:
+            break;
+        default:
+            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+    }
+
+    /* Allocated and initialise in the cipher context memory for the CMAC
+     * context */
+    cmac_ctx = mbedtls_calloc( 1, sizeof( mbedtls_cmac_context_t ) );
+    if( cmac_ctx == NULL )
+        return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED );
+
+    ctx->cmac_ctx = cmac_ctx;
+
+    mbedtls_zeroize( cmac_ctx->state, sizeof( cmac_ctx->state ) );
+
+    return 0;
+}
+
+int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
+                                const unsigned char *input, size_t ilen )
+{
+    mbedtls_cmac_context_t* cmac_ctx;
+    unsigned char *state;
+    int ret = 0;
+    size_t n, j, olen, block_size;
+
+    if( ctx == NULL || ctx->cipher_info == NULL || input == NULL ||
+        ctx->cmac_ctx == NULL )
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+    cmac_ctx = ctx->cmac_ctx;
+    block_size = ctx->cipher_info->block_size;
+    state = ctx->cmac_ctx->state;
+
+    /* Is there data still to process from the last call, that's greater in
+     * size than a block? */
+    if( cmac_ctx->unprocessed_len > 0 &&
+        ilen > block_size - cmac_ctx->unprocessed_len )
+    {
+        memcpy( &cmac_ctx->unprocessed_block[cmac_ctx->unprocessed_len],
+                input,
+                block_size - cmac_ctx->unprocessed_len );
+
+        cmac_xor_block( state, cmac_ctx->unprocessed_block, state, block_size );
+
+        if( ( ret = mbedtls_cipher_update( ctx, state, block_size, state,
+                                           &olen ) ) != 0 )
+        {
+           goto exit;
+        }
+
+        input += block_size - cmac_ctx->unprocessed_len;
+        ilen -= block_size - cmac_ctx->unprocessed_len;
+        cmac_ctx->unprocessed_len = 0;
+    }
+
+    /* n is the number of blocks including any final partial block */
+    n = ( ilen + block_size - 1 ) / block_size;
+
+    /* Iterate across the input data in block sized chunks, excluding any
+     * final partial or complete block */
+    for( j = 1; j < n; j++ )
+    {
+        cmac_xor_block( state, input, state, block_size );
+
+        if( ( ret = mbedtls_cipher_update( ctx, state, block_size, state,
+                                           &olen ) ) != 0 )
+           goto exit;
+
+        ilen -= block_size;
+        input += block_size;
+    }
+
+    /* If there is data left over that wasn't aligned to a block */
+    if( ilen > 0 )
+    {
+        memcpy( &cmac_ctx->unprocessed_block[cmac_ctx->unprocessed_len],
+                input,
+                ilen );
+        cmac_ctx->unprocessed_len += ilen;
+    }
+
+exit:
+    return( ret );
+}
+
+int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
+                                unsigned char *output )
+{
+    mbedtls_cmac_context_t* cmac_ctx;
+    unsigned char *state, *last_block;
+    unsigned char K1[MBEDTLS_CIPHER_BLKSIZE_MAX];
+    unsigned char K2[MBEDTLS_CIPHER_BLKSIZE_MAX];
+    unsigned char M_last[MBEDTLS_CIPHER_BLKSIZE_MAX];
+    int ret;
+    size_t olen, block_size;
+
+    if( ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL ||
+        output == NULL )
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+    cmac_ctx = ctx->cmac_ctx;
+    block_size = ctx->cipher_info->block_size;
+    state = cmac_ctx->state;
+
+    mbedtls_zeroize( K1, sizeof( K1 ) );
+    mbedtls_zeroize( K2, sizeof( K2 ) );
+    cmac_generate_subkeys( ctx, K1, K2 );
+
+    last_block = cmac_ctx->unprocessed_block;
+
+    /* Calculate last block */
+    if( cmac_ctx->unprocessed_len < block_size )
+    {
+        cmac_pad( M_last, block_size, last_block, cmac_ctx->unprocessed_len );
+        cmac_xor_block( M_last, M_last, K2, block_size );
+    }
+    else
+    {
+        /* Last block is complete block */
+        cmac_xor_block( M_last, last_block, K1, block_size );
+    }
+
+
+    cmac_xor_block( state, M_last, state, block_size );
+    if( ( ret = mbedtls_cipher_update( ctx, state, block_size, state,
+                                       &olen ) ) != 0 )
+    {
+        goto exit;
+    }
+
+    memcpy( output, state, block_size );
+
+exit:
+    /* Wipe the generated keys on the stack, and any other transients to avoid
+     * side channel leakage */
+    mbedtls_zeroize( K1, sizeof( K1 ) );
+    mbedtls_zeroize( K2, sizeof( K2 ) );
+
+    cmac_ctx->unprocessed_len = 0;
+    mbedtls_zeroize( cmac_ctx->unprocessed_block,
+                     sizeof( cmac_ctx->unprocessed_block ) );
+
+    mbedtls_zeroize( state, MBEDTLS_CIPHER_BLKSIZE_MAX );
+    return( ret );
+}
+
+int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx )
+{
+    mbedtls_cmac_context_t* cmac_ctx;
+
+    if( ctx == NULL || ctx->cipher_info == NULL || ctx->cmac_ctx == NULL )
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+    cmac_ctx = ctx->cmac_ctx;
+
+    /* Reset the internal state */
+    cmac_ctx->unprocessed_len = 0;
+    mbedtls_zeroize( cmac_ctx->unprocessed_block,
+                     sizeof( cmac_ctx->unprocessed_block ) );
+    mbedtls_zeroize( cmac_ctx->state,
+                     sizeof( cmac_ctx->state ) );
+
+    return( 0 );
+}
+
+int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info,
+                         const unsigned char *key, size_t keylen,
+                         const unsigned char *input, size_t ilen,
+                         unsigned char *output )
+{
+    mbedtls_cipher_context_t ctx;
+    int ret;
+
+    if( cipher_info == NULL || key == NULL || input == NULL || output == NULL )
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+    mbedtls_cipher_init( &ctx );
+
+    if( ( ret = mbedtls_cipher_setup( &ctx, cipher_info ) ) != 0 )
+        goto exit;
+
+    ret = mbedtls_cipher_cmac_starts( &ctx, key, keylen );
+    if( ret != 0 )
+        goto exit;
+
+    ret = mbedtls_cipher_cmac_update( &ctx, input, ilen );
+    if( ret != 0 )
+        goto exit;
+
+    ret = mbedtls_cipher_cmac_finish( &ctx, output );
+
+exit:
+    mbedtls_cipher_free( &ctx );
+
+    return( ret );
+}
+
+#if defined(MBEDTLS_AES_C)
+/*
+ * Implementation of AES-CMAC-PRF-128 defined in RFC 4615
+ */
+int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_length,
+                              const unsigned char *input, size_t in_len,
+                              unsigned char *output )
+{
+    int ret;
+    const mbedtls_cipher_info_t *cipher_info;
+    unsigned char zero_key[MBEDTLS_AES_BLOCK_SIZE];
+    unsigned char int_key[MBEDTLS_AES_BLOCK_SIZE];
+
+    if( key == NULL || input == NULL || output == NULL )
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+    cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_AES_128_ECB );
+    if( cipher_info == NULL )
+    {
+        /* Failing at this point must be due to a build issue */
+        ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+        goto exit;
+    }
+
+    if( key_length == MBEDTLS_AES_BLOCK_SIZE )
+    {
+        /* Use key as is */
+        memcpy( int_key, key, MBEDTLS_AES_BLOCK_SIZE );
+    }
+    else
+    {
+        memset( zero_key, 0, MBEDTLS_AES_BLOCK_SIZE );
+
+        ret = mbedtls_cipher_cmac( cipher_info, zero_key, 128, key,
+                                   key_length, int_key );
+        if( ret != 0 )
+            goto exit;
+    }
+
+    ret = mbedtls_cipher_cmac( cipher_info, int_key, 128, input, in_len,
+                               output );
+
+exit:
+    mbedtls_zeroize( int_key, sizeof( int_key ) );
+
+    return( ret );
+}
+#endif /* MBEDTLS_AES_C */
+
+#endif /* !MBEDTLS_CMAC_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+/*
+ * CMAC test data for SP800-38B
+ * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/AES_CMAC.pdf
+ * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/TDES_CMAC.pdf
+ *
+ * AES-CMAC-PRF-128 test data from RFC 4615
+ * https://tools.ietf.org/html/rfc4615#page-4
+ */
+
+#define NB_CMAC_TESTS_PER_KEY 4
+#define NB_PRF_TESTS 3
+
+#if defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C)
+/* All CMAC test inputs are truncated from the same 64 byte buffer. */
+static const unsigned char test_message[] = {
+    /* PT */
+    0x6b, 0xc1, 0xbe, 0xe2,     0x2e, 0x40, 0x9f, 0x96,
+    0xe9, 0x3d, 0x7e, 0x11,     0x73, 0x93, 0x17, 0x2a,
+    0xae, 0x2d, 0x8a, 0x57,     0x1e, 0x03, 0xac, 0x9c,
+    0x9e, 0xb7, 0x6f, 0xac,     0x45, 0xaf, 0x8e, 0x51,
+    0x30, 0xc8, 0x1c, 0x46,     0xa3, 0x5c, 0xe4, 0x11,
+    0xe5, 0xfb, 0xc1, 0x19,     0x1a, 0x0a, 0x52, 0xef,
+    0xf6, 0x9f, 0x24, 0x45,     0xdf, 0x4f, 0x9b, 0x17,
+    0xad, 0x2b, 0x41, 0x7b,     0xe6, 0x6c, 0x37, 0x10
+};
+#endif /* MBEDTLS_AES_C || MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_AES_C)
+/* Truncation point of message for AES CMAC tests  */
+static const  unsigned int  aes_message_lengths[NB_CMAC_TESTS_PER_KEY] = {
+    /* Mlen */
+    0,
+    16,
+    20,
+    64
+};
+
+/* CMAC-AES128 Test Data */
+static const unsigned char aes_128_key[16] = {
+    0x2b, 0x7e, 0x15, 0x16,     0x28, 0xae, 0xd2, 0xa6,
+    0xab, 0xf7, 0x15, 0x88,     0x09, 0xcf, 0x4f, 0x3c
+};
+static const unsigned char aes_128_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = {
+    {
+        /* K1 */
+        0xfb, 0xee, 0xd6, 0x18,     0x35, 0x71, 0x33, 0x66,
+        0x7c, 0x85, 0xe0, 0x8f,     0x72, 0x36, 0xa8, 0xde
+    },
+    {
+        /* K2 */
+        0xf7, 0xdd, 0xac, 0x30,     0x6a, 0xe2, 0x66, 0xcc,
+        0xf9, 0x0b, 0xc1, 0x1e,     0xe4, 0x6d, 0x51, 0x3b
+    }
+};
+static const unsigned char aes_128_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = {
+    {
+        /* Example #1 */
+        0xbb, 0x1d, 0x69, 0x29,     0xe9, 0x59, 0x37, 0x28,
+        0x7f, 0xa3, 0x7d, 0x12,     0x9b, 0x75, 0x67, 0x46
+    },
+    {
+        /* Example #2 */
+        0x07, 0x0a, 0x16, 0xb4,     0x6b, 0x4d, 0x41, 0x44,
+        0xf7, 0x9b, 0xdd, 0x9d,     0xd0, 0x4a, 0x28, 0x7c
+    },
+    {
+        /* Example #3 */
+        0x7d, 0x85, 0x44, 0x9e,     0xa6, 0xea, 0x19, 0xc8,
+        0x23, 0xa7, 0xbf, 0x78,     0x83, 0x7d, 0xfa, 0xde
+    },
+    {
+        /* Example #4 */
+        0x51, 0xf0, 0xbe, 0xbf,     0x7e, 0x3b, 0x9d, 0x92,
+        0xfc, 0x49, 0x74, 0x17,     0x79, 0x36, 0x3c, 0xfe
+    }
+};
+
+/* CMAC-AES192 Test Data */
+static const unsigned char aes_192_key[24] = {
+    0x8e, 0x73, 0xb0, 0xf7,     0xda, 0x0e, 0x64, 0x52,
+    0xc8, 0x10, 0xf3, 0x2b,     0x80, 0x90, 0x79, 0xe5,
+    0x62, 0xf8, 0xea, 0xd2,     0x52, 0x2c, 0x6b, 0x7b
+};
+static const unsigned char aes_192_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = {
+    {
+        /* K1 */
+        0x44, 0x8a, 0x5b, 0x1c,     0x93, 0x51, 0x4b, 0x27,
+        0x3e, 0xe6, 0x43, 0x9d,     0xd4, 0xda, 0xa2, 0x96
+    },
+    {
+        /* K2 */
+        0x89, 0x14, 0xb6, 0x39,     0x26, 0xa2, 0x96, 0x4e,
+        0x7d, 0xcc, 0x87, 0x3b,     0xa9, 0xb5, 0x45, 0x2c
+    }
+};
+static const unsigned char aes_192_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = {
+    {
+        /* Example #1 */
+        0xd1, 0x7d, 0xdf, 0x46,     0xad, 0xaa, 0xcd, 0xe5,
+        0x31, 0xca, 0xc4, 0x83,     0xde, 0x7a, 0x93, 0x67
+    },
+    {
+        /* Example #2 */
+        0x9e, 0x99, 0xa7, 0xbf,     0x31, 0xe7, 0x10, 0x90,
+        0x06, 0x62, 0xf6, 0x5e,     0x61, 0x7c, 0x51, 0x84
+    },
+    {
+        /* Example #3 */
+        0x3d, 0x75, 0xc1, 0x94,     0xed, 0x96, 0x07, 0x04,
+        0x44, 0xa9, 0xfa, 0x7e,     0xc7, 0x40, 0xec, 0xf8
+    },
+    {
+        /* Example #4 */
+        0xa1, 0xd5, 0xdf, 0x0e,     0xed, 0x79, 0x0f, 0x79,
+        0x4d, 0x77, 0x58, 0x96,     0x59, 0xf3, 0x9a, 0x11
+    }
+};
+
+/* CMAC-AES256 Test Data */
+static const unsigned char aes_256_key[32] = {
+    0x60, 0x3d, 0xeb, 0x10,     0x15, 0xca, 0x71, 0xbe,
+    0x2b, 0x73, 0xae, 0xf0,     0x85, 0x7d, 0x77, 0x81,
+    0x1f, 0x35, 0x2c, 0x07,     0x3b, 0x61, 0x08, 0xd7,
+    0x2d, 0x98, 0x10, 0xa3,     0x09, 0x14, 0xdf, 0xf4
+};
+static const unsigned char aes_256_subkeys[2][MBEDTLS_AES_BLOCK_SIZE] = {
+    {
+        /* K1 */
+        0xca, 0xd1, 0xed, 0x03,     0x29, 0x9e, 0xed, 0xac,
+        0x2e, 0x9a, 0x99, 0x80,     0x86, 0x21, 0x50, 0x2f
+    },
+    {
+        /* K2 */
+        0x95, 0xa3, 0xda, 0x06,     0x53, 0x3d, 0xdb, 0x58,
+        0x5d, 0x35, 0x33, 0x01,     0x0c, 0x42, 0xa0, 0xd9
+    }
+};
+static const unsigned char aes_256_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_AES_BLOCK_SIZE] = {
+    {
+        /* Example #1 */
+        0x02, 0x89, 0x62, 0xf6,     0x1b, 0x7b, 0xf8, 0x9e,
+        0xfc, 0x6b, 0x55, 0x1f,     0x46, 0x67, 0xd9, 0x83
+    },
+    {
+        /* Example #2 */
+        0x28, 0xa7, 0x02, 0x3f,     0x45, 0x2e, 0x8f, 0x82,
+        0xbd, 0x4b, 0xf2, 0x8d,     0x8c, 0x37, 0xc3, 0x5c
+    },
+    {
+        /* Example #3 */
+        0x15, 0x67, 0x27, 0xdc,     0x08, 0x78, 0x94, 0x4a,
+        0x02, 0x3c, 0x1f, 0xe0,     0x3b, 0xad, 0x6d, 0x93
+    },
+    {
+        /* Example #4 */
+        0xe1, 0x99, 0x21, 0x90,     0x54, 0x9f, 0x6e, 0xd5,
+        0x69, 0x6a, 0x2c, 0x05,     0x6c, 0x31, 0x54, 0x10
+    }
+};
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_DES_C)
+/* Truncation point of message for 3DES CMAC tests  */
+static const unsigned int des3_message_lengths[NB_CMAC_TESTS_PER_KEY] = {
+    0,
+    16,
+    20,
+    32
+};
+
+/* CMAC-TDES (Generation) - 2 Key Test Data */
+static const unsigned char des3_2key_key[24] = {
+    /* Key1 */
+    0x01, 0x23, 0x45, 0x67,     0x89, 0xab, 0xcd, 0xef,
+    /* Key2 */
+    0x23, 0x45, 0x67, 0x89,     0xab, 0xcd, 0xEF, 0x01,
+    /* Key3 */
+    0x01, 0x23, 0x45, 0x67,     0x89, 0xab, 0xcd, 0xef
+};
+static const unsigned char des3_2key_subkeys[2][8] = {
+    {
+        /* K1 */
+        0x0d, 0xd2, 0xcb, 0x7a,     0x3d, 0x88, 0x88, 0xd9
+    },
+    {
+        /* K2 */
+        0x1b, 0xa5, 0x96, 0xf4,     0x7b, 0x11, 0x11, 0xb2
+    }
+};
+static const unsigned char des3_2key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE] = {
+    {
+        /* Sample #1 */
+        0x79, 0xce, 0x52, 0xa7,     0xf7, 0x86, 0xa9, 0x60
+    },
+    {
+        /* Sample #2 */
+        0xcc, 0x18, 0xa0, 0xb7,     0x9a, 0xf2, 0x41, 0x3b
+    },
+    {
+        /* Sample #3 */
+        0xc0, 0x6d, 0x37, 0x7e,     0xcd, 0x10, 0x19, 0x69
+    },
+    {
+        /* Sample #4 */
+        0x9c, 0xd3, 0x35, 0x80,     0xf9, 0xb6, 0x4d, 0xfb
+    }
+};
+
+/* CMAC-TDES (Generation) - 3 Key Test Data */
+static const unsigned char des3_3key_key[24] = {
+    /* Key1 */
+    0x01, 0x23, 0x45, 0x67,     0x89, 0xaa, 0xcd, 0xef,
+    /* Key2 */
+    0x23, 0x45, 0x67, 0x89,     0xab, 0xcd, 0xef, 0x01,
+    /* Key3 */
+    0x45, 0x67, 0x89, 0xab,     0xcd, 0xef, 0x01, 0x23
+};
+static const unsigned char des3_3key_subkeys[2][8] = {
+    {
+        /* K1 */
+        0x9d, 0x74, 0xe7, 0x39,     0x33, 0x17, 0x96, 0xc0
+    },
+    {
+        /* K2 */
+        0x3a, 0xe9, 0xce, 0x72,     0x66, 0x2f, 0x2d, 0x9b
+    }
+};
+static const unsigned char des3_3key_expected_result[NB_CMAC_TESTS_PER_KEY][MBEDTLS_DES3_BLOCK_SIZE] = {
+    {
+        /* Sample #1 */
+        0x7d, 0xb0, 0xd3, 0x7d,     0xf9, 0x36, 0xc5, 0x50
+    },
+    {
+        /* Sample #2 */
+        0x30, 0x23, 0x9c, 0xf1,     0xf5, 0x2e, 0x66, 0x09
+    },
+    {
+        /* Sample #3 */
+        0x6c, 0x9f, 0x3e, 0xe4,     0x92, 0x3f, 0x6b, 0xe2
+    },
+    {
+        /* Sample #4 */
+        0x99, 0x42, 0x9b, 0xd0,     0xbF, 0x79, 0x04, 0xe5
+    }
+};
+
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_AES_C)
+/* AES AES-CMAC-PRF-128 Test Data */
+static const unsigned char PRFK[] = {
+    /* Key */
+    0x00, 0x01, 0x02, 0x03,     0x04, 0x05, 0x06, 0x07,
+    0x08, 0x09, 0x0a, 0x0b,     0x0c, 0x0d, 0x0e, 0x0f,
+    0xed, 0xcb
+};
+
+/* Sizes in bytes */
+static const size_t PRFKlen[NB_PRF_TESTS] = {
+    18,
+    16,
+    10
+};
+
+/* Message */
+static const unsigned char PRFM[] = {
+    0x00, 0x01, 0x02, 0x03,     0x04, 0x05, 0x06, 0x07,
+    0x08, 0x09, 0x0a, 0x0b,     0x0c, 0x0d, 0x0e, 0x0f,
+    0x10, 0x11, 0x12, 0x13
+};
+
+static const unsigned char PRFT[NB_PRF_TESTS][16] = {
+    {
+        0x84, 0xa3, 0x48, 0xa4,     0xa4, 0x5d, 0x23, 0x5b,
+        0xab, 0xff, 0xfc, 0x0d,     0x2b, 0x4d, 0xa0, 0x9a
+    },
+    {
+        0x98, 0x0a, 0xe8, 0x7b,     0x5f, 0x4c, 0x9c, 0x52,
+        0x14, 0xf5, 0xb6, 0xa8,     0x45, 0x5e, 0x4c, 0x2d
+    },
+    {
+        0x29, 0x0d, 0x9e, 0x11,     0x2e, 0xdb, 0x09, 0xee,
+        0x14, 0x1f, 0xcf, 0x64,     0xc0, 0xb7, 0x2f, 0x3d
+    }
+};
+#endif /* MBEDTLS_AES_C */
+
+static int cmac_test_subkeys( int verbose,
+                              const char* testname,
+                              const unsigned char* key,
+                              int keybits,
+                              const unsigned char* subkeys,
+                              mbedtls_cipher_type_t cipher_type,
+                              int block_size,
+                              int num_tests )
+{
+    int i, ret;
+    mbedtls_cipher_context_t ctx;
+    const mbedtls_cipher_info_t *cipher_info;
+    unsigned char K1[MBEDTLS_CIPHER_BLKSIZE_MAX];
+    unsigned char K2[MBEDTLS_CIPHER_BLKSIZE_MAX];
+
+    cipher_info = mbedtls_cipher_info_from_type( cipher_type );
+    if( cipher_info == NULL )
+    {
+        /* Failing at this point must be due to a build issue */
+        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+    }
+
+    for( i = 0; i < num_tests; i++ )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "  %s CMAC subkey #%u: ", testname, i + 1 );
+
+        mbedtls_cipher_init( &ctx );
+
+        if( ( ret = mbedtls_cipher_setup( &ctx, cipher_info ) ) != 0 )
+        {
+            if( verbose != 0 )
+                mbedtls_printf( "test execution failed\n" );
+
+            goto cleanup;
+        }
+
+        if( ( ret = mbedtls_cipher_setkey( &ctx, key, keybits,
+                                       MBEDTLS_ENCRYPT ) ) != 0 )
+        {
+            if( verbose != 0 )
+                mbedtls_printf( "test execution failed\n" );
+
+            goto cleanup;
+        }
+
+        ret = cmac_generate_subkeys( &ctx, K1, K2 );
+        if( ret != 0 )
+        {
+           if( verbose != 0 )
+                mbedtls_printf( "failed\n" );
+
+            goto cleanup;
+        }
+
+        if( ( ret = memcmp( K1, subkeys, block_size ) ) != 0  ||
+            ( ret = memcmp( K2, &subkeys[block_size], block_size ) ) != 0 )
+        {
+            if( verbose != 0 )
+                mbedtls_printf( "failed\n" );
+
+            goto cleanup;
+        }
+
+        if( verbose != 0 )
+            mbedtls_printf( "passed\n" );
+
+        mbedtls_cipher_free( &ctx );
+    }
+
+    goto exit;
+
+cleanup:
+    mbedtls_cipher_free( &ctx );
+
+exit:
+    return( ret );
+}
+
+static int cmac_test_wth_cipher( int verbose,
+                                 const char* testname,
+                                 const unsigned char* key,
+                                 int keybits,
+                                 const unsigned char* messages,
+                                 const unsigned int message_lengths[4],
+                                 const unsigned char* expected_result,
+                                 mbedtls_cipher_type_t cipher_type,
+                                 int block_size,
+                                 int num_tests )
+{
+    const mbedtls_cipher_info_t *cipher_info;
+    int i, ret;
+    unsigned char output[MBEDTLS_CIPHER_BLKSIZE_MAX];
+
+    cipher_info = mbedtls_cipher_info_from_type( cipher_type );
+    if( cipher_info == NULL )
+    {
+        /* Failing at this point must be due to a build issue */
+        ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+        goto exit;
+    }
+
+    for( i = 0; i < num_tests; i++ )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "  %s CMAC #%u: ", testname, i + 1 );
+
+        if( ( ret = mbedtls_cipher_cmac( cipher_info, key, keybits, messages,
+                                         message_lengths[i], output ) ) != 0 )
+        {
+            if( verbose != 0 )
+                mbedtls_printf( "failed\n" );
+            goto exit;
+        }
+
+        if( ( ret = memcmp( output, &expected_result[i * block_size], block_size ) ) != 0 )
+        {
+            if( verbose != 0 )
+                mbedtls_printf( "failed\n" );
+            goto exit;
+        }
+
+        if( verbose != 0 )
+            mbedtls_printf( "passed\n" );
+    }
+
+exit:
+    return( ret );
+}
+
+#if defined(MBEDTLS_AES_C)
+static int test_aes128_cmac_prf( int verbose )
+{
+    int i;
+    int ret;
+    unsigned char output[MBEDTLS_AES_BLOCK_SIZE];
+
+    for( i = 0; i < NB_PRF_TESTS; i++ )
+    {
+        mbedtls_printf( "  AES CMAC 128 PRF #%u: ", i );
+        ret = mbedtls_aes_cmac_prf_128( PRFK, PRFKlen[i], PRFM, 20, output );
+        if( ret != 0 ||
+            memcmp( output, PRFT[i], MBEDTLS_AES_BLOCK_SIZE ) != 0 )
+        {
+
+            if( verbose != 0 )
+                mbedtls_printf( "failed\n" );
+
+            return( ret );
+        }
+        else if( verbose != 0 )
+        {
+            mbedtls_printf( "passed\n" );
+        }
+    }
+    return( ret );
+}
+#endif /* MBEDTLS_AES_C */
+
+int mbedtls_cmac_self_test( int verbose )
+{
+    int ret;
+
+#if defined(MBEDTLS_AES_C)
+    /* AES-128 */
+    if( ( ret = cmac_test_subkeys( verbose,
+                                   "AES 128",
+                                   aes_128_key,
+                                   128,
+                                   (const unsigned char*)aes_128_subkeys,
+                                   MBEDTLS_CIPHER_AES_128_ECB,
+                                   MBEDTLS_AES_BLOCK_SIZE,
+                                   NB_CMAC_TESTS_PER_KEY ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    if( ( ret = cmac_test_wth_cipher( verbose,
+                                      "AES 128",
+                                      aes_128_key,
+                                      128,
+                                      test_message,
+                                      aes_message_lengths,
+                                      (const unsigned char*)aes_128_expected_result,
+                                      MBEDTLS_CIPHER_AES_128_ECB,
+                                      MBEDTLS_AES_BLOCK_SIZE,
+                                      NB_CMAC_TESTS_PER_KEY ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    /* AES-192 */
+    if( ( ret = cmac_test_subkeys( verbose,
+                                   "AES 192",
+                                   aes_192_key,
+                                   192,
+                                   (const unsigned char*)aes_192_subkeys,
+                                   MBEDTLS_CIPHER_AES_192_ECB,
+                                   MBEDTLS_AES_BLOCK_SIZE,
+                                   NB_CMAC_TESTS_PER_KEY ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    if( ( ret = cmac_test_wth_cipher( verbose,
+                                      "AES 192",
+                                      aes_192_key,
+                                      192,
+                                      test_message,
+                                      aes_message_lengths,
+                                      (const unsigned char*)aes_192_expected_result,
+                                      MBEDTLS_CIPHER_AES_192_ECB,
+                                      MBEDTLS_AES_BLOCK_SIZE,
+                                      NB_CMAC_TESTS_PER_KEY ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    /* AES-256 */
+    if( ( ret = cmac_test_subkeys( verbose,
+                                   "AES 256",
+                                   aes_256_key,
+                                   256,
+                                   (const unsigned char*)aes_256_subkeys,
+                                   MBEDTLS_CIPHER_AES_256_ECB,
+                                   MBEDTLS_AES_BLOCK_SIZE,
+                                   NB_CMAC_TESTS_PER_KEY ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    if( ( ret = cmac_test_wth_cipher ( verbose,
+                                       "AES 256",
+                                       aes_256_key,
+                                       256,
+                                       test_message,
+                                       aes_message_lengths,
+                                       (const unsigned char*)aes_256_expected_result,
+                                       MBEDTLS_CIPHER_AES_256_ECB,
+                                       MBEDTLS_AES_BLOCK_SIZE,
+                                       NB_CMAC_TESTS_PER_KEY ) ) != 0 )
+    {
+        return( ret );
+    }
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_DES_C)
+    /* 3DES 2 key */
+    if( ( ret = cmac_test_subkeys( verbose,
+                                   "3DES 2 key",
+                                   des3_2key_key,
+                                   192,
+                                   (const unsigned char*)des3_2key_subkeys,
+                                   MBEDTLS_CIPHER_DES_EDE3_ECB,
+                                   MBEDTLS_DES3_BLOCK_SIZE,
+                                   NB_CMAC_TESTS_PER_KEY ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    if( ( ret = cmac_test_wth_cipher( verbose,
+                                      "3DES 2 key",
+                                      des3_2key_key,
+                                      192,
+                                      test_message,
+                                      des3_message_lengths,
+                                      (const unsigned char*)des3_2key_expected_result,
+                                      MBEDTLS_CIPHER_DES_EDE3_ECB,
+                                      MBEDTLS_DES3_BLOCK_SIZE,
+                                      NB_CMAC_TESTS_PER_KEY ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    /* 3DES 3 key */
+    if( ( ret = cmac_test_subkeys( verbose,
+                                   "3DES 3 key",
+                                   des3_3key_key,
+                                   192,
+                                   (const unsigned char*)des3_3key_subkeys,
+                                   MBEDTLS_CIPHER_DES_EDE3_ECB,
+                                   MBEDTLS_DES3_BLOCK_SIZE,
+                                   NB_CMAC_TESTS_PER_KEY ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    if( ( ret = cmac_test_wth_cipher( verbose,
+                                      "3DES 3 key",
+                                      des3_3key_key,
+                                      192,
+                                      test_message,
+                                      des3_message_lengths,
+                                      (const unsigned char*)des3_3key_expected_result,
+                                      MBEDTLS_CIPHER_DES_EDE3_ECB,
+                                      MBEDTLS_DES3_BLOCK_SIZE,
+                                      NB_CMAC_TESTS_PER_KEY ) ) != 0 )
+    {
+        return( ret );
+    }
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_AES_C)
+    if( ( ret = test_aes128_cmac_prf( verbose ) ) != 0 )
+        return( ret );
+#endif /* MBEDTLS_AES_C */
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+    return( 0 );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_CMAC_C */
diff --git a/thirdparty/mbedtls/library/ctr_drbg.c b/thirdparty/mbedtls/library/ctr_drbg.c
new file mode 100644
index 0000000000..c2310cb579
--- /dev/null
+++ b/thirdparty/mbedtls/library/ctr_drbg.c
@@ -0,0 +1,654 @@
+/*
+ *  CTR_DRBG implementation based on AES-256 (NIST SP 800-90)
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ *  The NIST SP 800-90 DRBGs are described in the following publucation.
+ *
+ *  http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90revised_March2007.pdf
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_CTR_DRBG_C)
+
+#include "mbedtls/ctr_drbg.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_FS_IO)
+#include <stdio.h>
+#endif
+
+#if defined(MBEDTLS_SELF_TEST)
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif /* MBEDTLS_PLATFORM_C */
+#endif /* MBEDTLS_SELF_TEST */
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+/*
+ * CTR_DRBG context initialization
+ */
+void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_ctr_drbg_context ) );
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_init( &ctx->mutex );
+#endif
+}
+
+/*
+ * Non-public function wrapped by mbedtls_ctr_drbg_seed(). Necessary to allow
+ * NIST tests to succeed (which require known length fixed entropy)
+ */
+int mbedtls_ctr_drbg_seed_entropy_len(
+                   mbedtls_ctr_drbg_context *ctx,
+                   int (*f_entropy)(void *, unsigned char *, size_t),
+                   void *p_entropy,
+                   const unsigned char *custom,
+                   size_t len,
+                   size_t entropy_len )
+{
+    int ret;
+    unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE];
+
+    memset( key, 0, MBEDTLS_CTR_DRBG_KEYSIZE );
+
+    mbedtls_aes_init( &ctx->aes_ctx );
+
+    ctx->f_entropy = f_entropy;
+    ctx->p_entropy = p_entropy;
+
+    ctx->entropy_len = entropy_len;
+    ctx->reseed_interval = MBEDTLS_CTR_DRBG_RESEED_INTERVAL;
+
+    /*
+     * Initialize with an empty key
+     */
+    if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    if( ( ret = mbedtls_ctr_drbg_reseed( ctx, custom, len ) ) != 0 )
+    {
+        return( ret );
+    }
+    return( 0 );
+}
+
+int mbedtls_ctr_drbg_seed( mbedtls_ctr_drbg_context *ctx,
+                   int (*f_entropy)(void *, unsigned char *, size_t),
+                   void *p_entropy,
+                   const unsigned char *custom,
+                   size_t len )
+{
+    return( mbedtls_ctr_drbg_seed_entropy_len( ctx, f_entropy, p_entropy, custom, len,
+                                       MBEDTLS_CTR_DRBG_ENTROPY_LEN ) );
+}
+
+void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_free( &ctx->mutex );
+#endif
+    mbedtls_aes_free( &ctx->aes_ctx );
+    mbedtls_zeroize( ctx, sizeof( mbedtls_ctr_drbg_context ) );
+}
+
+void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, int resistance )
+{
+    ctx->prediction_resistance = resistance;
+}
+
+void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx, size_t len )
+{
+    ctx->entropy_len = len;
+}
+
+void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx, int interval )
+{
+    ctx->reseed_interval = interval;
+}
+
+static int block_cipher_df( unsigned char *output,
+                            const unsigned char *data, size_t data_len )
+{
+    unsigned char buf[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + MBEDTLS_CTR_DRBG_BLOCKSIZE + 16];
+    unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
+    unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE];
+    unsigned char chain[MBEDTLS_CTR_DRBG_BLOCKSIZE];
+    unsigned char *p, *iv;
+    mbedtls_aes_context aes_ctx;
+    int ret = 0;
+
+    int i, j;
+    size_t buf_len, use_len;
+
+    if( data_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT )
+        return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
+
+    memset( buf, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + MBEDTLS_CTR_DRBG_BLOCKSIZE + 16 );
+    mbedtls_aes_init( &aes_ctx );
+
+    /*
+     * Construct IV (16 bytes) and S in buffer
+     * IV = Counter (in 32-bits) padded to 16 with zeroes
+     * S = Length input string (in 32-bits) || Length of output (in 32-bits) ||
+     *     data || 0x80
+     *     (Total is padded to a multiple of 16-bytes with zeroes)
+     */
+    p = buf + MBEDTLS_CTR_DRBG_BLOCKSIZE;
+    *p++ = ( data_len >> 24 ) & 0xff;
+    *p++ = ( data_len >> 16 ) & 0xff;
+    *p++ = ( data_len >> 8  ) & 0xff;
+    *p++ = ( data_len       ) & 0xff;
+    p += 3;
+    *p++ = MBEDTLS_CTR_DRBG_SEEDLEN;
+    memcpy( p, data, data_len );
+    p[data_len] = 0x80;
+
+    buf_len = MBEDTLS_CTR_DRBG_BLOCKSIZE + 8 + data_len + 1;
+
+    for( i = 0; i < MBEDTLS_CTR_DRBG_KEYSIZE; i++ )
+        key[i] = i;
+
+    if( ( ret = mbedtls_aes_setkey_enc( &aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
+    {
+        goto exit;
+    }
+
+    /*
+     * Reduce data to MBEDTLS_CTR_DRBG_SEEDLEN bytes of data
+     */
+    for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE )
+    {
+        p = buf;
+        memset( chain, 0, MBEDTLS_CTR_DRBG_BLOCKSIZE );
+        use_len = buf_len;
+
+        while( use_len > 0 )
+        {
+            for( i = 0; i < MBEDTLS_CTR_DRBG_BLOCKSIZE; i++ )
+                chain[i] ^= p[i];
+            p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
+            use_len -= ( use_len >= MBEDTLS_CTR_DRBG_BLOCKSIZE ) ?
+                       MBEDTLS_CTR_DRBG_BLOCKSIZE : use_len;
+
+            if( ( ret = mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, chain, chain ) ) != 0 )
+            {
+                goto exit;
+            }
+        }
+
+        memcpy( tmp + j, chain, MBEDTLS_CTR_DRBG_BLOCKSIZE );
+
+        /*
+         * Update IV
+         */
+        buf[3]++;
+    }
+
+    /*
+     * Do final encryption with reduced data
+     */
+    if( ( ret = mbedtls_aes_setkey_enc( &aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
+    {
+        goto exit;
+    }
+    iv = tmp + MBEDTLS_CTR_DRBG_KEYSIZE;
+    p = output;
+
+    for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE )
+    {
+        if( ( ret = mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, iv, iv ) ) != 0 )
+        {
+            goto exit;
+        }
+        memcpy( p, iv, MBEDTLS_CTR_DRBG_BLOCKSIZE );
+        p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
+    }
+exit:
+    mbedtls_aes_free( &aes_ctx );
+    /*
+    * tidy up the stack
+    */
+    mbedtls_zeroize( buf, sizeof( buf ) );
+    mbedtls_zeroize( tmp, sizeof( tmp ) );
+    mbedtls_zeroize( key, sizeof( key ) );
+    mbedtls_zeroize( chain, sizeof( chain ) );
+    if( 0 != ret )
+    {
+        /*
+        * wipe partial seed from memory
+        */
+        mbedtls_zeroize( output, MBEDTLS_CTR_DRBG_SEEDLEN );
+    }
+
+    return( ret );
+}
+
+static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx,
+                              const unsigned char data[MBEDTLS_CTR_DRBG_SEEDLEN] )
+{
+    unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
+    unsigned char *p = tmp;
+    int i, j;
+    int ret = 0;
+
+    memset( tmp, 0, MBEDTLS_CTR_DRBG_SEEDLEN );
+
+    for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE )
+    {
+        /*
+         * Increase counter
+         */
+        for( i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i-- )
+            if( ++ctx->counter[i - 1] != 0 )
+                break;
+
+        /*
+         * Crypt counter block
+         */
+        if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, p ) ) != 0 )
+        {
+            return( ret );
+        }
+
+        p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
+    }
+
+    for( i = 0; i < MBEDTLS_CTR_DRBG_SEEDLEN; i++ )
+        tmp[i] ^= data[i];
+
+    /*
+     * Update key and counter
+     */
+    if( ( ret = mbedtls_aes_setkey_enc( &ctx->aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS ) ) != 0 )
+    {
+        return( ret );
+    }
+    memcpy( ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE, MBEDTLS_CTR_DRBG_BLOCKSIZE );
+
+    return( 0 );
+}
+
+void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx,
+                      const unsigned char *additional, size_t add_len )
+{
+    unsigned char add_input[MBEDTLS_CTR_DRBG_SEEDLEN];
+
+    if( add_len > 0 )
+    {
+        /* MAX_INPUT would be more logical here, but we have to match
+         * block_cipher_df()'s limits since we can't propagate errors */
+        if( add_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT )
+            add_len = MBEDTLS_CTR_DRBG_MAX_SEED_INPUT;
+
+        block_cipher_df( add_input, additional, add_len );
+        ctr_drbg_update_internal( ctx, add_input );
+    }
+}
+
+int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
+                     const unsigned char *additional, size_t len )
+{
+    unsigned char seed[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT];
+    size_t seedlen = 0;
+    int ret;
+
+    if( ctx->entropy_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ||
+        len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len )
+        return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
+
+    memset( seed, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT );
+
+    /*
+     * Gather entropy_len bytes of entropy to seed state
+     */
+    if( 0 != ctx->f_entropy( ctx->p_entropy, seed,
+                             ctx->entropy_len ) )
+    {
+        return( MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED );
+    }
+
+    seedlen += ctx->entropy_len;
+
+    /*
+     * Add additional data
+     */
+    if( additional && len )
+    {
+        memcpy( seed + seedlen, additional, len );
+        seedlen += len;
+    }
+
+    /*
+     * Reduce to 384 bits
+     */
+    if( ( ret = block_cipher_df( seed, seed, seedlen ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    /*
+     * Update state
+     */
+    if( ( ret = ctr_drbg_update_internal( ctx, seed ) ) != 0 )
+    {
+        return( ret );
+    }
+    ctx->reseed_counter = 1;
+
+    return( 0 );
+}
+
+int mbedtls_ctr_drbg_random_with_add( void *p_rng,
+                              unsigned char *output, size_t output_len,
+                              const unsigned char *additional, size_t add_len )
+{
+    int ret = 0;
+    mbedtls_ctr_drbg_context *ctx = (mbedtls_ctr_drbg_context *) p_rng;
+    unsigned char add_input[MBEDTLS_CTR_DRBG_SEEDLEN];
+    unsigned char *p = output;
+    unsigned char tmp[MBEDTLS_CTR_DRBG_BLOCKSIZE];
+    int i;
+    size_t use_len;
+
+    if( output_len > MBEDTLS_CTR_DRBG_MAX_REQUEST )
+        return( MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG );
+
+    if( add_len > MBEDTLS_CTR_DRBG_MAX_INPUT )
+        return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
+
+    memset( add_input, 0, MBEDTLS_CTR_DRBG_SEEDLEN );
+
+    if( ctx->reseed_counter > ctx->reseed_interval ||
+        ctx->prediction_resistance )
+    {
+        if( ( ret = mbedtls_ctr_drbg_reseed( ctx, additional, add_len ) ) != 0 )
+        {
+            return( ret );
+        }
+        add_len = 0;
+    }
+
+    if( add_len > 0 )
+    {
+        if( ( ret = block_cipher_df( add_input, additional, add_len ) ) != 0 )
+        {
+            return( ret );
+        }
+        if( ( ret = ctr_drbg_update_internal( ctx, add_input ) ) != 0 )
+        {
+            return( ret );
+        }
+    }
+
+    while( output_len > 0 )
+    {
+        /*
+         * Increase counter
+         */
+        for( i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i-- )
+            if( ++ctx->counter[i - 1] != 0 )
+                break;
+
+        /*
+         * Crypt counter block
+         */
+        if( ( ret = mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, tmp ) ) != 0 )
+        {
+            return( ret );
+        }
+
+        use_len = ( output_len > MBEDTLS_CTR_DRBG_BLOCKSIZE ) ? MBEDTLS_CTR_DRBG_BLOCKSIZE :
+                                                       output_len;
+        /*
+         * Copy random block to destination
+         */
+        memcpy( p, tmp, use_len );
+        p += use_len;
+        output_len -= use_len;
+    }
+
+    if( ( ret = ctr_drbg_update_internal( ctx, add_input ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    ctx->reseed_counter++;
+
+    return( 0 );
+}
+
+int mbedtls_ctr_drbg_random( void *p_rng, unsigned char *output, size_t output_len )
+{
+    int ret;
+    mbedtls_ctr_drbg_context *ctx = (mbedtls_ctr_drbg_context *) p_rng;
+
+#if defined(MBEDTLS_THREADING_C)
+    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
+        return( ret );
+#endif
+
+    ret = mbedtls_ctr_drbg_random_with_add( ctx, output, output_len, NULL, 0 );
+
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
+        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
+#endif
+
+    return( ret );
+}
+
+#if defined(MBEDTLS_FS_IO)
+int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path )
+{
+    int ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
+    FILE *f;
+    unsigned char buf[ MBEDTLS_CTR_DRBG_MAX_INPUT ];
+
+    if( ( f = fopen( path, "wb" ) ) == NULL )
+        return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR );
+
+    if( ( ret = mbedtls_ctr_drbg_random( ctx, buf, MBEDTLS_CTR_DRBG_MAX_INPUT ) ) != 0 )
+        goto exit;
+
+    if( fwrite( buf, 1, MBEDTLS_CTR_DRBG_MAX_INPUT, f ) != MBEDTLS_CTR_DRBG_MAX_INPUT )
+        ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
+    else
+        ret = 0;
+
+exit:
+    mbedtls_zeroize( buf, sizeof( buf ) );
+
+    fclose( f );
+    return( ret );
+}
+
+int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path )
+{
+    int ret = 0;
+    FILE *f;
+    size_t n;
+    unsigned char buf[ MBEDTLS_CTR_DRBG_MAX_INPUT ];
+
+    if( ( f = fopen( path, "rb" ) ) == NULL )
+        return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR );
+
+    fseek( f, 0, SEEK_END );
+    n = (size_t) ftell( f );
+    fseek( f, 0, SEEK_SET );
+
+    if( n > MBEDTLS_CTR_DRBG_MAX_INPUT )
+    {
+        fclose( f );
+        return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
+    }
+
+    if( fread( buf, 1, n, f ) != n )
+        ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
+    else
+        mbedtls_ctr_drbg_update( ctx, buf, n );
+
+    fclose( f );
+
+    mbedtls_zeroize( buf, sizeof( buf ) );
+
+    if( ret != 0 )
+        return( ret );
+
+    return( mbedtls_ctr_drbg_write_seed_file( ctx, path ) );
+}
+#endif /* MBEDTLS_FS_IO */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+static const unsigned char entropy_source_pr[96] =
+    { 0xc1, 0x80, 0x81, 0xa6, 0x5d, 0x44, 0x02, 0x16,
+      0x19, 0xb3, 0xf1, 0x80, 0xb1, 0xc9, 0x20, 0x02,
+      0x6a, 0x54, 0x6f, 0x0c, 0x70, 0x81, 0x49, 0x8b,
+      0x6e, 0xa6, 0x62, 0x52, 0x6d, 0x51, 0xb1, 0xcb,
+      0x58, 0x3b, 0xfa, 0xd5, 0x37, 0x5f, 0xfb, 0xc9,
+      0xff, 0x46, 0xd2, 0x19, 0xc7, 0x22, 0x3e, 0x95,
+      0x45, 0x9d, 0x82, 0xe1, 0xe7, 0x22, 0x9f, 0x63,
+      0x31, 0x69, 0xd2, 0x6b, 0x57, 0x47, 0x4f, 0xa3,
+      0x37, 0xc9, 0x98, 0x1c, 0x0b, 0xfb, 0x91, 0x31,
+      0x4d, 0x55, 0xb9, 0xe9, 0x1c, 0x5a, 0x5e, 0xe4,
+      0x93, 0x92, 0xcf, 0xc5, 0x23, 0x12, 0xd5, 0x56,
+      0x2c, 0x4a, 0x6e, 0xff, 0xdc, 0x10, 0xd0, 0x68 };
+
+static const unsigned char entropy_source_nopr[64] =
+    { 0x5a, 0x19, 0x4d, 0x5e, 0x2b, 0x31, 0x58, 0x14,
+      0x54, 0xde, 0xf6, 0x75, 0xfb, 0x79, 0x58, 0xfe,
+      0xc7, 0xdb, 0x87, 0x3e, 0x56, 0x89, 0xfc, 0x9d,
+      0x03, 0x21, 0x7c, 0x68, 0xd8, 0x03, 0x38, 0x20,
+      0xf9, 0xe6, 0x5e, 0x04, 0xd8, 0x56, 0xf3, 0xa9,
+      0xc4, 0x4a, 0x4c, 0xbd, 0xc1, 0xd0, 0x08, 0x46,
+      0xf5, 0x98, 0x3d, 0x77, 0x1c, 0x1b, 0x13, 0x7e,
+      0x4e, 0x0f, 0x9d, 0x8e, 0xf4, 0x09, 0xf9, 0x2e };
+
+static const unsigned char nonce_pers_pr[16] =
+    { 0xd2, 0x54, 0xfc, 0xff, 0x02, 0x1e, 0x69, 0xd2,
+      0x29, 0xc9, 0xcf, 0xad, 0x85, 0xfa, 0x48, 0x6c };
+
+static const unsigned char nonce_pers_nopr[16] =
+    { 0x1b, 0x54, 0xb8, 0xff, 0x06, 0x42, 0xbf, 0xf5,
+      0x21, 0xf1, 0x5c, 0x1c, 0x0b, 0x66, 0x5f, 0x3f };
+
+static const unsigned char result_pr[16] =
+    { 0x34, 0x01, 0x16, 0x56, 0xb4, 0x29, 0x00, 0x8f,
+      0x35, 0x63, 0xec, 0xb5, 0xf2, 0x59, 0x07, 0x23 };
+
+static const unsigned char result_nopr[16] =
+    { 0xa0, 0x54, 0x30, 0x3d, 0x8a, 0x7e, 0xa9, 0x88,
+      0x9d, 0x90, 0x3e, 0x07, 0x7c, 0x6f, 0x21, 0x8f };
+
+static size_t test_offset;
+static int ctr_drbg_self_test_entropy( void *data, unsigned char *buf,
+                                       size_t len )
+{
+    const unsigned char *p = data;
+    memcpy( buf, p + test_offset, len );
+    test_offset += len;
+    return( 0 );
+}
+
+#define CHK( c )    if( (c) != 0 )                          \
+                    {                                       \
+                        if( verbose != 0 )                  \
+                            mbedtls_printf( "failed\n" );  \
+                        return( 1 );                        \
+                    }
+
+/*
+ * Checkup routine
+ */
+int mbedtls_ctr_drbg_self_test( int verbose )
+{
+    mbedtls_ctr_drbg_context ctx;
+    unsigned char buf[16];
+
+    mbedtls_ctr_drbg_init( &ctx );
+
+    /*
+     * Based on a NIST CTR_DRBG test vector (PR = True)
+     */
+    if( verbose != 0 )
+        mbedtls_printf( "  CTR_DRBG (PR = TRUE) : " );
+
+    test_offset = 0;
+    CHK( mbedtls_ctr_drbg_seed_entropy_len( &ctx, ctr_drbg_self_test_entropy,
+                                (void *) entropy_source_pr, nonce_pers_pr, 16, 32 ) );
+    mbedtls_ctr_drbg_set_prediction_resistance( &ctx, MBEDTLS_CTR_DRBG_PR_ON );
+    CHK( mbedtls_ctr_drbg_random( &ctx, buf, MBEDTLS_CTR_DRBG_BLOCKSIZE ) );
+    CHK( mbedtls_ctr_drbg_random( &ctx, buf, MBEDTLS_CTR_DRBG_BLOCKSIZE ) );
+    CHK( memcmp( buf, result_pr, MBEDTLS_CTR_DRBG_BLOCKSIZE ) );
+
+    mbedtls_ctr_drbg_free( &ctx );
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n" );
+
+    /*
+     * Based on a NIST CTR_DRBG test vector (PR = FALSE)
+     */
+    if( verbose != 0 )
+        mbedtls_printf( "  CTR_DRBG (PR = FALSE): " );
+
+    mbedtls_ctr_drbg_init( &ctx );
+
+    test_offset = 0;
+    CHK( mbedtls_ctr_drbg_seed_entropy_len( &ctx, ctr_drbg_self_test_entropy,
+                            (void *) entropy_source_nopr, nonce_pers_nopr, 16, 32 ) );
+    CHK( mbedtls_ctr_drbg_random( &ctx, buf, 16 ) );
+    CHK( mbedtls_ctr_drbg_reseed( &ctx, NULL, 0 ) );
+    CHK( mbedtls_ctr_drbg_random( &ctx, buf, 16 ) );
+    CHK( memcmp( buf, result_nopr, 16 ) );
+
+    mbedtls_ctr_drbg_free( &ctx );
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n" );
+
+    if( verbose != 0 )
+            mbedtls_printf( "\n" );
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_CTR_DRBG_C */
diff --git a/thirdparty/mbedtls/library/debug.c b/thirdparty/mbedtls/library/debug.c
new file mode 100644
index 0000000000..f9229b3606
--- /dev/null
+++ b/thirdparty/mbedtls/library/debug.c
@@ -0,0 +1,368 @@
+/*
+ *  Debugging routines
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_DEBUG_C)
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define mbedtls_calloc      calloc
+#define mbedtls_free        free
+#define mbedtls_time_t      time_t
+#define mbedtls_snprintf    snprintf
+#endif
+
+#include "mbedtls/debug.h"
+
+#include <stdarg.h>
+#include <stdio.h>
+#include <string.h>
+
+#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
+#define DEBUG_BUF_SIZE      512
+
+static int debug_threshold = 0;
+
+void mbedtls_debug_set_threshold( int threshold )
+{
+    debug_threshold = threshold;
+}
+
+/*
+ * All calls to f_dbg must be made via this function
+ */
+static inline void debug_send_line( const mbedtls_ssl_context *ssl, int level,
+                                    const char *file, int line,
+                                    const char *str )
+{
+    /*
+     * If in a threaded environment, we need a thread identifier.
+     * Since there is no portable way to get one, use the address of the ssl
+     * context instead, as it shouldn't be shared between threads.
+     */
+#if defined(MBEDTLS_THREADING_C)
+    char idstr[20 + DEBUG_BUF_SIZE]; /* 0x + 16 nibbles + ': ' */
+    mbedtls_snprintf( idstr, sizeof( idstr ), "%p: %s", (void*)ssl, str );
+    ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, idstr );
+#else
+    ssl->conf->f_dbg( ssl->conf->p_dbg, level, file, line, str );
+#endif
+}
+
+void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
+                              const char *file, int line,
+                              const char *format, ... )
+{
+    va_list argp;
+    char str[DEBUG_BUF_SIZE];
+    int ret;
+
+    if( NULL == ssl || NULL == ssl->conf || NULL == ssl->conf->f_dbg || level > debug_threshold )
+        return;
+
+    va_start( argp, format );
+#if defined(_WIN32)
+#if defined(_TRUNCATE)
+    ret = _vsnprintf_s( str, DEBUG_BUF_SIZE, _TRUNCATE, format, argp );
+#else
+    ret = _vsnprintf( str, DEBUG_BUF_SIZE, format, argp );
+    if( ret < 0 || (size_t) ret == DEBUG_BUF_SIZE )
+    {
+        str[DEBUG_BUF_SIZE-1] = '\0';
+        ret = -1;
+    }
+#endif
+#else
+    ret = vsnprintf( str, DEBUG_BUF_SIZE, format, argp );
+#endif
+    va_end( argp );
+
+    if( ret >= 0 && ret < DEBUG_BUF_SIZE - 1 )
+    {
+        str[ret]     = '\n';
+        str[ret + 1] = '\0';
+    }
+
+    debug_send_line( ssl, level, file, line, str );
+}
+
+void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level,
+                      const char *file, int line,
+                      const char *text, int ret )
+{
+    char str[DEBUG_BUF_SIZE];
+
+    if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || level > debug_threshold )
+        return;
+
+    /*
+     * With non-blocking I/O and examples that just retry immediately,
+     * the logs would be quickly flooded with WANT_READ, so ignore that.
+     * Don't ignore WANT_WRITE however, since is is usually rare.
+     */
+    if( ret == MBEDTLS_ERR_SSL_WANT_READ )
+        return;
+
+    mbedtls_snprintf( str, sizeof( str ), "%s() returned %d (-0x%04x)\n",
+              text, ret, -ret );
+
+    debug_send_line( ssl, level, file, line, str );
+}
+
+void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
+                      const char *file, int line, const char *text,
+                      const unsigned char *buf, size_t len )
+{
+    char str[DEBUG_BUF_SIZE];
+    char txt[17];
+    size_t i, idx = 0;
+
+    if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || level > debug_threshold )
+        return;
+
+    mbedtls_snprintf( str + idx, sizeof( str ) - idx, "dumping '%s' (%u bytes)\n",
+              text, (unsigned int) len );
+
+    debug_send_line( ssl, level, file, line, str );
+
+    idx = 0;
+    memset( txt, 0, sizeof( txt ) );
+    for( i = 0; i < len; i++ )
+    {
+        if( i >= 4096 )
+            break;
+
+        if( i % 16 == 0 )
+        {
+            if( i > 0 )
+            {
+                mbedtls_snprintf( str + idx, sizeof( str ) - idx, "  %s\n", txt );
+                debug_send_line( ssl, level, file, line, str );
+
+                idx = 0;
+                memset( txt, 0, sizeof( txt ) );
+            }
+
+            idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, "%04x: ",
+                             (unsigned int) i );
+
+        }
+
+        idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x",
+                         (unsigned int) buf[i] );
+        txt[i % 16] = ( buf[i] > 31 && buf[i] < 127 ) ? buf[i] : '.' ;
+    }
+
+    if( len > 0 )
+    {
+        for( /* i = i */; i % 16 != 0; i++ )
+            idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, "   " );
+
+        mbedtls_snprintf( str + idx, sizeof( str ) - idx, "  %s\n", txt );
+        debug_send_line( ssl, level, file, line, str );
+    }
+}
+
+#if defined(MBEDTLS_ECP_C)
+void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level,
+                      const char *file, int line,
+                      const char *text, const mbedtls_ecp_point *X )
+{
+    char str[DEBUG_BUF_SIZE];
+
+    if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || level > debug_threshold )
+        return;
+
+    mbedtls_snprintf( str, sizeof( str ), "%s(X)", text );
+    mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->X );
+
+    mbedtls_snprintf( str, sizeof( str ), "%s(Y)", text );
+    mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->Y );
+}
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_BIGNUM_C)
+void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level,
+                      const char *file, int line,
+                      const char *text, const mbedtls_mpi *X )
+{
+    char str[DEBUG_BUF_SIZE];
+    int j, k, zeros = 1;
+    size_t i, n, idx = 0;
+
+    if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || X == NULL || level > debug_threshold )
+        return;
+
+    for( n = X->n - 1; n > 0; n-- )
+        if( X->p[n] != 0 )
+            break;
+
+    for( j = ( sizeof(mbedtls_mpi_uint) << 3 ) - 1; j >= 0; j-- )
+        if( ( ( X->p[n] >> j ) & 1 ) != 0 )
+            break;
+
+    mbedtls_snprintf( str + idx, sizeof( str ) - idx, "value of '%s' (%d bits) is:\n",
+              text, (int) ( ( n * ( sizeof(mbedtls_mpi_uint) << 3 ) ) + j + 1 ) );
+
+    debug_send_line( ssl, level, file, line, str );
+
+    idx = 0;
+    for( i = n + 1, j = 0; i > 0; i-- )
+    {
+        if( zeros && X->p[i - 1] == 0 )
+            continue;
+
+        for( k = sizeof( mbedtls_mpi_uint ) - 1; k >= 0; k-- )
+        {
+            if( zeros && ( ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF ) == 0 )
+                continue;
+            else
+                zeros = 0;
+
+            if( j % 16 == 0 )
+            {
+                if( j > 0 )
+                {
+                    mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" );
+                    debug_send_line( ssl, level, file, line, str );
+                    idx = 0;
+                }
+            }
+
+            idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x", (unsigned int)
+                             ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF );
+
+            j++;
+        }
+
+    }
+
+    if( zeros == 1 )
+        idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " 00" );
+
+    mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" );
+    debug_send_line( ssl, level, file, line, str );
+}
+#endif /* MBEDTLS_BIGNUM_C */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+static void debug_print_pk( const mbedtls_ssl_context *ssl, int level,
+                            const char *file, int line,
+                            const char *text, const mbedtls_pk_context *pk )
+{
+    size_t i;
+    mbedtls_pk_debug_item items[MBEDTLS_PK_DEBUG_MAX_ITEMS];
+    char name[16];
+
+    memset( items, 0, sizeof( items ) );
+
+    if( mbedtls_pk_debug( pk, items ) != 0 )
+    {
+        debug_send_line( ssl, level, file, line,
+                          "invalid PK context\n" );
+        return;
+    }
+
+    for( i = 0; i < MBEDTLS_PK_DEBUG_MAX_ITEMS; i++ )
+    {
+        if( items[i].type == MBEDTLS_PK_DEBUG_NONE )
+            return;
+
+        mbedtls_snprintf( name, sizeof( name ), "%s%s", text, items[i].name );
+        name[sizeof( name ) - 1] = '\0';
+
+        if( items[i].type == MBEDTLS_PK_DEBUG_MPI )
+            mbedtls_debug_print_mpi( ssl, level, file, line, name, items[i].value );
+        else
+#if defined(MBEDTLS_ECP_C)
+        if( items[i].type == MBEDTLS_PK_DEBUG_ECP )
+            mbedtls_debug_print_ecp( ssl, level, file, line, name, items[i].value );
+        else
+#endif
+            debug_send_line( ssl, level, file, line,
+                              "should not happen\n" );
+    }
+}
+
+static void debug_print_line_by_line( const mbedtls_ssl_context *ssl, int level,
+                                      const char *file, int line, const char *text )
+{
+    char str[DEBUG_BUF_SIZE];
+    const char *start, *cur;
+
+    start = text;
+    for( cur = text; *cur != '\0'; cur++ )
+    {
+        if( *cur == '\n' )
+        {
+            size_t len = cur - start + 1;
+            if( len > DEBUG_BUF_SIZE - 1 )
+                len = DEBUG_BUF_SIZE - 1;
+
+            memcpy( str, start, len );
+            str[len] = '\0';
+
+            debug_send_line( ssl, level, file, line, str );
+
+            start = cur + 1;
+        }
+    }
+}
+
+void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level,
+                      const char *file, int line,
+                      const char *text, const mbedtls_x509_crt *crt )
+{
+    char str[DEBUG_BUF_SIZE];
+    int i = 0;
+
+    if( ssl->conf == NULL || ssl->conf->f_dbg == NULL || crt == NULL || level > debug_threshold )
+        return;
+
+    while( crt != NULL )
+    {
+        char buf[1024];
+
+        mbedtls_snprintf( str, sizeof( str ), "%s #%d:\n", text, ++i );
+        debug_send_line( ssl, level, file, line, str );
+
+        mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, "", crt );
+        debug_print_line_by_line( ssl, level, file, line, buf );
+
+        debug_print_pk( ssl, level, file, line, "crt->", &crt->pk );
+
+        crt = crt->next;
+    }
+}
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#endif /* MBEDTLS_DEBUG_C */
diff --git a/thirdparty/mbedtls/library/des.c b/thirdparty/mbedtls/library/des.c
new file mode 100644
index 0000000000..09f95cfc3b
--- /dev/null
+++ b/thirdparty/mbedtls/library/des.c
@@ -0,0 +1,1061 @@
+/*
+ *  FIPS-46-3 compliant Triple-DES implementation
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ *  DES, on which TDES is based, was originally designed by Horst Feistel
+ *  at IBM in 1974, and was adopted as a standard by NIST (formerly NBS).
+ *
+ *  http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_DES_C)
+
+#include "mbedtls/des.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_SELF_TEST)
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif /* MBEDTLS_PLATFORM_C */
+#endif /* MBEDTLS_SELF_TEST */
+
+#if !defined(MBEDTLS_DES_ALT)
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
+}
+
+/*
+ * 32-bit integer manipulation macros (big endian)
+ */
+#ifndef GET_UINT32_BE
+#define GET_UINT32_BE(n,b,i)                            \
+{                                                       \
+    (n) = ( (uint32_t) (b)[(i)    ] << 24 )             \
+        | ( (uint32_t) (b)[(i) + 1] << 16 )             \
+        | ( (uint32_t) (b)[(i) + 2] <<  8 )             \
+        | ( (uint32_t) (b)[(i) + 3]       );            \
+}
+#endif
+
+#ifndef PUT_UINT32_BE
+#define PUT_UINT32_BE(n,b,i)                            \
+{                                                       \
+    (b)[(i)    ] = (unsigned char) ( (n) >> 24 );       \
+    (b)[(i) + 1] = (unsigned char) ( (n) >> 16 );       \
+    (b)[(i) + 2] = (unsigned char) ( (n) >>  8 );       \
+    (b)[(i) + 3] = (unsigned char) ( (n)       );       \
+}
+#endif
+
+/*
+ * Expanded DES S-boxes
+ */
+static const uint32_t SB1[64] =
+{
+    0x01010400, 0x00000000, 0x00010000, 0x01010404,
+    0x01010004, 0x00010404, 0x00000004, 0x00010000,
+    0x00000400, 0x01010400, 0x01010404, 0x00000400,
+    0x01000404, 0x01010004, 0x01000000, 0x00000004,
+    0x00000404, 0x01000400, 0x01000400, 0x00010400,
+    0x00010400, 0x01010000, 0x01010000, 0x01000404,
+    0x00010004, 0x01000004, 0x01000004, 0x00010004,
+    0x00000000, 0x00000404, 0x00010404, 0x01000000,
+    0x00010000, 0x01010404, 0x00000004, 0x01010000,
+    0x01010400, 0x01000000, 0x01000000, 0x00000400,
+    0x01010004, 0x00010000, 0x00010400, 0x01000004,
+    0x00000400, 0x00000004, 0x01000404, 0x00010404,
+    0x01010404, 0x00010004, 0x01010000, 0x01000404,
+    0x01000004, 0x00000404, 0x00010404, 0x01010400,
+    0x00000404, 0x01000400, 0x01000400, 0x00000000,
+    0x00010004, 0x00010400, 0x00000000, 0x01010004
+};
+
+static const uint32_t SB2[64] =
+{
+    0x80108020, 0x80008000, 0x00008000, 0x00108020,
+    0x00100000, 0x00000020, 0x80100020, 0x80008020,
+    0x80000020, 0x80108020, 0x80108000, 0x80000000,
+    0x80008000, 0x00100000, 0x00000020, 0x80100020,
+    0x00108000, 0x00100020, 0x80008020, 0x00000000,
+    0x80000000, 0x00008000, 0x00108020, 0x80100000,
+    0x00100020, 0x80000020, 0x00000000, 0x00108000,
+    0x00008020, 0x80108000, 0x80100000, 0x00008020,
+    0x00000000, 0x00108020, 0x80100020, 0x00100000,
+    0x80008020, 0x80100000, 0x80108000, 0x00008000,
+    0x80100000, 0x80008000, 0x00000020, 0x80108020,
+    0x00108020, 0x00000020, 0x00008000, 0x80000000,
+    0x00008020, 0x80108000, 0x00100000, 0x80000020,
+    0x00100020, 0x80008020, 0x80000020, 0x00100020,
+    0x00108000, 0x00000000, 0x80008000, 0x00008020,
+    0x80000000, 0x80100020, 0x80108020, 0x00108000
+};
+
+static const uint32_t SB3[64] =
+{
+    0x00000208, 0x08020200, 0x00000000, 0x08020008,
+    0x08000200, 0x00000000, 0x00020208, 0x08000200,
+    0x00020008, 0x08000008, 0x08000008, 0x00020000,
+    0x08020208, 0x00020008, 0x08020000, 0x00000208,
+    0x08000000, 0x00000008, 0x08020200, 0x00000200,
+    0x00020200, 0x08020000, 0x08020008, 0x00020208,
+    0x08000208, 0x00020200, 0x00020000, 0x08000208,
+    0x00000008, 0x08020208, 0x00000200, 0x08000000,
+    0x08020200, 0x08000000, 0x00020008, 0x00000208,
+    0x00020000, 0x08020200, 0x08000200, 0x00000000,
+    0x00000200, 0x00020008, 0x08020208, 0x08000200,
+    0x08000008, 0x00000200, 0x00000000, 0x08020008,
+    0x08000208, 0x00020000, 0x08000000, 0x08020208,
+    0x00000008, 0x00020208, 0x00020200, 0x08000008,
+    0x08020000, 0x08000208, 0x00000208, 0x08020000,
+    0x00020208, 0x00000008, 0x08020008, 0x00020200
+};
+
+static const uint32_t SB4[64] =
+{
+    0x00802001, 0x00002081, 0x00002081, 0x00000080,
+    0x00802080, 0x00800081, 0x00800001, 0x00002001,
+    0x00000000, 0x00802000, 0x00802000, 0x00802081,
+    0x00000081, 0x00000000, 0x00800080, 0x00800001,
+    0x00000001, 0x00002000, 0x00800000, 0x00802001,
+    0x00000080, 0x00800000, 0x00002001, 0x00002080,
+    0x00800081, 0x00000001, 0x00002080, 0x00800080,
+    0x00002000, 0x00802080, 0x00802081, 0x00000081,
+    0x00800080, 0x00800001, 0x00802000, 0x00802081,
+    0x00000081, 0x00000000, 0x00000000, 0x00802000,
+    0x00002080, 0x00800080, 0x00800081, 0x00000001,
+    0x00802001, 0x00002081, 0x00002081, 0x00000080,
+    0x00802081, 0x00000081, 0x00000001, 0x00002000,
+    0x00800001, 0x00002001, 0x00802080, 0x00800081,
+    0x00002001, 0x00002080, 0x00800000, 0x00802001,
+    0x00000080, 0x00800000, 0x00002000, 0x00802080
+};
+
+static const uint32_t SB5[64] =
+{
+    0x00000100, 0x02080100, 0x02080000, 0x42000100,
+    0x00080000, 0x00000100, 0x40000000, 0x02080000,
+    0x40080100, 0x00080000, 0x02000100, 0x40080100,
+    0x42000100, 0x42080000, 0x00080100, 0x40000000,
+    0x02000000, 0x40080000, 0x40080000, 0x00000000,
+    0x40000100, 0x42080100, 0x42080100, 0x02000100,
+    0x42080000, 0x40000100, 0x00000000, 0x42000000,
+    0x02080100, 0x02000000, 0x42000000, 0x00080100,
+    0x00080000, 0x42000100, 0x00000100, 0x02000000,
+    0x40000000, 0x02080000, 0x42000100, 0x40080100,
+    0x02000100, 0x40000000, 0x42080000, 0x02080100,
+    0x40080100, 0x00000100, 0x02000000, 0x42080000,
+    0x42080100, 0x00080100, 0x42000000, 0x42080100,
+    0x02080000, 0x00000000, 0x40080000, 0x42000000,
+    0x00080100, 0x02000100, 0x40000100, 0x00080000,
+    0x00000000, 0x40080000, 0x02080100, 0x40000100
+};
+
+static const uint32_t SB6[64] =
+{
+    0x20000010, 0x20400000, 0x00004000, 0x20404010,
+    0x20400000, 0x00000010, 0x20404010, 0x00400000,
+    0x20004000, 0x00404010, 0x00400000, 0x20000010,
+    0x00400010, 0x20004000, 0x20000000, 0x00004010,
+    0x00000000, 0x00400010, 0x20004010, 0x00004000,
+    0x00404000, 0x20004010, 0x00000010, 0x20400010,
+    0x20400010, 0x00000000, 0x00404010, 0x20404000,
+    0x00004010, 0x00404000, 0x20404000, 0x20000000,
+    0x20004000, 0x00000010, 0x20400010, 0x00404000,
+    0x20404010, 0x00400000, 0x00004010, 0x20000010,
+    0x00400000, 0x20004000, 0x20000000, 0x00004010,
+    0x20000010, 0x20404010, 0x00404000, 0x20400000,
+    0x00404010, 0x20404000, 0x00000000, 0x20400010,
+    0x00000010, 0x00004000, 0x20400000, 0x00404010,
+    0x00004000, 0x00400010, 0x20004010, 0x00000000,
+    0x20404000, 0x20000000, 0x00400010, 0x20004010
+};
+
+static const uint32_t SB7[64] =
+{
+    0x00200000, 0x04200002, 0x04000802, 0x00000000,
+    0x00000800, 0x04000802, 0x00200802, 0x04200800,
+    0x04200802, 0x00200000, 0x00000000, 0x04000002,
+    0x00000002, 0x04000000, 0x04200002, 0x00000802,
+    0x04000800, 0x00200802, 0x00200002, 0x04000800,
+    0x04000002, 0x04200000, 0x04200800, 0x00200002,
+    0x04200000, 0x00000800, 0x00000802, 0x04200802,
+    0x00200800, 0x00000002, 0x04000000, 0x00200800,
+    0x04000000, 0x00200800, 0x00200000, 0x04000802,
+    0x04000802, 0x04200002, 0x04200002, 0x00000002,
+    0x00200002, 0x04000000, 0x04000800, 0x00200000,
+    0x04200800, 0x00000802, 0x00200802, 0x04200800,
+    0x00000802, 0x04000002, 0x04200802, 0x04200000,
+    0x00200800, 0x00000000, 0x00000002, 0x04200802,
+    0x00000000, 0x00200802, 0x04200000, 0x00000800,
+    0x04000002, 0x04000800, 0x00000800, 0x00200002
+};
+
+static const uint32_t SB8[64] =
+{
+    0x10001040, 0x00001000, 0x00040000, 0x10041040,
+    0x10000000, 0x10001040, 0x00000040, 0x10000000,
+    0x00040040, 0x10040000, 0x10041040, 0x00041000,
+    0x10041000, 0x00041040, 0x00001000, 0x00000040,
+    0x10040000, 0x10000040, 0x10001000, 0x00001040,
+    0x00041000, 0x00040040, 0x10040040, 0x10041000,
+    0x00001040, 0x00000000, 0x00000000, 0x10040040,
+    0x10000040, 0x10001000, 0x00041040, 0x00040000,
+    0x00041040, 0x00040000, 0x10041000, 0x00001000,
+    0x00000040, 0x10040040, 0x00001000, 0x00041040,
+    0x10001000, 0x00000040, 0x10000040, 0x10040000,
+    0x10040040, 0x10000000, 0x00040000, 0x10001040,
+    0x00000000, 0x10041040, 0x00040040, 0x10000040,
+    0x10040000, 0x10001000, 0x10001040, 0x00000000,
+    0x10041040, 0x00041000, 0x00041000, 0x00001040,
+    0x00001040, 0x00040040, 0x10000000, 0x10041000
+};
+
+/*
+ * PC1: left and right halves bit-swap
+ */
+static const uint32_t LHs[16] =
+{
+    0x00000000, 0x00000001, 0x00000100, 0x00000101,
+    0x00010000, 0x00010001, 0x00010100, 0x00010101,
+    0x01000000, 0x01000001, 0x01000100, 0x01000101,
+    0x01010000, 0x01010001, 0x01010100, 0x01010101
+};
+
+static const uint32_t RHs[16] =
+{
+    0x00000000, 0x01000000, 0x00010000, 0x01010000,
+    0x00000100, 0x01000100, 0x00010100, 0x01010100,
+    0x00000001, 0x01000001, 0x00010001, 0x01010001,
+    0x00000101, 0x01000101, 0x00010101, 0x01010101,
+};
+
+/*
+ * Initial Permutation macro
+ */
+#define DES_IP(X,Y)                                             \
+{                                                               \
+    T = ((X >>  4) ^ Y) & 0x0F0F0F0F; Y ^= T; X ^= (T <<  4);   \
+    T = ((X >> 16) ^ Y) & 0x0000FFFF; Y ^= T; X ^= (T << 16);   \
+    T = ((Y >>  2) ^ X) & 0x33333333; X ^= T; Y ^= (T <<  2);   \
+    T = ((Y >>  8) ^ X) & 0x00FF00FF; X ^= T; Y ^= (T <<  8);   \
+    Y = ((Y << 1) | (Y >> 31)) & 0xFFFFFFFF;                    \
+    T = (X ^ Y) & 0xAAAAAAAA; Y ^= T; X ^= T;                   \
+    X = ((X << 1) | (X >> 31)) & 0xFFFFFFFF;                    \
+}
+
+/*
+ * Final Permutation macro
+ */
+#define DES_FP(X,Y)                                             \
+{                                                               \
+    X = ((X << 31) | (X >> 1)) & 0xFFFFFFFF;                    \
+    T = (X ^ Y) & 0xAAAAAAAA; X ^= T; Y ^= T;                   \
+    Y = ((Y << 31) | (Y >> 1)) & 0xFFFFFFFF;                    \
+    T = ((Y >>  8) ^ X) & 0x00FF00FF; X ^= T; Y ^= (T <<  8);   \
+    T = ((Y >>  2) ^ X) & 0x33333333; X ^= T; Y ^= (T <<  2);   \
+    T = ((X >> 16) ^ Y) & 0x0000FFFF; Y ^= T; X ^= (T << 16);   \
+    T = ((X >>  4) ^ Y) & 0x0F0F0F0F; Y ^= T; X ^= (T <<  4);   \
+}
+
+/*
+ * DES round macro
+ */
+#define DES_ROUND(X,Y)                          \
+{                                               \
+    T = *SK++ ^ X;                              \
+    Y ^= SB8[ (T      ) & 0x3F ] ^              \
+         SB6[ (T >>  8) & 0x3F ] ^              \
+         SB4[ (T >> 16) & 0x3F ] ^              \
+         SB2[ (T >> 24) & 0x3F ];               \
+                                                \
+    T = *SK++ ^ ((X << 28) | (X >> 4));         \
+    Y ^= SB7[ (T      ) & 0x3F ] ^              \
+         SB5[ (T >>  8) & 0x3F ] ^              \
+         SB3[ (T >> 16) & 0x3F ] ^              \
+         SB1[ (T >> 24) & 0x3F ];               \
+}
+
+#define SWAP(a,b) { uint32_t t = a; a = b; b = t; t = 0; }
+
+void mbedtls_des_init( mbedtls_des_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_des_context ) );
+}
+
+void mbedtls_des_free( mbedtls_des_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    mbedtls_zeroize( ctx, sizeof( mbedtls_des_context ) );
+}
+
+void mbedtls_des3_init( mbedtls_des3_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_des3_context ) );
+}
+
+void mbedtls_des3_free( mbedtls_des3_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    mbedtls_zeroize( ctx, sizeof( mbedtls_des3_context ) );
+}
+
+static const unsigned char odd_parity_table[128] = { 1,  2,  4,  7,  8,
+        11, 13, 14, 16, 19, 21, 22, 25, 26, 28, 31, 32, 35, 37, 38, 41, 42, 44,
+        47, 49, 50, 52, 55, 56, 59, 61, 62, 64, 67, 69, 70, 73, 74, 76, 79, 81,
+        82, 84, 87, 88, 91, 93, 94, 97, 98, 100, 103, 104, 107, 109, 110, 112,
+        115, 117, 118, 121, 122, 124, 127, 128, 131, 133, 134, 137, 138, 140,
+        143, 145, 146, 148, 151, 152, 155, 157, 158, 161, 162, 164, 167, 168,
+        171, 173, 174, 176, 179, 181, 182, 185, 186, 188, 191, 193, 194, 196,
+        199, 200, 203, 205, 206, 208, 211, 213, 214, 217, 218, 220, 223, 224,
+        227, 229, 230, 233, 234, 236, 239, 241, 242, 244, 247, 248, 251, 253,
+        254 };
+
+void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] )
+{
+    int i;
+
+    for( i = 0; i < MBEDTLS_DES_KEY_SIZE; i++ )
+        key[i] = odd_parity_table[key[i] / 2];
+}
+
+/*
+ * Check the given key's parity, returns 1 on failure, 0 on SUCCESS
+ */
+int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] )
+{
+    int i;
+
+    for( i = 0; i < MBEDTLS_DES_KEY_SIZE; i++ )
+        if( key[i] != odd_parity_table[key[i] / 2] )
+            return( 1 );
+
+    return( 0 );
+}
+
+/*
+ * Table of weak and semi-weak keys
+ *
+ * Source: http://en.wikipedia.org/wiki/Weak_key
+ *
+ * Weak:
+ * Alternating ones + zeros (0x0101010101010101)
+ * Alternating 'F' + 'E' (0xFEFEFEFEFEFEFEFE)
+ * '0xE0E0E0E0F1F1F1F1'
+ * '0x1F1F1F1F0E0E0E0E'
+ *
+ * Semi-weak:
+ * 0x011F011F010E010E and 0x1F011F010E010E01
+ * 0x01E001E001F101F1 and 0xE001E001F101F101
+ * 0x01FE01FE01FE01FE and 0xFE01FE01FE01FE01
+ * 0x1FE01FE00EF10EF1 and 0xE01FE01FF10EF10E
+ * 0x1FFE1FFE0EFE0EFE and 0xFE1FFE1FFE0EFE0E
+ * 0xE0FEE0FEF1FEF1FE and 0xFEE0FEE0FEF1FEF1
+ *
+ */
+
+#define WEAK_KEY_COUNT 16
+
+static const unsigned char weak_key_table[WEAK_KEY_COUNT][MBEDTLS_DES_KEY_SIZE] =
+{
+    { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
+    { 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE },
+    { 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E },
+    { 0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1 },
+
+    { 0x01, 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E },
+    { 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E, 0x01 },
+    { 0x01, 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1 },
+    { 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1, 0x01 },
+    { 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE },
+    { 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01 },
+    { 0x1F, 0xE0, 0x1F, 0xE0, 0x0E, 0xF1, 0x0E, 0xF1 },
+    { 0xE0, 0x1F, 0xE0, 0x1F, 0xF1, 0x0E, 0xF1, 0x0E },
+    { 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E, 0xFE },
+    { 0xFE, 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E },
+    { 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE },
+    { 0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1 }
+};
+
+int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] )
+{
+    int i;
+
+    for( i = 0; i < WEAK_KEY_COUNT; i++ )
+        if( memcmp( weak_key_table[i], key, MBEDTLS_DES_KEY_SIZE) == 0 )
+            return( 1 );
+
+    return( 0 );
+}
+
+#if !defined(MBEDTLS_DES_SETKEY_ALT)
+void mbedtls_des_setkey( uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KEY_SIZE] )
+{
+    int i;
+    uint32_t X, Y, T;
+
+    GET_UINT32_BE( X, key, 0 );
+    GET_UINT32_BE( Y, key, 4 );
+
+    /*
+     * Permuted Choice 1
+     */
+    T =  ((Y >>  4) ^ X) & 0x0F0F0F0F;  X ^= T; Y ^= (T <<  4);
+    T =  ((Y      ) ^ X) & 0x10101010;  X ^= T; Y ^= (T      );
+
+    X =   (LHs[ (X      ) & 0xF] << 3) | (LHs[ (X >>  8) & 0xF ] << 2)
+        | (LHs[ (X >> 16) & 0xF] << 1) | (LHs[ (X >> 24) & 0xF ]     )
+        | (LHs[ (X >>  5) & 0xF] << 7) | (LHs[ (X >> 13) & 0xF ] << 6)
+        | (LHs[ (X >> 21) & 0xF] << 5) | (LHs[ (X >> 29) & 0xF ] << 4);
+
+    Y =   (RHs[ (Y >>  1) & 0xF] << 3) | (RHs[ (Y >>  9) & 0xF ] << 2)
+        | (RHs[ (Y >> 17) & 0xF] << 1) | (RHs[ (Y >> 25) & 0xF ]     )
+        | (RHs[ (Y >>  4) & 0xF] << 7) | (RHs[ (Y >> 12) & 0xF ] << 6)
+        | (RHs[ (Y >> 20) & 0xF] << 5) | (RHs[ (Y >> 28) & 0xF ] << 4);
+
+    X &= 0x0FFFFFFF;
+    Y &= 0x0FFFFFFF;
+
+    /*
+     * calculate subkeys
+     */
+    for( i = 0; i < 16; i++ )
+    {
+        if( i < 2 || i == 8 || i == 15 )
+        {
+            X = ((X <<  1) | (X >> 27)) & 0x0FFFFFFF;
+            Y = ((Y <<  1) | (Y >> 27)) & 0x0FFFFFFF;
+        }
+        else
+        {
+            X = ((X <<  2) | (X >> 26)) & 0x0FFFFFFF;
+            Y = ((Y <<  2) | (Y >> 26)) & 0x0FFFFFFF;
+        }
+
+        *SK++ =   ((X <<  4) & 0x24000000) | ((X << 28) & 0x10000000)
+                | ((X << 14) & 0x08000000) | ((X << 18) & 0x02080000)
+                | ((X <<  6) & 0x01000000) | ((X <<  9) & 0x00200000)
+                | ((X >>  1) & 0x00100000) | ((X << 10) & 0x00040000)
+                | ((X <<  2) & 0x00020000) | ((X >> 10) & 0x00010000)
+                | ((Y >> 13) & 0x00002000) | ((Y >>  4) & 0x00001000)
+                | ((Y <<  6) & 0x00000800) | ((Y >>  1) & 0x00000400)
+                | ((Y >> 14) & 0x00000200) | ((Y      ) & 0x00000100)
+                | ((Y >>  5) & 0x00000020) | ((Y >> 10) & 0x00000010)
+                | ((Y >>  3) & 0x00000008) | ((Y >> 18) & 0x00000004)
+                | ((Y >> 26) & 0x00000002) | ((Y >> 24) & 0x00000001);
+
+        *SK++ =   ((X << 15) & 0x20000000) | ((X << 17) & 0x10000000)
+                | ((X << 10) & 0x08000000) | ((X << 22) & 0x04000000)
+                | ((X >>  2) & 0x02000000) | ((X <<  1) & 0x01000000)
+                | ((X << 16) & 0x00200000) | ((X << 11) & 0x00100000)
+                | ((X <<  3) & 0x00080000) | ((X >>  6) & 0x00040000)
+                | ((X << 15) & 0x00020000) | ((X >>  4) & 0x00010000)
+                | ((Y >>  2) & 0x00002000) | ((Y <<  8) & 0x00001000)
+                | ((Y >> 14) & 0x00000808) | ((Y >>  9) & 0x00000400)
+                | ((Y      ) & 0x00000200) | ((Y <<  7) & 0x00000100)
+                | ((Y >>  7) & 0x00000020) | ((Y >>  3) & 0x00000011)
+                | ((Y <<  2) & 0x00000004) | ((Y >> 21) & 0x00000002);
+    }
+}
+#endif /* !MBEDTLS_DES_SETKEY_ALT */
+
+/*
+ * DES key schedule (56-bit, encryption)
+ */
+int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] )
+{
+    mbedtls_des_setkey( ctx->sk, key );
+
+    return( 0 );
+}
+
+/*
+ * DES key schedule (56-bit, decryption)
+ */
+int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] )
+{
+    int i;
+
+    mbedtls_des_setkey( ctx->sk, key );
+
+    for( i = 0; i < 16; i += 2 )
+    {
+        SWAP( ctx->sk[i    ], ctx->sk[30 - i] );
+        SWAP( ctx->sk[i + 1], ctx->sk[31 - i] );
+    }
+
+    return( 0 );
+}
+
+static void des3_set2key( uint32_t esk[96],
+                          uint32_t dsk[96],
+                          const unsigned char key[MBEDTLS_DES_KEY_SIZE*2] )
+{
+    int i;
+
+    mbedtls_des_setkey( esk, key );
+    mbedtls_des_setkey( dsk + 32, key + 8 );
+
+    for( i = 0; i < 32; i += 2 )
+    {
+        dsk[i     ] = esk[30 - i];
+        dsk[i +  1] = esk[31 - i];
+
+        esk[i + 32] = dsk[62 - i];
+        esk[i + 33] = dsk[63 - i];
+
+        esk[i + 64] = esk[i    ];
+        esk[i + 65] = esk[i + 1];
+
+        dsk[i + 64] = dsk[i    ];
+        dsk[i + 65] = dsk[i + 1];
+    }
+}
+
+/*
+ * Triple-DES key schedule (112-bit, encryption)
+ */
+int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx,
+                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] )
+{
+    uint32_t sk[96];
+
+    des3_set2key( ctx->sk, sk, key );
+    mbedtls_zeroize( sk,  sizeof( sk ) );
+
+    return( 0 );
+}
+
+/*
+ * Triple-DES key schedule (112-bit, decryption)
+ */
+int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx,
+                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] )
+{
+    uint32_t sk[96];
+
+    des3_set2key( sk, ctx->sk, key );
+    mbedtls_zeroize( sk,  sizeof( sk ) );
+
+    return( 0 );
+}
+
+static void des3_set3key( uint32_t esk[96],
+                          uint32_t dsk[96],
+                          const unsigned char key[24] )
+{
+    int i;
+
+    mbedtls_des_setkey( esk, key );
+    mbedtls_des_setkey( dsk + 32, key +  8 );
+    mbedtls_des_setkey( esk + 64, key + 16 );
+
+    for( i = 0; i < 32; i += 2 )
+    {
+        dsk[i     ] = esk[94 - i];
+        dsk[i +  1] = esk[95 - i];
+
+        esk[i + 32] = dsk[62 - i];
+        esk[i + 33] = dsk[63 - i];
+
+        dsk[i + 64] = esk[30 - i];
+        dsk[i + 65] = esk[31 - i];
+    }
+}
+
+/*
+ * Triple-DES key schedule (168-bit, encryption)
+ */
+int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx,
+                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] )
+{
+    uint32_t sk[96];
+
+    des3_set3key( ctx->sk, sk, key );
+    mbedtls_zeroize( sk,  sizeof( sk ) );
+
+    return( 0 );
+}
+
+/*
+ * Triple-DES key schedule (168-bit, decryption)
+ */
+int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx,
+                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] )
+{
+    uint32_t sk[96];
+
+    des3_set3key( sk, ctx->sk, key );
+    mbedtls_zeroize( sk,  sizeof( sk ) );
+
+    return( 0 );
+}
+
+/*
+ * DES-ECB block encryption/decryption
+ */
+#if !defined(MBEDTLS_DES_CRYPT_ECB_ALT)
+int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx,
+                    const unsigned char input[8],
+                    unsigned char output[8] )
+{
+    int i;
+    uint32_t X, Y, T, *SK;
+
+    SK = ctx->sk;
+
+    GET_UINT32_BE( X, input, 0 );
+    GET_UINT32_BE( Y, input, 4 );
+
+    DES_IP( X, Y );
+
+    for( i = 0; i < 8; i++ )
+    {
+        DES_ROUND( Y, X );
+        DES_ROUND( X, Y );
+    }
+
+    DES_FP( Y, X );
+
+    PUT_UINT32_BE( Y, output, 0 );
+    PUT_UINT32_BE( X, output, 4 );
+
+    return( 0 );
+}
+#endif /* !MBEDTLS_DES_CRYPT_ECB_ALT */
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+/*
+ * DES-CBC buffer encryption/decryption
+ */
+int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
+                    int mode,
+                    size_t length,
+                    unsigned char iv[8],
+                    const unsigned char *input,
+                    unsigned char *output )
+{
+    int i;
+    unsigned char temp[8];
+
+    if( length % 8 )
+        return( MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH );
+
+    if( mode == MBEDTLS_DES_ENCRYPT )
+    {
+        while( length > 0 )
+        {
+            for( i = 0; i < 8; i++ )
+                output[i] = (unsigned char)( input[i] ^ iv[i] );
+
+            mbedtls_des_crypt_ecb( ctx, output, output );
+            memcpy( iv, output, 8 );
+
+            input  += 8;
+            output += 8;
+            length -= 8;
+        }
+    }
+    else /* MBEDTLS_DES_DECRYPT */
+    {
+        while( length > 0 )
+        {
+            memcpy( temp, input, 8 );
+            mbedtls_des_crypt_ecb( ctx, input, output );
+
+            for( i = 0; i < 8; i++ )
+                output[i] = (unsigned char)( output[i] ^ iv[i] );
+
+            memcpy( iv, temp, 8 );
+
+            input  += 8;
+            output += 8;
+            length -= 8;
+        }
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+/*
+ * 3DES-ECB block encryption/decryption
+ */
+#if !defined(MBEDTLS_DES3_CRYPT_ECB_ALT)
+int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx,
+                     const unsigned char input[8],
+                     unsigned char output[8] )
+{
+    int i;
+    uint32_t X, Y, T, *SK;
+
+    SK = ctx->sk;
+
+    GET_UINT32_BE( X, input, 0 );
+    GET_UINT32_BE( Y, input, 4 );
+
+    DES_IP( X, Y );
+
+    for( i = 0; i < 8; i++ )
+    {
+        DES_ROUND( Y, X );
+        DES_ROUND( X, Y );
+    }
+
+    for( i = 0; i < 8; i++ )
+    {
+        DES_ROUND( X, Y );
+        DES_ROUND( Y, X );
+    }
+
+    for( i = 0; i < 8; i++ )
+    {
+        DES_ROUND( Y, X );
+        DES_ROUND( X, Y );
+    }
+
+    DES_FP( Y, X );
+
+    PUT_UINT32_BE( Y, output, 0 );
+    PUT_UINT32_BE( X, output, 4 );
+
+    return( 0 );
+}
+#endif /* !MBEDTLS_DES3_CRYPT_ECB_ALT */
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+/*
+ * 3DES-CBC buffer encryption/decryption
+ */
+int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
+                     int mode,
+                     size_t length,
+                     unsigned char iv[8],
+                     const unsigned char *input,
+                     unsigned char *output )
+{
+    int i;
+    unsigned char temp[8];
+
+    if( length % 8 )
+        return( MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH );
+
+    if( mode == MBEDTLS_DES_ENCRYPT )
+    {
+        while( length > 0 )
+        {
+            for( i = 0; i < 8; i++ )
+                output[i] = (unsigned char)( input[i] ^ iv[i] );
+
+            mbedtls_des3_crypt_ecb( ctx, output, output );
+            memcpy( iv, output, 8 );
+
+            input  += 8;
+            output += 8;
+            length -= 8;
+        }
+    }
+    else /* MBEDTLS_DES_DECRYPT */
+    {
+        while( length > 0 )
+        {
+            memcpy( temp, input, 8 );
+            mbedtls_des3_crypt_ecb( ctx, input, output );
+
+            for( i = 0; i < 8; i++ )
+                output[i] = (unsigned char)( output[i] ^ iv[i] );
+
+            memcpy( iv, temp, 8 );
+
+            input  += 8;
+            output += 8;
+            length -= 8;
+        }
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#endif /* !MBEDTLS_DES_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+/*
+ * DES and 3DES test vectors from:
+ *
+ * http://csrc.nist.gov/groups/STM/cavp/documents/des/tripledes-vectors.zip
+ */
+static const unsigned char des3_test_keys[24] =
+{
+    0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+    0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01,
+    0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23
+};
+
+static const unsigned char des3_test_buf[8] =
+{
+    0x4E, 0x6F, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74
+};
+
+static const unsigned char des3_test_ecb_dec[3][8] =
+{
+    { 0xCD, 0xD6, 0x4F, 0x2F, 0x94, 0x27, 0xC1, 0x5D },
+    { 0x69, 0x96, 0xC8, 0xFA, 0x47, 0xA2, 0xAB, 0xEB },
+    { 0x83, 0x25, 0x39, 0x76, 0x44, 0x09, 0x1A, 0x0A }
+};
+
+static const unsigned char des3_test_ecb_enc[3][8] =
+{
+    { 0x6A, 0x2A, 0x19, 0xF4, 0x1E, 0xCA, 0x85, 0x4B },
+    { 0x03, 0xE6, 0x9F, 0x5B, 0xFA, 0x58, 0xEB, 0x42 },
+    { 0xDD, 0x17, 0xE8, 0xB8, 0xB4, 0x37, 0xD2, 0x32 }
+};
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+static const unsigned char des3_test_iv[8] =
+{
+    0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF,
+};
+
+static const unsigned char des3_test_cbc_dec[3][8] =
+{
+    { 0x12, 0x9F, 0x40, 0xB9, 0xD2, 0x00, 0x56, 0xB3 },
+    { 0x47, 0x0E, 0xFC, 0x9A, 0x6B, 0x8E, 0xE3, 0x93 },
+    { 0xC5, 0xCE, 0xCF, 0x63, 0xEC, 0xEC, 0x51, 0x4C }
+};
+
+static const unsigned char des3_test_cbc_enc[3][8] =
+{
+    { 0x54, 0xF1, 0x5A, 0xF6, 0xEB, 0xE3, 0xA4, 0xB4 },
+    { 0x35, 0x76, 0x11, 0x56, 0x5F, 0xA1, 0x8E, 0x4D },
+    { 0xCB, 0x19, 0x1F, 0x85, 0xD1, 0xED, 0x84, 0x39 }
+};
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+/*
+ * Checkup routine
+ */
+int mbedtls_des_self_test( int verbose )
+{
+    int i, j, u, v, ret = 0;
+    mbedtls_des_context ctx;
+    mbedtls_des3_context ctx3;
+    unsigned char buf[8];
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    unsigned char prv[8];
+    unsigned char iv[8];
+#endif
+
+    mbedtls_des_init( &ctx );
+    mbedtls_des3_init( &ctx3 );
+    /*
+     * ECB mode
+     */
+    for( i = 0; i < 6; i++ )
+    {
+        u = i >> 1;
+        v = i  & 1;
+
+        if( verbose != 0 )
+            mbedtls_printf( "  DES%c-ECB-%3d (%s): ",
+                             ( u == 0 ) ? ' ' : '3', 56 + u * 56,
+                             ( v == MBEDTLS_DES_DECRYPT ) ? "dec" : "enc" );
+
+        memcpy( buf, des3_test_buf, 8 );
+
+        switch( i )
+        {
+        case 0:
+            mbedtls_des_setkey_dec( &ctx, des3_test_keys );
+            break;
+
+        case 1:
+            mbedtls_des_setkey_enc( &ctx, des3_test_keys );
+            break;
+
+        case 2:
+            mbedtls_des3_set2key_dec( &ctx3, des3_test_keys );
+            break;
+
+        case 3:
+            mbedtls_des3_set2key_enc( &ctx3, des3_test_keys );
+            break;
+
+        case 4:
+            mbedtls_des3_set3key_dec( &ctx3, des3_test_keys );
+            break;
+
+        case 5:
+            mbedtls_des3_set3key_enc( &ctx3, des3_test_keys );
+            break;
+
+        default:
+            return( 1 );
+        }
+
+        for( j = 0; j < 10000; j++ )
+        {
+            if( u == 0 )
+                mbedtls_des_crypt_ecb( &ctx, buf, buf );
+            else
+                mbedtls_des3_crypt_ecb( &ctx3, buf, buf );
+        }
+
+        if( ( v == MBEDTLS_DES_DECRYPT &&
+                memcmp( buf, des3_test_ecb_dec[u], 8 ) != 0 ) ||
+            ( v != MBEDTLS_DES_DECRYPT &&
+                memcmp( buf, des3_test_ecb_enc[u], 8 ) != 0 ) )
+        {
+            if( verbose != 0 )
+                mbedtls_printf( "failed\n" );
+
+            ret = 1;
+            goto exit;
+        }
+
+        if( verbose != 0 )
+            mbedtls_printf( "passed\n" );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    /*
+     * CBC mode
+     */
+    for( i = 0; i < 6; i++ )
+    {
+        u = i >> 1;
+        v = i  & 1;
+
+        if( verbose != 0 )
+            mbedtls_printf( "  DES%c-CBC-%3d (%s): ",
+                             ( u == 0 ) ? ' ' : '3', 56 + u * 56,
+                             ( v == MBEDTLS_DES_DECRYPT ) ? "dec" : "enc" );
+
+        memcpy( iv,  des3_test_iv,  8 );
+        memcpy( prv, des3_test_iv,  8 );
+        memcpy( buf, des3_test_buf, 8 );
+
+        switch( i )
+        {
+        case 0:
+            mbedtls_des_setkey_dec( &ctx, des3_test_keys );
+            break;
+
+        case 1:
+            mbedtls_des_setkey_enc( &ctx, des3_test_keys );
+            break;
+
+        case 2:
+            mbedtls_des3_set2key_dec( &ctx3, des3_test_keys );
+            break;
+
+        case 3:
+            mbedtls_des3_set2key_enc( &ctx3, des3_test_keys );
+            break;
+
+        case 4:
+            mbedtls_des3_set3key_dec( &ctx3, des3_test_keys );
+            break;
+
+        case 5:
+            mbedtls_des3_set3key_enc( &ctx3, des3_test_keys );
+            break;
+
+        default:
+            return( 1 );
+        }
+
+        if( v == MBEDTLS_DES_DECRYPT )
+        {
+            for( j = 0; j < 10000; j++ )
+            {
+                if( u == 0 )
+                    mbedtls_des_crypt_cbc( &ctx, v, 8, iv, buf, buf );
+                else
+                    mbedtls_des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf );
+            }
+        }
+        else
+        {
+            for( j = 0; j < 10000; j++ )
+            {
+                unsigned char tmp[8];
+
+                if( u == 0 )
+                    mbedtls_des_crypt_cbc( &ctx, v, 8, iv, buf, buf );
+                else
+                    mbedtls_des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf );
+
+                memcpy( tmp, prv, 8 );
+                memcpy( prv, buf, 8 );
+                memcpy( buf, tmp, 8 );
+            }
+
+            memcpy( buf, prv, 8 );
+        }
+
+        if( ( v == MBEDTLS_DES_DECRYPT &&
+                memcmp( buf, des3_test_cbc_dec[u], 8 ) != 0 ) ||
+            ( v != MBEDTLS_DES_DECRYPT &&
+                memcmp( buf, des3_test_cbc_enc[u], 8 ) != 0 ) )
+        {
+            if( verbose != 0 )
+                mbedtls_printf( "failed\n" );
+
+            ret = 1;
+            goto exit;
+        }
+
+        if( verbose != 0 )
+            mbedtls_printf( "passed\n" );
+    }
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+exit:
+    mbedtls_des_free( &ctx );
+    mbedtls_des3_free( &ctx3 );
+
+    return( ret );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_DES_C */
diff --git a/thirdparty/mbedtls/library/dhm.c b/thirdparty/mbedtls/library/dhm.c
new file mode 100644
index 0000000000..28ac31003c
--- /dev/null
+++ b/thirdparty/mbedtls/library/dhm.c
@@ -0,0 +1,663 @@
+/*
+ *  Diffie-Hellman-Merkle key exchange
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ *  The following sources were referenced in the design of this implementation
+ *  of the Diffie-Hellman-Merkle algorithm:
+ *
+ *  [1] Handbook of Applied Cryptography - 1997, Chapter 12
+ *      Menezes, van Oorschot and Vanstone
+ *
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_DHM_C)
+
+#include "mbedtls/dhm.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+#include "mbedtls/pem.h"
+#endif
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+#include "mbedtls/asn1.h"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#include <stdio.h>
+#define mbedtls_printf     printf
+#define mbedtls_calloc    calloc
+#define mbedtls_free       free
+#endif
+
+#if !defined(MBEDTLS_DHM_ALT)
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+/*
+ * helper to validate the mbedtls_mpi size and import it
+ */
+static int dhm_read_bignum( mbedtls_mpi *X,
+                            unsigned char **p,
+                            const unsigned char *end )
+{
+    int ret, n;
+
+    if( end - *p < 2 )
+        return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
+
+    n = ( (*p)[0] << 8 ) | (*p)[1];
+    (*p) += 2;
+
+    if( (int)( end - *p ) < n )
+        return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
+
+    if( ( ret = mbedtls_mpi_read_binary( X, *p, n ) ) != 0 )
+        return( MBEDTLS_ERR_DHM_READ_PARAMS_FAILED + ret );
+
+    (*p) += n;
+
+    return( 0 );
+}
+
+/*
+ * Verify sanity of parameter with regards to P
+ *
+ * Parameter should be: 2 <= public_param <= P - 2
+ *
+ * This means that we need to return an error if
+ *              public_param < 2 or public_param > P-2
+ *
+ * For more information on the attack, see:
+ *  http://www.cl.cam.ac.uk/~rja14/Papers/psandqs.pdf
+ *  http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2643
+ */
+static int dhm_check_range( const mbedtls_mpi *param, const mbedtls_mpi *P )
+{
+    mbedtls_mpi L, U;
+    int ret = 0;
+
+    mbedtls_mpi_init( &L ); mbedtls_mpi_init( &U );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &L, 2 ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &U, P, 2 ) );
+
+    if( mbedtls_mpi_cmp_mpi( param, &L ) < 0 ||
+        mbedtls_mpi_cmp_mpi( param, &U ) > 0 )
+    {
+        ret = MBEDTLS_ERR_DHM_BAD_INPUT_DATA;
+    }
+
+cleanup:
+    mbedtls_mpi_free( &L ); mbedtls_mpi_free( &U );
+    return( ret );
+}
+
+void mbedtls_dhm_init( mbedtls_dhm_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_dhm_context ) );
+}
+
+/*
+ * Parse the ServerKeyExchange parameters
+ */
+int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx,
+                     unsigned char **p,
+                     const unsigned char *end )
+{
+    int ret;
+
+    if( ( ret = dhm_read_bignum( &ctx->P,  p, end ) ) != 0 ||
+        ( ret = dhm_read_bignum( &ctx->G,  p, end ) ) != 0 ||
+        ( ret = dhm_read_bignum( &ctx->GY, p, end ) ) != 0 )
+        return( ret );
+
+    if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 )
+        return( ret );
+
+    ctx->len = mbedtls_mpi_size( &ctx->P );
+
+    return( 0 );
+}
+
+/*
+ * Setup and write the ServerKeyExchange parameters
+ */
+int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
+                     unsigned char *output, size_t *olen,
+                     int (*f_rng)(void *, unsigned char *, size_t),
+                     void *p_rng )
+{
+    int ret, count = 0;
+    size_t n1, n2, n3;
+    unsigned char *p;
+
+    if( mbedtls_mpi_cmp_int( &ctx->P, 0 ) == 0 )
+        return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
+
+    /*
+     * Generate X as large as possible ( < P )
+     */
+    do
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &ctx->X, x_size, f_rng, p_rng ) );
+
+        while( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
+            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &ctx->X, 1 ) );
+
+        if( count++ > 10 )
+            return( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED );
+    }
+    while( dhm_check_range( &ctx->X, &ctx->P ) != 0 );
+
+    /*
+     * Calculate GX = G^X mod P
+     */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X,
+                          &ctx->P , &ctx->RP ) );
+
+    if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 )
+        return( ret );
+
+    /*
+     * export P, G, GX
+     */
+#define DHM_MPI_EXPORT( X, n )                                          \
+    do {                                                                \
+        MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( ( X ),               \
+                                                   p + 2,               \
+                                                   ( n ) ) );           \
+        *p++ = (unsigned char)( ( n ) >> 8 );                           \
+        *p++ = (unsigned char)( ( n )      );                           \
+        p += ( n );                                                     \
+    } while( 0 )
+
+    n1 = mbedtls_mpi_size( &ctx->P  );
+    n2 = mbedtls_mpi_size( &ctx->G  );
+    n3 = mbedtls_mpi_size( &ctx->GX );
+
+    p = output;
+    DHM_MPI_EXPORT( &ctx->P , n1 );
+    DHM_MPI_EXPORT( &ctx->G , n2 );
+    DHM_MPI_EXPORT( &ctx->GX, n3 );
+
+    *olen = p - output;
+
+    ctx->len = n1;
+
+cleanup:
+
+    if( ret != 0 )
+        return( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED + ret );
+
+    return( 0 );
+}
+
+/*
+ * Set prime modulus and generator
+ */
+int mbedtls_dhm_set_group( mbedtls_dhm_context *ctx,
+                           const mbedtls_mpi *P,
+                           const mbedtls_mpi *G )
+{
+    int ret;
+
+    if( ctx == NULL || P == NULL || G == NULL )
+        return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
+
+    if( ( ret = mbedtls_mpi_copy( &ctx->P, P ) ) != 0 ||
+        ( ret = mbedtls_mpi_copy( &ctx->G, G ) ) != 0 )
+    {
+        return( MBEDTLS_ERR_DHM_SET_GROUP_FAILED + ret );
+    }
+
+    ctx->len = mbedtls_mpi_size( &ctx->P );
+    return( 0 );
+}
+
+/*
+ * Import the peer's public value G^Y
+ */
+int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx,
+                     const unsigned char *input, size_t ilen )
+{
+    int ret;
+
+    if( ctx == NULL || ilen < 1 || ilen > ctx->len )
+        return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
+
+    if( ( ret = mbedtls_mpi_read_binary( &ctx->GY, input, ilen ) ) != 0 )
+        return( MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED + ret );
+
+    return( 0 );
+}
+
+/*
+ * Create own private value X and export G^X
+ */
+int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size,
+                     unsigned char *output, size_t olen,
+                     int (*f_rng)(void *, unsigned char *, size_t),
+                     void *p_rng )
+{
+    int ret, count = 0;
+
+    if( ctx == NULL || olen < 1 || olen > ctx->len )
+        return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
+
+    if( mbedtls_mpi_cmp_int( &ctx->P, 0 ) == 0 )
+        return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
+
+    /*
+     * generate X and calculate GX = G^X mod P
+     */
+    do
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &ctx->X, x_size, f_rng, p_rng ) );
+
+        while( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
+            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &ctx->X, 1 ) );
+
+        if( count++ > 10 )
+            return( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED );
+    }
+    while( dhm_check_range( &ctx->X, &ctx->P ) != 0 );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X,
+                          &ctx->P , &ctx->RP ) );
+
+    if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 )
+        return( ret );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->GX, output, olen ) );
+
+cleanup:
+
+    if( ret != 0 )
+        return( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED + ret );
+
+    return( 0 );
+}
+
+/*
+ * Use the blinding method and optimisation suggested in section 10 of:
+ *  KOCHER, Paul C. Timing attacks on implementations of Diffie-Hellman, RSA,
+ *  DSS, and other systems. In : Advances in Cryptology-CRYPTO'96. Springer
+ *  Berlin Heidelberg, 1996. p. 104-113.
+ */
+static int dhm_update_blinding( mbedtls_dhm_context *ctx,
+                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+    int ret, count;
+
+    /*
+     * Don't use any blinding the first time a particular X is used,
+     * but remember it to use blinding next time.
+     */
+    if( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->pX ) != 0 )
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &ctx->pX, &ctx->X ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &ctx->Vi, 1 ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &ctx->Vf, 1 ) );
+
+        return( 0 );
+    }
+
+    /*
+     * Ok, we need blinding. Can we re-use existing values?
+     * If yes, just update them by squaring them.
+     */
+    if( mbedtls_mpi_cmp_int( &ctx->Vi, 1 ) != 0 )
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &ctx->Vi ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->P ) );
+
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &ctx->Vf ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->P ) );
+
+        return( 0 );
+    }
+
+    /*
+     * We need to generate blinding values from scratch
+     */
+
+    /* Vi = random( 2, P-1 ) */
+    count = 0;
+    do
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &ctx->Vi, mbedtls_mpi_size( &ctx->P ), f_rng, p_rng ) );
+
+        while( mbedtls_mpi_cmp_mpi( &ctx->Vi, &ctx->P ) >= 0 )
+            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &ctx->Vi, 1 ) );
+
+        if( count++ > 10 )
+            return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE );
+    }
+    while( mbedtls_mpi_cmp_int( &ctx->Vi, 1 ) <= 0 );
+
+    /* Vf = Vi^-X mod P */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &ctx->Vf, &ctx->Vi, &ctx->P ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->Vf, &ctx->Vf, &ctx->X, &ctx->P, &ctx->RP ) );
+
+cleanup:
+    return( ret );
+}
+
+/*
+ * Derive and export the shared secret (G^Y)^X mod P
+ */
+int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx,
+                     unsigned char *output, size_t output_size, size_t *olen,
+                     int (*f_rng)(void *, unsigned char *, size_t),
+                     void *p_rng )
+{
+    int ret;
+    mbedtls_mpi GYb;
+
+    if( ctx == NULL || output_size < ctx->len )
+        return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
+
+    if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 )
+        return( ret );
+
+    mbedtls_mpi_init( &GYb );
+
+    /* Blind peer's value */
+    if( f_rng != NULL )
+    {
+        MBEDTLS_MPI_CHK( dhm_update_blinding( ctx, f_rng, p_rng ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &GYb, &ctx->GY, &ctx->Vi ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &GYb, &GYb, &ctx->P ) );
+    }
+    else
+        MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &GYb, &ctx->GY ) );
+
+    /* Do modular exponentiation */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->K, &GYb, &ctx->X,
+                          &ctx->P, &ctx->RP ) );
+
+    /* Unblind secret value */
+    if( f_rng != NULL )
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->K, &ctx->K, &ctx->Vf ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->K, &ctx->K, &ctx->P ) );
+    }
+
+    *olen = mbedtls_mpi_size( &ctx->K );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->K, output, *olen ) );
+
+cleanup:
+    mbedtls_mpi_free( &GYb );
+
+    if( ret != 0 )
+        return( MBEDTLS_ERR_DHM_CALC_SECRET_FAILED + ret );
+
+    return( 0 );
+}
+
+/*
+ * Free the components of a DHM key
+ */
+void mbedtls_dhm_free( mbedtls_dhm_context *ctx )
+{
+    mbedtls_mpi_free( &ctx->pX ); mbedtls_mpi_free( &ctx->Vf );
+    mbedtls_mpi_free( &ctx->Vi ); mbedtls_mpi_free( &ctx->RP );
+    mbedtls_mpi_free( &ctx->K  ); mbedtls_mpi_free( &ctx->GY );
+    mbedtls_mpi_free( &ctx->GX ); mbedtls_mpi_free( &ctx->X  );
+    mbedtls_mpi_free( &ctx->G  ); mbedtls_mpi_free( &ctx->P  );
+
+    mbedtls_zeroize( ctx, sizeof( mbedtls_dhm_context ) );
+}
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+/*
+ * Parse DHM parameters
+ */
+int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin,
+                   size_t dhminlen )
+{
+    int ret;
+    size_t len;
+    unsigned char *p, *end;
+#if defined(MBEDTLS_PEM_PARSE_C)
+    mbedtls_pem_context pem;
+
+    mbedtls_pem_init( &pem );
+
+    /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
+    if( dhminlen == 0 || dhmin[dhminlen - 1] != '\0' )
+        ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
+    else
+        ret = mbedtls_pem_read_buffer( &pem,
+                               "-----BEGIN DH PARAMETERS-----",
+                               "-----END DH PARAMETERS-----",
+                               dhmin, NULL, 0, &dhminlen );
+
+    if( ret == 0 )
+    {
+        /*
+         * Was PEM encoded
+         */
+        dhminlen = pem.buflen;
+    }
+    else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
+        goto exit;
+
+    p = ( ret == 0 ) ? pem.buf : (unsigned char *) dhmin;
+#else
+    p = (unsigned char *) dhmin;
+#endif /* MBEDTLS_PEM_PARSE_C */
+    end = p + dhminlen;
+
+    /*
+     *  DHParams ::= SEQUENCE {
+     *      prime              INTEGER,  -- P
+     *      generator          INTEGER,  -- g
+     *      privateValueLength INTEGER OPTIONAL
+     *  }
+     */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+    {
+        ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret;
+        goto exit;
+    }
+
+    end = p + len;
+
+    if( ( ret = mbedtls_asn1_get_mpi( &p, end, &dhm->P  ) ) != 0 ||
+        ( ret = mbedtls_asn1_get_mpi( &p, end, &dhm->G ) ) != 0 )
+    {
+        ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret;
+        goto exit;
+    }
+
+    if( p != end )
+    {
+        /* This might be the optional privateValueLength.
+         * If so, we can cleanly discard it */
+        mbedtls_mpi rec;
+        mbedtls_mpi_init( &rec );
+        ret = mbedtls_asn1_get_mpi( &p, end, &rec );
+        mbedtls_mpi_free( &rec );
+        if ( ret != 0 )
+        {
+            ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret;
+            goto exit;
+        }
+        if ( p != end )
+        {
+            ret = MBEDTLS_ERR_DHM_INVALID_FORMAT +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
+            goto exit;
+        }
+    }
+
+    ret = 0;
+
+    dhm->len = mbedtls_mpi_size( &dhm->P );
+
+exit:
+#if defined(MBEDTLS_PEM_PARSE_C)
+    mbedtls_pem_free( &pem );
+#endif
+    if( ret != 0 )
+        mbedtls_dhm_free( dhm );
+
+    return( ret );
+}
+
+#if defined(MBEDTLS_FS_IO)
+/*
+ * Load all data from a file into a given buffer.
+ *
+ * The file is expected to contain either PEM or DER encoded data.
+ * A terminating null byte is always appended. It is included in the announced
+ * length only if the data looks like it is PEM encoded.
+ */
+static int load_file( const char *path, unsigned char **buf, size_t *n )
+{
+    FILE *f;
+    long size;
+
+    if( ( f = fopen( path, "rb" ) ) == NULL )
+        return( MBEDTLS_ERR_DHM_FILE_IO_ERROR );
+
+    fseek( f, 0, SEEK_END );
+    if( ( size = ftell( f ) ) == -1 )
+    {
+        fclose( f );
+        return( MBEDTLS_ERR_DHM_FILE_IO_ERROR );
+    }
+    fseek( f, 0, SEEK_SET );
+
+    *n = (size_t) size;
+
+    if( *n + 1 == 0 ||
+        ( *buf = mbedtls_calloc( 1, *n + 1 ) ) == NULL )
+    {
+        fclose( f );
+        return( MBEDTLS_ERR_DHM_ALLOC_FAILED );
+    }
+
+    if( fread( *buf, 1, *n, f ) != *n )
+    {
+        fclose( f );
+
+        mbedtls_zeroize( *buf, *n + 1 );
+        mbedtls_free( *buf );
+
+        return( MBEDTLS_ERR_DHM_FILE_IO_ERROR );
+    }
+
+    fclose( f );
+
+    (*buf)[*n] = '\0';
+
+    if( strstr( (const char *) *buf, "-----BEGIN " ) != NULL )
+        ++*n;
+
+    return( 0 );
+}
+
+/*
+ * Load and parse DHM parameters
+ */
+int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path )
+{
+    int ret;
+    size_t n;
+    unsigned char *buf;
+
+    if( ( ret = load_file( path, &buf, &n ) ) != 0 )
+        return( ret );
+
+    ret = mbedtls_dhm_parse_dhm( dhm, buf, n );
+
+    mbedtls_zeroize( buf, n );
+    mbedtls_free( buf );
+
+    return( ret );
+}
+#endif /* MBEDTLS_FS_IO */
+#endif /* MBEDTLS_ASN1_PARSE_C */
+#endif /* MBEDTLS_DHM_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+static const char mbedtls_test_dhm_params[] =
+"-----BEGIN DH PARAMETERS-----\r\n"
+"MIGHAoGBAJ419DBEOgmQTzo5qXl5fQcN9TN455wkOL7052HzxxRVMyhYmwQcgJvh\r\n"
+"1sa18fyfR9OiVEMYglOpkqVoGLN7qd5aQNNi5W7/C+VBdHTBJcGZJyyP5B3qcz32\r\n"
+"9mLJKudlVudV0Qxk5qUJaPZ/xupz0NyoVpviuiBOI1gNi8ovSXWzAgEC\r\n"
+"-----END DH PARAMETERS-----\r\n";
+
+static const size_t mbedtls_test_dhm_params_len = sizeof( mbedtls_test_dhm_params );
+
+/*
+ * Checkup routine
+ */
+int mbedtls_dhm_self_test( int verbose )
+{
+    int ret;
+    mbedtls_dhm_context dhm;
+
+    mbedtls_dhm_init( &dhm );
+
+    if( verbose != 0 )
+        mbedtls_printf( "  DHM parameter load: " );
+
+    if( ( ret = mbedtls_dhm_parse_dhm( &dhm,
+                    (const unsigned char *) mbedtls_test_dhm_params,
+                    mbedtls_test_dhm_params_len ) ) != 0 )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "failed\n" );
+
+        ret = 1;
+        goto exit;
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n\n" );
+
+exit:
+    mbedtls_dhm_free( &dhm );
+
+    return( ret );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_DHM_C */
diff --git a/thirdparty/mbedtls/library/ecdh.c b/thirdparty/mbedtls/library/ecdh.c
new file mode 100644
index 0000000000..61380b6936
--- /dev/null
+++ b/thirdparty/mbedtls/library/ecdh.c
@@ -0,0 +1,268 @@
+/*
+ *  Elliptic curve Diffie-Hellman
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/*
+ * References:
+ *
+ * SEC1 http://www.secg.org/index.php?action=secg,docs_secg
+ * RFC 4492
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_ECDH_C)
+
+#include "mbedtls/ecdh.h"
+
+#include <string.h>
+
+#if !defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT)
+/*
+ * Generate public key: simple wrapper around mbedtls_ecp_gen_keypair
+ */
+int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
+                     int (*f_rng)(void *, unsigned char *, size_t),
+                     void *p_rng )
+{
+    return mbedtls_ecp_gen_keypair( grp, d, Q, f_rng, p_rng );
+}
+#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */
+
+#if !defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT)
+/*
+ * Compute shared secret (SEC1 3.3.1)
+ */
+int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z,
+                         const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
+                         int (*f_rng)(void *, unsigned char *, size_t),
+                         void *p_rng )
+{
+    int ret;
+    mbedtls_ecp_point P;
+
+    mbedtls_ecp_point_init( &P );
+
+    /*
+     * Make sure Q is a valid pubkey before using it
+     */
+    MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, Q ) );
+
+    MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, &P, d, Q, f_rng, p_rng ) );
+
+    if( mbedtls_ecp_is_zero( &P ) )
+    {
+        ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( z, &P.X ) );
+
+cleanup:
+    mbedtls_ecp_point_free( &P );
+
+    return( ret );
+}
+#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */
+
+/*
+ * Initialize context
+ */
+void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_ecdh_context ) );
+}
+
+/*
+ * Free context
+ */
+void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    mbedtls_ecp_group_free( &ctx->grp );
+    mbedtls_ecp_point_free( &ctx->Q   );
+    mbedtls_ecp_point_free( &ctx->Qp  );
+    mbedtls_ecp_point_free( &ctx->Vi  );
+    mbedtls_ecp_point_free( &ctx->Vf  );
+    mbedtls_mpi_free( &ctx->d  );
+    mbedtls_mpi_free( &ctx->z  );
+    mbedtls_mpi_free( &ctx->_d );
+}
+
+/*
+ * Setup and write the ServerKeyExhange parameters (RFC 4492)
+ *      struct {
+ *          ECParameters    curve_params;
+ *          ECPoint         public;
+ *      } ServerECDHParams;
+ */
+int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
+                      unsigned char *buf, size_t blen,
+                      int (*f_rng)(void *, unsigned char *, size_t),
+                      void *p_rng )
+{
+    int ret;
+    size_t grp_len, pt_len;
+
+    if( ctx == NULL || ctx->grp.pbits == 0 )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) )
+                != 0 )
+        return( ret );
+
+    if( ( ret = mbedtls_ecp_tls_write_group( &ctx->grp, &grp_len, buf, blen ) )
+                != 0 )
+        return( ret );
+
+    buf += grp_len;
+    blen -= grp_len;
+
+    if( ( ret = mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format,
+                                     &pt_len, buf, blen ) ) != 0 )
+        return( ret );
+
+    *olen = grp_len + pt_len;
+    return( 0 );
+}
+
+/*
+ * Read the ServerKeyExhange parameters (RFC 4492)
+ *      struct {
+ *          ECParameters    curve_params;
+ *          ECPoint         public;
+ *      } ServerECDHParams;
+ */
+int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx,
+                      const unsigned char **buf, const unsigned char *end )
+{
+    int ret;
+
+    if( ( ret = mbedtls_ecp_tls_read_group( &ctx->grp, buf, end - *buf ) ) != 0 )
+        return( ret );
+
+    if( ( ret = mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, buf, end - *buf ) )
+                != 0 )
+        return( ret );
+
+    return( 0 );
+}
+
+/*
+ * Get parameters from a keypair
+ */
+int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key,
+                     mbedtls_ecdh_side side )
+{
+    int ret;
+
+    if( ( ret = mbedtls_ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 )
+        return( ret );
+
+    /* If it's not our key, just import the public part as Qp */
+    if( side == MBEDTLS_ECDH_THEIRS )
+        return( mbedtls_ecp_copy( &ctx->Qp, &key->Q ) );
+
+    /* Our key: import public (as Q) and private parts */
+    if( side != MBEDTLS_ECDH_OURS )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    if( ( ret = mbedtls_ecp_copy( &ctx->Q, &key->Q ) ) != 0 ||
+        ( ret = mbedtls_mpi_copy( &ctx->d, &key->d ) ) != 0 )
+        return( ret );
+
+    return( 0 );
+}
+
+/*
+ * Setup and export the client public value
+ */
+int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
+                      unsigned char *buf, size_t blen,
+                      int (*f_rng)(void *, unsigned char *, size_t),
+                      void *p_rng )
+{
+    int ret;
+
+    if( ctx == NULL || ctx->grp.pbits == 0 )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) )
+                != 0 )
+        return( ret );
+
+    return mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format,
+                                olen, buf, blen );
+}
+
+/*
+ * Parse and import the client's public value
+ */
+int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx,
+                      const unsigned char *buf, size_t blen )
+{
+    int ret;
+    const unsigned char *p = buf;
+
+    if( ctx == NULL )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    if( ( ret = mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, &p, blen ) ) != 0 )
+        return( ret );
+
+    if( (size_t)( p - buf ) != blen )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    return( 0 );
+}
+
+/*
+ * Derive and export the shared secret
+ */
+int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
+                      unsigned char *buf, size_t blen,
+                      int (*f_rng)(void *, unsigned char *, size_t),
+                      void *p_rng )
+{
+    int ret;
+
+    if( ctx == NULL )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    if( ( ret = mbedtls_ecdh_compute_shared( &ctx->grp, &ctx->z, &ctx->Qp, &ctx->d,
+                                     f_rng, p_rng ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    if( mbedtls_mpi_size( &ctx->z ) > blen )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    *olen = ctx->grp.pbits / 8 + ( ( ctx->grp.pbits % 8 ) != 0 );
+    return mbedtls_mpi_write_binary( &ctx->z, buf, *olen );
+}
+
+#endif /* MBEDTLS_ECDH_C */
diff --git a/thirdparty/mbedtls/library/ecdsa.c b/thirdparty/mbedtls/library/ecdsa.c
new file mode 100644
index 0000000000..826fefe5c6
--- /dev/null
+++ b/thirdparty/mbedtls/library/ecdsa.c
@@ -0,0 +1,458 @@
+/*
+ *  Elliptic curve DSA
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/*
+ * References:
+ *
+ * SEC1 http://www.secg.org/index.php?action=secg,docs_secg
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_ECDSA_C)
+
+#include "mbedtls/ecdsa.h"
+#include "mbedtls/asn1write.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+#include "mbedtls/hmac_drbg.h"
+#endif
+
+/*
+ * Derive a suitable integer for group grp from a buffer of length len
+ * SEC1 4.1.3 step 5 aka SEC1 4.1.4 step 3
+ */
+static int derive_mpi( const mbedtls_ecp_group *grp, mbedtls_mpi *x,
+                       const unsigned char *buf, size_t blen )
+{
+    int ret;
+    size_t n_size = ( grp->nbits + 7 ) / 8;
+    size_t use_size = blen > n_size ? n_size : blen;
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( x, buf, use_size ) );
+    if( use_size * 8 > grp->nbits )
+        MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( x, use_size * 8 - grp->nbits ) );
+
+    /* While at it, reduce modulo N */
+    if( mbedtls_mpi_cmp_mpi( x, &grp->N ) >= 0 )
+        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( x, x, &grp->N ) );
+
+cleanup:
+    return( ret );
+}
+
+#if !defined(MBEDTLS_ECDSA_SIGN_ALT)
+/*
+ * Compute ECDSA signature of a hashed message (SEC1 4.1.3)
+ * Obviously, compared to SEC1 4.1.3, we skip step 4 (hash message)
+ */
+int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
+                const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
+                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+    int ret, key_tries, sign_tries, blind_tries;
+    mbedtls_ecp_point R;
+    mbedtls_mpi k, e, t;
+
+    /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
+    if( grp->N.p == NULL )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    /* Make sure d is in range 1..n-1 */
+    if( mbedtls_mpi_cmp_int( d, 1 ) < 0 || mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 )
+        return( MBEDTLS_ERR_ECP_INVALID_KEY );
+
+    mbedtls_ecp_point_init( &R );
+    mbedtls_mpi_init( &k ); mbedtls_mpi_init( &e ); mbedtls_mpi_init( &t );
+
+    sign_tries = 0;
+    do
+    {
+        /*
+         * Steps 1-3: generate a suitable ephemeral keypair
+         * and set r = xR mod n
+         */
+        key_tries = 0;
+        do
+        {
+            MBEDTLS_MPI_CHK( mbedtls_ecp_gen_keypair( grp, &k, &R, f_rng, p_rng ) );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( r, &R.X, &grp->N ) );
+
+            if( key_tries++ > 10 )
+            {
+                ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
+                goto cleanup;
+            }
+        }
+        while( mbedtls_mpi_cmp_int( r, 0 ) == 0 );
+
+        /*
+         * Step 5: derive MPI from hashed message
+         */
+        MBEDTLS_MPI_CHK( derive_mpi( grp, &e, buf, blen ) );
+
+        /*
+         * Generate a random value to blind inv_mod in next step,
+         * avoiding a potential timing leak.
+         */
+        blind_tries = 0;
+        do
+        {
+            size_t n_size = ( grp->nbits + 7 ) / 8;
+            MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &t, n_size, f_rng, p_rng ) );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &t, 8 * n_size - grp->nbits ) );
+
+            /* See mbedtls_ecp_gen_keypair() */
+            if( ++blind_tries > 30 )
+                return( MBEDTLS_ERR_ECP_RANDOM_FAILED );
+        }
+        while( mbedtls_mpi_cmp_int( &t, 1 ) < 0 ||
+               mbedtls_mpi_cmp_mpi( &t, &grp->N ) >= 0 );
+
+        /*
+         * Step 6: compute s = (e + r * d) / k = t (e + rd) / (kt) mod n
+         */
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, r, d ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &e, &e, s ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &e, &e, &t ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &k, &k, &t ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( s, &k, &grp->N ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, s, &e ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( s, s, &grp->N ) );
+
+        if( sign_tries++ > 10 )
+        {
+            ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
+            goto cleanup;
+        }
+    }
+    while( mbedtls_mpi_cmp_int( s, 0 ) == 0 );
+
+cleanup:
+    mbedtls_ecp_point_free( &R );
+    mbedtls_mpi_free( &k ); mbedtls_mpi_free( &e ); mbedtls_mpi_free( &t );
+
+    return( ret );
+}
+#endif /* MBEDTLS_ECDSA_SIGN_ALT */
+
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+/*
+ * Deterministic signature wrapper
+ */
+int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
+                    const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
+                    mbedtls_md_type_t md_alg )
+{
+    int ret;
+    mbedtls_hmac_drbg_context rng_ctx;
+    unsigned char data[2 * MBEDTLS_ECP_MAX_BYTES];
+    size_t grp_len = ( grp->nbits + 7 ) / 8;
+    const mbedtls_md_info_t *md_info;
+    mbedtls_mpi h;
+
+    if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    mbedtls_mpi_init( &h );
+    mbedtls_hmac_drbg_init( &rng_ctx );
+
+    /* Use private key and message hash (reduced) to initialize HMAC_DRBG */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, data, grp_len ) );
+    MBEDTLS_MPI_CHK( derive_mpi( grp, &h, buf, blen ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, data + grp_len, grp_len ) );
+    mbedtls_hmac_drbg_seed_buf( &rng_ctx, md_info, data, 2 * grp_len );
+
+    ret = mbedtls_ecdsa_sign( grp, r, s, d, buf, blen,
+                      mbedtls_hmac_drbg_random, &rng_ctx );
+
+cleanup:
+    mbedtls_hmac_drbg_free( &rng_ctx );
+    mbedtls_mpi_free( &h );
+
+    return( ret );
+}
+#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
+
+#if !defined(MBEDTLS_ECDSA_VERIFY_ALT)
+/*
+ * Verify ECDSA signature of hashed message (SEC1 4.1.4)
+ * Obviously, compared to SEC1 4.1.3, we skip step 2 (hash message)
+ */
+int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
+                  const unsigned char *buf, size_t blen,
+                  const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s)
+{
+    int ret;
+    mbedtls_mpi e, s_inv, u1, u2;
+    mbedtls_ecp_point R;
+
+    mbedtls_ecp_point_init( &R );
+    mbedtls_mpi_init( &e ); mbedtls_mpi_init( &s_inv ); mbedtls_mpi_init( &u1 ); mbedtls_mpi_init( &u2 );
+
+    /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
+    if( grp->N.p == NULL )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    /*
+     * Step 1: make sure r and s are in range 1..n-1
+     */
+    if( mbedtls_mpi_cmp_int( r, 1 ) < 0 || mbedtls_mpi_cmp_mpi( r, &grp->N ) >= 0 ||
+        mbedtls_mpi_cmp_int( s, 1 ) < 0 || mbedtls_mpi_cmp_mpi( s, &grp->N ) >= 0 )
+    {
+        ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
+        goto cleanup;
+    }
+
+    /*
+     * Additional precaution: make sure Q is valid
+     */
+    MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, Q ) );
+
+    /*
+     * Step 3: derive MPI from hashed message
+     */
+    MBEDTLS_MPI_CHK( derive_mpi( grp, &e, buf, blen ) );
+
+    /*
+     * Step 4: u1 = e / s mod n, u2 = r / s mod n
+     */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &s_inv, s, &grp->N ) );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &u1, &e, &s_inv ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &u1, &u1, &grp->N ) );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &u2, r, &s_inv ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &u2, &u2, &grp->N ) );
+
+    /*
+     * Step 5: R = u1 G + u2 Q
+     *
+     * Since we're not using any secret data, no need to pass a RNG to
+     * mbedtls_ecp_mul() for countermesures.
+     */
+    MBEDTLS_MPI_CHK( mbedtls_ecp_muladd( grp, &R, &u1, &grp->G, &u2, Q ) );
+
+    if( mbedtls_ecp_is_zero( &R ) )
+    {
+        ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
+        goto cleanup;
+    }
+
+    /*
+     * Step 6: convert xR to an integer (no-op)
+     * Step 7: reduce xR mod n (gives v)
+     */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &R.X, &R.X, &grp->N ) );
+
+    /*
+     * Step 8: check if v (that is, R.X) is equal to r
+     */
+    if( mbedtls_mpi_cmp_mpi( &R.X, r ) != 0 )
+    {
+        ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
+        goto cleanup;
+    }
+
+cleanup:
+    mbedtls_ecp_point_free( &R );
+    mbedtls_mpi_free( &e ); mbedtls_mpi_free( &s_inv ); mbedtls_mpi_free( &u1 ); mbedtls_mpi_free( &u2 );
+
+    return( ret );
+}
+#endif /* MBEDTLS_ECDSA_VERIFY_ALT */
+
+/*
+ * Convert a signature (given by context) to ASN.1
+ */
+static int ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s,
+                                    unsigned char *sig, size_t *slen )
+{
+    int ret;
+    unsigned char buf[MBEDTLS_ECDSA_MAX_LEN];
+    unsigned char *p = buf + sizeof( buf );
+    size_t len = 0;
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, s ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, r ) );
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, buf, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, buf,
+                                       MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
+
+    memcpy( sig, p, len );
+    *slen = len;
+
+    return( 0 );
+}
+
+/*
+ * Compute and write signature
+ */
+int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, mbedtls_md_type_t md_alg,
+                           const unsigned char *hash, size_t hlen,
+                           unsigned char *sig, size_t *slen,
+                           int (*f_rng)(void *, unsigned char *, size_t),
+                           void *p_rng )
+{
+    int ret;
+    mbedtls_mpi r, s;
+
+    mbedtls_mpi_init( &r );
+    mbedtls_mpi_init( &s );
+
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+    (void) f_rng;
+    (void) p_rng;
+
+    MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det( &ctx->grp, &r, &s, &ctx->d,
+                             hash, hlen, md_alg ) );
+#else
+    (void) md_alg;
+
+    MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ctx->grp, &r, &s, &ctx->d,
+                         hash, hlen, f_rng, p_rng ) );
+#endif
+
+    MBEDTLS_MPI_CHK( ecdsa_signature_to_asn1( &r, &s, sig, slen ) );
+
+cleanup:
+    mbedtls_mpi_free( &r );
+    mbedtls_mpi_free( &s );
+
+    return( ret );
+}
+
+#if ! defined(MBEDTLS_DEPRECATED_REMOVED) && \
+    defined(MBEDTLS_ECDSA_DETERMINISTIC)
+int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx,
+                               const unsigned char *hash, size_t hlen,
+                               unsigned char *sig, size_t *slen,
+                               mbedtls_md_type_t md_alg )
+{
+    return( mbedtls_ecdsa_write_signature( ctx, md_alg, hash, hlen, sig, slen,
+                                   NULL, NULL ) );
+}
+#endif
+
+/*
+ * Read and check signature
+ */
+int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx,
+                          const unsigned char *hash, size_t hlen,
+                          const unsigned char *sig, size_t slen )
+{
+    int ret;
+    unsigned char *p = (unsigned char *) sig;
+    const unsigned char *end = sig + slen;
+    size_t len;
+    mbedtls_mpi r, s;
+
+    mbedtls_mpi_init( &r );
+    mbedtls_mpi_init( &s );
+
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+    {
+        ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    if( p + len != end )
+    {
+        ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA +
+              MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
+        goto cleanup;
+    }
+
+    if( ( ret = mbedtls_asn1_get_mpi( &p, end, &r ) ) != 0 ||
+        ( ret = mbedtls_asn1_get_mpi( &p, end, &s ) ) != 0 )
+    {
+        ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    if( ( ret = mbedtls_ecdsa_verify( &ctx->grp, hash, hlen,
+                              &ctx->Q, &r, &s ) ) != 0 )
+        goto cleanup;
+
+    if( p != end )
+        ret = MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH;
+
+cleanup:
+    mbedtls_mpi_free( &r );
+    mbedtls_mpi_free( &s );
+
+    return( ret );
+}
+
+#if !defined(MBEDTLS_ECDSA_GENKEY_ALT)
+/*
+ * Generate key pair
+ */
+int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
+                  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+    return( mbedtls_ecp_group_load( &ctx->grp, gid ) ||
+            mbedtls_ecp_gen_keypair( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) );
+}
+#endif /* MBEDTLS_ECDSA_GENKEY_ALT */
+
+/*
+ * Set context from an mbedtls_ecp_keypair
+ */
+int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key )
+{
+    int ret;
+
+    if( ( ret = mbedtls_ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 ||
+        ( ret = mbedtls_mpi_copy( &ctx->d, &key->d ) ) != 0 ||
+        ( ret = mbedtls_ecp_copy( &ctx->Q, &key->Q ) ) != 0 )
+    {
+        mbedtls_ecdsa_free( ctx );
+    }
+
+    return( ret );
+}
+
+/*
+ * Initialize context
+ */
+void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx )
+{
+    mbedtls_ecp_keypair_init( ctx );
+}
+
+/*
+ * Free context
+ */
+void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx )
+{
+    mbedtls_ecp_keypair_free( ctx );
+}
+
+#endif /* MBEDTLS_ECDSA_C */
diff --git a/thirdparty/mbedtls/library/ecjpake.c b/thirdparty/mbedtls/library/ecjpake.c
new file mode 100644
index 0000000000..e8f40862be
--- /dev/null
+++ b/thirdparty/mbedtls/library/ecjpake.c
@@ -0,0 +1,1106 @@
+/*
+ *  Elliptic curve J-PAKE
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/*
+ * References in the code are to the Thread v1.0 Specification,
+ * available to members of the Thread Group http://threadgroup.org/
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_ECJPAKE_C)
+
+#include "mbedtls/ecjpake.h"
+
+#include <string.h>
+
+#if !defined(MBEDTLS_ECJPAKE_ALT)
+
+/*
+ * Convert a mbedtls_ecjpake_role to identifier string
+ */
+static const char * const ecjpake_id[] = {
+    "client",
+    "server"
+};
+
+#define ID_MINE     ( ecjpake_id[ ctx->role ] )
+#define ID_PEER     ( ecjpake_id[ 1 - ctx->role ] )
+
+/*
+ * Initialize context
+ */
+void mbedtls_ecjpake_init( mbedtls_ecjpake_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    ctx->md_info = NULL;
+    mbedtls_ecp_group_init( &ctx->grp );
+    ctx->point_format = MBEDTLS_ECP_PF_UNCOMPRESSED;
+
+    mbedtls_ecp_point_init( &ctx->Xm1 );
+    mbedtls_ecp_point_init( &ctx->Xm2 );
+    mbedtls_ecp_point_init( &ctx->Xp1 );
+    mbedtls_ecp_point_init( &ctx->Xp2 );
+    mbedtls_ecp_point_init( &ctx->Xp  );
+
+    mbedtls_mpi_init( &ctx->xm1 );
+    mbedtls_mpi_init( &ctx->xm2 );
+    mbedtls_mpi_init( &ctx->s   );
+}
+
+/*
+ * Free context
+ */
+void mbedtls_ecjpake_free( mbedtls_ecjpake_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    ctx->md_info = NULL;
+    mbedtls_ecp_group_free( &ctx->grp );
+
+    mbedtls_ecp_point_free( &ctx->Xm1 );
+    mbedtls_ecp_point_free( &ctx->Xm2 );
+    mbedtls_ecp_point_free( &ctx->Xp1 );
+    mbedtls_ecp_point_free( &ctx->Xp2 );
+    mbedtls_ecp_point_free( &ctx->Xp  );
+
+    mbedtls_mpi_free( &ctx->xm1 );
+    mbedtls_mpi_free( &ctx->xm2 );
+    mbedtls_mpi_free( &ctx->s   );
+}
+
+/*
+ * Setup context
+ */
+int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx,
+                           mbedtls_ecjpake_role role,
+                           mbedtls_md_type_t hash,
+                           mbedtls_ecp_group_id curve,
+                           const unsigned char *secret,
+                           size_t len )
+{
+    int ret;
+
+    ctx->role = role;
+
+    if( ( ctx->md_info = mbedtls_md_info_from_type( hash ) ) == NULL )
+        return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
+
+    MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ctx->grp, curve ) );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->s, secret, len ) );
+
+cleanup:
+    if( ret != 0 )
+        mbedtls_ecjpake_free( ctx );
+
+    return( ret );
+}
+
+/*
+ * Check if context is ready for use
+ */
+int mbedtls_ecjpake_check( const mbedtls_ecjpake_context *ctx )
+{
+    if( ctx->md_info == NULL ||
+        ctx->grp.id == MBEDTLS_ECP_DP_NONE ||
+        ctx->s.p == NULL )
+    {
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+    }
+
+    return( 0 );
+}
+
+/*
+ * Write a point plus its length to a buffer
+ */
+static int ecjpake_write_len_point( unsigned char **p,
+                                    const unsigned char *end,
+                                    const mbedtls_ecp_group *grp,
+                                    const int pf,
+                                    const mbedtls_ecp_point *P )
+{
+    int ret;
+    size_t len;
+
+    /* Need at least 4 for length plus 1 for point */
+    if( end < *p || end - *p < 5 )
+        return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
+
+    ret = mbedtls_ecp_point_write_binary( grp, P, pf,
+                                          &len, *p + 4, end - ( *p + 4 ) );
+    if( ret != 0 )
+        return( ret );
+
+    (*p)[0] = (unsigned char)( ( len >> 24 ) & 0xFF );
+    (*p)[1] = (unsigned char)( ( len >> 16 ) & 0xFF );
+    (*p)[2] = (unsigned char)( ( len >>  8 ) & 0xFF );
+    (*p)[3] = (unsigned char)( ( len       ) & 0xFF );
+
+    *p += 4 + len;
+
+    return( 0 );
+}
+
+/*
+ * Size of the temporary buffer for ecjpake_hash:
+ * 3 EC points plus their length, plus ID and its length (4 + 6 bytes)
+ */
+#define ECJPAKE_HASH_BUF_LEN    ( 3 * ( 4 + MBEDTLS_ECP_MAX_PT_LEN ) + 4 + 6 )
+
+/*
+ * Compute hash for ZKP (7.4.2.2.2.1)
+ */
+static int ecjpake_hash( const mbedtls_md_info_t *md_info,
+                         const mbedtls_ecp_group *grp,
+                         const int pf,
+                         const mbedtls_ecp_point *G,
+                         const mbedtls_ecp_point *V,
+                         const mbedtls_ecp_point *X,
+                         const char *id,
+                         mbedtls_mpi *h )
+{
+    int ret;
+    unsigned char buf[ECJPAKE_HASH_BUF_LEN];
+    unsigned char *p = buf;
+    const unsigned char *end = buf + sizeof( buf );
+    const size_t id_len = strlen( id );
+    unsigned char hash[MBEDTLS_MD_MAX_SIZE];
+
+    /* Write things to temporary buffer */
+    MBEDTLS_MPI_CHK( ecjpake_write_len_point( &p, end, grp, pf, G ) );
+    MBEDTLS_MPI_CHK( ecjpake_write_len_point( &p, end, grp, pf, V ) );
+    MBEDTLS_MPI_CHK( ecjpake_write_len_point( &p, end, grp, pf, X ) );
+
+    if( end - p < 4 )
+        return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
+
+    *p++ = (unsigned char)( ( id_len >> 24 ) & 0xFF );
+    *p++ = (unsigned char)( ( id_len >> 16 ) & 0xFF );
+    *p++ = (unsigned char)( ( id_len >>  8 ) & 0xFF );
+    *p++ = (unsigned char)( ( id_len       ) & 0xFF );
+
+    if( end < p || (size_t)( end - p ) < id_len )
+        return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
+
+    memcpy( p, id, id_len );
+    p += id_len;
+
+    /* Compute hash */
+    mbedtls_md( md_info, buf, p - buf, hash );
+
+    /* Turn it into an integer mod n */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( h, hash,
+                                        mbedtls_md_get_size( md_info ) ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( h, h, &grp->N ) );
+
+cleanup:
+    return( ret );
+}
+
+/*
+ * Parse a ECShnorrZKP (7.4.2.2.2) and verify it (7.4.2.3.3)
+ */
+static int ecjpake_zkp_read( const mbedtls_md_info_t *md_info,
+                             const mbedtls_ecp_group *grp,
+                             const int pf,
+                             const mbedtls_ecp_point *G,
+                             const mbedtls_ecp_point *X,
+                             const char *id,
+                             const unsigned char **p,
+                             const unsigned char *end )
+{
+    int ret;
+    mbedtls_ecp_point V, VV;
+    mbedtls_mpi r, h;
+    size_t r_len;
+
+    mbedtls_ecp_point_init( &V );
+    mbedtls_ecp_point_init( &VV );
+    mbedtls_mpi_init( &r );
+    mbedtls_mpi_init( &h );
+
+    /*
+     * struct {
+     *     ECPoint V;
+     *     opaque r<1..2^8-1>;
+     * } ECSchnorrZKP;
+     */
+    if( end < *p )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    MBEDTLS_MPI_CHK( mbedtls_ecp_tls_read_point( grp, &V, p, end - *p ) );
+
+    if( end < *p || (size_t)( end - *p ) < 1 )
+    {
+        ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    r_len = *(*p)++;
+
+    if( end < *p || (size_t)( end - *p ) < r_len )
+    {
+        ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &r, *p, r_len ) );
+    *p += r_len;
+
+    /*
+     * Verification
+     */
+    MBEDTLS_MPI_CHK( ecjpake_hash( md_info, grp, pf, G, &V, X, id, &h ) );
+    MBEDTLS_MPI_CHK( mbedtls_ecp_muladd( (mbedtls_ecp_group *) grp,
+                     &VV, &h, X, &r, G ) );
+
+    if( mbedtls_ecp_point_cmp( &VV, &V ) != 0 )
+    {
+        ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
+        goto cleanup;
+    }
+
+cleanup:
+    mbedtls_ecp_point_free( &V );
+    mbedtls_ecp_point_free( &VV );
+    mbedtls_mpi_free( &r );
+    mbedtls_mpi_free( &h );
+
+    return( ret );
+}
+
+/*
+ * Generate ZKP (7.4.2.3.2) and write it as ECSchnorrZKP (7.4.2.2.2)
+ */
+static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info,
+                              const mbedtls_ecp_group *grp,
+                              const int pf, 
+                              const mbedtls_ecp_point *G,
+                              const mbedtls_mpi *x,
+                              const mbedtls_ecp_point *X,
+                              const char *id,
+                              unsigned char **p,
+                              const unsigned char *end,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng )
+{
+    int ret;
+    mbedtls_ecp_point V;
+    mbedtls_mpi v;
+    mbedtls_mpi h; /* later recycled to hold r */
+    size_t len;
+
+    if( end < *p )
+        return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
+
+    mbedtls_ecp_point_init( &V );
+    mbedtls_mpi_init( &v );
+    mbedtls_mpi_init( &h );
+
+    /* Compute signature */
+    MBEDTLS_MPI_CHK( mbedtls_ecp_gen_keypair_base( (mbedtls_ecp_group *) grp,
+                                                   G, &v, &V, f_rng, p_rng ) );
+    MBEDTLS_MPI_CHK( ecjpake_hash( md_info, grp, pf, G, &V, X, id, &h ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &h, &h, x ) ); /* x*h */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &h, &v, &h ) ); /* v - x*h */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &h, &h, &grp->N ) ); /* r */
+
+    /* Write it out */
+    MBEDTLS_MPI_CHK( mbedtls_ecp_tls_write_point( grp, &V,
+                pf, &len, *p, end - *p ) );
+    *p += len;
+
+    len = mbedtls_mpi_size( &h ); /* actually r */
+    if( end < *p || (size_t)( end - *p ) < 1 + len || len > 255 )
+    {
+        ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+        goto cleanup;
+    }
+
+    *(*p)++ = (unsigned char)( len & 0xFF );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, *p, len ) ); /* r */
+    *p += len;
+
+cleanup:
+    mbedtls_ecp_point_free( &V );
+    mbedtls_mpi_free( &v );
+    mbedtls_mpi_free( &h );
+
+    return( ret );
+}
+
+/*
+ * Parse a ECJPAKEKeyKP (7.4.2.2.1) and check proof
+ * Output: verified public key X
+ */
+static int ecjpake_kkp_read( const mbedtls_md_info_t *md_info,
+                             const mbedtls_ecp_group *grp,
+                             const int pf,
+                             const mbedtls_ecp_point *G,
+                             mbedtls_ecp_point *X,
+                             const char *id,
+                             const unsigned char **p,
+                             const unsigned char *end )
+{
+    int ret;
+
+    if( end < *p )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    /*
+     * struct {
+     *     ECPoint X;
+     *     ECSchnorrZKP zkp;
+     * } ECJPAKEKeyKP;
+     */
+    MBEDTLS_MPI_CHK( mbedtls_ecp_tls_read_point( grp, X, p, end - *p ) );
+    if( mbedtls_ecp_is_zero( X ) )
+    {
+        ret = MBEDTLS_ERR_ECP_INVALID_KEY;
+        goto cleanup;
+    }
+
+    MBEDTLS_MPI_CHK( ecjpake_zkp_read( md_info, grp, pf, G, X, id, p, end ) );
+
+cleanup:
+    return( ret );
+}
+
+/*
+ * Generate an ECJPAKEKeyKP
+ * Output: the serialized structure, plus private/public key pair
+ */
+static int ecjpake_kkp_write( const mbedtls_md_info_t *md_info,
+                              const mbedtls_ecp_group *grp,
+                              const int pf,
+                              const mbedtls_ecp_point *G,
+                              mbedtls_mpi *x,
+                              mbedtls_ecp_point *X,
+                              const char *id,
+                              unsigned char **p,
+                              const unsigned char *end,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng )
+{
+    int ret;
+    size_t len;
+
+    if( end < *p )
+        return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
+
+    /* Generate key (7.4.2.3.1) and write it out */
+    MBEDTLS_MPI_CHK( mbedtls_ecp_gen_keypair_base( (mbedtls_ecp_group *) grp, G, x, X,
+                                                   f_rng, p_rng ) );
+    MBEDTLS_MPI_CHK( mbedtls_ecp_tls_write_point( grp, X,
+                pf, &len, *p, end - *p ) );
+    *p += len;
+
+    /* Generate and write proof */
+    MBEDTLS_MPI_CHK( ecjpake_zkp_write( md_info, grp, pf, G, x, X, id,
+                                        p, end, f_rng, p_rng ) );
+
+cleanup:
+    return( ret );
+}
+
+/*
+ * Read a ECJPAKEKeyKPPairList (7.4.2.3) and check proofs
+ * Ouputs: verified peer public keys Xa, Xb
+ */
+static int ecjpake_kkpp_read( const mbedtls_md_info_t *md_info,
+                              const mbedtls_ecp_group *grp,
+                              const int pf,
+                              const mbedtls_ecp_point *G,
+                              mbedtls_ecp_point *Xa,
+                              mbedtls_ecp_point *Xb,
+                              const char *id,
+                              const unsigned char *buf,
+                              size_t len )
+{
+    int ret;
+    const unsigned char *p = buf;
+    const unsigned char *end = buf + len;
+
+    /*
+     * struct {
+     *     ECJPAKEKeyKP ecjpake_key_kp_pair_list[2];
+     * } ECJPAKEKeyKPPairList;
+     */
+    MBEDTLS_MPI_CHK( ecjpake_kkp_read( md_info, grp, pf, G, Xa, id, &p, end ) );
+    MBEDTLS_MPI_CHK( ecjpake_kkp_read( md_info, grp, pf, G, Xb, id, &p, end ) );
+
+    if( p != end )
+        ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+
+cleanup:
+    return( ret );
+}
+
+/*
+ * Generate a ECJPAKEKeyKPPairList
+ * Outputs: the serialized structure, plus two private/public key pairs
+ */
+static int ecjpake_kkpp_write( const mbedtls_md_info_t *md_info,
+                               const mbedtls_ecp_group *grp,
+                               const int pf,
+                               const mbedtls_ecp_point *G,
+                               mbedtls_mpi *xm1,
+                               mbedtls_ecp_point *Xa,
+                               mbedtls_mpi *xm2,
+                               mbedtls_ecp_point *Xb,
+                               const char *id,
+                               unsigned char *buf,
+                               size_t len,
+                               size_t *olen,
+                               int (*f_rng)(void *, unsigned char *, size_t),
+                               void *p_rng )
+{
+    int ret;
+    unsigned char *p = buf;
+    const unsigned char *end = buf + len;
+
+    MBEDTLS_MPI_CHK( ecjpake_kkp_write( md_info, grp, pf, G, xm1, Xa, id,
+                &p, end, f_rng, p_rng ) );
+    MBEDTLS_MPI_CHK( ecjpake_kkp_write( md_info, grp, pf, G, xm2, Xb, id,
+                &p, end, f_rng, p_rng ) );
+
+    *olen = p - buf;
+
+cleanup:
+    return( ret );
+}
+
+/*
+ * Read and process the first round message
+ */
+int mbedtls_ecjpake_read_round_one( mbedtls_ecjpake_context *ctx,
+                                    const unsigned char *buf,
+                                    size_t len )
+{
+    return( ecjpake_kkpp_read( ctx->md_info, &ctx->grp, ctx->point_format,
+                               &ctx->grp.G,
+                               &ctx->Xp1, &ctx->Xp2, ID_PEER,
+                               buf, len ) );
+}
+
+/*
+ * Generate and write the first round message
+ */
+int mbedtls_ecjpake_write_round_one( mbedtls_ecjpake_context *ctx,
+                            unsigned char *buf, size_t len, size_t *olen,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng )
+{
+    return( ecjpake_kkpp_write( ctx->md_info, &ctx->grp, ctx->point_format,
+                                &ctx->grp.G,
+                                &ctx->xm1, &ctx->Xm1, &ctx->xm2, &ctx->Xm2,
+                                ID_MINE, buf, len, olen, f_rng, p_rng ) );
+}
+
+/*
+ * Compute the sum of three points R = A + B + C
+ */
+static int ecjpake_ecp_add3( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+                             const mbedtls_ecp_point *A,
+                             const mbedtls_ecp_point *B,
+                             const mbedtls_ecp_point *C )
+{
+    int ret;
+    mbedtls_mpi one;
+
+    mbedtls_mpi_init( &one );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &one, 1 ) );
+    MBEDTLS_MPI_CHK( mbedtls_ecp_muladd( grp, R, &one, A, &one, B ) );
+    MBEDTLS_MPI_CHK( mbedtls_ecp_muladd( grp, R, &one, R, &one, C ) );
+
+cleanup:
+    mbedtls_mpi_free( &one );
+
+    return( ret );
+}
+
+/*
+ * Read and process second round message (C: 7.4.2.5, S: 7.4.2.6)
+ */
+int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx,
+                                            const unsigned char *buf,
+                                            size_t len )
+{
+    int ret;
+    const unsigned char *p = buf;
+    const unsigned char *end = buf + len;
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point G;    /* C: GB, S: GA */
+
+    mbedtls_ecp_group_init( &grp );
+    mbedtls_ecp_point_init( &G );
+
+    /*
+     * Server: GA = X3  + X4  + X1      (7.4.2.6.1)
+     * Client: GB = X1  + X2  + X3      (7.4.2.5.1)
+     * Unified: G = Xm1 + Xm2 + Xp1
+     * We need that before parsing in order to check Xp as we read it
+     */
+    MBEDTLS_MPI_CHK( ecjpake_ecp_add3( &ctx->grp, &G,
+                                       &ctx->Xm1, &ctx->Xm2, &ctx->Xp1 ) );
+
+    /*
+     * struct {
+     *     ECParameters curve_params;   // only client reading server msg
+     *     ECJPAKEKeyKP ecjpake_key_kp;
+     * } Client/ServerECJPAKEParams;
+     */
+    if( ctx->role == MBEDTLS_ECJPAKE_CLIENT )
+    {
+        MBEDTLS_MPI_CHK( mbedtls_ecp_tls_read_group( &grp, &p, len ) );
+        if( grp.id != ctx->grp.id )
+        {
+            ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+            goto cleanup;
+        }
+    }
+
+    MBEDTLS_MPI_CHK( ecjpake_kkp_read( ctx->md_info, &ctx->grp,
+                            ctx->point_format,
+                            &G, &ctx->Xp, ID_PEER, &p, end ) );
+
+    if( p != end )
+    {
+        ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+cleanup:
+    mbedtls_ecp_group_free( &grp );
+    mbedtls_ecp_point_free( &G );
+
+    return( ret );
+}
+
+/*
+ * Compute R = +/- X * S mod N, taking care not to leak S
+ */
+static int ecjpake_mul_secret( mbedtls_mpi *R, int sign,
+                               const mbedtls_mpi *X,
+                               const mbedtls_mpi *S,
+                               const mbedtls_mpi *N,
+                               int (*f_rng)(void *, unsigned char *, size_t),
+                               void *p_rng )
+{
+    int ret;
+    mbedtls_mpi b; /* Blinding value, then s + N * blinding */
+
+    mbedtls_mpi_init( &b );
+
+    /* b = s + rnd-128-bit * N */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &b, 16, f_rng, p_rng ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &b, &b, N ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &b, &b, S ) );
+
+    /* R = sign * X * b mod N */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( R, X, &b ) );
+    R->s *= sign;
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( R, R, N ) );
+
+cleanup:
+    mbedtls_mpi_free( &b );
+
+    return( ret );
+}
+
+/*
+ * Generate and write the second round message (S: 7.4.2.5, C: 7.4.2.6)
+ */
+int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx,
+                            unsigned char *buf, size_t len, size_t *olen,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng )
+{
+    int ret;
+    mbedtls_ecp_point G;    /* C: GA, S: GB */
+    mbedtls_ecp_point Xm;   /* C: Xc, S: Xs */
+    mbedtls_mpi xm;         /* C: xc, S: xs */
+    unsigned char *p = buf;
+    const unsigned char *end = buf + len;
+    size_t ec_len;
+
+    mbedtls_ecp_point_init( &G );
+    mbedtls_ecp_point_init( &Xm );
+    mbedtls_mpi_init( &xm );
+
+    /*
+     * First generate private/public key pair (S: 7.4.2.5.1, C: 7.4.2.6.1)
+     *
+     * Client:  GA = X1  + X3  + X4  | xs = x2  * s | Xc = xc * GA
+     * Server:  GB = X3  + X1  + X2  | xs = x4  * s | Xs = xs * GB
+     * Unified: G  = Xm1 + Xp1 + Xp2 | xm = xm2 * s | Xm = xm * G
+     */
+    MBEDTLS_MPI_CHK( ecjpake_ecp_add3( &ctx->grp, &G,
+                                       &ctx->Xp1, &ctx->Xp2, &ctx->Xm1 ) );
+    MBEDTLS_MPI_CHK( ecjpake_mul_secret( &xm, 1, &ctx->xm2, &ctx->s,
+                                         &ctx->grp.N, f_rng, p_rng ) );
+    MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &ctx->grp, &Xm, &xm, &G, f_rng, p_rng ) );
+
+    /*
+     * Now write things out
+     *
+     * struct {
+     *     ECParameters curve_params;   // only server writing its message
+     *     ECJPAKEKeyKP ecjpake_key_kp;
+     * } Client/ServerECJPAKEParams;
+     */
+    if( ctx->role == MBEDTLS_ECJPAKE_SERVER )
+    {
+        if( end < p )
+        {
+            ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+            goto cleanup;
+        }
+        MBEDTLS_MPI_CHK( mbedtls_ecp_tls_write_group( &ctx->grp, &ec_len,
+                                                      p, end - p ) );
+        p += ec_len;
+    }
+
+    if( end < p )
+    {
+        ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+        goto cleanup;
+    }
+    MBEDTLS_MPI_CHK( mbedtls_ecp_tls_write_point( &ctx->grp, &Xm,
+                     ctx->point_format, &ec_len, p, end - p ) );
+    p += ec_len;
+
+    MBEDTLS_MPI_CHK( ecjpake_zkp_write( ctx->md_info, &ctx->grp,
+                                        ctx->point_format,
+                                        &G, &xm, &Xm, ID_MINE,
+                                        &p, end, f_rng, p_rng ) );
+
+    *olen = p - buf;
+
+cleanup:
+    mbedtls_ecp_point_free( &G );
+    mbedtls_ecp_point_free( &Xm );
+    mbedtls_mpi_free( &xm );
+
+    return( ret );
+}
+
+/*
+ * Derive PMS (7.4.2.7 / 7.4.2.8)
+ */
+int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx,
+                            unsigned char *buf, size_t len, size_t *olen,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng )
+{
+    int ret;
+    mbedtls_ecp_point K;
+    mbedtls_mpi m_xm2_s, one;
+    unsigned char kx[MBEDTLS_ECP_MAX_BYTES];
+    size_t x_bytes;
+
+    *olen = mbedtls_md_get_size( ctx->md_info );
+    if( len < *olen )
+        return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
+
+    mbedtls_ecp_point_init( &K );
+    mbedtls_mpi_init( &m_xm2_s );
+    mbedtls_mpi_init( &one );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &one, 1 ) );
+
+    /*
+     * Client:  K = ( Xs - X4  * x2  * s ) * x2
+     * Server:  K = ( Xc - X2  * x4  * s ) * x4
+     * Unified: K = ( Xp - Xp2 * xm2 * s ) * xm2
+     */
+    MBEDTLS_MPI_CHK( ecjpake_mul_secret( &m_xm2_s, -1, &ctx->xm2, &ctx->s,
+                                         &ctx->grp.N, f_rng, p_rng ) );
+    MBEDTLS_MPI_CHK( mbedtls_ecp_muladd( &ctx->grp, &K,
+                                         &one, &ctx->Xp,
+                                         &m_xm2_s, &ctx->Xp2 ) );
+    MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &ctx->grp, &K, &ctx->xm2, &K,
+                                      f_rng, p_rng ) );
+
+    /* PMS = SHA-256( K.X ) */
+    x_bytes = ( ctx->grp.pbits + 7 ) / 8;
+    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &K.X, kx, x_bytes ) );
+    MBEDTLS_MPI_CHK( mbedtls_md( ctx->md_info, kx, x_bytes, buf ) );
+
+cleanup:
+    mbedtls_ecp_point_free( &K );
+    mbedtls_mpi_free( &m_xm2_s );
+    mbedtls_mpi_free( &one );
+
+    return( ret );
+}
+
+#undef ID_MINE
+#undef ID_PEER
+
+#endif /* ! MBEDTLS_ECJPAKE_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf     printf
+#endif
+
+#if !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \
+    !defined(MBEDTLS_SHA256_C)
+int mbedtls_ecjpake_self_test( int verbose )
+{
+    (void) verbose;
+    return( 0 );
+}
+#else
+
+static const unsigned char ecjpake_test_password[] = {
+    0x74, 0x68, 0x72, 0x65, 0x61, 0x64, 0x6a, 0x70, 0x61, 0x6b, 0x65, 0x74,
+    0x65, 0x73, 0x74
+};
+
+static const unsigned char ecjpake_test_x1[] = {
+    0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
+    0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
+    0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x21
+};
+
+static const unsigned char ecjpake_test_x2[] = {
+    0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c,
+    0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78,
+    0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 0x81
+};
+
+static const unsigned char ecjpake_test_x3[] = {
+    0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c,
+    0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78,
+    0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 0x81
+};
+
+static const unsigned char ecjpake_test_x4[] = {
+    0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc,
+    0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8,
+    0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, 0xe1
+};
+
+static const unsigned char ecjpake_test_cli_one[] = {
+    0x41, 0x04, 0xac, 0xcf, 0x01, 0x06, 0xef, 0x85, 0x8f, 0xa2, 0xd9, 0x19,
+    0x33, 0x13, 0x46, 0x80, 0x5a, 0x78, 0xb5, 0x8b, 0xba, 0xd0, 0xb8, 0x44,
+    0xe5, 0xc7, 0x89, 0x28, 0x79, 0x14, 0x61, 0x87, 0xdd, 0x26, 0x66, 0xad,
+    0xa7, 0x81, 0xbb, 0x7f, 0x11, 0x13, 0x72, 0x25, 0x1a, 0x89, 0x10, 0x62,
+    0x1f, 0x63, 0x4d, 0xf1, 0x28, 0xac, 0x48, 0xe3, 0x81, 0xfd, 0x6e, 0xf9,
+    0x06, 0x07, 0x31, 0xf6, 0x94, 0xa4, 0x41, 0x04, 0x1d, 0xd0, 0xbd, 0x5d,
+    0x45, 0x66, 0xc9, 0xbe, 0xd9, 0xce, 0x7d, 0xe7, 0x01, 0xb5, 0xe8, 0x2e,
+    0x08, 0xe8, 0x4b, 0x73, 0x04, 0x66, 0x01, 0x8a, 0xb9, 0x03, 0xc7, 0x9e,
+    0xb9, 0x82, 0x17, 0x22, 0x36, 0xc0, 0xc1, 0x72, 0x8a, 0xe4, 0xbf, 0x73,
+    0x61, 0x0d, 0x34, 0xde, 0x44, 0x24, 0x6e, 0xf3, 0xd9, 0xc0, 0x5a, 0x22,
+    0x36, 0xfb, 0x66, 0xa6, 0x58, 0x3d, 0x74, 0x49, 0x30, 0x8b, 0xab, 0xce,
+    0x20, 0x72, 0xfe, 0x16, 0x66, 0x29, 0x92, 0xe9, 0x23, 0x5c, 0x25, 0x00,
+    0x2f, 0x11, 0xb1, 0x50, 0x87, 0xb8, 0x27, 0x38, 0xe0, 0x3c, 0x94, 0x5b,
+    0xf7, 0xa2, 0x99, 0x5d, 0xda, 0x1e, 0x98, 0x34, 0x58, 0x41, 0x04, 0x7e,
+    0xa6, 0xe3, 0xa4, 0x48, 0x70, 0x37, 0xa9, 0xe0, 0xdb, 0xd7, 0x92, 0x62,
+    0xb2, 0xcc, 0x27, 0x3e, 0x77, 0x99, 0x30, 0xfc, 0x18, 0x40, 0x9a, 0xc5,
+    0x36, 0x1c, 0x5f, 0xe6, 0x69, 0xd7, 0x02, 0xe1, 0x47, 0x79, 0x0a, 0xeb,
+    0x4c, 0xe7, 0xfd, 0x65, 0x75, 0xab, 0x0f, 0x6c, 0x7f, 0xd1, 0xc3, 0x35,
+    0x93, 0x9a, 0xa8, 0x63, 0xba, 0x37, 0xec, 0x91, 0xb7, 0xe3, 0x2b, 0xb0,
+    0x13, 0xbb, 0x2b, 0x41, 0x04, 0xa4, 0x95, 0x58, 0xd3, 0x2e, 0xd1, 0xeb,
+    0xfc, 0x18, 0x16, 0xaf, 0x4f, 0xf0, 0x9b, 0x55, 0xfc, 0xb4, 0xca, 0x47,
+    0xb2, 0xa0, 0x2d, 0x1e, 0x7c, 0xaf, 0x11, 0x79, 0xea, 0x3f, 0xe1, 0x39,
+    0x5b, 0x22, 0xb8, 0x61, 0x96, 0x40, 0x16, 0xfa, 0xba, 0xf7, 0x2c, 0x97,
+    0x56, 0x95, 0xd9, 0x3d, 0x4d, 0xf0, 0xe5, 0x19, 0x7f, 0xe9, 0xf0, 0x40,
+    0x63, 0x4e, 0xd5, 0x97, 0x64, 0x93, 0x77, 0x87, 0xbe, 0x20, 0xbc, 0x4d,
+    0xee, 0xbb, 0xf9, 0xb8, 0xd6, 0x0a, 0x33, 0x5f, 0x04, 0x6c, 0xa3, 0xaa,
+    0x94, 0x1e, 0x45, 0x86, 0x4c, 0x7c, 0xad, 0xef, 0x9c, 0xf7, 0x5b, 0x3d,
+    0x8b, 0x01, 0x0e, 0x44, 0x3e, 0xf0
+};
+
+static const unsigned char ecjpake_test_srv_one[] = {
+    0x41, 0x04, 0x7e, 0xa6, 0xe3, 0xa4, 0x48, 0x70, 0x37, 0xa9, 0xe0, 0xdb,
+    0xd7, 0x92, 0x62, 0xb2, 0xcc, 0x27, 0x3e, 0x77, 0x99, 0x30, 0xfc, 0x18,
+    0x40, 0x9a, 0xc5, 0x36, 0x1c, 0x5f, 0xe6, 0x69, 0xd7, 0x02, 0xe1, 0x47,
+    0x79, 0x0a, 0xeb, 0x4c, 0xe7, 0xfd, 0x65, 0x75, 0xab, 0x0f, 0x6c, 0x7f,
+    0xd1, 0xc3, 0x35, 0x93, 0x9a, 0xa8, 0x63, 0xba, 0x37, 0xec, 0x91, 0xb7,
+    0xe3, 0x2b, 0xb0, 0x13, 0xbb, 0x2b, 0x41, 0x04, 0x09, 0xf8, 0x5b, 0x3d,
+    0x20, 0xeb, 0xd7, 0x88, 0x5c, 0xe4, 0x64, 0xc0, 0x8d, 0x05, 0x6d, 0x64,
+    0x28, 0xfe, 0x4d, 0xd9, 0x28, 0x7a, 0xa3, 0x65, 0xf1, 0x31, 0xf4, 0x36,
+    0x0f, 0xf3, 0x86, 0xd8, 0x46, 0x89, 0x8b, 0xc4, 0xb4, 0x15, 0x83, 0xc2,
+    0xa5, 0x19, 0x7f, 0x65, 0xd7, 0x87, 0x42, 0x74, 0x6c, 0x12, 0xa5, 0xec,
+    0x0a, 0x4f, 0xfe, 0x2f, 0x27, 0x0a, 0x75, 0x0a, 0x1d, 0x8f, 0xb5, 0x16,
+    0x20, 0x93, 0x4d, 0x74, 0xeb, 0x43, 0xe5, 0x4d, 0xf4, 0x24, 0xfd, 0x96,
+    0x30, 0x6c, 0x01, 0x17, 0xbf, 0x13, 0x1a, 0xfa, 0xbf, 0x90, 0xa9, 0xd3,
+    0x3d, 0x11, 0x98, 0xd9, 0x05, 0x19, 0x37, 0x35, 0x14, 0x41, 0x04, 0x19,
+    0x0a, 0x07, 0x70, 0x0f, 0xfa, 0x4b, 0xe6, 0xae, 0x1d, 0x79, 0xee, 0x0f,
+    0x06, 0xae, 0xb5, 0x44, 0xcd, 0x5a, 0xdd, 0xaa, 0xbe, 0xdf, 0x70, 0xf8,
+    0x62, 0x33, 0x21, 0x33, 0x2c, 0x54, 0xf3, 0x55, 0xf0, 0xfb, 0xfe, 0xc7,
+    0x83, 0xed, 0x35, 0x9e, 0x5d, 0x0b, 0xf7, 0x37, 0x7a, 0x0f, 0xc4, 0xea,
+    0x7a, 0xce, 0x47, 0x3c, 0x9c, 0x11, 0x2b, 0x41, 0xcc, 0xd4, 0x1a, 0xc5,
+    0x6a, 0x56, 0x12, 0x41, 0x04, 0x36, 0x0a, 0x1c, 0xea, 0x33, 0xfc, 0xe6,
+    0x41, 0x15, 0x64, 0x58, 0xe0, 0xa4, 0xea, 0xc2, 0x19, 0xe9, 0x68, 0x31,
+    0xe6, 0xae, 0xbc, 0x88, 0xb3, 0xf3, 0x75, 0x2f, 0x93, 0xa0, 0x28, 0x1d,
+    0x1b, 0xf1, 0xfb, 0x10, 0x60, 0x51, 0xdb, 0x96, 0x94, 0xa8, 0xd6, 0xe8,
+    0x62, 0xa5, 0xef, 0x13, 0x24, 0xa3, 0xd9, 0xe2, 0x78, 0x94, 0xf1, 0xee,
+    0x4f, 0x7c, 0x59, 0x19, 0x99, 0x65, 0xa8, 0xdd, 0x4a, 0x20, 0x91, 0x84,
+    0x7d, 0x2d, 0x22, 0xdf, 0x3e, 0xe5, 0x5f, 0xaa, 0x2a, 0x3f, 0xb3, 0x3f,
+    0xd2, 0xd1, 0xe0, 0x55, 0xa0, 0x7a, 0x7c, 0x61, 0xec, 0xfb, 0x8d, 0x80,
+    0xec, 0x00, 0xc2, 0xc9, 0xeb, 0x12
+};
+
+static const unsigned char ecjpake_test_srv_two[] = {
+    0x03, 0x00, 0x17, 0x41, 0x04, 0x0f, 0xb2, 0x2b, 0x1d, 0x5d, 0x11, 0x23,
+    0xe0, 0xef, 0x9f, 0xeb, 0x9d, 0x8a, 0x2e, 0x59, 0x0a, 0x1f, 0x4d, 0x7c,
+    0xed, 0x2c, 0x2b, 0x06, 0x58, 0x6e, 0x8f, 0x2a, 0x16, 0xd4, 0xeb, 0x2f,
+    0xda, 0x43, 0x28, 0xa2, 0x0b, 0x07, 0xd8, 0xfd, 0x66, 0x76, 0x54, 0xca,
+    0x18, 0xc5, 0x4e, 0x32, 0xa3, 0x33, 0xa0, 0x84, 0x54, 0x51, 0xe9, 0x26,
+    0xee, 0x88, 0x04, 0xfd, 0x7a, 0xf0, 0xaa, 0xa7, 0xa6, 0x41, 0x04, 0x55,
+    0x16, 0xea, 0x3e, 0x54, 0xa0, 0xd5, 0xd8, 0xb2, 0xce, 0x78, 0x6b, 0x38,
+    0xd3, 0x83, 0x37, 0x00, 0x29, 0xa5, 0xdb, 0xe4, 0x45, 0x9c, 0x9d, 0xd6,
+    0x01, 0xb4, 0x08, 0xa2, 0x4a, 0xe6, 0x46, 0x5c, 0x8a, 0xc9, 0x05, 0xb9,
+    0xeb, 0x03, 0xb5, 0xd3, 0x69, 0x1c, 0x13, 0x9e, 0xf8, 0x3f, 0x1c, 0xd4,
+    0x20, 0x0f, 0x6c, 0x9c, 0xd4, 0xec, 0x39, 0x22, 0x18, 0xa5, 0x9e, 0xd2,
+    0x43, 0xd3, 0xc8, 0x20, 0xff, 0x72, 0x4a, 0x9a, 0x70, 0xb8, 0x8c, 0xb8,
+    0x6f, 0x20, 0xb4, 0x34, 0xc6, 0x86, 0x5a, 0xa1, 0xcd, 0x79, 0x06, 0xdd,
+    0x7c, 0x9b, 0xce, 0x35, 0x25, 0xf5, 0x08, 0x27, 0x6f, 0x26, 0x83, 0x6c
+};
+
+static const unsigned char ecjpake_test_cli_two[] = {
+    0x41, 0x04, 0x69, 0xd5, 0x4e, 0xe8, 0x5e, 0x90, 0xce, 0x3f, 0x12, 0x46,
+    0x74, 0x2d, 0xe5, 0x07, 0xe9, 0x39, 0xe8, 0x1d, 0x1d, 0xc1, 0xc5, 0xcb,
+    0x98, 0x8b, 0x58, 0xc3, 0x10, 0xc9, 0xfd, 0xd9, 0x52, 0x4d, 0x93, 0x72,
+    0x0b, 0x45, 0x54, 0x1c, 0x83, 0xee, 0x88, 0x41, 0x19, 0x1d, 0xa7, 0xce,
+    0xd8, 0x6e, 0x33, 0x12, 0xd4, 0x36, 0x23, 0xc1, 0xd6, 0x3e, 0x74, 0x98,
+    0x9a, 0xba, 0x4a, 0xff, 0xd1, 0xee, 0x41, 0x04, 0x07, 0x7e, 0x8c, 0x31,
+    0xe2, 0x0e, 0x6b, 0xed, 0xb7, 0x60, 0xc1, 0x35, 0x93, 0xe6, 0x9f, 0x15,
+    0xbe, 0x85, 0xc2, 0x7d, 0x68, 0xcd, 0x09, 0xcc, 0xb8, 0xc4, 0x18, 0x36,
+    0x08, 0x91, 0x7c, 0x5c, 0x3d, 0x40, 0x9f, 0xac, 0x39, 0xfe, 0xfe, 0xe8,
+    0x2f, 0x72, 0x92, 0xd3, 0x6f, 0x0d, 0x23, 0xe0, 0x55, 0x91, 0x3f, 0x45,
+    0xa5, 0x2b, 0x85, 0xdd, 0x8a, 0x20, 0x52, 0xe9, 0xe1, 0x29, 0xbb, 0x4d,
+    0x20, 0x0f, 0x01, 0x1f, 0x19, 0x48, 0x35, 0x35, 0xa6, 0xe8, 0x9a, 0x58,
+    0x0c, 0x9b, 0x00, 0x03, 0xba, 0xf2, 0x14, 0x62, 0xec, 0xe9, 0x1a, 0x82,
+    0xcc, 0x38, 0xdb, 0xdc, 0xae, 0x60, 0xd9, 0xc5, 0x4c
+};
+
+static const unsigned char ecjpake_test_pms[] = {
+    0xf3, 0xd4, 0x7f, 0x59, 0x98, 0x44, 0xdb, 0x92, 0xa5, 0x69, 0xbb, 0xe7,
+    0x98, 0x1e, 0x39, 0xd9, 0x31, 0xfd, 0x74, 0x3b, 0xf2, 0x2e, 0x98, 0xf9,
+    0xb4, 0x38, 0xf7, 0x19, 0xd3, 0xc4, 0xf3, 0x51
+};
+
+/* Load my private keys and generate the correponding public keys */
+static int ecjpake_test_load( mbedtls_ecjpake_context *ctx,
+                              const unsigned char *xm1, size_t len1,
+                              const unsigned char *xm2, size_t len2 )
+{
+    int ret;
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm1, xm1, len1 ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm2, xm2, len2 ) );
+    MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &ctx->grp, &ctx->Xm1, &ctx->xm1,
+                                      &ctx->grp.G, NULL, NULL ) );
+    MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &ctx->grp, &ctx->Xm2, &ctx->xm2,
+                                      &ctx->grp.G, NULL, NULL ) );
+
+cleanup:
+    return( ret );
+}
+
+/* For tests we don't need a secure RNG;
+ * use the LGC from Numerical Recipes for simplicity */
+static int ecjpake_lgc( void *p, unsigned char *out, size_t len )
+{
+    static uint32_t x = 42;
+    (void) p;
+
+    while( len > 0 )
+    {
+        size_t use_len = len > 4 ? 4 : len;
+        x = 1664525 * x + 1013904223;
+        memcpy( out, &x, use_len );
+        out += use_len;
+        len -= use_len;
+    }
+
+    return( 0 );
+}
+
+#define TEST_ASSERT( x )    \
+    do {                    \
+        if( x )             \
+            ret = 0;        \
+        else                \
+        {                   \
+            ret = 1;        \
+            goto cleanup;   \
+        }                   \
+    } while( 0 )
+
+/*
+ * Checkup routine
+ */
+int mbedtls_ecjpake_self_test( int verbose )
+{
+    int ret;
+    mbedtls_ecjpake_context cli;
+    mbedtls_ecjpake_context srv;
+    unsigned char buf[512], pms[32];
+    size_t len, pmslen;
+
+    mbedtls_ecjpake_init( &cli );
+    mbedtls_ecjpake_init( &srv );
+
+    if( verbose != 0 )
+        mbedtls_printf( "  ECJPAKE test #0 (setup): " );
+
+    TEST_ASSERT( mbedtls_ecjpake_setup( &cli, MBEDTLS_ECJPAKE_CLIENT,
+                    MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1,
+                    ecjpake_test_password,
+            sizeof( ecjpake_test_password ) ) == 0 );
+
+    TEST_ASSERT( mbedtls_ecjpake_setup( &srv, MBEDTLS_ECJPAKE_SERVER,
+                    MBEDTLS_MD_SHA256, MBEDTLS_ECP_DP_SECP256R1,
+                    ecjpake_test_password,
+            sizeof( ecjpake_test_password ) ) == 0 );
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n" );
+
+    if( verbose != 0 )
+        mbedtls_printf( "  ECJPAKE test #1 (random handshake): " );
+
+    TEST_ASSERT( mbedtls_ecjpake_write_round_one( &cli,
+                 buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 );
+
+    TEST_ASSERT( mbedtls_ecjpake_read_round_one( &srv, buf, len ) == 0 );
+
+    TEST_ASSERT( mbedtls_ecjpake_write_round_one( &srv,
+                 buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 );
+
+    TEST_ASSERT( mbedtls_ecjpake_read_round_one( &cli, buf, len ) == 0 );
+
+    TEST_ASSERT( mbedtls_ecjpake_write_round_two( &srv,
+                 buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 );
+
+    TEST_ASSERT( mbedtls_ecjpake_read_round_two( &cli, buf, len ) == 0 );
+
+    TEST_ASSERT( mbedtls_ecjpake_derive_secret( &cli,
+                 pms, sizeof( pms ), &pmslen, ecjpake_lgc, NULL ) == 0 );
+
+    TEST_ASSERT( mbedtls_ecjpake_write_round_two( &cli,
+                 buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 );
+
+    TEST_ASSERT( mbedtls_ecjpake_read_round_two( &srv, buf, len ) == 0 );
+
+    TEST_ASSERT( mbedtls_ecjpake_derive_secret( &srv,
+                 buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 );
+
+    TEST_ASSERT( len == pmslen );
+    TEST_ASSERT( memcmp( buf, pms, len ) == 0 );
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n" );
+
+    if( verbose != 0 )
+        mbedtls_printf( "  ECJPAKE test #2 (reference handshake): " );
+
+    /* Simulate generation of round one */
+    MBEDTLS_MPI_CHK( ecjpake_test_load( &cli,
+                ecjpake_test_x1, sizeof( ecjpake_test_x1 ),
+                ecjpake_test_x2, sizeof( ecjpake_test_x2 ) ) );
+
+    MBEDTLS_MPI_CHK( ecjpake_test_load( &srv,
+                ecjpake_test_x3, sizeof( ecjpake_test_x3 ),
+                ecjpake_test_x4, sizeof( ecjpake_test_x4 ) ) );
+
+    /* Read round one */
+    TEST_ASSERT( mbedtls_ecjpake_read_round_one( &srv,
+                                    ecjpake_test_cli_one,
+                            sizeof( ecjpake_test_cli_one ) ) == 0 );
+
+    TEST_ASSERT( mbedtls_ecjpake_read_round_one( &cli,
+                                    ecjpake_test_srv_one,
+                            sizeof( ecjpake_test_srv_one ) ) == 0 );
+
+    /* Skip generation of round two, read round two */
+    TEST_ASSERT( mbedtls_ecjpake_read_round_two( &cli,
+                                    ecjpake_test_srv_two,
+                            sizeof( ecjpake_test_srv_two ) ) == 0 );
+
+    TEST_ASSERT( mbedtls_ecjpake_read_round_two( &srv,
+                                    ecjpake_test_cli_two,
+                            sizeof( ecjpake_test_cli_two ) ) == 0 );
+
+    /* Server derives PMS */
+    TEST_ASSERT( mbedtls_ecjpake_derive_secret( &srv,
+                 buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 );
+
+    TEST_ASSERT( len == sizeof( ecjpake_test_pms ) );
+    TEST_ASSERT( memcmp( buf, ecjpake_test_pms, len ) == 0 );
+
+    memset( buf, 0, len ); /* Avoid interferences with next step */
+
+    /* Client derives PMS */
+    TEST_ASSERT( mbedtls_ecjpake_derive_secret( &cli,
+                 buf, sizeof( buf ), &len, ecjpake_lgc, NULL ) == 0 );
+
+    TEST_ASSERT( len == sizeof( ecjpake_test_pms ) );
+    TEST_ASSERT( memcmp( buf, ecjpake_test_pms, len ) == 0 );
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n" );
+
+cleanup:
+    mbedtls_ecjpake_free( &cli );
+    mbedtls_ecjpake_free( &srv );
+
+    if( ret != 0 )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "failed\n" );
+
+        ret = 1;
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+    return( ret );
+}
+
+#undef TEST_ASSERT
+
+#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED && MBEDTLS_SHA256_C */
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_ECJPAKE_C */
diff --git a/thirdparty/mbedtls/library/ecp.c b/thirdparty/mbedtls/library/ecp.c
new file mode 100644
index 0000000000..b41baef27a
--- /dev/null
+++ b/thirdparty/mbedtls/library/ecp.c
@@ -0,0 +1,2195 @@
+/*
+ *  Elliptic curves over GF(p): generic functions
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/*
+ * References:
+ *
+ * SEC1 http://www.secg.org/index.php?action=secg,docs_secg
+ * GECC = Guide to Elliptic Curve Cryptography - Hankerson, Menezes, Vanstone
+ * FIPS 186-3 http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf
+ * RFC 4492 for the related TLS structures and constants
+ *
+ * [Curve25519] http://cr.yp.to/ecdh/curve25519-20060209.pdf
+ *
+ * [2] CORON, Jean-S'ebastien. Resistance against differential power analysis
+ *     for elliptic curve cryptosystems. In : Cryptographic Hardware and
+ *     Embedded Systems. Springer Berlin Heidelberg, 1999. p. 292-302.
+ *     <http://link.springer.com/chapter/10.1007/3-540-48059-5_25>
+ *
+ * [3] HEDABOU, Mustapha, PINEL, Pierre, et B'EN'ETEAU, Lucien. A comb method to
+ *     render ECC resistant against Side Channel Attacks. IACR Cryptology
+ *     ePrint Archive, 2004, vol. 2004, p. 342.
+ *     <http://eprint.iacr.org/2004/342.pdf>
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+
+#include "mbedtls/ecp.h"
+#include "mbedtls/threading.h"
+
+#include <string.h>
+
+#if !defined(MBEDTLS_ECP_ALT)
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#include <stdio.h>
+#define mbedtls_printf     printf
+#define mbedtls_calloc    calloc
+#define mbedtls_free       free
+#endif
+
+#include "mbedtls/ecp_internal.h"
+
+#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+#if defined(MBEDTLS_SELF_TEST)
+/*
+ * Counts of point addition and doubling, and field multiplications.
+ * Used to test resistance of point multiplication to simple timing attacks.
+ */
+static unsigned long add_count, dbl_count, mul_count;
+#endif
+
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)   ||   \
+    defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)   ||   \
+    defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)   ||   \
+    defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+#define ECP_SHORTWEIERSTRASS
+#endif
+
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+#define ECP_MONTGOMERY
+#endif
+
+/*
+ * Curve types: internal for now, might be exposed later
+ */
+typedef enum
+{
+    ECP_TYPE_NONE = 0,
+    ECP_TYPE_SHORT_WEIERSTRASS,    /* y^2 = x^3 + a x + b      */
+    ECP_TYPE_MONTGOMERY,           /* y^2 = x^3 + a x^2 + x    */
+} ecp_curve_type;
+
+/*
+ * List of supported curves:
+ *  - internal ID
+ *  - TLS NamedCurve ID (RFC 4492 sec. 5.1.1, RFC 7071 sec. 2)
+ *  - size in bits
+ *  - readable name
+ *
+ * Curves are listed in order: largest curves first, and for a given size,
+ * fastest curves first. This provides the default order for the SSL module.
+ *
+ * Reminder: update profiles in x509_crt.c when adding a new curves!
+ */
+static const mbedtls_ecp_curve_info ecp_supported_curves[] =
+{
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+    { MBEDTLS_ECP_DP_SECP521R1,    25,     521,    "secp521r1"         },
+#endif
+#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+    { MBEDTLS_ECP_DP_BP512R1,      28,     512,    "brainpoolP512r1"   },
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+    { MBEDTLS_ECP_DP_SECP384R1,    24,     384,    "secp384r1"         },
+#endif
+#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+    { MBEDTLS_ECP_DP_BP384R1,      27,     384,    "brainpoolP384r1"   },
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+    { MBEDTLS_ECP_DP_SECP256R1,    23,     256,    "secp256r1"         },
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+    { MBEDTLS_ECP_DP_SECP256K1,    22,     256,    "secp256k1"         },
+#endif
+#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+    { MBEDTLS_ECP_DP_BP256R1,      26,     256,    "brainpoolP256r1"   },
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+    { MBEDTLS_ECP_DP_SECP224R1,    21,     224,    "secp224r1"         },
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+    { MBEDTLS_ECP_DP_SECP224K1,    20,     224,    "secp224k1"         },
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+    { MBEDTLS_ECP_DP_SECP192R1,    19,     192,    "secp192r1"         },
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+    { MBEDTLS_ECP_DP_SECP192K1,    18,     192,    "secp192k1"         },
+#endif
+    { MBEDTLS_ECP_DP_NONE,          0,     0,      NULL                },
+};
+
+#define ECP_NB_CURVES   sizeof( ecp_supported_curves ) /    \
+                        sizeof( ecp_supported_curves[0] )
+
+static mbedtls_ecp_group_id ecp_supported_grp_id[ECP_NB_CURVES];
+
+/*
+ * List of supported curves and associated info
+ */
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void )
+{
+    return( ecp_supported_curves );
+}
+
+/*
+ * List of supported curves, group ID only
+ */
+const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void )
+{
+    static int init_done = 0;
+
+    if( ! init_done )
+    {
+        size_t i = 0;
+        const mbedtls_ecp_curve_info *curve_info;
+
+        for( curve_info = mbedtls_ecp_curve_list();
+             curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
+             curve_info++ )
+        {
+            ecp_supported_grp_id[i++] = curve_info->grp_id;
+        }
+        ecp_supported_grp_id[i] = MBEDTLS_ECP_DP_NONE;
+
+        init_done = 1;
+    }
+
+    return( ecp_supported_grp_id );
+}
+
+/*
+ * Get the curve info for the internal identifier
+ */
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id( mbedtls_ecp_group_id grp_id )
+{
+    const mbedtls_ecp_curve_info *curve_info;
+
+    for( curve_info = mbedtls_ecp_curve_list();
+         curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
+         curve_info++ )
+    {
+        if( curve_info->grp_id == grp_id )
+            return( curve_info );
+    }
+
+    return( NULL );
+}
+
+/*
+ * Get the curve info from the TLS identifier
+ */
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id( uint16_t tls_id )
+{
+    const mbedtls_ecp_curve_info *curve_info;
+
+    for( curve_info = mbedtls_ecp_curve_list();
+         curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
+         curve_info++ )
+    {
+        if( curve_info->tls_id == tls_id )
+            return( curve_info );
+    }
+
+    return( NULL );
+}
+
+/*
+ * Get the curve info from the name
+ */
+const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name( const char *name )
+{
+    const mbedtls_ecp_curve_info *curve_info;
+
+    for( curve_info = mbedtls_ecp_curve_list();
+         curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
+         curve_info++ )
+    {
+        if( strcmp( curve_info->name, name ) == 0 )
+            return( curve_info );
+    }
+
+    return( NULL );
+}
+
+/*
+ * Get the type of a curve
+ */
+static inline ecp_curve_type ecp_get_type( const mbedtls_ecp_group *grp )
+{
+    if( grp->G.X.p == NULL )
+        return( ECP_TYPE_NONE );
+
+    if( grp->G.Y.p == NULL )
+        return( ECP_TYPE_MONTGOMERY );
+    else
+        return( ECP_TYPE_SHORT_WEIERSTRASS );
+}
+
+/*
+ * Initialize (the components of) a point
+ */
+void mbedtls_ecp_point_init( mbedtls_ecp_point *pt )
+{
+    if( pt == NULL )
+        return;
+
+    mbedtls_mpi_init( &pt->X );
+    mbedtls_mpi_init( &pt->Y );
+    mbedtls_mpi_init( &pt->Z );
+}
+
+/*
+ * Initialize (the components of) a group
+ */
+void mbedtls_ecp_group_init( mbedtls_ecp_group *grp )
+{
+    if( grp == NULL )
+        return;
+
+    memset( grp, 0, sizeof( mbedtls_ecp_group ) );
+}
+
+/*
+ * Initialize (the components of) a key pair
+ */
+void mbedtls_ecp_keypair_init( mbedtls_ecp_keypair *key )
+{
+    if( key == NULL )
+        return;
+
+    mbedtls_ecp_group_init( &key->grp );
+    mbedtls_mpi_init( &key->d );
+    mbedtls_ecp_point_init( &key->Q );
+}
+
+/*
+ * Unallocate (the components of) a point
+ */
+void mbedtls_ecp_point_free( mbedtls_ecp_point *pt )
+{
+    if( pt == NULL )
+        return;
+
+    mbedtls_mpi_free( &( pt->X ) );
+    mbedtls_mpi_free( &( pt->Y ) );
+    mbedtls_mpi_free( &( pt->Z ) );
+}
+
+/*
+ * Unallocate (the components of) a group
+ */
+void mbedtls_ecp_group_free( mbedtls_ecp_group *grp )
+{
+    size_t i;
+
+    if( grp == NULL )
+        return;
+
+    if( grp->h != 1 )
+    {
+        mbedtls_mpi_free( &grp->P );
+        mbedtls_mpi_free( &grp->A );
+        mbedtls_mpi_free( &grp->B );
+        mbedtls_ecp_point_free( &grp->G );
+        mbedtls_mpi_free( &grp->N );
+    }
+
+    if( grp->T != NULL )
+    {
+        for( i = 0; i < grp->T_size; i++ )
+            mbedtls_ecp_point_free( &grp->T[i] );
+        mbedtls_free( grp->T );
+    }
+
+    mbedtls_zeroize( grp, sizeof( mbedtls_ecp_group ) );
+}
+
+/*
+ * Unallocate (the components of) a key pair
+ */
+void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key )
+{
+    if( key == NULL )
+        return;
+
+    mbedtls_ecp_group_free( &key->grp );
+    mbedtls_mpi_free( &key->d );
+    mbedtls_ecp_point_free( &key->Q );
+}
+
+/*
+ * Copy the contents of a point
+ */
+int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q )
+{
+    int ret;
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &P->X, &Q->X ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &P->Y, &Q->Y ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &P->Z, &Q->Z ) );
+
+cleanup:
+    return( ret );
+}
+
+/*
+ * Copy the contents of a group object
+ */
+int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst, const mbedtls_ecp_group *src )
+{
+    return mbedtls_ecp_group_load( dst, src->id );
+}
+
+/*
+ * Set point to zero
+ */
+int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt )
+{
+    int ret;
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->X , 1 ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Y , 1 ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Z , 0 ) );
+
+cleanup:
+    return( ret );
+}
+
+/*
+ * Tell if a point is zero
+ */
+int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt )
+{
+    return( mbedtls_mpi_cmp_int( &pt->Z, 0 ) == 0 );
+}
+
+/*
+ * Compare two points lazyly
+ */
+int mbedtls_ecp_point_cmp( const mbedtls_ecp_point *P,
+                           const mbedtls_ecp_point *Q )
+{
+    if( mbedtls_mpi_cmp_mpi( &P->X, &Q->X ) == 0 &&
+        mbedtls_mpi_cmp_mpi( &P->Y, &Q->Y ) == 0 &&
+        mbedtls_mpi_cmp_mpi( &P->Z, &Q->Z ) == 0 )
+    {
+        return( 0 );
+    }
+
+    return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+}
+
+/*
+ * Import a non-zero point from ASCII strings
+ */
+int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix,
+                           const char *x, const char *y )
+{
+    int ret;
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &P->X, radix, x ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &P->Y, radix, y ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &P->Z, 1 ) );
+
+cleanup:
+    return( ret );
+}
+
+/*
+ * Export a point into unsigned binary data (SEC1 2.3.3)
+ */
+int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *P,
+                            int format, size_t *olen,
+                            unsigned char *buf, size_t buflen )
+{
+    int ret = 0;
+    size_t plen;
+
+    if( format != MBEDTLS_ECP_PF_UNCOMPRESSED &&
+        format != MBEDTLS_ECP_PF_COMPRESSED )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    /*
+     * Common case: P == 0
+     */
+    if( mbedtls_mpi_cmp_int( &P->Z, 0 ) == 0 )
+    {
+        if( buflen < 1 )
+            return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
+
+        buf[0] = 0x00;
+        *olen = 1;
+
+        return( 0 );
+    }
+
+    plen = mbedtls_mpi_size( &grp->P );
+
+    if( format == MBEDTLS_ECP_PF_UNCOMPRESSED )
+    {
+        *olen = 2 * plen + 1;
+
+        if( buflen < *olen )
+            return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
+
+        buf[0] = 0x04;
+        MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &P->X, buf + 1, plen ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &P->Y, buf + 1 + plen, plen ) );
+    }
+    else if( format == MBEDTLS_ECP_PF_COMPRESSED )
+    {
+        *olen = plen + 1;
+
+        if( buflen < *olen )
+            return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
+
+        buf[0] = 0x02 + mbedtls_mpi_get_bit( &P->Y, 0 );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &P->X, buf + 1, plen ) );
+    }
+
+cleanup:
+    return( ret );
+}
+
+/*
+ * Import a point from unsigned binary data (SEC1 2.3.4)
+ */
+int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt,
+                           const unsigned char *buf, size_t ilen )
+{
+    int ret;
+    size_t plen;
+
+    if( ilen < 1 )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    if( buf[0] == 0x00 )
+    {
+        if( ilen == 1 )
+            return( mbedtls_ecp_set_zero( pt ) );
+        else
+            return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+    }
+
+    plen = mbedtls_mpi_size( &grp->P );
+
+    if( buf[0] != 0x04 )
+        return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
+
+    if( ilen != 2 * plen + 1 )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &pt->X, buf + 1, plen ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &pt->Y, buf + 1 + plen, plen ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Z, 1 ) );
+
+cleanup:
+    return( ret );
+}
+
+/*
+ * Import a point from a TLS ECPoint record (RFC 4492)
+ *      struct {
+ *          opaque point <1..2^8-1>;
+ *      } ECPoint;
+ */
+int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt,
+                        const unsigned char **buf, size_t buf_len )
+{
+    unsigned char data_len;
+    const unsigned char *buf_start;
+
+    /*
+     * We must have at least two bytes (1 for length, at least one for data)
+     */
+    if( buf_len < 2 )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    data_len = *(*buf)++;
+    if( data_len < 1 || data_len > buf_len - 1 )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    /*
+     * Save buffer start for read_binary and update buf
+     */
+    buf_start = *buf;
+    *buf += data_len;
+
+    return mbedtls_ecp_point_read_binary( grp, pt, buf_start, data_len );
+}
+
+/*
+ * Export a point as a TLS ECPoint record (RFC 4492)
+ *      struct {
+ *          opaque point <1..2^8-1>;
+ *      } ECPoint;
+ */
+int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt,
+                         int format, size_t *olen,
+                         unsigned char *buf, size_t blen )
+{
+    int ret;
+
+    /*
+     * buffer length must be at least one, for our length byte
+     */
+    if( blen < 1 )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    if( ( ret = mbedtls_ecp_point_write_binary( grp, pt, format,
+                    olen, buf + 1, blen - 1) ) != 0 )
+        return( ret );
+
+    /*
+     * write length to the first byte and update total length
+     */
+    buf[0] = (unsigned char) *olen;
+    ++*olen;
+
+    return( 0 );
+}
+
+/*
+ * Set a group from an ECParameters record (RFC 4492)
+ */
+int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp, const unsigned char **buf, size_t len )
+{
+    uint16_t tls_id;
+    const mbedtls_ecp_curve_info *curve_info;
+
+    /*
+     * We expect at least three bytes (see below)
+     */
+    if( len < 3 )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    /*
+     * First byte is curve_type; only named_curve is handled
+     */
+    if( *(*buf)++ != MBEDTLS_ECP_TLS_NAMED_CURVE )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    /*
+     * Next two bytes are the namedcurve value
+     */
+    tls_id = *(*buf)++;
+    tls_id <<= 8;
+    tls_id |= *(*buf)++;
+
+    if( ( curve_info = mbedtls_ecp_curve_info_from_tls_id( tls_id ) ) == NULL )
+        return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
+
+    return mbedtls_ecp_group_load( grp, curve_info->grp_id );
+}
+
+/*
+ * Write the ECParameters record corresponding to a group (RFC 4492)
+ */
+int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen,
+                         unsigned char *buf, size_t blen )
+{
+    const mbedtls_ecp_curve_info *curve_info;
+
+    if( ( curve_info = mbedtls_ecp_curve_info_from_grp_id( grp->id ) ) == NULL )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    /*
+     * We are going to write 3 bytes (see below)
+     */
+    *olen = 3;
+    if( blen < *olen )
+        return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
+
+    /*
+     * First byte is curve_type, always named_curve
+     */
+    *buf++ = MBEDTLS_ECP_TLS_NAMED_CURVE;
+
+    /*
+     * Next two bytes are the namedcurve value
+     */
+    buf[0] = curve_info->tls_id >> 8;
+    buf[1] = curve_info->tls_id & 0xFF;
+
+    return( 0 );
+}
+
+/*
+ * Wrapper around fast quasi-modp functions, with fall-back to mbedtls_mpi_mod_mpi.
+ * See the documentation of struct mbedtls_ecp_group.
+ *
+ * This function is in the critial loop for mbedtls_ecp_mul, so pay attention to perf.
+ */
+static int ecp_modp( mbedtls_mpi *N, const mbedtls_ecp_group *grp )
+{
+    int ret;
+
+    if( grp->modp == NULL )
+        return( mbedtls_mpi_mod_mpi( N, N, &grp->P ) );
+
+    /* N->s < 0 is a much faster test, which fails only if N is 0 */
+    if( ( N->s < 0 && mbedtls_mpi_cmp_int( N, 0 ) != 0 ) ||
+        mbedtls_mpi_bitlen( N ) > 2 * grp->pbits )
+    {
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+    }
+
+    MBEDTLS_MPI_CHK( grp->modp( N ) );
+
+    /* N->s < 0 is a much faster test, which fails only if N is 0 */
+    while( N->s < 0 && mbedtls_mpi_cmp_int( N, 0 ) != 0 )
+        MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( N, N, &grp->P ) );
+
+    while( mbedtls_mpi_cmp_mpi( N, &grp->P ) >= 0 )
+        /* we known P, N and the result are positive */
+        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( N, N, &grp->P ) );
+
+cleanup:
+    return( ret );
+}
+
+/*
+ * Fast mod-p functions expect their argument to be in the 0..p^2 range.
+ *
+ * In order to guarantee that, we need to ensure that operands of
+ * mbedtls_mpi_mul_mpi are in the 0..p range. So, after each operation we will
+ * bring the result back to this range.
+ *
+ * The following macros are shortcuts for doing that.
+ */
+
+/*
+ * Reduce a mbedtls_mpi mod p in-place, general case, to use after mbedtls_mpi_mul_mpi
+ */
+#if defined(MBEDTLS_SELF_TEST)
+#define INC_MUL_COUNT   mul_count++;
+#else
+#define INC_MUL_COUNT
+#endif
+
+#define MOD_MUL( N )    do { MBEDTLS_MPI_CHK( ecp_modp( &N, grp ) ); INC_MUL_COUNT } \
+                        while( 0 )
+
+/*
+ * Reduce a mbedtls_mpi mod p in-place, to use after mbedtls_mpi_sub_mpi
+ * N->s < 0 is a very fast test, which fails only if N is 0
+ */
+#define MOD_SUB( N )                                \
+    while( N.s < 0 && mbedtls_mpi_cmp_int( &N, 0 ) != 0 )   \
+        MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &N, &N, &grp->P ) )
+
+/*
+ * Reduce a mbedtls_mpi mod p in-place, to use after mbedtls_mpi_add_mpi and mbedtls_mpi_mul_int.
+ * We known P, N and the result are positive, so sub_abs is correct, and
+ * a bit faster.
+ */
+#define MOD_ADD( N )                                \
+    while( mbedtls_mpi_cmp_mpi( &N, &grp->P ) >= 0 )        \
+        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &N, &N, &grp->P ) )
+
+#if defined(ECP_SHORTWEIERSTRASS)
+/*
+ * For curves in short Weierstrass form, we do all the internal operations in
+ * Jacobian coordinates.
+ *
+ * For multiplication, we'll use a comb method with coutermeasueres against
+ * SPA, hence timing attacks.
+ */
+
+/*
+ * Normalize jacobian coordinates so that Z == 0 || Z == 1  (GECC 3.2.1)
+ * Cost: 1N := 1I + 3M + 1S
+ */
+static int ecp_normalize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt )
+{
+    int ret;
+    mbedtls_mpi Zi, ZZi;
+
+    if( mbedtls_mpi_cmp_int( &pt->Z, 0 ) == 0 )
+        return( 0 );
+
+#if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT)
+    if ( mbedtls_internal_ecp_grp_capable( grp ) )
+    {
+        return mbedtls_internal_ecp_normalize_jac( grp, pt );
+    }
+#endif /* MBEDTLS_ECP_NORMALIZE_JAC_ALT */
+    mbedtls_mpi_init( &Zi ); mbedtls_mpi_init( &ZZi );
+
+    /*
+     * X = X / Z^2  mod p
+     */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &Zi,      &pt->Z,     &grp->P ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ZZi,     &Zi,        &Zi     ) ); MOD_MUL( ZZi );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &pt->X,   &pt->X,     &ZZi    ) ); MOD_MUL( pt->X );
+
+    /*
+     * Y = Y / Z^3  mod p
+     */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &pt->Y,   &pt->Y,     &ZZi    ) ); MOD_MUL( pt->Y );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &pt->Y,   &pt->Y,     &Zi     ) ); MOD_MUL( pt->Y );
+
+    /*
+     * Z = 1
+     */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &pt->Z, 1 ) );
+
+cleanup:
+
+    mbedtls_mpi_free( &Zi ); mbedtls_mpi_free( &ZZi );
+
+    return( ret );
+}
+
+/*
+ * Normalize jacobian coordinates of an array of (pointers to) points,
+ * using Montgomery's trick to perform only one inversion mod P.
+ * (See for example Cohen's "A Course in Computational Algebraic Number
+ * Theory", Algorithm 10.3.4.)
+ *
+ * Warning: fails (returning an error) if one of the points is zero!
+ * This should never happen, see choice of w in ecp_mul_comb().
+ *
+ * Cost: 1N(t) := 1I + (6t - 3)M + 1S
+ */
+static int ecp_normalize_jac_many( const mbedtls_ecp_group *grp,
+                                   mbedtls_ecp_point *T[], size_t t_len )
+{
+    int ret;
+    size_t i;
+    mbedtls_mpi *c, u, Zi, ZZi;
+
+    if( t_len < 2 )
+        return( ecp_normalize_jac( grp, *T ) );
+
+#if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT)
+    if ( mbedtls_internal_ecp_grp_capable( grp ) )
+    {
+        return mbedtls_internal_ecp_normalize_jac_many(grp, T, t_len);
+    }
+#endif
+
+    if( ( c = mbedtls_calloc( t_len, sizeof( mbedtls_mpi ) ) ) == NULL )
+        return( MBEDTLS_ERR_ECP_ALLOC_FAILED );
+
+    mbedtls_mpi_init( &u ); mbedtls_mpi_init( &Zi ); mbedtls_mpi_init( &ZZi );
+
+    /*
+     * c[i] = Z_0 * ... * Z_i
+     */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &c[0], &T[0]->Z ) );
+    for( i = 1; i < t_len; i++ )
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &c[i], &c[i-1], &T[i]->Z ) );
+        MOD_MUL( c[i] );
+    }
+
+    /*
+     * u = 1 / (Z_0 * ... * Z_n) mod P
+     */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &u, &c[t_len-1], &grp->P ) );
+
+    for( i = t_len - 1; ; i-- )
+    {
+        /*
+         * Zi = 1 / Z_i mod p
+         * u = 1 / (Z_0 * ... * Z_i) mod P
+         */
+        if( i == 0 ) {
+            MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &Zi, &u ) );
+        }
+        else
+        {
+            MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &Zi, &u, &c[i-1]  ) ); MOD_MUL( Zi );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &u,  &u, &T[i]->Z ) ); MOD_MUL( u );
+        }
+
+        /*
+         * proceed as in normalize()
+         */
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ZZi,     &Zi,      &Zi  ) ); MOD_MUL( ZZi );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T[i]->X, &T[i]->X, &ZZi ) ); MOD_MUL( T[i]->X );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T[i]->Y, &T[i]->Y, &ZZi ) ); MOD_MUL( T[i]->Y );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T[i]->Y, &T[i]->Y, &Zi  ) ); MOD_MUL( T[i]->Y );
+
+        /*
+         * Post-precessing: reclaim some memory by shrinking coordinates
+         * - not storing Z (always 1)
+         * - shrinking other coordinates, but still keeping the same number of
+         *   limbs as P, as otherwise it will too likely be regrown too fast.
+         */
+        MBEDTLS_MPI_CHK( mbedtls_mpi_shrink( &T[i]->X, grp->P.n ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_shrink( &T[i]->Y, grp->P.n ) );
+        mbedtls_mpi_free( &T[i]->Z );
+
+        if( i == 0 )
+            break;
+    }
+
+cleanup:
+
+    mbedtls_mpi_free( &u ); mbedtls_mpi_free( &Zi ); mbedtls_mpi_free( &ZZi );
+    for( i = 0; i < t_len; i++ )
+        mbedtls_mpi_free( &c[i] );
+    mbedtls_free( c );
+
+    return( ret );
+}
+
+/*
+ * Conditional point inversion: Q -> -Q = (Q.X, -Q.Y, Q.Z) without leak.
+ * "inv" must be 0 (don't invert) or 1 (invert) or the result will be invalid
+ */
+static int ecp_safe_invert_jac( const mbedtls_ecp_group *grp,
+                            mbedtls_ecp_point *Q,
+                            unsigned char inv )
+{
+    int ret;
+    unsigned char nonzero;
+    mbedtls_mpi mQY;
+
+    mbedtls_mpi_init( &mQY );
+
+    /* Use the fact that -Q.Y mod P = P - Q.Y unless Q.Y == 0 */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &mQY, &grp->P, &Q->Y ) );
+    nonzero = mbedtls_mpi_cmp_int( &Q->Y, 0 ) != 0;
+    MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &Q->Y, &mQY, inv & nonzero ) );
+
+cleanup:
+    mbedtls_mpi_free( &mQY );
+
+    return( ret );
+}
+
+/*
+ * Point doubling R = 2 P, Jacobian coordinates
+ *
+ * Based on http://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian.html#doubling-dbl-1998-cmo-2 .
+ *
+ * We follow the variable naming fairly closely. The formula variations that trade a MUL for a SQR
+ * (plus a few ADDs) aren't useful as our bignum implementation doesn't distinguish squaring.
+ *
+ * Standard optimizations are applied when curve parameter A is one of { 0, -3 }.
+ *
+ * Cost: 1D := 3M + 4S          (A ==  0)
+ *             4M + 4S          (A == -3)
+ *             3M + 6S + 1a     otherwise
+ */
+static int ecp_double_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+                           const mbedtls_ecp_point *P )
+{
+    int ret;
+    mbedtls_mpi M, S, T, U;
+
+#if defined(MBEDTLS_SELF_TEST)
+    dbl_count++;
+#endif
+
+#if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT)
+    if ( mbedtls_internal_ecp_grp_capable( grp ) )
+    {
+        return mbedtls_internal_ecp_double_jac( grp, R, P );
+    }
+#endif /* MBEDTLS_ECP_DOUBLE_JAC_ALT */
+
+    mbedtls_mpi_init( &M ); mbedtls_mpi_init( &S ); mbedtls_mpi_init( &T ); mbedtls_mpi_init( &U );
+
+    /* Special case for A = -3 */
+    if( grp->A.p == NULL )
+    {
+        /* M = 3(X + Z^2)(X - Z^2) */
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S,  &P->Z,  &P->Z   ) ); MOD_MUL( S );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &T,  &P->X,  &S      ) ); MOD_ADD( T );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &U,  &P->X,  &S      ) ); MOD_SUB( U );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S,  &T,     &U      ) ); MOD_MUL( S );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &M,  &S,     3       ) ); MOD_ADD( M );
+    }
+    else
+    {
+        /* M = 3.X^2 */
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S,  &P->X,  &P->X   ) ); MOD_MUL( S );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &M,  &S,     3       ) ); MOD_ADD( M );
+
+        /* Optimize away for "koblitz" curves with A = 0 */
+        if( mbedtls_mpi_cmp_int( &grp->A, 0 ) != 0 )
+        {
+            /* M += A.Z^4 */
+            MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S,  &P->Z,  &P->Z   ) ); MOD_MUL( S );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T,  &S,     &S      ) ); MOD_MUL( T );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S,  &T,     &grp->A ) ); MOD_MUL( S );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &M,  &M,     &S      ) ); MOD_ADD( M );
+        }
+    }
+
+    /* S = 4.X.Y^2 */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T,  &P->Y,  &P->Y   ) ); MOD_MUL( T );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &T,  1               ) ); MOD_ADD( T );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S,  &P->X,  &T      ) ); MOD_MUL( S );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &S,  1               ) ); MOD_ADD( S );
+
+    /* U = 8.Y^4 */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &U,  &T,     &T      ) ); MOD_MUL( U );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &U,  1               ) ); MOD_ADD( U );
+
+    /* T = M^2 - 2.S */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T,  &M,     &M      ) ); MOD_MUL( T );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &T,  &T,     &S      ) ); MOD_SUB( T );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &T,  &T,     &S      ) ); MOD_SUB( T );
+
+    /* S = M(S - T) - U */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &S,  &S,     &T      ) ); MOD_SUB( S );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S,  &S,     &M      ) ); MOD_MUL( S );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &S,  &S,     &U      ) ); MOD_SUB( S );
+
+    /* U = 2.Y.Z */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &U,  &P->Y,  &P->Z   ) ); MOD_MUL( U );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &U,  1               ) ); MOD_ADD( U );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->X, &T ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->Y, &S ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->Z, &U ) );
+
+cleanup:
+    mbedtls_mpi_free( &M ); mbedtls_mpi_free( &S ); mbedtls_mpi_free( &T ); mbedtls_mpi_free( &U );
+
+    return( ret );
+}
+
+/*
+ * Addition: R = P + Q, mixed affine-Jacobian coordinates (GECC 3.22)
+ *
+ * The coordinates of Q must be normalized (= affine),
+ * but those of P don't need to. R is not normalized.
+ *
+ * Special cases: (1) P or Q is zero, (2) R is zero, (3) P == Q.
+ * None of these cases can happen as intermediate step in ecp_mul_comb():
+ * - at each step, P, Q and R are multiples of the base point, the factor
+ *   being less than its order, so none of them is zero;
+ * - Q is an odd multiple of the base point, P an even multiple,
+ *   due to the choice of precomputed points in the modified comb method.
+ * So branches for these cases do not leak secret information.
+ *
+ * We accept Q->Z being unset (saving memory in tables) as meaning 1.
+ *
+ * Cost: 1A := 8M + 3S
+ */
+static int ecp_add_mixed( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+                          const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q )
+{
+    int ret;
+    mbedtls_mpi T1, T2, T3, T4, X, Y, Z;
+
+#if defined(MBEDTLS_SELF_TEST)
+    add_count++;
+#endif
+
+#if defined(MBEDTLS_ECP_ADD_MIXED_ALT)
+    if ( mbedtls_internal_ecp_grp_capable( grp ) )
+    {
+        return mbedtls_internal_ecp_add_mixed( grp, R, P, Q );
+    }
+#endif /* MBEDTLS_ECP_ADD_MIXED_ALT */
+
+    /*
+     * Trivial cases: P == 0 or Q == 0 (case 1)
+     */
+    if( mbedtls_mpi_cmp_int( &P->Z, 0 ) == 0 )
+        return( mbedtls_ecp_copy( R, Q ) );
+
+    if( Q->Z.p != NULL && mbedtls_mpi_cmp_int( &Q->Z, 0 ) == 0 )
+        return( mbedtls_ecp_copy( R, P ) );
+
+    /*
+     * Make sure Q coordinates are normalized
+     */
+    if( Q->Z.p != NULL && mbedtls_mpi_cmp_int( &Q->Z, 1 ) != 0 )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    mbedtls_mpi_init( &T1 ); mbedtls_mpi_init( &T2 ); mbedtls_mpi_init( &T3 ); mbedtls_mpi_init( &T4 );
+    mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T1,  &P->Z,  &P->Z ) );  MOD_MUL( T1 );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T2,  &T1,    &P->Z ) );  MOD_MUL( T2 );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T1,  &T1,    &Q->X ) );  MOD_MUL( T1 );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T2,  &T2,    &Q->Y ) );  MOD_MUL( T2 );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &T1,  &T1,    &P->X ) );  MOD_SUB( T1 );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &T2,  &T2,    &P->Y ) );  MOD_SUB( T2 );
+
+    /* Special cases (2) and (3) */
+    if( mbedtls_mpi_cmp_int( &T1, 0 ) == 0 )
+    {
+        if( mbedtls_mpi_cmp_int( &T2, 0 ) == 0 )
+        {
+            ret = ecp_double_jac( grp, R, P );
+            goto cleanup;
+        }
+        else
+        {
+            ret = mbedtls_ecp_set_zero( R );
+            goto cleanup;
+        }
+    }
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &Z,   &P->Z,  &T1   ) );  MOD_MUL( Z  );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T3,  &T1,    &T1   ) );  MOD_MUL( T3 );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T4,  &T3,    &T1   ) );  MOD_MUL( T4 );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T3,  &T3,    &P->X ) );  MOD_MUL( T3 );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &T1,  &T3,    2     ) );  MOD_ADD( T1 );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &X,   &T2,    &T2   ) );  MOD_MUL( X  );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &X,   &X,     &T1   ) );  MOD_SUB( X  );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &X,   &X,     &T4   ) );  MOD_SUB( X  );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &T3,  &T3,    &X    ) );  MOD_SUB( T3 );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T3,  &T3,    &T2   ) );  MOD_MUL( T3 );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T4,  &T4,    &P->Y ) );  MOD_MUL( T4 );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &Y,   &T3,    &T4   ) );  MOD_SUB( Y  );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->X, &X ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->Y, &Y ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &R->Z, &Z ) );
+
+cleanup:
+
+    mbedtls_mpi_free( &T1 ); mbedtls_mpi_free( &T2 ); mbedtls_mpi_free( &T3 ); mbedtls_mpi_free( &T4 );
+    mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &Z );
+
+    return( ret );
+}
+
+/*
+ * Randomize jacobian coordinates:
+ * (X, Y, Z) -> (l^2 X, l^3 Y, l Z) for random l
+ * This is sort of the reverse operation of ecp_normalize_jac().
+ *
+ * This countermeasure was first suggested in [2].
+ */
+static int ecp_randomize_jac( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt,
+                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+    int ret;
+    mbedtls_mpi l, ll;
+    size_t p_size;
+    int count = 0;
+
+#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT)
+    if ( mbedtls_internal_ecp_grp_capable( grp ) )
+    {
+        return mbedtls_internal_ecp_randomize_jac( grp, pt, f_rng, p_rng );
+    }
+#endif /* MBEDTLS_ECP_RANDOMIZE_JAC_ALT */
+
+    p_size = ( grp->pbits + 7 ) / 8;
+    mbedtls_mpi_init( &l ); mbedtls_mpi_init( &ll );
+
+    /* Generate l such that 1 < l < p */
+    do
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &l, p_size, f_rng, p_rng ) );
+
+        while( mbedtls_mpi_cmp_mpi( &l, &grp->P ) >= 0 )
+            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &l, 1 ) );
+
+        if( count++ > 10 )
+            return( MBEDTLS_ERR_ECP_RANDOM_FAILED );
+    }
+    while( mbedtls_mpi_cmp_int( &l, 1 ) <= 0 );
+
+    /* Z = l * Z */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &pt->Z,   &pt->Z,     &l  ) ); MOD_MUL( pt->Z );
+
+    /* X = l^2 * X */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ll,      &l,         &l  ) ); MOD_MUL( ll );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &pt->X,   &pt->X,     &ll ) ); MOD_MUL( pt->X );
+
+    /* Y = l^3 * Y */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ll,      &ll,        &l  ) ); MOD_MUL( ll );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &pt->Y,   &pt->Y,     &ll ) ); MOD_MUL( pt->Y );
+
+cleanup:
+    mbedtls_mpi_free( &l ); mbedtls_mpi_free( &ll );
+
+    return( ret );
+}
+
+/*
+ * Check and define parameters used by the comb method (see below for details)
+ */
+#if MBEDTLS_ECP_WINDOW_SIZE < 2 || MBEDTLS_ECP_WINDOW_SIZE > 7
+#error "MBEDTLS_ECP_WINDOW_SIZE out of bounds"
+#endif
+
+/* d = ceil( n / w ) */
+#define COMB_MAX_D      ( MBEDTLS_ECP_MAX_BITS + 1 ) / 2
+
+/* number of precomputed points */
+#define COMB_MAX_PRE    ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) )
+
+/*
+ * Compute the representation of m that will be used with our comb method.
+ *
+ * The basic comb method is described in GECC 3.44 for example. We use a
+ * modified version that provides resistance to SPA by avoiding zero
+ * digits in the representation as in [3]. We modify the method further by
+ * requiring that all K_i be odd, which has the small cost that our
+ * representation uses one more K_i, due to carries.
+ *
+ * Also, for the sake of compactness, only the seven low-order bits of x[i]
+ * are used to represent K_i, and the msb of x[i] encodes the the sign (s_i in
+ * the paper): it is set if and only if if s_i == -1;
+ *
+ * Calling conventions:
+ * - x is an array of size d + 1
+ * - w is the size, ie number of teeth, of the comb, and must be between
+ *   2 and 7 (in practice, between 2 and MBEDTLS_ECP_WINDOW_SIZE)
+ * - m is the MPI, expected to be odd and such that bitlength(m) <= w * d
+ *   (the result will be incorrect if these assumptions are not satisfied)
+ */
+static void ecp_comb_fixed( unsigned char x[], size_t d,
+                            unsigned char w, const mbedtls_mpi *m )
+{
+    size_t i, j;
+    unsigned char c, cc, adjust;
+
+    memset( x, 0, d+1 );
+
+    /* First get the classical comb values (except for x_d = 0) */
+    for( i = 0; i < d; i++ )
+        for( j = 0; j < w; j++ )
+            x[i] |= mbedtls_mpi_get_bit( m, i + d * j ) << j;
+
+    /* Now make sure x_1 .. x_d are odd */
+    c = 0;
+    for( i = 1; i <= d; i++ )
+    {
+        /* Add carry and update it */
+        cc   = x[i] & c;
+        x[i] = x[i] ^ c;
+        c = cc;
+
+        /* Adjust if needed, avoiding branches */
+        adjust = 1 - ( x[i] & 0x01 );
+        c   |= x[i] & ( x[i-1] * adjust );
+        x[i] = x[i] ^ ( x[i-1] * adjust );
+        x[i-1] |= adjust << 7;
+    }
+}
+
+/*
+ * Precompute points for the comb method
+ *
+ * If i = i_{w-1} ... i_1 is the binary representation of i, then
+ * T[i] = i_{w-1} 2^{(w-1)d} P + ... + i_1 2^d P + P
+ *
+ * T must be able to hold 2^{w - 1} elements
+ *
+ * Cost: d(w-1) D + (2^{w-1} - 1) A + 1 N(w-1) + 1 N(2^{w-1} - 1)
+ */
+static int ecp_precompute_comb( const mbedtls_ecp_group *grp,
+                                mbedtls_ecp_point T[], const mbedtls_ecp_point *P,
+                                unsigned char w, size_t d )
+{
+    int ret;
+    unsigned char i, k;
+    size_t j;
+    mbedtls_ecp_point *cur, *TT[COMB_MAX_PRE - 1];
+
+    /*
+     * Set T[0] = P and
+     * T[2^{l-1}] = 2^{dl} P for l = 1 .. w-1 (this is not the final value)
+     */
+    MBEDTLS_MPI_CHK( mbedtls_ecp_copy( &T[0], P ) );
+
+    k = 0;
+    for( i = 1; i < ( 1U << ( w - 1 ) ); i <<= 1 )
+    {
+        cur = T + i;
+        MBEDTLS_MPI_CHK( mbedtls_ecp_copy( cur, T + ( i >> 1 ) ) );
+        for( j = 0; j < d; j++ )
+            MBEDTLS_MPI_CHK( ecp_double_jac( grp, cur, cur ) );
+
+        TT[k++] = cur;
+    }
+
+    MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, k ) );
+
+    /*
+     * Compute the remaining ones using the minimal number of additions
+     * Be careful to update T[2^l] only after using it!
+     */
+    k = 0;
+    for( i = 1; i < ( 1U << ( w - 1 ) ); i <<= 1 )
+    {
+        j = i;
+        while( j-- )
+        {
+            MBEDTLS_MPI_CHK( ecp_add_mixed( grp, &T[i + j], &T[j], &T[i] ) );
+            TT[k++] = &T[i + j];
+        }
+    }
+
+    MBEDTLS_MPI_CHK( ecp_normalize_jac_many( grp, TT, k ) );
+
+cleanup:
+
+    return( ret );
+}
+
+/*
+ * Select precomputed point: R = sign(i) * T[ abs(i) / 2 ]
+ */
+static int ecp_select_comb( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+                            const mbedtls_ecp_point T[], unsigned char t_len,
+                            unsigned char i )
+{
+    int ret;
+    unsigned char ii, j;
+
+    /* Ignore the "sign" bit and scale down */
+    ii =  ( i & 0x7Fu ) >> 1;
+
+    /* Read the whole table to thwart cache-based timing attacks */
+    for( j = 0; j < t_len; j++ )
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &R->X, &T[j].X, j == ii ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &R->Y, &T[j].Y, j == ii ) );
+    }
+
+    /* Safely invert result if i is "negative" */
+    MBEDTLS_MPI_CHK( ecp_safe_invert_jac( grp, R, i >> 7 ) );
+
+cleanup:
+    return( ret );
+}
+
+/*
+ * Core multiplication algorithm for the (modified) comb method.
+ * This part is actually common with the basic comb method (GECC 3.44)
+ *
+ * Cost: d A + d D + 1 R
+ */
+static int ecp_mul_comb_core( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+                              const mbedtls_ecp_point T[], unsigned char t_len,
+                              const unsigned char x[], size_t d,
+                              int (*f_rng)(void *, unsigned char *, size_t),
+                              void *p_rng )
+{
+    int ret;
+    mbedtls_ecp_point Txi;
+    size_t i;
+
+    mbedtls_ecp_point_init( &Txi );
+
+    /* Start with a non-zero point and randomize its coordinates */
+    i = d;
+    MBEDTLS_MPI_CHK( ecp_select_comb( grp, R, T, t_len, x[i] ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->Z, 1 ) );
+    if( f_rng != 0 )
+        MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, R, f_rng, p_rng ) );
+
+    while( i-- != 0 )
+    {
+        MBEDTLS_MPI_CHK( ecp_double_jac( grp, R, R ) );
+        MBEDTLS_MPI_CHK( ecp_select_comb( grp, &Txi, T, t_len, x[i] ) );
+        MBEDTLS_MPI_CHK( ecp_add_mixed( grp, R, R, &Txi ) );
+    }
+
+cleanup:
+
+    mbedtls_ecp_point_free( &Txi );
+
+    return( ret );
+}
+
+/*
+ * Multiplication using the comb method,
+ * for curves in short Weierstrass form
+ */
+static int ecp_mul_comb( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+                         const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+                         int (*f_rng)(void *, unsigned char *, size_t),
+                         void *p_rng )
+{
+    int ret;
+    unsigned char w, m_is_odd, p_eq_g, pre_len, i;
+    size_t d;
+    unsigned char k[COMB_MAX_D + 1];
+    mbedtls_ecp_point *T;
+    mbedtls_mpi M, mm;
+
+    mbedtls_mpi_init( &M );
+    mbedtls_mpi_init( &mm );
+
+    /* we need N to be odd to trnaform m in an odd number, check now */
+    if( mbedtls_mpi_get_bit( &grp->N, 0 ) != 1 )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    /*
+     * Minimize the number of multiplications, that is minimize
+     * 10 * d * w + 18 * 2^(w-1) + 11 * d + 7 * w, with d = ceil( nbits / w )
+     * (see costs of the various parts, with 1S = 1M)
+     */
+    w = grp->nbits >= 384 ? 5 : 4;
+
+    /*
+     * If P == G, pre-compute a bit more, since this may be re-used later.
+     * Just adding one avoids upping the cost of the first mul too much,
+     * and the memory cost too.
+     */
+#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1
+    p_eq_g = ( mbedtls_mpi_cmp_mpi( &P->Y, &grp->G.Y ) == 0 &&
+               mbedtls_mpi_cmp_mpi( &P->X, &grp->G.X ) == 0 );
+    if( p_eq_g )
+        w++;
+#else
+    p_eq_g = 0;
+#endif
+
+    /*
+     * Make sure w is within bounds.
+     * (The last test is useful only for very small curves in the test suite.)
+     */
+    if( w > MBEDTLS_ECP_WINDOW_SIZE )
+        w = MBEDTLS_ECP_WINDOW_SIZE;
+    if( w >= grp->nbits )
+        w = 2;
+
+    /* Other sizes that depend on w */
+    pre_len = 1U << ( w - 1 );
+    d = ( grp->nbits + w - 1 ) / w;
+
+    /*
+     * Prepare precomputed points: if P == G we want to
+     * use grp->T if already initialized, or initialize it.
+     */
+    T = p_eq_g ? grp->T : NULL;
+
+    if( T == NULL )
+    {
+        T = mbedtls_calloc( pre_len, sizeof( mbedtls_ecp_point ) );
+        if( T == NULL )
+        {
+            ret = MBEDTLS_ERR_ECP_ALLOC_FAILED;
+            goto cleanup;
+        }
+
+        MBEDTLS_MPI_CHK( ecp_precompute_comb( grp, T, P, w, d ) );
+
+        if( p_eq_g )
+        {
+            grp->T = T;
+            grp->T_size = pre_len;
+        }
+    }
+
+    /*
+     * Make sure M is odd (M = m or M = N - m, since N is odd)
+     * using the fact that m * P = - (N - m) * P
+     */
+    m_is_odd = ( mbedtls_mpi_get_bit( m, 0 ) == 1 );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &M, m ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &mm, &grp->N, m ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_assign( &M, &mm, ! m_is_odd ) );
+
+    /*
+     * Go for comb multiplication, R = M * P
+     */
+    ecp_comb_fixed( k, d, w, &M );
+    MBEDTLS_MPI_CHK( ecp_mul_comb_core( grp, R, T, pre_len, k, d, f_rng, p_rng ) );
+
+    /*
+     * Now get m * P from M * P and normalize it
+     */
+    MBEDTLS_MPI_CHK( ecp_safe_invert_jac( grp, R, ! m_is_odd ) );
+    MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, R ) );
+
+cleanup:
+
+    if( T != NULL && ! p_eq_g )
+    {
+        for( i = 0; i < pre_len; i++ )
+            mbedtls_ecp_point_free( &T[i] );
+        mbedtls_free( T );
+    }
+
+    mbedtls_mpi_free( &M );
+    mbedtls_mpi_free( &mm );
+
+    if( ret != 0 )
+        mbedtls_ecp_point_free( R );
+
+    return( ret );
+}
+
+#endif /* ECP_SHORTWEIERSTRASS */
+
+#if defined(ECP_MONTGOMERY)
+/*
+ * For Montgomery curves, we do all the internal arithmetic in projective
+ * coordinates. Import/export of points uses only the x coordinates, which is
+ * internaly represented as X / Z.
+ *
+ * For scalar multiplication, we'll use a Montgomery ladder.
+ */
+
+/*
+ * Normalize Montgomery x/z coordinates: X = X/Z, Z = 1
+ * Cost: 1M + 1I
+ */
+static int ecp_normalize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P )
+{
+    int ret;
+
+#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT)
+    if ( mbedtls_internal_ecp_grp_capable( grp ) )
+    {
+        return mbedtls_internal_ecp_normalize_mxz( grp, P );
+    }
+#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &P->Z, &P->Z, &grp->P ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &P->X, &P->X, &P->Z ) ); MOD_MUL( P->X );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &P->Z, 1 ) );
+
+cleanup:
+    return( ret );
+}
+
+/*
+ * Randomize projective x/z coordinates:
+ * (X, Z) -> (l X, l Z) for random l
+ * This is sort of the reverse operation of ecp_normalize_mxz().
+ *
+ * This countermeasure was first suggested in [2].
+ * Cost: 2M
+ */
+static int ecp_randomize_mxz( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P,
+                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+    int ret;
+    mbedtls_mpi l;
+    size_t p_size;
+    int count = 0;
+
+#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT)
+    if ( mbedtls_internal_ecp_grp_capable( grp ) )
+    {
+        return mbedtls_internal_ecp_randomize_mxz( grp, P, f_rng, p_rng );
+    }
+#endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */
+
+    p_size = ( grp->pbits + 7 ) / 8;
+    mbedtls_mpi_init( &l );
+
+    /* Generate l such that 1 < l < p */
+    do
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &l, p_size, f_rng, p_rng ) );
+
+        while( mbedtls_mpi_cmp_mpi( &l, &grp->P ) >= 0 )
+            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &l, 1 ) );
+
+        if( count++ > 10 )
+            return( MBEDTLS_ERR_ECP_RANDOM_FAILED );
+    }
+    while( mbedtls_mpi_cmp_int( &l, 1 ) <= 0 );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &P->X, &P->X, &l ) ); MOD_MUL( P->X );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &P->Z, &P->Z, &l ) ); MOD_MUL( P->Z );
+
+cleanup:
+    mbedtls_mpi_free( &l );
+
+    return( ret );
+}
+
+/*
+ * Double-and-add: R = 2P, S = P + Q, with d = X(P - Q),
+ * for Montgomery curves in x/z coordinates.
+ *
+ * http://www.hyperelliptic.org/EFD/g1p/auto-code/montgom/xz/ladder/mladd-1987-m.op3
+ * with
+ * d =  X1
+ * P = (X2, Z2)
+ * Q = (X3, Z3)
+ * R = (X4, Z4)
+ * S = (X5, Z5)
+ * and eliminating temporary variables tO, ..., t4.
+ *
+ * Cost: 5M + 4S
+ */
+static int ecp_double_add_mxz( const mbedtls_ecp_group *grp,
+                               mbedtls_ecp_point *R, mbedtls_ecp_point *S,
+                               const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q,
+                               const mbedtls_mpi *d )
+{
+    int ret;
+    mbedtls_mpi A, AA, B, BB, E, C, D, DA, CB;
+
+#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT)
+    if ( mbedtls_internal_ecp_grp_capable( grp ) )
+    {
+        return mbedtls_internal_ecp_double_add_mxz( grp, R, S, P, Q, d );
+    }
+#endif /* MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT */
+
+    mbedtls_mpi_init( &A ); mbedtls_mpi_init( &AA ); mbedtls_mpi_init( &B );
+    mbedtls_mpi_init( &BB ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &C );
+    mbedtls_mpi_init( &D ); mbedtls_mpi_init( &DA ); mbedtls_mpi_init( &CB );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &A,    &P->X,   &P->Z ) ); MOD_ADD( A    );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &AA,   &A,      &A    ) ); MOD_MUL( AA   );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &B,    &P->X,   &P->Z ) ); MOD_SUB( B    );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &BB,   &B,      &B    ) ); MOD_MUL( BB   );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &E,    &AA,     &BB   ) ); MOD_SUB( E    );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &C,    &Q->X,   &Q->Z ) ); MOD_ADD( C    );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &D,    &Q->X,   &Q->Z ) ); MOD_SUB( D    );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DA,   &D,      &A    ) ); MOD_MUL( DA   );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &CB,   &C,      &B    ) ); MOD_MUL( CB   );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &S->X, &DA,     &CB   ) ); MOD_MUL( S->X );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S->X, &S->X,   &S->X ) ); MOD_MUL( S->X );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &S->Z, &DA,     &CB   ) ); MOD_SUB( S->Z );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S->Z, &S->Z,   &S->Z ) ); MOD_MUL( S->Z );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &S->Z, d,       &S->Z ) ); MOD_MUL( S->Z );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &R->X, &AA,     &BB   ) ); MOD_MUL( R->X );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &R->Z, &grp->A, &E    ) ); MOD_MUL( R->Z );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &R->Z, &BB,     &R->Z ) ); MOD_ADD( R->Z );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &R->Z, &E,      &R->Z ) ); MOD_MUL( R->Z );
+
+cleanup:
+    mbedtls_mpi_free( &A ); mbedtls_mpi_free( &AA ); mbedtls_mpi_free( &B );
+    mbedtls_mpi_free( &BB ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &C );
+    mbedtls_mpi_free( &D ); mbedtls_mpi_free( &DA ); mbedtls_mpi_free( &CB );
+
+    return( ret );
+}
+
+/*
+ * Multiplication with Montgomery ladder in x/z coordinates,
+ * for curves in Montgomery form
+ */
+static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+                        const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+                        int (*f_rng)(void *, unsigned char *, size_t),
+                        void *p_rng )
+{
+    int ret;
+    size_t i;
+    unsigned char b;
+    mbedtls_ecp_point RP;
+    mbedtls_mpi PX;
+
+    mbedtls_ecp_point_init( &RP ); mbedtls_mpi_init( &PX );
+
+    /* Save PX and read from P before writing to R, in case P == R */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &PX, &P->X ) );
+    MBEDTLS_MPI_CHK( mbedtls_ecp_copy( &RP, P ) );
+
+    /* Set R to zero in modified x/z coordinates */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->X, 1 ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->Z, 0 ) );
+    mbedtls_mpi_free( &R->Y );
+
+    /* RP.X might be sligtly larger than P, so reduce it */
+    MOD_ADD( RP.X );
+
+    /* Randomize coordinates of the starting point */
+    if( f_rng != NULL )
+        MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, &RP, f_rng, p_rng ) );
+
+    /* Loop invariant: R = result so far, RP = R + P */
+    i = mbedtls_mpi_bitlen( m ); /* one past the (zero-based) most significant bit */
+    while( i-- > 0 )
+    {
+        b = mbedtls_mpi_get_bit( m, i );
+        /*
+         *  if (b) R = 2R + P else R = 2R,
+         * which is:
+         *  if (b) double_add( RP, R, RP, R )
+         *  else   double_add( R, RP, R, RP )
+         * but using safe conditional swaps to avoid leaks
+         */
+        MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_swap( &R->X, &RP.X, b ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_swap( &R->Z, &RP.Z, b ) );
+        MBEDTLS_MPI_CHK( ecp_double_add_mxz( grp, R, &RP, R, &RP, &PX ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_swap( &R->X, &RP.X, b ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_safe_cond_swap( &R->Z, &RP.Z, b ) );
+    }
+
+    MBEDTLS_MPI_CHK( ecp_normalize_mxz( grp, R ) );
+
+cleanup:
+    mbedtls_ecp_point_free( &RP ); mbedtls_mpi_free( &PX );
+
+    return( ret );
+}
+
+#endif /* ECP_MONTGOMERY */
+
+/*
+ * Multiplication R = m * P
+ */
+int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+             const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+    int ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+    char is_grp_capable = 0;
+#endif
+
+    /* Common sanity checks */
+    if( mbedtls_mpi_cmp_int( &P->Z, 1 ) != 0 )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+    if( ( ret = mbedtls_ecp_check_privkey( grp, m ) ) != 0 ||
+        ( ret = mbedtls_ecp_check_pubkey( grp, P ) ) != 0 )
+        return( ret );
+
+#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+    if ( is_grp_capable = mbedtls_internal_ecp_grp_capable( grp )  )
+    {
+        MBEDTLS_MPI_CHK( mbedtls_internal_ecp_init( grp ) );
+    }
+
+#endif /* MBEDTLS_ECP_INTERNAL_ALT */
+#if defined(ECP_MONTGOMERY)
+    if( ecp_get_type( grp ) == ECP_TYPE_MONTGOMERY )
+        ret = ecp_mul_mxz( grp, R, m, P, f_rng, p_rng );
+
+#endif
+#if defined(ECP_SHORTWEIERSTRASS)
+    if( ecp_get_type( grp ) == ECP_TYPE_SHORT_WEIERSTRASS )
+        ret = ecp_mul_comb( grp, R, m, P, f_rng, p_rng );
+
+#endif
+#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+cleanup:
+
+    if ( is_grp_capable )
+    {
+        mbedtls_internal_ecp_free( grp );
+    }
+
+#endif /* MBEDTLS_ECP_INTERNAL_ALT */
+    return( ret );
+}
+
+#if defined(ECP_SHORTWEIERSTRASS)
+/*
+ * Check that an affine point is valid as a public key,
+ * short weierstrass curves (SEC1 3.2.3.1)
+ */
+static int ecp_check_pubkey_sw( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt )
+{
+    int ret;
+    mbedtls_mpi YY, RHS;
+
+    /* pt coordinates must be normalized for our checks */
+    if( mbedtls_mpi_cmp_int( &pt->X, 0 ) < 0 ||
+        mbedtls_mpi_cmp_int( &pt->Y, 0 ) < 0 ||
+        mbedtls_mpi_cmp_mpi( &pt->X, &grp->P ) >= 0 ||
+        mbedtls_mpi_cmp_mpi( &pt->Y, &grp->P ) >= 0 )
+        return( MBEDTLS_ERR_ECP_INVALID_KEY );
+
+    mbedtls_mpi_init( &YY ); mbedtls_mpi_init( &RHS );
+
+    /*
+     * YY = Y^2
+     * RHS = X (X^2 + A) + B = X^3 + A X + B
+     */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &YY,  &pt->Y,   &pt->Y  ) );  MOD_MUL( YY  );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &RHS, &pt->X,   &pt->X  ) );  MOD_MUL( RHS );
+
+    /* Special case for A = -3 */
+    if( grp->A.p == NULL )
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &RHS, &RHS, 3       ) );  MOD_SUB( RHS );
+    }
+    else
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &RHS, &RHS, &grp->A ) );  MOD_ADD( RHS );
+    }
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &RHS, &RHS,     &pt->X  ) );  MOD_MUL( RHS );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &RHS, &RHS,     &grp->B ) );  MOD_ADD( RHS );
+
+    if( mbedtls_mpi_cmp_mpi( &YY, &RHS ) != 0 )
+        ret = MBEDTLS_ERR_ECP_INVALID_KEY;
+
+cleanup:
+
+    mbedtls_mpi_free( &YY ); mbedtls_mpi_free( &RHS );
+
+    return( ret );
+}
+#endif /* ECP_SHORTWEIERSTRASS */
+
+/*
+ * R = m * P with shortcuts for m == 1 and m == -1
+ * NOT constant-time - ONLY for short Weierstrass!
+ */
+static int mbedtls_ecp_mul_shortcuts( mbedtls_ecp_group *grp,
+                                      mbedtls_ecp_point *R,
+                                      const mbedtls_mpi *m,
+                                      const mbedtls_ecp_point *P )
+{
+    int ret;
+
+    if( mbedtls_mpi_cmp_int( m, 1 ) == 0 )
+    {
+        MBEDTLS_MPI_CHK( mbedtls_ecp_copy( R, P ) );
+    }
+    else if( mbedtls_mpi_cmp_int( m, -1 ) == 0 )
+    {
+        MBEDTLS_MPI_CHK( mbedtls_ecp_copy( R, P ) );
+        if( mbedtls_mpi_cmp_int( &R->Y, 0 ) != 0 )
+            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &R->Y, &grp->P, &R->Y ) );
+    }
+    else
+    {
+        MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, NULL, NULL ) );
+    }
+
+cleanup:
+    return( ret );
+}
+
+/*
+ * Linear combination
+ * NOT constant-time
+ */
+int mbedtls_ecp_muladd( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+             const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+             const mbedtls_mpi *n, const mbedtls_ecp_point *Q )
+{
+    int ret;
+    mbedtls_ecp_point mP;
+#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+    char is_grp_capable = 0;
+#endif
+
+    if( ecp_get_type( grp ) != ECP_TYPE_SHORT_WEIERSTRASS )
+        return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
+
+    mbedtls_ecp_point_init( &mP );
+
+    MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, &mP, m, P ) );
+    MBEDTLS_MPI_CHK( mbedtls_ecp_mul_shortcuts( grp, R,   n, Q ) );
+
+#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+    if (  is_grp_capable = mbedtls_internal_ecp_grp_capable( grp )  )
+    {
+        MBEDTLS_MPI_CHK( mbedtls_internal_ecp_init( grp ) );
+    }
+
+#endif /* MBEDTLS_ECP_INTERNAL_ALT */
+    MBEDTLS_MPI_CHK( ecp_add_mixed( grp, R, &mP, R ) );
+    MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, R ) );
+
+cleanup:
+
+#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+    if ( is_grp_capable )
+    {
+        mbedtls_internal_ecp_free( grp );
+    }
+
+#endif /* MBEDTLS_ECP_INTERNAL_ALT */
+    mbedtls_ecp_point_free( &mP );
+
+    return( ret );
+}
+
+
+#if defined(ECP_MONTGOMERY)
+/*
+ * Check validity of a public key for Montgomery curves with x-only schemes
+ */
+static int ecp_check_pubkey_mx( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt )
+{
+    /* [Curve25519 p. 5] Just check X is the correct number of bytes */
+    if( mbedtls_mpi_size( &pt->X ) > ( grp->nbits + 7 ) / 8 )
+        return( MBEDTLS_ERR_ECP_INVALID_KEY );
+
+    return( 0 );
+}
+#endif /* ECP_MONTGOMERY */
+
+/*
+ * Check that a point is valid as a public key
+ */
+int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt )
+{
+    /* Must use affine coordinates */
+    if( mbedtls_mpi_cmp_int( &pt->Z, 1 ) != 0 )
+        return( MBEDTLS_ERR_ECP_INVALID_KEY );
+
+#if defined(ECP_MONTGOMERY)
+    if( ecp_get_type( grp ) == ECP_TYPE_MONTGOMERY )
+        return( ecp_check_pubkey_mx( grp, pt ) );
+#endif
+#if defined(ECP_SHORTWEIERSTRASS)
+    if( ecp_get_type( grp ) == ECP_TYPE_SHORT_WEIERSTRASS )
+        return( ecp_check_pubkey_sw( grp, pt ) );
+#endif
+    return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+}
+
+/*
+ * Check that an mbedtls_mpi is valid as a private key
+ */
+int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, const mbedtls_mpi *d )
+{
+#if defined(ECP_MONTGOMERY)
+    if( ecp_get_type( grp ) == ECP_TYPE_MONTGOMERY )
+    {
+        /* see [Curve25519] page 5 */
+        if( mbedtls_mpi_get_bit( d, 0 ) != 0 ||
+            mbedtls_mpi_get_bit( d, 1 ) != 0 ||
+            mbedtls_mpi_get_bit( d, 2 ) != 0 ||
+            mbedtls_mpi_bitlen( d ) - 1 != grp->nbits ) /* mbedtls_mpi_bitlen is one-based! */
+            return( MBEDTLS_ERR_ECP_INVALID_KEY );
+        else
+            return( 0 );
+    }
+#endif /* ECP_MONTGOMERY */
+#if defined(ECP_SHORTWEIERSTRASS)
+    if( ecp_get_type( grp ) == ECP_TYPE_SHORT_WEIERSTRASS )
+    {
+        /* see SEC1 3.2 */
+        if( mbedtls_mpi_cmp_int( d, 1 ) < 0 ||
+            mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 )
+            return( MBEDTLS_ERR_ECP_INVALID_KEY );
+        else
+            return( 0 );
+    }
+#endif /* ECP_SHORTWEIERSTRASS */
+
+    return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+}
+
+/*
+ * Generate a keypair with configurable base point
+ */
+int mbedtls_ecp_gen_keypair_base( mbedtls_ecp_group *grp,
+                     const mbedtls_ecp_point *G,
+                     mbedtls_mpi *d, mbedtls_ecp_point *Q,
+                     int (*f_rng)(void *, unsigned char *, size_t),
+                     void *p_rng )
+{
+    int ret;
+    size_t n_size = ( grp->nbits + 7 ) / 8;
+
+#if defined(ECP_MONTGOMERY)
+    if( ecp_get_type( grp ) == ECP_TYPE_MONTGOMERY )
+    {
+        /* [M225] page 5 */
+        size_t b;
+
+        do {
+            MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_size, f_rng, p_rng ) );
+        } while( mbedtls_mpi_bitlen( d ) == 0);
+
+        /* Make sure the most significant bit is nbits */
+        b = mbedtls_mpi_bitlen( d ) - 1; /* mbedtls_mpi_bitlen is one-based */
+        if( b > grp->nbits )
+            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, b - grp->nbits ) );
+        else
+            MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, grp->nbits, 1 ) );
+
+        /* Make sure the last three bits are unset */
+        MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 0, 0 ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 1, 0 ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( d, 2, 0 ) );
+    }
+    else
+#endif /* ECP_MONTGOMERY */
+#if defined(ECP_SHORTWEIERSTRASS)
+    if( ecp_get_type( grp ) == ECP_TYPE_SHORT_WEIERSTRASS )
+    {
+        /* SEC1 3.2.1: Generate d such that 1 <= n < N */
+        int count = 0;
+
+        /*
+         * Match the procedure given in RFC 6979 (deterministic ECDSA):
+         * - use the same byte ordering;
+         * - keep the leftmost nbits bits of the generated octet string;
+         * - try until result is in the desired range.
+         * This also avoids any biais, which is especially important for ECDSA.
+         */
+        do
+        {
+            MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( d, n_size, f_rng, p_rng ) );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( d, 8 * n_size - grp->nbits ) );
+
+            /*
+             * Each try has at worst a probability 1/2 of failing (the msb has
+             * a probability 1/2 of being 0, and then the result will be < N),
+             * so after 30 tries failure probability is a most 2**(-30).
+             *
+             * For most curves, 1 try is enough with overwhelming probability,
+             * since N starts with a lot of 1s in binary, but some curves
+             * such as secp224k1 are actually very close to the worst case.
+             */
+            if( ++count > 30 )
+                return( MBEDTLS_ERR_ECP_RANDOM_FAILED );
+        }
+        while( mbedtls_mpi_cmp_int( d, 1 ) < 0 ||
+               mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 );
+    }
+    else
+#endif /* ECP_SHORTWEIERSTRASS */
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+cleanup:
+    if( ret != 0 )
+        return( ret );
+
+    return( mbedtls_ecp_mul( grp, Q, d, G, f_rng, p_rng ) );
+}
+
+/*
+ * Generate key pair, wrapper for conventional base point
+ */
+int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp,
+                             mbedtls_mpi *d, mbedtls_ecp_point *Q,
+                             int (*f_rng)(void *, unsigned char *, size_t),
+                             void *p_rng )
+{
+    return( mbedtls_ecp_gen_keypair_base( grp, &grp->G, d, Q, f_rng, p_rng ) );
+}
+
+/*
+ * Generate a keypair, prettier wrapper
+ */
+int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
+                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+    int ret;
+
+    if( ( ret = mbedtls_ecp_group_load( &key->grp, grp_id ) ) != 0 )
+        return( ret );
+
+    return( mbedtls_ecp_gen_keypair( &key->grp, &key->d, &key->Q, f_rng, p_rng ) );
+}
+
+/*
+ * Check a public-private key pair
+ */
+int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv )
+{
+    int ret;
+    mbedtls_ecp_point Q;
+    mbedtls_ecp_group grp;
+
+    if( pub->grp.id == MBEDTLS_ECP_DP_NONE ||
+        pub->grp.id != prv->grp.id ||
+        mbedtls_mpi_cmp_mpi( &pub->Q.X, &prv->Q.X ) ||
+        mbedtls_mpi_cmp_mpi( &pub->Q.Y, &prv->Q.Y ) ||
+        mbedtls_mpi_cmp_mpi( &pub->Q.Z, &prv->Q.Z ) )
+    {
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+    }
+
+    mbedtls_ecp_point_init( &Q );
+    mbedtls_ecp_group_init( &grp );
+
+    /* mbedtls_ecp_mul() needs a non-const group... */
+    mbedtls_ecp_group_copy( &grp, &prv->grp );
+
+    /* Also checks d is valid */
+    MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &Q, &prv->d, &prv->grp.G, NULL, NULL ) );
+
+    if( mbedtls_mpi_cmp_mpi( &Q.X, &prv->Q.X ) ||
+        mbedtls_mpi_cmp_mpi( &Q.Y, &prv->Q.Y ) ||
+        mbedtls_mpi_cmp_mpi( &Q.Z, &prv->Q.Z ) )
+    {
+        ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+cleanup:
+    mbedtls_ecp_point_free( &Q );
+    mbedtls_ecp_group_free( &grp );
+
+    return( ret );
+}
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/*
+ * Checkup routine
+ */
+int mbedtls_ecp_self_test( int verbose )
+{
+    int ret;
+    size_t i;
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point R, P;
+    mbedtls_mpi m;
+    unsigned long add_c_prev, dbl_c_prev, mul_c_prev;
+    /* exponents especially adapted for secp192r1 */
+    const char *exponents[] =
+    {
+        "000000000000000000000000000000000000000000000001", /* one */
+        "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22830", /* N - 1 */
+        "5EA6F389A38B8BC81E767753B15AA5569E1782E30ABE7D25", /* random */
+        "400000000000000000000000000000000000000000000000", /* one and zeros */
+        "7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", /* all ones */
+        "555555555555555555555555555555555555555555555555", /* 101010... */
+    };
+
+    mbedtls_ecp_group_init( &grp );
+    mbedtls_ecp_point_init( &R );
+    mbedtls_ecp_point_init( &P );
+    mbedtls_mpi_init( &m );
+
+    /* Use secp192r1 if available, or any available curve */
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+    MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, MBEDTLS_ECP_DP_SECP192R1 ) );
+#else
+    MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &grp, mbedtls_ecp_curve_list()->grp_id ) );
+#endif
+
+    if( verbose != 0 )
+        mbedtls_printf( "  ECP test #1 (constant op_count, base point G): " );
+
+    /* Do a dummy multiplication first to trigger precomputation */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &m, 2 ) );
+    MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &P, &m, &grp.G, NULL, NULL ) );
+
+    add_count = 0;
+    dbl_count = 0;
+    mul_count = 0;
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &m, 16, exponents[0] ) );
+    MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &R, &m, &grp.G, NULL, NULL ) );
+
+    for( i = 1; i < sizeof( exponents ) / sizeof( exponents[0] ); i++ )
+    {
+        add_c_prev = add_count;
+        dbl_c_prev = dbl_count;
+        mul_c_prev = mul_count;
+        add_count = 0;
+        dbl_count = 0;
+        mul_count = 0;
+
+        MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &m, 16, exponents[i] ) );
+        MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &R, &m, &grp.G, NULL, NULL ) );
+
+        if( add_count != add_c_prev ||
+            dbl_count != dbl_c_prev ||
+            mul_count != mul_c_prev )
+        {
+            if( verbose != 0 )
+                mbedtls_printf( "failed (%u)\n", (unsigned int) i );
+
+            ret = 1;
+            goto cleanup;
+        }
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n" );
+
+    if( verbose != 0 )
+        mbedtls_printf( "  ECP test #2 (constant op_count, other point): " );
+    /* We computed P = 2G last time, use it */
+
+    add_count = 0;
+    dbl_count = 0;
+    mul_count = 0;
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &m, 16, exponents[0] ) );
+    MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &R, &m, &P, NULL, NULL ) );
+
+    for( i = 1; i < sizeof( exponents ) / sizeof( exponents[0] ); i++ )
+    {
+        add_c_prev = add_count;
+        dbl_c_prev = dbl_count;
+        mul_c_prev = mul_count;
+        add_count = 0;
+        dbl_count = 0;
+        mul_count = 0;
+
+        MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &m, 16, exponents[i] ) );
+        MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &R, &m, &P, NULL, NULL ) );
+
+        if( add_count != add_c_prev ||
+            dbl_count != dbl_c_prev ||
+            mul_count != mul_c_prev )
+        {
+            if( verbose != 0 )
+                mbedtls_printf( "failed (%u)\n", (unsigned int) i );
+
+            ret = 1;
+            goto cleanup;
+        }
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n" );
+
+cleanup:
+
+    if( ret < 0 && verbose != 0 )
+        mbedtls_printf( "Unexpected error, return code = %08X\n", ret );
+
+    mbedtls_ecp_group_free( &grp );
+    mbedtls_ecp_point_free( &R );
+    mbedtls_ecp_point_free( &P );
+    mbedtls_mpi_free( &m );
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+    return( ret );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* !MBEDTLS_ECP_ALT */
+
+#endif /* MBEDTLS_ECP_C */
diff --git a/thirdparty/mbedtls/library/ecp_curves.c b/thirdparty/mbedtls/library/ecp_curves.c
new file mode 100644
index 0000000000..df5ac3eea5
--- /dev/null
+++ b/thirdparty/mbedtls/library/ecp_curves.c
@@ -0,0 +1,1329 @@
+/*
+ *  Elliptic curves over GF(p): curve-specific data and functions
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+
+#include "mbedtls/ecp.h"
+
+#include <string.h>
+
+#if !defined(MBEDTLS_ECP_ALT)
+
+#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
+    !defined(inline) && !defined(__cplusplus)
+#define inline __inline
+#endif
+
+/*
+ * Conversion macros for embedded constants:
+ * build lists of mbedtls_mpi_uint's from lists of unsigned char's grouped by 8, 4 or 2
+ */
+#if defined(MBEDTLS_HAVE_INT32)
+
+#define BYTES_TO_T_UINT_4( a, b, c, d )             \
+    ( (mbedtls_mpi_uint) a <<  0 ) |                          \
+    ( (mbedtls_mpi_uint) b <<  8 ) |                          \
+    ( (mbedtls_mpi_uint) c << 16 ) |                          \
+    ( (mbedtls_mpi_uint) d << 24 )
+
+#define BYTES_TO_T_UINT_2( a, b )                   \
+    BYTES_TO_T_UINT_4( a, b, 0, 0 )
+
+#define BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \
+    BYTES_TO_T_UINT_4( a, b, c, d ),                \
+    BYTES_TO_T_UINT_4( e, f, g, h )
+
+#else /* 64-bits */
+
+#define BYTES_TO_T_UINT_8( a, b, c, d, e, f, g, h ) \
+    ( (mbedtls_mpi_uint) a <<  0 ) |                          \
+    ( (mbedtls_mpi_uint) b <<  8 ) |                          \
+    ( (mbedtls_mpi_uint) c << 16 ) |                          \
+    ( (mbedtls_mpi_uint) d << 24 ) |                          \
+    ( (mbedtls_mpi_uint) e << 32 ) |                          \
+    ( (mbedtls_mpi_uint) f << 40 ) |                          \
+    ( (mbedtls_mpi_uint) g << 48 ) |                          \
+    ( (mbedtls_mpi_uint) h << 56 )
+
+#define BYTES_TO_T_UINT_4( a, b, c, d )             \
+    BYTES_TO_T_UINT_8( a, b, c, d, 0, 0, 0, 0 )
+
+#define BYTES_TO_T_UINT_2( a, b )                   \
+    BYTES_TO_T_UINT_8( a, b, 0, 0, 0, 0, 0, 0 )
+
+#endif /* bits in mbedtls_mpi_uint */
+
+/*
+ * Note: the constants are in little-endian order
+ * to be directly usable in MPIs
+ */
+
+/*
+ * Domain parameters for secp192r1
+ */
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+static const mbedtls_mpi_uint secp192r1_p[] = {
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+};
+static const mbedtls_mpi_uint secp192r1_b[] = {
+    BYTES_TO_T_UINT_8( 0xB1, 0xB9, 0x46, 0xC1, 0xEC, 0xDE, 0xB8, 0xFE ),
+    BYTES_TO_T_UINT_8( 0x49, 0x30, 0x24, 0x72, 0xAB, 0xE9, 0xA7, 0x0F ),
+    BYTES_TO_T_UINT_8( 0xE7, 0x80, 0x9C, 0xE5, 0x19, 0x05, 0x21, 0x64 ),
+};
+static const mbedtls_mpi_uint secp192r1_gx[] = {
+    BYTES_TO_T_UINT_8( 0x12, 0x10, 0xFF, 0x82, 0xFD, 0x0A, 0xFF, 0xF4 ),
+    BYTES_TO_T_UINT_8( 0x00, 0x88, 0xA1, 0x43, 0xEB, 0x20, 0xBF, 0x7C ),
+    BYTES_TO_T_UINT_8( 0xF6, 0x90, 0x30, 0xB0, 0x0E, 0xA8, 0x8D, 0x18 ),
+};
+static const mbedtls_mpi_uint secp192r1_gy[] = {
+    BYTES_TO_T_UINT_8( 0x11, 0x48, 0x79, 0x1E, 0xA1, 0x77, 0xF9, 0x73 ),
+    BYTES_TO_T_UINT_8( 0xD5, 0xCD, 0x24, 0x6B, 0xED, 0x11, 0x10, 0x63 ),
+    BYTES_TO_T_UINT_8( 0x78, 0xDA, 0xC8, 0xFF, 0x95, 0x2B, 0x19, 0x07 ),
+};
+static const mbedtls_mpi_uint secp192r1_n[] = {
+    BYTES_TO_T_UINT_8( 0x31, 0x28, 0xD2, 0xB4, 0xB1, 0xC9, 0x6B, 0x14 ),
+    BYTES_TO_T_UINT_8( 0x36, 0xF8, 0xDE, 0x99, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+};
+#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
+
+/*
+ * Domain parameters for secp224r1
+ */
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+static const mbedtls_mpi_uint secp224r1_p[] = {
+    BYTES_TO_T_UINT_8( 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ),
+    BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ),
+};
+static const mbedtls_mpi_uint secp224r1_b[] = {
+    BYTES_TO_T_UINT_8( 0xB4, 0xFF, 0x55, 0x23, 0x43, 0x39, 0x0B, 0x27 ),
+    BYTES_TO_T_UINT_8( 0xBA, 0xD8, 0xBF, 0xD7, 0xB7, 0xB0, 0x44, 0x50 ),
+    BYTES_TO_T_UINT_8( 0x56, 0x32, 0x41, 0xF5, 0xAB, 0xB3, 0x04, 0x0C ),
+    BYTES_TO_T_UINT_4( 0x85, 0x0A, 0x05, 0xB4 ),
+};
+static const mbedtls_mpi_uint secp224r1_gx[] = {
+    BYTES_TO_T_UINT_8( 0x21, 0x1D, 0x5C, 0x11, 0xD6, 0x80, 0x32, 0x34 ),
+    BYTES_TO_T_UINT_8( 0x22, 0x11, 0xC2, 0x56, 0xD3, 0xC1, 0x03, 0x4A ),
+    BYTES_TO_T_UINT_8( 0xB9, 0x90, 0x13, 0x32, 0x7F, 0xBF, 0xB4, 0x6B ),
+    BYTES_TO_T_UINT_4( 0xBD, 0x0C, 0x0E, 0xB7 ),
+};
+static const mbedtls_mpi_uint secp224r1_gy[] = {
+    BYTES_TO_T_UINT_8( 0x34, 0x7E, 0x00, 0x85, 0x99, 0x81, 0xD5, 0x44 ),
+    BYTES_TO_T_UINT_8( 0x64, 0x47, 0x07, 0x5A, 0xA0, 0x75, 0x43, 0xCD ),
+    BYTES_TO_T_UINT_8( 0xE6, 0xDF, 0x22, 0x4C, 0xFB, 0x23, 0xF7, 0xB5 ),
+    BYTES_TO_T_UINT_4( 0x88, 0x63, 0x37, 0xBD ),
+};
+static const mbedtls_mpi_uint secp224r1_n[] = {
+    BYTES_TO_T_UINT_8( 0x3D, 0x2A, 0x5C, 0x5C, 0x45, 0x29, 0xDD, 0x13 ),
+    BYTES_TO_T_UINT_8( 0x3E, 0xF0, 0xB8, 0xE0, 0xA2, 0x16, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_4( 0xFF, 0xFF, 0xFF, 0xFF ),
+};
+#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
+
+/*
+ * Domain parameters for secp256r1
+ */
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+static const mbedtls_mpi_uint secp256r1_p[] = {
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ),
+    BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ),
+    BYTES_TO_T_UINT_8( 0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ),
+};
+static const mbedtls_mpi_uint secp256r1_b[] = {
+    BYTES_TO_T_UINT_8( 0x4B, 0x60, 0xD2, 0x27, 0x3E, 0x3C, 0xCE, 0x3B ),
+    BYTES_TO_T_UINT_8( 0xF6, 0xB0, 0x53, 0xCC, 0xB0, 0x06, 0x1D, 0x65 ),
+    BYTES_TO_T_UINT_8( 0xBC, 0x86, 0x98, 0x76, 0x55, 0xBD, 0xEB, 0xB3 ),
+    BYTES_TO_T_UINT_8( 0xE7, 0x93, 0x3A, 0xAA, 0xD8, 0x35, 0xC6, 0x5A ),
+};
+static const mbedtls_mpi_uint secp256r1_gx[] = {
+    BYTES_TO_T_UINT_8( 0x96, 0xC2, 0x98, 0xD8, 0x45, 0x39, 0xA1, 0xF4 ),
+    BYTES_TO_T_UINT_8( 0xA0, 0x33, 0xEB, 0x2D, 0x81, 0x7D, 0x03, 0x77 ),
+    BYTES_TO_T_UINT_8( 0xF2, 0x40, 0xA4, 0x63, 0xE5, 0xE6, 0xBC, 0xF8 ),
+    BYTES_TO_T_UINT_8( 0x47, 0x42, 0x2C, 0xE1, 0xF2, 0xD1, 0x17, 0x6B ),
+};
+static const mbedtls_mpi_uint secp256r1_gy[] = {
+    BYTES_TO_T_UINT_8( 0xF5, 0x51, 0xBF, 0x37, 0x68, 0x40, 0xB6, 0xCB ),
+    BYTES_TO_T_UINT_8( 0xCE, 0x5E, 0x31, 0x6B, 0x57, 0x33, 0xCE, 0x2B ),
+    BYTES_TO_T_UINT_8( 0x16, 0x9E, 0x0F, 0x7C, 0x4A, 0xEB, 0xE7, 0x8E ),
+    BYTES_TO_T_UINT_8( 0x9B, 0x7F, 0x1A, 0xFE, 0xE2, 0x42, 0xE3, 0x4F ),
+};
+static const mbedtls_mpi_uint secp256r1_n[] = {
+    BYTES_TO_T_UINT_8( 0x51, 0x25, 0x63, 0xFC, 0xC2, 0xCA, 0xB9, 0xF3 ),
+    BYTES_TO_T_UINT_8( 0x84, 0x9E, 0x17, 0xA7, 0xAD, 0xFA, 0xE6, 0xBC ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ),
+};
+#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+
+/*
+ * Domain parameters for secp384r1
+ */
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+static const mbedtls_mpi_uint secp384r1_p[] = {
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00 ),
+    BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+};
+static const mbedtls_mpi_uint secp384r1_b[] = {
+    BYTES_TO_T_UINT_8( 0xEF, 0x2A, 0xEC, 0xD3, 0xED, 0xC8, 0x85, 0x2A ),
+    BYTES_TO_T_UINT_8( 0x9D, 0xD1, 0x2E, 0x8A, 0x8D, 0x39, 0x56, 0xC6 ),
+    BYTES_TO_T_UINT_8( 0x5A, 0x87, 0x13, 0x50, 0x8F, 0x08, 0x14, 0x03 ),
+    BYTES_TO_T_UINT_8( 0x12, 0x41, 0x81, 0xFE, 0x6E, 0x9C, 0x1D, 0x18 ),
+    BYTES_TO_T_UINT_8( 0x19, 0x2D, 0xF8, 0xE3, 0x6B, 0x05, 0x8E, 0x98 ),
+    BYTES_TO_T_UINT_8( 0xE4, 0xE7, 0x3E, 0xE2, 0xA7, 0x2F, 0x31, 0xB3 ),
+};
+static const mbedtls_mpi_uint secp384r1_gx[] = {
+    BYTES_TO_T_UINT_8( 0xB7, 0x0A, 0x76, 0x72, 0x38, 0x5E, 0x54, 0x3A ),
+    BYTES_TO_T_UINT_8( 0x6C, 0x29, 0x55, 0xBF, 0x5D, 0xF2, 0x02, 0x55 ),
+    BYTES_TO_T_UINT_8( 0x38, 0x2A, 0x54, 0x82, 0xE0, 0x41, 0xF7, 0x59 ),
+    BYTES_TO_T_UINT_8( 0x98, 0x9B, 0xA7, 0x8B, 0x62, 0x3B, 0x1D, 0x6E ),
+    BYTES_TO_T_UINT_8( 0x74, 0xAD, 0x20, 0xF3, 0x1E, 0xC7, 0xB1, 0x8E ),
+    BYTES_TO_T_UINT_8( 0x37, 0x05, 0x8B, 0xBE, 0x22, 0xCA, 0x87, 0xAA ),
+};
+static const mbedtls_mpi_uint secp384r1_gy[] = {
+    BYTES_TO_T_UINT_8( 0x5F, 0x0E, 0xEA, 0x90, 0x7C, 0x1D, 0x43, 0x7A ),
+    BYTES_TO_T_UINT_8( 0x9D, 0x81, 0x7E, 0x1D, 0xCE, 0xB1, 0x60, 0x0A ),
+    BYTES_TO_T_UINT_8( 0xC0, 0xB8, 0xF0, 0xB5, 0x13, 0x31, 0xDA, 0xE9 ),
+    BYTES_TO_T_UINT_8( 0x7C, 0x14, 0x9A, 0x28, 0xBD, 0x1D, 0xF4, 0xF8 ),
+    BYTES_TO_T_UINT_8( 0x29, 0xDC, 0x92, 0x92, 0xBF, 0x98, 0x9E, 0x5D ),
+    BYTES_TO_T_UINT_8( 0x6F, 0x2C, 0x26, 0x96, 0x4A, 0xDE, 0x17, 0x36 ),
+};
+static const mbedtls_mpi_uint secp384r1_n[] = {
+    BYTES_TO_T_UINT_8( 0x73, 0x29, 0xC5, 0xCC, 0x6A, 0x19, 0xEC, 0xEC ),
+    BYTES_TO_T_UINT_8( 0x7A, 0xA7, 0xB0, 0x48, 0xB2, 0x0D, 0x1A, 0x58 ),
+    BYTES_TO_T_UINT_8( 0xDF, 0x2D, 0x37, 0xF4, 0x81, 0x4D, 0x63, 0xC7 ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+};
+#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
+
+/*
+ * Domain parameters for secp521r1
+ */
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+static const mbedtls_mpi_uint secp521r1_p[] = {
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_2( 0xFF, 0x01 ),
+};
+static const mbedtls_mpi_uint secp521r1_b[] = {
+    BYTES_TO_T_UINT_8( 0x00, 0x3F, 0x50, 0x6B, 0xD4, 0x1F, 0x45, 0xEF ),
+    BYTES_TO_T_UINT_8( 0xF1, 0x34, 0x2C, 0x3D, 0x88, 0xDF, 0x73, 0x35 ),
+    BYTES_TO_T_UINT_8( 0x07, 0xBF, 0xB1, 0x3B, 0xBD, 0xC0, 0x52, 0x16 ),
+    BYTES_TO_T_UINT_8( 0x7B, 0x93, 0x7E, 0xEC, 0x51, 0x39, 0x19, 0x56 ),
+    BYTES_TO_T_UINT_8( 0xE1, 0x09, 0xF1, 0x8E, 0x91, 0x89, 0xB4, 0xB8 ),
+    BYTES_TO_T_UINT_8( 0xF3, 0x15, 0xB3, 0x99, 0x5B, 0x72, 0xDA, 0xA2 ),
+    BYTES_TO_T_UINT_8( 0xEE, 0x40, 0x85, 0xB6, 0xA0, 0x21, 0x9A, 0x92 ),
+    BYTES_TO_T_UINT_8( 0x1F, 0x9A, 0x1C, 0x8E, 0x61, 0xB9, 0x3E, 0x95 ),
+    BYTES_TO_T_UINT_2( 0x51, 0x00 ),
+};
+static const mbedtls_mpi_uint secp521r1_gx[] = {
+    BYTES_TO_T_UINT_8( 0x66, 0xBD, 0xE5, 0xC2, 0x31, 0x7E, 0x7E, 0xF9 ),
+    BYTES_TO_T_UINT_8( 0x9B, 0x42, 0x6A, 0x85, 0xC1, 0xB3, 0x48, 0x33 ),
+    BYTES_TO_T_UINT_8( 0xDE, 0xA8, 0xFF, 0xA2, 0x27, 0xC1, 0x1D, 0xFE ),
+    BYTES_TO_T_UINT_8( 0x28, 0x59, 0xE7, 0xEF, 0x77, 0x5E, 0x4B, 0xA1 ),
+    BYTES_TO_T_UINT_8( 0xBA, 0x3D, 0x4D, 0x6B, 0x60, 0xAF, 0x28, 0xF8 ),
+    BYTES_TO_T_UINT_8( 0x21, 0xB5, 0x3F, 0x05, 0x39, 0x81, 0x64, 0x9C ),
+    BYTES_TO_T_UINT_8( 0x42, 0xB4, 0x95, 0x23, 0x66, 0xCB, 0x3E, 0x9E ),
+    BYTES_TO_T_UINT_8( 0xCD, 0xE9, 0x04, 0x04, 0xB7, 0x06, 0x8E, 0x85 ),
+    BYTES_TO_T_UINT_2( 0xC6, 0x00 ),
+};
+static const mbedtls_mpi_uint secp521r1_gy[] = {
+    BYTES_TO_T_UINT_8( 0x50, 0x66, 0xD1, 0x9F, 0x76, 0x94, 0xBE, 0x88 ),
+    BYTES_TO_T_UINT_8( 0x40, 0xC2, 0x72, 0xA2, 0x86, 0x70, 0x3C, 0x35 ),
+    BYTES_TO_T_UINT_8( 0x61, 0x07, 0xAD, 0x3F, 0x01, 0xB9, 0x50, 0xC5 ),
+    BYTES_TO_T_UINT_8( 0x40, 0x26, 0xF4, 0x5E, 0x99, 0x72, 0xEE, 0x97 ),
+    BYTES_TO_T_UINT_8( 0x2C, 0x66, 0x3E, 0x27, 0x17, 0xBD, 0xAF, 0x17 ),
+    BYTES_TO_T_UINT_8( 0x68, 0x44, 0x9B, 0x57, 0x49, 0x44, 0xF5, 0x98 ),
+    BYTES_TO_T_UINT_8( 0xD9, 0x1B, 0x7D, 0x2C, 0xB4, 0x5F, 0x8A, 0x5C ),
+    BYTES_TO_T_UINT_8( 0x04, 0xC0, 0x3B, 0x9A, 0x78, 0x6A, 0x29, 0x39 ),
+    BYTES_TO_T_UINT_2( 0x18, 0x01 ),
+};
+static const mbedtls_mpi_uint secp521r1_n[] = {
+    BYTES_TO_T_UINT_8( 0x09, 0x64, 0x38, 0x91, 0x1E, 0xB7, 0x6F, 0xBB ),
+    BYTES_TO_T_UINT_8( 0xAE, 0x47, 0x9C, 0x89, 0xB8, 0xC9, 0xB5, 0x3B ),
+    BYTES_TO_T_UINT_8( 0xD0, 0xA5, 0x09, 0xF7, 0x48, 0x01, 0xCC, 0x7F ),
+    BYTES_TO_T_UINT_8( 0x6B, 0x96, 0x2F, 0xBF, 0x83, 0x87, 0x86, 0x51 ),
+    BYTES_TO_T_UINT_8( 0xFA, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_2( 0xFF, 0x01 ),
+};
+#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+static const mbedtls_mpi_uint secp192k1_p[] = {
+    BYTES_TO_T_UINT_8( 0x37, 0xEE, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+};
+static const mbedtls_mpi_uint secp192k1_a[] = {
+    BYTES_TO_T_UINT_2( 0x00, 0x00 ),
+};
+static const mbedtls_mpi_uint secp192k1_b[] = {
+    BYTES_TO_T_UINT_2( 0x03, 0x00 ),
+};
+static const mbedtls_mpi_uint secp192k1_gx[] = {
+    BYTES_TO_T_UINT_8( 0x7D, 0x6C, 0xE0, 0xEA, 0xB1, 0xD1, 0xA5, 0x1D ),
+    BYTES_TO_T_UINT_8( 0x34, 0xF4, 0xB7, 0x80, 0x02, 0x7D, 0xB0, 0x26 ),
+    BYTES_TO_T_UINT_8( 0xAE, 0xE9, 0x57, 0xC0, 0x0E, 0xF1, 0x4F, 0xDB ),
+};
+static const mbedtls_mpi_uint secp192k1_gy[] = {
+    BYTES_TO_T_UINT_8( 0x9D, 0x2F, 0x5E, 0xD9, 0x88, 0xAA, 0x82, 0x40 ),
+    BYTES_TO_T_UINT_8( 0x34, 0x86, 0xBE, 0x15, 0xD0, 0x63, 0x41, 0x84 ),
+    BYTES_TO_T_UINT_8( 0xA7, 0x28, 0x56, 0x9C, 0x6D, 0x2F, 0x2F, 0x9B ),
+};
+static const mbedtls_mpi_uint secp192k1_n[] = {
+    BYTES_TO_T_UINT_8( 0x8D, 0xFD, 0xDE, 0x74, 0x6A, 0x46, 0x69, 0x0F ),
+    BYTES_TO_T_UINT_8( 0x17, 0xFC, 0xF2, 0x26, 0xFE, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+};
+#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+static const mbedtls_mpi_uint secp224k1_p[] = {
+    BYTES_TO_T_UINT_8( 0x6D, 0xE5, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_4( 0xFF, 0xFF, 0xFF, 0xFF ),
+};
+static const mbedtls_mpi_uint secp224k1_a[] = {
+    BYTES_TO_T_UINT_2( 0x00, 0x00 ),
+};
+static const mbedtls_mpi_uint secp224k1_b[] = {
+    BYTES_TO_T_UINT_2( 0x05, 0x00 ),
+};
+static const mbedtls_mpi_uint secp224k1_gx[] = {
+    BYTES_TO_T_UINT_8( 0x5C, 0xA4, 0xB7, 0xB6, 0x0E, 0x65, 0x7E, 0x0F ),
+    BYTES_TO_T_UINT_8( 0xA9, 0x75, 0x70, 0xE4, 0xE9, 0x67, 0xA4, 0x69 ),
+    BYTES_TO_T_UINT_8( 0xA1, 0x28, 0xFC, 0x30, 0xDF, 0x99, 0xF0, 0x4D ),
+    BYTES_TO_T_UINT_4( 0x33, 0x5B, 0x45, 0xA1 ),
+};
+static const mbedtls_mpi_uint secp224k1_gy[] = {
+    BYTES_TO_T_UINT_8( 0xA5, 0x61, 0x6D, 0x55, 0xDB, 0x4B, 0xCA, 0xE2 ),
+    BYTES_TO_T_UINT_8( 0x59, 0xBD, 0xB0, 0xC0, 0xF7, 0x19, 0xE3, 0xF7 ),
+    BYTES_TO_T_UINT_8( 0xD6, 0xFB, 0xCA, 0x82, 0x42, 0x34, 0xBA, 0x7F ),
+    BYTES_TO_T_UINT_4( 0xED, 0x9F, 0x08, 0x7E ),
+};
+static const mbedtls_mpi_uint secp224k1_n[] = {
+    BYTES_TO_T_UINT_8( 0xF7, 0xB1, 0x9F, 0x76, 0x71, 0xA9, 0xF0, 0xCA ),
+    BYTES_TO_T_UINT_8( 0x84, 0x61, 0xEC, 0xD2, 0xE8, 0xDC, 0x01, 0x00 ),
+    BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ),
+    BYTES_TO_T_UINT_8( 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ),
+};
+#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+static const mbedtls_mpi_uint secp256k1_p[] = {
+    BYTES_TO_T_UINT_8( 0x2F, 0xFC, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+};
+static const mbedtls_mpi_uint secp256k1_a[] = {
+    BYTES_TO_T_UINT_2( 0x00, 0x00 ),
+};
+static const mbedtls_mpi_uint secp256k1_b[] = {
+    BYTES_TO_T_UINT_2( 0x07, 0x00 ),
+};
+static const mbedtls_mpi_uint secp256k1_gx[] = {
+    BYTES_TO_T_UINT_8( 0x98, 0x17, 0xF8, 0x16, 0x5B, 0x81, 0xF2, 0x59 ),
+    BYTES_TO_T_UINT_8( 0xD9, 0x28, 0xCE, 0x2D, 0xDB, 0xFC, 0x9B, 0x02 ),
+    BYTES_TO_T_UINT_8( 0x07, 0x0B, 0x87, 0xCE, 0x95, 0x62, 0xA0, 0x55 ),
+    BYTES_TO_T_UINT_8( 0xAC, 0xBB, 0xDC, 0xF9, 0x7E, 0x66, 0xBE, 0x79 ),
+};
+static const mbedtls_mpi_uint secp256k1_gy[] = {
+    BYTES_TO_T_UINT_8( 0xB8, 0xD4, 0x10, 0xFB, 0x8F, 0xD0, 0x47, 0x9C ),
+    BYTES_TO_T_UINT_8( 0x19, 0x54, 0x85, 0xA6, 0x48, 0xB4, 0x17, 0xFD ),
+    BYTES_TO_T_UINT_8( 0xA8, 0x08, 0x11, 0x0E, 0xFC, 0xFB, 0xA4, 0x5D ),
+    BYTES_TO_T_UINT_8( 0x65, 0xC4, 0xA3, 0x26, 0x77, 0xDA, 0x3A, 0x48 ),
+};
+static const mbedtls_mpi_uint secp256k1_n[] = {
+    BYTES_TO_T_UINT_8( 0x41, 0x41, 0x36, 0xD0, 0x8C, 0x5E, 0xD2, 0xBF ),
+    BYTES_TO_T_UINT_8( 0x3B, 0xA0, 0x48, 0xAF, 0xE6, 0xDC, 0xAE, 0xBA ),
+    BYTES_TO_T_UINT_8( 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+    BYTES_TO_T_UINT_8( 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF ),
+};
+#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
+
+/*
+ * Domain parameters for brainpoolP256r1 (RFC 5639 3.4)
+ */
+#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+static const mbedtls_mpi_uint brainpoolP256r1_p[] = {
+    BYTES_TO_T_UINT_8( 0x77, 0x53, 0x6E, 0x1F, 0x1D, 0x48, 0x13, 0x20 ),
+    BYTES_TO_T_UINT_8( 0x28, 0x20, 0x26, 0xD5, 0x23, 0xF6, 0x3B, 0x6E ),
+    BYTES_TO_T_UINT_8( 0x72, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E ),
+    BYTES_TO_T_UINT_8( 0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9 ),
+};
+static const mbedtls_mpi_uint brainpoolP256r1_a[] = {
+    BYTES_TO_T_UINT_8( 0xD9, 0xB5, 0x30, 0xF3, 0x44, 0x4B, 0x4A, 0xE9 ),
+    BYTES_TO_T_UINT_8( 0x6C, 0x5C, 0xDC, 0x26, 0xC1, 0x55, 0x80, 0xFB ),
+    BYTES_TO_T_UINT_8( 0xE7, 0xFF, 0x7A, 0x41, 0x30, 0x75, 0xF6, 0xEE ),
+    BYTES_TO_T_UINT_8( 0x57, 0x30, 0x2C, 0xFC, 0x75, 0x09, 0x5A, 0x7D ),
+};
+static const mbedtls_mpi_uint brainpoolP256r1_b[] = {
+    BYTES_TO_T_UINT_8( 0xB6, 0x07, 0x8C, 0xFF, 0x18, 0xDC, 0xCC, 0x6B ),
+    BYTES_TO_T_UINT_8( 0xCE, 0xE1, 0xF7, 0x5C, 0x29, 0x16, 0x84, 0x95 ),
+    BYTES_TO_T_UINT_8( 0xBF, 0x7C, 0xD7, 0xBB, 0xD9, 0xB5, 0x30, 0xF3 ),
+    BYTES_TO_T_UINT_8( 0x44, 0x4B, 0x4A, 0xE9, 0x6C, 0x5C, 0xDC, 0x26 ),
+};
+static const mbedtls_mpi_uint brainpoolP256r1_gx[] = {
+    BYTES_TO_T_UINT_8( 0x62, 0x32, 0xCE, 0x9A, 0xBD, 0x53, 0x44, 0x3A ),
+    BYTES_TO_T_UINT_8( 0xC2, 0x23, 0xBD, 0xE3, 0xE1, 0x27, 0xDE, 0xB9 ),
+    BYTES_TO_T_UINT_8( 0xAF, 0xB7, 0x81, 0xFC, 0x2F, 0x48, 0x4B, 0x2C ),
+    BYTES_TO_T_UINT_8( 0xCB, 0x57, 0x7E, 0xCB, 0xB9, 0xAE, 0xD2, 0x8B ),
+};
+static const mbedtls_mpi_uint brainpoolP256r1_gy[] = {
+    BYTES_TO_T_UINT_8( 0x97, 0x69, 0x04, 0x2F, 0xC7, 0x54, 0x1D, 0x5C ),
+    BYTES_TO_T_UINT_8( 0x54, 0x8E, 0xED, 0x2D, 0x13, 0x45, 0x77, 0xC2 ),
+    BYTES_TO_T_UINT_8( 0xC9, 0x1D, 0x61, 0x14, 0x1A, 0x46, 0xF8, 0x97 ),
+    BYTES_TO_T_UINT_8( 0xFD, 0xC4, 0xDA, 0xC3, 0x35, 0xF8, 0x7E, 0x54 ),
+};
+static const mbedtls_mpi_uint brainpoolP256r1_n[] = {
+    BYTES_TO_T_UINT_8( 0xA7, 0x56, 0x48, 0x97, 0x82, 0x0E, 0x1E, 0x90 ),
+    BYTES_TO_T_UINT_8( 0xF7, 0xA6, 0x61, 0xB5, 0xA3, 0x7A, 0x39, 0x8C ),
+    BYTES_TO_T_UINT_8( 0x71, 0x8D, 0x83, 0x9D, 0x90, 0x0A, 0x66, 0x3E ),
+    BYTES_TO_T_UINT_8( 0xBC, 0xA9, 0xEE, 0xA1, 0xDB, 0x57, 0xFB, 0xA9 ),
+};
+#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
+
+/*
+ * Domain parameters for brainpoolP384r1 (RFC 5639 3.6)
+ */
+#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+static const mbedtls_mpi_uint brainpoolP384r1_p[] = {
+    BYTES_TO_T_UINT_8( 0x53, 0xEC, 0x07, 0x31, 0x13, 0x00, 0x47, 0x87 ),
+    BYTES_TO_T_UINT_8( 0x71, 0x1A, 0x1D, 0x90, 0x29, 0xA7, 0xD3, 0xAC ),
+    BYTES_TO_T_UINT_8( 0x23, 0x11, 0xB7, 0x7F, 0x19, 0xDA, 0xB1, 0x12 ),
+    BYTES_TO_T_UINT_8( 0xB4, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15 ),
+    BYTES_TO_T_UINT_8( 0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F ),
+    BYTES_TO_T_UINT_8( 0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C ),
+};
+static const mbedtls_mpi_uint brainpoolP384r1_a[] = {
+    BYTES_TO_T_UINT_8( 0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04 ),
+    BYTES_TO_T_UINT_8( 0xEB, 0xD4, 0x3A, 0x50, 0x4A, 0x81, 0xA5, 0x8A ),
+    BYTES_TO_T_UINT_8( 0x0F, 0xF9, 0x91, 0xBA, 0xEF, 0x65, 0x91, 0x13 ),
+    BYTES_TO_T_UINT_8( 0x87, 0x27, 0xB2, 0x4F, 0x8E, 0xA2, 0xBE, 0xC2 ),
+    BYTES_TO_T_UINT_8( 0xA0, 0xAF, 0x05, 0xCE, 0x0A, 0x08, 0x72, 0x3C ),
+    BYTES_TO_T_UINT_8( 0x0C, 0x15, 0x8C, 0x3D, 0xC6, 0x82, 0xC3, 0x7B ),
+};
+static const mbedtls_mpi_uint brainpoolP384r1_b[] = {
+    BYTES_TO_T_UINT_8( 0x11, 0x4C, 0x50, 0xFA, 0x96, 0x86, 0xB7, 0x3A ),
+    BYTES_TO_T_UINT_8( 0x94, 0xC9, 0xDB, 0x95, 0x02, 0x39, 0xB4, 0x7C ),
+    BYTES_TO_T_UINT_8( 0xD5, 0x62, 0xEB, 0x3E, 0xA5, 0x0E, 0x88, 0x2E ),
+    BYTES_TO_T_UINT_8( 0xA6, 0xD2, 0xDC, 0x07, 0xE1, 0x7D, 0xB7, 0x2F ),
+    BYTES_TO_T_UINT_8( 0x7C, 0x44, 0xF0, 0x16, 0x54, 0xB5, 0x39, 0x8B ),
+    BYTES_TO_T_UINT_8( 0x26, 0x28, 0xCE, 0x22, 0xDD, 0xC7, 0xA8, 0x04 ),
+};
+static const mbedtls_mpi_uint brainpoolP384r1_gx[] = {
+    BYTES_TO_T_UINT_8( 0x1E, 0xAF, 0xD4, 0x47, 0xE2, 0xB2, 0x87, 0xEF ),
+    BYTES_TO_T_UINT_8( 0xAA, 0x46, 0xD6, 0x36, 0x34, 0xE0, 0x26, 0xE8 ),
+    BYTES_TO_T_UINT_8( 0xE8, 0x10, 0xBD, 0x0C, 0xFE, 0xCA, 0x7F, 0xDB ),
+    BYTES_TO_T_UINT_8( 0xE3, 0x4F, 0xF1, 0x7E, 0xE7, 0xA3, 0x47, 0x88 ),
+    BYTES_TO_T_UINT_8( 0x6B, 0x3F, 0xC1, 0xB7, 0x81, 0x3A, 0xA6, 0xA2 ),
+    BYTES_TO_T_UINT_8( 0xFF, 0x45, 0xCF, 0x68, 0xF0, 0x64, 0x1C, 0x1D ),
+};
+static const mbedtls_mpi_uint brainpoolP384r1_gy[] = {
+    BYTES_TO_T_UINT_8( 0x15, 0x53, 0x3C, 0x26, 0x41, 0x03, 0x82, 0x42 ),
+    BYTES_TO_T_UINT_8( 0x11, 0x81, 0x91, 0x77, 0x21, 0x46, 0x46, 0x0E ),
+    BYTES_TO_T_UINT_8( 0x28, 0x29, 0x91, 0xF9, 0x4F, 0x05, 0x9C, 0xE1 ),
+    BYTES_TO_T_UINT_8( 0x64, 0x58, 0xEC, 0xFE, 0x29, 0x0B, 0xB7, 0x62 ),
+    BYTES_TO_T_UINT_8( 0x52, 0xD5, 0xCF, 0x95, 0x8E, 0xEB, 0xB1, 0x5C ),
+    BYTES_TO_T_UINT_8( 0xA4, 0xC2, 0xF9, 0x20, 0x75, 0x1D, 0xBE, 0x8A ),
+};
+static const mbedtls_mpi_uint brainpoolP384r1_n[] = {
+    BYTES_TO_T_UINT_8( 0x65, 0x65, 0x04, 0xE9, 0x02, 0x32, 0x88, 0x3B ),
+    BYTES_TO_T_UINT_8( 0x10, 0xC3, 0x7F, 0x6B, 0xAF, 0xB6, 0x3A, 0xCF ),
+    BYTES_TO_T_UINT_8( 0xA7, 0x25, 0x04, 0xAC, 0x6C, 0x6E, 0x16, 0x1F ),
+    BYTES_TO_T_UINT_8( 0xB3, 0x56, 0x54, 0xED, 0x09, 0x71, 0x2F, 0x15 ),
+    BYTES_TO_T_UINT_8( 0xDF, 0x41, 0xE6, 0x50, 0x7E, 0x6F, 0x5D, 0x0F ),
+    BYTES_TO_T_UINT_8( 0x28, 0x6D, 0x38, 0xA3, 0x82, 0x1E, 0xB9, 0x8C ),
+};
+#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
+
+/*
+ * Domain parameters for brainpoolP512r1 (RFC 5639 3.7)
+ */
+#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+static const mbedtls_mpi_uint brainpoolP512r1_p[] = {
+    BYTES_TO_T_UINT_8( 0xF3, 0x48, 0x3A, 0x58, 0x56, 0x60, 0xAA, 0x28 ),
+    BYTES_TO_T_UINT_8( 0x85, 0xC6, 0x82, 0x2D, 0x2F, 0xFF, 0x81, 0x28 ),
+    BYTES_TO_T_UINT_8( 0xE6, 0x80, 0xA3, 0xE6, 0x2A, 0xA1, 0xCD, 0xAE ),
+    BYTES_TO_T_UINT_8( 0x42, 0x68, 0xC6, 0x9B, 0x00, 0x9B, 0x4D, 0x7D ),
+    BYTES_TO_T_UINT_8( 0x71, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6 ),
+    BYTES_TO_T_UINT_8( 0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB ),
+    BYTES_TO_T_UINT_8( 0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F ),
+    BYTES_TO_T_UINT_8( 0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA ),
+};
+static const mbedtls_mpi_uint brainpoolP512r1_a[] = {
+    BYTES_TO_T_UINT_8( 0xCA, 0x94, 0xFC, 0x77, 0x4D, 0xAC, 0xC1, 0xE7 ),
+    BYTES_TO_T_UINT_8( 0xB9, 0xC7, 0xF2, 0x2B, 0xA7, 0x17, 0x11, 0x7F ),
+    BYTES_TO_T_UINT_8( 0xB5, 0xC8, 0x9A, 0x8B, 0xC9, 0xF1, 0x2E, 0x0A ),
+    BYTES_TO_T_UINT_8( 0xA1, 0x3A, 0x25, 0xA8, 0x5A, 0x5D, 0xED, 0x2D ),
+    BYTES_TO_T_UINT_8( 0xBC, 0x63, 0x98, 0xEA, 0xCA, 0x41, 0x34, 0xA8 ),
+    BYTES_TO_T_UINT_8( 0x10, 0x16, 0xF9, 0x3D, 0x8D, 0xDD, 0xCB, 0x94 ),
+    BYTES_TO_T_UINT_8( 0xC5, 0x4C, 0x23, 0xAC, 0x45, 0x71, 0x32, 0xE2 ),
+    BYTES_TO_T_UINT_8( 0x89, 0x3B, 0x60, 0x8B, 0x31, 0xA3, 0x30, 0x78 ),
+};
+static const mbedtls_mpi_uint brainpoolP512r1_b[] = {
+    BYTES_TO_T_UINT_8( 0x23, 0xF7, 0x16, 0x80, 0x63, 0xBD, 0x09, 0x28 ),
+    BYTES_TO_T_UINT_8( 0xDD, 0xE5, 0xBA, 0x5E, 0xB7, 0x50, 0x40, 0x98 ),
+    BYTES_TO_T_UINT_8( 0x67, 0x3E, 0x08, 0xDC, 0xCA, 0x94, 0xFC, 0x77 ),
+    BYTES_TO_T_UINT_8( 0x4D, 0xAC, 0xC1, 0xE7, 0xB9, 0xC7, 0xF2, 0x2B ),
+    BYTES_TO_T_UINT_8( 0xA7, 0x17, 0x11, 0x7F, 0xB5, 0xC8, 0x9A, 0x8B ),
+    BYTES_TO_T_UINT_8( 0xC9, 0xF1, 0x2E, 0x0A, 0xA1, 0x3A, 0x25, 0xA8 ),
+    BYTES_TO_T_UINT_8( 0x5A, 0x5D, 0xED, 0x2D, 0xBC, 0x63, 0x98, 0xEA ),
+    BYTES_TO_T_UINT_8( 0xCA, 0x41, 0x34, 0xA8, 0x10, 0x16, 0xF9, 0x3D ),
+};
+static const mbedtls_mpi_uint brainpoolP512r1_gx[] = {
+    BYTES_TO_T_UINT_8( 0x22, 0xF8, 0xB9, 0xBC, 0x09, 0x22, 0x35, 0x8B ),
+    BYTES_TO_T_UINT_8( 0x68, 0x5E, 0x6A, 0x40, 0x47, 0x50, 0x6D, 0x7C ),
+    BYTES_TO_T_UINT_8( 0x5F, 0x7D, 0xB9, 0x93, 0x7B, 0x68, 0xD1, 0x50 ),
+    BYTES_TO_T_UINT_8( 0x8D, 0xD4, 0xD0, 0xE2, 0x78, 0x1F, 0x3B, 0xFF ),
+    BYTES_TO_T_UINT_8( 0x8E, 0x09, 0xD0, 0xF4, 0xEE, 0x62, 0x3B, 0xB4 ),
+    BYTES_TO_T_UINT_8( 0xC1, 0x16, 0xD9, 0xB5, 0x70, 0x9F, 0xED, 0x85 ),
+    BYTES_TO_T_UINT_8( 0x93, 0x6A, 0x4C, 0x9C, 0x2E, 0x32, 0x21, 0x5A ),
+    BYTES_TO_T_UINT_8( 0x64, 0xD9, 0x2E, 0xD8, 0xBD, 0xE4, 0xAE, 0x81 ),
+};
+static const mbedtls_mpi_uint brainpoolP512r1_gy[] = {
+    BYTES_TO_T_UINT_8( 0x92, 0x08, 0xD8, 0x3A, 0x0F, 0x1E, 0xCD, 0x78 ),
+    BYTES_TO_T_UINT_8( 0x06, 0x54, 0xF0, 0xA8, 0x2F, 0x2B, 0xCA, 0xD1 ),
+    BYTES_TO_T_UINT_8( 0xAE, 0x63, 0x27, 0x8A, 0xD8, 0x4B, 0xCA, 0x5B ),
+    BYTES_TO_T_UINT_8( 0x5E, 0x48, 0x5F, 0x4A, 0x49, 0xDE, 0xDC, 0xB2 ),
+    BYTES_TO_T_UINT_8( 0x11, 0x81, 0x1F, 0x88, 0x5B, 0xC5, 0x00, 0xA0 ),
+    BYTES_TO_T_UINT_8( 0x1A, 0x7B, 0xA5, 0x24, 0x00, 0xF7, 0x09, 0xF2 ),
+    BYTES_TO_T_UINT_8( 0xFD, 0x22, 0x78, 0xCF, 0xA9, 0xBF, 0xEA, 0xC0 ),
+    BYTES_TO_T_UINT_8( 0xEC, 0x32, 0x63, 0x56, 0x5D, 0x38, 0xDE, 0x7D ),
+};
+static const mbedtls_mpi_uint brainpoolP512r1_n[] = {
+    BYTES_TO_T_UINT_8( 0x69, 0x00, 0xA9, 0x9C, 0x82, 0x96, 0x87, 0xB5 ),
+    BYTES_TO_T_UINT_8( 0xDD, 0xDA, 0x5D, 0x08, 0x81, 0xD3, 0xB1, 0x1D ),
+    BYTES_TO_T_UINT_8( 0x47, 0x10, 0xAC, 0x7F, 0x19, 0x61, 0x86, 0x41 ),
+    BYTES_TO_T_UINT_8( 0x19, 0x26, 0xA9, 0x4C, 0x41, 0x5C, 0x3E, 0x55 ),
+    BYTES_TO_T_UINT_8( 0x70, 0x08, 0x33, 0x70, 0xCA, 0x9C, 0x63, 0xD6 ),
+    BYTES_TO_T_UINT_8( 0x0E, 0xD2, 0xC9, 0xB3, 0xB3, 0x8D, 0x30, 0xCB ),
+    BYTES_TO_T_UINT_8( 0x07, 0xFC, 0xC9, 0x33, 0xAE, 0xE6, 0xD4, 0x3F ),
+    BYTES_TO_T_UINT_8( 0x8B, 0xC4, 0xE9, 0xDB, 0xB8, 0x9D, 0xDD, 0xAA ),
+};
+#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
+
+/*
+ * Create an MPI from embedded constants
+ * (assumes len is an exact multiple of sizeof mbedtls_mpi_uint)
+ */
+static inline void ecp_mpi_load( mbedtls_mpi *X, const mbedtls_mpi_uint *p, size_t len )
+{
+    X->s = 1;
+    X->n = len / sizeof( mbedtls_mpi_uint );
+    X->p = (mbedtls_mpi_uint *) p;
+}
+
+/*
+ * Set an MPI to static value 1
+ */
+static inline void ecp_mpi_set1( mbedtls_mpi *X )
+{
+    static mbedtls_mpi_uint one[] = { 1 };
+    X->s = 1;
+    X->n = 1;
+    X->p = one;
+}
+
+/*
+ * Make group available from embedded constants
+ */
+static int ecp_group_load( mbedtls_ecp_group *grp,
+                           const mbedtls_mpi_uint *p,  size_t plen,
+                           const mbedtls_mpi_uint *a,  size_t alen,
+                           const mbedtls_mpi_uint *b,  size_t blen,
+                           const mbedtls_mpi_uint *gx, size_t gxlen,
+                           const mbedtls_mpi_uint *gy, size_t gylen,
+                           const mbedtls_mpi_uint *n,  size_t nlen)
+{
+    ecp_mpi_load( &grp->P, p, plen );
+    if( a != NULL )
+        ecp_mpi_load( &grp->A, a, alen );
+    ecp_mpi_load( &grp->B, b, blen );
+    ecp_mpi_load( &grp->N, n, nlen );
+
+    ecp_mpi_load( &grp->G.X, gx, gxlen );
+    ecp_mpi_load( &grp->G.Y, gy, gylen );
+    ecp_mpi_set1( &grp->G.Z );
+
+    grp->pbits = mbedtls_mpi_bitlen( &grp->P );
+    grp->nbits = mbedtls_mpi_bitlen( &grp->N );
+
+    grp->h = 1;
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_ECP_NIST_OPTIM)
+/* Forward declarations */
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+static int ecp_mod_p192( mbedtls_mpi * );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+static int ecp_mod_p224( mbedtls_mpi * );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+static int ecp_mod_p256( mbedtls_mpi * );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+static int ecp_mod_p384( mbedtls_mpi * );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+static int ecp_mod_p521( mbedtls_mpi * );
+#endif
+
+#define NIST_MODP( P )      grp->modp = ecp_mod_ ## P;
+#else
+#define NIST_MODP( P )
+#endif /* MBEDTLS_ECP_NIST_OPTIM */
+
+/* Additional forward declarations */
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+static int ecp_mod_p255( mbedtls_mpi * );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+static int ecp_mod_p192k1( mbedtls_mpi * );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+static int ecp_mod_p224k1( mbedtls_mpi * );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+static int ecp_mod_p256k1( mbedtls_mpi * );
+#endif
+
+#define LOAD_GROUP_A( G )   ecp_group_load( grp,            \
+                            G ## _p,  sizeof( G ## _p  ),   \
+                            G ## _a,  sizeof( G ## _a  ),   \
+                            G ## _b,  sizeof( G ## _b  ),   \
+                            G ## _gx, sizeof( G ## _gx ),   \
+                            G ## _gy, sizeof( G ## _gy ),   \
+                            G ## _n,  sizeof( G ## _n  ) )
+
+#define LOAD_GROUP( G )     ecp_group_load( grp,            \
+                            G ## _p,  sizeof( G ## _p  ),   \
+                            NULL,     0,                    \
+                            G ## _b,  sizeof( G ## _b  ),   \
+                            G ## _gx, sizeof( G ## _gx ),   \
+                            G ## _gy, sizeof( G ## _gy ),   \
+                            G ## _n,  sizeof( G ## _n  ) )
+
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+/*
+ * Specialized function for creating the Curve25519 group
+ */
+static int ecp_use_curve25519( mbedtls_ecp_group *grp )
+{
+    int ret;
+
+    /* Actually ( A + 2 ) / 4 */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &grp->A, 16, "01DB42" ) );
+
+    /* P = 2^255 - 19 */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->P, 1 ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &grp->P, 255 ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &grp->P, &grp->P, 19 ) );
+    grp->pbits = mbedtls_mpi_bitlen( &grp->P );
+
+    /* Y intentionaly not set, since we use x/z coordinates.
+     * This is used as a marker to identify Montgomery curves! */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->G.X, 9 ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &grp->G.Z, 1 ) );
+    mbedtls_mpi_free( &grp->G.Y );
+
+    /* Actually, the required msb for private keys */
+    grp->nbits = 254;
+
+cleanup:
+    if( ret != 0 )
+        mbedtls_ecp_group_free( grp );
+
+    return( ret );
+}
+#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */
+
+/*
+ * Set a group using well-known domain parameters
+ */
+int mbedtls_ecp_group_load( mbedtls_ecp_group *grp, mbedtls_ecp_group_id id )
+{
+    mbedtls_ecp_group_free( grp );
+
+    grp->id = id;
+
+    switch( id )
+    {
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP192R1:
+            NIST_MODP( p192 );
+            return( LOAD_GROUP( secp192r1 ) );
+#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP224R1:
+            NIST_MODP( p224 );
+            return( LOAD_GROUP( secp224r1 ) );
+#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP256R1:
+            NIST_MODP( p256 );
+            return( LOAD_GROUP( secp256r1 ) );
+#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP384R1:
+            NIST_MODP( p384 );
+            return( LOAD_GROUP( secp384r1 ) );
+#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP521R1:
+            NIST_MODP( p521 );
+            return( LOAD_GROUP( secp521r1 ) );
+#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP192K1:
+            grp->modp = ecp_mod_p192k1;
+            return( LOAD_GROUP_A( secp192k1 ) );
+#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP224K1:
+            grp->modp = ecp_mod_p224k1;
+            return( LOAD_GROUP_A( secp224k1 ) );
+#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP256K1:
+            grp->modp = ecp_mod_p256k1;
+            return( LOAD_GROUP_A( secp256k1 ) );
+#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+        case MBEDTLS_ECP_DP_BP256R1:
+            return( LOAD_GROUP_A( brainpoolP256r1 ) );
+#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+        case MBEDTLS_ECP_DP_BP384R1:
+            return( LOAD_GROUP_A( brainpoolP384r1 ) );
+#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+        case MBEDTLS_ECP_DP_BP512R1:
+            return( LOAD_GROUP_A( brainpoolP512r1 ) );
+#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+        case MBEDTLS_ECP_DP_CURVE25519:
+            grp->modp = ecp_mod_p255;
+            return( ecp_use_curve25519( grp ) );
+#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */
+
+        default:
+            mbedtls_ecp_group_free( grp );
+            return( MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE );
+    }
+}
+
+#if defined(MBEDTLS_ECP_NIST_OPTIM)
+/*
+ * Fast reduction modulo the primes used by the NIST curves.
+ *
+ * These functions are critical for speed, but not needed for correct
+ * operations. So, we make the choice to heavily rely on the internals of our
+ * bignum library, which creates a tight coupling between these functions and
+ * our MPI implementation.  However, the coupling between the ECP module and
+ * MPI remains loose, since these functions can be deactivated at will.
+ */
+
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+/*
+ * Compared to the way things are presented in FIPS 186-3 D.2,
+ * we proceed in columns, from right (least significant chunk) to left,
+ * adding chunks to N in place, and keeping a carry for the next chunk.
+ * This avoids moving things around in memory, and uselessly adding zeros,
+ * compared to the more straightforward, line-oriented approach.
+ *
+ * For this prime we need to handle data in chunks of 64 bits.
+ * Since this is always a multiple of our basic mbedtls_mpi_uint, we can
+ * use a mbedtls_mpi_uint * to designate such a chunk, and small loops to handle it.
+ */
+
+/* Add 64-bit chunks (dst += src) and update carry */
+static inline void add64( mbedtls_mpi_uint *dst, mbedtls_mpi_uint *src, mbedtls_mpi_uint *carry )
+{
+    unsigned char i;
+    mbedtls_mpi_uint c = 0;
+    for( i = 0; i < 8 / sizeof( mbedtls_mpi_uint ); i++, dst++, src++ )
+    {
+        *dst += c;      c  = ( *dst < c );
+        *dst += *src;   c += ( *dst < *src );
+    }
+    *carry += c;
+}
+
+/* Add carry to a 64-bit chunk and update carry */
+static inline void carry64( mbedtls_mpi_uint *dst, mbedtls_mpi_uint *carry )
+{
+    unsigned char i;
+    for( i = 0; i < 8 / sizeof( mbedtls_mpi_uint ); i++, dst++ )
+    {
+        *dst += *carry;
+        *carry  = ( *dst < *carry );
+    }
+}
+
+#define WIDTH       8 / sizeof( mbedtls_mpi_uint )
+#define A( i )      N->p + i * WIDTH
+#define ADD( i )    add64( p, A( i ), &c )
+#define NEXT        p += WIDTH; carry64( p, &c )
+#define LAST        p += WIDTH; *p = c; while( ++p < end ) *p = 0
+
+/*
+ * Fast quasi-reduction modulo p192 (FIPS 186-3 D.2.1)
+ */
+static int ecp_mod_p192( mbedtls_mpi *N )
+{
+    int ret;
+    mbedtls_mpi_uint c = 0;
+    mbedtls_mpi_uint *p, *end;
+
+    /* Make sure we have enough blocks so that A(5) is legal */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( N, 6 * WIDTH ) );
+
+    p = N->p;
+    end = p + N->n;
+
+    ADD( 3 ); ADD( 5 );             NEXT; // A0 += A3 + A5
+    ADD( 3 ); ADD( 4 ); ADD( 5 );   NEXT; // A1 += A3 + A4 + A5
+    ADD( 4 ); ADD( 5 );             LAST; // A2 += A4 + A5
+
+cleanup:
+    return( ret );
+}
+
+#undef WIDTH
+#undef A
+#undef ADD
+#undef NEXT
+#undef LAST
+#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+/*
+ * The reader is advised to first understand ecp_mod_p192() since the same
+ * general structure is used here, but with additional complications:
+ * (1) chunks of 32 bits, and (2) subtractions.
+ */
+
+/*
+ * For these primes, we need to handle data in chunks of 32 bits.
+ * This makes it more complicated if we use 64 bits limbs in MPI,
+ * which prevents us from using a uniform access method as for p192.
+ *
+ * So, we define a mini abstraction layer to access 32 bit chunks,
+ * load them in 'cur' for work, and store them back from 'cur' when done.
+ *
+ * While at it, also define the size of N in terms of 32-bit chunks.
+ */
+#define LOAD32      cur = A( i );
+
+#if defined(MBEDTLS_HAVE_INT32)  /* 32 bit */
+
+#define MAX32       N->n
+#define A( j )      N->p[j]
+#define STORE32     N->p[i] = cur;
+
+#else                               /* 64-bit */
+
+#define MAX32       N->n * 2
+#define A( j ) j % 2 ? (uint32_t)( N->p[j/2] >> 32 ) : (uint32_t)( N->p[j/2] )
+#define STORE32                                   \
+    if( i % 2 ) {                                 \
+        N->p[i/2] &= 0x00000000FFFFFFFF;          \
+        N->p[i/2] |= ((mbedtls_mpi_uint) cur) << 32;        \
+    } else {                                      \
+        N->p[i/2] &= 0xFFFFFFFF00000000;          \
+        N->p[i/2] |= (mbedtls_mpi_uint) cur;                \
+    }
+
+#endif /* sizeof( mbedtls_mpi_uint ) */
+
+/*
+ * Helpers for addition and subtraction of chunks, with signed carry.
+ */
+static inline void add32( uint32_t *dst, uint32_t src, signed char *carry )
+{
+    *dst += src;
+    *carry += ( *dst < src );
+}
+
+static inline void sub32( uint32_t *dst, uint32_t src, signed char *carry )
+{
+    *carry -= ( *dst < src );
+    *dst -= src;
+}
+
+#define ADD( j )    add32( &cur, A( j ), &c );
+#define SUB( j )    sub32( &cur, A( j ), &c );
+
+/*
+ * Helpers for the main 'loop'
+ * (see fix_negative for the motivation of C)
+ */
+#define INIT( b )                                           \
+    int ret;                                                \
+    signed char c = 0, cc;                                  \
+    uint32_t cur;                                           \
+    size_t i = 0, bits = b;                                 \
+    mbedtls_mpi C;                                                  \
+    mbedtls_mpi_uint Cp[ b / 8 / sizeof( mbedtls_mpi_uint) + 1 ];               \
+                                                            \
+    C.s = 1;                                                \
+    C.n = b / 8 / sizeof( mbedtls_mpi_uint) + 1;                      \
+    C.p = Cp;                                               \
+    memset( Cp, 0, C.n * sizeof( mbedtls_mpi_uint ) );                \
+                                                            \
+    MBEDTLS_MPI_CHK( mbedtls_mpi_grow( N, b * 2 / 8 / sizeof( mbedtls_mpi_uint ) ) ); \
+    LOAD32;
+
+#define NEXT                    \
+    STORE32; i++; LOAD32;       \
+    cc = c; c = 0;              \
+    if( cc < 0 )                \
+        sub32( &cur, -cc, &c ); \
+    else                        \
+        add32( &cur, cc, &c );  \
+
+#define LAST                                    \
+    STORE32; i++;                               \
+    cur = c > 0 ? c : 0; STORE32;               \
+    cur = 0; while( ++i < MAX32 ) { STORE32; }  \
+    if( c < 0 ) fix_negative( N, c, &C, bits );
+
+/*
+ * If the result is negative, we get it in the form
+ * c * 2^(bits + 32) + N, with c negative and N positive shorter than 'bits'
+ */
+static inline int fix_negative( mbedtls_mpi *N, signed char c, mbedtls_mpi *C, size_t bits )
+{
+    int ret;
+
+    /* C = - c * 2^(bits + 32) */
+#if !defined(MBEDTLS_HAVE_INT64)
+    ((void) bits);
+#else
+    if( bits == 224 )
+        C->p[ C->n - 1 ] = ((mbedtls_mpi_uint) -c) << 32;
+    else
+#endif
+        C->p[ C->n - 1 ] = (mbedtls_mpi_uint) -c;
+
+    /* N = - ( C - N ) */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( N, C, N ) );
+    N->s = -1;
+
+cleanup:
+
+    return( ret );
+}
+
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+/*
+ * Fast quasi-reduction modulo p224 (FIPS 186-3 D.2.2)
+ */
+static int ecp_mod_p224( mbedtls_mpi *N )
+{
+    INIT( 224 );
+
+    SUB(  7 ); SUB( 11 );               NEXT; // A0 += -A7 - A11
+    SUB(  8 ); SUB( 12 );               NEXT; // A1 += -A8 - A12
+    SUB(  9 ); SUB( 13 );               NEXT; // A2 += -A9 - A13
+    SUB( 10 ); ADD(  7 ); ADD( 11 );    NEXT; // A3 += -A10 + A7 + A11
+    SUB( 11 ); ADD(  8 ); ADD( 12 );    NEXT; // A4 += -A11 + A8 + A12
+    SUB( 12 ); ADD(  9 ); ADD( 13 );    NEXT; // A5 += -A12 + A9 + A13
+    SUB( 13 ); ADD( 10 );               LAST; // A6 += -A13 + A10
+
+cleanup:
+    return( ret );
+}
+#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+/*
+ * Fast quasi-reduction modulo p256 (FIPS 186-3 D.2.3)
+ */
+static int ecp_mod_p256( mbedtls_mpi *N )
+{
+    INIT( 256 );
+
+    ADD(  8 ); ADD(  9 );
+    SUB( 11 ); SUB( 12 ); SUB( 13 ); SUB( 14 );             NEXT; // A0
+
+    ADD(  9 ); ADD( 10 );
+    SUB( 12 ); SUB( 13 ); SUB( 14 ); SUB( 15 );             NEXT; // A1
+
+    ADD( 10 ); ADD( 11 );
+    SUB( 13 ); SUB( 14 ); SUB( 15 );                        NEXT; // A2
+
+    ADD( 11 ); ADD( 11 ); ADD( 12 ); ADD( 12 ); ADD( 13 );
+    SUB( 15 ); SUB(  8 ); SUB(  9 );                        NEXT; // A3
+
+    ADD( 12 ); ADD( 12 ); ADD( 13 ); ADD( 13 ); ADD( 14 );
+    SUB(  9 ); SUB( 10 );                                   NEXT; // A4
+
+    ADD( 13 ); ADD( 13 ); ADD( 14 ); ADD( 14 ); ADD( 15 );
+    SUB( 10 ); SUB( 11 );                                   NEXT; // A5
+
+    ADD( 14 ); ADD( 14 ); ADD( 15 ); ADD( 15 ); ADD( 14 ); ADD( 13 );
+    SUB(  8 ); SUB(  9 );                                   NEXT; // A6
+
+    ADD( 15 ); ADD( 15 ); ADD( 15 ); ADD( 8 );
+    SUB( 10 ); SUB( 11 ); SUB( 12 ); SUB( 13 );             LAST; // A7
+
+cleanup:
+    return( ret );
+}
+#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+/*
+ * Fast quasi-reduction modulo p384 (FIPS 186-3 D.2.4)
+ */
+static int ecp_mod_p384( mbedtls_mpi *N )
+{
+    INIT( 384 );
+
+    ADD( 12 ); ADD( 21 ); ADD( 20 );
+    SUB( 23 );                                              NEXT; // A0
+
+    ADD( 13 ); ADD( 22 ); ADD( 23 );
+    SUB( 12 ); SUB( 20 );                                   NEXT; // A2
+
+    ADD( 14 ); ADD( 23 );
+    SUB( 13 ); SUB( 21 );                                   NEXT; // A2
+
+    ADD( 15 ); ADD( 12 ); ADD( 20 ); ADD( 21 );
+    SUB( 14 ); SUB( 22 ); SUB( 23 );                        NEXT; // A3
+
+    ADD( 21 ); ADD( 21 ); ADD( 16 ); ADD( 13 ); ADD( 12 ); ADD( 20 ); ADD( 22 );
+    SUB( 15 ); SUB( 23 ); SUB( 23 );                        NEXT; // A4
+
+    ADD( 22 ); ADD( 22 ); ADD( 17 ); ADD( 14 ); ADD( 13 ); ADD( 21 ); ADD( 23 );
+    SUB( 16 );                                              NEXT; // A5
+
+    ADD( 23 ); ADD( 23 ); ADD( 18 ); ADD( 15 ); ADD( 14 ); ADD( 22 );
+    SUB( 17 );                                              NEXT; // A6
+
+    ADD( 19 ); ADD( 16 ); ADD( 15 ); ADD( 23 );
+    SUB( 18 );                                              NEXT; // A7
+
+    ADD( 20 ); ADD( 17 ); ADD( 16 );
+    SUB( 19 );                                              NEXT; // A8
+
+    ADD( 21 ); ADD( 18 ); ADD( 17 );
+    SUB( 20 );                                              NEXT; // A9
+
+    ADD( 22 ); ADD( 19 ); ADD( 18 );
+    SUB( 21 );                                              NEXT; // A10
+
+    ADD( 23 ); ADD( 20 ); ADD( 19 );
+    SUB( 22 );                                              LAST; // A11
+
+cleanup:
+    return( ret );
+}
+#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
+
+#undef A
+#undef LOAD32
+#undef STORE32
+#undef MAX32
+#undef INIT
+#undef NEXT
+#undef LAST
+
+#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED ||
+          MBEDTLS_ECP_DP_SECP256R1_ENABLED ||
+          MBEDTLS_ECP_DP_SECP384R1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+/*
+ * Here we have an actual Mersenne prime, so things are more straightforward.
+ * However, chunks are aligned on a 'weird' boundary (521 bits).
+ */
+
+/* Size of p521 in terms of mbedtls_mpi_uint */
+#define P521_WIDTH      ( 521 / 8 / sizeof( mbedtls_mpi_uint ) + 1 )
+
+/* Bits to keep in the most significant mbedtls_mpi_uint */
+#define P521_MASK       0x01FF
+
+/*
+ * Fast quasi-reduction modulo p521 (FIPS 186-3 D.2.5)
+ * Write N as A1 + 2^521 A0, return A0 + A1
+ */
+static int ecp_mod_p521( mbedtls_mpi *N )
+{
+    int ret;
+    size_t i;
+    mbedtls_mpi M;
+    mbedtls_mpi_uint Mp[P521_WIDTH + 1];
+    /* Worst case for the size of M is when mbedtls_mpi_uint is 16 bits:
+     * we need to hold bits 513 to 1056, which is 34 limbs, that is
+     * P521_WIDTH + 1. Otherwise P521_WIDTH is enough. */
+
+    if( N->n < P521_WIDTH )
+        return( 0 );
+
+    /* M = A1 */
+    M.s = 1;
+    M.n = N->n - ( P521_WIDTH - 1 );
+    if( M.n > P521_WIDTH + 1 )
+        M.n = P521_WIDTH + 1;
+    M.p = Mp;
+    memcpy( Mp, N->p + P521_WIDTH - 1, M.n * sizeof( mbedtls_mpi_uint ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, 521 % ( 8 * sizeof( mbedtls_mpi_uint ) ) ) );
+
+    /* N = A0 */
+    N->p[P521_WIDTH - 1] &= P521_MASK;
+    for( i = P521_WIDTH; i < N->n; i++ )
+        N->p[i] = 0;
+
+    /* N = A0 + A1 */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( N, N, &M ) );
+
+cleanup:
+    return( ret );
+}
+
+#undef P521_WIDTH
+#undef P521_MASK
+#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
+
+#endif /* MBEDTLS_ECP_NIST_OPTIM */
+
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+
+/* Size of p255 in terms of mbedtls_mpi_uint */
+#define P255_WIDTH      ( 255 / 8 / sizeof( mbedtls_mpi_uint ) + 1 )
+
+/*
+ * Fast quasi-reduction modulo p255 = 2^255 - 19
+ * Write N as A0 + 2^255 A1, return A0 + 19 * A1
+ */
+static int ecp_mod_p255( mbedtls_mpi *N )
+{
+    int ret;
+    size_t i;
+    mbedtls_mpi M;
+    mbedtls_mpi_uint Mp[P255_WIDTH + 2];
+
+    if( N->n < P255_WIDTH )
+        return( 0 );
+
+    /* M = A1 */
+    M.s = 1;
+    M.n = N->n - ( P255_WIDTH - 1 );
+    if( M.n > P255_WIDTH + 1 )
+        M.n = P255_WIDTH + 1;
+    M.p = Mp;
+    memset( Mp, 0, sizeof Mp );
+    memcpy( Mp, N->p + P255_WIDTH - 1, M.n * sizeof( mbedtls_mpi_uint ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, 255 % ( 8 * sizeof( mbedtls_mpi_uint ) ) ) );
+    M.n++; /* Make room for multiplication by 19 */
+
+    /* N = A0 */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_set_bit( N, 255, 0 ) );
+    for( i = P255_WIDTH; i < N->n; i++ )
+        N->p[i] = 0;
+
+    /* N = A0 + 19 * A1 */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_int( &M, &M, 19 ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( N, N, &M ) );
+
+cleanup:
+    return( ret );
+}
+#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) ||   \
+    defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+/*
+ * Fast quasi-reduction modulo P = 2^s - R,
+ * with R about 33 bits, used by the Koblitz curves.
+ *
+ * Write N as A0 + 2^224 A1, return A0 + R * A1.
+ * Actually do two passes, since R is big.
+ */
+#define P_KOBLITZ_MAX   ( 256 / 8 / sizeof( mbedtls_mpi_uint ) )  // Max limbs in P
+#define P_KOBLITZ_R     ( 8 / sizeof( mbedtls_mpi_uint ) )        // Limbs in R
+static inline int ecp_mod_koblitz( mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t p_limbs,
+                                   size_t adjust, size_t shift, mbedtls_mpi_uint mask )
+{
+    int ret;
+    size_t i;
+    mbedtls_mpi M, R;
+    mbedtls_mpi_uint Mp[P_KOBLITZ_MAX + P_KOBLITZ_R + 1];
+
+    if( N->n < p_limbs )
+        return( 0 );
+
+    /* Init R */
+    R.s = 1;
+    R.p = Rp;
+    R.n = P_KOBLITZ_R;
+
+    /* Common setup for M */
+    M.s = 1;
+    M.p = Mp;
+
+    /* M = A1 */
+    M.n = N->n - ( p_limbs - adjust );
+    if( M.n > p_limbs + adjust )
+        M.n = p_limbs + adjust;
+    memset( Mp, 0, sizeof Mp );
+    memcpy( Mp, N->p + p_limbs - adjust, M.n * sizeof( mbedtls_mpi_uint ) );
+    if( shift != 0 )
+        MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, shift ) );
+    M.n += R.n; /* Make room for multiplication by R */
+
+    /* N = A0 */
+    if( mask != 0 )
+        N->p[p_limbs - 1] &= mask;
+    for( i = p_limbs; i < N->n; i++ )
+        N->p[i] = 0;
+
+    /* N = A0 + R * A1 */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &M, &M, &R ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( N, N, &M ) );
+
+    /* Second pass */
+
+    /* M = A1 */
+    M.n = N->n - ( p_limbs - adjust );
+    if( M.n > p_limbs + adjust )
+        M.n = p_limbs + adjust;
+    memset( Mp, 0, sizeof Mp );
+    memcpy( Mp, N->p + p_limbs - adjust, M.n * sizeof( mbedtls_mpi_uint ) );
+    if( shift != 0 )
+        MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, shift ) );
+    M.n += R.n; /* Make room for multiplication by R */
+
+    /* N = A0 */
+    if( mask != 0 )
+        N->p[p_limbs - 1] &= mask;
+    for( i = p_limbs; i < N->n; i++ )
+        N->p[i] = 0;
+
+    /* N = A0 + R * A1 */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &M, &M, &R ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_add_abs( N, N, &M ) );
+
+cleanup:
+    return( ret );
+}
+#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED) ||
+          MBEDTLS_ECP_DP_SECP224K1_ENABLED) ||
+          MBEDTLS_ECP_DP_SECP256K1_ENABLED) */
+
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+/*
+ * Fast quasi-reduction modulo p192k1 = 2^192 - R,
+ * with R = 2^32 + 2^12 + 2^8 + 2^7 + 2^6 + 2^3 + 1 = 0x0100001119
+ */
+static int ecp_mod_p192k1( mbedtls_mpi *N )
+{
+    static mbedtls_mpi_uint Rp[] = {
+        BYTES_TO_T_UINT_8( 0xC9, 0x11, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ) };
+
+    return( ecp_mod_koblitz( N, Rp, 192 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, 0 ) );
+}
+#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+/*
+ * Fast quasi-reduction modulo p224k1 = 2^224 - R,
+ * with R = 2^32 + 2^12 + 2^11 + 2^9 + 2^7 + 2^4 + 2 + 1 = 0x0100001A93
+ */
+static int ecp_mod_p224k1( mbedtls_mpi *N )
+{
+    static mbedtls_mpi_uint Rp[] = {
+        BYTES_TO_T_UINT_8( 0x93, 0x1A, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ) };
+
+#if defined(MBEDTLS_HAVE_INT64)
+    return( ecp_mod_koblitz( N, Rp, 4, 1, 32, 0xFFFFFFFF ) );
+#else
+    return( ecp_mod_koblitz( N, Rp, 224 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, 0 ) );
+#endif
+}
+
+#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
+
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+/*
+ * Fast quasi-reduction modulo p256k1 = 2^256 - R,
+ * with R = 2^32 + 2^9 + 2^8 + 2^7 + 2^6 + 2^4 + 1 = 0x01000003D1
+ */
+static int ecp_mod_p256k1( mbedtls_mpi *N )
+{
+    static mbedtls_mpi_uint Rp[] = {
+        BYTES_TO_T_UINT_8( 0xD1, 0x03, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 ) };
+    return( ecp_mod_koblitz( N, Rp, 256 / 8 / sizeof( mbedtls_mpi_uint ), 0, 0, 0 ) );
+}
+#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
+
+#endif /* !MBEDTLS_ECP_ALT */
+
+#endif /* MBEDTLS_ECP_C */
diff --git a/thirdparty/mbedtls/library/entropy.c b/thirdparty/mbedtls/library/entropy.c
new file mode 100644
index 0000000000..e17512e779
--- /dev/null
+++ b/thirdparty/mbedtls/library/entropy.c
@@ -0,0 +1,725 @@
+/*
+ *  Entropy accumulator implementation
+ *
+ *  Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_ENTROPY_C)
+
+#if defined(MBEDTLS_TEST_NULL_ENTROPY)
+#warning "**** WARNING!  MBEDTLS_TEST_NULL_ENTROPY defined! "
+#warning "**** THIS BUILD HAS NO DEFINED ENTROPY SOURCES "
+#warning "**** THIS BUILD IS *NOT* SUITABLE FOR PRODUCTION USE "
+#endif
+
+#include "mbedtls/entropy.h"
+#include "mbedtls/entropy_poll.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_FS_IO)
+#include <stdio.h>
+#endif
+
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+#include "mbedtls/platform.h"
+#endif
+
+#if defined(MBEDTLS_SELF_TEST)
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf     printf
+#endif /* MBEDTLS_PLATFORM_C */
+#endif /* MBEDTLS_SELF_TEST */
+
+#if defined(MBEDTLS_HAVEGE_C)
+#include "mbedtls/havege.h"
+#endif
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+#define ENTROPY_MAX_LOOP    256     /**< Maximum amount to loop before error */
+
+void mbedtls_entropy_init( mbedtls_entropy_context *ctx )
+{
+    ctx->source_count = 0;
+    memset( ctx->source, 0, sizeof( ctx->source ) );
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_init( &ctx->mutex );
+#endif
+
+    ctx->accumulator_started = 0;
+#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
+    mbedtls_sha512_init( &ctx->accumulator );
+#else
+    mbedtls_sha256_init( &ctx->accumulator );
+#endif
+#if defined(MBEDTLS_HAVEGE_C)
+    mbedtls_havege_init( &ctx->havege_data );
+#endif
+
+    /* Reminder: Update ENTROPY_HAVE_STRONG in the test files
+     *           when adding more strong entropy sources here. */
+
+#if defined(MBEDTLS_TEST_NULL_ENTROPY)
+    mbedtls_entropy_add_source( ctx, mbedtls_null_entropy_poll, NULL,
+                                1, MBEDTLS_ENTROPY_SOURCE_STRONG );
+#endif
+
+#if !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
+#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
+    mbedtls_entropy_add_source( ctx, mbedtls_platform_entropy_poll, NULL,
+                                MBEDTLS_ENTROPY_MIN_PLATFORM,
+                                MBEDTLS_ENTROPY_SOURCE_STRONG );
+#endif
+#if defined(MBEDTLS_TIMING_C)
+    mbedtls_entropy_add_source( ctx, mbedtls_hardclock_poll, NULL,
+                                MBEDTLS_ENTROPY_MIN_HARDCLOCK,
+                                MBEDTLS_ENTROPY_SOURCE_WEAK );
+#endif
+#if defined(MBEDTLS_HAVEGE_C)
+    mbedtls_entropy_add_source( ctx, mbedtls_havege_poll, &ctx->havege_data,
+                                MBEDTLS_ENTROPY_MIN_HAVEGE,
+                                MBEDTLS_ENTROPY_SOURCE_STRONG );
+#endif
+#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
+    mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL,
+                                MBEDTLS_ENTROPY_MIN_HARDWARE,
+                                MBEDTLS_ENTROPY_SOURCE_STRONG );
+#endif
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+    mbedtls_entropy_add_source( ctx, mbedtls_nv_seed_poll, NULL,
+                                MBEDTLS_ENTROPY_BLOCK_SIZE,
+                                MBEDTLS_ENTROPY_SOURCE_STRONG );
+    ctx->initial_entropy_run = 0;
+#endif
+#endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */
+}
+
+void mbedtls_entropy_free( mbedtls_entropy_context *ctx )
+{
+#if defined(MBEDTLS_HAVEGE_C)
+    mbedtls_havege_free( &ctx->havege_data );
+#endif
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_free( &ctx->mutex );
+#endif
+#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
+    mbedtls_sha512_free( &ctx->accumulator );
+#else
+    mbedtls_sha256_free( &ctx->accumulator );
+#endif
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+    ctx->initial_entropy_run = 0;
+#endif
+    ctx->source_count = 0;
+    mbedtls_zeroize( ctx->source, sizeof( ctx->source ) );
+    ctx->accumulator_started = 0;
+}
+
+int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx,
+                        mbedtls_entropy_f_source_ptr f_source, void *p_source,
+                        size_t threshold, int strong )
+{
+    int idx, ret = 0;
+
+#if defined(MBEDTLS_THREADING_C)
+    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
+        return( ret );
+#endif
+
+    idx = ctx->source_count;
+    if( idx >= MBEDTLS_ENTROPY_MAX_SOURCES )
+    {
+        ret = MBEDTLS_ERR_ENTROPY_MAX_SOURCES;
+        goto exit;
+    }
+
+    ctx->source[idx].f_source  = f_source;
+    ctx->source[idx].p_source  = p_source;
+    ctx->source[idx].threshold = threshold;
+    ctx->source[idx].strong    = strong;
+
+    ctx->source_count++;
+
+exit:
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
+        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
+#endif
+
+    return( ret );
+}
+
+/*
+ * Entropy accumulator update
+ */
+static int entropy_update( mbedtls_entropy_context *ctx, unsigned char source_id,
+                           const unsigned char *data, size_t len )
+{
+    unsigned char header[2];
+    unsigned char tmp[MBEDTLS_ENTROPY_BLOCK_SIZE];
+    size_t use_len = len;
+    const unsigned char *p = data;
+    int ret = 0;
+
+    if( use_len > MBEDTLS_ENTROPY_BLOCK_SIZE )
+    {
+#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
+        if( ( ret = mbedtls_sha512_ret( data, len, tmp, 0 ) ) != 0 )
+            goto cleanup;
+#else
+        if( ( ret = mbedtls_sha256_ret( data, len, tmp, 0 ) ) != 0 )
+            goto cleanup;
+#endif
+        p = tmp;
+        use_len = MBEDTLS_ENTROPY_BLOCK_SIZE;
+    }
+
+    header[0] = source_id;
+    header[1] = use_len & 0xFF;
+
+    /*
+     * Start the accumulator if this has not already happened. Note that
+     * it is sufficient to start the accumulator here only because all calls to
+     * gather entropy eventually execute this code.
+     */
+#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
+    if( ctx->accumulator_started == 0 &&
+        ( ret = mbedtls_sha512_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
+        goto cleanup;
+    else
+        ctx->accumulator_started = 1;
+    if( ( ret = mbedtls_sha512_update_ret( &ctx->accumulator, header, 2 ) ) != 0 )
+        goto cleanup;
+    ret = mbedtls_sha512_update_ret( &ctx->accumulator, p, use_len );
+#else
+    if( ctx->accumulator_started == 0 &&
+        ( ret = mbedtls_sha256_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
+        goto cleanup;
+    else
+        ctx->accumulator_started = 1;
+    if( ( ret = mbedtls_sha256_update_ret( &ctx->accumulator, header, 2 ) ) != 0 )
+        goto cleanup;
+    ret = mbedtls_sha256_update_ret( &ctx->accumulator, p, use_len );
+#endif
+
+cleanup:
+    mbedtls_zeroize( tmp, sizeof( tmp ) );
+
+    return( ret );
+}
+
+int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx,
+                           const unsigned char *data, size_t len )
+{
+    int ret;
+
+#if defined(MBEDTLS_THREADING_C)
+    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
+        return( ret );
+#endif
+
+    ret = entropy_update( ctx, MBEDTLS_ENTROPY_SOURCE_MANUAL, data, len );
+
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
+        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
+#endif
+
+    return( ret );
+}
+
+/*
+ * Run through the different sources to add entropy to our accumulator
+ */
+static int entropy_gather_internal( mbedtls_entropy_context *ctx )
+{
+    int ret, i, have_one_strong = 0;
+    unsigned char buf[MBEDTLS_ENTROPY_MAX_GATHER];
+    size_t olen;
+
+    if( ctx->source_count == 0 )
+        return( MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED );
+
+    /*
+     * Run through our entropy sources
+     */
+    for( i = 0; i < ctx->source_count; i++ )
+    {
+        if( ctx->source[i].strong == MBEDTLS_ENTROPY_SOURCE_STRONG )
+            have_one_strong = 1;
+
+        olen = 0;
+        if( ( ret = ctx->source[i].f_source( ctx->source[i].p_source,
+                        buf, MBEDTLS_ENTROPY_MAX_GATHER, &olen ) ) != 0 )
+        {
+            goto cleanup;
+        }
+
+        /*
+         * Add if we actually gathered something
+         */
+        if( olen > 0 )
+        {
+            if( ( ret = entropy_update( ctx, (unsigned char) i,
+                                        buf, olen ) ) != 0 )
+                return( ret );
+            ctx->source[i].size += olen;
+        }
+    }
+
+    if( have_one_strong == 0 )
+        ret = MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE;
+
+cleanup:
+    mbedtls_zeroize( buf, sizeof( buf ) );
+
+    return( ret );
+}
+
+/*
+ * Thread-safe wrapper for entropy_gather_internal()
+ */
+int mbedtls_entropy_gather( mbedtls_entropy_context *ctx )
+{
+    int ret;
+
+#if defined(MBEDTLS_THREADING_C)
+    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
+        return( ret );
+#endif
+
+    ret = entropy_gather_internal( ctx );
+
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
+        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
+#endif
+
+    return( ret );
+}
+
+int mbedtls_entropy_func( void *data, unsigned char *output, size_t len )
+{
+    int ret, count = 0, i, done;
+    mbedtls_entropy_context *ctx = (mbedtls_entropy_context *) data;
+    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
+
+    if( len > MBEDTLS_ENTROPY_BLOCK_SIZE )
+        return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
+
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+    /* Update the NV entropy seed before generating any entropy for outside
+     * use.
+     */
+    if( ctx->initial_entropy_run == 0 )
+    {
+        ctx->initial_entropy_run = 1;
+        if( ( ret = mbedtls_entropy_update_nv_seed( ctx ) ) != 0 )
+            return( ret );
+    }
+#endif
+
+#if defined(MBEDTLS_THREADING_C)
+    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
+        return( ret );
+#endif
+
+    /*
+     * Always gather extra entropy before a call
+     */
+    do
+    {
+        if( count++ > ENTROPY_MAX_LOOP )
+        {
+            ret = MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+            goto exit;
+        }
+
+        if( ( ret = entropy_gather_internal( ctx ) ) != 0 )
+            goto exit;
+
+        done = 1;
+        for( i = 0; i < ctx->source_count; i++ )
+            if( ctx->source[i].size < ctx->source[i].threshold )
+                done = 0;
+    }
+    while( ! done );
+
+    memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
+
+#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
+    /*
+     * Note that at this stage it is assumed that the accumulator was started
+     * in a previous call to entropy_update(). If this is not guaranteed, the
+     * code below will fail.
+     */
+    if( ( ret = mbedtls_sha512_finish_ret( &ctx->accumulator, buf ) ) != 0 )
+        goto exit;
+
+    /*
+     * Reset accumulator and counters and recycle existing entropy
+     */
+    mbedtls_sha512_free( &ctx->accumulator );
+    mbedtls_sha512_init( &ctx->accumulator );
+    if( ( ret = mbedtls_sha512_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
+        goto exit;
+    if( ( ret = mbedtls_sha512_update_ret( &ctx->accumulator, buf,
+                                           MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
+        goto exit;
+
+    /*
+     * Perform second SHA-512 on entropy
+     */
+    if( ( ret = mbedtls_sha512_ret( buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
+                                    buf, 0 ) ) != 0 )
+        goto exit;
+#else /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */
+    if( ( ret = mbedtls_sha256_finish_ret( &ctx->accumulator, buf ) ) != 0 )
+        goto exit;
+
+    /*
+     * Reset accumulator and counters and recycle existing entropy
+     */
+    mbedtls_sha256_free( &ctx->accumulator );
+    mbedtls_sha256_init( &ctx->accumulator );
+    if( ( ret = mbedtls_sha256_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
+        goto exit;
+    if( ( ret = mbedtls_sha256_update_ret( &ctx->accumulator, buf,
+                                           MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
+        goto exit;
+
+    /*
+     * Perform second SHA-256 on entropy
+     */
+    if( ( ret = mbedtls_sha256_ret( buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
+                                    buf, 0 ) ) != 0 )
+        goto exit;
+#endif /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */
+
+    for( i = 0; i < ctx->source_count; i++ )
+        ctx->source[i].size = 0;
+
+    memcpy( output, buf, len );
+
+    ret = 0;
+
+exit:
+    mbedtls_zeroize( buf, sizeof( buf ) );
+
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
+        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
+#endif
+
+    return( ret );
+}
+
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx )
+{
+    int ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
+    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
+
+    /* Read new seed  and write it to NV */
+    if( ( ret = mbedtls_entropy_func( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
+        return( ret );
+
+    if( mbedtls_nv_seed_write( buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) < 0 )
+        return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR );
+
+    /* Manually update the remaining stream with a separator value to diverge */
+    memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
+    ret = mbedtls_entropy_update_manual( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
+
+    return( ret );
+}
+#endif /* MBEDTLS_ENTROPY_NV_SEED */
+
+#if defined(MBEDTLS_FS_IO)
+int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path )
+{
+    int ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
+    FILE *f;
+    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
+
+    if( ( f = fopen( path, "wb" ) ) == NULL )
+        return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR );
+
+    if( ( ret = mbedtls_entropy_func( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
+        goto exit;
+
+    if( fwrite( buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f ) != MBEDTLS_ENTROPY_BLOCK_SIZE )
+    {
+        ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
+        goto exit;
+    }
+
+    ret = 0;
+
+exit:
+    mbedtls_zeroize( buf, sizeof( buf ) );
+
+    fclose( f );
+    return( ret );
+}
+
+int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *path )
+{
+    int ret = 0;
+    FILE *f;
+    size_t n;
+    unsigned char buf[ MBEDTLS_ENTROPY_MAX_SEED_SIZE ];
+
+    if( ( f = fopen( path, "rb" ) ) == NULL )
+        return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR );
+
+    fseek( f, 0, SEEK_END );
+    n = (size_t) ftell( f );
+    fseek( f, 0, SEEK_SET );
+
+    if( n > MBEDTLS_ENTROPY_MAX_SEED_SIZE )
+        n = MBEDTLS_ENTROPY_MAX_SEED_SIZE;
+
+    if( fread( buf, 1, n, f ) != n )
+        ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
+    else
+        ret = mbedtls_entropy_update_manual( ctx, buf, n );
+
+    fclose( f );
+
+    mbedtls_zeroize( buf, sizeof( buf ) );
+
+    if( ret != 0 )
+        return( ret );
+
+    return( mbedtls_entropy_write_seed_file( ctx, path ) );
+}
+#endif /* MBEDTLS_FS_IO */
+
+#if defined(MBEDTLS_SELF_TEST)
+#if !defined(MBEDTLS_TEST_NULL_ENTROPY)
+/*
+ * Dummy source function
+ */
+static int entropy_dummy_source( void *data, unsigned char *output,
+                                 size_t len, size_t *olen )
+{
+    ((void) data);
+
+    memset( output, 0x2a, len );
+    *olen = len;
+
+    return( 0 );
+}
+#endif /* !MBEDTLS_TEST_NULL_ENTROPY */
+
+#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
+
+static int mbedtls_entropy_source_self_test_gather( unsigned char *buf, size_t buf_len )
+{
+    int ret = 0;
+    size_t entropy_len = 0;
+    size_t olen = 0;
+    size_t attempts = buf_len;
+
+    while( attempts > 0 && entropy_len < buf_len )
+    {
+        if( ( ret = mbedtls_hardware_poll( NULL, buf + entropy_len,
+            buf_len - entropy_len, &olen ) ) != 0 )
+            return( ret );
+
+        entropy_len += olen;
+        attempts--;
+    }
+
+    if( entropy_len < buf_len )
+    {
+        ret = 1;
+    }
+
+    return( ret );
+}
+
+
+static int mbedtls_entropy_source_self_test_check_bits( const unsigned char *buf,
+                                                        size_t buf_len )
+{
+    unsigned char set= 0xFF;
+    unsigned char unset = 0x00;
+    size_t i;
+
+    for( i = 0; i < buf_len; i++ )
+    {
+        set &= buf[i];
+        unset |= buf[i];
+    }
+
+    return( set == 0xFF || unset == 0x00 );
+}
+
+/*
+ * A test to ensure hat the entropy sources are functioning correctly
+ * and there is no obvious failure. The test performs the following checks:
+ *  - The entropy source is not providing only 0s (all bits unset) or 1s (all
+ *    bits set).
+ *  - The entropy source is not providing values in a pattern. Because the
+ *    hardware could be providing data in an arbitrary length, this check polls
+ *    the hardware entropy source twice and compares the result to ensure they
+ *    are not equal.
+ *  - The error code returned by the entropy source is not an error.
+ */
+int mbedtls_entropy_source_self_test( int verbose )
+{
+    int ret = 0;
+    unsigned char buf0[2 * sizeof( unsigned long long int )];
+    unsigned char buf1[2 * sizeof( unsigned long long int )];
+
+    if( verbose != 0 )
+        mbedtls_printf( "  ENTROPY_BIAS test: " );
+
+    memset( buf0, 0x00, sizeof( buf0 ) );
+    memset( buf1, 0x00, sizeof( buf1 ) );
+
+    if( ( ret = mbedtls_entropy_source_self_test_gather( buf0, sizeof( buf0 ) ) ) != 0 )
+        goto cleanup;
+    if( ( ret = mbedtls_entropy_source_self_test_gather( buf1, sizeof( buf1 ) ) ) != 0 )
+        goto cleanup;
+
+    /* Make sure that the returned values are not all 0 or 1 */
+    if( ( ret = mbedtls_entropy_source_self_test_check_bits( buf0, sizeof( buf0 ) ) ) != 0 )
+        goto cleanup;
+    if( ( ret = mbedtls_entropy_source_self_test_check_bits( buf1, sizeof( buf1 ) ) ) != 0 )
+        goto cleanup;
+
+    /* Make sure that the entropy source is not returning values in a
+     * pattern */
+    ret = memcmp( buf0, buf1, sizeof( buf0 ) ) == 0;
+
+cleanup:
+    if( verbose != 0 )
+    {
+        if( ret != 0 )
+            mbedtls_printf( "failed\n" );
+        else
+            mbedtls_printf( "passed\n" );
+
+        mbedtls_printf( "\n" );
+    }
+
+    return( ret != 0 );
+}
+
+#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */
+
+/*
+ * The actual entropy quality is hard to test, but we can at least
+ * test that the functions don't cause errors and write the correct
+ * amount of data to buffers.
+ */
+int mbedtls_entropy_self_test( int verbose )
+{
+    int ret = 1;
+#if !defined(MBEDTLS_TEST_NULL_ENTROPY)
+    mbedtls_entropy_context ctx;
+    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
+    unsigned char acc[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
+    size_t i, j;
+#endif /* !MBEDTLS_TEST_NULL_ENTROPY */
+
+    if( verbose != 0 )
+        mbedtls_printf( "  ENTROPY test: " );
+
+#if !defined(MBEDTLS_TEST_NULL_ENTROPY)
+    mbedtls_entropy_init( &ctx );
+
+    /* First do a gather to make sure we have default sources */
+    if( ( ret = mbedtls_entropy_gather( &ctx ) ) != 0 )
+        goto cleanup;
+
+    ret = mbedtls_entropy_add_source( &ctx, entropy_dummy_source, NULL, 16,
+                                      MBEDTLS_ENTROPY_SOURCE_WEAK );
+    if( ret != 0 )
+        goto cleanup;
+
+    if( ( ret = mbedtls_entropy_update_manual( &ctx, buf, sizeof buf ) ) != 0 )
+        goto cleanup;
+
+    /*
+     * To test that mbedtls_entropy_func writes correct number of bytes:
+     * - use the whole buffer and rely on ASan to detect overruns
+     * - collect entropy 8 times and OR the result in an accumulator:
+     *   any byte should then be 0 with probably 2^(-64), so requiring
+     *   each of the 32 or 64 bytes to be non-zero has a false failure rate
+     *   of at most 2^(-58) which is acceptable.
+     */
+    for( i = 0; i < 8; i++ )
+    {
+        if( ( ret = mbedtls_entropy_func( &ctx, buf, sizeof( buf ) ) ) != 0 )
+            goto cleanup;
+
+        for( j = 0; j < sizeof( buf ); j++ )
+            acc[j] |= buf[j];
+    }
+
+    for( j = 0; j < sizeof( buf ); j++ )
+    {
+        if( acc[j] == 0 )
+        {
+            ret = 1;
+            goto cleanup;
+        }
+    }
+
+#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
+    if( ( ret = mbedtls_entropy_source_self_test( 0 ) ) != 0 )
+        goto cleanup;
+#endif
+
+cleanup:
+    mbedtls_entropy_free( &ctx );
+#endif /* !MBEDTLS_TEST_NULL_ENTROPY */
+
+    if( verbose != 0 )
+    {
+        if( ret != 0 )
+            mbedtls_printf( "failed\n" );
+        else
+            mbedtls_printf( "passed\n" );
+
+        mbedtls_printf( "\n" );
+    }
+
+    return( ret != 0 );
+}
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_ENTROPY_C */
diff --git a/thirdparty/mbedtls/library/entropy_poll.c b/thirdparty/mbedtls/library/entropy_poll.c
new file mode 100644
index 0000000000..a116e605d2
--- /dev/null
+++ b/thirdparty/mbedtls/library/entropy_poll.c
@@ -0,0 +1,268 @@
+/*
+ *  Platform-specific and custom entropy polling functions
+ *
+ *  Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_ENTROPY_C)
+
+#include "mbedtls/entropy.h"
+#include "mbedtls/entropy_poll.h"
+
+#if defined(MBEDTLS_TIMING_C)
+#include <string.h>
+#include "mbedtls/timing.h"
+#endif
+#if defined(MBEDTLS_HAVEGE_C)
+#include "mbedtls/havege.h"
+#endif
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+#include "mbedtls/platform.h"
+#endif
+
+#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
+
+#if !defined(unix) && !defined(__unix__) && !defined(__unix) && \
+    !defined(__APPLE__) && !defined(_WIN32)
+#error "Platform entropy sources only work on Unix and Windows, see MBEDTLS_NO_PLATFORM_ENTROPY in config.h"
+#endif
+
+#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+
+#if !defined(_WIN32_WINNT)
+#define _WIN32_WINNT 0x0400
+#endif
+#include <windows.h>
+#include <wincrypt.h>
+
+int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len,
+                           size_t *olen )
+{
+    HCRYPTPROV provider;
+    ((void) data);
+    *olen = 0;
+
+    if( CryptAcquireContext( &provider, NULL, NULL,
+                              PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE )
+    {
+        return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
+    }
+
+    if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE )
+    {
+        CryptReleaseContext( provider, 0 );
+        return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
+    }
+
+    CryptReleaseContext( provider, 0 );
+    *olen = len;
+
+    return( 0 );
+}
+#else /* _WIN32 && !EFIX64 && !EFI32 */
+
+/*
+ * Test for Linux getrandom() support.
+ * Since there is no wrapper in the libc yet, use the generic syscall wrapper
+ * available in GNU libc and compatible libc's (eg uClibc).
+ */
+#if defined(__linux__) && defined(__GLIBC__)
+#include <unistd.h>
+#include <sys/syscall.h>
+#if defined(SYS_getrandom)
+#define HAVE_GETRANDOM
+
+static int getrandom_wrapper( void *buf, size_t buflen, unsigned int flags )
+{
+    /* MemSan cannot understand that the syscall writes to the buffer */
+#if defined(__has_feature)
+#if __has_feature(memory_sanitizer)
+    memset( buf, 0, buflen );
+#endif
+#endif
+
+    return( syscall( SYS_getrandom, buf, buflen, flags ) );
+}
+
+#include <sys/utsname.h>
+/* Check if version is at least 3.17.0 */
+static int check_version_3_17_plus( void )
+{
+    int minor;
+    struct utsname un;
+    const char *ver;
+
+    /* Get version information */
+    uname(&un);
+    ver = un.release;
+
+    /* Check major version; assume a single digit */
+    if( ver[0] < '3' || ver[0] > '9' || ver [1] != '.' )
+        return( -1 );
+
+    if( ver[0] - '0' > 3 )
+        return( 0 );
+
+    /* Ok, so now we know major == 3, check minor.
+     * Assume 1 or 2 digits. */
+    if( ver[2] < '0' || ver[2] > '9' )
+        return( -1 );
+
+    minor = ver[2] - '0';
+
+    if( ver[3] >= '0' && ver[3] <= '9' )
+        minor = 10 * minor + ver[3] - '0';
+    else if( ver [3] != '.' )
+        return( -1 );
+
+    if( minor < 17 )
+        return( -1 );
+
+    return( 0 );
+}
+static int has_getrandom = -1;
+#endif /* SYS_getrandom */
+#endif /* __linux__ */
+
+#include <stdio.h>
+
+int mbedtls_platform_entropy_poll( void *data,
+                           unsigned char *output, size_t len, size_t *olen )
+{
+    FILE *file;
+    size_t read_len;
+    ((void) data);
+
+#if defined(HAVE_GETRANDOM)
+    if( has_getrandom == -1 )
+        has_getrandom = ( check_version_3_17_plus() == 0 );
+
+    if( has_getrandom )
+    {
+        int ret;
+
+        if( ( ret = getrandom_wrapper( output, len, 0 ) ) < 0 )
+            return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
+
+        *olen = ret;
+        return( 0 );
+    }
+#endif /* HAVE_GETRANDOM */
+
+    *olen = 0;
+
+    file = fopen( "/dev/urandom", "rb" );
+    if( file == NULL )
+        return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
+
+    read_len = fread( output, 1, len, file );
+    if( read_len != len )
+    {
+        fclose( file );
+        return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
+    }
+
+    fclose( file );
+    *olen = len;
+
+    return( 0 );
+}
+#endif /* _WIN32 && !EFIX64 && !EFI32 */
+#endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */
+
+#if defined(MBEDTLS_TEST_NULL_ENTROPY)
+int mbedtls_null_entropy_poll( void *data,
+                    unsigned char *output, size_t len, size_t *olen )
+{
+    ((void) data);
+    ((void) output);
+    *olen = 0;
+
+    if( len < sizeof(unsigned char) )
+        return( 0 );
+
+    *olen = sizeof(unsigned char);
+
+    return( 0 );
+}
+#endif
+
+#if defined(MBEDTLS_TIMING_C)
+int mbedtls_hardclock_poll( void *data,
+                    unsigned char *output, size_t len, size_t *olen )
+{
+    unsigned long timer = mbedtls_timing_hardclock();
+    ((void) data);
+    *olen = 0;
+
+    if( len < sizeof(unsigned long) )
+        return( 0 );
+
+    memcpy( output, &timer, sizeof(unsigned long) );
+    *olen = sizeof(unsigned long);
+
+    return( 0 );
+}
+#endif /* MBEDTLS_TIMING_C */
+
+#if defined(MBEDTLS_HAVEGE_C)
+int mbedtls_havege_poll( void *data,
+                 unsigned char *output, size_t len, size_t *olen )
+{
+    mbedtls_havege_state *hs = (mbedtls_havege_state *) data;
+    *olen = 0;
+
+    if( mbedtls_havege_random( hs, output, len ) != 0 )
+        return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
+
+    *olen = len;
+
+    return( 0 );
+}
+#endif /* MBEDTLS_HAVEGE_C */
+
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+int mbedtls_nv_seed_poll( void *data,
+                          unsigned char *output, size_t len, size_t *olen )
+{
+    unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
+    size_t use_len = MBEDTLS_ENTROPY_BLOCK_SIZE;
+    ((void) data);
+
+    memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
+
+    if( mbedtls_nv_seed_read( buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) < 0 )
+      return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
+
+    if( len < use_len )
+      use_len = len;
+
+    memcpy( output, buf, use_len );
+    *olen = use_len;
+
+    return( 0 );
+}
+#endif /* MBEDTLS_ENTROPY_NV_SEED */
+
+#endif /* MBEDTLS_ENTROPY_C */
diff --git a/thirdparty/mbedtls/library/error.c b/thirdparty/mbedtls/library/error.c
new file mode 100644
index 0000000000..0292480aee
--- /dev/null
+++ b/thirdparty/mbedtls/library/error.c
@@ -0,0 +1,822 @@
+/*
+ *  Error message information
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_ERROR_C) || defined(MBEDTLS_ERROR_STRERROR_DUMMY)
+#include "mbedtls/error.h"
+#include <string.h>
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#define mbedtls_snprintf snprintf
+#define mbedtls_time_t   time_t
+#endif
+
+#if defined(MBEDTLS_ERROR_C)
+
+#include <stdio.h>
+
+#if defined(MBEDTLS_AES_C)
+#include "mbedtls/aes.h"
+#endif
+
+#if defined(MBEDTLS_ARC4_C)
+#include "mbedtls/arc4.h"
+#endif
+
+#if defined(MBEDTLS_BASE64_C)
+#include "mbedtls/base64.h"
+#endif
+
+#if defined(MBEDTLS_BIGNUM_C)
+#include "mbedtls/bignum.h"
+#endif
+
+#if defined(MBEDTLS_BLOWFISH_C)
+#include "mbedtls/blowfish.h"
+#endif
+
+#if defined(MBEDTLS_CAMELLIA_C)
+#include "mbedtls/camellia.h"
+#endif
+
+#if defined(MBEDTLS_CCM_C)
+#include "mbedtls/ccm.h"
+#endif
+
+#if defined(MBEDTLS_CIPHER_C)
+#include "mbedtls/cipher.h"
+#endif
+
+#if defined(MBEDTLS_CMAC_C)
+#include "mbedtls/cmac.h"
+#endif
+
+#if defined(MBEDTLS_CTR_DRBG_C)
+#include "mbedtls/ctr_drbg.h"
+#endif
+
+#if defined(MBEDTLS_DES_C)
+#include "mbedtls/des.h"
+#endif
+
+#if defined(MBEDTLS_DHM_C)
+#include "mbedtls/dhm.h"
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+#include "mbedtls/ecp.h"
+#endif
+
+#if defined(MBEDTLS_ENTROPY_C)
+#include "mbedtls/entropy.h"
+#endif
+
+#if defined(MBEDTLS_GCM_C)
+#include "mbedtls/gcm.h"
+#endif
+
+#if defined(MBEDTLS_HMAC_DRBG_C)
+#include "mbedtls/hmac_drbg.h"
+#endif
+
+#if defined(MBEDTLS_MD_C)
+#include "mbedtls/md.h"
+#endif
+
+#if defined(MBEDTLS_MD2_C)
+#include "mbedtls/md2.h"
+#endif
+
+#if defined(MBEDTLS_MD4_C)
+#include "mbedtls/md4.h"
+#endif
+
+#if defined(MBEDTLS_MD5_C)
+#include "mbedtls/md5.h"
+#endif
+
+#if defined(MBEDTLS_NET_C)
+#include "mbedtls/net_sockets.h"
+#endif
+
+#if defined(MBEDTLS_OID_C)
+#include "mbedtls/oid.h"
+#endif
+
+#if defined(MBEDTLS_PADLOCK_C)
+#include "mbedtls/padlock.h"
+#endif
+
+#if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C)
+#include "mbedtls/pem.h"
+#endif
+
+#if defined(MBEDTLS_PK_C)
+#include "mbedtls/pk.h"
+#endif
+
+#if defined(MBEDTLS_PKCS12_C)
+#include "mbedtls/pkcs12.h"
+#endif
+
+#if defined(MBEDTLS_PKCS5_C)
+#include "mbedtls/pkcs5.h"
+#endif
+
+#if defined(MBEDTLS_RIPEMD160_C)
+#include "mbedtls/ripemd160.h"
+#endif
+
+#if defined(MBEDTLS_RSA_C)
+#include "mbedtls/rsa.h"
+#endif
+
+#if defined(MBEDTLS_SHA1_C)
+#include "mbedtls/sha1.h"
+#endif
+
+#if defined(MBEDTLS_SHA256_C)
+#include "mbedtls/sha256.h"
+#endif
+
+#if defined(MBEDTLS_SHA512_C)
+#include "mbedtls/sha512.h"
+#endif
+
+#if defined(MBEDTLS_SSL_TLS_C)
+#include "mbedtls/ssl.h"
+#endif
+
+#if defined(MBEDTLS_THREADING_C)
+#include "mbedtls/threading.h"
+#endif
+
+#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
+#include "mbedtls/x509.h"
+#endif
+
+#if defined(MBEDTLS_XTEA_C)
+#include "mbedtls/xtea.h"
+#endif
+
+
+void mbedtls_strerror( int ret, char *buf, size_t buflen )
+{
+    size_t len;
+    int use_ret;
+
+    if( buflen == 0 )
+        return;
+
+    memset( buf, 0x00, buflen );
+
+    if( ret < 0 )
+        ret = -ret;
+
+    if( ret & 0xFF80 )
+    {
+        use_ret = ret & 0xFF80;
+
+        // High level error codes
+        //
+        // BEGIN generated code
+#if defined(MBEDTLS_CIPHER_C)
+        if( use_ret == -(MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE) )
+            mbedtls_snprintf( buf, buflen, "CIPHER - The selected feature is not available" );
+        if( use_ret == -(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA) )
+            mbedtls_snprintf( buf, buflen, "CIPHER - Bad input parameters" );
+        if( use_ret == -(MBEDTLS_ERR_CIPHER_ALLOC_FAILED) )
+            mbedtls_snprintf( buf, buflen, "CIPHER - Failed to allocate memory" );
+        if( use_ret == -(MBEDTLS_ERR_CIPHER_INVALID_PADDING) )
+            mbedtls_snprintf( buf, buflen, "CIPHER - Input data contains invalid padding and is rejected" );
+        if( use_ret == -(MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED) )
+            mbedtls_snprintf( buf, buflen, "CIPHER - Decryption of block requires a full block" );
+        if( use_ret == -(MBEDTLS_ERR_CIPHER_AUTH_FAILED) )
+            mbedtls_snprintf( buf, buflen, "CIPHER - Authentication failed (for AEAD modes)" );
+        if( use_ret == -(MBEDTLS_ERR_CIPHER_INVALID_CONTEXT) )
+            mbedtls_snprintf( buf, buflen, "CIPHER - The context is invalid. For example, because it was freed" );
+        if( use_ret == -(MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED) )
+            mbedtls_snprintf( buf, buflen, "CIPHER - Cipher hardware accelerator failed" );
+#endif /* MBEDTLS_CIPHER_C */
+
+#if defined(MBEDTLS_DHM_C)
+        if( use_ret == -(MBEDTLS_ERR_DHM_BAD_INPUT_DATA) )
+            mbedtls_snprintf( buf, buflen, "DHM - Bad input parameters" );
+        if( use_ret == -(MBEDTLS_ERR_DHM_READ_PARAMS_FAILED) )
+            mbedtls_snprintf( buf, buflen, "DHM - Reading of the DHM parameters failed" );
+        if( use_ret == -(MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED) )
+            mbedtls_snprintf( buf, buflen, "DHM - Making of the DHM parameters failed" );
+        if( use_ret == -(MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED) )
+            mbedtls_snprintf( buf, buflen, "DHM - Reading of the public values failed" );
+        if( use_ret == -(MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED) )
+            mbedtls_snprintf( buf, buflen, "DHM - Making of the public value failed" );
+        if( use_ret == -(MBEDTLS_ERR_DHM_CALC_SECRET_FAILED) )
+            mbedtls_snprintf( buf, buflen, "DHM - Calculation of the DHM secret failed" );
+        if( use_ret == -(MBEDTLS_ERR_DHM_INVALID_FORMAT) )
+            mbedtls_snprintf( buf, buflen, "DHM - The ASN.1 data is not formatted correctly" );
+        if( use_ret == -(MBEDTLS_ERR_DHM_ALLOC_FAILED) )
+            mbedtls_snprintf( buf, buflen, "DHM - Allocation of memory failed" );
+        if( use_ret == -(MBEDTLS_ERR_DHM_FILE_IO_ERROR) )
+            mbedtls_snprintf( buf, buflen, "DHM - Read or write of file failed" );
+        if( use_ret == -(MBEDTLS_ERR_DHM_HW_ACCEL_FAILED) )
+            mbedtls_snprintf( buf, buflen, "DHM - DHM hardware accelerator failed" );
+        if( use_ret == -(MBEDTLS_ERR_DHM_SET_GROUP_FAILED) )
+            mbedtls_snprintf( buf, buflen, "DHM - Setting the modulus and generator failed" );
+#endif /* MBEDTLS_DHM_C */
+
+#if defined(MBEDTLS_ECP_C)
+        if( use_ret == -(MBEDTLS_ERR_ECP_BAD_INPUT_DATA) )
+            mbedtls_snprintf( buf, buflen, "ECP - Bad input parameters to function" );
+        if( use_ret == -(MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL) )
+            mbedtls_snprintf( buf, buflen, "ECP - The buffer is too small to write to" );
+        if( use_ret == -(MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE) )
+            mbedtls_snprintf( buf, buflen, "ECP - Requested curve not available" );
+        if( use_ret == -(MBEDTLS_ERR_ECP_VERIFY_FAILED) )
+            mbedtls_snprintf( buf, buflen, "ECP - The signature is not valid" );
+        if( use_ret == -(MBEDTLS_ERR_ECP_ALLOC_FAILED) )
+            mbedtls_snprintf( buf, buflen, "ECP - Memory allocation failed" );
+        if( use_ret == -(MBEDTLS_ERR_ECP_RANDOM_FAILED) )
+            mbedtls_snprintf( buf, buflen, "ECP - Generation of random value, such as (ephemeral) key, failed" );
+        if( use_ret == -(MBEDTLS_ERR_ECP_INVALID_KEY) )
+            mbedtls_snprintf( buf, buflen, "ECP - Invalid private or public key" );
+        if( use_ret == -(MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH) )
+            mbedtls_snprintf( buf, buflen, "ECP - Signature is valid but shorter than the user-supplied length" );
+        if( use_ret == -(MBEDTLS_ERR_ECP_HW_ACCEL_FAILED) )
+            mbedtls_snprintf( buf, buflen, "ECP - ECP hardware accelerator failed" );
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_MD_C)
+        if( use_ret == -(MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE) )
+            mbedtls_snprintf( buf, buflen, "MD - The selected feature is not available" );
+        if( use_ret == -(MBEDTLS_ERR_MD_BAD_INPUT_DATA) )
+            mbedtls_snprintf( buf, buflen, "MD - Bad input parameters to function" );
+        if( use_ret == -(MBEDTLS_ERR_MD_ALLOC_FAILED) )
+            mbedtls_snprintf( buf, buflen, "MD - Failed to allocate memory" );
+        if( use_ret == -(MBEDTLS_ERR_MD_FILE_IO_ERROR) )
+            mbedtls_snprintf( buf, buflen, "MD - Opening or reading of file failed" );
+        if( use_ret == -(MBEDTLS_ERR_MD_HW_ACCEL_FAILED) )
+            mbedtls_snprintf( buf, buflen, "MD - MD hardware accelerator failed" );
+#endif /* MBEDTLS_MD_C */
+
+#if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C)
+        if( use_ret == -(MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) )
+            mbedtls_snprintf( buf, buflen, "PEM - No PEM header or footer found" );
+        if( use_ret == -(MBEDTLS_ERR_PEM_INVALID_DATA) )
+            mbedtls_snprintf( buf, buflen, "PEM - PEM string is not as expected" );
+        if( use_ret == -(MBEDTLS_ERR_PEM_ALLOC_FAILED) )
+            mbedtls_snprintf( buf, buflen, "PEM - Failed to allocate memory" );
+        if( use_ret == -(MBEDTLS_ERR_PEM_INVALID_ENC_IV) )
+            mbedtls_snprintf( buf, buflen, "PEM - RSA IV is not in hex-format" );
+        if( use_ret == -(MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG) )
+            mbedtls_snprintf( buf, buflen, "PEM - Unsupported key encryption algorithm" );
+        if( use_ret == -(MBEDTLS_ERR_PEM_PASSWORD_REQUIRED) )
+            mbedtls_snprintf( buf, buflen, "PEM - Private key password can't be empty" );
+        if( use_ret == -(MBEDTLS_ERR_PEM_PASSWORD_MISMATCH) )
+            mbedtls_snprintf( buf, buflen, "PEM - Given private key password does not allow for correct decryption" );
+        if( use_ret == -(MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE) )
+            mbedtls_snprintf( buf, buflen, "PEM - Unavailable feature, e.g. hashing/encryption combination" );
+        if( use_ret == -(MBEDTLS_ERR_PEM_BAD_INPUT_DATA) )
+            mbedtls_snprintf( buf, buflen, "PEM - Bad input parameters to function" );
+#endif /* MBEDTLS_PEM_PARSE_C || MBEDTLS_PEM_WRITE_C */
+
+#if defined(MBEDTLS_PK_C)
+        if( use_ret == -(MBEDTLS_ERR_PK_ALLOC_FAILED) )
+            mbedtls_snprintf( buf, buflen, "PK - Memory allocation failed" );
+        if( use_ret == -(MBEDTLS_ERR_PK_TYPE_MISMATCH) )
+            mbedtls_snprintf( buf, buflen, "PK - Type mismatch, eg attempt to encrypt with an ECDSA key" );
+        if( use_ret == -(MBEDTLS_ERR_PK_BAD_INPUT_DATA) )
+            mbedtls_snprintf( buf, buflen, "PK - Bad input parameters to function" );
+        if( use_ret == -(MBEDTLS_ERR_PK_FILE_IO_ERROR) )
+            mbedtls_snprintf( buf, buflen, "PK - Read/write of file failed" );
+        if( use_ret == -(MBEDTLS_ERR_PK_KEY_INVALID_VERSION) )
+            mbedtls_snprintf( buf, buflen, "PK - Unsupported key version" );
+        if( use_ret == -(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT) )
+            mbedtls_snprintf( buf, buflen, "PK - Invalid key tag or value" );
+        if( use_ret == -(MBEDTLS_ERR_PK_UNKNOWN_PK_ALG) )
+            mbedtls_snprintf( buf, buflen, "PK - Key algorithm is unsupported (only RSA and EC are supported)" );
+        if( use_ret == -(MBEDTLS_ERR_PK_PASSWORD_REQUIRED) )
+            mbedtls_snprintf( buf, buflen, "PK - Private key password can't be empty" );
+        if( use_ret == -(MBEDTLS_ERR_PK_PASSWORD_MISMATCH) )
+            mbedtls_snprintf( buf, buflen, "PK - Given private key password does not allow for correct decryption" );
+        if( use_ret == -(MBEDTLS_ERR_PK_INVALID_PUBKEY) )
+            mbedtls_snprintf( buf, buflen, "PK - The pubkey tag or value is invalid (only RSA and EC are supported)" );
+        if( use_ret == -(MBEDTLS_ERR_PK_INVALID_ALG) )
+            mbedtls_snprintf( buf, buflen, "PK - The algorithm tag or value is invalid" );
+        if( use_ret == -(MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE) )
+            mbedtls_snprintf( buf, buflen, "PK - Elliptic curve is unsupported (only NIST curves are supported)" );
+        if( use_ret == -(MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE) )
+            mbedtls_snprintf( buf, buflen, "PK - Unavailable feature, e.g. RSA disabled for RSA key" );
+        if( use_ret == -(MBEDTLS_ERR_PK_SIG_LEN_MISMATCH) )
+            mbedtls_snprintf( buf, buflen, "PK - The signature is valid but its length is less than expected" );
+        if( use_ret == -(MBEDTLS_ERR_PK_HW_ACCEL_FAILED) )
+            mbedtls_snprintf( buf, buflen, "PK - PK hardware accelerator failed" );
+#endif /* MBEDTLS_PK_C */
+
+#if defined(MBEDTLS_PKCS12_C)
+        if( use_ret == -(MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA) )
+            mbedtls_snprintf( buf, buflen, "PKCS12 - Bad input parameters to function" );
+        if( use_ret == -(MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE) )
+            mbedtls_snprintf( buf, buflen, "PKCS12 - Feature not available, e.g. unsupported encryption scheme" );
+        if( use_ret == -(MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT) )
+            mbedtls_snprintf( buf, buflen, "PKCS12 - PBE ASN.1 data not as expected" );
+        if( use_ret == -(MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH) )
+            mbedtls_snprintf( buf, buflen, "PKCS12 - Given private key password does not allow for correct decryption" );
+#endif /* MBEDTLS_PKCS12_C */
+
+#if defined(MBEDTLS_PKCS5_C)
+        if( use_ret == -(MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA) )
+            mbedtls_snprintf( buf, buflen, "PKCS5 - Bad input parameters to function" );
+        if( use_ret == -(MBEDTLS_ERR_PKCS5_INVALID_FORMAT) )
+            mbedtls_snprintf( buf, buflen, "PKCS5 - Unexpected ASN.1 data" );
+        if( use_ret == -(MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE) )
+            mbedtls_snprintf( buf, buflen, "PKCS5 - Requested encryption or digest alg not available" );
+        if( use_ret == -(MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH) )
+            mbedtls_snprintf( buf, buflen, "PKCS5 - Given private key password does not allow for correct decryption" );
+#endif /* MBEDTLS_PKCS5_C */
+
+#if defined(MBEDTLS_RSA_C)
+        if( use_ret == -(MBEDTLS_ERR_RSA_BAD_INPUT_DATA) )
+            mbedtls_snprintf( buf, buflen, "RSA - Bad input parameters to function" );
+        if( use_ret == -(MBEDTLS_ERR_RSA_INVALID_PADDING) )
+            mbedtls_snprintf( buf, buflen, "RSA - Input data contains invalid padding and is rejected" );
+        if( use_ret == -(MBEDTLS_ERR_RSA_KEY_GEN_FAILED) )
+            mbedtls_snprintf( buf, buflen, "RSA - Something failed during generation of a key" );
+        if( use_ret == -(MBEDTLS_ERR_RSA_KEY_CHECK_FAILED) )
+            mbedtls_snprintf( buf, buflen, "RSA - Key failed to pass the validity check of the library" );
+        if( use_ret == -(MBEDTLS_ERR_RSA_PUBLIC_FAILED) )
+            mbedtls_snprintf( buf, buflen, "RSA - The public key operation failed" );
+        if( use_ret == -(MBEDTLS_ERR_RSA_PRIVATE_FAILED) )
+            mbedtls_snprintf( buf, buflen, "RSA - The private key operation failed" );
+        if( use_ret == -(MBEDTLS_ERR_RSA_VERIFY_FAILED) )
+            mbedtls_snprintf( buf, buflen, "RSA - The PKCS#1 verification failed" );
+        if( use_ret == -(MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE) )
+            mbedtls_snprintf( buf, buflen, "RSA - The output buffer for decryption is not large enough" );
+        if( use_ret == -(MBEDTLS_ERR_RSA_RNG_FAILED) )
+            mbedtls_snprintf( buf, buflen, "RSA - The random generator failed to generate non-zeros" );
+        if( use_ret == -(MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION) )
+            mbedtls_snprintf( buf, buflen, "RSA - The implementation does not offer the requested operation, for example, because of security violations or lack of functionality" );
+        if( use_ret == -(MBEDTLS_ERR_RSA_HW_ACCEL_FAILED) )
+            mbedtls_snprintf( buf, buflen, "RSA - RSA hardware accelerator failed" );
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_SSL_TLS_C)
+        if( use_ret == -(MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE) )
+            mbedtls_snprintf( buf, buflen, "SSL - The requested feature is not available" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_BAD_INPUT_DATA) )
+            mbedtls_snprintf( buf, buflen, "SSL - Bad input parameters to function" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_INVALID_MAC) )
+            mbedtls_snprintf( buf, buflen, "SSL - Verification of the message MAC failed" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_INVALID_RECORD) )
+            mbedtls_snprintf( buf, buflen, "SSL - An invalid SSL record was received" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_CONN_EOF) )
+            mbedtls_snprintf( buf, buflen, "SSL - The connection indicated an EOF" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_UNKNOWN_CIPHER) )
+            mbedtls_snprintf( buf, buflen, "SSL - An unknown cipher was received" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN) )
+            mbedtls_snprintf( buf, buflen, "SSL - The server has no ciphersuites in common with the client" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_NO_RNG) )
+            mbedtls_snprintf( buf, buflen, "SSL - No RNG was provided to the SSL module" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE) )
+            mbedtls_snprintf( buf, buflen, "SSL - No client certification received from the client, but required by the authentication mode" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE) )
+            mbedtls_snprintf( buf, buflen, "SSL - Our own certificate(s) is/are too large to send in an SSL message" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED) )
+            mbedtls_snprintf( buf, buflen, "SSL - The own certificate is not set, but needed by the server" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED) )
+            mbedtls_snprintf( buf, buflen, "SSL - The own private key or pre-shared key is not set, but needed" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED) )
+            mbedtls_snprintf( buf, buflen, "SSL - No CA Chain is set, but required to operate" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE) )
+            mbedtls_snprintf( buf, buflen, "SSL - An unexpected message was received from our peer" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE) )
+        {
+            mbedtls_snprintf( buf, buflen, "SSL - A fatal alert message was received from our peer" );
+            return;
+        }
+        if( use_ret == -(MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED) )
+            mbedtls_snprintf( buf, buflen, "SSL - Verification of our peer failed" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY) )
+            mbedtls_snprintf( buf, buflen, "SSL - The peer notified us that the connection is going to be closed" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO) )
+            mbedtls_snprintf( buf, buflen, "SSL - Processing of the ClientHello handshake message failed" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO) )
+            mbedtls_snprintf( buf, buflen, "SSL - Processing of the ServerHello handshake message failed" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE) )
+            mbedtls_snprintf( buf, buflen, "SSL - Processing of the Certificate handshake message failed" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST) )
+            mbedtls_snprintf( buf, buflen, "SSL - Processing of the CertificateRequest handshake message failed" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE) )
+            mbedtls_snprintf( buf, buflen, "SSL - Processing of the ServerKeyExchange handshake message failed" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE) )
+            mbedtls_snprintf( buf, buflen, "SSL - Processing of the ServerHelloDone handshake message failed" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE) )
+            mbedtls_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP) )
+            mbedtls_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS) )
+            mbedtls_snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY) )
+            mbedtls_snprintf( buf, buflen, "SSL - Processing of the CertificateVerify handshake message failed" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC) )
+            mbedtls_snprintf( buf, buflen, "SSL - Processing of the ChangeCipherSpec handshake message failed" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_FINISHED) )
+            mbedtls_snprintf( buf, buflen, "SSL - Processing of the Finished handshake message failed" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_ALLOC_FAILED) )
+            mbedtls_snprintf( buf, buflen, "SSL - Memory allocation failed" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_HW_ACCEL_FAILED) )
+            mbedtls_snprintf( buf, buflen, "SSL - Hardware acceleration function returned with error" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH) )
+            mbedtls_snprintf( buf, buflen, "SSL - Hardware acceleration function skipped / left alone data" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_COMPRESSION_FAILED) )
+            mbedtls_snprintf( buf, buflen, "SSL - Processing of the compression / decompression failed" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION) )
+            mbedtls_snprintf( buf, buflen, "SSL - Handshake protocol not within min/max boundaries" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET) )
+            mbedtls_snprintf( buf, buflen, "SSL - Processing of the NewSessionTicket handshake message failed" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED) )
+            mbedtls_snprintf( buf, buflen, "SSL - Session ticket has expired" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH) )
+            mbedtls_snprintf( buf, buflen, "SSL - Public key type mismatch (eg, asked for RSA key exchange and presented EC key)" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY) )
+            mbedtls_snprintf( buf, buflen, "SSL - Unknown identity received (eg, PSK identity)" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_INTERNAL_ERROR) )
+            mbedtls_snprintf( buf, buflen, "SSL - Internal error (eg, unexpected failure in lower-level module)" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_COUNTER_WRAPPING) )
+            mbedtls_snprintf( buf, buflen, "SSL - A counter would wrap (eg, too many messages exchanged)" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO) )
+            mbedtls_snprintf( buf, buflen, "SSL - Unexpected message at ServerHello in renegotiation" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) )
+            mbedtls_snprintf( buf, buflen, "SSL - DTLS client must retry for hello verification" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) )
+            mbedtls_snprintf( buf, buflen, "SSL - A buffer is too small to receive or write a message" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE) )
+            mbedtls_snprintf( buf, buflen, "SSL - None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages)" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_WANT_READ) )
+            mbedtls_snprintf( buf, buflen, "SSL - Connection requires a read call" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_WANT_WRITE) )
+            mbedtls_snprintf( buf, buflen, "SSL - Connection requires a write call" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_TIMEOUT) )
+            mbedtls_snprintf( buf, buflen, "SSL - The operation timed out" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_CLIENT_RECONNECT) )
+            mbedtls_snprintf( buf, buflen, "SSL - The client initiated a reconnect from the same port" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_UNEXPECTED_RECORD) )
+            mbedtls_snprintf( buf, buflen, "SSL - Record header looks valid but is not expected" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_NON_FATAL) )
+            mbedtls_snprintf( buf, buflen, "SSL - The alert message received indicates a non-fatal error" );
+        if( use_ret == -(MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH) )
+            mbedtls_snprintf( buf, buflen, "SSL - Couldn't set the hash for verifying CertificateVerify" );
+#endif /* MBEDTLS_SSL_TLS_C */
+
+#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
+        if( use_ret == -(MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE) )
+            mbedtls_snprintf( buf, buflen, "X509 - Unavailable feature, e.g. RSA hashing/encryption combination" );
+        if( use_ret == -(MBEDTLS_ERR_X509_UNKNOWN_OID) )
+            mbedtls_snprintf( buf, buflen, "X509 - Requested OID is unknown" );
+        if( use_ret == -(MBEDTLS_ERR_X509_INVALID_FORMAT) )
+            mbedtls_snprintf( buf, buflen, "X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected" );
+        if( use_ret == -(MBEDTLS_ERR_X509_INVALID_VERSION) )
+            mbedtls_snprintf( buf, buflen, "X509 - The CRT/CRL/CSR version element is invalid" );
+        if( use_ret == -(MBEDTLS_ERR_X509_INVALID_SERIAL) )
+            mbedtls_snprintf( buf, buflen, "X509 - The serial tag or value is invalid" );
+        if( use_ret == -(MBEDTLS_ERR_X509_INVALID_ALG) )
+            mbedtls_snprintf( buf, buflen, "X509 - The algorithm tag or value is invalid" );
+        if( use_ret == -(MBEDTLS_ERR_X509_INVALID_NAME) )
+            mbedtls_snprintf( buf, buflen, "X509 - The name tag or value is invalid" );
+        if( use_ret == -(MBEDTLS_ERR_X509_INVALID_DATE) )
+            mbedtls_snprintf( buf, buflen, "X509 - The date tag or value is invalid" );
+        if( use_ret == -(MBEDTLS_ERR_X509_INVALID_SIGNATURE) )
+            mbedtls_snprintf( buf, buflen, "X509 - The signature tag or value invalid" );
+        if( use_ret == -(MBEDTLS_ERR_X509_INVALID_EXTENSIONS) )
+            mbedtls_snprintf( buf, buflen, "X509 - The extension tag or value is invalid" );
+        if( use_ret == -(MBEDTLS_ERR_X509_UNKNOWN_VERSION) )
+            mbedtls_snprintf( buf, buflen, "X509 - CRT/CRL/CSR has an unsupported version number" );
+        if( use_ret == -(MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG) )
+            mbedtls_snprintf( buf, buflen, "X509 - Signature algorithm (oid) is unsupported" );
+        if( use_ret == -(MBEDTLS_ERR_X509_SIG_MISMATCH) )
+            mbedtls_snprintf( buf, buflen, "X509 - Signature algorithms do not match. (see \\c ::mbedtls_x509_crt sig_oid)" );
+        if( use_ret == -(MBEDTLS_ERR_X509_CERT_VERIFY_FAILED) )
+            mbedtls_snprintf( buf, buflen, "X509 - Certificate verification failed, e.g. CRL, CA or signature check failed" );
+        if( use_ret == -(MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT) )
+            mbedtls_snprintf( buf, buflen, "X509 - Format not recognized as DER or PEM" );
+        if( use_ret == -(MBEDTLS_ERR_X509_BAD_INPUT_DATA) )
+            mbedtls_snprintf( buf, buflen, "X509 - Input invalid" );
+        if( use_ret == -(MBEDTLS_ERR_X509_ALLOC_FAILED) )
+            mbedtls_snprintf( buf, buflen, "X509 - Allocation of memory failed" );
+        if( use_ret == -(MBEDTLS_ERR_X509_FILE_IO_ERROR) )
+            mbedtls_snprintf( buf, buflen, "X509 - Read/write of file failed" );
+        if( use_ret == -(MBEDTLS_ERR_X509_BUFFER_TOO_SMALL) )
+            mbedtls_snprintf( buf, buflen, "X509 - Destination buffer is too small" );
+        if( use_ret == -(MBEDTLS_ERR_X509_FATAL_ERROR) )
+            mbedtls_snprintf( buf, buflen, "X509 - A fatal error occured, eg the chain is too long or the vrfy callback failed" );
+#endif /* MBEDTLS_X509_USE_C || MBEDTLS_X509_CREATE_C */
+        // END generated code
+
+        if( strlen( buf ) == 0 )
+            mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret );
+    }
+
+    use_ret = ret & ~0xFF80;
+
+    if( use_ret == 0 )
+        return;
+
+    // If high level code is present, make a concatenation between both
+    // error strings.
+    //
+    len = strlen( buf );
+
+    if( len > 0 )
+    {
+        if( buflen - len < 5 )
+            return;
+
+        mbedtls_snprintf( buf + len, buflen - len, " : " );
+
+        buf += len + 3;
+        buflen -= len + 3;
+    }
+
+    // Low level error codes
+    //
+    // BEGIN generated code
+#if defined(MBEDTLS_AES_C)
+    if( use_ret == -(MBEDTLS_ERR_AES_INVALID_KEY_LENGTH) )
+        mbedtls_snprintf( buf, buflen, "AES - Invalid key length" );
+    if( use_ret == -(MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH) )
+        mbedtls_snprintf( buf, buflen, "AES - Invalid data input length" );
+    if( use_ret == -(MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE) )
+        mbedtls_snprintf( buf, buflen, "AES - Feature not available. For example, an unsupported AES key size" );
+    if( use_ret == -(MBEDTLS_ERR_AES_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "AES - AES hardware accelerator failed" );
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_ARC4_C)
+    if( use_ret == -(MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "ARC4 - ARC4 hardware accelerator failed" );
+#endif /* MBEDTLS_ARC4_C */
+
+#if defined(MBEDTLS_ASN1_PARSE_C)
+    if( use_ret == -(MBEDTLS_ERR_ASN1_OUT_OF_DATA) )
+        mbedtls_snprintf( buf, buflen, "ASN1 - Out of data when parsing an ASN1 data structure" );
+    if( use_ret == -(MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) )
+        mbedtls_snprintf( buf, buflen, "ASN1 - ASN1 tag was of an unexpected value" );
+    if( use_ret == -(MBEDTLS_ERR_ASN1_INVALID_LENGTH) )
+        mbedtls_snprintf( buf, buflen, "ASN1 - Error when trying to determine the length or invalid length" );
+    if( use_ret == -(MBEDTLS_ERR_ASN1_LENGTH_MISMATCH) )
+        mbedtls_snprintf( buf, buflen, "ASN1 - Actual length differs from expected length" );
+    if( use_ret == -(MBEDTLS_ERR_ASN1_INVALID_DATA) )
+        mbedtls_snprintf( buf, buflen, "ASN1 - Data is invalid. (not used)" );
+    if( use_ret == -(MBEDTLS_ERR_ASN1_ALLOC_FAILED) )
+        mbedtls_snprintf( buf, buflen, "ASN1 - Memory allocation failed" );
+    if( use_ret == -(MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) )
+        mbedtls_snprintf( buf, buflen, "ASN1 - Buffer too small when writing ASN.1 data structure" );
+#endif /* MBEDTLS_ASN1_PARSE_C */
+
+#if defined(MBEDTLS_BASE64_C)
+    if( use_ret == -(MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL) )
+        mbedtls_snprintf( buf, buflen, "BASE64 - Output buffer too small" );
+    if( use_ret == -(MBEDTLS_ERR_BASE64_INVALID_CHARACTER) )
+        mbedtls_snprintf( buf, buflen, "BASE64 - Invalid character in input" );
+#endif /* MBEDTLS_BASE64_C */
+
+#if defined(MBEDTLS_BIGNUM_C)
+    if( use_ret == -(MBEDTLS_ERR_MPI_FILE_IO_ERROR) )
+        mbedtls_snprintf( buf, buflen, "BIGNUM - An error occurred while reading from or writing to a file" );
+    if( use_ret == -(MBEDTLS_ERR_MPI_BAD_INPUT_DATA) )
+        mbedtls_snprintf( buf, buflen, "BIGNUM - Bad input parameters to function" );
+    if( use_ret == -(MBEDTLS_ERR_MPI_INVALID_CHARACTER) )
+        mbedtls_snprintf( buf, buflen, "BIGNUM - There is an invalid character in the digit string" );
+    if( use_ret == -(MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL) )
+        mbedtls_snprintf( buf, buflen, "BIGNUM - The buffer is too small to write to" );
+    if( use_ret == -(MBEDTLS_ERR_MPI_NEGATIVE_VALUE) )
+        mbedtls_snprintf( buf, buflen, "BIGNUM - The input arguments are negative or result in illegal output" );
+    if( use_ret == -(MBEDTLS_ERR_MPI_DIVISION_BY_ZERO) )
+        mbedtls_snprintf( buf, buflen, "BIGNUM - The input argument for division is zero, which is not allowed" );
+    if( use_ret == -(MBEDTLS_ERR_MPI_NOT_ACCEPTABLE) )
+        mbedtls_snprintf( buf, buflen, "BIGNUM - The input arguments are not acceptable" );
+    if( use_ret == -(MBEDTLS_ERR_MPI_ALLOC_FAILED) )
+        mbedtls_snprintf( buf, buflen, "BIGNUM - Memory allocation failed" );
+#endif /* MBEDTLS_BIGNUM_C */
+
+#if defined(MBEDTLS_BLOWFISH_C)
+    if( use_ret == -(MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH) )
+        mbedtls_snprintf( buf, buflen, "BLOWFISH - Invalid key length" );
+    if( use_ret == -(MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "BLOWFISH - Blowfish hardware accelerator failed" );
+    if( use_ret == -(MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH) )
+        mbedtls_snprintf( buf, buflen, "BLOWFISH - Invalid data input length" );
+#endif /* MBEDTLS_BLOWFISH_C */
+
+#if defined(MBEDTLS_CAMELLIA_C)
+    if( use_ret == -(MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH) )
+        mbedtls_snprintf( buf, buflen, "CAMELLIA - Invalid key length" );
+    if( use_ret == -(MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH) )
+        mbedtls_snprintf( buf, buflen, "CAMELLIA - Invalid data input length" );
+    if( use_ret == -(MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "CAMELLIA - Camellia hardware accelerator failed" );
+#endif /* MBEDTLS_CAMELLIA_C */
+
+#if defined(MBEDTLS_CCM_C)
+    if( use_ret == -(MBEDTLS_ERR_CCM_BAD_INPUT) )
+        mbedtls_snprintf( buf, buflen, "CCM - Bad input parameters to the function" );
+    if( use_ret == -(MBEDTLS_ERR_CCM_AUTH_FAILED) )
+        mbedtls_snprintf( buf, buflen, "CCM - Authenticated decryption failed" );
+    if( use_ret == -(MBEDTLS_ERR_CCM_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "CCM - CCM hardware accelerator failed" );
+#endif /* MBEDTLS_CCM_C */
+
+#if defined(MBEDTLS_CMAC_C)
+    if( use_ret == -(MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "CMAC - CMAC hardware accelerator failed" );
+#endif /* MBEDTLS_CMAC_C */
+
+#if defined(MBEDTLS_CTR_DRBG_C)
+    if( use_ret == -(MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED) )
+        mbedtls_snprintf( buf, buflen, "CTR_DRBG - The entropy source failed" );
+    if( use_ret == -(MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG) )
+        mbedtls_snprintf( buf, buflen, "CTR_DRBG - The requested random buffer length is too big" );
+    if( use_ret == -(MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG) )
+        mbedtls_snprintf( buf, buflen, "CTR_DRBG - The input (entropy + additional data) is too large" );
+    if( use_ret == -(MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR) )
+        mbedtls_snprintf( buf, buflen, "CTR_DRBG - Read or write error in file" );
+#endif /* MBEDTLS_CTR_DRBG_C */
+
+#if defined(MBEDTLS_DES_C)
+    if( use_ret == -(MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH) )
+        mbedtls_snprintf( buf, buflen, "DES - The data input has an invalid length" );
+    if( use_ret == -(MBEDTLS_ERR_DES_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "DES - DES hardware accelerator failed" );
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_ENTROPY_C)
+    if( use_ret == -(MBEDTLS_ERR_ENTROPY_SOURCE_FAILED) )
+        mbedtls_snprintf( buf, buflen, "ENTROPY - Critical entropy source failure" );
+    if( use_ret == -(MBEDTLS_ERR_ENTROPY_MAX_SOURCES) )
+        mbedtls_snprintf( buf, buflen, "ENTROPY - No more sources can be added" );
+    if( use_ret == -(MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED) )
+        mbedtls_snprintf( buf, buflen, "ENTROPY - No sources have been added to poll" );
+    if( use_ret == -(MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE) )
+        mbedtls_snprintf( buf, buflen, "ENTROPY - No strong sources have been added to poll" );
+    if( use_ret == -(MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR) )
+        mbedtls_snprintf( buf, buflen, "ENTROPY - Read/write error in file" );
+#endif /* MBEDTLS_ENTROPY_C */
+
+#if defined(MBEDTLS_GCM_C)
+    if( use_ret == -(MBEDTLS_ERR_GCM_AUTH_FAILED) )
+        mbedtls_snprintf( buf, buflen, "GCM - Authenticated decryption failed" );
+    if( use_ret == -(MBEDTLS_ERR_GCM_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "GCM - GCM hardware accelerator failed" );
+    if( use_ret == -(MBEDTLS_ERR_GCM_BAD_INPUT) )
+        mbedtls_snprintf( buf, buflen, "GCM - Bad input parameters to function" );
+#endif /* MBEDTLS_GCM_C */
+
+#if defined(MBEDTLS_HMAC_DRBG_C)
+    if( use_ret == -(MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG) )
+        mbedtls_snprintf( buf, buflen, "HMAC_DRBG - Too many random requested in single call" );
+    if( use_ret == -(MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG) )
+        mbedtls_snprintf( buf, buflen, "HMAC_DRBG - Input too large (Entropy + additional)" );
+    if( use_ret == -(MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR) )
+        mbedtls_snprintf( buf, buflen, "HMAC_DRBG - Read/write error in file" );
+    if( use_ret == -(MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED) )
+        mbedtls_snprintf( buf, buflen, "HMAC_DRBG - The entropy source failed" );
+#endif /* MBEDTLS_HMAC_DRBG_C */
+
+#if defined(MBEDTLS_MD2_C)
+    if( use_ret == -(MBEDTLS_ERR_MD2_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "MD2 - MD2 hardware accelerator failed" );
+#endif /* MBEDTLS_MD2_C */
+
+#if defined(MBEDTLS_MD4_C)
+    if( use_ret == -(MBEDTLS_ERR_MD4_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "MD4 - MD4 hardware accelerator failed" );
+#endif /* MBEDTLS_MD4_C */
+
+#if defined(MBEDTLS_MD5_C)
+    if( use_ret == -(MBEDTLS_ERR_MD5_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "MD5 - MD5 hardware accelerator failed" );
+#endif /* MBEDTLS_MD5_C */
+
+#if defined(MBEDTLS_NET_C)
+    if( use_ret == -(MBEDTLS_ERR_NET_SOCKET_FAILED) )
+        mbedtls_snprintf( buf, buflen, "NET - Failed to open a socket" );
+    if( use_ret == -(MBEDTLS_ERR_NET_CONNECT_FAILED) )
+        mbedtls_snprintf( buf, buflen, "NET - The connection to the given server / port failed" );
+    if( use_ret == -(MBEDTLS_ERR_NET_BIND_FAILED) )
+        mbedtls_snprintf( buf, buflen, "NET - Binding of the socket failed" );
+    if( use_ret == -(MBEDTLS_ERR_NET_LISTEN_FAILED) )
+        mbedtls_snprintf( buf, buflen, "NET - Could not listen on the socket" );
+    if( use_ret == -(MBEDTLS_ERR_NET_ACCEPT_FAILED) )
+        mbedtls_snprintf( buf, buflen, "NET - Could not accept the incoming connection" );
+    if( use_ret == -(MBEDTLS_ERR_NET_RECV_FAILED) )
+        mbedtls_snprintf( buf, buflen, "NET - Reading information from the socket failed" );
+    if( use_ret == -(MBEDTLS_ERR_NET_SEND_FAILED) )
+        mbedtls_snprintf( buf, buflen, "NET - Sending information through the socket failed" );
+    if( use_ret == -(MBEDTLS_ERR_NET_CONN_RESET) )
+        mbedtls_snprintf( buf, buflen, "NET - Connection was reset by peer" );
+    if( use_ret == -(MBEDTLS_ERR_NET_UNKNOWN_HOST) )
+        mbedtls_snprintf( buf, buflen, "NET - Failed to get an IP address for the given hostname" );
+    if( use_ret == -(MBEDTLS_ERR_NET_BUFFER_TOO_SMALL) )
+        mbedtls_snprintf( buf, buflen, "NET - Buffer is too small to hold the data" );
+    if( use_ret == -(MBEDTLS_ERR_NET_INVALID_CONTEXT) )
+        mbedtls_snprintf( buf, buflen, "NET - The context is invalid, eg because it was free()ed" );
+#endif /* MBEDTLS_NET_C */
+
+#if defined(MBEDTLS_OID_C)
+    if( use_ret == -(MBEDTLS_ERR_OID_NOT_FOUND) )
+        mbedtls_snprintf( buf, buflen, "OID - OID is not found" );
+    if( use_ret == -(MBEDTLS_ERR_OID_BUF_TOO_SMALL) )
+        mbedtls_snprintf( buf, buflen, "OID - output buffer is too small" );
+#endif /* MBEDTLS_OID_C */
+
+#if defined(MBEDTLS_PADLOCK_C)
+    if( use_ret == -(MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED) )
+        mbedtls_snprintf( buf, buflen, "PADLOCK - Input data should be aligned" );
+#endif /* MBEDTLS_PADLOCK_C */
+
+#if defined(MBEDTLS_RIPEMD160_C)
+    if( use_ret == -(MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "RIPEMD160 - RIPEMD160 hardware accelerator failed" );
+#endif /* MBEDTLS_RIPEMD160_C */
+
+#if defined(MBEDTLS_SHA1_C)
+    if( use_ret == -(MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "SHA1 - SHA-1 hardware accelerator failed" );
+#endif /* MBEDTLS_SHA1_C */
+
+#if defined(MBEDTLS_SHA256_C)
+    if( use_ret == -(MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "SHA256 - SHA-256 hardware accelerator failed" );
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+    if( use_ret == -(MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "SHA512 - SHA-512 hardware accelerator failed" );
+#endif /* MBEDTLS_SHA512_C */
+
+#if defined(MBEDTLS_THREADING_C)
+    if( use_ret == -(MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE) )
+        mbedtls_snprintf( buf, buflen, "THREADING - The selected feature is not available" );
+    if( use_ret == -(MBEDTLS_ERR_THREADING_BAD_INPUT_DATA) )
+        mbedtls_snprintf( buf, buflen, "THREADING - Bad input parameters to function" );
+    if( use_ret == -(MBEDTLS_ERR_THREADING_MUTEX_ERROR) )
+        mbedtls_snprintf( buf, buflen, "THREADING - Locking / unlocking / free failed with error code" );
+#endif /* MBEDTLS_THREADING_C */
+
+#if defined(MBEDTLS_XTEA_C)
+    if( use_ret == -(MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH) )
+        mbedtls_snprintf( buf, buflen, "XTEA - The data input has an invalid length" );
+    if( use_ret == -(MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED) )
+        mbedtls_snprintf( buf, buflen, "XTEA - XTEA hardware accelerator failed" );
+#endif /* MBEDTLS_XTEA_C */
+    // END generated code
+
+    if( strlen( buf ) != 0 )
+        return;
+
+    mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret );
+}
+
+#else /* MBEDTLS_ERROR_C */
+
+#if defined(MBEDTLS_ERROR_STRERROR_DUMMY)
+
+/*
+ * Provide an non-function in case MBEDTLS_ERROR_C is not defined
+ */
+void mbedtls_strerror( int ret, char *buf, size_t buflen )
+{
+    ((void) ret);
+
+    if( buflen > 0 )
+        buf[0] = '\0';
+}
+
+#endif /* MBEDTLS_ERROR_STRERROR_DUMMY */
+
+#endif /* MBEDTLS_ERROR_C */
diff --git a/thirdparty/mbedtls/library/gcm.c b/thirdparty/mbedtls/library/gcm.c
new file mode 100644
index 0000000000..294a86d3d4
--- /dev/null
+++ b/thirdparty/mbedtls/library/gcm.c
@@ -0,0 +1,958 @@
+/*
+ *  NIST SP800-38D compliant GCM implementation
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/*
+ * http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf
+ *
+ * See also:
+ * [MGV] http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf
+ *
+ * We use the algorithm described as Shoup's method with 4-bit tables in
+ * [MGV] 4.1, pp. 12-13, to enhance speed without using too much memory.
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_GCM_C)
+
+#include "mbedtls/gcm.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_AESNI_C)
+#include "mbedtls/aesni.h"
+#endif
+
+#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
+#include "mbedtls/aes.h"
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif /* MBEDTLS_PLATFORM_C */
+#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
+
+#if !defined(MBEDTLS_GCM_ALT)
+
+/*
+ * 32-bit integer manipulation macros (big endian)
+ */
+#ifndef GET_UINT32_BE
+#define GET_UINT32_BE(n,b,i)                            \
+{                                                       \
+    (n) = ( (uint32_t) (b)[(i)    ] << 24 )             \
+        | ( (uint32_t) (b)[(i) + 1] << 16 )             \
+        | ( (uint32_t) (b)[(i) + 2] <<  8 )             \
+        | ( (uint32_t) (b)[(i) + 3]       );            \
+}
+#endif
+
+#ifndef PUT_UINT32_BE
+#define PUT_UINT32_BE(n,b,i)                            \
+{                                                       \
+    (b)[(i)    ] = (unsigned char) ( (n) >> 24 );       \
+    (b)[(i) + 1] = (unsigned char) ( (n) >> 16 );       \
+    (b)[(i) + 2] = (unsigned char) ( (n) >>  8 );       \
+    (b)[(i) + 3] = (unsigned char) ( (n)       );       \
+}
+#endif
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+/*
+ * Initialize a context
+ */
+void mbedtls_gcm_init( mbedtls_gcm_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_gcm_context ) );
+}
+
+/*
+ * Precompute small multiples of H, that is set
+ *      HH[i] || HL[i] = H times i,
+ * where i is seen as a field element as in [MGV], ie high-order bits
+ * correspond to low powers of P. The result is stored in the same way, that
+ * is the high-order bit of HH corresponds to P^0 and the low-order bit of HL
+ * corresponds to P^127.
+ */
+static int gcm_gen_table( mbedtls_gcm_context *ctx )
+{
+    int ret, i, j;
+    uint64_t hi, lo;
+    uint64_t vl, vh;
+    unsigned char h[16];
+    size_t olen = 0;
+
+    memset( h, 0, 16 );
+    if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, h, 16, h, &olen ) ) != 0 )
+        return( ret );
+
+    /* pack h as two 64-bits ints, big-endian */
+    GET_UINT32_BE( hi, h,  0  );
+    GET_UINT32_BE( lo, h,  4  );
+    vh = (uint64_t) hi << 32 | lo;
+
+    GET_UINT32_BE( hi, h,  8  );
+    GET_UINT32_BE( lo, h,  12 );
+    vl = (uint64_t) hi << 32 | lo;
+
+    /* 8 = 1000 corresponds to 1 in GF(2^128) */
+    ctx->HL[8] = vl;
+    ctx->HH[8] = vh;
+
+#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
+    /* With CLMUL support, we need only h, not the rest of the table */
+    if( mbedtls_aesni_has_support( MBEDTLS_AESNI_CLMUL ) )
+        return( 0 );
+#endif
+
+    /* 0 corresponds to 0 in GF(2^128) */
+    ctx->HH[0] = 0;
+    ctx->HL[0] = 0;
+
+    for( i = 4; i > 0; i >>= 1 )
+    {
+        uint32_t T = ( vl & 1 ) * 0xe1000000U;
+        vl  = ( vh << 63 ) | ( vl >> 1 );
+        vh  = ( vh >> 1 ) ^ ( (uint64_t) T << 32);
+
+        ctx->HL[i] = vl;
+        ctx->HH[i] = vh;
+    }
+
+    for( i = 2; i <= 8; i *= 2 )
+    {
+        uint64_t *HiL = ctx->HL + i, *HiH = ctx->HH + i;
+        vh = *HiH;
+        vl = *HiL;
+        for( j = 1; j < i; j++ )
+        {
+            HiH[j] = vh ^ ctx->HH[j];
+            HiL[j] = vl ^ ctx->HL[j];
+        }
+    }
+
+    return( 0 );
+}
+
+int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx,
+                        mbedtls_cipher_id_t cipher,
+                        const unsigned char *key,
+                        unsigned int keybits )
+{
+    int ret;
+    const mbedtls_cipher_info_t *cipher_info;
+
+    cipher_info = mbedtls_cipher_info_from_values( cipher, keybits, MBEDTLS_MODE_ECB );
+    if( cipher_info == NULL )
+        return( MBEDTLS_ERR_GCM_BAD_INPUT );
+
+    if( cipher_info->block_size != 16 )
+        return( MBEDTLS_ERR_GCM_BAD_INPUT );
+
+    mbedtls_cipher_free( &ctx->cipher_ctx );
+
+    if( ( ret = mbedtls_cipher_setup( &ctx->cipher_ctx, cipher_info ) ) != 0 )
+        return( ret );
+
+    if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keybits,
+                               MBEDTLS_ENCRYPT ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    if( ( ret = gcm_gen_table( ctx ) ) != 0 )
+        return( ret );
+
+    return( 0 );
+}
+
+/*
+ * Shoup's method for multiplication use this table with
+ *      last4[x] = x times P^128
+ * where x and last4[x] are seen as elements of GF(2^128) as in [MGV]
+ */
+static const uint64_t last4[16] =
+{
+    0x0000, 0x1c20, 0x3840, 0x2460,
+    0x7080, 0x6ca0, 0x48c0, 0x54e0,
+    0xe100, 0xfd20, 0xd940, 0xc560,
+    0x9180, 0x8da0, 0xa9c0, 0xb5e0
+};
+
+/*
+ * Sets output to x times H using the precomputed tables.
+ * x and output are seen as elements of GF(2^128) as in [MGV].
+ */
+static void gcm_mult( mbedtls_gcm_context *ctx, const unsigned char x[16],
+                      unsigned char output[16] )
+{
+    int i = 0;
+    unsigned char lo, hi, rem;
+    uint64_t zh, zl;
+
+#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
+    if( mbedtls_aesni_has_support( MBEDTLS_AESNI_CLMUL ) ) {
+        unsigned char h[16];
+
+        PUT_UINT32_BE( ctx->HH[8] >> 32, h,  0 );
+        PUT_UINT32_BE( ctx->HH[8],       h,  4 );
+        PUT_UINT32_BE( ctx->HL[8] >> 32, h,  8 );
+        PUT_UINT32_BE( ctx->HL[8],       h, 12 );
+
+        mbedtls_aesni_gcm_mult( output, x, h );
+        return;
+    }
+#endif /* MBEDTLS_AESNI_C && MBEDTLS_HAVE_X86_64 */
+
+    lo = x[15] & 0xf;
+
+    zh = ctx->HH[lo];
+    zl = ctx->HL[lo];
+
+    for( i = 15; i >= 0; i-- )
+    {
+        lo = x[i] & 0xf;
+        hi = x[i] >> 4;
+
+        if( i != 15 )
+        {
+            rem = (unsigned char) zl & 0xf;
+            zl = ( zh << 60 ) | ( zl >> 4 );
+            zh = ( zh >> 4 );
+            zh ^= (uint64_t) last4[rem] << 48;
+            zh ^= ctx->HH[lo];
+            zl ^= ctx->HL[lo];
+
+        }
+
+        rem = (unsigned char) zl & 0xf;
+        zl = ( zh << 60 ) | ( zl >> 4 );
+        zh = ( zh >> 4 );
+        zh ^= (uint64_t) last4[rem] << 48;
+        zh ^= ctx->HH[hi];
+        zl ^= ctx->HL[hi];
+    }
+
+    PUT_UINT32_BE( zh >> 32, output, 0 );
+    PUT_UINT32_BE( zh, output, 4 );
+    PUT_UINT32_BE( zl >> 32, output, 8 );
+    PUT_UINT32_BE( zl, output, 12 );
+}
+
+int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
+                int mode,
+                const unsigned char *iv,
+                size_t iv_len,
+                const unsigned char *add,
+                size_t add_len )
+{
+    int ret;
+    unsigned char work_buf[16];
+    size_t i;
+    const unsigned char *p;
+    size_t use_len, olen = 0;
+
+    /* IV and AD are limited to 2^64 bits, so 2^61 bytes */
+    /* IV is not allowed to be zero length */
+    if( iv_len == 0 ||
+      ( (uint64_t) iv_len  ) >> 61 != 0 ||
+      ( (uint64_t) add_len ) >> 61 != 0 )
+    {
+        return( MBEDTLS_ERR_GCM_BAD_INPUT );
+    }
+
+    memset( ctx->y, 0x00, sizeof(ctx->y) );
+    memset( ctx->buf, 0x00, sizeof(ctx->buf) );
+
+    ctx->mode = mode;
+    ctx->len = 0;
+    ctx->add_len = 0;
+
+    if( iv_len == 12 )
+    {
+        memcpy( ctx->y, iv, iv_len );
+        ctx->y[15] = 1;
+    }
+    else
+    {
+        memset( work_buf, 0x00, 16 );
+        PUT_UINT32_BE( iv_len * 8, work_buf, 12 );
+
+        p = iv;
+        while( iv_len > 0 )
+        {
+            use_len = ( iv_len < 16 ) ? iv_len : 16;
+
+            for( i = 0; i < use_len; i++ )
+                ctx->y[i] ^= p[i];
+
+            gcm_mult( ctx, ctx->y, ctx->y );
+
+            iv_len -= use_len;
+            p += use_len;
+        }
+
+        for( i = 0; i < 16; i++ )
+            ctx->y[i] ^= work_buf[i];
+
+        gcm_mult( ctx, ctx->y, ctx->y );
+    }
+
+    if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->base_ectr,
+                             &olen ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    ctx->add_len = add_len;
+    p = add;
+    while( add_len > 0 )
+    {
+        use_len = ( add_len < 16 ) ? add_len : 16;
+
+        for( i = 0; i < use_len; i++ )
+            ctx->buf[i] ^= p[i];
+
+        gcm_mult( ctx, ctx->buf, ctx->buf );
+
+        add_len -= use_len;
+        p += use_len;
+    }
+
+    return( 0 );
+}
+
+int mbedtls_gcm_update( mbedtls_gcm_context *ctx,
+                size_t length,
+                const unsigned char *input,
+                unsigned char *output )
+{
+    int ret;
+    unsigned char ectr[16];
+    size_t i;
+    const unsigned char *p;
+    unsigned char *out_p = output;
+    size_t use_len, olen = 0;
+
+    if( output > input && (size_t) ( output - input ) < length )
+        return( MBEDTLS_ERR_GCM_BAD_INPUT );
+
+    /* Total length is restricted to 2^39 - 256 bits, ie 2^36 - 2^5 bytes
+     * Also check for possible overflow */
+    if( ctx->len + length < ctx->len ||
+        (uint64_t) ctx->len + length > 0xFFFFFFFE0ull )
+    {
+        return( MBEDTLS_ERR_GCM_BAD_INPUT );
+    }
+
+    ctx->len += length;
+
+    p = input;
+    while( length > 0 )
+    {
+        use_len = ( length < 16 ) ? length : 16;
+
+        for( i = 16; i > 12; i-- )
+            if( ++ctx->y[i - 1] != 0 )
+                break;
+
+        if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ectr,
+                                   &olen ) ) != 0 )
+        {
+            return( ret );
+        }
+
+        for( i = 0; i < use_len; i++ )
+        {
+            if( ctx->mode == MBEDTLS_GCM_DECRYPT )
+                ctx->buf[i] ^= p[i];
+            out_p[i] = ectr[i] ^ p[i];
+            if( ctx->mode == MBEDTLS_GCM_ENCRYPT )
+                ctx->buf[i] ^= out_p[i];
+        }
+
+        gcm_mult( ctx, ctx->buf, ctx->buf );
+
+        length -= use_len;
+        p += use_len;
+        out_p += use_len;
+    }
+
+    return( 0 );
+}
+
+int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
+                unsigned char *tag,
+                size_t tag_len )
+{
+    unsigned char work_buf[16];
+    size_t i;
+    uint64_t orig_len = ctx->len * 8;
+    uint64_t orig_add_len = ctx->add_len * 8;
+
+    if( tag_len > 16 || tag_len < 4 )
+        return( MBEDTLS_ERR_GCM_BAD_INPUT );
+
+    memcpy( tag, ctx->base_ectr, tag_len );
+
+    if( orig_len || orig_add_len )
+    {
+        memset( work_buf, 0x00, 16 );
+
+        PUT_UINT32_BE( ( orig_add_len >> 32 ), work_buf, 0  );
+        PUT_UINT32_BE( ( orig_add_len       ), work_buf, 4  );
+        PUT_UINT32_BE( ( orig_len     >> 32 ), work_buf, 8  );
+        PUT_UINT32_BE( ( orig_len           ), work_buf, 12 );
+
+        for( i = 0; i < 16; i++ )
+            ctx->buf[i] ^= work_buf[i];
+
+        gcm_mult( ctx, ctx->buf, ctx->buf );
+
+        for( i = 0; i < tag_len; i++ )
+            tag[i] ^= ctx->buf[i];
+    }
+
+    return( 0 );
+}
+
+int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx,
+                       int mode,
+                       size_t length,
+                       const unsigned char *iv,
+                       size_t iv_len,
+                       const unsigned char *add,
+                       size_t add_len,
+                       const unsigned char *input,
+                       unsigned char *output,
+                       size_t tag_len,
+                       unsigned char *tag )
+{
+    int ret;
+
+    if( ( ret = mbedtls_gcm_starts( ctx, mode, iv, iv_len, add, add_len ) ) != 0 )
+        return( ret );
+
+    if( ( ret = mbedtls_gcm_update( ctx, length, input, output ) ) != 0 )
+        return( ret );
+
+    if( ( ret = mbedtls_gcm_finish( ctx, tag, tag_len ) ) != 0 )
+        return( ret );
+
+    return( 0 );
+}
+
+int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx,
+                      size_t length,
+                      const unsigned char *iv,
+                      size_t iv_len,
+                      const unsigned char *add,
+                      size_t add_len,
+                      const unsigned char *tag,
+                      size_t tag_len,
+                      const unsigned char *input,
+                      unsigned char *output )
+{
+    int ret;
+    unsigned char check_tag[16];
+    size_t i;
+    int diff;
+
+    if( ( ret = mbedtls_gcm_crypt_and_tag( ctx, MBEDTLS_GCM_DECRYPT, length,
+                                   iv, iv_len, add, add_len,
+                                   input, output, tag_len, check_tag ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    /* Check tag in "constant-time" */
+    for( diff = 0, i = 0; i < tag_len; i++ )
+        diff |= tag[i] ^ check_tag[i];
+
+    if( diff != 0 )
+    {
+        mbedtls_zeroize( output, length );
+        return( MBEDTLS_ERR_GCM_AUTH_FAILED );
+    }
+
+    return( 0 );
+}
+
+void mbedtls_gcm_free( mbedtls_gcm_context *ctx )
+{
+    mbedtls_cipher_free( &ctx->cipher_ctx );
+    mbedtls_zeroize( ctx, sizeof( mbedtls_gcm_context ) );
+}
+
+#endif /* !MBEDTLS_GCM_ALT */
+
+#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
+/*
+ * AES-GCM test vectors from:
+ *
+ * http://csrc.nist.gov/groups/STM/cavp/documents/mac/gcmtestvectors.zip
+ */
+#define MAX_TESTS   6
+
+static const int key_index[MAX_TESTS] =
+    { 0, 0, 1, 1, 1, 1 };
+
+static const unsigned char key[MAX_TESTS][32] =
+{
+    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+    { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
+      0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
+      0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
+      0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 },
+};
+
+static const size_t iv_len[MAX_TESTS] =
+    { 12, 12, 12, 12, 8, 60 };
+
+static const int iv_index[MAX_TESTS] =
+    { 0, 0, 1, 1, 1, 2 };
+
+static const unsigned char iv[MAX_TESTS][64] =
+{
+    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00 },
+    { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
+      0xde, 0xca, 0xf8, 0x88 },
+    { 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
+      0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
+      0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
+      0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
+      0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
+      0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
+      0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
+      0xa6, 0x37, 0xb3, 0x9b },
+};
+
+static const size_t add_len[MAX_TESTS] =
+    { 0, 0, 0, 20, 20, 20 };
+
+static const int add_index[MAX_TESTS] =
+    { 0, 0, 0, 1, 1, 1 };
+
+static const unsigned char additional[MAX_TESTS][64] =
+{
+    { 0x00 },
+    { 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
+      0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
+      0xab, 0xad, 0xda, 0xd2 },
+};
+
+static const size_t pt_len[MAX_TESTS] =
+    { 0, 16, 64, 60, 60, 60 };
+
+static const int pt_index[MAX_TESTS] =
+    { 0, 0, 1, 1, 1, 1 };
+
+static const unsigned char pt[MAX_TESTS][64] =
+{
+    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+    { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
+      0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
+      0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
+      0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
+      0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
+      0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
+      0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
+      0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 },
+};
+
+static const unsigned char ct[MAX_TESTS * 3][64] =
+{
+    { 0x00 },
+    { 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92,
+      0xf3, 0x28, 0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78 },
+    { 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
+      0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
+      0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
+      0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
+      0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
+      0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
+      0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
+      0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85 },
+    { 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
+      0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
+      0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
+      0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
+      0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
+      0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
+      0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
+      0x3d, 0x58, 0xe0, 0x91 },
+    { 0x61, 0x35, 0x3b, 0x4c, 0x28, 0x06, 0x93, 0x4a,
+      0x77, 0x7f, 0xf5, 0x1f, 0xa2, 0x2a, 0x47, 0x55,
+      0x69, 0x9b, 0x2a, 0x71, 0x4f, 0xcd, 0xc6, 0xf8,
+      0x37, 0x66, 0xe5, 0xf9, 0x7b, 0x6c, 0x74, 0x23,
+      0x73, 0x80, 0x69, 0x00, 0xe4, 0x9f, 0x24, 0xb2,
+      0x2b, 0x09, 0x75, 0x44, 0xd4, 0x89, 0x6b, 0x42,
+      0x49, 0x89, 0xb5, 0xe1, 0xeb, 0xac, 0x0f, 0x07,
+      0xc2, 0x3f, 0x45, 0x98 },
+    { 0x8c, 0xe2, 0x49, 0x98, 0x62, 0x56, 0x15, 0xb6,
+      0x03, 0xa0, 0x33, 0xac, 0xa1, 0x3f, 0xb8, 0x94,
+      0xbe, 0x91, 0x12, 0xa5, 0xc3, 0xa2, 0x11, 0xa8,
+      0xba, 0x26, 0x2a, 0x3c, 0xca, 0x7e, 0x2c, 0xa7,
+      0x01, 0xe4, 0xa9, 0xa4, 0xfb, 0xa4, 0x3c, 0x90,
+      0xcc, 0xdc, 0xb2, 0x81, 0xd4, 0x8c, 0x7c, 0x6f,
+      0xd6, 0x28, 0x75, 0xd2, 0xac, 0xa4, 0x17, 0x03,
+      0x4c, 0x34, 0xae, 0xe5 },
+    { 0x00 },
+    { 0x98, 0xe7, 0x24, 0x7c, 0x07, 0xf0, 0xfe, 0x41,
+      0x1c, 0x26, 0x7e, 0x43, 0x84, 0xb0, 0xf6, 0x00 },
+    { 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
+      0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
+      0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
+      0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
+      0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
+      0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
+      0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
+      0xcc, 0xda, 0x27, 0x10, 0xac, 0xad, 0xe2, 0x56 },
+    { 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
+      0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
+      0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
+      0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
+      0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
+      0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
+      0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
+      0xcc, 0xda, 0x27, 0x10 },
+    { 0x0f, 0x10, 0xf5, 0x99, 0xae, 0x14, 0xa1, 0x54,
+      0xed, 0x24, 0xb3, 0x6e, 0x25, 0x32, 0x4d, 0xb8,
+      0xc5, 0x66, 0x63, 0x2e, 0xf2, 0xbb, 0xb3, 0x4f,
+      0x83, 0x47, 0x28, 0x0f, 0xc4, 0x50, 0x70, 0x57,
+      0xfd, 0xdc, 0x29, 0xdf, 0x9a, 0x47, 0x1f, 0x75,
+      0xc6, 0x65, 0x41, 0xd4, 0xd4, 0xda, 0xd1, 0xc9,
+      0xe9, 0x3a, 0x19, 0xa5, 0x8e, 0x8b, 0x47, 0x3f,
+      0xa0, 0xf0, 0x62, 0xf7 },
+    { 0xd2, 0x7e, 0x88, 0x68, 0x1c, 0xe3, 0x24, 0x3c,
+      0x48, 0x30, 0x16, 0x5a, 0x8f, 0xdc, 0xf9, 0xff,
+      0x1d, 0xe9, 0xa1, 0xd8, 0xe6, 0xb4, 0x47, 0xef,
+      0x6e, 0xf7, 0xb7, 0x98, 0x28, 0x66, 0x6e, 0x45,
+      0x81, 0xe7, 0x90, 0x12, 0xaf, 0x34, 0xdd, 0xd9,
+      0xe2, 0xf0, 0x37, 0x58, 0x9b, 0x29, 0x2d, 0xb3,
+      0xe6, 0x7c, 0x03, 0x67, 0x45, 0xfa, 0x22, 0xe7,
+      0xe9, 0xb7, 0x37, 0x3b },
+    { 0x00 },
+    { 0xce, 0xa7, 0x40, 0x3d, 0x4d, 0x60, 0x6b, 0x6e,
+      0x07, 0x4e, 0xc5, 0xd3, 0xba, 0xf3, 0x9d, 0x18 },
+    { 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
+      0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
+      0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
+      0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
+      0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
+      0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
+      0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
+      0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad },
+    { 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
+      0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
+      0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
+      0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
+      0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
+      0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
+      0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
+      0xbc, 0xc9, 0xf6, 0x62 },
+    { 0xc3, 0x76, 0x2d, 0xf1, 0xca, 0x78, 0x7d, 0x32,
+      0xae, 0x47, 0xc1, 0x3b, 0xf1, 0x98, 0x44, 0xcb,
+      0xaf, 0x1a, 0xe1, 0x4d, 0x0b, 0x97, 0x6a, 0xfa,
+      0xc5, 0x2f, 0xf7, 0xd7, 0x9b, 0xba, 0x9d, 0xe0,
+      0xfe, 0xb5, 0x82, 0xd3, 0x39, 0x34, 0xa4, 0xf0,
+      0x95, 0x4c, 0xc2, 0x36, 0x3b, 0xc7, 0x3f, 0x78,
+      0x62, 0xac, 0x43, 0x0e, 0x64, 0xab, 0xe4, 0x99,
+      0xf4, 0x7c, 0x9b, 0x1f },
+    { 0x5a, 0x8d, 0xef, 0x2f, 0x0c, 0x9e, 0x53, 0xf1,
+      0xf7, 0x5d, 0x78, 0x53, 0x65, 0x9e, 0x2a, 0x20,
+      0xee, 0xb2, 0xb2, 0x2a, 0xaf, 0xde, 0x64, 0x19,
+      0xa0, 0x58, 0xab, 0x4f, 0x6f, 0x74, 0x6b, 0xf4,
+      0x0f, 0xc0, 0xc3, 0xb7, 0x80, 0xf2, 0x44, 0x45,
+      0x2d, 0xa3, 0xeb, 0xf1, 0xc5, 0xd8, 0x2c, 0xde,
+      0xa2, 0x41, 0x89, 0x97, 0x20, 0x0e, 0xf8, 0x2e,
+      0x44, 0xae, 0x7e, 0x3f },
+};
+
+static const unsigned char tag[MAX_TESTS * 3][16] =
+{
+    { 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61,
+      0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a },
+    { 0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec, 0x13, 0xbd,
+      0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf },
+    { 0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6,
+      0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4 },
+    { 0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb,
+      0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47 },
+    { 0x36, 0x12, 0xd2, 0xe7, 0x9e, 0x3b, 0x07, 0x85,
+      0x56, 0x1b, 0xe1, 0x4a, 0xac, 0xa2, 0xfc, 0xcb },
+    { 0x61, 0x9c, 0xc5, 0xae, 0xff, 0xfe, 0x0b, 0xfa,
+      0x46, 0x2a, 0xf4, 0x3c, 0x16, 0x99, 0xd0, 0x50 },
+    { 0xcd, 0x33, 0xb2, 0x8a, 0xc7, 0x73, 0xf7, 0x4b,
+      0xa0, 0x0e, 0xd1, 0xf3, 0x12, 0x57, 0x24, 0x35 },
+    { 0x2f, 0xf5, 0x8d, 0x80, 0x03, 0x39, 0x27, 0xab,
+      0x8e, 0xf4, 0xd4, 0x58, 0x75, 0x14, 0xf0, 0xfb },
+    { 0x99, 0x24, 0xa7, 0xc8, 0x58, 0x73, 0x36, 0xbf,
+      0xb1, 0x18, 0x02, 0x4d, 0xb8, 0x67, 0x4a, 0x14 },
+    { 0x25, 0x19, 0x49, 0x8e, 0x80, 0xf1, 0x47, 0x8f,
+      0x37, 0xba, 0x55, 0xbd, 0x6d, 0x27, 0x61, 0x8c },
+    { 0x65, 0xdc, 0xc5, 0x7f, 0xcf, 0x62, 0x3a, 0x24,
+      0x09, 0x4f, 0xcc, 0xa4, 0x0d, 0x35, 0x33, 0xf8 },
+    { 0xdc, 0xf5, 0x66, 0xff, 0x29, 0x1c, 0x25, 0xbb,
+      0xb8, 0x56, 0x8f, 0xc3, 0xd3, 0x76, 0xa6, 0xd9 },
+    { 0x53, 0x0f, 0x8a, 0xfb, 0xc7, 0x45, 0x36, 0xb9,
+      0xa9, 0x63, 0xb4, 0xf1, 0xc4, 0xcb, 0x73, 0x8b },
+    { 0xd0, 0xd1, 0xc8, 0xa7, 0x99, 0x99, 0x6b, 0xf0,
+      0x26, 0x5b, 0x98, 0xb5, 0xd4, 0x8a, 0xb9, 0x19 },
+    { 0xb0, 0x94, 0xda, 0xc5, 0xd9, 0x34, 0x71, 0xbd,
+      0xec, 0x1a, 0x50, 0x22, 0x70, 0xe3, 0xcc, 0x6c },
+    { 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68,
+      0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b },
+    { 0x3a, 0x33, 0x7d, 0xbf, 0x46, 0xa7, 0x92, 0xc4,
+      0x5e, 0x45, 0x49, 0x13, 0xfe, 0x2e, 0xa8, 0xf2 },
+    { 0xa4, 0x4a, 0x82, 0x66, 0xee, 0x1c, 0x8e, 0xb0,
+      0xc8, 0xb5, 0xd4, 0xcf, 0x5a, 0xe9, 0xf1, 0x9a },
+};
+
+int mbedtls_gcm_self_test( int verbose )
+{
+    mbedtls_gcm_context ctx;
+    unsigned char buf[64];
+    unsigned char tag_buf[16];
+    int i, j, ret;
+    mbedtls_cipher_id_t cipher = MBEDTLS_CIPHER_ID_AES;
+
+    for( j = 0; j < 3; j++ )
+    {
+        int key_len = 128 + 64 * j;
+
+        for( i = 0; i < MAX_TESTS; i++ )
+        {
+            mbedtls_gcm_init( &ctx );
+
+            if( verbose != 0 )
+                mbedtls_printf( "  AES-GCM-%3d #%d (%s): ",
+                                key_len, i, "enc" );
+
+            ret = mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]],
+                                      key_len );
+            /*
+             * AES-192 is an optional feature that may be unavailable when
+             * there is an alternative underlying implementation i.e. when
+             * MBEDTLS_AES_ALT is defined.
+             */
+            if( ret == MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE && key_len == 192 )
+            {
+                mbedtls_printf( "skipped\n" );
+                break;
+            }
+            else if( ret != 0 )
+            {
+                goto exit;
+            }
+
+            ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT,
+                                        pt_len[i],
+                                        iv[iv_index[i]], iv_len[i],
+                                        additional[add_index[i]], add_len[i],
+                                        pt[pt_index[i]], buf, 16, tag_buf );
+            if( ret != 0 )
+                goto exit;
+
+            if ( memcmp( buf, ct[j * 6 + i], pt_len[i] ) != 0 ||
+                 memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
+            {
+                ret = 1;
+                goto exit;
+            }
+
+            mbedtls_gcm_free( &ctx );
+
+            if( verbose != 0 )
+                mbedtls_printf( "passed\n" );
+
+            mbedtls_gcm_init( &ctx );
+
+            if( verbose != 0 )
+                mbedtls_printf( "  AES-GCM-%3d #%d (%s): ",
+                                key_len, i, "dec" );
+
+            ret = mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]],
+                                      key_len );
+            if( ret != 0 )
+                goto exit;
+
+            ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_DECRYPT,
+                                        pt_len[i],
+                                        iv[iv_index[i]], iv_len[i],
+                                        additional[add_index[i]], add_len[i],
+                                        ct[j * 6 + i], buf, 16, tag_buf );
+
+            if( ret != 0 )
+                goto exit;
+
+            if( memcmp( buf, pt[pt_index[i]], pt_len[i] ) != 0 ||
+                memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
+            {
+                ret = 1;
+                goto exit;
+            }
+
+            mbedtls_gcm_free( &ctx );
+
+            if( verbose != 0 )
+                mbedtls_printf( "passed\n" );
+
+            mbedtls_gcm_init( &ctx );
+
+            if( verbose != 0 )
+                mbedtls_printf( "  AES-GCM-%3d #%d split (%s): ",
+                                key_len, i, "enc" );
+
+            ret = mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]],
+                                      key_len );
+            if( ret != 0 )
+                goto exit;
+
+            ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_ENCRYPT,
+                                      iv[iv_index[i]], iv_len[i],
+                                      additional[add_index[i]], add_len[i] );
+            if( ret != 0 )
+                goto exit;
+
+            if( pt_len[i] > 32 )
+            {
+                size_t rest_len = pt_len[i] - 32;
+                ret = mbedtls_gcm_update( &ctx, 32, pt[pt_index[i]], buf );
+                if( ret != 0 )
+                    goto exit;
+
+                ret = mbedtls_gcm_update( &ctx, rest_len, pt[pt_index[i]] + 32,
+                                  buf + 32 );
+                if( ret != 0 )
+                    goto exit;
+            }
+            else
+            {
+                ret = mbedtls_gcm_update( &ctx, pt_len[i], pt[pt_index[i]], buf );
+                if( ret != 0 )
+                    goto exit;
+            }
+
+            ret = mbedtls_gcm_finish( &ctx, tag_buf, 16 );
+            if( ret != 0 )
+                goto exit;
+
+            if( memcmp( buf, ct[j * 6 + i], pt_len[i] ) != 0 ||
+                memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
+            {
+                ret = 1;
+                goto exit;
+            }
+
+            mbedtls_gcm_free( &ctx );
+
+            if( verbose != 0 )
+                mbedtls_printf( "passed\n" );
+
+            mbedtls_gcm_init( &ctx );
+
+            if( verbose != 0 )
+                mbedtls_printf( "  AES-GCM-%3d #%d split (%s): ",
+                                key_len, i, "dec" );
+
+            ret = mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]],
+                                      key_len );
+            if( ret != 0 )
+                goto exit;
+
+            ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_DECRYPT,
+                              iv[iv_index[i]], iv_len[i],
+                              additional[add_index[i]], add_len[i] );
+            if( ret != 0 )
+                goto exit;
+
+            if( pt_len[i] > 32 )
+            {
+                size_t rest_len = pt_len[i] - 32;
+                ret = mbedtls_gcm_update( &ctx, 32, ct[j * 6 + i], buf );
+                if( ret != 0 )
+                    goto exit;
+
+                ret = mbedtls_gcm_update( &ctx, rest_len, ct[j * 6 + i] + 32,
+                                          buf + 32 );
+                if( ret != 0 )
+                    goto exit;
+            }
+            else
+            {
+                ret = mbedtls_gcm_update( &ctx, pt_len[i], ct[j * 6 + i],
+                                          buf );
+                if( ret != 0 )
+                    goto exit;
+            }
+
+            ret = mbedtls_gcm_finish( &ctx, tag_buf, 16 );
+            if( ret != 0 )
+                goto exit;
+
+            if( memcmp( buf, pt[pt_index[i]], pt_len[i] ) != 0 ||
+                memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
+            {
+                ret = 1;
+                goto exit;
+            }
+
+            mbedtls_gcm_free( &ctx );
+
+            if( verbose != 0 )
+                mbedtls_printf( "passed\n" );
+        }
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+    ret = 0;
+
+exit:
+    if( ret != 0 )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "failed\n" );
+        mbedtls_gcm_free( &ctx );
+    }
+
+    return( ret );
+}
+
+#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
+
+#endif /* MBEDTLS_GCM_C */
diff --git a/thirdparty/mbedtls/library/havege.c b/thirdparty/mbedtls/library/havege.c
new file mode 100644
index 0000000000..2b75ef7bd8
--- /dev/null
+++ b/thirdparty/mbedtls/library/havege.c
@@ -0,0 +1,245 @@
+/**
+ *  \brief HAVEGE: HArdware Volatile Entropy Gathering and Expansion
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ *  The HAVEGE RNG was designed by Andre Seznec in 2002.
+ *
+ *  http://www.irisa.fr/caps/projects/hipsor/publi.php
+ *
+ *  Contact: seznec(at)irisa_dot_fr - orocheco(at)irisa_dot_fr
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_HAVEGE_C)
+
+#include "mbedtls/havege.h"
+#include "mbedtls/timing.h"
+
+#include <string.h>
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+/* ------------------------------------------------------------------------
+ * On average, one iteration accesses two 8-word blocks in the havege WALK
+ * table, and generates 16 words in the RES array.
+ *
+ * The data read in the WALK table is updated and permuted after each use.
+ * The result of the hardware clock counter read is used  for this update.
+ *
+ * 25 conditional tests are present.  The conditional tests are grouped in
+ * two nested  groups of 12 conditional tests and 1 test that controls the
+ * permutation; on average, there should be 6 tests executed and 3 of them
+ * should be mispredicted.
+ * ------------------------------------------------------------------------
+ */
+
+#define SWAP(X,Y) { int *T = X; X = Y; Y = T; }
+
+#define TST1_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1;
+#define TST2_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1;
+
+#define TST1_LEAVE U1++; }
+#define TST2_LEAVE U2++; }
+
+#define ONE_ITERATION                                   \
+                                                        \
+    PTEST = PT1 >> 20;                                  \
+                                                        \
+    TST1_ENTER  TST1_ENTER  TST1_ENTER  TST1_ENTER      \
+    TST1_ENTER  TST1_ENTER  TST1_ENTER  TST1_ENTER      \
+    TST1_ENTER  TST1_ENTER  TST1_ENTER  TST1_ENTER      \
+                                                        \
+    TST1_LEAVE  TST1_LEAVE  TST1_LEAVE  TST1_LEAVE      \
+    TST1_LEAVE  TST1_LEAVE  TST1_LEAVE  TST1_LEAVE      \
+    TST1_LEAVE  TST1_LEAVE  TST1_LEAVE  TST1_LEAVE      \
+                                                        \
+    PTX = (PT1 >> 18) & 7;                              \
+    PT1 &= 0x1FFF;                                      \
+    PT2 &= 0x1FFF;                                      \
+    CLK = (int) mbedtls_timing_hardclock();                            \
+                                                        \
+    i = 0;                                              \
+    A = &WALK[PT1    ]; RES[i++] ^= *A;                 \
+    B = &WALK[PT2    ]; RES[i++] ^= *B;                 \
+    C = &WALK[PT1 ^ 1]; RES[i++] ^= *C;                 \
+    D = &WALK[PT2 ^ 4]; RES[i++] ^= *D;                 \
+                                                        \
+    IN = (*A >> (1)) ^ (*A << (31)) ^ CLK;              \
+    *A = (*B >> (2)) ^ (*B << (30)) ^ CLK;              \
+    *B = IN ^ U1;                                       \
+    *C = (*C >> (3)) ^ (*C << (29)) ^ CLK;              \
+    *D = (*D >> (4)) ^ (*D << (28)) ^ CLK;              \
+                                                        \
+    A = &WALK[PT1 ^ 2]; RES[i++] ^= *A;                 \
+    B = &WALK[PT2 ^ 2]; RES[i++] ^= *B;                 \
+    C = &WALK[PT1 ^ 3]; RES[i++] ^= *C;                 \
+    D = &WALK[PT2 ^ 6]; RES[i++] ^= *D;                 \
+                                                        \
+    if( PTEST & 1 ) SWAP( A, C );                       \
+                                                        \
+    IN = (*A >> (5)) ^ (*A << (27)) ^ CLK;              \
+    *A = (*B >> (6)) ^ (*B << (26)) ^ CLK;              \
+    *B = IN; CLK = (int) mbedtls_timing_hardclock();                   \
+    *C = (*C >> (7)) ^ (*C << (25)) ^ CLK;              \
+    *D = (*D >> (8)) ^ (*D << (24)) ^ CLK;              \
+                                                        \
+    A = &WALK[PT1 ^ 4];                                 \
+    B = &WALK[PT2 ^ 1];                                 \
+                                                        \
+    PTEST = PT2 >> 1;                                   \
+                                                        \
+    PT2 = (RES[(i - 8) ^ PTY] ^ WALK[PT2 ^ PTY ^ 7]);   \
+    PT2 = ((PT2 & 0x1FFF) & (~8)) ^ ((PT1 ^ 8) & 0x8);  \
+    PTY = (PT2 >> 10) & 7;                              \
+                                                        \
+    TST2_ENTER  TST2_ENTER  TST2_ENTER  TST2_ENTER      \
+    TST2_ENTER  TST2_ENTER  TST2_ENTER  TST2_ENTER      \
+    TST2_ENTER  TST2_ENTER  TST2_ENTER  TST2_ENTER      \
+                                                        \
+    TST2_LEAVE  TST2_LEAVE  TST2_LEAVE  TST2_LEAVE      \
+    TST2_LEAVE  TST2_LEAVE  TST2_LEAVE  TST2_LEAVE      \
+    TST2_LEAVE  TST2_LEAVE  TST2_LEAVE  TST2_LEAVE      \
+                                                        \
+    C = &WALK[PT1 ^ 5];                                 \
+    D = &WALK[PT2 ^ 5];                                 \
+                                                        \
+    RES[i++] ^= *A;                                     \
+    RES[i++] ^= *B;                                     \
+    RES[i++] ^= *C;                                     \
+    RES[i++] ^= *D;                                     \
+                                                        \
+    IN = (*A >> ( 9)) ^ (*A << (23)) ^ CLK;             \
+    *A = (*B >> (10)) ^ (*B << (22)) ^ CLK;             \
+    *B = IN ^ U2;                                       \
+    *C = (*C >> (11)) ^ (*C << (21)) ^ CLK;             \
+    *D = (*D >> (12)) ^ (*D << (20)) ^ CLK;             \
+                                                        \
+    A = &WALK[PT1 ^ 6]; RES[i++] ^= *A;                 \
+    B = &WALK[PT2 ^ 3]; RES[i++] ^= *B;                 \
+    C = &WALK[PT1 ^ 7]; RES[i++] ^= *C;                 \
+    D = &WALK[PT2 ^ 7]; RES[i++] ^= *D;                 \
+                                                        \
+    IN = (*A >> (13)) ^ (*A << (19)) ^ CLK;             \
+    *A = (*B >> (14)) ^ (*B << (18)) ^ CLK;             \
+    *B = IN;                                            \
+    *C = (*C >> (15)) ^ (*C << (17)) ^ CLK;             \
+    *D = (*D >> (16)) ^ (*D << (16)) ^ CLK;             \
+                                                        \
+    PT1 = ( RES[( i - 8 ) ^ PTX] ^                      \
+            WALK[PT1 ^ PTX ^ 7] ) & (~1);               \
+    PT1 ^= (PT2 ^ 0x10) & 0x10;                         \
+                                                        \
+    for( n++, i = 0; i < 16; i++ )                      \
+        hs->pool[n % MBEDTLS_HAVEGE_COLLECT_SIZE] ^= RES[i];
+
+/*
+ * Entropy gathering function
+ */
+static void havege_fill( mbedtls_havege_state *hs )
+{
+    int i, n = 0;
+    int  U1,  U2, *A, *B, *C, *D;
+    int PT1, PT2, *WALK, RES[16];
+    int PTX, PTY, CLK, PTEST, IN;
+
+    WALK = hs->WALK;
+    PT1  = hs->PT1;
+    PT2  = hs->PT2;
+
+    PTX  = U1 = 0;
+    PTY  = U2 = 0;
+
+    (void)PTX;
+
+    memset( RES, 0, sizeof( RES ) );
+
+    while( n < MBEDTLS_HAVEGE_COLLECT_SIZE * 4 )
+    {
+        ONE_ITERATION
+        ONE_ITERATION
+        ONE_ITERATION
+        ONE_ITERATION
+    }
+
+    hs->PT1 = PT1;
+    hs->PT2 = PT2;
+
+    hs->offset[0] = 0;
+    hs->offset[1] = MBEDTLS_HAVEGE_COLLECT_SIZE / 2;
+}
+
+/*
+ * HAVEGE initialization
+ */
+void mbedtls_havege_init( mbedtls_havege_state *hs )
+{
+    memset( hs, 0, sizeof( mbedtls_havege_state ) );
+
+    havege_fill( hs );
+}
+
+void mbedtls_havege_free( mbedtls_havege_state *hs )
+{
+    if( hs == NULL )
+        return;
+
+    mbedtls_zeroize( hs, sizeof( mbedtls_havege_state ) );
+}
+
+/*
+ * HAVEGE rand function
+ */
+int mbedtls_havege_random( void *p_rng, unsigned char *buf, size_t len )
+{
+    int val;
+    size_t use_len;
+    mbedtls_havege_state *hs = (mbedtls_havege_state *) p_rng;
+    unsigned char *p = buf;
+
+    while( len > 0 )
+    {
+        use_len = len;
+        if( use_len > sizeof(int) )
+            use_len = sizeof(int);
+
+        if( hs->offset[1] >= MBEDTLS_HAVEGE_COLLECT_SIZE )
+            havege_fill( hs );
+
+        val  = hs->pool[hs->offset[0]++];
+        val ^= hs->pool[hs->offset[1]++];
+
+        memcpy( p, &val, use_len );
+
+        len -= use_len;
+        p += use_len;
+    }
+
+    return( 0 );
+}
+
+#endif /* MBEDTLS_HAVEGE_C */
diff --git a/thirdparty/mbedtls/library/hmac_drbg.c b/thirdparty/mbedtls/library/hmac_drbg.c
new file mode 100644
index 0000000000..24c609e9ce
--- /dev/null
+++ b/thirdparty/mbedtls/library/hmac_drbg.c
@@ -0,0 +1,534 @@
+/*
+ *  HMAC_DRBG implementation (NIST SP 800-90)
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/*
+ *  The NIST SP 800-90A DRBGs are described in the following publication.
+ *  http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf
+ *  References below are based on rev. 1 (January 2012).
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_HMAC_DRBG_C)
+
+#include "mbedtls/hmac_drbg.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_FS_IO)
+#include <stdio.h>
+#endif
+
+#if defined(MBEDTLS_SELF_TEST)
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif /* MBEDTLS_SELF_TEST */
+#endif /* MBEDTLS_PLATFORM_C */
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+/*
+ * HMAC_DRBG context initialization
+ */
+void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_hmac_drbg_context ) );
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_init( &ctx->mutex );
+#endif
+}
+
+/*
+ * HMAC_DRBG update, using optional additional data (10.1.2.2)
+ */
+void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx,
+                       const unsigned char *additional, size_t add_len )
+{
+    size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info );
+    unsigned char rounds = ( additional != NULL && add_len != 0 ) ? 2 : 1;
+    unsigned char sep[1];
+    unsigned char K[MBEDTLS_MD_MAX_SIZE];
+
+    for( sep[0] = 0; sep[0] < rounds; sep[0]++ )
+    {
+        /* Step 1 or 4 */
+        mbedtls_md_hmac_reset( &ctx->md_ctx );
+        mbedtls_md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
+        mbedtls_md_hmac_update( &ctx->md_ctx, sep, 1 );
+        if( rounds == 2 )
+            mbedtls_md_hmac_update( &ctx->md_ctx, additional, add_len );
+        mbedtls_md_hmac_finish( &ctx->md_ctx, K );
+
+        /* Step 2 or 5 */
+        mbedtls_md_hmac_starts( &ctx->md_ctx, K, md_len );
+        mbedtls_md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
+        mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V );
+    }
+}
+
+/*
+ * Simplified HMAC_DRBG initialisation (for use with deterministic ECDSA)
+ */
+int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx,
+                        const mbedtls_md_info_t * md_info,
+                        const unsigned char *data, size_t data_len )
+{
+    int ret;
+
+    if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 )
+        return( ret );
+
+    /*
+     * Set initial working state.
+     * Use the V memory location, which is currently all 0, to initialize the
+     * MD context with an all-zero key. Then set V to its initial value.
+     */
+    mbedtls_md_hmac_starts( &ctx->md_ctx, ctx->V, mbedtls_md_get_size( md_info ) );
+    memset( ctx->V, 0x01, mbedtls_md_get_size( md_info ) );
+
+    mbedtls_hmac_drbg_update( ctx, data, data_len );
+
+    return( 0 );
+}
+
+/*
+ * HMAC_DRBG reseeding: 10.1.2.4 (arabic) + 9.2 (Roman)
+ */
+int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx,
+                      const unsigned char *additional, size_t len )
+{
+    unsigned char seed[MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT];
+    size_t seedlen;
+
+    /* III. Check input length */
+    if( len > MBEDTLS_HMAC_DRBG_MAX_INPUT ||
+        ctx->entropy_len + len > MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT )
+    {
+        return( MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG );
+    }
+
+    memset( seed, 0, MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT );
+
+    /* IV. Gather entropy_len bytes of entropy for the seed */
+    if( ctx->f_entropy( ctx->p_entropy, seed, ctx->entropy_len ) != 0 )
+        return( MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED );
+
+    seedlen = ctx->entropy_len;
+
+    /* 1. Concatenate entropy and additional data if any */
+    if( additional != NULL && len != 0 )
+    {
+        memcpy( seed + seedlen, additional, len );
+        seedlen += len;
+    }
+
+    /* 2. Update state */
+    mbedtls_hmac_drbg_update( ctx, seed, seedlen );
+
+    /* 3. Reset reseed_counter */
+    ctx->reseed_counter = 1;
+
+    /* 4. Done */
+    return( 0 );
+}
+
+/*
+ * HMAC_DRBG initialisation (10.1.2.3 + 9.1)
+ */
+int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx,
+                    const mbedtls_md_info_t * md_info,
+                    int (*f_entropy)(void *, unsigned char *, size_t),
+                    void *p_entropy,
+                    const unsigned char *custom,
+                    size_t len )
+{
+    int ret;
+    size_t entropy_len, md_size;
+
+    if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 )
+        return( ret );
+
+    md_size = mbedtls_md_get_size( md_info );
+
+    /*
+     * Set initial working state.
+     * Use the V memory location, which is currently all 0, to initialize the
+     * MD context with an all-zero key. Then set V to its initial value.
+     */
+    mbedtls_md_hmac_starts( &ctx->md_ctx, ctx->V, md_size );
+    memset( ctx->V, 0x01, md_size );
+
+    ctx->f_entropy = f_entropy;
+    ctx->p_entropy = p_entropy;
+
+    ctx->reseed_interval = MBEDTLS_HMAC_DRBG_RESEED_INTERVAL;
+
+    /*
+     * See SP800-57 5.6.1 (p. 65-66) for the security strength provided by
+     * each hash function, then according to SP800-90A rev1 10.1 table 2,
+     * min_entropy_len (in bits) is security_strength.
+     *
+     * (This also matches the sizes used in the NIST test vectors.)
+     */
+    entropy_len = md_size <= 20 ? 16 : /* 160-bits hash -> 128 bits */
+                  md_size <= 28 ? 24 : /* 224-bits hash -> 192 bits */
+                                  32;  /* better (256+) -> 256 bits */
+
+    /*
+     * For initialisation, use more entropy to emulate a nonce
+     * (Again, matches test vectors.)
+     */
+    ctx->entropy_len = entropy_len * 3 / 2;
+
+    if( ( ret = mbedtls_hmac_drbg_reseed( ctx, custom, len ) ) != 0 )
+        return( ret );
+
+    ctx->entropy_len = entropy_len;
+
+    return( 0 );
+}
+
+/*
+ * Set prediction resistance
+ */
+void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx,
+                                          int resistance )
+{
+    ctx->prediction_resistance = resistance;
+}
+
+/*
+ * Set entropy length grabbed for reseeds
+ */
+void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx, size_t len )
+{
+    ctx->entropy_len = len;
+}
+
+/*
+ * Set reseed interval
+ */
+void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx, int interval )
+{
+    ctx->reseed_interval = interval;
+}
+
+/*
+ * HMAC_DRBG random function with optional additional data:
+ * 10.1.2.5 (arabic) + 9.3 (Roman)
+ */
+int mbedtls_hmac_drbg_random_with_add( void *p_rng,
+                               unsigned char *output, size_t out_len,
+                               const unsigned char *additional, size_t add_len )
+{
+    int ret;
+    mbedtls_hmac_drbg_context *ctx = (mbedtls_hmac_drbg_context *) p_rng;
+    size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info );
+    size_t left = out_len;
+    unsigned char *out = output;
+
+    /* II. Check request length */
+    if( out_len > MBEDTLS_HMAC_DRBG_MAX_REQUEST )
+        return( MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG );
+
+    /* III. Check input length */
+    if( add_len > MBEDTLS_HMAC_DRBG_MAX_INPUT )
+        return( MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG );
+
+    /* 1. (aka VII and IX) Check reseed counter and PR */
+    if( ctx->f_entropy != NULL && /* For no-reseeding instances */
+        ( ctx->prediction_resistance == MBEDTLS_HMAC_DRBG_PR_ON ||
+          ctx->reseed_counter > ctx->reseed_interval ) )
+    {
+        if( ( ret = mbedtls_hmac_drbg_reseed( ctx, additional, add_len ) ) != 0 )
+            return( ret );
+
+        add_len = 0; /* VII.4 */
+    }
+
+    /* 2. Use additional data if any */
+    if( additional != NULL && add_len != 0 )
+        mbedtls_hmac_drbg_update( ctx, additional, add_len );
+
+    /* 3, 4, 5. Generate bytes */
+    while( left != 0 )
+    {
+        size_t use_len = left > md_len ? md_len : left;
+
+        mbedtls_md_hmac_reset( &ctx->md_ctx );
+        mbedtls_md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
+        mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V );
+
+        memcpy( out, ctx->V, use_len );
+        out += use_len;
+        left -= use_len;
+    }
+
+    /* 6. Update */
+    mbedtls_hmac_drbg_update( ctx, additional, add_len );
+
+    /* 7. Update reseed counter */
+    ctx->reseed_counter++;
+
+    /* 8. Done */
+    return( 0 );
+}
+
+/*
+ * HMAC_DRBG random function
+ */
+int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len )
+{
+    int ret;
+    mbedtls_hmac_drbg_context *ctx = (mbedtls_hmac_drbg_context *) p_rng;
+
+#if defined(MBEDTLS_THREADING_C)
+    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
+        return( ret );
+#endif
+
+    ret = mbedtls_hmac_drbg_random_with_add( ctx, output, out_len, NULL, 0 );
+
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
+        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
+#endif
+
+    return( ret );
+}
+
+/*
+ * Free an HMAC_DRBG context
+ */
+void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_free( &ctx->mutex );
+#endif
+    mbedtls_md_free( &ctx->md_ctx );
+    mbedtls_zeroize( ctx, sizeof( mbedtls_hmac_drbg_context ) );
+}
+
+#if defined(MBEDTLS_FS_IO)
+int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path )
+{
+    int ret;
+    FILE *f;
+    unsigned char buf[ MBEDTLS_HMAC_DRBG_MAX_INPUT ];
+
+    if( ( f = fopen( path, "wb" ) ) == NULL )
+        return( MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR );
+
+    if( ( ret = mbedtls_hmac_drbg_random( ctx, buf, sizeof( buf ) ) ) != 0 )
+        goto exit;
+
+    if( fwrite( buf, 1, sizeof( buf ), f ) != sizeof( buf ) )
+    {
+        ret = MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR;
+        goto exit;
+    }
+
+    ret = 0;
+
+exit:
+    fclose( f );
+    mbedtls_zeroize( buf, sizeof( buf ) );
+
+    return( ret );
+}
+
+int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path )
+{
+    int ret = 0;
+    FILE *f;
+    size_t n;
+    unsigned char buf[ MBEDTLS_HMAC_DRBG_MAX_INPUT ];
+
+    if( ( f = fopen( path, "rb" ) ) == NULL )
+        return( MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR );
+
+    fseek( f, 0, SEEK_END );
+    n = (size_t) ftell( f );
+    fseek( f, 0, SEEK_SET );
+
+    if( n > MBEDTLS_HMAC_DRBG_MAX_INPUT )
+    {
+        fclose( f );
+        return( MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG );
+    }
+
+    if( fread( buf, 1, n, f ) != n )
+        ret = MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR;
+    else
+        mbedtls_hmac_drbg_update( ctx, buf, n );
+
+    fclose( f );
+
+    mbedtls_zeroize( buf, sizeof( buf ) );
+
+    if( ret != 0 )
+        return( ret );
+
+    return( mbedtls_hmac_drbg_write_seed_file( ctx, path ) );
+}
+#endif /* MBEDTLS_FS_IO */
+
+
+#if defined(MBEDTLS_SELF_TEST)
+
+#if !defined(MBEDTLS_SHA1_C)
+/* Dummy checkup routine */
+int mbedtls_hmac_drbg_self_test( int verbose )
+{
+    (void) verbose;
+    return( 0 );
+}
+#else
+
+#define OUTPUT_LEN  80
+
+/* From a NIST PR=true test vector */
+static const unsigned char entropy_pr[] = {
+    0xa0, 0xc9, 0xab, 0x58, 0xf1, 0xe2, 0xe5, 0xa4, 0xde, 0x3e, 0xbd, 0x4f,
+    0xf7, 0x3e, 0x9c, 0x5b, 0x64, 0xef, 0xd8, 0xca, 0x02, 0x8c, 0xf8, 0x11,
+    0x48, 0xa5, 0x84, 0xfe, 0x69, 0xab, 0x5a, 0xee, 0x42, 0xaa, 0x4d, 0x42,
+    0x17, 0x60, 0x99, 0xd4, 0x5e, 0x13, 0x97, 0xdc, 0x40, 0x4d, 0x86, 0xa3,
+    0x7b, 0xf5, 0x59, 0x54, 0x75, 0x69, 0x51, 0xe4 };
+static const unsigned char result_pr[OUTPUT_LEN] = {
+    0x9a, 0x00, 0xa2, 0xd0, 0x0e, 0xd5, 0x9b, 0xfe, 0x31, 0xec, 0xb1, 0x39,
+    0x9b, 0x60, 0x81, 0x48, 0xd1, 0x96, 0x9d, 0x25, 0x0d, 0x3c, 0x1e, 0x94,
+    0x10, 0x10, 0x98, 0x12, 0x93, 0x25, 0xca, 0xb8, 0xfc, 0xcc, 0x2d, 0x54,
+    0x73, 0x19, 0x70, 0xc0, 0x10, 0x7a, 0xa4, 0x89, 0x25, 0x19, 0x95, 0x5e,
+    0x4b, 0xc6, 0x00, 0x1d, 0x7f, 0x4e, 0x6a, 0x2b, 0xf8, 0xa3, 0x01, 0xab,
+    0x46, 0x05, 0x5c, 0x09, 0xa6, 0x71, 0x88, 0xf1, 0xa7, 0x40, 0xee, 0xf3,
+    0xe1, 0x5c, 0x02, 0x9b, 0x44, 0xaf, 0x03, 0x44 };
+
+/* From a NIST PR=false test vector */
+static const unsigned char entropy_nopr[] = {
+    0x79, 0x34, 0x9b, 0xbf, 0x7c, 0xdd, 0xa5, 0x79, 0x95, 0x57, 0x86, 0x66,
+    0x21, 0xc9, 0x13, 0x83, 0x11, 0x46, 0x73, 0x3a, 0xbf, 0x8c, 0x35, 0xc8,
+    0xc7, 0x21, 0x5b, 0x5b, 0x96, 0xc4, 0x8e, 0x9b, 0x33, 0x8c, 0x74, 0xe3,
+    0xe9, 0x9d, 0xfe, 0xdf };
+static const unsigned char result_nopr[OUTPUT_LEN] = {
+    0xc6, 0xa1, 0x6a, 0xb8, 0xd4, 0x20, 0x70, 0x6f, 0x0f, 0x34, 0xab, 0x7f,
+    0xec, 0x5a, 0xdc, 0xa9, 0xd8, 0xca, 0x3a, 0x13, 0x3e, 0x15, 0x9c, 0xa6,
+    0xac, 0x43, 0xc6, 0xf8, 0xa2, 0xbe, 0x22, 0x83, 0x4a, 0x4c, 0x0a, 0x0a,
+    0xff, 0xb1, 0x0d, 0x71, 0x94, 0xf1, 0xc1, 0xa5, 0xcf, 0x73, 0x22, 0xec,
+    0x1a, 0xe0, 0x96, 0x4e, 0xd4, 0xbf, 0x12, 0x27, 0x46, 0xe0, 0x87, 0xfd,
+    0xb5, 0xb3, 0xe9, 0x1b, 0x34, 0x93, 0xd5, 0xbb, 0x98, 0xfa, 0xed, 0x49,
+    0xe8, 0x5f, 0x13, 0x0f, 0xc8, 0xa4, 0x59, 0xb7 };
+
+/* "Entropy" from buffer */
+static size_t test_offset;
+static int hmac_drbg_self_test_entropy( void *data,
+                                        unsigned char *buf, size_t len )
+{
+    const unsigned char *p = data;
+    memcpy( buf, p + test_offset, len );
+    test_offset += len;
+    return( 0 );
+}
+
+#define CHK( c )    if( (c) != 0 )                          \
+                    {                                       \
+                        if( verbose != 0 )                  \
+                            mbedtls_printf( "failed\n" );  \
+                        return( 1 );                        \
+                    }
+
+/*
+ * Checkup routine for HMAC_DRBG with SHA-1
+ */
+int mbedtls_hmac_drbg_self_test( int verbose )
+{
+    mbedtls_hmac_drbg_context ctx;
+    unsigned char buf[OUTPUT_LEN];
+    const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
+
+    mbedtls_hmac_drbg_init( &ctx );
+
+    /*
+     * PR = True
+     */
+    if( verbose != 0 )
+        mbedtls_printf( "  HMAC_DRBG (PR = True) : " );
+
+    test_offset = 0;
+    CHK( mbedtls_hmac_drbg_seed( &ctx, md_info,
+                         hmac_drbg_self_test_entropy, (void *) entropy_pr,
+                         NULL, 0 ) );
+    mbedtls_hmac_drbg_set_prediction_resistance( &ctx, MBEDTLS_HMAC_DRBG_PR_ON );
+    CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
+    CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
+    CHK( memcmp( buf, result_pr, OUTPUT_LEN ) );
+    mbedtls_hmac_drbg_free( &ctx );
+
+    mbedtls_hmac_drbg_free( &ctx );
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n" );
+
+    /*
+     * PR = False
+     */
+    if( verbose != 0 )
+        mbedtls_printf( "  HMAC_DRBG (PR = False) : " );
+
+    mbedtls_hmac_drbg_init( &ctx );
+
+    test_offset = 0;
+    CHK( mbedtls_hmac_drbg_seed( &ctx, md_info,
+                         hmac_drbg_self_test_entropy, (void *) entropy_nopr,
+                         NULL, 0 ) );
+    CHK( mbedtls_hmac_drbg_reseed( &ctx, NULL, 0 ) );
+    CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
+    CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
+    CHK( memcmp( buf, result_nopr, OUTPUT_LEN ) );
+    mbedtls_hmac_drbg_free( &ctx );
+
+    mbedtls_hmac_drbg_free( &ctx );
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n" );
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_HMAC_DRBG_C */
diff --git a/thirdparty/mbedtls/library/md.c b/thirdparty/mbedtls/library/md.c
new file mode 100644
index 0000000000..00249af78b
--- /dev/null
+++ b/thirdparty/mbedtls/library/md.c
@@ -0,0 +1,478 @@
+/**
+ * \file mbedtls_md.c
+ *
+ * \brief Generic message digest wrapper for mbed TLS
+ *
+ * \author Adriaan de Jong <dejong@fox-it.com>
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_MD_C)
+
+#include "mbedtls/md.h"
+#include "mbedtls/md_internal.h"
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define mbedtls_calloc    calloc
+#define mbedtls_free       free
+#endif
+
+#include <string.h>
+
+#if defined(MBEDTLS_FS_IO)
+#include <stdio.h>
+#endif
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+/*
+ * Reminder: update profiles in x509_crt.c when adding a new hash!
+ */
+static const int supported_digests[] = {
+
+#if defined(MBEDTLS_SHA512_C)
+        MBEDTLS_MD_SHA512,
+        MBEDTLS_MD_SHA384,
+#endif
+
+#if defined(MBEDTLS_SHA256_C)
+        MBEDTLS_MD_SHA256,
+        MBEDTLS_MD_SHA224,
+#endif
+
+#if defined(MBEDTLS_SHA1_C)
+        MBEDTLS_MD_SHA1,
+#endif
+
+#if defined(MBEDTLS_RIPEMD160_C)
+        MBEDTLS_MD_RIPEMD160,
+#endif
+
+#if defined(MBEDTLS_MD5_C)
+        MBEDTLS_MD_MD5,
+#endif
+
+#if defined(MBEDTLS_MD4_C)
+        MBEDTLS_MD_MD4,
+#endif
+
+#if defined(MBEDTLS_MD2_C)
+        MBEDTLS_MD_MD2,
+#endif
+
+        MBEDTLS_MD_NONE
+};
+
+const int *mbedtls_md_list( void )
+{
+    return( supported_digests );
+}
+
+const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name )
+{
+    if( NULL == md_name )
+        return( NULL );
+
+    /* Get the appropriate digest information */
+#if defined(MBEDTLS_MD2_C)
+    if( !strcmp( "MD2", md_name ) )
+        return mbedtls_md_info_from_type( MBEDTLS_MD_MD2 );
+#endif
+#if defined(MBEDTLS_MD4_C)
+    if( !strcmp( "MD4", md_name ) )
+        return mbedtls_md_info_from_type( MBEDTLS_MD_MD4 );
+#endif
+#if defined(MBEDTLS_MD5_C)
+    if( !strcmp( "MD5", md_name ) )
+        return mbedtls_md_info_from_type( MBEDTLS_MD_MD5 );
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+    if( !strcmp( "RIPEMD160", md_name ) )
+        return mbedtls_md_info_from_type( MBEDTLS_MD_RIPEMD160 );
+#endif
+#if defined(MBEDTLS_SHA1_C)
+    if( !strcmp( "SHA1", md_name ) || !strcmp( "SHA", md_name ) )
+        return mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
+#endif
+#if defined(MBEDTLS_SHA256_C)
+    if( !strcmp( "SHA224", md_name ) )
+        return mbedtls_md_info_from_type( MBEDTLS_MD_SHA224 );
+    if( !strcmp( "SHA256", md_name ) )
+        return mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 );
+#endif
+#if defined(MBEDTLS_SHA512_C)
+    if( !strcmp( "SHA384", md_name ) )
+        return mbedtls_md_info_from_type( MBEDTLS_MD_SHA384 );
+    if( !strcmp( "SHA512", md_name ) )
+        return mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 );
+#endif
+    return( NULL );
+}
+
+const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type )
+{
+    switch( md_type )
+    {
+#if defined(MBEDTLS_MD2_C)
+        case MBEDTLS_MD_MD2:
+            return( &mbedtls_md2_info );
+#endif
+#if defined(MBEDTLS_MD4_C)
+        case MBEDTLS_MD_MD4:
+            return( &mbedtls_md4_info );
+#endif
+#if defined(MBEDTLS_MD5_C)
+        case MBEDTLS_MD_MD5:
+            return( &mbedtls_md5_info );
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+        case MBEDTLS_MD_RIPEMD160:
+            return( &mbedtls_ripemd160_info );
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        case MBEDTLS_MD_SHA1:
+            return( &mbedtls_sha1_info );
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case MBEDTLS_MD_SHA224:
+            return( &mbedtls_sha224_info );
+        case MBEDTLS_MD_SHA256:
+            return( &mbedtls_sha256_info );
+#endif
+#if defined(MBEDTLS_SHA512_C)
+        case MBEDTLS_MD_SHA384:
+            return( &mbedtls_sha384_info );
+        case MBEDTLS_MD_SHA512:
+            return( &mbedtls_sha512_info );
+#endif
+        default:
+            return( NULL );
+    }
+}
+
+void mbedtls_md_init( mbedtls_md_context_t *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_md_context_t ) );
+}
+
+void mbedtls_md_free( mbedtls_md_context_t *ctx )
+{
+    if( ctx == NULL || ctx->md_info == NULL )
+        return;
+
+    if( ctx->md_ctx != NULL )
+        ctx->md_info->ctx_free_func( ctx->md_ctx );
+
+    if( ctx->hmac_ctx != NULL )
+    {
+        mbedtls_zeroize( ctx->hmac_ctx, 2 * ctx->md_info->block_size );
+        mbedtls_free( ctx->hmac_ctx );
+    }
+
+    mbedtls_zeroize( ctx, sizeof( mbedtls_md_context_t ) );
+}
+
+int mbedtls_md_clone( mbedtls_md_context_t *dst,
+                      const mbedtls_md_context_t *src )
+{
+    if( dst == NULL || dst->md_info == NULL ||
+        src == NULL || src->md_info == NULL ||
+        dst->md_info != src->md_info )
+    {
+        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+    }
+
+    dst->md_info->clone_func( dst->md_ctx, src->md_ctx );
+
+    return( 0 );
+}
+
+#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
+int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info )
+{
+    return mbedtls_md_setup( ctx, md_info, 1 );
+}
+#endif
+
+int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac )
+{
+    if( md_info == NULL || ctx == NULL )
+        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+    if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL )
+        return( MBEDTLS_ERR_MD_ALLOC_FAILED );
+
+    if( hmac != 0 )
+    {
+        ctx->hmac_ctx = mbedtls_calloc( 2, md_info->block_size );
+        if( ctx->hmac_ctx == NULL )
+        {
+            md_info->ctx_free_func( ctx->md_ctx );
+            return( MBEDTLS_ERR_MD_ALLOC_FAILED );
+        }
+    }
+
+    ctx->md_info = md_info;
+
+    return( 0 );
+}
+
+int mbedtls_md_starts( mbedtls_md_context_t *ctx )
+{
+    if( ctx == NULL || ctx->md_info == NULL )
+        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+    return( ctx->md_info->starts_func( ctx->md_ctx ) );
+}
+
+int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
+{
+    if( ctx == NULL || ctx->md_info == NULL )
+        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+    return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) );
+}
+
+int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output )
+{
+    if( ctx == NULL || ctx->md_info == NULL )
+        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+    return( ctx->md_info->finish_func( ctx->md_ctx, output ) );
+}
+
+int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
+            unsigned char *output )
+{
+    if( md_info == NULL )
+        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+    return( md_info->digest_func( input, ilen, output ) );
+}
+
+#if defined(MBEDTLS_FS_IO)
+int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigned char *output )
+{
+    int ret;
+    FILE *f;
+    size_t n;
+    mbedtls_md_context_t ctx;
+    unsigned char buf[1024];
+
+    if( md_info == NULL )
+        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+    if( ( f = fopen( path, "rb" ) ) == NULL )
+        return( MBEDTLS_ERR_MD_FILE_IO_ERROR );
+
+    mbedtls_md_init( &ctx );
+
+    if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 )
+        goto cleanup;
+
+    if( ( ret = md_info->starts_func( ctx.md_ctx ) ) != 0 )
+        goto cleanup;
+
+    while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
+        if( ( ret = md_info->update_func( ctx.md_ctx, buf, n ) ) != 0 )
+            goto cleanup;
+
+    if( ferror( f ) != 0 )
+        ret = MBEDTLS_ERR_MD_FILE_IO_ERROR;
+    else
+        ret = md_info->finish_func( ctx.md_ctx, output );
+
+cleanup:
+    mbedtls_zeroize( buf, sizeof( buf ) );
+    fclose( f );
+    mbedtls_md_free( &ctx );
+
+    return( ret );
+}
+#endif /* MBEDTLS_FS_IO */
+
+int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, size_t keylen )
+{
+    int ret;
+    unsigned char sum[MBEDTLS_MD_MAX_SIZE];
+    unsigned char *ipad, *opad;
+    size_t i;
+
+    if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
+        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+    if( keylen > (size_t) ctx->md_info->block_size )
+    {
+        if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
+            goto cleanup;
+        if( ( ret = ctx->md_info->update_func( ctx->md_ctx, key, keylen ) ) != 0 )
+            goto cleanup;
+        if( ( ret = ctx->md_info->finish_func( ctx->md_ctx, sum ) ) != 0 )
+            goto cleanup;
+
+        keylen = ctx->md_info->size;
+        key = sum;
+    }
+
+    ipad = (unsigned char *) ctx->hmac_ctx;
+    opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
+
+    memset( ipad, 0x36, ctx->md_info->block_size );
+    memset( opad, 0x5C, ctx->md_info->block_size );
+
+    for( i = 0; i < keylen; i++ )
+    {
+        ipad[i] = (unsigned char)( ipad[i] ^ key[i] );
+        opad[i] = (unsigned char)( opad[i] ^ key[i] );
+    }
+
+    if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
+        goto cleanup;
+    if( ( ret = ctx->md_info->update_func( ctx->md_ctx, ipad,
+                                           ctx->md_info->block_size ) ) != 0 )
+        goto cleanup;
+
+cleanup:
+    mbedtls_zeroize( sum, sizeof( sum ) );
+
+    return( ret );
+}
+
+int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
+{
+    if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
+        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+    return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) );
+}
+
+int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output )
+{
+    int ret;
+    unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
+    unsigned char *opad;
+
+    if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
+        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+    opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
+
+    if( ( ret = ctx->md_info->finish_func( ctx->md_ctx, tmp ) ) != 0 )
+        return( ret );
+    if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
+        return( ret );
+    if( ( ret = ctx->md_info->update_func( ctx->md_ctx, opad,
+                                           ctx->md_info->block_size ) ) != 0 )
+        return( ret );
+    if( ( ret = ctx->md_info->update_func( ctx->md_ctx, tmp,
+                                           ctx->md_info->size ) ) != 0 )
+        return( ret );
+    return( ctx->md_info->finish_func( ctx->md_ctx, output ) );
+}
+
+int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx )
+{
+    int ret;
+    unsigned char *ipad;
+
+    if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
+        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+    ipad = (unsigned char *) ctx->hmac_ctx;
+
+    if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
+        return( ret );
+    return( ctx->md_info->update_func( ctx->md_ctx, ipad,
+                                       ctx->md_info->block_size ) );
+}
+
+int mbedtls_md_hmac( const mbedtls_md_info_t *md_info,
+                     const unsigned char *key, size_t keylen,
+                     const unsigned char *input, size_t ilen,
+                     unsigned char *output )
+{
+    mbedtls_md_context_t ctx;
+    int ret;
+
+    if( md_info == NULL )
+        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+    mbedtls_md_init( &ctx );
+
+    if( ( ret = mbedtls_md_setup( &ctx, md_info, 1 ) ) != 0 )
+        goto cleanup;
+
+    if( ( ret = mbedtls_md_hmac_starts( &ctx, key, keylen ) ) != 0 )
+        goto cleanup;
+    if( ( ret = mbedtls_md_hmac_update( &ctx, input, ilen ) ) != 0 )
+        goto cleanup;
+    if( ( ret = mbedtls_md_hmac_finish( &ctx, output ) ) != 0 )
+        goto cleanup;
+
+cleanup:
+    mbedtls_md_free( &ctx );
+
+    return( ret );
+}
+
+int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data )
+{
+    if( ctx == NULL || ctx->md_info == NULL )
+        return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
+
+    return( ctx->md_info->process_func( ctx->md_ctx, data ) );
+}
+
+unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info )
+{
+    if( md_info == NULL )
+        return( 0 );
+
+    return md_info->size;
+}
+
+mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info )
+{
+    if( md_info == NULL )
+        return( MBEDTLS_MD_NONE );
+
+    return md_info->type;
+}
+
+const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info )
+{
+    if( md_info == NULL )
+        return( NULL );
+
+    return md_info->name;
+}
+
+#endif /* MBEDTLS_MD_C */
diff --git a/thirdparty/mbedtls/library/md2.c b/thirdparty/mbedtls/library/md2.c
new file mode 100644
index 0000000000..5028e8c586
--- /dev/null
+++ b/thirdparty/mbedtls/library/md2.c
@@ -0,0 +1,327 @@
+/*
+ *  RFC 1115/1319 compliant MD2 implementation
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ *  The MD2 algorithm was designed by Ron Rivest in 1989.
+ *
+ *  http://www.ietf.org/rfc/rfc1115.txt
+ *  http://www.ietf.org/rfc/rfc1319.txt
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_MD2_C)
+
+#include "mbedtls/md2.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_SELF_TEST)
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif /* MBEDTLS_PLATFORM_C */
+#endif /* MBEDTLS_SELF_TEST */
+
+#if !defined(MBEDTLS_MD2_ALT)
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+static const unsigned char PI_SUBST[256] =
+{
+    0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01, 0x3D, 0x36,
+    0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13, 0x62, 0xA7, 0x05, 0xF3,
+    0xC0, 0xC7, 0x73, 0x8C, 0x98, 0x93, 0x2B, 0xD9, 0xBC, 0x4C,
+    0x82, 0xCA, 0x1E, 0x9B, 0x57, 0x3C, 0xFD, 0xD4, 0xE0, 0x16,
+    0x67, 0x42, 0x6F, 0x18, 0x8A, 0x17, 0xE5, 0x12, 0xBE, 0x4E,
+    0xC4, 0xD6, 0xDA, 0x9E, 0xDE, 0x49, 0xA0, 0xFB, 0xF5, 0x8E,
+    0xBB, 0x2F, 0xEE, 0x7A, 0xA9, 0x68, 0x79, 0x91, 0x15, 0xB2,
+    0x07, 0x3F, 0x94, 0xC2, 0x10, 0x89, 0x0B, 0x22, 0x5F, 0x21,
+    0x80, 0x7F, 0x5D, 0x9A, 0x5A, 0x90, 0x32, 0x27, 0x35, 0x3E,
+    0xCC, 0xE7, 0xBF, 0xF7, 0x97, 0x03, 0xFF, 0x19, 0x30, 0xB3,
+    0x48, 0xA5, 0xB5, 0xD1, 0xD7, 0x5E, 0x92, 0x2A, 0xAC, 0x56,
+    0xAA, 0xC6, 0x4F, 0xB8, 0x38, 0xD2, 0x96, 0xA4, 0x7D, 0xB6,
+    0x76, 0xFC, 0x6B, 0xE2, 0x9C, 0x74, 0x04, 0xF1, 0x45, 0x9D,
+    0x70, 0x59, 0x64, 0x71, 0x87, 0x20, 0x86, 0x5B, 0xCF, 0x65,
+    0xE6, 0x2D, 0xA8, 0x02, 0x1B, 0x60, 0x25, 0xAD, 0xAE, 0xB0,
+    0xB9, 0xF6, 0x1C, 0x46, 0x61, 0x69, 0x34, 0x40, 0x7E, 0x0F,
+    0x55, 0x47, 0xA3, 0x23, 0xDD, 0x51, 0xAF, 0x3A, 0xC3, 0x5C,
+    0xF9, 0xCE, 0xBA, 0xC5, 0xEA, 0x26, 0x2C, 0x53, 0x0D, 0x6E,
+    0x85, 0x28, 0x84, 0x09, 0xD3, 0xDF, 0xCD, 0xF4, 0x41, 0x81,
+    0x4D, 0x52, 0x6A, 0xDC, 0x37, 0xC8, 0x6C, 0xC1, 0xAB, 0xFA,
+    0x24, 0xE1, 0x7B, 0x08, 0x0C, 0xBD, 0xB1, 0x4A, 0x78, 0x88,
+    0x95, 0x8B, 0xE3, 0x63, 0xE8, 0x6D, 0xE9, 0xCB, 0xD5, 0xFE,
+    0x3B, 0x00, 0x1D, 0x39, 0xF2, 0xEF, 0xB7, 0x0E, 0x66, 0x58,
+    0xD0, 0xE4, 0xA6, 0x77, 0x72, 0xF8, 0xEB, 0x75, 0x4B, 0x0A,
+    0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A, 0xDB, 0x99,
+    0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14
+};
+
+void mbedtls_md2_init( mbedtls_md2_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_md2_context ) );
+}
+
+void mbedtls_md2_free( mbedtls_md2_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    mbedtls_zeroize( ctx, sizeof( mbedtls_md2_context ) );
+}
+
+void mbedtls_md2_clone( mbedtls_md2_context *dst,
+                        const mbedtls_md2_context *src )
+{
+    *dst = *src;
+}
+
+/*
+ * MD2 context setup
+ */
+int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx )
+{
+    memset( ctx->cksum, 0, 16 );
+    memset( ctx->state, 0, 46 );
+    memset( ctx->buffer, 0, 16 );
+    ctx->left = 0;
+
+    return( 0 );
+}
+
+#if !defined(MBEDTLS_MD2_PROCESS_ALT)
+int mbedtls_internal_md2_process( mbedtls_md2_context *ctx )
+{
+    int i, j;
+    unsigned char t = 0;
+
+    for( i = 0; i < 16; i++ )
+    {
+        ctx->state[i + 16] = ctx->buffer[i];
+        ctx->state[i + 32] =
+            (unsigned char)( ctx->buffer[i] ^ ctx->state[i]);
+    }
+
+    for( i = 0; i < 18; i++ )
+    {
+        for( j = 0; j < 48; j++ )
+        {
+            ctx->state[j] = (unsigned char)
+               ( ctx->state[j] ^ PI_SUBST[t] );
+            t  = ctx->state[j];
+        }
+
+        t = (unsigned char)( t + i );
+    }
+
+    t = ctx->cksum[15];
+
+    for( i = 0; i < 16; i++ )
+    {
+        ctx->cksum[i] = (unsigned char)
+           ( ctx->cksum[i] ^ PI_SUBST[ctx->buffer[i] ^ t] );
+        t  = ctx->cksum[i];
+    }
+
+    return( 0 );
+}
+#endif /* !MBEDTLS_MD2_PROCESS_ALT */
+
+/*
+ * MD2 process buffer
+ */
+int mbedtls_md2_update_ret( mbedtls_md2_context *ctx,
+                            const unsigned char *input,
+                            size_t ilen )
+{
+    int ret;
+    size_t fill;
+
+    while( ilen > 0 )
+    {
+        if( ilen > 16 - ctx->left )
+            fill = 16 - ctx->left;
+        else
+            fill = ilen;
+
+        memcpy( ctx->buffer + ctx->left, input, fill );
+
+        ctx->left += fill;
+        input += fill;
+        ilen  -= fill;
+
+        if( ctx->left == 16 )
+        {
+            ctx->left = 0;
+            if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 )
+                return( ret );
+        }
+    }
+
+    return( 0 );
+}
+
+/*
+ * MD2 final digest
+ */
+int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx,
+                            unsigned char output[16] )
+{
+    int ret;
+    size_t i;
+    unsigned char x;
+
+    x = (unsigned char)( 16 - ctx->left );
+
+    for( i = ctx->left; i < 16; i++ )
+        ctx->buffer[i] = x;
+
+    if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 )
+        return( ret );
+
+    memcpy( ctx->buffer, ctx->cksum, 16 );
+    if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 )
+        return( ret );
+
+    memcpy( output, ctx->state, 16 );
+
+    return( 0 );
+}
+
+#endif /* !MBEDTLS_MD2_ALT */
+
+/*
+ * output = MD2( input buffer )
+ */
+int mbedtls_md2_ret( const unsigned char *input,
+                     size_t ilen,
+                     unsigned char output[16] )
+{
+    int ret;
+    mbedtls_md2_context ctx;
+
+    mbedtls_md2_init( &ctx );
+
+    if( ( ret = mbedtls_md2_starts_ret( &ctx ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_md2_update_ret( &ctx, input, ilen ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_md2_finish_ret( &ctx, output ) ) != 0 )
+        goto exit;
+
+exit:
+    mbedtls_md2_free( &ctx );
+
+    return( ret );
+}
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/*
+ * RFC 1319 test vectors
+ */
+static const unsigned char md2_test_str[7][81] =
+{
+    { "" },
+    { "a" },
+    { "abc" },
+    { "message digest" },
+    { "abcdefghijklmnopqrstuvwxyz" },
+    { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
+    { "12345678901234567890123456789012345678901234567890123456789012"
+      "345678901234567890" }
+};
+
+static const size_t md2_test_strlen[7] =
+{
+    0, 1, 3, 14, 26, 62, 80
+};
+
+static const unsigned char md2_test_sum[7][16] =
+{
+    { 0x83, 0x50, 0xE5, 0xA3, 0xE2, 0x4C, 0x15, 0x3D,
+      0xF2, 0x27, 0x5C, 0x9F, 0x80, 0x69, 0x27, 0x73 },
+    { 0x32, 0xEC, 0x01, 0xEC, 0x4A, 0x6D, 0xAC, 0x72,
+      0xC0, 0xAB, 0x96, 0xFB, 0x34, 0xC0, 0xB5, 0xD1 },
+    { 0xDA, 0x85, 0x3B, 0x0D, 0x3F, 0x88, 0xD9, 0x9B,
+      0x30, 0x28, 0x3A, 0x69, 0xE6, 0xDE, 0xD6, 0xBB },
+    { 0xAB, 0x4F, 0x49, 0x6B, 0xFB, 0x2A, 0x53, 0x0B,
+      0x21, 0x9F, 0xF3, 0x30, 0x31, 0xFE, 0x06, 0xB0 },
+    { 0x4E, 0x8D, 0xDF, 0xF3, 0x65, 0x02, 0x92, 0xAB,
+      0x5A, 0x41, 0x08, 0xC3, 0xAA, 0x47, 0x94, 0x0B },
+    { 0xDA, 0x33, 0xDE, 0xF2, 0xA4, 0x2D, 0xF1, 0x39,
+      0x75, 0x35, 0x28, 0x46, 0xC3, 0x03, 0x38, 0xCD },
+    { 0xD5, 0x97, 0x6F, 0x79, 0xD8, 0x3D, 0x3A, 0x0D,
+      0xC9, 0x80, 0x6C, 0x3C, 0x66, 0xF3, 0xEF, 0xD8 }
+};
+
+/*
+ * Checkup routine
+ */
+int mbedtls_md2_self_test( int verbose )
+{
+    int i, ret = 0;
+    unsigned char md2sum[16];
+
+    for( i = 0; i < 7; i++ )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "  MD2 test #%d: ", i + 1 );
+
+        ret = mbedtls_md2_ret( md2_test_str[i], md2_test_strlen[i], md2sum );
+        if( ret != 0 )
+            goto fail;
+
+        if( memcmp( md2sum, md2_test_sum[i], 16 ) != 0 )
+        {
+            ret = 1;
+            goto fail;
+        }
+
+        if( verbose != 0 )
+            mbedtls_printf( "passed\n" );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+    return( 0 );
+
+fail:
+    if( verbose != 0 )
+        mbedtls_printf( "failed\n" );
+
+    return( ret );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_MD2_C */
diff --git a/thirdparty/mbedtls/library/md4.c b/thirdparty/mbedtls/library/md4.c
new file mode 100644
index 0000000000..34a4b0e24e
--- /dev/null
+++ b/thirdparty/mbedtls/library/md4.c
@@ -0,0 +1,431 @@
+/*
+ *  RFC 1186/1320 compliant MD4 implementation
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ *  The MD4 algorithm was designed by Ron Rivest in 1990.
+ *
+ *  http://www.ietf.org/rfc/rfc1186.txt
+ *  http://www.ietf.org/rfc/rfc1320.txt
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_MD4_C)
+
+#include "mbedtls/md4.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_SELF_TEST)
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif /* MBEDTLS_PLATFORM_C */
+#endif /* MBEDTLS_SELF_TEST */
+
+#if !defined(MBEDTLS_MD4_ALT)
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+/*
+ * 32-bit integer manipulation macros (little endian)
+ */
+#ifndef GET_UINT32_LE
+#define GET_UINT32_LE(n,b,i)                            \
+{                                                       \
+    (n) = ( (uint32_t) (b)[(i)    ]       )             \
+        | ( (uint32_t) (b)[(i) + 1] <<  8 )             \
+        | ( (uint32_t) (b)[(i) + 2] << 16 )             \
+        | ( (uint32_t) (b)[(i) + 3] << 24 );            \
+}
+#endif
+
+#ifndef PUT_UINT32_LE
+#define PUT_UINT32_LE(n,b,i)                                    \
+{                                                               \
+    (b)[(i)    ] = (unsigned char) ( ( (n)       ) & 0xFF );    \
+    (b)[(i) + 1] = (unsigned char) ( ( (n) >>  8 ) & 0xFF );    \
+    (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF );    \
+    (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF );    \
+}
+#endif
+
+void mbedtls_md4_init( mbedtls_md4_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_md4_context ) );
+}
+
+void mbedtls_md4_free( mbedtls_md4_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    mbedtls_zeroize( ctx, sizeof( mbedtls_md4_context ) );
+}
+
+void mbedtls_md4_clone( mbedtls_md4_context *dst,
+                        const mbedtls_md4_context *src )
+{
+    *dst = *src;
+}
+
+/*
+ * MD4 context setup
+ */
+int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx )
+{
+    ctx->total[0] = 0;
+    ctx->total[1] = 0;
+
+    ctx->state[0] = 0x67452301;
+    ctx->state[1] = 0xEFCDAB89;
+    ctx->state[2] = 0x98BADCFE;
+    ctx->state[3] = 0x10325476;
+
+    return( 0 );
+}
+
+#if !defined(MBEDTLS_MD4_PROCESS_ALT)
+int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
+                                  const unsigned char data[64] )
+{
+    uint32_t X[16], A, B, C, D;
+
+    GET_UINT32_LE( X[ 0], data,  0 );
+    GET_UINT32_LE( X[ 1], data,  4 );
+    GET_UINT32_LE( X[ 2], data,  8 );
+    GET_UINT32_LE( X[ 3], data, 12 );
+    GET_UINT32_LE( X[ 4], data, 16 );
+    GET_UINT32_LE( X[ 5], data, 20 );
+    GET_UINT32_LE( X[ 6], data, 24 );
+    GET_UINT32_LE( X[ 7], data, 28 );
+    GET_UINT32_LE( X[ 8], data, 32 );
+    GET_UINT32_LE( X[ 9], data, 36 );
+    GET_UINT32_LE( X[10], data, 40 );
+    GET_UINT32_LE( X[11], data, 44 );
+    GET_UINT32_LE( X[12], data, 48 );
+    GET_UINT32_LE( X[13], data, 52 );
+    GET_UINT32_LE( X[14], data, 56 );
+    GET_UINT32_LE( X[15], data, 60 );
+
+#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
+
+    A = ctx->state[0];
+    B = ctx->state[1];
+    C = ctx->state[2];
+    D = ctx->state[3];
+
+#define F(x, y, z) ((x & y) | ((~x) & z))
+#define P(a,b,c,d,x,s) { a += F(b,c,d) + x; a = S(a,s); }
+
+    P( A, B, C, D, X[ 0],  3 );
+    P( D, A, B, C, X[ 1],  7 );
+    P( C, D, A, B, X[ 2], 11 );
+    P( B, C, D, A, X[ 3], 19 );
+    P( A, B, C, D, X[ 4],  3 );
+    P( D, A, B, C, X[ 5],  7 );
+    P( C, D, A, B, X[ 6], 11 );
+    P( B, C, D, A, X[ 7], 19 );
+    P( A, B, C, D, X[ 8],  3 );
+    P( D, A, B, C, X[ 9],  7 );
+    P( C, D, A, B, X[10], 11 );
+    P( B, C, D, A, X[11], 19 );
+    P( A, B, C, D, X[12],  3 );
+    P( D, A, B, C, X[13],  7 );
+    P( C, D, A, B, X[14], 11 );
+    P( B, C, D, A, X[15], 19 );
+
+#undef P
+#undef F
+
+#define F(x,y,z) ((x & y) | (x & z) | (y & z))
+#define P(a,b,c,d,x,s) { a += F(b,c,d) + x + 0x5A827999; a = S(a,s); }
+
+    P( A, B, C, D, X[ 0],  3 );
+    P( D, A, B, C, X[ 4],  5 );
+    P( C, D, A, B, X[ 8],  9 );
+    P( B, C, D, A, X[12], 13 );
+    P( A, B, C, D, X[ 1],  3 );
+    P( D, A, B, C, X[ 5],  5 );
+    P( C, D, A, B, X[ 9],  9 );
+    P( B, C, D, A, X[13], 13 );
+    P( A, B, C, D, X[ 2],  3 );
+    P( D, A, B, C, X[ 6],  5 );
+    P( C, D, A, B, X[10],  9 );
+    P( B, C, D, A, X[14], 13 );
+    P( A, B, C, D, X[ 3],  3 );
+    P( D, A, B, C, X[ 7],  5 );
+    P( C, D, A, B, X[11],  9 );
+    P( B, C, D, A, X[15], 13 );
+
+#undef P
+#undef F
+
+#define F(x,y,z) (x ^ y ^ z)
+#define P(a,b,c,d,x,s) { a += F(b,c,d) + x + 0x6ED9EBA1; a = S(a,s); }
+
+    P( A, B, C, D, X[ 0],  3 );
+    P( D, A, B, C, X[ 8],  9 );
+    P( C, D, A, B, X[ 4], 11 );
+    P( B, C, D, A, X[12], 15 );
+    P( A, B, C, D, X[ 2],  3 );
+    P( D, A, B, C, X[10],  9 );
+    P( C, D, A, B, X[ 6], 11 );
+    P( B, C, D, A, X[14], 15 );
+    P( A, B, C, D, X[ 1],  3 );
+    P( D, A, B, C, X[ 9],  9 );
+    P( C, D, A, B, X[ 5], 11 );
+    P( B, C, D, A, X[13], 15 );
+    P( A, B, C, D, X[ 3],  3 );
+    P( D, A, B, C, X[11],  9 );
+    P( C, D, A, B, X[ 7], 11 );
+    P( B, C, D, A, X[15], 15 );
+
+#undef F
+#undef P
+
+    ctx->state[0] += A;
+    ctx->state[1] += B;
+    ctx->state[2] += C;
+    ctx->state[3] += D;
+
+    return( 0 );
+}
+#endif /* !MBEDTLS_MD4_PROCESS_ALT */
+
+/*
+ * MD4 process buffer
+ */
+int mbedtls_md4_update_ret( mbedtls_md4_context *ctx,
+                            const unsigned char *input,
+                            size_t ilen )
+{
+    int ret;
+    size_t fill;
+    uint32_t left;
+
+    if( ilen == 0 )
+        return( 0 );
+
+    left = ctx->total[0] & 0x3F;
+    fill = 64 - left;
+
+    ctx->total[0] += (uint32_t) ilen;
+    ctx->total[0] &= 0xFFFFFFFF;
+
+    if( ctx->total[0] < (uint32_t) ilen )
+        ctx->total[1]++;
+
+    if( left && ilen >= fill )
+    {
+        memcpy( (void *) (ctx->buffer + left),
+                (void *) input, fill );
+
+        if( ( ret = mbedtls_internal_md4_process( ctx, ctx->buffer ) ) != 0 )
+            return( ret );
+
+        input += fill;
+        ilen  -= fill;
+        left = 0;
+    }
+
+    while( ilen >= 64 )
+    {
+        if( ( ret = mbedtls_internal_md4_process( ctx, input ) ) != 0 )
+            return( ret );
+
+        input += 64;
+        ilen  -= 64;
+    }
+
+    if( ilen > 0 )
+    {
+        memcpy( (void *) (ctx->buffer + left),
+                (void *) input, ilen );
+    }
+
+    return( 0 );
+}
+
+static const unsigned char md4_padding[64] =
+{
+ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+/*
+ * MD4 final digest
+ */
+int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx,
+                            unsigned char output[16] )
+{
+    int ret;
+    uint32_t last, padn;
+    uint32_t high, low;
+    unsigned char msglen[8];
+
+    high = ( ctx->total[0] >> 29 )
+         | ( ctx->total[1] <<  3 );
+    low  = ( ctx->total[0] <<  3 );
+
+    PUT_UINT32_LE( low,  msglen, 0 );
+    PUT_UINT32_LE( high, msglen, 4 );
+
+    last = ctx->total[0] & 0x3F;
+    padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
+
+    ret = mbedtls_md4_update_ret( ctx, (unsigned char *)md4_padding, padn );
+    if( ret != 0 )
+        return( ret );
+
+    if( ( ret = mbedtls_md4_update_ret( ctx, msglen, 8 ) ) != 0 )
+        return( ret );
+
+
+    PUT_UINT32_LE( ctx->state[0], output,  0 );
+    PUT_UINT32_LE( ctx->state[1], output,  4 );
+    PUT_UINT32_LE( ctx->state[2], output,  8 );
+    PUT_UINT32_LE( ctx->state[3], output, 12 );
+
+    return( 0 );
+}
+
+#endif /* !MBEDTLS_MD4_ALT */
+
+/*
+ * output = MD4( input buffer )
+ */
+int mbedtls_md4_ret( const unsigned char *input,
+                     size_t ilen,
+                     unsigned char output[16] )
+{
+    int ret;
+    mbedtls_md4_context ctx;
+
+    mbedtls_md4_init( &ctx );
+
+    if( ( ret = mbedtls_md4_starts_ret( &ctx ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_md4_update_ret( &ctx, input, ilen ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_md4_finish_ret( &ctx, output ) ) != 0 )
+        goto exit;
+
+exit:
+    mbedtls_md4_free( &ctx );
+
+    return( ret );
+}
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/*
+ * RFC 1320 test vectors
+ */
+static const unsigned char md4_test_str[7][81] =
+{
+    { "" },
+    { "a" },
+    { "abc" },
+    { "message digest" },
+    { "abcdefghijklmnopqrstuvwxyz" },
+    { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
+    { "12345678901234567890123456789012345678901234567890123456789012"
+      "345678901234567890" }
+};
+
+static const size_t md4_test_strlen[7] =
+{
+    0, 1, 3, 14, 26, 62, 80
+};
+
+static const unsigned char md4_test_sum[7][16] =
+{
+    { 0x31, 0xD6, 0xCF, 0xE0, 0xD1, 0x6A, 0xE9, 0x31,
+      0xB7, 0x3C, 0x59, 0xD7, 0xE0, 0xC0, 0x89, 0xC0 },
+    { 0xBD, 0xE5, 0x2C, 0xB3, 0x1D, 0xE3, 0x3E, 0x46,
+      0x24, 0x5E, 0x05, 0xFB, 0xDB, 0xD6, 0xFB, 0x24 },
+    { 0xA4, 0x48, 0x01, 0x7A, 0xAF, 0x21, 0xD8, 0x52,
+      0x5F, 0xC1, 0x0A, 0xE8, 0x7A, 0xA6, 0x72, 0x9D },
+    { 0xD9, 0x13, 0x0A, 0x81, 0x64, 0x54, 0x9F, 0xE8,
+      0x18, 0x87, 0x48, 0x06, 0xE1, 0xC7, 0x01, 0x4B },
+    { 0xD7, 0x9E, 0x1C, 0x30, 0x8A, 0xA5, 0xBB, 0xCD,
+      0xEE, 0xA8, 0xED, 0x63, 0xDF, 0x41, 0x2D, 0xA9 },
+    { 0x04, 0x3F, 0x85, 0x82, 0xF2, 0x41, 0xDB, 0x35,
+      0x1C, 0xE6, 0x27, 0xE1, 0x53, 0xE7, 0xF0, 0xE4 },
+    { 0xE3, 0x3B, 0x4D, 0xDC, 0x9C, 0x38, 0xF2, 0x19,
+      0x9C, 0x3E, 0x7B, 0x16, 0x4F, 0xCC, 0x05, 0x36 }
+};
+
+/*
+ * Checkup routine
+ */
+int mbedtls_md4_self_test( int verbose )
+{
+    int i, ret = 0;
+    unsigned char md4sum[16];
+
+    for( i = 0; i < 7; i++ )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "  MD4 test #%d: ", i + 1 );
+
+        ret = mbedtls_md4_ret( md4_test_str[i], md4_test_strlen[i], md4sum );
+        if( ret != 0 )
+            goto fail;
+
+        if( memcmp( md4sum, md4_test_sum[i], 16 ) != 0 )
+        {
+            ret = 1;
+            goto fail;
+        }
+
+        if( verbose != 0 )
+            mbedtls_printf( "passed\n" );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+    return( 0 );
+
+fail:
+    if( verbose != 0 )
+        mbedtls_printf( "failed\n" );
+
+    return( ret );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_MD4_C */
diff --git a/thirdparty/mbedtls/library/md5.c b/thirdparty/mbedtls/library/md5.c
new file mode 100644
index 0000000000..8872dc467d
--- /dev/null
+++ b/thirdparty/mbedtls/library/md5.c
@@ -0,0 +1,444 @@
+/*
+ *  RFC 1321 compliant MD5 implementation
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ *  The MD5 algorithm was designed by Ron Rivest in 1991.
+ *
+ *  http://www.ietf.org/rfc/rfc1321.txt
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_MD5_C)
+
+#include "mbedtls/md5.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_SELF_TEST)
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif /* MBEDTLS_PLATFORM_C */
+#endif /* MBEDTLS_SELF_TEST */
+
+#if !defined(MBEDTLS_MD5_ALT)
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+/*
+ * 32-bit integer manipulation macros (little endian)
+ */
+#ifndef GET_UINT32_LE
+#define GET_UINT32_LE(n,b,i)                            \
+{                                                       \
+    (n) = ( (uint32_t) (b)[(i)    ]       )             \
+        | ( (uint32_t) (b)[(i) + 1] <<  8 )             \
+        | ( (uint32_t) (b)[(i) + 2] << 16 )             \
+        | ( (uint32_t) (b)[(i) + 3] << 24 );            \
+}
+#endif
+
+#ifndef PUT_UINT32_LE
+#define PUT_UINT32_LE(n,b,i)                                    \
+{                                                               \
+    (b)[(i)    ] = (unsigned char) ( ( (n)       ) & 0xFF );    \
+    (b)[(i) + 1] = (unsigned char) ( ( (n) >>  8 ) & 0xFF );    \
+    (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF );    \
+    (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF );    \
+}
+#endif
+
+void mbedtls_md5_init( mbedtls_md5_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_md5_context ) );
+}
+
+void mbedtls_md5_free( mbedtls_md5_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    mbedtls_zeroize( ctx, sizeof( mbedtls_md5_context ) );
+}
+
+void mbedtls_md5_clone( mbedtls_md5_context *dst,
+                        const mbedtls_md5_context *src )
+{
+    *dst = *src;
+}
+
+/*
+ * MD5 context setup
+ */
+int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx )
+{
+    ctx->total[0] = 0;
+    ctx->total[1] = 0;
+
+    ctx->state[0] = 0x67452301;
+    ctx->state[1] = 0xEFCDAB89;
+    ctx->state[2] = 0x98BADCFE;
+    ctx->state[3] = 0x10325476;
+
+    return( 0 );
+}
+
+#if !defined(MBEDTLS_MD5_PROCESS_ALT)
+int mbedtls_internal_md5_process( mbedtls_md5_context *ctx,
+                                  const unsigned char data[64] )
+{
+    uint32_t X[16], A, B, C, D;
+
+    GET_UINT32_LE( X[ 0], data,  0 );
+    GET_UINT32_LE( X[ 1], data,  4 );
+    GET_UINT32_LE( X[ 2], data,  8 );
+    GET_UINT32_LE( X[ 3], data, 12 );
+    GET_UINT32_LE( X[ 4], data, 16 );
+    GET_UINT32_LE( X[ 5], data, 20 );
+    GET_UINT32_LE( X[ 6], data, 24 );
+    GET_UINT32_LE( X[ 7], data, 28 );
+    GET_UINT32_LE( X[ 8], data, 32 );
+    GET_UINT32_LE( X[ 9], data, 36 );
+    GET_UINT32_LE( X[10], data, 40 );
+    GET_UINT32_LE( X[11], data, 44 );
+    GET_UINT32_LE( X[12], data, 48 );
+    GET_UINT32_LE( X[13], data, 52 );
+    GET_UINT32_LE( X[14], data, 56 );
+    GET_UINT32_LE( X[15], data, 60 );
+
+#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
+
+#define P(a,b,c,d,k,s,t)                                \
+{                                                       \
+    a += F(b,c,d) + X[k] + t; a = S(a,s) + b;           \
+}
+
+    A = ctx->state[0];
+    B = ctx->state[1];
+    C = ctx->state[2];
+    D = ctx->state[3];
+
+#define F(x,y,z) (z ^ (x & (y ^ z)))
+
+    P( A, B, C, D,  0,  7, 0xD76AA478 );
+    P( D, A, B, C,  1, 12, 0xE8C7B756 );
+    P( C, D, A, B,  2, 17, 0x242070DB );
+    P( B, C, D, A,  3, 22, 0xC1BDCEEE );
+    P( A, B, C, D,  4,  7, 0xF57C0FAF );
+    P( D, A, B, C,  5, 12, 0x4787C62A );
+    P( C, D, A, B,  6, 17, 0xA8304613 );
+    P( B, C, D, A,  7, 22, 0xFD469501 );
+    P( A, B, C, D,  8,  7, 0x698098D8 );
+    P( D, A, B, C,  9, 12, 0x8B44F7AF );
+    P( C, D, A, B, 10, 17, 0xFFFF5BB1 );
+    P( B, C, D, A, 11, 22, 0x895CD7BE );
+    P( A, B, C, D, 12,  7, 0x6B901122 );
+    P( D, A, B, C, 13, 12, 0xFD987193 );
+    P( C, D, A, B, 14, 17, 0xA679438E );
+    P( B, C, D, A, 15, 22, 0x49B40821 );
+
+#undef F
+
+#define F(x,y,z) (y ^ (z & (x ^ y)))
+
+    P( A, B, C, D,  1,  5, 0xF61E2562 );
+    P( D, A, B, C,  6,  9, 0xC040B340 );
+    P( C, D, A, B, 11, 14, 0x265E5A51 );
+    P( B, C, D, A,  0, 20, 0xE9B6C7AA );
+    P( A, B, C, D,  5,  5, 0xD62F105D );
+    P( D, A, B, C, 10,  9, 0x02441453 );
+    P( C, D, A, B, 15, 14, 0xD8A1E681 );
+    P( B, C, D, A,  4, 20, 0xE7D3FBC8 );
+    P( A, B, C, D,  9,  5, 0x21E1CDE6 );
+    P( D, A, B, C, 14,  9, 0xC33707D6 );
+    P( C, D, A, B,  3, 14, 0xF4D50D87 );
+    P( B, C, D, A,  8, 20, 0x455A14ED );
+    P( A, B, C, D, 13,  5, 0xA9E3E905 );
+    P( D, A, B, C,  2,  9, 0xFCEFA3F8 );
+    P( C, D, A, B,  7, 14, 0x676F02D9 );
+    P( B, C, D, A, 12, 20, 0x8D2A4C8A );
+
+#undef F
+
+#define F(x,y,z) (x ^ y ^ z)
+
+    P( A, B, C, D,  5,  4, 0xFFFA3942 );
+    P( D, A, B, C,  8, 11, 0x8771F681 );
+    P( C, D, A, B, 11, 16, 0x6D9D6122 );
+    P( B, C, D, A, 14, 23, 0xFDE5380C );
+    P( A, B, C, D,  1,  4, 0xA4BEEA44 );
+    P( D, A, B, C,  4, 11, 0x4BDECFA9 );
+    P( C, D, A, B,  7, 16, 0xF6BB4B60 );
+    P( B, C, D, A, 10, 23, 0xBEBFBC70 );
+    P( A, B, C, D, 13,  4, 0x289B7EC6 );
+    P( D, A, B, C,  0, 11, 0xEAA127FA );
+    P( C, D, A, B,  3, 16, 0xD4EF3085 );
+    P( B, C, D, A,  6, 23, 0x04881D05 );
+    P( A, B, C, D,  9,  4, 0xD9D4D039 );
+    P( D, A, B, C, 12, 11, 0xE6DB99E5 );
+    P( C, D, A, B, 15, 16, 0x1FA27CF8 );
+    P( B, C, D, A,  2, 23, 0xC4AC5665 );
+
+#undef F
+
+#define F(x,y,z) (y ^ (x | ~z))
+
+    P( A, B, C, D,  0,  6, 0xF4292244 );
+    P( D, A, B, C,  7, 10, 0x432AFF97 );
+    P( C, D, A, B, 14, 15, 0xAB9423A7 );
+    P( B, C, D, A,  5, 21, 0xFC93A039 );
+    P( A, B, C, D, 12,  6, 0x655B59C3 );
+    P( D, A, B, C,  3, 10, 0x8F0CCC92 );
+    P( C, D, A, B, 10, 15, 0xFFEFF47D );
+    P( B, C, D, A,  1, 21, 0x85845DD1 );
+    P( A, B, C, D,  8,  6, 0x6FA87E4F );
+    P( D, A, B, C, 15, 10, 0xFE2CE6E0 );
+    P( C, D, A, B,  6, 15, 0xA3014314 );
+    P( B, C, D, A, 13, 21, 0x4E0811A1 );
+    P( A, B, C, D,  4,  6, 0xF7537E82 );
+    P( D, A, B, C, 11, 10, 0xBD3AF235 );
+    P( C, D, A, B,  2, 15, 0x2AD7D2BB );
+    P( B, C, D, A,  9, 21, 0xEB86D391 );
+
+#undef F
+
+    ctx->state[0] += A;
+    ctx->state[1] += B;
+    ctx->state[2] += C;
+    ctx->state[3] += D;
+
+    return( 0 );
+}
+#endif /* !MBEDTLS_MD5_PROCESS_ALT */
+
+/*
+ * MD5 process buffer
+ */
+int mbedtls_md5_update_ret( mbedtls_md5_context *ctx,
+                            const unsigned char *input,
+                            size_t ilen )
+{
+    int ret;
+    size_t fill;
+    uint32_t left;
+
+    if( ilen == 0 )
+        return( 0 );
+
+    left = ctx->total[0] & 0x3F;
+    fill = 64 - left;
+
+    ctx->total[0] += (uint32_t) ilen;
+    ctx->total[0] &= 0xFFFFFFFF;
+
+    if( ctx->total[0] < (uint32_t) ilen )
+        ctx->total[1]++;
+
+    if( left && ilen >= fill )
+    {
+        memcpy( (void *) (ctx->buffer + left), input, fill );
+        if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 )
+            return( ret );
+
+        input += fill;
+        ilen  -= fill;
+        left = 0;
+    }
+
+    while( ilen >= 64 )
+    {
+        if( ( ret = mbedtls_internal_md5_process( ctx, input ) ) != 0 )
+            return( ret );
+
+        input += 64;
+        ilen  -= 64;
+    }
+
+    if( ilen > 0 )
+    {
+        memcpy( (void *) (ctx->buffer + left), input, ilen );
+    }
+
+    return( 0 );
+}
+
+static const unsigned char md5_padding[64] =
+{
+ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+/*
+ * MD5 final digest
+ */
+int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx,
+                            unsigned char output[16] )
+{
+    int ret;
+    uint32_t last, padn;
+    uint32_t high, low;
+    unsigned char msglen[8];
+
+    high = ( ctx->total[0] >> 29 )
+         | ( ctx->total[1] <<  3 );
+    low  = ( ctx->total[0] <<  3 );
+
+    PUT_UINT32_LE( low,  msglen, 0 );
+    PUT_UINT32_LE( high, msglen, 4 );
+
+    last = ctx->total[0] & 0x3F;
+    padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
+
+    if( ( ret = mbedtls_md5_update_ret( ctx, md5_padding, padn ) ) != 0 )
+            return( ret );
+
+    if( ( ret = mbedtls_md5_update_ret( ctx, msglen, 8 ) ) != 0 )
+            return( ret );
+
+    PUT_UINT32_LE( ctx->state[0], output,  0 );
+    PUT_UINT32_LE( ctx->state[1], output,  4 );
+    PUT_UINT32_LE( ctx->state[2], output,  8 );
+    PUT_UINT32_LE( ctx->state[3], output, 12 );
+
+    return( 0 );
+}
+
+#endif /* !MBEDTLS_MD5_ALT */
+
+/*
+ * output = MD5( input buffer )
+ */
+int mbedtls_md5_ret( const unsigned char *input,
+                     size_t ilen,
+                     unsigned char output[16] )
+{
+    int ret;
+    mbedtls_md5_context ctx;
+
+    mbedtls_md5_init( &ctx );
+
+    if( ( ret = mbedtls_md5_starts_ret( &ctx ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_md5_update_ret( &ctx, input, ilen ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_md5_finish_ret( &ctx, output ) ) != 0 )
+        goto exit;
+
+exit:
+    mbedtls_md5_free( &ctx );
+
+    return( ret );
+}
+
+#if defined(MBEDTLS_SELF_TEST)
+/*
+ * RFC 1321 test vectors
+ */
+static const unsigned char md5_test_buf[7][81] =
+{
+    { "" },
+    { "a" },
+    { "abc" },
+    { "message digest" },
+    { "abcdefghijklmnopqrstuvwxyz" },
+    { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
+    { "12345678901234567890123456789012345678901234567890123456789012"
+      "345678901234567890" }
+};
+
+static const size_t md5_test_buflen[7] =
+{
+    0, 1, 3, 14, 26, 62, 80
+};
+
+static const unsigned char md5_test_sum[7][16] =
+{
+    { 0xD4, 0x1D, 0x8C, 0xD9, 0x8F, 0x00, 0xB2, 0x04,
+      0xE9, 0x80, 0x09, 0x98, 0xEC, 0xF8, 0x42, 0x7E },
+    { 0x0C, 0xC1, 0x75, 0xB9, 0xC0, 0xF1, 0xB6, 0xA8,
+      0x31, 0xC3, 0x99, 0xE2, 0x69, 0x77, 0x26, 0x61 },
+    { 0x90, 0x01, 0x50, 0x98, 0x3C, 0xD2, 0x4F, 0xB0,
+      0xD6, 0x96, 0x3F, 0x7D, 0x28, 0xE1, 0x7F, 0x72 },
+    { 0xF9, 0x6B, 0x69, 0x7D, 0x7C, 0xB7, 0x93, 0x8D,
+      0x52, 0x5A, 0x2F, 0x31, 0xAA, 0xF1, 0x61, 0xD0 },
+    { 0xC3, 0xFC, 0xD3, 0xD7, 0x61, 0x92, 0xE4, 0x00,
+      0x7D, 0xFB, 0x49, 0x6C, 0xCA, 0x67, 0xE1, 0x3B },
+    { 0xD1, 0x74, 0xAB, 0x98, 0xD2, 0x77, 0xD9, 0xF5,
+      0xA5, 0x61, 0x1C, 0x2C, 0x9F, 0x41, 0x9D, 0x9F },
+    { 0x57, 0xED, 0xF4, 0xA2, 0x2B, 0xE3, 0xC9, 0x55,
+      0xAC, 0x49, 0xDA, 0x2E, 0x21, 0x07, 0xB6, 0x7A }
+};
+
+/*
+ * Checkup routine
+ */
+int mbedtls_md5_self_test( int verbose )
+{
+    int i, ret = 0;
+    unsigned char md5sum[16];
+
+    for( i = 0; i < 7; i++ )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "  MD5 test #%d: ", i + 1 );
+
+        ret = mbedtls_md5_ret( md5_test_buf[i], md5_test_buflen[i], md5sum );
+        if( ret != 0 )
+            goto fail;
+
+        if( memcmp( md5sum, md5_test_sum[i], 16 ) != 0 )
+        {
+            ret = 1;
+            goto fail;
+        }
+
+        if( verbose != 0 )
+            mbedtls_printf( "passed\n" );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+    return( 0 );
+
+fail:
+    if( verbose != 0 )
+        mbedtls_printf( "failed\n" );
+
+    return( ret );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_MD5_C */
diff --git a/thirdparty/mbedtls/library/md_wrap.c b/thirdparty/mbedtls/library/md_wrap.c
new file mode 100644
index 0000000000..32f0871976
--- /dev/null
+++ b/thirdparty/mbedtls/library/md_wrap.c
@@ -0,0 +1,586 @@
+/**
+ * \file md_wrap.c
+ *
+ * \brief Generic message digest wrapper for mbed TLS
+ *
+ * \author Adriaan de Jong <dejong@fox-it.com>
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_MD_C)
+
+#include "mbedtls/md_internal.h"
+
+#if defined(MBEDTLS_MD2_C)
+#include "mbedtls/md2.h"
+#endif
+
+#if defined(MBEDTLS_MD4_C)
+#include "mbedtls/md4.h"
+#endif
+
+#if defined(MBEDTLS_MD5_C)
+#include "mbedtls/md5.h"
+#endif
+
+#if defined(MBEDTLS_RIPEMD160_C)
+#include "mbedtls/ripemd160.h"
+#endif
+
+#if defined(MBEDTLS_SHA1_C)
+#include "mbedtls/sha1.h"
+#endif
+
+#if defined(MBEDTLS_SHA256_C)
+#include "mbedtls/sha256.h"
+#endif
+
+#if defined(MBEDTLS_SHA512_C)
+#include "mbedtls/sha512.h"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define mbedtls_calloc    calloc
+#define mbedtls_free       free
+#endif
+
+#if defined(MBEDTLS_MD2_C)
+
+static int md2_starts_wrap( void *ctx )
+{
+    return( mbedtls_md2_starts_ret( (mbedtls_md2_context *) ctx ) );
+}
+
+static int md2_update_wrap( void *ctx, const unsigned char *input,
+                             size_t ilen )
+{
+    return( mbedtls_md2_update_ret( (mbedtls_md2_context *) ctx, input, ilen ) );
+}
+
+static int md2_finish_wrap( void *ctx, unsigned char *output )
+{
+    return( mbedtls_md2_finish_ret( (mbedtls_md2_context *) ctx, output ) );
+}
+
+static void *md2_ctx_alloc( void )
+{
+    void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md2_context ) );
+
+    if( ctx != NULL )
+        mbedtls_md2_init( (mbedtls_md2_context *) ctx );
+
+    return( ctx );
+}
+
+static void md2_ctx_free( void *ctx )
+{
+    mbedtls_md2_free( (mbedtls_md2_context *) ctx );
+    mbedtls_free( ctx );
+}
+
+static void md2_clone_wrap( void *dst, const void *src )
+{
+    mbedtls_md2_clone( (mbedtls_md2_context *) dst,
+                 (const mbedtls_md2_context *) src );
+}
+
+static int md2_process_wrap( void *ctx, const unsigned char *data )
+{
+    ((void) data);
+
+    return( mbedtls_internal_md2_process( (mbedtls_md2_context *) ctx ) );
+}
+
+const mbedtls_md_info_t mbedtls_md2_info = {
+    MBEDTLS_MD_MD2,
+    "MD2",
+    16,
+    16,
+    md2_starts_wrap,
+    md2_update_wrap,
+    md2_finish_wrap,
+    mbedtls_md2_ret,
+    md2_ctx_alloc,
+    md2_ctx_free,
+    md2_clone_wrap,
+    md2_process_wrap,
+};
+
+#endif /* MBEDTLS_MD2_C */
+
+#if defined(MBEDTLS_MD4_C)
+
+static int md4_starts_wrap( void *ctx )
+{
+    return( mbedtls_md4_starts_ret( (mbedtls_md4_context *) ctx ) );
+}
+
+static int md4_update_wrap( void *ctx, const unsigned char *input,
+                             size_t ilen )
+{
+    return( mbedtls_md4_update_ret( (mbedtls_md4_context *) ctx, input, ilen ) );
+}
+
+static int md4_finish_wrap( void *ctx, unsigned char *output )
+{
+    return( mbedtls_md4_finish_ret( (mbedtls_md4_context *) ctx, output ) );
+}
+
+static void *md4_ctx_alloc( void )
+{
+    void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md4_context ) );
+
+    if( ctx != NULL )
+        mbedtls_md4_init( (mbedtls_md4_context *) ctx );
+
+    return( ctx );
+}
+
+static void md4_ctx_free( void *ctx )
+{
+    mbedtls_md4_free( (mbedtls_md4_context *) ctx );
+    mbedtls_free( ctx );
+}
+
+static void md4_clone_wrap( void *dst, const void *src )
+{
+    mbedtls_md4_clone( (mbedtls_md4_context *) dst,
+                       (const mbedtls_md4_context *) src );
+}
+
+static int md4_process_wrap( void *ctx, const unsigned char *data )
+{
+    return( mbedtls_internal_md4_process( (mbedtls_md4_context *) ctx, data ) );
+}
+
+const mbedtls_md_info_t mbedtls_md4_info = {
+    MBEDTLS_MD_MD4,
+    "MD4",
+    16,
+    64,
+    md4_starts_wrap,
+    md4_update_wrap,
+    md4_finish_wrap,
+    mbedtls_md4_ret,
+    md4_ctx_alloc,
+    md4_ctx_free,
+    md4_clone_wrap,
+    md4_process_wrap,
+};
+
+#endif /* MBEDTLS_MD4_C */
+
+#if defined(MBEDTLS_MD5_C)
+
+static int md5_starts_wrap( void *ctx )
+{
+    return( mbedtls_md5_starts_ret( (mbedtls_md5_context *) ctx ) );
+}
+
+static int md5_update_wrap( void *ctx, const unsigned char *input,
+                             size_t ilen )
+{
+    return( mbedtls_md5_update_ret( (mbedtls_md5_context *) ctx, input, ilen ) );
+}
+
+static int md5_finish_wrap( void *ctx, unsigned char *output )
+{
+    return( mbedtls_md5_finish_ret( (mbedtls_md5_context *) ctx, output ) );
+}
+
+static void *md5_ctx_alloc( void )
+{
+    void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_md5_context ) );
+
+    if( ctx != NULL )
+        mbedtls_md5_init( (mbedtls_md5_context *) ctx );
+
+    return( ctx );
+}
+
+static void md5_ctx_free( void *ctx )
+{
+    mbedtls_md5_free( (mbedtls_md5_context *) ctx );
+    mbedtls_free( ctx );
+}
+
+static void md5_clone_wrap( void *dst, const void *src )
+{
+    mbedtls_md5_clone( (mbedtls_md5_context *) dst,
+                       (const mbedtls_md5_context *) src );
+}
+
+static int md5_process_wrap( void *ctx, const unsigned char *data )
+{
+    return( mbedtls_internal_md5_process( (mbedtls_md5_context *) ctx, data ) );
+}
+
+const mbedtls_md_info_t mbedtls_md5_info = {
+    MBEDTLS_MD_MD5,
+    "MD5",
+    16,
+    64,
+    md5_starts_wrap,
+    md5_update_wrap,
+    md5_finish_wrap,
+    mbedtls_md5_ret,
+    md5_ctx_alloc,
+    md5_ctx_free,
+    md5_clone_wrap,
+    md5_process_wrap,
+};
+
+#endif /* MBEDTLS_MD5_C */
+
+#if defined(MBEDTLS_RIPEMD160_C)
+
+static int ripemd160_starts_wrap( void *ctx )
+{
+    return( mbedtls_ripemd160_starts_ret( (mbedtls_ripemd160_context *) ctx ) );
+}
+
+static int ripemd160_update_wrap( void *ctx, const unsigned char *input,
+                                   size_t ilen )
+{
+    return( mbedtls_ripemd160_update_ret( (mbedtls_ripemd160_context *) ctx,
+                                          input, ilen ) );
+}
+
+static int ripemd160_finish_wrap( void *ctx, unsigned char *output )
+{
+    return( mbedtls_ripemd160_finish_ret( (mbedtls_ripemd160_context *) ctx,
+                                          output ) );
+}
+
+static void *ripemd160_ctx_alloc( void )
+{
+    void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ripemd160_context ) );
+
+    if( ctx != NULL )
+        mbedtls_ripemd160_init( (mbedtls_ripemd160_context *) ctx );
+
+    return( ctx );
+}
+
+static void ripemd160_ctx_free( void *ctx )
+{
+    mbedtls_ripemd160_free( (mbedtls_ripemd160_context *) ctx );
+    mbedtls_free( ctx );
+}
+
+static void ripemd160_clone_wrap( void *dst, const void *src )
+{
+    mbedtls_ripemd160_clone( (mbedtls_ripemd160_context *) dst,
+                       (const mbedtls_ripemd160_context *) src );
+}
+
+static int ripemd160_process_wrap( void *ctx, const unsigned char *data )
+{
+    return( mbedtls_internal_ripemd160_process(
+                                (mbedtls_ripemd160_context *) ctx, data ) );
+}
+
+const mbedtls_md_info_t mbedtls_ripemd160_info = {
+    MBEDTLS_MD_RIPEMD160,
+    "RIPEMD160",
+    20,
+    64,
+    ripemd160_starts_wrap,
+    ripemd160_update_wrap,
+    ripemd160_finish_wrap,
+    mbedtls_ripemd160_ret,
+    ripemd160_ctx_alloc,
+    ripemd160_ctx_free,
+    ripemd160_clone_wrap,
+    ripemd160_process_wrap,
+};
+
+#endif /* MBEDTLS_RIPEMD160_C */
+
+#if defined(MBEDTLS_SHA1_C)
+
+static int sha1_starts_wrap( void *ctx )
+{
+    return( mbedtls_sha1_starts_ret( (mbedtls_sha1_context *) ctx ) );
+}
+
+static int sha1_update_wrap( void *ctx, const unsigned char *input,
+                              size_t ilen )
+{
+    return( mbedtls_sha1_update_ret( (mbedtls_sha1_context *) ctx,
+                                     input, ilen ) );
+}
+
+static int sha1_finish_wrap( void *ctx, unsigned char *output )
+{
+    return( mbedtls_sha1_finish_ret( (mbedtls_sha1_context *) ctx, output ) );
+}
+
+static void *sha1_ctx_alloc( void )
+{
+    void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha1_context ) );
+
+    if( ctx != NULL )
+        mbedtls_sha1_init( (mbedtls_sha1_context *) ctx );
+
+    return( ctx );
+}
+
+static void sha1_clone_wrap( void *dst, const void *src )
+{
+    mbedtls_sha1_clone( (mbedtls_sha1_context *) dst,
+                  (const mbedtls_sha1_context *) src );
+}
+
+static void sha1_ctx_free( void *ctx )
+{
+    mbedtls_sha1_free( (mbedtls_sha1_context *) ctx );
+    mbedtls_free( ctx );
+}
+
+static int sha1_process_wrap( void *ctx, const unsigned char *data )
+{
+    return( mbedtls_internal_sha1_process( (mbedtls_sha1_context *) ctx,
+                                           data ) );
+}
+
+const mbedtls_md_info_t mbedtls_sha1_info = {
+    MBEDTLS_MD_SHA1,
+    "SHA1",
+    20,
+    64,
+    sha1_starts_wrap,
+    sha1_update_wrap,
+    sha1_finish_wrap,
+    mbedtls_sha1_ret,
+    sha1_ctx_alloc,
+    sha1_ctx_free,
+    sha1_clone_wrap,
+    sha1_process_wrap,
+};
+
+#endif /* MBEDTLS_SHA1_C */
+
+/*
+ * Wrappers for generic message digests
+ */
+#if defined(MBEDTLS_SHA256_C)
+
+static int sha224_starts_wrap( void *ctx )
+{
+    return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 1 ) );
+}
+
+static int sha224_update_wrap( void *ctx, const unsigned char *input,
+                                size_t ilen )
+{
+    return( mbedtls_sha256_update_ret( (mbedtls_sha256_context *) ctx,
+                                       input, ilen ) );
+}
+
+static int sha224_finish_wrap( void *ctx, unsigned char *output )
+{
+    return( mbedtls_sha256_finish_ret( (mbedtls_sha256_context *) ctx,
+                                       output ) );
+}
+
+static int sha224_wrap( const unsigned char *input, size_t ilen,
+                        unsigned char *output )
+{
+    return( mbedtls_sha256_ret( input, ilen, output, 1 ) );
+}
+
+static void *sha224_ctx_alloc( void )
+{
+    void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha256_context ) );
+
+    if( ctx != NULL )
+        mbedtls_sha256_init( (mbedtls_sha256_context *) ctx );
+
+    return( ctx );
+}
+
+static void sha224_ctx_free( void *ctx )
+{
+    mbedtls_sha256_free( (mbedtls_sha256_context *) ctx );
+    mbedtls_free( ctx );
+}
+
+static void sha224_clone_wrap( void *dst, const void *src )
+{
+    mbedtls_sha256_clone( (mbedtls_sha256_context *) dst,
+                    (const mbedtls_sha256_context *) src );
+}
+
+static int sha224_process_wrap( void *ctx, const unsigned char *data )
+{
+    return( mbedtls_internal_sha256_process( (mbedtls_sha256_context *) ctx,
+                                             data ) );
+}
+
+const mbedtls_md_info_t mbedtls_sha224_info = {
+    MBEDTLS_MD_SHA224,
+    "SHA224",
+    28,
+    64,
+    sha224_starts_wrap,
+    sha224_update_wrap,
+    sha224_finish_wrap,
+    sha224_wrap,
+    sha224_ctx_alloc,
+    sha224_ctx_free,
+    sha224_clone_wrap,
+    sha224_process_wrap,
+};
+
+static int sha256_starts_wrap( void *ctx )
+{
+    return( mbedtls_sha256_starts_ret( (mbedtls_sha256_context *) ctx, 0 ) );
+}
+
+static int sha256_wrap( const unsigned char *input, size_t ilen,
+                        unsigned char *output )
+{
+    return( mbedtls_sha256_ret( input, ilen, output, 0 ) );
+}
+
+const mbedtls_md_info_t mbedtls_sha256_info = {
+    MBEDTLS_MD_SHA256,
+    "SHA256",
+    32,
+    64,
+    sha256_starts_wrap,
+    sha224_update_wrap,
+    sha224_finish_wrap,
+    sha256_wrap,
+    sha224_ctx_alloc,
+    sha224_ctx_free,
+    sha224_clone_wrap,
+    sha224_process_wrap,
+};
+
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+
+static int sha384_starts_wrap( void *ctx )
+{
+    return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 1 ) );
+}
+
+static int sha384_update_wrap( void *ctx, const unsigned char *input,
+                               size_t ilen )
+{
+    return( mbedtls_sha512_update_ret( (mbedtls_sha512_context *) ctx,
+                                       input, ilen ) );
+}
+
+static int sha384_finish_wrap( void *ctx, unsigned char *output )
+{
+    return( mbedtls_sha512_finish_ret( (mbedtls_sha512_context *) ctx,
+                                       output ) );
+}
+
+static int sha384_wrap( const unsigned char *input, size_t ilen,
+                        unsigned char *output )
+{
+    return( mbedtls_sha512_ret( input, ilen, output, 1 ) );
+}
+
+static void *sha384_ctx_alloc( void )
+{
+    void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_sha512_context ) );
+
+    if( ctx != NULL )
+        mbedtls_sha512_init( (mbedtls_sha512_context *) ctx );
+
+    return( ctx );
+}
+
+static void sha384_ctx_free( void *ctx )
+{
+    mbedtls_sha512_free( (mbedtls_sha512_context *) ctx );
+    mbedtls_free( ctx );
+}
+
+static void sha384_clone_wrap( void *dst, const void *src )
+{
+    mbedtls_sha512_clone( (mbedtls_sha512_context *) dst,
+                    (const mbedtls_sha512_context *) src );
+}
+
+static int sha384_process_wrap( void *ctx, const unsigned char *data )
+{
+    return( mbedtls_internal_sha512_process( (mbedtls_sha512_context *) ctx,
+                                             data ) );
+}
+
+const mbedtls_md_info_t mbedtls_sha384_info = {
+    MBEDTLS_MD_SHA384,
+    "SHA384",
+    48,
+    128,
+    sha384_starts_wrap,
+    sha384_update_wrap,
+    sha384_finish_wrap,
+    sha384_wrap,
+    sha384_ctx_alloc,
+    sha384_ctx_free,
+    sha384_clone_wrap,
+    sha384_process_wrap,
+};
+
+static int sha512_starts_wrap( void *ctx )
+{
+    return( mbedtls_sha512_starts_ret( (mbedtls_sha512_context *) ctx, 0 ) );
+}
+
+static int sha512_wrap( const unsigned char *input, size_t ilen,
+                        unsigned char *output )
+{
+    return( mbedtls_sha512_ret( input, ilen, output, 0 ) );
+}
+
+const mbedtls_md_info_t mbedtls_sha512_info = {
+    MBEDTLS_MD_SHA512,
+    "SHA512",
+    64,
+    128,
+    sha512_starts_wrap,
+    sha384_update_wrap,
+    sha384_finish_wrap,
+    sha512_wrap,
+    sha384_ctx_alloc,
+    sha384_ctx_free,
+    sha384_clone_wrap,
+    sha384_process_wrap,
+};
+
+#endif /* MBEDTLS_SHA512_C */
+
+#endif /* MBEDTLS_MD_C */
diff --git a/thirdparty/mbedtls/library/memory_buffer_alloc.c b/thirdparty/mbedtls/library/memory_buffer_alloc.c
new file mode 100644
index 0000000000..545d5a2c32
--- /dev/null
+++ b/thirdparty/mbedtls/library/memory_buffer_alloc.c
@@ -0,0 +1,745 @@
+/*
+ *  Buffer-based memory allocator
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+#include "mbedtls/memory_buffer_alloc.h"
+
+/* No need for the header guard as MBEDTLS_MEMORY_BUFFER_ALLOC_C
+   is dependent upon MBEDTLS_PLATFORM_C */
+#include "mbedtls/platform.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_MEMORY_BACKTRACE)
+#include <execinfo.h>
+#endif
+
+#if defined(MBEDTLS_THREADING_C)
+#include "mbedtls/threading.h"
+#endif
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+#define MAGIC1       0xFF00AA55
+#define MAGIC2       0xEE119966
+#define MAX_BT 20
+
+typedef struct _memory_header memory_header;
+struct _memory_header
+{
+    size_t          magic1;
+    size_t          size;
+    size_t          alloc;
+    memory_header   *prev;
+    memory_header   *next;
+    memory_header   *prev_free;
+    memory_header   *next_free;
+#if defined(MBEDTLS_MEMORY_BACKTRACE)
+    char            **trace;
+    size_t          trace_count;
+#endif
+    size_t          magic2;
+};
+
+typedef struct
+{
+    unsigned char   *buf;
+    size_t          len;
+    memory_header   *first;
+    memory_header   *first_free;
+    int             verify;
+#if defined(MBEDTLS_MEMORY_DEBUG)
+    size_t          alloc_count;
+    size_t          free_count;
+    size_t          total_used;
+    size_t          maximum_used;
+    size_t          header_count;
+    size_t          maximum_header_count;
+#endif
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_threading_mutex_t   mutex;
+#endif
+}
+buffer_alloc_ctx;
+
+static buffer_alloc_ctx heap;
+
+#if defined(MBEDTLS_MEMORY_DEBUG)
+static void debug_header( memory_header *hdr )
+{
+#if defined(MBEDTLS_MEMORY_BACKTRACE)
+    size_t i;
+#endif
+
+    mbedtls_fprintf( stderr, "HDR:  PTR(%10zu), PREV(%10zu), NEXT(%10zu), "
+                              "ALLOC(%zu), SIZE(%10zu)\n",
+                      (size_t) hdr, (size_t) hdr->prev, (size_t) hdr->next,
+                      hdr->alloc, hdr->size );
+    mbedtls_fprintf( stderr, "      FPREV(%10zu), FNEXT(%10zu)\n",
+                      (size_t) hdr->prev_free, (size_t) hdr->next_free );
+
+#if defined(MBEDTLS_MEMORY_BACKTRACE)
+    mbedtls_fprintf( stderr, "TRACE: \n" );
+    for( i = 0; i < hdr->trace_count; i++ )
+        mbedtls_fprintf( stderr, "%s\n", hdr->trace[i] );
+    mbedtls_fprintf( stderr, "\n" );
+#endif
+}
+
+static void debug_chain()
+{
+    memory_header *cur = heap.first;
+
+    mbedtls_fprintf( stderr, "\nBlock list\n" );
+    while( cur != NULL )
+    {
+        debug_header( cur );
+        cur = cur->next;
+    }
+
+    mbedtls_fprintf( stderr, "Free list\n" );
+    cur = heap.first_free;
+
+    while( cur != NULL )
+    {
+        debug_header( cur );
+        cur = cur->next_free;
+    }
+}
+#endif /* MBEDTLS_MEMORY_DEBUG */
+
+static int verify_header( memory_header *hdr )
+{
+    if( hdr->magic1 != MAGIC1 )
+    {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        mbedtls_fprintf( stderr, "FATAL: MAGIC1 mismatch\n" );
+#endif
+        return( 1 );
+    }
+
+    if( hdr->magic2 != MAGIC2 )
+    {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        mbedtls_fprintf( stderr, "FATAL: MAGIC2 mismatch\n" );
+#endif
+        return( 1 );
+    }
+
+    if( hdr->alloc > 1 )
+    {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        mbedtls_fprintf( stderr, "FATAL: alloc has illegal value\n" );
+#endif
+        return( 1 );
+    }
+
+    if( hdr->prev != NULL && hdr->prev == hdr->next )
+    {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        mbedtls_fprintf( stderr, "FATAL: prev == next\n" );
+#endif
+        return( 1 );
+    }
+
+    if( hdr->prev_free != NULL && hdr->prev_free == hdr->next_free )
+    {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        mbedtls_fprintf( stderr, "FATAL: prev_free == next_free\n" );
+#endif
+        return( 1 );
+    }
+
+    return( 0 );
+}
+
+static int verify_chain()
+{
+    memory_header *prv = heap.first, *cur = heap.first->next;
+
+    if( verify_header( heap.first ) != 0 )
+    {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        mbedtls_fprintf( stderr, "FATAL: verification of first header "
+                                  "failed\n" );
+#endif
+        return( 1 );
+    }
+
+    if( heap.first->prev != NULL )
+    {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        mbedtls_fprintf( stderr, "FATAL: verification failed: "
+                                  "first->prev != NULL\n" );
+#endif
+        return( 1 );
+    }
+
+    while( cur != NULL )
+    {
+        if( verify_header( cur ) != 0 )
+        {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+            mbedtls_fprintf( stderr, "FATAL: verification of header "
+                                      "failed\n" );
+#endif
+            return( 1 );
+        }
+
+        if( cur->prev != prv )
+        {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+            mbedtls_fprintf( stderr, "FATAL: verification failed: "
+                                      "cur->prev != prv\n" );
+#endif
+            return( 1 );
+        }
+
+        prv = cur;
+        cur = cur->next;
+    }
+
+    return( 0 );
+}
+
+static void *buffer_alloc_calloc( size_t n, size_t size )
+{
+    memory_header *new, *cur = heap.first_free;
+    unsigned char *p;
+    void *ret;
+    size_t original_len, len;
+#if defined(MBEDTLS_MEMORY_BACKTRACE)
+    void *trace_buffer[MAX_BT];
+    size_t trace_cnt;
+#endif
+
+    if( heap.buf == NULL || heap.first == NULL )
+        return( NULL );
+
+    original_len = len = n * size;
+
+    if( n != 0 && len / n != size )
+        return( NULL );
+
+    if( len % MBEDTLS_MEMORY_ALIGN_MULTIPLE )
+    {
+        len -= len % MBEDTLS_MEMORY_ALIGN_MULTIPLE;
+        len += MBEDTLS_MEMORY_ALIGN_MULTIPLE;
+    }
+
+    // Find block that fits
+    //
+    while( cur != NULL )
+    {
+        if( cur->size >= len )
+            break;
+
+        cur = cur->next_free;
+    }
+
+    if( cur == NULL )
+        return( NULL );
+
+    if( cur->alloc != 0 )
+    {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        mbedtls_fprintf( stderr, "FATAL: block in free_list but allocated "
+                                  "data\n" );
+#endif
+        mbedtls_exit( 1 );
+    }
+
+#if defined(MBEDTLS_MEMORY_DEBUG)
+    heap.alloc_count++;
+#endif
+
+    // Found location, split block if > memory_header + 4 room left
+    //
+    if( cur->size - len < sizeof(memory_header) +
+                          MBEDTLS_MEMORY_ALIGN_MULTIPLE )
+    {
+        cur->alloc = 1;
+
+        // Remove from free_list
+        //
+        if( cur->prev_free != NULL )
+            cur->prev_free->next_free = cur->next_free;
+        else
+            heap.first_free = cur->next_free;
+
+        if( cur->next_free != NULL )
+            cur->next_free->prev_free = cur->prev_free;
+
+        cur->prev_free = NULL;
+        cur->next_free = NULL;
+
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        heap.total_used += cur->size;
+        if( heap.total_used > heap.maximum_used )
+            heap.maximum_used = heap.total_used;
+#endif
+#if defined(MBEDTLS_MEMORY_BACKTRACE)
+        trace_cnt = backtrace( trace_buffer, MAX_BT );
+        cur->trace = backtrace_symbols( trace_buffer, trace_cnt );
+        cur->trace_count = trace_cnt;
+#endif
+
+        if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 )
+            mbedtls_exit( 1 );
+
+        ret = (unsigned char *) cur + sizeof( memory_header );
+        memset( ret, 0, original_len );
+
+        return( ret );
+    }
+
+    p = ( (unsigned char *) cur ) + sizeof(memory_header) + len;
+    new = (memory_header *) p;
+
+    new->size = cur->size - len - sizeof(memory_header);
+    new->alloc = 0;
+    new->prev = cur;
+    new->next = cur->next;
+#if defined(MBEDTLS_MEMORY_BACKTRACE)
+    new->trace = NULL;
+    new->trace_count = 0;
+#endif
+    new->magic1 = MAGIC1;
+    new->magic2 = MAGIC2;
+
+    if( new->next != NULL )
+        new->next->prev = new;
+
+    // Replace cur with new in free_list
+    //
+    new->prev_free = cur->prev_free;
+    new->next_free = cur->next_free;
+    if( new->prev_free != NULL )
+        new->prev_free->next_free = new;
+    else
+        heap.first_free = new;
+
+    if( new->next_free != NULL )
+        new->next_free->prev_free = new;
+
+    cur->alloc = 1;
+    cur->size = len;
+    cur->next = new;
+    cur->prev_free = NULL;
+    cur->next_free = NULL;
+
+#if defined(MBEDTLS_MEMORY_DEBUG)
+    heap.header_count++;
+    if( heap.header_count > heap.maximum_header_count )
+        heap.maximum_header_count = heap.header_count;
+    heap.total_used += cur->size;
+    if( heap.total_used > heap.maximum_used )
+        heap.maximum_used = heap.total_used;
+#endif
+#if defined(MBEDTLS_MEMORY_BACKTRACE)
+    trace_cnt = backtrace( trace_buffer, MAX_BT );
+    cur->trace = backtrace_symbols( trace_buffer, trace_cnt );
+    cur->trace_count = trace_cnt;
+#endif
+
+    if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 )
+        mbedtls_exit( 1 );
+
+    ret = (unsigned char *) cur + sizeof( memory_header );
+    memset( ret, 0, original_len );
+
+    return( ret );
+}
+
+static void buffer_alloc_free( void *ptr )
+{
+    memory_header *hdr, *old = NULL;
+    unsigned char *p = (unsigned char *) ptr;
+
+    if( ptr == NULL || heap.buf == NULL || heap.first == NULL )
+        return;
+
+    if( p < heap.buf || p > heap.buf + heap.len )
+    {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        mbedtls_fprintf( stderr, "FATAL: mbedtls_free() outside of managed "
+                                  "space\n" );
+#endif
+        mbedtls_exit( 1 );
+    }
+
+    p -= sizeof(memory_header);
+    hdr = (memory_header *) p;
+
+    if( verify_header( hdr ) != 0 )
+        mbedtls_exit( 1 );
+
+    if( hdr->alloc != 1 )
+    {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        mbedtls_fprintf( stderr, "FATAL: mbedtls_free() on unallocated "
+                                  "data\n" );
+#endif
+        mbedtls_exit( 1 );
+    }
+
+    hdr->alloc = 0;
+
+#if defined(MBEDTLS_MEMORY_DEBUG)
+    heap.free_count++;
+    heap.total_used -= hdr->size;
+#endif
+
+#if defined(MBEDTLS_MEMORY_BACKTRACE)
+    free( hdr->trace );
+    hdr->trace = NULL;
+    hdr->trace_count = 0;
+#endif
+
+    // Regroup with block before
+    //
+    if( hdr->prev != NULL && hdr->prev->alloc == 0 )
+    {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        heap.header_count--;
+#endif
+        hdr->prev->size += sizeof(memory_header) + hdr->size;
+        hdr->prev->next = hdr->next;
+        old = hdr;
+        hdr = hdr->prev;
+
+        if( hdr->next != NULL )
+            hdr->next->prev = hdr;
+
+        memset( old, 0, sizeof(memory_header) );
+    }
+
+    // Regroup with block after
+    //
+    if( hdr->next != NULL && hdr->next->alloc == 0 )
+    {
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        heap.header_count--;
+#endif
+        hdr->size += sizeof(memory_header) + hdr->next->size;
+        old = hdr->next;
+        hdr->next = hdr->next->next;
+
+        if( hdr->prev_free != NULL || hdr->next_free != NULL )
+        {
+            if( hdr->prev_free != NULL )
+                hdr->prev_free->next_free = hdr->next_free;
+            else
+                heap.first_free = hdr->next_free;
+
+            if( hdr->next_free != NULL )
+                hdr->next_free->prev_free = hdr->prev_free;
+        }
+
+        hdr->prev_free = old->prev_free;
+        hdr->next_free = old->next_free;
+
+        if( hdr->prev_free != NULL )
+            hdr->prev_free->next_free = hdr;
+        else
+            heap.first_free = hdr;
+
+        if( hdr->next_free != NULL )
+            hdr->next_free->prev_free = hdr;
+
+        if( hdr->next != NULL )
+            hdr->next->prev = hdr;
+
+        memset( old, 0, sizeof(memory_header) );
+    }
+
+    // Prepend to free_list if we have not merged
+    // (Does not have to stay in same order as prev / next list)
+    //
+    if( old == NULL )
+    {
+        hdr->next_free = heap.first_free;
+        if( heap.first_free != NULL )
+            heap.first_free->prev_free = hdr;
+        heap.first_free = hdr;
+    }
+
+    if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_FREE ) && verify_chain() != 0 )
+        mbedtls_exit( 1 );
+}
+
+void mbedtls_memory_buffer_set_verify( int verify )
+{
+    heap.verify = verify;
+}
+
+int mbedtls_memory_buffer_alloc_verify()
+{
+    return verify_chain();
+}
+
+#if defined(MBEDTLS_MEMORY_DEBUG)
+void mbedtls_memory_buffer_alloc_status()
+{
+    mbedtls_fprintf( stderr,
+                      "Current use: %zu blocks / %zu bytes, max: %zu blocks / "
+                      "%zu bytes (total %zu bytes), alloc / free: %zu / %zu\n",
+                      heap.header_count, heap.total_used,
+                      heap.maximum_header_count, heap.maximum_used,
+                      heap.maximum_header_count * sizeof( memory_header )
+                      + heap.maximum_used,
+                      heap.alloc_count, heap.free_count );
+
+    if( heap.first->next == NULL )
+        mbedtls_fprintf( stderr, "All memory de-allocated in stack buffer\n" );
+    else
+    {
+        mbedtls_fprintf( stderr, "Memory currently allocated:\n" );
+        debug_chain();
+    }
+}
+
+void mbedtls_memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks )
+{
+    *max_used   = heap.maximum_used;
+    *max_blocks = heap.maximum_header_count;
+}
+
+void mbedtls_memory_buffer_alloc_max_reset( void )
+{
+    heap.maximum_used = 0;
+    heap.maximum_header_count = 0;
+}
+
+void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks )
+{
+    *cur_used   = heap.total_used;
+    *cur_blocks = heap.header_count;
+}
+#endif /* MBEDTLS_MEMORY_DEBUG */
+
+#if defined(MBEDTLS_THREADING_C)
+static void *buffer_alloc_calloc_mutexed( size_t n, size_t size )
+{
+    void *buf;
+    if( mbedtls_mutex_lock( &heap.mutex ) != 0 )
+        return( NULL );
+    buf = buffer_alloc_calloc( n, size );
+    if( mbedtls_mutex_unlock( &heap.mutex ) )
+        return( NULL );
+    return( buf );
+}
+
+static void buffer_alloc_free_mutexed( void *ptr )
+{
+    /* We have to good option here, but corrupting the heap seems
+     * worse than loosing memory. */
+    if( mbedtls_mutex_lock( &heap.mutex ) )
+        return;
+    buffer_alloc_free( ptr );
+    (void) mbedtls_mutex_unlock( &heap.mutex );
+}
+#endif /* MBEDTLS_THREADING_C */
+
+void mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len )
+{
+    memset( &heap, 0, sizeof(buffer_alloc_ctx) );
+    memset( buf, 0, len );
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_init( &heap.mutex );
+    mbedtls_platform_set_calloc_free( buffer_alloc_calloc_mutexed,
+                              buffer_alloc_free_mutexed );
+#else
+    mbedtls_platform_set_calloc_free( buffer_alloc_calloc, buffer_alloc_free );
+#endif
+
+    if( (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE )
+    {
+        /* Adjust len first since buf is used in the computation */
+        len -= MBEDTLS_MEMORY_ALIGN_MULTIPLE
+             - (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE;
+        buf += MBEDTLS_MEMORY_ALIGN_MULTIPLE
+             - (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE;
+    }
+
+    heap.buf = buf;
+    heap.len = len;
+
+    heap.first = (memory_header *) buf;
+    heap.first->size = len - sizeof(memory_header);
+    heap.first->magic1 = MAGIC1;
+    heap.first->magic2 = MAGIC2;
+    heap.first_free = heap.first;
+}
+
+void mbedtls_memory_buffer_alloc_free()
+{
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_free( &heap.mutex );
+#endif
+    mbedtls_zeroize( &heap, sizeof(buffer_alloc_ctx) );
+}
+
+#if defined(MBEDTLS_SELF_TEST)
+static int check_pointer( void *p )
+{
+    if( p == NULL )
+        return( -1 );
+
+    if( (size_t) p % MBEDTLS_MEMORY_ALIGN_MULTIPLE != 0 )
+        return( -1 );
+
+    return( 0 );
+}
+
+static int check_all_free( )
+{
+    if(
+#if defined(MBEDTLS_MEMORY_DEBUG)
+        heap.total_used != 0 ||
+#endif
+        heap.first != heap.first_free ||
+        (void *) heap.first != (void *) heap.buf )
+    {
+        return( -1 );
+    }
+
+    return( 0 );
+}
+
+#define TEST_ASSERT( condition )            \
+    if( ! (condition) )                     \
+    {                                       \
+        if( verbose != 0 )                  \
+            mbedtls_printf( "failed\n" );  \
+                                            \
+        ret = 1;                            \
+        goto cleanup;                       \
+    }
+
+int mbedtls_memory_buffer_alloc_self_test( int verbose )
+{
+    unsigned char buf[1024];
+    unsigned char *p, *q, *r, *end;
+    int ret = 0;
+
+    if( verbose != 0 )
+        mbedtls_printf( "  MBA test #1 (basic alloc-free cycle): " );
+
+    mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) );
+
+    p = mbedtls_calloc( 1, 1 );
+    q = mbedtls_calloc( 1, 128 );
+    r = mbedtls_calloc( 1, 16 );
+
+    TEST_ASSERT( check_pointer( p ) == 0 &&
+                 check_pointer( q ) == 0 &&
+                 check_pointer( r ) == 0 );
+
+    mbedtls_free( r );
+    mbedtls_free( q );
+    mbedtls_free( p );
+
+    TEST_ASSERT( check_all_free( ) == 0 );
+
+    /* Memorize end to compare with the next test */
+    end = heap.buf + heap.len;
+
+    mbedtls_memory_buffer_alloc_free( );
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n" );
+
+    if( verbose != 0 )
+        mbedtls_printf( "  MBA test #2 (buf not aligned): " );
+
+    mbedtls_memory_buffer_alloc_init( buf + 1, sizeof( buf ) - 1 );
+
+    TEST_ASSERT( heap.buf + heap.len == end );
+
+    p = mbedtls_calloc( 1, 1 );
+    q = mbedtls_calloc( 1, 128 );
+    r = mbedtls_calloc( 1, 16 );
+
+    TEST_ASSERT( check_pointer( p ) == 0 &&
+                 check_pointer( q ) == 0 &&
+                 check_pointer( r ) == 0 );
+
+    mbedtls_free( r );
+    mbedtls_free( q );
+    mbedtls_free( p );
+
+    TEST_ASSERT( check_all_free( ) == 0 );
+
+    mbedtls_memory_buffer_alloc_free( );
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n" );
+
+    if( verbose != 0 )
+        mbedtls_printf( "  MBA test #3 (full): " );
+
+    mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) );
+
+    p = mbedtls_calloc( 1, sizeof( buf ) - sizeof( memory_header ) );
+
+    TEST_ASSERT( check_pointer( p ) == 0 );
+    TEST_ASSERT( mbedtls_calloc( 1, 1 ) == NULL );
+
+    mbedtls_free( p );
+
+    p = mbedtls_calloc( 1, sizeof( buf ) - 2 * sizeof( memory_header ) - 16 );
+    q = mbedtls_calloc( 1, 16 );
+
+    TEST_ASSERT( check_pointer( p ) == 0 && check_pointer( q ) == 0 );
+    TEST_ASSERT( mbedtls_calloc( 1, 1 ) == NULL );
+
+    mbedtls_free( q );
+
+    TEST_ASSERT( mbedtls_calloc( 1, 17 ) == NULL );
+
+    mbedtls_free( p );
+
+    TEST_ASSERT( check_all_free( ) == 0 );
+
+    mbedtls_memory_buffer_alloc_free( );
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n" );
+
+cleanup:
+    mbedtls_memory_buffer_alloc_free( );
+
+    return( ret );
+}
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */
diff --git a/thirdparty/mbedtls/library/net_sockets.c b/thirdparty/mbedtls/library/net_sockets.c
new file mode 100644
index 0000000000..345f10227b
--- /dev/null
+++ b/thirdparty/mbedtls/library/net_sockets.c
@@ -0,0 +1,591 @@
+/*
+ *  TCP/IP or UDP/IP networking functions
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_NET_C)
+
+#if !defined(unix) && !defined(__unix__) && !defined(__unix) && \
+    !defined(__APPLE__) && !defined(_WIN32)
+#error "This module only works on Unix and Windows, see MBEDTLS_NET_C in config.h"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#endif
+
+#include "mbedtls/net_sockets.h"
+
+#include <string.h>
+
+#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \
+    !defined(EFI32)
+
+#ifdef _WIN32_WINNT
+#undef _WIN32_WINNT
+#endif
+/* Enables getaddrinfo() & Co */
+#define _WIN32_WINNT 0x0501
+#include <ws2tcpip.h>
+
+#include <winsock2.h>
+#include <windows.h>
+
+#if defined(_MSC_VER)
+#if defined(_WIN32_WCE)
+#pragma comment( lib, "ws2.lib" )
+#else
+#pragma comment( lib, "ws2_32.lib" )
+#endif
+#endif /* _MSC_VER */
+
+#define read(fd,buf,len)        recv( fd, (char*)( buf ), (int)( len ), 0 )
+#define write(fd,buf,len)       send( fd, (char*)( buf ), (int)( len ), 0 )
+#define close(fd)               closesocket(fd)
+
+static int wsa_init_done = 0;
+
+#else /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <sys/time.h>
+#include <unistd.h>
+#include <signal.h>
+#include <fcntl.h>
+#include <netdb.h>
+#include <errno.h>
+
+#endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */
+
+/* Some MS functions want int and MSVC warns if we pass size_t,
+ * but the standard functions use socklen_t, so cast only for MSVC */
+#if defined(_MSC_VER)
+#define MSVC_INT_CAST   (int)
+#else
+#define MSVC_INT_CAST
+#endif
+
+#include <stdio.h>
+
+#include <time.h>
+
+#include <stdint.h>
+
+/*
+ * Prepare for using the sockets interface
+ */
+static int net_prepare( void )
+{
+#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \
+    !defined(EFI32)
+    WSADATA wsaData;
+
+    if( wsa_init_done == 0 )
+    {
+        if( WSAStartup( MAKEWORD(2,0), &wsaData ) != 0 )
+            return( MBEDTLS_ERR_NET_SOCKET_FAILED );
+
+        wsa_init_done = 1;
+    }
+#else
+#if !defined(EFIX64) && !defined(EFI32)
+    signal( SIGPIPE, SIG_IGN );
+#endif
+#endif
+    return( 0 );
+}
+
+/*
+ * Initialize a context
+ */
+void mbedtls_net_init( mbedtls_net_context *ctx )
+{
+    ctx->fd = -1;
+}
+
+/*
+ * Initiate a TCP connection with host:port and the given protocol
+ */
+int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host,
+                         const char *port, int proto )
+{
+    int ret;
+    struct addrinfo hints, *addr_list, *cur;
+
+    if( ( ret = net_prepare() ) != 0 )
+        return( ret );
+
+    /* Do name resolution with both IPv6 and IPv4 */
+    memset( &hints, 0, sizeof( hints ) );
+    hints.ai_family = AF_UNSPEC;
+    hints.ai_socktype = proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM;
+    hints.ai_protocol = proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP;
+
+    if( getaddrinfo( host, port, &hints, &addr_list ) != 0 )
+        return( MBEDTLS_ERR_NET_UNKNOWN_HOST );
+
+    /* Try the sockaddrs until a connection succeeds */
+    ret = MBEDTLS_ERR_NET_UNKNOWN_HOST;
+    for( cur = addr_list; cur != NULL; cur = cur->ai_next )
+    {
+        ctx->fd = (int) socket( cur->ai_family, cur->ai_socktype,
+                            cur->ai_protocol );
+        if( ctx->fd < 0 )
+        {
+            ret = MBEDTLS_ERR_NET_SOCKET_FAILED;
+            continue;
+        }
+
+        if( connect( ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen ) == 0 )
+        {
+            ret = 0;
+            break;
+        }
+
+        close( ctx->fd );
+        ret = MBEDTLS_ERR_NET_CONNECT_FAILED;
+    }
+
+    freeaddrinfo( addr_list );
+
+    return( ret );
+}
+
+/*
+ * Create a listening socket on bind_ip:port
+ */
+int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto )
+{
+    int n, ret;
+    struct addrinfo hints, *addr_list, *cur;
+
+    if( ( ret = net_prepare() ) != 0 )
+        return( ret );
+
+    /* Bind to IPv6 and/or IPv4, but only in the desired protocol */
+    memset( &hints, 0, sizeof( hints ) );
+    hints.ai_family = AF_UNSPEC;
+    hints.ai_socktype = proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM;
+    hints.ai_protocol = proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP;
+    if( bind_ip == NULL )
+        hints.ai_flags = AI_PASSIVE;
+
+    if( getaddrinfo( bind_ip, port, &hints, &addr_list ) != 0 )
+        return( MBEDTLS_ERR_NET_UNKNOWN_HOST );
+
+    /* Try the sockaddrs until a binding succeeds */
+    ret = MBEDTLS_ERR_NET_UNKNOWN_HOST;
+    for( cur = addr_list; cur != NULL; cur = cur->ai_next )
+    {
+        ctx->fd = (int) socket( cur->ai_family, cur->ai_socktype,
+                            cur->ai_protocol );
+        if( ctx->fd < 0 )
+        {
+            ret = MBEDTLS_ERR_NET_SOCKET_FAILED;
+            continue;
+        }
+
+        n = 1;
+        if( setsockopt( ctx->fd, SOL_SOCKET, SO_REUSEADDR,
+                        (const char *) &n, sizeof( n ) ) != 0 )
+        {
+            close( ctx->fd );
+            ret = MBEDTLS_ERR_NET_SOCKET_FAILED;
+            continue;
+        }
+
+        if( bind( ctx->fd, cur->ai_addr, MSVC_INT_CAST cur->ai_addrlen ) != 0 )
+        {
+            close( ctx->fd );
+            ret = MBEDTLS_ERR_NET_BIND_FAILED;
+            continue;
+        }
+
+        /* Listen only makes sense for TCP */
+        if( proto == MBEDTLS_NET_PROTO_TCP )
+        {
+            if( listen( ctx->fd, MBEDTLS_NET_LISTEN_BACKLOG ) != 0 )
+            {
+                close( ctx->fd );
+                ret = MBEDTLS_ERR_NET_LISTEN_FAILED;
+                continue;
+            }
+        }
+
+        /* Bind was successful */
+        ret = 0;
+        break;
+    }
+
+    freeaddrinfo( addr_list );
+
+    return( ret );
+
+}
+
+#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \
+    !defined(EFI32)
+/*
+ * Check if the requested operation would be blocking on a non-blocking socket
+ * and thus 'failed' with a negative return value.
+ */
+static int net_would_block( const mbedtls_net_context *ctx )
+{
+    ((void) ctx);
+    return( WSAGetLastError() == WSAEWOULDBLOCK );
+}
+#else
+/*
+ * Check if the requested operation would be blocking on a non-blocking socket
+ * and thus 'failed' with a negative return value.
+ *
+ * Note: on a blocking socket this function always returns 0!
+ */
+static int net_would_block( const mbedtls_net_context *ctx )
+{
+    int err = errno;
+    
+    /*
+     * Never return 'WOULD BLOCK' on a non-blocking socket
+     */
+    if( ( fcntl( ctx->fd, F_GETFL ) & O_NONBLOCK ) != O_NONBLOCK )
+    {
+        errno = err;
+        return( 0 );
+    }
+
+    switch( errno = err )
+    {
+#if defined EAGAIN
+        case EAGAIN:
+#endif
+#if defined EWOULDBLOCK && EWOULDBLOCK != EAGAIN
+        case EWOULDBLOCK:
+#endif
+            return( 1 );
+    }
+    return( 0 );
+}
+#endif /* ( _WIN32 || _WIN32_WCE ) && !EFIX64 && !EFI32 */
+
+/*
+ * Accept a connection from a remote client
+ */
+int mbedtls_net_accept( mbedtls_net_context *bind_ctx,
+                        mbedtls_net_context *client_ctx,
+                        void *client_ip, size_t buf_size, size_t *ip_len )
+{
+    int ret;
+    int type;
+
+    struct sockaddr_storage client_addr;
+
+#if defined(__socklen_t_defined) || defined(_SOCKLEN_T) ||  \
+    defined(_SOCKLEN_T_DECLARED) || defined(__DEFINED_socklen_t)
+    socklen_t n = (socklen_t) sizeof( client_addr );
+    socklen_t type_len = (socklen_t) sizeof( type );
+#else
+    int n = (int) sizeof( client_addr );
+    int type_len = (int) sizeof( type );
+#endif
+
+    /* Is this a TCP or UDP socket? */
+    if( getsockopt( bind_ctx->fd, SOL_SOCKET, SO_TYPE,
+                    (void *) &type, &type_len ) != 0 ||
+        ( type != SOCK_STREAM && type != SOCK_DGRAM ) )
+    {
+        return( MBEDTLS_ERR_NET_ACCEPT_FAILED );
+    }
+
+    if( type == SOCK_STREAM )
+    {
+        /* TCP: actual accept() */
+        ret = client_ctx->fd = (int) accept( bind_ctx->fd,
+                                             (struct sockaddr *) &client_addr, &n );
+    }
+    else
+    {
+        /* UDP: wait for a message, but keep it in the queue */
+        char buf[1] = { 0 };
+
+        ret = (int) recvfrom( bind_ctx->fd, buf, sizeof( buf ), MSG_PEEK,
+                        (struct sockaddr *) &client_addr, &n );
+
+#if defined(_WIN32)
+        if( ret == SOCKET_ERROR &&
+            WSAGetLastError() == WSAEMSGSIZE )
+        {
+            /* We know buf is too small, thanks, just peeking here */
+            ret = 0;
+        }
+#endif
+    }
+
+    if( ret < 0 )
+    {
+        if( net_would_block( bind_ctx ) != 0 )
+            return( MBEDTLS_ERR_SSL_WANT_READ );
+
+        return( MBEDTLS_ERR_NET_ACCEPT_FAILED );
+    }
+
+    /* UDP: hijack the listening socket to communicate with the client,
+     * then bind a new socket to accept new connections */
+    if( type != SOCK_STREAM )
+    {
+        struct sockaddr_storage local_addr;
+        int one = 1;
+
+        if( connect( bind_ctx->fd, (struct sockaddr *) &client_addr, n ) != 0 )
+            return( MBEDTLS_ERR_NET_ACCEPT_FAILED );
+
+        client_ctx->fd = bind_ctx->fd;
+        bind_ctx->fd   = -1; /* In case we exit early */
+
+        n = sizeof( struct sockaddr_storage );
+        if( getsockname( client_ctx->fd,
+                         (struct sockaddr *) &local_addr, &n ) != 0 ||
+            ( bind_ctx->fd = (int) socket( local_addr.ss_family,
+                                           SOCK_DGRAM, IPPROTO_UDP ) ) < 0 ||
+            setsockopt( bind_ctx->fd, SOL_SOCKET, SO_REUSEADDR,
+                        (const char *) &one, sizeof( one ) ) != 0 )
+        {
+            return( MBEDTLS_ERR_NET_SOCKET_FAILED );
+        }
+
+        if( bind( bind_ctx->fd, (struct sockaddr *) &local_addr, n ) != 0 )
+        {
+            return( MBEDTLS_ERR_NET_BIND_FAILED );
+        }
+    }
+
+    if( client_ip != NULL )
+    {
+        if( client_addr.ss_family == AF_INET )
+        {
+            struct sockaddr_in *addr4 = (struct sockaddr_in *) &client_addr;
+            *ip_len = sizeof( addr4->sin_addr.s_addr );
+
+            if( buf_size < *ip_len )
+                return( MBEDTLS_ERR_NET_BUFFER_TOO_SMALL );
+
+            memcpy( client_ip, &addr4->sin_addr.s_addr, *ip_len );
+        }
+        else
+        {
+            struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *) &client_addr;
+            *ip_len = sizeof( addr6->sin6_addr.s6_addr );
+
+            if( buf_size < *ip_len )
+                return( MBEDTLS_ERR_NET_BUFFER_TOO_SMALL );
+
+            memcpy( client_ip, &addr6->sin6_addr.s6_addr, *ip_len);
+        }
+    }
+
+    return( 0 );
+}
+
+/*
+ * Set the socket blocking or non-blocking
+ */
+int mbedtls_net_set_block( mbedtls_net_context *ctx )
+{
+#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \
+    !defined(EFI32)
+    u_long n = 0;
+    return( ioctlsocket( ctx->fd, FIONBIO, &n ) );
+#else
+    return( fcntl( ctx->fd, F_SETFL, fcntl( ctx->fd, F_GETFL ) & ~O_NONBLOCK ) );
+#endif
+}
+
+int mbedtls_net_set_nonblock( mbedtls_net_context *ctx )
+{
+#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \
+    !defined(EFI32)
+    u_long n = 1;
+    return( ioctlsocket( ctx->fd, FIONBIO, &n ) );
+#else
+    return( fcntl( ctx->fd, F_SETFL, fcntl( ctx->fd, F_GETFL ) | O_NONBLOCK ) );
+#endif
+}
+
+/*
+ * Portable usleep helper
+ */
+void mbedtls_net_usleep( unsigned long usec )
+{
+#if defined(_WIN32)
+    Sleep( ( usec + 999 ) / 1000 );
+#else
+    struct timeval tv;
+    tv.tv_sec  = usec / 1000000;
+#if defined(__unix__) || defined(__unix) || \
+    ( defined(__APPLE__) && defined(__MACH__) )
+    tv.tv_usec = (suseconds_t) usec % 1000000;
+#else
+    tv.tv_usec = usec % 1000000;
+#endif
+    select( 0, NULL, NULL, NULL, &tv );
+#endif
+}
+
+/*
+ * Read at most 'len' characters
+ */
+int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len )
+{
+    int ret;
+    int fd = ((mbedtls_net_context *) ctx)->fd;
+
+    if( fd < 0 )
+        return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
+
+    ret = (int) read( fd, buf, len );
+
+    if( ret < 0 )
+    {
+        if( net_would_block( ctx ) != 0 )
+            return( MBEDTLS_ERR_SSL_WANT_READ );
+
+#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \
+    !defined(EFI32)
+        if( WSAGetLastError() == WSAECONNRESET )
+            return( MBEDTLS_ERR_NET_CONN_RESET );
+#else
+        if( errno == EPIPE || errno == ECONNRESET )
+            return( MBEDTLS_ERR_NET_CONN_RESET );
+
+        if( errno == EINTR )
+            return( MBEDTLS_ERR_SSL_WANT_READ );
+#endif
+
+        return( MBEDTLS_ERR_NET_RECV_FAILED );
+    }
+
+    return( ret );
+}
+
+/*
+ * Read at most 'len' characters, blocking for at most 'timeout' ms
+ */
+int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, size_t len,
+                      uint32_t timeout )
+{
+    int ret;
+    struct timeval tv;
+    fd_set read_fds;
+    int fd = ((mbedtls_net_context *) ctx)->fd;
+
+    if( fd < 0 )
+        return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
+
+    FD_ZERO( &read_fds );
+    FD_SET( fd, &read_fds );
+
+    tv.tv_sec  = timeout / 1000;
+    tv.tv_usec = ( timeout % 1000 ) * 1000;
+
+    ret = select( fd + 1, &read_fds, NULL, NULL, timeout == 0 ? NULL : &tv );
+
+    /* Zero fds ready means we timed out */
+    if( ret == 0 )
+        return( MBEDTLS_ERR_SSL_TIMEOUT );
+
+    if( ret < 0 )
+    {
+#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \
+    !defined(EFI32)
+        if( WSAGetLastError() == WSAEINTR )
+            return( MBEDTLS_ERR_SSL_WANT_READ );
+#else
+        if( errno == EINTR )
+            return( MBEDTLS_ERR_SSL_WANT_READ );
+#endif
+
+        return( MBEDTLS_ERR_NET_RECV_FAILED );
+    }
+
+    /* This call will not block */
+    return( mbedtls_net_recv( ctx, buf, len ) );
+}
+
+/*
+ * Write at most 'len' characters
+ */
+int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len )
+{
+    int ret;
+    int fd = ((mbedtls_net_context *) ctx)->fd;
+
+    if( fd < 0 )
+        return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
+
+    ret = (int) write( fd, buf, len );
+
+    if( ret < 0 )
+    {
+        if( net_would_block( ctx ) != 0 )
+            return( MBEDTLS_ERR_SSL_WANT_WRITE );
+
+#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \
+    !defined(EFI32)
+        if( WSAGetLastError() == WSAECONNRESET )
+            return( MBEDTLS_ERR_NET_CONN_RESET );
+#else
+        if( errno == EPIPE || errno == ECONNRESET )
+            return( MBEDTLS_ERR_NET_CONN_RESET );
+
+        if( errno == EINTR )
+            return( MBEDTLS_ERR_SSL_WANT_WRITE );
+#endif
+
+        return( MBEDTLS_ERR_NET_SEND_FAILED );
+    }
+
+    return( ret );
+}
+
+/*
+ * Gracefully close the connection
+ */
+void mbedtls_net_free( mbedtls_net_context *ctx )
+{
+    if( ctx->fd == -1 )
+        return;
+
+    shutdown( ctx->fd, 2 );
+    close( ctx->fd );
+
+    ctx->fd = -1;
+}
+
+#endif /* MBEDTLS_NET_C */
diff --git a/thirdparty/mbedtls/library/oid.c b/thirdparty/mbedtls/library/oid.c
new file mode 100644
index 0000000000..f13826ed74
--- /dev/null
+++ b/thirdparty/mbedtls/library/oid.c
@@ -0,0 +1,710 @@
+/**
+ * \file oid.c
+ *
+ * \brief Object Identifier (OID) database
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_OID_C)
+
+#include "mbedtls/oid.h"
+#include "mbedtls/rsa.h"
+
+#include <stdio.h>
+#include <string.h>
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#define mbedtls_snprintf snprintf
+#endif
+
+#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
+#include "mbedtls/x509.h"
+#endif
+
+/*
+ * Macro to automatically add the size of #define'd OIDs
+ */
+#define ADD_LEN(s)      s, MBEDTLS_OID_SIZE(s)
+
+/*
+ * Macro to generate an internal function for oid_XXX_from_asn1() (used by
+ * the other functions)
+ */
+#define FN_OID_TYPED_FROM_ASN1( TYPE_T, NAME, LIST )                        \
+static const TYPE_T * oid_ ## NAME ## _from_asn1( const mbedtls_asn1_buf *oid )     \
+{                                                                           \
+    const TYPE_T *p = LIST;                                                 \
+    const mbedtls_oid_descriptor_t *cur = (const mbedtls_oid_descriptor_t *) p;             \
+    if( p == NULL || oid == NULL ) return( NULL );                          \
+    while( cur->asn1 != NULL ) {                                            \
+        if( cur->asn1_len == oid->len &&                                    \
+            memcmp( cur->asn1, oid->p, oid->len ) == 0 ) {                  \
+            return( p );                                                    \
+        }                                                                   \
+        p++;                                                                \
+        cur = (const mbedtls_oid_descriptor_t *) p;                                 \
+    }                                                                       \
+    return( NULL );                                                         \
+}
+
+/*
+ * Macro to generate a function for retrieving a single attribute from the
+ * descriptor of an mbedtls_oid_descriptor_t wrapper.
+ */
+#define FN_OID_GET_DESCRIPTOR_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \
+int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1 )                  \
+{                                                                       \
+    const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid );        \
+    if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND );            \
+    *ATTR1 = data->descriptor.ATTR1;                                    \
+    return( 0 );                                                        \
+}
+
+/*
+ * Macro to generate a function for retrieving a single attribute from an
+ * mbedtls_oid_descriptor_t wrapper.
+ */
+#define FN_OID_GET_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \
+int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1 )                  \
+{                                                                       \
+    const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid );        \
+    if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND );            \
+    *ATTR1 = data->ATTR1;                                               \
+    return( 0 );                                                        \
+}
+
+/*
+ * Macro to generate a function for retrieving two attributes from an
+ * mbedtls_oid_descriptor_t wrapper.
+ */
+#define FN_OID_GET_ATTR2(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1,     \
+                         ATTR2_TYPE, ATTR2)                                 \
+int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1, ATTR2_TYPE * ATTR2 )  \
+{                                                                           \
+    const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid );            \
+    if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND );                \
+    *ATTR1 = data->ATTR1;                                                   \
+    *ATTR2 = data->ATTR2;                                                   \
+    return( 0 );                                                            \
+}
+
+/*
+ * Macro to generate a function for retrieving the OID based on a single
+ * attribute from a mbedtls_oid_descriptor_t wrapper.
+ */
+#define FN_OID_GET_OID_BY_ATTR1(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1)   \
+int FN_NAME( ATTR1_TYPE ATTR1, const char **oid, size_t *olen )             \
+{                                                                           \
+    const TYPE_T *cur = LIST;                                               \
+    while( cur->descriptor.asn1 != NULL ) {                                 \
+        if( cur->ATTR1 == ATTR1 ) {                                         \
+            *oid = cur->descriptor.asn1;                                    \
+            *olen = cur->descriptor.asn1_len;                               \
+            return( 0 );                                                    \
+        }                                                                   \
+        cur++;                                                              \
+    }                                                                       \
+    return( MBEDTLS_ERR_OID_NOT_FOUND );                                   \
+}
+
+/*
+ * Macro to generate a function for retrieving the OID based on two
+ * attributes from a mbedtls_oid_descriptor_t wrapper.
+ */
+#define FN_OID_GET_OID_BY_ATTR2(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1,   \
+                                ATTR2_TYPE, ATTR2)                          \
+int FN_NAME( ATTR1_TYPE ATTR1, ATTR2_TYPE ATTR2, const char **oid ,         \
+             size_t *olen )                                                 \
+{                                                                           \
+    const TYPE_T *cur = LIST;                                               \
+    while( cur->descriptor.asn1 != NULL ) {                                 \
+        if( cur->ATTR1 == ATTR1 && cur->ATTR2 == ATTR2 ) {                  \
+            *oid = cur->descriptor.asn1;                                    \
+            *olen = cur->descriptor.asn1_len;                               \
+            return( 0 );                                                    \
+        }                                                                   \
+        cur++;                                                              \
+    }                                                                       \
+    return( MBEDTLS_ERR_OID_NOT_FOUND );                                   \
+}
+
+#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
+/*
+ * For X520 attribute types
+ */
+typedef struct {
+    mbedtls_oid_descriptor_t    descriptor;
+    const char          *short_name;
+} oid_x520_attr_t;
+
+static const oid_x520_attr_t oid_x520_attr_type[] =
+{
+    {
+        { ADD_LEN( MBEDTLS_OID_AT_CN ),          "id-at-commonName",               "Common Name" },
+        "CN",
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_AT_COUNTRY ),     "id-at-countryName",              "Country" },
+        "C",
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_AT_LOCALITY ),    "id-at-locality",                 "Locality" },
+        "L",
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_AT_STATE ),       "id-at-state",                    "State" },
+        "ST",
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_AT_ORGANIZATION ),"id-at-organizationName",         "Organization" },
+        "O",
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_AT_ORG_UNIT ),    "id-at-organizationalUnitName",   "Org Unit" },
+        "OU",
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_PKCS9_EMAIL ),    "emailAddress",                   "E-mail address" },
+        "emailAddress",
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_AT_SERIAL_NUMBER ),"id-at-serialNumber",            "Serial number" },
+        "serialNumber",
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_AT_POSTAL_ADDRESS ),"id-at-postalAddress",          "Postal address" },
+        "postalAddress",
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_AT_POSTAL_CODE ), "id-at-postalCode",               "Postal code" },
+        "postalCode",
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_AT_SUR_NAME ),    "id-at-surName",                  "Surname" },
+        "SN",
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_AT_GIVEN_NAME ),  "id-at-givenName",                "Given name" },
+        "GN",
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_AT_INITIALS ),    "id-at-initials",                 "Initials" },
+        "initials",
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_AT_GENERATION_QUALIFIER ), "id-at-generationQualifier", "Generation qualifier" },
+        "generationQualifier",
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_AT_TITLE ),       "id-at-title",                    "Title" },
+        "title",
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_AT_DN_QUALIFIER ),"id-at-dnQualifier",              "Distinguished Name qualifier" },
+        "dnQualifier",
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_AT_PSEUDONYM ),   "id-at-pseudonym",                "Pseudonym" },
+        "pseudonym",
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_DOMAIN_COMPONENT ), "id-domainComponent",           "Domain component" },
+        "DC",
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_AT_UNIQUE_IDENTIFIER ), "id-at-uniqueIdentifier",    "Unique Identifier" },
+        "uniqueIdentifier",
+    },
+    {
+        { NULL, 0, NULL, NULL },
+        NULL,
+    }
+};
+
+FN_OID_TYPED_FROM_ASN1(oid_x520_attr_t, x520_attr, oid_x520_attr_type)
+FN_OID_GET_ATTR1(mbedtls_oid_get_attr_short_name, oid_x520_attr_t, x520_attr, const char *, short_name)
+
+/*
+ * For X509 extensions
+ */
+typedef struct {
+    mbedtls_oid_descriptor_t    descriptor;
+    int                 ext_type;
+} oid_x509_ext_t;
+
+static const oid_x509_ext_t oid_x509_ext[] =
+{
+    {
+        { ADD_LEN( MBEDTLS_OID_BASIC_CONSTRAINTS ),    "id-ce-basicConstraints",   "Basic Constraints" },
+        MBEDTLS_X509_EXT_BASIC_CONSTRAINTS,
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_KEY_USAGE ),            "id-ce-keyUsage",           "Key Usage" },
+        MBEDTLS_X509_EXT_KEY_USAGE,
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_EXTENDED_KEY_USAGE ),   "id-ce-extKeyUsage",        "Extended Key Usage" },
+        MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE,
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_SUBJECT_ALT_NAME ),     "id-ce-subjectAltName",     "Subject Alt Name" },
+        MBEDTLS_X509_EXT_SUBJECT_ALT_NAME,
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_NS_CERT_TYPE ),         "id-netscape-certtype",     "Netscape Certificate Type" },
+        MBEDTLS_X509_EXT_NS_CERT_TYPE,
+    },
+    {
+        { NULL, 0, NULL, NULL },
+        0,
+    },
+};
+
+FN_OID_TYPED_FROM_ASN1(oid_x509_ext_t, x509_ext, oid_x509_ext)
+FN_OID_GET_ATTR1(mbedtls_oid_get_x509_ext_type, oid_x509_ext_t, x509_ext, int, ext_type)
+
+static const mbedtls_oid_descriptor_t oid_ext_key_usage[] =
+{
+    { ADD_LEN( MBEDTLS_OID_SERVER_AUTH ),      "id-kp-serverAuth",      "TLS Web Server Authentication" },
+    { ADD_LEN( MBEDTLS_OID_CLIENT_AUTH ),      "id-kp-clientAuth",      "TLS Web Client Authentication" },
+    { ADD_LEN( MBEDTLS_OID_CODE_SIGNING ),     "id-kp-codeSigning",     "Code Signing" },
+    { ADD_LEN( MBEDTLS_OID_EMAIL_PROTECTION ), "id-kp-emailProtection", "E-mail Protection" },
+    { ADD_LEN( MBEDTLS_OID_TIME_STAMPING ),    "id-kp-timeStamping",    "Time Stamping" },
+    { ADD_LEN( MBEDTLS_OID_OCSP_SIGNING ),     "id-kp-OCSPSigning",     "OCSP Signing" },
+    { NULL, 0, NULL, NULL },
+};
+
+FN_OID_TYPED_FROM_ASN1(mbedtls_oid_descriptor_t, ext_key_usage, oid_ext_key_usage)
+FN_OID_GET_ATTR1(mbedtls_oid_get_extended_key_usage, mbedtls_oid_descriptor_t, ext_key_usage, const char *, description)
+#endif /* MBEDTLS_X509_USE_C || MBEDTLS_X509_CREATE_C */
+
+#if defined(MBEDTLS_MD_C)
+/*
+ * For SignatureAlgorithmIdentifier
+ */
+typedef struct {
+    mbedtls_oid_descriptor_t    descriptor;
+    mbedtls_md_type_t           md_alg;
+    mbedtls_pk_type_t           pk_alg;
+} oid_sig_alg_t;
+
+static const oid_sig_alg_t oid_sig_alg[] =
+{
+#if defined(MBEDTLS_RSA_C)
+#if defined(MBEDTLS_MD2_C)
+    {
+        { ADD_LEN( MBEDTLS_OID_PKCS1_MD2 ),        "md2WithRSAEncryption",     "RSA with MD2" },
+        MBEDTLS_MD_MD2,      MBEDTLS_PK_RSA,
+    },
+#endif /* MBEDTLS_MD2_C */
+#if defined(MBEDTLS_MD4_C)
+    {
+        { ADD_LEN( MBEDTLS_OID_PKCS1_MD4 ),        "md4WithRSAEncryption",     "RSA with MD4" },
+        MBEDTLS_MD_MD4,      MBEDTLS_PK_RSA,
+    },
+#endif /* MBEDTLS_MD4_C */
+#if defined(MBEDTLS_MD5_C)
+    {
+        { ADD_LEN( MBEDTLS_OID_PKCS1_MD5 ),        "md5WithRSAEncryption",     "RSA with MD5" },
+        MBEDTLS_MD_MD5,      MBEDTLS_PK_RSA,
+    },
+#endif /* MBEDTLS_MD5_C */
+#if defined(MBEDTLS_SHA1_C)
+    {
+        { ADD_LEN( MBEDTLS_OID_PKCS1_SHA1 ),       "sha-1WithRSAEncryption",   "RSA with SHA1" },
+        MBEDTLS_MD_SHA1,     MBEDTLS_PK_RSA,
+    },
+#endif /* MBEDTLS_SHA1_C */
+#if defined(MBEDTLS_SHA256_C)
+    {
+        { ADD_LEN( MBEDTLS_OID_PKCS1_SHA224 ),     "sha224WithRSAEncryption",  "RSA with SHA-224" },
+        MBEDTLS_MD_SHA224,   MBEDTLS_PK_RSA,
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_PKCS1_SHA256 ),     "sha256WithRSAEncryption",  "RSA with SHA-256" },
+        MBEDTLS_MD_SHA256,   MBEDTLS_PK_RSA,
+    },
+#endif /* MBEDTLS_SHA256_C */
+#if defined(MBEDTLS_SHA512_C)
+    {
+        { ADD_LEN( MBEDTLS_OID_PKCS1_SHA384 ),     "sha384WithRSAEncryption",  "RSA with SHA-384" },
+        MBEDTLS_MD_SHA384,   MBEDTLS_PK_RSA,
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_PKCS1_SHA512 ),     "sha512WithRSAEncryption",  "RSA with SHA-512" },
+        MBEDTLS_MD_SHA512,   MBEDTLS_PK_RSA,
+    },
+#endif /* MBEDTLS_SHA512_C */
+#if defined(MBEDTLS_SHA1_C)
+    {
+        { ADD_LEN( MBEDTLS_OID_RSA_SHA_OBS ),      "sha-1WithRSAEncryption",   "RSA with SHA1" },
+        MBEDTLS_MD_SHA1,     MBEDTLS_PK_RSA,
+    },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_ECDSA_C)
+#if defined(MBEDTLS_SHA1_C)
+    {
+        { ADD_LEN( MBEDTLS_OID_ECDSA_SHA1 ),       "ecdsa-with-SHA1",      "ECDSA with SHA1" },
+        MBEDTLS_MD_SHA1,     MBEDTLS_PK_ECDSA,
+    },
+#endif /* MBEDTLS_SHA1_C */
+#if defined(MBEDTLS_SHA256_C)
+    {
+        { ADD_LEN( MBEDTLS_OID_ECDSA_SHA224 ),     "ecdsa-with-SHA224",    "ECDSA with SHA224" },
+        MBEDTLS_MD_SHA224,   MBEDTLS_PK_ECDSA,
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_ECDSA_SHA256 ),     "ecdsa-with-SHA256",    "ECDSA with SHA256" },
+        MBEDTLS_MD_SHA256,   MBEDTLS_PK_ECDSA,
+    },
+#endif /* MBEDTLS_SHA256_C */
+#if defined(MBEDTLS_SHA512_C)
+    {
+        { ADD_LEN( MBEDTLS_OID_ECDSA_SHA384 ),     "ecdsa-with-SHA384",    "ECDSA with SHA384" },
+        MBEDTLS_MD_SHA384,   MBEDTLS_PK_ECDSA,
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_ECDSA_SHA512 ),     "ecdsa-with-SHA512",    "ECDSA with SHA512" },
+        MBEDTLS_MD_SHA512,   MBEDTLS_PK_ECDSA,
+    },
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_ECDSA_C */
+#if defined(MBEDTLS_RSA_C)
+    {
+        { ADD_LEN( MBEDTLS_OID_RSASSA_PSS ),        "RSASSA-PSS",           "RSASSA-PSS" },
+        MBEDTLS_MD_NONE,     MBEDTLS_PK_RSASSA_PSS,
+    },
+#endif /* MBEDTLS_RSA_C */
+    {
+        { NULL, 0, NULL, NULL },
+        MBEDTLS_MD_NONE, MBEDTLS_PK_NONE,
+    },
+};
+
+FN_OID_TYPED_FROM_ASN1(oid_sig_alg_t, sig_alg, oid_sig_alg)
+FN_OID_GET_DESCRIPTOR_ATTR1(mbedtls_oid_get_sig_alg_desc, oid_sig_alg_t, sig_alg, const char *, description)
+FN_OID_GET_ATTR2(mbedtls_oid_get_sig_alg, oid_sig_alg_t, sig_alg, mbedtls_md_type_t, md_alg, mbedtls_pk_type_t, pk_alg)
+FN_OID_GET_OID_BY_ATTR2(mbedtls_oid_get_oid_by_sig_alg, oid_sig_alg_t, oid_sig_alg, mbedtls_pk_type_t, pk_alg, mbedtls_md_type_t, md_alg)
+#endif /* MBEDTLS_MD_C */
+
+/*
+ * For PublicKeyInfo (PKCS1, RFC 5480)
+ */
+typedef struct {
+    mbedtls_oid_descriptor_t    descriptor;
+    mbedtls_pk_type_t           pk_alg;
+} oid_pk_alg_t;
+
+static const oid_pk_alg_t oid_pk_alg[] =
+{
+    {
+        { ADD_LEN( MBEDTLS_OID_PKCS1_RSA ),      "rsaEncryption",   "RSA" },
+        MBEDTLS_PK_RSA,
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_EC_ALG_UNRESTRICTED ),  "id-ecPublicKey",   "Generic EC key" },
+        MBEDTLS_PK_ECKEY,
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_EC_ALG_ECDH ),          "id-ecDH",          "EC key for ECDH" },
+        MBEDTLS_PK_ECKEY_DH,
+    },
+    {
+        { NULL, 0, NULL, NULL },
+        MBEDTLS_PK_NONE,
+    },
+};
+
+FN_OID_TYPED_FROM_ASN1(oid_pk_alg_t, pk_alg, oid_pk_alg)
+FN_OID_GET_ATTR1(mbedtls_oid_get_pk_alg, oid_pk_alg_t, pk_alg, mbedtls_pk_type_t, pk_alg)
+FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_pk_alg, oid_pk_alg_t, oid_pk_alg, mbedtls_pk_type_t, pk_alg)
+
+#if defined(MBEDTLS_ECP_C)
+/*
+ * For namedCurve (RFC 5480)
+ */
+typedef struct {
+    mbedtls_oid_descriptor_t    descriptor;
+    mbedtls_ecp_group_id        grp_id;
+} oid_ecp_grp_t;
+
+static const oid_ecp_grp_t oid_ecp_grp[] =
+{
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+    {
+        { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP192R1 ), "secp192r1",    "secp192r1" },
+        MBEDTLS_ECP_DP_SECP192R1,
+    },
+#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+    {
+        { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP224R1 ), "secp224r1",    "secp224r1" },
+        MBEDTLS_ECP_DP_SECP224R1,
+    },
+#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+    {
+        { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP256R1 ), "secp256r1",    "secp256r1" },
+        MBEDTLS_ECP_DP_SECP256R1,
+    },
+#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+    {
+        { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP384R1 ), "secp384r1",    "secp384r1" },
+        MBEDTLS_ECP_DP_SECP384R1,
+    },
+#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+    {
+        { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP521R1 ), "secp521r1",    "secp521r1" },
+        MBEDTLS_ECP_DP_SECP521R1,
+    },
+#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+    {
+        { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP192K1 ), "secp192k1",    "secp192k1" },
+        MBEDTLS_ECP_DP_SECP192K1,
+    },
+#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+    {
+        { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP224K1 ), "secp224k1",    "secp224k1" },
+        MBEDTLS_ECP_DP_SECP224K1,
+    },
+#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+    {
+        { ADD_LEN( MBEDTLS_OID_EC_GRP_SECP256K1 ), "secp256k1",    "secp256k1" },
+        MBEDTLS_ECP_DP_SECP256K1,
+    },
+#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+    {
+        { ADD_LEN( MBEDTLS_OID_EC_GRP_BP256R1 ),   "brainpoolP256r1","brainpool256r1" },
+        MBEDTLS_ECP_DP_BP256R1,
+    },
+#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+    {
+        { ADD_LEN( MBEDTLS_OID_EC_GRP_BP384R1 ),   "brainpoolP384r1","brainpool384r1" },
+        MBEDTLS_ECP_DP_BP384R1,
+    },
+#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+    {
+        { ADD_LEN( MBEDTLS_OID_EC_GRP_BP512R1 ),   "brainpoolP512r1","brainpool512r1" },
+        MBEDTLS_ECP_DP_BP512R1,
+    },
+#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
+    {
+        { NULL, 0, NULL, NULL },
+        MBEDTLS_ECP_DP_NONE,
+    },
+};
+
+FN_OID_TYPED_FROM_ASN1(oid_ecp_grp_t, grp_id, oid_ecp_grp)
+FN_OID_GET_ATTR1(mbedtls_oid_get_ec_grp, oid_ecp_grp_t, grp_id, mbedtls_ecp_group_id, grp_id)
+FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_ec_grp, oid_ecp_grp_t, oid_ecp_grp, mbedtls_ecp_group_id, grp_id)
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_CIPHER_C)
+/*
+ * For PKCS#5 PBES2 encryption algorithm
+ */
+typedef struct {
+    mbedtls_oid_descriptor_t    descriptor;
+    mbedtls_cipher_type_t       cipher_alg;
+} oid_cipher_alg_t;
+
+static const oid_cipher_alg_t oid_cipher_alg[] =
+{
+    {
+        { ADD_LEN( MBEDTLS_OID_DES_CBC ),              "desCBC",       "DES-CBC" },
+        MBEDTLS_CIPHER_DES_CBC,
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_DES_EDE3_CBC ),         "des-ede3-cbc", "DES-EDE3-CBC" },
+        MBEDTLS_CIPHER_DES_EDE3_CBC,
+    },
+    {
+        { NULL, 0, NULL, NULL },
+        MBEDTLS_CIPHER_NONE,
+    },
+};
+
+FN_OID_TYPED_FROM_ASN1(oid_cipher_alg_t, cipher_alg, oid_cipher_alg)
+FN_OID_GET_ATTR1(mbedtls_oid_get_cipher_alg, oid_cipher_alg_t, cipher_alg, mbedtls_cipher_type_t, cipher_alg)
+#endif /* MBEDTLS_CIPHER_C */
+
+#if defined(MBEDTLS_MD_C)
+/*
+ * For digestAlgorithm
+ */
+typedef struct {
+    mbedtls_oid_descriptor_t    descriptor;
+    mbedtls_md_type_t           md_alg;
+} oid_md_alg_t;
+
+static const oid_md_alg_t oid_md_alg[] =
+{
+#if defined(MBEDTLS_MD2_C)
+    {
+        { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD2 ),       "id-md2",       "MD2" },
+        MBEDTLS_MD_MD2,
+    },
+#endif /* MBEDTLS_MD2_C */
+#if defined(MBEDTLS_MD4_C)
+    {
+        { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD4 ),       "id-md4",       "MD4" },
+        MBEDTLS_MD_MD4,
+    },
+#endif /* MBEDTLS_MD4_C */
+#if defined(MBEDTLS_MD5_C)
+    {
+        { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD5 ),       "id-md5",       "MD5" },
+        MBEDTLS_MD_MD5,
+    },
+#endif /* MBEDTLS_MD5_C */
+#if defined(MBEDTLS_SHA1_C)
+    {
+        { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA1 ),      "id-sha1",      "SHA-1" },
+        MBEDTLS_MD_SHA1,
+    },
+#endif /* MBEDTLS_SHA1_C */
+#if defined(MBEDTLS_SHA256_C)
+    {
+        { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA224 ),    "id-sha224",    "SHA-224" },
+        MBEDTLS_MD_SHA224,
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA256 ),    "id-sha256",    "SHA-256" },
+        MBEDTLS_MD_SHA256,
+    },
+#endif /* MBEDTLS_SHA256_C */
+#if defined(MBEDTLS_SHA512_C)
+    {
+        { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA384 ),    "id-sha384",    "SHA-384" },
+        MBEDTLS_MD_SHA384,
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA512 ),    "id-sha512",    "SHA-512" },
+        MBEDTLS_MD_SHA512,
+    },
+#endif /* MBEDTLS_SHA512_C */
+    {
+        { NULL, 0, NULL, NULL },
+        MBEDTLS_MD_NONE,
+    },
+};
+
+FN_OID_TYPED_FROM_ASN1(oid_md_alg_t, md_alg, oid_md_alg)
+FN_OID_GET_ATTR1(mbedtls_oid_get_md_alg, oid_md_alg_t, md_alg, mbedtls_md_type_t, md_alg)
+FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_md, oid_md_alg_t, oid_md_alg, mbedtls_md_type_t, md_alg)
+#endif /* MBEDTLS_MD_C */
+
+#if defined(MBEDTLS_PKCS12_C)
+/*
+ * For PKCS#12 PBEs
+ */
+typedef struct {
+    mbedtls_oid_descriptor_t    descriptor;
+    mbedtls_md_type_t           md_alg;
+    mbedtls_cipher_type_t       cipher_alg;
+} oid_pkcs12_pbe_alg_t;
+
+static const oid_pkcs12_pbe_alg_t oid_pkcs12_pbe_alg[] =
+{
+    {
+        { ADD_LEN( MBEDTLS_OID_PKCS12_PBE_SHA1_DES3_EDE_CBC ), "pbeWithSHAAnd3-KeyTripleDES-CBC", "PBE with SHA1 and 3-Key 3DES" },
+        MBEDTLS_MD_SHA1,      MBEDTLS_CIPHER_DES_EDE3_CBC,
+    },
+    {
+        { ADD_LEN( MBEDTLS_OID_PKCS12_PBE_SHA1_DES2_EDE_CBC ), "pbeWithSHAAnd2-KeyTripleDES-CBC", "PBE with SHA1 and 2-Key 3DES" },
+        MBEDTLS_MD_SHA1,      MBEDTLS_CIPHER_DES_EDE_CBC,
+    },
+    {
+        { NULL, 0, NULL, NULL },
+        MBEDTLS_MD_NONE, MBEDTLS_CIPHER_NONE,
+    },
+};
+
+FN_OID_TYPED_FROM_ASN1(oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, oid_pkcs12_pbe_alg)
+FN_OID_GET_ATTR2(mbedtls_oid_get_pkcs12_pbe_alg, oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, mbedtls_md_type_t, md_alg, mbedtls_cipher_type_t, cipher_alg)
+#endif /* MBEDTLS_PKCS12_C */
+
+#define OID_SAFE_SNPRINTF                               \
+    do {                                                \
+        if( ret < 0 || (size_t) ret >= n )              \
+            return( MBEDTLS_ERR_OID_BUF_TOO_SMALL );    \
+                                                        \
+        n -= (size_t) ret;                              \
+        p += (size_t) ret;                              \
+    } while( 0 )
+
+/* Return the x.y.z.... style numeric string for the given OID */
+int mbedtls_oid_get_numeric_string( char *buf, size_t size,
+                            const mbedtls_asn1_buf *oid )
+{
+    int ret;
+    size_t i, n;
+    unsigned int value;
+    char *p;
+
+    p = buf;
+    n = size;
+
+    /* First byte contains first two dots */
+    if( oid->len > 0 )
+    {
+        ret = mbedtls_snprintf( p, n, "%d.%d", oid->p[0] / 40, oid->p[0] % 40 );
+        OID_SAFE_SNPRINTF;
+    }
+
+    value = 0;
+    for( i = 1; i < oid->len; i++ )
+    {
+        /* Prevent overflow in value. */
+        if( ( ( value << 7 ) >> 7 ) != value )
+            return( MBEDTLS_ERR_OID_BUF_TOO_SMALL );
+
+        value <<= 7;
+        value += oid->p[i] & 0x7F;
+
+        if( !( oid->p[i] & 0x80 ) )
+        {
+            /* Last byte */
+            ret = mbedtls_snprintf( p, n, ".%d", value );
+            OID_SAFE_SNPRINTF;
+            value = 0;
+        }
+    }
+
+    return( (int) ( size - n ) );
+}
+
+#endif /* MBEDTLS_OID_C */
diff --git a/thirdparty/mbedtls/library/padlock.c b/thirdparty/mbedtls/library/padlock.c
new file mode 100644
index 0000000000..b85ff9cd2c
--- /dev/null
+++ b/thirdparty/mbedtls/library/padlock.c
@@ -0,0 +1,170 @@
+/*
+ *  VIA PadLock support functions
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ *  This implementation is based on the VIA PadLock Programming Guide:
+ *
+ *  http://www.via.com.tw/en/downloads/whitepapers/initiatives/padlock/
+ *  programming_guide.pdf
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PADLOCK_C)
+
+#include "mbedtls/padlock.h"
+
+#include <string.h>
+
+#ifndef asm
+#define asm __asm
+#endif
+
+#if defined(MBEDTLS_HAVE_X86)
+
+/*
+ * PadLock detection routine
+ */
+int mbedtls_padlock_has_support( int feature )
+{
+    static int flags = -1;
+    int ebx = 0, edx = 0;
+
+    if( flags == -1 )
+    {
+        asm( "movl  %%ebx, %0           \n\t"
+             "movl  $0xC0000000, %%eax  \n\t"
+             "cpuid                     \n\t"
+             "cmpl  $0xC0000001, %%eax  \n\t"
+             "movl  $0, %%edx           \n\t"
+             "jb    unsupported         \n\t"
+             "movl  $0xC0000001, %%eax  \n\t"
+             "cpuid                     \n\t"
+             "unsupported:              \n\t"
+             "movl  %%edx, %1           \n\t"
+             "movl  %2, %%ebx           \n\t"
+             : "=m" (ebx), "=m" (edx)
+             :  "m" (ebx)
+             : "eax", "ecx", "edx" );
+
+        flags = edx;
+    }
+
+    return( flags & feature );
+}
+
+/*
+ * PadLock AES-ECB block en(de)cryption
+ */
+int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx,
+                       int mode,
+                       const unsigned char input[16],
+                       unsigned char output[16] )
+{
+    int ebx = 0;
+    uint32_t *rk;
+    uint32_t *blk;
+    uint32_t *ctrl;
+    unsigned char buf[256];
+
+    rk  = ctx->rk;
+    blk = MBEDTLS_PADLOCK_ALIGN16( buf );
+    memcpy( blk, input, 16 );
+
+     ctrl = blk + 4;
+    *ctrl = 0x80 | ctx->nr | ( ( ctx->nr + ( mode^1 ) - 10 ) << 9 );
+
+    asm( "pushfl                        \n\t"
+         "popfl                         \n\t"
+         "movl    %%ebx, %0             \n\t"
+         "movl    $1, %%ecx             \n\t"
+         "movl    %2, %%edx             \n\t"
+         "movl    %3, %%ebx             \n\t"
+         "movl    %4, %%esi             \n\t"
+         "movl    %4, %%edi             \n\t"
+         ".byte  0xf3,0x0f,0xa7,0xc8    \n\t"
+         "movl    %1, %%ebx             \n\t"
+         : "=m" (ebx)
+         :  "m" (ebx), "m" (ctrl), "m" (rk), "m" (blk)
+         : "memory", "ecx", "edx", "esi", "edi" );
+
+    memcpy( output, blk, 16 );
+
+    return( 0 );
+}
+
+/*
+ * PadLock AES-CBC buffer en(de)cryption
+ */
+int mbedtls_padlock_xcryptcbc( mbedtls_aes_context *ctx,
+                       int mode,
+                       size_t length,
+                       unsigned char iv[16],
+                       const unsigned char *input,
+                       unsigned char *output )
+{
+    int ebx = 0;
+    size_t count;
+    uint32_t *rk;
+    uint32_t *iw;
+    uint32_t *ctrl;
+    unsigned char buf[256];
+
+    if( ( (long) input  & 15 ) != 0 ||
+        ( (long) output & 15 ) != 0 )
+        return( MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED );
+
+    rk = ctx->rk;
+    iw = MBEDTLS_PADLOCK_ALIGN16( buf );
+    memcpy( iw, iv, 16 );
+
+     ctrl = iw + 4;
+    *ctrl = 0x80 | ctx->nr | ( ( ctx->nr + ( mode ^ 1 ) - 10 ) << 9 );
+
+    count = ( length + 15 ) >> 4;
+
+    asm( "pushfl                        \n\t"
+         "popfl                         \n\t"
+         "movl    %%ebx, %0             \n\t"
+         "movl    %2, %%ecx             \n\t"
+         "movl    %3, %%edx             \n\t"
+         "movl    %4, %%ebx             \n\t"
+         "movl    %5, %%esi             \n\t"
+         "movl    %6, %%edi             \n\t"
+         "movl    %7, %%eax             \n\t"
+         ".byte  0xf3,0x0f,0xa7,0xd0    \n\t"
+         "movl    %1, %%ebx             \n\t"
+         : "=m" (ebx)
+         :  "m" (ebx), "m" (count), "m" (ctrl),
+            "m"  (rk), "m" (input), "m" (output), "m" (iw)
+         : "memory", "eax", "ecx", "edx", "esi", "edi" );
+
+    memcpy( iv, iw, 16 );
+
+    return( 0 );
+}
+
+#endif /* MBEDTLS_HAVE_X86 */
+
+#endif /* MBEDTLS_PADLOCK_C */
diff --git a/thirdparty/mbedtls/library/pem.c b/thirdparty/mbedtls/library/pem.c
new file mode 100644
index 0000000000..c09651f4a2
--- /dev/null
+++ b/thirdparty/mbedtls/library/pem.c
@@ -0,0 +1,491 @@
+/*
+ *  Privacy Enhanced Mail (PEM) decoding
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C)
+
+#include "mbedtls/pem.h"
+#include "mbedtls/base64.h"
+#include "mbedtls/des.h"
+#include "mbedtls/aes.h"
+#include "mbedtls/md5.h"
+#include "mbedtls/cipher.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define mbedtls_calloc    calloc
+#define mbedtls_free       free
+#endif
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+void mbedtls_pem_init( mbedtls_pem_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_pem_context ) );
+}
+
+#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) &&         \
+    ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
+/*
+ * Read a 16-byte hex string and convert it to binary
+ */
+static int pem_get_iv( const unsigned char *s, unsigned char *iv,
+                       size_t iv_len )
+{
+    size_t i, j, k;
+
+    memset( iv, 0, iv_len );
+
+    for( i = 0; i < iv_len * 2; i++, s++ )
+    {
+        if( *s >= '0' && *s <= '9' ) j = *s - '0'; else
+        if( *s >= 'A' && *s <= 'F' ) j = *s - '7'; else
+        if( *s >= 'a' && *s <= 'f' ) j = *s - 'W'; else
+            return( MBEDTLS_ERR_PEM_INVALID_ENC_IV );
+
+        k = ( ( i & 1 ) != 0 ) ? j : j << 4;
+
+        iv[i >> 1] = (unsigned char)( iv[i >> 1] | k );
+    }
+
+    return( 0 );
+}
+
+static int pem_pbkdf1( unsigned char *key, size_t keylen,
+                       unsigned char *iv,
+                       const unsigned char *pwd, size_t pwdlen )
+{
+    mbedtls_md5_context md5_ctx;
+    unsigned char md5sum[16];
+    size_t use_len;
+    int ret;
+
+    mbedtls_md5_init( &md5_ctx );
+
+    /*
+     * key[ 0..15] = MD5(pwd || IV)
+     */
+    if( ( ret = mbedtls_md5_starts_ret( &md5_ctx ) ) != 0 )
+        goto exit;
+    if( ( ret = mbedtls_md5_update_ret( &md5_ctx, pwd, pwdlen ) ) != 0 )
+        goto exit;
+    if( ( ret = mbedtls_md5_update_ret( &md5_ctx, iv,  8 ) ) != 0 )
+        goto exit;
+    if( ( ret = mbedtls_md5_finish_ret( &md5_ctx, md5sum ) ) != 0 )
+        goto exit;
+
+    if( keylen <= 16 )
+    {
+        memcpy( key, md5sum, keylen );
+        goto exit;
+    }
+
+    memcpy( key, md5sum, 16 );
+
+    /*
+     * key[16..23] = MD5(key[ 0..15] || pwd || IV])
+     */
+    if( ( ret = mbedtls_md5_starts_ret( &md5_ctx ) ) != 0 )
+        goto exit;
+    if( ( ret = mbedtls_md5_update_ret( &md5_ctx, md5sum, 16 ) ) != 0 )
+        goto exit;
+    if( ( ret = mbedtls_md5_update_ret( &md5_ctx, pwd, pwdlen ) ) != 0 )
+        goto exit;
+    if( ( ret = mbedtls_md5_update_ret( &md5_ctx, iv, 8 ) ) != 0 )
+        goto exit;
+    if( ( ret = mbedtls_md5_finish_ret( &md5_ctx, md5sum ) ) != 0 )
+        goto exit;
+
+    use_len = 16;
+    if( keylen < 32 )
+        use_len = keylen - 16;
+
+    memcpy( key + 16, md5sum, use_len );
+
+exit:
+    mbedtls_md5_free( &md5_ctx );
+    mbedtls_zeroize( md5sum, 16 );
+
+    return( ret );
+}
+
+#if defined(MBEDTLS_DES_C)
+/*
+ * Decrypt with DES-CBC, using PBKDF1 for key derivation
+ */
+static int pem_des_decrypt( unsigned char des_iv[8],
+                            unsigned char *buf, size_t buflen,
+                            const unsigned char *pwd, size_t pwdlen )
+{
+    mbedtls_des_context des_ctx;
+    unsigned char des_key[8];
+    int ret;
+
+    mbedtls_des_init( &des_ctx );
+
+    if( ( ret = pem_pbkdf1( des_key, 8, des_iv, pwd, pwdlen ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_des_setkey_dec( &des_ctx, des_key ) ) != 0 )
+        goto exit;
+    ret = mbedtls_des_crypt_cbc( &des_ctx, MBEDTLS_DES_DECRYPT, buflen,
+                     des_iv, buf, buf );
+
+exit:
+    mbedtls_des_free( &des_ctx );
+    mbedtls_zeroize( des_key, 8 );
+
+    return( ret );
+}
+
+/*
+ * Decrypt with 3DES-CBC, using PBKDF1 for key derivation
+ */
+static int pem_des3_decrypt( unsigned char des3_iv[8],
+                             unsigned char *buf, size_t buflen,
+                             const unsigned char *pwd, size_t pwdlen )
+{
+    mbedtls_des3_context des3_ctx;
+    unsigned char des3_key[24];
+    int ret;
+
+    mbedtls_des3_init( &des3_ctx );
+
+    if( ( ret = pem_pbkdf1( des3_key, 24, des3_iv, pwd, pwdlen ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_des3_set3key_dec( &des3_ctx, des3_key ) ) != 0 )
+        goto exit;
+    ret = mbedtls_des3_crypt_cbc( &des3_ctx, MBEDTLS_DES_DECRYPT, buflen,
+                     des3_iv, buf, buf );
+
+exit:
+    mbedtls_des3_free( &des3_ctx );
+    mbedtls_zeroize( des3_key, 24 );
+
+    return( ret );
+}
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_AES_C)
+/*
+ * Decrypt with AES-XXX-CBC, using PBKDF1 for key derivation
+ */
+static int pem_aes_decrypt( unsigned char aes_iv[16], unsigned int keylen,
+                            unsigned char *buf, size_t buflen,
+                            const unsigned char *pwd, size_t pwdlen )
+{
+    mbedtls_aes_context aes_ctx;
+    unsigned char aes_key[32];
+    int ret;
+
+    mbedtls_aes_init( &aes_ctx );
+
+    if( ( ret = pem_pbkdf1( aes_key, keylen, aes_iv, pwd, pwdlen ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_aes_setkey_dec( &aes_ctx, aes_key, keylen * 8 ) ) != 0 )
+        goto exit;
+    ret = mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_DECRYPT, buflen,
+                     aes_iv, buf, buf );
+
+exit:
+    mbedtls_aes_free( &aes_ctx );
+    mbedtls_zeroize( aes_key, keylen );
+
+    return( ret );
+}
+#endif /* MBEDTLS_AES_C */
+
+#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
+          ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
+
+int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer,
+                     const unsigned char *data, const unsigned char *pwd,
+                     size_t pwdlen, size_t *use_len )
+{
+    int ret, enc;
+    size_t len;
+    unsigned char *buf;
+    const unsigned char *s1, *s2, *end;
+#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) &&         \
+    ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
+    unsigned char pem_iv[16];
+    mbedtls_cipher_type_t enc_alg = MBEDTLS_CIPHER_NONE;
+#else
+    ((void) pwd);
+    ((void) pwdlen);
+#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
+          ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
+
+    if( ctx == NULL )
+        return( MBEDTLS_ERR_PEM_BAD_INPUT_DATA );
+
+    s1 = (unsigned char *) strstr( (const char *) data, header );
+
+    if( s1 == NULL )
+        return( MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT );
+
+    s2 = (unsigned char *) strstr( (const char *) data, footer );
+
+    if( s2 == NULL || s2 <= s1 )
+        return( MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT );
+
+    s1 += strlen( header );
+    if( *s1 == ' '  ) s1++;
+    if( *s1 == '\r' ) s1++;
+    if( *s1 == '\n' ) s1++;
+    else return( MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT );
+
+    end = s2;
+    end += strlen( footer );
+    if( *end == ' '  ) end++;
+    if( *end == '\r' ) end++;
+    if( *end == '\n' ) end++;
+    *use_len = end - data;
+
+    enc = 0;
+
+    if( s2 - s1 >= 22 && memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 )
+    {
+#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) &&         \
+    ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
+        enc++;
+
+        s1 += 22;
+        if( *s1 == '\r' ) s1++;
+        if( *s1 == '\n' ) s1++;
+        else return( MBEDTLS_ERR_PEM_INVALID_DATA );
+
+
+#if defined(MBEDTLS_DES_C)
+        if( s2 - s1 >= 23 && memcmp( s1, "DEK-Info: DES-EDE3-CBC,", 23 ) == 0 )
+        {
+            enc_alg = MBEDTLS_CIPHER_DES_EDE3_CBC;
+
+            s1 += 23;
+            if( s2 - s1 < 16 || pem_get_iv( s1, pem_iv, 8 ) != 0 )
+                return( MBEDTLS_ERR_PEM_INVALID_ENC_IV );
+
+            s1 += 16;
+        }
+        else if( s2 - s1 >= 18 && memcmp( s1, "DEK-Info: DES-CBC,", 18 ) == 0 )
+        {
+            enc_alg = MBEDTLS_CIPHER_DES_CBC;
+
+            s1 += 18;
+            if( s2 - s1 < 16 || pem_get_iv( s1, pem_iv, 8) != 0 )
+                return( MBEDTLS_ERR_PEM_INVALID_ENC_IV );
+
+            s1 += 16;
+        }
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_AES_C)
+        if( s2 - s1 >= 14 && memcmp( s1, "DEK-Info: AES-", 14 ) == 0 )
+        {
+            if( s2 - s1 < 22 )
+                return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG );
+            else if( memcmp( s1, "DEK-Info: AES-128-CBC,", 22 ) == 0 )
+                enc_alg = MBEDTLS_CIPHER_AES_128_CBC;
+            else if( memcmp( s1, "DEK-Info: AES-192-CBC,", 22 ) == 0 )
+                enc_alg = MBEDTLS_CIPHER_AES_192_CBC;
+            else if( memcmp( s1, "DEK-Info: AES-256-CBC,", 22 ) == 0 )
+                enc_alg = MBEDTLS_CIPHER_AES_256_CBC;
+            else
+                return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG );
+
+            s1 += 22;
+            if( s2 - s1 < 32 || pem_get_iv( s1, pem_iv, 16 ) != 0 )
+                return( MBEDTLS_ERR_PEM_INVALID_ENC_IV );
+
+            s1 += 32;
+        }
+#endif /* MBEDTLS_AES_C */
+
+        if( enc_alg == MBEDTLS_CIPHER_NONE )
+            return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG );
+
+        if( *s1 == '\r' ) s1++;
+        if( *s1 == '\n' ) s1++;
+        else return( MBEDTLS_ERR_PEM_INVALID_DATA );
+#else
+        return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE );
+#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
+          ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
+    }
+
+    if( s1 >= s2 )
+        return( MBEDTLS_ERR_PEM_INVALID_DATA );
+
+    ret = mbedtls_base64_decode( NULL, 0, &len, s1, s2 - s1 );
+
+    if( ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER )
+        return( MBEDTLS_ERR_PEM_INVALID_DATA + ret );
+
+    if( ( buf = mbedtls_calloc( 1, len ) ) == NULL )
+        return( MBEDTLS_ERR_PEM_ALLOC_FAILED );
+
+    if( ( ret = mbedtls_base64_decode( buf, len, &len, s1, s2 - s1 ) ) != 0 )
+    {
+        mbedtls_zeroize( buf, len );
+        mbedtls_free( buf );
+        return( MBEDTLS_ERR_PEM_INVALID_DATA + ret );
+    }
+
+    if( enc != 0 )
+    {
+#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) &&         \
+    ( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
+        if( pwd == NULL )
+        {
+            mbedtls_zeroize( buf, len );
+            mbedtls_free( buf );
+            return( MBEDTLS_ERR_PEM_PASSWORD_REQUIRED );
+        }
+
+        ret = 0;
+
+#if defined(MBEDTLS_DES_C)
+        if( enc_alg == MBEDTLS_CIPHER_DES_EDE3_CBC )
+            ret = pem_des3_decrypt( pem_iv, buf, len, pwd, pwdlen );
+        else if( enc_alg == MBEDTLS_CIPHER_DES_CBC )
+            ret = pem_des_decrypt( pem_iv, buf, len, pwd, pwdlen );
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_AES_C)
+        if( enc_alg == MBEDTLS_CIPHER_AES_128_CBC )
+            ret = pem_aes_decrypt( pem_iv, 16, buf, len, pwd, pwdlen );
+        else if( enc_alg == MBEDTLS_CIPHER_AES_192_CBC )
+            ret = pem_aes_decrypt( pem_iv, 24, buf, len, pwd, pwdlen );
+        else if( enc_alg == MBEDTLS_CIPHER_AES_256_CBC )
+            ret = pem_aes_decrypt( pem_iv, 32, buf, len, pwd, pwdlen );
+#endif /* MBEDTLS_AES_C */
+
+        if( ret != 0 )
+        {
+            mbedtls_free( buf );
+            return( ret );
+        }
+
+        /*
+         * The result will be ASN.1 starting with a SEQUENCE tag, with 1 to 3
+         * length bytes (allow 4 to be sure) in all known use cases.
+         *
+         * Use that as heurisitic to try detecting password mismatchs.
+         */
+        if( len <= 2 || buf[0] != 0x30 || buf[1] > 0x83 )
+        {
+            mbedtls_zeroize( buf, len );
+            mbedtls_free( buf );
+            return( MBEDTLS_ERR_PEM_PASSWORD_MISMATCH );
+        }
+#else
+        mbedtls_zeroize( buf, len );
+        mbedtls_free( buf );
+        return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE );
+#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
+          ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
+    }
+
+    ctx->buf = buf;
+    ctx->buflen = len;
+
+    return( 0 );
+}
+
+void mbedtls_pem_free( mbedtls_pem_context *ctx )
+{
+    if( ctx->buf != NULL )
+        mbedtls_zeroize( ctx->buf, ctx->buflen );
+    mbedtls_free( ctx->buf );
+    mbedtls_free( ctx->info );
+
+    mbedtls_zeroize( ctx, sizeof( mbedtls_pem_context ) );
+}
+#endif /* MBEDTLS_PEM_PARSE_C */
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+int mbedtls_pem_write_buffer( const char *header, const char *footer,
+                      const unsigned char *der_data, size_t der_len,
+                      unsigned char *buf, size_t buf_len, size_t *olen )
+{
+    int ret;
+    unsigned char *encode_buf, *c, *p = buf;
+    size_t len = 0, use_len, add_len = 0;
+
+    mbedtls_base64_encode( NULL, 0, &use_len, der_data, der_len );
+    add_len = strlen( header ) + strlen( footer ) + ( use_len / 64 ) + 1;
+
+    if( use_len + add_len > buf_len )
+    {
+        *olen = use_len + add_len;
+        return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
+    }
+
+    if( ( encode_buf = mbedtls_calloc( 1, use_len ) ) == NULL )
+        return( MBEDTLS_ERR_PEM_ALLOC_FAILED );
+
+    if( ( ret = mbedtls_base64_encode( encode_buf, use_len, &use_len, der_data,
+                               der_len ) ) != 0 )
+    {
+        mbedtls_free( encode_buf );
+        return( ret );
+    }
+
+    memcpy( p, header, strlen( header ) );
+    p += strlen( header );
+    c = encode_buf;
+
+    while( use_len )
+    {
+        len = ( use_len > 64 ) ? 64 : use_len;
+        memcpy( p, c, len );
+        use_len -= len;
+        p += len;
+        c += len;
+        *p++ = '\n';
+    }
+
+    memcpy( p, footer, strlen( footer ) );
+    p += strlen( footer );
+
+    *p++ = '\0';
+    *olen = p - buf;
+
+    mbedtls_free( encode_buf );
+    return( 0 );
+}
+#endif /* MBEDTLS_PEM_WRITE_C */
+#endif /* MBEDTLS_PEM_PARSE_C || MBEDTLS_PEM_WRITE_C */
diff --git a/thirdparty/mbedtls/library/pk.c b/thirdparty/mbedtls/library/pk.c
new file mode 100644
index 0000000000..b52c73fbc6
--- /dev/null
+++ b/thirdparty/mbedtls/library/pk.c
@@ -0,0 +1,382 @@
+/*
+ *  Public Key abstraction layer
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PK_C)
+#include "mbedtls/pk.h"
+#include "mbedtls/pk_internal.h"
+
+#if defined(MBEDTLS_RSA_C)
+#include "mbedtls/rsa.h"
+#endif
+#if defined(MBEDTLS_ECP_C)
+#include "mbedtls/ecp.h"
+#endif
+#if defined(MBEDTLS_ECDSA_C)
+#include "mbedtls/ecdsa.h"
+#endif
+
+#include <limits.h>
+#include <stdint.h>
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+/*
+ * Initialise a mbedtls_pk_context
+ */
+void mbedtls_pk_init( mbedtls_pk_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    ctx->pk_info = NULL;
+    ctx->pk_ctx = NULL;
+}
+
+/*
+ * Free (the components of) a mbedtls_pk_context
+ */
+void mbedtls_pk_free( mbedtls_pk_context *ctx )
+{
+    if( ctx == NULL || ctx->pk_info == NULL )
+        return;
+
+    ctx->pk_info->ctx_free_func( ctx->pk_ctx );
+
+    mbedtls_zeroize( ctx, sizeof( mbedtls_pk_context ) );
+}
+
+/*
+ * Get pk_info structure from type
+ */
+const mbedtls_pk_info_t * mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type )
+{
+    switch( pk_type ) {
+#if defined(MBEDTLS_RSA_C)
+        case MBEDTLS_PK_RSA:
+            return( &mbedtls_rsa_info );
+#endif
+#if defined(MBEDTLS_ECP_C)
+        case MBEDTLS_PK_ECKEY:
+            return( &mbedtls_eckey_info );
+        case MBEDTLS_PK_ECKEY_DH:
+            return( &mbedtls_eckeydh_info );
+#endif
+#if defined(MBEDTLS_ECDSA_C)
+        case MBEDTLS_PK_ECDSA:
+            return( &mbedtls_ecdsa_info );
+#endif
+        /* MBEDTLS_PK_RSA_ALT omitted on purpose */
+        default:
+            return( NULL );
+    }
+}
+
+/*
+ * Initialise context
+ */
+int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info )
+{
+    if( ctx == NULL || info == NULL || ctx->pk_info != NULL )
+        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+    if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
+        return( MBEDTLS_ERR_PK_ALLOC_FAILED );
+
+    ctx->pk_info = info;
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
+/*
+ * Initialize an RSA-alt context
+ */
+int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key,
+                         mbedtls_pk_rsa_alt_decrypt_func decrypt_func,
+                         mbedtls_pk_rsa_alt_sign_func sign_func,
+                         mbedtls_pk_rsa_alt_key_len_func key_len_func )
+{
+    mbedtls_rsa_alt_context *rsa_alt;
+    const mbedtls_pk_info_t *info = &mbedtls_rsa_alt_info;
+
+    if( ctx == NULL || ctx->pk_info != NULL )
+        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+    if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
+        return( MBEDTLS_ERR_PK_ALLOC_FAILED );
+
+    ctx->pk_info = info;
+
+    rsa_alt = (mbedtls_rsa_alt_context *) ctx->pk_ctx;
+
+    rsa_alt->key = key;
+    rsa_alt->decrypt_func = decrypt_func;
+    rsa_alt->sign_func = sign_func;
+    rsa_alt->key_len_func = key_len_func;
+
+    return( 0 );
+}
+#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
+
+/*
+ * Tell if a PK can do the operations of the given type
+ */
+int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type )
+{
+    /* null or NONE context can't do anything */
+    if( ctx == NULL || ctx->pk_info == NULL )
+        return( 0 );
+
+    return( ctx->pk_info->can_do( type ) );
+}
+
+/*
+ * Helper for mbedtls_pk_sign and mbedtls_pk_verify
+ */
+static inline int pk_hashlen_helper( mbedtls_md_type_t md_alg, size_t *hash_len )
+{
+    const mbedtls_md_info_t *md_info;
+
+    if( *hash_len != 0 )
+        return( 0 );
+
+    if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
+        return( -1 );
+
+    *hash_len = mbedtls_md_get_size( md_info );
+    return( 0 );
+}
+
+/*
+ * Verify a signature
+ */
+int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
+               const unsigned char *hash, size_t hash_len,
+               const unsigned char *sig, size_t sig_len )
+{
+    if( ctx == NULL || ctx->pk_info == NULL ||
+        pk_hashlen_helper( md_alg, &hash_len ) != 0 )
+        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+    if( ctx->pk_info->verify_func == NULL )
+        return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
+
+    return( ctx->pk_info->verify_func( ctx->pk_ctx, md_alg, hash, hash_len,
+                                       sig, sig_len ) );
+}
+
+/*
+ * Verify a signature with options
+ */
+int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
+                   mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
+                   const unsigned char *hash, size_t hash_len,
+                   const unsigned char *sig, size_t sig_len )
+{
+    if( ctx == NULL || ctx->pk_info == NULL )
+        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+    if( ! mbedtls_pk_can_do( ctx, type ) )
+        return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
+
+    if( type == MBEDTLS_PK_RSASSA_PSS )
+    {
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21)
+        int ret;
+        const mbedtls_pk_rsassa_pss_options *pss_opts;
+
+#if SIZE_MAX > UINT_MAX
+        if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
+            return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+#endif /* SIZE_MAX > UINT_MAX */
+
+        if( options == NULL )
+            return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+        pss_opts = (const mbedtls_pk_rsassa_pss_options *) options;
+
+        if( sig_len < mbedtls_pk_get_len( ctx ) )
+            return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
+
+        ret = mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_pk_rsa( *ctx ),
+                NULL, NULL, MBEDTLS_RSA_PUBLIC,
+                md_alg, (unsigned int) hash_len, hash,
+                pss_opts->mgf1_hash_id,
+                pss_opts->expected_salt_len,
+                sig );
+        if( ret != 0 )
+            return( ret );
+
+        if( sig_len > mbedtls_pk_get_len( ctx ) )
+            return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
+
+        return( 0 );
+#else
+        return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
+#endif /* MBEDTLS_RSA_C && MBEDTLS_PKCS1_V21 */
+    }
+
+    /* General case: no options */
+    if( options != NULL )
+        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+    return( mbedtls_pk_verify( ctx, md_alg, hash, hash_len, sig, sig_len ) );
+}
+
+/*
+ * Make a signature
+ */
+int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
+             const unsigned char *hash, size_t hash_len,
+             unsigned char *sig, size_t *sig_len,
+             int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+    if( ctx == NULL || ctx->pk_info == NULL ||
+        pk_hashlen_helper( md_alg, &hash_len ) != 0 )
+        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+    if( ctx->pk_info->sign_func == NULL )
+        return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
+
+    return( ctx->pk_info->sign_func( ctx->pk_ctx, md_alg, hash, hash_len,
+                                     sig, sig_len, f_rng, p_rng ) );
+}
+
+/*
+ * Decrypt message
+ */
+int mbedtls_pk_decrypt( mbedtls_pk_context *ctx,
+                const unsigned char *input, size_t ilen,
+                unsigned char *output, size_t *olen, size_t osize,
+                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+    if( ctx == NULL || ctx->pk_info == NULL )
+        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+    if( ctx->pk_info->decrypt_func == NULL )
+        return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
+
+    return( ctx->pk_info->decrypt_func( ctx->pk_ctx, input, ilen,
+                output, olen, osize, f_rng, p_rng ) );
+}
+
+/*
+ * Encrypt message
+ */
+int mbedtls_pk_encrypt( mbedtls_pk_context *ctx,
+                const unsigned char *input, size_t ilen,
+                unsigned char *output, size_t *olen, size_t osize,
+                int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+    if( ctx == NULL || ctx->pk_info == NULL )
+        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+    if( ctx->pk_info->encrypt_func == NULL )
+        return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
+
+    return( ctx->pk_info->encrypt_func( ctx->pk_ctx, input, ilen,
+                output, olen, osize, f_rng, p_rng ) );
+}
+
+/*
+ * Check public-private key pair
+ */
+int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv )
+{
+    if( pub == NULL || pub->pk_info == NULL ||
+        prv == NULL || prv->pk_info == NULL ||
+        prv->pk_info->check_pair_func == NULL )
+    {
+        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+    }
+
+    if( prv->pk_info->type == MBEDTLS_PK_RSA_ALT )
+    {
+        if( pub->pk_info->type != MBEDTLS_PK_RSA )
+            return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
+    }
+    else
+    {
+        if( pub->pk_info != prv->pk_info )
+            return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
+    }
+
+    return( prv->pk_info->check_pair_func( pub->pk_ctx, prv->pk_ctx ) );
+}
+
+/*
+ * Get key size in bits
+ */
+size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx )
+{
+    if( ctx == NULL || ctx->pk_info == NULL )
+        return( 0 );
+
+    return( ctx->pk_info->get_bitlen( ctx->pk_ctx ) );
+}
+
+/*
+ * Export debug information
+ */
+int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items )
+{
+    if( ctx == NULL || ctx->pk_info == NULL )
+        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+    if( ctx->pk_info->debug_func == NULL )
+        return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
+
+    ctx->pk_info->debug_func( ctx->pk_ctx, items );
+    return( 0 );
+}
+
+/*
+ * Access the PK type name
+ */
+const char *mbedtls_pk_get_name( const mbedtls_pk_context *ctx )
+{
+    if( ctx == NULL || ctx->pk_info == NULL )
+        return( "invalid PK" );
+
+    return( ctx->pk_info->name );
+}
+
+/*
+ * Access the PK type
+ */
+mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx )
+{
+    if( ctx == NULL || ctx->pk_info == NULL )
+        return( MBEDTLS_PK_NONE );
+
+    return( ctx->pk_info->type );
+}
+
+#endif /* MBEDTLS_PK_C */
diff --git a/thirdparty/mbedtls/library/pk_wrap.c b/thirdparty/mbedtls/library/pk_wrap.c
new file mode 100644
index 0000000000..a4bb35fc8f
--- /dev/null
+++ b/thirdparty/mbedtls/library/pk_wrap.c
@@ -0,0 +1,521 @@
+/*
+ *  Public Key abstraction layer: wrapper functions
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PK_C)
+#include "mbedtls/pk_internal.h"
+
+/* Even if RSA not activated, for the sake of RSA-alt */
+#include "mbedtls/rsa.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_ECP_C)
+#include "mbedtls/ecp.h"
+#endif
+
+#if defined(MBEDTLS_ECDSA_C)
+#include "mbedtls/ecdsa.h"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define mbedtls_calloc    calloc
+#define mbedtls_free       free
+#endif
+
+#include <limits.h>
+#include <stdint.h>
+
+#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+#endif
+
+#if defined(MBEDTLS_RSA_C)
+static int rsa_can_do( mbedtls_pk_type_t type )
+{
+    return( type == MBEDTLS_PK_RSA ||
+            type == MBEDTLS_PK_RSASSA_PSS );
+}
+
+static size_t rsa_get_bitlen( const void *ctx )
+{
+    const mbedtls_rsa_context * rsa = (const mbedtls_rsa_context *) ctx;
+    return( 8 * mbedtls_rsa_get_len( rsa ) );
+}
+
+static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
+                   const unsigned char *hash, size_t hash_len,
+                   const unsigned char *sig, size_t sig_len )
+{
+    int ret;
+    mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx;
+    size_t rsa_len = mbedtls_rsa_get_len( rsa );
+
+#if SIZE_MAX > UINT_MAX
+    if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
+        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+#endif /* SIZE_MAX > UINT_MAX */
+
+    if( sig_len < rsa_len )
+        return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
+
+    if( ( ret = mbedtls_rsa_pkcs1_verify( rsa, NULL, NULL,
+                                  MBEDTLS_RSA_PUBLIC, md_alg,
+                                  (unsigned int) hash_len, hash, sig ) ) != 0 )
+        return( ret );
+
+    if( sig_len > rsa_len )
+        return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
+
+    return( 0 );
+}
+
+static int rsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
+                   const unsigned char *hash, size_t hash_len,
+                   unsigned char *sig, size_t *sig_len,
+                   int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+    mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx;
+
+#if SIZE_MAX > UINT_MAX
+    if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
+        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+#endif /* SIZE_MAX > UINT_MAX */
+
+    *sig_len = mbedtls_rsa_get_len( rsa );
+
+    return( mbedtls_rsa_pkcs1_sign( rsa, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
+                md_alg, (unsigned int) hash_len, hash, sig ) );
+}
+
+static int rsa_decrypt_wrap( void *ctx,
+                    const unsigned char *input, size_t ilen,
+                    unsigned char *output, size_t *olen, size_t osize,
+                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+    mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx;
+
+    if( ilen != mbedtls_rsa_get_len( rsa ) )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    return( mbedtls_rsa_pkcs1_decrypt( rsa, f_rng, p_rng,
+                MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) );
+}
+
+static int rsa_encrypt_wrap( void *ctx,
+                    const unsigned char *input, size_t ilen,
+                    unsigned char *output, size_t *olen, size_t osize,
+                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+    mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx;
+    *olen = mbedtls_rsa_get_len( rsa );
+
+    if( *olen > osize )
+        return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE );
+
+    return( mbedtls_rsa_pkcs1_encrypt( rsa, f_rng, p_rng, MBEDTLS_RSA_PUBLIC,
+                                       ilen, input, output ) );
+}
+
+static int rsa_check_pair_wrap( const void *pub, const void *prv )
+{
+    return( mbedtls_rsa_check_pub_priv( (const mbedtls_rsa_context *) pub,
+                                (const mbedtls_rsa_context *) prv ) );
+}
+
+static void *rsa_alloc_wrap( void )
+{
+    void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_context ) );
+
+    if( ctx != NULL )
+        mbedtls_rsa_init( (mbedtls_rsa_context *) ctx, 0, 0 );
+
+    return( ctx );
+}
+
+static void rsa_free_wrap( void *ctx )
+{
+    mbedtls_rsa_free( (mbedtls_rsa_context *) ctx );
+    mbedtls_free( ctx );
+}
+
+static void rsa_debug( const void *ctx, mbedtls_pk_debug_item *items )
+{
+    items->type = MBEDTLS_PK_DEBUG_MPI;
+    items->name = "rsa.N";
+    items->value = &( ((mbedtls_rsa_context *) ctx)->N );
+
+    items++;
+
+    items->type = MBEDTLS_PK_DEBUG_MPI;
+    items->name = "rsa.E";
+    items->value = &( ((mbedtls_rsa_context *) ctx)->E );
+}
+
+const mbedtls_pk_info_t mbedtls_rsa_info = {
+    MBEDTLS_PK_RSA,
+    "RSA",
+    rsa_get_bitlen,
+    rsa_can_do,
+    rsa_verify_wrap,
+    rsa_sign_wrap,
+    rsa_decrypt_wrap,
+    rsa_encrypt_wrap,
+    rsa_check_pair_wrap,
+    rsa_alloc_wrap,
+    rsa_free_wrap,
+    rsa_debug,
+};
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_ECP_C)
+/*
+ * Generic EC key
+ */
+static int eckey_can_do( mbedtls_pk_type_t type )
+{
+    return( type == MBEDTLS_PK_ECKEY ||
+            type == MBEDTLS_PK_ECKEY_DH ||
+            type == MBEDTLS_PK_ECDSA );
+}
+
+static size_t eckey_get_bitlen( const void *ctx )
+{
+    return( ((mbedtls_ecp_keypair *) ctx)->grp.pbits );
+}
+
+#if defined(MBEDTLS_ECDSA_C)
+/* Forward declarations */
+static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
+                       const unsigned char *hash, size_t hash_len,
+                       const unsigned char *sig, size_t sig_len );
+
+static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
+                   const unsigned char *hash, size_t hash_len,
+                   unsigned char *sig, size_t *sig_len,
+                   int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
+
+static int eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
+                       const unsigned char *hash, size_t hash_len,
+                       const unsigned char *sig, size_t sig_len )
+{
+    int ret;
+    mbedtls_ecdsa_context ecdsa;
+
+    mbedtls_ecdsa_init( &ecdsa );
+
+    if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
+        ret = ecdsa_verify_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len );
+
+    mbedtls_ecdsa_free( &ecdsa );
+
+    return( ret );
+}
+
+static int eckey_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
+                   const unsigned char *hash, size_t hash_len,
+                   unsigned char *sig, size_t *sig_len,
+                   int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+    int ret;
+    mbedtls_ecdsa_context ecdsa;
+
+    mbedtls_ecdsa_init( &ecdsa );
+
+    if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
+        ret = ecdsa_sign_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len,
+                               f_rng, p_rng );
+
+    mbedtls_ecdsa_free( &ecdsa );
+
+    return( ret );
+}
+
+#endif /* MBEDTLS_ECDSA_C */
+
+static int eckey_check_pair( const void *pub, const void *prv )
+{
+    return( mbedtls_ecp_check_pub_priv( (const mbedtls_ecp_keypair *) pub,
+                                (const mbedtls_ecp_keypair *) prv ) );
+}
+
+static void *eckey_alloc_wrap( void )
+{
+    void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) );
+
+    if( ctx != NULL )
+        mbedtls_ecp_keypair_init( ctx );
+
+    return( ctx );
+}
+
+static void eckey_free_wrap( void *ctx )
+{
+    mbedtls_ecp_keypair_free( (mbedtls_ecp_keypair *) ctx );
+    mbedtls_free( ctx );
+}
+
+static void eckey_debug( const void *ctx, mbedtls_pk_debug_item *items )
+{
+    items->type = MBEDTLS_PK_DEBUG_ECP;
+    items->name = "eckey.Q";
+    items->value = &( ((mbedtls_ecp_keypair *) ctx)->Q );
+}
+
+const mbedtls_pk_info_t mbedtls_eckey_info = {
+    MBEDTLS_PK_ECKEY,
+    "EC",
+    eckey_get_bitlen,
+    eckey_can_do,
+#if defined(MBEDTLS_ECDSA_C)
+    eckey_verify_wrap,
+    eckey_sign_wrap,
+#else
+    NULL,
+    NULL,
+#endif
+    NULL,
+    NULL,
+    eckey_check_pair,
+    eckey_alloc_wrap,
+    eckey_free_wrap,
+    eckey_debug,
+};
+
+/*
+ * EC key restricted to ECDH
+ */
+static int eckeydh_can_do( mbedtls_pk_type_t type )
+{
+    return( type == MBEDTLS_PK_ECKEY ||
+            type == MBEDTLS_PK_ECKEY_DH );
+}
+
+const mbedtls_pk_info_t mbedtls_eckeydh_info = {
+    MBEDTLS_PK_ECKEY_DH,
+    "EC_DH",
+    eckey_get_bitlen,         /* Same underlying key structure */
+    eckeydh_can_do,
+    NULL,
+    NULL,
+    NULL,
+    NULL,
+    eckey_check_pair,
+    eckey_alloc_wrap,       /* Same underlying key structure */
+    eckey_free_wrap,        /* Same underlying key structure */
+    eckey_debug,            /* Same underlying key structure */
+};
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_ECDSA_C)
+static int ecdsa_can_do( mbedtls_pk_type_t type )
+{
+    return( type == MBEDTLS_PK_ECDSA );
+}
+
+static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
+                       const unsigned char *hash, size_t hash_len,
+                       const unsigned char *sig, size_t sig_len )
+{
+    int ret;
+    ((void) md_alg);
+
+    ret = mbedtls_ecdsa_read_signature( (mbedtls_ecdsa_context *) ctx,
+                                hash, hash_len, sig, sig_len );
+
+    if( ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH )
+        return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
+
+    return( ret );
+}
+
+static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
+                   const unsigned char *hash, size_t hash_len,
+                   unsigned char *sig, size_t *sig_len,
+                   int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+    return( mbedtls_ecdsa_write_signature( (mbedtls_ecdsa_context *) ctx,
+                md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng ) );
+}
+
+static void *ecdsa_alloc_wrap( void )
+{
+    void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecdsa_context ) );
+
+    if( ctx != NULL )
+        mbedtls_ecdsa_init( (mbedtls_ecdsa_context *) ctx );
+
+    return( ctx );
+}
+
+static void ecdsa_free_wrap( void *ctx )
+{
+    mbedtls_ecdsa_free( (mbedtls_ecdsa_context *) ctx );
+    mbedtls_free( ctx );
+}
+
+const mbedtls_pk_info_t mbedtls_ecdsa_info = {
+    MBEDTLS_PK_ECDSA,
+    "ECDSA",
+    eckey_get_bitlen,     /* Compatible key structures */
+    ecdsa_can_do,
+    ecdsa_verify_wrap,
+    ecdsa_sign_wrap,
+    NULL,
+    NULL,
+    eckey_check_pair,   /* Compatible key structures */
+    ecdsa_alloc_wrap,
+    ecdsa_free_wrap,
+    eckey_debug,        /* Compatible key structures */
+};
+#endif /* MBEDTLS_ECDSA_C */
+
+#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
+/*
+ * Support for alternative RSA-private implementations
+ */
+
+static int rsa_alt_can_do( mbedtls_pk_type_t type )
+{
+    return( type == MBEDTLS_PK_RSA );
+}
+
+static size_t rsa_alt_get_bitlen( const void *ctx )
+{
+    const mbedtls_rsa_alt_context *rsa_alt = (const mbedtls_rsa_alt_context *) ctx;
+
+    return( 8 * rsa_alt->key_len_func( rsa_alt->key ) );
+}
+
+static int rsa_alt_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
+                   const unsigned char *hash, size_t hash_len,
+                   unsigned char *sig, size_t *sig_len,
+                   int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+    mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx;
+
+#if SIZE_MAX > UINT_MAX
+    if( UINT_MAX < hash_len )
+        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+#endif /* SIZE_MAX > UINT_MAX */
+
+    *sig_len = rsa_alt->key_len_func( rsa_alt->key );
+
+    return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
+                md_alg, (unsigned int) hash_len, hash, sig ) );
+}
+
+static int rsa_alt_decrypt_wrap( void *ctx,
+                    const unsigned char *input, size_t ilen,
+                    unsigned char *output, size_t *olen, size_t osize,
+                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+    mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx;
+
+    ((void) f_rng);
+    ((void) p_rng);
+
+    if( ilen != rsa_alt->key_len_func( rsa_alt->key ) )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    return( rsa_alt->decrypt_func( rsa_alt->key,
+                MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) );
+}
+
+#if defined(MBEDTLS_RSA_C)
+static int rsa_alt_check_pair( const void *pub, const void *prv )
+{
+    unsigned char sig[MBEDTLS_MPI_MAX_SIZE];
+    unsigned char hash[32];
+    size_t sig_len = 0;
+    int ret;
+
+    if( rsa_alt_get_bitlen( prv ) != rsa_get_bitlen( pub ) )
+        return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
+
+    memset( hash, 0x2a, sizeof( hash ) );
+
+    if( ( ret = rsa_alt_sign_wrap( (void *) prv, MBEDTLS_MD_NONE,
+                                   hash, sizeof( hash ),
+                                   sig, &sig_len, NULL, NULL ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    if( rsa_verify_wrap( (void *) pub, MBEDTLS_MD_NONE,
+                         hash, sizeof( hash ), sig, sig_len ) != 0 )
+    {
+        return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_RSA_C */
+
+static void *rsa_alt_alloc_wrap( void )
+{
+    void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_alt_context ) );
+
+    if( ctx != NULL )
+        memset( ctx, 0, sizeof( mbedtls_rsa_alt_context ) );
+
+    return( ctx );
+}
+
+static void rsa_alt_free_wrap( void *ctx )
+{
+    mbedtls_zeroize( ctx, sizeof( mbedtls_rsa_alt_context ) );
+    mbedtls_free( ctx );
+}
+
+const mbedtls_pk_info_t mbedtls_rsa_alt_info = {
+    MBEDTLS_PK_RSA_ALT,
+    "RSA-alt",
+    rsa_alt_get_bitlen,
+    rsa_alt_can_do,
+    NULL,
+    rsa_alt_sign_wrap,
+    rsa_alt_decrypt_wrap,
+    NULL,
+#if defined(MBEDTLS_RSA_C)
+    rsa_alt_check_pair,
+#else
+    NULL,
+#endif
+    rsa_alt_alloc_wrap,
+    rsa_alt_free_wrap,
+    NULL,
+};
+
+#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
+
+#endif /* MBEDTLS_PK_C */
diff --git a/thirdparty/mbedtls/library/pkcs11.c b/thirdparty/mbedtls/library/pkcs11.c
new file mode 100644
index 0000000000..0ea64252ee
--- /dev/null
+++ b/thirdparty/mbedtls/library/pkcs11.c
@@ -0,0 +1,240 @@
+/**
+ * \file pkcs11.c
+ *
+ * \brief Wrapper for PKCS#11 library libpkcs11-helper
+ *
+ * \author Adriaan de Jong <dejong@fox-it.com>
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#include "mbedtls/pkcs11.h"
+
+#if defined(MBEDTLS_PKCS11_C)
+
+#include "mbedtls/md.h"
+#include "mbedtls/oid.h"
+#include "mbedtls/x509_crt.h"
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define mbedtls_calloc    calloc
+#define mbedtls_free       free
+#endif
+
+#include <string.h>
+
+void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_pkcs11_context ) );
+}
+
+int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11_cert )
+{
+    int ret = 1;
+    unsigned char *cert_blob = NULL;
+    size_t cert_blob_size = 0;
+
+    if( cert == NULL )
+    {
+        ret = 2;
+        goto cleanup;
+    }
+
+    if( pkcs11h_certificate_getCertificateBlob( pkcs11_cert, NULL,
+                                                &cert_blob_size ) != CKR_OK )
+    {
+        ret = 3;
+        goto cleanup;
+    }
+
+    cert_blob = mbedtls_calloc( 1, cert_blob_size );
+    if( NULL == cert_blob )
+    {
+        ret = 4;
+        goto cleanup;
+    }
+
+    if( pkcs11h_certificate_getCertificateBlob( pkcs11_cert, cert_blob,
+                                                &cert_blob_size ) != CKR_OK )
+    {
+        ret = 5;
+        goto cleanup;
+    }
+
+    if( 0 != mbedtls_x509_crt_parse( cert, cert_blob, cert_blob_size ) )
+    {
+        ret = 6;
+        goto cleanup;
+    }
+
+    ret = 0;
+
+cleanup:
+    if( NULL != cert_blob )
+        mbedtls_free( cert_blob );
+
+    return( ret );
+}
+
+
+int mbedtls_pkcs11_priv_key_bind( mbedtls_pkcs11_context *priv_key,
+        pkcs11h_certificate_t pkcs11_cert )
+{
+    int ret = 1;
+    mbedtls_x509_crt cert;
+
+    mbedtls_x509_crt_init( &cert );
+
+    if( priv_key == NULL )
+        goto cleanup;
+
+    if( 0 != mbedtls_pkcs11_x509_cert_bind( &cert, pkcs11_cert ) )
+        goto cleanup;
+
+    priv_key->len = mbedtls_pk_get_len( &cert.pk );
+    priv_key->pkcs11h_cert = pkcs11_cert;
+
+    ret = 0;
+
+cleanup:
+    mbedtls_x509_crt_free( &cert );
+
+    return( ret );
+}
+
+void mbedtls_pkcs11_priv_key_free( mbedtls_pkcs11_context *priv_key )
+{
+    if( NULL != priv_key )
+        pkcs11h_certificate_freeCertificate( priv_key->pkcs11h_cert );
+}
+
+int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx,
+                       int mode, size_t *olen,
+                       const unsigned char *input,
+                       unsigned char *output,
+                       size_t output_max_len )
+{
+    size_t input_len, output_len;
+
+    if( NULL == ctx )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    if( MBEDTLS_RSA_PRIVATE != mode )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    output_len = input_len = ctx->len;
+
+    if( input_len < 16 || input_len > output_max_len )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    /* Determine size of output buffer */
+    if( pkcs11h_certificate_decryptAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, input,
+            input_len, NULL, &output_len ) != CKR_OK )
+    {
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+    }
+
+    if( output_len > output_max_len )
+        return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE );
+
+    if( pkcs11h_certificate_decryptAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, input,
+            input_len, output, &output_len ) != CKR_OK )
+    {
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+    }
+    *olen = output_len;
+    return( 0 );
+}
+
+int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx,
+                    int mode,
+                    mbedtls_md_type_t md_alg,
+                    unsigned int hashlen,
+                    const unsigned char *hash,
+                    unsigned char *sig )
+{
+    size_t sig_len = 0, asn_len = 0, oid_size = 0;
+    unsigned char *p = sig;
+    const char *oid;
+
+    if( NULL == ctx )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    if( MBEDTLS_RSA_PRIVATE != mode )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    if( md_alg != MBEDTLS_MD_NONE )
+    {
+        const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg );
+        if( md_info == NULL )
+            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+        if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 )
+            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+        hashlen = mbedtls_md_get_size( md_info );
+        asn_len = 10 + oid_size;
+    }
+
+    sig_len = ctx->len;
+    if( hashlen > sig_len || asn_len > sig_len ||
+        hashlen + asn_len > sig_len )
+    {
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+    }
+
+    if( md_alg != MBEDTLS_MD_NONE )
+    {
+        /*
+         * DigestInfo ::= SEQUENCE {
+         *   digestAlgorithm DigestAlgorithmIdentifier,
+         *   digest Digest }
+         *
+         * DigestAlgorithmIdentifier ::= AlgorithmIdentifier
+         *
+         * Digest ::= OCTET STRING
+         */
+        *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED;
+        *p++ = (unsigned char) ( 0x08 + oid_size + hashlen );
+        *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED;
+        *p++ = (unsigned char) ( 0x04 + oid_size );
+        *p++ = MBEDTLS_ASN1_OID;
+        *p++ = oid_size & 0xFF;
+        memcpy( p, oid, oid_size );
+        p += oid_size;
+        *p++ = MBEDTLS_ASN1_NULL;
+        *p++ = 0x00;
+        *p++ = MBEDTLS_ASN1_OCTET_STRING;
+        *p++ = hashlen;
+    }
+
+    memcpy( p, hash, hashlen );
+
+    if( pkcs11h_certificate_signAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, sig,
+            asn_len + hashlen, sig, &sig_len ) != CKR_OK )
+    {
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+    }
+
+    return( 0 );
+}
+
+#endif /* defined(MBEDTLS_PKCS11_C) */
diff --git a/thirdparty/mbedtls/library/pkcs12.c b/thirdparty/mbedtls/library/pkcs12.c
new file mode 100644
index 0000000000..c603a13577
--- /dev/null
+++ b/thirdparty/mbedtls/library/pkcs12.c
@@ -0,0 +1,365 @@
+/*
+ *  PKCS#12 Personal Information Exchange Syntax
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ *  The PKCS #12 Personal Information Exchange Syntax Standard v1.1
+ *
+ *  http://www.rsa.com/rsalabs/pkcs/files/h11301-wp-pkcs-12v1-1-personal-information-exchange-syntax.pdf
+ *  ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1-1.asn
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PKCS12_C)
+
+#include "mbedtls/pkcs12.h"
+#include "mbedtls/asn1.h"
+#include "mbedtls/cipher.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_ARC4_C)
+#include "mbedtls/arc4.h"
+#endif
+
+#if defined(MBEDTLS_DES_C)
+#include "mbedtls/des.h"
+#endif
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+static int pkcs12_parse_pbe_params( mbedtls_asn1_buf *params,
+                                    mbedtls_asn1_buf *salt, int *iterations )
+{
+    int ret;
+    unsigned char **p = &params->p;
+    const unsigned char *end = params->p + params->len;
+
+    /*
+     *  pkcs-12PbeParams ::= SEQUENCE {
+     *    salt          OCTET STRING,
+     *    iterations    INTEGER
+     *  }
+     *
+     */
+    if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
+        return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT +
+                MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &salt->len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
+        return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + ret );
+
+    salt->p = *p;
+    *p += salt->len;
+
+    if( ( ret = mbedtls_asn1_get_int( p, end, iterations ) ) != 0 )
+        return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + ret );
+
+    if( *p != end )
+        return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    return( 0 );
+}
+
+#define PKCS12_MAX_PWDLEN 128
+
+static int pkcs12_pbe_derive_key_iv( mbedtls_asn1_buf *pbe_params, mbedtls_md_type_t md_type,
+                                     const unsigned char *pwd,  size_t pwdlen,
+                                     unsigned char *key, size_t keylen,
+                                     unsigned char *iv,  size_t ivlen )
+{
+    int ret, iterations = 0;
+    mbedtls_asn1_buf salt;
+    size_t i;
+    unsigned char unipwd[PKCS12_MAX_PWDLEN * 2 + 2];
+
+    if( pwdlen > PKCS12_MAX_PWDLEN )
+        return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA );
+
+    memset( &salt, 0, sizeof(mbedtls_asn1_buf) );
+    memset( &unipwd, 0, sizeof(unipwd) );
+
+    if( ( ret = pkcs12_parse_pbe_params( pbe_params, &salt,
+                                         &iterations ) ) != 0 )
+        return( ret );
+
+    for( i = 0; i < pwdlen; i++ )
+        unipwd[i * 2 + 1] = pwd[i];
+
+    if( ( ret = mbedtls_pkcs12_derivation( key, keylen, unipwd, pwdlen * 2 + 2,
+                                   salt.p, salt.len, md_type,
+                                   MBEDTLS_PKCS12_DERIVE_KEY, iterations ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    if( iv == NULL || ivlen == 0 )
+        return( 0 );
+
+    if( ( ret = mbedtls_pkcs12_derivation( iv, ivlen, unipwd, pwdlen * 2 + 2,
+                                   salt.p, salt.len, md_type,
+                                   MBEDTLS_PKCS12_DERIVE_IV, iterations ) ) != 0 )
+    {
+        return( ret );
+    }
+    return( 0 );
+}
+
+#undef PKCS12_MAX_PWDLEN
+
+int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode,
+                             const unsigned char *pwd,  size_t pwdlen,
+                             const unsigned char *data, size_t len,
+                             unsigned char *output )
+{
+#if !defined(MBEDTLS_ARC4_C)
+    ((void) pbe_params);
+    ((void) mode);
+    ((void) pwd);
+    ((void) pwdlen);
+    ((void) data);
+    ((void) len);
+    ((void) output);
+    return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE );
+#else
+    int ret;
+    unsigned char key[16];
+    mbedtls_arc4_context ctx;
+    ((void) mode);
+
+    mbedtls_arc4_init( &ctx );
+
+    if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, MBEDTLS_MD_SHA1,
+                                          pwd, pwdlen,
+                                          key, 16, NULL, 0 ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    mbedtls_arc4_setup( &ctx, key, 16 );
+    if( ( ret = mbedtls_arc4_crypt( &ctx, len, data, output ) ) != 0 )
+        goto exit;
+
+exit:
+    mbedtls_zeroize( key, sizeof( key ) );
+    mbedtls_arc4_free( &ctx );
+
+    return( ret );
+#endif /* MBEDTLS_ARC4_C */
+}
+
+int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode,
+                mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
+                const unsigned char *pwd,  size_t pwdlen,
+                const unsigned char *data, size_t len,
+                unsigned char *output )
+{
+    int ret, keylen = 0;
+    unsigned char key[32];
+    unsigned char iv[16];
+    const mbedtls_cipher_info_t *cipher_info;
+    mbedtls_cipher_context_t cipher_ctx;
+    size_t olen = 0;
+
+    cipher_info = mbedtls_cipher_info_from_type( cipher_type );
+    if( cipher_info == NULL )
+        return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE );
+
+    keylen = cipher_info->key_bitlen / 8;
+
+    if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, md_type, pwd, pwdlen,
+                                          key, keylen,
+                                          iv, cipher_info->iv_size ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    mbedtls_cipher_init( &cipher_ctx );
+
+    if( ( ret = mbedtls_cipher_setup( &cipher_ctx, cipher_info ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_cipher_setkey( &cipher_ctx, key, 8 * keylen, (mbedtls_operation_t) mode ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_cipher_set_iv( &cipher_ctx, iv, cipher_info->iv_size ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_cipher_reset( &cipher_ctx ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_cipher_update( &cipher_ctx, data, len,
+                                output, &olen ) ) != 0 )
+    {
+        goto exit;
+    }
+
+    if( ( ret = mbedtls_cipher_finish( &cipher_ctx, output + olen, &olen ) ) != 0 )
+        ret = MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH;
+
+exit:
+    mbedtls_zeroize( key, sizeof( key ) );
+    mbedtls_zeroize( iv,  sizeof( iv  ) );
+    mbedtls_cipher_free( &cipher_ctx );
+
+    return( ret );
+}
+
+static void pkcs12_fill_buffer( unsigned char *data, size_t data_len,
+                                const unsigned char *filler, size_t fill_len )
+{
+    unsigned char *p = data;
+    size_t use_len;
+
+    while( data_len > 0 )
+    {
+        use_len = ( data_len > fill_len ) ? fill_len : data_len;
+        memcpy( p, filler, use_len );
+        p += use_len;
+        data_len -= use_len;
+    }
+}
+
+int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen,
+                       const unsigned char *pwd, size_t pwdlen,
+                       const unsigned char *salt, size_t saltlen,
+                       mbedtls_md_type_t md_type, int id, int iterations )
+{
+    int ret;
+    unsigned int j;
+
+    unsigned char diversifier[128];
+    unsigned char salt_block[128], pwd_block[128], hash_block[128];
+    unsigned char hash_output[MBEDTLS_MD_MAX_SIZE];
+    unsigned char *p;
+    unsigned char c;
+
+    size_t hlen, use_len, v, i;
+
+    const mbedtls_md_info_t *md_info;
+    mbedtls_md_context_t md_ctx;
+
+    // This version only allows max of 64 bytes of password or salt
+    if( datalen > 128 || pwdlen > 64 || saltlen > 64 )
+        return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA );
+
+    md_info = mbedtls_md_info_from_type( md_type );
+    if( md_info == NULL )
+        return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE );
+
+    mbedtls_md_init( &md_ctx );
+
+    if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
+        return( ret );
+    hlen = mbedtls_md_get_size( md_info );
+
+    if( hlen <= 32 )
+        v = 64;
+    else
+        v = 128;
+
+    memset( diversifier, (unsigned char) id, v );
+
+    pkcs12_fill_buffer( salt_block, v, salt, saltlen );
+    pkcs12_fill_buffer( pwd_block,  v, pwd,  pwdlen  );
+
+    p = data;
+    while( datalen > 0 )
+    {
+        // Calculate hash( diversifier || salt_block || pwd_block )
+        if( ( ret = mbedtls_md_starts( &md_ctx ) ) != 0 )
+            goto exit;
+
+        if( ( ret = mbedtls_md_update( &md_ctx, diversifier, v ) ) != 0 )
+            goto exit;
+
+        if( ( ret = mbedtls_md_update( &md_ctx, salt_block, v ) ) != 0 )
+            goto exit;
+
+        if( ( ret = mbedtls_md_update( &md_ctx, pwd_block, v ) ) != 0 )
+            goto exit;
+
+        if( ( ret = mbedtls_md_finish( &md_ctx, hash_output ) ) != 0 )
+            goto exit;
+
+        // Perform remaining ( iterations - 1 ) recursive hash calculations
+        for( i = 1; i < (size_t) iterations; i++ )
+        {
+            if( ( ret = mbedtls_md( md_info, hash_output, hlen, hash_output ) ) != 0 )
+                goto exit;
+        }
+
+        use_len = ( datalen > hlen ) ? hlen : datalen;
+        memcpy( p, hash_output, use_len );
+        datalen -= use_len;
+        p += use_len;
+
+        if( datalen == 0 )
+            break;
+
+        // Concatenating copies of hash_output into hash_block (B)
+        pkcs12_fill_buffer( hash_block, v, hash_output, hlen );
+
+        // B += 1
+        for( i = v; i > 0; i-- )
+            if( ++hash_block[i - 1] != 0 )
+                break;
+
+        // salt_block += B
+        c = 0;
+        for( i = v; i > 0; i-- )
+        {
+            j = salt_block[i - 1] + hash_block[i - 1] + c;
+            c = (unsigned char) (j >> 8);
+            salt_block[i - 1] = j & 0xFF;
+        }
+
+        // pwd_block  += B
+        c = 0;
+        for( i = v; i > 0; i-- )
+        {
+            j = pwd_block[i - 1] + hash_block[i - 1] + c;
+            c = (unsigned char) (j >> 8);
+            pwd_block[i - 1] = j & 0xFF;
+        }
+    }
+
+    ret = 0;
+
+exit:
+    mbedtls_zeroize( salt_block, sizeof( salt_block ) );
+    mbedtls_zeroize( pwd_block, sizeof( pwd_block ) );
+    mbedtls_zeroize( hash_block, sizeof( hash_block ) );
+    mbedtls_zeroize( hash_output, sizeof( hash_output ) );
+
+    mbedtls_md_free( &md_ctx );
+
+    return( ret );
+}
+
+#endif /* MBEDTLS_PKCS12_C */
diff --git a/thirdparty/mbedtls/library/pkcs5.c b/thirdparty/mbedtls/library/pkcs5.c
new file mode 100644
index 0000000000..e28d5a8473
--- /dev/null
+++ b/thirdparty/mbedtls/library/pkcs5.c
@@ -0,0 +1,406 @@
+/**
+ * \file pkcs5.c
+ *
+ * \brief PKCS#5 functions
+ *
+ * \author Mathias Olsson <mathias@kompetensum.com>
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ * PKCS#5 includes PBKDF2 and more
+ *
+ * http://tools.ietf.org/html/rfc2898 (Specification)
+ * http://tools.ietf.org/html/rfc6070 (Test vectors)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PKCS5_C)
+
+#include "mbedtls/pkcs5.h"
+#include "mbedtls/asn1.h"
+#include "mbedtls/cipher.h"
+#include "mbedtls/oid.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif
+
+static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params,
+                                      mbedtls_asn1_buf *salt, int *iterations,
+                                      int *keylen, mbedtls_md_type_t *md_type )
+{
+    int ret;
+    mbedtls_asn1_buf prf_alg_oid;
+    unsigned char *p = params->p;
+    const unsigned char *end = params->p + params->len;
+
+    if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
+        return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT +
+                MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+    /*
+     *  PBKDF2-params ::= SEQUENCE {
+     *    salt              OCTET STRING,
+     *    iterationCount    INTEGER,
+     *    keyLength         INTEGER OPTIONAL
+     *    prf               AlgorithmIdentifier DEFAULT algid-hmacWithSHA1
+     *  }
+     *
+     */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &salt->len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
+        return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
+
+    salt->p = p;
+    p += salt->len;
+
+    if( ( ret = mbedtls_asn1_get_int( &p, end, iterations ) ) != 0 )
+        return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
+
+    if( p == end )
+        return( 0 );
+
+    if( ( ret = mbedtls_asn1_get_int( &p, end, keylen ) ) != 0 )
+    {
+        if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
+            return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
+    }
+
+    if( p == end )
+        return( 0 );
+
+    if( ( ret = mbedtls_asn1_get_alg_null( &p, end, &prf_alg_oid ) ) != 0 )
+        return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
+
+    if( MBEDTLS_OID_CMP( MBEDTLS_OID_HMAC_SHA1, &prf_alg_oid ) != 0 )
+        return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
+
+    *md_type = MBEDTLS_MD_SHA1;
+
+    if( p != end )
+        return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    return( 0 );
+}
+
+int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode,
+                 const unsigned char *pwd,  size_t pwdlen,
+                 const unsigned char *data, size_t datalen,
+                 unsigned char *output )
+{
+    int ret, iterations = 0, keylen = 0;
+    unsigned char *p, *end;
+    mbedtls_asn1_buf kdf_alg_oid, enc_scheme_oid, kdf_alg_params, enc_scheme_params;
+    mbedtls_asn1_buf salt;
+    mbedtls_md_type_t md_type = MBEDTLS_MD_SHA1;
+    unsigned char key[32], iv[32];
+    size_t olen = 0;
+    const mbedtls_md_info_t *md_info;
+    const mbedtls_cipher_info_t *cipher_info;
+    mbedtls_md_context_t md_ctx;
+    mbedtls_cipher_type_t cipher_alg;
+    mbedtls_cipher_context_t cipher_ctx;
+
+    p = pbe_params->p;
+    end = p + pbe_params->len;
+
+    /*
+     *  PBES2-params ::= SEQUENCE {
+     *    keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}},
+     *    encryptionScheme AlgorithmIdentifier {{PBES2-Encs}}
+     *  }
+     */
+    if( pbe_params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
+        return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT +
+                MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+
+    if( ( ret = mbedtls_asn1_get_alg( &p, end, &kdf_alg_oid, &kdf_alg_params ) ) != 0 )
+        return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
+
+    // Only PBKDF2 supported at the moment
+    //
+    if( MBEDTLS_OID_CMP( MBEDTLS_OID_PKCS5_PBKDF2, &kdf_alg_oid ) != 0 )
+        return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
+
+    if( ( ret = pkcs5_parse_pbkdf2_params( &kdf_alg_params,
+                                           &salt, &iterations, &keylen,
+                                           &md_type ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    md_info = mbedtls_md_info_from_type( md_type );
+    if( md_info == NULL )
+        return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
+
+    if( ( ret = mbedtls_asn1_get_alg( &p, end, &enc_scheme_oid,
+                              &enc_scheme_params ) ) != 0 )
+    {
+        return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
+    }
+
+    if( mbedtls_oid_get_cipher_alg( &enc_scheme_oid, &cipher_alg ) != 0 )
+        return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
+
+    cipher_info = mbedtls_cipher_info_from_type( cipher_alg );
+    if( cipher_info == NULL )
+        return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
+
+    /*
+     * The value of keylen from pkcs5_parse_pbkdf2_params() is ignored
+     * since it is optional and we don't know if it was set or not
+     */
+    keylen = cipher_info->key_bitlen / 8;
+
+    if( enc_scheme_params.tag != MBEDTLS_ASN1_OCTET_STRING ||
+        enc_scheme_params.len != cipher_info->iv_size )
+    {
+        return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT );
+    }
+
+    mbedtls_md_init( &md_ctx );
+    mbedtls_cipher_init( &cipher_ctx );
+
+    memcpy( iv, enc_scheme_params.p, enc_scheme_params.len );
+
+    if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_pkcs5_pbkdf2_hmac( &md_ctx, pwd, pwdlen, salt.p, salt.len,
+                                   iterations, keylen, key ) ) != 0 )
+    {
+        goto exit;
+    }
+
+    if( ( ret = mbedtls_cipher_setup( &cipher_ctx, cipher_info ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_cipher_setkey( &cipher_ctx, key, 8 * keylen, (mbedtls_operation_t) mode ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_cipher_crypt( &cipher_ctx, iv, enc_scheme_params.len,
+                              data, datalen, output, &olen ) ) != 0 )
+        ret = MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH;
+
+exit:
+    mbedtls_md_free( &md_ctx );
+    mbedtls_cipher_free( &cipher_ctx );
+
+    return( ret );
+}
+
+int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *password,
+                       size_t plen, const unsigned char *salt, size_t slen,
+                       unsigned int iteration_count,
+                       uint32_t key_length, unsigned char *output )
+{
+    int ret, j;
+    unsigned int i;
+    unsigned char md1[MBEDTLS_MD_MAX_SIZE];
+    unsigned char work[MBEDTLS_MD_MAX_SIZE];
+    unsigned char md_size = mbedtls_md_get_size( ctx->md_info );
+    size_t use_len;
+    unsigned char *out_p = output;
+    unsigned char counter[4];
+
+    memset( counter, 0, 4 );
+    counter[3] = 1;
+
+    if( iteration_count > 0xFFFFFFFF )
+        return( MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA );
+
+    while( key_length )
+    {
+        // U1 ends up in work
+        //
+        if( ( ret = mbedtls_md_hmac_starts( ctx, password, plen ) ) != 0 )
+            return( ret );
+
+        if( ( ret = mbedtls_md_hmac_update( ctx, salt, slen ) ) != 0 )
+            return( ret );
+
+        if( ( ret = mbedtls_md_hmac_update( ctx, counter, 4 ) ) != 0 )
+            return( ret );
+
+        if( ( ret = mbedtls_md_hmac_finish( ctx, work ) ) != 0 )
+            return( ret );
+
+        memcpy( md1, work, md_size );
+
+        for( i = 1; i < iteration_count; i++ )
+        {
+            // U2 ends up in md1
+            //
+            if( ( ret = mbedtls_md_hmac_starts( ctx, password, plen ) ) != 0 )
+                return( ret );
+
+            if( ( ret = mbedtls_md_hmac_update( ctx, md1, md_size ) ) != 0 )
+                return( ret );
+
+            if( ( ret = mbedtls_md_hmac_finish( ctx, md1 ) ) != 0 )
+                return( ret );
+
+            // U1 xor U2
+            //
+            for( j = 0; j < md_size; j++ )
+                work[j] ^= md1[j];
+        }
+
+        use_len = ( key_length < md_size ) ? key_length : md_size;
+        memcpy( out_p, work, use_len );
+
+        key_length -= (uint32_t) use_len;
+        out_p += use_len;
+
+        for( i = 4; i > 0; i-- )
+            if( ++counter[i - 1] != 0 )
+                break;
+    }
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_SELF_TEST)
+
+#if !defined(MBEDTLS_SHA1_C)
+int mbedtls_pkcs5_self_test( int verbose )
+{
+    if( verbose != 0 )
+        mbedtls_printf( "  PBKDF2 (SHA1): skipped\n\n" );
+
+    return( 0 );
+}
+#else
+
+#define MAX_TESTS   6
+
+static const size_t plen[MAX_TESTS] =
+    { 8, 8, 8, 24, 9 };
+
+static const unsigned char password[MAX_TESTS][32] =
+{
+    "password",
+    "password",
+    "password",
+    "passwordPASSWORDpassword",
+    "pass\0word",
+};
+
+static const size_t slen[MAX_TESTS] =
+    { 4, 4, 4, 36, 5 };
+
+static const unsigned char salt[MAX_TESTS][40] =
+{
+    "salt",
+    "salt",
+    "salt",
+    "saltSALTsaltSALTsaltSALTsaltSALTsalt",
+    "sa\0lt",
+};
+
+static const uint32_t it_cnt[MAX_TESTS] =
+    { 1, 2, 4096, 4096, 4096 };
+
+static const uint32_t key_len[MAX_TESTS] =
+    { 20, 20, 20, 25, 16 };
+
+static const unsigned char result_key[MAX_TESTS][32] =
+{
+    { 0x0c, 0x60, 0xc8, 0x0f, 0x96, 0x1f, 0x0e, 0x71,
+      0xf3, 0xa9, 0xb5, 0x24, 0xaf, 0x60, 0x12, 0x06,
+      0x2f, 0xe0, 0x37, 0xa6 },
+    { 0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c,
+      0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0,
+      0xd8, 0xde, 0x89, 0x57 },
+    { 0x4b, 0x00, 0x79, 0x01, 0xb7, 0x65, 0x48, 0x9a,
+      0xbe, 0xad, 0x49, 0xd9, 0x26, 0xf7, 0x21, 0xd0,
+      0x65, 0xa4, 0x29, 0xc1 },
+    { 0x3d, 0x2e, 0xec, 0x4f, 0xe4, 0x1c, 0x84, 0x9b,
+      0x80, 0xc8, 0xd8, 0x36, 0x62, 0xc0, 0xe4, 0x4a,
+      0x8b, 0x29, 0x1a, 0x96, 0x4c, 0xf2, 0xf0, 0x70,
+      0x38 },
+    { 0x56, 0xfa, 0x6a, 0xa7, 0x55, 0x48, 0x09, 0x9d,
+      0xcc, 0x37, 0xd7, 0xf0, 0x34, 0x25, 0xe0, 0xc3 },
+};
+
+int mbedtls_pkcs5_self_test( int verbose )
+{
+    mbedtls_md_context_t sha1_ctx;
+    const mbedtls_md_info_t *info_sha1;
+    int ret, i;
+    unsigned char key[64];
+
+    mbedtls_md_init( &sha1_ctx );
+
+    info_sha1 = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
+    if( info_sha1 == NULL )
+    {
+        ret = 1;
+        goto exit;
+    }
+
+    if( ( ret = mbedtls_md_setup( &sha1_ctx, info_sha1, 1 ) ) != 0 )
+    {
+        ret = 1;
+        goto exit;
+    }
+
+    for( i = 0; i < MAX_TESTS; i++ )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "  PBKDF2 (SHA1) #%d: ", i );
+
+        ret = mbedtls_pkcs5_pbkdf2_hmac( &sha1_ctx, password[i], plen[i], salt[i],
+                                  slen[i], it_cnt[i], key_len[i], key );
+        if( ret != 0 ||
+            memcmp( result_key[i], key, key_len[i] ) != 0 )
+        {
+            if( verbose != 0 )
+                mbedtls_printf( "failed\n" );
+
+            ret = 1;
+            goto exit;
+        }
+
+        if( verbose != 0 )
+            mbedtls_printf( "passed\n" );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+exit:
+    mbedtls_md_free( &sha1_ctx );
+
+    return( ret );
+}
+#endif /* MBEDTLS_SHA1_C */
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_PKCS5_C */
diff --git a/thirdparty/mbedtls/library/pkparse.c b/thirdparty/mbedtls/library/pkparse.c
new file mode 100644
index 0000000000..b4def4f914
--- /dev/null
+++ b/thirdparty/mbedtls/library/pkparse.c
@@ -0,0 +1,1391 @@
+/*
+ *  Public Key layer for parsing key files and structures
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PK_PARSE_C)
+
+#include "mbedtls/pk.h"
+#include "mbedtls/asn1.h"
+#include "mbedtls/oid.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_RSA_C)
+#include "mbedtls/rsa.h"
+#endif
+#if defined(MBEDTLS_ECP_C)
+#include "mbedtls/ecp.h"
+#endif
+#if defined(MBEDTLS_ECDSA_C)
+#include "mbedtls/ecdsa.h"
+#endif
+#if defined(MBEDTLS_PEM_PARSE_C)
+#include "mbedtls/pem.h"
+#endif
+#if defined(MBEDTLS_PKCS5_C)
+#include "mbedtls/pkcs5.h"
+#endif
+#if defined(MBEDTLS_PKCS12_C)
+#include "mbedtls/pkcs12.h"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define mbedtls_calloc    calloc
+#define mbedtls_free       free
+#endif
+
+#if defined(MBEDTLS_FS_IO) || \
+    defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+#endif
+
+#if defined(MBEDTLS_FS_IO)
+/*
+ * Load all data from a file into a given buffer.
+ *
+ * The file is expected to contain either PEM or DER encoded data.
+ * A terminating null byte is always appended. It is included in the announced
+ * length only if the data looks like it is PEM encoded.
+ */
+int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n )
+{
+    FILE *f;
+    long size;
+
+    if( ( f = fopen( path, "rb" ) ) == NULL )
+        return( MBEDTLS_ERR_PK_FILE_IO_ERROR );
+
+    fseek( f, 0, SEEK_END );
+    if( ( size = ftell( f ) ) == -1 )
+    {
+        fclose( f );
+        return( MBEDTLS_ERR_PK_FILE_IO_ERROR );
+    }
+    fseek( f, 0, SEEK_SET );
+
+    *n = (size_t) size;
+
+    if( *n + 1 == 0 ||
+        ( *buf = mbedtls_calloc( 1, *n + 1 ) ) == NULL )
+    {
+        fclose( f );
+        return( MBEDTLS_ERR_PK_ALLOC_FAILED );
+    }
+
+    if( fread( *buf, 1, *n, f ) != *n )
+    {
+        fclose( f );
+
+        mbedtls_zeroize( *buf, *n );
+        mbedtls_free( *buf );
+
+        return( MBEDTLS_ERR_PK_FILE_IO_ERROR );
+    }
+
+    fclose( f );
+
+    (*buf)[*n] = '\0';
+
+    if( strstr( (const char *) *buf, "-----BEGIN " ) != NULL )
+        ++*n;
+
+    return( 0 );
+}
+
+/*
+ * Load and parse a private key
+ */
+int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx,
+                      const char *path, const char *pwd )
+{
+    int ret;
+    size_t n;
+    unsigned char *buf;
+
+    if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 )
+        return( ret );
+
+    if( pwd == NULL )
+        ret = mbedtls_pk_parse_key( ctx, buf, n, NULL, 0 );
+    else
+        ret = mbedtls_pk_parse_key( ctx, buf, n,
+                (const unsigned char *) pwd, strlen( pwd ) );
+
+    mbedtls_zeroize( buf, n );
+    mbedtls_free( buf );
+
+    return( ret );
+}
+
+/*
+ * Load and parse a public key
+ */
+int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path )
+{
+    int ret;
+    size_t n;
+    unsigned char *buf;
+
+    if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 )
+        return( ret );
+
+    ret = mbedtls_pk_parse_public_key( ctx, buf, n );
+
+    mbedtls_zeroize( buf, n );
+    mbedtls_free( buf );
+
+    return( ret );
+}
+#endif /* MBEDTLS_FS_IO */
+
+#if defined(MBEDTLS_ECP_C)
+/* Minimally parse an ECParameters buffer to and mbedtls_asn1_buf
+ *
+ * ECParameters ::= CHOICE {
+ *   namedCurve         OBJECT IDENTIFIER
+ *   specifiedCurve     SpecifiedECDomain -- = SEQUENCE { ... }
+ *   -- implicitCurve   NULL
+ * }
+ */
+static int pk_get_ecparams( unsigned char **p, const unsigned char *end,
+                            mbedtls_asn1_buf *params )
+{
+    int ret;
+
+    /* Tag may be either OID or SEQUENCE */
+    params->tag = **p;
+    if( params->tag != MBEDTLS_ASN1_OID
+#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED)
+            && params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE )
+#endif
+            )
+    {
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
+                MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+    }
+
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &params->len, params->tag ) ) != 0 )
+    {
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+    }
+
+    params->p = *p;
+    *p += params->len;
+
+    if( *p != end )
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED)
+/*
+ * Parse a SpecifiedECDomain (SEC 1 C.2) and (mostly) fill the group with it.
+ * WARNING: the resulting group should only be used with
+ * pk_group_id_from_specified(), since its base point may not be set correctly
+ * if it was encoded compressed.
+ *
+ *  SpecifiedECDomain ::= SEQUENCE {
+ *      version SpecifiedECDomainVersion(ecdpVer1 | ecdpVer2 | ecdpVer3, ...),
+ *      fieldID FieldID {{FieldTypes}},
+ *      curve Curve,
+ *      base ECPoint,
+ *      order INTEGER,
+ *      cofactor INTEGER OPTIONAL,
+ *      hash HashAlgorithm OPTIONAL,
+ *      ...
+ *  }
+ *
+ * We only support prime-field as field type, and ignore hash and cofactor.
+ */
+static int pk_group_from_specified( const mbedtls_asn1_buf *params, mbedtls_ecp_group *grp )
+{
+    int ret;
+    unsigned char *p = params->p;
+    const unsigned char * const end = params->p + params->len;
+    const unsigned char *end_field, *end_curve;
+    size_t len;
+    int ver;
+
+    /* SpecifiedECDomainVersion ::= INTEGER { 1, 2, 3 } */
+    if( ( ret = mbedtls_asn1_get_int( &p, end, &ver ) ) != 0 )
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+
+    if( ver < 1 || ver > 3 )
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
+
+    /*
+     * FieldID { FIELD-ID:IOSet } ::= SEQUENCE { -- Finite field
+     *       fieldType FIELD-ID.&id({IOSet}),
+     *       parameters FIELD-ID.&Type({IOSet}{@fieldType})
+     * }
+     */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+        return( ret );
+
+    end_field = p + len;
+
+    /*
+     * FIELD-ID ::= TYPE-IDENTIFIER
+     * FieldTypes FIELD-ID ::= {
+     *       { Prime-p IDENTIFIED BY prime-field } |
+     *       { Characteristic-two IDENTIFIED BY characteristic-two-field }
+     * }
+     * prime-field OBJECT IDENTIFIER ::= { id-fieldType 1 }
+     */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end_field, &len, MBEDTLS_ASN1_OID ) ) != 0 )
+        return( ret );
+
+    if( len != MBEDTLS_OID_SIZE( MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD ) ||
+        memcmp( p, MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD, len ) != 0 )
+    {
+        return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
+    }
+
+    p += len;
+
+    /* Prime-p ::= INTEGER -- Field of size p. */
+    if( ( ret = mbedtls_asn1_get_mpi( &p, end_field, &grp->P ) ) != 0 )
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+
+    grp->pbits = mbedtls_mpi_bitlen( &grp->P );
+
+    if( p != end_field )
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    /*
+     * Curve ::= SEQUENCE {
+     *       a FieldElement,
+     *       b FieldElement,
+     *       seed BIT STRING OPTIONAL
+     *       -- Shall be present if used in SpecifiedECDomain
+     *       -- with version equal to ecdpVer2 or ecdpVer3
+     * }
+     */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+        return( ret );
+
+    end_curve = p + len;
+
+    /*
+     * FieldElement ::= OCTET STRING
+     * containing an integer in the case of a prime field
+     */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end_curve, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ||
+        ( ret = mbedtls_mpi_read_binary( &grp->A, p, len ) ) != 0 )
+    {
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+    }
+
+    p += len;
+
+    if( ( ret = mbedtls_asn1_get_tag( &p, end_curve, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 ||
+        ( ret = mbedtls_mpi_read_binary( &grp->B, p, len ) ) != 0 )
+    {
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+    }
+
+    p += len;
+
+    /* Ignore seed BIT STRING OPTIONAL */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end_curve, &len, MBEDTLS_ASN1_BIT_STRING ) ) == 0 )
+        p += len;
+
+    if( p != end_curve )
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    /*
+     * ECPoint ::= OCTET STRING
+     */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+
+    if( ( ret = mbedtls_ecp_point_read_binary( grp, &grp->G,
+                                      ( const unsigned char *) p, len ) ) != 0 )
+    {
+        /*
+         * If we can't read the point because it's compressed, cheat by
+         * reading only the X coordinate and the parity bit of Y.
+         */
+        if( ret != MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE ||
+            ( p[0] != 0x02 && p[0] != 0x03 ) ||
+            len != mbedtls_mpi_size( &grp->P ) + 1 ||
+            mbedtls_mpi_read_binary( &grp->G.X, p + 1, len - 1 ) != 0 ||
+            mbedtls_mpi_lset( &grp->G.Y, p[0] - 2 ) != 0 ||
+            mbedtls_mpi_lset( &grp->G.Z, 1 ) != 0 )
+        {
+            return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
+        }
+    }
+
+    p += len;
+
+    /*
+     * order INTEGER
+     */
+    if( ( ret = mbedtls_asn1_get_mpi( &p, end, &grp->N ) ) != 0 )
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+
+    grp->nbits = mbedtls_mpi_bitlen( &grp->N );
+
+    /*
+     * Allow optional elements by purposefully not enforcing p == end here.
+     */
+
+    return( 0 );
+}
+
+/*
+ * Find the group id associated with an (almost filled) group as generated by
+ * pk_group_from_specified(), or return an error if unknown.
+ */
+static int pk_group_id_from_group( const mbedtls_ecp_group *grp, mbedtls_ecp_group_id *grp_id )
+{
+    int ret = 0;
+    mbedtls_ecp_group ref;
+    const mbedtls_ecp_group_id *id;
+
+    mbedtls_ecp_group_init( &ref );
+
+    for( id = mbedtls_ecp_grp_id_list(); *id != MBEDTLS_ECP_DP_NONE; id++ )
+    {
+        /* Load the group associated to that id */
+        mbedtls_ecp_group_free( &ref );
+        MBEDTLS_MPI_CHK( mbedtls_ecp_group_load( &ref, *id ) );
+
+        /* Compare to the group we were given, starting with easy tests */
+        if( grp->pbits == ref.pbits && grp->nbits == ref.nbits &&
+            mbedtls_mpi_cmp_mpi( &grp->P, &ref.P ) == 0 &&
+            mbedtls_mpi_cmp_mpi( &grp->A, &ref.A ) == 0 &&
+            mbedtls_mpi_cmp_mpi( &grp->B, &ref.B ) == 0 &&
+            mbedtls_mpi_cmp_mpi( &grp->N, &ref.N ) == 0 &&
+            mbedtls_mpi_cmp_mpi( &grp->G.X, &ref.G.X ) == 0 &&
+            mbedtls_mpi_cmp_mpi( &grp->G.Z, &ref.G.Z ) == 0 &&
+            /* For Y we may only know the parity bit, so compare only that */
+            mbedtls_mpi_get_bit( &grp->G.Y, 0 ) == mbedtls_mpi_get_bit( &ref.G.Y, 0 ) )
+        {
+            break;
+        }
+
+    }
+
+cleanup:
+    mbedtls_ecp_group_free( &ref );
+
+    *grp_id = *id;
+
+    if( ret == 0 && *id == MBEDTLS_ECP_DP_NONE )
+        ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
+
+    return( ret );
+}
+
+/*
+ * Parse a SpecifiedECDomain (SEC 1 C.2) and find the associated group ID
+ */
+static int pk_group_id_from_specified( const mbedtls_asn1_buf *params,
+                                       mbedtls_ecp_group_id *grp_id )
+{
+    int ret;
+    mbedtls_ecp_group grp;
+
+    mbedtls_ecp_group_init( &grp );
+
+    if( ( ret = pk_group_from_specified( params, &grp ) ) != 0 )
+        goto cleanup;
+
+    ret = pk_group_id_from_group( &grp, grp_id );
+
+cleanup:
+    mbedtls_ecp_group_free( &grp );
+
+    return( ret );
+}
+#endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */
+
+/*
+ * Use EC parameters to initialise an EC group
+ *
+ * ECParameters ::= CHOICE {
+ *   namedCurve         OBJECT IDENTIFIER
+ *   specifiedCurve     SpecifiedECDomain -- = SEQUENCE { ... }
+ *   -- implicitCurve   NULL
+ */
+static int pk_use_ecparams( const mbedtls_asn1_buf *params, mbedtls_ecp_group *grp )
+{
+    int ret;
+    mbedtls_ecp_group_id grp_id;
+
+    if( params->tag == MBEDTLS_ASN1_OID )
+    {
+        if( mbedtls_oid_get_ec_grp( params, &grp_id ) != 0 )
+            return( MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE );
+    }
+    else
+    {
+#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED)
+        if( ( ret = pk_group_id_from_specified( params, &grp_id ) ) != 0 )
+            return( ret );
+#else
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
+#endif
+    }
+
+    /*
+     * grp may already be initilialized; if so, make sure IDs match
+     */
+    if( grp->id != MBEDTLS_ECP_DP_NONE && grp->id != grp_id )
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
+
+    if( ( ret = mbedtls_ecp_group_load( grp, grp_id ) ) != 0 )
+        return( ret );
+
+    return( 0 );
+}
+
+/*
+ * EC public key is an EC point
+ *
+ * The caller is responsible for clearing the structure upon failure if
+ * desired. Take care to pass along the possible ECP_FEATURE_UNAVAILABLE
+ * return code of mbedtls_ecp_point_read_binary() and leave p in a usable state.
+ */
+static int pk_get_ecpubkey( unsigned char **p, const unsigned char *end,
+                            mbedtls_ecp_keypair *key )
+{
+    int ret;
+
+    if( ( ret = mbedtls_ecp_point_read_binary( &key->grp, &key->Q,
+                    (const unsigned char *) *p, end - *p ) ) == 0 )
+    {
+        ret = mbedtls_ecp_check_pubkey( &key->grp, &key->Q );
+    }
+
+    /*
+     * We know mbedtls_ecp_point_read_binary consumed all bytes or failed
+     */
+    *p = (unsigned char *) end;
+
+    return( ret );
+}
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_RSA_C)
+/*
+ *  RSAPublicKey ::= SEQUENCE {
+ *      modulus           INTEGER,  -- n
+ *      publicExponent    INTEGER   -- e
+ *  }
+ */
+static int pk_get_rsapubkey( unsigned char **p,
+                             const unsigned char *end,
+                             mbedtls_rsa_context *rsa )
+{
+    int ret;
+    size_t len;
+
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+        return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret );
+
+    if( *p + len != end )
+        return( MBEDTLS_ERR_PK_INVALID_PUBKEY +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    /* Import N */
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 )
+        return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret );
+
+    if( ( ret = mbedtls_rsa_import_raw( rsa, *p, len, NULL, 0, NULL, 0,
+                                        NULL, 0, NULL, 0 ) ) != 0 )
+        return( MBEDTLS_ERR_PK_INVALID_PUBKEY );
+
+    *p += len;
+
+    /* Import E */
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 )
+        return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret );
+
+    if( ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, NULL, 0,
+                                        NULL, 0, *p, len ) ) != 0 )
+        return( MBEDTLS_ERR_PK_INVALID_PUBKEY );
+
+    *p += len;
+
+    if( mbedtls_rsa_complete( rsa ) != 0 ||
+        mbedtls_rsa_check_pubkey( rsa ) != 0 )
+    {
+        return( MBEDTLS_ERR_PK_INVALID_PUBKEY );
+    }
+
+    if( *p != end )
+        return( MBEDTLS_ERR_PK_INVALID_PUBKEY +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    return( 0 );
+}
+#endif /* MBEDTLS_RSA_C */
+
+/* Get a PK algorithm identifier
+ *
+ *  AlgorithmIdentifier  ::=  SEQUENCE  {
+ *       algorithm               OBJECT IDENTIFIER,
+ *       parameters              ANY DEFINED BY algorithm OPTIONAL  }
+ */
+static int pk_get_pk_alg( unsigned char **p,
+                          const unsigned char *end,
+                          mbedtls_pk_type_t *pk_alg, mbedtls_asn1_buf *params )
+{
+    int ret;
+    mbedtls_asn1_buf alg_oid;
+
+    memset( params, 0, sizeof(mbedtls_asn1_buf) );
+
+    if( ( ret = mbedtls_asn1_get_alg( p, end, &alg_oid, params ) ) != 0 )
+        return( MBEDTLS_ERR_PK_INVALID_ALG + ret );
+
+    if( mbedtls_oid_get_pk_alg( &alg_oid, pk_alg ) != 0 )
+        return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
+
+    /*
+     * No parameters with RSA (only for EC)
+     */
+    if( *pk_alg == MBEDTLS_PK_RSA &&
+            ( ( params->tag != MBEDTLS_ASN1_NULL && params->tag != 0 ) ||
+                params->len != 0 ) )
+    {
+        return( MBEDTLS_ERR_PK_INVALID_ALG );
+    }
+
+    return( 0 );
+}
+
+/*
+ *  SubjectPublicKeyInfo  ::=  SEQUENCE  {
+ *       algorithm            AlgorithmIdentifier,
+ *       subjectPublicKey     BIT STRING }
+ */
+int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end,
+                        mbedtls_pk_context *pk )
+{
+    int ret;
+    size_t len;
+    mbedtls_asn1_buf alg_params;
+    mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE;
+    const mbedtls_pk_info_t *pk_info;
+
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
+                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+    {
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+    }
+
+    end = *p + len;
+
+    if( ( ret = pk_get_pk_alg( p, end, &pk_alg, &alg_params ) ) != 0 )
+        return( ret );
+
+    if( ( ret = mbedtls_asn1_get_bitstring_null( p, end, &len ) ) != 0 )
+        return( MBEDTLS_ERR_PK_INVALID_PUBKEY + ret );
+
+    if( *p + len != end )
+        return( MBEDTLS_ERR_PK_INVALID_PUBKEY +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    if( ( pk_info = mbedtls_pk_info_from_type( pk_alg ) ) == NULL )
+        return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
+
+    if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 )
+        return( ret );
+
+#if defined(MBEDTLS_RSA_C)
+    if( pk_alg == MBEDTLS_PK_RSA )
+    {
+        ret = pk_get_rsapubkey( p, end, mbedtls_pk_rsa( *pk ) );
+    } else
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_ECP_C)
+    if( pk_alg == MBEDTLS_PK_ECKEY_DH || pk_alg == MBEDTLS_PK_ECKEY )
+    {
+        ret = pk_use_ecparams( &alg_params, &mbedtls_pk_ec( *pk )->grp );
+        if( ret == 0 )
+            ret = pk_get_ecpubkey( p, end, mbedtls_pk_ec( *pk ) );
+    } else
+#endif /* MBEDTLS_ECP_C */
+        ret = MBEDTLS_ERR_PK_UNKNOWN_PK_ALG;
+
+    if( ret == 0 && *p != end )
+        ret = MBEDTLS_ERR_PK_INVALID_PUBKEY
+              MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
+
+    if( ret != 0 )
+        mbedtls_pk_free( pk );
+
+    return( ret );
+}
+
+#if defined(MBEDTLS_RSA_C)
+/*
+ * Parse a PKCS#1 encoded private RSA key
+ */
+static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa,
+                                   const unsigned char *key,
+                                   size_t keylen )
+{
+    int ret, version;
+    size_t len;
+    unsigned char *p, *end;
+
+    mbedtls_mpi T;
+    mbedtls_mpi_init( &T );
+
+    p = (unsigned char *) key;
+    end = p + keylen;
+
+    /*
+     * This function parses the RSAPrivateKey (PKCS#1)
+     *
+     *  RSAPrivateKey ::= SEQUENCE {
+     *      version           Version,
+     *      modulus           INTEGER,  -- n
+     *      publicExponent    INTEGER,  -- e
+     *      privateExponent   INTEGER,  -- d
+     *      prime1            INTEGER,  -- p
+     *      prime2            INTEGER,  -- q
+     *      exponent1         INTEGER,  -- d mod (p-1)
+     *      exponent2         INTEGER,  -- d mod (q-1)
+     *      coefficient       INTEGER,  -- (inverse of q) mod p
+     *      otherPrimeInfos   OtherPrimeInfos OPTIONAL
+     *  }
+     */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+    {
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+    }
+
+    end = p + len;
+
+    if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 )
+    {
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+    }
+
+    if( version != 0 )
+    {
+        return( MBEDTLS_ERR_PK_KEY_INVALID_VERSION );
+    }
+
+    /* Import N */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+                                      MBEDTLS_ASN1_INTEGER ) ) != 0 ||
+        ( ret = mbedtls_rsa_import_raw( rsa, p, len, NULL, 0, NULL, 0,
+                                        NULL, 0, NULL, 0 ) ) != 0 )
+        goto cleanup;
+    p += len;
+
+    /* Import E */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+                                      MBEDTLS_ASN1_INTEGER ) ) != 0 ||
+        ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, NULL, 0,
+                                        NULL, 0, p, len ) ) != 0 )
+        goto cleanup;
+    p += len;
+
+    /* Import D */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+                                      MBEDTLS_ASN1_INTEGER ) ) != 0 ||
+        ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, NULL, 0,
+                                        p, len, NULL, 0 ) ) != 0 )
+        goto cleanup;
+    p += len;
+
+    /* Import P */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+                                      MBEDTLS_ASN1_INTEGER ) ) != 0 ||
+        ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, p, len, NULL, 0,
+                                        NULL, 0, NULL, 0 ) ) != 0 )
+        goto cleanup;
+    p += len;
+
+    /* Import Q */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+                                      MBEDTLS_ASN1_INTEGER ) ) != 0 ||
+        ( ret = mbedtls_rsa_import_raw( rsa, NULL, 0, NULL, 0, p, len,
+                                        NULL, 0, NULL, 0 ) ) != 0 )
+        goto cleanup;
+    p += len;
+
+    /* Complete the RSA private key */
+    if( ( ret = mbedtls_rsa_complete( rsa ) ) != 0 )
+        goto cleanup;
+
+    /* Check optional parameters */
+    if( ( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 ||
+        ( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 ||
+        ( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 )
+        goto cleanup;
+
+    if( p != end )
+    {
+        ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
+              MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ;
+    }
+
+cleanup:
+
+    mbedtls_mpi_free( &T );
+
+    if( ret != 0 )
+    {
+        /* Wrap error code if it's coming from a lower level */
+        if( ( ret & 0xff80 ) == 0 )
+            ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret;
+        else
+            ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT;
+
+        mbedtls_rsa_free( rsa );
+    }
+
+    return( ret );
+}
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_ECP_C)
+/*
+ * Parse a SEC1 encoded private EC key
+ */
+static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck,
+                                  const unsigned char *key,
+                                  size_t keylen )
+{
+    int ret;
+    int version, pubkey_done;
+    size_t len;
+    mbedtls_asn1_buf params;
+    unsigned char *p = (unsigned char *) key;
+    unsigned char *end = p + keylen;
+    unsigned char *end2;
+
+    /*
+     * RFC 5915, or SEC1 Appendix C.4
+     *
+     * ECPrivateKey ::= SEQUENCE {
+     *      version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
+     *      privateKey     OCTET STRING,
+     *      parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
+     *      publicKey  [1] BIT STRING OPTIONAL
+     *    }
+     */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+    {
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+    }
+
+    end = p + len;
+
+    if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 )
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+
+    if( version != 1 )
+        return( MBEDTLS_ERR_PK_KEY_INVALID_VERSION );
+
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+
+    if( ( ret = mbedtls_mpi_read_binary( &eck->d, p, len ) ) != 0 )
+    {
+        mbedtls_ecp_keypair_free( eck );
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+    }
+
+    p += len;
+
+    pubkey_done = 0;
+    if( p != end )
+    {
+        /*
+         * Is 'parameters' present?
+         */
+        if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+                        MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ) == 0 )
+        {
+            if( ( ret = pk_get_ecparams( &p, p + len, &params) ) != 0 ||
+                ( ret = pk_use_ecparams( &params, &eck->grp )  ) != 0 )
+            {
+                mbedtls_ecp_keypair_free( eck );
+                return( ret );
+            }
+        }
+        else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
+        {
+            mbedtls_ecp_keypair_free( eck );
+            return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+        }
+
+        /*
+         * Is 'publickey' present? If not, or if we can't read it (eg because it
+         * is compressed), create it from the private key.
+         */
+        if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+                        MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 1 ) ) == 0 )
+        {
+            end2 = p + len;
+
+            if( ( ret = mbedtls_asn1_get_bitstring_null( &p, end2, &len ) ) != 0 )
+                return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+
+            if( p + len != end2 )
+                return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
+                        MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+            if( ( ret = pk_get_ecpubkey( &p, end2, eck ) ) == 0 )
+                pubkey_done = 1;
+            else
+            {
+                /*
+                 * The only acceptable failure mode of pk_get_ecpubkey() above
+                 * is if the point format is not recognized.
+                 */
+                if( ret != MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE )
+                    return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
+            }
+        }
+        else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
+        {
+            mbedtls_ecp_keypair_free( eck );
+            return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+        }
+    }
+
+    if( ! pubkey_done &&
+        ( ret = mbedtls_ecp_mul( &eck->grp, &eck->Q, &eck->d, &eck->grp.G,
+                                                      NULL, NULL ) ) != 0 )
+    {
+        mbedtls_ecp_keypair_free( eck );
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+    }
+
+    if( ( ret = mbedtls_ecp_check_privkey( &eck->grp, &eck->d ) ) != 0 )
+    {
+        mbedtls_ecp_keypair_free( eck );
+        return( ret );
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_ECP_C */
+
+/*
+ * Parse an unencrypted PKCS#8 encoded private key
+ *
+ * Notes:
+ *
+ * - This function does not own the key buffer. It is the
+ *   responsibility of the caller to take care of zeroizing
+ *   and freeing it after use.
+ *
+ * - The function is responsible for freeing the provided
+ *   PK context on failure.
+ *
+ */
+static int pk_parse_key_pkcs8_unencrypted_der(
+                                    mbedtls_pk_context *pk,
+                                    const unsigned char* key,
+                                    size_t keylen )
+{
+    int ret, version;
+    size_t len;
+    mbedtls_asn1_buf params;
+    unsigned char *p = (unsigned char *) key;
+    unsigned char *end = p + keylen;
+    mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE;
+    const mbedtls_pk_info_t *pk_info;
+
+    /*
+     * This function parses the PrivateKeyInfo object (PKCS#8 v1.2 = RFC 5208)
+     *
+     *    PrivateKeyInfo ::= SEQUENCE {
+     *      version                   Version,
+     *      privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
+     *      privateKey                PrivateKey,
+     *      attributes           [0]  IMPLICIT Attributes OPTIONAL }
+     *
+     *    Version ::= INTEGER
+     *    PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier
+     *    PrivateKey ::= OCTET STRING
+     *
+     *  The PrivateKey OCTET STRING is a SEC1 ECPrivateKey
+     */
+
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+    {
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+    }
+
+    end = p + len;
+
+    if( ( ret = mbedtls_asn1_get_int( &p, end, &version ) ) != 0 )
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+
+    if( version != 0 )
+        return( MBEDTLS_ERR_PK_KEY_INVALID_VERSION + ret );
+
+    if( ( ret = pk_get_pk_alg( &p, end, &pk_alg, &params ) ) != 0 )
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+
+    if( len < 1 )
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
+                MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+
+    if( ( pk_info = mbedtls_pk_info_from_type( pk_alg ) ) == NULL )
+        return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
+
+    if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 )
+        return( ret );
+
+#if defined(MBEDTLS_RSA_C)
+    if( pk_alg == MBEDTLS_PK_RSA )
+    {
+        if( ( ret = pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *pk ), p, len ) ) != 0 )
+        {
+            mbedtls_pk_free( pk );
+            return( ret );
+        }
+    } else
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_ECP_C)
+    if( pk_alg == MBEDTLS_PK_ECKEY || pk_alg == MBEDTLS_PK_ECKEY_DH )
+    {
+        if( ( ret = pk_use_ecparams( &params, &mbedtls_pk_ec( *pk )->grp ) ) != 0 ||
+            ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ), p, len )  ) != 0 )
+        {
+            mbedtls_pk_free( pk );
+            return( ret );
+        }
+    } else
+#endif /* MBEDTLS_ECP_C */
+        return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
+
+    return( 0 );
+}
+
+/*
+ * Parse an encrypted PKCS#8 encoded private key
+ *
+ * To save space, the decryption happens in-place on the given key buffer.
+ * Also, while this function may modify the keybuffer, it doesn't own it,
+ * and instead it is the responsibility of the caller to zeroize and properly
+ * free it after use.
+ *
+ */
+#if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
+static int pk_parse_key_pkcs8_encrypted_der(
+                                    mbedtls_pk_context *pk,
+                                    unsigned char *key, size_t keylen,
+                                    const unsigned char *pwd, size_t pwdlen )
+{
+    int ret, decrypted = 0;
+    size_t len;
+    unsigned char *buf;
+    unsigned char *p, *end;
+    mbedtls_asn1_buf pbe_alg_oid, pbe_params;
+#if defined(MBEDTLS_PKCS12_C)
+    mbedtls_cipher_type_t cipher_alg;
+    mbedtls_md_type_t md_alg;
+#endif
+
+    p = key;
+    end = p + keylen;
+
+    if( pwdlen == 0 )
+        return( MBEDTLS_ERR_PK_PASSWORD_REQUIRED );
+
+    /*
+     * This function parses the EncryptedPrivateKeyInfo object (PKCS#8)
+     *
+     *  EncryptedPrivateKeyInfo ::= SEQUENCE {
+     *    encryptionAlgorithm  EncryptionAlgorithmIdentifier,
+     *    encryptedData        EncryptedData
+     *  }
+     *
+     *  EncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
+     *
+     *  EncryptedData ::= OCTET STRING
+     *
+     *  The EncryptedData OCTET STRING is a PKCS#8 PrivateKeyInfo
+     *
+     */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+    {
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+    }
+
+    end = p + len;
+
+    if( ( ret = mbedtls_asn1_get_alg( &p, end, &pbe_alg_oid, &pbe_params ) ) != 0 )
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
+        return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
+
+    buf = p;
+
+    /*
+     * Decrypt EncryptedData with appropriate PBE
+     */
+#if defined(MBEDTLS_PKCS12_C)
+    if( mbedtls_oid_get_pkcs12_pbe_alg( &pbe_alg_oid, &md_alg, &cipher_alg ) == 0 )
+    {
+        if( ( ret = mbedtls_pkcs12_pbe( &pbe_params, MBEDTLS_PKCS12_PBE_DECRYPT,
+                                cipher_alg, md_alg,
+                                pwd, pwdlen, p, len, buf ) ) != 0 )
+        {
+            if( ret == MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH )
+                return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH );
+
+            return( ret );
+        }
+
+        decrypted = 1;
+    }
+    else if( MBEDTLS_OID_CMP( MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_128, &pbe_alg_oid ) == 0 )
+    {
+        if( ( ret = mbedtls_pkcs12_pbe_sha1_rc4_128( &pbe_params,
+                                             MBEDTLS_PKCS12_PBE_DECRYPT,
+                                             pwd, pwdlen,
+                                             p, len, buf ) ) != 0 )
+        {
+            return( ret );
+        }
+
+        // Best guess for password mismatch when using RC4. If first tag is
+        // not MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE
+        //
+        if( *buf != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
+            return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH );
+
+        decrypted = 1;
+    }
+    else
+#endif /* MBEDTLS_PKCS12_C */
+#if defined(MBEDTLS_PKCS5_C)
+    if( MBEDTLS_OID_CMP( MBEDTLS_OID_PKCS5_PBES2, &pbe_alg_oid ) == 0 )
+    {
+        if( ( ret = mbedtls_pkcs5_pbes2( &pbe_params, MBEDTLS_PKCS5_DECRYPT, pwd, pwdlen,
+                                  p, len, buf ) ) != 0 )
+        {
+            if( ret == MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH )
+                return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH );
+
+            return( ret );
+        }
+
+        decrypted = 1;
+    }
+    else
+#endif /* MBEDTLS_PKCS5_C */
+    {
+        ((void) pwd);
+    }
+
+    if( decrypted == 0 )
+        return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
+
+    return( pk_parse_key_pkcs8_unencrypted_der( pk, buf, len ) );
+}
+#endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */
+
+/*
+ * Parse a private key
+ */
+int mbedtls_pk_parse_key( mbedtls_pk_context *pk,
+                  const unsigned char *key, size_t keylen,
+                  const unsigned char *pwd, size_t pwdlen )
+{
+    int ret;
+    const mbedtls_pk_info_t *pk_info;
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+    size_t len;
+    mbedtls_pem_context pem;
+
+    mbedtls_pem_init( &pem );
+
+#if defined(MBEDTLS_RSA_C)
+    /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
+    if( keylen == 0 || key[keylen - 1] != '\0' )
+        ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
+    else
+        ret = mbedtls_pem_read_buffer( &pem,
+                               "-----BEGIN RSA PRIVATE KEY-----",
+                               "-----END RSA PRIVATE KEY-----",
+                               key, pwd, pwdlen, &len );
+
+    if( ret == 0 )
+    {
+        pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA );
+        if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
+            ( ret = pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *pk ),
+                                            pem.buf, pem.buflen ) ) != 0 )
+        {
+            mbedtls_pk_free( pk );
+        }
+
+        mbedtls_pem_free( &pem );
+        return( ret );
+    }
+    else if( ret == MBEDTLS_ERR_PEM_PASSWORD_MISMATCH )
+        return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH );
+    else if( ret == MBEDTLS_ERR_PEM_PASSWORD_REQUIRED )
+        return( MBEDTLS_ERR_PK_PASSWORD_REQUIRED );
+    else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
+        return( ret );
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_ECP_C)
+    /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
+    if( keylen == 0 || key[keylen - 1] != '\0' )
+        ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
+    else
+        ret = mbedtls_pem_read_buffer( &pem,
+                               "-----BEGIN EC PRIVATE KEY-----",
+                               "-----END EC PRIVATE KEY-----",
+                               key, pwd, pwdlen, &len );
+    if( ret == 0 )
+    {
+        pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY );
+
+        if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
+            ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ),
+                                           pem.buf, pem.buflen ) ) != 0 )
+        {
+            mbedtls_pk_free( pk );
+        }
+
+        mbedtls_pem_free( &pem );
+        return( ret );
+    }
+    else if( ret == MBEDTLS_ERR_PEM_PASSWORD_MISMATCH )
+        return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH );
+    else if( ret == MBEDTLS_ERR_PEM_PASSWORD_REQUIRED )
+        return( MBEDTLS_ERR_PK_PASSWORD_REQUIRED );
+    else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
+        return( ret );
+#endif /* MBEDTLS_ECP_C */
+
+    /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
+    if( keylen == 0 || key[keylen - 1] != '\0' )
+        ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
+    else
+        ret = mbedtls_pem_read_buffer( &pem,
+                               "-----BEGIN PRIVATE KEY-----",
+                               "-----END PRIVATE KEY-----",
+                               key, NULL, 0, &len );
+    if( ret == 0 )
+    {
+        if( ( ret = pk_parse_key_pkcs8_unencrypted_der( pk,
+                                                pem.buf, pem.buflen ) ) != 0 )
+        {
+            mbedtls_pk_free( pk );
+        }
+
+        mbedtls_pem_free( &pem );
+        return( ret );
+    }
+    else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
+        return( ret );
+
+#if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
+    /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
+    if( keylen == 0 || key[keylen - 1] != '\0' )
+        ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
+    else
+        ret = mbedtls_pem_read_buffer( &pem,
+                               "-----BEGIN ENCRYPTED PRIVATE KEY-----",
+                               "-----END ENCRYPTED PRIVATE KEY-----",
+                               key, NULL, 0, &len );
+    if( ret == 0 )
+    {
+        if( ( ret = pk_parse_key_pkcs8_encrypted_der( pk,
+                                                      pem.buf, pem.buflen,
+                                                      pwd, pwdlen ) ) != 0 )
+        {
+            mbedtls_pk_free( pk );
+        }
+
+        mbedtls_pem_free( &pem );
+        return( ret );
+    }
+    else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
+        return( ret );
+#endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */
+#else
+    ((void) ret);
+    ((void) pwd);
+    ((void) pwdlen);
+#endif /* MBEDTLS_PEM_PARSE_C */
+
+    /*
+     * At this point we only know it's not a PEM formatted key. Could be any
+     * of the known DER encoded private key formats
+     *
+     * We try the different DER format parsers to see if one passes without
+     * error
+     */
+#if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
+    {
+        unsigned char *key_copy;
+
+        if( ( key_copy = mbedtls_calloc( 1, keylen ) ) == NULL )
+            return( MBEDTLS_ERR_PK_ALLOC_FAILED );
+
+        memcpy( key_copy, key, keylen );
+
+        ret = pk_parse_key_pkcs8_encrypted_der( pk, key_copy, keylen,
+                                                pwd, pwdlen );
+
+        mbedtls_zeroize( key_copy, keylen );
+        mbedtls_free( key_copy );
+    }
+
+    if( ret == 0 )
+        return( 0 );
+
+    mbedtls_pk_free( pk );
+
+    if( ret == MBEDTLS_ERR_PK_PASSWORD_MISMATCH )
+    {
+        return( ret );
+    }
+#endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */
+
+    if( ( ret = pk_parse_key_pkcs8_unencrypted_der( pk, key, keylen ) ) == 0 )
+        return( 0 );
+
+    mbedtls_pk_free( pk );
+
+#if defined(MBEDTLS_RSA_C)
+
+    pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA );
+    if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
+        ( ret = pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *pk ),
+                                        key, keylen ) ) != 0 )
+    {
+        mbedtls_pk_free( pk );
+    }
+    else
+    {
+        return( 0 );
+    }
+
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_ECP_C)
+
+    pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY );
+    if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
+        ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ),
+                                       key, keylen ) ) != 0 )
+    {
+        mbedtls_pk_free( pk );
+    }
+    else
+    {
+        return( 0 );
+    }
+
+#endif /* MBEDTLS_ECP_C */
+
+    return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
+}
+
+/*
+ * Parse a public key
+ */
+int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,
+                         const unsigned char *key, size_t keylen )
+{
+    int ret;
+    unsigned char *p;
+#if defined(MBEDTLS_PEM_PARSE_C)
+    size_t len;
+    mbedtls_pem_context pem;
+
+    mbedtls_pem_init( &pem );
+
+    /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
+    if( keylen == 0 || key[keylen - 1] != '\0' )
+        ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
+    else
+        ret = mbedtls_pem_read_buffer( &pem,
+                "-----BEGIN PUBLIC KEY-----",
+                "-----END PUBLIC KEY-----",
+                key, NULL, 0, &len );
+
+    if( ret == 0 )
+    {
+        /*
+         * Was PEM encoded
+         */
+        key = pem.buf;
+        keylen = pem.buflen;
+    }
+    else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
+    {
+        mbedtls_pem_free( &pem );
+        return( ret );
+    }
+#endif /* MBEDTLS_PEM_PARSE_C */
+    p = (unsigned char *) key;
+
+    ret = mbedtls_pk_parse_subpubkey( &p, p + keylen, ctx );
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+    mbedtls_pem_free( &pem );
+#endif
+
+    return( ret );
+}
+
+#endif /* MBEDTLS_PK_PARSE_C */
diff --git a/thirdparty/mbedtls/library/pkwrite.c b/thirdparty/mbedtls/library/pkwrite.c
new file mode 100644
index 0000000000..8eabd889b5
--- /dev/null
+++ b/thirdparty/mbedtls/library/pkwrite.c
@@ -0,0 +1,515 @@
+/*
+ *  Public Key layer for writing key files and structures
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PK_WRITE_C)
+
+#include "mbedtls/pk.h"
+#include "mbedtls/asn1write.h"
+#include "mbedtls/oid.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_RSA_C)
+#include "mbedtls/rsa.h"
+#endif
+#if defined(MBEDTLS_ECP_C)
+#include "mbedtls/ecp.h"
+#endif
+#if defined(MBEDTLS_ECDSA_C)
+#include "mbedtls/ecdsa.h"
+#endif
+#if defined(MBEDTLS_PEM_WRITE_C)
+#include "mbedtls/pem.h"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define mbedtls_calloc    calloc
+#define mbedtls_free       free
+#endif
+
+#if defined(MBEDTLS_RSA_C)
+/*
+ *  RSAPublicKey ::= SEQUENCE {
+ *      modulus           INTEGER,  -- n
+ *      publicExponent    INTEGER   -- e
+ *  }
+ */
+static int pk_write_rsa_pubkey( unsigned char **p, unsigned char *start,
+                                mbedtls_rsa_context *rsa )
+{
+    int ret;
+    size_t len = 0;
+    mbedtls_mpi T;
+
+    mbedtls_mpi_init( &T );
+
+    /* Export E */
+    if ( ( ret = mbedtls_rsa_export( rsa, NULL, NULL, NULL, NULL, &T ) ) != 0 ||
+         ( ret = mbedtls_asn1_write_mpi( p, start, &T ) ) < 0 )
+        goto end_of_export;
+    len += ret;
+
+    /* Export N */
+    if ( ( ret = mbedtls_rsa_export( rsa, &T, NULL, NULL, NULL, NULL ) ) != 0 ||
+         ( ret = mbedtls_asn1_write_mpi( p, start, &T ) ) < 0 )
+        goto end_of_export;
+    len += ret;
+
+end_of_export:
+
+    mbedtls_mpi_free( &T );
+    if( ret < 0 )
+        return( ret );
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED |
+                                                 MBEDTLS_ASN1_SEQUENCE ) );
+
+    return( (int) len );
+}
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_ECP_C)
+/*
+ * EC public key is an EC point
+ */
+static int pk_write_ec_pubkey( unsigned char **p, unsigned char *start,
+                               mbedtls_ecp_keypair *ec )
+{
+    int ret;
+    size_t len = 0;
+    unsigned char buf[MBEDTLS_ECP_MAX_PT_LEN];
+
+    if( ( ret = mbedtls_ecp_point_write_binary( &ec->grp, &ec->Q,
+                                        MBEDTLS_ECP_PF_UNCOMPRESSED,
+                                        &len, buf, sizeof( buf ) ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    if( *p < start || (size_t)( *p - start ) < len )
+        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+    *p -= len;
+    memcpy( *p, buf, len );
+
+    return( (int) len );
+}
+
+/*
+ * ECParameters ::= CHOICE {
+ *   namedCurve         OBJECT IDENTIFIER
+ * }
+ */
+static int pk_write_ec_param( unsigned char **p, unsigned char *start,
+                              mbedtls_ecp_keypair *ec )
+{
+    int ret;
+    size_t len = 0;
+    const char *oid;
+    size_t oid_len;
+
+    if( ( ret = mbedtls_oid_get_oid_by_ec_grp( ec->grp.id, &oid, &oid_len ) ) != 0 )
+        return( ret );
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) );
+
+    return( (int) len );
+}
+#endif /* MBEDTLS_ECP_C */
+
+int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
+                             const mbedtls_pk_context *key )
+{
+    int ret;
+    size_t len = 0;
+
+#if defined(MBEDTLS_RSA_C)
+    if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_RSA )
+        MBEDTLS_ASN1_CHK_ADD( len, pk_write_rsa_pubkey( p, start, mbedtls_pk_rsa( *key ) ) );
+    else
+#endif
+#if defined(MBEDTLS_ECP_C)
+    if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY )
+        MBEDTLS_ASN1_CHK_ADD( len, pk_write_ec_pubkey( p, start, mbedtls_pk_ec( *key ) ) );
+    else
+#endif
+        return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
+
+    return( (int) len );
+}
+
+int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, size_t size )
+{
+    int ret;
+    unsigned char *c;
+    size_t len = 0, par_len = 0, oid_len;
+    const char *oid;
+
+    c = buf + size;
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, key ) );
+
+    if( c - buf < 1 )
+        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+    /*
+     *  SubjectPublicKeyInfo  ::=  SEQUENCE  {
+     *       algorithm            AlgorithmIdentifier,
+     *       subjectPublicKey     BIT STRING }
+     */
+    *--c = 0;
+    len += 1;
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_BIT_STRING ) );
+
+    if( ( ret = mbedtls_oid_get_oid_by_pk_alg( mbedtls_pk_get_type( key ),
+                                       &oid, &oid_len ) ) != 0 )
+    {
+        return( ret );
+    }
+
+#if defined(MBEDTLS_ECP_C)
+    if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY )
+    {
+        MBEDTLS_ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, mbedtls_pk_ec( *key ) ) );
+    }
+#endif
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( &c, buf, oid, oid_len,
+                                                        par_len ) );
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED |
+                                                MBEDTLS_ASN1_SEQUENCE ) );
+
+    return( (int) len );
+}
+
+int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_t size )
+{
+    int ret;
+    unsigned char *c = buf + size;
+    size_t len = 0;
+
+#if defined(MBEDTLS_RSA_C)
+    if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_RSA )
+    {
+        mbedtls_mpi T; /* Temporary holding the exported parameters */
+        mbedtls_rsa_context *rsa = mbedtls_pk_rsa( *key );
+
+        /*
+         * Export the parameters one after another to avoid simultaneous copies.
+         */
+
+        mbedtls_mpi_init( &T );
+
+        /* Export QP */
+        if( ( ret = mbedtls_rsa_export_crt( rsa, NULL, NULL, &T ) ) != 0 ||
+            ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
+            goto end_of_export;
+        len += ret;
+
+        /* Export DQ */
+        if( ( ret = mbedtls_rsa_export_crt( rsa, NULL, &T, NULL ) ) != 0 ||
+            ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
+            goto end_of_export;
+        len += ret;
+
+        /* Export DP */
+        if( ( ret = mbedtls_rsa_export_crt( rsa, &T, NULL, NULL ) ) != 0 ||
+            ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
+            goto end_of_export;
+        len += ret;
+
+        /* Export Q */
+        if ( ( ret = mbedtls_rsa_export( rsa, NULL, NULL,
+                                         &T, NULL, NULL ) ) != 0 ||
+             ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
+            goto end_of_export;
+        len += ret;
+
+        /* Export P */
+        if ( ( ret = mbedtls_rsa_export( rsa, NULL, &T,
+                                         NULL, NULL, NULL ) ) != 0 ||
+             ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
+            goto end_of_export;
+        len += ret;
+
+        /* Export D */
+        if ( ( ret = mbedtls_rsa_export( rsa, NULL, NULL,
+                                         NULL, &T, NULL ) ) != 0 ||
+             ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
+            goto end_of_export;
+        len += ret;
+
+        /* Export E */
+        if ( ( ret = mbedtls_rsa_export( rsa, NULL, NULL,
+                                         NULL, NULL, &T ) ) != 0 ||
+             ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
+            goto end_of_export;
+        len += ret;
+
+        /* Export N */
+        if ( ( ret = mbedtls_rsa_export( rsa, &T, NULL,
+                                         NULL, NULL, NULL ) ) != 0 ||
+             ( ret = mbedtls_asn1_write_mpi( &c, buf, &T ) ) < 0 )
+            goto end_of_export;
+        len += ret;
+
+    end_of_export:
+
+        mbedtls_mpi_free( &T );
+        if( ret < 0 )
+            return( ret );
+
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 0 ) );
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c,
+                                               buf, MBEDTLS_ASN1_CONSTRUCTED |
+                                               MBEDTLS_ASN1_SEQUENCE ) );
+    }
+    else
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_ECP_C)
+    if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY )
+    {
+        mbedtls_ecp_keypair *ec = mbedtls_pk_ec( *key );
+        size_t pub_len = 0, par_len = 0;
+
+        /*
+         * RFC 5915, or SEC1 Appendix C.4
+         *
+         * ECPrivateKey ::= SEQUENCE {
+         *      version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
+         *      privateKey     OCTET STRING,
+         *      parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
+         *      publicKey  [1] BIT STRING OPTIONAL
+         *    }
+         */
+
+        /* publicKey */
+        MBEDTLS_ASN1_CHK_ADD( pub_len, pk_write_ec_pubkey( &c, buf, ec ) );
+
+        if( c - buf < 1 )
+            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+        *--c = 0;
+        pub_len += 1;
+
+        MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_len( &c, buf, pub_len ) );
+        MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_BIT_STRING ) );
+
+        MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_len( &c, buf, pub_len ) );
+        MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_tag( &c, buf,
+                            MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 1 ) );
+        len += pub_len;
+
+        /* parameters */
+        MBEDTLS_ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, ec ) );
+
+        MBEDTLS_ASN1_CHK_ADD( par_len, mbedtls_asn1_write_len( &c, buf, par_len ) );
+        MBEDTLS_ASN1_CHK_ADD( par_len, mbedtls_asn1_write_tag( &c, buf,
+                            MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) );
+        len += par_len;
+
+        /* privateKey: write as MPI then fix tag */
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf, &ec->d ) );
+        *c = MBEDTLS_ASN1_OCTET_STRING;
+
+        /* version */
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 1 ) );
+
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED |
+                                                    MBEDTLS_ASN1_SEQUENCE ) );
+    }
+    else
+#endif /* MBEDTLS_ECP_C */
+        return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
+
+    return( (int) len );
+}
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+
+#define PEM_BEGIN_PUBLIC_KEY    "-----BEGIN PUBLIC KEY-----\n"
+#define PEM_END_PUBLIC_KEY      "-----END PUBLIC KEY-----\n"
+
+#define PEM_BEGIN_PRIVATE_KEY_RSA   "-----BEGIN RSA PRIVATE KEY-----\n"
+#define PEM_END_PRIVATE_KEY_RSA     "-----END RSA PRIVATE KEY-----\n"
+#define PEM_BEGIN_PRIVATE_KEY_EC    "-----BEGIN EC PRIVATE KEY-----\n"
+#define PEM_END_PRIVATE_KEY_EC      "-----END EC PRIVATE KEY-----\n"
+
+/*
+ * Max sizes of key per types. Shown as tag + len (+ content).
+ */
+
+#if defined(MBEDTLS_RSA_C)
+/*
+ * RSA public keys:
+ *  SubjectPublicKeyInfo  ::=  SEQUENCE  {          1 + 3
+ *       algorithm            AlgorithmIdentifier,  1 + 1 (sequence)
+ *                                                + 1 + 1 + 9 (rsa oid)
+ *                                                + 1 + 1 (params null)
+ *       subjectPublicKey     BIT STRING }          1 + 3 + (1 + below)
+ *  RSAPublicKey ::= SEQUENCE {                     1 + 3
+ *      modulus           INTEGER,  -- n            1 + 3 + MPI_MAX + 1
+ *      publicExponent    INTEGER   -- e            1 + 3 + MPI_MAX + 1
+ *  }
+ */
+#define RSA_PUB_DER_MAX_BYTES   38 + 2 * MBEDTLS_MPI_MAX_SIZE
+
+/*
+ * RSA private keys:
+ *  RSAPrivateKey ::= SEQUENCE {                    1 + 3
+ *      version           Version,                  1 + 1 + 1
+ *      modulus           INTEGER,                  1 + 3 + MPI_MAX + 1
+ *      publicExponent    INTEGER,                  1 + 3 + MPI_MAX + 1
+ *      privateExponent   INTEGER,                  1 + 3 + MPI_MAX + 1
+ *      prime1            INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
+ *      prime2            INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
+ *      exponent1         INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
+ *      exponent2         INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
+ *      coefficient       INTEGER,                  1 + 3 + MPI_MAX / 2 + 1
+ *      otherPrimeInfos   OtherPrimeInfos OPTIONAL  0 (not supported)
+ *  }
+ */
+#define MPI_MAX_SIZE_2          MBEDTLS_MPI_MAX_SIZE / 2 + \
+                                MBEDTLS_MPI_MAX_SIZE % 2
+#define RSA_PRV_DER_MAX_BYTES   47 + 3 * MBEDTLS_MPI_MAX_SIZE \
+                                   + 5 * MPI_MAX_SIZE_2
+
+#else /* MBEDTLS_RSA_C */
+
+#define RSA_PUB_DER_MAX_BYTES   0
+#define RSA_PRV_DER_MAX_BYTES   0
+
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_ECP_C)
+/*
+ * EC public keys:
+ *  SubjectPublicKeyInfo  ::=  SEQUENCE  {      1 + 2
+ *    algorithm         AlgorithmIdentifier,    1 + 1 (sequence)
+ *                                            + 1 + 1 + 7 (ec oid)
+ *                                            + 1 + 1 + 9 (namedCurve oid)
+ *    subjectPublicKey  BIT STRING              1 + 2 + 1               [1]
+ *                                            + 1 (point format)        [1]
+ *                                            + 2 * ECP_MAX (coords)    [1]
+ *  }
+ */
+#define ECP_PUB_DER_MAX_BYTES   30 + 2 * MBEDTLS_ECP_MAX_BYTES
+
+/*
+ * EC private keys:
+ * ECPrivateKey ::= SEQUENCE {                  1 + 2
+ *      version        INTEGER ,                1 + 1 + 1
+ *      privateKey     OCTET STRING,            1 + 1 + ECP_MAX
+ *      parameters [0] ECParameters OPTIONAL,   1 + 1 + (1 + 1 + 9)
+ *      publicKey  [1] BIT STRING OPTIONAL      1 + 2 + [1] above
+ *    }
+ */
+#define ECP_PRV_DER_MAX_BYTES   29 + 3 * MBEDTLS_ECP_MAX_BYTES
+
+#else /* MBEDTLS_ECP_C */
+
+#define ECP_PUB_DER_MAX_BYTES   0
+#define ECP_PRV_DER_MAX_BYTES   0
+
+#endif /* MBEDTLS_ECP_C */
+
+#define PUB_DER_MAX_BYTES   RSA_PUB_DER_MAX_BYTES > ECP_PUB_DER_MAX_BYTES ? \
+                            RSA_PUB_DER_MAX_BYTES : ECP_PUB_DER_MAX_BYTES
+#define PRV_DER_MAX_BYTES   RSA_PRV_DER_MAX_BYTES > ECP_PRV_DER_MAX_BYTES ? \
+                            RSA_PRV_DER_MAX_BYTES : ECP_PRV_DER_MAX_BYTES
+
+int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *key, unsigned char *buf, size_t size )
+{
+    int ret;
+    unsigned char output_buf[PUB_DER_MAX_BYTES];
+    size_t olen = 0;
+
+    if( ( ret = mbedtls_pk_write_pubkey_der( key, output_buf,
+                                     sizeof(output_buf) ) ) < 0 )
+    {
+        return( ret );
+    }
+
+    if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY,
+                                  output_buf + sizeof(output_buf) - ret,
+                                  ret, buf, size, &olen ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    return( 0 );
+}
+
+int mbedtls_pk_write_key_pem( mbedtls_pk_context *key, unsigned char *buf, size_t size )
+{
+    int ret;
+    unsigned char output_buf[PRV_DER_MAX_BYTES];
+    const char *begin, *end;
+    size_t olen = 0;
+
+    if( ( ret = mbedtls_pk_write_key_der( key, output_buf, sizeof(output_buf) ) ) < 0 )
+        return( ret );
+
+#if defined(MBEDTLS_RSA_C)
+    if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_RSA )
+    {
+        begin = PEM_BEGIN_PRIVATE_KEY_RSA;
+        end = PEM_END_PRIVATE_KEY_RSA;
+    }
+    else
+#endif
+#if defined(MBEDTLS_ECP_C)
+    if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY )
+    {
+        begin = PEM_BEGIN_PRIVATE_KEY_EC;
+        end = PEM_END_PRIVATE_KEY_EC;
+    }
+    else
+#endif
+        return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
+
+    if( ( ret = mbedtls_pem_write_buffer( begin, end,
+                                  output_buf + sizeof(output_buf) - ret,
+                                  ret, buf, size, &olen ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_PEM_WRITE_C */
+
+#endif /* MBEDTLS_PK_WRITE_C */
diff --git a/thirdparty/mbedtls/library/platform.c b/thirdparty/mbedtls/library/platform.c
new file mode 100644
index 0000000000..76df7fac18
--- /dev/null
+++ b/thirdparty/mbedtls/library/platform.c
@@ -0,0 +1,336 @@
+/*
+ *  Platform abstraction layer
+ *
+ *  Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+
+#include "mbedtls/platform.h"
+
+#if defined(MBEDTLS_ENTROPY_NV_SEED) && \
+    !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) && defined(MBEDTLS_FS_IO)
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
+}
+#endif
+
+#if defined(MBEDTLS_PLATFORM_MEMORY)
+#if !defined(MBEDTLS_PLATFORM_STD_CALLOC)
+static void *platform_calloc_uninit( size_t n, size_t size )
+{
+    ((void) n);
+    ((void) size);
+    return( NULL );
+}
+
+#define MBEDTLS_PLATFORM_STD_CALLOC   platform_calloc_uninit
+#endif /* !MBEDTLS_PLATFORM_STD_CALLOC */
+
+#if !defined(MBEDTLS_PLATFORM_STD_FREE)
+static void platform_free_uninit( void *ptr )
+{
+    ((void) ptr);
+}
+
+#define MBEDTLS_PLATFORM_STD_FREE     platform_free_uninit
+#endif /* !MBEDTLS_PLATFORM_STD_FREE */
+
+void * (*mbedtls_calloc)( size_t, size_t ) = MBEDTLS_PLATFORM_STD_CALLOC;
+void (*mbedtls_free)( void * )     = MBEDTLS_PLATFORM_STD_FREE;
+
+int mbedtls_platform_set_calloc_free( void * (*calloc_func)( size_t, size_t ),
+                              void (*free_func)( void * ) )
+{
+    mbedtls_calloc = calloc_func;
+    mbedtls_free = free_func;
+    return( 0 );
+}
+#endif /* MBEDTLS_PLATFORM_MEMORY */
+
+#if defined(_WIN32)
+#include <stdarg.h>
+int mbedtls_platform_win32_snprintf( char *s, size_t n, const char *fmt, ... )
+{
+    int ret;
+    va_list argp;
+
+    /* Avoid calling the invalid parameter handler by checking ourselves */
+    if( s == NULL || n == 0 || fmt == NULL )
+        return( -1 );
+
+    va_start( argp, fmt );
+#if defined(_TRUNCATE)
+    ret = _vsnprintf_s( s, n, _TRUNCATE, fmt, argp );
+#else
+    ret = _vsnprintf( s, n, fmt, argp );
+    if( ret < 0 || (size_t) ret == n )
+    {
+        s[n-1] = '\0';
+        ret = -1;
+    }
+#endif
+    va_end( argp );
+
+    return( ret );
+}
+#endif
+
+#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT)
+#if !defined(MBEDTLS_PLATFORM_STD_SNPRINTF)
+/*
+ * Make dummy function to prevent NULL pointer dereferences
+ */
+static int platform_snprintf_uninit( char * s, size_t n,
+                                     const char * format, ... )
+{
+    ((void) s);
+    ((void) n);
+    ((void) format);
+    return( 0 );
+}
+
+#define MBEDTLS_PLATFORM_STD_SNPRINTF    platform_snprintf_uninit
+#endif /* !MBEDTLS_PLATFORM_STD_SNPRINTF */
+
+int (*mbedtls_snprintf)( char * s, size_t n,
+                          const char * format,
+                          ... ) = MBEDTLS_PLATFORM_STD_SNPRINTF;
+
+int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n,
+                                                 const char * format,
+                                                 ... ) )
+{
+    mbedtls_snprintf = snprintf_func;
+    return( 0 );
+}
+#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
+
+#if defined(MBEDTLS_PLATFORM_PRINTF_ALT)
+#if !defined(MBEDTLS_PLATFORM_STD_PRINTF)
+/*
+ * Make dummy function to prevent NULL pointer dereferences
+ */
+static int platform_printf_uninit( const char *format, ... )
+{
+    ((void) format);
+    return( 0 );
+}
+
+#define MBEDTLS_PLATFORM_STD_PRINTF    platform_printf_uninit
+#endif /* !MBEDTLS_PLATFORM_STD_PRINTF */
+
+int (*mbedtls_printf)( const char *, ... ) = MBEDTLS_PLATFORM_STD_PRINTF;
+
+int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) )
+{
+    mbedtls_printf = printf_func;
+    return( 0 );
+}
+#endif /* MBEDTLS_PLATFORM_PRINTF_ALT */
+
+#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT)
+#if !defined(MBEDTLS_PLATFORM_STD_FPRINTF)
+/*
+ * Make dummy function to prevent NULL pointer dereferences
+ */
+static int platform_fprintf_uninit( FILE *stream, const char *format, ... )
+{
+    ((void) stream);
+    ((void) format);
+    return( 0 );
+}
+
+#define MBEDTLS_PLATFORM_STD_FPRINTF   platform_fprintf_uninit
+#endif /* !MBEDTLS_PLATFORM_STD_FPRINTF */
+
+int (*mbedtls_fprintf)( FILE *, const char *, ... ) =
+                                        MBEDTLS_PLATFORM_STD_FPRINTF;
+
+int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *, const char *, ... ) )
+{
+    mbedtls_fprintf = fprintf_func;
+    return( 0 );
+}
+#endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */
+
+#if defined(MBEDTLS_PLATFORM_EXIT_ALT)
+#if !defined(MBEDTLS_PLATFORM_STD_EXIT)
+/*
+ * Make dummy function to prevent NULL pointer dereferences
+ */
+static void platform_exit_uninit( int status )
+{
+    ((void) status);
+}
+
+#define MBEDTLS_PLATFORM_STD_EXIT   platform_exit_uninit
+#endif /* !MBEDTLS_PLATFORM_STD_EXIT */
+
+void (*mbedtls_exit)( int status ) = MBEDTLS_PLATFORM_STD_EXIT;
+
+int mbedtls_platform_set_exit( void (*exit_func)( int status ) )
+{
+    mbedtls_exit = exit_func;
+    return( 0 );
+}
+#endif /* MBEDTLS_PLATFORM_EXIT_ALT */
+
+#if defined(MBEDTLS_HAVE_TIME)
+
+#if defined(MBEDTLS_PLATFORM_TIME_ALT)
+#if !defined(MBEDTLS_PLATFORM_STD_TIME)
+/*
+ * Make dummy function to prevent NULL pointer dereferences
+ */
+static mbedtls_time_t platform_time_uninit( mbedtls_time_t* timer )
+{
+    ((void) timer);
+    return( 0 );
+}
+
+#define MBEDTLS_PLATFORM_STD_TIME   platform_time_uninit
+#endif /* !MBEDTLS_PLATFORM_STD_TIME */
+
+mbedtls_time_t (*mbedtls_time)( mbedtls_time_t* timer ) = MBEDTLS_PLATFORM_STD_TIME;
+
+int mbedtls_platform_set_time( mbedtls_time_t (*time_func)( mbedtls_time_t* timer ) )
+{
+    mbedtls_time = time_func;
+    return( 0 );
+}
+#endif /* MBEDTLS_PLATFORM_TIME_ALT */
+
+#endif /* MBEDTLS_HAVE_TIME */
+
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+#if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) && defined(MBEDTLS_FS_IO)
+/* Default implementations for the platform independent seed functions use
+ * standard libc file functions to read from and write to a pre-defined filename
+ */
+int mbedtls_platform_std_nv_seed_read( unsigned char *buf, size_t buf_len )
+{
+    FILE *file;
+    size_t n;
+
+    if( ( file = fopen( MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "rb" ) ) == NULL )
+        return( -1 );
+
+    if( ( n = fread( buf, 1, buf_len, file ) ) != buf_len )
+    {
+        fclose( file );
+        mbedtls_zeroize( buf, buf_len );
+        return( -1 );
+    }
+
+    fclose( file );
+    return( (int)n );
+}
+
+int mbedtls_platform_std_nv_seed_write( unsigned char *buf, size_t buf_len )
+{
+    FILE *file;
+    size_t n;
+
+    if( ( file = fopen( MBEDTLS_PLATFORM_STD_NV_SEED_FILE, "w" ) ) == NULL )
+        return -1;
+
+    if( ( n = fwrite( buf, 1, buf_len, file ) ) != buf_len )
+    {
+        fclose( file );
+        return -1;
+    }
+
+    fclose( file );
+    return( (int)n );
+}
+#endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */
+
+#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
+#if !defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ)
+/*
+ * Make dummy function to prevent NULL pointer dereferences
+ */
+static int platform_nv_seed_read_uninit( unsigned char *buf, size_t buf_len )
+{
+    ((void) buf);
+    ((void) buf_len);
+    return( -1 );
+}
+
+#define MBEDTLS_PLATFORM_STD_NV_SEED_READ   platform_nv_seed_read_uninit
+#endif /* !MBEDTLS_PLATFORM_STD_NV_SEED_READ */
+
+#if !defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE)
+/*
+ * Make dummy function to prevent NULL pointer dereferences
+ */
+static int platform_nv_seed_write_uninit( unsigned char *buf, size_t buf_len )
+{
+    ((void) buf);
+    ((void) buf_len);
+    return( -1 );
+}
+
+#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE   platform_nv_seed_write_uninit
+#endif /* !MBEDTLS_PLATFORM_STD_NV_SEED_WRITE */
+
+int (*mbedtls_nv_seed_read)( unsigned char *buf, size_t buf_len ) =
+            MBEDTLS_PLATFORM_STD_NV_SEED_READ;
+int (*mbedtls_nv_seed_write)( unsigned char *buf, size_t buf_len ) =
+            MBEDTLS_PLATFORM_STD_NV_SEED_WRITE;
+
+int mbedtls_platform_set_nv_seed(
+        int (*nv_seed_read_func)( unsigned char *buf, size_t buf_len ),
+        int (*nv_seed_write_func)( unsigned char *buf, size_t buf_len ) )
+{
+    mbedtls_nv_seed_read = nv_seed_read_func;
+    mbedtls_nv_seed_write = nv_seed_write_func;
+    return( 0 );
+}
+#endif /* MBEDTLS_PLATFORM_NV_SEED_ALT */
+#endif /* MBEDTLS_ENTROPY_NV_SEED */
+
+#if !defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT)
+/*
+ * Placeholder platform setup that does nothing by default
+ */
+int mbedtls_platform_setup( mbedtls_platform_context *ctx )
+{
+    (void)ctx;
+
+    return( 0 );
+}
+
+/*
+ * Placeholder platform teardown that does nothing by default
+ */
+void mbedtls_platform_teardown( mbedtls_platform_context *ctx )
+{
+    (void)ctx;
+}
+#endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */
+
+#endif /* MBEDTLS_PLATFORM_C */
diff --git a/thirdparty/mbedtls/library/ripemd160.c b/thirdparty/mbedtls/library/ripemd160.c
new file mode 100644
index 0000000000..b85b117c6a
--- /dev/null
+++ b/thirdparty/mbedtls/library/ripemd160.c
@@ -0,0 +1,515 @@
+/*
+ *  RIPE MD-160 implementation
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/*
+ *  The RIPEMD-160 algorithm was designed by RIPE in 1996
+ *  http://homes.esat.kuleuven.be/~bosselae/mbedtls_ripemd160.html
+ *  http://ehash.iaik.tugraz.at/wiki/RIPEMD-160
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_RIPEMD160_C)
+
+#include "mbedtls/ripemd160.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_SELF_TEST)
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif /* MBEDTLS_PLATFORM_C */
+#endif /* MBEDTLS_SELF_TEST */
+
+#if !defined(MBEDTLS_RIPEMD160_ALT)
+
+/*
+ * 32-bit integer manipulation macros (little endian)
+ */
+#ifndef GET_UINT32_LE
+#define GET_UINT32_LE(n,b,i)                            \
+{                                                       \
+    (n) = ( (uint32_t) (b)[(i)    ]       )             \
+        | ( (uint32_t) (b)[(i) + 1] <<  8 )             \
+        | ( (uint32_t) (b)[(i) + 2] << 16 )             \
+        | ( (uint32_t) (b)[(i) + 3] << 24 );            \
+}
+#endif
+
+#ifndef PUT_UINT32_LE
+#define PUT_UINT32_LE(n,b,i)                                    \
+{                                                               \
+    (b)[(i)    ] = (unsigned char) ( ( (n)       ) & 0xFF );    \
+    (b)[(i) + 1] = (unsigned char) ( ( (n) >>  8 ) & 0xFF );    \
+    (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF );    \
+    (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF );    \
+}
+#endif
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+void mbedtls_ripemd160_init( mbedtls_ripemd160_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_ripemd160_context ) );
+}
+
+void mbedtls_ripemd160_free( mbedtls_ripemd160_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    mbedtls_zeroize( ctx, sizeof( mbedtls_ripemd160_context ) );
+}
+
+void mbedtls_ripemd160_clone( mbedtls_ripemd160_context *dst,
+                        const mbedtls_ripemd160_context *src )
+{
+    *dst = *src;
+}
+
+/*
+ * RIPEMD-160 context setup
+ */
+int mbedtls_ripemd160_starts_ret( mbedtls_ripemd160_context *ctx )
+{
+    ctx->total[0] = 0;
+    ctx->total[1] = 0;
+
+    ctx->state[0] = 0x67452301;
+    ctx->state[1] = 0xEFCDAB89;
+    ctx->state[2] = 0x98BADCFE;
+    ctx->state[3] = 0x10325476;
+    ctx->state[4] = 0xC3D2E1F0;
+
+    return( 0 );
+}
+
+#if !defined(MBEDTLS_RIPEMD160_PROCESS_ALT)
+/*
+ * Process one block
+ */
+int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx,
+                                        const unsigned char data[64] )
+{
+    uint32_t A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, X[16];
+
+    GET_UINT32_LE( X[ 0], data,  0 );
+    GET_UINT32_LE( X[ 1], data,  4 );
+    GET_UINT32_LE( X[ 2], data,  8 );
+    GET_UINT32_LE( X[ 3], data, 12 );
+    GET_UINT32_LE( X[ 4], data, 16 );
+    GET_UINT32_LE( X[ 5], data, 20 );
+    GET_UINT32_LE( X[ 6], data, 24 );
+    GET_UINT32_LE( X[ 7], data, 28 );
+    GET_UINT32_LE( X[ 8], data, 32 );
+    GET_UINT32_LE( X[ 9], data, 36 );
+    GET_UINT32_LE( X[10], data, 40 );
+    GET_UINT32_LE( X[11], data, 44 );
+    GET_UINT32_LE( X[12], data, 48 );
+    GET_UINT32_LE( X[13], data, 52 );
+    GET_UINT32_LE( X[14], data, 56 );
+    GET_UINT32_LE( X[15], data, 60 );
+
+    A = Ap = ctx->state[0];
+    B = Bp = ctx->state[1];
+    C = Cp = ctx->state[2];
+    D = Dp = ctx->state[3];
+    E = Ep = ctx->state[4];
+
+#define F1( x, y, z )   ( x ^ y ^ z )
+#define F2( x, y, z )   ( ( x & y ) | ( ~x & z ) )
+#define F3( x, y, z )   ( ( x | ~y ) ^ z )
+#define F4( x, y, z )   ( ( x & z ) | ( y & ~z ) )
+#define F5( x, y, z )   ( x ^ ( y | ~z ) )
+
+#define S( x, n ) ( ( x << n ) | ( x >> (32 - n) ) )
+
+#define P( a, b, c, d, e, r, s, f, k )      \
+    a += f( b, c, d ) + X[r] + k;           \
+    a = S( a, s ) + e;                      \
+    c = S( c, 10 );
+
+#define P2( a, b, c, d, e, r, s, rp, sp )   \
+    P( a, b, c, d, e, r, s, F, K );         \
+    P( a ## p, b ## p, c ## p, d ## p, e ## p, rp, sp, Fp, Kp );
+
+#define F   F1
+#define K   0x00000000
+#define Fp  F5
+#define Kp  0x50A28BE6
+    P2( A, B, C, D, E,  0, 11,  5,  8 );
+    P2( E, A, B, C, D,  1, 14, 14,  9 );
+    P2( D, E, A, B, C,  2, 15,  7,  9 );
+    P2( C, D, E, A, B,  3, 12,  0, 11 );
+    P2( B, C, D, E, A,  4,  5,  9, 13 );
+    P2( A, B, C, D, E,  5,  8,  2, 15 );
+    P2( E, A, B, C, D,  6,  7, 11, 15 );
+    P2( D, E, A, B, C,  7,  9,  4,  5 );
+    P2( C, D, E, A, B,  8, 11, 13,  7 );
+    P2( B, C, D, E, A,  9, 13,  6,  7 );
+    P2( A, B, C, D, E, 10, 14, 15,  8 );
+    P2( E, A, B, C, D, 11, 15,  8, 11 );
+    P2( D, E, A, B, C, 12,  6,  1, 14 );
+    P2( C, D, E, A, B, 13,  7, 10, 14 );
+    P2( B, C, D, E, A, 14,  9,  3, 12 );
+    P2( A, B, C, D, E, 15,  8, 12,  6 );
+#undef F
+#undef K
+#undef Fp
+#undef Kp
+
+#define F   F2
+#define K   0x5A827999
+#define Fp  F4
+#define Kp  0x5C4DD124
+    P2( E, A, B, C, D,  7,  7,  6,  9 );
+    P2( D, E, A, B, C,  4,  6, 11, 13 );
+    P2( C, D, E, A, B, 13,  8,  3, 15 );
+    P2( B, C, D, E, A,  1, 13,  7,  7 );
+    P2( A, B, C, D, E, 10, 11,  0, 12 );
+    P2( E, A, B, C, D,  6,  9, 13,  8 );
+    P2( D, E, A, B, C, 15,  7,  5,  9 );
+    P2( C, D, E, A, B,  3, 15, 10, 11 );
+    P2( B, C, D, E, A, 12,  7, 14,  7 );
+    P2( A, B, C, D, E,  0, 12, 15,  7 );
+    P2( E, A, B, C, D,  9, 15,  8, 12 );
+    P2( D, E, A, B, C,  5,  9, 12,  7 );
+    P2( C, D, E, A, B,  2, 11,  4,  6 );
+    P2( B, C, D, E, A, 14,  7,  9, 15 );
+    P2( A, B, C, D, E, 11, 13,  1, 13 );
+    P2( E, A, B, C, D,  8, 12,  2, 11 );
+#undef F
+#undef K
+#undef Fp
+#undef Kp
+
+#define F   F3
+#define K   0x6ED9EBA1
+#define Fp  F3
+#define Kp  0x6D703EF3
+    P2( D, E, A, B, C,  3, 11, 15,  9 );
+    P2( C, D, E, A, B, 10, 13,  5,  7 );
+    P2( B, C, D, E, A, 14,  6,  1, 15 );
+    P2( A, B, C, D, E,  4,  7,  3, 11 );
+    P2( E, A, B, C, D,  9, 14,  7,  8 );
+    P2( D, E, A, B, C, 15,  9, 14,  6 );
+    P2( C, D, E, A, B,  8, 13,  6,  6 );
+    P2( B, C, D, E, A,  1, 15,  9, 14 );
+    P2( A, B, C, D, E,  2, 14, 11, 12 );
+    P2( E, A, B, C, D,  7,  8,  8, 13 );
+    P2( D, E, A, B, C,  0, 13, 12,  5 );
+    P2( C, D, E, A, B,  6,  6,  2, 14 );
+    P2( B, C, D, E, A, 13,  5, 10, 13 );
+    P2( A, B, C, D, E, 11, 12,  0, 13 );
+    P2( E, A, B, C, D,  5,  7,  4,  7 );
+    P2( D, E, A, B, C, 12,  5, 13,  5 );
+#undef F
+#undef K
+#undef Fp
+#undef Kp
+
+#define F   F4
+#define K   0x8F1BBCDC
+#define Fp  F2
+#define Kp  0x7A6D76E9
+    P2( C, D, E, A, B,  1, 11,  8, 15 );
+    P2( B, C, D, E, A,  9, 12,  6,  5 );
+    P2( A, B, C, D, E, 11, 14,  4,  8 );
+    P2( E, A, B, C, D, 10, 15,  1, 11 );
+    P2( D, E, A, B, C,  0, 14,  3, 14 );
+    P2( C, D, E, A, B,  8, 15, 11, 14 );
+    P2( B, C, D, E, A, 12,  9, 15,  6 );
+    P2( A, B, C, D, E,  4,  8,  0, 14 );
+    P2( E, A, B, C, D, 13,  9,  5,  6 );
+    P2( D, E, A, B, C,  3, 14, 12,  9 );
+    P2( C, D, E, A, B,  7,  5,  2, 12 );
+    P2( B, C, D, E, A, 15,  6, 13,  9 );
+    P2( A, B, C, D, E, 14,  8,  9, 12 );
+    P2( E, A, B, C, D,  5,  6,  7,  5 );
+    P2( D, E, A, B, C,  6,  5, 10, 15 );
+    P2( C, D, E, A, B,  2, 12, 14,  8 );
+#undef F
+#undef K
+#undef Fp
+#undef Kp
+
+#define F   F5
+#define K   0xA953FD4E
+#define Fp  F1
+#define Kp  0x00000000
+    P2( B, C, D, E, A,  4,  9, 12,  8 );
+    P2( A, B, C, D, E,  0, 15, 15,  5 );
+    P2( E, A, B, C, D,  5,  5, 10, 12 );
+    P2( D, E, A, B, C,  9, 11,  4,  9 );
+    P2( C, D, E, A, B,  7,  6,  1, 12 );
+    P2( B, C, D, E, A, 12,  8,  5,  5 );
+    P2( A, B, C, D, E,  2, 13,  8, 14 );
+    P2( E, A, B, C, D, 10, 12,  7,  6 );
+    P2( D, E, A, B, C, 14,  5,  6,  8 );
+    P2( C, D, E, A, B,  1, 12,  2, 13 );
+    P2( B, C, D, E, A,  3, 13, 13,  6 );
+    P2( A, B, C, D, E,  8, 14, 14,  5 );
+    P2( E, A, B, C, D, 11, 11,  0, 15 );
+    P2( D, E, A, B, C,  6,  8,  3, 13 );
+    P2( C, D, E, A, B, 15,  5,  9, 11 );
+    P2( B, C, D, E, A, 13,  6, 11, 11 );
+#undef F
+#undef K
+#undef Fp
+#undef Kp
+
+    C             = ctx->state[1] + C + Dp;
+    ctx->state[1] = ctx->state[2] + D + Ep;
+    ctx->state[2] = ctx->state[3] + E + Ap;
+    ctx->state[3] = ctx->state[4] + A + Bp;
+    ctx->state[4] = ctx->state[0] + B + Cp;
+    ctx->state[0] = C;
+
+    return( 0 );
+}
+#endif /* !MBEDTLS_RIPEMD160_PROCESS_ALT */
+
+/*
+ * RIPEMD-160 process buffer
+ */
+int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx,
+                                  const unsigned char *input,
+                                  size_t ilen )
+{
+    int ret;
+    size_t fill;
+    uint32_t left;
+
+    if( ilen == 0 )
+        return( 0 );
+
+    left = ctx->total[0] & 0x3F;
+    fill = 64 - left;
+
+    ctx->total[0] += (uint32_t) ilen;
+    ctx->total[0] &= 0xFFFFFFFF;
+
+    if( ctx->total[0] < (uint32_t) ilen )
+        ctx->total[1]++;
+
+    if( left && ilen >= fill )
+    {
+        memcpy( (void *) (ctx->buffer + left), input, fill );
+
+        if( ( ret = mbedtls_internal_ripemd160_process( ctx, ctx->buffer ) ) != 0 )
+            return( ret );
+
+        input += fill;
+        ilen  -= fill;
+        left = 0;
+    }
+
+    while( ilen >= 64 )
+    {
+        if( ( ret = mbedtls_internal_ripemd160_process( ctx, input ) ) != 0 )
+            return( ret );
+
+        input += 64;
+        ilen  -= 64;
+    }
+
+    if( ilen > 0 )
+    {
+        memcpy( (void *) (ctx->buffer + left), input, ilen );
+    }
+
+    return( 0 );
+}
+
+static const unsigned char ripemd160_padding[64] =
+{
+ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+/*
+ * RIPEMD-160 final digest
+ */
+int mbedtls_ripemd160_finish_ret( mbedtls_ripemd160_context *ctx,
+                                  unsigned char output[20] )
+{
+    int ret;
+    uint32_t last, padn;
+    uint32_t high, low;
+    unsigned char msglen[8];
+
+    high = ( ctx->total[0] >> 29 )
+         | ( ctx->total[1] <<  3 );
+    low  = ( ctx->total[0] <<  3 );
+
+    PUT_UINT32_LE( low,  msglen, 0 );
+    PUT_UINT32_LE( high, msglen, 4 );
+
+    last = ctx->total[0] & 0x3F;
+    padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
+
+    ret = mbedtls_ripemd160_update_ret( ctx, ripemd160_padding, padn );
+    if( ret != 0 )
+        return( ret );
+
+    ret = mbedtls_ripemd160_update_ret( ctx, msglen, 8 );
+    if( ret != 0 )
+        return( ret );
+
+    PUT_UINT32_LE( ctx->state[0], output,  0 );
+    PUT_UINT32_LE( ctx->state[1], output,  4 );
+    PUT_UINT32_LE( ctx->state[2], output,  8 );
+    PUT_UINT32_LE( ctx->state[3], output, 12 );
+    PUT_UINT32_LE( ctx->state[4], output, 16 );
+
+    return( 0 );
+}
+
+#endif /* ! MBEDTLS_RIPEMD160_ALT */
+
+/*
+ * output = RIPEMD-160( input buffer )
+ */
+int mbedtls_ripemd160_ret( const unsigned char *input,
+                           size_t ilen,
+                           unsigned char output[20] )
+{
+    int ret;
+    mbedtls_ripemd160_context ctx;
+
+    mbedtls_ripemd160_init( &ctx );
+
+    if( ( ret = mbedtls_ripemd160_starts_ret( &ctx ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_ripemd160_update_ret( &ctx, input, ilen ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_ripemd160_finish_ret( &ctx, output ) ) != 0 )
+        goto exit;
+
+exit:
+    mbedtls_ripemd160_free( &ctx );
+
+    return( ret );
+}
+
+#if defined(MBEDTLS_SELF_TEST)
+/*
+ * Test vectors from the RIPEMD-160 paper and
+ * http://homes.esat.kuleuven.be/~bosselae/mbedtls_ripemd160.html#HMAC
+ */
+#define TESTS   8
+static const unsigned char ripemd160_test_str[TESTS][81] =
+{
+    { "" },
+    { "a" },
+    { "abc" },
+    { "message digest" },
+    { "abcdefghijklmnopqrstuvwxyz" },
+    { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
+    { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
+    { "12345678901234567890123456789012345678901234567890123456789012"
+      "345678901234567890" },
+};
+
+static const size_t ripemd160_test_strlen[TESTS] =
+{
+    0, 1, 3, 14, 26, 56, 62, 80
+};
+
+static const unsigned char ripemd160_test_md[TESTS][20] =
+{
+    { 0x9c, 0x11, 0x85, 0xa5, 0xc5, 0xe9, 0xfc, 0x54, 0x61, 0x28,
+      0x08, 0x97, 0x7e, 0xe8, 0xf5, 0x48, 0xb2, 0x25, 0x8d, 0x31 },
+    { 0x0b, 0xdc, 0x9d, 0x2d, 0x25, 0x6b, 0x3e, 0xe9, 0xda, 0xae,
+      0x34, 0x7b, 0xe6, 0xf4, 0xdc, 0x83, 0x5a, 0x46, 0x7f, 0xfe },
+    { 0x8e, 0xb2, 0x08, 0xf7, 0xe0, 0x5d, 0x98, 0x7a, 0x9b, 0x04,
+      0x4a, 0x8e, 0x98, 0xc6, 0xb0, 0x87, 0xf1, 0x5a, 0x0b, 0xfc },
+    { 0x5d, 0x06, 0x89, 0xef, 0x49, 0xd2, 0xfa, 0xe5, 0x72, 0xb8,
+      0x81, 0xb1, 0x23, 0xa8, 0x5f, 0xfa, 0x21, 0x59, 0x5f, 0x36 },
+    { 0xf7, 0x1c, 0x27, 0x10, 0x9c, 0x69, 0x2c, 0x1b, 0x56, 0xbb,
+      0xdc, 0xeb, 0x5b, 0x9d, 0x28, 0x65, 0xb3, 0x70, 0x8d, 0xbc },
+    { 0x12, 0xa0, 0x53, 0x38, 0x4a, 0x9c, 0x0c, 0x88, 0xe4, 0x05,
+      0xa0, 0x6c, 0x27, 0xdc, 0xf4, 0x9a, 0xda, 0x62, 0xeb, 0x2b },
+    { 0xb0, 0xe2, 0x0b, 0x6e, 0x31, 0x16, 0x64, 0x02, 0x86, 0xed,
+      0x3a, 0x87, 0xa5, 0x71, 0x30, 0x79, 0xb2, 0x1f, 0x51, 0x89 },
+    { 0x9b, 0x75, 0x2e, 0x45, 0x57, 0x3d, 0x4b, 0x39, 0xf4, 0xdb,
+      0xd3, 0x32, 0x3c, 0xab, 0x82, 0xbf, 0x63, 0x32, 0x6b, 0xfb },
+};
+
+/*
+ * Checkup routine
+ */
+int mbedtls_ripemd160_self_test( int verbose )
+{
+    int i, ret = 0;
+    unsigned char output[20];
+
+    memset( output, 0, sizeof output );
+
+    for( i = 0; i < TESTS; i++ )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "  RIPEMD-160 test #%d: ", i + 1 );
+
+        ret = mbedtls_ripemd160_ret( ripemd160_test_str[i],
+                                     ripemd160_test_strlen[i], output );
+        if( ret != 0 )
+            goto fail;
+
+        if( memcmp( output, ripemd160_test_md[i], 20 ) != 0 )
+        {
+            ret = 1;
+            goto fail;
+        }
+
+        if( verbose != 0 )
+            mbedtls_printf( "passed\n" );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+    return( 0 );
+
+fail:
+    if( verbose != 0 )
+        mbedtls_printf( "failed\n" );
+
+    return( ret );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_RIPEMD160_C */
diff --git a/thirdparty/mbedtls/library/rsa.c b/thirdparty/mbedtls/library/rsa.c
new file mode 100644
index 0000000000..6526978e26
--- /dev/null
+++ b/thirdparty/mbedtls/library/rsa.c
@@ -0,0 +1,2320 @@
+/*
+ *  The RSA public-key cryptosystem
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/*
+ *  The following sources were referenced in the design of this implementation
+ *  of the RSA algorithm:
+ *
+ *  [1] A method for obtaining digital signatures and public-key cryptosystems
+ *      R Rivest, A Shamir, and L Adleman
+ *      http://people.csail.mit.edu/rivest/pubs.html#RSA78
+ *
+ *  [2] Handbook of Applied Cryptography - 1997, Chapter 8
+ *      Menezes, van Oorschot and Vanstone
+ *
+ *  [3] Malware Guard Extension: Using SGX to Conceal Cache Attacks
+ *      Michael Schwarz, Samuel Weiser, Daniel Gruss, Clémentine Maurice and
+ *      Stefan Mangard
+ *      https://arxiv.org/abs/1702.08719v2
+ *
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_RSA_C)
+
+#include "mbedtls/rsa.h"
+#include "mbedtls/rsa_internal.h"
+#include "mbedtls/oid.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_PKCS1_V21)
+#include "mbedtls/md.h"
+#endif
+
+#if defined(MBEDTLS_PKCS1_V15) && !defined(__OpenBSD__)
+#include <stdlib.h>
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#define mbedtls_calloc calloc
+#define mbedtls_free   free
+#endif
+
+#if !defined(MBEDTLS_RSA_ALT)
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
+}
+
+/* constant-time buffer comparison */
+static inline int mbedtls_safer_memcmp( const void *a, const void *b, size_t n )
+{
+    size_t i;
+    const unsigned char *A = (const unsigned char *) a;
+    const unsigned char *B = (const unsigned char *) b;
+    unsigned char diff = 0;
+
+    for( i = 0; i < n; i++ )
+        diff |= A[i] ^ B[i];
+
+    return( diff );
+}
+
+int mbedtls_rsa_import( mbedtls_rsa_context *ctx,
+                        const mbedtls_mpi *N,
+                        const mbedtls_mpi *P, const mbedtls_mpi *Q,
+                        const mbedtls_mpi *D, const mbedtls_mpi *E )
+{
+    int ret;
+
+    if( ( N != NULL && ( ret = mbedtls_mpi_copy( &ctx->N, N ) ) != 0 ) ||
+        ( P != NULL && ( ret = mbedtls_mpi_copy( &ctx->P, P ) ) != 0 ) ||
+        ( Q != NULL && ( ret = mbedtls_mpi_copy( &ctx->Q, Q ) ) != 0 ) ||
+        ( D != NULL && ( ret = mbedtls_mpi_copy( &ctx->D, D ) ) != 0 ) ||
+        ( E != NULL && ( ret = mbedtls_mpi_copy( &ctx->E, E ) ) != 0 ) )
+    {
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
+    }
+
+    if( N != NULL )
+        ctx->len = mbedtls_mpi_size( &ctx->N );
+
+    return( 0 );
+}
+
+int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx,
+                            unsigned char const *N, size_t N_len,
+                            unsigned char const *P, size_t P_len,
+                            unsigned char const *Q, size_t Q_len,
+                            unsigned char const *D, size_t D_len,
+                            unsigned char const *E, size_t E_len )
+{
+    int ret = 0;
+
+    if( N != NULL )
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->N, N, N_len ) );
+        ctx->len = mbedtls_mpi_size( &ctx->N );
+    }
+
+    if( P != NULL )
+        MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->P, P, P_len ) );
+
+    if( Q != NULL )
+        MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->Q, Q, Q_len ) );
+
+    if( D != NULL )
+        MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->D, D, D_len ) );
+
+    if( E != NULL )
+        MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->E, E, E_len ) );
+
+cleanup:
+
+    if( ret != 0 )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
+
+    return( 0 );
+}
+
+/*
+ * Checks whether the context fields are set in such a way
+ * that the RSA primitives will be able to execute without error.
+ * It does *not* make guarantees for consistency of the parameters.
+ */
+static int rsa_check_context( mbedtls_rsa_context const *ctx, int is_priv,
+                              int blinding_needed )
+{
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    /* blinding_needed is only used for NO_CRT to decide whether
+     * P,Q need to be present or not. */
+    ((void) blinding_needed);
+#endif
+
+    if( ctx->len != mbedtls_mpi_size( &ctx->N ) ||
+        ctx->len > MBEDTLS_MPI_MAX_SIZE )
+    {
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+    }
+
+    /*
+     * 1. Modular exponentiation needs positive, odd moduli.
+     */
+
+    /* Modular exponentiation wrt. N is always used for
+     * RSA public key operations. */
+    if( mbedtls_mpi_cmp_int( &ctx->N, 0 ) <= 0 ||
+        mbedtls_mpi_get_bit( &ctx->N, 0 ) == 0  )
+    {
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+    }
+
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    /* Modular exponentiation for P and Q is only
+     * used for private key operations and if CRT
+     * is used. */
+    if( is_priv &&
+        ( mbedtls_mpi_cmp_int( &ctx->P, 0 ) <= 0 ||
+          mbedtls_mpi_get_bit( &ctx->P, 0 ) == 0 ||
+          mbedtls_mpi_cmp_int( &ctx->Q, 0 ) <= 0 ||
+          mbedtls_mpi_get_bit( &ctx->Q, 0 ) == 0  ) )
+    {
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+    }
+#endif /* !MBEDTLS_RSA_NO_CRT */
+
+    /*
+     * 2. Exponents must be positive
+     */
+
+    /* Always need E for public key operations */
+    if( mbedtls_mpi_cmp_int( &ctx->E, 0 ) <= 0 )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+#if defined(MBEDTLS_RSA_NO_CRT)
+    /* For private key operations, use D or DP & DQ
+     * as (unblinded) exponents. */
+    if( is_priv && mbedtls_mpi_cmp_int( &ctx->D, 0 ) <= 0 )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+#else
+    if( is_priv &&
+        ( mbedtls_mpi_cmp_int( &ctx->DP, 0 ) <= 0 ||
+          mbedtls_mpi_cmp_int( &ctx->DQ, 0 ) <= 0  ) )
+    {
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+    }
+#endif /* MBEDTLS_RSA_NO_CRT */
+
+    /* Blinding shouldn't make exponents negative either,
+     * so check that P, Q >= 1 if that hasn't yet been
+     * done as part of 1. */
+#if defined(MBEDTLS_RSA_NO_CRT)
+    if( is_priv && blinding_needed &&
+        ( mbedtls_mpi_cmp_int( &ctx->P, 0 ) <= 0 ||
+          mbedtls_mpi_cmp_int( &ctx->Q, 0 ) <= 0 ) )
+    {
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+    }
+#endif
+
+    /* It wouldn't lead to an error if it wasn't satisfied,
+     * but check for QP >= 1 nonetheless. */
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    if( is_priv &&
+        mbedtls_mpi_cmp_int( &ctx->QP, 0 ) <= 0 )
+    {
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+    }
+#endif
+
+    return( 0 );
+}
+
+int mbedtls_rsa_complete( mbedtls_rsa_context *ctx )
+{
+    int ret = 0;
+
+    const int have_N = ( mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 );
+    const int have_P = ( mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 );
+    const int have_Q = ( mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 );
+    const int have_D = ( mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 );
+    const int have_E = ( mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0 );
+
+    /*
+     * Check whether provided parameters are enough
+     * to deduce all others. The following incomplete
+     * parameter sets for private keys are supported:
+     *
+     * (1) P, Q missing.
+     * (2) D and potentially N missing.
+     *
+     */
+
+    const int n_missing  =              have_P &&  have_Q &&  have_D && have_E;
+    const int pq_missing =   have_N && !have_P && !have_Q &&  have_D && have_E;
+    const int d_missing  =              have_P &&  have_Q && !have_D && have_E;
+    const int is_pub     =   have_N && !have_P && !have_Q && !have_D && have_E;
+
+    /* These three alternatives are mutually exclusive */
+    const int is_priv = n_missing || pq_missing || d_missing;
+
+    if( !is_priv && !is_pub )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    /*
+     * Step 1: Deduce N if P, Q are provided.
+     */
+
+    if( !have_N && have_P && have_Q )
+    {
+        if( ( ret = mbedtls_mpi_mul_mpi( &ctx->N, &ctx->P,
+                                         &ctx->Q ) ) != 0 )
+        {
+            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
+        }
+
+        ctx->len = mbedtls_mpi_size( &ctx->N );
+    }
+
+    /*
+     * Step 2: Deduce and verify all remaining core parameters.
+     */
+
+    if( pq_missing )
+    {
+        ret = mbedtls_rsa_deduce_primes( &ctx->N, &ctx->E, &ctx->D,
+                                         &ctx->P, &ctx->Q );
+        if( ret != 0 )
+            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
+
+    }
+    else if( d_missing )
+    {
+        if( ( ret = mbedtls_rsa_deduce_private_exponent( &ctx->P,
+                                                         &ctx->Q,
+                                                         &ctx->E,
+                                                         &ctx->D ) ) != 0 )
+        {
+            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
+        }
+    }
+
+    /*
+     * Step 3: Deduce all additional parameters specific
+     *         to our current RSA implementation.
+     */
+
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    if( is_priv )
+    {
+        ret = mbedtls_rsa_deduce_crt( &ctx->P,  &ctx->Q,  &ctx->D,
+                                      &ctx->DP, &ctx->DQ, &ctx->QP );
+        if( ret != 0 )
+            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
+    }
+#endif /* MBEDTLS_RSA_NO_CRT */
+
+    /*
+     * Step 3: Basic sanity checks
+     */
+
+    return( rsa_check_context( ctx, is_priv, 1 ) );
+}
+
+int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx,
+                            unsigned char *N, size_t N_len,
+                            unsigned char *P, size_t P_len,
+                            unsigned char *Q, size_t Q_len,
+                            unsigned char *D, size_t D_len,
+                            unsigned char *E, size_t E_len )
+{
+    int ret = 0;
+
+    /* Check if key is private or public */
+    const int is_priv =
+        mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 &&
+        mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 &&
+        mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 &&
+        mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 &&
+        mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0;
+
+    if( !is_priv )
+    {
+        /* If we're trying to export private parameters for a public key,
+         * something must be wrong. */
+        if( P != NULL || Q != NULL || D != NULL )
+            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    }
+
+    if( N != NULL )
+        MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->N, N, N_len ) );
+
+    if( P != NULL )
+        MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->P, P, P_len ) );
+
+    if( Q != NULL )
+        MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->Q, Q, Q_len ) );
+
+    if( D != NULL )
+        MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->D, D, D_len ) );
+
+    if( E != NULL )
+        MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->E, E, E_len ) );
+
+cleanup:
+
+    return( ret );
+}
+
+int mbedtls_rsa_export( const mbedtls_rsa_context *ctx,
+                        mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q,
+                        mbedtls_mpi *D, mbedtls_mpi *E )
+{
+    int ret;
+
+    /* Check if key is private or public */
+    int is_priv =
+        mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 &&
+        mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 &&
+        mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 &&
+        mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 &&
+        mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0;
+
+    if( !is_priv )
+    {
+        /* If we're trying to export private parameters for a public key,
+         * something must be wrong. */
+        if( P != NULL || Q != NULL || D != NULL )
+            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    }
+
+    /* Export all requested core parameters. */
+
+    if( ( N != NULL && ( ret = mbedtls_mpi_copy( N, &ctx->N ) ) != 0 ) ||
+        ( P != NULL && ( ret = mbedtls_mpi_copy( P, &ctx->P ) ) != 0 ) ||
+        ( Q != NULL && ( ret = mbedtls_mpi_copy( Q, &ctx->Q ) ) != 0 ) ||
+        ( D != NULL && ( ret = mbedtls_mpi_copy( D, &ctx->D ) ) != 0 ) ||
+        ( E != NULL && ( ret = mbedtls_mpi_copy( E, &ctx->E ) ) != 0 ) )
+    {
+        return( ret );
+    }
+
+    return( 0 );
+}
+
+/*
+ * Export CRT parameters
+ * This must also be implemented if CRT is not used, for being able to
+ * write DER encoded RSA keys. The helper function mbedtls_rsa_deduce_crt
+ * can be used in this case.
+ */
+int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx,
+                            mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP )
+{
+    int ret;
+
+    /* Check if key is private or public */
+    int is_priv =
+        mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 &&
+        mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 &&
+        mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 &&
+        mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 &&
+        mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0;
+
+    if( !is_priv )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    /* Export all requested blinding parameters. */
+    if( ( DP != NULL && ( ret = mbedtls_mpi_copy( DP, &ctx->DP ) ) != 0 ) ||
+        ( DQ != NULL && ( ret = mbedtls_mpi_copy( DQ, &ctx->DQ ) ) != 0 ) ||
+        ( QP != NULL && ( ret = mbedtls_mpi_copy( QP, &ctx->QP ) ) != 0 ) )
+    {
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
+    }
+#else
+    if( ( ret = mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D,
+                                        DP, DQ, QP ) ) != 0 )
+    {
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA + ret );
+    }
+#endif
+
+    return( 0 );
+}
+
+/*
+ * Initialize an RSA context
+ */
+void mbedtls_rsa_init( mbedtls_rsa_context *ctx,
+               int padding,
+               int hash_id )
+{
+    memset( ctx, 0, sizeof( mbedtls_rsa_context ) );
+
+    mbedtls_rsa_set_padding( ctx, padding, hash_id );
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_init( &ctx->mutex );
+#endif
+}
+
+/*
+ * Set padding for an existing RSA context
+ */
+void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, int hash_id )
+{
+    ctx->padding = padding;
+    ctx->hash_id = hash_id;
+}
+
+/*
+ * Get length in bytes of RSA modulus
+ */
+
+size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx )
+{
+    return( ctx->len );
+}
+
+
+#if defined(MBEDTLS_GENPRIME)
+
+/*
+ * Generate an RSA keypair
+ */
+int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx,
+                 int (*f_rng)(void *, unsigned char *, size_t),
+                 void *p_rng,
+                 unsigned int nbits, int exponent )
+{
+    int ret;
+    mbedtls_mpi H, G;
+
+    if( f_rng == NULL || nbits < 128 || exponent < 3 )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    if( nbits % 2 )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    mbedtls_mpi_init( &H );
+    mbedtls_mpi_init( &G );
+
+    /*
+     * find primes P and Q with Q < P so that:
+     * GCD( E, (P-1)*(Q-1) ) == 1
+     */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &ctx->E, exponent ) );
+
+    do
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->P, nbits >> 1, 0,
+                                                f_rng, p_rng ) );
+
+        MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->Q, nbits >> 1, 0,
+                                                f_rng, p_rng ) );
+
+        if( mbedtls_mpi_cmp_mpi( &ctx->P, &ctx->Q ) == 0 )
+            continue;
+
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->N, &ctx->P, &ctx->Q ) );
+        if( mbedtls_mpi_bitlen( &ctx->N ) != nbits )
+            continue;
+
+        if( mbedtls_mpi_cmp_mpi( &ctx->P, &ctx->Q ) < 0 )
+            mbedtls_mpi_swap( &ctx->P, &ctx->Q );
+
+        /* Temporarily replace P,Q by P-1, Q-1 */
+        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &ctx->P, &ctx->P, 1 ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &ctx->Q, &ctx->Q, 1 ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &H, &ctx->P, &ctx->Q ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &G, &ctx->E, &H  ) );
+    }
+    while( mbedtls_mpi_cmp_int( &G, 1 ) != 0 );
+
+    /* Restore P,Q */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &ctx->P,  &ctx->P, 1 ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &ctx->Q,  &ctx->Q, 1 ) );
+
+    ctx->len = mbedtls_mpi_size( &ctx->N );
+
+    /*
+     * D  = E^-1 mod ((P-1)*(Q-1))
+     * DP = D mod (P - 1)
+     * DQ = D mod (Q - 1)
+     * QP = Q^-1 mod P
+     */
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &ctx->D, &ctx->E, &H  ) );
+
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    MBEDTLS_MPI_CHK( mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D,
+                                             &ctx->DP, &ctx->DQ, &ctx->QP ) );
+#endif /* MBEDTLS_RSA_NO_CRT */
+
+    /* Double-check */
+    MBEDTLS_MPI_CHK( mbedtls_rsa_check_privkey( ctx ) );
+
+cleanup:
+
+    mbedtls_mpi_free( &H );
+    mbedtls_mpi_free( &G );
+
+    if( ret != 0 )
+    {
+        mbedtls_rsa_free( ctx );
+        return( MBEDTLS_ERR_RSA_KEY_GEN_FAILED + ret );
+    }
+
+    return( 0 );
+}
+
+#endif /* MBEDTLS_GENPRIME */
+
+/*
+ * Check a public RSA key
+ */
+int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx )
+{
+    if( rsa_check_context( ctx, 0 /* public */, 0 /* no blinding */ ) != 0 )
+        return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
+
+    if( mbedtls_mpi_bitlen( &ctx->N ) < 128 )
+    {
+        return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
+    }
+
+    if( mbedtls_mpi_get_bit( &ctx->E, 0 ) == 0 ||
+        mbedtls_mpi_bitlen( &ctx->E )     < 2  ||
+        mbedtls_mpi_cmp_mpi( &ctx->E, &ctx->N ) >= 0 )
+    {
+        return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
+    }
+
+    return( 0 );
+}
+
+/*
+ * Check for the consistency of all fields in an RSA private key context
+ */
+int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx )
+{
+    if( mbedtls_rsa_check_pubkey( ctx ) != 0 ||
+        rsa_check_context( ctx, 1 /* private */, 1 /* blinding */ ) != 0 )
+    {
+        return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
+    }
+
+    if( mbedtls_rsa_validate_params( &ctx->N, &ctx->P, &ctx->Q,
+                                     &ctx->D, &ctx->E, NULL, NULL ) != 0 )
+    {
+        return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
+    }
+
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    else if( mbedtls_rsa_validate_crt( &ctx->P, &ctx->Q, &ctx->D,
+                                       &ctx->DP, &ctx->DQ, &ctx->QP ) != 0 )
+    {
+        return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
+    }
+#endif
+
+    return( 0 );
+}
+
+/*
+ * Check if contexts holding a public and private key match
+ */
+int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub,
+                                const mbedtls_rsa_context *prv )
+{
+    if( mbedtls_rsa_check_pubkey( pub )  != 0 ||
+        mbedtls_rsa_check_privkey( prv ) != 0 )
+    {
+        return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
+    }
+
+    if( mbedtls_mpi_cmp_mpi( &pub->N, &prv->N ) != 0 ||
+        mbedtls_mpi_cmp_mpi( &pub->E, &prv->E ) != 0 )
+    {
+        return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
+    }
+
+    return( 0 );
+}
+
+/*
+ * Do an RSA public key operation
+ */
+int mbedtls_rsa_public( mbedtls_rsa_context *ctx,
+                const unsigned char *input,
+                unsigned char *output )
+{
+    int ret;
+    size_t olen;
+    mbedtls_mpi T;
+
+    if( rsa_check_context( ctx, 0 /* public */, 0 /* no blinding */ ) )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    mbedtls_mpi_init( &T );
+
+#if defined(MBEDTLS_THREADING_C)
+    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
+        return( ret );
+#endif
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &T, input, ctx->len ) );
+
+    if( mbedtls_mpi_cmp_mpi( &T, &ctx->N ) >= 0 )
+    {
+        ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    olen = ctx->len;
+    MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &T, &T, &ctx->E, &ctx->N, &ctx->RN ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &T, output, olen ) );
+
+cleanup:
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
+        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
+#endif
+
+    mbedtls_mpi_free( &T );
+
+    if( ret != 0 )
+        return( MBEDTLS_ERR_RSA_PUBLIC_FAILED + ret );
+
+    return( 0 );
+}
+
+/*
+ * Generate or update blinding values, see section 10 of:
+ *  KOCHER, Paul C. Timing attacks on implementations of Diffie-Hellman, RSA,
+ *  DSS, and other systems. In : Advances in Cryptology-CRYPTO'96. Springer
+ *  Berlin Heidelberg, 1996. p. 104-113.
+ */
+static int rsa_prepare_blinding( mbedtls_rsa_context *ctx,
+                 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+    int ret, count = 0;
+
+    if( ctx->Vf.p != NULL )
+    {
+        /* We already have blinding values, just update them by squaring */
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &ctx->Vi ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->N ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &ctx->Vf ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->N ) );
+
+        goto cleanup;
+    }
+
+    /* Unblinding value: Vf = random number, invertible mod N */
+    do {
+        if( count++ > 10 )
+            return( MBEDTLS_ERR_RSA_RNG_FAILED );
+
+        MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &ctx->Vf, ctx->len - 1, f_rng, p_rng ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &ctx->Vi, &ctx->Vf, &ctx->N ) );
+    } while( mbedtls_mpi_cmp_int( &ctx->Vi, 1 ) != 0 );
+
+    /* Blinding value: Vi =  Vf^(-e) mod N */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &ctx->Vi, &ctx->Vf, &ctx->N ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->Vi, &ctx->Vi, &ctx->E, &ctx->N, &ctx->RN ) );
+
+
+cleanup:
+    return( ret );
+}
+
+/*
+ * Exponent blinding supposed to prevent side-channel attacks using multiple
+ * traces of measurements to recover the RSA key. The more collisions are there,
+ * the more bits of the key can be recovered. See [3].
+ *
+ * Collecting n collisions with m bit long blinding value requires 2^(m-m/n)
+ * observations on avarage.
+ *
+ * For example with 28 byte blinding to achieve 2 collisions the adversary has
+ * to make 2^112 observations on avarage.
+ *
+ * (With the currently (as of 2017 April) known best algorithms breaking 2048
+ * bit RSA requires approximately as much time as trying out 2^112 random keys.
+ * Thus in this sense with 28 byte blinding the security is not reduced by
+ * side-channel attacks like the one in [3])
+ *
+ * This countermeasure does not help if the key recovery is possible with a
+ * single trace.
+ */
+#define RSA_EXPONENT_BLINDING 28
+
+/*
+ * Do an RSA private key operation
+ */
+int mbedtls_rsa_private( mbedtls_rsa_context *ctx,
+                 int (*f_rng)(void *, unsigned char *, size_t),
+                 void *p_rng,
+                 const unsigned char *input,
+                 unsigned char *output )
+{
+    int ret;
+    size_t olen;
+    mbedtls_mpi T, T1, T2;
+    mbedtls_mpi P1, Q1, R;
+#if defined(MBEDTLS_RSA_NO_CRT)
+    mbedtls_mpi D_blind;
+    mbedtls_mpi *D = &ctx->D;
+#else
+    mbedtls_mpi DP_blind, DQ_blind;
+    mbedtls_mpi *DP = &ctx->DP;
+    mbedtls_mpi *DQ = &ctx->DQ;
+#endif
+
+    if( rsa_check_context( ctx, 1             /* private key checks */,
+                                f_rng != NULL /* blinding y/n       */ ) != 0 )
+    {
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+    }
+
+    mbedtls_mpi_init( &T ); mbedtls_mpi_init( &T1 ); mbedtls_mpi_init( &T2 );
+    mbedtls_mpi_init( &P1 ); mbedtls_mpi_init( &Q1 ); mbedtls_mpi_init( &R );
+
+    if( f_rng != NULL )
+    {
+#if defined(MBEDTLS_RSA_NO_CRT)
+        mbedtls_mpi_init( &D_blind );
+#else
+        mbedtls_mpi_init( &DP_blind );
+        mbedtls_mpi_init( &DQ_blind );
+#endif
+    }
+
+
+#if defined(MBEDTLS_THREADING_C)
+    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
+        return( ret );
+#endif
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &T, input, ctx->len ) );
+    if( mbedtls_mpi_cmp_mpi( &T, &ctx->N ) >= 0 )
+    {
+        ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    if( f_rng != NULL )
+    {
+        /*
+         * Blinding
+         * T = T * Vi mod N
+         */
+        MBEDTLS_MPI_CHK( rsa_prepare_blinding( ctx, f_rng, p_rng ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, &ctx->Vi ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) );
+
+        /*
+         * Exponent blinding
+         */
+        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &P1, &ctx->P, 1 ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &Q1, &ctx->Q, 1 ) );
+
+#if defined(MBEDTLS_RSA_NO_CRT)
+        /*
+         * D_blind = ( P - 1 ) * ( Q - 1 ) * R + D
+         */
+        MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING,
+                         f_rng, p_rng ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &D_blind, &P1, &Q1 ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &D_blind, &D_blind, &R ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &D_blind, &D_blind, &ctx->D ) );
+
+        D = &D_blind;
+#else
+        /*
+         * DP_blind = ( P - 1 ) * R + DP
+         */
+        MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING,
+                         f_rng, p_rng ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DP_blind, &P1, &R ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &DP_blind, &DP_blind,
+                    &ctx->DP ) );
+
+        DP = &DP_blind;
+
+        /*
+         * DQ_blind = ( Q - 1 ) * R + DQ
+         */
+        MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING,
+                         f_rng, p_rng ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DQ_blind, &Q1, &R ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &DQ_blind, &DQ_blind,
+                    &ctx->DQ ) );
+
+        DQ = &DQ_blind;
+#endif /* MBEDTLS_RSA_NO_CRT */
+    }
+
+#if defined(MBEDTLS_RSA_NO_CRT)
+    MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &T, &T, D, &ctx->N, &ctx->RN ) );
+#else
+    /*
+     * Faster decryption using the CRT
+     *
+     * T1 = input ^ dP mod P
+     * T2 = input ^ dQ mod Q
+     */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &T1, &T, DP, &ctx->P, &ctx->RP ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &T2, &T, DQ, &ctx->Q, &ctx->RQ ) );
+
+    /*
+     * T = (T1 - T2) * (Q^-1 mod P) mod P
+     */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &T, &T1, &T2 ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T1, &T, &ctx->QP ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T1, &ctx->P ) );
+
+    /*
+     * T = T2 + T * Q
+     */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T1, &T, &ctx->Q ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &T, &T2, &T1 ) );
+#endif /* MBEDTLS_RSA_NO_CRT */
+
+    if( f_rng != NULL )
+    {
+        /*
+         * Unblind
+         * T = T * Vf mod N
+         */
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, &ctx->Vf ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) );
+    }
+
+    olen = ctx->len;
+    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &T, output, olen ) );
+
+cleanup:
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
+        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
+#endif
+
+    mbedtls_mpi_free( &T ); mbedtls_mpi_free( &T1 ); mbedtls_mpi_free( &T2 );
+    mbedtls_mpi_free( &P1 ); mbedtls_mpi_free( &Q1 ); mbedtls_mpi_free( &R );
+
+    if( f_rng != NULL )
+    {
+#if defined(MBEDTLS_RSA_NO_CRT)
+        mbedtls_mpi_free( &D_blind );
+#else
+        mbedtls_mpi_free( &DP_blind );
+        mbedtls_mpi_free( &DQ_blind );
+#endif
+    }
+
+    if( ret != 0 )
+        return( MBEDTLS_ERR_RSA_PRIVATE_FAILED + ret );
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_PKCS1_V21)
+/**
+ * Generate and apply the MGF1 operation (from PKCS#1 v2.1) to a buffer.
+ *
+ * \param dst       buffer to mask
+ * \param dlen      length of destination buffer
+ * \param src       source of the mask generation
+ * \param slen      length of the source buffer
+ * \param md_ctx    message digest context to use
+ */
+static int mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src,
+                      size_t slen, mbedtls_md_context_t *md_ctx )
+{
+    unsigned char mask[MBEDTLS_MD_MAX_SIZE];
+    unsigned char counter[4];
+    unsigned char *p;
+    unsigned int hlen;
+    size_t i, use_len;
+    int ret = 0;
+
+    memset( mask, 0, MBEDTLS_MD_MAX_SIZE );
+    memset( counter, 0, 4 );
+
+    hlen = mbedtls_md_get_size( md_ctx->md_info );
+
+    /* Generate and apply dbMask */
+    p = dst;
+
+    while( dlen > 0 )
+    {
+        use_len = hlen;
+        if( dlen < hlen )
+            use_len = dlen;
+
+        if( ( ret = mbedtls_md_starts( md_ctx ) ) != 0 )
+            goto exit;
+        if( ( ret = mbedtls_md_update( md_ctx, src, slen ) ) != 0 )
+            goto exit;
+        if( ( ret = mbedtls_md_update( md_ctx, counter, 4 ) ) != 0 )
+            goto exit;
+        if( ( ret = mbedtls_md_finish( md_ctx, mask ) ) != 0 )
+            goto exit;
+
+        for( i = 0; i < use_len; ++i )
+            *p++ ^= mask[i];
+
+        counter[3]++;
+
+        dlen -= use_len;
+    }
+
+exit:
+    mbedtls_zeroize( mask, sizeof( mask ) );
+
+    return( ret );
+}
+#endif /* MBEDTLS_PKCS1_V21 */
+
+#if defined(MBEDTLS_PKCS1_V21)
+/*
+ * Implementation of the PKCS#1 v2.1 RSAES-OAEP-ENCRYPT function
+ */
+int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng,
+                            int mode,
+                            const unsigned char *label, size_t label_len,
+                            size_t ilen,
+                            const unsigned char *input,
+                            unsigned char *output )
+{
+    size_t olen;
+    int ret;
+    unsigned char *p = output;
+    unsigned int hlen;
+    const mbedtls_md_info_t *md_info;
+    mbedtls_md_context_t md_ctx;
+
+    if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    if( f_rng == NULL )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id );
+    if( md_info == NULL )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    olen = ctx->len;
+    hlen = mbedtls_md_get_size( md_info );
+
+    /* first comparison checks for overflow */
+    if( ilen + 2 * hlen + 2 < ilen || olen < ilen + 2 * hlen + 2 )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    memset( output, 0, olen );
+
+    *p++ = 0;
+
+    /* Generate a random octet string seed */
+    if( ( ret = f_rng( p_rng, p, hlen ) ) != 0 )
+        return( MBEDTLS_ERR_RSA_RNG_FAILED + ret );
+
+    p += hlen;
+
+    /* Construct DB */
+    if( ( ret = mbedtls_md( md_info, label, label_len, p ) ) != 0 )
+        return( ret );
+    p += hlen;
+    p += olen - 2 * hlen - 2 - ilen;
+    *p++ = 1;
+    memcpy( p, input, ilen );
+
+    mbedtls_md_init( &md_ctx );
+    if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
+        goto exit;
+
+    /* maskedDB: Apply dbMask to DB */
+    if( ( ret = mgf_mask( output + hlen + 1, olen - hlen - 1, output + 1, hlen,
+                          &md_ctx ) ) != 0 )
+        goto exit;
+
+    /* maskedSeed: Apply seedMask to seed */
+    if( ( ret = mgf_mask( output + 1, hlen, output + hlen + 1, olen - hlen - 1,
+                          &md_ctx ) ) != 0 )
+        goto exit;
+
+exit:
+    mbedtls_md_free( &md_ctx );
+
+    if( ret != 0 )
+        return( ret );
+
+    return( ( mode == MBEDTLS_RSA_PUBLIC )
+            ? mbedtls_rsa_public(  ctx, output, output )
+            : mbedtls_rsa_private( ctx, f_rng, p_rng, output, output ) );
+}
+#endif /* MBEDTLS_PKCS1_V21 */
+
+#if defined(MBEDTLS_PKCS1_V15)
+/*
+ * Implementation of the PKCS#1 v2.1 RSAES-PKCS1-V1_5-ENCRYPT function
+ */
+int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
+                                 int (*f_rng)(void *, unsigned char *, size_t),
+                                 void *p_rng,
+                                 int mode, size_t ilen,
+                                 const unsigned char *input,
+                                 unsigned char *output )
+{
+    size_t nb_pad, olen;
+    int ret;
+    unsigned char *p = output;
+
+    if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    // We don't check p_rng because it won't be dereferenced here
+    if( f_rng == NULL || input == NULL || output == NULL )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    olen = ctx->len;
+
+    /* first comparison checks for overflow */
+    if( ilen + 11 < ilen || olen < ilen + 11 )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    nb_pad = olen - 3 - ilen;
+
+    *p++ = 0;
+    if( mode == MBEDTLS_RSA_PUBLIC )
+    {
+        *p++ = MBEDTLS_RSA_CRYPT;
+
+        while( nb_pad-- > 0 )
+        {
+            int rng_dl = 100;
+
+            do {
+                ret = f_rng( p_rng, p, 1 );
+            } while( *p == 0 && --rng_dl && ret == 0 );
+
+            /* Check if RNG failed to generate data */
+            if( rng_dl == 0 || ret != 0 )
+                return( MBEDTLS_ERR_RSA_RNG_FAILED + ret );
+
+            p++;
+        }
+    }
+    else
+    {
+        *p++ = MBEDTLS_RSA_SIGN;
+
+        while( nb_pad-- > 0 )
+            *p++ = 0xFF;
+    }
+
+    *p++ = 0;
+    memcpy( p, input, ilen );
+
+    return( ( mode == MBEDTLS_RSA_PUBLIC )
+            ? mbedtls_rsa_public(  ctx, output, output )
+            : mbedtls_rsa_private( ctx, f_rng, p_rng, output, output ) );
+}
+#endif /* MBEDTLS_PKCS1_V15 */
+
+/*
+ * Add the message padding, then do an RSA operation
+ */
+int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
+                       int (*f_rng)(void *, unsigned char *, size_t),
+                       void *p_rng,
+                       int mode, size_t ilen,
+                       const unsigned char *input,
+                       unsigned char *output )
+{
+    switch( ctx->padding )
+    {
+#if defined(MBEDTLS_PKCS1_V15)
+        case MBEDTLS_RSA_PKCS_V15:
+            return mbedtls_rsa_rsaes_pkcs1_v15_encrypt( ctx, f_rng, p_rng, mode, ilen,
+                                                input, output );
+#endif
+
+#if defined(MBEDTLS_PKCS1_V21)
+        case MBEDTLS_RSA_PKCS_V21:
+            return mbedtls_rsa_rsaes_oaep_encrypt( ctx, f_rng, p_rng, mode, NULL, 0,
+                                           ilen, input, output );
+#endif
+
+        default:
+            return( MBEDTLS_ERR_RSA_INVALID_PADDING );
+    }
+}
+
+#if defined(MBEDTLS_PKCS1_V21)
+/*
+ * Implementation of the PKCS#1 v2.1 RSAES-OAEP-DECRYPT function
+ */
+int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
+                            int (*f_rng)(void *, unsigned char *, size_t),
+                            void *p_rng,
+                            int mode,
+                            const unsigned char *label, size_t label_len,
+                            size_t *olen,
+                            const unsigned char *input,
+                            unsigned char *output,
+                            size_t output_max_len )
+{
+    int ret;
+    size_t ilen, i, pad_len;
+    unsigned char *p, bad, pad_done;
+    unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
+    unsigned char lhash[MBEDTLS_MD_MAX_SIZE];
+    unsigned int hlen;
+    const mbedtls_md_info_t *md_info;
+    mbedtls_md_context_t md_ctx;
+
+    /*
+     * Parameters sanity checks
+     */
+    if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    ilen = ctx->len;
+
+    if( ilen < 16 || ilen > sizeof( buf ) )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id );
+    if( md_info == NULL )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    hlen = mbedtls_md_get_size( md_info );
+
+    // checking for integer underflow
+    if( 2 * hlen + 2 > ilen )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    /*
+     * RSA operation
+     */
+    ret = ( mode == MBEDTLS_RSA_PUBLIC )
+          ? mbedtls_rsa_public(  ctx, input, buf )
+          : mbedtls_rsa_private( ctx, f_rng, p_rng, input, buf );
+
+    if( ret != 0 )
+        goto cleanup;
+
+    /*
+     * Unmask data and generate lHash
+     */
+    mbedtls_md_init( &md_ctx );
+    if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
+    {
+        mbedtls_md_free( &md_ctx );
+        goto cleanup;
+    }
+
+    /* seed: Apply seedMask to maskedSeed */
+    if( ( ret = mgf_mask( buf + 1, hlen, buf + hlen + 1, ilen - hlen - 1,
+                          &md_ctx ) ) != 0 ||
+    /* DB: Apply dbMask to maskedDB */
+        ( ret = mgf_mask( buf + hlen + 1, ilen - hlen - 1, buf + 1, hlen,
+                          &md_ctx ) ) != 0 )
+    {
+        mbedtls_md_free( &md_ctx );
+        goto cleanup;
+    }
+
+    mbedtls_md_free( &md_ctx );
+
+    /* Generate lHash */
+    if( ( ret = mbedtls_md( md_info, label, label_len, lhash ) ) != 0 )
+        goto cleanup;
+
+    /*
+     * Check contents, in "constant-time"
+     */
+    p = buf;
+    bad = 0;
+
+    bad |= *p++; /* First byte must be 0 */
+
+    p += hlen; /* Skip seed */
+
+    /* Check lHash */
+    for( i = 0; i < hlen; i++ )
+        bad |= lhash[i] ^ *p++;
+
+    /* Get zero-padding len, but always read till end of buffer
+     * (minus one, for the 01 byte) */
+    pad_len = 0;
+    pad_done = 0;
+    for( i = 0; i < ilen - 2 * hlen - 2; i++ )
+    {
+        pad_done |= p[i];
+        pad_len += ((pad_done | (unsigned char)-pad_done) >> 7) ^ 1;
+    }
+
+    p += pad_len;
+    bad |= *p++ ^ 0x01;
+
+    /*
+     * The only information "leaked" is whether the padding was correct or not
+     * (eg, no data is copied if it was not correct). This meets the
+     * recommendations in PKCS#1 v2.2: an opponent cannot distinguish between
+     * the different error conditions.
+     */
+    if( bad != 0 )
+    {
+        ret = MBEDTLS_ERR_RSA_INVALID_PADDING;
+        goto cleanup;
+    }
+
+    if( ilen - ( p - buf ) > output_max_len )
+    {
+        ret = MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE;
+        goto cleanup;
+    }
+
+    *olen = ilen - (p - buf);
+    memcpy( output, p, *olen );
+    ret = 0;
+
+cleanup:
+    mbedtls_zeroize( buf, sizeof( buf ) );
+    mbedtls_zeroize( lhash, sizeof( lhash ) );
+
+    return( ret );
+}
+#endif /* MBEDTLS_PKCS1_V21 */
+
+#if defined(MBEDTLS_PKCS1_V15)
+/*
+ * Implementation of the PKCS#1 v2.1 RSAES-PKCS1-V1_5-DECRYPT function
+ */
+int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx,
+                                 int (*f_rng)(void *, unsigned char *, size_t),
+                                 void *p_rng,
+                                 int mode, size_t *olen,
+                                 const unsigned char *input,
+                                 unsigned char *output,
+                                 size_t output_max_len)
+{
+    int ret;
+    size_t ilen, pad_count = 0, i;
+    unsigned char *p, bad, pad_done = 0;
+    unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
+
+    if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    ilen = ctx->len;
+
+    if( ilen < 16 || ilen > sizeof( buf ) )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    ret = ( mode == MBEDTLS_RSA_PUBLIC )
+          ? mbedtls_rsa_public(  ctx, input, buf )
+          : mbedtls_rsa_private( ctx, f_rng, p_rng, input, buf );
+
+    if( ret != 0 )
+        goto cleanup;
+
+    p = buf;
+    bad = 0;
+
+    /*
+     * Check and get padding len in "constant-time"
+     */
+    bad |= *p++; /* First byte must be 0 */
+
+    /* This test does not depend on secret data */
+    if( mode == MBEDTLS_RSA_PRIVATE )
+    {
+        bad |= *p++ ^ MBEDTLS_RSA_CRYPT;
+
+        /* Get padding len, but always read till end of buffer
+         * (minus one, for the 00 byte) */
+        for( i = 0; i < ilen - 3; i++ )
+        {
+            pad_done  |= ((p[i] | (unsigned char)-p[i]) >> 7) ^ 1;
+            pad_count += ((pad_done | (unsigned char)-pad_done) >> 7) ^ 1;
+        }
+
+        p += pad_count;
+        bad |= *p++; /* Must be zero */
+    }
+    else
+    {
+        bad |= *p++ ^ MBEDTLS_RSA_SIGN;
+
+        /* Get padding len, but always read till end of buffer
+         * (minus one, for the 00 byte) */
+        for( i = 0; i < ilen - 3; i++ )
+        {
+            pad_done |= ( p[i] != 0xFF );
+            pad_count += ( pad_done == 0 );
+        }
+
+        p += pad_count;
+        bad |= *p++; /* Must be zero */
+    }
+
+    bad |= ( pad_count < 8 );
+
+    if( bad )
+    {
+        ret = MBEDTLS_ERR_RSA_INVALID_PADDING;
+        goto cleanup;
+    }
+
+    if( ilen - ( p - buf ) > output_max_len )
+    {
+        ret = MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE;
+        goto cleanup;
+    }
+
+    *olen = ilen - (p - buf);
+    memcpy( output, p, *olen );
+    ret = 0;
+
+cleanup:
+    mbedtls_zeroize( buf, sizeof( buf ) );
+
+    return( ret );
+}
+#endif /* MBEDTLS_PKCS1_V15 */
+
+/*
+ * Do an RSA operation, then remove the message padding
+ */
+int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx,
+                       int (*f_rng)(void *, unsigned char *, size_t),
+                       void *p_rng,
+                       int mode, size_t *olen,
+                       const unsigned char *input,
+                       unsigned char *output,
+                       size_t output_max_len)
+{
+    switch( ctx->padding )
+    {
+#if defined(MBEDTLS_PKCS1_V15)
+        case MBEDTLS_RSA_PKCS_V15:
+            return mbedtls_rsa_rsaes_pkcs1_v15_decrypt( ctx, f_rng, p_rng, mode, olen,
+                                                input, output, output_max_len );
+#endif
+
+#if defined(MBEDTLS_PKCS1_V21)
+        case MBEDTLS_RSA_PKCS_V21:
+            return mbedtls_rsa_rsaes_oaep_decrypt( ctx, f_rng, p_rng, mode, NULL, 0,
+                                           olen, input, output,
+                                           output_max_len );
+#endif
+
+        default:
+            return( MBEDTLS_ERR_RSA_INVALID_PADDING );
+    }
+}
+
+#if defined(MBEDTLS_PKCS1_V21)
+/*
+ * Implementation of the PKCS#1 v2.1 RSASSA-PSS-SIGN function
+ */
+int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
+                         int (*f_rng)(void *, unsigned char *, size_t),
+                         void *p_rng,
+                         int mode,
+                         mbedtls_md_type_t md_alg,
+                         unsigned int hashlen,
+                         const unsigned char *hash,
+                         unsigned char *sig )
+{
+    size_t olen;
+    unsigned char *p = sig;
+    unsigned char salt[MBEDTLS_MD_MAX_SIZE];
+    unsigned int slen, hlen, offset = 0;
+    int ret;
+    size_t msb;
+    const mbedtls_md_info_t *md_info;
+    mbedtls_md_context_t md_ctx;
+
+    if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    if( f_rng == NULL )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    olen = ctx->len;
+
+    if( md_alg != MBEDTLS_MD_NONE )
+    {
+        /* Gather length of hash to sign */
+        md_info = mbedtls_md_info_from_type( md_alg );
+        if( md_info == NULL )
+            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+        hashlen = mbedtls_md_get_size( md_info );
+    }
+
+    md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id );
+    if( md_info == NULL )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    hlen = mbedtls_md_get_size( md_info );
+    slen = hlen;
+
+    if( olen < hlen + slen + 2 )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    memset( sig, 0, olen );
+
+    /* Generate salt of length slen */
+    if( ( ret = f_rng( p_rng, salt, slen ) ) != 0 )
+        return( MBEDTLS_ERR_RSA_RNG_FAILED + ret );
+
+    /* Note: EMSA-PSS encoding is over the length of N - 1 bits */
+    msb = mbedtls_mpi_bitlen( &ctx->N ) - 1;
+    p += olen - hlen * 2 - 2;
+    *p++ = 0x01;
+    memcpy( p, salt, slen );
+    p += slen;
+
+    mbedtls_md_init( &md_ctx );
+    if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
+        goto exit;
+
+    /* Generate H = Hash( M' ) */
+    if( ( ret = mbedtls_md_starts( &md_ctx ) ) != 0 )
+        goto exit;
+    if( ( ret = mbedtls_md_update( &md_ctx, p, 8 ) ) != 0 )
+        goto exit;
+    if( ( ret = mbedtls_md_update( &md_ctx, hash, hashlen ) ) != 0 )
+        goto exit;
+    if( ( ret = mbedtls_md_update( &md_ctx, salt, slen ) ) != 0 )
+        goto exit;
+    if( ( ret = mbedtls_md_finish( &md_ctx, p ) ) != 0 )
+        goto exit;
+
+    /* Compensate for boundary condition when applying mask */
+    if( msb % 8 == 0 )
+        offset = 1;
+
+    /* maskedDB: Apply dbMask to DB */
+    if( ( ret = mgf_mask( sig + offset, olen - hlen - 1 - offset, p, hlen,
+                          &md_ctx ) ) != 0 )
+        goto exit;
+
+    msb = mbedtls_mpi_bitlen( &ctx->N ) - 1;
+    sig[0] &= 0xFF >> ( olen * 8 - msb );
+
+    p += hlen;
+    *p++ = 0xBC;
+
+    mbedtls_zeroize( salt, sizeof( salt ) );
+
+exit:
+    mbedtls_md_free( &md_ctx );
+
+    if( ret != 0 )
+        return( ret );
+
+    return( ( mode == MBEDTLS_RSA_PUBLIC )
+            ? mbedtls_rsa_public(  ctx, sig, sig )
+            : mbedtls_rsa_private( ctx, f_rng, p_rng, sig, sig ) );
+}
+#endif /* MBEDTLS_PKCS1_V21 */
+
+#if defined(MBEDTLS_PKCS1_V15)
+/*
+ * Implementation of the PKCS#1 v2.1 RSASSA-PKCS1-V1_5-SIGN function
+ */
+
+/* Construct a PKCS v1.5 encoding of a hashed message
+ *
+ * This is used both for signature generation and verification.
+ *
+ * Parameters:
+ * - md_alg:  Identifies the hash algorithm used to generate the given hash;
+ *            MBEDTLS_MD_NONE if raw data is signed.
+ * - hashlen: Length of hash in case hashlen is MBEDTLS_MD_NONE.
+ * - hash:    Buffer containing the hashed message or the raw data.
+ * - dst_len: Length of the encoded message.
+ * - dst:     Buffer to hold the encoded message.
+ *
+ * Assumptions:
+ * - hash has size hashlen if md_alg == MBEDTLS_MD_NONE.
+ * - hash has size corresponding to md_alg if md_alg != MBEDTLS_MD_NONE.
+ * - dst points to a buffer of size at least dst_len.
+ *
+ */
+static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg,
+                                        unsigned int hashlen,
+                                        const unsigned char *hash,
+                                        size_t dst_len,
+                                        unsigned char *dst )
+{
+    size_t oid_size  = 0;
+    size_t nb_pad    = dst_len;
+    unsigned char *p = dst;
+    const char *oid  = NULL;
+
+    /* Are we signing hashed or raw data? */
+    if( md_alg != MBEDTLS_MD_NONE )
+    {
+        const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg );
+        if( md_info == NULL )
+            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+        if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 )
+            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+        hashlen = mbedtls_md_get_size( md_info );
+
+        /* Double-check that 8 + hashlen + oid_size can be used as a
+         * 1-byte ASN.1 length encoding and that there's no overflow. */
+        if( 8 + hashlen + oid_size  >= 0x80         ||
+            10 + hashlen            <  hashlen      ||
+            10 + hashlen + oid_size <  10 + hashlen )
+            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+        /*
+         * Static bounds check:
+         * - Need 10 bytes for five tag-length pairs.
+         *   (Insist on 1-byte length encodings to protect against variants of
+         *    Bleichenbacher's forgery attack against lax PKCS#1v1.5 verification)
+         * - Need hashlen bytes for hash
+         * - Need oid_size bytes for hash alg OID.
+         */
+        if( nb_pad < 10 + hashlen + oid_size )
+            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+        nb_pad -= 10 + hashlen + oid_size;
+    }
+    else
+    {
+        if( nb_pad < hashlen )
+            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+        nb_pad -= hashlen;
+    }
+
+    /* Need space for signature header and padding delimiter (3 bytes),
+     * and 8 bytes for the minimal padding */
+    if( nb_pad < 3 + 8 )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+    nb_pad -= 3;
+
+    /* Now nb_pad is the amount of memory to be filled
+     * with padding, and at least 8 bytes long. */
+
+    /* Write signature header and padding */
+    *p++ = 0;
+    *p++ = MBEDTLS_RSA_SIGN;
+    memset( p, 0xFF, nb_pad );
+    p += nb_pad;
+    *p++ = 0;
+
+    /* Are we signing raw data? */
+    if( md_alg == MBEDTLS_MD_NONE )
+    {
+        memcpy( p, hash, hashlen );
+        return( 0 );
+    }
+
+    /* Signing hashed data, add corresponding ASN.1 structure
+     *
+     * DigestInfo ::= SEQUENCE {
+     *   digestAlgorithm DigestAlgorithmIdentifier,
+     *   digest Digest }
+     * DigestAlgorithmIdentifier ::= AlgorithmIdentifier
+     * Digest ::= OCTET STRING
+     *
+     * Schematic:
+     * TAG-SEQ + LEN [ TAG-SEQ + LEN [ TAG-OID  + LEN [ OID  ]
+     *                                 TAG-NULL + LEN [ NULL ] ]
+     *                 TAG-OCTET + LEN [ HASH ] ]
+     */
+    *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED;
+    *p++ = (unsigned char)( 0x08 + oid_size + hashlen );
+    *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED;
+    *p++ = (unsigned char)( 0x04 + oid_size );
+    *p++ = MBEDTLS_ASN1_OID;
+    *p++ = (unsigned char) oid_size;
+    memcpy( p, oid, oid_size );
+    p += oid_size;
+    *p++ = MBEDTLS_ASN1_NULL;
+    *p++ = 0x00;
+    *p++ = MBEDTLS_ASN1_OCTET_STRING;
+    *p++ = (unsigned char) hashlen;
+    memcpy( p, hash, hashlen );
+    p += hashlen;
+
+    /* Just a sanity-check, should be automatic
+     * after the initial bounds check. */
+    if( p != dst + dst_len )
+    {
+        mbedtls_zeroize( dst, dst_len );
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+    }
+
+    return( 0 );
+}
+
+/*
+ * Do an RSA operation to sign the message digest
+ */
+int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
+                               int (*f_rng)(void *, unsigned char *, size_t),
+                               void *p_rng,
+                               int mode,
+                               mbedtls_md_type_t md_alg,
+                               unsigned int hashlen,
+                               const unsigned char *hash,
+                               unsigned char *sig )
+{
+    int ret;
+    unsigned char *sig_try = NULL, *verif = NULL;
+
+    if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    /*
+     * Prepare PKCS1-v1.5 encoding (padding and hash identifier)
+     */
+
+    if( ( ret = rsa_rsassa_pkcs1_v15_encode( md_alg, hashlen, hash,
+                                             ctx->len, sig ) ) != 0 )
+        return( ret );
+
+    /*
+     * Call respective RSA primitive
+     */
+
+    if( mode == MBEDTLS_RSA_PUBLIC )
+    {
+        /* Skip verification on a public key operation */
+        return( mbedtls_rsa_public( ctx, sig, sig ) );
+    }
+
+    /* Private key operation
+     *
+     * In order to prevent Lenstra's attack, make the signature in a
+     * temporary buffer and check it before returning it.
+     */
+
+    sig_try = mbedtls_calloc( 1, ctx->len );
+    if( sig_try == NULL )
+        return( MBEDTLS_ERR_MPI_ALLOC_FAILED );
+
+    verif = mbedtls_calloc( 1, ctx->len );
+    if( verif == NULL )
+    {
+        mbedtls_free( sig_try );
+        return( MBEDTLS_ERR_MPI_ALLOC_FAILED );
+    }
+
+    MBEDTLS_MPI_CHK( mbedtls_rsa_private( ctx, f_rng, p_rng, sig, sig_try ) );
+    MBEDTLS_MPI_CHK( mbedtls_rsa_public( ctx, sig_try, verif ) );
+
+    if( mbedtls_safer_memcmp( verif, sig, ctx->len ) != 0 )
+    {
+        ret = MBEDTLS_ERR_RSA_PRIVATE_FAILED;
+        goto cleanup;
+    }
+
+    memcpy( sig, sig_try, ctx->len );
+
+cleanup:
+    mbedtls_free( sig_try );
+    mbedtls_free( verif );
+
+    return( ret );
+}
+#endif /* MBEDTLS_PKCS1_V15 */
+
+/*
+ * Do an RSA operation to sign the message digest
+ */
+int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
+                    int (*f_rng)(void *, unsigned char *, size_t),
+                    void *p_rng,
+                    int mode,
+                    mbedtls_md_type_t md_alg,
+                    unsigned int hashlen,
+                    const unsigned char *hash,
+                    unsigned char *sig )
+{
+    switch( ctx->padding )
+    {
+#if defined(MBEDTLS_PKCS1_V15)
+        case MBEDTLS_RSA_PKCS_V15:
+            return mbedtls_rsa_rsassa_pkcs1_v15_sign( ctx, f_rng, p_rng, mode, md_alg,
+                                              hashlen, hash, sig );
+#endif
+
+#if defined(MBEDTLS_PKCS1_V21)
+        case MBEDTLS_RSA_PKCS_V21:
+            return mbedtls_rsa_rsassa_pss_sign( ctx, f_rng, p_rng, mode, md_alg,
+                                        hashlen, hash, sig );
+#endif
+
+        default:
+            return( MBEDTLS_ERR_RSA_INVALID_PADDING );
+    }
+}
+
+#if defined(MBEDTLS_PKCS1_V21)
+/*
+ * Implementation of the PKCS#1 v2.1 RSASSA-PSS-VERIFY function
+ */
+int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
+                               int (*f_rng)(void *, unsigned char *, size_t),
+                               void *p_rng,
+                               int mode,
+                               mbedtls_md_type_t md_alg,
+                               unsigned int hashlen,
+                               const unsigned char *hash,
+                               mbedtls_md_type_t mgf1_hash_id,
+                               int expected_salt_len,
+                               const unsigned char *sig )
+{
+    int ret;
+    size_t siglen;
+    unsigned char *p;
+    unsigned char *hash_start;
+    unsigned char result[MBEDTLS_MD_MAX_SIZE];
+    unsigned char zeros[8];
+    unsigned int hlen;
+    size_t observed_salt_len, msb;
+    const mbedtls_md_info_t *md_info;
+    mbedtls_md_context_t md_ctx;
+    unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
+
+    if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    siglen = ctx->len;
+
+    if( siglen < 16 || siglen > sizeof( buf ) )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    ret = ( mode == MBEDTLS_RSA_PUBLIC )
+          ? mbedtls_rsa_public(  ctx, sig, buf )
+          : mbedtls_rsa_private( ctx, f_rng, p_rng, sig, buf );
+
+    if( ret != 0 )
+        return( ret );
+
+    p = buf;
+
+    if( buf[siglen - 1] != 0xBC )
+        return( MBEDTLS_ERR_RSA_INVALID_PADDING );
+
+    if( md_alg != MBEDTLS_MD_NONE )
+    {
+        /* Gather length of hash to sign */
+        md_info = mbedtls_md_info_from_type( md_alg );
+        if( md_info == NULL )
+            return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+        hashlen = mbedtls_md_get_size( md_info );
+    }
+
+    md_info = mbedtls_md_info_from_type( mgf1_hash_id );
+    if( md_info == NULL )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    hlen = mbedtls_md_get_size( md_info );
+
+    memset( zeros, 0, 8 );
+
+    /*
+     * Note: EMSA-PSS verification is over the length of N - 1 bits
+     */
+    msb = mbedtls_mpi_bitlen( &ctx->N ) - 1;
+
+    if( buf[0] >> ( 8 - siglen * 8 + msb ) )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    /* Compensate for boundary condition when applying mask */
+    if( msb % 8 == 0 )
+    {
+        p++;
+        siglen -= 1;
+    }
+
+    if( siglen < hlen + 2 )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+    hash_start = p + siglen - hlen - 1;
+
+    mbedtls_md_init( &md_ctx );
+    if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
+        goto exit;
+
+    ret = mgf_mask( p, siglen - hlen - 1, hash_start, hlen, &md_ctx );
+    if( ret != 0 )
+        goto exit;
+
+    buf[0] &= 0xFF >> ( siglen * 8 - msb );
+
+    while( p < hash_start - 1 && *p == 0 )
+        p++;
+
+    if( *p++ != 0x01 )
+    {
+        ret = MBEDTLS_ERR_RSA_INVALID_PADDING;
+        goto exit;
+    }
+
+    observed_salt_len = hash_start - p;
+
+    if( expected_salt_len != MBEDTLS_RSA_SALT_LEN_ANY &&
+        observed_salt_len != (size_t) expected_salt_len )
+    {
+        ret = MBEDTLS_ERR_RSA_INVALID_PADDING;
+        goto exit;
+    }
+
+    /*
+     * Generate H = Hash( M' )
+     */
+    ret = mbedtls_md_starts( &md_ctx );
+    if ( ret != 0 )
+        goto exit;
+    ret = mbedtls_md_update( &md_ctx, zeros, 8 );
+    if ( ret != 0 )
+        goto exit;
+    ret = mbedtls_md_update( &md_ctx, hash, hashlen );
+    if ( ret != 0 )
+        goto exit;
+    ret = mbedtls_md_update( &md_ctx, p, observed_salt_len );
+    if ( ret != 0 )
+        goto exit;
+    ret = mbedtls_md_finish( &md_ctx, result );
+    if ( ret != 0 )
+        goto exit;
+
+    if( memcmp( hash_start, result, hlen ) != 0 )
+    {
+        ret = MBEDTLS_ERR_RSA_VERIFY_FAILED;
+        goto exit;
+    }
+
+exit:
+    mbedtls_md_free( &md_ctx );
+
+    return( ret );
+}
+
+/*
+ * Simplified PKCS#1 v2.1 RSASSA-PSS-VERIFY function
+ */
+int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
+                           int (*f_rng)(void *, unsigned char *, size_t),
+                           void *p_rng,
+                           int mode,
+                           mbedtls_md_type_t md_alg,
+                           unsigned int hashlen,
+                           const unsigned char *hash,
+                           const unsigned char *sig )
+{
+    mbedtls_md_type_t mgf1_hash_id = ( ctx->hash_id != MBEDTLS_MD_NONE )
+                             ? (mbedtls_md_type_t) ctx->hash_id
+                             : md_alg;
+
+    return( mbedtls_rsa_rsassa_pss_verify_ext( ctx, f_rng, p_rng, mode,
+                                       md_alg, hashlen, hash,
+                                       mgf1_hash_id, MBEDTLS_RSA_SALT_LEN_ANY,
+                                       sig ) );
+
+}
+#endif /* MBEDTLS_PKCS1_V21 */
+
+#if defined(MBEDTLS_PKCS1_V15)
+/*
+ * Implementation of the PKCS#1 v2.1 RSASSA-PKCS1-v1_5-VERIFY function
+ */
+int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx,
+                                 int (*f_rng)(void *, unsigned char *, size_t),
+                                 void *p_rng,
+                                 int mode,
+                                 mbedtls_md_type_t md_alg,
+                                 unsigned int hashlen,
+                                 const unsigned char *hash,
+                                 const unsigned char *sig )
+{
+    int ret = 0;
+    const size_t sig_len = ctx->len;
+    unsigned char *encoded = NULL, *encoded_expected = NULL;
+
+    if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+    /*
+     * Prepare expected PKCS1 v1.5 encoding of hash.
+     */
+
+    if( ( encoded          = mbedtls_calloc( 1, sig_len ) ) == NULL ||
+        ( encoded_expected = mbedtls_calloc( 1, sig_len ) ) == NULL )
+    {
+        ret = MBEDTLS_ERR_MPI_ALLOC_FAILED;
+        goto cleanup;
+    }
+
+    if( ( ret = rsa_rsassa_pkcs1_v15_encode( md_alg, hashlen, hash, sig_len,
+                                             encoded_expected ) ) != 0 )
+        goto cleanup;
+
+    /*
+     * Apply RSA primitive to get what should be PKCS1 encoded hash.
+     */
+
+    ret = ( mode == MBEDTLS_RSA_PUBLIC )
+          ? mbedtls_rsa_public(  ctx, sig, encoded )
+          : mbedtls_rsa_private( ctx, f_rng, p_rng, sig, encoded );
+    if( ret != 0 )
+        goto cleanup;
+
+    /*
+     * Compare
+     */
+
+    if( ( ret = mbedtls_safer_memcmp( encoded, encoded_expected,
+                                      sig_len ) ) != 0 )
+    {
+        ret = MBEDTLS_ERR_RSA_VERIFY_FAILED;
+        goto cleanup;
+    }
+
+cleanup:
+
+    if( encoded != NULL )
+    {
+        mbedtls_zeroize( encoded, sig_len );
+        mbedtls_free( encoded );
+    }
+
+    if( encoded_expected != NULL )
+    {
+        mbedtls_zeroize( encoded_expected, sig_len );
+        mbedtls_free( encoded_expected );
+    }
+
+    return( ret );
+}
+#endif /* MBEDTLS_PKCS1_V15 */
+
+/*
+ * Do an RSA operation and check the message digest
+ */
+int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx,
+                      int (*f_rng)(void *, unsigned char *, size_t),
+                      void *p_rng,
+                      int mode,
+                      mbedtls_md_type_t md_alg,
+                      unsigned int hashlen,
+                      const unsigned char *hash,
+                      const unsigned char *sig )
+{
+    switch( ctx->padding )
+    {
+#if defined(MBEDTLS_PKCS1_V15)
+        case MBEDTLS_RSA_PKCS_V15:
+            return mbedtls_rsa_rsassa_pkcs1_v15_verify( ctx, f_rng, p_rng, mode, md_alg,
+                                                hashlen, hash, sig );
+#endif
+
+#if defined(MBEDTLS_PKCS1_V21)
+        case MBEDTLS_RSA_PKCS_V21:
+            return mbedtls_rsa_rsassa_pss_verify( ctx, f_rng, p_rng, mode, md_alg,
+                                          hashlen, hash, sig );
+#endif
+
+        default:
+            return( MBEDTLS_ERR_RSA_INVALID_PADDING );
+    }
+}
+
+/*
+ * Copy the components of an RSA key
+ */
+int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src )
+{
+    int ret;
+
+    dst->ver = src->ver;
+    dst->len = src->len;
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->N, &src->N ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->E, &src->E ) );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->D, &src->D ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->P, &src->P ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->Q, &src->Q ) );
+
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->DP, &src->DP ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->DQ, &src->DQ ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->QP, &src->QP ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->RP, &src->RP ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->RQ, &src->RQ ) );
+#endif
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->RN, &src->RN ) );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->Vi, &src->Vi ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &dst->Vf, &src->Vf ) );
+
+    dst->padding = src->padding;
+    dst->hash_id = src->hash_id;
+
+cleanup:
+    if( ret != 0 )
+        mbedtls_rsa_free( dst );
+
+    return( ret );
+}
+
+/*
+ * Free the components of an RSA key
+ */
+void mbedtls_rsa_free( mbedtls_rsa_context *ctx )
+{
+    mbedtls_mpi_free( &ctx->Vi ); mbedtls_mpi_free( &ctx->Vf );
+    mbedtls_mpi_free( &ctx->RN ); mbedtls_mpi_free( &ctx->D  );
+    mbedtls_mpi_free( &ctx->Q  ); mbedtls_mpi_free( &ctx->P  );
+    mbedtls_mpi_free( &ctx->E  ); mbedtls_mpi_free( &ctx->N  );
+
+#if !defined(MBEDTLS_RSA_NO_CRT)
+    mbedtls_mpi_free( &ctx->RQ ); mbedtls_mpi_free( &ctx->RP );
+    mbedtls_mpi_free( &ctx->QP ); mbedtls_mpi_free( &ctx->DQ );
+    mbedtls_mpi_free( &ctx->DP );
+#endif /* MBEDTLS_RSA_NO_CRT */
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_free( &ctx->mutex );
+#endif
+}
+
+#endif /* !MBEDTLS_RSA_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+#include "mbedtls/sha1.h"
+
+/*
+ * Example RSA-1024 keypair, for test purposes
+ */
+#define KEY_LEN 128
+
+#define RSA_N   "9292758453063D803DD603D5E777D788" \
+                "8ED1D5BF35786190FA2F23EBC0848AEA" \
+                "DDA92CA6C3D80B32C4D109BE0F36D6AE" \
+                "7130B9CED7ACDF54CFC7555AC14EEBAB" \
+                "93A89813FBF3C4F8066D2D800F7C38A8" \
+                "1AE31942917403FF4946B0A83D3D3E05" \
+                "EE57C6F5F5606FB5D4BC6CD34EE0801A" \
+                "5E94BB77B07507233A0BC7BAC8F90F79"
+
+#define RSA_E   "10001"
+
+#define RSA_D   "24BF6185468786FDD303083D25E64EFC" \
+                "66CA472BC44D253102F8B4A9D3BFA750" \
+                "91386C0077937FE33FA3252D28855837" \
+                "AE1B484A8A9A45F7EE8C0C634F99E8CD" \
+                "DF79C5CE07EE72C7F123142198164234" \
+                "CABB724CF78B8173B9F880FC86322407" \
+                "AF1FEDFDDE2BEB674CA15F3E81A1521E" \
+                "071513A1E85B5DFA031F21ECAE91A34D"
+
+#define RSA_P   "C36D0EB7FCD285223CFB5AABA5BDA3D8" \
+                "2C01CAD19EA484A87EA4377637E75500" \
+                "FCB2005C5C7DD6EC4AC023CDA285D796" \
+                "C3D9E75E1EFC42488BB4F1D13AC30A57"
+
+#define RSA_Q   "C000DF51A7C77AE8D7C7370C1FF55B69" \
+                "E211C2B9E5DB1ED0BF61D0D9899620F4" \
+                "910E4168387E3C30AA1E00C339A79508" \
+                "8452DD96A9A5EA5D9DCA68DA636032AF"
+
+#define PT_LEN  24
+#define RSA_PT  "\xAA\xBB\xCC\x03\x02\x01\x00\xFF\xFF\xFF\xFF\xFF" \
+                "\x11\x22\x33\x0A\x0B\x0C\xCC\xDD\xDD\xDD\xDD\xDD"
+
+#if defined(MBEDTLS_PKCS1_V15)
+static int myrand( void *rng_state, unsigned char *output, size_t len )
+{
+#if !defined(__OpenBSD__)
+    size_t i;
+
+    if( rng_state != NULL )
+        rng_state  = NULL;
+
+    for( i = 0; i < len; ++i )
+        output[i] = rand();
+#else
+    if( rng_state != NULL )
+        rng_state = NULL;
+
+    arc4random_buf( output, len );
+#endif /* !OpenBSD */
+
+    return( 0 );
+}
+#endif /* MBEDTLS_PKCS1_V15 */
+
+/*
+ * Checkup routine
+ */
+int mbedtls_rsa_self_test( int verbose )
+{
+    int ret = 0;
+#if defined(MBEDTLS_PKCS1_V15)
+    size_t len;
+    mbedtls_rsa_context rsa;
+    unsigned char rsa_plaintext[PT_LEN];
+    unsigned char rsa_decrypted[PT_LEN];
+    unsigned char rsa_ciphertext[KEY_LEN];
+#if defined(MBEDTLS_SHA1_C)
+    unsigned char sha1sum[20];
+#endif
+
+    mbedtls_mpi K;
+
+    mbedtls_mpi_init( &K );
+    mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_N  ) );
+    MBEDTLS_MPI_CHK( mbedtls_rsa_import( &rsa, &K, NULL, NULL, NULL, NULL ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_P  ) );
+    MBEDTLS_MPI_CHK( mbedtls_rsa_import( &rsa, NULL, &K, NULL, NULL, NULL ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_Q  ) );
+    MBEDTLS_MPI_CHK( mbedtls_rsa_import( &rsa, NULL, NULL, &K, NULL, NULL ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_D  ) );
+    MBEDTLS_MPI_CHK( mbedtls_rsa_import( &rsa, NULL, NULL, NULL, &K, NULL ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( &K, 16, RSA_E  ) );
+    MBEDTLS_MPI_CHK( mbedtls_rsa_import( &rsa, NULL, NULL, NULL, NULL, &K ) );
+
+    MBEDTLS_MPI_CHK( mbedtls_rsa_complete( &rsa ) );
+
+    if( verbose != 0 )
+        mbedtls_printf( "  RSA key validation: " );
+
+    if( mbedtls_rsa_check_pubkey(  &rsa ) != 0 ||
+        mbedtls_rsa_check_privkey( &rsa ) != 0 )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "failed\n" );
+
+        return( 1 );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n  PKCS#1 encryption : " );
+
+    memcpy( rsa_plaintext, RSA_PT, PT_LEN );
+
+    if( mbedtls_rsa_pkcs1_encrypt( &rsa, myrand, NULL, MBEDTLS_RSA_PUBLIC,
+                                   PT_LEN, rsa_plaintext,
+                                   rsa_ciphertext ) != 0 )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "failed\n" );
+
+        return( 1 );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n  PKCS#1 decryption : " );
+
+    if( mbedtls_rsa_pkcs1_decrypt( &rsa, myrand, NULL, MBEDTLS_RSA_PRIVATE,
+                                   &len, rsa_ciphertext, rsa_decrypted,
+                                   sizeof(rsa_decrypted) ) != 0 )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "failed\n" );
+
+        return( 1 );
+    }
+
+    if( memcmp( rsa_decrypted, rsa_plaintext, len ) != 0 )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "failed\n" );
+
+        return( 1 );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n" );
+
+#if defined(MBEDTLS_SHA1_C)
+    if( verbose != 0 )
+        mbedtls_printf( "  PKCS#1 data sign  : " );
+
+    if( mbedtls_sha1_ret( rsa_plaintext, PT_LEN, sha1sum ) != 0 )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "failed\n" );
+
+        return( 1 );
+    }
+
+    if( mbedtls_rsa_pkcs1_sign( &rsa, myrand, NULL,
+                                MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA1, 0,
+                                sha1sum, rsa_ciphertext ) != 0 )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "failed\n" );
+
+        return( 1 );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n  PKCS#1 sig. verify: " );
+
+    if( mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL,
+                                  MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0,
+                                  sha1sum, rsa_ciphertext ) != 0 )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "failed\n" );
+
+        return( 1 );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n" );
+#endif /* MBEDTLS_SHA1_C */
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+cleanup:
+    mbedtls_mpi_free( &K );
+    mbedtls_rsa_free( &rsa );
+#else /* MBEDTLS_PKCS1_V15 */
+    ((void) verbose);
+#endif /* MBEDTLS_PKCS1_V15 */
+    return( ret );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_RSA_C */
diff --git a/thirdparty/mbedtls/library/rsa_internal.c b/thirdparty/mbedtls/library/rsa_internal.c
new file mode 100644
index 0000000000..507009f131
--- /dev/null
+++ b/thirdparty/mbedtls/library/rsa_internal.c
@@ -0,0 +1,487 @@
+/*
+ *  Helper functions for the RSA module
+ *
+ *  Copyright (C) 2006-2017, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ *
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_RSA_C)
+
+#include "mbedtls/rsa.h"
+#include "mbedtls/bignum.h"
+#include "mbedtls/rsa_internal.h"
+
+/*
+ * Compute RSA prime factors from public and private exponents
+ *
+ * Summary of algorithm:
+ * Setting F := lcm(P-1,Q-1), the idea is as follows:
+ *
+ * (a) For any 1 <= X < N with gcd(X,N)=1, we have X^F = 1 modulo N, so X^(F/2)
+ *     is a square root of 1 in Z/NZ. Since Z/NZ ~= Z/PZ x Z/QZ by CRT and the
+ *     square roots of 1 in Z/PZ and Z/QZ are +1 and -1, this leaves the four
+ *     possibilities X^(F/2) = (+-1, +-1). If it happens that X^(F/2) = (-1,+1)
+ *     or (+1,-1), then gcd(X^(F/2) + 1, N) will be equal to one of the prime
+ *     factors of N.
+ *
+ * (b) If we don't know F/2 but (F/2) * K for some odd (!) K, then the same
+ *     construction still applies since (-)^K is the identity on the set of
+ *     roots of 1 in Z/NZ.
+ *
+ * The public and private key primitives (-)^E and (-)^D are mutually inverse
+ * bijections on Z/NZ if and only if (-)^(DE) is the identity on Z/NZ, i.e.
+ * if and only if DE - 1 is a multiple of F, say DE - 1 = F * L.
+ * Splitting L = 2^t * K with K odd, we have
+ *
+ *   DE - 1 = FL = (F/2) * (2^(t+1)) * K,
+ *
+ * so (F / 2) * K is among the numbers
+ *
+ *   (DE - 1) >> 1, (DE - 1) >> 2, ..., (DE - 1) >> ord
+ *
+ * where ord is the order of 2 in (DE - 1).
+ * We can therefore iterate through these numbers apply the construction
+ * of (a) and (b) above to attempt to factor N.
+ *
+ */
+int mbedtls_rsa_deduce_primes( mbedtls_mpi const *N,
+                     mbedtls_mpi const *E, mbedtls_mpi const *D,
+                     mbedtls_mpi *P, mbedtls_mpi *Q )
+{
+    int ret = 0;
+
+    uint16_t attempt;  /* Number of current attempt  */
+    uint16_t iter;     /* Number of squares computed in the current attempt */
+
+    uint16_t order;    /* Order of 2 in DE - 1 */
+
+    mbedtls_mpi T;  /* Holds largest odd divisor of DE - 1     */
+    mbedtls_mpi K;  /* Temporary holding the current candidate */
+
+    const unsigned char primes[] = { 2,
+           3,    5,    7,   11,   13,   17,   19,   23,
+          29,   31,   37,   41,   43,   47,   53,   59,
+          61,   67,   71,   73,   79,   83,   89,   97,
+         101,  103,  107,  109,  113,  127,  131,  137,
+         139,  149,  151,  157,  163,  167,  173,  179,
+         181,  191,  193,  197,  199,  211,  223,  227,
+         229,  233,  239,  241,  251
+    };
+
+    const size_t num_primes = sizeof( primes ) / sizeof( *primes );
+
+    if( P == NULL || Q == NULL || P->p != NULL || Q->p != NULL )
+        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+
+    if( mbedtls_mpi_cmp_int( N, 0 ) <= 0 ||
+        mbedtls_mpi_cmp_int( D, 1 ) <= 0 ||
+        mbedtls_mpi_cmp_mpi( D, N ) >= 0 ||
+        mbedtls_mpi_cmp_int( E, 1 ) <= 0 ||
+        mbedtls_mpi_cmp_mpi( E, N ) >= 0 )
+    {
+        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+    }
+
+    /*
+     * Initializations and temporary changes
+     */
+
+    mbedtls_mpi_init( &K );
+    mbedtls_mpi_init( &T );
+
+    /* T := DE - 1 */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, D,  E ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &T, &T, 1 ) );
+
+    if( ( order = (uint16_t) mbedtls_mpi_lsb( &T ) ) == 0 )
+    {
+        ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    /* After this operation, T holds the largest odd divisor of DE - 1. */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &T, order ) );
+
+    /*
+     * Actual work
+     */
+
+    /* Skip trying 2 if N == 1 mod 8 */
+    attempt = 0;
+    if( N->p[0] % 8 == 1 )
+        attempt = 1;
+
+    for( ; attempt < num_primes; ++attempt )
+    {
+        mbedtls_mpi_lset( &K, primes[attempt] );
+
+        /* Check if gcd(K,N) = 1 */
+        MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( P, &K, N ) );
+        if( mbedtls_mpi_cmp_int( P, 1 ) != 0 )
+            continue;
+
+        /* Go through K^T + 1, K^(2T) + 1, K^(4T) + 1, ...
+         * and check whether they have nontrivial GCD with N. */
+        MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &K, &K, &T, N,
+                             Q /* temporarily use Q for storing Montgomery
+                                * multiplication helper values */ ) );
+
+        for( iter = 1; iter <= order; ++iter )
+        {
+            /* If we reach 1 prematurely, there's no point
+             * in continuing to square K */
+            if( mbedtls_mpi_cmp_int( &K, 1 ) == 0 )
+                break;
+
+            MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &K, &K, 1 ) );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( P, &K, N ) );
+
+            if( mbedtls_mpi_cmp_int( P, 1 ) ==  1 &&
+                mbedtls_mpi_cmp_mpi( P, N ) == -1 )
+            {
+                /*
+                 * Have found a nontrivial divisor P of N.
+                 * Set Q := N / P.
+                 */
+
+                MBEDTLS_MPI_CHK( mbedtls_mpi_div_mpi( Q, NULL, N, P ) );
+                goto cleanup;
+            }
+
+            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, &K, 1 ) );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, &K, &K ) );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &K, &K, N ) );
+        }
+
+        /*
+         * If we get here, then either we prematurely aborted the loop because
+         * we reached 1, or K holds primes[attempt]^(DE - 1) mod N, which must
+         * be 1 if D,E,N were consistent.
+         * Check if that's the case and abort if not, to avoid very long,
+         * yet eventually failing, computations if N,D,E were not sane.
+         */
+        if( mbedtls_mpi_cmp_int( &K, 1 ) != 0 )
+        {
+            break;
+        }
+    }
+
+    ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
+
+cleanup:
+
+    mbedtls_mpi_free( &K );
+    mbedtls_mpi_free( &T );
+    return( ret );
+}
+
+/*
+ * Given P, Q and the public exponent E, deduce D.
+ * This is essentially a modular inversion.
+ */
+int mbedtls_rsa_deduce_private_exponent( mbedtls_mpi const *P,
+                                         mbedtls_mpi const *Q,
+                                         mbedtls_mpi const *E,
+                                         mbedtls_mpi *D )
+{
+    int ret = 0;
+    mbedtls_mpi K, L;
+
+    if( D == NULL || mbedtls_mpi_cmp_int( D, 0 ) != 0 )
+        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+
+    if( mbedtls_mpi_cmp_int( P, 1 ) <= 0 ||
+        mbedtls_mpi_cmp_int( Q, 1 ) <= 0 ||
+        mbedtls_mpi_cmp_int( E, 0 ) == 0 )
+    {
+        return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+    }
+
+    mbedtls_mpi_init( &K );
+    mbedtls_mpi_init( &L );
+
+    /* Temporarily put K := P-1 and L := Q-1 */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, P, 1 ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &L, Q, 1 ) );
+
+    /* Temporarily put D := gcd(P-1, Q-1) */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( D, &K, &L ) );
+
+    /* K := LCM(P-1, Q-1) */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, &K, &L ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_div_mpi( &K, NULL, &K, D ) );
+
+    /* Compute modular inverse of E in LCM(P-1, Q-1) */
+    MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( D, E, &K ) );
+
+cleanup:
+
+    mbedtls_mpi_free( &K );
+    mbedtls_mpi_free( &L );
+
+    return( ret );
+}
+
+/*
+ * Check that RSA CRT parameters are in accordance with core parameters.
+ */
+int mbedtls_rsa_validate_crt( const mbedtls_mpi *P,  const mbedtls_mpi *Q,
+                              const mbedtls_mpi *D,  const mbedtls_mpi *DP,
+                              const mbedtls_mpi *DQ, const mbedtls_mpi *QP )
+{
+    int ret = 0;
+
+    mbedtls_mpi K, L;
+    mbedtls_mpi_init( &K );
+    mbedtls_mpi_init( &L );
+
+    /* Check that DP - D == 0 mod P - 1 */
+    if( DP != NULL )
+    {
+        if( P == NULL )
+        {
+            ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+            goto cleanup;
+        }
+
+        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, P, 1 ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &L, DP, D ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &L, &L, &K ) );
+
+        if( mbedtls_mpi_cmp_int( &L, 0 ) != 0 )
+        {
+            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+            goto cleanup;
+        }
+    }
+
+    /* Check that DQ - D == 0 mod Q - 1 */
+    if( DQ != NULL )
+    {
+        if( Q == NULL )
+        {
+            ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+            goto cleanup;
+        }
+
+        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, Q, 1 ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &L, DQ, D ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &L, &L, &K ) );
+
+        if( mbedtls_mpi_cmp_int( &L, 0 ) != 0 )
+        {
+            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+            goto cleanup;
+        }
+    }
+
+    /* Check that QP * Q - 1 == 0 mod P */
+    if( QP != NULL )
+    {
+        if( P == NULL || Q == NULL )
+        {
+            ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
+            goto cleanup;
+        }
+
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, QP, Q ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, &K, 1 ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &K, &K, P ) );
+        if( mbedtls_mpi_cmp_int( &K, 0 ) != 0 )
+        {
+            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+            goto cleanup;
+        }
+    }
+
+cleanup:
+
+    /* Wrap MPI error codes by RSA check failure error code */
+    if( ret != 0 &&
+        ret != MBEDTLS_ERR_RSA_KEY_CHECK_FAILED &&
+        ret != MBEDTLS_ERR_RSA_BAD_INPUT_DATA )
+    {
+        ret += MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+    }
+
+    mbedtls_mpi_free( &K );
+    mbedtls_mpi_free( &L );
+
+    return( ret );
+}
+
+/*
+ * Check that core RSA parameters are sane.
+ */
+int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P,
+                                 const mbedtls_mpi *Q, const mbedtls_mpi *D,
+                                 const mbedtls_mpi *E,
+                                 int (*f_rng)(void *, unsigned char *, size_t),
+                                 void *p_rng )
+{
+    int ret = 0;
+    mbedtls_mpi K, L;
+
+    mbedtls_mpi_init( &K );
+    mbedtls_mpi_init( &L );
+
+    /*
+     * Step 1: If PRNG provided, check that P and Q are prime
+     */
+
+#if defined(MBEDTLS_GENPRIME)
+    if( f_rng != NULL && P != NULL &&
+        ( ret = mbedtls_mpi_is_prime( P, f_rng, p_rng ) ) != 0 )
+    {
+        ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+        goto cleanup;
+    }
+
+    if( f_rng != NULL && Q != NULL &&
+        ( ret = mbedtls_mpi_is_prime( Q, f_rng, p_rng ) ) != 0 )
+    {
+        ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+        goto cleanup;
+    }
+#else
+    ((void) f_rng);
+    ((void) p_rng);
+#endif /* MBEDTLS_GENPRIME */
+
+    /*
+     * Step 2: Check that 1 < N = P * Q
+     */
+
+    if( P != NULL && Q != NULL && N != NULL )
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, P, Q ) );
+        if( mbedtls_mpi_cmp_int( N, 1 )  <= 0 ||
+            mbedtls_mpi_cmp_mpi( &K, N ) != 0 )
+        {
+            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+            goto cleanup;
+        }
+    }
+
+    /*
+     * Step 3: Check and 1 < D, E < N if present.
+     */
+
+    if( N != NULL && D != NULL && E != NULL )
+    {
+        if ( mbedtls_mpi_cmp_int( D, 1 ) <= 0 ||
+             mbedtls_mpi_cmp_int( E, 1 ) <= 0 ||
+             mbedtls_mpi_cmp_mpi( D, N ) >= 0 ||
+             mbedtls_mpi_cmp_mpi( E, N ) >= 0 )
+        {
+            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+            goto cleanup;
+        }
+    }
+
+    /*
+     * Step 4: Check that D, E are inverse modulo P-1 and Q-1
+     */
+
+    if( P != NULL && Q != NULL && D != NULL && E != NULL )
+    {
+        if( mbedtls_mpi_cmp_int( P, 1 ) <= 0 ||
+            mbedtls_mpi_cmp_int( Q, 1 ) <= 0 )
+        {
+            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+            goto cleanup;
+        }
+
+        /* Compute DE-1 mod P-1 */
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, D, E ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, &K, 1 ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &L, P, 1 ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &K, &K, &L ) );
+        if( mbedtls_mpi_cmp_int( &K, 0 ) != 0 )
+        {
+            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+            goto cleanup;
+        }
+
+        /* Compute DE-1 mod Q-1 */
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &K, D, E ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, &K, 1 ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &L, Q, 1 ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &K, &K, &L ) );
+        if( mbedtls_mpi_cmp_int( &K, 0 ) != 0 )
+        {
+            ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+            goto cleanup;
+        }
+    }
+
+cleanup:
+
+    mbedtls_mpi_free( &K );
+    mbedtls_mpi_free( &L );
+
+    /* Wrap MPI error codes by RSA check failure error code */
+    if( ret != 0 && ret != MBEDTLS_ERR_RSA_KEY_CHECK_FAILED )
+    {
+        ret += MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
+    }
+
+    return( ret );
+}
+
+int mbedtls_rsa_deduce_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q,
+                            const mbedtls_mpi *D, mbedtls_mpi *DP,
+                            mbedtls_mpi *DQ, mbedtls_mpi *QP )
+{
+    int ret = 0;
+    mbedtls_mpi K;
+    mbedtls_mpi_init( &K );
+
+    /* DP = D mod P-1 */
+    if( DP != NULL )
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, P, 1  ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( DP, D, &K ) );
+    }
+
+    /* DQ = D mod Q-1 */
+    if( DQ != NULL )
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &K, Q, 1  ) );
+        MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( DQ, D, &K ) );
+    }
+
+    /* QP = Q^{-1} mod P */
+    if( QP != NULL )
+    {
+        MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( QP, Q, P ) );
+    }
+
+cleanup:
+    mbedtls_mpi_free( &K );
+
+    return( ret );
+}
+
+#endif /* MBEDTLS_RSA_C */
diff --git a/thirdparty/mbedtls/library/sha1.c b/thirdparty/mbedtls/library/sha1.c
new file mode 100644
index 0000000000..8432eba8bd
--- /dev/null
+++ b/thirdparty/mbedtls/library/sha1.c
@@ -0,0 +1,495 @@
+/*
+ *  FIPS-180-1 compliant SHA-1 implementation
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ *  The SHA-1 standard was published by NIST in 1993.
+ *
+ *  http://www.itl.nist.gov/fipspubs/fip180-1.htm
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_SHA1_C)
+
+#include "mbedtls/sha1.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_SELF_TEST)
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif /* MBEDTLS_PLATFORM_C */
+#endif /* MBEDTLS_SELF_TEST */
+
+#if !defined(MBEDTLS_SHA1_ALT)
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0;
+}
+
+/*
+ * 32-bit integer manipulation macros (big endian)
+ */
+#ifndef GET_UINT32_BE
+#define GET_UINT32_BE(n,b,i)                            \
+{                                                       \
+    (n) = ( (uint32_t) (b)[(i)    ] << 24 )             \
+        | ( (uint32_t) (b)[(i) + 1] << 16 )             \
+        | ( (uint32_t) (b)[(i) + 2] <<  8 )             \
+        | ( (uint32_t) (b)[(i) + 3]       );            \
+}
+#endif
+
+#ifndef PUT_UINT32_BE
+#define PUT_UINT32_BE(n,b,i)                            \
+{                                                       \
+    (b)[(i)    ] = (unsigned char) ( (n) >> 24 );       \
+    (b)[(i) + 1] = (unsigned char) ( (n) >> 16 );       \
+    (b)[(i) + 2] = (unsigned char) ( (n) >>  8 );       \
+    (b)[(i) + 3] = (unsigned char) ( (n)       );       \
+}
+#endif
+
+void mbedtls_sha1_init( mbedtls_sha1_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_sha1_context ) );
+}
+
+void mbedtls_sha1_free( mbedtls_sha1_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    mbedtls_zeroize( ctx, sizeof( mbedtls_sha1_context ) );
+}
+
+void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
+                         const mbedtls_sha1_context *src )
+{
+    *dst = *src;
+}
+
+/*
+ * SHA-1 context setup
+ */
+int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx )
+{
+    ctx->total[0] = 0;
+    ctx->total[1] = 0;
+
+    ctx->state[0] = 0x67452301;
+    ctx->state[1] = 0xEFCDAB89;
+    ctx->state[2] = 0x98BADCFE;
+    ctx->state[3] = 0x10325476;
+    ctx->state[4] = 0xC3D2E1F0;
+
+    return( 0 );
+}
+
+#if !defined(MBEDTLS_SHA1_PROCESS_ALT)
+int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
+                                   const unsigned char data[64] )
+{
+    uint32_t temp, W[16], A, B, C, D, E;
+
+    GET_UINT32_BE( W[ 0], data,  0 );
+    GET_UINT32_BE( W[ 1], data,  4 );
+    GET_UINT32_BE( W[ 2], data,  8 );
+    GET_UINT32_BE( W[ 3], data, 12 );
+    GET_UINT32_BE( W[ 4], data, 16 );
+    GET_UINT32_BE( W[ 5], data, 20 );
+    GET_UINT32_BE( W[ 6], data, 24 );
+    GET_UINT32_BE( W[ 7], data, 28 );
+    GET_UINT32_BE( W[ 8], data, 32 );
+    GET_UINT32_BE( W[ 9], data, 36 );
+    GET_UINT32_BE( W[10], data, 40 );
+    GET_UINT32_BE( W[11], data, 44 );
+    GET_UINT32_BE( W[12], data, 48 );
+    GET_UINT32_BE( W[13], data, 52 );
+    GET_UINT32_BE( W[14], data, 56 );
+    GET_UINT32_BE( W[15], data, 60 );
+
+#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
+
+#define R(t)                                            \
+(                                                       \
+    temp = W[( t -  3 ) & 0x0F] ^ W[( t - 8 ) & 0x0F] ^ \
+           W[( t - 14 ) & 0x0F] ^ W[  t       & 0x0F],  \
+    ( W[t & 0x0F] = S(temp,1) )                         \
+)
+
+#define P(a,b,c,d,e,x)                                  \
+{                                                       \
+    e += S(a,5) + F(b,c,d) + K + x; b = S(b,30);        \
+}
+
+    A = ctx->state[0];
+    B = ctx->state[1];
+    C = ctx->state[2];
+    D = ctx->state[3];
+    E = ctx->state[4];
+
+#define F(x,y,z) (z ^ (x & (y ^ z)))
+#define K 0x5A827999
+
+    P( A, B, C, D, E, W[0]  );
+    P( E, A, B, C, D, W[1]  );
+    P( D, E, A, B, C, W[2]  );
+    P( C, D, E, A, B, W[3]  );
+    P( B, C, D, E, A, W[4]  );
+    P( A, B, C, D, E, W[5]  );
+    P( E, A, B, C, D, W[6]  );
+    P( D, E, A, B, C, W[7]  );
+    P( C, D, E, A, B, W[8]  );
+    P( B, C, D, E, A, W[9]  );
+    P( A, B, C, D, E, W[10] );
+    P( E, A, B, C, D, W[11] );
+    P( D, E, A, B, C, W[12] );
+    P( C, D, E, A, B, W[13] );
+    P( B, C, D, E, A, W[14] );
+    P( A, B, C, D, E, W[15] );
+    P( E, A, B, C, D, R(16) );
+    P( D, E, A, B, C, R(17) );
+    P( C, D, E, A, B, R(18) );
+    P( B, C, D, E, A, R(19) );
+
+#undef K
+#undef F
+
+#define F(x,y,z) (x ^ y ^ z)
+#define K 0x6ED9EBA1
+
+    P( A, B, C, D, E, R(20) );
+    P( E, A, B, C, D, R(21) );
+    P( D, E, A, B, C, R(22) );
+    P( C, D, E, A, B, R(23) );
+    P( B, C, D, E, A, R(24) );
+    P( A, B, C, D, E, R(25) );
+    P( E, A, B, C, D, R(26) );
+    P( D, E, A, B, C, R(27) );
+    P( C, D, E, A, B, R(28) );
+    P( B, C, D, E, A, R(29) );
+    P( A, B, C, D, E, R(30) );
+    P( E, A, B, C, D, R(31) );
+    P( D, E, A, B, C, R(32) );
+    P( C, D, E, A, B, R(33) );
+    P( B, C, D, E, A, R(34) );
+    P( A, B, C, D, E, R(35) );
+    P( E, A, B, C, D, R(36) );
+    P( D, E, A, B, C, R(37) );
+    P( C, D, E, A, B, R(38) );
+    P( B, C, D, E, A, R(39) );
+
+#undef K
+#undef F
+
+#define F(x,y,z) ((x & y) | (z & (x | y)))
+#define K 0x8F1BBCDC
+
+    P( A, B, C, D, E, R(40) );
+    P( E, A, B, C, D, R(41) );
+    P( D, E, A, B, C, R(42) );
+    P( C, D, E, A, B, R(43) );
+    P( B, C, D, E, A, R(44) );
+    P( A, B, C, D, E, R(45) );
+    P( E, A, B, C, D, R(46) );
+    P( D, E, A, B, C, R(47) );
+    P( C, D, E, A, B, R(48) );
+    P( B, C, D, E, A, R(49) );
+    P( A, B, C, D, E, R(50) );
+    P( E, A, B, C, D, R(51) );
+    P( D, E, A, B, C, R(52) );
+    P( C, D, E, A, B, R(53) );
+    P( B, C, D, E, A, R(54) );
+    P( A, B, C, D, E, R(55) );
+    P( E, A, B, C, D, R(56) );
+    P( D, E, A, B, C, R(57) );
+    P( C, D, E, A, B, R(58) );
+    P( B, C, D, E, A, R(59) );
+
+#undef K
+#undef F
+
+#define F(x,y,z) (x ^ y ^ z)
+#define K 0xCA62C1D6
+
+    P( A, B, C, D, E, R(60) );
+    P( E, A, B, C, D, R(61) );
+    P( D, E, A, B, C, R(62) );
+    P( C, D, E, A, B, R(63) );
+    P( B, C, D, E, A, R(64) );
+    P( A, B, C, D, E, R(65) );
+    P( E, A, B, C, D, R(66) );
+    P( D, E, A, B, C, R(67) );
+    P( C, D, E, A, B, R(68) );
+    P( B, C, D, E, A, R(69) );
+    P( A, B, C, D, E, R(70) );
+    P( E, A, B, C, D, R(71) );
+    P( D, E, A, B, C, R(72) );
+    P( C, D, E, A, B, R(73) );
+    P( B, C, D, E, A, R(74) );
+    P( A, B, C, D, E, R(75) );
+    P( E, A, B, C, D, R(76) );
+    P( D, E, A, B, C, R(77) );
+    P( C, D, E, A, B, R(78) );
+    P( B, C, D, E, A, R(79) );
+
+#undef K
+#undef F
+
+    ctx->state[0] += A;
+    ctx->state[1] += B;
+    ctx->state[2] += C;
+    ctx->state[3] += D;
+    ctx->state[4] += E;
+
+    return( 0 );
+}
+#endif /* !MBEDTLS_SHA1_PROCESS_ALT */
+
+/*
+ * SHA-1 process buffer
+ */
+int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx,
+                             const unsigned char *input,
+                             size_t ilen )
+{
+    int ret;
+    size_t fill;
+    uint32_t left;
+
+    if( ilen == 0 )
+        return( 0 );
+
+    left = ctx->total[0] & 0x3F;
+    fill = 64 - left;
+
+    ctx->total[0] += (uint32_t) ilen;
+    ctx->total[0] &= 0xFFFFFFFF;
+
+    if( ctx->total[0] < (uint32_t) ilen )
+        ctx->total[1]++;
+
+    if( left && ilen >= fill )
+    {
+        memcpy( (void *) (ctx->buffer + left), input, fill );
+
+        if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 )
+            return( ret );
+
+        input += fill;
+        ilen  -= fill;
+        left = 0;
+    }
+
+    while( ilen >= 64 )
+    {
+        if( ( ret = mbedtls_internal_sha1_process( ctx, input ) ) != 0 )
+            return( ret );
+
+        input += 64;
+        ilen  -= 64;
+    }
+
+    if( ilen > 0 )
+        memcpy( (void *) (ctx->buffer + left), input, ilen );
+
+    return( 0 );
+}
+
+static const unsigned char sha1_padding[64] =
+{
+ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+/*
+ * SHA-1 final digest
+ */
+int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx,
+                             unsigned char output[20] )
+{
+    int ret;
+    uint32_t last, padn;
+    uint32_t high, low;
+    unsigned char msglen[8];
+
+    high = ( ctx->total[0] >> 29 )
+         | ( ctx->total[1] <<  3 );
+    low  = ( ctx->total[0] <<  3 );
+
+    PUT_UINT32_BE( high, msglen, 0 );
+    PUT_UINT32_BE( low,  msglen, 4 );
+
+    last = ctx->total[0] & 0x3F;
+    padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
+
+    if( ( ret = mbedtls_sha1_update_ret( ctx, sha1_padding, padn ) ) != 0 )
+        return( ret );
+    if( ( ret = mbedtls_sha1_update_ret( ctx, msglen, 8 ) ) != 0 )
+        return( ret );
+
+    PUT_UINT32_BE( ctx->state[0], output,  0 );
+    PUT_UINT32_BE( ctx->state[1], output,  4 );
+    PUT_UINT32_BE( ctx->state[2], output,  8 );
+    PUT_UINT32_BE( ctx->state[3], output, 12 );
+    PUT_UINT32_BE( ctx->state[4], output, 16 );
+
+    return( 0 );
+}
+
+#endif /* !MBEDTLS_SHA1_ALT */
+
+/*
+ * output = SHA-1( input buffer )
+ */
+int mbedtls_sha1_ret( const unsigned char *input,
+                      size_t ilen,
+                      unsigned char output[20] )
+{
+    int ret;
+    mbedtls_sha1_context ctx;
+
+    mbedtls_sha1_init( &ctx );
+
+    if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_sha1_update_ret( &ctx, input, ilen ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_sha1_finish_ret( &ctx, output ) ) != 0 )
+        goto exit;
+
+exit:
+    mbedtls_sha1_free( &ctx );
+
+    return( ret );
+}
+
+#if defined(MBEDTLS_SELF_TEST)
+/*
+ * FIPS-180-1 test vectors
+ */
+static const unsigned char sha1_test_buf[3][57] =
+{
+    { "abc" },
+    { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
+    { "" }
+};
+
+static const size_t sha1_test_buflen[3] =
+{
+    3, 56, 1000
+};
+
+static const unsigned char sha1_test_sum[3][20] =
+{
+    { 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E,
+      0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D },
+    { 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE,
+      0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1 },
+    { 0x34, 0xAA, 0x97, 0x3C, 0xD4, 0xC4, 0xDA, 0xA4, 0xF6, 0x1E,
+      0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F }
+};
+
+/*
+ * Checkup routine
+ */
+int mbedtls_sha1_self_test( int verbose )
+{
+    int i, j, buflen, ret = 0;
+    unsigned char buf[1024];
+    unsigned char sha1sum[20];
+    mbedtls_sha1_context ctx;
+
+    mbedtls_sha1_init( &ctx );
+
+    /*
+     * SHA-1
+     */
+    for( i = 0; i < 3; i++ )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "  SHA-1 test #%d: ", i + 1 );
+
+        if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 )
+            goto fail;
+
+        if( i == 2 )
+        {
+            memset( buf, 'a', buflen = 1000 );
+
+            for( j = 0; j < 1000; j++ )
+            {
+                ret = mbedtls_sha1_update_ret( &ctx, buf, buflen );
+                if( ret != 0 )
+                    goto fail;
+            }
+        }
+        else
+        {
+            ret = mbedtls_sha1_update_ret( &ctx, sha1_test_buf[i],
+                                           sha1_test_buflen[i] );
+            if( ret != 0 )
+                goto fail;
+        }
+
+        if( ( ret = mbedtls_sha1_finish_ret( &ctx, sha1sum ) ) != 0 )
+            goto fail;
+
+        if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 )
+        {
+            ret = 1;
+            goto fail;
+        }
+
+        if( verbose != 0 )
+            mbedtls_printf( "passed\n" );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+    goto exit;
+
+fail:
+    if( verbose != 0 )
+        mbedtls_printf( "failed\n" );
+
+exit:
+    mbedtls_sha1_free( &ctx );
+
+    return( ret );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_SHA1_C */
diff --git a/thirdparty/mbedtls/library/sha256.c b/thirdparty/mbedtls/library/sha256.c
new file mode 100644
index 0000000000..abcd64d134
--- /dev/null
+++ b/thirdparty/mbedtls/library/sha256.c
@@ -0,0 +1,507 @@
+/*
+ *  FIPS-180-2 compliant SHA-256 implementation
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ *  The SHA-256 Secure Hash Standard was published by NIST in 2002.
+ *
+ *  http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_SHA256_C)
+
+#include "mbedtls/sha256.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_SELF_TEST)
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#include <stdlib.h>
+#define mbedtls_printf printf
+#define mbedtls_calloc    calloc
+#define mbedtls_free       free
+#endif /* MBEDTLS_PLATFORM_C */
+#endif /* MBEDTLS_SELF_TEST */
+
+#if !defined(MBEDTLS_SHA256_ALT)
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+/*
+ * 32-bit integer manipulation macros (big endian)
+ */
+#ifndef GET_UINT32_BE
+#define GET_UINT32_BE(n,b,i)                            \
+do {                                                    \
+    (n) = ( (uint32_t) (b)[(i)    ] << 24 )             \
+        | ( (uint32_t) (b)[(i) + 1] << 16 )             \
+        | ( (uint32_t) (b)[(i) + 2] <<  8 )             \
+        | ( (uint32_t) (b)[(i) + 3]       );            \
+} while( 0 )
+#endif
+
+#ifndef PUT_UINT32_BE
+#define PUT_UINT32_BE(n,b,i)                            \
+do {                                                    \
+    (b)[(i)    ] = (unsigned char) ( (n) >> 24 );       \
+    (b)[(i) + 1] = (unsigned char) ( (n) >> 16 );       \
+    (b)[(i) + 2] = (unsigned char) ( (n) >>  8 );       \
+    (b)[(i) + 3] = (unsigned char) ( (n)       );       \
+} while( 0 )
+#endif
+
+void mbedtls_sha256_init( mbedtls_sha256_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_sha256_context ) );
+}
+
+void mbedtls_sha256_free( mbedtls_sha256_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    mbedtls_zeroize( ctx, sizeof( mbedtls_sha256_context ) );
+}
+
+void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
+                           const mbedtls_sha256_context *src )
+{
+    *dst = *src;
+}
+
+/*
+ * SHA-256 context setup
+ */
+int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 )
+{
+    ctx->total[0] = 0;
+    ctx->total[1] = 0;
+
+    if( is224 == 0 )
+    {
+        /* SHA-256 */
+        ctx->state[0] = 0x6A09E667;
+        ctx->state[1] = 0xBB67AE85;
+        ctx->state[2] = 0x3C6EF372;
+        ctx->state[3] = 0xA54FF53A;
+        ctx->state[4] = 0x510E527F;
+        ctx->state[5] = 0x9B05688C;
+        ctx->state[6] = 0x1F83D9AB;
+        ctx->state[7] = 0x5BE0CD19;
+    }
+    else
+    {
+        /* SHA-224 */
+        ctx->state[0] = 0xC1059ED8;
+        ctx->state[1] = 0x367CD507;
+        ctx->state[2] = 0x3070DD17;
+        ctx->state[3] = 0xF70E5939;
+        ctx->state[4] = 0xFFC00B31;
+        ctx->state[5] = 0x68581511;
+        ctx->state[6] = 0x64F98FA7;
+        ctx->state[7] = 0xBEFA4FA4;
+    }
+
+    ctx->is224 = is224;
+
+    return( 0 );
+}
+
+#if !defined(MBEDTLS_SHA256_PROCESS_ALT)
+static const uint32_t K[] =
+{
+    0x428A2F98, 0x71374491, 0xB5C0FBCF, 0xE9B5DBA5,
+    0x3956C25B, 0x59F111F1, 0x923F82A4, 0xAB1C5ED5,
+    0xD807AA98, 0x12835B01, 0x243185BE, 0x550C7DC3,
+    0x72BE5D74, 0x80DEB1FE, 0x9BDC06A7, 0xC19BF174,
+    0xE49B69C1, 0xEFBE4786, 0x0FC19DC6, 0x240CA1CC,
+    0x2DE92C6F, 0x4A7484AA, 0x5CB0A9DC, 0x76F988DA,
+    0x983E5152, 0xA831C66D, 0xB00327C8, 0xBF597FC7,
+    0xC6E00BF3, 0xD5A79147, 0x06CA6351, 0x14292967,
+    0x27B70A85, 0x2E1B2138, 0x4D2C6DFC, 0x53380D13,
+    0x650A7354, 0x766A0ABB, 0x81C2C92E, 0x92722C85,
+    0xA2BFE8A1, 0xA81A664B, 0xC24B8B70, 0xC76C51A3,
+    0xD192E819, 0xD6990624, 0xF40E3585, 0x106AA070,
+    0x19A4C116, 0x1E376C08, 0x2748774C, 0x34B0BCB5,
+    0x391C0CB3, 0x4ED8AA4A, 0x5B9CCA4F, 0x682E6FF3,
+    0x748F82EE, 0x78A5636F, 0x84C87814, 0x8CC70208,
+    0x90BEFFFA, 0xA4506CEB, 0xBEF9A3F7, 0xC67178F2,
+};
+
+#define  SHR(x,n) ((x & 0xFFFFFFFF) >> n)
+#define ROTR(x,n) (SHR(x,n) | (x << (32 - n)))
+
+#define S0(x) (ROTR(x, 7) ^ ROTR(x,18) ^  SHR(x, 3))
+#define S1(x) (ROTR(x,17) ^ ROTR(x,19) ^  SHR(x,10))
+
+#define S2(x) (ROTR(x, 2) ^ ROTR(x,13) ^ ROTR(x,22))
+#define S3(x) (ROTR(x, 6) ^ ROTR(x,11) ^ ROTR(x,25))
+
+#define F0(x,y,z) ((x & y) | (z & (x | y)))
+#define F1(x,y,z) (z ^ (x & (y ^ z)))
+
+#define R(t)                                    \
+(                                               \
+    W[t] = S1(W[t -  2]) + W[t -  7] +          \
+           S0(W[t - 15]) + W[t - 16]            \
+)
+
+#define P(a,b,c,d,e,f,g,h,x,K)                  \
+{                                               \
+    temp1 = h + S3(e) + F1(e,f,g) + K + x;      \
+    temp2 = S2(a) + F0(a,b,c);                  \
+    d += temp1; h = temp1 + temp2;              \
+}
+
+int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
+                                const unsigned char data[64] )
+{
+    uint32_t temp1, temp2, W[64];
+    uint32_t A[8];
+    unsigned int i;
+
+    for( i = 0; i < 8; i++ )
+        A[i] = ctx->state[i];
+
+#if defined(MBEDTLS_SHA256_SMALLER)
+    for( i = 0; i < 64; i++ )
+    {
+        if( i < 16 )
+            GET_UINT32_BE( W[i], data, 4 * i );
+        else
+            R( i );
+
+        P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], W[i], K[i] );
+
+        temp1 = A[7]; A[7] = A[6]; A[6] = A[5]; A[5] = A[4]; A[4] = A[3];
+        A[3] = A[2]; A[2] = A[1]; A[1] = A[0]; A[0] = temp1;
+    }
+#else /* MBEDTLS_SHA256_SMALLER */
+    for( i = 0; i < 16; i++ )
+        GET_UINT32_BE( W[i], data, 4 * i );
+
+    for( i = 0; i < 16; i += 8 )
+    {
+        P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], W[i+0], K[i+0] );
+        P( A[7], A[0], A[1], A[2], A[3], A[4], A[5], A[6], W[i+1], K[i+1] );
+        P( A[6], A[7], A[0], A[1], A[2], A[3], A[4], A[5], W[i+2], K[i+2] );
+        P( A[5], A[6], A[7], A[0], A[1], A[2], A[3], A[4], W[i+3], K[i+3] );
+        P( A[4], A[5], A[6], A[7], A[0], A[1], A[2], A[3], W[i+4], K[i+4] );
+        P( A[3], A[4], A[5], A[6], A[7], A[0], A[1], A[2], W[i+5], K[i+5] );
+        P( A[2], A[3], A[4], A[5], A[6], A[7], A[0], A[1], W[i+6], K[i+6] );
+        P( A[1], A[2], A[3], A[4], A[5], A[6], A[7], A[0], W[i+7], K[i+7] );
+    }
+
+    for( i = 16; i < 64; i += 8 )
+    {
+        P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], R(i+0), K[i+0] );
+        P( A[7], A[0], A[1], A[2], A[3], A[4], A[5], A[6], R(i+1), K[i+1] );
+        P( A[6], A[7], A[0], A[1], A[2], A[3], A[4], A[5], R(i+2), K[i+2] );
+        P( A[5], A[6], A[7], A[0], A[1], A[2], A[3], A[4], R(i+3), K[i+3] );
+        P( A[4], A[5], A[6], A[7], A[0], A[1], A[2], A[3], R(i+4), K[i+4] );
+        P( A[3], A[4], A[5], A[6], A[7], A[0], A[1], A[2], R(i+5), K[i+5] );
+        P( A[2], A[3], A[4], A[5], A[6], A[7], A[0], A[1], R(i+6), K[i+6] );
+        P( A[1], A[2], A[3], A[4], A[5], A[6], A[7], A[0], R(i+7), K[i+7] );
+    }
+#endif /* MBEDTLS_SHA256_SMALLER */
+
+    for( i = 0; i < 8; i++ )
+        ctx->state[i] += A[i];
+
+    return( 0 );
+}
+#endif /* !MBEDTLS_SHA256_PROCESS_ALT */
+
+/*
+ * SHA-256 process buffer
+ */
+int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
+                               const unsigned char *input,
+                               size_t ilen )
+{
+    int ret;
+    size_t fill;
+    uint32_t left;
+
+    if( ilen == 0 )
+        return( 0 );
+
+    left = ctx->total[0] & 0x3F;
+    fill = 64 - left;
+
+    ctx->total[0] += (uint32_t) ilen;
+    ctx->total[0] &= 0xFFFFFFFF;
+
+    if( ctx->total[0] < (uint32_t) ilen )
+        ctx->total[1]++;
+
+    if( left && ilen >= fill )
+    {
+        memcpy( (void *) (ctx->buffer + left), input, fill );
+
+        if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 )
+            return( ret );
+
+        input += fill;
+        ilen  -= fill;
+        left = 0;
+    }
+
+    while( ilen >= 64 )
+    {
+        if( ( ret = mbedtls_internal_sha256_process( ctx, input ) ) != 0 )
+            return( ret );
+
+        input += 64;
+        ilen  -= 64;
+    }
+
+    if( ilen > 0 )
+        memcpy( (void *) (ctx->buffer + left), input, ilen );
+
+    return( 0 );
+}
+
+static const unsigned char sha256_padding[64] =
+{
+ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+/*
+ * SHA-256 final digest
+ */
+int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
+                               unsigned char output[32] )
+{
+    int ret;
+    uint32_t last, padn;
+    uint32_t high, low;
+    unsigned char msglen[8];
+
+    high = ( ctx->total[0] >> 29 )
+         | ( ctx->total[1] <<  3 );
+    low  = ( ctx->total[0] <<  3 );
+
+    PUT_UINT32_BE( high, msglen, 0 );
+    PUT_UINT32_BE( low,  msglen, 4 );
+
+    last = ctx->total[0] & 0x3F;
+    padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
+
+    if( ( ret = mbedtls_sha256_update_ret( ctx, sha256_padding, padn ) ) != 0 )
+        return( ret );
+
+    if( ( ret = mbedtls_sha256_update_ret( ctx, msglen, 8 ) ) != 0 )
+        return( ret );
+
+    PUT_UINT32_BE( ctx->state[0], output,  0 );
+    PUT_UINT32_BE( ctx->state[1], output,  4 );
+    PUT_UINT32_BE( ctx->state[2], output,  8 );
+    PUT_UINT32_BE( ctx->state[3], output, 12 );
+    PUT_UINT32_BE( ctx->state[4], output, 16 );
+    PUT_UINT32_BE( ctx->state[5], output, 20 );
+    PUT_UINT32_BE( ctx->state[6], output, 24 );
+
+    if( ctx->is224 == 0 )
+        PUT_UINT32_BE( ctx->state[7], output, 28 );
+
+    return( 0 );
+}
+
+#endif /* !MBEDTLS_SHA256_ALT */
+
+/*
+ * output = SHA-256( input buffer )
+ */
+int mbedtls_sha256_ret( const unsigned char *input,
+                        size_t ilen,
+                        unsigned char output[32],
+                        int is224 )
+{
+    int ret;
+    mbedtls_sha256_context ctx;
+
+    mbedtls_sha256_init( &ctx );
+
+    if( ( ret = mbedtls_sha256_starts_ret( &ctx, is224 ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_sha256_update_ret( &ctx, input, ilen ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_sha256_finish_ret( &ctx, output ) ) != 0 )
+        goto exit;
+
+exit:
+    mbedtls_sha256_free( &ctx );
+
+    return( ret );
+}
+
+#if defined(MBEDTLS_SELF_TEST)
+/*
+ * FIPS-180-2 test vectors
+ */
+static const unsigned char sha256_test_buf[3][57] =
+{
+    { "abc" },
+    { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
+    { "" }
+};
+
+static const size_t sha256_test_buflen[3] =
+{
+    3, 56, 1000
+};
+
+static const unsigned char sha256_test_sum[6][32] =
+{
+    /*
+     * SHA-224 test vectors
+     */
+    { 0x23, 0x09, 0x7D, 0x22, 0x34, 0x05, 0xD8, 0x22,
+      0x86, 0x42, 0xA4, 0x77, 0xBD, 0xA2, 0x55, 0xB3,
+      0x2A, 0xAD, 0xBC, 0xE4, 0xBD, 0xA0, 0xB3, 0xF7,
+      0xE3, 0x6C, 0x9D, 0xA7 },
+    { 0x75, 0x38, 0x8B, 0x16, 0x51, 0x27, 0x76, 0xCC,
+      0x5D, 0xBA, 0x5D, 0xA1, 0xFD, 0x89, 0x01, 0x50,
+      0xB0, 0xC6, 0x45, 0x5C, 0xB4, 0xF5, 0x8B, 0x19,
+      0x52, 0x52, 0x25, 0x25 },
+    { 0x20, 0x79, 0x46, 0x55, 0x98, 0x0C, 0x91, 0xD8,
+      0xBB, 0xB4, 0xC1, 0xEA, 0x97, 0x61, 0x8A, 0x4B,
+      0xF0, 0x3F, 0x42, 0x58, 0x19, 0x48, 0xB2, 0xEE,
+      0x4E, 0xE7, 0xAD, 0x67 },
+
+    /*
+     * SHA-256 test vectors
+     */
+    { 0xBA, 0x78, 0x16, 0xBF, 0x8F, 0x01, 0xCF, 0xEA,
+      0x41, 0x41, 0x40, 0xDE, 0x5D, 0xAE, 0x22, 0x23,
+      0xB0, 0x03, 0x61, 0xA3, 0x96, 0x17, 0x7A, 0x9C,
+      0xB4, 0x10, 0xFF, 0x61, 0xF2, 0x00, 0x15, 0xAD },
+    { 0x24, 0x8D, 0x6A, 0x61, 0xD2, 0x06, 0x38, 0xB8,
+      0xE5, 0xC0, 0x26, 0x93, 0x0C, 0x3E, 0x60, 0x39,
+      0xA3, 0x3C, 0xE4, 0x59, 0x64, 0xFF, 0x21, 0x67,
+      0xF6, 0xEC, 0xED, 0xD4, 0x19, 0xDB, 0x06, 0xC1 },
+    { 0xCD, 0xC7, 0x6E, 0x5C, 0x99, 0x14, 0xFB, 0x92,
+      0x81, 0xA1, 0xC7, 0xE2, 0x84, 0xD7, 0x3E, 0x67,
+      0xF1, 0x80, 0x9A, 0x48, 0xA4, 0x97, 0x20, 0x0E,
+      0x04, 0x6D, 0x39, 0xCC, 0xC7, 0x11, 0x2C, 0xD0 }
+};
+
+/*
+ * Checkup routine
+ */
+int mbedtls_sha256_self_test( int verbose )
+{
+    int i, j, k, buflen, ret = 0;
+    unsigned char *buf;
+    unsigned char sha256sum[32];
+    mbedtls_sha256_context ctx;
+
+    buf = mbedtls_calloc( 1024, sizeof(unsigned char) );
+    if( NULL == buf )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "Buffer allocation failed\n" );
+
+        return( 1 );
+    }
+
+    mbedtls_sha256_init( &ctx );
+
+    for( i = 0; i < 6; i++ )
+    {
+        j = i % 3;
+        k = i < 3;
+
+        if( verbose != 0 )
+            mbedtls_printf( "  SHA-%d test #%d: ", 256 - k * 32, j + 1 );
+
+        if( ( ret = mbedtls_sha256_starts_ret( &ctx, k ) ) != 0 )
+            goto fail;
+
+        if( j == 2 )
+        {
+            memset( buf, 'a', buflen = 1000 );
+
+            for( j = 0; j < 1000; j++ )
+            {
+                ret = mbedtls_sha256_update_ret( &ctx, buf, buflen );
+                if( ret != 0 )
+                    goto fail;
+            }
+
+        }
+        else
+        {
+            ret = mbedtls_sha256_update_ret( &ctx, sha256_test_buf[j],
+                                             sha256_test_buflen[j] );
+            if( ret != 0 )
+                 goto fail;
+        }
+
+        if( ( ret = mbedtls_sha256_finish_ret( &ctx, sha256sum ) ) != 0 )
+            goto fail;
+
+
+        if( memcmp( sha256sum, sha256_test_sum[i], 32 - k * 4 ) != 0 )
+        {
+            ret = 1;
+            goto fail;
+        }
+
+        if( verbose != 0 )
+            mbedtls_printf( "passed\n" );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+    goto exit;
+
+fail:
+    if( verbose != 0 )
+        mbedtls_printf( "failed\n" );
+
+exit:
+    mbedtls_sha256_free( &ctx );
+    mbedtls_free( buf );
+
+    return( ret );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_SHA256_C */
diff --git a/thirdparty/mbedtls/library/sha512.c b/thirdparty/mbedtls/library/sha512.c
new file mode 100644
index 0000000000..c99b6da950
--- /dev/null
+++ b/thirdparty/mbedtls/library/sha512.c
@@ -0,0 +1,561 @@
+/*
+ *  FIPS-180-2 compliant SHA-384/512 implementation
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ *  The SHA-512 Secure Hash Standard was published by NIST in 2002.
+ *
+ *  http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_SHA512_C)
+
+#include "mbedtls/sha512.h"
+
+#if defined(_MSC_VER) || defined(__WATCOMC__)
+  #define UL64(x) x##ui64
+#else
+  #define UL64(x) x##ULL
+#endif
+
+#include <string.h>
+
+#if defined(MBEDTLS_SELF_TEST)
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#include <stdlib.h>
+#define mbedtls_printf printf
+#define mbedtls_calloc    calloc
+#define mbedtls_free       free
+#endif /* MBEDTLS_PLATFORM_C */
+#endif /* MBEDTLS_SELF_TEST */
+
+#if !defined(MBEDTLS_SHA512_ALT)
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+/*
+ * 64-bit integer manipulation macros (big endian)
+ */
+#ifndef GET_UINT64_BE
+#define GET_UINT64_BE(n,b,i)                            \
+{                                                       \
+    (n) = ( (uint64_t) (b)[(i)    ] << 56 )       \
+        | ( (uint64_t) (b)[(i) + 1] << 48 )       \
+        | ( (uint64_t) (b)[(i) + 2] << 40 )       \
+        | ( (uint64_t) (b)[(i) + 3] << 32 )       \
+        | ( (uint64_t) (b)[(i) + 4] << 24 )       \
+        | ( (uint64_t) (b)[(i) + 5] << 16 )       \
+        | ( (uint64_t) (b)[(i) + 6] <<  8 )       \
+        | ( (uint64_t) (b)[(i) + 7]       );      \
+}
+#endif /* GET_UINT64_BE */
+
+#ifndef PUT_UINT64_BE
+#define PUT_UINT64_BE(n,b,i)                            \
+{                                                       \
+    (b)[(i)    ] = (unsigned char) ( (n) >> 56 );       \
+    (b)[(i) + 1] = (unsigned char) ( (n) >> 48 );       \
+    (b)[(i) + 2] = (unsigned char) ( (n) >> 40 );       \
+    (b)[(i) + 3] = (unsigned char) ( (n) >> 32 );       \
+    (b)[(i) + 4] = (unsigned char) ( (n) >> 24 );       \
+    (b)[(i) + 5] = (unsigned char) ( (n) >> 16 );       \
+    (b)[(i) + 6] = (unsigned char) ( (n) >>  8 );       \
+    (b)[(i) + 7] = (unsigned char) ( (n)       );       \
+}
+#endif /* PUT_UINT64_BE */
+
+void mbedtls_sha512_init( mbedtls_sha512_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_sha512_context ) );
+}
+
+void mbedtls_sha512_free( mbedtls_sha512_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    mbedtls_zeroize( ctx, sizeof( mbedtls_sha512_context ) );
+}
+
+void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
+                           const mbedtls_sha512_context *src )
+{
+    *dst = *src;
+}
+
+/*
+ * SHA-512 context setup
+ */
+int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 )
+{
+    ctx->total[0] = 0;
+    ctx->total[1] = 0;
+
+    if( is384 == 0 )
+    {
+        /* SHA-512 */
+        ctx->state[0] = UL64(0x6A09E667F3BCC908);
+        ctx->state[1] = UL64(0xBB67AE8584CAA73B);
+        ctx->state[2] = UL64(0x3C6EF372FE94F82B);
+        ctx->state[3] = UL64(0xA54FF53A5F1D36F1);
+        ctx->state[4] = UL64(0x510E527FADE682D1);
+        ctx->state[5] = UL64(0x9B05688C2B3E6C1F);
+        ctx->state[6] = UL64(0x1F83D9ABFB41BD6B);
+        ctx->state[7] = UL64(0x5BE0CD19137E2179);
+    }
+    else
+    {
+        /* SHA-384 */
+        ctx->state[0] = UL64(0xCBBB9D5DC1059ED8);
+        ctx->state[1] = UL64(0x629A292A367CD507);
+        ctx->state[2] = UL64(0x9159015A3070DD17);
+        ctx->state[3] = UL64(0x152FECD8F70E5939);
+        ctx->state[4] = UL64(0x67332667FFC00B31);
+        ctx->state[5] = UL64(0x8EB44A8768581511);
+        ctx->state[6] = UL64(0xDB0C2E0D64F98FA7);
+        ctx->state[7] = UL64(0x47B5481DBEFA4FA4);
+    }
+
+    ctx->is384 = is384;
+
+    return( 0 );
+}
+
+#if !defined(MBEDTLS_SHA512_PROCESS_ALT)
+
+/*
+ * Round constants
+ */
+static const uint64_t K[80] =
+{
+    UL64(0x428A2F98D728AE22),  UL64(0x7137449123EF65CD),
+    UL64(0xB5C0FBCFEC4D3B2F),  UL64(0xE9B5DBA58189DBBC),
+    UL64(0x3956C25BF348B538),  UL64(0x59F111F1B605D019),
+    UL64(0x923F82A4AF194F9B),  UL64(0xAB1C5ED5DA6D8118),
+    UL64(0xD807AA98A3030242),  UL64(0x12835B0145706FBE),
+    UL64(0x243185BE4EE4B28C),  UL64(0x550C7DC3D5FFB4E2),
+    UL64(0x72BE5D74F27B896F),  UL64(0x80DEB1FE3B1696B1),
+    UL64(0x9BDC06A725C71235),  UL64(0xC19BF174CF692694),
+    UL64(0xE49B69C19EF14AD2),  UL64(0xEFBE4786384F25E3),
+    UL64(0x0FC19DC68B8CD5B5),  UL64(0x240CA1CC77AC9C65),
+    UL64(0x2DE92C6F592B0275),  UL64(0x4A7484AA6EA6E483),
+    UL64(0x5CB0A9DCBD41FBD4),  UL64(0x76F988DA831153B5),
+    UL64(0x983E5152EE66DFAB),  UL64(0xA831C66D2DB43210),
+    UL64(0xB00327C898FB213F),  UL64(0xBF597FC7BEEF0EE4),
+    UL64(0xC6E00BF33DA88FC2),  UL64(0xD5A79147930AA725),
+    UL64(0x06CA6351E003826F),  UL64(0x142929670A0E6E70),
+    UL64(0x27B70A8546D22FFC),  UL64(0x2E1B21385C26C926),
+    UL64(0x4D2C6DFC5AC42AED),  UL64(0x53380D139D95B3DF),
+    UL64(0x650A73548BAF63DE),  UL64(0x766A0ABB3C77B2A8),
+    UL64(0x81C2C92E47EDAEE6),  UL64(0x92722C851482353B),
+    UL64(0xA2BFE8A14CF10364),  UL64(0xA81A664BBC423001),
+    UL64(0xC24B8B70D0F89791),  UL64(0xC76C51A30654BE30),
+    UL64(0xD192E819D6EF5218),  UL64(0xD69906245565A910),
+    UL64(0xF40E35855771202A),  UL64(0x106AA07032BBD1B8),
+    UL64(0x19A4C116B8D2D0C8),  UL64(0x1E376C085141AB53),
+    UL64(0x2748774CDF8EEB99),  UL64(0x34B0BCB5E19B48A8),
+    UL64(0x391C0CB3C5C95A63),  UL64(0x4ED8AA4AE3418ACB),
+    UL64(0x5B9CCA4F7763E373),  UL64(0x682E6FF3D6B2B8A3),
+    UL64(0x748F82EE5DEFB2FC),  UL64(0x78A5636F43172F60),
+    UL64(0x84C87814A1F0AB72),  UL64(0x8CC702081A6439EC),
+    UL64(0x90BEFFFA23631E28),  UL64(0xA4506CEBDE82BDE9),
+    UL64(0xBEF9A3F7B2C67915),  UL64(0xC67178F2E372532B),
+    UL64(0xCA273ECEEA26619C),  UL64(0xD186B8C721C0C207),
+    UL64(0xEADA7DD6CDE0EB1E),  UL64(0xF57D4F7FEE6ED178),
+    UL64(0x06F067AA72176FBA),  UL64(0x0A637DC5A2C898A6),
+    UL64(0x113F9804BEF90DAE),  UL64(0x1B710B35131C471B),
+    UL64(0x28DB77F523047D84),  UL64(0x32CAAB7B40C72493),
+    UL64(0x3C9EBE0A15C9BEBC),  UL64(0x431D67C49C100D4C),
+    UL64(0x4CC5D4BECB3E42B6),  UL64(0x597F299CFC657E2A),
+    UL64(0x5FCB6FAB3AD6FAEC),  UL64(0x6C44198C4A475817)
+};
+
+int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx,
+                                     const unsigned char data[128] )
+{
+    int i;
+    uint64_t temp1, temp2, W[80];
+    uint64_t A, B, C, D, E, F, G, H;
+
+#define  SHR(x,n) (x >> n)
+#define ROTR(x,n) (SHR(x,n) | (x << (64 - n)))
+
+#define S0(x) (ROTR(x, 1) ^ ROTR(x, 8) ^  SHR(x, 7))
+#define S1(x) (ROTR(x,19) ^ ROTR(x,61) ^  SHR(x, 6))
+
+#define S2(x) (ROTR(x,28) ^ ROTR(x,34) ^ ROTR(x,39))
+#define S3(x) (ROTR(x,14) ^ ROTR(x,18) ^ ROTR(x,41))
+
+#define F0(x,y,z) ((x & y) | (z & (x | y)))
+#define F1(x,y,z) (z ^ (x & (y ^ z)))
+
+#define P(a,b,c,d,e,f,g,h,x,K)                  \
+{                                               \
+    temp1 = h + S3(e) + F1(e,f,g) + K + x;      \
+    temp2 = S2(a) + F0(a,b,c);                  \
+    d += temp1; h = temp1 + temp2;              \
+}
+
+    for( i = 0; i < 16; i++ )
+    {
+        GET_UINT64_BE( W[i], data, i << 3 );
+    }
+
+    for( ; i < 80; i++ )
+    {
+        W[i] = S1(W[i -  2]) + W[i -  7] +
+               S0(W[i - 15]) + W[i - 16];
+    }
+
+    A = ctx->state[0];
+    B = ctx->state[1];
+    C = ctx->state[2];
+    D = ctx->state[3];
+    E = ctx->state[4];
+    F = ctx->state[5];
+    G = ctx->state[6];
+    H = ctx->state[7];
+    i = 0;
+
+    do
+    {
+        P( A, B, C, D, E, F, G, H, W[i], K[i] ); i++;
+        P( H, A, B, C, D, E, F, G, W[i], K[i] ); i++;
+        P( G, H, A, B, C, D, E, F, W[i], K[i] ); i++;
+        P( F, G, H, A, B, C, D, E, W[i], K[i] ); i++;
+        P( E, F, G, H, A, B, C, D, W[i], K[i] ); i++;
+        P( D, E, F, G, H, A, B, C, W[i], K[i] ); i++;
+        P( C, D, E, F, G, H, A, B, W[i], K[i] ); i++;
+        P( B, C, D, E, F, G, H, A, W[i], K[i] ); i++;
+    }
+    while( i < 80 );
+
+    ctx->state[0] += A;
+    ctx->state[1] += B;
+    ctx->state[2] += C;
+    ctx->state[3] += D;
+    ctx->state[4] += E;
+    ctx->state[5] += F;
+    ctx->state[6] += G;
+    ctx->state[7] += H;
+
+    return( 0 );
+}
+#endif /* !MBEDTLS_SHA512_PROCESS_ALT */
+
+/*
+ * SHA-512 process buffer
+ */
+int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx,
+                               const unsigned char *input,
+                               size_t ilen )
+{
+    int ret;
+    size_t fill;
+    unsigned int left;
+
+    if( ilen == 0 )
+        return( 0 );
+
+    left = (unsigned int) (ctx->total[0] & 0x7F);
+    fill = 128 - left;
+
+    ctx->total[0] += (uint64_t) ilen;
+
+    if( ctx->total[0] < (uint64_t) ilen )
+        ctx->total[1]++;
+
+    if( left && ilen >= fill )
+    {
+        memcpy( (void *) (ctx->buffer + left), input, fill );
+
+        if( ( ret = mbedtls_internal_sha512_process( ctx, ctx->buffer ) ) != 0 )
+            return( ret );
+
+        input += fill;
+        ilen  -= fill;
+        left = 0;
+    }
+
+    while( ilen >= 128 )
+    {
+        if( ( ret = mbedtls_internal_sha512_process( ctx, input ) ) != 0 )
+            return( ret );
+
+        input += 128;
+        ilen  -= 128;
+    }
+
+    if( ilen > 0 )
+        memcpy( (void *) (ctx->buffer + left), input, ilen );
+
+    return( 0 );
+}
+
+static const unsigned char sha512_padding[128] =
+{
+ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+/*
+ * SHA-512 final digest
+ */
+int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx,
+                               unsigned char output[64] )
+{
+    int ret;
+    size_t last, padn;
+    uint64_t high, low;
+    unsigned char msglen[16];
+
+    high = ( ctx->total[0] >> 61 )
+         | ( ctx->total[1] <<  3 );
+    low  = ( ctx->total[0] <<  3 );
+
+    PUT_UINT64_BE( high, msglen, 0 );
+    PUT_UINT64_BE( low,  msglen, 8 );
+
+    last = (size_t)( ctx->total[0] & 0x7F );
+    padn = ( last < 112 ) ? ( 112 - last ) : ( 240 - last );
+
+    if( ( ret = mbedtls_sha512_update_ret( ctx, sha512_padding, padn ) ) != 0 )
+            return( ret );
+
+    if( ( ret = mbedtls_sha512_update_ret( ctx, msglen, 16 ) ) != 0 )
+            return( ret );
+
+    PUT_UINT64_BE( ctx->state[0], output,  0 );
+    PUT_UINT64_BE( ctx->state[1], output,  8 );
+    PUT_UINT64_BE( ctx->state[2], output, 16 );
+    PUT_UINT64_BE( ctx->state[3], output, 24 );
+    PUT_UINT64_BE( ctx->state[4], output, 32 );
+    PUT_UINT64_BE( ctx->state[5], output, 40 );
+
+    if( ctx->is384 == 0 )
+    {
+        PUT_UINT64_BE( ctx->state[6], output, 48 );
+        PUT_UINT64_BE( ctx->state[7], output, 56 );
+    }
+
+    return( 0 );
+}
+
+#endif /* !MBEDTLS_SHA512_ALT */
+
+/*
+ * output = SHA-512( input buffer )
+ */
+int mbedtls_sha512_ret( const unsigned char *input,
+                    size_t ilen,
+                    unsigned char output[64],
+                    int is384 )
+{
+    int ret;
+    mbedtls_sha512_context ctx;
+
+    mbedtls_sha512_init( &ctx );
+
+    if( ( ret = mbedtls_sha512_starts_ret( &ctx, is384 ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_sha512_update_ret( &ctx, input, ilen ) ) != 0 )
+        goto exit;
+
+    if( ( ret = mbedtls_sha512_finish_ret( &ctx, output ) ) != 0 )
+        goto exit;
+
+exit:
+    mbedtls_sha512_free( &ctx );
+
+    return( ret );
+}
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/*
+ * FIPS-180-2 test vectors
+ */
+static const unsigned char sha512_test_buf[3][113] =
+{
+    { "abc" },
+    { "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
+      "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" },
+    { "" }
+};
+
+static const size_t sha512_test_buflen[3] =
+{
+    3, 112, 1000
+};
+
+static const unsigned char sha512_test_sum[6][64] =
+{
+    /*
+     * SHA-384 test vectors
+     */
+    { 0xCB, 0x00, 0x75, 0x3F, 0x45, 0xA3, 0x5E, 0x8B,
+      0xB5, 0xA0, 0x3D, 0x69, 0x9A, 0xC6, 0x50, 0x07,
+      0x27, 0x2C, 0x32, 0xAB, 0x0E, 0xDE, 0xD1, 0x63,
+      0x1A, 0x8B, 0x60, 0x5A, 0x43, 0xFF, 0x5B, 0xED,
+      0x80, 0x86, 0x07, 0x2B, 0xA1, 0xE7, 0xCC, 0x23,
+      0x58, 0xBA, 0xEC, 0xA1, 0x34, 0xC8, 0x25, 0xA7 },
+    { 0x09, 0x33, 0x0C, 0x33, 0xF7, 0x11, 0x47, 0xE8,
+      0x3D, 0x19, 0x2F, 0xC7, 0x82, 0xCD, 0x1B, 0x47,
+      0x53, 0x11, 0x1B, 0x17, 0x3B, 0x3B, 0x05, 0xD2,
+      0x2F, 0xA0, 0x80, 0x86, 0xE3, 0xB0, 0xF7, 0x12,
+      0xFC, 0xC7, 0xC7, 0x1A, 0x55, 0x7E, 0x2D, 0xB9,
+      0x66, 0xC3, 0xE9, 0xFA, 0x91, 0x74, 0x60, 0x39 },
+    { 0x9D, 0x0E, 0x18, 0x09, 0x71, 0x64, 0x74, 0xCB,
+      0x08, 0x6E, 0x83, 0x4E, 0x31, 0x0A, 0x4A, 0x1C,
+      0xED, 0x14, 0x9E, 0x9C, 0x00, 0xF2, 0x48, 0x52,
+      0x79, 0x72, 0xCE, 0xC5, 0x70, 0x4C, 0x2A, 0x5B,
+      0x07, 0xB8, 0xB3, 0xDC, 0x38, 0xEC, 0xC4, 0xEB,
+      0xAE, 0x97, 0xDD, 0xD8, 0x7F, 0x3D, 0x89, 0x85 },
+
+    /*
+     * SHA-512 test vectors
+     */
+    { 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA,
+      0xCC, 0x41, 0x73, 0x49, 0xAE, 0x20, 0x41, 0x31,
+      0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2,
+      0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A,
+      0x21, 0x92, 0x99, 0x2A, 0x27, 0x4F, 0xC1, 0xA8,
+      0x36, 0xBA, 0x3C, 0x23, 0xA3, 0xFE, 0xEB, 0xBD,
+      0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8, 0x0E,
+      0x2A, 0x9A, 0xC9, 0x4F, 0xA5, 0x4C, 0xA4, 0x9F },
+    { 0x8E, 0x95, 0x9B, 0x75, 0xDA, 0xE3, 0x13, 0xDA,
+      0x8C, 0xF4, 0xF7, 0x28, 0x14, 0xFC, 0x14, 0x3F,
+      0x8F, 0x77, 0x79, 0xC6, 0xEB, 0x9F, 0x7F, 0xA1,
+      0x72, 0x99, 0xAE, 0xAD, 0xB6, 0x88, 0x90, 0x18,
+      0x50, 0x1D, 0x28, 0x9E, 0x49, 0x00, 0xF7, 0xE4,
+      0x33, 0x1B, 0x99, 0xDE, 0xC4, 0xB5, 0x43, 0x3A,
+      0xC7, 0xD3, 0x29, 0xEE, 0xB6, 0xDD, 0x26, 0x54,
+      0x5E, 0x96, 0xE5, 0x5B, 0x87, 0x4B, 0xE9, 0x09 },
+    { 0xE7, 0x18, 0x48, 0x3D, 0x0C, 0xE7, 0x69, 0x64,
+      0x4E, 0x2E, 0x42, 0xC7, 0xBC, 0x15, 0xB4, 0x63,
+      0x8E, 0x1F, 0x98, 0xB1, 0x3B, 0x20, 0x44, 0x28,
+      0x56, 0x32, 0xA8, 0x03, 0xAF, 0xA9, 0x73, 0xEB,
+      0xDE, 0x0F, 0xF2, 0x44, 0x87, 0x7E, 0xA6, 0x0A,
+      0x4C, 0xB0, 0x43, 0x2C, 0xE5, 0x77, 0xC3, 0x1B,
+      0xEB, 0x00, 0x9C, 0x5C, 0x2C, 0x49, 0xAA, 0x2E,
+      0x4E, 0xAD, 0xB2, 0x17, 0xAD, 0x8C, 0xC0, 0x9B }
+};
+
+/*
+ * Checkup routine
+ */
+int mbedtls_sha512_self_test( int verbose )
+{
+    int i, j, k, buflen, ret = 0;
+    unsigned char *buf;
+    unsigned char sha512sum[64];
+    mbedtls_sha512_context ctx;
+
+    buf = mbedtls_calloc( 1024, sizeof(unsigned char) );
+    if( NULL == buf )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "Buffer allocation failed\n" );
+
+        return( 1 );
+    }
+
+    mbedtls_sha512_init( &ctx );
+
+    for( i = 0; i < 6; i++ )
+    {
+        j = i % 3;
+        k = i < 3;
+
+        if( verbose != 0 )
+            mbedtls_printf( "  SHA-%d test #%d: ", 512 - k * 128, j + 1 );
+
+        if( ( ret = mbedtls_sha512_starts_ret( &ctx, k ) ) != 0 )
+            goto fail;
+
+        if( j == 2 )
+        {
+            memset( buf, 'a', buflen = 1000 );
+
+            for( j = 0; j < 1000; j++ )
+            {
+                ret = mbedtls_sha512_update_ret( &ctx, buf, buflen );
+                if( ret != 0 )
+                    goto fail;
+            }
+        }
+        else
+        {
+            ret = mbedtls_sha512_update_ret( &ctx, sha512_test_buf[j],
+                                             sha512_test_buflen[j] );
+            if( ret != 0 )
+                goto fail;
+        }
+
+        if( ( ret = mbedtls_sha512_finish_ret( &ctx, sha512sum ) ) != 0 )
+            goto fail;
+
+        if( memcmp( sha512sum, sha512_test_sum[i], 64 - k * 16 ) != 0 )
+        {
+            ret = 1;
+            goto fail;
+        }
+
+        if( verbose != 0 )
+            mbedtls_printf( "passed\n" );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+    goto exit;
+
+fail:
+    if( verbose != 0 )
+        mbedtls_printf( "failed\n" );
+
+exit:
+    mbedtls_sha512_free( &ctx );
+    mbedtls_free( buf );
+
+    return( ret );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_SHA512_C */
diff --git a/thirdparty/mbedtls/library/ssl_cache.c b/thirdparty/mbedtls/library/ssl_cache.c
new file mode 100644
index 0000000000..47867f132d
--- /dev/null
+++ b/thirdparty/mbedtls/library/ssl_cache.c
@@ -0,0 +1,327 @@
+/*
+ *  SSL session cache implementation
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ * These session callbacks use a simple chained list
+ * to store and retrieve the session information.
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_SSL_CACHE_C)
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define mbedtls_calloc    calloc
+#define mbedtls_free      free
+#endif
+
+#include "mbedtls/ssl_cache.h"
+
+#include <string.h>
+
+void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache )
+{
+    memset( cache, 0, sizeof( mbedtls_ssl_cache_context ) );
+
+    cache->timeout = MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT;
+    cache->max_entries = MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES;
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_init( &cache->mutex );
+#endif
+}
+
+int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session )
+{
+    int ret = 1;
+#if defined(MBEDTLS_HAVE_TIME)
+    mbedtls_time_t t = mbedtls_time( NULL );
+#endif
+    mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data;
+    mbedtls_ssl_cache_entry *cur, *entry;
+
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_mutex_lock( &cache->mutex ) != 0 )
+        return( 1 );
+#endif
+
+    cur = cache->chain;
+    entry = NULL;
+
+    while( cur != NULL )
+    {
+        entry = cur;
+        cur = cur->next;
+
+#if defined(MBEDTLS_HAVE_TIME)
+        if( cache->timeout != 0 &&
+            (int) ( t - entry->timestamp ) > cache->timeout )
+            continue;
+#endif
+
+        if( session->ciphersuite != entry->session.ciphersuite ||
+            session->compression != entry->session.compression ||
+            session->id_len != entry->session.id_len )
+            continue;
+
+        if( memcmp( session->id, entry->session.id,
+                    entry->session.id_len ) != 0 )
+            continue;
+
+        memcpy( session->master, entry->session.master, 48 );
+
+        session->verify_result = entry->session.verify_result;
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+        /*
+         * Restore peer certificate (without rest of the original chain)
+         */
+        if( entry->peer_cert.p != NULL )
+        {
+            if( ( session->peer_cert = mbedtls_calloc( 1,
+                                 sizeof(mbedtls_x509_crt) ) ) == NULL )
+            {
+                ret = 1;
+                goto exit;
+            }
+
+            mbedtls_x509_crt_init( session->peer_cert );
+            if( mbedtls_x509_crt_parse( session->peer_cert, entry->peer_cert.p,
+                                entry->peer_cert.len ) != 0 )
+            {
+                mbedtls_free( session->peer_cert );
+                session->peer_cert = NULL;
+                ret = 1;
+                goto exit;
+            }
+        }
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+        ret = 0;
+        goto exit;
+    }
+
+exit:
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_mutex_unlock( &cache->mutex ) != 0 )
+        ret = 1;
+#endif
+
+    return( ret );
+}
+
+int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session )
+{
+    int ret = 1;
+#if defined(MBEDTLS_HAVE_TIME)
+    mbedtls_time_t t = mbedtls_time( NULL ), oldest = 0;
+    mbedtls_ssl_cache_entry *old = NULL;
+#endif
+    mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data;
+    mbedtls_ssl_cache_entry *cur, *prv;
+    int count = 0;
+
+#if defined(MBEDTLS_THREADING_C)
+    if( ( ret = mbedtls_mutex_lock( &cache->mutex ) ) != 0 )
+        return( ret );
+#endif
+
+    cur = cache->chain;
+    prv = NULL;
+
+    while( cur != NULL )
+    {
+        count++;
+
+#if defined(MBEDTLS_HAVE_TIME)
+        if( cache->timeout != 0 &&
+            (int) ( t - cur->timestamp ) > cache->timeout )
+        {
+            cur->timestamp = t;
+            break; /* expired, reuse this slot, update timestamp */
+        }
+#endif
+
+        if( memcmp( session->id, cur->session.id, cur->session.id_len ) == 0 )
+            break; /* client reconnected, keep timestamp for session id */
+
+#if defined(MBEDTLS_HAVE_TIME)
+        if( oldest == 0 || cur->timestamp < oldest )
+        {
+            oldest = cur->timestamp;
+            old = cur;
+        }
+#endif
+
+        prv = cur;
+        cur = cur->next;
+    }
+
+    if( cur == NULL )
+    {
+#if defined(MBEDTLS_HAVE_TIME)
+        /*
+         * Reuse oldest entry if max_entries reached
+         */
+        if( count >= cache->max_entries )
+        {
+            if( old == NULL )
+            {
+                ret = 1;
+                goto exit;
+            }
+
+            cur = old;
+        }
+#else /* MBEDTLS_HAVE_TIME */
+        /*
+         * Reuse first entry in chain if max_entries reached,
+         * but move to last place
+         */
+        if( count >= cache->max_entries )
+        {
+            if( cache->chain == NULL )
+            {
+                ret = 1;
+                goto exit;
+            }
+
+            cur = cache->chain;
+            cache->chain = cur->next;
+            cur->next = NULL;
+            prv->next = cur;
+        }
+#endif /* MBEDTLS_HAVE_TIME */
+        else
+        {
+            /*
+             * max_entries not reached, create new entry
+             */
+            cur = mbedtls_calloc( 1, sizeof(mbedtls_ssl_cache_entry) );
+            if( cur == NULL )
+            {
+                ret = 1;
+                goto exit;
+            }
+
+            if( prv == NULL )
+                cache->chain = cur;
+            else
+                prv->next = cur;
+        }
+
+#if defined(MBEDTLS_HAVE_TIME)
+        cur->timestamp = t;
+#endif
+    }
+
+    memcpy( &cur->session, session, sizeof( mbedtls_ssl_session ) );
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    /*
+     * If we're reusing an entry, free its certificate first
+     */
+    if( cur->peer_cert.p != NULL )
+    {
+        mbedtls_free( cur->peer_cert.p );
+        memset( &cur->peer_cert, 0, sizeof(mbedtls_x509_buf) );
+    }
+
+    /*
+     * Store peer certificate
+     */
+    if( session->peer_cert != NULL )
+    {
+        cur->peer_cert.p = mbedtls_calloc( 1, session->peer_cert->raw.len );
+        if( cur->peer_cert.p == NULL )
+        {
+            ret = 1;
+            goto exit;
+        }
+
+        memcpy( cur->peer_cert.p, session->peer_cert->raw.p,
+                session->peer_cert->raw.len );
+        cur->peer_cert.len = session->peer_cert->raw.len;
+
+        cur->session.peer_cert = NULL;
+    }
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+    ret = 0;
+
+exit:
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_mutex_unlock( &cache->mutex ) != 0 )
+        ret = 1;
+#endif
+
+    return( ret );
+}
+
+#if defined(MBEDTLS_HAVE_TIME)
+void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout )
+{
+    if( timeout < 0 ) timeout = 0;
+
+    cache->timeout = timeout;
+}
+#endif /* MBEDTLS_HAVE_TIME */
+
+void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max )
+{
+    if( max < 0 ) max = 0;
+
+    cache->max_entries = max;
+}
+
+void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache )
+{
+    mbedtls_ssl_cache_entry *cur, *prv;
+
+    cur = cache->chain;
+
+    while( cur != NULL )
+    {
+        prv = cur;
+        cur = cur->next;
+
+        mbedtls_ssl_session_free( &prv->session );
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+        mbedtls_free( prv->peer_cert.p );
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+        mbedtls_free( prv );
+    }
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_free( &cache->mutex );
+#endif
+    cache->chain = NULL;
+}
+
+#endif /* MBEDTLS_SSL_CACHE_C */
diff --git a/thirdparty/mbedtls/library/ssl_ciphersuites.c b/thirdparty/mbedtls/library/ssl_ciphersuites.c
new file mode 100644
index 0000000000..95e6163ccc
--- /dev/null
+++ b/thirdparty/mbedtls/library/ssl_ciphersuites.c
@@ -0,0 +1,1875 @@
+/**
+ * \file ssl_ciphersuites.c
+ *
+ * \brief SSL ciphersuites for mbed TLS
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_SSL_TLS_C)
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#endif
+
+#include "mbedtls/ssl_ciphersuites.h"
+#include "mbedtls/ssl.h"
+
+#include <string.h>
+
+/*
+ * Ordered from most preferred to least preferred in terms of security.
+ *
+ * Current rule (except rc4, weak and null which come last):
+ * 1. By key exchange:
+ *    Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
+ * 2. By key length and cipher:
+ *    AES-256 > Camellia-256 > AES-128 > Camellia-128 > 3DES
+ * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
+ * 4. By hash function used when relevant
+ * 5. By key exchange/auth again: EC > non-EC
+ */
+static const int ciphersuite_preference[] =
+{
+#if defined(MBEDTLS_SSL_CIPHERSUITES)
+    MBEDTLS_SSL_CIPHERSUITES,
+#else
+    /* All AES-256 ephemeral suites */
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+    MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+    MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
+    MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
+    MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
+    MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+    MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+    MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
+    MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8,
+
+    /* All CAMELLIA-256 ephemeral suites */
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
+    MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
+    MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
+    MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
+    MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+    MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
+
+    /* All AES-128 ephemeral suites */
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+    MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+    MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
+    MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
+    MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
+    MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+    MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+    MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
+    MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8,
+
+    /* All CAMELLIA-128 ephemeral suites */
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
+    MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
+    MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
+    MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+    MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+    MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
+
+    /* All remaining >= 128-bit ephemeral suites */
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
+    MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
+    MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
+
+    /* The PSK ephemeral suites */
+    MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
+    MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM,
+    MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
+    MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
+    MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
+    MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
+    MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
+    MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
+    MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
+    MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8,
+
+    MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
+    MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM,
+    MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
+    MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
+    MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
+    MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
+    MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
+    MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
+    MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
+    MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8,
+
+    MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
+    MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
+
+    /* The ECJPAKE suite */
+    MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8,
+
+    /* All AES-256 suites */
+    MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
+    MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
+    MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
+    MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
+    MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
+    MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
+    MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+    MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8,
+
+    /* All CAMELLIA-256 suites */
+    MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
+    MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
+    MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
+    MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
+    MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
+
+    /* All AES-128 suites */
+    MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
+    MBEDTLS_TLS_RSA_WITH_AES_128_CCM,
+    MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
+    MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
+    MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
+    MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
+    MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
+    MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8,
+
+    /* All CAMELLIA-128 suites */
+    MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
+    MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+    MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
+    MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
+    MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
+
+    /* All remaining >= 128-bit suites */
+    MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA,
+    MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
+
+    /* The RSA PSK suites */
+    MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
+    MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
+    MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
+    MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
+    MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
+
+    MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
+    MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
+    MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
+    MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
+    MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
+
+    MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
+
+    /* The PSK suites */
+    MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
+    MBEDTLS_TLS_PSK_WITH_AES_256_CCM,
+    MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
+    MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA,
+    MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
+    MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
+    MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8,
+
+    MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256,
+    MBEDTLS_TLS_PSK_WITH_AES_128_CCM,
+    MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256,
+    MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA,
+    MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
+    MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
+    MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8,
+
+    MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA,
+
+    /* RC4 suites */
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
+    MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA,
+    MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA,
+    MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA,
+    MBEDTLS_TLS_RSA_WITH_RC4_128_SHA,
+    MBEDTLS_TLS_RSA_WITH_RC4_128_MD5,
+    MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA,
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
+    MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA,
+    MBEDTLS_TLS_PSK_WITH_RC4_128_SHA,
+
+    /* Weak suites */
+    MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA,
+    MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA,
+
+    /* NULL suites */
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA,
+    MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA,
+    MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384,
+    MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256,
+    MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA,
+    MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384,
+    MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256,
+    MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA,
+
+    MBEDTLS_TLS_RSA_WITH_NULL_SHA256,
+    MBEDTLS_TLS_RSA_WITH_NULL_SHA,
+    MBEDTLS_TLS_RSA_WITH_NULL_MD5,
+    MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA,
+    MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA,
+    MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384,
+    MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256,
+    MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA,
+    MBEDTLS_TLS_PSK_WITH_NULL_SHA384,
+    MBEDTLS_TLS_PSK_WITH_NULL_SHA256,
+    MBEDTLS_TLS_PSK_WITH_NULL_SHA,
+
+#endif /* MBEDTLS_SSL_CIPHERSUITES */
+    0
+};
+
+static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
+{
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
+#if defined(MBEDTLS_AES_C)
+#if defined(MBEDTLS_SHA1_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
+      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
+      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_SHA1_C */
+#if defined(MBEDTLS_SHA256_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
+      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#if defined(MBEDTLS_GCM_C)
+    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
+      MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_GCM_C */
+#endif /* MBEDTLS_SHA256_C */
+#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
+      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#if defined(MBEDTLS_GCM_C)
+    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
+      MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_GCM_C */
+#endif /* MBEDTLS_SHA512_C */
+#if defined(MBEDTLS_CCM_C)
+    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
+      MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
+      MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_SHORT_TAG },
+    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
+      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
+      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_SHORT_TAG },
+#endif /* MBEDTLS_CCM_C */
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_CAMELLIA_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
+      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
+      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
+      MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
+      MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_GCM_C */
+#endif /* MBEDTLS_CAMELLIA_C */
+
+#if defined(MBEDTLS_DES_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
+      MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_ARC4_C)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA",
+      MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_NODTLS },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_ARC4_C */
+
+#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
+      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_WEAK },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
+#if defined(MBEDTLS_AES_C)
+#if defined(MBEDTLS_SHA1_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
+      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+    { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
+      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_SHA1_C */
+#if defined(MBEDTLS_SHA256_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
+      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#if defined(MBEDTLS_GCM_C)
+    { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
+      MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_GCM_C */
+#endif /* MBEDTLS_SHA256_C */
+#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
+      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#if defined(MBEDTLS_GCM_C)
+    { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
+      MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_GCM_C */
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_CAMELLIA_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
+      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
+      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
+      MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
+      MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_GCM_C */
+#endif /* MBEDTLS_CAMELLIA_C */
+
+#if defined(MBEDTLS_DES_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
+      MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_ARC4_C)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
+      MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_NODTLS },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_ARC4_C */
+
+#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
+      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_WEAK },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
+#if defined(MBEDTLS_AES_C)
+#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
+    { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
+      MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
+
+#if defined(MBEDTLS_SHA256_C)
+#if defined(MBEDTLS_GCM_C)
+    { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
+      MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_GCM_C */
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
+      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+
+    { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
+      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
+      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+
+    { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
+      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#if defined(MBEDTLS_CCM_C)
+    { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
+      MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+    { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8",
+      MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_SHORT_TAG },
+    { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM",
+      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+    { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8",
+      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_SHORT_TAG },
+#endif /* MBEDTLS_CCM_C */
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_CAMELLIA_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
+      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+
+    { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
+      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
+      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+
+    { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
+      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
+      MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
+      MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_GCM_C */
+#endif /* MBEDTLS_CAMELLIA_C */
+
+#if defined(MBEDTLS_DES_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
+      MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_DES_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
+#if defined(MBEDTLS_AES_C)
+#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
+    { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
+      MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
+
+#if defined(MBEDTLS_SHA256_C)
+#if defined(MBEDTLS_GCM_C)
+    { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
+      MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_GCM_C */
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
+      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+
+    { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
+      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA1_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
+      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+
+    { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
+      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_SHA1_C */
+#if defined(MBEDTLS_CCM_C)
+    { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
+      MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+    { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8",
+      MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_SHORT_TAG },
+    { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM",
+      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+    { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8",
+      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_SHORT_TAG },
+#endif /* MBEDTLS_CCM_C */
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_CAMELLIA_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
+      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+
+    { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
+      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
+      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+
+    { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
+      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
+      MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
+      MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_GCM_C */
+#endif /* MBEDTLS_CAMELLIA_C */
+
+#if defined(MBEDTLS_DES_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
+      MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_ARC4_C)
+#if defined(MBEDTLS_MD5_C)
+    { MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
+      MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_NODTLS },
+#endif
+
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA",
+      MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_NODTLS },
+#endif
+#endif /* MBEDTLS_ARC4_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
+#if defined(MBEDTLS_AES_C)
+#if defined(MBEDTLS_SHA1_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
+      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+    { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
+      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_SHA1_C */
+#if defined(MBEDTLS_SHA256_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
+      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#if defined(MBEDTLS_GCM_C)
+    { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
+      MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_GCM_C */
+#endif /* MBEDTLS_SHA256_C */
+#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
+      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#if defined(MBEDTLS_GCM_C)
+    { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
+      MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_GCM_C */
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_CAMELLIA_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
+      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
+      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
+      MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
+      MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_GCM_C */
+#endif /* MBEDTLS_CAMELLIA_C */
+
+#if defined(MBEDTLS_DES_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA",
+      MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_ARC4_C)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA",
+      MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_NODTLS },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_ARC4_C */
+
+#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
+      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_WEAK },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
+#if defined(MBEDTLS_AES_C)
+#if defined(MBEDTLS_SHA1_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
+      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+    { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
+      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_SHA1_C */
+#if defined(MBEDTLS_SHA256_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
+      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#if defined(MBEDTLS_GCM_C)
+    { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
+      MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_GCM_C */
+#endif /* MBEDTLS_SHA256_C */
+#if defined(MBEDTLS_SHA512_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
+      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#if defined(MBEDTLS_GCM_C)
+    { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
+      MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_GCM_C */
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_CAMELLIA_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
+      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
+      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
+      MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
+      MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_GCM_C */
+#endif /* MBEDTLS_CAMELLIA_C */
+
+#if defined(MBEDTLS_DES_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
+      MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_ARC4_C)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA",
+      MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_NODTLS },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_ARC4_C */
+
+#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
+      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_WEAK },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
+#if defined(MBEDTLS_AES_C)
+#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
+      MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
+      MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_GCM_C */
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
+      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
+      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C */
+
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
+      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+
+    { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
+      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#if defined(MBEDTLS_CCM_C)
+    { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
+      MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+    { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
+      MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_SHORT_TAG },
+    { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
+      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+    { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
+      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_SHORT_TAG },
+#endif /* MBEDTLS_CCM_C */
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_CAMELLIA_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
+      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
+      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
+      MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
+      MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_GCM_C */
+#endif /* MBEDTLS_CAMELLIA_C */
+
+#if defined(MBEDTLS_DES_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
+      MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_ARC4_C)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA",
+      MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_NODTLS },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_ARC4_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+#if defined(MBEDTLS_AES_C)
+#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
+      MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
+      MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_GCM_C */
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
+      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
+      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C */
+
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
+      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+
+    { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
+      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#if defined(MBEDTLS_CCM_C)
+    { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
+      MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+    { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
+      MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_SHORT_TAG },
+    { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
+      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+    { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
+      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_SHORT_TAG },
+#endif /* MBEDTLS_CCM_C */
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_CAMELLIA_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
+      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
+      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
+      MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
+      MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_GCM_C */
+#endif /* MBEDTLS_CAMELLIA_C */
+
+#if defined(MBEDTLS_DES_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
+      MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_ARC4_C)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA",
+      MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_NODTLS },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_ARC4_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
+#if defined(MBEDTLS_AES_C)
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
+      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
+      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C */
+
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
+      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+
+    { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
+      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_CAMELLIA_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
+      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
+      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_CAMELLIA_C */
+
+#if defined(MBEDTLS_DES_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
+      MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_ARC4_C)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA",
+      MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_NODTLS },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_ARC4_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
+#if defined(MBEDTLS_AES_C)
+#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
+      MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
+      MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_GCM_C */
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
+      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
+      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C */
+
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
+      MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+
+    { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
+      MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_CAMELLIA_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
+      MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
+      MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
+      MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
+      MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_GCM_C */
+#endif /* MBEDTLS_CAMELLIA_C */
+
+#if defined(MBEDTLS_DES_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
+      MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      0 },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_ARC4_C)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
+      MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_NODTLS },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_ARC4_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+#if defined(MBEDTLS_AES_C)
+#if defined(MBEDTLS_CCM_C)
+    { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8",
+      MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_SHORT_TAG },
+#endif /* MBEDTLS_CCM_C */
+#endif /* MBEDTLS_AES_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES)
+#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
+#if defined(MBEDTLS_MD5_C)
+    { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
+      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_WEAK },
+#endif
+
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
+      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_WEAK },
+#endif
+
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
+      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_WEAK },
+#endif
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
+      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_WEAK },
+#endif /* MBEDTLS_SHA1_C */
+
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
+      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_WEAK },
+#endif
+
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
+      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_WEAK },
+#endif
+#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
+      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_WEAK },
+#endif /* MBEDTLS_SHA1_C */
+
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
+      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_WEAK },
+#endif
+
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
+      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_WEAK },
+#endif
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
+      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_WEAK },
+#endif /* MBEDTLS_SHA1_C */
+
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
+      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_WEAK },
+#endif
+
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
+      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_WEAK },
+#endif
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
+      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_WEAK },
+#endif /* MBEDTLS_SHA1_C */
+
+#if defined(MBEDTLS_SHA256_C)
+    { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
+      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_WEAK },
+#endif
+
+#if defined(MBEDTLS_SHA512_C)
+    { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
+      MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_WEAK },
+#endif
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
+#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
+
+#if defined(MBEDTLS_DES_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
+      MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_WEAK },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
+#if defined(MBEDTLS_SHA1_C)
+    { MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
+      MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+      MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+      MBEDTLS_CIPHERSUITE_WEAK },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_DES_C */
+#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */
+
+    { 0, "",
+      MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE,
+      0, 0, 0, 0, 0 }
+};
+
+#if defined(MBEDTLS_SSL_CIPHERSUITES)
+const int *mbedtls_ssl_list_ciphersuites( void )
+{
+    return( ciphersuite_preference );
+}
+#else
+#define MAX_CIPHERSUITES    sizeof( ciphersuite_definitions     ) /         \
+                            sizeof( ciphersuite_definitions[0]  )
+static int supported_ciphersuites[MAX_CIPHERSUITES];
+static int supported_init = 0;
+
+const int *mbedtls_ssl_list_ciphersuites( void )
+{
+    /*
+     * On initial call filter out all ciphersuites not supported by current
+     * build based on presence in the ciphersuite_definitions.
+     */
+    if( supported_init == 0 )
+    {
+        const int *p;
+        int *q;
+
+        for( p = ciphersuite_preference, q = supported_ciphersuites;
+             *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
+             p++ )
+        {
+#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES)
+            const mbedtls_ssl_ciphersuite_t *cs_info;
+            if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL &&
+                cs_info->cipher != MBEDTLS_CIPHER_ARC4_128 )
+#else
+            if( mbedtls_ssl_ciphersuite_from_id( *p ) != NULL )
+#endif
+                *(q++) = *p;
+        }
+        *q = 0;
+
+        supported_init = 1;
+    }
+
+    return( supported_ciphersuites );
+}
+#endif /* MBEDTLS_SSL_CIPHERSUITES */
+
+const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(
+                                                const char *ciphersuite_name )
+{
+    const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
+
+    if( NULL == ciphersuite_name )
+        return( NULL );
+
+    while( cur->id != 0 )
+    {
+        if( 0 == strcmp( cur->name, ciphersuite_name ) )
+            return( cur );
+
+        cur++;
+    }
+
+    return( NULL );
+}
+
+const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite )
+{
+    const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
+
+    while( cur->id != 0 )
+    {
+        if( cur->id == ciphersuite )
+            return( cur );
+
+        cur++;
+    }
+
+    return( NULL );
+}
+
+const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id )
+{
+    const mbedtls_ssl_ciphersuite_t *cur;
+
+    cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
+
+    if( cur == NULL )
+        return( "unknown" );
+
+    return( cur->name );
+}
+
+int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name )
+{
+    const mbedtls_ssl_ciphersuite_t *cur;
+
+    cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name );
+
+    if( cur == NULL )
+        return( 0 );
+
+    return( cur->id );
+}
+
+#if defined(MBEDTLS_PK_C)
+mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info )
+{
+    switch( info->key_exchange )
+    {
+        case MBEDTLS_KEY_EXCHANGE_RSA:
+        case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
+        case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
+        case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
+            return( MBEDTLS_PK_RSA );
+
+        case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
+            return( MBEDTLS_PK_ECDSA );
+
+        case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
+        case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
+            return( MBEDTLS_PK_ECKEY );
+
+        default:
+            return( MBEDTLS_PK_NONE );
+    }
+}
+
+mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info )
+{
+    switch( info->key_exchange )
+    {
+        case MBEDTLS_KEY_EXCHANGE_RSA:
+        case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
+        case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
+            return( MBEDTLS_PK_RSA );
+
+        case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
+            return( MBEDTLS_PK_ECDSA );
+
+        default:
+            return( MBEDTLS_PK_NONE );
+    }
+}
+
+#endif /* MBEDTLS_PK_C */
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
+int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info )
+{
+    switch( info->key_exchange )
+    {
+        case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
+        case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
+        case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
+        case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
+        case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
+            return( 1 );
+
+        default:
+            return( 0 );
+    }
+}
+#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */
+
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info )
+{
+    switch( info->key_exchange )
+    {
+        case MBEDTLS_KEY_EXCHANGE_PSK:
+        case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
+        case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
+        case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
+            return( 1 );
+
+        default:
+            return( 0 );
+    }
+}
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
+
+#endif /* MBEDTLS_SSL_TLS_C */
diff --git a/thirdparty/mbedtls/library/ssl_cli.c b/thirdparty/mbedtls/library/ssl_cli.c
new file mode 100644
index 0000000000..2534346a49
--- /dev/null
+++ b/thirdparty/mbedtls/library/ssl_cli.c
@@ -0,0 +1,3447 @@
+/*
+ *  SSLv3/TLSv1 client-side functions
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_SSL_CLI_C)
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define mbedtls_calloc    calloc
+#define mbedtls_free      free
+#endif
+
+#include "mbedtls/debug.h"
+#include "mbedtls/ssl.h"
+#include "mbedtls/ssl_internal.h"
+
+#include <string.h>
+
+#include <stdint.h>
+
+#if defined(MBEDTLS_HAVE_TIME)
+#include "mbedtls/platform_time.h"
+#endif
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+#endif
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+static void ssl_write_hostname_ext( mbedtls_ssl_context *ssl,
+                                    unsigned char *buf,
+                                    size_t *olen )
+{
+    unsigned char *p = buf;
+    const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+    size_t hostname_len;
+
+    *olen = 0;
+
+    if( ssl->hostname == NULL )
+        return;
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding server name extension: %s",
+                   ssl->hostname ) );
+
+    hostname_len = strlen( ssl->hostname );
+
+    if( end < p || (size_t)( end - p ) < hostname_len + 9 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
+        return;
+    }
+
+    /*
+     * Sect. 3, RFC 6066 (TLS Extensions Definitions)
+     *
+     * In order to provide any of the server names, clients MAY include an
+     * extension of type "server_name" in the (extended) client hello. The
+     * "extension_data" field of this extension SHALL contain
+     * "ServerNameList" where:
+     *
+     * struct {
+     *     NameType name_type;
+     *     select (name_type) {
+     *         case host_name: HostName;
+     *     } name;
+     * } ServerName;
+     *
+     * enum {
+     *     host_name(0), (255)
+     * } NameType;
+     *
+     * opaque HostName<1..2^16-1>;
+     *
+     * struct {
+     *     ServerName server_name_list<1..2^16-1>
+     * } ServerNameList;
+     *
+     */
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME      ) & 0xFF );
+
+    *p++ = (unsigned char)( ( (hostname_len + 5) >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( (hostname_len + 5)      ) & 0xFF );
+
+    *p++ = (unsigned char)( ( (hostname_len + 3) >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( (hostname_len + 3)      ) & 0xFF );
+
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) & 0xFF );
+    *p++ = (unsigned char)( ( hostname_len >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( hostname_len      ) & 0xFF );
+
+    memcpy( p, ssl->hostname, hostname_len );
+
+    *olen = hostname_len + 9;
+}
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl,
+                                         unsigned char *buf,
+                                         size_t *olen )
+{
+    unsigned char *p = buf;
+    const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+
+    *olen = 0;
+
+    /* We're always including an TLS_EMPTY_RENEGOTIATION_INFO_SCSV in the
+     * initial ClientHello, in which case also adding the renegotiation
+     * info extension is NOT RECOMMENDED as per RFC 5746 Section 3.4. */
+    if( ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
+        return;
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding renegotiation extension" ) );
+
+    if( end < p || (size_t)( end - p ) < 5 + ssl->verify_data_len )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
+        return;
+    }
+
+    /*
+     * Secure renegotiation
+     */
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO      ) & 0xFF );
+
+    *p++ = 0x00;
+    *p++ = ( ssl->verify_data_len + 1 ) & 0xFF;
+    *p++ = ssl->verify_data_len & 0xFF;
+
+    memcpy( p, ssl->own_verify_data, ssl->verify_data_len );
+
+    *olen = 5 + ssl->verify_data_len;
+}
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+/*
+ * Only if we handle at least one key exchange that needs signatures.
+ */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
+static void ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl,
+                                                unsigned char *buf,
+                                                size_t *olen )
+{
+    unsigned char *p = buf;
+    const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+    size_t sig_alg_len = 0;
+    const int *md;
+#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECDSA_C)
+    unsigned char *sig_alg_list = buf + 6;
+#endif
+
+    *olen = 0;
+
+    if( ssl->conf->max_minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 )
+        return;
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding signature_algorithms extension" ) );
+
+    for( md = ssl->conf->sig_hashes; *md != MBEDTLS_MD_NONE; md++ )
+    {
+#if defined(MBEDTLS_ECDSA_C)
+        sig_alg_len += 2;
+#endif
+#if defined(MBEDTLS_RSA_C)
+        sig_alg_len += 2;
+#endif
+    }
+
+    if( end < p || (size_t)( end - p ) < sig_alg_len + 6 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
+        return;
+    }
+
+    /*
+     * Prepare signature_algorithms extension (TLS 1.2)
+     */
+    sig_alg_len = 0;
+
+    for( md = ssl->conf->sig_hashes; *md != MBEDTLS_MD_NONE; md++ )
+    {
+#if defined(MBEDTLS_ECDSA_C)
+        sig_alg_list[sig_alg_len++] = mbedtls_ssl_hash_from_md_alg( *md );
+        sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_ECDSA;
+#endif
+#if defined(MBEDTLS_RSA_C)
+        sig_alg_list[sig_alg_len++] = mbedtls_ssl_hash_from_md_alg( *md );
+        sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_RSA;
+#endif
+    }
+
+    /*
+     * enum {
+     *     none(0), md5(1), sha1(2), sha224(3), sha256(4), sha384(5),
+     *     sha512(6), (255)
+     * } HashAlgorithm;
+     *
+     * enum { anonymous(0), rsa(1), dsa(2), ecdsa(3), (255) }
+     *   SignatureAlgorithm;
+     *
+     * struct {
+     *     HashAlgorithm hash;
+     *     SignatureAlgorithm signature;
+     * } SignatureAndHashAlgorithm;
+     *
+     * SignatureAndHashAlgorithm
+     *   supported_signature_algorithms<2..2^16-2>;
+     */
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SIG_ALG      ) & 0xFF );
+
+    *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( ( sig_alg_len + 2 )      ) & 0xFF );
+
+    *p++ = (unsigned char)( ( sig_alg_len >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( sig_alg_len      ) & 0xFF );
+
+    *olen = 6 + sig_alg_len;
+}
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
+          MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+static void ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl,
+                                                     unsigned char *buf,
+                                                     size_t *olen )
+{
+    unsigned char *p = buf;
+    const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+    unsigned char *elliptic_curve_list = p + 6;
+    size_t elliptic_curve_len = 0;
+    const mbedtls_ecp_curve_info *info;
+#if defined(MBEDTLS_ECP_C)
+    const mbedtls_ecp_group_id *grp_id;
+#else
+    ((void) ssl);
+#endif
+
+    *olen = 0;
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported_elliptic_curves extension" ) );
+
+#if defined(MBEDTLS_ECP_C)
+    for( grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ )
+#else
+    for( info = mbedtls_ecp_curve_list(); info->grp_id != MBEDTLS_ECP_DP_NONE; info++ )
+#endif
+    {
+#if defined(MBEDTLS_ECP_C)
+        info = mbedtls_ecp_curve_info_from_grp_id( *grp_id );
+#endif
+        if( info == NULL )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid curve in ssl configuration" ) );
+            return;
+        }
+
+        elliptic_curve_len += 2;
+    }
+
+    if( end < p || (size_t)( end - p ) < 6 + elliptic_curve_len )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
+        return;
+    }
+
+    elliptic_curve_len = 0;
+
+#if defined(MBEDTLS_ECP_C)
+    for( grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ )
+#else
+    for( info = mbedtls_ecp_curve_list(); info->grp_id != MBEDTLS_ECP_DP_NONE; info++ )
+#endif
+    {
+#if defined(MBEDTLS_ECP_C)
+        info = mbedtls_ecp_curve_info_from_grp_id( *grp_id );
+#endif
+        elliptic_curve_list[elliptic_curve_len++] = info->tls_id >> 8;
+        elliptic_curve_list[elliptic_curve_len++] = info->tls_id & 0xFF;
+    }
+
+    if( elliptic_curve_len == 0 )
+        return;
+
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES      ) & 0xFF );
+
+    *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 ) >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( ( elliptic_curve_len + 2 )      ) & 0xFF );
+
+    *p++ = (unsigned char)( ( ( elliptic_curve_len     ) >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( ( elliptic_curve_len     )      ) & 0xFF );
+
+    *olen = 6 + elliptic_curve_len;
+}
+
+static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl,
+                                                   unsigned char *buf,
+                                                   size_t *olen )
+{
+    unsigned char *p = buf;
+    const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+
+    *olen = 0;
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported_point_formats extension" ) );
+
+    if( end < p || (size_t)( end - p ) < 6 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
+        return;
+    }
+
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS      ) & 0xFF );
+
+    *p++ = 0x00;
+    *p++ = 2;
+
+    *p++ = 1;
+    *p++ = MBEDTLS_ECP_PF_UNCOMPRESSED;
+
+    *olen = 6;
+}
+#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || 
+          MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl,
+                                        unsigned char *buf,
+                                        size_t *olen )
+{
+    int ret;
+    unsigned char *p = buf;
+    const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+    size_t kkpp_len;
+
+    *olen = 0;
+
+    /* Skip costly extension if we can't use EC J-PAKE anyway */
+    if( mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 )
+        return;
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding ecjpake_kkpp extension" ) );
+
+    if( end - p < 4 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
+        return;
+    }
+
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP      ) & 0xFF );
+
+    /*
+     * We may need to send ClientHello multiple times for Hello verification.
+     * We don't want to compute fresh values every time (both for performance
+     * and consistency reasons), so cache the extension content.
+     */
+    if( ssl->handshake->ecjpake_cache == NULL ||
+        ssl->handshake->ecjpake_cache_len == 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "generating new ecjpake parameters" ) );
+
+        ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx,
+                                        p + 2, end - p - 2, &kkpp_len,
+                                        ssl->conf->f_rng, ssl->conf->p_rng );
+        if( ret != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1 , "mbedtls_ecjpake_write_round_one", ret );
+            return;
+        }
+
+        ssl->handshake->ecjpake_cache = mbedtls_calloc( 1, kkpp_len );
+        if( ssl->handshake->ecjpake_cache == NULL )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "allocation failed" ) );
+            return;
+        }
+
+        memcpy( ssl->handshake->ecjpake_cache, p + 2, kkpp_len );
+        ssl->handshake->ecjpake_cache_len = kkpp_len;
+    }
+    else
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "re-using cached ecjpake parameters" ) );
+
+        kkpp_len = ssl->handshake->ecjpake_cache_len;
+
+        if( (size_t)( end - p - 2 ) < kkpp_len )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
+            return;
+        }
+
+        memcpy( p + 2, ssl->handshake->ecjpake_cache, kkpp_len );
+    }
+
+    *p++ = (unsigned char)( ( kkpp_len >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( kkpp_len      ) & 0xFF );
+
+    *olen = kkpp_len + 4;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl,
+                                               unsigned char *buf,
+                                               size_t *olen )
+{
+    unsigned char *p = buf;
+    const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+
+    *olen = 0;
+
+    if( ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE ) {
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding max_fragment_length extension" ) );
+
+    if( end < p || (size_t)( end - p ) < 5 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
+        return;
+    }
+
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH      ) & 0xFF );
+
+    *p++ = 0x00;
+    *p++ = 1;
+
+    *p++ = ssl->conf->mfl_code;
+
+    *olen = 5;
+}
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+static void ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl,
+                                          unsigned char *buf, size_t *olen )
+{
+    unsigned char *p = buf;
+    const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+
+    *olen = 0;
+
+    if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED )
+    {
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding truncated_hmac extension" ) );
+
+    if( end < p || (size_t)( end - p ) < 4 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
+        return;
+    }
+
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC      ) & 0xFF );
+
+    *p++ = 0x00;
+    *p++ = 0x00;
+
+    *olen = 4;
+}
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
+                                       unsigned char *buf, size_t *olen )
+{
+    unsigned char *p = buf;
+    const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+
+    *olen = 0;
+
+    if( ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED ||
+        ssl->conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
+    {
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding encrypt_then_mac "
+                        "extension" ) );
+
+    if( end < p || (size_t)( end - p ) < 4 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
+        return;
+    }
+
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC      ) & 0xFF );
+
+    *p++ = 0x00;
+    *p++ = 0x00;
+
+    *olen = 4;
+}
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl,
+                                       unsigned char *buf, size_t *olen )
+{
+    unsigned char *p = buf;
+    const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+
+    *olen = 0;
+
+    if( ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED ||
+        ssl->conf->max_minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
+    {
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding extended_master_secret "
+                        "extension" ) );
+
+    if( end < p || (size_t)( end - p ) < 4 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
+        return;
+    }
+
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET      ) & 0xFF );
+
+    *p++ = 0x00;
+    *p++ = 0x00;
+
+    *olen = 4;
+}
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl,
+                                          unsigned char *buf, size_t *olen )
+{
+    unsigned char *p = buf;
+    const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+    size_t tlen = ssl->session_negotiate->ticket_len;
+
+    *olen = 0;
+
+    if( ssl->conf->session_tickets == MBEDTLS_SSL_SESSION_TICKETS_DISABLED )
+    {
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding session ticket extension" ) );
+
+    if( end < p || (size_t)( end - p ) < 4 + tlen )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
+        return;
+    }
+
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET      ) & 0xFF );
+
+    *p++ = (unsigned char)( ( tlen >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( tlen      ) & 0xFF );
+
+    *olen = 4;
+
+    if( ssl->session_negotiate->ticket == NULL || tlen == 0 )
+    {
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "sending session ticket of length %d", tlen ) );
+
+    memcpy( p, ssl->session_negotiate->ticket, tlen );
+
+    *olen += tlen;
+}
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_SSL_ALPN)
+static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl,
+                                unsigned char *buf, size_t *olen )
+{
+    unsigned char *p = buf;
+    const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+    size_t alpnlen = 0;
+    const char **cur;
+
+    *olen = 0;
+
+    if( ssl->conf->alpn_list == NULL )
+    {
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding alpn extension" ) );
+
+    for( cur = ssl->conf->alpn_list; *cur != NULL; cur++ )
+        alpnlen += (unsigned char)( strlen( *cur ) & 0xFF ) + 1;
+
+    if( end < p || (size_t)( end - p ) < 6 + alpnlen )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
+        return;
+    }
+
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN      ) & 0xFF );
+
+    /*
+     * opaque ProtocolName<1..2^8-1>;
+     *
+     * struct {
+     *     ProtocolName protocol_name_list<2..2^16-1>
+     * } ProtocolNameList;
+     */
+
+    /* Skip writing extension and list length for now */
+    p += 4;
+
+    for( cur = ssl->conf->alpn_list; *cur != NULL; cur++ )
+    {
+        *p = (unsigned char)( strlen( *cur ) & 0xFF );
+        memcpy( p + 1, *cur, *p );
+        p += 1 + *p;
+    }
+
+    *olen = p - buf;
+
+    /* List length = olen - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */
+    buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF );
+    buf[5] = (unsigned char)( ( ( *olen - 6 )      ) & 0xFF );
+
+    /* Extension length = olen - 2 (ext_type) - 2 (ext_len) */
+    buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF );
+    buf[3] = (unsigned char)( ( ( *olen - 4 )      ) & 0xFF );
+}
+#endif /* MBEDTLS_SSL_ALPN */
+
+/*
+ * Generate random bytes for ClientHello
+ */
+static int ssl_generate_random( mbedtls_ssl_context *ssl )
+{
+    int ret;
+    unsigned char *p = ssl->handshake->randbytes;
+#if defined(MBEDTLS_HAVE_TIME)
+    mbedtls_time_t t;
+#endif
+
+    /*
+     * When responding to a verify request, MUST reuse random (RFC 6347 4.2.1)
+     */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        ssl->handshake->verify_cookie != NULL )
+    {
+        return( 0 );
+    }
+#endif
+
+#if defined(MBEDTLS_HAVE_TIME)
+    t = mbedtls_time( NULL );
+    *p++ = (unsigned char)( t >> 24 );
+    *p++ = (unsigned char)( t >> 16 );
+    *p++ = (unsigned char)( t >>  8 );
+    *p++ = (unsigned char)( t       );
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, current time: %lu", t ) );
+#else
+    if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 4 ) ) != 0 )
+        return( ret );
+
+    p += 4;
+#endif /* MBEDTLS_HAVE_TIME */
+
+    if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 28 ) ) != 0 )
+        return( ret );
+
+    return( 0 );
+}
+
+static int ssl_write_client_hello( mbedtls_ssl_context *ssl )
+{
+    int ret;
+    size_t i, n, olen, ext_len = 0;
+    unsigned char *buf;
+    unsigned char *p, *q;
+    unsigned char offer_compress;
+    const int *ciphersuites;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client hello" ) );
+
+    if( ssl->conf->f_rng == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided") );
+        return( MBEDTLS_ERR_SSL_NO_RNG );
+    }
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE )
+#endif
+    {
+        ssl->major_ver = ssl->conf->min_major_ver;
+        ssl->minor_ver = ssl->conf->min_minor_ver;
+    }
+
+    if( ssl->conf->max_major_ver == 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "configured max major version is invalid, "
+                            "consider using mbedtls_ssl_config_defaults()" ) );
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    }
+
+    /*
+     *     0  .   0   handshake type
+     *     1  .   3   handshake length
+     *     4  .   5   highest version supported
+     *     6  .   9   current UNIX time
+     *    10  .  37   random bytes
+     */
+    buf = ssl->out_msg;
+    p = buf + 4;
+
+    mbedtls_ssl_write_version( ssl->conf->max_major_ver, ssl->conf->max_minor_ver,
+                       ssl->conf->transport, p );
+    p += 2;
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, max version: [%d:%d]",
+                   buf[4], buf[5] ) );
+
+    if( ( ret = ssl_generate_random( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_generate_random", ret );
+        return( ret );
+    }
+
+    memcpy( p, ssl->handshake->randbytes, 32 );
+    MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", p, 32 );
+    p += 32;
+
+    /*
+     *    38  .  38   session id length
+     *    39  . 39+n  session id
+     *   39+n . 39+n  DTLS only: cookie length (1 byte)
+     *   40+n .  ..   DTSL only: cookie
+     *   ..   . ..    ciphersuitelist length (2 bytes)
+     *   ..   . ..    ciphersuitelist
+     *   ..   . ..    compression methods length (1 byte)
+     *   ..   . ..    compression methods
+     *   ..   . ..    extensions length (2 bytes)
+     *   ..   . ..    extensions
+     */
+    n = ssl->session_negotiate->id_len;
+
+    if( n < 16 || n > 32 ||
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+        ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ||
+#endif
+        ssl->handshake->resume == 0 )
+    {
+        n = 0;
+    }
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    /*
+     * RFC 5077 section 3.4: "When presenting a ticket, the client MAY
+     * generate and include a Session ID in the TLS ClientHello."
+     */
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE )
+#endif
+    {
+        if( ssl->session_negotiate->ticket != NULL &&
+                ssl->session_negotiate->ticket_len != 0 )
+        {
+            ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->session_negotiate->id, 32 );
+
+            if( ret != 0 )
+                return( ret );
+
+            ssl->session_negotiate->id_len = n = 32;
+        }
+    }
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+    *p++ = (unsigned char) n;
+
+    for( i = 0; i < n; i++ )
+        *p++ = ssl->session_negotiate->id[i];
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, session id len.: %d", n ) );
+    MBEDTLS_SSL_DEBUG_BUF( 3,   "client hello, session id", buf + 39, n );
+
+    /*
+     * DTLS cookie
+     */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+    {
+        if( ssl->handshake->verify_cookie == NULL )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "no verify cookie to send" ) );
+            *p++ = 0;
+        }
+        else
+        {
+            MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, cookie",
+                              ssl->handshake->verify_cookie,
+                              ssl->handshake->verify_cookie_len );
+
+            *p++ = ssl->handshake->verify_cookie_len;
+            memcpy( p, ssl->handshake->verify_cookie,
+                       ssl->handshake->verify_cookie_len );
+            p += ssl->handshake->verify_cookie_len;
+        }
+    }
+#endif
+
+    /*
+     * Ciphersuite list
+     */
+    ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver];
+
+    /* Skip writing ciphersuite length for now */
+    n = 0;
+    q = p;
+    p += 2;
+
+    for( i = 0; ciphersuites[i] != 0; i++ )
+    {
+        ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuites[i] );
+
+        if( ciphersuite_info == NULL )
+            continue;
+
+        if( ciphersuite_info->min_minor_ver > ssl->conf->max_minor_ver ||
+            ciphersuite_info->max_minor_ver < ssl->conf->min_minor_ver )
+            continue;
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+        if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+            ( ciphersuite_info->flags & MBEDTLS_CIPHERSUITE_NODTLS ) )
+            continue;
+#endif
+
+#if defined(MBEDTLS_ARC4_C)
+        if( ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED &&
+            ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 )
+            continue;
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+        if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE &&
+            mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 )
+            continue;
+#endif
+
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %04x",
+                                    ciphersuites[i] ) );
+
+        n++;
+        *p++ = (unsigned char)( ciphersuites[i] >> 8 );
+        *p++ = (unsigned char)( ciphersuites[i]      );
+    }
+
+    /*
+     * Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV
+     */
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE )
+#endif
+    {
+        *p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO >> 8 );
+        *p++ = (unsigned char)( MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO      );
+        n++;
+    }
+
+    /* Some versions of OpenSSL don't handle it correctly if not at end */
+#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
+    if( ssl->conf->fallback == MBEDTLS_SSL_IS_FALLBACK )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding FALLBACK_SCSV" ) );
+        *p++ = (unsigned char)( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 );
+        *p++ = (unsigned char)( MBEDTLS_SSL_FALLBACK_SCSV_VALUE      );
+        n++;
+    }
+#endif
+
+    *q++ = (unsigned char)( n >> 7 );
+    *q++ = (unsigned char)( n << 1 );
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, got %d ciphersuites", n ) );
+
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    offer_compress = 1;
+#else
+    offer_compress = 0;
+#endif
+
+    /*
+     * We don't support compression with DTLS right now: is many records come
+     * in the same datagram, uncompressing one could overwrite the next one.
+     * We don't want to add complexity for handling that case unless there is
+     * an actual need for it.
+     */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+        offer_compress = 0;
+#endif
+
+    if( offer_compress )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress len.: %d", 2 ) );
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress alg.: %d %d",
+                            MBEDTLS_SSL_COMPRESS_DEFLATE, MBEDTLS_SSL_COMPRESS_NULL ) );
+
+        *p++ = 2;
+        *p++ = MBEDTLS_SSL_COMPRESS_DEFLATE;
+        *p++ = MBEDTLS_SSL_COMPRESS_NULL;
+    }
+    else
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress len.: %d", 1 ) );
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, compress alg.: %d",
+                            MBEDTLS_SSL_COMPRESS_NULL ) );
+
+        *p++ = 1;
+        *p++ = MBEDTLS_SSL_COMPRESS_NULL;
+    }
+
+    // First write extensions, then the total length
+    //
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    ssl_write_hostname_ext( ssl, p + 2 + ext_len, &olen );
+    ext_len += olen;
+#endif
+
+    /* Note that TLS_EMPTY_RENEGOTIATION_INFO_SCSV is always added
+     * even if MBEDTLS_SSL_RENEGOTIATION is not defined. */
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    ssl_write_renegotiation_ext( ssl, p + 2 + ext_len, &olen );
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
+    ssl_write_signature_algorithms_ext( ssl, p + 2 + ext_len, &olen );
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    ssl_write_supported_elliptic_curves_ext( ssl, p + 2 + ext_len, &olen );
+    ext_len += olen;
+
+    ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, &olen );
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    ssl_write_ecjpake_kkpp_ext( ssl, p + 2 + ext_len, &olen );
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    ssl_write_max_fragment_length_ext( ssl, p + 2 + ext_len, &olen );
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+    ssl_write_truncated_hmac_ext( ssl, p + 2 + ext_len, &olen );
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    ssl_write_encrypt_then_mac_ext( ssl, p + 2 + ext_len, &olen );
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+    ssl_write_extended_ms_ext( ssl, p + 2 + ext_len, &olen );
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_ALPN)
+    ssl_write_alpn_ext( ssl, p + 2 + ext_len, &olen );
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    ssl_write_session_ticket_ext( ssl, p + 2 + ext_len, &olen );
+    ext_len += olen;
+#endif
+
+    /* olen unused if all extensions are disabled */
+    ((void) olen);
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %d",
+                   ext_len ) );
+
+    if( ext_len > 0 )
+    {
+        *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
+        *p++ = (unsigned char)( ( ext_len      ) & 0xFF );
+        p += ext_len;
+    }
+
+    ssl->out_msglen  = p - buf;
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_CLIENT_HELLO;
+
+    ssl->state++;
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+        mbedtls_ssl_send_flight_completed( ssl );
+#endif
+
+    if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+        return( ret );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client hello" ) );
+
+    return( 0 );
+}
+
+static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl,
+                                         const unsigned char *buf,
+                                         size_t len )
+{
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
+    {
+        /* Check verify-data in constant-time. The length OTOH is no secret */
+        if( len    != 1 + ssl->verify_data_len * 2 ||
+            buf[0] !=     ssl->verify_data_len * 2 ||
+            mbedtls_ssl_safer_memcmp( buf + 1,
+                          ssl->own_verify_data, ssl->verify_data_len ) != 0 ||
+            mbedtls_ssl_safer_memcmp( buf + 1 + ssl->verify_data_len,
+                          ssl->peer_verify_data, ssl->verify_data_len ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching renegotiation info" ) );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+        }
+    }
+    else
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+    {
+        if( len != 1 || buf[0] != 0x00 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-zero length renegotiation info" ) );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+        }
+
+        ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION;
+    }
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl,
+                                              const unsigned char *buf,
+                                              size_t len )
+{
+    /*
+     * server should use the extension only if we did,
+     * and if so the server's value should match ours (and len is always 1)
+     */
+    if( ssl->conf->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE ||
+        len != 1 ||
+        buf[0] != ssl->conf->mfl_code )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching max fragment length extension" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl,
+                                         const unsigned char *buf,
+                                         size_t len )
+{
+    if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED ||
+        len != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching truncated HMAC extension" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+    }
+
+    ((void) buf);
+
+    ssl->session_negotiate->trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED;
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
+                                         const unsigned char *buf,
+                                         size_t len )
+{
+    if( ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED ||
+        ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ||
+        len != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching encrypt-then-MAC extension" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+    }
+
+    ((void) buf);
+
+    ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED;
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl,
+                                         const unsigned char *buf,
+                                         size_t len )
+{
+    if( ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED ||
+        ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ||
+        len != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching extended master secret extension" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+    }
+
+    ((void) buf);
+
+    ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED;
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl,
+                                         const unsigned char *buf,
+                                         size_t len )
+{
+    if( ssl->conf->session_tickets == MBEDTLS_SSL_SESSION_TICKETS_DISABLED ||
+        len != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching session ticket extension" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+    }
+
+    ((void) buf);
+
+    ssl->handshake->new_session_ticket = 1;
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+static int ssl_parse_supported_point_formats_ext( mbedtls_ssl_context *ssl,
+                                                  const unsigned char *buf,
+                                                  size_t len )
+{
+    size_t list_size;
+    const unsigned char *p;
+
+    list_size = buf[0];
+    if( list_size + 1 != len )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+    }
+
+    p = buf + 1;
+    while( list_size > 0 )
+    {
+        if( p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED ||
+            p[0] == MBEDTLS_ECP_PF_COMPRESSED )
+        {
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
+            ssl->handshake->ecdh_ctx.point_format = p[0];
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+            ssl->handshake->ecjpake_ctx.point_format = p[0];
+#endif
+            MBEDTLS_SSL_DEBUG_MSG( 4, ( "point format selected: %d", p[0] ) );
+            return( 0 );
+        }
+
+        list_size--;
+        p++;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 1, ( "no point format in common" ) );
+    mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                    MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+    return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+}
+#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || 
+          MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl,
+                                   const unsigned char *buf,
+                                   size_t len )
+{
+    int ret;
+
+    if( ssl->transform_negotiate->ciphersuite_info->key_exchange !=
+        MBEDTLS_KEY_EXCHANGE_ECJPAKE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip ecjpake kkpp extension" ) );
+        return( 0 );
+    }
+
+    /* If we got here, we no longer need our cached extension */
+    mbedtls_free( ssl->handshake->ecjpake_cache );
+    ssl->handshake->ecjpake_cache = NULL;
+    ssl->handshake->ecjpake_cache_len = 0;
+
+    if( ( ret = mbedtls_ecjpake_read_round_one( &ssl->handshake->ecjpake_ctx,
+                                                buf, len ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_one", ret );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+        return( ret );
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_SSL_ALPN)
+static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl,
+                               const unsigned char *buf, size_t len )
+{
+    size_t list_len, name_len;
+    const char **p;
+
+    /* If we didn't send it, the server shouldn't send it */
+    if( ssl->conf->alpn_list == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching ALPN extension" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+    }
+
+    /*
+     * opaque ProtocolName<1..2^8-1>;
+     *
+     * struct {
+     *     ProtocolName protocol_name_list<2..2^16-1>
+     * } ProtocolNameList;
+     *
+     * the "ProtocolNameList" MUST contain exactly one "ProtocolName"
+     */
+
+    /* Min length is 2 (list_len) + 1 (name_len) + 1 (name) */
+    if( len < 4 )
+    {
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+    }
+
+    list_len = ( buf[0] << 8 ) | buf[1];
+    if( list_len != len - 2 )
+    {
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+    }
+
+    name_len = buf[2];
+    if( name_len != list_len - 1 )
+    {
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+    }
+
+    /* Check that the server chosen protocol was in our list and save it */
+    for( p = ssl->conf->alpn_list; *p != NULL; p++ )
+    {
+        if( name_len == strlen( *p ) &&
+            memcmp( buf + 3, *p, name_len ) == 0 )
+        {
+            ssl->alpn_chosen = *p;
+            return( 0 );
+        }
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 1, ( "ALPN extension: no matching protocol" ) );
+    mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                    MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+    return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+}
+#endif /* MBEDTLS_SSL_ALPN */
+
+/*
+ * Parse HelloVerifyRequest.  Only called after verifying the HS type.
+ */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl )
+{
+    const unsigned char *p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl );
+    int major_ver, minor_ver;
+    unsigned char cookie_len;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse hello verify request" ) );
+
+    /*
+     * struct {
+     *   ProtocolVersion server_version;
+     *   opaque cookie<0..2^8-1>;
+     * } HelloVerifyRequest;
+     */
+    MBEDTLS_SSL_DEBUG_BUF( 3, "server version", p, 2 );
+    mbedtls_ssl_read_version( &major_ver, &minor_ver, ssl->conf->transport, p );
+    p += 2;
+
+    /*
+     * Since the RFC is not clear on this point, accept DTLS 1.0 (TLS 1.1)
+     * even is lower than our min version.
+     */
+    if( major_ver < MBEDTLS_SSL_MAJOR_VERSION_3 ||
+        minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 ||
+        major_ver > ssl->conf->max_major_ver  ||
+        minor_ver > ssl->conf->max_minor_ver  )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server version" ) );
+
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                     MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION );
+
+        return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION );
+    }
+
+    cookie_len = *p++;
+    MBEDTLS_SSL_DEBUG_BUF( 3, "cookie", p, cookie_len );
+
+    if( ( ssl->in_msg + ssl->in_msglen ) - p < cookie_len )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1,
+            ( "cookie length does not match incoming message size" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                    MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+    }
+
+    mbedtls_free( ssl->handshake->verify_cookie );
+
+    ssl->handshake->verify_cookie = mbedtls_calloc( 1, cookie_len );
+    if( ssl->handshake->verify_cookie  == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc failed (%d bytes)", cookie_len ) );
+        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+    }
+
+    memcpy( ssl->handshake->verify_cookie, p, cookie_len );
+    ssl->handshake->verify_cookie_len = cookie_len;
+
+    /* Start over at ClientHello */
+    ssl->state = MBEDTLS_SSL_CLIENT_HELLO;
+    mbedtls_ssl_reset_checksum( ssl );
+
+    mbedtls_ssl_recv_flight_completed( ssl );
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse hello verify request" ) );
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
+{
+    int ret, i;
+    size_t n;
+    size_t ext_len;
+    unsigned char *buf, *ext;
+    unsigned char comp;
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    int accept_comp;
+#endif
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    int renegotiation_info_seen = 0;
+#endif
+    int handshake_failure = 0;
+    const mbedtls_ssl_ciphersuite_t *suite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server hello" ) );
+
+    buf = ssl->in_msg;
+
+    if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
+    {
+        /* No alert on a read error. */
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
+        return( ret );
+    }
+
+    if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE )
+    {
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+        if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
+        {
+            ssl->renego_records_seen++;
+
+            if( ssl->conf->renego_max_records >= 0 &&
+                ssl->renego_records_seen > ssl->conf->renego_max_records )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation requested, "
+                                    "but not honored by server" ) );
+                return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
+            }
+
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-handshake message during renego" ) );
+
+            ssl->keep_current_message = 1;
+            return( MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO );
+        }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
+        return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+    {
+        if( buf[0] == MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 2, ( "received hello verify request" ) );
+            MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello" ) );
+            return( ssl_parse_hello_verify_request( ssl ) );
+        }
+        else
+        {
+            /* We made it through the verification process */
+            mbedtls_free( ssl->handshake->verify_cookie );
+            ssl->handshake->verify_cookie = NULL;
+            ssl->handshake->verify_cookie_len = 0;
+        }
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    if( ssl->in_hslen < 38 + mbedtls_ssl_hs_hdr_len( ssl ) ||
+        buf[0] != MBEDTLS_SSL_HS_SERVER_HELLO )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+    }
+
+    /*
+     *  0   .  1    server_version
+     *  2   . 33    random (maybe including 4 bytes of Unix time)
+     * 34   . 34    session_id length = n
+     * 35   . 34+n  session_id
+     * 35+n . 36+n  cipher_suite
+     * 37+n . 37+n  compression_method
+     *
+     * 38+n . 39+n  extensions length (optional)
+     * 40+n .  ..   extensions
+     */
+    buf += mbedtls_ssl_hs_hdr_len( ssl );
+
+    MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, version", buf + 0, 2 );
+    mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver,
+                      ssl->conf->transport, buf + 0 );
+
+    if( ssl->major_ver < ssl->conf->min_major_ver ||
+        ssl->minor_ver < ssl->conf->min_minor_ver ||
+        ssl->major_ver > ssl->conf->max_major_ver ||
+        ssl->minor_ver > ssl->conf->max_minor_ver )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "server version out of bounds - "
+                            " min: [%d:%d], server: [%d:%d], max: [%d:%d]",
+                            ssl->conf->min_major_ver, ssl->conf->min_minor_ver,
+                            ssl->major_ver, ssl->minor_ver,
+                            ssl->conf->max_major_ver, ssl->conf->max_minor_ver ) );
+
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                     MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION );
+
+        return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu",
+                           ( (uint32_t) buf[2] << 24 ) |
+                           ( (uint32_t) buf[3] << 16 ) |
+                           ( (uint32_t) buf[4] <<  8 ) |
+                           ( (uint32_t) buf[5]       ) ) );
+
+    memcpy( ssl->handshake->randbytes + 32, buf + 2, 32 );
+
+    n = buf[34];
+
+    MBEDTLS_SSL_DEBUG_BUF( 3,   "server hello, random bytes", buf + 2, 32 );
+
+    if( n > 32 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+    }
+
+    if( ssl->in_hslen > mbedtls_ssl_hs_hdr_len( ssl ) + 39 + n )
+    {
+        ext_len = ( ( buf[38 + n] <<  8 )
+                  | ( buf[39 + n]       ) );
+
+        if( ( ext_len > 0 && ext_len < 4 ) ||
+            ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + 40 + n + ext_len )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+        }
+    }
+    else if( ssl->in_hslen == mbedtls_ssl_hs_hdr_len( ssl ) + 38 + n )
+    {
+        ext_len = 0;
+    }
+    else
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+    }
+
+    /* ciphersuite (used later) */
+    i = ( buf[35 + n] << 8 ) | buf[36 + n];
+
+    /*
+     * Read and check compression
+     */
+    comp = buf[37 + n];
+
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    /* See comments in ssl_write_client_hello() */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+        accept_comp = 0;
+    else
+#endif
+        accept_comp = 1;
+
+    if( comp != MBEDTLS_SSL_COMPRESS_NULL &&
+        ( comp != MBEDTLS_SSL_COMPRESS_DEFLATE || accept_comp == 0 ) )
+#else /* MBEDTLS_ZLIB_SUPPORT */
+    if( comp != MBEDTLS_SSL_COMPRESS_NULL )
+#endif/* MBEDTLS_ZLIB_SUPPORT */
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "server hello, bad compression: %d", comp ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
+        return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+    }
+
+    /*
+     * Initialize update checksum functions
+     */
+    ssl->transform_negotiate->ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( i );
+
+    if( ssl->transform_negotiate->ciphersuite_info == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "ciphersuite info for %04x not found", i ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    }
+
+    mbedtls_ssl_optimize_checksum( ssl, ssl->transform_negotiate->ciphersuite_info );
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %d", n ) );
+    MBEDTLS_SSL_DEBUG_BUF( 3,   "server hello, session id", buf + 35, n );
+
+    /*
+     * Check if the session can be resumed
+     */
+    if( ssl->handshake->resume == 0 || n == 0 ||
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+        ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ||
+#endif
+        ssl->session_negotiate->ciphersuite != i ||
+        ssl->session_negotiate->compression != comp ||
+        ssl->session_negotiate->id_len != n ||
+        memcmp( ssl->session_negotiate->id, buf + 35, n ) != 0 )
+    {
+        ssl->state++;
+        ssl->handshake->resume = 0;
+#if defined(MBEDTLS_HAVE_TIME)
+        ssl->session_negotiate->start = mbedtls_time( NULL );
+#endif
+        ssl->session_negotiate->ciphersuite = i;
+        ssl->session_negotiate->compression = comp;
+        ssl->session_negotiate->id_len = n;
+        memcpy( ssl->session_negotiate->id, buf + 35, n );
+    }
+    else
+    {
+        ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC;
+
+        if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
+            return( ret );
+        }
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed",
+                   ssl->handshake->resume ? "a" : "no" ) );
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %04x", i ) );
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: %d", buf[37 + n] ) );
+
+    suite_info = mbedtls_ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite );
+    if( suite_info == NULL
+#if defined(MBEDTLS_ARC4_C)
+            || ( ssl->conf->arc4_disabled &&
+                suite_info->cipher == MBEDTLS_CIPHER_ARC4_128 )
+#endif
+        )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s", suite_info->name ) );
+
+    i = 0;
+    while( 1 )
+    {
+        if( ssl->conf->ciphersuite_list[ssl->minor_ver][i] == 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
+            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+        }
+
+        if( ssl->conf->ciphersuite_list[ssl->minor_ver][i++] ==
+            ssl->session_negotiate->ciphersuite )
+        {
+            break;
+        }
+    }
+
+    if( comp != MBEDTLS_SSL_COMPRESS_NULL
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+        && comp != MBEDTLS_SSL_COMPRESS_DEFLATE
+#endif
+      )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+    }
+    ssl->session_negotiate->compression = comp;
+
+    ext = buf + 40 + n;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "server hello, total extension length: %d", ext_len ) );
+
+    while( ext_len )
+    {
+        unsigned int ext_id   = ( ( ext[0] <<  8 )
+                                | ( ext[1]       ) );
+        unsigned int ext_size = ( ( ext[2] <<  8 )
+                                | ( ext[3]       ) );
+
+        if( ext_size + 4 > ext_len )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+        }
+
+        switch( ext_id )
+        {
+        case MBEDTLS_TLS_EXT_RENEGOTIATION_INFO:
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "found renegotiation extension" ) );
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+            renegotiation_info_seen = 1;
+#endif
+
+            if( ( ret = ssl_parse_renegotiation_info( ssl, ext + 4,
+                                                      ext_size ) ) != 0 )
+                return( ret );
+
+            break;
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+        case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH:
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max_fragment_length extension" ) );
+
+            if( ( ret = ssl_parse_max_fragment_length_ext( ssl,
+                            ext + 4, ext_size ) ) != 0 )
+            {
+                return( ret );
+            }
+
+            break;
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+        case MBEDTLS_TLS_EXT_TRUNCATED_HMAC:
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "found truncated_hmac extension" ) );
+
+            if( ( ret = ssl_parse_truncated_hmac_ext( ssl,
+                            ext + 4, ext_size ) ) != 0 )
+            {
+                return( ret );
+            }
+
+            break;
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+        case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC:
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "found encrypt_then_mac extension" ) );
+
+            if( ( ret = ssl_parse_encrypt_then_mac_ext( ssl,
+                            ext + 4, ext_size ) ) != 0 )
+            {
+                return( ret );
+            }
+
+            break;
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+        case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET:
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "found extended_master_secret extension" ) );
+
+            if( ( ret = ssl_parse_extended_ms_ext( ssl,
+                            ext + 4, ext_size ) ) != 0 )
+            {
+                return( ret );
+            }
+
+            break;
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+        case MBEDTLS_TLS_EXT_SESSION_TICKET:
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "found session_ticket extension" ) );
+
+            if( ( ret = ssl_parse_session_ticket_ext( ssl,
+                            ext + 4, ext_size ) ) != 0 )
+            {
+                return( ret );
+            }
+
+            break;
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+        case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS:
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported_point_formats extension" ) );
+
+            if( ( ret = ssl_parse_supported_point_formats_ext( ssl,
+                            ext + 4, ext_size ) ) != 0 )
+            {
+                return( ret );
+            }
+
+            break;
+#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
+          MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+        case MBEDTLS_TLS_EXT_ECJPAKE_KKPP:
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ecjpake_kkpp extension" ) );
+
+            if( ( ret = ssl_parse_ecjpake_kkpp( ssl,
+                            ext + 4, ext_size ) ) != 0 )
+            {
+                return( ret );
+            }
+
+            break;
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_SSL_ALPN)
+        case MBEDTLS_TLS_EXT_ALPN:
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) );
+
+            if( ( ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size ) ) != 0 )
+                return( ret );
+
+            break;
+#endif /* MBEDTLS_SSL_ALPN */
+
+        default:
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %d (ignoring)",
+                           ext_id ) );
+        }
+
+        ext_len -= 4 + ext_size;
+        ext += 4 + ext_size;
+
+        if( ext_len > 0 && ext_len < 4 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
+            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+        }
+    }
+
+    /*
+     * Renegotiation security checks
+     */
+    if( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION &&
+        ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) );
+        handshake_failure = 1;
+    }
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS &&
+             ssl->secure_renegotiation == MBEDTLS_SSL_SECURE_RENEGOTIATION &&
+             renegotiation_info_seen == 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation_info extension missing (secure)" ) );
+        handshake_failure = 1;
+    }
+    else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS &&
+             ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION &&
+             ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) );
+        handshake_failure = 1;
+    }
+    else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS &&
+             ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION &&
+             renegotiation_info_seen == 1 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation_info extension present (legacy)" ) );
+        handshake_failure = 1;
+    }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+    if( handshake_failure == 1 )
+    {
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello" ) );
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) ||                       \
+    defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, unsigned char **p,
+                                       unsigned char *end )
+{
+    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+
+    /*
+     * Ephemeral DH parameters:
+     *
+     * struct {
+     *     opaque dh_p<1..2^16-1>;
+     *     opaque dh_g<1..2^16-1>;
+     *     opaque dh_Ys<1..2^16-1>;
+     * } ServerDHParams;
+     */
+    if( ( ret = mbedtls_dhm_read_params( &ssl->handshake->dhm_ctx, p, end ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 2, ( "mbedtls_dhm_read_params" ), ret );
+        return( ret );
+    }
+
+    if( ssl->handshake->dhm_ctx.len * 8 < ssl->conf->dhm_min_bitlen )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "DHM prime too short: %d < %d",
+                                    ssl->handshake->dhm_ctx.len * 8,
+                                    ssl->conf->dhm_min_bitlen ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
+    }
+
+    MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: P ", &ssl->handshake->dhm_ctx.P  );
+    MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: G ", &ssl->handshake->dhm_ctx.G  );
+    MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GY", &ssl->handshake->dhm_ctx.GY );
+
+    return( ret );
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||                     \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ||                   \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) ||                     \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) ||                      \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
+static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl )
+{
+    const mbedtls_ecp_curve_info *curve_info;
+
+    curve_info = mbedtls_ecp_curve_info_from_grp_id( ssl->handshake->ecdh_ctx.grp.id );
+    if( curve_info == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) );
+
+#if defined(MBEDTLS_ECP_C)
+    if( mbedtls_ssl_check_curve( ssl, ssl->handshake->ecdh_ctx.grp.id ) != 0 )
+#else
+    if( ssl->handshake->ecdh_ctx.grp.nbits < 163 ||
+        ssl->handshake->ecdh_ctx.grp.nbits > 521 )
+#endif
+        return( -1 );
+
+    MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Qp", &ssl->handshake->ecdh_ctx.Qp );
+
+    return( 0 );
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||                     \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ||                   \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
+static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl,
+                                         unsigned char **p,
+                                         unsigned char *end )
+{
+    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+
+    /*
+     * Ephemeral ECDH parameters:
+     *
+     * struct {
+     *     ECParameters curve_params;
+     *     ECPoint      public;
+     * } ServerECDHParams;
+     */
+    if( ( ret = mbedtls_ecdh_read_params( &ssl->handshake->ecdh_ctx,
+                                  (const unsigned char **) p, end ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_read_params" ), ret );
+        return( ret );
+    }
+
+    if( ssl_check_server_ecdh_params( ssl ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message (ECDHE curve)" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
+    }
+
+    return( ret );
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl,
+                                      unsigned char **p,
+                                      unsigned char *end )
+{
+    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+    size_t  len;
+    ((void) ssl);
+
+    /*
+     * PSK parameters:
+     *
+     * opaque psk_identity_hint<0..2^16-1>;
+     */
+    len = (*p)[0] << 8 | (*p)[1];
+    *p += 2;
+
+    if( (*p) + len > end )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message "
+                                    "(psk_identity_hint length)" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
+    }
+
+    /*
+     * Note: we currently ignore the PKS identity hint, as we only allow one
+     * PSK to be provisionned on the client. This could be changed later if
+     * someone needs that feature.
+     */
+    *p += len;
+    ret = 0;
+
+    return( ret );
+}
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) ||                           \
+    defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
+/*
+ * Generate a pre-master secret and encrypt it with the server's RSA key
+ */
+static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl,
+                                    size_t offset, size_t *olen,
+                                    size_t pms_offset )
+{
+    int ret;
+    size_t len_bytes = ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ? 0 : 2;
+    unsigned char *p = ssl->handshake->premaster + pms_offset;
+
+    if( offset + len_bytes > MBEDTLS_SSL_MAX_CONTENT_LEN )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small for encrypted pms" ) );
+        return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
+    }
+
+    /*
+     * Generate (part of) the pre-master as
+     *  struct {
+     *      ProtocolVersion client_version;
+     *      opaque random[46];
+     *  } PreMasterSecret;
+     */
+    mbedtls_ssl_write_version( ssl->conf->max_major_ver, ssl->conf->max_minor_ver,
+                       ssl->conf->transport, p );
+
+    if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p + 2, 46 ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "f_rng", ret );
+        return( ret );
+    }
+
+    ssl->handshake->pmslen = 48;
+
+    if( ssl->session_negotiate->peer_cert == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "certificate required" ) );
+        return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
+    }
+
+    /*
+     * Now write it out, encrypted
+     */
+    if( ! mbedtls_pk_can_do( &ssl->session_negotiate->peer_cert->pk,
+                MBEDTLS_PK_RSA ) )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "certificate key type mismatch" ) );
+        return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH );
+    }
+
+    if( ( ret = mbedtls_pk_encrypt( &ssl->session_negotiate->peer_cert->pk,
+                            p, ssl->handshake->pmslen,
+                            ssl->out_msg + offset + len_bytes, olen,
+                            MBEDTLS_SSL_MAX_CONTENT_LEN - offset - len_bytes,
+                            ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_rsa_pkcs1_encrypt", ret );
+        return( ret );
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    if( len_bytes == 2 )
+    {
+        ssl->out_msg[offset+0] = (unsigned char)( *olen >> 8 );
+        ssl->out_msg[offset+1] = (unsigned char)( *olen      );
+        *olen += 2;
+    }
+#endif
+
+    return( 0 );
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) ||                       \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||                     \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
+static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl,
+                                          unsigned char **p,
+                                          unsigned char *end,
+                                          mbedtls_md_type_t *md_alg,
+                                          mbedtls_pk_type_t *pk_alg )
+{
+    ((void) ssl);
+    *md_alg = MBEDTLS_MD_NONE;
+    *pk_alg = MBEDTLS_PK_NONE;
+
+    /* Only in TLS 1.2 */
+    if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 )
+    {
+        return( 0 );
+    }
+
+    if( (*p) + 2 > end )
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
+
+    /*
+     * Get hash algorithm
+     */
+    if( ( *md_alg = mbedtls_ssl_md_alg_from_hash( (*p)[0] ) ) == MBEDTLS_MD_NONE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Server used unsupported "
+                            "HashAlgorithm %d", *(p)[0] ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
+    }
+
+    /*
+     * Get signature algorithm
+     */
+    if( ( *pk_alg = mbedtls_ssl_pk_alg_from_sig( (*p)[1] ) ) == MBEDTLS_PK_NONE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "server used unsupported "
+                            "SignatureAlgorithm %d", (*p)[1] ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
+    }
+
+    /*
+     * Check if the hash is acceptable
+     */
+    if( mbedtls_ssl_check_sig_hash( ssl, *md_alg ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "server used HashAlgorithm %d that was not offered",
+                                    *(p)[0] ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used SignatureAlgorithm %d", (*p)[1] ) );
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used HashAlgorithm %d", (*p)[0] ) );
+    *p += 2;
+
+    return( 0 );
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
+static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
+{
+    int ret;
+    const mbedtls_ecp_keypair *peer_key;
+
+    if( ssl->session_negotiate->peer_cert == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "certificate required" ) );
+        return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
+    }
+
+    if( ! mbedtls_pk_can_do( &ssl->session_negotiate->peer_cert->pk,
+                     MBEDTLS_PK_ECKEY ) )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "server key not ECDH capable" ) );
+        return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH );
+    }
+
+    peer_key = mbedtls_pk_ec( ssl->session_negotiate->peer_cert->pk );
+
+    if( ( ret = mbedtls_ecdh_get_params( &ssl->handshake->ecdh_ctx, peer_key,
+                                 MBEDTLS_ECDH_THEIRS ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_get_params" ), ret );
+        return( ret );
+    }
+
+    if( ssl_check_server_ecdh_params( ssl ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server certificate (ECDH curve)" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE );
+    }
+
+    return( ret );
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) ||
+          MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
+
+static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
+{
+    int ret;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->transform_negotiate->ciphersuite_info;
+    unsigned char *p = NULL, *end = NULL;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server key exchange" ) );
+
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) );
+        ssl->state++;
+        return( 0 );
+    }
+    ((void) p);
+    ((void) end);
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA )
+    {
+        if( ( ret = ssl_get_ecdh_params_from_cert( ssl ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "ssl_get_ecdh_params_from_cert", ret );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+            return( ret );
+        }
+
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) );
+        ssl->state++;
+        return( 0 );
+    }
+    ((void) p);
+    ((void) end);
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
+
+    if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
+        return( ret );
+    }
+
+    if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
+        return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
+    }
+
+    /*
+     * ServerKeyExchange may be skipped with PSK and RSA-PSK when the server
+     * doesn't use a psk_identity_hint
+     */
+    if( ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE )
+    {
+        if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
+            ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK )
+        {
+            /* Current message is probably either
+             * CertificateRequest or ServerHelloDone */
+            ssl->keep_current_message = 1;
+            goto exit;
+        }
+
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "server key exchange message must "
+                                    "not be skipped" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
+
+        return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
+    }
+
+    p   = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl );
+    end = ssl->in_msg + ssl->in_hslen;
+    MBEDTLS_SSL_DEBUG_BUF( 3,   "server key exchange", p, end - p );
+
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )
+    {
+        if( ssl_parse_server_psk_hint( ssl, &p, end ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
+            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
+        }
+    } /* FALLTROUGH */
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) ||                       \
+    defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK )
+        ; /* nothing more to do */
+    else
+#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) ||                       \
+    defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK )
+    {
+        if( ssl_parse_server_dh_params( ssl, &p, end ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
+            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
+        }
+    }
+    else
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||                     \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) ||                     \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA )
+    {
+        if( ssl_parse_server_ecdh_params( ssl, &p, end ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
+            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
+        }
+    }
+    else
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
+    {
+        ret = mbedtls_ecjpake_read_round_two( &ssl->handshake->ecjpake_ctx,
+                                              p, end - p );
+        if( ret != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_two", ret );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
+            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
+        }
+    }
+    else
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+    }
+
+#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
+    if( mbedtls_ssl_ciphersuite_uses_server_signature( ciphersuite_info ) )
+    {
+        size_t sig_len, hashlen;
+        unsigned char hash[64];
+        mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE;
+        mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE;
+        unsigned char *params = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl );
+        size_t params_len = p - params;
+
+        /*
+         * Handle the digitally-signed structure
+         */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
+        {
+            if( ssl_parse_signature_algorithm( ssl, &p, end,
+                                               &md_alg, &pk_alg ) != 0 )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
+                mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                                MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
+                return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
+            }
+
+            if( pk_alg != mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ) )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
+                mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                                MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
+                return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
+            }
+        }
+        else
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+        if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 )
+        {
+            pk_alg = mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info );
+
+            /* Default hash for ECDSA is SHA-1 */
+            if( pk_alg == MBEDTLS_PK_ECDSA && md_alg == MBEDTLS_MD_NONE )
+                md_alg = MBEDTLS_MD_SHA1;
+        }
+        else
+#endif
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+        }
+
+        /*
+         * Read signature
+         */
+        sig_len = ( p[0] << 8 ) | p[1];
+        p += 2;
+
+        if( end != p + sig_len )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
+        }
+
+        MBEDTLS_SSL_DEBUG_BUF( 3, "signature", p, sig_len );
+
+        /*
+         * Compute the hash that has been signed
+         */
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+        if( md_alg == MBEDTLS_MD_NONE )
+        {
+            hashlen = 36;
+            ret = mbedtls_ssl_get_key_exchange_md_ssl_tls( ssl, hash, params,
+                                                           params_len );
+            if( ret != 0 )
+                return( ret );
+        }
+        else
+#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \
+          MBEDTLS_SSL_PROTO_TLS1_1 */
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        if( md_alg != MBEDTLS_MD_NONE )
+        {
+            /* Info from md_alg will be used instead */
+            hashlen = 0;
+            ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash, params,
+                                                          params_len, md_alg );
+            if( ret != 0 )
+                return( ret );
+        }
+        else
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
+          MBEDTLS_SSL_PROTO_TLS1_2 */
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+        }
+
+        MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen != 0 ? hashlen :
+            (unsigned int) ( mbedtls_md_get_size( mbedtls_md_info_from_type( md_alg ) ) ) );
+
+        if( ssl->session_negotiate->peer_cert == NULL )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 2, ( "certificate required" ) );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+            return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
+        }
+
+        /*
+         * Verify signature
+         */
+        if( ! mbedtls_pk_can_do( &ssl->session_negotiate->peer_cert->pk, pk_alg ) )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+            return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH );
+        }
+
+        if( ( ret = mbedtls_pk_verify( &ssl->session_negotiate->peer_cert->pk,
+                               md_alg, hash, hashlen, p, sig_len ) ) != 0 )
+        {
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR );
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_verify", ret );
+            return( ret );
+        }
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED */
+
+exit:
+    ssl->state++;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server key exchange" ) );
+
+    return( 0 );
+}
+
+#if ! defined(MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED)
+static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl )
+{
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->transform_negotiate->ciphersuite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate request" ) );
+
+    if( ! mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) );
+        ssl->state++;
+        return( 0 );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+    return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+}
+#else /* MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */
+static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl )
+{
+    int ret;
+    unsigned char *buf;
+    size_t n = 0;
+    size_t cert_type_len = 0, dn_len = 0;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->transform_negotiate->ciphersuite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate request" ) );
+
+    if( ! mbedtls_ssl_ciphersuite_cert_req_allowed( ciphersuite_info ) )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) );
+        ssl->state++;
+        return( 0 );
+    }
+
+    if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
+        return( ret );
+    }
+
+    if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
+        return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
+    }
+
+    ssl->state++;
+    ssl->client_auth = ( ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE_REQUEST );
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "got %s certificate request",
+                        ssl->client_auth ? "a" : "no" ) );
+
+    if( ssl->client_auth == 0 )
+    {
+        /* Current message is probably the ServerHelloDone */
+        ssl->keep_current_message = 1;
+        goto exit;
+    }
+
+    /*
+     *  struct {
+     *      ClientCertificateType certificate_types<1..2^8-1>;
+     *      SignatureAndHashAlgorithm
+     *        supported_signature_algorithms<2^16-1>; -- TLS 1.2 only
+     *      DistinguishedName certificate_authorities<0..2^16-1>;
+     *  } CertificateRequest;
+     *
+     *  Since we only support a single certificate on clients, let's just
+     *  ignore all the information that's supposed to help us pick a
+     *  certificate.
+     *
+     *  We could check that our certificate matches the request, and bail out
+     *  if it doesn't, but it's simpler to just send the certificate anyway,
+     *  and give the server the opportunity to decide if it should terminate
+     *  the connection when it doesn't like our certificate.
+     *
+     *  Same goes for the hash in TLS 1.2's signature_algorithms: at this
+     *  point we only have one hash available (see comments in
+     *  write_certificate_verify), so let's just use what we have.
+     *
+     *  However, we still minimally parse the message to check it is at least
+     *  superficially sane.
+     */
+    buf = ssl->in_msg;
+
+    /* certificate_types */
+    cert_type_len = buf[mbedtls_ssl_hs_hdr_len( ssl )];
+    n = cert_type_len;
+
+    if( ssl->in_hslen < mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST );
+    }
+
+    /* supported_signature_algorithms */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
+    {
+        size_t sig_alg_len = ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] <<  8 )
+                             | ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n]       ) );
+#if defined(MBEDTLS_DEBUG_C)
+        unsigned char* sig_alg = buf + mbedtls_ssl_hs_hdr_len( ssl ) + 3 + n;
+        size_t i;
+
+        for( i = 0; i < sig_alg_len; i += 2 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "Supported Signature Algorithm found: %d"
+                                        ",%d", sig_alg[i], sig_alg[i + 1]  ) );
+        }
+#endif
+
+        n += 2 + sig_alg_len;
+
+        if( ssl->in_hslen < mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST );
+        }
+    }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+    /* certificate_authorities */
+    dn_len = ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] <<  8 )
+             | ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n]       ) );
+
+    n += dn_len;
+    if( ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + 3 + n )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST );
+    }
+
+exit:
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate request" ) );
+
+    return( 0 );
+}
+#endif /* MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED */
+
+static int ssl_parse_server_hello_done( mbedtls_ssl_context *ssl )
+{
+    int ret;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server hello done" ) );
+
+    if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
+        return( ret );
+    }
+
+    if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello done message" ) );
+        return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
+    }
+
+    if( ssl->in_hslen  != mbedtls_ssl_hs_hdr_len( ssl ) ||
+        ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_HELLO_DONE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello done message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE );
+    }
+
+    ssl->state++;
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+        mbedtls_ssl_recv_flight_completed( ssl );
+#endif
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello done" ) );
+
+    return( 0 );
+}
+
+static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
+{
+    int ret;
+    size_t i, n;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->transform_negotiate->ciphersuite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client key exchange" ) );
+
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA )
+    {
+        /*
+         * DHM key exchange -- send G^X mod P
+         */
+        n = ssl->handshake->dhm_ctx.len;
+
+        ssl->out_msg[4] = (unsigned char)( n >> 8 );
+        ssl->out_msg[5] = (unsigned char)( n      );
+        i = 6;
+
+        ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx,
+                                (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ),
+                               &ssl->out_msg[i], n,
+                                ssl->conf->f_rng, ssl->conf->p_rng );
+        if( ret != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_public", ret );
+            return( ret );
+        }
+
+        MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X  );
+        MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX );
+
+        if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx,
+                                      ssl->handshake->premaster,
+                                      MBEDTLS_PREMASTER_SIZE,
+                                     &ssl->handshake->pmslen,
+                                      ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret );
+            return( ret );
+        }
+
+        MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K  );
+    }
+    else
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||                     \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ||                   \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) ||                      \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA )
+    {
+        /*
+         * ECDH key exchange -- send client public value
+         */
+        i = 4;
+
+        ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx,
+                                &n,
+                                &ssl->out_msg[i], 1000,
+                                ssl->conf->f_rng, ssl->conf->p_rng );
+        if( ret != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_public", ret );
+            return( ret );
+        }
+
+        MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Q", &ssl->handshake->ecdh_ctx.Q );
+
+        if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx,
+                                      &ssl->handshake->pmslen,
+                                       ssl->handshake->premaster,
+                                       MBEDTLS_MPI_MAX_SIZE,
+                                       ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret );
+            return( ret );
+        }
+
+        MBEDTLS_SSL_DEBUG_MPI( 3, "ECDH: z", &ssl->handshake->ecdh_ctx.z );
+    }
+    else
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+    if( mbedtls_ssl_ciphersuite_uses_psk( ciphersuite_info ) )
+    {
+        /*
+         * opaque psk_identity<0..2^16-1>;
+         */
+        if( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no private key for PSK" ) );
+            return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED );
+        }
+
+        i = 4;
+        n = ssl->conf->psk_identity_len;
+
+        if( i + 2 + n > MBEDTLS_SSL_MAX_CONTENT_LEN )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "psk identity too long or "
+                                        "SSL buffer too short" ) );
+            return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
+        }
+
+        ssl->out_msg[i++] = (unsigned char)( n >> 8 );
+        ssl->out_msg[i++] = (unsigned char)( n      );
+
+        memcpy( ssl->out_msg + i, ssl->conf->psk_identity, ssl->conf->psk_identity_len );
+        i += ssl->conf->psk_identity_len;
+
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
+        if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK )
+        {
+            n = 0;
+        }
+        else
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
+        if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK )
+        {
+            if( ( ret = ssl_write_encrypted_pms( ssl, i, &n, 2 ) ) != 0 )
+                return( ret );
+        }
+        else
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+        if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK )
+        {
+            /*
+             * ClientDiffieHellmanPublic public (DHM send G^X mod P)
+             */
+            n = ssl->handshake->dhm_ctx.len;
+
+            if( i + 2 + n > MBEDTLS_SSL_MAX_CONTENT_LEN )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "psk identity or DHM size too long"
+                                            " or SSL buffer too short" ) );
+                return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
+            }
+
+            ssl->out_msg[i++] = (unsigned char)( n >> 8 );
+            ssl->out_msg[i++] = (unsigned char)( n      );
+
+            ret = mbedtls_dhm_make_public( &ssl->handshake->dhm_ctx,
+                    (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ),
+                    &ssl->out_msg[i], n,
+                    ssl->conf->f_rng, ssl->conf->p_rng );
+            if( ret != 0 )
+            {
+                MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_public", ret );
+                return( ret );
+            }
+        }
+        else
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
+        if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )
+        {
+            /*
+             * ClientECDiffieHellmanPublic public;
+             */
+            ret = mbedtls_ecdh_make_public( &ssl->handshake->ecdh_ctx, &n,
+                    &ssl->out_msg[i], MBEDTLS_SSL_MAX_CONTENT_LEN - i,
+                    ssl->conf->f_rng, ssl->conf->p_rng );
+            if( ret != 0 )
+            {
+                MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_public", ret );
+                return( ret );
+            }
+
+            MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Q", &ssl->handshake->ecdh_ctx.Q );
+        }
+        else
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+        }
+
+        if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
+                        ciphersuite_info->key_exchange ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret );
+            return( ret );
+        }
+    }
+    else
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA )
+    {
+        i = 4;
+        if( ( ret = ssl_write_encrypted_pms( ssl, i, &n, 0 ) ) != 0 )
+            return( ret );
+    }
+    else
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
+    {
+        i = 4;
+
+        ret = mbedtls_ecjpake_write_round_two( &ssl->handshake->ecjpake_ctx,
+                ssl->out_msg + i, MBEDTLS_SSL_MAX_CONTENT_LEN - i, &n,
+                ssl->conf->f_rng, ssl->conf->p_rng );
+        if( ret != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_write_round_two", ret );
+            return( ret );
+        }
+
+        ret = mbedtls_ecjpake_derive_secret( &ssl->handshake->ecjpake_ctx,
+                ssl->handshake->premaster, 32, &ssl->handshake->pmslen,
+                ssl->conf->f_rng, ssl->conf->p_rng );
+        if( ret != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_derive_secret", ret );
+            return( ret );
+        }
+    }
+    else
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
+    {
+        ((void) ciphersuite_info);
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+    }
+
+    ssl->out_msglen  = i + n;
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE;
+
+    ssl->state++;
+
+    if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+        return( ret );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client key exchange" ) );
+
+    return( 0 );
+}
+
+#if !defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)       && \
+    !defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)   && \
+    !defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)  && \
+    !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \
+    !defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)&& \
+    !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
+static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl )
+{
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->transform_negotiate->ciphersuite_info;
+    int ret;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) );
+
+    if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret );
+        return( ret );
+    }
+
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
+        ssl->state++;
+        return( 0 );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+    return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+}
+#else
+static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl )
+{
+    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->transform_negotiate->ciphersuite_info;
+    size_t n = 0, offset = 0;
+    unsigned char hash[48];
+    unsigned char *hash_start = hash;
+    mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE;
+    unsigned int hashlen;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) );
+
+    if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret );
+        return( ret );
+    }
+
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
+        ssl->state++;
+        return( 0 );
+    }
+
+    if( ssl->client_auth == 0 || mbedtls_ssl_own_cert( ssl ) == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
+        ssl->state++;
+        return( 0 );
+    }
+
+    if( mbedtls_ssl_own_key( ssl ) == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no private key for certificate" ) );
+        return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED );
+    }
+
+    /*
+     * Make an RSA signature of the handshake digests
+     */
+    ssl->handshake->calc_verify( ssl, hash );
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+    if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 )
+    {
+        /*
+         * digitally-signed struct {
+         *     opaque md5_hash[16];
+         *     opaque sha_hash[20];
+         * };
+         *
+         * md5_hash
+         *     MD5(handshake_messages);
+         *
+         * sha_hash
+         *     SHA(handshake_messages);
+         */
+        hashlen = 36;
+        md_alg = MBEDTLS_MD_NONE;
+
+        /*
+         * For ECDSA, default hash is SHA-1 only
+         */
+        if( mbedtls_pk_can_do( mbedtls_ssl_own_key( ssl ), MBEDTLS_PK_ECDSA ) )
+        {
+            hash_start += 16;
+            hashlen -= 16;
+            md_alg = MBEDTLS_MD_SHA1;
+        }
+    }
+    else
+#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \
+          MBEDTLS_SSL_PROTO_TLS1_1 */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
+    {
+        /*
+         * digitally-signed struct {
+         *     opaque handshake_messages[handshake_messages_length];
+         * };
+         *
+         * Taking shortcut here. We assume that the server always allows the
+         * PRF Hash function and has sent it in the allowed signature
+         * algorithms list received in the Certificate Request message.
+         *
+         * Until we encounter a server that does not, we will take this
+         * shortcut.
+         *
+         * Reason: Otherwise we should have running hashes for SHA512 and SHA224
+         *         in order to satisfy 'weird' needs from the server side.
+         */
+        if( ssl->transform_negotiate->ciphersuite_info->mac ==
+            MBEDTLS_MD_SHA384 )
+        {
+            md_alg = MBEDTLS_MD_SHA384;
+            ssl->out_msg[4] = MBEDTLS_SSL_HASH_SHA384;
+        }
+        else
+        {
+            md_alg = MBEDTLS_MD_SHA256;
+            ssl->out_msg[4] = MBEDTLS_SSL_HASH_SHA256;
+        }
+        ssl->out_msg[5] = mbedtls_ssl_sig_from_pk( mbedtls_ssl_own_key( ssl ) );
+
+        /* Info from md_alg will be used instead */
+        hashlen = 0;
+        offset = 2;
+    }
+    else
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+    }
+
+    if( ( ret = mbedtls_pk_sign( mbedtls_ssl_own_key( ssl ), md_alg, hash_start, hashlen,
+                         ssl->out_msg + 6 + offset, &n,
+                         ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_sign", ret );
+        return( ret );
+    }
+
+    ssl->out_msg[4 + offset] = (unsigned char)( n >> 8 );
+    ssl->out_msg[5 + offset] = (unsigned char)( n      );
+
+    ssl->out_msglen  = 6 + n + offset;
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_CERTIFICATE_VERIFY;
+
+    ssl->state++;
+
+    if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+        return( ret );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate verify" ) );
+
+    return( ret );
+}
+#endif /* !MBEDTLS_KEY_EXCHANGE_RSA_ENABLED &&
+          !MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED &&
+          !MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED &&
+          !MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED &&
+          !MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED &&
+          !MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl )
+{
+    int ret;
+    uint32_t lifetime;
+    size_t ticket_len;
+    unsigned char *ticket;
+    const unsigned char *msg;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse new session ticket" ) );
+
+    if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
+        return( ret );
+    }
+
+    if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
+        return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
+    }
+
+    /*
+     * struct {
+     *     uint32 ticket_lifetime_hint;
+     *     opaque ticket<0..2^16-1>;
+     * } NewSessionTicket;
+     *
+     * 0  .  3   ticket_lifetime_hint
+     * 4  .  5   ticket_len (n)
+     * 6  .  5+n ticket content
+     */
+    if( ssl->in_msg[0] != MBEDTLS_SSL_HS_NEW_SESSION_TICKET ||
+        ssl->in_hslen < 6 + mbedtls_ssl_hs_hdr_len( ssl ) )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET );
+    }
+
+    msg = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl );
+
+    lifetime = ( msg[0] << 24 ) | ( msg[1] << 16 ) |
+               ( msg[2] <<  8 ) | ( msg[3]       );
+
+    ticket_len = ( msg[4] << 8 ) | ( msg[5] );
+
+    if( ticket_len + 6 + mbedtls_ssl_hs_hdr_len( ssl ) != ssl->in_hslen )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket length: %d", ticket_len ) );
+
+    /* We're not waiting for a NewSessionTicket message any more */
+    ssl->handshake->new_session_ticket = 0;
+    ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC;
+
+    /*
+     * Zero-length ticket means the server changed his mind and doesn't want
+     * to send a ticket after all, so just forget it
+     */
+    if( ticket_len == 0 )
+        return( 0 );
+
+    mbedtls_zeroize( ssl->session_negotiate->ticket,
+                      ssl->session_negotiate->ticket_len );
+    mbedtls_free( ssl->session_negotiate->ticket );
+    ssl->session_negotiate->ticket = NULL;
+    ssl->session_negotiate->ticket_len = 0;
+
+    if( ( ticket = mbedtls_calloc( 1, ticket_len ) ) == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "ticket alloc failed" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
+        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+    }
+
+    memcpy( ticket, msg + 6, ticket_len );
+
+    ssl->session_negotiate->ticket = ticket;
+    ssl->session_negotiate->ticket_len = ticket_len;
+    ssl->session_negotiate->ticket_lifetime = lifetime;
+
+    /*
+     * RFC 5077 section 3.4:
+     * "If the client receives a session ticket from the server, then it
+     * discards any Session ID that was sent in the ServerHello."
+     */
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket in use, discarding session id" ) );
+    ssl->session_negotiate->id_len = 0;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse new session ticket" ) );
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+/*
+ * SSL handshake -- client side -- single step
+ */
+int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl )
+{
+    int ret = 0;
+
+    if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "client state: %d", ssl->state ) );
+
+    if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 )
+        return( ret );
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING )
+    {
+        if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 )
+            return( ret );
+    }
+#endif
+
+    /* Change state now, so that it is right in mbedtls_ssl_read_record(), used
+     * by DTLS for dropping out-of-sequence ChangeCipherSpec records */
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    if( ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC &&
+        ssl->handshake->new_session_ticket != 0 )
+    {
+        ssl->state = MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET;
+    }
+#endif
+
+    switch( ssl->state )
+    {
+        case MBEDTLS_SSL_HELLO_REQUEST:
+            ssl->state = MBEDTLS_SSL_CLIENT_HELLO;
+            break;
+
+       /*
+        *  ==>   ClientHello
+        */
+       case MBEDTLS_SSL_CLIENT_HELLO:
+           ret = ssl_write_client_hello( ssl );
+           break;
+
+       /*
+        *  <==   ServerHello
+        *        Certificate
+        *      ( ServerKeyExchange  )
+        *      ( CertificateRequest )
+        *        ServerHelloDone
+        */
+       case MBEDTLS_SSL_SERVER_HELLO:
+           ret = ssl_parse_server_hello( ssl );
+           break;
+
+       case MBEDTLS_SSL_SERVER_CERTIFICATE:
+           ret = mbedtls_ssl_parse_certificate( ssl );
+           break;
+
+       case MBEDTLS_SSL_SERVER_KEY_EXCHANGE:
+           ret = ssl_parse_server_key_exchange( ssl );
+           break;
+
+       case MBEDTLS_SSL_CERTIFICATE_REQUEST:
+           ret = ssl_parse_certificate_request( ssl );
+           break;
+
+       case MBEDTLS_SSL_SERVER_HELLO_DONE:
+           ret = ssl_parse_server_hello_done( ssl );
+           break;
+
+       /*
+        *  ==> ( Certificate/Alert  )
+        *        ClientKeyExchange
+        *      ( CertificateVerify  )
+        *        ChangeCipherSpec
+        *        Finished
+        */
+       case MBEDTLS_SSL_CLIENT_CERTIFICATE:
+           ret = mbedtls_ssl_write_certificate( ssl );
+           break;
+
+       case MBEDTLS_SSL_CLIENT_KEY_EXCHANGE:
+           ret = ssl_write_client_key_exchange( ssl );
+           break;
+
+       case MBEDTLS_SSL_CERTIFICATE_VERIFY:
+           ret = ssl_write_certificate_verify( ssl );
+           break;
+
+       case MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC:
+           ret = mbedtls_ssl_write_change_cipher_spec( ssl );
+           break;
+
+       case MBEDTLS_SSL_CLIENT_FINISHED:
+           ret = mbedtls_ssl_write_finished( ssl );
+           break;
+
+       /*
+        *  <==   ( NewSessionTicket )
+        *        ChangeCipherSpec
+        *        Finished
+        */
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+       case MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET:
+           ret = ssl_parse_new_session_ticket( ssl );
+           break;
+#endif
+
+       case MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC:
+           ret = mbedtls_ssl_parse_change_cipher_spec( ssl );
+           break;
+
+       case MBEDTLS_SSL_SERVER_FINISHED:
+           ret = mbedtls_ssl_parse_finished( ssl );
+           break;
+
+       case MBEDTLS_SSL_FLUSH_BUFFERS:
+           MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) );
+           ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP;
+           break;
+
+       case MBEDTLS_SSL_HANDSHAKE_WRAPUP:
+           mbedtls_ssl_handshake_wrapup( ssl );
+           break;
+
+       default:
+           MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) );
+           return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+   }
+
+    return( ret );
+}
+#endif /* MBEDTLS_SSL_CLI_C */
diff --git a/thirdparty/mbedtls/library/ssl_cookie.c b/thirdparty/mbedtls/library/ssl_cookie.c
new file mode 100644
index 0000000000..caf119990d
--- /dev/null
+++ b/thirdparty/mbedtls/library/ssl_cookie.c
@@ -0,0 +1,260 @@
+/*
+ *  DTLS cookie callbacks implementation
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ * These session callbacks use a simple chained list
+ * to store and retrieve the session information.
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_SSL_COOKIE_C)
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#define mbedtls_calloc    calloc
+#define mbedtls_free      free
+#endif
+
+#include "mbedtls/ssl_cookie.h"
+#include "mbedtls/ssl_internal.h"
+
+#include <string.h>
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+/*
+ * If DTLS is in use, then at least one of SHA-1, SHA-256, SHA-512 is
+ * available. Try SHA-256 first, 512 wastes resources since we need to stay
+ * with max 32 bytes of cookie for DTLS 1.0
+ */
+#if defined(MBEDTLS_SHA256_C)
+#define COOKIE_MD           MBEDTLS_MD_SHA224
+#define COOKIE_MD_OUTLEN    32
+#define COOKIE_HMAC_LEN     28
+#elif defined(MBEDTLS_SHA512_C)
+#define COOKIE_MD           MBEDTLS_MD_SHA384
+#define COOKIE_MD_OUTLEN    48
+#define COOKIE_HMAC_LEN     28
+#elif defined(MBEDTLS_SHA1_C)
+#define COOKIE_MD           MBEDTLS_MD_SHA1
+#define COOKIE_MD_OUTLEN    20
+#define COOKIE_HMAC_LEN     20
+#else
+#error "DTLS hello verify needs SHA-1 or SHA-2"
+#endif
+
+/*
+ * Cookies are formed of a 4-bytes timestamp (or serial number) and
+ * an HMAC of timestemp and client ID.
+ */
+#define COOKIE_LEN      ( 4 + COOKIE_HMAC_LEN )
+
+void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx )
+{
+    mbedtls_md_init( &ctx->hmac_ctx );
+#if !defined(MBEDTLS_HAVE_TIME)
+    ctx->serial = 0;
+#endif
+    ctx->timeout = MBEDTLS_SSL_COOKIE_TIMEOUT;
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_init( &ctx->mutex );
+#endif
+}
+
+void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay )
+{
+    ctx->timeout = delay;
+}
+
+void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx )
+{
+    mbedtls_md_free( &ctx->hmac_ctx );
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_free( &ctx->mutex );
+#endif
+
+    mbedtls_zeroize( ctx, sizeof( mbedtls_ssl_cookie_ctx ) );
+}
+
+int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx,
+                      int (*f_rng)(void *, unsigned char *, size_t),
+                      void *p_rng )
+{
+    int ret;
+    unsigned char key[COOKIE_MD_OUTLEN];
+
+    if( ( ret = f_rng( p_rng, key, sizeof( key ) ) ) != 0 )
+        return( ret );
+
+    ret = mbedtls_md_setup( &ctx->hmac_ctx, mbedtls_md_info_from_type( COOKIE_MD ), 1 );
+    if( ret != 0 )
+        return( ret );
+
+    ret = mbedtls_md_hmac_starts( &ctx->hmac_ctx, key, sizeof( key ) );
+    if( ret != 0 )
+        return( ret );
+
+    mbedtls_zeroize( key, sizeof( key ) );
+
+    return( 0 );
+}
+
+/*
+ * Generate the HMAC part of a cookie
+ */
+static int ssl_cookie_hmac( mbedtls_md_context_t *hmac_ctx,
+                            const unsigned char time[4],
+                            unsigned char **p, unsigned char *end,
+                            const unsigned char *cli_id, size_t cli_id_len )
+{
+    unsigned char hmac_out[COOKIE_MD_OUTLEN];
+
+    if( (size_t)( end - *p ) < COOKIE_HMAC_LEN )
+        return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
+
+    if( mbedtls_md_hmac_reset(  hmac_ctx ) != 0 ||
+        mbedtls_md_hmac_update( hmac_ctx, time, 4 ) != 0 ||
+        mbedtls_md_hmac_update( hmac_ctx, cli_id, cli_id_len ) != 0 ||
+        mbedtls_md_hmac_finish( hmac_ctx, hmac_out ) != 0 )
+    {
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+    }
+
+    memcpy( *p, hmac_out, COOKIE_HMAC_LEN );
+    *p += COOKIE_HMAC_LEN;
+
+    return( 0 );
+}
+
+/*
+ * Generate cookie for DTLS ClientHello verification
+ */
+int mbedtls_ssl_cookie_write( void *p_ctx,
+                      unsigned char **p, unsigned char *end,
+                      const unsigned char *cli_id, size_t cli_id_len )
+{
+    int ret;
+    mbedtls_ssl_cookie_ctx *ctx = (mbedtls_ssl_cookie_ctx *) p_ctx;
+    unsigned long t;
+
+    if( ctx == NULL || cli_id == NULL )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    if( (size_t)( end - *p ) < COOKIE_LEN )
+        return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
+
+#if defined(MBEDTLS_HAVE_TIME)
+    t = (unsigned long) mbedtls_time( NULL );
+#else
+    t = ctx->serial++;
+#endif
+
+    (*p)[0] = (unsigned char)( t >> 24 );
+    (*p)[1] = (unsigned char)( t >> 16 );
+    (*p)[2] = (unsigned char)( t >>  8 );
+    (*p)[3] = (unsigned char)( t       );
+    *p += 4;
+
+#if defined(MBEDTLS_THREADING_C)
+    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + ret );
+#endif
+
+    ret = ssl_cookie_hmac( &ctx->hmac_ctx, *p - 4,
+                           p, end, cli_id, cli_id_len );
+
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR +
+                MBEDTLS_ERR_THREADING_MUTEX_ERROR );
+#endif
+
+    return( ret );
+}
+
+/*
+ * Check a cookie
+ */
+int mbedtls_ssl_cookie_check( void *p_ctx,
+                      const unsigned char *cookie, size_t cookie_len,
+                      const unsigned char *cli_id, size_t cli_id_len )
+{
+    unsigned char ref_hmac[COOKIE_HMAC_LEN];
+    int ret = 0;
+    unsigned char *p = ref_hmac;
+    mbedtls_ssl_cookie_ctx *ctx = (mbedtls_ssl_cookie_ctx *) p_ctx;
+    unsigned long cur_time, cookie_time;
+
+    if( ctx == NULL || cli_id == NULL )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    if( cookie_len != COOKIE_LEN )
+        return( -1 );
+
+#if defined(MBEDTLS_THREADING_C)
+    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR + ret );
+#endif
+
+    if( ssl_cookie_hmac( &ctx->hmac_ctx, cookie,
+                         &p, p + sizeof( ref_hmac ),
+                         cli_id, cli_id_len ) != 0 )
+        ret = -1;
+
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR +
+                MBEDTLS_ERR_THREADING_MUTEX_ERROR );
+#endif
+
+    if( ret != 0 )
+        return( ret );
+
+    if( mbedtls_ssl_safer_memcmp( cookie + 4, ref_hmac, sizeof( ref_hmac ) ) != 0 )
+        return( -1 );
+
+#if defined(MBEDTLS_HAVE_TIME)
+    cur_time = (unsigned long) mbedtls_time( NULL );
+#else
+    cur_time = ctx->serial;
+#endif
+
+    cookie_time = ( (unsigned long) cookie[0] << 24 ) |
+                  ( (unsigned long) cookie[1] << 16 ) |
+                  ( (unsigned long) cookie[2] <<  8 ) |
+                  ( (unsigned long) cookie[3]       );
+
+    if( ctx->timeout != 0 && cur_time - cookie_time > ctx->timeout )
+        return( -1 );
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_COOKIE_C */
diff --git a/thirdparty/mbedtls/library/ssl_srv.c b/thirdparty/mbedtls/library/ssl_srv.c
new file mode 100644
index 0000000000..aca4235e6e
--- /dev/null
+++ b/thirdparty/mbedtls/library/ssl_srv.c
@@ -0,0 +1,4096 @@
+/*
+ *  SSLv3/TLSv1 server-side functions
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_SSL_SRV_C)
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define mbedtls_calloc    calloc
+#define mbedtls_free      free
+#endif
+
+#include "mbedtls/debug.h"
+#include "mbedtls/ssl.h"
+#include "mbedtls/ssl_internal.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_ECP_C)
+#include "mbedtls/ecp.h"
+#endif
+
+#if defined(MBEDTLS_HAVE_TIME)
+#include "mbedtls/platform_time.h"
+#endif
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
+int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl,
+                                 const unsigned char *info,
+                                 size_t ilen )
+{
+    if( ssl->conf->endpoint != MBEDTLS_SSL_IS_SERVER )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    mbedtls_free( ssl->cli_id );
+
+    if( ( ssl->cli_id = mbedtls_calloc( 1, ilen ) ) == NULL )
+        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+
+    memcpy( ssl->cli_id, info, ilen );
+    ssl->cli_id_len = ilen;
+
+    return( 0 );
+}
+
+void mbedtls_ssl_conf_dtls_cookies( mbedtls_ssl_config *conf,
+                           mbedtls_ssl_cookie_write_t *f_cookie_write,
+                           mbedtls_ssl_cookie_check_t *f_cookie_check,
+                           void *p_cookie )
+{
+    conf->f_cookie_write = f_cookie_write;
+    conf->f_cookie_check = f_cookie_check;
+    conf->p_cookie       = p_cookie;
+}
+#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl,
+                                     const unsigned char *buf,
+                                     size_t len )
+{
+    int ret;
+    size_t servername_list_size, hostname_len;
+    const unsigned char *p;
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "parse ServerName extension" ) );
+
+    servername_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) );
+    if( servername_list_size + 2 != len )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    p = buf + 2;
+    while( servername_list_size > 0 )
+    {
+        hostname_len = ( ( p[1] << 8 ) | p[2] );
+        if( hostname_len + 3 > servername_list_size )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+        }
+
+        if( p[0] == MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME )
+        {
+            ret = ssl->conf->f_sni( ssl->conf->p_sni,
+                                    ssl, p + 3, hostname_len );
+            if( ret != 0 )
+            {
+                MBEDTLS_SSL_DEBUG_RET( 1, "ssl_sni_wrapper", ret );
+                mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                        MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME );
+                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+            }
+            return( 0 );
+        }
+
+        servername_list_size -= hostname_len + 3;
+        p += hostname_len + 3;
+    }
+
+    if( servername_list_size != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
+
+static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl,
+                                         const unsigned char *buf,
+                                         size_t len )
+{
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
+    {
+        /* Check verify-data in constant-time. The length OTOH is no secret */
+        if( len    != 1 + ssl->verify_data_len ||
+            buf[0] !=     ssl->verify_data_len ||
+            mbedtls_ssl_safer_memcmp( buf + 1, ssl->peer_verify_data,
+                          ssl->verify_data_len ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching renegotiation info" ) );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+        }
+    }
+    else
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+    {
+        if( len != 1 || buf[0] != 0x0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-zero length renegotiation info" ) );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+        }
+
+        ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION;
+    }
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
+
+/*
+ * Status of the implementation of signature-algorithms extension:
+ *
+ * Currently, we are only considering the signature-algorithm extension
+ * to pick a ciphersuite which allows us to send the ServerKeyExchange
+ * message with a signature-hash combination that the user allows.
+ *
+ * We do *not* check whether all certificates in our certificate
+ * chain are signed with an allowed signature-hash pair.
+ * This needs to be done at a later stage.
+ *
+ */
+static int ssl_parse_signature_algorithms_ext( mbedtls_ssl_context *ssl,
+                                               const unsigned char *buf,
+                                               size_t len )
+{
+    size_t sig_alg_list_size;
+
+    const unsigned char *p;
+    const unsigned char *end = buf + len;
+
+    mbedtls_md_type_t md_cur;
+    mbedtls_pk_type_t sig_cur;
+
+    sig_alg_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) );
+    if( sig_alg_list_size + 2 != len ||
+        sig_alg_list_size % 2 != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    /* Currently we only guarantee signing the ServerKeyExchange message according
+     * to the constraints specified in this extension (see above), so it suffices
+     * to remember only one suitable hash for each possible signature algorithm.
+     *
+     * This will change when we also consider certificate signatures,
+     * in which case we will need to remember the whole signature-hash
+     * pair list from the extension.
+     */
+
+    for( p = buf + 2; p < end; p += 2 )
+    {
+        /* Silently ignore unknown signature or hash algorithms. */
+
+        if( ( sig_cur = mbedtls_ssl_pk_alg_from_sig( p[1] ) ) == MBEDTLS_PK_NONE )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext"
+                                        " unknown sig alg encoding %d", p[1] ) );
+            continue;
+        }
+
+        /* Check if we support the hash the user proposes */
+        md_cur = mbedtls_ssl_md_alg_from_hash( p[0] );
+        if( md_cur == MBEDTLS_MD_NONE )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext:"
+                                        " unknown hash alg encoding %d", p[0] ) );
+            continue;
+        }
+
+        if( mbedtls_ssl_check_sig_hash( ssl, md_cur ) == 0 )
+        {
+            mbedtls_ssl_sig_hash_set_add( &ssl->handshake->hash_algs, sig_cur, md_cur );
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext:"
+                                        " match sig %d and hash %d",
+                                        sig_cur, md_cur ) );
+        }
+        else
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext: "
+                                        "hash alg %d not supported", md_cur ) );
+        }
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
+          MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+static int ssl_parse_supported_elliptic_curves( mbedtls_ssl_context *ssl,
+                                                const unsigned char *buf,
+                                                size_t len )
+{
+    size_t list_size, our_size;
+    const unsigned char *p;
+    const mbedtls_ecp_curve_info *curve_info, **curves;
+
+    list_size = ( ( buf[0] << 8 ) | ( buf[1] ) );
+    if( list_size + 2 != len ||
+        list_size % 2 != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    /* Should never happen unless client duplicates the extension */
+    if( ssl->handshake->curves != NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    /* Don't allow our peer to make us allocate too much memory,
+     * and leave room for a final 0 */
+    our_size = list_size / 2 + 1;
+    if( our_size > MBEDTLS_ECP_DP_MAX )
+        our_size = MBEDTLS_ECP_DP_MAX;
+
+    if( ( curves = mbedtls_calloc( our_size, sizeof( *curves ) ) ) == NULL )
+    {
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
+        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+    }
+
+    ssl->handshake->curves = curves;
+
+    p = buf + 2;
+    while( list_size > 0 && our_size > 1 )
+    {
+        curve_info = mbedtls_ecp_curve_info_from_tls_id( ( p[0] << 8 ) | p[1] );
+
+        if( curve_info != NULL )
+        {
+            *curves++ = curve_info;
+            our_size--;
+        }
+
+        list_size -= 2;
+        p += 2;
+    }
+
+    return( 0 );
+}
+
+static int ssl_parse_supported_point_formats( mbedtls_ssl_context *ssl,
+                                              const unsigned char *buf,
+                                              size_t len )
+{
+    size_t list_size;
+    const unsigned char *p;
+
+    list_size = buf[0];
+    if( list_size + 1 != len )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    p = buf + 1;
+    while( list_size > 0 )
+    {
+        if( p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED ||
+            p[0] == MBEDTLS_ECP_PF_COMPRESSED )
+        {
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
+            ssl->handshake->ecdh_ctx.point_format = p[0];
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+            ssl->handshake->ecjpake_ctx.point_format = p[0];
+#endif
+            MBEDTLS_SSL_DEBUG_MSG( 4, ( "point format selected: %d", p[0] ) );
+            return( 0 );
+        }
+
+        list_size--;
+        p++;
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
+          MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl,
+                                   const unsigned char *buf,
+                                   size_t len )
+{
+    int ret;
+
+    if( mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip ecjpake kkpp extension" ) );
+        return( 0 );
+    }
+
+    if( ( ret = mbedtls_ecjpake_read_round_one( &ssl->handshake->ecjpake_ctx,
+                                                buf, len ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_one", ret );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
+        return( ret );
+    }
+
+    /* Only mark the extension as OK when we're sure it is */
+    ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK;
+
+    return( 0 );
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl,
+                                              const unsigned char *buf,
+                                              size_t len )
+{
+    if( len != 1 || buf[0] >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    ssl->session_negotiate->mfl_code = buf[0];
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl,
+                                         const unsigned char *buf,
+                                         size_t len )
+{
+    if( len != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    ((void) buf);
+
+    if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED )
+        ssl->session_negotiate->trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED;
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
+                                      const unsigned char *buf,
+                                      size_t len )
+{
+    if( len != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    ((void) buf);
+
+    if( ssl->conf->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED &&
+        ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 )
+    {
+        ssl->session_negotiate->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED;
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl,
+                                      const unsigned char *buf,
+                                      size_t len )
+{
+    if( len != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    ((void) buf);
+
+    if( ssl->conf->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED &&
+        ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 )
+    {
+        ssl->handshake->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED;
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl,
+                                         unsigned char *buf,
+                                         size_t len )
+{
+    int ret;
+    mbedtls_ssl_session session;
+
+    mbedtls_ssl_session_init( &session );
+
+    if( ssl->conf->f_ticket_parse == NULL ||
+        ssl->conf->f_ticket_write == NULL )
+    {
+        return( 0 );
+    }
+
+    /* Remember the client asked us to send a new ticket */
+    ssl->handshake->new_session_ticket = 1;
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket length: %d", len ) );
+
+    if( len == 0 )
+        return( 0 );
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket rejected: renegotiating" ) );
+        return( 0 );
+    }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+    /*
+     * Failures are ok: just ignore the ticket and proceed.
+     */
+    if( ( ret = ssl->conf->f_ticket_parse( ssl->conf->p_ticket, &session,
+                                           buf, len ) ) != 0 )
+    {
+        mbedtls_ssl_session_free( &session );
+
+        if( ret == MBEDTLS_ERR_SSL_INVALID_MAC )
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket is not authentic" ) );
+        else if( ret == MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED )
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket is expired" ) );
+        else
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_ticket_parse", ret );
+
+        return( 0 );
+    }
+
+    /*
+     * Keep the session ID sent by the client, since we MUST send it back to
+     * inform them we're accepting the ticket  (RFC 5077 section 3.4)
+     */
+    session.id_len = ssl->session_negotiate->id_len;
+    memcpy( &session.id, ssl->session_negotiate->id, session.id_len );
+
+    mbedtls_ssl_session_free( ssl->session_negotiate );
+    memcpy( ssl->session_negotiate, &session, sizeof( mbedtls_ssl_session ) );
+
+    /* Zeroize instead of free as we copied the content */
+    mbedtls_zeroize( &session, sizeof( mbedtls_ssl_session ) );
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from ticket" ) );
+
+    ssl->handshake->resume = 1;
+
+    /* Don't send a new ticket after all, this one is OK */
+    ssl->handshake->new_session_ticket = 0;
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_SSL_ALPN)
+static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl,
+                               const unsigned char *buf, size_t len )
+{
+    size_t list_len, cur_len, ours_len;
+    const unsigned char *theirs, *start, *end;
+    const char **ours;
+
+    /* If ALPN not configured, just ignore the extension */
+    if( ssl->conf->alpn_list == NULL )
+        return( 0 );
+
+    /*
+     * opaque ProtocolName<1..2^8-1>;
+     *
+     * struct {
+     *     ProtocolName protocol_name_list<2..2^16-1>
+     * } ProtocolNameList;
+     */
+
+    /* Min length is 2 (list_len) + 1 (name_len) + 1 (name) */
+    if( len < 4 )
+    {
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    list_len = ( buf[0] << 8 ) | buf[1];
+    if( list_len != len - 2 )
+    {
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    /*
+     * Validate peer's list (lengths)
+     */
+    start = buf + 2;
+    end = buf + len;
+    for( theirs = start; theirs != end; theirs += cur_len )
+    {
+        cur_len = *theirs++;
+
+        /* Current identifier must fit in list */
+        if( cur_len > (size_t)( end - theirs ) )
+        {
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+        }
+
+        /* Empty strings MUST NOT be included */
+        if( cur_len == 0 )
+        {
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+        }
+    }
+
+    /*
+     * Use our order of preference
+     */
+    for( ours = ssl->conf->alpn_list; *ours != NULL; ours++ )
+    {
+        ours_len = strlen( *ours );
+        for( theirs = start; theirs != end; theirs += cur_len )
+        {
+            cur_len = *theirs++;
+
+            if( cur_len == ours_len &&
+                memcmp( theirs, *ours, cur_len ) == 0 )
+            {
+                ssl->alpn_chosen = *ours;
+                return( 0 );
+            }
+        }
+    }
+
+    /* If we get there, no match was found */
+    mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                            MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL );
+    return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+}
+#endif /* MBEDTLS_SSL_ALPN */
+
+/*
+ * Auxiliary functions for ServerHello parsing and related actions
+ */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+/*
+ * Return 0 if the given key uses one of the acceptable curves, -1 otherwise
+ */
+#if defined(MBEDTLS_ECDSA_C)
+static int ssl_check_key_curve( mbedtls_pk_context *pk,
+                                const mbedtls_ecp_curve_info **curves )
+{
+    const mbedtls_ecp_curve_info **crv = curves;
+    mbedtls_ecp_group_id grp_id = mbedtls_pk_ec( *pk )->grp.id;
+
+    while( *crv != NULL )
+    {
+        if( (*crv)->grp_id == grp_id )
+            return( 0 );
+        crv++;
+    }
+
+    return( -1 );
+}
+#endif /* MBEDTLS_ECDSA_C */
+
+/*
+ * Try picking a certificate for this ciphersuite,
+ * return 0 on success and -1 on failure.
+ */
+static int ssl_pick_cert( mbedtls_ssl_context *ssl,
+                          const mbedtls_ssl_ciphersuite_t * ciphersuite_info )
+{
+    mbedtls_ssl_key_cert *cur, *list, *fallback = NULL;
+    mbedtls_pk_type_t pk_alg =
+        mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info );
+    uint32_t flags;
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    if( ssl->handshake->sni_key_cert != NULL )
+        list = ssl->handshake->sni_key_cert;
+    else
+#endif
+        list = ssl->conf->key_cert;
+
+    if( pk_alg == MBEDTLS_PK_NONE )
+        return( 0 );
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite requires certificate" ) );
+
+    if( list == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "server has no certificate" ) );
+        return( -1 );
+    }
+
+    for( cur = list; cur != NULL; cur = cur->next )
+    {
+        MBEDTLS_SSL_DEBUG_CRT( 3, "candidate certificate chain, certificate",
+                          cur->cert );
+
+        if( ! mbedtls_pk_can_do( cur->key, pk_alg ) )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: key type" ) );
+            continue;
+        }
+
+        /*
+         * This avoids sending the client a cert it'll reject based on
+         * keyUsage or other extensions.
+         *
+         * It also allows the user to provision different certificates for
+         * different uses based on keyUsage, eg if they want to avoid signing
+         * and decrypting with the same RSA key.
+         */
+        if( mbedtls_ssl_check_cert_usage( cur->cert, ciphersuite_info,
+                                  MBEDTLS_SSL_IS_SERVER, &flags ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: "
+                                "(extended) key usage extension" ) );
+            continue;
+        }
+
+#if defined(MBEDTLS_ECDSA_C)
+        if( pk_alg == MBEDTLS_PK_ECDSA &&
+            ssl_check_key_curve( cur->key, ssl->handshake->curves ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: elliptic curve" ) );
+            continue;
+        }
+#endif
+
+        /*
+         * Try to select a SHA-1 certificate for pre-1.2 clients, but still
+         * present them a SHA-higher cert rather than failing if it's the only
+         * one we got that satisfies the other conditions.
+         */
+        if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 &&
+            cur->cert->sig_md != MBEDTLS_MD_SHA1 )
+        {
+            if( fallback == NULL )
+                fallback = cur;
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate not preferred: "
+                                    "sha-2 with pre-TLS 1.2 client" ) );
+            continue;
+            }
+        }
+
+        /* If we get there, we got a winner */
+        break;
+    }
+
+    if( cur == NULL )
+        cur = fallback;
+
+    /* Do not update ssl->handshake->key_cert unless there is a match */
+    if( cur != NULL )
+    {
+        ssl->handshake->key_cert = cur;
+        MBEDTLS_SSL_DEBUG_CRT( 3, "selected certificate chain, certificate",
+                          ssl->handshake->key_cert->cert );
+        return( 0 );
+    }
+
+    return( -1 );
+}
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+/*
+ * Check if a given ciphersuite is suitable for use with our config/keys/etc
+ * Sets ciphersuite_info only if the suite matches.
+ */
+static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id,
+                                  const mbedtls_ssl_ciphersuite_t **ciphersuite_info )
+{
+    const mbedtls_ssl_ciphersuite_t *suite_info;
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)    
+    mbedtls_pk_type_t sig_type;
+#endif
+
+    suite_info = mbedtls_ssl_ciphersuite_from_id( suite_id );
+    if( suite_info == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "trying ciphersuite: %s", suite_info->name ) );
+
+    if( suite_info->min_minor_ver > ssl->minor_ver ||
+        suite_info->max_minor_ver < ssl->minor_ver )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: version" ) );
+        return( 0 );
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        ( suite_info->flags & MBEDTLS_CIPHERSUITE_NODTLS ) )
+        return( 0 );
+#endif
+
+#if defined(MBEDTLS_ARC4_C)
+    if( ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED &&
+            suite_info->cipher == MBEDTLS_CIPHER_ARC4_128 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: rc4" ) );
+        return( 0 );
+    }
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    if( suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE &&
+        ( ssl->handshake->cli_exts & MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK ) == 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: ecjpake "
+                                    "not configured or ext missing" ) );
+        return( 0 );
+    }
+#endif
+
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
+    if( mbedtls_ssl_ciphersuite_uses_ec( suite_info ) &&
+        ( ssl->handshake->curves == NULL ||
+          ssl->handshake->curves[0] == NULL ) )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: "
+                            "no common elliptic curve" ) );
+        return( 0 );
+    }
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+    /* If the ciphersuite requires a pre-shared key and we don't
+     * have one, skip it now rather than failing later */
+    if( mbedtls_ssl_ciphersuite_uses_psk( suite_info ) &&
+        ssl->conf->f_psk == NULL &&
+        ( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL ||
+          ssl->conf->psk_identity_len == 0 || ssl->conf->psk_len == 0 ) )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: no pre-shared key" ) );
+        return( 0 );
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
+    /* If the ciphersuite requires signing, check whether
+     * a suitable hash algorithm is present. */
+    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
+    {
+        sig_type = mbedtls_ssl_get_ciphersuite_sig_alg( suite_info );
+        if( sig_type != MBEDTLS_PK_NONE &&
+            mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs, sig_type ) == MBEDTLS_MD_NONE )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: no suitable hash algorithm "
+                                        "for signature algorithm %d", sig_type ) );
+            return( 0 );
+        }
+    }
+
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
+          MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    /*
+     * Final check: if ciphersuite requires us to have a
+     * certificate/key of a particular type:
+     * - select the appropriate certificate if we have one, or
+     * - try the next ciphersuite if we don't
+     * This must be done last since we modify the key_cert list.
+     */
+    if( ssl_pick_cert( ssl, suite_info ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: "
+                            "no suitable certificate" ) );
+        return( 0 );
+    }
+#endif
+
+    *ciphersuite_info = suite_info;
+    return( 0 );
+}
+
+#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO)
+static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl )
+{
+    int ret, got_common_suite;
+    unsigned int i, j;
+    size_t n;
+    unsigned int ciph_len, sess_len, chal_len;
+    unsigned char *buf, *p;
+    const int *ciphersuites;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client hello v2" ) );
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "client hello v2 illegal for renegotiation" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+    buf = ssl->in_hdr;
+
+    MBEDTLS_SSL_DEBUG_BUF( 4, "record header", buf, 5 );
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v2, message type: %d",
+                   buf[2] ) );
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v2, message len.: %d",
+                   ( ( buf[0] & 0x7F ) << 8 ) | buf[1] ) );
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v2, max. version: [%d:%d]",
+                   buf[3], buf[4] ) );
+
+    /*
+     * SSLv2 Client Hello
+     *
+     * Record layer:
+     *     0  .   1   message length
+     *
+     * SSL layer:
+     *     2  .   2   message type
+     *     3  .   4   protocol version
+     */
+    if( buf[2] != MBEDTLS_SSL_HS_CLIENT_HELLO ||
+        buf[3] != MBEDTLS_SSL_MAJOR_VERSION_3 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    n = ( ( buf[0] << 8 ) | buf[1] ) & 0x7FFF;
+
+    if( n < 17 || n > 512 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    ssl->major_ver = MBEDTLS_SSL_MAJOR_VERSION_3;
+    ssl->minor_ver = ( buf[4] <= ssl->conf->max_minor_ver )
+                     ? buf[4]  : ssl->conf->max_minor_ver;
+
+    if( ssl->minor_ver < ssl->conf->min_minor_ver )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "client only supports ssl smaller than minimum"
+                            " [%d:%d] < [%d:%d]",
+                            ssl->major_ver, ssl->minor_ver,
+                            ssl->conf->min_major_ver, ssl->conf->min_minor_ver ) );
+
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                     MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION );
+        return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION );
+    }
+
+    ssl->handshake->max_major_ver = buf[3];
+    ssl->handshake->max_minor_ver = buf[4];
+
+    if( ( ret = mbedtls_ssl_fetch_input( ssl, 2 + n ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret );
+        return( ret );
+    }
+
+    ssl->handshake->update_checksum( ssl, buf + 2, n );
+
+    buf = ssl->in_msg;
+    n = ssl->in_left - 5;
+
+    /*
+     *    0  .   1   ciphersuitelist length
+     *    2  .   3   session id length
+     *    4  .   5   challenge length
+     *    6  .  ..   ciphersuitelist
+     *   ..  .  ..   session id
+     *   ..  .  ..   challenge
+     */
+    MBEDTLS_SSL_DEBUG_BUF( 4, "record contents", buf, n );
+
+    ciph_len = ( buf[0] << 8 ) | buf[1];
+    sess_len = ( buf[2] << 8 ) | buf[3];
+    chal_len = ( buf[4] << 8 ) | buf[5];
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciph_len: %d, sess_len: %d, chal_len: %d",
+                   ciph_len, sess_len, chal_len ) );
+
+    /*
+     * Make sure each parameter length is valid
+     */
+    if( ciph_len < 3 || ( ciph_len % 3 ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    if( sess_len > 32 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    if( chal_len < 8 || chal_len > 32 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    if( n != 6 + ciph_len + sess_len + chal_len )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, ciphersuitelist",
+                   buf + 6, ciph_len );
+    MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id",
+                   buf + 6 + ciph_len, sess_len );
+    MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, challenge",
+                   buf + 6 + ciph_len + sess_len, chal_len );
+
+    p = buf + 6 + ciph_len;
+    ssl->session_negotiate->id_len = sess_len;
+    memset( ssl->session_negotiate->id, 0,
+            sizeof( ssl->session_negotiate->id ) );
+    memcpy( ssl->session_negotiate->id, p, ssl->session_negotiate->id_len );
+
+    p += sess_len;
+    memset( ssl->handshake->randbytes, 0, 64 );
+    memcpy( ssl->handshake->randbytes + 32 - chal_len, p, chal_len );
+
+    /*
+     * Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV
+     */
+    for( i = 0, p = buf + 6; i < ciph_len; i += 3, p += 3 )
+    {
+        if( p[0] == 0 && p[1] == 0 && p[2] == MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) );
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+            if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV "
+                                    "during renegotiation" ) );
+
+                mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                                MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+            }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+            ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION;
+            break;
+        }
+    }
+
+#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
+    for( i = 0, p = buf + 6; i < ciph_len; i += 3, p += 3 )
+    {
+        if( p[0] == 0 &&
+            p[1] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 ) & 0xff ) &&
+            p[2] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE      ) & 0xff ) )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "received FALLBACK_SCSV" ) );
+
+            if( ssl->minor_ver < ssl->conf->max_minor_ver )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "inapropriate fallback" ) );
+
+                mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK );
+
+                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+            }
+
+            break;
+        }
+    }
+#endif /* MBEDTLS_SSL_FALLBACK_SCSV */
+
+    got_common_suite = 0;
+    ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver];
+    ciphersuite_info = NULL;
+#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE)
+    for( j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3 )
+        for( i = 0; ciphersuites[i] != 0; i++ )
+#else
+    for( i = 0; ciphersuites[i] != 0; i++ )
+        for( j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3 )
+#endif
+        {
+            if( p[0] != 0 ||
+                p[1] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) ||
+                p[2] != ( ( ciphersuites[i]      ) & 0xFF ) )
+                continue;
+
+            got_common_suite = 1;
+
+            if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i],
+                                               &ciphersuite_info ) ) != 0 )
+                return( ret );
+
+            if( ciphersuite_info != NULL )
+                goto have_ciphersuite_v2;
+        }
+
+    if( got_common_suite )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "got ciphersuites in common, "
+                            "but none of them usable" ) );
+        return( MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE );
+    }
+    else
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no ciphersuites in common" ) );
+        return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN );
+    }
+
+have_ciphersuite_v2:
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s", ciphersuite_info->name ) );
+
+    ssl->session_negotiate->ciphersuite = ciphersuites[i];
+    ssl->transform_negotiate->ciphersuite_info = ciphersuite_info;
+
+    /*
+     * SSLv2 Client Hello relevant renegotiation security checks
+     */
+    if( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION &&
+        ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    ssl->in_left = 0;
+    ssl->state++;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse client hello v2" ) );
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */
+
+/* This function doesn't alert on errors that happen early during
+   ClientHello parsing because they might indicate that the client is
+   not talking SSL/TLS at all and would not understand our alert. */
+static int ssl_parse_client_hello( mbedtls_ssl_context *ssl )
+{
+    int ret, got_common_suite;
+    size_t i, j;
+    size_t ciph_offset, comp_offset, ext_offset;
+    size_t msg_len, ciph_len, sess_len, comp_len, ext_len;
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    size_t cookie_offset, cookie_len;
+#endif
+    unsigned char *buf, *p, *ext;
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    int renegotiation_info_seen = 0;
+#endif
+    int handshake_failure = 0;
+    const int *ciphersuites;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
+    int major, minor;
+
+    /* If there is no signature-algorithm extension present,
+     * we need to fall back to the default values for allowed
+     * signature-hash pairs. */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
+    int sig_hash_alg_ext_present = 0;
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
+          MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client hello" ) );
+
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+read_record_header:
+#endif
+    /*
+     * If renegotiating, then the input was read with mbedtls_ssl_read_record(),
+     * otherwise read it ourselves manually in order to support SSLv2
+     * ClientHello, which doesn't use the same record layer format.
+     */
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if( ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE )
+#endif
+    {
+        if( ( ret = mbedtls_ssl_fetch_input( ssl, 5 ) ) != 0 )
+        {
+            /* No alert on a read error. */
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret );
+            return( ret );
+        }
+    }
+
+    buf = ssl->in_hdr;
+
+#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO)
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM )
+#endif
+        if( ( buf[0] & 0x80 ) != 0 )
+            return( ssl_parse_client_hello_v2( ssl ) );
+#endif
+
+    MBEDTLS_SSL_DEBUG_BUF( 4, "record header", buf, mbedtls_ssl_hdr_len( ssl ) );
+
+    /*
+     * SSLv3/TLS Client Hello
+     *
+     * Record layer:
+     *     0  .   0   message type
+     *     1  .   2   protocol version
+     *     3  .   11  DTLS: epoch + record sequence number
+     *     3  .   4   message length
+     */
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, message type: %d",
+                   buf[0] ) );
+
+    if( buf[0] != MBEDTLS_SSL_MSG_HANDSHAKE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, message len.: %d",
+                   ( ssl->in_len[0] << 8 ) | ssl->in_len[1] ) );
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, protocol version: [%d:%d]",
+                   buf[1], buf[2] ) );
+
+    mbedtls_ssl_read_version( &major, &minor, ssl->conf->transport, buf + 1 );
+
+    /* According to RFC 5246 Appendix E.1, the version here is typically
+     * "{03,00}, the lowest version number supported by the client, [or] the
+     * value of ClientHello.client_version", so the only meaningful check here
+     * is the major version shouldn't be less than 3 */
+    if( major < MBEDTLS_SSL_MAJOR_VERSION_3 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    /* For DTLS if this is the initial handshake, remember the client sequence
+     * number to use it in our next message (RFC 6347 4.2.1) */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+        && ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE
+#endif
+        )
+    {
+        /* Epoch should be 0 for initial handshakes */
+        if( ssl->in_ctr[0] != 0 || ssl->in_ctr[1] != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+        }
+
+        memcpy( ssl->out_ctr + 2, ssl->in_ctr + 2, 6 );
+
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+        if( mbedtls_ssl_dtls_replay_check( ssl ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "replayed record, discarding" ) );
+            ssl->next_record_offset = 0;
+            ssl->in_left = 0;
+            goto read_record_header;
+        }
+
+        /* No MAC to check yet, so we can update right now */
+        mbedtls_ssl_dtls_replay_update( ssl );
+#endif
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    msg_len = ( ssl->in_len[0] << 8 ) | ssl->in_len[1];
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
+    {
+        /* Set by mbedtls_ssl_read_record() */
+        msg_len = ssl->in_hslen;
+    }
+    else
+#endif
+    {
+        if( msg_len > MBEDTLS_SSL_MAX_CONTENT_LEN )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+        }
+
+        if( ( ret = mbedtls_ssl_fetch_input( ssl,
+                       mbedtls_ssl_hdr_len( ssl ) + msg_len ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret );
+            return( ret );
+        }
+
+    /* Done reading this record, get ready for the next one */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+        if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+            ssl->next_record_offset = msg_len + mbedtls_ssl_hdr_len( ssl );
+        else
+#endif
+            ssl->in_left = 0;
+    }
+
+    buf = ssl->in_msg;
+
+    MBEDTLS_SSL_DEBUG_BUF( 4, "record contents", buf, msg_len );
+
+    ssl->handshake->update_checksum( ssl, buf, msg_len );
+
+    /*
+     * Handshake layer:
+     *     0  .   0   handshake type
+     *     1  .   3   handshake length
+     *     4  .   5   DTLS only: message seqence number
+     *     6  .   8   DTLS only: fragment offset
+     *     9  .  11   DTLS only: fragment length
+     */
+    if( msg_len < mbedtls_ssl_hs_hdr_len( ssl ) )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, handshake type: %d", buf[0] ) );
+
+    if( buf[0] != MBEDTLS_SSL_HS_CLIENT_HELLO )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, handshake len.: %d",
+                   ( buf[1] << 16 ) | ( buf[2] << 8 ) | buf[3] ) );
+
+    /* We don't support fragmentation of ClientHello (yet?) */
+    if( buf[1] != 0 ||
+        msg_len != mbedtls_ssl_hs_hdr_len( ssl ) + ( ( buf[2] << 8 ) | buf[3] ) )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+    {
+        /*
+         * Copy the client's handshake message_seq on initial handshakes,
+         * check sequence number on renego.
+         */
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+        if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
+        {
+            /* This couldn't be done in ssl_prepare_handshake_record() */
+            unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) |
+                                         ssl->in_msg[5];
+
+            if( cli_msg_seq != ssl->handshake->in_msg_seq )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message_seq: "
+                                    "%d (expected %d)", cli_msg_seq,
+                                    ssl->handshake->in_msg_seq ) );
+                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+            }
+
+            ssl->handshake->in_msg_seq++;
+        }
+        else
+#endif
+        {
+            unsigned int cli_msg_seq = ( ssl->in_msg[4] << 8 ) |
+                                         ssl->in_msg[5];
+            ssl->handshake->out_msg_seq = cli_msg_seq;
+            ssl->handshake->in_msg_seq  = cli_msg_seq + 1;
+        }
+
+        /*
+         * For now we don't support fragmentation, so make sure
+         * fragment_offset == 0 and fragment_length == length
+         */
+        if( ssl->in_msg[6] != 0 || ssl->in_msg[7] != 0 || ssl->in_msg[8] != 0 ||
+            memcmp( ssl->in_msg + 1, ssl->in_msg + 9, 3 ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "ClientHello fragmentation not supported" ) );
+            return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+        }
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    buf += mbedtls_ssl_hs_hdr_len( ssl );
+    msg_len -= mbedtls_ssl_hs_hdr_len( ssl );
+
+    /*
+     * ClientHello layer:
+     *     0  .   1   protocol version
+     *     2  .  33   random bytes (starting with 4 bytes of Unix time)
+     *    34  .  35   session id length (1 byte)
+     *    35  . 34+x  session id
+     *   35+x . 35+x  DTLS only: cookie length (1 byte)
+     *   36+x .  ..   DTLS only: cookie
+     *    ..  .  ..   ciphersuite list length (2 bytes)
+     *    ..  .  ..   ciphersuite list
+     *    ..  .  ..   compression alg. list length (1 byte)
+     *    ..  .  ..   compression alg. list
+     *    ..  .  ..   extensions length (2 bytes, optional)
+     *    ..  .  ..   extensions (optional)
+     */
+
+    /*
+     * Minimal length (with everything empty and extensions ommitted) is
+     * 2 + 32 + 1 + 2 + 1 = 38 bytes. Check that first, so that we can
+     * read at least up to session id length without worrying.
+     */
+    if( msg_len < 38 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    /*
+     * Check and save the protocol version
+     */
+    MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, version", buf, 2 );
+
+    mbedtls_ssl_read_version( &ssl->major_ver, &ssl->minor_ver,
+                      ssl->conf->transport, buf );
+
+    ssl->handshake->max_major_ver = ssl->major_ver;
+    ssl->handshake->max_minor_ver = ssl->minor_ver;
+
+    if( ssl->major_ver < ssl->conf->min_major_ver ||
+        ssl->minor_ver < ssl->conf->min_minor_ver )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "client only supports ssl smaller than minimum"
+                            " [%d:%d] < [%d:%d]",
+                            ssl->major_ver, ssl->minor_ver,
+                            ssl->conf->min_major_ver, ssl->conf->min_minor_ver ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                     MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION );
+        return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION );
+    }
+
+    if( ssl->major_ver > ssl->conf->max_major_ver )
+    {
+        ssl->major_ver = ssl->conf->max_major_ver;
+        ssl->minor_ver = ssl->conf->max_minor_ver;
+    }
+    else if( ssl->minor_ver > ssl->conf->max_minor_ver )
+        ssl->minor_ver = ssl->conf->max_minor_ver;
+
+    /*
+     * Save client random (inc. Unix time)
+     */
+    MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes", buf + 2, 32 );
+
+    memcpy( ssl->handshake->randbytes, buf + 2, 32 );
+
+    /*
+     * Check the session ID length and save session ID
+     */
+    sess_len = buf[34];
+
+    if( sess_len > sizeof( ssl->session_negotiate->id ) ||
+        sess_len + 34 + 2 > msg_len ) /* 2 for cipherlist length field */
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id", buf + 35, sess_len );
+
+    ssl->session_negotiate->id_len = sess_len;
+    memset( ssl->session_negotiate->id, 0,
+            sizeof( ssl->session_negotiate->id ) );
+    memcpy( ssl->session_negotiate->id, buf + 35,
+            ssl->session_negotiate->id_len );
+
+    /*
+     * Check the cookie length and content
+     */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+    {
+        cookie_offset = 35 + sess_len;
+        cookie_len = buf[cookie_offset];
+
+        if( cookie_offset + 1 + cookie_len + 2 > msg_len )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+        }
+
+        MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, cookie",
+                       buf + cookie_offset + 1, cookie_len );
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
+        if( ssl->conf->f_cookie_check != NULL
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+            && ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE
+#endif
+            )
+        {
+            if( ssl->conf->f_cookie_check( ssl->conf->p_cookie,
+                                     buf + cookie_offset + 1, cookie_len,
+                                     ssl->cli_id, ssl->cli_id_len ) != 0 )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification failed" ) );
+                ssl->handshake->verify_cookie_len = 1;
+            }
+            else
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification passed" ) );
+                ssl->handshake->verify_cookie_len = 0;
+            }
+        }
+        else
+#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
+        {
+            /* We know we didn't send a cookie, so it should be empty */
+            if( cookie_len != 0 )
+            {
+                /* This may be an attacker's probe, so don't send an alert */
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+            }
+
+            MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification skipped" ) );
+        }
+
+    /*
+     * Check the ciphersuitelist length (will be parsed later)
+     */
+        ciph_offset = cookie_offset + 1 + cookie_len;
+    }
+    else
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+        ciph_offset = 35 + sess_len;
+
+    ciph_len = ( buf[ciph_offset + 0] << 8 )
+             | ( buf[ciph_offset + 1]      );
+
+    if( ciph_len < 2 ||
+        ciph_len + 2 + ciph_offset + 1 > msg_len || /* 1 for comp. alg. len */
+        ( ciph_len % 2 ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, ciphersuitelist",
+                   buf + ciph_offset + 2,  ciph_len );
+
+    /*
+     * Check the compression algorithms length and pick one
+     */
+    comp_offset = ciph_offset + 2 + ciph_len;
+
+    comp_len = buf[comp_offset];
+
+    if( comp_len < 1 ||
+        comp_len > 16 ||
+        comp_len + comp_offset + 1 > msg_len )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, compression",
+                      buf + comp_offset + 1, comp_len );
+
+    ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_NULL;
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    for( i = 0; i < comp_len; ++i )
+    {
+        if( buf[comp_offset + 1 + i] == MBEDTLS_SSL_COMPRESS_DEFLATE )
+        {
+            ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_DEFLATE;
+            break;
+        }
+    }
+#endif
+
+    /* See comments in ssl_write_client_hello() */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+        ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_NULL;
+#endif
+
+    /* Do not parse the extensions if the protocol is SSLv3 */
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+    if( ( ssl->major_ver != 3 ) || ( ssl->minor_ver != 0 ) )
+    {
+#endif
+        /*
+         * Check the extension length
+         */
+        ext_offset = comp_offset + 1 + comp_len;
+        if( msg_len > ext_offset )
+        {
+            if( msg_len < ext_offset + 2 )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+                mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                                MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+            }
+
+            ext_len = ( buf[ext_offset + 0] << 8 )
+                    | ( buf[ext_offset + 1]      );
+
+            if( ( ext_len > 0 && ext_len < 4 ) ||
+                msg_len != ext_offset + 2 + ext_len )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+                mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                                MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+            }
+        }
+        else
+            ext_len = 0;
+
+        ext = buf + ext_offset + 2;
+        MBEDTLS_SSL_DEBUG_BUF( 3, "client hello extensions", ext, ext_len );
+
+        while( ext_len != 0 )
+        {
+            unsigned int ext_id   = ( ( ext[0] <<  8 )
+                                    | ( ext[1]       ) );
+            unsigned int ext_size = ( ( ext[2] <<  8 )
+                                    | ( ext[3]       ) );
+
+            if( ext_size + 4 > ext_len )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+                mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                                MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+            }
+            switch( ext_id )
+            {
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+            case MBEDTLS_TLS_EXT_SERVERNAME:
+                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ServerName extension" ) );
+                if( ssl->conf->f_sni == NULL )
+                    break;
+
+                ret = ssl_parse_servername_ext( ssl, ext + 4, ext_size );
+                if( ret != 0 )
+                    return( ret );
+                break;
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
+
+            case MBEDTLS_TLS_EXT_RENEGOTIATION_INFO:
+                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found renegotiation extension" ) );
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+                renegotiation_info_seen = 1;
+#endif
+
+                ret = ssl_parse_renegotiation_info( ssl, ext + 4, ext_size );
+                if( ret != 0 )
+                    return( ret );
+                break;
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
+            case MBEDTLS_TLS_EXT_SIG_ALG:
+                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) );
+
+                ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, ext_size );
+                if( ret != 0 )
+                    return( ret );
+
+                sig_hash_alg_ext_present = 1;
+                break;
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
+          MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+            case MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES:
+                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported elliptic curves extension" ) );
+
+                ret = ssl_parse_supported_elliptic_curves( ssl, ext + 4, ext_size );
+                if( ret != 0 )
+                    return( ret );
+                break;
+
+            case MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS:
+                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found supported point formats extension" ) );
+                ssl->handshake->cli_exts |= MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT;
+
+                ret = ssl_parse_supported_point_formats( ssl, ext + 4, ext_size );
+                if( ret != 0 )
+                    return( ret );
+                break;
+#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
+          MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+            case MBEDTLS_TLS_EXT_ECJPAKE_KKPP:
+                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found ecjpake kkpp extension" ) );
+
+                ret = ssl_parse_ecjpake_kkpp( ssl, ext + 4, ext_size );
+                if( ret != 0 )
+                    return( ret );
+                break;
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+            case MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH:
+                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found max fragment length extension" ) );
+
+                ret = ssl_parse_max_fragment_length_ext( ssl, ext + 4, ext_size );
+                if( ret != 0 )
+                    return( ret );
+                break;
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+            case MBEDTLS_TLS_EXT_TRUNCATED_HMAC:
+                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found truncated hmac extension" ) );
+
+                ret = ssl_parse_truncated_hmac_ext( ssl, ext + 4, ext_size );
+                if( ret != 0 )
+                    return( ret );
+                break;
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+            case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC:
+                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found encrypt then mac extension" ) );
+
+                ret = ssl_parse_encrypt_then_mac_ext( ssl, ext + 4, ext_size );
+                if( ret != 0 )
+                    return( ret );
+                break;
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+            case MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET:
+                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found extended master secret extension" ) );
+
+                ret = ssl_parse_extended_ms_ext( ssl, ext + 4, ext_size );
+                if( ret != 0 )
+                    return( ret );
+                break;
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+            case MBEDTLS_TLS_EXT_SESSION_TICKET:
+                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found session ticket extension" ) );
+
+                ret = ssl_parse_session_ticket_ext( ssl, ext + 4, ext_size );
+                if( ret != 0 )
+                    return( ret );
+                break;
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_SSL_ALPN)
+            case MBEDTLS_TLS_EXT_ALPN:
+                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) );
+
+                ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size );
+                if( ret != 0 )
+                    return( ret );
+                break;
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+            default:
+                MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %d (ignoring)",
+                               ext_id ) );
+            }
+
+            ext_len -= 4 + ext_size;
+            ext += 4 + ext_size;
+
+            if( ext_len > 0 && ext_len < 4 )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
+                mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                                MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+            }
+        }
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
+    for( i = 0, p = buf + ciph_offset + 2; i < ciph_len; i += 2, p += 2 )
+    {
+        if( p[0] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 ) & 0xff ) &&
+            p[1] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE      ) & 0xff ) )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 2, ( "received FALLBACK_SCSV" ) );
+
+            if( ssl->minor_ver < ssl->conf->max_minor_ver )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "inapropriate fallback" ) );
+
+                mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK );
+
+                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+            }
+
+            break;
+        }
+    }
+#endif /* MBEDTLS_SSL_FALLBACK_SCSV */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
+
+    /*
+     * Try to fall back to default hash SHA1 if the client
+     * hasn't provided any preferred signature-hash combinations.
+     */
+    if( sig_hash_alg_ext_present == 0 )
+    {
+        mbedtls_md_type_t md_default = MBEDTLS_MD_SHA1;
+
+        if( mbedtls_ssl_check_sig_hash( ssl, md_default ) != 0 )
+            md_default = MBEDTLS_MD_NONE;
+
+        mbedtls_ssl_sig_hash_set_const_hash( &ssl->handshake->hash_algs, md_default );
+    }
+
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
+          MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */
+
+    /*
+     * Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV
+     */
+    for( i = 0, p = buf + ciph_offset + 2; i < ciph_len; i += 2, p += 2 )
+    {
+        if( p[0] == 0 && p[1] == MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) );
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+            if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV "
+                                            "during renegotiation" ) );
+                mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                                MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+                return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+            }
+#endif
+            ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION;
+            break;
+        }
+    }
+
+    /*
+     * Renegotiation security checks
+     */
+    if( ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION &&
+        ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) );
+        handshake_failure = 1;
+    }
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS &&
+             ssl->secure_renegotiation == MBEDTLS_SSL_SECURE_RENEGOTIATION &&
+             renegotiation_info_seen == 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation_info extension missing (secure)" ) );
+        handshake_failure = 1;
+    }
+    else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS &&
+             ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION &&
+             ssl->conf->allow_legacy_renegotiation == MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) );
+        handshake_failure = 1;
+    }
+    else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS &&
+             ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION &&
+             renegotiation_info_seen == 1 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation_info extension present (legacy)" ) );
+        handshake_failure = 1;
+    }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+    if( handshake_failure == 1 )
+    {
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    /*
+     * Search for a matching ciphersuite
+     * (At the end because we need information from the EC-based extensions
+     * and certificate from the SNI callback triggered by the SNI extension.)
+     */
+    got_common_suite = 0;
+    ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver];
+    ciphersuite_info = NULL;
+#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE)
+    for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 )
+        for( i = 0; ciphersuites[i] != 0; i++ )
+#else
+    for( i = 0; ciphersuites[i] != 0; i++ )
+        for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 )
+#endif
+        {
+            if( p[0] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) ||
+                p[1] != ( ( ciphersuites[i]      ) & 0xFF ) )
+                continue;
+
+            got_common_suite = 1;
+
+            if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i],
+                                               &ciphersuite_info ) ) != 0 )
+                return( ret );
+
+            if( ciphersuite_info != NULL )
+                goto have_ciphersuite;
+        }
+
+    if( got_common_suite )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "got ciphersuites in common, "
+                            "but none of them usable" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+        return( MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE );
+    }
+    else
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no ciphersuites in common" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+        return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN );
+    }
+
+have_ciphersuite:
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s", ciphersuite_info->name ) );
+
+    ssl->session_negotiate->ciphersuite = ciphersuites[i];
+    ssl->transform_negotiate->ciphersuite_info = ciphersuite_info;
+
+    ssl->state++;
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+        mbedtls_ssl_recv_flight_completed( ssl );
+#endif
+
+    /* Debugging-only output for testsuite */
+#if defined(MBEDTLS_DEBUG_C)                         && \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2)                && \
+    defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
+    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
+    {
+        mbedtls_pk_type_t sig_alg = mbedtls_ssl_get_ciphersuite_sig_alg( ciphersuite_info );
+        if( sig_alg != MBEDTLS_PK_NONE )
+        {
+            mbedtls_md_type_t md_alg = mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs,
+                                                                  sig_alg );
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext: %d",
+                                        mbedtls_ssl_hash_from_md_alg( md_alg ) ) );
+        }
+        else
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "no hash algorithm for signature algorithm "
+                                        "%d - should not happen", sig_alg ) );
+        }
+    }
+#endif
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse client hello" ) );
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+static void ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl,
+                                          unsigned char *buf,
+                                          size_t *olen )
+{
+    unsigned char *p = buf;
+
+    if( ssl->session_negotiate->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED )
+    {
+        *olen = 0;
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding truncated hmac extension" ) );
+
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC      ) & 0xFF );
+
+    *p++ = 0x00;
+    *p++ = 0x00;
+
+    *olen = 4;
+}
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
+                                            unsigned char *buf,
+                                            size_t *olen )
+{
+    unsigned char *p = buf;
+    const mbedtls_ssl_ciphersuite_t *suite = NULL;
+    const mbedtls_cipher_info_t *cipher = NULL;
+
+    if( ssl->session_negotiate->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED ||
+        ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
+    {
+        *olen = 0;
+        return;
+    }
+
+    /*
+     * RFC 7366: "If a server receives an encrypt-then-MAC request extension
+     * from a client and then selects a stream or Authenticated Encryption
+     * with Associated Data (AEAD) ciphersuite, it MUST NOT send an
+     * encrypt-then-MAC response extension back to the client."
+     */
+    if( ( suite = mbedtls_ssl_ciphersuite_from_id(
+                    ssl->session_negotiate->ciphersuite ) ) == NULL ||
+        ( cipher = mbedtls_cipher_info_from_type( suite->cipher ) ) == NULL ||
+        cipher->mode != MBEDTLS_MODE_CBC )
+    {
+        *olen = 0;
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding encrypt then mac extension" ) );
+
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC      ) & 0xFF );
+
+    *p++ = 0x00;
+    *p++ = 0x00;
+
+    *olen = 4;
+}
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+static void ssl_write_extended_ms_ext( mbedtls_ssl_context *ssl,
+                                       unsigned char *buf,
+                                       size_t *olen )
+{
+    unsigned char *p = buf;
+
+    if( ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_DISABLED ||
+        ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
+    {
+        *olen = 0;
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding extended master secret "
+                        "extension" ) );
+
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_EXTENDED_MASTER_SECRET      ) & 0xFF );
+
+    *p++ = 0x00;
+    *p++ = 0x00;
+
+    *olen = 4;
+}
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+static void ssl_write_session_ticket_ext( mbedtls_ssl_context *ssl,
+                                          unsigned char *buf,
+                                          size_t *olen )
+{
+    unsigned char *p = buf;
+
+    if( ssl->handshake->new_session_ticket == 0 )
+    {
+        *olen = 0;
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding session ticket extension" ) );
+
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SESSION_TICKET      ) & 0xFF );
+
+    *p++ = 0x00;
+    *p++ = 0x00;
+
+    *olen = 4;
+}
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+static void ssl_write_renegotiation_ext( mbedtls_ssl_context *ssl,
+                                         unsigned char *buf,
+                                         size_t *olen )
+{
+    unsigned char *p = buf;
+
+    if( ssl->secure_renegotiation != MBEDTLS_SSL_SECURE_RENEGOTIATION )
+    {
+        *olen = 0;
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, secure renegotiation extension" ) );
+
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_RENEGOTIATION_INFO      ) & 0xFF );
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE )
+    {
+        *p++ = 0x00;
+        *p++ = ( ssl->verify_data_len * 2 + 1 ) & 0xFF;
+        *p++ = ssl->verify_data_len * 2 & 0xFF;
+
+        memcpy( p, ssl->peer_verify_data, ssl->verify_data_len );
+        p += ssl->verify_data_len;
+        memcpy( p, ssl->own_verify_data, ssl->verify_data_len );
+        p += ssl->verify_data_len;
+    }
+    else
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+    {
+        *p++ = 0x00;
+        *p++ = 0x01;
+        *p++ = 0x00;
+    }
+
+    *olen = p - buf;
+}
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl,
+                                               unsigned char *buf,
+                                               size_t *olen )
+{
+    unsigned char *p = buf;
+
+    if( ssl->session_negotiate->mfl_code == MBEDTLS_SSL_MAX_FRAG_LEN_NONE )
+    {
+        *olen = 0;
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, max_fragment_length extension" ) );
+
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH      ) & 0xFF );
+
+    *p++ = 0x00;
+    *p++ = 1;
+
+    *p++ = ssl->session_negotiate->mfl_code;
+
+    *olen = 5;
+}
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+static void ssl_write_supported_point_formats_ext( mbedtls_ssl_context *ssl,
+                                                   unsigned char *buf,
+                                                   size_t *olen )
+{
+    unsigned char *p = buf;
+    ((void) ssl);
+
+    if( ( ssl->handshake->cli_exts &
+          MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS_PRESENT ) == 0 )
+    {
+        *olen = 0;
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, supported_point_formats extension" ) );
+
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS      ) & 0xFF );
+
+    *p++ = 0x00;
+    *p++ = 2;
+
+    *p++ = 1;
+    *p++ = MBEDTLS_ECP_PF_UNCOMPRESSED;
+
+    *olen = 6;
+}
+#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl,
+                                        unsigned char *buf,
+                                        size_t *olen )
+{
+    int ret;
+    unsigned char *p = buf;
+    const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+    size_t kkpp_len;
+
+    *olen = 0;
+
+    /* Skip costly computation if not needed */
+    if( ssl->transform_negotiate->ciphersuite_info->key_exchange !=
+        MBEDTLS_KEY_EXCHANGE_ECJPAKE )
+        return;
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, ecjpake kkpp extension" ) );
+
+    if( end - p < 4 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
+        return;
+    }
+
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_ECJPAKE_KKPP      ) & 0xFF );
+
+    ret = mbedtls_ecjpake_write_round_one( &ssl->handshake->ecjpake_ctx,
+                                        p + 2, end - p - 2, &kkpp_len,
+                                        ssl->conf->f_rng, ssl->conf->p_rng );
+    if( ret != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1 , "mbedtls_ecjpake_write_round_one", ret );
+        return;
+    }
+
+    *p++ = (unsigned char)( ( kkpp_len >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( kkpp_len      ) & 0xFF );
+
+    *olen = kkpp_len + 4;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_SSL_ALPN )
+static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl,
+                                unsigned char *buf, size_t *olen )
+{
+    if( ssl->alpn_chosen == NULL )
+    {
+        *olen = 0;
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding alpn extension" ) );
+
+    /*
+     * 0 . 1    ext identifier
+     * 2 . 3    ext length
+     * 4 . 5    protocol list length
+     * 6 . 6    protocol name length
+     * 7 . 7+n  protocol name
+     */
+    buf[0] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN >> 8 ) & 0xFF );
+    buf[1] = (unsigned char)( ( MBEDTLS_TLS_EXT_ALPN      ) & 0xFF );
+
+    *olen = 7 + strlen( ssl->alpn_chosen );
+
+    buf[2] = (unsigned char)( ( ( *olen - 4 ) >> 8 ) & 0xFF );
+    buf[3] = (unsigned char)( ( ( *olen - 4 )      ) & 0xFF );
+
+    buf[4] = (unsigned char)( ( ( *olen - 6 ) >> 8 ) & 0xFF );
+    buf[5] = (unsigned char)( ( ( *olen - 6 )      ) & 0xFF );
+
+    buf[6] = (unsigned char)( ( ( *olen - 7 )      ) & 0xFF );
+
+    memcpy( buf + 7, ssl->alpn_chosen, *olen - 7 );
+}
+#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
+static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl )
+{
+    int ret;
+    unsigned char *p = ssl->out_msg + 4;
+    unsigned char *cookie_len_byte;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write hello verify request" ) );
+
+    /*
+     * struct {
+     *   ProtocolVersion server_version;
+     *   opaque cookie<0..2^8-1>;
+     * } HelloVerifyRequest;
+     */
+
+    /* The RFC is not clear on this point, but sending the actual negotiated
+     * version looks like the most interoperable thing to do. */
+    mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver,
+                       ssl->conf->transport, p );
+    MBEDTLS_SSL_DEBUG_BUF( 3, "server version", p, 2 );
+    p += 2;
+
+    /* If we get here, f_cookie_check is not null */
+    if( ssl->conf->f_cookie_write == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "inconsistent cookie callbacks" ) );
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+    }
+
+    /* Skip length byte until we know the length */
+    cookie_len_byte = p++;
+
+    if( ( ret = ssl->conf->f_cookie_write( ssl->conf->p_cookie,
+                                     &p, ssl->out_buf + MBEDTLS_SSL_BUFFER_LEN,
+                                     ssl->cli_id, ssl->cli_id_len ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "f_cookie_write", ret );
+        return( ret );
+    }
+
+    *cookie_len_byte = (unsigned char)( p - ( cookie_len_byte + 1 ) );
+
+    MBEDTLS_SSL_DEBUG_BUF( 3, "cookie sent", cookie_len_byte + 1, *cookie_len_byte );
+
+    ssl->out_msglen  = p - ssl->out_msg;
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST;
+
+    ssl->state = MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT;
+
+    if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+        return( ret );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write hello verify request" ) );
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
+
+static int ssl_write_server_hello( mbedtls_ssl_context *ssl )
+{
+#if defined(MBEDTLS_HAVE_TIME)
+    mbedtls_time_t t;
+#endif
+    int ret;
+    size_t olen, ext_len = 0, n;
+    unsigned char *buf, *p;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server hello" ) );
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        ssl->handshake->verify_cookie_len != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "client hello was not authenticated" ) );
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello" ) );
+
+        return( ssl_write_hello_verify_request( ssl ) );
+    }
+#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
+
+    if( ssl->conf->f_rng == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "no RNG provided") );
+        return( MBEDTLS_ERR_SSL_NO_RNG );
+    }
+
+    /*
+     *     0  .   0   handshake type
+     *     1  .   3   handshake length
+     *     4  .   5   protocol version
+     *     6  .   9   UNIX time()
+     *    10  .  37   random bytes
+     */
+    buf = ssl->out_msg;
+    p = buf + 4;
+
+    mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver,
+                       ssl->conf->transport, p );
+    p += 2;
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [%d:%d]",
+                        buf[4], buf[5] ) );
+
+#if defined(MBEDTLS_HAVE_TIME)
+    t = mbedtls_time( NULL );
+    *p++ = (unsigned char)( t >> 24 );
+    *p++ = (unsigned char)( t >> 16 );
+    *p++ = (unsigned char)( t >>  8 );
+    *p++ = (unsigned char)( t       );
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) );
+#else
+    if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 4 ) ) != 0 )
+        return( ret );
+
+    p += 4;
+#endif /* MBEDTLS_HAVE_TIME */
+
+    if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p, 28 ) ) != 0 )
+        return( ret );
+
+    p += 28;
+
+    memcpy( ssl->handshake->randbytes + 32, buf + 6, 32 );
+
+    MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 6, 32 );
+
+    /*
+     * Resume is 0  by default, see ssl_handshake_init().
+     * It may be already set to 1 by ssl_parse_session_ticket_ext().
+     * If not, try looking up session ID in our cache.
+     */
+    if( ssl->handshake->resume == 0 &&
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+        ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE &&
+#endif
+        ssl->session_negotiate->id_len != 0 &&
+        ssl->conf->f_get_cache != NULL &&
+        ssl->conf->f_get_cache( ssl->conf->p_cache, ssl->session_negotiate ) == 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from cache" ) );
+        ssl->handshake->resume = 1;
+    }
+
+    if( ssl->handshake->resume == 0 )
+    {
+        /*
+         * New session, create a new session id,
+         * unless we're about to issue a session ticket
+         */
+        ssl->state++;
+
+#if defined(MBEDTLS_HAVE_TIME)
+        ssl->session_negotiate->start = mbedtls_time( NULL );
+#endif
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+        if( ssl->handshake->new_session_ticket != 0 )
+        {
+            ssl->session_negotiate->id_len = n = 0;
+            memset( ssl->session_negotiate->id, 0, 32 );
+        }
+        else
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+        {
+            ssl->session_negotiate->id_len = n = 32;
+            if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->session_negotiate->id,
+                                    n ) ) != 0 )
+                return( ret );
+        }
+    }
+    else
+    {
+        /*
+         * Resuming a session
+         */
+        n = ssl->session_negotiate->id_len;
+        ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC;
+
+        if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret );
+            return( ret );
+        }
+    }
+
+    /*
+     *    38  .  38     session id length
+     *    39  . 38+n    session id
+     *   39+n . 40+n    chosen ciphersuite
+     *   41+n . 41+n    chosen compression alg.
+     *   42+n . 43+n    extensions length
+     *   44+n . 43+n+m  extensions
+     */
+    *p++ = (unsigned char) ssl->session_negotiate->id_len;
+    memcpy( p, ssl->session_negotiate->id, ssl->session_negotiate->id_len );
+    p += ssl->session_negotiate->id_len;
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %d", n ) );
+    MBEDTLS_SSL_DEBUG_BUF( 3,   "server hello, session id", buf + 39, n );
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed",
+                   ssl->handshake->resume ? "a" : "no" ) );
+
+    *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite >> 8 );
+    *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite      );
+    *p++ = (unsigned char)( ssl->session_negotiate->compression      );
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s",
+           mbedtls_ssl_get_ciphersuite_name( ssl->session_negotiate->ciphersuite ) ) );
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: 0x%02X",
+                   ssl->session_negotiate->compression ) );
+
+    /* Do not write the extensions if the protocol is SSLv3 */
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+    if( ( ssl->major_ver != 3 ) || ( ssl->minor_ver != 0 ) )
+    {
+#endif
+
+    /*
+     *  First write extensions, then the total length
+     */
+    ssl_write_renegotiation_ext( ssl, p + 2 + ext_len, &olen );
+    ext_len += olen;
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    ssl_write_max_fragment_length_ext( ssl, p + 2 + ext_len, &olen );
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+    ssl_write_truncated_hmac_ext( ssl, p + 2 + ext_len, &olen );
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    ssl_write_encrypt_then_mac_ext( ssl, p + 2 + ext_len, &olen );
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+    ssl_write_extended_ms_ext( ssl, p + 2 + ext_len, &olen );
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    ssl_write_session_ticket_ext( ssl, p + 2 + ext_len, &olen );
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, &olen );
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    ssl_write_ecjpake_kkpp_ext( ssl, p + 2 + ext_len, &olen );
+    ext_len += olen;
+#endif
+
+#if defined(MBEDTLS_SSL_ALPN)
+    ssl_write_alpn_ext( ssl, p + 2 + ext_len, &olen );
+    ext_len += olen;
+#endif
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, total extension length: %d", ext_len ) );
+
+    if( ext_len > 0 )
+    {
+        *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
+        *p++ = (unsigned char)( ( ext_len      ) & 0xFF );
+        p += ext_len;
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+    }
+#endif
+
+    ssl->out_msglen  = p - buf;
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_SERVER_HELLO;
+
+    ret = mbedtls_ssl_write_record( ssl );
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello" ) );
+
+    return( ret );
+}
+
+#if !defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)       && \
+    !defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)   && \
+    !defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)  && \
+    !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \
+    !defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)&& \
+    !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
+static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
+{
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->transform_negotiate->ciphersuite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) );
+
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) );
+        ssl->state++;
+        return( 0 );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+    return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+}
+#else
+static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
+{
+    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->transform_negotiate->ciphersuite_info;
+    size_t dn_size, total_dn_size; /* excluding length bytes */
+    size_t ct_len, sa_len; /* including length bytes */
+    unsigned char *buf, *p;
+    const unsigned char * const end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+    const mbedtls_x509_crt *crt;
+    int authmode;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) );
+
+    ssl->state++;
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    if( ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET )
+        authmode = ssl->handshake->sni_authmode;
+    else
+#endif
+        authmode = ssl->conf->authmode;
+
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
+        authmode == MBEDTLS_SSL_VERIFY_NONE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) );
+        return( 0 );
+    }
+
+    /*
+     *     0  .   0   handshake type
+     *     1  .   3   handshake length
+     *     4  .   4   cert type count
+     *     5  .. m-1  cert types
+     *     m  .. m+1  sig alg length (TLS 1.2 only)
+     *    m+1 .. n-1  SignatureAndHashAlgorithms (TLS 1.2 only)
+     *     n  .. n+1  length of all DNs
+     *    n+2 .. n+3  length of DN 1
+     *    n+4 .. ...  Distinguished Name #1
+     *    ... .. ...  length of DN 2, etc.
+     */
+    buf = ssl->out_msg;
+    p = buf + 4;
+
+    /*
+     * Supported certificate types
+     *
+     *     ClientCertificateType certificate_types<1..2^8-1>;
+     *     enum { (255) } ClientCertificateType;
+     */
+    ct_len = 0;
+
+#if defined(MBEDTLS_RSA_C)
+    p[1 + ct_len++] = MBEDTLS_SSL_CERT_TYPE_RSA_SIGN;
+#endif
+#if defined(MBEDTLS_ECDSA_C)
+    p[1 + ct_len++] = MBEDTLS_SSL_CERT_TYPE_ECDSA_SIGN;
+#endif
+
+    p[0] = (unsigned char) ct_len++;
+    p += ct_len;
+
+    sa_len = 0;
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    /*
+     * Add signature_algorithms for verify (TLS 1.2)
+     *
+     *     SignatureAndHashAlgorithm supported_signature_algorithms<2..2^16-2>;
+     *
+     *     struct {
+     *           HashAlgorithm hash;
+     *           SignatureAlgorithm signature;
+     *     } SignatureAndHashAlgorithm;
+     *
+     *     enum { (255) } HashAlgorithm;
+     *     enum { (255) } SignatureAlgorithm;
+     */
+    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
+    {
+        const int *cur;
+
+        /*
+         * Supported signature algorithms
+         */
+        for( cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++ )
+        {
+            unsigned char hash = mbedtls_ssl_hash_from_md_alg( *cur );
+
+            if( MBEDTLS_SSL_HASH_NONE == hash || mbedtls_ssl_set_calc_verify_md( ssl, hash ) )
+                continue;
+
+#if defined(MBEDTLS_RSA_C)
+            p[2 + sa_len++] = hash;
+            p[2 + sa_len++] = MBEDTLS_SSL_SIG_RSA;
+#endif
+#if defined(MBEDTLS_ECDSA_C)
+            p[2 + sa_len++] = hash;
+            p[2 + sa_len++] = MBEDTLS_SSL_SIG_ECDSA;
+#endif
+        }
+
+        p[0] = (unsigned char)( sa_len >> 8 );
+        p[1] = (unsigned char)( sa_len      );
+        sa_len += 2;
+        p += sa_len;
+    }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+    /*
+     * DistinguishedName certificate_authorities<0..2^16-1>;
+     * opaque DistinguishedName<1..2^16-1>;
+     */
+    p += 2;
+
+    total_dn_size = 0;
+
+    if( ssl->conf->cert_req_ca_list ==  MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED )
+    {
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+        if( ssl->handshake->sni_ca_chain != NULL )
+            crt = ssl->handshake->sni_ca_chain;
+        else
+#endif
+            crt = ssl->conf->ca_chain;
+
+        while( crt != NULL && crt->version != 0 )
+        {
+            dn_size = crt->subject_raw.len;
+
+            if( end < p ||
+                (size_t)( end - p ) < dn_size ||
+                (size_t)( end - p ) < 2 + dn_size )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "skipping CAs: buffer too short" ) );
+                break;
+            }
+
+            *p++ = (unsigned char)( dn_size >> 8 );
+            *p++ = (unsigned char)( dn_size      );
+            memcpy( p, crt->subject_raw.p, dn_size );
+            p += dn_size;
+
+            MBEDTLS_SSL_DEBUG_BUF( 3, "requested DN", p - dn_size, dn_size );
+
+            total_dn_size += 2 + dn_size;
+            crt = crt->next;
+        }
+    }
+
+    ssl->out_msglen  = p - buf;
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST;
+    ssl->out_msg[4 + ct_len + sa_len] = (unsigned char)( total_dn_size  >> 8 );
+    ssl->out_msg[5 + ct_len + sa_len] = (unsigned char)( total_dn_size       );
+
+    ret = mbedtls_ssl_write_record( ssl );
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate request" ) );
+
+    return( ret );
+}
+#endif /* !MBEDTLS_KEY_EXCHANGE_RSA_ENABLED &&
+          !MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED &&
+          !MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED &&
+          !MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED &&
+          !MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED &&
+          !MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
+static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
+{
+    int ret;
+
+    if( ! mbedtls_pk_can_do( mbedtls_ssl_own_key( ssl ), MBEDTLS_PK_ECKEY ) )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "server key not ECDH capable" ) );
+        return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH );
+    }
+
+    if( ( ret = mbedtls_ecdh_get_params( &ssl->handshake->ecdh_ctx,
+                                 mbedtls_pk_ec( *mbedtls_ssl_own_key( ssl ) ),
+                                 MBEDTLS_ECDH_OURS ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ecdh_get_params" ), ret );
+        return( ret );
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) ||
+          MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
+
+static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
+{
+    int ret;
+    size_t n = 0;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+                            ssl->transform_negotiate->ciphersuite_info;
+
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED)
+    unsigned char *p = ssl->out_msg + 4;
+    size_t len;
+#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
+    unsigned char *dig_signed = p;
+    size_t dig_signed_len = 0;
+#endif /* MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED */
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED */
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server key exchange" ) );
+
+    /*
+     *
+     * Part 1: Extract static ECDH parameters and abort
+     *         if ServerKeyExchange not needed.
+     *
+     */
+
+    /* For suites involving ECDH, extract DH parameters
+     * from certificate at this point. */
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED)
+    if( mbedtls_ssl_ciphersuite_uses_ecdh( ciphersuite_info ) )
+    {
+        ssl_get_ecdh_params_from_cert( ssl );
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED */
+
+    /* Key exchanges not involving ephemeral keys don't use
+     * ServerKeyExchange, so end here. */
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED)
+    if( mbedtls_ssl_ciphersuite_no_pfs( ciphersuite_info ) )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write server key exchange" ) );
+        ssl->state++;
+        return( 0 );
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE__NON_PFS__ENABLED */
+
+    /*
+     *
+     * Part 2: Provide key exchange parameters for chosen ciphersuite.
+     *
+     */
+
+    /*
+     * - ECJPAKE key exchanges
+     */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
+    {
+        const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
+
+        ret = mbedtls_ecjpake_write_round_two( &ssl->handshake->ecjpake_ctx,
+                p, end - p, &len, ssl->conf->f_rng, ssl->conf->p_rng );
+        if( ret != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_write_round_two", ret );
+            return( ret );
+        }
+
+        p += len;
+        n += len;
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+    /*
+     * For (EC)DHE key exchanges with PSK, parameters are prefixed by support
+     * identity hint (RFC 4279, Sec. 3). Until someone needs this feature,
+     * we use empty support identity hints here.
+     **/
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)   || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )
+    {
+        *(p++) = 0x00;
+        *(p++) = 0x00;
+
+        n += 2;
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
+
+    /*
+     * - DHE key exchanges
+     */
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED)
+    if( mbedtls_ssl_ciphersuite_uses_dhe( ciphersuite_info ) )
+    {
+        if( ssl->conf->dhm_P.p == NULL || ssl->conf->dhm_G.p == NULL )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "no DH parameters set" ) );
+            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+        }
+
+        /*
+         * Ephemeral DH parameters:
+         *
+         * struct {
+         *     opaque dh_p<1..2^16-1>;
+         *     opaque dh_g<1..2^16-1>;
+         *     opaque dh_Ys<1..2^16-1>;
+         * } ServerDHParams;
+         */
+        if( ( ret = mbedtls_dhm_set_group( &ssl->handshake->dhm_ctx,
+                                           &ssl->conf->dhm_P,
+                                           &ssl->conf->dhm_G ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_set_group", ret );
+            return( ret );
+        }
+
+        if( ( ret = mbedtls_dhm_make_params( &ssl->handshake->dhm_ctx,
+                        (int) mbedtls_mpi_size( &ssl->handshake->dhm_ctx.P ),
+                        p, &len, ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_make_params", ret );
+            return( ret );
+        }
+
+#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)        
+        dig_signed = p;
+        dig_signed_len = len;
+#endif
+
+        p += len;
+        n += len;
+
+        MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X  );
+        MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: P ", &ssl->handshake->dhm_ctx.P  );
+        MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: G ", &ssl->handshake->dhm_ctx.G  );
+        MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX );
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED */
+
+    /*
+     * - ECDHE key exchanges
+     */
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED)
+    if( mbedtls_ssl_ciphersuite_uses_ecdhe( ciphersuite_info ) )
+    {
+        /*
+         * Ephemeral ECDH parameters:
+         *
+         * struct {
+         *     ECParameters curve_params;
+         *     ECPoint      public;
+         * } ServerECDHParams;
+         */
+        const mbedtls_ecp_curve_info **curve = NULL;
+        const mbedtls_ecp_group_id *gid;
+
+        /* Match our preference list against the offered curves */
+        for( gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++ )
+            for( curve = ssl->handshake->curves; *curve != NULL; curve++ )
+                if( (*curve)->grp_id == *gid )
+                    goto curve_matching_done;
+
+curve_matching_done:
+        if( curve == NULL || *curve == NULL )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "no matching curve for ECDHE" ) );
+            return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN );
+        }
+
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDHE curve: %s", (*curve)->name ) );
+
+        if( ( ret = mbedtls_ecp_group_load( &ssl->handshake->ecdh_ctx.grp,
+                                       (*curve)->grp_id ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecp_group_load", ret );
+            return( ret );
+        }
+
+        if( ( ret = mbedtls_ecdh_make_params( &ssl->handshake->ecdh_ctx, &len,
+                                      p, MBEDTLS_SSL_MAX_CONTENT_LEN - n,
+                                      ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_params", ret );
+            return( ret );
+        }
+
+#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
+        dig_signed     = p;
+        dig_signed_len = len;
+#endif
+
+        p += len;
+        n += len;
+
+        MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Q ", &ssl->handshake->ecdh_ctx.Q );
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED */
+
+    /*
+     *
+     * Part 3: For key exchanges involving the server signing the
+     *         exchange parameters, compute and add the signature here.
+     *
+     */
+#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
+    if( mbedtls_ssl_ciphersuite_uses_server_signature( ciphersuite_info ) )
+    {
+        size_t signature_len = 0;
+        unsigned int hashlen = 0;
+        unsigned char hash[64];
+
+        /*
+         * 3.1: Choose hash algorithm:
+         * A: For TLS 1.2, obey signature-hash-algorithm extension 
+         *    to choose appropriate hash.
+         * B: For SSL3, TLS1.0, TLS1.1 and ECDHE_ECDSA, use SHA1
+         *    (RFC 4492, Sec. 5.4)
+         * C: Otherwise, use MD5 + SHA1 (RFC 4346, Sec. 7.4.3)
+         */
+
+        mbedtls_md_type_t md_alg;
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        mbedtls_pk_type_t sig_alg =
+            mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info );
+        if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
+        {
+            /* A: For TLS 1.2, obey signature-hash-algorithm extension
+             *    (RFC 5246, Sec. 7.4.1.4.1). */
+            if( sig_alg == MBEDTLS_PK_NONE ||
+                ( md_alg = mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs,
+                                                          sig_alg ) ) == MBEDTLS_MD_NONE )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+                /* (... because we choose a cipher suite 
+                 *      only if there is a matching hash.) */
+                return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+            }
+        }
+        else
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+        if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA )
+        {
+            /* B: Default hash SHA1 */
+            md_alg = MBEDTLS_MD_SHA1;
+        }
+        else
+#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \
+          MBEDTLS_SSL_PROTO_TLS1_1 */
+        {
+            /* C: MD5 + SHA1 */
+            md_alg = MBEDTLS_MD_NONE;
+        }
+
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "pick hash algorithm %d for signing", md_alg ) );
+
+        /*
+         * 3.2: Compute the hash to be signed
+         */
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+        if( md_alg == MBEDTLS_MD_NONE )
+        {
+            hashlen = 36;
+            ret = mbedtls_ssl_get_key_exchange_md_ssl_tls( ssl, hash,
+                                                           dig_signed,
+                                                           dig_signed_len );
+            if( ret != 0 )
+                return( ret );
+        }
+        else
+#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \
+          MBEDTLS_SSL_PROTO_TLS1_1 */
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        if( md_alg != MBEDTLS_MD_NONE )
+        {
+            /* Info from md_alg will be used instead */
+            hashlen = 0;
+            ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash,
+                                                          dig_signed,
+                                                          dig_signed_len,
+                                                          md_alg );
+            if( ret != 0 )
+                return( ret );
+        }
+        else
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
+          MBEDTLS_SSL_PROTO_TLS1_2 */
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+        }
+
+        MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen != 0 ? hashlen :
+            (unsigned int) ( mbedtls_md_get_size( mbedtls_md_info_from_type( md_alg ) ) ) );
+
+        /*
+         * 3.3: Compute and add the signature
+         */
+        if( mbedtls_ssl_own_key( ssl ) == NULL )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no private key" ) );
+            return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED );
+        }
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
+        {
+            /*
+             * For TLS 1.2, we need to specify signature and hash algorithm
+             * explicitly through a prefix to the signature.
+             *
+             * struct {
+             *    HashAlgorithm hash;
+             *    SignatureAlgorithm signature;
+             * } SignatureAndHashAlgorithm;
+             *
+             * struct {
+             *    SignatureAndHashAlgorithm algorithm;
+             *    opaque signature<0..2^16-1>;
+             * } DigitallySigned;
+             *
+             */
+
+            *(p++) = mbedtls_ssl_hash_from_md_alg( md_alg );
+            *(p++) = mbedtls_ssl_sig_from_pk_alg( sig_alg );
+
+            n += 2;
+        }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+        if( ( ret = mbedtls_pk_sign( mbedtls_ssl_own_key( ssl ), md_alg, hash, hashlen,
+                        p + 2 , &signature_len, ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_sign", ret );
+            return( ret );
+        }
+
+        *(p++) = (unsigned char)( signature_len >> 8 );
+        *(p++) = (unsigned char)( signature_len      );
+        n += 2;
+
+        MBEDTLS_SSL_DEBUG_BUF( 3, "my signature", p, signature_len );
+
+        n += signature_len;
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED */
+
+    /* Done with actual work; add header and send. */
+
+    ssl->out_msglen  = 4 + n;
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE;
+
+    ssl->state++;
+
+    if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+        return( ret );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server key exchange" ) );
+
+    return( 0 );
+}
+
+static int ssl_write_server_hello_done( mbedtls_ssl_context *ssl )
+{
+    int ret;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server hello done" ) );
+
+    ssl->out_msglen  = 4;
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_SERVER_HELLO_DONE;
+
+    ssl->state++;
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+        mbedtls_ssl_send_flight_completed( ssl );
+#endif
+
+    if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+        return( ret );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello done" ) );
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) ||                       \
+    defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char **p,
+                                       const unsigned char *end )
+{
+    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+    size_t n;
+
+    /*
+     * Receive G^Y mod P, premaster = (G^Y)^X mod P
+     */
+    if( *p + 2 > end )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
+    }
+
+    n = ( (*p)[0] << 8 ) | (*p)[1];
+    *p += 2;
+
+    if( *p + n > end )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
+    }
+
+    if( ( ret = mbedtls_dhm_read_public( &ssl->handshake->dhm_ctx, *p, n ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_read_public", ret );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP );
+    }
+
+    *p += n;
+
+    MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: GY", &ssl->handshake->dhm_ctx.GY );
+
+    return( ret );
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) ||                           \
+    defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
+static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl,
+                                    const unsigned char *p,
+                                    const unsigned char *end,
+                                    size_t pms_offset )
+{
+    int ret;
+    size_t len = mbedtls_pk_get_len( mbedtls_ssl_own_key( ssl ) );
+    unsigned char *pms = ssl->handshake->premaster + pms_offset;
+    unsigned char ver[2];
+    unsigned char fake_pms[48], peer_pms[48];
+    unsigned char mask;
+    size_t i, peer_pmslen;
+    unsigned int diff;
+
+    if( ! mbedtls_pk_can_do( mbedtls_ssl_own_key( ssl ), MBEDTLS_PK_RSA ) )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no RSA private key" ) );
+        return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED );
+    }
+
+    /*
+     * Decrypt the premaster using own private RSA key
+     */
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 )
+    {
+        if( *p++ != ( ( len >> 8 ) & 0xFF ) ||
+            *p++ != ( ( len      ) & 0xFF ) )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
+        }
+    }
+#endif
+
+    if( p + len != end )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
+    }
+
+    mbedtls_ssl_write_version( ssl->handshake->max_major_ver,
+                       ssl->handshake->max_minor_ver,
+                       ssl->conf->transport, ver );
+
+    /*
+     * Protection against Bleichenbacher's attack: invalid PKCS#1 v1.5 padding
+     * must not cause the connection to end immediately; instead, send a
+     * bad_record_mac later in the handshake.
+     * Also, avoid data-dependant branches here to protect against
+     * timing-based variants.
+     */
+    ret = ssl->conf->f_rng( ssl->conf->p_rng, fake_pms, sizeof( fake_pms ) );
+    if( ret != 0 )
+        return( ret );
+
+    ret = mbedtls_pk_decrypt( mbedtls_ssl_own_key( ssl ), p, len,
+                      peer_pms, &peer_pmslen,
+                      sizeof( peer_pms ),
+                      ssl->conf->f_rng, ssl->conf->p_rng );
+
+    diff  = (unsigned int) ret;
+    diff |= peer_pmslen ^ 48;
+    diff |= peer_pms[0] ^ ver[0];
+    diff |= peer_pms[1] ^ ver[1];
+
+#if defined(MBEDTLS_SSL_DEBUG_ALL)
+    if( diff != 0 )
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
+#endif
+
+    if( sizeof( ssl->handshake->premaster ) < pms_offset ||
+        sizeof( ssl->handshake->premaster ) - pms_offset < 48 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+    }
+    ssl->handshake->pmslen = 48;
+
+    /* mask = diff ? 0xff : 0x00 using bit operations to avoid branches */
+    /* MSVC has a warning about unary minus on unsigned, but this is
+     * well-defined and precisely what we want to do here */
+#if defined(_MSC_VER)
+#pragma warning( push )
+#pragma warning( disable : 4146 )
+#endif
+    mask = - ( ( diff | - diff ) >> ( sizeof( unsigned int ) * 8 - 1 ) );
+#if defined(_MSC_VER)
+#pragma warning( pop )
+#endif
+
+    for( i = 0; i < ssl->handshake->pmslen; i++ )
+        pms[i] = ( mask & fake_pms[i] ) | ( (~mask) & peer_pms[i] );
+
+    return( 0 );
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned char **p,
+                                          const unsigned char *end )
+{
+    int ret = 0;
+    size_t n;
+
+    if( ssl->conf->f_psk == NULL &&
+        ( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL ||
+          ssl->conf->psk_identity_len == 0 || ssl->conf->psk_len == 0 ) )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no pre-shared key" ) );
+        return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED );
+    }
+
+    /*
+     * Receive client pre-shared key identity name
+     */
+    if( end - *p < 2 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
+    }
+
+    n = ( (*p)[0] << 8 ) | (*p)[1];
+    *p += 2;
+
+    if( n < 1 || n > 65535 || n > (size_t) ( end - *p ) )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
+    }
+
+    if( ssl->conf->f_psk != NULL )
+    {
+        if( ssl->conf->f_psk( ssl->conf->p_psk, ssl, *p, n ) != 0 )
+            ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY;
+    }
+    else
+    {
+        /* Identity is not a big secret since clients send it in the clear,
+         * but treat it carefully anyway, just in case */
+        if( n != ssl->conf->psk_identity_len ||
+            mbedtls_ssl_safer_memcmp( ssl->conf->psk_identity, *p, n ) != 0 )
+        {
+            ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY;
+        }
+    }
+
+    if( ret == MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY )
+    {
+        MBEDTLS_SSL_DEBUG_BUF( 3, "Unknown PSK identity", *p, n );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY );
+        return( MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY );
+    }
+
+    *p += n;
+
+    return( 0 );
+}
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
+
+static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
+{
+    int ret;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
+    unsigned char *p, *end;
+
+    ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client key exchange" ) );
+
+    if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
+        return( ret );
+    }
+
+    p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl );
+    end = ssl->in_msg + ssl->in_hslen;
+
+    if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
+    }
+
+    if( ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
+    }
+
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA )
+    {
+        if( ( ret = ssl_parse_client_dh_public( ssl, &p, end ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_dh_public" ), ret );
+            return( ret );
+        }
+
+        if( p != end )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
+        }
+
+        if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx,
+                                      ssl->handshake->premaster,
+                                      MBEDTLS_PREMASTER_SIZE,
+                                     &ssl->handshake->pmslen,
+                                      ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS );
+        }
+
+        MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K  );
+    }
+    else
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||                     \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ||                   \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) ||                      \
+    defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA )
+    {
+        if( ( ret = mbedtls_ecdh_read_public( &ssl->handshake->ecdh_ctx,
+                                      p, end - p) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_read_public", ret );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP );
+        }
+
+        MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Qp ", &ssl->handshake->ecdh_ctx.Qp );
+
+        if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx,
+                                      &ssl->handshake->pmslen,
+                                       ssl->handshake->premaster,
+                                       MBEDTLS_MPI_MAX_SIZE,
+                                       ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS );
+        }
+
+        MBEDTLS_SSL_DEBUG_MPI( 3, "ECDH: z  ", &ssl->handshake->ecdh_ctx.z );
+    }
+    else
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
+          MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK )
+    {
+        if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret );
+            return( ret );
+        }
+
+        if( p != end )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
+        }
+
+        if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
+                        ciphersuite_info->key_exchange ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret );
+            return( ret );
+        }
+    }
+    else
+#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK )
+    {
+        if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret );
+            return( ret );
+        }
+
+        if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 2 ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_encrypted_pms" ), ret );
+            return( ret );
+        }
+
+        if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
+                        ciphersuite_info->key_exchange ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret );
+            return( ret );
+        }
+    }
+    else
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK )
+    {
+        if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret );
+            return( ret );
+        }
+        if( ( ret = ssl_parse_client_dh_public( ssl, &p, end ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_dh_public" ), ret );
+            return( ret );
+        }
+
+        if( p != end )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
+        }
+
+        if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
+                        ciphersuite_info->key_exchange ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret );
+            return( ret );
+        }
+    }
+    else
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )
+    {
+        if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret );
+            return( ret );
+        }
+
+        if( ( ret = mbedtls_ecdh_read_public( &ssl->handshake->ecdh_ctx,
+                                       p, end - p ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_read_public", ret );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP );
+        }
+
+        MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Qp ", &ssl->handshake->ecdh_ctx.Qp );
+
+        if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
+                        ciphersuite_info->key_exchange ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret );
+            return( ret );
+        }
+    }
+    else
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA )
+    {
+        if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 0 ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_parse_encrypted_pms_secret" ), ret );
+            return( ret );
+        }
+    }
+    else
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
+    {
+        ret = mbedtls_ecjpake_read_round_two( &ssl->handshake->ecjpake_ctx,
+                                              p, end - p );
+        if( ret != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_two", ret );
+            return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
+        }
+
+        ret = mbedtls_ecjpake_derive_secret( &ssl->handshake->ecjpake_ctx,
+                ssl->handshake->premaster, 32, &ssl->handshake->pmslen,
+                ssl->conf->f_rng, ssl->conf->p_rng );
+        if( ret != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_derive_secret", ret );
+            return( ret );
+        }
+    }
+    else
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+    }
+
+    if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_derive_keys", ret );
+        return( ret );
+    }
+
+    ssl->state++;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse client key exchange" ) );
+
+    return( 0 );
+}
+
+#if !defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)       && \
+    !defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)   && \
+    !defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)  && \
+    !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \
+    !defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)&& \
+    !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
+static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
+{
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->transform_negotiate->ciphersuite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) );
+
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
+        ssl->state++;
+        return( 0 );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+    return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+}
+#else
+static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
+{
+    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+    size_t i, sig_len;
+    unsigned char hash[48];
+    unsigned char *hash_start = hash;
+    size_t hashlen;
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    mbedtls_pk_type_t pk_alg;
+#endif
+    mbedtls_md_type_t md_alg;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+        ssl->transform_negotiate->ciphersuite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) );
+
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
+        ssl->session_negotiate->peer_cert == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
+        ssl->state++;
+        return( 0 );
+    }
+
+    /* Read the message without adding it to the checksum */
+    do {
+
+        if( ( ret = mbedtls_ssl_read_record_layer( ssl ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_read_record_layer" ), ret );
+            return( ret );
+        }
+
+        ret = mbedtls_ssl_handle_message_type( ssl );
+
+    } while( MBEDTLS_ERR_SSL_NON_FATAL == ret );
+
+    if( 0 != ret )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_handle_message_type" ), ret );
+        return( ret );
+    }
+
+    ssl->state++;
+
+    /* Process the message contents */
+    if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ||
+        ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE_VERIFY )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
+    }
+
+    i = mbedtls_ssl_hs_hdr_len( ssl );
+
+    /*
+     *  struct {
+     *     SignatureAndHashAlgorithm algorithm; -- TLS 1.2 only
+     *     opaque signature<0..2^16-1>;
+     *  } DigitallySigned;
+     */
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+    if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 )
+    {
+        md_alg = MBEDTLS_MD_NONE;
+        hashlen = 36;
+
+        /* For ECDSA, use SHA-1, not MD-5 + SHA-1 */
+        if( mbedtls_pk_can_do( &ssl->session_negotiate->peer_cert->pk,
+                        MBEDTLS_PK_ECDSA ) )
+        {
+            hash_start += 16;
+            hashlen -= 16;
+            md_alg = MBEDTLS_MD_SHA1;
+        }
+    }
+    else
+#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 ||
+          MBEDTLS_SSL_PROTO_TLS1_1 */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
+    {
+        if( i + 2 > ssl->in_hslen )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
+        }
+
+        /*
+         * Hash
+         */
+        md_alg = mbedtls_ssl_md_alg_from_hash( ssl->in_msg[i] );
+
+        if( md_alg == MBEDTLS_MD_NONE || mbedtls_ssl_set_calc_verify_md( ssl, ssl->in_msg[i] ) )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg"
+                                " for verify message" ) );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
+        }
+
+#if !defined(MBEDTLS_MD_SHA1)
+        if( MBEDTLS_MD_SHA1 == md_alg )
+            hash_start += 16;
+#endif
+
+        /* Info from md_alg will be used instead */
+        hashlen = 0;
+
+        i++;
+
+        /*
+         * Signature
+         */
+        if( ( pk_alg = mbedtls_ssl_pk_alg_from_sig( ssl->in_msg[i] ) )
+                        == MBEDTLS_PK_NONE )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg"
+                                " for verify message" ) );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
+        }
+
+        /*
+         * Check the certificate's key type matches the signature alg
+         */
+        if( ! mbedtls_pk_can_do( &ssl->session_negotiate->peer_cert->pk, pk_alg ) )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "sig_alg doesn't match cert key" ) );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
+        }
+
+        i++;
+    }
+    else
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+    }
+
+    if( i + 2 > ssl->in_hslen )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
+    }
+
+    sig_len = ( ssl->in_msg[i] << 8 ) | ssl->in_msg[i+1];
+    i += 2;
+
+    if( i + sig_len != ssl->in_hslen )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
+    }
+
+    /* Calculate hash and verify signature */
+    ssl->handshake->calc_verify( ssl, hash );
+
+    if( ( ret = mbedtls_pk_verify( &ssl->session_negotiate->peer_cert->pk,
+                           md_alg, hash_start, hashlen,
+                           ssl->in_msg + i, sig_len ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_pk_verify", ret );
+        return( ret );
+    }
+
+    mbedtls_ssl_update_handshake_status( ssl );
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate verify" ) );
+
+    return( ret );
+}
+#endif /* !MBEDTLS_KEY_EXCHANGE_RSA_ENABLED &&
+          !MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED &&
+          !MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED &&
+          !MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED &&
+          !MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED &&
+          !MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+static int ssl_write_new_session_ticket( mbedtls_ssl_context *ssl )
+{
+    int ret;
+    size_t tlen;
+    uint32_t lifetime;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write new session ticket" ) );
+
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_NEW_SESSION_TICKET;
+
+    /*
+     * struct {
+     *     uint32 ticket_lifetime_hint;
+     *     opaque ticket<0..2^16-1>;
+     * } NewSessionTicket;
+     *
+     * 4  .  7   ticket_lifetime_hint (0 = unspecified)
+     * 8  .  9   ticket_len (n)
+     * 10 .  9+n ticket content
+     */
+
+    if( ( ret = ssl->conf->f_ticket_write( ssl->conf->p_ticket,
+                                ssl->session_negotiate,
+                                ssl->out_msg + 10,
+                                ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN,
+                                &tlen, &lifetime ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_ticket_write", ret );
+        tlen = 0;
+    }
+
+    ssl->out_msg[4] = ( lifetime >> 24 ) & 0xFF;
+    ssl->out_msg[5] = ( lifetime >> 16 ) & 0xFF;
+    ssl->out_msg[6] = ( lifetime >>  8 ) & 0xFF;
+    ssl->out_msg[7] = ( lifetime       ) & 0xFF;
+
+    ssl->out_msg[8] = (unsigned char)( ( tlen >> 8 ) & 0xFF );
+    ssl->out_msg[9] = (unsigned char)( ( tlen      ) & 0xFF );
+
+    ssl->out_msglen = 10 + tlen;
+
+    /*
+     * Morally equivalent to updating ssl->state, but NewSessionTicket and
+     * ChangeCipherSpec share the same state.
+     */
+    ssl->handshake->new_session_ticket = 0;
+
+    if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+        return( ret );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write new session ticket" ) );
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+/*
+ * SSL handshake -- server side -- single step
+ */
+int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl )
+{
+    int ret = 0;
+
+    if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER || ssl->handshake == NULL )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "server state: %d", ssl->state ) );
+
+    if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 )
+        return( ret );
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING )
+    {
+        if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 )
+            return( ret );
+    }
+#endif
+
+    switch( ssl->state )
+    {
+        case MBEDTLS_SSL_HELLO_REQUEST:
+            ssl->state = MBEDTLS_SSL_CLIENT_HELLO;
+            break;
+
+        /*
+         *  <==   ClientHello
+         */
+        case MBEDTLS_SSL_CLIENT_HELLO:
+            ret = ssl_parse_client_hello( ssl );
+            break;
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+        case MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT:
+            return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED );
+#endif
+
+        /*
+         *  ==>   ServerHello
+         *        Certificate
+         *      ( ServerKeyExchange  )
+         *      ( CertificateRequest )
+         *        ServerHelloDone
+         */
+        case MBEDTLS_SSL_SERVER_HELLO:
+            ret = ssl_write_server_hello( ssl );
+            break;
+
+        case MBEDTLS_SSL_SERVER_CERTIFICATE:
+            ret = mbedtls_ssl_write_certificate( ssl );
+            break;
+
+        case MBEDTLS_SSL_SERVER_KEY_EXCHANGE:
+            ret = ssl_write_server_key_exchange( ssl );
+            break;
+
+        case MBEDTLS_SSL_CERTIFICATE_REQUEST:
+            ret = ssl_write_certificate_request( ssl );
+            break;
+
+        case MBEDTLS_SSL_SERVER_HELLO_DONE:
+            ret = ssl_write_server_hello_done( ssl );
+            break;
+
+        /*
+         *  <== ( Certificate/Alert  )
+         *        ClientKeyExchange
+         *      ( CertificateVerify  )
+         *        ChangeCipherSpec
+         *        Finished
+         */
+        case MBEDTLS_SSL_CLIENT_CERTIFICATE:
+            ret = mbedtls_ssl_parse_certificate( ssl );
+            break;
+
+        case MBEDTLS_SSL_CLIENT_KEY_EXCHANGE:
+            ret = ssl_parse_client_key_exchange( ssl );
+            break;
+
+        case MBEDTLS_SSL_CERTIFICATE_VERIFY:
+            ret = ssl_parse_certificate_verify( ssl );
+            break;
+
+        case MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC:
+            ret = mbedtls_ssl_parse_change_cipher_spec( ssl );
+            break;
+
+        case MBEDTLS_SSL_CLIENT_FINISHED:
+            ret = mbedtls_ssl_parse_finished( ssl );
+            break;
+
+        /*
+         *  ==> ( NewSessionTicket )
+         *        ChangeCipherSpec
+         *        Finished
+         */
+        case MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC:
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+            if( ssl->handshake->new_session_ticket != 0 )
+                ret = ssl_write_new_session_ticket( ssl );
+            else
+#endif
+                ret = mbedtls_ssl_write_change_cipher_spec( ssl );
+            break;
+
+        case MBEDTLS_SSL_SERVER_FINISHED:
+            ret = mbedtls_ssl_write_finished( ssl );
+            break;
+
+        case MBEDTLS_SSL_FLUSH_BUFFERS:
+            MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake: done" ) );
+            ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP;
+            break;
+
+        case MBEDTLS_SSL_HANDSHAKE_WRAPUP:
+            mbedtls_ssl_handshake_wrapup( ssl );
+            break;
+
+        default:
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) );
+            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    }
+
+    return( ret );
+}
+#endif /* MBEDTLS_SSL_SRV_C */
diff --git a/thirdparty/mbedtls/library/ssl_ticket.c b/thirdparty/mbedtls/library/ssl_ticket.c
new file mode 100644
index 0000000000..4d9116d214
--- /dev/null
+++ b/thirdparty/mbedtls/library/ssl_ticket.c
@@ -0,0 +1,489 @@
+/*
+ *  TLS server tickets callbacks implementation
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_SSL_TICKET_C)
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define mbedtls_calloc    calloc
+#define mbedtls_free      free
+#endif
+
+#include "mbedtls/ssl_ticket.h"
+
+#include <string.h>
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+/*
+ * Initialze context
+ */
+void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_ssl_ticket_context ) );
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_init( &ctx->mutex );
+#endif
+}
+
+#define MAX_KEY_BYTES 32    /* 256 bits */
+
+/*
+ * Generate/update a key
+ */
+static int ssl_ticket_gen_key( mbedtls_ssl_ticket_context *ctx,
+                               unsigned char index )
+{
+    int ret;
+    unsigned char buf[MAX_KEY_BYTES];
+    mbedtls_ssl_ticket_key *key = ctx->keys + index;
+
+#if defined(MBEDTLS_HAVE_TIME)
+    key->generation_time = (uint32_t) mbedtls_time( NULL );
+#endif
+
+    if( ( ret = ctx->f_rng( ctx->p_rng, key->name, sizeof( key->name ) ) ) != 0 )
+        return( ret );
+
+    if( ( ret = ctx->f_rng( ctx->p_rng, buf, sizeof( buf ) ) ) != 0 )
+        return( ret );
+
+    /* With GCM and CCM, same context can encrypt & decrypt */
+    ret = mbedtls_cipher_setkey( &key->ctx, buf,
+                                 mbedtls_cipher_get_key_bitlen( &key->ctx ),
+                                 MBEDTLS_ENCRYPT );
+
+    mbedtls_zeroize( buf, sizeof( buf ) );
+
+    return( ret );
+}
+
+/*
+ * Rotate/generate keys if necessary
+ */
+static int ssl_ticket_update_keys( mbedtls_ssl_ticket_context *ctx )
+{
+#if !defined(MBEDTLS_HAVE_TIME)
+    ((void) ctx);
+#else
+    if( ctx->ticket_lifetime != 0 )
+    {
+        uint32_t current_time = (uint32_t) mbedtls_time( NULL );
+        uint32_t key_time = ctx->keys[ctx->active].generation_time;
+
+        if( current_time > key_time &&
+            current_time - key_time < ctx->ticket_lifetime )
+        {
+            return( 0 );
+        }
+
+        ctx->active = 1 - ctx->active;
+
+        return( ssl_ticket_gen_key( ctx, ctx->active ) );
+    }
+    else
+#endif /* MBEDTLS_HAVE_TIME */
+        return( 0 );
+}
+
+/*
+ * Setup context for actual use
+ */
+int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
+    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+    mbedtls_cipher_type_t cipher,
+    uint32_t lifetime )
+{
+    int ret;
+    const mbedtls_cipher_info_t *cipher_info;
+
+    ctx->f_rng = f_rng;
+    ctx->p_rng = p_rng;
+
+    ctx->ticket_lifetime = lifetime;
+
+    cipher_info = mbedtls_cipher_info_from_type( cipher);
+    if( cipher_info == NULL )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    if( cipher_info->mode != MBEDTLS_MODE_GCM &&
+        cipher_info->mode != MBEDTLS_MODE_CCM )
+    {
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    }
+
+    if( cipher_info->key_bitlen > 8 * MAX_KEY_BYTES )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    if( ( ret = mbedtls_cipher_setup( &ctx->keys[0].ctx, cipher_info ) ) != 0 ||
+        ( ret = mbedtls_cipher_setup( &ctx->keys[1].ctx, cipher_info ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    if( ( ret = ssl_ticket_gen_key( ctx, 0 ) ) != 0 ||
+        ( ret = ssl_ticket_gen_key( ctx, 1 ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    return( 0 );
+}
+
+/*
+ * Serialize a session in the following format:
+ *  0   .   n-1     session structure, n = sizeof(mbedtls_ssl_session)
+ *  n   .   n+2     peer_cert length = m (0 if no certificate)
+ *  n+3 .   n+2+m   peer cert ASN.1
+ */
+static int ssl_save_session( const mbedtls_ssl_session *session,
+                             unsigned char *buf, size_t buf_len,
+                             size_t *olen )
+{
+    unsigned char *p = buf;
+    size_t left = buf_len;
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    size_t cert_len;
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+    if( left < sizeof( mbedtls_ssl_session ) )
+        return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
+
+    memcpy( p, session, sizeof( mbedtls_ssl_session ) );
+    p += sizeof( mbedtls_ssl_session );
+    left -= sizeof( mbedtls_ssl_session );
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    if( session->peer_cert == NULL )
+        cert_len = 0;
+    else
+        cert_len = session->peer_cert->raw.len;
+
+    if( left < 3 + cert_len )
+        return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
+
+    *p++ = (unsigned char)( cert_len >> 16 & 0xFF );
+    *p++ = (unsigned char)( cert_len >>  8 & 0xFF );
+    *p++ = (unsigned char)( cert_len       & 0xFF );
+
+    if( session->peer_cert != NULL )
+        memcpy( p, session->peer_cert->raw.p, cert_len );
+
+    p += cert_len;
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+    *olen = p - buf;
+
+    return( 0 );
+}
+
+/*
+ * Unserialise session, see ssl_save_session()
+ */
+static int ssl_load_session( mbedtls_ssl_session *session,
+                             const unsigned char *buf, size_t len )
+{
+    const unsigned char *p = buf;
+    const unsigned char * const end = buf + len;
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    size_t cert_len;
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+    if( p + sizeof( mbedtls_ssl_session ) > end )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    memcpy( session, p, sizeof( mbedtls_ssl_session ) );
+    p += sizeof( mbedtls_ssl_session );
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    if( p + 3 > end )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    cert_len = ( p[0] << 16 ) | ( p[1] << 8 ) | p[2];
+    p += 3;
+
+    if( cert_len == 0 )
+    {
+        session->peer_cert = NULL;
+    }
+    else
+    {
+        int ret;
+
+        if( p + cert_len > end )
+            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+        session->peer_cert = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) );
+
+        if( session->peer_cert == NULL )
+            return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+
+        mbedtls_x509_crt_init( session->peer_cert );
+
+        if( ( ret = mbedtls_x509_crt_parse_der( session->peer_cert,
+                                        p, cert_len ) ) != 0 )
+        {
+            mbedtls_x509_crt_free( session->peer_cert );
+            mbedtls_free( session->peer_cert );
+            session->peer_cert = NULL;
+            return( ret );
+        }
+
+        p += cert_len;
+    }
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+    if( p != end )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    return( 0 );
+}
+
+/*
+ * Create session ticket, with the following structure:
+ *
+ *    struct {
+ *        opaque key_name[4];
+ *        opaque iv[12];
+ *        opaque encrypted_state<0..2^16-1>;
+ *        opaque tag[16];
+ *    } ticket;
+ *
+ * The key_name, iv, and length of encrypted_state are the additional
+ * authenticated data.
+ */
+int mbedtls_ssl_ticket_write( void *p_ticket,
+                              const mbedtls_ssl_session *session,
+                              unsigned char *start,
+                              const unsigned char *end,
+                              size_t *tlen,
+                              uint32_t *ticket_lifetime )
+{
+    int ret;
+    mbedtls_ssl_ticket_context *ctx = p_ticket;
+    mbedtls_ssl_ticket_key *key;
+    unsigned char *key_name = start;
+    unsigned char *iv = start + 4;
+    unsigned char *state_len_bytes = iv + 12;
+    unsigned char *state = state_len_bytes + 2;
+    unsigned char *tag;
+    size_t clear_len, ciph_len;
+
+    *tlen = 0;
+
+    if( ctx == NULL || ctx->f_rng == NULL )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    /* We need at least 4 bytes for key_name, 12 for IV, 2 for len 16 for tag,
+     * in addition to session itself, that will be checked when writing it. */
+    if( end - start < 4 + 12 + 2 + 16 )
+        return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
+
+#if defined(MBEDTLS_THREADING_C)
+    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
+        return( ret );
+#endif
+
+    if( ( ret = ssl_ticket_update_keys( ctx ) ) != 0 )
+        goto cleanup;
+
+    key = &ctx->keys[ctx->active];
+
+    *ticket_lifetime = ctx->ticket_lifetime;
+
+    memcpy( key_name, key->name, 4 );
+
+    if( ( ret = ctx->f_rng( ctx->p_rng, iv, 12 ) ) != 0 )
+        goto cleanup;
+
+    /* Dump session state */
+    if( ( ret = ssl_save_session( session,
+                                  state, end - state, &clear_len ) ) != 0 ||
+        (unsigned long) clear_len > 65535 )
+    {
+         goto cleanup;
+    }
+    state_len_bytes[0] = ( clear_len >> 8 ) & 0xff;
+    state_len_bytes[1] = ( clear_len      ) & 0xff;
+
+    /* Encrypt and authenticate */
+    tag = state + clear_len;
+    if( ( ret = mbedtls_cipher_auth_encrypt( &key->ctx,
+                    iv, 12, key_name, 4 + 12 + 2,
+                    state, clear_len, state, &ciph_len, tag, 16 ) ) != 0 )
+    {
+        goto cleanup;
+    }
+    if( ciph_len != clear_len )
+    {
+        ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        goto cleanup;
+    }
+
+    *tlen = 4 + 12 + 2 + 16 + ciph_len;
+
+cleanup:
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
+        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
+#endif
+
+    return( ret );
+}
+
+/*
+ * Select key based on name
+ */
+static mbedtls_ssl_ticket_key *ssl_ticket_select_key(
+        mbedtls_ssl_ticket_context *ctx,
+        const unsigned char name[4] )
+{
+    unsigned char i;
+
+    for( i = 0; i < sizeof( ctx->keys ) / sizeof( *ctx->keys ); i++ )
+        if( memcmp( name, ctx->keys[i].name, 4 ) == 0 )
+            return( &ctx->keys[i] );
+
+    return( NULL );
+}
+
+/*
+ * Load session ticket (see mbedtls_ssl_ticket_write for structure)
+ */
+int mbedtls_ssl_ticket_parse( void *p_ticket,
+                              mbedtls_ssl_session *session,
+                              unsigned char *buf,
+                              size_t len )
+{
+    int ret;
+    mbedtls_ssl_ticket_context *ctx = p_ticket;
+    mbedtls_ssl_ticket_key *key;
+    unsigned char *key_name = buf;
+    unsigned char *iv = buf + 4;
+    unsigned char *enc_len_p = iv + 12;
+    unsigned char *ticket = enc_len_p + 2;
+    unsigned char *tag;
+    size_t enc_len, clear_len;
+
+    if( ctx == NULL || ctx->f_rng == NULL )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    /* See mbedtls_ssl_ticket_write() */
+    if( len < 4 + 12 + 2 + 16 )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+#if defined(MBEDTLS_THREADING_C)
+    if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
+        return( ret );
+#endif
+
+    if( ( ret = ssl_ticket_update_keys( ctx ) ) != 0 )
+        goto cleanup;
+
+    enc_len = ( enc_len_p[0] << 8 ) | enc_len_p[1];
+    tag = ticket + enc_len;
+
+    if( len != 4 + 12 + 2 + enc_len + 16 )
+    {
+        ret = MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    /* Select key */
+    if( ( key = ssl_ticket_select_key( ctx, key_name ) ) == NULL )
+    {
+        /* We can't know for sure but this is a likely option unless we're
+         * under attack - this is only informative anyway */
+        ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED;
+        goto cleanup;
+    }
+
+    /* Decrypt and authenticate */
+    if( ( ret = mbedtls_cipher_auth_decrypt( &key->ctx, iv, 12,
+                    key_name, 4 + 12 + 2, ticket, enc_len,
+                    ticket, &clear_len, tag, 16 ) ) != 0 )
+    {
+        if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED )
+            ret = MBEDTLS_ERR_SSL_INVALID_MAC;
+
+        goto cleanup;
+    }
+    if( clear_len != enc_len )
+    {
+        ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+        goto cleanup;
+    }
+
+    /* Actually load session */
+    if( ( ret = ssl_load_session( session, ticket, clear_len ) ) != 0 )
+        goto cleanup;
+
+#if defined(MBEDTLS_HAVE_TIME)
+    {
+        /* Check for expiration */
+        mbedtls_time_t current_time = mbedtls_time( NULL );
+
+        if( current_time < session->start ||
+            (uint32_t)( current_time - session->start ) > ctx->ticket_lifetime )
+        {
+            ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED;
+            goto cleanup;
+        }
+    }
+#endif
+
+cleanup:
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
+        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
+#endif
+
+    return( ret );
+}
+
+/*
+ * Free context
+ */
+void mbedtls_ssl_ticket_free( mbedtls_ssl_ticket_context *ctx )
+{
+    mbedtls_cipher_free( &ctx->keys[0].ctx );
+    mbedtls_cipher_free( &ctx->keys[1].ctx );
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_free( &ctx->mutex );
+#endif
+
+    mbedtls_zeroize( ctx, sizeof( mbedtls_ssl_ticket_context ) );
+}
+
+#endif /* MBEDTLS_SSL_TICKET_C */
diff --git a/thirdparty/mbedtls/library/ssl_tls.c b/thirdparty/mbedtls/library/ssl_tls.c
new file mode 100644
index 0000000000..617dedb1b0
--- /dev/null
+++ b/thirdparty/mbedtls/library/ssl_tls.c
@@ -0,0 +1,8276 @@
+/*
+ *  SSLv3/TLSv1 shared functions
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ *  The SSL 3.0 specification was drafted by Netscape in 1996,
+ *  and became an IETF standard in 1999.
+ *
+ *  http://wp.netscape.com/eng/ssl3/
+ *  http://www.ietf.org/rfc/rfc2246.txt
+ *  http://www.ietf.org/rfc/rfc4346.txt
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_SSL_TLS_C)
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define mbedtls_calloc    calloc
+#define mbedtls_free      free
+#endif
+
+#include "mbedtls/debug.h"
+#include "mbedtls/ssl.h"
+#include "mbedtls/ssl_internal.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#include "mbedtls/oid.h"
+#endif
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+/* Length of the "epoch" field in the record header */
+static inline size_t ssl_ep_len( const mbedtls_ssl_context *ssl )
+{
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+        return( 2 );
+#else
+    ((void) ssl);
+#endif
+    return( 0 );
+}
+
+/*
+ * Start a timer.
+ * Passing millisecs = 0 cancels a running timer.
+ */
+static void ssl_set_timer( mbedtls_ssl_context *ssl, uint32_t millisecs )
+{
+    if( ssl->f_set_timer == NULL )
+        return;
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "set_timer to %d ms", (int) millisecs ) );
+    ssl->f_set_timer( ssl->p_timer, millisecs / 4, millisecs );
+}
+
+/*
+ * Return -1 is timer is expired, 0 if it isn't.
+ */
+static int ssl_check_timer( mbedtls_ssl_context *ssl )
+{
+    if( ssl->f_get_timer == NULL )
+        return( 0 );
+
+    if( ssl->f_get_timer( ssl->p_timer ) == 2 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "timer expired" ) );
+        return( -1 );
+    }
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+/*
+ * Double the retransmit timeout value, within the allowed range,
+ * returning -1 if the maximum value has already been reached.
+ */
+static int ssl_double_retransmit_timeout( mbedtls_ssl_context *ssl )
+{
+    uint32_t new_timeout;
+
+    if( ssl->handshake->retransmit_timeout >= ssl->conf->hs_timeout_max )
+        return( -1 );
+
+    new_timeout = 2 * ssl->handshake->retransmit_timeout;
+
+    /* Avoid arithmetic overflow and range overflow */
+    if( new_timeout < ssl->handshake->retransmit_timeout ||
+        new_timeout > ssl->conf->hs_timeout_max )
+    {
+        new_timeout = ssl->conf->hs_timeout_max;
+    }
+
+    ssl->handshake->retransmit_timeout = new_timeout;
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "update timeout value to %d millisecs",
+                        ssl->handshake->retransmit_timeout ) );
+
+    return( 0 );
+}
+
+static void ssl_reset_retransmit_timeout( mbedtls_ssl_context *ssl )
+{
+    ssl->handshake->retransmit_timeout = ssl->conf->hs_timeout_min;
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "update timeout value to %d millisecs",
+                        ssl->handshake->retransmit_timeout ) );
+}
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+/*
+ * Convert max_fragment_length codes to length.
+ * RFC 6066 says:
+ *    enum{
+ *        2^9(1), 2^10(2), 2^11(3), 2^12(4), (255)
+ *    } MaxFragmentLength;
+ * and we add 0 -> extension unused
+ */
+static unsigned int mfl_code_to_length[MBEDTLS_SSL_MAX_FRAG_LEN_INVALID] =
+{
+    MBEDTLS_SSL_MAX_CONTENT_LEN,    /* MBEDTLS_SSL_MAX_FRAG_LEN_NONE */
+    512,                    /* MBEDTLS_SSL_MAX_FRAG_LEN_512  */
+    1024,                   /* MBEDTLS_SSL_MAX_FRAG_LEN_1024 */
+    2048,                   /* MBEDTLS_SSL_MAX_FRAG_LEN_2048 */
+    4096,                   /* MBEDTLS_SSL_MAX_FRAG_LEN_4096 */
+};
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_CLI_C)
+static int ssl_session_copy( mbedtls_ssl_session *dst, const mbedtls_ssl_session *src )
+{
+    mbedtls_ssl_session_free( dst );
+    memcpy( dst, src, sizeof( mbedtls_ssl_session ) );
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    if( src->peer_cert != NULL )
+    {
+        int ret;
+
+        dst->peer_cert = mbedtls_calloc( 1, sizeof(mbedtls_x509_crt) );
+        if( dst->peer_cert == NULL )
+            return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+
+        mbedtls_x509_crt_init( dst->peer_cert );
+
+        if( ( ret = mbedtls_x509_crt_parse_der( dst->peer_cert, src->peer_cert->raw.p,
+                                        src->peer_cert->raw.len ) ) != 0 )
+        {
+            mbedtls_free( dst->peer_cert );
+            dst->peer_cert = NULL;
+            return( ret );
+        }
+    }
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
+    if( src->ticket != NULL )
+    {
+        dst->ticket = mbedtls_calloc( 1, src->ticket_len );
+        if( dst->ticket == NULL )
+            return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+
+        memcpy( dst->ticket, src->ticket, src->ticket_len );
+    }
+#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_CLI_C */
+
+#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+int (*mbedtls_ssl_hw_record_init)( mbedtls_ssl_context *ssl,
+                     const unsigned char *key_enc, const unsigned char *key_dec,
+                     size_t keylen,
+                     const unsigned char *iv_enc,  const unsigned char *iv_dec,
+                     size_t ivlen,
+                     const unsigned char *mac_enc, const unsigned char *mac_dec,
+                     size_t maclen ) = NULL;
+int (*mbedtls_ssl_hw_record_activate)( mbedtls_ssl_context *ssl, int direction) = NULL;
+int (*mbedtls_ssl_hw_record_reset)( mbedtls_ssl_context *ssl ) = NULL;
+int (*mbedtls_ssl_hw_record_write)( mbedtls_ssl_context *ssl ) = NULL;
+int (*mbedtls_ssl_hw_record_read)( mbedtls_ssl_context *ssl ) = NULL;
+int (*mbedtls_ssl_hw_record_finish)( mbedtls_ssl_context *ssl ) = NULL;
+#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
+
+/*
+ * Key material generation
+ */
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+static int ssl3_prf( const unsigned char *secret, size_t slen,
+                     const char *label,
+                     const unsigned char *random, size_t rlen,
+                     unsigned char *dstbuf, size_t dlen )
+{
+    int ret = 0;
+    size_t i;
+    mbedtls_md5_context md5;
+    mbedtls_sha1_context sha1;
+    unsigned char padding[16];
+    unsigned char sha1sum[20];
+    ((void)label);
+
+    mbedtls_md5_init(  &md5  );
+    mbedtls_sha1_init( &sha1 );
+
+    /*
+     *  SSLv3:
+     *    block =
+     *      MD5( secret + SHA1( 'A'    + secret + random ) ) +
+     *      MD5( secret + SHA1( 'BB'   + secret + random ) ) +
+     *      MD5( secret + SHA1( 'CCC'  + secret + random ) ) +
+     *      ...
+     */
+    for( i = 0; i < dlen / 16; i++ )
+    {
+        memset( padding, (unsigned char) ('A' + i), 1 + i );
+
+        if( ( ret = mbedtls_sha1_starts_ret( &sha1 ) ) != 0 )
+            goto exit;
+        if( ( ret = mbedtls_sha1_update_ret( &sha1, padding, 1 + i ) ) != 0 )
+            goto exit;
+        if( ( ret = mbedtls_sha1_update_ret( &sha1, secret, slen ) ) != 0 )
+            goto exit;
+        if( ( ret = mbedtls_sha1_update_ret( &sha1, random, rlen ) ) != 0 )
+            goto exit;
+        if( ( ret = mbedtls_sha1_finish_ret( &sha1, sha1sum ) ) != 0 )
+            goto exit;
+
+        if( ( ret = mbedtls_md5_starts_ret( &md5 ) ) != 0 )
+            goto exit;
+        if( ( ret = mbedtls_md5_update_ret( &md5, secret, slen ) ) != 0 )
+            goto exit;
+        if( ( ret = mbedtls_md5_update_ret( &md5, sha1sum, 20 ) ) != 0 )
+            goto exit;
+        if( ( ret = mbedtls_md5_finish_ret( &md5, dstbuf + i * 16 ) ) != 0 )
+            goto exit;
+    }
+
+exit:
+    mbedtls_md5_free(  &md5  );
+    mbedtls_sha1_free( &sha1 );
+
+    mbedtls_zeroize( padding, sizeof( padding ) );
+    mbedtls_zeroize( sha1sum, sizeof( sha1sum ) );
+
+    return( ret );
+}
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
+static int tls1_prf( const unsigned char *secret, size_t slen,
+                     const char *label,
+                     const unsigned char *random, size_t rlen,
+                     unsigned char *dstbuf, size_t dlen )
+{
+    size_t nb, hs;
+    size_t i, j, k;
+    const unsigned char *S1, *S2;
+    unsigned char tmp[128];
+    unsigned char h_i[20];
+    const mbedtls_md_info_t *md_info;
+    mbedtls_md_context_t md_ctx;
+    int ret;
+
+    mbedtls_md_init( &md_ctx );
+
+    if( sizeof( tmp ) < 20 + strlen( label ) + rlen )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    hs = ( slen + 1 ) / 2;
+    S1 = secret;
+    S2 = secret + slen - hs;
+
+    nb = strlen( label );
+    memcpy( tmp + 20, label, nb );
+    memcpy( tmp + 20 + nb, random, rlen );
+    nb += rlen;
+
+    /*
+     * First compute P_md5(secret,label+random)[0..dlen]
+     */
+    if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ) ) == NULL )
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+
+    if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 )
+        return( ret );
+
+    mbedtls_md_hmac_starts( &md_ctx, S1, hs );
+    mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb );
+    mbedtls_md_hmac_finish( &md_ctx, 4 + tmp );
+
+    for( i = 0; i < dlen; i += 16 )
+    {
+        mbedtls_md_hmac_reset ( &md_ctx );
+        mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 + nb );
+        mbedtls_md_hmac_finish( &md_ctx, h_i );
+
+        mbedtls_md_hmac_reset ( &md_ctx );
+        mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 );
+        mbedtls_md_hmac_finish( &md_ctx, 4 + tmp );
+
+        k = ( i + 16 > dlen ) ? dlen % 16 : 16;
+
+        for( j = 0; j < k; j++ )
+            dstbuf[i + j]  = h_i[j];
+    }
+
+    mbedtls_md_free( &md_ctx );
+
+    /*
+     * XOR out with P_sha1(secret,label+random)[0..dlen]
+     */
+    if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL )
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+
+    if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 )
+        return( ret );
+
+    mbedtls_md_hmac_starts( &md_ctx, S2, hs );
+    mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb );
+    mbedtls_md_hmac_finish( &md_ctx, tmp );
+
+    for( i = 0; i < dlen; i += 20 )
+    {
+        mbedtls_md_hmac_reset ( &md_ctx );
+        mbedtls_md_hmac_update( &md_ctx, tmp, 20 + nb );
+        mbedtls_md_hmac_finish( &md_ctx, h_i );
+
+        mbedtls_md_hmac_reset ( &md_ctx );
+        mbedtls_md_hmac_update( &md_ctx, tmp, 20 );
+        mbedtls_md_hmac_finish( &md_ctx, tmp );
+
+        k = ( i + 20 > dlen ) ? dlen % 20 : 20;
+
+        for( j = 0; j < k; j++ )
+            dstbuf[i + j] = (unsigned char)( dstbuf[i + j] ^ h_i[j] );
+    }
+
+    mbedtls_md_free( &md_ctx );
+
+    mbedtls_zeroize( tmp, sizeof( tmp ) );
+    mbedtls_zeroize( h_i, sizeof( h_i ) );
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_PROTO_TLS1) || MBEDTLS_SSL_PROTO_TLS1_1 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+static int tls_prf_generic( mbedtls_md_type_t md_type,
+                            const unsigned char *secret, size_t slen,
+                            const char *label,
+                            const unsigned char *random, size_t rlen,
+                            unsigned char *dstbuf, size_t dlen )
+{
+    size_t nb;
+    size_t i, j, k, md_len;
+    unsigned char tmp[128];
+    unsigned char h_i[MBEDTLS_MD_MAX_SIZE];
+    const mbedtls_md_info_t *md_info;
+    mbedtls_md_context_t md_ctx;
+    int ret;
+
+    mbedtls_md_init( &md_ctx );
+
+    if( ( md_info = mbedtls_md_info_from_type( md_type ) ) == NULL )
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+
+    md_len = mbedtls_md_get_size( md_info );
+
+    if( sizeof( tmp ) < md_len + strlen( label ) + rlen )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    nb = strlen( label );
+    memcpy( tmp + md_len, label, nb );
+    memcpy( tmp + md_len + nb, random, rlen );
+    nb += rlen;
+
+    /*
+     * Compute P_<hash>(secret, label + random)[0..dlen]
+     */
+    if ( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 )
+        return( ret );
+
+    mbedtls_md_hmac_starts( &md_ctx, secret, slen );
+    mbedtls_md_hmac_update( &md_ctx, tmp + md_len, nb );
+    mbedtls_md_hmac_finish( &md_ctx, tmp );
+
+    for( i = 0; i < dlen; i += md_len )
+    {
+        mbedtls_md_hmac_reset ( &md_ctx );
+        mbedtls_md_hmac_update( &md_ctx, tmp, md_len + nb );
+        mbedtls_md_hmac_finish( &md_ctx, h_i );
+
+        mbedtls_md_hmac_reset ( &md_ctx );
+        mbedtls_md_hmac_update( &md_ctx, tmp, md_len );
+        mbedtls_md_hmac_finish( &md_ctx, tmp );
+
+        k = ( i + md_len > dlen ) ? dlen % md_len : md_len;
+
+        for( j = 0; j < k; j++ )
+            dstbuf[i + j]  = h_i[j];
+    }
+
+    mbedtls_md_free( &md_ctx );
+
+    mbedtls_zeroize( tmp, sizeof( tmp ) );
+    mbedtls_zeroize( h_i, sizeof( h_i ) );
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_SHA256_C)
+static int tls_prf_sha256( const unsigned char *secret, size_t slen,
+                           const char *label,
+                           const unsigned char *random, size_t rlen,
+                           unsigned char *dstbuf, size_t dlen )
+{
+    return( tls_prf_generic( MBEDTLS_MD_SHA256, secret, slen,
+                             label, random, rlen, dstbuf, dlen ) );
+}
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+static int tls_prf_sha384( const unsigned char *secret, size_t slen,
+                           const char *label,
+                           const unsigned char *random, size_t rlen,
+                           unsigned char *dstbuf, size_t dlen )
+{
+    return( tls_prf_generic( MBEDTLS_MD_SHA384, secret, slen,
+                             label, random, rlen, dstbuf, dlen ) );
+}
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+static void ssl_update_checksum_start( mbedtls_ssl_context *, const unsigned char *, size_t );
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+static void ssl_update_checksum_md5sha1( mbedtls_ssl_context *, const unsigned char *, size_t );
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+static void ssl_calc_verify_ssl( mbedtls_ssl_context *, unsigned char * );
+static void ssl_calc_finished_ssl( mbedtls_ssl_context *, unsigned char *, int );
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
+static void ssl_calc_verify_tls( mbedtls_ssl_context *, unsigned char * );
+static void ssl_calc_finished_tls( mbedtls_ssl_context *, unsigned char *, int );
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA256_C)
+static void ssl_update_checksum_sha256( mbedtls_ssl_context *, const unsigned char *, size_t );
+static void ssl_calc_verify_tls_sha256( mbedtls_ssl_context *,unsigned char * );
+static void ssl_calc_finished_tls_sha256( mbedtls_ssl_context *,unsigned char *, int );
+#endif
+
+#if defined(MBEDTLS_SHA512_C)
+static void ssl_update_checksum_sha384( mbedtls_ssl_context *, const unsigned char *, size_t );
+static void ssl_calc_verify_tls_sha384( mbedtls_ssl_context *, unsigned char * );
+static void ssl_calc_finished_tls_sha384( mbedtls_ssl_context *, unsigned char *, int );
+#endif
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
+{
+    int ret = 0;
+    unsigned char tmp[64];
+    unsigned char keyblk[256];
+    unsigned char *key1;
+    unsigned char *key2;
+    unsigned char *mac_enc;
+    unsigned char *mac_dec;
+    size_t iv_copy_len;
+    const mbedtls_cipher_info_t *cipher_info;
+    const mbedtls_md_info_t *md_info;
+
+    mbedtls_ssl_session *session = ssl->session_negotiate;
+    mbedtls_ssl_transform *transform = ssl->transform_negotiate;
+    mbedtls_ssl_handshake_params *handshake = ssl->handshake;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> derive keys" ) );
+
+    cipher_info = mbedtls_cipher_info_from_type( transform->ciphersuite_info->cipher );
+    if( cipher_info == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "cipher info for %d not found",
+                            transform->ciphersuite_info->cipher ) );
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    }
+
+    md_info = mbedtls_md_info_from_type( transform->ciphersuite_info->mac );
+    if( md_info == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_md info for %d not found",
+                            transform->ciphersuite_info->mac ) );
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    }
+
+    /*
+     * Set appropriate PRF function and other SSL / TLS / TLS1.2 functions
+     */
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
+    {
+        handshake->tls_prf = ssl3_prf;
+        handshake->calc_verify = ssl_calc_verify_ssl;
+        handshake->calc_finished = ssl_calc_finished_ssl;
+    }
+    else
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
+    if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 )
+    {
+        handshake->tls_prf = tls1_prf;
+        handshake->calc_verify = ssl_calc_verify_tls;
+        handshake->calc_finished = ssl_calc_finished_tls;
+    }
+    else
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA512_C)
+    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 &&
+        transform->ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
+    {
+        handshake->tls_prf = tls_prf_sha384;
+        handshake->calc_verify = ssl_calc_verify_tls_sha384;
+        handshake->calc_finished = ssl_calc_finished_tls_sha384;
+    }
+    else
+#endif
+#if defined(MBEDTLS_SHA256_C)
+    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
+    {
+        handshake->tls_prf = tls_prf_sha256;
+        handshake->calc_verify = ssl_calc_verify_tls_sha256;
+        handshake->calc_finished = ssl_calc_finished_tls_sha256;
+    }
+    else
+#endif
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+    }
+
+    /*
+     * SSLv3:
+     *   master =
+     *     MD5( premaster + SHA1( 'A'   + premaster + randbytes ) ) +
+     *     MD5( premaster + SHA1( 'BB'  + premaster + randbytes ) ) +
+     *     MD5( premaster + SHA1( 'CCC' + premaster + randbytes ) )
+     *
+     * TLSv1+:
+     *   master = PRF( premaster, "master secret", randbytes )[0..47]
+     */
+    if( handshake->resume == 0 )
+    {
+        MBEDTLS_SSL_DEBUG_BUF( 3, "premaster secret", handshake->premaster,
+                       handshake->pmslen );
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+        if( ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED )
+        {
+            unsigned char session_hash[48];
+            size_t hash_len;
+
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "using extended master secret" ) );
+
+            ssl->handshake->calc_verify( ssl, session_hash );
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+            if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
+            {
+#if defined(MBEDTLS_SHA512_C)
+                if( ssl->transform_negotiate->ciphersuite_info->mac ==
+                    MBEDTLS_MD_SHA384 )
+                {
+                    hash_len = 48;
+                }
+                else
+#endif
+                    hash_len = 32;
+            }
+            else
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+                hash_len = 36;
+
+            MBEDTLS_SSL_DEBUG_BUF( 3, "session hash", session_hash, hash_len );
+
+            ret = handshake->tls_prf( handshake->premaster, handshake->pmslen,
+                                      "extended master secret",
+                                      session_hash, hash_len,
+                                      session->master, 48 );
+            if( ret != 0 )
+            {
+                MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret );
+                return( ret );
+            }
+
+        }
+        else
+#endif
+        ret = handshake->tls_prf( handshake->premaster, handshake->pmslen,
+                                  "master secret",
+                                  handshake->randbytes, 64,
+                                  session->master, 48 );
+        if( ret != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret );
+            return( ret );
+        }
+
+        mbedtls_zeroize( handshake->premaster, sizeof(handshake->premaster) );
+    }
+    else
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) );
+
+    /*
+     * Swap the client and server random values.
+     */
+    memcpy( tmp, handshake->randbytes, 64 );
+    memcpy( handshake->randbytes, tmp + 32, 32 );
+    memcpy( handshake->randbytes + 32, tmp, 32 );
+    mbedtls_zeroize( tmp, sizeof( tmp ) );
+
+    /*
+     *  SSLv3:
+     *    key block =
+     *      MD5( master + SHA1( 'A'    + master + randbytes ) ) +
+     *      MD5( master + SHA1( 'BB'   + master + randbytes ) ) +
+     *      MD5( master + SHA1( 'CCC'  + master + randbytes ) ) +
+     *      MD5( master + SHA1( 'DDDD' + master + randbytes ) ) +
+     *      ...
+     *
+     *  TLSv1:
+     *    key block = PRF( master, "key expansion", randbytes )
+     */
+    ret = handshake->tls_prf( session->master, 48, "key expansion",
+                              handshake->randbytes, 64, keyblk, 256 );
+    if( ret != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret );
+        return( ret );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite = %s",
+                   mbedtls_ssl_get_ciphersuite_name( session->ciphersuite ) ) );
+    MBEDTLS_SSL_DEBUG_BUF( 3, "master secret", session->master, 48 );
+    MBEDTLS_SSL_DEBUG_BUF( 4, "random bytes", handshake->randbytes, 64 );
+    MBEDTLS_SSL_DEBUG_BUF( 4, "key block", keyblk, 256 );
+
+    mbedtls_zeroize( handshake->randbytes, sizeof( handshake->randbytes ) );
+
+    /*
+     * Determine the appropriate key, IV and MAC length.
+     */
+
+    transform->keylen = cipher_info->key_bitlen / 8;
+
+    if( cipher_info->mode == MBEDTLS_MODE_GCM ||
+        cipher_info->mode == MBEDTLS_MODE_CCM )
+    {
+        transform->maclen = 0;
+
+        transform->ivlen = 12;
+        transform->fixed_ivlen = 4;
+
+        /* Minimum length is expicit IV + tag */
+        transform->minlen = transform->ivlen - transform->fixed_ivlen
+                            + ( transform->ciphersuite_info->flags &
+                                MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16 );
+    }
+    else
+    {
+        /* Initialize HMAC contexts */
+        if( ( ret = mbedtls_md_setup( &transform->md_ctx_enc, md_info, 1 ) ) != 0 ||
+            ( ret = mbedtls_md_setup( &transform->md_ctx_dec, md_info, 1 ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_setup", ret );
+            return( ret );
+        }
+
+        /* Get MAC length */
+        transform->maclen = mbedtls_md_get_size( md_info );
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+        /*
+         * If HMAC is to be truncated, we shall keep the leftmost bytes,
+         * (rfc 6066 page 13 or rfc 2104 section 4),
+         * so we only need to adjust the length here.
+         */
+        if( session->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED )
+            transform->maclen = MBEDTLS_SSL_TRUNCATED_HMAC_LEN;
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+        /* IV length */
+        transform->ivlen = cipher_info->iv_size;
+
+        /* Minimum length */
+        if( cipher_info->mode == MBEDTLS_MODE_STREAM )
+            transform->minlen = transform->maclen;
+        else
+        {
+            /*
+             * GenericBlockCipher:
+             * 1. if EtM is in use: one block plus MAC
+             *    otherwise: * first multiple of blocklen greater than maclen
+             * 2. IV except for SSL3 and TLS 1.0
+             */
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+            if( session->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED )
+            {
+                transform->minlen = transform->maclen
+                                  + cipher_info->block_size;
+            }
+            else
+#endif
+            {
+                transform->minlen = transform->maclen
+                                  + cipher_info->block_size
+                                  - transform->maclen % cipher_info->block_size;
+            }
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1)
+            if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ||
+                ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_1 )
+                ; /* No need to adjust minlen */
+            else
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2)
+            if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_2 ||
+                ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
+            {
+                transform->minlen += transform->ivlen;
+            }
+            else
+#endif
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+                return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+            }
+        }
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "keylen: %d, minlen: %d, ivlen: %d, maclen: %d",
+                   transform->keylen, transform->minlen, transform->ivlen,
+                   transform->maclen ) );
+
+    /*
+     * Finally setup the cipher contexts, IVs and MAC secrets.
+     */
+#if defined(MBEDTLS_SSL_CLI_C)
+    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
+    {
+        key1 = keyblk + transform->maclen * 2;
+        key2 = keyblk + transform->maclen * 2 + transform->keylen;
+
+        mac_enc = keyblk;
+        mac_dec = keyblk + transform->maclen;
+
+        /*
+         * This is not used in TLS v1.1.
+         */
+        iv_copy_len = ( transform->fixed_ivlen ) ?
+                            transform->fixed_ivlen : transform->ivlen;
+        memcpy( transform->iv_enc, key2 + transform->keylen,  iv_copy_len );
+        memcpy( transform->iv_dec, key2 + transform->keylen + iv_copy_len,
+                iv_copy_len );
+    }
+    else
+#endif /* MBEDTLS_SSL_CLI_C */
+#if defined(MBEDTLS_SSL_SRV_C)
+    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
+    {
+        key1 = keyblk + transform->maclen * 2 + transform->keylen;
+        key2 = keyblk + transform->maclen * 2;
+
+        mac_enc = keyblk + transform->maclen;
+        mac_dec = keyblk;
+
+        /*
+         * This is not used in TLS v1.1.
+         */
+        iv_copy_len = ( transform->fixed_ivlen ) ?
+                            transform->fixed_ivlen : transform->ivlen;
+        memcpy( transform->iv_dec, key1 + transform->keylen,  iv_copy_len );
+        memcpy( transform->iv_enc, key1 + transform->keylen + iv_copy_len,
+                iv_copy_len );
+    }
+    else
+#endif /* MBEDTLS_SSL_SRV_C */
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
+    {
+        if( transform->maclen > sizeof transform->mac_enc )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+        }
+
+        memcpy( transform->mac_enc, mac_enc, transform->maclen );
+        memcpy( transform->mac_dec, mac_dec, transform->maclen );
+    }
+    else
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 )
+    {
+        mbedtls_md_hmac_starts( &transform->md_ctx_enc, mac_enc, transform->maclen );
+        mbedtls_md_hmac_starts( &transform->md_ctx_dec, mac_dec, transform->maclen );
+    }
+    else
+#endif
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+    }
+
+#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+    if( mbedtls_ssl_hw_record_init != NULL )
+    {
+        int ret = 0;
+
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_init()" ) );
+
+        if( ( ret = mbedtls_ssl_hw_record_init( ssl, key1, key2, transform->keylen,
+                                        transform->iv_enc, transform->iv_dec,
+                                        iv_copy_len,
+                                        mac_enc, mac_dec,
+                                        transform->maclen ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_init", ret );
+            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+        }
+    }
+#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+    if( ssl->conf->f_export_keys != NULL )
+    {
+        ssl->conf->f_export_keys( ssl->conf->p_export_keys,
+                                  session->master, keyblk,
+                                  transform->maclen, transform->keylen,
+                                  iv_copy_len );
+    }
+#endif
+
+    if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_enc,
+                                 cipher_info ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret );
+        return( ret );
+    }
+
+    if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_dec,
+                                 cipher_info ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup", ret );
+        return( ret );
+    }
+
+    if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_enc, key1,
+                               cipher_info->key_bitlen,
+                               MBEDTLS_ENCRYPT ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret );
+        return( ret );
+    }
+
+    if( ( ret = mbedtls_cipher_setkey( &transform->cipher_ctx_dec, key2,
+                               cipher_info->key_bitlen,
+                               MBEDTLS_DECRYPT ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setkey", ret );
+        return( ret );
+    }
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    if( cipher_info->mode == MBEDTLS_MODE_CBC )
+    {
+        if( ( ret = mbedtls_cipher_set_padding_mode( &transform->cipher_ctx_enc,
+                                             MBEDTLS_PADDING_NONE ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_set_padding_mode", ret );
+            return( ret );
+        }
+
+        if( ( ret = mbedtls_cipher_set_padding_mode( &transform->cipher_ctx_dec,
+                                             MBEDTLS_PADDING_NONE ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_set_padding_mode", ret );
+            return( ret );
+        }
+    }
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+    mbedtls_zeroize( keyblk, sizeof( keyblk ) );
+
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    // Initialize compression
+    //
+    if( session->compression == MBEDTLS_SSL_COMPRESS_DEFLATE )
+    {
+        if( ssl->compress_buf == NULL )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "Allocating compression buffer" ) );
+            ssl->compress_buf = mbedtls_calloc( 1, MBEDTLS_SSL_BUFFER_LEN );
+            if( ssl->compress_buf == NULL )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed",
+                                    MBEDTLS_SSL_BUFFER_LEN ) );
+                return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+            }
+        }
+
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "Initializing zlib states" ) );
+
+        memset( &transform->ctx_deflate, 0, sizeof( transform->ctx_deflate ) );
+        memset( &transform->ctx_inflate, 0, sizeof( transform->ctx_inflate ) );
+
+        if( deflateInit( &transform->ctx_deflate,
+                         Z_DEFAULT_COMPRESSION )   != Z_OK ||
+            inflateInit( &transform->ctx_inflate ) != Z_OK )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to initialize compression" ) );
+            return( MBEDTLS_ERR_SSL_COMPRESSION_FAILED );
+        }
+    }
+#endif /* MBEDTLS_ZLIB_SUPPORT */
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= derive keys" ) );
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+void ssl_calc_verify_ssl( mbedtls_ssl_context *ssl, unsigned char hash[36] )
+{
+    mbedtls_md5_context md5;
+    mbedtls_sha1_context sha1;
+    unsigned char pad_1[48];
+    unsigned char pad_2[48];
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify ssl" ) );
+
+    mbedtls_md5_init( &md5 );
+    mbedtls_sha1_init( &sha1 );
+
+    mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 );
+    mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 );
+
+    memset( pad_1, 0x36, 48 );
+    memset( pad_2, 0x5C, 48 );
+
+    mbedtls_md5_update_ret( &md5, ssl->session_negotiate->master, 48 );
+    mbedtls_md5_update_ret( &md5, pad_1, 48 );
+    mbedtls_md5_finish_ret( &md5, hash );
+
+    mbedtls_md5_starts_ret( &md5 );
+    mbedtls_md5_update_ret( &md5, ssl->session_negotiate->master, 48 );
+    mbedtls_md5_update_ret( &md5, pad_2, 48 );
+    mbedtls_md5_update_ret( &md5, hash,  16 );
+    mbedtls_md5_finish_ret( &md5, hash );
+
+    mbedtls_sha1_update_ret( &sha1, ssl->session_negotiate->master, 48 );
+    mbedtls_sha1_update_ret( &sha1, pad_1, 40 );
+    mbedtls_sha1_finish_ret( &sha1, hash + 16 );
+
+    mbedtls_sha1_starts_ret( &sha1 );
+    mbedtls_sha1_update_ret( &sha1, ssl->session_negotiate->master, 48 );
+    mbedtls_sha1_update_ret( &sha1, pad_2, 40 );
+    mbedtls_sha1_update_ret( &sha1, hash + 16, 20 );
+    mbedtls_sha1_finish_ret( &sha1, hash + 16 );
+
+    MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 36 );
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
+
+    mbedtls_md5_free(  &md5  );
+    mbedtls_sha1_free( &sha1 );
+
+    return;
+}
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
+void ssl_calc_verify_tls( mbedtls_ssl_context *ssl, unsigned char hash[36] )
+{
+    mbedtls_md5_context md5;
+    mbedtls_sha1_context sha1;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify tls" ) );
+
+    mbedtls_md5_init( &md5 );
+    mbedtls_sha1_init( &sha1 );
+
+    mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 );
+    mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 );
+
+     mbedtls_md5_finish_ret( &md5,  hash );
+    mbedtls_sha1_finish_ret( &sha1, hash + 16 );
+
+    MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 36 );
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
+
+    mbedtls_md5_free(  &md5  );
+    mbedtls_sha1_free( &sha1 );
+
+    return;
+}
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA256_C)
+void ssl_calc_verify_tls_sha256( mbedtls_ssl_context *ssl, unsigned char hash[32] )
+{
+    mbedtls_sha256_context sha256;
+
+    mbedtls_sha256_init( &sha256 );
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify sha256" ) );
+
+    mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 );
+    mbedtls_sha256_finish_ret( &sha256, hash );
+
+    MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 32 );
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
+
+    mbedtls_sha256_free( &sha256 );
+
+    return;
+}
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+void ssl_calc_verify_tls_sha384( mbedtls_ssl_context *ssl, unsigned char hash[48] )
+{
+    mbedtls_sha512_context sha512;
+
+    mbedtls_sha512_init( &sha512 );
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify sha384" ) );
+
+    mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 );
+    mbedtls_sha512_finish_ret( &sha512, hash );
+
+    MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, 48 );
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) );
+
+    mbedtls_sha512_free( &sha512 );
+
+    return;
+}
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex )
+{
+    unsigned char *p = ssl->handshake->premaster;
+    unsigned char *end = p + sizeof( ssl->handshake->premaster );
+    const unsigned char *psk = ssl->conf->psk;
+    size_t psk_len = ssl->conf->psk_len;
+
+    /* If the psk callback was called, use its result */
+    if( ssl->handshake->psk != NULL )
+    {
+        psk = ssl->handshake->psk;
+        psk_len = ssl->handshake->psk_len;
+    }
+
+    /*
+     * PMS = struct {
+     *     opaque other_secret<0..2^16-1>;
+     *     opaque psk<0..2^16-1>;
+     * };
+     * with "other_secret" depending on the particular key exchange
+     */
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
+    if( key_ex == MBEDTLS_KEY_EXCHANGE_PSK )
+    {
+        if( end - p < 2 )
+            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+        *(p++) = (unsigned char)( psk_len >> 8 );
+        *(p++) = (unsigned char)( psk_len      );
+
+        if( end < p || (size_t)( end - p ) < psk_len )
+            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+        memset( p, 0, psk_len );
+        p += psk_len;
+    }
+    else
+#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
+    if( key_ex == MBEDTLS_KEY_EXCHANGE_RSA_PSK )
+    {
+        /*
+         * other_secret already set by the ClientKeyExchange message,
+         * and is 48 bytes long
+         */
+        *p++ = 0;
+        *p++ = 48;
+        p += 48;
+    }
+    else
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+    if( key_ex == MBEDTLS_KEY_EXCHANGE_DHE_PSK )
+    {
+        int ret;
+        size_t len;
+
+        /* Write length only when we know the actual value */
+        if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx,
+                                      p + 2, end - ( p + 2 ), &len,
+                                      ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret );
+            return( ret );
+        }
+        *(p++) = (unsigned char)( len >> 8 );
+        *(p++) = (unsigned char)( len );
+        p += len;
+
+        MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K  );
+    }
+    else
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
+    if( key_ex == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )
+    {
+        int ret;
+        size_t zlen;
+
+        if( ( ret = mbedtls_ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &zlen,
+                                       p + 2, end - ( p + 2 ),
+                                       ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret );
+            return( ret );
+        }
+
+        *(p++) = (unsigned char)( zlen >> 8 );
+        *(p++) = (unsigned char)( zlen      );
+        p += zlen;
+
+        MBEDTLS_SSL_DEBUG_MPI( 3, "ECDH: z", &ssl->handshake->ecdh_ctx.z );
+    }
+    else
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+    }
+
+    /* opaque psk<0..2^16-1>; */
+    if( end - p < 2 )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    *(p++) = (unsigned char)( psk_len >> 8 );
+    *(p++) = (unsigned char)( psk_len      );
+
+    if( end < p || (size_t)( end - p ) < psk_len )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    memcpy( p, psk, psk_len );
+    p += psk_len;
+
+    ssl->handshake->pmslen = p - ssl->handshake->premaster;
+
+    return( 0 );
+}
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+/*
+ * SSLv3.0 MAC functions
+ */
+#define SSL_MAC_MAX_BYTES   20  /* MD-5 or SHA-1 */
+static void ssl_mac( mbedtls_md_context_t *md_ctx,
+                     const unsigned char *secret,
+                     const unsigned char *buf, size_t len,
+                     const unsigned char *ctr, int type,
+                     unsigned char out[SSL_MAC_MAX_BYTES] )
+{
+    unsigned char header[11];
+    unsigned char padding[48];
+    int padlen;
+    int md_size = mbedtls_md_get_size( md_ctx->md_info );
+    int md_type = mbedtls_md_get_type( md_ctx->md_info );
+
+    /* Only MD5 and SHA-1 supported */
+    if( md_type == MBEDTLS_MD_MD5 )
+        padlen = 48;
+    else
+        padlen = 40;
+
+    memcpy( header, ctr, 8 );
+    header[ 8] = (unsigned char)  type;
+    header[ 9] = (unsigned char)( len >> 8 );
+    header[10] = (unsigned char)( len      );
+
+    memset( padding, 0x36, padlen );
+    mbedtls_md_starts( md_ctx );
+    mbedtls_md_update( md_ctx, secret,  md_size );
+    mbedtls_md_update( md_ctx, padding, padlen  );
+    mbedtls_md_update( md_ctx, header,  11      );
+    mbedtls_md_update( md_ctx, buf,     len     );
+    mbedtls_md_finish( md_ctx, out              );
+
+    memset( padding, 0x5C, padlen );
+    mbedtls_md_starts( md_ctx );
+    mbedtls_md_update( md_ctx, secret,    md_size );
+    mbedtls_md_update( md_ctx, padding,   padlen  );
+    mbedtls_md_update( md_ctx, out,       md_size );
+    mbedtls_md_finish( md_ctx, out                );
+}
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+
+#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) ||     \
+    ( defined(MBEDTLS_CIPHER_MODE_CBC) &&                                  \
+      ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_CAMELLIA_C) ) )
+#define SSL_SOME_MODES_USE_MAC
+#endif
+
+/*
+ * Encryption/decryption functions
+ */
+static int ssl_encrypt_buf( mbedtls_ssl_context *ssl )
+{
+    mbedtls_cipher_mode_t mode;
+    int auth_done = 0;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> encrypt buf" ) );
+
+    if( ssl->session_out == NULL || ssl->transform_out == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+    }
+
+    mode = mbedtls_cipher_get_cipher_mode( &ssl->transform_out->cipher_ctx_enc );
+
+    MBEDTLS_SSL_DEBUG_BUF( 4, "before encrypt: output payload",
+                      ssl->out_msg, ssl->out_msglen );
+
+    if( ssl->out_msglen > MBEDTLS_SSL_MAX_CONTENT_LEN )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Record content %u too large, maximum %d",
+                                    (unsigned) ssl->out_msglen,
+                                    MBEDTLS_SSL_MAX_CONTENT_LEN ) );
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    }
+
+    /*
+     * Add MAC before if needed
+     */
+#if defined(SSL_SOME_MODES_USE_MAC)
+    if( mode == MBEDTLS_MODE_STREAM ||
+        ( mode == MBEDTLS_MODE_CBC
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+          && ssl->session_out->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED
+#endif
+        ) )
+    {
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+        if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
+        {
+            unsigned char mac[SSL_MAC_MAX_BYTES];
+
+            ssl_mac( &ssl->transform_out->md_ctx_enc,
+                      ssl->transform_out->mac_enc,
+                      ssl->out_msg, ssl->out_msglen,
+                      ssl->out_ctr, ssl->out_msgtype,
+                      mac );
+
+            memcpy( ssl->out_msg + ssl->out_msglen, mac, ssl->transform_out->maclen );
+        }
+        else
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+        defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 )
+        {
+            unsigned char mac[MBEDTLS_SSL_MAC_ADD];
+
+            mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_ctr, 8 );
+            mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_hdr, 3 );
+            mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, ssl->out_len, 2 );
+            mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc,
+                             ssl->out_msg, ssl->out_msglen );
+            mbedtls_md_hmac_finish( &ssl->transform_out->md_ctx_enc, mac );
+            mbedtls_md_hmac_reset( &ssl->transform_out->md_ctx_enc );
+
+            memcpy( ssl->out_msg + ssl->out_msglen, mac, ssl->transform_out->maclen );
+        }
+        else
+#endif
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+        }
+
+        MBEDTLS_SSL_DEBUG_BUF( 4, "computed mac",
+                       ssl->out_msg + ssl->out_msglen,
+                       ssl->transform_out->maclen );
+
+        ssl->out_msglen += ssl->transform_out->maclen;
+        auth_done++;
+    }
+#endif /* AEAD not the only option */
+
+    /*
+     * Encrypt
+     */
+#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER)
+    if( mode == MBEDTLS_MODE_STREAM )
+    {
+        int ret;
+        size_t olen = 0;
+
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, "
+                            "including %d bytes of padding",
+                       ssl->out_msglen, 0 ) );
+
+        if( ( ret = mbedtls_cipher_crypt( &ssl->transform_out->cipher_ctx_enc,
+                                   ssl->transform_out->iv_enc,
+                                   ssl->transform_out->ivlen,
+                                   ssl->out_msg, ssl->out_msglen,
+                                   ssl->out_msg, &olen ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
+            return( ret );
+        }
+
+        if( ssl->out_msglen != olen )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+        }
+    }
+    else
+#endif /* MBEDTLS_ARC4_C || MBEDTLS_CIPHER_NULL_CIPHER */
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)
+    if( mode == MBEDTLS_MODE_GCM ||
+        mode == MBEDTLS_MODE_CCM )
+    {
+        int ret;
+        size_t enc_msglen, olen;
+        unsigned char *enc_msg;
+        unsigned char add_data[13];
+        unsigned char taglen = ssl->transform_out->ciphersuite_info->flags &
+                               MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16;
+
+        memcpy( add_data, ssl->out_ctr, 8 );
+        add_data[8]  = ssl->out_msgtype;
+        mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver,
+                           ssl->conf->transport, add_data + 9 );
+        add_data[11] = ( ssl->out_msglen >> 8 ) & 0xFF;
+        add_data[12] = ssl->out_msglen & 0xFF;
+
+        MBEDTLS_SSL_DEBUG_BUF( 4, "additional data used for AEAD",
+                       add_data, 13 );
+
+        /*
+         * Generate IV
+         */
+        if( ssl->transform_out->ivlen - ssl->transform_out->fixed_ivlen != 8 )
+        {
+            /* Reminder if we ever add an AEAD mode with a different size */
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+        }
+
+        memcpy( ssl->transform_out->iv_enc + ssl->transform_out->fixed_ivlen,
+                             ssl->out_ctr, 8 );
+        memcpy( ssl->out_iv, ssl->out_ctr, 8 );
+
+        MBEDTLS_SSL_DEBUG_BUF( 4, "IV used", ssl->out_iv,
+                ssl->transform_out->ivlen - ssl->transform_out->fixed_ivlen );
+
+        /*
+         * Fix pointer positions and message length with added IV
+         */
+        enc_msg = ssl->out_msg;
+        enc_msglen = ssl->out_msglen;
+        ssl->out_msglen += ssl->transform_out->ivlen -
+                           ssl->transform_out->fixed_ivlen;
+
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, "
+                            "including %d bytes of padding",
+                       ssl->out_msglen, 0 ) );
+
+        /*
+         * Encrypt and authenticate
+         */
+        if( ( ret = mbedtls_cipher_auth_encrypt( &ssl->transform_out->cipher_ctx_enc,
+                                         ssl->transform_out->iv_enc,
+                                         ssl->transform_out->ivlen,
+                                         add_data, 13,
+                                         enc_msg, enc_msglen,
+                                         enc_msg, &olen,
+                                         enc_msg + enc_msglen, taglen ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_encrypt", ret );
+            return( ret );
+        }
+
+        if( olen != enc_msglen )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+        }
+
+        ssl->out_msglen += taglen;
+        auth_done++;
+
+        MBEDTLS_SSL_DEBUG_BUF( 4, "after encrypt: tag", enc_msg + enc_msglen, taglen );
+    }
+    else
+#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C */
+#if defined(MBEDTLS_CIPHER_MODE_CBC) &&                                    \
+    ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_CAMELLIA_C) )
+    if( mode == MBEDTLS_MODE_CBC )
+    {
+        int ret;
+        unsigned char *enc_msg;
+        size_t enc_msglen, padlen, olen = 0, i;
+
+        padlen = ssl->transform_out->ivlen - ( ssl->out_msglen + 1 ) %
+                 ssl->transform_out->ivlen;
+        if( padlen == ssl->transform_out->ivlen )
+            padlen = 0;
+
+        for( i = 0; i <= padlen; i++ )
+            ssl->out_msg[ssl->out_msglen + i] = (unsigned char) padlen;
+
+        ssl->out_msglen += padlen + 1;
+
+        enc_msglen = ssl->out_msglen;
+        enc_msg = ssl->out_msg;
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        /*
+         * Prepend per-record IV for block cipher in TLS v1.1 and up as per
+         * Method 1 (6.2.3.2. in RFC4346 and RFC5246)
+         */
+        if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 )
+        {
+            /*
+             * Generate IV
+             */
+            ret = ssl->conf->f_rng( ssl->conf->p_rng, ssl->transform_out->iv_enc,
+                                  ssl->transform_out->ivlen );
+            if( ret != 0 )
+                return( ret );
+
+            memcpy( ssl->out_iv, ssl->transform_out->iv_enc,
+                    ssl->transform_out->ivlen );
+
+            /*
+             * Fix pointer positions and message length with added IV
+             */
+            enc_msg = ssl->out_msg;
+            enc_msglen = ssl->out_msglen;
+            ssl->out_msglen += ssl->transform_out->ivlen;
+        }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */
+
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, "
+                            "including %d bytes of IV and %d bytes of padding",
+                            ssl->out_msglen, ssl->transform_out->ivlen,
+                            padlen + 1 ) );
+
+        if( ( ret = mbedtls_cipher_crypt( &ssl->transform_out->cipher_ctx_enc,
+                                   ssl->transform_out->iv_enc,
+                                   ssl->transform_out->ivlen,
+                                   enc_msg, enc_msglen,
+                                   enc_msg, &olen ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
+            return( ret );
+        }
+
+        if( enc_msglen != olen )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+        }
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1)
+        if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 )
+        {
+            /*
+             * Save IV in SSL3 and TLS1
+             */
+            memcpy( ssl->transform_out->iv_enc,
+                    ssl->transform_out->cipher_ctx_enc.iv,
+                    ssl->transform_out->ivlen );
+        }
+#endif
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+        if( auth_done == 0 )
+        {
+            /*
+             * MAC(MAC_write_key, seq_num +
+             *     TLSCipherText.type +
+             *     TLSCipherText.version +
+             *     length_of( (IV +) ENC(...) ) +
+             *     IV + // except for TLS 1.0
+             *     ENC(content + padding + padding_length));
+             */
+            unsigned char pseudo_hdr[13];
+
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) );
+
+            memcpy( pseudo_hdr +  0, ssl->out_ctr, 8 );
+            memcpy( pseudo_hdr +  8, ssl->out_hdr, 3 );
+            pseudo_hdr[11] = (unsigned char)( ( ssl->out_msglen >> 8 ) & 0xFF );
+            pseudo_hdr[12] = (unsigned char)( ( ssl->out_msglen      ) & 0xFF );
+
+            MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", pseudo_hdr, 13 );
+
+            mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc, pseudo_hdr, 13 );
+            mbedtls_md_hmac_update( &ssl->transform_out->md_ctx_enc,
+                             ssl->out_iv, ssl->out_msglen );
+            mbedtls_md_hmac_finish( &ssl->transform_out->md_ctx_enc,
+                             ssl->out_iv + ssl->out_msglen );
+            mbedtls_md_hmac_reset( &ssl->transform_out->md_ctx_enc );
+
+            ssl->out_msglen += ssl->transform_out->maclen;
+            auth_done++;
+        }
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+    }
+    else
+#endif /* MBEDTLS_CIPHER_MODE_CBC &&
+          ( MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C ) */
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+    }
+
+    /* Make extra sure authentication was performed, exactly once */
+    if( auth_done != 1 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= encrypt buf" ) );
+
+    return( 0 );
+}
+
+static int ssl_decrypt_buf( mbedtls_ssl_context *ssl )
+{
+    size_t i;
+    mbedtls_cipher_mode_t mode;
+    int auth_done = 0;
+#if defined(SSL_SOME_MODES_USE_MAC)
+    size_t padlen = 0, correct = 1;
+#endif
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> decrypt buf" ) );
+
+    if( ssl->session_in == NULL || ssl->transform_in == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+    }
+
+    mode = mbedtls_cipher_get_cipher_mode( &ssl->transform_in->cipher_ctx_dec );
+
+    if( ssl->in_msglen < ssl->transform_in->minlen )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "in_msglen (%d) < minlen (%d)",
+                       ssl->in_msglen, ssl->transform_in->minlen ) );
+        return( MBEDTLS_ERR_SSL_INVALID_MAC );
+    }
+
+#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER)
+    if( mode == MBEDTLS_MODE_STREAM )
+    {
+        int ret;
+        size_t olen = 0;
+
+        padlen = 0;
+
+        if( ( ret = mbedtls_cipher_crypt( &ssl->transform_in->cipher_ctx_dec,
+                                   ssl->transform_in->iv_dec,
+                                   ssl->transform_in->ivlen,
+                                   ssl->in_msg, ssl->in_msglen,
+                                   ssl->in_msg, &olen ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
+            return( ret );
+        }
+
+        if( ssl->in_msglen != olen )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+        }
+    }
+    else
+#endif /* MBEDTLS_ARC4_C || MBEDTLS_CIPHER_NULL_CIPHER */
+#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)
+    if( mode == MBEDTLS_MODE_GCM ||
+        mode == MBEDTLS_MODE_CCM )
+    {
+        int ret;
+        size_t dec_msglen, olen;
+        unsigned char *dec_msg;
+        unsigned char *dec_msg_result;
+        unsigned char add_data[13];
+        unsigned char taglen = ssl->transform_in->ciphersuite_info->flags &
+                               MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16;
+        size_t explicit_iv_len = ssl->transform_in->ivlen -
+                                 ssl->transform_in->fixed_ivlen;
+
+        if( ssl->in_msglen < explicit_iv_len + taglen )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) < explicit_iv_len (%d) "
+                                "+ taglen (%d)", ssl->in_msglen,
+                                explicit_iv_len, taglen ) );
+            return( MBEDTLS_ERR_SSL_INVALID_MAC );
+        }
+        dec_msglen = ssl->in_msglen - explicit_iv_len - taglen;
+
+        dec_msg = ssl->in_msg;
+        dec_msg_result = ssl->in_msg;
+        ssl->in_msglen = dec_msglen;
+
+        memcpy( add_data, ssl->in_ctr, 8 );
+        add_data[8]  = ssl->in_msgtype;
+        mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver,
+                           ssl->conf->transport, add_data + 9 );
+        add_data[11] = ( ssl->in_msglen >> 8 ) & 0xFF;
+        add_data[12] = ssl->in_msglen & 0xFF;
+
+        MBEDTLS_SSL_DEBUG_BUF( 4, "additional data used for AEAD",
+                       add_data, 13 );
+
+        memcpy( ssl->transform_in->iv_dec + ssl->transform_in->fixed_ivlen,
+                ssl->in_iv,
+                ssl->transform_in->ivlen - ssl->transform_in->fixed_ivlen );
+
+        MBEDTLS_SSL_DEBUG_BUF( 4, "IV used", ssl->transform_in->iv_dec,
+                                     ssl->transform_in->ivlen );
+        MBEDTLS_SSL_DEBUG_BUF( 4, "TAG used", dec_msg + dec_msglen, taglen );
+
+        /*
+         * Decrypt and authenticate
+         */
+        if( ( ret = mbedtls_cipher_auth_decrypt( &ssl->transform_in->cipher_ctx_dec,
+                                         ssl->transform_in->iv_dec,
+                                         ssl->transform_in->ivlen,
+                                         add_data, 13,
+                                         dec_msg, dec_msglen,
+                                         dec_msg_result, &olen,
+                                         dec_msg + dec_msglen, taglen ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_decrypt", ret );
+
+            if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED )
+                return( MBEDTLS_ERR_SSL_INVALID_MAC );
+
+            return( ret );
+        }
+        auth_done++;
+
+        if( olen != dec_msglen )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+        }
+    }
+    else
+#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C */
+#if defined(MBEDTLS_CIPHER_MODE_CBC) &&                                    \
+    ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_CAMELLIA_C) )
+    if( mode == MBEDTLS_MODE_CBC )
+    {
+        /*
+         * Decrypt and check the padding
+         */
+        int ret;
+        unsigned char *dec_msg;
+        unsigned char *dec_msg_result;
+        size_t dec_msglen;
+        size_t minlen = 0;
+        size_t olen = 0;
+
+        /*
+         * Check immediate ciphertext sanity
+         */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 )
+            minlen += ssl->transform_in->ivlen;
+#endif
+
+        if( ssl->in_msglen < minlen + ssl->transform_in->ivlen ||
+            ssl->in_msglen < minlen + ssl->transform_in->maclen + 1 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) < max( ivlen(%d), maclen (%d) "
+                                "+ 1 ) ( + expl IV )", ssl->in_msglen,
+                                ssl->transform_in->ivlen,
+                                ssl->transform_in->maclen ) );
+            return( MBEDTLS_ERR_SSL_INVALID_MAC );
+        }
+
+        dec_msglen = ssl->in_msglen;
+        dec_msg = ssl->in_msg;
+        dec_msg_result = ssl->in_msg;
+
+        /*
+         * Authenticate before decrypt if enabled
+         */
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+        if( ssl->session_in->encrypt_then_mac == MBEDTLS_SSL_ETM_ENABLED )
+        {
+            unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD];
+            unsigned char pseudo_hdr[13];
+
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) );
+
+            dec_msglen -= ssl->transform_in->maclen;
+            ssl->in_msglen -= ssl->transform_in->maclen;
+
+            memcpy( pseudo_hdr +  0, ssl->in_ctr, 8 );
+            memcpy( pseudo_hdr +  8, ssl->in_hdr, 3 );
+            pseudo_hdr[11] = (unsigned char)( ( ssl->in_msglen >> 8 ) & 0xFF );
+            pseudo_hdr[12] = (unsigned char)( ( ssl->in_msglen      ) & 0xFF );
+
+            MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", pseudo_hdr, 13 );
+
+            mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, pseudo_hdr, 13 );
+            mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec,
+                             ssl->in_iv, ssl->in_msglen );
+            mbedtls_md_hmac_finish( &ssl->transform_in->md_ctx_dec, mac_expect );
+            mbedtls_md_hmac_reset( &ssl->transform_in->md_ctx_dec );
+
+            MBEDTLS_SSL_DEBUG_BUF( 4, "message  mac", ssl->in_iv + ssl->in_msglen,
+                                              ssl->transform_in->maclen );
+            MBEDTLS_SSL_DEBUG_BUF( 4, "expected mac", mac_expect,
+                                              ssl->transform_in->maclen );
+
+            if( mbedtls_ssl_safer_memcmp( ssl->in_iv + ssl->in_msglen, mac_expect,
+                                          ssl->transform_in->maclen ) != 0 )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "message mac does not match" ) );
+
+                return( MBEDTLS_ERR_SSL_INVALID_MAC );
+            }
+            auth_done++;
+        }
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+
+        /*
+         * Check length sanity
+         */
+        if( ssl->in_msglen % ssl->transform_in->ivlen != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) %% ivlen (%d) != 0",
+                           ssl->in_msglen, ssl->transform_in->ivlen ) );
+            return( MBEDTLS_ERR_SSL_INVALID_MAC );
+        }
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        /*
+         * Initialize for prepended IV for block cipher in TLS v1.1 and up
+         */
+        if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 )
+        {
+            dec_msglen -= ssl->transform_in->ivlen;
+            ssl->in_msglen -= ssl->transform_in->ivlen;
+
+            for( i = 0; i < ssl->transform_in->ivlen; i++ )
+                ssl->transform_in->iv_dec[i] = ssl->in_iv[i];
+        }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */
+
+        if( ( ret = mbedtls_cipher_crypt( &ssl->transform_in->cipher_ctx_dec,
+                                   ssl->transform_in->iv_dec,
+                                   ssl->transform_in->ivlen,
+                                   dec_msg, dec_msglen,
+                                   dec_msg_result, &olen ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_crypt", ret );
+            return( ret );
+        }
+
+        if( dec_msglen != olen )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+        }
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1)
+        if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 )
+        {
+            /*
+             * Save IV in SSL3 and TLS1
+             */
+            memcpy( ssl->transform_in->iv_dec,
+                    ssl->transform_in->cipher_ctx_dec.iv,
+                    ssl->transform_in->ivlen );
+        }
+#endif
+
+        padlen = 1 + ssl->in_msg[ssl->in_msglen - 1];
+
+        if( ssl->in_msglen < ssl->transform_in->maclen + padlen &&
+            auth_done == 0 )
+        {
+#if defined(MBEDTLS_SSL_DEBUG_ALL)
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "msglen (%d) < maclen (%d) + padlen (%d)",
+                        ssl->in_msglen, ssl->transform_in->maclen, padlen ) );
+#endif
+            padlen = 0;
+            correct = 0;
+        }
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+        if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
+        {
+            if( padlen > ssl->transform_in->ivlen )
+            {
+#if defined(MBEDTLS_SSL_DEBUG_ALL)
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad padding length: is %d, "
+                                    "should be no more than %d",
+                               padlen, ssl->transform_in->ivlen ) );
+#endif
+                correct = 0;
+            }
+        }
+        else
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        if( ssl->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0 )
+        {
+            /*
+             * TLSv1+: always check the padding up to the first failure
+             * and fake check up to 256 bytes of padding
+             */
+            size_t pad_count = 0, real_count = 1;
+            size_t padding_idx = ssl->in_msglen - padlen - 1;
+
+            /*
+             * Padding is guaranteed to be incorrect if:
+             *   1. padlen >= ssl->in_msglen
+             *
+             *   2. padding_idx >= MBEDTLS_SSL_MAX_CONTENT_LEN +
+             *                     ssl->transform_in->maclen
+             *
+             * In both cases we reset padding_idx to a safe value (0) to
+             * prevent out-of-buffer reads.
+             */
+            correct &= ( ssl->in_msglen >= padlen + 1 );
+            correct &= ( padding_idx < MBEDTLS_SSL_MAX_CONTENT_LEN +
+                                       ssl->transform_in->maclen );
+
+            padding_idx *= correct;
+
+            for( i = 1; i <= 256; i++ )
+            {
+                real_count &= ( i <= padlen );
+                pad_count += real_count *
+                             ( ssl->in_msg[padding_idx + i] == padlen - 1 );
+            }
+
+            correct &= ( pad_count == padlen ); /* Only 1 on correct padding */
+
+#if defined(MBEDTLS_SSL_DEBUG_ALL)
+            if( padlen > 0 && correct == 0 )
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad padding byte detected" ) );
+#endif
+            padlen &= correct * 0x1FF;
+        }
+        else
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
+          MBEDTLS_SSL_PROTO_TLS1_2 */
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+        }
+
+        ssl->in_msglen -= padlen;
+    }
+    else
+#endif /* MBEDTLS_CIPHER_MODE_CBC &&
+          ( MBEDTLS_AES_C || MBEDTLS_CAMELLIA_C ) */
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+    }
+
+    MBEDTLS_SSL_DEBUG_BUF( 4, "raw buffer after decryption",
+                   ssl->in_msg, ssl->in_msglen );
+
+    /*
+     * Authenticate if not done yet.
+     * Compute the MAC regardless of the padding result (RFC4346, CBCTIME).
+     */
+#if defined(SSL_SOME_MODES_USE_MAC)
+    if( auth_done == 0 )
+    {
+        unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD];
+
+        ssl->in_msglen -= ssl->transform_in->maclen;
+
+        ssl->in_len[0] = (unsigned char)( ssl->in_msglen >> 8 );
+        ssl->in_len[1] = (unsigned char)( ssl->in_msglen      );
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+        if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
+        {
+            ssl_mac( &ssl->transform_in->md_ctx_dec,
+                      ssl->transform_in->mac_dec,
+                      ssl->in_msg, ssl->in_msglen,
+                      ssl->in_ctr, ssl->in_msgtype,
+                      mac_expect );
+        }
+        else
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+        defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        if( ssl->minor_ver > MBEDTLS_SSL_MINOR_VERSION_0 )
+        {
+            /*
+             * Process MAC and always update for padlen afterwards to make
+             * total time independent of padlen
+             *
+             * extra_run compensates MAC check for padlen
+             *
+             * Known timing attacks:
+             *  - Lucky Thirteen (http://www.isg.rhul.ac.uk/tls/TLStiming.pdf)
+             *
+             * We use ( ( Lx + 8 ) / 64 ) to handle 'negative Lx' values
+             * correctly. (We round down instead of up, so -56 is the correct
+             * value for our calculations instead of -55)
+             */
+            size_t j, extra_run = 0;
+            extra_run = ( 13 + ssl->in_msglen + padlen + 8 ) / 64 -
+                        ( 13 + ssl->in_msglen          + 8 ) / 64;
+
+            extra_run &= correct * 0xFF;
+
+            mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_ctr, 8 );
+            mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_hdr, 3 );
+            mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_len, 2 );
+            mbedtls_md_hmac_update( &ssl->transform_in->md_ctx_dec, ssl->in_msg,
+                             ssl->in_msglen );
+            mbedtls_md_hmac_finish( &ssl->transform_in->md_ctx_dec, mac_expect );
+            /* Call mbedtls_md_process at least once due to cache attacks */
+            for( j = 0; j < extra_run + 1; j++ )
+                mbedtls_md_process( &ssl->transform_in->md_ctx_dec, ssl->in_msg );
+
+            mbedtls_md_hmac_reset( &ssl->transform_in->md_ctx_dec );
+        }
+        else
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
+              MBEDTLS_SSL_PROTO_TLS1_2 */
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+        }
+
+        MBEDTLS_SSL_DEBUG_BUF( 4, "expected mac", mac_expect, ssl->transform_in->maclen );
+        MBEDTLS_SSL_DEBUG_BUF( 4, "message  mac", ssl->in_msg + ssl->in_msglen,
+                               ssl->transform_in->maclen );
+
+        if( mbedtls_ssl_safer_memcmp( ssl->in_msg + ssl->in_msglen, mac_expect,
+                                      ssl->transform_in->maclen ) != 0 )
+        {
+#if defined(MBEDTLS_SSL_DEBUG_ALL)
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "message mac does not match" ) );
+#endif
+            correct = 0;
+        }
+        auth_done++;
+
+        /*
+         * Finally check the correct flag
+         */
+        if( correct == 0 )
+            return( MBEDTLS_ERR_SSL_INVALID_MAC );
+    }
+#endif /* SSL_SOME_MODES_USE_MAC */
+
+    /* Make extra sure authentication was performed, exactly once */
+    if( auth_done != 1 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+    }
+
+    if( ssl->in_msglen == 0 )
+    {
+        ssl->nb_zero++;
+
+        /*
+         * Three or more empty messages may be a DoS attack
+         * (excessive CPU consumption).
+         */
+        if( ssl->nb_zero > 3 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "received four consecutive empty "
+                                "messages, possible DoS attack" ) );
+            return( MBEDTLS_ERR_SSL_INVALID_MAC );
+        }
+    }
+    else
+        ssl->nb_zero = 0;
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+    {
+        ; /* in_ctr read from peer, not maintained internally */
+    }
+    else
+#endif
+    {
+        for( i = 8; i > ssl_ep_len( ssl ); i-- )
+            if( ++ssl->in_ctr[i - 1] != 0 )
+                break;
+
+        /* The loop goes to its end iff the counter is wrapping */
+        if( i == ssl_ep_len( ssl ) )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "incoming message counter would wrap" ) );
+            return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING );
+        }
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= decrypt buf" ) );
+
+    return( 0 );
+}
+
+#undef MAC_NONE
+#undef MAC_PLAINTEXT
+#undef MAC_CIPHERTEXT
+
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+/*
+ * Compression/decompression functions
+ */
+static int ssl_compress_buf( mbedtls_ssl_context *ssl )
+{
+    int ret;
+    unsigned char *msg_post = ssl->out_msg;
+    size_t len_pre = ssl->out_msglen;
+    unsigned char *msg_pre = ssl->compress_buf;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> compress buf" ) );
+
+    if( len_pre == 0 )
+        return( 0 );
+
+    memcpy( msg_pre, ssl->out_msg, len_pre );
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "before compression: msglen = %d, ",
+                   ssl->out_msglen ) );
+
+    MBEDTLS_SSL_DEBUG_BUF( 4, "before compression: output payload",
+                   ssl->out_msg, ssl->out_msglen );
+
+    ssl->transform_out->ctx_deflate.next_in = msg_pre;
+    ssl->transform_out->ctx_deflate.avail_in = len_pre;
+    ssl->transform_out->ctx_deflate.next_out = msg_post;
+    ssl->transform_out->ctx_deflate.avail_out = MBEDTLS_SSL_BUFFER_LEN;
+
+    ret = deflate( &ssl->transform_out->ctx_deflate, Z_SYNC_FLUSH );
+    if( ret != Z_OK )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "failed to perform compression (%d)", ret ) );
+        return( MBEDTLS_ERR_SSL_COMPRESSION_FAILED );
+    }
+
+    ssl->out_msglen = MBEDTLS_SSL_BUFFER_LEN -
+                      ssl->transform_out->ctx_deflate.avail_out;
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "after compression: msglen = %d, ",
+                   ssl->out_msglen ) );
+
+    MBEDTLS_SSL_DEBUG_BUF( 4, "after compression: output payload",
+                   ssl->out_msg, ssl->out_msglen );
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= compress buf" ) );
+
+    return( 0 );
+}
+
+static int ssl_decompress_buf( mbedtls_ssl_context *ssl )
+{
+    int ret;
+    unsigned char *msg_post = ssl->in_msg;
+    size_t len_pre = ssl->in_msglen;
+    unsigned char *msg_pre = ssl->compress_buf;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> decompress buf" ) );
+
+    if( len_pre == 0 )
+        return( 0 );
+
+    memcpy( msg_pre, ssl->in_msg, len_pre );
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "before decompression: msglen = %d, ",
+                   ssl->in_msglen ) );
+
+    MBEDTLS_SSL_DEBUG_BUF( 4, "before decompression: input payload",
+                   ssl->in_msg, ssl->in_msglen );
+
+    ssl->transform_in->ctx_inflate.next_in = msg_pre;
+    ssl->transform_in->ctx_inflate.avail_in = len_pre;
+    ssl->transform_in->ctx_inflate.next_out = msg_post;
+    ssl->transform_in->ctx_inflate.avail_out = MBEDTLS_SSL_MAX_CONTENT_LEN;
+
+    ret = inflate( &ssl->transform_in->ctx_inflate, Z_SYNC_FLUSH );
+    if( ret != Z_OK )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "failed to perform decompression (%d)", ret ) );
+        return( MBEDTLS_ERR_SSL_COMPRESSION_FAILED );
+    }
+
+    ssl->in_msglen = MBEDTLS_SSL_MAX_CONTENT_LEN -
+                     ssl->transform_in->ctx_inflate.avail_out;
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "after decompression: msglen = %d, ",
+                   ssl->in_msglen ) );
+
+    MBEDTLS_SSL_DEBUG_BUF( 4, "after decompression: input payload",
+                   ssl->in_msg, ssl->in_msglen );
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= decompress buf" ) );
+
+    return( 0 );
+}
+#endif /* MBEDTLS_ZLIB_SUPPORT */
+
+#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION)
+static int ssl_write_hello_request( mbedtls_ssl_context *ssl );
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+static int ssl_resend_hello_request( mbedtls_ssl_context *ssl )
+{
+    /* If renegotiation is not enforced, retransmit until we would reach max
+     * timeout if we were using the usual handshake doubling scheme */
+    if( ssl->conf->renego_max_records < 0 )
+    {
+        uint32_t ratio = ssl->conf->hs_timeout_max / ssl->conf->hs_timeout_min + 1;
+        unsigned char doublings = 1;
+
+        while( ratio != 0 )
+        {
+            ++doublings;
+            ratio >>= 1;
+        }
+
+        if( ++ssl->renego_records_seen > doublings )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 2, ( "no longer retransmitting hello request" ) );
+            return( 0 );
+        }
+    }
+
+    return( ssl_write_hello_request( ssl ) );
+}
+#endif
+#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */
+
+/*
+ * Fill the input message buffer by appending data to it.
+ * The amount of data already fetched is in ssl->in_left.
+ *
+ * If we return 0, is it guaranteed that (at least) nb_want bytes are
+ * available (from this read and/or a previous one). Otherwise, an error code
+ * is returned (possibly EOF or WANT_READ).
+ *
+ * With stream transport (TLS) on success ssl->in_left == nb_want, but
+ * with datagram transport (DTLS) on success ssl->in_left >= nb_want,
+ * since we always read a whole datagram at once.
+ *
+ * For DTLS, it is up to the caller to set ssl->next_record_offset when
+ * they're done reading a record.
+ */
+int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want )
+{
+    int ret;
+    size_t len;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> fetch input" ) );
+
+    if( ssl->f_recv == NULL && ssl->f_recv_timeout == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Bad usage of mbedtls_ssl_set_bio() "
+                            "or mbedtls_ssl_set_bio()" ) );
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    }
+
+    if( nb_want > MBEDTLS_SSL_BUFFER_LEN - (size_t)( ssl->in_hdr - ssl->in_buf ) )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "requesting more data than fits" ) );
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+    {
+        uint32_t timeout;
+
+        /* Just to be sure */
+        if( ssl->f_set_timer == NULL || ssl->f_get_timer == NULL )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "You must use "
+                        "mbedtls_ssl_set_timer_cb() for DTLS" ) );
+            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+        }
+
+        /*
+         * The point is, we need to always read a full datagram at once, so we
+         * sometimes read more then requested, and handle the additional data.
+         * It could be the rest of the current record (while fetching the
+         * header) and/or some other records in the same datagram.
+         */
+
+        /*
+         * Move to the next record in the already read datagram if applicable
+         */
+        if( ssl->next_record_offset != 0 )
+        {
+            if( ssl->in_left < ssl->next_record_offset )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+                return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+            }
+
+            ssl->in_left -= ssl->next_record_offset;
+
+            if( ssl->in_left != 0 )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 2, ( "next record in same datagram, offset: %d",
+                                    ssl->next_record_offset ) );
+                memmove( ssl->in_hdr,
+                         ssl->in_hdr + ssl->next_record_offset,
+                         ssl->in_left );
+            }
+
+            ssl->next_record_offset = 0;
+        }
+
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %d, nb_want: %d",
+                       ssl->in_left, nb_want ) );
+
+        /*
+         * Done if we already have enough data.
+         */
+        if( nb_want <= ssl->in_left)
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= fetch input" ) );
+            return( 0 );
+        }
+
+        /*
+         * A record can't be split accross datagrams. If we need to read but
+         * are not at the beginning of a new record, the caller did something
+         * wrong.
+         */
+        if( ssl->in_left != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+        }
+
+        /*
+         * Don't even try to read if time's out already.
+         * This avoids by-passing the timer when repeatedly receiving messages
+         * that will end up being dropped.
+         */
+        if( ssl_check_timer( ssl ) != 0 )
+            ret = MBEDTLS_ERR_SSL_TIMEOUT;
+        else
+        {
+            len = MBEDTLS_SSL_BUFFER_LEN - ( ssl->in_hdr - ssl->in_buf );
+
+            if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
+                timeout = ssl->handshake->retransmit_timeout;
+            else
+                timeout = ssl->conf->read_timeout;
+
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "f_recv_timeout: %u ms", timeout ) );
+
+            if( ssl->f_recv_timeout != NULL )
+                ret = ssl->f_recv_timeout( ssl->p_bio, ssl->in_hdr, len,
+                                                                    timeout );
+            else
+                ret = ssl->f_recv( ssl->p_bio, ssl->in_hdr, len );
+
+            MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_recv(_timeout)", ret );
+
+            if( ret == 0 )
+                return( MBEDTLS_ERR_SSL_CONN_EOF );
+        }
+
+        if( ret == MBEDTLS_ERR_SSL_TIMEOUT )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 2, ( "timeout" ) );
+            ssl_set_timer( ssl, 0 );
+
+            if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
+            {
+                if( ssl_double_retransmit_timeout( ssl ) != 0 )
+                {
+                    MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake timeout" ) );
+                    return( MBEDTLS_ERR_SSL_TIMEOUT );
+                }
+
+                if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 )
+                {
+                    MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_resend", ret );
+                    return( ret );
+                }
+
+                return( MBEDTLS_ERR_SSL_WANT_READ );
+            }
+#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION)
+            else if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
+                     ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING )
+            {
+                if( ( ret = ssl_resend_hello_request( ssl ) ) != 0 )
+                {
+                    MBEDTLS_SSL_DEBUG_RET( 1, "ssl_resend_hello_request", ret );
+                    return( ret );
+                }
+
+                return( MBEDTLS_ERR_SSL_WANT_READ );
+            }
+#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */
+        }
+
+        if( ret < 0 )
+            return( ret );
+
+        ssl->in_left = ret;
+    }
+    else
+#endif
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %d, nb_want: %d",
+                       ssl->in_left, nb_want ) );
+
+        while( ssl->in_left < nb_want )
+        {
+            len = nb_want - ssl->in_left;
+
+            if( ssl_check_timer( ssl ) != 0 )
+                ret = MBEDTLS_ERR_SSL_TIMEOUT;
+            else
+            {
+                if( ssl->f_recv_timeout != NULL )
+                {
+                    ret = ssl->f_recv_timeout( ssl->p_bio,
+                                               ssl->in_hdr + ssl->in_left, len,
+                                               ssl->conf->read_timeout );
+                }
+                else
+                {
+                    ret = ssl->f_recv( ssl->p_bio,
+                                       ssl->in_hdr + ssl->in_left, len );
+                }
+            }
+
+            MBEDTLS_SSL_DEBUG_MSG( 2, ( "in_left: %d, nb_want: %d",
+                                        ssl->in_left, nb_want ) );
+            MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_recv(_timeout)", ret );
+
+            if( ret == 0 )
+                return( MBEDTLS_ERR_SSL_CONN_EOF );
+
+            if( ret < 0 )
+                return( ret );
+
+            ssl->in_left += ret;
+        }
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= fetch input" ) );
+
+    return( 0 );
+}
+
+/*
+ * Flush any data not yet written
+ */
+int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl )
+{
+    int ret;
+    unsigned char *buf, i;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> flush output" ) );
+
+    if( ssl->f_send == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Bad usage of mbedtls_ssl_set_bio() "
+                            "or mbedtls_ssl_set_bio()" ) );
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    }
+
+    /* Avoid incrementing counter if data is flushed */
+    if( ssl->out_left == 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= flush output" ) );
+        return( 0 );
+    }
+
+    while( ssl->out_left > 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "message length: %d, out_left: %d",
+                       mbedtls_ssl_hdr_len( ssl ) + ssl->out_msglen, ssl->out_left ) );
+
+        buf = ssl->out_hdr + mbedtls_ssl_hdr_len( ssl ) +
+              ssl->out_msglen - ssl->out_left;
+        ret = ssl->f_send( ssl->p_bio, buf, ssl->out_left );
+
+        MBEDTLS_SSL_DEBUG_RET( 2, "ssl->f_send", ret );
+
+        if( ret <= 0 )
+            return( ret );
+
+        ssl->out_left -= ret;
+    }
+
+    for( i = 8; i > ssl_ep_len( ssl ); i-- )
+        if( ++ssl->out_ctr[i - 1] != 0 )
+            break;
+
+    /* The loop goes to its end iff the counter is wrapping */
+    if( i == ssl_ep_len( ssl ) )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "outgoing message counter would wrap" ) );
+        return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= flush output" ) );
+
+    return( 0 );
+}
+
+/*
+ * Functions to handle the DTLS retransmission state machine
+ */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+/*
+ * Append current handshake message to current outgoing flight
+ */
+static int ssl_flight_append( mbedtls_ssl_context *ssl )
+{
+    mbedtls_ssl_flight_item *msg;
+
+    /* Allocate space for current message */
+    if( ( msg = mbedtls_calloc( 1, sizeof(  mbedtls_ssl_flight_item ) ) ) == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc %d bytes failed",
+                            sizeof( mbedtls_ssl_flight_item ) ) );
+        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+    }
+
+    if( ( msg->p = mbedtls_calloc( 1, ssl->out_msglen ) ) == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc %d bytes failed", ssl->out_msglen ) );
+        mbedtls_free( msg );
+        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+    }
+
+    /* Copy current handshake message with headers */
+    memcpy( msg->p, ssl->out_msg, ssl->out_msglen );
+    msg->len = ssl->out_msglen;
+    msg->type = ssl->out_msgtype;
+    msg->next = NULL;
+
+    /* Append to the current flight */
+    if( ssl->handshake->flight == NULL )
+        ssl->handshake->flight = msg;
+    else
+    {
+        mbedtls_ssl_flight_item *cur = ssl->handshake->flight;
+        while( cur->next != NULL )
+            cur = cur->next;
+        cur->next = msg;
+    }
+
+    return( 0 );
+}
+
+/*
+ * Free the current flight of handshake messages
+ */
+static void ssl_flight_free( mbedtls_ssl_flight_item *flight )
+{
+    mbedtls_ssl_flight_item *cur = flight;
+    mbedtls_ssl_flight_item *next;
+
+    while( cur != NULL )
+    {
+        next = cur->next;
+
+        mbedtls_free( cur->p );
+        mbedtls_free( cur );
+
+        cur = next;
+    }
+}
+
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+static void ssl_dtls_replay_reset( mbedtls_ssl_context *ssl );
+#endif
+
+/*
+ * Swap transform_out and out_ctr with the alternative ones
+ */
+static void ssl_swap_epochs( mbedtls_ssl_context *ssl )
+{
+    mbedtls_ssl_transform *tmp_transform;
+    unsigned char tmp_out_ctr[8];
+
+    if( ssl->transform_out == ssl->handshake->alt_transform_out )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip swap epochs" ) );
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "swap epochs" ) );
+
+    /* Swap transforms */
+    tmp_transform                     = ssl->transform_out;
+    ssl->transform_out                = ssl->handshake->alt_transform_out;
+    ssl->handshake->alt_transform_out = tmp_transform;
+
+    /* Swap epoch + sequence_number */
+    memcpy( tmp_out_ctr,                 ssl->out_ctr,                8 );
+    memcpy( ssl->out_ctr,                ssl->handshake->alt_out_ctr, 8 );
+    memcpy( ssl->handshake->alt_out_ctr, tmp_out_ctr,                 8 );
+
+    /* Adjust to the newly activated transform */
+    if( ssl->transform_out != NULL &&
+        ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 )
+    {
+        ssl->out_msg = ssl->out_iv + ssl->transform_out->ivlen -
+                                     ssl->transform_out->fixed_ivlen;
+    }
+    else
+        ssl->out_msg = ssl->out_iv;
+
+#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+    if( mbedtls_ssl_hw_record_activate != NULL )
+    {
+        if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret );
+            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+        }
+    }
+#endif
+}
+
+/*
+ * Retransmit the current flight of messages.
+ *
+ * Need to remember the current message in case flush_output returns
+ * WANT_WRITE, causing us to exit this function and come back later.
+ * This function must be called until state is no longer SENDING.
+ */
+int mbedtls_ssl_resend( mbedtls_ssl_context *ssl )
+{
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_resend" ) );
+
+    if( ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialise resending" ) );
+
+        ssl->handshake->cur_msg = ssl->handshake->flight;
+        ssl_swap_epochs( ssl );
+
+        ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_SENDING;
+    }
+
+    while( ssl->handshake->cur_msg != NULL )
+    {
+        int ret;
+        mbedtls_ssl_flight_item *cur = ssl->handshake->cur_msg;
+
+        /* Swap epochs before sending Finished: we can't do it after
+         * sending ChangeCipherSpec, in case write returns WANT_READ.
+         * Must be done before copying, may change out_msg pointer */
+        if( cur->type == MBEDTLS_SSL_MSG_HANDSHAKE &&
+            cur->p[0] == MBEDTLS_SSL_HS_FINISHED )
+        {
+            ssl_swap_epochs( ssl );
+        }
+
+        memcpy( ssl->out_msg, cur->p, cur->len );
+        ssl->out_msglen = cur->len;
+        ssl->out_msgtype = cur->type;
+
+        ssl->handshake->cur_msg = cur->next;
+
+        MBEDTLS_SSL_DEBUG_BUF( 3, "resent handshake message header", ssl->out_msg, 12 );
+
+        if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+            return( ret );
+        }
+    }
+
+    if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER )
+        ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED;
+    else
+    {
+        ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING;
+        ssl_set_timer( ssl, ssl->handshake->retransmit_timeout );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_resend" ) );
+
+    return( 0 );
+}
+
+/*
+ * To be called when the last message of an incoming flight is received.
+ */
+void mbedtls_ssl_recv_flight_completed( mbedtls_ssl_context *ssl )
+{
+    /* We won't need to resend that one any more */
+    ssl_flight_free( ssl->handshake->flight );
+    ssl->handshake->flight = NULL;
+    ssl->handshake->cur_msg = NULL;
+
+    /* The next incoming flight will start with this msg_seq */
+    ssl->handshake->in_flight_start_seq = ssl->handshake->in_msg_seq;
+
+    /* Cancel timer */
+    ssl_set_timer( ssl, 0 );
+
+    if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
+        ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED )
+    {
+        ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED;
+    }
+    else
+        ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_PREPARING;
+}
+
+/*
+ * To be called when the last message of an outgoing flight is send.
+ */
+void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl )
+{
+    ssl_reset_retransmit_timeout( ssl );
+    ssl_set_timer( ssl, ssl->handshake->retransmit_timeout );
+
+    if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
+        ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED )
+    {
+        ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_FINISHED;
+    }
+    else
+        ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING;
+}
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+/*
+ * Record layer functions
+ */
+
+/*
+ * Write current record.
+ * Uses ssl->out_msgtype, ssl->out_msglen and bytes at ssl->out_msg.
+ */
+int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl )
+{
+    int ret, done = 0, out_msg_type;
+    size_t len = ssl->out_msglen;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write record" ) );
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        ssl->handshake != NULL &&
+        ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING )
+    {
+        ; /* Skip special handshake treatment when resending */
+    }
+    else
+#endif
+    if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE )
+    {
+        out_msg_type = ssl->out_msg[0];
+
+        if( out_msg_type != MBEDTLS_SSL_HS_HELLO_REQUEST &&
+            ssl->handshake == NULL )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+        }
+
+        ssl->out_msg[1] = (unsigned char)( ( len - 4 ) >> 16 );
+        ssl->out_msg[2] = (unsigned char)( ( len - 4 ) >>  8 );
+        ssl->out_msg[3] = (unsigned char)( ( len - 4 )       );
+
+        /*
+         * DTLS has additional fields in the Handshake layer,
+         * between the length field and the actual payload:
+         *      uint16 message_seq;
+         *      uint24 fragment_offset;
+         *      uint24 fragment_length;
+         */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+        if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+        {
+            /* Make room for the additional DTLS fields */
+            if( MBEDTLS_SSL_MAX_CONTENT_LEN - ssl->out_msglen < 8 )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS handshake message too large: "
+                              "size %u, maximum %u",
+                               (unsigned) ( ssl->in_hslen - 4 ),
+                               (unsigned) ( MBEDTLS_SSL_MAX_CONTENT_LEN - 12 ) ) );
+                return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+            }
+
+            memmove( ssl->out_msg + 12, ssl->out_msg + 4, len - 4 );
+            ssl->out_msglen += 8;
+            len += 8;
+
+            /* Write message_seq and update it, except for HelloRequest */
+            if( out_msg_type != MBEDTLS_SSL_HS_HELLO_REQUEST )
+            {
+                ssl->out_msg[4] = ( ssl->handshake->out_msg_seq >> 8 ) & 0xFF;
+                ssl->out_msg[5] = ( ssl->handshake->out_msg_seq      ) & 0xFF;
+                ++( ssl->handshake->out_msg_seq );
+            }
+            else
+            {
+                ssl->out_msg[4] = 0;
+                ssl->out_msg[5] = 0;
+            }
+
+            /* We don't fragment, so frag_offset = 0 and frag_len = len */
+            memset( ssl->out_msg + 6, 0x00, 3 );
+            memcpy( ssl->out_msg + 9, ssl->out_msg + 1, 3 );
+        }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+        if( out_msg_type != MBEDTLS_SSL_HS_HELLO_REQUEST )
+            ssl->handshake->update_checksum( ssl, ssl->out_msg, len );
+    }
+
+    /* Save handshake and CCS messages for resending */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        ssl->handshake != NULL &&
+        ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING &&
+        ( ssl->out_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ||
+          ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) )
+    {
+        if( ( ret = ssl_flight_append( ssl ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "ssl_flight_append", ret );
+            return( ret );
+        }
+    }
+#endif
+
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    if( ssl->transform_out != NULL &&
+        ssl->session_out->compression == MBEDTLS_SSL_COMPRESS_DEFLATE )
+    {
+        if( ( ret = ssl_compress_buf( ssl ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "ssl_compress_buf", ret );
+            return( ret );
+        }
+
+        len = ssl->out_msglen;
+    }
+#endif /*MBEDTLS_ZLIB_SUPPORT */
+
+#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+    if( mbedtls_ssl_hw_record_write != NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_write()" ) );
+
+        ret = mbedtls_ssl_hw_record_write( ssl );
+        if( ret != 0 && ret != MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_write", ret );
+            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+        }
+
+        if( ret == 0 )
+            done = 1;
+    }
+#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
+    if( !done )
+    {
+        ssl->out_hdr[0] = (unsigned char) ssl->out_msgtype;
+        mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver,
+                           ssl->conf->transport, ssl->out_hdr + 1 );
+
+        ssl->out_len[0] = (unsigned char)( len >> 8 );
+        ssl->out_len[1] = (unsigned char)( len      );
+
+        if( ssl->transform_out != NULL )
+        {
+            if( ( ret = ssl_encrypt_buf( ssl ) ) != 0 )
+            {
+                MBEDTLS_SSL_DEBUG_RET( 1, "ssl_encrypt_buf", ret );
+                return( ret );
+            }
+
+            len = ssl->out_msglen;
+            ssl->out_len[0] = (unsigned char)( len >> 8 );
+            ssl->out_len[1] = (unsigned char)( len      );
+        }
+
+        ssl->out_left = mbedtls_ssl_hdr_len( ssl ) + ssl->out_msglen;
+
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "output record: msgtype = %d, "
+                            "version = [%d:%d], msglen = %d",
+                       ssl->out_hdr[0], ssl->out_hdr[1], ssl->out_hdr[2],
+                     ( ssl->out_len[0] << 8 ) | ssl->out_len[1] ) );
+
+        MBEDTLS_SSL_DEBUG_BUF( 4, "output record sent to network",
+                       ssl->out_hdr, mbedtls_ssl_hdr_len( ssl ) + ssl->out_msglen );
+    }
+
+    if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flush_output", ret );
+        return( ret );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write record" ) );
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+/*
+ * Mark bits in bitmask (used for DTLS HS reassembly)
+ */
+static void ssl_bitmask_set( unsigned char *mask, size_t offset, size_t len )
+{
+    unsigned int start_bits, end_bits;
+
+    start_bits = 8 - ( offset % 8 );
+    if( start_bits != 8 )
+    {
+        size_t first_byte_idx = offset / 8;
+
+        /* Special case */
+        if( len <= start_bits )
+        {
+            for( ; len != 0; len-- )
+                mask[first_byte_idx] |= 1 << ( start_bits - len );
+
+            /* Avoid potential issues with offset or len becoming invalid */
+            return;
+        }
+
+        offset += start_bits; /* Now offset % 8 == 0 */
+        len -= start_bits;
+
+        for( ; start_bits != 0; start_bits-- )
+            mask[first_byte_idx] |= 1 << ( start_bits - 1 );
+    }
+
+    end_bits = len % 8;
+    if( end_bits != 0 )
+    {
+        size_t last_byte_idx = ( offset + len ) / 8;
+
+        len -= end_bits; /* Now len % 8 == 0 */
+
+        for( ; end_bits != 0; end_bits-- )
+            mask[last_byte_idx] |= 1 << ( 8 - end_bits );
+    }
+
+    memset( mask + offset / 8, 0xFF, len / 8 );
+}
+
+/*
+ * Check that bitmask is full
+ */
+static int ssl_bitmask_check( unsigned char *mask, size_t len )
+{
+    size_t i;
+
+    for( i = 0; i < len / 8; i++ )
+        if( mask[i] != 0xFF )
+            return( -1 );
+
+    for( i = 0; i < len % 8; i++ )
+        if( ( mask[len / 8] & ( 1 << ( 7 - i ) ) ) == 0 )
+            return( -1 );
+
+    return( 0 );
+}
+
+/*
+ * Reassemble fragmented DTLS handshake messages.
+ *
+ * Use a temporary buffer for reassembly, divided in two parts:
+ * - the first holds the reassembled message (including handshake header),
+ * - the second holds a bitmask indicating which parts of the message
+ *   (excluding headers) have been received so far.
+ */
+static int ssl_reassemble_dtls_handshake( mbedtls_ssl_context *ssl )
+{
+    unsigned char *msg, *bitmask;
+    size_t frag_len, frag_off;
+    size_t msg_len = ssl->in_hslen - 12; /* Without headers */
+
+    if( ssl->handshake == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "not supported outside handshake (for now)" ) );
+        return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+    }
+
+    /*
+     * For first fragment, check size and allocate buffer
+     */
+    if( ssl->handshake->hs_msg == NULL )
+    {
+        size_t alloc_len;
+
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "initialize reassembly, total length = %d",
+                            msg_len ) );
+
+        if( ssl->in_hslen > MBEDTLS_SSL_MAX_CONTENT_LEN )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake message too large" ) );
+            return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+        }
+
+        /* The bitmask needs one bit per byte of message excluding header */
+        alloc_len = 12 + msg_len + msg_len / 8 + ( msg_len % 8 != 0 );
+
+        ssl->handshake->hs_msg = mbedtls_calloc( 1, alloc_len );
+        if( ssl->handshake->hs_msg == NULL )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc failed (%d bytes)", alloc_len ) );
+            return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+        }
+
+        /* Prepare final header: copy msg_type, length and message_seq,
+         * then add standardised fragment_offset and fragment_length */
+        memcpy( ssl->handshake->hs_msg, ssl->in_msg, 6 );
+        memset( ssl->handshake->hs_msg + 6, 0, 3 );
+        memcpy( ssl->handshake->hs_msg + 9,
+                ssl->handshake->hs_msg + 1, 3 );
+    }
+    else
+    {
+        /* Make sure msg_type and length are consistent */
+        if( memcmp( ssl->handshake->hs_msg, ssl->in_msg, 4 ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "fragment header mismatch" ) );
+            return( MBEDTLS_ERR_SSL_INVALID_RECORD );
+        }
+    }
+
+    msg = ssl->handshake->hs_msg + 12;
+    bitmask = msg + msg_len;
+
+    /*
+     * Check and copy current fragment
+     */
+    frag_off = ( ssl->in_msg[6]  << 16 ) |
+               ( ssl->in_msg[7]  << 8  ) |
+                 ssl->in_msg[8];
+    frag_len = ( ssl->in_msg[9]  << 16 ) |
+               ( ssl->in_msg[10] << 8  ) |
+                 ssl->in_msg[11];
+
+    if( frag_off + frag_len > msg_len )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid fragment offset/len: %d + %d > %d",
+                          frag_off, frag_len, msg_len ) );
+        return( MBEDTLS_ERR_SSL_INVALID_RECORD );
+    }
+
+    if( frag_len + 12 > ssl->in_msglen )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid fragment length: %d + 12 > %d",
+                          frag_len, ssl->in_msglen ) );
+        return( MBEDTLS_ERR_SSL_INVALID_RECORD );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "adding fragment, offset = %d, length = %d",
+                        frag_off, frag_len ) );
+
+    memcpy( msg + frag_off, ssl->in_msg + 12, frag_len );
+    ssl_bitmask_set( bitmask, frag_off, frag_len );
+
+    /*
+     * Do we have the complete message by now?
+     * If yes, finalize it, else ask to read the next record.
+     */
+    if( ssl_bitmask_check( bitmask, msg_len ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "message is not complete yet" ) );
+        return( MBEDTLS_ERR_SSL_WANT_READ );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "handshake message completed" ) );
+
+    if( frag_len + 12 < ssl->in_msglen )
+    {
+        /*
+         * We'got more handshake messages in the same record.
+         * This case is not handled now because no know implementation does
+         * that and it's hard to test, so we prefer to fail cleanly for now.
+         */
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "last fragment not alone in its record" ) );
+        return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+    }
+
+    if( ssl->in_left > ssl->next_record_offset )
+    {
+        /*
+         * We've got more data in the buffer after the current record,
+         * that we don't want to overwrite. Move it before writing the
+         * reassembled message, and adjust in_left and next_record_offset.
+         */
+        unsigned char *cur_remain = ssl->in_hdr + ssl->next_record_offset;
+        unsigned char *new_remain = ssl->in_msg + ssl->in_hslen;
+        size_t remain_len = ssl->in_left - ssl->next_record_offset;
+
+        /* First compute and check new lengths */
+        ssl->next_record_offset = new_remain - ssl->in_hdr;
+        ssl->in_left = ssl->next_record_offset + remain_len;
+
+        if( ssl->in_left > MBEDTLS_SSL_BUFFER_LEN -
+                           (size_t)( ssl->in_hdr - ssl->in_buf ) )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "reassembled message too large for buffer" ) );
+            return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
+        }
+
+        memmove( new_remain, cur_remain, remain_len );
+    }
+
+    memcpy( ssl->in_msg, ssl->handshake->hs_msg, ssl->in_hslen );
+
+    mbedtls_free( ssl->handshake->hs_msg );
+    ssl->handshake->hs_msg = NULL;
+
+    MBEDTLS_SSL_DEBUG_BUF( 3, "reassembled handshake message",
+                   ssl->in_msg, ssl->in_hslen );
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl )
+{
+    if( ssl->in_msglen < mbedtls_ssl_hs_hdr_len( ssl ) )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake message too short: %d",
+                            ssl->in_msglen ) );
+        return( MBEDTLS_ERR_SSL_INVALID_RECORD );
+    }
+
+    ssl->in_hslen = mbedtls_ssl_hs_hdr_len( ssl ) + (
+                    ( ssl->in_msg[1] << 16 ) |
+                    ( ssl->in_msg[2] << 8  ) |
+                      ssl->in_msg[3] );
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "handshake message: msglen ="
+                        " %d, type = %d, hslen = %d",
+                        ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen ) );
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+    {
+        int ret;
+        unsigned int recv_msg_seq = ( ssl->in_msg[4] << 8 ) | ssl->in_msg[5];
+
+        /* ssl->handshake is NULL when receiving ClientHello for renego */
+        if( ssl->handshake != NULL &&
+            recv_msg_seq != ssl->handshake->in_msg_seq )
+        {
+            /* Retransmit only on last message from previous flight, to avoid
+             * too many retransmissions.
+             * Besides, No sane server ever retransmits HelloVerifyRequest */
+            if( recv_msg_seq == ssl->handshake->in_flight_start_seq - 1 &&
+                ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 2, ( "received message from last flight, "
+                                    "message_seq = %d, start_of_flight = %d",
+                                    recv_msg_seq,
+                                    ssl->handshake->in_flight_start_seq ) );
+
+                if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 )
+                {
+                    MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_resend", ret );
+                    return( ret );
+                }
+            }
+            else
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 2, ( "dropping out-of-sequence message: "
+                                    "message_seq = %d, expected = %d",
+                                    recv_msg_seq,
+                                    ssl->handshake->in_msg_seq ) );
+            }
+
+            return( MBEDTLS_ERR_SSL_WANT_READ );
+        }
+        /* Wait until message completion to increment in_msg_seq */
+
+        /* Reassemble if current message is fragmented or reassembly is
+         * already in progress */
+        if( ssl->in_msglen < ssl->in_hslen ||
+            memcmp( ssl->in_msg + 6, "\0\0\0",        3 ) != 0 ||
+            memcmp( ssl->in_msg + 9, ssl->in_msg + 1, 3 ) != 0 ||
+            ( ssl->handshake != NULL && ssl->handshake->hs_msg != NULL ) )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 2, ( "found fragmented DTLS handshake message" ) );
+
+            if( ( ret = ssl_reassemble_dtls_handshake( ssl ) ) != 0 )
+            {
+                MBEDTLS_SSL_DEBUG_RET( 1, "ssl_reassemble_dtls_handshake", ret );
+                return( ret );
+            }
+        }
+    }
+    else
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+    /* With TLS we don't handle fragmentation (for now) */
+    if( ssl->in_msglen < ssl->in_hslen )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLS handshake fragmentation not supported" ) );
+        return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+    }
+
+    return( 0 );
+}
+
+void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl )
+{
+
+    if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER &&
+        ssl->handshake != NULL )
+    {
+        ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen );
+    }
+
+    /* Handshake message is complete, increment counter */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        ssl->handshake != NULL )
+    {
+        ssl->handshake->in_msg_seq++;
+    }
+#endif
+}
+
+/*
+ * DTLS anti-replay: RFC 6347 4.1.2.6
+ *
+ * in_window is a field of bits numbered from 0 (lsb) to 63 (msb).
+ * Bit n is set iff record number in_window_top - n has been seen.
+ *
+ * Usually, in_window_top is the last record number seen and the lsb of
+ * in_window is set. The only exception is the initial state (record number 0
+ * not seen yet).
+ */
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+static void ssl_dtls_replay_reset( mbedtls_ssl_context *ssl )
+{
+    ssl->in_window_top = 0;
+    ssl->in_window = 0;
+}
+
+static inline uint64_t ssl_load_six_bytes( unsigned char *buf )
+{
+    return( ( (uint64_t) buf[0] << 40 ) |
+            ( (uint64_t) buf[1] << 32 ) |
+            ( (uint64_t) buf[2] << 24 ) |
+            ( (uint64_t) buf[3] << 16 ) |
+            ( (uint64_t) buf[4] <<  8 ) |
+            ( (uint64_t) buf[5]       ) );
+}
+
+/*
+ * Return 0 if sequence number is acceptable, -1 otherwise
+ */
+int mbedtls_ssl_dtls_replay_check( mbedtls_ssl_context *ssl )
+{
+    uint64_t rec_seqnum = ssl_load_six_bytes( ssl->in_ctr + 2 );
+    uint64_t bit;
+
+    if( ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED )
+        return( 0 );
+
+    if( rec_seqnum > ssl->in_window_top )
+        return( 0 );
+
+    bit = ssl->in_window_top - rec_seqnum;
+
+    if( bit >= 64 )
+        return( -1 );
+
+    if( ( ssl->in_window & ( (uint64_t) 1 << bit ) ) != 0 )
+        return( -1 );
+
+    return( 0 );
+}
+
+/*
+ * Update replay window on new validated record
+ */
+void mbedtls_ssl_dtls_replay_update( mbedtls_ssl_context *ssl )
+{
+    uint64_t rec_seqnum = ssl_load_six_bytes( ssl->in_ctr + 2 );
+
+    if( ssl->conf->anti_replay == MBEDTLS_SSL_ANTI_REPLAY_DISABLED )
+        return;
+
+    if( rec_seqnum > ssl->in_window_top )
+    {
+        /* Update window_top and the contents of the window */
+        uint64_t shift = rec_seqnum - ssl->in_window_top;
+
+        if( shift >= 64 )
+            ssl->in_window = 1;
+        else
+        {
+            ssl->in_window <<= shift;
+            ssl->in_window |= 1;
+        }
+
+        ssl->in_window_top = rec_seqnum;
+    }
+    else
+    {
+        /* Mark that number as seen in the current window */
+        uint64_t bit = ssl->in_window_top - rec_seqnum;
+
+        if( bit < 64 ) /* Always true, but be extra sure */
+            ssl->in_window |= (uint64_t) 1 << bit;
+    }
+}
+#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
+
+#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C)
+/* Forward declaration */
+static int ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial );
+
+/*
+ * Without any SSL context, check if a datagram looks like a ClientHello with
+ * a valid cookie, and if it doesn't, generate a HelloVerifyRequest message.
+ * Both input and output include full DTLS headers.
+ *
+ * - if cookie is valid, return 0
+ * - if ClientHello looks superficially valid but cookie is not,
+ *   fill obuf and set olen, then
+ *   return MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED
+ * - otherwise return a specific error code
+ */
+static int ssl_check_dtls_clihlo_cookie(
+                           mbedtls_ssl_cookie_write_t *f_cookie_write,
+                           mbedtls_ssl_cookie_check_t *f_cookie_check,
+                           void *p_cookie,
+                           const unsigned char *cli_id, size_t cli_id_len,
+                           const unsigned char *in, size_t in_len,
+                           unsigned char *obuf, size_t buf_len, size_t *olen )
+{
+    size_t sid_len, cookie_len;
+    unsigned char *p;
+
+    if( f_cookie_write == NULL || f_cookie_check == NULL )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    /*
+     * Structure of ClientHello with record and handshake headers,
+     * and expected values. We don't need to check a lot, more checks will be
+     * done when actually parsing the ClientHello - skipping those checks
+     * avoids code duplication and does not make cookie forging any easier.
+     *
+     *  0-0  ContentType type;                  copied, must be handshake
+     *  1-2  ProtocolVersion version;           copied
+     *  3-4  uint16 epoch;                      copied, must be 0
+     *  5-10 uint48 sequence_number;            copied
+     * 11-12 uint16 length;                     (ignored)
+     *
+     * 13-13 HandshakeType msg_type;            (ignored)
+     * 14-16 uint24 length;                     (ignored)
+     * 17-18 uint16 message_seq;                copied
+     * 19-21 uint24 fragment_offset;            copied, must be 0
+     * 22-24 uint24 fragment_length;            (ignored)
+     *
+     * 25-26 ProtocolVersion client_version;    (ignored)
+     * 27-58 Random random;                     (ignored)
+     * 59-xx SessionID session_id;              1 byte len + sid_len content
+     * 60+   opaque cookie<0..2^8-1>;           1 byte len + content
+     *       ...
+     *
+     * Minimum length is 61 bytes.
+     */
+    if( in_len < 61 ||
+        in[0] != MBEDTLS_SSL_MSG_HANDSHAKE ||
+        in[3] != 0 || in[4] != 0 ||
+        in[19] != 0 || in[20] != 0 || in[21] != 0 )
+    {
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+    }
+
+    sid_len = in[59];
+    if( sid_len > in_len - 61 )
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+
+    cookie_len = in[60 + sid_len];
+    if( cookie_len > in_len - 60 )
+        return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+
+    if( f_cookie_check( p_cookie, in + sid_len + 61, cookie_len,
+                        cli_id, cli_id_len ) == 0 )
+    {
+        /* Valid cookie */
+        return( 0 );
+    }
+
+    /*
+     * If we get here, we've got an invalid cookie, let's prepare HVR.
+     *
+     *  0-0  ContentType type;                  copied
+     *  1-2  ProtocolVersion version;           copied
+     *  3-4  uint16 epoch;                      copied
+     *  5-10 uint48 sequence_number;            copied
+     * 11-12 uint16 length;                     olen - 13
+     *
+     * 13-13 HandshakeType msg_type;            hello_verify_request
+     * 14-16 uint24 length;                     olen - 25
+     * 17-18 uint16 message_seq;                copied
+     * 19-21 uint24 fragment_offset;            copied
+     * 22-24 uint24 fragment_length;            olen - 25
+     *
+     * 25-26 ProtocolVersion server_version;    0xfe 0xff
+     * 27-27 opaque cookie<0..2^8-1>;           cookie_len = olen - 27, cookie
+     *
+     * Minimum length is 28.
+     */
+    if( buf_len < 28 )
+        return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
+
+    /* Copy most fields and adapt others */
+    memcpy( obuf, in, 25 );
+    obuf[13] = MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST;
+    obuf[25] = 0xfe;
+    obuf[26] = 0xff;
+
+    /* Generate and write actual cookie */
+    p = obuf + 28;
+    if( f_cookie_write( p_cookie,
+                        &p, obuf + buf_len, cli_id, cli_id_len ) != 0 )
+    {
+        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+    }
+
+    *olen = p - obuf;
+
+    /* Go back and fill length fields */
+    obuf[27] = (unsigned char)( *olen - 28 );
+
+    obuf[14] = obuf[22] = (unsigned char)( ( *olen - 25 ) >> 16 );
+    obuf[15] = obuf[23] = (unsigned char)( ( *olen - 25 ) >>  8 );
+    obuf[16] = obuf[24] = (unsigned char)( ( *olen - 25 )       );
+
+    obuf[11] = (unsigned char)( ( *olen - 13 ) >>  8 );
+    obuf[12] = (unsigned char)( ( *olen - 13 )       );
+
+    return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED );
+}
+
+/*
+ * Handle possible client reconnect with the same UDP quadruplet
+ * (RFC 6347 Section 4.2.8).
+ *
+ * Called by ssl_parse_record_header() in case we receive an epoch 0 record
+ * that looks like a ClientHello.
+ *
+ * - if the input looks like a ClientHello without cookies,
+ *   send back HelloVerifyRequest, then
+ *   return MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED
+ * - if the input looks like a ClientHello with a valid cookie,
+ *   reset the session of the current context, and
+ *   return MBEDTLS_ERR_SSL_CLIENT_RECONNECT
+ * - if anything goes wrong, return a specific error code
+ *
+ * mbedtls_ssl_read_record() will ignore the record if anything else than
+ * MBEDTLS_ERR_SSL_CLIENT_RECONNECT or 0 is returned, although this function
+ * cannot not return 0.
+ */
+static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl )
+{
+    int ret;
+    size_t len;
+
+    ret = ssl_check_dtls_clihlo_cookie(
+            ssl->conf->f_cookie_write,
+            ssl->conf->f_cookie_check,
+            ssl->conf->p_cookie,
+            ssl->cli_id, ssl->cli_id_len,
+            ssl->in_buf, ssl->in_left,
+            ssl->out_buf, MBEDTLS_SSL_MAX_CONTENT_LEN, &len );
+
+    MBEDTLS_SSL_DEBUG_RET( 2, "ssl_check_dtls_clihlo_cookie", ret );
+
+    if( ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED )
+    {
+        /* Don't check write errors as we can't do anything here.
+         * If the error is permanent we'll catch it later,
+         * if it's not, then hopefully it'll work next time. */
+        (void) ssl->f_send( ssl->p_bio, ssl->out_buf, len );
+
+        return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED );
+    }
+
+    if( ret == 0 )
+    {
+        /* Got a valid cookie, partially reset context */
+        if( ( ret = ssl_session_reset_int( ssl, 1 ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "reset", ret );
+            return( ret );
+        }
+
+        return( MBEDTLS_ERR_SSL_CLIENT_RECONNECT );
+    }
+
+    return( ret );
+}
+#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */
+
+/*
+ * ContentType type;
+ * ProtocolVersion version;
+ * uint16 epoch;            // DTLS only
+ * uint48 sequence_number;  // DTLS only
+ * uint16 length;
+ *
+ * Return 0 if header looks sane (and, for DTLS, the record is expected)
+ * MBEDTLS_ERR_SSL_INVALID_RECORD if the header looks bad,
+ * MBEDTLS_ERR_SSL_UNEXPECTED_RECORD (DTLS only) if sane but unexpected.
+ *
+ * With DTLS, mbedtls_ssl_read_record() will:
+ * 1. proceed with the record if this function returns 0
+ * 2. drop only the current record if this function returns UNEXPECTED_RECORD
+ * 3. return CLIENT_RECONNECT if this function return that value
+ * 4. drop the whole datagram if this function returns anything else.
+ * Point 2 is needed when the peer is resending, and we have already received
+ * the first record from a datagram but are still waiting for the others.
+ */
+static int ssl_parse_record_header( mbedtls_ssl_context *ssl )
+{
+    int major_ver, minor_ver;
+
+    MBEDTLS_SSL_DEBUG_BUF( 4, "input record header", ssl->in_hdr, mbedtls_ssl_hdr_len( ssl ) );
+
+    ssl->in_msgtype =  ssl->in_hdr[0];
+    ssl->in_msglen = ( ssl->in_len[0] << 8 ) | ssl->in_len[1];
+    mbedtls_ssl_read_version( &major_ver, &minor_ver, ssl->conf->transport, ssl->in_hdr + 1 );
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "input record: msgtype = %d, "
+                        "version = [%d:%d], msglen = %d",
+                        ssl->in_msgtype,
+                        major_ver, minor_ver, ssl->in_msglen ) );
+
+    /* Check record type */
+    if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE &&
+        ssl->in_msgtype != MBEDTLS_SSL_MSG_ALERT &&
+        ssl->in_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC &&
+        ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "unknown record type" ) );
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+        /* Silently ignore invalid DTLS records as recommended by RFC 6347
+         * Section 4.1.2.7 */
+        if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                    MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
+
+        return( MBEDTLS_ERR_SSL_INVALID_RECORD );
+    }
+
+    /* Check version */
+    if( major_ver != ssl->major_ver )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "major version mismatch" ) );
+        return( MBEDTLS_ERR_SSL_INVALID_RECORD );
+    }
+
+    if( minor_ver > ssl->conf->max_minor_ver )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "minor version mismatch" ) );
+        return( MBEDTLS_ERR_SSL_INVALID_RECORD );
+    }
+
+    /* Check length against the size of our buffer */
+    if( ssl->in_msglen > MBEDTLS_SSL_BUFFER_LEN
+                         - (size_t)( ssl->in_msg - ssl->in_buf ) )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) );
+        return( MBEDTLS_ERR_SSL_INVALID_RECORD );
+    }
+
+    /* Check length against bounds of the current transform and version */
+    if( ssl->transform_in == NULL )
+    {
+        if( ssl->in_msglen < 1 ||
+            ssl->in_msglen > MBEDTLS_SSL_MAX_CONTENT_LEN )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) );
+            return( MBEDTLS_ERR_SSL_INVALID_RECORD );
+        }
+    }
+    else
+    {
+        if( ssl->in_msglen < ssl->transform_in->minlen )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) );
+            return( MBEDTLS_ERR_SSL_INVALID_RECORD );
+        }
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+        if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 &&
+            ssl->in_msglen > ssl->transform_in->minlen + MBEDTLS_SSL_MAX_CONTENT_LEN )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) );
+            return( MBEDTLS_ERR_SSL_INVALID_RECORD );
+        }
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2)
+        /*
+         * TLS encrypted messages can have up to 256 bytes of padding
+         */
+        if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 &&
+            ssl->in_msglen > ssl->transform_in->minlen +
+                             MBEDTLS_SSL_MAX_CONTENT_LEN + 256 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) );
+            return( MBEDTLS_ERR_SSL_INVALID_RECORD );
+        }
+#endif
+    }
+
+    /*
+     * DTLS-related tests done last, because most of them may result in
+     * silently dropping the record (but not the whole datagram), and we only
+     * want to consider that after ensuring that the "basic" fields (type,
+     * version, length) are sane.
+     */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+    {
+        unsigned int rec_epoch = ( ssl->in_ctr[0] << 8 ) | ssl->in_ctr[1];
+
+        /* Drop unexpected ChangeCipherSpec messages */
+        if( ssl->in_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC &&
+            ssl->state != MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC &&
+            ssl->state != MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "dropping unexpected ChangeCipherSpec" ) );
+            return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD );
+        }
+
+        /* Drop unexpected ApplicationData records,
+         * except at the beginning of renegotiations */
+        if( ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA &&
+            ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+            && ! ( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS &&
+                   ssl->state == MBEDTLS_SSL_SERVER_HELLO )
+#endif
+            )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "dropping unexpected ApplicationData" ) );
+            return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD );
+        }
+
+        /* Check epoch (and sequence number) with DTLS */
+        if( rec_epoch != ssl->in_epoch )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "record from another epoch: "
+                                        "expected %d, received %d",
+                                        ssl->in_epoch, rec_epoch ) );
+
+#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C)
+            /*
+             * Check for an epoch 0 ClientHello. We can't use in_msg here to
+             * access the first byte of record content (handshake type), as we
+             * have an active transform (possibly iv_len != 0), so use the
+             * fact that the record header len is 13 instead.
+             */
+            if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
+                ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER &&
+                rec_epoch == 0 &&
+                ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
+                ssl->in_left > 13 &&
+                ssl->in_buf[13] == MBEDTLS_SSL_HS_CLIENT_HELLO )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "possible client reconnect "
+                                            "from the same port" ) );
+                return( ssl_handle_possible_reconnect( ssl ) );
+            }
+            else
+#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */
+                return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD );
+        }
+
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+        /* Replay detection only works for the current epoch */
+        if( rec_epoch == ssl->in_epoch &&
+            mbedtls_ssl_dtls_replay_check( ssl ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "replayed record" ) );
+            return( MBEDTLS_ERR_SSL_UNEXPECTED_RECORD );
+        }
+#endif
+    }
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+
+    return( 0 );
+}
+
+/*
+ * If applicable, decrypt (and decompress) record content
+ */
+static int ssl_prepare_record_content( mbedtls_ssl_context *ssl )
+{
+    int ret, done = 0;
+
+    MBEDTLS_SSL_DEBUG_BUF( 4, "input record from network",
+                   ssl->in_hdr, mbedtls_ssl_hdr_len( ssl ) + ssl->in_msglen );
+
+#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+    if( mbedtls_ssl_hw_record_read != NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_read()" ) );
+
+        ret = mbedtls_ssl_hw_record_read( ssl );
+        if( ret != 0 && ret != MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_read", ret );
+            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+        }
+
+        if( ret == 0 )
+            done = 1;
+    }
+#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
+    if( !done && ssl->transform_in != NULL )
+    {
+        if( ( ret = ssl_decrypt_buf( ssl ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "ssl_decrypt_buf", ret );
+            return( ret );
+        }
+
+        MBEDTLS_SSL_DEBUG_BUF( 4, "input payload after decrypt",
+                       ssl->in_msg, ssl->in_msglen );
+
+        if( ssl->in_msglen > MBEDTLS_SSL_MAX_CONTENT_LEN )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) );
+            return( MBEDTLS_ERR_SSL_INVALID_RECORD );
+        }
+    }
+
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    if( ssl->transform_in != NULL &&
+        ssl->session_in->compression == MBEDTLS_SSL_COMPRESS_DEFLATE )
+    {
+        if( ( ret = ssl_decompress_buf( ssl ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "ssl_decompress_buf", ret );
+            return( ret );
+        }
+    }
+#endif /* MBEDTLS_ZLIB_SUPPORT */
+
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+    {
+        mbedtls_ssl_dtls_replay_update( ssl );
+    }
+#endif
+
+    return( 0 );
+}
+
+static void ssl_handshake_wrapup_free_hs_transform( mbedtls_ssl_context *ssl );
+
+/*
+ * Read a record.
+ *
+ * Silently ignore non-fatal alert (and for DTLS, invalid records as well,
+ * RFC 6347 4.1.2.7) and continue reading until a valid record is found.
+ *
+ */
+int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl )
+{
+    int ret;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> read record" ) );
+
+    if( ssl->keep_current_message == 0 )
+    {
+        do {
+
+            if( ( ret = mbedtls_ssl_read_record_layer( ssl ) ) != 0 )
+            {
+                MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_read_record_layer" ), ret );
+                return( ret );
+            }
+
+            ret = mbedtls_ssl_handle_message_type( ssl );
+
+        } while( MBEDTLS_ERR_SSL_NON_FATAL == ret );
+
+        if( 0 != ret )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_read_record_layer" ), ret );
+            return( ret );
+        }
+
+        if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE )
+        {
+            mbedtls_ssl_update_handshake_status( ssl );
+        }
+    }
+    else
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= reuse previously read message" ) );
+        ssl->keep_current_message = 0;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= read record" ) );
+
+    return( 0 );
+}
+
+int mbedtls_ssl_read_record_layer( mbedtls_ssl_context *ssl )
+{
+    int ret;
+
+    /*
+     * Step A
+     *
+     * Consume last content-layer message and potentially
+     * update in_msglen which keeps track of the contents'
+     * consumption state.
+     *
+     * (1) Handshake messages:
+     *     Remove last handshake message, move content
+     *     and adapt in_msglen.
+     *
+     * (2) Alert messages:
+     *     Consume whole record content, in_msglen = 0.
+     *
+     *     NOTE: This needs to be fixed, since like for
+     *     handshake messages it is allowed to have
+     *     multiple alerts witin a single record.
+     *     Internal reference IOTSSL-1321.
+     *
+     * (3) Change cipher spec:
+     *     Consume whole record content, in_msglen = 0.
+     *
+     * (4) Application data:
+     *     Don't do anything - the record layer provides
+     *     the application data as a stream transport
+     *     and consumes through mbedtls_ssl_read only.
+     *
+     */
+
+    /* Case (1): Handshake messages */
+    if( ssl->in_hslen != 0 )
+    {
+        /* Hard assertion to be sure that no application data
+         * is in flight, as corrupting ssl->in_msglen during
+         * ssl->in_offt != NULL is fatal. */
+        if( ssl->in_offt != NULL )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+        }
+
+        /*
+         * Get next Handshake message in the current record
+         */
+
+        /* Notes:
+         * (1) in_hslen is *NOT* necessarily the size of the
+         *     current handshake content: If DTLS handshake
+         *     fragmentation is used, that's the fragment
+         *     size instead. Using the total handshake message
+         *     size here is FAULTY and should be changed at
+         *     some point. Internal reference IOTSSL-1414.
+         * (2) While it doesn't seem to cause problems, one
+         *     has to be very careful not to assume that in_hslen
+         *     is always <= in_msglen in a sensible communication.
+         *     Again, it's wrong for DTLS handshake fragmentation.
+         *     The following check is therefore mandatory, and
+         *     should not be treated as a silently corrected assertion.
+         *     Additionally, ssl->in_hslen might be arbitrarily out of
+         *     bounds after handling a DTLS message with an unexpected
+         *     sequence number, see mbedtls_ssl_prepare_handshake_record.
+         */
+        if( ssl->in_hslen < ssl->in_msglen )
+        {
+            ssl->in_msglen -= ssl->in_hslen;
+            memmove( ssl->in_msg, ssl->in_msg + ssl->in_hslen,
+                     ssl->in_msglen );
+
+            MBEDTLS_SSL_DEBUG_BUF( 4, "remaining content in record",
+                                   ssl->in_msg, ssl->in_msglen );
+        }
+        else
+        {
+            ssl->in_msglen = 0;
+        }
+
+        ssl->in_hslen   = 0;
+    }
+    /* Case (4): Application data */
+    else if( ssl->in_offt != NULL )
+    {
+        return( 0 );
+    }
+    /* Everything else (CCS & Alerts) */
+    else
+    {
+        ssl->in_msglen = 0;
+    }
+
+    /*
+     * Step B
+     *
+     * Fetch and decode new record if current one is fully consumed.
+     *
+     */
+
+    if( ssl->in_msglen > 0 )
+    {
+        /* There's something left to be processed in the current record. */
+        return( 0 );
+    }
+
+    /* Need to fetch a new record */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+read_record_header:
+#endif
+
+    /* Current record either fully processed or to be discarded. */
+
+    if( ( ret = mbedtls_ssl_fetch_input( ssl, mbedtls_ssl_hdr_len( ssl ) ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret );
+        return( ret );
+    }
+
+    if( ( ret = ssl_parse_record_header( ssl ) ) != 0 )
+    {
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+        if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+            ret != MBEDTLS_ERR_SSL_CLIENT_RECONNECT )
+        {
+            if( ret == MBEDTLS_ERR_SSL_UNEXPECTED_RECORD )
+            {
+                /* Skip unexpected record (but not whole datagram) */
+                ssl->next_record_offset = ssl->in_msglen
+                                        + mbedtls_ssl_hdr_len( ssl );
+
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "discarding unexpected record "
+                                            "(header)" ) );
+            }
+            else
+            {
+                /* Skip invalid record and the rest of the datagram */
+                ssl->next_record_offset = 0;
+                ssl->in_left = 0;
+
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "discarding invalid record "
+                                            "(header)" ) );
+            }
+
+            /* Get next record */
+            goto read_record_header;
+        }
+#endif
+        return( ret );
+    }
+
+    /*
+     * Read and optionally decrypt the message contents
+     */
+    if( ( ret = mbedtls_ssl_fetch_input( ssl,
+                                 mbedtls_ssl_hdr_len( ssl ) + ssl->in_msglen ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret );
+        return( ret );
+    }
+
+    /* Done reading this record, get ready for the next one */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+        ssl->next_record_offset = ssl->in_msglen + mbedtls_ssl_hdr_len( ssl );
+    else
+#endif
+        ssl->in_left = 0;
+
+    if( ( ret = ssl_prepare_record_content( ssl ) ) != 0 )
+    {
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+        if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+        {
+            /* Silently discard invalid records */
+            if( ret == MBEDTLS_ERR_SSL_INVALID_RECORD ||
+                ret == MBEDTLS_ERR_SSL_INVALID_MAC )
+            {
+                /* Except when waiting for Finished as a bad mac here
+                 * probably means something went wrong in the handshake
+                 * (eg wrong psk used, mitm downgrade attempt, etc.) */
+                if( ssl->state == MBEDTLS_SSL_CLIENT_FINISHED ||
+                    ssl->state == MBEDTLS_SSL_SERVER_FINISHED )
+                {
+#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES)
+                    if( ret == MBEDTLS_ERR_SSL_INVALID_MAC )
+                    {
+                        mbedtls_ssl_send_alert_message( ssl,
+                                MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC );
+                    }
+#endif
+                    return( ret );
+                }
+
+#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
+                if( ssl->conf->badmac_limit != 0 &&
+                    ++ssl->badmac_seen >= ssl->conf->badmac_limit )
+                {
+                    MBEDTLS_SSL_DEBUG_MSG( 1, ( "too many records with bad MAC" ) );
+                    return( MBEDTLS_ERR_SSL_INVALID_MAC );
+                }
+#endif
+
+                /* As above, invalid records cause
+                 * dismissal of the whole datagram. */
+
+                ssl->next_record_offset = 0;
+                ssl->in_left = 0;
+
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "discarding invalid record (mac)" ) );
+                goto read_record_header;
+            }
+
+            return( ret );
+        }
+        else
+#endif
+        {
+            /* Error out (and send alert) on invalid records */
+#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES)
+            if( ret == MBEDTLS_ERR_SSL_INVALID_MAC )
+            {
+                mbedtls_ssl_send_alert_message( ssl,
+                        MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                        MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC );
+            }
+#endif
+            return( ret );
+        }
+    }
+
+    /*
+     * When we sent the last flight of the handshake, we MUST respond to a
+     * retransmit of the peer's previous flight with a retransmit. (In
+     * practice, only the Finished message will make it, other messages
+     * including CCS use the old transform so they're dropped as invalid.)
+     *
+     * If the record we received is not a handshake message, however, it
+     * means the peer received our last flight so we can clean up
+     * handshake info.
+     *
+     * This check needs to be done before prepare_handshake() due to an edge
+     * case: if the client immediately requests renegotiation, this
+     * finishes the current handshake first, avoiding the new ClientHello
+     * being mistaken for an ancient message in the current handshake.
+     */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        ssl->handshake != NULL &&
+        ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER )
+    {
+        if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
+                ssl->in_msg[0] == MBEDTLS_SSL_HS_FINISHED )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 2, ( "received retransmit of last flight" ) );
+
+            if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 )
+            {
+                MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_resend", ret );
+                return( ret );
+            }
+
+            return( MBEDTLS_ERR_SSL_WANT_READ );
+        }
+        else
+        {
+            ssl_handshake_wrapup_free_hs_transform( ssl );
+        }
+    }
+#endif
+
+    return( 0 );
+}
+
+int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl )
+{
+    int ret;
+
+    /*
+     * Handle particular types of records
+     */
+    if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE )
+    {
+        if( ( ret = mbedtls_ssl_prepare_handshake_record( ssl ) ) != 0 )
+        {
+            return( ret );
+        }
+    }
+
+    if( ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "got an alert message, type: [%d:%d]",
+                       ssl->in_msg[0], ssl->in_msg[1] ) );
+
+        /*
+         * Ignore non-fatal alerts, except close_notify and no_renegotiation
+         */
+        if( ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_FATAL )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "is a fatal alert message (msg %d)",
+                           ssl->in_msg[1] ) );
+            return( MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE );
+        }
+
+        if( ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING &&
+            ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 2, ( "is a close notify message" ) );
+            return( MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY );
+        }
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION_ENABLED)
+        if( ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING &&
+            ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 2, ( "is a SSLv3 no_cert" ) );
+            /* Will be handled when trying to parse ServerHello */
+            return( 0 );
+        }
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) && defined(MBEDTLS_SSL_SRV_C)
+        if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 &&
+            ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
+            ssl->in_msg[0] == MBEDTLS_SSL_ALERT_LEVEL_WARNING &&
+            ssl->in_msg[1] == MBEDTLS_SSL_ALERT_MSG_NO_CERT )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 2, ( "is a SSLv3 no_cert" ) );
+            /* Will be handled in mbedtls_ssl_parse_certificate() */
+            return( 0 );
+        }
+#endif /* MBEDTLS_SSL_PROTO_SSL3 && MBEDTLS_SSL_SRV_C */
+
+        /* Silently ignore: fetch new message */
+        return MBEDTLS_ERR_SSL_NON_FATAL;
+    }
+
+    return( 0 );
+}
+
+int mbedtls_ssl_send_fatal_handshake_failure( mbedtls_ssl_context *ssl )
+{
+    int ret;
+
+    if( ( ret = mbedtls_ssl_send_alert_message( ssl,
+                    MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                    MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    return( 0 );
+}
+
+int mbedtls_ssl_send_alert_message( mbedtls_ssl_context *ssl,
+                            unsigned char level,
+                            unsigned char message )
+{
+    int ret;
+
+    if( ssl == NULL || ssl->conf == NULL )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> send alert message" ) );
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "send alert level=%u message=%u", level, message ));
+
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_ALERT;
+    ssl->out_msglen = 2;
+    ssl->out_msg[0] = level;
+    ssl->out_msg[1] = message;
+
+    if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+        return( ret );
+    }
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= send alert message" ) );
+
+    return( 0 );
+}
+
+/*
+ * Handshake functions
+ */
+#if !defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)         && \
+    !defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)     && \
+    !defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)     && \
+    !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)   && \
+    !defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \
+    !defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)    && \
+    !defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
+/* No certificate support -> dummy functions */
+int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl )
+{
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate" ) );
+
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) );
+        ssl->state++;
+        return( 0 );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+    return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+}
+
+int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
+{
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) );
+
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
+        ssl->state++;
+        return( 0 );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+    return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+}
+
+#else
+/* Some certificate support -> implement write and parse */
+
+int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl )
+{
+    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+    size_t i, n;
+    const mbedtls_x509_crt *crt;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate" ) );
+
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) );
+        ssl->state++;
+        return( 0 );
+    }
+
+#if defined(MBEDTLS_SSL_CLI_C)
+    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
+    {
+        if( ssl->client_auth == 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) );
+            ssl->state++;
+            return( 0 );
+        }
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+        /*
+         * If using SSLv3 and got no cert, send an Alert message
+         * (otherwise an empty Certificate message will be sent).
+         */
+        if( mbedtls_ssl_own_cert( ssl )  == NULL &&
+            ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
+        {
+            ssl->out_msglen  = 2;
+            ssl->out_msgtype = MBEDTLS_SSL_MSG_ALERT;
+            ssl->out_msg[0]  = MBEDTLS_SSL_ALERT_LEVEL_WARNING;
+            ssl->out_msg[1]  = MBEDTLS_SSL_ALERT_MSG_NO_CERT;
+
+            MBEDTLS_SSL_DEBUG_MSG( 2, ( "got no certificate to send" ) );
+            goto write_msg;
+        }
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+    }
+#endif /* MBEDTLS_SSL_CLI_C */
+#if defined(MBEDTLS_SSL_SRV_C)
+    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
+    {
+        if( mbedtls_ssl_own_cert( ssl ) == NULL )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no certificate to send" ) );
+            return( MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED );
+        }
+    }
+#endif
+
+    MBEDTLS_SSL_DEBUG_CRT( 3, "own certificate", mbedtls_ssl_own_cert( ssl ) );
+
+    /*
+     *     0  .  0    handshake type
+     *     1  .  3    handshake length
+     *     4  .  6    length of all certs
+     *     7  .  9    length of cert. 1
+     *    10  . n-1   peer certificate
+     *     n  . n+2   length of cert. 2
+     *    n+3 . ...   upper level cert, etc.
+     */
+    i = 7;
+    crt = mbedtls_ssl_own_cert( ssl );
+
+    while( crt != NULL )
+    {
+        n = crt->raw.len;
+        if( n > MBEDTLS_SSL_MAX_CONTENT_LEN - 3 - i )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "certificate too large, %d > %d",
+                           i + 3 + n, MBEDTLS_SSL_MAX_CONTENT_LEN ) );
+            return( MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE );
+        }
+
+        ssl->out_msg[i    ] = (unsigned char)( n >> 16 );
+        ssl->out_msg[i + 1] = (unsigned char)( n >>  8 );
+        ssl->out_msg[i + 2] = (unsigned char)( n       );
+
+        i += 3; memcpy( ssl->out_msg + i, crt->raw.p, n );
+        i += n; crt = crt->next;
+    }
+
+    ssl->out_msg[4]  = (unsigned char)( ( i - 7 ) >> 16 );
+    ssl->out_msg[5]  = (unsigned char)( ( i - 7 ) >>  8 );
+    ssl->out_msg[6]  = (unsigned char)( ( i - 7 )       );
+
+    ssl->out_msglen  = i;
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_CERTIFICATE;
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) && defined(MBEDTLS_SSL_CLI_C)
+write_msg:
+#endif
+
+    ssl->state++;
+
+    if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+        return( ret );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate" ) );
+
+    return( ret );
+}
+
+int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
+{
+    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+    size_t i, n;
+    const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
+    int authmode = ssl->conf->authmode;
+    uint8_t alert;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) );
+
+    if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
+        ssl->state++;
+        return( 0 );
+    }
+
+#if defined(MBEDTLS_SSL_SRV_C)
+    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
+        ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
+        ssl->state++;
+        return( 0 );
+    }
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    if( ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET )
+        authmode = ssl->handshake->sni_authmode;
+#endif
+
+    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
+        authmode == MBEDTLS_SSL_VERIFY_NONE )
+    {
+        ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_SKIP_VERIFY;
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
+        ssl->state++;
+        return( 0 );
+    }
+#endif
+
+    if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
+    {
+        /* mbedtls_ssl_read_record may have sent an alert already. We
+           let it decide whether to alert. */
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
+        return( ret );
+    }
+
+    ssl->state++;
+
+#if defined(MBEDTLS_SSL_SRV_C)
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+    /*
+     * Check if the client sent an empty certificate
+     */
+    if( ssl->conf->endpoint  == MBEDTLS_SSL_IS_SERVER &&
+        ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
+    {
+        if( ssl->in_msglen  == 2                        &&
+            ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT            &&
+            ssl->in_msg[0]  == MBEDTLS_SSL_ALERT_LEVEL_WARNING  &&
+            ssl->in_msg[1]  == MBEDTLS_SSL_ALERT_MSG_NO_CERT )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "SSLv3 client has no certificate" ) );
+
+            /* The client was asked for a certificate but didn't send
+               one. The client should know what's going on, so we
+               don't send an alert. */
+            ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_MISSING;
+            if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL )
+                return( 0 );
+            else
+                return( MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE );
+        }
+    }
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    if( ssl->conf->endpoint  == MBEDTLS_SSL_IS_SERVER &&
+        ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_0 )
+    {
+        if( ssl->in_hslen   == 3 + mbedtls_ssl_hs_hdr_len( ssl ) &&
+            ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE    &&
+            ssl->in_msg[0]  == MBEDTLS_SSL_HS_CERTIFICATE   &&
+            memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), "\0\0\0", 3 ) == 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLSv1 client has no certificate" ) );
+
+            /* The client was asked for a certificate but didn't send
+               one. The client should know what's going on, so we
+               don't send an alert. */
+            ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_MISSING;
+            if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL )
+                return( 0 );
+            else
+                return( MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE );
+        }
+    }
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
+          MBEDTLS_SSL_PROTO_TLS1_2 */
+#endif /* MBEDTLS_SSL_SRV_C */
+
+    if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
+        return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
+    }
+
+    if( ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE ||
+        ssl->in_hslen < mbedtls_ssl_hs_hdr_len( ssl ) + 3 + 3 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE );
+    }
+
+    i = mbedtls_ssl_hs_hdr_len( ssl );
+
+    /*
+     * Same message structure as in mbedtls_ssl_write_certificate()
+     */
+    n = ( ssl->in_msg[i+1] << 8 ) | ssl->in_msg[i+2];
+
+    if( ssl->in_msg[i] != 0 ||
+        ssl->in_hslen != n + 3 + mbedtls_ssl_hs_hdr_len( ssl ) )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE );
+    }
+
+    /* In case we tried to reuse a session but it failed */
+    if( ssl->session_negotiate->peer_cert != NULL )
+    {
+        mbedtls_x509_crt_free( ssl->session_negotiate->peer_cert );
+        mbedtls_free( ssl->session_negotiate->peer_cert );
+    }
+
+    if( ( ssl->session_negotiate->peer_cert = mbedtls_calloc( 1,
+                    sizeof( mbedtls_x509_crt ) ) ) == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed",
+                       sizeof( mbedtls_x509_crt ) ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
+        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+    }
+
+    mbedtls_x509_crt_init( ssl->session_negotiate->peer_cert );
+
+    i += 3;
+
+    while( i < ssl->in_hslen )
+    {
+        if( ssl->in_msg[i] != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE );
+        }
+
+        n = ( (unsigned int) ssl->in_msg[i + 1] << 8 )
+            | (unsigned int) ssl->in_msg[i + 2];
+        i += 3;
+
+        if( n < 128 || i + n > ssl->in_hslen )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE );
+        }
+
+        ret = mbedtls_x509_crt_parse_der( ssl->session_negotiate->peer_cert,
+                                  ssl->in_msg + i, n );
+        switch( ret )
+        {
+        case 0: /*ok*/
+        case MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + MBEDTLS_ERR_OID_NOT_FOUND:
+            /* Ignore certificate with an unknown algorithm: maybe a
+               prior certificate was already trusted. */
+            break;
+
+        case MBEDTLS_ERR_X509_ALLOC_FAILED:
+            alert = MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR;
+            goto crt_parse_der_failed;
+
+        case MBEDTLS_ERR_X509_UNKNOWN_VERSION:
+            alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT;
+            goto crt_parse_der_failed;
+
+        default:
+            alert = MBEDTLS_SSL_ALERT_MSG_BAD_CERT;
+        crt_parse_der_failed:
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, alert );
+            MBEDTLS_SSL_DEBUG_RET( 1, " mbedtls_x509_crt_parse_der", ret );
+            return( ret );
+        }
+
+        i += n;
+    }
+
+    MBEDTLS_SSL_DEBUG_CRT( 3, "peer certificate", ssl->session_negotiate->peer_cert );
+
+    /*
+     * On client, make sure the server cert doesn't change during renego to
+     * avoid "triple handshake" attack: https://secure-resumption.com/
+     */
+#if defined(MBEDTLS_SSL_RENEGOTIATION) && defined(MBEDTLS_SSL_CLI_C)
+    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT &&
+        ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
+    {
+        if( ssl->session->peer_cert == NULL )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "new server cert during renegotiation" ) );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE );
+        }
+
+        if( ssl->session->peer_cert->raw.len !=
+            ssl->session_negotiate->peer_cert->raw.len ||
+            memcmp( ssl->session->peer_cert->raw.p,
+                    ssl->session_negotiate->peer_cert->raw.p,
+                    ssl->session->peer_cert->raw.len ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "server cert changed during renegotiation" ) );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED );
+            return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE );
+        }
+    }
+#endif /* MBEDTLS_SSL_RENEGOTIATION && MBEDTLS_SSL_CLI_C */
+
+    if( authmode != MBEDTLS_SSL_VERIFY_NONE )
+    {
+        mbedtls_x509_crt *ca_chain;
+        mbedtls_x509_crl *ca_crl;
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+        if( ssl->handshake->sni_ca_chain != NULL )
+        {
+            ca_chain = ssl->handshake->sni_ca_chain;
+            ca_crl   = ssl->handshake->sni_ca_crl;
+        }
+        else
+#endif
+        {
+            ca_chain = ssl->conf->ca_chain;
+            ca_crl   = ssl->conf->ca_crl;
+        }
+
+        /*
+         * Main check: verify certificate
+         */
+        ret = mbedtls_x509_crt_verify_with_profile(
+                                ssl->session_negotiate->peer_cert,
+                                ca_chain, ca_crl,
+                                ssl->conf->cert_profile,
+                                ssl->hostname,
+                               &ssl->session_negotiate->verify_result,
+                                ssl->conf->f_vrfy, ssl->conf->p_vrfy );
+
+        if( ret != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "x509_verify_cert", ret );
+        }
+
+        /*
+         * Secondary checks: always done, but change 'ret' only if it was 0
+         */
+
+#if defined(MBEDTLS_ECP_C)
+        {
+            const mbedtls_pk_context *pk = &ssl->session_negotiate->peer_cert->pk;
+
+            /* If certificate uses an EC key, make sure the curve is OK */
+            if( mbedtls_pk_can_do( pk, MBEDTLS_PK_ECKEY ) &&
+                mbedtls_ssl_check_curve( ssl, mbedtls_pk_ec( *pk )->grp.id ) != 0 )
+            {
+                ssl->session_negotiate->verify_result |= MBEDTLS_X509_BADCERT_BAD_KEY;
+
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate (EC key curve)" ) );
+                if( ret == 0 )
+                    ret = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE;
+            }
+        }
+#endif /* MBEDTLS_ECP_C */
+
+        if( mbedtls_ssl_check_cert_usage( ssl->session_negotiate->peer_cert,
+                                 ciphersuite_info,
+                                 ! ssl->conf->endpoint,
+                                 &ssl->session_negotiate->verify_result ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate (usage extensions)" ) );
+            if( ret == 0 )
+                ret = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE;
+        }
+
+        /* mbedtls_x509_crt_verify_with_profile is supposed to report a
+         * verification failure through MBEDTLS_ERR_X509_CERT_VERIFY_FAILED,
+         * with details encoded in the verification flags. All other kinds
+         * of error codes, including those from the user provided f_vrfy
+         * functions, are treated as fatal and lead to a failure of
+         * ssl_parse_certificate even if verification was optional. */
+        if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL &&
+            ( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED ||
+              ret == MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ) )
+        {
+            ret = 0;
+        }
+
+        if( ca_chain == NULL && authmode == MBEDTLS_SSL_VERIFY_REQUIRED )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no CA chain" ) );
+            ret = MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED;
+        }
+
+        if( ret != 0 )
+        {
+            /* The certificate may have been rejected for several reasons.
+               Pick one and send the corresponding alert. Which alert to send
+               may be a subject of debate in some cases. */
+            if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_OTHER )
+                alert = MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED;
+            else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_CN_MISMATCH )
+                alert = MBEDTLS_SSL_ALERT_MSG_BAD_CERT;
+            else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_KEY_USAGE )
+                alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT;
+            else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXT_KEY_USAGE )
+                alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT;
+            else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_NS_CERT_TYPE )
+                alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT;
+            else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_PK )
+                alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT;
+            else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_BAD_KEY )
+                alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT;
+            else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_EXPIRED )
+                alert = MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED;
+            else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_REVOKED )
+                alert = MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED;
+            else if( ssl->session_negotiate->verify_result & MBEDTLS_X509_BADCERT_NOT_TRUSTED )
+                alert = MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA;
+            else
+                alert = MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN;
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            alert );
+        }
+
+#if defined(MBEDTLS_DEBUG_C)
+        if( ssl->session_negotiate->verify_result != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "! Certificate verification flags %x",
+                                        ssl->session_negotiate->verify_result ) );
+        }
+        else
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 3, ( "Certificate verification flags clear" ) );
+        }
+#endif /* MBEDTLS_DEBUG_C */
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate" ) );
+
+    return( ret );
+}
+#endif /* !MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+          !MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
+          !MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
+          !MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+          !MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+          !MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
+          !MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
+
+int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl )
+{
+    int ret;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write change cipher spec" ) );
+
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC;
+    ssl->out_msglen  = 1;
+    ssl->out_msg[0]  = 1;
+
+    ssl->state++;
+
+    if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+        return( ret );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write change cipher spec" ) );
+
+    return( 0 );
+}
+
+int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl )
+{
+    int ret;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse change cipher spec" ) );
+
+    if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
+        return( ret );
+    }
+
+    if( ssl->in_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad change cipher spec message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
+        return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
+    }
+
+    if( ssl->in_msglen != 1 || ssl->in_msg[0] != 1 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad change cipher spec message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC );
+    }
+
+    /*
+     * Switch to our negotiated transform and session parameters for inbound
+     * data.
+     */
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "switching to new transform spec for inbound data" ) );
+    ssl->transform_in = ssl->transform_negotiate;
+    ssl->session_in = ssl->session_negotiate;
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+    {
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+        ssl_dtls_replay_reset( ssl );
+#endif
+
+        /* Increment epoch */
+        if( ++ssl->in_epoch == 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS epoch would wrap" ) );
+            /* This is highly unlikely to happen for legitimate reasons, so
+               treat it as an attack and don't send an alert. */
+            return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING );
+        }
+    }
+    else
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+    memset( ssl->in_ctr, 0, 8 );
+
+    /*
+     * Set the in_msg pointer to the correct location based on IV length
+     */
+    if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 )
+    {
+        ssl->in_msg = ssl->in_iv + ssl->transform_negotiate->ivlen -
+                      ssl->transform_negotiate->fixed_ivlen;
+    }
+    else
+        ssl->in_msg = ssl->in_iv;
+
+#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+    if( mbedtls_ssl_hw_record_activate != NULL )
+    {
+        if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_INBOUND ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret );
+            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                            MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
+            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+        }
+    }
+#endif
+
+    ssl->state++;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse change cipher spec" ) );
+
+    return( 0 );
+}
+
+void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl,
+                            const mbedtls_ssl_ciphersuite_t *ciphersuite_info )
+{
+    ((void) ciphersuite_info);
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+    if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 )
+        ssl->handshake->update_checksum = ssl_update_checksum_md5sha1;
+    else
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA512_C)
+    if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
+        ssl->handshake->update_checksum = ssl_update_checksum_sha384;
+    else
+#endif
+#if defined(MBEDTLS_SHA256_C)
+    if( ciphersuite_info->mac != MBEDTLS_MD_SHA384 )
+        ssl->handshake->update_checksum = ssl_update_checksum_sha256;
+    else
+#endif
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+        return;
+    }
+}
+
+void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl )
+{
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+     mbedtls_md5_starts_ret( &ssl->handshake->fin_md5  );
+    mbedtls_sha1_starts_ret( &ssl->handshake->fin_sha1 );
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA256_C)
+    mbedtls_sha256_starts_ret( &ssl->handshake->fin_sha256, 0 );
+#endif
+#if defined(MBEDTLS_SHA512_C)
+    mbedtls_sha512_starts_ret( &ssl->handshake->fin_sha512, 1 );
+#endif
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+}
+
+static void ssl_update_checksum_start( mbedtls_ssl_context *ssl,
+                                       const unsigned char *buf, size_t len )
+{
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+     mbedtls_md5_update_ret( &ssl->handshake->fin_md5 , buf, len );
+    mbedtls_sha1_update_ret( &ssl->handshake->fin_sha1, buf, len );
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA256_C)
+    mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len );
+#endif
+#if defined(MBEDTLS_SHA512_C)
+    mbedtls_sha512_update_ret( &ssl->handshake->fin_sha512, buf, len );
+#endif
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+}
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+static void ssl_update_checksum_md5sha1( mbedtls_ssl_context *ssl,
+                                         const unsigned char *buf, size_t len )
+{
+     mbedtls_md5_update_ret( &ssl->handshake->fin_md5 , buf, len );
+    mbedtls_sha1_update_ret( &ssl->handshake->fin_sha1, buf, len );
+}
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA256_C)
+static void ssl_update_checksum_sha256( mbedtls_ssl_context *ssl,
+                                        const unsigned char *buf, size_t len )
+{
+    mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len );
+}
+#endif
+
+#if defined(MBEDTLS_SHA512_C)
+static void ssl_update_checksum_sha384( mbedtls_ssl_context *ssl,
+                                        const unsigned char *buf, size_t len )
+{
+    mbedtls_sha512_update_ret( &ssl->handshake->fin_sha512, buf, len );
+}
+#endif
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+static void ssl_calc_finished_ssl(
+                mbedtls_ssl_context *ssl, unsigned char *buf, int from )
+{
+    const char *sender;
+    mbedtls_md5_context  md5;
+    mbedtls_sha1_context sha1;
+
+    unsigned char padbuf[48];
+    unsigned char md5sum[16];
+    unsigned char sha1sum[20];
+
+    mbedtls_ssl_session *session = ssl->session_negotiate;
+    if( !session )
+        session = ssl->session;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc  finished ssl" ) );
+
+    mbedtls_md5_init( &md5 );
+    mbedtls_sha1_init( &sha1 );
+
+    mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 );
+    mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 );
+
+    /*
+     * SSLv3:
+     *   hash =
+     *      MD5( master + pad2 +
+     *          MD5( handshake + sender + master + pad1 ) )
+     *   + SHA1( master + pad2 +
+     *         SHA1( handshake + sender + master + pad1 ) )
+     */
+
+#if !defined(MBEDTLS_MD5_ALT)
+    MBEDTLS_SSL_DEBUG_BUF( 4, "finished  md5 state", (unsigned char *)
+                    md5.state, sizeof(  md5.state ) );
+#endif
+
+#if !defined(MBEDTLS_SHA1_ALT)
+    MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha1 state", (unsigned char *)
+                   sha1.state, sizeof( sha1.state ) );
+#endif
+
+    sender = ( from == MBEDTLS_SSL_IS_CLIENT ) ? "CLNT"
+                                       : "SRVR";
+
+    memset( padbuf, 0x36, 48 );
+
+    mbedtls_md5_update_ret( &md5, (const unsigned char *) sender, 4 );
+    mbedtls_md5_update_ret( &md5, session->master, 48 );
+    mbedtls_md5_update_ret( &md5, padbuf, 48 );
+    mbedtls_md5_finish_ret( &md5, md5sum );
+
+    mbedtls_sha1_update_ret( &sha1, (const unsigned char *) sender, 4 );
+    mbedtls_sha1_update_ret( &sha1, session->master, 48 );
+    mbedtls_sha1_update_ret( &sha1, padbuf, 40 );
+    mbedtls_sha1_finish_ret( &sha1, sha1sum );
+
+    memset( padbuf, 0x5C, 48 );
+
+    mbedtls_md5_starts_ret( &md5 );
+    mbedtls_md5_update_ret( &md5, session->master, 48 );
+    mbedtls_md5_update_ret( &md5, padbuf, 48 );
+    mbedtls_md5_update_ret( &md5, md5sum, 16 );
+    mbedtls_md5_finish_ret( &md5, buf );
+
+    mbedtls_sha1_starts_ret( &sha1 );
+    mbedtls_sha1_update_ret( &sha1, session->master, 48 );
+    mbedtls_sha1_update_ret( &sha1, padbuf , 40 );
+    mbedtls_sha1_update_ret( &sha1, sha1sum, 20 );
+    mbedtls_sha1_finish_ret( &sha1, buf + 16 );
+
+    MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, 36 );
+
+    mbedtls_md5_free(  &md5  );
+    mbedtls_sha1_free( &sha1 );
+
+    mbedtls_zeroize(  padbuf, sizeof(  padbuf ) );
+    mbedtls_zeroize(  md5sum, sizeof(  md5sum ) );
+    mbedtls_zeroize( sha1sum, sizeof( sha1sum ) );
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc  finished" ) );
+}
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
+static void ssl_calc_finished_tls(
+                mbedtls_ssl_context *ssl, unsigned char *buf, int from )
+{
+    int len = 12;
+    const char *sender;
+    mbedtls_md5_context  md5;
+    mbedtls_sha1_context sha1;
+    unsigned char padbuf[36];
+
+    mbedtls_ssl_session *session = ssl->session_negotiate;
+    if( !session )
+        session = ssl->session;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc  finished tls" ) );
+
+    mbedtls_md5_init( &md5 );
+    mbedtls_sha1_init( &sha1 );
+
+    mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 );
+    mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 );
+
+    /*
+     * TLSv1:
+     *   hash = PRF( master, finished_label,
+     *               MD5( handshake ) + SHA1( handshake ) )[0..11]
+     */
+
+#if !defined(MBEDTLS_MD5_ALT)
+    MBEDTLS_SSL_DEBUG_BUF( 4, "finished  md5 state", (unsigned char *)
+                    md5.state, sizeof(  md5.state ) );
+#endif
+
+#if !defined(MBEDTLS_SHA1_ALT)
+    MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha1 state", (unsigned char *)
+                   sha1.state, sizeof( sha1.state ) );
+#endif
+
+    sender = ( from == MBEDTLS_SSL_IS_CLIENT )
+             ? "client finished"
+             : "server finished";
+
+    mbedtls_md5_finish_ret(  &md5, padbuf );
+    mbedtls_sha1_finish_ret( &sha1, padbuf + 16 );
+
+    ssl->handshake->tls_prf( session->master, 48, sender,
+                             padbuf, 36, buf, len );
+
+    MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
+
+    mbedtls_md5_free(  &md5  );
+    mbedtls_sha1_free( &sha1 );
+
+    mbedtls_zeroize(  padbuf, sizeof(  padbuf ) );
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc  finished" ) );
+}
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA256_C)
+static void ssl_calc_finished_tls_sha256(
+                mbedtls_ssl_context *ssl, unsigned char *buf, int from )
+{
+    int len = 12;
+    const char *sender;
+    mbedtls_sha256_context sha256;
+    unsigned char padbuf[32];
+
+    mbedtls_ssl_session *session = ssl->session_negotiate;
+    if( !session )
+        session = ssl->session;
+
+    mbedtls_sha256_init( &sha256 );
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc  finished tls sha256" ) );
+
+    mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 );
+
+    /*
+     * TLSv1.2:
+     *   hash = PRF( master, finished_label,
+     *               Hash( handshake ) )[0.11]
+     */
+
+#if !defined(MBEDTLS_SHA256_ALT)
+    MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha2 state", (unsigned char *)
+                   sha256.state, sizeof( sha256.state ) );
+#endif
+
+    sender = ( from == MBEDTLS_SSL_IS_CLIENT )
+             ? "client finished"
+             : "server finished";
+
+    mbedtls_sha256_finish_ret( &sha256, padbuf );
+
+    ssl->handshake->tls_prf( session->master, 48, sender,
+                             padbuf, 32, buf, len );
+
+    MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
+
+    mbedtls_sha256_free( &sha256 );
+
+    mbedtls_zeroize(  padbuf, sizeof(  padbuf ) );
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc  finished" ) );
+}
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+static void ssl_calc_finished_tls_sha384(
+                mbedtls_ssl_context *ssl, unsigned char *buf, int from )
+{
+    int len = 12;
+    const char *sender;
+    mbedtls_sha512_context sha512;
+    unsigned char padbuf[48];
+
+    mbedtls_ssl_session *session = ssl->session_negotiate;
+    if( !session )
+        session = ssl->session;
+
+    mbedtls_sha512_init( &sha512 );
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc  finished tls sha384" ) );
+
+    mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 );
+
+    /*
+     * TLSv1.2:
+     *   hash = PRF( master, finished_label,
+     *               Hash( handshake ) )[0.11]
+     */
+
+#if !defined(MBEDTLS_SHA512_ALT)
+    MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha512 state", (unsigned char *)
+                   sha512.state, sizeof( sha512.state ) );
+#endif
+
+    sender = ( from == MBEDTLS_SSL_IS_CLIENT )
+             ? "client finished"
+             : "server finished";
+
+    mbedtls_sha512_finish_ret( &sha512, padbuf );
+
+    ssl->handshake->tls_prf( session->master, 48, sender,
+                             padbuf, 48, buf, len );
+
+    MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
+
+    mbedtls_sha512_free( &sha512 );
+
+    mbedtls_zeroize(  padbuf, sizeof( padbuf ) );
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc  finished" ) );
+}
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+static void ssl_handshake_wrapup_free_hs_transform( mbedtls_ssl_context *ssl )
+{
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "=> handshake wrapup: final free" ) );
+
+    /*
+     * Free our handshake params
+     */
+    mbedtls_ssl_handshake_free( ssl->handshake );
+    mbedtls_free( ssl->handshake );
+    ssl->handshake = NULL;
+
+    /*
+     * Free the previous transform and swith in the current one
+     */
+    if( ssl->transform )
+    {
+        mbedtls_ssl_transform_free( ssl->transform );
+        mbedtls_free( ssl->transform );
+    }
+    ssl->transform = ssl->transform_negotiate;
+    ssl->transform_negotiate = NULL;
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "<= handshake wrapup: final free" ) );
+}
+
+void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl )
+{
+    int resume = ssl->handshake->resume;
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "=> handshake wrapup" ) );
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
+    {
+        ssl->renego_status =  MBEDTLS_SSL_RENEGOTIATION_DONE;
+        ssl->renego_records_seen = 0;
+    }
+#endif
+
+    /*
+     * Free the previous session and switch in the current one
+     */
+    if( ssl->session )
+    {
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+        /* RFC 7366 3.1: keep the EtM state */
+        ssl->session_negotiate->encrypt_then_mac =
+                  ssl->session->encrypt_then_mac;
+#endif
+
+        mbedtls_ssl_session_free( ssl->session );
+        mbedtls_free( ssl->session );
+    }
+    ssl->session = ssl->session_negotiate;
+    ssl->session_negotiate = NULL;
+
+    /*
+     * Add cache entry
+     */
+    if( ssl->conf->f_set_cache != NULL &&
+        ssl->session->id_len != 0 &&
+        resume == 0 )
+    {
+        if( ssl->conf->f_set_cache( ssl->conf->p_cache, ssl->session ) != 0 )
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "cache did not store session" ) );
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        ssl->handshake->flight != NULL )
+    {
+        /* Cancel handshake timer */
+        ssl_set_timer( ssl, 0 );
+
+        /* Keep last flight around in case we need to resend it:
+         * we need the handshake and transform structures for that */
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip freeing handshake and transform" ) );
+    }
+    else
+#endif
+        ssl_handshake_wrapup_free_hs_transform( ssl );
+
+    ssl->state++;
+
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "<= handshake wrapup" ) );
+}
+
+int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl )
+{
+    int ret, hash_len;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write finished" ) );
+
+    /*
+     * Set the out_msg pointer to the correct location based on IV length
+     */
+    if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 )
+    {
+        ssl->out_msg = ssl->out_iv + ssl->transform_negotiate->ivlen -
+                       ssl->transform_negotiate->fixed_ivlen;
+    }
+    else
+        ssl->out_msg = ssl->out_iv;
+
+    ssl->handshake->calc_finished( ssl, ssl->out_msg + 4, ssl->conf->endpoint );
+
+    /*
+     * RFC 5246 7.4.9 (Page 63) says 12 is the default length and ciphersuites
+     * may define some other value. Currently (early 2016), no defined
+     * ciphersuite does this (and this is unlikely to change as activity has
+     * moved to TLS 1.3 now) so we can keep the hardcoded 12 here.
+     */
+    hash_len = ( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) ? 36 : 12;
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    ssl->verify_data_len = hash_len;
+    memcpy( ssl->own_verify_data, ssl->out_msg + 4, hash_len );
+#endif
+
+    ssl->out_msglen  = 4 + hash_len;
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_FINISHED;
+
+    /*
+     * In case of session resuming, invert the client and server
+     * ChangeCipherSpec messages order.
+     */
+    if( ssl->handshake->resume != 0 )
+    {
+#if defined(MBEDTLS_SSL_CLI_C)
+        if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
+            ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP;
+#endif
+#if defined(MBEDTLS_SSL_SRV_C)
+        if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
+            ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC;
+#endif
+    }
+    else
+        ssl->state++;
+
+    /*
+     * Switch to our negotiated transform and session parameters for outbound
+     * data.
+     */
+    MBEDTLS_SSL_DEBUG_MSG( 3, ( "switching to new transform spec for outbound data" ) );
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+    {
+        unsigned char i;
+
+        /* Remember current epoch settings for resending */
+        ssl->handshake->alt_transform_out = ssl->transform_out;
+        memcpy( ssl->handshake->alt_out_ctr, ssl->out_ctr, 8 );
+
+        /* Set sequence_number to zero */
+        memset( ssl->out_ctr + 2, 0, 6 );
+
+        /* Increment epoch */
+        for( i = 2; i > 0; i-- )
+            if( ++ssl->out_ctr[i - 1] != 0 )
+                break;
+
+        /* The loop goes to its end iff the counter is wrapping */
+        if( i == 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS epoch would wrap" ) );
+            return( MBEDTLS_ERR_SSL_COUNTER_WRAPPING );
+        }
+    }
+    else
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+    memset( ssl->out_ctr, 0, 8 );
+
+    ssl->transform_out = ssl->transform_negotiate;
+    ssl->session_out = ssl->session_negotiate;
+
+#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+    if( mbedtls_ssl_hw_record_activate != NULL )
+    {
+        if( ( ret = mbedtls_ssl_hw_record_activate( ssl, MBEDTLS_SSL_CHANNEL_OUTBOUND ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_activate", ret );
+            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+        }
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+        mbedtls_ssl_send_flight_completed( ssl );
+#endif
+
+    if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+        return( ret );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write finished" ) );
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+#define SSL_MAX_HASH_LEN 36
+#else
+#define SSL_MAX_HASH_LEN 12
+#endif
+
+int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl )
+{
+    int ret;
+    unsigned int hash_len;
+    unsigned char buf[SSL_MAX_HASH_LEN];
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse finished" ) );
+
+    ssl->handshake->calc_finished( ssl, buf, ssl->conf->endpoint ^ 1 );
+
+    if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
+        return( ret );
+    }
+
+    if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
+        return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
+    }
+
+    /* There is currently no ciphersuite using another length with TLS 1.2 */
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
+        hash_len = 36;
+    else
+#endif
+        hash_len = 12;
+
+    if( ssl->in_msg[0] != MBEDTLS_SSL_HS_FINISHED ||
+        ssl->in_hslen  != mbedtls_ssl_hs_hdr_len( ssl ) + hash_len )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_FINISHED );
+    }
+
+    if( mbedtls_ssl_safer_memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ),
+                      buf, hash_len ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) );
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
+        return( MBEDTLS_ERR_SSL_BAD_HS_FINISHED );
+    }
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    ssl->verify_data_len = hash_len;
+    memcpy( ssl->peer_verify_data, buf, hash_len );
+#endif
+
+    if( ssl->handshake->resume != 0 )
+    {
+#if defined(MBEDTLS_SSL_CLI_C)
+        if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
+            ssl->state = MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC;
+#endif
+#if defined(MBEDTLS_SSL_SRV_C)
+        if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
+            ssl->state = MBEDTLS_SSL_HANDSHAKE_WRAPUP;
+#endif
+    }
+    else
+        ssl->state++;
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+        mbedtls_ssl_recv_flight_completed( ssl );
+#endif
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse finished" ) );
+
+    return( 0 );
+}
+
+static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake )
+{
+    memset( handshake, 0, sizeof( mbedtls_ssl_handshake_params ) );
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+     mbedtls_md5_init(   &handshake->fin_md5  );
+    mbedtls_sha1_init(   &handshake->fin_sha1 );
+     mbedtls_md5_starts_ret( &handshake->fin_md5  );
+    mbedtls_sha1_starts_ret( &handshake->fin_sha1 );
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA256_C)
+    mbedtls_sha256_init(   &handshake->fin_sha256    );
+    mbedtls_sha256_starts_ret( &handshake->fin_sha256, 0 );
+#endif
+#if defined(MBEDTLS_SHA512_C)
+    mbedtls_sha512_init(   &handshake->fin_sha512    );
+    mbedtls_sha512_starts_ret( &handshake->fin_sha512, 1 );
+#endif
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+    handshake->update_checksum = ssl_update_checksum_start;
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
+    mbedtls_ssl_sig_hash_set_init( &handshake->hash_algs );
+#endif
+
+#if defined(MBEDTLS_DHM_C)
+    mbedtls_dhm_init( &handshake->dhm_ctx );
+#endif
+#if defined(MBEDTLS_ECDH_C)
+    mbedtls_ecdh_init( &handshake->ecdh_ctx );
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    mbedtls_ecjpake_init( &handshake->ecjpake_ctx );
+#if defined(MBEDTLS_SSL_CLI_C)
+    handshake->ecjpake_cache = NULL;
+    handshake->ecjpake_cache_len = 0;
+#endif
+#endif
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    handshake->sni_authmode = MBEDTLS_SSL_VERIFY_UNSET;
+#endif
+}
+
+static void ssl_transform_init( mbedtls_ssl_transform *transform )
+{
+    memset( transform, 0, sizeof(mbedtls_ssl_transform) );
+
+    mbedtls_cipher_init( &transform->cipher_ctx_enc );
+    mbedtls_cipher_init( &transform->cipher_ctx_dec );
+
+    mbedtls_md_init( &transform->md_ctx_enc );
+    mbedtls_md_init( &transform->md_ctx_dec );
+}
+
+void mbedtls_ssl_session_init( mbedtls_ssl_session *session )
+{
+    memset( session, 0, sizeof(mbedtls_ssl_session) );
+}
+
+static int ssl_handshake_init( mbedtls_ssl_context *ssl )
+{
+    /* Clear old handshake information if present */
+    if( ssl->transform_negotiate )
+        mbedtls_ssl_transform_free( ssl->transform_negotiate );
+    if( ssl->session_negotiate )
+        mbedtls_ssl_session_free( ssl->session_negotiate );
+    if( ssl->handshake )
+        mbedtls_ssl_handshake_free( ssl->handshake );
+
+    /*
+     * Either the pointers are now NULL or cleared properly and can be freed.
+     * Now allocate missing structures.
+     */
+    if( ssl->transform_negotiate == NULL )
+    {
+        ssl->transform_negotiate = mbedtls_calloc( 1, sizeof(mbedtls_ssl_transform) );
+    }
+
+    if( ssl->session_negotiate == NULL )
+    {
+        ssl->session_negotiate = mbedtls_calloc( 1, sizeof(mbedtls_ssl_session) );
+    }
+
+    if( ssl->handshake == NULL )
+    {
+        ssl->handshake = mbedtls_calloc( 1, sizeof(mbedtls_ssl_handshake_params) );
+    }
+
+    /* All pointers should exist and can be directly freed without issue */
+    if( ssl->handshake == NULL ||
+        ssl->transform_negotiate == NULL ||
+        ssl->session_negotiate == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc() of ssl sub-contexts failed" ) );
+
+        mbedtls_free( ssl->handshake );
+        mbedtls_free( ssl->transform_negotiate );
+        mbedtls_free( ssl->session_negotiate );
+
+        ssl->handshake = NULL;
+        ssl->transform_negotiate = NULL;
+        ssl->session_negotiate = NULL;
+
+        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+    }
+
+    /* Initialize structures */
+    mbedtls_ssl_session_init( ssl->session_negotiate );
+    ssl_transform_init( ssl->transform_negotiate );
+    ssl_handshake_params_init( ssl->handshake );
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+    {
+        ssl->handshake->alt_transform_out = ssl->transform_out;
+
+        if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
+            ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_PREPARING;
+        else
+            ssl->handshake->retransmit_state = MBEDTLS_SSL_RETRANS_WAITING;
+
+        ssl_set_timer( ssl, 0 );
+    }
+#endif
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
+/* Dummy cookie callbacks for defaults */
+static int ssl_cookie_write_dummy( void *ctx,
+                      unsigned char **p, unsigned char *end,
+                      const unsigned char *cli_id, size_t cli_id_len )
+{
+    ((void) ctx);
+    ((void) p);
+    ((void) end);
+    ((void) cli_id);
+    ((void) cli_id_len);
+
+    return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+}
+
+static int ssl_cookie_check_dummy( void *ctx,
+                      const unsigned char *cookie, size_t cookie_len,
+                      const unsigned char *cli_id, size_t cli_id_len )
+{
+    ((void) ctx);
+    ((void) cookie);
+    ((void) cookie_len);
+    ((void) cli_id);
+    ((void) cli_id_len);
+
+    return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+}
+#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */
+
+/*
+ * Initialize an SSL context
+ */
+void mbedtls_ssl_init( mbedtls_ssl_context *ssl )
+{
+    memset( ssl, 0, sizeof( mbedtls_ssl_context ) );
+}
+
+/*
+ * Setup an SSL context
+ */
+int mbedtls_ssl_setup( mbedtls_ssl_context *ssl,
+                       const mbedtls_ssl_config *conf )
+{
+    int ret;
+    const size_t len = MBEDTLS_SSL_BUFFER_LEN;
+
+    ssl->conf = conf;
+
+    /*
+     * Prepare base structures
+     */
+    if( ( ssl-> in_buf = mbedtls_calloc( 1, len ) ) == NULL ||
+        ( ssl->out_buf = mbedtls_calloc( 1, len ) ) == NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed", len ) );
+        mbedtls_free( ssl->in_buf );
+        ssl->in_buf = NULL;
+        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+    }
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+    {
+        ssl->out_hdr = ssl->out_buf;
+        ssl->out_ctr = ssl->out_buf +  3;
+        ssl->out_len = ssl->out_buf + 11;
+        ssl->out_iv  = ssl->out_buf + 13;
+        ssl->out_msg = ssl->out_buf + 13;
+
+        ssl->in_hdr = ssl->in_buf;
+        ssl->in_ctr = ssl->in_buf +  3;
+        ssl->in_len = ssl->in_buf + 11;
+        ssl->in_iv  = ssl->in_buf + 13;
+        ssl->in_msg = ssl->in_buf + 13;
+    }
+    else
+#endif
+    {
+        ssl->out_ctr = ssl->out_buf;
+        ssl->out_hdr = ssl->out_buf +  8;
+        ssl->out_len = ssl->out_buf + 11;
+        ssl->out_iv  = ssl->out_buf + 13;
+        ssl->out_msg = ssl->out_buf + 13;
+
+        ssl->in_ctr = ssl->in_buf;
+        ssl->in_hdr = ssl->in_buf +  8;
+        ssl->in_len = ssl->in_buf + 11;
+        ssl->in_iv  = ssl->in_buf + 13;
+        ssl->in_msg = ssl->in_buf + 13;
+    }
+
+    if( ( ret = ssl_handshake_init( ssl ) ) != 0 )
+        return( ret );
+
+    return( 0 );
+}
+
+/*
+ * Reset an initialized and used SSL context for re-use while retaining
+ * all application-set variables, function pointers and data.
+ *
+ * If partial is non-zero, keep data in the input buffer and client ID.
+ * (Use when a DTLS client reconnects from the same port.)
+ */
+static int ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial )
+{
+    int ret;
+
+    ssl->state = MBEDTLS_SSL_HELLO_REQUEST;
+
+    /* Cancel any possibly running timer */
+    ssl_set_timer( ssl, 0 );
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    ssl->renego_status = MBEDTLS_SSL_INITIAL_HANDSHAKE;
+    ssl->renego_records_seen = 0;
+
+    ssl->verify_data_len = 0;
+    memset( ssl->own_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN );
+    memset( ssl->peer_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN );
+#endif
+    ssl->secure_renegotiation = MBEDTLS_SSL_LEGACY_RENEGOTIATION;
+
+    ssl->in_offt = NULL;
+
+    ssl->in_msg = ssl->in_buf + 13;
+    ssl->in_msgtype = 0;
+    ssl->in_msglen = 0;
+    if( partial == 0 )
+        ssl->in_left = 0;
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    ssl->next_record_offset = 0;
+    ssl->in_epoch = 0;
+#endif
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+    ssl_dtls_replay_reset( ssl );
+#endif
+
+    ssl->in_hslen = 0;
+    ssl->nb_zero = 0;
+
+    ssl->keep_current_message = 0;
+
+    ssl->out_msg = ssl->out_buf + 13;
+    ssl->out_msgtype = 0;
+    ssl->out_msglen = 0;
+    ssl->out_left = 0;
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+    if( ssl->split_done != MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED )
+        ssl->split_done = 0;
+#endif
+
+    ssl->transform_in = NULL;
+    ssl->transform_out = NULL;
+
+    memset( ssl->out_buf, 0, MBEDTLS_SSL_BUFFER_LEN );
+    if( partial == 0 )
+        memset( ssl->in_buf, 0, MBEDTLS_SSL_BUFFER_LEN );
+
+#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+    if( mbedtls_ssl_hw_record_reset != NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_reset()" ) );
+        if( ( ret = mbedtls_ssl_hw_record_reset( ssl ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_hw_record_reset", ret );
+            return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+        }
+    }
+#endif
+
+    if( ssl->transform )
+    {
+        mbedtls_ssl_transform_free( ssl->transform );
+        mbedtls_free( ssl->transform );
+        ssl->transform = NULL;
+    }
+
+    if( ssl->session )
+    {
+        mbedtls_ssl_session_free( ssl->session );
+        mbedtls_free( ssl->session );
+        ssl->session = NULL;
+    }
+
+#if defined(MBEDTLS_SSL_ALPN)
+    ssl->alpn_chosen = NULL;
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
+    if( partial == 0 )
+    {
+        mbedtls_free( ssl->cli_id );
+        ssl->cli_id = NULL;
+        ssl->cli_id_len = 0;
+    }
+#endif
+
+    if( ( ret = ssl_handshake_init( ssl ) ) != 0 )
+        return( ret );
+
+    return( 0 );
+}
+
+/*
+ * Reset an initialized and used SSL context for re-use while retaining
+ * all application-set variables, function pointers and data.
+ */
+int mbedtls_ssl_session_reset( mbedtls_ssl_context *ssl )
+{
+    return( ssl_session_reset_int( ssl, 0 ) );
+}
+
+/*
+ * SSL set accessors
+ */
+void mbedtls_ssl_conf_endpoint( mbedtls_ssl_config *conf, int endpoint )
+{
+    conf->endpoint   = endpoint;
+}
+
+void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport )
+{
+    conf->transport = transport;
+}
+
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode )
+{
+    conf->anti_replay = mode;
+}
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
+void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit )
+{
+    conf->badmac_limit = limit;
+}
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, uint32_t max )
+{
+    conf->hs_timeout_min = min;
+    conf->hs_timeout_max = max;
+}
+#endif
+
+void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode )
+{
+    conf->authmode   = authmode;
+}
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+void mbedtls_ssl_conf_verify( mbedtls_ssl_config *conf,
+                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                     void *p_vrfy )
+{
+    conf->f_vrfy      = f_vrfy;
+    conf->p_vrfy      = p_vrfy;
+}
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf,
+                  int (*f_rng)(void *, unsigned char *, size_t),
+                  void *p_rng )
+{
+    conf->f_rng      = f_rng;
+    conf->p_rng      = p_rng;
+}
+
+void mbedtls_ssl_conf_dbg( mbedtls_ssl_config *conf,
+                  void (*f_dbg)(void *, int, const char *, int, const char *),
+                  void  *p_dbg )
+{
+    conf->f_dbg      = f_dbg;
+    conf->p_dbg      = p_dbg;
+}
+
+void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl,
+        void *p_bio,
+        mbedtls_ssl_send_t *f_send,
+        mbedtls_ssl_recv_t *f_recv,
+        mbedtls_ssl_recv_timeout_t *f_recv_timeout )
+{
+    ssl->p_bio          = p_bio;
+    ssl->f_send         = f_send;
+    ssl->f_recv         = f_recv;
+    ssl->f_recv_timeout = f_recv_timeout;
+}
+
+void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout )
+{
+    conf->read_timeout   = timeout;
+}
+
+void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl,
+                               void *p_timer,
+                               mbedtls_ssl_set_timer_t *f_set_timer,
+                               mbedtls_ssl_get_timer_t *f_get_timer )
+{
+    ssl->p_timer        = p_timer;
+    ssl->f_set_timer    = f_set_timer;
+    ssl->f_get_timer    = f_get_timer;
+
+    /* Make sure we start with no timer running */
+    ssl_set_timer( ssl, 0 );
+}
+
+#if defined(MBEDTLS_SSL_SRV_C)
+void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf,
+        void *p_cache,
+        int (*f_get_cache)(void *, mbedtls_ssl_session *),
+        int (*f_set_cache)(void *, const mbedtls_ssl_session *) )
+{
+    conf->p_cache = p_cache;
+    conf->f_get_cache = f_get_cache;
+    conf->f_set_cache = f_set_cache;
+}
+#endif /* MBEDTLS_SSL_SRV_C */
+
+#if defined(MBEDTLS_SSL_CLI_C)
+int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session )
+{
+    int ret;
+
+    if( ssl == NULL ||
+        session == NULL ||
+        ssl->session_negotiate == NULL ||
+        ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT )
+    {
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    }
+
+    if( ( ret = ssl_session_copy( ssl->session_negotiate, session ) ) != 0 )
+        return( ret );
+
+    ssl->handshake->resume = 1;
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_CLI_C */
+
+void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf,
+                                   const int *ciphersuites )
+{
+    conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = ciphersuites;
+    conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = ciphersuites;
+    conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = ciphersuites;
+    conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = ciphersuites;
+}
+
+void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf,
+                                       const int *ciphersuites,
+                                       int major, int minor )
+{
+    if( major != MBEDTLS_SSL_MAJOR_VERSION_3 )
+        return;
+
+    if( minor < MBEDTLS_SSL_MINOR_VERSION_0 || minor > MBEDTLS_SSL_MINOR_VERSION_3 )
+        return;
+
+    conf->ciphersuite_list[minor] = ciphersuites;
+}
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf,
+                                    const mbedtls_x509_crt_profile *profile )
+{
+    conf->cert_profile = profile;
+}
+
+/* Append a new keycert entry to a (possibly empty) list */
+static int ssl_append_key_cert( mbedtls_ssl_key_cert **head,
+                                mbedtls_x509_crt *cert,
+                                mbedtls_pk_context *key )
+{
+    mbedtls_ssl_key_cert *new;
+
+    new = mbedtls_calloc( 1, sizeof( mbedtls_ssl_key_cert ) );
+    if( new == NULL )
+        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+
+    new->cert = cert;
+    new->key  = key;
+    new->next = NULL;
+
+    /* Update head is the list was null, else add to the end */
+    if( *head == NULL )
+    {
+        *head = new;
+    }
+    else
+    {
+        mbedtls_ssl_key_cert *cur = *head;
+        while( cur->next != NULL )
+            cur = cur->next;
+        cur->next = new;
+    }
+
+    return( 0 );
+}
+
+int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf,
+                              mbedtls_x509_crt *own_cert,
+                              mbedtls_pk_context *pk_key )
+{
+    return( ssl_append_key_cert( &conf->key_cert, own_cert, pk_key ) );
+}
+
+void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf,
+                               mbedtls_x509_crt *ca_chain,
+                               mbedtls_x509_crl *ca_crl )
+{
+    conf->ca_chain   = ca_chain;
+    conf->ca_crl     = ca_crl;
+}
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *ssl,
+                                 mbedtls_x509_crt *own_cert,
+                                 mbedtls_pk_context *pk_key )
+{
+    return( ssl_append_key_cert( &ssl->handshake->sni_key_cert,
+                                 own_cert, pk_key ) );
+}
+
+void mbedtls_ssl_set_hs_ca_chain( mbedtls_ssl_context *ssl,
+                                  mbedtls_x509_crt *ca_chain,
+                                  mbedtls_x509_crl *ca_crl )
+{
+    ssl->handshake->sni_ca_chain   = ca_chain;
+    ssl->handshake->sni_ca_crl     = ca_crl;
+}
+
+void mbedtls_ssl_set_hs_authmode( mbedtls_ssl_context *ssl,
+                                  int authmode )
+{
+    ssl->handshake->sni_authmode = authmode;
+}
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
+
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+/*
+ * Set EC J-PAKE password for current handshake
+ */
+int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl,
+                                         const unsigned char *pw,
+                                         size_t pw_len )
+{
+    mbedtls_ecjpake_role role;
+
+    if( ssl->handshake == NULL || ssl->conf == NULL )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
+        role = MBEDTLS_ECJPAKE_SERVER;
+    else
+        role = MBEDTLS_ECJPAKE_CLIENT;
+
+    return( mbedtls_ecjpake_setup( &ssl->handshake->ecjpake_ctx,
+                                   role,
+                                   MBEDTLS_MD_SHA256,
+                                   MBEDTLS_ECP_DP_SECP256R1,
+                                   pw, pw_len ) );
+}
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
+                const unsigned char *psk, size_t psk_len,
+                const unsigned char *psk_identity, size_t psk_identity_len )
+{
+    if( psk == NULL || psk_identity == NULL )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    if( psk_len > MBEDTLS_PSK_MAX_LEN )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    /* Identity len will be encoded on two bytes */
+    if( ( psk_identity_len >> 16 ) != 0 ||
+        psk_identity_len > MBEDTLS_SSL_MAX_CONTENT_LEN )
+    {
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    }
+
+    if( conf->psk != NULL )
+    {
+        mbedtls_zeroize( conf->psk, conf->psk_len );
+
+        mbedtls_free( conf->psk );
+        conf->psk = NULL;
+        conf->psk_len = 0;
+    }
+    if( conf->psk_identity != NULL )
+    {
+        mbedtls_free( conf->psk_identity );
+        conf->psk_identity = NULL;
+        conf->psk_identity_len = 0;
+    }
+
+    if( ( conf->psk = mbedtls_calloc( 1, psk_len ) ) == NULL ||
+        ( conf->psk_identity = mbedtls_calloc( 1, psk_identity_len ) ) == NULL )
+    {
+        mbedtls_free( conf->psk );
+        mbedtls_free( conf->psk_identity );
+        conf->psk = NULL;
+        conf->psk_identity = NULL;
+        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+    }
+
+    conf->psk_len = psk_len;
+    conf->psk_identity_len = psk_identity_len;
+
+    memcpy( conf->psk, psk, conf->psk_len );
+    memcpy( conf->psk_identity, psk_identity, conf->psk_identity_len );
+
+    return( 0 );
+}
+
+int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl,
+                            const unsigned char *psk, size_t psk_len )
+{
+    if( psk == NULL || ssl->handshake == NULL )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    if( psk_len > MBEDTLS_PSK_MAX_LEN )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    if( ssl->handshake->psk != NULL )
+    {
+        mbedtls_zeroize( ssl->handshake->psk, ssl->handshake->psk_len );
+        mbedtls_free( ssl->handshake->psk );
+        ssl->handshake->psk_len = 0;
+    }
+
+    if( ( ssl->handshake->psk = mbedtls_calloc( 1, psk_len ) ) == NULL )
+        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+
+    ssl->handshake->psk_len = psk_len;
+    memcpy( ssl->handshake->psk, psk, ssl->handshake->psk_len );
+
+    return( 0 );
+}
+
+void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf,
+                     int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *,
+                     size_t),
+                     void *p_psk )
+{
+    conf->f_psk = f_psk;
+    conf->p_psk = p_psk;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
+
+#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, const char *dhm_G )
+{
+    int ret;
+
+    if( ( ret = mbedtls_mpi_read_string( &conf->dhm_P, 16, dhm_P ) ) != 0 ||
+        ( ret = mbedtls_mpi_read_string( &conf->dhm_G, 16, dhm_G ) ) != 0 )
+    {
+        mbedtls_mpi_free( &conf->dhm_P );
+        mbedtls_mpi_free( &conf->dhm_G );
+        return( ret );
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_DEPRECATED_REMOVED */
+
+int mbedtls_ssl_conf_dh_param_bin( mbedtls_ssl_config *conf,
+                                   const unsigned char *dhm_P, size_t P_len,
+                                   const unsigned char *dhm_G, size_t G_len )
+{
+    int ret;
+
+    if( ( ret = mbedtls_mpi_read_binary( &conf->dhm_P, dhm_P, P_len ) ) != 0 ||
+        ( ret = mbedtls_mpi_read_binary( &conf->dhm_G, dhm_G, G_len ) ) != 0 )
+    {
+        mbedtls_mpi_free( &conf->dhm_P );
+        mbedtls_mpi_free( &conf->dhm_G );
+        return( ret );
+    }
+
+    return( 0 );
+}
+
+int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx )
+{
+    int ret;
+
+    if( ( ret = mbedtls_mpi_copy( &conf->dhm_P, &dhm_ctx->P ) ) != 0 ||
+        ( ret = mbedtls_mpi_copy( &conf->dhm_G, &dhm_ctx->G ) ) != 0 )
+    {
+        mbedtls_mpi_free( &conf->dhm_P );
+        mbedtls_mpi_free( &conf->dhm_G );
+        return( ret );
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_SRV_C */
+
+#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
+/*
+ * Set the minimum length for Diffie-Hellman parameters
+ */
+void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf,
+                                      unsigned int bitlen )
+{
+    conf->dhm_min_bitlen = bitlen;
+}
+#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_CLI_C */
+
+#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
+/*
+ * Set allowed/preferred hashes for handshake signatures
+ */
+void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf,
+                                  const int *hashes )
+{
+    conf->sig_hashes = hashes;
+}
+#endif /* MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */
+
+#if defined(MBEDTLS_ECP_C)
+/*
+ * Set the allowed elliptic curves
+ */
+void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf,
+                             const mbedtls_ecp_group_id *curve_list )
+{
+    conf->curve_list = curve_list;
+}
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname )
+{
+    /* Initialize to suppress unnecessary compiler warning */
+    size_t hostname_len = 0;
+
+    /* Check if new hostname is valid before
+     * making any change to current one */
+    if( hostname != NULL )
+    {
+        hostname_len = strlen( hostname );
+
+        if( hostname_len > MBEDTLS_SSL_MAX_HOST_NAME_LEN )
+            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    }
+
+    /* Now it's clear that we will overwrite the old hostname,
+     * so we can free it safely */
+
+    if( ssl->hostname != NULL )
+    {
+        mbedtls_zeroize( ssl->hostname, strlen( ssl->hostname ) );
+        mbedtls_free( ssl->hostname );
+    }
+
+    /* Passing NULL as hostname shall clear the old one */
+
+    if( hostname == NULL )
+    {
+        ssl->hostname = NULL;
+    }
+    else
+    {
+        ssl->hostname = mbedtls_calloc( 1, hostname_len + 1 );
+        if( ssl->hostname == NULL )
+            return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+
+        memcpy( ssl->hostname, hostname, hostname_len );
+
+        ssl->hostname[hostname_len] = '\0';
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+void mbedtls_ssl_conf_sni( mbedtls_ssl_config *conf,
+                  int (*f_sni)(void *, mbedtls_ssl_context *,
+                                const unsigned char *, size_t),
+                  void *p_sni )
+{
+    conf->f_sni = f_sni;
+    conf->p_sni = p_sni;
+}
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
+
+#if defined(MBEDTLS_SSL_ALPN)
+int mbedtls_ssl_conf_alpn_protocols( mbedtls_ssl_config *conf, const char **protos )
+{
+    size_t cur_len, tot_len;
+    const char **p;
+
+    /*
+     * RFC 7301 3.1: "Empty strings MUST NOT be included and byte strings
+     * MUST NOT be truncated."
+     * We check lengths now rather than later.
+     */
+    tot_len = 0;
+    for( p = protos; *p != NULL; p++ )
+    {
+        cur_len = strlen( *p );
+        tot_len += cur_len;
+
+        if( cur_len == 0 || cur_len > 255 || tot_len > 65535 )
+            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    }
+
+    conf->alpn_list = protos;
+
+    return( 0 );
+}
+
+const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl )
+{
+    return( ssl->alpn_chosen );
+}
+#endif /* MBEDTLS_SSL_ALPN */
+
+void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor )
+{
+    conf->max_major_ver = major;
+    conf->max_minor_ver = minor;
+}
+
+void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor )
+{
+    conf->min_major_ver = major;
+    conf->min_minor_ver = minor;
+}
+
+#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C)
+void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback )
+{
+    conf->fallback = fallback;
+}
+#endif
+
+#if defined(MBEDTLS_SSL_SRV_C)
+void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf,
+                                          char cert_req_ca_list )
+{
+    conf->cert_req_ca_list = cert_req_ca_list;
+}
+#endif
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+void mbedtls_ssl_conf_encrypt_then_mac( mbedtls_ssl_config *conf, char etm )
+{
+    conf->encrypt_then_mac = etm;
+}
+#endif
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+void mbedtls_ssl_conf_extended_master_secret( mbedtls_ssl_config *conf, char ems )
+{
+    conf->extended_ms = ems;
+}
+#endif
+
+#if defined(MBEDTLS_ARC4_C)
+void mbedtls_ssl_conf_arc4_support( mbedtls_ssl_config *conf, char arc4 )
+{
+    conf->arc4_disabled = arc4;
+}
+#endif
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_code )
+{
+    if( mfl_code >= MBEDTLS_SSL_MAX_FRAG_LEN_INVALID ||
+        mfl_code_to_length[mfl_code] > MBEDTLS_SSL_MAX_CONTENT_LEN )
+    {
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    }
+
+    conf->mfl_code = mfl_code;
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate )
+{
+    conf->trunc_hmac = truncate;
+}
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split )
+{
+    conf->cbc_record_splitting = split;
+}
+#endif
+
+void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy )
+{
+    conf->allow_legacy_renegotiation = allow_legacy;
+}
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+void mbedtls_ssl_conf_renegotiation( mbedtls_ssl_config *conf, int renegotiation )
+{
+    conf->disable_renegotiation = renegotiation;
+}
+
+void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_records )
+{
+    conf->renego_max_records = max_records;
+}
+
+void mbedtls_ssl_conf_renegotiation_period( mbedtls_ssl_config *conf,
+                                   const unsigned char period[8] )
+{
+    memcpy( conf->renego_period, period, 8 );
+}
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+#if defined(MBEDTLS_SSL_CLI_C)
+void mbedtls_ssl_conf_session_tickets( mbedtls_ssl_config *conf, int use_tickets )
+{
+    conf->session_tickets = use_tickets;
+}
+#endif
+
+#if defined(MBEDTLS_SSL_SRV_C)
+void mbedtls_ssl_conf_session_tickets_cb( mbedtls_ssl_config *conf,
+        mbedtls_ssl_ticket_write_t *f_ticket_write,
+        mbedtls_ssl_ticket_parse_t *f_ticket_parse,
+        void *p_ticket )
+{
+    conf->f_ticket_write = f_ticket_write;
+    conf->f_ticket_parse = f_ticket_parse;
+    conf->p_ticket       = p_ticket;
+}
+#endif
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf,
+        mbedtls_ssl_export_keys_t *f_export_keys,
+        void *p_export_keys )
+{
+    conf->f_export_keys = f_export_keys;
+    conf->p_export_keys = p_export_keys;
+}
+#endif
+
+/*
+ * SSL get accessors
+ */
+size_t mbedtls_ssl_get_bytes_avail( const mbedtls_ssl_context *ssl )
+{
+    return( ssl->in_offt == NULL ? 0 : ssl->in_msglen );
+}
+
+uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl )
+{
+    if( ssl->session != NULL )
+        return( ssl->session->verify_result );
+
+    if( ssl->session_negotiate != NULL )
+        return( ssl->session_negotiate->verify_result );
+
+    return( 0xFFFFFFFF );
+}
+
+const char *mbedtls_ssl_get_ciphersuite( const mbedtls_ssl_context *ssl )
+{
+    if( ssl == NULL || ssl->session == NULL )
+        return( NULL );
+
+    return mbedtls_ssl_get_ciphersuite_name( ssl->session->ciphersuite );
+}
+
+const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl )
+{
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+    {
+        switch( ssl->minor_ver )
+        {
+            case MBEDTLS_SSL_MINOR_VERSION_2:
+                return( "DTLSv1.0" );
+
+            case MBEDTLS_SSL_MINOR_VERSION_3:
+                return( "DTLSv1.2" );
+
+            default:
+                return( "unknown (DTLS)" );
+        }
+    }
+#endif
+
+    switch( ssl->minor_ver )
+    {
+        case MBEDTLS_SSL_MINOR_VERSION_0:
+            return( "SSLv3.0" );
+
+        case MBEDTLS_SSL_MINOR_VERSION_1:
+            return( "TLSv1.0" );
+
+        case MBEDTLS_SSL_MINOR_VERSION_2:
+            return( "TLSv1.1" );
+
+        case MBEDTLS_SSL_MINOR_VERSION_3:
+            return( "TLSv1.2" );
+
+        default:
+            return( "unknown" );
+    }
+}
+
+int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl )
+{
+    size_t transform_expansion;
+    const mbedtls_ssl_transform *transform = ssl->transform_out;
+
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    if( ssl->session_out->compression != MBEDTLS_SSL_COMPRESS_NULL )
+        return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+#endif
+
+    if( transform == NULL )
+        return( (int) mbedtls_ssl_hdr_len( ssl ) );
+
+    switch( mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_enc ) )
+    {
+        case MBEDTLS_MODE_GCM:
+        case MBEDTLS_MODE_CCM:
+        case MBEDTLS_MODE_STREAM:
+            transform_expansion = transform->minlen;
+            break;
+
+        case MBEDTLS_MODE_CBC:
+            transform_expansion = transform->maclen
+                      + mbedtls_cipher_get_block_size( &transform->cipher_ctx_enc );
+            break;
+
+        default:
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+    }
+
+    return( (int)( mbedtls_ssl_hdr_len( ssl ) + transform_expansion ) );
+}
+
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+size_t mbedtls_ssl_get_max_frag_len( const mbedtls_ssl_context *ssl )
+{
+    size_t max_len;
+
+    /*
+     * Assume mfl_code is correct since it was checked when set
+     */
+    max_len = mfl_code_to_length[ssl->conf->mfl_code];
+
+    /*
+     * Check if a smaller max length was negotiated
+     */
+    if( ssl->session_out != NULL &&
+        mfl_code_to_length[ssl->session_out->mfl_code] < max_len )
+    {
+        max_len = mfl_code_to_length[ssl->session_out->mfl_code];
+    }
+
+    return max_len;
+}
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert( const mbedtls_ssl_context *ssl )
+{
+    if( ssl == NULL || ssl->session == NULL )
+        return( NULL );
+
+    return( ssl->session->peer_cert );
+}
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+#if defined(MBEDTLS_SSL_CLI_C)
+int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, mbedtls_ssl_session *dst )
+{
+    if( ssl == NULL ||
+        dst == NULL ||
+        ssl->session == NULL ||
+        ssl->conf->endpoint != MBEDTLS_SSL_IS_CLIENT )
+    {
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    }
+
+    return( ssl_session_copy( dst, ssl->session ) );
+}
+#endif /* MBEDTLS_SSL_CLI_C */
+
+/*
+ * Perform a single step of the SSL handshake
+ */
+int mbedtls_ssl_handshake_step( mbedtls_ssl_context *ssl )
+{
+    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+
+    if( ssl == NULL || ssl->conf == NULL )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+#if defined(MBEDTLS_SSL_CLI_C)
+    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
+        ret = mbedtls_ssl_handshake_client_step( ssl );
+#endif
+#if defined(MBEDTLS_SSL_SRV_C)
+    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
+        ret = mbedtls_ssl_handshake_server_step( ssl );
+#endif
+
+    return( ret );
+}
+
+/*
+ * Perform the SSL handshake
+ */
+int mbedtls_ssl_handshake( mbedtls_ssl_context *ssl )
+{
+    int ret = 0;
+
+    if( ssl == NULL || ssl->conf == NULL )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> handshake" ) );
+
+    while( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
+    {
+        ret = mbedtls_ssl_handshake_step( ssl );
+
+        if( ret != 0 )
+            break;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= handshake" ) );
+
+    return( ret );
+}
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+#if defined(MBEDTLS_SSL_SRV_C)
+/*
+ * Write HelloRequest to request renegotiation on server
+ */
+static int ssl_write_hello_request( mbedtls_ssl_context *ssl )
+{
+    int ret;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write hello request" ) );
+
+    ssl->out_msglen  = 4;
+    ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE;
+    ssl->out_msg[0]  = MBEDTLS_SSL_HS_HELLO_REQUEST;
+
+    if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+        return( ret );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write hello request" ) );
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_SRV_C */
+
+/*
+ * Actually renegotiate current connection, triggered by either:
+ * - any side: calling mbedtls_ssl_renegotiate(),
+ * - client: receiving a HelloRequest during mbedtls_ssl_read(),
+ * - server: receiving any handshake message on server during mbedtls_ssl_read() after
+ *   the initial handshake is completed.
+ * If the handshake doesn't complete due to waiting for I/O, it will continue
+ * during the next calls to mbedtls_ssl_renegotiate() or mbedtls_ssl_read() respectively.
+ */
+static int ssl_start_renegotiation( mbedtls_ssl_context *ssl )
+{
+    int ret;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> renegotiate" ) );
+
+    if( ( ret = ssl_handshake_init( ssl ) ) != 0 )
+        return( ret );
+
+    /* RFC 6347 4.2.2: "[...] the HelloRequest will have message_seq = 0 and
+     * the ServerHello will have message_seq = 1" */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+        ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING )
+    {
+        if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
+            ssl->handshake->out_msg_seq = 1;
+        else
+            ssl->handshake->in_msg_seq = 1;
+    }
+#endif
+
+    ssl->state = MBEDTLS_SSL_HELLO_REQUEST;
+    ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS;
+
+    if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret );
+        return( ret );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= renegotiate" ) );
+
+    return( 0 );
+}
+
+/*
+ * Renegotiate current connection on client,
+ * or request renegotiation on server
+ */
+int mbedtls_ssl_renegotiate( mbedtls_ssl_context *ssl )
+{
+    int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
+
+    if( ssl == NULL || ssl->conf == NULL )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+#if defined(MBEDTLS_SSL_SRV_C)
+    /* On server, just send the request */
+    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
+    {
+        if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
+            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+        ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING;
+
+        /* Did we already try/start sending HelloRequest? */
+        if( ssl->out_left != 0 )
+            return( mbedtls_ssl_flush_output( ssl ) );
+
+        return( ssl_write_hello_request( ssl ) );
+    }
+#endif /* MBEDTLS_SSL_SRV_C */
+
+#if defined(MBEDTLS_SSL_CLI_C)
+    /*
+     * On client, either start the renegotiation process or,
+     * if already in progress, continue the handshake
+     */
+    if( ssl->renego_status != MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS )
+    {
+        if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
+            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+        if( ( ret = ssl_start_renegotiation( ssl ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "ssl_start_renegotiation", ret );
+            return( ret );
+        }
+    }
+    else
+    {
+        if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret );
+            return( ret );
+        }
+    }
+#endif /* MBEDTLS_SSL_CLI_C */
+
+    return( ret );
+}
+
+/*
+ * Check record counters and renegotiate if they're above the limit.
+ */
+static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl )
+{
+    size_t ep_len = ssl_ep_len( ssl );
+    int in_ctr_cmp;
+    int out_ctr_cmp;
+
+    if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ||
+        ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING ||
+        ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED )
+    {
+        return( 0 );
+    }
+
+    in_ctr_cmp = memcmp( ssl->in_ctr + ep_len,
+                        ssl->conf->renego_period + ep_len, 8 - ep_len );
+    out_ctr_cmp = memcmp( ssl->out_ctr + ep_len,
+                          ssl->conf->renego_period + ep_len, 8 - ep_len );
+
+    if( in_ctr_cmp <= 0 && out_ctr_cmp <= 0 )
+    {
+        return( 0 );
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 1, ( "record counter limit reached: renegotiate" ) );
+    return( mbedtls_ssl_renegotiate( ssl ) );
+}
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+/*
+ * Receive application data decrypted from the SSL layer
+ */
+int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
+{
+    int ret;
+    size_t n;
+
+    if( ssl == NULL || ssl->conf == NULL )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> read" ) );
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+    {
+        if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 )
+            return( ret );
+
+        if( ssl->handshake != NULL &&
+            ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING )
+        {
+            if( ( ret = mbedtls_ssl_resend( ssl ) ) != 0 )
+                return( ret );
+        }
+    }
+#endif
+
+    /*
+     * Check if renegotiation is necessary and/or handshake is
+     * in process. If yes, perform/continue, and fall through
+     * if an unexpected packet is received while the client
+     * is waiting for the ServerHello.
+     *
+     * (There is no equivalent to the last condition on
+     *  the server-side as it is not treated as within
+     *  a handshake while waiting for the ClientHello
+     *  after a renegotiation request.)
+     */
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    ret = ssl_check_ctr_renegotiate( ssl );
+    if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO &&
+        ret != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_check_ctr_renegotiate", ret );
+        return( ret );
+    }
+#endif
+
+    if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
+    {
+        ret = mbedtls_ssl_handshake( ssl );
+        if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO &&
+            ret != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret );
+            return( ret );
+        }
+    }
+
+    /*
+     * TODO
+     *
+     * The logic should be streamlined here:
+     *
+     * Instead of
+     *
+     * - Manually checking whether ssl->in_offt is NULL
+     * - Fetching a new record if yes
+     * - Setting ssl->in_offt if one finds an application record
+     * - Resetting keep_current_message after handling the application data
+     *
+     * one should
+     *
+     * - Adapt read_record to set ssl->in_offt automatically
+     *   when a new application data record is processed.
+     * - Always call mbedtls_ssl_read_record here.
+     *
+     * This way, the logic of ssl_read would be much clearer:
+     *
+     * (1) Always call record layer and see what kind of record is on
+     *     and have it ready for consumption (in particular, in_offt
+     *     properly set for application data records).
+     * (2) If it's application data (either freshly fetched
+     *     or something already being partially processed),
+     *     serve the read request from it.
+     * (3) If it's something different from application data,
+     *     handle it accordingly, e.g. potentially start a
+     *     renegotiation.
+     *
+     * This will also remove the need to manually reset
+     * ssl->keep_current_message = 0 below.
+     *
+     */
+
+    if( ssl->in_offt == NULL )
+    {
+        /* Start timer if not already running */
+        if( ssl->f_get_timer != NULL &&
+            ssl->f_get_timer( ssl->p_timer ) == -1 )
+        {
+            ssl_set_timer( ssl, ssl->conf->read_timeout );
+        }
+
+        if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
+        {
+            if( ret == MBEDTLS_ERR_SSL_CONN_EOF )
+                return( 0 );
+
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
+            return( ret );
+        }
+
+        if( ssl->in_msglen  == 0 &&
+            ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA )
+        {
+            /*
+             * OpenSSL sends empty messages to randomize the IV
+             */
+            if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
+            {
+                if( ret == MBEDTLS_ERR_SSL_CONN_EOF )
+                    return( 0 );
+
+                MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
+                return( ret );
+            }
+        }
+
+        if( ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "received handshake message" ) );
+
+            /*
+             * - For client-side, expect SERVER_HELLO_REQUEST.
+             * - For server-side, expect CLIENT_HELLO.
+             * - Fail (TLS) or silently drop record (DTLS) in other cases.
+             */
+
+#if defined(MBEDTLS_SSL_CLI_C)
+            if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT &&
+                ( ssl->in_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST ||
+                  ssl->in_hslen  != mbedtls_ssl_hs_hdr_len( ssl ) ) )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake received (not HelloRequest)" ) );
+
+                /* With DTLS, drop the packet (probably from last handshake) */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+                if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+                    return( MBEDTLS_ERR_SSL_WANT_READ );
+#endif
+                return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
+            }
+#endif /* MBEDTLS_SSL_CLI_C */
+
+#if defined(MBEDTLS_SSL_SRV_C)
+            if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
+                ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_HELLO )
+            {
+                MBEDTLS_SSL_DEBUG_MSG( 1, ( "handshake received (not ClientHello)" ) );
+
+                /* With DTLS, drop the packet (probably from last handshake) */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+                if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+                    return( MBEDTLS_ERR_SSL_WANT_READ );
+#endif
+                return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
+            }
+#endif /* MBEDTLS_SSL_SRV_C */
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+            /* Determine whether renegotiation attempt should be accepted */
+            if( ! ( ssl->conf->disable_renegotiation == MBEDTLS_SSL_RENEGOTIATION_DISABLED ||
+                    ( ssl->secure_renegotiation == MBEDTLS_SSL_LEGACY_RENEGOTIATION &&
+                      ssl->conf->allow_legacy_renegotiation ==
+                                                   MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION ) ) )
+            {
+                /*
+                 * Accept renegotiation request
+                 */
+
+                /* DTLS clients need to know renego is server-initiated */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+                if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+                    ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
+                {
+                    ssl->renego_status = MBEDTLS_SSL_RENEGOTIATION_PENDING;
+                }
+#endif
+                ret = ssl_start_renegotiation( ssl );
+                if( ret != MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO &&
+                    ret != 0 )
+                {
+                    MBEDTLS_SSL_DEBUG_RET( 1, "ssl_start_renegotiation", ret );
+                    return( ret );
+                }
+            }
+            else
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+            {
+                /*
+                 * Refuse renegotiation
+                 */
+
+                MBEDTLS_SSL_DEBUG_MSG( 3, ( "refusing renegotiation, sending alert" ) );
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+                if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 )
+                {
+                    /* SSLv3 does not have a "no_renegotiation" warning, so
+                       we send a fatal alert and abort the connection. */
+                    mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                                    MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE );
+                    return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
+                }
+                else
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2)
+                if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 )
+                {
+                    if( ( ret = mbedtls_ssl_send_alert_message( ssl,
+                                    MBEDTLS_SSL_ALERT_LEVEL_WARNING,
+                                    MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION ) ) != 0 )
+                    {
+                        return( ret );
+                    }
+                }
+                else
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 ||
+          MBEDTLS_SSL_PROTO_TLS1_2 */
+                {
+                    MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+                    return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+                }
+            }
+
+            return( MBEDTLS_ERR_SSL_WANT_READ );
+        }
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+        else if( ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING )
+        {
+            if( ssl->conf->renego_max_records >= 0 )
+            {
+                if( ++ssl->renego_records_seen > ssl->conf->renego_max_records )
+                {
+                    MBEDTLS_SSL_DEBUG_MSG( 1, ( "renegotiation requested, "
+                                        "but not honored by client" ) );
+                    return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
+                }
+            }
+        }
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+
+        /* Fatal and closure alerts handled by mbedtls_ssl_read_record() */
+        if( ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 2, ( "ignoring non-fatal non-closure alert" ) );
+            return( MBEDTLS_ERR_SSL_WANT_READ );
+        }
+
+        if( ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad application data message" ) );
+            return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
+        }
+
+        ssl->in_offt = ssl->in_msg;
+
+        /* We're going to return something now, cancel timer,
+         * except if handshake (renegotiation) is in progress */
+        if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER )
+            ssl_set_timer( ssl, 0 );
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+        /* If we requested renego but received AppData, resend HelloRequest.
+         * Do it now, after setting in_offt, to avoid taking this branch
+         * again if ssl_write_hello_request() returns WANT_WRITE */
+#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_RENEGOTIATION)
+        if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER &&
+            ssl->renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING )
+        {
+            if( ( ret = ssl_resend_hello_request( ssl ) ) != 0 )
+            {
+                MBEDTLS_SSL_DEBUG_RET( 1, "ssl_resend_hello_request", ret );
+                return( ret );
+            }
+        }
+#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_RENEGOTIATION */
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+    }
+
+    n = ( len < ssl->in_msglen )
+        ? len : ssl->in_msglen;
+
+    memcpy( buf, ssl->in_offt, n );
+    ssl->in_msglen -= n;
+
+    if( ssl->in_msglen == 0 )
+    {
+        /* all bytes consumed */
+        ssl->in_offt = NULL;
+        ssl->keep_current_message = 0;
+    }
+    else
+    {
+        /* more data available */
+        ssl->in_offt += n;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= read" ) );
+
+    return( (int) n );
+}
+
+/*
+ * Send application data to be encrypted by the SSL layer,
+ * taking care of max fragment length and buffer size
+ */
+static int ssl_write_real( mbedtls_ssl_context *ssl,
+                           const unsigned char *buf, size_t len )
+{
+    int ret;
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    size_t max_len = mbedtls_ssl_get_max_frag_len( ssl );
+#else
+    size_t max_len = MBEDTLS_SSL_MAX_CONTENT_LEN;
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+    if( len > max_len )
+    {
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+        if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "fragment larger than the (negotiated) "
+                                "maximum fragment length: %d > %d",
+                                len, max_len ) );
+            return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+        }
+        else
+#endif
+            len = max_len;
+    }
+
+    if( ssl->out_left != 0 )
+    {
+        if( ( ret = mbedtls_ssl_flush_output( ssl ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flush_output", ret );
+            return( ret );
+        }
+    }
+    else
+    {
+        ssl->out_msglen  = len;
+        ssl->out_msgtype = MBEDTLS_SSL_MSG_APPLICATION_DATA;
+        memcpy( ssl->out_msg, buf, len );
+
+        if( ( ret = mbedtls_ssl_write_record( ssl ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+            return( ret );
+        }
+    }
+
+    return( (int) len );
+}
+
+/*
+ * Write application data, doing 1/n-1 splitting if necessary.
+ *
+ * With non-blocking I/O, ssl_write_real() may return WANT_WRITE,
+ * then the caller will call us again with the same arguments, so
+ * remember whether we already did the split or not.
+ */
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+static int ssl_write_split( mbedtls_ssl_context *ssl,
+                            const unsigned char *buf, size_t len )
+{
+    int ret;
+
+    if( ssl->conf->cbc_record_splitting ==
+            MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED ||
+        len <= 1 ||
+        ssl->minor_ver > MBEDTLS_SSL_MINOR_VERSION_1 ||
+        mbedtls_cipher_get_cipher_mode( &ssl->transform_out->cipher_ctx_enc )
+                                != MBEDTLS_MODE_CBC )
+    {
+        return( ssl_write_real( ssl, buf, len ) );
+    }
+
+    if( ssl->split_done == 0 )
+    {
+        if( ( ret = ssl_write_real( ssl, buf, 1 ) ) <= 0 )
+            return( ret );
+        ssl->split_done = 1;
+    }
+
+    if( ( ret = ssl_write_real( ssl, buf + 1, len - 1 ) ) <= 0 )
+        return( ret );
+    ssl->split_done = 0;
+
+    return( ret + 1 );
+}
+#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */
+
+/*
+ * Write application data (public-facing wrapper)
+ */
+int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len )
+{
+    int ret;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write" ) );
+
+    if( ssl == NULL || ssl->conf == NULL )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    if( ( ret = ssl_check_ctr_renegotiate( ssl ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "ssl_check_ctr_renegotiate", ret );
+        return( ret );
+    }
+#endif
+
+    if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
+    {
+        if( ( ret = mbedtls_ssl_handshake( ssl ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_handshake", ret );
+            return( ret );
+        }
+    }
+
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+    ret = ssl_write_split( ssl, buf, len );
+#else
+    ret = ssl_write_real( ssl, buf, len );
+#endif
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write" ) );
+
+    return( ret );
+}
+
+/*
+ * Notify the peer that the connection is being closed
+ */
+int mbedtls_ssl_close_notify( mbedtls_ssl_context *ssl )
+{
+    int ret;
+
+    if( ssl == NULL || ssl->conf == NULL )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write close notify" ) );
+
+    if( ssl->out_left != 0 )
+        return( mbedtls_ssl_flush_output( ssl ) );
+
+    if( ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER )
+    {
+        if( ( ret = mbedtls_ssl_send_alert_message( ssl,
+                        MBEDTLS_SSL_ALERT_LEVEL_WARNING,
+                        MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY ) ) != 0 )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_send_alert_message", ret );
+            return( ret );
+        }
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write close notify" ) );
+
+    return( 0 );
+}
+
+void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform )
+{
+    if( transform == NULL )
+        return;
+
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    deflateEnd( &transform->ctx_deflate );
+    inflateEnd( &transform->ctx_inflate );
+#endif
+
+    mbedtls_cipher_free( &transform->cipher_ctx_enc );
+    mbedtls_cipher_free( &transform->cipher_ctx_dec );
+
+    mbedtls_md_free( &transform->md_ctx_enc );
+    mbedtls_md_free( &transform->md_ctx_dec );
+
+    mbedtls_zeroize( transform, sizeof( mbedtls_ssl_transform ) );
+}
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+static void ssl_key_cert_free( mbedtls_ssl_key_cert *key_cert )
+{
+    mbedtls_ssl_key_cert *cur = key_cert, *next;
+
+    while( cur != NULL )
+    {
+        next = cur->next;
+        mbedtls_free( cur );
+        cur = next;
+    }
+}
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+void mbedtls_ssl_handshake_free( mbedtls_ssl_handshake_params *handshake )
+{
+    if( handshake == NULL )
+        return;
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+    mbedtls_md5_free(    &handshake->fin_md5  );
+    mbedtls_sha1_free(   &handshake->fin_sha1 );
+#endif
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+#if defined(MBEDTLS_SHA256_C)
+    mbedtls_sha256_free(   &handshake->fin_sha256    );
+#endif
+#if defined(MBEDTLS_SHA512_C)
+    mbedtls_sha512_free(   &handshake->fin_sha512    );
+#endif
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+
+#if defined(MBEDTLS_DHM_C)
+    mbedtls_dhm_free( &handshake->dhm_ctx );
+#endif
+#if defined(MBEDTLS_ECDH_C)
+    mbedtls_ecdh_free( &handshake->ecdh_ctx );
+#endif
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    mbedtls_ecjpake_free( &handshake->ecjpake_ctx );
+#if defined(MBEDTLS_SSL_CLI_C)
+    mbedtls_free( handshake->ecjpake_cache );
+    handshake->ecjpake_cache = NULL;
+    handshake->ecjpake_cache_len = 0;
+#endif
+#endif
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    /* explicit void pointer cast for buggy MS compiler */
+    mbedtls_free( (void *) handshake->curves );
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+    if( handshake->psk != NULL )
+    {
+        mbedtls_zeroize( handshake->psk, handshake->psk_len );
+        mbedtls_free( handshake->psk );
+    }
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
+    defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    /*
+     * Free only the linked list wrapper, not the keys themselves
+     * since the belong to the SNI callback
+     */
+    if( handshake->sni_key_cert != NULL )
+    {
+        mbedtls_ssl_key_cert *cur = handshake->sni_key_cert, *next;
+
+        while( cur != NULL )
+        {
+            next = cur->next;
+            mbedtls_free( cur );
+            cur = next;
+        }
+    }
+#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_SERVER_NAME_INDICATION */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    mbedtls_free( handshake->verify_cookie );
+    mbedtls_free( handshake->hs_msg );
+    ssl_flight_free( handshake->flight );
+#endif
+
+    mbedtls_zeroize( handshake, sizeof( mbedtls_ssl_handshake_params ) );
+}
+
+void mbedtls_ssl_session_free( mbedtls_ssl_session *session )
+{
+    if( session == NULL )
+        return;
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    if( session->peer_cert != NULL )
+    {
+        mbedtls_x509_crt_free( session->peer_cert );
+        mbedtls_free( session->peer_cert );
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
+    mbedtls_free( session->ticket );
+#endif
+
+    mbedtls_zeroize( session, sizeof( mbedtls_ssl_session ) );
+}
+
+/*
+ * Free an SSL context
+ */
+void mbedtls_ssl_free( mbedtls_ssl_context *ssl )
+{
+    if( ssl == NULL )
+        return;
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> free" ) );
+
+    if( ssl->out_buf != NULL )
+    {
+        mbedtls_zeroize( ssl->out_buf, MBEDTLS_SSL_BUFFER_LEN );
+        mbedtls_free( ssl->out_buf );
+    }
+
+    if( ssl->in_buf != NULL )
+    {
+        mbedtls_zeroize( ssl->in_buf, MBEDTLS_SSL_BUFFER_LEN );
+        mbedtls_free( ssl->in_buf );
+    }
+
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    if( ssl->compress_buf != NULL )
+    {
+        mbedtls_zeroize( ssl->compress_buf, MBEDTLS_SSL_BUFFER_LEN );
+        mbedtls_free( ssl->compress_buf );
+    }
+#endif
+
+    if( ssl->transform )
+    {
+        mbedtls_ssl_transform_free( ssl->transform );
+        mbedtls_free( ssl->transform );
+    }
+
+    if( ssl->handshake )
+    {
+        mbedtls_ssl_handshake_free( ssl->handshake );
+        mbedtls_ssl_transform_free( ssl->transform_negotiate );
+        mbedtls_ssl_session_free( ssl->session_negotiate );
+
+        mbedtls_free( ssl->handshake );
+        mbedtls_free( ssl->transform_negotiate );
+        mbedtls_free( ssl->session_negotiate );
+    }
+
+    if( ssl->session )
+    {
+        mbedtls_ssl_session_free( ssl->session );
+        mbedtls_free( ssl->session );
+    }
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    if( ssl->hostname != NULL )
+    {
+        mbedtls_zeroize( ssl->hostname, strlen( ssl->hostname ) );
+        mbedtls_free( ssl->hostname );
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+    if( mbedtls_ssl_hw_record_finish != NULL )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 2, ( "going for mbedtls_ssl_hw_record_finish()" ) );
+        mbedtls_ssl_hw_record_finish( ssl );
+    }
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
+    mbedtls_free( ssl->cli_id );
+#endif
+
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= free" ) );
+
+    /* Actually clear after last debug message */
+    mbedtls_zeroize( ssl, sizeof( mbedtls_ssl_context ) );
+}
+
+/*
+ * Initialze mbedtls_ssl_config
+ */
+void mbedtls_ssl_config_init( mbedtls_ssl_config *conf )
+{
+    memset( conf, 0, sizeof( mbedtls_ssl_config ) );
+}
+
+#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
+static int ssl_preset_default_hashes[] = {
+#if defined(MBEDTLS_SHA512_C)
+    MBEDTLS_MD_SHA512,
+    MBEDTLS_MD_SHA384,
+#endif
+#if defined(MBEDTLS_SHA256_C)
+    MBEDTLS_MD_SHA256,
+    MBEDTLS_MD_SHA224,
+#endif
+#if defined(MBEDTLS_SHA1_C) && defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE)
+    MBEDTLS_MD_SHA1,
+#endif
+    MBEDTLS_MD_NONE
+};
+#endif
+
+static int ssl_preset_suiteb_ciphersuites[] = {
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+    0
+};
+
+#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
+static int ssl_preset_suiteb_hashes[] = {
+    MBEDTLS_MD_SHA256,
+    MBEDTLS_MD_SHA384,
+    MBEDTLS_MD_NONE
+};
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+static mbedtls_ecp_group_id ssl_preset_suiteb_curves[] = {
+    MBEDTLS_ECP_DP_SECP256R1,
+    MBEDTLS_ECP_DP_SECP384R1,
+    MBEDTLS_ECP_DP_NONE
+};
+#endif
+
+/*
+ * Load default in mbedtls_ssl_config
+ */
+int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
+                                 int endpoint, int transport, int preset )
+{
+#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
+    int ret;
+#endif
+
+    /* Use the functions here so that they are covered in tests,
+     * but otherwise access member directly for efficiency */
+    mbedtls_ssl_conf_endpoint( conf, endpoint );
+    mbedtls_ssl_conf_transport( conf, transport );
+
+    /*
+     * Things that are common to all presets
+     */
+#if defined(MBEDTLS_SSL_CLI_C)
+    if( endpoint == MBEDTLS_SSL_IS_CLIENT )
+    {
+        conf->authmode = MBEDTLS_SSL_VERIFY_REQUIRED;
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+        conf->session_tickets = MBEDTLS_SSL_SESSION_TICKETS_ENABLED;
+#endif
+    }
+#endif
+
+#if defined(MBEDTLS_ARC4_C)
+    conf->arc4_disabled = MBEDTLS_SSL_ARC4_DISABLED;
+#endif
+
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    conf->encrypt_then_mac = MBEDTLS_SSL_ETM_ENABLED;
+#endif
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+    conf->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED;
+#endif
+
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+    conf->cbc_record_splitting = MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED;
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
+    conf->f_cookie_write = ssl_cookie_write_dummy;
+    conf->f_cookie_check = ssl_cookie_check_dummy;
+#endif
+
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+    conf->anti_replay = MBEDTLS_SSL_ANTI_REPLAY_ENABLED;
+#endif
+
+#if defined(MBEDTLS_SSL_SRV_C)
+    conf->cert_req_ca_list = MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED;
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    conf->hs_timeout_min = MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MIN;
+    conf->hs_timeout_max = MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MAX;
+#endif
+
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    conf->renego_max_records = MBEDTLS_SSL_RENEGO_MAX_RECORDS_DEFAULT;
+    memset( conf->renego_period,     0x00, 2 );
+    memset( conf->renego_period + 2, 0xFF, 6 );
+#endif
+
+#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
+            if( endpoint == MBEDTLS_SSL_IS_SERVER )
+            {
+                const unsigned char dhm_p[] =
+                    MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN;
+                const unsigned char dhm_g[] =
+                    MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN;
+
+                if ( ( ret = mbedtls_ssl_conf_dh_param_bin( conf,
+                                               dhm_p, sizeof( dhm_p ),
+                                               dhm_g, sizeof( dhm_g ) ) ) != 0 )
+                {
+                    return( ret );
+                }
+            }
+#endif
+
+    /*
+     * Preset-specific defaults
+     */
+    switch( preset )
+    {
+        /*
+         * NSA Suite B
+         */
+        case MBEDTLS_SSL_PRESET_SUITEB:
+            conf->min_major_ver = MBEDTLS_SSL_MAJOR_VERSION_3;
+            conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_3; /* TLS 1.2 */
+            conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION;
+            conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION;
+
+            conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] =
+            conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] =
+            conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] =
+            conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] =
+                                   ssl_preset_suiteb_ciphersuites;
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+            conf->cert_profile = &mbedtls_x509_crt_profile_suiteb;
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
+            conf->sig_hashes = ssl_preset_suiteb_hashes;
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+            conf->curve_list = ssl_preset_suiteb_curves;
+#endif
+            break;
+
+        /*
+         * Default
+         */
+        default:
+            conf->min_major_ver = MBEDTLS_SSL_MAJOR_VERSION_3;
+            conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_1; /* TLS 1.0 */
+            conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION;
+            conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION;
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+            if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+                conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_2;
+#endif
+
+            conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] =
+            conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] =
+            conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] =
+            conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] =
+                                   mbedtls_ssl_list_ciphersuites();
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+            conf->cert_profile = &mbedtls_x509_crt_profile_default;
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
+            conf->sig_hashes = ssl_preset_default_hashes;
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+            conf->curve_list = mbedtls_ecp_grp_id_list();
+#endif
+
+#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
+            conf->dhm_min_bitlen = 1024;
+#endif
+    }
+
+    return( 0 );
+}
+
+/*
+ * Free mbedtls_ssl_config
+ */
+void mbedtls_ssl_config_free( mbedtls_ssl_config *conf )
+{
+#if defined(MBEDTLS_DHM_C)
+    mbedtls_mpi_free( &conf->dhm_P );
+    mbedtls_mpi_free( &conf->dhm_G );
+#endif
+
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+    if( conf->psk != NULL )
+    {
+        mbedtls_zeroize( conf->psk, conf->psk_len );
+        mbedtls_zeroize( conf->psk_identity, conf->psk_identity_len );
+        mbedtls_free( conf->psk );
+        mbedtls_free( conf->psk_identity );
+        conf->psk_len = 0;
+        conf->psk_identity_len = 0;
+    }
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    ssl_key_cert_free( conf->key_cert );
+#endif
+
+    mbedtls_zeroize( conf, sizeof( mbedtls_ssl_config ) );
+}
+
+#if defined(MBEDTLS_PK_C) && \
+    ( defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECDSA_C) )
+/*
+ * Convert between MBEDTLS_PK_XXX and SSL_SIG_XXX
+ */
+unsigned char mbedtls_ssl_sig_from_pk( mbedtls_pk_context *pk )
+{
+#if defined(MBEDTLS_RSA_C)
+    if( mbedtls_pk_can_do( pk, MBEDTLS_PK_RSA ) )
+        return( MBEDTLS_SSL_SIG_RSA );
+#endif
+#if defined(MBEDTLS_ECDSA_C)
+    if( mbedtls_pk_can_do( pk, MBEDTLS_PK_ECDSA ) )
+        return( MBEDTLS_SSL_SIG_ECDSA );
+#endif
+    return( MBEDTLS_SSL_SIG_ANON );
+}
+
+unsigned char mbedtls_ssl_sig_from_pk_alg( mbedtls_pk_type_t type )
+{
+    switch( type ) {
+        case MBEDTLS_PK_RSA:
+            return( MBEDTLS_SSL_SIG_RSA );
+        case MBEDTLS_PK_ECDSA:
+        case MBEDTLS_PK_ECKEY:
+            return( MBEDTLS_SSL_SIG_ECDSA );
+        default:
+            return( MBEDTLS_SSL_SIG_ANON );
+    }
+}
+
+mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig )
+{
+    switch( sig )
+    {
+#if defined(MBEDTLS_RSA_C)
+        case MBEDTLS_SSL_SIG_RSA:
+            return( MBEDTLS_PK_RSA );
+#endif
+#if defined(MBEDTLS_ECDSA_C)
+        case MBEDTLS_SSL_SIG_ECDSA:
+            return( MBEDTLS_PK_ECDSA );
+#endif
+        default:
+            return( MBEDTLS_PK_NONE );
+    }
+}
+#endif /* MBEDTLS_PK_C && ( MBEDTLS_RSA_C || MBEDTLS_ECDSA_C ) */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
+    defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
+
+/* Find an entry in a signature-hash set matching a given hash algorithm. */
+mbedtls_md_type_t mbedtls_ssl_sig_hash_set_find( mbedtls_ssl_sig_hash_set_t *set,
+                                                 mbedtls_pk_type_t sig_alg )
+{
+    switch( sig_alg )
+    {
+        case MBEDTLS_PK_RSA:
+            return( set->rsa );
+        case MBEDTLS_PK_ECDSA:
+            return( set->ecdsa );
+        default:
+            return( MBEDTLS_MD_NONE );
+    }
+}
+
+/* Add a signature-hash-pair to a signature-hash set */
+void mbedtls_ssl_sig_hash_set_add( mbedtls_ssl_sig_hash_set_t *set,
+                                   mbedtls_pk_type_t sig_alg,
+                                   mbedtls_md_type_t md_alg )
+{
+    switch( sig_alg )
+    {
+        case MBEDTLS_PK_RSA:
+            if( set->rsa == MBEDTLS_MD_NONE )
+                set->rsa = md_alg;
+            break;
+
+        case MBEDTLS_PK_ECDSA:
+            if( set->ecdsa == MBEDTLS_MD_NONE )
+                set->ecdsa = md_alg;
+            break;
+
+        default:
+            break;
+    }
+}
+
+/* Allow exactly one hash algorithm for each signature. */
+void mbedtls_ssl_sig_hash_set_const_hash( mbedtls_ssl_sig_hash_set_t *set,
+                                          mbedtls_md_type_t md_alg )
+{
+    set->rsa   = md_alg;
+    set->ecdsa = md_alg;
+}
+
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2) &&
+          MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */
+
+/*
+ * Convert from MBEDTLS_SSL_HASH_XXX to MBEDTLS_MD_XXX
+ */
+mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash )
+{
+    switch( hash )
+    {
+#if defined(MBEDTLS_MD5_C)
+        case MBEDTLS_SSL_HASH_MD5:
+            return( MBEDTLS_MD_MD5 );
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        case MBEDTLS_SSL_HASH_SHA1:
+            return( MBEDTLS_MD_SHA1 );
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case MBEDTLS_SSL_HASH_SHA224:
+            return( MBEDTLS_MD_SHA224 );
+        case MBEDTLS_SSL_HASH_SHA256:
+            return( MBEDTLS_MD_SHA256 );
+#endif
+#if defined(MBEDTLS_SHA512_C)
+        case MBEDTLS_SSL_HASH_SHA384:
+            return( MBEDTLS_MD_SHA384 );
+        case MBEDTLS_SSL_HASH_SHA512:
+            return( MBEDTLS_MD_SHA512 );
+#endif
+        default:
+            return( MBEDTLS_MD_NONE );
+    }
+}
+
+/*
+ * Convert from MBEDTLS_MD_XXX to MBEDTLS_SSL_HASH_XXX
+ */
+unsigned char mbedtls_ssl_hash_from_md_alg( int md )
+{
+    switch( md )
+    {
+#if defined(MBEDTLS_MD5_C)
+        case MBEDTLS_MD_MD5:
+            return( MBEDTLS_SSL_HASH_MD5 );
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        case MBEDTLS_MD_SHA1:
+            return( MBEDTLS_SSL_HASH_SHA1 );
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case MBEDTLS_MD_SHA224:
+            return( MBEDTLS_SSL_HASH_SHA224 );
+        case MBEDTLS_MD_SHA256:
+            return( MBEDTLS_SSL_HASH_SHA256 );
+#endif
+#if defined(MBEDTLS_SHA512_C)
+        case MBEDTLS_MD_SHA384:
+            return( MBEDTLS_SSL_HASH_SHA384 );
+        case MBEDTLS_MD_SHA512:
+            return( MBEDTLS_SSL_HASH_SHA512 );
+#endif
+        default:
+            return( MBEDTLS_SSL_HASH_NONE );
+    }
+}
+
+#if defined(MBEDTLS_ECP_C)
+/*
+ * Check if a curve proposed by the peer is in our list.
+ * Return 0 if we're willing to use it, -1 otherwise.
+ */
+int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id )
+{
+    const mbedtls_ecp_group_id *gid;
+
+    if( ssl->conf->curve_list == NULL )
+        return( -1 );
+
+    for( gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++ )
+        if( *gid == grp_id )
+            return( 0 );
+
+    return( -1 );
+}
+#endif /* MBEDTLS_ECP_C */
+
+#if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
+/*
+ * Check if a hash proposed by the peer is in our list.
+ * Return 0 if we're willing to use it, -1 otherwise.
+ */
+int mbedtls_ssl_check_sig_hash( const mbedtls_ssl_context *ssl,
+                                mbedtls_md_type_t md )
+{
+    const int *cur;
+
+    if( ssl->conf->sig_hashes == NULL )
+        return( -1 );
+
+    for( cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++ )
+        if( *cur == (int) md )
+            return( 0 );
+
+    return( -1 );
+}
+#endif /* MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
+                          const mbedtls_ssl_ciphersuite_t *ciphersuite,
+                          int cert_endpoint,
+                          uint32_t *flags )
+{
+    int ret = 0;
+#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
+    int usage = 0;
+#endif
+#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
+    const char *ext_oid;
+    size_t ext_len;
+#endif
+
+#if !defined(MBEDTLS_X509_CHECK_KEY_USAGE) &&          \
+    !defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
+    ((void) cert);
+    ((void) cert_endpoint);
+    ((void) flags);
+#endif
+
+#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
+    if( cert_endpoint == MBEDTLS_SSL_IS_SERVER )
+    {
+        /* Server part of the key exchange */
+        switch( ciphersuite->key_exchange )
+        {
+            case MBEDTLS_KEY_EXCHANGE_RSA:
+            case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
+                usage = MBEDTLS_X509_KU_KEY_ENCIPHERMENT;
+                break;
+
+            case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
+            case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
+            case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
+                usage = MBEDTLS_X509_KU_DIGITAL_SIGNATURE;
+                break;
+
+            case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
+            case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
+                usage = MBEDTLS_X509_KU_KEY_AGREEMENT;
+                break;
+
+            /* Don't use default: we want warnings when adding new values */
+            case MBEDTLS_KEY_EXCHANGE_NONE:
+            case MBEDTLS_KEY_EXCHANGE_PSK:
+            case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
+            case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
+            case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
+                usage = 0;
+        }
+    }
+    else
+    {
+        /* Client auth: we only implement rsa_sign and mbedtls_ecdsa_sign for now */
+        usage = MBEDTLS_X509_KU_DIGITAL_SIGNATURE;
+    }
+
+    if( mbedtls_x509_crt_check_key_usage( cert, usage ) != 0 )
+    {
+        *flags |= MBEDTLS_X509_BADCERT_KEY_USAGE;
+        ret = -1;
+    }
+#else
+    ((void) ciphersuite);
+#endif /* MBEDTLS_X509_CHECK_KEY_USAGE */
+
+#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
+    if( cert_endpoint == MBEDTLS_SSL_IS_SERVER )
+    {
+        ext_oid = MBEDTLS_OID_SERVER_AUTH;
+        ext_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_SERVER_AUTH );
+    }
+    else
+    {
+        ext_oid = MBEDTLS_OID_CLIENT_AUTH;
+        ext_len = MBEDTLS_OID_SIZE( MBEDTLS_OID_CLIENT_AUTH );
+    }
+
+    if( mbedtls_x509_crt_check_extended_key_usage( cert, ext_oid, ext_len ) != 0 )
+    {
+        *flags |= MBEDTLS_X509_BADCERT_EXT_KEY_USAGE;
+        ret = -1;
+    }
+#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */
+
+    return( ret );
+}
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+
+/*
+ * Convert version numbers to/from wire format
+ * and, for DTLS, to/from TLS equivalent.
+ *
+ * For TLS this is the identity.
+ * For DTLS, use 1's complement (v -> 255 - v, and then map as follows:
+ * 1.0 <-> 3.2      (DTLS 1.0 is based on TLS 1.1)
+ * 1.x <-> 3.x+1    for x != 0 (DTLS 1.2 based on TLS 1.2)
+ */
+void mbedtls_ssl_write_version( int major, int minor, int transport,
+                        unsigned char ver[2] )
+{
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+    {
+        if( minor == MBEDTLS_SSL_MINOR_VERSION_2 )
+            --minor; /* DTLS 1.0 stored as TLS 1.1 internally */
+
+        ver[0] = (unsigned char)( 255 - ( major - 2 ) );
+        ver[1] = (unsigned char)( 255 - ( minor - 1 ) );
+    }
+    else
+#else
+    ((void) transport);
+#endif
+    {
+        ver[0] = (unsigned char) major;
+        ver[1] = (unsigned char) minor;
+    }
+}
+
+void mbedtls_ssl_read_version( int *major, int *minor, int transport,
+                       const unsigned char ver[2] )
+{
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+    {
+        *major = 255 - ver[0] + 2;
+        *minor = 255 - ver[1] + 1;
+
+        if( *minor == MBEDTLS_SSL_MINOR_VERSION_1 )
+            ++*minor; /* DTLS 1.0 stored as TLS 1.1 internally */
+    }
+    else
+#else
+    ((void) transport);
+#endif
+    {
+        *major = ver[0];
+        *minor = ver[1];
+    }
+}
+
+int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md )
+{
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 )
+        return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH;
+
+    switch( md )
+    {
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
+#if defined(MBEDTLS_MD5_C)
+        case MBEDTLS_SSL_HASH_MD5:
+            return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        case MBEDTLS_SSL_HASH_SHA1:
+            ssl->handshake->calc_verify = ssl_calc_verify_tls;
+            break;
+#endif
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */
+#if defined(MBEDTLS_SHA512_C)
+        case MBEDTLS_SSL_HASH_SHA384:
+            ssl->handshake->calc_verify = ssl_calc_verify_tls_sha384;
+            break;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case MBEDTLS_SSL_HASH_SHA256:
+            ssl->handshake->calc_verify = ssl_calc_verify_tls_sha256;
+            break;
+#endif
+        default:
+            return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH;
+    }
+
+    return 0;
+#else /* !MBEDTLS_SSL_PROTO_TLS1_2 */
+    (void) ssl;
+    (void) md;
+
+    return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH;
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+}
+
+#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_1)
+int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl,
+                                        unsigned char *output,
+                                        unsigned char *data, size_t data_len )
+{
+    int ret = 0;
+    mbedtls_md5_context mbedtls_md5;
+    mbedtls_sha1_context mbedtls_sha1;
+
+    mbedtls_md5_init( &mbedtls_md5 );
+    mbedtls_sha1_init( &mbedtls_sha1 );
+
+    /*
+     * digitally-signed struct {
+     *     opaque md5_hash[16];
+     *     opaque sha_hash[20];
+     * };
+     *
+     * md5_hash
+     *     MD5(ClientHello.random + ServerHello.random
+     *                            + ServerParams);
+     * sha_hash
+     *     SHA(ClientHello.random + ServerHello.random
+     *                            + ServerParams);
+     */
+    if( ( ret = mbedtls_md5_starts_ret( &mbedtls_md5 ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_starts_ret", ret );
+        goto exit;
+    }
+    if( ( ret = mbedtls_md5_update_ret( &mbedtls_md5,
+                                        ssl->handshake->randbytes, 64 ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_update_ret", ret );
+        goto exit;
+    }
+    if( ( ret = mbedtls_md5_update_ret( &mbedtls_md5, data, data_len ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_update_ret", ret );
+        goto exit;
+    }
+    if( ( ret = mbedtls_md5_finish_ret( &mbedtls_md5, output ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_finish_ret", ret );
+        goto exit;
+    }
+
+    if( ( ret = mbedtls_sha1_starts_ret( &mbedtls_sha1 ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_starts_ret", ret );
+        goto exit;
+    }
+    if( ( ret = mbedtls_sha1_update_ret( &mbedtls_sha1,
+                                         ssl->handshake->randbytes, 64 ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_update_ret", ret );
+        goto exit;
+    }
+    if( ( ret = mbedtls_sha1_update_ret( &mbedtls_sha1, data,
+                                         data_len ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_update_ret", ret );
+        goto exit;
+    }
+    if( ( ret = mbedtls_sha1_finish_ret( &mbedtls_sha1,
+                                         output + 16 ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_finish_ret", ret );
+        goto exit;
+    }
+
+exit:
+    mbedtls_md5_free( &mbedtls_md5 );
+    mbedtls_sha1_free( &mbedtls_sha1 );
+
+    if( ret != 0 )
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
+
+    return( ret );
+
+}
+#endif /* MBEDTLS_SSL_PROTO_SSL3 || MBEDTLS_SSL_PROTO_TLS1 || \
+          MBEDTLS_SSL_PROTO_TLS1_1 */
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \
+    defined(MBEDTLS_SSL_PROTO_TLS1_2)
+int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl,
+                                       unsigned char *output,
+                                       unsigned char *data, size_t data_len,
+                                       mbedtls_md_type_t md_alg )
+{
+    int ret = 0;
+    mbedtls_md_context_t ctx;
+    const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg );
+
+    mbedtls_md_init( &ctx );
+
+    /*
+     * digitally-signed struct {
+     *     opaque client_random[32];
+     *     opaque server_random[32];
+     *     ServerDHParams params;
+     * };
+     */
+    if( ( ret = mbedtls_md_setup( &ctx, md_info, 0 ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_setup", ret );
+        goto exit;
+    }
+    if( ( ret = mbedtls_md_starts( &ctx ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_starts", ret );
+        goto exit;
+    }
+    if( ( ret = mbedtls_md_update( &ctx, ssl->handshake->randbytes, 64 ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_update", ret );
+        goto exit;
+    }
+    if( ( ret = mbedtls_md_update( &ctx, data, data_len ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_update", ret );
+        goto exit;
+    }
+    if( ( ret = mbedtls_md_finish( &ctx, output ) ) != 0 )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md_finish", ret );
+        goto exit;
+    }
+
+exit:
+    mbedtls_md_free( &ctx );
+
+    if( ret != 0 )
+        mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+                                        MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
+
+    return( ret );
+}
+#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \
+          MBEDTLS_SSL_PROTO_TLS1_2 */
+
+#endif /* MBEDTLS_SSL_TLS_C */
diff --git a/thirdparty/mbedtls/library/threading.c b/thirdparty/mbedtls/library/threading.c
new file mode 100644
index 0000000000..07586756f2
--- /dev/null
+++ b/thirdparty/mbedtls/library/threading.c
@@ -0,0 +1,137 @@
+/*
+ *  Threading abstraction layer
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_THREADING_C)
+
+#include "mbedtls/threading.h"
+
+#if defined(MBEDTLS_THREADING_PTHREAD)
+static void threading_mutex_init_pthread( mbedtls_threading_mutex_t *mutex )
+{
+    if( mutex == NULL )
+        return;
+
+    mutex->is_valid = pthread_mutex_init( &mutex->mutex, NULL ) == 0;
+}
+
+static void threading_mutex_free_pthread( mbedtls_threading_mutex_t *mutex )
+{
+    if( mutex == NULL || !mutex->is_valid )
+        return;
+
+    (void) pthread_mutex_destroy( &mutex->mutex );
+    mutex->is_valid = 0;
+}
+
+static int threading_mutex_lock_pthread( mbedtls_threading_mutex_t *mutex )
+{
+    if( mutex == NULL || ! mutex->is_valid )
+        return( MBEDTLS_ERR_THREADING_BAD_INPUT_DATA );
+
+    if( pthread_mutex_lock( &mutex->mutex ) != 0 )
+        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
+
+    return( 0 );
+}
+
+static int threading_mutex_unlock_pthread( mbedtls_threading_mutex_t *mutex )
+{
+    if( mutex == NULL || ! mutex->is_valid )
+        return( MBEDTLS_ERR_THREADING_BAD_INPUT_DATA );
+
+    if( pthread_mutex_unlock( &mutex->mutex ) != 0 )
+        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
+
+    return( 0 );
+}
+
+void (*mbedtls_mutex_init)( mbedtls_threading_mutex_t * ) = threading_mutex_init_pthread;
+void (*mbedtls_mutex_free)( mbedtls_threading_mutex_t * ) = threading_mutex_free_pthread;
+int (*mbedtls_mutex_lock)( mbedtls_threading_mutex_t * ) = threading_mutex_lock_pthread;
+int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t * ) = threading_mutex_unlock_pthread;
+
+/*
+ * With phtreads we can statically initialize mutexes
+ */
+#define MUTEX_INIT  = { PTHREAD_MUTEX_INITIALIZER, 1 }
+
+#endif /* MBEDTLS_THREADING_PTHREAD */
+
+#if defined(MBEDTLS_THREADING_ALT)
+static int threading_mutex_fail( mbedtls_threading_mutex_t *mutex )
+{
+    ((void) mutex );
+    return( MBEDTLS_ERR_THREADING_BAD_INPUT_DATA );
+}
+static void threading_mutex_dummy( mbedtls_threading_mutex_t *mutex )
+{
+    ((void) mutex );
+    return;
+}
+
+void (*mbedtls_mutex_init)( mbedtls_threading_mutex_t * ) = threading_mutex_dummy;
+void (*mbedtls_mutex_free)( mbedtls_threading_mutex_t * ) = threading_mutex_dummy;
+int (*mbedtls_mutex_lock)( mbedtls_threading_mutex_t * ) = threading_mutex_fail;
+int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t * ) = threading_mutex_fail;
+
+/*
+ * Set functions pointers and initialize global mutexes
+ */
+void mbedtls_threading_set_alt( void (*mutex_init)( mbedtls_threading_mutex_t * ),
+                       void (*mutex_free)( mbedtls_threading_mutex_t * ),
+                       int (*mutex_lock)( mbedtls_threading_mutex_t * ),
+                       int (*mutex_unlock)( mbedtls_threading_mutex_t * ) )
+{
+    mbedtls_mutex_init = mutex_init;
+    mbedtls_mutex_free = mutex_free;
+    mbedtls_mutex_lock = mutex_lock;
+    mbedtls_mutex_unlock = mutex_unlock;
+
+    mbedtls_mutex_init( &mbedtls_threading_readdir_mutex );
+    mbedtls_mutex_init( &mbedtls_threading_gmtime_mutex );
+}
+
+/*
+ * Free global mutexes
+ */
+void mbedtls_threading_free_alt( void )
+{
+    mbedtls_mutex_free( &mbedtls_threading_readdir_mutex );
+    mbedtls_mutex_free( &mbedtls_threading_gmtime_mutex );
+}
+#endif /* MBEDTLS_THREADING_ALT */
+
+/*
+ * Define global mutexes
+ */
+#ifndef MUTEX_INIT
+#define MUTEX_INIT
+#endif
+mbedtls_threading_mutex_t mbedtls_threading_readdir_mutex MUTEX_INIT;
+mbedtls_threading_mutex_t mbedtls_threading_gmtime_mutex MUTEX_INIT;
+
+#endif /* MBEDTLS_THREADING_C */
diff --git a/thirdparty/mbedtls/library/timing.c b/thirdparty/mbedtls/library/timing.c
new file mode 100644
index 0000000000..35d6d89e2b
--- /dev/null
+++ b/thirdparty/mbedtls/library/timing.c
@@ -0,0 +1,536 @@
+/*
+ *  Portable interface to the CPU cycle counter
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf     printf
+#endif
+
+#if defined(MBEDTLS_TIMING_C)
+
+#include "mbedtls/timing.h"
+
+#if !defined(MBEDTLS_TIMING_ALT)
+
+#if !defined(unix) && !defined(__unix__) && !defined(__unix) && \
+    !defined(__APPLE__) && !defined(_WIN32)
+#error "This module only works on Unix and Windows, see MBEDTLS_TIMING_C in config.h"
+#endif
+
+#ifndef asm
+#define asm __asm
+#endif
+
+#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+
+#include <windows.h>
+#include <winbase.h>
+
+struct _hr_time
+{
+    LARGE_INTEGER start;
+};
+
+#else
+
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/time.h>
+#include <signal.h>
+#include <time.h>
+
+struct _hr_time
+{
+    struct timeval start;
+};
+
+#endif /* _WIN32 && !EFIX64 && !EFI32 */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
+    ( defined(_MSC_VER) && defined(_M_IX86) ) || defined(__WATCOMC__)
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock( void )
+{
+    unsigned long tsc;
+    __asm   rdtsc
+    __asm   mov  [tsc], eax
+    return( tsc );
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          ( _MSC_VER && _M_IX86 ) || __WATCOMC__ */
+
+/* some versions of mingw-64 have 32-bit longs even on x84_64 */
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
+    defined(__GNUC__) && ( defined(__i386__) || (                       \
+    ( defined(__amd64__) || defined( __x86_64__) ) && __SIZEOF_LONG__ == 4 ) )
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock( void )
+{
+    unsigned long lo, hi;
+    asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) );
+    return( lo );
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          __GNUC__ && __i386__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
+    defined(__GNUC__) && ( defined(__amd64__) || defined(__x86_64__) )
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock( void )
+{
+    unsigned long lo, hi;
+    asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) );
+    return( lo | ( hi << 32 ) );
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          __GNUC__ && ( __amd64__ || __x86_64__ ) */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
+    defined(__GNUC__) && ( defined(__powerpc__) || defined(__ppc__) )
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock( void )
+{
+    unsigned long tbl, tbu0, tbu1;
+
+    do
+    {
+        asm volatile( "mftbu %0" : "=r" (tbu0) );
+        asm volatile( "mftb  %0" : "=r" (tbl ) );
+        asm volatile( "mftbu %0" : "=r" (tbu1) );
+    }
+    while( tbu0 != tbu1 );
+
+    return( tbl );
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          __GNUC__ && ( __powerpc__ || __ppc__ ) */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
+    defined(__GNUC__) && defined(__sparc64__)
+
+#if defined(__OpenBSD__)
+#warning OpenBSD does not allow access to tick register using software version instead
+#else
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock( void )
+{
+    unsigned long tick;
+    asm volatile( "rdpr %%tick, %0;" : "=&r" (tick) );
+    return( tick );
+}
+#endif /* __OpenBSD__ */
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          __GNUC__ && __sparc64__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&  \
+    defined(__GNUC__) && defined(__sparc__) && !defined(__sparc64__)
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock( void )
+{
+    unsigned long tick;
+    asm volatile( ".byte 0x83, 0x41, 0x00, 0x00" );
+    asm volatile( "mov   %%g1, %0" : "=r" (tick) );
+    return( tick );
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          __GNUC__ && __sparc__ && !__sparc64__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&      \
+    defined(__GNUC__) && defined(__alpha__)
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock( void )
+{
+    unsigned long cc;
+    asm volatile( "rpcc %0" : "=r" (cc) );
+    return( cc & 0xFFFFFFFF );
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          __GNUC__ && __alpha__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) &&      \
+    defined(__GNUC__) && defined(__ia64__)
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock( void )
+{
+    unsigned long itc;
+    asm volatile( "mov %0 = ar.itc" : "=r" (itc) );
+    return( itc );
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+          __GNUC__ && __ia64__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(_MSC_VER) && \
+    !defined(EFIX64) && !defined(EFI32)
+
+#define HAVE_HARDCLOCK
+
+unsigned long mbedtls_timing_hardclock( void )
+{
+    LARGE_INTEGER offset;
+
+    QueryPerformanceCounter( &offset );
+
+    return( (unsigned long)( offset.QuadPart ) );
+}
+#endif /* !HAVE_HARDCLOCK && _MSC_VER && !EFIX64 && !EFI32 */
+
+#if !defined(HAVE_HARDCLOCK)
+
+#define HAVE_HARDCLOCK
+
+static int hardclock_init = 0;
+static struct timeval tv_init;
+
+unsigned long mbedtls_timing_hardclock( void )
+{
+    struct timeval tv_cur;
+
+    if( hardclock_init == 0 )
+    {
+        gettimeofday( &tv_init, NULL );
+        hardclock_init = 1;
+    }
+
+    gettimeofday( &tv_cur, NULL );
+    return( ( tv_cur.tv_sec  - tv_init.tv_sec  ) * 1000000
+          + ( tv_cur.tv_usec - tv_init.tv_usec ) );
+}
+#endif /* !HAVE_HARDCLOCK */
+
+volatile int mbedtls_timing_alarmed = 0;
+
+#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+
+unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset )
+{
+    struct _hr_time *t = (struct _hr_time *) val;
+
+    if( reset )
+    {
+        QueryPerformanceCounter( &t->start );
+        return( 0 );
+    }
+    else
+    {
+        unsigned long delta;
+        LARGE_INTEGER now, hfreq;
+        QueryPerformanceCounter(  &now );
+        QueryPerformanceFrequency( &hfreq );
+        delta = (unsigned long)( ( now.QuadPart - t->start.QuadPart ) * 1000ul
+                                 / hfreq.QuadPart );
+        return( delta );
+    }
+}
+
+/* It's OK to use a global because alarm() is supposed to be global anyway */
+static DWORD alarmMs;
+
+static DWORD WINAPI TimerProc( LPVOID TimerContext )
+{
+    ((void) TimerContext);
+    Sleep( alarmMs );
+    mbedtls_timing_alarmed = 1;
+    return( TRUE );
+}
+
+void mbedtls_set_alarm( int seconds )
+{
+    DWORD ThreadId;
+
+    if( seconds == 0 )
+    {
+        /* No need to create a thread for this simple case.
+         * Also, this shorcut is more reliable at least on MinGW32 */
+        mbedtls_timing_alarmed = 1;
+        return;
+    }
+
+    mbedtls_timing_alarmed = 0;
+    alarmMs = seconds * 1000;
+    CloseHandle( CreateThread( NULL, 0, TimerProc, NULL, 0, &ThreadId ) );
+}
+
+#else /* _WIN32 && !EFIX64 && !EFI32 */
+
+unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset )
+{
+    struct _hr_time *t = (struct _hr_time *) val;
+
+    if( reset )
+    {
+        gettimeofday( &t->start, NULL );
+        return( 0 );
+    }
+    else
+    {
+        unsigned long delta;
+        struct timeval now;
+        gettimeofday( &now, NULL );
+        delta = ( now.tv_sec  - t->start.tv_sec  ) * 1000ul
+              + ( now.tv_usec - t->start.tv_usec ) / 1000;
+        return( delta );
+    }
+}
+
+static void sighandler( int signum )
+{
+    mbedtls_timing_alarmed = 1;
+    signal( signum, sighandler );
+}
+
+void mbedtls_set_alarm( int seconds )
+{
+    mbedtls_timing_alarmed = 0;
+    signal( SIGALRM, sighandler );
+    alarm( seconds );
+    if( seconds == 0 )
+    {
+        /* alarm(0) cancelled any previous pending alarm, but the
+           handler won't fire, so raise the flag straight away. */
+        mbedtls_timing_alarmed = 1;
+    }
+}
+
+#endif /* _WIN32 && !EFIX64 && !EFI32 */
+
+/*
+ * Set delays to watch
+ */
+void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms )
+{
+    mbedtls_timing_delay_context *ctx = (mbedtls_timing_delay_context *) data;
+
+    ctx->int_ms = int_ms;
+    ctx->fin_ms = fin_ms;
+
+    if( fin_ms != 0 )
+        (void) mbedtls_timing_get_timer( &ctx->timer, 1 );
+}
+
+/*
+ * Get number of delays expired
+ */
+int mbedtls_timing_get_delay( void *data )
+{
+    mbedtls_timing_delay_context *ctx = (mbedtls_timing_delay_context *) data;
+    unsigned long elapsed_ms;
+
+    if( ctx->fin_ms == 0 )
+        return( -1 );
+
+    elapsed_ms = mbedtls_timing_get_timer( &ctx->timer, 0 );
+
+    if( elapsed_ms >= ctx->fin_ms )
+        return( 2 );
+
+    if( elapsed_ms >= ctx->int_ms )
+        return( 1 );
+
+    return( 0 );
+}
+
+#endif /* !MBEDTLS_TIMING_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/*
+ * Busy-waits for the given number of milliseconds.
+ * Used for testing mbedtls_timing_hardclock.
+ */
+static void busy_msleep( unsigned long msec )
+{
+    struct mbedtls_timing_hr_time hires;
+    unsigned long i = 0; /* for busy-waiting */
+    volatile unsigned long j; /* to prevent optimisation */
+
+    (void) mbedtls_timing_get_timer( &hires, 1 );
+
+    while( mbedtls_timing_get_timer( &hires, 0 ) < msec )
+        i++;
+
+    j = i;
+    (void) j;
+}
+
+#define FAIL    do                                                      \
+    {                                                                   \
+        if( verbose != 0 )                                              \
+        {                                                               \
+            mbedtls_printf( "failed at line %d\n", __LINE__ );          \
+            mbedtls_printf( " cycles=%lu ratio=%lu millisecs=%lu secs=%lu hardfail=%d a=%lu b=%lu\n", \
+                            cycles, ratio, millisecs, secs, hardfail,   \
+                            (unsigned long) a, (unsigned long) b );     \
+            mbedtls_printf( " elapsed(hires)=%lu elapsed(ctx)=%lu status(ctx)=%d\n", \
+                            mbedtls_timing_get_timer( &hires, 0 ),      \
+                            mbedtls_timing_get_timer( &ctx.timer, 0 ),  \
+                            mbedtls_timing_get_delay( &ctx ) );         \
+        }                                                               \
+        return( 1 );                                                    \
+    } while( 0 )
+
+/*
+ * Checkup routine
+ *
+ * Warning: this is work in progress, some tests may not be reliable enough
+ * yet! False positives may happen.
+ */
+int mbedtls_timing_self_test( int verbose )
+{
+    unsigned long cycles = 0, ratio = 0;
+    unsigned long millisecs = 0, secs = 0;
+    int hardfail = 0;
+    struct mbedtls_timing_hr_time hires;
+    uint32_t a = 0, b = 0;
+    mbedtls_timing_delay_context ctx;
+
+    if( verbose != 0 )
+        mbedtls_printf( "  TIMING tests note: will take some time!\n" );
+
+    if( verbose != 0 )
+        mbedtls_printf( "  TIMING test #1 (set_alarm / get_timer): " );
+
+    {
+        secs = 1;
+
+        (void) mbedtls_timing_get_timer( &hires, 1 );
+
+        mbedtls_set_alarm( (int) secs );
+        while( !mbedtls_timing_alarmed )
+            ;
+
+        millisecs = mbedtls_timing_get_timer( &hires, 0 );
+
+        /* For some reason on Windows it looks like alarm has an extra delay
+         * (maybe related to creating a new thread). Allow some room here. */
+        if( millisecs < 800 * secs || millisecs > 1200 * secs + 300 )
+            FAIL;
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n" );
+
+    if( verbose != 0 )
+        mbedtls_printf( "  TIMING test #2 (set/get_delay        ): " );
+
+    {
+        a = 800;
+        b = 400;
+        mbedtls_timing_set_delay( &ctx, a, a + b );          /* T = 0 */
+
+        busy_msleep( a - a / 4 );                      /* T = a - a/4 */
+        if( mbedtls_timing_get_delay( &ctx ) != 0 )
+            FAIL;
+
+        busy_msleep( a / 4 + b / 4 );                  /* T = a + b/4 */
+        if( mbedtls_timing_get_delay( &ctx ) != 1 )
+            FAIL;
+
+        busy_msleep( b );                          /* T = a + b + b/4 */
+        if( mbedtls_timing_get_delay( &ctx ) != 2 )
+            FAIL;
+    }
+
+    mbedtls_timing_set_delay( &ctx, 0, 0 );
+    busy_msleep( 200 );
+    if( mbedtls_timing_get_delay( &ctx ) != -1 )
+        FAIL;
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n" );
+
+    if( verbose != 0 )
+        mbedtls_printf( "  TIMING test #3 (hardclock / get_timer): " );
+
+    /*
+     * Allow one failure for possible counter wrapping.
+     * On a 4Ghz 32-bit machine the cycle counter wraps about once per second;
+     * since the whole test is about 10ms, it shouldn't happen twice in a row.
+     */
+
+hard_test:
+    if( hardfail > 1 )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "failed (ignored)\n" );
+
+        goto hard_test_done;
+    }
+
+    /* Get a reference ratio cycles/ms */
+    millisecs = 1;
+    cycles = mbedtls_timing_hardclock();
+    busy_msleep( millisecs );
+    cycles = mbedtls_timing_hardclock() - cycles;
+    ratio = cycles / millisecs;
+
+    /* Check that the ratio is mostly constant */
+    for( millisecs = 2; millisecs <= 4; millisecs++ )
+    {
+        cycles = mbedtls_timing_hardclock();
+        busy_msleep( millisecs );
+        cycles = mbedtls_timing_hardclock() - cycles;
+
+        /* Allow variation up to 20% */
+        if( cycles / millisecs < ratio - ratio / 5 ||
+            cycles / millisecs > ratio + ratio / 5 )
+        {
+            hardfail++;
+            goto hard_test;
+        }
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n" );
+
+hard_test_done:
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+    return( 0 );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_TIMING_C */
diff --git a/thirdparty/mbedtls/library/version.c b/thirdparty/mbedtls/library/version.c
new file mode 100644
index 0000000000..6ca80d4695
--- /dev/null
+++ b/thirdparty/mbedtls/library/version.c
@@ -0,0 +1,50 @@
+/*
+ *  Version information
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_VERSION_C)
+
+#include "mbedtls/version.h"
+#include <string.h>
+
+unsigned int mbedtls_version_get_number()
+{
+    return( MBEDTLS_VERSION_NUMBER );
+}
+
+void mbedtls_version_get_string( char *string )
+{
+    memcpy( string, MBEDTLS_VERSION_STRING,
+            sizeof( MBEDTLS_VERSION_STRING ) );
+}
+
+void mbedtls_version_get_string_full( char *string )
+{
+    memcpy( string, MBEDTLS_VERSION_STRING_FULL,
+            sizeof( MBEDTLS_VERSION_STRING_FULL ) );
+}
+
+#endif /* MBEDTLS_VERSION_C */
diff --git a/thirdparty/mbedtls/library/version_features.c b/thirdparty/mbedtls/library/version_features.c
new file mode 100644
index 0000000000..72afec2da0
--- /dev/null
+++ b/thirdparty/mbedtls/library/version_features.c
@@ -0,0 +1,716 @@
+/*
+ *  Version feature information
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_VERSION_C)
+
+#include "mbedtls/version.h"
+
+#include <string.h>
+
+static const char *features[] = {
+#if defined(MBEDTLS_VERSION_FEATURES)
+#if defined(MBEDTLS_HAVE_ASM)
+    "MBEDTLS_HAVE_ASM",
+#endif /* MBEDTLS_HAVE_ASM */
+#if defined(MBEDTLS_NO_UDBL_DIVISION)
+    "MBEDTLS_NO_UDBL_DIVISION",
+#endif /* MBEDTLS_NO_UDBL_DIVISION */
+#if defined(MBEDTLS_HAVE_SSE2)
+    "MBEDTLS_HAVE_SSE2",
+#endif /* MBEDTLS_HAVE_SSE2 */
+#if defined(MBEDTLS_HAVE_TIME)
+    "MBEDTLS_HAVE_TIME",
+#endif /* MBEDTLS_HAVE_TIME */
+#if defined(MBEDTLS_HAVE_TIME_DATE)
+    "MBEDTLS_HAVE_TIME_DATE",
+#endif /* MBEDTLS_HAVE_TIME_DATE */
+#if defined(MBEDTLS_PLATFORM_MEMORY)
+    "MBEDTLS_PLATFORM_MEMORY",
+#endif /* MBEDTLS_PLATFORM_MEMORY */
+#if defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS)
+    "MBEDTLS_PLATFORM_NO_STD_FUNCTIONS",
+#endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */
+#if defined(MBEDTLS_PLATFORM_EXIT_ALT)
+    "MBEDTLS_PLATFORM_EXIT_ALT",
+#endif /* MBEDTLS_PLATFORM_EXIT_ALT */
+#if defined(MBEDTLS_PLATFORM_TIME_ALT)
+    "MBEDTLS_PLATFORM_TIME_ALT",
+#endif /* MBEDTLS_PLATFORM_TIME_ALT */
+#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT)
+    "MBEDTLS_PLATFORM_FPRINTF_ALT",
+#endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */
+#if defined(MBEDTLS_PLATFORM_PRINTF_ALT)
+    "MBEDTLS_PLATFORM_PRINTF_ALT",
+#endif /* MBEDTLS_PLATFORM_PRINTF_ALT */
+#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT)
+    "MBEDTLS_PLATFORM_SNPRINTF_ALT",
+#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
+#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
+    "MBEDTLS_PLATFORM_NV_SEED_ALT",
+#endif /* MBEDTLS_PLATFORM_NV_SEED_ALT */
+#if defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT)
+    "MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT",
+#endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+    "MBEDTLS_DEPRECATED_WARNING",
+#endif /* MBEDTLS_DEPRECATED_WARNING */
+#if defined(MBEDTLS_DEPRECATED_REMOVED)
+    "MBEDTLS_DEPRECATED_REMOVED",
+#endif /* MBEDTLS_DEPRECATED_REMOVED */
+#if defined(MBEDTLS_TIMING_ALT)
+    "MBEDTLS_TIMING_ALT",
+#endif /* MBEDTLS_TIMING_ALT */
+#if defined(MBEDTLS_AES_ALT)
+    "MBEDTLS_AES_ALT",
+#endif /* MBEDTLS_AES_ALT */
+#if defined(MBEDTLS_ARC4_ALT)
+    "MBEDTLS_ARC4_ALT",
+#endif /* MBEDTLS_ARC4_ALT */
+#if defined(MBEDTLS_BLOWFISH_ALT)
+    "MBEDTLS_BLOWFISH_ALT",
+#endif /* MBEDTLS_BLOWFISH_ALT */
+#if defined(MBEDTLS_CAMELLIA_ALT)
+    "MBEDTLS_CAMELLIA_ALT",
+#endif /* MBEDTLS_CAMELLIA_ALT */
+#if defined(MBEDTLS_CCM_ALT)
+    "MBEDTLS_CCM_ALT",
+#endif /* MBEDTLS_CCM_ALT */
+#if defined(MBEDTLS_CMAC_ALT)
+    "MBEDTLS_CMAC_ALT",
+#endif /* MBEDTLS_CMAC_ALT */
+#if defined(MBEDTLS_DES_ALT)
+    "MBEDTLS_DES_ALT",
+#endif /* MBEDTLS_DES_ALT */
+#if defined(MBEDTLS_DHM_ALT)
+    "MBEDTLS_DHM_ALT",
+#endif /* MBEDTLS_DHM_ALT */
+#if defined(MBEDTLS_ECJPAKE_ALT)
+    "MBEDTLS_ECJPAKE_ALT",
+#endif /* MBEDTLS_ECJPAKE_ALT */
+#if defined(MBEDTLS_GCM_ALT)
+    "MBEDTLS_GCM_ALT",
+#endif /* MBEDTLS_GCM_ALT */
+#if defined(MBEDTLS_MD2_ALT)
+    "MBEDTLS_MD2_ALT",
+#endif /* MBEDTLS_MD2_ALT */
+#if defined(MBEDTLS_MD4_ALT)
+    "MBEDTLS_MD4_ALT",
+#endif /* MBEDTLS_MD4_ALT */
+#if defined(MBEDTLS_MD5_ALT)
+    "MBEDTLS_MD5_ALT",
+#endif /* MBEDTLS_MD5_ALT */
+#if defined(MBEDTLS_RIPEMD160_ALT)
+    "MBEDTLS_RIPEMD160_ALT",
+#endif /* MBEDTLS_RIPEMD160_ALT */
+#if defined(MBEDTLS_RSA_ALT)
+    "MBEDTLS_RSA_ALT",
+#endif /* MBEDTLS_RSA_ALT */
+#if defined(MBEDTLS_SHA1_ALT)
+    "MBEDTLS_SHA1_ALT",
+#endif /* MBEDTLS_SHA1_ALT */
+#if defined(MBEDTLS_SHA256_ALT)
+    "MBEDTLS_SHA256_ALT",
+#endif /* MBEDTLS_SHA256_ALT */
+#if defined(MBEDTLS_SHA512_ALT)
+    "MBEDTLS_SHA512_ALT",
+#endif /* MBEDTLS_SHA512_ALT */
+#if defined(MBEDTLS_XTEA_ALT)
+    "MBEDTLS_XTEA_ALT",
+#endif /* MBEDTLS_XTEA_ALT */
+#if defined(MBEDTLS_ECP_ALT)
+    "MBEDTLS_ECP_ALT",
+#endif /* MBEDTLS_ECP_ALT */
+#if defined(MBEDTLS_MD2_PROCESS_ALT)
+    "MBEDTLS_MD2_PROCESS_ALT",
+#endif /* MBEDTLS_MD2_PROCESS_ALT */
+#if defined(MBEDTLS_MD4_PROCESS_ALT)
+    "MBEDTLS_MD4_PROCESS_ALT",
+#endif /* MBEDTLS_MD4_PROCESS_ALT */
+#if defined(MBEDTLS_MD5_PROCESS_ALT)
+    "MBEDTLS_MD5_PROCESS_ALT",
+#endif /* MBEDTLS_MD5_PROCESS_ALT */
+#if defined(MBEDTLS_RIPEMD160_PROCESS_ALT)
+    "MBEDTLS_RIPEMD160_PROCESS_ALT",
+#endif /* MBEDTLS_RIPEMD160_PROCESS_ALT */
+#if defined(MBEDTLS_SHA1_PROCESS_ALT)
+    "MBEDTLS_SHA1_PROCESS_ALT",
+#endif /* MBEDTLS_SHA1_PROCESS_ALT */
+#if defined(MBEDTLS_SHA256_PROCESS_ALT)
+    "MBEDTLS_SHA256_PROCESS_ALT",
+#endif /* MBEDTLS_SHA256_PROCESS_ALT */
+#if defined(MBEDTLS_SHA512_PROCESS_ALT)
+    "MBEDTLS_SHA512_PROCESS_ALT",
+#endif /* MBEDTLS_SHA512_PROCESS_ALT */
+#if defined(MBEDTLS_DES_SETKEY_ALT)
+    "MBEDTLS_DES_SETKEY_ALT",
+#endif /* MBEDTLS_DES_SETKEY_ALT */
+#if defined(MBEDTLS_DES_CRYPT_ECB_ALT)
+    "MBEDTLS_DES_CRYPT_ECB_ALT",
+#endif /* MBEDTLS_DES_CRYPT_ECB_ALT */
+#if defined(MBEDTLS_DES3_CRYPT_ECB_ALT)
+    "MBEDTLS_DES3_CRYPT_ECB_ALT",
+#endif /* MBEDTLS_DES3_CRYPT_ECB_ALT */
+#if defined(MBEDTLS_AES_SETKEY_ENC_ALT)
+    "MBEDTLS_AES_SETKEY_ENC_ALT",
+#endif /* MBEDTLS_AES_SETKEY_ENC_ALT */
+#if defined(MBEDTLS_AES_SETKEY_DEC_ALT)
+    "MBEDTLS_AES_SETKEY_DEC_ALT",
+#endif /* MBEDTLS_AES_SETKEY_DEC_ALT */
+#if defined(MBEDTLS_AES_ENCRYPT_ALT)
+    "MBEDTLS_AES_ENCRYPT_ALT",
+#endif /* MBEDTLS_AES_ENCRYPT_ALT */
+#if defined(MBEDTLS_AES_DECRYPT_ALT)
+    "MBEDTLS_AES_DECRYPT_ALT",
+#endif /* MBEDTLS_AES_DECRYPT_ALT */
+#if defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT)
+    "MBEDTLS_ECDH_GEN_PUBLIC_ALT",
+#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */
+#if defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT)
+    "MBEDTLS_ECDH_COMPUTE_SHARED_ALT",
+#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */
+#if defined(MBEDTLS_ECDSA_VERIFY_ALT)
+    "MBEDTLS_ECDSA_VERIFY_ALT",
+#endif /* MBEDTLS_ECDSA_VERIFY_ALT */
+#if defined(MBEDTLS_ECDSA_SIGN_ALT)
+    "MBEDTLS_ECDSA_SIGN_ALT",
+#endif /* MBEDTLS_ECDSA_SIGN_ALT */
+#if defined(MBEDTLS_ECDSA_GENKEY_ALT)
+    "MBEDTLS_ECDSA_GENKEY_ALT",
+#endif /* MBEDTLS_ECDSA_GENKEY_ALT */
+#if defined(MBEDTLS_ECP_INTERNAL_ALT)
+    "MBEDTLS_ECP_INTERNAL_ALT",
+#endif /* MBEDTLS_ECP_INTERNAL_ALT */
+#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT)
+    "MBEDTLS_ECP_RANDOMIZE_JAC_ALT",
+#endif /* MBEDTLS_ECP_RANDOMIZE_JAC_ALT */
+#if defined(MBEDTLS_ECP_ADD_MIXED_ALT)
+    "MBEDTLS_ECP_ADD_MIXED_ALT",
+#endif /* MBEDTLS_ECP_ADD_MIXED_ALT */
+#if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT)
+    "MBEDTLS_ECP_DOUBLE_JAC_ALT",
+#endif /* MBEDTLS_ECP_DOUBLE_JAC_ALT */
+#if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT)
+    "MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT",
+#endif /* MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT */
+#if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT)
+    "MBEDTLS_ECP_NORMALIZE_JAC_ALT",
+#endif /* MBEDTLS_ECP_NORMALIZE_JAC_ALT */
+#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT)
+    "MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT",
+#endif /* MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT */
+#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT)
+    "MBEDTLS_ECP_RANDOMIZE_MXZ_ALT",
+#endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */
+#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT)
+    "MBEDTLS_ECP_NORMALIZE_MXZ_ALT",
+#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */
+#if defined(MBEDTLS_TEST_NULL_ENTROPY)
+    "MBEDTLS_TEST_NULL_ENTROPY",
+#endif /* MBEDTLS_TEST_NULL_ENTROPY */
+#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
+    "MBEDTLS_ENTROPY_HARDWARE_ALT",
+#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */
+#if defined(MBEDTLS_AES_ROM_TABLES)
+    "MBEDTLS_AES_ROM_TABLES",
+#endif /* MBEDTLS_AES_ROM_TABLES */
+#if defined(MBEDTLS_CAMELLIA_SMALL_MEMORY)
+    "MBEDTLS_CAMELLIA_SMALL_MEMORY",
+#endif /* MBEDTLS_CAMELLIA_SMALL_MEMORY */
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+    "MBEDTLS_CIPHER_MODE_CBC",
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#if defined(MBEDTLS_CIPHER_MODE_CFB)
+    "MBEDTLS_CIPHER_MODE_CFB",
+#endif /* MBEDTLS_CIPHER_MODE_CFB */
+#if defined(MBEDTLS_CIPHER_MODE_CTR)
+    "MBEDTLS_CIPHER_MODE_CTR",
+#endif /* MBEDTLS_CIPHER_MODE_CTR */
+#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
+    "MBEDTLS_CIPHER_NULL_CIPHER",
+#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
+#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
+    "MBEDTLS_CIPHER_PADDING_PKCS7",
+#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */
+#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS)
+    "MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS",
+#endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */
+#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN)
+    "MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN",
+#endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */
+#if defined(MBEDTLS_CIPHER_PADDING_ZEROS)
+    "MBEDTLS_CIPHER_PADDING_ZEROS",
+#endif /* MBEDTLS_CIPHER_PADDING_ZEROS */
+#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES)
+    "MBEDTLS_ENABLE_WEAK_CIPHERSUITES",
+#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */
+#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES)
+    "MBEDTLS_REMOVE_ARC4_CIPHERSUITES",
+#endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+    "MBEDTLS_ECP_DP_SECP192R1_ENABLED",
+#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+    "MBEDTLS_ECP_DP_SECP224R1_ENABLED",
+#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+    "MBEDTLS_ECP_DP_SECP256R1_ENABLED",
+#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+    "MBEDTLS_ECP_DP_SECP384R1_ENABLED",
+#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+    "MBEDTLS_ECP_DP_SECP521R1_ENABLED",
+#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+    "MBEDTLS_ECP_DP_SECP192K1_ENABLED",
+#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+    "MBEDTLS_ECP_DP_SECP224K1_ENABLED",
+#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+    "MBEDTLS_ECP_DP_SECP256K1_ENABLED",
+#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+    "MBEDTLS_ECP_DP_BP256R1_ENABLED",
+#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+    "MBEDTLS_ECP_DP_BP384R1_ENABLED",
+#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+    "MBEDTLS_ECP_DP_BP512R1_ENABLED",
+#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+    "MBEDTLS_ECP_DP_CURVE25519_ENABLED",
+#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */
+#if defined(MBEDTLS_ECP_NIST_OPTIM)
+    "MBEDTLS_ECP_NIST_OPTIM",
+#endif /* MBEDTLS_ECP_NIST_OPTIM */
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+    "MBEDTLS_ECDSA_DETERMINISTIC",
+#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
+#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
+    "MBEDTLS_KEY_EXCHANGE_PSK_ENABLED",
+#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+    "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED",
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
+    "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED",
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
+    "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED",
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
+    "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED",
+#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
+    "MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED",
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
+    "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED",
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
+    "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED",
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
+    "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED",
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
+    "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED",
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
+    "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED",
+#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED)
+    "MBEDTLS_PK_PARSE_EC_EXTENDED",
+#endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */
+#if defined(MBEDTLS_ERROR_STRERROR_DUMMY)
+    "MBEDTLS_ERROR_STRERROR_DUMMY",
+#endif /* MBEDTLS_ERROR_STRERROR_DUMMY */
+#if defined(MBEDTLS_GENPRIME)
+    "MBEDTLS_GENPRIME",
+#endif /* MBEDTLS_GENPRIME */
+#if defined(MBEDTLS_FS_IO)
+    "MBEDTLS_FS_IO",
+#endif /* MBEDTLS_FS_IO */
+#if defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
+    "MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES",
+#endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */
+#if defined(MBEDTLS_NO_PLATFORM_ENTROPY)
+    "MBEDTLS_NO_PLATFORM_ENTROPY",
+#endif /* MBEDTLS_NO_PLATFORM_ENTROPY */
+#if defined(MBEDTLS_ENTROPY_FORCE_SHA256)
+    "MBEDTLS_ENTROPY_FORCE_SHA256",
+#endif /* MBEDTLS_ENTROPY_FORCE_SHA256 */
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+    "MBEDTLS_ENTROPY_NV_SEED",
+#endif /* MBEDTLS_ENTROPY_NV_SEED */
+#if defined(MBEDTLS_MEMORY_DEBUG)
+    "MBEDTLS_MEMORY_DEBUG",
+#endif /* MBEDTLS_MEMORY_DEBUG */
+#if defined(MBEDTLS_MEMORY_BACKTRACE)
+    "MBEDTLS_MEMORY_BACKTRACE",
+#endif /* MBEDTLS_MEMORY_BACKTRACE */
+#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
+    "MBEDTLS_PK_RSA_ALT_SUPPORT",
+#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
+#if defined(MBEDTLS_PKCS1_V15)
+    "MBEDTLS_PKCS1_V15",
+#endif /* MBEDTLS_PKCS1_V15 */
+#if defined(MBEDTLS_PKCS1_V21)
+    "MBEDTLS_PKCS1_V21",
+#endif /* MBEDTLS_PKCS1_V21 */
+#if defined(MBEDTLS_RSA_NO_CRT)
+    "MBEDTLS_RSA_NO_CRT",
+#endif /* MBEDTLS_RSA_NO_CRT */
+#if defined(MBEDTLS_SELF_TEST)
+    "MBEDTLS_SELF_TEST",
+#endif /* MBEDTLS_SELF_TEST */
+#if defined(MBEDTLS_SHA256_SMALLER)
+    "MBEDTLS_SHA256_SMALLER",
+#endif /* MBEDTLS_SHA256_SMALLER */
+#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES)
+    "MBEDTLS_SSL_ALL_ALERT_MESSAGES",
+#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */
+#if defined(MBEDTLS_SSL_DEBUG_ALL)
+    "MBEDTLS_SSL_DEBUG_ALL",
+#endif /* MBEDTLS_SSL_DEBUG_ALL */
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+    "MBEDTLS_SSL_ENCRYPT_THEN_MAC",
+#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+    "MBEDTLS_SSL_EXTENDED_MASTER_SECRET",
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
+#if defined(MBEDTLS_SSL_FALLBACK_SCSV)
+    "MBEDTLS_SSL_FALLBACK_SCSV",
+#endif /* MBEDTLS_SSL_FALLBACK_SCSV */
+#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
+    "MBEDTLS_SSL_HW_RECORD_ACCEL",
+#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
+#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
+    "MBEDTLS_SSL_CBC_RECORD_SPLITTING",
+#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+    "MBEDTLS_SSL_RENEGOTIATION",
+#endif /* MBEDTLS_SSL_RENEGOTIATION */
+#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO)
+    "MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO",
+#endif /* MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */
+#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE)
+    "MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE",
+#endif /* MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE */
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+    "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH",
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+#if defined(MBEDTLS_SSL_PROTO_SSL3)
+    "MBEDTLS_SSL_PROTO_SSL3",
+#endif /* MBEDTLS_SSL_PROTO_SSL3 */
+#if defined(MBEDTLS_SSL_PROTO_TLS1)
+    "MBEDTLS_SSL_PROTO_TLS1",
+#endif /* MBEDTLS_SSL_PROTO_TLS1 */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_1)
+    "MBEDTLS_SSL_PROTO_TLS1_1",
+#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    "MBEDTLS_SSL_PROTO_TLS1_2",
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    "MBEDTLS_SSL_PROTO_DTLS",
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+#if defined(MBEDTLS_SSL_ALPN)
+    "MBEDTLS_SSL_ALPN",
+#endif /* MBEDTLS_SSL_ALPN */
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+    "MBEDTLS_SSL_DTLS_ANTI_REPLAY",
+#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
+#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
+    "MBEDTLS_SSL_DTLS_HELLO_VERIFY",
+#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
+#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE)
+    "MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE",
+#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE */
+#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT)
+    "MBEDTLS_SSL_DTLS_BADMAC_LIMIT",
+#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    "MBEDTLS_SSL_SESSION_TICKETS",
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+    "MBEDTLS_SSL_EXPORT_KEYS",
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    "MBEDTLS_SSL_SERVER_NAME_INDICATION",
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
+    "MBEDTLS_SSL_TRUNCATED_HMAC",
+#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+#if defined(MBEDTLS_THREADING_ALT)
+    "MBEDTLS_THREADING_ALT",
+#endif /* MBEDTLS_THREADING_ALT */
+#if defined(MBEDTLS_THREADING_PTHREAD)
+    "MBEDTLS_THREADING_PTHREAD",
+#endif /* MBEDTLS_THREADING_PTHREAD */
+#if defined(MBEDTLS_VERSION_FEATURES)
+    "MBEDTLS_VERSION_FEATURES",
+#endif /* MBEDTLS_VERSION_FEATURES */
+#if defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3)
+    "MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3",
+#endif /* MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 */
+#if defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
+    "MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION",
+#endif /* MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION */
+#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
+    "MBEDTLS_X509_CHECK_KEY_USAGE",
+#endif /* MBEDTLS_X509_CHECK_KEY_USAGE */
+#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
+    "MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE",
+#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */
+#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
+    "MBEDTLS_X509_RSASSA_PSS_SUPPORT",
+#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
+#if defined(MBEDTLS_ZLIB_SUPPORT)
+    "MBEDTLS_ZLIB_SUPPORT",
+#endif /* MBEDTLS_ZLIB_SUPPORT */
+#if defined(MBEDTLS_AESNI_C)
+    "MBEDTLS_AESNI_C",
+#endif /* MBEDTLS_AESNI_C */
+#if defined(MBEDTLS_AES_C)
+    "MBEDTLS_AES_C",
+#endif /* MBEDTLS_AES_C */
+#if defined(MBEDTLS_ARC4_C)
+    "MBEDTLS_ARC4_C",
+#endif /* MBEDTLS_ARC4_C */
+#if defined(MBEDTLS_ASN1_PARSE_C)
+    "MBEDTLS_ASN1_PARSE_C",
+#endif /* MBEDTLS_ASN1_PARSE_C */
+#if defined(MBEDTLS_ASN1_WRITE_C)
+    "MBEDTLS_ASN1_WRITE_C",
+#endif /* MBEDTLS_ASN1_WRITE_C */
+#if defined(MBEDTLS_BASE64_C)
+    "MBEDTLS_BASE64_C",
+#endif /* MBEDTLS_BASE64_C */
+#if defined(MBEDTLS_BIGNUM_C)
+    "MBEDTLS_BIGNUM_C",
+#endif /* MBEDTLS_BIGNUM_C */
+#if defined(MBEDTLS_BLOWFISH_C)
+    "MBEDTLS_BLOWFISH_C",
+#endif /* MBEDTLS_BLOWFISH_C */
+#if defined(MBEDTLS_CAMELLIA_C)
+    "MBEDTLS_CAMELLIA_C",
+#endif /* MBEDTLS_CAMELLIA_C */
+#if defined(MBEDTLS_CCM_C)
+    "MBEDTLS_CCM_C",
+#endif /* MBEDTLS_CCM_C */
+#if defined(MBEDTLS_CERTS_C)
+    "MBEDTLS_CERTS_C",
+#endif /* MBEDTLS_CERTS_C */
+#if defined(MBEDTLS_CIPHER_C)
+    "MBEDTLS_CIPHER_C",
+#endif /* MBEDTLS_CIPHER_C */
+#if defined(MBEDTLS_CMAC_C)
+    "MBEDTLS_CMAC_C",
+#endif /* MBEDTLS_CMAC_C */
+#if defined(MBEDTLS_CTR_DRBG_C)
+    "MBEDTLS_CTR_DRBG_C",
+#endif /* MBEDTLS_CTR_DRBG_C */
+#if defined(MBEDTLS_DEBUG_C)
+    "MBEDTLS_DEBUG_C",
+#endif /* MBEDTLS_DEBUG_C */
+#if defined(MBEDTLS_DES_C)
+    "MBEDTLS_DES_C",
+#endif /* MBEDTLS_DES_C */
+#if defined(MBEDTLS_DHM_C)
+    "MBEDTLS_DHM_C",
+#endif /* MBEDTLS_DHM_C */
+#if defined(MBEDTLS_ECDH_C)
+    "MBEDTLS_ECDH_C",
+#endif /* MBEDTLS_ECDH_C */
+#if defined(MBEDTLS_ECDSA_C)
+    "MBEDTLS_ECDSA_C",
+#endif /* MBEDTLS_ECDSA_C */
+#if defined(MBEDTLS_ECJPAKE_C)
+    "MBEDTLS_ECJPAKE_C",
+#endif /* MBEDTLS_ECJPAKE_C */
+#if defined(MBEDTLS_ECP_C)
+    "MBEDTLS_ECP_C",
+#endif /* MBEDTLS_ECP_C */
+#if defined(MBEDTLS_ENTROPY_C)
+    "MBEDTLS_ENTROPY_C",
+#endif /* MBEDTLS_ENTROPY_C */
+#if defined(MBEDTLS_ERROR_C)
+    "MBEDTLS_ERROR_C",
+#endif /* MBEDTLS_ERROR_C */
+#if defined(MBEDTLS_GCM_C)
+    "MBEDTLS_GCM_C",
+#endif /* MBEDTLS_GCM_C */
+#if defined(MBEDTLS_HAVEGE_C)
+    "MBEDTLS_HAVEGE_C",
+#endif /* MBEDTLS_HAVEGE_C */
+#if defined(MBEDTLS_HMAC_DRBG_C)
+    "MBEDTLS_HMAC_DRBG_C",
+#endif /* MBEDTLS_HMAC_DRBG_C */
+#if defined(MBEDTLS_MD_C)
+    "MBEDTLS_MD_C",
+#endif /* MBEDTLS_MD_C */
+#if defined(MBEDTLS_MD2_C)
+    "MBEDTLS_MD2_C",
+#endif /* MBEDTLS_MD2_C */
+#if defined(MBEDTLS_MD4_C)
+    "MBEDTLS_MD4_C",
+#endif /* MBEDTLS_MD4_C */
+#if defined(MBEDTLS_MD5_C)
+    "MBEDTLS_MD5_C",
+#endif /* MBEDTLS_MD5_C */
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+    "MBEDTLS_MEMORY_BUFFER_ALLOC_C",
+#endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */
+#if defined(MBEDTLS_NET_C)
+    "MBEDTLS_NET_C",
+#endif /* MBEDTLS_NET_C */
+#if defined(MBEDTLS_OID_C)
+    "MBEDTLS_OID_C",
+#endif /* MBEDTLS_OID_C */
+#if defined(MBEDTLS_PADLOCK_C)
+    "MBEDTLS_PADLOCK_C",
+#endif /* MBEDTLS_PADLOCK_C */
+#if defined(MBEDTLS_PEM_PARSE_C)
+    "MBEDTLS_PEM_PARSE_C",
+#endif /* MBEDTLS_PEM_PARSE_C */
+#if defined(MBEDTLS_PEM_WRITE_C)
+    "MBEDTLS_PEM_WRITE_C",
+#endif /* MBEDTLS_PEM_WRITE_C */
+#if defined(MBEDTLS_PK_C)
+    "MBEDTLS_PK_C",
+#endif /* MBEDTLS_PK_C */
+#if defined(MBEDTLS_PK_PARSE_C)
+    "MBEDTLS_PK_PARSE_C",
+#endif /* MBEDTLS_PK_PARSE_C */
+#if defined(MBEDTLS_PK_WRITE_C)
+    "MBEDTLS_PK_WRITE_C",
+#endif /* MBEDTLS_PK_WRITE_C */
+#if defined(MBEDTLS_PKCS5_C)
+    "MBEDTLS_PKCS5_C",
+#endif /* MBEDTLS_PKCS5_C */
+#if defined(MBEDTLS_PKCS11_C)
+    "MBEDTLS_PKCS11_C",
+#endif /* MBEDTLS_PKCS11_C */
+#if defined(MBEDTLS_PKCS12_C)
+    "MBEDTLS_PKCS12_C",
+#endif /* MBEDTLS_PKCS12_C */
+#if defined(MBEDTLS_PLATFORM_C)
+    "MBEDTLS_PLATFORM_C",
+#endif /* MBEDTLS_PLATFORM_C */
+#if defined(MBEDTLS_RIPEMD160_C)
+    "MBEDTLS_RIPEMD160_C",
+#endif /* MBEDTLS_RIPEMD160_C */
+#if defined(MBEDTLS_RSA_C)
+    "MBEDTLS_RSA_C",
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_SHA1_C)
+    "MBEDTLS_SHA1_C",
+#endif /* MBEDTLS_SHA1_C */
+#if defined(MBEDTLS_SHA256_C)
+    "MBEDTLS_SHA256_C",
+#endif /* MBEDTLS_SHA256_C */
+#if defined(MBEDTLS_SHA512_C)
+    "MBEDTLS_SHA512_C",
+#endif /* MBEDTLS_SHA512_C */
+#if defined(MBEDTLS_SSL_CACHE_C)
+    "MBEDTLS_SSL_CACHE_C",
+#endif /* MBEDTLS_SSL_CACHE_C */
+#if defined(MBEDTLS_SSL_COOKIE_C)
+    "MBEDTLS_SSL_COOKIE_C",
+#endif /* MBEDTLS_SSL_COOKIE_C */
+#if defined(MBEDTLS_SSL_TICKET_C)
+    "MBEDTLS_SSL_TICKET_C",
+#endif /* MBEDTLS_SSL_TICKET_C */
+#if defined(MBEDTLS_SSL_CLI_C)
+    "MBEDTLS_SSL_CLI_C",
+#endif /* MBEDTLS_SSL_CLI_C */
+#if defined(MBEDTLS_SSL_SRV_C)
+    "MBEDTLS_SSL_SRV_C",
+#endif /* MBEDTLS_SSL_SRV_C */
+#if defined(MBEDTLS_SSL_TLS_C)
+    "MBEDTLS_SSL_TLS_C",
+#endif /* MBEDTLS_SSL_TLS_C */
+#if defined(MBEDTLS_THREADING_C)
+    "MBEDTLS_THREADING_C",
+#endif /* MBEDTLS_THREADING_C */
+#if defined(MBEDTLS_TIMING_C)
+    "MBEDTLS_TIMING_C",
+#endif /* MBEDTLS_TIMING_C */
+#if defined(MBEDTLS_VERSION_C)
+    "MBEDTLS_VERSION_C",
+#endif /* MBEDTLS_VERSION_C */
+#if defined(MBEDTLS_X509_USE_C)
+    "MBEDTLS_X509_USE_C",
+#endif /* MBEDTLS_X509_USE_C */
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+    "MBEDTLS_X509_CRT_PARSE_C",
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#if defined(MBEDTLS_X509_CRL_PARSE_C)
+    "MBEDTLS_X509_CRL_PARSE_C",
+#endif /* MBEDTLS_X509_CRL_PARSE_C */
+#if defined(MBEDTLS_X509_CSR_PARSE_C)
+    "MBEDTLS_X509_CSR_PARSE_C",
+#endif /* MBEDTLS_X509_CSR_PARSE_C */
+#if defined(MBEDTLS_X509_CREATE_C)
+    "MBEDTLS_X509_CREATE_C",
+#endif /* MBEDTLS_X509_CREATE_C */
+#if defined(MBEDTLS_X509_CRT_WRITE_C)
+    "MBEDTLS_X509_CRT_WRITE_C",
+#endif /* MBEDTLS_X509_CRT_WRITE_C */
+#if defined(MBEDTLS_X509_CSR_WRITE_C)
+    "MBEDTLS_X509_CSR_WRITE_C",
+#endif /* MBEDTLS_X509_CSR_WRITE_C */
+#if defined(MBEDTLS_XTEA_C)
+    "MBEDTLS_XTEA_C",
+#endif /* MBEDTLS_XTEA_C */
+#endif /* MBEDTLS_VERSION_FEATURES */
+    NULL
+};
+
+int mbedtls_version_check_feature( const char *feature )
+{
+    const char **idx = features;
+
+    if( *idx == NULL )
+        return( -2 );
+
+    if( feature == NULL )
+        return( -1 );
+
+    while( *idx != NULL )
+    {
+        if( !strcmp( *idx, feature ) )
+            return( 0 );
+        idx++;
+    }
+    return( -1 );
+}
+
+#endif /* MBEDTLS_VERSION_C */
diff --git a/thirdparty/mbedtls/library/x509.c b/thirdparty/mbedtls/library/x509.c
new file mode 100644
index 0000000000..371d6da1dc
--- /dev/null
+++ b/thirdparty/mbedtls/library/x509.c
@@ -0,0 +1,1104 @@
+/*
+ *  X.509 common functions for parsing and verification
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ *  The ITU-T X.509 standard defines a certificate format for PKI.
+ *
+ *  http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs)
+ *  http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs)
+ *  http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10)
+ *
+ *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
+ *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_X509_USE_C)
+
+#include "mbedtls/x509.h"
+#include "mbedtls/asn1.h"
+#include "mbedtls/oid.h"
+
+#include <stdio.h>
+#include <string.h>
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+#include "mbedtls/pem.h"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#include <stdlib.h>
+#define mbedtls_free      free
+#define mbedtls_calloc    calloc
+#define mbedtls_printf    printf
+#define mbedtls_snprintf  snprintf
+#endif
+
+
+#if defined(MBEDTLS_HAVE_TIME)
+#include "mbedtls/platform_time.h"
+#endif
+
+#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+#include <windows.h>
+#else
+#include <time.h>
+#endif
+
+#if defined(MBEDTLS_FS_IO)
+#include <stdio.h>
+#if !defined(_WIN32)
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <dirent.h>
+#endif
+#endif
+
+#define CHECK(code) if( ( ret = code ) != 0 ){ return( ret ); }
+#define CHECK_RANGE(min, max, val) if( val < min || val > max ){ return( ret ); }
+
+/*
+ *  CertificateSerialNumber  ::=  INTEGER
+ */
+int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end,
+                     mbedtls_x509_buf *serial )
+{
+    int ret;
+
+    if( ( end - *p ) < 1 )
+        return( MBEDTLS_ERR_X509_INVALID_SERIAL +
+                MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+
+    if( **p != ( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_PRIMITIVE | 2 ) &&
+        **p !=   MBEDTLS_ASN1_INTEGER )
+        return( MBEDTLS_ERR_X509_INVALID_SERIAL +
+                MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+
+    serial->tag = *(*p)++;
+
+    if( ( ret = mbedtls_asn1_get_len( p, end, &serial->len ) ) != 0 )
+        return( MBEDTLS_ERR_X509_INVALID_SERIAL + ret );
+
+    serial->p = *p;
+    *p += serial->len;
+
+    return( 0 );
+}
+
+/* Get an algorithm identifier without parameters (eg for signatures)
+ *
+ *  AlgorithmIdentifier  ::=  SEQUENCE  {
+ *       algorithm               OBJECT IDENTIFIER,
+ *       parameters              ANY DEFINED BY algorithm OPTIONAL  }
+ */
+int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end,
+                       mbedtls_x509_buf *alg )
+{
+    int ret;
+
+    if( ( ret = mbedtls_asn1_get_alg_null( p, end, alg ) ) != 0 )
+        return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+
+    return( 0 );
+}
+
+/*
+ * Parse an algorithm identifier with (optional) paramaters
+ */
+int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end,
+                  mbedtls_x509_buf *alg, mbedtls_x509_buf *params )
+{
+    int ret;
+
+    if( ( ret = mbedtls_asn1_get_alg( p, end, alg, params ) ) != 0 )
+        return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
+/*
+ * HashAlgorithm ::= AlgorithmIdentifier
+ *
+ * AlgorithmIdentifier  ::=  SEQUENCE  {
+ *      algorithm               OBJECT IDENTIFIER,
+ *      parameters              ANY DEFINED BY algorithm OPTIONAL  }
+ *
+ * For HashAlgorithm, parameters MUST be NULL or absent.
+ */
+static int x509_get_hash_alg( const mbedtls_x509_buf *alg, mbedtls_md_type_t *md_alg )
+{
+    int ret;
+    unsigned char *p;
+    const unsigned char *end;
+    mbedtls_x509_buf md_oid;
+    size_t len;
+
+    /* Make sure we got a SEQUENCE and setup bounds */
+    if( alg->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
+        return( MBEDTLS_ERR_X509_INVALID_ALG +
+                MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+
+    p = (unsigned char *) alg->p;
+    end = p + alg->len;
+
+    if( p >= end )
+        return( MBEDTLS_ERR_X509_INVALID_ALG +
+                MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+
+    /* Parse md_oid */
+    md_oid.tag = *p;
+
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &md_oid.len, MBEDTLS_ASN1_OID ) ) != 0 )
+        return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+
+    md_oid.p = p;
+    p += md_oid.len;
+
+    /* Get md_alg from md_oid */
+    if( ( ret = mbedtls_oid_get_md_alg( &md_oid, md_alg ) ) != 0 )
+        return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+
+    /* Make sure params is absent of NULL */
+    if( p == end )
+        return( 0 );
+
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_NULL ) ) != 0 || len != 0 )
+        return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+
+    if( p != end )
+        return( MBEDTLS_ERR_X509_INVALID_ALG +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    return( 0 );
+}
+
+/*
+ *    RSASSA-PSS-params  ::=  SEQUENCE  {
+ *       hashAlgorithm     [0] HashAlgorithm DEFAULT sha1Identifier,
+ *       maskGenAlgorithm  [1] MaskGenAlgorithm DEFAULT mgf1SHA1Identifier,
+ *       saltLength        [2] INTEGER DEFAULT 20,
+ *       trailerField      [3] INTEGER DEFAULT 1  }
+ *    -- Note that the tags in this Sequence are explicit.
+ *
+ * RFC 4055 (which defines use of RSASSA-PSS in PKIX) states that the value
+ * of trailerField MUST be 1, and PKCS#1 v2.2 doesn't even define any other
+ * option. Enfore this at parsing time.
+ */
+int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params,
+                                mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md,
+                                int *salt_len )
+{
+    int ret;
+    unsigned char *p;
+    const unsigned char *end, *end2;
+    size_t len;
+    mbedtls_x509_buf alg_id, alg_params;
+
+    /* First set everything to defaults */
+    *md_alg = MBEDTLS_MD_SHA1;
+    *mgf_md = MBEDTLS_MD_SHA1;
+    *salt_len = 20;
+
+    /* Make sure params is a SEQUENCE and setup bounds */
+    if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
+        return( MBEDTLS_ERR_X509_INVALID_ALG +
+                MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+
+    p = (unsigned char *) params->p;
+    end = p + params->len;
+
+    if( p == end )
+        return( 0 );
+
+    /*
+     * HashAlgorithm
+     */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+                    MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ) == 0 )
+    {
+        end2 = p + len;
+
+        /* HashAlgorithm ::= AlgorithmIdentifier (without parameters) */
+        if( ( ret = mbedtls_x509_get_alg_null( &p, end2, &alg_id ) ) != 0 )
+            return( ret );
+
+        if( ( ret = mbedtls_oid_get_md_alg( &alg_id, md_alg ) ) != 0 )
+            return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+
+        if( p != end2 )
+            return( MBEDTLS_ERR_X509_INVALID_ALG +
+                    MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+    }
+    else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
+        return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+
+    if( p == end )
+        return( 0 );
+
+    /*
+     * MaskGenAlgorithm
+     */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+                    MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 1 ) ) == 0 )
+    {
+        end2 = p + len;
+
+        /* MaskGenAlgorithm ::= AlgorithmIdentifier (params = HashAlgorithm) */
+        if( ( ret = mbedtls_x509_get_alg( &p, end2, &alg_id, &alg_params ) ) != 0 )
+            return( ret );
+
+        /* Only MFG1 is recognised for now */
+        if( MBEDTLS_OID_CMP( MBEDTLS_OID_MGF1, &alg_id ) != 0 )
+            return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE +
+                    MBEDTLS_ERR_OID_NOT_FOUND );
+
+        /* Parse HashAlgorithm */
+        if( ( ret = x509_get_hash_alg( &alg_params, mgf_md ) ) != 0 )
+            return( ret );
+
+        if( p != end2 )
+            return( MBEDTLS_ERR_X509_INVALID_ALG +
+                    MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+    }
+    else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
+        return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+
+    if( p == end )
+        return( 0 );
+
+    /*
+     * salt_len
+     */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+                    MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 2 ) ) == 0 )
+    {
+        end2 = p + len;
+
+        if( ( ret = mbedtls_asn1_get_int( &p, end2, salt_len ) ) != 0 )
+            return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+
+        if( p != end2 )
+            return( MBEDTLS_ERR_X509_INVALID_ALG +
+                    MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+    }
+    else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
+        return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+
+    if( p == end )
+        return( 0 );
+
+    /*
+     * trailer_field (if present, must be 1)
+     */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+                    MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 3 ) ) == 0 )
+    {
+        int trailer_field;
+
+        end2 = p + len;
+
+        if( ( ret = mbedtls_asn1_get_int( &p, end2, &trailer_field ) ) != 0 )
+            return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+
+        if( p != end2 )
+            return( MBEDTLS_ERR_X509_INVALID_ALG +
+                    MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+        if( trailer_field != 1 )
+            return( MBEDTLS_ERR_X509_INVALID_ALG );
+    }
+    else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
+        return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+
+    if( p != end )
+        return( MBEDTLS_ERR_X509_INVALID_ALG +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    return( 0 );
+}
+#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
+
+/*
+ *  AttributeTypeAndValue ::= SEQUENCE {
+ *    type     AttributeType,
+ *    value    AttributeValue }
+ *
+ *  AttributeType ::= OBJECT IDENTIFIER
+ *
+ *  AttributeValue ::= ANY DEFINED BY AttributeType
+ */
+static int x509_get_attr_type_value( unsigned char **p,
+                                     const unsigned char *end,
+                                     mbedtls_x509_name *cur )
+{
+    int ret;
+    size_t len;
+    mbedtls_x509_buf *oid;
+    mbedtls_x509_buf *val;
+
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+        return( MBEDTLS_ERR_X509_INVALID_NAME + ret );
+
+    if( ( end - *p ) < 1 )
+        return( MBEDTLS_ERR_X509_INVALID_NAME +
+                MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+
+    oid = &cur->oid;
+    oid->tag = **p;
+
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &oid->len, MBEDTLS_ASN1_OID ) ) != 0 )
+        return( MBEDTLS_ERR_X509_INVALID_NAME + ret );
+
+    oid->p = *p;
+    *p += oid->len;
+
+    if( ( end - *p ) < 1 )
+        return( MBEDTLS_ERR_X509_INVALID_NAME +
+                MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+
+    if( **p != MBEDTLS_ASN1_BMP_STRING && **p != MBEDTLS_ASN1_UTF8_STRING      &&
+        **p != MBEDTLS_ASN1_T61_STRING && **p != MBEDTLS_ASN1_PRINTABLE_STRING &&
+        **p != MBEDTLS_ASN1_IA5_STRING && **p != MBEDTLS_ASN1_UNIVERSAL_STRING &&
+        **p != MBEDTLS_ASN1_BIT_STRING )
+        return( MBEDTLS_ERR_X509_INVALID_NAME +
+                MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+
+    val = &cur->val;
+    val->tag = *(*p)++;
+
+    if( ( ret = mbedtls_asn1_get_len( p, end, &val->len ) ) != 0 )
+        return( MBEDTLS_ERR_X509_INVALID_NAME + ret );
+
+    val->p = *p;
+    *p += val->len;
+
+    cur->next = NULL;
+
+    return( 0 );
+}
+
+/*
+ *  Name ::= CHOICE { -- only one possibility for now --
+ *       rdnSequence  RDNSequence }
+ *
+ *  RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
+ *
+ *  RelativeDistinguishedName ::=
+ *    SET OF AttributeTypeAndValue
+ *
+ *  AttributeTypeAndValue ::= SEQUENCE {
+ *    type     AttributeType,
+ *    value    AttributeValue }
+ *
+ *  AttributeType ::= OBJECT IDENTIFIER
+ *
+ *  AttributeValue ::= ANY DEFINED BY AttributeType
+ *
+ * The data structure is optimized for the common case where each RDN has only
+ * one element, which is represented as a list of AttributeTypeAndValue.
+ * For the general case we still use a flat list, but we mark elements of the
+ * same set so that they are "merged" together in the functions that consume
+ * this list, eg mbedtls_x509_dn_gets().
+ */
+int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end,
+                   mbedtls_x509_name *cur )
+{
+    int ret;
+    size_t set_len;
+    const unsigned char *end_set;
+
+    /* don't use recursion, we'd risk stack overflow if not optimized */
+    while( 1 )
+    {
+        /*
+         * parse SET
+         */
+        if( ( ret = mbedtls_asn1_get_tag( p, end, &set_len,
+                MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET ) ) != 0 )
+            return( MBEDTLS_ERR_X509_INVALID_NAME + ret );
+
+        end_set  = *p + set_len;
+
+        while( 1 )
+        {
+            if( ( ret = x509_get_attr_type_value( p, end_set, cur ) ) != 0 )
+                return( ret );
+
+            if( *p == end_set )
+                break;
+
+            /* Mark this item as being no the only one in a set */
+            cur->next_merged = 1;
+
+            cur->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_name ) );
+
+            if( cur->next == NULL )
+                return( MBEDTLS_ERR_X509_ALLOC_FAILED );
+
+            cur = cur->next;
+        }
+
+        /*
+         * continue until end of SEQUENCE is reached
+         */
+        if( *p == end )
+            return( 0 );
+
+        cur->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_name ) );
+
+        if( cur->next == NULL )
+            return( MBEDTLS_ERR_X509_ALLOC_FAILED );
+
+        cur = cur->next;
+    }
+}
+
+static int x509_parse_int( unsigned char **p, size_t n, int *res )
+{
+    *res = 0;
+
+    for( ; n > 0; --n )
+    {
+        if( ( **p < '0') || ( **p > '9' ) )
+            return ( MBEDTLS_ERR_X509_INVALID_DATE );
+
+        *res *= 10;
+        *res += ( *(*p)++ - '0' );
+    }
+
+    return( 0 );
+}
+
+static int x509_date_is_valid(const mbedtls_x509_time *t )
+{
+    int ret = MBEDTLS_ERR_X509_INVALID_DATE;
+    int month_len;
+
+    CHECK_RANGE( 0, 9999, t->year );
+    CHECK_RANGE( 0, 23,   t->hour );
+    CHECK_RANGE( 0, 59,   t->min  );
+    CHECK_RANGE( 0, 59,   t->sec  );
+
+    switch( t->mon )
+    {
+        case 1: case 3: case 5: case 7: case 8: case 10: case 12:
+            month_len = 31;
+            break;
+        case 4: case 6: case 9: case 11:
+            month_len = 30;
+            break;
+        case 2:
+            if( ( !( t->year % 4 ) && t->year % 100 ) ||
+                !( t->year % 400 ) )
+                month_len = 29;
+            else
+                month_len = 28;
+            break;
+        default:
+            return( ret );
+    }
+    CHECK_RANGE( 1, month_len, t->day );
+
+    return( 0 );
+}
+
+/*
+ * Parse an ASN1_UTC_TIME (yearlen=2) or ASN1_GENERALIZED_TIME (yearlen=4)
+ * field.
+ */
+static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen,
+                            mbedtls_x509_time *tm )
+{
+    int ret;
+
+    /*
+     * Minimum length is 10 or 12 depending on yearlen
+     */
+    if ( len < yearlen + 8 )
+        return ( MBEDTLS_ERR_X509_INVALID_DATE );
+    len -= yearlen + 8;
+
+    /*
+     * Parse year, month, day, hour, minute
+     */
+    CHECK( x509_parse_int( p, yearlen, &tm->year ) );
+    if ( 2 == yearlen )
+    {
+        if ( tm->year < 50 )
+            tm->year += 100;
+
+        tm->year += 1900;
+    }
+
+    CHECK( x509_parse_int( p, 2, &tm->mon ) );
+    CHECK( x509_parse_int( p, 2, &tm->day ) );
+    CHECK( x509_parse_int( p, 2, &tm->hour ) );
+    CHECK( x509_parse_int( p, 2, &tm->min ) );
+
+    /*
+     * Parse seconds if present
+     */
+    if ( len >= 2 )
+    {
+        CHECK( x509_parse_int( p, 2, &tm->sec ) );
+        len -= 2;
+    }
+    else
+        return ( MBEDTLS_ERR_X509_INVALID_DATE );
+
+    /*
+     * Parse trailing 'Z' if present
+     */
+    if ( 1 == len && 'Z' == **p )
+    {
+        (*p)++;
+        len--;
+    }
+
+    /*
+     * We should have parsed all characters at this point
+     */
+    if ( 0 != len )
+        return ( MBEDTLS_ERR_X509_INVALID_DATE );
+
+    CHECK( x509_date_is_valid( tm ) );
+
+    return ( 0 );
+}
+
+/*
+ *  Time ::= CHOICE {
+ *       utcTime        UTCTime,
+ *       generalTime    GeneralizedTime }
+ */
+int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end,
+                           mbedtls_x509_time *tm )
+{
+    int ret;
+    size_t len, year_len;
+    unsigned char tag;
+
+    if( ( end - *p ) < 1 )
+        return( MBEDTLS_ERR_X509_INVALID_DATE +
+                MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+
+    tag = **p;
+
+    if( tag == MBEDTLS_ASN1_UTC_TIME )
+        year_len = 2;
+    else if( tag == MBEDTLS_ASN1_GENERALIZED_TIME )
+        year_len = 4;
+    else
+        return( MBEDTLS_ERR_X509_INVALID_DATE +
+                MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+
+    (*p)++;
+    ret = mbedtls_asn1_get_len( p, end, &len );
+
+    if( ret != 0 )
+        return( MBEDTLS_ERR_X509_INVALID_DATE + ret );
+
+    return x509_parse_time( p, len, year_len, tm );
+}
+
+int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig )
+{
+    int ret;
+    size_t len;
+    int tag_type;
+
+    if( ( end - *p ) < 1 )
+        return( MBEDTLS_ERR_X509_INVALID_SIGNATURE +
+                MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+
+    tag_type = **p;
+
+    if( ( ret = mbedtls_asn1_get_bitstring_null( p, end, &len ) ) != 0 )
+        return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + ret );
+
+    sig->tag = tag_type;
+    sig->len = len;
+    sig->p = *p;
+
+    *p += len;
+
+    return( 0 );
+}
+
+/*
+ * Get signature algorithm from alg OID and optional parameters
+ */
+int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params,
+                      mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg,
+                      void **sig_opts )
+{
+    int ret;
+
+    if( *sig_opts != NULL )
+        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
+
+    if( ( ret = mbedtls_oid_get_sig_alg( sig_oid, md_alg, pk_alg ) ) != 0 )
+        return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + ret );
+
+#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
+    if( *pk_alg == MBEDTLS_PK_RSASSA_PSS )
+    {
+        mbedtls_pk_rsassa_pss_options *pss_opts;
+
+        pss_opts = mbedtls_calloc( 1, sizeof( mbedtls_pk_rsassa_pss_options ) );
+        if( pss_opts == NULL )
+            return( MBEDTLS_ERR_X509_ALLOC_FAILED );
+
+        ret = mbedtls_x509_get_rsassa_pss_params( sig_params,
+                                          md_alg,
+                                          &pss_opts->mgf1_hash_id,
+                                          &pss_opts->expected_salt_len );
+        if( ret != 0 )
+        {
+            mbedtls_free( pss_opts );
+            return( ret );
+        }
+
+        *sig_opts = (void *) pss_opts;
+    }
+    else
+#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
+    {
+        /* Make sure parameters are absent or NULL */
+        if( ( sig_params->tag != MBEDTLS_ASN1_NULL && sig_params->tag != 0 ) ||
+              sig_params->len != 0 )
+        return( MBEDTLS_ERR_X509_INVALID_ALG );
+    }
+
+    return( 0 );
+}
+
+/*
+ * X.509 Extensions (No parsing of extensions, pointer should
+ * be either manually updated or extensions should be parsed!)
+ */
+int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end,
+                  mbedtls_x509_buf *ext, int tag )
+{
+    int ret;
+    size_t len;
+
+    if( *p == end )
+        return( 0 );
+
+    ext->tag = **p;
+
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &ext->len,
+            MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag ) ) != 0 )
+        return( ret );
+
+    ext->p = *p;
+    end = *p + ext->len;
+
+    /*
+     * Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
+     *
+     * Extension  ::=  SEQUENCE  {
+     *      extnID      OBJECT IDENTIFIER,
+     *      critical    BOOLEAN DEFAULT FALSE,
+     *      extnValue   OCTET STRING  }
+     */
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+
+    if( end != *p + len )
+        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    return( 0 );
+}
+
+/*
+ * Store the name in printable form into buf; no more
+ * than size characters will be written
+ */
+int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn )
+{
+    int ret;
+    size_t i, n;
+    unsigned char c, merge = 0;
+    const mbedtls_x509_name *name;
+    const char *short_name = NULL;
+    char s[MBEDTLS_X509_MAX_DN_NAME_SIZE], *p;
+
+    memset( s, 0, sizeof( s ) );
+
+    name = dn;
+    p = buf;
+    n = size;
+
+    while( name != NULL )
+    {
+        if( !name->oid.p )
+        {
+            name = name->next;
+            continue;
+        }
+
+        if( name != dn )
+        {
+            ret = mbedtls_snprintf( p, n, merge ? " + " : ", " );
+            MBEDTLS_X509_SAFE_SNPRINTF;
+        }
+
+        ret = mbedtls_oid_get_attr_short_name( &name->oid, &short_name );
+
+        if( ret == 0 )
+            ret = mbedtls_snprintf( p, n, "%s=", short_name );
+        else
+            ret = mbedtls_snprintf( p, n, "\?\?=" );
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        for( i = 0; i < name->val.len; i++ )
+        {
+            if( i >= sizeof( s ) - 1 )
+                break;
+
+            c = name->val.p[i];
+            if( c < 32 || c == 127 || ( c > 128 && c < 160 ) )
+                 s[i] = '?';
+            else s[i] = c;
+        }
+        s[i] = '\0';
+        ret = mbedtls_snprintf( p, n, "%s", s );
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        merge = name->next_merged;
+        name = name->next;
+    }
+
+    return( (int) ( size - n ) );
+}
+
+/*
+ * Store the serial in printable form into buf; no more
+ * than size characters will be written
+ */
+int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *serial )
+{
+    int ret;
+    size_t i, n, nr;
+    char *p;
+
+    p = buf;
+    n = size;
+
+    nr = ( serial->len <= 32 )
+        ? serial->len  : 28;
+
+    for( i = 0; i < nr; i++ )
+    {
+        if( i == 0 && nr > 1 && serial->p[i] == 0x0 )
+            continue;
+
+        ret = mbedtls_snprintf( p, n, "%02X%s",
+                serial->p[i], ( i < nr - 1 ) ? ":" : "" );
+        MBEDTLS_X509_SAFE_SNPRINTF;
+    }
+
+    if( nr != serial->len )
+    {
+        ret = mbedtls_snprintf( p, n, "...." );
+        MBEDTLS_X509_SAFE_SNPRINTF;
+    }
+
+    return( (int) ( size - n ) );
+}
+
+/*
+ * Helper for writing signature algorithms
+ */
+int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid,
+                       mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
+                       const void *sig_opts )
+{
+    int ret;
+    char *p = buf;
+    size_t n = size;
+    const char *desc = NULL;
+
+    ret = mbedtls_oid_get_sig_alg_desc( sig_oid, &desc );
+    if( ret != 0 )
+        ret = mbedtls_snprintf( p, n, "???"  );
+    else
+        ret = mbedtls_snprintf( p, n, "%s", desc );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
+    if( pk_alg == MBEDTLS_PK_RSASSA_PSS )
+    {
+        const mbedtls_pk_rsassa_pss_options *pss_opts;
+        const mbedtls_md_info_t *md_info, *mgf_md_info;
+
+        pss_opts = (const mbedtls_pk_rsassa_pss_options *) sig_opts;
+
+        md_info = mbedtls_md_info_from_type( md_alg );
+        mgf_md_info = mbedtls_md_info_from_type( pss_opts->mgf1_hash_id );
+
+        ret = mbedtls_snprintf( p, n, " (%s, MGF1-%s, 0x%02X)",
+                              md_info ? mbedtls_md_get_name( md_info ) : "???",
+                              mgf_md_info ? mbedtls_md_get_name( mgf_md_info ) : "???",
+                              pss_opts->expected_salt_len );
+        MBEDTLS_X509_SAFE_SNPRINTF;
+    }
+#else
+    ((void) pk_alg);
+    ((void) md_alg);
+    ((void) sig_opts);
+#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
+
+    return( (int)( size - n ) );
+}
+
+/*
+ * Helper for writing "RSA key size", "EC key size", etc
+ */
+int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name )
+{
+    char *p = buf;
+    size_t n = buf_size;
+    int ret;
+
+    ret = mbedtls_snprintf( p, n, "%s key size", name );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_HAVE_TIME_DATE)
+/*
+ * Set the time structure to the current time.
+ * Return 0 on success, non-zero on failure.
+ */
+#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+static int x509_get_current_time( mbedtls_x509_time *now )
+{
+    SYSTEMTIME st;
+
+    GetSystemTime( &st );
+
+    now->year = st.wYear;
+    now->mon  = st.wMonth;
+    now->day  = st.wDay;
+    now->hour = st.wHour;
+    now->min  = st.wMinute;
+    now->sec  = st.wSecond;
+
+    return( 0 );
+}
+#else
+static int x509_get_current_time( mbedtls_x509_time *now )
+{
+    struct tm *lt;
+    mbedtls_time_t tt;
+    int ret = 0;
+
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_mutex_lock( &mbedtls_threading_gmtime_mutex ) != 0 )
+        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
+#endif
+
+    tt = mbedtls_time( NULL );
+    lt = gmtime( &tt );
+
+    if( lt == NULL )
+        ret = -1;
+    else
+    {
+        now->year = lt->tm_year + 1900;
+        now->mon  = lt->tm_mon  + 1;
+        now->day  = lt->tm_mday;
+        now->hour = lt->tm_hour;
+        now->min  = lt->tm_min;
+        now->sec  = lt->tm_sec;
+    }
+
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_mutex_unlock( &mbedtls_threading_gmtime_mutex ) != 0 )
+        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
+#endif
+
+    return( ret );
+}
+#endif /* _WIN32 && !EFIX64 && !EFI32 */
+
+/*
+ * Return 0 if before <= after, 1 otherwise
+ */
+static int x509_check_time( const mbedtls_x509_time *before, const mbedtls_x509_time *after )
+{
+    if( before->year  > after->year )
+        return( 1 );
+
+    if( before->year == after->year &&
+        before->mon   > after->mon )
+        return( 1 );
+
+    if( before->year == after->year &&
+        before->mon  == after->mon  &&
+        before->day   > after->day )
+        return( 1 );
+
+    if( before->year == after->year &&
+        before->mon  == after->mon  &&
+        before->day  == after->day  &&
+        before->hour  > after->hour )
+        return( 1 );
+
+    if( before->year == after->year &&
+        before->mon  == after->mon  &&
+        before->day  == after->day  &&
+        before->hour == after->hour &&
+        before->min   > after->min  )
+        return( 1 );
+
+    if( before->year == after->year &&
+        before->mon  == after->mon  &&
+        before->day  == after->day  &&
+        before->hour == after->hour &&
+        before->min  == after->min  &&
+        before->sec   > after->sec  )
+        return( 1 );
+
+    return( 0 );
+}
+
+int mbedtls_x509_time_is_past( const mbedtls_x509_time *to )
+{
+    mbedtls_x509_time now;
+
+    if( x509_get_current_time( &now ) != 0 )
+        return( 1 );
+
+    return( x509_check_time( &now, to ) );
+}
+
+int mbedtls_x509_time_is_future( const mbedtls_x509_time *from )
+{
+    mbedtls_x509_time now;
+
+    if( x509_get_current_time( &now ) != 0 )
+        return( 1 );
+
+    return( x509_check_time( from, &now ) );
+}
+
+#else  /* MBEDTLS_HAVE_TIME_DATE */
+
+int mbedtls_x509_time_is_past( const mbedtls_x509_time *to )
+{
+    ((void) to);
+    return( 0 );
+}
+
+int mbedtls_x509_time_is_future( const mbedtls_x509_time *from )
+{
+    ((void) from);
+    return( 0 );
+}
+#endif /* MBEDTLS_HAVE_TIME_DATE */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+#include "mbedtls/x509_crt.h"
+#include "mbedtls/certs.h"
+
+/*
+ * Checkup routine
+ */
+int mbedtls_x509_self_test( int verbose )
+{
+#if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_SHA256_C)
+    int ret;
+    uint32_t flags;
+    mbedtls_x509_crt cacert;
+    mbedtls_x509_crt clicert;
+
+    if( verbose != 0 )
+        mbedtls_printf( "  X.509 certificate load: " );
+
+    mbedtls_x509_crt_init( &clicert );
+
+    ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt,
+                           mbedtls_test_cli_crt_len );
+    if( ret != 0 )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "failed\n" );
+
+        return( ret );
+    }
+
+    mbedtls_x509_crt_init( &cacert );
+
+    ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_ca_crt,
+                          mbedtls_test_ca_crt_len );
+    if( ret != 0 )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "failed\n" );
+
+        return( ret );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n  X.509 signature verify: ");
+
+    ret = mbedtls_x509_crt_verify( &clicert, &cacert, NULL, NULL, &flags, NULL, NULL );
+    if( ret != 0 )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "failed\n" );
+
+        return( ret );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "passed\n\n");
+
+    mbedtls_x509_crt_free( &cacert  );
+    mbedtls_x509_crt_free( &clicert );
+
+    return( 0 );
+#else
+    ((void) verbose);
+    return( 0 );
+#endif /* MBEDTLS_CERTS_C && MBEDTLS_SHA1_C */
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_X509_USE_C */
diff --git a/thirdparty/mbedtls/library/x509_create.c b/thirdparty/mbedtls/library/x509_create.c
new file mode 100644
index 0000000000..df20ec8ebd
--- /dev/null
+++ b/thirdparty/mbedtls/library/x509_create.c
@@ -0,0 +1,340 @@
+/*
+ *  X.509 base functions for creating certificates / CSRs
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_X509_CREATE_C)
+
+#include "mbedtls/x509.h"
+#include "mbedtls/asn1write.h"
+#include "mbedtls/oid.h"
+
+#include <string.h>
+
+typedef struct {
+    const char *name;
+    size_t name_len;
+    const char*oid;
+} x509_attr_descriptor_t;
+
+#define ADD_STRLEN( s )     s, sizeof( s ) - 1
+
+static const x509_attr_descriptor_t x509_attrs[] =
+{
+    { ADD_STRLEN( "CN" ),                       MBEDTLS_OID_AT_CN },
+    { ADD_STRLEN( "commonName" ),               MBEDTLS_OID_AT_CN },
+    { ADD_STRLEN( "C" ),                        MBEDTLS_OID_AT_COUNTRY },
+    { ADD_STRLEN( "countryName" ),              MBEDTLS_OID_AT_COUNTRY },
+    { ADD_STRLEN( "O" ),                        MBEDTLS_OID_AT_ORGANIZATION },
+    { ADD_STRLEN( "organizationName" ),         MBEDTLS_OID_AT_ORGANIZATION },
+    { ADD_STRLEN( "L" ),                        MBEDTLS_OID_AT_LOCALITY },
+    { ADD_STRLEN( "locality" ),                 MBEDTLS_OID_AT_LOCALITY },
+    { ADD_STRLEN( "R" ),                        MBEDTLS_OID_PKCS9_EMAIL },
+    { ADD_STRLEN( "OU" ),                       MBEDTLS_OID_AT_ORG_UNIT },
+    { ADD_STRLEN( "organizationalUnitName" ),   MBEDTLS_OID_AT_ORG_UNIT },
+    { ADD_STRLEN( "ST" ),                       MBEDTLS_OID_AT_STATE },
+    { ADD_STRLEN( "stateOrProvinceName" ),      MBEDTLS_OID_AT_STATE },
+    { ADD_STRLEN( "emailAddress" ),             MBEDTLS_OID_PKCS9_EMAIL },
+    { ADD_STRLEN( "serialNumber" ),             MBEDTLS_OID_AT_SERIAL_NUMBER },
+    { ADD_STRLEN( "postalAddress" ),            MBEDTLS_OID_AT_POSTAL_ADDRESS },
+    { ADD_STRLEN( "postalCode" ),               MBEDTLS_OID_AT_POSTAL_CODE },
+    { ADD_STRLEN( "dnQualifier" ),              MBEDTLS_OID_AT_DN_QUALIFIER },
+    { ADD_STRLEN( "title" ),                    MBEDTLS_OID_AT_TITLE },
+    { ADD_STRLEN( "surName" ),                  MBEDTLS_OID_AT_SUR_NAME },
+    { ADD_STRLEN( "SN" ),                       MBEDTLS_OID_AT_SUR_NAME },
+    { ADD_STRLEN( "givenName" ),                MBEDTLS_OID_AT_GIVEN_NAME },
+    { ADD_STRLEN( "GN" ),                       MBEDTLS_OID_AT_GIVEN_NAME },
+    { ADD_STRLEN( "initials" ),                 MBEDTLS_OID_AT_INITIALS },
+    { ADD_STRLEN( "pseudonym" ),                MBEDTLS_OID_AT_PSEUDONYM },
+    { ADD_STRLEN( "generationQualifier" ),      MBEDTLS_OID_AT_GENERATION_QUALIFIER },
+    { ADD_STRLEN( "domainComponent" ),          MBEDTLS_OID_DOMAIN_COMPONENT },
+    { ADD_STRLEN( "DC" ),                       MBEDTLS_OID_DOMAIN_COMPONENT },
+    { NULL, 0, NULL }
+};
+
+static const char *x509_at_oid_from_name( const char *name, size_t name_len )
+{
+    const x509_attr_descriptor_t *cur;
+
+    for( cur = x509_attrs; cur->name != NULL; cur++ )
+        if( cur->name_len == name_len &&
+            strncmp( cur->name, name, name_len ) == 0 )
+            break;
+
+    return( cur->oid );
+}
+
+int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name )
+{
+    int ret = 0;
+    const char *s = name, *c = s;
+    const char *end = s + strlen( s );
+    const char *oid = NULL;
+    int in_tag = 1;
+    char data[MBEDTLS_X509_MAX_DN_NAME_SIZE];
+    char *d = data;
+
+    /* Clear existing chain if present */
+    mbedtls_asn1_free_named_data_list( head );
+
+    while( c <= end )
+    {
+        if( in_tag && *c == '=' )
+        {
+            if( ( oid = x509_at_oid_from_name( s, c - s ) ) == NULL )
+            {
+                ret = MBEDTLS_ERR_X509_UNKNOWN_OID;
+                goto exit;
+            }
+
+            s = c + 1;
+            in_tag = 0;
+            d = data;
+        }
+
+        if( !in_tag && *c == '\\' && c != end )
+        {
+            c++;
+
+            /* Check for valid escaped characters */
+            if( c == end || *c != ',' )
+            {
+                ret = MBEDTLS_ERR_X509_INVALID_NAME;
+                goto exit;
+            }
+        }
+        else if( !in_tag && ( *c == ',' || c == end ) )
+        {
+            if( mbedtls_asn1_store_named_data( head, oid, strlen( oid ),
+                                       (unsigned char *) data,
+                                       d - data ) == NULL )
+            {
+                return( MBEDTLS_ERR_X509_ALLOC_FAILED );
+            }
+
+            while( c < end && *(c + 1) == ' ' )
+                c++;
+
+            s = c + 1;
+            in_tag = 1;
+        }
+
+        if( !in_tag && s != c + 1 )
+        {
+            *(d++) = *c;
+
+            if( d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE )
+            {
+                ret = MBEDTLS_ERR_X509_INVALID_NAME;
+                goto exit;
+            }
+        }
+
+        c++;
+    }
+
+exit:
+
+    return( ret );
+}
+
+/* The first byte of the value in the mbedtls_asn1_named_data structure is reserved
+ * to store the critical boolean for us
+ */
+int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len,
+                        int critical, const unsigned char *val, size_t val_len )
+{
+    mbedtls_asn1_named_data *cur;
+
+    if( ( cur = mbedtls_asn1_store_named_data( head, oid, oid_len,
+                                       NULL, val_len + 1 ) ) == NULL )
+    {
+        return( MBEDTLS_ERR_X509_ALLOC_FAILED );
+    }
+
+    cur->val.p[0] = critical;
+    memcpy( cur->val.p + 1, val, val_len );
+
+    return( 0 );
+}
+
+/*
+ *  RelativeDistinguishedName ::=
+ *    SET OF AttributeTypeAndValue
+ *
+ *  AttributeTypeAndValue ::= SEQUENCE {
+ *    type     AttributeType,
+ *    value    AttributeValue }
+ *
+ *  AttributeType ::= OBJECT IDENTIFIER
+ *
+ *  AttributeValue ::= ANY DEFINED BY AttributeType
+ */
+static int x509_write_name( unsigned char **p, unsigned char *start,
+                            const char *oid, size_t oid_len,
+                            const unsigned char *name, size_t name_len )
+{
+    int ret;
+    size_t len = 0;
+
+    // Write PrintableString for all except MBEDTLS_OID_PKCS9_EMAIL
+    //
+    if( MBEDTLS_OID_SIZE( MBEDTLS_OID_PKCS9_EMAIL ) == oid_len &&
+        memcmp( oid, MBEDTLS_OID_PKCS9_EMAIL, oid_len ) == 0 )
+    {
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_ia5_string( p, start,
+                                                  (const char *) name,
+                                                  name_len ) );
+    }
+    else
+    {
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_printable_string( p, start,
+                                                        (const char *) name,
+                                                        name_len ) );
+    }
+
+    // Write OID
+    //
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) );
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED |
+                                                 MBEDTLS_ASN1_SEQUENCE ) );
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED |
+                                                 MBEDTLS_ASN1_SET ) );
+
+    return( (int) len );
+}
+
+int mbedtls_x509_write_names( unsigned char **p, unsigned char *start,
+                      mbedtls_asn1_named_data *first )
+{
+    int ret;
+    size_t len = 0;
+    mbedtls_asn1_named_data *cur = first;
+
+    while( cur != NULL )
+    {
+        MBEDTLS_ASN1_CHK_ADD( len, x509_write_name( p, start, (char *) cur->oid.p,
+                                            cur->oid.len,
+                                            cur->val.p, cur->val.len ) );
+        cur = cur->next;
+    }
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED |
+                                                 MBEDTLS_ASN1_SEQUENCE ) );
+
+    return( (int) len );
+}
+
+int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start,
+                    const char *oid, size_t oid_len,
+                    unsigned char *sig, size_t size )
+{
+    int ret;
+    size_t len = 0;
+
+    if( *p < start || (size_t)( *p - start ) < size )
+        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+    len = size;
+    (*p) -= len;
+    memcpy( *p, sig, len );
+
+    if( *p - start < 1 )
+        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+    *--(*p) = 0;
+    len += 1;
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) );
+
+    // Write OID
+    //
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( p, start, oid,
+                                                        oid_len, 0 ) );
+
+    return( (int) len );
+}
+
+static int x509_write_extension( unsigned char **p, unsigned char *start,
+                                 mbedtls_asn1_named_data *ext )
+{
+    int ret;
+    size_t len = 0;
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, ext->val.p + 1,
+                                              ext->val.len - 1 ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, ext->val.len - 1 ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OCTET_STRING ) );
+
+    if( ext->val.p[0] != 0 )
+    {
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_bool( p, start, 1 ) );
+    }
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, ext->oid.p,
+                                              ext->oid.len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, ext->oid.len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OID ) );
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED |
+                                                 MBEDTLS_ASN1_SEQUENCE ) );
+
+    return( (int) len );
+}
+
+/*
+ * Extension  ::=  SEQUENCE  {
+ *     extnID      OBJECT IDENTIFIER,
+ *     critical    BOOLEAN DEFAULT FALSE,
+ *     extnValue   OCTET STRING
+ *                 -- contains the DER encoding of an ASN.1 value
+ *                 -- corresponding to the extension type identified
+ *                 -- by extnID
+ *     }
+ */
+int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start,
+                           mbedtls_asn1_named_data *first )
+{
+    int ret;
+    size_t len = 0;
+    mbedtls_asn1_named_data *cur_ext = first;
+
+    while( cur_ext != NULL )
+    {
+        MBEDTLS_ASN1_CHK_ADD( len, x509_write_extension( p, start, cur_ext ) );
+        cur_ext = cur_ext->next;
+    }
+
+    return( (int) len );
+}
+
+#endif /* MBEDTLS_X509_CREATE_C */
diff --git a/thirdparty/mbedtls/library/x509_crl.c b/thirdparty/mbedtls/library/x509_crl.c
new file mode 100644
index 0000000000..55d12acd03
--- /dev/null
+++ b/thirdparty/mbedtls/library/x509_crl.c
@@ -0,0 +1,723 @@
+/*
+ *  X.509 Certidicate Revocation List (CRL) parsing
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ *  The ITU-T X.509 standard defines a certificate format for PKI.
+ *
+ *  http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs)
+ *  http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs)
+ *  http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10)
+ *
+ *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
+ *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_X509_CRL_PARSE_C)
+
+#include "mbedtls/x509_crl.h"
+#include "mbedtls/oid.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+#include "mbedtls/pem.h"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#include <stdio.h>
+#define mbedtls_free       free
+#define mbedtls_calloc    calloc
+#define mbedtls_snprintf   snprintf
+#endif
+
+#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+#include <windows.h>
+#else
+#include <time.h>
+#endif
+
+#if defined(MBEDTLS_FS_IO) || defined(EFIX64) || defined(EFI32)
+#include <stdio.h>
+#endif
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+/*
+ *  Version  ::=  INTEGER  {  v1(0), v2(1)  }
+ */
+static int x509_crl_get_version( unsigned char **p,
+                             const unsigned char *end,
+                             int *ver )
+{
+    int ret;
+
+    if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 )
+    {
+        if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
+        {
+            *ver = 0;
+            return( 0 );
+        }
+
+        return( MBEDTLS_ERR_X509_INVALID_VERSION + ret );
+    }
+
+    return( 0 );
+}
+
+/*
+ * X.509 CRL v2 extensions (no extensions parsed yet.)
+ */
+static int x509_get_crl_ext( unsigned char **p,
+                             const unsigned char *end,
+                             mbedtls_x509_buf *ext )
+{
+    int ret;
+    size_t len = 0;
+
+    /* Get explicit tag */
+    if( ( ret = mbedtls_x509_get_ext( p, end, ext, 0) ) != 0 )
+    {
+        if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
+            return( 0 );
+
+        return( ret );
+    }
+
+    while( *p < end )
+    {
+        if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
+                MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+
+        *p += len;
+    }
+
+    if( *p != end )
+        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    return( 0 );
+}
+
+/*
+ * X.509 CRL v2 entry extensions (no extensions parsed yet.)
+ */
+static int x509_get_crl_entry_ext( unsigned char **p,
+                             const unsigned char *end,
+                             mbedtls_x509_buf *ext )
+{
+    int ret;
+    size_t len = 0;
+
+    /* OPTIONAL */
+    if( end <= *p )
+        return( 0 );
+
+    ext->tag = **p;
+    ext->p = *p;
+
+    /*
+     * Get CRL-entry extension sequence header
+     * crlEntryExtensions      Extensions OPTIONAL  -- if present, MUST be v2
+     */
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &ext->len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+    {
+        if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
+        {
+            ext->p = NULL;
+            return( 0 );
+        }
+        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+    }
+
+    end = *p + ext->len;
+
+    if( end != *p + ext->len )
+        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    while( *p < end )
+    {
+        if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
+                MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+
+        *p += len;
+    }
+
+    if( *p != end )
+        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    return( 0 );
+}
+
+/*
+ * X.509 CRL Entries
+ */
+static int x509_get_entries( unsigned char **p,
+                             const unsigned char *end,
+                             mbedtls_x509_crl_entry *entry )
+{
+    int ret;
+    size_t entry_len;
+    mbedtls_x509_crl_entry *cur_entry = entry;
+
+    if( *p == end )
+        return( 0 );
+
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &entry_len,
+            MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED ) ) != 0 )
+    {
+        if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
+            return( 0 );
+
+        return( ret );
+    }
+
+    end = *p + entry_len;
+
+    while( *p < end )
+    {
+        size_t len2;
+        const unsigned char *end2;
+
+        if( ( ret = mbedtls_asn1_get_tag( p, end, &len2,
+                MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED ) ) != 0 )
+        {
+            return( ret );
+        }
+
+        cur_entry->raw.tag = **p;
+        cur_entry->raw.p = *p;
+        cur_entry->raw.len = len2;
+        end2 = *p + len2;
+
+        if( ( ret = mbedtls_x509_get_serial( p, end2, &cur_entry->serial ) ) != 0 )
+            return( ret );
+
+        if( ( ret = mbedtls_x509_get_time( p, end2,
+                                   &cur_entry->revocation_date ) ) != 0 )
+            return( ret );
+
+        if( ( ret = x509_get_crl_entry_ext( p, end2,
+                                            &cur_entry->entry_ext ) ) != 0 )
+            return( ret );
+
+        if( *p < end )
+        {
+            cur_entry->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl_entry ) );
+
+            if( cur_entry->next == NULL )
+                return( MBEDTLS_ERR_X509_ALLOC_FAILED );
+
+            cur_entry = cur_entry->next;
+        }
+    }
+
+    return( 0 );
+}
+
+/*
+ * Parse one  CRLs in DER format and append it to the chained list
+ */
+int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain,
+                        const unsigned char *buf, size_t buflen )
+{
+    int ret;
+    size_t len;
+    unsigned char *p, *end;
+    mbedtls_x509_buf sig_params1, sig_params2, sig_oid2;
+    mbedtls_x509_crl *crl = chain;
+
+    /*
+     * Check for valid input
+     */
+    if( crl == NULL || buf == NULL )
+        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
+
+    memset( &sig_params1, 0, sizeof( mbedtls_x509_buf ) );
+    memset( &sig_params2, 0, sizeof( mbedtls_x509_buf ) );
+    memset( &sig_oid2, 0, sizeof( mbedtls_x509_buf ) );
+
+    /*
+     * Add new CRL on the end of the chain if needed.
+     */
+    while( crl->version != 0 && crl->next != NULL )
+        crl = crl->next;
+
+    if( crl->version != 0 && crl->next == NULL )
+    {
+        crl->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_crl ) );
+
+        if( crl->next == NULL )
+        {
+            mbedtls_x509_crl_free( crl );
+            return( MBEDTLS_ERR_X509_ALLOC_FAILED );
+        }
+
+        mbedtls_x509_crl_init( crl->next );
+        crl = crl->next;
+    }
+
+    /*
+     * Copy raw DER-encoded CRL
+     */
+    if( ( p = mbedtls_calloc( 1, buflen ) ) == NULL )
+        return( MBEDTLS_ERR_X509_ALLOC_FAILED );
+
+    memcpy( p, buf, buflen );
+
+    crl->raw.p = p;
+    crl->raw.len = buflen;
+
+    end = p + buflen;
+
+    /*
+     * CertificateList  ::=  SEQUENCE  {
+     *      tbsCertList          TBSCertList,
+     *      signatureAlgorithm   AlgorithmIdentifier,
+     *      signatureValue       BIT STRING  }
+     */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+    {
+        mbedtls_x509_crl_free( crl );
+        return( MBEDTLS_ERR_X509_INVALID_FORMAT );
+    }
+
+    if( len != (size_t) ( end - p ) )
+    {
+        mbedtls_x509_crl_free( crl );
+        return( MBEDTLS_ERR_X509_INVALID_FORMAT +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+    }
+
+    /*
+     * TBSCertList  ::=  SEQUENCE  {
+     */
+    crl->tbs.p = p;
+
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+    {
+        mbedtls_x509_crl_free( crl );
+        return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
+    }
+
+    end = p + len;
+    crl->tbs.len = end - crl->tbs.p;
+
+    /*
+     * Version  ::=  INTEGER  OPTIONAL {  v1(0), v2(1)  }
+     *               -- if present, MUST be v2
+     *
+     * signature            AlgorithmIdentifier
+     */
+    if( ( ret = x509_crl_get_version( &p, end, &crl->version ) ) != 0 ||
+        ( ret = mbedtls_x509_get_alg( &p, end, &crl->sig_oid, &sig_params1 ) ) != 0 )
+    {
+        mbedtls_x509_crl_free( crl );
+        return( ret );
+    }
+
+    if( crl->version < 0 || crl->version > 1 )
+    {
+        mbedtls_x509_crl_free( crl );
+        return( MBEDTLS_ERR_X509_UNKNOWN_VERSION );
+    }
+
+    crl->version++;
+
+    if( ( ret = mbedtls_x509_get_sig_alg( &crl->sig_oid, &sig_params1,
+                                  &crl->sig_md, &crl->sig_pk,
+                                  &crl->sig_opts ) ) != 0 )
+    {
+        mbedtls_x509_crl_free( crl );
+        return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG );
+    }
+
+    /*
+     * issuer               Name
+     */
+    crl->issuer_raw.p = p;
+
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+    {
+        mbedtls_x509_crl_free( crl );
+        return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
+    }
+
+    if( ( ret = mbedtls_x509_get_name( &p, p + len, &crl->issuer ) ) != 0 )
+    {
+        mbedtls_x509_crl_free( crl );
+        return( ret );
+    }
+
+    crl->issuer_raw.len = p - crl->issuer_raw.p;
+
+    /*
+     * thisUpdate          Time
+     * nextUpdate          Time OPTIONAL
+     */
+    if( ( ret = mbedtls_x509_get_time( &p, end, &crl->this_update ) ) != 0 )
+    {
+        mbedtls_x509_crl_free( crl );
+        return( ret );
+    }
+
+    if( ( ret = mbedtls_x509_get_time( &p, end, &crl->next_update ) ) != 0 )
+    {
+        if( ret != ( MBEDTLS_ERR_X509_INVALID_DATE +
+                        MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) &&
+            ret != ( MBEDTLS_ERR_X509_INVALID_DATE +
+                        MBEDTLS_ERR_ASN1_OUT_OF_DATA ) )
+        {
+            mbedtls_x509_crl_free( crl );
+            return( ret );
+        }
+    }
+
+    /*
+     * revokedCertificates    SEQUENCE OF SEQUENCE   {
+     *      userCertificate        CertificateSerialNumber,
+     *      revocationDate         Time,
+     *      crlEntryExtensions     Extensions OPTIONAL
+     *                                   -- if present, MUST be v2
+     *                        } OPTIONAL
+     */
+    if( ( ret = x509_get_entries( &p, end, &crl->entry ) ) != 0 )
+    {
+        mbedtls_x509_crl_free( crl );
+        return( ret );
+    }
+
+    /*
+     * crlExtensions          EXPLICIT Extensions OPTIONAL
+     *                              -- if present, MUST be v2
+     */
+    if( crl->version == 2 )
+    {
+        ret = x509_get_crl_ext( &p, end, &crl->crl_ext );
+
+        if( ret != 0 )
+        {
+            mbedtls_x509_crl_free( crl );
+            return( ret );
+        }
+    }
+
+    if( p != end )
+    {
+        mbedtls_x509_crl_free( crl );
+        return( MBEDTLS_ERR_X509_INVALID_FORMAT +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+    }
+
+    end = crl->raw.p + crl->raw.len;
+
+    /*
+     *  signatureAlgorithm   AlgorithmIdentifier,
+     *  signatureValue       BIT STRING
+     */
+    if( ( ret = mbedtls_x509_get_alg( &p, end, &sig_oid2, &sig_params2 ) ) != 0 )
+    {
+        mbedtls_x509_crl_free( crl );
+        return( ret );
+    }
+
+    if( crl->sig_oid.len != sig_oid2.len ||
+        memcmp( crl->sig_oid.p, sig_oid2.p, crl->sig_oid.len ) != 0 ||
+        sig_params1.len != sig_params2.len ||
+        ( sig_params1.len != 0 &&
+          memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 ) )
+    {
+        mbedtls_x509_crl_free( crl );
+        return( MBEDTLS_ERR_X509_SIG_MISMATCH );
+    }
+
+    if( ( ret = mbedtls_x509_get_sig( &p, end, &crl->sig ) ) != 0 )
+    {
+        mbedtls_x509_crl_free( crl );
+        return( ret );
+    }
+
+    if( p != end )
+    {
+        mbedtls_x509_crl_free( crl );
+        return( MBEDTLS_ERR_X509_INVALID_FORMAT +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+    }
+
+    return( 0 );
+}
+
+/*
+ * Parse one or more CRLs and add them to the chained list
+ */
+int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen )
+{
+#if defined(MBEDTLS_PEM_PARSE_C)
+    int ret;
+    size_t use_len;
+    mbedtls_pem_context pem;
+    int is_pem = 0;
+
+    if( chain == NULL || buf == NULL )
+        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
+
+    do
+    {
+        mbedtls_pem_init( &pem );
+
+        // Avoid calling mbedtls_pem_read_buffer() on non-null-terminated
+        // string
+        if( buflen == 0 || buf[buflen - 1] != '\0' )
+            ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
+        else
+            ret = mbedtls_pem_read_buffer( &pem,
+                                           "-----BEGIN X509 CRL-----",
+                                           "-----END X509 CRL-----",
+                                            buf, NULL, 0, &use_len );
+
+        if( ret == 0 )
+        {
+            /*
+             * Was PEM encoded
+             */
+            is_pem = 1;
+
+            buflen -= use_len;
+            buf += use_len;
+
+            if( ( ret = mbedtls_x509_crl_parse_der( chain,
+                                            pem.buf, pem.buflen ) ) != 0 )
+            {
+                mbedtls_pem_free( &pem );
+                return( ret );
+            }
+        }
+        else if( is_pem )
+        {
+            mbedtls_pem_free( &pem );
+            return( ret );
+        }
+
+        mbedtls_pem_free( &pem );
+    }
+    /* In the PEM case, buflen is 1 at the end, for the terminated NULL byte.
+     * And a valid CRL cannot be less than 1 byte anyway. */
+    while( is_pem && buflen > 1 );
+
+    if( is_pem )
+        return( 0 );
+    else
+#endif /* MBEDTLS_PEM_PARSE_C */
+        return( mbedtls_x509_crl_parse_der( chain, buf, buflen ) );
+}
+
+#if defined(MBEDTLS_FS_IO)
+/*
+ * Load one or more CRLs and add them to the chained list
+ */
+int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path )
+{
+    int ret;
+    size_t n;
+    unsigned char *buf;
+
+    if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 )
+        return( ret );
+
+    ret = mbedtls_x509_crl_parse( chain, buf, n );
+
+    mbedtls_zeroize( buf, n );
+    mbedtls_free( buf );
+
+    return( ret );
+}
+#endif /* MBEDTLS_FS_IO */
+
+/*
+ * Return an informational string about the certificate.
+ */
+#define BEFORE_COLON    14
+#define BC              "14"
+/*
+ * Return an informational string about the CRL.
+ */
+int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix,
+                   const mbedtls_x509_crl *crl )
+{
+    int ret;
+    size_t n;
+    char *p;
+    const mbedtls_x509_crl_entry *entry;
+
+    p = buf;
+    n = size;
+
+    ret = mbedtls_snprintf( p, n, "%sCRL version   : %d",
+                               prefix, crl->version );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf( p, n, "\n%sissuer name   : ", prefix );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+    ret = mbedtls_x509_dn_gets( p, n, &crl->issuer );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf( p, n, "\n%sthis update   : " \
+                   "%04d-%02d-%02d %02d:%02d:%02d", prefix,
+                   crl->this_update.year, crl->this_update.mon,
+                   crl->this_update.day,  crl->this_update.hour,
+                   crl->this_update.min,  crl->this_update.sec );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf( p, n, "\n%snext update   : " \
+                   "%04d-%02d-%02d %02d:%02d:%02d", prefix,
+                   crl->next_update.year, crl->next_update.mon,
+                   crl->next_update.day,  crl->next_update.hour,
+                   crl->next_update.min,  crl->next_update.sec );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    entry = &crl->entry;
+
+    ret = mbedtls_snprintf( p, n, "\n%sRevoked certificates:",
+                               prefix );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    while( entry != NULL && entry->raw.len != 0 )
+    {
+        ret = mbedtls_snprintf( p, n, "\n%sserial number: ",
+                               prefix );
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        ret = mbedtls_x509_serial_gets( p, n, &entry->serial );
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        ret = mbedtls_snprintf( p, n, " revocation date: " \
+                   "%04d-%02d-%02d %02d:%02d:%02d",
+                   entry->revocation_date.year, entry->revocation_date.mon,
+                   entry->revocation_date.day,  entry->revocation_date.hour,
+                   entry->revocation_date.min,  entry->revocation_date.sec );
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        entry = entry->next;
+    }
+
+    ret = mbedtls_snprintf( p, n, "\n%ssigned using  : ", prefix );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_x509_sig_alg_gets( p, n, &crl->sig_oid, crl->sig_pk, crl->sig_md,
+                             crl->sig_opts );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf( p, n, "\n" );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    return( (int) ( size - n ) );
+}
+
+/*
+ * Initialize a CRL chain
+ */
+void mbedtls_x509_crl_init( mbedtls_x509_crl *crl )
+{
+    memset( crl, 0, sizeof(mbedtls_x509_crl) );
+}
+
+/*
+ * Unallocate all CRL data
+ */
+void mbedtls_x509_crl_free( mbedtls_x509_crl *crl )
+{
+    mbedtls_x509_crl *crl_cur = crl;
+    mbedtls_x509_crl *crl_prv;
+    mbedtls_x509_name *name_cur;
+    mbedtls_x509_name *name_prv;
+    mbedtls_x509_crl_entry *entry_cur;
+    mbedtls_x509_crl_entry *entry_prv;
+
+    if( crl == NULL )
+        return;
+
+    do
+    {
+#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
+        mbedtls_free( crl_cur->sig_opts );
+#endif
+
+        name_cur = crl_cur->issuer.next;
+        while( name_cur != NULL )
+        {
+            name_prv = name_cur;
+            name_cur = name_cur->next;
+            mbedtls_zeroize( name_prv, sizeof( mbedtls_x509_name ) );
+            mbedtls_free( name_prv );
+        }
+
+        entry_cur = crl_cur->entry.next;
+        while( entry_cur != NULL )
+        {
+            entry_prv = entry_cur;
+            entry_cur = entry_cur->next;
+            mbedtls_zeroize( entry_prv, sizeof( mbedtls_x509_crl_entry ) );
+            mbedtls_free( entry_prv );
+        }
+
+        if( crl_cur->raw.p != NULL )
+        {
+            mbedtls_zeroize( crl_cur->raw.p, crl_cur->raw.len );
+            mbedtls_free( crl_cur->raw.p );
+        }
+
+        crl_cur = crl_cur->next;
+    }
+    while( crl_cur != NULL );
+
+    crl_cur = crl;
+    do
+    {
+        crl_prv = crl_cur;
+        crl_cur = crl_cur->next;
+
+        mbedtls_zeroize( crl_prv, sizeof( mbedtls_x509_crl ) );
+        if( crl_prv != crl )
+            mbedtls_free( crl_prv );
+    }
+    while( crl_cur != NULL );
+}
+
+#endif /* MBEDTLS_X509_CRL_PARSE_C */
diff --git a/thirdparty/mbedtls/library/x509_crt.c b/thirdparty/mbedtls/library/x509_crt.c
new file mode 100644
index 0000000000..c6209fb40d
--- /dev/null
+++ b/thirdparty/mbedtls/library/x509_crt.c
@@ -0,0 +1,2425 @@
+/*
+ *  X.509 certificate parsing and verification
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ *  The ITU-T X.509 standard defines a certificate format for PKI.
+ *
+ *  http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs)
+ *  http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs)
+ *  http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10)
+ *
+ *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
+ *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+
+#include "mbedtls/x509_crt.h"
+#include "mbedtls/oid.h"
+
+#include <stdio.h>
+#include <string.h>
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+#include "mbedtls/pem.h"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define mbedtls_free       free
+#define mbedtls_calloc    calloc
+#define mbedtls_snprintf   snprintf
+#endif
+
+#if defined(MBEDTLS_THREADING_C)
+#include "mbedtls/threading.h"
+#endif
+
+#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+#include <windows.h>
+#else
+#include <time.h>
+#endif
+
+#if defined(MBEDTLS_FS_IO)
+#include <stdio.h>
+#if !defined(_WIN32) || defined(EFIX64) || defined(EFI32)
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <dirent.h>
+#endif /* !_WIN32 || EFIX64 || EFI32 */
+#endif
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+/*
+ * Default profile
+ */
+const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default =
+{
+#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES)
+    /* Allow SHA-1 (weak, but still safe in controlled environments) */
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ) |
+#endif
+    /* Only SHA-2 hashes */
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) |
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) |
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ),
+    0xFFFFFFF, /* Any PK alg    */
+    0xFFFFFFF, /* Any curve     */
+    2048,
+};
+
+/*
+ * Next-default profile
+ */
+const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next =
+{
+    /* Hashes from SHA-256 and above */
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) |
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ),
+    0xFFFFFFF, /* Any PK alg    */
+#if defined(MBEDTLS_ECP_C)
+    /* Curves at or above 128-bit security level */
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) |
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ) |
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP521R1 ) |
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP256R1 ) |
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP384R1 ) |
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP512R1 ) |
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256K1 ),
+#else
+    0,
+#endif
+    2048,
+};
+
+/*
+ * NSA Suite B Profile
+ */
+const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb =
+{
+    /* Only SHA-256 and 384 */
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ),
+    /* Only ECDSA */
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_ECDSA ),
+#if defined(MBEDTLS_ECP_C)
+    /* Only NIST P-256 and P-384 */
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) |
+    MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ),
+#else
+    0,
+#endif
+    0,
+};
+
+/*
+ * Check md_alg against profile
+ * Return 0 if md_alg acceptable for this profile, -1 otherwise
+ */
+static int x509_profile_check_md_alg( const mbedtls_x509_crt_profile *profile,
+                                      mbedtls_md_type_t md_alg )
+{
+    if( ( profile->allowed_mds & MBEDTLS_X509_ID_FLAG( md_alg ) ) != 0 )
+        return( 0 );
+
+    return( -1 );
+}
+
+/*
+ * Check pk_alg against profile
+ * Return 0 if pk_alg acceptable for this profile, -1 otherwise
+ */
+static int x509_profile_check_pk_alg( const mbedtls_x509_crt_profile *profile,
+                                      mbedtls_pk_type_t pk_alg )
+{
+    if( ( profile->allowed_pks & MBEDTLS_X509_ID_FLAG( pk_alg ) ) != 0 )
+        return( 0 );
+
+    return( -1 );
+}
+
+/*
+ * Check key against profile
+ * Return 0 if pk_alg acceptable for this profile, -1 otherwise
+ */
+static int x509_profile_check_key( const mbedtls_x509_crt_profile *profile,
+                                   mbedtls_pk_type_t pk_alg,
+                                   const mbedtls_pk_context *pk )
+{
+#if defined(MBEDTLS_RSA_C)
+    if( pk_alg == MBEDTLS_PK_RSA || pk_alg == MBEDTLS_PK_RSASSA_PSS )
+    {
+        if( mbedtls_pk_get_bitlen( pk ) >= profile->rsa_min_bitlen )
+            return( 0 );
+
+        return( -1 );
+    }
+#endif
+
+#if defined(MBEDTLS_ECP_C)
+    if( pk_alg == MBEDTLS_PK_ECDSA ||
+        pk_alg == MBEDTLS_PK_ECKEY ||
+        pk_alg == MBEDTLS_PK_ECKEY_DH )
+    {
+        mbedtls_ecp_group_id gid = mbedtls_pk_ec( *pk )->grp.id;
+
+        if( ( profile->allowed_curves & MBEDTLS_X509_ID_FLAG( gid ) ) != 0 )
+            return( 0 );
+
+        return( -1 );
+    }
+#endif
+
+    return( -1 );
+}
+
+/*
+ *  Version  ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
+ */
+static int x509_get_version( unsigned char **p,
+                             const unsigned char *end,
+                             int *ver )
+{
+    int ret;
+    size_t len;
+
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
+            MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ) != 0 )
+    {
+        if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
+        {
+            *ver = 0;
+            return( 0 );
+        }
+
+        return( ret );
+    }
+
+    end = *p + len;
+
+    if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 )
+        return( MBEDTLS_ERR_X509_INVALID_VERSION + ret );
+
+    if( *p != end )
+        return( MBEDTLS_ERR_X509_INVALID_VERSION +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    return( 0 );
+}
+
+/*
+ *  Validity ::= SEQUENCE {
+ *       notBefore      Time,
+ *       notAfter       Time }
+ */
+static int x509_get_dates( unsigned char **p,
+                           const unsigned char *end,
+                           mbedtls_x509_time *from,
+                           mbedtls_x509_time *to )
+{
+    int ret;
+    size_t len;
+
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+        return( MBEDTLS_ERR_X509_INVALID_DATE + ret );
+
+    end = *p + len;
+
+    if( ( ret = mbedtls_x509_get_time( p, end, from ) ) != 0 )
+        return( ret );
+
+    if( ( ret = mbedtls_x509_get_time( p, end, to ) ) != 0 )
+        return( ret );
+
+    if( *p != end )
+        return( MBEDTLS_ERR_X509_INVALID_DATE +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    return( 0 );
+}
+
+/*
+ * X.509 v2/v3 unique identifier (not parsed)
+ */
+static int x509_get_uid( unsigned char **p,
+                         const unsigned char *end,
+                         mbedtls_x509_buf *uid, int n )
+{
+    int ret;
+
+    if( *p == end )
+        return( 0 );
+
+    uid->tag = **p;
+
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &uid->len,
+            MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | n ) ) != 0 )
+    {
+        if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
+            return( 0 );
+
+        return( ret );
+    }
+
+    uid->p = *p;
+    *p += uid->len;
+
+    return( 0 );
+}
+
+static int x509_get_basic_constraints( unsigned char **p,
+                                       const unsigned char *end,
+                                       int *ca_istrue,
+                                       int *max_pathlen )
+{
+    int ret;
+    size_t len;
+
+    /*
+     * BasicConstraints ::= SEQUENCE {
+     *      cA                      BOOLEAN DEFAULT FALSE,
+     *      pathLenConstraint       INTEGER (0..MAX) OPTIONAL }
+     */
+    *ca_istrue = 0; /* DEFAULT FALSE */
+    *max_pathlen = 0; /* endless */
+
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+
+    if( *p == end )
+        return( 0 );
+
+    if( ( ret = mbedtls_asn1_get_bool( p, end, ca_istrue ) ) != 0 )
+    {
+        if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
+            ret = mbedtls_asn1_get_int( p, end, ca_istrue );
+
+        if( ret != 0 )
+            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+
+        if( *ca_istrue != 0 )
+            *ca_istrue = 1;
+    }
+
+    if( *p == end )
+        return( 0 );
+
+    if( ( ret = mbedtls_asn1_get_int( p, end, max_pathlen ) ) != 0 )
+        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+
+    if( *p != end )
+        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    (*max_pathlen)++;
+
+    return( 0 );
+}
+
+static int x509_get_ns_cert_type( unsigned char **p,
+                                       const unsigned char *end,
+                                       unsigned char *ns_cert_type)
+{
+    int ret;
+    mbedtls_x509_bitstring bs = { 0, 0, NULL };
+
+    if( ( ret = mbedtls_asn1_get_bitstring( p, end, &bs ) ) != 0 )
+        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+
+    if( bs.len != 1 )
+        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
+                MBEDTLS_ERR_ASN1_INVALID_LENGTH );
+
+    /* Get actual bitstring */
+    *ns_cert_type = *bs.p;
+    return( 0 );
+}
+
+static int x509_get_key_usage( unsigned char **p,
+                               const unsigned char *end,
+                               unsigned int *key_usage)
+{
+    int ret;
+    size_t i;
+    mbedtls_x509_bitstring bs = { 0, 0, NULL };
+
+    if( ( ret = mbedtls_asn1_get_bitstring( p, end, &bs ) ) != 0 )
+        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+
+    if( bs.len < 1 )
+        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
+                MBEDTLS_ERR_ASN1_INVALID_LENGTH );
+
+    /* Get actual bitstring */
+    *key_usage = 0;
+    for( i = 0; i < bs.len && i < sizeof( unsigned int ); i++ )
+    {
+        *key_usage |= (unsigned int) bs.p[i] << (8*i);
+    }
+
+    return( 0 );
+}
+
+/*
+ * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
+ *
+ * KeyPurposeId ::= OBJECT IDENTIFIER
+ */
+static int x509_get_ext_key_usage( unsigned char **p,
+                               const unsigned char *end,
+                               mbedtls_x509_sequence *ext_key_usage)
+{
+    int ret;
+
+    if( ( ret = mbedtls_asn1_get_sequence_of( p, end, ext_key_usage, MBEDTLS_ASN1_OID ) ) != 0 )
+        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+
+    /* Sequence length must be >= 1 */
+    if( ext_key_usage->buf.p == NULL )
+        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
+                MBEDTLS_ERR_ASN1_INVALID_LENGTH );
+
+    return( 0 );
+}
+
+/*
+ * SubjectAltName ::= GeneralNames
+ *
+ * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
+ *
+ * GeneralName ::= CHOICE {
+ *      otherName                       [0]     OtherName,
+ *      rfc822Name                      [1]     IA5String,
+ *      dNSName                         [2]     IA5String,
+ *      x400Address                     [3]     ORAddress,
+ *      directoryName                   [4]     Name,
+ *      ediPartyName                    [5]     EDIPartyName,
+ *      uniformResourceIdentifier       [6]     IA5String,
+ *      iPAddress                       [7]     OCTET STRING,
+ *      registeredID                    [8]     OBJECT IDENTIFIER }
+ *
+ * OtherName ::= SEQUENCE {
+ *      type-id    OBJECT IDENTIFIER,
+ *      value      [0] EXPLICIT ANY DEFINED BY type-id }
+ *
+ * EDIPartyName ::= SEQUENCE {
+ *      nameAssigner            [0]     DirectoryString OPTIONAL,
+ *      partyName               [1]     DirectoryString }
+ *
+ * NOTE: we only parse and use dNSName at this point.
+ */
+static int x509_get_subject_alt_name( unsigned char **p,
+                                      const unsigned char *end,
+                                      mbedtls_x509_sequence *subject_alt_name )
+{
+    int ret;
+    size_t len, tag_len;
+    mbedtls_asn1_buf *buf;
+    unsigned char tag;
+    mbedtls_asn1_sequence *cur = subject_alt_name;
+
+    /* Get main sequence tag */
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+
+    if( *p + len != end )
+        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    while( *p < end )
+    {
+        if( ( end - *p ) < 1 )
+            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
+                    MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+
+        tag = **p;
+        (*p)++;
+        if( ( ret = mbedtls_asn1_get_len( p, end, &tag_len ) ) != 0 )
+            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+
+        if( ( tag & MBEDTLS_ASN1_CONTEXT_SPECIFIC ) != MBEDTLS_ASN1_CONTEXT_SPECIFIC )
+            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
+                    MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+
+        /* Skip everything but DNS name */
+        if( tag != ( MBEDTLS_ASN1_CONTEXT_SPECIFIC | 2 ) )
+        {
+            *p += tag_len;
+            continue;
+        }
+
+        /* Allocate and assign next pointer */
+        if( cur->buf.p != NULL )
+        {
+            if( cur->next != NULL )
+                return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS );
+
+            cur->next = mbedtls_calloc( 1, sizeof( mbedtls_asn1_sequence ) );
+
+            if( cur->next == NULL )
+                return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
+                        MBEDTLS_ERR_ASN1_ALLOC_FAILED );
+
+            cur = cur->next;
+        }
+
+        buf = &(cur->buf);
+        buf->tag = tag;
+        buf->p = *p;
+        buf->len = tag_len;
+        *p += buf->len;
+    }
+
+    /* Set final sequence entry's next pointer to NULL */
+    cur->next = NULL;
+
+    if( *p != end )
+        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    return( 0 );
+}
+
+/*
+ * X.509 v3 extensions
+ *
+ */
+static int x509_get_crt_ext( unsigned char **p,
+                             const unsigned char *end,
+                             mbedtls_x509_crt *crt )
+{
+    int ret;
+    size_t len;
+    unsigned char *end_ext_data, *end_ext_octet;
+
+    if( ( ret = mbedtls_x509_get_ext( p, end, &crt->v3_ext, 3 ) ) != 0 )
+    {
+        if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
+            return( 0 );
+
+        return( ret );
+    }
+
+    while( *p < end )
+    {
+        /*
+         * Extension  ::=  SEQUENCE  {
+         *      extnID      OBJECT IDENTIFIER,
+         *      critical    BOOLEAN DEFAULT FALSE,
+         *      extnValue   OCTET STRING  }
+         */
+        mbedtls_x509_buf extn_oid = {0, 0, NULL};
+        int is_critical = 0; /* DEFAULT FALSE */
+        int ext_type = 0;
+
+        if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
+                MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+
+        end_ext_data = *p + len;
+
+        /* Get extension ID */
+        extn_oid.tag = **p;
+
+        if( ( ret = mbedtls_asn1_get_tag( p, end, &extn_oid.len, MBEDTLS_ASN1_OID ) ) != 0 )
+            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+
+        extn_oid.p = *p;
+        *p += extn_oid.len;
+
+        if( ( end - *p ) < 1 )
+            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
+                    MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+
+        /* Get optional critical */
+        if( ( ret = mbedtls_asn1_get_bool( p, end_ext_data, &is_critical ) ) != 0 &&
+            ( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) )
+            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+
+        /* Data should be octet string type */
+        if( ( ret = mbedtls_asn1_get_tag( p, end_ext_data, &len,
+                MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
+            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
+
+        end_ext_octet = *p + len;
+
+        if( end_ext_octet != end_ext_data )
+            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
+                    MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+        /*
+         * Detect supported extensions
+         */
+        ret = mbedtls_oid_get_x509_ext_type( &extn_oid, &ext_type );
+
+        if( ret != 0 )
+        {
+            /* No parser found, skip extension */
+            *p = end_ext_octet;
+
+#if !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
+            if( is_critical )
+            {
+                /* Data is marked as critical: fail */
+                return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
+                        MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
+            }
+#endif
+            continue;
+        }
+
+        /* Forbid repeated extensions */
+        if( ( crt->ext_types & ext_type ) != 0 )
+            return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS );
+
+        crt->ext_types |= ext_type;
+
+        switch( ext_type )
+        {
+        case MBEDTLS_X509_EXT_BASIC_CONSTRAINTS:
+            /* Parse basic constraints */
+            if( ( ret = x509_get_basic_constraints( p, end_ext_octet,
+                    &crt->ca_istrue, &crt->max_pathlen ) ) != 0 )
+                return( ret );
+            break;
+
+        case MBEDTLS_X509_EXT_KEY_USAGE:
+            /* Parse key usage */
+            if( ( ret = x509_get_key_usage( p, end_ext_octet,
+                    &crt->key_usage ) ) != 0 )
+                return( ret );
+            break;
+
+        case MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE:
+            /* Parse extended key usage */
+            if( ( ret = x509_get_ext_key_usage( p, end_ext_octet,
+                    &crt->ext_key_usage ) ) != 0 )
+                return( ret );
+            break;
+
+        case MBEDTLS_X509_EXT_SUBJECT_ALT_NAME:
+            /* Parse subject alt name */
+            if( ( ret = x509_get_subject_alt_name( p, end_ext_octet,
+                    &crt->subject_alt_names ) ) != 0 )
+                return( ret );
+            break;
+
+        case MBEDTLS_X509_EXT_NS_CERT_TYPE:
+            /* Parse netscape certificate type */
+            if( ( ret = x509_get_ns_cert_type( p, end_ext_octet,
+                    &crt->ns_cert_type ) ) != 0 )
+                return( ret );
+            break;
+
+        default:
+            return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE );
+        }
+    }
+
+    if( *p != end )
+        return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+
+    return( 0 );
+}
+
+/*
+ * Parse and fill a single X.509 certificate in DER format
+ */
+static int x509_crt_parse_der_core( mbedtls_x509_crt *crt, const unsigned char *buf,
+                                    size_t buflen )
+{
+    int ret;
+    size_t len;
+    unsigned char *p, *end, *crt_end;
+    mbedtls_x509_buf sig_params1, sig_params2, sig_oid2;
+
+    memset( &sig_params1, 0, sizeof( mbedtls_x509_buf ) );
+    memset( &sig_params2, 0, sizeof( mbedtls_x509_buf ) );
+    memset( &sig_oid2, 0, sizeof( mbedtls_x509_buf ) );
+
+    /*
+     * Check for valid input
+     */
+    if( crt == NULL || buf == NULL )
+        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
+
+    // Use the original buffer until we figure out actual length
+    p = (unsigned char*) buf;
+    len = buflen;
+    end = p + len;
+
+    /*
+     * Certificate  ::=  SEQUENCE  {
+     *      tbsCertificate       TBSCertificate,
+     *      signatureAlgorithm   AlgorithmIdentifier,
+     *      signatureValue       BIT STRING  }
+     */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+    {
+        mbedtls_x509_crt_free( crt );
+        return( MBEDTLS_ERR_X509_INVALID_FORMAT );
+    }
+
+    if( len > (size_t) ( end - p ) )
+    {
+        mbedtls_x509_crt_free( crt );
+        return( MBEDTLS_ERR_X509_INVALID_FORMAT +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+    }
+    crt_end = p + len;
+
+    // Create and populate a new buffer for the raw field
+    crt->raw.len = crt_end - buf;
+    crt->raw.p = p = mbedtls_calloc( 1, crt->raw.len );
+    if( p == NULL )
+        return( MBEDTLS_ERR_X509_ALLOC_FAILED );
+
+    memcpy( p, buf, crt->raw.len );
+
+    // Direct pointers to the new buffer 
+    p += crt->raw.len - len;
+    end = crt_end = p + len;
+
+    /*
+     * TBSCertificate  ::=  SEQUENCE  {
+     */
+    crt->tbs.p = p;
+
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+    {
+        mbedtls_x509_crt_free( crt );
+        return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
+    }
+
+    end = p + len;
+    crt->tbs.len = end - crt->tbs.p;
+
+    /*
+     * Version  ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
+     *
+     * CertificateSerialNumber  ::=  INTEGER
+     *
+     * signature            AlgorithmIdentifier
+     */
+    if( ( ret = x509_get_version(  &p, end, &crt->version  ) ) != 0 ||
+        ( ret = mbedtls_x509_get_serial(   &p, end, &crt->serial   ) ) != 0 ||
+        ( ret = mbedtls_x509_get_alg(      &p, end, &crt->sig_oid,
+                                            &sig_params1 ) ) != 0 )
+    {
+        mbedtls_x509_crt_free( crt );
+        return( ret );
+    }
+
+    if( crt->version < 0 || crt->version > 2 )
+    {
+        mbedtls_x509_crt_free( crt );
+        return( MBEDTLS_ERR_X509_UNKNOWN_VERSION );
+    }
+
+    crt->version++;
+
+    if( ( ret = mbedtls_x509_get_sig_alg( &crt->sig_oid, &sig_params1,
+                                  &crt->sig_md, &crt->sig_pk,
+                                  &crt->sig_opts ) ) != 0 )
+    {
+        mbedtls_x509_crt_free( crt );
+        return( ret );
+    }
+
+    /*
+     * issuer               Name
+     */
+    crt->issuer_raw.p = p;
+
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+    {
+        mbedtls_x509_crt_free( crt );
+        return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
+    }
+
+    if( ( ret = mbedtls_x509_get_name( &p, p + len, &crt->issuer ) ) != 0 )
+    {
+        mbedtls_x509_crt_free( crt );
+        return( ret );
+    }
+
+    crt->issuer_raw.len = p - crt->issuer_raw.p;
+
+    /*
+     * Validity ::= SEQUENCE {
+     *      notBefore      Time,
+     *      notAfter       Time }
+     *
+     */
+    if( ( ret = x509_get_dates( &p, end, &crt->valid_from,
+                                         &crt->valid_to ) ) != 0 )
+    {
+        mbedtls_x509_crt_free( crt );
+        return( ret );
+    }
+
+    /*
+     * subject              Name
+     */
+    crt->subject_raw.p = p;
+
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+    {
+        mbedtls_x509_crt_free( crt );
+        return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
+    }
+
+    if( len && ( ret = mbedtls_x509_get_name( &p, p + len, &crt->subject ) ) != 0 )
+    {
+        mbedtls_x509_crt_free( crt );
+        return( ret );
+    }
+
+    crt->subject_raw.len = p - crt->subject_raw.p;
+
+    /*
+     * SubjectPublicKeyInfo
+     */
+    if( ( ret = mbedtls_pk_parse_subpubkey( &p, end, &crt->pk ) ) != 0 )
+    {
+        mbedtls_x509_crt_free( crt );
+        return( ret );
+    }
+
+    /*
+     *  issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
+     *                       -- If present, version shall be v2 or v3
+     *  subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL,
+     *                       -- If present, version shall be v2 or v3
+     *  extensions      [3]  EXPLICIT Extensions OPTIONAL
+     *                       -- If present, version shall be v3
+     */
+    if( crt->version == 2 || crt->version == 3 )
+    {
+        ret = x509_get_uid( &p, end, &crt->issuer_id,  1 );
+        if( ret != 0 )
+        {
+            mbedtls_x509_crt_free( crt );
+            return( ret );
+        }
+    }
+
+    if( crt->version == 2 || crt->version == 3 )
+    {
+        ret = x509_get_uid( &p, end, &crt->subject_id,  2 );
+        if( ret != 0 )
+        {
+            mbedtls_x509_crt_free( crt );
+            return( ret );
+        }
+    }
+
+#if !defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3)
+    if( crt->version == 3 )
+#endif
+    {
+        ret = x509_get_crt_ext( &p, end, crt );
+        if( ret != 0 )
+        {
+            mbedtls_x509_crt_free( crt );
+            return( ret );
+        }
+    }
+
+    if( p != end )
+    {
+        mbedtls_x509_crt_free( crt );
+        return( MBEDTLS_ERR_X509_INVALID_FORMAT +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+    }
+
+    end = crt_end;
+
+    /*
+     *  }
+     *  -- end of TBSCertificate
+     *
+     *  signatureAlgorithm   AlgorithmIdentifier,
+     *  signatureValue       BIT STRING
+     */
+    if( ( ret = mbedtls_x509_get_alg( &p, end, &sig_oid2, &sig_params2 ) ) != 0 )
+    {
+        mbedtls_x509_crt_free( crt );
+        return( ret );
+    }
+
+    if( crt->sig_oid.len != sig_oid2.len ||
+        memcmp( crt->sig_oid.p, sig_oid2.p, crt->sig_oid.len ) != 0 ||
+        sig_params1.len != sig_params2.len ||
+        ( sig_params1.len != 0 &&
+          memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 ) )
+    {
+        mbedtls_x509_crt_free( crt );
+        return( MBEDTLS_ERR_X509_SIG_MISMATCH );
+    }
+
+    if( ( ret = mbedtls_x509_get_sig( &p, end, &crt->sig ) ) != 0 )
+    {
+        mbedtls_x509_crt_free( crt );
+        return( ret );
+    }
+
+    if( p != end )
+    {
+        mbedtls_x509_crt_free( crt );
+        return( MBEDTLS_ERR_X509_INVALID_FORMAT +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+    }
+
+    return( 0 );
+}
+
+/*
+ * Parse one X.509 certificate in DER format from a buffer and add them to a
+ * chained list
+ */
+int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, const unsigned char *buf,
+                        size_t buflen )
+{
+    int ret;
+    mbedtls_x509_crt *crt = chain, *prev = NULL;
+
+    /*
+     * Check for valid input
+     */
+    if( crt == NULL || buf == NULL )
+        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
+
+    while( crt->version != 0 && crt->next != NULL )
+    {
+        prev = crt;
+        crt = crt->next;
+    }
+
+    /*
+     * Add new certificate on the end of the chain if needed.
+     */
+    if( crt->version != 0 && crt->next == NULL )
+    {
+        crt->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_crt ) );
+
+        if( crt->next == NULL )
+            return( MBEDTLS_ERR_X509_ALLOC_FAILED );
+
+        prev = crt;
+        mbedtls_x509_crt_init( crt->next );
+        crt = crt->next;
+    }
+
+    if( ( ret = x509_crt_parse_der_core( crt, buf, buflen ) ) != 0 )
+    {
+        if( prev )
+            prev->next = NULL;
+
+        if( crt != chain )
+            mbedtls_free( crt );
+
+        return( ret );
+    }
+
+    return( 0 );
+}
+
+/*
+ * Parse one or more PEM certificates from a buffer and add them to the chained
+ * list
+ */
+int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen )
+{
+#if defined(MBEDTLS_PEM_PARSE_C)
+    int success = 0, first_error = 0, total_failed = 0;
+    int buf_format = MBEDTLS_X509_FORMAT_DER;
+#endif
+
+    /*
+     * Check for valid input
+     */
+    if( chain == NULL || buf == NULL )
+        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
+
+    /*
+     * Determine buffer content. Buffer contains either one DER certificate or
+     * one or more PEM certificates.
+     */
+#if defined(MBEDTLS_PEM_PARSE_C)
+    if( buflen != 0 && buf[buflen - 1] == '\0' &&
+        strstr( (const char *) buf, "-----BEGIN CERTIFICATE-----" ) != NULL )
+    {
+        buf_format = MBEDTLS_X509_FORMAT_PEM;
+    }
+
+    if( buf_format == MBEDTLS_X509_FORMAT_DER )
+        return mbedtls_x509_crt_parse_der( chain, buf, buflen );
+#else
+    return mbedtls_x509_crt_parse_der( chain, buf, buflen );
+#endif
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+    if( buf_format == MBEDTLS_X509_FORMAT_PEM )
+    {
+        int ret;
+        mbedtls_pem_context pem;
+
+        /* 1 rather than 0 since the terminating NULL byte is counted in */
+        while( buflen > 1 )
+        {
+            size_t use_len;
+            mbedtls_pem_init( &pem );
+
+            /* If we get there, we know the string is null-terminated */
+            ret = mbedtls_pem_read_buffer( &pem,
+                           "-----BEGIN CERTIFICATE-----",
+                           "-----END CERTIFICATE-----",
+                           buf, NULL, 0, &use_len );
+
+            if( ret == 0 )
+            {
+                /*
+                 * Was PEM encoded
+                 */
+                buflen -= use_len;
+                buf += use_len;
+            }
+            else if( ret == MBEDTLS_ERR_PEM_BAD_INPUT_DATA )
+            {
+                return( ret );
+            }
+            else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
+            {
+                mbedtls_pem_free( &pem );
+
+                /*
+                 * PEM header and footer were found
+                 */
+                buflen -= use_len;
+                buf += use_len;
+
+                if( first_error == 0 )
+                    first_error = ret;
+
+                total_failed++;
+                continue;
+            }
+            else
+                break;
+
+            ret = mbedtls_x509_crt_parse_der( chain, pem.buf, pem.buflen );
+
+            mbedtls_pem_free( &pem );
+
+            if( ret != 0 )
+            {
+                /*
+                 * Quit parsing on a memory error
+                 */
+                if( ret == MBEDTLS_ERR_X509_ALLOC_FAILED )
+                    return( ret );
+
+                if( first_error == 0 )
+                    first_error = ret;
+
+                total_failed++;
+                continue;
+            }
+
+            success = 1;
+        }
+    }
+
+    if( success )
+        return( total_failed );
+    else if( first_error )
+        return( first_error );
+    else
+        return( MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT );
+#endif /* MBEDTLS_PEM_PARSE_C */
+}
+
+#if defined(MBEDTLS_FS_IO)
+/*
+ * Load one or more certificates and add them to the chained list
+ */
+int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path )
+{
+    int ret;
+    size_t n;
+    unsigned char *buf;
+
+    if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 )
+        return( ret );
+
+    ret = mbedtls_x509_crt_parse( chain, buf, n );
+
+    mbedtls_zeroize( buf, n );
+    mbedtls_free( buf );
+
+    return( ret );
+}
+
+int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path )
+{
+    int ret = 0;
+#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+    int w_ret;
+    WCHAR szDir[MAX_PATH];
+    char filename[MAX_PATH];
+    char *p;
+    size_t len = strlen( path );
+
+    WIN32_FIND_DATAW file_data;
+    HANDLE hFind;
+
+    if( len > MAX_PATH - 3 )
+        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
+
+    memset( szDir, 0, sizeof(szDir) );
+    memset( filename, 0, MAX_PATH );
+    memcpy( filename, path, len );
+    filename[len++] = '\\';
+    p = filename + len;
+    filename[len++] = '*';
+
+    w_ret = MultiByteToWideChar( CP_ACP, 0, filename, (int)len, szDir,
+                                 MAX_PATH - 3 );
+    if( w_ret == 0 )
+        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
+
+    hFind = FindFirstFileW( szDir, &file_data );
+    if( hFind == INVALID_HANDLE_VALUE )
+        return( MBEDTLS_ERR_X509_FILE_IO_ERROR );
+
+    len = MAX_PATH - len;
+    do
+    {
+        memset( p, 0, len );
+
+        if( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY )
+            continue;
+
+        w_ret = WideCharToMultiByte( CP_ACP, 0, file_data.cFileName,
+                                     lstrlenW( file_data.cFileName ),
+                                     p, (int) len - 1,
+                                     NULL, NULL );
+        if( w_ret == 0 )
+        {
+            ret = MBEDTLS_ERR_X509_FILE_IO_ERROR;
+            goto cleanup;
+        }
+
+        w_ret = mbedtls_x509_crt_parse_file( chain, filename );
+        if( w_ret < 0 )
+            ret++;
+        else
+            ret += w_ret;
+    }
+    while( FindNextFileW( hFind, &file_data ) != 0 );
+
+    if( GetLastError() != ERROR_NO_MORE_FILES )
+        ret = MBEDTLS_ERR_X509_FILE_IO_ERROR;
+
+cleanup:
+    FindClose( hFind );
+#else /* _WIN32 */
+    int t_ret;
+    int snp_ret;
+    struct stat sb;
+    struct dirent *entry;
+    char entry_name[MBEDTLS_X509_MAX_FILE_PATH_LEN];
+    DIR *dir = opendir( path );
+
+    if( dir == NULL )
+        return( MBEDTLS_ERR_X509_FILE_IO_ERROR );
+
+#if defined(MBEDTLS_THREADING_C)
+    if( ( ret = mbedtls_mutex_lock( &mbedtls_threading_readdir_mutex ) ) != 0 )
+    {
+        closedir( dir );
+        return( ret );
+    }
+#endif /* MBEDTLS_THREADING_C */
+
+    while( ( entry = readdir( dir ) ) != NULL )
+    {
+        snp_ret = mbedtls_snprintf( entry_name, sizeof entry_name,
+                                    "%s/%s", path, entry->d_name );
+
+        if( snp_ret < 0 || (size_t)snp_ret >= sizeof entry_name )
+        {
+            ret = MBEDTLS_ERR_X509_BUFFER_TOO_SMALL;
+            goto cleanup;
+        }
+        else if( stat( entry_name, &sb ) == -1 )
+        {
+            ret = MBEDTLS_ERR_X509_FILE_IO_ERROR;
+            goto cleanup;
+        }
+
+        if( !S_ISREG( sb.st_mode ) )
+            continue;
+
+        // Ignore parse errors
+        //
+        t_ret = mbedtls_x509_crt_parse_file( chain, entry_name );
+        if( t_ret < 0 )
+            ret++;
+        else
+            ret += t_ret;
+    }
+
+cleanup:
+    closedir( dir );
+
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_mutex_unlock( &mbedtls_threading_readdir_mutex ) != 0 )
+        ret = MBEDTLS_ERR_THREADING_MUTEX_ERROR;
+#endif /* MBEDTLS_THREADING_C */
+
+#endif /* _WIN32 */
+
+    return( ret );
+}
+#endif /* MBEDTLS_FS_IO */
+
+static int x509_info_subject_alt_name( char **buf, size_t *size,
+                                       const mbedtls_x509_sequence *subject_alt_name )
+{
+    size_t i;
+    size_t n = *size;
+    char *p = *buf;
+    const mbedtls_x509_sequence *cur = subject_alt_name;
+    const char *sep = "";
+    size_t sep_len = 0;
+
+    while( cur != NULL )
+    {
+        if( cur->buf.len + sep_len >= n )
+        {
+            *p = '\0';
+            return( MBEDTLS_ERR_X509_BUFFER_TOO_SMALL );
+        }
+
+        n -= cur->buf.len + sep_len;
+        for( i = 0; i < sep_len; i++ )
+            *p++ = sep[i];
+        for( i = 0; i < cur->buf.len; i++ )
+            *p++ = cur->buf.p[i];
+
+        sep = ", ";
+        sep_len = 2;
+
+        cur = cur->next;
+    }
+
+    *p = '\0';
+
+    *size = n;
+    *buf = p;
+
+    return( 0 );
+}
+
+#define PRINT_ITEM(i)                           \
+    {                                           \
+        ret = mbedtls_snprintf( p, n, "%s" i, sep );    \
+        MBEDTLS_X509_SAFE_SNPRINTF;                        \
+        sep = ", ";                             \
+    }
+
+#define CERT_TYPE(type,name)                    \
+    if( ns_cert_type & type )                   \
+        PRINT_ITEM( name );
+
+static int x509_info_cert_type( char **buf, size_t *size,
+                                unsigned char ns_cert_type )
+{
+    int ret;
+    size_t n = *size;
+    char *p = *buf;
+    const char *sep = "";
+
+    CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT,         "SSL Client" );
+    CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER,         "SSL Server" );
+    CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_EMAIL,              "Email" );
+    CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING,     "Object Signing" );
+    CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_RESERVED,           "Reserved" );
+    CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_SSL_CA,             "SSL CA" );
+    CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_EMAIL_CA,           "Email CA" );
+    CERT_TYPE( MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING_CA,  "Object Signing CA" );
+
+    *size = n;
+    *buf = p;
+
+    return( 0 );
+}
+
+#define KEY_USAGE(code,name)    \
+    if( key_usage & code )      \
+        PRINT_ITEM( name );
+
+static int x509_info_key_usage( char **buf, size_t *size,
+                                unsigned int key_usage )
+{
+    int ret;
+    size_t n = *size;
+    char *p = *buf;
+    const char *sep = "";
+
+    KEY_USAGE( MBEDTLS_X509_KU_DIGITAL_SIGNATURE,    "Digital Signature" );
+    KEY_USAGE( MBEDTLS_X509_KU_NON_REPUDIATION,      "Non Repudiation" );
+    KEY_USAGE( MBEDTLS_X509_KU_KEY_ENCIPHERMENT,     "Key Encipherment" );
+    KEY_USAGE( MBEDTLS_X509_KU_DATA_ENCIPHERMENT,    "Data Encipherment" );
+    KEY_USAGE( MBEDTLS_X509_KU_KEY_AGREEMENT,        "Key Agreement" );
+    KEY_USAGE( MBEDTLS_X509_KU_KEY_CERT_SIGN,        "Key Cert Sign" );
+    KEY_USAGE( MBEDTLS_X509_KU_CRL_SIGN,             "CRL Sign" );
+    KEY_USAGE( MBEDTLS_X509_KU_ENCIPHER_ONLY,        "Encipher Only" );
+    KEY_USAGE( MBEDTLS_X509_KU_DECIPHER_ONLY,        "Decipher Only" );
+
+    *size = n;
+    *buf = p;
+
+    return( 0 );
+}
+
+static int x509_info_ext_key_usage( char **buf, size_t *size,
+                                    const mbedtls_x509_sequence *extended_key_usage )
+{
+    int ret;
+    const char *desc;
+    size_t n = *size;
+    char *p = *buf;
+    const mbedtls_x509_sequence *cur = extended_key_usage;
+    const char *sep = "";
+
+    while( cur != NULL )
+    {
+        if( mbedtls_oid_get_extended_key_usage( &cur->buf, &desc ) != 0 )
+            desc = "???";
+
+        ret = mbedtls_snprintf( p, n, "%s%s", sep, desc );
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        sep = ", ";
+
+        cur = cur->next;
+    }
+
+    *size = n;
+    *buf = p;
+
+    return( 0 );
+}
+
+/*
+ * Return an informational string about the certificate.
+ */
+#define BEFORE_COLON    18
+#define BC              "18"
+int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix,
+                   const mbedtls_x509_crt *crt )
+{
+    int ret;
+    size_t n;
+    char *p;
+    char key_size_str[BEFORE_COLON];
+
+    p = buf;
+    n = size;
+
+    if( NULL == crt )
+    {
+        ret = mbedtls_snprintf( p, n, "\nCertificate is uninitialised!\n" );
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        return( (int) ( size - n ) );
+    }
+
+    ret = mbedtls_snprintf( p, n, "%scert. version     : %d\n",
+                               prefix, crt->version );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+    ret = mbedtls_snprintf( p, n, "%sserial number     : ",
+                               prefix );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_x509_serial_gets( p, n, &crt->serial );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf( p, n, "\n%sissuer name       : ", prefix );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+    ret = mbedtls_x509_dn_gets( p, n, &crt->issuer  );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf( p, n, "\n%ssubject name      : ", prefix );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+    ret = mbedtls_x509_dn_gets( p, n, &crt->subject );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf( p, n, "\n%sissued  on        : " \
+                   "%04d-%02d-%02d %02d:%02d:%02d", prefix,
+                   crt->valid_from.year, crt->valid_from.mon,
+                   crt->valid_from.day,  crt->valid_from.hour,
+                   crt->valid_from.min,  crt->valid_from.sec );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf( p, n, "\n%sexpires on        : " \
+                   "%04d-%02d-%02d %02d:%02d:%02d", prefix,
+                   crt->valid_to.year, crt->valid_to.mon,
+                   crt->valid_to.day,  crt->valid_to.hour,
+                   crt->valid_to.min,  crt->valid_to.sec );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf( p, n, "\n%ssigned using      : ", prefix );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_x509_sig_alg_gets( p, n, &crt->sig_oid, crt->sig_pk,
+                             crt->sig_md, crt->sig_opts );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    /* Key size */
+    if( ( ret = mbedtls_x509_key_size_helper( key_size_str, BEFORE_COLON,
+                                      mbedtls_pk_get_name( &crt->pk ) ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    ret = mbedtls_snprintf( p, n, "\n%s%-" BC "s: %d bits", prefix, key_size_str,
+                          (int) mbedtls_pk_get_bitlen( &crt->pk ) );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    /*
+     * Optional extensions
+     */
+
+    if( crt->ext_types & MBEDTLS_X509_EXT_BASIC_CONSTRAINTS )
+    {
+        ret = mbedtls_snprintf( p, n, "\n%sbasic constraints : CA=%s", prefix,
+                        crt->ca_istrue ? "true" : "false" );
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        if( crt->max_pathlen > 0 )
+        {
+            ret = mbedtls_snprintf( p, n, ", max_pathlen=%d", crt->max_pathlen - 1 );
+            MBEDTLS_X509_SAFE_SNPRINTF;
+        }
+    }
+
+    if( crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME )
+    {
+        ret = mbedtls_snprintf( p, n, "\n%ssubject alt name  : ", prefix );
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        if( ( ret = x509_info_subject_alt_name( &p, &n,
+                                            &crt->subject_alt_names ) ) != 0 )
+            return( ret );
+    }
+
+    if( crt->ext_types & MBEDTLS_X509_EXT_NS_CERT_TYPE )
+    {
+        ret = mbedtls_snprintf( p, n, "\n%scert. type        : ", prefix );
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        if( ( ret = x509_info_cert_type( &p, &n, crt->ns_cert_type ) ) != 0 )
+            return( ret );
+    }
+
+    if( crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE )
+    {
+        ret = mbedtls_snprintf( p, n, "\n%skey usage         : ", prefix );
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        if( ( ret = x509_info_key_usage( &p, &n, crt->key_usage ) ) != 0 )
+            return( ret );
+    }
+
+    if( crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE )
+    {
+        ret = mbedtls_snprintf( p, n, "\n%sext key usage     : ", prefix );
+        MBEDTLS_X509_SAFE_SNPRINTF;
+
+        if( ( ret = x509_info_ext_key_usage( &p, &n,
+                                             &crt->ext_key_usage ) ) != 0 )
+            return( ret );
+    }
+
+    ret = mbedtls_snprintf( p, n, "\n" );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    return( (int) ( size - n ) );
+}
+
+struct x509_crt_verify_string {
+    int code;
+    const char *string;
+};
+
+static const struct x509_crt_verify_string x509_crt_verify_strings[] = {
+    { MBEDTLS_X509_BADCERT_EXPIRED,       "The certificate validity has expired" },
+    { MBEDTLS_X509_BADCERT_REVOKED,       "The certificate has been revoked (is on a CRL)" },
+    { MBEDTLS_X509_BADCERT_CN_MISMATCH,   "The certificate Common Name (CN) does not match with the expected CN" },
+    { MBEDTLS_X509_BADCERT_NOT_TRUSTED,   "The certificate is not correctly signed by the trusted CA" },
+    { MBEDTLS_X509_BADCRL_NOT_TRUSTED,    "The CRL is not correctly signed by the trusted CA" },
+    { MBEDTLS_X509_BADCRL_EXPIRED,        "The CRL is expired" },
+    { MBEDTLS_X509_BADCERT_MISSING,       "Certificate was missing" },
+    { MBEDTLS_X509_BADCERT_SKIP_VERIFY,   "Certificate verification was skipped" },
+    { MBEDTLS_X509_BADCERT_OTHER,         "Other reason (can be used by verify callback)" },
+    { MBEDTLS_X509_BADCERT_FUTURE,        "The certificate validity starts in the future" },
+    { MBEDTLS_X509_BADCRL_FUTURE,         "The CRL is from the future" },
+    { MBEDTLS_X509_BADCERT_KEY_USAGE,     "Usage does not match the keyUsage extension" },
+    { MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, "Usage does not match the extendedKeyUsage extension" },
+    { MBEDTLS_X509_BADCERT_NS_CERT_TYPE,  "Usage does not match the nsCertType extension" },
+    { MBEDTLS_X509_BADCERT_BAD_MD,        "The certificate is signed with an unacceptable hash." },
+    { MBEDTLS_X509_BADCERT_BAD_PK,        "The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA)." },
+    { MBEDTLS_X509_BADCERT_BAD_KEY,       "The certificate is signed with an unacceptable key (eg bad curve, RSA too short)." },
+    { MBEDTLS_X509_BADCRL_BAD_MD,         "The CRL is signed with an unacceptable hash." },
+    { MBEDTLS_X509_BADCRL_BAD_PK,         "The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA)." },
+    { MBEDTLS_X509_BADCRL_BAD_KEY,        "The CRL is signed with an unacceptable key (eg bad curve, RSA too short)." },
+    { 0, NULL }
+};
+
+int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
+                          uint32_t flags )
+{
+    int ret;
+    const struct x509_crt_verify_string *cur;
+    char *p = buf;
+    size_t n = size;
+
+    for( cur = x509_crt_verify_strings; cur->string != NULL ; cur++ )
+    {
+        if( ( flags & cur->code ) == 0 )
+            continue;
+
+        ret = mbedtls_snprintf( p, n, "%s%s\n", prefix, cur->string );
+        MBEDTLS_X509_SAFE_SNPRINTF;
+        flags ^= cur->code;
+    }
+
+    if( flags != 0 )
+    {
+        ret = mbedtls_snprintf( p, n, "%sUnknown reason "
+                                       "(this should not happen)\n", prefix );
+        MBEDTLS_X509_SAFE_SNPRINTF;
+    }
+
+    return( (int) ( size - n ) );
+}
+
+#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
+int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt,
+                                      unsigned int usage )
+{
+    unsigned int usage_must, usage_may;
+    unsigned int may_mask = MBEDTLS_X509_KU_ENCIPHER_ONLY
+                          | MBEDTLS_X509_KU_DECIPHER_ONLY;
+
+    if( ( crt->ext_types & MBEDTLS_X509_EXT_KEY_USAGE ) == 0 )
+        return( 0 );
+
+    usage_must = usage & ~may_mask;
+
+    if( ( ( crt->key_usage & ~may_mask ) & usage_must ) != usage_must )
+        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
+
+    usage_may = usage & may_mask;
+
+    if( ( ( crt->key_usage & may_mask ) | usage_may ) != usage_may )
+        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
+
+    return( 0 );
+}
+#endif
+
+#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
+int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt,
+                                       const char *usage_oid,
+                                       size_t usage_len )
+{
+    const mbedtls_x509_sequence *cur;
+
+    /* Extension is not mandatory, absent means no restriction */
+    if( ( crt->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE ) == 0 )
+        return( 0 );
+
+    /*
+     * Look for the requested usage (or wildcard ANY) in our list
+     */
+    for( cur = &crt->ext_key_usage; cur != NULL; cur = cur->next )
+    {
+        const mbedtls_x509_buf *cur_oid = &cur->buf;
+
+        if( cur_oid->len == usage_len &&
+            memcmp( cur_oid->p, usage_oid, usage_len ) == 0 )
+        {
+            return( 0 );
+        }
+
+        if( MBEDTLS_OID_CMP( MBEDTLS_OID_ANY_EXTENDED_KEY_USAGE, cur_oid ) == 0 )
+            return( 0 );
+    }
+
+    return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
+}
+#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */
+
+#if defined(MBEDTLS_X509_CRL_PARSE_C)
+/*
+ * Return 1 if the certificate is revoked, or 0 otherwise.
+ */
+int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl )
+{
+    const mbedtls_x509_crl_entry *cur = &crl->entry;
+
+    while( cur != NULL && cur->serial.len != 0 )
+    {
+        if( crt->serial.len == cur->serial.len &&
+            memcmp( crt->serial.p, cur->serial.p, crt->serial.len ) == 0 )
+        {
+            if( mbedtls_x509_time_is_past( &cur->revocation_date ) )
+                return( 1 );
+        }
+
+        cur = cur->next;
+    }
+
+    return( 0 );
+}
+
+/*
+ * Check that the given certificate is not revoked according to the CRL.
+ * Skip validation is no CRL for the given CA is present.
+ */
+static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,
+                               mbedtls_x509_crl *crl_list,
+                               const mbedtls_x509_crt_profile *profile )
+{
+    int flags = 0;
+    unsigned char hash[MBEDTLS_MD_MAX_SIZE];
+    const mbedtls_md_info_t *md_info;
+
+    if( ca == NULL )
+        return( flags );
+
+    while( crl_list != NULL )
+    {
+        if( crl_list->version == 0 ||
+            crl_list->issuer_raw.len != ca->subject_raw.len ||
+            memcmp( crl_list->issuer_raw.p, ca->subject_raw.p,
+                    crl_list->issuer_raw.len ) != 0 )
+        {
+            crl_list = crl_list->next;
+            continue;
+        }
+
+        /*
+         * Check if the CA is configured to sign CRLs
+         */
+#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
+        if( mbedtls_x509_crt_check_key_usage( ca, MBEDTLS_X509_KU_CRL_SIGN ) != 0 )
+        {
+            flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED;
+            break;
+        }
+#endif
+
+        /*
+         * Check if CRL is correctly signed by the trusted CA
+         */
+        if( x509_profile_check_md_alg( profile, crl_list->sig_md ) != 0 )
+            flags |= MBEDTLS_X509_BADCRL_BAD_MD;
+
+        if( x509_profile_check_pk_alg( profile, crl_list->sig_pk ) != 0 )
+            flags |= MBEDTLS_X509_BADCRL_BAD_PK;
+
+        md_info = mbedtls_md_info_from_type( crl_list->sig_md );
+        if( md_info == NULL )
+        {
+            /*
+             * Cannot check 'unknown' hash
+             */
+            flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED;
+            break;
+        }
+
+        mbedtls_md( md_info, crl_list->tbs.p, crl_list->tbs.len, hash );
+
+        if( x509_profile_check_key( profile, crl_list->sig_pk, &ca->pk ) != 0 )
+            flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
+
+        if( mbedtls_pk_verify_ext( crl_list->sig_pk, crl_list->sig_opts, &ca->pk,
+                           crl_list->sig_md, hash, mbedtls_md_get_size( md_info ),
+                           crl_list->sig.p, crl_list->sig.len ) != 0 )
+        {
+            flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED;
+            break;
+        }
+
+        /*
+         * Check for validity of CRL (Do not drop out)
+         */
+        if( mbedtls_x509_time_is_past( &crl_list->next_update ) )
+            flags |= MBEDTLS_X509_BADCRL_EXPIRED;
+
+        if( mbedtls_x509_time_is_future( &crl_list->this_update ) )
+            flags |= MBEDTLS_X509_BADCRL_FUTURE;
+
+        /*
+         * Check if certificate is revoked
+         */
+        if( mbedtls_x509_crt_is_revoked( crt, crl_list ) )
+        {
+            flags |= MBEDTLS_X509_BADCERT_REVOKED;
+            break;
+        }
+
+        crl_list = crl_list->next;
+    }
+
+    return( flags );
+}
+#endif /* MBEDTLS_X509_CRL_PARSE_C */
+
+/*
+ * Like memcmp, but case-insensitive and always returns -1 if different
+ */
+static int x509_memcasecmp( const void *s1, const void *s2, size_t len )
+{
+    size_t i;
+    unsigned char diff;
+    const unsigned char *n1 = s1, *n2 = s2;
+
+    for( i = 0; i < len; i++ )
+    {
+        diff = n1[i] ^ n2[i];
+
+        if( diff == 0 )
+            continue;
+
+        if( diff == 32 &&
+            ( ( n1[i] >= 'a' && n1[i] <= 'z' ) ||
+              ( n1[i] >= 'A' && n1[i] <= 'Z' ) ) )
+        {
+            continue;
+        }
+
+        return( -1 );
+    }
+
+    return( 0 );
+}
+
+/*
+ * Return 0 if name matches wildcard, -1 otherwise
+ */
+static int x509_check_wildcard( const char *cn, mbedtls_x509_buf *name )
+{
+    size_t i;
+    size_t cn_idx = 0, cn_len = strlen( cn );
+
+    if( name->len < 3 || name->p[0] != '*' || name->p[1] != '.' )
+        return( 0 );
+
+    for( i = 0; i < cn_len; ++i )
+    {
+        if( cn[i] == '.' )
+        {
+            cn_idx = i;
+            break;
+        }
+    }
+
+    if( cn_idx == 0 )
+        return( -1 );
+
+    if( cn_len - cn_idx == name->len - 1 &&
+        x509_memcasecmp( name->p + 1, cn + cn_idx, name->len - 1 ) == 0 )
+    {
+        return( 0 );
+    }
+
+    return( -1 );
+}
+
+/*
+ * Compare two X.509 strings, case-insensitive, and allowing for some encoding
+ * variations (but not all).
+ *
+ * Return 0 if equal, -1 otherwise.
+ */
+static int x509_string_cmp( const mbedtls_x509_buf *a, const mbedtls_x509_buf *b )
+{
+    if( a->tag == b->tag &&
+        a->len == b->len &&
+        memcmp( a->p, b->p, b->len ) == 0 )
+    {
+        return( 0 );
+    }
+
+    if( ( a->tag == MBEDTLS_ASN1_UTF8_STRING || a->tag == MBEDTLS_ASN1_PRINTABLE_STRING ) &&
+        ( b->tag == MBEDTLS_ASN1_UTF8_STRING || b->tag == MBEDTLS_ASN1_PRINTABLE_STRING ) &&
+        a->len == b->len &&
+        x509_memcasecmp( a->p, b->p, b->len ) == 0 )
+    {
+        return( 0 );
+    }
+
+    return( -1 );
+}
+
+/*
+ * Compare two X.509 Names (aka rdnSequence).
+ *
+ * See RFC 5280 section 7.1, though we don't implement the whole algorithm:
+ * we sometimes return unequal when the full algorithm would return equal,
+ * but never the other way. (In particular, we don't do Unicode normalisation
+ * or space folding.)
+ *
+ * Return 0 if equal, -1 otherwise.
+ */
+static int x509_name_cmp( const mbedtls_x509_name *a, const mbedtls_x509_name *b )
+{
+    /* Avoid recursion, it might not be optimised by the compiler */
+    while( a != NULL || b != NULL )
+    {
+        if( a == NULL || b == NULL )
+            return( -1 );
+
+        /* type */
+        if( a->oid.tag != b->oid.tag ||
+            a->oid.len != b->oid.len ||
+            memcmp( a->oid.p, b->oid.p, b->oid.len ) != 0 )
+        {
+            return( -1 );
+        }
+
+        /* value */
+        if( x509_string_cmp( &a->val, &b->val ) != 0 )
+            return( -1 );
+
+        /* structure of the list of sets */
+        if( a->next_merged != b->next_merged )
+            return( -1 );
+
+        a = a->next;
+        b = b->next;
+    }
+
+    /* a == NULL == b */
+    return( 0 );
+}
+
+/*
+ * Check if 'parent' is a suitable parent (signing CA) for 'child'.
+ * Return 0 if yes, -1 if not.
+ *
+ * top means parent is a locally-trusted certificate
+ * bottom means child is the end entity cert
+ */
+static int x509_crt_check_parent( const mbedtls_x509_crt *child,
+                                  const mbedtls_x509_crt *parent,
+                                  int top, int bottom )
+{
+    int need_ca_bit;
+
+    /* Parent must be the issuer */
+    if( x509_name_cmp( &child->issuer, &parent->subject ) != 0 )
+        return( -1 );
+
+    /* Parent must have the basicConstraints CA bit set as a general rule */
+    need_ca_bit = 1;
+
+    /* Exception: v1/v2 certificates that are locally trusted. */
+    if( top && parent->version < 3 )
+        need_ca_bit = 0;
+
+    /* Exception: self-signed end-entity certs that are locally trusted. */
+    if( top && bottom &&
+        child->raw.len == parent->raw.len &&
+        memcmp( child->raw.p, parent->raw.p, child->raw.len ) == 0 )
+    {
+        need_ca_bit = 0;
+    }
+
+    if( need_ca_bit && ! parent->ca_istrue )
+        return( -1 );
+
+#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
+    if( need_ca_bit &&
+        mbedtls_x509_crt_check_key_usage( parent, MBEDTLS_X509_KU_KEY_CERT_SIGN ) != 0 )
+    {
+        return( -1 );
+    }
+#endif
+
+    return( 0 );
+}
+
+static int x509_crt_verify_top(
+                mbedtls_x509_crt *child, mbedtls_x509_crt *trust_ca,
+                mbedtls_x509_crl *ca_crl,
+                const mbedtls_x509_crt_profile *profile,
+                int path_cnt, int self_cnt, uint32_t *flags,
+                int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                void *p_vrfy )
+{
+    int ret;
+    uint32_t ca_flags = 0;
+    int check_path_cnt;
+    unsigned char hash[MBEDTLS_MD_MAX_SIZE];
+    const mbedtls_md_info_t *md_info;
+    mbedtls_x509_crt *future_past_ca = NULL;
+
+    if( mbedtls_x509_time_is_past( &child->valid_to ) )
+        *flags |= MBEDTLS_X509_BADCERT_EXPIRED;
+
+    if( mbedtls_x509_time_is_future( &child->valid_from ) )
+        *flags |= MBEDTLS_X509_BADCERT_FUTURE;
+
+    if( x509_profile_check_md_alg( profile, child->sig_md ) != 0 )
+        *flags |= MBEDTLS_X509_BADCERT_BAD_MD;
+
+    if( x509_profile_check_pk_alg( profile, child->sig_pk ) != 0 )
+        *flags |= MBEDTLS_X509_BADCERT_BAD_PK;
+
+    /*
+     * Child is the top of the chain. Check against the trust_ca list.
+     */
+    *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED;
+
+    md_info = mbedtls_md_info_from_type( child->sig_md );
+    if( md_info == NULL )
+    {
+        /*
+         * Cannot check 'unknown', no need to try any CA
+         */
+        trust_ca = NULL;
+    }
+    else
+        mbedtls_md( md_info, child->tbs.p, child->tbs.len, hash );
+
+    for( /* trust_ca */ ; trust_ca != NULL; trust_ca = trust_ca->next )
+    {
+        if( x509_crt_check_parent( child, trust_ca, 1, path_cnt == 0 ) != 0 )
+            continue;
+
+        check_path_cnt = path_cnt + 1;
+
+        /*
+         * Reduce check_path_cnt to check against if top of the chain is
+         * the same as the trusted CA
+         */
+        if( child->subject_raw.len == trust_ca->subject_raw.len &&
+            memcmp( child->subject_raw.p, trust_ca->subject_raw.p,
+                            child->issuer_raw.len ) == 0 )
+        {
+            check_path_cnt--;
+        }
+
+        /* Self signed certificates do not count towards the limit */
+        if( trust_ca->max_pathlen > 0 &&
+            trust_ca->max_pathlen < check_path_cnt - self_cnt )
+        {
+            continue;
+        }
+
+        if( mbedtls_pk_verify_ext( child->sig_pk, child->sig_opts, &trust_ca->pk,
+                           child->sig_md, hash, mbedtls_md_get_size( md_info ),
+                           child->sig.p, child->sig.len ) != 0 )
+        {
+            continue;
+        }
+
+        if( mbedtls_x509_time_is_past( &trust_ca->valid_to ) ||
+            mbedtls_x509_time_is_future( &trust_ca->valid_from ) )
+        {
+            if ( future_past_ca == NULL )
+                future_past_ca = trust_ca;
+
+            continue;
+        }
+
+        break;
+    }
+
+    if( trust_ca != NULL || ( trust_ca = future_past_ca ) != NULL )
+    {
+        /*
+         * Top of chain is signed by a trusted CA
+         */
+        *flags &= ~MBEDTLS_X509_BADCERT_NOT_TRUSTED;
+
+        if( x509_profile_check_key( profile, child->sig_pk, &trust_ca->pk ) != 0 )
+            *flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
+    }
+
+    /*
+     * If top of chain is not the same as the trusted CA send a verify request
+     * to the callback for any issues with validity and CRL presence for the
+     * trusted CA certificate.
+     */
+    if( trust_ca != NULL &&
+        ( child->subject_raw.len != trust_ca->subject_raw.len ||
+          memcmp( child->subject_raw.p, trust_ca->subject_raw.p,
+                            child->issuer_raw.len ) != 0 ) )
+    {
+#if defined(MBEDTLS_X509_CRL_PARSE_C)
+        /* Check trusted CA's CRL for the chain's top crt */
+        *flags |= x509_crt_verifycrl( child, trust_ca, ca_crl, profile );
+#else
+        ((void) ca_crl);
+#endif
+
+        if( mbedtls_x509_time_is_past( &trust_ca->valid_to ) )
+            ca_flags |= MBEDTLS_X509_BADCERT_EXPIRED;
+
+        if( mbedtls_x509_time_is_future( &trust_ca->valid_from ) )
+            ca_flags |= MBEDTLS_X509_BADCERT_FUTURE;
+
+        if( NULL != f_vrfy )
+        {
+            if( ( ret = f_vrfy( p_vrfy, trust_ca, path_cnt + 1,
+                                &ca_flags ) ) != 0 )
+            {
+                return( ret );
+            }
+        }
+    }
+
+    /* Call callback on top cert */
+    if( NULL != f_vrfy )
+    {
+        if( ( ret = f_vrfy( p_vrfy, child, path_cnt, flags ) ) != 0 )
+            return( ret );
+    }
+
+    *flags |= ca_flags;
+
+    return( 0 );
+}
+
+static int x509_crt_verify_child(
+                mbedtls_x509_crt *child, mbedtls_x509_crt *parent,
+                mbedtls_x509_crt *trust_ca, mbedtls_x509_crl *ca_crl,
+                const mbedtls_x509_crt_profile *profile,
+                int path_cnt, int self_cnt, uint32_t *flags,
+                int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                void *p_vrfy )
+{
+    int ret;
+    uint32_t parent_flags = 0;
+    unsigned char hash[MBEDTLS_MD_MAX_SIZE];
+    mbedtls_x509_crt *grandparent;
+    const mbedtls_md_info_t *md_info;
+
+    /* Counting intermediate self signed certificates */
+    if( ( path_cnt != 0 ) && x509_name_cmp( &child->issuer, &child->subject ) == 0 )
+        self_cnt++;
+
+    /* path_cnt is 0 for the first intermediate CA */
+    if( 1 + path_cnt > MBEDTLS_X509_MAX_INTERMEDIATE_CA )
+    {
+        /* return immediately as the goal is to avoid unbounded recursion */
+        return( MBEDTLS_ERR_X509_FATAL_ERROR );
+    }
+
+    if( mbedtls_x509_time_is_past( &child->valid_to ) )
+        *flags |= MBEDTLS_X509_BADCERT_EXPIRED;
+
+    if( mbedtls_x509_time_is_future( &child->valid_from ) )
+        *flags |= MBEDTLS_X509_BADCERT_FUTURE;
+
+    if( x509_profile_check_md_alg( profile, child->sig_md ) != 0 )
+        *flags |= MBEDTLS_X509_BADCERT_BAD_MD;
+
+    if( x509_profile_check_pk_alg( profile, child->sig_pk ) != 0 )
+        *flags |= MBEDTLS_X509_BADCERT_BAD_PK;
+
+    md_info = mbedtls_md_info_from_type( child->sig_md );
+    if( md_info == NULL )
+    {
+        /*
+         * Cannot check 'unknown' hash
+         */
+        *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED;
+    }
+    else
+    {
+        mbedtls_md( md_info, child->tbs.p, child->tbs.len, hash );
+
+        if( x509_profile_check_key( profile, child->sig_pk, &parent->pk ) != 0 )
+            *flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
+
+        if( mbedtls_pk_verify_ext( child->sig_pk, child->sig_opts, &parent->pk,
+                           child->sig_md, hash, mbedtls_md_get_size( md_info ),
+                           child->sig.p, child->sig.len ) != 0 )
+        {
+            *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED;
+        }
+    }
+
+#if defined(MBEDTLS_X509_CRL_PARSE_C)
+    /* Check trusted CA's CRL for the given crt */
+    *flags |= x509_crt_verifycrl(child, parent, ca_crl, profile );
+#endif
+
+    /* Look for a grandparent in trusted CAs */
+    for( grandparent = trust_ca;
+         grandparent != NULL;
+         grandparent = grandparent->next )
+    {
+        if( x509_crt_check_parent( parent, grandparent,
+                                   0, path_cnt == 0 ) == 0 )
+            break;
+    }
+
+    if( grandparent != NULL )
+    {
+        ret = x509_crt_verify_top( parent, grandparent, ca_crl, profile,
+                                path_cnt + 1, self_cnt, &parent_flags, f_vrfy, p_vrfy );
+        if( ret != 0 )
+            return( ret );
+    }
+    else
+    {
+        /* Look for a grandparent upwards the chain */
+        for( grandparent = parent->next;
+             grandparent != NULL;
+             grandparent = grandparent->next )
+        {
+            /* +2 because the current step is not yet accounted for
+             * and because max_pathlen is one higher than it should be.
+             * Also self signed certificates do not count to the limit. */
+            if( grandparent->max_pathlen > 0 &&
+                grandparent->max_pathlen < 2 + path_cnt - self_cnt )
+            {
+                continue;
+            }
+
+            if( x509_crt_check_parent( parent, grandparent,
+                                       0, path_cnt == 0 ) == 0 )
+                break;
+        }
+
+        /* Is our parent part of the chain or at the top? */
+        if( grandparent != NULL )
+        {
+            ret = x509_crt_verify_child( parent, grandparent, trust_ca, ca_crl,
+                                         profile, path_cnt + 1, self_cnt, &parent_flags,
+                                         f_vrfy, p_vrfy );
+            if( ret != 0 )
+                return( ret );
+        }
+        else
+        {
+            ret = x509_crt_verify_top( parent, trust_ca, ca_crl, profile,
+                                       path_cnt + 1, self_cnt, &parent_flags,
+                                       f_vrfy, p_vrfy );
+            if( ret != 0 )
+                return( ret );
+        }
+    }
+
+    /* child is verified to be a child of the parent, call verify callback */
+    if( NULL != f_vrfy )
+        if( ( ret = f_vrfy( p_vrfy, child, path_cnt, flags ) ) != 0 )
+            return( ret );
+
+    *flags |= parent_flags;
+
+    return( 0 );
+}
+
+/*
+ * Verify the certificate validity
+ */
+int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
+                     mbedtls_x509_crt *trust_ca,
+                     mbedtls_x509_crl *ca_crl,
+                     const char *cn, uint32_t *flags,
+                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                     void *p_vrfy )
+{
+    return( mbedtls_x509_crt_verify_with_profile( crt, trust_ca, ca_crl,
+                &mbedtls_x509_crt_profile_default, cn, flags, f_vrfy, p_vrfy ) );
+}
+
+
+/*
+ * Verify the certificate validity, with profile
+ */
+int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
+                     mbedtls_x509_crt *trust_ca,
+                     mbedtls_x509_crl *ca_crl,
+                     const mbedtls_x509_crt_profile *profile,
+                     const char *cn, uint32_t *flags,
+                     int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
+                     void *p_vrfy )
+{
+    size_t cn_len;
+    int ret;
+    int pathlen = 0, selfsigned = 0;
+    mbedtls_x509_crt *parent;
+    mbedtls_x509_name *name;
+    mbedtls_x509_sequence *cur = NULL;
+    mbedtls_pk_type_t pk_type;
+
+    *flags = 0;
+
+    if( profile == NULL )
+    {
+        ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA;
+        goto exit;
+    }
+
+    if( cn != NULL )
+    {
+        name = &crt->subject;
+        cn_len = strlen( cn );
+
+        if( crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME )
+        {
+            cur = &crt->subject_alt_names;
+
+            while( cur != NULL )
+            {
+                if( cur->buf.len == cn_len &&
+                    x509_memcasecmp( cn, cur->buf.p, cn_len ) == 0 )
+                    break;
+
+                if( cur->buf.len > 2 &&
+                    memcmp( cur->buf.p, "*.", 2 ) == 0 &&
+                    x509_check_wildcard( cn, &cur->buf ) == 0 )
+                {
+                    break;
+                }
+
+                cur = cur->next;
+            }
+
+            if( cur == NULL )
+                *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH;
+        }
+        else
+        {
+            while( name != NULL )
+            {
+                if( MBEDTLS_OID_CMP( MBEDTLS_OID_AT_CN, &name->oid ) == 0 )
+                {
+                    if( name->val.len == cn_len &&
+                        x509_memcasecmp( name->val.p, cn, cn_len ) == 0 )
+                        break;
+
+                    if( name->val.len > 2 &&
+                        memcmp( name->val.p, "*.", 2 ) == 0 &&
+                        x509_check_wildcard( cn, &name->val ) == 0 )
+                        break;
+                }
+
+                name = name->next;
+            }
+
+            if( name == NULL )
+                *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH;
+        }
+    }
+
+    /* Check the type and size of the key */
+    pk_type = mbedtls_pk_get_type( &crt->pk );
+
+    if( x509_profile_check_pk_alg( profile, pk_type ) != 0 )
+        *flags |= MBEDTLS_X509_BADCERT_BAD_PK;
+
+    if( x509_profile_check_key( profile, pk_type, &crt->pk ) != 0 )
+        *flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
+
+    /* Look for a parent in trusted CAs */
+    for( parent = trust_ca; parent != NULL; parent = parent->next )
+    {
+        if( x509_crt_check_parent( crt, parent, 0, pathlen == 0 ) == 0 )
+            break;
+    }
+
+    if( parent != NULL )
+    {
+        ret = x509_crt_verify_top( crt, parent, ca_crl, profile,
+                                   pathlen, selfsigned, flags, f_vrfy, p_vrfy );
+        if( ret != 0 )
+            goto exit;
+    }
+    else
+    {
+        /* Look for a parent upwards the chain */
+        for( parent = crt->next; parent != NULL; parent = parent->next )
+            if( x509_crt_check_parent( crt, parent, 0, pathlen == 0 ) == 0 )
+                break;
+
+        /* Are we part of the chain or at the top? */
+        if( parent != NULL )
+        {
+            ret = x509_crt_verify_child( crt, parent, trust_ca, ca_crl, profile,
+                                         pathlen, selfsigned, flags, f_vrfy, p_vrfy );
+            if( ret != 0 )
+                goto exit;
+        }
+        else
+        {
+            ret = x509_crt_verify_top( crt, trust_ca, ca_crl, profile,
+                                       pathlen, selfsigned, flags, f_vrfy, p_vrfy );
+            if( ret != 0 )
+                goto exit;
+        }
+    }
+
+exit:
+    /* prevent misuse of the vrfy callback - VERIFY_FAILED would be ignored by
+     * the SSL module for authmode optional, but non-zero return from the
+     * callback means a fatal error so it shouldn't be ignored */
+    if( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED )
+        ret = MBEDTLS_ERR_X509_FATAL_ERROR;
+
+    if( ret != 0 )
+    {
+        *flags = (uint32_t) -1;
+        return( ret );
+    }
+
+    if( *flags != 0 )
+        return( MBEDTLS_ERR_X509_CERT_VERIFY_FAILED );
+
+    return( 0 );
+}
+
+/*
+ * Initialize a certificate chain
+ */
+void mbedtls_x509_crt_init( mbedtls_x509_crt *crt )
+{
+    memset( crt, 0, sizeof(mbedtls_x509_crt) );
+}
+
+/*
+ * Unallocate all certificate data
+ */
+void mbedtls_x509_crt_free( mbedtls_x509_crt *crt )
+{
+    mbedtls_x509_crt *cert_cur = crt;
+    mbedtls_x509_crt *cert_prv;
+    mbedtls_x509_name *name_cur;
+    mbedtls_x509_name *name_prv;
+    mbedtls_x509_sequence *seq_cur;
+    mbedtls_x509_sequence *seq_prv;
+
+    if( crt == NULL )
+        return;
+
+    do
+    {
+        mbedtls_pk_free( &cert_cur->pk );
+
+#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
+        mbedtls_free( cert_cur->sig_opts );
+#endif
+
+        name_cur = cert_cur->issuer.next;
+        while( name_cur != NULL )
+        {
+            name_prv = name_cur;
+            name_cur = name_cur->next;
+            mbedtls_zeroize( name_prv, sizeof( mbedtls_x509_name ) );
+            mbedtls_free( name_prv );
+        }
+
+        name_cur = cert_cur->subject.next;
+        while( name_cur != NULL )
+        {
+            name_prv = name_cur;
+            name_cur = name_cur->next;
+            mbedtls_zeroize( name_prv, sizeof( mbedtls_x509_name ) );
+            mbedtls_free( name_prv );
+        }
+
+        seq_cur = cert_cur->ext_key_usage.next;
+        while( seq_cur != NULL )
+        {
+            seq_prv = seq_cur;
+            seq_cur = seq_cur->next;
+            mbedtls_zeroize( seq_prv, sizeof( mbedtls_x509_sequence ) );
+            mbedtls_free( seq_prv );
+        }
+
+        seq_cur = cert_cur->subject_alt_names.next;
+        while( seq_cur != NULL )
+        {
+            seq_prv = seq_cur;
+            seq_cur = seq_cur->next;
+            mbedtls_zeroize( seq_prv, sizeof( mbedtls_x509_sequence ) );
+            mbedtls_free( seq_prv );
+        }
+
+        if( cert_cur->raw.p != NULL )
+        {
+            mbedtls_zeroize( cert_cur->raw.p, cert_cur->raw.len );
+            mbedtls_free( cert_cur->raw.p );
+        }
+
+        cert_cur = cert_cur->next;
+    }
+    while( cert_cur != NULL );
+
+    cert_cur = crt;
+    do
+    {
+        cert_prv = cert_cur;
+        cert_cur = cert_cur->next;
+
+        mbedtls_zeroize( cert_prv, sizeof( mbedtls_x509_crt ) );
+        if( cert_prv != crt )
+            mbedtls_free( cert_prv );
+    }
+    while( cert_cur != NULL );
+}
+
+#endif /* MBEDTLS_X509_CRT_PARSE_C */
diff --git a/thirdparty/mbedtls/library/x509_csr.c b/thirdparty/mbedtls/library/x509_csr.c
new file mode 100644
index 0000000000..26a06db4f6
--- /dev/null
+++ b/thirdparty/mbedtls/library/x509_csr.c
@@ -0,0 +1,423 @@
+/*
+ *  X.509 Certificate Signing Request (CSR) parsing
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ *  The ITU-T X.509 standard defines a certificate format for PKI.
+ *
+ *  http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs)
+ *  http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs)
+ *  http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10)
+ *
+ *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
+ *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_X509_CSR_PARSE_C)
+
+#include "mbedtls/x509_csr.h"
+#include "mbedtls/oid.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+#include "mbedtls/pem.h"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#include <stdio.h>
+#define mbedtls_free       free
+#define mbedtls_calloc    calloc
+#define mbedtls_snprintf   snprintf
+#endif
+
+#if defined(MBEDTLS_FS_IO) || defined(EFIX64) || defined(EFI32)
+#include <stdio.h>
+#endif
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+/*
+ *  Version  ::=  INTEGER  {  v1(0)  }
+ */
+static int x509_csr_get_version( unsigned char **p,
+                             const unsigned char *end,
+                             int *ver )
+{
+    int ret;
+
+    if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 )
+    {
+        if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
+        {
+            *ver = 0;
+            return( 0 );
+        }
+
+        return( MBEDTLS_ERR_X509_INVALID_VERSION + ret );
+    }
+
+    return( 0 );
+}
+
+/*
+ * Parse a CSR in DER format
+ */
+int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr,
+                        const unsigned char *buf, size_t buflen )
+{
+    int ret;
+    size_t len;
+    unsigned char *p, *end;
+    mbedtls_x509_buf sig_params;
+
+    memset( &sig_params, 0, sizeof( mbedtls_x509_buf ) );
+
+    /*
+     * Check for valid input
+     */
+    if( csr == NULL || buf == NULL || buflen == 0 )
+        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
+
+    mbedtls_x509_csr_init( csr );
+
+    /*
+     * first copy the raw DER data
+     */
+    p = mbedtls_calloc( 1, len = buflen );
+
+    if( p == NULL )
+        return( MBEDTLS_ERR_X509_ALLOC_FAILED );
+
+    memcpy( p, buf, buflen );
+
+    csr->raw.p = p;
+    csr->raw.len = len;
+    end = p + len;
+
+    /*
+     *  CertificationRequest ::= SEQUENCE {
+     *       certificationRequestInfo CertificationRequestInfo,
+     *       signatureAlgorithm AlgorithmIdentifier,
+     *       signature          BIT STRING
+     *  }
+     */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+    {
+        mbedtls_x509_csr_free( csr );
+        return( MBEDTLS_ERR_X509_INVALID_FORMAT );
+    }
+
+    if( len != (size_t) ( end - p ) )
+    {
+        mbedtls_x509_csr_free( csr );
+        return( MBEDTLS_ERR_X509_INVALID_FORMAT +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+    }
+
+    /*
+     *  CertificationRequestInfo ::= SEQUENCE {
+     */
+    csr->cri.p = p;
+
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+    {
+        mbedtls_x509_csr_free( csr );
+        return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
+    }
+
+    end = p + len;
+    csr->cri.len = end - csr->cri.p;
+
+    /*
+     *  Version  ::=  INTEGER {  v1(0) }
+     */
+    if( ( ret = x509_csr_get_version( &p, end, &csr->version ) ) != 0 )
+    {
+        mbedtls_x509_csr_free( csr );
+        return( ret );
+    }
+
+    if( csr->version != 0 )
+    {
+        mbedtls_x509_csr_free( csr );
+        return( MBEDTLS_ERR_X509_UNKNOWN_VERSION );
+    }
+
+    csr->version++;
+
+    /*
+     *  subject               Name
+     */
+    csr->subject_raw.p = p;
+
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+    {
+        mbedtls_x509_csr_free( csr );
+        return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
+    }
+
+    if( ( ret = mbedtls_x509_get_name( &p, p + len, &csr->subject ) ) != 0 )
+    {
+        mbedtls_x509_csr_free( csr );
+        return( ret );
+    }
+
+    csr->subject_raw.len = p - csr->subject_raw.p;
+
+    /*
+     *  subjectPKInfo SubjectPublicKeyInfo
+     */
+    if( ( ret = mbedtls_pk_parse_subpubkey( &p, end, &csr->pk ) ) != 0 )
+    {
+        mbedtls_x509_csr_free( csr );
+        return( ret );
+    }
+
+    /*
+     *  attributes    [0] Attributes
+     *
+     *  The list of possible attributes is open-ended, though RFC 2985
+     *  (PKCS#9) defines a few in section 5.4. We currently don't support any,
+     *  so we just ignore them. This is a safe thing to do as the worst thing
+     *  that could happen is that we issue a certificate that does not match
+     *  the requester's expectations - this cannot cause a violation of our
+     *  signature policies.
+     */
+    if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ) != 0 )
+    {
+        mbedtls_x509_csr_free( csr );
+        return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
+    }
+
+    p += len;
+
+    end = csr->raw.p + csr->raw.len;
+
+    /*
+     *  signatureAlgorithm   AlgorithmIdentifier,
+     *  signature            BIT STRING
+     */
+    if( ( ret = mbedtls_x509_get_alg( &p, end, &csr->sig_oid, &sig_params ) ) != 0 )
+    {
+        mbedtls_x509_csr_free( csr );
+        return( ret );
+    }
+
+    if( ( ret = mbedtls_x509_get_sig_alg( &csr->sig_oid, &sig_params,
+                                  &csr->sig_md, &csr->sig_pk,
+                                  &csr->sig_opts ) ) != 0 )
+    {
+        mbedtls_x509_csr_free( csr );
+        return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG );
+    }
+
+    if( ( ret = mbedtls_x509_get_sig( &p, end, &csr->sig ) ) != 0 )
+    {
+        mbedtls_x509_csr_free( csr );
+        return( ret );
+    }
+
+    if( p != end )
+    {
+        mbedtls_x509_csr_free( csr );
+        return( MBEDTLS_ERR_X509_INVALID_FORMAT +
+                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+    }
+
+    return( 0 );
+}
+
+/*
+ * Parse a CSR, allowing for PEM or raw DER encoding
+ */
+int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen )
+{
+#if defined(MBEDTLS_PEM_PARSE_C)
+    int ret;
+    size_t use_len;
+    mbedtls_pem_context pem;
+#endif
+
+    /*
+     * Check for valid input
+     */
+    if( csr == NULL || buf == NULL || buflen == 0 )
+        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+    mbedtls_pem_init( &pem );
+
+    /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
+    if( buf[buflen - 1] != '\0' )
+        ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT;
+    else
+        ret = mbedtls_pem_read_buffer( &pem,
+                               "-----BEGIN CERTIFICATE REQUEST-----",
+                               "-----END CERTIFICATE REQUEST-----",
+                               buf, NULL, 0, &use_len );
+
+    if( ret == 0 )
+    {
+        /*
+         * Was PEM encoded, parse the result
+         */
+        if( ( ret = mbedtls_x509_csr_parse_der( csr, pem.buf, pem.buflen ) ) != 0 )
+            return( ret );
+
+        mbedtls_pem_free( &pem );
+        return( 0 );
+    }
+    else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
+    {
+        mbedtls_pem_free( &pem );
+        return( ret );
+    }
+    else
+#endif /* MBEDTLS_PEM_PARSE_C */
+    return( mbedtls_x509_csr_parse_der( csr, buf, buflen ) );
+}
+
+#if defined(MBEDTLS_FS_IO)
+/*
+ * Load a CSR into the structure
+ */
+int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path )
+{
+    int ret;
+    size_t n;
+    unsigned char *buf;
+
+    if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 )
+        return( ret );
+
+    ret = mbedtls_x509_csr_parse( csr, buf, n );
+
+    mbedtls_zeroize( buf, n );
+    mbedtls_free( buf );
+
+    return( ret );
+}
+#endif /* MBEDTLS_FS_IO */
+
+#define BEFORE_COLON    14
+#define BC              "14"
+/*
+ * Return an informational string about the CSR.
+ */
+int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix,
+                   const mbedtls_x509_csr *csr )
+{
+    int ret;
+    size_t n;
+    char *p;
+    char key_size_str[BEFORE_COLON];
+
+    p = buf;
+    n = size;
+
+    ret = mbedtls_snprintf( p, n, "%sCSR version   : %d",
+                               prefix, csr->version );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf( p, n, "\n%ssubject name  : ", prefix );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+    ret = mbedtls_x509_dn_gets( p, n, &csr->subject );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_snprintf( p, n, "\n%ssigned using  : ", prefix );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    ret = mbedtls_x509_sig_alg_gets( p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md,
+                             csr->sig_opts );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    if( ( ret = mbedtls_x509_key_size_helper( key_size_str, BEFORE_COLON,
+                                      mbedtls_pk_get_name( &csr->pk ) ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    ret = mbedtls_snprintf( p, n, "\n%s%-" BC "s: %d bits\n", prefix, key_size_str,
+                          (int) mbedtls_pk_get_bitlen( &csr->pk ) );
+    MBEDTLS_X509_SAFE_SNPRINTF;
+
+    return( (int) ( size - n ) );
+}
+
+/*
+ * Initialize a CSR
+ */
+void mbedtls_x509_csr_init( mbedtls_x509_csr *csr )
+{
+    memset( csr, 0, sizeof(mbedtls_x509_csr) );
+}
+
+/*
+ * Unallocate all CSR data
+ */
+void mbedtls_x509_csr_free( mbedtls_x509_csr *csr )
+{
+    mbedtls_x509_name *name_cur;
+    mbedtls_x509_name *name_prv;
+
+    if( csr == NULL )
+        return;
+
+    mbedtls_pk_free( &csr->pk );
+
+#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
+    mbedtls_free( csr->sig_opts );
+#endif
+
+    name_cur = csr->subject.next;
+    while( name_cur != NULL )
+    {
+        name_prv = name_cur;
+        name_cur = name_cur->next;
+        mbedtls_zeroize( name_prv, sizeof( mbedtls_x509_name ) );
+        mbedtls_free( name_prv );
+    }
+
+    if( csr->raw.p != NULL )
+    {
+        mbedtls_zeroize( csr->raw.p, csr->raw.len );
+        mbedtls_free( csr->raw.p );
+    }
+
+    mbedtls_zeroize( csr, sizeof( mbedtls_x509_csr ) );
+}
+
+#endif /* MBEDTLS_X509_CSR_PARSE_C */
diff --git a/thirdparty/mbedtls/library/x509write_crt.c b/thirdparty/mbedtls/library/x509write_crt.c
new file mode 100644
index 0000000000..41dfe87b75
--- /dev/null
+++ b/thirdparty/mbedtls/library/x509write_crt.c
@@ -0,0 +1,485 @@
+/*
+ *  X.509 certificate writing
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ * References:
+ * - certificates: RFC 5280, updated by RFC 6818
+ * - CSRs: PKCS#10 v1.7 aka RFC 2986
+ * - attributes: PKCS#9 v2.0 aka RFC 2985
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_X509_CRT_WRITE_C)
+
+#include "mbedtls/x509_crt.h"
+#include "mbedtls/oid.h"
+#include "mbedtls/asn1write.h"
+#include "mbedtls/sha1.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+#include "mbedtls/pem.h"
+#endif /* MBEDTLS_PEM_WRITE_C */
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_x509write_cert ) );
+
+    mbedtls_mpi_init( &ctx->serial );
+    ctx->version = MBEDTLS_X509_CRT_VERSION_3;
+}
+
+void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx )
+{
+    mbedtls_mpi_free( &ctx->serial );
+
+    mbedtls_asn1_free_named_data_list( &ctx->subject );
+    mbedtls_asn1_free_named_data_list( &ctx->issuer );
+    mbedtls_asn1_free_named_data_list( &ctx->extensions );
+
+    mbedtls_zeroize( ctx, sizeof( mbedtls_x509write_cert ) );
+}
+
+void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version )
+{
+    ctx->version = version;
+}
+
+void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg )
+{
+    ctx->md_alg = md_alg;
+}
+
+void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key )
+{
+    ctx->subject_key = key;
+}
+
+void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key )
+{
+    ctx->issuer_key = key;
+}
+
+int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx,
+                                    const char *subject_name )
+{
+    return mbedtls_x509_string_to_names( &ctx->subject, subject_name );
+}
+
+int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx,
+                                   const char *issuer_name )
+{
+    return mbedtls_x509_string_to_names( &ctx->issuer, issuer_name );
+}
+
+int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial )
+{
+    int ret;
+
+    if( ( ret = mbedtls_mpi_copy( &ctx->serial, serial ) ) != 0 )
+        return( ret );
+
+    return( 0 );
+}
+
+int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char *not_before,
+                                const char *not_after )
+{
+    if( strlen( not_before ) != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1 ||
+        strlen( not_after )  != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1 )
+    {
+        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
+    }
+    strncpy( ctx->not_before, not_before, MBEDTLS_X509_RFC5280_UTC_TIME_LEN );
+    strncpy( ctx->not_after , not_after , MBEDTLS_X509_RFC5280_UTC_TIME_LEN );
+    ctx->not_before[MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1] = 'Z';
+    ctx->not_after[MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1] = 'Z';
+
+    return( 0 );
+}
+
+int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx,
+                                 const char *oid, size_t oid_len,
+                                 int critical,
+                                 const unsigned char *val, size_t val_len )
+{
+    return mbedtls_x509_set_extension( &ctx->extensions, oid, oid_len,
+                               critical, val, val_len );
+}
+
+int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
+                                         int is_ca, int max_pathlen )
+{
+    int ret;
+    unsigned char buf[9];
+    unsigned char *c = buf + sizeof(buf);
+    size_t len = 0;
+
+    memset( buf, 0, sizeof(buf) );
+
+    if( is_ca && max_pathlen > 127 )
+        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
+
+    if( is_ca )
+    {
+        if( max_pathlen >= 0 )
+        {
+            MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, max_pathlen ) );
+        }
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_bool( &c, buf, 1 ) );
+    }
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED |
+                                                MBEDTLS_ASN1_SEQUENCE ) );
+
+    return mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_BASIC_CONSTRAINTS,
+                                        MBEDTLS_OID_SIZE( MBEDTLS_OID_BASIC_CONSTRAINTS ),
+                                        0, buf + sizeof(buf) - len, len );
+}
+
+#if defined(MBEDTLS_SHA1_C)
+int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx )
+{
+    int ret;
+    unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */
+    unsigned char *c = buf + sizeof(buf);
+    size_t len = 0;
+
+    memset( buf, 0, sizeof(buf) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, ctx->subject_key ) );
+
+    ret = mbedtls_sha1_ret( buf + sizeof( buf ) - len, len,
+                            buf + sizeof( buf ) - 20 );
+    if( ret != 0 )
+        return( ret );
+    c = buf + sizeof( buf ) - 20;
+    len = 20;
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_OCTET_STRING ) );
+
+    return mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER,
+                                        MBEDTLS_OID_SIZE( MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER ),
+                                        0, buf + sizeof(buf) - len, len );
+}
+
+int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx )
+{
+    int ret;
+    unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */
+    unsigned char *c = buf + sizeof( buf );
+    size_t len = 0;
+
+    memset( buf, 0, sizeof(buf) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, ctx->issuer_key ) );
+
+    ret = mbedtls_sha1_ret( buf + sizeof( buf ) - len, len,
+                            buf + sizeof( buf ) - 20 );
+    if( ret != 0 )
+        return( ret );
+    c = buf + sizeof( buf ) - 20;
+    len = 20;
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC | 0 ) );
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED |
+                                                MBEDTLS_ASN1_SEQUENCE ) );
+
+    return mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER,
+                                   MBEDTLS_OID_SIZE( MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER ),
+                                   0, buf + sizeof( buf ) - len, len );
+}
+#endif /* MBEDTLS_SHA1_C */
+
+int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx,
+                                         unsigned int key_usage )
+{
+    unsigned char buf[4], ku;
+    unsigned char *c;
+    int ret;
+
+    /* We currently only support 7 bits, from 0x80 to 0x02 */
+    if( ( key_usage & ~0xfe ) != 0 )
+        return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE );
+
+    c = buf + 4;
+    ku = (unsigned char) key_usage;
+
+    if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &ku, 7 ) ) != 4 )
+        return( ret );
+
+    ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_KEY_USAGE,
+                                       MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ),
+                                       1, buf, 4 );
+    if( ret != 0 )
+        return( ret );
+
+    return( 0 );
+}
+
+int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx,
+                                    unsigned char ns_cert_type )
+{
+    unsigned char buf[4];
+    unsigned char *c;
+    int ret;
+
+    c = buf + 4;
+
+    if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &ns_cert_type, 8 ) ) != 4 )
+        return( ret );
+
+    ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE,
+                                       MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ),
+                                       0, buf, 4 );
+    if( ret != 0 )
+        return( ret );
+
+    return( 0 );
+}
+
+static int x509_write_time( unsigned char **p, unsigned char *start,
+                            const char *t, size_t size )
+{
+    int ret;
+    size_t len = 0;
+
+    /*
+     * write MBEDTLS_ASN1_UTC_TIME if year < 2050 (2 bytes shorter)
+     */
+    if( t[0] == '2' && t[1] == '0' && t[2] < '5' )
+    {
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
+                                             (const unsigned char *) t + 2,
+                                             size - 2 ) );
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_UTC_TIME ) );
+    }
+    else
+    {
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
+                                                  (const unsigned char *) t,
+                                                  size ) );
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_GENERALIZED_TIME ) );
+    }
+
+    return( (int) len );
+}
+
+int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
+                       int (*f_rng)(void *, unsigned char *, size_t),
+                       void *p_rng )
+{
+    int ret;
+    const char *sig_oid;
+    size_t sig_oid_len = 0;
+    unsigned char *c, *c2;
+    unsigned char hash[64];
+    unsigned char sig[MBEDTLS_MPI_MAX_SIZE];
+    unsigned char tmp_buf[2048];
+    size_t sub_len = 0, pub_len = 0, sig_and_oid_len = 0, sig_len;
+    size_t len = 0;
+    mbedtls_pk_type_t pk_alg;
+
+    /*
+     * Prepare data to be signed in tmp_buf
+     */
+    c = tmp_buf + sizeof( tmp_buf );
+
+    /* Signature algorithm needed in TBS, and later for actual signature */
+
+    /* There's no direct way of extracting a signature algorithm
+     * (represented as an element of mbedtls_pk_type_t) from a PK instance. */
+    if( mbedtls_pk_can_do( ctx->issuer_key, MBEDTLS_PK_RSA ) )
+        pk_alg = MBEDTLS_PK_RSA;
+    else if( mbedtls_pk_can_do( ctx->issuer_key, MBEDTLS_PK_ECDSA ) )
+        pk_alg = MBEDTLS_PK_ECDSA;
+    else
+        return( MBEDTLS_ERR_X509_INVALID_ALG );
+
+    if( ( ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg,
+                                          &sig_oid, &sig_oid_len ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    /*
+     *  Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
+     */
+
+    /* Only for v3 */
+    if( ctx->version == MBEDTLS_X509_CRT_VERSION_3 )
+    {
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_extensions( &c, tmp_buf, ctx->extensions ) );
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
+                                                           MBEDTLS_ASN1_SEQUENCE ) );
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC |
+                                                           MBEDTLS_ASN1_CONSTRUCTED | 3 ) );
+    }
+
+    /*
+     *  SubjectPublicKeyInfo
+     */
+    MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_pk_write_pubkey_der( ctx->subject_key,
+                                                tmp_buf, c - tmp_buf ) );
+    c -= pub_len;
+    len += pub_len;
+
+    /*
+     *  Subject  ::=  Name
+     */
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, tmp_buf, ctx->subject ) );
+
+    /*
+     *  Validity ::= SEQUENCE {
+     *       notBefore      Time,
+     *       notAfter       Time }
+     */
+    sub_len = 0;
+
+    MBEDTLS_ASN1_CHK_ADD( sub_len, x509_write_time( &c, tmp_buf, ctx->not_after,
+                                            MBEDTLS_X509_RFC5280_UTC_TIME_LEN ) );
+
+    MBEDTLS_ASN1_CHK_ADD( sub_len, x509_write_time( &c, tmp_buf, ctx->not_before,
+                                            MBEDTLS_X509_RFC5280_UTC_TIME_LEN ) );
+
+    len += sub_len;
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, sub_len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
+                                                    MBEDTLS_ASN1_SEQUENCE ) );
+
+    /*
+     *  Issuer  ::=  Name
+     */
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, tmp_buf, ctx->issuer ) );
+
+    /*
+     *  Signature   ::=  AlgorithmIdentifier
+     */
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( &c, tmp_buf,
+                       sig_oid, strlen( sig_oid ), 0 ) );
+
+    /*
+     *  Serial   ::=  INTEGER
+     */
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, tmp_buf, &ctx->serial ) );
+
+    /*
+     *  Version  ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
+     */
+
+    /* Can be omitted for v1 */
+    if( ctx->version != MBEDTLS_X509_CRT_VERSION_1 )
+    {
+        sub_len = 0;
+        MBEDTLS_ASN1_CHK_ADD( sub_len, mbedtls_asn1_write_int( &c, tmp_buf, ctx->version ) );
+        len += sub_len;
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, sub_len ) );
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC |
+                                                           MBEDTLS_ASN1_CONSTRUCTED | 0 ) );
+    }
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
+                                                       MBEDTLS_ASN1_SEQUENCE ) );
+
+    /*
+     * Make signature
+     */
+    if( ( ret = mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c,
+                            len, hash ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    if( ( ret = mbedtls_pk_sign( ctx->issuer_key, ctx->md_alg, hash, 0, sig, &sig_len,
+                         f_rng, p_rng ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    /*
+     * Write data to output buffer
+     */
+    c2 = buf + size;
+    MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len, mbedtls_x509_write_sig( &c2, buf,
+                                        sig_oid, sig_oid_len, sig, sig_len ) );
+
+    if( len > (size_t)( c2 - buf ) )
+        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+    c2 -= len;
+    memcpy( c2, c, len );
+
+    len += sig_and_oid_len;
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c2, buf, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c2, buf, MBEDTLS_ASN1_CONSTRUCTED |
+                                                 MBEDTLS_ASN1_SEQUENCE ) );
+
+    return( (int) len );
+}
+
+#define PEM_BEGIN_CRT           "-----BEGIN CERTIFICATE-----\n"
+#define PEM_END_CRT             "-----END CERTIFICATE-----\n"
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *crt, unsigned char *buf, size_t size,
+                       int (*f_rng)(void *, unsigned char *, size_t),
+                       void *p_rng )
+{
+    int ret;
+    unsigned char output_buf[4096];
+    size_t olen = 0;
+
+    if( ( ret = mbedtls_x509write_crt_der( crt, output_buf, sizeof(output_buf),
+                                   f_rng, p_rng ) ) < 0 )
+    {
+        return( ret );
+    }
+
+    if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CRT, PEM_END_CRT,
+                                  output_buf + sizeof(output_buf) - ret,
+                                  ret, buf, size, &olen ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_PEM_WRITE_C */
+
+#endif /* MBEDTLS_X509_CRT_WRITE_C */
diff --git a/thirdparty/mbedtls/library/x509write_csr.c b/thirdparty/mbedtls/library/x509write_csr.c
new file mode 100644
index 0000000000..e80053828f
--- /dev/null
+++ b/thirdparty/mbedtls/library/x509write_csr.c
@@ -0,0 +1,266 @@
+/*
+ *  X.509 Certificate Signing Request writing
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ * References:
+ * - CSRs: PKCS#10 v1.7 aka RFC 2986
+ * - attributes: PKCS#9 v2.0 aka RFC 2985
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_X509_CSR_WRITE_C)
+
+#include "mbedtls/x509_csr.h"
+#include "mbedtls/oid.h"
+#include "mbedtls/asn1write.h"
+
+#include <string.h>
+#include <stdlib.h>
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+#include "mbedtls/pem.h"
+#endif
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_x509write_csr ) );
+}
+
+void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx )
+{
+    mbedtls_asn1_free_named_data_list( &ctx->subject );
+    mbedtls_asn1_free_named_data_list( &ctx->extensions );
+
+    mbedtls_zeroize( ctx, sizeof( mbedtls_x509write_csr ) );
+}
+
+void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg )
+{
+    ctx->md_alg = md_alg;
+}
+
+void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key )
+{
+    ctx->key = key;
+}
+
+int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx,
+                                    const char *subject_name )
+{
+    return mbedtls_x509_string_to_names( &ctx->subject, subject_name );
+}
+
+int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx,
+                                 const char *oid, size_t oid_len,
+                                 const unsigned char *val, size_t val_len )
+{
+    return mbedtls_x509_set_extension( &ctx->extensions, oid, oid_len,
+                               0, val, val_len );
+}
+
+int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage )
+{
+    unsigned char buf[4];
+    unsigned char *c;
+    int ret;
+
+    c = buf + 4;
+
+    if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &key_usage, 7 ) ) != 4 )
+        return( ret );
+
+    ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_KEY_USAGE,
+                                       MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ),
+                                       buf, 4 );
+    if( ret != 0 )
+        return( ret );
+
+    return( 0 );
+}
+
+int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx,
+                                    unsigned char ns_cert_type )
+{
+    unsigned char buf[4];
+    unsigned char *c;
+    int ret;
+
+    c = buf + 4;
+
+    if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &ns_cert_type, 8 ) ) != 4 )
+        return( ret );
+
+    ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE,
+                                       MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ),
+                                       buf, 4 );
+    if( ret != 0 )
+        return( ret );
+
+    return( 0 );
+}
+
+int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
+                       int (*f_rng)(void *, unsigned char *, size_t),
+                       void *p_rng )
+{
+    int ret;
+    const char *sig_oid;
+    size_t sig_oid_len = 0;
+    unsigned char *c, *c2;
+    unsigned char hash[64];
+    unsigned char sig[MBEDTLS_MPI_MAX_SIZE];
+    unsigned char tmp_buf[2048];
+    size_t pub_len = 0, sig_and_oid_len = 0, sig_len;
+    size_t len = 0;
+    mbedtls_pk_type_t pk_alg;
+
+    /*
+     * Prepare data to be signed in tmp_buf
+     */
+    c = tmp_buf + sizeof( tmp_buf );
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_extensions( &c, tmp_buf, ctx->extensions ) );
+
+    if( len )
+    {
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
+                                                        MBEDTLS_ASN1_SEQUENCE ) );
+
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
+                                                        MBEDTLS_ASN1_SET ) );
+
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( &c, tmp_buf, MBEDTLS_OID_PKCS9_CSR_EXT_REQ,
+                                          MBEDTLS_OID_SIZE( MBEDTLS_OID_PKCS9_CSR_EXT_REQ ) ) );
+
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
+                                                        MBEDTLS_ASN1_SEQUENCE ) );
+    }
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
+                                                    MBEDTLS_ASN1_CONTEXT_SPECIFIC ) );
+
+    MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_pk_write_pubkey_der( ctx->key,
+                                                tmp_buf, c - tmp_buf ) );
+    c -= pub_len;
+    len += pub_len;
+
+    /*
+     *  Subject  ::=  Name
+     */
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, tmp_buf, ctx->subject ) );
+
+    /*
+     *  Version  ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
+     */
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, tmp_buf, 0 ) );
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
+                                                    MBEDTLS_ASN1_SEQUENCE ) );
+
+    /*
+     * Prepare signature
+     */
+    mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash );
+
+    if( ( ret = mbedtls_pk_sign( ctx->key, ctx->md_alg, hash, 0, sig, &sig_len,
+                                 f_rng, p_rng ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    if( mbedtls_pk_can_do( ctx->key, MBEDTLS_PK_RSA ) )
+        pk_alg = MBEDTLS_PK_RSA;
+    else if( mbedtls_pk_can_do( ctx->key, MBEDTLS_PK_ECDSA ) )
+        pk_alg = MBEDTLS_PK_ECDSA;
+    else
+        return( MBEDTLS_ERR_X509_INVALID_ALG );
+
+    if( ( ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg,
+                                                &sig_oid, &sig_oid_len ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    /*
+     * Write data to output buffer
+     */
+    c2 = buf + size;
+    MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len, mbedtls_x509_write_sig( &c2, buf,
+                                        sig_oid, sig_oid_len, sig, sig_len ) );
+
+    if( len > (size_t)( c2 - buf ) )
+        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+    c2 -= len;
+    memcpy( c2, c, len );
+
+    len += sig_and_oid_len;
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c2, buf, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c2, buf, MBEDTLS_ASN1_CONSTRUCTED |
+                                                 MBEDTLS_ASN1_SEQUENCE ) );
+
+    return( (int) len );
+}
+
+#define PEM_BEGIN_CSR           "-----BEGIN CERTIFICATE REQUEST-----\n"
+#define PEM_END_CSR             "-----END CERTIFICATE REQUEST-----\n"
+
+#if defined(MBEDTLS_PEM_WRITE_C)
+int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
+                       int (*f_rng)(void *, unsigned char *, size_t),
+                       void *p_rng )
+{
+    int ret;
+    unsigned char output_buf[4096];
+    size_t olen = 0;
+
+    if( ( ret = mbedtls_x509write_csr_der( ctx, output_buf, sizeof(output_buf),
+                                   f_rng, p_rng ) ) < 0 )
+    {
+        return( ret );
+    }
+
+    if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CSR, PEM_END_CSR,
+                                  output_buf + sizeof(output_buf) - ret,
+                                  ret, buf, size, &olen ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_PEM_WRITE_C */
+
+#endif /* MBEDTLS_X509_CSR_WRITE_C */
diff --git a/thirdparty/mbedtls/library/xtea.c b/thirdparty/mbedtls/library/xtea.c
new file mode 100644
index 0000000000..fe0a3509f6
--- /dev/null
+++ b/thirdparty/mbedtls/library/xtea.c
@@ -0,0 +1,281 @@
+/*
+ *  An 32-bit implementation of the XTEA algorithm
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_XTEA_C)
+
+#include "mbedtls/xtea.h"
+
+#include <string.h>
+
+#if defined(MBEDTLS_SELF_TEST)
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif /* MBEDTLS_PLATFORM_C */
+#endif /* MBEDTLS_SELF_TEST */
+
+#if !defined(MBEDTLS_XTEA_ALT)
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+/*
+ * 32-bit integer manipulation macros (big endian)
+ */
+#ifndef GET_UINT32_BE
+#define GET_UINT32_BE(n,b,i)                            \
+{                                                       \
+    (n) = ( (uint32_t) (b)[(i)    ] << 24 )             \
+        | ( (uint32_t) (b)[(i) + 1] << 16 )             \
+        | ( (uint32_t) (b)[(i) + 2] <<  8 )             \
+        | ( (uint32_t) (b)[(i) + 3]       );            \
+}
+#endif
+
+#ifndef PUT_UINT32_BE
+#define PUT_UINT32_BE(n,b,i)                            \
+{                                                       \
+    (b)[(i)    ] = (unsigned char) ( (n) >> 24 );       \
+    (b)[(i) + 1] = (unsigned char) ( (n) >> 16 );       \
+    (b)[(i) + 2] = (unsigned char) ( (n) >>  8 );       \
+    (b)[(i) + 3] = (unsigned char) ( (n)       );       \
+}
+#endif
+
+void mbedtls_xtea_init( mbedtls_xtea_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_xtea_context ) );
+}
+
+void mbedtls_xtea_free( mbedtls_xtea_context *ctx )
+{
+    if( ctx == NULL )
+        return;
+
+    mbedtls_zeroize( ctx, sizeof( mbedtls_xtea_context ) );
+}
+
+/*
+ * XTEA key schedule
+ */
+void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] )
+{
+    int i;
+
+    memset( ctx, 0, sizeof(mbedtls_xtea_context) );
+
+    for( i = 0; i < 4; i++ )
+    {
+        GET_UINT32_BE( ctx->k[i], key, i << 2 );
+    }
+}
+
+/*
+ * XTEA encrypt function
+ */
+int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx, int mode,
+                    const unsigned char input[8], unsigned char output[8])
+{
+    uint32_t *k, v0, v1, i;
+
+    k = ctx->k;
+
+    GET_UINT32_BE( v0, input, 0 );
+    GET_UINT32_BE( v1, input, 4 );
+
+    if( mode == MBEDTLS_XTEA_ENCRYPT )
+    {
+        uint32_t sum = 0, delta = 0x9E3779B9;
+
+        for( i = 0; i < 32; i++ )
+        {
+            v0 += (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]);
+            sum += delta;
+            v1 += (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]);
+        }
+    }
+    else /* MBEDTLS_XTEA_DECRYPT */
+    {
+        uint32_t delta = 0x9E3779B9, sum = delta * 32;
+
+        for( i = 0; i < 32; i++ )
+        {
+            v1 -= (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]);
+            sum -= delta;
+            v0 -= (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]);
+        }
+    }
+
+    PUT_UINT32_BE( v0, output, 0 );
+    PUT_UINT32_BE( v1, output, 4 );
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+/*
+ * XTEA-CBC buffer encryption/decryption
+ */
+int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx, int mode, size_t length,
+                    unsigned char iv[8], const unsigned char *input,
+                    unsigned char *output)
+{
+    int i;
+    unsigned char temp[8];
+
+    if( length % 8 )
+        return( MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH );
+
+    if( mode == MBEDTLS_XTEA_DECRYPT )
+    {
+        while( length > 0 )
+        {
+            memcpy( temp, input, 8 );
+            mbedtls_xtea_crypt_ecb( ctx, mode, input, output );
+
+            for( i = 0; i < 8; i++ )
+                output[i] = (unsigned char)( output[i] ^ iv[i] );
+
+            memcpy( iv, temp, 8 );
+
+            input  += 8;
+            output += 8;
+            length -= 8;
+        }
+    }
+    else
+    {
+        while( length > 0 )
+        {
+            for( i = 0; i < 8; i++ )
+                output[i] = (unsigned char)( input[i] ^ iv[i] );
+
+            mbedtls_xtea_crypt_ecb( ctx, mode, output, output );
+            memcpy( iv, output, 8 );
+
+            input  += 8;
+            output += 8;
+            length -= 8;
+        }
+    }
+
+    return( 0 );
+}
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* !MBEDTLS_XTEA_ALT */
+
+#if defined(MBEDTLS_SELF_TEST)
+
+/*
+ * XTEA tests vectors (non-official)
+ */
+
+static const unsigned char xtea_test_key[6][16] =
+{
+   { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
+     0x0c, 0x0d, 0x0e, 0x0f },
+   { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
+     0x0c, 0x0d, 0x0e, 0x0f },
+   { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
+     0x0c, 0x0d, 0x0e, 0x0f },
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00 },
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00 },
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00 }
+};
+
+static const unsigned char xtea_test_pt[6][8] =
+{
+    { 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48 },
+    { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 },
+    { 0x5a, 0x5b, 0x6e, 0x27, 0x89, 0x48, 0xd7, 0x7f },
+    { 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48 },
+    { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 },
+    { 0x70, 0xe1, 0x22, 0x5d, 0x6e, 0x4e, 0x76, 0x55 }
+};
+
+static const unsigned char xtea_test_ct[6][8] =
+{
+    { 0x49, 0x7d, 0xf3, 0xd0, 0x72, 0x61, 0x2c, 0xb5 },
+    { 0xe7, 0x8f, 0x2d, 0x13, 0x74, 0x43, 0x41, 0xd8 },
+    { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 },
+    { 0xa0, 0x39, 0x05, 0x89, 0xf8, 0xb8, 0xef, 0xa5 },
+    { 0xed, 0x23, 0x37, 0x5a, 0x82, 0x1a, 0x8c, 0x2d },
+    { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 }
+};
+
+/*
+ * Checkup routine
+ */
+int mbedtls_xtea_self_test( int verbose )
+{
+    int i, ret = 0;
+    unsigned char buf[8];
+    mbedtls_xtea_context ctx;
+
+    mbedtls_xtea_init( &ctx );
+    for( i = 0; i < 6; i++ )
+    {
+        if( verbose != 0 )
+            mbedtls_printf( "  XTEA test #%d: ", i + 1 );
+
+        memcpy( buf, xtea_test_pt[i], 8 );
+
+        mbedtls_xtea_setup( &ctx, xtea_test_key[i] );
+        mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_ENCRYPT, buf, buf );
+
+        if( memcmp( buf, xtea_test_ct[i], 8 ) != 0 )
+        {
+            if( verbose != 0 )
+                mbedtls_printf( "failed\n" );
+
+            ret = 1;
+            goto exit;
+        }
+
+        if( verbose != 0 )
+            mbedtls_printf( "passed\n" );
+    }
+
+    if( verbose != 0 )
+        mbedtls_printf( "\n" );
+
+exit:
+    mbedtls_xtea_free( &ctx );
+
+    return( ret );
+}
+
+#endif /* MBEDTLS_SELF_TEST */
+
+#endif /* MBEDTLS_XTEA_C */
diff --git a/thirdparty/openssl/LICENSE b/thirdparty/openssl/LICENSE
deleted file mode 100644
index fb03713dd1..0000000000
--- a/thirdparty/openssl/LICENSE
+++ /dev/null
@@ -1,127 +0,0 @@
-
-  LICENSE ISSUES
-  ==============
-
-  The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
-  the OpenSSL License and the original SSLeay license apply to the toolkit.
-  See below for the actual license texts. Actually both licenses are BSD-style
-  Open Source licenses. In case of any license issues related to OpenSSL
-  please contact openssl-core@openssl.org.
-
-  OpenSSL License
-  ---------------
-
-/* ====================================================================
- * Copyright (c) 1998-2016 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
- Original SSLeay License
- -----------------------
-
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
diff --git a/thirdparty/openssl/buildinf.h b/thirdparty/openssl/buildinf.h
deleted file mode 100644
index 2e287c42d8..0000000000
--- a/thirdparty/openssl/buildinf.h
+++ /dev/null
@@ -1,5 +0,0 @@
-#ifndef MK1MF_BUILD
-# define CFLAGS        "-DB_ENDIAN"
-# define PLATFORM      "macos"
-# define DATE          "Sun Feb 27 19:44:16 MET 2000"
-#endif
diff --git a/thirdparty/openssl/crypto/LPdir_nyi.c b/thirdparty/openssl/crypto/LPdir_nyi.c
deleted file mode 100644
index b16e84957b..0000000000
--- a/thirdparty/openssl/crypto/LPdir_nyi.c
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef LPDIR_H
-# include "LPdir.h"
-#endif
-
-struct LP_dir_context_st {
-    void *dummy;
-};
-const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
-{
-    errno = EINVAL;
-    return 0;
-}
-
-int LP_find_file_end(LP_DIR_CTX **ctx)
-{
-    errno = EINVAL;
-    return 0;
-}
diff --git a/thirdparty/openssl/crypto/LPdir_unix.c b/thirdparty/openssl/crypto/LPdir_unix.c
deleted file mode 100644
index c97e260492..0000000000
--- a/thirdparty/openssl/crypto/LPdir_unix.c
+++ /dev/null
@@ -1,122 +0,0 @@
-/*
- * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <stddef.h>
-#include <stdlib.h>
-#include <limits.h>
-#include <string.h>
-#include <sys/types.h>
-#include <dirent.h>
-#include <errno.h>
-#ifndef LPDIR_H
-# include "LPdir.h"
-#endif
-
-/*
- * The POSIXly macro for the maximum number of characters in a file path is
- * NAME_MAX.  However, some operating systems use PATH_MAX instead.
- * Therefore, it seems natural to first check for PATH_MAX and use that, and
- * if it doesn't exist, use NAME_MAX.
- */
-#if defined(PATH_MAX)
-# define LP_ENTRY_SIZE PATH_MAX
-#elif defined(NAME_MAX)
-# define LP_ENTRY_SIZE NAME_MAX
-#endif
-
-/*
- * Of course, there's the possibility that neither PATH_MAX nor NAME_MAX
- * exist.  It's also possible that NAME_MAX exists but is define to a very
- * small value (HP-UX offers 14), so we need to check if we got a result, and
- * if it meets a minimum standard, and create or change it if not.
- */
-#if !defined(LP_ENTRY_SIZE) || LP_ENTRY_SIZE<255
-# undef LP_ENTRY_SIZE
-# define LP_ENTRY_SIZE 255
-#endif
-
-struct LP_dir_context_st {
-    DIR *dir;
-    char entry_name[LP_ENTRY_SIZE + 1];
-};
-
-const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
-{
-    struct dirent *direntry = NULL;
-
-    if (ctx == NULL || directory == NULL) {
-        errno = EINVAL;
-        return 0;
-    }
-
-    errno = 0;
-    if (*ctx == NULL) {
-        *ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX));
-        if (*ctx == NULL) {
-            errno = ENOMEM;
-            return 0;
-        }
-        memset(*ctx, '\0', sizeof(LP_DIR_CTX));
-
-        (*ctx)->dir = opendir(directory);
-        if ((*ctx)->dir == NULL) {
-            int save_errno = errno; /* Probably not needed, but I'm paranoid */
-            free(*ctx);
-            *ctx = NULL;
-            errno = save_errno;
-            return 0;
-        }
-    }
-
-    direntry = readdir((*ctx)->dir);
-    if (direntry == NULL) {
-        return 0;
-    }
-
-    strncpy((*ctx)->entry_name, direntry->d_name,
-            sizeof((*ctx)->entry_name) - 1);
-    (*ctx)->entry_name[sizeof((*ctx)->entry_name) - 1] = '\0';
-    return (*ctx)->entry_name;
-}
-
-int LP_find_file_end(LP_DIR_CTX **ctx)
-{
-    if (ctx != NULL && *ctx != NULL) {
-        int ret = closedir((*ctx)->dir);
-
-        free(*ctx);
-        switch (ret) {
-        case 0:
-            return 1;
-        case -1:
-            return 0;
-        default:
-            break;
-        }
-    }
-    errno = EINVAL;
-    return 0;
-}
diff --git a/thirdparty/openssl/crypto/LPdir_vms.c b/thirdparty/openssl/crypto/LPdir_vms.c
deleted file mode 100644
index 88c7ddd85c..0000000000
--- a/thirdparty/openssl/crypto/LPdir_vms.c
+++ /dev/null
@@ -1,195 +0,0 @@
-/*
- * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <stddef.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include <descrip.h>
-#include <namdef.h>
-#include <rmsdef.h>
-#include <libfildef.h>
-#include <lib$routines.h>
-#include <strdef.h>
-#include <str$routines.h>
-#include <stsdef.h>
-#ifndef LPDIR_H
-# include "LPdir.h"
-#endif
-#include "vms_rms.h"
-
-/* Some compiler options hide EVMSERR. */
-#ifndef EVMSERR
-# define EVMSERR        65535   /* error for non-translatable VMS errors */
-#endif
-
-struct LP_dir_context_st {
-    unsigned long VMS_context;
-    char filespec[NAMX_MAXRSS + 1];
-    char result[NAMX_MAXRSS + 1];
-    struct dsc$descriptor_d filespec_dsc;
-    struct dsc$descriptor_d result_dsc;
-};
-
-const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
-{
-    int status;
-    char *p, *r;
-    size_t l;
-    unsigned long flags = 0;
-
-/* Arrange 32-bit pointer to (copied) string storage, if needed. */
-#if __INITIAL_POINTER_SIZE == 64
-# pragma pointer_size save
-# pragma pointer_size 32
-    char *ctx_filespec_32p;
-# pragma pointer_size restore
-    char ctx_filespec_32[NAMX_MAXRSS + 1];
-#endif                          /* __INITIAL_POINTER_SIZE == 64 */
-
-#ifdef NAML$C_MAXRSS
-    flags |= LIB$M_FIL_LONG_NAMES;
-#endif
-
-    if (ctx == NULL || directory == NULL) {
-        errno = EINVAL;
-        return 0;
-    }
-
-    errno = 0;
-    if (*ctx == NULL) {
-        size_t filespeclen = strlen(directory);
-        char *filespec = NULL;
-
-        if (filespeclen == 0) {
-            errno = ENOENT;
-            return 0;
-        }
-
-        /* MUST be a VMS directory specification!  Let's estimate if it is. */
-        if (directory[filespeclen - 1] != ']'
-            && directory[filespeclen - 1] != '>'
-            && directory[filespeclen - 1] != ':') {
-            errno = EINVAL;
-            return 0;
-        }
-
-        filespeclen += 4;       /* "*.*;" */
-
-        if (filespeclen > NAMX_MAXRSS) {
-            errno = ENAMETOOLONG;
-            return 0;
-        }
-
-        *ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX));
-        if (*ctx == NULL) {
-            errno = ENOMEM;
-            return 0;
-        }
-        memset(*ctx, '\0', sizeof(LP_DIR_CTX));
-
-        strcpy((*ctx)->filespec, directory);
-        strcat((*ctx)->filespec, "*.*;");
-
-/* Arrange 32-bit pointer to (copied) string storage, if needed. */
-#if __INITIAL_POINTER_SIZE == 64
-# define CTX_FILESPEC ctx_filespec_32p
-        /* Copy the file name to storage with a 32-bit pointer. */
-        ctx_filespec_32p = ctx_filespec_32;
-        strcpy(ctx_filespec_32p, (*ctx)->filespec);
-#else                           /* __INITIAL_POINTER_SIZE == 64 */
-# define CTX_FILESPEC (*ctx)->filespec
-#endif                          /* __INITIAL_POINTER_SIZE == 64 [else] */
-
-        (*ctx)->filespec_dsc.dsc$w_length = filespeclen;
-        (*ctx)->filespec_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
-        (*ctx)->filespec_dsc.dsc$b_class = DSC$K_CLASS_S;
-        (*ctx)->filespec_dsc.dsc$a_pointer = CTX_FILESPEC;
-    }
-
-    (*ctx)->result_dsc.dsc$w_length = 0;
-    (*ctx)->result_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
-    (*ctx)->result_dsc.dsc$b_class = DSC$K_CLASS_D;
-    (*ctx)->result_dsc.dsc$a_pointer = 0;
-
-    status = lib$find_file(&(*ctx)->filespec_dsc, &(*ctx)->result_dsc,
-                           &(*ctx)->VMS_context, 0, 0, 0, &flags);
-
-    if (status == RMS$_NMF) {
-        errno = 0;
-        vaxc$errno = status;
-        return NULL;
-    }
-
-    if (!$VMS_STATUS_SUCCESS(status)) {
-        errno = EVMSERR;
-        vaxc$errno = status;
-        return NULL;
-    }
-
-    /*
-     * Quick, cheap and dirty way to discard any device and directory, since
-     * we only want file names
-     */
-    l = (*ctx)->result_dsc.dsc$w_length;
-    p = (*ctx)->result_dsc.dsc$a_pointer;
-    r = p;
-    for (; *p; p++) {
-        if (*p == '^' && p[1] != '\0') { /* Take care of ODS-5 escapes */
-            p++;
-        } else if (*p == ':' || *p == '>' || *p == ']') {
-            l -= p + 1 - r;
-            r = p + 1;
-        } else if (*p == ';') {
-            l = p - r;
-            break;
-        }
-    }
-
-    strncpy((*ctx)->result, r, l);
-    (*ctx)->result[l] = '\0';
-    str$free1_dx(&(*ctx)->result_dsc);
-
-    return (*ctx)->result;
-}
-
-int LP_find_file_end(LP_DIR_CTX **ctx)
-{
-    if (ctx != NULL && *ctx != NULL) {
-        int status = lib$find_file_end(&(*ctx)->VMS_context);
-
-        free(*ctx);
-
-        if (!$VMS_STATUS_SUCCESS(status)) {
-            errno = EVMSERR;
-            vaxc$errno = status;
-            return 0;
-        }
-        return 1;
-    }
-    errno = EINVAL;
-    return 0;
-}
diff --git a/thirdparty/openssl/crypto/LPdir_win.c b/thirdparty/openssl/crypto/LPdir_win.c
deleted file mode 100644
index 07e63fb424..0000000000
--- a/thirdparty/openssl/crypto/LPdir_win.c
+++ /dev/null
@@ -1,170 +0,0 @@
-/*
- * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-#include <windows.h>
-#include <tchar.h>
-#ifndef LPDIR_H
-# include "LPdir.h"
-#endif
-
-/*
- * We're most likely overcautious here, but let's reserve for broken WinCE
- * headers and explicitly opt for UNICODE call. Keep in mind that our WinCE
- * builds are compiled with -DUNICODE [as well as -D_UNICODE].
- */
-#if defined(LP_SYS_WINCE) && !defined(FindFirstFile)
-# define FindFirstFile FindFirstFileW
-#endif
-#if defined(LP_SYS_WINCE) && !defined(FindNextFile)
-# define FindNextFile FindNextFileW
-#endif
-
-#ifndef NAME_MAX
-# define NAME_MAX 255
-#endif
-
-struct LP_dir_context_st {
-    WIN32_FIND_DATA ctx;
-    HANDLE handle;
-    char entry_name[NAME_MAX + 1];
-};
-
-const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
-{
-    if (ctx == NULL || directory == NULL) {
-        errno = EINVAL;
-        return 0;
-    }
-
-    errno = 0;
-    if (*ctx == NULL) {
-        const char *extdir = directory;
-        char *extdirbuf = NULL;
-        size_t dirlen = strlen(directory);
-
-        if (dirlen == 0) {
-            errno = ENOENT;
-            return 0;
-        }
-
-        *ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX));
-        if (*ctx == NULL) {
-            errno = ENOMEM;
-            return 0;
-        }
-        memset(*ctx, '\0', sizeof(LP_DIR_CTX));
-
-        if (directory[dirlen - 1] != '*') {
-            extdirbuf = (char *)malloc(dirlen + 3);
-            if (extdirbuf == NULL) {
-                free(*ctx);
-                *ctx = NULL;
-                errno = ENOMEM;
-                return 0;
-            }
-            if (directory[dirlen - 1] != '/' && directory[dirlen - 1] != '\\')
-                extdir = strcat(strcpy(extdirbuf, directory), "/*");
-            else
-                extdir = strcat(strcpy(extdirbuf, directory), "*");
-        }
-
-        if (sizeof(TCHAR) != sizeof(char)) {
-            TCHAR *wdir = NULL;
-            /* len_0 denotes string length *with* trailing 0 */
-            size_t index = 0, len_0 = strlen(extdir) + 1;
-
-            wdir = (TCHAR *)calloc(len_0, sizeof(TCHAR));
-            if (wdir == NULL) {
-                if (extdirbuf != NULL) {
-                    free(extdirbuf);
-                }
-                free(*ctx);
-                *ctx = NULL;
-                errno = ENOMEM;
-                return 0;
-            }
-#ifdef LP_MULTIBYTE_AVAILABLE
-            if (!MultiByteToWideChar
-                (CP_ACP, 0, extdir, len_0, (WCHAR *)wdir, len_0))
-#endif
-                for (index = 0; index < len_0; index++)
-                    wdir[index] = (TCHAR)extdir[index];
-
-            (*ctx)->handle = FindFirstFile(wdir, &(*ctx)->ctx);
-
-            free(wdir);
-        } else {
-            (*ctx)->handle = FindFirstFile((TCHAR *)extdir, &(*ctx)->ctx);
-        }
-        if (extdirbuf != NULL) {
-            free(extdirbuf);
-        }
-
-        if ((*ctx)->handle == INVALID_HANDLE_VALUE) {
-            free(*ctx);
-            *ctx = NULL;
-            errno = EINVAL;
-            return 0;
-        }
-    } else {
-        if (FindNextFile((*ctx)->handle, &(*ctx)->ctx) == FALSE) {
-            return 0;
-        }
-    }
-    if (sizeof(TCHAR) != sizeof(char)) {
-        TCHAR *wdir = (*ctx)->ctx.cFileName;
-        size_t index, len_0 = 0;
-
-        while (wdir[len_0] && len_0 < (sizeof((*ctx)->entry_name) - 1))
-            len_0++;
-        len_0++;
-
-#ifdef LP_MULTIBYTE_AVAILABLE
-        if (!WideCharToMultiByte
-            (CP_ACP, 0, (WCHAR *)wdir, len_0, (*ctx)->entry_name,
-             sizeof((*ctx)->entry_name), NULL, 0))
-#endif
-            for (index = 0; index < len_0; index++)
-                (*ctx)->entry_name[index] = (char)wdir[index];
-    } else
-        strncpy((*ctx)->entry_name, (const char *)(*ctx)->ctx.cFileName,
-                sizeof((*ctx)->entry_name) - 1);
-
-    (*ctx)->entry_name[sizeof((*ctx)->entry_name) - 1] = '\0';
-
-    return (*ctx)->entry_name;
-}
-
-int LP_find_file_end(LP_DIR_CTX **ctx)
-{
-    if (ctx != NULL && *ctx != NULL) {
-        FindClose((*ctx)->handle);
-        free(*ctx);
-        *ctx = NULL;
-        return 1;
-    }
-    errno = EINVAL;
-    return 0;
-}
diff --git a/thirdparty/openssl/crypto/LPdir_win32.c b/thirdparty/openssl/crypto/LPdir_win32.c
deleted file mode 100644
index 84f61117b8..0000000000
--- a/thirdparty/openssl/crypto/LPdir_win32.c
+++ /dev/null
@@ -1,29 +0,0 @@
-/*
- * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#define LP_SYS_WIN32
-#define LP_MULTIBYTE_AVAILABLE
-#include "LPdir_win.c"
diff --git a/thirdparty/openssl/crypto/LPdir_wince.c b/thirdparty/openssl/crypto/LPdir_wince.c
deleted file mode 100644
index a8377f30f4..0000000000
--- a/thirdparty/openssl/crypto/LPdir_wince.c
+++ /dev/null
@@ -1,32 +0,0 @@
-/*
- * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#define LP_SYS_WINCE
-/*
- * We might want to define LP_MULTIBYTE_AVAILABLE here.  It's currently under
- * investigation what the exact conditions would be
- */
-#include "LPdir_win.c"
diff --git a/thirdparty/openssl/crypto/aes/README b/thirdparty/openssl/crypto/aes/README
deleted file mode 100644
index 0f9620a80e..0000000000
--- a/thirdparty/openssl/crypto/aes/README
+++ /dev/null
@@ -1,3 +0,0 @@
-This is an OpenSSL-compatible version of AES (also called Rijndael).
-aes_core.c is basically the same as rijndael-alg-fst.c but with an
-API that looks like the rest of the OpenSSL symmetric cipher suite.
diff --git a/thirdparty/openssl/crypto/aes/aes_cbc.c b/thirdparty/openssl/crypto/aes/aes_cbc.c
deleted file mode 100644
index 805d0e260a..0000000000
--- a/thirdparty/openssl/crypto/aes/aes_cbc.c
+++ /dev/null
@@ -1,66 +0,0 @@
-/* crypto/aes/aes_cbc.c */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/aes.h>
-#include <openssl/modes.h>
-
-void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
-                     size_t len, const AES_KEY *key,
-                     unsigned char *ivec, const int enc)
-{
-
-    if (enc)
-        CRYPTO_cbc128_encrypt(in, out, len, key, ivec,
-                              (block128_f) AES_encrypt);
-    else
-        CRYPTO_cbc128_decrypt(in, out, len, key, ivec,
-                              (block128_f) AES_decrypt);
-}
diff --git a/thirdparty/openssl/crypto/aes/aes_cfb.c b/thirdparty/openssl/crypto/aes/aes_cfb.c
deleted file mode 100644
index 1225000963..0000000000
--- a/thirdparty/openssl/crypto/aes/aes_cfb.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* crypto/aes/aes_cfb.c */
-/* ====================================================================
- * Copyright (c) 2002-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/aes.h>
-#include <openssl/modes.h>
-
-/*
- * The input and output encrypted as though 128bit cfb mode is being used.
- * The extra state information to record how much of the 128bit block we have
- * used is contained in *num;
- */
-
-void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
-                        size_t length, const AES_KEY *key,
-                        unsigned char *ivec, int *num, const int enc)
-{
-
-    CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc,
-                          (block128_f) AES_encrypt);
-}
-
-/* N.B. This expects the input to be packed, MS bit first */
-void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
-                      size_t length, const AES_KEY *key,
-                      unsigned char *ivec, int *num, const int enc)
-{
-    CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc,
-                            (block128_f) AES_encrypt);
-}
-
-void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
-                      size_t length, const AES_KEY *key,
-                      unsigned char *ivec, int *num, const int enc)
-{
-    CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc,
-                            (block128_f) AES_encrypt);
-}
diff --git a/thirdparty/openssl/crypto/aes/aes_core.c b/thirdparty/openssl/crypto/aes/aes_core.c
deleted file mode 100644
index 7019b5d7aa..0000000000
--- a/thirdparty/openssl/crypto/aes/aes_core.c
+++ /dev/null
@@ -1,1363 +0,0 @@
-/* crypto/aes/aes_core.c */
-/**
- * rijndael-alg-fst.c
- *
- * @version 3.0 (December 2000)
- *
- * Optimised ANSI C code for the Rijndael cipher (now AES)
- *
- * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
- * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
- * @author Paulo Barreto <paulo.barreto@terra.com.br>
- *
- * This code is hereby placed in the public domain.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
- * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
- * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
- * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
- * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/* Note: rewritten a little bit to provide error control and an OpenSSL-
-   compatible API */
-
-#ifndef AES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-#include <stdlib.h>
-#include <openssl/aes.h>
-#include "aes_locl.h"
-
-#ifndef AES_ASM
-/*-
-Te0[x] = S [x].[02, 01, 01, 03];
-Te1[x] = S [x].[03, 02, 01, 01];
-Te2[x] = S [x].[01, 03, 02, 01];
-Te3[x] = S [x].[01, 01, 03, 02];
-
-Td0[x] = Si[x].[0e, 09, 0d, 0b];
-Td1[x] = Si[x].[0b, 0e, 09, 0d];
-Td2[x] = Si[x].[0d, 0b, 0e, 09];
-Td3[x] = Si[x].[09, 0d, 0b, 0e];
-Td4[x] = Si[x].[01];
-*/
-
-static const u32 Te0[256] = {
-    0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
-    0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
-    0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU,
-    0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU,
-    0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U,
-    0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU,
-    0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU,
-    0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU,
-    0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU,
-    0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU,
-    0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U,
-    0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU,
-    0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU,
-    0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U,
-    0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU,
-    0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU,
-    0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU,
-    0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU,
-    0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU,
-    0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U,
-    0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU,
-    0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU,
-    0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU,
-    0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU,
-    0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U,
-    0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U,
-    0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U,
-    0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U,
-    0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU,
-    0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U,
-    0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U,
-    0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU,
-    0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU,
-    0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U,
-    0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U,
-    0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U,
-    0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU,
-    0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U,
-    0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU,
-    0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U,
-    0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU,
-    0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U,
-    0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U,
-    0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU,
-    0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U,
-    0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U,
-    0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U,
-    0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U,
-    0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U,
-    0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U,
-    0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U,
-    0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U,
-    0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU,
-    0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U,
-    0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U,
-    0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U,
-    0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U,
-    0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U,
-    0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U,
-    0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU,
-    0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U,
-    0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U,
-    0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U,
-    0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU,
-};
-static const u32 Te1[256] = {
-    0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU,
-    0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U,
-    0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU,
-    0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U,
-    0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU,
-    0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U,
-    0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU,
-    0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U,
-    0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U,
-    0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU,
-    0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U,
-    0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U,
-    0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U,
-    0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU,
-    0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U,
-    0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U,
-    0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU,
-    0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U,
-    0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U,
-    0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U,
-    0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU,
-    0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU,
-    0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U,
-    0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU,
-    0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU,
-    0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U,
-    0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU,
-    0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U,
-    0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU,
-    0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U,
-    0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U,
-    0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U,
-    0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU,
-    0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U,
-    0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU,
-    0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U,
-    0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU,
-    0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U,
-    0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U,
-    0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU,
-    0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU,
-    0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU,
-    0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U,
-    0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U,
-    0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU,
-    0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U,
-    0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU,
-    0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U,
-    0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU,
-    0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U,
-    0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU,
-    0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU,
-    0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U,
-    0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU,
-    0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U,
-    0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU,
-    0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U,
-    0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U,
-    0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U,
-    0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU,
-    0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU,
-    0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U,
-    0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU,
-    0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U,
-};
-static const u32 Te2[256] = {
-    0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU,
-    0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U,
-    0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU,
-    0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U,
-    0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU,
-    0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U,
-    0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU,
-    0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U,
-    0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U,
-    0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU,
-    0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U,
-    0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U,
-    0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U,
-    0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU,
-    0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U,
-    0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U,
-    0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU,
-    0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U,
-    0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U,
-    0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U,
-    0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU,
-    0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU,
-    0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U,
-    0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU,
-    0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU,
-    0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U,
-    0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU,
-    0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U,
-    0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU,
-    0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U,
-    0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U,
-    0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U,
-    0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU,
-    0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U,
-    0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU,
-    0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U,
-    0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU,
-    0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U,
-    0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U,
-    0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU,
-    0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU,
-    0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU,
-    0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U,
-    0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U,
-    0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU,
-    0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U,
-    0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU,
-    0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U,
-    0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU,
-    0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U,
-    0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU,
-    0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU,
-    0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U,
-    0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU,
-    0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U,
-    0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU,
-    0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U,
-    0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U,
-    0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U,
-    0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU,
-    0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU,
-    0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U,
-    0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU,
-    0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U,
-};
-static const u32 Te3[256] = {
-    0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U,
-    0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U,
-    0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U,
-    0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU,
-    0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU,
-    0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU,
-    0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U,
-    0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU,
-    0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU,
-    0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U,
-    0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U,
-    0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU,
-    0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU,
-    0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU,
-    0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU,
-    0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU,
-    0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U,
-    0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU,
-    0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU,
-    0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U,
-    0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U,
-    0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U,
-    0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U,
-    0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U,
-    0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU,
-    0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U,
-    0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU,
-    0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU,
-    0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U,
-    0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U,
-    0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U,
-    0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU,
-    0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U,
-    0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU,
-    0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU,
-    0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U,
-    0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U,
-    0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU,
-    0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U,
-    0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU,
-    0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U,
-    0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U,
-    0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U,
-    0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U,
-    0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU,
-    0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U,
-    0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU,
-    0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U,
-    0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU,
-    0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U,
-    0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU,
-    0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU,
-    0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU,
-    0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU,
-    0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U,
-    0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U,
-    0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U,
-    0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U,
-    0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U,
-    0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U,
-    0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU,
-    0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U,
-    0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
-    0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU,
-};
-
-static const u32 Td0[256] = {
-    0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
-    0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
-    0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U,
-    0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU,
-    0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U,
-    0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U,
-    0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU,
-    0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U,
-    0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU,
-    0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U,
-    0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U,
-    0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U,
-    0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U,
-    0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU,
-    0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U,
-    0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU,
-    0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U,
-    0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU,
-    0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U,
-    0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U,
-    0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U,
-    0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU,
-    0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U,
-    0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU,
-    0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U,
-    0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU,
-    0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U,
-    0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU,
-    0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU,
-    0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U,
-    0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU,
-    0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U,
-    0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU,
-    0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U,
-    0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U,
-    0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U,
-    0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU,
-    0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U,
-    0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U,
-    0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU,
-    0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U,
-    0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U,
-    0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U,
-    0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U,
-    0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U,
-    0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU,
-    0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U,
-    0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U,
-    0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U,
-    0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U,
-    0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U,
-    0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU,
-    0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU,
-    0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU,
-    0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU,
-    0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U,
-    0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U,
-    0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU,
-    0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU,
-    0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U,
-    0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU,
-    0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U,
-    0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U,
-    0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U,
-};
-static const u32 Td1[256] = {
-    0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU,
-    0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U,
-    0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU,
-    0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U,
-    0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U,
-    0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U,
-    0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U,
-    0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U,
-    0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U,
-    0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU,
-    0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU,
-    0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU,
-    0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U,
-    0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU,
-    0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U,
-    0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U,
-    0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U,
-    0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU,
-    0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU,
-    0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U,
-    0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU,
-    0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U,
-    0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU,
-    0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU,
-    0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U,
-    0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U,
-    0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U,
-    0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU,
-    0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U,
-    0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU,
-    0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U,
-    0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U,
-    0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U,
-    0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU,
-    0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U,
-    0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U,
-    0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U,
-    0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U,
-    0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U,
-    0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U,
-    0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU,
-    0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU,
-    0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U,
-    0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU,
-    0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U,
-    0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU,
-    0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU,
-    0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U,
-    0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU,
-    0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U,
-    0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U,
-    0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U,
-    0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U,
-    0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U,
-    0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U,
-    0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U,
-    0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU,
-    0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U,
-    0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U,
-    0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU,
-    0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U,
-    0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U,
-    0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U,
-    0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U,
-};
-static const u32 Td2[256] = {
-    0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U,
-    0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U,
-    0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U,
-    0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U,
-    0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU,
-    0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U,
-    0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U,
-    0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U,
-    0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U,
-    0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU,
-    0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U,
-    0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U,
-    0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU,
-    0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U,
-    0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U,
-    0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U,
-    0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U,
-    0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U,
-    0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U,
-    0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU,
-    0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U,
-    0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U,
-    0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U,
-    0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U,
-    0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U,
-    0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU,
-    0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU,
-    0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U,
-    0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU,
-    0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U,
-    0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU,
-    0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU,
-    0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU,
-    0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU,
-    0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U,
-    0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U,
-    0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U,
-    0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U,
-    0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U,
-    0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U,
-    0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U,
-    0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU,
-    0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU,
-    0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U,
-    0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U,
-    0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU,
-    0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU,
-    0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U,
-    0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U,
-    0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U,
-    0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U,
-    0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U,
-    0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U,
-    0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U,
-    0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU,
-    0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U,
-    0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U,
-    0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U,
-    0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U,
-    0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U,
-    0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U,
-    0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU,
-    0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U,
-    0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U,
-};
-static const u32 Td3[256] = {
-    0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU,
-    0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU,
-    0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U,
-    0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U,
-    0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU,
-    0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU,
-    0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U,
-    0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU,
-    0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U,
-    0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU,
-    0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U,
-    0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U,
-    0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U,
-    0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U,
-    0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U,
-    0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU,
-    0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU,
-    0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U,
-    0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U,
-    0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU,
-    0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU,
-    0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U,
-    0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U,
-    0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U,
-    0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U,
-    0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU,
-    0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U,
-    0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U,
-    0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU,
-    0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU,
-    0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U,
-    0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U,
-    0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U,
-    0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU,
-    0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U,
-    0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U,
-    0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U,
-    0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U,
-    0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U,
-    0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U,
-    0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U,
-    0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU,
-    0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U,
-    0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U,
-    0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU,
-    0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU,
-    0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U,
-    0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU,
-    0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U,
-    0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U,
-    0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U,
-    0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U,
-    0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U,
-    0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U,
-    0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU,
-    0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU,
-    0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU,
-    0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU,
-    0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U,
-    0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U,
-    0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U,
-    0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU,
-    0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
-    0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U,
-};
-static const u8 Td4[256] = {
-    0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
-    0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
-    0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
-    0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
-    0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
-    0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
-    0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
-    0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
-    0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
-    0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
-    0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
-    0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
-    0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
-    0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
-    0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
-    0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
-    0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
-    0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
-    0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
-    0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
-    0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
-    0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
-    0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
-    0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
-    0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
-    0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
-    0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
-    0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
-    0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
-    0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
-    0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
-    0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU,
-};
-static const u32 rcon[] = {
-    0x01000000, 0x02000000, 0x04000000, 0x08000000,
-    0x10000000, 0x20000000, 0x40000000, 0x80000000,
-    0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
-};
-
-/**
- * Expand the cipher key into the encryption key schedule.
- */
-int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
-                                AES_KEY *key)
-{
-
-    u32 *rk;
-    int i = 0;
-    u32 temp;
-
-    if (!userKey || !key)
-        return -1;
-    if (bits != 128 && bits != 192 && bits != 256)
-        return -2;
-
-    rk = key->rd_key;
-
-    if (bits==128)
-        key->rounds = 10;
-    else if (bits==192)
-        key->rounds = 12;
-    else
-        key->rounds = 14;
-
-    rk[0] = GETU32(userKey     );
-    rk[1] = GETU32(userKey +  4);
-    rk[2] = GETU32(userKey +  8);
-    rk[3] = GETU32(userKey + 12);
-    if (bits == 128) {
-        while (1) {
-            temp  = rk[3];
-            rk[4] = rk[0] ^
-                (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
-                (Te3[(temp >>  8) & 0xff] & 0x00ff0000) ^
-                (Te0[(temp      ) & 0xff] & 0x0000ff00) ^
-                (Te1[(temp >> 24)       ] & 0x000000ff) ^
-                rcon[i];
-            rk[5] = rk[1] ^ rk[4];
-            rk[6] = rk[2] ^ rk[5];
-            rk[7] = rk[3] ^ rk[6];
-            if (++i == 10) {
-                return 0;
-            }
-            rk += 4;
-        }
-    }
-    rk[4] = GETU32(userKey + 16);
-    rk[5] = GETU32(userKey + 20);
-    if (bits == 192) {
-        while (1) {
-            temp = rk[ 5];
-            rk[ 6] = rk[ 0] ^
-                (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
-                (Te3[(temp >>  8) & 0xff] & 0x00ff0000) ^
-                (Te0[(temp      ) & 0xff] & 0x0000ff00) ^
-                (Te1[(temp >> 24)       ] & 0x000000ff) ^
-                rcon[i];
-            rk[ 7] = rk[ 1] ^ rk[ 6];
-            rk[ 8] = rk[ 2] ^ rk[ 7];
-            rk[ 9] = rk[ 3] ^ rk[ 8];
-            if (++i == 8) {
-                return 0;
-            }
-            rk[10] = rk[ 4] ^ rk[ 9];
-            rk[11] = rk[ 5] ^ rk[10];
-            rk += 6;
-        }
-    }
-    rk[6] = GETU32(userKey + 24);
-    rk[7] = GETU32(userKey + 28);
-    if (bits == 256) {
-        while (1) {
-            temp = rk[ 7];
-            rk[ 8] = rk[ 0] ^
-                (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
-                (Te3[(temp >>  8) & 0xff] & 0x00ff0000) ^
-                (Te0[(temp      ) & 0xff] & 0x0000ff00) ^
-                (Te1[(temp >> 24)       ] & 0x000000ff) ^
-                rcon[i];
-            rk[ 9] = rk[ 1] ^ rk[ 8];
-            rk[10] = rk[ 2] ^ rk[ 9];
-            rk[11] = rk[ 3] ^ rk[10];
-            if (++i == 7) {
-                return 0;
-            }
-            temp = rk[11];
-            rk[12] = rk[ 4] ^
-                (Te2[(temp >> 24)       ] & 0xff000000) ^
-                (Te3[(temp >> 16) & 0xff] & 0x00ff0000) ^
-                (Te0[(temp >>  8) & 0xff] & 0x0000ff00) ^
-                (Te1[(temp      ) & 0xff] & 0x000000ff);
-            rk[13] = rk[ 5] ^ rk[12];
-            rk[14] = rk[ 6] ^ rk[13];
-            rk[15] = rk[ 7] ^ rk[14];
-
-            rk += 8;
-            }
-    }
-    return 0;
-}
-
-/**
- * Expand the cipher key into the decryption key schedule.
- */
-int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
-                                AES_KEY *key)
-{
-
-    u32 *rk;
-    int i, j, status;
-    u32 temp;
-
-    /* first, start with an encryption schedule */
-    status = private_AES_set_encrypt_key(userKey, bits, key);
-    if (status < 0)
-        return status;
-
-    rk = key->rd_key;
-
-    /* invert the order of the round keys: */
-    for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
-        temp = rk[i    ]; rk[i    ] = rk[j    ]; rk[j    ] = temp;
-        temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
-        temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
-        temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
-    }
-    /* apply the inverse MixColumn transform to all round keys but the first and the last: */
-    for (i = 1; i < (key->rounds); i++) {
-        rk += 4;
-        rk[0] =
-            Td0[Te1[(rk[0] >> 24)       ] & 0xff] ^
-            Td1[Te1[(rk[0] >> 16) & 0xff] & 0xff] ^
-            Td2[Te1[(rk[0] >>  8) & 0xff] & 0xff] ^
-            Td3[Te1[(rk[0]      ) & 0xff] & 0xff];
-        rk[1] =
-            Td0[Te1[(rk[1] >> 24)       ] & 0xff] ^
-            Td1[Te1[(rk[1] >> 16) & 0xff] & 0xff] ^
-            Td2[Te1[(rk[1] >>  8) & 0xff] & 0xff] ^
-            Td3[Te1[(rk[1]      ) & 0xff] & 0xff];
-        rk[2] =
-            Td0[Te1[(rk[2] >> 24)       ] & 0xff] ^
-            Td1[Te1[(rk[2] >> 16) & 0xff] & 0xff] ^
-            Td2[Te1[(rk[2] >>  8) & 0xff] & 0xff] ^
-            Td3[Te1[(rk[2]      ) & 0xff] & 0xff];
-        rk[3] =
-            Td0[Te1[(rk[3] >> 24)       ] & 0xff] ^
-            Td1[Te1[(rk[3] >> 16) & 0xff] & 0xff] ^
-            Td2[Te1[(rk[3] >>  8) & 0xff] & 0xff] ^
-            Td3[Te1[(rk[3]      ) & 0xff] & 0xff];
-    }
-    return 0;
-}
-
-/*
- * Encrypt a single block
- * in and out can overlap
- */
-void AES_encrypt(const unsigned char *in, unsigned char *out,
-                 const AES_KEY *key) {
-
-    const u32 *rk;
-    u32 s0, s1, s2, s3, t0, t1, t2, t3;
-#ifndef FULL_UNROLL
-    int r;
-#endif /* ?FULL_UNROLL */
-
-    assert(in && out && key);
-    rk = key->rd_key;
-
-    /*
-     * map byte array block to cipher state
-     * and add initial round key:
-     */
-    s0 = GETU32(in     ) ^ rk[0];
-    s1 = GETU32(in +  4) ^ rk[1];
-    s2 = GETU32(in +  8) ^ rk[2];
-    s3 = GETU32(in + 12) ^ rk[3];
-#ifdef FULL_UNROLL
-    /* round 1: */
-    t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4];
-    t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5];
-    t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6];
-    t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7];
-    /* round 2: */
-    s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8];
-    s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9];
-    s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10];
-    s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11];
-    /* round 3: */
-    t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12];
-    t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13];
-    t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14];
-    t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15];
-    /* round 4: */
-    s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16];
-    s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17];
-    s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18];
-    s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19];
-    /* round 5: */
-    t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20];
-    t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21];
-    t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22];
-    t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23];
-    /* round 6: */
-    s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24];
-    s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25];
-    s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26];
-    s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27];
-    /* round 7: */
-    t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28];
-    t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29];
-    t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30];
-    t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31];
-    /* round 8: */
-    s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32];
-    s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33];
-    s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34];
-    s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35];
-    /* round 9: */
-    t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36];
-    t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37];
-    t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38];
-    t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39];
-    if (key->rounds > 10) {
-        /* round 10: */
-        s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40];
-        s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41];
-        s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42];
-        s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43];
-        /* round 11: */
-        t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44];
-        t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45];
-        t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46];
-        t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47];
-        if (key->rounds > 12) {
-            /* round 12: */
-            s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48];
-            s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49];
-            s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50];
-            s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51];
-            /* round 13: */
-            t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52];
-            t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53];
-            t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54];
-            t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55];
-        }
-    }
-    rk += key->rounds << 2;
-#else  /* !FULL_UNROLL */
-    /*
-     * Nr - 1 full rounds:
-     */
-    r = key->rounds >> 1;
-    for (;;) {
-        t0 =
-            Te0[(s0 >> 24)       ] ^
-            Te1[(s1 >> 16) & 0xff] ^
-            Te2[(s2 >>  8) & 0xff] ^
-            Te3[(s3      ) & 0xff] ^
-            rk[4];
-        t1 =
-            Te0[(s1 >> 24)       ] ^
-            Te1[(s2 >> 16) & 0xff] ^
-            Te2[(s3 >>  8) & 0xff] ^
-            Te3[(s0      ) & 0xff] ^
-            rk[5];
-        t2 =
-            Te0[(s2 >> 24)       ] ^
-            Te1[(s3 >> 16) & 0xff] ^
-            Te2[(s0 >>  8) & 0xff] ^
-            Te3[(s1      ) & 0xff] ^
-            rk[6];
-        t3 =
-            Te0[(s3 >> 24)       ] ^
-            Te1[(s0 >> 16) & 0xff] ^
-            Te2[(s1 >>  8) & 0xff] ^
-            Te3[(s2      ) & 0xff] ^
-            rk[7];
-
-        rk += 8;
-        if (--r == 0) {
-            break;
-        }
-
-        s0 =
-            Te0[(t0 >> 24)       ] ^
-            Te1[(t1 >> 16) & 0xff] ^
-            Te2[(t2 >>  8) & 0xff] ^
-            Te3[(t3      ) & 0xff] ^
-            rk[0];
-        s1 =
-            Te0[(t1 >> 24)       ] ^
-            Te1[(t2 >> 16) & 0xff] ^
-            Te2[(t3 >>  8) & 0xff] ^
-            Te3[(t0      ) & 0xff] ^
-            rk[1];
-        s2 =
-            Te0[(t2 >> 24)       ] ^
-            Te1[(t3 >> 16) & 0xff] ^
-            Te2[(t0 >>  8) & 0xff] ^
-            Te3[(t1      ) & 0xff] ^
-            rk[2];
-        s3 =
-            Te0[(t3 >> 24)       ] ^
-            Te1[(t0 >> 16) & 0xff] ^
-            Te2[(t1 >>  8) & 0xff] ^
-            Te3[(t2      ) & 0xff] ^
-            rk[3];
-    }
-#endif /* ?FULL_UNROLL */
-    /*
-     * apply last round and
-     * map cipher state to byte array block:
-     */
-    s0 =
-        (Te2[(t0 >> 24)       ] & 0xff000000) ^
-        (Te3[(t1 >> 16) & 0xff] & 0x00ff0000) ^
-        (Te0[(t2 >>  8) & 0xff] & 0x0000ff00) ^
-        (Te1[(t3      ) & 0xff] & 0x000000ff) ^
-        rk[0];
-    PUTU32(out     , s0);
-    s1 =
-        (Te2[(t1 >> 24)       ] & 0xff000000) ^
-        (Te3[(t2 >> 16) & 0xff] & 0x00ff0000) ^
-        (Te0[(t3 >>  8) & 0xff] & 0x0000ff00) ^
-        (Te1[(t0      ) & 0xff] & 0x000000ff) ^
-        rk[1];
-    PUTU32(out +  4, s1);
-    s2 =
-        (Te2[(t2 >> 24)       ] & 0xff000000) ^
-        (Te3[(t3 >> 16) & 0xff] & 0x00ff0000) ^
-        (Te0[(t0 >>  8) & 0xff] & 0x0000ff00) ^
-        (Te1[(t1      ) & 0xff] & 0x000000ff) ^
-        rk[2];
-    PUTU32(out +  8, s2);
-    s3 =
-        (Te2[(t3 >> 24)       ] & 0xff000000) ^
-        (Te3[(t0 >> 16) & 0xff] & 0x00ff0000) ^
-        (Te0[(t1 >>  8) & 0xff] & 0x0000ff00) ^
-        (Te1[(t2      ) & 0xff] & 0x000000ff) ^
-        rk[3];
-    PUTU32(out + 12, s3);
-}
-
-/*
- * Decrypt a single block
- * in and out can overlap
- */
-void AES_decrypt(const unsigned char *in, unsigned char *out,
-                 const AES_KEY *key)
-{
-
-    const u32 *rk;
-    u32 s0, s1, s2, s3, t0, t1, t2, t3;
-#ifndef FULL_UNROLL
-    int r;
-#endif /* ?FULL_UNROLL */
-
-    assert(in && out && key);
-    rk = key->rd_key;
-
-    /*
-     * map byte array block to cipher state
-     * and add initial round key:
-     */
-    s0 = GETU32(in     ) ^ rk[0];
-    s1 = GETU32(in +  4) ^ rk[1];
-    s2 = GETU32(in +  8) ^ rk[2];
-    s3 = GETU32(in + 12) ^ rk[3];
-#ifdef FULL_UNROLL
-    /* round 1: */
-    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[ 4];
-    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[ 5];
-    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[ 6];
-    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[ 7];
-    /* round 2: */
-    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[ 8];
-    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[ 9];
-    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[10];
-    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[11];
-    /* round 3: */
-    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[12];
-    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[13];
-    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[14];
-    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[15];
-    /* round 4: */
-    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[16];
-    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[17];
-    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[18];
-    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[19];
-    /* round 5: */
-    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[20];
-    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[21];
-    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[22];
-    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[23];
-    /* round 6: */
-    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[24];
-    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[25];
-    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[26];
-    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[27];
-    /* round 7: */
-    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[28];
-    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[29];
-    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[30];
-    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[31];
-    /* round 8: */
-    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[32];
-    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[33];
-    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[34];
-    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[35];
-    /* round 9: */
-    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[36];
-    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[37];
-    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38];
-    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39];
-    if (key->rounds > 10) {
-        /* round 10: */
-        s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40];
-        s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41];
-        s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42];
-        s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43];
-        /* round 11: */
-        t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44];
-        t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45];
-        t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46];
-        t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47];
-        if (key->rounds > 12) {
-            /* round 12: */
-            s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48];
-            s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49];
-            s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50];
-            s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51];
-            /* round 13: */
-            t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52];
-            t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53];
-            t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54];
-            t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55];
-        }
-    }
-    rk += key->rounds << 2;
-#else  /* !FULL_UNROLL */
-    /*
-     * Nr - 1 full rounds:
-     */
-    r = key->rounds >> 1;
-    for (;;) {
-        t0 =
-            Td0[(s0 >> 24)       ] ^
-            Td1[(s3 >> 16) & 0xff] ^
-            Td2[(s2 >>  8) & 0xff] ^
-            Td3[(s1      ) & 0xff] ^
-            rk[4];
-        t1 =
-            Td0[(s1 >> 24)       ] ^
-            Td1[(s0 >> 16) & 0xff] ^
-            Td2[(s3 >>  8) & 0xff] ^
-            Td3[(s2      ) & 0xff] ^
-            rk[5];
-        t2 =
-            Td0[(s2 >> 24)       ] ^
-            Td1[(s1 >> 16) & 0xff] ^
-            Td2[(s0 >>  8) & 0xff] ^
-            Td3[(s3      ) & 0xff] ^
-            rk[6];
-        t3 =
-            Td0[(s3 >> 24)       ] ^
-            Td1[(s2 >> 16) & 0xff] ^
-            Td2[(s1 >>  8) & 0xff] ^
-            Td3[(s0      ) & 0xff] ^
-            rk[7];
-
-        rk += 8;
-        if (--r == 0) {
-            break;
-        }
-
-        s0 =
-            Td0[(t0 >> 24)       ] ^
-            Td1[(t3 >> 16) & 0xff] ^
-            Td2[(t2 >>  8) & 0xff] ^
-            Td3[(t1      ) & 0xff] ^
-            rk[0];
-        s1 =
-            Td0[(t1 >> 24)       ] ^
-            Td1[(t0 >> 16) & 0xff] ^
-            Td2[(t3 >>  8) & 0xff] ^
-            Td3[(t2      ) & 0xff] ^
-            rk[1];
-        s2 =
-            Td0[(t2 >> 24)       ] ^
-            Td1[(t1 >> 16) & 0xff] ^
-            Td2[(t0 >>  8) & 0xff] ^
-            Td3[(t3      ) & 0xff] ^
-            rk[2];
-        s3 =
-            Td0[(t3 >> 24)       ] ^
-            Td1[(t2 >> 16) & 0xff] ^
-            Td2[(t1 >>  8) & 0xff] ^
-            Td3[(t0      ) & 0xff] ^
-            rk[3];
-    }
-#endif /* ?FULL_UNROLL */
-    /*
-     * apply last round and
-     * map cipher state to byte array block:
-     */
-    s0 =
-        ((u32)Td4[(t0 >> 24)       ] << 24) ^
-        ((u32)Td4[(t3 >> 16) & 0xff] << 16) ^
-        ((u32)Td4[(t2 >>  8) & 0xff] <<  8) ^
-        ((u32)Td4[(t1      ) & 0xff])       ^
-        rk[0];
-    PUTU32(out     , s0);
-    s1 =
-        ((u32)Td4[(t1 >> 24)       ] << 24) ^
-        ((u32)Td4[(t0 >> 16) & 0xff] << 16) ^
-        ((u32)Td4[(t3 >>  8) & 0xff] <<  8) ^
-        ((u32)Td4[(t2      ) & 0xff])       ^
-        rk[1];
-    PUTU32(out +  4, s1);
-    s2 =
-        ((u32)Td4[(t2 >> 24)       ] << 24) ^
-        ((u32)Td4[(t1 >> 16) & 0xff] << 16) ^
-        ((u32)Td4[(t0 >>  8) & 0xff] <<  8) ^
-        ((u32)Td4[(t3      ) & 0xff])       ^
-        rk[2];
-    PUTU32(out +  8, s2);
-    s3 =
-        ((u32)Td4[(t3 >> 24)       ] << 24) ^
-        ((u32)Td4[(t2 >> 16) & 0xff] << 16) ^
-        ((u32)Td4[(t1 >>  8) & 0xff] <<  8) ^
-        ((u32)Td4[(t0      ) & 0xff])       ^
-        rk[3];
-    PUTU32(out + 12, s3);
-}
-
-#else /* AES_ASM */
-
-static const u8 Te4[256] = {
-    0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U,
-    0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U,
-    0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U,
-    0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U,
-    0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU,
-    0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U,
-    0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU,
-    0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U,
-    0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U,
-    0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U,
-    0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU,
-    0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU,
-    0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U,
-    0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U,
-    0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U,
-    0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U,
-    0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U,
-    0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U,
-    0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U,
-    0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU,
-    0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU,
-    0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U,
-    0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U,
-    0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U,
-    0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U,
-    0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU,
-    0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU,
-    0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU,
-    0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U,
-    0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU,
-    0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U,
-    0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U
-};
-static const u32 rcon[] = {
-    0x01000000, 0x02000000, 0x04000000, 0x08000000,
-    0x10000000, 0x20000000, 0x40000000, 0x80000000,
-    0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
-};
-
-/**
- * Expand the cipher key into the encryption key schedule.
- */
-int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
-                                AES_KEY *key)
-{
-    u32 *rk;
-   	int i = 0;
-    u32 temp;
-
-    if (!userKey || !key)
-        return -1;
-    if (bits != 128 && bits != 192 && bits != 256)
-        return -2;
-
-    rk = key->rd_key;
-
-    if (bits==128)
-        key->rounds = 10;
-    else if (bits==192)
-        key->rounds = 12;
-    else
-        key->rounds = 14;
-
-    rk[0] = GETU32(userKey     );
-    rk[1] = GETU32(userKey +  4);
-    rk[2] = GETU32(userKey +  8);
-    rk[3] = GETU32(userKey + 12);
-    if (bits == 128) {
-        while (1) {
-            temp  = rk[3];
-            rk[4] = rk[0] ^
-                ((u32)Te4[(temp >> 16) & 0xff] << 24) ^
-                ((u32)Te4[(temp >>  8) & 0xff] << 16) ^
-                ((u32)Te4[(temp      ) & 0xff] << 8) ^
-                ((u32)Te4[(temp >> 24)       ]) ^
-                rcon[i];
-            rk[5] = rk[1] ^ rk[4];
-            rk[6] = rk[2] ^ rk[5];
-            rk[7] = rk[3] ^ rk[6];
-            if (++i == 10) {
-                return 0;
-            }
-            rk += 4;
-        }
-    }
-    rk[4] = GETU32(userKey + 16);
-    rk[5] = GETU32(userKey + 20);
-    if (bits == 192) {
-        while (1) {
-            temp = rk[ 5];
-            rk[ 6] = rk[ 0] ^
-                ((u32)Te4[(temp >> 16) & 0xff] << 24) ^
-                ((u32)Te4[(temp >>  8) & 0xff] << 16) ^
-                ((u32)Te4[(temp      ) & 0xff] << 8) ^
-                ((u32)Te4[(temp >> 24)       ]) ^
-                rcon[i];
-            rk[ 7] = rk[ 1] ^ rk[ 6];
-            rk[ 8] = rk[ 2] ^ rk[ 7];
-            rk[ 9] = rk[ 3] ^ rk[ 8];
-            if (++i == 8) {
-                return 0;
-            }
-            rk[10] = rk[ 4] ^ rk[ 9];
-            rk[11] = rk[ 5] ^ rk[10];
-            rk += 6;
-        }
-    }
-    rk[6] = GETU32(userKey + 24);
-    rk[7] = GETU32(userKey + 28);
-    if (bits == 256) {
-        while (1) {
-            temp = rk[ 7];
-            rk[ 8] = rk[ 0] ^
-                ((u32)Te4[(temp >> 16) & 0xff] << 24) ^
-                ((u32)Te4[(temp >>  8) & 0xff] << 16) ^
-                ((u32)Te4[(temp      ) & 0xff] << 8) ^
-                ((u32)Te4[(temp >> 24)       ]) ^
-                rcon[i];
-            rk[ 9] = rk[ 1] ^ rk[ 8];
-            rk[10] = rk[ 2] ^ rk[ 9];
-            rk[11] = rk[ 3] ^ rk[10];
-            if (++i == 7) {
-                return 0;
-            }
-            temp = rk[11];
-            rk[12] = rk[ 4] ^
-                ((u32)Te4[(temp >> 24)       ] << 24) ^
-                ((u32)Te4[(temp >> 16) & 0xff] << 16) ^
-                ((u32)Te4[(temp >>  8) & 0xff] << 8) ^
-                ((u32)Te4[(temp      ) & 0xff]);
-            rk[13] = rk[ 5] ^ rk[12];
-            rk[14] = rk[ 6] ^ rk[13];
-            rk[15] = rk[ 7] ^ rk[14];
-
-            rk += 8;
-        }
-    }
-    return 0;
-}
-
-/**
- * Expand the cipher key into the decryption key schedule.
- */
-int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
-                                AES_KEY *key)
-{
-
-    u32 *rk;
-    int i, j, status;
-    u32 temp;
-
-    /* first, start with an encryption schedule */
-    status = private_AES_set_encrypt_key(userKey, bits, key);
-    if (status < 0)
-        return status;
-
-    rk = key->rd_key;
-
-    /* invert the order of the round keys: */
-    for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
-        temp = rk[i    ]; rk[i    ] = rk[j    ]; rk[j    ] = temp;
-        temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
-        temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
-        temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
-    }
-    /* apply the inverse MixColumn transform to all round keys but the first and the last: */
-    for (i = 1; i < (key->rounds); i++) {
-        rk += 4;
-        for (j = 0; j < 4; j++) {
-            u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
-
-            tp1 = rk[j];
-            m = tp1 & 0x80808080;
-            tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
-                ((m - (m >> 7)) & 0x1b1b1b1b);
-            m = tp2 & 0x80808080;
-            tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
-                ((m - (m >> 7)) & 0x1b1b1b1b);
-            m = tp4 & 0x80808080;
-            tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
-                ((m - (m >> 7)) & 0x1b1b1b1b);
-            tp9 = tp8 ^ tp1;
-            tpb = tp9 ^ tp2;
-            tpd = tp9 ^ tp4;
-            tpe = tp8 ^ tp4 ^ tp2;
-#if defined(ROTATE)
-            rk[j] = tpe ^ ROTATE(tpd,16) ^
-                ROTATE(tp9,24) ^ ROTATE(tpb,8);
-#else
-            rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ 
-                (tp9 >> 8) ^ (tp9 << 24) ^
-                (tpb >> 24) ^ (tpb << 8);
-#endif
-        }
-    }
-    return 0;
-}
-
-#endif /* AES_ASM */
diff --git a/thirdparty/openssl/crypto/aes/aes_ctr.c b/thirdparty/openssl/crypto/aes/aes_ctr.c
deleted file mode 100644
index 9e760c4b12..0000000000
--- a/thirdparty/openssl/crypto/aes/aes_ctr.c
+++ /dev/null
@@ -1,63 +0,0 @@
-/* crypto/aes/aes_ctr.c */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/aes.h>
-#include <openssl/modes.h>
-
-void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
-                        size_t length, const AES_KEY *key,
-                        unsigned char ivec[AES_BLOCK_SIZE],
-                        unsigned char ecount_buf[AES_BLOCK_SIZE],
-                        unsigned int *num)
-{
-    CRYPTO_ctr128_encrypt(in, out, length, key, ivec, ecount_buf, num,
-                          (block128_f) AES_encrypt);
-}
diff --git a/thirdparty/openssl/crypto/aes/aes_ecb.c b/thirdparty/openssl/crypto/aes/aes_ecb.c
deleted file mode 100644
index 52151a5c70..0000000000
--- a/thirdparty/openssl/crypto/aes/aes_ecb.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/* crypto/aes/aes_ecb.c */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef AES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-#include <openssl/aes.h>
-#include "aes_locl.h"
-
-void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
-                     const AES_KEY *key, const int enc)
-{
-
-    assert(in && out && key);
-    assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
-
-    if (AES_ENCRYPT == enc)
-        AES_encrypt(in, out, key);
-    else
-        AES_decrypt(in, out, key);
-}
diff --git a/thirdparty/openssl/crypto/aes/aes_ige.c b/thirdparty/openssl/crypto/aes/aes_ige.c
deleted file mode 100644
index 8f2b770647..0000000000
--- a/thirdparty/openssl/crypto/aes/aes_ige.c
+++ /dev/null
@@ -1,323 +0,0 @@
-/* crypto/aes/aes_ige.c */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include "cryptlib.h"
-
-#include <openssl/aes.h>
-#include "aes_locl.h"
-
-#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long))
-typedef struct {
-    unsigned long data[N_WORDS];
-} aes_block_t;
-
-/* XXX: probably some better way to do this */
-#if defined(__i386__) || defined(__x86_64__)
-# define UNALIGNED_MEMOPS_ARE_FAST 1
-#else
-# define UNALIGNED_MEMOPS_ARE_FAST 0
-#endif
-
-#if UNALIGNED_MEMOPS_ARE_FAST
-# define load_block(d, s)        (d) = *(const aes_block_t *)(s)
-# define store_block(d, s)       *(aes_block_t *)(d) = (s)
-#else
-# define load_block(d, s)        memcpy((d).data, (s), AES_BLOCK_SIZE)
-# define store_block(d, s)       memcpy((d), (s).data, AES_BLOCK_SIZE)
-#endif
-
-/* N.B. The IV for this mode is _twice_ the block size */
-
-void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
-                     size_t length, const AES_KEY *key,
-                     unsigned char *ivec, const int enc)
-{
-    size_t n;
-    size_t len = length;
-
-    OPENSSL_assert(in && out && key && ivec);
-    OPENSSL_assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
-    OPENSSL_assert((length % AES_BLOCK_SIZE) == 0);
-
-    len = length / AES_BLOCK_SIZE;
-
-    if (AES_ENCRYPT == enc) {
-        if (in != out &&
-            (UNALIGNED_MEMOPS_ARE_FAST
-             || ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(long) ==
-             0)) {
-            aes_block_t *ivp = (aes_block_t *) ivec;
-            aes_block_t *iv2p = (aes_block_t *) (ivec + AES_BLOCK_SIZE);
-
-            while (len) {
-                aes_block_t *inp = (aes_block_t *) in;
-                aes_block_t *outp = (aes_block_t *) out;
-
-                for (n = 0; n < N_WORDS; ++n)
-                    outp->data[n] = inp->data[n] ^ ivp->data[n];
-                AES_encrypt((unsigned char *)outp->data,
-                            (unsigned char *)outp->data, key);
-                for (n = 0; n < N_WORDS; ++n)
-                    outp->data[n] ^= iv2p->data[n];
-                ivp = outp;
-                iv2p = inp;
-                --len;
-                in += AES_BLOCK_SIZE;
-                out += AES_BLOCK_SIZE;
-            }
-            memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
-            memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
-        } else {
-            aes_block_t tmp, tmp2;
-            aes_block_t iv;
-            aes_block_t iv2;
-
-            load_block(iv, ivec);
-            load_block(iv2, ivec + AES_BLOCK_SIZE);
-
-            while (len) {
-                load_block(tmp, in);
-                for (n = 0; n < N_WORDS; ++n)
-                    tmp2.data[n] = tmp.data[n] ^ iv.data[n];
-                AES_encrypt((unsigned char *)tmp2.data,
-                            (unsigned char *)tmp2.data, key);
-                for (n = 0; n < N_WORDS; ++n)
-                    tmp2.data[n] ^= iv2.data[n];
-                store_block(out, tmp2);
-                iv = tmp2;
-                iv2 = tmp;
-                --len;
-                in += AES_BLOCK_SIZE;
-                out += AES_BLOCK_SIZE;
-            }
-            memcpy(ivec, iv.data, AES_BLOCK_SIZE);
-            memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
-        }
-    } else {
-        if (in != out &&
-            (UNALIGNED_MEMOPS_ARE_FAST
-             || ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(long) ==
-             0)) {
-            aes_block_t *ivp = (aes_block_t *) ivec;
-            aes_block_t *iv2p = (aes_block_t *) (ivec + AES_BLOCK_SIZE);
-
-            while (len) {
-                aes_block_t tmp;
-                aes_block_t *inp = (aes_block_t *) in;
-                aes_block_t *outp = (aes_block_t *) out;
-
-                for (n = 0; n < N_WORDS; ++n)
-                    tmp.data[n] = inp->data[n] ^ iv2p->data[n];
-                AES_decrypt((unsigned char *)tmp.data,
-                            (unsigned char *)outp->data, key);
-                for (n = 0; n < N_WORDS; ++n)
-                    outp->data[n] ^= ivp->data[n];
-                ivp = inp;
-                iv2p = outp;
-                --len;
-                in += AES_BLOCK_SIZE;
-                out += AES_BLOCK_SIZE;
-            }
-            memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
-            memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
-        } else {
-            aes_block_t tmp, tmp2;
-            aes_block_t iv;
-            aes_block_t iv2;
-
-            load_block(iv, ivec);
-            load_block(iv2, ivec + AES_BLOCK_SIZE);
-
-            while (len) {
-                load_block(tmp, in);
-                tmp2 = tmp;
-                for (n = 0; n < N_WORDS; ++n)
-                    tmp.data[n] ^= iv2.data[n];
-                AES_decrypt((unsigned char *)tmp.data,
-                            (unsigned char *)tmp.data, key);
-                for (n = 0; n < N_WORDS; ++n)
-                    tmp.data[n] ^= iv.data[n];
-                store_block(out, tmp);
-                iv = tmp2;
-                iv2 = tmp;
-                --len;
-                in += AES_BLOCK_SIZE;
-                out += AES_BLOCK_SIZE;
-            }
-            memcpy(ivec, iv.data, AES_BLOCK_SIZE);
-            memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
-        }
-    }
-}
-
-/*
- * Note that its effectively impossible to do biIGE in anything other
- * than a single pass, so no provision is made for chaining.
- */
-
-/* N.B. The IV for this mode is _four times_ the block size */
-
-void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
-                        size_t length, const AES_KEY *key,
-                        const AES_KEY *key2, const unsigned char *ivec,
-                        const int enc)
-{
-    size_t n;
-    size_t len = length;
-    unsigned char tmp[AES_BLOCK_SIZE];
-    unsigned char tmp2[AES_BLOCK_SIZE];
-    unsigned char tmp3[AES_BLOCK_SIZE];
-    unsigned char prev[AES_BLOCK_SIZE];
-    const unsigned char *iv;
-    const unsigned char *iv2;
-
-    OPENSSL_assert(in && out && key && ivec);
-    OPENSSL_assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
-    OPENSSL_assert((length % AES_BLOCK_SIZE) == 0);
-
-    if (AES_ENCRYPT == enc) {
-        /*
-         * XXX: Do a separate case for when in != out (strictly should check
-         * for overlap, too)
-         */
-
-        /* First the forward pass */
-        iv = ivec;
-        iv2 = ivec + AES_BLOCK_SIZE;
-        while (len >= AES_BLOCK_SIZE) {
-            for (n = 0; n < AES_BLOCK_SIZE; ++n)
-                out[n] = in[n] ^ iv[n];
-            AES_encrypt(out, out, key);
-            for (n = 0; n < AES_BLOCK_SIZE; ++n)
-                out[n] ^= iv2[n];
-            iv = out;
-            memcpy(prev, in, AES_BLOCK_SIZE);
-            iv2 = prev;
-            len -= AES_BLOCK_SIZE;
-            in += AES_BLOCK_SIZE;
-            out += AES_BLOCK_SIZE;
-        }
-
-        /* And now backwards */
-        iv = ivec + AES_BLOCK_SIZE * 2;
-        iv2 = ivec + AES_BLOCK_SIZE * 3;
-        len = length;
-        while (len >= AES_BLOCK_SIZE) {
-            out -= AES_BLOCK_SIZE;
-            /*
-             * XXX: reduce copies by alternating between buffers
-             */
-            memcpy(tmp, out, AES_BLOCK_SIZE);
-            for (n = 0; n < AES_BLOCK_SIZE; ++n)
-                out[n] ^= iv[n];
-            /*
-             * hexdump(stdout, "out ^ iv", out, AES_BLOCK_SIZE);
-             */
-            AES_encrypt(out, out, key);
-            /*
-             * hexdump(stdout,"enc", out, AES_BLOCK_SIZE);
-             */
-            /*
-             * hexdump(stdout,"iv2", iv2, AES_BLOCK_SIZE);
-             */
-            for (n = 0; n < AES_BLOCK_SIZE; ++n)
-                out[n] ^= iv2[n];
-            /*
-             * hexdump(stdout,"out", out, AES_BLOCK_SIZE);
-             */
-            iv = out;
-            memcpy(prev, tmp, AES_BLOCK_SIZE);
-            iv2 = prev;
-            len -= AES_BLOCK_SIZE;
-        }
-    } else {
-        /* First backwards */
-        iv = ivec + AES_BLOCK_SIZE * 2;
-        iv2 = ivec + AES_BLOCK_SIZE * 3;
-        in += length;
-        out += length;
-        while (len >= AES_BLOCK_SIZE) {
-            in -= AES_BLOCK_SIZE;
-            out -= AES_BLOCK_SIZE;
-            memcpy(tmp, in, AES_BLOCK_SIZE);
-            memcpy(tmp2, in, AES_BLOCK_SIZE);
-            for (n = 0; n < AES_BLOCK_SIZE; ++n)
-                tmp[n] ^= iv2[n];
-            AES_decrypt(tmp, out, key);
-            for (n = 0; n < AES_BLOCK_SIZE; ++n)
-                out[n] ^= iv[n];
-            memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
-            iv = tmp3;
-            iv2 = out;
-            len -= AES_BLOCK_SIZE;
-        }
-
-        /* And now forwards */
-        iv = ivec;
-        iv2 = ivec + AES_BLOCK_SIZE;
-        len = length;
-        while (len >= AES_BLOCK_SIZE) {
-            memcpy(tmp, out, AES_BLOCK_SIZE);
-            memcpy(tmp2, out, AES_BLOCK_SIZE);
-            for (n = 0; n < AES_BLOCK_SIZE; ++n)
-                tmp[n] ^= iv2[n];
-            AES_decrypt(tmp, out, key);
-            for (n = 0; n < AES_BLOCK_SIZE; ++n)
-                out[n] ^= iv[n];
-            memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
-            iv = tmp3;
-            iv2 = out;
-            len -= AES_BLOCK_SIZE;
-            in += AES_BLOCK_SIZE;
-            out += AES_BLOCK_SIZE;
-        }
-    }
-}
diff --git a/thirdparty/openssl/crypto/aes/aes_locl.h b/thirdparty/openssl/crypto/aes/aes_locl.h
deleted file mode 100644
index 7acd74ec16..0000000000
--- a/thirdparty/openssl/crypto/aes/aes_locl.h
+++ /dev/null
@@ -1,89 +0,0 @@
-/* crypto/aes/aes.h */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef HEADER_AES_LOCL_H
-# define HEADER_AES_LOCL_H
-
-# include <openssl/e_os2.h>
-
-# ifdef OPENSSL_NO_AES
-#  error AES is disabled.
-# endif
-
-# include <stdio.h>
-# include <stdlib.h>
-# include <string.h>
-
-# if defined(_MSC_VER) && (defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64))
-#  define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
-#  define GETU32(p) SWAP(*((u32 *)(p)))
-#  define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); }
-# else
-#  define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ ((u32)(pt)[2] <<  8) ^ ((u32)(pt)[3]))
-#  define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >>  8); (ct)[3] = (u8)(st); }
-# endif
-
-# ifdef AES_LONG
-typedef unsigned long u32;
-# else
-typedef unsigned int u32;
-# endif
-typedef unsigned short u16;
-typedef unsigned char u8;
-
-# define MAXKC   (256/32)
-# define MAXKB   (256/8)
-# define MAXNR   14
-
-/* This controls loop-unrolling in aes_core.c */
-# undef FULL_UNROLL
-
-#endif                          /* !HEADER_AES_LOCL_H */
diff --git a/thirdparty/openssl/crypto/aes/aes_misc.c b/thirdparty/openssl/crypto/aes/aes_misc.c
deleted file mode 100644
index fafad4d6f5..0000000000
--- a/thirdparty/openssl/crypto/aes/aes_misc.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/* crypto/aes/aes_misc.c */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/opensslv.h>
-#include <openssl/crypto.h>
-#include <openssl/aes.h>
-#include "aes_locl.h"
-
-const char AES_version[] = "AES" OPENSSL_VERSION_PTEXT;
-
-const char *AES_options(void)
-{
-#ifdef FULL_UNROLL
-    return "aes(full)";
-#else
-    return "aes(partial)";
-#endif
-}
-
-/* FIPS wrapper functions to block low level AES calls in FIPS mode */
-
-int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
-                        AES_KEY *key)
-{
-#ifdef OPENSSL_FIPS
-    fips_cipher_abort(AES);
-#endif
-    return private_AES_set_encrypt_key(userKey, bits, key);
-}
-
-int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
-                        AES_KEY *key)
-{
-#ifdef OPENSSL_FIPS
-    fips_cipher_abort(AES);
-#endif
-    return private_AES_set_decrypt_key(userKey, bits, key);
-}
diff --git a/thirdparty/openssl/crypto/aes/aes_ofb.c b/thirdparty/openssl/crypto/aes/aes_ofb.c
deleted file mode 100644
index 64a08caaec..0000000000
--- a/thirdparty/openssl/crypto/aes/aes_ofb.c
+++ /dev/null
@@ -1,61 +0,0 @@
-/* crypto/aes/aes_ofb.c */
-/* ====================================================================
- * Copyright (c) 2002-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/aes.h>
-#include <openssl/modes.h>
-
-void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
-                        size_t length, const AES_KEY *key,
-                        unsigned char *ivec, int *num)
-{
-    CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num,
-                          (block128_f) AES_encrypt);
-}
diff --git a/thirdparty/openssl/crypto/aes/aes_wrap.c b/thirdparty/openssl/crypto/aes/aes_wrap.c
deleted file mode 100644
index b7b64d57a4..0000000000
--- a/thirdparty/openssl/crypto/aes/aes_wrap.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/* crypto/aes/aes_wrap.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include "cryptlib.h"
-#include <openssl/aes.h>
-#include <openssl/modes.h>
-
-int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
-                 unsigned char *out,
-                 const unsigned char *in, unsigned int inlen)
-{
-    return CRYPTO_128_wrap(key, iv, out, in, inlen, (block128_f) AES_encrypt);
-}
-
-int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
-                   unsigned char *out,
-                   const unsigned char *in, unsigned int inlen)
-{
-    return CRYPTO_128_unwrap(key, iv, out, in, inlen,
-                             (block128_f) AES_decrypt);
-}
diff --git a/thirdparty/openssl/crypto/aes/aes_x86core.c b/thirdparty/openssl/crypto/aes/aes_x86core.c
deleted file mode 100644
index b5dd697677..0000000000
--- a/thirdparty/openssl/crypto/aes/aes_x86core.c
+++ /dev/null
@@ -1,1072 +0,0 @@
-/* crypto/aes/aes_core.c */
-/**
- * rijndael-alg-fst.c
- *
- * @version 3.0 (December 2000)
- *
- * Optimised ANSI C code for the Rijndael cipher (now AES)
- *
- * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
- * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
- * @author Paulo Barreto <paulo.barreto@terra.com.br>
- *
- * This code is hereby placed in the public domain.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
- * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
- * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
- * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
- * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/*
- * This is experimental x86[_64] derivative. It assumes little-endian
- * byte order and expects CPU to sustain unaligned memory references.
- * It is used as playground for cache-time attack mitigations and
- * serves as reference C implementation for x86[_64] assembler.
- *
- *                  <appro@fy.chalmers.se>
- */
-
-
-#ifndef AES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-#include <stdlib.h>
-#include <openssl/aes.h>
-#include "aes_locl.h"
-
-/*
- * These two parameters control which table, 256-byte or 2KB, is
- * referenced in outer and respectively inner rounds.
- */
-#define AES_COMPACT_IN_OUTER_ROUNDS
-#ifdef  AES_COMPACT_IN_OUTER_ROUNDS
-/* AES_COMPACT_IN_OUTER_ROUNDS costs ~30% in performance, while
- * adding AES_COMPACT_IN_INNER_ROUNDS reduces benchmark *further*
- * by factor of ~2. */
-# undef  AES_COMPACT_IN_INNER_ROUNDS
-#endif
-
-#if 1
-static void prefetch256(const void *table)
-{
-    volatile unsigned long *t=(void *)table,ret;
-    unsigned long sum;
-    int i;
-
-    /* 32 is common least cache-line size */
-    for (sum=0,i=0;i<256/sizeof(t[0]);i+=32/sizeof(t[0]))   sum ^= t[i];
-
-    ret = sum;
-}
-#else
-# define prefetch256(t)
-#endif
-
-#undef GETU32
-#define GETU32(p) (*((u32*)(p)))
-
-#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
-typedef unsigned __int64 u64;
-#define U64(C)  C##UI64
-#elif defined(__arch64__)
-typedef unsigned long u64;
-#define U64(C)  C##UL
-#else
-typedef unsigned long long u64;
-#define U64(C)  C##ULL
-#endif
-
-#undef ROTATE
-#if defined(_MSC_VER)
-# define ROTATE(a,n)    _lrotl(a,n)
-#elif defined(__ICC)
-# define ROTATE(a,n)    _rotl(a,n)
-#elif defined(__GNUC__) && __GNUC__>=2
-# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
-#   define ROTATE(a,n)  ({ register unsigned int ret;   \
-                asm (           \
-                "roll %1,%0"        \
-                : "=r"(ret)     \
-                : "I"(n), "0"(a)    \
-                : "cc");        \
-               ret;             \
-            })
-# endif
-#endif
-/*-
-Te [x] = S [x].[02, 01, 01, 03, 02, 01, 01, 03];
-Te0[x] = S [x].[02, 01, 01, 03];
-Te1[x] = S [x].[03, 02, 01, 01];
-Te2[x] = S [x].[01, 03, 02, 01];
-Te3[x] = S [x].[01, 01, 03, 02];
-*/
-#define Te0 (u32)((u64*)((u8*)Te+0))
-#define Te1 (u32)((u64*)((u8*)Te+3))
-#define Te2 (u32)((u64*)((u8*)Te+2))
-#define Te3 (u32)((u64*)((u8*)Te+1))
-/*-
-Td [x] = Si[x].[0e, 09, 0d, 0b, 0e, 09, 0d, 0b];
-Td0[x] = Si[x].[0e, 09, 0d, 0b];
-Td1[x] = Si[x].[0b, 0e, 09, 0d];
-Td2[x] = Si[x].[0d, 0b, 0e, 09];
-Td3[x] = Si[x].[09, 0d, 0b, 0e];
-Td4[x] = Si[x].[01];
-*/
-#define Td0 (u32)((u64*)((u8*)Td+0))
-#define Td1 (u32)((u64*)((u8*)Td+3))
-#define Td2 (u32)((u64*)((u8*)Td+2))
-#define Td3 (u32)((u64*)((u8*)Td+1))
-
-static const u64 Te[256] = {
-    U64(0xa56363c6a56363c6), U64(0x847c7cf8847c7cf8),
-    U64(0x997777ee997777ee), U64(0x8d7b7bf68d7b7bf6),
-    U64(0x0df2f2ff0df2f2ff), U64(0xbd6b6bd6bd6b6bd6),
-    U64(0xb16f6fdeb16f6fde), U64(0x54c5c59154c5c591),
-    U64(0x5030306050303060), U64(0x0301010203010102),
-    U64(0xa96767cea96767ce), U64(0x7d2b2b567d2b2b56),
-    U64(0x19fefee719fefee7), U64(0x62d7d7b562d7d7b5),
-    U64(0xe6abab4de6abab4d), U64(0x9a7676ec9a7676ec),
-    U64(0x45caca8f45caca8f), U64(0x9d82821f9d82821f),
-    U64(0x40c9c98940c9c989), U64(0x877d7dfa877d7dfa),
-    U64(0x15fafaef15fafaef), U64(0xeb5959b2eb5959b2),
-    U64(0xc947478ec947478e), U64(0x0bf0f0fb0bf0f0fb),
-    U64(0xecadad41ecadad41), U64(0x67d4d4b367d4d4b3),
-    U64(0xfda2a25ffda2a25f), U64(0xeaafaf45eaafaf45),
-    U64(0xbf9c9c23bf9c9c23), U64(0xf7a4a453f7a4a453),
-    U64(0x967272e4967272e4), U64(0x5bc0c09b5bc0c09b),
-    U64(0xc2b7b775c2b7b775), U64(0x1cfdfde11cfdfde1),
-    U64(0xae93933dae93933d), U64(0x6a26264c6a26264c),
-    U64(0x5a36366c5a36366c), U64(0x413f3f7e413f3f7e),
-    U64(0x02f7f7f502f7f7f5), U64(0x4fcccc834fcccc83),
-    U64(0x5c3434685c343468), U64(0xf4a5a551f4a5a551),
-    U64(0x34e5e5d134e5e5d1), U64(0x08f1f1f908f1f1f9),
-    U64(0x937171e2937171e2), U64(0x73d8d8ab73d8d8ab),
-    U64(0x5331316253313162), U64(0x3f15152a3f15152a),
-    U64(0x0c0404080c040408), U64(0x52c7c79552c7c795),
-    U64(0x6523234665232346), U64(0x5ec3c39d5ec3c39d),
-    U64(0x2818183028181830), U64(0xa1969637a1969637),
-    U64(0x0f05050a0f05050a), U64(0xb59a9a2fb59a9a2f),
-    U64(0x0907070e0907070e), U64(0x3612122436121224),
-    U64(0x9b80801b9b80801b), U64(0x3de2e2df3de2e2df),
-    U64(0x26ebebcd26ebebcd), U64(0x6927274e6927274e),
-    U64(0xcdb2b27fcdb2b27f), U64(0x9f7575ea9f7575ea),
-    U64(0x1b0909121b090912), U64(0x9e83831d9e83831d),
-    U64(0x742c2c58742c2c58), U64(0x2e1a1a342e1a1a34),
-    U64(0x2d1b1b362d1b1b36), U64(0xb26e6edcb26e6edc),
-    U64(0xee5a5ab4ee5a5ab4), U64(0xfba0a05bfba0a05b),
-    U64(0xf65252a4f65252a4), U64(0x4d3b3b764d3b3b76),
-    U64(0x61d6d6b761d6d6b7), U64(0xceb3b37dceb3b37d),
-    U64(0x7b2929527b292952), U64(0x3ee3e3dd3ee3e3dd),
-    U64(0x712f2f5e712f2f5e), U64(0x9784841397848413),
-    U64(0xf55353a6f55353a6), U64(0x68d1d1b968d1d1b9),
-    U64(0x0000000000000000), U64(0x2cededc12cededc1),
-    U64(0x6020204060202040), U64(0x1ffcfce31ffcfce3),
-    U64(0xc8b1b179c8b1b179), U64(0xed5b5bb6ed5b5bb6),
-    U64(0xbe6a6ad4be6a6ad4), U64(0x46cbcb8d46cbcb8d),
-    U64(0xd9bebe67d9bebe67), U64(0x4b3939724b393972),
-    U64(0xde4a4a94de4a4a94), U64(0xd44c4c98d44c4c98),
-    U64(0xe85858b0e85858b0), U64(0x4acfcf854acfcf85),
-    U64(0x6bd0d0bb6bd0d0bb), U64(0x2aefefc52aefefc5),
-    U64(0xe5aaaa4fe5aaaa4f), U64(0x16fbfbed16fbfbed),
-    U64(0xc5434386c5434386), U64(0xd74d4d9ad74d4d9a),
-    U64(0x5533336655333366), U64(0x9485851194858511),
-    U64(0xcf45458acf45458a), U64(0x10f9f9e910f9f9e9),
-    U64(0x0602020406020204), U64(0x817f7ffe817f7ffe),
-    U64(0xf05050a0f05050a0), U64(0x443c3c78443c3c78),
-    U64(0xba9f9f25ba9f9f25), U64(0xe3a8a84be3a8a84b),
-    U64(0xf35151a2f35151a2), U64(0xfea3a35dfea3a35d),
-    U64(0xc0404080c0404080), U64(0x8a8f8f058a8f8f05),
-    U64(0xad92923fad92923f), U64(0xbc9d9d21bc9d9d21),
-    U64(0x4838387048383870), U64(0x04f5f5f104f5f5f1),
-    U64(0xdfbcbc63dfbcbc63), U64(0xc1b6b677c1b6b677),
-    U64(0x75dadaaf75dadaaf), U64(0x6321214263212142),
-    U64(0x3010102030101020), U64(0x1affffe51affffe5),
-    U64(0x0ef3f3fd0ef3f3fd), U64(0x6dd2d2bf6dd2d2bf),
-    U64(0x4ccdcd814ccdcd81), U64(0x140c0c18140c0c18),
-    U64(0x3513132635131326), U64(0x2fececc32fececc3),
-    U64(0xe15f5fbee15f5fbe), U64(0xa2979735a2979735),
-    U64(0xcc444488cc444488), U64(0x3917172e3917172e),
-    U64(0x57c4c49357c4c493), U64(0xf2a7a755f2a7a755),
-    U64(0x827e7efc827e7efc), U64(0x473d3d7a473d3d7a),
-    U64(0xac6464c8ac6464c8), U64(0xe75d5dbae75d5dba),
-    U64(0x2b1919322b191932), U64(0x957373e6957373e6),
-    U64(0xa06060c0a06060c0), U64(0x9881811998818119),
-    U64(0xd14f4f9ed14f4f9e), U64(0x7fdcdca37fdcdca3),
-    U64(0x6622224466222244), U64(0x7e2a2a547e2a2a54),
-    U64(0xab90903bab90903b), U64(0x8388880b8388880b),
-    U64(0xca46468cca46468c), U64(0x29eeeec729eeeec7),
-    U64(0xd3b8b86bd3b8b86b), U64(0x3c1414283c141428),
-    U64(0x79dedea779dedea7), U64(0xe25e5ebce25e5ebc),
-    U64(0x1d0b0b161d0b0b16), U64(0x76dbdbad76dbdbad),
-    U64(0x3be0e0db3be0e0db), U64(0x5632326456323264),
-    U64(0x4e3a3a744e3a3a74), U64(0x1e0a0a141e0a0a14),
-    U64(0xdb494992db494992), U64(0x0a06060c0a06060c),
-    U64(0x6c2424486c242448), U64(0xe45c5cb8e45c5cb8),
-    U64(0x5dc2c29f5dc2c29f), U64(0x6ed3d3bd6ed3d3bd),
-    U64(0xefacac43efacac43), U64(0xa66262c4a66262c4),
-    U64(0xa8919139a8919139), U64(0xa4959531a4959531),
-    U64(0x37e4e4d337e4e4d3), U64(0x8b7979f28b7979f2),
-    U64(0x32e7e7d532e7e7d5), U64(0x43c8c88b43c8c88b),
-    U64(0x5937376e5937376e), U64(0xb76d6ddab76d6dda),
-    U64(0x8c8d8d018c8d8d01), U64(0x64d5d5b164d5d5b1),
-    U64(0xd24e4e9cd24e4e9c), U64(0xe0a9a949e0a9a949),
-    U64(0xb46c6cd8b46c6cd8), U64(0xfa5656acfa5656ac),
-    U64(0x07f4f4f307f4f4f3), U64(0x25eaeacf25eaeacf),
-    U64(0xaf6565caaf6565ca), U64(0x8e7a7af48e7a7af4),
-    U64(0xe9aeae47e9aeae47), U64(0x1808081018080810),
-    U64(0xd5baba6fd5baba6f), U64(0x887878f0887878f0),
-    U64(0x6f25254a6f25254a), U64(0x722e2e5c722e2e5c),
-    U64(0x241c1c38241c1c38), U64(0xf1a6a657f1a6a657),
-    U64(0xc7b4b473c7b4b473), U64(0x51c6c69751c6c697),
-    U64(0x23e8e8cb23e8e8cb), U64(0x7cdddda17cdddda1),
-    U64(0x9c7474e89c7474e8), U64(0x211f1f3e211f1f3e),
-    U64(0xdd4b4b96dd4b4b96), U64(0xdcbdbd61dcbdbd61),
-    U64(0x868b8b0d868b8b0d), U64(0x858a8a0f858a8a0f),
-    U64(0x907070e0907070e0), U64(0x423e3e7c423e3e7c),
-    U64(0xc4b5b571c4b5b571), U64(0xaa6666ccaa6666cc),
-    U64(0xd8484890d8484890), U64(0x0503030605030306),
-    U64(0x01f6f6f701f6f6f7), U64(0x120e0e1c120e0e1c),
-    U64(0xa36161c2a36161c2), U64(0x5f35356a5f35356a),
-    U64(0xf95757aef95757ae), U64(0xd0b9b969d0b9b969),
-    U64(0x9186861791868617), U64(0x58c1c19958c1c199),
-    U64(0x271d1d3a271d1d3a), U64(0xb99e9e27b99e9e27),
-    U64(0x38e1e1d938e1e1d9), U64(0x13f8f8eb13f8f8eb),
-    U64(0xb398982bb398982b), U64(0x3311112233111122),
-    U64(0xbb6969d2bb6969d2), U64(0x70d9d9a970d9d9a9),
-    U64(0x898e8e07898e8e07), U64(0xa7949433a7949433),
-    U64(0xb69b9b2db69b9b2d), U64(0x221e1e3c221e1e3c),
-    U64(0x9287871592878715), U64(0x20e9e9c920e9e9c9),
-    U64(0x49cece8749cece87), U64(0xff5555aaff5555aa),
-    U64(0x7828285078282850), U64(0x7adfdfa57adfdfa5),
-    U64(0x8f8c8c038f8c8c03), U64(0xf8a1a159f8a1a159),
-    U64(0x8089890980898909), U64(0x170d0d1a170d0d1a),
-    U64(0xdabfbf65dabfbf65), U64(0x31e6e6d731e6e6d7),
-    U64(0xc6424284c6424284), U64(0xb86868d0b86868d0),
-    U64(0xc3414182c3414182), U64(0xb0999929b0999929),
-    U64(0x772d2d5a772d2d5a), U64(0x110f0f1e110f0f1e),
-    U64(0xcbb0b07bcbb0b07b), U64(0xfc5454a8fc5454a8),
-    U64(0xd6bbbb6dd6bbbb6d), U64(0x3a16162c3a16162c)
-};
-
-static const u8 Te4[256] = {
-    0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U,
-    0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U,
-    0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U,
-    0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U,
-    0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU,
-    0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U,
-    0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU,
-    0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U,
-    0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U,
-    0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U,
-    0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU,
-    0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU,
-    0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U,
-    0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U,
-    0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U,
-    0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U,
-    0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U,
-    0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U,
-    0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U,
-    0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU,
-    0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU,
-    0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U,
-    0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U,
-    0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U,
-    0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U,
-    0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU,
-    0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU,
-    0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU,
-    0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U,
-    0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU,
-    0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U,
-    0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U
-};
-
-static const u64 Td[256] = {
-    U64(0x50a7f45150a7f451), U64(0x5365417e5365417e),
-    U64(0xc3a4171ac3a4171a), U64(0x965e273a965e273a),
-    U64(0xcb6bab3bcb6bab3b), U64(0xf1459d1ff1459d1f),
-    U64(0xab58faacab58faac), U64(0x9303e34b9303e34b),
-    U64(0x55fa302055fa3020), U64(0xf66d76adf66d76ad),
-    U64(0x9176cc889176cc88), U64(0x254c02f5254c02f5),
-    U64(0xfcd7e54ffcd7e54f), U64(0xd7cb2ac5d7cb2ac5),
-    U64(0x8044352680443526), U64(0x8fa362b58fa362b5),
-    U64(0x495ab1de495ab1de), U64(0x671bba25671bba25),
-    U64(0x980eea45980eea45), U64(0xe1c0fe5de1c0fe5d),
-    U64(0x02752fc302752fc3), U64(0x12f04c8112f04c81),
-    U64(0xa397468da397468d), U64(0xc6f9d36bc6f9d36b),
-    U64(0xe75f8f03e75f8f03), U64(0x959c9215959c9215),
-    U64(0xeb7a6dbfeb7a6dbf), U64(0xda595295da595295),
-    U64(0x2d83bed42d83bed4), U64(0xd3217458d3217458),
-    U64(0x2969e0492969e049), U64(0x44c8c98e44c8c98e),
-    U64(0x6a89c2756a89c275), U64(0x78798ef478798ef4),
-    U64(0x6b3e58996b3e5899), U64(0xdd71b927dd71b927),
-    U64(0xb64fe1beb64fe1be), U64(0x17ad88f017ad88f0),
-    U64(0x66ac20c966ac20c9), U64(0xb43ace7db43ace7d),
-    U64(0x184adf63184adf63), U64(0x82311ae582311ae5),
-    U64(0x6033519760335197), U64(0x457f5362457f5362),
-    U64(0xe07764b1e07764b1), U64(0x84ae6bbb84ae6bbb),
-    U64(0x1ca081fe1ca081fe), U64(0x942b08f9942b08f9),
-    U64(0x5868487058684870), U64(0x19fd458f19fd458f),
-    U64(0x876cde94876cde94), U64(0xb7f87b52b7f87b52),
-    U64(0x23d373ab23d373ab), U64(0xe2024b72e2024b72),
-    U64(0x578f1fe3578f1fe3), U64(0x2aab55662aab5566),
-    U64(0x0728ebb20728ebb2), U64(0x03c2b52f03c2b52f),
-    U64(0x9a7bc5869a7bc586), U64(0xa50837d3a50837d3),
-    U64(0xf2872830f2872830), U64(0xb2a5bf23b2a5bf23),
-    U64(0xba6a0302ba6a0302), U64(0x5c8216ed5c8216ed),
-    U64(0x2b1ccf8a2b1ccf8a), U64(0x92b479a792b479a7),
-    U64(0xf0f207f3f0f207f3), U64(0xa1e2694ea1e2694e),
-    U64(0xcdf4da65cdf4da65), U64(0xd5be0506d5be0506),
-    U64(0x1f6234d11f6234d1), U64(0x8afea6c48afea6c4),
-    U64(0x9d532e349d532e34), U64(0xa055f3a2a055f3a2),
-    U64(0x32e18a0532e18a05), U64(0x75ebf6a475ebf6a4),
-    U64(0x39ec830b39ec830b), U64(0xaaef6040aaef6040),
-    U64(0x069f715e069f715e), U64(0x51106ebd51106ebd),
-    U64(0xf98a213ef98a213e), U64(0x3d06dd963d06dd96),
-    U64(0xae053eddae053edd), U64(0x46bde64d46bde64d),
-    U64(0xb58d5491b58d5491), U64(0x055dc471055dc471),
-    U64(0x6fd406046fd40604), U64(0xff155060ff155060),
-    U64(0x24fb981924fb9819), U64(0x97e9bdd697e9bdd6),
-    U64(0xcc434089cc434089), U64(0x779ed967779ed967),
-    U64(0xbd42e8b0bd42e8b0), U64(0x888b8907888b8907),
-    U64(0x385b19e7385b19e7), U64(0xdbeec879dbeec879),
-    U64(0x470a7ca1470a7ca1), U64(0xe90f427ce90f427c),
-    U64(0xc91e84f8c91e84f8), U64(0x0000000000000000),
-    U64(0x8386800983868009), U64(0x48ed2b3248ed2b32),
-    U64(0xac70111eac70111e), U64(0x4e725a6c4e725a6c),
-    U64(0xfbff0efdfbff0efd), U64(0x5638850f5638850f),
-    U64(0x1ed5ae3d1ed5ae3d), U64(0x27392d3627392d36),
-    U64(0x64d90f0a64d90f0a), U64(0x21a65c6821a65c68),
-    U64(0xd1545b9bd1545b9b), U64(0x3a2e36243a2e3624),
-    U64(0xb1670a0cb1670a0c), U64(0x0fe757930fe75793),
-    U64(0xd296eeb4d296eeb4), U64(0x9e919b1b9e919b1b),
-    U64(0x4fc5c0804fc5c080), U64(0xa220dc61a220dc61),
-    U64(0x694b775a694b775a), U64(0x161a121c161a121c),
-    U64(0x0aba93e20aba93e2), U64(0xe52aa0c0e52aa0c0),
-    U64(0x43e0223c43e0223c), U64(0x1d171b121d171b12),
-    U64(0x0b0d090e0b0d090e), U64(0xadc78bf2adc78bf2),
-    U64(0xb9a8b62db9a8b62d), U64(0xc8a91e14c8a91e14),
-    U64(0x8519f1578519f157), U64(0x4c0775af4c0775af),
-    U64(0xbbdd99eebbdd99ee), U64(0xfd607fa3fd607fa3),
-    U64(0x9f2601f79f2601f7), U64(0xbcf5725cbcf5725c),
-    U64(0xc53b6644c53b6644), U64(0x347efb5b347efb5b),
-    U64(0x7629438b7629438b), U64(0xdcc623cbdcc623cb),
-    U64(0x68fcedb668fcedb6), U64(0x63f1e4b863f1e4b8),
-    U64(0xcadc31d7cadc31d7), U64(0x1085634210856342),
-    U64(0x4022971340229713), U64(0x2011c6842011c684),
-    U64(0x7d244a857d244a85), U64(0xf83dbbd2f83dbbd2),
-    U64(0x1132f9ae1132f9ae), U64(0x6da129c76da129c7),
-    U64(0x4b2f9e1d4b2f9e1d), U64(0xf330b2dcf330b2dc),
-    U64(0xec52860dec52860d), U64(0xd0e3c177d0e3c177),
-    U64(0x6c16b32b6c16b32b), U64(0x99b970a999b970a9),
-    U64(0xfa489411fa489411), U64(0x2264e9472264e947),
-    U64(0xc48cfca8c48cfca8), U64(0x1a3ff0a01a3ff0a0),
-    U64(0xd82c7d56d82c7d56), U64(0xef903322ef903322),
-    U64(0xc74e4987c74e4987), U64(0xc1d138d9c1d138d9),
-    U64(0xfea2ca8cfea2ca8c), U64(0x360bd498360bd498),
-    U64(0xcf81f5a6cf81f5a6), U64(0x28de7aa528de7aa5),
-    U64(0x268eb7da268eb7da), U64(0xa4bfad3fa4bfad3f),
-    U64(0xe49d3a2ce49d3a2c), U64(0x0d9278500d927850),
-    U64(0x9bcc5f6a9bcc5f6a), U64(0x62467e5462467e54),
-    U64(0xc2138df6c2138df6), U64(0xe8b8d890e8b8d890),
-    U64(0x5ef7392e5ef7392e), U64(0xf5afc382f5afc382),
-    U64(0xbe805d9fbe805d9f), U64(0x7c93d0697c93d069),
-    U64(0xa92dd56fa92dd56f), U64(0xb31225cfb31225cf),
-    U64(0x3b99acc83b99acc8), U64(0xa77d1810a77d1810),
-    U64(0x6e639ce86e639ce8), U64(0x7bbb3bdb7bbb3bdb),
-    U64(0x097826cd097826cd), U64(0xf418596ef418596e),
-    U64(0x01b79aec01b79aec), U64(0xa89a4f83a89a4f83),
-    U64(0x656e95e6656e95e6), U64(0x7ee6ffaa7ee6ffaa),
-    U64(0x08cfbc2108cfbc21), U64(0xe6e815efe6e815ef),
-    U64(0xd99be7bad99be7ba), U64(0xce366f4ace366f4a),
-    U64(0xd4099fead4099fea), U64(0xd67cb029d67cb029),
-    U64(0xafb2a431afb2a431), U64(0x31233f2a31233f2a),
-    U64(0x3094a5c63094a5c6), U64(0xc066a235c066a235),
-    U64(0x37bc4e7437bc4e74), U64(0xa6ca82fca6ca82fc),
-    U64(0xb0d090e0b0d090e0), U64(0x15d8a73315d8a733),
-    U64(0x4a9804f14a9804f1), U64(0xf7daec41f7daec41),
-    U64(0x0e50cd7f0e50cd7f), U64(0x2ff691172ff69117),
-    U64(0x8dd64d768dd64d76), U64(0x4db0ef434db0ef43),
-    U64(0x544daacc544daacc), U64(0xdf0496e4df0496e4),
-    U64(0xe3b5d19ee3b5d19e), U64(0x1b886a4c1b886a4c),
-    U64(0xb81f2cc1b81f2cc1), U64(0x7f5165467f516546),
-    U64(0x04ea5e9d04ea5e9d), U64(0x5d358c015d358c01),
-    U64(0x737487fa737487fa), U64(0x2e410bfb2e410bfb),
-    U64(0x5a1d67b35a1d67b3), U64(0x52d2db9252d2db92),
-    U64(0x335610e9335610e9), U64(0x1347d66d1347d66d),
-    U64(0x8c61d79a8c61d79a), U64(0x7a0ca1377a0ca137),
-    U64(0x8e14f8598e14f859), U64(0x893c13eb893c13eb),
-    U64(0xee27a9ceee27a9ce), U64(0x35c961b735c961b7),
-    U64(0xede51ce1ede51ce1), U64(0x3cb1477a3cb1477a),
-    U64(0x59dfd29c59dfd29c), U64(0x3f73f2553f73f255),
-    U64(0x79ce141879ce1418), U64(0xbf37c773bf37c773),
-    U64(0xeacdf753eacdf753), U64(0x5baafd5f5baafd5f),
-    U64(0x146f3ddf146f3ddf), U64(0x86db447886db4478),
-    U64(0x81f3afca81f3afca), U64(0x3ec468b93ec468b9),
-    U64(0x2c3424382c342438), U64(0x5f40a3c25f40a3c2),
-    U64(0x72c31d1672c31d16), U64(0x0c25e2bc0c25e2bc),
-    U64(0x8b493c288b493c28), U64(0x41950dff41950dff),
-    U64(0x7101a8397101a839), U64(0xdeb30c08deb30c08),
-    U64(0x9ce4b4d89ce4b4d8), U64(0x90c1566490c15664),
-    U64(0x6184cb7b6184cb7b), U64(0x70b632d570b632d5),
-    U64(0x745c6c48745c6c48), U64(0x4257b8d04257b8d0)
-};
-static const u8 Td4[256] = {
-    0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
-    0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
-    0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
-    0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
-    0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
-    0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
-    0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
-    0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
-    0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
-    0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
-    0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
-    0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
-    0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
-    0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
-    0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
-    0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
-    0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
-    0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
-    0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
-    0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
-    0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
-    0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
-    0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
-    0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
-    0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
-    0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
-    0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
-    0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
-    0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
-    0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
-    0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
-    0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU
-};
-
-static const u32 rcon[] = {
-    0x00000001U, 0x00000002U, 0x00000004U, 0x00000008U,
-    0x00000010U, 0x00000020U, 0x00000040U, 0x00000080U,
-    0x0000001bU, 0x00000036U, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
-};
-
-/**
- * Expand the cipher key into the encryption key schedule.
- */
-int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
-                        AES_KEY *key)
-{
-
-    u32 *rk;
-    int i = 0;
-    u32 temp;
-
-    if (!userKey || !key)
-        return -1;
-    if (bits != 128 && bits != 192 && bits != 256)
-        return -2;
-
-    rk = key->rd_key;
-
-    if (bits==128)
-        key->rounds = 10;
-    else if (bits==192)
-        key->rounds = 12;
-    else
-        key->rounds = 14;
-
-    rk[0] = GETU32(userKey     );
-    rk[1] = GETU32(userKey +  4);
-    rk[2] = GETU32(userKey +  8);
-    rk[3] = GETU32(userKey + 12);
-    if (bits == 128) {
-        while (1) {
-            temp  = rk[3];
-            rk[4] = rk[0] ^
-                ((u32)Te4[(temp >>  8) & 0xff]      ) ^
-                ((u32)Te4[(temp >> 16) & 0xff] <<  8) ^
-                ((u32)Te4[(temp >> 24)       ] << 16) ^
-                ((u32)Te4[(temp      ) & 0xff] << 24) ^
-                rcon[i];
-            rk[5] = rk[1] ^ rk[4];
-            rk[6] = rk[2] ^ rk[5];
-            rk[7] = rk[3] ^ rk[6];
-            if (++i == 10) {
-                return 0;
-            }
-            rk += 4;
-        }
-    }
-    rk[4] = GETU32(userKey + 16);
-    rk[5] = GETU32(userKey + 20);
-    if (bits == 192) {
-        while (1) {
-            temp = rk[ 5];
-            rk[ 6] = rk[ 0] ^
-                ((u32)Te4[(temp >>  8) & 0xff]      ) ^
-                ((u32)Te4[(temp >> 16) & 0xff] <<  8) ^
-                ((u32)Te4[(temp >> 24)       ] << 16) ^
-                ((u32)Te4[(temp      ) & 0xff] << 24) ^
-                rcon[i];
-            rk[ 7] = rk[ 1] ^ rk[ 6];
-            rk[ 8] = rk[ 2] ^ rk[ 7];
-            rk[ 9] = rk[ 3] ^ rk[ 8];
-            if (++i == 8) {
-                return 0;
-            }
-            rk[10] = rk[ 4] ^ rk[ 9];
-            rk[11] = rk[ 5] ^ rk[10];
-            rk += 6;
-        }
-    }
-    rk[6] = GETU32(userKey + 24);
-    rk[7] = GETU32(userKey + 28);
-    if (bits == 256) {
-        while (1) {
-            temp = rk[ 7];
-            rk[ 8] = rk[ 0] ^
-                ((u32)Te4[(temp >>  8) & 0xff]      ) ^
-                ((u32)Te4[(temp >> 16) & 0xff] <<  8) ^
-                ((u32)Te4[(temp >> 24)       ] << 16) ^
-                ((u32)Te4[(temp      ) & 0xff] << 24) ^
-                rcon[i];
-            rk[ 9] = rk[ 1] ^ rk[ 8];
-            rk[10] = rk[ 2] ^ rk[ 9];
-            rk[11] = rk[ 3] ^ rk[10];
-            if (++i == 7) {
-                return 0;
-            }
-            temp = rk[11];
-            rk[12] = rk[ 4] ^
-                ((u32)Te4[(temp      ) & 0xff]      ) ^
-                ((u32)Te4[(temp >>  8) & 0xff] <<  8) ^
-                ((u32)Te4[(temp >> 16) & 0xff] << 16) ^
-                ((u32)Te4[(temp >> 24)       ] << 24);
-            rk[13] = rk[ 5] ^ rk[12];
-            rk[14] = rk[ 6] ^ rk[13];
-            rk[15] = rk[ 7] ^ rk[14];
-
-            rk += 8;
-            }
-    }
-    return 0;
-}
-
-/**
- * Expand the cipher key into the decryption key schedule.
- */
-int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
-                        AES_KEY *key)
-{
-
-    u32 *rk;
-    int i, j, status;
-    u32 temp;
-
-    /* first, start with an encryption schedule */
-    status = AES_set_encrypt_key(userKey, bits, key);
-    if (status < 0)
-        return status;
-
-    rk = key->rd_key;
-
-    /* invert the order of the round keys: */
-    for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
-        temp = rk[i    ]; rk[i    ] = rk[j    ]; rk[j    ] = temp;
-        temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
-        temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
-        temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
-    }
-    /* apply the inverse MixColumn transform to all round keys but the first and the last: */
-    for (i = 1; i < (key->rounds); i++) {
-        rk += 4;
-#if 1
-        for (j = 0; j < 4; j++) {
-            u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
-
-            tp1 = rk[j];
-            m = tp1 & 0x80808080;
-            tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
-                ((m - (m >> 7)) & 0x1b1b1b1b);
-            m = tp2 & 0x80808080;
-            tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
-                ((m - (m >> 7)) & 0x1b1b1b1b);
-            m = tp4 & 0x80808080;
-            tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
-                ((m - (m >> 7)) & 0x1b1b1b1b);
-            tp9 = tp8 ^ tp1;
-            tpb = tp9 ^ tp2;
-            tpd = tp9 ^ tp4;
-            tpe = tp8 ^ tp4 ^ tp2;
-#if defined(ROTATE)
-            rk[j] = tpe ^ ROTATE(tpd,16) ^
-                ROTATE(tp9,8) ^ ROTATE(tpb,24);
-#else
-            rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ 
-                (tp9 >> 24) ^ (tp9 << 8) ^
-                (tpb >> 8) ^ (tpb << 24);
-#endif
-        }
-#else
-        rk[0] =
-            Td0[Te2[(rk[0]      ) & 0xff] & 0xff] ^
-            Td1[Te2[(rk[0] >>  8) & 0xff] & 0xff] ^
-            Td2[Te2[(rk[0] >> 16) & 0xff] & 0xff] ^
-            Td3[Te2[(rk[0] >> 24)       ] & 0xff];
-        rk[1] =
-            Td0[Te2[(rk[1]      ) & 0xff] & 0xff] ^
-            Td1[Te2[(rk[1] >>  8) & 0xff] & 0xff] ^
-            Td2[Te2[(rk[1] >> 16) & 0xff] & 0xff] ^
-            Td3[Te2[(rk[1] >> 24)       ] & 0xff];
-        rk[2] =
-            Td0[Te2[(rk[2]      ) & 0xff] & 0xff] ^
-            Td1[Te2[(rk[2] >>  8) & 0xff] & 0xff] ^
-            Td2[Te2[(rk[2] >> 16) & 0xff] & 0xff] ^
-            Td3[Te2[(rk[2] >> 24)       ] & 0xff];
-        rk[3] =
-            Td0[Te2[(rk[3]      ) & 0xff] & 0xff] ^
-            Td1[Te2[(rk[3] >>  8) & 0xff] & 0xff] ^
-            Td2[Te2[(rk[3] >> 16) & 0xff] & 0xff] ^
-            Td3[Te2[(rk[3] >> 24)       ] & 0xff];
-#endif
-    }
-    return 0;
-}
-
-/*
- * Encrypt a single block
- * in and out can overlap
- */
-void AES_encrypt(const unsigned char *in, unsigned char *out,
-                 const AES_KEY *key)
-{
-
-    const u32 *rk;
-    u32 s0, s1, s2, s3, t[4];
-    int r;
-
-    assert(in && out && key);
-    rk = key->rd_key;
-
-    /*
-     * map byte array block to cipher state
-     * and add initial round key:
-     */
-    s0 = GETU32(in     ) ^ rk[0];
-    s1 = GETU32(in +  4) ^ rk[1];
-    s2 = GETU32(in +  8) ^ rk[2];
-    s3 = GETU32(in + 12) ^ rk[3];
-
-#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
-    prefetch256(Te4);
-
-    t[0] = (u32)Te4[(s0      ) & 0xff]       ^
-           (u32)Te4[(s1 >>  8) & 0xff] <<  8 ^
-           (u32)Te4[(s2 >> 16) & 0xff] << 16 ^
-           (u32)Te4[(s3 >> 24)       ] << 24;
-    t[1] = (u32)Te4[(s1      ) & 0xff]       ^
-           (u32)Te4[(s2 >>  8) & 0xff] <<  8 ^
-           (u32)Te4[(s3 >> 16) & 0xff] << 16 ^
-           (u32)Te4[(s0 >> 24)       ] << 24;
-    t[2] = (u32)Te4[(s2      ) & 0xff]       ^
-           (u32)Te4[(s3 >>  8) & 0xff] <<  8 ^
-           (u32)Te4[(s0 >> 16) & 0xff] << 16 ^
-           (u32)Te4[(s1 >> 24)       ] << 24;
-    t[3] = (u32)Te4[(s3      ) & 0xff]       ^
-           (u32)Te4[(s0 >>  8) & 0xff] <<  8 ^
-           (u32)Te4[(s1 >> 16) & 0xff] << 16 ^
-           (u32)Te4[(s2 >> 24)       ] << 24;
-
-    /* now do the linear transform using words */
-    {   int i;
-        u32 r0, r1, r2;
-
-        for (i = 0; i < 4; i++) {
-            r0 = t[i];
-            r1 = r0 & 0x80808080;
-            r2 = ((r0 & 0x7f7f7f7f) << 1) ^
-                ((r1 - (r1 >> 7)) & 0x1b1b1b1b);
-#if defined(ROTATE)
-            t[i] = r2 ^ ROTATE(r2,24) ^ ROTATE(r0,24) ^
-                ROTATE(r0,16) ^ ROTATE(r0,8);
-#else
-            t[i] = r2 ^ ((r2 ^ r0) << 24) ^ ((r2 ^ r0) >> 8) ^
-                (r0 << 16) ^ (r0 >> 16) ^
-                (r0 << 8) ^ (r0 >> 24);
-#endif
-            t[i] ^= rk[4+i];
-        }
-    }
-#else
-    t[0] =  Te0[(s0      ) & 0xff] ^
-        Te1[(s1 >>  8) & 0xff] ^
-        Te2[(s2 >> 16) & 0xff] ^
-        Te3[(s3 >> 24)       ] ^
-        rk[4];
-    t[1] =  Te0[(s1      ) & 0xff] ^
-        Te1[(s2 >>  8) & 0xff] ^
-        Te2[(s3 >> 16) & 0xff] ^
-        Te3[(s0 >> 24)       ] ^
-        rk[5];
-    t[2] =  Te0[(s2      ) & 0xff] ^
-        Te1[(s3 >>  8) & 0xff] ^
-        Te2[(s0 >> 16) & 0xff] ^
-        Te3[(s1 >> 24)       ] ^
-        rk[6];
-    t[3] =  Te0[(s3      ) & 0xff] ^
-        Te1[(s0 >>  8) & 0xff] ^
-        Te2[(s1 >> 16) & 0xff] ^
-        Te3[(s2 >> 24)       ] ^
-        rk[7];
-#endif
-    s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
-
-    /*
-     * Nr - 2 full rounds:
-     */
-    for (rk+=8,r=key->rounds-2; r>0; rk+=4,r--) {
-#if defined(AES_COMPACT_IN_INNER_ROUNDS)
-        t[0] = (u32)Te4[(s0      ) & 0xff]       ^
-               (u32)Te4[(s1 >>  8) & 0xff] <<  8 ^
-               (u32)Te4[(s2 >> 16) & 0xff] << 16 ^
-               (u32)Te4[(s3 >> 24)       ] << 24;
-        t[1] = (u32)Te4[(s1      ) & 0xff]       ^
-               (u32)Te4[(s2 >>  8) & 0xff] <<  8 ^
-               (u32)Te4[(s3 >> 16) & 0xff] << 16 ^
-               (u32)Te4[(s0 >> 24)       ] << 24;
-        t[2] = (u32)Te4[(s2      ) & 0xff]       ^
-               (u32)Te4[(s3 >>  8) & 0xff] <<  8 ^
-               (u32)Te4[(s0 >> 16) & 0xff] << 16 ^
-               (u32)Te4[(s1 >> 24)       ] << 24;
-        t[3] = (u32)Te4[(s3      ) & 0xff]       ^
-               (u32)Te4[(s0 >>  8) & 0xff] <<  8 ^
-               (u32)Te4[(s1 >> 16) & 0xff] << 16 ^
-               (u32)Te4[(s2 >> 24)       ] << 24;
-
-        /* now do the linear transform using words */
-        {
-            int i;
-            u32 r0, r1, r2;
-
-            for (i = 0; i < 4; i++) {
-                r0 = t[i];
-                r1 = r0 & 0x80808080;
-                r2 = ((r0 & 0x7f7f7f7f) << 1) ^
-                    ((r1 - (r1 >> 7)) & 0x1b1b1b1b);
-#if defined(ROTATE)
-                t[i] = r2 ^ ROTATE(r2,24) ^ ROTATE(r0,24) ^
-                    ROTATE(r0,16) ^ ROTATE(r0,8);
-#else
-                t[i] = r2 ^ ((r2 ^ r0) << 24) ^ ((r2 ^ r0) >> 8) ^
-                    (r0 << 16) ^ (r0 >> 16) ^
-                    (r0 << 8) ^ (r0 >> 24);
-#endif
-                t[i] ^= rk[i];
-            }
-        }
-#else
-        t[0] =  Te0[(s0      ) & 0xff] ^
-            Te1[(s1 >>  8) & 0xff] ^
-            Te2[(s2 >> 16) & 0xff] ^
-            Te3[(s3 >> 24)       ] ^
-            rk[0];
-        t[1] =  Te0[(s1      ) & 0xff] ^
-            Te1[(s2 >>  8) & 0xff] ^
-            Te2[(s3 >> 16) & 0xff] ^
-            Te3[(s0 >> 24)       ] ^
-            rk[1];
-        t[2] =  Te0[(s2      ) & 0xff] ^
-            Te1[(s3 >>  8) & 0xff] ^
-            Te2[(s0 >> 16) & 0xff] ^
-            Te3[(s1 >> 24)       ] ^
-            rk[2];
-        t[3] =  Te0[(s3      ) & 0xff] ^
-            Te1[(s0 >>  8) & 0xff] ^
-            Te2[(s1 >> 16) & 0xff] ^
-            Te3[(s2 >> 24)       ] ^
-            rk[3];
-#endif
-        s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
-    }
-    /*
-     * apply last round and
-     * map cipher state to byte array block:
-     */
-#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
-    prefetch256(Te4);
-
-    *(u32*)(out+0) =
-           (u32)Te4[(s0      ) & 0xff]       ^
-           (u32)Te4[(s1 >>  8) & 0xff] <<  8 ^
-           (u32)Te4[(s2 >> 16) & 0xff] << 16 ^
-           (u32)Te4[(s3 >> 24)       ] << 24 ^
-        rk[0];
-    *(u32*)(out+4) =
-           (u32)Te4[(s1      ) & 0xff]       ^
-           (u32)Te4[(s2 >>  8) & 0xff] <<  8 ^
-           (u32)Te4[(s3 >> 16) & 0xff] << 16 ^
-           (u32)Te4[(s0 >> 24)       ] << 24 ^
-        rk[1];
-    *(u32*)(out+8) =
-           (u32)Te4[(s2      ) & 0xff]       ^
-           (u32)Te4[(s3 >>  8) & 0xff] <<  8 ^
-           (u32)Te4[(s0 >> 16) & 0xff] << 16 ^
-           (u32)Te4[(s1 >> 24)       ] << 24 ^
-        rk[2];
-    *(u32*)(out+12) =
-           (u32)Te4[(s3      ) & 0xff]       ^
-           (u32)Te4[(s0 >>  8) & 0xff] <<  8 ^
-           (u32)Te4[(s1 >> 16) & 0xff] << 16 ^
-           (u32)Te4[(s2 >> 24)       ] << 24 ^
-        rk[3];
-#else
-    *(u32*)(out+0) =
-        (Te2[(s0      ) & 0xff] & 0x000000ffU) ^
-        (Te3[(s1 >>  8) & 0xff] & 0x0000ff00U) ^
-        (Te0[(s2 >> 16) & 0xff] & 0x00ff0000U) ^
-        (Te1[(s3 >> 24)       ] & 0xff000000U) ^
-        rk[0];
-    *(u32*)(out+4) =
-        (Te2[(s1      ) & 0xff] & 0x000000ffU) ^
-        (Te3[(s2 >>  8) & 0xff] & 0x0000ff00U) ^
-        (Te0[(s3 >> 16) & 0xff] & 0x00ff0000U) ^
-        (Te1[(s0 >> 24)       ] & 0xff000000U) ^
-        rk[1];
-    *(u32*)(out+8) =
-        (Te2[(s2      ) & 0xff] & 0x000000ffU) ^
-        (Te3[(s3 >>  8) & 0xff] & 0x0000ff00U) ^
-        (Te0[(s0 >> 16) & 0xff] & 0x00ff0000U) ^
-        (Te1[(s1 >> 24)       ] & 0xff000000U) ^
-        rk[2];
-    *(u32*)(out+12) =
-        (Te2[(s3      ) & 0xff] & 0x000000ffU) ^
-        (Te3[(s0 >>  8) & 0xff] & 0x0000ff00U) ^
-        (Te0[(s1 >> 16) & 0xff] & 0x00ff0000U) ^
-        (Te1[(s2 >> 24)       ] & 0xff000000U) ^
-        rk[3];
-#endif
-}
-
-/*
- * Decrypt a single block
- * in and out can overlap
- */
-void AES_decrypt(const unsigned char *in, unsigned char *out,
-                 const AES_KEY *key)
-{
-
-    const u32 *rk;
-    u32 s0, s1, s2, s3, t[4];
-    int r;
-
-    assert(in && out && key);
-    rk = key->rd_key;
-
-    /*
-     * map byte array block to cipher state
-     * and add initial round key:
-     */
-    s0 = GETU32(in     ) ^ rk[0];
-    s1 = GETU32(in +  4) ^ rk[1];
-    s2 = GETU32(in +  8) ^ rk[2];
-    s3 = GETU32(in + 12) ^ rk[3];
-
-#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
-    prefetch256(Td4);
-
-    t[0] = (u32)Td4[(s0      ) & 0xff]       ^
-           (u32)Td4[(s3 >>  8) & 0xff] <<  8 ^
-           (u32)Td4[(s2 >> 16) & 0xff] << 16 ^
-           (u32)Td4[(s1 >> 24)       ] << 24;
-    t[1] = (u32)Td4[(s1      ) & 0xff]       ^
-           (u32)Td4[(s0 >>  8) & 0xff] <<  8 ^
-           (u32)Td4[(s3 >> 16) & 0xff] << 16 ^
-           (u32)Td4[(s2 >> 24)       ] << 24;
-    t[2] = (u32)Td4[(s2      ) & 0xff]       ^
-           (u32)Td4[(s1 >>  8) & 0xff] <<  8 ^
-           (u32)Td4[(s0 >> 16) & 0xff] << 16 ^
-           (u32)Td4[(s3 >> 24)       ] << 24;
-    t[3] = (u32)Td4[(s3      ) & 0xff]       ^
-           (u32)Td4[(s2 >>  8) & 0xff] <<  8 ^
-           (u32)Td4[(s1 >> 16) & 0xff] << 16 ^
-           (u32)Td4[(s0 >> 24)       ] << 24;
-
-    /* now do the linear transform using words */ 
-    {
-        int i;
-        u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
-
-        for (i = 0; i < 4; i++) {
-            tp1 = t[i];
-            m = tp1 & 0x80808080;
-            tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
-                ((m - (m >> 7)) & 0x1b1b1b1b);
-            m = tp2 & 0x80808080;
-            tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
-                ((m - (m >> 7)) & 0x1b1b1b1b);
-            m = tp4 & 0x80808080;
-            tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
-                ((m - (m >> 7)) & 0x1b1b1b1b);
-            tp9 = tp8 ^ tp1;
-            tpb = tp9 ^ tp2;
-            tpd = tp9 ^ tp4;
-            tpe = tp8 ^ tp4 ^ tp2;
-#if defined(ROTATE)
-            t[i] = tpe ^ ROTATE(tpd,16) ^
-                ROTATE(tp9,8) ^ ROTATE(tpb,24);
-#else
-            t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ 
-                (tp9 >> 24) ^ (tp9 << 8) ^
-                (tpb >> 8) ^ (tpb << 24);
-#endif
-            t[i] ^= rk[4+i];
-        }
-    }
-#else
-    t[0] =  Td0[(s0      ) & 0xff] ^
-        Td1[(s3 >>  8) & 0xff] ^
-        Td2[(s2 >> 16) & 0xff] ^
-        Td3[(s1 >> 24)       ] ^
-        rk[4];
-    t[1] =  Td0[(s1      ) & 0xff] ^
-        Td1[(s0 >>  8) & 0xff] ^
-        Td2[(s3 >> 16) & 0xff] ^
-        Td3[(s2 >> 24)       ] ^
-        rk[5];
-    t[2] =  Td0[(s2      ) & 0xff] ^
-        Td1[(s1 >>  8) & 0xff] ^
-        Td2[(s0 >> 16) & 0xff] ^
-        Td3[(s3 >> 24)       ] ^
-        rk[6];
-    t[3] =  Td0[(s3      ) & 0xff] ^
-        Td1[(s2 >>  8) & 0xff] ^
-        Td2[(s1 >> 16) & 0xff] ^
-        Td3[(s0 >> 24)       ] ^
-        rk[7];
-#endif
-    s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
-
-    /*
-     * Nr - 2 full rounds:
-     */
-    for (rk+=8,r=key->rounds-2; r>0; rk+=4,r--) {
-#if defined(AES_COMPACT_IN_INNER_ROUNDS)
-        t[0] = (u32)Td4[(s0      ) & 0xff]       ^
-               (u32)Td4[(s3 >>  8) & 0xff] <<  8 ^
-               (u32)Td4[(s2 >> 16) & 0xff] << 16 ^
-               (u32)Td4[(s1 >> 24)       ] << 24;
-        t[1] = (u32)Td4[(s1      ) & 0xff]       ^
-               (u32)Td4[(s0 >>  8) & 0xff] <<  8 ^
-               (u32)Td4[(s3 >> 16) & 0xff] << 16 ^
-               (u32)Td4[(s2 >> 24)       ] << 24;
-        t[2] = (u32)Td4[(s2      ) & 0xff]       ^
-               (u32)Td4[(s1 >>  8) & 0xff] <<  8 ^
-               (u32)Td4[(s0 >> 16) & 0xff] << 16 ^
-               (u32)Td4[(s3 >> 24)       ] << 24;
-        t[3] = (u32)Td4[(s3      ) & 0xff]       ^
-               (u32)Td4[(s2 >>  8) & 0xff] <<  8 ^
-               (u32)Td4[(s1 >> 16) & 0xff] << 16 ^
-               (u32)Td4[(s0 >> 24)       ] << 24;
-
-    /* now do the linear transform using words */ 
-    {
-        int i;
-        u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
-
-        for (i = 0; i < 4; i++) {
-            tp1 = t[i];
-            m = tp1 & 0x80808080;
-            tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
-                ((m - (m >> 7)) & 0x1b1b1b1b);
-            m = tp2 & 0x80808080;
-            tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
-                ((m - (m >> 7)) & 0x1b1b1b1b);
-            m = tp4 & 0x80808080;
-            tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
-                ((m - (m >> 7)) & 0x1b1b1b1b);
-            tp9 = tp8 ^ tp1;
-            tpb = tp9 ^ tp2;
-            tpd = tp9 ^ tp4;
-            tpe = tp8 ^ tp4 ^ tp2;
-#if defined(ROTATE)
-            t[i] = tpe ^ ROTATE(tpd,16) ^
-                ROTATE(tp9,8) ^ ROTATE(tpb,24);
-#else
-            t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ 
-                (tp9 >> 24) ^ (tp9 << 8) ^
-                (tpb >> 8) ^ (tpb << 24);
-#endif
-            t[i] ^= rk[i];
-        }
-    }
-#else
-    t[0] =  Td0[(s0      ) & 0xff] ^
-        Td1[(s3 >>  8) & 0xff] ^
-        Td2[(s2 >> 16) & 0xff] ^
-        Td3[(s1 >> 24)       ] ^
-        rk[0];
-    t[1] =  Td0[(s1      ) & 0xff] ^
-        Td1[(s0 >>  8) & 0xff] ^
-        Td2[(s3 >> 16) & 0xff] ^
-        Td3[(s2 >> 24)       ] ^
-        rk[1];
-    t[2] =  Td0[(s2      ) & 0xff] ^
-        Td1[(s1 >>  8) & 0xff] ^
-        Td2[(s0 >> 16) & 0xff] ^
-        Td3[(s3 >> 24)       ] ^
-        rk[2];
-    t[3] =  Td0[(s3      ) & 0xff] ^
-        Td1[(s2 >>  8) & 0xff] ^
-        Td2[(s1 >> 16) & 0xff] ^
-        Td3[(s0 >> 24)       ] ^
-        rk[3];
-#endif
-    s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
-    }
-    /*
-     * apply last round and
-     * map cipher state to byte array block:
-     */
-    prefetch256(Td4);
-
-    *(u32*)(out+0) =
-        ((u32)Td4[(s0      ) & 0xff])    ^
-        ((u32)Td4[(s3 >>  8) & 0xff] <<  8) ^
-        ((u32)Td4[(s2 >> 16) & 0xff] << 16) ^
-        ((u32)Td4[(s1 >> 24)       ] << 24) ^
-        rk[0];
-    *(u32*)(out+4) =
-        ((u32)Td4[(s1      ) & 0xff])     ^
-        ((u32)Td4[(s0 >>  8) & 0xff] <<  8) ^
-        ((u32)Td4[(s3 >> 16) & 0xff] << 16) ^
-        ((u32)Td4[(s2 >> 24)       ] << 24) ^
-        rk[1];
-    *(u32*)(out+8) =
-        ((u32)Td4[(s2      ) & 0xff])     ^
-        ((u32)Td4[(s1 >>  8) & 0xff] <<  8) ^
-        ((u32)Td4[(s0 >> 16) & 0xff] << 16) ^
-        ((u32)Td4[(s3 >> 24)       ] << 24) ^
-        rk[2];
-    *(u32*)(out+12) =
-        ((u32)Td4[(s3      ) & 0xff])     ^
-        ((u32)Td4[(s2 >>  8) & 0xff] <<  8) ^
-        ((u32)Td4[(s1 >> 16) & 0xff] << 16) ^
-        ((u32)Td4[(s0 >> 24)       ] << 24) ^
-        rk[3];
-}
diff --git a/thirdparty/openssl/crypto/arm_arch.h b/thirdparty/openssl/crypto/arm_arch.h
deleted file mode 100644
index 9d6e58880d..0000000000
--- a/thirdparty/openssl/crypto/arm_arch.h
+++ /dev/null
@@ -1,78 +0,0 @@
-#ifndef __ARM_ARCH_H__
-# define __ARM_ARCH_H__
-
-# if !defined(__ARM_ARCH__)
-#  if defined(__CC_ARM)
-#   define __ARM_ARCH__ __TARGET_ARCH_ARM
-#   if defined(__BIG_ENDIAN)
-#    define __ARMEB__
-#   else
-#    define __ARMEL__
-#   endif
-#  elif defined(__GNUC__)
-#   if   defined(__aarch64__)
-#    define __ARM_ARCH__ 8
-#    if __BYTE_ORDER__==__ORDER_BIG_ENDIAN__
-#     define __ARMEB__
-#    else
-#     define __ARMEL__
-#    endif
-  /*
-   * Why doesn't gcc define __ARM_ARCH__? Instead it defines
-   * bunch of below macros. See all_architectires[] table in
-   * gcc/config/arm/arm.c. On a side note it defines
-   * __ARMEL__/__ARMEB__ for little-/big-endian.
-   */
-#   elif defined(__ARM_ARCH)
-#    define __ARM_ARCH__ __ARM_ARCH
-#   elif defined(__ARM_ARCH_8A__)
-#    define __ARM_ARCH__ 8
-#   elif defined(__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__)     || \
-        defined(__ARM_ARCH_7R__)|| defined(__ARM_ARCH_7M__)     || \
-        defined(__ARM_ARCH_7EM__)
-#    define __ARM_ARCH__ 7
-#   elif defined(__ARM_ARCH_6__) || defined(__ARM_ARCH_6J__)     || \
-        defined(__ARM_ARCH_6K__)|| defined(__ARM_ARCH_6M__)     || \
-        defined(__ARM_ARCH_6Z__)|| defined(__ARM_ARCH_6ZK__)    || \
-        defined(__ARM_ARCH_6T2__)
-#    define __ARM_ARCH__ 6
-#   elif defined(__ARM_ARCH_5__) || defined(__ARM_ARCH_5T__)     || \
-        defined(__ARM_ARCH_5E__)|| defined(__ARM_ARCH_5TE__)    || \
-        defined(__ARM_ARCH_5TEJ__)
-#    define __ARM_ARCH__ 5
-#   elif defined(__ARM_ARCH_4__) || defined(__ARM_ARCH_4T__)
-#    define __ARM_ARCH__ 4
-#   else
-#    error "unsupported ARM architecture"
-#   endif
-#  endif
-# endif
-
-# ifdef OPENSSL_FIPSCANISTER
-#  include <openssl/fipssyms.h>
-# endif
-
-# if !defined(__ARM_MAX_ARCH__)
-#  define __ARM_MAX_ARCH__ __ARM_ARCH__
-# endif
-
-# if __ARM_MAX_ARCH__<__ARM_ARCH__
-#  error "__ARM_MAX_ARCH__ can't be less than __ARM_ARCH__"
-# elif __ARM_MAX_ARCH__!=__ARM_ARCH__
-#  if __ARM_ARCH__<7 && __ARM_MAX_ARCH__>=7 && defined(__ARMEB__)
-#   error "can't build universal big-endian binary"
-#  endif
-# endif
-
-# if !__ASSEMBLER__
-extern unsigned int OPENSSL_armcap_P;
-# endif
-
-# define ARMV7_NEON      (1<<0)
-# define ARMV7_TICK      (1<<1)
-# define ARMV8_AES       (1<<2)
-# define ARMV8_SHA1      (1<<3)
-# define ARMV8_SHA256    (1<<4)
-# define ARMV8_PMULL     (1<<5)
-
-#endif
diff --git a/thirdparty/openssl/crypto/armcap.c b/thirdparty/openssl/crypto/armcap.c
deleted file mode 100644
index 356fa15287..0000000000
--- a/thirdparty/openssl/crypto/armcap.c
+++ /dev/null
@@ -1,164 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <setjmp.h>
-#include <signal.h>
-#include <crypto.h>
-
-#include "arm_arch.h"
-
-unsigned int OPENSSL_armcap_P = 0;
-
-#if __ARM_MAX_ARCH__<7
-void OPENSSL_cpuid_setup(void)
-{
-}
-
-unsigned long OPENSSL_rdtsc(void)
-{
-    return 0;
-}
-#else
-static sigset_t all_masked;
-
-static sigjmp_buf ill_jmp;
-static void ill_handler(int sig)
-{
-    siglongjmp(ill_jmp, sig);
-}
-
-/*
- * Following subroutines could have been inlined, but it's not all
- * ARM compilers support inline assembler...
- */
-void _armv7_neon_probe(void);
-void _armv8_aes_probe(void);
-void _armv8_sha1_probe(void);
-void _armv8_sha256_probe(void);
-void _armv8_pmull_probe(void);
-unsigned long _armv7_tick(void);
-
-unsigned long OPENSSL_rdtsc(void)
-{
-    if (OPENSSL_armcap_P & ARMV7_TICK)
-        return _armv7_tick();
-    else
-        return 0;
-}
-
-/*
- * Use a weak reference to getauxval() so we can use it if it is available but
- * don't break the build if it is not.
- */
-# if defined(__GNUC__) && __GNUC__>=2
-void OPENSSL_cpuid_setup(void) __attribute__ ((constructor));
-extern unsigned long getauxval(unsigned long type) __attribute__ ((weak));
-# else
-static unsigned long (*getauxval) (unsigned long) = NULL;
-# endif
-
-/*
- * ARM puts the the feature bits for Crypto Extensions in AT_HWCAP2, whereas
- * AArch64 used AT_HWCAP.
- */
-# if defined(__arm__) || defined (__arm)
-#  define HWCAP                  16
-                                  /* AT_HWCAP */
-#  define HWCAP_NEON             (1 << 12)
-
-#  define HWCAP_CE               26
-                                  /* AT_HWCAP2 */
-#  define HWCAP_CE_AES           (1 << 0)
-#  define HWCAP_CE_PMULL         (1 << 1)
-#  define HWCAP_CE_SHA1          (1 << 2)
-#  define HWCAP_CE_SHA256        (1 << 3)
-# elif defined(__aarch64__)
-#  define HWCAP                  16
-                                  /* AT_HWCAP */
-#  define HWCAP_NEON             (1 << 1)
-
-#  define HWCAP_CE               HWCAP
-#  define HWCAP_CE_AES           (1 << 3)
-#  define HWCAP_CE_PMULL         (1 << 4)
-#  define HWCAP_CE_SHA1          (1 << 5)
-#  define HWCAP_CE_SHA256        (1 << 6)
-# endif
-
-void OPENSSL_cpuid_setup(void)
-{
-    char *e;
-    struct sigaction ill_oact, ill_act;
-    sigset_t oset;
-    static int trigger = 0;
-
-    if (trigger)
-        return;
-    trigger = 1;
-
-    if ((e = getenv("OPENSSL_armcap"))) {
-        OPENSSL_armcap_P = (unsigned int)strtoul(e, NULL, 0);
-        return;
-    }
-
-    sigfillset(&all_masked);
-    sigdelset(&all_masked, SIGILL);
-    sigdelset(&all_masked, SIGTRAP);
-    sigdelset(&all_masked, SIGFPE);
-    sigdelset(&all_masked, SIGBUS);
-    sigdelset(&all_masked, SIGSEGV);
-
-    OPENSSL_armcap_P = 0;
-
-    memset(&ill_act, 0, sizeof(ill_act));
-    ill_act.sa_handler = ill_handler;
-    ill_act.sa_mask = all_masked;
-
-    sigprocmask(SIG_SETMASK, &ill_act.sa_mask, &oset);
-    sigaction(SIGILL, &ill_act, &ill_oact);
-
-    if (getauxval != NULL) {
-        if (getauxval(HWCAP) & HWCAP_NEON) {
-            unsigned long hwcap = getauxval(HWCAP_CE);
-
-            OPENSSL_armcap_P |= ARMV7_NEON;
-
-            if (hwcap & HWCAP_CE_AES)
-                OPENSSL_armcap_P |= ARMV8_AES;
-
-            if (hwcap & HWCAP_CE_PMULL)
-                OPENSSL_armcap_P |= ARMV8_PMULL;
-
-            if (hwcap & HWCAP_CE_SHA1)
-                OPENSSL_armcap_P |= ARMV8_SHA1;
-
-            if (hwcap & HWCAP_CE_SHA256)
-                OPENSSL_armcap_P |= ARMV8_SHA256;
-        }
-    } else if (sigsetjmp(ill_jmp, 1) == 0) {
-        _armv7_neon_probe();
-        OPENSSL_armcap_P |= ARMV7_NEON;
-        if (sigsetjmp(ill_jmp, 1) == 0) {
-            _armv8_pmull_probe();
-            OPENSSL_armcap_P |= ARMV8_PMULL | ARMV8_AES;
-        } else if (sigsetjmp(ill_jmp, 1) == 0) {
-            _armv8_aes_probe();
-            OPENSSL_armcap_P |= ARMV8_AES;
-        }
-        if (sigsetjmp(ill_jmp, 1) == 0) {
-            _armv8_sha1_probe();
-            OPENSSL_armcap_P |= ARMV8_SHA1;
-        }
-        if (sigsetjmp(ill_jmp, 1) == 0) {
-            _armv8_sha256_probe();
-            OPENSSL_armcap_P |= ARMV8_SHA256;
-        }
-    }
-    if (sigsetjmp(ill_jmp, 1) == 0) {
-        _armv7_tick();
-        OPENSSL_armcap_P |= ARMV7_TICK;
-    }
-
-    sigaction(SIGILL, &ill_oact, NULL);
-    sigprocmask(SIG_SETMASK, &oset, NULL);
-}
-#endif
diff --git a/thirdparty/openssl/crypto/asn1/a_bitstr.c b/thirdparty/openssl/crypto/asn1/a_bitstr.c
deleted file mode 100644
index c429342e03..0000000000
--- a/thirdparty/openssl/crypto/asn1/a_bitstr.c
+++ /dev/null
@@ -1,263 +0,0 @@
-/* crypto/asn1/a_bitstr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len)
-{
-    return M_ASN1_BIT_STRING_set(x, d, len);
-}
-
-int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
-{
-    int ret, j, bits, len;
-    unsigned char *p, *d;
-
-    if (a == NULL)
-        return (0);
-
-    len = a->length;
-
-    if (len > 0) {
-        if (a->flags & ASN1_STRING_FLAG_BITS_LEFT) {
-            bits = (int)a->flags & 0x07;
-        } else {
-            for (; len > 0; len--) {
-                if (a->data[len - 1])
-                    break;
-            }
-            j = a->data[len - 1];
-            if (j & 0x01)
-                bits = 0;
-            else if (j & 0x02)
-                bits = 1;
-            else if (j & 0x04)
-                bits = 2;
-            else if (j & 0x08)
-                bits = 3;
-            else if (j & 0x10)
-                bits = 4;
-            else if (j & 0x20)
-                bits = 5;
-            else if (j & 0x40)
-                bits = 6;
-            else if (j & 0x80)
-                bits = 7;
-            else
-                bits = 0;       /* should not happen */
-        }
-    } else
-        bits = 0;
-
-    ret = 1 + len;
-    if (pp == NULL)
-        return (ret);
-
-    p = *pp;
-
-    *(p++) = (unsigned char)bits;
-    d = a->data;
-    if (len > 0) {
-        memcpy(p, d, len);
-        p += len;
-        p[-1] &= (0xff << bits);
-    }
-    *pp = p;
-    return (ret);
-}
-
-ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
-                                     const unsigned char **pp, long len)
-{
-    ASN1_BIT_STRING *ret = NULL;
-    const unsigned char *p;
-    unsigned char *s;
-    int i;
-
-    if (len < 1) {
-        i = ASN1_R_STRING_TOO_SHORT;
-        goto err;
-    }
-
-    if ((a == NULL) || ((*a) == NULL)) {
-        if ((ret = M_ASN1_BIT_STRING_new()) == NULL)
-            return (NULL);
-    } else
-        ret = (*a);
-
-    p = *pp;
-    i = *(p++);
-    if (i > 7) {
-        i = ASN1_R_INVALID_BIT_STRING_BITS_LEFT;
-        goto err;
-    }
-    /*
-     * We do this to preserve the settings.  If we modify the settings, via
-     * the _set_bit function, we will recalculate on output
-     */
-    ret->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); /* clear */
-    ret->flags |= (ASN1_STRING_FLAG_BITS_LEFT | i); /* set */
-
-    if (len-- > 1) {            /* using one because of the bits left byte */
-        s = (unsigned char *)OPENSSL_malloc((int)len);
-        if (s == NULL) {
-            i = ERR_R_MALLOC_FAILURE;
-            goto err;
-        }
-        memcpy(s, p, (int)len);
-        s[len - 1] &= (0xff << i);
-        p += len;
-    } else
-        s = NULL;
-
-    ret->length = (int)len;
-    if (ret->data != NULL)
-        OPENSSL_free(ret->data);
-    ret->data = s;
-    ret->type = V_ASN1_BIT_STRING;
-    if (a != NULL)
-        (*a) = ret;
-    *pp = p;
-    return (ret);
- err:
-    ASN1err(ASN1_F_C2I_ASN1_BIT_STRING, i);
-    if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-        M_ASN1_BIT_STRING_free(ret);
-    return (NULL);
-}
-
-/*
- * These next 2 functions from Goetz Babin-Ebell <babinebell@trustcenter.de>
- */
-int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value)
-{
-    int w, v, iv;
-    unsigned char *c;
-
-    w = n / 8;
-    v = 1 << (7 - (n & 0x07));
-    iv = ~v;
-    if (!value)
-        v = 0;
-
-    if (a == NULL)
-        return 0;
-
-    a->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); /* clear, set on write */
-
-    if ((a->length < (w + 1)) || (a->data == NULL)) {
-        if (!value)
-            return (1);         /* Don't need to set */
-        if (a->data == NULL)
-            c = (unsigned char *)OPENSSL_malloc(w + 1);
-        else
-            c = (unsigned char *)OPENSSL_realloc_clean(a->data,
-                                                       a->length, w + 1);
-        if (c == NULL) {
-            ASN1err(ASN1_F_ASN1_BIT_STRING_SET_BIT, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-        if (w + 1 - a->length > 0)
-            memset(c + a->length, 0, w + 1 - a->length);
-        a->data = c;
-        a->length = w + 1;
-    }
-    a->data[w] = ((a->data[w]) & iv) | v;
-    while ((a->length > 0) && (a->data[a->length - 1] == 0))
-        a->length--;
-    return (1);
-}
-
-int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n)
-{
-    int w, v;
-
-    w = n / 8;
-    v = 1 << (7 - (n & 0x07));
-    if ((a == NULL) || (a->length < (w + 1)) || (a->data == NULL))
-        return (0);
-    return ((a->data[w] & v) != 0);
-}
-
-/*
- * Checks if the given bit string contains only bits specified by
- * the flags vector. Returns 0 if there is at least one bit set in 'a'
- * which is not specified in 'flags', 1 otherwise.
- * 'len' is the length of 'flags'.
- */
-int ASN1_BIT_STRING_check(ASN1_BIT_STRING *a,
-                          unsigned char *flags, int flags_len)
-{
-    int i, ok;
-    /* Check if there is one bit set at all. */
-    if (!a || !a->data)
-        return 1;
-
-    /*
-     * Check each byte of the internal representation of the bit string.
-     */
-    ok = 1;
-    for (i = 0; i < a->length && ok; ++i) {
-        unsigned char mask = i < flags_len ? ~flags[i] : 0xff;
-        /* We are done if there is an unneeded bit set. */
-        ok = (a->data[i] & mask) == 0;
-    }
-    return ok;
-}
diff --git a/thirdparty/openssl/crypto/asn1/a_bool.c b/thirdparty/openssl/crypto/asn1/a_bool.c
deleted file mode 100644
index 1b85bc9e61..0000000000
--- a/thirdparty/openssl/crypto/asn1/a_bool.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/asn1/a_bool.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-
-int i2d_ASN1_BOOLEAN(int a, unsigned char **pp)
-{
-    int r;
-    unsigned char *p;
-
-    r = ASN1_object_size(0, 1, V_ASN1_BOOLEAN);
-    if (pp == NULL)
-        return (r);
-    p = *pp;
-
-    ASN1_put_object(&p, 0, 1, V_ASN1_BOOLEAN, V_ASN1_UNIVERSAL);
-    *(p++) = (unsigned char)a;
-    *pp = p;
-    return (r);
-}
-
-int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length)
-{
-    int ret = -1;
-    const unsigned char *p;
-    long len;
-    int inf, tag, xclass;
-    int i = 0;
-
-    p = *pp;
-    inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
-    if (inf & 0x80) {
-        i = ASN1_R_BAD_OBJECT_HEADER;
-        goto err;
-    }
-
-    if (tag != V_ASN1_BOOLEAN) {
-        i = ASN1_R_EXPECTING_A_BOOLEAN;
-        goto err;
-    }
-
-    if (len != 1) {
-        i = ASN1_R_BOOLEAN_IS_WRONG_LENGTH;
-        goto err;
-    }
-    ret = (int)*(p++);
-    if (a != NULL)
-        (*a) = ret;
-    *pp = p;
-    return (ret);
- err:
-    ASN1err(ASN1_F_D2I_ASN1_BOOLEAN, i);
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/asn1/a_bytes.c b/thirdparty/openssl/crypto/asn1/a_bytes.c
deleted file mode 100644
index 65e5394664..0000000000
--- a/thirdparty/openssl/crypto/asn1/a_bytes.c
+++ /dev/null
@@ -1,334 +0,0 @@
-/* crypto/asn1/a_bytes.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c,
-                                  int depth);
-static ASN1_STRING *int_d2i_ASN1_bytes(ASN1_STRING **a,
-                                       const unsigned char **pp, long length,
-                                       int Ptag, int Pclass, int depth,
-                                       int *perr);
-/*
- * type is a 'bitmap' of acceptable string types.
- */
-ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp,
-                                 long length, int type)
-{
-    ASN1_STRING *ret = NULL;
-    const unsigned char *p;
-    unsigned char *s;
-    long len;
-    int inf, tag, xclass;
-    int i = 0;
-
-    p = *pp;
-    inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
-    if (inf & 0x80)
-        goto err;
-
-    if (tag >= 32) {
-        i = ASN1_R_TAG_VALUE_TOO_HIGH;
-        goto err;
-    }
-    if (!(ASN1_tag2bit(tag) & type)) {
-        i = ASN1_R_WRONG_TYPE;
-        goto err;
-    }
-
-    /* If a bit-string, exit early */
-    if (tag == V_ASN1_BIT_STRING)
-        return (d2i_ASN1_BIT_STRING(a, pp, length));
-
-    if ((a == NULL) || ((*a) == NULL)) {
-        if ((ret = ASN1_STRING_new()) == NULL)
-            return (NULL);
-    } else
-        ret = (*a);
-
-    if (len != 0) {
-        s = OPENSSL_malloc((int)len + 1);
-        if (s == NULL) {
-            i = ERR_R_MALLOC_FAILURE;
-            goto err;
-        }
-        memcpy(s, p, (int)len);
-        s[len] = '\0';
-        p += len;
-    } else
-        s = NULL;
-
-    if (ret->data != NULL)
-        OPENSSL_free(ret->data);
-    ret->length = (int)len;
-    ret->data = s;
-    ret->type = tag;
-    if (a != NULL)
-        (*a) = ret;
-    *pp = p;
-    return (ret);
- err:
-    ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES, i);
-    if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-        ASN1_STRING_free(ret);
-    return (NULL);
-}
-
-int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass)
-{
-    int ret, r, constructed;
-    unsigned char *p;
-
-    if (a == NULL)
-        return (0);
-
-    if (tag == V_ASN1_BIT_STRING)
-        return (i2d_ASN1_BIT_STRING(a, pp));
-
-    ret = a->length;
-    r = ASN1_object_size(0, ret, tag);
-    if (pp == NULL)
-        return (r);
-    p = *pp;
-
-    if ((tag == V_ASN1_SEQUENCE) || (tag == V_ASN1_SET))
-        constructed = 1;
-    else
-        constructed = 0;
-    ASN1_put_object(&p, constructed, ret, tag, xclass);
-    memcpy(p, a->data, a->length);
-    p += a->length;
-    *pp = p;
-    return (r);
-}
-
-/*
- * Maximum recursion depth of d2i_ASN1_bytes(): much more than should be
- * encountered in pratice.
- */
-
-#define ASN1_BYTES_MAXDEPTH 20
-
-ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
-                            long length, int Ptag, int Pclass)
-{
-    int err = 0;
-    ASN1_STRING *s = int_d2i_ASN1_bytes(a, pp, length, Ptag, Pclass, 0, &err);
-    if (err != 0)
-        ASN1err(ASN1_F_D2I_ASN1_BYTES, err);
-    return s;
-}
-
-static ASN1_STRING *int_d2i_ASN1_bytes(ASN1_STRING **a,
-                                       const unsigned char **pp, long length,
-                                       int Ptag, int Pclass,
-                                       int depth, int *perr)
-{
-    ASN1_STRING *ret = NULL;
-    const unsigned char *p;
-    unsigned char *s;
-    long len;
-    int inf, tag, xclass;
-
-    if (depth > ASN1_BYTES_MAXDEPTH) {
-        *perr = ASN1_R_NESTED_ASN1_STRING;
-        return NULL;
-    }
-
-    if ((a == NULL) || ((*a) == NULL)) {
-        if ((ret = ASN1_STRING_new()) == NULL)
-            return (NULL);
-    } else
-        ret = (*a);
-
-    p = *pp;
-    inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
-    if (inf & 0x80) {
-        *perr = ASN1_R_BAD_OBJECT_HEADER;
-        goto err;
-    }
-
-    if (tag != Ptag) {
-        *perr = ASN1_R_WRONG_TAG;
-        goto err;
-    }
-
-    if (inf & V_ASN1_CONSTRUCTED) {
-        ASN1_const_CTX c;
-
-        c.error = 0;
-        c.pp = pp;
-        c.p = p;
-        c.inf = inf;
-        c.slen = len;
-        c.tag = Ptag;
-        c.xclass = Pclass;
-        c.max = (length == 0) ? 0 : (p + length);
-        if (!asn1_collate_primitive(ret, &c, depth)) {
-            *perr = c.error;
-            goto err;
-        } else {
-            p = c.p;
-        }
-    } else {
-        if (len != 0) {
-            if ((ret->length < len) || (ret->data == NULL)) {
-                s = OPENSSL_malloc((int)len + 1);
-                if (s == NULL) {
-                    *perr = ERR_R_MALLOC_FAILURE;
-                    goto err;
-                }
-                if (ret->data != NULL)
-                    OPENSSL_free(ret->data);
-            } else
-                s = ret->data;
-            memcpy(s, p, (int)len);
-            s[len] = '\0';
-            p += len;
-        } else {
-            s = NULL;
-            if (ret->data != NULL)
-                OPENSSL_free(ret->data);
-        }
-
-        ret->length = (int)len;
-        ret->data = s;
-        ret->type = Ptag;
-    }
-
-    if (a != NULL)
-        (*a) = ret;
-    *pp = p;
-    return (ret);
- err:
-    if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-        ASN1_STRING_free(ret);
-    return (NULL);
-}
-
-/*
- * We are about to parse 0..n d2i_ASN1_bytes objects, we are to collapse them
- * into the one structure that is then returned
- */
-/*
- * There have been a few bug fixes for this function from Paul Keogh
- * <paul.keogh@sse.ie>, many thanks to him
- */
-static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c,
-                                  int depth)
-{
-    ASN1_STRING *os = NULL;
-    BUF_MEM b;
-    int num;
-
-    b.length = 0;
-    b.max = 0;
-    b.data = NULL;
-
-    if (a == NULL) {
-        c->error = ERR_R_PASSED_NULL_PARAMETER;
-        goto err;
-    }
-
-    num = 0;
-    for (;;) {
-        if (c->inf & 1) {
-            c->eos = ASN1_const_check_infinite_end(&c->p,
-                                                   (long)(c->max - c->p));
-            if (c->eos)
-                break;
-        } else {
-            if (c->slen <= 0)
-                break;
-        }
-
-        c->q = c->p;
-        if (int_d2i_ASN1_bytes(&os, &c->p, c->max - c->p, c->tag, c->xclass,
-                               depth + 1, &c->error) == NULL) {
-            goto err;
-        }
-
-        if (!BUF_MEM_grow_clean(&b, num + os->length)) {
-            c->error = ERR_R_BUF_LIB;
-            goto err;
-        }
-        memcpy(&(b.data[num]), os->data, os->length);
-        if (!(c->inf & 1))
-            c->slen -= (c->p - c->q);
-        num += os->length;
-    }
-
-    if (!asn1_const_Finish(c))
-        goto err;
-
-    a->length = num;
-    if (a->data != NULL)
-        OPENSSL_free(a->data);
-    a->data = (unsigned char *)b.data;
-    if (os != NULL)
-        ASN1_STRING_free(os);
-    return (1);
- err:
-    if (os != NULL)
-        ASN1_STRING_free(os);
-    if (b.data != NULL)
-        OPENSSL_free(b.data);
-    return (0);
-}
diff --git a/thirdparty/openssl/crypto/asn1/a_d2i_fp.c b/thirdparty/openssl/crypto/asn1/a_d2i_fp.c
deleted file mode 100644
index 51b6f245ab..0000000000
--- a/thirdparty/openssl/crypto/asn1/a_d2i_fp.c
+++ /dev/null
@@ -1,284 +0,0 @@
-/* crypto/asn1/a_d2i_fp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <limits.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1_mac.h>
-
-static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb);
-
-#ifndef NO_OLD_ASN1
-# ifndef OPENSSL_NO_FP_API
-
-void *ASN1_d2i_fp(void *(*xnew) (void), d2i_of_void *d2i, FILE *in, void **x)
-{
-    BIO *b;
-    void *ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        ASN1err(ASN1_F_ASN1_D2I_FP, ERR_R_BUF_LIB);
-        return (NULL);
-    }
-    BIO_set_fp(b, in, BIO_NOCLOSE);
-    ret = ASN1_d2i_bio(xnew, d2i, b, x);
-    BIO_free(b);
-    return (ret);
-}
-# endif
-
-void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x)
-{
-    BUF_MEM *b = NULL;
-    const unsigned char *p;
-    void *ret = NULL;
-    int len;
-
-    len = asn1_d2i_read_bio(in, &b);
-    if (len < 0)
-        goto err;
-
-    p = (unsigned char *)b->data;
-    ret = d2i(x, &p, len);
- err:
-    if (b != NULL)
-        BUF_MEM_free(b);
-    return (ret);
-}
-
-#endif
-
-void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x)
-{
-    BUF_MEM *b = NULL;
-    const unsigned char *p;
-    void *ret = NULL;
-    int len;
-
-    len = asn1_d2i_read_bio(in, &b);
-    if (len < 0)
-        goto err;
-
-    p = (const unsigned char *)b->data;
-    ret = ASN1_item_d2i(x, &p, len, it);
- err:
-    if (b != NULL)
-        BUF_MEM_free(b);
-    return (ret);
-}
-
-#ifndef OPENSSL_NO_FP_API
-void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x)
-{
-    BIO *b;
-    char *ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        ASN1err(ASN1_F_ASN1_ITEM_D2I_FP, ERR_R_BUF_LIB);
-        return (NULL);
-    }
-    BIO_set_fp(b, in, BIO_NOCLOSE);
-    ret = ASN1_item_d2i_bio(it, b, x);
-    BIO_free(b);
-    return (ret);
-}
-#endif
-
-#define HEADER_SIZE   8
-#define ASN1_CHUNK_INITIAL_SIZE (16 * 1024)
-static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
-{
-    BUF_MEM *b;
-    unsigned char *p;
-    int i;
-    ASN1_const_CTX c;
-    size_t want = HEADER_SIZE;
-    int eos = 0;
-    size_t off = 0;
-    size_t len = 0;
-
-    b = BUF_MEM_new();
-    if (b == NULL) {
-        ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
-        return -1;
-    }
-
-    ERR_clear_error();
-    for (;;) {
-        if (want >= (len - off)) {
-            want -= (len - off);
-
-            if (len + want < len || !BUF_MEM_grow_clean(b, len + want)) {
-                ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            i = BIO_read(in, &(b->data[len]), want);
-            if ((i < 0) && ((len - off) == 0)) {
-                ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_NOT_ENOUGH_DATA);
-                goto err;
-            }
-            if (i > 0) {
-                if (len + i < len) {
-                    ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
-                    goto err;
-                }
-                len += i;
-            }
-        }
-        /* else data already loaded */
-
-        p = (unsigned char *)&(b->data[off]);
-        c.p = p;
-        c.inf = ASN1_get_object(&(c.p), &(c.slen), &(c.tag), &(c.xclass),
-                                len - off);
-        if (c.inf & 0x80) {
-            unsigned long e;
-
-            e = ERR_GET_REASON(ERR_peek_error());
-            if (e != ASN1_R_TOO_LONG)
-                goto err;
-            else
-                ERR_clear_error(); /* clear error */
-        }
-        i = c.p - p;            /* header length */
-        off += i;               /* end of data */
-
-        if (c.inf & 1) {
-            /* no data body so go round again */
-            eos++;
-            if (eos < 0) {
-                ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_HEADER_TOO_LONG);
-                goto err;
-            }
-            want = HEADER_SIZE;
-        } else if (eos && (c.slen == 0) && (c.tag == V_ASN1_EOC)) {
-            /* eos value, so go back and read another header */
-            eos--;
-            if (eos <= 0)
-                break;
-            else
-                want = HEADER_SIZE;
-        } else {
-            /* suck in c.slen bytes of data */
-            want = c.slen;
-            if (want > (len - off)) {
-                size_t chunk_max = ASN1_CHUNK_INITIAL_SIZE;
-
-                want -= (len - off);
-                if (want > INT_MAX /* BIO_read takes an int length */  ||
-                    len + want < len) {
-                    ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
-                    goto err;
-                }
-                while (want > 0) {
-                    /*
-                     * Read content in chunks of increasing size
-                     * so we can return an error for EOF without
-                     * having to allocate the entire content length
-                     * in one go.
-                     */
-                    size_t chunk = want > chunk_max ? chunk_max : want;
-
-                    if (!BUF_MEM_grow_clean(b, len + chunk)) {
-                        ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
-                        goto err;
-                    }
-                    want -= chunk;
-                    while (chunk > 0) {
-                        i = BIO_read(in, &(b->data[len]), chunk);
-                        if (i <= 0) {
-                            ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
-                                    ASN1_R_NOT_ENOUGH_DATA);
-                            goto err;
-                        }
-                    /*
-                     * This can't overflow because |len+want| didn't
-                     * overflow.
-                     */
-                        len += i;
-                        chunk -= i;
-                    }
-                    if (chunk_max < INT_MAX/2)
-                        chunk_max *= 2;
-                }
-            }
-            if (off + c.slen < off) {
-                ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
-                goto err;
-            }
-            off += c.slen;
-            if (eos <= 0) {
-                break;
-            } else
-                want = HEADER_SIZE;
-        }
-    }
-
-    if (off > INT_MAX) {
-        ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
-        goto err;
-    }
-
-    *pb = b;
-    return off;
- err:
-    if (b != NULL)
-        BUF_MEM_free(b);
-    return -1;
-}
diff --git a/thirdparty/openssl/crypto/asn1/a_digest.c b/thirdparty/openssl/crypto/asn1/a_digest.c
deleted file mode 100644
index 57a04f768c..0000000000
--- a/thirdparty/openssl/crypto/asn1/a_digest.c
+++ /dev/null
@@ -1,115 +0,0 @@
-/* crypto/asn1/a_digest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-
-#include "cryptlib.h"
-
-#ifndef NO_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/buffer.h>
-#include <openssl/x509.h>
-
-#ifndef NO_ASN1_OLD
-
-int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
-                unsigned char *md, unsigned int *len)
-{
-    int i;
-    unsigned char *str, *p;
-
-    i = i2d(data, NULL);
-    if ((str = (unsigned char *)OPENSSL_malloc(i)) == NULL) {
-        ASN1err(ASN1_F_ASN1_DIGEST, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-    p = str;
-    i2d(data, &p);
-
-    if (!EVP_Digest(str, i, md, len, type, NULL)) {
-        OPENSSL_free(str);
-        return 0;
-    }
-    OPENSSL_free(str);
-    return (1);
-}
-
-#endif
-
-int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn,
-                     unsigned char *md, unsigned int *len)
-{
-    int i;
-    unsigned char *str = NULL;
-
-    i = ASN1_item_i2d(asn, &str, it);
-    if (!str)
-        return (0);
-
-    if (!EVP_Digest(str, i, md, len, type, NULL)) {
-        OPENSSL_free(str);
-        return 0;
-    }
-    OPENSSL_free(str);
-    return (1);
-}
diff --git a/thirdparty/openssl/crypto/asn1/a_dup.c b/thirdparty/openssl/crypto/asn1/a_dup.c
deleted file mode 100644
index 349ab56213..0000000000
--- a/thirdparty/openssl/crypto/asn1/a_dup.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* crypto/asn1/a_dup.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-#ifndef NO_OLD_ASN1
-
-void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x)
-{
-    unsigned char *b, *p;
-    const unsigned char *p2;
-    int i;
-    char *ret;
-
-    if (x == NULL)
-        return (NULL);
-
-    i = i2d(x, NULL);
-    b = OPENSSL_malloc(i + 10);
-    if (b == NULL) {
-        ASN1err(ASN1_F_ASN1_DUP, ERR_R_MALLOC_FAILURE);
-        return (NULL);
-    }
-    p = b;
-    i = i2d(x, &p);
-    p2 = b;
-    ret = d2i(NULL, &p2, i);
-    OPENSSL_free(b);
-    return (ret);
-}
-
-#endif
-
-/*
- * ASN1_ITEM version of dup: this follows the model above except we don't
- * need to allocate the buffer. At some point this could be rewritten to
- * directly dup the underlying structure instead of doing and encode and
- * decode.
- */
-
-void *ASN1_item_dup(const ASN1_ITEM *it, void *x)
-{
-    unsigned char *b = NULL;
-    const unsigned char *p;
-    long i;
-    void *ret;
-
-    if (x == NULL)
-        return (NULL);
-
-    i = ASN1_item_i2d(x, &b, it);
-    if (b == NULL) {
-        ASN1err(ASN1_F_ASN1_ITEM_DUP, ERR_R_MALLOC_FAILURE);
-        return (NULL);
-    }
-    p = b;
-    ret = ASN1_item_d2i(NULL, &p, i, it);
-    OPENSSL_free(b);
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/asn1/a_enum.c b/thirdparty/openssl/crypto/asn1/a_enum.c
deleted file mode 100644
index c3498ac99c..0000000000
--- a/thirdparty/openssl/crypto/asn1/a_enum.c
+++ /dev/null
@@ -1,181 +0,0 @@
-/* crypto/asn1/a_enum.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/bn.h>
-
-/*
- * Code for ENUMERATED type: identical to INTEGER apart from a different tag.
- * for comments on encoding see a_int.c
- */
-
-int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v)
-{
-    int j, k;
-    unsigned int i;
-    unsigned char buf[sizeof(long) + 1];
-    long d;
-
-    a->type = V_ASN1_ENUMERATED;
-    if (a->length < (int)(sizeof(long) + 1)) {
-        if (a->data != NULL)
-            OPENSSL_free(a->data);
-        if ((a->data =
-             (unsigned char *)OPENSSL_malloc(sizeof(long) + 1)) != NULL)
-            memset((char *)a->data, 0, sizeof(long) + 1);
-    }
-    if (a->data == NULL) {
-        ASN1err(ASN1_F_ASN1_ENUMERATED_SET, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-    d = v;
-    if (d < 0) {
-        d = -d;
-        a->type = V_ASN1_NEG_ENUMERATED;
-    }
-
-    for (i = 0; i < sizeof(long); i++) {
-        if (d == 0)
-            break;
-        buf[i] = (int)d & 0xff;
-        d >>= 8;
-    }
-    j = 0;
-    for (k = i - 1; k >= 0; k--)
-        a->data[j++] = buf[k];
-    a->length = j;
-    return (1);
-}
-
-long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a)
-{
-    int neg = 0, i;
-    long r = 0;
-
-    if (a == NULL)
-        return (0L);
-    i = a->type;
-    if (i == V_ASN1_NEG_ENUMERATED)
-        neg = 1;
-    else if (i != V_ASN1_ENUMERATED)
-        return -1;
-
-    if (a->length > (int)sizeof(long)) {
-        /* hmm... a bit ugly */
-        return (0xffffffffL);
-    }
-    if (a->data == NULL)
-        return 0;
-
-    for (i = 0; i < a->length; i++) {
-        r <<= 8;
-        r |= (unsigned char)a->data[i];
-    }
-    if (neg)
-        r = -r;
-    return (r);
-}
-
-ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai)
-{
-    ASN1_ENUMERATED *ret;
-    int len, j;
-
-    if (ai == NULL)
-        ret = M_ASN1_ENUMERATED_new();
-    else
-        ret = ai;
-    if (ret == NULL) {
-        ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED, ERR_R_NESTED_ASN1_ERROR);
-        goto err;
-    }
-    if (BN_is_negative(bn))
-        ret->type = V_ASN1_NEG_ENUMERATED;
-    else
-        ret->type = V_ASN1_ENUMERATED;
-    j = BN_num_bits(bn);
-    len = ((j == 0) ? 0 : ((j / 8) + 1));
-    if (ret->length < len + 4) {
-        unsigned char *new_data = OPENSSL_realloc(ret->data, len + 4);
-        if (!new_data) {
-            ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        ret->data = new_data;
-    }
-
-    ret->length = BN_bn2bin(bn, ret->data);
-    return (ret);
- err:
-    if (ret != ai)
-        M_ASN1_ENUMERATED_free(ret);
-    return (NULL);
-}
-
-BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn)
-{
-    BIGNUM *ret;
-
-    if ((ret = BN_bin2bn(ai->data, ai->length, bn)) == NULL)
-        ASN1err(ASN1_F_ASN1_ENUMERATED_TO_BN, ASN1_R_BN_LIB);
-    else if (ai->type == V_ASN1_NEG_ENUMERATED)
-        BN_set_negative(ret, 1);
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/asn1/a_gentm.c b/thirdparty/openssl/crypto/asn1/a_gentm.c
deleted file mode 100644
index 8511813785..0000000000
--- a/thirdparty/openssl/crypto/asn1/a_gentm.c
+++ /dev/null
@@ -1,312 +0,0 @@
-/* crypto/asn1/a_gentm.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * GENERALIZEDTIME implementation, written by Steve Henson. Based on UTCTIME
- */
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include "o_time.h"
-#include <openssl/asn1.h>
-#include "asn1_locl.h"
-
-#if 0
-
-int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **pp)
-{
-# ifdef CHARSET_EBCDIC
-    /* KLUDGE! We convert to ascii before writing DER */
-    int len;
-    char tmp[24];
-    ASN1_STRING tmpstr = *(ASN1_STRING *)a;
-
-    len = tmpstr.length;
-    ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof tmp) ? sizeof tmp : len);
-    tmpstr.data = tmp;
-
-    a = (ASN1_GENERALIZEDTIME *)&tmpstr;
-# endif
-    return (i2d_ASN1_bytes((ASN1_STRING *)a, pp,
-                           V_ASN1_GENERALIZEDTIME, V_ASN1_UNIVERSAL));
-}
-
-ASN1_GENERALIZEDTIME *d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a,
-                                               unsigned char **pp,
-                                               long length)
-{
-    ASN1_GENERALIZEDTIME *ret = NULL;
-
-    ret =
-        (ASN1_GENERALIZEDTIME *)d2i_ASN1_bytes((ASN1_STRING **)a, pp, length,
-                                               V_ASN1_GENERALIZEDTIME,
-                                               V_ASN1_UNIVERSAL);
-    if (ret == NULL) {
-        ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME, ERR_R_NESTED_ASN1_ERROR);
-        return (NULL);
-    }
-# ifdef CHARSET_EBCDIC
-    ascii2ebcdic(ret->data, ret->data, ret->length);
-# endif
-    if (!ASN1_GENERALIZEDTIME_check(ret)) {
-        ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME, ASN1_R_INVALID_TIME_FORMAT);
-        goto err;
-    }
-
-    return (ret);
- err:
-    if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-        M_ASN1_GENERALIZEDTIME_free(ret);
-    return (NULL);
-}
-
-#endif
-
-int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d)
-{
-    static const int min[9] = { 0, 0, 1, 1, 0, 0, 0, 0, 0 };
-    static const int max[9] = { 99, 99, 12, 31, 23, 59, 59, 12, 59 };
-    char *a;
-    int n, i, l, o;
-
-    if (d->type != V_ASN1_GENERALIZEDTIME)
-        return (0);
-    l = d->length;
-    a = (char *)d->data;
-    o = 0;
-    /*
-     * GENERALIZEDTIME is similar to UTCTIME except the year is represented
-     * as YYYY. This stuff treats everything as a two digit field so make
-     * first two fields 00 to 99
-     */
-    if (l < 13)
-        goto err;
-    for (i = 0; i < 7; i++) {
-        if ((i == 6) && ((a[o] == 'Z') || (a[o] == '+') || (a[o] == '-'))) {
-            i++;
-            if (tm)
-                tm->tm_sec = 0;
-            break;
-        }
-        if ((a[o] < '0') || (a[o] > '9'))
-            goto err;
-        n = a[o] - '0';
-        if (++o > l)
-            goto err;
-
-        if ((a[o] < '0') || (a[o] > '9'))
-            goto err;
-        n = (n * 10) + a[o] - '0';
-        if (++o > l)
-            goto err;
-
-        if ((n < min[i]) || (n > max[i]))
-            goto err;
-        if (tm) {
-            switch (i) {
-            case 0:
-                tm->tm_year = n * 100 - 1900;
-                break;
-            case 1:
-                tm->tm_year += n;
-                break;
-            case 2:
-                tm->tm_mon = n - 1;
-                break;
-            case 3:
-                tm->tm_mday = n;
-                break;
-            case 4:
-                tm->tm_hour = n;
-                break;
-            case 5:
-                tm->tm_min = n;
-                break;
-            case 6:
-                tm->tm_sec = n;
-                break;
-            }
-        }
-    }
-    /*
-     * Optional fractional seconds: decimal point followed by one or more
-     * digits.
-     */
-    if (a[o] == '.') {
-        if (++o > l)
-            goto err;
-        i = o;
-        while ((a[o] >= '0') && (a[o] <= '9') && (o <= l))
-            o++;
-        /* Must have at least one digit after decimal point */
-        if (i == o)
-            goto err;
-    }
-
-    if (a[o] == 'Z')
-        o++;
-    else if ((a[o] == '+') || (a[o] == '-')) {
-        int offsign = a[o] == '-' ? 1 : -1, offset = 0;
-        o++;
-        if (o + 4 > l)
-            goto err;
-        for (i = 7; i < 9; i++) {
-            if ((a[o] < '0') || (a[o] > '9'))
-                goto err;
-            n = a[o] - '0';
-            o++;
-            if ((a[o] < '0') || (a[o] > '9'))
-                goto err;
-            n = (n * 10) + a[o] - '0';
-            if ((n < min[i]) || (n > max[i]))
-                goto err;
-            if (tm) {
-                if (i == 7)
-                    offset = n * 3600;
-                else if (i == 8)
-                    offset += n * 60;
-            }
-            o++;
-        }
-        if (offset && !OPENSSL_gmtime_adj(tm, 0, offset * offsign))
-            return 0;
-    } else if (a[o]) {
-        /* Missing time zone information. */
-        goto err;
-    }
-    return (o == l);
- err:
-    return (0);
-}
-
-int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *d)
-{
-    return asn1_generalizedtime_to_tm(NULL, d);
-}
-
-int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str)
-{
-    ASN1_GENERALIZEDTIME t;
-
-    t.type = V_ASN1_GENERALIZEDTIME;
-    t.length = strlen(str);
-    t.data = (unsigned char *)str;
-    if (ASN1_GENERALIZEDTIME_check(&t)) {
-        if (s != NULL) {
-            if (!ASN1_STRING_set((ASN1_STRING *)s,
-                                 (unsigned char *)str, t.length))
-                return 0;
-            s->type = V_ASN1_GENERALIZEDTIME;
-        }
-        return (1);
-    } else
-        return (0);
-}
-
-ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
-                                               time_t t)
-{
-    return ASN1_GENERALIZEDTIME_adj(s, t, 0, 0);
-}
-
-ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
-                                               time_t t, int offset_day,
-                                               long offset_sec)
-{
-    char *p;
-    struct tm *ts;
-    struct tm data;
-    size_t len = 20;
-
-    if (s == NULL)
-        s = M_ASN1_GENERALIZEDTIME_new();
-    if (s == NULL)
-        return (NULL);
-
-    ts = OPENSSL_gmtime(&t, &data);
-    if (ts == NULL)
-        return (NULL);
-
-    if (offset_day || offset_sec) {
-        if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
-            return NULL;
-    }
-
-    p = (char *)s->data;
-    if ((p == NULL) || ((size_t)s->length < len)) {
-        p = OPENSSL_malloc(len);
-        if (p == NULL) {
-            ASN1err(ASN1_F_ASN1_GENERALIZEDTIME_ADJ, ERR_R_MALLOC_FAILURE);
-            return (NULL);
-        }
-        if (s->data != NULL)
-            OPENSSL_free(s->data);
-        s->data = (unsigned char *)p;
-    }
-
-    BIO_snprintf(p, len, "%04d%02d%02d%02d%02d%02dZ", ts->tm_year + 1900,
-                 ts->tm_mon + 1, ts->tm_mday, ts->tm_hour, ts->tm_min,
-                 ts->tm_sec);
-    s->length = strlen(p);
-    s->type = V_ASN1_GENERALIZEDTIME;
-#ifdef CHARSET_EBCDIC_not
-    ebcdic2ascii(s->data, s->data, s->length);
-#endif
-    return (s);
-}
diff --git a/thirdparty/openssl/crypto/asn1/a_i2d_fp.c b/thirdparty/openssl/crypto/asn1/a_i2d_fp.c
deleted file mode 100644
index 0f56cd4e07..0000000000
--- a/thirdparty/openssl/crypto/asn1/a_i2d_fp.c
+++ /dev/null
@@ -1,157 +0,0 @@
-/* crypto/asn1/a_i2d_fp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
-
-#ifndef NO_OLD_ASN1
-
-# ifndef OPENSSL_NO_FP_API
-int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x)
-{
-    BIO *b;
-    int ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        ASN1err(ASN1_F_ASN1_I2D_FP, ERR_R_BUF_LIB);
-        return (0);
-    }
-    BIO_set_fp(b, out, BIO_NOCLOSE);
-    ret = ASN1_i2d_bio(i2d, b, x);
-    BIO_free(b);
-    return (ret);
-}
-# endif
-
-int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x)
-{
-    char *b;
-    unsigned char *p;
-    int i, j = 0, n, ret = 1;
-
-    n = i2d(x, NULL);
-    b = (char *)OPENSSL_malloc(n);
-    if (b == NULL) {
-        ASN1err(ASN1_F_ASN1_I2D_BIO, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-
-    p = (unsigned char *)b;
-    i2d(x, &p);
-
-    for (;;) {
-        i = BIO_write(out, &(b[j]), n);
-        if (i == n)
-            break;
-        if (i <= 0) {
-            ret = 0;
-            break;
-        }
-        j += i;
-        n -= i;
-    }
-    OPENSSL_free(b);
-    return (ret);
-}
-
-#endif
-
-#ifndef OPENSSL_NO_FP_API
-int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x)
-{
-    BIO *b;
-    int ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        ASN1err(ASN1_F_ASN1_ITEM_I2D_FP, ERR_R_BUF_LIB);
-        return (0);
-    }
-    BIO_set_fp(b, out, BIO_NOCLOSE);
-    ret = ASN1_item_i2d_bio(it, b, x);
-    BIO_free(b);
-    return (ret);
-}
-#endif
-
-int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x)
-{
-    unsigned char *b = NULL;
-    int i, j = 0, n, ret = 1;
-
-    n = ASN1_item_i2d(x, &b, it);
-    if (b == NULL) {
-        ASN1err(ASN1_F_ASN1_ITEM_I2D_BIO, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-
-    for (;;) {
-        i = BIO_write(out, &(b[j]), n);
-        if (i == n)
-            break;
-        if (i <= 0) {
-            ret = 0;
-            break;
-        }
-        j += i;
-        n -= i;
-    }
-    OPENSSL_free(b);
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/asn1/a_int.c b/thirdparty/openssl/crypto/asn1/a_int.c
deleted file mode 100644
index 7e26704a54..0000000000
--- a/thirdparty/openssl/crypto/asn1/a_int.c
+++ /dev/null
@@ -1,464 +0,0 @@
-/* crypto/asn1/a_int.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/bn.h>
-
-ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x)
-{
-    return M_ASN1_INTEGER_dup(x);
-}
-
-int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y)
-{
-    int neg, ret;
-    /* Compare signs */
-    neg = x->type & V_ASN1_NEG;
-    if (neg != (y->type & V_ASN1_NEG)) {
-        if (neg)
-            return -1;
-        else
-            return 1;
-    }
-
-    ret = ASN1_STRING_cmp(x, y);
-
-    if (neg)
-        return -ret;
-    else
-        return ret;
-}
-
-/*-
- * This converts an ASN1 INTEGER into its content encoding.
- * The internal representation is an ASN1_STRING whose data is a big endian
- * representation of the value, ignoring the sign. The sign is determined by
- * the type: V_ASN1_INTEGER for positive and V_ASN1_NEG_INTEGER for negative.
- *
- * Positive integers are no problem: they are almost the same as the DER
- * encoding, except if the first byte is >= 0x80 we need to add a zero pad.
- *
- * Negative integers are a bit trickier...
- * The DER representation of negative integers is in 2s complement form.
- * The internal form is converted by complementing each octet and finally
- * adding one to the result. This can be done less messily with a little trick.
- * If the internal form has trailing zeroes then they will become FF by the
- * complement and 0 by the add one (due to carry) so just copy as many trailing
- * zeros to the destination as there are in the source. The carry will add one
- * to the last none zero octet: so complement this octet and add one and finally
- * complement any left over until you get to the start of the string.
- *
- * Padding is a little trickier too. If the first bytes is > 0x80 then we pad
- * with 0xff. However if the first byte is 0x80 and one of the following bytes
- * is non-zero we pad with 0xff. The reason for this distinction is that 0x80
- * followed by optional zeros isn't padded.
- */
-
-int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
-{
-    int pad = 0, ret, i, neg;
-    unsigned char *p, *n, pb = 0;
-
-    if (a == NULL)
-        return (0);
-    neg = a->type & V_ASN1_NEG;
-    if (a->length == 0)
-        ret = 1;
-    else {
-        ret = a->length;
-        i = a->data[0];
-        if (ret == 1 && i == 0)
-            neg = 0;
-        if (!neg && (i > 127)) {
-            pad = 1;
-            pb = 0;
-        } else if (neg) {
-            if (i > 128) {
-                pad = 1;
-                pb = 0xFF;
-            } else if (i == 128) {
-                /*
-                 * Special case: if any other bytes non zero we pad:
-                 * otherwise we don't.
-                 */
-                for (i = 1; i < a->length; i++)
-                    if (a->data[i]) {
-                        pad = 1;
-                        pb = 0xFF;
-                        break;
-                    }
-            }
-        }
-        ret += pad;
-    }
-    if (pp == NULL)
-        return (ret);
-    p = *pp;
-
-    if (pad)
-        *(p++) = pb;
-    if (a->length == 0)
-        *(p++) = 0;
-    else if (!neg)
-        memcpy(p, a->data, (unsigned int)a->length);
-    else {
-        /* Begin at the end of the encoding */
-        n = a->data + a->length - 1;
-        p += a->length - 1;
-        i = a->length;
-        /* Copy zeros to destination as long as source is zero */
-        while (!*n && i > 1) {
-            *(p--) = 0;
-            n--;
-            i--;
-        }
-        /* Complement and increment next octet */
-        *(p--) = ((*(n--)) ^ 0xff) + 1;
-        i--;
-        /* Complement any octets left */
-        for (; i > 0; i--)
-            *(p--) = *(n--) ^ 0xff;
-    }
-
-    *pp += ret;
-    return (ret);
-}
-
-/* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */
-
-ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
-                               long len)
-{
-    ASN1_INTEGER *ret = NULL;
-    const unsigned char *p, *pend;
-    unsigned char *to, *s;
-    int i;
-
-    if ((a == NULL) || ((*a) == NULL)) {
-        if ((ret = M_ASN1_INTEGER_new()) == NULL)
-            return (NULL);
-        ret->type = V_ASN1_INTEGER;
-    } else
-        ret = (*a);
-
-    p = *pp;
-    pend = p + len;
-
-    /*
-     * We must OPENSSL_malloc stuff, even for 0 bytes otherwise it signifies
-     * a missing NULL parameter.
-     */
-    s = (unsigned char *)OPENSSL_malloc((int)len + 1);
-    if (s == NULL) {
-        i = ERR_R_MALLOC_FAILURE;
-        goto err;
-    }
-    to = s;
-    if (!len) {
-        /*
-         * Strictly speaking this is an illegal INTEGER but we tolerate it.
-         */
-        ret->type = V_ASN1_INTEGER;
-    } else if (*p & 0x80) {     /* a negative number */
-        ret->type = V_ASN1_NEG_INTEGER;
-        if ((*p == 0xff) && (len != 1)) {
-            p++;
-            len--;
-        }
-        i = len;
-        p += i - 1;
-        to += i - 1;
-        while ((!*p) && i) {
-            *(to--) = 0;
-            i--;
-            p--;
-        }
-        /*
-         * Special case: if all zeros then the number will be of the form FF
-         * followed by n zero bytes: this corresponds to 1 followed by n zero
-         * bytes. We've already written n zeros so we just append an extra
-         * one and set the first byte to a 1. This is treated separately
-         * because it is the only case where the number of bytes is larger
-         * than len.
-         */
-        if (!i) {
-            *s = 1;
-            s[len] = 0;
-            len++;
-        } else {
-            *(to--) = (*(p--) ^ 0xff) + 1;
-            i--;
-            for (; i > 0; i--)
-                *(to--) = *(p--) ^ 0xff;
-        }
-    } else {
-        ret->type = V_ASN1_INTEGER;
-        if ((*p == 0) && (len != 1)) {
-            p++;
-            len--;
-        }
-        memcpy(s, p, (int)len);
-    }
-
-    if (ret->data != NULL)
-        OPENSSL_free(ret->data);
-    ret->data = s;
-    ret->length = (int)len;
-    if (a != NULL)
-        (*a) = ret;
-    *pp = pend;
-    return (ret);
- err:
-    ASN1err(ASN1_F_C2I_ASN1_INTEGER, i);
-    if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-        M_ASN1_INTEGER_free(ret);
-    return (NULL);
-}
-
-/*
- * This is a version of d2i_ASN1_INTEGER that ignores the sign bit of ASN1
- * integers: some broken software can encode a positive INTEGER with its MSB
- * set as negative (it doesn't add a padding zero).
- */
-
-ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
-                                long length)
-{
-    ASN1_INTEGER *ret = NULL;
-    const unsigned char *p;
-    unsigned char *s;
-    long len;
-    int inf, tag, xclass;
-    int i;
-
-    if ((a == NULL) || ((*a) == NULL)) {
-        if ((ret = M_ASN1_INTEGER_new()) == NULL)
-            return (NULL);
-        ret->type = V_ASN1_INTEGER;
-    } else
-        ret = (*a);
-
-    p = *pp;
-    inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
-    if (inf & 0x80) {
-        i = ASN1_R_BAD_OBJECT_HEADER;
-        goto err;
-    }
-
-    if (tag != V_ASN1_INTEGER) {
-        i = ASN1_R_EXPECTING_AN_INTEGER;
-        goto err;
-    }
-
-    /*
-     * We must OPENSSL_malloc stuff, even for 0 bytes otherwise it signifies
-     * a missing NULL parameter.
-     */
-    s = (unsigned char *)OPENSSL_malloc((int)len + 1);
-    if (s == NULL) {
-        i = ERR_R_MALLOC_FAILURE;
-        goto err;
-    }
-    ret->type = V_ASN1_INTEGER;
-    if (len) {
-        if ((*p == 0) && (len != 1)) {
-            p++;
-            len--;
-        }
-        memcpy(s, p, (int)len);
-        p += len;
-    }
-
-    if (ret->data != NULL)
-        OPENSSL_free(ret->data);
-    ret->data = s;
-    ret->length = (int)len;
-    if (a != NULL)
-        (*a) = ret;
-    *pp = p;
-    return (ret);
- err:
-    ASN1err(ASN1_F_D2I_ASN1_UINTEGER, i);
-    if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-        M_ASN1_INTEGER_free(ret);
-    return (NULL);
-}
-
-int ASN1_INTEGER_set(ASN1_INTEGER *a, long v)
-{
-    int j, k;
-    unsigned int i;
-    unsigned char buf[sizeof(long) + 1];
-    long d;
-
-    a->type = V_ASN1_INTEGER;
-    if (a->length < (int)(sizeof(long) + 1)) {
-        if (a->data != NULL)
-            OPENSSL_free(a->data);
-        if ((a->data =
-             (unsigned char *)OPENSSL_malloc(sizeof(long) + 1)) != NULL)
-            memset((char *)a->data, 0, sizeof(long) + 1);
-    }
-    if (a->data == NULL) {
-        ASN1err(ASN1_F_ASN1_INTEGER_SET, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-    d = v;
-    if (d < 0) {
-        d = -d;
-        a->type = V_ASN1_NEG_INTEGER;
-    }
-
-    for (i = 0; i < sizeof(long); i++) {
-        if (d == 0)
-            break;
-        buf[i] = (int)d & 0xff;
-        d >>= 8;
-    }
-    j = 0;
-    for (k = i - 1; k >= 0; k--)
-        a->data[j++] = buf[k];
-    a->length = j;
-    return (1);
-}
-
-long ASN1_INTEGER_get(const ASN1_INTEGER *a)
-{
-    int neg = 0, i;
-    long r = 0;
-
-    if (a == NULL)
-        return (0L);
-    i = a->type;
-    if (i == V_ASN1_NEG_INTEGER)
-        neg = 1;
-    else if (i != V_ASN1_INTEGER)
-        return -1;
-
-    if (a->length > (int)sizeof(long)) {
-        /* hmm... a bit ugly, return all ones */
-        return -1;
-    }
-    if (a->data == NULL)
-        return 0;
-
-    for (i = 0; i < a->length; i++) {
-        r <<= 8;
-        r |= (unsigned char)a->data[i];
-    }
-    if (neg)
-        r = -r;
-    return (r);
-}
-
-ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai)
-{
-    ASN1_INTEGER *ret;
-    int len, j;
-
-    if (ai == NULL)
-        ret = M_ASN1_INTEGER_new();
-    else
-        ret = ai;
-    if (ret == NULL) {
-        ASN1err(ASN1_F_BN_TO_ASN1_INTEGER, ERR_R_NESTED_ASN1_ERROR);
-        goto err;
-    }
-    if (BN_is_negative(bn) && !BN_is_zero(bn))
-        ret->type = V_ASN1_NEG_INTEGER;
-    else
-        ret->type = V_ASN1_INTEGER;
-    j = BN_num_bits(bn);
-    len = ((j == 0) ? 0 : ((j / 8) + 1));
-    if (ret->length < len + 4) {
-        unsigned char *new_data = OPENSSL_realloc(ret->data, len + 4);
-        if (!new_data) {
-            ASN1err(ASN1_F_BN_TO_ASN1_INTEGER, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        ret->data = new_data;
-    }
-    ret->length = BN_bn2bin(bn, ret->data);
-    /* Correct zero case */
-    if (!ret->length) {
-        ret->data[0] = 0;
-        ret->length = 1;
-    }
-    return (ret);
- err:
-    if (ret != ai)
-        M_ASN1_INTEGER_free(ret);
-    return (NULL);
-}
-
-BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn)
-{
-    BIGNUM *ret;
-
-    if ((ret = BN_bin2bn(ai->data, ai->length, bn)) == NULL)
-        ASN1err(ASN1_F_ASN1_INTEGER_TO_BN, ASN1_R_BN_LIB);
-    else if (ai->type == V_ASN1_NEG_INTEGER)
-        BN_set_negative(ret, 1);
-    return (ret);
-}
-
-IMPLEMENT_STACK_OF(ASN1_INTEGER)
-
-IMPLEMENT_ASN1_SET_OF(ASN1_INTEGER)
diff --git a/thirdparty/openssl/crypto/asn1/a_mbstr.c b/thirdparty/openssl/crypto/asn1/a_mbstr.c
deleted file mode 100644
index 6935efe09f..0000000000
--- a/thirdparty/openssl/crypto/asn1/a_mbstr.c
+++ /dev/null
@@ -1,423 +0,0 @@
-/* a_mbstr.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-static int traverse_string(const unsigned char *p, int len, int inform,
-                           int (*rfunc) (unsigned long value, void *in),
-                           void *arg);
-static int in_utf8(unsigned long value, void *arg);
-static int out_utf8(unsigned long value, void *arg);
-static int type_str(unsigned long value, void *arg);
-static int cpy_asc(unsigned long value, void *arg);
-static int cpy_bmp(unsigned long value, void *arg);
-static int cpy_univ(unsigned long value, void *arg);
-static int cpy_utf8(unsigned long value, void *arg);
-static int is_printable(unsigned long value);
-
-/*
- * These functions take a string in UTF8, ASCII or multibyte form and a mask
- * of permissible ASN1 string types. It then works out the minimal type
- * (using the order Printable < IA5 < T61 < BMP < Universal < UTF8) and
- * creates a string of the correct type with the supplied data. Yes this is
- * horrible: it has to be :-( The 'ncopy' form checks minimum and maximum
- * size limits too.
- */
-
-int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
-                       int inform, unsigned long mask)
-{
-    return ASN1_mbstring_ncopy(out, in, len, inform, mask, 0, 0);
-}
-
-int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
-                        int inform, unsigned long mask,
-                        long minsize, long maxsize)
-{
-    int str_type;
-    int ret;
-    char free_out;
-    int outform, outlen = 0;
-    ASN1_STRING *dest;
-    unsigned char *p;
-    int nchar;
-    char strbuf[32];
-    int (*cpyfunc) (unsigned long, void *) = NULL;
-    if (len == -1)
-        len = strlen((const char *)in);
-    if (!mask)
-        mask = DIRSTRING_TYPE;
-
-    /* First do a string check and work out the number of characters */
-    switch (inform) {
-
-    case MBSTRING_BMP:
-        if (len & 1) {
-            ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
-                    ASN1_R_INVALID_BMPSTRING_LENGTH);
-            return -1;
-        }
-        nchar = len >> 1;
-        break;
-
-    case MBSTRING_UNIV:
-        if (len & 3) {
-            ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
-                    ASN1_R_INVALID_UNIVERSALSTRING_LENGTH);
-            return -1;
-        }
-        nchar = len >> 2;
-        break;
-
-    case MBSTRING_UTF8:
-        nchar = 0;
-        /* This counts the characters and does utf8 syntax checking */
-        ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar);
-        if (ret < 0) {
-            ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_INVALID_UTF8STRING);
-            return -1;
-        }
-        break;
-
-    case MBSTRING_ASC:
-        nchar = len;
-        break;
-
-    default:
-        ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_UNKNOWN_FORMAT);
-        return -1;
-    }
-
-    if ((minsize > 0) && (nchar < minsize)) {
-        ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_SHORT);
-        BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize);
-        ERR_add_error_data(2, "minsize=", strbuf);
-        return -1;
-    }
-
-    if ((maxsize > 0) && (nchar > maxsize)) {
-        ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_LONG);
-        BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize);
-        ERR_add_error_data(2, "maxsize=", strbuf);
-        return -1;
-    }
-
-    /* Now work out minimal type (if any) */
-    if (traverse_string(in, len, inform, type_str, &mask) < 0) {
-        ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_ILLEGAL_CHARACTERS);
-        return -1;
-    }
-
-    /* Now work out output format and string type */
-    outform = MBSTRING_ASC;
-    if (mask & B_ASN1_PRINTABLESTRING)
-        str_type = V_ASN1_PRINTABLESTRING;
-    else if (mask & B_ASN1_IA5STRING)
-        str_type = V_ASN1_IA5STRING;
-    else if (mask & B_ASN1_T61STRING)
-        str_type = V_ASN1_T61STRING;
-    else if (mask & B_ASN1_BMPSTRING) {
-        str_type = V_ASN1_BMPSTRING;
-        outform = MBSTRING_BMP;
-    } else if (mask & B_ASN1_UNIVERSALSTRING) {
-        str_type = V_ASN1_UNIVERSALSTRING;
-        outform = MBSTRING_UNIV;
-    } else {
-        str_type = V_ASN1_UTF8STRING;
-        outform = MBSTRING_UTF8;
-    }
-    if (!out)
-        return str_type;
-    if (*out) {
-        free_out = 0;
-        dest = *out;
-        if (dest->data) {
-            dest->length = 0;
-            OPENSSL_free(dest->data);
-            dest->data = NULL;
-        }
-        dest->type = str_type;
-    } else {
-        free_out = 1;
-        dest = ASN1_STRING_type_new(str_type);
-        if (!dest) {
-            ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ERR_R_MALLOC_FAILURE);
-            return -1;
-        }
-        *out = dest;
-    }
-    /* If both the same type just copy across */
-    if (inform == outform) {
-        if (!ASN1_STRING_set(dest, in, len)) {
-            ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ERR_R_MALLOC_FAILURE);
-            return -1;
-        }
-        return str_type;
-    }
-
-    /* Work out how much space the destination will need */
-    switch (outform) {
-    case MBSTRING_ASC:
-        outlen = nchar;
-        cpyfunc = cpy_asc;
-        break;
-
-    case MBSTRING_BMP:
-        outlen = nchar << 1;
-        cpyfunc = cpy_bmp;
-        break;
-
-    case MBSTRING_UNIV:
-        outlen = nchar << 2;
-        cpyfunc = cpy_univ;
-        break;
-
-    case MBSTRING_UTF8:
-        outlen = 0;
-        traverse_string(in, len, inform, out_utf8, &outlen);
-        cpyfunc = cpy_utf8;
-        break;
-    }
-    if (!(p = OPENSSL_malloc(outlen + 1))) {
-        if (free_out)
-            ASN1_STRING_free(dest);
-        ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ERR_R_MALLOC_FAILURE);
-        return -1;
-    }
-    dest->length = outlen;
-    dest->data = p;
-    p[outlen] = 0;
-    traverse_string(in, len, inform, cpyfunc, &p);
-    return str_type;
-}
-
-/*
- * This function traverses a string and passes the value of each character to
- * an optional function along with a void * argument.
- */
-
-static int traverse_string(const unsigned char *p, int len, int inform,
-                           int (*rfunc) (unsigned long value, void *in),
-                           void *arg)
-{
-    unsigned long value;
-    int ret;
-    while (len) {
-        if (inform == MBSTRING_ASC) {
-            value = *p++;
-            len--;
-        } else if (inform == MBSTRING_BMP) {
-            value = *p++ << 8;
-            value |= *p++;
-            len -= 2;
-        } else if (inform == MBSTRING_UNIV) {
-            value = ((unsigned long)*p++) << 24;
-            value |= ((unsigned long)*p++) << 16;
-            value |= *p++ << 8;
-            value |= *p++;
-            len -= 4;
-        } else {
-            ret = UTF8_getc(p, len, &value);
-            if (ret < 0)
-                return -1;
-            len -= ret;
-            p += ret;
-        }
-        if (rfunc) {
-            ret = rfunc(value, arg);
-            if (ret <= 0)
-                return ret;
-        }
-    }
-    return 1;
-}
-
-/* Various utility functions for traverse_string */
-
-/* Just count number of characters */
-
-static int in_utf8(unsigned long value, void *arg)
-{
-    int *nchar;
-    nchar = arg;
-    (*nchar)++;
-    return 1;
-}
-
-/* Determine size of output as a UTF8 String */
-
-static int out_utf8(unsigned long value, void *arg)
-{
-    int *outlen;
-    outlen = arg;
-    *outlen += UTF8_putc(NULL, -1, value);
-    return 1;
-}
-
-/*
- * Determine the "type" of a string: check each character against a supplied
- * "mask".
- */
-
-static int type_str(unsigned long value, void *arg)
-{
-    unsigned long types;
-    types = *((unsigned long *)arg);
-    if ((types & B_ASN1_PRINTABLESTRING) && !is_printable(value))
-        types &= ~B_ASN1_PRINTABLESTRING;
-    if ((types & B_ASN1_IA5STRING) && (value > 127))
-        types &= ~B_ASN1_IA5STRING;
-    if ((types & B_ASN1_T61STRING) && (value > 0xff))
-        types &= ~B_ASN1_T61STRING;
-    if ((types & B_ASN1_BMPSTRING) && (value > 0xffff))
-        types &= ~B_ASN1_BMPSTRING;
-    if (!types)
-        return -1;
-    *((unsigned long *)arg) = types;
-    return 1;
-}
-
-/* Copy one byte per character ASCII like strings */
-
-static int cpy_asc(unsigned long value, void *arg)
-{
-    unsigned char **p, *q;
-    p = arg;
-    q = *p;
-    *q = (unsigned char)value;
-    (*p)++;
-    return 1;
-}
-
-/* Copy two byte per character BMPStrings */
-
-static int cpy_bmp(unsigned long value, void *arg)
-{
-    unsigned char **p, *q;
-    p = arg;
-    q = *p;
-    *q++ = (unsigned char)((value >> 8) & 0xff);
-    *q = (unsigned char)(value & 0xff);
-    *p += 2;
-    return 1;
-}
-
-/* Copy four byte per character UniversalStrings */
-
-static int cpy_univ(unsigned long value, void *arg)
-{
-    unsigned char **p, *q;
-    p = arg;
-    q = *p;
-    *q++ = (unsigned char)((value >> 24) & 0xff);
-    *q++ = (unsigned char)((value >> 16) & 0xff);
-    *q++ = (unsigned char)((value >> 8) & 0xff);
-    *q = (unsigned char)(value & 0xff);
-    *p += 4;
-    return 1;
-}
-
-/* Copy to a UTF8String */
-
-static int cpy_utf8(unsigned long value, void *arg)
-{
-    unsigned char **p;
-    int ret;
-    p = arg;
-    /* We already know there is enough room so pass 0xff as the length */
-    ret = UTF8_putc(*p, 0xff, value);
-    *p += ret;
-    return 1;
-}
-
-/* Return 1 if the character is permitted in a PrintableString */
-static int is_printable(unsigned long value)
-{
-    int ch;
-    if (value > 0x7f)
-        return 0;
-    ch = (int)value;
-    /*
-     * Note: we can't use 'isalnum' because certain accented characters may
-     * count as alphanumeric in some environments.
-     */
-#ifndef CHARSET_EBCDIC
-    if ((ch >= 'a') && (ch <= 'z'))
-        return 1;
-    if ((ch >= 'A') && (ch <= 'Z'))
-        return 1;
-    if ((ch >= '0') && (ch <= '9'))
-        return 1;
-    if ((ch == ' ') || strchr("'()+,-./:=?", ch))
-        return 1;
-#else                           /* CHARSET_EBCDIC */
-    if ((ch >= os_toascii['a']) && (ch <= os_toascii['z']))
-        return 1;
-    if ((ch >= os_toascii['A']) && (ch <= os_toascii['Z']))
-        return 1;
-    if ((ch >= os_toascii['0']) && (ch <= os_toascii['9']))
-        return 1;
-    if ((ch == os_toascii[' ']) || strchr("'()+,-./:=?", os_toebcdic[ch]))
-        return 1;
-#endif                          /* CHARSET_EBCDIC */
-    return 0;
-}
diff --git a/thirdparty/openssl/crypto/asn1/a_object.c b/thirdparty/openssl/crypto/asn1/a_object.c
deleted file mode 100644
index 229a40ffa3..0000000000
--- a/thirdparty/openssl/crypto/asn1/a_object.c
+++ /dev/null
@@ -1,406 +0,0 @@
-/* crypto/asn1/a_object.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <limits.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/bn.h>
-
-int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
-{
-    unsigned char *p;
-    int objsize;
-
-    if ((a == NULL) || (a->data == NULL))
-        return (0);
-
-    objsize = ASN1_object_size(0, a->length, V_ASN1_OBJECT);
-    if (pp == NULL || objsize == -1)
-        return objsize;
-
-    p = *pp;
-    ASN1_put_object(&p, 0, a->length, V_ASN1_OBJECT, V_ASN1_UNIVERSAL);
-    memcpy(p, a->data, a->length);
-    p += a->length;
-
-    *pp = p;
-    return (objsize);
-}
-
-int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
-{
-    int i, first, len = 0, c, use_bn;
-    char ftmp[24], *tmp = ftmp;
-    int tmpsize = sizeof ftmp;
-    const char *p;
-    unsigned long l;
-    BIGNUM *bl = NULL;
-
-    if (num == 0)
-        return (0);
-    else if (num == -1)
-        num = strlen(buf);
-
-    p = buf;
-    c = *(p++);
-    num--;
-    if ((c >= '0') && (c <= '2')) {
-        first = c - '0';
-    } else {
-        ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_FIRST_NUM_TOO_LARGE);
-        goto err;
-    }
-
-    if (num <= 0) {
-        ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_MISSING_SECOND_NUMBER);
-        goto err;
-    }
-    c = *(p++);
-    num--;
-    for (;;) {
-        if (num <= 0)
-            break;
-        if ((c != '.') && (c != ' ')) {
-            ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_INVALID_SEPARATOR);
-            goto err;
-        }
-        l = 0;
-        use_bn = 0;
-        for (;;) {
-            if (num <= 0)
-                break;
-            num--;
-            c = *(p++);
-            if ((c == ' ') || (c == '.'))
-                break;
-            if ((c < '0') || (c > '9')) {
-                ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_INVALID_DIGIT);
-                goto err;
-            }
-            if (!use_bn && l >= ((ULONG_MAX - 80) / 10L)) {
-                use_bn = 1;
-                if (!bl)
-                    bl = BN_new();
-                if (!bl || !BN_set_word(bl, l))
-                    goto err;
-            }
-            if (use_bn) {
-                if (!BN_mul_word(bl, 10L)
-                    || !BN_add_word(bl, c - '0'))
-                    goto err;
-            } else
-                l = l * 10L + (long)(c - '0');
-        }
-        if (len == 0) {
-            if ((first < 2) && (l >= 40)) {
-                ASN1err(ASN1_F_A2D_ASN1_OBJECT,
-                        ASN1_R_SECOND_NUMBER_TOO_LARGE);
-                goto err;
-            }
-            if (use_bn) {
-                if (!BN_add_word(bl, first * 40))
-                    goto err;
-            } else
-                l += (long)first *40;
-        }
-        i = 0;
-        if (use_bn) {
-            int blsize;
-            blsize = BN_num_bits(bl);
-            blsize = (blsize + 6) / 7;
-            if (blsize > tmpsize) {
-                if (tmp != ftmp)
-                    OPENSSL_free(tmp);
-                tmpsize = blsize + 32;
-                tmp = OPENSSL_malloc(tmpsize);
-                if (!tmp)
-                    goto err;
-            }
-            while (blsize--) {
-                BN_ULONG t = BN_div_word(bl, 0x80L);
-                if (t == (BN_ULONG)-1)
-                    goto err;
-                tmp[i++] = (unsigned char)t;
-            }
-        } else {
-
-            for (;;) {
-                tmp[i++] = (unsigned char)l & 0x7f;
-                l >>= 7L;
-                if (l == 0L)
-                    break;
-            }
-
-        }
-        if (out != NULL) {
-            if (len + i > olen) {
-                ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_BUFFER_TOO_SMALL);
-                goto err;
-            }
-            while (--i > 0)
-                out[len++] = tmp[i] | 0x80;
-            out[len++] = tmp[0];
-        } else
-            len += i;
-    }
-    if (tmp != ftmp)
-        OPENSSL_free(tmp);
-    if (bl)
-        BN_free(bl);
-    return (len);
- err:
-    if (tmp != ftmp)
-        OPENSSL_free(tmp);
-    if (bl)
-        BN_free(bl);
-    return (0);
-}
-
-int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a)
-{
-    return OBJ_obj2txt(buf, buf_len, a, 0);
-}
-
-int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
-{
-    char buf[80], *p = buf;
-    int i;
-
-    if ((a == NULL) || (a->data == NULL))
-        return (BIO_write(bp, "NULL", 4));
-    i = i2t_ASN1_OBJECT(buf, sizeof buf, a);
-    if (i > (int)(sizeof(buf) - 1)) {
-        p = OPENSSL_malloc(i + 1);
-        if (!p)
-            return -1;
-        i2t_ASN1_OBJECT(p, i + 1, a);
-    }
-    if (i <= 0)
-        return BIO_write(bp, "<INVALID>", 9);
-    BIO_write(bp, p, i);
-    if (p != buf)
-        OPENSSL_free(p);
-    return (i);
-}
-
-ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
-                             long length)
-{
-    const unsigned char *p;
-    long len;
-    int tag, xclass;
-    int inf, i;
-    ASN1_OBJECT *ret = NULL;
-    p = *pp;
-    inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
-    if (inf & 0x80) {
-        i = ASN1_R_BAD_OBJECT_HEADER;
-        goto err;
-    }
-
-    if (tag != V_ASN1_OBJECT) {
-        i = ASN1_R_EXPECTING_AN_OBJECT;
-        goto err;
-    }
-    ret = c2i_ASN1_OBJECT(a, &p, len);
-    if (ret)
-        *pp = p;
-    return ret;
- err:
-    ASN1err(ASN1_F_D2I_ASN1_OBJECT, i);
-    return (NULL);
-}
-
-ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
-                             long len)
-{
-    ASN1_OBJECT *ret = NULL;
-    const unsigned char *p;
-    unsigned char *data;
-    int i, length;
-
-    /*
-     * Sanity check OID encoding. Need at least one content octet. MSB must
-     * be clear in the last octet. can't have leading 0x80 in subidentifiers,
-     * see: X.690 8.19.2
-     */
-    if (len <= 0 || len > INT_MAX || pp == NULL || (p = *pp) == NULL ||
-        p[len - 1] & 0x80) {
-        ASN1err(ASN1_F_C2I_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING);
-        return NULL;
-    }
-    /* Now 0 < len <= INT_MAX, so the cast is safe. */
-    length = (int)len;
-    for (i = 0; i < length; i++, p++) {
-        if (*p == 0x80 && (!i || !(p[-1] & 0x80))) {
-            ASN1err(ASN1_F_C2I_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING);
-            return NULL;
-        }
-    }
-
-    /*
-     * only the ASN1_OBJECTs from the 'table' will have values for ->sn or
-     * ->ln
-     */
-    if ((a == NULL) || ((*a) == NULL) ||
-        !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC)) {
-        if ((ret = ASN1_OBJECT_new()) == NULL)
-            return (NULL);
-    } else
-        ret = (*a);
-
-    p = *pp;
-    /* detach data from object */
-    data = (unsigned char *)ret->data;
-    ret->data = NULL;
-    /* once detached we can change it */
-    if ((data == NULL) || (ret->length < length)) {
-        ret->length = 0;
-        if (data != NULL)
-            OPENSSL_free(data);
-        data = (unsigned char *)OPENSSL_malloc(length);
-        if (data == NULL) {
-            i = ERR_R_MALLOC_FAILURE;
-            goto err;
-        }
-        ret->flags |= ASN1_OBJECT_FLAG_DYNAMIC_DATA;
-    }
-    memcpy(data, p, length);
-    /* reattach data to object, after which it remains const */
-    ret->data = data;
-    ret->length = length;
-    ret->sn = NULL;
-    ret->ln = NULL;
-    /* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */
-    p += length;
-
-    if (a != NULL)
-        (*a) = ret;
-    *pp = p;
-    return (ret);
- err:
-    ASN1err(ASN1_F_C2I_ASN1_OBJECT, i);
-    if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-        ASN1_OBJECT_free(ret);
-    return (NULL);
-}
-
-ASN1_OBJECT *ASN1_OBJECT_new(void)
-{
-    ASN1_OBJECT *ret;
-
-    ret = (ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT));
-    if (ret == NULL) {
-        ASN1err(ASN1_F_ASN1_OBJECT_NEW, ERR_R_MALLOC_FAILURE);
-        return (NULL);
-    }
-    ret->length = 0;
-    ret->data = NULL;
-    ret->nid = 0;
-    ret->sn = NULL;
-    ret->ln = NULL;
-    ret->flags = ASN1_OBJECT_FLAG_DYNAMIC;
-    return (ret);
-}
-
-void ASN1_OBJECT_free(ASN1_OBJECT *a)
-{
-    if (a == NULL)
-        return;
-    if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) {
-#ifndef CONST_STRICT            /* disable purely for compile-time strict
-                                 * const checking. Doing this on a "real"
-                                 * compile will cause memory leaks */
-        if (a->sn != NULL)
-            OPENSSL_free((void *)a->sn);
-        if (a->ln != NULL)
-            OPENSSL_free((void *)a->ln);
-#endif
-        a->sn = a->ln = NULL;
-    }
-    if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) {
-        if (a->data != NULL)
-            OPENSSL_free((void *)a->data);
-        a->data = NULL;
-        a->length = 0;
-    }
-    if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC)
-        OPENSSL_free(a);
-}
-
-ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
-                                const char *sn, const char *ln)
-{
-    ASN1_OBJECT o;
-
-    o.sn = sn;
-    o.ln = ln;
-    o.data = data;
-    o.nid = nid;
-    o.length = len;
-    o.flags = ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
-        ASN1_OBJECT_FLAG_DYNAMIC_DATA;
-    return (OBJ_dup(&o));
-}
-
-IMPLEMENT_STACK_OF(ASN1_OBJECT)
-
-IMPLEMENT_ASN1_SET_OF(ASN1_OBJECT)
diff --git a/thirdparty/openssl/crypto/asn1/a_octet.c b/thirdparty/openssl/crypto/asn1/a_octet.c
deleted file mode 100644
index 1a6e9ca9cc..0000000000
--- a/thirdparty/openssl/crypto/asn1/a_octet.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/* crypto/asn1/a_octet.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *x)
-{
-    return M_ASN1_OCTET_STRING_dup(x);
-}
-
-int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a,
-                          const ASN1_OCTET_STRING *b)
-{
-    return M_ASN1_OCTET_STRING_cmp(a, b);
-}
-
-int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, const unsigned char *d,
-                          int len)
-{
-    return M_ASN1_OCTET_STRING_set(x, d, len);
-}
diff --git a/thirdparty/openssl/crypto/asn1/a_print.c b/thirdparty/openssl/crypto/asn1/a_print.c
deleted file mode 100644
index d83e4ad82c..0000000000
--- a/thirdparty/openssl/crypto/asn1/a_print.c
+++ /dev/null
@@ -1,129 +0,0 @@
-/* crypto/asn1/a_print.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-int ASN1_PRINTABLE_type(const unsigned char *s, int len)
-{
-    int c;
-    int ia5 = 0;
-    int t61 = 0;
-
-    if (len <= 0)
-        len = -1;
-    if (s == NULL)
-        return (V_ASN1_PRINTABLESTRING);
-
-    while ((*s) && (len-- != 0)) {
-        c = *(s++);
-#ifndef CHARSET_EBCDIC
-        if (!(((c >= 'a') && (c <= 'z')) ||
-              ((c >= 'A') && (c <= 'Z')) ||
-              (c == ' ') ||
-              ((c >= '0') && (c <= '9')) ||
-              (c == ' ') || (c == '\'') ||
-              (c == '(') || (c == ')') ||
-              (c == '+') || (c == ',') ||
-              (c == '-') || (c == '.') ||
-              (c == '/') || (c == ':') || (c == '=') || (c == '?')))
-            ia5 = 1;
-        if (c & 0x80)
-            t61 = 1;
-#else
-        if (!isalnum(c) && (c != ' ') && strchr("'()+,-./:=?", c) == NULL)
-            ia5 = 1;
-        if (os_toascii[c] & 0x80)
-            t61 = 1;
-#endif
-    }
-    if (t61)
-        return (V_ASN1_T61STRING);
-    if (ia5)
-        return (V_ASN1_IA5STRING);
-    return (V_ASN1_PRINTABLESTRING);
-}
-
-int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s)
-{
-    int i;
-    unsigned char *p;
-
-    if (s->type != V_ASN1_UNIVERSALSTRING)
-        return (0);
-    if ((s->length % 4) != 0)
-        return (0);
-    p = s->data;
-    for (i = 0; i < s->length; i += 4) {
-        if ((p[0] != '\0') || (p[1] != '\0') || (p[2] != '\0'))
-            break;
-        else
-            p += 4;
-    }
-    if (i < s->length)
-        return (0);
-    p = s->data;
-    for (i = 3; i < s->length; i += 4) {
-        *(p++) = s->data[i];
-    }
-    *(p) = '\0';
-    s->length /= 4;
-    s->type = ASN1_PRINTABLE_type(s->data, s->length);
-    return (1);
-}
diff --git a/thirdparty/openssl/crypto/asn1/a_set.c b/thirdparty/openssl/crypto/asn1/a_set.c
deleted file mode 100644
index 5fb5865575..0000000000
--- a/thirdparty/openssl/crypto/asn1/a_set.c
+++ /dev/null
@@ -1,243 +0,0 @@
-/* crypto/asn1/a_set.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <limits.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-
-#ifndef NO_ASN1_OLD
-
-typedef struct {
-    unsigned char *pbData;
-    int cbData;
-} MYBLOB;
-
-/*
- * SetBlobCmp This function compares two elements of SET_OF block
- */
-static int SetBlobCmp(const void *elem1, const void *elem2)
-{
-    const MYBLOB *b1 = (const MYBLOB *)elem1;
-    const MYBLOB *b2 = (const MYBLOB *)elem2;
-    int r;
-
-    r = memcmp(b1->pbData, b2->pbData,
-               b1->cbData < b2->cbData ? b1->cbData : b2->cbData);
-    if (r != 0)
-        return r;
-    return b1->cbData - b2->cbData;
-}
-
-/*
- * int is_set: if TRUE, then sort the contents (i.e. it isn't a SEQUENCE)
- */
-int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp,
-                 i2d_of_void *i2d, int ex_tag, int ex_class, int is_set)
-{
-    int ret = 0, r;
-    int i;
-    unsigned char *p;
-    unsigned char *pStart, *pTempMem;
-    MYBLOB *rgSetBlob;
-    int totSize;
-
-    if (a == NULL)
-        return (0);
-    for (i = sk_OPENSSL_BLOCK_num(a) - 1; i >= 0; i--) {
-        int tmplen = i2d(sk_OPENSSL_BLOCK_value(a, i), NULL);
-        if (tmplen > INT_MAX - ret)
-            return -1;
-        ret += i2d(sk_OPENSSL_BLOCK_value(a, i), NULL);
-    }
-    r = ASN1_object_size(1, ret, ex_tag);
-    if (pp == NULL || r == -1)
-        return (r);
-
-    p = *pp;
-    ASN1_put_object(&p, 1, ret, ex_tag, ex_class);
-
-/* Modified by gp@nsj.co.jp */
-    /* And then again by Ben */
-    /* And again by Steve */
-
-    if (!is_set || (sk_OPENSSL_BLOCK_num(a) < 2)) {
-        for (i = 0; i < sk_OPENSSL_BLOCK_num(a); i++)
-            i2d(sk_OPENSSL_BLOCK_value(a, i), &p);
-
-        *pp = p;
-        return (r);
-    }
-
-    pStart = p;                 /* Catch the beg of Setblobs */
-    /* In this array we will store the SET blobs */
-    rgSetBlob = OPENSSL_malloc(sk_OPENSSL_BLOCK_num(a) * sizeof(MYBLOB));
-    if (rgSetBlob == NULL) {
-        ASN1err(ASN1_F_I2D_ASN1_SET, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-
-    for (i = 0; i < sk_OPENSSL_BLOCK_num(a); i++) {
-        rgSetBlob[i].pbData = p; /* catch each set encode blob */
-        i2d(sk_OPENSSL_BLOCK_value(a, i), &p);
-        rgSetBlob[i].cbData = p - rgSetBlob[i].pbData; /* Length of this
-                                                        * SetBlob */
-    }
-    *pp = p;
-    totSize = p - pStart;       /* This is the total size of all set blobs */
-
-    /*
-     * Now we have to sort the blobs. I am using a simple algo. *Sort ptrs
-     * *Copy to temp-mem *Copy from temp-mem to user-mem
-     */
-    qsort(rgSetBlob, sk_OPENSSL_BLOCK_num(a), sizeof(MYBLOB), SetBlobCmp);
-    if (!(pTempMem = OPENSSL_malloc(totSize))) {
-        ASN1err(ASN1_F_I2D_ASN1_SET, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-
-/* Copy to temp mem */
-    p = pTempMem;
-    for (i = 0; i < sk_OPENSSL_BLOCK_num(a); ++i) {
-        memcpy(p, rgSetBlob[i].pbData, rgSetBlob[i].cbData);
-        p += rgSetBlob[i].cbData;
-    }
-
-/* Copy back to user mem*/
-    memcpy(pStart, pTempMem, totSize);
-    OPENSSL_free(pTempMem);
-    OPENSSL_free(rgSetBlob);
-
-    return (r);
-}
-
-STACK_OF(OPENSSL_BLOCK) *d2i_ASN1_SET(STACK_OF(OPENSSL_BLOCK) **a,
-                                      const unsigned char **pp,
-                                      long length, d2i_of_void *d2i,
-                                      void (*free_func) (OPENSSL_BLOCK),
-                                      int ex_tag, int ex_class)
-{
-    ASN1_const_CTX c;
-    STACK_OF(OPENSSL_BLOCK) *ret = NULL;
-
-    if ((a == NULL) || ((*a) == NULL)) {
-        if ((ret = sk_OPENSSL_BLOCK_new_null()) == NULL) {
-            ASN1err(ASN1_F_D2I_ASN1_SET, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-    } else
-        ret = (*a);
-
-    c.p = *pp;
-    c.max = (length == 0) ? 0 : (c.p + length);
-
-    c.inf = ASN1_get_object(&c.p, &c.slen, &c.tag, &c.xclass, c.max - c.p);
-    if (c.inf & 0x80)
-        goto err;
-    if (ex_class != c.xclass) {
-        ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_BAD_CLASS);
-        goto err;
-    }
-    if (ex_tag != c.tag) {
-        ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_BAD_TAG);
-        goto err;
-    }
-    if ((c.slen + c.p) > c.max) {
-        ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_LENGTH_ERROR);
-        goto err;
-    }
-    /*
-     * check for infinite constructed - it can be as long as the amount of
-     * data passed to us
-     */
-    if (c.inf == (V_ASN1_CONSTRUCTED + 1))
-        c.slen = length + *pp - c.p;
-    c.max = c.p + c.slen;
-
-    while (c.p < c.max) {
-        char *s;
-
-        if (M_ASN1_D2I_end_sequence())
-            break;
-        /*
-         * XXX: This was called with 4 arguments, incorrectly, it seems if
-         * ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL)
-         */
-        if ((s = d2i(NULL, &c.p, c.slen)) == NULL) {
-            ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_ERROR_PARSING_SET_ELEMENT);
-            asn1_add_error(*pp, (int)(c.p - *pp));
-            goto err;
-        }
-        if (!sk_OPENSSL_BLOCK_push(ret, s))
-            goto err;
-    }
-    if (a != NULL)
-        (*a) = ret;
-    *pp = c.p;
-    return (ret);
- err:
-    if ((ret != NULL) && ((a == NULL) || (*a != ret))) {
-        if (free_func != NULL)
-            sk_OPENSSL_BLOCK_pop_free(ret, free_func);
-        else
-            sk_OPENSSL_BLOCK_free(ret);
-    }
-    return (NULL);
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/asn1/a_sign.c b/thirdparty/openssl/crypto/asn1/a_sign.c
deleted file mode 100644
index 51c6a0c34d..0000000000
--- a/thirdparty/openssl/crypto/asn1/a_sign.c
+++ /dev/null
@@ -1,331 +0,0 @@
-/* crypto/asn1/a_sign.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <time.h>
-
-#include "cryptlib.h"
-
-#ifndef NO_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-#include <openssl/buffer.h>
-#include "asn1_locl.h"
-
-#ifndef NO_ASN1_OLD
-
-int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2,
-              ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey,
-              const EVP_MD *type)
-{
-    EVP_MD_CTX ctx;
-    unsigned char *p, *buf_in = NULL, *buf_out = NULL;
-    int i, inl = 0, outl = 0, outll = 0;
-    X509_ALGOR *a;
-
-    EVP_MD_CTX_init(&ctx);
-    for (i = 0; i < 2; i++) {
-        if (i == 0)
-            a = algor1;
-        else
-            a = algor2;
-        if (a == NULL)
-            continue;
-        if (type->pkey_type == NID_dsaWithSHA1) {
-            /*
-             * special case: RFC 2459 tells us to omit 'parameters' with
-             * id-dsa-with-sha1
-             */
-            ASN1_TYPE_free(a->parameter);
-            a->parameter = NULL;
-        } else if ((a->parameter == NULL) ||
-                   (a->parameter->type != V_ASN1_NULL)) {
-            ASN1_TYPE_free(a->parameter);
-            if ((a->parameter = ASN1_TYPE_new()) == NULL)
-                goto err;
-            a->parameter->type = V_ASN1_NULL;
-        }
-        ASN1_OBJECT_free(a->algorithm);
-        a->algorithm = OBJ_nid2obj(type->pkey_type);
-        if (a->algorithm == NULL) {
-            ASN1err(ASN1_F_ASN1_SIGN, ASN1_R_UNKNOWN_OBJECT_TYPE);
-            goto err;
-        }
-        if (a->algorithm->length == 0) {
-            ASN1err(ASN1_F_ASN1_SIGN,
-                    ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
-            goto err;
-        }
-    }
-    inl = i2d(data, NULL);
-    buf_in = (unsigned char *)OPENSSL_malloc((unsigned int)inl);
-    outll = outl = EVP_PKEY_size(pkey);
-    buf_out = (unsigned char *)OPENSSL_malloc((unsigned int)outl);
-    if ((buf_in == NULL) || (buf_out == NULL)) {
-        outl = 0;
-        ASN1err(ASN1_F_ASN1_SIGN, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    p = buf_in;
-
-    i2d(data, &p);
-    if (!EVP_SignInit_ex(&ctx, type, NULL)
-        || !EVP_SignUpdate(&ctx, (unsigned char *)buf_in, inl)
-        || !EVP_SignFinal(&ctx, (unsigned char *)buf_out,
-                          (unsigned int *)&outl, pkey)) {
-        outl = 0;
-        ASN1err(ASN1_F_ASN1_SIGN, ERR_R_EVP_LIB);
-        goto err;
-    }
-    if (signature->data != NULL)
-        OPENSSL_free(signature->data);
-    signature->data = buf_out;
-    buf_out = NULL;
-    signature->length = outl;
-    /*
-     * In the interests of compatibility, I'll make sure that the bit string
-     * has a 'not-used bits' value of 0
-     */
-    signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
-    signature->flags |= ASN1_STRING_FLAG_BITS_LEFT;
- err:
-    EVP_MD_CTX_cleanup(&ctx);
-    if (buf_in != NULL) {
-        OPENSSL_cleanse((char *)buf_in, (unsigned int)inl);
-        OPENSSL_free(buf_in);
-    }
-    if (buf_out != NULL) {
-        OPENSSL_cleanse((char *)buf_out, outll);
-        OPENSSL_free(buf_out);
-    }
-    return (outl);
-}
-
-#endif
-
-int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1,
-                   X509_ALGOR *algor2, ASN1_BIT_STRING *signature, void *asn,
-                   EVP_PKEY *pkey, const EVP_MD *type)
-{
-    EVP_MD_CTX ctx;
-    EVP_MD_CTX_init(&ctx);
-    if (!EVP_DigestSignInit(&ctx, NULL, type, NULL, pkey)) {
-        EVP_MD_CTX_cleanup(&ctx);
-        return 0;
-    }
-    return ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, &ctx);
-}
-
-int ASN1_item_sign_ctx(const ASN1_ITEM *it,
-                       X509_ALGOR *algor1, X509_ALGOR *algor2,
-                       ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx)
-{
-    const EVP_MD *type;
-    EVP_PKEY *pkey;
-    unsigned char *buf_in = NULL, *buf_out = NULL;
-    size_t inl = 0, outl = 0, outll = 0;
-    int signid, paramtype;
-    int rv;
-
-    type = EVP_MD_CTX_md(ctx);
-    pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx);
-
-    if (!type || !pkey) {
-        ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED);
-        return 0;
-    }
-
-    if (pkey->ameth->item_sign) {
-        rv = pkey->ameth->item_sign(ctx, it, asn, algor1, algor2, signature);
-        if (rv == 1)
-            outl = signature->length;
-        /*-
-         * Return value meanings:
-         * <=0: error.
-         *   1: method does everything.
-         *   2: carry on as normal.
-         *   3: ASN1 method sets algorithm identifiers: just sign.
-         */
-        if (rv <= 0)
-            ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_EVP_LIB);
-        if (rv <= 1)
-            goto err;
-    } else
-        rv = 2;
-
-    if (rv == 2) {
-        if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
-            if (!pkey->ameth ||
-                !OBJ_find_sigid_by_algs(&signid,
-                                        EVP_MD_nid(type),
-                                        pkey->ameth->pkey_id)) {
-                ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,
-                        ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
-                return 0;
-            }
-        } else
-            signid = type->pkey_type;
-
-        if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL)
-            paramtype = V_ASN1_NULL;
-        else
-            paramtype = V_ASN1_UNDEF;
-
-        if (algor1)
-            X509_ALGOR_set0(algor1, OBJ_nid2obj(signid), paramtype, NULL);
-        if (algor2)
-            X509_ALGOR_set0(algor2, OBJ_nid2obj(signid), paramtype, NULL);
-
-    }
-
-    inl = ASN1_item_i2d(asn, &buf_in, it);
-    outll = outl = EVP_PKEY_size(pkey);
-    buf_out = OPENSSL_malloc((unsigned int)outl);
-    if ((buf_in == NULL) || (buf_out == NULL)) {
-        outl = 0;
-        ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (!EVP_DigestSignUpdate(ctx, buf_in, inl)
-        || !EVP_DigestSignFinal(ctx, buf_out, &outl)) {
-        outl = 0;
-        ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_EVP_LIB);
-        goto err;
-    }
-    if (signature->data != NULL)
-        OPENSSL_free(signature->data);
-    signature->data = buf_out;
-    buf_out = NULL;
-    signature->length = outl;
-    /*
-     * In the interests of compatibility, I'll make sure that the bit string
-     * has a 'not-used bits' value of 0
-     */
-    signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
-    signature->flags |= ASN1_STRING_FLAG_BITS_LEFT;
- err:
-    EVP_MD_CTX_cleanup(ctx);
-    if (buf_in != NULL) {
-        OPENSSL_cleanse((char *)buf_in, (unsigned int)inl);
-        OPENSSL_free(buf_in);
-    }
-    if (buf_out != NULL) {
-        OPENSSL_cleanse((char *)buf_out, outll);
-        OPENSSL_free(buf_out);
-    }
-    return (outl);
-}
diff --git a/thirdparty/openssl/crypto/asn1/a_strex.c b/thirdparty/openssl/crypto/asn1/a_strex.c
deleted file mode 100644
index 2d562f9345..0000000000
--- a/thirdparty/openssl/crypto/asn1/a_strex.c
+++ /dev/null
@@ -1,649 +0,0 @@
-/* a_strex.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "cryptlib.h"
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-
-#include "charmap.h"
-
-/*
- * ASN1_STRING_print_ex() and X509_NAME_print_ex(). Enhanced string and name
- * printing routines handling multibyte characters, RFC2253 and a host of
- * other options.
- */
-
-#define CHARTYPE_BS_ESC         (ASN1_STRFLGS_ESC_2253 | CHARTYPE_FIRST_ESC_2253 | CHARTYPE_LAST_ESC_2253)
-
-#define ESC_FLAGS (ASN1_STRFLGS_ESC_2253 | \
-                  ASN1_STRFLGS_ESC_QUOTE | \
-                  ASN1_STRFLGS_ESC_CTRL | \
-                  ASN1_STRFLGS_ESC_MSB)
-
-/*
- * Three IO functions for sending data to memory, a BIO and and a FILE
- * pointer.
- */
-#if 0                           /* never used */
-static int send_mem_chars(void *arg, const void *buf, int len)
-{
-    unsigned char **out = arg;
-    if (!out)
-        return 1;
-    memcpy(*out, buf, len);
-    *out += len;
-    return 1;
-}
-#endif
-
-static int send_bio_chars(void *arg, const void *buf, int len)
-{
-    if (!arg)
-        return 1;
-    if (BIO_write(arg, buf, len) != len)
-        return 0;
-    return 1;
-}
-
-static int send_fp_chars(void *arg, const void *buf, int len)
-{
-    if (!arg)
-        return 1;
-    if (fwrite(buf, 1, len, arg) != (unsigned int)len)
-        return 0;
-    return 1;
-}
-
-typedef int char_io (void *arg, const void *buf, int len);
-
-/*
- * This function handles display of strings, one character at a time. It is
- * passed an unsigned long for each character because it could come from 2 or
- * even 4 byte forms.
- */
-
-static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes,
-                       char_io *io_ch, void *arg)
-{
-    unsigned char chflgs, chtmp;
-    char tmphex[HEX_SIZE(long) + 3];
-
-    if (c > 0xffffffffL)
-        return -1;
-    if (c > 0xffff) {
-        BIO_snprintf(tmphex, sizeof tmphex, "\\W%08lX", c);
-        if (!io_ch(arg, tmphex, 10))
-            return -1;
-        return 10;
-    }
-    if (c > 0xff) {
-        BIO_snprintf(tmphex, sizeof tmphex, "\\U%04lX", c);
-        if (!io_ch(arg, tmphex, 6))
-            return -1;
-        return 6;
-    }
-    chtmp = (unsigned char)c;
-    if (chtmp > 0x7f)
-        chflgs = flags & ASN1_STRFLGS_ESC_MSB;
-    else
-        chflgs = char_type[chtmp] & flags;
-    if (chflgs & CHARTYPE_BS_ESC) {
-        /* If we don't escape with quotes, signal we need quotes */
-        if (chflgs & ASN1_STRFLGS_ESC_QUOTE) {
-            if (do_quotes)
-                *do_quotes = 1;
-            if (!io_ch(arg, &chtmp, 1))
-                return -1;
-            return 1;
-        }
-        if (!io_ch(arg, "\\", 1))
-            return -1;
-        if (!io_ch(arg, &chtmp, 1))
-            return -1;
-        return 2;
-    }
-    if (chflgs & (ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB)) {
-        BIO_snprintf(tmphex, 11, "\\%02X", chtmp);
-        if (!io_ch(arg, tmphex, 3))
-            return -1;
-        return 3;
-    }
-    /*
-     * If we get this far and do any escaping at all must escape the escape
-     * character itself: backslash.
-     */
-    if (chtmp == '\\' && flags & ESC_FLAGS) {
-        if (!io_ch(arg, "\\\\", 2))
-            return -1;
-        return 2;
-    }
-    if (!io_ch(arg, &chtmp, 1))
-        return -1;
-    return 1;
-}
-
-#define BUF_TYPE_WIDTH_MASK     0x7
-#define BUF_TYPE_CONVUTF8       0x8
-
-/*
- * This function sends each character in a buffer to do_esc_char(). It
- * interprets the content formats and converts to or from UTF8 as
- * appropriate.
- */
-
-static int do_buf(unsigned char *buf, int buflen,
-                  int type, unsigned char flags, char *quotes, char_io *io_ch,
-                  void *arg)
-{
-    int i, outlen, len;
-    unsigned char orflags, *p, *q;
-    unsigned long c;
-    p = buf;
-    q = buf + buflen;
-    outlen = 0;
-    while (p != q) {
-        if (p == buf && flags & ASN1_STRFLGS_ESC_2253)
-            orflags = CHARTYPE_FIRST_ESC_2253;
-        else
-            orflags = 0;
-        switch (type & BUF_TYPE_WIDTH_MASK) {
-        case 4:
-            c = ((unsigned long)*p++) << 24;
-            c |= ((unsigned long)*p++) << 16;
-            c |= ((unsigned long)*p++) << 8;
-            c |= *p++;
-            break;
-
-        case 2:
-            c = ((unsigned long)*p++) << 8;
-            c |= *p++;
-            break;
-
-        case 1:
-            c = *p++;
-            break;
-
-        case 0:
-            i = UTF8_getc(p, buflen, &c);
-            if (i < 0)
-                return -1;      /* Invalid UTF8String */
-            p += i;
-            break;
-        default:
-            return -1;          /* invalid width */
-        }
-        if (p == q && flags & ASN1_STRFLGS_ESC_2253)
-            orflags = CHARTYPE_LAST_ESC_2253;
-        if (type & BUF_TYPE_CONVUTF8) {
-            unsigned char utfbuf[6];
-            int utflen;
-            utflen = UTF8_putc(utfbuf, sizeof utfbuf, c);
-            for (i = 0; i < utflen; i++) {
-                /*
-                 * We don't need to worry about setting orflags correctly
-                 * because if utflen==1 its value will be correct anyway
-                 * otherwise each character will be > 0x7f and so the
-                 * character will never be escaped on first and last.
-                 */
-                len =
-                    do_esc_char(utfbuf[i], (unsigned char)(flags | orflags),
-                                quotes, io_ch, arg);
-                if (len < 0)
-                    return -1;
-                outlen += len;
-            }
-        } else {
-            len =
-                do_esc_char(c, (unsigned char)(flags | orflags), quotes,
-                            io_ch, arg);
-            if (len < 0)
-                return -1;
-            outlen += len;
-        }
-    }
-    return outlen;
-}
-
-/* This function hex dumps a buffer of characters */
-
-static int do_hex_dump(char_io *io_ch, void *arg, unsigned char *buf,
-                       int buflen)
-{
-    static const char hexdig[] = "0123456789ABCDEF";
-    unsigned char *p, *q;
-    char hextmp[2];
-    if (arg) {
-        p = buf;
-        q = buf + buflen;
-        while (p != q) {
-            hextmp[0] = hexdig[*p >> 4];
-            hextmp[1] = hexdig[*p & 0xf];
-            if (!io_ch(arg, hextmp, 2))
-                return -1;
-            p++;
-        }
-    }
-    return buflen << 1;
-}
-
-/*
- * "dump" a string. This is done when the type is unknown, or the flags
- * request it. We can either dump the content octets or the entire DER
- * encoding. This uses the RFC2253 #01234 format.
- */
-
-static int do_dump(unsigned long lflags, char_io *io_ch, void *arg,
-                   ASN1_STRING *str)
-{
-    /*
-     * Placing the ASN1_STRING in a temp ASN1_TYPE allows the DER encoding to
-     * readily obtained
-     */
-    ASN1_TYPE t;
-    unsigned char *der_buf, *p;
-    int outlen, der_len;
-
-    if (!io_ch(arg, "#", 1))
-        return -1;
-    /* If we don't dump DER encoding just dump content octets */
-    if (!(lflags & ASN1_STRFLGS_DUMP_DER)) {
-        outlen = do_hex_dump(io_ch, arg, str->data, str->length);
-        if (outlen < 0)
-            return -1;
-        return outlen + 1;
-    }
-    t.type = str->type;
-    t.value.ptr = (char *)str;
-    der_len = i2d_ASN1_TYPE(&t, NULL);
-    der_buf = OPENSSL_malloc(der_len);
-    if (!der_buf)
-        return -1;
-    p = der_buf;
-    i2d_ASN1_TYPE(&t, &p);
-    outlen = do_hex_dump(io_ch, arg, der_buf, der_len);
-    OPENSSL_free(der_buf);
-    if (outlen < 0)
-        return -1;
-    return outlen + 1;
-}
-
-/*
- * Lookup table to convert tags to character widths, 0 = UTF8 encoded, -1 is
- * used for non string types otherwise it is the number of bytes per
- * character
- */
-
-static const signed char tag2nbyte[] = {
-    -1, -1, -1, -1, -1,         /* 0-4 */
-    -1, -1, -1, -1, -1,         /* 5-9 */
-    -1, -1, 0, -1,              /* 10-13 */
-    -1, -1, -1, -1,             /* 15-17 */
-    1, 1, 1,                    /* 18-20 */
-    -1, 1, 1, 1,                /* 21-24 */
-    -1, 1, -1,                  /* 25-27 */
-    4, -1, 2                    /* 28-30 */
-};
-
-/*
- * This is the main function, print out an ASN1_STRING taking note of various
- * escape and display options. Returns number of characters written or -1 if
- * an error occurred.
- */
-
-static int do_print_ex(char_io *io_ch, void *arg, unsigned long lflags,
-                       ASN1_STRING *str)
-{
-    int outlen, len;
-    int type;
-    char quotes;
-    unsigned char flags;
-    quotes = 0;
-    /* Keep a copy of escape flags */
-    flags = (unsigned char)(lflags & ESC_FLAGS);
-
-    type = str->type;
-
-    outlen = 0;
-
-    if (lflags & ASN1_STRFLGS_SHOW_TYPE) {
-        const char *tagname;
-        tagname = ASN1_tag2str(type);
-        outlen += strlen(tagname);
-        if (!io_ch(arg, tagname, outlen) || !io_ch(arg, ":", 1))
-            return -1;
-        outlen++;
-    }
-
-    /* Decide what to do with type, either dump content or display it */
-
-    /* Dump everything */
-    if (lflags & ASN1_STRFLGS_DUMP_ALL)
-        type = -1;
-    /* Ignore the string type */
-    else if (lflags & ASN1_STRFLGS_IGNORE_TYPE)
-        type = 1;
-    else {
-        /* Else determine width based on type */
-        if ((type > 0) && (type < 31))
-            type = tag2nbyte[type];
-        else
-            type = -1;
-        if ((type == -1) && !(lflags & ASN1_STRFLGS_DUMP_UNKNOWN))
-            type = 1;
-    }
-
-    if (type == -1) {
-        len = do_dump(lflags, io_ch, arg, str);
-        if (len < 0)
-            return -1;
-        outlen += len;
-        return outlen;
-    }
-
-    if (lflags & ASN1_STRFLGS_UTF8_CONVERT) {
-        /*
-         * Note: if string is UTF8 and we want to convert to UTF8 then we
-         * just interpret it as 1 byte per character to avoid converting
-         * twice.
-         */
-        if (!type)
-            type = 1;
-        else
-            type |= BUF_TYPE_CONVUTF8;
-    }
-
-    len = do_buf(str->data, str->length, type, flags, &quotes, io_ch, NULL);
-    if (len < 0)
-        return -1;
-    outlen += len;
-    if (quotes)
-        outlen += 2;
-    if (!arg)
-        return outlen;
-    if (quotes && !io_ch(arg, "\"", 1))
-        return -1;
-    if (do_buf(str->data, str->length, type, flags, NULL, io_ch, arg) < 0)
-        return -1;
-    if (quotes && !io_ch(arg, "\"", 1))
-        return -1;
-    return outlen;
-}
-
-/* Used for line indenting: print 'indent' spaces */
-
-static int do_indent(char_io *io_ch, void *arg, int indent)
-{
-    int i;
-    for (i = 0; i < indent; i++)
-        if (!io_ch(arg, " ", 1))
-            return 0;
-    return 1;
-}
-
-#define FN_WIDTH_LN     25
-#define FN_WIDTH_SN     10
-
-static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n,
-                      int indent, unsigned long flags)
-{
-    int i, prev = -1, orflags, cnt;
-    int fn_opt, fn_nid;
-    ASN1_OBJECT *fn;
-    ASN1_STRING *val;
-    X509_NAME_ENTRY *ent;
-    char objtmp[80];
-    const char *objbuf;
-    int outlen, len;
-    char *sep_dn, *sep_mv, *sep_eq;
-    int sep_dn_len, sep_mv_len, sep_eq_len;
-    if (indent < 0)
-        indent = 0;
-    outlen = indent;
-    if (!do_indent(io_ch, arg, indent))
-        return -1;
-    switch (flags & XN_FLAG_SEP_MASK) {
-    case XN_FLAG_SEP_MULTILINE:
-        sep_dn = "\n";
-        sep_dn_len = 1;
-        sep_mv = " + ";
-        sep_mv_len = 3;
-        break;
-
-    case XN_FLAG_SEP_COMMA_PLUS:
-        sep_dn = ",";
-        sep_dn_len = 1;
-        sep_mv = "+";
-        sep_mv_len = 1;
-        indent = 0;
-        break;
-
-    case XN_FLAG_SEP_CPLUS_SPC:
-        sep_dn = ", ";
-        sep_dn_len = 2;
-        sep_mv = " + ";
-        sep_mv_len = 3;
-        indent = 0;
-        break;
-
-    case XN_FLAG_SEP_SPLUS_SPC:
-        sep_dn = "; ";
-        sep_dn_len = 2;
-        sep_mv = " + ";
-        sep_mv_len = 3;
-        indent = 0;
-        break;
-
-    default:
-        return -1;
-    }
-
-    if (flags & XN_FLAG_SPC_EQ) {
-        sep_eq = " = ";
-        sep_eq_len = 3;
-    } else {
-        sep_eq = "=";
-        sep_eq_len = 1;
-    }
-
-    fn_opt = flags & XN_FLAG_FN_MASK;
-
-    cnt = X509_NAME_entry_count(n);
-    for (i = 0; i < cnt; i++) {
-        if (flags & XN_FLAG_DN_REV)
-            ent = X509_NAME_get_entry(n, cnt - i - 1);
-        else
-            ent = X509_NAME_get_entry(n, i);
-        if (prev != -1) {
-            if (prev == ent->set) {
-                if (!io_ch(arg, sep_mv, sep_mv_len))
-                    return -1;
-                outlen += sep_mv_len;
-            } else {
-                if (!io_ch(arg, sep_dn, sep_dn_len))
-                    return -1;
-                outlen += sep_dn_len;
-                if (!do_indent(io_ch, arg, indent))
-                    return -1;
-                outlen += indent;
-            }
-        }
-        prev = ent->set;
-        fn = X509_NAME_ENTRY_get_object(ent);
-        val = X509_NAME_ENTRY_get_data(ent);
-        fn_nid = OBJ_obj2nid(fn);
-        if (fn_opt != XN_FLAG_FN_NONE) {
-            int objlen, fld_len;
-            if ((fn_opt == XN_FLAG_FN_OID) || (fn_nid == NID_undef)) {
-                OBJ_obj2txt(objtmp, sizeof objtmp, fn, 1);
-                fld_len = 0;    /* XXX: what should this be? */
-                objbuf = objtmp;
-            } else {
-                if (fn_opt == XN_FLAG_FN_SN) {
-                    fld_len = FN_WIDTH_SN;
-                    objbuf = OBJ_nid2sn(fn_nid);
-                } else if (fn_opt == XN_FLAG_FN_LN) {
-                    fld_len = FN_WIDTH_LN;
-                    objbuf = OBJ_nid2ln(fn_nid);
-                } else {
-                    fld_len = 0; /* XXX: what should this be? */
-                    objbuf = "";
-                }
-            }
-            objlen = strlen(objbuf);
-            if (!io_ch(arg, objbuf, objlen))
-                return -1;
-            if ((objlen < fld_len) && (flags & XN_FLAG_FN_ALIGN)) {
-                if (!do_indent(io_ch, arg, fld_len - objlen))
-                    return -1;
-                outlen += fld_len - objlen;
-            }
-            if (!io_ch(arg, sep_eq, sep_eq_len))
-                return -1;
-            outlen += objlen + sep_eq_len;
-        }
-        /*
-         * If the field name is unknown then fix up the DER dump flag. We
-         * might want to limit this further so it will DER dump on anything
-         * other than a few 'standard' fields.
-         */
-        if ((fn_nid == NID_undef) && (flags & XN_FLAG_DUMP_UNKNOWN_FIELDS))
-            orflags = ASN1_STRFLGS_DUMP_ALL;
-        else
-            orflags = 0;
-
-        len = do_print_ex(io_ch, arg, flags | orflags, val);
-        if (len < 0)
-            return -1;
-        outlen += len;
-    }
-    return outlen;
-}
-
-/* Wrappers round the main functions */
-
-int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent,
-                       unsigned long flags)
-{
-    if (flags == XN_FLAG_COMPAT)
-        return X509_NAME_print(out, nm, indent);
-    return do_name_ex(send_bio_chars, out, nm, indent, flags);
-}
-
-#ifndef OPENSSL_NO_FP_API
-int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent,
-                          unsigned long flags)
-{
-    if (flags == XN_FLAG_COMPAT) {
-        BIO *btmp;
-        int ret;
-        btmp = BIO_new_fp(fp, BIO_NOCLOSE);
-        if (!btmp)
-            return -1;
-        ret = X509_NAME_print(btmp, nm, indent);
-        BIO_free(btmp);
-        return ret;
-    }
-    return do_name_ex(send_fp_chars, fp, nm, indent, flags);
-}
-#endif
-
-int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags)
-{
-    return do_print_ex(send_bio_chars, out, flags, str);
-}
-
-#ifndef OPENSSL_NO_FP_API
-int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags)
-{
-    return do_print_ex(send_fp_chars, fp, flags, str);
-}
-#endif
-
-/*
- * Utility function: convert any string type to UTF8, returns number of bytes
- * in output string or a negative error code
- */
-
-int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in)
-{
-    ASN1_STRING stmp, *str = &stmp;
-    int mbflag, type, ret;
-    if (!in)
-        return -1;
-    type = in->type;
-    if ((type < 0) || (type > 30))
-        return -1;
-    mbflag = tag2nbyte[type];
-    if (mbflag == -1)
-        return -1;
-    mbflag |= MBSTRING_FLAG;
-    stmp.data = NULL;
-    stmp.length = 0;
-    stmp.flags = 0;
-    ret =
-        ASN1_mbstring_copy(&str, in->data, in->length, mbflag,
-                           B_ASN1_UTF8STRING);
-    if (ret < 0)
-        return ret;
-    *out = stmp.data;
-    return stmp.length;
-}
diff --git a/thirdparty/openssl/crypto/asn1/a_strnid.c b/thirdparty/openssl/crypto/asn1/a_strnid.c
deleted file mode 100644
index 99ffe73787..0000000000
--- a/thirdparty/openssl/crypto/asn1/a_strnid.c
+++ /dev/null
@@ -1,315 +0,0 @@
-/* a_strnid.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-
-static STACK_OF(ASN1_STRING_TABLE) *stable = NULL;
-static void st_free(ASN1_STRING_TABLE *tbl);
-static int sk_table_cmp(const ASN1_STRING_TABLE *const *a,
-                        const ASN1_STRING_TABLE *const *b);
-
-/*
- * This is the global mask for the mbstring functions: this is use to mask
- * out certain types (such as BMPString and UTF8String) because certain
- * software (e.g. Netscape) has problems with them.
- */
-
-static unsigned long global_mask = B_ASN1_UTF8STRING;
-
-void ASN1_STRING_set_default_mask(unsigned long mask)
-{
-    global_mask = mask;
-}
-
-unsigned long ASN1_STRING_get_default_mask(void)
-{
-    return global_mask;
-}
-
-/*-
- * This function sets the default to various "flavours" of configuration.
- * based on an ASCII string. Currently this is:
- * MASK:XXXX : a numerical mask value.
- * nobmp : Don't use BMPStrings (just Printable, T61).
- * pkix : PKIX recommendation in RFC2459.
- * utf8only : only use UTF8Strings (RFC2459 recommendation for 2004).
- * default:   the default value, Printable, T61, BMP.
- */
-
-int ASN1_STRING_set_default_mask_asc(const char *p)
-{
-    unsigned long mask;
-    char *end;
-    if (!strncmp(p, "MASK:", 5)) {
-        if (!p[5])
-            return 0;
-        mask = strtoul(p + 5, &end, 0);
-        if (*end)
-            return 0;
-    } else if (!strcmp(p, "nombstr"))
-        mask = ~((unsigned long)(B_ASN1_BMPSTRING | B_ASN1_UTF8STRING));
-    else if (!strcmp(p, "pkix"))
-        mask = ~((unsigned long)B_ASN1_T61STRING);
-    else if (!strcmp(p, "utf8only"))
-        mask = B_ASN1_UTF8STRING;
-    else if (!strcmp(p, "default"))
-        mask = 0xFFFFFFFFL;
-    else
-        return 0;
-    ASN1_STRING_set_default_mask(mask);
-    return 1;
-}
-
-/*
- * The following function generates an ASN1_STRING based on limits in a
- * table. Frequently the types and length of an ASN1_STRING are restricted by
- * a corresponding OID. For example certificates and certificate requests.
- */
-
-ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,
-                                    const unsigned char *in, int inlen,
-                                    int inform, int nid)
-{
-    ASN1_STRING_TABLE *tbl;
-    ASN1_STRING *str = NULL;
-    unsigned long mask;
-    int ret;
-    if (!out)
-        out = &str;
-    tbl = ASN1_STRING_TABLE_get(nid);
-    if (tbl) {
-        mask = tbl->mask;
-        if (!(tbl->flags & STABLE_NO_MASK))
-            mask &= global_mask;
-        ret = ASN1_mbstring_ncopy(out, in, inlen, inform, mask,
-                                  tbl->minsize, tbl->maxsize);
-    } else
-        ret =
-            ASN1_mbstring_copy(out, in, inlen, inform,
-                               DIRSTRING_TYPE & global_mask);
-    if (ret <= 0)
-        return NULL;
-    return *out;
-}
-
-/*
- * Now the tables and helper functions for the string table:
- */
-
-/* size limits: this stuff is taken straight from RFC3280 */
-
-#define ub_name                         32768
-#define ub_common_name                  64
-#define ub_locality_name                128
-#define ub_state_name                   128
-#define ub_organization_name            64
-#define ub_organization_unit_name       64
-#define ub_title                        64
-#define ub_email_address                128
-#define ub_serial_number                64
-
-/* This table must be kept in NID order */
-
-static const ASN1_STRING_TABLE tbl_standard[] = {
-    {NID_commonName, 1, ub_common_name, DIRSTRING_TYPE, 0},
-    {NID_countryName, 2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
-    {NID_localityName, 1, ub_locality_name, DIRSTRING_TYPE, 0},
-    {NID_stateOrProvinceName, 1, ub_state_name, DIRSTRING_TYPE, 0},
-    {NID_organizationName, 1, ub_organization_name, DIRSTRING_TYPE, 0},
-    {NID_organizationalUnitName, 1, ub_organization_unit_name, DIRSTRING_TYPE,
-     0},
-    {NID_pkcs9_emailAddress, 1, ub_email_address, B_ASN1_IA5STRING,
-     STABLE_NO_MASK},
-    {NID_pkcs9_unstructuredName, 1, -1, PKCS9STRING_TYPE, 0},
-    {NID_pkcs9_challengePassword, 1, -1, PKCS9STRING_TYPE, 0},
-    {NID_pkcs9_unstructuredAddress, 1, -1, DIRSTRING_TYPE, 0},
-    {NID_givenName, 1, ub_name, DIRSTRING_TYPE, 0},
-    {NID_surname, 1, ub_name, DIRSTRING_TYPE, 0},
-    {NID_initials, 1, ub_name, DIRSTRING_TYPE, 0},
-    {NID_serialNumber, 1, ub_serial_number, B_ASN1_PRINTABLESTRING,
-     STABLE_NO_MASK},
-    {NID_friendlyName, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK},
-    {NID_name, 1, ub_name, DIRSTRING_TYPE, 0},
-    {NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
-    {NID_domainComponent, 1, -1, B_ASN1_IA5STRING, STABLE_NO_MASK},
-    {NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK},
-    {NID_jurisdictionCountryName, 2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}
-};
-
-static int sk_table_cmp(const ASN1_STRING_TABLE *const *a,
-                        const ASN1_STRING_TABLE *const *b)
-{
-    return (*a)->nid - (*b)->nid;
-}
-
-DECLARE_OBJ_BSEARCH_CMP_FN(ASN1_STRING_TABLE, ASN1_STRING_TABLE, table);
-
-static int table_cmp(const ASN1_STRING_TABLE *a, const ASN1_STRING_TABLE *b)
-{
-    return a->nid - b->nid;
-}
-
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(ASN1_STRING_TABLE, ASN1_STRING_TABLE, table);
-
-ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid)
-{
-    int idx;
-    ASN1_STRING_TABLE *ttmp;
-    ASN1_STRING_TABLE fnd;
-    fnd.nid = nid;
-    ttmp = OBJ_bsearch_table(&fnd, tbl_standard,
-                             sizeof(tbl_standard) /
-                             sizeof(ASN1_STRING_TABLE));
-    if (ttmp)
-        return ttmp;
-    if (!stable)
-        return NULL;
-    idx = sk_ASN1_STRING_TABLE_find(stable, &fnd);
-    if (idx < 0)
-        return NULL;
-    return sk_ASN1_STRING_TABLE_value(stable, idx);
-}
-
-int ASN1_STRING_TABLE_add(int nid,
-                          long minsize, long maxsize, unsigned long mask,
-                          unsigned long flags)
-{
-    ASN1_STRING_TABLE *tmp;
-    char new_nid = 0;
-    flags &= ~STABLE_FLAGS_MALLOC;
-    if (!stable)
-        stable = sk_ASN1_STRING_TABLE_new(sk_table_cmp);
-    if (!stable) {
-        ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    if (!(tmp = ASN1_STRING_TABLE_get(nid))) {
-        tmp = OPENSSL_malloc(sizeof(ASN1_STRING_TABLE));
-        if (!tmp) {
-            ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-        tmp->flags = flags | STABLE_FLAGS_MALLOC;
-        tmp->nid = nid;
-        tmp->minsize = tmp->maxsize = -1;
-        new_nid = 1;
-    } else
-        tmp->flags = (tmp->flags & STABLE_FLAGS_MALLOC) | flags;
-    if (minsize != -1)
-        tmp->minsize = minsize;
-    if (maxsize != -1)
-        tmp->maxsize = maxsize;
-    tmp->mask = mask;
-    if (new_nid)
-        sk_ASN1_STRING_TABLE_push(stable, tmp);
-    return 1;
-}
-
-void ASN1_STRING_TABLE_cleanup(void)
-{
-    STACK_OF(ASN1_STRING_TABLE) *tmp;
-    tmp = stable;
-    if (!tmp)
-        return;
-    stable = NULL;
-    sk_ASN1_STRING_TABLE_pop_free(tmp, st_free);
-}
-
-static void st_free(ASN1_STRING_TABLE *tbl)
-{
-    if (tbl->flags & STABLE_FLAGS_MALLOC)
-        OPENSSL_free(tbl);
-}
-
-
-IMPLEMENT_STACK_OF(ASN1_STRING_TABLE)
-
-#ifdef STRING_TABLE_TEST
-
-main()
-{
-    ASN1_STRING_TABLE *tmp;
-    int i, last_nid = -1;
-
-    for (tmp = tbl_standard, i = 0;
-         i < sizeof(tbl_standard) / sizeof(ASN1_STRING_TABLE); i++, tmp++) {
-        if (tmp->nid < last_nid) {
-            last_nid = 0;
-            break;
-        }
-        last_nid = tmp->nid;
-    }
-
-    if (last_nid != 0) {
-        printf("Table order OK\n");
-        exit(0);
-    }
-
-    for (tmp = tbl_standard, i = 0;
-         i < sizeof(tbl_standard) / sizeof(ASN1_STRING_TABLE); i++, tmp++)
-        printf("Index %d, NID %d, Name=%s\n", i, tmp->nid,
-               OBJ_nid2ln(tmp->nid));
-
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/asn1/a_time.c b/thirdparty/openssl/crypto/asn1/a_time.c
deleted file mode 100644
index 0eeb79cd42..0000000000
--- a/thirdparty/openssl/crypto/asn1/a_time.c
+++ /dev/null
@@ -1,236 +0,0 @@
-/* crypto/asn1/a_time.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*-
- * This is an implementation of the ASN1 Time structure which is:
- *    Time ::= CHOICE {
- *      utcTime        UTCTime,
- *      generalTime    GeneralizedTime }
- * written by Steve Henson.
- */
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include "o_time.h"
-#include <openssl/asn1t.h>
-#include "asn1_locl.h"
-
-IMPLEMENT_ASN1_MSTRING(ASN1_TIME, B_ASN1_TIME)
-
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_TIME)
-
-#if 0
-int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp)
-{
-# ifdef CHARSET_EBCDIC
-    /* KLUDGE! We convert to ascii before writing DER */
-    char tmp[24];
-    ASN1_STRING tmpstr;
-
-    if (a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME) {
-        int len;
-
-        tmpstr = *(ASN1_STRING *)a;
-        len = tmpstr.length;
-        ebcdic2ascii(tmp, tmpstr.data,
-                     (len >= sizeof tmp) ? sizeof tmp : len);
-        tmpstr.data = tmp;
-        a = (ASN1_GENERALIZEDTIME *)&tmpstr;
-    }
-# endif
-    if (a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME)
-        return (i2d_ASN1_bytes((ASN1_STRING *)a, pp,
-                               a->type, V_ASN1_UNIVERSAL));
-    ASN1err(ASN1_F_I2D_ASN1_TIME, ASN1_R_EXPECTING_A_TIME);
-    return -1;
-}
-#endif
-
-ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t)
-{
-    return ASN1_TIME_adj(s, t, 0, 0);
-}
-
-ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t,
-                         int offset_day, long offset_sec)
-{
-    struct tm *ts;
-    struct tm data;
-
-    ts = OPENSSL_gmtime(&t, &data);
-    if (ts == NULL) {
-        ASN1err(ASN1_F_ASN1_TIME_ADJ, ASN1_R_ERROR_GETTING_TIME);
-        return NULL;
-    }
-    if (offset_day || offset_sec) {
-        if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
-            return NULL;
-    }
-    if ((ts->tm_year >= 50) && (ts->tm_year < 150))
-        return ASN1_UTCTIME_adj(s, t, offset_day, offset_sec);
-    return ASN1_GENERALIZEDTIME_adj(s, t, offset_day, offset_sec);
-}
-
-int ASN1_TIME_check(ASN1_TIME *t)
-{
-    if (t->type == V_ASN1_GENERALIZEDTIME)
-        return ASN1_GENERALIZEDTIME_check(t);
-    else if (t->type == V_ASN1_UTCTIME)
-        return ASN1_UTCTIME_check(t);
-    return 0;
-}
-
-/* Convert an ASN1_TIME structure to GeneralizedTime */
-ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
-                                                   ASN1_GENERALIZEDTIME **out)
-{
-    ASN1_GENERALIZEDTIME *ret = NULL;
-    char *str;
-    int newlen;
-
-    if (!ASN1_TIME_check(t))
-        return NULL;
-
-    if (!out || !*out) {
-        if (!(ret = ASN1_GENERALIZEDTIME_new()))
-            goto err;
-    } else {
-        ret = *out;
-    }
-
-    /* If already GeneralizedTime just copy across */
-    if (t->type == V_ASN1_GENERALIZEDTIME) {
-        if (!ASN1_STRING_set(ret, t->data, t->length))
-            goto err;
-        goto done;
-    }
-
-    /* grow the string */
-    if (!ASN1_STRING_set(ret, NULL, t->length + 2))
-        goto err;
-    /* ASN1_STRING_set() allocated 'len + 1' bytes. */
-    newlen = t->length + 2 + 1;
-    str = (char *)ret->data;
-    /* Work out the century and prepend */
-    if (t->data[0] >= '5')
-        BUF_strlcpy(str, "19", newlen);
-    else
-        BUF_strlcpy(str, "20", newlen);
-
-    BUF_strlcat(str, (char *)t->data, newlen);
-
- done:
-   if (out != NULL && *out == NULL)
-       *out = ret;
-   return ret;
-
- err:
-    if (out == NULL || *out != ret)
-        ASN1_GENERALIZEDTIME_free(ret);
-    return NULL;
-}
-
-
-int ASN1_TIME_set_string(ASN1_TIME *s, const char *str)
-{
-    ASN1_TIME t;
-
-    t.length = strlen(str);
-    t.data = (unsigned char *)str;
-    t.flags = 0;
-
-    t.type = V_ASN1_UTCTIME;
-
-    if (!ASN1_TIME_check(&t)) {
-        t.type = V_ASN1_GENERALIZEDTIME;
-        if (!ASN1_TIME_check(&t))
-            return 0;
-    }
-
-    if (s && !ASN1_STRING_copy((ASN1_STRING *)s, (ASN1_STRING *)&t))
-        return 0;
-
-    return 1;
-}
-
-static int asn1_time_to_tm(struct tm *tm, const ASN1_TIME *t)
-{
-    if (t == NULL) {
-        time_t now_t;
-        time(&now_t);
-        if (OPENSSL_gmtime(&now_t, tm))
-            return 1;
-        return 0;
-    }
-
-    if (t->type == V_ASN1_UTCTIME)
-        return asn1_utctime_to_tm(tm, t);
-    else if (t->type == V_ASN1_GENERALIZEDTIME)
-        return asn1_generalizedtime_to_tm(tm, t);
-
-    return 0;
-}
-
-int ASN1_TIME_diff(int *pday, int *psec,
-                   const ASN1_TIME *from, const ASN1_TIME *to)
-{
-    struct tm tm_from, tm_to;
-    if (!asn1_time_to_tm(&tm_from, from))
-        return 0;
-    if (!asn1_time_to_tm(&tm_to, to))
-        return 0;
-    return OPENSSL_gmtime_diff(pday, psec, &tm_from, &tm_to);
-}
diff --git a/thirdparty/openssl/crypto/asn1/a_type.c b/thirdparty/openssl/crypto/asn1/a_type.c
deleted file mode 100644
index bb166e8568..0000000000
--- a/thirdparty/openssl/crypto/asn1/a_type.c
+++ /dev/null
@@ -1,155 +0,0 @@
-/* crypto/asn1/a_type.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/objects.h>
-
-int ASN1_TYPE_get(ASN1_TYPE *a)
-{
-    if ((a->value.ptr != NULL) || (a->type == V_ASN1_NULL))
-        return (a->type);
-    else
-        return (0);
-}
-
-void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
-{
-    if (a->value.ptr != NULL) {
-        ASN1_TYPE **tmp_a = &a;
-        ASN1_primitive_free((ASN1_VALUE **)tmp_a, NULL);
-    }
-    a->type = type;
-    if (type == V_ASN1_BOOLEAN)
-        a->value.boolean = value ? 0xff : 0;
-    else
-        a->value.ptr = value;
-}
-
-int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value)
-{
-    if (!value || (type == V_ASN1_BOOLEAN)) {
-        void *p = (void *)value;
-        ASN1_TYPE_set(a, type, p);
-    } else if (type == V_ASN1_OBJECT) {
-        ASN1_OBJECT *odup;
-        odup = OBJ_dup(value);
-        if (!odup)
-            return 0;
-        ASN1_TYPE_set(a, type, odup);
-    } else {
-        ASN1_STRING *sdup;
-        sdup = ASN1_STRING_dup(value);
-        if (!sdup)
-            return 0;
-        ASN1_TYPE_set(a, type, sdup);
-    }
-    return 1;
-}
-
-IMPLEMENT_STACK_OF(ASN1_TYPE)
-
-IMPLEMENT_ASN1_SET_OF(ASN1_TYPE)
-
-/* Returns 0 if they are equal, != 0 otherwise. */
-int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b)
-{
-    int result = -1;
-
-    if (!a || !b || a->type != b->type)
-        return -1;
-
-    switch (a->type) {
-    case V_ASN1_OBJECT:
-        result = OBJ_cmp(a->value.object, b->value.object);
-        break;
-    case V_ASN1_BOOLEAN:
-        result = a->value.boolean - b->value.boolean;
-        break;
-    case V_ASN1_NULL:
-        result = 0;             /* They do not have content. */
-        break;
-    case V_ASN1_INTEGER:
-    case V_ASN1_ENUMERATED:
-    case V_ASN1_BIT_STRING:
-    case V_ASN1_OCTET_STRING:
-    case V_ASN1_SEQUENCE:
-    case V_ASN1_SET:
-    case V_ASN1_NUMERICSTRING:
-    case V_ASN1_PRINTABLESTRING:
-    case V_ASN1_T61STRING:
-    case V_ASN1_VIDEOTEXSTRING:
-    case V_ASN1_IA5STRING:
-    case V_ASN1_UTCTIME:
-    case V_ASN1_GENERALIZEDTIME:
-    case V_ASN1_GRAPHICSTRING:
-    case V_ASN1_VISIBLESTRING:
-    case V_ASN1_GENERALSTRING:
-    case V_ASN1_UNIVERSALSTRING:
-    case V_ASN1_BMPSTRING:
-    case V_ASN1_UTF8STRING:
-    case V_ASN1_OTHER:
-    default:
-        result = ASN1_STRING_cmp((ASN1_STRING *)a->value.ptr,
-                                 (ASN1_STRING *)b->value.ptr);
-        break;
-    }
-
-    return result;
-}
diff --git a/thirdparty/openssl/crypto/asn1/a_utctm.c b/thirdparty/openssl/crypto/asn1/a_utctm.c
deleted file mode 100644
index 0344482cc2..0000000000
--- a/thirdparty/openssl/crypto/asn1/a_utctm.c
+++ /dev/null
@@ -1,352 +0,0 @@
-/* crypto/asn1/a_utctm.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include "o_time.h"
-#include <openssl/asn1.h>
-#include "asn1_locl.h"
-
-#if 0
-int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **pp)
-{
-# ifndef CHARSET_EBCDIC
-    return (i2d_ASN1_bytes((ASN1_STRING *)a, pp,
-                           V_ASN1_UTCTIME, V_ASN1_UNIVERSAL));
-# else
-    /* KLUDGE! We convert to ascii before writing DER */
-    int len;
-    char tmp[24];
-    ASN1_STRING x = *(ASN1_STRING *)a;
-
-    len = x.length;
-    ebcdic2ascii(tmp, x.data, (len >= sizeof tmp) ? sizeof tmp : len);
-    x.data = tmp;
-    return i2d_ASN1_bytes(&x, pp, V_ASN1_UTCTIME, V_ASN1_UNIVERSAL);
-# endif
-}
-
-ASN1_UTCTIME *d2i_ASN1_UTCTIME(ASN1_UTCTIME **a, unsigned char **pp,
-                               long length)
-{
-    ASN1_UTCTIME *ret = NULL;
-
-    ret = (ASN1_UTCTIME *)d2i_ASN1_bytes((ASN1_STRING **)a, pp, length,
-                                         V_ASN1_UTCTIME, V_ASN1_UNIVERSAL);
-    if (ret == NULL) {
-        ASN1err(ASN1_F_D2I_ASN1_UTCTIME, ERR_R_NESTED_ASN1_ERROR);
-        return (NULL);
-    }
-# ifdef CHARSET_EBCDIC
-    ascii2ebcdic(ret->data, ret->data, ret->length);
-# endif
-    if (!ASN1_UTCTIME_check(ret)) {
-        ASN1err(ASN1_F_D2I_ASN1_UTCTIME, ASN1_R_INVALID_TIME_FORMAT);
-        goto err;
-    }
-
-    return (ret);
- err:
-    if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-        M_ASN1_UTCTIME_free(ret);
-    return (NULL);
-}
-
-#endif
-
-int asn1_utctime_to_tm(struct tm *tm, const ASN1_UTCTIME *d)
-{
-    static const int min[8] = { 0, 1, 1, 0, 0, 0, 0, 0 };
-    static const int max[8] = { 99, 12, 31, 23, 59, 59, 12, 59 };
-    char *a;
-    int n, i, l, o;
-
-    if (d->type != V_ASN1_UTCTIME)
-        return (0);
-    l = d->length;
-    a = (char *)d->data;
-    o = 0;
-
-    if (l < 11)
-        goto err;
-    for (i = 0; i < 6; i++) {
-        if ((i == 5) && ((a[o] == 'Z') || (a[o] == '+') || (a[o] == '-'))) {
-            i++;
-            if (tm)
-                tm->tm_sec = 0;
-            break;
-        }
-        if ((a[o] < '0') || (a[o] > '9'))
-            goto err;
-        n = a[o] - '0';
-        if (++o > l)
-            goto err;
-
-        if ((a[o] < '0') || (a[o] > '9'))
-            goto err;
-        n = (n * 10) + a[o] - '0';
-        if (++o > l)
-            goto err;
-
-        if ((n < min[i]) || (n > max[i]))
-            goto err;
-        if (tm) {
-            switch (i) {
-            case 0:
-                tm->tm_year = n < 50 ? n + 100 : n;
-                break;
-            case 1:
-                tm->tm_mon = n - 1;
-                break;
-            case 2:
-                tm->tm_mday = n;
-                break;
-            case 3:
-                tm->tm_hour = n;
-                break;
-            case 4:
-                tm->tm_min = n;
-                break;
-            case 5:
-                tm->tm_sec = n;
-                break;
-            }
-        }
-    }
-    if (a[o] == 'Z')
-        o++;
-    else if ((a[o] == '+') || (a[o] == '-')) {
-        int offsign = a[o] == '-' ? 1 : -1, offset = 0;
-        o++;
-        if (o + 4 > l)
-            goto err;
-        for (i = 6; i < 8; i++) {
-            if ((a[o] < '0') || (a[o] > '9'))
-                goto err;
-            n = a[o] - '0';
-            o++;
-            if ((a[o] < '0') || (a[o] > '9'))
-                goto err;
-            n = (n * 10) + a[o] - '0';
-            if ((n < min[i]) || (n > max[i]))
-                goto err;
-            if (tm) {
-                if (i == 6)
-                    offset = n * 3600;
-                else if (i == 7)
-                    offset += n * 60;
-            }
-            o++;
-        }
-        if (offset && !OPENSSL_gmtime_adj(tm, 0, offset * offsign))
-            return 0;
-    }
-    return o == l;
- err:
-    return 0;
-}
-
-int ASN1_UTCTIME_check(const ASN1_UTCTIME *d)
-{
-    return asn1_utctime_to_tm(NULL, d);
-}
-
-int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str)
-{
-    ASN1_UTCTIME t;
-
-    t.type = V_ASN1_UTCTIME;
-    t.length = strlen(str);
-    t.data = (unsigned char *)str;
-    if (ASN1_UTCTIME_check(&t)) {
-        if (s != NULL) {
-            if (!ASN1_STRING_set((ASN1_STRING *)s,
-                                 (unsigned char *)str, t.length))
-                return 0;
-            s->type = V_ASN1_UTCTIME;
-        }
-        return (1);
-    } else
-        return (0);
-}
-
-ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
-{
-    return ASN1_UTCTIME_adj(s, t, 0, 0);
-}
-
-ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
-                               int offset_day, long offset_sec)
-{
-    char *p;
-    struct tm *ts;
-    struct tm data;
-    size_t len = 20;
-    int free_s = 0;
-
-    if (s == NULL) {
-        free_s = 1;
-        s = M_ASN1_UTCTIME_new();
-    }
-    if (s == NULL)
-        goto err;
-
-    ts = OPENSSL_gmtime(&t, &data);
-    if (ts == NULL)
-        goto err;
-
-    if (offset_day || offset_sec) {
-        if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
-            goto err;
-    }
-
-    if ((ts->tm_year < 50) || (ts->tm_year >= 150))
-        goto err;
-
-    p = (char *)s->data;
-    if ((p == NULL) || ((size_t)s->length < len)) {
-        p = OPENSSL_malloc(len);
-        if (p == NULL) {
-            ASN1err(ASN1_F_ASN1_UTCTIME_ADJ, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        if (s->data != NULL)
-            OPENSSL_free(s->data);
-        s->data = (unsigned char *)p;
-    }
-
-    BIO_snprintf(p, len, "%02d%02d%02d%02d%02d%02dZ", ts->tm_year % 100,
-                 ts->tm_mon + 1, ts->tm_mday, ts->tm_hour, ts->tm_min,
-                 ts->tm_sec);
-    s->length = strlen(p);
-    s->type = V_ASN1_UTCTIME;
-#ifdef CHARSET_EBCDIC_not
-    ebcdic2ascii(s->data, s->data, s->length);
-#endif
-    return (s);
- err:
-    if (free_s && s)
-        M_ASN1_UTCTIME_free(s);
-    return NULL;
-}
-
-int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
-{
-    struct tm stm, ttm;
-    int day, sec;
-
-    if (!asn1_utctime_to_tm(&stm, s))
-        return -2;
-
-    if (!OPENSSL_gmtime(&t, &ttm))
-        return -2;
-
-    if (!OPENSSL_gmtime_diff(&day, &sec, &ttm, &stm))
-        return -2;
-
-    if (day > 0)
-        return 1;
-    if (day < 0)
-        return -1;
-    if (sec > 0)
-        return 1;
-    if (sec < 0)
-        return -1;
-    return 0;
-}
-
-#if 0
-time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s)
-{
-    struct tm tm;
-    int offset;
-
-    memset(&tm, '\0', sizeof tm);
-
-# define g2(p) (((p)[0]-'0')*10+(p)[1]-'0')
-    tm.tm_year = g2(s->data);
-    if (tm.tm_year < 50)
-        tm.tm_year += 100;
-    tm.tm_mon = g2(s->data + 2) - 1;
-    tm.tm_mday = g2(s->data + 4);
-    tm.tm_hour = g2(s->data + 6);
-    tm.tm_min = g2(s->data + 8);
-    tm.tm_sec = g2(s->data + 10);
-    if (s->data[12] == 'Z')
-        offset = 0;
-    else {
-        offset = g2(s->data + 13) * 60 + g2(s->data + 15);
-        if (s->data[12] == '-')
-            offset = -offset;
-    }
-# undef g2
-
-    /*
-     * FIXME: mktime assumes the current timezone
-     * instead of UTC, and unless we rewrite OpenSSL
-     * in Lisp we cannot locally change the timezone
-     * without possibly interfering with other parts
-     * of the program. timegm, which uses UTC, is
-     * non-standard.
-     * Also time_t is inappropriate for general
-     * UTC times because it may a 32 bit type.
-     */
-    return mktime(&tm) - offset * 60;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/asn1/a_utf8.c b/thirdparty/openssl/crypto/asn1/a_utf8.c
deleted file mode 100644
index 23dc2e828a..0000000000
--- a/thirdparty/openssl/crypto/asn1/a_utf8.c
+++ /dev/null
@@ -1,237 +0,0 @@
-/* crypto/asn1/a_utf8.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-/* UTF8 utilities */
-
-/*-
- * This parses a UTF8 string one character at a time. It is passed a pointer
- * to the string and the length of the string. It sets 'value' to the value of
- * the current character. It returns the number of characters read or a
- * negative error code:
- * -1 = string too short
- * -2 = illegal character
- * -3 = subsequent characters not of the form 10xxxxxx
- * -4 = character encoded incorrectly (not minimal length).
- */
-
-int UTF8_getc(const unsigned char *str, int len, unsigned long *val)
-{
-    const unsigned char *p;
-    unsigned long value;
-    int ret;
-    if (len <= 0)
-        return 0;
-    p = str;
-
-    /* Check syntax and work out the encoded value (if correct) */
-    if ((*p & 0x80) == 0) {
-        value = *p++ & 0x7f;
-        ret = 1;
-    } else if ((*p & 0xe0) == 0xc0) {
-        if (len < 2)
-            return -1;
-        if ((p[1] & 0xc0) != 0x80)
-            return -3;
-        value = (*p++ & 0x1f) << 6;
-        value |= *p++ & 0x3f;
-        if (value < 0x80)
-            return -4;
-        ret = 2;
-    } else if ((*p & 0xf0) == 0xe0) {
-        if (len < 3)
-            return -1;
-        if (((p[1] & 0xc0) != 0x80)
-            || ((p[2] & 0xc0) != 0x80))
-            return -3;
-        value = (*p++ & 0xf) << 12;
-        value |= (*p++ & 0x3f) << 6;
-        value |= *p++ & 0x3f;
-        if (value < 0x800)
-            return -4;
-        ret = 3;
-    } else if ((*p & 0xf8) == 0xf0) {
-        if (len < 4)
-            return -1;
-        if (((p[1] & 0xc0) != 0x80)
-            || ((p[2] & 0xc0) != 0x80)
-            || ((p[3] & 0xc0) != 0x80))
-            return -3;
-        value = ((unsigned long)(*p++ & 0x7)) << 18;
-        value |= (*p++ & 0x3f) << 12;
-        value |= (*p++ & 0x3f) << 6;
-        value |= *p++ & 0x3f;
-        if (value < 0x10000)
-            return -4;
-        ret = 4;
-    } else if ((*p & 0xfc) == 0xf8) {
-        if (len < 5)
-            return -1;
-        if (((p[1] & 0xc0) != 0x80)
-            || ((p[2] & 0xc0) != 0x80)
-            || ((p[3] & 0xc0) != 0x80)
-            || ((p[4] & 0xc0) != 0x80))
-            return -3;
-        value = ((unsigned long)(*p++ & 0x3)) << 24;
-        value |= ((unsigned long)(*p++ & 0x3f)) << 18;
-        value |= ((unsigned long)(*p++ & 0x3f)) << 12;
-        value |= (*p++ & 0x3f) << 6;
-        value |= *p++ & 0x3f;
-        if (value < 0x200000)
-            return -4;
-        ret = 5;
-    } else if ((*p & 0xfe) == 0xfc) {
-        if (len < 6)
-            return -1;
-        if (((p[1] & 0xc0) != 0x80)
-            || ((p[2] & 0xc0) != 0x80)
-            || ((p[3] & 0xc0) != 0x80)
-            || ((p[4] & 0xc0) != 0x80)
-            || ((p[5] & 0xc0) != 0x80))
-            return -3;
-        value = ((unsigned long)(*p++ & 0x1)) << 30;
-        value |= ((unsigned long)(*p++ & 0x3f)) << 24;
-        value |= ((unsigned long)(*p++ & 0x3f)) << 18;
-        value |= ((unsigned long)(*p++ & 0x3f)) << 12;
-        value |= (*p++ & 0x3f) << 6;
-        value |= *p++ & 0x3f;
-        if (value < 0x4000000)
-            return -4;
-        ret = 6;
-    } else
-        return -2;
-    *val = value;
-    return ret;
-}
-
-/*
- * This takes a character 'value' and writes the UTF8 encoded value in 'str'
- * where 'str' is a buffer containing 'len' characters. Returns the number of
- * characters written or -1 if 'len' is too small. 'str' can be set to NULL
- * in which case it just returns the number of characters. It will need at
- * most 6 characters.
- */
-
-int UTF8_putc(unsigned char *str, int len, unsigned long value)
-{
-    if (!str)
-        len = 6;                /* Maximum we will need */
-    else if (len <= 0)
-        return -1;
-    if (value < 0x80) {
-        if (str)
-            *str = (unsigned char)value;
-        return 1;
-    }
-    if (value < 0x800) {
-        if (len < 2)
-            return -1;
-        if (str) {
-            *str++ = (unsigned char)(((value >> 6) & 0x1f) | 0xc0);
-            *str = (unsigned char)((value & 0x3f) | 0x80);
-        }
-        return 2;
-    }
-    if (value < 0x10000) {
-        if (len < 3)
-            return -1;
-        if (str) {
-            *str++ = (unsigned char)(((value >> 12) & 0xf) | 0xe0);
-            *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
-            *str = (unsigned char)((value & 0x3f) | 0x80);
-        }
-        return 3;
-    }
-    if (value < 0x200000) {
-        if (len < 4)
-            return -1;
-        if (str) {
-            *str++ = (unsigned char)(((value >> 18) & 0x7) | 0xf0);
-            *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
-            *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
-            *str = (unsigned char)((value & 0x3f) | 0x80);
-        }
-        return 4;
-    }
-    if (value < 0x4000000) {
-        if (len < 5)
-            return -1;
-        if (str) {
-            *str++ = (unsigned char)(((value >> 24) & 0x3) | 0xf8);
-            *str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80);
-            *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
-            *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
-            *str = (unsigned char)((value & 0x3f) | 0x80);
-        }
-        return 5;
-    }
-    if (len < 6)
-        return -1;
-    if (str) {
-        *str++ = (unsigned char)(((value >> 30) & 0x1) | 0xfc);
-        *str++ = (unsigned char)(((value >> 24) & 0x3f) | 0x80);
-        *str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80);
-        *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
-        *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
-        *str = (unsigned char)((value & 0x3f) | 0x80);
-    }
-    return 6;
-}
diff --git a/thirdparty/openssl/crypto/asn1/a_verify.c b/thirdparty/openssl/crypto/asn1/a_verify.c
deleted file mode 100644
index 3ffd934cba..0000000000
--- a/thirdparty/openssl/crypto/asn1/a_verify.c
+++ /dev/null
@@ -1,231 +0,0 @@
-/* crypto/asn1/a_verify.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-
-#include "cryptlib.h"
-#include "asn1_locl.h"
-
-#ifndef NO_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-
-#include <openssl/bn.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-
-#ifndef NO_ASN1_OLD
-
-int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
-                char *data, EVP_PKEY *pkey)
-{
-    EVP_MD_CTX ctx;
-    const EVP_MD *type;
-    unsigned char *p, *buf_in = NULL;
-    int ret = -1, i, inl;
-
-    EVP_MD_CTX_init(&ctx);
-    i = OBJ_obj2nid(a->algorithm);
-    type = EVP_get_digestbyname(OBJ_nid2sn(i));
-    if (type == NULL) {
-        ASN1err(ASN1_F_ASN1_VERIFY, ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
-        goto err;
-    }
-
-    if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7) {
-        ASN1err(ASN1_F_ASN1_VERIFY, ASN1_R_INVALID_BIT_STRING_BITS_LEFT);
-        goto err;
-    }
-
-    inl = i2d(data, NULL);
-    buf_in = OPENSSL_malloc((unsigned int)inl);
-    if (buf_in == NULL) {
-        ASN1err(ASN1_F_ASN1_VERIFY, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    p = buf_in;
-
-    i2d(data, &p);
-    if (!EVP_VerifyInit_ex(&ctx, type, NULL)
-        || !EVP_VerifyUpdate(&ctx, (unsigned char *)buf_in, inl)) {
-        ASN1err(ASN1_F_ASN1_VERIFY, ERR_R_EVP_LIB);
-        ret = 0;
-        goto err;
-    }
-
-    OPENSSL_cleanse(buf_in, (unsigned int)inl);
-    OPENSSL_free(buf_in);
-
-    if (EVP_VerifyFinal(&ctx, (unsigned char *)signature->data,
-                        (unsigned int)signature->length, pkey) <= 0) {
-        ASN1err(ASN1_F_ASN1_VERIFY, ERR_R_EVP_LIB);
-        ret = 0;
-        goto err;
-    }
-    /*
-     * we don't need to zero the 'ctx' because we just checked public
-     * information
-     */
-    /* memset(&ctx,0,sizeof(ctx)); */
-    ret = 1;
- err:
-    EVP_MD_CTX_cleanup(&ctx);
-    return (ret);
-}
-
-#endif
-
-int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
-                     ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey)
-{
-    EVP_MD_CTX ctx;
-    unsigned char *buf_in = NULL;
-    int ret = -1, inl;
-
-    int mdnid, pknid;
-
-    if (!pkey) {
-        ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_PASSED_NULL_PARAMETER);
-        return -1;
-    }
-
-    if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7) {
-        ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ASN1_R_INVALID_BIT_STRING_BITS_LEFT);
-        return -1;
-    }
-
-    EVP_MD_CTX_init(&ctx);
-
-    /* Convert signature OID into digest and public key OIDs */
-    if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) {
-        ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
-        goto err;
-    }
-    if (mdnid == NID_undef) {
-        if (!pkey->ameth || !pkey->ameth->item_verify) {
-            ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
-                    ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
-            goto err;
-        }
-        ret = pkey->ameth->item_verify(&ctx, it, asn, a, signature, pkey);
-        /*
-         * Return value of 2 means carry on, anything else means we exit
-         * straight away: either a fatal error of the underlying verification
-         * routine handles all verification.
-         */
-        if (ret != 2)
-            goto err;
-        ret = -1;
-    } else {
-        const EVP_MD *type;
-        type = EVP_get_digestbynid(mdnid);
-        if (type == NULL) {
-            ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
-                    ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
-            goto err;
-        }
-
-        /* Check public key OID matches public key type */
-        if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) {
-            ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ASN1_R_WRONG_PUBLIC_KEY_TYPE);
-            goto err;
-        }
-
-        if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)) {
-            ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
-            ret = 0;
-            goto err;
-        }
-
-    }
-
-    inl = ASN1_item_i2d(asn, &buf_in, it);
-
-    if (buf_in == NULL) {
-        ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (!EVP_DigestVerifyUpdate(&ctx, buf_in, inl)) {
-        ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
-        ret = 0;
-        goto err;
-    }
-
-    OPENSSL_cleanse(buf_in, (unsigned int)inl);
-    OPENSSL_free(buf_in);
-
-    if (EVP_DigestVerifyFinal(&ctx, signature->data,
-                              (size_t)signature->length) <= 0) {
-        ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
-        ret = 0;
-        goto err;
-    }
-    /*
-     * we don't need to zero the 'ctx' because we just checked public
-     * information
-     */
-    /* memset(&ctx,0,sizeof(ctx)); */
-    ret = 1;
- err:
-    EVP_MD_CTX_cleanup(&ctx);
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/asn1/ameth_lib.c b/thirdparty/openssl/crypto/asn1/ameth_lib.c
deleted file mode 100644
index 43ddebba33..0000000000
--- a/thirdparty/openssl/crypto/asn1/ameth_lib.c
+++ /dev/null
@@ -1,486 +0,0 @@
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-#include "asn1_locl.h"
-
-extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[];
-extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[];
-extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth;
-extern const EVP_PKEY_ASN1_METHOD dhx_asn1_meth;
-extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth;
-extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth;
-extern const EVP_PKEY_ASN1_METHOD cmac_asn1_meth;
-
-/* Keep this sorted in type order !! */
-static const EVP_PKEY_ASN1_METHOD *standard_methods[] = {
-#ifndef OPENSSL_NO_RSA
-    &rsa_asn1_meths[0],
-    &rsa_asn1_meths[1],
-#endif
-#ifndef OPENSSL_NO_DH
-    &dh_asn1_meth,
-#endif
-#ifndef OPENSSL_NO_DSA
-    &dsa_asn1_meths[0],
-    &dsa_asn1_meths[1],
-    &dsa_asn1_meths[2],
-    &dsa_asn1_meths[3],
-    &dsa_asn1_meths[4],
-#endif
-#ifndef OPENSSL_NO_EC
-    &eckey_asn1_meth,
-#endif
-    &hmac_asn1_meth,
-#ifndef OPENSSL_NO_CMAC
-    &cmac_asn1_meth,
-#endif
-#ifndef OPENSSL_NO_DH
-    &dhx_asn1_meth
-#endif
-};
-
-typedef int sk_cmp_fn_type(const char *const *a, const char *const *b);
-DECLARE_STACK_OF(EVP_PKEY_ASN1_METHOD)
-static STACK_OF(EVP_PKEY_ASN1_METHOD) *app_methods = NULL;
-
-#ifdef TEST
-void main()
-{
-    int i;
-    for (i = 0;
-         i < sizeof(standard_methods) / sizeof(EVP_PKEY_ASN1_METHOD *); i++)
-        fprintf(stderr, "Number %d id=%d (%s)\n", i,
-                standard_methods[i]->pkey_id,
-                OBJ_nid2sn(standard_methods[i]->pkey_id));
-}
-#endif
-
-DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_ASN1_METHOD *,
-                           const EVP_PKEY_ASN1_METHOD *, ameth);
-
-static int ameth_cmp(const EVP_PKEY_ASN1_METHOD *const *a,
-                     const EVP_PKEY_ASN1_METHOD *const *b)
-{
-    return ((*a)->pkey_id - (*b)->pkey_id);
-}
-
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_ASN1_METHOD *,
-                             const EVP_PKEY_ASN1_METHOD *, ameth);
-
-int EVP_PKEY_asn1_get_count(void)
-{
-    int num = sizeof(standard_methods) / sizeof(EVP_PKEY_ASN1_METHOD *);
-    if (app_methods)
-        num += sk_EVP_PKEY_ASN1_METHOD_num(app_methods);
-    return num;
-}
-
-const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx)
-{
-    int num = sizeof(standard_methods) / sizeof(EVP_PKEY_ASN1_METHOD *);
-    if (idx < 0)
-        return NULL;
-    if (idx < num)
-        return standard_methods[idx];
-    idx -= num;
-    return sk_EVP_PKEY_ASN1_METHOD_value(app_methods, idx);
-}
-
-static const EVP_PKEY_ASN1_METHOD *pkey_asn1_find(int type)
-{
-    EVP_PKEY_ASN1_METHOD tmp;
-    const EVP_PKEY_ASN1_METHOD *t = &tmp, **ret;
-    tmp.pkey_id = type;
-    if (app_methods) {
-        int idx;
-        idx = sk_EVP_PKEY_ASN1_METHOD_find(app_methods, &tmp);
-        if (idx >= 0)
-            return sk_EVP_PKEY_ASN1_METHOD_value(app_methods, idx);
-    }
-    ret = OBJ_bsearch_ameth(&t, standard_methods, sizeof(standard_methods)
-                            / sizeof(EVP_PKEY_ASN1_METHOD *));
-    if (!ret || !*ret)
-        return NULL;
-    return *ret;
-}
-
-/*
- * Find an implementation of an ASN1 algorithm. If 'pe' is not NULL also
- * search through engines and set *pe to a functional reference to the engine
- * implementing 'type' or NULL if no engine implements it.
- */
-
-const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type)
-{
-    const EVP_PKEY_ASN1_METHOD *t;
-
-    for (;;) {
-        t = pkey_asn1_find(type);
-        if (!t || !(t->pkey_flags & ASN1_PKEY_ALIAS))
-            break;
-        type = t->pkey_base_id;
-    }
-    if (pe) {
-#ifndef OPENSSL_NO_ENGINE
-        ENGINE *e;
-        /* type will contain the final unaliased type */
-        e = ENGINE_get_pkey_asn1_meth_engine(type);
-        if (e) {
-            *pe = e;
-            return ENGINE_get_pkey_asn1_meth(e, type);
-        }
-#endif
-        *pe = NULL;
-    }
-    return t;
-}
-
-const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
-                                                   const char *str, int len)
-{
-    int i;
-    const EVP_PKEY_ASN1_METHOD *ameth;
-    if (len == -1)
-        len = strlen(str);
-    if (pe) {
-#ifndef OPENSSL_NO_ENGINE
-        ENGINE *e;
-        ameth = ENGINE_pkey_asn1_find_str(&e, str, len);
-        if (ameth) {
-            /*
-             * Convert structural into functional reference
-             */
-            if (!ENGINE_init(e))
-                ameth = NULL;
-            ENGINE_free(e);
-            *pe = e;
-            return ameth;
-        }
-#endif
-        *pe = NULL;
-    }
-    for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) {
-        ameth = EVP_PKEY_asn1_get0(i);
-        if (ameth->pkey_flags & ASN1_PKEY_ALIAS)
-            continue;
-        if (((int)strlen(ameth->pem_str) == len) &&
-            !strncasecmp(ameth->pem_str, str, len))
-            return ameth;
-    }
-    return NULL;
-}
-
-int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth)
-{
-    if (app_methods == NULL) {
-        app_methods = sk_EVP_PKEY_ASN1_METHOD_new(ameth_cmp);
-        if (!app_methods)
-            return 0;
-    }
-    if (!sk_EVP_PKEY_ASN1_METHOD_push(app_methods, ameth))
-        return 0;
-    sk_EVP_PKEY_ASN1_METHOD_sort(app_methods);
-    return 1;
-}
-
-int EVP_PKEY_asn1_add_alias(int to, int from)
-{
-    EVP_PKEY_ASN1_METHOD *ameth;
-    ameth = EVP_PKEY_asn1_new(from, ASN1_PKEY_ALIAS, NULL, NULL);
-    if (!ameth)
-        return 0;
-    ameth->pkey_base_id = to;
-    if (!EVP_PKEY_asn1_add0(ameth)) {
-        EVP_PKEY_asn1_free(ameth);
-        return 0;
-    }
-    return 1;
-}
-
-int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *ppkey_base_id,
-                            int *ppkey_flags, const char **pinfo,
-                            const char **ppem_str,
-                            const EVP_PKEY_ASN1_METHOD *ameth)
-{
-    if (!ameth)
-        return 0;
-    if (ppkey_id)
-        *ppkey_id = ameth->pkey_id;
-    if (ppkey_base_id)
-        *ppkey_base_id = ameth->pkey_base_id;
-    if (ppkey_flags)
-        *ppkey_flags = ameth->pkey_flags;
-    if (pinfo)
-        *pinfo = ameth->info;
-    if (ppem_str)
-        *ppem_str = ameth->pem_str;
-    return 1;
-}
-
-const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(EVP_PKEY *pkey)
-{
-    return pkey->ameth;
-}
-
-EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
-                                        const char *pem_str, const char *info)
-{
-    EVP_PKEY_ASN1_METHOD *ameth;
-    ameth = OPENSSL_malloc(sizeof(EVP_PKEY_ASN1_METHOD));
-    if (!ameth)
-        return NULL;
-
-    memset(ameth, 0, sizeof(EVP_PKEY_ASN1_METHOD));
-
-    ameth->pkey_id = id;
-    ameth->pkey_base_id = id;
-    ameth->pkey_flags = flags | ASN1_PKEY_DYNAMIC;
-
-    if (info) {
-        ameth->info = BUF_strdup(info);
-        if (!ameth->info)
-            goto err;
-    } else
-        ameth->info = NULL;
-
-    if (pem_str) {
-        ameth->pem_str = BUF_strdup(pem_str);
-        if (!ameth->pem_str)
-            goto err;
-    } else
-        ameth->pem_str = NULL;
-
-    ameth->pub_decode = 0;
-    ameth->pub_encode = 0;
-    ameth->pub_cmp = 0;
-    ameth->pub_print = 0;
-
-    ameth->priv_decode = 0;
-    ameth->priv_encode = 0;
-    ameth->priv_print = 0;
-
-    ameth->old_priv_encode = 0;
-    ameth->old_priv_decode = 0;
-
-    ameth->item_verify = 0;
-    ameth->item_sign = 0;
-
-    ameth->pkey_size = 0;
-    ameth->pkey_bits = 0;
-
-    ameth->param_decode = 0;
-    ameth->param_encode = 0;
-    ameth->param_missing = 0;
-    ameth->param_copy = 0;
-    ameth->param_cmp = 0;
-    ameth->param_print = 0;
-
-    ameth->pkey_free = 0;
-    ameth->pkey_ctrl = 0;
-
-    return ameth;
-
- err:
-
-    EVP_PKEY_asn1_free(ameth);
-    return NULL;
-
-}
-
-void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
-                        const EVP_PKEY_ASN1_METHOD *src)
-{
-
-    dst->pub_decode = src->pub_decode;
-    dst->pub_encode = src->pub_encode;
-    dst->pub_cmp = src->pub_cmp;
-    dst->pub_print = src->pub_print;
-
-    dst->priv_decode = src->priv_decode;
-    dst->priv_encode = src->priv_encode;
-    dst->priv_print = src->priv_print;
-
-    dst->old_priv_encode = src->old_priv_encode;
-    dst->old_priv_decode = src->old_priv_decode;
-
-    dst->pkey_size = src->pkey_size;
-    dst->pkey_bits = src->pkey_bits;
-
-    dst->param_decode = src->param_decode;
-    dst->param_encode = src->param_encode;
-    dst->param_missing = src->param_missing;
-    dst->param_copy = src->param_copy;
-    dst->param_cmp = src->param_cmp;
-    dst->param_print = src->param_print;
-
-    dst->pkey_free = src->pkey_free;
-    dst->pkey_ctrl = src->pkey_ctrl;
-
-    dst->item_sign = src->item_sign;
-    dst->item_verify = src->item_verify;
-
-}
-
-void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth)
-{
-    if (ameth && (ameth->pkey_flags & ASN1_PKEY_DYNAMIC)) {
-        if (ameth->pem_str)
-            OPENSSL_free(ameth->pem_str);
-        if (ameth->info)
-            OPENSSL_free(ameth->info);
-        OPENSSL_free(ameth);
-    }
-}
-
-void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
-                              int (*pub_decode) (EVP_PKEY *pk,
-                                                 X509_PUBKEY *pub),
-                              int (*pub_encode) (X509_PUBKEY *pub,
-                                                 const EVP_PKEY *pk),
-                              int (*pub_cmp) (const EVP_PKEY *a,
-                                              const EVP_PKEY *b),
-                              int (*pub_print) (BIO *out,
-                                                const EVP_PKEY *pkey,
-                                                int indent, ASN1_PCTX *pctx),
-                              int (*pkey_size) (const EVP_PKEY *pk),
-                              int (*pkey_bits) (const EVP_PKEY *pk))
-{
-    ameth->pub_decode = pub_decode;
-    ameth->pub_encode = pub_encode;
-    ameth->pub_cmp = pub_cmp;
-    ameth->pub_print = pub_print;
-    ameth->pkey_size = pkey_size;
-    ameth->pkey_bits = pkey_bits;
-}
-
-void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
-                               int (*priv_decode) (EVP_PKEY *pk,
-                                                   PKCS8_PRIV_KEY_INFO
-                                                   *p8inf),
-                               int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
-                                                   const EVP_PKEY *pk),
-                               int (*priv_print) (BIO *out,
-                                                  const EVP_PKEY *pkey,
-                                                  int indent,
-                                                  ASN1_PCTX *pctx))
-{
-    ameth->priv_decode = priv_decode;
-    ameth->priv_encode = priv_encode;
-    ameth->priv_print = priv_print;
-}
-
-void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
-                             int (*param_decode) (EVP_PKEY *pkey,
-                                                  const unsigned char **pder,
-                                                  int derlen),
-                             int (*param_encode) (const EVP_PKEY *pkey,
-                                                  unsigned char **pder),
-                             int (*param_missing) (const EVP_PKEY *pk),
-                             int (*param_copy) (EVP_PKEY *to,
-                                                const EVP_PKEY *from),
-                             int (*param_cmp) (const EVP_PKEY *a,
-                                               const EVP_PKEY *b),
-                             int (*param_print) (BIO *out,
-                                                 const EVP_PKEY *pkey,
-                                                 int indent, ASN1_PCTX *pctx))
-{
-    ameth->param_decode = param_decode;
-    ameth->param_encode = param_encode;
-    ameth->param_missing = param_missing;
-    ameth->param_copy = param_copy;
-    ameth->param_cmp = param_cmp;
-    ameth->param_print = param_print;
-}
-
-void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
-                            void (*pkey_free) (EVP_PKEY *pkey))
-{
-    ameth->pkey_free = pkey_free;
-}
-
-void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
-                            int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
-                                              long arg1, void *arg2))
-{
-    ameth->pkey_ctrl = pkey_ctrl;
-}
-
-void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
-                            int (*item_verify) (EVP_MD_CTX *ctx,
-                                                const ASN1_ITEM *it,
-                                                void *asn,
-                                                X509_ALGOR *a,
-                                                ASN1_BIT_STRING *sig,
-                                                EVP_PKEY *pkey),
-                            int (*item_sign) (EVP_MD_CTX *ctx,
-                                              const ASN1_ITEM *it,
-                                              void *asn,
-                                              X509_ALGOR *alg1,
-                                              X509_ALGOR *alg2,
-                                              ASN1_BIT_STRING *sig))
-{
-    ameth->item_sign = item_sign;
-    ameth->item_verify = item_verify;
-}
diff --git a/thirdparty/openssl/crypto/asn1/asn1_err.c b/thirdparty/openssl/crypto/asn1/asn1_err.c
deleted file mode 100644
index fd4ac8d9db..0000000000
--- a/thirdparty/openssl/crypto/asn1/asn1_err.c
+++ /dev/null
@@ -1,354 +0,0 @@
-/* crypto/asn1/asn1_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2014 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/asn1.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_ASN1,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_ASN1,0,reason)
-
-static ERR_STRING_DATA ASN1_str_functs[] = {
-    {ERR_FUNC(ASN1_F_A2D_ASN1_OBJECT), "a2d_ASN1_OBJECT"},
-    {ERR_FUNC(ASN1_F_A2I_ASN1_ENUMERATED), "a2i_ASN1_ENUMERATED"},
-    {ERR_FUNC(ASN1_F_A2I_ASN1_INTEGER), "a2i_ASN1_INTEGER"},
-    {ERR_FUNC(ASN1_F_A2I_ASN1_STRING), "a2i_ASN1_STRING"},
-    {ERR_FUNC(ASN1_F_APPEND_EXP), "APPEND_EXP"},
-    {ERR_FUNC(ASN1_F_ASN1_BIT_STRING_SET_BIT), "ASN1_BIT_STRING_set_bit"},
-    {ERR_FUNC(ASN1_F_ASN1_CB), "ASN1_CB"},
-    {ERR_FUNC(ASN1_F_ASN1_CHECK_TLEN), "ASN1_CHECK_TLEN"},
-    {ERR_FUNC(ASN1_F_ASN1_COLLATE_PRIMITIVE), "ASN1_COLLATE_PRIMITIVE"},
-    {ERR_FUNC(ASN1_F_ASN1_COLLECT), "ASN1_COLLECT"},
-    {ERR_FUNC(ASN1_F_ASN1_D2I_EX_PRIMITIVE), "ASN1_D2I_EX_PRIMITIVE"},
-    {ERR_FUNC(ASN1_F_ASN1_D2I_FP), "ASN1_d2i_fp"},
-    {ERR_FUNC(ASN1_F_ASN1_D2I_READ_BIO), "ASN1_D2I_READ_BIO"},
-    {ERR_FUNC(ASN1_F_ASN1_DIGEST), "ASN1_digest"},
-    {ERR_FUNC(ASN1_F_ASN1_DO_ADB), "ASN1_DO_ADB"},
-    {ERR_FUNC(ASN1_F_ASN1_DUP), "ASN1_dup"},
-    {ERR_FUNC(ASN1_F_ASN1_ENUMERATED_SET), "ASN1_ENUMERATED_set"},
-    {ERR_FUNC(ASN1_F_ASN1_ENUMERATED_TO_BN), "ASN1_ENUMERATED_to_BN"},
-    {ERR_FUNC(ASN1_F_ASN1_EX_C2I), "ASN1_EX_C2I"},
-    {ERR_FUNC(ASN1_F_ASN1_FIND_END), "ASN1_FIND_END"},
-    {ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_ADJ), "ASN1_GENERALIZEDTIME_adj"},
-    {ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_SET), "ASN1_GENERALIZEDTIME_set"},
-    {ERR_FUNC(ASN1_F_ASN1_GENERATE_V3), "ASN1_generate_v3"},
-    {ERR_FUNC(ASN1_F_ASN1_GET_OBJECT), "ASN1_get_object"},
-    {ERR_FUNC(ASN1_F_ASN1_HEADER_NEW), "ASN1_HEADER_NEW"},
-    {ERR_FUNC(ASN1_F_ASN1_I2D_BIO), "ASN1_i2d_bio"},
-    {ERR_FUNC(ASN1_F_ASN1_I2D_FP), "ASN1_i2d_fp"},
-    {ERR_FUNC(ASN1_F_ASN1_INTEGER_SET), "ASN1_INTEGER_set"},
-    {ERR_FUNC(ASN1_F_ASN1_INTEGER_TO_BN), "ASN1_INTEGER_to_BN"},
-    {ERR_FUNC(ASN1_F_ASN1_ITEM_D2I_FP), "ASN1_item_d2i_fp"},
-    {ERR_FUNC(ASN1_F_ASN1_ITEM_DUP), "ASN1_item_dup"},
-    {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW), "ASN1_ITEM_EX_COMBINE_NEW"},
-    {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_D2I), "ASN1_ITEM_EX_D2I"},
-    {ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_BIO), "ASN1_item_i2d_bio"},
-    {ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_FP), "ASN1_item_i2d_fp"},
-    {ERR_FUNC(ASN1_F_ASN1_ITEM_PACK), "ASN1_item_pack"},
-    {ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN), "ASN1_item_sign"},
-    {ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN_CTX), "ASN1_item_sign_ctx"},
-    {ERR_FUNC(ASN1_F_ASN1_ITEM_UNPACK), "ASN1_item_unpack"},
-    {ERR_FUNC(ASN1_F_ASN1_ITEM_VERIFY), "ASN1_item_verify"},
-    {ERR_FUNC(ASN1_F_ASN1_MBSTRING_NCOPY), "ASN1_mbstring_ncopy"},
-    {ERR_FUNC(ASN1_F_ASN1_OBJECT_NEW), "ASN1_OBJECT_new"},
-    {ERR_FUNC(ASN1_F_ASN1_OUTPUT_DATA), "ASN1_OUTPUT_DATA"},
-    {ERR_FUNC(ASN1_F_ASN1_PACK_STRING), "ASN1_pack_string"},
-    {ERR_FUNC(ASN1_F_ASN1_PCTX_NEW), "ASN1_PCTX_new"},
-    {ERR_FUNC(ASN1_F_ASN1_PKCS5_PBE_SET), "ASN1_PKCS5_PBE_SET"},
-    {ERR_FUNC(ASN1_F_ASN1_SEQ_PACK), "ASN1_seq_pack"},
-    {ERR_FUNC(ASN1_F_ASN1_SEQ_UNPACK), "ASN1_seq_unpack"},
-    {ERR_FUNC(ASN1_F_ASN1_SIGN), "ASN1_sign"},
-    {ERR_FUNC(ASN1_F_ASN1_STR2TYPE), "ASN1_STR2TYPE"},
-    {ERR_FUNC(ASN1_F_ASN1_STRING_SET), "ASN1_STRING_set"},
-    {ERR_FUNC(ASN1_F_ASN1_STRING_TABLE_ADD), "ASN1_STRING_TABLE_add"},
-    {ERR_FUNC(ASN1_F_ASN1_STRING_TYPE_NEW), "ASN1_STRING_type_new"},
-    {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_EX_D2I), "ASN1_TEMPLATE_EX_D2I"},
-    {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NEW), "ASN1_TEMPLATE_NEW"},
-    {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I), "ASN1_TEMPLATE_NOEXP_D2I"},
-    {ERR_FUNC(ASN1_F_ASN1_TIME_ADJ), "ASN1_TIME_adj"},
-    {ERR_FUNC(ASN1_F_ASN1_TIME_SET), "ASN1_TIME_set"},
-    {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING),
-     "ASN1_TYPE_get_int_octetstring"},
-    {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_OCTETSTRING), "ASN1_TYPE_get_octetstring"},
-    {ERR_FUNC(ASN1_F_ASN1_UNPACK_STRING), "ASN1_unpack_string"},
-    {ERR_FUNC(ASN1_F_ASN1_UTCTIME_ADJ), "ASN1_UTCTIME_adj"},
-    {ERR_FUNC(ASN1_F_ASN1_UTCTIME_SET), "ASN1_UTCTIME_set"},
-    {ERR_FUNC(ASN1_F_ASN1_VERIFY), "ASN1_verify"},
-    {ERR_FUNC(ASN1_F_B64_READ_ASN1), "B64_READ_ASN1"},
-    {ERR_FUNC(ASN1_F_B64_WRITE_ASN1), "B64_WRITE_ASN1"},
-    {ERR_FUNC(ASN1_F_BIO_NEW_NDEF), "BIO_new_NDEF"},
-    {ERR_FUNC(ASN1_F_BITSTR_CB), "BITSTR_CB"},
-    {ERR_FUNC(ASN1_F_BN_TO_ASN1_ENUMERATED), "BN_to_ASN1_ENUMERATED"},
-    {ERR_FUNC(ASN1_F_BN_TO_ASN1_INTEGER), "BN_to_ASN1_INTEGER"},
-    {ERR_FUNC(ASN1_F_C2I_ASN1_BIT_STRING), "c2i_ASN1_BIT_STRING"},
-    {ERR_FUNC(ASN1_F_C2I_ASN1_INTEGER), "c2i_ASN1_INTEGER"},
-    {ERR_FUNC(ASN1_F_C2I_ASN1_OBJECT), "c2i_ASN1_OBJECT"},
-    {ERR_FUNC(ASN1_F_COLLECT_DATA), "COLLECT_DATA"},
-    {ERR_FUNC(ASN1_F_D2I_ASN1_BIT_STRING), "D2I_ASN1_BIT_STRING"},
-    {ERR_FUNC(ASN1_F_D2I_ASN1_BOOLEAN), "d2i_ASN1_BOOLEAN"},
-    {ERR_FUNC(ASN1_F_D2I_ASN1_BYTES), "d2i_ASN1_bytes"},
-    {ERR_FUNC(ASN1_F_D2I_ASN1_GENERALIZEDTIME), "D2I_ASN1_GENERALIZEDTIME"},
-    {ERR_FUNC(ASN1_F_D2I_ASN1_HEADER), "D2I_ASN1_HEADER"},
-    {ERR_FUNC(ASN1_F_D2I_ASN1_INTEGER), "D2I_ASN1_INTEGER"},
-    {ERR_FUNC(ASN1_F_D2I_ASN1_OBJECT), "d2i_ASN1_OBJECT"},
-    {ERR_FUNC(ASN1_F_D2I_ASN1_SET), "d2i_ASN1_SET"},
-    {ERR_FUNC(ASN1_F_D2I_ASN1_TYPE_BYTES), "d2i_ASN1_type_bytes"},
-    {ERR_FUNC(ASN1_F_D2I_ASN1_UINTEGER), "d2i_ASN1_UINTEGER"},
-    {ERR_FUNC(ASN1_F_D2I_ASN1_UTCTIME), "D2I_ASN1_UTCTIME"},
-    {ERR_FUNC(ASN1_F_D2I_AUTOPRIVATEKEY), "d2i_AutoPrivateKey"},
-    {ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA), "d2i_Netscape_RSA"},
-    {ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA_2), "D2I_NETSCAPE_RSA_2"},
-    {ERR_FUNC(ASN1_F_D2I_PRIVATEKEY), "d2i_PrivateKey"},
-    {ERR_FUNC(ASN1_F_D2I_PUBLICKEY), "d2i_PublicKey"},
-    {ERR_FUNC(ASN1_F_D2I_RSA_NET), "d2i_RSA_NET"},
-    {ERR_FUNC(ASN1_F_D2I_RSA_NET_2), "D2I_RSA_NET_2"},
-    {ERR_FUNC(ASN1_F_D2I_X509), "D2I_X509"},
-    {ERR_FUNC(ASN1_F_D2I_X509_CINF), "D2I_X509_CINF"},
-    {ERR_FUNC(ASN1_F_D2I_X509_PKEY), "d2i_X509_PKEY"},
-    {ERR_FUNC(ASN1_F_I2D_ASN1_BIO_STREAM), "i2d_ASN1_bio_stream"},
-    {ERR_FUNC(ASN1_F_I2D_ASN1_SET), "i2d_ASN1_SET"},
-    {ERR_FUNC(ASN1_F_I2D_ASN1_TIME), "I2D_ASN1_TIME"},
-    {ERR_FUNC(ASN1_F_I2D_DSA_PUBKEY), "i2d_DSA_PUBKEY"},
-    {ERR_FUNC(ASN1_F_I2D_EC_PUBKEY), "i2d_EC_PUBKEY"},
-    {ERR_FUNC(ASN1_F_I2D_PRIVATEKEY), "i2d_PrivateKey"},
-    {ERR_FUNC(ASN1_F_I2D_PUBLICKEY), "i2d_PublicKey"},
-    {ERR_FUNC(ASN1_F_I2D_RSA_NET), "i2d_RSA_NET"},
-    {ERR_FUNC(ASN1_F_I2D_RSA_PUBKEY), "i2d_RSA_PUBKEY"},
-    {ERR_FUNC(ASN1_F_LONG_C2I), "LONG_C2I"},
-    {ERR_FUNC(ASN1_F_OID_MODULE_INIT), "OID_MODULE_INIT"},
-    {ERR_FUNC(ASN1_F_PARSE_TAGGING), "PARSE_TAGGING"},
-    {ERR_FUNC(ASN1_F_PKCS5_PBE2_SET_IV), "PKCS5_pbe2_set_iv"},
-    {ERR_FUNC(ASN1_F_PKCS5_PBE_SET), "PKCS5_pbe_set"},
-    {ERR_FUNC(ASN1_F_PKCS5_PBE_SET0_ALGOR), "PKCS5_pbe_set0_algor"},
-    {ERR_FUNC(ASN1_F_PKCS5_PBKDF2_SET), "PKCS5_pbkdf2_set"},
-    {ERR_FUNC(ASN1_F_SMIME_READ_ASN1), "SMIME_read_ASN1"},
-    {ERR_FUNC(ASN1_F_SMIME_TEXT), "SMIME_text"},
-    {ERR_FUNC(ASN1_F_X509_CINF_NEW), "X509_CINF_NEW"},
-    {ERR_FUNC(ASN1_F_X509_CRL_ADD0_REVOKED), "X509_CRL_add0_revoked"},
-    {ERR_FUNC(ASN1_F_X509_INFO_NEW), "X509_INFO_new"},
-    {ERR_FUNC(ASN1_F_X509_NAME_ENCODE), "X509_NAME_ENCODE"},
-    {ERR_FUNC(ASN1_F_X509_NAME_EX_D2I), "X509_NAME_EX_D2I"},
-    {ERR_FUNC(ASN1_F_X509_NAME_EX_NEW), "X509_NAME_EX_NEW"},
-    {ERR_FUNC(ASN1_F_X509_NEW), "X509_NEW"},
-    {ERR_FUNC(ASN1_F_X509_PKEY_NEW), "X509_PKEY_new"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA ASN1_str_reasons[] = {
-    {ERR_REASON(ASN1_R_ADDING_OBJECT), "adding object"},
-    {ERR_REASON(ASN1_R_ASN1_PARSE_ERROR), "asn1 parse error"},
-    {ERR_REASON(ASN1_R_ASN1_SIG_PARSE_ERROR), "asn1 sig parse error"},
-    {ERR_REASON(ASN1_R_AUX_ERROR), "aux error"},
-    {ERR_REASON(ASN1_R_BAD_CLASS), "bad class"},
-    {ERR_REASON(ASN1_R_BAD_OBJECT_HEADER), "bad object header"},
-    {ERR_REASON(ASN1_R_BAD_PASSWORD_READ), "bad password read"},
-    {ERR_REASON(ASN1_R_BAD_TAG), "bad tag"},
-    {ERR_REASON(ASN1_R_BMPSTRING_IS_WRONG_LENGTH),
-     "bmpstring is wrong length"},
-    {ERR_REASON(ASN1_R_BN_LIB), "bn lib"},
-    {ERR_REASON(ASN1_R_BOOLEAN_IS_WRONG_LENGTH), "boolean is wrong length"},
-    {ERR_REASON(ASN1_R_BUFFER_TOO_SMALL), "buffer too small"},
-    {ERR_REASON(ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER),
-     "cipher has no object identifier"},
-    {ERR_REASON(ASN1_R_CONTEXT_NOT_INITIALISED), "context not initialised"},
-    {ERR_REASON(ASN1_R_DATA_IS_WRONG), "data is wrong"},
-    {ERR_REASON(ASN1_R_DECODE_ERROR), "decode error"},
-    {ERR_REASON(ASN1_R_DECODING_ERROR), "decoding error"},
-    {ERR_REASON(ASN1_R_DEPTH_EXCEEDED), "depth exceeded"},
-    {ERR_REASON(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED),
-     "digest and key type not supported"},
-    {ERR_REASON(ASN1_R_ENCODE_ERROR), "encode error"},
-    {ERR_REASON(ASN1_R_ERROR_GETTING_TIME), "error getting time"},
-    {ERR_REASON(ASN1_R_ERROR_LOADING_SECTION), "error loading section"},
-    {ERR_REASON(ASN1_R_ERROR_PARSING_SET_ELEMENT),
-     "error parsing set element"},
-    {ERR_REASON(ASN1_R_ERROR_SETTING_CIPHER_PARAMS),
-     "error setting cipher params"},
-    {ERR_REASON(ASN1_R_EXPECTING_AN_INTEGER), "expecting an integer"},
-    {ERR_REASON(ASN1_R_EXPECTING_AN_OBJECT), "expecting an object"},
-    {ERR_REASON(ASN1_R_EXPECTING_A_BOOLEAN), "expecting a boolean"},
-    {ERR_REASON(ASN1_R_EXPECTING_A_TIME), "expecting a time"},
-    {ERR_REASON(ASN1_R_EXPLICIT_LENGTH_MISMATCH), "explicit length mismatch"},
-    {ERR_REASON(ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED),
-     "explicit tag not constructed"},
-    {ERR_REASON(ASN1_R_FIELD_MISSING), "field missing"},
-    {ERR_REASON(ASN1_R_FIRST_NUM_TOO_LARGE), "first num too large"},
-    {ERR_REASON(ASN1_R_HEADER_TOO_LONG), "header too long"},
-    {ERR_REASON(ASN1_R_ILLEGAL_BITSTRING_FORMAT), "illegal bitstring format"},
-    {ERR_REASON(ASN1_R_ILLEGAL_BOOLEAN), "illegal boolean"},
-    {ERR_REASON(ASN1_R_ILLEGAL_CHARACTERS), "illegal characters"},
-    {ERR_REASON(ASN1_R_ILLEGAL_FORMAT), "illegal format"},
-    {ERR_REASON(ASN1_R_ILLEGAL_HEX), "illegal hex"},
-    {ERR_REASON(ASN1_R_ILLEGAL_IMPLICIT_TAG), "illegal implicit tag"},
-    {ERR_REASON(ASN1_R_ILLEGAL_INTEGER), "illegal integer"},
-    {ERR_REASON(ASN1_R_ILLEGAL_NESTED_TAGGING), "illegal nested tagging"},
-    {ERR_REASON(ASN1_R_ILLEGAL_NULL), "illegal null"},
-    {ERR_REASON(ASN1_R_ILLEGAL_NULL_VALUE), "illegal null value"},
-    {ERR_REASON(ASN1_R_ILLEGAL_OBJECT), "illegal object"},
-    {ERR_REASON(ASN1_R_ILLEGAL_OPTIONAL_ANY), "illegal optional any"},
-    {ERR_REASON(ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE),
-     "illegal options on item template"},
-    {ERR_REASON(ASN1_R_ILLEGAL_TAGGED_ANY), "illegal tagged any"},
-    {ERR_REASON(ASN1_R_ILLEGAL_TIME_VALUE), "illegal time value"},
-    {ERR_REASON(ASN1_R_INTEGER_NOT_ASCII_FORMAT), "integer not ascii format"},
-    {ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG),
-     "integer too large for long"},
-    {ERR_REASON(ASN1_R_INVALID_BIT_STRING_BITS_LEFT),
-     "invalid bit string bits left"},
-    {ERR_REASON(ASN1_R_INVALID_BMPSTRING_LENGTH), "invalid bmpstring length"},
-    {ERR_REASON(ASN1_R_INVALID_DIGIT), "invalid digit"},
-    {ERR_REASON(ASN1_R_INVALID_MIME_TYPE), "invalid mime type"},
-    {ERR_REASON(ASN1_R_INVALID_MODIFIER), "invalid modifier"},
-    {ERR_REASON(ASN1_R_INVALID_NUMBER), "invalid number"},
-    {ERR_REASON(ASN1_R_INVALID_OBJECT_ENCODING), "invalid object encoding"},
-    {ERR_REASON(ASN1_R_INVALID_SEPARATOR), "invalid separator"},
-    {ERR_REASON(ASN1_R_INVALID_TIME_FORMAT), "invalid time format"},
-    {ERR_REASON(ASN1_R_INVALID_UNIVERSALSTRING_LENGTH),
-     "invalid universalstring length"},
-    {ERR_REASON(ASN1_R_INVALID_UTF8STRING), "invalid utf8string"},
-    {ERR_REASON(ASN1_R_IV_TOO_LARGE), "iv too large"},
-    {ERR_REASON(ASN1_R_LENGTH_ERROR), "length error"},
-    {ERR_REASON(ASN1_R_LIST_ERROR), "list error"},
-    {ERR_REASON(ASN1_R_MIME_NO_CONTENT_TYPE), "mime no content type"},
-    {ERR_REASON(ASN1_R_MIME_PARSE_ERROR), "mime parse error"},
-    {ERR_REASON(ASN1_R_MIME_SIG_PARSE_ERROR), "mime sig parse error"},
-    {ERR_REASON(ASN1_R_MISSING_EOC), "missing eoc"},
-    {ERR_REASON(ASN1_R_MISSING_SECOND_NUMBER), "missing second number"},
-    {ERR_REASON(ASN1_R_MISSING_VALUE), "missing value"},
-    {ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL), "mstring not universal"},
-    {ERR_REASON(ASN1_R_MSTRING_WRONG_TAG), "mstring wrong tag"},
-    {ERR_REASON(ASN1_R_NESTED_ASN1_STRING), "nested asn1 string"},
-    {ERR_REASON(ASN1_R_NON_HEX_CHARACTERS), "non hex characters"},
-    {ERR_REASON(ASN1_R_NOT_ASCII_FORMAT), "not ascii format"},
-    {ERR_REASON(ASN1_R_NOT_ENOUGH_DATA), "not enough data"},
-    {ERR_REASON(ASN1_R_NO_CONTENT_TYPE), "no content type"},
-    {ERR_REASON(ASN1_R_NO_DEFAULT_DIGEST), "no default digest"},
-    {ERR_REASON(ASN1_R_NO_MATCHING_CHOICE_TYPE), "no matching choice type"},
-    {ERR_REASON(ASN1_R_NO_MULTIPART_BODY_FAILURE),
-     "no multipart body failure"},
-    {ERR_REASON(ASN1_R_NO_MULTIPART_BOUNDARY), "no multipart boundary"},
-    {ERR_REASON(ASN1_R_NO_SIG_CONTENT_TYPE), "no sig content type"},
-    {ERR_REASON(ASN1_R_NULL_IS_WRONG_LENGTH), "null is wrong length"},
-    {ERR_REASON(ASN1_R_OBJECT_NOT_ASCII_FORMAT), "object not ascii format"},
-    {ERR_REASON(ASN1_R_ODD_NUMBER_OF_CHARS), "odd number of chars"},
-    {ERR_REASON(ASN1_R_PRIVATE_KEY_HEADER_MISSING),
-     "private key header missing"},
-    {ERR_REASON(ASN1_R_SECOND_NUMBER_TOO_LARGE), "second number too large"},
-    {ERR_REASON(ASN1_R_SEQUENCE_LENGTH_MISMATCH), "sequence length mismatch"},
-    {ERR_REASON(ASN1_R_SEQUENCE_NOT_CONSTRUCTED), "sequence not constructed"},
-    {ERR_REASON(ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG),
-     "sequence or set needs config"},
-    {ERR_REASON(ASN1_R_SHORT_LINE), "short line"},
-    {ERR_REASON(ASN1_R_SIG_INVALID_MIME_TYPE), "sig invalid mime type"},
-    {ERR_REASON(ASN1_R_STREAMING_NOT_SUPPORTED), "streaming not supported"},
-    {ERR_REASON(ASN1_R_STRING_TOO_LONG), "string too long"},
-    {ERR_REASON(ASN1_R_STRING_TOO_SHORT), "string too short"},
-    {ERR_REASON(ASN1_R_TAG_VALUE_TOO_HIGH), "tag value too high"},
-    {ERR_REASON(ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),
-     "the asn1 object identifier is not known for this md"},
-    {ERR_REASON(ASN1_R_TIME_NOT_ASCII_FORMAT), "time not ascii format"},
-    {ERR_REASON(ASN1_R_TOO_LONG), "too long"},
-    {ERR_REASON(ASN1_R_TYPE_NOT_CONSTRUCTED), "type not constructed"},
-    {ERR_REASON(ASN1_R_TYPE_NOT_PRIMITIVE), "type not primitive"},
-    {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY), "unable to decode rsa key"},
-    {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY),
-     "unable to decode rsa private key"},
-    {ERR_REASON(ASN1_R_UNEXPECTED_EOC), "unexpected eoc"},
-    {ERR_REASON(ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH),
-     "universalstring is wrong length"},
-    {ERR_REASON(ASN1_R_UNKNOWN_FORMAT), "unknown format"},
-    {ERR_REASON(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM),
-     "unknown message digest algorithm"},
-    {ERR_REASON(ASN1_R_UNKNOWN_OBJECT_TYPE), "unknown object type"},
-    {ERR_REASON(ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE), "unknown public key type"},
-    {ERR_REASON(ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM),
-     "unknown signature algorithm"},
-    {ERR_REASON(ASN1_R_UNKNOWN_TAG), "unknown tag"},
-    {ERR_REASON(ASN1_R_UNKOWN_FORMAT), "unknown format"},
-    {ERR_REASON(ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE),
-     "unsupported any defined by type"},
-    {ERR_REASON(ASN1_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
-    {ERR_REASON(ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM),
-     "unsupported encryption algorithm"},
-    {ERR_REASON(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE),
-     "unsupported public key type"},
-    {ERR_REASON(ASN1_R_UNSUPPORTED_TYPE), "unsupported type"},
-    {ERR_REASON(ASN1_R_WRONG_PUBLIC_KEY_TYPE), "wrong public key type"},
-    {ERR_REASON(ASN1_R_WRONG_TAG), "wrong tag"},
-    {ERR_REASON(ASN1_R_WRONG_TYPE), "wrong type"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_ASN1_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(ASN1_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, ASN1_str_functs);
-        ERR_load_strings(0, ASN1_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/asn1/asn1_gen.c b/thirdparty/openssl/crypto/asn1/asn1_gen.c
deleted file mode 100644
index 65749239b1..0000000000
--- a/thirdparty/openssl/crypto/asn1/asn1_gen.c
+++ /dev/null
@@ -1,831 +0,0 @@
-/* asn1_gen.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2002.
- */
-/* ====================================================================
- * Copyright (c) 2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/x509v3.h>
-
-#define ASN1_GEN_FLAG           0x10000
-#define ASN1_GEN_FLAG_IMP       (ASN1_GEN_FLAG|1)
-#define ASN1_GEN_FLAG_EXP       (ASN1_GEN_FLAG|2)
-#define ASN1_GEN_FLAG_TAG       (ASN1_GEN_FLAG|3)
-#define ASN1_GEN_FLAG_BITWRAP   (ASN1_GEN_FLAG|4)
-#define ASN1_GEN_FLAG_OCTWRAP   (ASN1_GEN_FLAG|5)
-#define ASN1_GEN_FLAG_SEQWRAP   (ASN1_GEN_FLAG|6)
-#define ASN1_GEN_FLAG_SETWRAP   (ASN1_GEN_FLAG|7)
-#define ASN1_GEN_FLAG_FORMAT    (ASN1_GEN_FLAG|8)
-
-#define ASN1_GEN_STR(str,val)   {str, sizeof(str) - 1, val}
-
-#define ASN1_FLAG_EXP_MAX       20
-/* Maximum number of nested sequences */
-#define ASN1_GEN_SEQ_MAX_DEPTH  50
-
-/* Input formats */
-
-/* ASCII: default */
-#define ASN1_GEN_FORMAT_ASCII   1
-/* UTF8 */
-#define ASN1_GEN_FORMAT_UTF8    2
-/* Hex */
-#define ASN1_GEN_FORMAT_HEX     3
-/* List of bits */
-#define ASN1_GEN_FORMAT_BITLIST 4
-
-struct tag_name_st {
-    const char *strnam;
-    int len;
-    int tag;
-};
-
-typedef struct {
-    int exp_tag;
-    int exp_class;
-    int exp_constructed;
-    int exp_pad;
-    long exp_len;
-} tag_exp_type;
-
-typedef struct {
-    int imp_tag;
-    int imp_class;
-    int utype;
-    int format;
-    const char *str;
-    tag_exp_type exp_list[ASN1_FLAG_EXP_MAX];
-    int exp_count;
-} tag_exp_arg;
-
-static ASN1_TYPE *generate_v3(char *str, X509V3_CTX *cnf, int depth,
-                              int *perr);
-static int bitstr_cb(const char *elem, int len, void *bitstr);
-static int asn1_cb(const char *elem, int len, void *bitstr);
-static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class,
-                      int exp_constructed, int exp_pad, int imp_ok);
-static int parse_tagging(const char *vstart, int vlen, int *ptag,
-                         int *pclass);
-static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf,
-                             int depth, int *perr);
-static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype);
-static int asn1_str2tag(const char *tagstr, int len);
-
-ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf)
-{
-    X509V3_CTX cnf;
-
-    if (!nconf)
-        return ASN1_generate_v3(str, NULL);
-
-    X509V3_set_nconf(&cnf, nconf);
-    return ASN1_generate_v3(str, &cnf);
-}
-
-ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)
-{
-    int err = 0;
-    ASN1_TYPE *ret = generate_v3(str, cnf, 0, &err);
-    if (err)
-        ASN1err(ASN1_F_ASN1_GENERATE_V3, err);
-    return ret;
-}
-
-static ASN1_TYPE *generate_v3(char *str, X509V3_CTX *cnf, int depth,
-                              int *perr)
-{
-    ASN1_TYPE *ret;
-    tag_exp_arg asn1_tags;
-    tag_exp_type *etmp;
-
-    int i, len;
-
-    unsigned char *orig_der = NULL, *new_der = NULL;
-    const unsigned char *cpy_start;
-    unsigned char *p;
-    const unsigned char *cp;
-    int cpy_len;
-    long hdr_len;
-    int hdr_constructed = 0, hdr_tag, hdr_class;
-    int r;
-
-    asn1_tags.imp_tag = -1;
-    asn1_tags.imp_class = -1;
-    asn1_tags.format = ASN1_GEN_FORMAT_ASCII;
-    asn1_tags.exp_count = 0;
-    if (CONF_parse_list(str, ',', 1, asn1_cb, &asn1_tags) != 0) {
-        *perr = ASN1_R_UNKNOWN_TAG;
-        return NULL;
-    }
-
-    if ((asn1_tags.utype == V_ASN1_SEQUENCE)
-        || (asn1_tags.utype == V_ASN1_SET)) {
-        if (!cnf) {
-            *perr = ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG;
-            return NULL;
-        }
-        if (depth >= ASN1_GEN_SEQ_MAX_DEPTH) {
-            *perr = ASN1_R_ILLEGAL_NESTED_TAGGING;
-            return NULL;
-        }
-        ret = asn1_multi(asn1_tags.utype, asn1_tags.str, cnf, depth, perr);
-    } else
-        ret = asn1_str2type(asn1_tags.str, asn1_tags.format, asn1_tags.utype);
-
-    if (!ret)
-        return NULL;
-
-    /* If no tagging return base type */
-    if ((asn1_tags.imp_tag == -1) && (asn1_tags.exp_count == 0))
-        return ret;
-
-    /* Generate the encoding */
-    cpy_len = i2d_ASN1_TYPE(ret, &orig_der);
-    ASN1_TYPE_free(ret);
-    ret = NULL;
-    /* Set point to start copying for modified encoding */
-    cpy_start = orig_der;
-
-    /* Do we need IMPLICIT tagging? */
-    if (asn1_tags.imp_tag != -1) {
-        /* If IMPLICIT we will replace the underlying tag */
-        /* Skip existing tag+len */
-        r = ASN1_get_object(&cpy_start, &hdr_len, &hdr_tag, &hdr_class,
-                            cpy_len);
-        if (r & 0x80)
-            goto err;
-        /* Update copy length */
-        cpy_len -= cpy_start - orig_der;
-        /*
-         * For IMPLICIT tagging the length should match the original length
-         * and constructed flag should be consistent.
-         */
-        if (r & 0x1) {
-            /* Indefinite length constructed */
-            hdr_constructed = 2;
-            hdr_len = 0;
-        } else
-            /* Just retain constructed flag */
-            hdr_constructed = r & V_ASN1_CONSTRUCTED;
-        /*
-         * Work out new length with IMPLICIT tag: ignore constructed because
-         * it will mess up if indefinite length
-         */
-        len = ASN1_object_size(0, hdr_len, asn1_tags.imp_tag);
-    } else
-        len = cpy_len;
-
-    /* Work out length in any EXPLICIT, starting from end */
-
-    for (i = 0, etmp = asn1_tags.exp_list + asn1_tags.exp_count - 1;
-         i < asn1_tags.exp_count; i++, etmp--) {
-        /* Content length: number of content octets + any padding */
-        len += etmp->exp_pad;
-        etmp->exp_len = len;
-        /* Total object length: length including new header */
-        len = ASN1_object_size(0, len, etmp->exp_tag);
-    }
-
-    /* Allocate buffer for new encoding */
-
-    new_der = OPENSSL_malloc(len);
-    if (!new_der)
-        goto err;
-
-    /* Generate tagged encoding */
-
-    p = new_der;
-
-    /* Output explicit tags first */
-
-    for (i = 0, etmp = asn1_tags.exp_list; i < asn1_tags.exp_count;
-         i++, etmp++) {
-        ASN1_put_object(&p, etmp->exp_constructed, etmp->exp_len,
-                        etmp->exp_tag, etmp->exp_class);
-        if (etmp->exp_pad)
-            *p++ = 0;
-    }
-
-    /* If IMPLICIT, output tag */
-
-    if (asn1_tags.imp_tag != -1) {
-        if (asn1_tags.imp_class == V_ASN1_UNIVERSAL
-            && (asn1_tags.imp_tag == V_ASN1_SEQUENCE
-                || asn1_tags.imp_tag == V_ASN1_SET))
-            hdr_constructed = V_ASN1_CONSTRUCTED;
-        ASN1_put_object(&p, hdr_constructed, hdr_len,
-                        asn1_tags.imp_tag, asn1_tags.imp_class);
-    }
-
-    /* Copy across original encoding */
-    memcpy(p, cpy_start, cpy_len);
-
-    cp = new_der;
-
-    /* Obtain new ASN1_TYPE structure */
-    ret = d2i_ASN1_TYPE(NULL, &cp, len);
-
- err:
-    if (orig_der)
-        OPENSSL_free(orig_der);
-    if (new_der)
-        OPENSSL_free(new_der);
-
-    return ret;
-
-}
-
-static int asn1_cb(const char *elem, int len, void *bitstr)
-{
-    tag_exp_arg *arg = bitstr;
-    int i;
-    int utype;
-    int vlen = 0;
-    const char *p, *vstart = NULL;
-
-    int tmp_tag, tmp_class;
-
-    if (elem == NULL)
-        return -1;
-
-    for (i = 0, p = elem; i < len; p++, i++) {
-        /* Look for the ':' in name value pairs */
-        if (*p == ':') {
-            vstart = p + 1;
-            vlen = len - (vstart - elem);
-            len = p - elem;
-            break;
-        }
-    }
-
-    utype = asn1_str2tag(elem, len);
-
-    if (utype == -1) {
-        ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKNOWN_TAG);
-        ERR_add_error_data(2, "tag=", elem);
-        return -1;
-    }
-
-    /* If this is not a modifier mark end of string and exit */
-    if (!(utype & ASN1_GEN_FLAG)) {
-        arg->utype = utype;
-        arg->str = vstart;
-        /* If no value and not end of string, error */
-        if (!vstart && elem[len]) {
-            ASN1err(ASN1_F_ASN1_CB, ASN1_R_MISSING_VALUE);
-            return -1;
-        }
-        return 0;
-    }
-
-    switch (utype) {
-
-    case ASN1_GEN_FLAG_IMP:
-        /* Check for illegal multiple IMPLICIT tagging */
-        if (arg->imp_tag != -1) {
-            ASN1err(ASN1_F_ASN1_CB, ASN1_R_ILLEGAL_NESTED_TAGGING);
-            return -1;
-        }
-        if (!parse_tagging(vstart, vlen, &arg->imp_tag, &arg->imp_class))
-            return -1;
-        break;
-
-    case ASN1_GEN_FLAG_EXP:
-
-        if (!parse_tagging(vstart, vlen, &tmp_tag, &tmp_class))
-            return -1;
-        if (!append_exp(arg, tmp_tag, tmp_class, 1, 0, 0))
-            return -1;
-        break;
-
-    case ASN1_GEN_FLAG_SEQWRAP:
-        if (!append_exp(arg, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, 1, 0, 1))
-            return -1;
-        break;
-
-    case ASN1_GEN_FLAG_SETWRAP:
-        if (!append_exp(arg, V_ASN1_SET, V_ASN1_UNIVERSAL, 1, 0, 1))
-            return -1;
-        break;
-
-    case ASN1_GEN_FLAG_BITWRAP:
-        if (!append_exp(arg, V_ASN1_BIT_STRING, V_ASN1_UNIVERSAL, 0, 1, 1))
-            return -1;
-        break;
-
-    case ASN1_GEN_FLAG_OCTWRAP:
-        if (!append_exp(arg, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL, 0, 0, 1))
-            return -1;
-        break;
-
-    case ASN1_GEN_FLAG_FORMAT:
-        if (!vstart) {
-            ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKNOWN_FORMAT);
-            return -1;
-        }
-        if (!strncmp(vstart, "ASCII", 5))
-            arg->format = ASN1_GEN_FORMAT_ASCII;
-        else if (!strncmp(vstart, "UTF8", 4))
-            arg->format = ASN1_GEN_FORMAT_UTF8;
-        else if (!strncmp(vstart, "HEX", 3))
-            arg->format = ASN1_GEN_FORMAT_HEX;
-        else if (!strncmp(vstart, "BITLIST", 7))
-            arg->format = ASN1_GEN_FORMAT_BITLIST;
-        else {
-            ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKOWN_FORMAT);
-            return -1;
-        }
-        break;
-
-    }
-
-    return 1;
-
-}
-
-static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass)
-{
-    char erch[2];
-    long tag_num;
-    char *eptr;
-    if (!vstart)
-        return 0;
-    tag_num = strtoul(vstart, &eptr, 10);
-    /* Check we haven't gone past max length: should be impossible */
-    if (eptr && *eptr && (eptr > vstart + vlen))
-        return 0;
-    if (tag_num < 0) {
-        ASN1err(ASN1_F_PARSE_TAGGING, ASN1_R_INVALID_NUMBER);
-        return 0;
-    }
-    *ptag = tag_num;
-    /* If we have non numeric characters, parse them */
-    if (eptr)
-        vlen -= eptr - vstart;
-    else
-        vlen = 0;
-    if (vlen) {
-        switch (*eptr) {
-
-        case 'U':
-            *pclass = V_ASN1_UNIVERSAL;
-            break;
-
-        case 'A':
-            *pclass = V_ASN1_APPLICATION;
-            break;
-
-        case 'P':
-            *pclass = V_ASN1_PRIVATE;
-            break;
-
-        case 'C':
-            *pclass = V_ASN1_CONTEXT_SPECIFIC;
-            break;
-
-        default:
-            erch[0] = *eptr;
-            erch[1] = 0;
-            ASN1err(ASN1_F_PARSE_TAGGING, ASN1_R_INVALID_MODIFIER);
-            ERR_add_error_data(2, "Char=", erch);
-            return 0;
-            break;
-
-        }
-    } else
-        *pclass = V_ASN1_CONTEXT_SPECIFIC;
-
-    return 1;
-
-}
-
-/* Handle multiple types: SET and SEQUENCE */
-
-static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf,
-                             int depth, int *perr)
-{
-    ASN1_TYPE *ret = NULL;
-    STACK_OF(ASN1_TYPE) *sk = NULL;
-    STACK_OF(CONF_VALUE) *sect = NULL;
-    unsigned char *der = NULL;
-    int derlen;
-    int i;
-    sk = sk_ASN1_TYPE_new_null();
-    if (!sk)
-        goto bad;
-    if (section) {
-        if (!cnf)
-            goto bad;
-        sect = X509V3_get_section(cnf, (char *)section);
-        if (!sect)
-            goto bad;
-        for (i = 0; i < sk_CONF_VALUE_num(sect); i++) {
-            ASN1_TYPE *typ =
-                generate_v3(sk_CONF_VALUE_value(sect, i)->value, cnf,
-                            depth + 1, perr);
-            if (!typ)
-                goto bad;
-            if (!sk_ASN1_TYPE_push(sk, typ))
-                goto bad;
-        }
-    }
-
-    /*
-     * Now we has a STACK of the components, convert to the correct form
-     */
-
-    if (utype == V_ASN1_SET)
-        derlen = i2d_ASN1_SET_ANY(sk, &der);
-    else
-        derlen = i2d_ASN1_SEQUENCE_ANY(sk, &der);
-
-    if (derlen < 0)
-        goto bad;
-
-    if (!(ret = ASN1_TYPE_new()))
-        goto bad;
-
-    if (!(ret->value.asn1_string = ASN1_STRING_type_new(utype)))
-        goto bad;
-
-    ret->type = utype;
-
-    ret->value.asn1_string->data = der;
-    ret->value.asn1_string->length = derlen;
-
-    der = NULL;
-
- bad:
-
-    if (der)
-        OPENSSL_free(der);
-
-    if (sk)
-        sk_ASN1_TYPE_pop_free(sk, ASN1_TYPE_free);
-    if (sect)
-        X509V3_section_free(cnf, sect);
-
-    return ret;
-}
-
-static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class,
-                      int exp_constructed, int exp_pad, int imp_ok)
-{
-    tag_exp_type *exp_tmp;
-    /* Can only have IMPLICIT if permitted */
-    if ((arg->imp_tag != -1) && !imp_ok) {
-        ASN1err(ASN1_F_APPEND_EXP, ASN1_R_ILLEGAL_IMPLICIT_TAG);
-        return 0;
-    }
-
-    if (arg->exp_count == ASN1_FLAG_EXP_MAX) {
-        ASN1err(ASN1_F_APPEND_EXP, ASN1_R_DEPTH_EXCEEDED);
-        return 0;
-    }
-
-    exp_tmp = &arg->exp_list[arg->exp_count++];
-
-    /*
-     * If IMPLICIT set tag to implicit value then reset implicit tag since it
-     * has been used.
-     */
-    if (arg->imp_tag != -1) {
-        exp_tmp->exp_tag = arg->imp_tag;
-        exp_tmp->exp_class = arg->imp_class;
-        arg->imp_tag = -1;
-        arg->imp_class = -1;
-    } else {
-        exp_tmp->exp_tag = exp_tag;
-        exp_tmp->exp_class = exp_class;
-    }
-    exp_tmp->exp_constructed = exp_constructed;
-    exp_tmp->exp_pad = exp_pad;
-
-    return 1;
-}
-
-static int asn1_str2tag(const char *tagstr, int len)
-{
-    unsigned int i;
-    static const struct tag_name_st *tntmp, tnst[] = {
-        ASN1_GEN_STR("BOOL", V_ASN1_BOOLEAN),
-        ASN1_GEN_STR("BOOLEAN", V_ASN1_BOOLEAN),
-        ASN1_GEN_STR("NULL", V_ASN1_NULL),
-        ASN1_GEN_STR("INT", V_ASN1_INTEGER),
-        ASN1_GEN_STR("INTEGER", V_ASN1_INTEGER),
-        ASN1_GEN_STR("ENUM", V_ASN1_ENUMERATED),
-        ASN1_GEN_STR("ENUMERATED", V_ASN1_ENUMERATED),
-        ASN1_GEN_STR("OID", V_ASN1_OBJECT),
-        ASN1_GEN_STR("OBJECT", V_ASN1_OBJECT),
-        ASN1_GEN_STR("UTCTIME", V_ASN1_UTCTIME),
-        ASN1_GEN_STR("UTC", V_ASN1_UTCTIME),
-        ASN1_GEN_STR("GENERALIZEDTIME", V_ASN1_GENERALIZEDTIME),
-        ASN1_GEN_STR("GENTIME", V_ASN1_GENERALIZEDTIME),
-        ASN1_GEN_STR("OCT", V_ASN1_OCTET_STRING),
-        ASN1_GEN_STR("OCTETSTRING", V_ASN1_OCTET_STRING),
-        ASN1_GEN_STR("BITSTR", V_ASN1_BIT_STRING),
-        ASN1_GEN_STR("BITSTRING", V_ASN1_BIT_STRING),
-        ASN1_GEN_STR("UNIVERSALSTRING", V_ASN1_UNIVERSALSTRING),
-        ASN1_GEN_STR("UNIV", V_ASN1_UNIVERSALSTRING),
-        ASN1_GEN_STR("IA5", V_ASN1_IA5STRING),
-        ASN1_GEN_STR("IA5STRING", V_ASN1_IA5STRING),
-        ASN1_GEN_STR("UTF8", V_ASN1_UTF8STRING),
-        ASN1_GEN_STR("UTF8String", V_ASN1_UTF8STRING),
-        ASN1_GEN_STR("BMP", V_ASN1_BMPSTRING),
-        ASN1_GEN_STR("BMPSTRING", V_ASN1_BMPSTRING),
-        ASN1_GEN_STR("VISIBLESTRING", V_ASN1_VISIBLESTRING),
-        ASN1_GEN_STR("VISIBLE", V_ASN1_VISIBLESTRING),
-        ASN1_GEN_STR("PRINTABLESTRING", V_ASN1_PRINTABLESTRING),
-        ASN1_GEN_STR("PRINTABLE", V_ASN1_PRINTABLESTRING),
-        ASN1_GEN_STR("T61", V_ASN1_T61STRING),
-        ASN1_GEN_STR("T61STRING", V_ASN1_T61STRING),
-        ASN1_GEN_STR("TELETEXSTRING", V_ASN1_T61STRING),
-        ASN1_GEN_STR("GeneralString", V_ASN1_GENERALSTRING),
-        ASN1_GEN_STR("GENSTR", V_ASN1_GENERALSTRING),
-        ASN1_GEN_STR("NUMERIC", V_ASN1_NUMERICSTRING),
-        ASN1_GEN_STR("NUMERICSTRING", V_ASN1_NUMERICSTRING),
-
-        /* Special cases */
-        ASN1_GEN_STR("SEQUENCE", V_ASN1_SEQUENCE),
-        ASN1_GEN_STR("SEQ", V_ASN1_SEQUENCE),
-        ASN1_GEN_STR("SET", V_ASN1_SET),
-        /* type modifiers */
-        /* Explicit tag */
-        ASN1_GEN_STR("EXP", ASN1_GEN_FLAG_EXP),
-        ASN1_GEN_STR("EXPLICIT", ASN1_GEN_FLAG_EXP),
-        /* Implicit tag */
-        ASN1_GEN_STR("IMP", ASN1_GEN_FLAG_IMP),
-        ASN1_GEN_STR("IMPLICIT", ASN1_GEN_FLAG_IMP),
-        /* OCTET STRING wrapper */
-        ASN1_GEN_STR("OCTWRAP", ASN1_GEN_FLAG_OCTWRAP),
-        /* SEQUENCE wrapper */
-        ASN1_GEN_STR("SEQWRAP", ASN1_GEN_FLAG_SEQWRAP),
-        /* SET wrapper */
-        ASN1_GEN_STR("SETWRAP", ASN1_GEN_FLAG_SETWRAP),
-        /* BIT STRING wrapper */
-        ASN1_GEN_STR("BITWRAP", ASN1_GEN_FLAG_BITWRAP),
-        ASN1_GEN_STR("FORM", ASN1_GEN_FLAG_FORMAT),
-        ASN1_GEN_STR("FORMAT", ASN1_GEN_FLAG_FORMAT),
-    };
-
-    if (len == -1)
-        len = strlen(tagstr);
-
-    tntmp = tnst;
-    for (i = 0; i < sizeof(tnst) / sizeof(struct tag_name_st); i++, tntmp++) {
-        if ((len == tntmp->len) && !strncmp(tntmp->strnam, tagstr, len))
-            return tntmp->tag;
-    }
-
-    return -1;
-}
-
-static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
-{
-    ASN1_TYPE *atmp = NULL;
-
-    CONF_VALUE vtmp;
-
-    unsigned char *rdata;
-    long rdlen;
-
-    int no_unused = 1;
-
-    if (!(atmp = ASN1_TYPE_new())) {
-        ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    if (!str)
-        str = "";
-
-    switch (utype) {
-
-    case V_ASN1_NULL:
-        if (str && *str) {
-            ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_NULL_VALUE);
-            goto bad_form;
-        }
-        break;
-
-    case V_ASN1_BOOLEAN:
-        if (format != ASN1_GEN_FORMAT_ASCII) {
-            ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_NOT_ASCII_FORMAT);
-            goto bad_form;
-        }
-        vtmp.name = NULL;
-        vtmp.section = NULL;
-        vtmp.value = (char *)str;
-        if (!X509V3_get_value_bool(&vtmp, &atmp->value.boolean)) {
-            ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_BOOLEAN);
-            goto bad_str;
-        }
-        break;
-
-    case V_ASN1_INTEGER:
-    case V_ASN1_ENUMERATED:
-        if (format != ASN1_GEN_FORMAT_ASCII) {
-            ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_INTEGER_NOT_ASCII_FORMAT);
-            goto bad_form;
-        }
-        if (!(atmp->value.integer = s2i_ASN1_INTEGER(NULL, (char *)str))) {
-            ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_INTEGER);
-            goto bad_str;
-        }
-        break;
-
-    case V_ASN1_OBJECT:
-        if (format != ASN1_GEN_FORMAT_ASCII) {
-            ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_OBJECT_NOT_ASCII_FORMAT);
-            goto bad_form;
-        }
-        if (!(atmp->value.object = OBJ_txt2obj(str, 0))) {
-            ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_OBJECT);
-            goto bad_str;
-        }
-        break;
-
-    case V_ASN1_UTCTIME:
-    case V_ASN1_GENERALIZEDTIME:
-        if (format != ASN1_GEN_FORMAT_ASCII) {
-            ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_TIME_NOT_ASCII_FORMAT);
-            goto bad_form;
-        }
-        if (!(atmp->value.asn1_string = ASN1_STRING_new())) {
-            ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
-            goto bad_str;
-        }
-        if (!ASN1_STRING_set(atmp->value.asn1_string, str, -1)) {
-            ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
-            goto bad_str;
-        }
-        atmp->value.asn1_string->type = utype;
-        if (!ASN1_TIME_check(atmp->value.asn1_string)) {
-            ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_TIME_VALUE);
-            goto bad_str;
-        }
-
-        break;
-
-    case V_ASN1_BMPSTRING:
-    case V_ASN1_PRINTABLESTRING:
-    case V_ASN1_IA5STRING:
-    case V_ASN1_T61STRING:
-    case V_ASN1_UTF8STRING:
-    case V_ASN1_VISIBLESTRING:
-    case V_ASN1_UNIVERSALSTRING:
-    case V_ASN1_GENERALSTRING:
-    case V_ASN1_NUMERICSTRING:
-
-        if (format == ASN1_GEN_FORMAT_ASCII)
-            format = MBSTRING_ASC;
-        else if (format == ASN1_GEN_FORMAT_UTF8)
-            format = MBSTRING_UTF8;
-        else {
-            ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_FORMAT);
-            goto bad_form;
-        }
-
-        if (ASN1_mbstring_copy(&atmp->value.asn1_string, (unsigned char *)str,
-                               -1, format, ASN1_tag2bit(utype)) <= 0) {
-            ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
-            goto bad_str;
-        }
-
-        break;
-
-    case V_ASN1_BIT_STRING:
-
-    case V_ASN1_OCTET_STRING:
-
-        if (!(atmp->value.asn1_string = ASN1_STRING_new())) {
-            ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
-            goto bad_form;
-        }
-
-        if (format == ASN1_GEN_FORMAT_HEX) {
-
-            if (!(rdata = string_to_hex((char *)str, &rdlen))) {
-                ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_HEX);
-                goto bad_str;
-            }
-
-            atmp->value.asn1_string->data = rdata;
-            atmp->value.asn1_string->length = rdlen;
-            atmp->value.asn1_string->type = utype;
-
-        } else if (format == ASN1_GEN_FORMAT_ASCII)
-            ASN1_STRING_set(atmp->value.asn1_string, str, -1);
-        else if ((format == ASN1_GEN_FORMAT_BITLIST)
-                 && (utype == V_ASN1_BIT_STRING)) {
-            if (!CONF_parse_list
-                (str, ',', 1, bitstr_cb, atmp->value.bit_string)) {
-                ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_LIST_ERROR);
-                goto bad_str;
-            }
-            no_unused = 0;
-
-        } else {
-            ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_BITSTRING_FORMAT);
-            goto bad_form;
-        }
-
-        if ((utype == V_ASN1_BIT_STRING) && no_unused) {
-            atmp->value.asn1_string->flags
-                &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
-            atmp->value.asn1_string->flags |= ASN1_STRING_FLAG_BITS_LEFT;
-        }
-
-        break;
-
-    default:
-        ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_UNSUPPORTED_TYPE);
-        goto bad_str;
-        break;
-    }
-
-    atmp->type = utype;
-    return atmp;
-
- bad_str:
-    ERR_add_error_data(2, "string=", str);
- bad_form:
-
-    ASN1_TYPE_free(atmp);
-    return NULL;
-
-}
-
-static int bitstr_cb(const char *elem, int len, void *bitstr)
-{
-    long bitnum;
-    char *eptr;
-    if (!elem)
-        return 0;
-    bitnum = strtoul(elem, &eptr, 10);
-    if (eptr && *eptr && (eptr != elem + len))
-        return 0;
-    if (bitnum < 0) {
-        ASN1err(ASN1_F_BITSTR_CB, ASN1_R_INVALID_NUMBER);
-        return 0;
-    }
-    if (!ASN1_BIT_STRING_set_bit(bitstr, bitnum, 1)) {
-        ASN1err(ASN1_F_BITSTR_CB, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/asn1/asn1_lib.c b/thirdparty/openssl/crypto/asn1/asn1_lib.c
deleted file mode 100644
index e63e82a8b4..0000000000
--- a/thirdparty/openssl/crypto/asn1/asn1_lib.c
+++ /dev/null
@@ -1,483 +0,0 @@
-/* crypto/asn1/asn1_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <limits.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
-
-static int asn1_get_length(const unsigned char **pp, int *inf, long *rl,
-                           long max);
-static void asn1_put_length(unsigned char **pp, int length);
-const char ASN1_version[] = "ASN.1" OPENSSL_VERSION_PTEXT;
-
-static int _asn1_check_infinite_end(const unsigned char **p, long len)
-{
-    /*
-     * If there is 0 or 1 byte left, the length check should pick things up
-     */
-    if (len <= 0)
-        return (1);
-    else if ((len >= 2) && ((*p)[0] == 0) && ((*p)[1] == 0)) {
-        (*p) += 2;
-        return (1);
-    }
-    return (0);
-}
-
-int ASN1_check_infinite_end(unsigned char **p, long len)
-{
-    return _asn1_check_infinite_end((const unsigned char **)p, len);
-}
-
-int ASN1_const_check_infinite_end(const unsigned char **p, long len)
-{
-    return _asn1_check_infinite_end(p, len);
-}
-
-int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
-                    int *pclass, long omax)
-{
-    int i, ret;
-    long l;
-    const unsigned char *p = *pp;
-    int tag, xclass, inf;
-    long max = omax;
-
-    if (!max)
-        goto err;
-    ret = (*p & V_ASN1_CONSTRUCTED);
-    xclass = (*p & V_ASN1_PRIVATE);
-    i = *p & V_ASN1_PRIMITIVE_TAG;
-    if (i == V_ASN1_PRIMITIVE_TAG) { /* high-tag */
-        p++;
-        if (--max == 0)
-            goto err;
-        l = 0;
-        while (*p & 0x80) {
-            l <<= 7L;
-            l |= *(p++) & 0x7f;
-            if (--max == 0)
-                goto err;
-            if (l > (INT_MAX >> 7L))
-                goto err;
-        }
-        l <<= 7L;
-        l |= *(p++) & 0x7f;
-        tag = (int)l;
-        if (--max == 0)
-            goto err;
-    } else {
-        tag = i;
-        p++;
-        if (--max == 0)
-            goto err;
-    }
-    *ptag = tag;
-    *pclass = xclass;
-    if (!asn1_get_length(&p, &inf, plength, max))
-        goto err;
-
-    if (inf && !(ret & V_ASN1_CONSTRUCTED))
-        goto err;
-
-#if 0
-    fprintf(stderr, "p=%d + *plength=%ld > omax=%ld + *pp=%d  (%d > %d)\n",
-            (int)p, *plength, omax, (int)*pp, (int)(p + *plength),
-            (int)(omax + *pp));
-
-#endif
-    if (*plength > (omax - (p - *pp))) {
-        ASN1err(ASN1_F_ASN1_GET_OBJECT, ASN1_R_TOO_LONG);
-        /*
-         * Set this so that even if things are not long enough the values are
-         * set correctly
-         */
-        ret |= 0x80;
-    }
-    *pp = p;
-    return (ret | inf);
- err:
-    ASN1err(ASN1_F_ASN1_GET_OBJECT, ASN1_R_HEADER_TOO_LONG);
-    return (0x80);
-}
-
-static int asn1_get_length(const unsigned char **pp, int *inf, long *rl,
-                           long max)
-{
-    const unsigned char *p = *pp;
-    unsigned long ret = 0;
-    unsigned long i;
-
-    if (max-- < 1)
-        return 0;
-    if (*p == 0x80) {
-        *inf = 1;
-        ret = 0;
-        p++;
-    } else {
-        *inf = 0;
-        i = *p & 0x7f;
-        if (*(p++) & 0x80) {
-            if (i > sizeof(ret) || max < (long)i)
-                return 0;
-            while (i-- > 0) {
-                ret <<= 8L;
-                ret |= *(p++);
-            }
-        } else
-            ret = i;
-    }
-    if (ret > LONG_MAX)
-        return 0;
-    *pp = p;
-    *rl = (long)ret;
-    return 1;
-}
-
-/*
- * class 0 is constructed constructed == 2 for indefinite length constructed
- */
-void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag,
-                     int xclass)
-{
-    unsigned char *p = *pp;
-    int i, ttag;
-
-    i = (constructed) ? V_ASN1_CONSTRUCTED : 0;
-    i |= (xclass & V_ASN1_PRIVATE);
-    if (tag < 31)
-        *(p++) = i | (tag & V_ASN1_PRIMITIVE_TAG);
-    else {
-        *(p++) = i | V_ASN1_PRIMITIVE_TAG;
-        for (i = 0, ttag = tag; ttag > 0; i++)
-            ttag >>= 7;
-        ttag = i;
-        while (i-- > 0) {
-            p[i] = tag & 0x7f;
-            if (i != (ttag - 1))
-                p[i] |= 0x80;
-            tag >>= 7;
-        }
-        p += ttag;
-    }
-    if (constructed == 2)
-        *(p++) = 0x80;
-    else
-        asn1_put_length(&p, length);
-    *pp = p;
-}
-
-int ASN1_put_eoc(unsigned char **pp)
-{
-    unsigned char *p = *pp;
-    *p++ = 0;
-    *p++ = 0;
-    *pp = p;
-    return 2;
-}
-
-static void asn1_put_length(unsigned char **pp, int length)
-{
-    unsigned char *p = *pp;
-    int i, l;
-    if (length <= 127)
-        *(p++) = (unsigned char)length;
-    else {
-        l = length;
-        for (i = 0; l > 0; i++)
-            l >>= 8;
-        *(p++) = i | 0x80;
-        l = i;
-        while (i-- > 0) {
-            p[i] = length & 0xff;
-            length >>= 8;
-        }
-        p += l;
-    }
-    *pp = p;
-}
-
-int ASN1_object_size(int constructed, int length, int tag)
-{
-    int ret = 1;
-    if (length < 0)
-        return -1;
-    if (tag >= 31) {
-        while (tag > 0) {
-            tag >>= 7;
-            ret++;
-        }
-    }
-    if (constructed == 2) {
-        ret += 3;
-    } else {
-        ret++;
-        if (length > 127) {
-            int tmplen = length;
-            while (tmplen > 0) {
-                tmplen >>= 8;
-                ret++;
-            }
-        }
-    }
-    if (ret >= INT_MAX - length)
-        return -1;
-    return ret + length;
-}
-
-static int _asn1_Finish(ASN1_const_CTX *c)
-{
-    if ((c->inf == (1 | V_ASN1_CONSTRUCTED)) && (!c->eos)) {
-        if (!ASN1_const_check_infinite_end(&c->p, c->slen)) {
-            c->error = ERR_R_MISSING_ASN1_EOS;
-            return (0);
-        }
-    }
-    if (((c->slen != 0) && !(c->inf & 1)) || ((c->slen < 0) && (c->inf & 1))) {
-        c->error = ERR_R_ASN1_LENGTH_MISMATCH;
-        return (0);
-    }
-    return (1);
-}
-
-int asn1_Finish(ASN1_CTX *c)
-{
-    return _asn1_Finish((ASN1_const_CTX *)c);
-}
-
-int asn1_const_Finish(ASN1_const_CTX *c)
-{
-    return _asn1_Finish(c);
-}
-
-int asn1_GetSequence(ASN1_const_CTX *c, long *length)
-{
-    const unsigned char *q;
-
-    q = c->p;
-    c->inf = ASN1_get_object(&(c->p), &(c->slen), &(c->tag), &(c->xclass),
-                             *length);
-    if (c->inf & 0x80) {
-        c->error = ERR_R_BAD_GET_ASN1_OBJECT_CALL;
-        return (0);
-    }
-    if (c->tag != V_ASN1_SEQUENCE) {
-        c->error = ERR_R_EXPECTING_AN_ASN1_SEQUENCE;
-        return (0);
-    }
-    (*length) -= (c->p - q);
-    if (c->max && (*length < 0)) {
-        c->error = ERR_R_ASN1_LENGTH_MISMATCH;
-        return (0);
-    }
-    if (c->inf == (1 | V_ASN1_CONSTRUCTED))
-        c->slen = *length;
-    c->eos = 0;
-    return (1);
-}
-
-int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str)
-{
-    if (str == NULL)
-        return 0;
-    dst->type = str->type;
-    if (!ASN1_STRING_set(dst, str->data, str->length))
-        return 0;
-    dst->flags = str->flags;
-    return 1;
-}
-
-ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *str)
-{
-    ASN1_STRING *ret;
-    if (!str)
-        return NULL;
-    ret = ASN1_STRING_new();
-    if (!ret)
-        return NULL;
-    if (!ASN1_STRING_copy(ret, str)) {
-        ASN1_STRING_free(ret);
-        return NULL;
-    }
-    return ret;
-}
-
-int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
-{
-    unsigned char *c;
-    const char *data = _data;
-
-    if (len < 0) {
-        if (data == NULL)
-            return (0);
-        else
-            len = strlen(data);
-    }
-    if ((str->length <= len) || (str->data == NULL)) {
-        c = str->data;
-        if (c == NULL)
-            str->data = OPENSSL_malloc(len + 1);
-        else
-            str->data = OPENSSL_realloc(c, len + 1);
-
-        if (str->data == NULL) {
-            ASN1err(ASN1_F_ASN1_STRING_SET, ERR_R_MALLOC_FAILURE);
-            str->data = c;
-            return (0);
-        }
-    }
-    str->length = len;
-    if (data != NULL) {
-        memcpy(str->data, data, len);
-        /* an allowance for strings :-) */
-        str->data[len] = '\0';
-    }
-    return (1);
-}
-
-void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len)
-{
-    if (str->data)
-        OPENSSL_free(str->data);
-    str->data = data;
-    str->length = len;
-}
-
-ASN1_STRING *ASN1_STRING_new(void)
-{
-    return (ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
-}
-
-ASN1_STRING *ASN1_STRING_type_new(int type)
-{
-    ASN1_STRING *ret;
-
-    ret = (ASN1_STRING *)OPENSSL_malloc(sizeof(ASN1_STRING));
-    if (ret == NULL) {
-        ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW, ERR_R_MALLOC_FAILURE);
-        return (NULL);
-    }
-    ret->length = 0;
-    ret->type = type;
-    ret->data = NULL;
-    ret->flags = 0;
-    return (ret);
-}
-
-void ASN1_STRING_free(ASN1_STRING *a)
-{
-    if (a == NULL)
-        return;
-    if (a->data && !(a->flags & ASN1_STRING_FLAG_NDEF))
-        OPENSSL_free(a->data);
-    OPENSSL_free(a);
-}
-
-void ASN1_STRING_clear_free(ASN1_STRING *a)
-{
-    if (a && a->data && !(a->flags & ASN1_STRING_FLAG_NDEF))
-        OPENSSL_cleanse(a->data, a->length);
-    ASN1_STRING_free(a);
-}
-
-int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
-{
-    int i;
-
-    i = (a->length - b->length);
-    if (i == 0) {
-        i = memcmp(a->data, b->data, a->length);
-        if (i == 0)
-            return (a->type - b->type);
-        else
-            return (i);
-    } else
-        return (i);
-}
-
-void asn1_add_error(const unsigned char *address, int offset)
-{
-    char buf1[DECIMAL_SIZE(address) + 1], buf2[DECIMAL_SIZE(offset) + 1];
-
-    BIO_snprintf(buf1, sizeof buf1, "%lu", (unsigned long)address);
-    BIO_snprintf(buf2, sizeof buf2, "%d", offset);
-    ERR_add_error_data(4, "address=", buf1, " offset=", buf2);
-}
-
-int ASN1_STRING_length(const ASN1_STRING *x)
-{
-    return M_ASN1_STRING_length(x);
-}
-
-void ASN1_STRING_length_set(ASN1_STRING *x, int len)
-{
-    M_ASN1_STRING_length_set(x, len);
-    return;
-}
-
-int ASN1_STRING_type(ASN1_STRING *x)
-{
-    return M_ASN1_STRING_type(x);
-}
-
-unsigned char *ASN1_STRING_data(ASN1_STRING *x)
-{
-    return M_ASN1_STRING_data(x);
-}
diff --git a/thirdparty/openssl/crypto/asn1/asn1_locl.h b/thirdparty/openssl/crypto/asn1/asn1_locl.h
deleted file mode 100644
index 4c004fab9a..0000000000
--- a/thirdparty/openssl/crypto/asn1/asn1_locl.h
+++ /dev/null
@@ -1,135 +0,0 @@
-/* asn1t.h */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* Internal ASN1 structures and functions: not for application use */
-
-int asn1_utctime_to_tm(struct tm *tm, const ASN1_UTCTIME *d);
-int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d);
-
-/* ASN1 print context structure */
-
-struct asn1_pctx_st {
-    unsigned long flags;
-    unsigned long nm_flags;
-    unsigned long cert_flags;
-    unsigned long oid_flags;
-    unsigned long str_flags;
-} /* ASN1_PCTX */ ;
-
-/* ASN1 public key method structure */
-
-struct evp_pkey_asn1_method_st {
-    int pkey_id;
-    int pkey_base_id;
-    unsigned long pkey_flags;
-    char *pem_str;
-    char *info;
-    int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
-    int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
-    int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
-    int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
-                      ASN1_PCTX *pctx);
-    int (*priv_decode) (EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf);
-    int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
-    int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
-                       ASN1_PCTX *pctx);
-    int (*pkey_size) (const EVP_PKEY *pk);
-    int (*pkey_bits) (const EVP_PKEY *pk);
-    int (*param_decode) (EVP_PKEY *pkey,
-                         const unsigned char **pder, int derlen);
-    int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
-    int (*param_missing) (const EVP_PKEY *pk);
-    int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
-    int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
-    int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
-                        ASN1_PCTX *pctx);
-    int (*sig_print) (BIO *out,
-                      const X509_ALGOR *sigalg, const ASN1_STRING *sig,
-                      int indent, ASN1_PCTX *pctx);
-    void (*pkey_free) (EVP_PKEY *pkey);
-    int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);
-    /* Legacy functions for old PEM */
-    int (*old_priv_decode) (EVP_PKEY *pkey,
-                            const unsigned char **pder, int derlen);
-    int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);
-    /* Custom ASN1 signature verification */
-    int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
-                        X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
-    int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
-                      X509_ALGOR *alg1, X509_ALGOR *alg2,
-                      ASN1_BIT_STRING *sig);
-} /* EVP_PKEY_ASN1_METHOD */ ;
-
-/*
- * Method to handle CRL access. In general a CRL could be very large (several
- * Mb) and can consume large amounts of resources if stored in memory by
- * multiple processes. This method allows general CRL operations to be
- * redirected to more efficient callbacks: for example a CRL entry database.
- */
-
-#define X509_CRL_METHOD_DYNAMIC         1
-
-struct x509_crl_method_st {
-    int flags;
-    int (*crl_init) (X509_CRL *crl);
-    int (*crl_free) (X509_CRL *crl);
-    int (*crl_lookup) (X509_CRL *crl, X509_REVOKED **ret,
-                       ASN1_INTEGER *ser, X509_NAME *issuer);
-    int (*crl_verify) (X509_CRL *crl, EVP_PKEY *pk);
-};
diff --git a/thirdparty/openssl/crypto/asn1/asn1_par.c b/thirdparty/openssl/crypto/asn1/asn1_par.c
deleted file mode 100644
index e85e3398b6..0000000000
--- a/thirdparty/openssl/crypto/asn1/asn1_par.c
+++ /dev/null
@@ -1,424 +0,0 @@
-/* crypto/asn1/asn1_par.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-#include <openssl/asn1.h>
-
-#ifndef ASN1_PARSE_MAXDEPTH
-#define ASN1_PARSE_MAXDEPTH 128
-#endif
-
-static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
-                           int indent);
-static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
-                       int offset, int depth, int indent, int dump);
-static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
-                           int indent)
-{
-    static const char fmt[] = "%-18s";
-    char str[128];
-    const char *p;
-
-    if (constructed & V_ASN1_CONSTRUCTED)
-        p = "cons: ";
-    else
-        p = "prim: ";
-    if (BIO_write(bp, p, 6) < 6)
-        goto err;
-    BIO_indent(bp, indent, 128);
-
-    p = str;
-    if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
-        BIO_snprintf(str, sizeof str, "priv [ %d ] ", tag);
-    else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
-        BIO_snprintf(str, sizeof str, "cont [ %d ]", tag);
-    else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
-        BIO_snprintf(str, sizeof str, "appl [ %d ]", tag);
-    else if (tag > 30)
-        BIO_snprintf(str, sizeof str, "<ASN1 %d>", tag);
-    else
-        p = ASN1_tag2str(tag);
-
-    if (BIO_printf(bp, fmt, p) <= 0)
-        goto err;
-    return (1);
- err:
-    return (0);
-}
-
-int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent)
-{
-    return (asn1_parse2(bp, &pp, len, 0, 0, indent, 0));
-}
-
-int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent,
-                    int dump)
-{
-    return (asn1_parse2(bp, &pp, len, 0, 0, indent, dump));
-}
-
-static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
-                       int offset, int depth, int indent, int dump)
-{
-    const unsigned char *p, *ep, *tot, *op, *opp;
-    long len;
-    int tag, xclass, ret = 0;
-    int nl, hl, j, r;
-    ASN1_OBJECT *o = NULL;
-    ASN1_OCTET_STRING *os = NULL;
-    /* ASN1_BMPSTRING *bmp=NULL; */
-    int dump_indent;
-
-#if 0
-    dump_indent = indent;
-#else
-    dump_indent = 6;            /* Because we know BIO_dump_indent() */
-#endif
-
-    if (depth > ASN1_PARSE_MAXDEPTH) {
-            BIO_puts(bp, "BAD RECURSION DEPTH\n");
-            return 0;
-    }
-
-    p = *pp;
-    tot = p + length;
-    op = p - 1;
-    while ((p < tot) && (op < p)) {
-        op = p;
-        j = ASN1_get_object(&p, &len, &tag, &xclass, length);
-#ifdef LINT
-        j = j;
-#endif
-        if (j & 0x80) {
-            if (BIO_write(bp, "Error in encoding\n", 18) <= 0)
-                goto end;
-            ret = 0;
-            goto end;
-        }
-        hl = (p - op);
-        length -= hl;
-        /*
-         * if j == 0x21 it is a constructed indefinite length object
-         */
-        if (BIO_printf(bp, "%5ld:", (long)offset + (long)(op - *pp))
-            <= 0)
-            goto end;
-
-        if (j != (V_ASN1_CONSTRUCTED | 1)) {
-            if (BIO_printf(bp, "d=%-2d hl=%ld l=%4ld ",
-                           depth, (long)hl, len) <= 0)
-                goto end;
-        } else {
-            if (BIO_printf(bp, "d=%-2d hl=%ld l=inf  ", depth, (long)hl) <= 0)
-                goto end;
-        }
-        if (!asn1_print_info(bp, tag, xclass, j, (indent) ? depth : 0))
-            goto end;
-        if (j & V_ASN1_CONSTRUCTED) {
-            const unsigned char *sp;
-
-            ep = p + len;
-            if (BIO_write(bp, "\n", 1) <= 0)
-                goto end;
-            if (len > length) {
-                BIO_printf(bp, "length is greater than %ld\n", length);
-                ret = 0;
-                goto end;
-            }
-            if ((j == 0x21) && (len == 0)) {
-                sp = p;
-                for (;;) {
-                    r = asn1_parse2(bp, &p, (long)(tot - p),
-                                    offset + (p - *pp), depth + 1,
-                                    indent, dump);
-                    if (r == 0) {
-                        ret = 0;
-                        goto end;
-                    }
-                    if ((r == 2) || (p >= tot)) {
-                        len = p - sp;
-                        break;
-                    }
-                }
-            } else {
-                long tmp = len;
-
-                while (p < ep) {
-                    sp = p;
-                    r = asn1_parse2(bp, &p, tmp, offset + (p - *pp), depth + 1,
-                                    indent, dump);
-                    if (r == 0) {
-                        ret = 0;
-                        goto end;
-                    }
-                    tmp -= p - sp;
-                }
-            }
-        } else if (xclass != 0) {
-            p += len;
-            if (BIO_write(bp, "\n", 1) <= 0)
-                goto end;
-        } else {
-            nl = 0;
-            if ((tag == V_ASN1_PRINTABLESTRING) ||
-                (tag == V_ASN1_T61STRING) ||
-                (tag == V_ASN1_IA5STRING) ||
-                (tag == V_ASN1_VISIBLESTRING) ||
-                (tag == V_ASN1_NUMERICSTRING) ||
-                (tag == V_ASN1_UTF8STRING) ||
-                (tag == V_ASN1_UTCTIME) || (tag == V_ASN1_GENERALIZEDTIME)) {
-                if (BIO_write(bp, ":", 1) <= 0)
-                    goto end;
-                if ((len > 0) && BIO_write(bp, (const char *)p, (int)len)
-                    != (int)len)
-                    goto end;
-            } else if (tag == V_ASN1_OBJECT) {
-                opp = op;
-                if (d2i_ASN1_OBJECT(&o, &opp, len + hl) != NULL) {
-                    if (BIO_write(bp, ":", 1) <= 0)
-                        goto end;
-                    i2a_ASN1_OBJECT(bp, o);
-                } else {
-                    if (BIO_write(bp, ":BAD OBJECT", 11) <= 0)
-                        goto end;
-                }
-            } else if (tag == V_ASN1_BOOLEAN) {
-                int ii;
-
-                opp = op;
-                ii = d2i_ASN1_BOOLEAN(NULL, &opp, len + hl);
-                if (ii < 0) {
-                    if (BIO_write(bp, "Bad boolean\n", 12) <= 0)
-                        goto end;
-                }
-                BIO_printf(bp, ":%d", ii);
-            } else if (tag == V_ASN1_BMPSTRING) {
-                /* do the BMP thang */
-            } else if (tag == V_ASN1_OCTET_STRING) {
-                int i, printable = 1;
-
-                opp = op;
-                os = d2i_ASN1_OCTET_STRING(NULL, &opp, len + hl);
-                if (os != NULL && os->length > 0) {
-                    opp = os->data;
-                    /*
-                     * testing whether the octet string is printable
-                     */
-                    for (i = 0; i < os->length; i++) {
-                        if (((opp[i] < ' ') &&
-                             (opp[i] != '\n') &&
-                             (opp[i] != '\r') &&
-                             (opp[i] != '\t')) || (opp[i] > '~')) {
-                            printable = 0;
-                            break;
-                        }
-                    }
-                    if (printable)
-                        /* printable string */
-                    {
-                        if (BIO_write(bp, ":", 1) <= 0)
-                            goto end;
-                        if (BIO_write(bp, (const char *)opp, os->length) <= 0)
-                            goto end;
-                    } else if (!dump)
-                        /*
-                         * not printable => print octet string as hex dump
-                         */
-                    {
-                        if (BIO_write(bp, "[HEX DUMP]:", 11) <= 0)
-                            goto end;
-                        for (i = 0; i < os->length; i++) {
-                            if (BIO_printf(bp, "%02X", opp[i]) <= 0)
-                                goto end;
-                        }
-                    } else
-                        /* print the normal dump */
-                    {
-                        if (!nl) {
-                            if (BIO_write(bp, "\n", 1) <= 0)
-                                goto end;
-                        }
-                        if (BIO_dump_indent(bp,
-                                            (const char *)opp,
-                                            ((dump == -1 || dump >
-                                              os->
-                                              length) ? os->length : dump),
-                                            dump_indent) <= 0)
-                            goto end;
-                        nl = 1;
-                    }
-                }
-                if (os != NULL) {
-                    M_ASN1_OCTET_STRING_free(os);
-                    os = NULL;
-                }
-            } else if (tag == V_ASN1_INTEGER) {
-                ASN1_INTEGER *bs;
-                int i;
-
-                opp = op;
-                bs = d2i_ASN1_INTEGER(NULL, &opp, len + hl);
-                if (bs != NULL) {
-                    if (BIO_write(bp, ":", 1) <= 0)
-                        goto end;
-                    if (bs->type == V_ASN1_NEG_INTEGER)
-                        if (BIO_write(bp, "-", 1) <= 0)
-                            goto end;
-                    for (i = 0; i < bs->length; i++) {
-                        if (BIO_printf(bp, "%02X", bs->data[i]) <= 0)
-                            goto end;
-                    }
-                    if (bs->length == 0) {
-                        if (BIO_write(bp, "00", 2) <= 0)
-                            goto end;
-                    }
-                } else {
-                    if (BIO_write(bp, "BAD INTEGER", 11) <= 0)
-                        goto end;
-                }
-                M_ASN1_INTEGER_free(bs);
-            } else if (tag == V_ASN1_ENUMERATED) {
-                ASN1_ENUMERATED *bs;
-                int i;
-
-                opp = op;
-                bs = d2i_ASN1_ENUMERATED(NULL, &opp, len + hl);
-                if (bs != NULL) {
-                    if (BIO_write(bp, ":", 1) <= 0)
-                        goto end;
-                    if (bs->type == V_ASN1_NEG_ENUMERATED)
-                        if (BIO_write(bp, "-", 1) <= 0)
-                            goto end;
-                    for (i = 0; i < bs->length; i++) {
-                        if (BIO_printf(bp, "%02X", bs->data[i]) <= 0)
-                            goto end;
-                    }
-                    if (bs->length == 0) {
-                        if (BIO_write(bp, "00", 2) <= 0)
-                            goto end;
-                    }
-                } else {
-                    if (BIO_write(bp, "BAD ENUMERATED", 14) <= 0)
-                        goto end;
-                }
-                M_ASN1_ENUMERATED_free(bs);
-            } else if (len > 0 && dump) {
-                if (!nl) {
-                    if (BIO_write(bp, "\n", 1) <= 0)
-                        goto end;
-                }
-                if (BIO_dump_indent(bp, (const char *)p,
-                                    ((dump == -1 || dump > len) ? len : dump),
-                                    dump_indent) <= 0)
-                    goto end;
-                nl = 1;
-            }
-
-            if (!nl) {
-                if (BIO_write(bp, "\n", 1) <= 0)
-                    goto end;
-            }
-            p += len;
-            if ((tag == V_ASN1_EOC) && (xclass == 0)) {
-                ret = 2;        /* End of sequence */
-                goto end;
-            }
-        }
-        length -= len;
-    }
-    ret = 1;
- end:
-    if (o != NULL)
-        ASN1_OBJECT_free(o);
-    if (os != NULL)
-        M_ASN1_OCTET_STRING_free(os);
-    *pp = p;
-    return (ret);
-}
-
-const char *ASN1_tag2str(int tag)
-{
-    static const char *const tag2str[] = {
-        /* 0-4 */
-        "EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING",
-        /* 5-9 */
-        "NULL", "OBJECT", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL",
-        /* 10-13 */
-        "ENUMERATED", "<ASN1 11>", "UTF8STRING", "<ASN1 13>",
-        /* 15-17 */
-        "<ASN1 14>", "<ASN1 15>", "SEQUENCE", "SET",
-        /* 18-20 */
-        "NUMERICSTRING", "PRINTABLESTRING", "T61STRING",
-        /* 21-24 */
-        "VIDEOTEXSTRING", "IA5STRING", "UTCTIME", "GENERALIZEDTIME",
-        /* 25-27 */
-        "GRAPHICSTRING", "VISIBLESTRING", "GENERALSTRING",
-        /* 28-30 */
-        "UNIVERSALSTRING", "<ASN1 29>", "BMPSTRING"
-    };
-
-    if ((tag == V_ASN1_NEG_INTEGER) || (tag == V_ASN1_NEG_ENUMERATED))
-        tag &= ~0x100;
-
-    if (tag < 0 || tag > 30)
-        return "(unknown)";
-    return tag2str[tag];
-}
diff --git a/thirdparty/openssl/crypto/asn1/asn_mime.c b/thirdparty/openssl/crypto/asn1/asn_mime.c
deleted file mode 100644
index 5170906c62..0000000000
--- a/thirdparty/openssl/crypto/asn1/asn_mime.c
+++ /dev/null
@@ -1,976 +0,0 @@
-/* asn_mime.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 1999-2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include "asn1_locl.h"
-
-/*
- * Generalised MIME like utilities for streaming ASN1. Although many have a
- * PKCS7/CMS like flavour others are more general purpose.
- */
-
-/*
- * MIME format structures Note that all are translated to lower case apart
- * from parameter values. Quotes are stripped off
- */
-
-typedef struct {
-    char *param_name;           /* Param name e.g. "micalg" */
-    char *param_value;          /* Param value e.g. "sha1" */
-} MIME_PARAM;
-
-DECLARE_STACK_OF(MIME_PARAM)
-IMPLEMENT_STACK_OF(MIME_PARAM)
-
-typedef struct {
-    char *name;                 /* Name of line e.g. "content-type" */
-    char *value;                /* Value of line e.g. "text/plain" */
-    STACK_OF(MIME_PARAM) *params; /* Zero or more parameters */
-} MIME_HEADER;
-
-DECLARE_STACK_OF(MIME_HEADER)
-IMPLEMENT_STACK_OF(MIME_HEADER)
-
-static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
-                            const ASN1_ITEM *it);
-static char *strip_ends(char *name);
-static char *strip_start(char *name);
-static char *strip_end(char *name);
-static MIME_HEADER *mime_hdr_new(char *name, char *value);
-static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value);
-static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio);
-static int mime_hdr_cmp(const MIME_HEADER *const *a,
-                        const MIME_HEADER *const *b);
-static int mime_param_cmp(const MIME_PARAM *const *a,
-                          const MIME_PARAM *const *b);
-static void mime_param_free(MIME_PARAM *param);
-static int mime_bound_check(char *line, int linelen, char *bound, int blen);
-static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret);
-static int strip_eol(char *linebuf, int *plen);
-static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name);
-static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name);
-static void mime_hdr_free(MIME_HEADER *hdr);
-
-#define MAX_SMLEN 1024
-#define mime_debug(x)           /* x */
-
-/* Output an ASN1 structure in BER format streaming if necessary */
-
-int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
-                        const ASN1_ITEM *it)
-{
-    /* If streaming create stream BIO and copy all content through it */
-    if (flags & SMIME_STREAM) {
-        BIO *bio, *tbio;
-        bio = BIO_new_NDEF(out, val, it);
-        if (!bio) {
-            ASN1err(ASN1_F_I2D_ASN1_BIO_STREAM, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-        SMIME_crlf_copy(in, bio, flags);
-        (void)BIO_flush(bio);
-        /* Free up successive BIOs until we hit the old output BIO */
-        do {
-            tbio = BIO_pop(bio);
-            BIO_free(bio);
-            bio = tbio;
-        } while (bio != out);
-    }
-    /*
-     * else just write out ASN1 structure which will have all content stored
-     * internally
-     */
-    else
-        ASN1_item_i2d_bio(it, out, val);
-    return 1;
-}
-
-/* Base 64 read and write of ASN1 structure */
-
-static int B64_write_ASN1(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
-                          const ASN1_ITEM *it)
-{
-    BIO *b64;
-    int r;
-    b64 = BIO_new(BIO_f_base64());
-    if (!b64) {
-        ASN1err(ASN1_F_B64_WRITE_ASN1, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    /*
-     * prepend the b64 BIO so all data is base64 encoded.
-     */
-    out = BIO_push(b64, out);
-    r = i2d_ASN1_bio_stream(out, val, in, flags, it);
-    (void)BIO_flush(out);
-    BIO_pop(out);
-    BIO_free(b64);
-    return r;
-}
-
-/* Streaming ASN1 PEM write */
-
-int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
-                              const char *hdr, const ASN1_ITEM *it)
-{
-    int r;
-    BIO_printf(out, "-----BEGIN %s-----\n", hdr);
-    r = B64_write_ASN1(out, val, in, flags, it);
-    BIO_printf(out, "-----END %s-----\n", hdr);
-    return r;
-}
-
-static ASN1_VALUE *b64_read_asn1(BIO *bio, const ASN1_ITEM *it)
-{
-    BIO *b64;
-    ASN1_VALUE *val;
-    if (!(b64 = BIO_new(BIO_f_base64()))) {
-        ASN1err(ASN1_F_B64_READ_ASN1, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    bio = BIO_push(b64, bio);
-    val = ASN1_item_d2i_bio(it, bio, NULL);
-    if (!val)
-        ASN1err(ASN1_F_B64_READ_ASN1, ASN1_R_DECODE_ERROR);
-    (void)BIO_flush(bio);
-    bio = BIO_pop(bio);
-    BIO_free(b64);
-    return val;
-}
-
-/* Generate the MIME "micalg" parameter from RFC3851, RFC4490 */
-
-static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs)
-{
-    const EVP_MD *md;
-    int i, have_unknown = 0, write_comma, ret = 0, md_nid;
-    have_unknown = 0;
-    write_comma = 0;
-    for (i = 0; i < sk_X509_ALGOR_num(mdalgs); i++) {
-        if (write_comma)
-            BIO_write(out, ",", 1);
-        write_comma = 1;
-        md_nid = OBJ_obj2nid(sk_X509_ALGOR_value(mdalgs, i)->algorithm);
-        md = EVP_get_digestbynid(md_nid);
-        if (md && md->md_ctrl) {
-            int rv;
-            char *micstr;
-            rv = md->md_ctrl(NULL, EVP_MD_CTRL_MICALG, 0, &micstr);
-            if (rv > 0) {
-                BIO_puts(out, micstr);
-                OPENSSL_free(micstr);
-                continue;
-            }
-            if (rv != -2)
-                goto err;
-        }
-        switch (md_nid) {
-        case NID_sha1:
-            BIO_puts(out, "sha1");
-            break;
-
-        case NID_md5:
-            BIO_puts(out, "md5");
-            break;
-
-        case NID_sha256:
-            BIO_puts(out, "sha-256");
-            break;
-
-        case NID_sha384:
-            BIO_puts(out, "sha-384");
-            break;
-
-        case NID_sha512:
-            BIO_puts(out, "sha-512");
-            break;
-
-        case NID_id_GostR3411_94:
-            BIO_puts(out, "gostr3411-94");
-            goto err;
-            break;
-
-        default:
-            if (have_unknown)
-                write_comma = 0;
-            else {
-                BIO_puts(out, "unknown");
-                have_unknown = 1;
-            }
-            break;
-
-        }
-    }
-
-    ret = 1;
- err:
-
-    return ret;
-
-}
-
-/* SMIME sender */
-
-int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
-                     int ctype_nid, int econt_nid,
-                     STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it)
-{
-    char bound[33], c;
-    int i;
-    const char *mime_prefix, *mime_eol, *cname = "smime.p7m";
-    const char *msg_type = NULL;
-    if (flags & SMIME_OLDMIME)
-        mime_prefix = "application/x-pkcs7-";
-    else
-        mime_prefix = "application/pkcs7-";
-
-    if (flags & SMIME_CRLFEOL)
-        mime_eol = "\r\n";
-    else
-        mime_eol = "\n";
-    if ((flags & SMIME_DETACHED) && data) {
-        /* We want multipart/signed */
-        /* Generate a random boundary */
-        if (RAND_bytes((unsigned char *)bound, 32) <= 0)
-            return 0;
-        for (i = 0; i < 32; i++) {
-            c = bound[i] & 0xf;
-            if (c < 10)
-                c += '0';
-            else
-                c += 'A' - 10;
-            bound[i] = c;
-        }
-        bound[32] = 0;
-        BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol);
-        BIO_printf(bio, "Content-Type: multipart/signed;");
-        BIO_printf(bio, " protocol=\"%ssignature\";", mime_prefix);
-        BIO_puts(bio, " micalg=\"");
-        asn1_write_micalg(bio, mdalgs);
-        BIO_printf(bio, "\"; boundary=\"----%s\"%s%s",
-                   bound, mime_eol, mime_eol);
-        BIO_printf(bio, "This is an S/MIME signed message%s%s",
-                   mime_eol, mime_eol);
-        /* Now write out the first part */
-        BIO_printf(bio, "------%s%s", bound, mime_eol);
-        if (!asn1_output_data(bio, data, val, flags, it))
-            return 0;
-        BIO_printf(bio, "%s------%s%s", mime_eol, bound, mime_eol);
-
-        /* Headers for signature */
-
-        BIO_printf(bio, "Content-Type: %ssignature;", mime_prefix);
-        BIO_printf(bio, " name=\"smime.p7s\"%s", mime_eol);
-        BIO_printf(bio, "Content-Transfer-Encoding: base64%s", mime_eol);
-        BIO_printf(bio, "Content-Disposition: attachment;");
-        BIO_printf(bio, " filename=\"smime.p7s\"%s%s", mime_eol, mime_eol);
-        B64_write_ASN1(bio, val, NULL, 0, it);
-        BIO_printf(bio, "%s------%s--%s%s", mime_eol, bound,
-                   mime_eol, mime_eol);
-        return 1;
-    }
-
-    /* Determine smime-type header */
-
-    if (ctype_nid == NID_pkcs7_enveloped)
-        msg_type = "enveloped-data";
-    else if (ctype_nid == NID_pkcs7_signed) {
-        if (econt_nid == NID_id_smime_ct_receipt)
-            msg_type = "signed-receipt";
-        else if (sk_X509_ALGOR_num(mdalgs) >= 0)
-            msg_type = "signed-data";
-        else
-            msg_type = "certs-only";
-    } else if (ctype_nid == NID_id_smime_ct_compressedData) {
-        msg_type = "compressed-data";
-        cname = "smime.p7z";
-    }
-    /* MIME headers */
-    BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol);
-    BIO_printf(bio, "Content-Disposition: attachment;");
-    BIO_printf(bio, " filename=\"%s\"%s", cname, mime_eol);
-    BIO_printf(bio, "Content-Type: %smime;", mime_prefix);
-    if (msg_type)
-        BIO_printf(bio, " smime-type=%s;", msg_type);
-    BIO_printf(bio, " name=\"%s\"%s", cname, mime_eol);
-    BIO_printf(bio, "Content-Transfer-Encoding: base64%s%s",
-               mime_eol, mime_eol);
-    if (!B64_write_ASN1(bio, val, data, flags, it))
-        return 0;
-    BIO_printf(bio, "%s", mime_eol);
-    return 1;
-}
-
-/* Handle output of ASN1 data */
-
-static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
-                            const ASN1_ITEM *it)
-{
-    BIO *tmpbio;
-    const ASN1_AUX *aux = it->funcs;
-    ASN1_STREAM_ARG sarg;
-    int rv = 1;
-
-    /*
-     * If data is not deteched or resigning then the output BIO is already
-     * set up to finalise when it is written through.
-     */
-    if (!(flags & SMIME_DETACHED) || (flags & PKCS7_REUSE_DIGEST)) {
-        SMIME_crlf_copy(data, out, flags);
-        return 1;
-    }
-
-    if (!aux || !aux->asn1_cb) {
-        ASN1err(ASN1_F_ASN1_OUTPUT_DATA, ASN1_R_STREAMING_NOT_SUPPORTED);
-        return 0;
-    }
-
-    sarg.out = out;
-    sarg.ndef_bio = NULL;
-    sarg.boundary = NULL;
-
-    /* Let ASN1 code prepend any needed BIOs */
-
-    if (aux->asn1_cb(ASN1_OP_DETACHED_PRE, &val, it, &sarg) <= 0)
-        return 0;
-
-    /* Copy data across, passing through filter BIOs for processing */
-    SMIME_crlf_copy(data, sarg.ndef_bio, flags);
-
-    /* Finalize structure */
-    if (aux->asn1_cb(ASN1_OP_DETACHED_POST, &val, it, &sarg) <= 0)
-        rv = 0;
-
-    /* Now remove any digests prepended to the BIO */
-
-    while (sarg.ndef_bio != out) {
-        tmpbio = BIO_pop(sarg.ndef_bio);
-        BIO_free(sarg.ndef_bio);
-        sarg.ndef_bio = tmpbio;
-    }
-
-    return rv;
-
-}
-
-/*
- * SMIME reader: handle multipart/signed and opaque signing. in multipart
- * case the content is placed in a memory BIO pointed to by "bcont". In
- * opaque this is set to NULL
- */
-
-ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
-{
-    BIO *asnin;
-    STACK_OF(MIME_HEADER) *headers = NULL;
-    STACK_OF(BIO) *parts = NULL;
-    MIME_HEADER *hdr;
-    MIME_PARAM *prm;
-    ASN1_VALUE *val;
-    int ret;
-
-    if (bcont)
-        *bcont = NULL;
-
-    if (!(headers = mime_parse_hdr(bio))) {
-        ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_MIME_PARSE_ERROR);
-        return NULL;
-    }
-
-    if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
-        sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-        ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_CONTENT_TYPE);
-        return NULL;
-    }
-
-    /* Handle multipart/signed */
-
-    if (!strcmp(hdr->value, "multipart/signed")) {
-        /* Split into two parts */
-        prm = mime_param_find(hdr, "boundary");
-        if (!prm || !prm->param_value) {
-            sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-            ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_MULTIPART_BOUNDARY);
-            return NULL;
-        }
-        ret = multi_split(bio, prm->param_value, &parts);
-        sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-        if (!ret || (sk_BIO_num(parts) != 2)) {
-            ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_MULTIPART_BODY_FAILURE);
-            sk_BIO_pop_free(parts, BIO_vfree);
-            return NULL;
-        }
-
-        /* Parse the signature piece */
-        asnin = sk_BIO_value(parts, 1);
-
-        if (!(headers = mime_parse_hdr(asnin))) {
-            ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_MIME_SIG_PARSE_ERROR);
-            sk_BIO_pop_free(parts, BIO_vfree);
-            return NULL;
-        }
-
-        /* Get content type */
-
-        if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
-            sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-            ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_SIG_CONTENT_TYPE);
-            return NULL;
-        }
-
-        if (strcmp(hdr->value, "application/x-pkcs7-signature") &&
-            strcmp(hdr->value, "application/pkcs7-signature")) {
-            ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_SIG_INVALID_MIME_TYPE);
-            ERR_add_error_data(2, "type: ", hdr->value);
-            sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-            sk_BIO_pop_free(parts, BIO_vfree);
-            return NULL;
-        }
-        sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-        /* Read in ASN1 */
-        if (!(val = b64_read_asn1(asnin, it))) {
-            ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_ASN1_SIG_PARSE_ERROR);
-            sk_BIO_pop_free(parts, BIO_vfree);
-            return NULL;
-        }
-
-        if (bcont) {
-            *bcont = sk_BIO_value(parts, 0);
-            BIO_free(asnin);
-            sk_BIO_free(parts);
-        } else
-            sk_BIO_pop_free(parts, BIO_vfree);
-        return val;
-    }
-
-    /* OK, if not multipart/signed try opaque signature */
-
-    if (strcmp(hdr->value, "application/x-pkcs7-mime") &&
-        strcmp(hdr->value, "application/pkcs7-mime")) {
-        ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_INVALID_MIME_TYPE);
-        ERR_add_error_data(2, "type: ", hdr->value);
-        sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-        return NULL;
-    }
-
-    sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-
-    if (!(val = b64_read_asn1(bio, it))) {
-        ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_ASN1_PARSE_ERROR);
-        return NULL;
-    }
-    return val;
-
-}
-
-/* Copy text from one BIO to another making the output CRLF at EOL */
-int SMIME_crlf_copy(BIO *in, BIO *out, int flags)
-{
-    BIO *bf;
-    char eol;
-    int len;
-    char linebuf[MAX_SMLEN];
-    /*
-     * Buffer output so we don't write one line at a time. This is useful
-     * when streaming as we don't end up with one OCTET STRING per line.
-     */
-    bf = BIO_new(BIO_f_buffer());
-    if (!bf)
-        return 0;
-    out = BIO_push(bf, out);
-    if (flags & SMIME_BINARY) {
-        while ((len = BIO_read(in, linebuf, MAX_SMLEN)) > 0)
-            BIO_write(out, linebuf, len);
-    } else {
-        if (flags & SMIME_TEXT)
-            BIO_printf(out, "Content-Type: text/plain\r\n\r\n");
-        while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0) {
-            eol = strip_eol(linebuf, &len);
-            if (len)
-                BIO_write(out, linebuf, len);
-            if (eol)
-                BIO_write(out, "\r\n", 2);
-        }
-    }
-    (void)BIO_flush(out);
-    BIO_pop(out);
-    BIO_free(bf);
-    return 1;
-}
-
-/* Strip off headers if they are text/plain */
-int SMIME_text(BIO *in, BIO *out)
-{
-    char iobuf[4096];
-    int len;
-    STACK_OF(MIME_HEADER) *headers;
-    MIME_HEADER *hdr;
-
-    if (!(headers = mime_parse_hdr(in))) {
-        ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_MIME_PARSE_ERROR);
-        return 0;
-    }
-    if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
-        ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_MIME_NO_CONTENT_TYPE);
-        sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-        return 0;
-    }
-    if (strcmp(hdr->value, "text/plain")) {
-        ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_INVALID_MIME_TYPE);
-        ERR_add_error_data(2, "type: ", hdr->value);
-        sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-        return 0;
-    }
-    sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-    while ((len = BIO_read(in, iobuf, sizeof(iobuf))) > 0)
-        BIO_write(out, iobuf, len);
-    if (len < 0)
-        return 0;
-    return 1;
-}
-
-/*
- * Split a multipart/XXX message body into component parts: result is
- * canonical parts in a STACK of bios
- */
-
-static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret)
-{
-    char linebuf[MAX_SMLEN];
-    int len, blen;
-    int eol = 0, next_eol = 0;
-    BIO *bpart = NULL;
-    STACK_OF(BIO) *parts;
-    char state, part, first;
-
-    blen = strlen(bound);
-    part = 0;
-    state = 0;
-    first = 1;
-    parts = sk_BIO_new_null();
-    *ret = parts;
-    while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
-        state = mime_bound_check(linebuf, len, bound, blen);
-        if (state == 1) {
-            first = 1;
-            part++;
-        } else if (state == 2) {
-            sk_BIO_push(parts, bpart);
-            return 1;
-        } else if (part) {
-            /* Strip CR+LF from linebuf */
-            next_eol = strip_eol(linebuf, &len);
-            if (first) {
-                first = 0;
-                if (bpart)
-                    sk_BIO_push(parts, bpart);
-                bpart = BIO_new(BIO_s_mem());
-                if (bpart == NULL)
-                    return 1;
-                BIO_set_mem_eof_return(bpart, 0);
-            } else if (eol)
-                BIO_write(bpart, "\r\n", 2);
-            eol = next_eol;
-            if (len)
-                BIO_write(bpart, linebuf, len);
-        }
-    }
-    return 0;
-}
-
-/* This is the big one: parse MIME header lines up to message body */
-
-#define MIME_INVALID    0
-#define MIME_START      1
-#define MIME_TYPE       2
-#define MIME_NAME       3
-#define MIME_VALUE      4
-#define MIME_QUOTE      5
-#define MIME_COMMENT    6
-
-static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio)
-{
-    char *p, *q, c;
-    char *ntmp;
-    char linebuf[MAX_SMLEN];
-    MIME_HEADER *mhdr = NULL;
-    STACK_OF(MIME_HEADER) *headers;
-    int len, state, save_state = 0;
-
-    headers = sk_MIME_HEADER_new(mime_hdr_cmp);
-    if (!headers)
-        return NULL;
-    while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
-        /* If whitespace at line start then continuation line */
-        if (mhdr && isspace((unsigned char)linebuf[0]))
-            state = MIME_NAME;
-        else
-            state = MIME_START;
-        ntmp = NULL;
-        /* Go through all characters */
-        for (p = linebuf, q = linebuf; (c = *p) && (c != '\r') && (c != '\n');
-             p++) {
-
-            /*
-             * State machine to handle MIME headers if this looks horrible
-             * that's because it *is*
-             */
-
-            switch (state) {
-            case MIME_START:
-                if (c == ':') {
-                    state = MIME_TYPE;
-                    *p = 0;
-                    ntmp = strip_ends(q);
-                    q = p + 1;
-                }
-                break;
-
-            case MIME_TYPE:
-                if (c == ';') {
-                    mime_debug("Found End Value\n");
-                    *p = 0;
-                    mhdr = mime_hdr_new(ntmp, strip_ends(q));
-                    sk_MIME_HEADER_push(headers, mhdr);
-                    ntmp = NULL;
-                    q = p + 1;
-                    state = MIME_NAME;
-                } else if (c == '(') {
-                    save_state = state;
-                    state = MIME_COMMENT;
-                }
-                break;
-
-            case MIME_COMMENT:
-                if (c == ')') {
-                    state = save_state;
-                }
-                break;
-
-            case MIME_NAME:
-                if (c == '=') {
-                    state = MIME_VALUE;
-                    *p = 0;
-                    ntmp = strip_ends(q);
-                    q = p + 1;
-                }
-                break;
-
-            case MIME_VALUE:
-                if (c == ';') {
-                    state = MIME_NAME;
-                    *p = 0;
-                    mime_hdr_addparam(mhdr, ntmp, strip_ends(q));
-                    ntmp = NULL;
-                    q = p + 1;
-                } else if (c == '"') {
-                    mime_debug("Found Quote\n");
-                    state = MIME_QUOTE;
-                } else if (c == '(') {
-                    save_state = state;
-                    state = MIME_COMMENT;
-                }
-                break;
-
-            case MIME_QUOTE:
-                if (c == '"') {
-                    mime_debug("Found Match Quote\n");
-                    state = MIME_VALUE;
-                }
-                break;
-            }
-        }
-
-        if (state == MIME_TYPE) {
-            mhdr = mime_hdr_new(ntmp, strip_ends(q));
-            sk_MIME_HEADER_push(headers, mhdr);
-        } else if (state == MIME_VALUE)
-            mime_hdr_addparam(mhdr, ntmp, strip_ends(q));
-        if (p == linebuf)
-            break;              /* Blank line means end of headers */
-    }
-
-    return headers;
-
-}
-
-static char *strip_ends(char *name)
-{
-    return strip_end(strip_start(name));
-}
-
-/* Strip a parameter of whitespace from start of param */
-static char *strip_start(char *name)
-{
-    char *p, c;
-    /* Look for first non white space or quote */
-    for (p = name; (c = *p); p++) {
-        if (c == '"') {
-            /* Next char is start of string if non null */
-            if (p[1])
-                return p + 1;
-            /* Else null string */
-            return NULL;
-        }
-        if (!isspace((unsigned char)c))
-            return p;
-    }
-    return NULL;
-}
-
-/* As above but strip from end of string : maybe should handle brackets? */
-static char *strip_end(char *name)
-{
-    char *p, c;
-    if (!name)
-        return NULL;
-    /* Look for first non white space or quote */
-    for (p = name + strlen(name) - 1; p >= name; p--) {
-        c = *p;
-        if (c == '"') {
-            if (p - 1 == name)
-                return NULL;
-            *p = 0;
-            return name;
-        }
-        if (isspace((unsigned char)c))
-            *p = 0;
-        else
-            return name;
-    }
-    return NULL;
-}
-
-static MIME_HEADER *mime_hdr_new(char *name, char *value)
-{
-    MIME_HEADER *mhdr;
-    char *tmpname, *tmpval, *p;
-    int c;
-    if (name) {
-        if (!(tmpname = BUF_strdup(name)))
-            return NULL;
-        for (p = tmpname; *p; p++) {
-            c = (unsigned char)*p;
-            if (isupper(c)) {
-                c = tolower(c);
-                *p = c;
-            }
-        }
-    } else
-        tmpname = NULL;
-    if (value) {
-        if (!(tmpval = BUF_strdup(value)))
-            return NULL;
-        for (p = tmpval; *p; p++) {
-            c = (unsigned char)*p;
-            if (isupper(c)) {
-                c = tolower(c);
-                *p = c;
-            }
-        }
-    } else
-        tmpval = NULL;
-    mhdr = (MIME_HEADER *)OPENSSL_malloc(sizeof(MIME_HEADER));
-    if (!mhdr)
-        return NULL;
-    mhdr->name = tmpname;
-    mhdr->value = tmpval;
-    if (!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp)))
-        return NULL;
-    return mhdr;
-}
-
-static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value)
-{
-    char *tmpname, *tmpval, *p;
-    int c;
-    MIME_PARAM *mparam;
-    if (name) {
-        tmpname = BUF_strdup(name);
-        if (!tmpname)
-            return 0;
-        for (p = tmpname; *p; p++) {
-            c = (unsigned char)*p;
-            if (isupper(c)) {
-                c = tolower(c);
-                *p = c;
-            }
-        }
-    } else
-        tmpname = NULL;
-    if (value) {
-        tmpval = BUF_strdup(value);
-        if (!tmpval)
-            return 0;
-    } else
-        tmpval = NULL;
-    /* Parameter values are case sensitive so leave as is */
-    mparam = (MIME_PARAM *)OPENSSL_malloc(sizeof(MIME_PARAM));
-    if (!mparam)
-        return 0;
-    mparam->param_name = tmpname;
-    mparam->param_value = tmpval;
-    sk_MIME_PARAM_push(mhdr->params, mparam);
-    return 1;
-}
-
-static int mime_hdr_cmp(const MIME_HEADER *const *a,
-                        const MIME_HEADER *const *b)
-{
-    if (!(*a)->name || !(*b)->name)
-        return ! !(*a)->name - ! !(*b)->name;
-
-    return (strcmp((*a)->name, (*b)->name));
-}
-
-static int mime_param_cmp(const MIME_PARAM *const *a,
-                          const MIME_PARAM *const *b)
-{
-    if (!(*a)->param_name || !(*b)->param_name)
-        return ! !(*a)->param_name - ! !(*b)->param_name;
-    return (strcmp((*a)->param_name, (*b)->param_name));
-}
-
-/* Find a header with a given name (if possible) */
-
-static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name)
-{
-    MIME_HEADER htmp;
-    int idx;
-    htmp.name = name;
-    idx = sk_MIME_HEADER_find(hdrs, &htmp);
-    if (idx < 0)
-        return NULL;
-    return sk_MIME_HEADER_value(hdrs, idx);
-}
-
-static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name)
-{
-    MIME_PARAM param;
-    int idx;
-    param.param_name = name;
-    idx = sk_MIME_PARAM_find(hdr->params, &param);
-    if (idx < 0)
-        return NULL;
-    return sk_MIME_PARAM_value(hdr->params, idx);
-}
-
-static void mime_hdr_free(MIME_HEADER *hdr)
-{
-    if (hdr->name)
-        OPENSSL_free(hdr->name);
-    if (hdr->value)
-        OPENSSL_free(hdr->value);
-    if (hdr->params)
-        sk_MIME_PARAM_pop_free(hdr->params, mime_param_free);
-    OPENSSL_free(hdr);
-}
-
-static void mime_param_free(MIME_PARAM *param)
-{
-    if (param->param_name)
-        OPENSSL_free(param->param_name);
-    if (param->param_value)
-        OPENSSL_free(param->param_value);
-    OPENSSL_free(param);
-}
-
-/*-
- * Check for a multipart boundary. Returns:
- * 0 : no boundary
- * 1 : part boundary
- * 2 : final boundary
- */
-static int mime_bound_check(char *line, int linelen, char *bound, int blen)
-{
-    if (linelen == -1)
-        linelen = strlen(line);
-    if (blen == -1)
-        blen = strlen(bound);
-    /* Quickly eliminate if line length too short */
-    if (blen + 2 > linelen)
-        return 0;
-    /* Check for part boundary */
-    if (!strncmp(line, "--", 2) && !strncmp(line + 2, bound, blen)) {
-        if (!strncmp(line + blen + 2, "--", 2))
-            return 2;
-        else
-            return 1;
-    }
-    return 0;
-}
-
-static int strip_eol(char *linebuf, int *plen)
-{
-    int len = *plen;
-    char *p, c;
-    int is_eol = 0;
-    p = linebuf + len - 1;
-    for (p = linebuf + len - 1; len > 0; len--, p--) {
-        c = *p;
-        if (c == '\n')
-            is_eol = 1;
-        else if (c != '\r')
-            break;
-    }
-    *plen = len;
-    return is_eol;
-}
diff --git a/thirdparty/openssl/crypto/asn1/asn_moid.c b/thirdparty/openssl/crypto/asn1/asn_moid.c
deleted file mode 100644
index fab2dd92e2..0000000000
--- a/thirdparty/openssl/crypto/asn1/asn_moid.c
+++ /dev/null
@@ -1,153 +0,0 @@
-/* asn_moid.c */
-/*
- * Written by Stephen Henson (steve@openssl.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/dso.h>
-#include <openssl/x509.h>
-
-/* Simple ASN1 OID module: add all objects in a given section */
-
-static int do_create(char *value, char *name);
-
-static int oid_module_init(CONF_IMODULE *md, const CONF *cnf)
-{
-    int i;
-    const char *oid_section;
-    STACK_OF(CONF_VALUE) *sktmp;
-    CONF_VALUE *oval;
-    oid_section = CONF_imodule_get_value(md);
-    if (!(sktmp = NCONF_get_section(cnf, oid_section))) {
-        ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ERROR_LOADING_SECTION);
-        return 0;
-    }
-    for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
-        oval = sk_CONF_VALUE_value(sktmp, i);
-        if (!do_create(oval->value, oval->name)) {
-            ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ADDING_OBJECT);
-            return 0;
-        }
-    }
-    return 1;
-}
-
-static void oid_module_finish(CONF_IMODULE *md)
-{
-    OBJ_cleanup();
-}
-
-void ASN1_add_oid_module(void)
-{
-    CONF_module_add("oid_section", oid_module_init, oid_module_finish);
-}
-
-/*-
- * Create an OID based on a name value pair. Accept two formats.
- * shortname = 1.2.3.4
- * shortname = some long name, 1.2.3.4
- */
-
-static int do_create(char *value, char *name)
-{
-    int nid;
-    ASN1_OBJECT *oid;
-    char *ln, *ostr, *p, *lntmp;
-    p = strrchr(value, ',');
-    if (!p) {
-        ln = name;
-        ostr = value;
-    } else {
-        ln = NULL;
-        ostr = p + 1;
-        if (!*ostr)
-            return 0;
-        while (isspace((unsigned char)*ostr))
-            ostr++;
-    }
-
-    nid = OBJ_create(ostr, name, ln);
-
-    if (nid == NID_undef)
-        return 0;
-
-    if (p) {
-        ln = value;
-        while (isspace((unsigned char)*ln))
-            ln++;
-        p--;
-        while (isspace((unsigned char)*p)) {
-            if (p == ln)
-                return 0;
-            p--;
-        }
-        p++;
-        lntmp = OPENSSL_malloc((p - ln) + 1);
-        if (lntmp == NULL)
-            return 0;
-        memcpy(lntmp, ln, p - ln);
-        lntmp[p - ln] = 0;
-        oid = OBJ_nid2obj(nid);
-        oid->ln = lntmp;
-    }
-
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/asn1/asn_pack.c b/thirdparty/openssl/crypto/asn1/asn_pack.c
deleted file mode 100644
index 366caf01f0..0000000000
--- a/thirdparty/openssl/crypto/asn1/asn_pack.c
+++ /dev/null
@@ -1,207 +0,0 @@
-/* asn_pack.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-#ifndef NO_ASN1_OLD
-
-/* ASN1 packing and unpacking functions */
-
-/* Turn an ASN1 encoded SEQUENCE OF into a STACK of structures */
-
-STACK_OF(OPENSSL_BLOCK) *ASN1_seq_unpack(const unsigned char *buf, int len,
-                                         d2i_of_void *d2i,
-                                         void (*free_func) (OPENSSL_BLOCK))
-{
-    STACK_OF(OPENSSL_BLOCK) *sk;
-    const unsigned char *pbuf;
-    pbuf = buf;
-    if (!(sk = d2i_ASN1_SET(NULL, &pbuf, len, d2i, free_func,
-                            V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL)))
-        ASN1err(ASN1_F_ASN1_SEQ_UNPACK, ASN1_R_DECODE_ERROR);
-    return sk;
-}
-
-/*
- * Turn a STACK structures into an ASN1 encoded SEQUENCE OF structure in a
- * OPENSSL_malloc'ed buffer
- */
-
-unsigned char *ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d,
-                             unsigned char **buf, int *len)
-{
-    int safelen;
-    unsigned char *safe, *p;
-    if (!(safelen = i2d_ASN1_SET(safes, NULL, i2d, V_ASN1_SEQUENCE,
-                                 V_ASN1_UNIVERSAL, IS_SEQUENCE))) {
-        ASN1err(ASN1_F_ASN1_SEQ_PACK, ASN1_R_ENCODE_ERROR);
-        return NULL;
-    }
-    if (!(safe = OPENSSL_malloc(safelen))) {
-        ASN1err(ASN1_F_ASN1_SEQ_PACK, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    p = safe;
-    i2d_ASN1_SET(safes, &p, i2d, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL,
-                 IS_SEQUENCE);
-    if (len)
-        *len = safelen;
-    if (buf)
-        *buf = safe;
-    return safe;
-}
-
-/* Extract an ASN1 object from an ASN1_STRING */
-
-void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i)
-{
-    const unsigned char *p;
-    char *ret;
-
-    p = oct->data;
-    if (!(ret = d2i(NULL, &p, oct->length)))
-        ASN1err(ASN1_F_ASN1_UNPACK_STRING, ASN1_R_DECODE_ERROR);
-    return ret;
-}
-
-/* Pack an ASN1 object into an ASN1_STRING */
-
-ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d, ASN1_STRING **oct)
-{
-    unsigned char *p;
-    ASN1_STRING *octmp;
-
-    if (!oct || !*oct) {
-        if (!(octmp = ASN1_STRING_new())) {
-            ASN1err(ASN1_F_ASN1_PACK_STRING, ERR_R_MALLOC_FAILURE);
-            return NULL;
-        }
-        if (oct)
-            *oct = octmp;
-    } else
-        octmp = *oct;
-
-    if (!(octmp->length = i2d(obj, NULL))) {
-        ASN1err(ASN1_F_ASN1_PACK_STRING, ASN1_R_ENCODE_ERROR);
-        goto err;
-    }
-    if (!(p = OPENSSL_malloc(octmp->length))) {
-        ASN1err(ASN1_F_ASN1_PACK_STRING, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    octmp->data = p;
-    i2d(obj, &p);
-    return octmp;
- err:
-    if (!oct || !*oct) {
-        ASN1_STRING_free(octmp);
-        if (oct)
-            *oct = NULL;
-    }
-    return NULL;
-}
-
-#endif
-
-/* ASN1_ITEM versions of the above */
-
-ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct)
-{
-    ASN1_STRING *octmp;
-
-    if (!oct || !*oct) {
-        if (!(octmp = ASN1_STRING_new())) {
-            ASN1err(ASN1_F_ASN1_ITEM_PACK, ERR_R_MALLOC_FAILURE);
-            return NULL;
-        }
-        if (oct)
-            *oct = octmp;
-    } else
-        octmp = *oct;
-
-    if (octmp->data) {
-        OPENSSL_free(octmp->data);
-        octmp->data = NULL;
-    }
-
-    if (!(octmp->length = ASN1_item_i2d(obj, &octmp->data, it))) {
-        ASN1err(ASN1_F_ASN1_ITEM_PACK, ASN1_R_ENCODE_ERROR);
-        return NULL;
-    }
-    if (!octmp->data) {
-        ASN1err(ASN1_F_ASN1_ITEM_PACK, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    return octmp;
-}
-
-/* Extract an ASN1 object from an ASN1_STRING */
-
-void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it)
-{
-    const unsigned char *p;
-    void *ret;
-
-    p = oct->data;
-    if (!(ret = ASN1_item_d2i(NULL, &p, oct->length, it)))
-        ASN1err(ASN1_F_ASN1_ITEM_UNPACK, ASN1_R_DECODE_ERROR);
-    return ret;
-}
diff --git a/thirdparty/openssl/crypto/asn1/bio_asn1.c b/thirdparty/openssl/crypto/asn1/bio_asn1.c
deleted file mode 100644
index c3afff69dc..0000000000
--- a/thirdparty/openssl/crypto/asn1/bio_asn1.c
+++ /dev/null
@@ -1,484 +0,0 @@
-/* bio_asn1.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * Experimental ASN1 BIO. When written through the data is converted to an
- * ASN1 string type: default is OCTET STRING. Additional functions can be
- * provided to add prefix and suffix data.
- */
-
-#include <string.h>
-#include <openssl/bio.h>
-#include <openssl/asn1.h>
-
-/* Must be large enough for biggest tag+length */
-#define DEFAULT_ASN1_BUF_SIZE 20
-
-typedef enum {
-    ASN1_STATE_START,
-    ASN1_STATE_PRE_COPY,
-    ASN1_STATE_HEADER,
-    ASN1_STATE_HEADER_COPY,
-    ASN1_STATE_DATA_COPY,
-    ASN1_STATE_POST_COPY,
-    ASN1_STATE_DONE
-} asn1_bio_state_t;
-
-typedef struct BIO_ASN1_EX_FUNCS_st {
-    asn1_ps_func *ex_func;
-    asn1_ps_func *ex_free_func;
-} BIO_ASN1_EX_FUNCS;
-
-typedef struct BIO_ASN1_BUF_CTX_t {
-    /* Internal state */
-    asn1_bio_state_t state;
-    /* Internal buffer */
-    unsigned char *buf;
-    /* Size of buffer */
-    int bufsize;
-    /* Current position in buffer */
-    int bufpos;
-    /* Current buffer length */
-    int buflen;
-    /* Amount of data to copy */
-    int copylen;
-    /* Class and tag to use */
-    int asn1_class, asn1_tag;
-    asn1_ps_func *prefix, *prefix_free, *suffix, *suffix_free;
-    /* Extra buffer for prefix and suffix data */
-    unsigned char *ex_buf;
-    int ex_len;
-    int ex_pos;
-    void *ex_arg;
-} BIO_ASN1_BUF_CTX;
-
-static int asn1_bio_write(BIO *h, const char *buf, int num);
-static int asn1_bio_read(BIO *h, char *buf, int size);
-static int asn1_bio_puts(BIO *h, const char *str);
-static int asn1_bio_gets(BIO *h, char *str, int size);
-static long asn1_bio_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int asn1_bio_new(BIO *h);
-static int asn1_bio_free(BIO *data);
-static long asn1_bio_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-
-static int asn1_bio_init(BIO_ASN1_BUF_CTX *ctx, int size);
-static int asn1_bio_flush_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
-                             asn1_ps_func *cleanup, asn1_bio_state_t next);
-static int asn1_bio_setup_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
-                             asn1_ps_func *setup,
-                             asn1_bio_state_t ex_state,
-                             asn1_bio_state_t other_state);
-
-static BIO_METHOD methods_asn1 = {
-    BIO_TYPE_ASN1,
-    "asn1",
-    asn1_bio_write,
-    asn1_bio_read,
-    asn1_bio_puts,
-    asn1_bio_gets,
-    asn1_bio_ctrl,
-    asn1_bio_new,
-    asn1_bio_free,
-    asn1_bio_callback_ctrl,
-};
-
-BIO_METHOD *BIO_f_asn1(void)
-{
-    return (&methods_asn1);
-}
-
-static int asn1_bio_new(BIO *b)
-{
-    BIO_ASN1_BUF_CTX *ctx;
-    ctx = OPENSSL_malloc(sizeof(BIO_ASN1_BUF_CTX));
-    if (!ctx)
-        return 0;
-    if (!asn1_bio_init(ctx, DEFAULT_ASN1_BUF_SIZE)) {
-        OPENSSL_free(ctx);
-        return 0;
-    }
-    b->init = 1;
-    b->ptr = (char *)ctx;
-    b->flags = 0;
-    return 1;
-}
-
-static int asn1_bio_init(BIO_ASN1_BUF_CTX *ctx, int size)
-{
-    ctx->buf = OPENSSL_malloc(size);
-    if (!ctx->buf)
-        return 0;
-    ctx->bufsize = size;
-    ctx->bufpos = 0;
-    ctx->buflen = 0;
-    ctx->copylen = 0;
-    ctx->asn1_class = V_ASN1_UNIVERSAL;
-    ctx->asn1_tag = V_ASN1_OCTET_STRING;
-    ctx->ex_buf = NULL;
-    ctx->ex_len = 0;
-    ctx->ex_pos = 0;
-    ctx->state = ASN1_STATE_START;
-    ctx->prefix = ctx->prefix_free = ctx->suffix = ctx->suffix_free = NULL;
-    ctx->ex_arg = NULL;
-    return 1;
-}
-
-static int asn1_bio_free(BIO *b)
-{
-    BIO_ASN1_BUF_CTX *ctx;
-    ctx = (BIO_ASN1_BUF_CTX *)b->ptr;
-    if (ctx == NULL)
-        return 0;
-    if (ctx->buf)
-        OPENSSL_free(ctx->buf);
-    OPENSSL_free(ctx);
-    b->init = 0;
-    b->ptr = NULL;
-    b->flags = 0;
-    return 1;
-}
-
-static int asn1_bio_write(BIO *b, const char *in, int inl)
-{
-    BIO_ASN1_BUF_CTX *ctx;
-    int wrmax, wrlen, ret;
-    unsigned char *p;
-    if (!in || (inl < 0) || (b->next_bio == NULL))
-        return 0;
-    ctx = (BIO_ASN1_BUF_CTX *)b->ptr;
-    if (ctx == NULL)
-        return 0;
-
-    wrlen = 0;
-    ret = -1;
-
-    for (;;) {
-        switch (ctx->state) {
-
-            /* Setup prefix data, call it */
-        case ASN1_STATE_START:
-            if (!asn1_bio_setup_ex(b, ctx, ctx->prefix,
-                                   ASN1_STATE_PRE_COPY, ASN1_STATE_HEADER))
-                return 0;
-            break;
-
-            /* Copy any pre data first */
-        case ASN1_STATE_PRE_COPY:
-
-            ret = asn1_bio_flush_ex(b, ctx, ctx->prefix_free,
-                                    ASN1_STATE_HEADER);
-
-            if (ret <= 0)
-                goto done;
-
-            break;
-
-        case ASN1_STATE_HEADER:
-            ctx->buflen = ASN1_object_size(0, inl, ctx->asn1_tag) - inl;
-            OPENSSL_assert(ctx->buflen <= ctx->bufsize);
-            p = ctx->buf;
-            ASN1_put_object(&p, 0, inl, ctx->asn1_tag, ctx->asn1_class);
-            ctx->copylen = inl;
-            ctx->state = ASN1_STATE_HEADER_COPY;
-
-            break;
-
-        case ASN1_STATE_HEADER_COPY:
-            ret = BIO_write(b->next_bio, ctx->buf + ctx->bufpos, ctx->buflen);
-            if (ret <= 0)
-                goto done;
-
-            ctx->buflen -= ret;
-            if (ctx->buflen)
-                ctx->bufpos += ret;
-            else {
-                ctx->bufpos = 0;
-                ctx->state = ASN1_STATE_DATA_COPY;
-            }
-
-            break;
-
-        case ASN1_STATE_DATA_COPY:
-
-            if (inl > ctx->copylen)
-                wrmax = ctx->copylen;
-            else
-                wrmax = inl;
-            ret = BIO_write(b->next_bio, in, wrmax);
-            if (ret <= 0)
-                break;
-            wrlen += ret;
-            ctx->copylen -= ret;
-            in += ret;
-            inl -= ret;
-
-            if (ctx->copylen == 0)
-                ctx->state = ASN1_STATE_HEADER;
-
-            if (inl == 0)
-                goto done;
-
-            break;
-
-        default:
-            BIO_clear_retry_flags(b);
-            return 0;
-
-        }
-
-    }
-
- done:
-    BIO_clear_retry_flags(b);
-    BIO_copy_next_retry(b);
-
-    return (wrlen > 0) ? wrlen : ret;
-
-}
-
-static int asn1_bio_flush_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
-                             asn1_ps_func *cleanup, asn1_bio_state_t next)
-{
-    int ret;
-    if (ctx->ex_len <= 0)
-        return 1;
-    for (;;) {
-        ret = BIO_write(b->next_bio, ctx->ex_buf + ctx->ex_pos, ctx->ex_len);
-        if (ret <= 0)
-            break;
-        ctx->ex_len -= ret;
-        if (ctx->ex_len > 0)
-            ctx->ex_pos += ret;
-        else {
-            if (cleanup)
-                cleanup(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg);
-            ctx->state = next;
-            ctx->ex_pos = 0;
-            break;
-        }
-    }
-    return ret;
-}
-
-static int asn1_bio_setup_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
-                             asn1_ps_func *setup,
-                             asn1_bio_state_t ex_state,
-                             asn1_bio_state_t other_state)
-{
-    if (setup && !setup(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg)) {
-        BIO_clear_retry_flags(b);
-        return 0;
-    }
-    if (ctx->ex_len > 0)
-        ctx->state = ex_state;
-    else
-        ctx->state = other_state;
-    return 1;
-}
-
-static int asn1_bio_read(BIO *b, char *in, int inl)
-{
-    if (!b->next_bio)
-        return 0;
-    return BIO_read(b->next_bio, in, inl);
-}
-
-static int asn1_bio_puts(BIO *b, const char *str)
-{
-    return asn1_bio_write(b, str, strlen(str));
-}
-
-static int asn1_bio_gets(BIO *b, char *str, int size)
-{
-    if (!b->next_bio)
-        return 0;
-    return BIO_gets(b->next_bio, str, size);
-}
-
-static long asn1_bio_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
-    if (b->next_bio == NULL)
-        return (0);
-    return BIO_callback_ctrl(b->next_bio, cmd, fp);
-}
-
-static long asn1_bio_ctrl(BIO *b, int cmd, long arg1, void *arg2)
-{
-    BIO_ASN1_BUF_CTX *ctx;
-    BIO_ASN1_EX_FUNCS *ex_func;
-    long ret = 1;
-    ctx = (BIO_ASN1_BUF_CTX *)b->ptr;
-    if (ctx == NULL)
-        return 0;
-    switch (cmd) {
-
-    case BIO_C_SET_PREFIX:
-        ex_func = arg2;
-        ctx->prefix = ex_func->ex_func;
-        ctx->prefix_free = ex_func->ex_free_func;
-        break;
-
-    case BIO_C_GET_PREFIX:
-        ex_func = arg2;
-        ex_func->ex_func = ctx->prefix;
-        ex_func->ex_free_func = ctx->prefix_free;
-        break;
-
-    case BIO_C_SET_SUFFIX:
-        ex_func = arg2;
-        ctx->suffix = ex_func->ex_func;
-        ctx->suffix_free = ex_func->ex_free_func;
-        break;
-
-    case BIO_C_GET_SUFFIX:
-        ex_func = arg2;
-        ex_func->ex_func = ctx->suffix;
-        ex_func->ex_free_func = ctx->suffix_free;
-        break;
-
-    case BIO_C_SET_EX_ARG:
-        ctx->ex_arg = arg2;
-        break;
-
-    case BIO_C_GET_EX_ARG:
-        *(void **)arg2 = ctx->ex_arg;
-        break;
-
-    case BIO_CTRL_FLUSH:
-        if (!b->next_bio)
-            return 0;
-
-        /* Call post function if possible */
-        if (ctx->state == ASN1_STATE_HEADER) {
-            if (!asn1_bio_setup_ex(b, ctx, ctx->suffix,
-                                   ASN1_STATE_POST_COPY, ASN1_STATE_DONE))
-                return 0;
-        }
-
-        if (ctx->state == ASN1_STATE_POST_COPY) {
-            ret = asn1_bio_flush_ex(b, ctx, ctx->suffix_free,
-                                    ASN1_STATE_DONE);
-            if (ret <= 0)
-                return ret;
-        }
-
-        if (ctx->state == ASN1_STATE_DONE)
-            return BIO_ctrl(b->next_bio, cmd, arg1, arg2);
-        else {
-            BIO_clear_retry_flags(b);
-            return 0;
-        }
-        break;
-
-    default:
-        if (!b->next_bio)
-            return 0;
-        return BIO_ctrl(b->next_bio, cmd, arg1, arg2);
-
-    }
-
-    return ret;
-}
-
-static int asn1_bio_set_ex(BIO *b, int cmd,
-                           asn1_ps_func *ex_func, asn1_ps_func *ex_free_func)
-{
-    BIO_ASN1_EX_FUNCS extmp;
-    extmp.ex_func = ex_func;
-    extmp.ex_free_func = ex_free_func;
-    return BIO_ctrl(b, cmd, 0, &extmp);
-}
-
-static int asn1_bio_get_ex(BIO *b, int cmd,
-                           asn1_ps_func **ex_func,
-                           asn1_ps_func **ex_free_func)
-{
-    BIO_ASN1_EX_FUNCS extmp;
-    int ret;
-    ret = BIO_ctrl(b, cmd, 0, &extmp);
-    if (ret > 0) {
-        *ex_func = extmp.ex_func;
-        *ex_free_func = extmp.ex_free_func;
-    }
-    return ret;
-}
-
-int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix,
-                        asn1_ps_func *prefix_free)
-{
-    return asn1_bio_set_ex(b, BIO_C_SET_PREFIX, prefix, prefix_free);
-}
-
-int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix,
-                        asn1_ps_func **pprefix_free)
-{
-    return asn1_bio_get_ex(b, BIO_C_GET_PREFIX, pprefix, pprefix_free);
-}
-
-int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix,
-                        asn1_ps_func *suffix_free)
-{
-    return asn1_bio_set_ex(b, BIO_C_SET_SUFFIX, suffix, suffix_free);
-}
-
-int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,
-                        asn1_ps_func **psuffix_free)
-{
-    return asn1_bio_get_ex(b, BIO_C_GET_SUFFIX, psuffix, psuffix_free);
-}
diff --git a/thirdparty/openssl/crypto/asn1/bio_ndef.c b/thirdparty/openssl/crypto/asn1/bio_ndef.c
deleted file mode 100644
index 8d7046633c..0000000000
--- a/thirdparty/openssl/crypto/asn1/bio_ndef.c
+++ /dev/null
@@ -1,249 +0,0 @@
-/* bio_ndef.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/bio.h>
-#include <openssl/err.h>
-
-#include <stdio.h>
-
-/* Experimental NDEF ASN1 BIO support routines */
-
-/*
- * The usage is quite simple, initialize an ASN1 structure, get a BIO from it
- * then any data written through the BIO will end up translated to
- * approptiate format on the fly. The data is streamed out and does *not*
- * need to be all held in memory at once. When the BIO is flushed the output
- * is finalized and any signatures etc written out. The BIO is a 'proper'
- * BIO and can handle non blocking I/O correctly. The usage is simple. The
- * implementation is *not*...
- */
-
-/* BIO support data stored in the ASN1 BIO ex_arg */
-
-typedef struct ndef_aux_st {
-    /* ASN1 structure this BIO refers to */
-    ASN1_VALUE *val;
-    const ASN1_ITEM *it;
-    /* Top of the BIO chain */
-    BIO *ndef_bio;
-    /* Output BIO */
-    BIO *out;
-    /* Boundary where content is inserted */
-    unsigned char **boundary;
-    /* DER buffer start */
-    unsigned char *derbuf;
-} NDEF_SUPPORT;
-
-static int ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg);
-static int ndef_prefix_free(BIO *b, unsigned char **pbuf, int *plen,
-                            void *parg);
-static int ndef_suffix(BIO *b, unsigned char **pbuf, int *plen, void *parg);
-static int ndef_suffix_free(BIO *b, unsigned char **pbuf, int *plen,
-                            void *parg);
-
-BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it)
-{
-    NDEF_SUPPORT *ndef_aux = NULL;
-    BIO *asn_bio = NULL;
-    const ASN1_AUX *aux = it->funcs;
-    ASN1_STREAM_ARG sarg;
-
-    if (!aux || !aux->asn1_cb) {
-        ASN1err(ASN1_F_BIO_NEW_NDEF, ASN1_R_STREAMING_NOT_SUPPORTED);
-        return NULL;
-    }
-    ndef_aux = OPENSSL_malloc(sizeof(NDEF_SUPPORT));
-    asn_bio = BIO_new(BIO_f_asn1());
-
-    /* ASN1 bio needs to be next to output BIO */
-
-    out = BIO_push(asn_bio, out);
-
-    if (!ndef_aux || !asn_bio || !out)
-        goto err;
-
-    BIO_asn1_set_prefix(asn_bio, ndef_prefix, ndef_prefix_free);
-    BIO_asn1_set_suffix(asn_bio, ndef_suffix, ndef_suffix_free);
-
-    /*
-     * Now let callback prepend any digest, cipher etc BIOs ASN1 structure
-     * needs.
-     */
-
-    sarg.out = out;
-    sarg.ndef_bio = NULL;
-    sarg.boundary = NULL;
-
-    if (aux->asn1_cb(ASN1_OP_STREAM_PRE, &val, it, &sarg) <= 0)
-        goto err;
-
-    ndef_aux->val = val;
-    ndef_aux->it = it;
-    ndef_aux->ndef_bio = sarg.ndef_bio;
-    ndef_aux->boundary = sarg.boundary;
-    ndef_aux->out = out;
-    ndef_aux->derbuf = NULL;
-
-    BIO_ctrl(asn_bio, BIO_C_SET_EX_ARG, 0, ndef_aux);
-
-    return sarg.ndef_bio;
-
- err:
-    if (asn_bio)
-        BIO_free(asn_bio);
-    if (ndef_aux)
-        OPENSSL_free(ndef_aux);
-    return NULL;
-}
-
-static int ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
-{
-    NDEF_SUPPORT *ndef_aux;
-    unsigned char *p;
-    int derlen;
-
-    if (!parg)
-        return 0;
-
-    ndef_aux = *(NDEF_SUPPORT **)parg;
-
-    derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
-    p = OPENSSL_malloc(derlen);
-    if (!p)
-        return 0;
-
-    ndef_aux->derbuf = p;
-    *pbuf = p;
-    derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it);
-
-    if (!*ndef_aux->boundary)
-        return 0;
-
-    *plen = *ndef_aux->boundary - *pbuf;
-
-    return 1;
-}
-
-static int ndef_prefix_free(BIO *b, unsigned char **pbuf, int *plen,
-                            void *parg)
-{
-    NDEF_SUPPORT *ndef_aux;
-
-    if (!parg)
-        return 0;
-
-    ndef_aux = *(NDEF_SUPPORT **)parg;
-
-    if (ndef_aux->derbuf)
-        OPENSSL_free(ndef_aux->derbuf);
-
-    ndef_aux->derbuf = NULL;
-    *pbuf = NULL;
-    *plen = 0;
-    return 1;
-}
-
-static int ndef_suffix_free(BIO *b, unsigned char **pbuf, int *plen,
-                            void *parg)
-{
-    NDEF_SUPPORT **pndef_aux = (NDEF_SUPPORT **)parg;
-    if (!ndef_prefix_free(b, pbuf, plen, parg))
-        return 0;
-    OPENSSL_free(*pndef_aux);
-    *pndef_aux = NULL;
-    return 1;
-}
-
-static int ndef_suffix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
-{
-    NDEF_SUPPORT *ndef_aux;
-    unsigned char *p;
-    int derlen;
-    const ASN1_AUX *aux;
-    ASN1_STREAM_ARG sarg;
-
-    if (!parg)
-        return 0;
-
-    ndef_aux = *(NDEF_SUPPORT **)parg;
-
-    aux = ndef_aux->it->funcs;
-
-    /* Finalize structures */
-    sarg.ndef_bio = ndef_aux->ndef_bio;
-    sarg.out = ndef_aux->out;
-    sarg.boundary = ndef_aux->boundary;
-    if (aux->asn1_cb(ASN1_OP_STREAM_POST,
-                     &ndef_aux->val, ndef_aux->it, &sarg) <= 0)
-        return 0;
-
-    derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
-    p = OPENSSL_malloc(derlen);
-    if (!p)
-        return 0;
-
-    ndef_aux->derbuf = p;
-    *pbuf = p;
-    derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it);
-
-    if (!*ndef_aux->boundary)
-        return 0;
-    *pbuf = *ndef_aux->boundary;
-    *plen = derlen - (*ndef_aux->boundary - ndef_aux->derbuf);
-
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/asn1/charmap.h b/thirdparty/openssl/crypto/asn1/charmap.h
deleted file mode 100644
index 3305ad146b..0000000000
--- a/thirdparty/openssl/crypto/asn1/charmap.h
+++ /dev/null
@@ -1,15 +0,0 @@
-/*
- * Auto generated with chartype.pl script. Mask of various character
- * properties
- */
-
-static const unsigned char char_type[] = {
-    2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
-    2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
-    120, 0, 1, 40, 0, 0, 0, 16, 16, 16, 0, 25, 25, 16, 16, 16,
-    16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 9, 9, 16, 9, 16,
-    0, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-    16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 0, 1, 0, 0, 0,
-    0, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-    16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 0, 0, 0, 0, 2
-};
diff --git a/thirdparty/openssl/crypto/asn1/d2i_pr.c b/thirdparty/openssl/crypto/asn1/d2i_pr.c
deleted file mode 100644
index 86dcf5fba9..0000000000
--- a/thirdparty/openssl/crypto/asn1/d2i_pr.c
+++ /dev/null
@@ -1,177 +0,0 @@
-/* crypto/asn1/d2i_pr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-#include "asn1_locl.h"
-
-EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
-                         long length)
-{
-    EVP_PKEY *ret;
-    const unsigned char *p = *pp;
-
-    if ((a == NULL) || (*a == NULL)) {
-        if ((ret = EVP_PKEY_new()) == NULL) {
-            ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_EVP_LIB);
-            return (NULL);
-        }
-    } else {
-        ret = *a;
-#ifndef OPENSSL_NO_ENGINE
-        if (ret->engine) {
-            ENGINE_finish(ret->engine);
-            ret->engine = NULL;
-        }
-#endif
-    }
-
-    if (!EVP_PKEY_set_type(ret, type)) {
-        ASN1err(ASN1_F_D2I_PRIVATEKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
-        goto err;
-    }
-
-    if (!ret->ameth->old_priv_decode ||
-        !ret->ameth->old_priv_decode(ret, &p, length)) {
-        if (ret->ameth->priv_decode) {
-            EVP_PKEY *tmp;
-            PKCS8_PRIV_KEY_INFO *p8 = NULL;
-            p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
-            if (!p8)
-                goto err;
-            tmp = EVP_PKCS82PKEY(p8);
-            PKCS8_PRIV_KEY_INFO_free(p8);
-            if (tmp == NULL)
-                goto err;
-            EVP_PKEY_free(ret);
-            ret = tmp;
-        } else {
-            ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
-            goto err;
-        }
-    }
-    *pp = p;
-    if (a != NULL)
-        (*a) = ret;
-    return (ret);
- err:
-    if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-        EVP_PKEY_free(ret);
-    return (NULL);
-}
-
-/*
- * This works like d2i_PrivateKey() except it automatically works out the
- * type
- */
-
-EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
-                             long length)
-{
-    STACK_OF(ASN1_TYPE) *inkey;
-    const unsigned char *p;
-    int keytype;
-    p = *pp;
-    /*
-     * Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): by
-     * analyzing it we can determine the passed structure: this assumes the
-     * input is surrounded by an ASN1 SEQUENCE.
-     */
-    inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, length);
-    p = *pp;
-    /*
-     * Since we only need to discern "traditional format" RSA and DSA keys we
-     * can just count the elements.
-     */
-    if (sk_ASN1_TYPE_num(inkey) == 6)
-        keytype = EVP_PKEY_DSA;
-    else if (sk_ASN1_TYPE_num(inkey) == 4)
-        keytype = EVP_PKEY_EC;
-    else if (sk_ASN1_TYPE_num(inkey) == 3) { /* This seems to be PKCS8, not
-                                              * traditional format */
-        PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
-        EVP_PKEY *ret;
-
-        sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
-        if (!p8) {
-            ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,
-                    ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
-            return NULL;
-        }
-        ret = EVP_PKCS82PKEY(p8);
-        PKCS8_PRIV_KEY_INFO_free(p8);
-        if (ret == NULL)
-            return NULL;
-        *pp = p;
-        if (a) {
-            *a = ret;
-        }
-        return ret;
-    } else
-        keytype = EVP_PKEY_RSA;
-    sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
-    return d2i_PrivateKey(keytype, a, pp, length);
-}
diff --git a/thirdparty/openssl/crypto/asn1/d2i_pu.c b/thirdparty/openssl/crypto/asn1/d2i_pu.c
deleted file mode 100644
index 33542dd122..0000000000
--- a/thirdparty/openssl/crypto/asn1/d2i_pu.c
+++ /dev/null
@@ -1,136 +0,0 @@
-/* crypto/asn1/d2i_pu.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/asn1.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_EC
-# include <openssl/ec.h>
-#endif
-
-EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
-                        long length)
-{
-    EVP_PKEY *ret;
-
-    if ((a == NULL) || (*a == NULL)) {
-        if ((ret = EVP_PKEY_new()) == NULL) {
-            ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_EVP_LIB);
-            return (NULL);
-        }
-    } else
-        ret = *a;
-
-    if (!EVP_PKEY_set_type(ret, type)) {
-        ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_EVP_LIB);
-        goto err;
-    }
-
-    switch (EVP_PKEY_id(ret)) {
-#ifndef OPENSSL_NO_RSA
-    case EVP_PKEY_RSA:
-        /* TMP UGLY CAST */
-        if ((ret->pkey.rsa = d2i_RSAPublicKey(NULL,
-                                              (const unsigned char **)pp,
-                                              length)) == NULL) {
-            ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
-            goto err;
-        }
-        break;
-#endif
-#ifndef OPENSSL_NO_DSA
-    case EVP_PKEY_DSA:
-        /* TMP UGLY CAST */
-        if (!d2i_DSAPublicKey(&(ret->pkey.dsa),
-                              (const unsigned char **)pp, length)) {
-            ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
-            goto err;
-        }
-        break;
-#endif
-#ifndef OPENSSL_NO_EC
-    case EVP_PKEY_EC:
-        if (!o2i_ECPublicKey(&(ret->pkey.ec),
-                             (const unsigned char **)pp, length)) {
-            ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
-            goto err;
-        }
-        break;
-#endif
-    default:
-        ASN1err(ASN1_F_D2I_PUBLICKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
-        goto err;
-        /* break; */
-    }
-    if (a != NULL)
-        (*a) = ret;
-    return (ret);
- err:
-    if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-        EVP_PKEY_free(ret);
-    return (NULL);
-}
diff --git a/thirdparty/openssl/crypto/asn1/evp_asn1.c b/thirdparty/openssl/crypto/asn1/evp_asn1.c
deleted file mode 100644
index 5876afa5e4..0000000000
--- a/thirdparty/openssl/crypto/asn1/evp_asn1.c
+++ /dev/null
@@ -1,195 +0,0 @@
-/* crypto/asn1/evp_asn1.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
-
-int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len)
-{
-    ASN1_STRING *os;
-
-    if ((os = M_ASN1_OCTET_STRING_new()) == NULL)
-        return (0);
-    if (!M_ASN1_OCTET_STRING_set(os, data, len)) {
-        M_ASN1_OCTET_STRING_free(os);
-        return 0;
-    }
-    ASN1_TYPE_set(a, V_ASN1_OCTET_STRING, os);
-    return (1);
-}
-
-/* int max_len:  for returned value    */
-int ASN1_TYPE_get_octetstring(ASN1_TYPE *a, unsigned char *data, int max_len)
-{
-    int ret, num;
-    unsigned char *p;
-
-    if ((a->type != V_ASN1_OCTET_STRING) || (a->value.octet_string == NULL)) {
-        ASN1err(ASN1_F_ASN1_TYPE_GET_OCTETSTRING, ASN1_R_DATA_IS_WRONG);
-        return (-1);
-    }
-    p = M_ASN1_STRING_data(a->value.octet_string);
-    ret = M_ASN1_STRING_length(a->value.octet_string);
-    if (ret < max_len)
-        num = ret;
-    else
-        num = max_len;
-    memcpy(data, p, num);
-    return (ret);
-}
-
-int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data,
-                                  int len)
-{
-    int n, size;
-    ASN1_OCTET_STRING os, *osp;
-    ASN1_INTEGER in;
-    unsigned char *p;
-    unsigned char buf[32];      /* when they have 256bit longs, I'll be in
-                                 * trouble */
-    in.data = buf;
-    in.length = 32;
-    os.data = data;
-    os.type = V_ASN1_OCTET_STRING;
-    os.length = len;
-    ASN1_INTEGER_set(&in, num);
-    n = i2d_ASN1_INTEGER(&in, NULL);
-    n += M_i2d_ASN1_OCTET_STRING(&os, NULL);
-
-    size = ASN1_object_size(1, n, V_ASN1_SEQUENCE);
-
-    if ((osp = ASN1_STRING_new()) == NULL)
-        return (0);
-    /* Grow the 'string' */
-    if (!ASN1_STRING_set(osp, NULL, size)) {
-        ASN1_STRING_free(osp);
-        return (0);
-    }
-
-    M_ASN1_STRING_length_set(osp, size);
-    p = M_ASN1_STRING_data(osp);
-
-    ASN1_put_object(&p, 1, n, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-    i2d_ASN1_INTEGER(&in, &p);
-    M_i2d_ASN1_OCTET_STRING(&os, &p);
-
-    ASN1_TYPE_set(a, V_ASN1_SEQUENCE, osp);
-    return (1);
-}
-
-/*
- * we return the actual length..., num may be missing, in which case, set it
- * to zero
- */
-/* int max_len:  for returned value    */
-int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num,
-                                  unsigned char *data, int max_len)
-{
-    int ret = -1, n;
-    ASN1_INTEGER *ai = NULL;
-    ASN1_OCTET_STRING *os = NULL;
-    const unsigned char *p;
-    long length;
-    ASN1_const_CTX c;
-
-    if ((a->type != V_ASN1_SEQUENCE) || (a->value.sequence == NULL)) {
-        goto err;
-    }
-    p = M_ASN1_STRING_data(a->value.sequence);
-    length = M_ASN1_STRING_length(a->value.sequence);
-
-    c.pp = &p;
-    c.p = p;
-    c.max = p + length;
-    c.error = ASN1_R_DATA_IS_WRONG;
-
-    M_ASN1_D2I_start_sequence();
-    c.q = c.p;
-    if ((ai = d2i_ASN1_INTEGER(NULL, &c.p, c.slen)) == NULL)
-        goto err;
-    c.slen -= (c.p - c.q);
-    c.q = c.p;
-    if ((os = d2i_ASN1_OCTET_STRING(NULL, &c.p, c.slen)) == NULL)
-        goto err;
-    c.slen -= (c.p - c.q);
-    if (!M_ASN1_D2I_end_sequence())
-        goto err;
-
-    if (num != NULL)
-        *num = ASN1_INTEGER_get(ai);
-
-    ret = M_ASN1_STRING_length(os);
-    if (max_len > ret)
-        n = ret;
-    else
-        n = max_len;
-
-    if (data != NULL)
-        memcpy(data, M_ASN1_STRING_data(os), n);
-    if (0) {
- err:
-        ASN1err(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING, ASN1_R_DATA_IS_WRONG);
-    }
-    if (os != NULL)
-        M_ASN1_OCTET_STRING_free(os);
-    if (ai != NULL)
-        M_ASN1_INTEGER_free(ai);
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/asn1/f_enum.c b/thirdparty/openssl/crypto/asn1/f_enum.c
deleted file mode 100644
index 527f1d8f87..0000000000
--- a/thirdparty/openssl/crypto/asn1/f_enum.c
+++ /dev/null
@@ -1,203 +0,0 @@
-/* crypto/asn1/f_enum.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
-
-/* Based on a_int.c: equivalent ENUMERATED functions */
-
-int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a)
-{
-    int i, n = 0;
-    static const char *h = "0123456789ABCDEF";
-    char buf[2];
-
-    if (a == NULL)
-        return (0);
-
-    if (a->length == 0) {
-        if (BIO_write(bp, "00", 2) != 2)
-            goto err;
-        n = 2;
-    } else {
-        for (i = 0; i < a->length; i++) {
-            if ((i != 0) && (i % 35 == 0)) {
-                if (BIO_write(bp, "\\\n", 2) != 2)
-                    goto err;
-                n += 2;
-            }
-            buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f];
-            buf[1] = h[((unsigned char)a->data[i]) & 0x0f];
-            if (BIO_write(bp, buf, 2) != 2)
-                goto err;
-            n += 2;
-        }
-    }
-    return (n);
- err:
-    return (-1);
-}
-
-int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
-{
-    int ret = 0;
-    int i, j, k, m, n, again, bufsize;
-    unsigned char *s = NULL, *sp;
-    unsigned char *bufp;
-    int num = 0, slen = 0, first = 1;
-
-    bs->type = V_ASN1_ENUMERATED;
-
-    bufsize = BIO_gets(bp, buf, size);
-    for (;;) {
-        if (bufsize < 1)
-            goto err_sl;
-        i = bufsize;
-        if (buf[i - 1] == '\n')
-            buf[--i] = '\0';
-        if (i == 0)
-            goto err_sl;
-        if (buf[i - 1] == '\r')
-            buf[--i] = '\0';
-        if (i == 0)
-            goto err_sl;
-        again = (buf[i - 1] == '\\');
-
-        for (j = 0; j < i; j++) {
-            if (!(((buf[j] >= '0') && (buf[j] <= '9')) ||
-                  ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
-                  ((buf[j] >= 'A') && (buf[j] <= 'F')))) {
-                i = j;
-                break;
-            }
-        }
-        buf[i] = '\0';
-        /*
-         * We have now cleared all the crap off the end of the line
-         */
-        if (i < 2)
-            goto err_sl;
-
-        bufp = (unsigned char *)buf;
-        if (first) {
-            first = 0;
-            if ((bufp[0] == '0') && (bufp[1] == '0')) {
-                bufp += 2;
-                i -= 2;
-            }
-        }
-        k = 0;
-        i -= again;
-        if (i % 2 != 0) {
-            ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ASN1_R_ODD_NUMBER_OF_CHARS);
-            goto err;
-        }
-        i /= 2;
-        if (num + i > slen) {
-            if (s == NULL)
-                sp = (unsigned char *)OPENSSL_malloc((unsigned int)num +
-                                                     i * 2);
-            else
-                sp = (unsigned char *)OPENSSL_realloc(s,
-                                                      (unsigned int)num +
-                                                      i * 2);
-            if (sp == NULL) {
-                ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            s = sp;
-            slen = num + i * 2;
-        }
-        for (j = 0; j < i; j++, k += 2) {
-            for (n = 0; n < 2; n++) {
-                m = bufp[k + n];
-                if ((m >= '0') && (m <= '9'))
-                    m -= '0';
-                else if ((m >= 'a') && (m <= 'f'))
-                    m = m - 'a' + 10;
-                else if ((m >= 'A') && (m <= 'F'))
-                    m = m - 'A' + 10;
-                else {
-                    ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,
-                            ASN1_R_NON_HEX_CHARACTERS);
-                    goto err;
-                }
-                s[num + j] <<= 4;
-                s[num + j] |= m;
-            }
-        }
-        num += i;
-        if (again)
-            bufsize = BIO_gets(bp, buf, size);
-        else
-            break;
-    }
-    bs->length = num;
-    bs->data = s;
-    ret = 1;
- err:
-    if (0) {
- err_sl:
-        ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ASN1_R_SHORT_LINE);
-    }
-    if (ret != 1)
-        OPENSSL_free(s);
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/asn1/f_int.c b/thirdparty/openssl/crypto/asn1/f_int.c
deleted file mode 100644
index e6ed7f1e77..0000000000
--- a/thirdparty/openssl/crypto/asn1/f_int.c
+++ /dev/null
@@ -1,215 +0,0 @@
-/* crypto/asn1/f_int.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
-
-int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a)
-{
-    int i, n = 0;
-    static const char *h = "0123456789ABCDEF";
-    char buf[2];
-
-    if (a == NULL)
-        return (0);
-
-    if (a->type & V_ASN1_NEG) {
-        if (BIO_write(bp, "-", 1) != 1)
-            goto err;
-        n = 1;
-    }
-
-    if (a->length == 0) {
-        if (BIO_write(bp, "00", 2) != 2)
-            goto err;
-        n += 2;
-    } else {
-        for (i = 0; i < a->length; i++) {
-            if ((i != 0) && (i % 35 == 0)) {
-                if (BIO_write(bp, "\\\n", 2) != 2)
-                    goto err;
-                n += 2;
-            }
-            buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f];
-            buf[1] = h[((unsigned char)a->data[i]) & 0x0f];
-            if (BIO_write(bp, buf, 2) != 2)
-                goto err;
-            n += 2;
-        }
-    }
-    return (n);
- err:
-    return (-1);
-}
-
-int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
-{
-    int ret = 0;
-    int i, j, k, m, n, again, bufsize;
-    unsigned char *s = NULL, *sp;
-    unsigned char *bufp;
-    int num = 0, slen = 0, first = 1;
-
-    bs->type = V_ASN1_INTEGER;
-
-    bufsize = BIO_gets(bp, buf, size);
-    for (;;) {
-        if (bufsize < 1)
-            goto err_sl;
-        i = bufsize;
-        if (buf[i - 1] == '\n')
-            buf[--i] = '\0';
-        if (i == 0)
-            goto err_sl;
-        if (buf[i - 1] == '\r')
-            buf[--i] = '\0';
-        if (i == 0)
-            goto err_sl;
-        again = (buf[i - 1] == '\\');
-
-        for (j = 0; j < i; j++) {
-#ifndef CHARSET_EBCDIC
-            if (!(((buf[j] >= '0') && (buf[j] <= '9')) ||
-                  ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
-                  ((buf[j] >= 'A') && (buf[j] <= 'F'))))
-#else
-            /*
-             * This #ifdef is not strictly necessary, since the characters
-             * A...F a...f 0...9 are contiguous (yes, even in EBCDIC - but
-             * not the whole alphabet). Nevertheless, isxdigit() is faster.
-             */
-            if (!isxdigit(buf[j]))
-#endif
-            {
-                i = j;
-                break;
-            }
-        }
-        buf[i] = '\0';
-        /*
-         * We have now cleared all the crap off the end of the line
-         */
-        if (i < 2)
-            goto err_sl;
-
-        bufp = (unsigned char *)buf;
-        if (first) {
-            first = 0;
-            if ((bufp[0] == '0') && (bufp[1] == '0')) {
-                bufp += 2;
-                i -= 2;
-            }
-        }
-        k = 0;
-        i -= again;
-        if (i % 2 != 0) {
-            ASN1err(ASN1_F_A2I_ASN1_INTEGER, ASN1_R_ODD_NUMBER_OF_CHARS);
-            goto err;
-        }
-        i /= 2;
-        if (num + i > slen) {
-            if (s == NULL)
-                sp = (unsigned char *)OPENSSL_malloc((unsigned int)num +
-                                                     i * 2);
-            else
-                sp = OPENSSL_realloc_clean(s, slen, num + i * 2);
-            if (sp == NULL) {
-                ASN1err(ASN1_F_A2I_ASN1_INTEGER, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            s = sp;
-            slen = num + i * 2;
-        }
-        for (j = 0; j < i; j++, k += 2) {
-            for (n = 0; n < 2; n++) {
-                m = bufp[k + n];
-                if ((m >= '0') && (m <= '9'))
-                    m -= '0';
-                else if ((m >= 'a') && (m <= 'f'))
-                    m = m - 'a' + 10;
-                else if ((m >= 'A') && (m <= 'F'))
-                    m = m - 'A' + 10;
-                else {
-                    ASN1err(ASN1_F_A2I_ASN1_INTEGER,
-                            ASN1_R_NON_HEX_CHARACTERS);
-                    goto err;
-                }
-                s[num + j] <<= 4;
-                s[num + j] |= m;
-            }
-        }
-        num += i;
-        if (again)
-            bufsize = BIO_gets(bp, buf, size);
-        else
-            break;
-    }
-    bs->length = num;
-    bs->data = s;
-    ret = 1;
- err:
-    if (0) {
- err_sl:
-        ASN1err(ASN1_F_A2I_ASN1_INTEGER, ASN1_R_SHORT_LINE);
-    }
-    if (ret != 1)
-        OPENSSL_free(s);
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/asn1/f_string.c b/thirdparty/openssl/crypto/asn1/f_string.c
deleted file mode 100644
index 0f7b9cfb11..0000000000
--- a/thirdparty/openssl/crypto/asn1/f_string.c
+++ /dev/null
@@ -1,209 +0,0 @@
-/* crypto/asn1/f_string.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
-
-int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type)
-{
-    int i, n = 0;
-    static const char *h = "0123456789ABCDEF";
-    char buf[2];
-
-    if (a == NULL)
-        return (0);
-
-    if (a->length == 0) {
-        if (BIO_write(bp, "0", 1) != 1)
-            goto err;
-        n = 1;
-    } else {
-        for (i = 0; i < a->length; i++) {
-            if ((i != 0) && (i % 35 == 0)) {
-                if (BIO_write(bp, "\\\n", 2) != 2)
-                    goto err;
-                n += 2;
-            }
-            buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f];
-            buf[1] = h[((unsigned char)a->data[i]) & 0x0f];
-            if (BIO_write(bp, buf, 2) != 2)
-                goto err;
-            n += 2;
-        }
-    }
-    return (n);
- err:
-    return (-1);
-}
-
-int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
-{
-    int ret = 0;
-    int i, j, k, m, n, again, bufsize;
-    unsigned char *s = NULL, *sp;
-    unsigned char *bufp;
-    int num = 0, slen = 0, first = 1;
-
-    bufsize = BIO_gets(bp, buf, size);
-    for (;;) {
-        if (bufsize < 1) {
-            if (first)
-                break;
-            else
-                goto err_sl;
-        }
-        first = 0;
-
-        i = bufsize;
-        if (buf[i - 1] == '\n')
-            buf[--i] = '\0';
-        if (i == 0)
-            goto err_sl;
-        if (buf[i - 1] == '\r')
-            buf[--i] = '\0';
-        if (i == 0)
-            goto err_sl;
-        again = (buf[i - 1] == '\\');
-
-        for (j = i - 1; j > 0; j--) {
-#ifndef CHARSET_EBCDIC
-            if (!(((buf[j] >= '0') && (buf[j] <= '9')) ||
-                  ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
-                  ((buf[j] >= 'A') && (buf[j] <= 'F'))))
-#else
-            /*
-             * This #ifdef is not strictly necessary, since the characters
-             * A...F a...f 0...9 are contiguous (yes, even in EBCDIC - but
-             * not the whole alphabet). Nevertheless, isxdigit() is faster.
-             */
-            if (!isxdigit(buf[j]))
-#endif
-            {
-                i = j;
-                break;
-            }
-        }
-        buf[i] = '\0';
-        /*
-         * We have now cleared all the crap off the end of the line
-         */
-        if (i < 2)
-            goto err_sl;
-
-        bufp = (unsigned char *)buf;
-
-        k = 0;
-        i -= again;
-        if (i % 2 != 0) {
-            ASN1err(ASN1_F_A2I_ASN1_STRING, ASN1_R_ODD_NUMBER_OF_CHARS);
-            goto err;
-        }
-        i /= 2;
-        if (num + i > slen) {
-            if (s == NULL)
-                sp = (unsigned char *)OPENSSL_malloc((unsigned int)num +
-                                                     i * 2);
-            else
-                sp = (unsigned char *)OPENSSL_realloc(s,
-                                                      (unsigned int)num +
-                                                      i * 2);
-            if (sp == NULL) {
-                ASN1err(ASN1_F_A2I_ASN1_STRING, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            s = sp;
-            slen = num + i * 2;
-        }
-        for (j = 0; j < i; j++, k += 2) {
-            for (n = 0; n < 2; n++) {
-                m = bufp[k + n];
-                if ((m >= '0') && (m <= '9'))
-                    m -= '0';
-                else if ((m >= 'a') && (m <= 'f'))
-                    m = m - 'a' + 10;
-                else if ((m >= 'A') && (m <= 'F'))
-                    m = m - 'A' + 10;
-                else {
-                    ASN1err(ASN1_F_A2I_ASN1_STRING,
-                            ASN1_R_NON_HEX_CHARACTERS);
-                    goto err;
-                }
-                s[num + j] <<= 4;
-                s[num + j] |= m;
-            }
-        }
-        num += i;
-        if (again)
-            bufsize = BIO_gets(bp, buf, size);
-        else
-            break;
-    }
-    bs->length = num;
-    bs->data = s;
-    ret = 1;
- err:
-    if (0) {
- err_sl:
-        ASN1err(ASN1_F_A2I_ASN1_STRING, ASN1_R_SHORT_LINE);
-    }
-    if (ret != 1)
-        OPENSSL_free(s);
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/asn1/i2d_pr.c b/thirdparty/openssl/crypto/asn1/i2d_pr.c
deleted file mode 100644
index 12966ec536..0000000000
--- a/thirdparty/openssl/crypto/asn1/i2d_pr.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* crypto/asn1/i2d_pr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include "asn1_locl.h"
-
-int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
-{
-    if (a->ameth && a->ameth->old_priv_encode) {
-        return a->ameth->old_priv_encode(a, pp);
-    }
-    if (a->ameth && a->ameth->priv_encode) {
-        PKCS8_PRIV_KEY_INFO *p8 = EVP_PKEY2PKCS8(a);
-        int ret = 0;
-        if (p8 != NULL) {
-            ret = i2d_PKCS8_PRIV_KEY_INFO(p8, pp);
-            PKCS8_PRIV_KEY_INFO_free(p8);
-        }
-        return ret;
-    }
-    ASN1err(ASN1_F_I2D_PRIVATEKEY, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
-    return -1;
-}
diff --git a/thirdparty/openssl/crypto/asn1/i2d_pu.c b/thirdparty/openssl/crypto/asn1/i2d_pu.c
deleted file mode 100644
index b8ed355411..0000000000
--- a/thirdparty/openssl/crypto/asn1/i2d_pu.c
+++ /dev/null
@@ -1,93 +0,0 @@
-/* crypto/asn1/i2d_pu.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_EC
-# include <openssl/ec.h>
-#endif
-
-int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp)
-{
-    switch (a->type) {
-#ifndef OPENSSL_NO_RSA
-    case EVP_PKEY_RSA:
-        return (i2d_RSAPublicKey(a->pkey.rsa, pp));
-#endif
-#ifndef OPENSSL_NO_DSA
-    case EVP_PKEY_DSA:
-        return (i2d_DSAPublicKey(a->pkey.dsa, pp));
-#endif
-#ifndef OPENSSL_NO_EC
-    case EVP_PKEY_EC:
-        return (i2o_ECPublicKey(a->pkey.ec, pp));
-#endif
-    default:
-        ASN1err(ASN1_F_I2D_PUBLICKEY, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
-        return (-1);
-    }
-}
diff --git a/thirdparty/openssl/crypto/asn1/n_pkey.c b/thirdparty/openssl/crypto/asn1/n_pkey.c
deleted file mode 100644
index d5a55146a4..0000000000
--- a/thirdparty/openssl/crypto/asn1/n_pkey.c
+++ /dev/null
@@ -1,345 +0,0 @@
-/* crypto/asn1/n_pkey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-# include <openssl/objects.h>
-# include <openssl/asn1t.h>
-# include <openssl/asn1_mac.h>
-# include <openssl/evp.h>
-# include <openssl/x509.h>
-
-# ifndef OPENSSL_NO_RC4
-
-typedef struct netscape_pkey_st {
-    long version;
-    X509_ALGOR *algor;
-    ASN1_OCTET_STRING *private_key;
-} NETSCAPE_PKEY;
-
-typedef struct netscape_encrypted_pkey_st {
-    ASN1_OCTET_STRING *os;
-    /*
-     * This is the same structure as DigestInfo so use it: although this
-     * isn't really anything to do with digests.
-     */
-    X509_SIG *enckey;
-} NETSCAPE_ENCRYPTED_PKEY;
-
-
-ASN1_BROKEN_SEQUENCE(NETSCAPE_ENCRYPTED_PKEY) = {
-        ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY, os, ASN1_OCTET_STRING),
-        ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY, enckey, X509_SIG)
-} ASN1_BROKEN_SEQUENCE_END(NETSCAPE_ENCRYPTED_PKEY)
-
-DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY)
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY,NETSCAPE_ENCRYPTED_PKEY)
-IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY)
-
-ASN1_SEQUENCE(NETSCAPE_PKEY) = {
-        ASN1_SIMPLE(NETSCAPE_PKEY, version, LONG),
-        ASN1_SIMPLE(NETSCAPE_PKEY, algor, X509_ALGOR),
-        ASN1_SIMPLE(NETSCAPE_PKEY, private_key, ASN1_OCTET_STRING)
-} ASN1_SEQUENCE_END(NETSCAPE_PKEY)
-
-DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_PKEY)
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_PKEY,NETSCAPE_PKEY)
-IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_PKEY)
-
-static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
-                          int (*cb) (char *buf, int len, const char *prompt,
-                                     int verify), int sgckey);
-
-int i2d_Netscape_RSA(const RSA *a, unsigned char **pp,
-                     int (*cb) (char *buf, int len, const char *prompt,
-                                int verify))
-{
-    return i2d_RSA_NET(a, pp, cb, 0);
-}
-
-int i2d_RSA_NET(const RSA *a, unsigned char **pp,
-                int (*cb) (char *buf, int len, const char *prompt,
-                           int verify), int sgckey)
-{
-    int i, j, ret = 0;
-    int rsalen, pkeylen, olen;
-    NETSCAPE_PKEY *pkey = NULL;
-    NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
-    unsigned char buf[256], *zz;
-    unsigned char key[EVP_MAX_KEY_LENGTH];
-    EVP_CIPHER_CTX ctx;
-    EVP_CIPHER_CTX_init(&ctx);
-
-    if (a == NULL)
-        return (0);
-
-    if ((pkey = NETSCAPE_PKEY_new()) == NULL)
-        goto err;
-    if ((enckey = NETSCAPE_ENCRYPTED_PKEY_new()) == NULL)
-        goto err;
-    pkey->version = 0;
-
-    pkey->algor->algorithm = OBJ_nid2obj(NID_rsaEncryption);
-    if ((pkey->algor->parameter = ASN1_TYPE_new()) == NULL)
-        goto err;
-    pkey->algor->parameter->type = V_ASN1_NULL;
-
-    rsalen = i2d_RSAPrivateKey(a, NULL);
-
-    /*
-     * Fake some octet strings just for the initial length calculation.
-     */
-
-    pkey->private_key->length = rsalen;
-
-    pkeylen = i2d_NETSCAPE_PKEY(pkey, NULL);
-
-    enckey->enckey->digest->length = pkeylen;
-
-    enckey->os->length = 11;    /* "private-key" */
-
-    enckey->enckey->algor->algorithm = OBJ_nid2obj(NID_rc4);
-    if ((enckey->enckey->algor->parameter = ASN1_TYPE_new()) == NULL)
-        goto err;
-    enckey->enckey->algor->parameter->type = V_ASN1_NULL;
-
-    if (pp == NULL) {
-        olen = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, NULL);
-        NETSCAPE_PKEY_free(pkey);
-        NETSCAPE_ENCRYPTED_PKEY_free(enckey);
-        return olen;
-    }
-
-    /* Since its RC4 encrypted length is actual length */
-    if ((zz = (unsigned char *)OPENSSL_malloc(rsalen)) == NULL) {
-        ASN1err(ASN1_F_I2D_RSA_NET, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    pkey->private_key->data = zz;
-    /* Write out private key encoding */
-    i2d_RSAPrivateKey(a, &zz);
-
-    if ((zz = OPENSSL_malloc(pkeylen)) == NULL) {
-        ASN1err(ASN1_F_I2D_RSA_NET, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (!ASN1_STRING_set(enckey->os, "private-key", -1)) {
-        ASN1err(ASN1_F_I2D_RSA_NET, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    enckey->enckey->digest->data = zz;
-    i2d_NETSCAPE_PKEY(pkey, &zz);
-
-    /* Wipe the private key encoding */
-    OPENSSL_cleanse(pkey->private_key->data, rsalen);
-
-    if (cb == NULL)
-        cb = EVP_read_pw_string;
-    i = cb((char *)buf, 256, "Enter Private Key password:", 1);
-    if (i != 0) {
-        ASN1err(ASN1_F_I2D_RSA_NET, ASN1_R_BAD_PASSWORD_READ);
-        goto err;
-    }
-    i = strlen((char *)buf);
-    /* If the key is used for SGC the algorithm is modified a little. */
-    if (sgckey) {
-        if (!EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL))
-            goto err;
-        memcpy(buf + 16, "SGCKEYSALT", 10);
-        i = 26;
-    }
-
-    if (!EVP_BytesToKey(EVP_rc4(), EVP_md5(), NULL, buf, i, 1, key, NULL))
-        goto err;
-    OPENSSL_cleanse(buf, 256);
-
-    /* Encrypt private key in place */
-    zz = enckey->enckey->digest->data;
-    if (!EVP_EncryptInit_ex(&ctx, EVP_rc4(), NULL, key, NULL))
-        goto err;
-    if (!EVP_EncryptUpdate(&ctx, zz, &i, zz, pkeylen))
-        goto err;
-    if (!EVP_EncryptFinal_ex(&ctx, zz + i, &j))
-        goto err;
-
-    ret = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, pp);
- err:
-    EVP_CIPHER_CTX_cleanup(&ctx);
-    NETSCAPE_ENCRYPTED_PKEY_free(enckey);
-    NETSCAPE_PKEY_free(pkey);
-    return (ret);
-}
-
-RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length,
-                      int (*cb) (char *buf, int len, const char *prompt,
-                                 int verify))
-{
-    return d2i_RSA_NET(a, pp, length, cb, 0);
-}
-
-RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
-                 int (*cb) (char *buf, int len, const char *prompt,
-                            int verify), int sgckey)
-{
-    RSA *ret = NULL;
-    const unsigned char *p;
-    NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
-
-    p = *pp;
-
-    enckey = d2i_NETSCAPE_ENCRYPTED_PKEY(NULL, &p, length);
-    if (!enckey) {
-        ASN1err(ASN1_F_D2I_RSA_NET, ASN1_R_DECODING_ERROR);
-        return NULL;
-    }
-
-    if ((enckey->os->length != 11) || (strncmp("private-key",
-                                               (char *)enckey->os->data,
-                                               11) != 0)) {
-        ASN1err(ASN1_F_D2I_RSA_NET, ASN1_R_PRIVATE_KEY_HEADER_MISSING);
-        NETSCAPE_ENCRYPTED_PKEY_free(enckey);
-        return NULL;
-    }
-    if (OBJ_obj2nid(enckey->enckey->algor->algorithm) != NID_rc4) {
-        ASN1err(ASN1_F_D2I_RSA_NET, ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
-        goto err;
-    }
-    if (cb == NULL)
-        cb = EVP_read_pw_string;
-    if ((ret = d2i_RSA_NET_2(a, enckey->enckey->digest, cb, sgckey)) == NULL)
-        goto err;
-
-    *pp = p;
-
- err:
-    NETSCAPE_ENCRYPTED_PKEY_free(enckey);
-    return ret;
-
-}
-
-static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
-                          int (*cb) (char *buf, int len, const char *prompt,
-                                     int verify), int sgckey)
-{
-    NETSCAPE_PKEY *pkey = NULL;
-    RSA *ret = NULL;
-    int i, j;
-    unsigned char buf[256];
-    const unsigned char *zz;
-    unsigned char key[EVP_MAX_KEY_LENGTH];
-    EVP_CIPHER_CTX ctx;
-    EVP_CIPHER_CTX_init(&ctx);
-
-    i = cb((char *)buf, 256, "Enter Private Key password:", 0);
-    if (i != 0) {
-        ASN1err(ASN1_F_D2I_RSA_NET_2, ASN1_R_BAD_PASSWORD_READ);
-        goto err;
-    }
-
-    i = strlen((char *)buf);
-    if (sgckey) {
-        if (!EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL))
-            goto err;
-        memcpy(buf + 16, "SGCKEYSALT", 10);
-        i = 26;
-    }
-
-    if (!EVP_BytesToKey(EVP_rc4(), EVP_md5(), NULL, buf, i, 1, key, NULL))
-        goto err;
-    OPENSSL_cleanse(buf, 256);
-
-    if (!EVP_DecryptInit_ex(&ctx, EVP_rc4(), NULL, key, NULL))
-        goto err;
-    if (!EVP_DecryptUpdate(&ctx, os->data, &i, os->data, os->length))
-        goto err;
-    if (!EVP_DecryptFinal_ex(&ctx, &(os->data[i]), &j))
-        goto err;
-    os->length = i + j;
-
-    zz = os->data;
-
-    if ((pkey = d2i_NETSCAPE_PKEY(NULL, &zz, os->length)) == NULL) {
-        ASN1err(ASN1_F_D2I_RSA_NET_2,
-                ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY);
-        goto err;
-    }
-
-    zz = pkey->private_key->data;
-    if ((ret = d2i_RSAPrivateKey(a, &zz, pkey->private_key->length)) == NULL) {
-        ASN1err(ASN1_F_D2I_RSA_NET_2, ASN1_R_UNABLE_TO_DECODE_RSA_KEY);
-        goto err;
-    }
- err:
-    EVP_CIPHER_CTX_cleanup(&ctx);
-    NETSCAPE_PKEY_free(pkey);
-    return (ret);
-}
-
-# endif                         /* OPENSSL_NO_RC4 */
-
-#else                           /* !OPENSSL_NO_RSA */
-
-# if PEDANTIC
-static void *dummy = &dummy;
-# endif
-
-#endif
diff --git a/thirdparty/openssl/crypto/asn1/nsseq.c b/thirdparty/openssl/crypto/asn1/nsseq.c
deleted file mode 100644
index f2f7cba49e..0000000000
--- a/thirdparty/openssl/crypto/asn1/nsseq.c
+++ /dev/null
@@ -1,84 +0,0 @@
-/* nsseq.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-
-static int nsseq_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                    void *exarg)
-{
-    if (operation == ASN1_OP_NEW_POST) {
-        NETSCAPE_CERT_SEQUENCE *nsseq;
-        nsseq = (NETSCAPE_CERT_SEQUENCE *)*pval;
-        nsseq->type = OBJ_nid2obj(NID_netscape_cert_sequence);
-    }
-    return 1;
-}
-
-/* Netscape certificate sequence structure */
-
-ASN1_SEQUENCE_cb(NETSCAPE_CERT_SEQUENCE, nsseq_cb) = {
-        ASN1_SIMPLE(NETSCAPE_CERT_SEQUENCE, type, ASN1_OBJECT),
-        ASN1_EXP_SEQUENCE_OF_OPT(NETSCAPE_CERT_SEQUENCE, certs, X509, 0)
-} ASN1_SEQUENCE_END_cb(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
-
-IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE)
diff --git a/thirdparty/openssl/crypto/asn1/p5_pbe.c b/thirdparty/openssl/crypto/asn1/p5_pbe.c
deleted file mode 100644
index e2a1def53f..0000000000
--- a/thirdparty/openssl/crypto/asn1/p5_pbe.c
+++ /dev/null
@@ -1,143 +0,0 @@
-/* p5_pbe.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/rand.h>
-
-/* PKCS#5 password based encryption structure */
-
-ASN1_SEQUENCE(PBEPARAM) = {
-        ASN1_SIMPLE(PBEPARAM, salt, ASN1_OCTET_STRING),
-        ASN1_SIMPLE(PBEPARAM, iter, ASN1_INTEGER)
-} ASN1_SEQUENCE_END(PBEPARAM)
-
-IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM)
-
-/* Set an algorithm identifier for a PKCS#5 PBE algorithm */
-
-int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
-                         const unsigned char *salt, int saltlen)
-{
-    PBEPARAM *pbe = NULL;
-    ASN1_STRING *pbe_str = NULL;
-    unsigned char *sstr;
-
-    pbe = PBEPARAM_new();
-    if (!pbe) {
-        ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    if (iter <= 0)
-        iter = PKCS5_DEFAULT_ITER;
-    if (!ASN1_INTEGER_set(pbe->iter, iter)) {
-        ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    if (!saltlen)
-        saltlen = PKCS5_SALT_LEN;
-    if (!ASN1_STRING_set(pbe->salt, NULL, saltlen)) {
-        ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    sstr = ASN1_STRING_data(pbe->salt);
-    if (salt)
-        memcpy(sstr, salt, saltlen);
-    else if (RAND_bytes(sstr, saltlen) <= 0)
-        goto err;
-
-    if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) {
-        ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    PBEPARAM_free(pbe);
-    pbe = NULL;
-
-    if (X509_ALGOR_set0(algor, OBJ_nid2obj(alg), V_ASN1_SEQUENCE, pbe_str))
-        return 1;
-
- err:
-    if (pbe != NULL)
-        PBEPARAM_free(pbe);
-    if (pbe_str != NULL)
-        ASN1_STRING_free(pbe_str);
-    return 0;
-}
-
-/* Return an algorithm identifier for a PKCS#5 PBE algorithm */
-
-X509_ALGOR *PKCS5_pbe_set(int alg, int iter,
-                          const unsigned char *salt, int saltlen)
-{
-    X509_ALGOR *ret;
-    ret = X509_ALGOR_new();
-    if (!ret) {
-        ASN1err(ASN1_F_PKCS5_PBE_SET, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    if (PKCS5_pbe_set0_algor(ret, alg, iter, salt, saltlen))
-        return ret;
-
-    X509_ALGOR_free(ret);
-    return NULL;
-}
diff --git a/thirdparty/openssl/crypto/asn1/p5_pbev2.c b/thirdparty/openssl/crypto/asn1/p5_pbev2.c
deleted file mode 100644
index 4c037d3d2c..0000000000
--- a/thirdparty/openssl/crypto/asn1/p5_pbev2.c
+++ /dev/null
@@ -1,276 +0,0 @@
-/* p5_pbev2.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999-2004.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/rand.h>
-
-/* PKCS#5 v2.0 password based encryption structures */
-
-ASN1_SEQUENCE(PBE2PARAM) = {
-        ASN1_SIMPLE(PBE2PARAM, keyfunc, X509_ALGOR),
-        ASN1_SIMPLE(PBE2PARAM, encryption, X509_ALGOR)
-} ASN1_SEQUENCE_END(PBE2PARAM)
-
-IMPLEMENT_ASN1_FUNCTIONS(PBE2PARAM)
-
-ASN1_SEQUENCE(PBKDF2PARAM) = {
-        ASN1_SIMPLE(PBKDF2PARAM, salt, ASN1_ANY),
-        ASN1_SIMPLE(PBKDF2PARAM, iter, ASN1_INTEGER),
-        ASN1_OPT(PBKDF2PARAM, keylength, ASN1_INTEGER),
-        ASN1_OPT(PBKDF2PARAM, prf, X509_ALGOR)
-} ASN1_SEQUENCE_END(PBKDF2PARAM)
-
-IMPLEMENT_ASN1_FUNCTIONS(PBKDF2PARAM)
-
-/*
- * Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm: yes I know
- * this is horrible! Extended version to allow application supplied PRF NID
- * and IV.
- */
-
-X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
-                              unsigned char *salt, int saltlen,
-                              unsigned char *aiv, int prf_nid)
-{
-    X509_ALGOR *scheme = NULL, *ret = NULL;
-    int alg_nid, keylen;
-    EVP_CIPHER_CTX ctx;
-    unsigned char iv[EVP_MAX_IV_LENGTH];
-    PBE2PARAM *pbe2 = NULL;
-
-    alg_nid = EVP_CIPHER_type(cipher);
-    if (alg_nid == NID_undef) {
-        ASN1err(ASN1_F_PKCS5_PBE2_SET_IV,
-                ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
-        goto err;
-    }
-
-    if (!(pbe2 = PBE2PARAM_new()))
-        goto merr;
-
-    /* Setup the AlgorithmIdentifier for the encryption scheme */
-    scheme = pbe2->encryption;
-
-    scheme->algorithm = OBJ_nid2obj(alg_nid);
-    if (!(scheme->parameter = ASN1_TYPE_new()))
-        goto merr;
-
-    /* Create random IV */
-    if (EVP_CIPHER_iv_length(cipher)) {
-        if (aiv)
-            memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
-        else if (RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)) <= 0)
-            goto err;
-    }
-
-    EVP_CIPHER_CTX_init(&ctx);
-
-    /* Dummy cipherinit to just setup the IV, and PRF */
-    if (!EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0))
-        goto err;
-    if (EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) {
-        ASN1err(ASN1_F_PKCS5_PBE2_SET_IV, ASN1_R_ERROR_SETTING_CIPHER_PARAMS);
-        EVP_CIPHER_CTX_cleanup(&ctx);
-        goto err;
-    }
-    /*
-     * If prf NID unspecified see if cipher has a preference. An error is OK
-     * here: just means use default PRF.
-     */
-    if ((prf_nid == -1) &&
-        EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_PBE_PRF_NID, 0, &prf_nid) <= 0) {
-        ERR_clear_error();
-        prf_nid = NID_hmacWithSHA1;
-    }
-    EVP_CIPHER_CTX_cleanup(&ctx);
-
-    /* If its RC2 then we'd better setup the key length */
-
-    if (alg_nid == NID_rc2_cbc)
-        keylen = EVP_CIPHER_key_length(cipher);
-    else
-        keylen = -1;
-
-    /* Setup keyfunc */
-
-    X509_ALGOR_free(pbe2->keyfunc);
-
-    pbe2->keyfunc = PKCS5_pbkdf2_set(iter, salt, saltlen, prf_nid, keylen);
-
-    if (!pbe2->keyfunc)
-        goto merr;
-
-    /* Now set up top level AlgorithmIdentifier */
-
-    if (!(ret = X509_ALGOR_new()))
-        goto merr;
-    if (!(ret->parameter = ASN1_TYPE_new()))
-        goto merr;
-
-    ret->algorithm = OBJ_nid2obj(NID_pbes2);
-
-    /* Encode PBE2PARAM into parameter */
-
-    if (!ASN1_item_pack(pbe2, ASN1_ITEM_rptr(PBE2PARAM),
-                        &ret->parameter->value.sequence))
-         goto merr;
-    ret->parameter->type = V_ASN1_SEQUENCE;
-
-    PBE2PARAM_free(pbe2);
-    pbe2 = NULL;
-
-    return ret;
-
- merr:
-    ASN1err(ASN1_F_PKCS5_PBE2_SET_IV, ERR_R_MALLOC_FAILURE);
-
- err:
-    PBE2PARAM_free(pbe2);
-    /* Note 'scheme' is freed as part of pbe2 */
-    X509_ALGOR_free(ret);
-
-    return NULL;
-}
-
-X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
-                           unsigned char *salt, int saltlen)
-{
-    return PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, -1);
-}
-
-X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
-                             int prf_nid, int keylen)
-{
-    X509_ALGOR *keyfunc = NULL;
-    PBKDF2PARAM *kdf = NULL;
-    ASN1_OCTET_STRING *osalt = NULL;
-
-    if (!(kdf = PBKDF2PARAM_new()))
-        goto merr;
-    if (!(osalt = M_ASN1_OCTET_STRING_new()))
-        goto merr;
-
-    kdf->salt->value.octet_string = osalt;
-    kdf->salt->type = V_ASN1_OCTET_STRING;
-
-    if (!saltlen)
-        saltlen = PKCS5_SALT_LEN;
-    if (!(osalt->data = OPENSSL_malloc(saltlen)))
-        goto merr;
-
-    osalt->length = saltlen;
-
-    if (salt)
-        memcpy(osalt->data, salt, saltlen);
-    else if (RAND_bytes(osalt->data, saltlen) <= 0)
-        goto merr;
-
-    if (iter <= 0)
-        iter = PKCS5_DEFAULT_ITER;
-
-    if (!ASN1_INTEGER_set(kdf->iter, iter))
-        goto merr;
-
-    /* If have a key len set it up */
-
-    if (keylen > 0) {
-        if (!(kdf->keylength = M_ASN1_INTEGER_new()))
-            goto merr;
-        if (!ASN1_INTEGER_set(kdf->keylength, keylen))
-            goto merr;
-    }
-
-    /* prf can stay NULL if we are using hmacWithSHA1 */
-    if (prf_nid > 0 && prf_nid != NID_hmacWithSHA1) {
-        kdf->prf = X509_ALGOR_new();
-        if (!kdf->prf)
-            goto merr;
-        X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid), V_ASN1_NULL, NULL);
-    }
-
-    /* Finally setup the keyfunc structure */
-
-    keyfunc = X509_ALGOR_new();
-    if (!keyfunc)
-        goto merr;
-
-    keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2);
-
-    /* Encode PBKDF2PARAM into parameter of pbe2 */
-
-    if (!(keyfunc->parameter = ASN1_TYPE_new()))
-        goto merr;
-
-    if (!ASN1_item_pack(kdf, ASN1_ITEM_rptr(PBKDF2PARAM),
-                        &keyfunc->parameter->value.sequence))
-         goto merr;
-    keyfunc->parameter->type = V_ASN1_SEQUENCE;
-
-    PBKDF2PARAM_free(kdf);
-    return keyfunc;
-
- merr:
-    ASN1err(ASN1_F_PKCS5_PBKDF2_SET, ERR_R_MALLOC_FAILURE);
-    PBKDF2PARAM_free(kdf);
-    X509_ALGOR_free(keyfunc);
-    return NULL;
-}
diff --git a/thirdparty/openssl/crypto/asn1/p8_pkey.c b/thirdparty/openssl/crypto/asn1/p8_pkey.c
deleted file mode 100644
index 0a425cd29d..0000000000
--- a/thirdparty/openssl/crypto/asn1/p8_pkey.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/* p8_pkey.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-
-/* Minor tweak to operation: zero private key data */
-static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                   void *exarg)
-{
-    /* Since the structure must still be valid use ASN1_OP_FREE_PRE */
-    if (operation == ASN1_OP_FREE_PRE) {
-        PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval;
-        if (key->pkey && key->pkey->type == V_ASN1_OCTET_STRING
-            && key->pkey->value.octet_string != NULL)
-            OPENSSL_cleanse(key->pkey->value.octet_string->data,
-                            key->pkey->value.octet_string->length);
-    }
-    return 1;
-}
-
-ASN1_SEQUENCE_cb(PKCS8_PRIV_KEY_INFO, pkey_cb) = {
-        ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, version, ASN1_INTEGER),
-        ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkeyalg, X509_ALGOR),
-        ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkey, ASN1_ANY),
-        ASN1_IMP_SET_OF_OPT(PKCS8_PRIV_KEY_INFO, attributes, X509_ATTRIBUTE, 0)
-} ASN1_SEQUENCE_END_cb(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
-
-int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
-                    int version,
-                    int ptype, void *pval, unsigned char *penc, int penclen)
-{
-    unsigned char **ppenc = NULL;
-    if (version >= 0) {
-        if (!ASN1_INTEGER_set(priv->version, version))
-            return 0;
-    }
-    if (penc) {
-        int pmtype;
-        ASN1_OCTET_STRING *oct;
-        oct = ASN1_OCTET_STRING_new();
-        if (!oct)
-            return 0;
-        oct->data = penc;
-        ppenc = &oct->data;
-        oct->length = penclen;
-        if (priv->broken == PKCS8_NO_OCTET)
-            pmtype = V_ASN1_SEQUENCE;
-        else
-            pmtype = V_ASN1_OCTET_STRING;
-        ASN1_TYPE_set(priv->pkey, pmtype, oct);
-    }
-    if (!X509_ALGOR_set0(priv->pkeyalg, aobj, ptype, pval)) {
-        /* If call fails do not swallow 'enc' */
-        if (ppenc)
-            *ppenc = NULL;
-        return 0;
-    }
-    return 1;
-}
-
-int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg,
-                    const unsigned char **pk, int *ppklen,
-                    X509_ALGOR **pa, PKCS8_PRIV_KEY_INFO *p8)
-{
-    if (ppkalg)
-        *ppkalg = p8->pkeyalg->algorithm;
-    if (p8->pkey->type == V_ASN1_OCTET_STRING) {
-        p8->broken = PKCS8_OK;
-        if (pk) {
-            *pk = p8->pkey->value.octet_string->data;
-            *ppklen = p8->pkey->value.octet_string->length;
-        }
-    } else if (p8->pkey->type == V_ASN1_SEQUENCE) {
-        p8->broken = PKCS8_NO_OCTET;
-        if (pk) {
-            *pk = p8->pkey->value.sequence->data;
-            *ppklen = p8->pkey->value.sequence->length;
-        }
-    } else
-        return 0;
-    if (pa)
-        *pa = p8->pkeyalg;
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/asn1/t_bitst.c b/thirdparty/openssl/crypto/asn1/t_bitst.c
deleted file mode 100644
index d5cf3c7732..0000000000
--- a/thirdparty/openssl/crypto/asn1/t_bitst.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/* t_bitst.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
-                               BIT_STRING_BITNAME *tbl, int indent)
-{
-    BIT_STRING_BITNAME *bnam;
-    char first = 1;
-    BIO_printf(out, "%*s", indent, "");
-    for (bnam = tbl; bnam->lname; bnam++) {
-        if (ASN1_BIT_STRING_get_bit(bs, bnam->bitnum)) {
-            if (!first)
-                BIO_puts(out, ", ");
-            BIO_puts(out, bnam->lname);
-            first = 0;
-        }
-    }
-    BIO_puts(out, "\n");
-    return 1;
-}
-
-int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value,
-                            BIT_STRING_BITNAME *tbl)
-{
-    int bitnum;
-    bitnum = ASN1_BIT_STRING_num_asc(name, tbl);
-    if (bitnum < 0)
-        return 0;
-    if (bs) {
-        if (!ASN1_BIT_STRING_set_bit(bs, bitnum, value))
-            return 0;
-    }
-    return 1;
-}
-
-int ASN1_BIT_STRING_num_asc(char *name, BIT_STRING_BITNAME *tbl)
-{
-    BIT_STRING_BITNAME *bnam;
-    for (bnam = tbl; bnam->lname; bnam++) {
-        if (!strcmp(bnam->sname, name) || !strcmp(bnam->lname, name))
-            return bnam->bitnum;
-    }
-    return -1;
-}
diff --git a/thirdparty/openssl/crypto/asn1/t_crl.c b/thirdparty/openssl/crypto/asn1/t_crl.c
deleted file mode 100644
index 0dfaf0ba26..0000000000
--- a/thirdparty/openssl/crypto/asn1/t_crl.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/* t_crl.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/bn.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#ifndef OPENSSL_NO_FP_API
-int X509_CRL_print_fp(FILE *fp, X509_CRL *x)
-{
-    BIO *b;
-    int ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        X509err(X509_F_X509_CRL_PRINT_FP, ERR_R_BUF_LIB);
-        return (0);
-    }
-    BIO_set_fp(b, fp, BIO_NOCLOSE);
-    ret = X509_CRL_print(b, x);
-    BIO_free(b);
-    return (ret);
-}
-#endif
-
-int X509_CRL_print(BIO *out, X509_CRL *x)
-{
-    STACK_OF(X509_REVOKED) *rev;
-    X509_REVOKED *r;
-    long l;
-    int i;
-    char *p;
-
-    BIO_printf(out, "Certificate Revocation List (CRL):\n");
-    l = X509_CRL_get_version(x);
-    BIO_printf(out, "%8sVersion %lu (0x%lx)\n", "", l + 1, l);
-    i = OBJ_obj2nid(x->sig_alg->algorithm);
-    X509_signature_print(out, x->sig_alg, NULL);
-    p = X509_NAME_oneline(X509_CRL_get_issuer(x), NULL, 0);
-    BIO_printf(out, "%8sIssuer: %s\n", "", p);
-    OPENSSL_free(p);
-    BIO_printf(out, "%8sLast Update: ", "");
-    ASN1_TIME_print(out, X509_CRL_get_lastUpdate(x));
-    BIO_printf(out, "\n%8sNext Update: ", "");
-    if (X509_CRL_get_nextUpdate(x))
-        ASN1_TIME_print(out, X509_CRL_get_nextUpdate(x));
-    else
-        BIO_printf(out, "NONE");
-    BIO_printf(out, "\n");
-
-    X509V3_extensions_print(out, "CRL extensions", x->crl->extensions, 0, 8);
-
-    rev = X509_CRL_get_REVOKED(x);
-
-    if (sk_X509_REVOKED_num(rev) > 0)
-        BIO_printf(out, "Revoked Certificates:\n");
-    else
-        BIO_printf(out, "No Revoked Certificates.\n");
-
-    for (i = 0; i < sk_X509_REVOKED_num(rev); i++) {
-        r = sk_X509_REVOKED_value(rev, i);
-        BIO_printf(out, "    Serial Number: ");
-        i2a_ASN1_INTEGER(out, r->serialNumber);
-        BIO_printf(out, "\n        Revocation Date: ");
-        ASN1_TIME_print(out, r->revocationDate);
-        BIO_printf(out, "\n");
-        X509V3_extensions_print(out, "CRL entry extensions",
-                                r->extensions, 0, 8);
-    }
-    X509_signature_print(out, x->sig_alg, x->signature);
-
-    return 1;
-
-}
diff --git a/thirdparty/openssl/crypto/asn1/t_pkey.c b/thirdparty/openssl/crypto/asn1/t_pkey.c
deleted file mode 100644
index 735c34264b..0000000000
--- a/thirdparty/openssl/crypto/asn1/t_pkey.c
+++ /dev/null
@@ -1,113 +0,0 @@
-/* crypto/asn1/t_pkey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/buffer.h>
-#include <openssl/bn.h>
-
-int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
-                  unsigned char *buf, int off)
-{
-    int n, i;
-    const char *neg;
-
-    if (num == NULL)
-        return (1);
-    neg = (BN_is_negative(num)) ? "-" : "";
-    if (!BIO_indent(bp, off, 128))
-        return 0;
-    if (BN_is_zero(num)) {
-        if (BIO_printf(bp, "%s 0\n", number) <= 0)
-            return 0;
-        return 1;
-    }
-
-    if (BN_num_bytes(num) <= BN_BYTES) {
-        if (BIO_printf(bp, "%s %s%lu (%s0x%lx)\n", number, neg,
-                       (unsigned long)num->d[0], neg,
-                       (unsigned long)num->d[0])
-            <= 0)
-            return (0);
-    } else {
-        buf[0] = 0;
-        if (BIO_printf(bp, "%s%s", number,
-                       (neg[0] == '-') ? " (Negative)" : "") <= 0)
-            return (0);
-        n = BN_bn2bin(num, &buf[1]);
-
-        if (buf[1] & 0x80)
-            n++;
-        else
-            buf++;
-
-        for (i = 0; i < n; i++) {
-            if ((i % 15) == 0) {
-                if (BIO_puts(bp, "\n") <= 0 || !BIO_indent(bp, off + 4, 128))
-                    return 0;
-            }
-            if (BIO_printf(bp, "%02x%s", buf[i], ((i + 1) == n) ? "" : ":")
-                <= 0)
-                return (0);
-        }
-        if (BIO_write(bp, "\n", 1) <= 0)
-            return (0);
-    }
-    return (1);
-}
diff --git a/thirdparty/openssl/crypto/asn1/t_req.c b/thirdparty/openssl/crypto/asn1/t_req.c
deleted file mode 100644
index 70aba4cc3b..0000000000
--- a/thirdparty/openssl/crypto/asn1/t_req.c
+++ /dev/null
@@ -1,255 +0,0 @@
-/* crypto/asn1/t_req.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/bn.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-
-#ifndef OPENSSL_NO_FP_API
-int X509_REQ_print_fp(FILE *fp, X509_REQ *x)
-{
-    BIO *b;
-    int ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        X509err(X509_F_X509_REQ_PRINT_FP, ERR_R_BUF_LIB);
-        return (0);
-    }
-    BIO_set_fp(b, fp, BIO_NOCLOSE);
-    ret = X509_REQ_print(b, x);
-    BIO_free(b);
-    return (ret);
-}
-#endif
-
-int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags,
-                      unsigned long cflag)
-{
-    unsigned long l;
-    int i;
-    const char *neg;
-    X509_REQ_INFO *ri;
-    EVP_PKEY *pkey;
-    STACK_OF(X509_ATTRIBUTE) *sk;
-    STACK_OF(X509_EXTENSION) *exts;
-    char mlch = ' ';
-    int nmindent = 0;
-
-    if ((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
-        mlch = '\n';
-        nmindent = 12;
-    }
-
-    if (nmflags == X509_FLAG_COMPAT)
-        nmindent = 16;
-
-    ri = x->req_info;
-    if (!(cflag & X509_FLAG_NO_HEADER)) {
-        if (BIO_write(bp, "Certificate Request:\n", 21) <= 0)
-            goto err;
-        if (BIO_write(bp, "    Data:\n", 10) <= 0)
-            goto err;
-    }
-    if (!(cflag & X509_FLAG_NO_VERSION)) {
-        neg = (ri->version->type == V_ASN1_NEG_INTEGER) ? "-" : "";
-        l = 0;
-        for (i = 0; i < ri->version->length; i++) {
-            l <<= 8;
-            l += ri->version->data[i];
-        }
-        if (BIO_printf(bp, "%8sVersion: %s%lu (%s0x%lx)\n", "", neg, l, neg,
-                       l) <= 0)
-            goto err;
-    }
-    if (!(cflag & X509_FLAG_NO_SUBJECT)) {
-        if (BIO_printf(bp, "        Subject:%c", mlch) <= 0)
-            goto err;
-        if (X509_NAME_print_ex(bp, ri->subject, nmindent, nmflags) < 0)
-            goto err;
-        if (BIO_write(bp, "\n", 1) <= 0)
-            goto err;
-    }
-    if (!(cflag & X509_FLAG_NO_PUBKEY)) {
-        if (BIO_write(bp, "        Subject Public Key Info:\n", 33) <= 0)
-            goto err;
-        if (BIO_printf(bp, "%12sPublic Key Algorithm: ", "") <= 0)
-            goto err;
-        if (i2a_ASN1_OBJECT(bp, ri->pubkey->algor->algorithm) <= 0)
-            goto err;
-        if (BIO_puts(bp, "\n") <= 0)
-            goto err;
-
-        pkey = X509_REQ_get_pubkey(x);
-        if (pkey == NULL) {
-            BIO_printf(bp, "%12sUnable to load Public Key\n", "");
-            ERR_print_errors(bp);
-        } else {
-            EVP_PKEY_print_public(bp, pkey, 16, NULL);
-            EVP_PKEY_free(pkey);
-        }
-    }
-
-    if (!(cflag & X509_FLAG_NO_ATTRIBUTES)) {
-        /* may not be */
-        if (BIO_printf(bp, "%8sAttributes:\n", "") <= 0)
-            goto err;
-
-        sk = x->req_info->attributes;
-        if (sk_X509_ATTRIBUTE_num(sk) == 0) {
-            if (BIO_printf(bp, "%12sa0:00\n", "") <= 0)
-                goto err;
-        } else {
-            for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
-                ASN1_TYPE *at;
-                X509_ATTRIBUTE *a;
-                ASN1_BIT_STRING *bs = NULL;
-                ASN1_TYPE *t;
-                int j, type = 0, count = 1, ii = 0;
-
-                a = sk_X509_ATTRIBUTE_value(sk, i);
-                if (X509_REQ_extension_nid(OBJ_obj2nid(a->object)))
-                    continue;
-                if (BIO_printf(bp, "%12s", "") <= 0)
-                    goto err;
-                if ((j = i2a_ASN1_OBJECT(bp, a->object)) > 0) {
-                    if (a->single) {
-                        t = a->value.single;
-                        type = t->type;
-                        bs = t->value.bit_string;
-                    } else {
-                        ii = 0;
-                        count = sk_ASN1_TYPE_num(a->value.set);
- get_next:
-                        at = sk_ASN1_TYPE_value(a->value.set, ii);
-                        type = at->type;
-                        bs = at->value.asn1_string;
-                    }
-                }
-                for (j = 25 - j; j > 0; j--)
-                    if (BIO_write(bp, " ", 1) != 1)
-                        goto err;
-                if (BIO_puts(bp, ":") <= 0)
-                    goto err;
-                if ((type == V_ASN1_PRINTABLESTRING) ||
-                    (type == V_ASN1_UTF8STRING) ||
-                    (type == V_ASN1_T61STRING) ||
-                    (type == V_ASN1_IA5STRING)) {
-                    if (BIO_write(bp, (char *)bs->data, bs->length)
-                        != bs->length)
-                        goto err;
-                    BIO_puts(bp, "\n");
-                } else {
-                    BIO_puts(bp, "unable to print attribute\n");
-                }
-                if (++ii < count)
-                    goto get_next;
-            }
-        }
-    }
-    if (!(cflag & X509_FLAG_NO_EXTENSIONS)) {
-        exts = X509_REQ_get_extensions(x);
-        if (exts) {
-            BIO_printf(bp, "%8sRequested Extensions:\n", "");
-            for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
-                ASN1_OBJECT *obj;
-                X509_EXTENSION *ex;
-                int j;
-                ex = sk_X509_EXTENSION_value(exts, i);
-                if (BIO_printf(bp, "%12s", "") <= 0)
-                    goto err;
-                obj = X509_EXTENSION_get_object(ex);
-                i2a_ASN1_OBJECT(bp, obj);
-                j = X509_EXTENSION_get_critical(ex);
-                if (BIO_printf(bp, ": %s\n", j ? "critical" : "") <= 0)
-                    goto err;
-                if (!X509V3_EXT_print(bp, ex, cflag, 16)) {
-                    BIO_printf(bp, "%16s", "");
-                    M_ASN1_OCTET_STRING_print(bp, ex->value);
-                }
-                if (BIO_write(bp, "\n", 1) <= 0)
-                    goto err;
-            }
-            sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
-        }
-    }
-
-    if (!(cflag & X509_FLAG_NO_SIGDUMP)) {
-        if (!X509_signature_print(bp, x->sig_alg, x->signature))
-            goto err;
-    }
-
-    return (1);
- err:
-    X509err(X509_F_X509_REQ_PRINT_EX, ERR_R_BUF_LIB);
-    return (0);
-}
-
-int X509_REQ_print(BIO *bp, X509_REQ *x)
-{
-    return X509_REQ_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
-}
diff --git a/thirdparty/openssl/crypto/asn1/t_spki.c b/thirdparty/openssl/crypto/asn1/t_spki.c
deleted file mode 100644
index 3bf48db509..0000000000
--- a/thirdparty/openssl/crypto/asn1/t_spki.c
+++ /dev/null
@@ -1,108 +0,0 @@
-/* t_spki.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#include <openssl/bn.h>
-
-/* Print out an SPKI */
-
-int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki)
-{
-    EVP_PKEY *pkey;
-    ASN1_IA5STRING *chal;
-    int i, n;
-    char *s;
-    BIO_printf(out, "Netscape SPKI:\n");
-    i = OBJ_obj2nid(spki->spkac->pubkey->algor->algorithm);
-    BIO_printf(out, "  Public Key Algorithm: %s\n",
-               (i == NID_undef) ? "UNKNOWN" : OBJ_nid2ln(i));
-    pkey = X509_PUBKEY_get(spki->spkac->pubkey);
-    if (!pkey)
-        BIO_printf(out, "  Unable to load public key\n");
-    else {
-        EVP_PKEY_print_public(out, pkey, 4, NULL);
-        EVP_PKEY_free(pkey);
-    }
-    chal = spki->spkac->challenge;
-    if (chal->length)
-        BIO_printf(out, "  Challenge String: %s\n", chal->data);
-    i = OBJ_obj2nid(spki->sig_algor->algorithm);
-    BIO_printf(out, "  Signature Algorithm: %s",
-               (i == NID_undef) ? "UNKNOWN" : OBJ_nid2ln(i));
-
-    n = spki->signature->length;
-    s = (char *)spki->signature->data;
-    for (i = 0; i < n; i++) {
-        if ((i % 18) == 0)
-            BIO_write(out, "\n      ", 7);
-        BIO_printf(out, "%02x%s", (unsigned char)s[i],
-                   ((i + 1) == n) ? "" : ":");
-    }
-    BIO_write(out, "\n", 1);
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/asn1/t_x509.c b/thirdparty/openssl/crypto/asn1/t_x509.c
deleted file mode 100644
index 8888396f84..0000000000
--- a/thirdparty/openssl/crypto/asn1/t_x509.c
+++ /dev/null
@@ -1,556 +0,0 @@
-/* crypto/asn1/t_x509.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_EC
-# include <openssl/ec.h>
-#endif
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include "asn1_locl.h"
-
-#ifndef OPENSSL_NO_FP_API
-int X509_print_fp(FILE *fp, X509 *x)
-{
-    return X509_print_ex_fp(fp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
-}
-
-int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag,
-                     unsigned long cflag)
-{
-    BIO *b;
-    int ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        X509err(X509_F_X509_PRINT_EX_FP, ERR_R_BUF_LIB);
-        return (0);
-    }
-    BIO_set_fp(b, fp, BIO_NOCLOSE);
-    ret = X509_print_ex(b, x, nmflag, cflag);
-    BIO_free(b);
-    return (ret);
-}
-#endif
-
-int X509_print(BIO *bp, X509 *x)
-{
-    return X509_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
-}
-
-int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags,
-                  unsigned long cflag)
-{
-    long l;
-    int ret = 0, i;
-    char *m = NULL, mlch = ' ';
-    int nmindent = 0;
-    X509_CINF *ci;
-    ASN1_INTEGER *bs;
-    EVP_PKEY *pkey = NULL;
-    const char *neg;
-
-    if ((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
-        mlch = '\n';
-        nmindent = 12;
-    }
-
-    if (nmflags == X509_FLAG_COMPAT)
-        nmindent = 16;
-
-    ci = x->cert_info;
-    if (!(cflag & X509_FLAG_NO_HEADER)) {
-        if (BIO_write(bp, "Certificate:\n", 13) <= 0)
-            goto err;
-        if (BIO_write(bp, "    Data:\n", 10) <= 0)
-            goto err;
-    }
-    if (!(cflag & X509_FLAG_NO_VERSION)) {
-        l = X509_get_version(x);
-        if (BIO_printf(bp, "%8sVersion: %lu (0x%lx)\n", "", l + 1, l) <= 0)
-            goto err;
-    }
-    if (!(cflag & X509_FLAG_NO_SERIAL)) {
-
-        if (BIO_write(bp, "        Serial Number:", 22) <= 0)
-            goto err;
-
-        bs = X509_get_serialNumber(x);
-        if (bs->length < (int)sizeof(long)
-            || (bs->length == sizeof(long) && (bs->data[0] & 0x80) == 0)) {
-            l = ASN1_INTEGER_get(bs);
-            if (bs->type == V_ASN1_NEG_INTEGER) {
-                l = -l;
-                neg = "-";
-            } else
-                neg = "";
-            if (BIO_printf(bp, " %s%lu (%s0x%lx)\n", neg, l, neg, l) <= 0)
-                goto err;
-        } else {
-            neg = (bs->type == V_ASN1_NEG_INTEGER) ? " (Negative)" : "";
-            if (BIO_printf(bp, "\n%12s%s", "", neg) <= 0)
-                goto err;
-
-            for (i = 0; i < bs->length; i++) {
-                if (BIO_printf(bp, "%02x%c", bs->data[i],
-                               ((i + 1 == bs->length) ? '\n' : ':')) <= 0)
-                    goto err;
-            }
-        }
-
-    }
-
-    if (!(cflag & X509_FLAG_NO_SIGNAME)) {
-        if (X509_signature_print(bp, ci->signature, NULL) <= 0)
-            goto err;
-#if 0
-        if (BIO_printf(bp, "%8sSignature Algorithm: ", "") <= 0)
-            goto err;
-        if (i2a_ASN1_OBJECT(bp, ci->signature->algorithm) <= 0)
-            goto err;
-        if (BIO_puts(bp, "\n") <= 0)
-            goto err;
-#endif
-    }
-
-    if (!(cflag & X509_FLAG_NO_ISSUER)) {
-        if (BIO_printf(bp, "        Issuer:%c", mlch) <= 0)
-            goto err;
-        if (X509_NAME_print_ex(bp, X509_get_issuer_name(x), nmindent, nmflags)
-            < 0)
-            goto err;
-        if (BIO_write(bp, "\n", 1) <= 0)
-            goto err;
-    }
-    if (!(cflag & X509_FLAG_NO_VALIDITY)) {
-        if (BIO_write(bp, "        Validity\n", 17) <= 0)
-            goto err;
-        if (BIO_write(bp, "            Not Before: ", 24) <= 0)
-            goto err;
-        if (!ASN1_TIME_print(bp, X509_get_notBefore(x)))
-            goto err;
-        if (BIO_write(bp, "\n            Not After : ", 25) <= 0)
-            goto err;
-        if (!ASN1_TIME_print(bp, X509_get_notAfter(x)))
-            goto err;
-        if (BIO_write(bp, "\n", 1) <= 0)
-            goto err;
-    }
-    if (!(cflag & X509_FLAG_NO_SUBJECT)) {
-        if (BIO_printf(bp, "        Subject:%c", mlch) <= 0)
-            goto err;
-        if (X509_NAME_print_ex
-            (bp, X509_get_subject_name(x), nmindent, nmflags) < 0)
-            goto err;
-        if (BIO_write(bp, "\n", 1) <= 0)
-            goto err;
-    }
-    if (!(cflag & X509_FLAG_NO_PUBKEY)) {
-        if (BIO_write(bp, "        Subject Public Key Info:\n", 33) <= 0)
-            goto err;
-        if (BIO_printf(bp, "%12sPublic Key Algorithm: ", "") <= 0)
-            goto err;
-        if (i2a_ASN1_OBJECT(bp, ci->key->algor->algorithm) <= 0)
-            goto err;
-        if (BIO_puts(bp, "\n") <= 0)
-            goto err;
-
-        pkey = X509_get_pubkey(x);
-        if (pkey == NULL) {
-            BIO_printf(bp, "%12sUnable to load Public Key\n", "");
-            ERR_print_errors(bp);
-        } else {
-            EVP_PKEY_print_public(bp, pkey, 16, NULL);
-            EVP_PKEY_free(pkey);
-        }
-    }
-
-    if (!(cflag & X509_FLAG_NO_IDS)) {
-        if (ci->issuerUID) {
-            if (BIO_printf(bp, "%8sIssuer Unique ID: ", "") <= 0)
-                goto err;
-            if (!X509_signature_dump(bp, ci->issuerUID, 12))
-                goto err;
-        }
-        if (ci->subjectUID) {
-            if (BIO_printf(bp, "%8sSubject Unique ID: ", "") <= 0)
-                goto err;
-            if (!X509_signature_dump(bp, ci->subjectUID, 12))
-                goto err;
-        }
-    }
-
-    if (!(cflag & X509_FLAG_NO_EXTENSIONS))
-        X509V3_extensions_print(bp, "X509v3 extensions",
-                                ci->extensions, cflag, 8);
-
-    if (!(cflag & X509_FLAG_NO_SIGDUMP)) {
-        if (X509_signature_print(bp, x->sig_alg, x->signature) <= 0)
-            goto err;
-    }
-    if (!(cflag & X509_FLAG_NO_AUX)) {
-        if (!X509_CERT_AUX_print(bp, x->aux, 0))
-            goto err;
-    }
-    ret = 1;
- err:
-    if (m != NULL)
-        OPENSSL_free(m);
-    return (ret);
-}
-
-int X509_ocspid_print(BIO *bp, X509 *x)
-{
-    unsigned char *der = NULL;
-    unsigned char *dertmp;
-    int derlen;
-    int i;
-    unsigned char SHA1md[SHA_DIGEST_LENGTH];
-
-    /*
-     * display the hash of the subject as it would appear in OCSP requests
-     */
-    if (BIO_printf(bp, "        Subject OCSP hash: ") <= 0)
-        goto err;
-    derlen = i2d_X509_NAME(x->cert_info->subject, NULL);
-    if ((der = dertmp = (unsigned char *)OPENSSL_malloc(derlen)) == NULL)
-        goto err;
-    i2d_X509_NAME(x->cert_info->subject, &dertmp);
-
-    if (!EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL))
-        goto err;
-    for (i = 0; i < SHA_DIGEST_LENGTH; i++) {
-        if (BIO_printf(bp, "%02X", SHA1md[i]) <= 0)
-            goto err;
-    }
-    OPENSSL_free(der);
-    der = NULL;
-
-    /*
-     * display the hash of the public key as it would appear in OCSP requests
-     */
-    if (BIO_printf(bp, "\n        Public key OCSP hash: ") <= 0)
-        goto err;
-
-    if (!EVP_Digest(x->cert_info->key->public_key->data,
-                    x->cert_info->key->public_key->length,
-                    SHA1md, NULL, EVP_sha1(), NULL))
-        goto err;
-    for (i = 0; i < SHA_DIGEST_LENGTH; i++) {
-        if (BIO_printf(bp, "%02X", SHA1md[i]) <= 0)
-            goto err;
-    }
-    BIO_printf(bp, "\n");
-
-    return (1);
- err:
-    if (der != NULL)
-        OPENSSL_free(der);
-    return (0);
-}
-
-int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent)
-{
-    const unsigned char *s;
-    int i, n;
-
-    n = sig->length;
-    s = sig->data;
-    for (i = 0; i < n; i++) {
-        if ((i % 18) == 0) {
-            if (BIO_write(bp, "\n", 1) <= 0)
-                return 0;
-            if (BIO_indent(bp, indent, indent) <= 0)
-                return 0;
-        }
-        if (BIO_printf(bp, "%02x%s", s[i], ((i + 1) == n) ? "" : ":") <= 0)
-            return 0;
-    }
-    if (BIO_write(bp, "\n", 1) != 1)
-        return 0;
-
-    return 1;
-}
-
-int X509_signature_print(BIO *bp, X509_ALGOR *sigalg, ASN1_STRING *sig)
-{
-    int sig_nid;
-    if (BIO_puts(bp, "    Signature Algorithm: ") <= 0)
-        return 0;
-    if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0)
-        return 0;
-
-    sig_nid = OBJ_obj2nid(sigalg->algorithm);
-    if (sig_nid != NID_undef) {
-        int pkey_nid, dig_nid;
-        const EVP_PKEY_ASN1_METHOD *ameth;
-        if (OBJ_find_sigid_algs(sig_nid, &dig_nid, &pkey_nid)) {
-            ameth = EVP_PKEY_asn1_find(NULL, pkey_nid);
-            if (ameth && ameth->sig_print)
-                return ameth->sig_print(bp, sigalg, sig, 9, 0);
-        }
-    }
-    if (sig)
-        return X509_signature_dump(bp, sig, 9);
-    else if (BIO_puts(bp, "\n") <= 0)
-        return 0;
-    return 1;
-}
-
-int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v)
-{
-    int i, n;
-    char buf[80];
-    const char *p;
-
-    if (v == NULL)
-        return (0);
-    n = 0;
-    p = (const char *)v->data;
-    for (i = 0; i < v->length; i++) {
-        if ((p[i] > '~') || ((p[i] < ' ') &&
-                             (p[i] != '\n') && (p[i] != '\r')))
-            buf[n] = '.';
-        else
-            buf[n] = p[i];
-        n++;
-        if (n >= 80) {
-            if (BIO_write(bp, buf, n) <= 0)
-                return (0);
-            n = 0;
-        }
-    }
-    if (n > 0)
-        if (BIO_write(bp, buf, n) <= 0)
-            return (0);
-    return (1);
-}
-
-int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm)
-{
-    if (tm->type == V_ASN1_UTCTIME)
-        return ASN1_UTCTIME_print(bp, tm);
-    if (tm->type == V_ASN1_GENERALIZEDTIME)
-        return ASN1_GENERALIZEDTIME_print(bp, tm);
-    BIO_write(bp, "Bad time value", 14);
-    return (0);
-}
-
-static const char *mon[12] = {
-    "Jan", "Feb", "Mar", "Apr", "May", "Jun",
-    "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"
-};
-
-int ASN1_GENERALIZEDTIME_print(BIO *bp, const ASN1_GENERALIZEDTIME *tm)
-{
-    char *v;
-    int gmt = 0;
-    int i;
-    int y = 0, M = 0, d = 0, h = 0, m = 0, s = 0;
-    char *f = NULL;
-    int f_len = 0;
-
-    i = tm->length;
-    v = (char *)tm->data;
-
-    if (i < 12)
-        goto err;
-    if (v[i - 1] == 'Z')
-        gmt = 1;
-    for (i = 0; i < 12; i++)
-        if ((v[i] > '9') || (v[i] < '0'))
-            goto err;
-    y = (v[0] - '0') * 1000 + (v[1] - '0') * 100
-        + (v[2] - '0') * 10 + (v[3] - '0');
-    M = (v[4] - '0') * 10 + (v[5] - '0');
-    if ((M > 12) || (M < 1))
-        goto err;
-    d = (v[6] - '0') * 10 + (v[7] - '0');
-    h = (v[8] - '0') * 10 + (v[9] - '0');
-    m = (v[10] - '0') * 10 + (v[11] - '0');
-    if (tm->length >= 14 &&
-        (v[12] >= '0') && (v[12] <= '9') &&
-        (v[13] >= '0') && (v[13] <= '9')) {
-        s = (v[12] - '0') * 10 + (v[13] - '0');
-        /* Check for fractions of seconds. */
-        if (tm->length >= 15 && v[14] == '.') {
-            int l = tm->length;
-            f = &v[14];         /* The decimal point. */
-            f_len = 1;
-            while (14 + f_len < l && f[f_len] >= '0' && f[f_len] <= '9')
-                ++f_len;
-        }
-    }
-
-    if (BIO_printf(bp, "%s %2d %02d:%02d:%02d%.*s %d%s",
-                   mon[M - 1], d, h, m, s, f_len, f, y,
-                   (gmt) ? " GMT" : "") <= 0)
-        return (0);
-    else
-        return (1);
- err:
-    BIO_write(bp, "Bad time value", 14);
-    return (0);
-}
-
-int ASN1_UTCTIME_print(BIO *bp, const ASN1_UTCTIME *tm)
-{
-    const char *v;
-    int gmt = 0;
-    int i;
-    int y = 0, M = 0, d = 0, h = 0, m = 0, s = 0;
-
-    i = tm->length;
-    v = (const char *)tm->data;
-
-    if (i < 10)
-        goto err;
-    if (v[i - 1] == 'Z')
-        gmt = 1;
-    for (i = 0; i < 10; i++)
-        if ((v[i] > '9') || (v[i] < '0'))
-            goto err;
-    y = (v[0] - '0') * 10 + (v[1] - '0');
-    if (y < 50)
-        y += 100;
-    M = (v[2] - '0') * 10 + (v[3] - '0');
-    if ((M > 12) || (M < 1))
-        goto err;
-    d = (v[4] - '0') * 10 + (v[5] - '0');
-    h = (v[6] - '0') * 10 + (v[7] - '0');
-    m = (v[8] - '0') * 10 + (v[9] - '0');
-    if (tm->length >= 12 &&
-        (v[10] >= '0') && (v[10] <= '9') && (v[11] >= '0') && (v[11] <= '9'))
-        s = (v[10] - '0') * 10 + (v[11] - '0');
-
-    if (BIO_printf(bp, "%s %2d %02d:%02d:%02d %d%s",
-                   mon[M - 1], d, h, m, s, y + 1900,
-                   (gmt) ? " GMT" : "") <= 0)
-        return (0);
-    else
-        return (1);
- err:
-    BIO_write(bp, "Bad time value", 14);
-    return (0);
-}
-
-int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
-{
-    char *s, *c, *b;
-    int ret = 0, l, i;
-
-    l = 80 - 2 - obase;
-
-    b = X509_NAME_oneline(name, NULL, 0);
-    if (!b)
-        return 0;
-    if (!*b) {
-        OPENSSL_free(b);
-        return 1;
-    }
-    s = b + 1;                  /* skip the first slash */
-
-    c = s;
-    for (;;) {
-#ifndef CHARSET_EBCDIC
-        if (((*s == '/') &&
-             ((s[1] >= 'A') && (s[1] <= 'Z') && ((s[2] == '=') ||
-                                                 ((s[2] >= 'A')
-                                                  && (s[2] <= 'Z')
-                                                  && (s[3] == '='))
-              ))) || (*s == '\0'))
-#else
-        if (((*s == '/') &&
-             (isupper(s[1]) && ((s[2] == '=') ||
-                                (isupper(s[2]) && (s[3] == '='))
-              ))) || (*s == '\0'))
-#endif
-        {
-            i = s - c;
-            if (BIO_write(bp, c, i) != i)
-                goto err;
-            c = s + 1;          /* skip following slash */
-            if (*s != '\0') {
-                if (BIO_write(bp, ", ", 2) != 2)
-                    goto err;
-            }
-            l--;
-        }
-        if (*s == '\0')
-            break;
-        s++;
-        l--;
-    }
-
-    ret = 1;
-    if (0) {
- err:
-        X509err(X509_F_X509_NAME_PRINT, ERR_R_BUF_LIB);
-    }
-    OPENSSL_free(b);
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/asn1/t_x509a.c b/thirdparty/openssl/crypto/asn1/t_x509a.c
deleted file mode 100644
index f4b8f94cb3..0000000000
--- a/thirdparty/openssl/crypto/asn1/t_x509a.c
+++ /dev/null
@@ -1,115 +0,0 @@
-/* t_x509a.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/asn1.h>
-#include <openssl/x509.h>
-
-/*
- * X509_CERT_AUX and string set routines
- */
-
-int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent)
-{
-    char oidstr[80], first;
-    int i;
-    if (!aux)
-        return 1;
-    if (aux->trust) {
-        first = 1;
-        BIO_printf(out, "%*sTrusted Uses:\n%*s", indent, "", indent + 2, "");
-        for (i = 0; i < sk_ASN1_OBJECT_num(aux->trust); i++) {
-            if (!first)
-                BIO_puts(out, ", ");
-            else
-                first = 0;
-            OBJ_obj2txt(oidstr, sizeof oidstr,
-                        sk_ASN1_OBJECT_value(aux->trust, i), 0);
-            BIO_puts(out, oidstr);
-        }
-        BIO_puts(out, "\n");
-    } else
-        BIO_printf(out, "%*sNo Trusted Uses.\n", indent, "");
-    if (aux->reject) {
-        first = 1;
-        BIO_printf(out, "%*sRejected Uses:\n%*s", indent, "", indent + 2, "");
-        for (i = 0; i < sk_ASN1_OBJECT_num(aux->reject); i++) {
-            if (!first)
-                BIO_puts(out, ", ");
-            else
-                first = 0;
-            OBJ_obj2txt(oidstr, sizeof oidstr,
-                        sk_ASN1_OBJECT_value(aux->reject, i), 0);
-            BIO_puts(out, oidstr);
-        }
-        BIO_puts(out, "\n");
-    } else
-        BIO_printf(out, "%*sNo Rejected Uses.\n", indent, "");
-    if (aux->alias)
-        BIO_printf(out, "%*sAlias: %s\n", indent, "", aux->alias->data);
-    if (aux->keyid) {
-        BIO_printf(out, "%*sKey Id: ", indent, "");
-        for (i = 0; i < aux->keyid->length; i++)
-            BIO_printf(out, "%s%02X", i ? ":" : "", aux->keyid->data[i]);
-        BIO_write(out, "\n", 1);
-    }
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/asn1/tasn_dec.c b/thirdparty/openssl/crypto/asn1/tasn_dec.c
deleted file mode 100644
index d49a5d5792..0000000000
--- a/thirdparty/openssl/crypto/asn1/tasn_dec.c
+++ /dev/null
@@ -1,1230 +0,0 @@
-/* tasn_dec.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stddef.h>
-#include <string.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/objects.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-static int asn1_check_eoc(const unsigned char **in, long len);
-static int asn1_find_end(const unsigned char **in, long len, char inf);
-
-static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
-                        char inf, int tag, int aclass, int depth);
-
-static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen);
-
-static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
-                           char *inf, char *cst,
-                           const unsigned char **in, long len,
-                           int exptag, int expclass, char opt, ASN1_TLC *ctx);
-
-static int asn1_template_ex_d2i(ASN1_VALUE **pval,
-                                const unsigned char **in, long len,
-                                const ASN1_TEMPLATE *tt, char opt,
-                                ASN1_TLC *ctx);
-static int asn1_template_noexp_d2i(ASN1_VALUE **val,
-                                   const unsigned char **in, long len,
-                                   const ASN1_TEMPLATE *tt, char opt,
-                                   ASN1_TLC *ctx);
-static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
-                                 const unsigned char **in, long len,
-                                 const ASN1_ITEM *it,
-                                 int tag, int aclass, char opt,
-                                 ASN1_TLC *ctx);
-
-/* Table to convert tags to bit values, used for MSTRING type */
-static const unsigned long tag2bit[32] = {
-    /* tags  0 -  3 */
-    0, 0, 0, B_ASN1_BIT_STRING,
-    /* tags  4- 7 */
-    B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,
-    /* tags  8-11 */
-    B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,
-    /* tags 12-15 */
-    B_ASN1_UTF8STRING, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,
-    /* tags 16-19 */
-    B_ASN1_SEQUENCE, 0, B_ASN1_NUMERICSTRING, B_ASN1_PRINTABLESTRING,
-    /* tags 20-22 */
-    B_ASN1_T61STRING, B_ASN1_VIDEOTEXSTRING, B_ASN1_IA5STRING,
-    /* tags 23-24 */
-    B_ASN1_UTCTIME, B_ASN1_GENERALIZEDTIME,
-    /* tags 25-27 */
-    B_ASN1_GRAPHICSTRING, B_ASN1_ISO64STRING, B_ASN1_GENERALSTRING,
-    /* tags 28-31 */
-    B_ASN1_UNIVERSALSTRING, B_ASN1_UNKNOWN, B_ASN1_BMPSTRING, B_ASN1_UNKNOWN,
-};
-
-unsigned long ASN1_tag2bit(int tag)
-{
-    if ((tag < 0) || (tag > 30))
-        return 0;
-    return tag2bit[tag];
-}
-
-/* Macro to initialize and invalidate the cache */
-
-#define asn1_tlc_clear(c)       if (c) (c)->valid = 0
-/* Version to avoid compiler warning about 'c' always non-NULL */
-#define asn1_tlc_clear_nc(c)    (c)->valid = 0
-
-/*
- * Decode an ASN1 item, this currently behaves just like a standard 'd2i'
- * function. 'in' points to a buffer to read the data from, in future we
- * will have more advanced versions that can input data a piece at a time and
- * this will simply be a special case.
- */
-
-ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval,
-                          const unsigned char **in, long len,
-                          const ASN1_ITEM *it)
-{
-    ASN1_TLC c;
-    ASN1_VALUE *ptmpval = NULL;
-    if (!pval)
-        pval = &ptmpval;
-    asn1_tlc_clear_nc(&c);
-    if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0)
-        return *pval;
-    return NULL;
-}
-
-int ASN1_template_d2i(ASN1_VALUE **pval,
-                      const unsigned char **in, long len,
-                      const ASN1_TEMPLATE *tt)
-{
-    ASN1_TLC c;
-    asn1_tlc_clear_nc(&c);
-    return asn1_template_ex_d2i(pval, in, len, tt, 0, &c);
-}
-
-/*
- * Decode an item, taking care of IMPLICIT tagging, if any. If 'opt' set and
- * tag mismatch return -1 to handle OPTIONAL
- */
-
-int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
-                     const ASN1_ITEM *it,
-                     int tag, int aclass, char opt, ASN1_TLC *ctx)
-{
-    const ASN1_TEMPLATE *tt, *errtt = NULL;
-    const ASN1_COMPAT_FUNCS *cf;
-    const ASN1_EXTERN_FUNCS *ef;
-    const ASN1_AUX *aux = it->funcs;
-    ASN1_aux_cb *asn1_cb;
-    const unsigned char *p = NULL, *q;
-    unsigned char *wp = NULL;   /* BIG FAT WARNING! BREAKS CONST WHERE USED */
-    unsigned char imphack = 0, oclass;
-    char seq_eoc, seq_nolen, cst, isopt;
-    long tmplen;
-    int i;
-    int otag;
-    int ret = 0;
-    ASN1_VALUE **pchptr, *ptmpval;
-    int combine = aclass & ASN1_TFLG_COMBINE;
-    aclass &= ~ASN1_TFLG_COMBINE;
-    if (!pval)
-        return 0;
-    if (aux && aux->asn1_cb)
-        asn1_cb = aux->asn1_cb;
-    else
-        asn1_cb = 0;
-
-    switch (it->itype) {
-    case ASN1_ITYPE_PRIMITIVE:
-        if (it->templates) {
-            /*
-             * tagging or OPTIONAL is currently illegal on an item template
-             * because the flags can't get passed down. In practice this
-             * isn't a problem: we include the relevant flags from the item
-             * template in the template itself.
-             */
-            if ((tag != -1) || opt) {
-                ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
-                        ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE);
-                goto err;
-            }
-            return asn1_template_ex_d2i(pval, in, len,
-                                        it->templates, opt, ctx);
-        }
-        return asn1_d2i_ex_primitive(pval, in, len, it,
-                                     tag, aclass, opt, ctx);
-        break;
-
-    case ASN1_ITYPE_MSTRING:
-        p = *in;
-        /* Just read in tag and class */
-        ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL,
-                              &p, len, -1, 0, 1, ctx);
-        if (!ret) {
-            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-            goto err;
-        }
-
-        /* Must be UNIVERSAL class */
-        if (oclass != V_ASN1_UNIVERSAL) {
-            /* If OPTIONAL, assume this is OK */
-            if (opt)
-                return -1;
-            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_NOT_UNIVERSAL);
-            goto err;
-        }
-        /* Check tag matches bit map */
-        if (!(ASN1_tag2bit(otag) & it->utype)) {
-            /* If OPTIONAL, assume this is OK */
-            if (opt)
-                return -1;
-            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_WRONG_TAG);
-            goto err;
-        }
-        return asn1_d2i_ex_primitive(pval, in, len, it, otag, 0, 0, ctx);
-
-    case ASN1_ITYPE_EXTERN:
-        /* Use new style d2i */
-        ef = it->funcs;
-        return ef->asn1_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx);
-
-    case ASN1_ITYPE_COMPAT:
-        /* we must resort to old style evil hackery */
-        cf = it->funcs;
-
-        /* If OPTIONAL see if it is there */
-        if (opt) {
-            int exptag;
-            p = *in;
-            if (tag == -1)
-                exptag = it->utype;
-            else
-                exptag = tag;
-            /*
-             * Don't care about anything other than presence of expected tag
-             */
-
-            ret = asn1_check_tlen(NULL, NULL, NULL, NULL, NULL,
-                                  &p, len, exptag, aclass, 1, ctx);
-            if (!ret) {
-                ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-                goto err;
-            }
-            if (ret == -1)
-                return -1;
-        }
-
-        /*
-         * This is the old style evil hack IMPLICIT handling: since the
-         * underlying code is expecting a tag and class other than the one
-         * present we change the buffer temporarily then change it back
-         * afterwards. This doesn't and never did work for tags > 30. Yes
-         * this is *horrible* but it is only needed for old style d2i which
-         * will hopefully not be around for much longer. FIXME: should copy
-         * the buffer then modify it so the input buffer can be const: we
-         * should *always* copy because the old style d2i might modify the
-         * buffer.
-         */
-
-        if (tag != -1) {
-            wp = *(unsigned char **)in;
-            imphack = *wp;
-            if (p == NULL) {
-                ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-                goto err;
-            }
-            *wp = (unsigned char)((*p & V_ASN1_CONSTRUCTED)
-                                  | it->utype);
-        }
-
-        ptmpval = cf->asn1_d2i(pval, in, len);
-
-        if (tag != -1)
-            *wp = imphack;
-
-        if (ptmpval)
-            return 1;
-
-        ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-        goto err;
-
-    case ASN1_ITYPE_CHOICE:
-        if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
-            goto auxerr;
-        if (*pval) {
-            /* Free up and zero CHOICE value if initialised */
-            i = asn1_get_choice_selector(pval, it);
-            if ((i >= 0) && (i < it->tcount)) {
-                tt = it->templates + i;
-                pchptr = asn1_get_field_ptr(pval, tt);
-                ASN1_template_free(pchptr, tt);
-                asn1_set_choice_selector(pval, -1, it);
-            }
-        } else if (!ASN1_item_ex_new(pval, it)) {
-            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-            goto err;
-        }
-        /* CHOICE type, try each possibility in turn */
-        p = *in;
-        for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
-            pchptr = asn1_get_field_ptr(pval, tt);
-            /*
-             * We mark field as OPTIONAL so its absence can be recognised.
-             */
-            ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx);
-            /* If field not present, try the next one */
-            if (ret == -1)
-                continue;
-            /* If positive return, read OK, break loop */
-            if (ret > 0)
-                break;
-            /* Otherwise must be an ASN1 parsing error */
-            errtt = tt;
-            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-            goto err;
-        }
-
-        /* Did we fall off the end without reading anything? */
-        if (i == it->tcount) {
-            /* If OPTIONAL, this is OK */
-            if (opt) {
-                /* Free and zero it */
-                ASN1_item_ex_free(pval, it);
-                return -1;
-            }
-            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_NO_MATCHING_CHOICE_TYPE);
-            goto err;
-        }
-
-        asn1_set_choice_selector(pval, i, it);
-        if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
-            goto auxerr;
-        *in = p;
-        return 1;
-
-    case ASN1_ITYPE_NDEF_SEQUENCE:
-    case ASN1_ITYPE_SEQUENCE:
-        p = *in;
-        tmplen = len;
-
-        /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
-        if (tag == -1) {
-            tag = V_ASN1_SEQUENCE;
-            aclass = V_ASN1_UNIVERSAL;
-        }
-        /* Get SEQUENCE length and update len, p */
-        ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst,
-                              &p, len, tag, aclass, opt, ctx);
-        if (!ret) {
-            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-            goto err;
-        } else if (ret == -1)
-            return -1;
-        if (aux && (aux->flags & ASN1_AFLG_BROKEN)) {
-            len = tmplen - (p - *in);
-            seq_nolen = 1;
-        }
-        /* If indefinite we don't do a length check */
-        else
-            seq_nolen = seq_eoc;
-        if (!cst) {
-            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_NOT_CONSTRUCTED);
-            goto err;
-        }
-
-        if (!*pval && !ASN1_item_ex_new(pval, it)) {
-            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-            goto err;
-        }
-
-        if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
-            goto auxerr;
-
-        /* Free up and zero any ADB found */
-        for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
-            if (tt->flags & ASN1_TFLG_ADB_MASK) {
-                const ASN1_TEMPLATE *seqtt;
-                ASN1_VALUE **pseqval;
-                seqtt = asn1_do_adb(pval, tt, 0);
-                if (seqtt == NULL)
-                    continue;
-                pseqval = asn1_get_field_ptr(pval, seqtt);
-                ASN1_template_free(pseqval, seqtt);
-            }
-        }
-
-        /* Get each field entry */
-        for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
-            const ASN1_TEMPLATE *seqtt;
-            ASN1_VALUE **pseqval;
-            seqtt = asn1_do_adb(pval, tt, 1);
-            if (seqtt == NULL)
-                goto err;
-            pseqval = asn1_get_field_ptr(pval, seqtt);
-            /* Have we ran out of data? */
-            if (!len)
-                break;
-            q = p;
-            if (asn1_check_eoc(&p, len)) {
-                if (!seq_eoc) {
-                    ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_UNEXPECTED_EOC);
-                    goto err;
-                }
-                len -= p - q;
-                seq_eoc = 0;
-                q = p;
-                break;
-            }
-            /*
-             * This determines the OPTIONAL flag value. The field cannot be
-             * omitted if it is the last of a SEQUENCE and there is still
-             * data to be read. This isn't strictly necessary but it
-             * increases efficiency in some cases.
-             */
-            if (i == (it->tcount - 1))
-                isopt = 0;
-            else
-                isopt = (char)(seqtt->flags & ASN1_TFLG_OPTIONAL);
-            /*
-             * attempt to read in field, allowing each to be OPTIONAL
-             */
-
-            ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx);
-            if (!ret) {
-                errtt = seqtt;
-                goto err;
-            } else if (ret == -1) {
-                /*
-                 * OPTIONAL component absent. Free and zero the field.
-                 */
-                ASN1_template_free(pseqval, seqtt);
-                continue;
-            }
-            /* Update length */
-            len -= p - q;
-        }
-
-        /* Check for EOC if expecting one */
-        if (seq_eoc && !asn1_check_eoc(&p, len)) {
-            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MISSING_EOC);
-            goto err;
-        }
-        /* Check all data read */
-        if (!seq_nolen && len) {
-            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_LENGTH_MISMATCH);
-            goto err;
-        }
-
-        /*
-         * If we get here we've got no more data in the SEQUENCE, however we
-         * may not have read all fields so check all remaining are OPTIONAL
-         * and clear any that are.
-         */
-        for (; i < it->tcount; tt++, i++) {
-            const ASN1_TEMPLATE *seqtt;
-            seqtt = asn1_do_adb(pval, tt, 1);
-            if (seqtt == NULL)
-                goto err;
-            if (seqtt->flags & ASN1_TFLG_OPTIONAL) {
-                ASN1_VALUE **pseqval;
-                pseqval = asn1_get_field_ptr(pval, seqtt);
-                ASN1_template_free(pseqval, seqtt);
-            } else {
-                errtt = seqtt;
-                ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_FIELD_MISSING);
-                goto err;
-            }
-        }
-        /* Save encoding */
-        if (!asn1_enc_save(pval, *in, p - *in, it))
-            goto auxerr;
-        if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
-            goto auxerr;
-        *in = p;
-        return 1;
-
-    default:
-        return 0;
-    }
- auxerr:
-    ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR);
- err:
-    if (combine == 0)
-        ASN1_item_ex_free(pval, it);
-    if (errtt)
-        ERR_add_error_data(4, "Field=", errtt->field_name,
-                           ", Type=", it->sname);
-    else
-        ERR_add_error_data(2, "Type=", it->sname);
-    return 0;
-}
-
-/*
- * Templates are handled with two separate functions. One handles any
- * EXPLICIT tag and the other handles the rest.
- */
-
-static int asn1_template_ex_d2i(ASN1_VALUE **val,
-                                const unsigned char **in, long inlen,
-                                const ASN1_TEMPLATE *tt, char opt,
-                                ASN1_TLC *ctx)
-{
-    int flags, aclass;
-    int ret;
-    long len;
-    const unsigned char *p, *q;
-    char exp_eoc;
-    if (!val)
-        return 0;
-    flags = tt->flags;
-    aclass = flags & ASN1_TFLG_TAG_CLASS;
-
-    p = *in;
-
-    /* Check if EXPLICIT tag expected */
-    if (flags & ASN1_TFLG_EXPTAG) {
-        char cst;
-        /*
-         * Need to work out amount of data available to the inner content and
-         * where it starts: so read in EXPLICIT header to get the info.
-         */
-        ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst,
-                              &p, inlen, tt->tag, aclass, opt, ctx);
-        q = p;
-        if (!ret) {
-            ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-            return 0;
-        } else if (ret == -1)
-            return -1;
-        if (!cst) {
-            ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
-                    ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED);
-            return 0;
-        }
-        /* We've found the field so it can't be OPTIONAL now */
-        ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx);
-        if (!ret) {
-            ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-            return 0;
-        }
-        /* We read the field in OK so update length */
-        len -= p - q;
-        if (exp_eoc) {
-            /* If NDEF we must have an EOC here */
-            if (!asn1_check_eoc(&p, len)) {
-                ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ASN1_R_MISSING_EOC);
-                goto err;
-            }
-        } else {
-            /*
-             * Otherwise we must hit the EXPLICIT tag end or its an error
-             */
-            if (len) {
-                ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
-                        ASN1_R_EXPLICIT_LENGTH_MISMATCH);
-                goto err;
-            }
-        }
-    } else
-        return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx);
-
-    *in = p;
-    return 1;
-
- err:
-    ASN1_template_free(val, tt);
-    return 0;
-}
-
-static int asn1_template_noexp_d2i(ASN1_VALUE **val,
-                                   const unsigned char **in, long len,
-                                   const ASN1_TEMPLATE *tt, char opt,
-                                   ASN1_TLC *ctx)
-{
-    int flags, aclass;
-    int ret;
-    const unsigned char *p, *q;
-    if (!val)
-        return 0;
-    flags = tt->flags;
-    aclass = flags & ASN1_TFLG_TAG_CLASS;
-
-    p = *in;
-    q = p;
-
-    if (flags & ASN1_TFLG_SK_MASK) {
-        /* SET OF, SEQUENCE OF */
-        int sktag, skaclass;
-        char sk_eoc;
-        /* First work out expected inner tag value */
-        if (flags & ASN1_TFLG_IMPTAG) {
-            sktag = tt->tag;
-            skaclass = aclass;
-        } else {
-            skaclass = V_ASN1_UNIVERSAL;
-            if (flags & ASN1_TFLG_SET_OF)
-                sktag = V_ASN1_SET;
-            else
-                sktag = V_ASN1_SEQUENCE;
-        }
-        /* Get the tag */
-        ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL,
-                              &p, len, sktag, skaclass, opt, ctx);
-        if (!ret) {
-            ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
-            return 0;
-        } else if (ret == -1)
-            return -1;
-        if (!*val)
-            *val = (ASN1_VALUE *)sk_new_null();
-        else {
-            /*
-             * We've got a valid STACK: free up any items present
-             */
-            STACK_OF(ASN1_VALUE) *sktmp = (STACK_OF(ASN1_VALUE) *)*val;
-            ASN1_VALUE *vtmp;
-            while (sk_ASN1_VALUE_num(sktmp) > 0) {
-                vtmp = sk_ASN1_VALUE_pop(sktmp);
-                ASN1_item_ex_free(&vtmp, ASN1_ITEM_ptr(tt->item));
-            }
-        }
-
-        if (!*val) {
-            ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-
-        /* Read as many items as we can */
-        while (len > 0) {
-            ASN1_VALUE *skfield;
-            q = p;
-            /* See if EOC found */
-            if (asn1_check_eoc(&p, len)) {
-                if (!sk_eoc) {
-                    ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
-                            ASN1_R_UNEXPECTED_EOC);
-                    goto err;
-                }
-                len -= p - q;
-                sk_eoc = 0;
-                break;
-            }
-            skfield = NULL;
-            if (!ASN1_item_ex_d2i(&skfield, &p, len,
-                                  ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx)) {
-                ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
-                        ERR_R_NESTED_ASN1_ERROR);
-                goto err;
-            }
-            len -= p - q;
-            if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val, skfield)) {
-                ASN1_item_ex_free(&skfield, ASN1_ITEM_ptr(tt->item));
-                ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-        }
-        if (sk_eoc) {
-            ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ASN1_R_MISSING_EOC);
-            goto err;
-        }
-    } else if (flags & ASN1_TFLG_IMPTAG) {
-        /* IMPLICIT tagging */
-        ret = ASN1_item_ex_d2i(val, &p, len,
-                               ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt,
-                               ctx);
-        if (!ret) {
-            ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
-            goto err;
-        } else if (ret == -1)
-            return -1;
-    } else {
-        /* Nothing special */
-        ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
-                               -1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx);
-        if (!ret) {
-            ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
-            goto err;
-        } else if (ret == -1)
-            return -1;
-    }
-
-    *in = p;
-    return 1;
-
- err:
-    ASN1_template_free(val, tt);
-    return 0;
-}
-
-static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
-                                 const unsigned char **in, long inlen,
-                                 const ASN1_ITEM *it,
-                                 int tag, int aclass, char opt, ASN1_TLC *ctx)
-{
-    int ret = 0, utype;
-    long plen;
-    char cst, inf, free_cont = 0;
-    const unsigned char *p;
-    BUF_MEM buf = { 0, NULL, 0 };
-    const unsigned char *cont = NULL;
-    long len;
-    if (!pval) {
-        ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_NULL);
-        return 0;               /* Should never happen */
-    }
-
-    if (it->itype == ASN1_ITYPE_MSTRING) {
-        utype = tag;
-        tag = -1;
-    } else
-        utype = it->utype;
-
-    if (utype == V_ASN1_ANY) {
-        /* If type is ANY need to figure out type from tag */
-        unsigned char oclass;
-        if (tag >= 0) {
-            ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_TAGGED_ANY);
-            return 0;
-        }
-        if (opt) {
-            ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
-                    ASN1_R_ILLEGAL_OPTIONAL_ANY);
-            return 0;
-        }
-        p = *in;
-        ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL,
-                              &p, inlen, -1, 0, 0, ctx);
-        if (!ret) {
-            ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR);
-            return 0;
-        }
-        if (oclass != V_ASN1_UNIVERSAL)
-            utype = V_ASN1_OTHER;
-    }
-    if (tag == -1) {
-        tag = utype;
-        aclass = V_ASN1_UNIVERSAL;
-    }
-    p = *in;
-    /* Check header */
-    ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst,
-                          &p, inlen, tag, aclass, opt, ctx);
-    if (!ret) {
-        ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR);
-        return 0;
-    } else if (ret == -1)
-        return -1;
-    ret = 0;
-    /* SEQUENCE, SET and "OTHER" are left in encoded form */
-    if ((utype == V_ASN1_SEQUENCE)
-        || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) {
-        /*
-         * Clear context cache for type OTHER because the auto clear when we
-         * have a exact match wont work
-         */
-        if (utype == V_ASN1_OTHER) {
-            asn1_tlc_clear(ctx);
-        }
-        /* SEQUENCE and SET must be constructed */
-        else if (!cst) {
-            ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
-                    ASN1_R_TYPE_NOT_CONSTRUCTED);
-            return 0;
-        }
-
-        cont = *in;
-        /* If indefinite length constructed find the real end */
-        if (inf) {
-            if (!asn1_find_end(&p, plen, inf))
-                goto err;
-            len = p - cont;
-        } else {
-            len = p - cont + plen;
-            p += plen;
-        }
-    } else if (cst) {
-        if (utype == V_ASN1_NULL || utype == V_ASN1_BOOLEAN
-            || utype == V_ASN1_OBJECT || utype == V_ASN1_INTEGER
-            || utype == V_ASN1_ENUMERATED) {
-            ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_TYPE_NOT_PRIMITIVE);
-            return 0;
-        }
-
-        /* Free any returned 'buf' content */
-        free_cont = 1;
-        /*
-         * Should really check the internal tags are correct but some things
-         * may get this wrong. The relevant specs say that constructed string
-         * types should be OCTET STRINGs internally irrespective of the type.
-         * So instead just check for UNIVERSAL class and ignore the tag.
-         */
-        if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL, 0)) {
-            goto err;
-        }
-        len = buf.length;
-        /* Append a final null to string */
-        if (!BUF_MEM_grow_clean(&buf, len + 1)) {
-            ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        buf.data[len] = 0;
-        cont = (const unsigned char *)buf.data;
-    } else {
-        cont = p;
-        len = plen;
-        p += plen;
-    }
-
-    /* We now have content length and type: translate into a structure */
-    /* asn1_ex_c2i may reuse allocated buffer, and so sets free_cont to 0 */
-    if (!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it))
-        goto err;
-
-    *in = p;
-    ret = 1;
- err:
-    if (free_cont && buf.data)
-        OPENSSL_free(buf.data);
-    return ret;
-}
-
-/* Translate ASN1 content octets into a structure */
-
-int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
-                int utype, char *free_cont, const ASN1_ITEM *it)
-{
-    ASN1_VALUE **opval = NULL;
-    ASN1_STRING *stmp;
-    ASN1_TYPE *typ = NULL;
-    int ret = 0;
-    const ASN1_PRIMITIVE_FUNCS *pf;
-    ASN1_INTEGER **tint;
-    pf = it->funcs;
-
-    if (pf && pf->prim_c2i)
-        return pf->prim_c2i(pval, cont, len, utype, free_cont, it);
-    /* If ANY type clear type and set pointer to internal value */
-    if (it->utype == V_ASN1_ANY) {
-        if (!*pval) {
-            typ = ASN1_TYPE_new();
-            if (typ == NULL)
-                goto err;
-            *pval = (ASN1_VALUE *)typ;
-        } else
-            typ = (ASN1_TYPE *)*pval;
-
-        if (utype != typ->type)
-            ASN1_TYPE_set(typ, utype, NULL);
-        opval = pval;
-        pval = &typ->value.asn1_value;
-    }
-    switch (utype) {
-    case V_ASN1_OBJECT:
-        if (!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len))
-            goto err;
-        break;
-
-    case V_ASN1_NULL:
-        if (len) {
-            ASN1err(ASN1_F_ASN1_EX_C2I, ASN1_R_NULL_IS_WRONG_LENGTH);
-            goto err;
-        }
-        *pval = (ASN1_VALUE *)1;
-        break;
-
-    case V_ASN1_BOOLEAN:
-        if (len != 1) {
-            ASN1err(ASN1_F_ASN1_EX_C2I, ASN1_R_BOOLEAN_IS_WRONG_LENGTH);
-            goto err;
-        } else {
-            ASN1_BOOLEAN *tbool;
-            tbool = (ASN1_BOOLEAN *)pval;
-            *tbool = *cont;
-        }
-        break;
-
-    case V_ASN1_BIT_STRING:
-        if (!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len))
-            goto err;
-        break;
-
-    case V_ASN1_INTEGER:
-    case V_ASN1_ENUMERATED:
-        tint = (ASN1_INTEGER **)pval;
-        if (!c2i_ASN1_INTEGER(tint, &cont, len))
-            goto err;
-        /* Fixup type to match the expected form */
-        (*tint)->type = utype | ((*tint)->type & V_ASN1_NEG);
-        break;
-
-    case V_ASN1_OCTET_STRING:
-    case V_ASN1_NUMERICSTRING:
-    case V_ASN1_PRINTABLESTRING:
-    case V_ASN1_T61STRING:
-    case V_ASN1_VIDEOTEXSTRING:
-    case V_ASN1_IA5STRING:
-    case V_ASN1_UTCTIME:
-    case V_ASN1_GENERALIZEDTIME:
-    case V_ASN1_GRAPHICSTRING:
-    case V_ASN1_VISIBLESTRING:
-    case V_ASN1_GENERALSTRING:
-    case V_ASN1_UNIVERSALSTRING:
-    case V_ASN1_BMPSTRING:
-    case V_ASN1_UTF8STRING:
-    case V_ASN1_OTHER:
-    case V_ASN1_SET:
-    case V_ASN1_SEQUENCE:
-    default:
-        if (utype == V_ASN1_BMPSTRING && (len & 1)) {
-            ASN1err(ASN1_F_ASN1_EX_C2I, ASN1_R_BMPSTRING_IS_WRONG_LENGTH);
-            goto err;
-        }
-        if (utype == V_ASN1_UNIVERSALSTRING && (len & 3)) {
-            ASN1err(ASN1_F_ASN1_EX_C2I,
-                    ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH);
-            goto err;
-        }
-        /* All based on ASN1_STRING and handled the same */
-        if (!*pval) {
-            stmp = ASN1_STRING_type_new(utype);
-            if (!stmp) {
-                ASN1err(ASN1_F_ASN1_EX_C2I, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            *pval = (ASN1_VALUE *)stmp;
-        } else {
-            stmp = (ASN1_STRING *)*pval;
-            stmp->type = utype;
-        }
-        /* If we've already allocated a buffer use it */
-        if (*free_cont) {
-            if (stmp->data)
-                OPENSSL_free(stmp->data);
-            stmp->data = (unsigned char *)cont; /* UGLY CAST! RL */
-            stmp->length = len;
-            *free_cont = 0;
-        } else {
-            if (!ASN1_STRING_set(stmp, cont, len)) {
-                ASN1err(ASN1_F_ASN1_EX_C2I, ERR_R_MALLOC_FAILURE);
-                ASN1_STRING_free(stmp);
-                *pval = NULL;
-                goto err;
-            }
-        }
-        break;
-    }
-    /* If ASN1_ANY and NULL type fix up value */
-    if (typ && (utype == V_ASN1_NULL))
-        typ->value.ptr = NULL;
-
-    ret = 1;
- err:
-    if (!ret) {
-        ASN1_TYPE_free(typ);
-        if (opval)
-            *opval = NULL;
-    }
-    return ret;
-}
-
-/*
- * This function finds the end of an ASN1 structure when passed its maximum
- * length, whether it is indefinite length and a pointer to the content. This
- * is more efficient than calling asn1_collect because it does not recurse on
- * each indefinite length header.
- */
-
-static int asn1_find_end(const unsigned char **in, long len, char inf)
-{
-    int expected_eoc;
-    long plen;
-    const unsigned char *p = *in, *q;
-    /* If not indefinite length constructed just add length */
-    if (inf == 0) {
-        *in += len;
-        return 1;
-    }
-    expected_eoc = 1;
-    /*
-     * Indefinite length constructed form. Find the end when enough EOCs are
-     * found. If more indefinite length constructed headers are encountered
-     * increment the expected eoc count otherwise just skip to the end of the
-     * data.
-     */
-    while (len > 0) {
-        if (asn1_check_eoc(&p, len)) {
-            expected_eoc--;
-            if (expected_eoc == 0)
-                break;
-            len -= 2;
-            continue;
-        }
-        q = p;
-        /* Just read in a header: only care about the length */
-        if (!asn1_check_tlen(&plen, NULL, NULL, &inf, NULL, &p, len,
-                             -1, 0, 0, NULL)) {
-            ASN1err(ASN1_F_ASN1_FIND_END, ERR_R_NESTED_ASN1_ERROR);
-            return 0;
-        }
-        if (inf)
-            expected_eoc++;
-        else
-            p += plen;
-        len -= p - q;
-    }
-    if (expected_eoc) {
-        ASN1err(ASN1_F_ASN1_FIND_END, ASN1_R_MISSING_EOC);
-        return 0;
-    }
-    *in = p;
-    return 1;
-}
-
-/*
- * This function collects the asn1 data from a constructred string type into
- * a buffer. The values of 'in' and 'len' should refer to the contents of the
- * constructed type and 'inf' should be set if it is indefinite length.
- */
-
-#ifndef ASN1_MAX_STRING_NEST
-/*
- * This determines how many levels of recursion are permitted in ASN1 string
- * types. If it is not limited stack overflows can occur. If set to zero no
- * recursion is allowed at all. Although zero should be adequate examples
- * exist that require a value of 1. So 5 should be more than enough.
- */
-# define ASN1_MAX_STRING_NEST 5
-#endif
-
-static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
-                        char inf, int tag, int aclass, int depth)
-{
-    const unsigned char *p, *q;
-    long plen;
-    char cst, ininf;
-    p = *in;
-    inf &= 1;
-    /*
-     * If no buffer and not indefinite length constructed just pass over the
-     * encoded data
-     */
-    if (!buf && !inf) {
-        *in += len;
-        return 1;
-    }
-    while (len > 0) {
-        q = p;
-        /* Check for EOC */
-        if (asn1_check_eoc(&p, len)) {
-            /*
-             * EOC is illegal outside indefinite length constructed form
-             */
-            if (!inf) {
-                ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_UNEXPECTED_EOC);
-                return 0;
-            }
-            inf = 0;
-            break;
-        }
-
-        if (!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p,
-                             len, tag, aclass, 0, NULL)) {
-            ASN1err(ASN1_F_ASN1_COLLECT, ERR_R_NESTED_ASN1_ERROR);
-            return 0;
-        }
-
-        /* If indefinite length constructed update max length */
-        if (cst) {
-            if (depth >= ASN1_MAX_STRING_NEST) {
-                ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_NESTED_ASN1_STRING);
-                return 0;
-            }
-            if (!asn1_collect(buf, &p, plen, ininf, tag, aclass, depth + 1))
-                return 0;
-        } else if (plen && !collect_data(buf, &p, plen))
-            return 0;
-        len -= p - q;
-    }
-    if (inf) {
-        ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_MISSING_EOC);
-        return 0;
-    }
-    *in = p;
-    return 1;
-}
-
-static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen)
-{
-    int len;
-    if (buf) {
-        len = buf->length;
-        if (!BUF_MEM_grow_clean(buf, len + plen)) {
-            ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-        memcpy(buf->data + len, *p, plen);
-    }
-    *p += plen;
-    return 1;
-}
-
-/* Check for ASN1 EOC and swallow it if found */
-
-static int asn1_check_eoc(const unsigned char **in, long len)
-{
-    const unsigned char *p;
-    if (len < 2)
-        return 0;
-    p = *in;
-    if (!p[0] && !p[1]) {
-        *in += 2;
-        return 1;
-    }
-    return 0;
-}
-
-/*
- * Check an ASN1 tag and length: a bit like ASN1_get_object but it sets the
- * length for indefinite length constructed form, we don't know the exact
- * length but we can set an upper bound to the amount of data available minus
- * the header length just read.
- */
-
-static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
-                           char *inf, char *cst,
-                           const unsigned char **in, long len,
-                           int exptag, int expclass, char opt, ASN1_TLC *ctx)
-{
-    int i;
-    int ptag, pclass;
-    long plen;
-    const unsigned char *p, *q;
-    p = *in;
-    q = p;
-
-    if (ctx && ctx->valid) {
-        i = ctx->ret;
-        plen = ctx->plen;
-        pclass = ctx->pclass;
-        ptag = ctx->ptag;
-        p += ctx->hdrlen;
-    } else {
-        i = ASN1_get_object(&p, &plen, &ptag, &pclass, len);
-        if (ctx) {
-            ctx->ret = i;
-            ctx->plen = plen;
-            ctx->pclass = pclass;
-            ctx->ptag = ptag;
-            ctx->hdrlen = p - q;
-            ctx->valid = 1;
-            /*
-             * If definite length, and no error, length + header can't exceed
-             * total amount of data available.
-             */
-            if (!(i & 0x81) && ((plen + ctx->hdrlen) > len)) {
-                ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_TOO_LONG);
-                asn1_tlc_clear(ctx);
-                return 0;
-            }
-        }
-    }
-
-    if (i & 0x80) {
-        ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_BAD_OBJECT_HEADER);
-        asn1_tlc_clear(ctx);
-        return 0;
-    }
-    if (exptag >= 0) {
-        if ((exptag != ptag) || (expclass != pclass)) {
-            /*
-             * If type is OPTIONAL, not an error: indicate missing type.
-             */
-            if (opt)
-                return -1;
-            asn1_tlc_clear(ctx);
-            ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_WRONG_TAG);
-            return 0;
-        }
-        /*
-         * We have a tag and class match: assume we are going to do something
-         * with it
-         */
-        asn1_tlc_clear(ctx);
-    }
-
-    if (i & 1)
-        plen = len - (p - q);
-
-    if (inf)
-        *inf = i & 1;
-
-    if (cst)
-        *cst = i & V_ASN1_CONSTRUCTED;
-
-    if (olen)
-        *olen = plen;
-
-    if (oclass)
-        *oclass = pclass;
-
-    if (otag)
-        *otag = ptag;
-
-    *in = p;
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/asn1/tasn_enc.c b/thirdparty/openssl/crypto/asn1/tasn_enc.c
deleted file mode 100644
index 081a9d534f..0000000000
--- a/thirdparty/openssl/crypto/asn1/tasn_enc.c
+++ /dev/null
@@ -1,667 +0,0 @@
-/* tasn_enc.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stddef.h>
-#include <string.h>
-#include <limits.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/objects.h>
-
-static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
-                                 const ASN1_ITEM *it, int tag, int aclass);
-static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
-                            int skcontlen, const ASN1_ITEM *item,
-                            int do_sort, int iclass);
-static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
-                                const ASN1_TEMPLATE *tt, int tag, int aclass);
-static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out,
-                               const ASN1_ITEM *it, int flags);
-
-/*
- * Top level i2d equivalents: the 'ndef' variant instructs the encoder to use
- * indefinite length constructed encoding, where appropriate
- */
-
-int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out,
-                       const ASN1_ITEM *it)
-{
-    return asn1_item_flags_i2d(val, out, it, ASN1_TFLG_NDEF);
-}
-
-int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it)
-{
-    return asn1_item_flags_i2d(val, out, it, 0);
-}
-
-/*
- * Encode an ASN1 item, this is use by the standard 'i2d' function. 'out'
- * points to a buffer to output the data to. The new i2d has one additional
- * feature. If the output buffer is NULL (i.e. *out == NULL) then a buffer is
- * allocated and populated with the encoding.
- */
-
-static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out,
-                               const ASN1_ITEM *it, int flags)
-{
-    if (out && !*out) {
-        unsigned char *p, *buf;
-        int len;
-        len = ASN1_item_ex_i2d(&val, NULL, it, -1, flags);
-        if (len <= 0)
-            return len;
-        buf = OPENSSL_malloc(len);
-        if (!buf)
-            return -1;
-        p = buf;
-        ASN1_item_ex_i2d(&val, &p, it, -1, flags);
-        *out = buf;
-        return len;
-    }
-
-    return ASN1_item_ex_i2d(&val, out, it, -1, flags);
-}
-
-/*
- * Encode an item, taking care of IMPLICIT tagging (if any). This function
- * performs the normal item handling: it can be used in external types.
- */
-
-int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
-                     const ASN1_ITEM *it, int tag, int aclass)
-{
-    const ASN1_TEMPLATE *tt = NULL;
-    unsigned char *p = NULL;
-    int i, seqcontlen, seqlen, ndef = 1;
-    const ASN1_COMPAT_FUNCS *cf;
-    const ASN1_EXTERN_FUNCS *ef;
-    const ASN1_AUX *aux = it->funcs;
-    ASN1_aux_cb *asn1_cb = 0;
-
-    if ((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval)
-        return 0;
-
-    if (aux && aux->asn1_cb)
-        asn1_cb = aux->asn1_cb;
-
-    switch (it->itype) {
-
-    case ASN1_ITYPE_PRIMITIVE:
-        if (it->templates)
-            return asn1_template_ex_i2d(pval, out, it->templates,
-                                        tag, aclass);
-        return asn1_i2d_ex_primitive(pval, out, it, tag, aclass);
-        break;
-
-    case ASN1_ITYPE_MSTRING:
-        return asn1_i2d_ex_primitive(pval, out, it, -1, aclass);
-
-    case ASN1_ITYPE_CHOICE:
-        if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
-            return 0;
-        i = asn1_get_choice_selector(pval, it);
-        if ((i >= 0) && (i < it->tcount)) {
-            ASN1_VALUE **pchval;
-            const ASN1_TEMPLATE *chtt;
-            chtt = it->templates + i;
-            pchval = asn1_get_field_ptr(pval, chtt);
-            return asn1_template_ex_i2d(pchval, out, chtt, -1, aclass);
-        }
-        /* Fixme: error condition if selector out of range */
-        if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL))
-            return 0;
-        break;
-
-    case ASN1_ITYPE_EXTERN:
-        /* If new style i2d it does all the work */
-        ef = it->funcs;
-        return ef->asn1_ex_i2d(pval, out, it, tag, aclass);
-
-    case ASN1_ITYPE_COMPAT:
-        /* old style hackery... */
-        cf = it->funcs;
-        if (out)
-            p = *out;
-        i = cf->asn1_i2d(*pval, out);
-        /*
-         * Fixup for IMPLICIT tag: note this messes up for tags > 30, but so
-         * did the old code. Tags > 30 are very rare anyway.
-         */
-        if (out && (tag != -1))
-            *p = aclass | tag | (*p & V_ASN1_CONSTRUCTED);
-        return i;
-
-    case ASN1_ITYPE_NDEF_SEQUENCE:
-        /* Use indefinite length constructed if requested */
-        if (aclass & ASN1_TFLG_NDEF)
-            ndef = 2;
-        /* fall through */
-
-    case ASN1_ITYPE_SEQUENCE:
-        i = asn1_enc_restore(&seqcontlen, out, pval, it);
-        /* An error occurred */
-        if (i < 0)
-            return 0;
-        /* We have a valid cached encoding... */
-        if (i > 0)
-            return seqcontlen;
-        /* Otherwise carry on */
-        seqcontlen = 0;
-        /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
-        if (tag == -1) {
-            tag = V_ASN1_SEQUENCE;
-            /* Retain any other flags in aclass */
-            aclass = (aclass & ~ASN1_TFLG_TAG_CLASS)
-                | V_ASN1_UNIVERSAL;
-        }
-        if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
-            return 0;
-        /* First work out sequence content length */
-        for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
-            const ASN1_TEMPLATE *seqtt;
-            ASN1_VALUE **pseqval;
-            int tmplen;
-            seqtt = asn1_do_adb(pval, tt, 1);
-            if (!seqtt)
-                return 0;
-            pseqval = asn1_get_field_ptr(pval, seqtt);
-            tmplen = asn1_template_ex_i2d(pseqval, NULL, seqtt, -1, aclass);
-            if (tmplen == -1 || (tmplen > INT_MAX - seqcontlen))
-                return -1;
-            seqcontlen += tmplen;
-        }
-
-        seqlen = ASN1_object_size(ndef, seqcontlen, tag);
-        if (!out || seqlen == -1)
-            return seqlen;
-        /* Output SEQUENCE header */
-        ASN1_put_object(out, ndef, seqcontlen, tag, aclass);
-        for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
-            const ASN1_TEMPLATE *seqtt;
-            ASN1_VALUE **pseqval;
-            seqtt = asn1_do_adb(pval, tt, 1);
-            if (!seqtt)
-                return 0;
-            pseqval = asn1_get_field_ptr(pval, seqtt);
-            /* FIXME: check for errors in enhanced version */
-            asn1_template_ex_i2d(pseqval, out, seqtt, -1, aclass);
-        }
-        if (ndef == 2)
-            ASN1_put_eoc(out);
-        if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL))
-            return 0;
-        return seqlen;
-
-    default:
-        return 0;
-
-    }
-    return 0;
-}
-
-int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out,
-                      const ASN1_TEMPLATE *tt)
-{
-    return asn1_template_ex_i2d(pval, out, tt, -1, 0);
-}
-
-static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
-                                const ASN1_TEMPLATE *tt, int tag, int iclass)
-{
-    int i, ret, flags, ttag, tclass, ndef;
-    flags = tt->flags;
-    /*
-     * Work out tag and class to use: tagging may come either from the
-     * template or the arguments, not both because this would create
-     * ambiguity. Additionally the iclass argument may contain some
-     * additional flags which should be noted and passed down to other
-     * levels.
-     */
-    if (flags & ASN1_TFLG_TAG_MASK) {
-        /* Error if argument and template tagging */
-        if (tag != -1)
-            /* FIXME: error code here */
-            return -1;
-        /* Get tagging from template */
-        ttag = tt->tag;
-        tclass = flags & ASN1_TFLG_TAG_CLASS;
-    } else if (tag != -1) {
-        /* No template tagging, get from arguments */
-        ttag = tag;
-        tclass = iclass & ASN1_TFLG_TAG_CLASS;
-    } else {
-        ttag = -1;
-        tclass = 0;
-    }
-    /*
-     * Remove any class mask from iflag.
-     */
-    iclass &= ~ASN1_TFLG_TAG_CLASS;
-
-    /*
-     * At this point 'ttag' contains the outer tag to use, 'tclass' is the
-     * class and iclass is any flags passed to this function.
-     */
-
-    /* if template and arguments require ndef, use it */
-    if ((flags & ASN1_TFLG_NDEF) && (iclass & ASN1_TFLG_NDEF))
-        ndef = 2;
-    else
-        ndef = 1;
-
-    if (flags & ASN1_TFLG_SK_MASK) {
-        /* SET OF, SEQUENCE OF */
-        STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
-        int isset, sktag, skaclass;
-        int skcontlen, sklen;
-        ASN1_VALUE *skitem;
-
-        if (!*pval)
-            return 0;
-
-        if (flags & ASN1_TFLG_SET_OF) {
-            isset = 1;
-            /* 2 means we reorder */
-            if (flags & ASN1_TFLG_SEQUENCE_OF)
-                isset = 2;
-        } else
-            isset = 0;
-
-        /*
-         * Work out inner tag value: if EXPLICIT or no tagging use underlying
-         * type.
-         */
-        if ((ttag != -1) && !(flags & ASN1_TFLG_EXPTAG)) {
-            sktag = ttag;
-            skaclass = tclass;
-        } else {
-            skaclass = V_ASN1_UNIVERSAL;
-            if (isset)
-                sktag = V_ASN1_SET;
-            else
-                sktag = V_ASN1_SEQUENCE;
-        }
-
-        /* Determine total length of items */
-        skcontlen = 0;
-        for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
-            int tmplen;
-            skitem = sk_ASN1_VALUE_value(sk, i);
-            tmplen = ASN1_item_ex_i2d(&skitem, NULL, ASN1_ITEM_ptr(tt->item),
-                                      -1, iclass);
-            if (tmplen == -1 || (skcontlen > INT_MAX - tmplen))
-                return -1;
-            skcontlen += tmplen;
-        }
-        sklen = ASN1_object_size(ndef, skcontlen, sktag);
-        if (sklen == -1)
-            return -1;
-        /* If EXPLICIT need length of surrounding tag */
-        if (flags & ASN1_TFLG_EXPTAG)
-            ret = ASN1_object_size(ndef, sklen, ttag);
-        else
-            ret = sklen;
-
-        if (!out || ret == -1)
-            return ret;
-
-        /* Now encode this lot... */
-        /* EXPLICIT tag */
-        if (flags & ASN1_TFLG_EXPTAG)
-            ASN1_put_object(out, ndef, sklen, ttag, tclass);
-        /* SET or SEQUENCE and IMPLICIT tag */
-        ASN1_put_object(out, ndef, skcontlen, sktag, skaclass);
-        /* And the stuff itself */
-        asn1_set_seq_out(sk, out, skcontlen, ASN1_ITEM_ptr(tt->item),
-                         isset, iclass);
-        if (ndef == 2) {
-            ASN1_put_eoc(out);
-            if (flags & ASN1_TFLG_EXPTAG)
-                ASN1_put_eoc(out);
-        }
-
-        return ret;
-    }
-
-    if (flags & ASN1_TFLG_EXPTAG) {
-        /* EXPLICIT tagging */
-        /* Find length of tagged item */
-        i = ASN1_item_ex_i2d(pval, NULL, ASN1_ITEM_ptr(tt->item), -1, iclass);
-        if (!i)
-            return 0;
-        /* Find length of EXPLICIT tag */
-        ret = ASN1_object_size(ndef, i, ttag);
-        if (out && ret != -1) {
-            /* Output tag and item */
-            ASN1_put_object(out, ndef, i, ttag, tclass);
-            ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), -1, iclass);
-            if (ndef == 2)
-                ASN1_put_eoc(out);
-        }
-        return ret;
-    }
-
-    /* Either normal or IMPLICIT tagging: combine class and flags */
-    return ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item),
-                            ttag, tclass | iclass);
-
-}
-
-/* Temporary structure used to hold DER encoding of items for SET OF */
-
-typedef struct {
-    unsigned char *data;
-    int length;
-    ASN1_VALUE *field;
-} DER_ENC;
-
-static int der_cmp(const void *a, const void *b)
-{
-    const DER_ENC *d1 = a, *d2 = b;
-    int cmplen, i;
-    cmplen = (d1->length < d2->length) ? d1->length : d2->length;
-    i = memcmp(d1->data, d2->data, cmplen);
-    if (i)
-        return i;
-    return d1->length - d2->length;
-}
-
-/* Output the content octets of SET OF or SEQUENCE OF */
-
-static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
-                            int skcontlen, const ASN1_ITEM *item,
-                            int do_sort, int iclass)
-{
-    int i;
-    ASN1_VALUE *skitem;
-    unsigned char *tmpdat = NULL, *p = NULL;
-    DER_ENC *derlst = NULL, *tder;
-    if (do_sort) {
-        /* Don't need to sort less than 2 items */
-        if (sk_ASN1_VALUE_num(sk) < 2)
-            do_sort = 0;
-        else {
-            derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk)
-                                    * sizeof(*derlst));
-            if (!derlst)
-                return 0;
-            tmpdat = OPENSSL_malloc(skcontlen);
-            if (!tmpdat) {
-                OPENSSL_free(derlst);
-                return 0;
-            }
-        }
-    }
-    /* If not sorting just output each item */
-    if (!do_sort) {
-        for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
-            skitem = sk_ASN1_VALUE_value(sk, i);
-            ASN1_item_ex_i2d(&skitem, out, item, -1, iclass);
-        }
-        return 1;
-    }
-    p = tmpdat;
-
-    /* Doing sort: build up a list of each member's DER encoding */
-    for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
-        skitem = sk_ASN1_VALUE_value(sk, i);
-        tder->data = p;
-        tder->length = ASN1_item_ex_i2d(&skitem, &p, item, -1, iclass);
-        tder->field = skitem;
-    }
-
-    /* Now sort them */
-    qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp);
-    /* Output sorted DER encoding */
-    p = *out;
-    for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
-        memcpy(p, tder->data, tder->length);
-        p += tder->length;
-    }
-    *out = p;
-    /* If do_sort is 2 then reorder the STACK */
-    if (do_sort == 2) {
-        for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++)
-            (void)sk_ASN1_VALUE_set(sk, i, tder->field);
-    }
-    OPENSSL_free(derlst);
-    OPENSSL_free(tmpdat);
-    return 1;
-}
-
-static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
-                                 const ASN1_ITEM *it, int tag, int aclass)
-{
-    int len;
-    int utype;
-    int usetag;
-    int ndef = 0;
-
-    utype = it->utype;
-
-    /*
-     * Get length of content octets and maybe find out the underlying type.
-     */
-
-    len = asn1_ex_i2c(pval, NULL, &utype, it);
-
-    /*
-     * If SEQUENCE, SET or OTHER then header is included in pseudo content
-     * octets so don't include tag+length. We need to check here because the
-     * call to asn1_ex_i2c() could change utype.
-     */
-    if ((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) ||
-        (utype == V_ASN1_OTHER))
-        usetag = 0;
-    else
-        usetag = 1;
-
-    /* -1 means omit type */
-
-    if (len == -1)
-        return 0;
-
-    /* -2 return is special meaning use ndef */
-    if (len == -2) {
-        ndef = 2;
-        len = 0;
-    }
-
-    /* If not implicitly tagged get tag from underlying type */
-    if (tag == -1)
-        tag = utype;
-
-    /* Output tag+length followed by content octets */
-    if (out) {
-        if (usetag)
-            ASN1_put_object(out, ndef, len, tag, aclass);
-        asn1_ex_i2c(pval, *out, &utype, it);
-        if (ndef)
-            ASN1_put_eoc(out);
-        else
-            *out += len;
-    }
-
-    if (usetag)
-        return ASN1_object_size(ndef, len, tag);
-    return len;
-}
-
-/* Produce content octets from a structure */
-
-int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
-                const ASN1_ITEM *it)
-{
-    ASN1_BOOLEAN *tbool = NULL;
-    ASN1_STRING *strtmp;
-    ASN1_OBJECT *otmp;
-    int utype;
-    const unsigned char *cont;
-    unsigned char c;
-    int len;
-    const ASN1_PRIMITIVE_FUNCS *pf;
-    pf = it->funcs;
-    if (pf && pf->prim_i2c)
-        return pf->prim_i2c(pval, cout, putype, it);
-
-    /* Should type be omitted? */
-    if ((it->itype != ASN1_ITYPE_PRIMITIVE)
-        || (it->utype != V_ASN1_BOOLEAN)) {
-        if (!*pval)
-            return -1;
-    }
-
-    if (it->itype == ASN1_ITYPE_MSTRING) {
-        /* If MSTRING type set the underlying type */
-        strtmp = (ASN1_STRING *)*pval;
-        utype = strtmp->type;
-        *putype = utype;
-    } else if (it->utype == V_ASN1_ANY) {
-        /* If ANY set type and pointer to value */
-        ASN1_TYPE *typ;
-        typ = (ASN1_TYPE *)*pval;
-        utype = typ->type;
-        *putype = utype;
-        pval = &typ->value.asn1_value;
-    } else
-        utype = *putype;
-
-    switch (utype) {
-    case V_ASN1_OBJECT:
-        otmp = (ASN1_OBJECT *)*pval;
-        cont = otmp->data;
-        len = otmp->length;
-        break;
-
-    case V_ASN1_NULL:
-        cont = NULL;
-        len = 0;
-        break;
-
-    case V_ASN1_BOOLEAN:
-        tbool = (ASN1_BOOLEAN *)pval;
-        if (*tbool == -1)
-            return -1;
-        if (it->utype != V_ASN1_ANY) {
-            /*
-             * Default handling if value == size field then omit
-             */
-            if (*tbool && (it->size > 0))
-                return -1;
-            if (!*tbool && !it->size)
-                return -1;
-        }
-        c = (unsigned char)*tbool;
-        cont = &c;
-        len = 1;
-        break;
-
-    case V_ASN1_BIT_STRING:
-        return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval,
-                                   cout ? &cout : NULL);
-        break;
-
-    case V_ASN1_INTEGER:
-    case V_ASN1_ENUMERATED:
-        /*
-         * These are all have the same content format as ASN1_INTEGER
-         */
-        return i2c_ASN1_INTEGER((ASN1_INTEGER *)*pval, cout ? &cout : NULL);
-        break;
-
-    case V_ASN1_OCTET_STRING:
-    case V_ASN1_NUMERICSTRING:
-    case V_ASN1_PRINTABLESTRING:
-    case V_ASN1_T61STRING:
-    case V_ASN1_VIDEOTEXSTRING:
-    case V_ASN1_IA5STRING:
-    case V_ASN1_UTCTIME:
-    case V_ASN1_GENERALIZEDTIME:
-    case V_ASN1_GRAPHICSTRING:
-    case V_ASN1_VISIBLESTRING:
-    case V_ASN1_GENERALSTRING:
-    case V_ASN1_UNIVERSALSTRING:
-    case V_ASN1_BMPSTRING:
-    case V_ASN1_UTF8STRING:
-    case V_ASN1_SEQUENCE:
-    case V_ASN1_SET:
-    default:
-        /* All based on ASN1_STRING and handled the same */
-        strtmp = (ASN1_STRING *)*pval;
-        /* Special handling for NDEF */
-        if ((it->size == ASN1_TFLG_NDEF)
-            && (strtmp->flags & ASN1_STRING_FLAG_NDEF)) {
-            if (cout) {
-                strtmp->data = cout;
-                strtmp->length = 0;
-            }
-            /* Special return code */
-            return -2;
-        }
-        cont = strtmp->data;
-        len = strtmp->length;
-
-        break;
-
-    }
-    if (cout && len)
-        memcpy(cout, cont, len);
-    return len;
-}
diff --git a/thirdparty/openssl/crypto/asn1/tasn_fre.c b/thirdparty/openssl/crypto/asn1/tasn_fre.c
deleted file mode 100644
index aeea4eff7a..0000000000
--- a/thirdparty/openssl/crypto/asn1/tasn_fre.c
+++ /dev/null
@@ -1,249 +0,0 @@
-/* tasn_fre.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stddef.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/objects.h>
-
-static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it,
-                                   int combine);
-
-/* Free up an ASN1 structure */
-
-void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it)
-{
-    asn1_item_combine_free(&val, it, 0);
-}
-
-void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-    asn1_item_combine_free(pval, it, 0);
-}
-
-static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it,
-                                   int combine)
-{
-    const ASN1_TEMPLATE *tt = NULL, *seqtt;
-    const ASN1_EXTERN_FUNCS *ef;
-    const ASN1_COMPAT_FUNCS *cf;
-    const ASN1_AUX *aux = it->funcs;
-    ASN1_aux_cb *asn1_cb;
-    int i;
-    if (!pval)
-        return;
-    if ((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval)
-        return;
-    if (aux && aux->asn1_cb)
-        asn1_cb = aux->asn1_cb;
-    else
-        asn1_cb = 0;
-
-    switch (it->itype) {
-
-    case ASN1_ITYPE_PRIMITIVE:
-        if (it->templates)
-            ASN1_template_free(pval, it->templates);
-        else
-            ASN1_primitive_free(pval, it);
-        break;
-
-    case ASN1_ITYPE_MSTRING:
-        ASN1_primitive_free(pval, it);
-        break;
-
-    case ASN1_ITYPE_CHOICE:
-        if (asn1_cb) {
-            i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL);
-            if (i == 2)
-                return;
-        }
-        i = asn1_get_choice_selector(pval, it);
-        if ((i >= 0) && (i < it->tcount)) {
-            ASN1_VALUE **pchval;
-            tt = it->templates + i;
-            pchval = asn1_get_field_ptr(pval, tt);
-            ASN1_template_free(pchval, tt);
-        }
-        if (asn1_cb)
-            asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL);
-        if (!combine) {
-            OPENSSL_free(*pval);
-            *pval = NULL;
-        }
-        break;
-
-    case ASN1_ITYPE_COMPAT:
-        cf = it->funcs;
-        if (cf && cf->asn1_free)
-            cf->asn1_free(*pval);
-        break;
-
-    case ASN1_ITYPE_EXTERN:
-        ef = it->funcs;
-        if (ef && ef->asn1_ex_free)
-            ef->asn1_ex_free(pval, it);
-        break;
-
-    case ASN1_ITYPE_NDEF_SEQUENCE:
-    case ASN1_ITYPE_SEQUENCE:
-        if (asn1_do_lock(pval, -1, it) > 0)
-            return;
-        if (asn1_cb) {
-            i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL);
-            if (i == 2)
-                return;
-        }
-        asn1_enc_free(pval, it);
-        /*
-         * If we free up as normal we will invalidate any ANY DEFINED BY
-         * field and we wont be able to determine the type of the field it
-         * defines. So free up in reverse order.
-         */
-        tt = it->templates + it->tcount - 1;
-        for (i = 0; i < it->tcount; tt--, i++) {
-            ASN1_VALUE **pseqval;
-            seqtt = asn1_do_adb(pval, tt, 0);
-            if (!seqtt)
-                continue;
-            pseqval = asn1_get_field_ptr(pval, seqtt);
-            ASN1_template_free(pseqval, seqtt);
-        }
-        if (asn1_cb)
-            asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL);
-        if (!combine) {
-            OPENSSL_free(*pval);
-            *pval = NULL;
-        }
-        break;
-    }
-}
-
-void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
-{
-    int i;
-    if (tt->flags & ASN1_TFLG_SK_MASK) {
-        STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
-        for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
-            ASN1_VALUE *vtmp;
-            vtmp = sk_ASN1_VALUE_value(sk, i);
-            asn1_item_combine_free(&vtmp, ASN1_ITEM_ptr(tt->item), 0);
-        }
-        sk_ASN1_VALUE_free(sk);
-        *pval = NULL;
-    } else
-        asn1_item_combine_free(pval, ASN1_ITEM_ptr(tt->item),
-                               tt->flags & ASN1_TFLG_COMBINE);
-}
-
-void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-    int utype;
-    if (it) {
-        const ASN1_PRIMITIVE_FUNCS *pf;
-        pf = it->funcs;
-        if (pf && pf->prim_free) {
-            pf->prim_free(pval, it);
-            return;
-        }
-    }
-    /* Special case: if 'it' is NULL free contents of ASN1_TYPE */
-    if (!it) {
-        ASN1_TYPE *typ = (ASN1_TYPE *)*pval;
-        utype = typ->type;
-        pval = &typ->value.asn1_value;
-        if (!*pval)
-            return;
-    } else if (it->itype == ASN1_ITYPE_MSTRING) {
-        utype = -1;
-        if (!*pval)
-            return;
-    } else {
-        utype = it->utype;
-        if ((utype != V_ASN1_BOOLEAN) && !*pval)
-            return;
-    }
-
-    switch (utype) {
-    case V_ASN1_OBJECT:
-        ASN1_OBJECT_free((ASN1_OBJECT *)*pval);
-        break;
-
-    case V_ASN1_BOOLEAN:
-        if (it)
-            *(ASN1_BOOLEAN *)pval = it->size;
-        else
-            *(ASN1_BOOLEAN *)pval = -1;
-        return;
-
-    case V_ASN1_NULL:
-        break;
-
-    case V_ASN1_ANY:
-        ASN1_primitive_free(pval, NULL);
-        OPENSSL_free(*pval);
-        break;
-
-    default:
-        ASN1_STRING_free((ASN1_STRING *)*pval);
-        *pval = NULL;
-        break;
-    }
-    *pval = NULL;
-}
diff --git a/thirdparty/openssl/crypto/asn1/tasn_new.c b/thirdparty/openssl/crypto/asn1/tasn_new.c
deleted file mode 100644
index 54f459d1ed..0000000000
--- a/thirdparty/openssl/crypto/asn1/tasn_new.c
+++ /dev/null
@@ -1,384 +0,0 @@
-/* tasn_new.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stddef.h>
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/err.h>
-#include <openssl/asn1t.h>
-#include <string.h>
-
-static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
-                                    int combine);
-static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
-static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
-static void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it)
-{
-    ASN1_VALUE *ret = NULL;
-    if (ASN1_item_ex_new(&ret, it) > 0)
-        return ret;
-    return NULL;
-}
-
-/* Allocate an ASN1 structure */
-
-int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-    return asn1_item_ex_combine_new(pval, it, 0);
-}
-
-static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
-                                    int combine)
-{
-    const ASN1_TEMPLATE *tt = NULL;
-    const ASN1_COMPAT_FUNCS *cf;
-    const ASN1_EXTERN_FUNCS *ef;
-    const ASN1_AUX *aux = it->funcs;
-    ASN1_aux_cb *asn1_cb;
-    ASN1_VALUE **pseqval;
-    int i;
-    if (aux && aux->asn1_cb)
-        asn1_cb = aux->asn1_cb;
-    else
-        asn1_cb = 0;
-
-#ifdef CRYPTO_MDEBUG
-    if (it->sname)
-        CRYPTO_push_info(it->sname);
-#endif
-
-    switch (it->itype) {
-
-    case ASN1_ITYPE_EXTERN:
-        ef = it->funcs;
-        if (ef && ef->asn1_ex_new) {
-            if (!ef->asn1_ex_new(pval, it))
-                goto memerr;
-        }
-        break;
-
-    case ASN1_ITYPE_COMPAT:
-        cf = it->funcs;
-        if (cf && cf->asn1_new) {
-            *pval = cf->asn1_new();
-            if (!*pval)
-                goto memerr;
-        }
-        break;
-
-    case ASN1_ITYPE_PRIMITIVE:
-        if (it->templates) {
-            if (!ASN1_template_new(pval, it->templates))
-                goto memerr;
-        } else if (!ASN1_primitive_new(pval, it))
-            goto memerr;
-        break;
-
-    case ASN1_ITYPE_MSTRING:
-        if (!ASN1_primitive_new(pval, it))
-            goto memerr;
-        break;
-
-    case ASN1_ITYPE_CHOICE:
-        if (asn1_cb) {
-            i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL);
-            if (!i)
-                goto auxerr;
-            if (i == 2) {
-#ifdef CRYPTO_MDEBUG
-                if (it->sname)
-                    CRYPTO_pop_info();
-#endif
-                return 1;
-            }
-        }
-        if (!combine) {
-            *pval = OPENSSL_malloc(it->size);
-            if (!*pval)
-                goto memerr;
-            memset(*pval, 0, it->size);
-        }
-        asn1_set_choice_selector(pval, -1, it);
-        if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL))
-            goto auxerr2;
-        break;
-
-    case ASN1_ITYPE_NDEF_SEQUENCE:
-    case ASN1_ITYPE_SEQUENCE:
-        if (asn1_cb) {
-            i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL);
-            if (!i)
-                goto auxerr;
-            if (i == 2) {
-#ifdef CRYPTO_MDEBUG
-                if (it->sname)
-                    CRYPTO_pop_info();
-#endif
-                return 1;
-            }
-        }
-        if (!combine) {
-            *pval = OPENSSL_malloc(it->size);
-            if (!*pval)
-                goto memerr;
-            memset(*pval, 0, it->size);
-            asn1_do_lock(pval, 0, it);
-            asn1_enc_init(pval, it);
-        }
-        for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
-            pseqval = asn1_get_field_ptr(pval, tt);
-            if (!ASN1_template_new(pseqval, tt))
-                goto memerr2;
-        }
-        if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL))
-            goto auxerr2;
-        break;
-    }
-#ifdef CRYPTO_MDEBUG
-    if (it->sname)
-        CRYPTO_pop_info();
-#endif
-    return 1;
-
- memerr2:
-    ASN1_item_ex_free(pval, it);
- memerr:
-    ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ERR_R_MALLOC_FAILURE);
-#ifdef CRYPTO_MDEBUG
-    if (it->sname)
-        CRYPTO_pop_info();
-#endif
-    return 0;
-
- auxerr2:
-    ASN1_item_ex_free(pval, it);
- auxerr:
-    ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ASN1_R_AUX_ERROR);
-#ifdef CRYPTO_MDEBUG
-    if (it->sname)
-        CRYPTO_pop_info();
-#endif
-    return 0;
-
-}
-
-static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-    const ASN1_EXTERN_FUNCS *ef;
-
-    switch (it->itype) {
-
-    case ASN1_ITYPE_EXTERN:
-        ef = it->funcs;
-        if (ef && ef->asn1_ex_clear)
-            ef->asn1_ex_clear(pval, it);
-        else
-            *pval = NULL;
-        break;
-
-    case ASN1_ITYPE_PRIMITIVE:
-        if (it->templates)
-            asn1_template_clear(pval, it->templates);
-        else
-            asn1_primitive_clear(pval, it);
-        break;
-
-    case ASN1_ITYPE_MSTRING:
-        asn1_primitive_clear(pval, it);
-        break;
-
-    case ASN1_ITYPE_COMPAT:
-    case ASN1_ITYPE_CHOICE:
-    case ASN1_ITYPE_SEQUENCE:
-    case ASN1_ITYPE_NDEF_SEQUENCE:
-        *pval = NULL;
-        break;
-    }
-}
-
-int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
-{
-    const ASN1_ITEM *it = ASN1_ITEM_ptr(tt->item);
-    int ret;
-    if (tt->flags & ASN1_TFLG_OPTIONAL) {
-        asn1_template_clear(pval, tt);
-        return 1;
-    }
-    /* If ANY DEFINED BY nothing to do */
-
-    if (tt->flags & ASN1_TFLG_ADB_MASK) {
-        *pval = NULL;
-        return 1;
-    }
-#ifdef CRYPTO_MDEBUG
-    if (tt->field_name)
-        CRYPTO_push_info(tt->field_name);
-#endif
-    /* If SET OF or SEQUENCE OF, its a STACK */
-    if (tt->flags & ASN1_TFLG_SK_MASK) {
-        STACK_OF(ASN1_VALUE) *skval;
-        skval = sk_ASN1_VALUE_new_null();
-        if (!skval) {
-            ASN1err(ASN1_F_ASN1_TEMPLATE_NEW, ERR_R_MALLOC_FAILURE);
-            ret = 0;
-            goto done;
-        }
-        *pval = (ASN1_VALUE *)skval;
-        ret = 1;
-        goto done;
-    }
-    /* Otherwise pass it back to the item routine */
-    ret = asn1_item_ex_combine_new(pval, it, tt->flags & ASN1_TFLG_COMBINE);
- done:
-#ifdef CRYPTO_MDEBUG
-    if (it->sname)
-        CRYPTO_pop_info();
-#endif
-    return ret;
-}
-
-static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
-{
-    /* If ADB or STACK just NULL the field */
-    if (tt->flags & (ASN1_TFLG_ADB_MASK | ASN1_TFLG_SK_MASK))
-        *pval = NULL;
-    else
-        asn1_item_clear(pval, ASN1_ITEM_ptr(tt->item));
-}
-
-/*
- * NB: could probably combine most of the real XXX_new() behaviour and junk
- * all the old functions.
- */
-
-int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-    ASN1_TYPE *typ;
-    ASN1_STRING *str;
-    int utype;
-
-    if (!it)
-        return 0;
-
-    if (it->funcs) {
-        const ASN1_PRIMITIVE_FUNCS *pf = it->funcs;
-        if (pf->prim_new)
-            return pf->prim_new(pval, it);
-    }
-
-    if (it->itype == ASN1_ITYPE_MSTRING)
-        utype = -1;
-    else
-        utype = it->utype;
-    switch (utype) {
-    case V_ASN1_OBJECT:
-        *pval = (ASN1_VALUE *)OBJ_nid2obj(NID_undef);
-        return 1;
-
-    case V_ASN1_BOOLEAN:
-        *(ASN1_BOOLEAN *)pval = it->size;
-        return 1;
-
-    case V_ASN1_NULL:
-        *pval = (ASN1_VALUE *)1;
-        return 1;
-
-    case V_ASN1_ANY:
-        typ = OPENSSL_malloc(sizeof(ASN1_TYPE));
-        if (!typ)
-            return 0;
-        typ->value.ptr = NULL;
-        typ->type = -1;
-        *pval = (ASN1_VALUE *)typ;
-        break;
-
-    default:
-        str = ASN1_STRING_type_new(utype);
-        if (it->itype == ASN1_ITYPE_MSTRING && str)
-            str->flags |= ASN1_STRING_FLAG_MSTRING;
-        *pval = (ASN1_VALUE *)str;
-        break;
-    }
-    if (*pval)
-        return 1;
-    return 0;
-}
-
-static void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-    int utype;
-    if (it && it->funcs) {
-        const ASN1_PRIMITIVE_FUNCS *pf = it->funcs;
-        if (pf->prim_clear)
-            pf->prim_clear(pval, it);
-        else
-            *pval = NULL;
-        return;
-    }
-    if (!it || (it->itype == ASN1_ITYPE_MSTRING))
-        utype = -1;
-    else
-        utype = it->utype;
-    if (utype == V_ASN1_BOOLEAN)
-        *(ASN1_BOOLEAN *)pval = it->size;
-    else
-        *pval = NULL;
-}
diff --git a/thirdparty/openssl/crypto/asn1/tasn_prn.c b/thirdparty/openssl/crypto/asn1/tasn_prn.c
deleted file mode 100644
index f628caddbd..0000000000
--- a/thirdparty/openssl/crypto/asn1/tasn_prn.c
+++ /dev/null
@@ -1,593 +0,0 @@
-/* tasn_prn.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000,2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stddef.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/objects.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-#include "asn1_locl.h"
-
-/*
- * Print routines.
- */
-
-/* ASN1_PCTX routines */
-
-ASN1_PCTX default_pctx = {
-    ASN1_PCTX_FLAGS_SHOW_ABSENT, /* flags */
-    0,                          /* nm_flags */
-    0,                          /* cert_flags */
-    0,                          /* oid_flags */
-    0                           /* str_flags */
-};
-
-ASN1_PCTX *ASN1_PCTX_new(void)
-{
-    ASN1_PCTX *ret;
-    ret = OPENSSL_malloc(sizeof(ASN1_PCTX));
-    if (ret == NULL) {
-        ASN1err(ASN1_F_ASN1_PCTX_NEW, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    ret->flags = 0;
-    ret->nm_flags = 0;
-    ret->cert_flags = 0;
-    ret->oid_flags = 0;
-    ret->str_flags = 0;
-    return ret;
-}
-
-void ASN1_PCTX_free(ASN1_PCTX *p)
-{
-    OPENSSL_free(p);
-}
-
-unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p)
-{
-    return p->flags;
-}
-
-void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags)
-{
-    p->flags = flags;
-}
-
-unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p)
-{
-    return p->nm_flags;
-}
-
-void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags)
-{
-    p->nm_flags = flags;
-}
-
-unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p)
-{
-    return p->cert_flags;
-}
-
-void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags)
-{
-    p->cert_flags = flags;
-}
-
-unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p)
-{
-    return p->oid_flags;
-}
-
-void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags)
-{
-    p->oid_flags = flags;
-}
-
-unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p)
-{
-    return p->str_flags;
-}
-
-void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags)
-{
-    p->str_flags = flags;
-}
-
-/* Main print routines */
-
-static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
-                               const ASN1_ITEM *it,
-                               const char *fname, const char *sname,
-                               int nohdr, const ASN1_PCTX *pctx);
-
-int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
-                            const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx);
-
-static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
-                                const ASN1_ITEM *it, int indent,
-                                const char *fname, const char *sname,
-                                const ASN1_PCTX *pctx);
-
-static int asn1_print_fsname(BIO *out, int indent,
-                             const char *fname, const char *sname,
-                             const ASN1_PCTX *pctx);
-
-int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent,
-                    const ASN1_ITEM *it, const ASN1_PCTX *pctx)
-{
-    const char *sname;
-    if (pctx == NULL)
-        pctx = &default_pctx;
-    if (pctx->flags & ASN1_PCTX_FLAGS_NO_STRUCT_NAME)
-        sname = NULL;
-    else
-        sname = it->sname;
-    return asn1_item_print_ctx(out, &ifld, indent, it, NULL, sname, 0, pctx);
-}
-
-static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
-                               const ASN1_ITEM *it,
-                               const char *fname, const char *sname,
-                               int nohdr, const ASN1_PCTX *pctx)
-{
-    const ASN1_TEMPLATE *tt;
-    const ASN1_EXTERN_FUNCS *ef;
-    ASN1_VALUE **tmpfld;
-    const ASN1_AUX *aux = it->funcs;
-    ASN1_aux_cb *asn1_cb;
-    ASN1_PRINT_ARG parg;
-    int i;
-    if (aux && aux->asn1_cb) {
-        parg.out = out;
-        parg.indent = indent;
-        parg.pctx = pctx;
-        asn1_cb = aux->asn1_cb;
-    } else
-        asn1_cb = 0;
-
-   if (((it->itype != ASN1_ITYPE_PRIMITIVE)
-       || (it->utype != V_ASN1_BOOLEAN)) && *fld == NULL) {
-        if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_ABSENT) {
-            if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
-                return 0;
-            if (BIO_puts(out, "<ABSENT>\n") <= 0)
-                return 0;
-        }
-        return 1;
-    }
-
-    switch (it->itype) {
-    case ASN1_ITYPE_PRIMITIVE:
-        if (it->templates) {
-            if (!asn1_template_print_ctx(out, fld, indent,
-                                         it->templates, pctx))
-                return 0;
-            break;
-        }
-        /* fall thru */
-    case ASN1_ITYPE_MSTRING:
-        if (!asn1_primitive_print(out, fld, it, indent, fname, sname, pctx))
-            return 0;
-        break;
-
-    case ASN1_ITYPE_EXTERN:
-        if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
-            return 0;
-        /* Use new style print routine if possible */
-        ef = it->funcs;
-        if (ef && ef->asn1_ex_print) {
-            i = ef->asn1_ex_print(out, fld, indent, "", pctx);
-            if (!i)
-                return 0;
-            if ((i == 2) && (BIO_puts(out, "\n") <= 0))
-                return 0;
-            return 1;
-        } else if (sname &&
-                   BIO_printf(out, ":EXTERNAL TYPE %s\n", sname) <= 0)
-            return 0;
-        break;
-
-    case ASN1_ITYPE_CHOICE:
-#if 0
-        if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
-            return 0;
-#endif
-        /* CHOICE type, get selector */
-        i = asn1_get_choice_selector(fld, it);
-        /* This should never happen... */
-        if ((i < 0) || (i >= it->tcount)) {
-            if (BIO_printf(out, "ERROR: selector [%d] invalid\n", i) <= 0)
-                return 0;
-            return 1;
-        }
-        tt = it->templates + i;
-        tmpfld = asn1_get_field_ptr(fld, tt);
-        if (!asn1_template_print_ctx(out, tmpfld, indent, tt, pctx))
-            return 0;
-        break;
-
-    case ASN1_ITYPE_SEQUENCE:
-    case ASN1_ITYPE_NDEF_SEQUENCE:
-        if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
-            return 0;
-        if (fname || sname) {
-            if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
-                if (BIO_puts(out, " {\n") <= 0)
-                    return 0;
-            } else {
-                if (BIO_puts(out, "\n") <= 0)
-                    return 0;
-            }
-        }
-
-        if (asn1_cb) {
-            i = asn1_cb(ASN1_OP_PRINT_PRE, fld, it, &parg);
-            if (i == 0)
-                return 0;
-            if (i == 2)
-                return 1;
-        }
-
-        /* Print each field entry */
-        for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
-            const ASN1_TEMPLATE *seqtt;
-            seqtt = asn1_do_adb(fld, tt, 1);
-            if (!seqtt)
-                return 0;
-            tmpfld = asn1_get_field_ptr(fld, seqtt);
-            if (!asn1_template_print_ctx(out, tmpfld,
-                                         indent + 2, seqtt, pctx))
-                return 0;
-        }
-        if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
-            if (BIO_printf(out, "%*s}\n", indent, "") < 0)
-                return 0;
-        }
-
-        if (asn1_cb) {
-            i = asn1_cb(ASN1_OP_PRINT_POST, fld, it, &parg);
-            if (i == 0)
-                return 0;
-        }
-        break;
-
-    default:
-        BIO_printf(out, "Unprocessed type %d\n", it->itype);
-        return 0;
-    }
-
-    return 1;
-}
-
-int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
-                            const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx)
-{
-    int i, flags;
-    const char *sname, *fname;
-    flags = tt->flags;
-    if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME)
-        sname = ASN1_ITEM_ptr(tt->item)->sname;
-    else
-        sname = NULL;
-    if (pctx->flags & ASN1_PCTX_FLAGS_NO_FIELD_NAME)
-        fname = NULL;
-    else
-        fname = tt->field_name;
-    if (flags & ASN1_TFLG_SK_MASK) {
-        char *tname;
-        ASN1_VALUE *skitem;
-        STACK_OF(ASN1_VALUE) *stack;
-
-        /* SET OF, SEQUENCE OF */
-        if (fname) {
-            if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SSOF) {
-                if (flags & ASN1_TFLG_SET_OF)
-                    tname = "SET";
-                else
-                    tname = "SEQUENCE";
-                if (BIO_printf(out, "%*s%s OF %s {\n",
-                               indent, "", tname, tt->field_name) <= 0)
-                    return 0;
-            } else if (BIO_printf(out, "%*s%s:\n", indent, "", fname) <= 0)
-                return 0;
-        }
-        stack = (STACK_OF(ASN1_VALUE) *)*fld;
-        for (i = 0; i < sk_ASN1_VALUE_num(stack); i++) {
-            if ((i > 0) && (BIO_puts(out, "\n") <= 0))
-                return 0;
-
-            skitem = sk_ASN1_VALUE_value(stack, i);
-            if (!asn1_item_print_ctx(out, &skitem, indent + 2,
-                                     ASN1_ITEM_ptr(tt->item), NULL, NULL, 1,
-                                     pctx))
-                return 0;
-        }
-        if (!i && BIO_printf(out, "%*s<EMPTY>\n", indent + 2, "") <= 0)
-            return 0;
-        if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
-            if (BIO_printf(out, "%*s}\n", indent, "") <= 0)
-                return 0;
-        }
-        return 1;
-    }
-    return asn1_item_print_ctx(out, fld, indent, ASN1_ITEM_ptr(tt->item),
-                               fname, sname, 0, pctx);
-}
-
-static int asn1_print_fsname(BIO *out, int indent,
-                             const char *fname, const char *sname,
-                             const ASN1_PCTX *pctx)
-{
-    static char spaces[] = "                    ";
-    const int nspaces = sizeof(spaces) - 1;
-
-#if 0
-    if (!sname && !fname)
-        return 1;
-#endif
-
-    while (indent > nspaces) {
-        if (BIO_write(out, spaces, nspaces) != nspaces)
-            return 0;
-        indent -= nspaces;
-    }
-    if (BIO_write(out, spaces, indent) != indent)
-        return 0;
-    if (pctx->flags & ASN1_PCTX_FLAGS_NO_STRUCT_NAME)
-        sname = NULL;
-    if (pctx->flags & ASN1_PCTX_FLAGS_NO_FIELD_NAME)
-        fname = NULL;
-    if (!sname && !fname)
-        return 1;
-    if (fname) {
-        if (BIO_puts(out, fname) <= 0)
-            return 0;
-    }
-    if (sname) {
-        if (fname) {
-            if (BIO_printf(out, " (%s)", sname) <= 0)
-                return 0;
-        } else {
-            if (BIO_puts(out, sname) <= 0)
-                return 0;
-        }
-    }
-    if (BIO_write(out, ": ", 2) != 2)
-        return 0;
-    return 1;
-}
-
-static int asn1_print_boolean_ctx(BIO *out, int boolval,
-                                  const ASN1_PCTX *pctx)
-{
-    const char *str;
-    switch (boolval) {
-    case -1:
-        str = "BOOL ABSENT";
-        break;
-
-    case 0:
-        str = "FALSE";
-        break;
-
-    default:
-        str = "TRUE";
-        break;
-
-    }
-
-    if (BIO_puts(out, str) <= 0)
-        return 0;
-    return 1;
-
-}
-
-static int asn1_print_integer_ctx(BIO *out, ASN1_INTEGER *str,
-                                  const ASN1_PCTX *pctx)
-{
-    char *s;
-    int ret = 1;
-    s = i2s_ASN1_INTEGER(NULL, str);
-    if (s == NULL)
-        return 0;
-    if (BIO_puts(out, s) <= 0)
-        ret = 0;
-    OPENSSL_free(s);
-    return ret;
-}
-
-static int asn1_print_oid_ctx(BIO *out, const ASN1_OBJECT *oid,
-                              const ASN1_PCTX *pctx)
-{
-    char objbuf[80];
-    const char *ln;
-    ln = OBJ_nid2ln(OBJ_obj2nid(oid));
-    if (!ln)
-        ln = "";
-    OBJ_obj2txt(objbuf, sizeof objbuf, oid, 1);
-    if (BIO_printf(out, "%s (%s)", ln, objbuf) <= 0)
-        return 0;
-    return 1;
-}
-
-static int asn1_print_obstring_ctx(BIO *out, ASN1_STRING *str, int indent,
-                                   const ASN1_PCTX *pctx)
-{
-    if (str->type == V_ASN1_BIT_STRING) {
-        if (BIO_printf(out, " (%ld unused bits)\n", str->flags & 0x7) <= 0)
-            return 0;
-    } else if (BIO_puts(out, "\n") <= 0)
-        return 0;
-    if ((str->length > 0)
-        && BIO_dump_indent(out, (char *)str->data, str->length,
-                           indent + 2) <= 0)
-        return 0;
-    return 1;
-}
-
-static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
-                                const ASN1_ITEM *it, int indent,
-                                const char *fname, const char *sname,
-                                const ASN1_PCTX *pctx)
-{
-    long utype;
-    ASN1_STRING *str;
-    int ret = 1, needlf = 1;
-    const char *pname;
-    const ASN1_PRIMITIVE_FUNCS *pf;
-    pf = it->funcs;
-    if (!asn1_print_fsname(out, indent, fname, sname, pctx))
-        return 0;
-    if (pf && pf->prim_print)
-        return pf->prim_print(out, fld, it, indent, pctx);
-    if (it->itype == ASN1_ITYPE_MSTRING) {
-        str = (ASN1_STRING *)*fld;
-        utype = str->type & ~V_ASN1_NEG;
-    } else {
-        utype = it->utype;
-        if (utype == V_ASN1_BOOLEAN)
-            str = NULL;
-        else
-            str = (ASN1_STRING *)*fld;
-    }
-    if (utype == V_ASN1_ANY) {
-        ASN1_TYPE *atype = (ASN1_TYPE *)*fld;
-        utype = atype->type;
-        fld = &atype->value.asn1_value;
-        str = (ASN1_STRING *)*fld;
-        if (pctx->flags & ASN1_PCTX_FLAGS_NO_ANY_TYPE)
-            pname = NULL;
-        else
-            pname = ASN1_tag2str(utype);
-    } else {
-        if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_TYPE)
-            pname = ASN1_tag2str(utype);
-        else
-            pname = NULL;
-    }
-
-    if (utype == V_ASN1_NULL) {
-        if (BIO_puts(out, "NULL\n") <= 0)
-            return 0;
-        return 1;
-    }
-
-    if (pname) {
-        if (BIO_puts(out, pname) <= 0)
-            return 0;
-        if (BIO_puts(out, ":") <= 0)
-            return 0;
-    }
-
-    switch (utype) {
-    case V_ASN1_BOOLEAN:
-        {
-            int boolval = *(int *)fld;
-            if (boolval == -1)
-                boolval = it->size;
-            ret = asn1_print_boolean_ctx(out, boolval, pctx);
-        }
-        break;
-
-    case V_ASN1_INTEGER:
-    case V_ASN1_ENUMERATED:
-        ret = asn1_print_integer_ctx(out, str, pctx);
-        break;
-
-    case V_ASN1_UTCTIME:
-        ret = ASN1_UTCTIME_print(out, str);
-        break;
-
-    case V_ASN1_GENERALIZEDTIME:
-        ret = ASN1_GENERALIZEDTIME_print(out, str);
-        break;
-
-    case V_ASN1_OBJECT:
-        ret = asn1_print_oid_ctx(out, (const ASN1_OBJECT *)*fld, pctx);
-        break;
-
-    case V_ASN1_OCTET_STRING:
-    case V_ASN1_BIT_STRING:
-        ret = asn1_print_obstring_ctx(out, str, indent, pctx);
-        needlf = 0;
-        break;
-
-    case V_ASN1_SEQUENCE:
-    case V_ASN1_SET:
-    case V_ASN1_OTHER:
-        if (BIO_puts(out, "\n") <= 0)
-            return 0;
-        if (ASN1_parse_dump(out, str->data, str->length, indent, 0) <= 0)
-            ret = 0;
-        needlf = 0;
-        break;
-
-    default:
-        ret = ASN1_STRING_print_ex(out, str, pctx->str_flags);
-
-    }
-    if (!ret)
-        return 0;
-    if (needlf && BIO_puts(out, "\n") <= 0)
-        return 0;
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/asn1/tasn_typ.c b/thirdparty/openssl/crypto/asn1/tasn_typ.c
deleted file mode 100644
index 740e86d5fc..0000000000
--- a/thirdparty/openssl/crypto/asn1/tasn_typ.c
+++ /dev/null
@@ -1,149 +0,0 @@
-/* tasn_typ.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <stdio.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-
-/* Declarations for string types */
-
-
-IMPLEMENT_ASN1_TYPE(ASN1_INTEGER)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_INTEGER)
-
-IMPLEMENT_ASN1_TYPE(ASN1_ENUMERATED)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_ENUMERATED)
-
-IMPLEMENT_ASN1_TYPE(ASN1_BIT_STRING)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_BIT_STRING)
-
-IMPLEMENT_ASN1_TYPE(ASN1_OCTET_STRING)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
-
-IMPLEMENT_ASN1_TYPE(ASN1_NULL)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_NULL)
-
-IMPLEMENT_ASN1_TYPE(ASN1_OBJECT)
-
-IMPLEMENT_ASN1_TYPE(ASN1_UTF8STRING)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_UTF8STRING)
-
-IMPLEMENT_ASN1_TYPE(ASN1_PRINTABLESTRING)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING)
-
-IMPLEMENT_ASN1_TYPE(ASN1_T61STRING)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_T61STRING)
-
-IMPLEMENT_ASN1_TYPE(ASN1_IA5STRING)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_IA5STRING)
-
-IMPLEMENT_ASN1_TYPE(ASN1_GENERALSTRING)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_GENERALSTRING)
-
-IMPLEMENT_ASN1_TYPE(ASN1_UTCTIME)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_UTCTIME)
-
-IMPLEMENT_ASN1_TYPE(ASN1_GENERALIZEDTIME)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
-
-IMPLEMENT_ASN1_TYPE(ASN1_VISIBLESTRING)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
-
-IMPLEMENT_ASN1_TYPE(ASN1_UNIVERSALSTRING)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
-
-IMPLEMENT_ASN1_TYPE(ASN1_BMPSTRING)
-IMPLEMENT_ASN1_FUNCTIONS(ASN1_BMPSTRING)
-
-IMPLEMENT_ASN1_TYPE(ASN1_ANY)
-
-/* Just swallow an ASN1_SEQUENCE in an ASN1_STRING */
-IMPLEMENT_ASN1_TYPE(ASN1_SEQUENCE)
-
-IMPLEMENT_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
-
-/* Multistring types */
-
-IMPLEMENT_ASN1_MSTRING(ASN1_PRINTABLE, B_ASN1_PRINTABLE)
-IMPLEMENT_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE)
-
-IMPLEMENT_ASN1_MSTRING(DISPLAYTEXT, B_ASN1_DISPLAYTEXT)
-IMPLEMENT_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT)
-
-IMPLEMENT_ASN1_MSTRING(DIRECTORYSTRING, B_ASN1_DIRECTORYSTRING)
-IMPLEMENT_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING)
-
-/* Three separate BOOLEAN type: normal, DEFAULT TRUE and DEFAULT FALSE */
-IMPLEMENT_ASN1_TYPE_ex(ASN1_BOOLEAN, ASN1_BOOLEAN, -1)
-IMPLEMENT_ASN1_TYPE_ex(ASN1_TBOOLEAN, ASN1_BOOLEAN, 1)
-IMPLEMENT_ASN1_TYPE_ex(ASN1_FBOOLEAN, ASN1_BOOLEAN, 0)
-
-/* Special, OCTET STRING with indefinite length constructed support */
-
-IMPLEMENT_ASN1_TYPE_ex(ASN1_OCTET_STRING_NDEF, ASN1_OCTET_STRING, ASN1_TFLG_NDEF)
-
-ASN1_ITEM_TEMPLATE(ASN1_SEQUENCE_ANY) =
-        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, ASN1_SEQUENCE_ANY, ASN1_ANY)
-ASN1_ITEM_TEMPLATE_END(ASN1_SEQUENCE_ANY)
-
-ASN1_ITEM_TEMPLATE(ASN1_SET_ANY) =
-        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, ASN1_SET_ANY, ASN1_ANY)
-ASN1_ITEM_TEMPLATE_END(ASN1_SET_ANY)
-
-IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY)
-IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ASN1_SEQUENCE_ANY, ASN1_SET_ANY, ASN1_SET_ANY)
diff --git a/thirdparty/openssl/crypto/asn1/tasn_utl.c b/thirdparty/openssl/crypto/asn1/tasn_utl.c
deleted file mode 100644
index e14889feb1..0000000000
--- a/thirdparty/openssl/crypto/asn1/tasn_utl.c
+++ /dev/null
@@ -1,275 +0,0 @@
-/* tasn_utl.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stddef.h>
-#include <string.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/objects.h>
-#include <openssl/err.h>
-
-/* Utility functions for manipulating fields and offsets */
-
-/* Add 'offset' to 'addr' */
-#define offset2ptr(addr, offset) (void *)(((char *) addr) + offset)
-
-/*
- * Given an ASN1_ITEM CHOICE type return the selector value
- */
-
-int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-    int *sel = offset2ptr(*pval, it->utype);
-    return *sel;
-}
-
-/*
- * Given an ASN1_ITEM CHOICE type set the selector value, return old value.
- */
-
-int asn1_set_choice_selector(ASN1_VALUE **pval, int value,
-                             const ASN1_ITEM *it)
-{
-    int *sel, ret;
-    sel = offset2ptr(*pval, it->utype);
-    ret = *sel;
-    *sel = value;
-    return ret;
-}
-
-/*
- * Do reference counting. The value 'op' decides what to do. if it is +1
- * then the count is incremented. If op is 0 count is set to 1. If op is -1
- * count is decremented and the return value is the current refrence count or
- * 0 if no reference count exists.
- */
-
-int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it)
-{
-    const ASN1_AUX *aux;
-    int *lck, ret;
-    if ((it->itype != ASN1_ITYPE_SEQUENCE)
-        && (it->itype != ASN1_ITYPE_NDEF_SEQUENCE))
-        return 0;
-    aux = it->funcs;
-    if (!aux || !(aux->flags & ASN1_AFLG_REFCOUNT))
-        return 0;
-    lck = offset2ptr(*pval, aux->ref_offset);
-    if (op == 0) {
-        *lck = 1;
-        return 1;
-    }
-    ret = CRYPTO_add(lck, op, aux->ref_lock);
-#ifdef REF_PRINT
-    fprintf(stderr, "%s: Reference Count: %d\n", it->sname, *lck);
-#endif
-#ifdef REF_CHECK
-    if (ret < 0)
-        fprintf(stderr, "%s, bad reference count\n", it->sname);
-#endif
-    return ret;
-}
-
-static ASN1_ENCODING *asn1_get_enc_ptr(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-    const ASN1_AUX *aux;
-    if (!pval || !*pval)
-        return NULL;
-    aux = it->funcs;
-    if (!aux || !(aux->flags & ASN1_AFLG_ENCODING))
-        return NULL;
-    return offset2ptr(*pval, aux->enc_offset);
-}
-
-void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-    ASN1_ENCODING *enc;
-    enc = asn1_get_enc_ptr(pval, it);
-    if (enc) {
-        enc->enc = NULL;
-        enc->len = 0;
-        enc->modified = 1;
-    }
-}
-
-void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-    ASN1_ENCODING *enc;
-    enc = asn1_get_enc_ptr(pval, it);
-    if (enc) {
-        if (enc->enc)
-            OPENSSL_free(enc->enc);
-        enc->enc = NULL;
-        enc->len = 0;
-        enc->modified = 1;
-    }
-}
-
-int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen,
-                  const ASN1_ITEM *it)
-{
-    ASN1_ENCODING *enc;
-    enc = asn1_get_enc_ptr(pval, it);
-    if (!enc)
-        return 1;
-
-    if (enc->enc)
-        OPENSSL_free(enc->enc);
-    enc->enc = OPENSSL_malloc(inlen);
-    if (!enc->enc)
-        return 0;
-    memcpy(enc->enc, in, inlen);
-    enc->len = inlen;
-    enc->modified = 0;
-
-    return 1;
-}
-
-int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval,
-                     const ASN1_ITEM *it)
-{
-    ASN1_ENCODING *enc;
-    enc = asn1_get_enc_ptr(pval, it);
-    if (!enc || enc->modified)
-        return 0;
-    if (out) {
-        memcpy(*out, enc->enc, enc->len);
-        *out += enc->len;
-    }
-    if (len)
-        *len = enc->len;
-    return 1;
-}
-
-/* Given an ASN1_TEMPLATE get a pointer to a field */
-ASN1_VALUE **asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
-{
-    ASN1_VALUE **pvaltmp;
-    if (tt->flags & ASN1_TFLG_COMBINE)
-        return pval;
-    pvaltmp = offset2ptr(*pval, tt->offset);
-    /*
-     * NOTE for BOOLEAN types the field is just a plain int so we can't
-     * return int **, so settle for (int *).
-     */
-    return pvaltmp;
-}
-
-/*
- * Handle ANY DEFINED BY template, find the selector, look up the relevant
- * ASN1_TEMPLATE in the table and return it.
- */
-
-const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt,
-                                 int nullerr)
-{
-    const ASN1_ADB *adb;
-    const ASN1_ADB_TABLE *atbl;
-    long selector;
-    ASN1_VALUE **sfld;
-    int i;
-    if (!(tt->flags & ASN1_TFLG_ADB_MASK))
-        return tt;
-
-    /* Else ANY DEFINED BY ... get the table */
-    adb = ASN1_ADB_ptr(tt->item);
-
-    /* Get the selector field */
-    sfld = offset2ptr(*pval, adb->offset);
-
-    /* Check if NULL */
-    if (*sfld == NULL) {
-        if (!adb->null_tt)
-            goto err;
-        return adb->null_tt;
-    }
-
-    /*
-     * Convert type to a long: NB: don't check for NID_undef here because it
-     * might be a legitimate value in the table
-     */
-    if (tt->flags & ASN1_TFLG_ADB_OID)
-        selector = OBJ_obj2nid((ASN1_OBJECT *)*sfld);
-    else
-        selector = ASN1_INTEGER_get((ASN1_INTEGER *)*sfld);
-
-    /*
-     * Try to find matching entry in table Maybe should check application
-     * types first to allow application override? Might also be useful to
-     * have a flag which indicates table is sorted and we can do a binary
-     * search. For now stick to a linear search.
-     */
-
-    for (atbl = adb->tbl, i = 0; i < adb->tblcount; i++, atbl++)
-        if (atbl->value == selector)
-            return &atbl->tt;
-
-    /* FIXME: need to search application table too */
-
-    /* No match, return default type */
-    if (!adb->default_tt)
-        goto err;
-    return adb->default_tt;
-
- err:
-    /* FIXME: should log the value or OID of unsupported type */
-    if (nullerr)
-        ASN1err(ASN1_F_ASN1_DO_ADB, ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE);
-    return NULL;
-}
diff --git a/thirdparty/openssl/crypto/asn1/x_algor.c b/thirdparty/openssl/crypto/asn1/x_algor.c
deleted file mode 100644
index fd7d16d404..0000000000
--- a/thirdparty/openssl/crypto/asn1/x_algor.c
+++ /dev/null
@@ -1,148 +0,0 @@
-/* x_algor.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stddef.h>
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-
-ASN1_SEQUENCE(X509_ALGOR) = {
-        ASN1_SIMPLE(X509_ALGOR, algorithm, ASN1_OBJECT),
-        ASN1_OPT(X509_ALGOR, parameter, ASN1_ANY)
-} ASN1_SEQUENCE_END(X509_ALGOR)
-
-ASN1_ITEM_TEMPLATE(X509_ALGORS) =
-        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, algorithms, X509_ALGOR)
-ASN1_ITEM_TEMPLATE_END(X509_ALGORS)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_ALGOR)
-IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(X509_ALGORS, X509_ALGORS, X509_ALGORS)
-IMPLEMENT_ASN1_DUP_FUNCTION(X509_ALGOR)
-
-IMPLEMENT_STACK_OF(X509_ALGOR)
-IMPLEMENT_ASN1_SET_OF(X509_ALGOR)
-
-int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval)
-{
-    if (!alg)
-        return 0;
-    if (ptype != V_ASN1_UNDEF) {
-        if (alg->parameter == NULL)
-            alg->parameter = ASN1_TYPE_new();
-        if (alg->parameter == NULL)
-            return 0;
-    }
-    if (alg) {
-        if (alg->algorithm)
-            ASN1_OBJECT_free(alg->algorithm);
-        alg->algorithm = aobj;
-    }
-    if (ptype == 0)
-        return 1;
-    if (ptype == V_ASN1_UNDEF) {
-        if (alg->parameter) {
-            ASN1_TYPE_free(alg->parameter);
-            alg->parameter = NULL;
-        }
-    } else
-        ASN1_TYPE_set(alg->parameter, ptype, pval);
-    return 1;
-}
-
-void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
-                     X509_ALGOR *algor)
-{
-    if (paobj)
-        *paobj = algor->algorithm;
-    if (pptype) {
-        if (algor->parameter == NULL) {
-            *pptype = V_ASN1_UNDEF;
-            return;
-        } else
-            *pptype = algor->parameter->type;
-        if (ppval)
-            *ppval = algor->parameter->value.ptr;
-    }
-}
-
-/* Set up an X509_ALGOR DigestAlgorithmIdentifier from an EVP_MD */
-
-void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md)
-{
-    int param_type;
-
-    if (md->flags & EVP_MD_FLAG_DIGALGID_ABSENT)
-        param_type = V_ASN1_UNDEF;
-    else
-        param_type = V_ASN1_NULL;
-
-    X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL);
-
-}
-
-int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b)
-{
-    int rv;
-    rv = OBJ_cmp(a->algorithm, b->algorithm);
-    if (rv)
-        return rv;
-    if (!a->parameter && !b->parameter)
-        return 0;
-    return ASN1_TYPE_cmp(a->parameter, b->parameter);
-}
diff --git a/thirdparty/openssl/crypto/asn1/x_attrib.c b/thirdparty/openssl/crypto/asn1/x_attrib.c
deleted file mode 100644
index 93ef53bd5e..0000000000
--- a/thirdparty/openssl/crypto/asn1/x_attrib.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/* crypto/asn1/x_attrib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-
-/*-
- * X509_ATTRIBUTE: this has the following form:
- *
- * typedef struct x509_attributes_st
- *      {
- *      ASN1_OBJECT *object;
- *      int single;
- *      union   {
- *              char            *ptr;
- *              STACK_OF(ASN1_TYPE) *set;
- *              ASN1_TYPE       *single;
- *              } value;
- *      } X509_ATTRIBUTE;
- *
- * this needs some extra thought because the CHOICE type is
- * merged with the main structure and because the value can
- * be anything at all we *must* try the SET OF first because
- * the ASN1_ANY type will swallow anything including the whole
- * SET OF structure.
- */
-
-ASN1_CHOICE(X509_ATTRIBUTE_SET) = {
-        ASN1_SET_OF(X509_ATTRIBUTE, value.set, ASN1_ANY),
-        ASN1_SIMPLE(X509_ATTRIBUTE, value.single, ASN1_ANY)
-} ASN1_CHOICE_END_selector(X509_ATTRIBUTE, X509_ATTRIBUTE_SET, single)
-
-ASN1_SEQUENCE(X509_ATTRIBUTE) = {
-        ASN1_SIMPLE(X509_ATTRIBUTE, object, ASN1_OBJECT),
-        /* CHOICE type merged with parent */
-        ASN1_EX_COMBINE(0, 0, X509_ATTRIBUTE_SET)
-} ASN1_SEQUENCE_END(X509_ATTRIBUTE)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_ATTRIBUTE)
-IMPLEMENT_ASN1_DUP_FUNCTION(X509_ATTRIBUTE)
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value)
-{
-    X509_ATTRIBUTE *ret = NULL;
-    ASN1_TYPE *val = NULL;
-
-    if ((ret = X509_ATTRIBUTE_new()) == NULL)
-        return (NULL);
-    ret->object = OBJ_nid2obj(nid);
-    ret->single = 0;
-    if ((ret->value.set = sk_ASN1_TYPE_new_null()) == NULL)
-        goto err;
-    if ((val = ASN1_TYPE_new()) == NULL)
-        goto err;
-    if (!sk_ASN1_TYPE_push(ret->value.set, val))
-        goto err;
-
-    ASN1_TYPE_set(val, atrtype, value);
-    return (ret);
- err:
-    if (ret != NULL)
-        X509_ATTRIBUTE_free(ret);
-    if (val != NULL)
-        ASN1_TYPE_free(val);
-    return (NULL);
-}
diff --git a/thirdparty/openssl/crypto/asn1/x_bignum.c b/thirdparty/openssl/crypto/asn1/x_bignum.c
deleted file mode 100644
index c644199c9f..0000000000
--- a/thirdparty/openssl/crypto/asn1/x_bignum.c
+++ /dev/null
@@ -1,166 +0,0 @@
-/* x_bignum.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/bn.h>
-
-/*
- * Custom primitive type for BIGNUM handling. This reads in an ASN1_INTEGER
- * as a BIGNUM directly. Currently it ignores the sign which isn't a problem
- * since all BIGNUMs used are non negative and anything that looks negative
- * is normally due to an encoding error.
- */
-
-#define BN_SENSITIVE    1
-
-static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
-static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
-                  const ASN1_ITEM *it);
-static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
-                  int utype, char *free_cont, const ASN1_ITEM *it);
-static int bn_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                    int indent, const ASN1_PCTX *pctx);
-
-static ASN1_PRIMITIVE_FUNCS bignum_pf = {
-    NULL, 0,
-    bn_new,
-    bn_free,
-    0,
-    bn_c2i,
-    bn_i2c,
-    bn_print
-};
-
-ASN1_ITEM_start(BIGNUM)
-        ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &bignum_pf, 0, "BIGNUM"
-ASN1_ITEM_end(BIGNUM)
-
-ASN1_ITEM_start(CBIGNUM)
-        ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &bignum_pf, BN_SENSITIVE, "BIGNUM"
-ASN1_ITEM_end(CBIGNUM)
-
-static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-    *pval = (ASN1_VALUE *)BN_new();
-    if (*pval)
-        return 1;
-    else
-        return 0;
-}
-
-static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-    if (!*pval)
-        return;
-    if (it->size & BN_SENSITIVE)
-        BN_clear_free((BIGNUM *)*pval);
-    else
-        BN_free((BIGNUM *)*pval);
-    *pval = NULL;
-}
-
-static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
-                  const ASN1_ITEM *it)
-{
-    BIGNUM *bn;
-    int pad;
-    if (!*pval)
-        return -1;
-    bn = (BIGNUM *)*pval;
-    /* If MSB set in an octet we need a padding byte */
-    if (BN_num_bits(bn) & 0x7)
-        pad = 0;
-    else
-        pad = 1;
-    if (cont) {
-        if (pad)
-            *cont++ = 0;
-        BN_bn2bin(bn, cont);
-    }
-    return pad + BN_num_bytes(bn);
-}
-
-static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
-                  int utype, char *free_cont, const ASN1_ITEM *it)
-{
-    BIGNUM *bn;
-
-    if (*pval == NULL && !bn_new(pval, it))
-        return 0;
-    bn = (BIGNUM *)*pval;
-    if (!BN_bin2bn(cont, len, bn)) {
-        bn_free(pval, it);
-        return 0;
-    }
-    return 1;
-}
-
-static int bn_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                    int indent, const ASN1_PCTX *pctx)
-{
-    if (!BN_print(out, *(BIGNUM **)pval))
-        return 0;
-    if (BIO_puts(out, "\n") <= 0)
-        return 0;
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/asn1/x_crl.c b/thirdparty/openssl/crypto/asn1/x_crl.c
deleted file mode 100644
index c78ded89ef..0000000000
--- a/thirdparty/openssl/crypto/asn1/x_crl.c
+++ /dev/null
@@ -1,518 +0,0 @@
-/* crypto/asn1/x_crl.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include "asn1_locl.h"
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-static int X509_REVOKED_cmp(const X509_REVOKED *const *a,
-                            const X509_REVOKED *const *b);
-static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp);
-
-ASN1_SEQUENCE(X509_REVOKED) = {
-        ASN1_SIMPLE(X509_REVOKED,serialNumber, ASN1_INTEGER),
-        ASN1_SIMPLE(X509_REVOKED,revocationDate, ASN1_TIME),
-        ASN1_SEQUENCE_OF_OPT(X509_REVOKED,extensions, X509_EXTENSION)
-} ASN1_SEQUENCE_END(X509_REVOKED)
-
-static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r);
-static int def_crl_lookup(X509_CRL *crl,
-                          X509_REVOKED **ret, ASN1_INTEGER *serial,
-                          X509_NAME *issuer);
-
-static X509_CRL_METHOD int_crl_meth = {
-    0,
-    0, 0,
-    def_crl_lookup,
-    def_crl_verify
-};
-
-static const X509_CRL_METHOD *default_crl_method = &int_crl_meth;
-
-/*
- * The X509_CRL_INFO structure needs a bit of customisation. Since we cache
- * the original encoding the signature wont be affected by reordering of the
- * revoked field.
- */
-static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                      void *exarg)
-{
-    X509_CRL_INFO *a = (X509_CRL_INFO *)*pval;
-
-    if (!a || !a->revoked)
-        return 1;
-    switch (operation) {
-        /*
-         * Just set cmp function here. We don't sort because that would
-         * affect the output of X509_CRL_print().
-         */
-    case ASN1_OP_D2I_POST:
-        (void)sk_X509_REVOKED_set_cmp_func(a->revoked, X509_REVOKED_cmp);
-        break;
-    }
-    return 1;
-}
-
-
-ASN1_SEQUENCE_enc(X509_CRL_INFO, enc, crl_inf_cb) = {
-        ASN1_OPT(X509_CRL_INFO, version, ASN1_INTEGER),
-        ASN1_SIMPLE(X509_CRL_INFO, sig_alg, X509_ALGOR),
-        ASN1_SIMPLE(X509_CRL_INFO, issuer, X509_NAME),
-        ASN1_SIMPLE(X509_CRL_INFO, lastUpdate, ASN1_TIME),
-        ASN1_OPT(X509_CRL_INFO, nextUpdate, ASN1_TIME),
-        ASN1_SEQUENCE_OF_OPT(X509_CRL_INFO, revoked, X509_REVOKED),
-        ASN1_EXP_SEQUENCE_OF_OPT(X509_CRL_INFO, extensions, X509_EXTENSION, 0)
-} ASN1_SEQUENCE_END_enc(X509_CRL_INFO, X509_CRL_INFO)
-
-/*
- * Set CRL entry issuer according to CRL certificate issuer extension. Check
- * for unhandled critical CRL entry extensions.
- */
-
-static int crl_set_issuers(X509_CRL *crl)
-{
-
-    int i, j;
-    GENERAL_NAMES *gens, *gtmp;
-    STACK_OF(X509_REVOKED) *revoked;
-
-    revoked = X509_CRL_get_REVOKED(crl);
-
-    gens = NULL;
-    for (i = 0; i < sk_X509_REVOKED_num(revoked); i++) {
-        X509_REVOKED *rev = sk_X509_REVOKED_value(revoked, i);
-        STACK_OF(X509_EXTENSION) *exts;
-        ASN1_ENUMERATED *reason;
-        X509_EXTENSION *ext;
-        gtmp = X509_REVOKED_get_ext_d2i(rev,
-                                        NID_certificate_issuer, &j, NULL);
-        if (!gtmp && (j != -1)) {
-            crl->flags |= EXFLAG_INVALID;
-            return 1;
-        }
-
-        if (gtmp) {
-            gens = gtmp;
-            if (!crl->issuers) {
-                crl->issuers = sk_GENERAL_NAMES_new_null();
-                if (!crl->issuers)
-                    return 0;
-            }
-            if (!sk_GENERAL_NAMES_push(crl->issuers, gtmp))
-                return 0;
-        }
-        rev->issuer = gens;
-
-        reason = X509_REVOKED_get_ext_d2i(rev, NID_crl_reason, &j, NULL);
-        if (!reason && (j != -1)) {
-            crl->flags |= EXFLAG_INVALID;
-            return 1;
-        }
-
-        if (reason) {
-            rev->reason = ASN1_ENUMERATED_get(reason);
-            ASN1_ENUMERATED_free(reason);
-        } else
-            rev->reason = CRL_REASON_NONE;
-
-        /* Check for critical CRL entry extensions */
-
-        exts = rev->extensions;
-
-        for (j = 0; j < sk_X509_EXTENSION_num(exts); j++) {
-            ext = sk_X509_EXTENSION_value(exts, j);
-            if (ext->critical > 0) {
-                if (OBJ_obj2nid(ext->object) == NID_certificate_issuer)
-                    continue;
-                crl->flags |= EXFLAG_CRITICAL;
-                break;
-            }
-        }
-
-    }
-
-    return 1;
-
-}
-
-/*
- * The X509_CRL structure needs a bit of customisation. Cache some extensions
- * and hash of the whole CRL.
- */
-static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                  void *exarg)
-{
-    X509_CRL *crl = (X509_CRL *)*pval;
-    STACK_OF(X509_EXTENSION) *exts;
-    X509_EXTENSION *ext;
-    int idx;
-
-    switch (operation) {
-    case ASN1_OP_NEW_POST:
-        crl->idp = NULL;
-        crl->akid = NULL;
-        crl->flags = 0;
-        crl->idp_flags = 0;
-        crl->idp_reasons = CRLDP_ALL_REASONS;
-        crl->meth = default_crl_method;
-        crl->meth_data = NULL;
-        crl->issuers = NULL;
-        crl->crl_number = NULL;
-        crl->base_crl_number = NULL;
-        break;
-
-    case ASN1_OP_D2I_POST:
-#ifndef OPENSSL_NO_SHA
-        X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL);
-#endif
-        crl->idp = X509_CRL_get_ext_d2i(crl,
-                                        NID_issuing_distribution_point, NULL,
-                                        NULL);
-        if (crl->idp)
-            setup_idp(crl, crl->idp);
-
-        crl->akid = X509_CRL_get_ext_d2i(crl,
-                                         NID_authority_key_identifier, NULL,
-                                         NULL);
-
-        crl->crl_number = X509_CRL_get_ext_d2i(crl,
-                                               NID_crl_number, NULL, NULL);
-
-        crl->base_crl_number = X509_CRL_get_ext_d2i(crl,
-                                                    NID_delta_crl, NULL,
-                                                    NULL);
-        /* Delta CRLs must have CRL number */
-        if (crl->base_crl_number && !crl->crl_number)
-            crl->flags |= EXFLAG_INVALID;
-
-        /*
-         * See if we have any unhandled critical CRL extensions and indicate
-         * this in a flag. We only currently handle IDP so anything else
-         * critical sets the flag. This code accesses the X509_CRL structure
-         * directly: applications shouldn't do this.
-         */
-
-        exts = crl->crl->extensions;
-
-        for (idx = 0; idx < sk_X509_EXTENSION_num(exts); idx++) {
-            int nid;
-
-            ext = sk_X509_EXTENSION_value(exts, idx);
-            nid = OBJ_obj2nid(ext->object);
-            if (nid == NID_freshest_crl)
-                crl->flags |= EXFLAG_FRESHEST;
-            if (ext->critical > 0) {
-                /* We handle IDP and deltas */
-                if ((nid == NID_issuing_distribution_point)
-                    || (nid == NID_authority_key_identifier)
-                    || (nid == NID_delta_crl))
-                    continue;
-                crl->flags |= EXFLAG_CRITICAL;
-                break;
-            }
-        }
-
-        if (!crl_set_issuers(crl))
-            return 0;
-
-        if (crl->meth->crl_init) {
-            if (crl->meth->crl_init(crl) == 0)
-                return 0;
-        }
-        break;
-
-    case ASN1_OP_FREE_POST:
-        if (crl->meth->crl_free) {
-            if (!crl->meth->crl_free(crl))
-                return 0;
-        }
-        if (crl->akid)
-            AUTHORITY_KEYID_free(crl->akid);
-        if (crl->idp)
-            ISSUING_DIST_POINT_free(crl->idp);
-        ASN1_INTEGER_free(crl->crl_number);
-        ASN1_INTEGER_free(crl->base_crl_number);
-        sk_GENERAL_NAMES_pop_free(crl->issuers, GENERAL_NAMES_free);
-        break;
-    }
-    return 1;
-}
-
-/* Convert IDP into a more convenient form */
-
-static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp)
-{
-    int idp_only = 0;
-    /* Set various flags according to IDP */
-    crl->idp_flags |= IDP_PRESENT;
-    if (idp->onlyuser > 0) {
-        idp_only++;
-        crl->idp_flags |= IDP_ONLYUSER;
-    }
-    if (idp->onlyCA > 0) {
-        idp_only++;
-        crl->idp_flags |= IDP_ONLYCA;
-    }
-    if (idp->onlyattr > 0) {
-        idp_only++;
-        crl->idp_flags |= IDP_ONLYATTR;
-    }
-
-    if (idp_only > 1)
-        crl->idp_flags |= IDP_INVALID;
-
-    if (idp->indirectCRL > 0)
-        crl->idp_flags |= IDP_INDIRECT;
-
-    if (idp->onlysomereasons) {
-        crl->idp_flags |= IDP_REASONS;
-        if (idp->onlysomereasons->length > 0)
-            crl->idp_reasons = idp->onlysomereasons->data[0];
-        if (idp->onlysomereasons->length > 1)
-            crl->idp_reasons |= (idp->onlysomereasons->data[1] << 8);
-        crl->idp_reasons &= CRLDP_ALL_REASONS;
-    }
-
-    DIST_POINT_set_dpname(idp->distpoint, X509_CRL_get_issuer(crl));
-}
-
-ASN1_SEQUENCE_ref(X509_CRL, crl_cb, CRYPTO_LOCK_X509_CRL) = {
-        ASN1_SIMPLE(X509_CRL, crl, X509_CRL_INFO),
-        ASN1_SIMPLE(X509_CRL, sig_alg, X509_ALGOR),
-        ASN1_SIMPLE(X509_CRL, signature, ASN1_BIT_STRING)
-} ASN1_SEQUENCE_END_ref(X509_CRL, X509_CRL)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_REVOKED)
-
-IMPLEMENT_ASN1_DUP_FUNCTION(X509_REVOKED)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_CRL_INFO)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_CRL)
-
-IMPLEMENT_ASN1_DUP_FUNCTION(X509_CRL)
-
-static int X509_REVOKED_cmp(const X509_REVOKED *const *a,
-                            const X509_REVOKED *const *b)
-{
-    return (ASN1_STRING_cmp((ASN1_STRING *)(*a)->serialNumber,
-                            (ASN1_STRING *)(*b)->serialNumber));
-}
-
-int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
-{
-    X509_CRL_INFO *inf;
-    inf = crl->crl;
-    if (!inf->revoked)
-        inf->revoked = sk_X509_REVOKED_new(X509_REVOKED_cmp);
-    if (!inf->revoked || !sk_X509_REVOKED_push(inf->revoked, rev)) {
-        ASN1err(ASN1_F_X509_CRL_ADD0_REVOKED, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    inf->enc.modified = 1;
-    return 1;
-}
-
-int X509_CRL_verify(X509_CRL *crl, EVP_PKEY *r)
-{
-    if (crl->meth->crl_verify)
-        return crl->meth->crl_verify(crl, r);
-    return 0;
-}
-
-int X509_CRL_get0_by_serial(X509_CRL *crl,
-                            X509_REVOKED **ret, ASN1_INTEGER *serial)
-{
-    if (crl->meth->crl_lookup)
-        return crl->meth->crl_lookup(crl, ret, serial, NULL);
-    return 0;
-}
-
-int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x)
-{
-    if (crl->meth->crl_lookup)
-        return crl->meth->crl_lookup(crl, ret,
-                                     X509_get_serialNumber(x),
-                                     X509_get_issuer_name(x));
-    return 0;
-}
-
-static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r)
-{
-    return (ASN1_item_verify(ASN1_ITEM_rptr(X509_CRL_INFO),
-                             crl->sig_alg, crl->signature, crl->crl, r));
-}
-
-static int crl_revoked_issuer_match(X509_CRL *crl, X509_NAME *nm,
-                                    X509_REVOKED *rev)
-{
-    int i;
-
-    if (!rev->issuer) {
-        if (!nm)
-            return 1;
-        if (!X509_NAME_cmp(nm, X509_CRL_get_issuer(crl)))
-            return 1;
-        return 0;
-    }
-
-    if (!nm)
-        nm = X509_CRL_get_issuer(crl);
-
-    for (i = 0; i < sk_GENERAL_NAME_num(rev->issuer); i++) {
-        GENERAL_NAME *gen = sk_GENERAL_NAME_value(rev->issuer, i);
-        if (gen->type != GEN_DIRNAME)
-            continue;
-        if (!X509_NAME_cmp(nm, gen->d.directoryName))
-            return 1;
-    }
-    return 0;
-
-}
-
-static int def_crl_lookup(X509_CRL *crl,
-                          X509_REVOKED **ret, ASN1_INTEGER *serial,
-                          X509_NAME *issuer)
-{
-    X509_REVOKED rtmp, *rev;
-    int idx;
-    rtmp.serialNumber = serial;
-    /*
-     * Sort revoked into serial number order if not already sorted. Do this
-     * under a lock to avoid race condition.
-     */
-    if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked)) {
-        CRYPTO_w_lock(CRYPTO_LOCK_X509_CRL);
-        sk_X509_REVOKED_sort(crl->crl->revoked);
-        CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL);
-    }
-    idx = sk_X509_REVOKED_find(crl->crl->revoked, &rtmp);
-    if (idx < 0)
-        return 0;
-    /* Need to look for matching name */
-    for (; idx < sk_X509_REVOKED_num(crl->crl->revoked); idx++) {
-        rev = sk_X509_REVOKED_value(crl->crl->revoked, idx);
-        if (ASN1_INTEGER_cmp(rev->serialNumber, serial))
-            return 0;
-        if (crl_revoked_issuer_match(crl, issuer, rev)) {
-            if (ret)
-                *ret = rev;
-            if (rev->reason == CRL_REASON_REMOVE_FROM_CRL)
-                return 2;
-            return 1;
-        }
-    }
-    return 0;
-}
-
-void X509_CRL_set_default_method(const X509_CRL_METHOD *meth)
-{
-    if (meth == NULL)
-        default_crl_method = &int_crl_meth;
-    else
-        default_crl_method = meth;
-}
-
-X509_CRL_METHOD *X509_CRL_METHOD_new(int (*crl_init) (X509_CRL *crl),
-                                     int (*crl_free) (X509_CRL *crl),
-                                     int (*crl_lookup) (X509_CRL *crl,
-                                                        X509_REVOKED **ret,
-                                                        ASN1_INTEGER *ser,
-                                                        X509_NAME *issuer),
-                                     int (*crl_verify) (X509_CRL *crl,
-                                                        EVP_PKEY *pk))
-{
-    X509_CRL_METHOD *m;
-    m = OPENSSL_malloc(sizeof(X509_CRL_METHOD));
-    if (!m)
-        return NULL;
-    m->crl_init = crl_init;
-    m->crl_free = crl_free;
-    m->crl_lookup = crl_lookup;
-    m->crl_verify = crl_verify;
-    m->flags = X509_CRL_METHOD_DYNAMIC;
-    return m;
-}
-
-void X509_CRL_METHOD_free(X509_CRL_METHOD *m)
-{
-    if (!(m->flags & X509_CRL_METHOD_DYNAMIC))
-        return;
-    OPENSSL_free(m);
-}
-
-void X509_CRL_set_meth_data(X509_CRL *crl, void *dat)
-{
-    crl->meth_data = dat;
-}
-
-void *X509_CRL_get_meth_data(X509_CRL *crl)
-{
-    return crl->meth_data;
-}
-
-IMPLEMENT_STACK_OF(X509_REVOKED)
-
-IMPLEMENT_ASN1_SET_OF(X509_REVOKED)
-
-IMPLEMENT_STACK_OF(X509_CRL)
-
-IMPLEMENT_ASN1_SET_OF(X509_CRL)
diff --git a/thirdparty/openssl/crypto/asn1/x_exten.c b/thirdparty/openssl/crypto/asn1/x_exten.c
deleted file mode 100644
index 00a9580aa7..0000000000
--- a/thirdparty/openssl/crypto/asn1/x_exten.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/* x_exten.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stddef.h>
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-
-ASN1_SEQUENCE(X509_EXTENSION) = {
-        ASN1_SIMPLE(X509_EXTENSION, object, ASN1_OBJECT),
-        ASN1_OPT(X509_EXTENSION, critical, ASN1_BOOLEAN),
-        ASN1_SIMPLE(X509_EXTENSION, value, ASN1_OCTET_STRING)
-} ASN1_SEQUENCE_END(X509_EXTENSION)
-
-ASN1_ITEM_TEMPLATE(X509_EXTENSIONS) =
-        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Extension, X509_EXTENSION)
-ASN1_ITEM_TEMPLATE_END(X509_EXTENSIONS)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_EXTENSION)
-IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS)
-IMPLEMENT_ASN1_DUP_FUNCTION(X509_EXTENSION)
diff --git a/thirdparty/openssl/crypto/asn1/x_info.c b/thirdparty/openssl/crypto/asn1/x_info.c
deleted file mode 100644
index 067fd72a6e..0000000000
--- a/thirdparty/openssl/crypto/asn1/x_info.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* crypto/asn1/x_info.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/asn1.h>
-#include <openssl/x509.h>
-
-X509_INFO *X509_INFO_new(void)
-{
-    X509_INFO *ret = NULL;
-
-    ret = (X509_INFO *)OPENSSL_malloc(sizeof(X509_INFO));
-    if (ret == NULL) {
-        ASN1err(ASN1_F_X509_INFO_NEW, ERR_R_MALLOC_FAILURE);
-        return (NULL);
-    }
-
-    ret->enc_cipher.cipher = NULL;
-    ret->enc_len = 0;
-    ret->enc_data = NULL;
-
-    ret->references = 1;
-    ret->x509 = NULL;
-    ret->crl = NULL;
-    ret->x_pkey = NULL;
-    return (ret);
-}
-
-void X509_INFO_free(X509_INFO *x)
-{
-    int i;
-
-    if (x == NULL)
-        return;
-
-    i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_X509_INFO);
-#ifdef REF_PRINT
-    REF_PRINT("X509_INFO", x);
-#endif
-    if (i > 0)
-        return;
-#ifdef REF_CHECK
-    if (i < 0) {
-        fprintf(stderr, "X509_INFO_free, bad reference count\n");
-        abort();
-    }
-#endif
-
-    if (x->x509 != NULL)
-        X509_free(x->x509);
-    if (x->crl != NULL)
-        X509_CRL_free(x->crl);
-    if (x->x_pkey != NULL)
-        X509_PKEY_free(x->x_pkey);
-    if (x->enc_data != NULL)
-        OPENSSL_free(x->enc_data);
-    OPENSSL_free(x);
-}
-
-IMPLEMENT_STACK_OF(X509_INFO)
diff --git a/thirdparty/openssl/crypto/asn1/x_long.c b/thirdparty/openssl/crypto/asn1/x_long.c
deleted file mode 100644
index aecb95069d..0000000000
--- a/thirdparty/openssl/crypto/asn1/x_long.c
+++ /dev/null
@@ -1,218 +0,0 @@
-/* x_long.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/bn.h>
-
-/*
- * Custom primitive type for long handling. This converts between an
- * ASN1_INTEGER and a long directly.
- */
-
-static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
-static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
-                    const ASN1_ITEM *it);
-static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
-                    int utype, char *free_cont, const ASN1_ITEM *it);
-static int long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                      int indent, const ASN1_PCTX *pctx);
-
-static ASN1_PRIMITIVE_FUNCS long_pf = {
-    NULL, 0,
-    long_new,
-    long_free,
-    long_free,                  /* Clear should set to initial value */
-    long_c2i,
-    long_i2c,
-    long_print
-};
-
-ASN1_ITEM_start(LONG)
-        ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, ASN1_LONG_UNDEF, "LONG"
-ASN1_ITEM_end(LONG)
-
-ASN1_ITEM_start(ZLONG)
-        ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, 0, "ZLONG"
-ASN1_ITEM_end(ZLONG)
-
-static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-    *(long *)pval = it->size;
-    return 1;
-}
-
-static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-    *(long *)pval = it->size;
-}
-
-static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
-                    const ASN1_ITEM *it)
-{
-    long ltmp;
-    unsigned long utmp;
-    int clen, pad, i;
-    /* this exists to bypass broken gcc optimization */
-    char *cp = (char *)pval;
-
-    /* use memcpy, because we may not be long aligned */
-    memcpy(&ltmp, cp, sizeof(long));
-
-    if (ltmp == it->size)
-        return -1;
-    /*
-     * Convert the long to positive: we subtract one if negative so we can
-     * cleanly handle the padding if only the MSB of the leading octet is
-     * set.
-     */
-    if (ltmp < 0)
-        utmp = 0 - (unsigned long)ltmp - 1;
-    else
-        utmp = ltmp;
-    clen = BN_num_bits_word(utmp);
-    /* If MSB of leading octet set we need to pad */
-    if (!(clen & 0x7))
-        pad = 1;
-    else
-        pad = 0;
-
-    /* Convert number of bits to number of octets */
-    clen = (clen + 7) >> 3;
-
-    if (cont) {
-        if (pad)
-            *cont++ = (ltmp < 0) ? 0xff : 0;
-        for (i = clen - 1; i >= 0; i--) {
-            cont[i] = (unsigned char)(utmp & 0xff);
-            if (ltmp < 0)
-                cont[i] ^= 0xff;
-            utmp >>= 8;
-        }
-    }
-    return clen + pad;
-}
-
-static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
-                    int utype, char *free_cont, const ASN1_ITEM *it)
-{
-    int neg = -1, i;
-    long ltmp;
-    unsigned long utmp = 0;
-    char *cp = (char *)pval;
-
-    if (len) {
-        /*
-         * Check possible pad byte.  Worst case, we're skipping past actual
-         * content, but since that's only with 0x00 and 0xff and we set neg
-         * accordingly, the result will be correct in the end anyway.
-         */
-        switch (cont[0]) {
-        case 0xff:
-            cont++;
-            len--;
-            neg = 1;
-            break;
-        case 0:
-            cont++;
-            len--;
-            neg = 0;
-            break;
-        }
-    }
-    if (len > (int)sizeof(long)) {
-        ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
-        return 0;
-    }
-    if (neg == -1) {
-        /* Is it negative? */
-        if (len && (cont[0] & 0x80))
-            neg = 1;
-        else
-            neg = 0;
-    }
-    utmp = 0;
-    for (i = 0; i < len; i++) {
-        utmp <<= 8;
-        if (neg)
-            utmp |= cont[i] ^ 0xff;
-        else
-            utmp |= cont[i];
-    }
-    ltmp = (long)utmp;
-    if (neg) {
-        ltmp = -ltmp;
-        ltmp--;
-    }
-    if (ltmp == it->size) {
-        ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
-        return 0;
-    }
-    memcpy(cp, &ltmp, sizeof(long));
-    return 1;
-}
-
-static int long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                      int indent, const ASN1_PCTX *pctx)
-{
-    return BIO_printf(out, "%ld\n", *(long *)pval);
-}
diff --git a/thirdparty/openssl/crypto/asn1/x_name.c b/thirdparty/openssl/crypto/asn1/x_name.c
deleted file mode 100644
index 1fb7ad1cbf..0000000000
--- a/thirdparty/openssl/crypto/asn1/x_name.c
+++ /dev/null
@@ -1,543 +0,0 @@
-/* crypto/asn1/x_name.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include "asn1_locl.h"
-
-typedef STACK_OF(X509_NAME_ENTRY) STACK_OF_X509_NAME_ENTRY;
-DECLARE_STACK_OF(STACK_OF_X509_NAME_ENTRY)
-
-/*
- * Maximum length of X509_NAME: much larger than anything we should
- * ever see in practice.
- */
-
-#define X509_NAME_MAX (1024 * 1024)
-
-static int x509_name_ex_d2i(ASN1_VALUE **val,
-                            const unsigned char **in, long len,
-                            const ASN1_ITEM *it,
-                            int tag, int aclass, char opt, ASN1_TLC *ctx);
-
-static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out,
-                            const ASN1_ITEM *it, int tag, int aclass);
-static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it);
-static void x509_name_ex_free(ASN1_VALUE **val, const ASN1_ITEM *it);
-
-static int x509_name_encode(X509_NAME *a);
-static int x509_name_canon(X509_NAME *a);
-static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in);
-static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) * intname,
-                          unsigned char **in);
-
-static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval,
-                              int indent,
-                              const char *fname, const ASN1_PCTX *pctx);
-
-ASN1_SEQUENCE(X509_NAME_ENTRY) = {
-        ASN1_SIMPLE(X509_NAME_ENTRY, object, ASN1_OBJECT),
-        ASN1_SIMPLE(X509_NAME_ENTRY, value, ASN1_PRINTABLE)
-} ASN1_SEQUENCE_END(X509_NAME_ENTRY)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_NAME_ENTRY)
-IMPLEMENT_ASN1_DUP_FUNCTION(X509_NAME_ENTRY)
-
-/*
- * For the "Name" type we need a SEQUENCE OF { SET OF X509_NAME_ENTRY } so
- * declare two template wrappers for this
- */
-
-ASN1_ITEM_TEMPLATE(X509_NAME_ENTRIES) =
-        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, RDNS, X509_NAME_ENTRY)
-ASN1_ITEM_TEMPLATE_END(X509_NAME_ENTRIES)
-
-ASN1_ITEM_TEMPLATE(X509_NAME_INTERNAL) =
-        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Name, X509_NAME_ENTRIES)
-ASN1_ITEM_TEMPLATE_END(X509_NAME_INTERNAL)
-
-/*
- * Normally that's where it would end: we'd have two nested STACK structures
- * representing the ASN1. Unfortunately X509_NAME uses a completely different
- * form and caches encodings so we have to process the internal form and
- * convert to the external form.
- */
-
-const ASN1_EXTERN_FUNCS x509_name_ff = {
-    NULL,
-    x509_name_ex_new,
-    x509_name_ex_free,
-    0,                          /* Default clear behaviour is OK */
-    x509_name_ex_d2i,
-    x509_name_ex_i2d,
-    x509_name_ex_print
-};
-
-IMPLEMENT_EXTERN_ASN1(X509_NAME, V_ASN1_SEQUENCE, x509_name_ff)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_NAME)
-
-IMPLEMENT_ASN1_DUP_FUNCTION(X509_NAME)
-
-static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it)
-{
-    X509_NAME *ret = NULL;
-    ret = OPENSSL_malloc(sizeof(X509_NAME));
-    if (!ret)
-        goto memerr;
-    if ((ret->entries = sk_X509_NAME_ENTRY_new_null()) == NULL)
-        goto memerr;
-    if ((ret->bytes = BUF_MEM_new()) == NULL)
-        goto memerr;
-    ret->canon_enc = NULL;
-    ret->canon_enclen = 0;
-    ret->modified = 1;
-    *val = (ASN1_VALUE *)ret;
-    return 1;
-
- memerr:
-    ASN1err(ASN1_F_X509_NAME_EX_NEW, ERR_R_MALLOC_FAILURE);
-    if (ret) {
-        if (ret->entries)
-            sk_X509_NAME_ENTRY_free(ret->entries);
-        OPENSSL_free(ret);
-    }
-    return 0;
-}
-
-static void x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-    X509_NAME *a;
-    if (!pval || !*pval)
-        return;
-    a = (X509_NAME *)*pval;
-
-    BUF_MEM_free(a->bytes);
-    sk_X509_NAME_ENTRY_pop_free(a->entries, X509_NAME_ENTRY_free);
-    if (a->canon_enc)
-        OPENSSL_free(a->canon_enc);
-    OPENSSL_free(a);
-    *pval = NULL;
-}
-
-static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne)
-{
-    sk_X509_NAME_ENTRY_free(ne);
-}
-
-static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne)
-{
-    sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free);
-}
-
-static int x509_name_ex_d2i(ASN1_VALUE **val,
-                            const unsigned char **in, long len,
-                            const ASN1_ITEM *it, int tag, int aclass,
-                            char opt, ASN1_TLC *ctx)
-{
-    const unsigned char *p = *in, *q;
-    union {
-        STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
-        ASN1_VALUE *a;
-    } intname = {
-        NULL
-    };
-    union {
-        X509_NAME *x;
-        ASN1_VALUE *a;
-    } nm = {
-        NULL
-    };
-    int i, j, ret;
-    STACK_OF(X509_NAME_ENTRY) *entries;
-    X509_NAME_ENTRY *entry;
-    if (len > X509_NAME_MAX)
-        len = X509_NAME_MAX;
-    q = p;
-
-    /* Get internal representation of Name */
-    ret = ASN1_item_ex_d2i(&intname.a,
-                           &p, len, ASN1_ITEM_rptr(X509_NAME_INTERNAL),
-                           tag, aclass, opt, ctx);
-
-    if (ret <= 0)
-        return ret;
-
-    if (*val)
-        x509_name_ex_free(val, NULL);
-    if (!x509_name_ex_new(&nm.a, NULL))
-        goto err;
-    /* We've decoded it: now cache encoding */
-    if (!BUF_MEM_grow(nm.x->bytes, p - q))
-        goto err;
-    memcpy(nm.x->bytes->data, q, p - q);
-
-    /* Convert internal representation to X509_NAME structure */
-    for (i = 0; i < sk_STACK_OF_X509_NAME_ENTRY_num(intname.s); i++) {
-        entries = sk_STACK_OF_X509_NAME_ENTRY_value(intname.s, i);
-        for (j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) {
-            entry = sk_X509_NAME_ENTRY_value(entries, j);
-            entry->set = i;
-            if (!sk_X509_NAME_ENTRY_push(nm.x->entries, entry))
-                goto err;
-            sk_X509_NAME_ENTRY_set(entries, j, NULL);
-        }
-    }
-    ret = x509_name_canon(nm.x);
-    if (!ret)
-        goto err;
-    sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
-                                         local_sk_X509_NAME_ENTRY_free);
-    nm.x->modified = 0;
-    *val = nm.a;
-    *in = p;
-    return ret;
- err:
-    if (nm.x != NULL)
-        X509_NAME_free(nm.x);
-    sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
-                                         local_sk_X509_NAME_ENTRY_pop_free);
-    ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-    return 0;
-}
-
-static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out,
-                            const ASN1_ITEM *it, int tag, int aclass)
-{
-    int ret;
-    X509_NAME *a = (X509_NAME *)*val;
-    if (a->modified) {
-        ret = x509_name_encode(a);
-        if (ret < 0)
-            return ret;
-        ret = x509_name_canon(a);
-        if (ret < 0)
-            return ret;
-    }
-    ret = a->bytes->length;
-    if (out != NULL) {
-        memcpy(*out, a->bytes->data, ret);
-        *out += ret;
-    }
-    return ret;
-}
-
-static int x509_name_encode(X509_NAME *a)
-{
-    union {
-        STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
-        ASN1_VALUE *a;
-    } intname = {
-        NULL
-    };
-    int len;
-    unsigned char *p;
-    STACK_OF(X509_NAME_ENTRY) *entries = NULL;
-    X509_NAME_ENTRY *entry;
-    int i, set = -1;
-    intname.s = sk_STACK_OF_X509_NAME_ENTRY_new_null();
-    if (!intname.s)
-        goto memerr;
-    for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
-        entry = sk_X509_NAME_ENTRY_value(a->entries, i);
-        if (entry->set != set) {
-            entries = sk_X509_NAME_ENTRY_new_null();
-            if (!entries)
-                goto memerr;
-            if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s, entries)) {
-                sk_X509_NAME_ENTRY_free(entries);
-                goto memerr;
-            }
-            set = entry->set;
-        }
-        if (!sk_X509_NAME_ENTRY_push(entries, entry))
-            goto memerr;
-    }
-    len = ASN1_item_ex_i2d(&intname.a, NULL,
-                           ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
-    if (!BUF_MEM_grow(a->bytes, len))
-        goto memerr;
-    p = (unsigned char *)a->bytes->data;
-    ASN1_item_ex_i2d(&intname.a,
-                     &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
-    sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
-                                         local_sk_X509_NAME_ENTRY_free);
-    a->modified = 0;
-    return len;
- memerr:
-    sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
-                                         local_sk_X509_NAME_ENTRY_free);
-    ASN1err(ASN1_F_X509_NAME_ENCODE, ERR_R_MALLOC_FAILURE);
-    return -1;
-}
-
-static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval,
-                              int indent,
-                              const char *fname, const ASN1_PCTX *pctx)
-{
-    if (X509_NAME_print_ex(out, (X509_NAME *)*pval,
-                           indent, pctx->nm_flags) <= 0)
-        return 0;
-    return 2;
-}
-
-/*
- * This function generates the canonical encoding of the Name structure. In
- * it all strings are converted to UTF8, leading, trailing and multiple
- * spaces collapsed, converted to lower case and the leading SEQUENCE header
- * removed. In future we could also normalize the UTF8 too. By doing this
- * comparison of Name structures can be rapidly perfomed by just using
- * memcmp() of the canonical encoding. By omitting the leading SEQUENCE name
- * constraints of type dirName can also be checked with a simple memcmp().
- */
-
-static int x509_name_canon(X509_NAME *a)
-{
-    unsigned char *p;
-    STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname = NULL;
-    STACK_OF(X509_NAME_ENTRY) *entries = NULL;
-    X509_NAME_ENTRY *entry, *tmpentry = NULL;
-    int i, set = -1, ret = 0;
-
-    if (a->canon_enc) {
-        OPENSSL_free(a->canon_enc);
-        a->canon_enc = NULL;
-    }
-    /* Special case: empty X509_NAME => null encoding */
-    if (sk_X509_NAME_ENTRY_num(a->entries) == 0) {
-        a->canon_enclen = 0;
-        return 1;
-    }
-    intname = sk_STACK_OF_X509_NAME_ENTRY_new_null();
-    if (!intname)
-        goto err;
-    for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
-        entry = sk_X509_NAME_ENTRY_value(a->entries, i);
-        if (entry->set != set) {
-            entries = sk_X509_NAME_ENTRY_new_null();
-            if (!entries)
-                goto err;
-            if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries)) {
-                sk_X509_NAME_ENTRY_free(entries);
-                goto err;
-            }
-            set = entry->set;
-        }
-        tmpentry = X509_NAME_ENTRY_new();
-        if (!tmpentry)
-            goto err;
-        tmpentry->object = OBJ_dup(entry->object);
-        if (!asn1_string_canon(tmpentry->value, entry->value))
-            goto err;
-        if (!sk_X509_NAME_ENTRY_push(entries, tmpentry))
-            goto err;
-        tmpentry = NULL;
-    }
-
-    /* Finally generate encoding */
-
-    a->canon_enclen = i2d_name_canon(intname, NULL);
-
-    p = OPENSSL_malloc(a->canon_enclen);
-
-    if (!p)
-        goto err;
-
-    a->canon_enc = p;
-
-    i2d_name_canon(intname, &p);
-
-    ret = 1;
-
- err:
-
-    if (tmpentry)
-        X509_NAME_ENTRY_free(tmpentry);
-    if (intname)
-        sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname,
-                                             local_sk_X509_NAME_ENTRY_pop_free);
-    return ret;
-}
-
-/* Bitmap of all the types of string that will be canonicalized. */
-
-#define ASN1_MASK_CANON \
-        (B_ASN1_UTF8STRING | B_ASN1_BMPSTRING | B_ASN1_UNIVERSALSTRING \
-        | B_ASN1_PRINTABLESTRING | B_ASN1_T61STRING | B_ASN1_IA5STRING \
-        | B_ASN1_VISIBLESTRING)
-
-static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in)
-{
-    unsigned char *to, *from;
-    int len, i;
-
-    /* If type not in bitmask just copy string across */
-    if (!(ASN1_tag2bit(in->type) & ASN1_MASK_CANON)) {
-        if (!ASN1_STRING_copy(out, in))
-            return 0;
-        return 1;
-    }
-
-    out->type = V_ASN1_UTF8STRING;
-    out->length = ASN1_STRING_to_UTF8(&out->data, in);
-    if (out->length == -1)
-        return 0;
-
-    to = out->data;
-    from = to;
-
-    len = out->length;
-
-    /*
-     * Convert string in place to canonical form. Ultimately we may need to
-     * handle a wider range of characters but for now ignore anything with
-     * MSB set and rely on the isspace() and tolower() functions.
-     */
-
-    /* Ignore leading spaces */
-    while ((len > 0) && !(*from & 0x80) && isspace(*from)) {
-        from++;
-        len--;
-    }
-
-    to = from + len - 1;
-
-    /* Ignore trailing spaces */
-    while ((len > 0) && !(*to & 0x80) && isspace(*to)) {
-        to--;
-        len--;
-    }
-
-    to = out->data;
-
-    i = 0;
-    while (i < len) {
-        /* If MSB set just copy across */
-        if (*from & 0x80) {
-            *to++ = *from++;
-            i++;
-        }
-        /* Collapse multiple spaces */
-        else if (isspace(*from)) {
-            /* Copy one space across */
-            *to++ = ' ';
-            /*
-             * Ignore subsequent spaces. Note: don't need to check len here
-             * because we know the last character is a non-space so we can't
-             * overflow.
-             */
-            do {
-                from++;
-                i++;
-            }
-            while (!(*from & 0x80) && isspace(*from));
-        } else {
-            *to++ = tolower(*from);
-            from++;
-            i++;
-        }
-    }
-
-    out->length = to - out->data;
-
-    return 1;
-
-}
-
-static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) * _intname,
-                          unsigned char **in)
-{
-    int i, len, ltmp;
-    ASN1_VALUE *v;
-    STACK_OF(ASN1_VALUE) *intname = (STACK_OF(ASN1_VALUE) *)_intname;
-
-    len = 0;
-    for (i = 0; i < sk_ASN1_VALUE_num(intname); i++) {
-        v = sk_ASN1_VALUE_value(intname, i);
-        ltmp = ASN1_item_ex_i2d(&v, in,
-                                ASN1_ITEM_rptr(X509_NAME_ENTRIES), -1, -1);
-        if (ltmp < 0)
-            return ltmp;
-        len += ltmp;
-    }
-    return len;
-}
-
-int X509_NAME_set(X509_NAME **xn, X509_NAME *name)
-{
-    X509_NAME *in;
-
-    if (!xn || !name)
-        return (0);
-
-    if (*xn != name) {
-        in = X509_NAME_dup(name);
-        if (in != NULL) {
-            X509_NAME_free(*xn);
-            *xn = in;
-        }
-    }
-    return (*xn != NULL);
-}
-
-IMPLEMENT_STACK_OF(X509_NAME_ENTRY)
-
-IMPLEMENT_ASN1_SET_OF(X509_NAME_ENTRY)
diff --git a/thirdparty/openssl/crypto/asn1/x_nx509.c b/thirdparty/openssl/crypto/asn1/x_nx509.c
deleted file mode 100644
index 5aa0ed58b4..0000000000
--- a/thirdparty/openssl/crypto/asn1/x_nx509.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/* x_nx509.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2005.
- */
-/* ====================================================================
- * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stddef.h>
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-
-/* Old netscape certificate wrapper format */
-
-ASN1_SEQUENCE(NETSCAPE_X509) = {
-        ASN1_SIMPLE(NETSCAPE_X509, header, ASN1_OCTET_STRING),
-        ASN1_OPT(NETSCAPE_X509, cert, X509)
-} ASN1_SEQUENCE_END(NETSCAPE_X509)
-
-IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_X509)
diff --git a/thirdparty/openssl/crypto/asn1/x_pkey.c b/thirdparty/openssl/crypto/asn1/x_pkey.c
deleted file mode 100644
index 2da23e4756..0000000000
--- a/thirdparty/openssl/crypto/asn1/x_pkey.c
+++ /dev/null
@@ -1,153 +0,0 @@
-/* crypto/asn1/x_pkey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-/* need to implement */
-int i2d_X509_PKEY(X509_PKEY *a, unsigned char **pp)
-{
-    return (0);
-}
-
-X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, const unsigned char **pp, long length)
-{
-    int i;
-    M_ASN1_D2I_vars(a, X509_PKEY *, X509_PKEY_new);
-
-    M_ASN1_D2I_Init();
-    M_ASN1_D2I_start_sequence();
-    M_ASN1_D2I_get_x(X509_ALGOR, ret->enc_algor, d2i_X509_ALGOR);
-    M_ASN1_D2I_get_x(ASN1_OCTET_STRING, ret->enc_pkey, d2i_ASN1_OCTET_STRING);
-
-    ret->cipher.cipher =
-        EVP_get_cipherbyname(OBJ_nid2ln
-                             (OBJ_obj2nid(ret->enc_algor->algorithm)));
-    if (ret->cipher.cipher == NULL) {
-        c.error = ASN1_R_UNSUPPORTED_CIPHER;
-        c.line = __LINE__;
-        goto err;
-    }
-    if (ret->enc_algor->parameter->type == V_ASN1_OCTET_STRING) {
-        i = ret->enc_algor->parameter->value.octet_string->length;
-        if (i > EVP_MAX_IV_LENGTH) {
-            c.error = ASN1_R_IV_TOO_LARGE;
-            c.line = __LINE__;
-            goto err;
-        }
-        memcpy(ret->cipher.iv,
-               ret->enc_algor->parameter->value.octet_string->data, i);
-    } else
-        memset(ret->cipher.iv, 0, EVP_MAX_IV_LENGTH);
-    M_ASN1_D2I_Finish(a, X509_PKEY_free, ASN1_F_D2I_X509_PKEY);
-}
-
-X509_PKEY *X509_PKEY_new(void)
-{
-    X509_PKEY *ret = NULL;
-    ASN1_CTX c;
-
-    M_ASN1_New_Malloc(ret, X509_PKEY);
-    ret->version = 0;
-    M_ASN1_New(ret->enc_algor, X509_ALGOR_new);
-    M_ASN1_New(ret->enc_pkey, M_ASN1_OCTET_STRING_new);
-    ret->dec_pkey = NULL;
-    ret->key_length = 0;
-    ret->key_data = NULL;
-    ret->key_free = 0;
-    ret->cipher.cipher = NULL;
-    memset(ret->cipher.iv, 0, EVP_MAX_IV_LENGTH);
-    ret->references = 1;
-    return (ret);
-    M_ASN1_New_Error(ASN1_F_X509_PKEY_NEW);
-}
-
-void X509_PKEY_free(X509_PKEY *x)
-{
-    int i;
-
-    if (x == NULL)
-        return;
-
-    i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_X509_PKEY);
-#ifdef REF_PRINT
-    REF_PRINT("X509_PKEY", x);
-#endif
-    if (i > 0)
-        return;
-#ifdef REF_CHECK
-    if (i < 0) {
-        fprintf(stderr, "X509_PKEY_free, bad reference count\n");
-        abort();
-    }
-#endif
-
-    if (x->enc_algor != NULL)
-        X509_ALGOR_free(x->enc_algor);
-    if (x->enc_pkey != NULL)
-        M_ASN1_OCTET_STRING_free(x->enc_pkey);
-    if (x->dec_pkey != NULL)
-        EVP_PKEY_free(x->dec_pkey);
-    if ((x->key_data != NULL) && (x->key_free))
-        OPENSSL_free(x->key_data);
-    OPENSSL_free(x);
-}
diff --git a/thirdparty/openssl/crypto/asn1/x_pubkey.c b/thirdparty/openssl/crypto/asn1/x_pubkey.c
deleted file mode 100644
index 6c57a7971c..0000000000
--- a/thirdparty/openssl/crypto/asn1/x_pubkey.c
+++ /dev/null
@@ -1,374 +0,0 @@
-/* crypto/asn1/x_pubkey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include "asn1_locl.h"
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-
-/* Minor tweak to operation: free up EVP_PKEY */
-static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                     void *exarg)
-{
-    if (operation == ASN1_OP_FREE_POST) {
-        X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
-        EVP_PKEY_free(pubkey->pkey);
-    }
-    return 1;
-}
-
-ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = {
-        ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR),
-        ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING)
-} ASN1_SEQUENCE_END_cb(X509_PUBKEY, X509_PUBKEY)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY)
-
-int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
-{
-    X509_PUBKEY *pk = NULL;
-
-    if (x == NULL)
-        return (0);
-
-    if ((pk = X509_PUBKEY_new()) == NULL)
-        goto error;
-
-    if (pkey->ameth) {
-        if (pkey->ameth->pub_encode) {
-            if (!pkey->ameth->pub_encode(pk, pkey)) {
-                X509err(X509_F_X509_PUBKEY_SET,
-                        X509_R_PUBLIC_KEY_ENCODE_ERROR);
-                goto error;
-            }
-        } else {
-            X509err(X509_F_X509_PUBKEY_SET, X509_R_METHOD_NOT_SUPPORTED);
-            goto error;
-        }
-    } else {
-        X509err(X509_F_X509_PUBKEY_SET, X509_R_UNSUPPORTED_ALGORITHM);
-        goto error;
-    }
-
-    if (*x != NULL)
-        X509_PUBKEY_free(*x);
-
-    *x = pk;
-
-    return 1;
- error:
-    if (pk != NULL)
-        X509_PUBKEY_free(pk);
-    return 0;
-}
-
-EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
-{
-    EVP_PKEY *ret = NULL;
-
-    if (key == NULL)
-        goto error;
-
-    if (key->pkey != NULL) {
-        CRYPTO_add(&key->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
-        return key->pkey;
-    }
-
-    if (key->public_key == NULL)
-        goto error;
-
-    if ((ret = EVP_PKEY_new()) == NULL) {
-        X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
-        goto error;
-    }
-
-    if (!EVP_PKEY_set_type(ret, OBJ_obj2nid(key->algor->algorithm))) {
-        X509err(X509_F_X509_PUBKEY_GET, X509_R_UNSUPPORTED_ALGORITHM);
-        goto error;
-    }
-
-    if (ret->ameth->pub_decode) {
-        if (!ret->ameth->pub_decode(ret, key)) {
-            X509err(X509_F_X509_PUBKEY_GET, X509_R_PUBLIC_KEY_DECODE_ERROR);
-            goto error;
-        }
-    } else {
-        X509err(X509_F_X509_PUBKEY_GET, X509_R_METHOD_NOT_SUPPORTED);
-        goto error;
-    }
-
-    /* Check to see if another thread set key->pkey first */
-    CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
-    if (key->pkey) {
-        CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
-        EVP_PKEY_free(ret);
-        ret = key->pkey;
-    } else {
-        key->pkey = ret;
-        CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
-    }
-    CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY);
-
-    return ret;
-
- error:
-    if (ret != NULL)
-        EVP_PKEY_free(ret);
-    return (NULL);
-}
-
-/*
- * Now two pseudo ASN1 routines that take an EVP_PKEY structure and encode or
- * decode as X509_PUBKEY
- */
-
-EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length)
-{
-    X509_PUBKEY *xpk;
-    EVP_PKEY *pktmp;
-    const unsigned char *q;
-    q = *pp;
-    xpk = d2i_X509_PUBKEY(NULL, &q, length);
-    if (!xpk)
-        return NULL;
-    pktmp = X509_PUBKEY_get(xpk);
-    X509_PUBKEY_free(xpk);
-    if (!pktmp)
-        return NULL;
-    *pp = q;
-    if (a) {
-        EVP_PKEY_free(*a);
-        *a = pktmp;
-    }
-    return pktmp;
-}
-
-int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp)
-{
-    X509_PUBKEY *xpk = NULL;
-    int ret;
-    if (!a)
-        return 0;
-    if (!X509_PUBKEY_set(&xpk, a))
-        return 0;
-    ret = i2d_X509_PUBKEY(xpk, pp);
-    X509_PUBKEY_free(xpk);
-    return ret;
-}
-
-/*
- * The following are equivalents but which return RSA and DSA keys
- */
-#ifndef OPENSSL_NO_RSA
-RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length)
-{
-    EVP_PKEY *pkey;
-    RSA *key;
-    const unsigned char *q;
-    q = *pp;
-    pkey = d2i_PUBKEY(NULL, &q, length);
-    if (!pkey)
-        return NULL;
-    key = EVP_PKEY_get1_RSA(pkey);
-    EVP_PKEY_free(pkey);
-    if (!key)
-        return NULL;
-    *pp = q;
-    if (a) {
-        RSA_free(*a);
-        *a = key;
-    }
-    return key;
-}
-
-int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp)
-{
-    EVP_PKEY *pktmp;
-    int ret;
-    if (!a)
-        return 0;
-    pktmp = EVP_PKEY_new();
-    if (!pktmp) {
-        ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    EVP_PKEY_set1_RSA(pktmp, a);
-    ret = i2d_PUBKEY(pktmp, pp);
-    EVP_PKEY_free(pktmp);
-    return ret;
-}
-#endif
-
-#ifndef OPENSSL_NO_DSA
-DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length)
-{
-    EVP_PKEY *pkey;
-    DSA *key;
-    const unsigned char *q;
-    q = *pp;
-    pkey = d2i_PUBKEY(NULL, &q, length);
-    if (!pkey)
-        return NULL;
-    key = EVP_PKEY_get1_DSA(pkey);
-    EVP_PKEY_free(pkey);
-    if (!key)
-        return NULL;
-    *pp = q;
-    if (a) {
-        DSA_free(*a);
-        *a = key;
-    }
-    return key;
-}
-
-int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
-{
-    EVP_PKEY *pktmp;
-    int ret;
-    if (!a)
-        return 0;
-    pktmp = EVP_PKEY_new();
-    if (!pktmp) {
-        ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    EVP_PKEY_set1_DSA(pktmp, a);
-    ret = i2d_PUBKEY(pktmp, pp);
-    EVP_PKEY_free(pktmp);
-    return ret;
-}
-#endif
-
-#ifndef OPENSSL_NO_EC
-EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length)
-{
-    EVP_PKEY *pkey;
-    EC_KEY *key;
-    const unsigned char *q;
-    q = *pp;
-    pkey = d2i_PUBKEY(NULL, &q, length);
-    if (!pkey)
-        return (NULL);
-    key = EVP_PKEY_get1_EC_KEY(pkey);
-    EVP_PKEY_free(pkey);
-    if (!key)
-        return (NULL);
-    *pp = q;
-    if (a) {
-        EC_KEY_free(*a);
-        *a = key;
-    }
-    return (key);
-}
-
-int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp)
-{
-    EVP_PKEY *pktmp;
-    int ret;
-    if (!a)
-        return (0);
-    if ((pktmp = EVP_PKEY_new()) == NULL) {
-        ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-    EVP_PKEY_set1_EC_KEY(pktmp, a);
-    ret = i2d_PUBKEY(pktmp, pp);
-    EVP_PKEY_free(pktmp);
-    return (ret);
-}
-#endif
-
-int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
-                           int ptype, void *pval,
-                           unsigned char *penc, int penclen)
-{
-    if (!X509_ALGOR_set0(pub->algor, aobj, ptype, pval))
-        return 0;
-    if (penc) {
-        if (pub->public_key->data)
-            OPENSSL_free(pub->public_key->data);
-        pub->public_key->data = penc;
-        pub->public_key->length = penclen;
-        /* Set number of unused bits to zero */
-        pub->public_key->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
-        pub->public_key->flags |= ASN1_STRING_FLAG_BITS_LEFT;
-    }
-    return 1;
-}
-
-int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
-                           const unsigned char **pk, int *ppklen,
-                           X509_ALGOR **pa, X509_PUBKEY *pub)
-{
-    if (ppkalg)
-        *ppkalg = pub->algor->algorithm;
-    if (pk) {
-        *pk = pub->public_key->data;
-        *ppklen = pub->public_key->length;
-    }
-    if (pa)
-        *pa = pub->algor;
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/asn1/x_req.c b/thirdparty/openssl/crypto/asn1/x_req.c
deleted file mode 100644
index ae293aa0ca..0000000000
--- a/thirdparty/openssl/crypto/asn1/x_req.c
+++ /dev/null
@@ -1,116 +0,0 @@
-/* crypto/asn1/x_req.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-
-/*-
- * X509_REQ_INFO is handled in an unusual way to get round
- * invalid encodings. Some broken certificate requests don't
- * encode the attributes field if it is empty. This is in
- * violation of PKCS#10 but we need to tolerate it. We do
- * this by making the attributes field OPTIONAL then using
- * the callback to initialise it to an empty STACK.
- *
- * This means that the field will be correctly encoded unless
- * we NULL out the field.
- *
- * As a result we no longer need the req_kludge field because
- * the information is now contained in the attributes field:
- * 1. If it is NULL then it's the invalid omission.
- * 2. If it is empty it is the correct encoding.
- * 3. If it is not empty then some attributes are present.
- *
- */
-
-static int rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                   void *exarg)
-{
-    X509_REQ_INFO *rinf = (X509_REQ_INFO *)*pval;
-
-    if (operation == ASN1_OP_NEW_POST) {
-        rinf->attributes = sk_X509_ATTRIBUTE_new_null();
-        if (!rinf->attributes)
-            return 0;
-    }
-    return 1;
-}
-
-ASN1_SEQUENCE_enc(X509_REQ_INFO, enc, rinf_cb) = {
-        ASN1_SIMPLE(X509_REQ_INFO, version, ASN1_INTEGER),
-        ASN1_SIMPLE(X509_REQ_INFO, subject, X509_NAME),
-        ASN1_SIMPLE(X509_REQ_INFO, pubkey, X509_PUBKEY),
-        /* This isn't really OPTIONAL but it gets round invalid
-         * encodings
-         */
-        ASN1_IMP_SET_OF_OPT(X509_REQ_INFO, attributes, X509_ATTRIBUTE, 0)
-} ASN1_SEQUENCE_END_enc(X509_REQ_INFO, X509_REQ_INFO)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_REQ_INFO)
-
-ASN1_SEQUENCE_ref(X509_REQ, 0, CRYPTO_LOCK_X509_REQ) = {
-        ASN1_SIMPLE(X509_REQ, req_info, X509_REQ_INFO),
-        ASN1_SIMPLE(X509_REQ, sig_alg, X509_ALGOR),
-        ASN1_SIMPLE(X509_REQ, signature, ASN1_BIT_STRING)
-} ASN1_SEQUENCE_END_ref(X509_REQ, X509_REQ)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_REQ)
-
-IMPLEMENT_ASN1_DUP_FUNCTION(X509_REQ)
diff --git a/thirdparty/openssl/crypto/asn1/x_sig.c b/thirdparty/openssl/crypto/asn1/x_sig.c
deleted file mode 100644
index dd33720c10..0000000000
--- a/thirdparty/openssl/crypto/asn1/x_sig.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/* crypto/asn1/x_sig.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-
-ASN1_SEQUENCE(X509_SIG) = {
-        ASN1_SIMPLE(X509_SIG, algor, X509_ALGOR),
-        ASN1_SIMPLE(X509_SIG, digest, ASN1_OCTET_STRING)
-} ASN1_SEQUENCE_END(X509_SIG)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_SIG)
diff --git a/thirdparty/openssl/crypto/asn1/x_spki.c b/thirdparty/openssl/crypto/asn1/x_spki.c
deleted file mode 100644
index 1df6b87d2b..0000000000
--- a/thirdparty/openssl/crypto/asn1/x_spki.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/* crypto/asn1/x_spki.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
- /*
-  * This module was send to me my Pat Richards <patr@x509.com> who wrote it.
-  * It is under my Copyright with his permission
-  */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/asn1t.h>
-
-ASN1_SEQUENCE(NETSCAPE_SPKAC) = {
-        ASN1_SIMPLE(NETSCAPE_SPKAC, pubkey, X509_PUBKEY),
-        ASN1_SIMPLE(NETSCAPE_SPKAC, challenge, ASN1_IA5STRING)
-} ASN1_SEQUENCE_END(NETSCAPE_SPKAC)
-
-IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
-
-ASN1_SEQUENCE(NETSCAPE_SPKI) = {
-        ASN1_SIMPLE(NETSCAPE_SPKI, spkac, NETSCAPE_SPKAC),
-        ASN1_SIMPLE(NETSCAPE_SPKI, sig_algor, X509_ALGOR),
-        ASN1_SIMPLE(NETSCAPE_SPKI, signature, ASN1_BIT_STRING)
-} ASN1_SEQUENCE_END(NETSCAPE_SPKI)
-
-IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_SPKI)
diff --git a/thirdparty/openssl/crypto/asn1/x_val.c b/thirdparty/openssl/crypto/asn1/x_val.c
deleted file mode 100644
index ee75a1e254..0000000000
--- a/thirdparty/openssl/crypto/asn1/x_val.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/* crypto/asn1/x_val.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-
-ASN1_SEQUENCE(X509_VAL) = {
-        ASN1_SIMPLE(X509_VAL, notBefore, ASN1_TIME),
-        ASN1_SIMPLE(X509_VAL, notAfter, ASN1_TIME)
-} ASN1_SEQUENCE_END(X509_VAL)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_VAL)
diff --git a/thirdparty/openssl/crypto/asn1/x_x509.c b/thirdparty/openssl/crypto/asn1/x_x509.c
deleted file mode 100644
index aada4a8413..0000000000
--- a/thirdparty/openssl/crypto/asn1/x_x509.c
+++ /dev/null
@@ -1,289 +0,0 @@
-/* crypto/asn1/x_x509.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-ASN1_SEQUENCE_enc(X509_CINF, enc, 0) = {
-        ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0),
-        ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER),
-        ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR),
-        ASN1_SIMPLE(X509_CINF, issuer, X509_NAME),
-        ASN1_SIMPLE(X509_CINF, validity, X509_VAL),
-        ASN1_SIMPLE(X509_CINF, subject, X509_NAME),
-        ASN1_SIMPLE(X509_CINF, key, X509_PUBKEY),
-        ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1),
-        ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2),
-        ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3)
-} ASN1_SEQUENCE_END_enc(X509_CINF, X509_CINF)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_CINF)
-/* X509 top level structure needs a bit of customisation */
-
-extern void policy_cache_free(X509_POLICY_CACHE *cache);
-
-static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                   void *exarg)
-{
-    X509 *ret = (X509 *)*pval;
-
-    switch (operation) {
-
-    case ASN1_OP_NEW_POST:
-        ret->valid = 0;
-        ret->name = NULL;
-        ret->ex_flags = 0;
-        ret->ex_pathlen = -1;
-        ret->skid = NULL;
-        ret->akid = NULL;
-#ifndef OPENSSL_NO_RFC3779
-        ret->rfc3779_addr = NULL;
-        ret->rfc3779_asid = NULL;
-#endif
-        ret->aux = NULL;
-        ret->crldp = NULL;
-        CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
-        break;
-
-    case ASN1_OP_D2I_POST:
-        if (ret->name != NULL)
-            OPENSSL_free(ret->name);
-        ret->name = X509_NAME_oneline(ret->cert_info->subject, NULL, 0);
-        break;
-
-    case ASN1_OP_FREE_POST:
-        CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
-        X509_CERT_AUX_free(ret->aux);
-        ASN1_OCTET_STRING_free(ret->skid);
-        AUTHORITY_KEYID_free(ret->akid);
-        CRL_DIST_POINTS_free(ret->crldp);
-        policy_cache_free(ret->policy_cache);
-        GENERAL_NAMES_free(ret->altname);
-        NAME_CONSTRAINTS_free(ret->nc);
-#ifndef OPENSSL_NO_RFC3779
-        sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free);
-        ASIdentifiers_free(ret->rfc3779_asid);
-#endif
-
-        if (ret->name != NULL)
-            OPENSSL_free(ret->name);
-        break;
-
-    }
-
-    return 1;
-
-}
-
-ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = {
-        ASN1_SIMPLE(X509, cert_info, X509_CINF),
-        ASN1_SIMPLE(X509, sig_alg, X509_ALGOR),
-        ASN1_SIMPLE(X509, signature, ASN1_BIT_STRING)
-} ASN1_SEQUENCE_END_ref(X509, X509)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509)
-
-IMPLEMENT_ASN1_DUP_FUNCTION(X509)
-
-int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-                          CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, argl, argp,
-                                   new_func, dup_func, free_func);
-}
-
-int X509_set_ex_data(X509 *r, int idx, void *arg)
-{
-    return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
-}
-
-void *X509_get_ex_data(X509 *r, int idx)
-{
-    return (CRYPTO_get_ex_data(&r->ex_data, idx));
-}
-
-/*
- * X509_AUX ASN1 routines. X509_AUX is the name given to a certificate with
- * extra info tagged on the end. Since these functions set how a certificate
- * is trusted they should only be used when the certificate comes from a
- * reliable source such as local storage.
- */
-
-X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
-{
-    const unsigned char *q;
-    X509 *ret;
-    int freeret = 0;
-
-    /* Save start position */
-    q = *pp;
-
-    if (!a || *a == NULL) {
-        freeret = 1;
-    }
-    ret = d2i_X509(a, &q, length);
-    /* If certificate unreadable then forget it */
-    if (!ret)
-        return NULL;
-    /* update length */
-    length -= q - *pp;
-    if (length > 0 && !d2i_X509_CERT_AUX(&ret->aux, &q, length))
-        goto err;
-    *pp = q;
-    return ret;
- err:
-    if (freeret) {
-        X509_free(ret);
-        if (a)
-            *a = NULL;
-    }
-    return NULL;
-}
-
-/*
- * Serialize trusted certificate to *pp or just return the required buffer
- * length if pp == NULL.  We ultimately want to avoid modifying *pp in the
- * error path, but that depends on similar hygiene in lower-level functions.
- * Here we avoid compounding the problem.
- */
-static int i2d_x509_aux_internal(X509 *a, unsigned char **pp)
-{
-    int length, tmplen;
-    unsigned char *start = pp != NULL ? *pp : NULL;
-
-    OPENSSL_assert(pp == NULL || *pp != NULL);
-
-    /*
-     * This might perturb *pp on error, but fixing that belongs in i2d_X509()
-     * not here.  It should be that if a == NULL length is zero, but we check
-     * both just in case.
-     */
-    length = i2d_X509(a, pp);
-    if (length <= 0 || a == NULL)
-        return length;
-
-    tmplen = i2d_X509_CERT_AUX(a->aux, pp);
-    if (tmplen < 0) {
-        if (start != NULL)
-            *pp = start;
-        return tmplen;
-    }
-    length += tmplen;
-
-    return length;
-}
-
-/*
- * Serialize trusted certificate to *pp, or just return the required buffer
- * length if pp == NULL.
- *
- * When pp is not NULL, but *pp == NULL, we allocate the buffer, but since
- * we're writing two ASN.1 objects back to back, we can't have i2d_X509() do
- * the allocation, nor can we allow i2d_X509_CERT_AUX() to increment the
- * allocated buffer.
- */
-int i2d_X509_AUX(X509 *a, unsigned char **pp)
-{
-    int length;
-    unsigned char *tmp;
-
-    /* Buffer provided by caller */
-    if (pp == NULL || *pp != NULL)
-        return i2d_x509_aux_internal(a, pp);
-
-    /* Obtain the combined length */
-    if ((length = i2d_x509_aux_internal(a, NULL)) <= 0)
-        return length;
-
-    /* Allocate requisite combined storage */
-    *pp = tmp = OPENSSL_malloc(length);
-    if (tmp == NULL)
-        return -1; /* Push error onto error stack? */
-
-    /* Encode, but keep *pp at the originally malloced pointer */
-    length = i2d_x509_aux_internal(a, &tmp);
-    if (length <= 0) {
-        OPENSSL_free(*pp);
-        *pp = NULL;
-    }
-    return length;
-}
-
-int i2d_re_X509_tbs(X509 *x, unsigned char **pp)
-{
-    x->cert_info->enc.modified = 1;
-    return i2d_X509_CINF(x->cert_info, pp);
-}
-
-void X509_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg,
-                         const X509 *x)
-{
-    if (psig)
-        *psig = x->signature;
-    if (palg)
-        *palg = x->sig_alg;
-}
-
-int X509_get_signature_nid(const X509 *x)
-{
-    return OBJ_obj2nid(x->sig_alg->algorithm);
-}
diff --git a/thirdparty/openssl/crypto/asn1/x_x509a.c b/thirdparty/openssl/crypto/asn1/x_x509a.c
deleted file mode 100644
index ad93592a71..0000000000
--- a/thirdparty/openssl/crypto/asn1/x_x509a.c
+++ /dev/null
@@ -1,196 +0,0 @@
-/* a_x509a.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-
-/*
- * X509_CERT_AUX routines. These are used to encode additional user
- * modifiable data about a certificate. This data is appended to the X509
- * encoding when the *_X509_AUX routines are used. This means that the
- * "traditional" X509 routines will simply ignore the extra data.
- */
-
-static X509_CERT_AUX *aux_get(X509 *x);
-
-ASN1_SEQUENCE(X509_CERT_AUX) = {
-        ASN1_SEQUENCE_OF_OPT(X509_CERT_AUX, trust, ASN1_OBJECT),
-        ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, reject, ASN1_OBJECT, 0),
-        ASN1_OPT(X509_CERT_AUX, alias, ASN1_UTF8STRING),
-        ASN1_OPT(X509_CERT_AUX, keyid, ASN1_OCTET_STRING),
-        ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, other, X509_ALGOR, 1)
-} ASN1_SEQUENCE_END(X509_CERT_AUX)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_CERT_AUX)
-
-static X509_CERT_AUX *aux_get(X509 *x)
-{
-    if (!x)
-        return NULL;
-    if (!x->aux && !(x->aux = X509_CERT_AUX_new()))
-        return NULL;
-    return x->aux;
-}
-
-int X509_alias_set1(X509 *x, unsigned char *name, int len)
-{
-    X509_CERT_AUX *aux;
-    if (!name) {
-        if (!x || !x->aux || !x->aux->alias)
-            return 1;
-        ASN1_UTF8STRING_free(x->aux->alias);
-        x->aux->alias = NULL;
-        return 1;
-    }
-    if (!(aux = aux_get(x)))
-        return 0;
-    if (!aux->alias && !(aux->alias = ASN1_UTF8STRING_new()))
-        return 0;
-    return ASN1_STRING_set(aux->alias, name, len);
-}
-
-int X509_keyid_set1(X509 *x, unsigned char *id, int len)
-{
-    X509_CERT_AUX *aux;
-    if (!id) {
-        if (!x || !x->aux || !x->aux->keyid)
-            return 1;
-        ASN1_OCTET_STRING_free(x->aux->keyid);
-        x->aux->keyid = NULL;
-        return 1;
-    }
-    if (!(aux = aux_get(x)))
-        return 0;
-    if (!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new()))
-        return 0;
-    return ASN1_STRING_set(aux->keyid, id, len);
-}
-
-unsigned char *X509_alias_get0(X509 *x, int *len)
-{
-    if (!x->aux || !x->aux->alias)
-        return NULL;
-    if (len)
-        *len = x->aux->alias->length;
-    return x->aux->alias->data;
-}
-
-unsigned char *X509_keyid_get0(X509 *x, int *len)
-{
-    if (!x->aux || !x->aux->keyid)
-        return NULL;
-    if (len)
-        *len = x->aux->keyid->length;
-    return x->aux->keyid->data;
-}
-
-int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj)
-{
-    X509_CERT_AUX *aux;
-    ASN1_OBJECT *objtmp;
-    if (!(objtmp = OBJ_dup(obj)))
-        return 0;
-    if (!(aux = aux_get(x)))
-        return 0;
-    if (!aux->trust && !(aux->trust = sk_ASN1_OBJECT_new_null()))
-        return 0;
-    return sk_ASN1_OBJECT_push(aux->trust, objtmp);
-}
-
-int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj)
-{
-    X509_CERT_AUX *aux;
-    ASN1_OBJECT *objtmp;
-    if (!(objtmp = OBJ_dup(obj)))
-        return 0;
-    if (!(aux = aux_get(x)))
-        goto err;
-    if (!aux->reject && !(aux->reject = sk_ASN1_OBJECT_new_null()))
-        goto err;
-    return sk_ASN1_OBJECT_push(aux->reject, objtmp);
- err:
-    ASN1_OBJECT_free(objtmp);
-    return 0;
-}
-
-void X509_trust_clear(X509 *x)
-{
-    if (x->aux && x->aux->trust) {
-        sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free);
-        x->aux->trust = NULL;
-    }
-}
-
-void X509_reject_clear(X509 *x)
-{
-    if (x->aux && x->aux->reject) {
-        sk_ASN1_OBJECT_pop_free(x->aux->reject, ASN1_OBJECT_free);
-        x->aux->reject = NULL;
-    }
-}
-
-ASN1_SEQUENCE(X509_CERT_PAIR) = {
-        ASN1_EXP_OPT(X509_CERT_PAIR, forward, X509, 0),
-        ASN1_EXP_OPT(X509_CERT_PAIR, reverse, X509, 1)
-} ASN1_SEQUENCE_END(X509_CERT_PAIR)
-
-IMPLEMENT_ASN1_FUNCTIONS(X509_CERT_PAIR)
diff --git a/thirdparty/openssl/crypto/bf/COPYRIGHT b/thirdparty/openssl/crypto/bf/COPYRIGHT
deleted file mode 100644
index 6857223506..0000000000
--- a/thirdparty/openssl/crypto/bf/COPYRIGHT
+++ /dev/null
@@ -1,46 +0,0 @@
-Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-All rights reserved.
-
-This package is an Blowfish implementation written
-by Eric Young (eay@cryptsoft.com).
-
-This library is free for commercial and non-commercial use as long as
-the following conditions are aheared to.  The following conditions
-apply to all code found in this distribution.
-
-Copyright remains Eric Young's, and as such any Copyright notices in
-the code are not to be removed.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions
-are met:
-1. Redistributions of source code must retain the copyright
-   notice, this list of conditions and the following disclaimer.
-2. Redistributions in binary form must reproduce the above copyright
-   notice, this list of conditions and the following disclaimer in the
-   documentation and/or other materials provided with the distribution.
-3. All advertising materials mentioning features or use of this software
-   must display the following acknowledgement:
-   This product includes software developed by Eric Young (eay@cryptsoft.com)
-
-THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGE.
-
-The license and distribution terms for any publically available version or
-derivative of this code cannot be changed.  i.e. this code cannot simply be
-copied and put under another distrubution license
-[including the GNU Public License.]
-
-The reason behind this being stated in this direct manner is past
-experience in code simply being copied and the attribution removed
-from it and then being distributed as part of other packages. This
-implementation was a non-trivial and unpaid effort.
diff --git a/thirdparty/openssl/crypto/bf/INSTALL b/thirdparty/openssl/crypto/bf/INSTALL
deleted file mode 100644
index 3b25923532..0000000000
--- a/thirdparty/openssl/crypto/bf/INSTALL
+++ /dev/null
@@ -1,14 +0,0 @@
-This Eric Young's blowfish implementation, taken from his SSLeay library
-and made available as a separate library.
- 
-The version number (0.7.2m) is the SSLeay version that this library was
-taken from.
- 
-To build, just unpack and type make.
-If you are not using gcc, edit the Makefile.
-If you are compiling for an x86 box, try the assembler (it needs improving).
-There are also some compile time options that can improve performance,
-these are documented in the Makefile.
- 
-eric 15-Apr-1997
- 
diff --git a/thirdparty/openssl/crypto/bf/README b/thirdparty/openssl/crypto/bf/README
deleted file mode 100644
index f2712fd0e7..0000000000
--- a/thirdparty/openssl/crypto/bf/README
+++ /dev/null
@@ -1,8 +0,0 @@
-This is a quick packaging up of my blowfish code into a library.
-It has been lifted from SSLeay.
-The copyright notices seem a little harsh because I have not spent the
-time to rewrite the conditions from the normal SSLeay ones.
-
-Basically if you just want to play with the library, not a problem.
-
-eric 15-Apr-1997
diff --git a/thirdparty/openssl/crypto/bf/VERSION b/thirdparty/openssl/crypto/bf/VERSION
deleted file mode 100644
index be995855e4..0000000000
--- a/thirdparty/openssl/crypto/bf/VERSION
+++ /dev/null
@@ -1,6 +0,0 @@
-The version numbers will follow my SSL implementation
-
-0.7.2r - Some reasonable default compiler options from 
-	Peter Gutman <pgut001@cs.auckland.ac.nz>
-
-0.7.2m - the first release
diff --git a/thirdparty/openssl/crypto/bf/asm/readme b/thirdparty/openssl/crypto/bf/asm/readme
deleted file mode 100644
index 2385fa3812..0000000000
--- a/thirdparty/openssl/crypto/bf/asm/readme
+++ /dev/null
@@ -1,10 +0,0 @@
-There are blowfish assembler generation scripts.
-bf-586.pl version is for the pentium and
-bf-686.pl is my original version, which is faster on the pentium pro.
-
-When using a bf-586.pl, the pentium pro/II is %8 slower than using
-bf-686.pl.  When using a bf-686.pl, the pentium is %16 slower
-than bf-586.pl
-
-So the default is bf-586.pl
-
diff --git a/thirdparty/openssl/crypto/bf/bf_cbc.c b/thirdparty/openssl/crypto/bf/bf_cbc.c
deleted file mode 100644
index de827a1a3c..0000000000
--- a/thirdparty/openssl/crypto/bf/bf_cbc.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/* crypto/bf/bf_cbc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-
-void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-                    const BF_KEY *schedule, unsigned char *ivec, int encrypt)
-{
-    register BF_LONG tin0, tin1;
-    register BF_LONG tout0, tout1, xor0, xor1;
-    register long l = length;
-    BF_LONG tin[2];
-
-    if (encrypt) {
-        n2l(ivec, tout0);
-        n2l(ivec, tout1);
-        ivec -= 8;
-        for (l -= 8; l >= 0; l -= 8) {
-            n2l(in, tin0);
-            n2l(in, tin1);
-            tin0 ^= tout0;
-            tin1 ^= tout1;
-            tin[0] = tin0;
-            tin[1] = tin1;
-            BF_encrypt(tin, schedule);
-            tout0 = tin[0];
-            tout1 = tin[1];
-            l2n(tout0, out);
-            l2n(tout1, out);
-        }
-        if (l != -8) {
-            n2ln(in, tin0, tin1, l + 8);
-            tin0 ^= tout0;
-            tin1 ^= tout1;
-            tin[0] = tin0;
-            tin[1] = tin1;
-            BF_encrypt(tin, schedule);
-            tout0 = tin[0];
-            tout1 = tin[1];
-            l2n(tout0, out);
-            l2n(tout1, out);
-        }
-        l2n(tout0, ivec);
-        l2n(tout1, ivec);
-    } else {
-        n2l(ivec, xor0);
-        n2l(ivec, xor1);
-        ivec -= 8;
-        for (l -= 8; l >= 0; l -= 8) {
-            n2l(in, tin0);
-            n2l(in, tin1);
-            tin[0] = tin0;
-            tin[1] = tin1;
-            BF_decrypt(tin, schedule);
-            tout0 = tin[0] ^ xor0;
-            tout1 = tin[1] ^ xor1;
-            l2n(tout0, out);
-            l2n(tout1, out);
-            xor0 = tin0;
-            xor1 = tin1;
-        }
-        if (l != -8) {
-            n2l(in, tin0);
-            n2l(in, tin1);
-            tin[0] = tin0;
-            tin[1] = tin1;
-            BF_decrypt(tin, schedule);
-            tout0 = tin[0] ^ xor0;
-            tout1 = tin[1] ^ xor1;
-            l2nn(tout0, tout1, out, l + 8);
-            xor0 = tin0;
-            xor1 = tin1;
-        }
-        l2n(xor0, ivec);
-        l2n(xor1, ivec);
-    }
-    tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
-    tin[0] = tin[1] = 0;
-}
diff --git a/thirdparty/openssl/crypto/bf/bf_cfb64.c b/thirdparty/openssl/crypto/bf/bf_cfb64.c
deleted file mode 100644
index ddeab6eb77..0000000000
--- a/thirdparty/openssl/crypto/bf/bf_cfb64.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/* crypto/bf/bf_cfb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-
-/*
- * The input and output encrypted as though 64bit cfb mode is being used.
- * The extra state information to record how much of the 64bit block we have
- * used is contained in *num;
- */
-
-void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-                      long length, const BF_KEY *schedule,
-                      unsigned char *ivec, int *num, int encrypt)
-{
-    register BF_LONG v0, v1, t;
-    register int n = *num;
-    register long l = length;
-    BF_LONG ti[2];
-    unsigned char *iv, c, cc;
-
-    iv = (unsigned char *)ivec;
-    if (encrypt) {
-        while (l--) {
-            if (n == 0) {
-                n2l(iv, v0);
-                ti[0] = v0;
-                n2l(iv, v1);
-                ti[1] = v1;
-                BF_encrypt((BF_LONG *)ti, schedule);
-                iv = (unsigned char *)ivec;
-                t = ti[0];
-                l2n(t, iv);
-                t = ti[1];
-                l2n(t, iv);
-                iv = (unsigned char *)ivec;
-            }
-            c = *(in++) ^ iv[n];
-            *(out++) = c;
-            iv[n] = c;
-            n = (n + 1) & 0x07;
-        }
-    } else {
-        while (l--) {
-            if (n == 0) {
-                n2l(iv, v0);
-                ti[0] = v0;
-                n2l(iv, v1);
-                ti[1] = v1;
-                BF_encrypt((BF_LONG *)ti, schedule);
-                iv = (unsigned char *)ivec;
-                t = ti[0];
-                l2n(t, iv);
-                t = ti[1];
-                l2n(t, iv);
-                iv = (unsigned char *)ivec;
-            }
-            cc = *(in++);
-            c = iv[n];
-            iv[n] = cc;
-            *(out++) = c ^ cc;
-            n = (n + 1) & 0x07;
-        }
-    }
-    v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
-    *num = n;
-}
diff --git a/thirdparty/openssl/crypto/bf/bf_ecb.c b/thirdparty/openssl/crypto/bf/bf_ecb.c
deleted file mode 100644
index 967a7f5507..0000000000
--- a/thirdparty/openssl/crypto/bf/bf_ecb.c
+++ /dev/null
@@ -1,100 +0,0 @@
-/* crypto/bf/bf_ecb.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-#include <openssl/opensslv.h>
-
-/*
- * Blowfish as implemented from 'Blowfish: Springer-Verlag paper' (From
- * LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION, CAMBRIDGE
- * SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
- */
-
-const char BF_version[] = "Blowfish" OPENSSL_VERSION_PTEXT;
-
-const char *BF_options(void)
-{
-#ifdef BF_PTR
-    return ("blowfish(ptr)");
-#elif defined(BF_PTR2)
-    return ("blowfish(ptr2)");
-#else
-    return ("blowfish(idx)");
-#endif
-}
-
-void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
-                    const BF_KEY *key, int encrypt)
-{
-    BF_LONG l, d[2];
-
-    n2l(in, l);
-    d[0] = l;
-    n2l(in, l);
-    d[1] = l;
-    if (encrypt)
-        BF_encrypt(d, key);
-    else
-        BF_decrypt(d, key);
-    l = d[0];
-    l2n(l, out);
-    l = d[1];
-    l2n(l, out);
-    l = d[0] = d[1] = 0;
-}
diff --git a/thirdparty/openssl/crypto/bf/bf_enc.c b/thirdparty/openssl/crypto/bf/bf_enc.c
deleted file mode 100644
index b268795f5b..0000000000
--- a/thirdparty/openssl/crypto/bf/bf_enc.c
+++ /dev/null
@@ -1,300 +0,0 @@
-/* crypto/bf/bf_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-
-/*
- * Blowfish as implemented from 'Blowfish: Springer-Verlag paper' (From
- * LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION, CAMBRIDGE
- * SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
- */
-
-#if (BF_ROUNDS != 16) && (BF_ROUNDS != 20)
-# error If you set BF_ROUNDS to some value other than 16 or 20, you will have \
-to modify the code.
-#endif
-
-void BF_encrypt(BF_LONG *data, const BF_KEY *key)
-{
-#ifndef BF_PTR2
-    register BF_LONG l, r;
-    register const BF_LONG *p, *s;
-
-    p = key->P;
-    s = &(key->S[0]);
-    l = data[0];
-    r = data[1];
-
-    l ^= p[0];
-    BF_ENC(r, l, s, p[1]);
-    BF_ENC(l, r, s, p[2]);
-    BF_ENC(r, l, s, p[3]);
-    BF_ENC(l, r, s, p[4]);
-    BF_ENC(r, l, s, p[5]);
-    BF_ENC(l, r, s, p[6]);
-    BF_ENC(r, l, s, p[7]);
-    BF_ENC(l, r, s, p[8]);
-    BF_ENC(r, l, s, p[9]);
-    BF_ENC(l, r, s, p[10]);
-    BF_ENC(r, l, s, p[11]);
-    BF_ENC(l, r, s, p[12]);
-    BF_ENC(r, l, s, p[13]);
-    BF_ENC(l, r, s, p[14]);
-    BF_ENC(r, l, s, p[15]);
-    BF_ENC(l, r, s, p[16]);
-# if BF_ROUNDS == 20
-    BF_ENC(r, l, s, p[17]);
-    BF_ENC(l, r, s, p[18]);
-    BF_ENC(r, l, s, p[19]);
-    BF_ENC(l, r, s, p[20]);
-# endif
-    r ^= p[BF_ROUNDS + 1];
-
-    data[1] = l & 0xffffffffL;
-    data[0] = r & 0xffffffffL;
-#else
-    register BF_LONG l, r, t, *k;
-
-    l = data[0];
-    r = data[1];
-    k = (BF_LONG *)key;
-
-    l ^= k[0];
-    BF_ENC(r, l, k, 1);
-    BF_ENC(l, r, k, 2);
-    BF_ENC(r, l, k, 3);
-    BF_ENC(l, r, k, 4);
-    BF_ENC(r, l, k, 5);
-    BF_ENC(l, r, k, 6);
-    BF_ENC(r, l, k, 7);
-    BF_ENC(l, r, k, 8);
-    BF_ENC(r, l, k, 9);
-    BF_ENC(l, r, k, 10);
-    BF_ENC(r, l, k, 11);
-    BF_ENC(l, r, k, 12);
-    BF_ENC(r, l, k, 13);
-    BF_ENC(l, r, k, 14);
-    BF_ENC(r, l, k, 15);
-    BF_ENC(l, r, k, 16);
-# if BF_ROUNDS == 20
-    BF_ENC(r, l, k, 17);
-    BF_ENC(l, r, k, 18);
-    BF_ENC(r, l, k, 19);
-    BF_ENC(l, r, k, 20);
-# endif
-    r ^= k[BF_ROUNDS + 1];
-
-    data[1] = l & 0xffffffffL;
-    data[0] = r & 0xffffffffL;
-#endif
-}
-
-#ifndef BF_DEFAULT_OPTIONS
-
-void BF_decrypt(BF_LONG *data, const BF_KEY *key)
-{
-# ifndef BF_PTR2
-    register BF_LONG l, r;
-    register const BF_LONG *p, *s;
-
-    p = key->P;
-    s = &(key->S[0]);
-    l = data[0];
-    r = data[1];
-
-    l ^= p[BF_ROUNDS + 1];
-#  if BF_ROUNDS == 20
-    BF_ENC(r, l, s, p[20]);
-    BF_ENC(l, r, s, p[19]);
-    BF_ENC(r, l, s, p[18]);
-    BF_ENC(l, r, s, p[17]);
-#  endif
-    BF_ENC(r, l, s, p[16]);
-    BF_ENC(l, r, s, p[15]);
-    BF_ENC(r, l, s, p[14]);
-    BF_ENC(l, r, s, p[13]);
-    BF_ENC(r, l, s, p[12]);
-    BF_ENC(l, r, s, p[11]);
-    BF_ENC(r, l, s, p[10]);
-    BF_ENC(l, r, s, p[9]);
-    BF_ENC(r, l, s, p[8]);
-    BF_ENC(l, r, s, p[7]);
-    BF_ENC(r, l, s, p[6]);
-    BF_ENC(l, r, s, p[5]);
-    BF_ENC(r, l, s, p[4]);
-    BF_ENC(l, r, s, p[3]);
-    BF_ENC(r, l, s, p[2]);
-    BF_ENC(l, r, s, p[1]);
-    r ^= p[0];
-
-    data[1] = l & 0xffffffffL;
-    data[0] = r & 0xffffffffL;
-# else
-    register BF_LONG l, r, t, *k;
-
-    l = data[0];
-    r = data[1];
-    k = (BF_LONG *)key;
-
-    l ^= k[BF_ROUNDS + 1];
-#  if BF_ROUNDS == 20
-    BF_ENC(r, l, k, 20);
-    BF_ENC(l, r, k, 19);
-    BF_ENC(r, l, k, 18);
-    BF_ENC(l, r, k, 17);
-#  endif
-    BF_ENC(r, l, k, 16);
-    BF_ENC(l, r, k, 15);
-    BF_ENC(r, l, k, 14);
-    BF_ENC(l, r, k, 13);
-    BF_ENC(r, l, k, 12);
-    BF_ENC(l, r, k, 11);
-    BF_ENC(r, l, k, 10);
-    BF_ENC(l, r, k, 9);
-    BF_ENC(r, l, k, 8);
-    BF_ENC(l, r, k, 7);
-    BF_ENC(r, l, k, 6);
-    BF_ENC(l, r, k, 5);
-    BF_ENC(r, l, k, 4);
-    BF_ENC(l, r, k, 3);
-    BF_ENC(r, l, k, 2);
-    BF_ENC(l, r, k, 1);
-    r ^= k[0];
-
-    data[1] = l & 0xffffffffL;
-    data[0] = r & 0xffffffffL;
-# endif
-}
-
-void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-                    const BF_KEY *schedule, unsigned char *ivec, int encrypt)
-{
-    register BF_LONG tin0, tin1;
-    register BF_LONG tout0, tout1, xor0, xor1;
-    register long l = length;
-    BF_LONG tin[2];
-
-    if (encrypt) {
-        n2l(ivec, tout0);
-        n2l(ivec, tout1);
-        ivec -= 8;
-        for (l -= 8; l >= 0; l -= 8) {
-            n2l(in, tin0);
-            n2l(in, tin1);
-            tin0 ^= tout0;
-            tin1 ^= tout1;
-            tin[0] = tin0;
-            tin[1] = tin1;
-            BF_encrypt(tin, schedule);
-            tout0 = tin[0];
-            tout1 = tin[1];
-            l2n(tout0, out);
-            l2n(tout1, out);
-        }
-        if (l != -8) {
-            n2ln(in, tin0, tin1, l + 8);
-            tin0 ^= tout0;
-            tin1 ^= tout1;
-            tin[0] = tin0;
-            tin[1] = tin1;
-            BF_encrypt(tin, schedule);
-            tout0 = tin[0];
-            tout1 = tin[1];
-            l2n(tout0, out);
-            l2n(tout1, out);
-        }
-        l2n(tout0, ivec);
-        l2n(tout1, ivec);
-    } else {
-        n2l(ivec, xor0);
-        n2l(ivec, xor1);
-        ivec -= 8;
-        for (l -= 8; l >= 0; l -= 8) {
-            n2l(in, tin0);
-            n2l(in, tin1);
-            tin[0] = tin0;
-            tin[1] = tin1;
-            BF_decrypt(tin, schedule);
-            tout0 = tin[0] ^ xor0;
-            tout1 = tin[1] ^ xor1;
-            l2n(tout0, out);
-            l2n(tout1, out);
-            xor0 = tin0;
-            xor1 = tin1;
-        }
-        if (l != -8) {
-            n2l(in, tin0);
-            n2l(in, tin1);
-            tin[0] = tin0;
-            tin[1] = tin1;
-            BF_decrypt(tin, schedule);
-            tout0 = tin[0] ^ xor0;
-            tout1 = tin[1] ^ xor1;
-            l2nn(tout0, tout1, out, l + 8);
-            xor0 = tin0;
-            xor1 = tin1;
-        }
-        l2n(xor0, ivec);
-        l2n(xor1, ivec);
-    }
-    tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
-    tin[0] = tin[1] = 0;
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/bf/bf_locl.h b/thirdparty/openssl/crypto/bf/bf_locl.h
deleted file mode 100644
index 9448aed424..0000000000
--- a/thirdparty/openssl/crypto/bf/bf_locl.h
+++ /dev/null
@@ -1,221 +0,0 @@
-/* crypto/bf/bf_locl.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BF_LOCL_H
-# define HEADER_BF_LOCL_H
-# include <openssl/opensslconf.h>/* BF_PTR, BF_PTR2 */
-
-# undef c2l
-# define c2l(c,l)        (l =((unsigned long)(*((c)++)))    , \
-                         l|=((unsigned long)(*((c)++)))<< 8L, \
-                         l|=((unsigned long)(*((c)++)))<<16L, \
-                         l|=((unsigned long)(*((c)++)))<<24L)
-
-/* NOTE - c is not incremented as per c2l */
-# undef c2ln
-# define c2ln(c,l1,l2,n) { \
-                        c+=n; \
-                        l1=l2=0; \
-                        switch (n) { \
-                        case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
-                        case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
-                        case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
-                        case 5: l2|=((unsigned long)(*(--(c))));     \
-                        case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
-                        case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
-                        case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
-                        case 1: l1|=((unsigned long)(*(--(c))));     \
-                                } \
-                        }
-
-# undef l2c
-# define l2c(l,c)        (*((c)++)=(unsigned char)(((l)     )&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-# undef l2cn
-# define l2cn(l1,l2,c,n) { \
-                        c+=n; \
-                        switch (n) { \
-                        case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
-                        case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
-                        case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
-                        case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
-                        case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
-                        case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
-                        case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
-                        case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
-                                } \
-                        }
-
-/* NOTE - c is not incremented as per n2l */
-# define n2ln(c,l1,l2,n) { \
-                        c+=n; \
-                        l1=l2=0; \
-                        switch (n) { \
-                        case 8: l2 =((unsigned long)(*(--(c))))    ; \
-                        case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
-                        case 6: l2|=((unsigned long)(*(--(c))))<<16; \
-                        case 5: l2|=((unsigned long)(*(--(c))))<<24; \
-                        case 4: l1 =((unsigned long)(*(--(c))))    ; \
-                        case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
-                        case 2: l1|=((unsigned long)(*(--(c))))<<16; \
-                        case 1: l1|=((unsigned long)(*(--(c))))<<24; \
-                                } \
-                        }
-
-/* NOTE - c is not incremented as per l2n */
-# define l2nn(l1,l2,c,n) { \
-                        c+=n; \
-                        switch (n) { \
-                        case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
-                        case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
-                        case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
-                        case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
-                        case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
-                        case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
-                        case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
-                        case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
-                                } \
-                        }
-
-# undef n2l
-# define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
-                         l|=((unsigned long)(*((c)++)))<<16L, \
-                         l|=((unsigned long)(*((c)++)))<< 8L, \
-                         l|=((unsigned long)(*((c)++))))
-
-# undef l2n
-# define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)     )&0xff))
-
-/*
- * This is actually a big endian algorithm, the most significant byte is used
- * to lookup array 0
- */
-
-# if defined(BF_PTR2)
-
-/*
- * This is basically a special Intel version. Point is that Intel
- * doesn't have many registers, but offers a reach choice of addressing
- * modes. So we spare some registers by directly traversing BF_KEY
- * structure and hiring the most decorated addressing mode. The code
- * generated by EGCS is *perfectly* competitive with assembler
- * implementation!
- */
-#  define BF_ENC(LL,R,KEY,Pi) (\
-        LL^=KEY[Pi], \
-        t=  KEY[BF_ROUNDS+2 +   0 + ((R>>24)&0xFF)], \
-        t+= KEY[BF_ROUNDS+2 + 256 + ((R>>16)&0xFF)], \
-        t^= KEY[BF_ROUNDS+2 + 512 + ((R>>8 )&0xFF)], \
-        t+= KEY[BF_ROUNDS+2 + 768 + ((R    )&0xFF)], \
-        LL^=t \
-        )
-
-# elif defined(BF_PTR)
-
-#  ifndef BF_LONG_LOG2
-#   define BF_LONG_LOG2  2      /* default to BF_LONG being 32 bits */
-#  endif
-#  define BF_M  (0xFF<<BF_LONG_LOG2)
-#  define BF_0  (24-BF_LONG_LOG2)
-#  define BF_1  (16-BF_LONG_LOG2)
-#  define BF_2  ( 8-BF_LONG_LOG2)
-#  define BF_3  BF_LONG_LOG2    /* left shift */
-
-/*
- * This is normally very good on RISC platforms where normally you
- * have to explicitly "multiply" array index by sizeof(BF_LONG)
- * in order to calculate the effective address. This implementation
- * excuses CPU from this extra work. Power[PC] uses should have most
- * fun as (R>>BF_i)&BF_M gets folded into a single instruction, namely
- * rlwinm. So let'em double-check if their compiler does it.
- */
-
-#  define BF_ENC(LL,R,S,P) ( \
-        LL^=P, \
-        LL^= (((*(BF_LONG *)((unsigned char *)&(S[  0])+((R>>BF_0)&BF_M))+ \
-                *(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \
-                *(BF_LONG *)((unsigned char *)&(S[512])+((R>>BF_2)&BF_M)))+ \
-                *(BF_LONG *)((unsigned char *)&(S[768])+((R<<BF_3)&BF_M))) \
-        )
-# else
-
-/*
- * This is a *generic* version. Seem to perform best on platforms that
- * offer explicit support for extraction of 8-bit nibbles preferably
- * complemented with "multiplying" of array index by sizeof(BF_LONG).
- * For the moment of this writing the list comprises Alpha CPU featuring
- * extbl and s[48]addq instructions.
- */
-
-#  define BF_ENC(LL,R,S,P) ( \
-        LL^=P, \
-        LL^=((( S[       ((int)(R>>24)&0xff)] + \
-                S[0x0100+((int)(R>>16)&0xff)])^ \
-                S[0x0200+((int)(R>> 8)&0xff)])+ \
-                S[0x0300+((int)(R    )&0xff)])&0xffffffffL \
-        )
-# endif
-
-#endif
diff --git a/thirdparty/openssl/crypto/bf/bf_ofb64.c b/thirdparty/openssl/crypto/bf/bf_ofb64.c
deleted file mode 100644
index a8d190b5dd..0000000000
--- a/thirdparty/openssl/crypto/bf/bf_ofb64.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* crypto/bf/bf_ofb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-
-/*
- * The input and output encrypted as though 64bit ofb mode is being used.
- * The extra state information to record how much of the 64bit block we have
- * used is contained in *num;
- */
-void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-                      long length, const BF_KEY *schedule,
-                      unsigned char *ivec, int *num)
-{
-    register BF_LONG v0, v1, t;
-    register int n = *num;
-    register long l = length;
-    unsigned char d[8];
-    register char *dp;
-    BF_LONG ti[2];
-    unsigned char *iv;
-    int save = 0;
-
-    iv = (unsigned char *)ivec;
-    n2l(iv, v0);
-    n2l(iv, v1);
-    ti[0] = v0;
-    ti[1] = v1;
-    dp = (char *)d;
-    l2n(v0, dp);
-    l2n(v1, dp);
-    while (l--) {
-        if (n == 0) {
-            BF_encrypt((BF_LONG *)ti, schedule);
-            dp = (char *)d;
-            t = ti[0];
-            l2n(t, dp);
-            t = ti[1];
-            l2n(t, dp);
-            save++;
-        }
-        *(out++) = *(in++) ^ d[n];
-        n = (n + 1) & 0x07;
-    }
-    if (save) {
-        v0 = ti[0];
-        v1 = ti[1];
-        iv = (unsigned char *)ivec;
-        l2n(v0, iv);
-        l2n(v1, iv);
-    }
-    t = v0 = v1 = ti[0] = ti[1] = 0;
-    *num = n;
-}
diff --git a/thirdparty/openssl/crypto/bf/bf_opts.c b/thirdparty/openssl/crypto/bf/bf_opts.c
deleted file mode 100644
index f85495cf9d..0000000000
--- a/thirdparty/openssl/crypto/bf/bf_opts.c
+++ /dev/null
@@ -1,324 +0,0 @@
-/* crypto/bf/bf_opts.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * define PART1, PART2, PART3 or PART4 to build only with a few of the
- * options. This is for machines with 64k code segment size restrictions.
- */
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-# define TIMES
-#endif
-
-#include <stdio.h>
-
-#include <openssl/e_os2.h>
-#include OPENSSL_UNISTD_IO
-OPENSSL_DECLARE_EXIT
-#ifndef OPENSSL_SYS_NETWARE
-# include <signal.h>
-#endif
-#ifndef _IRIX
-# include <time.h>
-#endif
-#ifdef TIMES
-# include <sys/types.h>
-# include <sys/times.h>
-#endif
-    /*
-     * Depending on the VMS version, the tms structure is perhaps defined.
-     * The __TMS macro will show if it was.  If it wasn't defined, we should
-     * undefine TIMES, since that tells the rest of the program how things
-     * should be handled.  -- Richard Levitte
-     */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-# undef TIMES
-#endif
-#ifndef TIMES
-# include <sys/timeb.h>
-#endif
-#if defined(sun) || defined(__ultrix)
-# define _POSIX_SOURCE
-# include <limits.h>
-# include <sys/param.h>
-#endif
-#include <openssl/blowfish.h>
-#define BF_DEFAULT_OPTIONS
-#undef BF_ENC
-#define BF_encrypt  BF_encrypt_normal
-#undef HEADER_BF_LOCL_H
-#include "bf_enc.c"
-#define BF_PTR
-#undef BF_PTR2
-#undef BF_ENC
-#undef BF_encrypt
-#define BF_encrypt  BF_encrypt_ptr
-#undef HEADER_BF_LOCL_H
-#include "bf_enc.c"
-#undef BF_PTR
-#define BF_PTR2
-#undef BF_ENC
-#undef BF_encrypt
-#define BF_encrypt  BF_encrypt_ptr2
-#undef HEADER_BF_LOCL_H
-#include "bf_enc.c"
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-# ifndef CLK_TCK
-#  ifndef _BSD_CLK_TCK_         /* FreeBSD fix */
-#   define HZ   100.0
-#  else                         /* _BSD_CLK_TCK_ */
-#   define HZ ((double)_BSD_CLK_TCK_)
-#  endif
-# else                          /* CLK_TCK */
-#  define HZ ((double)CLK_TCK)
-# endif
-#endif
-#define BUFSIZE ((long)1024)
-long run = 0;
-
-double Time_F(int s);
-#ifdef SIGALRM
-# if defined(__STDC__) || defined(sgi)
-#  define SIGRETTYPE void
-# else
-#  define SIGRETTYPE int
-# endif
-
-SIGRETTYPE sig_done(int sig);
-SIGRETTYPE sig_done(int sig)
-{
-    signal(SIGALRM, sig_done);
-    run = 0;
-# ifdef LINT
-    sig = sig;
-# endif
-}
-#endif
-
-#define START   0
-#define STOP    1
-
-double Time_F(int s)
-{
-    double ret;
-#ifdef TIMES
-    static struct tms tstart, tend;
-
-    if (s == START) {
-        times(&tstart);
-        return (0);
-    } else {
-        times(&tend);
-        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
-        return ((ret == 0.0) ? 1e-6 : ret);
-    }
-#else                           /* !times() */
-    static struct timeb tstart, tend;
-    long i;
-
-    if (s == START) {
-        ftime(&tstart);
-        return (0);
-    } else {
-        ftime(&tend);
-        i = (long)tend.millitm - (long)tstart.millitm;
-        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1000.0;
-        return ((ret == 0.0) ? 1e-6 : ret);
-    }
-#endif
-}
-
-#ifdef SIGALRM
-# define print_name(name) fprintf(stderr,"Doing %s's for 10 seconds\n",name); alarm(10);
-#else
-# define print_name(name) fprintf(stderr,"Doing %s %ld times\n",name,cb);
-#endif
-
-#define time_it(func,name,index) \
-        print_name(name); \
-        Time_F(START); \
-        for (count=0,run=1; COND(cb); count+=4) \
-                { \
-                unsigned long d[2]; \
-                func(d,&sch); \
-                func(d,&sch); \
-                func(d,&sch); \
-                func(d,&sch); \
-                } \
-        tm[index]=Time_F(STOP); \
-        fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \
-        tm[index]=((double)COUNT(cb))/tm[index];
-
-#define print_it(name,index) \
-        fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \
-                tm[index]*8,1.0e6/tm[index]);
-
-int main(int argc, char **argv)
-{
-    long count;
-    static unsigned char buf[BUFSIZE];
-    static char key[16] = { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
-        0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0
-    };
-    BF_KEY sch;
-    double d, tm[16], max = 0;
-    int rank[16];
-    char *str[16];
-    int max_idx = 0, i, num = 0, j;
-#ifndef SIGALARM
-    long ca, cb, cc, cd, ce;
-#endif
-
-    for (i = 0; i < 12; i++) {
-        tm[i] = 0.0;
-        rank[i] = 0;
-    }
-
-#ifndef TIMES
-    fprintf(stderr, "To get the most accurate results, try to run this\n");
-    fprintf(stderr, "program when this computer is idle.\n");
-#endif
-
-    BF_set_key(&sch, 16, key);
-
-#ifndef SIGALRM
-    fprintf(stderr, "First we calculate the approximate speed ...\n");
-    count = 10;
-    do {
-        long i;
-        unsigned long data[2];
-
-        count *= 2;
-        Time_F(START);
-        for (i = count; i; i--)
-            BF_encrypt(data, &sch);
-        d = Time_F(STOP);
-    } while (d < 3.0);
-    ca = count;
-    cb = count * 3;
-    cc = count * 3 * 8 / BUFSIZE + 1;
-    cd = count * 8 / BUFSIZE + 1;
-
-    ce = count / 20 + 1;
-# define COND(d) (count != (d))
-# define COUNT(d) (d)
-#else
-# define COND(c) (run)
-# define COUNT(d) (count)
-    signal(SIGALRM, sig_done);
-    alarm(10);
-#endif
-
-    time_it(BF_encrypt_normal, "BF_encrypt_normal ", 0);
-    time_it(BF_encrypt_ptr, "BF_encrypt_ptr    ", 1);
-    time_it(BF_encrypt_ptr2, "BF_encrypt_ptr2   ", 2);
-    num += 3;
-
-    str[0] = "<nothing>";
-    print_it("BF_encrypt_normal ", 0);
-    max = tm[0];
-    max_idx = 0;
-    str[1] = "ptr      ";
-    print_it("BF_encrypt_ptr ", 1);
-    if (max < tm[1]) {
-        max = tm[1];
-        max_idx = 1;
-    }
-    str[2] = "ptr2     ";
-    print_it("BF_encrypt_ptr2 ", 2);
-    if (max < tm[2]) {
-        max = tm[2];
-        max_idx = 2;
-    }
-
-    printf("options    BF ecb/s\n");
-    printf("%s %12.2f 100.0%%\n", str[max_idx], tm[max_idx]);
-    d = tm[max_idx];
-    tm[max_idx] = -2.0;
-    max = -1.0;
-    for (;;) {
-        for (i = 0; i < 3; i++) {
-            if (max < tm[i]) {
-                max = tm[i];
-                j = i;
-            }
-        }
-        if (max < 0.0)
-            break;
-        printf("%s %12.2f  %4.1f%%\n", str[j], tm[j], tm[j] / d * 100.0);
-        tm[j] = -2.0;
-        max = -1.0;
-    }
-
-    switch (max_idx) {
-    case 0:
-        printf("-DBF_DEFAULT_OPTIONS\n");
-        break;
-    case 1:
-        printf("-DBF_PTR\n");
-        break;
-    case 2:
-        printf("-DBF_PTR2\n");
-        break;
-    }
-    exit(0);
-#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
-    return (0);
-#endif
-}
diff --git a/thirdparty/openssl/crypto/bf/bf_pi.h b/thirdparty/openssl/crypto/bf/bf_pi.h
deleted file mode 100644
index 46a26739be..0000000000
--- a/thirdparty/openssl/crypto/bf/bf_pi.h
+++ /dev/null
@@ -1,579 +0,0 @@
-/* crypto/bf/bf_pi.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-static const BF_KEY bf_init = {
-    {
-     0x243f6a88L, 0x85a308d3L, 0x13198a2eL, 0x03707344L,
-     0xa4093822L, 0x299f31d0L, 0x082efa98L, 0xec4e6c89L,
-     0x452821e6L, 0x38d01377L, 0xbe5466cfL, 0x34e90c6cL,
-     0xc0ac29b7L, 0xc97c50ddL, 0x3f84d5b5L, 0xb5470917L,
-     0x9216d5d9L, 0x8979fb1b}, {
-                                0xd1310ba6L, 0x98dfb5acL, 0x2ffd72dbL,
-                                0xd01adfb7L,
-                                0xb8e1afedL, 0x6a267e96L, 0xba7c9045L,
-                                0xf12c7f99L,
-                                0x24a19947L, 0xb3916cf7L, 0x0801f2e2L,
-                                0x858efc16L,
-                                0x636920d8L, 0x71574e69L, 0xa458fea3L,
-                                0xf4933d7eL,
-                                0x0d95748fL, 0x728eb658L, 0x718bcd58L,
-                                0x82154aeeL,
-                                0x7b54a41dL, 0xc25a59b5L, 0x9c30d539L,
-                                0x2af26013L,
-                                0xc5d1b023L, 0x286085f0L, 0xca417918L,
-                                0xb8db38efL,
-                                0x8e79dcb0L, 0x603a180eL, 0x6c9e0e8bL,
-                                0xb01e8a3eL,
-                                0xd71577c1L, 0xbd314b27L, 0x78af2fdaL,
-                                0x55605c60L,
-                                0xe65525f3L, 0xaa55ab94L, 0x57489862L,
-                                0x63e81440L,
-                                0x55ca396aL, 0x2aab10b6L, 0xb4cc5c34L,
-                                0x1141e8ceL,
-                                0xa15486afL, 0x7c72e993L, 0xb3ee1411L,
-                                0x636fbc2aL,
-                                0x2ba9c55dL, 0x741831f6L, 0xce5c3e16L,
-                                0x9b87931eL,
-                                0xafd6ba33L, 0x6c24cf5cL, 0x7a325381L,
-                                0x28958677L,
-                                0x3b8f4898L, 0x6b4bb9afL, 0xc4bfe81bL,
-                                0x66282193L,
-                                0x61d809ccL, 0xfb21a991L, 0x487cac60L,
-                                0x5dec8032L,
-                                0xef845d5dL, 0xe98575b1L, 0xdc262302L,
-                                0xeb651b88L,
-                                0x23893e81L, 0xd396acc5L, 0x0f6d6ff3L,
-                                0x83f44239L,
-                                0x2e0b4482L, 0xa4842004L, 0x69c8f04aL,
-                                0x9e1f9b5eL,
-                                0x21c66842L, 0xf6e96c9aL, 0x670c9c61L,
-                                0xabd388f0L,
-                                0x6a51a0d2L, 0xd8542f68L, 0x960fa728L,
-                                0xab5133a3L,
-                                0x6eef0b6cL, 0x137a3be4L, 0xba3bf050L,
-                                0x7efb2a98L,
-                                0xa1f1651dL, 0x39af0176L, 0x66ca593eL,
-                                0x82430e88L,
-                                0x8cee8619L, 0x456f9fb4L, 0x7d84a5c3L,
-                                0x3b8b5ebeL,
-                                0xe06f75d8L, 0x85c12073L, 0x401a449fL,
-                                0x56c16aa6L,
-                                0x4ed3aa62L, 0x363f7706L, 0x1bfedf72L,
-                                0x429b023dL,
-                                0x37d0d724L, 0xd00a1248L, 0xdb0fead3L,
-                                0x49f1c09bL,
-                                0x075372c9L, 0x80991b7bL, 0x25d479d8L,
-                                0xf6e8def7L,
-                                0xe3fe501aL, 0xb6794c3bL, 0x976ce0bdL,
-                                0x04c006baL,
-                                0xc1a94fb6L, 0x409f60c4L, 0x5e5c9ec2L,
-                                0x196a2463L,
-                                0x68fb6fafL, 0x3e6c53b5L, 0x1339b2ebL,
-                                0x3b52ec6fL,
-                                0x6dfc511fL, 0x9b30952cL, 0xcc814544L,
-                                0xaf5ebd09L,
-                                0xbee3d004L, 0xde334afdL, 0x660f2807L,
-                                0x192e4bb3L,
-                                0xc0cba857L, 0x45c8740fL, 0xd20b5f39L,
-                                0xb9d3fbdbL,
-                                0x5579c0bdL, 0x1a60320aL, 0xd6a100c6L,
-                                0x402c7279L,
-                                0x679f25feL, 0xfb1fa3ccL, 0x8ea5e9f8L,
-                                0xdb3222f8L,
-                                0x3c7516dfL, 0xfd616b15L, 0x2f501ec8L,
-                                0xad0552abL,
-                                0x323db5faL, 0xfd238760L, 0x53317b48L,
-                                0x3e00df82L,
-                                0x9e5c57bbL, 0xca6f8ca0L, 0x1a87562eL,
-                                0xdf1769dbL,
-                                0xd542a8f6L, 0x287effc3L, 0xac6732c6L,
-                                0x8c4f5573L,
-                                0x695b27b0L, 0xbbca58c8L, 0xe1ffa35dL,
-                                0xb8f011a0L,
-                                0x10fa3d98L, 0xfd2183b8L, 0x4afcb56cL,
-                                0x2dd1d35bL,
-                                0x9a53e479L, 0xb6f84565L, 0xd28e49bcL,
-                                0x4bfb9790L,
-                                0xe1ddf2daL, 0xa4cb7e33L, 0x62fb1341L,
-                                0xcee4c6e8L,
-                                0xef20cadaL, 0x36774c01L, 0xd07e9efeL,
-                                0x2bf11fb4L,
-                                0x95dbda4dL, 0xae909198L, 0xeaad8e71L,
-                                0x6b93d5a0L,
-                                0xd08ed1d0L, 0xafc725e0L, 0x8e3c5b2fL,
-                                0x8e7594b7L,
-                                0x8ff6e2fbL, 0xf2122b64L, 0x8888b812L,
-                                0x900df01cL,
-                                0x4fad5ea0L, 0x688fc31cL, 0xd1cff191L,
-                                0xb3a8c1adL,
-                                0x2f2f2218L, 0xbe0e1777L, 0xea752dfeL,
-                                0x8b021fa1L,
-                                0xe5a0cc0fL, 0xb56f74e8L, 0x18acf3d6L,
-                                0xce89e299L,
-                                0xb4a84fe0L, 0xfd13e0b7L, 0x7cc43b81L,
-                                0xd2ada8d9L,
-                                0x165fa266L, 0x80957705L, 0x93cc7314L,
-                                0x211a1477L,
-                                0xe6ad2065L, 0x77b5fa86L, 0xc75442f5L,
-                                0xfb9d35cfL,
-                                0xebcdaf0cL, 0x7b3e89a0L, 0xd6411bd3L,
-                                0xae1e7e49L,
-                                0x00250e2dL, 0x2071b35eL, 0x226800bbL,
-                                0x57b8e0afL,
-                                0x2464369bL, 0xf009b91eL, 0x5563911dL,
-                                0x59dfa6aaL,
-                                0x78c14389L, 0xd95a537fL, 0x207d5ba2L,
-                                0x02e5b9c5L,
-                                0x83260376L, 0x6295cfa9L, 0x11c81968L,
-                                0x4e734a41L,
-                                0xb3472dcaL, 0x7b14a94aL, 0x1b510052L,
-                                0x9a532915L,
-                                0xd60f573fL, 0xbc9bc6e4L, 0x2b60a476L,
-                                0x81e67400L,
-                                0x08ba6fb5L, 0x571be91fL, 0xf296ec6bL,
-                                0x2a0dd915L,
-                                0xb6636521L, 0xe7b9f9b6L, 0xff34052eL,
-                                0xc5855664L,
-                                0x53b02d5dL, 0xa99f8fa1L, 0x08ba4799L,
-                                0x6e85076aL,
-                                0x4b7a70e9L, 0xb5b32944L, 0xdb75092eL,
-                                0xc4192623L,
-                                0xad6ea6b0L, 0x49a7df7dL, 0x9cee60b8L,
-                                0x8fedb266L,
-                                0xecaa8c71L, 0x699a17ffL, 0x5664526cL,
-                                0xc2b19ee1L,
-                                0x193602a5L, 0x75094c29L, 0xa0591340L,
-                                0xe4183a3eL,
-                                0x3f54989aL, 0x5b429d65L, 0x6b8fe4d6L,
-                                0x99f73fd6L,
-                                0xa1d29c07L, 0xefe830f5L, 0x4d2d38e6L,
-                                0xf0255dc1L,
-                                0x4cdd2086L, 0x8470eb26L, 0x6382e9c6L,
-                                0x021ecc5eL,
-                                0x09686b3fL, 0x3ebaefc9L, 0x3c971814L,
-                                0x6b6a70a1L,
-                                0x687f3584L, 0x52a0e286L, 0xb79c5305L,
-                                0xaa500737L,
-                                0x3e07841cL, 0x7fdeae5cL, 0x8e7d44ecL,
-                                0x5716f2b8L,
-                                0xb03ada37L, 0xf0500c0dL, 0xf01c1f04L,
-                                0x0200b3ffL,
-                                0xae0cf51aL, 0x3cb574b2L, 0x25837a58L,
-                                0xdc0921bdL,
-                                0xd19113f9L, 0x7ca92ff6L, 0x94324773L,
-                                0x22f54701L,
-                                0x3ae5e581L, 0x37c2dadcL, 0xc8b57634L,
-                                0x9af3dda7L,
-                                0xa9446146L, 0x0fd0030eL, 0xecc8c73eL,
-                                0xa4751e41L,
-                                0xe238cd99L, 0x3bea0e2fL, 0x3280bba1L,
-                                0x183eb331L,
-                                0x4e548b38L, 0x4f6db908L, 0x6f420d03L,
-                                0xf60a04bfL,
-                                0x2cb81290L, 0x24977c79L, 0x5679b072L,
-                                0xbcaf89afL,
-                                0xde9a771fL, 0xd9930810L, 0xb38bae12L,
-                                0xdccf3f2eL,
-                                0x5512721fL, 0x2e6b7124L, 0x501adde6L,
-                                0x9f84cd87L,
-                                0x7a584718L, 0x7408da17L, 0xbc9f9abcL,
-                                0xe94b7d8cL,
-                                0xec7aec3aL, 0xdb851dfaL, 0x63094366L,
-                                0xc464c3d2L,
-                                0xef1c1847L, 0x3215d908L, 0xdd433b37L,
-                                0x24c2ba16L,
-                                0x12a14d43L, 0x2a65c451L, 0x50940002L,
-                                0x133ae4ddL,
-                                0x71dff89eL, 0x10314e55L, 0x81ac77d6L,
-                                0x5f11199bL,
-                                0x043556f1L, 0xd7a3c76bL, 0x3c11183bL,
-                                0x5924a509L,
-                                0xf28fe6edL, 0x97f1fbfaL, 0x9ebabf2cL,
-                                0x1e153c6eL,
-                                0x86e34570L, 0xeae96fb1L, 0x860e5e0aL,
-                                0x5a3e2ab3L,
-                                0x771fe71cL, 0x4e3d06faL, 0x2965dcb9L,
-                                0x99e71d0fL,
-                                0x803e89d6L, 0x5266c825L, 0x2e4cc978L,
-                                0x9c10b36aL,
-                                0xc6150ebaL, 0x94e2ea78L, 0xa5fc3c53L,
-                                0x1e0a2df4L,
-                                0xf2f74ea7L, 0x361d2b3dL, 0x1939260fL,
-                                0x19c27960L,
-                                0x5223a708L, 0xf71312b6L, 0xebadfe6eL,
-                                0xeac31f66L,
-                                0xe3bc4595L, 0xa67bc883L, 0xb17f37d1L,
-                                0x018cff28L,
-                                0xc332ddefL, 0xbe6c5aa5L, 0x65582185L,
-                                0x68ab9802L,
-                                0xeecea50fL, 0xdb2f953bL, 0x2aef7dadL,
-                                0x5b6e2f84L,
-                                0x1521b628L, 0x29076170L, 0xecdd4775L,
-                                0x619f1510L,
-                                0x13cca830L, 0xeb61bd96L, 0x0334fe1eL,
-                                0xaa0363cfL,
-                                0xb5735c90L, 0x4c70a239L, 0xd59e9e0bL,
-                                0xcbaade14L,
-                                0xeecc86bcL, 0x60622ca7L, 0x9cab5cabL,
-                                0xb2f3846eL,
-                                0x648b1eafL, 0x19bdf0caL, 0xa02369b9L,
-                                0x655abb50L,
-                                0x40685a32L, 0x3c2ab4b3L, 0x319ee9d5L,
-                                0xc021b8f7L,
-                                0x9b540b19L, 0x875fa099L, 0x95f7997eL,
-                                0x623d7da8L,
-                                0xf837889aL, 0x97e32d77L, 0x11ed935fL,
-                                0x16681281L,
-                                0x0e358829L, 0xc7e61fd6L, 0x96dedfa1L,
-                                0x7858ba99L,
-                                0x57f584a5L, 0x1b227263L, 0x9b83c3ffL,
-                                0x1ac24696L,
-                                0xcdb30aebL, 0x532e3054L, 0x8fd948e4L,
-                                0x6dbc3128L,
-                                0x58ebf2efL, 0x34c6ffeaL, 0xfe28ed61L,
-                                0xee7c3c73L,
-                                0x5d4a14d9L, 0xe864b7e3L, 0x42105d14L,
-                                0x203e13e0L,
-                                0x45eee2b6L, 0xa3aaabeaL, 0xdb6c4f15L,
-                                0xfacb4fd0L,
-                                0xc742f442L, 0xef6abbb5L, 0x654f3b1dL,
-                                0x41cd2105L,
-                                0xd81e799eL, 0x86854dc7L, 0xe44b476aL,
-                                0x3d816250L,
-                                0xcf62a1f2L, 0x5b8d2646L, 0xfc8883a0L,
-                                0xc1c7b6a3L,
-                                0x7f1524c3L, 0x69cb7492L, 0x47848a0bL,
-                                0x5692b285L,
-                                0x095bbf00L, 0xad19489dL, 0x1462b174L,
-                                0x23820e00L,
-                                0x58428d2aL, 0x0c55f5eaL, 0x1dadf43eL,
-                                0x233f7061L,
-                                0x3372f092L, 0x8d937e41L, 0xd65fecf1L,
-                                0x6c223bdbL,
-                                0x7cde3759L, 0xcbee7460L, 0x4085f2a7L,
-                                0xce77326eL,
-                                0xa6078084L, 0x19f8509eL, 0xe8efd855L,
-                                0x61d99735L,
-                                0xa969a7aaL, 0xc50c06c2L, 0x5a04abfcL,
-                                0x800bcadcL,
-                                0x9e447a2eL, 0xc3453484L, 0xfdd56705L,
-                                0x0e1e9ec9L,
-                                0xdb73dbd3L, 0x105588cdL, 0x675fda79L,
-                                0xe3674340L,
-                                0xc5c43465L, 0x713e38d8L, 0x3d28f89eL,
-                                0xf16dff20L,
-                                0x153e21e7L, 0x8fb03d4aL, 0xe6e39f2bL,
-                                0xdb83adf7L,
-                                0xe93d5a68L, 0x948140f7L, 0xf64c261cL,
-                                0x94692934L,
-                                0x411520f7L, 0x7602d4f7L, 0xbcf46b2eL,
-                                0xd4a20068L,
-                                0xd4082471L, 0x3320f46aL, 0x43b7d4b7L,
-                                0x500061afL,
-                                0x1e39f62eL, 0x97244546L, 0x14214f74L,
-                                0xbf8b8840L,
-                                0x4d95fc1dL, 0x96b591afL, 0x70f4ddd3L,
-                                0x66a02f45L,
-                                0xbfbc09ecL, 0x03bd9785L, 0x7fac6dd0L,
-                                0x31cb8504L,
-                                0x96eb27b3L, 0x55fd3941L, 0xda2547e6L,
-                                0xabca0a9aL,
-                                0x28507825L, 0x530429f4L, 0x0a2c86daL,
-                                0xe9b66dfbL,
-                                0x68dc1462L, 0xd7486900L, 0x680ec0a4L,
-                                0x27a18deeL,
-                                0x4f3ffea2L, 0xe887ad8cL, 0xb58ce006L,
-                                0x7af4d6b6L,
-                                0xaace1e7cL, 0xd3375fecL, 0xce78a399L,
-                                0x406b2a42L,
-                                0x20fe9e35L, 0xd9f385b9L, 0xee39d7abL,
-                                0x3b124e8bL,
-                                0x1dc9faf7L, 0x4b6d1856L, 0x26a36631L,
-                                0xeae397b2L,
-                                0x3a6efa74L, 0xdd5b4332L, 0x6841e7f7L,
-                                0xca7820fbL,
-                                0xfb0af54eL, 0xd8feb397L, 0x454056acL,
-                                0xba489527L,
-                                0x55533a3aL, 0x20838d87L, 0xfe6ba9b7L,
-                                0xd096954bL,
-                                0x55a867bcL, 0xa1159a58L, 0xcca92963L,
-                                0x99e1db33L,
-                                0xa62a4a56L, 0x3f3125f9L, 0x5ef47e1cL,
-                                0x9029317cL,
-                                0xfdf8e802L, 0x04272f70L, 0x80bb155cL,
-                                0x05282ce3L,
-                                0x95c11548L, 0xe4c66d22L, 0x48c1133fL,
-                                0xc70f86dcL,
-                                0x07f9c9eeL, 0x41041f0fL, 0x404779a4L,
-                                0x5d886e17L,
-                                0x325f51ebL, 0xd59bc0d1L, 0xf2bcc18fL,
-                                0x41113564L,
-                                0x257b7834L, 0x602a9c60L, 0xdff8e8a3L,
-                                0x1f636c1bL,
-                                0x0e12b4c2L, 0x02e1329eL, 0xaf664fd1L,
-                                0xcad18115L,
-                                0x6b2395e0L, 0x333e92e1L, 0x3b240b62L,
-                                0xeebeb922L,
-                                0x85b2a20eL, 0xe6ba0d99L, 0xde720c8cL,
-                                0x2da2f728L,
-                                0xd0127845L, 0x95b794fdL, 0x647d0862L,
-                                0xe7ccf5f0L,
-                                0x5449a36fL, 0x877d48faL, 0xc39dfd27L,
-                                0xf33e8d1eL,
-                                0x0a476341L, 0x992eff74L, 0x3a6f6eabL,
-                                0xf4f8fd37L,
-                                0xa812dc60L, 0xa1ebddf8L, 0x991be14cL,
-                                0xdb6e6b0dL,
-                                0xc67b5510L, 0x6d672c37L, 0x2765d43bL,
-                                0xdcd0e804L,
-                                0xf1290dc7L, 0xcc00ffa3L, 0xb5390f92L,
-                                0x690fed0bL,
-                                0x667b9ffbL, 0xcedb7d9cL, 0xa091cf0bL,
-                                0xd9155ea3L,
-                                0xbb132f88L, 0x515bad24L, 0x7b9479bfL,
-                                0x763bd6ebL,
-                                0x37392eb3L, 0xcc115979L, 0x8026e297L,
-                                0xf42e312dL,
-                                0x6842ada7L, 0xc66a2b3bL, 0x12754cccL,
-                                0x782ef11cL,
-                                0x6a124237L, 0xb79251e7L, 0x06a1bbe6L,
-                                0x4bfb6350L,
-                                0x1a6b1018L, 0x11caedfaL, 0x3d25bdd8L,
-                                0xe2e1c3c9L,
-                                0x44421659L, 0x0a121386L, 0xd90cec6eL,
-                                0xd5abea2aL,
-                                0x64af674eL, 0xda86a85fL, 0xbebfe988L,
-                                0x64e4c3feL,
-                                0x9dbc8057L, 0xf0f7c086L, 0x60787bf8L,
-                                0x6003604dL,
-                                0xd1fd8346L, 0xf6381fb0L, 0x7745ae04L,
-                                0xd736fcccL,
-                                0x83426b33L, 0xf01eab71L, 0xb0804187L,
-                                0x3c005e5fL,
-                                0x77a057beL, 0xbde8ae24L, 0x55464299L,
-                                0xbf582e61L,
-                                0x4e58f48fL, 0xf2ddfda2L, 0xf474ef38L,
-                                0x8789bdc2L,
-                                0x5366f9c3L, 0xc8b38e74L, 0xb475f255L,
-                                0x46fcd9b9L,
-                                0x7aeb2661L, 0x8b1ddf84L, 0x846a0e79L,
-                                0x915f95e2L,
-                                0x466e598eL, 0x20b45770L, 0x8cd55591L,
-                                0xc902de4cL,
-                                0xb90bace1L, 0xbb8205d0L, 0x11a86248L,
-                                0x7574a99eL,
-                                0xb77f19b6L, 0xe0a9dc09L, 0x662d09a1L,
-                                0xc4324633L,
-                                0xe85a1f02L, 0x09f0be8cL, 0x4a99a025L,
-                                0x1d6efe10L,
-                                0x1ab93d1dL, 0x0ba5a4dfL, 0xa186f20fL,
-                                0x2868f169L,
-                                0xdcb7da83L, 0x573906feL, 0xa1e2ce9bL,
-                                0x4fcd7f52L,
-                                0x50115e01L, 0xa70683faL, 0xa002b5c4L,
-                                0x0de6d027L,
-                                0x9af88c27L, 0x773f8641L, 0xc3604c06L,
-                                0x61a806b5L,
-                                0xf0177a28L, 0xc0f586e0L, 0x006058aaL,
-                                0x30dc7d62L,
-                                0x11e69ed7L, 0x2338ea63L, 0x53c2dd94L,
-                                0xc2c21634L,
-                                0xbbcbee56L, 0x90bcb6deL, 0xebfc7da1L,
-                                0xce591d76L,
-                                0x6f05e409L, 0x4b7c0188L, 0x39720a3dL,
-                                0x7c927c24L,
-                                0x86e3725fL, 0x724d9db9L, 0x1ac15bb4L,
-                                0xd39eb8fcL,
-                                0xed545578L, 0x08fca5b5L, 0xd83d7cd3L,
-                                0x4dad0fc4L,
-                                0x1e50ef5eL, 0xb161e6f8L, 0xa28514d9L,
-                                0x6c51133cL,
-                                0x6fd5c7e7L, 0x56e14ec4L, 0x362abfceL,
-                                0xddc6c837L,
-                                0xd79a3234L, 0x92638212L, 0x670efa8eL,
-                                0x406000e0L,
-                                0x3a39ce37L, 0xd3faf5cfL, 0xabc27737L,
-                                0x5ac52d1bL,
-                                0x5cb0679eL, 0x4fa33742L, 0xd3822740L,
-                                0x99bc9bbeL,
-                                0xd5118e9dL, 0xbf0f7315L, 0xd62d1c7eL,
-                                0xc700c47bL,
-                                0xb78c1b6bL, 0x21a19045L, 0xb26eb1beL,
-                                0x6a366eb4L,
-                                0x5748ab2fL, 0xbc946e79L, 0xc6a376d2L,
-                                0x6549c2c8L,
-                                0x530ff8eeL, 0x468dde7dL, 0xd5730a1dL,
-                                0x4cd04dc6L,
-                                0x2939bbdbL, 0xa9ba4650L, 0xac9526e8L,
-                                0xbe5ee304L,
-                                0xa1fad5f0L, 0x6a2d519aL, 0x63ef8ce2L,
-                                0x9a86ee22L,
-                                0xc089c2b8L, 0x43242ef6L, 0xa51e03aaL,
-                                0x9cf2d0a4L,
-                                0x83c061baL, 0x9be96a4dL, 0x8fe51550L,
-                                0xba645bd6L,
-                                0x2826a2f9L, 0xa73a3ae1L, 0x4ba99586L,
-                                0xef5562e9L,
-                                0xc72fefd3L, 0xf752f7daL, 0x3f046f69L,
-                                0x77fa0a59L,
-                                0x80e4a915L, 0x87b08601L, 0x9b09e6adL,
-                                0x3b3ee593L,
-                                0xe990fd5aL, 0x9e34d797L, 0x2cf0b7d9L,
-                                0x022b8b51L,
-                                0x96d5ac3aL, 0x017da67dL, 0xd1cf3ed6L,
-                                0x7c7d2d28L,
-                                0x1f9f25cfL, 0xadf2b89bL, 0x5ad6b472L,
-                                0x5a88f54cL,
-                                0xe029ac71L, 0xe019a5e6L, 0x47b0acfdL,
-                                0xed93fa9bL,
-                                0xe8d3c48dL, 0x283b57ccL, 0xf8d56629L,
-                                0x79132e28L,
-                                0x785f0191L, 0xed756055L, 0xf7960e44L,
-                                0xe3d35e8cL,
-                                0x15056dd4L, 0x88f46dbaL, 0x03a16125L,
-                                0x0564f0bdL,
-                                0xc3eb9e15L, 0x3c9057a2L, 0x97271aecL,
-                                0xa93a072aL,
-                                0x1b3f6d9bL, 0x1e6321f5L, 0xf59c66fbL,
-                                0x26dcf319L,
-                                0x7533d928L, 0xb155fdf5L, 0x03563482L,
-                                0x8aba3cbbL,
-                                0x28517711L, 0xc20ad9f8L, 0xabcc5167L,
-                                0xccad925fL,
-                                0x4de81751L, 0x3830dc8eL, 0x379d5862L,
-                                0x9320f991L,
-                                0xea7a90c2L, 0xfb3e7bceL, 0x5121ce64L,
-                                0x774fbe32L,
-                                0xa8b6e37eL, 0xc3293d46L, 0x48de5369L,
-                                0x6413e680L,
-                                0xa2ae0810L, 0xdd6db224L, 0x69852dfdL,
-                                0x09072166L,
-                                0xb39a460aL, 0x6445c0ddL, 0x586cdecfL,
-                                0x1c20c8aeL,
-                                0x5bbef7ddL, 0x1b588d40L, 0xccd2017fL,
-                                0x6bb4e3bbL,
-                                0xdda26a7eL, 0x3a59ff45L, 0x3e350a44L,
-                                0xbcb4cdd5L,
-                                0x72eacea8L, 0xfa6484bbL, 0x8d6612aeL,
-                                0xbf3c6f47L,
-                                0xd29be463L, 0x542f5d9eL, 0xaec2771bL,
-                                0xf64e6370L,
-                                0x740e0d8dL, 0xe75b1357L, 0xf8721671L,
-                                0xaf537d5dL,
-                                0x4040cb08L, 0x4eb4e2ccL, 0x34d2466aL,
-                                0x0115af84L,
-                                0xe1b00428L, 0x95983a1dL, 0x06b89fb4L,
-                                0xce6ea048L,
-                                0x6f3f3b82L, 0x3520ab82L, 0x011a1d4bL,
-                                0x277227f8L,
-                                0x611560b1L, 0xe7933fdcL, 0xbb3a792bL,
-                                0x344525bdL,
-                                0xa08839e1L, 0x51ce794bL, 0x2f32c9b7L,
-                                0xa01fbac9L,
-                                0xe01cc87eL, 0xbcc7d1f6L, 0xcf0111c3L,
-                                0xa1e8aac7L,
-                                0x1a908749L, 0xd44fbd9aL, 0xd0dadecbL,
-                                0xd50ada38L,
-                                0x0339c32aL, 0xc6913667L, 0x8df9317cL,
-                                0xe0b12b4fL,
-                                0xf79e59b7L, 0x43f5bb3aL, 0xf2d519ffL,
-                                0x27d9459cL,
-                                0xbf97222cL, 0x15e6fc2aL, 0x0f91fc71L,
-                                0x9b941525L,
-                                0xfae59361L, 0xceb69cebL, 0xc2a86459L,
-                                0x12baa8d1L,
-                                0xb6c1075eL, 0xe3056a0cL, 0x10d25065L,
-                                0xcb03a442L,
-                                0xe0ec6e0eL, 0x1698db3bL, 0x4c98a0beL,
-                                0x3278e964L,
-                                0x9f1f9532L, 0xe0d392dfL, 0xd3a0342bL,
-                                0x8971f21eL,
-                                0x1b0a7441L, 0x4ba3348cL, 0xc5be7120L,
-                                0xc37632d8L,
-                                0xdf359f8dL, 0x9b992f2eL, 0xe60b6f47L,
-                                0x0fe3f11dL,
-                                0xe54cda54L, 0x1edad891L, 0xce6279cfL,
-                                0xcd3e7e6fL,
-                                0x1618b166L, 0xfd2c1d05L, 0x848fd2c5L,
-                                0xf6fb2299L,
-                                0xf523f357L, 0xa6327623L, 0x93a83531L,
-                                0x56cccd02L,
-                                0xacf08162L, 0x5a75ebb5L, 0x6e163697L,
-                                0x88d273ccL,
-                                0xde966292L, 0x81b949d0L, 0x4c50901bL,
-                                0x71c65614L,
-                                0xe6c6c7bdL, 0x327a140aL, 0x45e1d006L,
-                                0xc3f27b9aL,
-                                0xc9aa53fdL, 0x62a80f00L, 0xbb25bfe2L,
-                                0x35bdd2f6L,
-                                0x71126905L, 0xb2040222L, 0xb6cbcf7cL,
-                                0xcd769c2bL,
-                                0x53113ec0L, 0x1640e3d3L, 0x38abbd60L,
-                                0x2547adf0L,
-                                0xba38209cL, 0xf746ce76L, 0x77afa1c5L,
-                                0x20756060L,
-                                0x85cbfe4eL, 0x8ae88dd8L, 0x7aaaf9b0L,
-                                0x4cf9aa7eL,
-                                0x1948c25cL, 0x02fb8a8cL, 0x01c36ae4L,
-                                0xd6ebe1f9L,
-                                0x90d4f869L, 0xa65cdea0L, 0x3f09252dL,
-                                0xc208e69fL,
-                                0xb74e6132L, 0xce77e25bL, 0x578fdfe3L,
-                                0x3ac372e6L,
-                                }
-};
diff --git a/thirdparty/openssl/crypto/bf/bf_skey.c b/thirdparty/openssl/crypto/bf/bf_skey.c
deleted file mode 100644
index 2cb3c66c8f..0000000000
--- a/thirdparty/openssl/crypto/bf/bf_skey.c
+++ /dev/null
@@ -1,125 +0,0 @@
-/* crypto/bf/bf_skey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-#include "bf_pi.h"
-
-void BF_set_key(BF_KEY *key, int len, const unsigned char *data)
-#ifdef OPENSSL_FIPS
-{
-    fips_cipher_abort(BLOWFISH);
-    private_BF_set_key(key, len, data);
-}
-
-void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data)
-#endif
-{
-    int i;
-    BF_LONG *p, ri, in[2];
-    const unsigned char *d, *end;
-
-    memcpy(key, &bf_init, sizeof(BF_KEY));
-    p = key->P;
-
-    if (len > ((BF_ROUNDS + 2) * 4))
-        len = (BF_ROUNDS + 2) * 4;
-
-    d = data;
-    end = &(data[len]);
-    for (i = 0; i < (BF_ROUNDS + 2); i++) {
-        ri = *(d++);
-        if (d >= end)
-            d = data;
-
-        ri <<= 8;
-        ri |= *(d++);
-        if (d >= end)
-            d = data;
-
-        ri <<= 8;
-        ri |= *(d++);
-        if (d >= end)
-            d = data;
-
-        ri <<= 8;
-        ri |= *(d++);
-        if (d >= end)
-            d = data;
-
-        p[i] ^= ri;
-    }
-
-    in[0] = 0L;
-    in[1] = 0L;
-    for (i = 0; i < (BF_ROUNDS + 2); i += 2) {
-        BF_encrypt(in, key);
-        p[i] = in[0];
-        p[i + 1] = in[1];
-    }
-
-    p = key->S;
-    for (i = 0; i < 4 * 256; i += 2) {
-        BF_encrypt(in, key);
-        p[i] = in[0];
-        p[i + 1] = in[1];
-    }
-}
diff --git a/thirdparty/openssl/crypto/bf/bfs.cpp b/thirdparty/openssl/crypto/bf/bfs.cpp
deleted file mode 100644
index d74c457760..0000000000
--- a/thirdparty/openssl/crypto/bf/bfs.cpp
+++ /dev/null
@@ -1,67 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/blowfish.h>
-
-void main(int argc,char *argv[])
-	{
-	BF_KEY key;
-	unsigned long s1,s2,e1,e2;
-	unsigned long data[2];
-	int i,j;
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<1000; i++) /**/
-			{
-			BF_encrypt(&data[0],&key);
-			GetTSC(s1);
-			BF_encrypt(&data[0],&key);
-			BF_encrypt(&data[0],&key);
-			BF_encrypt(&data[0],&key);
-			GetTSC(e1);
-			GetTSC(s2);
-			BF_encrypt(&data[0],&key);
-			BF_encrypt(&data[0],&key);
-			BF_encrypt(&data[0],&key);
-			BF_encrypt(&data[0],&key);
-			GetTSC(e2);
-			BF_encrypt(&data[0],&key);
-			}
-
-		printf("blowfish %d %d (%d)\n",
-			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
-		}
-	}
-
diff --git a/thirdparty/openssl/crypto/bf/bfspeed.c b/thirdparty/openssl/crypto/bf/bfspeed.c
deleted file mode 100644
index 305ad8bcbe..0000000000
--- a/thirdparty/openssl/crypto/bf/bfspeed.c
+++ /dev/null
@@ -1,265 +0,0 @@
-/* crypto/bf/bfspeed.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
-/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-# define TIMES
-#endif
-
-#include <stdio.h>
-
-#include <openssl/e_os2.h>
-#include OPENSSL_UNISTD_IO
-OPENSSL_DECLARE_EXIT
-#ifndef OPENSSL_SYS_NETWARE
-# include <signal.h>
-#endif
-#ifndef _IRIX
-# include <time.h>
-#endif
-#ifdef TIMES
-# include <sys/types.h>
-# include <sys/times.h>
-#endif
-    /*
-     * Depending on the VMS version, the tms structure is perhaps defined.
-     * The __TMS macro will show if it was.  If it wasn't defined, we should
-     * undefine TIMES, since that tells the rest of the program how things
-     * should be handled.  -- Richard Levitte
-     */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-# undef TIMES
-#endif
-#ifndef TIMES
-# include <sys/timeb.h>
-#endif
-#if defined(sun) || defined(__ultrix)
-# define _POSIX_SOURCE
-# include <limits.h>
-# include <sys/param.h>
-#endif
-#include <openssl/blowfish.h>
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-# ifndef CLK_TCK
-#  define HZ      100.0
-# else                          /* CLK_TCK */
-#  define HZ ((double)CLK_TCK)
-# endif
-#endif
-#define BUFSIZE ((long)1024)
-long run = 0;
-
-double Time_F(int s);
-#ifdef SIGALRM
-# if defined(__STDC__) || defined(sgi) || defined(_AIX)
-#  define SIGRETTYPE void
-# else
-#  define SIGRETTYPE int
-# endif
-
-SIGRETTYPE sig_done(int sig);
-SIGRETTYPE sig_done(int sig)
-{
-    signal(SIGALRM, sig_done);
-    run = 0;
-# ifdef LINT
-    sig = sig;
-# endif
-}
-#endif
-
-#define START   0
-#define STOP    1
-
-double Time_F(int s)
-{
-    double ret;
-#ifdef TIMES
-    static struct tms tstart, tend;
-
-    if (s == START) {
-        times(&tstart);
-        return (0);
-    } else {
-        times(&tend);
-        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
-        return ((ret == 0.0) ? 1e-6 : ret);
-    }
-#else                           /* !times() */
-    static struct timeb tstart, tend;
-    long i;
-
-    if (s == START) {
-        ftime(&tstart);
-        return (0);
-    } else {
-        ftime(&tend);
-        i = (long)tend.millitm - (long)tstart.millitm;
-        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1e3;
-        return ((ret == 0.0) ? 1e-6 : ret);
-    }
-#endif
-}
-
-int main(int argc, char **argv)
-{
-    long count;
-    static unsigned char buf[BUFSIZE];
-    static unsigned char key[] = {
-        0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
-        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
-    };
-    BF_KEY sch;
-    double a, b, c, d;
-#ifndef SIGALRM
-    long ca, cb, cc;
-#endif
-
-#ifndef TIMES
-    printf("To get the most accurate results, try to run this\n");
-    printf("program when this computer is idle.\n");
-#endif
-
-#ifndef SIGALRM
-    printf("First we calculate the approximate speed ...\n");
-    BF_set_key(&sch, 16, key);
-    count = 10;
-    do {
-        long i;
-        BF_LONG data[2];
-
-        count *= 2;
-        Time_F(START);
-        for (i = count; i; i--)
-            BF_encrypt(data, &sch);
-        d = Time_F(STOP);
-    } while (d < 3.0);
-    ca = count / 512;
-    cb = count;
-    cc = count * 8 / BUFSIZE + 1;
-    printf("Doing BF_set_key %ld times\n", ca);
-# define COND(d) (count != (d))
-# define COUNT(d) (d)
-#else
-# define COND(c) (run)
-# define COUNT(d) (count)
-    signal(SIGALRM, sig_done);
-    printf("Doing BF_set_key for 10 seconds\n");
-    alarm(10);
-#endif
-
-    Time_F(START);
-    for (count = 0, run = 1; COND(ca); count += 4) {
-        BF_set_key(&sch, 16, key);
-        BF_set_key(&sch, 16, key);
-        BF_set_key(&sch, 16, key);
-        BF_set_key(&sch, 16, key);
-    }
-    d = Time_F(STOP);
-    printf("%ld BF_set_key's in %.2f seconds\n", count, d);
-    a = ((double)COUNT(ca)) / d;
-
-#ifdef SIGALRM
-    printf("Doing BF_encrypt's for 10 seconds\n");
-    alarm(10);
-#else
-    printf("Doing BF_encrypt %ld times\n", cb);
-#endif
-    Time_F(START);
-    for (count = 0, run = 1; COND(cb); count += 4) {
-        BF_LONG data[2];
-
-        BF_encrypt(data, &sch);
-        BF_encrypt(data, &sch);
-        BF_encrypt(data, &sch);
-        BF_encrypt(data, &sch);
-    }
-    d = Time_F(STOP);
-    printf("%ld BF_encrypt's in %.2f second\n", count, d);
-    b = ((double)COUNT(cb) * 8) / d;
-
-#ifdef SIGALRM
-    printf("Doing BF_cbc_encrypt on %ld byte blocks for 10 seconds\n",
-           BUFSIZE);
-    alarm(10);
-#else
-    printf("Doing BF_cbc_encrypt %ld times on %ld byte blocks\n", cc,
-           BUFSIZE);
-#endif
-    Time_F(START);
-    for (count = 0, run = 1; COND(cc); count++)
-        BF_cbc_encrypt(buf, buf, BUFSIZE, &sch, &(key[0]), BF_ENCRYPT);
-    d = Time_F(STOP);
-    printf("%ld BF_cbc_encrypt's of %ld byte blocks in %.2f second\n",
-           count, BUFSIZE, d);
-    c = ((double)COUNT(cc) * BUFSIZE) / d;
-
-    printf("Blowfish set_key       per sec = %12.3f (%9.3fuS)\n", a,
-           1.0e6 / a);
-    printf("Blowfish raw ecb bytes per sec = %12.3f (%9.3fuS)\n", b,
-           8.0e6 / b);
-    printf("Blowfish cbc     bytes per sec = %12.3f (%9.3fuS)\n", c,
-           8.0e6 / c);
-    exit(0);
-#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
-    return (0);
-#endif
-}
diff --git a/thirdparty/openssl/crypto/bio/b_dump.c b/thirdparty/openssl/crypto/bio/b_dump.c
deleted file mode 100644
index ccf0e287c4..0000000000
--- a/thirdparty/openssl/crypto/bio/b_dump.c
+++ /dev/null
@@ -1,208 +0,0 @@
-/* crypto/bio/b_dump.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * Stolen from tjh's ssl/ssl_trc.c stuff.
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bio_lcl.h"
-
-#define TRUNCATE
-#define DUMP_WIDTH      16
-#define DUMP_WIDTH_LESS_INDENT(i) (DUMP_WIDTH-((i-(i>6?6:i)+3)/4))
-
-int BIO_dump_cb(int (*cb) (const void *data, size_t len, void *u),
-                void *u, const char *s, int len)
-{
-    return BIO_dump_indent_cb(cb, u, s, len, 0);
-}
-
-int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
-                       void *u, const char *s, int len, int indent)
-{
-    int ret = 0;
-    char buf[288 + 1], tmp[20], str[128 + 1];
-    int i, j, rows, trc;
-    unsigned char ch;
-    int dump_width;
-
-    trc = 0;
-
-#ifdef TRUNCATE
-    for (; (len > 0) && ((s[len - 1] == ' ') || (s[len - 1] == '\0')); len--)
-        trc++;
-#endif
-
-    if (indent < 0)
-        indent = 0;
-    if (indent) {
-        if (indent > 128)
-            indent = 128;
-        memset(str, ' ', indent);
-    }
-    str[indent] = '\0';
-
-    dump_width = DUMP_WIDTH_LESS_INDENT(indent);
-    rows = (len / dump_width);
-    if ((rows * dump_width) < len)
-        rows++;
-    for (i = 0; i < rows; i++) {
-        BUF_strlcpy(buf, str, sizeof buf);
-        BIO_snprintf(tmp, sizeof tmp, "%04x - ", i * dump_width);
-        BUF_strlcat(buf, tmp, sizeof buf);
-        for (j = 0; j < dump_width; j++) {
-            if (((i * dump_width) + j) >= len) {
-                BUF_strlcat(buf, "   ", sizeof buf);
-            } else {
-                ch = ((unsigned char)*(s + i * dump_width + j)) & 0xff;
-                BIO_snprintf(tmp, sizeof tmp, "%02x%c", ch,
-                             j == 7 ? '-' : ' ');
-                BUF_strlcat(buf, tmp, sizeof buf);
-            }
-        }
-        BUF_strlcat(buf, "  ", sizeof buf);
-        for (j = 0; j < dump_width; j++) {
-            if (((i * dump_width) + j) >= len)
-                break;
-            ch = ((unsigned char)*(s + i * dump_width + j)) & 0xff;
-#ifndef CHARSET_EBCDIC
-            BIO_snprintf(tmp, sizeof tmp, "%c",
-                         ((ch >= ' ') && (ch <= '~')) ? ch : '.');
-#else
-            BIO_snprintf(tmp, sizeof tmp, "%c",
-                         ((ch >= os_toascii[' ']) && (ch <= os_toascii['~']))
-                         ? os_toebcdic[ch]
-                         : '.');
-#endif
-            BUF_strlcat(buf, tmp, sizeof buf);
-        }
-        BUF_strlcat(buf, "\n", sizeof buf);
-        /*
-         * if this is the last call then update the ddt_dump thing so that we
-         * will move the selection point in the debug window
-         */
-        ret += cb((void *)buf, strlen(buf), u);
-    }
-#ifdef TRUNCATE
-    if (trc > 0) {
-        BIO_snprintf(buf, sizeof buf, "%s%04x - <SPACES/NULS>\n", str,
-                     len + trc);
-        ret += cb((void *)buf, strlen(buf), u);
-    }
-#endif
-    return (ret);
-}
-
-#ifndef OPENSSL_NO_FP_API
-static int write_fp(const void *data, size_t len, void *fp)
-{
-    return UP_fwrite(data, len, 1, fp);
-}
-
-int BIO_dump_fp(FILE *fp, const char *s, int len)
-{
-    return BIO_dump_cb(write_fp, fp, s, len);
-}
-
-int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent)
-{
-    return BIO_dump_indent_cb(write_fp, fp, s, len, indent);
-}
-#endif
-
-static int write_bio(const void *data, size_t len, void *bp)
-{
-    return BIO_write((BIO *)bp, (const char *)data, len);
-}
-
-int BIO_dump(BIO *bp, const char *s, int len)
-{
-    return BIO_dump_cb(write_bio, bp, s, len);
-}
-
-int BIO_dump_indent(BIO *bp, const char *s, int len, int indent)
-{
-    return BIO_dump_indent_cb(write_bio, bp, s, len, indent);
-}
-
-int BIO_hex_string(BIO *out, int indent, int width, unsigned char *data,
-                   int datalen)
-{
-    int i, j = 0;
-
-    if (datalen < 1)
-        return 1;
-
-    for (i = 0; i < datalen - 1; i++) {
-        if (i && !j)
-            BIO_printf(out, "%*s", indent, "");
-
-        BIO_printf(out, "%02X:", data[i]);
-
-        j = (j + 1) % width;
-        if (!j)
-            BIO_printf(out, "\n");
-    }
-
-    if (i && !j)
-        BIO_printf(out, "%*s", indent, "");
-    BIO_printf(out, "%02X", data[datalen - 1]);
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/bio/b_print.c b/thirdparty/openssl/crypto/bio/b_print.c
deleted file mode 100644
index eb3ab75934..0000000000
--- a/thirdparty/openssl/crypto/bio/b_print.c
+++ /dev/null
@@ -1,869 +0,0 @@
-/* crypto/bio/b_print.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* disable assert() unless BIO_DEBUG has been defined */
-#ifndef BIO_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-
-/*
- * Stolen from tjh's ssl/ssl_trc.c stuff.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <ctype.h>
-#include <assert.h>
-#include <limits.h>
-#include "cryptlib.h"
-#ifndef NO_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#include <openssl/bn.h>         /* To get BN_LLONG properly defined */
-#include <openssl/bio.h>
-
-#if defined(BN_LLONG) || defined(SIXTY_FOUR_BIT)
-# ifndef HAVE_LONG_LONG
-#  define HAVE_LONG_LONG 1
-# endif
-#endif
-
-/***************************************************************************/
-
-/*
- * Copyright Patrick Powell 1995
- * This code is based on code written by Patrick Powell <papowell@astart.com>
- * It may be used for any purpose as long as this notice remains intact
- * on all source code distributions.
- */
-
-/*-
- * This code contains numerious changes and enhancements which were
- * made by lots of contributors over the last years to Patrick Powell's
- * original code:
- *
- * o Patrick Powell <papowell@astart.com>      (1995)
- * o Brandon Long <blong@fiction.net>          (1996, for Mutt)
- * o Thomas Roessler <roessler@guug.de>        (1998, for Mutt)
- * o Michael Elkins <me@cs.hmc.edu>            (1998, for Mutt)
- * o Andrew Tridgell <tridge@samba.org>        (1998, for Samba)
- * o Luke Mewburn <lukem@netbsd.org>           (1999, for LukemFTP)
- * o Ralf S. Engelschall <rse@engelschall.com> (1999, for Pth)
- * o ...                                       (for OpenSSL)
- */
-
-#ifdef HAVE_LONG_DOUBLE
-# define LDOUBLE long double
-#else
-# define LDOUBLE double
-#endif
-
-#ifdef HAVE_LONG_LONG
-# if defined(_WIN32) && !defined(__GNUC__)
-#  define LLONG __int64
-# else
-#  define LLONG long long
-# endif
-#else
-# define LLONG long
-#endif
-
-static int fmtstr(char **, char **, size_t *, size_t *,
-                  const char *, int, int, int);
-static int fmtint(char **, char **, size_t *, size_t *,
-                  LLONG, int, int, int, int);
-static int fmtfp(char **, char **, size_t *, size_t *,
-                 LDOUBLE, int, int, int);
-static int doapr_outch(char **, char **, size_t *, size_t *, int);
-static int _dopr(char **sbuffer, char **buffer,
-                 size_t *maxlen, size_t *retlen, int *truncated,
-                 const char *format, va_list args);
-
-/* format read states */
-#define DP_S_DEFAULT    0
-#define DP_S_FLAGS      1
-#define DP_S_MIN        2
-#define DP_S_DOT        3
-#define DP_S_MAX        4
-#define DP_S_MOD        5
-#define DP_S_CONV       6
-#define DP_S_DONE       7
-
-/* format flags - Bits */
-#define DP_F_MINUS      (1 << 0)
-#define DP_F_PLUS       (1 << 1)
-#define DP_F_SPACE      (1 << 2)
-#define DP_F_NUM        (1 << 3)
-#define DP_F_ZERO       (1 << 4)
-#define DP_F_UP         (1 << 5)
-#define DP_F_UNSIGNED   (1 << 6)
-
-/* conversion flags */
-#define DP_C_SHORT      1
-#define DP_C_LONG       2
-#define DP_C_LDOUBLE    3
-#define DP_C_LLONG      4
-
-/* some handy macros */
-#define char_to_int(p) (p - '0')
-#define OSSL_MAX(p,q) ((p >= q) ? p : q)
-
-static int
-_dopr(char **sbuffer,
-      char **buffer,
-      size_t *maxlen,
-      size_t *retlen, int *truncated, const char *format, va_list args)
-{
-    char ch;
-    LLONG value;
-    LDOUBLE fvalue;
-    char *strvalue;
-    int min;
-    int max;
-    int state;
-    int flags;
-    int cflags;
-    size_t currlen;
-
-    state = DP_S_DEFAULT;
-    flags = currlen = cflags = min = 0;
-    max = -1;
-    ch = *format++;
-
-    while (state != DP_S_DONE) {
-        if (ch == '\0' || (buffer == NULL && currlen >= *maxlen))
-            state = DP_S_DONE;
-
-        switch (state) {
-        case DP_S_DEFAULT:
-            if (ch == '%')
-                state = DP_S_FLAGS;
-            else
-                if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, ch))
-                    return 0;
-            ch = *format++;
-            break;
-        case DP_S_FLAGS:
-            switch (ch) {
-            case '-':
-                flags |= DP_F_MINUS;
-                ch = *format++;
-                break;
-            case '+':
-                flags |= DP_F_PLUS;
-                ch = *format++;
-                break;
-            case ' ':
-                flags |= DP_F_SPACE;
-                ch = *format++;
-                break;
-            case '#':
-                flags |= DP_F_NUM;
-                ch = *format++;
-                break;
-            case '0':
-                flags |= DP_F_ZERO;
-                ch = *format++;
-                break;
-            default:
-                state = DP_S_MIN;
-                break;
-            }
-            break;
-        case DP_S_MIN:
-            if (isdigit((unsigned char)ch)) {
-                min = 10 * min + char_to_int(ch);
-                ch = *format++;
-            } else if (ch == '*') {
-                min = va_arg(args, int);
-                ch = *format++;
-                state = DP_S_DOT;
-            } else
-                state = DP_S_DOT;
-            break;
-        case DP_S_DOT:
-            if (ch == '.') {
-                state = DP_S_MAX;
-                ch = *format++;
-            } else
-                state = DP_S_MOD;
-            break;
-        case DP_S_MAX:
-            if (isdigit((unsigned char)ch)) {
-                if (max < 0)
-                    max = 0;
-                max = 10 * max + char_to_int(ch);
-                ch = *format++;
-            } else if (ch == '*') {
-                max = va_arg(args, int);
-                ch = *format++;
-                state = DP_S_MOD;
-            } else
-                state = DP_S_MOD;
-            break;
-        case DP_S_MOD:
-            switch (ch) {
-            case 'h':
-                cflags = DP_C_SHORT;
-                ch = *format++;
-                break;
-            case 'l':
-                if (*format == 'l') {
-                    cflags = DP_C_LLONG;
-                    format++;
-                } else
-                    cflags = DP_C_LONG;
-                ch = *format++;
-                break;
-            case 'q':
-                cflags = DP_C_LLONG;
-                ch = *format++;
-                break;
-            case 'L':
-                cflags = DP_C_LDOUBLE;
-                ch = *format++;
-                break;
-            default:
-                break;
-            }
-            state = DP_S_CONV;
-            break;
-        case DP_S_CONV:
-            switch (ch) {
-            case 'd':
-            case 'i':
-                switch (cflags) {
-                case DP_C_SHORT:
-                    value = (short int)va_arg(args, int);
-                    break;
-                case DP_C_LONG:
-                    value = va_arg(args, long int);
-                    break;
-                case DP_C_LLONG:
-                    value = va_arg(args, LLONG);
-                    break;
-                default:
-                    value = va_arg(args, int);
-                    break;
-                }
-                if (!fmtint(sbuffer, buffer, &currlen, maxlen, value, 10, min,
-                            max, flags))
-                    return 0;
-                break;
-            case 'X':
-                flags |= DP_F_UP;
-                /* FALLTHROUGH */
-            case 'x':
-            case 'o':
-            case 'u':
-                flags |= DP_F_UNSIGNED;
-                switch (cflags) {
-                case DP_C_SHORT:
-                    value = (unsigned short int)va_arg(args, unsigned int);
-                    break;
-                case DP_C_LONG:
-                    value = (LLONG) va_arg(args, unsigned long int);
-                    break;
-                case DP_C_LLONG:
-                    value = va_arg(args, unsigned LLONG);
-                    break;
-                default:
-                    value = (LLONG) va_arg(args, unsigned int);
-                    break;
-                }
-                if (!fmtint(sbuffer, buffer, &currlen, maxlen, value,
-                            ch == 'o' ? 8 : (ch == 'u' ? 10 : 16),
-                            min, max, flags))
-                    return 0;
-                break;
-            case 'f':
-                if (cflags == DP_C_LDOUBLE)
-                    fvalue = va_arg(args, LDOUBLE);
-                else
-                    fvalue = va_arg(args, double);
-                if (!fmtfp(sbuffer, buffer, &currlen, maxlen, fvalue, min, max,
-                           flags))
-                    return 0;
-                break;
-            case 'E':
-                flags |= DP_F_UP;
-            case 'e':
-                if (cflags == DP_C_LDOUBLE)
-                    fvalue = va_arg(args, LDOUBLE);
-                else
-                    fvalue = va_arg(args, double);
-                break;
-            case 'G':
-                flags |= DP_F_UP;
-            case 'g':
-                if (cflags == DP_C_LDOUBLE)
-                    fvalue = va_arg(args, LDOUBLE);
-                else
-                    fvalue = va_arg(args, double);
-                break;
-            case 'c':
-                if(!doapr_outch(sbuffer, buffer, &currlen, maxlen,
-                            va_arg(args, int)))
-                    return 0;
-                break;
-            case 's':
-                strvalue = va_arg(args, char *);
-                if (max < 0) {
-                    if (buffer)
-                        max = INT_MAX;
-                    else
-                        max = *maxlen;
-                }
-                if (!fmtstr(sbuffer, buffer, &currlen, maxlen, strvalue,
-                            flags, min, max))
-                    return 0;
-                break;
-            case 'p':
-                value = (long)va_arg(args, void *);
-                if (!fmtint(sbuffer, buffer, &currlen, maxlen,
-                            value, 16, min, max, flags | DP_F_NUM))
-                    return 0;
-                break;
-            case 'n':          /* XXX */
-                if (cflags == DP_C_SHORT) {
-                    short int *num;
-                    num = va_arg(args, short int *);
-                    *num = currlen;
-                } else if (cflags == DP_C_LONG) { /* XXX */
-                    long int *num;
-                    num = va_arg(args, long int *);
-                    *num = (long int)currlen;
-                } else if (cflags == DP_C_LLONG) { /* XXX */
-                    LLONG *num;
-                    num = va_arg(args, LLONG *);
-                    *num = (LLONG) currlen;
-                } else {
-                    int *num;
-                    num = va_arg(args, int *);
-                    *num = currlen;
-                }
-                break;
-            case '%':
-                if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, ch))
-                    return 0;
-                break;
-            case 'w':
-                /* not supported yet, treat as next char */
-                ch = *format++;
-                break;
-            default:
-                /* unknown, skip */
-                break;
-            }
-            ch = *format++;
-            state = DP_S_DEFAULT;
-            flags = cflags = min = 0;
-            max = -1;
-            break;
-        case DP_S_DONE:
-            break;
-        default:
-            break;
-        }
-    }
-    /*
-     * We have to truncate if there is no dynamic buffer and we have filled the
-     * static buffer.
-     */
-    if (buffer == NULL) {
-        *truncated = (currlen > *maxlen - 1);
-        if (*truncated)
-            currlen = *maxlen - 1;
-    }
-    if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0'))
-        return 0;
-    *retlen = currlen - 1;
-    return 1;
-}
-
-static int
-fmtstr(char **sbuffer,
-       char **buffer,
-       size_t *currlen,
-       size_t *maxlen, const char *value, int flags, int min, int max)
-{
-    int padlen;
-    size_t strln;
-    int cnt = 0;
-
-    if (value == 0)
-        value = "<NULL>";
-
-    strln = strlen(value);
-    if (strln > INT_MAX)
-        strln = INT_MAX;
-
-    padlen = min - strln;
-    if (min < 0 || padlen < 0)
-        padlen = 0;
-    if (flags & DP_F_MINUS)
-        padlen = -padlen;
-
-    while ((padlen > 0) && (cnt < max)) {
-        if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
-            return 0;
-        --padlen;
-        ++cnt;
-    }
-    while (*value && (cnt < max)) {
-        if(!doapr_outch(sbuffer, buffer, currlen, maxlen, *value++))
-            return 0;
-        ++cnt;
-    }
-    while ((padlen < 0) && (cnt < max)) {
-        if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
-            return 0;
-        ++padlen;
-        ++cnt;
-    }
-    return 1;
-}
-
-static int
-fmtint(char **sbuffer,
-       char **buffer,
-       size_t *currlen,
-       size_t *maxlen, LLONG value, int base, int min, int max, int flags)
-{
-    int signvalue = 0;
-    const char *prefix = "";
-    unsigned LLONG uvalue;
-    char convert[DECIMAL_SIZE(value) + 3];
-    int place = 0;
-    int spadlen = 0;
-    int zpadlen = 0;
-    int caps = 0;
-
-    if (max < 0)
-        max = 0;
-    uvalue = value;
-    if (!(flags & DP_F_UNSIGNED)) {
-        if (value < 0) {
-            signvalue = '-';
-            uvalue = -(unsigned LLONG)value;
-        } else if (flags & DP_F_PLUS)
-            signvalue = '+';
-        else if (flags & DP_F_SPACE)
-            signvalue = ' ';
-    }
-    if (flags & DP_F_NUM) {
-        if (base == 8)
-            prefix = "0";
-        if (base == 16)
-            prefix = "0x";
-    }
-    if (flags & DP_F_UP)
-        caps = 1;
-    do {
-        convert[place++] = (caps ? "0123456789ABCDEF" : "0123456789abcdef")
-            [uvalue % (unsigned)base];
-        uvalue = (uvalue / (unsigned)base);
-    } while (uvalue && (place < (int)sizeof(convert)));
-    if (place == sizeof(convert))
-        place--;
-    convert[place] = 0;
-
-    zpadlen = max - place;
-    spadlen =
-        min - OSSL_MAX(max, place) - (signvalue ? 1 : 0) - strlen(prefix);
-    if (zpadlen < 0)
-        zpadlen = 0;
-    if (spadlen < 0)
-        spadlen = 0;
-    if (flags & DP_F_ZERO) {
-        zpadlen = OSSL_MAX(zpadlen, spadlen);
-        spadlen = 0;
-    }
-    if (flags & DP_F_MINUS)
-        spadlen = -spadlen;
-
-    /* spaces */
-    while (spadlen > 0) {
-        if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
-            return 0;
-        --spadlen;
-    }
-
-    /* sign */
-    if (signvalue)
-        if(!doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
-            return 0;
-
-    /* prefix */
-    while (*prefix) {
-        if(!doapr_outch(sbuffer, buffer, currlen, maxlen, *prefix))
-            return 0;
-        prefix++;
-    }
-
-    /* zeros */
-    if (zpadlen > 0) {
-        while (zpadlen > 0) {
-            if(!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
-                return 0;
-            --zpadlen;
-        }
-    }
-    /* digits */
-    while (place > 0) {
-        if (!doapr_outch(sbuffer, buffer, currlen, maxlen, convert[--place]))
-            return 0;
-    }
-
-    /* left justified spaces */
-    while (spadlen < 0) {
-        if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
-            return 0;
-        ++spadlen;
-    }
-    return 1;
-}
-
-static LDOUBLE abs_val(LDOUBLE value)
-{
-    LDOUBLE result = value;
-    if (value < 0)
-        result = -value;
-    return result;
-}
-
-static LDOUBLE pow_10(int in_exp)
-{
-    LDOUBLE result = 1;
-    while (in_exp) {
-        result *= 10;
-        in_exp--;
-    }
-    return result;
-}
-
-static long roundv(LDOUBLE value)
-{
-    long intpart;
-    intpart = (long)value;
-    value = value - intpart;
-    if (value >= 0.5)
-        intpart++;
-    return intpart;
-}
-
-static int
-fmtfp(char **sbuffer,
-      char **buffer,
-      size_t *currlen,
-      size_t *maxlen, LDOUBLE fvalue, int min, int max, int flags)
-{
-    int signvalue = 0;
-    LDOUBLE ufvalue;
-    char iconvert[20];
-    char fconvert[20];
-    int iplace = 0;
-    int fplace = 0;
-    int padlen = 0;
-    int zpadlen = 0;
-    long intpart;
-    long fracpart;
-    long max10;
-
-    if (max < 0)
-        max = 6;
-    ufvalue = abs_val(fvalue);
-    if (fvalue < 0)
-        signvalue = '-';
-    else if (flags & DP_F_PLUS)
-        signvalue = '+';
-    else if (flags & DP_F_SPACE)
-        signvalue = ' ';
-
-    intpart = (long)ufvalue;
-
-    /*
-     * sorry, we only support 9 digits past the decimal because of our
-     * conversion method
-     */
-    if (max > 9)
-        max = 9;
-
-    /*
-     * we "cheat" by converting the fractional part to integer by multiplying
-     * by a factor of 10
-     */
-    max10 = roundv(pow_10(max));
-    fracpart = roundv(pow_10(max) * (ufvalue - intpart));
-
-    if (fracpart >= max10) {
-        intpart++;
-        fracpart -= max10;
-    }
-
-    /* convert integer part */
-    do {
-        iconvert[iplace++] = "0123456789"[intpart % 10];
-        intpart = (intpart / 10);
-    } while (intpart && (iplace < (int)sizeof(iconvert)));
-    if (iplace == sizeof iconvert)
-        iplace--;
-    iconvert[iplace] = 0;
-
-    /* convert fractional part */
-    do {
-        fconvert[fplace++] = "0123456789"[fracpart % 10];
-        fracpart = (fracpart / 10);
-    } while (fplace < max);
-    if (fplace == sizeof fconvert)
-        fplace--;
-    fconvert[fplace] = 0;
-
-    /* -1 for decimal point, another -1 if we are printing a sign */
-    padlen = min - iplace - max - 1 - ((signvalue) ? 1 : 0);
-    zpadlen = max - fplace;
-    if (zpadlen < 0)
-        zpadlen = 0;
-    if (padlen < 0)
-        padlen = 0;
-    if (flags & DP_F_MINUS)
-        padlen = -padlen;
-
-    if ((flags & DP_F_ZERO) && (padlen > 0)) {
-        if (signvalue) {
-            if (!doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
-                return 0;
-            --padlen;
-            signvalue = 0;
-        }
-        while (padlen > 0) {
-            if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
-                return 0;
-            --padlen;
-        }
-    }
-    while (padlen > 0) {
-        if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
-            return 0;
-        --padlen;
-    }
-    if (signvalue && !doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
-        return 0;
-
-    while (iplace > 0) {
-        if (!doapr_outch(sbuffer, buffer, currlen, maxlen, iconvert[--iplace]))
-            return 0;
-    }
-
-    /*
-     * Decimal point. This should probably use locale to find the correct
-     * char to print out.
-     */
-    if (max > 0 || (flags & DP_F_NUM)) {
-        if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '.'))
-            return 0;
-
-        while (fplace > 0) {
-            if(!doapr_outch(sbuffer, buffer, currlen, maxlen,
-                            fconvert[--fplace]))
-                return 0;
-        }
-    }
-    while (zpadlen > 0) {
-        if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
-            return 0;
-        --zpadlen;
-    }
-
-    while (padlen < 0) {
-        if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
-            return 0;
-        ++padlen;
-    }
-    return 1;
-}
-
-#define BUFFER_INC  1024
-
-static int
-doapr_outch(char **sbuffer,
-            char **buffer, size_t *currlen, size_t *maxlen, int c)
-{
-    /* If we haven't at least one buffer, someone has doe a big booboo */
-    assert(*sbuffer != NULL || buffer != NULL);
-
-    /* |currlen| must always be <= |*maxlen| */
-    assert(*currlen <= *maxlen);
-
-    if (buffer && *currlen == *maxlen) {
-        if (*maxlen > INT_MAX - BUFFER_INC)
-            return 0;
-
-        *maxlen += BUFFER_INC;
-        if (*buffer == NULL) {
-            *buffer = OPENSSL_malloc(*maxlen);
-            if (*buffer == NULL)
-                return 0;
-            if (*currlen > 0) {
-                assert(*sbuffer != NULL);
-                memcpy(*buffer, *sbuffer, *currlen);
-            }
-            *sbuffer = NULL;
-        } else {
-            char *tmpbuf;
-            tmpbuf = OPENSSL_realloc(*buffer, *maxlen);
-            if (tmpbuf == NULL)
-                return 0;
-            *buffer = tmpbuf;
-        }
-    }
-
-    if (*currlen < *maxlen) {
-        if (*sbuffer)
-            (*sbuffer)[(*currlen)++] = (char)c;
-        else
-            (*buffer)[(*currlen)++] = (char)c;
-    }
-
-    return 1;
-}
-
-/***************************************************************************/
-
-int BIO_printf(BIO *bio, const char *format, ...)
-{
-    va_list args;
-    int ret;
-
-    va_start(args, format);
-
-    ret = BIO_vprintf(bio, format, args);
-
-    va_end(args);
-    return (ret);
-}
-
-int BIO_vprintf(BIO *bio, const char *format, va_list args)
-{
-    int ret;
-    size_t retlen;
-    char hugebuf[1024 * 2];     /* Was previously 10k, which is unreasonable
-                                 * in small-stack environments, like threads
-                                 * or DOS programs. */
-    char *hugebufp = hugebuf;
-    size_t hugebufsize = sizeof(hugebuf);
-    char *dynbuf = NULL;
-    int ignored;
-
-    dynbuf = NULL;
-    CRYPTO_push_info("doapr()");
-    if (!_dopr(&hugebufp, &dynbuf, &hugebufsize, &retlen, &ignored, format,
-                args)) {
-        OPENSSL_free(dynbuf);
-        return -1;
-    }
-    if (dynbuf) {
-        ret = BIO_write(bio, dynbuf, (int)retlen);
-        OPENSSL_free(dynbuf);
-    } else {
-        ret = BIO_write(bio, hugebuf, (int)retlen);
-    }
-    CRYPTO_pop_info();
-    return (ret);
-}
-
-/*
- * As snprintf is not available everywhere, we provide our own
- * implementation. This function has nothing to do with BIOs, but it's
- * closely related to BIO_printf, and we need *some* name prefix ... (XXX the
- * function should be renamed, but to what?)
- */
-int BIO_snprintf(char *buf, size_t n, const char *format, ...)
-{
-    va_list args;
-    int ret;
-
-    va_start(args, format);
-
-    ret = BIO_vsnprintf(buf, n, format, args);
-
-    va_end(args);
-    return (ret);
-}
-
-int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
-{
-    size_t retlen;
-    int truncated;
-
-    if(!_dopr(&buf, NULL, &n, &retlen, &truncated, format, args))
-        return -1;
-
-    if (truncated)
-        /*
-         * In case of truncation, return -1 like traditional snprintf.
-         * (Current drafts for ISO/IEC 9899 say snprintf should return the
-         * number of characters that would have been written, had the buffer
-         * been large enough.)
-         */
-        return -1;
-    else
-        return (retlen <= INT_MAX) ? (int)retlen : -1;
-}
diff --git a/thirdparty/openssl/crypto/bio/b_sock.c b/thirdparty/openssl/crypto/bio/b_sock.c
deleted file mode 100644
index 5bad0a2bad..0000000000
--- a/thirdparty/openssl/crypto/bio/b_sock.c
+++ /dev/null
@@ -1,962 +0,0 @@
-/* crypto/bio/b_sock.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include "cryptlib.h"
-#include <openssl/bio.h>
-#if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_BSDSOCK)
-# include <netdb.h>
-# if defined(NETWARE_CLIB)
-#  include <sys/ioctl.h>
-NETDB_DEFINE_CONTEXT
-# endif
-#endif
-#ifndef OPENSSL_NO_SOCK
-# include <openssl/dso.h>
-# define SOCKET_PROTOCOL IPPROTO_TCP
-# ifdef SO_MAXCONN
-#  define MAX_LISTEN  SO_MAXCONN
-# elif defined(SOMAXCONN)
-#  define MAX_LISTEN  SOMAXCONN
-# else
-#  define MAX_LISTEN  32
-# endif
-# if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
-static int wsa_init_done = 0;
-# endif
-
-/*
- * WSAAPI specifier is required to make indirect calls to run-time
- * linked WinSock 2 functions used in this module, to be specific
- * [get|free]addrinfo and getnameinfo. This is because WinSock uses
- * uses non-C calling convention, __stdcall vs. __cdecl, on x86
- * Windows. On non-WinSock platforms WSAAPI needs to be void.
- */
-# ifndef WSAAPI
-#  define WSAAPI
-# endif
-
-# if 0
-static unsigned long BIO_ghbn_hits = 0L;
-static unsigned long BIO_ghbn_miss = 0L;
-
-#  define GHBN_NUM        4
-static struct ghbn_cache_st {
-    char name[129];
-    struct hostent *ent;
-    unsigned long order;
-} ghbn_cache[GHBN_NUM];
-# endif
-
-static int get_ip(const char *str, unsigned char *ip);
-# if 0
-static void ghbn_free(struct hostent *a);
-static struct hostent *ghbn_dup(struct hostent *a);
-# endif
-int BIO_get_host_ip(const char *str, unsigned char *ip)
-{
-    int i;
-    int err = 1;
-    int locked = 0;
-    struct hostent *he;
-
-    i = get_ip(str, ip);
-    if (i < 0) {
-        BIOerr(BIO_F_BIO_GET_HOST_IP, BIO_R_INVALID_IP_ADDRESS);
-        goto err;
-    }
-
-    /*
-     * At this point, we have something that is most probably correct in some
-     * way, so let's init the socket.
-     */
-    if (BIO_sock_init() != 1)
-        return 0;               /* don't generate another error code here */
-
-    /*
-     * If the string actually contained an IP address, we need not do
-     * anything more
-     */
-    if (i > 0)
-        return (1);
-
-    /* do a gethostbyname */
-    CRYPTO_w_lock(CRYPTO_LOCK_GETHOSTBYNAME);
-    locked = 1;
-    he = BIO_gethostbyname(str);
-    if (he == NULL) {
-        BIOerr(BIO_F_BIO_GET_HOST_IP, BIO_R_BAD_HOSTNAME_LOOKUP);
-        goto err;
-    }
-
-    /* cast to short because of win16 winsock definition */
-    if ((short)he->h_addrtype != AF_INET) {
-        BIOerr(BIO_F_BIO_GET_HOST_IP,
-               BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET);
-        goto err;
-    }
-    for (i = 0; i < 4; i++)
-        ip[i] = he->h_addr_list[0][i];
-    err = 0;
-
- err:
-    if (locked)
-        CRYPTO_w_unlock(CRYPTO_LOCK_GETHOSTBYNAME);
-    if (err) {
-        ERR_add_error_data(2, "host=", str);
-        return 0;
-    } else
-        return 1;
-}
-
-int BIO_get_port(const char *str, unsigned short *port_ptr)
-{
-    int i;
-    struct servent *s;
-
-    if (str == NULL) {
-        BIOerr(BIO_F_BIO_GET_PORT, BIO_R_NO_PORT_DEFINED);
-        return (0);
-    }
-    i = atoi(str);
-    if (i != 0)
-        *port_ptr = (unsigned short)i;
-    else {
-        CRYPTO_w_lock(CRYPTO_LOCK_GETSERVBYNAME);
-        /*
-         * Note: under VMS with SOCKETSHR, it seems like the first parameter
-         * is 'char *', instead of 'const char *'
-         */
-# ifndef CONST_STRICT
-        s = getservbyname((char *)str, "tcp");
-# else
-        s = getservbyname(str, "tcp");
-# endif
-        if (s != NULL)
-            *port_ptr = ntohs((unsigned short)s->s_port);
-        CRYPTO_w_unlock(CRYPTO_LOCK_GETSERVBYNAME);
-        if (s == NULL) {
-            if (strcmp(str, "http") == 0)
-                *port_ptr = 80;
-            else if (strcmp(str, "telnet") == 0)
-                *port_ptr = 23;
-            else if (strcmp(str, "socks") == 0)
-                *port_ptr = 1080;
-            else if (strcmp(str, "https") == 0)
-                *port_ptr = 443;
-            else if (strcmp(str, "ssl") == 0)
-                *port_ptr = 443;
-            else if (strcmp(str, "ftp") == 0)
-                *port_ptr = 21;
-            else if (strcmp(str, "gopher") == 0)
-                *port_ptr = 70;
-# if 0
-            else if (strcmp(str, "wais") == 0)
-                *port_ptr = 21;
-# endif
-            else {
-                SYSerr(SYS_F_GETSERVBYNAME, get_last_socket_error());
-                ERR_add_error_data(3, "service='", str, "'");
-                return (0);
-            }
-        }
-    }
-    return (1);
-}
-
-int BIO_sock_error(int sock)
-{
-    int j, i;
-    union {
-        size_t s;
-        int i;
-    } size;
-
-# if defined(OPENSSL_SYS_BEOS_R5)
-    return 0;
-# endif
-
-    /* heuristic way to adapt for platforms that expect 64-bit optlen */
-    size.s = 0, size.i = sizeof(j);
-    /*
-     * Note: under Windows the third parameter is of type (char *) whereas
-     * under other systems it is (void *) if you don't have a cast it will
-     * choke the compiler: if you do have a cast then you can either go for
-     * (char *) or (void *).
-     */
-    i = getsockopt(sock, SOL_SOCKET, SO_ERROR, (void *)&j, (void *)&size);
-    if (i < 0)
-        return (1);
-    else
-        return (j);
-}
-
-# if 0
-long BIO_ghbn_ctrl(int cmd, int iarg, char *parg)
-{
-    int i;
-    char **p;
-
-    switch (cmd) {
-    case BIO_GHBN_CTRL_HITS:
-        return (BIO_ghbn_hits);
-        /* break; */
-    case BIO_GHBN_CTRL_MISSES:
-        return (BIO_ghbn_miss);
-        /* break; */
-    case BIO_GHBN_CTRL_CACHE_SIZE:
-        return (GHBN_NUM);
-        /* break; */
-    case BIO_GHBN_CTRL_GET_ENTRY:
-        if ((iarg >= 0) && (iarg < GHBN_NUM) && (ghbn_cache[iarg].order > 0)) {
-            p = (char **)parg;
-            if (p == NULL)
-                return (0);
-            *p = ghbn_cache[iarg].name;
-            ghbn_cache[iarg].name[128] = '\0';
-            return (1);
-        }
-        return (0);
-        /* break; */
-    case BIO_GHBN_CTRL_FLUSH:
-        for (i = 0; i < GHBN_NUM; i++)
-            ghbn_cache[i].order = 0;
-        break;
-    default:
-        return (0);
-    }
-    return (1);
-}
-# endif
-
-# if 0
-static struct hostent *ghbn_dup(struct hostent *a)
-{
-    struct hostent *ret;
-    int i, j;
-
-    MemCheck_off();
-    ret = (struct hostent *)OPENSSL_malloc(sizeof(struct hostent));
-    if (ret == NULL)
-        return (NULL);
-    memset(ret, 0, sizeof(struct hostent));
-
-    for (i = 0; a->h_aliases[i] != NULL; i++) ;
-    i++;
-    ret->h_aliases = (char **)OPENSSL_malloc(i * sizeof(char *));
-    if (ret->h_aliases == NULL)
-        goto err;
-    memset(ret->h_aliases, 0, i * sizeof(char *));
-
-    for (i = 0; a->h_addr_list[i] != NULL; i++) ;
-    i++;
-    ret->h_addr_list = (char **)OPENSSL_malloc(i * sizeof(char *));
-    if (ret->h_addr_list == NULL)
-        goto err;
-    memset(ret->h_addr_list, 0, i * sizeof(char *));
-
-    j = strlen(a->h_name) + 1;
-    if ((ret->h_name = OPENSSL_malloc(j)) == NULL)
-        goto err;
-    memcpy((char *)ret->h_name, a->h_name, j);
-    for (i = 0; a->h_aliases[i] != NULL; i++) {
-        j = strlen(a->h_aliases[i]) + 1;
-        if ((ret->h_aliases[i] = OPENSSL_malloc(j)) == NULL)
-            goto err;
-        memcpy(ret->h_aliases[i], a->h_aliases[i], j);
-    }
-    ret->h_length = a->h_length;
-    ret->h_addrtype = a->h_addrtype;
-    for (i = 0; a->h_addr_list[i] != NULL; i++) {
-        if ((ret->h_addr_list[i] = OPENSSL_malloc(a->h_length)) == NULL)
-            goto err;
-        memcpy(ret->h_addr_list[i], a->h_addr_list[i], a->h_length);
-    }
-    if (0) {
- err:
-        if (ret != NULL)
-            ghbn_free(ret);
-        ret = NULL;
-    }
-    MemCheck_on();
-    return (ret);
-}
-
-static void ghbn_free(struct hostent *a)
-{
-    int i;
-
-    if (a == NULL)
-        return;
-
-    if (a->h_aliases != NULL) {
-        for (i = 0; a->h_aliases[i] != NULL; i++)
-            OPENSSL_free(a->h_aliases[i]);
-        OPENSSL_free(a->h_aliases);
-    }
-    if (a->h_addr_list != NULL) {
-        for (i = 0; a->h_addr_list[i] != NULL; i++)
-            OPENSSL_free(a->h_addr_list[i]);
-        OPENSSL_free(a->h_addr_list);
-    }
-    if (a->h_name != NULL)
-        OPENSSL_free(a->h_name);
-    OPENSSL_free(a);
-}
-
-# endif
-
-struct hostent *BIO_gethostbyname(const char *name)
-{
-# if 1
-    /*
-     * Caching gethostbyname() results forever is wrong, so we have to let
-     * the true gethostbyname() worry about this
-     */
-#  if (defined(NETWARE_BSDSOCK) && !defined(__NOVELL_LIBC__))
-    return gethostbyname((char *)name);
-#  else
-    return gethostbyname(name);
-#  endif
-# else
-    struct hostent *ret;
-    int i, lowi = 0, j;
-    unsigned long low = (unsigned long)-1;
-
-#  if 0
-    /*
-     * It doesn't make sense to use locking here: The function interface is
-     * not thread-safe, because threads can never be sure when some other
-     * thread destroys the data they were given a pointer to.
-     */
-    CRYPTO_w_lock(CRYPTO_LOCK_GETHOSTBYNAME);
-#  endif
-    j = strlen(name);
-    if (j < 128) {
-        for (i = 0; i < GHBN_NUM; i++) {
-            if (low > ghbn_cache[i].order) {
-                low = ghbn_cache[i].order;
-                lowi = i;
-            }
-            if (ghbn_cache[i].order > 0) {
-                if (strncmp(name, ghbn_cache[i].name, 128) == 0)
-                    break;
-            }
-        }
-    } else
-        i = GHBN_NUM;
-
-    if (i == GHBN_NUM) {        /* no hit */
-        BIO_ghbn_miss++;
-        /*
-         * Note: under VMS with SOCKETSHR, it seems like the first parameter
-         * is 'char *', instead of 'const char *'
-         */
-#  ifndef CONST_STRICT
-        ret = gethostbyname((char *)name);
-#  else
-        ret = gethostbyname(name);
-#  endif
-
-        if (ret == NULL)
-            goto end;
-        if (j > 128) {          /* too big to cache */
-#  if 0
-            /*
-             * If we were trying to make this function thread-safe (which is
-             * bound to fail), we'd have to give up in this case (or allocate
-             * more memory).
-             */
-            ret = NULL;
-#  endif
-            goto end;
-        }
-
-        /* else add to cache */
-        if (ghbn_cache[lowi].ent != NULL)
-            ghbn_free(ghbn_cache[lowi].ent); /* XXX not thread-safe */
-        ghbn_cache[lowi].name[0] = '\0';
-
-        if ((ret = ghbn_cache[lowi].ent = ghbn_dup(ret)) == NULL) {
-            BIOerr(BIO_F_BIO_GETHOSTBYNAME, ERR_R_MALLOC_FAILURE);
-            goto end;
-        }
-        strncpy(ghbn_cache[lowi].name, name, 128);
-        ghbn_cache[lowi].order = BIO_ghbn_miss + BIO_ghbn_hits;
-    } else {
-        BIO_ghbn_hits++;
-        ret = ghbn_cache[i].ent;
-        ghbn_cache[i].order = BIO_ghbn_miss + BIO_ghbn_hits;
-    }
- end:
-#  if 0
-    CRYPTO_w_unlock(CRYPTO_LOCK_GETHOSTBYNAME);
-#  endif
-    return (ret);
-# endif
-}
-
-int BIO_sock_init(void)
-{
-# ifdef OPENSSL_SYS_WINDOWS
-    static struct WSAData wsa_state;
-
-    if (!wsa_init_done) {
-        int err;
-
-        wsa_init_done = 1;
-        memset(&wsa_state, 0, sizeof(wsa_state));
-        /*
-         * Not making wsa_state available to the rest of the code is formally
-         * wrong. But the structures we use are [beleived to be] invariable
-         * among Winsock DLLs, while API availability is [expected to be]
-         * probed at run-time with DSO_global_lookup.
-         */
-        if (WSAStartup(0x0202, &wsa_state) != 0) {
-            err = WSAGetLastError();
-            SYSerr(SYS_F_WSASTARTUP, err);
-            BIOerr(BIO_F_BIO_SOCK_INIT, BIO_R_WSASTARTUP);
-            return (-1);
-        }
-    }
-# endif                         /* OPENSSL_SYS_WINDOWS */
-# ifdef WATT32
-    extern int _watt_do_exit;
-    _watt_do_exit = 0;          /* don't make sock_init() call exit() */
-    if (sock_init())
-        return (-1);
-# endif
-
-# if defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
-    WORD wVerReq;
-    WSADATA wsaData;
-    int err;
-
-    if (!wsa_init_done) {
-        wsa_init_done = 1;
-        wVerReq = MAKEWORD(2, 0);
-        err = WSAStartup(wVerReq, &wsaData);
-        if (err != 0) {
-            SYSerr(SYS_F_WSASTARTUP, err);
-            BIOerr(BIO_F_BIO_SOCK_INIT, BIO_R_WSASTARTUP);
-            return (-1);
-        }
-    }
-# endif
-
-    return (1);
-}
-
-void BIO_sock_cleanup(void)
-{
-# ifdef OPENSSL_SYS_WINDOWS
-    if (wsa_init_done) {
-        wsa_init_done = 0;
-#  if 0                         /* this call is claimed to be non-present in
-                                 * Winsock2 */
-        WSACancelBlockingCall();
-#  endif
-        WSACleanup();
-    }
-# elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
-    if (wsa_init_done) {
-        wsa_init_done = 0;
-        WSACleanup();
-    }
-# endif
-}
-
-# if !defined(OPENSSL_SYS_VMS) || __VMS_VER >= 70000000
-
-int BIO_socket_ioctl(int fd, long type, void *arg)
-{
-    int i;
-
-#  ifdef __DJGPP__
-    i = ioctlsocket(fd, type, (char *)arg);
-#  else
-#   if defined(OPENSSL_SYS_VMS)
-    /*-
-     * 2011-02-18 SMS.
-     * VMS ioctl() can't tolerate a 64-bit "void *arg", but we
-     * observe that all the consumers pass in an "unsigned long *",
-     * so we arrange a local copy with a short pointer, and use
-     * that, instead.
-     */
-#    if __INITIAL_POINTER_SIZE == 64
-#     define ARG arg_32p
-#     pragma pointer_size save
-#     pragma pointer_size 32
-    unsigned long arg_32;
-    unsigned long *arg_32p;
-#     pragma pointer_size restore
-    arg_32p = &arg_32;
-    arg_32 = *((unsigned long *)arg);
-#    else                       /* __INITIAL_POINTER_SIZE == 64 */
-#     define ARG arg
-#    endif                      /* __INITIAL_POINTER_SIZE == 64 [else] */
-#   else                        /* defined(OPENSSL_SYS_VMS) */
-#    define ARG arg
-#   endif                       /* defined(OPENSSL_SYS_VMS) [else] */
-
-    i = ioctlsocket(fd, type, ARG);
-#  endif                        /* __DJGPP__ */
-    if (i < 0)
-        SYSerr(SYS_F_IOCTLSOCKET, get_last_socket_error());
-    return (i);
-}
-# endif                         /* __VMS_VER */
-
-/*
- * The reason I have implemented this instead of using sscanf is because
- * Visual C 1.52c gives an unresolved external when linking a DLL :-(
- */
-static int get_ip(const char *str, unsigned char ip[4])
-{
-    unsigned int tmp[4];
-    int num = 0, c, ok = 0;
-
-    tmp[0] = tmp[1] = tmp[2] = tmp[3] = 0;
-
-    for (;;) {
-        c = *(str++);
-        if ((c >= '0') && (c <= '9')) {
-            ok = 1;
-            tmp[num] = tmp[num] * 10 + c - '0';
-            if (tmp[num] > 255)
-                return (0);
-        } else if (c == '.') {
-            if (!ok)
-                return (-1);
-            if (num == 3)
-                return (0);
-            num++;
-            ok = 0;
-        } else if (c == '\0' && (num == 3) && ok)
-            break;
-        else
-            return (0);
-    }
-    ip[0] = tmp[0];
-    ip[1] = tmp[1];
-    ip[2] = tmp[2];
-    ip[3] = tmp[3];
-    return (1);
-}
-
-int BIO_get_accept_socket(char *host, int bind_mode)
-{
-    int ret = 0;
-    union {
-        struct sockaddr sa;
-        struct sockaddr_in sa_in;
-# if OPENSSL_USE_IPV6
-        struct sockaddr_in6 sa_in6;
-# endif
-    } server, client;
-    int s = INVALID_SOCKET, cs, addrlen;
-    unsigned char ip[4];
-    unsigned short port;
-    char *str = NULL, *e;
-    char *h, *p;
-    unsigned long l;
-    int err_num;
-
-    if (BIO_sock_init() != 1)
-        return (INVALID_SOCKET);
-
-    if ((str = BUF_strdup(host)) == NULL)
-        return (INVALID_SOCKET);
-
-    h = p = NULL;
-    h = str;
-    for (e = str; *e; e++) {
-        if (*e == ':') {
-            p = e;
-        } else if (*e == '/') {
-            *e = '\0';
-            break;
-        }
-    }
-    if (p)
-        *p++ = '\0';            /* points at last ':', '::port' is special
-                                 * [see below] */
-    else
-        p = h, h = NULL;
-
-# ifdef EAI_FAMILY
-    do {
-        static union {
-            void *p;
-            int (WSAAPI *f) (const char *, const char *,
-                             const struct addrinfo *, struct addrinfo **);
-        } p_getaddrinfo = {
-            NULL
-        };
-        static union {
-            void *p;
-            void (WSAAPI *f) (struct addrinfo *);
-        } p_freeaddrinfo = {
-            NULL
-        };
-        struct addrinfo *res, hint;
-
-        if (p_getaddrinfo.p == NULL) {
-            if ((p_getaddrinfo.p = DSO_global_lookup("getaddrinfo")) == NULL
-                || (p_freeaddrinfo.p =
-                    DSO_global_lookup("freeaddrinfo")) == NULL)
-                p_getaddrinfo.p = (void *)-1;
-        }
-        if (p_getaddrinfo.p == (void *)-1)
-            break;
-
-        /*
-         * '::port' enforces IPv6 wildcard listener. Some OSes, e.g. Solaris,
-         * default to IPv6 without any hint. Also note that commonly IPv6
-         * wildchard socket can service IPv4 connections just as well...
-         */
-        memset(&hint, 0, sizeof(hint));
-        hint.ai_flags = AI_PASSIVE;
-        if (h) {
-            if (strchr(h, ':')) {
-                if (h[1] == '\0')
-                    h = NULL;
-#  if OPENSSL_USE_IPV6
-                hint.ai_family = AF_INET6;
-#  else
-                h = NULL;
-#  endif
-            } else if (h[0] == '*' && h[1] == '\0') {
-                hint.ai_family = AF_INET;
-                h = NULL;
-            }
-        }
-
-        if ((*p_getaddrinfo.f) (h, p, &hint, &res))
-            break;
-
-        addrlen = res->ai_addrlen <= sizeof(server) ?
-            res->ai_addrlen : sizeof(server);
-        memcpy(&server, res->ai_addr, addrlen);
-
-        (*p_freeaddrinfo.f) (res);
-        goto again;
-    } while (0);
-# endif
-
-    if (!BIO_get_port(p, &port))
-        goto err;
-
-    memset((char *)&server, 0, sizeof(server));
-    server.sa_in.sin_family = AF_INET;
-    server.sa_in.sin_port = htons(port);
-    addrlen = sizeof(server.sa_in);
-
-    if (h == NULL || strcmp(h, "*") == 0)
-        server.sa_in.sin_addr.s_addr = INADDR_ANY;
-    else {
-        if (!BIO_get_host_ip(h, &(ip[0])))
-            goto err;
-        l = (unsigned long)
-            ((unsigned long)ip[0] << 24L) |
-            ((unsigned long)ip[1] << 16L) |
-            ((unsigned long)ip[2] << 8L) | ((unsigned long)ip[3]);
-        server.sa_in.sin_addr.s_addr = htonl(l);
-    }
-
- again:
-    s = socket(server.sa.sa_family, SOCK_STREAM, SOCKET_PROTOCOL);
-    if (s == INVALID_SOCKET) {
-        SYSerr(SYS_F_SOCKET, get_last_socket_error());
-        ERR_add_error_data(3, "port='", host, "'");
-        BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET, BIO_R_UNABLE_TO_CREATE_SOCKET);
-        goto err;
-    }
-# ifdef SO_REUSEADDR
-    if (bind_mode == BIO_BIND_REUSEADDR) {
-        int i = 1;
-
-        ret = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (char *)&i, sizeof(i));
-        bind_mode = BIO_BIND_NORMAL;
-    }
-# endif
-    if (bind(s, &server.sa, addrlen) == -1) {
-# ifdef SO_REUSEADDR
-        err_num = get_last_socket_error();
-        if ((bind_mode == BIO_BIND_REUSEADDR_IF_UNUSED) &&
-#  ifdef OPENSSL_SYS_WINDOWS
-            /*
-             * Some versions of Windows define EADDRINUSE to a dummy value.
-             */
-            (err_num == WSAEADDRINUSE))
-#  else
-            (err_num == EADDRINUSE))
-#  endif
-        {
-            client = server;
-            if (h == NULL || strcmp(h, "*") == 0) {
-#  if OPENSSL_USE_IPV6
-                if (client.sa.sa_family == AF_INET6) {
-                    memset(&client.sa_in6.sin6_addr, 0,
-                           sizeof(client.sa_in6.sin6_addr));
-                    client.sa_in6.sin6_addr.s6_addr[15] = 1;
-                } else
-#  endif
-                if (client.sa.sa_family == AF_INET) {
-                    client.sa_in.sin_addr.s_addr = htonl(0x7F000001);
-                } else
-                    goto err;
-            }
-            cs = socket(client.sa.sa_family, SOCK_STREAM, SOCKET_PROTOCOL);
-            if (cs != INVALID_SOCKET) {
-                int ii;
-                ii = connect(cs, &client.sa, addrlen);
-                closesocket(cs);
-                if (ii == INVALID_SOCKET) {
-                    bind_mode = BIO_BIND_REUSEADDR;
-                    closesocket(s);
-                    goto again;
-                }
-                /* else error */
-            }
-            /* else error */
-        }
-# endif
-        SYSerr(SYS_F_BIND, err_num);
-        ERR_add_error_data(3, "port='", host, "'");
-        BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET, BIO_R_UNABLE_TO_BIND_SOCKET);
-        goto err;
-    }
-    if (listen(s, MAX_LISTEN) == -1) {
-        SYSerr(SYS_F_BIND, get_last_socket_error());
-        ERR_add_error_data(3, "port='", host, "'");
-        BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET, BIO_R_UNABLE_TO_LISTEN_SOCKET);
-        goto err;
-    }
-    ret = 1;
- err:
-    if (str != NULL)
-        OPENSSL_free(str);
-    if ((ret == 0) && (s != INVALID_SOCKET)) {
-        closesocket(s);
-        s = INVALID_SOCKET;
-    }
-    return (s);
-}
-
-int BIO_accept(int sock, char **addr)
-{
-    int ret = INVALID_SOCKET;
-    unsigned long l;
-    unsigned short port;
-    char *p;
-
-    struct {
-        /*
-         * As for following union. Trouble is that there are platforms
-         * that have socklen_t and there are platforms that don't, on
-         * some platforms socklen_t is int and on some size_t. So what
-         * one can do? One can cook #ifdef spaghetti, which is nothing
-         * but masochistic. Or one can do union between int and size_t.
-         * One naturally does it primarily for 64-bit platforms where
-         * sizeof(int) != sizeof(size_t). But would it work? Note that
-         * if size_t member is initialized to 0, then later int member
-         * assignment naturally does the job on little-endian platforms
-         * regardless accept's expectations! What about big-endians?
-         * If accept expects int*, then it works, and if size_t*, then
-         * length value would appear as unreasonably large. But this
-         * won't prevent it from filling in the address structure. The
-         * trouble of course would be if accept returns more data than
-         * actual buffer can accomodate and overwrite stack... That's
-         * where early OPENSSL_assert comes into picture. Besides, the
-         * only 64-bit big-endian platform found so far that expects
-         * size_t* is HP-UX, where stack grows towards higher address.
-         * <appro>
-         */
-        union {
-            size_t s;
-            int i;
-        } len;
-        union {
-            struct sockaddr sa;
-            struct sockaddr_in sa_in;
-# if OPENSSL_USE_IPV6
-            struct sockaddr_in6 sa_in6;
-# endif
-        } from;
-    } sa;
-
-    sa.len.s = 0;
-    sa.len.i = sizeof(sa.from);
-    memset(&sa.from, 0, sizeof(sa.from));
-    ret = accept(sock, &sa.from.sa, (void *)&sa.len);
-    if (sizeof(sa.len.i) != sizeof(sa.len.s) && sa.len.i == 0) {
-        OPENSSL_assert(sa.len.s <= sizeof(sa.from));
-        sa.len.i = (int)sa.len.s;
-        /* use sa.len.i from this point */
-    }
-    if (ret == INVALID_SOCKET) {
-        if (BIO_sock_should_retry(ret))
-            return -2;
-        SYSerr(SYS_F_ACCEPT, get_last_socket_error());
-        BIOerr(BIO_F_BIO_ACCEPT, BIO_R_ACCEPT_ERROR);
-        goto end;
-    }
-
-    if (addr == NULL)
-        goto end;
-
-# ifdef EAI_FAMILY
-    do {
-        char h[NI_MAXHOST], s[NI_MAXSERV];
-        size_t nl;
-        static union {
-            void *p;
-            int (WSAAPI *f) (const struct sockaddr *, size_t /* socklen_t */ ,
-                             char *, size_t, char *, size_t, int);
-        } p_getnameinfo = {
-            NULL
-        };
-        /*
-         * 2nd argument to getnameinfo is specified to be socklen_t.
-         * Unfortunately there is a number of environments where socklen_t is
-         * not defined. As it's passed by value, it's safe to pass it as
-         * size_t... <appro>
-         */
-
-        if (p_getnameinfo.p == NULL) {
-            if ((p_getnameinfo.p = DSO_global_lookup("getnameinfo")) == NULL)
-                p_getnameinfo.p = (void *)-1;
-        }
-        if (p_getnameinfo.p == (void *)-1)
-            break;
-
-        if ((*p_getnameinfo.f) (&sa.from.sa, sa.len.i, h, sizeof(h), s,
-                                sizeof(s), NI_NUMERICHOST | NI_NUMERICSERV))
-            break;
-        nl = strlen(h) + strlen(s) + 2;
-        p = *addr;
-        if (p) {
-            *p = '\0';
-            p = OPENSSL_realloc(p, nl);
-        } else {
-            p = OPENSSL_malloc(nl);
-        }
-        if (p == NULL) {
-            BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE);
-            goto end;
-        }
-        *addr = p;
-        BIO_snprintf(*addr, nl, "%s:%s", h, s);
-        goto end;
-    } while (0);
-# endif
-    if (sa.from.sa.sa_family != AF_INET)
-        goto end;
-    l = ntohl(sa.from.sa_in.sin_addr.s_addr);
-    port = ntohs(sa.from.sa_in.sin_port);
-    if (*addr == NULL) {
-        if ((p = OPENSSL_malloc(24)) == NULL) {
-            BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE);
-            goto end;
-        }
-        *addr = p;
-    }
-    BIO_snprintf(*addr, 24, "%d.%d.%d.%d:%d",
-                 (unsigned char)(l >> 24L) & 0xff,
-                 (unsigned char)(l >> 16L) & 0xff,
-                 (unsigned char)(l >> 8L) & 0xff,
-                 (unsigned char)(l) & 0xff, port);
- end:
-    return (ret);
-}
-
-int BIO_set_tcp_ndelay(int s, int on)
-{
-    int ret = 0;
-# if defined(TCP_NODELAY) && (defined(IPPROTO_TCP) || defined(SOL_TCP))
-    int opt;
-
-#  ifdef SOL_TCP
-    opt = SOL_TCP;
-#  else
-#   ifdef IPPROTO_TCP
-    opt = IPPROTO_TCP;
-#   endif
-#  endif
-
-    ret = setsockopt(s, opt, TCP_NODELAY, (char *)&on, sizeof(on));
-# endif
-    return (ret == 0);
-}
-
-int BIO_socket_nbio(int s, int mode)
-{
-    int ret = -1;
-    int l;
-
-    l = mode;
-# ifdef FIONBIO
-    ret = BIO_socket_ioctl(s, FIONBIO, &l);
-# endif
-    return (ret == 0);
-}
-#endif
diff --git a/thirdparty/openssl/crypto/bio/bf_buff.c b/thirdparty/openssl/crypto/bio/bf_buff.c
deleted file mode 100644
index 478fa16a07..0000000000
--- a/thirdparty/openssl/crypto/bio/bf_buff.c
+++ /dev/null
@@ -1,517 +0,0 @@
-/* crypto/bio/bf_buff.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-static int buffer_write(BIO *h, const char *buf, int num);
-static int buffer_read(BIO *h, char *buf, int size);
-static int buffer_puts(BIO *h, const char *str);
-static int buffer_gets(BIO *h, char *str, int size);
-static long buffer_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int buffer_new(BIO *h);
-static int buffer_free(BIO *data);
-static long buffer_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-#define DEFAULT_BUFFER_SIZE     4096
-
-static BIO_METHOD methods_buffer = {
-    BIO_TYPE_BUFFER,
-    "buffer",
-    buffer_write,
-    buffer_read,
-    buffer_puts,
-    buffer_gets,
-    buffer_ctrl,
-    buffer_new,
-    buffer_free,
-    buffer_callback_ctrl,
-};
-
-BIO_METHOD *BIO_f_buffer(void)
-{
-    return (&methods_buffer);
-}
-
-static int buffer_new(BIO *bi)
-{
-    BIO_F_BUFFER_CTX *ctx;
-
-    ctx = (BIO_F_BUFFER_CTX *)OPENSSL_malloc(sizeof(BIO_F_BUFFER_CTX));
-    if (ctx == NULL)
-        return (0);
-    ctx->ibuf = (char *)OPENSSL_malloc(DEFAULT_BUFFER_SIZE);
-    if (ctx->ibuf == NULL) {
-        OPENSSL_free(ctx);
-        return (0);
-    }
-    ctx->obuf = (char *)OPENSSL_malloc(DEFAULT_BUFFER_SIZE);
-    if (ctx->obuf == NULL) {
-        OPENSSL_free(ctx->ibuf);
-        OPENSSL_free(ctx);
-        return (0);
-    }
-    ctx->ibuf_size = DEFAULT_BUFFER_SIZE;
-    ctx->obuf_size = DEFAULT_BUFFER_SIZE;
-    ctx->ibuf_len = 0;
-    ctx->ibuf_off = 0;
-    ctx->obuf_len = 0;
-    ctx->obuf_off = 0;
-
-    bi->init = 1;
-    bi->ptr = (char *)ctx;
-    bi->flags = 0;
-    return (1);
-}
-
-static int buffer_free(BIO *a)
-{
-    BIO_F_BUFFER_CTX *b;
-
-    if (a == NULL)
-        return (0);
-    b = (BIO_F_BUFFER_CTX *)a->ptr;
-    if (b->ibuf != NULL)
-        OPENSSL_free(b->ibuf);
-    if (b->obuf != NULL)
-        OPENSSL_free(b->obuf);
-    OPENSSL_free(a->ptr);
-    a->ptr = NULL;
-    a->init = 0;
-    a->flags = 0;
-    return (1);
-}
-
-static int buffer_read(BIO *b, char *out, int outl)
-{
-    int i, num = 0;
-    BIO_F_BUFFER_CTX *ctx;
-
-    if (out == NULL)
-        return (0);
-    ctx = (BIO_F_BUFFER_CTX *)b->ptr;
-
-    if ((ctx == NULL) || (b->next_bio == NULL))
-        return (0);
-    num = 0;
-    BIO_clear_retry_flags(b);
-
- start:
-    i = ctx->ibuf_len;
-    /* If there is stuff left over, grab it */
-    if (i != 0) {
-        if (i > outl)
-            i = outl;
-        memcpy(out, &(ctx->ibuf[ctx->ibuf_off]), i);
-        ctx->ibuf_off += i;
-        ctx->ibuf_len -= i;
-        num += i;
-        if (outl == i)
-            return (num);
-        outl -= i;
-        out += i;
-    }
-
-    /*
-     * We may have done a partial read. try to do more. We have nothing in
-     * the buffer. If we get an error and have read some data, just return it
-     * and let them retry to get the error again. copy direct to parent
-     * address space
-     */
-    if (outl > ctx->ibuf_size) {
-        for (;;) {
-            i = BIO_read(b->next_bio, out, outl);
-            if (i <= 0) {
-                BIO_copy_next_retry(b);
-                if (i < 0)
-                    return ((num > 0) ? num : i);
-                if (i == 0)
-                    return (num);
-            }
-            num += i;
-            if (outl == i)
-                return (num);
-            out += i;
-            outl -= i;
-        }
-    }
-    /* else */
-
-    /* we are going to be doing some buffering */
-    i = BIO_read(b->next_bio, ctx->ibuf, ctx->ibuf_size);
-    if (i <= 0) {
-        BIO_copy_next_retry(b);
-        if (i < 0)
-            return ((num > 0) ? num : i);
-        if (i == 0)
-            return (num);
-    }
-    ctx->ibuf_off = 0;
-    ctx->ibuf_len = i;
-
-    /* Lets re-read using ourselves :-) */
-    goto start;
-}
-
-static int buffer_write(BIO *b, const char *in, int inl)
-{
-    int i, num = 0;
-    BIO_F_BUFFER_CTX *ctx;
-
-    if ((in == NULL) || (inl <= 0))
-        return (0);
-    ctx = (BIO_F_BUFFER_CTX *)b->ptr;
-    if ((ctx == NULL) || (b->next_bio == NULL))
-        return (0);
-
-    BIO_clear_retry_flags(b);
- start:
-    i = ctx->obuf_size - (ctx->obuf_len + ctx->obuf_off);
-    /* add to buffer and return */
-    if (i >= inl) {
-        memcpy(&(ctx->obuf[ctx->obuf_off + ctx->obuf_len]), in, inl);
-        ctx->obuf_len += inl;
-        return (num + inl);
-    }
-    /* else */
-    /* stuff already in buffer, so add to it first, then flush */
-    if (ctx->obuf_len != 0) {
-        if (i > 0) {            /* lets fill it up if we can */
-            memcpy(&(ctx->obuf[ctx->obuf_off + ctx->obuf_len]), in, i);
-            in += i;
-            inl -= i;
-            num += i;
-            ctx->obuf_len += i;
-        }
-        /* we now have a full buffer needing flushing */
-        for (;;) {
-            i = BIO_write(b->next_bio, &(ctx->obuf[ctx->obuf_off]),
-                          ctx->obuf_len);
-            if (i <= 0) {
-                BIO_copy_next_retry(b);
-
-                if (i < 0)
-                    return ((num > 0) ? num : i);
-                if (i == 0)
-                    return (num);
-            }
-            ctx->obuf_off += i;
-            ctx->obuf_len -= i;
-            if (ctx->obuf_len == 0)
-                break;
-        }
-    }
-    /*
-     * we only get here if the buffer has been flushed and we still have
-     * stuff to write
-     */
-    ctx->obuf_off = 0;
-
-    /* we now have inl bytes to write */
-    while (inl >= ctx->obuf_size) {
-        i = BIO_write(b->next_bio, in, inl);
-        if (i <= 0) {
-            BIO_copy_next_retry(b);
-            if (i < 0)
-                return ((num > 0) ? num : i);
-            if (i == 0)
-                return (num);
-        }
-        num += i;
-        in += i;
-        inl -= i;
-        if (inl == 0)
-            return (num);
-    }
-
-    /*
-     * copy the rest into the buffer since we have only a small amount left
-     */
-    goto start;
-}
-
-static long buffer_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-    BIO *dbio;
-    BIO_F_BUFFER_CTX *ctx;
-    long ret = 1;
-    char *p1, *p2;
-    int r, i, *ip;
-    int ibs, obs;
-
-    ctx = (BIO_F_BUFFER_CTX *)b->ptr;
-
-    switch (cmd) {
-    case BIO_CTRL_RESET:
-        ctx->ibuf_off = 0;
-        ctx->ibuf_len = 0;
-        ctx->obuf_off = 0;
-        ctx->obuf_len = 0;
-        if (b->next_bio == NULL)
-            return (0);
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    case BIO_CTRL_INFO:
-        ret = (long)ctx->obuf_len;
-        break;
-    case BIO_C_GET_BUFF_NUM_LINES:
-        ret = 0;
-        p1 = ctx->ibuf;
-        for (i = 0; i < ctx->ibuf_len; i++) {
-            if (p1[ctx->ibuf_off + i] == '\n')
-                ret++;
-        }
-        break;
-    case BIO_CTRL_WPENDING:
-        ret = (long)ctx->obuf_len;
-        if (ret == 0) {
-            if (b->next_bio == NULL)
-                return (0);
-            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        }
-        break;
-    case BIO_CTRL_PENDING:
-        ret = (long)ctx->ibuf_len;
-        if (ret == 0) {
-            if (b->next_bio == NULL)
-                return (0);
-            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        }
-        break;
-    case BIO_C_SET_BUFF_READ_DATA:
-        if (num > ctx->ibuf_size) {
-            p1 = OPENSSL_malloc((int)num);
-            if (p1 == NULL)
-                goto malloc_error;
-            if (ctx->ibuf != NULL)
-                OPENSSL_free(ctx->ibuf);
-            ctx->ibuf = p1;
-        }
-        ctx->ibuf_off = 0;
-        ctx->ibuf_len = (int)num;
-        memcpy(ctx->ibuf, ptr, (int)num);
-        ret = 1;
-        break;
-    case BIO_C_SET_BUFF_SIZE:
-        if (ptr != NULL) {
-            ip = (int *)ptr;
-            if (*ip == 0) {
-                ibs = (int)num;
-                obs = ctx->obuf_size;
-            } else {            /* if (*ip == 1) */
-
-                ibs = ctx->ibuf_size;
-                obs = (int)num;
-            }
-        } else {
-            ibs = (int)num;
-            obs = (int)num;
-        }
-        p1 = ctx->ibuf;
-        p2 = ctx->obuf;
-        if ((ibs > DEFAULT_BUFFER_SIZE) && (ibs != ctx->ibuf_size)) {
-            p1 = (char *)OPENSSL_malloc((int)num);
-            if (p1 == NULL)
-                goto malloc_error;
-        }
-        if ((obs > DEFAULT_BUFFER_SIZE) && (obs != ctx->obuf_size)) {
-            p2 = (char *)OPENSSL_malloc((int)num);
-            if (p2 == NULL) {
-                if (p1 != ctx->ibuf)
-                    OPENSSL_free(p1);
-                goto malloc_error;
-            }
-        }
-        if (ctx->ibuf != p1) {
-            OPENSSL_free(ctx->ibuf);
-            ctx->ibuf = p1;
-            ctx->ibuf_off = 0;
-            ctx->ibuf_len = 0;
-            ctx->ibuf_size = ibs;
-        }
-        if (ctx->obuf != p2) {
-            OPENSSL_free(ctx->obuf);
-            ctx->obuf = p2;
-            ctx->obuf_off = 0;
-            ctx->obuf_len = 0;
-            ctx->obuf_size = obs;
-        }
-        break;
-    case BIO_C_DO_STATE_MACHINE:
-        if (b->next_bio == NULL)
-            return (0);
-        BIO_clear_retry_flags(b);
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        BIO_copy_next_retry(b);
-        break;
-
-    case BIO_CTRL_FLUSH:
-        if (b->next_bio == NULL)
-            return (0);
-        if (ctx->obuf_len <= 0) {
-            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-            break;
-        }
-
-        for (;;) {
-            BIO_clear_retry_flags(b);
-            if (ctx->obuf_len > 0) {
-                r = BIO_write(b->next_bio,
-                              &(ctx->obuf[ctx->obuf_off]), ctx->obuf_len);
-#if 0
-                fprintf(stderr, "FLUSH [%3d] %3d -> %3d\n", ctx->obuf_off,
-                        ctx->obuf_len, r);
-#endif
-                BIO_copy_next_retry(b);
-                if (r <= 0)
-                    return ((long)r);
-                ctx->obuf_off += r;
-                ctx->obuf_len -= r;
-            } else {
-                ctx->obuf_len = 0;
-                ctx->obuf_off = 0;
-                ret = 1;
-                break;
-            }
-        }
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    case BIO_CTRL_DUP:
-        dbio = (BIO *)ptr;
-        if (!BIO_set_read_buffer_size(dbio, ctx->ibuf_size) ||
-            !BIO_set_write_buffer_size(dbio, ctx->obuf_size))
-            ret = 0;
-        break;
-    default:
-        if (b->next_bio == NULL)
-            return (0);
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    }
-    return (ret);
- malloc_error:
-    BIOerr(BIO_F_BUFFER_CTRL, ERR_R_MALLOC_FAILURE);
-    return (0);
-}
-
-static long buffer_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
-    long ret = 1;
-
-    if (b->next_bio == NULL)
-        return (0);
-    switch (cmd) {
-    default:
-        ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
-        break;
-    }
-    return (ret);
-}
-
-static int buffer_gets(BIO *b, char *buf, int size)
-{
-    BIO_F_BUFFER_CTX *ctx;
-    int num = 0, i, flag;
-    char *p;
-
-    ctx = (BIO_F_BUFFER_CTX *)b->ptr;
-    size--;                     /* reserve space for a '\0' */
-    BIO_clear_retry_flags(b);
-
-    for (;;) {
-        if (ctx->ibuf_len > 0) {
-            p = &(ctx->ibuf[ctx->ibuf_off]);
-            flag = 0;
-            for (i = 0; (i < ctx->ibuf_len) && (i < size); i++) {
-                *(buf++) = p[i];
-                if (p[i] == '\n') {
-                    flag = 1;
-                    i++;
-                    break;
-                }
-            }
-            num += i;
-            size -= i;
-            ctx->ibuf_len -= i;
-            ctx->ibuf_off += i;
-            if (flag || size == 0) {
-                *buf = '\0';
-                return (num);
-            }
-        } else {                /* read another chunk */
-
-            i = BIO_read(b->next_bio, ctx->ibuf, ctx->ibuf_size);
-            if (i <= 0) {
-                BIO_copy_next_retry(b);
-                *buf = '\0';
-                if (i < 0)
-                    return ((num > 0) ? num : i);
-                if (i == 0)
-                    return (num);
-            }
-            ctx->ibuf_len = i;
-            ctx->ibuf_off = 0;
-        }
-    }
-}
-
-static int buffer_puts(BIO *b, const char *str)
-{
-    return (buffer_write(b, str, strlen(str)));
-}
diff --git a/thirdparty/openssl/crypto/bio/bf_lbuf.c b/thirdparty/openssl/crypto/bio/bf_lbuf.c
deleted file mode 100644
index 46d0d5a1e6..0000000000
--- a/thirdparty/openssl/crypto/bio/bf_lbuf.c
+++ /dev/null
@@ -1,391 +0,0 @@
-/* crypto/bio/bf_buff.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-
-static int linebuffer_write(BIO *h, const char *buf, int num);
-static int linebuffer_read(BIO *h, char *buf, int size);
-static int linebuffer_puts(BIO *h, const char *str);
-static int linebuffer_gets(BIO *h, char *str, int size);
-static long linebuffer_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int linebuffer_new(BIO *h);
-static int linebuffer_free(BIO *data);
-static long linebuffer_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-
-/* A 10k maximum should be enough for most purposes */
-#define DEFAULT_LINEBUFFER_SIZE 1024*10
-
-/* #define DEBUG */
-
-static BIO_METHOD methods_linebuffer = {
-    BIO_TYPE_LINEBUFFER,
-    "linebuffer",
-    linebuffer_write,
-    linebuffer_read,
-    linebuffer_puts,
-    linebuffer_gets,
-    linebuffer_ctrl,
-    linebuffer_new,
-    linebuffer_free,
-    linebuffer_callback_ctrl,
-};
-
-BIO_METHOD *BIO_f_linebuffer(void)
-{
-    return (&methods_linebuffer);
-}
-
-typedef struct bio_linebuffer_ctx_struct {
-    char *obuf;                 /* the output char array */
-    int obuf_size;              /* how big is the output buffer */
-    int obuf_len;               /* how many bytes are in it */
-} BIO_LINEBUFFER_CTX;
-
-static int linebuffer_new(BIO *bi)
-{
-    BIO_LINEBUFFER_CTX *ctx;
-
-    ctx = (BIO_LINEBUFFER_CTX *)OPENSSL_malloc(sizeof(BIO_LINEBUFFER_CTX));
-    if (ctx == NULL)
-        return (0);
-    ctx->obuf = (char *)OPENSSL_malloc(DEFAULT_LINEBUFFER_SIZE);
-    if (ctx->obuf == NULL) {
-        OPENSSL_free(ctx);
-        return (0);
-    }
-    ctx->obuf_size = DEFAULT_LINEBUFFER_SIZE;
-    ctx->obuf_len = 0;
-
-    bi->init = 1;
-    bi->ptr = (char *)ctx;
-    bi->flags = 0;
-    return (1);
-}
-
-static int linebuffer_free(BIO *a)
-{
-    BIO_LINEBUFFER_CTX *b;
-
-    if (a == NULL)
-        return (0);
-    b = (BIO_LINEBUFFER_CTX *)a->ptr;
-    if (b->obuf != NULL)
-        OPENSSL_free(b->obuf);
-    OPENSSL_free(a->ptr);
-    a->ptr = NULL;
-    a->init = 0;
-    a->flags = 0;
-    return (1);
-}
-
-static int linebuffer_read(BIO *b, char *out, int outl)
-{
-    int ret = 0;
-
-    if (out == NULL)
-        return (0);
-    if (b->next_bio == NULL)
-        return (0);
-    ret = BIO_read(b->next_bio, out, outl);
-    BIO_clear_retry_flags(b);
-    BIO_copy_next_retry(b);
-    return (ret);
-}
-
-static int linebuffer_write(BIO *b, const char *in, int inl)
-{
-    int i, num = 0, foundnl;
-    BIO_LINEBUFFER_CTX *ctx;
-
-    if ((in == NULL) || (inl <= 0))
-        return (0);
-    ctx = (BIO_LINEBUFFER_CTX *)b->ptr;
-    if ((ctx == NULL) || (b->next_bio == NULL))
-        return (0);
-
-    BIO_clear_retry_flags(b);
-
-    do {
-        const char *p;
-
-        for (p = in; p < in + inl && *p != '\n'; p++) ;
-        if (*p == '\n') {
-            p++;
-            foundnl = 1;
-        } else
-            foundnl = 0;
-
-        /*
-         * If a NL was found and we already have text in the save buffer,
-         * concatenate them and write
-         */
-        while ((foundnl || p - in > ctx->obuf_size - ctx->obuf_len)
-               && ctx->obuf_len > 0) {
-            int orig_olen = ctx->obuf_len;
-
-            i = ctx->obuf_size - ctx->obuf_len;
-            if (p - in > 0) {
-                if (i >= p - in) {
-                    memcpy(&(ctx->obuf[ctx->obuf_len]), in, p - in);
-                    ctx->obuf_len += p - in;
-                    inl -= p - in;
-                    num += p - in;
-                    in = p;
-                } else {
-                    memcpy(&(ctx->obuf[ctx->obuf_len]), in, i);
-                    ctx->obuf_len += i;
-                    inl -= i;
-                    in += i;
-                    num += i;
-                }
-            }
-#if 0
-            BIO_write(b->next_bio, "<*<", 3);
-#endif
-            i = BIO_write(b->next_bio, ctx->obuf, ctx->obuf_len);
-            if (i <= 0) {
-                ctx->obuf_len = orig_olen;
-                BIO_copy_next_retry(b);
-
-#if 0
-                BIO_write(b->next_bio, ">*>", 3);
-#endif
-                if (i < 0)
-                    return ((num > 0) ? num : i);
-                if (i == 0)
-                    return (num);
-            }
-#if 0
-            BIO_write(b->next_bio, ">*>", 3);
-#endif
-            if (i < ctx->obuf_len)
-                memmove(ctx->obuf, ctx->obuf + i, ctx->obuf_len - i);
-            ctx->obuf_len -= i;
-        }
-
-        /*
-         * Now that the save buffer is emptied, let's write the input buffer
-         * if a NL was found and there is anything to write.
-         */
-        if ((foundnl || p - in > ctx->obuf_size) && p - in > 0) {
-#if 0
-            BIO_write(b->next_bio, "<*<", 3);
-#endif
-            i = BIO_write(b->next_bio, in, p - in);
-            if (i <= 0) {
-                BIO_copy_next_retry(b);
-#if 0
-                BIO_write(b->next_bio, ">*>", 3);
-#endif
-                if (i < 0)
-                    return ((num > 0) ? num : i);
-                if (i == 0)
-                    return (num);
-            }
-#if 0
-            BIO_write(b->next_bio, ">*>", 3);
-#endif
-            num += i;
-            in += i;
-            inl -= i;
-        }
-    }
-    while (foundnl && inl > 0);
-    /*
-     * We've written as much as we can.  The rest of the input buffer, if
-     * any, is text that doesn't and with a NL and therefore needs to be
-     * saved for the next trip.
-     */
-    if (inl > 0) {
-        memcpy(&(ctx->obuf[ctx->obuf_len]), in, inl);
-        ctx->obuf_len += inl;
-        num += inl;
-    }
-    return num;
-}
-
-static long linebuffer_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-    BIO *dbio;
-    BIO_LINEBUFFER_CTX *ctx;
-    long ret = 1;
-    char *p;
-    int r;
-    int obs;
-
-    ctx = (BIO_LINEBUFFER_CTX *)b->ptr;
-
-    switch (cmd) {
-    case BIO_CTRL_RESET:
-        ctx->obuf_len = 0;
-        if (b->next_bio == NULL)
-            return (0);
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    case BIO_CTRL_INFO:
-        ret = (long)ctx->obuf_len;
-        break;
-    case BIO_CTRL_WPENDING:
-        ret = (long)ctx->obuf_len;
-        if (ret == 0) {
-            if (b->next_bio == NULL)
-                return (0);
-            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        }
-        break;
-    case BIO_C_SET_BUFF_SIZE:
-        obs = (int)num;
-        p = ctx->obuf;
-        if ((obs > DEFAULT_LINEBUFFER_SIZE) && (obs != ctx->obuf_size)) {
-            p = (char *)OPENSSL_malloc((int)num);
-            if (p == NULL)
-                goto malloc_error;
-        }
-        if (ctx->obuf != p) {
-            if (ctx->obuf_len > obs) {
-                ctx->obuf_len = obs;
-            }
-            memcpy(p, ctx->obuf, ctx->obuf_len);
-            OPENSSL_free(ctx->obuf);
-            ctx->obuf = p;
-            ctx->obuf_size = obs;
-        }
-        break;
-    case BIO_C_DO_STATE_MACHINE:
-        if (b->next_bio == NULL)
-            return (0);
-        BIO_clear_retry_flags(b);
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        BIO_copy_next_retry(b);
-        break;
-
-    case BIO_CTRL_FLUSH:
-        if (b->next_bio == NULL)
-            return (0);
-        if (ctx->obuf_len <= 0) {
-            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-            break;
-        }
-
-        for (;;) {
-            BIO_clear_retry_flags(b);
-            if (ctx->obuf_len > 0) {
-                r = BIO_write(b->next_bio, ctx->obuf, ctx->obuf_len);
-#if 0
-                fprintf(stderr, "FLUSH %3d -> %3d\n", ctx->obuf_len, r);
-#endif
-                BIO_copy_next_retry(b);
-                if (r <= 0)
-                    return ((long)r);
-                if (r < ctx->obuf_len)
-                    memmove(ctx->obuf, ctx->obuf + r, ctx->obuf_len - r);
-                ctx->obuf_len -= r;
-            } else {
-                ctx->obuf_len = 0;
-                ret = 1;
-                break;
-            }
-        }
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    case BIO_CTRL_DUP:
-        dbio = (BIO *)ptr;
-        if (!BIO_set_write_buffer_size(dbio, ctx->obuf_size))
-            ret = 0;
-        break;
-    default:
-        if (b->next_bio == NULL)
-            return (0);
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    }
-    return (ret);
- malloc_error:
-    BIOerr(BIO_F_LINEBUFFER_CTRL, ERR_R_MALLOC_FAILURE);
-    return (0);
-}
-
-static long linebuffer_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
-    long ret = 1;
-
-    if (b->next_bio == NULL)
-        return (0);
-    switch (cmd) {
-    default:
-        ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
-        break;
-    }
-    return (ret);
-}
-
-static int linebuffer_gets(BIO *b, char *buf, int size)
-{
-    if (b->next_bio == NULL)
-        return (0);
-    return (BIO_gets(b->next_bio, buf, size));
-}
-
-static int linebuffer_puts(BIO *b, const char *str)
-{
-    return (linebuffer_write(b, str, strlen(str)));
-}
diff --git a/thirdparty/openssl/crypto/bio/bf_nbio.c b/thirdparty/openssl/crypto/bio/bf_nbio.c
deleted file mode 100644
index 4842bb4c82..0000000000
--- a/thirdparty/openssl/crypto/bio/bf_nbio.c
+++ /dev/null
@@ -1,253 +0,0 @@
-/* crypto/bio/bf_nbio.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include <openssl/bio.h>
-
-/*
- * BIO_put and BIO_get both add to the digest, BIO_gets returns the digest
- */
-
-static int nbiof_write(BIO *h, const char *buf, int num);
-static int nbiof_read(BIO *h, char *buf, int size);
-static int nbiof_puts(BIO *h, const char *str);
-static int nbiof_gets(BIO *h, char *str, int size);
-static long nbiof_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int nbiof_new(BIO *h);
-static int nbiof_free(BIO *data);
-static long nbiof_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-typedef struct nbio_test_st {
-    /* only set if we sent a 'should retry' error */
-    int lrn;
-    int lwn;
-} NBIO_TEST;
-
-static BIO_METHOD methods_nbiof = {
-    BIO_TYPE_NBIO_TEST,
-    "non-blocking IO test filter",
-    nbiof_write,
-    nbiof_read,
-    nbiof_puts,
-    nbiof_gets,
-    nbiof_ctrl,
-    nbiof_new,
-    nbiof_free,
-    nbiof_callback_ctrl,
-};
-
-BIO_METHOD *BIO_f_nbio_test(void)
-{
-    return (&methods_nbiof);
-}
-
-static int nbiof_new(BIO *bi)
-{
-    NBIO_TEST *nt;
-
-    if (!(nt = (NBIO_TEST *)OPENSSL_malloc(sizeof(NBIO_TEST))))
-        return (0);
-    nt->lrn = -1;
-    nt->lwn = -1;
-    bi->ptr = (char *)nt;
-    bi->init = 1;
-    bi->flags = 0;
-    return (1);
-}
-
-static int nbiof_free(BIO *a)
-{
-    if (a == NULL)
-        return (0);
-    if (a->ptr != NULL)
-        OPENSSL_free(a->ptr);
-    a->ptr = NULL;
-    a->init = 0;
-    a->flags = 0;
-    return (1);
-}
-
-static int nbiof_read(BIO *b, char *out, int outl)
-{
-    int ret = 0;
-#if 1
-    int num;
-    unsigned char n;
-#endif
-
-    if (out == NULL)
-        return (0);
-    if (b->next_bio == NULL)
-        return (0);
-
-    BIO_clear_retry_flags(b);
-#if 1
-    if (RAND_bytes(&n, 1) <= 0)
-        return -1;
-    num = (n & 0x07);
-
-    if (outl > num)
-        outl = num;
-
-    if (num == 0) {
-        ret = -1;
-        BIO_set_retry_read(b);
-    } else
-#endif
-    {
-        ret = BIO_read(b->next_bio, out, outl);
-        if (ret < 0)
-            BIO_copy_next_retry(b);
-    }
-    return (ret);
-}
-
-static int nbiof_write(BIO *b, const char *in, int inl)
-{
-    NBIO_TEST *nt;
-    int ret = 0;
-    int num;
-    unsigned char n;
-
-    if ((in == NULL) || (inl <= 0))
-        return (0);
-    if (b->next_bio == NULL)
-        return (0);
-    nt = (NBIO_TEST *)b->ptr;
-
-    BIO_clear_retry_flags(b);
-
-#if 1
-    if (nt->lwn > 0) {
-        num = nt->lwn;
-        nt->lwn = 0;
-    } else {
-        if (RAND_bytes(&n, 1) <= 0)
-            return -1;
-        num = (n & 7);
-    }
-
-    if (inl > num)
-        inl = num;
-
-    if (num == 0) {
-        ret = -1;
-        BIO_set_retry_write(b);
-    } else
-#endif
-    {
-        ret = BIO_write(b->next_bio, in, inl);
-        if (ret < 0) {
-            BIO_copy_next_retry(b);
-            nt->lwn = inl;
-        }
-    }
-    return (ret);
-}
-
-static long nbiof_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-    long ret;
-
-    if (b->next_bio == NULL)
-        return (0);
-    switch (cmd) {
-    case BIO_C_DO_STATE_MACHINE:
-        BIO_clear_retry_flags(b);
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        BIO_copy_next_retry(b);
-        break;
-    case BIO_CTRL_DUP:
-        ret = 0L;
-        break;
-    default:
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    }
-    return (ret);
-}
-
-static long nbiof_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
-    long ret = 1;
-
-    if (b->next_bio == NULL)
-        return (0);
-    switch (cmd) {
-    default:
-        ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
-        break;
-    }
-    return (ret);
-}
-
-static int nbiof_gets(BIO *bp, char *buf, int size)
-{
-    if (bp->next_bio == NULL)
-        return (0);
-    return (BIO_gets(bp->next_bio, buf, size));
-}
-
-static int nbiof_puts(BIO *bp, const char *str)
-{
-    if (bp->next_bio == NULL)
-        return (0);
-    return (BIO_puts(bp->next_bio, str));
-}
diff --git a/thirdparty/openssl/crypto/bio/bf_null.c b/thirdparty/openssl/crypto/bio/bf_null.c
deleted file mode 100644
index e0c79e8291..0000000000
--- a/thirdparty/openssl/crypto/bio/bf_null.c
+++ /dev/null
@@ -1,189 +0,0 @@
-/* crypto/bio/bf_null.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-/*
- * BIO_put and BIO_get both add to the digest, BIO_gets returns the digest
- */
-
-static int nullf_write(BIO *h, const char *buf, int num);
-static int nullf_read(BIO *h, char *buf, int size);
-static int nullf_puts(BIO *h, const char *str);
-static int nullf_gets(BIO *h, char *str, int size);
-static long nullf_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int nullf_new(BIO *h);
-static int nullf_free(BIO *data);
-static long nullf_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-static BIO_METHOD methods_nullf = {
-    BIO_TYPE_NULL_FILTER,
-    "NULL filter",
-    nullf_write,
-    nullf_read,
-    nullf_puts,
-    nullf_gets,
-    nullf_ctrl,
-    nullf_new,
-    nullf_free,
-    nullf_callback_ctrl,
-};
-
-BIO_METHOD *BIO_f_null(void)
-{
-    return (&methods_nullf);
-}
-
-static int nullf_new(BIO *bi)
-{
-    bi->init = 1;
-    bi->ptr = NULL;
-    bi->flags = 0;
-    return (1);
-}
-
-static int nullf_free(BIO *a)
-{
-    if (a == NULL)
-        return (0);
-    /*-
-    a->ptr=NULL;
-    a->init=0;
-    a->flags=0;
-    */
-    return (1);
-}
-
-static int nullf_read(BIO *b, char *out, int outl)
-{
-    int ret = 0;
-
-    if (out == NULL)
-        return (0);
-    if (b->next_bio == NULL)
-        return (0);
-    ret = BIO_read(b->next_bio, out, outl);
-    BIO_clear_retry_flags(b);
-    BIO_copy_next_retry(b);
-    return (ret);
-}
-
-static int nullf_write(BIO *b, const char *in, int inl)
-{
-    int ret = 0;
-
-    if ((in == NULL) || (inl <= 0))
-        return (0);
-    if (b->next_bio == NULL)
-        return (0);
-    ret = BIO_write(b->next_bio, in, inl);
-    BIO_clear_retry_flags(b);
-    BIO_copy_next_retry(b);
-    return (ret);
-}
-
-static long nullf_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-    long ret;
-
-    if (b->next_bio == NULL)
-        return (0);
-    switch (cmd) {
-    case BIO_C_DO_STATE_MACHINE:
-        BIO_clear_retry_flags(b);
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        BIO_copy_next_retry(b);
-        break;
-    case BIO_CTRL_DUP:
-        ret = 0L;
-        break;
-    default:
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-    }
-    return (ret);
-}
-
-static long nullf_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
-    long ret = 1;
-
-    if (b->next_bio == NULL)
-        return (0);
-    switch (cmd) {
-    default:
-        ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
-        break;
-    }
-    return (ret);
-}
-
-static int nullf_gets(BIO *bp, char *buf, int size)
-{
-    if (bp->next_bio == NULL)
-        return (0);
-    return (BIO_gets(bp->next_bio, buf, size));
-}
-
-static int nullf_puts(BIO *bp, const char *str)
-{
-    if (bp->next_bio == NULL)
-        return (0);
-    return (BIO_puts(bp->next_bio, str));
-}
diff --git a/thirdparty/openssl/crypto/bio/bio_cb.c b/thirdparty/openssl/crypto/bio/bio_cb.c
deleted file mode 100644
index f96294bb43..0000000000
--- a/thirdparty/openssl/crypto/bio/bio_cb.c
+++ /dev/null
@@ -1,148 +0,0 @@
-/* crypto/bio/bio_cb.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-#include <openssl/err.h>
-
-long MS_CALLBACK BIO_debug_callback(BIO *bio, int cmd, const char *argp,
-                                    int argi, long argl, long ret)
-{
-    BIO *b;
-    MS_STATIC char buf[256];
-    char *p;
-    long r = 1;
-    int len;
-    size_t p_maxlen;
-
-    if (BIO_CB_RETURN & cmd)
-        r = ret;
-
-    len = BIO_snprintf(buf,sizeof buf,"BIO[%p]: ",(void *)bio);
-
-    /* Ignore errors and continue printing the other information. */
-    if (len < 0)
-        len = 0;
-    p = buf + len;
-    p_maxlen = sizeof(buf) - len;
-
-    switch (cmd) {
-    case BIO_CB_FREE:
-        BIO_snprintf(p, p_maxlen, "Free - %s\n", bio->method->name);
-        break;
-    case BIO_CB_READ:
-        if (bio->method->type & BIO_TYPE_DESCRIPTOR)
-            BIO_snprintf(p, p_maxlen, "read(%d,%lu) - %s fd=%d\n",
-                         bio->num, (unsigned long)argi,
-                         bio->method->name, bio->num);
-        else
-            BIO_snprintf(p, p_maxlen, "read(%d,%lu) - %s\n",
-                         bio->num, (unsigned long)argi, bio->method->name);
-        break;
-    case BIO_CB_WRITE:
-        if (bio->method->type & BIO_TYPE_DESCRIPTOR)
-            BIO_snprintf(p, p_maxlen, "write(%d,%lu) - %s fd=%d\n",
-                         bio->num, (unsigned long)argi,
-                         bio->method->name, bio->num);
-        else
-            BIO_snprintf(p, p_maxlen, "write(%d,%lu) - %s\n",
-                         bio->num, (unsigned long)argi, bio->method->name);
-        break;
-    case BIO_CB_PUTS:
-        BIO_snprintf(p, p_maxlen, "puts() - %s\n", bio->method->name);
-        break;
-    case BIO_CB_GETS:
-        BIO_snprintf(p, p_maxlen, "gets(%lu) - %s\n", (unsigned long)argi,
-                     bio->method->name);
-        break;
-    case BIO_CB_CTRL:
-        BIO_snprintf(p, p_maxlen, "ctrl(%lu) - %s\n", (unsigned long)argi,
-                     bio->method->name);
-        break;
-    case BIO_CB_RETURN | BIO_CB_READ:
-        BIO_snprintf(p, p_maxlen, "read return %ld\n", ret);
-        break;
-    case BIO_CB_RETURN | BIO_CB_WRITE:
-        BIO_snprintf(p, p_maxlen, "write return %ld\n", ret);
-        break;
-    case BIO_CB_RETURN | BIO_CB_GETS:
-        BIO_snprintf(p, p_maxlen, "gets return %ld\n", ret);
-        break;
-    case BIO_CB_RETURN | BIO_CB_PUTS:
-        BIO_snprintf(p, p_maxlen, "puts return %ld\n", ret);
-        break;
-    case BIO_CB_RETURN | BIO_CB_CTRL:
-        BIO_snprintf(p, p_maxlen, "ctrl return %ld\n", ret);
-        break;
-    default:
-        BIO_snprintf(p, p_maxlen, "bio callback - unknown type (%d)\n", cmd);
-        break;
-    }
-
-    b = (BIO *)bio->cb_arg;
-    if (b != NULL)
-        BIO_write(b, buf, strlen(buf));
-#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16)
-    else
-        fputs(buf, stderr);
-#endif
-    return (r);
-}
diff --git a/thirdparty/openssl/crypto/bio/bio_err.c b/thirdparty/openssl/crypto/bio/bio_err.c
deleted file mode 100644
index d9007aa3d3..0000000000
--- a/thirdparty/openssl/crypto/bio/bio_err.c
+++ /dev/null
@@ -1,157 +0,0 @@
-/* crypto/bio/bio_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2015 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/bio.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_BIO,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_BIO,0,reason)
-
-static ERR_STRING_DATA BIO_str_functs[] = {
-    {ERR_FUNC(BIO_F_ACPT_STATE), "ACPT_STATE"},
-    {ERR_FUNC(BIO_F_BIO_ACCEPT), "BIO_accept"},
-    {ERR_FUNC(BIO_F_BIO_BER_GET_HEADER), "BIO_BER_GET_HEADER"},
-    {ERR_FUNC(BIO_F_BIO_CALLBACK_CTRL), "BIO_callback_ctrl"},
-    {ERR_FUNC(BIO_F_BIO_CTRL), "BIO_ctrl"},
-    {ERR_FUNC(BIO_F_BIO_GETHOSTBYNAME), "BIO_gethostbyname"},
-    {ERR_FUNC(BIO_F_BIO_GETS), "BIO_gets"},
-    {ERR_FUNC(BIO_F_BIO_GET_ACCEPT_SOCKET), "BIO_get_accept_socket"},
-    {ERR_FUNC(BIO_F_BIO_GET_HOST_IP), "BIO_get_host_ip"},
-    {ERR_FUNC(BIO_F_BIO_GET_PORT), "BIO_get_port"},
-    {ERR_FUNC(BIO_F_BIO_MAKE_PAIR), "BIO_MAKE_PAIR"},
-    {ERR_FUNC(BIO_F_BIO_NEW), "BIO_new"},
-    {ERR_FUNC(BIO_F_BIO_NEW_FILE), "BIO_new_file"},
-    {ERR_FUNC(BIO_F_BIO_NEW_MEM_BUF), "BIO_new_mem_buf"},
-    {ERR_FUNC(BIO_F_BIO_NREAD), "BIO_nread"},
-    {ERR_FUNC(BIO_F_BIO_NREAD0), "BIO_nread0"},
-    {ERR_FUNC(BIO_F_BIO_NWRITE), "BIO_nwrite"},
-    {ERR_FUNC(BIO_F_BIO_NWRITE0), "BIO_nwrite0"},
-    {ERR_FUNC(BIO_F_BIO_PUTS), "BIO_puts"},
-    {ERR_FUNC(BIO_F_BIO_READ), "BIO_read"},
-    {ERR_FUNC(BIO_F_BIO_SOCK_INIT), "BIO_sock_init"},
-    {ERR_FUNC(BIO_F_BIO_WRITE), "BIO_write"},
-    {ERR_FUNC(BIO_F_BUFFER_CTRL), "BUFFER_CTRL"},
-    {ERR_FUNC(BIO_F_CONN_CTRL), "CONN_CTRL"},
-    {ERR_FUNC(BIO_F_CONN_STATE), "CONN_STATE"},
-    {ERR_FUNC(BIO_F_DGRAM_SCTP_READ), "DGRAM_SCTP_READ"},
-    {ERR_FUNC(BIO_F_DGRAM_SCTP_WRITE), "DGRAM_SCTP_WRITE"},
-    {ERR_FUNC(BIO_F_FILE_CTRL), "FILE_CTRL"},
-    {ERR_FUNC(BIO_F_FILE_READ), "FILE_READ"},
-    {ERR_FUNC(BIO_F_LINEBUFFER_CTRL), "LINEBUFFER_CTRL"},
-    {ERR_FUNC(BIO_F_MEM_READ), "MEM_READ"},
-    {ERR_FUNC(BIO_F_MEM_WRITE), "MEM_WRITE"},
-    {ERR_FUNC(BIO_F_SSL_NEW), "SSL_new"},
-    {ERR_FUNC(BIO_F_WSASTARTUP), "WSASTARTUP"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA BIO_str_reasons[] = {
-    {ERR_REASON(BIO_R_ACCEPT_ERROR), "accept error"},
-    {ERR_REASON(BIO_R_BAD_FOPEN_MODE), "bad fopen mode"},
-    {ERR_REASON(BIO_R_BAD_HOSTNAME_LOOKUP), "bad hostname lookup"},
-    {ERR_REASON(BIO_R_BROKEN_PIPE), "broken pipe"},
-    {ERR_REASON(BIO_R_CONNECT_ERROR), "connect error"},
-    {ERR_REASON(BIO_R_EOF_ON_MEMORY_BIO), "EOF on memory BIO"},
-    {ERR_REASON(BIO_R_ERROR_SETTING_NBIO), "error setting nbio"},
-    {ERR_REASON(BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET),
-     "error setting nbio on accepted socket"},
-    {ERR_REASON(BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET),
-     "error setting nbio on accept socket"},
-    {ERR_REASON(BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET),
-     "gethostbyname addr is not af inet"},
-    {ERR_REASON(BIO_R_INVALID_ARGUMENT), "invalid argument"},
-    {ERR_REASON(BIO_R_INVALID_IP_ADDRESS), "invalid ip address"},
-    {ERR_REASON(BIO_R_IN_USE), "in use"},
-    {ERR_REASON(BIO_R_KEEPALIVE), "keepalive"},
-    {ERR_REASON(BIO_R_NBIO_CONNECT_ERROR), "nbio connect error"},
-    {ERR_REASON(BIO_R_NO_ACCEPT_PORT_SPECIFIED), "no accept port specified"},
-    {ERR_REASON(BIO_R_NO_HOSTNAME_SPECIFIED), "no hostname specified"},
-    {ERR_REASON(BIO_R_NO_PORT_DEFINED), "no port defined"},
-    {ERR_REASON(BIO_R_NO_PORT_SPECIFIED), "no port specified"},
-    {ERR_REASON(BIO_R_NO_SUCH_FILE), "no such file"},
-    {ERR_REASON(BIO_R_NULL_PARAMETER), "null parameter"},
-    {ERR_REASON(BIO_R_TAG_MISMATCH), "tag mismatch"},
-    {ERR_REASON(BIO_R_UNABLE_TO_BIND_SOCKET), "unable to bind socket"},
-    {ERR_REASON(BIO_R_UNABLE_TO_CREATE_SOCKET), "unable to create socket"},
-    {ERR_REASON(BIO_R_UNABLE_TO_LISTEN_SOCKET), "unable to listen socket"},
-    {ERR_REASON(BIO_R_UNINITIALIZED), "uninitialized"},
-    {ERR_REASON(BIO_R_UNSUPPORTED_METHOD), "unsupported method"},
-    {ERR_REASON(BIO_R_WRITE_TO_READ_ONLY_BIO), "write to read only BIO"},
-    {ERR_REASON(BIO_R_WSASTARTUP), "WSAStartup"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_BIO_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(BIO_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, BIO_str_functs);
-        ERR_load_strings(0, BIO_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/bio/bio_lcl.h b/thirdparty/openssl/crypto/bio/bio_lcl.h
deleted file mode 100644
index 741884da84..0000000000
--- a/thirdparty/openssl/crypto/bio/bio_lcl.h
+++ /dev/null
@@ -1,36 +0,0 @@
-#include <openssl/bio.h>
-
-#if BIO_FLAGS_UPLINK==0
-/* Shortcut UPLINK calls on most platforms... */
-# define UP_stdin        stdin
-# define UP_stdout       stdout
-# define UP_stderr       stderr
-# define UP_fprintf      fprintf
-# define UP_fgets        fgets
-# define UP_fread        fread
-# define UP_fwrite       fwrite
-# undef  UP_fsetmod
-# define UP_feof         feof
-# define UP_fclose       fclose
-
-# define UP_fopen        fopen
-# define UP_fseek        fseek
-# define UP_ftell        ftell
-# define UP_fflush       fflush
-# define UP_ferror       ferror
-# ifdef _WIN32
-#  define UP_fileno       _fileno
-#  define UP_open         _open
-#  define UP_read         _read
-#  define UP_write        _write
-#  define UP_lseek        _lseek
-#  define UP_close        _close
-# else
-#  define UP_fileno       fileno
-#  define UP_open         open
-#  define UP_read         read
-#  define UP_write        write
-#  define UP_lseek        lseek
-#  define UP_close        close
-# endif
-#endif
diff --git a/thirdparty/openssl/crypto/bio/bio_lib.c b/thirdparty/openssl/crypto/bio/bio_lib.c
deleted file mode 100644
index 07934f8a66..0000000000
--- a/thirdparty/openssl/crypto/bio/bio_lib.c
+++ /dev/null
@@ -1,596 +0,0 @@
-/* crypto/bio/bio_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-#include <openssl/stack.h>
-
-BIO *BIO_new(BIO_METHOD *method)
-{
-    BIO *ret = NULL;
-
-    ret = (BIO *)OPENSSL_malloc(sizeof(BIO));
-    if (ret == NULL) {
-        BIOerr(BIO_F_BIO_NEW, ERR_R_MALLOC_FAILURE);
-        return (NULL);
-    }
-    if (!BIO_set(ret, method)) {
-        OPENSSL_free(ret);
-        ret = NULL;
-    }
-    return (ret);
-}
-
-int BIO_set(BIO *bio, BIO_METHOD *method)
-{
-    bio->method = method;
-    bio->callback = NULL;
-    bio->cb_arg = NULL;
-    bio->init = 0;
-    bio->shutdown = 1;
-    bio->flags = 0;
-    bio->retry_reason = 0;
-    bio->num = 0;
-    bio->ptr = NULL;
-    bio->prev_bio = NULL;
-    bio->next_bio = NULL;
-    bio->references = 1;
-    bio->num_read = 0L;
-    bio->num_write = 0L;
-    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_BIO, bio, &bio->ex_data);
-    if (method->create != NULL)
-        if (!method->create(bio)) {
-            CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, bio, &bio->ex_data);
-            return (0);
-        }
-    return (1);
-}
-
-int BIO_free(BIO *a)
-{
-    int i;
-
-    if (a == NULL)
-        return (0);
-
-    i = CRYPTO_add(&a->references, -1, CRYPTO_LOCK_BIO);
-#ifdef REF_PRINT
-    REF_PRINT("BIO", a);
-#endif
-    if (i > 0)
-        return (1);
-#ifdef REF_CHECK
-    if (i < 0) {
-        fprintf(stderr, "BIO_free, bad reference count\n");
-        abort();
-    }
-#endif
-    if ((a->callback != NULL) &&
-        ((i = (int)a->callback(a, BIO_CB_FREE, NULL, 0, 0L, 1L)) <= 0))
-        return (i);
-
-    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, a, &a->ex_data);
-
-    if ((a->method != NULL) && (a->method->destroy != NULL))
-        a->method->destroy(a);
-    OPENSSL_free(a);
-    return (1);
-}
-
-void BIO_vfree(BIO *a)
-{
-    BIO_free(a);
-}
-
-void BIO_clear_flags(BIO *b, int flags)
-{
-    b->flags &= ~flags;
-}
-
-int BIO_test_flags(const BIO *b, int flags)
-{
-    return (b->flags & flags);
-}
-
-void BIO_set_flags(BIO *b, int flags)
-{
-    b->flags |= flags;
-}
-
-long (*BIO_get_callback(const BIO *b)) (struct bio_st *, int, const char *,
-                                        int, long, long) {
-    return b->callback;
-}
-
-void BIO_set_callback(BIO *b,
-                      long (*cb) (struct bio_st *, int, const char *, int,
-                                  long, long))
-{
-    b->callback = cb;
-}
-
-void BIO_set_callback_arg(BIO *b, char *arg)
-{
-    b->cb_arg = arg;
-}
-
-char *BIO_get_callback_arg(const BIO *b)
-{
-    return b->cb_arg;
-}
-
-const char *BIO_method_name(const BIO *b)
-{
-    return b->method->name;
-}
-
-int BIO_method_type(const BIO *b)
-{
-    return b->method->type;
-}
-
-int BIO_read(BIO *b, void *out, int outl)
-{
-    int i;
-    long (*cb) (BIO *, int, const char *, int, long, long);
-
-    if ((b == NULL) || (b->method == NULL) || (b->method->bread == NULL)) {
-        BIOerr(BIO_F_BIO_READ, BIO_R_UNSUPPORTED_METHOD);
-        return (-2);
-    }
-
-    cb = b->callback;
-    if ((cb != NULL) &&
-        ((i = (int)cb(b, BIO_CB_READ, out, outl, 0L, 1L)) <= 0))
-        return (i);
-
-    if (!b->init) {
-        BIOerr(BIO_F_BIO_READ, BIO_R_UNINITIALIZED);
-        return (-2);
-    }
-
-    i = b->method->bread(b, out, outl);
-
-    if (i > 0)
-        b->num_read += (unsigned long)i;
-
-    if (cb != NULL)
-        i = (int)cb(b, BIO_CB_READ | BIO_CB_RETURN, out, outl, 0L, (long)i);
-    return (i);
-}
-
-int BIO_write(BIO *b, const void *in, int inl)
-{
-    int i;
-    long (*cb) (BIO *, int, const char *, int, long, long);
-
-    if (b == NULL)
-        return (0);
-
-    cb = b->callback;
-    if ((b->method == NULL) || (b->method->bwrite == NULL)) {
-        BIOerr(BIO_F_BIO_WRITE, BIO_R_UNSUPPORTED_METHOD);
-        return (-2);
-    }
-
-    if ((cb != NULL) &&
-        ((i = (int)cb(b, BIO_CB_WRITE, in, inl, 0L, 1L)) <= 0))
-        return (i);
-
-    if (!b->init) {
-        BIOerr(BIO_F_BIO_WRITE, BIO_R_UNINITIALIZED);
-        return (-2);
-    }
-
-    i = b->method->bwrite(b, in, inl);
-
-    if (i > 0)
-        b->num_write += (unsigned long)i;
-
-    if (cb != NULL)
-        i = (int)cb(b, BIO_CB_WRITE | BIO_CB_RETURN, in, inl, 0L, (long)i);
-    return (i);
-}
-
-int BIO_puts(BIO *b, const char *in)
-{
-    int i;
-    long (*cb) (BIO *, int, const char *, int, long, long);
-
-    if ((b == NULL) || (b->method == NULL) || (b->method->bputs == NULL)) {
-        BIOerr(BIO_F_BIO_PUTS, BIO_R_UNSUPPORTED_METHOD);
-        return (-2);
-    }
-
-    cb = b->callback;
-
-    if ((cb != NULL) && ((i = (int)cb(b, BIO_CB_PUTS, in, 0, 0L, 1L)) <= 0))
-        return (i);
-
-    if (!b->init) {
-        BIOerr(BIO_F_BIO_PUTS, BIO_R_UNINITIALIZED);
-        return (-2);
-    }
-
-    i = b->method->bputs(b, in);
-
-    if (i > 0)
-        b->num_write += (unsigned long)i;
-
-    if (cb != NULL)
-        i = (int)cb(b, BIO_CB_PUTS | BIO_CB_RETURN, in, 0, 0L, (long)i);
-    return (i);
-}
-
-int BIO_gets(BIO *b, char *in, int inl)
-{
-    int i;
-    long (*cb) (BIO *, int, const char *, int, long, long);
-
-    if ((b == NULL) || (b->method == NULL) || (b->method->bgets == NULL)) {
-        BIOerr(BIO_F_BIO_GETS, BIO_R_UNSUPPORTED_METHOD);
-        return (-2);
-    }
-
-    cb = b->callback;
-
-    if ((cb != NULL) && ((i = (int)cb(b, BIO_CB_GETS, in, inl, 0L, 1L)) <= 0))
-        return (i);
-
-    if (!b->init) {
-        BIOerr(BIO_F_BIO_GETS, BIO_R_UNINITIALIZED);
-        return (-2);
-    }
-
-    i = b->method->bgets(b, in, inl);
-
-    if (cb != NULL)
-        i = (int)cb(b, BIO_CB_GETS | BIO_CB_RETURN, in, inl, 0L, (long)i);
-    return (i);
-}
-
-int BIO_indent(BIO *b, int indent, int max)
-{
-    if (indent < 0)
-        indent = 0;
-    if (indent > max)
-        indent = max;
-    while (indent--)
-        if (BIO_puts(b, " ") != 1)
-            return 0;
-    return 1;
-}
-
-long BIO_int_ctrl(BIO *b, int cmd, long larg, int iarg)
-{
-    int i;
-
-    i = iarg;
-    return (BIO_ctrl(b, cmd, larg, (char *)&i));
-}
-
-char *BIO_ptr_ctrl(BIO *b, int cmd, long larg)
-{
-    char *p = NULL;
-
-    if (BIO_ctrl(b, cmd, larg, (char *)&p) <= 0)
-        return (NULL);
-    else
-        return (p);
-}
-
-long BIO_ctrl(BIO *b, int cmd, long larg, void *parg)
-{
-    long ret;
-    long (*cb) (BIO *, int, const char *, int, long, long);
-
-    if (b == NULL)
-        return (0);
-
-    if ((b->method == NULL) || (b->method->ctrl == NULL)) {
-        BIOerr(BIO_F_BIO_CTRL, BIO_R_UNSUPPORTED_METHOD);
-        return (-2);
-    }
-
-    cb = b->callback;
-
-    if ((cb != NULL) &&
-        ((ret = cb(b, BIO_CB_CTRL, parg, cmd, larg, 1L)) <= 0))
-        return (ret);
-
-    ret = b->method->ctrl(b, cmd, larg, parg);
-
-    if (cb != NULL)
-        ret = cb(b, BIO_CB_CTRL | BIO_CB_RETURN, parg, cmd, larg, ret);
-    return (ret);
-}
-
-long BIO_callback_ctrl(BIO *b, int cmd,
-                       void (*fp) (struct bio_st *, int, const char *, int,
-                                   long, long))
-{
-    long ret;
-    long (*cb) (BIO *, int, const char *, int, long, long);
-
-    if (b == NULL)
-        return (0);
-
-    if ((b->method == NULL) || (b->method->callback_ctrl == NULL)) {
-        BIOerr(BIO_F_BIO_CALLBACK_CTRL, BIO_R_UNSUPPORTED_METHOD);
-        return (-2);
-    }
-
-    cb = b->callback;
-
-    if ((cb != NULL) &&
-        ((ret = cb(b, BIO_CB_CTRL, (void *)&fp, cmd, 0, 1L)) <= 0))
-        return (ret);
-
-    ret = b->method->callback_ctrl(b, cmd, fp);
-
-    if (cb != NULL)
-        ret = cb(b, BIO_CB_CTRL | BIO_CB_RETURN, (void *)&fp, cmd, 0, ret);
-    return (ret);
-}
-
-/*
- * It is unfortunate to duplicate in functions what the BIO_(w)pending macros
- * do; but those macros have inappropriate return type, and for interfacing
- * from other programming languages, C macros aren't much of a help anyway.
- */
-size_t BIO_ctrl_pending(BIO *bio)
-{
-    return BIO_ctrl(bio, BIO_CTRL_PENDING, 0, NULL);
-}
-
-size_t BIO_ctrl_wpending(BIO *bio)
-{
-    return BIO_ctrl(bio, BIO_CTRL_WPENDING, 0, NULL);
-}
-
-/* put the 'bio' on the end of b's list of operators */
-BIO *BIO_push(BIO *b, BIO *bio)
-{
-    BIO *lb;
-
-    if (b == NULL)
-        return (bio);
-    lb = b;
-    while (lb->next_bio != NULL)
-        lb = lb->next_bio;
-    lb->next_bio = bio;
-    if (bio != NULL)
-        bio->prev_bio = lb;
-    /* called to do internal processing */
-    BIO_ctrl(b, BIO_CTRL_PUSH, 0, lb);
-    return (b);
-}
-
-/* Remove the first and return the rest */
-BIO *BIO_pop(BIO *b)
-{
-    BIO *ret;
-
-    if (b == NULL)
-        return (NULL);
-    ret = b->next_bio;
-
-    BIO_ctrl(b, BIO_CTRL_POP, 0, b);
-
-    if (b->prev_bio != NULL)
-        b->prev_bio->next_bio = b->next_bio;
-    if (b->next_bio != NULL)
-        b->next_bio->prev_bio = b->prev_bio;
-
-    b->next_bio = NULL;
-    b->prev_bio = NULL;
-    return (ret);
-}
-
-BIO *BIO_get_retry_BIO(BIO *bio, int *reason)
-{
-    BIO *b, *last;
-
-    b = last = bio;
-    for (;;) {
-        if (!BIO_should_retry(b))
-            break;
-        last = b;
-        b = b->next_bio;
-        if (b == NULL)
-            break;
-    }
-    if (reason != NULL)
-        *reason = last->retry_reason;
-    return (last);
-}
-
-int BIO_get_retry_reason(BIO *bio)
-{
-    return (bio->retry_reason);
-}
-
-BIO *BIO_find_type(BIO *bio, int type)
-{
-    int mt, mask;
-
-    if (!bio)
-        return NULL;
-    mask = type & 0xff;
-    do {
-        if (bio->method != NULL) {
-            mt = bio->method->type;
-
-            if (!mask) {
-                if (mt & type)
-                    return (bio);
-            } else if (mt == type)
-                return (bio);
-        }
-        bio = bio->next_bio;
-    } while (bio != NULL);
-    return (NULL);
-}
-
-BIO *BIO_next(BIO *b)
-{
-    if (!b)
-        return NULL;
-    return b->next_bio;
-}
-
-void BIO_free_all(BIO *bio)
-{
-    BIO *b;
-    int ref;
-
-    while (bio != NULL) {
-        b = bio;
-        ref = b->references;
-        bio = bio->next_bio;
-        BIO_free(b);
-        /* Since ref count > 1, don't free anyone else. */
-        if (ref > 1)
-            break;
-    }
-}
-
-BIO *BIO_dup_chain(BIO *in)
-{
-    BIO *ret = NULL, *eoc = NULL, *bio, *new_bio;
-
-    for (bio = in; bio != NULL; bio = bio->next_bio) {
-        if ((new_bio = BIO_new(bio->method)) == NULL)
-            goto err;
-        new_bio->callback = bio->callback;
-        new_bio->cb_arg = bio->cb_arg;
-        new_bio->init = bio->init;
-        new_bio->shutdown = bio->shutdown;
-        new_bio->flags = bio->flags;
-
-        /* This will let SSL_s_sock() work with stdin/stdout */
-        new_bio->num = bio->num;
-
-        if (!BIO_dup_state(bio, (char *)new_bio)) {
-            BIO_free(new_bio);
-            goto err;
-        }
-
-        /* copy app data */
-        if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_BIO, &new_bio->ex_data,
-                                &bio->ex_data)) {
-            BIO_free(new_bio);
-            goto err;
-        }
-
-        if (ret == NULL) {
-            eoc = new_bio;
-            ret = eoc;
-        } else {
-            BIO_push(eoc, new_bio);
-            eoc = new_bio;
-        }
-    }
-    return (ret);
- err:
-    BIO_free_all(ret);
-
-    return (NULL);
-}
-
-void BIO_copy_next_retry(BIO *b)
-{
-    BIO_set_flags(b, BIO_get_retry_flags(b->next_bio));
-    b->retry_reason = b->next_bio->retry_reason;
-}
-
-int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-                         CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_BIO, argl, argp,
-                                   new_func, dup_func, free_func);
-}
-
-int BIO_set_ex_data(BIO *bio, int idx, void *data)
-{
-    return (CRYPTO_set_ex_data(&(bio->ex_data), idx, data));
-}
-
-void *BIO_get_ex_data(BIO *bio, int idx)
-{
-    return (CRYPTO_get_ex_data(&(bio->ex_data), idx));
-}
-
-unsigned long BIO_number_read(BIO *bio)
-{
-    if (bio)
-        return bio->num_read;
-    return 0;
-}
-
-unsigned long BIO_number_written(BIO *bio)
-{
-    if (bio)
-        return bio->num_write;
-    return 0;
-}
-
-IMPLEMENT_STACK_OF(BIO)
diff --git a/thirdparty/openssl/crypto/bio/bss_acpt.c b/thirdparty/openssl/crypto/bio/bss_acpt.c
deleted file mode 100644
index 4a5e39bd38..0000000000
--- a/thirdparty/openssl/crypto/bio/bss_acpt.c
+++ /dev/null
@@ -1,463 +0,0 @@
-/* crypto/bio/bss_acpt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-#ifndef OPENSSL_NO_SOCK
-
-# ifdef OPENSSL_SYS_WIN16
-#  define SOCKET_PROTOCOL 0     /* more microsoft stupidity */
-# else
-#  define SOCKET_PROTOCOL IPPROTO_TCP
-# endif
-
-# if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
-/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
-#  undef FIONBIO
-# endif
-
-typedef struct bio_accept_st {
-    int state;
-    char *param_addr;
-    int accept_sock;
-    int accept_nbio;
-    char *addr;
-    int nbio;
-    /*
-     * If 0, it means normal, if 1, do a connect on bind failure, and if
-     * there is no-one listening, bind with SO_REUSEADDR. If 2, always use
-     * SO_REUSEADDR.
-     */
-    int bind_mode;
-    BIO *bio_chain;
-} BIO_ACCEPT;
-
-static int acpt_write(BIO *h, const char *buf, int num);
-static int acpt_read(BIO *h, char *buf, int size);
-static int acpt_puts(BIO *h, const char *str);
-static long acpt_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int acpt_new(BIO *h);
-static int acpt_free(BIO *data);
-static int acpt_state(BIO *b, BIO_ACCEPT *c);
-static void acpt_close_socket(BIO *data);
-static BIO_ACCEPT *BIO_ACCEPT_new(void);
-static void BIO_ACCEPT_free(BIO_ACCEPT *a);
-
-# define ACPT_S_BEFORE                   1
-# define ACPT_S_GET_ACCEPT_SOCKET        2
-# define ACPT_S_OK                       3
-
-static BIO_METHOD methods_acceptp = {
-    BIO_TYPE_ACCEPT,
-    "socket accept",
-    acpt_write,
-    acpt_read,
-    acpt_puts,
-    NULL,                       /* connect_gets, */
-    acpt_ctrl,
-    acpt_new,
-    acpt_free,
-    NULL,
-};
-
-BIO_METHOD *BIO_s_accept(void)
-{
-    return (&methods_acceptp);
-}
-
-static int acpt_new(BIO *bi)
-{
-    BIO_ACCEPT *ba;
-
-    bi->init = 0;
-    bi->num = INVALID_SOCKET;
-    bi->flags = 0;
-    if ((ba = BIO_ACCEPT_new()) == NULL)
-        return (0);
-    bi->ptr = (char *)ba;
-    ba->state = ACPT_S_BEFORE;
-    bi->shutdown = 1;
-    return (1);
-}
-
-static BIO_ACCEPT *BIO_ACCEPT_new(void)
-{
-    BIO_ACCEPT *ret;
-
-    if ((ret = (BIO_ACCEPT *)OPENSSL_malloc(sizeof(BIO_ACCEPT))) == NULL)
-        return (NULL);
-
-    memset(ret, 0, sizeof(BIO_ACCEPT));
-    ret->accept_sock = INVALID_SOCKET;
-    ret->bind_mode = BIO_BIND_NORMAL;
-    return (ret);
-}
-
-static void BIO_ACCEPT_free(BIO_ACCEPT *a)
-{
-    if (a == NULL)
-        return;
-
-    if (a->param_addr != NULL)
-        OPENSSL_free(a->param_addr);
-    if (a->addr != NULL)
-        OPENSSL_free(a->addr);
-    if (a->bio_chain != NULL)
-        BIO_free(a->bio_chain);
-    OPENSSL_free(a);
-}
-
-static void acpt_close_socket(BIO *bio)
-{
-    BIO_ACCEPT *c;
-
-    c = (BIO_ACCEPT *)bio->ptr;
-    if (c->accept_sock != INVALID_SOCKET) {
-        shutdown(c->accept_sock, 2);
-        closesocket(c->accept_sock);
-        c->accept_sock = INVALID_SOCKET;
-        bio->num = INVALID_SOCKET;
-    }
-}
-
-static int acpt_free(BIO *a)
-{
-    BIO_ACCEPT *data;
-
-    if (a == NULL)
-        return (0);
-    data = (BIO_ACCEPT *)a->ptr;
-
-    if (a->shutdown) {
-        acpt_close_socket(a);
-        BIO_ACCEPT_free(data);
-        a->ptr = NULL;
-        a->flags = 0;
-        a->init = 0;
-    }
-    return (1);
-}
-
-static int acpt_state(BIO *b, BIO_ACCEPT *c)
-{
-    BIO *bio = NULL, *dbio;
-    int s = -1;
-    int i;
-
- again:
-    switch (c->state) {
-    case ACPT_S_BEFORE:
-        if (c->param_addr == NULL) {
-            BIOerr(BIO_F_ACPT_STATE, BIO_R_NO_ACCEPT_PORT_SPECIFIED);
-            return (-1);
-        }
-        s = BIO_get_accept_socket(c->param_addr, c->bind_mode);
-        if (s == INVALID_SOCKET)
-            return (-1);
-
-        if (c->accept_nbio) {
-            if (!BIO_socket_nbio(s, 1)) {
-                closesocket(s);
-                BIOerr(BIO_F_ACPT_STATE,
-                       BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET);
-                return (-1);
-            }
-        }
-        c->accept_sock = s;
-        b->num = s;
-        c->state = ACPT_S_GET_ACCEPT_SOCKET;
-        return (1);
-        /* break; */
-    case ACPT_S_GET_ACCEPT_SOCKET:
-        if (b->next_bio != NULL) {
-            c->state = ACPT_S_OK;
-            goto again;
-        }
-        BIO_clear_retry_flags(b);
-        b->retry_reason = 0;
-        i = BIO_accept(c->accept_sock, &(c->addr));
-
-        /* -2 return means we should retry */
-        if (i == -2) {
-            BIO_set_retry_special(b);
-            b->retry_reason = BIO_RR_ACCEPT;
-            return -1;
-        }
-
-        if (i < 0)
-            return (i);
-
-        bio = BIO_new_socket(i, BIO_CLOSE);
-        if (bio == NULL)
-            goto err;
-
-        BIO_set_callback(bio, BIO_get_callback(b));
-        BIO_set_callback_arg(bio, BIO_get_callback_arg(b));
-
-        if (c->nbio) {
-            if (!BIO_socket_nbio(i, 1)) {
-                BIOerr(BIO_F_ACPT_STATE,
-                       BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET);
-                goto err;
-            }
-        }
-
-        /*
-         * If the accept BIO has an bio_chain, we dup it and put the new
-         * socket at the end.
-         */
-        if (c->bio_chain != NULL) {
-            if ((dbio = BIO_dup_chain(c->bio_chain)) == NULL)
-                goto err;
-            if (!BIO_push(dbio, bio))
-                goto err;
-            bio = dbio;
-        }
-        if (BIO_push(b, bio) == NULL)
-            goto err;
-
-        c->state = ACPT_S_OK;
-        return (1);
- err:
-        if (bio != NULL)
-            BIO_free(bio);
-        else if (s >= 0)
-            closesocket(s);
-        return (0);
-        /* break; */
-    case ACPT_S_OK:
-        if (b->next_bio == NULL) {
-            c->state = ACPT_S_GET_ACCEPT_SOCKET;
-            goto again;
-        }
-        return (1);
-        /* break; */
-    default:
-        return (0);
-        /* break; */
-    }
-
-}
-
-static int acpt_read(BIO *b, char *out, int outl)
-{
-    int ret = 0;
-    BIO_ACCEPT *data;
-
-    BIO_clear_retry_flags(b);
-    data = (BIO_ACCEPT *)b->ptr;
-
-    while (b->next_bio == NULL) {
-        ret = acpt_state(b, data);
-        if (ret <= 0)
-            return (ret);
-    }
-
-    ret = BIO_read(b->next_bio, out, outl);
-    BIO_copy_next_retry(b);
-    return (ret);
-}
-
-static int acpt_write(BIO *b, const char *in, int inl)
-{
-    int ret;
-    BIO_ACCEPT *data;
-
-    BIO_clear_retry_flags(b);
-    data = (BIO_ACCEPT *)b->ptr;
-
-    while (b->next_bio == NULL) {
-        ret = acpt_state(b, data);
-        if (ret <= 0)
-            return (ret);
-    }
-
-    ret = BIO_write(b->next_bio, in, inl);
-    BIO_copy_next_retry(b);
-    return (ret);
-}
-
-static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-    int *ip;
-    long ret = 1;
-    BIO_ACCEPT *data;
-    char **pp;
-
-    data = (BIO_ACCEPT *)b->ptr;
-
-    switch (cmd) {
-    case BIO_CTRL_RESET:
-        ret = 0;
-        data->state = ACPT_S_BEFORE;
-        acpt_close_socket(b);
-        b->flags = 0;
-        break;
-    case BIO_C_DO_STATE_MACHINE:
-        /* use this one to start the connection */
-        ret = (long)acpt_state(b, data);
-        break;
-    case BIO_C_SET_ACCEPT:
-        if (ptr != NULL) {
-            if (num == 0) {
-                b->init = 1;
-                if (data->param_addr != NULL)
-                    OPENSSL_free(data->param_addr);
-                data->param_addr = BUF_strdup(ptr);
-            } else if (num == 1) {
-                data->accept_nbio = (ptr != NULL);
-            } else if (num == 2) {
-                if (data->bio_chain != NULL)
-                    BIO_free(data->bio_chain);
-                data->bio_chain = (BIO *)ptr;
-            }
-        }
-        break;
-    case BIO_C_SET_NBIO:
-        data->nbio = (int)num;
-        break;
-    case BIO_C_SET_FD:
-        b->init = 1;
-        b->num = *((int *)ptr);
-        data->accept_sock = b->num;
-        data->state = ACPT_S_GET_ACCEPT_SOCKET;
-        b->shutdown = (int)num;
-        b->init = 1;
-        break;
-    case BIO_C_GET_FD:
-        if (b->init) {
-            ip = (int *)ptr;
-            if (ip != NULL)
-                *ip = data->accept_sock;
-            ret = data->accept_sock;
-        } else
-            ret = -1;
-        break;
-    case BIO_C_GET_ACCEPT:
-        if (b->init) {
-            if (ptr != NULL) {
-                pp = (char **)ptr;
-                *pp = data->param_addr;
-            } else
-                ret = -1;
-        } else
-            ret = -1;
-        break;
-    case BIO_CTRL_GET_CLOSE:
-        ret = b->shutdown;
-        break;
-    case BIO_CTRL_SET_CLOSE:
-        b->shutdown = (int)num;
-        break;
-    case BIO_CTRL_PENDING:
-    case BIO_CTRL_WPENDING:
-        ret = 0;
-        break;
-    case BIO_CTRL_FLUSH:
-        break;
-    case BIO_C_SET_BIND_MODE:
-        data->bind_mode = (int)num;
-        break;
-    case BIO_C_GET_BIND_MODE:
-        ret = (long)data->bind_mode;
-        break;
-    case BIO_CTRL_DUP:
-/*-     dbio=(BIO *)ptr;
-        if (data->param_port) EAY EAY
-                BIO_set_port(dbio,data->param_port);
-        if (data->param_hostname)
-                BIO_set_hostname(dbio,data->param_hostname);
-        BIO_set_nbio(dbio,data->nbio); */
-        break;
-
-    default:
-        ret = 0;
-        break;
-    }
-    return (ret);
-}
-
-static int acpt_puts(BIO *bp, const char *str)
-{
-    int n, ret;
-
-    n = strlen(str);
-    ret = acpt_write(bp, str, n);
-    return (ret);
-}
-
-BIO *BIO_new_accept(const char *str)
-{
-    BIO *ret;
-
-    ret = BIO_new(BIO_s_accept());
-    if (ret == NULL)
-        return (NULL);
-    if (BIO_set_accept_port(ret, str))
-        return (ret);
-    else {
-        BIO_free(ret);
-        return (NULL);
-    }
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/bio/bss_bio.c b/thirdparty/openssl/crypto/bio/bss_bio.c
deleted file mode 100644
index 3dd8187729..0000000000
--- a/thirdparty/openssl/crypto/bio/bss_bio.c
+++ /dev/null
@@ -1,889 +0,0 @@
-/* crypto/bio/bss_bio.c  */
-/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * Special method for a BIO where the other endpoint is also a BIO of this
- * kind, handled by the same thread (i.e. the "peer" is actually ourselves,
- * wearing a different hat). Such "BIO pairs" are mainly for using the SSL
- * library with I/O interfaces for which no specific BIO method is available.
- * See ssl/ssltest.c for some hints on how this can be used.
- */
-
-/* BIO_DEBUG implies BIO_PAIR_DEBUG */
-#ifdef BIO_DEBUG
-# ifndef BIO_PAIR_DEBUG
-#  define BIO_PAIR_DEBUG
-# endif
-#endif
-
-/* disable assert() unless BIO_PAIR_DEBUG has been defined */
-#ifndef BIO_PAIR_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-
-#include <assert.h>
-#include <limits.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/crypto.h>
-
-#include "e_os.h"
-
-/* VxWorks defines SSIZE_MAX with an empty value causing compile errors */
-#if defined(OPENSSL_SYS_VXWORKS)
-# undef SSIZE_MAX
-#endif
-#ifndef SSIZE_MAX
-# define SSIZE_MAX INT_MAX
-#endif
-
-static int bio_new(BIO *bio);
-static int bio_free(BIO *bio);
-static int bio_read(BIO *bio, char *buf, int size);
-static int bio_write(BIO *bio, const char *buf, int num);
-static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr);
-static int bio_puts(BIO *bio, const char *str);
-
-static int bio_make_pair(BIO *bio1, BIO *bio2);
-static void bio_destroy_pair(BIO *bio);
-
-static BIO_METHOD methods_biop = {
-    BIO_TYPE_BIO,
-    "BIO pair",
-    bio_write,
-    bio_read,
-    bio_puts,
-    NULL /* no bio_gets */ ,
-    bio_ctrl,
-    bio_new,
-    bio_free,
-    NULL                        /* no bio_callback_ctrl */
-};
-
-BIO_METHOD *BIO_s_bio(void)
-{
-    return &methods_biop;
-}
-
-struct bio_bio_st {
-    BIO *peer;                  /* NULL if buf == NULL. If peer != NULL, then
-                                 * peer->ptr is also a bio_bio_st, and its
-                                 * "peer" member points back to us. peer !=
-                                 * NULL iff init != 0 in the BIO. */
-    /* This is for what we write (i.e. reading uses peer's struct): */
-    int closed;                 /* valid iff peer != NULL */
-    size_t len;                 /* valid iff buf != NULL; 0 if peer == NULL */
-    size_t offset;              /* valid iff buf != NULL; 0 if len == 0 */
-    size_t size;
-    char *buf;                  /* "size" elements (if != NULL) */
-    size_t request;             /* valid iff peer != NULL; 0 if len != 0,
-                                 * otherwise set by peer to number of bytes
-                                 * it (unsuccessfully) tried to read, never
-                                 * more than buffer space (size-len)
-                                 * warrants. */
-};
-
-static int bio_new(BIO *bio)
-{
-    struct bio_bio_st *b;
-
-    b = OPENSSL_malloc(sizeof *b);
-    if (b == NULL)
-        return 0;
-
-    b->peer = NULL;
-    b->closed = 0;
-    b->len = 0;
-    b->offset = 0;
-    /* enough for one TLS record (just a default) */
-    b->size = 17 * 1024;
-    b->buf = NULL;
-    b->request = 0;
-
-    bio->ptr = b;
-    return 1;
-}
-
-static int bio_free(BIO *bio)
-{
-    struct bio_bio_st *b;
-
-    if (bio == NULL)
-        return 0;
-    b = bio->ptr;
-
-    assert(b != NULL);
-
-    if (b->peer)
-        bio_destroy_pair(bio);
-
-    if (b->buf != NULL) {
-        OPENSSL_free(b->buf);
-    }
-
-    OPENSSL_free(b);
-
-    return 1;
-}
-
-static int bio_read(BIO *bio, char *buf, int size_)
-{
-    size_t size = size_;
-    size_t rest;
-    struct bio_bio_st *b, *peer_b;
-
-    BIO_clear_retry_flags(bio);
-
-    if (!bio->init)
-        return 0;
-
-    b = bio->ptr;
-    assert(b != NULL);
-    assert(b->peer != NULL);
-    peer_b = b->peer->ptr;
-    assert(peer_b != NULL);
-    assert(peer_b->buf != NULL);
-
-    peer_b->request = 0;        /* will be set in "retry_read" situation */
-
-    if (buf == NULL || size == 0)
-        return 0;
-
-    if (peer_b->len == 0) {
-        if (peer_b->closed)
-            return 0;           /* writer has closed, and no data is left */
-        else {
-            BIO_set_retry_read(bio); /* buffer is empty */
-            if (size <= peer_b->size)
-                peer_b->request = size;
-            else
-                /*
-                 * don't ask for more than the peer can deliver in one write
-                 */
-                peer_b->request = peer_b->size;
-            return -1;
-        }
-    }
-
-    /* we can read */
-    if (peer_b->len < size)
-        size = peer_b->len;
-
-    /* now read "size" bytes */
-
-    rest = size;
-
-    assert(rest > 0);
-    do {                        /* one or two iterations */
-        size_t chunk;
-
-        assert(rest <= peer_b->len);
-        if (peer_b->offset + rest <= peer_b->size)
-            chunk = rest;
-        else
-            /* wrap around ring buffer */
-            chunk = peer_b->size - peer_b->offset;
-        assert(peer_b->offset + chunk <= peer_b->size);
-
-        memcpy(buf, peer_b->buf + peer_b->offset, chunk);
-
-        peer_b->len -= chunk;
-        if (peer_b->len) {
-            peer_b->offset += chunk;
-            assert(peer_b->offset <= peer_b->size);
-            if (peer_b->offset == peer_b->size)
-                peer_b->offset = 0;
-            buf += chunk;
-        } else {
-            /* buffer now empty, no need to advance "buf" */
-            assert(chunk == rest);
-            peer_b->offset = 0;
-        }
-        rest -= chunk;
-    }
-    while (rest);
-
-    return size;
-}
-
-/*-
- * non-copying interface: provide pointer to available data in buffer
- *    bio_nread0:  return number of available bytes
- *    bio_nread:   also advance index
- * (example usage:  bio_nread0(), read from buffer, bio_nread()
- *  or just         bio_nread(), read from buffer)
- */
-/*
- * WARNING: The non-copying interface is largely untested as of yet and may
- * contain bugs.
- */
-static ossl_ssize_t bio_nread0(BIO *bio, char **buf)
-{
-    struct bio_bio_st *b, *peer_b;
-    ossl_ssize_t num;
-
-    BIO_clear_retry_flags(bio);
-
-    if (!bio->init)
-        return 0;
-
-    b = bio->ptr;
-    assert(b != NULL);
-    assert(b->peer != NULL);
-    peer_b = b->peer->ptr;
-    assert(peer_b != NULL);
-    assert(peer_b->buf != NULL);
-
-    peer_b->request = 0;
-
-    if (peer_b->len == 0) {
-        char dummy;
-
-        /* avoid code duplication -- nothing available for reading */
-        return bio_read(bio, &dummy, 1); /* returns 0 or -1 */
-    }
-
-    num = peer_b->len;
-    if (peer_b->size < peer_b->offset + num)
-        /* no ring buffer wrap-around for non-copying interface */
-        num = peer_b->size - peer_b->offset;
-    assert(num > 0);
-
-    if (buf != NULL)
-        *buf = peer_b->buf + peer_b->offset;
-    return num;
-}
-
-static ossl_ssize_t bio_nread(BIO *bio, char **buf, size_t num_)
-{
-    struct bio_bio_st *b, *peer_b;
-    ossl_ssize_t num, available;
-
-    if (num_ > SSIZE_MAX)
-        num = SSIZE_MAX;
-    else
-        num = (ossl_ssize_t) num_;
-
-    available = bio_nread0(bio, buf);
-    if (num > available)
-        num = available;
-    if (num <= 0)
-        return num;
-
-    b = bio->ptr;
-    peer_b = b->peer->ptr;
-
-    peer_b->len -= num;
-    if (peer_b->len) {
-        peer_b->offset += num;
-        assert(peer_b->offset <= peer_b->size);
-        if (peer_b->offset == peer_b->size)
-            peer_b->offset = 0;
-    } else
-        peer_b->offset = 0;
-
-    return num;
-}
-
-static int bio_write(BIO *bio, const char *buf, int num_)
-{
-    size_t num = num_;
-    size_t rest;
-    struct bio_bio_st *b;
-
-    BIO_clear_retry_flags(bio);
-
-    if (!bio->init || buf == NULL || num == 0)
-        return 0;
-
-    b = bio->ptr;
-    assert(b != NULL);
-    assert(b->peer != NULL);
-    assert(b->buf != NULL);
-
-    b->request = 0;
-    if (b->closed) {
-        /* we already closed */
-        BIOerr(BIO_F_BIO_WRITE, BIO_R_BROKEN_PIPE);
-        return -1;
-    }
-
-    assert(b->len <= b->size);
-
-    if (b->len == b->size) {
-        BIO_set_retry_write(bio); /* buffer is full */
-        return -1;
-    }
-
-    /* we can write */
-    if (num > b->size - b->len)
-        num = b->size - b->len;
-
-    /* now write "num" bytes */
-
-    rest = num;
-
-    assert(rest > 0);
-    do {                        /* one or two iterations */
-        size_t write_offset;
-        size_t chunk;
-
-        assert(b->len + rest <= b->size);
-
-        write_offset = b->offset + b->len;
-        if (write_offset >= b->size)
-            write_offset -= b->size;
-        /* b->buf[write_offset] is the first byte we can write to. */
-
-        if (write_offset + rest <= b->size)
-            chunk = rest;
-        else
-            /* wrap around ring buffer */
-            chunk = b->size - write_offset;
-
-        memcpy(b->buf + write_offset, buf, chunk);
-
-        b->len += chunk;
-
-        assert(b->len <= b->size);
-
-        rest -= chunk;
-        buf += chunk;
-    }
-    while (rest);
-
-    return num;
-}
-
-/*-
- * non-copying interface: provide pointer to region to write to
- *   bio_nwrite0:  check how much space is available
- *   bio_nwrite:   also increase length
- * (example usage:  bio_nwrite0(), write to buffer, bio_nwrite()
- *  or just         bio_nwrite(), write to buffer)
- */
-static ossl_ssize_t bio_nwrite0(BIO *bio, char **buf)
-{
-    struct bio_bio_st *b;
-    size_t num;
-    size_t write_offset;
-
-    BIO_clear_retry_flags(bio);
-
-    if (!bio->init)
-        return 0;
-
-    b = bio->ptr;
-    assert(b != NULL);
-    assert(b->peer != NULL);
-    assert(b->buf != NULL);
-
-    b->request = 0;
-    if (b->closed) {
-        BIOerr(BIO_F_BIO_NWRITE0, BIO_R_BROKEN_PIPE);
-        return -1;
-    }
-
-    assert(b->len <= b->size);
-
-    if (b->len == b->size) {
-        BIO_set_retry_write(bio);
-        return -1;
-    }
-
-    num = b->size - b->len;
-    write_offset = b->offset + b->len;
-    if (write_offset >= b->size)
-        write_offset -= b->size;
-    if (write_offset + num > b->size)
-        /*
-         * no ring buffer wrap-around for non-copying interface (to fulfil
-         * the promise by BIO_ctrl_get_write_guarantee, BIO_nwrite may have
-         * to be called twice)
-         */
-        num = b->size - write_offset;
-
-    if (buf != NULL)
-        *buf = b->buf + write_offset;
-    assert(write_offset + num <= b->size);
-
-    return num;
-}
-
-static ossl_ssize_t bio_nwrite(BIO *bio, char **buf, size_t num_)
-{
-    struct bio_bio_st *b;
-    ossl_ssize_t num, space;
-
-    if (num_ > SSIZE_MAX)
-        num = SSIZE_MAX;
-    else
-        num = (ossl_ssize_t) num_;
-
-    space = bio_nwrite0(bio, buf);
-    if (num > space)
-        num = space;
-    if (num <= 0)
-        return num;
-    b = bio->ptr;
-    assert(b != NULL);
-    b->len += num;
-    assert(b->len <= b->size);
-
-    return num;
-}
-
-static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr)
-{
-    long ret;
-    struct bio_bio_st *b = bio->ptr;
-
-    assert(b != NULL);
-
-    switch (cmd) {
-        /* specific CTRL codes */
-
-    case BIO_C_SET_WRITE_BUF_SIZE:
-        if (b->peer) {
-            BIOerr(BIO_F_BIO_CTRL, BIO_R_IN_USE);
-            ret = 0;
-        } else if (num == 0) {
-            BIOerr(BIO_F_BIO_CTRL, BIO_R_INVALID_ARGUMENT);
-            ret = 0;
-        } else {
-            size_t new_size = num;
-
-            if (b->size != new_size) {
-                if (b->buf) {
-                    OPENSSL_free(b->buf);
-                    b->buf = NULL;
-                }
-                b->size = new_size;
-            }
-            ret = 1;
-        }
-        break;
-
-    case BIO_C_GET_WRITE_BUF_SIZE:
-        ret = (long)b->size;
-        break;
-
-    case BIO_C_MAKE_BIO_PAIR:
-        {
-            BIO *other_bio = ptr;
-
-            if (bio_make_pair(bio, other_bio))
-                ret = 1;
-            else
-                ret = 0;
-        }
-        break;
-
-    case BIO_C_DESTROY_BIO_PAIR:
-        /*
-         * Affects both BIOs in the pair -- call just once! Or let
-         * BIO_free(bio1); BIO_free(bio2); do the job.
-         */
-        bio_destroy_pair(bio);
-        ret = 1;
-        break;
-
-    case BIO_C_GET_WRITE_GUARANTEE:
-        /*
-         * How many bytes can the caller feed to the next write without
-         * having to keep any?
-         */
-        if (b->peer == NULL || b->closed)
-            ret = 0;
-        else
-            ret = (long)b->size - b->len;
-        break;
-
-    case BIO_C_GET_READ_REQUEST:
-        /*
-         * If the peer unsuccessfully tried to read, how many bytes were
-         * requested? (As with BIO_CTRL_PENDING, that number can usually be
-         * treated as boolean.)
-         */
-        ret = (long)b->request;
-        break;
-
-    case BIO_C_RESET_READ_REQUEST:
-        /*
-         * Reset request.  (Can be useful after read attempts at the other
-         * side that are meant to be non-blocking, e.g. when probing SSL_read
-         * to see if any data is available.)
-         */
-        b->request = 0;
-        ret = 1;
-        break;
-
-    case BIO_C_SHUTDOWN_WR:
-        /* similar to shutdown(..., SHUT_WR) */
-        b->closed = 1;
-        ret = 1;
-        break;
-
-    case BIO_C_NREAD0:
-        /* prepare for non-copying read */
-        ret = (long)bio_nread0(bio, ptr);
-        break;
-
-    case BIO_C_NREAD:
-        /* non-copying read */
-        ret = (long)bio_nread(bio, ptr, (size_t)num);
-        break;
-
-    case BIO_C_NWRITE0:
-        /* prepare for non-copying write */
-        ret = (long)bio_nwrite0(bio, ptr);
-        break;
-
-    case BIO_C_NWRITE:
-        /* non-copying write */
-        ret = (long)bio_nwrite(bio, ptr, (size_t)num);
-        break;
-
-        /* standard CTRL codes follow */
-
-    case BIO_CTRL_RESET:
-        if (b->buf != NULL) {
-            b->len = 0;
-            b->offset = 0;
-        }
-        ret = 0;
-        break;
-
-    case BIO_CTRL_GET_CLOSE:
-        ret = bio->shutdown;
-        break;
-
-    case BIO_CTRL_SET_CLOSE:
-        bio->shutdown = (int)num;
-        ret = 1;
-        break;
-
-    case BIO_CTRL_PENDING:
-        if (b->peer != NULL) {
-            struct bio_bio_st *peer_b = b->peer->ptr;
-
-            ret = (long)peer_b->len;
-        } else
-            ret = 0;
-        break;
-
-    case BIO_CTRL_WPENDING:
-        if (b->buf != NULL)
-            ret = (long)b->len;
-        else
-            ret = 0;
-        break;
-
-    case BIO_CTRL_DUP:
-        /* See BIO_dup_chain for circumstances we have to expect. */
-        {
-            BIO *other_bio = ptr;
-            struct bio_bio_st *other_b;
-
-            assert(other_bio != NULL);
-            other_b = other_bio->ptr;
-            assert(other_b != NULL);
-
-            assert(other_b->buf == NULL); /* other_bio is always fresh */
-
-            other_b->size = b->size;
-        }
-
-        ret = 1;
-        break;
-
-    case BIO_CTRL_FLUSH:
-        ret = 1;
-        break;
-
-    case BIO_CTRL_EOF:
-        if (b->peer != NULL) {
-            struct bio_bio_st *peer_b = b->peer->ptr;
-
-            if (peer_b->len == 0 && peer_b->closed)
-                ret = 1;
-            else
-                ret = 0;
-        } else {
-            ret = 1;
-        }
-        break;
-
-    default:
-        ret = 0;
-    }
-    return ret;
-}
-
-static int bio_puts(BIO *bio, const char *str)
-{
-    return bio_write(bio, str, strlen(str));
-}
-
-static int bio_make_pair(BIO *bio1, BIO *bio2)
-{
-    struct bio_bio_st *b1, *b2;
-
-    assert(bio1 != NULL);
-    assert(bio2 != NULL);
-
-    b1 = bio1->ptr;
-    b2 = bio2->ptr;
-
-    if (b1->peer != NULL || b2->peer != NULL) {
-        BIOerr(BIO_F_BIO_MAKE_PAIR, BIO_R_IN_USE);
-        return 0;
-    }
-
-    if (b1->buf == NULL) {
-        b1->buf = OPENSSL_malloc(b1->size);
-        if (b1->buf == NULL) {
-            BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-        b1->len = 0;
-        b1->offset = 0;
-    }
-
-    if (b2->buf == NULL) {
-        b2->buf = OPENSSL_malloc(b2->size);
-        if (b2->buf == NULL) {
-            BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-        b2->len = 0;
-        b2->offset = 0;
-    }
-
-    b1->peer = bio2;
-    b1->closed = 0;
-    b1->request = 0;
-    b2->peer = bio1;
-    b2->closed = 0;
-    b2->request = 0;
-
-    bio1->init = 1;
-    bio2->init = 1;
-
-    return 1;
-}
-
-static void bio_destroy_pair(BIO *bio)
-{
-    struct bio_bio_st *b = bio->ptr;
-
-    if (b != NULL) {
-        BIO *peer_bio = b->peer;
-
-        if (peer_bio != NULL) {
-            struct bio_bio_st *peer_b = peer_bio->ptr;
-
-            assert(peer_b != NULL);
-            assert(peer_b->peer == bio);
-
-            peer_b->peer = NULL;
-            peer_bio->init = 0;
-            assert(peer_b->buf != NULL);
-            peer_b->len = 0;
-            peer_b->offset = 0;
-
-            b->peer = NULL;
-            bio->init = 0;
-            assert(b->buf != NULL);
-            b->len = 0;
-            b->offset = 0;
-        }
-    }
-}
-
-/* Exported convenience functions */
-int BIO_new_bio_pair(BIO **bio1_p, size_t writebuf1,
-                     BIO **bio2_p, size_t writebuf2)
-{
-    BIO *bio1 = NULL, *bio2 = NULL;
-    long r;
-    int ret = 0;
-
-    bio1 = BIO_new(BIO_s_bio());
-    if (bio1 == NULL)
-        goto err;
-    bio2 = BIO_new(BIO_s_bio());
-    if (bio2 == NULL)
-        goto err;
-
-    if (writebuf1) {
-        r = BIO_set_write_buf_size(bio1, writebuf1);
-        if (!r)
-            goto err;
-    }
-    if (writebuf2) {
-        r = BIO_set_write_buf_size(bio2, writebuf2);
-        if (!r)
-            goto err;
-    }
-
-    r = BIO_make_bio_pair(bio1, bio2);
-    if (!r)
-        goto err;
-    ret = 1;
-
- err:
-    if (ret == 0) {
-        if (bio1) {
-            BIO_free(bio1);
-            bio1 = NULL;
-        }
-        if (bio2) {
-            BIO_free(bio2);
-            bio2 = NULL;
-        }
-    }
-
-    *bio1_p = bio1;
-    *bio2_p = bio2;
-    return ret;
-}
-
-size_t BIO_ctrl_get_write_guarantee(BIO *bio)
-{
-    return BIO_ctrl(bio, BIO_C_GET_WRITE_GUARANTEE, 0, NULL);
-}
-
-size_t BIO_ctrl_get_read_request(BIO *bio)
-{
-    return BIO_ctrl(bio, BIO_C_GET_READ_REQUEST, 0, NULL);
-}
-
-int BIO_ctrl_reset_read_request(BIO *bio)
-{
-    return (BIO_ctrl(bio, BIO_C_RESET_READ_REQUEST, 0, NULL) != 0);
-}
-
-/*
- * BIO_nread0/nread/nwrite0/nwrite are available only for BIO pairs for now
- * (conceivably some other BIOs could allow non-copying reads and writes
- * too.)
- */
-int BIO_nread0(BIO *bio, char **buf)
-{
-    long ret;
-
-    if (!bio->init) {
-        BIOerr(BIO_F_BIO_NREAD0, BIO_R_UNINITIALIZED);
-        return -2;
-    }
-
-    ret = BIO_ctrl(bio, BIO_C_NREAD0, 0, buf);
-    if (ret > INT_MAX)
-        return INT_MAX;
-    else
-        return (int)ret;
-}
-
-int BIO_nread(BIO *bio, char **buf, int num)
-{
-    int ret;
-
-    if (!bio->init) {
-        BIOerr(BIO_F_BIO_NREAD, BIO_R_UNINITIALIZED);
-        return -2;
-    }
-
-    ret = (int)BIO_ctrl(bio, BIO_C_NREAD, num, buf);
-    if (ret > 0)
-        bio->num_read += ret;
-    return ret;
-}
-
-int BIO_nwrite0(BIO *bio, char **buf)
-{
-    long ret;
-
-    if (!bio->init) {
-        BIOerr(BIO_F_BIO_NWRITE0, BIO_R_UNINITIALIZED);
-        return -2;
-    }
-
-    ret = BIO_ctrl(bio, BIO_C_NWRITE0, 0, buf);
-    if (ret > INT_MAX)
-        return INT_MAX;
-    else
-        return (int)ret;
-}
-
-int BIO_nwrite(BIO *bio, char **buf, int num)
-{
-    int ret;
-
-    if (!bio->init) {
-        BIOerr(BIO_F_BIO_NWRITE, BIO_R_UNINITIALIZED);
-        return -2;
-    }
-
-    ret = BIO_ctrl(bio, BIO_C_NWRITE, num, buf);
-    if (ret > 0)
-        bio->num_write += ret;
-    return ret;
-}
diff --git a/thirdparty/openssl/crypto/bio/bss_conn.c b/thirdparty/openssl/crypto/bio/bss_conn.c
deleted file mode 100644
index 7d15ad29dc..0000000000
--- a/thirdparty/openssl/crypto/bio/bss_conn.c
+++ /dev/null
@@ -1,612 +0,0 @@
-/* crypto/bio/bss_conn.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-#ifndef OPENSSL_NO_SOCK
-
-# ifdef OPENSSL_SYS_WIN16
-#  define SOCKET_PROTOCOL 0     /* more microsoft stupidity */
-# else
-#  define SOCKET_PROTOCOL IPPROTO_TCP
-# endif
-
-# if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
-/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
-#  undef FIONBIO
-# endif
-
-typedef struct bio_connect_st {
-    int state;
-    char *param_hostname;
-    char *param_port;
-    int nbio;
-    unsigned char ip[4];
-    unsigned short port;
-    struct sockaddr_in them;
-    /*
-     * int socket; this will be kept in bio->num so that it is compatible
-     * with the bss_sock bio
-     */
-    /*
-     * called when the connection is initially made callback(BIO,state,ret);
-     * The callback should return 'ret'.  state is for compatibility with the
-     * ssl info_callback
-     */
-    int (*info_callback) (const BIO *bio, int state, int ret);
-} BIO_CONNECT;
-
-static int conn_write(BIO *h, const char *buf, int num);
-static int conn_read(BIO *h, char *buf, int size);
-static int conn_puts(BIO *h, const char *str);
-static long conn_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int conn_new(BIO *h);
-static int conn_free(BIO *data);
-static long conn_callback_ctrl(BIO *h, int cmd, bio_info_cb *);
-
-static int conn_state(BIO *b, BIO_CONNECT *c);
-static void conn_close_socket(BIO *data);
-BIO_CONNECT *BIO_CONNECT_new(void);
-void BIO_CONNECT_free(BIO_CONNECT *a);
-
-static BIO_METHOD methods_connectp = {
-    BIO_TYPE_CONNECT,
-    "socket connect",
-    conn_write,
-    conn_read,
-    conn_puts,
-    NULL,                       /* connect_gets, */
-    conn_ctrl,
-    conn_new,
-    conn_free,
-    conn_callback_ctrl,
-};
-
-static int conn_state(BIO *b, BIO_CONNECT *c)
-{
-    int ret = -1, i;
-    unsigned long l;
-    char *p, *q;
-    int (*cb) (const BIO *, int, int) = NULL;
-
-    if (c->info_callback != NULL)
-        cb = c->info_callback;
-
-    for (;;) {
-        switch (c->state) {
-        case BIO_CONN_S_BEFORE:
-            p = c->param_hostname;
-            if (p == NULL) {
-                BIOerr(BIO_F_CONN_STATE, BIO_R_NO_HOSTNAME_SPECIFIED);
-                goto exit_loop;
-            }
-            for (; *p != '\0'; p++) {
-                if ((*p == ':') || (*p == '/'))
-                    break;
-            }
-
-            i = *p;
-            if ((i == ':') || (i == '/')) {
-
-                *(p++) = '\0';
-                if (i == ':') {
-                    for (q = p; *q; q++)
-                        if (*q == '/') {
-                            *q = '\0';
-                            break;
-                        }
-                    if (c->param_port != NULL)
-                        OPENSSL_free(c->param_port);
-                    c->param_port = BUF_strdup(p);
-                }
-            }
-
-            if (c->param_port == NULL) {
-                BIOerr(BIO_F_CONN_STATE, BIO_R_NO_PORT_SPECIFIED);
-                ERR_add_error_data(2, "host=", c->param_hostname);
-                goto exit_loop;
-            }
-            c->state = BIO_CONN_S_GET_IP;
-            break;
-
-        case BIO_CONN_S_GET_IP:
-            if (BIO_get_host_ip(c->param_hostname, &(c->ip[0])) <= 0)
-                goto exit_loop;
-            c->state = BIO_CONN_S_GET_PORT;
-            break;
-
-        case BIO_CONN_S_GET_PORT:
-            if (c->param_port == NULL) {
-                /* abort(); */
-                goto exit_loop;
-            } else if (BIO_get_port(c->param_port, &c->port) <= 0)
-                goto exit_loop;
-            c->state = BIO_CONN_S_CREATE_SOCKET;
-            break;
-
-        case BIO_CONN_S_CREATE_SOCKET:
-            /* now setup address */
-            memset((char *)&c->them, 0, sizeof(c->them));
-            c->them.sin_family = AF_INET;
-            c->them.sin_port = htons((unsigned short)c->port);
-            l = (unsigned long)
-                ((unsigned long)c->ip[0] << 24L) |
-                ((unsigned long)c->ip[1] << 16L) |
-                ((unsigned long)c->ip[2] << 8L) | ((unsigned long)c->ip[3]);
-            c->them.sin_addr.s_addr = htonl(l);
-            c->state = BIO_CONN_S_CREATE_SOCKET;
-
-            ret = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL);
-            if (ret == INVALID_SOCKET) {
-                SYSerr(SYS_F_SOCKET, get_last_socket_error());
-                ERR_add_error_data(4, "host=", c->param_hostname,
-                                   ":", c->param_port);
-                BIOerr(BIO_F_CONN_STATE, BIO_R_UNABLE_TO_CREATE_SOCKET);
-                goto exit_loop;
-            }
-            b->num = ret;
-            c->state = BIO_CONN_S_NBIO;
-            break;
-
-        case BIO_CONN_S_NBIO:
-            if (c->nbio) {
-                if (!BIO_socket_nbio(b->num, 1)) {
-                    BIOerr(BIO_F_CONN_STATE, BIO_R_ERROR_SETTING_NBIO);
-                    ERR_add_error_data(4, "host=",
-                                       c->param_hostname, ":", c->param_port);
-                    goto exit_loop;
-                }
-            }
-            c->state = BIO_CONN_S_CONNECT;
-
-# if defined(SO_KEEPALIVE) && !defined(OPENSSL_SYS_MPE)
-            i = 1;
-            i = setsockopt(b->num, SOL_SOCKET, SO_KEEPALIVE, (char *)&i,
-                           sizeof(i));
-            if (i < 0) {
-                SYSerr(SYS_F_SOCKET, get_last_socket_error());
-                ERR_add_error_data(4, "host=", c->param_hostname,
-                                   ":", c->param_port);
-                BIOerr(BIO_F_CONN_STATE, BIO_R_KEEPALIVE);
-                goto exit_loop;
-            }
-# endif
-            break;
-
-        case BIO_CONN_S_CONNECT:
-            BIO_clear_retry_flags(b);
-            ret = connect(b->num,
-                          (struct sockaddr *)&c->them, sizeof(c->them));
-            b->retry_reason = 0;
-            if (ret < 0) {
-                if (BIO_sock_should_retry(ret)) {
-                    BIO_set_retry_special(b);
-                    c->state = BIO_CONN_S_BLOCKED_CONNECT;
-                    b->retry_reason = BIO_RR_CONNECT;
-                } else {
-                    SYSerr(SYS_F_CONNECT, get_last_socket_error());
-                    ERR_add_error_data(4, "host=",
-                                       c->param_hostname, ":", c->param_port);
-                    BIOerr(BIO_F_CONN_STATE, BIO_R_CONNECT_ERROR);
-                }
-                goto exit_loop;
-            } else
-                c->state = BIO_CONN_S_OK;
-            break;
-
-        case BIO_CONN_S_BLOCKED_CONNECT:
-            i = BIO_sock_error(b->num);
-            if (i) {
-                BIO_clear_retry_flags(b);
-                SYSerr(SYS_F_CONNECT, i);
-                ERR_add_error_data(4, "host=",
-                                   c->param_hostname, ":", c->param_port);
-                BIOerr(BIO_F_CONN_STATE, BIO_R_NBIO_CONNECT_ERROR);
-                ret = 0;
-                goto exit_loop;
-            } else
-                c->state = BIO_CONN_S_OK;
-            break;
-
-        case BIO_CONN_S_OK:
-            ret = 1;
-            goto exit_loop;
-        default:
-            /* abort(); */
-            goto exit_loop;
-        }
-
-        if (cb != NULL) {
-            if (!(ret = cb((BIO *)b, c->state, ret)))
-                goto end;
-        }
-    }
-
-    /* Loop does not exit */
- exit_loop:
-    if (cb != NULL)
-        ret = cb((BIO *)b, c->state, ret);
- end:
-    return (ret);
-}
-
-BIO_CONNECT *BIO_CONNECT_new(void)
-{
-    BIO_CONNECT *ret;
-
-    if ((ret = (BIO_CONNECT *)OPENSSL_malloc(sizeof(BIO_CONNECT))) == NULL)
-        return (NULL);
-    ret->state = BIO_CONN_S_BEFORE;
-    ret->param_hostname = NULL;
-    ret->param_port = NULL;
-    ret->info_callback = NULL;
-    ret->nbio = 0;
-    ret->ip[0] = 0;
-    ret->ip[1] = 0;
-    ret->ip[2] = 0;
-    ret->ip[3] = 0;
-    ret->port = 0;
-    memset((char *)&ret->them, 0, sizeof(ret->them));
-    return (ret);
-}
-
-void BIO_CONNECT_free(BIO_CONNECT *a)
-{
-    if (a == NULL)
-        return;
-
-    if (a->param_hostname != NULL)
-        OPENSSL_free(a->param_hostname);
-    if (a->param_port != NULL)
-        OPENSSL_free(a->param_port);
-    OPENSSL_free(a);
-}
-
-BIO_METHOD *BIO_s_connect(void)
-{
-    return (&methods_connectp);
-}
-
-static int conn_new(BIO *bi)
-{
-    bi->init = 0;
-    bi->num = INVALID_SOCKET;
-    bi->flags = 0;
-    if ((bi->ptr = (char *)BIO_CONNECT_new()) == NULL)
-        return (0);
-    else
-        return (1);
-}
-
-static void conn_close_socket(BIO *bio)
-{
-    BIO_CONNECT *c;
-
-    c = (BIO_CONNECT *)bio->ptr;
-    if (bio->num != INVALID_SOCKET) {
-        /* Only do a shutdown if things were established */
-        if (c->state == BIO_CONN_S_OK)
-            shutdown(bio->num, 2);
-        closesocket(bio->num);
-        bio->num = INVALID_SOCKET;
-    }
-}
-
-static int conn_free(BIO *a)
-{
-    BIO_CONNECT *data;
-
-    if (a == NULL)
-        return (0);
-    data = (BIO_CONNECT *)a->ptr;
-
-    if (a->shutdown) {
-        conn_close_socket(a);
-        BIO_CONNECT_free(data);
-        a->ptr = NULL;
-        a->flags = 0;
-        a->init = 0;
-    }
-    return (1);
-}
-
-static int conn_read(BIO *b, char *out, int outl)
-{
-    int ret = 0;
-    BIO_CONNECT *data;
-
-    data = (BIO_CONNECT *)b->ptr;
-    if (data->state != BIO_CONN_S_OK) {
-        ret = conn_state(b, data);
-        if (ret <= 0)
-            return (ret);
-    }
-
-    if (out != NULL) {
-        clear_socket_error();
-        ret = readsocket(b->num, out, outl);
-        BIO_clear_retry_flags(b);
-        if (ret <= 0) {
-            if (BIO_sock_should_retry(ret))
-                BIO_set_retry_read(b);
-        }
-    }
-    return (ret);
-}
-
-static int conn_write(BIO *b, const char *in, int inl)
-{
-    int ret;
-    BIO_CONNECT *data;
-
-    data = (BIO_CONNECT *)b->ptr;
-    if (data->state != BIO_CONN_S_OK) {
-        ret = conn_state(b, data);
-        if (ret <= 0)
-            return (ret);
-    }
-
-    clear_socket_error();
-    ret = writesocket(b->num, in, inl);
-    BIO_clear_retry_flags(b);
-    if (ret <= 0) {
-        if (BIO_sock_should_retry(ret))
-            BIO_set_retry_write(b);
-    }
-    return (ret);
-}
-
-static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-    BIO *dbio;
-    int *ip;
-    const char **pptr = NULL;
-    long ret = 1;
-    BIO_CONNECT *data;
-
-    data = (BIO_CONNECT *)b->ptr;
-
-    switch (cmd) {
-    case BIO_CTRL_RESET:
-        ret = 0;
-        data->state = BIO_CONN_S_BEFORE;
-        conn_close_socket(b);
-        b->flags = 0;
-        break;
-    case BIO_C_DO_STATE_MACHINE:
-        /* use this one to start the connection */
-        if (data->state != BIO_CONN_S_OK)
-            ret = (long)conn_state(b, data);
-        else
-            ret = 1;
-        break;
-    case BIO_C_GET_CONNECT:
-        if (ptr != NULL) {
-            pptr = (const char **)ptr;
-        }
-
-        if (b->init) {
-            if (pptr != NULL) {
-                ret = 1;
-                if (num == 0) {
-                    *pptr = data->param_hostname;
-                } else if (num == 1) {
-                    *pptr = data->param_port;
-                } else if (num == 2) {
-                    *pptr = (char *)&(data->ip[0]);
-                } else {
-                    ret = 0;
-                }
-            }
-            if (num == 3) {
-                ret = data->port;
-            }
-        } else {
-            if (pptr != NULL)
-                *pptr = "not initialized";
-            ret = 0;
-        }
-        break;
-    case BIO_C_SET_CONNECT:
-        if (ptr != NULL) {
-            b->init = 1;
-            if (num == 0) {
-                if (data->param_hostname != NULL)
-                    OPENSSL_free(data->param_hostname);
-                data->param_hostname = BUF_strdup(ptr);
-            } else if (num == 1) {
-                if (data->param_port != NULL)
-                    OPENSSL_free(data->param_port);
-                data->param_port = BUF_strdup(ptr);
-            } else if (num == 2) {
-                char buf[16];
-                unsigned char *p = ptr;
-
-                BIO_snprintf(buf, sizeof buf, "%d.%d.%d.%d",
-                             p[0], p[1], p[2], p[3]);
-                if (data->param_hostname != NULL)
-                    OPENSSL_free(data->param_hostname);
-                data->param_hostname = BUF_strdup(buf);
-                memcpy(&(data->ip[0]), ptr, 4);
-            } else if (num == 3) {
-                char buf[DECIMAL_SIZE(int) + 1];
-
-                BIO_snprintf(buf, sizeof buf, "%d", *(int *)ptr);
-                if (data->param_port != NULL)
-                    OPENSSL_free(data->param_port);
-                data->param_port = BUF_strdup(buf);
-                data->port = *(int *)ptr;
-            }
-        }
-        break;
-    case BIO_C_SET_NBIO:
-        data->nbio = (int)num;
-        break;
-    case BIO_C_GET_FD:
-        if (b->init) {
-            ip = (int *)ptr;
-            if (ip != NULL)
-                *ip = b->num;
-            ret = b->num;
-        } else
-            ret = -1;
-        break;
-    case BIO_CTRL_GET_CLOSE:
-        ret = b->shutdown;
-        break;
-    case BIO_CTRL_SET_CLOSE:
-        b->shutdown = (int)num;
-        break;
-    case BIO_CTRL_PENDING:
-    case BIO_CTRL_WPENDING:
-        ret = 0;
-        break;
-    case BIO_CTRL_FLUSH:
-        break;
-    case BIO_CTRL_DUP:
-        {
-            dbio = (BIO *)ptr;
-            if (data->param_port)
-                BIO_set_conn_port(dbio, data->param_port);
-            if (data->param_hostname)
-                BIO_set_conn_hostname(dbio, data->param_hostname);
-            BIO_set_nbio(dbio, data->nbio);
-            /*
-             * FIXME: the cast of the function seems unlikely to be a good
-             * idea
-             */
-            (void)BIO_set_info_callback(dbio,
-                                        (bio_info_cb *)data->info_callback);
-        }
-        break;
-    case BIO_CTRL_SET_CALLBACK:
-        {
-# if 0                          /* FIXME: Should this be used? -- Richard
-                                 * Levitte */
-            BIOerr(BIO_F_CONN_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-            ret = -1;
-# else
-            ret = 0;
-# endif
-        }
-        break;
-    case BIO_CTRL_GET_CALLBACK:
-        {
-            int (**fptr) (const BIO *bio, int state, int xret);
-
-            fptr = (int (**)(const BIO *bio, int state, int xret))ptr;
-            *fptr = data->info_callback;
-        }
-        break;
-    default:
-        ret = 0;
-        break;
-    }
-    return (ret);
-}
-
-static long conn_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
-    long ret = 1;
-    BIO_CONNECT *data;
-
-    data = (BIO_CONNECT *)b->ptr;
-
-    switch (cmd) {
-    case BIO_CTRL_SET_CALLBACK:
-        {
-            data->info_callback =
-                (int (*)(const struct bio_st *, int, int))fp;
-        }
-        break;
-    default:
-        ret = 0;
-        break;
-    }
-    return (ret);
-}
-
-static int conn_puts(BIO *bp, const char *str)
-{
-    int n, ret;
-
-    n = strlen(str);
-    ret = conn_write(bp, str, n);
-    return (ret);
-}
-
-BIO *BIO_new_connect(const char *str)
-{
-    BIO *ret;
-
-    ret = BIO_new(BIO_s_connect());
-    if (ret == NULL)
-        return (NULL);
-    if (BIO_set_conn_hostname(ret, str))
-        return (ret);
-    else {
-        BIO_free(ret);
-        return (NULL);
-    }
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/bio/bss_dgram.c b/thirdparty/openssl/crypto/bio/bss_dgram.c
deleted file mode 100644
index bdd7bf88ea..0000000000
--- a/thirdparty/openssl/crypto/bio/bss_dgram.c
+++ /dev/null
@@ -1,2081 +0,0 @@
-/* crypto/bio/bio_dgram.c */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include "cryptlib.h"
-
-#include <openssl/bio.h>
-#ifndef OPENSSL_NO_DGRAM
-
-# if defined(OPENSSL_SYS_VMS)
-#  include <sys/timeb.h>
-# endif
-
-# ifndef OPENSSL_NO_SCTP
-#  include <netinet/sctp.h>
-#  include <fcntl.h>
-#  define OPENSSL_SCTP_DATA_CHUNK_TYPE            0x00
-#  define OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE 0xc0
-# endif
-
-# if defined(OPENSSL_SYS_LINUX) && !defined(IP_MTU)
-#  define IP_MTU      14        /* linux is lame */
-# endif
-
-# if OPENSSL_USE_IPV6 && !defined(IPPROTO_IPV6)
-#  define IPPROTO_IPV6 41       /* windows is lame */
-# endif
-
-# if defined(__FreeBSD__) && defined(IN6_IS_ADDR_V4MAPPED)
-/* Standard definition causes type-punning problems. */
-#  undef IN6_IS_ADDR_V4MAPPED
-#  define s6_addr32 __u6_addr.__u6_addr32
-#  define IN6_IS_ADDR_V4MAPPED(a)               \
-        (((a)->s6_addr32[0] == 0) &&          \
-         ((a)->s6_addr32[1] == 0) &&          \
-         ((a)->s6_addr32[2] == htonl(0x0000ffff)))
-# endif
-
-# ifdef WATT32
-#  define sock_write SockWrite  /* Watt-32 uses same names */
-#  define sock_read  SockRead
-#  define sock_puts  SockPuts
-# endif
-
-static int dgram_write(BIO *h, const char *buf, int num);
-static int dgram_read(BIO *h, char *buf, int size);
-static int dgram_puts(BIO *h, const char *str);
-static long dgram_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int dgram_new(BIO *h);
-static int dgram_free(BIO *data);
-static int dgram_clear(BIO *bio);
-
-# ifndef OPENSSL_NO_SCTP
-static int dgram_sctp_write(BIO *h, const char *buf, int num);
-static int dgram_sctp_read(BIO *h, char *buf, int size);
-static int dgram_sctp_puts(BIO *h, const char *str);
-static long dgram_sctp_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int dgram_sctp_new(BIO *h);
-static int dgram_sctp_free(BIO *data);
-#  ifdef SCTP_AUTHENTICATION_EVENT
-static void dgram_sctp_handle_auth_free_key_event(BIO *b, union sctp_notification
-                                                  *snp);
-#  endif
-# endif
-
-static int BIO_dgram_should_retry(int s);
-
-static void get_current_time(struct timeval *t);
-
-static BIO_METHOD methods_dgramp = {
-    BIO_TYPE_DGRAM,
-    "datagram socket",
-    dgram_write,
-    dgram_read,
-    dgram_puts,
-    NULL,                       /* dgram_gets, */
-    dgram_ctrl,
-    dgram_new,
-    dgram_free,
-    NULL,
-};
-
-# ifndef OPENSSL_NO_SCTP
-static BIO_METHOD methods_dgramp_sctp = {
-    BIO_TYPE_DGRAM_SCTP,
-    "datagram sctp socket",
-    dgram_sctp_write,
-    dgram_sctp_read,
-    dgram_sctp_puts,
-    NULL,                       /* dgram_gets, */
-    dgram_sctp_ctrl,
-    dgram_sctp_new,
-    dgram_sctp_free,
-    NULL,
-};
-# endif
-
-typedef struct bio_dgram_data_st {
-    union {
-        struct sockaddr sa;
-        struct sockaddr_in sa_in;
-# if OPENSSL_USE_IPV6
-        struct sockaddr_in6 sa_in6;
-# endif
-    } peer;
-    unsigned int connected;
-    unsigned int _errno;
-    unsigned int mtu;
-    struct timeval next_timeout;
-    struct timeval socket_timeout;
-} bio_dgram_data;
-
-# ifndef OPENSSL_NO_SCTP
-typedef struct bio_dgram_sctp_save_message_st {
-    BIO *bio;
-    char *data;
-    int length;
-} bio_dgram_sctp_save_message;
-
-typedef struct bio_dgram_sctp_data_st {
-    union {
-        struct sockaddr sa;
-        struct sockaddr_in sa_in;
-#  if OPENSSL_USE_IPV6
-        struct sockaddr_in6 sa_in6;
-#  endif
-    } peer;
-    unsigned int connected;
-    unsigned int _errno;
-    unsigned int mtu;
-    struct bio_dgram_sctp_sndinfo sndinfo;
-    struct bio_dgram_sctp_rcvinfo rcvinfo;
-    struct bio_dgram_sctp_prinfo prinfo;
-    void (*handle_notifications) (BIO *bio, void *context, void *buf);
-    void *notification_context;
-    int in_handshake;
-    int ccs_rcvd;
-    int ccs_sent;
-    int save_shutdown;
-    int peer_auth_tested;
-    bio_dgram_sctp_save_message saved_message;
-} bio_dgram_sctp_data;
-# endif
-
-BIO_METHOD *BIO_s_datagram(void)
-{
-    return (&methods_dgramp);
-}
-
-BIO *BIO_new_dgram(int fd, int close_flag)
-{
-    BIO *ret;
-
-    ret = BIO_new(BIO_s_datagram());
-    if (ret == NULL)
-        return (NULL);
-    BIO_set_fd(ret, fd, close_flag);
-    return (ret);
-}
-
-static int dgram_new(BIO *bi)
-{
-    bio_dgram_data *data = NULL;
-
-    bi->init = 0;
-    bi->num = 0;
-    data = OPENSSL_malloc(sizeof(bio_dgram_data));
-    if (data == NULL)
-        return 0;
-    memset(data, 0x00, sizeof(bio_dgram_data));
-    bi->ptr = data;
-
-    bi->flags = 0;
-    return (1);
-}
-
-static int dgram_free(BIO *a)
-{
-    bio_dgram_data *data;
-
-    if (a == NULL)
-        return (0);
-    if (!dgram_clear(a))
-        return 0;
-
-    data = (bio_dgram_data *)a->ptr;
-    if (data != NULL)
-        OPENSSL_free(data);
-
-    return (1);
-}
-
-static int dgram_clear(BIO *a)
-{
-    if (a == NULL)
-        return (0);
-    if (a->shutdown) {
-        if (a->init) {
-            SHUTDOWN2(a->num);
-        }
-        a->init = 0;
-        a->flags = 0;
-    }
-    return (1);
-}
-
-static void dgram_adjust_rcv_timeout(BIO *b)
-{
-# if defined(SO_RCVTIMEO)
-    bio_dgram_data *data = (bio_dgram_data *)b->ptr;
-    union {
-        size_t s;
-        int i;
-    } sz = {
-        0
-    };
-
-    /* Is a timer active? */
-    if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0) {
-        struct timeval timenow, timeleft;
-
-        /* Read current socket timeout */
-#  ifdef OPENSSL_SYS_WINDOWS
-        int timeout;
-
-        sz.i = sizeof(timeout);
-        if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
-                       (void *)&timeout, &sz.i) < 0) {
-            perror("getsockopt");
-        } else {
-            data->socket_timeout.tv_sec = timeout / 1000;
-            data->socket_timeout.tv_usec = (timeout % 1000) * 1000;
-        }
-#  else
-        sz.i = sizeof(data->socket_timeout);
-        if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
-                       &(data->socket_timeout), (void *)&sz) < 0) {
-            perror("getsockopt");
-        } else if (sizeof(sz.s) != sizeof(sz.i) && sz.i == 0)
-            OPENSSL_assert(sz.s <= sizeof(data->socket_timeout));
-#  endif
-
-        /* Get current time */
-        get_current_time(&timenow);
-
-        /* Calculate time left until timer expires */
-        memcpy(&timeleft, &(data->next_timeout), sizeof(struct timeval));
-        if (timeleft.tv_usec < timenow.tv_usec) {
-            timeleft.tv_usec = 1000000 - timenow.tv_usec + timeleft.tv_usec;
-            timeleft.tv_sec--;
-        } else {
-            timeleft.tv_usec -= timenow.tv_usec;
-        }
-        if (timeleft.tv_sec < timenow.tv_sec) {
-            timeleft.tv_sec = 0;
-            timeleft.tv_usec = 1;
-        } else {
-            timeleft.tv_sec -= timenow.tv_sec;
-        }
-
-        /*
-         * Adjust socket timeout if next handhake message timer will expire
-         * earlier.
-         */
-        if ((data->socket_timeout.tv_sec == 0
-             && data->socket_timeout.tv_usec == 0)
-            || (data->socket_timeout.tv_sec > timeleft.tv_sec)
-            || (data->socket_timeout.tv_sec == timeleft.tv_sec
-                && data->socket_timeout.tv_usec >= timeleft.tv_usec)) {
-#  ifdef OPENSSL_SYS_WINDOWS
-            timeout = timeleft.tv_sec * 1000 + timeleft.tv_usec / 1000;
-            if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
-                           (void *)&timeout, sizeof(timeout)) < 0) {
-                perror("setsockopt");
-            }
-#  else
-            if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, &timeleft,
-                           sizeof(struct timeval)) < 0) {
-                perror("setsockopt");
-            }
-#  endif
-        }
-    }
-# endif
-}
-
-static void dgram_reset_rcv_timeout(BIO *b)
-{
-# if defined(SO_RCVTIMEO)
-    bio_dgram_data *data = (bio_dgram_data *)b->ptr;
-
-    /* Is a timer active? */
-    if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0) {
-#  ifdef OPENSSL_SYS_WINDOWS
-        int timeout = data->socket_timeout.tv_sec * 1000 +
-            data->socket_timeout.tv_usec / 1000;
-        if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
-                       (void *)&timeout, sizeof(timeout)) < 0) {
-            perror("setsockopt");
-        }
-#  else
-        if (setsockopt
-            (b->num, SOL_SOCKET, SO_RCVTIMEO, &(data->socket_timeout),
-             sizeof(struct timeval)) < 0) {
-            perror("setsockopt");
-        }
-#  endif
-    }
-# endif
-}
-
-static int dgram_read(BIO *b, char *out, int outl)
-{
-    int ret = 0;
-    bio_dgram_data *data = (bio_dgram_data *)b->ptr;
-
-    struct {
-        /*
-         * See commentary in b_sock.c. <appro>
-         */
-        union {
-            size_t s;
-            int i;
-        } len;
-        union {
-            struct sockaddr sa;
-            struct sockaddr_in sa_in;
-# if OPENSSL_USE_IPV6
-            struct sockaddr_in6 sa_in6;
-# endif
-        } peer;
-    } sa;
-
-    sa.len.s = 0;
-    sa.len.i = sizeof(sa.peer);
-
-    if (out != NULL) {
-        clear_socket_error();
-        memset(&sa.peer, 0x00, sizeof(sa.peer));
-        dgram_adjust_rcv_timeout(b);
-        ret = recvfrom(b->num, out, outl, 0, &sa.peer.sa, (void *)&sa.len);
-        if (sizeof(sa.len.i) != sizeof(sa.len.s) && sa.len.i == 0) {
-            OPENSSL_assert(sa.len.s <= sizeof(sa.peer));
-            sa.len.i = (int)sa.len.s;
-        }
-
-        if (!data->connected && ret >= 0)
-            BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &sa.peer);
-
-        BIO_clear_retry_flags(b);
-        if (ret < 0) {
-            if (BIO_dgram_should_retry(ret)) {
-                BIO_set_retry_read(b);
-                data->_errno = get_last_socket_error();
-            }
-        }
-
-        dgram_reset_rcv_timeout(b);
-    }
-    return (ret);
-}
-
-static int dgram_write(BIO *b, const char *in, int inl)
-{
-    int ret;
-    bio_dgram_data *data = (bio_dgram_data *)b->ptr;
-    clear_socket_error();
-
-    if (data->connected)
-        ret = writesocket(b->num, in, inl);
-    else {
-        int peerlen = sizeof(data->peer);
-
-        if (data->peer.sa.sa_family == AF_INET)
-            peerlen = sizeof(data->peer.sa_in);
-# if OPENSSL_USE_IPV6
-        else if (data->peer.sa.sa_family == AF_INET6)
-            peerlen = sizeof(data->peer.sa_in6);
-# endif
-# if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
-        ret = sendto(b->num, (char *)in, inl, 0, &data->peer.sa, peerlen);
-# else
-        ret = sendto(b->num, in, inl, 0, &data->peer.sa, peerlen);
-# endif
-    }
-
-    BIO_clear_retry_flags(b);
-    if (ret <= 0) {
-        if (BIO_dgram_should_retry(ret)) {
-            BIO_set_retry_write(b);
-            data->_errno = get_last_socket_error();
-
-# if 0                          /* higher layers are responsible for querying
-                                 * MTU, if necessary */
-            if (data->_errno == EMSGSIZE)
-                /* retrieve the new MTU */
-                BIO_ctrl(b, BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
-# endif
-        }
-    }
-    return (ret);
-}
-
-static long dgram_get_mtu_overhead(bio_dgram_data *data)
-{
-    long ret;
-
-    switch (data->peer.sa.sa_family) {
-    case AF_INET:
-        /*
-         * Assume this is UDP - 20 bytes for IP, 8 bytes for UDP
-         */
-        ret = 28;
-        break;
-# if OPENSSL_USE_IPV6
-    case AF_INET6:
-#  ifdef IN6_IS_ADDR_V4MAPPED
-        if (IN6_IS_ADDR_V4MAPPED(&data->peer.sa_in6.sin6_addr))
-            /*
-             * Assume this is UDP - 20 bytes for IP, 8 bytes for UDP
-             */
-            ret = 28;
-        else
-#  endif
-            /*
-             * Assume this is UDP - 40 bytes for IP, 8 bytes for UDP
-             */
-            ret = 48;
-        break;
-# endif
-    default:
-        /* We don't know. Go with the historical default */
-        ret = 28;
-        break;
-    }
-    return ret;
-}
-
-static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-    long ret = 1;
-    int *ip;
-    struct sockaddr *to = NULL;
-    bio_dgram_data *data = NULL;
-    int sockopt_val = 0;
-# if defined(OPENSSL_SYS_LINUX) && (defined(IP_MTU_DISCOVER) || defined(IP_MTU))
-    socklen_t sockopt_len;      /* assume that system supporting IP_MTU is
-                                 * modern enough to define socklen_t */
-    socklen_t addr_len;
-    union {
-        struct sockaddr sa;
-        struct sockaddr_in s4;
-#  if OPENSSL_USE_IPV6
-        struct sockaddr_in6 s6;
-#  endif
-    } addr;
-# endif
-
-    data = (bio_dgram_data *)b->ptr;
-
-    switch (cmd) {
-    case BIO_CTRL_RESET:
-        num = 0;
-        ret = 0;
-        break;
-    case BIO_CTRL_INFO:
-        ret = 0;
-        break;
-    case BIO_C_SET_FD:
-        dgram_clear(b);
-        b->num = *((int *)ptr);
-        b->shutdown = (int)num;
-        b->init = 1;
-        break;
-    case BIO_C_GET_FD:
-        if (b->init) {
-            ip = (int *)ptr;
-            if (ip != NULL)
-                *ip = b->num;
-            ret = b->num;
-        } else
-            ret = -1;
-        break;
-    case BIO_CTRL_GET_CLOSE:
-        ret = b->shutdown;
-        break;
-    case BIO_CTRL_SET_CLOSE:
-        b->shutdown = (int)num;
-        break;
-    case BIO_CTRL_PENDING:
-    case BIO_CTRL_WPENDING:
-        ret = 0;
-        break;
-    case BIO_CTRL_DUP:
-    case BIO_CTRL_FLUSH:
-        ret = 1;
-        break;
-    case BIO_CTRL_DGRAM_CONNECT:
-        to = (struct sockaddr *)ptr;
-# if 0
-        if (connect(b->num, to, sizeof(struct sockaddr)) < 0) {
-            perror("connect");
-            ret = 0;
-        } else {
-# endif
-            switch (to->sa_family) {
-            case AF_INET:
-                memcpy(&data->peer, to, sizeof(data->peer.sa_in));
-                break;
-# if OPENSSL_USE_IPV6
-            case AF_INET6:
-                memcpy(&data->peer, to, sizeof(data->peer.sa_in6));
-                break;
-# endif
-            default:
-                memcpy(&data->peer, to, sizeof(data->peer.sa));
-                break;
-            }
-# if 0
-        }
-# endif
-        break;
-        /* (Linux)kernel sets DF bit on outgoing IP packets */
-    case BIO_CTRL_DGRAM_MTU_DISCOVER:
-# if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DO)
-        addr_len = (socklen_t) sizeof(addr);
-        memset((void *)&addr, 0, sizeof(addr));
-        if (getsockname(b->num, &addr.sa, &addr_len) < 0) {
-            ret = 0;
-            break;
-        }
-        switch (addr.sa.sa_family) {
-        case AF_INET:
-            sockopt_val = IP_PMTUDISC_DO;
-            if ((ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER,
-                                  &sockopt_val, sizeof(sockopt_val))) < 0)
-                perror("setsockopt");
-            break;
-#  if OPENSSL_USE_IPV6 && defined(IPV6_MTU_DISCOVER) && defined(IPV6_PMTUDISC_DO)
-        case AF_INET6:
-            sockopt_val = IPV6_PMTUDISC_DO;
-            if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
-                                  &sockopt_val, sizeof(sockopt_val))) < 0)
-                perror("setsockopt");
-            break;
-#  endif
-        default:
-            ret = -1;
-            break;
-        }
-        ret = -1;
-# else
-        break;
-# endif
-    case BIO_CTRL_DGRAM_QUERY_MTU:
-# if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU)
-        addr_len = (socklen_t) sizeof(addr);
-        memset((void *)&addr, 0, sizeof(addr));
-        if (getsockname(b->num, &addr.sa, &addr_len) < 0) {
-            ret = 0;
-            break;
-        }
-        sockopt_len = sizeof(sockopt_val);
-        switch (addr.sa.sa_family) {
-        case AF_INET:
-            if ((ret =
-                 getsockopt(b->num, IPPROTO_IP, IP_MTU, (void *)&sockopt_val,
-                            &sockopt_len)) < 0 || sockopt_val < 0) {
-                ret = 0;
-            } else {
-                /*
-                 * we assume that the transport protocol is UDP and no IP
-                 * options are used.
-                 */
-                data->mtu = sockopt_val - 8 - 20;
-                ret = data->mtu;
-            }
-            break;
-#  if OPENSSL_USE_IPV6 && defined(IPV6_MTU)
-        case AF_INET6:
-            if ((ret =
-                 getsockopt(b->num, IPPROTO_IPV6, IPV6_MTU,
-                            (void *)&sockopt_val, &sockopt_len)) < 0
-                || sockopt_val < 0) {
-                ret = 0;
-            } else {
-                /*
-                 * we assume that the transport protocol is UDP and no IPV6
-                 * options are used.
-                 */
-                data->mtu = sockopt_val - 8 - 40;
-                ret = data->mtu;
-            }
-            break;
-#  endif
-        default:
-            ret = 0;
-            break;
-        }
-# else
-        ret = 0;
-# endif
-        break;
-    case BIO_CTRL_DGRAM_GET_FALLBACK_MTU:
-        ret = -dgram_get_mtu_overhead(data);
-        switch (data->peer.sa.sa_family) {
-        case AF_INET:
-            ret += 576;
-            break;
-# if OPENSSL_USE_IPV6
-        case AF_INET6:
-#  ifdef IN6_IS_ADDR_V4MAPPED
-            if (IN6_IS_ADDR_V4MAPPED(&data->peer.sa_in6.sin6_addr))
-                ret += 576;
-            else
-#  endif
-                ret += 1280;
-            break;
-# endif
-        default:
-            ret += 576;
-            break;
-        }
-        break;
-    case BIO_CTRL_DGRAM_GET_MTU:
-        return data->mtu;
-        break;
-    case BIO_CTRL_DGRAM_SET_MTU:
-        data->mtu = num;
-        ret = num;
-        break;
-    case BIO_CTRL_DGRAM_SET_CONNECTED:
-        to = (struct sockaddr *)ptr;
-
-        if (to != NULL) {
-            data->connected = 1;
-            switch (to->sa_family) {
-            case AF_INET:
-                memcpy(&data->peer, to, sizeof(data->peer.sa_in));
-                break;
-# if OPENSSL_USE_IPV6
-            case AF_INET6:
-                memcpy(&data->peer, to, sizeof(data->peer.sa_in6));
-                break;
-# endif
-            default:
-                memcpy(&data->peer, to, sizeof(data->peer.sa));
-                break;
-            }
-        } else {
-            data->connected = 0;
-            memset(&(data->peer), 0x00, sizeof(data->peer));
-        }
-        break;
-    case BIO_CTRL_DGRAM_GET_PEER:
-        switch (data->peer.sa.sa_family) {
-        case AF_INET:
-            ret = sizeof(data->peer.sa_in);
-            break;
-# if OPENSSL_USE_IPV6
-        case AF_INET6:
-            ret = sizeof(data->peer.sa_in6);
-            break;
-# endif
-        default:
-            ret = sizeof(data->peer.sa);
-            break;
-        }
-        if (num == 0 || num > ret)
-            num = ret;
-        memcpy(ptr, &data->peer, (ret = num));
-        break;
-    case BIO_CTRL_DGRAM_SET_PEER:
-        to = (struct sockaddr *)ptr;
-        switch (to->sa_family) {
-        case AF_INET:
-            memcpy(&data->peer, to, sizeof(data->peer.sa_in));
-            break;
-# if OPENSSL_USE_IPV6
-        case AF_INET6:
-            memcpy(&data->peer, to, sizeof(data->peer.sa_in6));
-            break;
-# endif
-        default:
-            memcpy(&data->peer, to, sizeof(data->peer.sa));
-            break;
-        }
-        break;
-    case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
-        memcpy(&(data->next_timeout), ptr, sizeof(struct timeval));
-        break;
-# if defined(SO_RCVTIMEO)
-    case BIO_CTRL_DGRAM_SET_RECV_TIMEOUT:
-#  ifdef OPENSSL_SYS_WINDOWS
-        {
-            struct timeval *tv = (struct timeval *)ptr;
-            int timeout = tv->tv_sec * 1000 + tv->tv_usec / 1000;
-            if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
-                           (void *)&timeout, sizeof(timeout)) < 0) {
-                perror("setsockopt");
-                ret = -1;
-            }
-        }
-#  else
-        if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, ptr,
-                       sizeof(struct timeval)) < 0) {
-            perror("setsockopt");
-            ret = -1;
-        }
-#  endif
-        break;
-    case BIO_CTRL_DGRAM_GET_RECV_TIMEOUT:
-        {
-            union {
-                size_t s;
-                int i;
-            } sz = {
-                0
-            };
-#  ifdef OPENSSL_SYS_WINDOWS
-            int timeout;
-            struct timeval *tv = (struct timeval *)ptr;
-
-            sz.i = sizeof(timeout);
-            if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
-                           (void *)&timeout, &sz.i) < 0) {
-                perror("getsockopt");
-                ret = -1;
-            } else {
-                tv->tv_sec = timeout / 1000;
-                tv->tv_usec = (timeout % 1000) * 1000;
-                ret = sizeof(*tv);
-            }
-#  else
-            sz.i = sizeof(struct timeval);
-            if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
-                           ptr, (void *)&sz) < 0) {
-                perror("getsockopt");
-                ret = -1;
-            } else if (sizeof(sz.s) != sizeof(sz.i) && sz.i == 0) {
-                OPENSSL_assert(sz.s <= sizeof(struct timeval));
-                ret = (int)sz.s;
-            } else
-                ret = sz.i;
-#  endif
-        }
-        break;
-# endif
-# if defined(SO_SNDTIMEO)
-    case BIO_CTRL_DGRAM_SET_SEND_TIMEOUT:
-#  ifdef OPENSSL_SYS_WINDOWS
-        {
-            struct timeval *tv = (struct timeval *)ptr;
-            int timeout = tv->tv_sec * 1000 + tv->tv_usec / 1000;
-            if (setsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
-                           (void *)&timeout, sizeof(timeout)) < 0) {
-                perror("setsockopt");
-                ret = -1;
-            }
-        }
-#  else
-        if (setsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO, ptr,
-                       sizeof(struct timeval)) < 0) {
-            perror("setsockopt");
-            ret = -1;
-        }
-#  endif
-        break;
-    case BIO_CTRL_DGRAM_GET_SEND_TIMEOUT:
-        {
-            union {
-                size_t s;
-                int i;
-            } sz = {
-                0
-            };
-#  ifdef OPENSSL_SYS_WINDOWS
-            int timeout;
-            struct timeval *tv = (struct timeval *)ptr;
-
-            sz.i = sizeof(timeout);
-            if (getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
-                           (void *)&timeout, &sz.i) < 0) {
-                perror("getsockopt");
-                ret = -1;
-            } else {
-                tv->tv_sec = timeout / 1000;
-                tv->tv_usec = (timeout % 1000) * 1000;
-                ret = sizeof(*tv);
-            }
-#  else
-            sz.i = sizeof(struct timeval);
-            if (getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
-                           ptr, (void *)&sz) < 0) {
-                perror("getsockopt");
-                ret = -1;
-            } else if (sizeof(sz.s) != sizeof(sz.i) && sz.i == 0) {
-                OPENSSL_assert(sz.s <= sizeof(struct timeval));
-                ret = (int)sz.s;
-            } else
-                ret = sz.i;
-#  endif
-        }
-        break;
-# endif
-    case BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP:
-        /* fall-through */
-    case BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP:
-# ifdef OPENSSL_SYS_WINDOWS
-        if (data->_errno == WSAETIMEDOUT)
-# else
-        if (data->_errno == EAGAIN)
-# endif
-        {
-            ret = 1;
-            data->_errno = 0;
-        } else
-            ret = 0;
-        break;
-# ifdef EMSGSIZE
-    case BIO_CTRL_DGRAM_MTU_EXCEEDED:
-        if (data->_errno == EMSGSIZE) {
-            ret = 1;
-            data->_errno = 0;
-        } else
-            ret = 0;
-        break;
-# endif
-    case BIO_CTRL_DGRAM_SET_DONT_FRAG:
-        sockopt_val = num ? 1 : 0;
-
-        switch (data->peer.sa.sa_family) {
-        case AF_INET:
-# if defined(IP_DONTFRAG)
-            if ((ret = setsockopt(b->num, IPPROTO_IP, IP_DONTFRAG,
-                                  &sockopt_val, sizeof(sockopt_val))) < 0) {
-                perror("setsockopt");
-                ret = -1;
-            }
-# elif defined(OPENSSL_SYS_LINUX) && defined(IP_MTU_DISCOVER) && defined (IP_PMTUDISC_PROBE)
-            if ((sockopt_val = num ? IP_PMTUDISC_PROBE : IP_PMTUDISC_DONT),
-                (ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER,
-                                  &sockopt_val, sizeof(sockopt_val))) < 0) {
-                perror("setsockopt");
-                ret = -1;
-            }
-# elif defined(OPENSSL_SYS_WINDOWS) && defined(IP_DONTFRAGMENT)
-            if ((ret = setsockopt(b->num, IPPROTO_IP, IP_DONTFRAGMENT,
-                                  (const char *)&sockopt_val,
-                                  sizeof(sockopt_val))) < 0) {
-                perror("setsockopt");
-                ret = -1;
-            }
-# else
-            ret = -1;
-# endif
-            break;
-# if OPENSSL_USE_IPV6
-        case AF_INET6:
-#  if defined(IPV6_DONTFRAG)
-            if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_DONTFRAG,
-                                  (const void *)&sockopt_val,
-                                  sizeof(sockopt_val))) < 0) {
-                perror("setsockopt");
-                ret = -1;
-            }
-#  elif defined(OPENSSL_SYS_LINUX) && defined(IPV6_MTUDISCOVER)
-            if ((sockopt_val = num ? IP_PMTUDISC_PROBE : IP_PMTUDISC_DONT),
-                (ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
-                                  &sockopt_val, sizeof(sockopt_val))) < 0) {
-                perror("setsockopt");
-                ret = -1;
-            }
-#  else
-            ret = -1;
-#  endif
-            break;
-# endif
-        default:
-            ret = -1;
-            break;
-        }
-        break;
-    case BIO_CTRL_DGRAM_GET_MTU_OVERHEAD:
-        ret = dgram_get_mtu_overhead(data);
-        break;
-    default:
-        ret = 0;
-        break;
-    }
-    return (ret);
-}
-
-static int dgram_puts(BIO *bp, const char *str)
-{
-    int n, ret;
-
-    n = strlen(str);
-    ret = dgram_write(bp, str, n);
-    return (ret);
-}
-
-# ifndef OPENSSL_NO_SCTP
-BIO_METHOD *BIO_s_datagram_sctp(void)
-{
-    return (&methods_dgramp_sctp);
-}
-
-BIO *BIO_new_dgram_sctp(int fd, int close_flag)
-{
-    BIO *bio;
-    int ret, optval = 20000;
-    int auth_data = 0, auth_forward = 0;
-    unsigned char *p;
-    struct sctp_authchunk auth;
-    struct sctp_authchunks *authchunks;
-    socklen_t sockopt_len;
-#  ifdef SCTP_AUTHENTICATION_EVENT
-#   ifdef SCTP_EVENT
-    struct sctp_event event;
-#   else
-    struct sctp_event_subscribe event;
-#   endif
-#  endif
-
-    bio = BIO_new(BIO_s_datagram_sctp());
-    if (bio == NULL)
-        return (NULL);
-    BIO_set_fd(bio, fd, close_flag);
-
-    /* Activate SCTP-AUTH for DATA and FORWARD-TSN chunks */
-    auth.sauth_chunk = OPENSSL_SCTP_DATA_CHUNK_TYPE;
-    ret =
-        setsockopt(fd, IPPROTO_SCTP, SCTP_AUTH_CHUNK, &auth,
-                   sizeof(struct sctp_authchunk));
-    if (ret < 0) {
-        BIO_vfree(bio);
-        return (NULL);
-    }
-    auth.sauth_chunk = OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE;
-    ret =
-        setsockopt(fd, IPPROTO_SCTP, SCTP_AUTH_CHUNK, &auth,
-                   sizeof(struct sctp_authchunk));
-    if (ret < 0) {
-        BIO_vfree(bio);
-        return (NULL);
-    }
-
-    /*
-     * Test if activation was successful. When using accept(), SCTP-AUTH has
-     * to be activated for the listening socket already, otherwise the
-     * connected socket won't use it.
-     */
-    sockopt_len = (socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
-    authchunks = OPENSSL_malloc(sockopt_len);
-    if (!authchunks) {
-        BIO_vfree(bio);
-        return (NULL);
-    }
-    memset(authchunks, 0, sizeof(sockopt_len));
-    ret =
-        getsockopt(fd, IPPROTO_SCTP, SCTP_LOCAL_AUTH_CHUNKS, authchunks,
-                   &sockopt_len);
-
-    if (ret < 0) {
-        OPENSSL_free(authchunks);
-        BIO_vfree(bio);
-        return (NULL);
-    }
-
-    for (p = (unsigned char *)authchunks->gauth_chunks;
-         p < (unsigned char *)authchunks + sockopt_len;
-         p += sizeof(uint8_t)) {
-        if (*p == OPENSSL_SCTP_DATA_CHUNK_TYPE)
-            auth_data = 1;
-        if (*p == OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE)
-            auth_forward = 1;
-    }
-
-    OPENSSL_free(authchunks);
-
-    OPENSSL_assert(auth_data);
-    OPENSSL_assert(auth_forward);
-
-#  ifdef SCTP_AUTHENTICATION_EVENT
-#   ifdef SCTP_EVENT
-    memset(&event, 0, sizeof(struct sctp_event));
-    event.se_assoc_id = 0;
-    event.se_type = SCTP_AUTHENTICATION_EVENT;
-    event.se_on = 1;
-    ret =
-        setsockopt(fd, IPPROTO_SCTP, SCTP_EVENT, &event,
-                   sizeof(struct sctp_event));
-    if (ret < 0) {
-        BIO_vfree(bio);
-        return (NULL);
-    }
-#   else
-    sockopt_len = (socklen_t) sizeof(struct sctp_event_subscribe);
-    ret = getsockopt(fd, IPPROTO_SCTP, SCTP_EVENTS, &event, &sockopt_len);
-    if (ret < 0) {
-        BIO_vfree(bio);
-        return (NULL);
-    }
-
-    event.sctp_authentication_event = 1;
-
-    ret =
-        setsockopt(fd, IPPROTO_SCTP, SCTP_EVENTS, &event,
-                   sizeof(struct sctp_event_subscribe));
-    if (ret < 0) {
-        BIO_vfree(bio);
-        return (NULL);
-    }
-#   endif
-#  endif
-
-    /*
-     * Disable partial delivery by setting the min size larger than the max
-     * record size of 2^14 + 2048 + 13
-     */
-    ret =
-        setsockopt(fd, IPPROTO_SCTP, SCTP_PARTIAL_DELIVERY_POINT, &optval,
-                   sizeof(optval));
-    if (ret < 0) {
-        BIO_vfree(bio);
-        return (NULL);
-    }
-
-    return (bio);
-}
-
-int BIO_dgram_is_sctp(BIO *bio)
-{
-    return (BIO_method_type(bio) == BIO_TYPE_DGRAM_SCTP);
-}
-
-static int dgram_sctp_new(BIO *bi)
-{
-    bio_dgram_sctp_data *data = NULL;
-
-    bi->init = 0;
-    bi->num = 0;
-    data = OPENSSL_malloc(sizeof(bio_dgram_sctp_data));
-    if (data == NULL)
-        return 0;
-    memset(data, 0x00, sizeof(bio_dgram_sctp_data));
-#  ifdef SCTP_PR_SCTP_NONE
-    data->prinfo.pr_policy = SCTP_PR_SCTP_NONE;
-#  endif
-    bi->ptr = data;
-
-    bi->flags = 0;
-    return (1);
-}
-
-static int dgram_sctp_free(BIO *a)
-{
-    bio_dgram_sctp_data *data;
-
-    if (a == NULL)
-        return (0);
-    if (!dgram_clear(a))
-        return 0;
-
-    data = (bio_dgram_sctp_data *) a->ptr;
-    if (data != NULL) {
-        if (data->saved_message.data != NULL)
-            OPENSSL_free(data->saved_message.data);
-        OPENSSL_free(data);
-    }
-
-    return (1);
-}
-
-#  ifdef SCTP_AUTHENTICATION_EVENT
-void dgram_sctp_handle_auth_free_key_event(BIO *b,
-                                           union sctp_notification *snp)
-{
-    int ret;
-    struct sctp_authkey_event *authkeyevent = &snp->sn_auth_event;
-
-    if (authkeyevent->auth_indication == SCTP_AUTH_FREE_KEY) {
-        struct sctp_authkeyid authkeyid;
-
-        /* delete key */
-        authkeyid.scact_keynumber = authkeyevent->auth_keynumber;
-        ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DELETE_KEY,
-                         &authkeyid, sizeof(struct sctp_authkeyid));
-    }
-}
-#  endif
-
-static int dgram_sctp_read(BIO *b, char *out, int outl)
-{
-    int ret = 0, n = 0, i, optval;
-    socklen_t optlen;
-    bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
-    union sctp_notification *snp;
-    struct msghdr msg;
-    struct iovec iov;
-    struct cmsghdr *cmsg;
-    char cmsgbuf[512];
-
-    if (out != NULL) {
-        clear_socket_error();
-
-        do {
-            memset(&data->rcvinfo, 0x00,
-                   sizeof(struct bio_dgram_sctp_rcvinfo));
-            iov.iov_base = out;
-            iov.iov_len = outl;
-            msg.msg_name = NULL;
-            msg.msg_namelen = 0;
-            msg.msg_iov = &iov;
-            msg.msg_iovlen = 1;
-            msg.msg_control = cmsgbuf;
-            msg.msg_controllen = 512;
-            msg.msg_flags = 0;
-            n = recvmsg(b->num, &msg, 0);
-
-            if (n <= 0) {
-                if (n < 0)
-                    ret = n;
-                break;
-            }
-
-            if (msg.msg_controllen > 0) {
-                for (cmsg = CMSG_FIRSTHDR(&msg); cmsg;
-                     cmsg = CMSG_NXTHDR(&msg, cmsg)) {
-                    if (cmsg->cmsg_level != IPPROTO_SCTP)
-                        continue;
-#  ifdef SCTP_RCVINFO
-                    if (cmsg->cmsg_type == SCTP_RCVINFO) {
-                        struct sctp_rcvinfo *rcvinfo;
-
-                        rcvinfo = (struct sctp_rcvinfo *)CMSG_DATA(cmsg);
-                        data->rcvinfo.rcv_sid = rcvinfo->rcv_sid;
-                        data->rcvinfo.rcv_ssn = rcvinfo->rcv_ssn;
-                        data->rcvinfo.rcv_flags = rcvinfo->rcv_flags;
-                        data->rcvinfo.rcv_ppid = rcvinfo->rcv_ppid;
-                        data->rcvinfo.rcv_tsn = rcvinfo->rcv_tsn;
-                        data->rcvinfo.rcv_cumtsn = rcvinfo->rcv_cumtsn;
-                        data->rcvinfo.rcv_context = rcvinfo->rcv_context;
-                    }
-#  endif
-#  ifdef SCTP_SNDRCV
-                    if (cmsg->cmsg_type == SCTP_SNDRCV) {
-                        struct sctp_sndrcvinfo *sndrcvinfo;
-
-                        sndrcvinfo =
-                            (struct sctp_sndrcvinfo *)CMSG_DATA(cmsg);
-                        data->rcvinfo.rcv_sid = sndrcvinfo->sinfo_stream;
-                        data->rcvinfo.rcv_ssn = sndrcvinfo->sinfo_ssn;
-                        data->rcvinfo.rcv_flags = sndrcvinfo->sinfo_flags;
-                        data->rcvinfo.rcv_ppid = sndrcvinfo->sinfo_ppid;
-                        data->rcvinfo.rcv_tsn = sndrcvinfo->sinfo_tsn;
-                        data->rcvinfo.rcv_cumtsn = sndrcvinfo->sinfo_cumtsn;
-                        data->rcvinfo.rcv_context = sndrcvinfo->sinfo_context;
-                    }
-#  endif
-                }
-            }
-
-            if (msg.msg_flags & MSG_NOTIFICATION) {
-                snp = (union sctp_notification *)out;
-                if (snp->sn_header.sn_type == SCTP_SENDER_DRY_EVENT) {
-#  ifdef SCTP_EVENT
-                    struct sctp_event event;
-#  else
-                    struct sctp_event_subscribe event;
-                    socklen_t eventsize;
-#  endif
-                    /*
-                     * If a message has been delayed until the socket is dry,
-                     * it can be sent now.
-                     */
-                    if (data->saved_message.length > 0) {
-                        dgram_sctp_write(data->saved_message.bio,
-                                         data->saved_message.data,
-                                         data->saved_message.length);
-                        OPENSSL_free(data->saved_message.data);
-                        data->saved_message.data = NULL;
-                        data->saved_message.length = 0;
-                    }
-
-                    /* disable sender dry event */
-#  ifdef SCTP_EVENT
-                    memset(&event, 0, sizeof(struct sctp_event));
-                    event.se_assoc_id = 0;
-                    event.se_type = SCTP_SENDER_DRY_EVENT;
-                    event.se_on = 0;
-                    i = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
-                                   sizeof(struct sctp_event));
-                    if (i < 0) {
-                        ret = i;
-                        break;
-                    }
-#  else
-                    eventsize = sizeof(struct sctp_event_subscribe);
-                    i = getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
-                                   &eventsize);
-                    if (i < 0) {
-                        ret = i;
-                        break;
-                    }
-
-                    event.sctp_sender_dry_event = 0;
-
-                    i = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
-                                   sizeof(struct sctp_event_subscribe));
-                    if (i < 0) {
-                        ret = i;
-                        break;
-                    }
-#  endif
-                }
-#  ifdef SCTP_AUTHENTICATION_EVENT
-                if (snp->sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
-                    dgram_sctp_handle_auth_free_key_event(b, snp);
-#  endif
-
-                if (data->handle_notifications != NULL)
-                    data->handle_notifications(b, data->notification_context,
-                                               (void *)out);
-
-                memset(out, 0, outl);
-            } else
-                ret += n;
-        }
-        while ((msg.msg_flags & MSG_NOTIFICATION) && (msg.msg_flags & MSG_EOR)
-               && (ret < outl));
-
-        if (ret > 0 && !(msg.msg_flags & MSG_EOR)) {
-            /* Partial message read, this should never happen! */
-
-            /*
-             * The buffer was too small, this means the peer sent a message
-             * that was larger than allowed.
-             */
-            if (ret == outl)
-                return -1;
-
-            /*
-             * Test if socket buffer can handle max record size (2^14 + 2048
-             * + 13)
-             */
-            optlen = (socklen_t) sizeof(int);
-            ret = getsockopt(b->num, SOL_SOCKET, SO_RCVBUF, &optval, &optlen);
-            if (ret >= 0)
-                OPENSSL_assert(optval >= 18445);
-
-            /*
-             * Test if SCTP doesn't partially deliver below max record size
-             * (2^14 + 2048 + 13)
-             */
-            optlen = (socklen_t) sizeof(int);
-            ret =
-                getsockopt(b->num, IPPROTO_SCTP, SCTP_PARTIAL_DELIVERY_POINT,
-                           &optval, &optlen);
-            if (ret >= 0)
-                OPENSSL_assert(optval >= 18445);
-
-            /*
-             * Partially delivered notification??? Probably a bug....
-             */
-            OPENSSL_assert(!(msg.msg_flags & MSG_NOTIFICATION));
-
-            /*
-             * Everything seems ok till now, so it's most likely a message
-             * dropped by PR-SCTP.
-             */
-            memset(out, 0, outl);
-            BIO_set_retry_read(b);
-            return -1;
-        }
-
-        BIO_clear_retry_flags(b);
-        if (ret < 0) {
-            if (BIO_dgram_should_retry(ret)) {
-                BIO_set_retry_read(b);
-                data->_errno = get_last_socket_error();
-            }
-        }
-
-        /* Test if peer uses SCTP-AUTH before continuing */
-        if (!data->peer_auth_tested) {
-            int ii, auth_data = 0, auth_forward = 0;
-            unsigned char *p;
-            struct sctp_authchunks *authchunks;
-
-            optlen =
-                (socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
-            authchunks = OPENSSL_malloc(optlen);
-            if (!authchunks) {
-                BIOerr(BIO_F_DGRAM_SCTP_READ, ERR_R_MALLOC_FAILURE);
-                return -1;
-            }
-            memset(authchunks, 0, sizeof(optlen));
-            ii = getsockopt(b->num, IPPROTO_SCTP, SCTP_PEER_AUTH_CHUNKS,
-                            authchunks, &optlen);
-
-            if (ii >= 0)
-                for (p = (unsigned char *)authchunks->gauth_chunks;
-                     p < (unsigned char *)authchunks + optlen;
-                     p += sizeof(uint8_t)) {
-                    if (*p == OPENSSL_SCTP_DATA_CHUNK_TYPE)
-                        auth_data = 1;
-                    if (*p == OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE)
-                        auth_forward = 1;
-                }
-
-            OPENSSL_free(authchunks);
-
-            if (!auth_data || !auth_forward) {
-                BIOerr(BIO_F_DGRAM_SCTP_READ, BIO_R_CONNECT_ERROR);
-                return -1;
-            }
-
-            data->peer_auth_tested = 1;
-        }
-    }
-    return (ret);
-}
-
-static int dgram_sctp_write(BIO *b, const char *in, int inl)
-{
-    int ret;
-    bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
-    struct bio_dgram_sctp_sndinfo *sinfo = &(data->sndinfo);
-    struct bio_dgram_sctp_prinfo *pinfo = &(data->prinfo);
-    struct bio_dgram_sctp_sndinfo handshake_sinfo;
-    struct iovec iov[1];
-    struct msghdr msg;
-    struct cmsghdr *cmsg;
-#  if defined(SCTP_SNDINFO) && defined(SCTP_PRINFO)
-    char cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndinfo)) +
-                 CMSG_SPACE(sizeof(struct sctp_prinfo))];
-    struct sctp_sndinfo *sndinfo;
-    struct sctp_prinfo *prinfo;
-#  else
-    char cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
-    struct sctp_sndrcvinfo *sndrcvinfo;
-#  endif
-
-    clear_socket_error();
-
-    /*
-     * If we're send anything else than application data, disable all user
-     * parameters and flags.
-     */
-    if (in[0] != 23) {
-        memset(&handshake_sinfo, 0x00, sizeof(struct bio_dgram_sctp_sndinfo));
-#  ifdef SCTP_SACK_IMMEDIATELY
-        handshake_sinfo.snd_flags = SCTP_SACK_IMMEDIATELY;
-#  endif
-        sinfo = &handshake_sinfo;
-    }
-
-    /*
-     * If we have to send a shutdown alert message and the socket is not dry
-     * yet, we have to save it and send it as soon as the socket gets dry.
-     */
-    if (data->save_shutdown && !BIO_dgram_sctp_wait_for_dry(b)) {
-        char *tmp;
-        data->saved_message.bio = b;
-        if (!(tmp = OPENSSL_malloc(inl))) {
-            BIOerr(BIO_F_DGRAM_SCTP_WRITE, ERR_R_MALLOC_FAILURE);
-            return -1;
-        }
-        if (data->saved_message.data)
-            OPENSSL_free(data->saved_message.data);
-        data->saved_message.data = tmp;
-        memcpy(data->saved_message.data, in, inl);
-        data->saved_message.length = inl;
-        return inl;
-    }
-
-    iov[0].iov_base = (char *)in;
-    iov[0].iov_len = inl;
-    msg.msg_name = NULL;
-    msg.msg_namelen = 0;
-    msg.msg_iov = iov;
-    msg.msg_iovlen = 1;
-    msg.msg_control = (caddr_t) cmsgbuf;
-    msg.msg_controllen = 0;
-    msg.msg_flags = 0;
-#  if defined(SCTP_SNDINFO) && defined(SCTP_PRINFO)
-    cmsg = (struct cmsghdr *)cmsgbuf;
-    cmsg->cmsg_level = IPPROTO_SCTP;
-    cmsg->cmsg_type = SCTP_SNDINFO;
-    cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_sndinfo));
-    sndinfo = (struct sctp_sndinfo *)CMSG_DATA(cmsg);
-    memset(sndinfo, 0, sizeof(struct sctp_sndinfo));
-    sndinfo->snd_sid = sinfo->snd_sid;
-    sndinfo->snd_flags = sinfo->snd_flags;
-    sndinfo->snd_ppid = sinfo->snd_ppid;
-    sndinfo->snd_context = sinfo->snd_context;
-    msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_sndinfo));
-
-    cmsg =
-        (struct cmsghdr *)&cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndinfo))];
-    cmsg->cmsg_level = IPPROTO_SCTP;
-    cmsg->cmsg_type = SCTP_PRINFO;
-    cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_prinfo));
-    prinfo = (struct sctp_prinfo *)CMSG_DATA(cmsg);
-    memset(prinfo, 0, sizeof(struct sctp_prinfo));
-    prinfo->pr_policy = pinfo->pr_policy;
-    prinfo->pr_value = pinfo->pr_value;
-    msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_prinfo));
-#  else
-    cmsg = (struct cmsghdr *)cmsgbuf;
-    cmsg->cmsg_level = IPPROTO_SCTP;
-    cmsg->cmsg_type = SCTP_SNDRCV;
-    cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_sndrcvinfo));
-    sndrcvinfo = (struct sctp_sndrcvinfo *)CMSG_DATA(cmsg);
-    memset(sndrcvinfo, 0, sizeof(struct sctp_sndrcvinfo));
-    sndrcvinfo->sinfo_stream = sinfo->snd_sid;
-    sndrcvinfo->sinfo_flags = sinfo->snd_flags;
-#   ifdef __FreeBSD__
-    sndrcvinfo->sinfo_flags |= pinfo->pr_policy;
-#   endif
-    sndrcvinfo->sinfo_ppid = sinfo->snd_ppid;
-    sndrcvinfo->sinfo_context = sinfo->snd_context;
-    sndrcvinfo->sinfo_timetolive = pinfo->pr_value;
-    msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_sndrcvinfo));
-#  endif
-
-    ret = sendmsg(b->num, &msg, 0);
-
-    BIO_clear_retry_flags(b);
-    if (ret <= 0) {
-        if (BIO_dgram_should_retry(ret)) {
-            BIO_set_retry_write(b);
-            data->_errno = get_last_socket_error();
-        }
-    }
-    return (ret);
-}
-
-static long dgram_sctp_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-    long ret = 1;
-    bio_dgram_sctp_data *data = NULL;
-    socklen_t sockopt_len = 0;
-    struct sctp_authkeyid authkeyid;
-    struct sctp_authkey *authkey = NULL;
-
-    data = (bio_dgram_sctp_data *) b->ptr;
-
-    switch (cmd) {
-    case BIO_CTRL_DGRAM_QUERY_MTU:
-        /*
-         * Set to maximum (2^14) and ignore user input to enable transport
-         * protocol fragmentation. Returns always 2^14.
-         */
-        data->mtu = 16384;
-        ret = data->mtu;
-        break;
-    case BIO_CTRL_DGRAM_SET_MTU:
-        /*
-         * Set to maximum (2^14) and ignore input to enable transport
-         * protocol fragmentation. Returns always 2^14.
-         */
-        data->mtu = 16384;
-        ret = data->mtu;
-        break;
-    case BIO_CTRL_DGRAM_SET_CONNECTED:
-    case BIO_CTRL_DGRAM_CONNECT:
-        /* Returns always -1. */
-        ret = -1;
-        break;
-    case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
-        /*
-         * SCTP doesn't need the DTLS timer Returns always 1.
-         */
-        break;
-    case BIO_CTRL_DGRAM_GET_MTU_OVERHEAD:
-        /*
-         * We allow transport protocol fragmentation so this is irrelevant
-         */
-        ret = 0;
-        break;
-    case BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE:
-        if (num > 0)
-            data->in_handshake = 1;
-        else
-            data->in_handshake = 0;
-
-        ret =
-            setsockopt(b->num, IPPROTO_SCTP, SCTP_NODELAY,
-                       &data->in_handshake, sizeof(int));
-        break;
-    case BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY:
-        /*
-         * New shared key for SCTP AUTH. Returns 0 on success, -1 otherwise.
-         */
-
-        /* Get active key */
-        sockopt_len = sizeof(struct sctp_authkeyid);
-        ret =
-            getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY, &authkeyid,
-                       &sockopt_len);
-        if (ret < 0)
-            break;
-
-        /* Add new key */
-        sockopt_len = sizeof(struct sctp_authkey) + 64 * sizeof(uint8_t);
-        authkey = OPENSSL_malloc(sockopt_len);
-        if (authkey == NULL) {
-            ret = -1;
-            break;
-        }
-        memset(authkey, 0x00, sockopt_len);
-        authkey->sca_keynumber = authkeyid.scact_keynumber + 1;
-#  ifndef __FreeBSD__
-        /*
-         * This field is missing in FreeBSD 8.2 and earlier, and FreeBSD 8.3
-         * and higher work without it.
-         */
-        authkey->sca_keylength = 64;
-#  endif
-        memcpy(&authkey->sca_key[0], ptr, 64 * sizeof(uint8_t));
-
-        ret =
-            setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_KEY, authkey,
-                       sockopt_len);
-        OPENSSL_free(authkey);
-        authkey = NULL;
-        if (ret < 0)
-            break;
-
-        /* Reset active key */
-        ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
-                         &authkeyid, sizeof(struct sctp_authkeyid));
-        if (ret < 0)
-            break;
-
-        break;
-    case BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY:
-        /* Returns 0 on success, -1 otherwise. */
-
-        /* Get active key */
-        sockopt_len = sizeof(struct sctp_authkeyid);
-        ret =
-            getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY, &authkeyid,
-                       &sockopt_len);
-        if (ret < 0)
-            break;
-
-        /* Set active key */
-        authkeyid.scact_keynumber = authkeyid.scact_keynumber + 1;
-        ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
-                         &authkeyid, sizeof(struct sctp_authkeyid));
-        if (ret < 0)
-            break;
-
-        /*
-         * CCS has been sent, so remember that and fall through to check if
-         * we need to deactivate an old key
-         */
-        data->ccs_sent = 1;
-
-    case BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD:
-        /* Returns 0 on success, -1 otherwise. */
-
-        /*
-         * Has this command really been called or is this just a
-         * fall-through?
-         */
-        if (cmd == BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD)
-            data->ccs_rcvd = 1;
-
-        /*
-         * CSS has been both, received and sent, so deactivate an old key
-         */
-        if (data->ccs_rcvd == 1 && data->ccs_sent == 1) {
-            /* Get active key */
-            sockopt_len = sizeof(struct sctp_authkeyid);
-            ret =
-                getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
-                           &authkeyid, &sockopt_len);
-            if (ret < 0)
-                break;
-
-            /*
-             * Deactivate key or delete second last key if
-             * SCTP_AUTHENTICATION_EVENT is not available.
-             */
-            authkeyid.scact_keynumber = authkeyid.scact_keynumber - 1;
-#  ifdef SCTP_AUTH_DEACTIVATE_KEY
-            sockopt_len = sizeof(struct sctp_authkeyid);
-            ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DEACTIVATE_KEY,
-                             &authkeyid, sockopt_len);
-            if (ret < 0)
-                break;
-#  endif
-#  ifndef SCTP_AUTHENTICATION_EVENT
-            if (authkeyid.scact_keynumber > 0) {
-                authkeyid.scact_keynumber = authkeyid.scact_keynumber - 1;
-                ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DELETE_KEY,
-                                 &authkeyid, sizeof(struct sctp_authkeyid));
-                if (ret < 0)
-                    break;
-            }
-#  endif
-
-            data->ccs_rcvd = 0;
-            data->ccs_sent = 0;
-        }
-        break;
-    case BIO_CTRL_DGRAM_SCTP_GET_SNDINFO:
-        /* Returns the size of the copied struct. */
-        if (num > (long)sizeof(struct bio_dgram_sctp_sndinfo))
-            num = sizeof(struct bio_dgram_sctp_sndinfo);
-
-        memcpy(ptr, &(data->sndinfo), num);
-        ret = num;
-        break;
-    case BIO_CTRL_DGRAM_SCTP_SET_SNDINFO:
-        /* Returns the size of the copied struct. */
-        if (num > (long)sizeof(struct bio_dgram_sctp_sndinfo))
-            num = sizeof(struct bio_dgram_sctp_sndinfo);
-
-        memcpy(&(data->sndinfo), ptr, num);
-        break;
-    case BIO_CTRL_DGRAM_SCTP_GET_RCVINFO:
-        /* Returns the size of the copied struct. */
-        if (num > (long)sizeof(struct bio_dgram_sctp_rcvinfo))
-            num = sizeof(struct bio_dgram_sctp_rcvinfo);
-
-        memcpy(ptr, &data->rcvinfo, num);
-
-        ret = num;
-        break;
-    case BIO_CTRL_DGRAM_SCTP_SET_RCVINFO:
-        /* Returns the size of the copied struct. */
-        if (num > (long)sizeof(struct bio_dgram_sctp_rcvinfo))
-            num = sizeof(struct bio_dgram_sctp_rcvinfo);
-
-        memcpy(&(data->rcvinfo), ptr, num);
-        break;
-    case BIO_CTRL_DGRAM_SCTP_GET_PRINFO:
-        /* Returns the size of the copied struct. */
-        if (num > (long)sizeof(struct bio_dgram_sctp_prinfo))
-            num = sizeof(struct bio_dgram_sctp_prinfo);
-
-        memcpy(ptr, &(data->prinfo), num);
-        ret = num;
-        break;
-    case BIO_CTRL_DGRAM_SCTP_SET_PRINFO:
-        /* Returns the size of the copied struct. */
-        if (num > (long)sizeof(struct bio_dgram_sctp_prinfo))
-            num = sizeof(struct bio_dgram_sctp_prinfo);
-
-        memcpy(&(data->prinfo), ptr, num);
-        break;
-    case BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN:
-        /* Returns always 1. */
-        if (num > 0)
-            data->save_shutdown = 1;
-        else
-            data->save_shutdown = 0;
-        break;
-
-    default:
-        /*
-         * Pass to default ctrl function to process SCTP unspecific commands
-         */
-        ret = dgram_ctrl(b, cmd, num, ptr);
-        break;
-    }
-    return (ret);
-}
-
-int BIO_dgram_sctp_notification_cb(BIO *b,
-                                   void (*handle_notifications) (BIO *bio,
-                                                                 void
-                                                                 *context,
-                                                                 void *buf),
-                                   void *context)
-{
-    bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
-
-    if (handle_notifications != NULL) {
-        data->handle_notifications = handle_notifications;
-        data->notification_context = context;
-    } else
-        return -1;
-
-    return 0;
-}
-
-int BIO_dgram_sctp_wait_for_dry(BIO *b)
-{
-    int is_dry = 0;
-    int n, sockflags, ret;
-    union sctp_notification snp;
-    struct msghdr msg;
-    struct iovec iov;
-#  ifdef SCTP_EVENT
-    struct sctp_event event;
-#  else
-    struct sctp_event_subscribe event;
-    socklen_t eventsize;
-#  endif
-    bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
-
-    /* set sender dry event */
-#  ifdef SCTP_EVENT
-    memset(&event, 0, sizeof(struct sctp_event));
-    event.se_assoc_id = 0;
-    event.se_type = SCTP_SENDER_DRY_EVENT;
-    event.se_on = 1;
-    ret =
-        setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
-                   sizeof(struct sctp_event));
-#  else
-    eventsize = sizeof(struct sctp_event_subscribe);
-    ret = getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event, &eventsize);
-    if (ret < 0)
-        return -1;
-
-    event.sctp_sender_dry_event = 1;
-
-    ret =
-        setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
-                   sizeof(struct sctp_event_subscribe));
-#  endif
-    if (ret < 0)
-        return -1;
-
-    /* peek for notification */
-    memset(&snp, 0x00, sizeof(union sctp_notification));
-    iov.iov_base = (char *)&snp;
-    iov.iov_len = sizeof(union sctp_notification);
-    msg.msg_name = NULL;
-    msg.msg_namelen = 0;
-    msg.msg_iov = &iov;
-    msg.msg_iovlen = 1;
-    msg.msg_control = NULL;
-    msg.msg_controllen = 0;
-    msg.msg_flags = 0;
-
-    n = recvmsg(b->num, &msg, MSG_PEEK);
-    if (n <= 0) {
-        if ((n < 0) && (get_last_socket_error() != EAGAIN)
-            && (get_last_socket_error() != EWOULDBLOCK))
-            return -1;
-        else
-            return 0;
-    }
-
-    /* if we find a notification, process it and try again if necessary */
-    while (msg.msg_flags & MSG_NOTIFICATION) {
-        memset(&snp, 0x00, sizeof(union sctp_notification));
-        iov.iov_base = (char *)&snp;
-        iov.iov_len = sizeof(union sctp_notification);
-        msg.msg_name = NULL;
-        msg.msg_namelen = 0;
-        msg.msg_iov = &iov;
-        msg.msg_iovlen = 1;
-        msg.msg_control = NULL;
-        msg.msg_controllen = 0;
-        msg.msg_flags = 0;
-
-        n = recvmsg(b->num, &msg, 0);
-        if (n <= 0) {
-            if ((n < 0) && (get_last_socket_error() != EAGAIN)
-                && (get_last_socket_error() != EWOULDBLOCK))
-                return -1;
-            else
-                return is_dry;
-        }
-
-        if (snp.sn_header.sn_type == SCTP_SENDER_DRY_EVENT) {
-            is_dry = 1;
-
-            /* disable sender dry event */
-#  ifdef SCTP_EVENT
-            memset(&event, 0, sizeof(struct sctp_event));
-            event.se_assoc_id = 0;
-            event.se_type = SCTP_SENDER_DRY_EVENT;
-            event.se_on = 0;
-            ret =
-                setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
-                           sizeof(struct sctp_event));
-#  else
-            eventsize = (socklen_t) sizeof(struct sctp_event_subscribe);
-            ret =
-                getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
-                           &eventsize);
-            if (ret < 0)
-                return -1;
-
-            event.sctp_sender_dry_event = 0;
-
-            ret =
-                setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
-                           sizeof(struct sctp_event_subscribe));
-#  endif
-            if (ret < 0)
-                return -1;
-        }
-#  ifdef SCTP_AUTHENTICATION_EVENT
-        if (snp.sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
-            dgram_sctp_handle_auth_free_key_event(b, &snp);
-#  endif
-
-        if (data->handle_notifications != NULL)
-            data->handle_notifications(b, data->notification_context,
-                                       (void *)&snp);
-
-        /* found notification, peek again */
-        memset(&snp, 0x00, sizeof(union sctp_notification));
-        iov.iov_base = (char *)&snp;
-        iov.iov_len = sizeof(union sctp_notification);
-        msg.msg_name = NULL;
-        msg.msg_namelen = 0;
-        msg.msg_iov = &iov;
-        msg.msg_iovlen = 1;
-        msg.msg_control = NULL;
-        msg.msg_controllen = 0;
-        msg.msg_flags = 0;
-
-        /* if we have seen the dry already, don't wait */
-        if (is_dry) {
-            sockflags = fcntl(b->num, F_GETFL, 0);
-            fcntl(b->num, F_SETFL, O_NONBLOCK);
-        }
-
-        n = recvmsg(b->num, &msg, MSG_PEEK);
-
-        if (is_dry) {
-            fcntl(b->num, F_SETFL, sockflags);
-        }
-
-        if (n <= 0) {
-            if ((n < 0) && (get_last_socket_error() != EAGAIN)
-                && (get_last_socket_error() != EWOULDBLOCK))
-                return -1;
-            else
-                return is_dry;
-        }
-    }
-
-    /* read anything else */
-    return is_dry;
-}
-
-int BIO_dgram_sctp_msg_waiting(BIO *b)
-{
-    int n, sockflags;
-    union sctp_notification snp;
-    struct msghdr msg;
-    struct iovec iov;
-    bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
-
-    /* Check if there are any messages waiting to be read */
-    do {
-        memset(&snp, 0x00, sizeof(union sctp_notification));
-        iov.iov_base = (char *)&snp;
-        iov.iov_len = sizeof(union sctp_notification);
-        msg.msg_name = NULL;
-        msg.msg_namelen = 0;
-        msg.msg_iov = &iov;
-        msg.msg_iovlen = 1;
-        msg.msg_control = NULL;
-        msg.msg_controllen = 0;
-        msg.msg_flags = 0;
-
-        sockflags = fcntl(b->num, F_GETFL, 0);
-        fcntl(b->num, F_SETFL, O_NONBLOCK);
-        n = recvmsg(b->num, &msg, MSG_PEEK);
-        fcntl(b->num, F_SETFL, sockflags);
-
-        /* if notification, process and try again */
-        if (n > 0 && (msg.msg_flags & MSG_NOTIFICATION)) {
-#  ifdef SCTP_AUTHENTICATION_EVENT
-            if (snp.sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
-                dgram_sctp_handle_auth_free_key_event(b, &snp);
-#  endif
-
-            memset(&snp, 0x00, sizeof(union sctp_notification));
-            iov.iov_base = (char *)&snp;
-            iov.iov_len = sizeof(union sctp_notification);
-            msg.msg_name = NULL;
-            msg.msg_namelen = 0;
-            msg.msg_iov = &iov;
-            msg.msg_iovlen = 1;
-            msg.msg_control = NULL;
-            msg.msg_controllen = 0;
-            msg.msg_flags = 0;
-            n = recvmsg(b->num, &msg, 0);
-
-            if (data->handle_notifications != NULL)
-                data->handle_notifications(b, data->notification_context,
-                                           (void *)&snp);
-        }
-
-    } while (n > 0 && (msg.msg_flags & MSG_NOTIFICATION));
-
-    /* Return 1 if there is a message to be read, return 0 otherwise. */
-    if (n > 0)
-        return 1;
-    else
-        return 0;
-}
-
-static int dgram_sctp_puts(BIO *bp, const char *str)
-{
-    int n, ret;
-
-    n = strlen(str);
-    ret = dgram_sctp_write(bp, str, n);
-    return (ret);
-}
-# endif
-
-static int BIO_dgram_should_retry(int i)
-{
-    int err;
-
-    if ((i == 0) || (i == -1)) {
-        err = get_last_socket_error();
-
-# if defined(OPENSSL_SYS_WINDOWS)
-        /*
-         * If the socket return value (i) is -1 and err is unexpectedly 0 at
-         * this point, the error code was overwritten by another system call
-         * before this error handling is called.
-         */
-# endif
-
-        return (BIO_dgram_non_fatal_error(err));
-    }
-    return (0);
-}
-
-int BIO_dgram_non_fatal_error(int err)
-{
-    switch (err) {
-# if defined(OPENSSL_SYS_WINDOWS)
-#  if defined(WSAEWOULDBLOCK)
-    case WSAEWOULDBLOCK:
-#  endif
-
-#  if 0                         /* This appears to always be an error */
-#   if defined(WSAENOTCONN)
-    case WSAENOTCONN:
-#   endif
-#  endif
-# endif
-
-# ifdef EWOULDBLOCK
-#  ifdef WSAEWOULDBLOCK
-#   if WSAEWOULDBLOCK != EWOULDBLOCK
-    case EWOULDBLOCK:
-#   endif
-#  else
-    case EWOULDBLOCK:
-#  endif
-# endif
-
-# ifdef EINTR
-    case EINTR:
-# endif
-
-# ifdef EAGAIN
-#  if EWOULDBLOCK != EAGAIN
-    case EAGAIN:
-#  endif
-# endif
-
-# ifdef EPROTO
-    case EPROTO:
-# endif
-
-# ifdef EINPROGRESS
-    case EINPROGRESS:
-# endif
-
-# ifdef EALREADY
-    case EALREADY:
-# endif
-
-        return (1);
-        /* break; */
-    default:
-        break;
-    }
-    return (0);
-}
-
-static void get_current_time(struct timeval *t)
-{
-# if defined(_WIN32)
-    SYSTEMTIME st;
-    union {
-        unsigned __int64 ul;
-        FILETIME ft;
-    } now;
-
-    GetSystemTime(&st);
-    SystemTimeToFileTime(&st, &now.ft);
-#  ifdef  __MINGW32__
-    now.ul -= 116444736000000000ULL;
-#  else
-    now.ul -= 116444736000000000UI64; /* re-bias to 1/1/1970 */
-#  endif
-    t->tv_sec = (long)(now.ul / 10000000);
-    t->tv_usec = ((int)(now.ul % 10000000)) / 10;
-# elif defined(OPENSSL_SYS_VMS)
-    struct timeb tb;
-    ftime(&tb);
-    t->tv_sec = (long)tb.time;
-    t->tv_usec = (long)tb.millitm * 1000;
-# else
-    gettimeofday(t, NULL);
-# endif
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/bio/bss_fd.c b/thirdparty/openssl/crypto/bio/bss_fd.c
deleted file mode 100644
index 5f4e34481b..0000000000
--- a/thirdparty/openssl/crypto/bio/bss_fd.c
+++ /dev/null
@@ -1,330 +0,0 @@
-/* crypto/bio/bss_fd.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include "cryptlib.h"
-
-#if defined(OPENSSL_NO_POSIX_IO)
-/*
- * Dummy placeholder for BIO_s_fd...
- */
-BIO *BIO_new_fd(int fd, int close_flag)
-{
-    return NULL;
-}
-
-int BIO_fd_non_fatal_error(int err)
-{
-    return 0;
-}
-
-int BIO_fd_should_retry(int i)
-{
-    return 0;
-}
-
-BIO_METHOD *BIO_s_fd(void)
-{
-    return NULL;
-}
-#else
-/*
- * As for unconditional usage of "UPLINK" interface in this module.
- * Trouble is that unlike Unix file descriptors [which are indexes
- * in kernel-side per-process table], corresponding descriptors on
- * platforms which require "UPLINK" interface seem to be indexes
- * in a user-land, non-global table. Well, in fact they are indexes
- * in stdio _iob[], and recall that _iob[] was the very reason why
- * "UPLINK" interface was introduced in first place. But one way on
- * another. Neither libcrypto or libssl use this BIO meaning that
- * file descriptors can only be provided by application. Therefore
- * "UPLINK" calls are due...
- */
-# include "bio_lcl.h"
-
-static int fd_write(BIO *h, const char *buf, int num);
-static int fd_read(BIO *h, char *buf, int size);
-static int fd_puts(BIO *h, const char *str);
-static int fd_gets(BIO *h, char *buf, int size);
-static long fd_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int fd_new(BIO *h);
-static int fd_free(BIO *data);
-int BIO_fd_should_retry(int s);
-
-static BIO_METHOD methods_fdp = {
-    BIO_TYPE_FD, "file descriptor",
-    fd_write,
-    fd_read,
-    fd_puts,
-    fd_gets,
-    fd_ctrl,
-    fd_new,
-    fd_free,
-    NULL,
-};
-
-BIO_METHOD *BIO_s_fd(void)
-{
-    return (&methods_fdp);
-}
-
-BIO *BIO_new_fd(int fd, int close_flag)
-{
-    BIO *ret;
-    ret = BIO_new(BIO_s_fd());
-    if (ret == NULL)
-        return (NULL);
-    BIO_set_fd(ret, fd, close_flag);
-    return (ret);
-}
-
-static int fd_new(BIO *bi)
-{
-    bi->init = 0;
-    bi->num = -1;
-    bi->ptr = NULL;
-    bi->flags = BIO_FLAGS_UPLINK; /* essentially redundant */
-    return (1);
-}
-
-static int fd_free(BIO *a)
-{
-    if (a == NULL)
-        return (0);
-    if (a->shutdown) {
-        if (a->init) {
-            UP_close(a->num);
-        }
-        a->init = 0;
-        a->flags = BIO_FLAGS_UPLINK;
-    }
-    return (1);
-}
-
-static int fd_read(BIO *b, char *out, int outl)
-{
-    int ret = 0;
-
-    if (out != NULL) {
-        clear_sys_error();
-        ret = UP_read(b->num, out, outl);
-        BIO_clear_retry_flags(b);
-        if (ret <= 0) {
-            if (BIO_fd_should_retry(ret))
-                BIO_set_retry_read(b);
-        }
-    }
-    return (ret);
-}
-
-static int fd_write(BIO *b, const char *in, int inl)
-{
-    int ret;
-    clear_sys_error();
-    ret = UP_write(b->num, in, inl);
-    BIO_clear_retry_flags(b);
-    if (ret <= 0) {
-        if (BIO_fd_should_retry(ret))
-            BIO_set_retry_write(b);
-    }
-    return (ret);
-}
-
-static long fd_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-    long ret = 1;
-    int *ip;
-
-    switch (cmd) {
-    case BIO_CTRL_RESET:
-        num = 0;
-    case BIO_C_FILE_SEEK:
-        ret = (long)UP_lseek(b->num, num, 0);
-        break;
-    case BIO_C_FILE_TELL:
-    case BIO_CTRL_INFO:
-        ret = (long)UP_lseek(b->num, 0, 1);
-        break;
-    case BIO_C_SET_FD:
-        fd_free(b);
-        b->num = *((int *)ptr);
-        b->shutdown = (int)num;
-        b->init = 1;
-        break;
-    case BIO_C_GET_FD:
-        if (b->init) {
-            ip = (int *)ptr;
-            if (ip != NULL)
-                *ip = b->num;
-            ret = b->num;
-        } else
-            ret = -1;
-        break;
-    case BIO_CTRL_GET_CLOSE:
-        ret = b->shutdown;
-        break;
-    case BIO_CTRL_SET_CLOSE:
-        b->shutdown = (int)num;
-        break;
-    case BIO_CTRL_PENDING:
-    case BIO_CTRL_WPENDING:
-        ret = 0;
-        break;
-    case BIO_CTRL_DUP:
-    case BIO_CTRL_FLUSH:
-        ret = 1;
-        break;
-    default:
-        ret = 0;
-        break;
-    }
-    return (ret);
-}
-
-static int fd_puts(BIO *bp, const char *str)
-{
-    int n, ret;
-
-    n = strlen(str);
-    ret = fd_write(bp, str, n);
-    return (ret);
-}
-
-static int fd_gets(BIO *bp, char *buf, int size)
-{
-    int ret = 0;
-    char *ptr = buf;
-    char *end = buf + size - 1;
-
-    while ((ptr < end) && (fd_read(bp, ptr, 1) > 0) && (ptr[0] != '\n'))
-        ptr++;
-
-    ptr[0] = '\0';
-
-    if (buf[0] != '\0')
-        ret = strlen(buf);
-    return (ret);
-}
-
-int BIO_fd_should_retry(int i)
-{
-    int err;
-
-    if ((i == 0) || (i == -1)) {
-        err = get_last_sys_error();
-
-# if defined(OPENSSL_SYS_WINDOWS) && 0/* more microsoft stupidity? perhaps
-                                       * not? Ben 4/1/99 */
-        if ((i == -1) && (err == 0))
-            return (1);
-# endif
-
-        return (BIO_fd_non_fatal_error(err));
-    }
-    return (0);
-}
-
-int BIO_fd_non_fatal_error(int err)
-{
-    switch (err) {
-
-# ifdef EWOULDBLOCK
-#  ifdef WSAEWOULDBLOCK
-#   if WSAEWOULDBLOCK != EWOULDBLOCK
-    case EWOULDBLOCK:
-#   endif
-#  else
-    case EWOULDBLOCK:
-#  endif
-# endif
-
-# if defined(ENOTCONN)
-    case ENOTCONN:
-# endif
-
-# ifdef EINTR
-    case EINTR:
-# endif
-
-# ifdef EAGAIN
-#  if EWOULDBLOCK != EAGAIN
-    case EAGAIN:
-#  endif
-# endif
-
-# ifdef EPROTO
-    case EPROTO:
-# endif
-
-# ifdef EINPROGRESS
-    case EINPROGRESS:
-# endif
-
-# ifdef EALREADY
-    case EALREADY:
-# endif
-        return (1);
-        /* break; */
-    default:
-        break;
-    }
-    return (0);
-}
-#endif
diff --git a/thirdparty/openssl/crypto/bio/bss_file.c b/thirdparty/openssl/crypto/bio/bss_file.c
deleted file mode 100644
index 0cf67e5b77..0000000000
--- a/thirdparty/openssl/crypto/bio/bss_file.c
+++ /dev/null
@@ -1,484 +0,0 @@
-/* crypto/bio/bss_file.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*-
- * 03-Dec-1997  rdenny@dc3.com  Fix bug preventing use of stdin/stdout
- *              with binary data (e.g. asn1parse -inform DER < xxx) under
- *              Windows
- */
-
-#ifndef HEADER_BSS_FILE_C
-# define HEADER_BSS_FILE_C
-
-# if defined(__linux) || defined(__sun) || defined(__hpux)
-/*
- * Following definition aliases fopen to fopen64 on above mentioned
- * platforms. This makes it possible to open and sequentially access files
- * larger than 2GB from 32-bit application. It does not allow to traverse
- * them beyond 2GB with fseek/ftell, but on the other hand *no* 32-bit
- * platform permits that, not with fseek/ftell. Not to mention that breaking
- * 2GB limit for seeking would require surgery to *our* API. But sequential
- * access suffices for practical cases when you can run into large files,
- * such as fingerprinting, so we can let API alone. For reference, the list
- * of 32-bit platforms which allow for sequential access of large files
- * without extra "magic" comprise *BSD, Darwin, IRIX...
- */
-#  ifndef _FILE_OFFSET_BITS
-#   define _FILE_OFFSET_BITS 64
-#  endif
-# endif
-
-# include <stdio.h>
-# include <errno.h>
-# include "cryptlib.h"
-# include "bio_lcl.h"
-# include <openssl/err.h>
-
-# if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_CLIB)
-#  include <nwfileio.h>
-# endif
-
-# if !defined(OPENSSL_NO_STDIO)
-
-static int MS_CALLBACK file_write(BIO *h, const char *buf, int num);
-static int MS_CALLBACK file_read(BIO *h, char *buf, int size);
-static int MS_CALLBACK file_puts(BIO *h, const char *str);
-static int MS_CALLBACK file_gets(BIO *h, char *str, int size);
-static long MS_CALLBACK file_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int MS_CALLBACK file_new(BIO *h);
-static int MS_CALLBACK file_free(BIO *data);
-static BIO_METHOD methods_filep = {
-    BIO_TYPE_FILE,
-    "FILE pointer",
-    file_write,
-    file_read,
-    file_puts,
-    file_gets,
-    file_ctrl,
-    file_new,
-    file_free,
-    NULL,
-};
-
-static FILE *file_fopen(const char *filename, const char *mode)
-{
-    FILE *file = NULL;
-
-#  if defined(_WIN32) && defined(CP_UTF8)
-    int sz, len_0 = (int)strlen(filename) + 1;
-    DWORD flags;
-
-    /*
-     * Basically there are three cases to cover: a) filename is
-     * pure ASCII string; b) actual UTF-8 encoded string and
-     * c) locale-ized string, i.e. one containing 8-bit
-     * characters that are meaningful in current system locale.
-     * If filename is pure ASCII or real UTF-8 encoded string,
-     * MultiByteToWideChar succeeds and _wfopen works. If
-     * filename is locale-ized string, chances are that
-     * MultiByteToWideChar fails reporting
-     * ERROR_NO_UNICODE_TRANSLATION, in which case we fall
-     * back to fopen...
-     */
-    if ((sz = MultiByteToWideChar(CP_UTF8, (flags = MB_ERR_INVALID_CHARS),
-                                  filename, len_0, NULL, 0)) > 0 ||
-        (GetLastError() == ERROR_INVALID_FLAGS &&
-         (sz = MultiByteToWideChar(CP_UTF8, (flags = 0),
-                                   filename, len_0, NULL, 0)) > 0)
-        ) {
-        WCHAR wmode[8];
-        WCHAR *wfilename = _alloca(sz * sizeof(WCHAR));
-
-        if (MultiByteToWideChar(CP_UTF8, flags,
-                                filename, len_0, wfilename, sz) &&
-            MultiByteToWideChar(CP_UTF8, 0, mode, strlen(mode) + 1,
-                                wmode, sizeof(wmode) / sizeof(wmode[0])) &&
-            (file = _wfopen(wfilename, wmode)) == NULL &&
-            (errno == ENOENT || errno == EBADF)
-            ) {
-            /*
-             * UTF-8 decode succeeded, but no file, filename
-             * could still have been locale-ized...
-             */
-            file = fopen(filename, mode);
-        }
-    } else if (GetLastError() == ERROR_NO_UNICODE_TRANSLATION) {
-        file = fopen(filename, mode);
-    }
-#  else
-    file = fopen(filename, mode);
-#  endif
-    return (file);
-}
-
-BIO *BIO_new_file(const char *filename, const char *mode)
-{
-    BIO  *ret;
-    FILE *file = file_fopen(filename, mode);
-
-    if (file == NULL) {
-        SYSerr(SYS_F_FOPEN, get_last_sys_error());
-        ERR_add_error_data(5, "fopen('", filename, "','", mode, "')");
-        if (errno == ENOENT
-# ifdef ENXIO
-            || errno == ENXIO
-# endif
-            )
-            BIOerr(BIO_F_BIO_NEW_FILE, BIO_R_NO_SUCH_FILE);
-        else
-            BIOerr(BIO_F_BIO_NEW_FILE, ERR_R_SYS_LIB);
-        return (NULL);
-    }
-    if ((ret = BIO_new(BIO_s_file())) == NULL) {
-        fclose(file);
-        return (NULL);
-    }
-
-    BIO_clear_flags(ret, BIO_FLAGS_UPLINK); /* we did fopen -> we disengage
-                                             * UPLINK */
-    BIO_set_fp(ret, file, BIO_CLOSE);
-    return (ret);
-}
-
-BIO *BIO_new_fp(FILE *stream, int close_flag)
-{
-    BIO *ret;
-
-    if ((ret = BIO_new(BIO_s_file())) == NULL)
-        return (NULL);
-
-    BIO_set_flags(ret, BIO_FLAGS_UPLINK); /* redundant, left for
-                                           * documentation puposes */
-    BIO_set_fp(ret, stream, close_flag);
-    return (ret);
-}
-
-BIO_METHOD *BIO_s_file(void)
-{
-    return (&methods_filep);
-}
-
-static int MS_CALLBACK file_new(BIO *bi)
-{
-    bi->init = 0;
-    bi->num = 0;
-    bi->ptr = NULL;
-    bi->flags = BIO_FLAGS_UPLINK; /* default to UPLINK */
-    return (1);
-}
-
-static int MS_CALLBACK file_free(BIO *a)
-{
-    if (a == NULL)
-        return (0);
-    if (a->shutdown) {
-        if ((a->init) && (a->ptr != NULL)) {
-            if (a->flags & BIO_FLAGS_UPLINK)
-                UP_fclose(a->ptr);
-            else
-                fclose(a->ptr);
-            a->ptr = NULL;
-            a->flags = BIO_FLAGS_UPLINK;
-        }
-        a->init = 0;
-    }
-    return (1);
-}
-
-static int MS_CALLBACK file_read(BIO *b, char *out, int outl)
-{
-    int ret = 0;
-
-    if (b->init && (out != NULL)) {
-        if (b->flags & BIO_FLAGS_UPLINK)
-            ret = UP_fread(out, 1, (int)outl, b->ptr);
-        else
-            ret = fread(out, 1, (int)outl, (FILE *)b->ptr);
-        if (ret == 0
-            && (b->flags & BIO_FLAGS_UPLINK) ? UP_ferror((FILE *)b->ptr) :
-                                               ferror((FILE *)b->ptr)) {
-            SYSerr(SYS_F_FREAD, get_last_sys_error());
-            BIOerr(BIO_F_FILE_READ, ERR_R_SYS_LIB);
-            ret = -1;
-        }
-    }
-    return (ret);
-}
-
-static int MS_CALLBACK file_write(BIO *b, const char *in, int inl)
-{
-    int ret = 0;
-
-    if (b->init && (in != NULL)) {
-        if (b->flags & BIO_FLAGS_UPLINK)
-            ret = UP_fwrite(in, (int)inl, 1, b->ptr);
-        else
-            ret = fwrite(in, (int)inl, 1, (FILE *)b->ptr);
-        if (ret)
-            ret = inl;
-        /* ret=fwrite(in,1,(int)inl,(FILE *)b->ptr); */
-        /*
-         * according to Tim Hudson <tjh@cryptsoft.com>, the commented out
-         * version above can cause 'inl' write calls under some stupid stdio
-         * implementations (VMS)
-         */
-    }
-    return (ret);
-}
-
-static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-    long ret = 1;
-    FILE *fp = (FILE *)b->ptr;
-    FILE **fpp;
-    char p[4];
-    int st;
-
-    switch (cmd) {
-    case BIO_C_FILE_SEEK:
-    case BIO_CTRL_RESET:
-        if (b->flags & BIO_FLAGS_UPLINK)
-            ret = (long)UP_fseek(b->ptr, num, 0);
-        else
-            ret = (long)fseek(fp, num, 0);
-        break;
-    case BIO_CTRL_EOF:
-        if (b->flags & BIO_FLAGS_UPLINK)
-            ret = (long)UP_feof(fp);
-        else
-            ret = (long)feof(fp);
-        break;
-    case BIO_C_FILE_TELL:
-    case BIO_CTRL_INFO:
-        if (b->flags & BIO_FLAGS_UPLINK)
-            ret = UP_ftell(b->ptr);
-        else
-            ret = ftell(fp);
-        break;
-    case BIO_C_SET_FILE_PTR:
-        file_free(b);
-        b->shutdown = (int)num & BIO_CLOSE;
-        b->ptr = ptr;
-        b->init = 1;
-#  if BIO_FLAGS_UPLINK!=0
-#   if defined(__MINGW32__) && defined(__MSVCRT__) && !defined(_IOB_ENTRIES)
-#    define _IOB_ENTRIES 20
-#   endif
-        /* Safety net to catch purely internal BIO_set_fp calls */
-#   if defined(_MSC_VER) && _MSC_VER>=1900
-        if (ptr == stdin || ptr == stdout || ptr == stderr)
-            BIO_clear_flags(b, BIO_FLAGS_UPLINK);
-#   elif defined(_IOB_ENTRIES)
-        if ((size_t)ptr >= (size_t)stdin &&
-            (size_t)ptr < (size_t)(stdin + _IOB_ENTRIES))
-            BIO_clear_flags(b, BIO_FLAGS_UPLINK);
-#   endif
-#  endif
-#  ifdef UP_fsetmod
-        if (b->flags & BIO_FLAGS_UPLINK)
-            UP_fsetmod(b->ptr, (char)((num & BIO_FP_TEXT) ? 't' : 'b'));
-        else
-#  endif
-        {
-#  if defined(OPENSSL_SYS_WINDOWS)
-            int fd = _fileno((FILE *)ptr);
-            if (num & BIO_FP_TEXT)
-                _setmode(fd, _O_TEXT);
-            else
-                _setmode(fd, _O_BINARY);
-#  elif defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_CLIB)
-            int fd = fileno((FILE *)ptr);
-            /* Under CLib there are differences in file modes */
-            if (num & BIO_FP_TEXT)
-                setmode(fd, O_TEXT);
-            else
-                setmode(fd, O_BINARY);
-#  elif defined(OPENSSL_SYS_MSDOS)
-            int fd = fileno((FILE *)ptr);
-            /* Set correct text/binary mode */
-            if (num & BIO_FP_TEXT)
-                _setmode(fd, _O_TEXT);
-            /* Dangerous to set stdin/stdout to raw (unless redirected) */
-            else {
-                if (fd == STDIN_FILENO || fd == STDOUT_FILENO) {
-                    if (isatty(fd) <= 0)
-                        _setmode(fd, _O_BINARY);
-                } else
-                    _setmode(fd, _O_BINARY);
-            }
-#  elif defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_WIN32_CYGWIN)
-            int fd = fileno((FILE *)ptr);
-            if (num & BIO_FP_TEXT)
-                setmode(fd, O_TEXT);
-            else
-                setmode(fd, O_BINARY);
-#  endif
-        }
-        break;
-    case BIO_C_SET_FILENAME:
-        file_free(b);
-        b->shutdown = (int)num & BIO_CLOSE;
-        if (num & BIO_FP_APPEND) {
-            if (num & BIO_FP_READ)
-                BUF_strlcpy(p, "a+", sizeof p);
-            else
-                BUF_strlcpy(p, "a", sizeof p);
-        } else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE))
-            BUF_strlcpy(p, "r+", sizeof p);
-        else if (num & BIO_FP_WRITE)
-            BUF_strlcpy(p, "w", sizeof p);
-        else if (num & BIO_FP_READ)
-            BUF_strlcpy(p, "r", sizeof p);
-        else {
-            BIOerr(BIO_F_FILE_CTRL, BIO_R_BAD_FOPEN_MODE);
-            ret = 0;
-            break;
-        }
-#  if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_WIN32_CYGWIN)
-        if (!(num & BIO_FP_TEXT))
-            strcat(p, "b");
-        else
-            strcat(p, "t");
-#  endif
-#  if defined(OPENSSL_SYS_NETWARE)
-        if (!(num & BIO_FP_TEXT))
-            strcat(p, "b");
-        else
-            strcat(p, "t");
-#  endif
-        fp = file_fopen(ptr, p);
-        if (fp == NULL) {
-            SYSerr(SYS_F_FOPEN, get_last_sys_error());
-            ERR_add_error_data(5, "fopen('", ptr, "','", p, "')");
-            BIOerr(BIO_F_FILE_CTRL, ERR_R_SYS_LIB);
-            ret = 0;
-            break;
-        }
-        b->ptr = fp;
-        b->init = 1;
-        BIO_clear_flags(b, BIO_FLAGS_UPLINK); /* we did fopen -> we disengage
-                                               * UPLINK */
-        break;
-    case BIO_C_GET_FILE_PTR:
-        /* the ptr parameter is actually a FILE ** in this case. */
-        if (ptr != NULL) {
-            fpp = (FILE **)ptr;
-            *fpp = (FILE *)b->ptr;
-        }
-        break;
-    case BIO_CTRL_GET_CLOSE:
-        ret = (long)b->shutdown;
-        break;
-    case BIO_CTRL_SET_CLOSE:
-        b->shutdown = (int)num;
-        break;
-    case BIO_CTRL_FLUSH:
-        st = b->flags & BIO_FLAGS_UPLINK
-                ? UP_fflush(b->ptr) : fflush((FILE *)b->ptr);
-        if (st == EOF) {
-            SYSerr(SYS_F_FFLUSH, get_last_sys_error());
-            ERR_add_error_data(1, "fflush()");
-            BIOerr(BIO_F_FILE_CTRL, ERR_R_SYS_LIB);
-            ret = 0;
-        }
-        break;
-    case BIO_CTRL_DUP:
-        ret = 1;
-        break;
-
-    case BIO_CTRL_WPENDING:
-    case BIO_CTRL_PENDING:
-    case BIO_CTRL_PUSH:
-    case BIO_CTRL_POP:
-    default:
-        ret = 0;
-        break;
-    }
-    return (ret);
-}
-
-static int MS_CALLBACK file_gets(BIO *bp, char *buf, int size)
-{
-    int ret = 0;
-
-    buf[0] = '\0';
-    if (bp->flags & BIO_FLAGS_UPLINK) {
-        if (!UP_fgets(buf, size, bp->ptr))
-            goto err;
-    } else {
-        if (!fgets(buf, size, (FILE *)bp->ptr))
-            goto err;
-    }
-    if (buf[0] != '\0')
-        ret = strlen(buf);
- err:
-    return (ret);
-}
-
-static int MS_CALLBACK file_puts(BIO *bp, const char *str)
-{
-    int n, ret;
-
-    n = strlen(str);
-    ret = file_write(bp, str, n);
-    return (ret);
-}
-
-# endif                         /* OPENSSL_NO_STDIO */
-
-#endif                          /* HEADER_BSS_FILE_C */
diff --git a/thirdparty/openssl/crypto/bio/bss_log.c b/thirdparty/openssl/crypto/bio/bss_log.c
deleted file mode 100644
index 1283a525b4..0000000000
--- a/thirdparty/openssl/crypto/bio/bss_log.c
+++ /dev/null
@@ -1,453 +0,0 @@
-/* crypto/bio/bss_log.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * Why BIO_s_log?
- *
- * BIO_s_log is useful for system daemons (or services under NT). It is
- * one-way BIO, it sends all stuff to syslogd (on system that commonly use
- * that), or event log (on NT), or OPCOM (on OpenVMS).
- *
- */
-
-#include <stdio.h>
-#include <errno.h>
-
-#include "cryptlib.h"
-
-#if defined(OPENSSL_SYS_WINCE)
-#elif defined(OPENSSL_SYS_WIN32)
-#elif defined(OPENSSL_SYS_VMS)
-# include <opcdef.h>
-# include <descrip.h>
-# include <lib$routines.h>
-# include <starlet.h>
-/* Some compiler options may mask the declaration of "_malloc32". */
-# if __INITIAL_POINTER_SIZE && defined _ANSI_C_SOURCE
-#  if __INITIAL_POINTER_SIZE == 64
-#   pragma pointer_size save
-#   pragma pointer_size 32
-void *_malloc32(__size_t);
-#   pragma pointer_size restore
-#  endif                        /* __INITIAL_POINTER_SIZE == 64 */
-# endif                         /* __INITIAL_POINTER_SIZE && defined
-                                 * _ANSI_C_SOURCE */
-#elif defined(__ultrix)
-# include <sys/syslog.h>
-#elif defined(OPENSSL_SYS_NETWARE)
-# define NO_SYSLOG
-#elif (!defined(MSDOS) || defined(WATT32)) && !defined(OPENSSL_SYS_VXWORKS) && !defined(NO_SYSLOG)
-# include <syslog.h>
-#endif
-
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-#ifndef NO_SYSLOG
-
-# if defined(OPENSSL_SYS_WIN32)
-#  define LOG_EMERG       0
-#  define LOG_ALERT       1
-#  define LOG_CRIT        2
-#  define LOG_ERR         3
-#  define LOG_WARNING     4
-#  define LOG_NOTICE      5
-#  define LOG_INFO        6
-#  define LOG_DEBUG       7
-
-#  define LOG_DAEMON      (3<<3)
-# elif defined(OPENSSL_SYS_VMS)
-/* On VMS, we don't really care about these, but we need them to compile */
-#  define LOG_EMERG       0
-#  define LOG_ALERT       1
-#  define LOG_CRIT        2
-#  define LOG_ERR         3
-#  define LOG_WARNING     4
-#  define LOG_NOTICE      5
-#  define LOG_INFO        6
-#  define LOG_DEBUG       7
-
-#  define LOG_DAEMON      OPC$M_NM_NTWORK
-# endif
-
-static int MS_CALLBACK slg_write(BIO *h, const char *buf, int num);
-static int MS_CALLBACK slg_puts(BIO *h, const char *str);
-static long MS_CALLBACK slg_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int MS_CALLBACK slg_new(BIO *h);
-static int MS_CALLBACK slg_free(BIO *data);
-static void xopenlog(BIO *bp, char *name, int level);
-static void xsyslog(BIO *bp, int priority, const char *string);
-static void xcloselog(BIO *bp);
-
-static BIO_METHOD methods_slg = {
-    BIO_TYPE_MEM, "syslog",
-    slg_write,
-    NULL,
-    slg_puts,
-    NULL,
-    slg_ctrl,
-    slg_new,
-    slg_free,
-    NULL,
-};
-
-BIO_METHOD *BIO_s_log(void)
-{
-    return (&methods_slg);
-}
-
-static int MS_CALLBACK slg_new(BIO *bi)
-{
-    bi->init = 1;
-    bi->num = 0;
-    bi->ptr = NULL;
-    xopenlog(bi, "application", LOG_DAEMON);
-    return (1);
-}
-
-static int MS_CALLBACK slg_free(BIO *a)
-{
-    if (a == NULL)
-        return (0);
-    xcloselog(a);
-    return (1);
-}
-
-static int MS_CALLBACK slg_write(BIO *b, const char *in, int inl)
-{
-    int ret = inl;
-    char *buf;
-    char *pp;
-    int priority, i;
-    static const struct {
-        int strl;
-        char str[10];
-        int log_level;
-    } mapping[] = {
-        {
-            6, "PANIC ", LOG_EMERG
-        },
-        {
-            6, "EMERG ", LOG_EMERG
-        },
-        {
-            4, "EMR ", LOG_EMERG
-        },
-        {
-            6, "ALERT ", LOG_ALERT
-        },
-        {
-            4, "ALR ", LOG_ALERT
-        },
-        {
-            5, "CRIT ", LOG_CRIT
-        },
-        {
-            4, "CRI ", LOG_CRIT
-        },
-        {
-            6, "ERROR ", LOG_ERR
-        },
-        {
-            4, "ERR ", LOG_ERR
-        },
-        {
-            8, "WARNING ", LOG_WARNING
-        },
-        {
-            5, "WARN ", LOG_WARNING
-        },
-        {
-            4, "WAR ", LOG_WARNING
-        },
-        {
-            7, "NOTICE ", LOG_NOTICE
-        },
-        {
-            5, "NOTE ", LOG_NOTICE
-        },
-        {
-            4, "NOT ", LOG_NOTICE
-        },
-        {
-            5, "INFO ", LOG_INFO
-        },
-        {
-            4, "INF ", LOG_INFO
-        },
-        {
-            6, "DEBUG ", LOG_DEBUG
-        },
-        {
-            4, "DBG ", LOG_DEBUG
-        },
-        {
-            0, "", LOG_ERR
-        }
-        /* The default */
-    };
-
-    if ((buf = (char *)OPENSSL_malloc(inl + 1)) == NULL) {
-        return (0);
-    }
-    strncpy(buf, in, inl);
-    buf[inl] = '\0';
-
-    i = 0;
-    while (strncmp(buf, mapping[i].str, mapping[i].strl) != 0)
-        i++;
-    priority = mapping[i].log_level;
-    pp = buf + mapping[i].strl;
-
-    xsyslog(b, priority, pp);
-
-    OPENSSL_free(buf);
-    return (ret);
-}
-
-static long MS_CALLBACK slg_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-    switch (cmd) {
-    case BIO_CTRL_SET:
-        xcloselog(b);
-        xopenlog(b, ptr, num);
-        break;
-    default:
-        break;
-    }
-    return (0);
-}
-
-static int MS_CALLBACK slg_puts(BIO *bp, const char *str)
-{
-    int n, ret;
-
-    n = strlen(str);
-    ret = slg_write(bp, str, n);
-    return (ret);
-}
-
-# if defined(OPENSSL_SYS_WIN32)
-
-static void xopenlog(BIO *bp, char *name, int level)
-{
-    if (check_winnt())
-        bp->ptr = RegisterEventSourceA(NULL, name);
-    else
-        bp->ptr = NULL;
-}
-
-static void xsyslog(BIO *bp, int priority, const char *string)
-{
-    LPCSTR lpszStrings[2];
-    WORD evtype = EVENTLOG_ERROR_TYPE;
-    char pidbuf[DECIMAL_SIZE(DWORD) + 4];
-
-    if (bp->ptr == NULL)
-        return;
-
-    switch (priority) {
-    case LOG_EMERG:
-    case LOG_ALERT:
-    case LOG_CRIT:
-    case LOG_ERR:
-        evtype = EVENTLOG_ERROR_TYPE;
-        break;
-    case LOG_WARNING:
-        evtype = EVENTLOG_WARNING_TYPE;
-        break;
-    case LOG_NOTICE:
-    case LOG_INFO:
-    case LOG_DEBUG:
-        evtype = EVENTLOG_INFORMATION_TYPE;
-        break;
-    default:
-        /*
-         * Should never happen, but set it
-         * as error anyway.
-         */
-        evtype = EVENTLOG_ERROR_TYPE;
-        break;
-    }
-
-    sprintf(pidbuf, "[%u] ", GetCurrentProcessId());
-    lpszStrings[0] = pidbuf;
-    lpszStrings[1] = string;
-
-    ReportEventA(bp->ptr, evtype, 0, 1024, NULL, 2, 0, lpszStrings, NULL);
-}
-
-static void xcloselog(BIO *bp)
-{
-    if (bp->ptr)
-        DeregisterEventSource((HANDLE) (bp->ptr));
-    bp->ptr = NULL;
-}
-
-# elif defined(OPENSSL_SYS_VMS)
-
-static int VMS_OPC_target = LOG_DAEMON;
-
-static void xopenlog(BIO *bp, char *name, int level)
-{
-    VMS_OPC_target = level;
-}
-
-static void xsyslog(BIO *bp, int priority, const char *string)
-{
-    struct dsc$descriptor_s opc_dsc;
-
-/* Arrange 32-bit pointer to opcdef buffer and malloc(), if needed. */
-#  if __INITIAL_POINTER_SIZE == 64
-#   pragma pointer_size save
-#   pragma pointer_size 32
-#   define OPCDEF_TYPE __char_ptr32
-#   define OPCDEF_MALLOC _malloc32
-#  else                         /* __INITIAL_POINTER_SIZE == 64 */
-#   define OPCDEF_TYPE char *
-#   define OPCDEF_MALLOC OPENSSL_malloc
-#  endif                        /* __INITIAL_POINTER_SIZE == 64 [else] */
-
-    struct opcdef *opcdef_p;
-
-#  if __INITIAL_POINTER_SIZE == 64
-#   pragma pointer_size restore
-#  endif                        /* __INITIAL_POINTER_SIZE == 64 */
-
-    char buf[10240];
-    unsigned int len;
-    struct dsc$descriptor_s buf_dsc;
-    $DESCRIPTOR(fao_cmd, "!AZ: !AZ");
-    char *priority_tag;
-
-    switch (priority) {
-    case LOG_EMERG:
-        priority_tag = "Emergency";
-        break;
-    case LOG_ALERT:
-        priority_tag = "Alert";
-        break;
-    case LOG_CRIT:
-        priority_tag = "Critical";
-        break;
-    case LOG_ERR:
-        priority_tag = "Error";
-        break;
-    case LOG_WARNING:
-        priority_tag = "Warning";
-        break;
-    case LOG_NOTICE:
-        priority_tag = "Notice";
-        break;
-    case LOG_INFO:
-        priority_tag = "Info";
-        break;
-    case LOG_DEBUG:
-        priority_tag = "DEBUG";
-        break;
-    }
-
-    buf_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
-    buf_dsc.dsc$b_class = DSC$K_CLASS_S;
-    buf_dsc.dsc$a_pointer = buf;
-    buf_dsc.dsc$w_length = sizeof(buf) - 1;
-
-    lib$sys_fao(&fao_cmd, &len, &buf_dsc, priority_tag, string);
-
-    /* We know there's an 8-byte header.  That's documented. */
-    opcdef_p = OPCDEF_MALLOC(8 + len);
-    opcdef_p->opc$b_ms_type = OPC$_RQ_RQST;
-    memcpy(opcdef_p->opc$z_ms_target_classes, &VMS_OPC_target, 3);
-    opcdef_p->opc$l_ms_rqstid = 0;
-    memcpy(&opcdef_p->opc$l_ms_text, buf, len);
-
-    opc_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
-    opc_dsc.dsc$b_class = DSC$K_CLASS_S;
-    opc_dsc.dsc$a_pointer = (OPCDEF_TYPE) opcdef_p;
-    opc_dsc.dsc$w_length = len + 8;
-
-    sys$sndopr(opc_dsc, 0);
-
-    OPENSSL_free(opcdef_p);
-}
-
-static void xcloselog(BIO *bp)
-{
-}
-
-# else                          /* Unix/Watt32 */
-
-static void xopenlog(BIO *bp, char *name, int level)
-{
-#  ifdef WATT32                 /* djgpp/DOS */
-    openlog(name, LOG_PID | LOG_CONS | LOG_NDELAY, level);
-#  else
-    openlog(name, LOG_PID | LOG_CONS, level);
-#  endif
-}
-
-static void xsyslog(BIO *bp, int priority, const char *string)
-{
-    syslog(priority, "%s", string);
-}
-
-static void xcloselog(BIO *bp)
-{
-    closelog();
-}
-
-# endif                         /* Unix */
-
-#endif                          /* NO_SYSLOG */
diff --git a/thirdparty/openssl/crypto/bio/bss_mem.c b/thirdparty/openssl/crypto/bio/bss_mem.c
deleted file mode 100644
index b0394a960d..0000000000
--- a/thirdparty/openssl/crypto/bio/bss_mem.c
+++ /dev/null
@@ -1,313 +0,0 @@
-/* crypto/bio/bss_mem.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-static int mem_write(BIO *h, const char *buf, int num);
-static int mem_read(BIO *h, char *buf, int size);
-static int mem_puts(BIO *h, const char *str);
-static int mem_gets(BIO *h, char *str, int size);
-static long mem_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int mem_new(BIO *h);
-static int mem_free(BIO *data);
-static BIO_METHOD mem_method = {
-    BIO_TYPE_MEM,
-    "memory buffer",
-    mem_write,
-    mem_read,
-    mem_puts,
-    mem_gets,
-    mem_ctrl,
-    mem_new,
-    mem_free,
-    NULL,
-};
-
-/*
- * bio->num is used to hold the value to return on 'empty', if it is 0,
- * should_retry is not set
- */
-
-BIO_METHOD *BIO_s_mem(void)
-{
-    return (&mem_method);
-}
-
-
-BIO *BIO_new_mem_buf(const void *buf, int len)
-{
-    BIO *ret;
-    BUF_MEM *b;
-    size_t sz;
-
-    if (!buf) {
-        BIOerr(BIO_F_BIO_NEW_MEM_BUF, BIO_R_NULL_PARAMETER);
-        return NULL;
-    }
-    sz = (len < 0) ? strlen(buf) : (size_t)len;
-    if (!(ret = BIO_new(BIO_s_mem())))
-        return NULL;
-    b = (BUF_MEM *)ret->ptr;
-    /* Cast away const and trust in the MEM_RDONLY flag. */
-    b->data = (void *)buf;
-    b->length = sz;
-    b->max = sz;
-    ret->flags |= BIO_FLAGS_MEM_RDONLY;
-    /* Since this is static data retrying wont help */
-    ret->num = 0;
-    return ret;
-}
-
-static int mem_new(BIO *bi)
-{
-    BUF_MEM *b;
-
-    if ((b = BUF_MEM_new()) == NULL)
-        return (0);
-    bi->shutdown = 1;
-    bi->init = 1;
-    bi->num = -1;
-    bi->ptr = (char *)b;
-    return (1);
-}
-
-static int mem_free(BIO *a)
-{
-    if (a == NULL)
-        return (0);
-    if (a->shutdown) {
-        if ((a->init) && (a->ptr != NULL)) {
-            BUF_MEM *b;
-            b = (BUF_MEM *)a->ptr;
-            if (a->flags & BIO_FLAGS_MEM_RDONLY)
-                b->data = NULL;
-            BUF_MEM_free(b);
-            a->ptr = NULL;
-        }
-    }
-    return (1);
-}
-
-static int mem_read(BIO *b, char *out, int outl)
-{
-    int ret = -1;
-    BUF_MEM *bm;
-
-    bm = (BUF_MEM *)b->ptr;
-    BIO_clear_retry_flags(b);
-    ret = (outl >= 0 && (size_t)outl > bm->length) ? (int)bm->length : outl;
-    if ((out != NULL) && (ret > 0)) {
-        memcpy(out, bm->data, ret);
-        bm->length -= ret;
-        if (b->flags & BIO_FLAGS_MEM_RDONLY)
-            bm->data += ret;
-        else {
-            memmove(&(bm->data[0]), &(bm->data[ret]), bm->length);
-        }
-    } else if (bm->length == 0) {
-        ret = b->num;
-        if (ret != 0)
-            BIO_set_retry_read(b);
-    }
-    return (ret);
-}
-
-static int mem_write(BIO *b, const char *in, int inl)
-{
-    int ret = -1;
-    int blen;
-    BUF_MEM *bm;
-
-    bm = (BUF_MEM *)b->ptr;
-    if (in == NULL) {
-        BIOerr(BIO_F_MEM_WRITE, BIO_R_NULL_PARAMETER);
-        goto end;
-    }
-
-    if (b->flags & BIO_FLAGS_MEM_RDONLY) {
-        BIOerr(BIO_F_MEM_WRITE, BIO_R_WRITE_TO_READ_ONLY_BIO);
-        goto end;
-    }
-
-    BIO_clear_retry_flags(b);
-    blen = bm->length;
-    if (BUF_MEM_grow_clean(bm, blen + inl) != (blen + inl))
-        goto end;
-    memcpy(&(bm->data[blen]), in, inl);
-    ret = inl;
- end:
-    return (ret);
-}
-
-static long mem_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-    long ret = 1;
-    char **pptr;
-
-    BUF_MEM *bm = (BUF_MEM *)b->ptr;
-
-    switch (cmd) {
-    case BIO_CTRL_RESET:
-        if (bm->data != NULL) {
-            /* For read only case reset to the start again */
-            if (b->flags & BIO_FLAGS_MEM_RDONLY) {
-                bm->data -= bm->max - bm->length;
-                bm->length = bm->max;
-            } else {
-                memset(bm->data, 0, bm->max);
-                bm->length = 0;
-            }
-        }
-        break;
-    case BIO_CTRL_EOF:
-        ret = (long)(bm->length == 0);
-        break;
-    case BIO_C_SET_BUF_MEM_EOF_RETURN:
-        b->num = (int)num;
-        break;
-    case BIO_CTRL_INFO:
-        ret = (long)bm->length;
-        if (ptr != NULL) {
-            pptr = (char **)ptr;
-            *pptr = (char *)&(bm->data[0]);
-        }
-        break;
-    case BIO_C_SET_BUF_MEM:
-        mem_free(b);
-        b->shutdown = (int)num;
-        b->ptr = ptr;
-        break;
-    case BIO_C_GET_BUF_MEM_PTR:
-        if (ptr != NULL) {
-            pptr = (char **)ptr;
-            *pptr = (char *)bm;
-        }
-        break;
-    case BIO_CTRL_GET_CLOSE:
-        ret = (long)b->shutdown;
-        break;
-    case BIO_CTRL_SET_CLOSE:
-        b->shutdown = (int)num;
-        break;
-
-    case BIO_CTRL_WPENDING:
-        ret = 0L;
-        break;
-    case BIO_CTRL_PENDING:
-        ret = (long)bm->length;
-        break;
-    case BIO_CTRL_DUP:
-    case BIO_CTRL_FLUSH:
-        ret = 1;
-        break;
-    case BIO_CTRL_PUSH:
-    case BIO_CTRL_POP:
-    default:
-        ret = 0;
-        break;
-    }
-    return (ret);
-}
-
-static int mem_gets(BIO *bp, char *buf, int size)
-{
-    int i, j;
-    int ret = -1;
-    char *p;
-    BUF_MEM *bm = (BUF_MEM *)bp->ptr;
-
-    BIO_clear_retry_flags(bp);
-    j = bm->length;
-    if ((size - 1) < j)
-        j = size - 1;
-    if (j <= 0) {
-        *buf = '\0';
-        return 0;
-    }
-    p = bm->data;
-    for (i = 0; i < j; i++) {
-        if (p[i] == '\n') {
-            i++;
-            break;
-        }
-    }
-
-    /*
-     * i is now the max num of bytes to copy, either j or up to
-     * and including the first newline
-     */
-
-    i = mem_read(bp, buf, i);
-    if (i > 0)
-        buf[i] = '\0';
-    ret = i;
-    return (ret);
-}
-
-static int mem_puts(BIO *bp, const char *str)
-{
-    int n, ret;
-
-    n = strlen(str);
-    ret = mem_write(bp, str, n);
-    /* memory semantics is that it will always work */
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/bio/bss_null.c b/thirdparty/openssl/crypto/bio/bss_null.c
deleted file mode 100644
index 6a03fa2465..0000000000
--- a/thirdparty/openssl/crypto/bio/bss_null.c
+++ /dev/null
@@ -1,149 +0,0 @@
-/* crypto/bio/bss_null.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-static int null_write(BIO *h, const char *buf, int num);
-static int null_read(BIO *h, char *buf, int size);
-static int null_puts(BIO *h, const char *str);
-static int null_gets(BIO *h, char *str, int size);
-static long null_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int null_new(BIO *h);
-static int null_free(BIO *data);
-static BIO_METHOD null_method = {
-    BIO_TYPE_NULL,
-    "NULL",
-    null_write,
-    null_read,
-    null_puts,
-    null_gets,
-    null_ctrl,
-    null_new,
-    null_free,
-    NULL,
-};
-
-BIO_METHOD *BIO_s_null(void)
-{
-    return (&null_method);
-}
-
-static int null_new(BIO *bi)
-{
-    bi->init = 1;
-    bi->num = 0;
-    bi->ptr = (NULL);
-    return (1);
-}
-
-static int null_free(BIO *a)
-{
-    if (a == NULL)
-        return (0);
-    return (1);
-}
-
-static int null_read(BIO *b, char *out, int outl)
-{
-    return (0);
-}
-
-static int null_write(BIO *b, const char *in, int inl)
-{
-    return (inl);
-}
-
-static long null_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-    long ret = 1;
-
-    switch (cmd) {
-    case BIO_CTRL_RESET:
-    case BIO_CTRL_EOF:
-    case BIO_CTRL_SET:
-    case BIO_CTRL_SET_CLOSE:
-    case BIO_CTRL_FLUSH:
-    case BIO_CTRL_DUP:
-        ret = 1;
-        break;
-    case BIO_CTRL_GET_CLOSE:
-    case BIO_CTRL_INFO:
-    case BIO_CTRL_GET:
-    case BIO_CTRL_PENDING:
-    case BIO_CTRL_WPENDING:
-    default:
-        ret = 0;
-        break;
-    }
-    return (ret);
-}
-
-static int null_gets(BIO *bp, char *buf, int size)
-{
-    return (0);
-}
-
-static int null_puts(BIO *bp, const char *str)
-{
-    if (str == NULL)
-        return (0);
-    return (strlen(str));
-}
diff --git a/thirdparty/openssl/crypto/bio/bss_rtcp.c b/thirdparty/openssl/crypto/bio/bss_rtcp.c
deleted file mode 100644
index 5c98a8234d..0000000000
--- a/thirdparty/openssl/crypto/bio/bss_rtcp.c
+++ /dev/null
@@ -1,321 +0,0 @@
-/* crypto/bio/bss_rtcp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*-
- * Written by David L. Jones <jonesd@kcgl1.eng.ohio-state.edu>
- * Date:   22-JUL-1996
- * Revised: 25-SEP-1997         Update for 0.8.1, BIO_CTRL_SET -> BIO_C_SET_FD
- */
-/* VMS */
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-
-#include <iodef.h>              /* VMS IO$_ definitions */
-#include <starlet.h>
-
-typedef unsigned short io_channel;
-/*************************************************************************/
-struct io_status {
-    short status, count;
-    long flags;
-};
-
-/* Should have member alignment inhibited */
-struct rpc_msg {
-    /* 'A'-app data. 'R'-remote client 'G'-global */
-    char channel;
-    /* 'G'-get, 'P'-put, 'C'-confirm, 'X'-close */
-    char function;
-    /* Amount of data returned or max to return */
-    unsigned short int length;
-    /* variable data */
-    char data[4092];
-};
-#define RPC_HDR_SIZE (sizeof(struct rpc_msg) - 4092)
-
-struct rpc_ctx {
-    int filled, pos;
-    struct rpc_msg msg;
-};
-
-static int rtcp_write(BIO *h, const char *buf, int num);
-static int rtcp_read(BIO *h, char *buf, int size);
-static int rtcp_puts(BIO *h, const char *str);
-static int rtcp_gets(BIO *h, char *str, int size);
-static long rtcp_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int rtcp_new(BIO *h);
-static int rtcp_free(BIO *data);
-
-static BIO_METHOD rtcp_method = {
-    BIO_TYPE_FD,
-    "RTCP",
-    rtcp_write,
-    rtcp_read,
-    rtcp_puts,
-    rtcp_gets,
-    rtcp_ctrl,
-    rtcp_new,
-    rtcp_free,
-    NULL,
-};
-
-BIO_METHOD *BIO_s_rtcp(void)
-{
-    return (&rtcp_method);
-}
-
-/*****************************************************************************/
-/*
- * Decnet I/O routines.
- */
-
-#ifdef __DECC
-# pragma message save
-# pragma message disable DOLLARID
-#endif
-
-static int get(io_channel chan, char *buffer, int maxlen, int *length)
-{
-    int status;
-    struct io_status iosb;
-    status = sys$qiow(0, chan, IO$_READVBLK, &iosb, 0, 0,
-                      buffer, maxlen, 0, 0, 0, 0);
-    if ((status & 1) == 1)
-        status = iosb.status;
-    if ((status & 1) == 1)
-        *length = iosb.count;
-    return status;
-}
-
-static int put(io_channel chan, char *buffer, int length)
-{
-    int status;
-    struct io_status iosb;
-    status = sys$qiow(0, chan, IO$_WRITEVBLK, &iosb, 0, 0,
-                      buffer, length, 0, 0, 0, 0);
-    if ((status & 1) == 1)
-        status = iosb.status;
-    return status;
-}
-
-#ifdef __DECC
-# pragma message restore
-#endif
-
-/***************************************************************************/
-
-static int rtcp_new(BIO *bi)
-{
-    struct rpc_ctx *ctx;
-    bi->init = 1;
-    bi->num = 0;
-    bi->flags = 0;
-    bi->ptr = OPENSSL_malloc(sizeof(struct rpc_ctx));
-    if (bi->ptr == NULL)
-        return (0);
-    ctx = (struct rpc_ctx *)bi->ptr;
-    ctx->filled = 0;
-    ctx->pos = 0;
-    return (1);
-}
-
-static int rtcp_free(BIO *a)
-{
-    if (a == NULL)
-        return (0);
-    if (a->ptr)
-        OPENSSL_free(a->ptr);
-    a->ptr = NULL;
-    return (1);
-}
-
-static int rtcp_read(BIO *b, char *out, int outl)
-{
-    int status, length;
-    struct rpc_ctx *ctx;
-    /*
-     * read data, return existing.
-     */
-    ctx = (struct rpc_ctx *)b->ptr;
-    if (ctx->pos < ctx->filled) {
-        length = ctx->filled - ctx->pos;
-        if (length > outl)
-            length = outl;
-        memmove(out, &ctx->msg.data[ctx->pos], length);
-        ctx->pos += length;
-        return length;
-    }
-    /*
-     * Requst more data from R channel.
-     */
-    ctx->msg.channel = 'R';
-    ctx->msg.function = 'G';
-    ctx->msg.length = sizeof(ctx->msg.data);
-    status = put(b->num, (char *)&ctx->msg, RPC_HDR_SIZE);
-    if ((status & 1) == 0) {
-        return -1;
-    }
-    /*
-     * Read.
-     */
-    ctx->pos = ctx->filled = 0;
-    status = get(b->num, (char *)&ctx->msg, sizeof(ctx->msg), &length);
-    if ((status & 1) == 0)
-        length = -1;
-    if (ctx->msg.channel != 'R' || ctx->msg.function != 'C') {
-        length = -1;
-    }
-    ctx->filled = length - RPC_HDR_SIZE;
-
-    if (ctx->pos < ctx->filled) {
-        length = ctx->filled - ctx->pos;
-        if (length > outl)
-            length = outl;
-        memmove(out, ctx->msg.data, length);
-        ctx->pos += length;
-        return length;
-    }
-
-    return length;
-}
-
-static int rtcp_write(BIO *b, const char *in, int inl)
-{
-    int status, i, segment, length;
-    struct rpc_ctx *ctx;
-    /*
-     * Output data, send in chunks no larger that sizeof(ctx->msg.data).
-     */
-    ctx = (struct rpc_ctx *)b->ptr;
-    for (i = 0; i < inl; i += segment) {
-        segment = inl - i;
-        if (segment > sizeof(ctx->msg.data))
-            segment = sizeof(ctx->msg.data);
-        ctx->msg.channel = 'R';
-        ctx->msg.function = 'P';
-        ctx->msg.length = segment;
-        memmove(ctx->msg.data, &in[i], segment);
-        status = put(b->num, (char *)&ctx->msg, segment + RPC_HDR_SIZE);
-        if ((status & 1) == 0) {
-            i = -1;
-            break;
-        }
-
-        status = get(b->num, (char *)&ctx->msg, sizeof(ctx->msg), &length);
-        if (((status & 1) == 0) || (length < RPC_HDR_SIZE)) {
-            i = -1;
-            break;
-        }
-        if ((ctx->msg.channel != 'R') || (ctx->msg.function != 'C')) {
-            printf("unexpected response when confirming put %c %c\n",
-                   ctx->msg.channel, ctx->msg.function);
-
-        }
-    }
-    return (i);
-}
-
-static long rtcp_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-    long ret = 1;
-
-    switch (cmd) {
-    case BIO_CTRL_RESET:
-    case BIO_CTRL_EOF:
-        ret = 1;
-        break;
-    case BIO_C_SET_FD:
-        b->num = num;
-        ret = 1;
-        break;
-    case BIO_CTRL_SET_CLOSE:
-    case BIO_CTRL_FLUSH:
-    case BIO_CTRL_DUP:
-        ret = 1;
-        break;
-    case BIO_CTRL_GET_CLOSE:
-    case BIO_CTRL_INFO:
-    case BIO_CTRL_GET:
-    case BIO_CTRL_PENDING:
-    case BIO_CTRL_WPENDING:
-    default:
-        ret = 0;
-        break;
-    }
-    return (ret);
-}
-
-static int rtcp_gets(BIO *bp, char *buf, int size)
-{
-    return (0);
-}
-
-static int rtcp_puts(BIO *bp, const char *str)
-{
-    int length;
-    if (str == NULL)
-        return (0);
-    length = strlen(str);
-    if (length == 0)
-        return (0);
-    return rtcp_write(bp, str, length);
-}
diff --git a/thirdparty/openssl/crypto/bio/bss_sock.c b/thirdparty/openssl/crypto/bio/bss_sock.c
deleted file mode 100644
index 6194d2c031..0000000000
--- a/thirdparty/openssl/crypto/bio/bss_sock.c
+++ /dev/null
@@ -1,287 +0,0 @@
-/* crypto/bio/bss_sock.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include "cryptlib.h"
-
-#ifndef OPENSSL_NO_SOCK
-
-# include <openssl/bio.h>
-
-# ifdef WATT32
-#  define sock_write SockWrite  /* Watt-32 uses same names */
-#  define sock_read  SockRead
-#  define sock_puts  SockPuts
-# endif
-
-static int sock_write(BIO *h, const char *buf, int num);
-static int sock_read(BIO *h, char *buf, int size);
-static int sock_puts(BIO *h, const char *str);
-static long sock_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int sock_new(BIO *h);
-static int sock_free(BIO *data);
-int BIO_sock_should_retry(int s);
-
-static BIO_METHOD methods_sockp = {
-    BIO_TYPE_SOCKET,
-    "socket",
-    sock_write,
-    sock_read,
-    sock_puts,
-    NULL,                       /* sock_gets, */
-    sock_ctrl,
-    sock_new,
-    sock_free,
-    NULL,
-};
-
-BIO_METHOD *BIO_s_socket(void)
-{
-    return (&methods_sockp);
-}
-
-BIO *BIO_new_socket(int fd, int close_flag)
-{
-    BIO *ret;
-
-    ret = BIO_new(BIO_s_socket());
-    if (ret == NULL)
-        return (NULL);
-    BIO_set_fd(ret, fd, close_flag);
-    return (ret);
-}
-
-static int sock_new(BIO *bi)
-{
-    bi->init = 0;
-    bi->num = 0;
-    bi->ptr = NULL;
-    bi->flags = 0;
-    return (1);
-}
-
-static int sock_free(BIO *a)
-{
-    if (a == NULL)
-        return (0);
-    if (a->shutdown) {
-        if (a->init) {
-            SHUTDOWN2(a->num);
-        }
-        a->init = 0;
-        a->flags = 0;
-    }
-    return (1);
-}
-
-static int sock_read(BIO *b, char *out, int outl)
-{
-    int ret = 0;
-
-    if (out != NULL) {
-        clear_socket_error();
-        ret = readsocket(b->num, out, outl);
-        BIO_clear_retry_flags(b);
-        if (ret <= 0) {
-            if (BIO_sock_should_retry(ret))
-                BIO_set_retry_read(b);
-        }
-    }
-    return (ret);
-}
-
-static int sock_write(BIO *b, const char *in, int inl)
-{
-    int ret;
-
-    clear_socket_error();
-    ret = writesocket(b->num, in, inl);
-    BIO_clear_retry_flags(b);
-    if (ret <= 0) {
-        if (BIO_sock_should_retry(ret))
-            BIO_set_retry_write(b);
-    }
-    return (ret);
-}
-
-static long sock_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-    long ret = 1;
-    int *ip;
-
-    switch (cmd) {
-    case BIO_C_SET_FD:
-        sock_free(b);
-        b->num = *((int *)ptr);
-        b->shutdown = (int)num;
-        b->init = 1;
-        break;
-    case BIO_C_GET_FD:
-        if (b->init) {
-            ip = (int *)ptr;
-            if (ip != NULL)
-                *ip = b->num;
-            ret = b->num;
-        } else
-            ret = -1;
-        break;
-    case BIO_CTRL_GET_CLOSE:
-        ret = b->shutdown;
-        break;
-    case BIO_CTRL_SET_CLOSE:
-        b->shutdown = (int)num;
-        break;
-    case BIO_CTRL_DUP:
-    case BIO_CTRL_FLUSH:
-        ret = 1;
-        break;
-    default:
-        ret = 0;
-        break;
-    }
-    return (ret);
-}
-
-static int sock_puts(BIO *bp, const char *str)
-{
-    int n, ret;
-
-    n = strlen(str);
-    ret = sock_write(bp, str, n);
-    return (ret);
-}
-
-int BIO_sock_should_retry(int i)
-{
-    int err;
-
-    if ((i == 0) || (i == -1)) {
-        err = get_last_socket_error();
-
-# if defined(OPENSSL_SYS_WINDOWS) && 0/* more microsoft stupidity? perhaps
-                                       * not? Ben 4/1/99 */
-        if ((i == -1) && (err == 0))
-            return (1);
-# endif
-
-        return (BIO_sock_non_fatal_error(err));
-    }
-    return (0);
-}
-
-int BIO_sock_non_fatal_error(int err)
-{
-    switch (err) {
-# if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_NETWARE)
-#  if defined(WSAEWOULDBLOCK)
-    case WSAEWOULDBLOCK:
-#  endif
-
-#  if 0                         /* This appears to always be an error */
-#   if defined(WSAENOTCONN)
-    case WSAENOTCONN:
-#   endif
-#  endif
-# endif
-
-# ifdef EWOULDBLOCK
-#  ifdef WSAEWOULDBLOCK
-#   if WSAEWOULDBLOCK != EWOULDBLOCK
-    case EWOULDBLOCK:
-#   endif
-#  else
-    case EWOULDBLOCK:
-#  endif
-# endif
-
-# if defined(ENOTCONN)
-    case ENOTCONN:
-# endif
-
-# ifdef EINTR
-    case EINTR:
-# endif
-
-# ifdef EAGAIN
-#  if EWOULDBLOCK != EAGAIN
-    case EAGAIN:
-#  endif
-# endif
-
-# ifdef EPROTO
-    case EPROTO:
-# endif
-
-# ifdef EINPROGRESS
-    case EINPROGRESS:
-# endif
-
-# ifdef EALREADY
-    case EALREADY:
-# endif
-        return (1);
-        /* break; */
-    default:
-        break;
-    }
-    return (0);
-}
-
-#endif                          /* #ifndef OPENSSL_NO_SOCK */
diff --git a/thirdparty/openssl/crypto/bn/asm/README b/thirdparty/openssl/crypto/bn/asm/README
deleted file mode 100644
index b0f3a68a06..0000000000
--- a/thirdparty/openssl/crypto/bn/asm/README
+++ /dev/null
@@ -1,27 +0,0 @@
-<OBSOLETE>
-
-All assember in this directory are just version of the file
-crypto/bn/bn_asm.c.
-
-Quite a few of these files are just the assember output from gcc since on 
-quite a few machines they are 2 times faster than the system compiler.
-
-For the x86, I have hand written assember because of the bad job all
-compilers seem to do on it.  This normally gives a 2 time speed up in the RSA
-routines.
-
-For the DEC alpha, I also hand wrote the assember (except the division which
-is just the output from the C compiler pasted on the end of the file).
-On the 2 alpha C compilers I had access to, it was not possible to do
-64b x 64b -> 128b calculations (both long and the long long data types
-were 64 bits).  So the hand assember gives access to the 128 bit result and
-a 2 times speedup :-).
-
-There are 3 versions of assember for the HP PA-RISC.
-
-pa-risc.s is the origional one which works fine and generated using gcc :-)
-
-pa-risc2W.s and pa-risc2.s are 64 and 32-bit PA-RISC 2.0 implementations
-by Chris Ruemmler from HP (with some help from the HP C compiler).
-
-</OBSOLETE>
diff --git a/thirdparty/openssl/crypto/bn/asm/vms.mar b/thirdparty/openssl/crypto/bn/asm/vms.mar
deleted file mode 100644
index aefab15cdb..0000000000
--- a/thirdparty/openssl/crypto/bn/asm/vms.mar
+++ /dev/null
@@ -1,6440 +0,0 @@
-	.title	vax_bn_mul_add_words  unsigned multiply & add, 32*32+32+32=>64
-;
-; w.j.m. 15-jan-1999
-;
-; it's magic ...
-;
-; ULONG bn_mul_add_words(ULONG r[],ULONG a[],int n,ULONG w) {
-;	ULONG c = 0;
-;	int i;
-;	for(i = 0; i < n; i++) <c,r[i]> := r[i] + c + a[i] * w ;
-;	return c;
-; }
-
-r=4 ;(AP)
-a=8 ;(AP)
-n=12 ;(AP)	n	by value (input)
-w=16 ;(AP)	w	by value (input)
-
-
-	.psect	code,nowrt
-
-.entry	bn_mul_add_words,^m<r2,r3,r4,r5,r6>
-
-	moval	@r(ap),r2
-	moval	@a(ap),r3
-	movl	n(ap),r4	; assumed >0 by C code
-	movl	w(ap),r5
-	clrl	r6		; c
-
-0$:
-	emul	r5,(r3),(r2),r0		; w, a[], r[] considered signed
-
-	; fixup for "negative" r[]
-	tstl	(r2)
-	bgeq	10$
-	incl	r1
-10$:
-
-	; add in c
-	addl2	r6,r0
-	adwc	#0,r1
-
-	; combined fixup for "negative" w, a[]
-	tstl	r5
-	bgeq	20$
-	addl2	(r3),r1
-20$:
-	tstl	(r3)
-	bgeq	30$
-	addl2	r5,r1
-30$:
-
-	movl	r0,(r2)+		; store lo result in r[] & advance
-	addl	#4,r3			; advance a[]
-	movl	r1,r6			; store hi result => c
-
-	sobgtr	r4,0$
-
-	movl	r6,r0			; return c
-	ret
-
-	.title	vax_bn_mul_words  unsigned multiply & add, 32*32+32=>64
-;
-; w.j.m. 15-jan-1999
-;
-; it's magic ...
-;
-; ULONG bn_mul_words(ULONG r[],ULONG a[],int n,ULONG w) {
-;	ULONG c = 0;
-;	int i;
-;	for(i = 0; i < num; i++) <c,r[i]> := a[i] * w + c ;
-;	return(c);
-; }
-
-r=4 ;(AP)
-a=8 ;(AP)
-n=12 ;(AP)	n	by value (input)
-w=16 ;(AP)	w	by value (input)
-
-
-	.psect	code,nowrt
-
-.entry	bn_mul_words,^m<r2,r3,r4,r5,r6>
-
-	moval	@r(ap),r2	; r2 -> r[]
-	moval	@a(ap),r3	; r3 -> a[]
-	movl	n(ap),r4	; r4 = loop count (assumed >0 by C code)
-	movl	w(ap),r5	; r5 = w
-	clrl	r6		; r6 = c
-
-0$:
-	; <r1,r0> := w * a[] + c
-	emul	r5,(r3),r6,r0		; w, a[], c considered signed
-
-	; fixup for "negative" c
-	tstl	r6			; c
-	bgeq	10$
-	incl	r1
-10$:
-
-	; combined fixup for "negative" w, a[]
-	tstl	r5			; w
-	bgeq	20$
-	addl2	(r3),r1			; a[]
-20$:
-	tstl	(r3)			; a[]
-	bgeq	30$
-	addl2	r5,r1			; w
-30$:
-
-	movl	r0,(r2)+		; store lo result in r[] & advance
-	addl	#4,r3			; advance a[]
-	movl	r1,r6			; store hi result => c
-
-	sobgtr	r4,0$
-
-	movl	r6,r0			; return c
-	ret
-
-	.title	vax_bn_sqr_words  unsigned square, 32*32=>64
-;
-; w.j.m. 15-jan-1999
-;
-; it's magic ...
-;
-; void bn_sqr_words(ULONG r[],ULONG a[],int n) {
-;	int i;
-;	for(i = 0; i < n; i++) <r[2*i+1],r[2*i]> := a[i] * a[i] ;
-; }
-
-r=4 ;(AP)
-a=8 ;(AP)
-n=12 ;(AP)	n	by value (input)
-
-
-	.psect	code,nowrt
-
-.entry	bn_sqr_words,^m<r2,r3,r4,r5>
-
-	moval	@r(ap),r2	; r2 -> r[]
-	moval	@a(ap),r3	; r3 -> a[]
-	movl	n(ap),r4	; r4 = n (assumed >0 by C code)
-
-0$:
-	movl	(r3)+,r5		; r5 = a[] & advance
-
-	; <r1,r0> := a[] * a[]
-	emul	r5,r5,#0,r0		; a[] considered signed
-
-	; fixup for "negative" a[]
-	tstl	r5			; a[]
-	bgeq	30$
-	addl2	r5,r1			; a[]
-	addl2	r5,r1			; a[]
-30$:
-
-	movl	r0,(r2)+		; store lo result in r[] & advance
-	movl	r1,(r2)+		; store hi result in r[] & advance
-
-	sobgtr	r4,0$
-
-	movl	#1,r0			; return SS$_NORMAL
-	ret
-
-	.title	vax_bn_div_words  unsigned divide
-;
-; Richard Levitte 20-Nov-2000
-;
-; ULONG bn_div_words(ULONG h, ULONG l, ULONG d)
-; {
-;	return ((ULONG)((((ULLONG)h)<<32)|l) / (ULLONG)d);
-; }
-;
-; Using EDIV would be very easy, if it didn't do signed calculations.
-; Any time any of the input numbers are signed, there are problems,
-; usually with integer overflow, at which point it returns useless
-; data (the quotient gets the value of l, and the remainder becomes 0).
-;
-; If it was just for the dividend, it would be very easy, just divide
-; it by 2 (unsigned), do the division, multiply the resulting quotient
-; and remainder by 2, add the bit that was dropped when dividing by 2
-; to the remainder, and do some adjustment so the remainder doesn't
-; end up larger than the divisor.  For some cases when the divisor is
-; negative (from EDIV's point of view, i.e. when the highest bit is set),
-; dividing the dividend by 2 isn't enough, and since some operations
-; might generate integer overflows even when the dividend is divided by
-; 4 (when the high part of the shifted down dividend ends up being exactly
-; half of the divisor, the result is the quotient 0x80000000, which is
-; negative...) it needs to be divided by 8.  Furthermore, the divisor needs
-; to be divided by 2 (unsigned) as well, to avoid more problems with the sign.
-; In this case, a little extra fiddling with the remainder is required.
-;
-; So, the simplest way to handle this is always to divide the dividend
-; by 8, and to divide the divisor by 2 if it's highest bit is set.
-; After EDIV has been used, the quotient gets multiplied by 8 if the
-; original divisor was positive, otherwise 4.  The remainder, oddly
-; enough, is *always* multiplied by 8.
-; NOTE: in the case mentioned above, where the high part of the shifted
-; down dividend ends up being exactly half the shifted down divisor, we
-; end up with a 33 bit quotient.  That's no problem however, it usually
-; means we have ended up with a too large remainder as well, and the
-; problem is fixed by the last part of the algorithm (next paragraph).
-;
-; The routine ends with comparing the resulting remainder with the
-; original divisor and if the remainder is larger, subtract the
-; original divisor from it, and increase the quotient by 1.  This is
-; done until the remainder is smaller than the divisor.
-;
-; The complete algorithm looks like this:
-;
-; d'    = d
-; l'    = l & 7
-; [h,l] = [h,l] >> 3
-; [q,r] = floor([h,l] / d)	# This is the EDIV operation
-; if (q < 0) q = -q		# I doubt this is necessary any more
-;
-; r'    = r >> 29
-; if (d' >= 0)
-;   q'  = q >> 29
-;   q   = q << 3
-; else
-;   q'  = q >> 30
-;   q   = q << 2
-; r     = (r << 3) + l'
-;
-; if (d' < 0)
-;   {
-;     [r',r] = [r',r] - q
-;     while ([r',r] < 0)
-;       {
-;         [r',r] = [r',r] + d
-;         [q',q] = [q',q] - 1
-;       }
-;   }
-;
-; while ([r',r] >= d')
-;   {
-;     [r',r] = [r',r] - d'
-;     [q',q] = [q',q] + 1
-;   }
-;
-; return q
-
-h=4 ;(AP)	h	by value (input)
-l=8 ;(AP)	l	by value (input)
-d=12 ;(AP)	d	by value (input)
-
-;r2 = l, q
-;r3 = h, r
-;r4 = d
-;r5 = l'
-;r6 = r'
-;r7 = d'
-;r8 = q'
-
-	.psect	code,nowrt
-
-.entry	bn_div_words,^m<r2,r3,r4,r5,r6,r7,r8>
-	movl	l(ap),r2
-	movl	h(ap),r3
-	movl	d(ap),r4
-
-	bicl3	#^XFFFFFFF8,r2,r5 ; l' = l & 7
-	bicl3	#^X00000007,r2,r2
-
-	bicl3	#^XFFFFFFF8,r3,r6
-	bicl3	#^X00000007,r3,r3
-        
-	addl	r6,r2
-
-	rotl	#-3,r2,r2	; l = l >> 3
-	rotl	#-3,r3,r3	; h = h >> 3
-                
-	movl	r4,r7		; d' = d
-
-	movl	#0,r6		; r' = 0
-	movl	#0,r8		; q' = 0
-
-	tstl	r4
-	beql	666$		; Uh-oh, the divisor is 0...
-	bgtr	1$
-	rotl	#-1,r4,r4	; If d is negative, shift it right.
-	bicl2	#^X80000000,r4	; Since d is then a large number, the
-				; lowest bit is insignificant
-				; (contradict that, and I'll fix the problem!)
-1$:     
-	ediv	r4,r2,r2,r3	; Do the actual division
-
-	tstl	r2
-	bgeq	3$
-	mnegl	r2,r2		; if q < 0, negate it
-3$:     
-	tstl	r7
-	blss	4$
-	rotl	#3,r2,r2	;   q = q << 3
-	bicl3	#^XFFFFFFF8,r2,r8 ;    q' gets the high bits from q
-	bicl3	#^X00000007,r2,r2
-	bsb	41$
-4$:				; else
-	rotl	#2,r2,r2	;   q = q << 2
-	bicl3	#^XFFFFFFFC,r2,r8 ;   q' gets the high bits from q
-	bicl3	#^X00000003,r2,r2
-41$:
-	rotl	#3,r3,r3	; r = r << 3
-	bicl3	#^XFFFFFFF8,r3,r6 ; r' gets the high bits from r
-	bicl3	#^X00000007,r3,r3
-	addl	r5,r3		; r = r + l'
-
-	tstl	r7
-	bgeq	5$
-	bitl	#1,r7
-	beql	5$		; if d' < 0 && d' & 1
-	subl	r2,r3		;   [r',r] = [r',r] - [q',q]
-	sbwc	r8,r6
-45$:
-	bgeq	5$		;   while r < 0
-	decl	r2		;     [q',q] = [q',q] - 1
-	sbwc	#0,r8
-	addl	r7,r3		;     [r',r] = [r',r] + d'
-	adwc	#0,r6
-	brb	45$
-
-; The return points are placed in the middle to keep a short distance from
-; all the branch points
-42$:
-;	movl	r3,r1
-	movl	r2,r0
-	ret
-666$:
-	movl	#^XFFFFFFFF,r0
-	ret
-
-5$:
-	tstl	r6
-	bneq	6$
-	cmpl	r3,r7
-	blssu	42$		; while [r',r] >= d'
-6$:
-	subl	r7,r3		;   [r',r] = [r',r] - d'
-	sbwc	#0,r6
-	incl	r2		;   [q',q] = [q',q] + 1
-	adwc	#0,r8
-	brb	5$	
-
-	.title	vax_bn_add_words  unsigned add of two arrays
-;
-; Richard Levitte 20-Nov-2000
-;
-; ULONG bn_add_words(ULONG r[], ULONG a[], ULONG b[], int n) {
-;	ULONG c = 0;
-;	int i;
-;	for (i = 0; i < n; i++) <c,r[i]> = a[i] + b[i] + c;
-;	return(c);
-; }
-
-r=4 ;(AP)	r	by reference (output)
-a=8 ;(AP)	a	by reference (input)
-b=12 ;(AP)	b	by reference (input)
-n=16 ;(AP)	n	by value (input)
-
-
-	.psect	code,nowrt
-
-.entry	bn_add_words,^m<r2,r3,r4,r5,r6>
-
-	moval	@r(ap),r2
-	moval	@a(ap),r3
-	moval	@b(ap),r4
-	movl	n(ap),r5	; assumed >0 by C code
-	clrl	r0		; c
-
-	tstl	r5		; carry = 0
-	bleq	666$
-
-0$:
-	movl	(r3)+,r6	; carry untouched
-	adwc	(r4)+,r6	; carry used and touched
-	movl	r6,(r2)+	; carry untouched
-	sobgtr	r5,0$		; carry untouched
-
-	adwc	#0,r0
-666$:
-	ret
-
-	.title	vax_bn_sub_words  unsigned add of two arrays
-;
-; Richard Levitte 20-Nov-2000
-;
-; ULONG bn_sub_words(ULONG r[], ULONG a[], ULONG b[], int n) {
-;	ULONG c = 0;
-;	int i;
-;	for (i = 0; i < n; i++) <c,r[i]> = a[i] - b[i] - c;
-;	return(c);
-; }
-
-r=4 ;(AP)	r	by reference (output)
-a=8 ;(AP)	a	by reference (input)
-b=12 ;(AP)	b	by reference (input)
-n=16 ;(AP)	n	by value (input)
-
-
-	.psect	code,nowrt
-
-.entry	bn_sub_words,^m<r2,r3,r4,r5,r6>
-
-	moval	@r(ap),r2
-	moval	@a(ap),r3
-	moval	@b(ap),r4
-	movl	n(ap),r5	; assumed >0 by C code
-	clrl	r0		; c
-
-	tstl	r5		; carry = 0
-	bleq	666$
-
-0$:
-	movl	(r3)+,r6	; carry untouched
-	sbwc	(r4)+,r6	; carry used and touched
-	movl	r6,(r2)+	; carry untouched
-	sobgtr	r5,0$		; carry untouched
-
-	adwc	#0,r0
-666$:
-	ret
-
-
-;r=4 ;(AP)
-;a=8 ;(AP)
-;b=12 ;(AP)
-;n=16 ;(AP)	n	by value (input)
-
-	.psect	code,nowrt
-
-.entry	BN_MUL_COMBA8,^m<r2,r3,r4,r5,r6,r7,r8,r9,r10,r11>
-	movab	-924(sp),sp
-	clrq	r8
-
-	clrl	r10
-
-	movl	8(ap),r6
-	movzwl	2(r6),r3
-	movl	12(ap),r7
-	bicl3	#-65536,(r7),r2
-	movzwl	2(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,(r6),-12(fp)
-	bicl3	#-65536,r3,-16(fp)
-	mull3	r0,-12(fp),-4(fp)
-	mull2	r2,-12(fp)
-	mull3	r2,-16(fp),-8(fp)
-	mull2	r0,-16(fp)
-	addl3	-4(fp),-8(fp),r0
-	bicl3	#0,r0,-4(fp)
-	cmpl	-4(fp),-8(fp)
-	bgequ	noname.45
-	addl2	#65536,-16(fp)
-noname.45:
-	movzwl	-2(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-16(fp)
-	bicl3	#-65536,-4(fp),r0
-	ashl	#16,r0,-8(fp)
-	addl3	-8(fp),-12(fp),r0
-	bicl3	#0,r0,-12(fp)
-	cmpl	-12(fp),-8(fp)
-	bgequ	noname.46
-	incl	-16(fp)
-noname.46:
-	movl	-12(fp),r1
-	movl	-16(fp),r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.47
-	incl	r2
-noname.47:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.48
-	incl	r10
-noname.48:
-
-	movl	4(ap),r11
-	movl	r9,(r11)
-
-	clrl	r9
-
-	movzwl	2(r6),r2
-	bicl3	#-65536,4(r7),r3
-	movzwl	6(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,(r6),-28(fp)
-	bicl3	#-65536,r2,-32(fp)
-	mull3	r0,-28(fp),-20(fp)
-	mull2	r3,-28(fp)
-	mull3	r3,-32(fp),-24(fp)
-	mull2	r0,-32(fp)
-	addl3	-20(fp),-24(fp),r0
-	bicl3	#0,r0,-20(fp)
-	cmpl	-20(fp),-24(fp)
-	bgequ	noname.49
-	addl2	#65536,-32(fp)
-noname.49:
-	movzwl	-18(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-32(fp)
-	bicl3	#-65536,-20(fp),r0
-	ashl	#16,r0,-24(fp)
-	addl3	-24(fp),-28(fp),r0
-	bicl3	#0,r0,-28(fp)
-	cmpl	-28(fp),-24(fp)
-	bgequ	noname.50
-	incl	-32(fp)
-noname.50:
-	movl	-28(fp),r1
-	movl	-32(fp),r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.51
-	incl	r2
-noname.51:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.52
-	incl	r9
-noname.52:
-
-	movzwl	6(r6),r2
-	bicl3	#-65536,(r7),r3
-	movzwl	2(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,4(r6),-44(fp)
-	bicl3	#-65536,r2,-48(fp)
-	mull3	r0,-44(fp),-36(fp)
-	mull2	r3,-44(fp)
-	mull3	r3,-48(fp),-40(fp)
-	mull2	r0,-48(fp)
-	addl3	-36(fp),-40(fp),r0
-	bicl3	#0,r0,-36(fp)
-	cmpl	-36(fp),-40(fp)
-	bgequ	noname.53
-	addl2	#65536,-48(fp)
-noname.53:
-	movzwl	-34(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-48(fp)
-	bicl3	#-65536,-36(fp),r0
-	ashl	#16,r0,-40(fp)
-	addl3	-40(fp),-44(fp),r0
-	bicl3	#0,r0,-44(fp)
-	cmpl	-44(fp),-40(fp)
-	bgequ	noname.54
-	incl	-48(fp)
-noname.54:
-	movl	-44(fp),r1
-	movl	-48(fp),r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.55
-	incl	r2
-noname.55:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.56
-	incl	r9
-noname.56:
-
-	movl	r8,4(r11)
-
-	clrl	r8
-
-	movzwl	10(r6),r2
-	bicl3	#-65536,(r7),r3
-	movzwl	2(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,8(r6),-60(fp)
-	bicl3	#-65536,r2,-64(fp)
-	mull3	r0,-60(fp),-52(fp)
-	mull2	r3,-60(fp)
-	mull3	r3,-64(fp),-56(fp)
-	mull2	r0,-64(fp)
-	addl3	-52(fp),-56(fp),r0
-	bicl3	#0,r0,-52(fp)
-	cmpl	-52(fp),-56(fp)
-	bgequ	noname.57
-	addl2	#65536,-64(fp)
-noname.57:
-	movzwl	-50(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-64(fp)
-	bicl3	#-65536,-52(fp),r0
-	ashl	#16,r0,-56(fp)
-	addl3	-56(fp),-60(fp),r0
-	bicl3	#0,r0,-60(fp)
-	cmpl	-60(fp),-56(fp)
-	bgequ	noname.58
-	incl	-64(fp)
-noname.58:
-	movl	-60(fp),r1
-	movl	-64(fp),r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.59
-	incl	r2
-noname.59:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.60
-	incl	r8
-noname.60:
-
-	movzwl	6(r6),r2
-	bicl3	#-65536,4(r7),r3
-	movzwl	6(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,4(r6),-76(fp)
-	bicl3	#-65536,r2,-80(fp)
-	mull3	r0,-76(fp),-68(fp)
-	mull2	r3,-76(fp)
-	mull3	r3,-80(fp),-72(fp)
-	mull2	r0,-80(fp)
-	addl3	-68(fp),-72(fp),r0
-	bicl3	#0,r0,-68(fp)
-	cmpl	-68(fp),-72(fp)
-	bgequ	noname.61
-	addl2	#65536,-80(fp)
-noname.61:
-	movzwl	-66(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-80(fp)
-	bicl3	#-65536,-68(fp),r0
-	ashl	#16,r0,-72(fp)
-	addl3	-72(fp),-76(fp),r0
-	bicl3	#0,r0,-76(fp)
-	cmpl	-76(fp),-72(fp)
-	bgequ	noname.62
-	incl	-80(fp)
-noname.62:
-	movl	-76(fp),r1
-	movl	-80(fp),r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.63
-	incl	r2
-noname.63:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.64
-	incl	r8
-noname.64:
-
-	movzwl	2(r6),r2
-	bicl3	#-65536,8(r7),r3
-	movzwl	10(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,(r6),-92(fp)
-	bicl3	#-65536,r2,-96(fp)
-	mull3	r0,-92(fp),-84(fp)
-	mull2	r3,-92(fp)
-	mull3	r3,-96(fp),-88(fp)
-	mull2	r0,-96(fp)
-	addl3	-84(fp),-88(fp),r0
-	bicl3	#0,r0,-84(fp)
-	cmpl	-84(fp),-88(fp)
-	bgequ	noname.65
-	addl2	#65536,-96(fp)
-noname.65:
-	movzwl	-82(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-96(fp)
-	bicl3	#-65536,-84(fp),r0
-	ashl	#16,r0,-88(fp)
-	addl3	-88(fp),-92(fp),r0
-	bicl3	#0,r0,-92(fp)
-	cmpl	-92(fp),-88(fp)
-	bgequ	noname.66
-	incl	-96(fp)
-noname.66:
-	movl	-92(fp),r1
-	movl	-96(fp),r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.67
-	incl	r2
-noname.67:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.68
-	incl	r8
-noname.68:
-
-	movl	r10,8(r11)
-
-	clrl	r10
-
-	movzwl	2(r6),r2
-	bicl3	#-65536,12(r7),r3
-	movzwl	14(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,(r6),-108(fp)
-	bicl3	#-65536,r2,-112(fp)
-	mull3	r0,-108(fp),-100(fp)
-	mull2	r3,-108(fp)
-	mull3	r3,-112(fp),-104(fp)
-	mull2	r0,-112(fp)
-	addl3	-100(fp),-104(fp),r0
-	bicl3	#0,r0,-100(fp)
-	cmpl	-100(fp),-104(fp)
-	bgequ	noname.69
-	addl2	#65536,-112(fp)
-noname.69:
-	movzwl	-98(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-112(fp)
-	bicl3	#-65536,-100(fp),r0
-	ashl	#16,r0,-104(fp)
-	addl3	-104(fp),-108(fp),r0
-	bicl3	#0,r0,-108(fp)
-	cmpl	-108(fp),-104(fp)
-	bgequ	noname.70
-	incl	-112(fp)
-noname.70:
-	movl	-108(fp),r1
-	movl	-112(fp),r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.71
-	incl	r2
-noname.71:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.72
-	incl	r10
-noname.72:
-
-	movzwl	6(r6),r2
-	bicl3	#-65536,8(r7),r3
-	movzwl	10(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,4(r6),-124(fp)
-	bicl3	#-65536,r2,-128(fp)
-	mull3	r0,-124(fp),-116(fp)
-	mull2	r3,-124(fp)
-	mull3	r3,-128(fp),-120(fp)
-	mull2	r0,-128(fp)
-	addl3	-116(fp),-120(fp),r0
-	bicl3	#0,r0,-116(fp)
-	cmpl	-116(fp),-120(fp)
-	bgequ	noname.73
-	addl2	#65536,-128(fp)
-noname.73:
-	movzwl	-114(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-128(fp)
-	bicl3	#-65536,-116(fp),r0
-	ashl	#16,r0,-120(fp)
-	addl3	-120(fp),-124(fp),r0
-	bicl3	#0,r0,-124(fp)
-	cmpl	-124(fp),-120(fp)
-	bgequ	noname.74
-	incl	-128(fp)
-noname.74:
-	movl	-124(fp),r1
-	movl	-128(fp),r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.75
-	incl	r2
-noname.75:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.76
-	incl	r10
-noname.76:
-
-	movzwl	10(r6),r2
-	bicl3	#-65536,4(r7),r3
-	movzwl	6(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,8(r6),-140(fp)
-	bicl3	#-65536,r2,-144(fp)
-	mull3	r0,-140(fp),-132(fp)
-	mull2	r3,-140(fp)
-	mull3	r3,-144(fp),-136(fp)
-	mull2	r0,-144(fp)
-	addl3	-132(fp),-136(fp),r0
-	bicl3	#0,r0,-132(fp)
-	cmpl	-132(fp),-136(fp)
-	bgequ	noname.77
-	addl2	#65536,-144(fp)
-noname.77:
-	movzwl	-130(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-144(fp)
-	bicl3	#-65536,-132(fp),r0
-	ashl	#16,r0,-136(fp)
-	addl3	-136(fp),-140(fp),r0
-	bicl3	#0,r0,-140(fp)
-	cmpl	-140(fp),-136(fp)
-	bgequ	noname.78
-	incl	-144(fp)
-noname.78:
-	movl	-140(fp),r1
-	movl	-144(fp),r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.79
-	incl	r2
-noname.79:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.80
-	incl	r10
-noname.80:
-
-	movzwl	14(r6),r2
-	bicl3	#-65536,(r7),r3
-	movzwl	2(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,12(r6),-156(fp)
-	bicl3	#-65536,r2,-160(fp)
-	mull3	r0,-156(fp),-148(fp)
-	mull2	r3,-156(fp)
-	mull3	r3,-160(fp),-152(fp)
-	mull2	r0,-160(fp)
-	addl3	-148(fp),-152(fp),r0
-	bicl3	#0,r0,-148(fp)
-	cmpl	-148(fp),-152(fp)
-	bgequ	noname.81
-	addl2	#65536,-160(fp)
-noname.81:
-	movzwl	-146(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-160(fp)
-	bicl3	#-65536,-148(fp),r0
-	ashl	#16,r0,-152(fp)
-	addl3	-152(fp),-156(fp),r0
-	bicl3	#0,r0,-156(fp)
-	cmpl	-156(fp),-152(fp)
-	bgequ	noname.82
-	incl	-160(fp)
-noname.82:
-	movl	-156(fp),r1
-	movl	-160(fp),r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.83
-	incl	r2
-noname.83:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.84
-	incl	r10
-noname.84:
-
-	movl	r9,12(r11)
-
-	clrl	r9
-
-	movzwl	18(r6),r2
-	bicl3	#-65536,(r7),r3
-	movzwl	2(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,16(r6),-172(fp)
-	bicl3	#-65536,r2,-176(fp)
-	mull3	r0,-172(fp),-164(fp)
-	mull2	r3,-172(fp)
-	mull3	r3,-176(fp),-168(fp)
-	mull2	r0,-176(fp)
-	addl3	-164(fp),-168(fp),r0
-	bicl3	#0,r0,-164(fp)
-	cmpl	-164(fp),-168(fp)
-	bgequ	noname.85
-	addl2	#65536,-176(fp)
-noname.85:
-	movzwl	-162(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-176(fp)
-	bicl3	#-65536,-164(fp),r0
-	ashl	#16,r0,-168(fp)
-	addl3	-168(fp),-172(fp),r0
-	bicl3	#0,r0,-172(fp)
-	cmpl	-172(fp),-168(fp)
-	bgequ	noname.86
-	incl	-176(fp)
-noname.86:
-	movl	-172(fp),r1
-	movl	-176(fp),r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.87
-	incl	r2
-noname.87:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.88
-	incl	r9
-noname.88:
-
-	movzwl	14(r6),r2
-	bicl3	#-65536,4(r7),r3
-	movzwl	6(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,12(r6),-188(fp)
-	bicl3	#-65536,r2,-192(fp)
-	mull3	r0,-188(fp),-180(fp)
-	mull2	r3,-188(fp)
-	mull3	r3,-192(fp),-184(fp)
-	mull2	r0,-192(fp)
-	addl3	-180(fp),-184(fp),r0
-	bicl3	#0,r0,-180(fp)
-	cmpl	-180(fp),-184(fp)
-	bgequ	noname.89
-	addl2	#65536,-192(fp)
-noname.89:
-	movzwl	-178(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-192(fp)
-	bicl3	#-65536,-180(fp),r0
-	ashl	#16,r0,-184(fp)
-	addl3	-184(fp),-188(fp),r0
-	bicl3	#0,r0,-188(fp)
-	cmpl	-188(fp),-184(fp)
-	bgequ	noname.90
-	incl	-192(fp)
-noname.90:
-	movl	-188(fp),r1
-	movl	-192(fp),r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.91
-	incl	r2
-noname.91:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.92
-	incl	r9
-noname.92:
-
-	movzwl	10(r6),r2
-	bicl3	#-65536,8(r7),r3
-	movzwl	10(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,8(r6),-204(fp)
-	bicl3	#-65536,r2,-208(fp)
-	mull3	r0,-204(fp),-196(fp)
-	mull2	r3,-204(fp)
-	mull3	r3,-208(fp),-200(fp)
-	mull2	r0,-208(fp)
-	addl3	-196(fp),-200(fp),r0
-	bicl3	#0,r0,-196(fp)
-	cmpl	-196(fp),-200(fp)
-	bgequ	noname.93
-	addl2	#65536,-208(fp)
-noname.93:
-	movzwl	-194(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-208(fp)
-	bicl3	#-65536,-196(fp),r0
-	ashl	#16,r0,-200(fp)
-	addl3	-200(fp),-204(fp),r0
-	bicl3	#0,r0,-204(fp)
-	cmpl	-204(fp),-200(fp)
-	bgequ	noname.94
-	incl	-208(fp)
-noname.94:
-	movl	-204(fp),r1
-	movl	-208(fp),r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.95
-	incl	r2
-noname.95:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.96
-	incl	r9
-noname.96:
-
-	movzwl	6(r6),r2
-	bicl3	#-65536,12(r7),r3
-	movzwl	14(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,4(r6),-220(fp)
-	bicl3	#-65536,r2,-224(fp)
-	mull3	r0,-220(fp),-212(fp)
-	mull2	r3,-220(fp)
-	mull3	r3,-224(fp),-216(fp)
-	mull2	r0,-224(fp)
-	addl3	-212(fp),-216(fp),r0
-	bicl3	#0,r0,-212(fp)
-	cmpl	-212(fp),-216(fp)
-	bgequ	noname.97
-	addl2	#65536,-224(fp)
-noname.97:
-	movzwl	-210(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-224(fp)
-	bicl3	#-65536,-212(fp),r0
-	ashl	#16,r0,-216(fp)
-	addl3	-216(fp),-220(fp),r0
-	bicl3	#0,r0,-220(fp)
-	cmpl	-220(fp),-216(fp)
-	bgequ	noname.98
-	incl	-224(fp)
-noname.98:
-	movl	-220(fp),r1
-	movl	-224(fp),r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.99
-	incl	r2
-noname.99:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.100
-	incl	r9
-noname.100:
-
-	movzwl	2(r6),r2
-	bicl3	#-65536,16(r7),r3
-	movzwl	18(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,(r6),-236(fp)
-	bicl3	#-65536,r2,-240(fp)
-	mull3	r0,-236(fp),-228(fp)
-	mull2	r3,-236(fp)
-	mull3	r3,-240(fp),-232(fp)
-	mull2	r0,-240(fp)
-	addl3	-228(fp),-232(fp),r0
-	bicl3	#0,r0,-228(fp)
-	cmpl	-228(fp),-232(fp)
-	bgequ	noname.101
-	addl2	#65536,-240(fp)
-noname.101:
-	movzwl	-226(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-240(fp)
-	bicl3	#-65536,-228(fp),r0
-	ashl	#16,r0,-232(fp)
-	addl3	-232(fp),-236(fp),r0
-	bicl3	#0,r0,-236(fp)
-	cmpl	-236(fp),-232(fp)
-	bgequ	noname.102
-	incl	-240(fp)
-noname.102:
-	movl	-236(fp),r1
-	movl	-240(fp),r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.103
-	incl	r2
-noname.103:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.104
-	incl	r9
-noname.104:
-
-	movl	r8,16(r11)
-
-	clrl	r8
-
-	movzwl	2(r6),r2
-	bicl3	#-65536,20(r7),r3
-	movzwl	22(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,(r6),-252(fp)
-	bicl3	#-65536,r2,-256(fp)
-	mull3	r0,-252(fp),-244(fp)
-	mull2	r3,-252(fp)
-	mull3	r3,-256(fp),-248(fp)
-	mull2	r0,-256(fp)
-	addl3	-244(fp),-248(fp),r0
-	bicl3	#0,r0,-244(fp)
-	cmpl	-244(fp),-248(fp)
-	bgequ	noname.105
-	addl2	#65536,-256(fp)
-noname.105:
-	movzwl	-242(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-256(fp)
-	bicl3	#-65536,-244(fp),r0
-	ashl	#16,r0,-248(fp)
-	addl3	-248(fp),-252(fp),r0
-	bicl3	#0,r0,-252(fp)
-	cmpl	-252(fp),-248(fp)
-	bgequ	noname.106
-	incl	-256(fp)
-noname.106:
-	movl	-252(fp),r1
-	movl	-256(fp),r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.107
-	incl	r2
-noname.107:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.108
-	incl	r8
-noname.108:
-
-	movzwl	6(r6),r2
-	bicl3	#-65536,16(r7),r3
-	movzwl	18(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,4(r6),-268(fp)
-	bicl3	#-65536,r2,-272(fp)
-	mull3	r0,-268(fp),-260(fp)
-	mull2	r3,-268(fp)
-	mull3	r3,-272(fp),-264(fp)
-	mull2	r0,-272(fp)
-	addl3	-260(fp),-264(fp),r0
-	bicl3	#0,r0,-260(fp)
-	cmpl	-260(fp),-264(fp)
-	bgequ	noname.109
-	addl2	#65536,-272(fp)
-noname.109:
-	movzwl	-258(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-272(fp)
-	bicl3	#-65536,-260(fp),r0
-	ashl	#16,r0,-264(fp)
-	addl3	-264(fp),-268(fp),r0
-	bicl3	#0,r0,-268(fp)
-	cmpl	-268(fp),-264(fp)
-	bgequ	noname.110
-	incl	-272(fp)
-noname.110:
-	movl	-268(fp),r1
-	movl	-272(fp),r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.111
-	incl	r2
-noname.111:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.112
-	incl	r8
-noname.112:
-
-	movzwl	10(r6),r2
-	bicl3	#-65536,12(r7),r3
-	movzwl	14(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,8(r6),-284(fp)
-	bicl3	#-65536,r2,-288(fp)
-	mull3	r0,-284(fp),-276(fp)
-	mull2	r3,-284(fp)
-	mull3	r3,-288(fp),-280(fp)
-	mull2	r0,-288(fp)
-	addl3	-276(fp),-280(fp),r0
-	bicl3	#0,r0,-276(fp)
-	cmpl	-276(fp),-280(fp)
-	bgequ	noname.113
-	addl2	#65536,-288(fp)
-noname.113:
-	movzwl	-274(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-288(fp)
-	bicl3	#-65536,-276(fp),r0
-	ashl	#16,r0,-280(fp)
-	addl3	-280(fp),-284(fp),r0
-	bicl3	#0,r0,-284(fp)
-	cmpl	-284(fp),-280(fp)
-	bgequ	noname.114
-	incl	-288(fp)
-noname.114:
-	movl	-284(fp),r1
-	movl	-288(fp),r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.115
-	incl	r2
-noname.115:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.116
-	incl	r8
-noname.116:
-
-	movzwl	14(r6),r2
-	bicl3	#-65536,8(r7),r3
-	movzwl	10(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,12(r6),-300(fp)
-	bicl3	#-65536,r2,-304(fp)
-	mull3	r0,-300(fp),-292(fp)
-	mull2	r3,-300(fp)
-	mull3	r3,-304(fp),-296(fp)
-	mull2	r0,-304(fp)
-	addl3	-292(fp),-296(fp),r0
-	bicl3	#0,r0,-292(fp)
-	cmpl	-292(fp),-296(fp)
-	bgequ	noname.117
-	addl2	#65536,-304(fp)
-noname.117:
-	movzwl	-290(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-304(fp)
-	bicl3	#-65536,-292(fp),r0
-	ashl	#16,r0,-296(fp)
-	addl3	-296(fp),-300(fp),r0
-	bicl3	#0,r0,-300(fp)
-	cmpl	-300(fp),-296(fp)
-	bgequ	noname.118
-	incl	-304(fp)
-noname.118:
-	movl	-300(fp),r1
-	movl	-304(fp),r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.119
-	incl	r2
-noname.119:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.120
-	incl	r8
-noname.120:
-
-	movzwl	18(r6),r2
-	bicl3	#-65536,4(r7),r3
-	movzwl	6(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,16(r6),-316(fp)
-	bicl3	#-65536,r2,-320(fp)
-	mull3	r0,-316(fp),-308(fp)
-	mull2	r3,-316(fp)
-	mull3	r3,-320(fp),-312(fp)
-	mull2	r0,-320(fp)
-	addl3	-308(fp),-312(fp),r0
-	bicl3	#0,r0,-308(fp)
-	cmpl	-308(fp),-312(fp)
-	bgequ	noname.121
-	addl2	#65536,-320(fp)
-noname.121:
-	movzwl	-306(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-320(fp)
-	bicl3	#-65536,-308(fp),r0
-	ashl	#16,r0,-312(fp)
-	addl3	-312(fp),-316(fp),r0
-	bicl3	#0,r0,-316(fp)
-	cmpl	-316(fp),-312(fp)
-	bgequ	noname.122
-	incl	-320(fp)
-noname.122:
-	movl	-316(fp),r1
-	movl	-320(fp),r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.123
-	incl	r2
-
-noname.123:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.124
-	incl	r8
-noname.124:
-
-	movzwl	22(r6),r2
-	bicl3	#-65536,(r7),r3
-	movzwl	2(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,20(r6),-332(fp)
-	bicl3	#-65536,r2,-336(fp)
-	mull3	r0,-332(fp),-324(fp)
-	mull2	r3,-332(fp)
-	mull3	r3,-336(fp),-328(fp)
-	mull2	r0,-336(fp)
-	addl3	-324(fp),-328(fp),r0
-	bicl3	#0,r0,-324(fp)
-	cmpl	-324(fp),-328(fp)
-	bgequ	noname.125
-	addl2	#65536,-336(fp)
-noname.125:
-	movzwl	-322(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-336(fp)
-	bicl3	#-65536,-324(fp),r0
-	ashl	#16,r0,-328(fp)
-	addl3	-328(fp),-332(fp),r0
-	bicl3	#0,r0,-332(fp)
-	cmpl	-332(fp),-328(fp)
-	bgequ	noname.126
-	incl	-336(fp)
-noname.126:
-	movl	-332(fp),r1
-	movl	-336(fp),r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.127
-	incl	r2
-noname.127:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.128
-	incl	r8
-noname.128:
-
-	movl	r10,20(r11)
-
-	clrl	r10
-
-	movzwl	26(r6),r2
-	bicl3	#-65536,(r7),r3
-	movzwl	2(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,24(r6),-348(fp)
-	bicl3	#-65536,r2,-352(fp)
-	mull3	r0,-348(fp),-340(fp)
-	mull2	r3,-348(fp)
-	mull3	r3,-352(fp),-344(fp)
-	mull2	r0,-352(fp)
-	addl3	-340(fp),-344(fp),r0
-	bicl3	#0,r0,-340(fp)
-	cmpl	-340(fp),-344(fp)
-	bgequ	noname.129
-	addl2	#65536,-352(fp)
-noname.129:
-	movzwl	-338(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-352(fp)
-	bicl3	#-65536,-340(fp),r0
-	ashl	#16,r0,-344(fp)
-	addl3	-344(fp),-348(fp),r0
-	bicl3	#0,r0,-348(fp)
-	cmpl	-348(fp),-344(fp)
-	bgequ	noname.130
-	incl	-352(fp)
-noname.130:
-	movl	-348(fp),r1
-	movl	-352(fp),r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.131
-	incl	r2
-noname.131:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.132
-	incl	r10
-noname.132:
-
-	movzwl	22(r6),r2
-	bicl3	#-65536,4(r7),r3
-	movzwl	6(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,20(r6),-364(fp)
-	bicl3	#-65536,r2,-368(fp)
-	mull3	r0,-364(fp),-356(fp)
-	mull2	r3,-364(fp)
-	mull3	r3,-368(fp),-360(fp)
-	mull2	r0,-368(fp)
-	addl3	-356(fp),-360(fp),r0
-	bicl3	#0,r0,-356(fp)
-	cmpl	-356(fp),-360(fp)
-	bgequ	noname.133
-	addl2	#65536,-368(fp)
-noname.133:
-	movzwl	-354(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-368(fp)
-	bicl3	#-65536,-356(fp),r0
-	ashl	#16,r0,-360(fp)
-	addl3	-360(fp),-364(fp),r0
-	bicl3	#0,r0,-364(fp)
-	cmpl	-364(fp),-360(fp)
-	bgequ	noname.134
-	incl	-368(fp)
-noname.134:
-	movl	-364(fp),r1
-	movl	-368(fp),r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.135
-	incl	r2
-noname.135:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.136
-	incl	r10
-noname.136:
-
-	movzwl	18(r6),r2
-	bicl3	#-65536,8(r7),r3
-	movzwl	10(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,16(r6),-380(fp)
-	bicl3	#-65536,r2,-384(fp)
-	mull3	r0,-380(fp),-372(fp)
-	mull2	r3,-380(fp)
-	mull3	r3,-384(fp),-376(fp)
-	mull2	r0,-384(fp)
-	addl3	-372(fp),-376(fp),r0
-	bicl3	#0,r0,-372(fp)
-	cmpl	-372(fp),-376(fp)
-	bgequ	noname.137
-	addl2	#65536,-384(fp)
-noname.137:
-	movzwl	-370(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-384(fp)
-	bicl3	#-65536,-372(fp),r0
-	ashl	#16,r0,-376(fp)
-	addl3	-376(fp),-380(fp),r0
-	bicl3	#0,r0,-380(fp)
-	cmpl	-380(fp),-376(fp)
-	bgequ	noname.138
-	incl	-384(fp)
-noname.138:
-	movl	-380(fp),r1
-	movl	-384(fp),r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.139
-	incl	r2
-noname.139:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.140
-	incl	r10
-noname.140:
-
-	movzwl	14(r6),r2
-	bicl3	#-65536,12(r7),r3
-	movzwl	14(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,12(r6),-396(fp)
-	bicl3	#-65536,r2,-400(fp)
-	mull3	r0,-396(fp),-388(fp)
-	mull2	r3,-396(fp)
-	mull3	r3,-400(fp),-392(fp)
-	mull2	r0,-400(fp)
-	addl3	-388(fp),-392(fp),r0
-	bicl3	#0,r0,-388(fp)
-	cmpl	-388(fp),-392(fp)
-	bgequ	noname.141
-	addl2	#65536,-400(fp)
-noname.141:
-	movzwl	-386(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-400(fp)
-	bicl3	#-65536,-388(fp),r0
-	ashl	#16,r0,-392(fp)
-	addl3	-392(fp),-396(fp),r0
-	bicl3	#0,r0,-396(fp)
-	cmpl	-396(fp),-392(fp)
-	bgequ	noname.142
-	incl	-400(fp)
-noname.142:
-	movl	-396(fp),r1
-	movl	-400(fp),r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.143
-	incl	r2
-noname.143:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.144
-	incl	r10
-noname.144:
-
-	movzwl	10(r6),r2
-	bicl3	#-65536,16(r7),r3
-	movzwl	18(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,8(r6),-412(fp)
-	bicl3	#-65536,r2,-416(fp)
-	mull3	r0,-412(fp),-404(fp)
-	mull2	r3,-412(fp)
-	mull3	r3,-416(fp),-408(fp)
-	mull2	r0,-416(fp)
-	addl3	-404(fp),-408(fp),r0
-	bicl3	#0,r0,-404(fp)
-	cmpl	-404(fp),-408(fp)
-	bgequ	noname.145
-	addl2	#65536,-416(fp)
-noname.145:
-	movzwl	-402(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-416(fp)
-	bicl3	#-65536,-404(fp),r0
-	ashl	#16,r0,-408(fp)
-	addl3	-408(fp),-412(fp),r0
-	bicl3	#0,r0,-412(fp)
-	cmpl	-412(fp),-408(fp)
-	bgequ	noname.146
-	incl	-416(fp)
-noname.146:
-	movl	-412(fp),r1
-	movl	-416(fp),r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.147
-	incl	r2
-noname.147:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.148
-	incl	r10
-noname.148:
-
-	movzwl	6(r6),r2
-	bicl3	#-65536,20(r7),r3
-	movzwl	22(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,4(r6),-428(fp)
-	bicl3	#-65536,r2,-432(fp)
-	mull3	r0,-428(fp),-420(fp)
-	mull2	r3,-428(fp)
-	mull3	r3,-432(fp),-424(fp)
-	mull2	r0,-432(fp)
-	addl3	-420(fp),-424(fp),r0
-	bicl3	#0,r0,-420(fp)
-	cmpl	-420(fp),-424(fp)
-	bgequ	noname.149
-	addl2	#65536,-432(fp)
-noname.149:
-	movzwl	-418(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-432(fp)
-	bicl3	#-65536,-420(fp),r0
-	ashl	#16,r0,-424(fp)
-	addl3	-424(fp),-428(fp),r0
-	bicl3	#0,r0,-428(fp)
-	cmpl	-428(fp),-424(fp)
-	bgequ	noname.150
-	incl	-432(fp)
-noname.150:
-	movl	-428(fp),r1
-	movl	-432(fp),r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.151
-	incl	r2
-noname.151:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.152
-	incl	r10
-noname.152:
-
-	movzwl	2(r6),r2
-	bicl3	#-65536,24(r7),r3
-	movzwl	26(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,(r6),-444(fp)
-	bicl3	#-65536,r2,-448(fp)
-	mull3	r0,-444(fp),-436(fp)
-	mull2	r3,-444(fp)
-	mull3	r3,-448(fp),-440(fp)
-	mull2	r0,-448(fp)
-	addl3	-436(fp),-440(fp),r0
-	bicl3	#0,r0,-436(fp)
-	cmpl	-436(fp),-440(fp)
-	bgequ	noname.153
-	addl2	#65536,-448(fp)
-noname.153:
-	movzwl	-434(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-448(fp)
-	bicl3	#-65536,-436(fp),r0
-	ashl	#16,r0,-440(fp)
-	addl3	-440(fp),-444(fp),r0
-	bicl3	#0,r0,-444(fp)
-	cmpl	-444(fp),-440(fp)
-	bgequ	noname.154
-	incl	-448(fp)
-noname.154:
-	movl	-444(fp),r1
-	movl	-448(fp),r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.155
-	incl	r2
-noname.155:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.156
-	incl	r10
-noname.156:
-
-	movl	r9,24(r11)
-
-	clrl	r9
-
-	movzwl	2(r6),r2
-	bicl3	#-65536,28(r7),r3
-	movzwl	30(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,(r6),-460(fp)
-	bicl3	#-65536,r2,-464(fp)
-	mull3	r0,-460(fp),-452(fp)
-	mull2	r3,-460(fp)
-	mull3	r3,-464(fp),-456(fp)
-	mull2	r0,-464(fp)
-	addl3	-452(fp),-456(fp),r0
-	bicl3	#0,r0,-452(fp)
-	cmpl	-452(fp),-456(fp)
-	bgequ	noname.157
-	addl2	#65536,-464(fp)
-noname.157:
-	movzwl	-450(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-464(fp)
-	bicl3	#-65536,-452(fp),r0
-	ashl	#16,r0,-456(fp)
-	addl3	-456(fp),-460(fp),r0
-	bicl3	#0,r0,-460(fp)
-	cmpl	-460(fp),-456(fp)
-	bgequ	noname.158
-	incl	-464(fp)
-noname.158:
-	movl	-460(fp),r1
-	movl	-464(fp),r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.159
-	incl	r2
-noname.159:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.160
-	incl	r9
-noname.160:
-
-	movzwl	6(r6),r2
-	bicl3	#-65536,24(r7),r3
-	movzwl	26(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,4(r6),-476(fp)
-	bicl3	#-65536,r2,-480(fp)
-	mull3	r0,-476(fp),-468(fp)
-	mull2	r3,-476(fp)
-	mull3	r3,-480(fp),-472(fp)
-	mull2	r0,-480(fp)
-	addl3	-468(fp),-472(fp),r0
-	bicl3	#0,r0,-468(fp)
-	cmpl	-468(fp),-472(fp)
-	bgequ	noname.161
-	addl2	#65536,-480(fp)
-noname.161:
-	movzwl	-466(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-480(fp)
-	bicl3	#-65536,-468(fp),r0
-	ashl	#16,r0,-472(fp)
-	addl3	-472(fp),-476(fp),r0
-	bicl3	#0,r0,-476(fp)
-	cmpl	-476(fp),-472(fp)
-	bgequ	noname.162
-	incl	-480(fp)
-noname.162:
-	movl	-476(fp),r1
-	movl	-480(fp),r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.163
-	incl	r2
-noname.163:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.164
-	incl	r9
-noname.164:
-
-	movzwl	10(r6),r2
-	bicl3	#-65536,20(r7),r3
-	movzwl	22(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,8(r6),-492(fp)
-	bicl3	#-65536,r2,-496(fp)
-	mull3	r0,-492(fp),-484(fp)
-	mull2	r3,-492(fp)
-	mull3	r3,-496(fp),-488(fp)
-	mull2	r0,-496(fp)
-	addl3	-484(fp),-488(fp),r0
-	bicl3	#0,r0,-484(fp)
-	cmpl	-484(fp),-488(fp)
-	bgequ	noname.165
-	addl2	#65536,-496(fp)
-noname.165:
-	movzwl	-482(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-496(fp)
-	bicl3	#-65536,-484(fp),r0
-	ashl	#16,r0,-488(fp)
-	addl3	-488(fp),-492(fp),r0
-	bicl3	#0,r0,-492(fp)
-	cmpl	-492(fp),-488(fp)
-	bgequ	noname.166
-	incl	-496(fp)
-noname.166:
-	movl	-492(fp),r1
-	movl	-496(fp),r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.167
-	incl	r2
-noname.167:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.168
-	incl	r9
-noname.168:
-
-	movzwl	14(r6),r2
-	bicl3	#-65536,16(r7),r3
-	movzwl	18(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,12(r6),-508(fp)
-	bicl3	#-65536,r2,-512(fp)
-	mull3	r0,-508(fp),-500(fp)
-	mull2	r3,-508(fp)
-	mull3	r3,-512(fp),-504(fp)
-	mull2	r0,-512(fp)
-	addl3	-500(fp),-504(fp),r0
-	bicl3	#0,r0,-500(fp)
-	cmpl	-500(fp),-504(fp)
-	bgequ	noname.169
-	addl2	#65536,-512(fp)
-noname.169:
-	movzwl	-498(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-512(fp)
-	bicl3	#-65536,-500(fp),r0
-	ashl	#16,r0,-504(fp)
-	addl3	-504(fp),-508(fp),r0
-	bicl3	#0,r0,-508(fp)
-	cmpl	-508(fp),-504(fp)
-	bgequ	noname.170
-	incl	-512(fp)
-noname.170:
-	movl	-508(fp),r1
-	movl	-512(fp),r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.171
-	incl	r2
-noname.171:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.172
-	incl	r9
-noname.172:
-
-	movzwl	18(r6),r2
-	bicl3	#-65536,12(r7),r3
-	movzwl	14(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,16(r6),-524(fp)
-	bicl3	#-65536,r2,-528(fp)
-	mull3	r0,-524(fp),-516(fp)
-	mull2	r3,-524(fp)
-	mull3	r3,-528(fp),-520(fp)
-	mull2	r0,-528(fp)
-	addl3	-516(fp),-520(fp),r0
-	bicl3	#0,r0,-516(fp)
-	cmpl	-516(fp),-520(fp)
-	bgequ	noname.173
-	addl2	#65536,-528(fp)
-noname.173:
-	movzwl	-514(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-528(fp)
-	bicl3	#-65536,-516(fp),r0
-	ashl	#16,r0,-520(fp)
-	addl3	-520(fp),-524(fp),r0
-	bicl3	#0,r0,-524(fp)
-	cmpl	-524(fp),-520(fp)
-	bgequ	noname.174
-	incl	-528(fp)
-noname.174:
-	movl	-524(fp),r1
-	movl	-528(fp),r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.175
-	incl	r2
-noname.175:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.176
-	incl	r9
-noname.176:
-
-	movzwl	22(r6),r2
-	bicl3	#-65536,8(r7),r3
-	movzwl	10(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,20(r6),-540(fp)
-	bicl3	#-65536,r2,-544(fp)
-	mull3	r0,-540(fp),-532(fp)
-	mull2	r3,-540(fp)
-	mull3	r3,-544(fp),-536(fp)
-	mull2	r0,-544(fp)
-	addl3	-532(fp),-536(fp),r0
-	bicl3	#0,r0,-532(fp)
-	cmpl	-532(fp),-536(fp)
-	bgequ	noname.177
-	addl2	#65536,-544(fp)
-noname.177:
-	movzwl	-530(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-544(fp)
-	bicl3	#-65536,-532(fp),r0
-	ashl	#16,r0,-536(fp)
-	addl3	-536(fp),-540(fp),r0
-	bicl3	#0,r0,-540(fp)
-	cmpl	-540(fp),-536(fp)
-	bgequ	noname.178
-	incl	-544(fp)
-noname.178:
-	movl	-540(fp),r1
-	movl	-544(fp),r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.179
-	incl	r2
-noname.179:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.180
-	incl	r9
-noname.180:
-
-	movzwl	26(r6),r2
-	bicl3	#-65536,4(r7),r3
-	movzwl	6(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,24(r6),-556(fp)
-	bicl3	#-65536,r2,-560(fp)
-	mull3	r0,-556(fp),-548(fp)
-	mull2	r3,-556(fp)
-	mull3	r3,-560(fp),-552(fp)
-	mull2	r0,-560(fp)
-	addl3	-548(fp),-552(fp),r0
-	bicl3	#0,r0,-548(fp)
-	cmpl	-548(fp),-552(fp)
-	bgequ	noname.181
-	addl2	#65536,-560(fp)
-noname.181:
-	movzwl	-546(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-560(fp)
-	bicl3	#-65536,-548(fp),r0
-	ashl	#16,r0,-552(fp)
-	addl3	-552(fp),-556(fp),r0
-	bicl3	#0,r0,-556(fp)
-	cmpl	-556(fp),-552(fp)
-	bgequ	noname.182
-	incl	-560(fp)
-noname.182:
-	movl	-556(fp),r1
-	movl	-560(fp),r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.183
-	incl	r2
-noname.183:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.184
-	incl	r9
-noname.184:
-
-	movzwl	30(r6),r2
-	bicl3	#-65536,(r7),r3
-	movzwl	2(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,28(r6),-572(fp)
-	bicl3	#-65536,r2,-576(fp)
-	mull3	r0,-572(fp),-564(fp)
-	mull2	r3,-572(fp)
-	mull3	r3,-576(fp),-568(fp)
-	mull2	r0,-576(fp)
-	addl3	-564(fp),-568(fp),r0
-	bicl3	#0,r0,-564(fp)
-	cmpl	-564(fp),-568(fp)
-	bgequ	noname.185
-	addl2	#65536,-576(fp)
-noname.185:
-	movzwl	-562(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-576(fp)
-	bicl3	#-65536,-564(fp),r0
-	ashl	#16,r0,-568(fp)
-	addl3	-568(fp),-572(fp),r0
-	bicl3	#0,r0,-572(fp)
-	cmpl	-572(fp),-568(fp)
-	bgequ	noname.186
-	incl	-576(fp)
-noname.186:
-	movl	-572(fp),r1
-	movl	-576(fp),r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.187
-	incl	r2
-noname.187:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.188
-	incl	r9
-noname.188:
-
-	movl	r8,28(r11)
-
-	clrl	r8
-
-	movzwl	30(r6),r2
-	bicl3	#-65536,4(r7),r3
-	movzwl	6(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,28(r6),-588(fp)
-	bicl3	#-65536,r2,-592(fp)
-	mull3	r0,-588(fp),-580(fp)
-	mull2	r3,-588(fp)
-	mull3	r3,-592(fp),-584(fp)
-	mull2	r0,-592(fp)
-	addl3	-580(fp),-584(fp),r0
-	bicl3	#0,r0,-580(fp)
-	cmpl	-580(fp),-584(fp)
-	bgequ	noname.189
-	addl2	#65536,-592(fp)
-noname.189:
-	movzwl	-578(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-592(fp)
-	bicl3	#-65536,-580(fp),r0
-	ashl	#16,r0,-584(fp)
-	addl3	-584(fp),-588(fp),r0
-	bicl3	#0,r0,-588(fp)
-	cmpl	-588(fp),-584(fp)
-	bgequ	noname.190
-	incl	-592(fp)
-noname.190:
-	movl	-588(fp),r1
-	movl	-592(fp),r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.191
-	incl	r2
-noname.191:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.192
-	incl	r8
-noname.192:
-
-	movzwl	26(r6),r2
-	bicl3	#-65536,8(r7),r3
-	movzwl	10(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,24(r6),-604(fp)
-	bicl3	#-65536,r2,-608(fp)
-	mull3	r0,-604(fp),-596(fp)
-	mull2	r3,-604(fp)
-	mull3	r3,-608(fp),-600(fp)
-	mull2	r0,-608(fp)
-	addl3	-596(fp),-600(fp),r0
-	bicl3	#0,r0,-596(fp)
-	cmpl	-596(fp),-600(fp)
-	bgequ	noname.193
-	addl2	#65536,-608(fp)
-noname.193:
-	movzwl	-594(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-608(fp)
-	bicl3	#-65536,-596(fp),r0
-	ashl	#16,r0,-600(fp)
-	addl3	-600(fp),-604(fp),r0
-	bicl3	#0,r0,-604(fp)
-	cmpl	-604(fp),-600(fp)
-	bgequ	noname.194
-	incl	-608(fp)
-noname.194:
-	movl	-604(fp),r1
-	movl	-608(fp),r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.195
-	incl	r2
-noname.195:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.196
-	incl	r8
-noname.196:
-
-	movzwl	22(r6),r2
-	bicl3	#-65536,12(r7),r3
-	movzwl	14(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,20(r6),-620(fp)
-	bicl3	#-65536,r2,-624(fp)
-	mull3	r0,-620(fp),-612(fp)
-	mull2	r3,-620(fp)
-	mull3	r3,-624(fp),-616(fp)
-	mull2	r0,-624(fp)
-	addl3	-612(fp),-616(fp),r0
-	bicl3	#0,r0,-612(fp)
-	cmpl	-612(fp),-616(fp)
-	bgequ	noname.197
-	addl2	#65536,-624(fp)
-noname.197:
-	movzwl	-610(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-624(fp)
-	bicl3	#-65536,-612(fp),r0
-	ashl	#16,r0,-616(fp)
-	addl3	-616(fp),-620(fp),r0
-	bicl3	#0,r0,-620(fp)
-	cmpl	-620(fp),-616(fp)
-	bgequ	noname.198
-	incl	-624(fp)
-noname.198:
-	movl	-620(fp),r1
-	movl	-624(fp),r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.199
-	incl	r2
-noname.199:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.200
-	incl	r8
-noname.200:
-
-	movzwl	18(r6),r2
-	bicl3	#-65536,16(r7),r3
-	movzwl	18(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,16(r6),-636(fp)
-	bicl3	#-65536,r2,-640(fp)
-	mull3	r0,-636(fp),-628(fp)
-	mull2	r3,-636(fp)
-	mull3	r3,-640(fp),-632(fp)
-	mull2	r0,-640(fp)
-	addl3	-628(fp),-632(fp),r0
-	bicl3	#0,r0,-628(fp)
-	cmpl	-628(fp),-632(fp)
-	bgequ	noname.201
-	addl2	#65536,-640(fp)
-noname.201:
-	movzwl	-626(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-640(fp)
-	bicl3	#-65536,-628(fp),r0
-	ashl	#16,r0,-632(fp)
-	addl3	-632(fp),-636(fp),r0
-	bicl3	#0,r0,-636(fp)
-	cmpl	-636(fp),-632(fp)
-	bgequ	noname.202
-	incl	-640(fp)
-noname.202:
-	movl	-636(fp),r1
-	movl	-640(fp),r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.203
-	incl	r2
-noname.203:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.204
-	incl	r8
-noname.204:
-
-	movzwl	14(r6),r2
-	bicl3	#-65536,20(r7),r3
-	movzwl	22(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,12(r6),-652(fp)
-	bicl3	#-65536,r2,-656(fp)
-	mull3	r0,-652(fp),-644(fp)
-	mull2	r3,-652(fp)
-	mull3	r3,-656(fp),-648(fp)
-	mull2	r0,-656(fp)
-	addl3	-644(fp),-648(fp),r0
-	bicl3	#0,r0,-644(fp)
-	cmpl	-644(fp),-648(fp)
-	bgequ	noname.205
-	addl2	#65536,-656(fp)
-noname.205:
-	movzwl	-642(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-656(fp)
-	bicl3	#-65536,-644(fp),r0
-	ashl	#16,r0,-648(fp)
-	addl3	-648(fp),-652(fp),r0
-	bicl3	#0,r0,-652(fp)
-	cmpl	-652(fp),-648(fp)
-	bgequ	noname.206
-	incl	-656(fp)
-noname.206:
-	movl	-652(fp),r1
-	movl	-656(fp),r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.207
-	incl	r2
-noname.207:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.208
-	incl	r8
-noname.208:
-
-	movzwl	10(r6),r2
-	bicl3	#-65536,24(r7),r3
-	movzwl	26(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,8(r6),-668(fp)
-	bicl3	#-65536,r2,-672(fp)
-	mull3	r0,-668(fp),-660(fp)
-	mull2	r3,-668(fp)
-	mull3	r3,-672(fp),-664(fp)
-	mull2	r0,-672(fp)
-	addl3	-660(fp),-664(fp),r0
-	bicl3	#0,r0,-660(fp)
-	cmpl	-660(fp),-664(fp)
-	bgequ	noname.209
-	addl2	#65536,-672(fp)
-noname.209:
-	movzwl	-658(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-672(fp)
-	bicl3	#-65536,-660(fp),r0
-	ashl	#16,r0,-664(fp)
-	addl3	-664(fp),-668(fp),r0
-	bicl3	#0,r0,-668(fp)
-	cmpl	-668(fp),-664(fp)
-	bgequ	noname.210
-	incl	-672(fp)
-noname.210:
-	movl	-668(fp),r1
-	movl	-672(fp),r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.211
-	incl	r2
-noname.211:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.212
-	incl	r8
-noname.212:
-
-	movzwl	6(r6),r2
-	bicl3	#-65536,28(r7),r3
-	movzwl	30(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,4(r6),-684(fp)
-	bicl3	#-65536,r2,-688(fp)
-	mull3	r0,-684(fp),-676(fp)
-	mull2	r3,-684(fp)
-	mull3	r3,-688(fp),-680(fp)
-	mull2	r0,-688(fp)
-	addl3	-676(fp),-680(fp),r0
-	bicl3	#0,r0,-676(fp)
-	cmpl	-676(fp),-680(fp)
-	bgequ	noname.213
-	addl2	#65536,-688(fp)
-noname.213:
-	movzwl	-674(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-688(fp)
-	bicl3	#-65536,-676(fp),r0
-	ashl	#16,r0,-680(fp)
-	addl3	-680(fp),-684(fp),r0
-	bicl3	#0,r0,-684(fp)
-	cmpl	-684(fp),-680(fp)
-	bgequ	noname.214
-	incl	-688(fp)
-noname.214:
-	movl	-684(fp),r1
-	movl	-688(fp),r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.215
-	incl	r2
-noname.215:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.216
-	incl	r8
-noname.216:
-
-	movl	r10,32(r11)
-
-	clrl	r10
-
-	movzwl	10(r6),r2
-	bicl3	#-65536,28(r7),r3
-	movzwl	30(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,8(r6),-700(fp)
-	bicl3	#-65536,r2,-704(fp)
-	mull3	r0,-700(fp),-692(fp)
-	mull2	r3,-700(fp)
-	mull3	r3,-704(fp),-696(fp)
-	mull2	r0,-704(fp)
-	addl3	-692(fp),-696(fp),r0
-	bicl3	#0,r0,-692(fp)
-	cmpl	-692(fp),-696(fp)
-	bgequ	noname.217
-	addl2	#65536,-704(fp)
-noname.217:
-	movzwl	-690(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-704(fp)
-	bicl3	#-65536,-692(fp),r0
-	ashl	#16,r0,-696(fp)
-	addl3	-696(fp),-700(fp),r0
-	bicl3	#0,r0,-700(fp)
-	cmpl	-700(fp),-696(fp)
-	bgequ	noname.218
-	incl	-704(fp)
-noname.218:
-	movl	-700(fp),r1
-	movl	-704(fp),r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.219
-	incl	r2
-noname.219:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.220
-	incl	r10
-noname.220:
-
-	movzwl	14(r6),r2
-	bicl3	#-65536,24(r7),r3
-	movzwl	26(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,12(r6),-716(fp)
-	bicl3	#-65536,r2,-720(fp)
-	mull3	r0,-716(fp),-708(fp)
-	mull2	r3,-716(fp)
-	mull3	r3,-720(fp),-712(fp)
-	mull2	r0,-720(fp)
-	addl3	-708(fp),-712(fp),r0
-	bicl3	#0,r0,-708(fp)
-	cmpl	-708(fp),-712(fp)
-	bgequ	noname.221
-	addl2	#65536,-720(fp)
-noname.221:
-	movzwl	-706(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-720(fp)
-	bicl3	#-65536,-708(fp),r0
-	ashl	#16,r0,-712(fp)
-	addl3	-712(fp),-716(fp),r0
-	bicl3	#0,r0,-716(fp)
-	cmpl	-716(fp),-712(fp)
-	bgequ	noname.222
-	incl	-720(fp)
-noname.222:
-	movl	-716(fp),r1
-	movl	-720(fp),r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.223
-	incl	r2
-noname.223:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.224
-	incl	r10
-noname.224:
-
-	movzwl	18(r6),r2
-	bicl3	#-65536,20(r7),r3
-	movzwl	22(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,16(r6),-732(fp)
-	bicl3	#-65536,r2,-736(fp)
-	mull3	r0,-732(fp),-724(fp)
-	mull2	r3,-732(fp)
-	mull3	r3,-736(fp),-728(fp)
-	mull2	r0,-736(fp)
-	addl3	-724(fp),-728(fp),r0
-	bicl3	#0,r0,-724(fp)
-	cmpl	-724(fp),-728(fp)
-	bgequ	noname.225
-	addl2	#65536,-736(fp)
-noname.225:
-	movzwl	-722(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-736(fp)
-	bicl3	#-65536,-724(fp),r0
-	ashl	#16,r0,-728(fp)
-	addl3	-728(fp),-732(fp),r0
-	bicl3	#0,r0,-732(fp)
-	cmpl	-732(fp),-728(fp)
-	bgequ	noname.226
-	incl	-736(fp)
-noname.226:
-	movl	-732(fp),r1
-	movl	-736(fp),r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.227
-	incl	r2
-noname.227:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.228
-	incl	r10
-noname.228:
-
-	movzwl	22(r6),r2
-	bicl3	#-65536,16(r7),r3
-	movzwl	18(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,20(r6),-748(fp)
-	bicl3	#-65536,r2,-752(fp)
-	mull3	r0,-748(fp),-740(fp)
-	mull2	r3,-748(fp)
-	mull3	r3,-752(fp),-744(fp)
-	mull2	r0,-752(fp)
-	addl3	-740(fp),-744(fp),r0
-	bicl3	#0,r0,-740(fp)
-	cmpl	-740(fp),-744(fp)
-	bgequ	noname.229
-	addl2	#65536,-752(fp)
-noname.229:
-	movzwl	-738(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-752(fp)
-	bicl3	#-65536,-740(fp),r0
-	ashl	#16,r0,-744(fp)
-	addl3	-744(fp),-748(fp),r0
-	bicl3	#0,r0,-748(fp)
-	cmpl	-748(fp),-744(fp)
-	bgequ	noname.230
-	incl	-752(fp)
-noname.230:
-	movl	-748(fp),r1
-	movl	-752(fp),r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.231
-	incl	r2
-noname.231:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.232
-	incl	r10
-noname.232:
-
-	movzwl	26(r6),r2
-	bicl3	#-65536,12(r7),r3
-	movzwl	14(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,24(r6),-764(fp)
-	bicl3	#-65536,r2,-768(fp)
-	mull3	r0,-764(fp),-756(fp)
-	mull2	r3,-764(fp)
-	mull3	r3,-768(fp),-760(fp)
-	mull2	r0,-768(fp)
-	addl3	-756(fp),-760(fp),r0
-	bicl3	#0,r0,-756(fp)
-	cmpl	-756(fp),-760(fp)
-	bgequ	noname.233
-	addl2	#65536,-768(fp)
-noname.233:
-	movzwl	-754(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-768(fp)
-	bicl3	#-65536,-756(fp),r0
-	ashl	#16,r0,-760(fp)
-	addl3	-760(fp),-764(fp),r0
-	bicl3	#0,r0,-764(fp)
-	cmpl	-764(fp),-760(fp)
-	bgequ	noname.234
-	incl	-768(fp)
-noname.234:
-	movl	-764(fp),r1
-	movl	-768(fp),r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.235
-	incl	r2
-noname.235:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.236
-	incl	r10
-noname.236:
-
-	bicl3	#-65536,28(r6),r3
-	movzwl	30(r6),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,8(r7),r2
-	movzwl	10(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-772(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-776(fp)
-	mull2	r0,r4
-	addl3	-772(fp),-776(fp),r0
-	bicl3	#0,r0,-772(fp)
-	cmpl	-772(fp),-776(fp)
-	bgequ	noname.237
-	addl2	#65536,r4
-noname.237:
-	movzwl	-770(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-772(fp),r0
-	ashl	#16,r0,-776(fp)
-	addl2	-776(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-776(fp)
-	bgequ	noname.238
-	incl	r4
-noname.238:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.239
-	incl	r2
-noname.239:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.240
-	incl	r10
-noname.240:
-
-	movl	r9,36(r11)
-
-	clrl	r9
-
-	bicl3	#-65536,28(r6),r3
-	movzwl	30(r6),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,12(r7),r2
-	movzwl	14(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-780(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-784(fp)
-	mull2	r0,r4
-	addl3	-780(fp),-784(fp),r0
-	bicl3	#0,r0,-780(fp)
-	cmpl	-780(fp),-784(fp)
-	bgequ	noname.241
-	addl2	#65536,r4
-noname.241:
-	movzwl	-778(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-780(fp),r0
-	ashl	#16,r0,-784(fp)
-	addl2	-784(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-784(fp)
-	bgequ	noname.242
-	incl	r4
-noname.242:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.243
-	incl	r2
-noname.243:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.244
-	incl	r9
-noname.244:
-
-	bicl3	#-65536,24(r6),r3
-	movzwl	26(r6),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,16(r7),r2
-	movzwl	18(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-788(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-792(fp)
-	mull2	r0,r4
-	addl3	-788(fp),-792(fp),r0
-	bicl3	#0,r0,-788(fp)
-	cmpl	-788(fp),-792(fp)
-	bgequ	noname.245
-	addl2	#65536,r4
-noname.245:
-	movzwl	-786(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-788(fp),r0
-	ashl	#16,r0,-792(fp)
-	addl2	-792(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-792(fp)
-	bgequ	noname.246
-	incl	r4
-noname.246:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.247
-	incl	r2
-noname.247:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.248
-	incl	r9
-noname.248:
-
-	bicl3	#-65536,20(r6),r3
-	movzwl	22(r6),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,20(r7),r2
-	movzwl	22(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-796(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-800(fp)
-	mull2	r0,r4
-	addl3	-796(fp),-800(fp),r0
-	bicl3	#0,r0,-796(fp)
-	cmpl	-796(fp),-800(fp)
-	bgequ	noname.249
-	addl2	#65536,r4
-noname.249:
-	movzwl	-794(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-796(fp),r0
-	ashl	#16,r0,-800(fp)
-	addl2	-800(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-800(fp)
-	bgequ	noname.250
-	incl	r4
-noname.250:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.251
-	incl	r2
-noname.251:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.252
-	incl	r9
-noname.252:
-
-	bicl3	#-65536,16(r6),r3
-	movzwl	18(r6),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,24(r7),r2
-	movzwl	26(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-804(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-808(fp)
-	mull2	r0,r4
-	addl3	-804(fp),-808(fp),r0
-	bicl3	#0,r0,-804(fp)
-	cmpl	-804(fp),-808(fp)
-	bgequ	noname.253
-	addl2	#65536,r4
-noname.253:
-	movzwl	-802(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-804(fp),r0
-	ashl	#16,r0,-808(fp)
-	addl2	-808(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-808(fp)
-	bgequ	noname.254
-	incl	r4
-noname.254:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.255
-	incl	r2
-noname.255:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.256
-	incl	r9
-noname.256:
-
-	bicl3	#-65536,12(r6),r3
-	movzwl	14(r6),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,28(r7),r2
-	movzwl	30(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-812(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-816(fp)
-	mull2	r0,r4
-	addl3	-812(fp),-816(fp),r0
-	bicl3	#0,r0,-812(fp)
-	cmpl	-812(fp),-816(fp)
-	bgequ	noname.257
-	addl2	#65536,r4
-noname.257:
-	movzwl	-810(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-812(fp),r0
-	ashl	#16,r0,-816(fp)
-	addl2	-816(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-816(fp)
-	bgequ	noname.258
-	incl	r4
-noname.258:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.259
-	incl	r2
-noname.259:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.260
-	incl	r9
-noname.260:
-
-	movl	r8,40(r11)
-
-	clrl	r8
-
-	bicl3	#-65536,16(r6),r3
-	movzwl	18(r6),r2
-	bicl3	#-65536,28(r7),r1
-	movzwl	30(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r4
-	bicl3	#-65536,r2,-828(fp)
-	mull3	r0,r4,-820(fp)
-	mull2	r1,r4
-	mull3	r1,-828(fp),-824(fp)
-	mull2	r0,-828(fp)
-	addl3	-820(fp),-824(fp),r0
-	bicl3	#0,r0,-820(fp)
-	cmpl	-820(fp),-824(fp)
-	bgequ	noname.261
-	addl2	#65536,-828(fp)
-noname.261:
-	movzwl	-818(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-828(fp)
-	bicl3	#-65536,-820(fp),r0
-	ashl	#16,r0,-824(fp)
-	addl2	-824(fp),r4
-	bicl2	#0,r4
-	cmpl	r4,-824(fp)
-	bgequ	noname.262
-	incl	-828(fp)
-noname.262:
-	movl	r4,r1
-	movl	-828(fp),r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.263
-	incl	r2
-noname.263:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.264
-	incl	r8
-noname.264:
-
-	movzwl	22(r6),r2
-	bicl3	#-65536,24(r7),r3
-	movzwl	26(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,20(r6),-840(fp)
-	bicl3	#-65536,r2,-844(fp)
-	mull3	r0,-840(fp),-832(fp)
-	mull2	r3,-840(fp)
-	mull3	r3,-844(fp),-836(fp)
-	mull2	r0,-844(fp)
-	addl3	-832(fp),-836(fp),r0
-	bicl3	#0,r0,-832(fp)
-	cmpl	-832(fp),-836(fp)
-	bgequ	noname.265
-	addl2	#65536,-844(fp)
-noname.265:
-	movzwl	-830(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-844(fp)
-	bicl3	#-65536,-832(fp),r0
-	ashl	#16,r0,-836(fp)
-	addl3	-836(fp),-840(fp),r0
-	bicl3	#0,r0,-840(fp)
-	cmpl	-840(fp),-836(fp)
-	bgequ	noname.266
-	incl	-844(fp)
-noname.266:
-	movl	-840(fp),r1
-	movl	-844(fp),r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.267
-	incl	r2
-noname.267:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.268
-	incl	r8
-noname.268:
-
-	bicl3	#-65536,24(r6),r3
-	movzwl	26(r6),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,20(r7),r2
-	movzwl	22(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-848(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-852(fp)
-	mull2	r0,r4
-	addl3	-848(fp),-852(fp),r0
-	bicl3	#0,r0,-848(fp)
-	cmpl	-848(fp),-852(fp)
-	bgequ	noname.269
-	addl2	#65536,r4
-noname.269:
-	movzwl	-846(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-848(fp),r0
-	ashl	#16,r0,-852(fp)
-	addl2	-852(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-852(fp)
-	bgequ	noname.270
-	incl	r4
-noname.270:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.271
-	incl	r2
-noname.271:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.272
-	incl	r8
-noname.272:
-
-	bicl3	#-65536,28(r6),r3
-	movzwl	30(r6),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,16(r7),r2
-	movzwl	18(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-856(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-860(fp)
-	mull2	r0,r4
-	addl3	-856(fp),-860(fp),r0
-	bicl3	#0,r0,-856(fp)
-	cmpl	-856(fp),-860(fp)
-	bgequ	noname.273
-	addl2	#65536,r4
-noname.273:
-	movzwl	-854(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-856(fp),r0
-	ashl	#16,r0,-860(fp)
-	addl2	-860(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-860(fp)
-	bgequ	noname.274
-	incl	r4
-noname.274:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.275
-	incl	r2
-noname.275:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.276
-	incl	r8
-noname.276:
-
-	movl	r10,44(r11)
-
-	clrl	r10
-
-	bicl3	#-65536,28(r6),r3
-	movzwl	30(r6),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,20(r7),r2
-	movzwl	22(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-864(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-868(fp)
-	mull2	r0,r4
-	addl3	-864(fp),-868(fp),r0
-	bicl3	#0,r0,-864(fp)
-	cmpl	-864(fp),-868(fp)
-	bgequ	noname.277
-	addl2	#65536,r4
-noname.277:
-	movzwl	-862(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-864(fp),r0
-	ashl	#16,r0,-868(fp)
-	addl2	-868(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-868(fp)
-	bgequ	noname.278
-	incl	r4
-noname.278:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.279
-	incl	r2
-noname.279:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.280
-	incl	r10
-noname.280:
-
-	bicl3	#-65536,24(r6),r3
-	movzwl	26(r6),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,24(r7),r2
-	movzwl	26(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-872(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-876(fp)
-	mull2	r0,r4
-	addl3	-872(fp),-876(fp),r0
-	bicl3	#0,r0,-872(fp)
-	cmpl	-872(fp),-876(fp)
-	bgequ	noname.281
-	addl2	#65536,r4
-noname.281:
-	movzwl	-870(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-872(fp),r0
-	ashl	#16,r0,-876(fp)
-	addl2	-876(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-876(fp)
-	bgequ	noname.282
-	incl	r4
-noname.282:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.283
-	incl	r2
-noname.283:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.284
-	incl	r10
-noname.284:
-
-	bicl3	#-65536,20(r6),r3
-	movzwl	22(r6),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,28(r7),r2
-	movzwl	30(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-880(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-884(fp)
-	mull2	r0,r4
-	addl3	-880(fp),-884(fp),r0
-	bicl3	#0,r0,-880(fp)
-	cmpl	-880(fp),-884(fp)
-	bgequ	noname.285
-	addl2	#65536,r4
-noname.285:
-	movzwl	-878(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-880(fp),r0
-	ashl	#16,r0,-884(fp)
-	addl2	-884(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-884(fp)
-	bgequ	noname.286
-	incl	r4
-noname.286:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.287
-	incl	r2
-noname.287:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.288
-	incl	r10
-noname.288:
-
-	movl	r9,48(r11)
-
-	clrl	r9
-
-	bicl3	#-65536,24(r6),r3
-	movzwl	26(r6),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,28(r7),r2
-	movzwl	30(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-888(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-892(fp)
-	mull2	r0,r4
-	addl3	-888(fp),-892(fp),r0
-	bicl3	#0,r0,-888(fp)
-	cmpl	-888(fp),-892(fp)
-	bgequ	noname.289
-	addl2	#65536,r4
-noname.289:
-	movzwl	-886(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-888(fp),r0
-	ashl	#16,r0,-892(fp)
-	addl2	-892(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-892(fp)
-	bgequ	noname.290
-	incl	r4
-noname.290:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.291
-	incl	r2
-noname.291:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.292
-	incl	r9
-noname.292:
-
-	movzwl	30(r6),r2
-	bicl3	#-65536,24(r7),r3
-	movzwl	26(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,28(r6),-904(fp)
-	bicl3	#-65536,r2,-908(fp)
-	mull3	r0,-904(fp),-896(fp)
-	mull2	r3,-904(fp)
-	mull3	r3,-908(fp),-900(fp)
-	mull2	r0,-908(fp)
-	addl3	-896(fp),-900(fp),r0
-	bicl3	#0,r0,-896(fp)
-	cmpl	-896(fp),-900(fp)
-	bgequ	noname.293
-	addl2	#65536,-908(fp)
-noname.293:
-	movzwl	-894(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-908(fp)
-	bicl3	#-65536,-896(fp),r0
-	ashl	#16,r0,-900(fp)
-	addl3	-900(fp),-904(fp),r0
-	bicl3	#0,r0,-904(fp)
-	cmpl	-904(fp),-900(fp)
-	bgequ	noname.294
-	incl	-908(fp)
-noname.294:
-	movl	-904(fp),r1
-	movl	-908(fp),r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.295
-	incl	r2
-noname.295:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.296
-	incl	r9
-noname.296:
-
-	movl	r8,52(r11)
-
-	clrl	r8
-
-	movzwl	30(r6),r2
-	bicl3	#-65536,28(r7),r3
-	movzwl	30(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,28(r6),-920(fp)
-	bicl3	#-65536,r2,-924(fp)
-	mull3	r0,-920(fp),-912(fp)
-	mull2	r3,-920(fp)
-	mull3	r3,-924(fp),-916(fp)
-	mull2	r0,-924(fp)
-	addl3	-912(fp),-916(fp),r0
-	bicl3	#0,r0,-912(fp)
-	cmpl	-912(fp),-916(fp)
-	bgequ	noname.297
-	addl2	#65536,-924(fp)
-noname.297:
-	movzwl	-910(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-924(fp)
-	bicl3	#-65536,-912(fp),r0
-	ashl	#16,r0,-916(fp)
-	addl3	-916(fp),-920(fp),r0
-	bicl3	#0,r0,-920(fp)
-	cmpl	-920(fp),-916(fp)
-	bgequ	noname.298
-	incl	-924(fp)
-noname.298:
-	movl	-920(fp),r1
-	movl	-924(fp),r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.299
-	incl	r2
-noname.299:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.300
-	incl	r8
-noname.300:
-
-	movl	r10,56(r11)
-
-	movl	r9,60(r11)
-
-	ret	
-
-
-
-;r=4 ;(AP)
-;a=8 ;(AP)
-;b=12 ;(AP)
-;n=16 ;(AP)	n	by value (input)
-
-	.psect	code,nowrt
-
-.entry	BN_MUL_COMBA4,^m<r2,r3,r4,r5,r6,r7,r8,r9,r10,r11>
-	movab	-156(sp),sp
-
-	clrq	r9
-
-	clrl	r8
-
-	movl	8(ap),r6
-	bicl3	#-65536,(r6),r3
-	movzwl	2(r6),r2
-	bicl2	#-65536,r2
-	movl	12(ap),r7
-	bicl3	#-65536,(r7),r1
-	movzwl	2(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r2,r4
-	mull3	r0,r5,-4(fp)
-	mull2	r1,r5
-	mull3	r1,r4,-8(fp)
-	mull2	r0,r4
-	addl3	-4(fp),-8(fp),r0
-	bicl3	#0,r0,-4(fp)
-	cmpl	-4(fp),-8(fp)
-	bgequ	noname.303
-	addl2	#65536,r4
-noname.303:
-	movzwl	-2(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-4(fp),r0
-	ashl	#16,r0,-8(fp)
-	addl2	-8(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-8(fp)
-	bgequ	noname.304
-	incl	r4
-noname.304:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.305
-	incl	r2
-noname.305:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.306
-	incl	r8
-noname.306:
-
-	movl	4(ap),r11
-	movl	r10,(r11)
-
-	clrl	r10
-
-	bicl3	#-65536,(r6),r3
-	movzwl	2(r6),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,4(r7),r2
-	movzwl	6(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-12(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-16(fp)
-	mull2	r0,r4
-	addl3	-12(fp),-16(fp),r0
-	bicl3	#0,r0,-12(fp)
-	cmpl	-12(fp),-16(fp)
-	bgequ	noname.307
-	addl2	#65536,r4
-noname.307:
-	movzwl	-10(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-12(fp),r0
-	ashl	#16,r0,-16(fp)
-	addl2	-16(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-16(fp)
-	bgequ	noname.308
-	incl	r4
-noname.308:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.309
-	incl	r2
-noname.309:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.310
-	incl	r10
-noname.310:
-
-	bicl3	#-65536,4(r6),r3
-	movzwl	6(r6),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,(r7),r2
-	movzwl	2(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-20(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-24(fp)
-	mull2	r0,r4
-	addl3	-20(fp),-24(fp),r0
-	bicl3	#0,r0,-20(fp)
-	cmpl	-20(fp),-24(fp)
-	bgequ	noname.311
-	addl2	#65536,r4
-noname.311:
-	movzwl	-18(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-20(fp),r0
-	ashl	#16,r0,-24(fp)
-	addl2	-24(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-24(fp)
-	bgequ	noname.312
-	incl	r4
-noname.312:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.313
-	incl	r2
-noname.313:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.314
-	incl	r10
-noname.314:
-
-	movl	r9,4(r11)
-
-	clrl	r9
-
-	bicl3	#-65536,8(r6),r3
-	movzwl	10(r6),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,(r7),r2
-	movzwl	2(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-28(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-32(fp)
-	mull2	r0,r4
-	addl3	-28(fp),-32(fp),r0
-	bicl3	#0,r0,-28(fp)
-	cmpl	-28(fp),-32(fp)
-	bgequ	noname.315
-	addl2	#65536,r4
-noname.315:
-	movzwl	-26(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-28(fp),r0
-	ashl	#16,r0,-32(fp)
-	addl2	-32(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-32(fp)
-	bgequ	noname.316
-	incl	r4
-noname.316:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.317
-	incl	r2
-noname.317:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.318
-	incl	r9
-noname.318:
-
-	bicl3	#-65536,4(r6),r3
-	movzwl	6(r6),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,4(r7),r2
-	movzwl	6(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-36(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-40(fp)
-	mull2	r0,r4
-	addl3	-36(fp),-40(fp),r0
-	bicl3	#0,r0,-36(fp)
-	cmpl	-36(fp),-40(fp)
-	bgequ	noname.319
-	addl2	#65536,r4
-noname.319:
-	movzwl	-34(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-36(fp),r0
-	ashl	#16,r0,-40(fp)
-	addl2	-40(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-40(fp)
-	bgequ	noname.320
-	incl	r4
-noname.320:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.321
-	incl	r2
-noname.321:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.322
-	incl	r9
-noname.322:
-
-	bicl3	#-65536,(r6),r3
-	movzwl	2(r6),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,8(r7),r2
-	movzwl	10(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-44(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-48(fp)
-	mull2	r0,r4
-	addl3	-44(fp),-48(fp),r0
-	bicl3	#0,r0,-44(fp)
-	cmpl	-44(fp),-48(fp)
-	bgequ	noname.323
-	addl2	#65536,r4
-noname.323:
-	movzwl	-42(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-44(fp),r0
-	ashl	#16,r0,-48(fp)
-	addl2	-48(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-48(fp)
-	bgequ	noname.324
-	incl	r4
-noname.324:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.325
-	incl	r2
-noname.325:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.326
-	incl	r9
-noname.326:
-
-	movl	r8,8(r11)
-
-	clrl	r8
-
-	bicl3	#-65536,(r6),r3
-	movzwl	2(r6),r2
-	bicl3	#-65536,12(r7),r1
-	movzwl	14(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r4
-	bicl3	#-65536,r2,-60(fp)
-	mull3	r0,r4,-52(fp)
-	mull2	r1,r4
-	mull3	r1,-60(fp),-56(fp)
-	mull2	r0,-60(fp)
-	addl3	-52(fp),-56(fp),r0
-	bicl3	#0,r0,-52(fp)
-	cmpl	-52(fp),-56(fp)
-	bgequ	noname.327
-	addl2	#65536,-60(fp)
-noname.327:
-	movzwl	-50(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-60(fp)
-	bicl3	#-65536,-52(fp),r0
-	ashl	#16,r0,-56(fp)
-	addl2	-56(fp),r4
-	bicl2	#0,r4
-	cmpl	r4,-56(fp)
-	bgequ	noname.328
-	incl	-60(fp)
-noname.328:
-	movl	r4,r1
-	movl	-60(fp),r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.329
-	incl	r2
-noname.329:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.330
-	incl	r8
-noname.330:
-
-	movzwl	6(r6),r2
-	bicl3	#-65536,8(r7),r3
-	movzwl	10(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,4(r6),-72(fp)
-	bicl3	#-65536,r2,-76(fp)
-	mull3	r0,-72(fp),-64(fp)
-	mull2	r3,-72(fp)
-	mull3	r3,-76(fp),-68(fp)
-	mull2	r0,-76(fp)
-	addl3	-64(fp),-68(fp),r0
-	bicl3	#0,r0,-64(fp)
-	cmpl	-64(fp),-68(fp)
-	bgequ	noname.331
-	addl2	#65536,-76(fp)
-noname.331:
-	movzwl	-62(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-76(fp)
-	bicl3	#-65536,-64(fp),r0
-	ashl	#16,r0,-68(fp)
-	addl3	-68(fp),-72(fp),r0
-	bicl3	#0,r0,-72(fp)
-	cmpl	-72(fp),-68(fp)
-	bgequ	noname.332
-	incl	-76(fp)
-noname.332:
-	movl	-72(fp),r1
-	movl	-76(fp),r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.333
-	incl	r2
-noname.333:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.334
-	incl	r8
-noname.334:
-
-	bicl3	#-65536,8(r6),r3
-	movzwl	10(r6),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,4(r7),r2
-	movzwl	6(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-80(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-84(fp)
-	mull2	r0,r4
-	addl3	-80(fp),-84(fp),r0
-	bicl3	#0,r0,-80(fp)
-	cmpl	-80(fp),-84(fp)
-	bgequ	noname.335
-	addl2	#65536,r4
-noname.335:
-	movzwl	-78(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-80(fp),r0
-	ashl	#16,r0,-84(fp)
-	addl2	-84(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-84(fp)
-	bgequ	noname.336
-	incl	r4
-noname.336:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.337
-	incl	r2
-noname.337:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.338
-	incl	r8
-noname.338:
-
-	bicl3	#-65536,12(r6),r3
-	movzwl	14(r6),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,(r7),r2
-	movzwl	2(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-88(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-92(fp)
-	mull2	r0,r4
-	addl3	-88(fp),-92(fp),r0
-	bicl3	#0,r0,-88(fp)
-	cmpl	-88(fp),-92(fp)
-	bgequ	noname.339
-	addl2	#65536,r4
-noname.339:
-	movzwl	-86(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-88(fp),r0
-	ashl	#16,r0,-92(fp)
-	addl2	-92(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-92(fp)
-	bgequ	noname.340
-	incl	r4
-noname.340:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.341
-	incl	r2
-noname.341:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.342
-	incl	r8
-noname.342:
-
-	movl	r10,12(r11)
-
-	clrl	r10
-
-	bicl3	#-65536,12(r6),r3
-	movzwl	14(r6),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,4(r7),r2
-	movzwl	6(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-96(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-100(fp)
-	mull2	r0,r4
-	addl3	-96(fp),-100(fp),r0
-	bicl3	#0,r0,-96(fp)
-	cmpl	-96(fp),-100(fp)
-	bgequ	noname.343
-	addl2	#65536,r4
-noname.343:
-	movzwl	-94(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-96(fp),r0
-	ashl	#16,r0,-100(fp)
-	addl2	-100(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-100(fp)
-	bgequ	noname.344
-	incl	r4
-noname.344:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.345
-	incl	r2
-noname.345:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.346
-	incl	r10
-noname.346:
-
-	bicl3	#-65536,8(r6),r3
-	movzwl	10(r6),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,8(r7),r2
-	movzwl	10(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-104(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-108(fp)
-	mull2	r0,r4
-	addl3	-104(fp),-108(fp),r0
-	bicl3	#0,r0,-104(fp)
-	cmpl	-104(fp),-108(fp)
-	bgequ	noname.347
-	addl2	#65536,r4
-noname.347:
-	movzwl	-102(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-104(fp),r0
-	ashl	#16,r0,-108(fp)
-	addl2	-108(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-108(fp)
-	bgequ	noname.348
-	incl	r4
-noname.348:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.349
-	incl	r2
-noname.349:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.350
-	incl	r10
-noname.350:
-
-	bicl3	#-65536,4(r6),r3
-	movzwl	6(r6),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,12(r7),r2
-	movzwl	14(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-112(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-116(fp)
-	mull2	r0,r4
-	addl3	-112(fp),-116(fp),r0
-	bicl3	#0,r0,-112(fp)
-	cmpl	-112(fp),-116(fp)
-	bgequ	noname.351
-	addl2	#65536,r4
-noname.351:
-	movzwl	-110(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-112(fp),r0
-	ashl	#16,r0,-116(fp)
-	addl2	-116(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-116(fp)
-	bgequ	noname.352
-	incl	r4
-noname.352:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.353
-	incl	r2
-noname.353:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.354
-	incl	r10
-noname.354:
-
-	movl	r9,16(r11)
-
-	clrl	r9
-
-	bicl3	#-65536,8(r6),r3
-	movzwl	10(r6),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,12(r7),r2
-	movzwl	14(r7),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-120(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-124(fp)
-	mull2	r0,r4
-	addl3	-120(fp),-124(fp),r0
-	bicl3	#0,r0,-120(fp)
-	cmpl	-120(fp),-124(fp)
-	bgequ	noname.355
-	addl2	#65536,r4
-noname.355:
-	movzwl	-118(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-120(fp),r0
-	ashl	#16,r0,-124(fp)
-	addl2	-124(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-124(fp)
-	bgequ	noname.356
-	incl	r4
-noname.356:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.357
-	incl	r2
-noname.357:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.358
-	incl	r9
-noname.358:
-
-	movzwl	14(r6),r2
-	bicl3	#-65536,8(r7),r3
-	movzwl	10(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,12(r6),-136(fp)
-	bicl3	#-65536,r2,-140(fp)
-	mull3	r0,-136(fp),-128(fp)
-	mull2	r3,-136(fp)
-	mull3	r3,-140(fp),-132(fp)
-	mull2	r0,-140(fp)
-	addl3	-128(fp),-132(fp),r0
-	bicl3	#0,r0,-128(fp)
-	cmpl	-128(fp),-132(fp)
-	bgequ	noname.359
-	addl2	#65536,-140(fp)
-noname.359:
-	movzwl	-126(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-140(fp)
-	bicl3	#-65536,-128(fp),r0
-	ashl	#16,r0,-132(fp)
-	addl3	-132(fp),-136(fp),r0
-	bicl3	#0,r0,-136(fp)
-	cmpl	-136(fp),-132(fp)
-	bgequ	noname.360
-	incl	-140(fp)
-noname.360:
-	movl	-136(fp),r1
-	movl	-140(fp),r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.361
-	incl	r2
-noname.361:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.362
-	incl	r9
-noname.362:
-
-	movl	r8,20(r11)
-
-	clrl	r8
-
-	movzwl	14(r6),r2
-	bicl3	#-65536,12(r7),r3
-	movzwl	14(r7),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,12(r6),-152(fp)
-	bicl3	#-65536,r2,-156(fp)
-	mull3	r0,-152(fp),-144(fp)
-	mull2	r3,-152(fp)
-	mull3	r3,-156(fp),-148(fp)
-	mull2	r0,-156(fp)
-	addl3	-144(fp),-148(fp),r0
-	bicl3	#0,r0,-144(fp)
-	cmpl	-144(fp),-148(fp)
-	bgequ	noname.363
-	addl2	#65536,-156(fp)
-noname.363:
-	movzwl	-142(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-156(fp)
-	bicl3	#-65536,-144(fp),r0
-	ashl	#16,r0,-148(fp)
-	addl3	-148(fp),-152(fp),r0
-	bicl3	#0,r0,-152(fp)
-	cmpl	-152(fp),-148(fp)
-	bgequ	noname.364
-	incl	-156(fp)
-noname.364:
-	movl	-152(fp),r1
-	movl	-156(fp),r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.365
-	incl	r2
-noname.365:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.366
-	incl	r8
-noname.366:
-
-	movl	r10,24(r11)
-
-	movl	r9,28(r11)
-
-	ret	
-
-
-
-;r=4 ;(AP)
-;a=8 ;(AP)
-;b=12 ;(AP)
-;n=16 ;(AP)	n	by value (input)
-
-	.psect	code,nowrt
-
-.entry	BN_SQR_COMBA8,^m<r2,r3,r4,r5,r6,r7,r8,r9>
-	movab	-444(sp),sp
-
-	clrq	r8
-
-	clrl	r7
-
-	movl	8(ap),r4
-	movl	(r4),r3
-	bicl3	#-65536,r3,-4(fp)
-	extzv	#16,#16,r3,r0
-	bicl3	#-65536,r0,r3
-	movl	-4(fp),r0
-	mull3	r0,r3,-8(fp)
-	mull3	r0,r0,-4(fp)
-	mull2	r3,r3
-	bicl3	#32767,-8(fp),r0
-	extzv	#15,#17,r0,r0
-	addl2	r0,r3
-	bicl3	#-65536,-8(fp),r0
-	ashl	#17,r0,-8(fp)
-	addl3	-4(fp),-8(fp),r0
-	bicl3	#0,r0,-4(fp)
-	cmpl	-4(fp),-8(fp)
-	bgequ	noname.369
-	incl	r3
-noname.369:
-	movl	-4(fp),r1
-	movl	r3,r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.370
-	incl	r2
-noname.370:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.371
-	incl	r7
-noname.371:
-
-	movl	r9,@4(ap)
-
-	clrl	r9
-
-	movzwl	6(r4),r2
-	bicl3	#-65536,(r4),r3
-	movzwl	2(r4),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,4(r4),-20(fp)
-	bicl3	#-65536,r2,-24(fp)
-	mull3	r0,-20(fp),-12(fp)
-	mull2	r3,-20(fp)
-	mull3	r3,-24(fp),-16(fp)
-	mull2	r0,-24(fp)
-	addl3	-12(fp),-16(fp),r0
-	bicl3	#0,r0,-12(fp)
-	cmpl	-12(fp),-16(fp)
-	bgequ	noname.372
-	addl2	#65536,-24(fp)
-noname.372:
-	movzwl	-10(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-24(fp)
-	bicl3	#-65536,-12(fp),r0
-	ashl	#16,r0,-16(fp)
-	addl3	-16(fp),-20(fp),r0
-	bicl3	#0,r0,-20(fp)
-	cmpl	-20(fp),-16(fp)
-	bgequ	noname.373
-	incl	-24(fp)
-noname.373:
-	movl	-20(fp),r3
-	movl	-24(fp),r2
-	bbc	#31,r2,noname.374
-	incl	r9
-noname.374:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.375
-	incl	r2
-noname.375:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r8
-	bicl2	#0,r8
-	cmpl	r8,r3
-	bgequ	noname.376
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.376
-	incl	r9
-noname.376:
-	addl2	r2,r7
-	bicl2	#0,r7
-	cmpl	r7,r2
-	bgequ	noname.377
-	incl	r9
-noname.377:
-
-	movl	4(ap),r0
-	movl	r8,4(r0)
-
-	clrl	r8
-
-	movl	8(ap),r4
-	movl	4(r4),r3
-	bicl3	#-65536,r3,-28(fp)
-	extzv	#16,#16,r3,r0
-	bicl3	#-65536,r0,r3
-	movl	-28(fp),r0
-	mull3	r0,r3,-32(fp)
-	mull3	r0,r0,-28(fp)
-	mull2	r3,r3
-	bicl3	#32767,-32(fp),r0
-	extzv	#15,#17,r0,r0
-	addl2	r0,r3
-	bicl3	#-65536,-32(fp),r0
-	ashl	#17,r0,-32(fp)
-	addl3	-28(fp),-32(fp),r0
-	bicl3	#0,r0,-28(fp)
-	cmpl	-28(fp),-32(fp)
-	bgequ	noname.378
-	incl	r3
-noname.378:
-	movl	-28(fp),r1
-	movl	r3,r2
-	addl2	r1,r7
-	bicl2	#0,r7
-	cmpl	r7,r1
-	bgequ	noname.379
-	incl	r2
-noname.379:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.380
-	incl	r8
-noname.380:
-
-	movzwl	10(r4),r2
-	bicl3	#-65536,(r4),r3
-	movzwl	2(r4),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,8(r4),-44(fp)
-	bicl3	#-65536,r2,-48(fp)
-	mull3	r0,-44(fp),-36(fp)
-	mull2	r3,-44(fp)
-	mull3	r3,-48(fp),-40(fp)
-	mull2	r0,-48(fp)
-	addl3	-36(fp),-40(fp),r0
-	bicl3	#0,r0,-36(fp)
-	cmpl	-36(fp),-40(fp)
-	bgequ	noname.381
-	addl2	#65536,-48(fp)
-noname.381:
-	movzwl	-34(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-48(fp)
-	bicl3	#-65536,-36(fp),r0
-	ashl	#16,r0,-40(fp)
-	addl3	-40(fp),-44(fp),r0
-	bicl3	#0,r0,-44(fp)
-	cmpl	-44(fp),-40(fp)
-	bgequ	noname.382
-	incl	-48(fp)
-noname.382:
-	movl	-44(fp),r3
-	movl	-48(fp),r2
-	bbc	#31,r2,noname.383
-	incl	r8
-noname.383:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.384
-	incl	r2
-noname.384:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r7
-	bicl2	#0,r7
-	cmpl	r7,r3
-	bgequ	noname.385
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.385
-	incl	r8
-noname.385:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.386
-	incl	r8
-noname.386:
-
-	movl	4(ap),r0
-	movl	r7,8(r0)
-
-	clrl	r7
-
-	movl	8(ap),r0
-	movzwl	14(r0),r2
-	bicl3	#-65536,(r0),r3
-	movzwl	2(r0),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,12(r0),-60(fp)
-	bicl3	#-65536,r2,-64(fp)
-	mull3	r1,-60(fp),-52(fp)
-	mull2	r3,-60(fp)
-	mull3	r3,-64(fp),-56(fp)
-	mull2	r1,-64(fp)
-	addl3	-52(fp),-56(fp),r0
-	bicl3	#0,r0,-52(fp)
-	cmpl	-52(fp),-56(fp)
-	bgequ	noname.387
-	addl2	#65536,-64(fp)
-noname.387:
-	movzwl	-50(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-64(fp)
-	bicl3	#-65536,-52(fp),r0
-	ashl	#16,r0,-56(fp)
-	addl3	-56(fp),-60(fp),r0
-	bicl3	#0,r0,-60(fp)
-	cmpl	-60(fp),-56(fp)
-	bgequ	noname.388
-	incl	-64(fp)
-noname.388:
-	movl	-60(fp),r3
-	movl	-64(fp),r2
-	bbc	#31,r2,noname.389
-	incl	r7
-noname.389:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.390
-	incl	r2
-noname.390:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r9
-	bicl2	#0,r9
-	cmpl	r9,r3
-	bgequ	noname.391
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.391
-	incl	r7
-noname.391:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.392
-	incl	r7
-noname.392:
-
-	movl	8(ap),r0
-	movzwl	10(r0),r2
-	bicl3	#-65536,4(r0),r3
-	movzwl	6(r0),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,8(r0),-76(fp)
-	bicl3	#-65536,r2,-80(fp)
-	mull3	r1,-76(fp),-68(fp)
-	mull2	r3,-76(fp)
-	mull3	r3,-80(fp),-72(fp)
-	mull2	r1,-80(fp)
-	addl3	-68(fp),-72(fp),r0
-	bicl3	#0,r0,-68(fp)
-	cmpl	-68(fp),-72(fp)
-	bgequ	noname.393
-	addl2	#65536,-80(fp)
-noname.393:
-	movzwl	-66(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-80(fp)
-	bicl3	#-65536,-68(fp),r0
-	ashl	#16,r0,-72(fp)
-	addl3	-72(fp),-76(fp),r0
-	bicl3	#0,r0,-76(fp)
-	cmpl	-76(fp),-72(fp)
-	bgequ	noname.394
-	incl	-80(fp)
-noname.394:
-	movl	-76(fp),r3
-	movl	-80(fp),r2
-	bbc	#31,r2,noname.395
-	incl	r7
-noname.395:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.396
-	incl	r2
-noname.396:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r9
-	bicl2	#0,r9
-	cmpl	r9,r3
-	bgequ	noname.397
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.397
-	incl	r7
-noname.397:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.398
-	incl	r7
-noname.398:
-
-	movl	4(ap),r0
-	movl	r9,12(r0)
-
-	clrl	r9
-
-	movl	8(ap),r2
-	movl	8(r2),r4
-	bicl3	#-65536,r4,-84(fp)
-	extzv	#16,#16,r4,r0
-	bicl3	#-65536,r0,r4
-	movl	-84(fp),r0
-	mull3	r0,r4,-88(fp)
-	mull3	r0,r0,-84(fp)
-	mull2	r4,r4
-	bicl3	#32767,-88(fp),r0
-	extzv	#15,#17,r0,r0
-	addl2	r0,r4
-	bicl3	#-65536,-88(fp),r0
-	ashl	#17,r0,-88(fp)
-	addl3	-84(fp),-88(fp),r0
-	bicl3	#0,r0,-84(fp)
-	cmpl	-84(fp),-88(fp)
-	bgequ	noname.399
-	incl	r4
-noname.399:
-	movl	-84(fp),r1
-	movl	r4,r3
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.400
-	incl	r3
-noname.400:
-	addl2	r3,r7
-	bicl2	#0,r7
-	cmpl	r7,r3
-	bgequ	noname.401
-	incl	r9
-noname.401:
-
-	movzwl	14(r2),r3
-	bicl3	#-65536,4(r2),r1
-	movzwl	6(r2),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,12(r2),-100(fp)
-	bicl3	#-65536,r3,-104(fp)
-	mull3	r0,-100(fp),-92(fp)
-	mull2	r1,-100(fp)
-	mull3	r1,-104(fp),-96(fp)
-	mull2	r0,-104(fp)
-	addl3	-92(fp),-96(fp),r0
-	bicl3	#0,r0,-92(fp)
-	cmpl	-92(fp),-96(fp)
-	bgequ	noname.402
-	addl2	#65536,-104(fp)
-noname.402:
-	movzwl	-90(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-104(fp)
-	bicl3	#-65536,-92(fp),r0
-	ashl	#16,r0,-96(fp)
-	addl3	-96(fp),-100(fp),r0
-	bicl3	#0,r0,-100(fp)
-	cmpl	-100(fp),-96(fp)
-	bgequ	noname.403
-	incl	-104(fp)
-noname.403:
-	movl	-100(fp),r3
-	movl	-104(fp),r2
-	bbc	#31,r2,noname.404
-	incl	r9
-noname.404:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.405
-	incl	r2
-noname.405:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r8
-	bicl2	#0,r8
-	cmpl	r8,r3
-	bgequ	noname.406
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.406
-	incl	r9
-noname.406:
-	addl2	r2,r7
-	bicl2	#0,r7
-	cmpl	r7,r2
-	bgequ	noname.407
-	incl	r9
-noname.407:
-
-	movl	8(ap),r0
-	movzwl	18(r0),r2
-	bicl3	#-65536,(r0),r3
-	movzwl	2(r0),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,16(r0),-116(fp)
-	bicl3	#-65536,r2,-120(fp)
-	mull3	r1,-116(fp),-108(fp)
-	mull2	r3,-116(fp)
-	mull3	r3,-120(fp),-112(fp)
-	mull2	r1,-120(fp)
-	addl3	-108(fp),-112(fp),r0
-	bicl3	#0,r0,-108(fp)
-	cmpl	-108(fp),-112(fp)
-	bgequ	noname.408
-	addl2	#65536,-120(fp)
-noname.408:
-	movzwl	-106(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-120(fp)
-	bicl3	#-65536,-108(fp),r0
-	ashl	#16,r0,-112(fp)
-	addl3	-112(fp),-116(fp),r0
-	bicl3	#0,r0,-116(fp)
-	cmpl	-116(fp),-112(fp)
-	bgequ	noname.409
-	incl	-120(fp)
-noname.409:
-	movl	-116(fp),r3
-	movl	-120(fp),r2
-	bbc	#31,r2,noname.410
-	incl	r9
-noname.410:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.411
-	incl	r2
-noname.411:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r8
-	bicl2	#0,r8
-	cmpl	r8,r3
-	bgequ	noname.412
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.412
-	incl	r9
-noname.412:
-	addl2	r2,r7
-	bicl2	#0,r7
-	cmpl	r7,r2
-	bgequ	noname.413
-	incl	r9
-noname.413:
-
-	movl	4(ap),r0
-	movl	r8,16(r0)
-
-	clrl	r8
-
-	movl	8(ap),r0
-	movzwl	22(r0),r2
-	bicl3	#-65536,(r0),r3
-	movzwl	2(r0),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,20(r0),-132(fp)
-	bicl3	#-65536,r2,-136(fp)
-	mull3	r1,-132(fp),-124(fp)
-	mull2	r3,-132(fp)
-	mull3	r3,-136(fp),-128(fp)
-	mull2	r1,-136(fp)
-	addl3	-124(fp),-128(fp),r0
-	bicl3	#0,r0,-124(fp)
-	cmpl	-124(fp),-128(fp)
-	bgequ	noname.414
-	addl2	#65536,-136(fp)
-noname.414:
-	movzwl	-122(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-136(fp)
-	bicl3	#-65536,-124(fp),r0
-	ashl	#16,r0,-128(fp)
-	addl3	-128(fp),-132(fp),r0
-	bicl3	#0,r0,-132(fp)
-	cmpl	-132(fp),-128(fp)
-	bgequ	noname.415
-	incl	-136(fp)
-noname.415:
-	movl	-132(fp),r3
-	movl	-136(fp),r2
-	bbc	#31,r2,noname.416
-	incl	r8
-noname.416:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.417
-	incl	r2
-noname.417:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r7
-	bicl2	#0,r7
-	cmpl	r7,r3
-	bgequ	noname.418
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.418
-	incl	r8
-noname.418:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.419
-	incl	r8
-noname.419:
-
-	movl	8(ap),r0
-	movzwl	18(r0),r2
-	bicl3	#-65536,4(r0),r3
-	movzwl	6(r0),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,16(r0),-148(fp)
-	bicl3	#-65536,r2,-152(fp)
-	mull3	r1,-148(fp),-140(fp)
-	mull2	r3,-148(fp)
-	mull3	r3,-152(fp),-144(fp)
-	mull2	r1,-152(fp)
-	addl3	-140(fp),-144(fp),r0
-	bicl3	#0,r0,-140(fp)
-	cmpl	-140(fp),-144(fp)
-	bgequ	noname.420
-	addl2	#65536,-152(fp)
-noname.420:
-	movzwl	-138(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-152(fp)
-	bicl3	#-65536,-140(fp),r0
-	ashl	#16,r0,-144(fp)
-	addl3	-144(fp),-148(fp),r0
-	bicl3	#0,r0,-148(fp)
-	cmpl	-148(fp),-144(fp)
-	bgequ	noname.421
-	incl	-152(fp)
-noname.421:
-	movl	-148(fp),r3
-	movl	-152(fp),r2
-	bbc	#31,r2,noname.422
-	incl	r8
-noname.422:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.423
-	incl	r2
-noname.423:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r7
-	bicl2	#0,r7
-	cmpl	r7,r3
-	bgequ	noname.424
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.424
-	incl	r8
-noname.424:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.425
-	incl	r8
-noname.425:
-
-	movl	8(ap),r0
-	movzwl	14(r0),r2
-	bicl3	#-65536,8(r0),r3
-	movzwl	10(r0),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,12(r0),-164(fp)
-	bicl3	#-65536,r2,-168(fp)
-	mull3	r1,-164(fp),-156(fp)
-	mull2	r3,-164(fp)
-	mull3	r3,-168(fp),-160(fp)
-	mull2	r1,-168(fp)
-	addl3	-156(fp),-160(fp),r0
-	bicl3	#0,r0,-156(fp)
-	cmpl	-156(fp),-160(fp)
-	bgequ	noname.426
-	addl2	#65536,-168(fp)
-noname.426:
-	movzwl	-154(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-168(fp)
-	bicl3	#-65536,-156(fp),r0
-	ashl	#16,r0,-160(fp)
-	addl3	-160(fp),-164(fp),r0
-	bicl3	#0,r0,-164(fp)
-	cmpl	-164(fp),-160(fp)
-	bgequ	noname.427
-	incl	-168(fp)
-noname.427:
-	movl	-164(fp),r3
-	movl	-168(fp),r2
-	bbc	#31,r2,noname.428
-	incl	r8
-noname.428:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.429
-	incl	r2
-noname.429:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r7
-	bicl2	#0,r7
-	cmpl	r7,r3
-	bgequ	noname.430
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.430
-	incl	r8
-noname.430:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.431
-	incl	r8
-noname.431:
-
-	movl	4(ap),r0
-	movl	r7,20(r0)
-
-	clrl	r7
-
-	movl	8(ap),r2
-	movl	12(r2),r4
-	bicl3	#-65536,r4,-172(fp)
-	extzv	#16,#16,r4,r0
-	bicl3	#-65536,r0,r4
-	movl	-172(fp),r0
-	mull3	r0,r4,-176(fp)
-	mull3	r0,r0,-172(fp)
-	mull2	r4,r4
-	bicl3	#32767,-176(fp),r0
-	extzv	#15,#17,r0,r0
-	addl2	r0,r4
-	bicl3	#-65536,-176(fp),r0
-	ashl	#17,r0,-176(fp)
-	addl3	-172(fp),-176(fp),r0
-	bicl3	#0,r0,-172(fp)
-	cmpl	-172(fp),-176(fp)
-	bgequ	noname.432
-	incl	r4
-noname.432:
-	movl	-172(fp),r1
-	movl	r4,r3
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.433
-	incl	r3
-noname.433:
-	addl2	r3,r8
-	bicl2	#0,r8
-	cmpl	r8,r3
-	bgequ	noname.434
-	incl	r7
-noname.434:
-
-	movzwl	18(r2),r3
-	bicl3	#-65536,8(r2),r1
-	movzwl	10(r2),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,16(r2),-188(fp)
-	bicl3	#-65536,r3,-192(fp)
-	mull3	r0,-188(fp),-180(fp)
-	mull2	r1,-188(fp)
-	mull3	r1,-192(fp),-184(fp)
-	mull2	r0,-192(fp)
-	addl3	-180(fp),-184(fp),r0
-	bicl3	#0,r0,-180(fp)
-	cmpl	-180(fp),-184(fp)
-	bgequ	noname.435
-	addl2	#65536,-192(fp)
-noname.435:
-	movzwl	-178(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-192(fp)
-	bicl3	#-65536,-180(fp),r0
-	ashl	#16,r0,-184(fp)
-	addl3	-184(fp),-188(fp),r0
-	bicl3	#0,r0,-188(fp)
-	cmpl	-188(fp),-184(fp)
-	bgequ	noname.436
-	incl	-192(fp)
-noname.436:
-	movl	-188(fp),r3
-	movl	-192(fp),r2
-	bbc	#31,r2,noname.437
-	incl	r7
-noname.437:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.438
-	incl	r2
-noname.438:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r9
-	bicl2	#0,r9
-	cmpl	r9,r3
-	bgequ	noname.439
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.439
-	incl	r7
-noname.439:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.440
-	incl	r7
-noname.440:
-
-	movl	8(ap),r0
-	movzwl	22(r0),r2
-	bicl3	#-65536,4(r0),r3
-	movzwl	6(r0),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,20(r0),-204(fp)
-	bicl3	#-65536,r2,-208(fp)
-	mull3	r1,-204(fp),-196(fp)
-	mull2	r3,-204(fp)
-	mull3	r3,-208(fp),-200(fp)
-	mull2	r1,-208(fp)
-	addl3	-196(fp),-200(fp),r0
-	bicl3	#0,r0,-196(fp)
-	cmpl	-196(fp),-200(fp)
-	bgequ	noname.441
-	addl2	#65536,-208(fp)
-noname.441:
-	movzwl	-194(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-208(fp)
-	bicl3	#-65536,-196(fp),r0
-	ashl	#16,r0,-200(fp)
-	addl3	-200(fp),-204(fp),r0
-	bicl3	#0,r0,-204(fp)
-	cmpl	-204(fp),-200(fp)
-	bgequ	noname.442
-	incl	-208(fp)
-noname.442:
-	movl	-204(fp),r3
-	movl	-208(fp),r2
-	bbc	#31,r2,noname.443
-	incl	r7
-noname.443:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.444
-	incl	r2
-noname.444:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r9
-	bicl2	#0,r9
-	cmpl	r9,r3
-	bgequ	noname.445
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.445
-	incl	r7
-noname.445:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.446
-	incl	r7
-noname.446:
-
-	movl	8(ap),r0
-	movzwl	26(r0),r2
-	bicl3	#-65536,(r0),r3
-	movzwl	2(r0),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,24(r0),-220(fp)
-	bicl3	#-65536,r2,-224(fp)
-	mull3	r1,-220(fp),-212(fp)
-	mull2	r3,-220(fp)
-	mull3	r3,-224(fp),-216(fp)
-	mull2	r1,-224(fp)
-	addl3	-212(fp),-216(fp),r0
-	bicl3	#0,r0,-212(fp)
-	cmpl	-212(fp),-216(fp)
-	bgequ	noname.447
-	addl2	#65536,-224(fp)
-noname.447:
-	movzwl	-210(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-224(fp)
-	bicl3	#-65536,-212(fp),r0
-	ashl	#16,r0,-216(fp)
-	addl3	-216(fp),-220(fp),r0
-	bicl3	#0,r0,-220(fp)
-	cmpl	-220(fp),-216(fp)
-	bgequ	noname.448
-	incl	-224(fp)
-noname.448:
-	movl	-220(fp),r3
-	movl	-224(fp),r2
-	bbc	#31,r2,noname.449
-	incl	r7
-noname.449:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.450
-	incl	r2
-noname.450:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r9
-	bicl2	#0,r9
-	cmpl	r9,r3
-	bgequ	noname.451
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.451
-	incl	r7
-noname.451:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.452
-	incl	r7
-noname.452:
-
-	movl	4(ap),r0
-	movl	r9,24(r0)
-
-	clrl	r9
-
-	movl	8(ap),r0
-	movzwl	30(r0),r2
-	bicl3	#-65536,(r0),r3
-	movzwl	2(r0),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,28(r0),-236(fp)
-	bicl3	#-65536,r2,-240(fp)
-	mull3	r1,-236(fp),-228(fp)
-	mull2	r3,-236(fp)
-	mull3	r3,-240(fp),-232(fp)
-	mull2	r1,-240(fp)
-	addl3	-228(fp),-232(fp),r0
-	bicl3	#0,r0,-228(fp)
-	cmpl	-228(fp),-232(fp)
-	bgequ	noname.453
-	addl2	#65536,-240(fp)
-noname.453:
-	movzwl	-226(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-240(fp)
-	bicl3	#-65536,-228(fp),r0
-	ashl	#16,r0,-232(fp)
-	addl3	-232(fp),-236(fp),r0
-	bicl3	#0,r0,-236(fp)
-	cmpl	-236(fp),-232(fp)
-	bgequ	noname.454
-	incl	-240(fp)
-noname.454:
-	movl	-236(fp),r3
-	movl	-240(fp),r2
-	bbc	#31,r2,noname.455
-	incl	r9
-noname.455:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.456
-	incl	r2
-noname.456:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r8
-	bicl2	#0,r8
-	cmpl	r8,r3
-	bgequ	noname.457
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.457
-	incl	r9
-noname.457:
-	addl2	r2,r7
-	bicl2	#0,r7
-	cmpl	r7,r2
-	bgequ	noname.458
-	incl	r9
-noname.458:
-
-	movl	8(ap),r0
-	movzwl	26(r0),r2
-	bicl3	#-65536,4(r0),r3
-	movzwl	6(r0),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,24(r0),-252(fp)
-	bicl3	#-65536,r2,-256(fp)
-	mull3	r1,-252(fp),-244(fp)
-	mull2	r3,-252(fp)
-	mull3	r3,-256(fp),-248(fp)
-	mull2	r1,-256(fp)
-	addl3	-244(fp),-248(fp),r0
-	bicl3	#0,r0,-244(fp)
-	cmpl	-244(fp),-248(fp)
-	bgequ	noname.459
-	addl2	#65536,-256(fp)
-noname.459:
-	movzwl	-242(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-256(fp)
-	bicl3	#-65536,-244(fp),r0
-	ashl	#16,r0,-248(fp)
-	addl3	-248(fp),-252(fp),r0
-	bicl3	#0,r0,-252(fp)
-	cmpl	-252(fp),-248(fp)
-	bgequ	noname.460
-	incl	-256(fp)
-noname.460:
-	movl	-252(fp),r3
-	movl	-256(fp),r2
-	bbc	#31,r2,noname.461
-	incl	r9
-noname.461:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.462
-	incl	r2
-noname.462:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r8
-	bicl2	#0,r8
-	cmpl	r8,r3
-	bgequ	noname.463
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.463
-	incl	r9
-noname.463:
-	addl2	r2,r7
-	bicl2	#0,r7
-	cmpl	r7,r2
-	bgequ	noname.464
-	incl	r9
-noname.464:
-
-	movl	8(ap),r0
-	movzwl	22(r0),r2
-	bicl3	#-65536,8(r0),r3
-	movzwl	10(r0),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,20(r0),-268(fp)
-	bicl3	#-65536,r2,-272(fp)
-	mull3	r1,-268(fp),-260(fp)
-	mull2	r3,-268(fp)
-	mull3	r3,-272(fp),-264(fp)
-	mull2	r1,-272(fp)
-	addl3	-260(fp),-264(fp),r0
-	bicl3	#0,r0,-260(fp)
-	cmpl	-260(fp),-264(fp)
-	bgequ	noname.465
-	addl2	#65536,-272(fp)
-noname.465:
-	movzwl	-258(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-272(fp)
-	bicl3	#-65536,-260(fp),r0
-	ashl	#16,r0,-264(fp)
-	addl3	-264(fp),-268(fp),r0
-	bicl3	#0,r0,-268(fp)
-	cmpl	-268(fp),-264(fp)
-	bgequ	noname.466
-	incl	-272(fp)
-noname.466:
-	movl	-268(fp),r3
-	movl	-272(fp),r2
-	bbc	#31,r2,noname.467
-	incl	r9
-noname.467:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.468
-	incl	r2
-noname.468:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r8
-	bicl2	#0,r8
-	cmpl	r8,r3
-	bgequ	noname.469
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.469
-	incl	r9
-noname.469:
-	addl2	r2,r7
-	bicl2	#0,r7
-	cmpl	r7,r2
-	bgequ	noname.470
-	incl	r9
-noname.470:
-
-	movl	8(ap),r0
-	movzwl	18(r0),r2
-	bicl3	#-65536,12(r0),r3
-	movzwl	14(r0),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,16(r0),-284(fp)
-	bicl3	#-65536,r2,-288(fp)
-	mull3	r1,-284(fp),-276(fp)
-	mull2	r3,-284(fp)
-	mull3	r3,-288(fp),-280(fp)
-	mull2	r1,-288(fp)
-	addl3	-276(fp),-280(fp),r0
-	bicl3	#0,r0,-276(fp)
-	cmpl	-276(fp),-280(fp)
-	bgequ	noname.471
-	addl2	#65536,-288(fp)
-noname.471:
-	movzwl	-274(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-288(fp)
-	bicl3	#-65536,-276(fp),r0
-	ashl	#16,r0,-280(fp)
-	addl3	-280(fp),-284(fp),r0
-	bicl3	#0,r0,-284(fp)
-	cmpl	-284(fp),-280(fp)
-	bgequ	noname.472
-	incl	-288(fp)
-noname.472:
-	movl	-284(fp),r3
-	movl	-288(fp),r2
-	bbc	#31,r2,noname.473
-	incl	r9
-noname.473:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.474
-	incl	r2
-noname.474:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r8
-	bicl2	#0,r8
-	cmpl	r8,r3
-	bgequ	noname.475
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.475
-	incl	r9
-noname.475:
-	addl2	r2,r7
-	bicl2	#0,r7
-	cmpl	r7,r2
-	bgequ	noname.476
-	incl	r9
-noname.476:
-
-	movl	4(ap),r0
-	movl	r8,28(r0)
-
-	clrl	r8
-
-	movl	8(ap),r3
-	movl	16(r3),r4
-	bicl3	#-65536,r4,r5
-	extzv	#16,#16,r4,r0
-	bicl3	#-65536,r0,r4
-	mull3	r5,r4,-292(fp)
-	mull2	r5,r5
-	mull2	r4,r4
-	bicl3	#32767,-292(fp),r0
-	extzv	#15,#17,r0,r0
-	addl2	r0,r4
-	bicl3	#-65536,-292(fp),r0
-	ashl	#17,r0,-292(fp)
-	addl2	-292(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-292(fp)
-	bgequ	noname.477
-	incl	r4
-noname.477:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r7
-	bicl2	#0,r7
-	cmpl	r7,r1
-	bgequ	noname.478
-	incl	r2
-noname.478:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.479
-	incl	r8
-noname.479:
-
-	bicl3	#-65536,20(r3),r4
-	movzwl	22(r3),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,12(r3),r2
-	movzwl	14(r3),r0
-	bicl2	#-65536,r0
-	movl	r4,r6
-	movl	r1,r5
-	mull3	r0,r6,-296(fp)
-	mull2	r2,r6
-	mull3	r2,r5,-300(fp)
-	mull2	r0,r5
-	addl3	-296(fp),-300(fp),r0
-	bicl3	#0,r0,-296(fp)
-	cmpl	-296(fp),-300(fp)
-	bgequ	noname.480
-	addl2	#65536,r5
-noname.480:
-	movzwl	-294(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r5
-	bicl3	#-65536,-296(fp),r0
-	ashl	#16,r0,-300(fp)
-	addl2	-300(fp),r6
-	bicl2	#0,r6
-	cmpl	r6,-300(fp)
-	bgequ	noname.481
-	incl	r5
-noname.481:
-	movl	r6,r3
-	movl	r5,r2
-	bbc	#31,r2,noname.482
-	incl	r8
-noname.482:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.483
-	incl	r2
-noname.483:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r7
-	bicl2	#0,r7
-	cmpl	r7,r3
-	bgequ	noname.484
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.484
-	incl	r8
-noname.484:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.485
-	incl	r8
-noname.485:
-
-	movl	8(ap),r0
-	bicl3	#-65536,24(r0),r3
-	movzwl	26(r0),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,8(r0),r2
-	movzwl	10(r0),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-304(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-308(fp)
-	mull2	r0,r4
-	addl3	-304(fp),-308(fp),r0
-	bicl3	#0,r0,-304(fp)
-	cmpl	-304(fp),-308(fp)
-	bgequ	noname.486
-	addl2	#65536,r4
-noname.486:
-	movzwl	-302(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-304(fp),r0
-	ashl	#16,r0,-308(fp)
-	addl2	-308(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-308(fp)
-	bgequ	noname.487
-	incl	r4
-noname.487:
-	movl	r5,r3
-	movl	r4,r2
-	bbc	#31,r2,noname.488
-	incl	r8
-noname.488:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.489
-	incl	r2
-noname.489:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r7
-	bicl2	#0,r7
-	cmpl	r7,r3
-	bgequ	noname.490
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.490
-	incl	r8
-noname.490:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.491
-	incl	r8
-noname.491:
-
-	movl	8(ap),r0
-	bicl3	#-65536,28(r0),r3
-	movzwl	30(r0),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,4(r0),r2
-	movzwl	6(r0),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-312(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-316(fp)
-	mull2	r0,r4
-	addl3	-312(fp),-316(fp),r0
-	bicl3	#0,r0,-312(fp)
-	cmpl	-312(fp),-316(fp)
-	bgequ	noname.492
-	addl2	#65536,r4
-noname.492:
-	movzwl	-310(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-312(fp),r0
-	ashl	#16,r0,-316(fp)
-	addl2	-316(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-316(fp)
-	bgequ	noname.493
-	incl	r4
-noname.493:
-	movl	r5,r3
-	movl	r4,r2
-	bbc	#31,r2,noname.494
-	incl	r8
-noname.494:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.495
-	incl	r2
-noname.495:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r7
-	bicl2	#0,r7
-	cmpl	r7,r3
-	bgequ	noname.496
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.496
-	incl	r8
-noname.496:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.497
-	incl	r8
-noname.497:
-
-	movl	4(ap),r0
-	movl	r7,32(r0)
-
-	clrl	r7
-
-	movl	8(ap),r0
-	bicl3	#-65536,28(r0),r3
-	movzwl	30(r0),r2
-	bicl3	#-65536,8(r0),r1
-	movzwl	10(r0),r0
-	bicl2	#-65536,r0
-	movl	r3,r4
-	bicl3	#-65536,r2,-328(fp)
-	mull3	r0,r4,-320(fp)
-	mull2	r1,r4
-	mull3	r1,-328(fp),-324(fp)
-	mull2	r0,-328(fp)
-	addl3	-320(fp),-324(fp),r0
-	bicl3	#0,r0,-320(fp)
-	cmpl	-320(fp),-324(fp)
-	bgequ	noname.498
-	addl2	#65536,-328(fp)
-noname.498:
-	movzwl	-318(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-328(fp)
-	bicl3	#-65536,-320(fp),r0
-	ashl	#16,r0,-324(fp)
-	addl2	-324(fp),r4
-	bicl2	#0,r4
-	cmpl	r4,-324(fp)
-	bgequ	noname.499
-	incl	-328(fp)
-noname.499:
-	movl	r4,r3
-	movl	-328(fp),r2
-	bbc	#31,r2,noname.500
-	incl	r7
-noname.500:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.501
-	incl	r2
-noname.501:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r9
-	bicl2	#0,r9
-	cmpl	r9,r3
-	bgequ	noname.502
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.502
-	incl	r7
-noname.502:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.503
-	incl	r7
-noname.503:
-
-	movl	8(ap),r0
-	movzwl	26(r0),r2
-	bicl3	#-65536,12(r0),r3
-	movzwl	14(r0),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,24(r0),-340(fp)
-	bicl3	#-65536,r2,-344(fp)
-	mull3	r1,-340(fp),-332(fp)
-	mull2	r3,-340(fp)
-	mull3	r3,-344(fp),-336(fp)
-	mull2	r1,-344(fp)
-	addl3	-332(fp),-336(fp),r0
-	bicl3	#0,r0,-332(fp)
-	cmpl	-332(fp),-336(fp)
-	bgequ	noname.504
-	addl2	#65536,-344(fp)
-noname.504:
-	movzwl	-330(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-344(fp)
-	bicl3	#-65536,-332(fp),r0
-	ashl	#16,r0,-336(fp)
-	addl3	-336(fp),-340(fp),r0
-	bicl3	#0,r0,-340(fp)
-	cmpl	-340(fp),-336(fp)
-	bgequ	noname.505
-	incl	-344(fp)
-noname.505:
-	movl	-340(fp),r3
-	movl	-344(fp),r2
-	bbc	#31,r2,noname.506
-	incl	r7
-noname.506:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.507
-	incl	r2
-noname.507:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r9
-	bicl2	#0,r9
-	cmpl	r9,r3
-	bgequ	noname.508
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.508
-	incl	r7
-noname.508:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.509
-	incl	r7
-noname.509:
-
-	movl	8(ap),r0
-	movzwl	22(r0),r2
-	bicl3	#-65536,16(r0),r3
-	movzwl	18(r0),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,20(r0),-356(fp)
-	bicl3	#-65536,r2,-360(fp)
-	mull3	r1,-356(fp),-348(fp)
-	mull2	r3,-356(fp)
-	mull3	r3,-360(fp),-352(fp)
-	mull2	r1,-360(fp)
-	addl3	-348(fp),-352(fp),r0
-	bicl3	#0,r0,-348(fp)
-	cmpl	-348(fp),-352(fp)
-	bgequ	noname.510
-	addl2	#65536,-360(fp)
-noname.510:
-	movzwl	-346(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-360(fp)
-	bicl3	#-65536,-348(fp),r0
-	ashl	#16,r0,-352(fp)
-	addl3	-352(fp),-356(fp),r0
-	bicl3	#0,r0,-356(fp)
-	cmpl	-356(fp),-352(fp)
-	bgequ	noname.511
-	incl	-360(fp)
-noname.511:
-	movl	-356(fp),r3
-	movl	-360(fp),r2
-	bbc	#31,r2,noname.512
-	incl	r7
-noname.512:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.513
-	incl	r2
-noname.513:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r9
-	bicl2	#0,r9
-	cmpl	r9,r3
-	bgequ	noname.514
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.514
-	incl	r7
-noname.514:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.515
-	incl	r7
-noname.515:
-
-	movl	4(ap),r0
-	movl	r9,36(r0)
-
-	clrl	r9
-
-	movl	8(ap),r3
-	movl	20(r3),r4
-	bicl3	#-65536,r4,-364(fp)
-	extzv	#16,#16,r4,r0
-	bicl3	#-65536,r0,r4
-	movl	-364(fp),r0
-	mull3	r0,r4,-368(fp)
-	mull3	r0,r0,-364(fp)
-	mull2	r4,r4
-	bicl3	#32767,-368(fp),r0
-	extzv	#15,#17,r0,r0
-	addl2	r0,r4
-	bicl3	#-65536,-368(fp),r0
-	ashl	#17,r0,-368(fp)
-	addl3	-364(fp),-368(fp),r0
-	bicl3	#0,r0,-364(fp)
-	cmpl	-364(fp),-368(fp)
-	bgequ	noname.516
-	incl	r4
-noname.516:
-	movl	-364(fp),r1
-	movl	r4,r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.517
-	incl	r2
-noname.517:
-	addl2	r2,r7
-	bicl2	#0,r7
-	cmpl	r7,r2
-	bgequ	noname.518
-	incl	r9
-noname.518:
-
-	bicl3	#-65536,24(r3),r4
-	movzwl	26(r3),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,16(r3),r2
-	movzwl	18(r3),r0
-	bicl2	#-65536,r0
-	movl	r4,r6
-	movl	r1,r5
-	mull3	r0,r6,-372(fp)
-	mull2	r2,r6
-	mull3	r2,r5,-376(fp)
-	mull2	r0,r5
-	addl3	-372(fp),-376(fp),r0
-	bicl3	#0,r0,-372(fp)
-	cmpl	-372(fp),-376(fp)
-	bgequ	noname.519
-	addl2	#65536,r5
-noname.519:
-	movzwl	-370(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r5
-	bicl3	#-65536,-372(fp),r0
-	ashl	#16,r0,-376(fp)
-	addl2	-376(fp),r6
-	bicl2	#0,r6
-	cmpl	r6,-376(fp)
-	bgequ	noname.520
-	incl	r5
-noname.520:
-	movl	r6,r3
-	movl	r5,r2
-	bbc	#31,r2,noname.521
-	incl	r9
-noname.521:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.522
-	incl	r2
-noname.522:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r8
-	bicl2	#0,r8
-	cmpl	r8,r3
-	bgequ	noname.523
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.523
-	incl	r9
-noname.523:
-	addl2	r2,r7
-	bicl2	#0,r7
-	cmpl	r7,r2
-	bgequ	noname.524
-	incl	r9
-noname.524:
-
-	movl	8(ap),r0
-	bicl3	#-65536,28(r0),r3
-	movzwl	30(r0),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,12(r0),r2
-	movzwl	14(r0),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-380(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-384(fp)
-	mull2	r0,r4
-	addl3	-380(fp),-384(fp),r0
-	bicl3	#0,r0,-380(fp)
-	cmpl	-380(fp),-384(fp)
-	bgequ	noname.525
-	addl2	#65536,r4
-noname.525:
-	movzwl	-378(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-380(fp),r0
-	ashl	#16,r0,-384(fp)
-	addl2	-384(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-384(fp)
-	bgequ	noname.526
-	incl	r4
-noname.526:
-	movl	r5,r3
-	movl	r4,r2
-	bbc	#31,r2,noname.527
-	incl	r9
-noname.527:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.528
-	incl	r2
-noname.528:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r8
-	bicl2	#0,r8
-	cmpl	r8,r3
-	bgequ	noname.529
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.529
-	incl	r9
-noname.529:
-	addl2	r2,r7
-	bicl2	#0,r7
-	cmpl	r7,r2
-	bgequ	noname.530
-	incl	r9
-noname.530:
-	movl	4(ap),r0
-	movl	r8,40(r0)
-
-	clrl	r8
-
-	movl	8(ap),r0
-	bicl3	#-65536,28(r0),r3
-	movzwl	30(r0),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,16(r0),r2
-	movzwl	18(r0),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-388(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-392(fp)
-	mull2	r0,r4
-	addl3	-388(fp),-392(fp),r0
-	bicl3	#0,r0,-388(fp)
-	cmpl	-388(fp),-392(fp)
-	bgequ	noname.531
-	addl2	#65536,r4
-noname.531:
-	movzwl	-386(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-388(fp),r0
-	ashl	#16,r0,-392(fp)
-	addl2	-392(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-392(fp)
-	bgequ	noname.532
-	incl	r4
-noname.532:
-	movl	r5,r3
-	movl	r4,r2
-	bbc	#31,r2,noname.533
-	incl	r8
-noname.533:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.534
-	incl	r2
-noname.534:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r7
-	bicl2	#0,r7
-	cmpl	r7,r3
-	bgequ	noname.535
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.535
-	incl	r8
-noname.535:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.536
-	incl	r8
-noname.536:
-
-	movl	8(ap),r0
-	bicl3	#-65536,24(r0),r3
-	movzwl	26(r0),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,20(r0),r2
-	movzwl	22(r0),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-396(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-400(fp)
-	mull2	r0,r4
-	addl3	-396(fp),-400(fp),r0
-	bicl3	#0,r0,-396(fp)
-	cmpl	-396(fp),-400(fp)
-	bgequ	noname.537
-	addl2	#65536,r4
-noname.537:
-	movzwl	-394(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-396(fp),r0
-	ashl	#16,r0,-400(fp)
-	addl2	-400(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-400(fp)
-	bgequ	noname.538
-	incl	r4
-noname.538:
-	movl	r5,r3
-	movl	r4,r2
-	bbc	#31,r2,noname.539
-	incl	r8
-noname.539:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.540
-	incl	r2
-noname.540:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r7
-	bicl2	#0,r7
-	cmpl	r7,r3
-	bgequ	noname.541
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.541
-	incl	r8
-noname.541:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.542
-	incl	r8
-noname.542:
-
-	movl	4(ap),r0
-	movl	r7,44(r0)
-
-	clrl	r7
-
-	movl	8(ap),r3
-	movl	24(r3),r4
-	bicl3	#-65536,r4,r5
-	extzv	#16,#16,r4,r0
-	bicl3	#-65536,r0,r4
-	mull3	r5,r4,-404(fp)
-	mull2	r5,r5
-	mull2	r4,r4
-	bicl3	#32767,-404(fp),r0
-	extzv	#15,#17,r0,r0
-	addl2	r0,r4
-	bicl3	#-65536,-404(fp),r0
-	ashl	#17,r0,-404(fp)
-	addl2	-404(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-404(fp)
-	bgequ	noname.543
-	incl	r4
-noname.543:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.544
-	incl	r2
-noname.544:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.545
-	incl	r7
-noname.545:
-
-	movzwl	30(r3),r2
-	bicl3	#-65536,20(r3),r1
-	movzwl	22(r3),r0
-	bicl2	#-65536,r0
-	bicl3	#-65536,28(r3),-416(fp)
-	bicl3	#-65536,r2,-420(fp)
-	mull3	r0,-416(fp),-408(fp)
-	mull2	r1,-416(fp)
-	mull3	r1,-420(fp),-412(fp)
-	mull2	r0,-420(fp)
-	addl3	-408(fp),-412(fp),r0
-	bicl3	#0,r0,-408(fp)
-	cmpl	-408(fp),-412(fp)
-	bgequ	noname.546
-	addl2	#65536,-420(fp)
-noname.546:
-	movzwl	-406(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-420(fp)
-	bicl3	#-65536,-408(fp),r0
-	ashl	#16,r0,-412(fp)
-	addl3	-412(fp),-416(fp),r0
-	bicl3	#0,r0,-416(fp)
-	cmpl	-416(fp),-412(fp)
-	bgequ	noname.547
-	incl	-420(fp)
-noname.547:
-	movl	-416(fp),r3
-	movl	-420(fp),r2
-	bbc	#31,r2,noname.548
-	incl	r7
-noname.548:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.549
-	incl	r2
-noname.549:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r9
-	bicl2	#0,r9
-	cmpl	r9,r3
-	bgequ	noname.550
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.550
-	incl	r7
-noname.550:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.551
-	incl	r7
-noname.551:
-
-	movl	4(ap),r0
-	movl	r9,48(r0)
-
-	clrl	r9
-
-	movl	8(ap),r0
-	movzwl	30(r0),r2
-	bicl3	#-65536,24(r0),r3
-	movzwl	26(r0),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,28(r0),-432(fp)
-	bicl3	#-65536,r2,-436(fp)
-	mull3	r1,-432(fp),-424(fp)
-	mull2	r3,-432(fp)
-	mull3	r3,-436(fp),-428(fp)
-	mull2	r1,-436(fp)
-	addl3	-424(fp),-428(fp),r0
-	bicl3	#0,r0,-424(fp)
-	cmpl	-424(fp),-428(fp)
-	bgequ	noname.552
-	addl2	#65536,-436(fp)
-noname.552:
-	movzwl	-422(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,-436(fp)
-	bicl3	#-65536,-424(fp),r0
-	ashl	#16,r0,-428(fp)
-	addl3	-428(fp),-432(fp),r0
-	bicl3	#0,r0,-432(fp)
-	cmpl	-432(fp),-428(fp)
-	bgequ	noname.553
-	incl	-436(fp)
-noname.553:
-	movl	-432(fp),r3
-	movl	-436(fp),r2
-	bbc	#31,r2,noname.554
-	incl	r9
-noname.554:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.555
-	incl	r2
-noname.555:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r8
-	bicl2	#0,r8
-	cmpl	r8,r3
-	bgequ	noname.556
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.556
-	incl	r9
-noname.556:
-	addl2	r2,r7
-	bicl2	#0,r7
-	cmpl	r7,r2
-	bgequ	noname.557
-	incl	r9
-noname.557:
-
-	movl	4(ap),r4
-	movl	r8,52(r4)
-
-	clrl	r8
-
-	movl	8(ap),r0
-	movl	28(r0),r3
-	bicl3	#-65536,r3,-440(fp)
-	extzv	#16,#16,r3,r0
-	bicl3	#-65536,r0,r3
-	movl	-440(fp),r0
-	mull3	r0,r3,-444(fp)
-	mull3	r0,r0,-440(fp)
-	mull2	r3,r3
-	bicl3	#32767,-444(fp),r0
-	extzv	#15,#17,r0,r0
-	addl2	r0,r3
-	bicl3	#-65536,-444(fp),r0
-	ashl	#17,r0,-444(fp)
-	addl3	-440(fp),-444(fp),r0
-	bicl3	#0,r0,-440(fp)
-	cmpl	-440(fp),-444(fp)
-	bgequ	noname.558
-	incl	r3
-noname.558:
-	movl	-440(fp),r1
-	movl	r3,r2
-	addl2	r1,r7
-	bicl2	#0,r7
-	cmpl	r7,r1
-	bgequ	noname.559
-	incl	r2
-noname.559:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.560
-	incl	r8
-noname.560:
-
-	movl	r7,56(r4)
-
-	movl	r9,60(r4)
-
-	ret	
-
-
-
-;r=4 ;(AP)
-;a=8 ;(AP)
-;b=12 ;(AP)
-;n=16 ;(AP)	n	by value (input)
-
-	.psect	code,nowrt
-
-.entry	BN_SQR_COMBA4,^m<r2,r3,r4,r5,r6,r7,r8,r9,r10>
-	subl2	#44,sp
-
-	clrq	r8
-
-	clrl	r10
-
-	movl	8(ap),r5
-	movl	(r5),r3
-	bicl3	#-65536,r3,r4
-	extzv	#16,#16,r3,r0
-	bicl3	#-65536,r0,r3
-	mull3	r4,r3,-4(fp)
-	mull2	r4,r4
-	mull2	r3,r3
-	bicl3	#32767,-4(fp),r0
-	extzv	#15,#17,r0,r0
-	addl2	r0,r3
-	bicl3	#-65536,-4(fp),r0
-	ashl	#17,r0,-4(fp)
-	addl2	-4(fp),r4
-	bicl2	#0,r4
-	cmpl	r4,-4(fp)
-	bgequ	noname.563
-	incl	r3
-noname.563:
-	movl	r4,r1
-	movl	r3,r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.564
-	incl	r2
-noname.564:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.565
-	incl	r10
-noname.565:
-
-	movl	r9,@4(ap)
-
-	clrl	r9
-
-	bicl3	#-65536,4(r5),r3
-	movzwl	6(r5),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,(r5),r2
-	movzwl	2(r5),r0
-	bicl2	#-65536,r0
-	movl	r3,r6
-	movl	r1,r4
-	mull3	r0,r6,-8(fp)
-	mull2	r2,r6
-	mull2	r4,r2
-	mull2	r0,r4
-	addl3	-8(fp),r2,r0
-	bicl3	#0,r0,-8(fp)
-	cmpl	-8(fp),r2
-	bgequ	noname.566
-	addl2	#65536,r4
-noname.566:
-	movzwl	-6(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-8(fp),r0
-	ashl	#16,r0,r1
-	addl2	r1,r6
-	bicl2	#0,r6
-	cmpl	r6,r1
-	bgequ	noname.567
-	incl	r4
-noname.567:
-	movl	r6,r3
-	movl	r4,r2
-	bbc	#31,r2,noname.568
-	incl	r9
-noname.568:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.569
-	incl	r2
-noname.569:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r8
-	bicl2	#0,r8
-	cmpl	r8,r3
-	bgequ	noname.570
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.570
-	incl	r9
-noname.570:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.571
-	incl	r9
-noname.571:
-
-	movl	4(ap),r0
-	movl	r8,4(r0)
-
-	clrl	r8
-
-	movl	8(ap),r4
-	movl	4(r4),r3
-	bicl3	#-65536,r3,r5
-	extzv	#16,#16,r3,r0
-	bicl3	#-65536,r0,r3
-	mull3	r5,r3,r1
-	mull2	r5,r5
-	mull2	r3,r3
-	bicl3	#32767,r1,r0
-	extzv	#15,#17,r0,r0
-	addl2	r0,r3
-	bicl2	#-65536,r1
-	ashl	#17,r1,r1
-	addl2	r1,r5
-	bicl2	#0,r5
-	cmpl	r5,r1
-	bgequ	noname.572
-	incl	r3
-noname.572:
-	movl	r5,r1
-	movl	r3,r2
-	addl2	r1,r10
-	bicl2	#0,r10
-	cmpl	r10,r1
-	bgequ	noname.573
-	incl	r2
-noname.573:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.574
-	incl	r8
-noname.574:
-
-	bicl3	#-65536,8(r4),r3
-	movzwl	10(r4),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,(r4),r2
-	movzwl	2(r4),r0
-	bicl2	#-65536,r0
-	movl	r3,r6
-	movl	r1,r5
-	mull3	r0,r6,r7
-	mull2	r2,r6
-	mull2	r5,r2
-	mull2	r0,r5
-	addl2	r2,r7
-	bicl2	#0,r7
-	cmpl	r7,r2
-	bgequ	noname.575
-	addl2	#65536,r5
-noname.575:
-	extzv	#16,#16,r7,r0
-	bicl2	#-65536,r0
-	addl2	r0,r5
-	bicl3	#-65536,r7,r0
-	ashl	#16,r0,r1
-	addl2	r1,r6
-	bicl2	#0,r6
-	cmpl	r6,r1
-	bgequ	noname.576
-	incl	r5
-noname.576:
-	movl	r6,r3
-	movl	r5,r2
-	bbc	#31,r2,noname.577
-	incl	r8
-noname.577:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.578
-	incl	r2
-noname.578:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r10
-	bicl2	#0,r10
-	cmpl	r10,r3
-	bgequ	noname.579
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.579
-	incl	r8
-noname.579:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.580
-	incl	r8
-noname.580:
-
-	movl	4(ap),r0
-	movl	r10,8(r0)
-
-	clrl	r10
-
-	movl	8(ap),r0
-	bicl3	#-65536,12(r0),r3
-	movzwl	14(r0),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,(r0),r2
-	movzwl	2(r0),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,r6
-	mull2	r2,r5
-	mull3	r2,r4,-12(fp)
-	mull2	r0,r4
-	addl2	-12(fp),r6
-	bicl2	#0,r6
-	cmpl	r6,-12(fp)
-	bgequ	noname.581
-	addl2	#65536,r4
-noname.581:
-	extzv	#16,#16,r6,r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,r6,r0
-	ashl	#16,r0,-12(fp)
-	addl2	-12(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-12(fp)
-	bgequ	noname.582
-	incl	r4
-noname.582:
-	movl	r5,r3
-	movl	r4,r2
-	bbc	#31,r2,noname.583
-	incl	r10
-noname.583:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.584
-	incl	r2
-noname.584:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r9
-	bicl2	#0,r9
-	cmpl	r9,r3
-	bgequ	noname.585
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.585
-	incl	r10
-noname.585:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.586
-	incl	r10
-noname.586:
-
-	movl	8(ap),r0
-	bicl3	#-65536,8(r0),r3
-	movzwl	10(r0),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,4(r0),r2
-	movzwl	6(r0),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-16(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-20(fp)
-	mull2	r0,r4
-	addl3	-16(fp),-20(fp),r0
-	bicl3	#0,r0,-16(fp)
-	cmpl	-16(fp),-20(fp)
-	bgequ	noname.587
-	addl2	#65536,r4
-noname.587:
-	movzwl	-14(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-16(fp),r0
-	ashl	#16,r0,-20(fp)
-	addl2	-20(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-20(fp)
-	bgequ	noname.588
-	incl	r4
-noname.588:
-	movl	r5,r3
-	movl	r4,r2
-	bbc	#31,r2,noname.589
-	incl	r10
-noname.589:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.590
-	incl	r2
-noname.590:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r9
-	bicl2	#0,r9
-	cmpl	r9,r3
-	bgequ	noname.591
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.591
-	incl	r10
-noname.591:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.592
-	incl	r10
-noname.592:
-	movl	4(ap),r0
-	movl	r9,12(r0)
-
-	clrl	r9
-
-	movl	8(ap),r3
-	movl	8(r3),r4
-	bicl3	#-65536,r4,r5
-	extzv	#16,#16,r4,r0
-	bicl3	#-65536,r0,r4
-	mull3	r5,r4,-24(fp)
-	mull2	r5,r5
-	mull2	r4,r4
-	bicl3	#32767,-24(fp),r0
-	extzv	#15,#17,r0,r0
-	addl2	r0,r4
-	bicl3	#-65536,-24(fp),r0
-	ashl	#17,r0,-24(fp)
-	addl2	-24(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-24(fp)
-	bgequ	noname.593
-	incl	r4
-noname.593:
-	movl	r5,r1
-	movl	r4,r2
-	addl2	r1,r8
-	bicl2	#0,r8
-	cmpl	r8,r1
-	bgequ	noname.594
-	incl	r2
-noname.594:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.595
-	incl	r9
-noname.595:
-
-	bicl3	#-65536,12(r3),r4
-	movzwl	14(r3),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,4(r3),r2
-	movzwl	6(r3),r0
-	bicl2	#-65536,r0
-	movl	r4,r6
-	movl	r1,r5
-	mull3	r0,r6,-28(fp)
-	mull2	r2,r6
-	mull3	r2,r5,-32(fp)
-	mull2	r0,r5
-	addl3	-28(fp),-32(fp),r0
-	bicl3	#0,r0,-28(fp)
-	cmpl	-28(fp),-32(fp)
-	bgequ	noname.596
-	addl2	#65536,r5
-noname.596:
-	movzwl	-26(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r5
-	bicl3	#-65536,-28(fp),r0
-	ashl	#16,r0,-32(fp)
-	addl2	-32(fp),r6
-	bicl2	#0,r6
-	cmpl	r6,-32(fp)
-	bgequ	noname.597
-	incl	r5
-noname.597:
-	movl	r6,r3
-	movl	r5,r2
-	bbc	#31,r2,noname.598
-	incl	r9
-noname.598:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.599
-	incl	r2
-noname.599:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r8
-	bicl2	#0,r8
-	cmpl	r8,r3
-	bgequ	noname.600
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.600
-	incl	r9
-noname.600:
-	addl2	r2,r10
-	bicl2	#0,r10
-	cmpl	r10,r2
-	bgequ	noname.601
-	incl	r9
-noname.601:
-
-	movl	4(ap),r0
-	movl	r8,16(r0)
-
-	clrl	r8
-
-	movl	8(ap),r0
-	bicl3	#-65536,12(r0),r3
-	movzwl	14(r0),r1
-	bicl2	#-65536,r1
-	bicl3	#-65536,8(r0),r2
-	movzwl	10(r0),r0
-	bicl2	#-65536,r0
-	movl	r3,r5
-	movl	r1,r4
-	mull3	r0,r5,-36(fp)
-	mull2	r2,r5
-	mull3	r2,r4,-40(fp)
-	mull2	r0,r4
-	addl3	-36(fp),-40(fp),r0
-	bicl3	#0,r0,-36(fp)
-	cmpl	-36(fp),-40(fp)
-	bgequ	noname.602
-	addl2	#65536,r4
-noname.602:
-	movzwl	-34(fp),r0
-	bicl2	#-65536,r0
-	addl2	r0,r4
-	bicl3	#-65536,-36(fp),r0
-	ashl	#16,r0,-40(fp)
-	addl2	-40(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-40(fp)
-	bgequ	noname.603
-	incl	r4
-noname.603:
-	movl	r5,r3
-	movl	r4,r2
-	bbc	#31,r2,noname.604
-	incl	r8
-noname.604:
-	addl2	r2,r2
-	bicl2	#0,r2
-	bbc	#31,r3,noname.605
-	incl	r2
-noname.605:
-	addl2	r3,r3
-	bicl2	#0,r3
-	addl2	r3,r10
-	bicl2	#0,r10
-	cmpl	r10,r3
-	bgequ	noname.606
-	incl	r2
-	bicl3	#0,r2,r0
-	bneq	noname.606
-	incl	r8
-noname.606:
-	addl2	r2,r9
-	bicl2	#0,r9
-	cmpl	r9,r2
-	bgequ	noname.607
-	incl	r8
-noname.607:
-
-	movl	4(ap),r4
-	movl	r10,20(r4)
-
-	clrl	r10
-
-	movl	8(ap),r0
-	movl	12(r0),r3
-	bicl3	#-65536,r3,r5
-	extzv	#16,#16,r3,r0
-	bicl3	#-65536,r0,r3
-	mull3	r5,r3,-44(fp)
-	mull2	r5,r5
-	mull2	r3,r3
-	bicl3	#32767,-44(fp),r0
-	extzv	#15,#17,r0,r0
-	addl2	r0,r3
-	bicl3	#-65536,-44(fp),r0
-	ashl	#17,r0,-44(fp)
-	addl2	-44(fp),r5
-	bicl2	#0,r5
-	cmpl	r5,-44(fp)
-	bgequ	noname.608
-	incl	r3
-noname.608:
-	movl	r5,r1
-	movl	r3,r2
-	addl2	r1,r9
-	bicl2	#0,r9
-	cmpl	r9,r1
-	bgequ	noname.609
-	incl	r2
-noname.609:
-	addl2	r2,r8
-	bicl2	#0,r8
-	cmpl	r8,r2
-	bgequ	noname.610
-	incl	r10
-noname.610:
-
-	movl	r9,24(r4)
-
-	movl	r8,28(r4)
-
-	ret	
-
-; For now, the code below doesn't work, so I end this prematurely.
-.end
diff --git a/thirdparty/openssl/crypto/bn/asm/x86/f b/thirdparty/openssl/crypto/bn/asm/x86/f
deleted file mode 100644
index 22e4112224..0000000000
--- a/thirdparty/openssl/crypto/bn/asm/x86/f
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assember
-
diff --git a/thirdparty/openssl/crypto/bn/asm/x86_64-gcc.c b/thirdparty/openssl/crypto/bn/asm/x86_64-gcc.c
deleted file mode 100644
index 1729b479d4..0000000000
--- a/thirdparty/openssl/crypto/bn/asm/x86_64-gcc.c
+++ /dev/null
@@ -1,638 +0,0 @@
-#include "../bn_lcl.h"
-#if !(defined(__GNUC__) && __GNUC__>=2)
-# include "../bn_asm.c"         /* kind of dirty hack for Sun Studio */
-#else
-/*-
- * x86_64 BIGNUM accelerator version 0.1, December 2002.
- *
- * Implemented by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
- * project.
- *
- * Rights for redistribution and usage in source and binary forms are
- * granted according to the OpenSSL license. Warranty of any kind is
- * disclaimed.
- *
- * Q. Version 0.1? It doesn't sound like Andy, he used to assign real
- *    versions, like 1.0...
- * A. Well, that's because this code is basically a quick-n-dirty
- *    proof-of-concept hack. As you can see it's implemented with
- *    inline assembler, which means that you're bound to GCC and that
- *    there might be enough room for further improvement.
- *
- * Q. Why inline assembler?
- * A. x86_64 features own ABI which I'm not familiar with. This is
- *    why I decided to let the compiler take care of subroutine
- *    prologue/epilogue as well as register allocation. For reference.
- *    Win64 implements different ABI for AMD64, different from Linux.
- *
- * Q. How much faster does it get?
- * A. 'apps/openssl speed rsa dsa' output with no-asm:
- *
- *                        sign    verify    sign/s verify/s
- *      rsa  512 bits   0.0006s   0.0001s   1683.8  18456.2
- *      rsa 1024 bits   0.0028s   0.0002s    356.0   6407.0
- *      rsa 2048 bits   0.0172s   0.0005s     58.0   1957.8
- *      rsa 4096 bits   0.1155s   0.0018s      8.7    555.6
- *                        sign    verify    sign/s verify/s
- *      dsa  512 bits   0.0005s   0.0006s   2100.8   1768.3
- *      dsa 1024 bits   0.0014s   0.0018s    692.3    559.2
- *      dsa 2048 bits   0.0049s   0.0061s    204.7    165.0
- *
- *    'apps/openssl speed rsa dsa' output with this module:
- *
- *                        sign    verify    sign/s verify/s
- *      rsa  512 bits   0.0004s   0.0000s   2767.1  33297.9
- *      rsa 1024 bits   0.0012s   0.0001s    867.4  14674.7
- *      rsa 2048 bits   0.0061s   0.0002s    164.0   5270.0
- *      rsa 4096 bits   0.0384s   0.0006s     26.1   1650.8
- *                        sign    verify    sign/s verify/s
- *      dsa  512 bits   0.0002s   0.0003s   4442.2   3786.3
- *      dsa 1024 bits   0.0005s   0.0007s   1835.1   1497.4
- *      dsa 2048 bits   0.0016s   0.0020s    620.4    504.6
- *
- *    For the reference. IA-32 assembler implementation performs
- *    very much like 64-bit code compiled with no-asm on the same
- *    machine.
- */
-
-# if defined(_WIN64) || !defined(__LP64__)
-#  define BN_ULONG unsigned long long
-# else
-#  define BN_ULONG unsigned long
-# endif
-
-# undef mul
-# undef mul_add
-
-/*-
- * "m"(a), "+m"(r)      is the way to favor DirectPath µ-code;
- * "g"(0)               let the compiler to decide where does it
- *                      want to keep the value of zero;
- */
-# define mul_add(r,a,word,carry) do {   \
-        register BN_ULONG high,low;     \
-        asm ("mulq %3"                  \
-                : "=a"(low),"=d"(high)  \
-                : "a"(word),"m"(a)      \
-                : "cc");                \
-        asm ("addq %2,%0; adcq %3,%1"   \
-                : "+r"(carry),"+d"(high)\
-                : "a"(low),"g"(0)       \
-                : "cc");                \
-        asm ("addq %2,%0; adcq %3,%1"   \
-                : "+m"(r),"+d"(high)    \
-                : "r"(carry),"g"(0)     \
-                : "cc");                \
-        carry=high;                     \
-        } while (0)
-
-# define mul(r,a,word,carry) do {       \
-        register BN_ULONG high,low;     \
-        asm ("mulq %3"                  \
-                : "=a"(low),"=d"(high)  \
-                : "a"(word),"g"(a)      \
-                : "cc");                \
-        asm ("addq %2,%0; adcq %3,%1"   \
-                : "+r"(carry),"+d"(high)\
-                : "a"(low),"g"(0)       \
-                : "cc");                \
-        (r)=carry, carry=high;          \
-        } while (0)
-# undef sqr
-# define sqr(r0,r1,a)                   \
-        asm ("mulq %2"                  \
-                : "=a"(r0),"=d"(r1)     \
-                : "a"(a)                \
-                : "cc");
-
-BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num,
-                          BN_ULONG w)
-{
-    BN_ULONG c1 = 0;
-
-    if (num <= 0)
-        return (c1);
-
-    while (num & ~3) {
-        mul_add(rp[0], ap[0], w, c1);
-        mul_add(rp[1], ap[1], w, c1);
-        mul_add(rp[2], ap[2], w, c1);
-        mul_add(rp[3], ap[3], w, c1);
-        ap += 4;
-        rp += 4;
-        num -= 4;
-    }
-    if (num) {
-        mul_add(rp[0], ap[0], w, c1);
-        if (--num == 0)
-            return c1;
-        mul_add(rp[1], ap[1], w, c1);
-        if (--num == 0)
-            return c1;
-        mul_add(rp[2], ap[2], w, c1);
-        return c1;
-    }
-
-    return (c1);
-}
-
-BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
-{
-    BN_ULONG c1 = 0;
-
-    if (num <= 0)
-        return (c1);
-
-    while (num & ~3) {
-        mul(rp[0], ap[0], w, c1);
-        mul(rp[1], ap[1], w, c1);
-        mul(rp[2], ap[2], w, c1);
-        mul(rp[3], ap[3], w, c1);
-        ap += 4;
-        rp += 4;
-        num -= 4;
-    }
-    if (num) {
-        mul(rp[0], ap[0], w, c1);
-        if (--num == 0)
-            return c1;
-        mul(rp[1], ap[1], w, c1);
-        if (--num == 0)
-            return c1;
-        mul(rp[2], ap[2], w, c1);
-    }
-    return (c1);
-}
-
-void bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n)
-{
-    if (n <= 0)
-        return;
-
-    while (n & ~3) {
-        sqr(r[0], r[1], a[0]);
-        sqr(r[2], r[3], a[1]);
-        sqr(r[4], r[5], a[2]);
-        sqr(r[6], r[7], a[3]);
-        a += 4;
-        r += 8;
-        n -= 4;
-    }
-    if (n) {
-        sqr(r[0], r[1], a[0]);
-        if (--n == 0)
-            return;
-        sqr(r[2], r[3], a[1]);
-        if (--n == 0)
-            return;
-        sqr(r[4], r[5], a[2]);
-    }
-}
-
-BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
-{
-    BN_ULONG ret, waste;
-
- asm("divq      %4":"=a"(ret), "=d"(waste)
- :     "a"(l), "d"(h), "r"(d)
- :     "cc");
-
-    return ret;
-}
-
-BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
-                      int n)
-{
-    BN_ULONG ret;
-    size_t i = 0;
-
-    if (n <= 0)
-        return 0;
-
-    asm volatile ("       subq    %0,%0           \n" /* clear carry */
-                  "       jmp     1f              \n"
-                  ".p2align 4                     \n"
-                  "1:     movq    (%4,%2,8),%0    \n"
-                  "       adcq    (%5,%2,8),%0    \n"
-                  "       movq    %0,(%3,%2,8)    \n"
-                  "       lea     1(%2),%2        \n"
-                  "       loop    1b              \n"
-                  "       sbbq    %0,%0           \n":"=&r" (ret), "+c"(n),
-                  "+r"(i)
-                  :"r"(rp), "r"(ap), "r"(bp)
-                  :"cc", "memory");
-
-    return ret & 1;
-}
-
-# ifndef SIMICS
-BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
-                      int n)
-{
-    BN_ULONG ret;
-    size_t i = 0;
-
-    if (n <= 0)
-        return 0;
-
-    asm volatile ("       subq    %0,%0           \n" /* clear borrow */
-                  "       jmp     1f              \n"
-                  ".p2align 4                     \n"
-                  "1:     movq    (%4,%2,8),%0    \n"
-                  "       sbbq    (%5,%2,8),%0    \n"
-                  "       movq    %0,(%3,%2,8)    \n"
-                  "       lea     1(%2),%2        \n"
-                  "       loop    1b              \n"
-                  "       sbbq    %0,%0           \n":"=&r" (ret), "+c"(n),
-                  "+r"(i)
-                  :"r"(rp), "r"(ap), "r"(bp)
-                  :"cc", "memory");
-
-    return ret & 1;
-}
-# else
-/* Simics 1.4<7 has buggy sbbq:-( */
-#  define BN_MASK2 0xffffffffffffffffL
-BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
-{
-    BN_ULONG t1, t2;
-    int c = 0;
-
-    if (n <= 0)
-        return ((BN_ULONG)0);
-
-    for (;;) {
-        t1 = a[0];
-        t2 = b[0];
-        r[0] = (t1 - t2 - c) & BN_MASK2;
-        if (t1 != t2)
-            c = (t1 < t2);
-        if (--n <= 0)
-            break;
-
-        t1 = a[1];
-        t2 = b[1];
-        r[1] = (t1 - t2 - c) & BN_MASK2;
-        if (t1 != t2)
-            c = (t1 < t2);
-        if (--n <= 0)
-            break;
-
-        t1 = a[2];
-        t2 = b[2];
-        r[2] = (t1 - t2 - c) & BN_MASK2;
-        if (t1 != t2)
-            c = (t1 < t2);
-        if (--n <= 0)
-            break;
-
-        t1 = a[3];
-        t2 = b[3];
-        r[3] = (t1 - t2 - c) & BN_MASK2;
-        if (t1 != t2)
-            c = (t1 < t2);
-        if (--n <= 0)
-            break;
-
-        a += 4;
-        b += 4;
-        r += 4;
-    }
-    return (c);
-}
-# endif
-
-/* mul_add_c(a,b,c0,c1,c2)  -- c+=a*b for three word number c=(c2,c1,c0) */
-/* mul_add_c2(a,b,c0,c1,c2) -- c+=2*a*b for three word number c=(c2,c1,c0) */
-/* sqr_add_c(a,i,c0,c1,c2)  -- c+=a[i]^2 for three word number c=(c2,c1,c0) */
-/*
- * sqr_add_c2(a,i,c0,c1,c2) -- c+=2*a[i]*a[j] for three word number
- * c=(c2,c1,c0)
- */
-
-/*
- * Keep in mind that carrying into high part of multiplication result
- * can not overflow, because it cannot be all-ones.
- */
-# if 0
-/* original macros are kept for reference purposes */
-#  define mul_add_c(a,b,c0,c1,c2)       do {    \
-        BN_ULONG ta = (a), tb = (b);            \
-        BN_ULONG lo, hi;                        \
-        BN_UMULT_LOHI(lo,hi,ta,tb);             \
-        c0 += lo; hi += (c0<lo)?1:0;            \
-        c1 += hi; c2 += (c1<hi)?1:0;            \
-        } while(0)
-
-#  define mul_add_c2(a,b,c0,c1,c2)      do {    \
-        BN_ULONG ta = (a), tb = (b);            \
-        BN_ULONG lo, hi, tt;                    \
-        BN_UMULT_LOHI(lo,hi,ta,tb);             \
-        c0 += lo; tt = hi+((c0<lo)?1:0);        \
-        c1 += tt; c2 += (c1<tt)?1:0;            \
-        c0 += lo; hi += (c0<lo)?1:0;            \
-        c1 += hi; c2 += (c1<hi)?1:0;            \
-        } while(0)
-
-#  define sqr_add_c(a,i,c0,c1,c2)       do {    \
-        BN_ULONG ta = (a)[i];                   \
-        BN_ULONG lo, hi;                        \
-        BN_UMULT_LOHI(lo,hi,ta,ta);             \
-        c0 += lo; hi += (c0<lo)?1:0;            \
-        c1 += hi; c2 += (c1<hi)?1:0;            \
-        } while(0)
-# else
-#  define mul_add_c(a,b,c0,c1,c2) do {  \
-        BN_ULONG t1,t2;                 \
-        asm ("mulq %3"                  \
-                : "=a"(t1),"=d"(t2)     \
-                : "a"(a),"m"(b)         \
-                : "cc");                \
-        asm ("addq %3,%0; adcq %4,%1; adcq %5,%2"       \
-                : "+r"(c0),"+r"(c1),"+r"(c2)            \
-                : "r"(t1),"r"(t2),"g"(0)                \
-                : "cc");                                \
-        } while (0)
-
-#  define sqr_add_c(a,i,c0,c1,c2) do {  \
-        BN_ULONG t1,t2;                 \
-        asm ("mulq %2"                  \
-                : "=a"(t1),"=d"(t2)     \
-                : "a"(a[i])             \
-                : "cc");                \
-        asm ("addq %3,%0; adcq %4,%1; adcq %5,%2"       \
-                : "+r"(c0),"+r"(c1),"+r"(c2)            \
-                : "r"(t1),"r"(t2),"g"(0)                \
-                : "cc");                                \
-        } while (0)
-
-#  define mul_add_c2(a,b,c0,c1,c2) do { \
-        BN_ULONG t1,t2;                 \
-        asm ("mulq %3"                  \
-                : "=a"(t1),"=d"(t2)     \
-                : "a"(a),"m"(b)         \
-                : "cc");                \
-        asm ("addq %3,%0; adcq %4,%1; adcq %5,%2"       \
-                : "+r"(c0),"+r"(c1),"+r"(c2)            \
-                : "r"(t1),"r"(t2),"g"(0)                \
-                : "cc");                                \
-        asm ("addq %3,%0; adcq %4,%1; adcq %5,%2"       \
-                : "+r"(c0),"+r"(c1),"+r"(c2)            \
-                : "r"(t1),"r"(t2),"g"(0)                \
-                : "cc");                                \
-        } while (0)
-# endif
-
-# define sqr_add_c2(a,i,j,c0,c1,c2)      \
-        mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-
-void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-{
-    BN_ULONG c1, c2, c3;
-
-    c1 = 0;
-    c2 = 0;
-    c3 = 0;
-    mul_add_c(a[0], b[0], c1, c2, c3);
-    r[0] = c1;
-    c1 = 0;
-    mul_add_c(a[0], b[1], c2, c3, c1);
-    mul_add_c(a[1], b[0], c2, c3, c1);
-    r[1] = c2;
-    c2 = 0;
-    mul_add_c(a[2], b[0], c3, c1, c2);
-    mul_add_c(a[1], b[1], c3, c1, c2);
-    mul_add_c(a[0], b[2], c3, c1, c2);
-    r[2] = c3;
-    c3 = 0;
-    mul_add_c(a[0], b[3], c1, c2, c3);
-    mul_add_c(a[1], b[2], c1, c2, c3);
-    mul_add_c(a[2], b[1], c1, c2, c3);
-    mul_add_c(a[3], b[0], c1, c2, c3);
-    r[3] = c1;
-    c1 = 0;
-    mul_add_c(a[4], b[0], c2, c3, c1);
-    mul_add_c(a[3], b[1], c2, c3, c1);
-    mul_add_c(a[2], b[2], c2, c3, c1);
-    mul_add_c(a[1], b[3], c2, c3, c1);
-    mul_add_c(a[0], b[4], c2, c3, c1);
-    r[4] = c2;
-    c2 = 0;
-    mul_add_c(a[0], b[5], c3, c1, c2);
-    mul_add_c(a[1], b[4], c3, c1, c2);
-    mul_add_c(a[2], b[3], c3, c1, c2);
-    mul_add_c(a[3], b[2], c3, c1, c2);
-    mul_add_c(a[4], b[1], c3, c1, c2);
-    mul_add_c(a[5], b[0], c3, c1, c2);
-    r[5] = c3;
-    c3 = 0;
-    mul_add_c(a[6], b[0], c1, c2, c3);
-    mul_add_c(a[5], b[1], c1, c2, c3);
-    mul_add_c(a[4], b[2], c1, c2, c3);
-    mul_add_c(a[3], b[3], c1, c2, c3);
-    mul_add_c(a[2], b[4], c1, c2, c3);
-    mul_add_c(a[1], b[5], c1, c2, c3);
-    mul_add_c(a[0], b[6], c1, c2, c3);
-    r[6] = c1;
-    c1 = 0;
-    mul_add_c(a[0], b[7], c2, c3, c1);
-    mul_add_c(a[1], b[6], c2, c3, c1);
-    mul_add_c(a[2], b[5], c2, c3, c1);
-    mul_add_c(a[3], b[4], c2, c3, c1);
-    mul_add_c(a[4], b[3], c2, c3, c1);
-    mul_add_c(a[5], b[2], c2, c3, c1);
-    mul_add_c(a[6], b[1], c2, c3, c1);
-    mul_add_c(a[7], b[0], c2, c3, c1);
-    r[7] = c2;
-    c2 = 0;
-    mul_add_c(a[7], b[1], c3, c1, c2);
-    mul_add_c(a[6], b[2], c3, c1, c2);
-    mul_add_c(a[5], b[3], c3, c1, c2);
-    mul_add_c(a[4], b[4], c3, c1, c2);
-    mul_add_c(a[3], b[5], c3, c1, c2);
-    mul_add_c(a[2], b[6], c3, c1, c2);
-    mul_add_c(a[1], b[7], c3, c1, c2);
-    r[8] = c3;
-    c3 = 0;
-    mul_add_c(a[2], b[7], c1, c2, c3);
-    mul_add_c(a[3], b[6], c1, c2, c3);
-    mul_add_c(a[4], b[5], c1, c2, c3);
-    mul_add_c(a[5], b[4], c1, c2, c3);
-    mul_add_c(a[6], b[3], c1, c2, c3);
-    mul_add_c(a[7], b[2], c1, c2, c3);
-    r[9] = c1;
-    c1 = 0;
-    mul_add_c(a[7], b[3], c2, c3, c1);
-    mul_add_c(a[6], b[4], c2, c3, c1);
-    mul_add_c(a[5], b[5], c2, c3, c1);
-    mul_add_c(a[4], b[6], c2, c3, c1);
-    mul_add_c(a[3], b[7], c2, c3, c1);
-    r[10] = c2;
-    c2 = 0;
-    mul_add_c(a[4], b[7], c3, c1, c2);
-    mul_add_c(a[5], b[6], c3, c1, c2);
-    mul_add_c(a[6], b[5], c3, c1, c2);
-    mul_add_c(a[7], b[4], c3, c1, c2);
-    r[11] = c3;
-    c3 = 0;
-    mul_add_c(a[7], b[5], c1, c2, c3);
-    mul_add_c(a[6], b[6], c1, c2, c3);
-    mul_add_c(a[5], b[7], c1, c2, c3);
-    r[12] = c1;
-    c1 = 0;
-    mul_add_c(a[6], b[7], c2, c3, c1);
-    mul_add_c(a[7], b[6], c2, c3, c1);
-    r[13] = c2;
-    c2 = 0;
-    mul_add_c(a[7], b[7], c3, c1, c2);
-    r[14] = c3;
-    r[15] = c1;
-}
-
-void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-{
-    BN_ULONG c1, c2, c3;
-
-    c1 = 0;
-    c2 = 0;
-    c3 = 0;
-    mul_add_c(a[0], b[0], c1, c2, c3);
-    r[0] = c1;
-    c1 = 0;
-    mul_add_c(a[0], b[1], c2, c3, c1);
-    mul_add_c(a[1], b[0], c2, c3, c1);
-    r[1] = c2;
-    c2 = 0;
-    mul_add_c(a[2], b[0], c3, c1, c2);
-    mul_add_c(a[1], b[1], c3, c1, c2);
-    mul_add_c(a[0], b[2], c3, c1, c2);
-    r[2] = c3;
-    c3 = 0;
-    mul_add_c(a[0], b[3], c1, c2, c3);
-    mul_add_c(a[1], b[2], c1, c2, c3);
-    mul_add_c(a[2], b[1], c1, c2, c3);
-    mul_add_c(a[3], b[0], c1, c2, c3);
-    r[3] = c1;
-    c1 = 0;
-    mul_add_c(a[3], b[1], c2, c3, c1);
-    mul_add_c(a[2], b[2], c2, c3, c1);
-    mul_add_c(a[1], b[3], c2, c3, c1);
-    r[4] = c2;
-    c2 = 0;
-    mul_add_c(a[2], b[3], c3, c1, c2);
-    mul_add_c(a[3], b[2], c3, c1, c2);
-    r[5] = c3;
-    c3 = 0;
-    mul_add_c(a[3], b[3], c1, c2, c3);
-    r[6] = c1;
-    r[7] = c2;
-}
-
-void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a)
-{
-    BN_ULONG c1, c2, c3;
-
-    c1 = 0;
-    c2 = 0;
-    c3 = 0;
-    sqr_add_c(a, 0, c1, c2, c3);
-    r[0] = c1;
-    c1 = 0;
-    sqr_add_c2(a, 1, 0, c2, c3, c1);
-    r[1] = c2;
-    c2 = 0;
-    sqr_add_c(a, 1, c3, c1, c2);
-    sqr_add_c2(a, 2, 0, c3, c1, c2);
-    r[2] = c3;
-    c3 = 0;
-    sqr_add_c2(a, 3, 0, c1, c2, c3);
-    sqr_add_c2(a, 2, 1, c1, c2, c3);
-    r[3] = c1;
-    c1 = 0;
-    sqr_add_c(a, 2, c2, c3, c1);
-    sqr_add_c2(a, 3, 1, c2, c3, c1);
-    sqr_add_c2(a, 4, 0, c2, c3, c1);
-    r[4] = c2;
-    c2 = 0;
-    sqr_add_c2(a, 5, 0, c3, c1, c2);
-    sqr_add_c2(a, 4, 1, c3, c1, c2);
-    sqr_add_c2(a, 3, 2, c3, c1, c2);
-    r[5] = c3;
-    c3 = 0;
-    sqr_add_c(a, 3, c1, c2, c3);
-    sqr_add_c2(a, 4, 2, c1, c2, c3);
-    sqr_add_c2(a, 5, 1, c1, c2, c3);
-    sqr_add_c2(a, 6, 0, c1, c2, c3);
-    r[6] = c1;
-    c1 = 0;
-    sqr_add_c2(a, 7, 0, c2, c3, c1);
-    sqr_add_c2(a, 6, 1, c2, c3, c1);
-    sqr_add_c2(a, 5, 2, c2, c3, c1);
-    sqr_add_c2(a, 4, 3, c2, c3, c1);
-    r[7] = c2;
-    c2 = 0;
-    sqr_add_c(a, 4, c3, c1, c2);
-    sqr_add_c2(a, 5, 3, c3, c1, c2);
-    sqr_add_c2(a, 6, 2, c3, c1, c2);
-    sqr_add_c2(a, 7, 1, c3, c1, c2);
-    r[8] = c3;
-    c3 = 0;
-    sqr_add_c2(a, 7, 2, c1, c2, c3);
-    sqr_add_c2(a, 6, 3, c1, c2, c3);
-    sqr_add_c2(a, 5, 4, c1, c2, c3);
-    r[9] = c1;
-    c1 = 0;
-    sqr_add_c(a, 5, c2, c3, c1);
-    sqr_add_c2(a, 6, 4, c2, c3, c1);
-    sqr_add_c2(a, 7, 3, c2, c3, c1);
-    r[10] = c2;
-    c2 = 0;
-    sqr_add_c2(a, 7, 4, c3, c1, c2);
-    sqr_add_c2(a, 6, 5, c3, c1, c2);
-    r[11] = c3;
-    c3 = 0;
-    sqr_add_c(a, 6, c1, c2, c3);
-    sqr_add_c2(a, 7, 5, c1, c2, c3);
-    r[12] = c1;
-    c1 = 0;
-    sqr_add_c2(a, 7, 6, c2, c3, c1);
-    r[13] = c2;
-    c2 = 0;
-    sqr_add_c(a, 7, c3, c1, c2);
-    r[14] = c3;
-    r[15] = c1;
-}
-
-void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a)
-{
-    BN_ULONG c1, c2, c3;
-
-    c1 = 0;
-    c2 = 0;
-    c3 = 0;
-    sqr_add_c(a, 0, c1, c2, c3);
-    r[0] = c1;
-    c1 = 0;
-    sqr_add_c2(a, 1, 0, c2, c3, c1);
-    r[1] = c2;
-    c2 = 0;
-    sqr_add_c(a, 1, c3, c1, c2);
-    sqr_add_c2(a, 2, 0, c3, c1, c2);
-    r[2] = c3;
-    c3 = 0;
-    sqr_add_c2(a, 3, 0, c1, c2, c3);
-    sqr_add_c2(a, 2, 1, c1, c2, c3);
-    r[3] = c1;
-    c1 = 0;
-    sqr_add_c(a, 2, c2, c3, c1);
-    sqr_add_c2(a, 3, 1, c2, c3, c1);
-    r[4] = c2;
-    c2 = 0;
-    sqr_add_c2(a, 3, 2, c3, c1, c2);
-    r[5] = c3;
-    c3 = 0;
-    sqr_add_c(a, 3, c1, c2, c3);
-    r[6] = c1;
-    r[7] = c2;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/bn/bn.mul b/thirdparty/openssl/crypto/bn/bn.mul
deleted file mode 100644
index 9728870d38..0000000000
--- a/thirdparty/openssl/crypto/bn/bn.mul
+++ /dev/null
@@ -1,19 +0,0 @@
-We need
-
-* bn_mul_comba8
-* bn_mul_comba4
-* bn_mul_normal
-* bn_mul_recursive
-
-* bn_sqr_comba8
-* bn_sqr_comba4
-bn_sqr_normal -> BN_sqr
-* bn_sqr_recursive
-
-* bn_mul_low_recursive
-* bn_mul_low_normal
-* bn_mul_high
-
-* bn_mul_part_recursive	# symetric but not power of 2
-
-bn_mul_asymetric_recursive # uneven, but do the chop up.
diff --git a/thirdparty/openssl/crypto/bn/bn_add.c b/thirdparty/openssl/crypto/bn/bn_add.c
deleted file mode 100644
index 2f3d110449..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_add.c
+++ /dev/null
@@ -1,313 +0,0 @@
-/* crypto/bn/bn_add.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-/* r can == a or b */
-int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
-{
-    const BIGNUM *tmp;
-    int a_neg = a->neg, ret;
-
-    bn_check_top(a);
-    bn_check_top(b);
-
-    /*-
-     *  a +  b      a+b
-     *  a + -b      a-b
-     * -a +  b      b-a
-     * -a + -b      -(a+b)
-     */
-    if (a_neg ^ b->neg) {
-        /* only one is negative */
-        if (a_neg) {
-            tmp = a;
-            a = b;
-            b = tmp;
-        }
-
-        /* we are now a - b */
-
-        if (BN_ucmp(a, b) < 0) {
-            if (!BN_usub(r, b, a))
-                return (0);
-            r->neg = 1;
-        } else {
-            if (!BN_usub(r, a, b))
-                return (0);
-            r->neg = 0;
-        }
-        return (1);
-    }
-
-    ret = BN_uadd(r, a, b);
-    r->neg = a_neg;
-    bn_check_top(r);
-    return ret;
-}
-
-/* unsigned add of b to a */
-int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
-{
-    int max, min, dif;
-    BN_ULONG *ap, *bp, *rp, carry, t1, t2;
-    const BIGNUM *tmp;
-
-    bn_check_top(a);
-    bn_check_top(b);
-
-    if (a->top < b->top) {
-        tmp = a;
-        a = b;
-        b = tmp;
-    }
-    max = a->top;
-    min = b->top;
-    dif = max - min;
-
-    if (bn_wexpand(r, max + 1) == NULL)
-        return 0;
-
-    r->top = max;
-
-    ap = a->d;
-    bp = b->d;
-    rp = r->d;
-
-    carry = bn_add_words(rp, ap, bp, min);
-    rp += min;
-    ap += min;
-    bp += min;
-
-    if (carry) {
-        while (dif) {
-            dif--;
-            t1 = *(ap++);
-            t2 = (t1 + 1) & BN_MASK2;
-            *(rp++) = t2;
-            if (t2) {
-                carry = 0;
-                break;
-            }
-        }
-        if (carry) {
-            /* carry != 0 => dif == 0 */
-            *rp = 1;
-            r->top++;
-        }
-    }
-    if (dif && rp != ap)
-        while (dif--)
-            /* copy remaining words if ap != rp */
-            *(rp++) = *(ap++);
-    r->neg = 0;
-    bn_check_top(r);
-    return 1;
-}
-
-/* unsigned subtraction of b from a, a must be larger than b. */
-int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
-{
-    int max, min, dif;
-    register BN_ULONG t1, t2, *ap, *bp, *rp;
-    int i, carry;
-#if defined(IRIX_CC_BUG) && !defined(LINT)
-    int dummy;
-#endif
-
-    bn_check_top(a);
-    bn_check_top(b);
-
-    max = a->top;
-    min = b->top;
-    dif = max - min;
-
-    if (dif < 0) {              /* hmm... should not be happening */
-        BNerr(BN_F_BN_USUB, BN_R_ARG2_LT_ARG3);
-        return (0);
-    }
-
-    if (bn_wexpand(r, max) == NULL)
-        return (0);
-
-    ap = a->d;
-    bp = b->d;
-    rp = r->d;
-
-#if 1
-    carry = 0;
-    for (i = min; i != 0; i--) {
-        t1 = *(ap++);
-        t2 = *(bp++);
-        if (carry) {
-            carry = (t1 <= t2);
-            t1 = (t1 - t2 - 1) & BN_MASK2;
-        } else {
-            carry = (t1 < t2);
-            t1 = (t1 - t2) & BN_MASK2;
-        }
-# if defined(IRIX_CC_BUG) && !defined(LINT)
-        dummy = t1;
-# endif
-        *(rp++) = t1 & BN_MASK2;
-    }
-#else
-    carry = bn_sub_words(rp, ap, bp, min);
-    ap += min;
-    bp += min;
-    rp += min;
-#endif
-    if (carry) {                /* subtracted */
-        if (!dif)
-            /* error: a < b */
-            return 0;
-        while (dif) {
-            dif--;
-            t1 = *(ap++);
-            t2 = (t1 - 1) & BN_MASK2;
-            *(rp++) = t2;
-            if (t1)
-                break;
-        }
-    }
-#if 0
-    memcpy(rp, ap, sizeof(*rp) * (max - i));
-#else
-    if (rp != ap) {
-        for (;;) {
-            if (!dif--)
-                break;
-            rp[0] = ap[0];
-            if (!dif--)
-                break;
-            rp[1] = ap[1];
-            if (!dif--)
-                break;
-            rp[2] = ap[2];
-            if (!dif--)
-                break;
-            rp[3] = ap[3];
-            rp += 4;
-            ap += 4;
-        }
-    }
-#endif
-
-    r->top = max;
-    r->neg = 0;
-    bn_correct_top(r);
-    return (1);
-}
-
-int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
-{
-    int max;
-    int add = 0, neg = 0;
-    const BIGNUM *tmp;
-
-    bn_check_top(a);
-    bn_check_top(b);
-
-    /*-
-     *  a -  b      a-b
-     *  a - -b      a+b
-     * -a -  b      -(a+b)
-     * -a - -b      b-a
-     */
-    if (a->neg) {
-        if (b->neg) {
-            tmp = a;
-            a = b;
-            b = tmp;
-        } else {
-            add = 1;
-            neg = 1;
-        }
-    } else {
-        if (b->neg) {
-            add = 1;
-            neg = 0;
-        }
-    }
-
-    if (add) {
-        if (!BN_uadd(r, a, b))
-            return (0);
-        r->neg = neg;
-        return (1);
-    }
-
-    /* We are actually doing a - b :-) */
-
-    max = (a->top > b->top) ? a->top : b->top;
-    if (bn_wexpand(r, max) == NULL)
-        return (0);
-    if (BN_ucmp(a, b) < 0) {
-        if (!BN_usub(r, b, a))
-            return (0);
-        r->neg = 1;
-    } else {
-        if (!BN_usub(r, a, b))
-            return (0);
-        r->neg = 0;
-    }
-    bn_check_top(r);
-    return (1);
-}
diff --git a/thirdparty/openssl/crypto/bn/bn_asm.c b/thirdparty/openssl/crypto/bn/bn_asm.c
deleted file mode 100644
index 03a33cffe5..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_asm.c
+++ /dev/null
@@ -1,1093 +0,0 @@
-/* crypto/bn/bn_asm.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef BN_DEBUG
-# undef NDEBUG                  /* avoid conflicting definitions */
-# define NDEBUG
-#endif
-
-#include <stdio.h>
-#include <assert.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#if defined(BN_LLONG) || defined(BN_UMULT_HIGH)
-
-BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num,
-                          BN_ULONG w)
-{
-    BN_ULONG c1 = 0;
-
-    assert(num >= 0);
-    if (num <= 0)
-        return (c1);
-
-# ifndef OPENSSL_SMALL_FOOTPRINT
-    while (num & ~3) {
-        mul_add(rp[0], ap[0], w, c1);
-        mul_add(rp[1], ap[1], w, c1);
-        mul_add(rp[2], ap[2], w, c1);
-        mul_add(rp[3], ap[3], w, c1);
-        ap += 4;
-        rp += 4;
-        num -= 4;
-    }
-# endif
-    while (num) {
-        mul_add(rp[0], ap[0], w, c1);
-        ap++;
-        rp++;
-        num--;
-    }
-
-    return (c1);
-}
-
-BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
-{
-    BN_ULONG c1 = 0;
-
-    assert(num >= 0);
-    if (num <= 0)
-        return (c1);
-
-# ifndef OPENSSL_SMALL_FOOTPRINT
-    while (num & ~3) {
-        mul(rp[0], ap[0], w, c1);
-        mul(rp[1], ap[1], w, c1);
-        mul(rp[2], ap[2], w, c1);
-        mul(rp[3], ap[3], w, c1);
-        ap += 4;
-        rp += 4;
-        num -= 4;
-    }
-# endif
-    while (num) {
-        mul(rp[0], ap[0], w, c1);
-        ap++;
-        rp++;
-        num--;
-    }
-    return (c1);
-}
-
-void bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n)
-{
-    assert(n >= 0);
-    if (n <= 0)
-        return;
-
-# ifndef OPENSSL_SMALL_FOOTPRINT
-    while (n & ~3) {
-        sqr(r[0], r[1], a[0]);
-        sqr(r[2], r[3], a[1]);
-        sqr(r[4], r[5], a[2]);
-        sqr(r[6], r[7], a[3]);
-        a += 4;
-        r += 8;
-        n -= 4;
-    }
-# endif
-    while (n) {
-        sqr(r[0], r[1], a[0]);
-        a++;
-        r += 2;
-        n--;
-    }
-}
-
-#else                           /* !(defined(BN_LLONG) ||
-                                 * defined(BN_UMULT_HIGH)) */
-
-BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num,
-                          BN_ULONG w)
-{
-    BN_ULONG c = 0;
-    BN_ULONG bl, bh;
-
-    assert(num >= 0);
-    if (num <= 0)
-        return ((BN_ULONG)0);
-
-    bl = LBITS(w);
-    bh = HBITS(w);
-
-# ifndef OPENSSL_SMALL_FOOTPRINT
-    while (num & ~3) {
-        mul_add(rp[0], ap[0], bl, bh, c);
-        mul_add(rp[1], ap[1], bl, bh, c);
-        mul_add(rp[2], ap[2], bl, bh, c);
-        mul_add(rp[3], ap[3], bl, bh, c);
-        ap += 4;
-        rp += 4;
-        num -= 4;
-    }
-# endif
-    while (num) {
-        mul_add(rp[0], ap[0], bl, bh, c);
-        ap++;
-        rp++;
-        num--;
-    }
-    return (c);
-}
-
-BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
-{
-    BN_ULONG carry = 0;
-    BN_ULONG bl, bh;
-
-    assert(num >= 0);
-    if (num <= 0)
-        return ((BN_ULONG)0);
-
-    bl = LBITS(w);
-    bh = HBITS(w);
-
-# ifndef OPENSSL_SMALL_FOOTPRINT
-    while (num & ~3) {
-        mul(rp[0], ap[0], bl, bh, carry);
-        mul(rp[1], ap[1], bl, bh, carry);
-        mul(rp[2], ap[2], bl, bh, carry);
-        mul(rp[3], ap[3], bl, bh, carry);
-        ap += 4;
-        rp += 4;
-        num -= 4;
-    }
-# endif
-    while (num) {
-        mul(rp[0], ap[0], bl, bh, carry);
-        ap++;
-        rp++;
-        num--;
-    }
-    return (carry);
-}
-
-void bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n)
-{
-    assert(n >= 0);
-    if (n <= 0)
-        return;
-
-# ifndef OPENSSL_SMALL_FOOTPRINT
-    while (n & ~3) {
-        sqr64(r[0], r[1], a[0]);
-        sqr64(r[2], r[3], a[1]);
-        sqr64(r[4], r[5], a[2]);
-        sqr64(r[6], r[7], a[3]);
-        a += 4;
-        r += 8;
-        n -= 4;
-    }
-# endif
-    while (n) {
-        sqr64(r[0], r[1], a[0]);
-        a++;
-        r += 2;
-        n--;
-    }
-}
-
-#endif                          /* !(defined(BN_LLONG) ||
-                                 * defined(BN_UMULT_HIGH)) */
-
-#if defined(BN_LLONG) && defined(BN_DIV2W)
-
-BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
-{
-    return ((BN_ULONG)(((((BN_ULLONG) h) << BN_BITS2) | l) / (BN_ULLONG) d));
-}
-
-#else
-
-/* Divide h,l by d and return the result. */
-/* I need to test this some more :-( */
-BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
-{
-    BN_ULONG dh, dl, q, ret = 0, th, tl, t;
-    int i, count = 2;
-
-    if (d == 0)
-        return (BN_MASK2);
-
-    i = BN_num_bits_word(d);
-    assert((i == BN_BITS2) || (h <= (BN_ULONG)1 << i));
-
-    i = BN_BITS2 - i;
-    if (h >= d)
-        h -= d;
-
-    if (i) {
-        d <<= i;
-        h = (h << i) | (l >> (BN_BITS2 - i));
-        l <<= i;
-    }
-    dh = (d & BN_MASK2h) >> BN_BITS4;
-    dl = (d & BN_MASK2l);
-    for (;;) {
-        if ((h >> BN_BITS4) == dh)
-            q = BN_MASK2l;
-        else
-            q = h / dh;
-
-        th = q * dh;
-        tl = dl * q;
-        for (;;) {
-            t = h - th;
-            if ((t & BN_MASK2h) ||
-                ((tl) <= ((t << BN_BITS4) | ((l & BN_MASK2h) >> BN_BITS4))))
-                break;
-            q--;
-            th -= dh;
-            tl -= dl;
-        }
-        t = (tl >> BN_BITS4);
-        tl = (tl << BN_BITS4) & BN_MASK2h;
-        th += t;
-
-        if (l < tl)
-            th++;
-        l -= tl;
-        if (h < th) {
-            h += d;
-            q--;
-        }
-        h -= th;
-
-        if (--count == 0)
-            break;
-
-        ret = q << BN_BITS4;
-        h = ((h << BN_BITS4) | (l >> BN_BITS4)) & BN_MASK2;
-        l = (l & BN_MASK2l) << BN_BITS4;
-    }
-    ret |= q;
-    return (ret);
-}
-#endif                          /* !defined(BN_LLONG) && defined(BN_DIV2W) */
-
-#ifdef BN_LLONG
-BN_ULONG bn_add_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
-                      int n)
-{
-    BN_ULLONG ll = 0;
-
-    assert(n >= 0);
-    if (n <= 0)
-        return ((BN_ULONG)0);
-
-# ifndef OPENSSL_SMALL_FOOTPRINT
-    while (n & ~3) {
-        ll += (BN_ULLONG) a[0] + b[0];
-        r[0] = (BN_ULONG)ll & BN_MASK2;
-        ll >>= BN_BITS2;
-        ll += (BN_ULLONG) a[1] + b[1];
-        r[1] = (BN_ULONG)ll & BN_MASK2;
-        ll >>= BN_BITS2;
-        ll += (BN_ULLONG) a[2] + b[2];
-        r[2] = (BN_ULONG)ll & BN_MASK2;
-        ll >>= BN_BITS2;
-        ll += (BN_ULLONG) a[3] + b[3];
-        r[3] = (BN_ULONG)ll & BN_MASK2;
-        ll >>= BN_BITS2;
-        a += 4;
-        b += 4;
-        r += 4;
-        n -= 4;
-    }
-# endif
-    while (n) {
-        ll += (BN_ULLONG) a[0] + b[0];
-        r[0] = (BN_ULONG)ll & BN_MASK2;
-        ll >>= BN_BITS2;
-        a++;
-        b++;
-        r++;
-        n--;
-    }
-    return ((BN_ULONG)ll);
-}
-#else                           /* !BN_LLONG */
-BN_ULONG bn_add_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
-                      int n)
-{
-    BN_ULONG c, l, t;
-
-    assert(n >= 0);
-    if (n <= 0)
-        return ((BN_ULONG)0);
-
-    c = 0;
-# ifndef OPENSSL_SMALL_FOOTPRINT
-    while (n & ~3) {
-        t = a[0];
-        t = (t + c) & BN_MASK2;
-        c = (t < c);
-        l = (t + b[0]) & BN_MASK2;
-        c += (l < t);
-        r[0] = l;
-        t = a[1];
-        t = (t + c) & BN_MASK2;
-        c = (t < c);
-        l = (t + b[1]) & BN_MASK2;
-        c += (l < t);
-        r[1] = l;
-        t = a[2];
-        t = (t + c) & BN_MASK2;
-        c = (t < c);
-        l = (t + b[2]) & BN_MASK2;
-        c += (l < t);
-        r[2] = l;
-        t = a[3];
-        t = (t + c) & BN_MASK2;
-        c = (t < c);
-        l = (t + b[3]) & BN_MASK2;
-        c += (l < t);
-        r[3] = l;
-        a += 4;
-        b += 4;
-        r += 4;
-        n -= 4;
-    }
-# endif
-    while (n) {
-        t = a[0];
-        t = (t + c) & BN_MASK2;
-        c = (t < c);
-        l = (t + b[0]) & BN_MASK2;
-        c += (l < t);
-        r[0] = l;
-        a++;
-        b++;
-        r++;
-        n--;
-    }
-    return ((BN_ULONG)c);
-}
-#endif                          /* !BN_LLONG */
-
-BN_ULONG bn_sub_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
-                      int n)
-{
-    BN_ULONG t1, t2;
-    int c = 0;
-
-    assert(n >= 0);
-    if (n <= 0)
-        return ((BN_ULONG)0);
-
-#ifndef OPENSSL_SMALL_FOOTPRINT
-    while (n & ~3) {
-        t1 = a[0];
-        t2 = b[0];
-        r[0] = (t1 - t2 - c) & BN_MASK2;
-        if (t1 != t2)
-            c = (t1 < t2);
-        t1 = a[1];
-        t2 = b[1];
-        r[1] = (t1 - t2 - c) & BN_MASK2;
-        if (t1 != t2)
-            c = (t1 < t2);
-        t1 = a[2];
-        t2 = b[2];
-        r[2] = (t1 - t2 - c) & BN_MASK2;
-        if (t1 != t2)
-            c = (t1 < t2);
-        t1 = a[3];
-        t2 = b[3];
-        r[3] = (t1 - t2 - c) & BN_MASK2;
-        if (t1 != t2)
-            c = (t1 < t2);
-        a += 4;
-        b += 4;
-        r += 4;
-        n -= 4;
-    }
-#endif
-    while (n) {
-        t1 = a[0];
-        t2 = b[0];
-        r[0] = (t1 - t2 - c) & BN_MASK2;
-        if (t1 != t2)
-            c = (t1 < t2);
-        a++;
-        b++;
-        r++;
-        n--;
-    }
-    return (c);
-}
-
-#if defined(BN_MUL_COMBA) && !defined(OPENSSL_SMALL_FOOTPRINT)
-
-# undef bn_mul_comba8
-# undef bn_mul_comba4
-# undef bn_sqr_comba8
-# undef bn_sqr_comba4
-
-/* mul_add_c(a,b,c0,c1,c2)  -- c+=a*b for three word number c=(c2,c1,c0) */
-/* mul_add_c2(a,b,c0,c1,c2) -- c+=2*a*b for three word number c=(c2,c1,c0) */
-/* sqr_add_c(a,i,c0,c1,c2)  -- c+=a[i]^2 for three word number c=(c2,c1,c0) */
-/*
- * sqr_add_c2(a,i,c0,c1,c2) -- c+=2*a[i]*a[j] for three word number
- * c=(c2,c1,c0)
- */
-
-# ifdef BN_LLONG
-/*
- * Keep in mind that additions to multiplication result can not
- * overflow, because its high half cannot be all-ones.
- */
-#  define mul_add_c(a,b,c0,c1,c2)       do {    \
-        BN_ULONG hi;                            \
-        BN_ULLONG t = (BN_ULLONG)(a)*(b);       \
-        t += c0;                /* no carry */  \
-        c0 = (BN_ULONG)Lw(t);                   \
-        hi = (BN_ULONG)Hw(t);                   \
-        c1 = (c1+hi)&BN_MASK2; if (c1<hi) c2++; \
-        } while(0)
-
-#  define mul_add_c2(a,b,c0,c1,c2)      do {    \
-        BN_ULONG hi;                            \
-        BN_ULLONG t = (BN_ULLONG)(a)*(b);       \
-        BN_ULLONG tt = t+c0;    /* no carry */  \
-        c0 = (BN_ULONG)Lw(tt);                  \
-        hi = (BN_ULONG)Hw(tt);                  \
-        c1 = (c1+hi)&BN_MASK2; if (c1<hi) c2++; \
-        t += c0;                /* no carry */  \
-        c0 = (BN_ULONG)Lw(t);                   \
-        hi = (BN_ULONG)Hw(t);                   \
-        c1 = (c1+hi)&BN_MASK2; if (c1<hi) c2++; \
-        } while(0)
-
-#  define sqr_add_c(a,i,c0,c1,c2)       do {    \
-        BN_ULONG hi;                            \
-        BN_ULLONG t = (BN_ULLONG)a[i]*a[i];     \
-        t += c0;                /* no carry */  \
-        c0 = (BN_ULONG)Lw(t);                   \
-        hi = (BN_ULONG)Hw(t);                   \
-        c1 = (c1+hi)&BN_MASK2; if (c1<hi) c2++; \
-        } while(0)
-
-#  define sqr_add_c2(a,i,j,c0,c1,c2) \
-        mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-
-# elif defined(BN_UMULT_LOHI)
-/*
- * Keep in mind that additions to hi can not overflow, because
- * the high word of a multiplication result cannot be all-ones.
- */
-#  define mul_add_c(a,b,c0,c1,c2)       do {    \
-        BN_ULONG ta = (a), tb = (b);            \
-        BN_ULONG lo, hi;                        \
-        BN_UMULT_LOHI(lo,hi,ta,tb);             \
-        c0 += lo; hi += (c0<lo)?1:0;            \
-        c1 += hi; c2 += (c1<hi)?1:0;            \
-        } while(0)
-
-#  define mul_add_c2(a,b,c0,c1,c2)      do {    \
-        BN_ULONG ta = (a), tb = (b);            \
-        BN_ULONG lo, hi, tt;                    \
-        BN_UMULT_LOHI(lo,hi,ta,tb);             \
-        c0 += lo; tt = hi+((c0<lo)?1:0);        \
-        c1 += tt; c2 += (c1<tt)?1:0;            \
-        c0 += lo; hi += (c0<lo)?1:0;            \
-        c1 += hi; c2 += (c1<hi)?1:0;            \
-        } while(0)
-
-#  define sqr_add_c(a,i,c0,c1,c2)       do {    \
-        BN_ULONG ta = (a)[i];                   \
-        BN_ULONG lo, hi;                        \
-        BN_UMULT_LOHI(lo,hi,ta,ta);             \
-        c0 += lo; hi += (c0<lo)?1:0;            \
-        c1 += hi; c2 += (c1<hi)?1:0;            \
-        } while(0)
-
-#  define sqr_add_c2(a,i,j,c0,c1,c2)    \
-        mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-
-# elif defined(BN_UMULT_HIGH)
-/*
- * Keep in mind that additions to hi can not overflow, because
- * the high word of a multiplication result cannot be all-ones.
- */
-#  define mul_add_c(a,b,c0,c1,c2)       do {    \
-        BN_ULONG ta = (a), tb = (b);            \
-        BN_ULONG lo = ta * tb;                  \
-        BN_ULONG hi = BN_UMULT_HIGH(ta,tb);     \
-        c0 += lo; hi += (c0<lo)?1:0;            \
-        c1 += hi; c2 += (c1<hi)?1:0;            \
-        } while(0)
-
-#  define mul_add_c2(a,b,c0,c1,c2)      do {    \
-        BN_ULONG ta = (a), tb = (b), tt;        \
-        BN_ULONG lo = ta * tb;                  \
-        BN_ULONG hi = BN_UMULT_HIGH(ta,tb);     \
-        c0 += lo; tt = hi + ((c0<lo)?1:0);      \
-        c1 += tt; c2 += (c1<tt)?1:0;            \
-        c0 += lo; hi += (c0<lo)?1:0;            \
-        c1 += hi; c2 += (c1<hi)?1:0;            \
-        } while(0)
-
-#  define sqr_add_c(a,i,c0,c1,c2)       do {    \
-        BN_ULONG ta = (a)[i];                   \
-        BN_ULONG lo = ta * ta;                  \
-        BN_ULONG hi = BN_UMULT_HIGH(ta,ta);     \
-        c0 += lo; hi += (c0<lo)?1:0;            \
-        c1 += hi; c2 += (c1<hi)?1:0;            \
-        } while(0)
-
-#  define sqr_add_c2(a,i,j,c0,c1,c2)      \
-        mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-
-# else                          /* !BN_LLONG */
-/*
- * Keep in mind that additions to hi can not overflow, because
- * the high word of a multiplication result cannot be all-ones.
- */
-#  define mul_add_c(a,b,c0,c1,c2)       do {    \
-        BN_ULONG lo = LBITS(a), hi = HBITS(a);  \
-        BN_ULONG bl = LBITS(b), bh = HBITS(b);  \
-        mul64(lo,hi,bl,bh);                     \
-        c0 = (c0+lo)&BN_MASK2; if (c0<lo) hi++; \
-        c1 = (c1+hi)&BN_MASK2; if (c1<hi) c2++; \
-        } while(0)
-
-#  define mul_add_c2(a,b,c0,c1,c2)      do {    \
-        BN_ULONG tt;                            \
-        BN_ULONG lo = LBITS(a), hi = HBITS(a);  \
-        BN_ULONG bl = LBITS(b), bh = HBITS(b);  \
-        mul64(lo,hi,bl,bh);                     \
-        tt = hi;                                \
-        c0 = (c0+lo)&BN_MASK2; if (c0<lo) tt++; \
-        c1 = (c1+tt)&BN_MASK2; if (c1<tt) c2++; \
-        c0 = (c0+lo)&BN_MASK2; if (c0<lo) hi++; \
-        c1 = (c1+hi)&BN_MASK2; if (c1<hi) c2++; \
-        } while(0)
-
-#  define sqr_add_c(a,i,c0,c1,c2)       do {    \
-        BN_ULONG lo, hi;                        \
-        sqr64(lo,hi,(a)[i]);                    \
-        c0 = (c0+lo)&BN_MASK2; if (c0<lo) hi++; \
-        c1 = (c1+hi)&BN_MASK2; if (c1<hi) c2++; \
-        } while(0)
-
-#  define sqr_add_c2(a,i,j,c0,c1,c2) \
-        mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-# endif                         /* !BN_LLONG */
-
-void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-{
-    BN_ULONG c1, c2, c3;
-
-    c1 = 0;
-    c2 = 0;
-    c3 = 0;
-    mul_add_c(a[0], b[0], c1, c2, c3);
-    r[0] = c1;
-    c1 = 0;
-    mul_add_c(a[0], b[1], c2, c3, c1);
-    mul_add_c(a[1], b[0], c2, c3, c1);
-    r[1] = c2;
-    c2 = 0;
-    mul_add_c(a[2], b[0], c3, c1, c2);
-    mul_add_c(a[1], b[1], c3, c1, c2);
-    mul_add_c(a[0], b[2], c3, c1, c2);
-    r[2] = c3;
-    c3 = 0;
-    mul_add_c(a[0], b[3], c1, c2, c3);
-    mul_add_c(a[1], b[2], c1, c2, c3);
-    mul_add_c(a[2], b[1], c1, c2, c3);
-    mul_add_c(a[3], b[0], c1, c2, c3);
-    r[3] = c1;
-    c1 = 0;
-    mul_add_c(a[4], b[0], c2, c3, c1);
-    mul_add_c(a[3], b[1], c2, c3, c1);
-    mul_add_c(a[2], b[2], c2, c3, c1);
-    mul_add_c(a[1], b[3], c2, c3, c1);
-    mul_add_c(a[0], b[4], c2, c3, c1);
-    r[4] = c2;
-    c2 = 0;
-    mul_add_c(a[0], b[5], c3, c1, c2);
-    mul_add_c(a[1], b[4], c3, c1, c2);
-    mul_add_c(a[2], b[3], c3, c1, c2);
-    mul_add_c(a[3], b[2], c3, c1, c2);
-    mul_add_c(a[4], b[1], c3, c1, c2);
-    mul_add_c(a[5], b[0], c3, c1, c2);
-    r[5] = c3;
-    c3 = 0;
-    mul_add_c(a[6], b[0], c1, c2, c3);
-    mul_add_c(a[5], b[1], c1, c2, c3);
-    mul_add_c(a[4], b[2], c1, c2, c3);
-    mul_add_c(a[3], b[3], c1, c2, c3);
-    mul_add_c(a[2], b[4], c1, c2, c3);
-    mul_add_c(a[1], b[5], c1, c2, c3);
-    mul_add_c(a[0], b[6], c1, c2, c3);
-    r[6] = c1;
-    c1 = 0;
-    mul_add_c(a[0], b[7], c2, c3, c1);
-    mul_add_c(a[1], b[6], c2, c3, c1);
-    mul_add_c(a[2], b[5], c2, c3, c1);
-    mul_add_c(a[3], b[4], c2, c3, c1);
-    mul_add_c(a[4], b[3], c2, c3, c1);
-    mul_add_c(a[5], b[2], c2, c3, c1);
-    mul_add_c(a[6], b[1], c2, c3, c1);
-    mul_add_c(a[7], b[0], c2, c3, c1);
-    r[7] = c2;
-    c2 = 0;
-    mul_add_c(a[7], b[1], c3, c1, c2);
-    mul_add_c(a[6], b[2], c3, c1, c2);
-    mul_add_c(a[5], b[3], c3, c1, c2);
-    mul_add_c(a[4], b[4], c3, c1, c2);
-    mul_add_c(a[3], b[5], c3, c1, c2);
-    mul_add_c(a[2], b[6], c3, c1, c2);
-    mul_add_c(a[1], b[7], c3, c1, c2);
-    r[8] = c3;
-    c3 = 0;
-    mul_add_c(a[2], b[7], c1, c2, c3);
-    mul_add_c(a[3], b[6], c1, c2, c3);
-    mul_add_c(a[4], b[5], c1, c2, c3);
-    mul_add_c(a[5], b[4], c1, c2, c3);
-    mul_add_c(a[6], b[3], c1, c2, c3);
-    mul_add_c(a[7], b[2], c1, c2, c3);
-    r[9] = c1;
-    c1 = 0;
-    mul_add_c(a[7], b[3], c2, c3, c1);
-    mul_add_c(a[6], b[4], c2, c3, c1);
-    mul_add_c(a[5], b[5], c2, c3, c1);
-    mul_add_c(a[4], b[6], c2, c3, c1);
-    mul_add_c(a[3], b[7], c2, c3, c1);
-    r[10] = c2;
-    c2 = 0;
-    mul_add_c(a[4], b[7], c3, c1, c2);
-    mul_add_c(a[5], b[6], c3, c1, c2);
-    mul_add_c(a[6], b[5], c3, c1, c2);
-    mul_add_c(a[7], b[4], c3, c1, c2);
-    r[11] = c3;
-    c3 = 0;
-    mul_add_c(a[7], b[5], c1, c2, c3);
-    mul_add_c(a[6], b[6], c1, c2, c3);
-    mul_add_c(a[5], b[7], c1, c2, c3);
-    r[12] = c1;
-    c1 = 0;
-    mul_add_c(a[6], b[7], c2, c3, c1);
-    mul_add_c(a[7], b[6], c2, c3, c1);
-    r[13] = c2;
-    c2 = 0;
-    mul_add_c(a[7], b[7], c3, c1, c2);
-    r[14] = c3;
-    r[15] = c1;
-}
-
-void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-{
-    BN_ULONG c1, c2, c3;
-
-    c1 = 0;
-    c2 = 0;
-    c3 = 0;
-    mul_add_c(a[0], b[0], c1, c2, c3);
-    r[0] = c1;
-    c1 = 0;
-    mul_add_c(a[0], b[1], c2, c3, c1);
-    mul_add_c(a[1], b[0], c2, c3, c1);
-    r[1] = c2;
-    c2 = 0;
-    mul_add_c(a[2], b[0], c3, c1, c2);
-    mul_add_c(a[1], b[1], c3, c1, c2);
-    mul_add_c(a[0], b[2], c3, c1, c2);
-    r[2] = c3;
-    c3 = 0;
-    mul_add_c(a[0], b[3], c1, c2, c3);
-    mul_add_c(a[1], b[2], c1, c2, c3);
-    mul_add_c(a[2], b[1], c1, c2, c3);
-    mul_add_c(a[3], b[0], c1, c2, c3);
-    r[3] = c1;
-    c1 = 0;
-    mul_add_c(a[3], b[1], c2, c3, c1);
-    mul_add_c(a[2], b[2], c2, c3, c1);
-    mul_add_c(a[1], b[3], c2, c3, c1);
-    r[4] = c2;
-    c2 = 0;
-    mul_add_c(a[2], b[3], c3, c1, c2);
-    mul_add_c(a[3], b[2], c3, c1, c2);
-    r[5] = c3;
-    c3 = 0;
-    mul_add_c(a[3], b[3], c1, c2, c3);
-    r[6] = c1;
-    r[7] = c2;
-}
-
-void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a)
-{
-    BN_ULONG c1, c2, c3;
-
-    c1 = 0;
-    c2 = 0;
-    c3 = 0;
-    sqr_add_c(a, 0, c1, c2, c3);
-    r[0] = c1;
-    c1 = 0;
-    sqr_add_c2(a, 1, 0, c2, c3, c1);
-    r[1] = c2;
-    c2 = 0;
-    sqr_add_c(a, 1, c3, c1, c2);
-    sqr_add_c2(a, 2, 0, c3, c1, c2);
-    r[2] = c3;
-    c3 = 0;
-    sqr_add_c2(a, 3, 0, c1, c2, c3);
-    sqr_add_c2(a, 2, 1, c1, c2, c3);
-    r[3] = c1;
-    c1 = 0;
-    sqr_add_c(a, 2, c2, c3, c1);
-    sqr_add_c2(a, 3, 1, c2, c3, c1);
-    sqr_add_c2(a, 4, 0, c2, c3, c1);
-    r[4] = c2;
-    c2 = 0;
-    sqr_add_c2(a, 5, 0, c3, c1, c2);
-    sqr_add_c2(a, 4, 1, c3, c1, c2);
-    sqr_add_c2(a, 3, 2, c3, c1, c2);
-    r[5] = c3;
-    c3 = 0;
-    sqr_add_c(a, 3, c1, c2, c3);
-    sqr_add_c2(a, 4, 2, c1, c2, c3);
-    sqr_add_c2(a, 5, 1, c1, c2, c3);
-    sqr_add_c2(a, 6, 0, c1, c2, c3);
-    r[6] = c1;
-    c1 = 0;
-    sqr_add_c2(a, 7, 0, c2, c3, c1);
-    sqr_add_c2(a, 6, 1, c2, c3, c1);
-    sqr_add_c2(a, 5, 2, c2, c3, c1);
-    sqr_add_c2(a, 4, 3, c2, c3, c1);
-    r[7] = c2;
-    c2 = 0;
-    sqr_add_c(a, 4, c3, c1, c2);
-    sqr_add_c2(a, 5, 3, c3, c1, c2);
-    sqr_add_c2(a, 6, 2, c3, c1, c2);
-    sqr_add_c2(a, 7, 1, c3, c1, c2);
-    r[8] = c3;
-    c3 = 0;
-    sqr_add_c2(a, 7, 2, c1, c2, c3);
-    sqr_add_c2(a, 6, 3, c1, c2, c3);
-    sqr_add_c2(a, 5, 4, c1, c2, c3);
-    r[9] = c1;
-    c1 = 0;
-    sqr_add_c(a, 5, c2, c3, c1);
-    sqr_add_c2(a, 6, 4, c2, c3, c1);
-    sqr_add_c2(a, 7, 3, c2, c3, c1);
-    r[10] = c2;
-    c2 = 0;
-    sqr_add_c2(a, 7, 4, c3, c1, c2);
-    sqr_add_c2(a, 6, 5, c3, c1, c2);
-    r[11] = c3;
-    c3 = 0;
-    sqr_add_c(a, 6, c1, c2, c3);
-    sqr_add_c2(a, 7, 5, c1, c2, c3);
-    r[12] = c1;
-    c1 = 0;
-    sqr_add_c2(a, 7, 6, c2, c3, c1);
-    r[13] = c2;
-    c2 = 0;
-    sqr_add_c(a, 7, c3, c1, c2);
-    r[14] = c3;
-    r[15] = c1;
-}
-
-void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a)
-{
-    BN_ULONG c1, c2, c3;
-
-    c1 = 0;
-    c2 = 0;
-    c3 = 0;
-    sqr_add_c(a, 0, c1, c2, c3);
-    r[0] = c1;
-    c1 = 0;
-    sqr_add_c2(a, 1, 0, c2, c3, c1);
-    r[1] = c2;
-    c2 = 0;
-    sqr_add_c(a, 1, c3, c1, c2);
-    sqr_add_c2(a, 2, 0, c3, c1, c2);
-    r[2] = c3;
-    c3 = 0;
-    sqr_add_c2(a, 3, 0, c1, c2, c3);
-    sqr_add_c2(a, 2, 1, c1, c2, c3);
-    r[3] = c1;
-    c1 = 0;
-    sqr_add_c(a, 2, c2, c3, c1);
-    sqr_add_c2(a, 3, 1, c2, c3, c1);
-    r[4] = c2;
-    c2 = 0;
-    sqr_add_c2(a, 3, 2, c3, c1, c2);
-    r[5] = c3;
-    c3 = 0;
-    sqr_add_c(a, 3, c1, c2, c3);
-    r[6] = c1;
-    r[7] = c2;
-}
-
-# ifdef OPENSSL_NO_ASM
-#  ifdef OPENSSL_BN_ASM_MONT
-#   include <alloca.h>
-/*
- * This is essentially reference implementation, which may or may not
- * result in performance improvement. E.g. on IA-32 this routine was
- * observed to give 40% faster rsa1024 private key operations and 10%
- * faster rsa4096 ones, while on AMD64 it improves rsa1024 sign only
- * by 10% and *worsens* rsa4096 sign by 15%. Once again, it's a
- * reference implementation, one to be used as starting point for
- * platform-specific assembler. Mentioned numbers apply to compiler
- * generated code compiled with and without -DOPENSSL_BN_ASM_MONT and
- * can vary not only from platform to platform, but even for compiler
- * versions. Assembler vs. assembler improvement coefficients can
- * [and are known to] differ and are to be documented elsewhere.
- */
-int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
-                const BN_ULONG *np, const BN_ULONG *n0p, int num)
-{
-    BN_ULONG c0, c1, ml, *tp, n0;
-#   ifdef mul64
-    BN_ULONG mh;
-#   endif
-    volatile BN_ULONG *vp;
-    int i = 0, j;
-
-#   if 0                        /* template for platform-specific
-                                 * implementation */
-    if (ap == bp)
-        return bn_sqr_mont(rp, ap, np, n0p, num);
-#   endif
-    vp = tp = alloca((num + 2) * sizeof(BN_ULONG));
-
-    n0 = *n0p;
-
-    c0 = 0;
-    ml = bp[0];
-#   ifdef mul64
-    mh = HBITS(ml);
-    ml = LBITS(ml);
-    for (j = 0; j < num; ++j)
-        mul(tp[j], ap[j], ml, mh, c0);
-#   else
-    for (j = 0; j < num; ++j)
-        mul(tp[j], ap[j], ml, c0);
-#   endif
-
-    tp[num] = c0;
-    tp[num + 1] = 0;
-    goto enter;
-
-    for (i = 0; i < num; i++) {
-        c0 = 0;
-        ml = bp[i];
-#   ifdef mul64
-        mh = HBITS(ml);
-        ml = LBITS(ml);
-        for (j = 0; j < num; ++j)
-            mul_add(tp[j], ap[j], ml, mh, c0);
-#   else
-        for (j = 0; j < num; ++j)
-            mul_add(tp[j], ap[j], ml, c0);
-#   endif
-        c1 = (tp[num] + c0) & BN_MASK2;
-        tp[num] = c1;
-        tp[num + 1] = (c1 < c0 ? 1 : 0);
- enter:
-        c1 = tp[0];
-        ml = (c1 * n0) & BN_MASK2;
-        c0 = 0;
-#   ifdef mul64
-        mh = HBITS(ml);
-        ml = LBITS(ml);
-        mul_add(c1, np[0], ml, mh, c0);
-#   else
-        mul_add(c1, ml, np[0], c0);
-#   endif
-        for (j = 1; j < num; j++) {
-            c1 = tp[j];
-#   ifdef mul64
-            mul_add(c1, np[j], ml, mh, c0);
-#   else
-            mul_add(c1, ml, np[j], c0);
-#   endif
-            tp[j - 1] = c1 & BN_MASK2;
-        }
-        c1 = (tp[num] + c0) & BN_MASK2;
-        tp[num - 1] = c1;
-        tp[num] = tp[num + 1] + (c1 < c0 ? 1 : 0);
-    }
-
-    if (tp[num] != 0 || tp[num - 1] >= np[num - 1]) {
-        c0 = bn_sub_words(rp, tp, np, num);
-        if (tp[num] != 0 || c0 == 0) {
-            for (i = 0; i < num + 2; i++)
-                vp[i] = 0;
-            return 1;
-        }
-    }
-    for (i = 0; i < num; i++)
-        rp[i] = tp[i], vp[i] = 0;
-    vp[num] = 0;
-    vp[num + 1] = 0;
-    return 1;
-}
-#  else
-/*
- * Return value of 0 indicates that multiplication/convolution was not
- * performed to signal the caller to fall down to alternative/original
- * code-path.
- */
-int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
-                const BN_ULONG *np, const BN_ULONG *n0, int num)
-{
-    return 0;
-}
-#  endif                        /* OPENSSL_BN_ASM_MONT */
-# endif
-
-#else                           /* !BN_MUL_COMBA */
-
-/* hmm... is it faster just to do a multiply? */
-# undef bn_sqr_comba4
-void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a)
-{
-    BN_ULONG t[8];
-    bn_sqr_normal(r, a, 4, t);
-}
-
-# undef bn_sqr_comba8
-void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a)
-{
-    BN_ULONG t[16];
-    bn_sqr_normal(r, a, 8, t);
-}
-
-void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-{
-    r[4] = bn_mul_words(&(r[0]), a, 4, b[0]);
-    r[5] = bn_mul_add_words(&(r[1]), a, 4, b[1]);
-    r[6] = bn_mul_add_words(&(r[2]), a, 4, b[2]);
-    r[7] = bn_mul_add_words(&(r[3]), a, 4, b[3]);
-}
-
-void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-{
-    r[8] = bn_mul_words(&(r[0]), a, 8, b[0]);
-    r[9] = bn_mul_add_words(&(r[1]), a, 8, b[1]);
-    r[10] = bn_mul_add_words(&(r[2]), a, 8, b[2]);
-    r[11] = bn_mul_add_words(&(r[3]), a, 8, b[3]);
-    r[12] = bn_mul_add_words(&(r[4]), a, 8, b[4]);
-    r[13] = bn_mul_add_words(&(r[5]), a, 8, b[5]);
-    r[14] = bn_mul_add_words(&(r[6]), a, 8, b[6]);
-    r[15] = bn_mul_add_words(&(r[7]), a, 8, b[7]);
-}
-
-# ifdef OPENSSL_NO_ASM
-#  ifdef OPENSSL_BN_ASM_MONT
-#   include <alloca.h>
-int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
-                const BN_ULONG *np, const BN_ULONG *n0p, int num)
-{
-    BN_ULONG c0, c1, *tp, n0 = *n0p;
-    volatile BN_ULONG *vp;
-    int i = 0, j;
-
-    vp = tp = alloca((num + 2) * sizeof(BN_ULONG));
-
-    for (i = 0; i <= num; i++)
-        tp[i] = 0;
-
-    for (i = 0; i < num; i++) {
-        c0 = bn_mul_add_words(tp, ap, num, bp[i]);
-        c1 = (tp[num] + c0) & BN_MASK2;
-        tp[num] = c1;
-        tp[num + 1] = (c1 < c0 ? 1 : 0);
-
-        c0 = bn_mul_add_words(tp, np, num, tp[0] * n0);
-        c1 = (tp[num] + c0) & BN_MASK2;
-        tp[num] = c1;
-        tp[num + 1] += (c1 < c0 ? 1 : 0);
-        for (j = 0; j <= num; j++)
-            tp[j] = tp[j + 1];
-    }
-
-    if (tp[num] != 0 || tp[num - 1] >= np[num - 1]) {
-        c0 = bn_sub_words(rp, tp, np, num);
-        if (tp[num] != 0 || c0 == 0) {
-            for (i = 0; i < num + 2; i++)
-                vp[i] = 0;
-            return 1;
-        }
-    }
-    for (i = 0; i < num; i++)
-        rp[i] = tp[i], vp[i] = 0;
-    vp[num] = 0;
-    vp[num + 1] = 0;
-    return 1;
-}
-#  else
-int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
-                const BN_ULONG *np, const BN_ULONG *n0, int num)
-{
-    return 0;
-}
-#  endif                        /* OPENSSL_BN_ASM_MONT */
-# endif
-
-#endif                          /* !BN_MUL_COMBA */
diff --git a/thirdparty/openssl/crypto/bn/bn_blind.c b/thirdparty/openssl/crypto/bn/bn_blind.c
deleted file mode 100644
index d448daa3c7..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_blind.c
+++ /dev/null
@@ -1,385 +0,0 @@
-/* crypto/bn/bn_blind.c */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#define BN_BLINDING_COUNTER     32
-
-struct bn_blinding_st {
-    BIGNUM *A;
-    BIGNUM *Ai;
-    BIGNUM *e;
-    BIGNUM *mod;                /* just a reference */
-#ifndef OPENSSL_NO_DEPRECATED
-    unsigned long thread_id;    /* added in OpenSSL 0.9.6j and 0.9.7b; used
-                                 * only by crypto/rsa/rsa_eay.c, rsa_lib.c */
-#endif
-    CRYPTO_THREADID tid;
-    int counter;
-    unsigned long flags;
-    BN_MONT_CTX *m_ctx;
-    int (*bn_mod_exp) (BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                       const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-};
-
-BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod)
-{
-    BN_BLINDING *ret = NULL;
-
-    bn_check_top(mod);
-
-    if ((ret = (BN_BLINDING *)OPENSSL_malloc(sizeof(BN_BLINDING))) == NULL) {
-        BNerr(BN_F_BN_BLINDING_NEW, ERR_R_MALLOC_FAILURE);
-        return (NULL);
-    }
-    memset(ret, 0, sizeof(BN_BLINDING));
-    if (A != NULL) {
-        if ((ret->A = BN_dup(A)) == NULL)
-            goto err;
-    }
-    if (Ai != NULL) {
-        if ((ret->Ai = BN_dup(Ai)) == NULL)
-            goto err;
-    }
-
-    /* save a copy of mod in the BN_BLINDING structure */
-    if ((ret->mod = BN_dup(mod)) == NULL)
-        goto err;
-    if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0)
-        BN_set_flags(ret->mod, BN_FLG_CONSTTIME);
-
-    /*
-     * Set the counter to the special value -1 to indicate that this is
-     * never-used fresh blinding that does not need updating before first
-     * use.
-     */
-    ret->counter = -1;
-    CRYPTO_THREADID_current(&ret->tid);
-    return (ret);
- err:
-    if (ret != NULL)
-        BN_BLINDING_free(ret);
-    return (NULL);
-}
-
-void BN_BLINDING_free(BN_BLINDING *r)
-{
-    if (r == NULL)
-        return;
-
-    if (r->A != NULL)
-        BN_free(r->A);
-    if (r->Ai != NULL)
-        BN_free(r->Ai);
-    if (r->e != NULL)
-        BN_free(r->e);
-    if (r->mod != NULL)
-        BN_free(r->mod);
-    OPENSSL_free(r);
-}
-
-int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx)
-{
-    int ret = 0;
-
-    if ((b->A == NULL) || (b->Ai == NULL)) {
-        BNerr(BN_F_BN_BLINDING_UPDATE, BN_R_NOT_INITIALIZED);
-        goto err;
-    }
-
-    if (b->counter == -1)
-        b->counter = 0;
-
-    if (++b->counter == BN_BLINDING_COUNTER && b->e != NULL &&
-        !(b->flags & BN_BLINDING_NO_RECREATE)) {
-        /* re-create blinding parameters */
-        if (!BN_BLINDING_create_param(b, NULL, NULL, ctx, NULL, NULL))
-            goto err;
-    } else if (!(b->flags & BN_BLINDING_NO_UPDATE)) {
-        if (!BN_mod_mul(b->A, b->A, b->A, b->mod, ctx))
-            goto err;
-        if (!BN_mod_mul(b->Ai, b->Ai, b->Ai, b->mod, ctx))
-            goto err;
-    }
-
-    ret = 1;
- err:
-    if (b->counter == BN_BLINDING_COUNTER)
-        b->counter = 0;
-    return (ret);
-}
-
-int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
-{
-    return BN_BLINDING_convert_ex(n, NULL, b, ctx);
-}
-
-int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx)
-{
-    int ret = 1;
-
-    bn_check_top(n);
-
-    if ((b->A == NULL) || (b->Ai == NULL)) {
-        BNerr(BN_F_BN_BLINDING_CONVERT_EX, BN_R_NOT_INITIALIZED);
-        return (0);
-    }
-
-    if (b->counter == -1)
-        /* Fresh blinding, doesn't need updating. */
-        b->counter = 0;
-    else if (!BN_BLINDING_update(b, ctx))
-        return (0);
-
-    if (r != NULL) {
-        if (!BN_copy(r, b->Ai))
-            ret = 0;
-    }
-
-    if (!BN_mod_mul(n, n, b->A, b->mod, ctx))
-        ret = 0;
-
-    return ret;
-}
-
-int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
-{
-    return BN_BLINDING_invert_ex(n, NULL, b, ctx);
-}
-
-int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
-                          BN_CTX *ctx)
-{
-    int ret;
-
-    bn_check_top(n);
-
-    if (r != NULL)
-        ret = BN_mod_mul(n, n, r, b->mod, ctx);
-    else {
-        if (b->Ai == NULL) {
-            BNerr(BN_F_BN_BLINDING_INVERT_EX, BN_R_NOT_INITIALIZED);
-            return (0);
-        }
-        ret = BN_mod_mul(n, n, b->Ai, b->mod, ctx);
-    }
-
-    bn_check_top(n);
-    return (ret);
-}
-
-#ifndef OPENSSL_NO_DEPRECATED
-unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *b)
-{
-    return b->thread_id;
-}
-
-void BN_BLINDING_set_thread_id(BN_BLINDING *b, unsigned long n)
-{
-    b->thread_id = n;
-}
-#endif
-
-CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *b)
-{
-    return &b->tid;
-}
-
-unsigned long BN_BLINDING_get_flags(const BN_BLINDING *b)
-{
-    return b->flags;
-}
-
-void BN_BLINDING_set_flags(BN_BLINDING *b, unsigned long flags)
-{
-    b->flags = flags;
-}
-
-BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
-                                      const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
-                                      int (*bn_mod_exp) (BIGNUM *r,
-                                                         const BIGNUM *a,
-                                                         const BIGNUM *p,
-                                                         const BIGNUM *m,
-                                                         BN_CTX *ctx,
-                                                         BN_MONT_CTX *m_ctx),
-                                      BN_MONT_CTX *m_ctx)
-{
-    int retry_counter = 32;
-    BN_BLINDING *ret = NULL;
-
-    if (b == NULL)
-        ret = BN_BLINDING_new(NULL, NULL, m);
-    else
-        ret = b;
-
-    if (ret == NULL)
-        goto err;
-
-    if (ret->A == NULL && (ret->A = BN_new()) == NULL)
-        goto err;
-    if (ret->Ai == NULL && (ret->Ai = BN_new()) == NULL)
-        goto err;
-
-    if (e != NULL) {
-        if (ret->e != NULL)
-            BN_free(ret->e);
-        ret->e = BN_dup(e);
-    }
-    if (ret->e == NULL)
-        goto err;
-
-    if (bn_mod_exp != NULL)
-        ret->bn_mod_exp = bn_mod_exp;
-    if (m_ctx != NULL)
-        ret->m_ctx = m_ctx;
-
-    do {
-        if (!BN_rand_range(ret->A, ret->mod))
-            goto err;
-        if (BN_mod_inverse(ret->Ai, ret->A, ret->mod, ctx) == NULL) {
-            /*
-             * this should almost never happen for good RSA keys
-             */
-            unsigned long error = ERR_peek_last_error();
-            if (ERR_GET_REASON(error) == BN_R_NO_INVERSE) {
-                if (retry_counter-- == 0) {
-                    BNerr(BN_F_BN_BLINDING_CREATE_PARAM,
-                          BN_R_TOO_MANY_ITERATIONS);
-                    goto err;
-                }
-                ERR_clear_error();
-            } else
-                goto err;
-        } else
-            break;
-    } while (1);
-
-    if (ret->bn_mod_exp != NULL && ret->m_ctx != NULL) {
-        if (!ret->bn_mod_exp
-            (ret->A, ret->A, ret->e, ret->mod, ctx, ret->m_ctx))
-            goto err;
-    } else {
-        if (!BN_mod_exp(ret->A, ret->A, ret->e, ret->mod, ctx))
-            goto err;
-    }
-
-    return ret;
- err:
-    if (b == NULL && ret != NULL) {
-        BN_BLINDING_free(ret);
-        ret = NULL;
-    }
-
-    return ret;
-}
diff --git a/thirdparty/openssl/crypto/bn/bn_const.c b/thirdparty/openssl/crypto/bn/bn_const.c
deleted file mode 100644
index 12c3208c24..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_const.c
+++ /dev/null
@@ -1,547 +0,0 @@
-/* crypto/bn/knownprimes.c */
-/* Insert boilerplate */
-
-#include "bn.h"
-
-/*-
- * "First Oakley Default Group" from RFC2409, section 6.1.
- *
- * The prime is: 2^768 - 2 ^704 - 1 + 2^64 * { [2^638 pi] + 149686 }
- *
- * RFC2409 specifies a generator of 2.
- * RFC2412 specifies a generator of of 22.
- */
-
-BIGNUM *get_rfc2409_prime_768(BIGNUM *bn)
-{
-    static const unsigned char RFC2409_PRIME_768[] = {
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
-        0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
-        0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
-        0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
-        0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
-        0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
-        0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
-        0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
-        0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
-        0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x3A, 0x36, 0x20,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    };
-    return BN_bin2bn(RFC2409_PRIME_768, sizeof(RFC2409_PRIME_768), bn);
-}
-
-/*-
- * "Second Oakley Default Group" from RFC2409, section 6.2.
- *
- * The prime is: 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }.
- *
- * RFC2409 specifies a generator of 2.
- * RFC2412 specifies a generator of 22.
- */
-
-BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn)
-{
-    static const unsigned char RFC2409_PRIME_1024[] = {
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
-        0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
-        0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
-        0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
-        0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
-        0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
-        0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
-        0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
-        0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
-        0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
-        0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
-        0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
-        0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
-        0x49, 0x28, 0x66, 0x51, 0xEC, 0xE6, 0x53, 0x81,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    };
-    return BN_bin2bn(RFC2409_PRIME_1024, sizeof(RFC2409_PRIME_1024), bn);
-}
-
-/*-
- * "1536-bit MODP Group" from RFC3526, Section 2.
- *
- * The prime is: 2^1536 - 2^1472 - 1 + 2^64 * { [2^1406 pi] + 741804 }
- *
- * RFC3526 specifies a generator of 2.
- * RFC2312 specifies a generator of 22.
- */
-
-BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn)
-{
-    static const unsigned char RFC3526_PRIME_1536[] = {
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
-        0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
-        0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
-        0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
-        0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
-        0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
-        0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
-        0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
-        0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
-        0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
-        0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
-        0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
-        0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
-        0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
-        0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
-        0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,
-        0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
-        0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,
-        0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
-        0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
-        0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
-        0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x23, 0x73, 0x27,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    };
-    return BN_bin2bn(RFC3526_PRIME_1536, sizeof(RFC3526_PRIME_1536), bn);
-}
-
-/*-
- * "2048-bit MODP Group" from RFC3526, Section 3.
- *
- * The prime is: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 }
- *
- * RFC3526 specifies a generator of 2.
- */
-
-BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn)
-{
-    static const unsigned char RFC3526_PRIME_2048[] = {
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
-        0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
-        0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
-        0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
-        0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
-        0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
-        0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
-        0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
-        0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
-        0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
-        0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
-        0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
-        0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
-        0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
-        0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
-        0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,
-        0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
-        0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,
-        0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
-        0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
-        0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
-        0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C,
-        0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
-        0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03,
-        0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
-        0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
-        0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
-        0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5,
-        0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
-        0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    };
-    return BN_bin2bn(RFC3526_PRIME_2048, sizeof(RFC3526_PRIME_2048), bn);
-}
-
-/*-
- * "3072-bit MODP Group" from RFC3526, Section 4.
- *
- * The prime is: 2^3072 - 2^3008 - 1 + 2^64 * { [2^2942 pi] + 1690314 }
- *
- * RFC3526 specifies a generator of 2.
- */
-
-BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn)
-{
-    static const unsigned char RFC3526_PRIME_3072[] = {
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
-        0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
-        0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
-        0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
-        0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
-        0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
-        0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
-        0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
-        0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
-        0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
-        0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
-        0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
-        0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
-        0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
-        0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
-        0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,
-        0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
-        0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,
-        0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
-        0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
-        0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
-        0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C,
-        0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
-        0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03,
-        0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
-        0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
-        0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
-        0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5,
-        0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
-        0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D,
-        0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33,
-        0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
-        0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A,
-        0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,
-        0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
-        0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7,
-        0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D,
-        0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
-        0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64,
-        0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64,
-        0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
-        0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C,
-        0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2,
-        0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
-        0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E,
-        0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x3A, 0xD2, 0xCA,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    };
-    return BN_bin2bn(RFC3526_PRIME_3072, sizeof(RFC3526_PRIME_3072), bn);
-}
-
-/*-
- * "4096-bit MODP Group" from RFC3526, Section 5.
- *
- * The prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 }
- *
- * RFC3526 specifies a generator of 2.
- */
-
-BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn)
-{
-    static const unsigned char RFC3526_PRIME_4096[] = {
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
-        0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
-        0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
-        0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
-        0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
-        0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
-        0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
-        0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
-        0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
-        0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
-        0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
-        0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
-        0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
-        0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
-        0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
-        0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,
-        0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
-        0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,
-        0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
-        0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
-        0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
-        0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C,
-        0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
-        0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03,
-        0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
-        0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
-        0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
-        0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5,
-        0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
-        0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D,
-        0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33,
-        0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
-        0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A,
-        0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,
-        0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
-        0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7,
-        0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D,
-        0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
-        0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64,
-        0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64,
-        0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
-        0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C,
-        0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2,
-        0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
-        0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E,
-        0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01,
-        0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,
-        0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26,
-        0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C,
-        0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,
-        0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8,
-        0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9,
-        0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,
-        0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D,
-        0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2,
-        0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,
-        0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF,
-        0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C,
-        0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,
-        0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1,
-        0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F,
-        0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    };
-    return BN_bin2bn(RFC3526_PRIME_4096, sizeof(RFC3526_PRIME_4096), bn);
-}
-
-/*-
- * "6144-bit MODP Group" from RFC3526, Section 6.
- *
- * The prime is: 2^6144 - 2^6080 - 1 + 2^64 * { [2^6014 pi] + 929484 }
- *
- * RFC3526 specifies a generator of 2.
- */
-
-BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn)
-{
-    static const unsigned char RFC3526_PRIME_6144[] = {
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
-        0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
-        0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
-        0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
-        0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
-        0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
-        0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
-        0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
-        0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
-        0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
-        0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
-        0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
-        0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
-        0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
-        0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
-        0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,
-        0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
-        0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,
-        0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
-        0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
-        0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
-        0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C,
-        0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
-        0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03,
-        0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
-        0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
-        0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
-        0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5,
-        0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
-        0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D,
-        0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33,
-        0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
-        0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A,
-        0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,
-        0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
-        0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7,
-        0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D,
-        0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
-        0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64,
-        0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64,
-        0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
-        0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C,
-        0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2,
-        0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
-        0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E,
-        0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01,
-        0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,
-        0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26,
-        0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C,
-        0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,
-        0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8,
-        0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9,
-        0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,
-        0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D,
-        0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2,
-        0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,
-        0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF,
-        0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C,
-        0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,
-        0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1,
-        0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F,
-        0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92,
-        0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, 0x26,
-        0xC1, 0xD4, 0xDC, 0xB2, 0x60, 0x26, 0x46, 0xDE,
-        0xC9, 0x75, 0x1E, 0x76, 0x3D, 0xBA, 0x37, 0xBD,
-        0xF8, 0xFF, 0x94, 0x06, 0xAD, 0x9E, 0x53, 0x0E,
-        0xE5, 0xDB, 0x38, 0x2F, 0x41, 0x30, 0x01, 0xAE,
-        0xB0, 0x6A, 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31,
-        0x17, 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18,
-        0xDA, 0x3E, 0xDB, 0xEB, 0xCF, 0x9B, 0x14, 0xED,
-        0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, 0xBB, 0x1B,
-        0xDB, 0x7F, 0x14, 0x47, 0xE6, 0xCC, 0x25, 0x4B,
-        0x33, 0x20, 0x51, 0x51, 0x2B, 0xD7, 0xAF, 0x42,
-        0x6F, 0xB8, 0xF4, 0x01, 0x37, 0x8C, 0xD2, 0xBF,
-        0x59, 0x83, 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC,
-        0xF0, 0x32, 0xEA, 0x15, 0xD1, 0x72, 0x1D, 0x03,
-        0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, 0xF6,
-        0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, 0x0C, 0x82,
-        0xB5, 0xA8, 0x40, 0x31, 0x90, 0x0B, 0x1C, 0x9E,
-        0x59, 0xE7, 0xC9, 0x7F, 0xBE, 0xC7, 0xE8, 0xF3,
-        0x23, 0xA9, 0x7A, 0x7E, 0x36, 0xCC, 0x88, 0xBE,
-        0x0F, 0x1D, 0x45, 0xB7, 0xFF, 0x58, 0x5A, 0xC5,
-        0x4B, 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA,
-        0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, 0xD8,
-        0x14, 0xCC, 0x5E, 0xD2, 0x0F, 0x80, 0x37, 0xE0,
-        0xA7, 0x97, 0x15, 0xEE, 0xF2, 0x9B, 0xE3, 0x28,
-        0x06, 0xA1, 0xD5, 0x8B, 0xB7, 0xC5, 0xDA, 0x76,
-        0xF5, 0x50, 0xAA, 0x3D, 0x8A, 0x1F, 0xBF, 0xF0,
-        0xEB, 0x19, 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C,
-        0xDA, 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32,
-        0x38, 0x7F, 0xE8, 0xD7, 0x6E, 0x3C, 0x04, 0x68,
-        0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, 0x60, 0xEE,
-        0x12, 0xBF, 0x2D, 0x5B, 0x0B, 0x74, 0x74, 0xD6,
-        0xE6, 0x94, 0xF9, 0x1E, 0x6D, 0xCC, 0x40, 0x24,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    };
-    return BN_bin2bn(RFC3526_PRIME_6144, sizeof(RFC3526_PRIME_6144), bn);
-}
-
-/*-
- * "8192-bit MODP Group" from RFC3526, Section 7.
- *
- * The prime is: 2^8192 - 2^8128 - 1 + 2^64 * { [2^8062 pi] + 4743158 }
- *
- * RFC3526 specifies a generator of 2.
- */
-
-BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn)
-{
-    static const unsigned char RFC3526_PRIME_8192[] = {
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
-        0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
-        0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
-        0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
-        0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
-        0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
-        0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
-        0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
-        0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
-        0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
-        0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
-        0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
-        0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
-        0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
-        0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
-        0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,
-        0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
-        0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,
-        0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
-        0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
-        0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
-        0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C,
-        0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
-        0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03,
-        0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
-        0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
-        0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
-        0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5,
-        0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
-        0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D,
-        0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33,
-        0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
-        0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A,
-        0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,
-        0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
-        0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7,
-        0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D,
-        0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
-        0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64,
-        0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64,
-        0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
-        0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C,
-        0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2,
-        0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
-        0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E,
-        0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01,
-        0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,
-        0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26,
-        0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C,
-        0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,
-        0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8,
-        0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9,
-        0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,
-        0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D,
-        0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2,
-        0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,
-        0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF,
-        0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C,
-        0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,
-        0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1,
-        0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F,
-        0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92,
-        0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, 0x26,
-        0xC1, 0xD4, 0xDC, 0xB2, 0x60, 0x26, 0x46, 0xDE,
-        0xC9, 0x75, 0x1E, 0x76, 0x3D, 0xBA, 0x37, 0xBD,
-        0xF8, 0xFF, 0x94, 0x06, 0xAD, 0x9E, 0x53, 0x0E,
-        0xE5, 0xDB, 0x38, 0x2F, 0x41, 0x30, 0x01, 0xAE,
-        0xB0, 0x6A, 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31,
-        0x17, 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18,
-        0xDA, 0x3E, 0xDB, 0xEB, 0xCF, 0x9B, 0x14, 0xED,
-        0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, 0xBB, 0x1B,
-        0xDB, 0x7F, 0x14, 0x47, 0xE6, 0xCC, 0x25, 0x4B,
-        0x33, 0x20, 0x51, 0x51, 0x2B, 0xD7, 0xAF, 0x42,
-        0x6F, 0xB8, 0xF4, 0x01, 0x37, 0x8C, 0xD2, 0xBF,
-        0x59, 0x83, 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC,
-        0xF0, 0x32, 0xEA, 0x15, 0xD1, 0x72, 0x1D, 0x03,
-        0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, 0xF6,
-        0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, 0x0C, 0x82,
-        0xB5, 0xA8, 0x40, 0x31, 0x90, 0x0B, 0x1C, 0x9E,
-        0x59, 0xE7, 0xC9, 0x7F, 0xBE, 0xC7, 0xE8, 0xF3,
-        0x23, 0xA9, 0x7A, 0x7E, 0x36, 0xCC, 0x88, 0xBE,
-        0x0F, 0x1D, 0x45, 0xB7, 0xFF, 0x58, 0x5A, 0xC5,
-        0x4B, 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA,
-        0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, 0xD8,
-        0x14, 0xCC, 0x5E, 0xD2, 0x0F, 0x80, 0x37, 0xE0,
-        0xA7, 0x97, 0x15, 0xEE, 0xF2, 0x9B, 0xE3, 0x28,
-        0x06, 0xA1, 0xD5, 0x8B, 0xB7, 0xC5, 0xDA, 0x76,
-        0xF5, 0x50, 0xAA, 0x3D, 0x8A, 0x1F, 0xBF, 0xF0,
-        0xEB, 0x19, 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C,
-        0xDA, 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32,
-        0x38, 0x7F, 0xE8, 0xD7, 0x6E, 0x3C, 0x04, 0x68,
-        0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, 0x60, 0xEE,
-        0x12, 0xBF, 0x2D, 0x5B, 0x0B, 0x74, 0x74, 0xD6,
-        0xE6, 0x94, 0xF9, 0x1E, 0x6D, 0xBE, 0x11, 0x59,
-        0x74, 0xA3, 0x92, 0x6F, 0x12, 0xFE, 0xE5, 0xE4,
-        0x38, 0x77, 0x7C, 0xB6, 0xA9, 0x32, 0xDF, 0x8C,
-        0xD8, 0xBE, 0xC4, 0xD0, 0x73, 0xB9, 0x31, 0xBA,
-        0x3B, 0xC8, 0x32, 0xB6, 0x8D, 0x9D, 0xD3, 0x00,
-        0x74, 0x1F, 0xA7, 0xBF, 0x8A, 0xFC, 0x47, 0xED,
-        0x25, 0x76, 0xF6, 0x93, 0x6B, 0xA4, 0x24, 0x66,
-        0x3A, 0xAB, 0x63, 0x9C, 0x5A, 0xE4, 0xF5, 0x68,
-        0x34, 0x23, 0xB4, 0x74, 0x2B, 0xF1, 0xC9, 0x78,
-        0x23, 0x8F, 0x16, 0xCB, 0xE3, 0x9D, 0x65, 0x2D,
-        0xE3, 0xFD, 0xB8, 0xBE, 0xFC, 0x84, 0x8A, 0xD9,
-        0x22, 0x22, 0x2E, 0x04, 0xA4, 0x03, 0x7C, 0x07,
-        0x13, 0xEB, 0x57, 0xA8, 0x1A, 0x23, 0xF0, 0xC7,
-        0x34, 0x73, 0xFC, 0x64, 0x6C, 0xEA, 0x30, 0x6B,
-        0x4B, 0xCB, 0xC8, 0x86, 0x2F, 0x83, 0x85, 0xDD,
-        0xFA, 0x9D, 0x4B, 0x7F, 0xA2, 0xC0, 0x87, 0xE8,
-        0x79, 0x68, 0x33, 0x03, 0xED, 0x5B, 0xDD, 0x3A,
-        0x06, 0x2B, 0x3C, 0xF5, 0xB3, 0xA2, 0x78, 0xA6,
-        0x6D, 0x2A, 0x13, 0xF8, 0x3F, 0x44, 0xF8, 0x2D,
-        0xDF, 0x31, 0x0E, 0xE0, 0x74, 0xAB, 0x6A, 0x36,
-        0x45, 0x97, 0xE8, 0x99, 0xA0, 0x25, 0x5D, 0xC1,
-        0x64, 0xF3, 0x1C, 0xC5, 0x08, 0x46, 0x85, 0x1D,
-        0xF9, 0xAB, 0x48, 0x19, 0x5D, 0xED, 0x7E, 0xA1,
-        0xB1, 0xD5, 0x10, 0xBD, 0x7E, 0xE7, 0x4D, 0x73,
-        0xFA, 0xF3, 0x6B, 0xC3, 0x1E, 0xCF, 0xA2, 0x68,
-        0x35, 0x90, 0x46, 0xF4, 0xEB, 0x87, 0x9F, 0x92,
-        0x40, 0x09, 0x43, 0x8B, 0x48, 0x1C, 0x6C, 0xD7,
-        0x88, 0x9A, 0x00, 0x2E, 0xD5, 0xEE, 0x38, 0x2B,
-        0xC9, 0x19, 0x0D, 0xA6, 0xFC, 0x02, 0x6E, 0x47,
-        0x95, 0x58, 0xE4, 0x47, 0x56, 0x77, 0xE9, 0xAA,
-        0x9E, 0x30, 0x50, 0xE2, 0x76, 0x56, 0x94, 0xDF,
-        0xC8, 0x1F, 0x56, 0xE8, 0x80, 0xB9, 0x6E, 0x71,
-        0x60, 0xC9, 0x80, 0xDD, 0x98, 0xED, 0xD3, 0xDF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    };
-    return BN_bin2bn(RFC3526_PRIME_8192, sizeof(RFC3526_PRIME_8192), bn);
-}
diff --git a/thirdparty/openssl/crypto/bn/bn_ctx.c b/thirdparty/openssl/crypto/bn/bn_ctx.c
deleted file mode 100644
index 526c6a046d..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_ctx.c
+++ /dev/null
@@ -1,448 +0,0 @@
-/* crypto/bn/bn_ctx.c */
-/* Written by Ulf Moeller for the OpenSSL project. */
-/* ====================================================================
- * Copyright (c) 1998-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#if !defined(BN_CTX_DEBUG) && !defined(BN_DEBUG)
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-
-#include <stdio.h>
-#include <assert.h>
-
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-/*-
- * TODO list
- *
- * 1. Check a bunch of "(words+1)" type hacks in various bignum functions and
- * check they can be safely removed.
- *  - Check +1 and other ugliness in BN_from_montgomery()
- *
- * 2. Consider allowing a BN_new_ex() that, at least, lets you specify an
- * appropriate 'block' size that will be honoured by bn_expand_internal() to
- * prevent piddly little reallocations. OTOH, profiling bignum expansions in
- * BN_CTX doesn't show this to be a big issue.
- */
-
-/* How many bignums are in each "pool item"; */
-#define BN_CTX_POOL_SIZE        16
-/* The stack frame info is resizing, set a first-time expansion size; */
-#define BN_CTX_START_FRAMES     32
-
-/***********/
-/* BN_POOL */
-/***********/
-
-/* A bundle of bignums that can be linked with other bundles */
-typedef struct bignum_pool_item {
-    /* The bignum values */
-    BIGNUM vals[BN_CTX_POOL_SIZE];
-    /* Linked-list admin */
-    struct bignum_pool_item *prev, *next;
-} BN_POOL_ITEM;
-/* A linked-list of bignums grouped in bundles */
-typedef struct bignum_pool {
-    /* Linked-list admin */
-    BN_POOL_ITEM *head, *current, *tail;
-    /* Stack depth and allocation size */
-    unsigned used, size;
-} BN_POOL;
-static void BN_POOL_init(BN_POOL *);
-static void BN_POOL_finish(BN_POOL *);
-#ifndef OPENSSL_NO_DEPRECATED
-static void BN_POOL_reset(BN_POOL *);
-#endif
-static BIGNUM *BN_POOL_get(BN_POOL *);
-static void BN_POOL_release(BN_POOL *, unsigned int);
-
-/************/
-/* BN_STACK */
-/************/
-
-/* A wrapper to manage the "stack frames" */
-typedef struct bignum_ctx_stack {
-    /* Array of indexes into the bignum stack */
-    unsigned int *indexes;
-    /* Number of stack frames, and the size of the allocated array */
-    unsigned int depth, size;
-} BN_STACK;
-static void BN_STACK_init(BN_STACK *);
-static void BN_STACK_finish(BN_STACK *);
-#ifndef OPENSSL_NO_DEPRECATED
-static void BN_STACK_reset(BN_STACK *);
-#endif
-static int BN_STACK_push(BN_STACK *, unsigned int);
-static unsigned int BN_STACK_pop(BN_STACK *);
-
-/**********/
-/* BN_CTX */
-/**********/
-
-/* The opaque BN_CTX type */
-struct bignum_ctx {
-    /* The bignum bundles */
-    BN_POOL pool;
-    /* The "stack frames", if you will */
-    BN_STACK stack;
-    /* The number of bignums currently assigned */
-    unsigned int used;
-    /* Depth of stack overflow */
-    int err_stack;
-    /* Block "gets" until an "end" (compatibility behaviour) */
-    int too_many;
-};
-
-/* Enable this to find BN_CTX bugs */
-#ifdef BN_CTX_DEBUG
-static const char *ctxdbg_cur = NULL;
-static void ctxdbg(BN_CTX *ctx)
-{
-    unsigned int bnidx = 0, fpidx = 0;
-    BN_POOL_ITEM *item = ctx->pool.head;
-    BN_STACK *stack = &ctx->stack;
-    fprintf(stderr, "(%16p): ", ctx);
-    while (bnidx < ctx->used) {
-        fprintf(stderr, "%03x ", item->vals[bnidx++ % BN_CTX_POOL_SIZE].dmax);
-        if (!(bnidx % BN_CTX_POOL_SIZE))
-            item = item->next;
-    }
-    fprintf(stderr, "\n");
-    bnidx = 0;
-    fprintf(stderr, "          : ");
-    while (fpidx < stack->depth) {
-        while (bnidx++ < stack->indexes[fpidx])
-            fprintf(stderr, "    ");
-        fprintf(stderr, "^^^ ");
-        bnidx++;
-        fpidx++;
-    }
-    fprintf(stderr, "\n");
-}
-
-# define CTXDBG_ENTRY(str, ctx)  do { \
-                                ctxdbg_cur = (str); \
-                                fprintf(stderr,"Starting %s\n", ctxdbg_cur); \
-                                ctxdbg(ctx); \
-                                } while(0)
-# define CTXDBG_EXIT(ctx)        do { \
-                                fprintf(stderr,"Ending %s\n", ctxdbg_cur); \
-                                ctxdbg(ctx); \
-                                } while(0)
-# define CTXDBG_RET(ctx,ret)
-#else
-# define CTXDBG_ENTRY(str, ctx)
-# define CTXDBG_EXIT(ctx)
-# define CTXDBG_RET(ctx,ret)
-#endif
-
-/*
- * This function is an evil legacy and should not be used. This
- * implementation is WYSIWYG, though I've done my best.
- */
-#ifndef OPENSSL_NO_DEPRECATED
-void BN_CTX_init(BN_CTX *ctx)
-{
-    /*
-     * Assume the caller obtained the context via BN_CTX_new() and so is
-     * trying to reset it for use. Nothing else makes sense, least of all
-     * binary compatibility from a time when they could declare a static
-     * variable.
-     */
-    BN_POOL_reset(&ctx->pool);
-    BN_STACK_reset(&ctx->stack);
-    ctx->used = 0;
-    ctx->err_stack = 0;
-    ctx->too_many = 0;
-}
-#endif
-
-BN_CTX *BN_CTX_new(void)
-{
-    BN_CTX *ret = OPENSSL_malloc(sizeof(BN_CTX));
-    if (!ret) {
-        BNerr(BN_F_BN_CTX_NEW, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    /* Initialise the structure */
-    BN_POOL_init(&ret->pool);
-    BN_STACK_init(&ret->stack);
-    ret->used = 0;
-    ret->err_stack = 0;
-    ret->too_many = 0;
-    return ret;
-}
-
-void BN_CTX_free(BN_CTX *ctx)
-{
-    if (ctx == NULL)
-        return;
-#ifdef BN_CTX_DEBUG
-    {
-        BN_POOL_ITEM *pool = ctx->pool.head;
-        fprintf(stderr, "BN_CTX_free, stack-size=%d, pool-bignums=%d\n",
-                ctx->stack.size, ctx->pool.size);
-        fprintf(stderr, "dmaxs: ");
-        while (pool) {
-            unsigned loop = 0;
-            while (loop < BN_CTX_POOL_SIZE)
-                fprintf(stderr, "%02x ", pool->vals[loop++].dmax);
-            pool = pool->next;
-        }
-        fprintf(stderr, "\n");
-    }
-#endif
-    BN_STACK_finish(&ctx->stack);
-    BN_POOL_finish(&ctx->pool);
-    OPENSSL_free(ctx);
-}
-
-void BN_CTX_start(BN_CTX *ctx)
-{
-    CTXDBG_ENTRY("BN_CTX_start", ctx);
-    /* If we're already overflowing ... */
-    if (ctx->err_stack || ctx->too_many)
-        ctx->err_stack++;
-    /* (Try to) get a new frame pointer */
-    else if (!BN_STACK_push(&ctx->stack, ctx->used)) {
-        BNerr(BN_F_BN_CTX_START, BN_R_TOO_MANY_TEMPORARY_VARIABLES);
-        ctx->err_stack++;
-    }
-    CTXDBG_EXIT(ctx);
-}
-
-void BN_CTX_end(BN_CTX *ctx)
-{
-    CTXDBG_ENTRY("BN_CTX_end", ctx);
-    if (ctx->err_stack)
-        ctx->err_stack--;
-    else {
-        unsigned int fp = BN_STACK_pop(&ctx->stack);
-        /* Does this stack frame have anything to release? */
-        if (fp < ctx->used)
-            BN_POOL_release(&ctx->pool, ctx->used - fp);
-        ctx->used = fp;
-        /* Unjam "too_many" in case "get" had failed */
-        ctx->too_many = 0;
-    }
-    CTXDBG_EXIT(ctx);
-}
-
-BIGNUM *BN_CTX_get(BN_CTX *ctx)
-{
-    BIGNUM *ret;
-    CTXDBG_ENTRY("BN_CTX_get", ctx);
-    if (ctx->err_stack || ctx->too_many)
-        return NULL;
-    if ((ret = BN_POOL_get(&ctx->pool)) == NULL) {
-        /*
-         * Setting too_many prevents repeated "get" attempts from cluttering
-         * the error stack.
-         */
-        ctx->too_many = 1;
-        BNerr(BN_F_BN_CTX_GET, BN_R_TOO_MANY_TEMPORARY_VARIABLES);
-        return NULL;
-    }
-    /* OK, make sure the returned bignum is "zero" */
-    BN_zero(ret);
-    ctx->used++;
-    CTXDBG_RET(ctx, ret);
-    return ret;
-}
-
-/************/
-/* BN_STACK */
-/************/
-
-static void BN_STACK_init(BN_STACK *st)
-{
-    st->indexes = NULL;
-    st->depth = st->size = 0;
-}
-
-static void BN_STACK_finish(BN_STACK *st)
-{
-    if (st->size)
-        OPENSSL_free(st->indexes);
-}
-
-#ifndef OPENSSL_NO_DEPRECATED
-static void BN_STACK_reset(BN_STACK *st)
-{
-    st->depth = 0;
-}
-#endif
-
-static int BN_STACK_push(BN_STACK *st, unsigned int idx)
-{
-    if (st->depth == st->size)
-        /* Need to expand */
-    {
-        unsigned int newsize = (st->size ?
-                                (st->size * 3 / 2) : BN_CTX_START_FRAMES);
-        unsigned int *newitems = OPENSSL_malloc(newsize *
-                                                sizeof(unsigned int));
-        if (!newitems)
-            return 0;
-        if (st->depth)
-            memcpy(newitems, st->indexes, st->depth * sizeof(unsigned int));
-        if (st->size)
-            OPENSSL_free(st->indexes);
-        st->indexes = newitems;
-        st->size = newsize;
-    }
-    st->indexes[(st->depth)++] = idx;
-    return 1;
-}
-
-static unsigned int BN_STACK_pop(BN_STACK *st)
-{
-    return st->indexes[--(st->depth)];
-}
-
-/***********/
-/* BN_POOL */
-/***********/
-
-static void BN_POOL_init(BN_POOL *p)
-{
-    p->head = p->current = p->tail = NULL;
-    p->used = p->size = 0;
-}
-
-static void BN_POOL_finish(BN_POOL *p)
-{
-    while (p->head) {
-        unsigned int loop = 0;
-        BIGNUM *bn = p->head->vals;
-        while (loop++ < BN_CTX_POOL_SIZE) {
-            if (bn->d)
-                BN_clear_free(bn);
-            bn++;
-        }
-        p->current = p->head->next;
-        OPENSSL_free(p->head);
-        p->head = p->current;
-    }
-}
-
-#ifndef OPENSSL_NO_DEPRECATED
-static void BN_POOL_reset(BN_POOL *p)
-{
-    BN_POOL_ITEM *item = p->head;
-    while (item) {
-        unsigned int loop = 0;
-        BIGNUM *bn = item->vals;
-        while (loop++ < BN_CTX_POOL_SIZE) {
-            if (bn->d)
-                BN_clear(bn);
-            bn++;
-        }
-        item = item->next;
-    }
-    p->current = p->head;
-    p->used = 0;
-}
-#endif
-
-static BIGNUM *BN_POOL_get(BN_POOL *p)
-{
-    if (p->used == p->size) {
-        BIGNUM *bn;
-        unsigned int loop = 0;
-        BN_POOL_ITEM *item = OPENSSL_malloc(sizeof(BN_POOL_ITEM));
-        if (!item)
-            return NULL;
-        /* Initialise the structure */
-        bn = item->vals;
-        while (loop++ < BN_CTX_POOL_SIZE)
-            BN_init(bn++);
-        item->prev = p->tail;
-        item->next = NULL;
-        /* Link it in */
-        if (!p->head)
-            p->head = p->current = p->tail = item;
-        else {
-            p->tail->next = item;
-            p->tail = item;
-            p->current = item;
-        }
-        p->size += BN_CTX_POOL_SIZE;
-        p->used++;
-        /* Return the first bignum from the new pool */
-        return item->vals;
-    }
-    if (!p->used)
-        p->current = p->head;
-    else if ((p->used % BN_CTX_POOL_SIZE) == 0)
-        p->current = p->current->next;
-    return p->current->vals + ((p->used++) % BN_CTX_POOL_SIZE);
-}
-
-static void BN_POOL_release(BN_POOL *p, unsigned int num)
-{
-    unsigned int offset = (p->used - 1) % BN_CTX_POOL_SIZE;
-    p->used -= num;
-    while (num--) {
-        bn_check_top(p->current->vals + offset);
-        if (!offset) {
-            offset = BN_CTX_POOL_SIZE - 1;
-            p->current = p->current->prev;
-        } else
-            offset--;
-    }
-}
diff --git a/thirdparty/openssl/crypto/bn/bn_depr.c b/thirdparty/openssl/crypto/bn/bn_depr.c
deleted file mode 100644
index 34895f5982..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_depr.c
+++ /dev/null
@@ -1,115 +0,0 @@
-/* crypto/bn/bn_depr.c */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * Support for deprecated functions goes here - static linkage will only
- * slurp this code if applications are using them directly.
- */
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-#include <openssl/rand.h>
-
-static void *dummy = &dummy;
-
-#ifndef OPENSSL_NO_DEPRECATED
-BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
-                          const BIGNUM *add, const BIGNUM *rem,
-                          void (*callback) (int, int, void *), void *cb_arg)
-{
-    BN_GENCB cb;
-    BIGNUM *rnd = NULL;
-    int found = 0;
-
-    BN_GENCB_set_old(&cb, callback, cb_arg);
-
-    if (ret == NULL) {
-        if ((rnd = BN_new()) == NULL)
-            goto err;
-    } else
-        rnd = ret;
-    if (!BN_generate_prime_ex(rnd, bits, safe, add, rem, &cb))
-        goto err;
-
-    /* we have a prime :-) */
-    found = 1;
- err:
-    if (!found && (ret == NULL) && (rnd != NULL))
-        BN_free(rnd);
-    return (found ? rnd : NULL);
-}
-
-int BN_is_prime(const BIGNUM *a, int checks,
-                void (*callback) (int, int, void *), BN_CTX *ctx_passed,
-                void *cb_arg)
-{
-    BN_GENCB cb;
-    BN_GENCB_set_old(&cb, callback, cb_arg);
-    return BN_is_prime_ex(a, checks, ctx_passed, &cb);
-}
-
-int BN_is_prime_fasttest(const BIGNUM *a, int checks,
-                         void (*callback) (int, int, void *),
-                         BN_CTX *ctx_passed, void *cb_arg,
-                         int do_trial_division)
-{
-    BN_GENCB cb;
-    BN_GENCB_set_old(&cb, callback, cb_arg);
-    return BN_is_prime_fasttest_ex(a, checks, ctx_passed,
-                                   do_trial_division, &cb);
-}
-#endif
diff --git a/thirdparty/openssl/crypto/bn/bn_div.c b/thirdparty/openssl/crypto/bn/bn_div.c
deleted file mode 100644
index bc37671cf1..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_div.c
+++ /dev/null
@@ -1,477 +0,0 @@
-/* crypto/bn/bn_div.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/bn.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-/* The old slow way */
-#if 0
-int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
-           BN_CTX *ctx)
-{
-    int i, nm, nd;
-    int ret = 0;
-    BIGNUM *D;
-
-    bn_check_top(m);
-    bn_check_top(d);
-    if (BN_is_zero(d)) {
-        BNerr(BN_F_BN_DIV, BN_R_DIV_BY_ZERO);
-        return (0);
-    }
-
-    if (BN_ucmp(m, d) < 0) {
-        if (rem != NULL) {
-            if (BN_copy(rem, m) == NULL)
-                return (0);
-        }
-        if (dv != NULL)
-            BN_zero(dv);
-        return (1);
-    }
-
-    BN_CTX_start(ctx);
-    D = BN_CTX_get(ctx);
-    if (dv == NULL)
-        dv = BN_CTX_get(ctx);
-    if (rem == NULL)
-        rem = BN_CTX_get(ctx);
-    if (D == NULL || dv == NULL || rem == NULL)
-        goto end;
-
-    nd = BN_num_bits(d);
-    nm = BN_num_bits(m);
-    if (BN_copy(D, d) == NULL)
-        goto end;
-    if (BN_copy(rem, m) == NULL)
-        goto end;
-
-    /*
-     * The next 2 are needed so we can do a dv->d[0]|=1 later since
-     * BN_lshift1 will only work once there is a value :-)
-     */
-    BN_zero(dv);
-    if (bn_wexpand(dv, 1) == NULL)
-        goto end;
-    dv->top = 1;
-
-    if (!BN_lshift(D, D, nm - nd))
-        goto end;
-    for (i = nm - nd; i >= 0; i--) {
-        if (!BN_lshift1(dv, dv))
-            goto end;
-        if (BN_ucmp(rem, D) >= 0) {
-            dv->d[0] |= 1;
-            if (!BN_usub(rem, rem, D))
-                goto end;
-        }
-/* CAN IMPROVE (and have now :=) */
-        if (!BN_rshift1(D, D))
-            goto end;
-    }
-    rem->neg = BN_is_zero(rem) ? 0 : m->neg;
-    dv->neg = m->neg ^ d->neg;
-    ret = 1;
- end:
-    BN_CTX_end(ctx);
-    return (ret);
-}
-
-#else
-
-# if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) \
-    && !defined(PEDANTIC) && !defined(BN_DIV3W)
-#  if defined(__GNUC__) && __GNUC__>=2
-#   if defined(__i386) || defined (__i386__)
-   /*-
-    * There were two reasons for implementing this template:
-    * - GNU C generates a call to a function (__udivdi3 to be exact)
-    *   in reply to ((((BN_ULLONG)n0)<<BN_BITS2)|n1)/d0 (I fail to
-    *   understand why...);
-    * - divl doesn't only calculate quotient, but also leaves
-    *   remainder in %edx which we can definitely use here:-)
-    *
-    *                                   <appro@fy.chalmers.se>
-    */
-#    undef bn_div_words
-#    define bn_div_words(n0,n1,d0)                \
-        ({  asm volatile (                      \
-                "divl   %4"                     \
-                : "=a"(q), "=d"(rem)            \
-                : "a"(n1), "d"(n0), "r"(d0)     \
-                : "cc");                        \
-            q;                                  \
-        })
-#    define REMAINDER_IS_ALREADY_CALCULATED
-#   elif defined(__x86_64) && defined(SIXTY_FOUR_BIT_LONG)
-   /*
-    * Same story here, but it's 128-bit by 64-bit division. Wow!
-    *                                   <appro@fy.chalmers.se>
-    */
-#    undef bn_div_words
-#    define bn_div_words(n0,n1,d0)                \
-        ({  asm volatile (                      \
-                "divq   %4"                     \
-                : "=a"(q), "=d"(rem)            \
-                : "a"(n1), "d"(n0), "r"(d0)     \
-                : "cc");                        \
-            q;                                  \
-        })
-#    define REMAINDER_IS_ALREADY_CALCULATED
-#   endif                       /* __<cpu> */
-#  endif                        /* __GNUC__ */
-# endif                         /* OPENSSL_NO_ASM */
-
-/*-
- * BN_div computes  dv := num / divisor,  rounding towards
- * zero, and sets up rm  such that  dv*divisor + rm = num  holds.
- * Thus:
- *     dv->neg == num->neg ^ divisor->neg  (unless the result is zero)
- *     rm->neg == num->neg                 (unless the remainder is zero)
- * If 'dv' or 'rm' is NULL, the respective value is not returned.
- */
-int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
-           BN_CTX *ctx)
-{
-    int norm_shift, i, loop;
-    BIGNUM *tmp, wnum, *snum, *sdiv, *res;
-    BN_ULONG *resp, *wnump;
-    BN_ULONG d0, d1;
-    int num_n, div_n;
-    int no_branch = 0;
-
-    /*
-     * Invalid zero-padding would have particularly bad consequences so don't
-     * just rely on bn_check_top() here (bn_check_top() works only for
-     * BN_DEBUG builds)
-     */
-    if ((num->top > 0 && num->d[num->top - 1] == 0) ||
-        (divisor->top > 0 && divisor->d[divisor->top - 1] == 0)) {
-        BNerr(BN_F_BN_DIV, BN_R_NOT_INITIALIZED);
-        return 0;
-    }
-
-    bn_check_top(num);
-    bn_check_top(divisor);
-
-    if ((BN_get_flags(num, BN_FLG_CONSTTIME) != 0)
-        || (BN_get_flags(divisor, BN_FLG_CONSTTIME) != 0)) {
-        no_branch = 1;
-    }
-
-    bn_check_top(dv);
-    bn_check_top(rm);
-    /*- bn_check_top(num); *//*
-     * 'num' has been checked already
-     */
-    /*- bn_check_top(divisor); *//*
-     * 'divisor' has been checked already
-     */
-
-    if (BN_is_zero(divisor)) {
-        BNerr(BN_F_BN_DIV, BN_R_DIV_BY_ZERO);
-        return (0);
-    }
-
-    if (!no_branch && BN_ucmp(num, divisor) < 0) {
-        if (rm != NULL) {
-            if (BN_copy(rm, num) == NULL)
-                return (0);
-        }
-        if (dv != NULL)
-            BN_zero(dv);
-        return (1);
-    }
-
-    BN_CTX_start(ctx);
-    tmp = BN_CTX_get(ctx);
-    snum = BN_CTX_get(ctx);
-    sdiv = BN_CTX_get(ctx);
-    if (dv == NULL)
-        res = BN_CTX_get(ctx);
-    else
-        res = dv;
-    if (sdiv == NULL || res == NULL || tmp == NULL || snum == NULL)
-        goto err;
-
-    /* First we normalise the numbers */
-    norm_shift = BN_BITS2 - ((BN_num_bits(divisor)) % BN_BITS2);
-    if (!(BN_lshift(sdiv, divisor, norm_shift)))
-        goto err;
-    sdiv->neg = 0;
-    norm_shift += BN_BITS2;
-    if (!(BN_lshift(snum, num, norm_shift)))
-        goto err;
-    snum->neg = 0;
-
-    if (no_branch) {
-        /*
-         * Since we don't know whether snum is larger than sdiv, we pad snum
-         * with enough zeroes without changing its value.
-         */
-        if (snum->top <= sdiv->top + 1) {
-            if (bn_wexpand(snum, sdiv->top + 2) == NULL)
-                goto err;
-            for (i = snum->top; i < sdiv->top + 2; i++)
-                snum->d[i] = 0;
-            snum->top = sdiv->top + 2;
-        } else {
-            if (bn_wexpand(snum, snum->top + 1) == NULL)
-                goto err;
-            snum->d[snum->top] = 0;
-            snum->top++;
-        }
-    }
-
-    div_n = sdiv->top;
-    num_n = snum->top;
-    loop = num_n - div_n;
-    /*
-     * Lets setup a 'window' into snum This is the part that corresponds to
-     * the current 'area' being divided
-     */
-    wnum.neg = 0;
-    wnum.d = &(snum->d[loop]);
-    wnum.top = div_n;
-    /*
-     * only needed when BN_ucmp messes up the values between top and max
-     */
-    wnum.dmax = snum->dmax - loop; /* so we don't step out of bounds */
-
-    /* Get the top 2 words of sdiv */
-    /* div_n=sdiv->top; */
-    d0 = sdiv->d[div_n - 1];
-    d1 = (div_n == 1) ? 0 : sdiv->d[div_n - 2];
-
-    /* pointer to the 'top' of snum */
-    wnump = &(snum->d[num_n - 1]);
-
-    /* Setup to 'res' */
-    res->neg = (num->neg ^ divisor->neg);
-    if (!bn_wexpand(res, (loop + 1)))
-        goto err;
-    res->top = loop - no_branch;
-    resp = &(res->d[loop - 1]);
-
-    /* space for temp */
-    if (!bn_wexpand(tmp, (div_n + 1)))
-        goto err;
-
-    if (!no_branch) {
-        if (BN_ucmp(&wnum, sdiv) >= 0) {
-            /*
-             * If BN_DEBUG_RAND is defined BN_ucmp changes (via bn_pollute)
-             * the const bignum arguments => clean the values between top and
-             * max again
-             */
-            bn_clear_top2max(&wnum);
-            bn_sub_words(wnum.d, wnum.d, sdiv->d, div_n);
-            *resp = 1;
-        } else
-            res->top--;
-    }
-
-    /*
-     * if res->top == 0 then clear the neg value otherwise decrease the resp
-     * pointer
-     */
-    if (res->top == 0)
-        res->neg = 0;
-    else
-        resp--;
-
-    for (i = 0; i < loop - 1; i++, wnump--, resp--) {
-        BN_ULONG q, l0;
-        /*
-         * the first part of the loop uses the top two words of snum and sdiv
-         * to calculate a BN_ULONG q such that | wnum - sdiv * q | < sdiv
-         */
-# if defined(BN_DIV3W) && !defined(OPENSSL_NO_ASM)
-        BN_ULONG bn_div_3_words(BN_ULONG *, BN_ULONG, BN_ULONG);
-        q = bn_div_3_words(wnump, d1, d0);
-# else
-        BN_ULONG n0, n1, rem = 0;
-
-        n0 = wnump[0];
-        n1 = wnump[-1];
-        if (n0 == d0)
-            q = BN_MASK2;
-        else {                  /* n0 < d0 */
-
-#  ifdef BN_LLONG
-            BN_ULLONG t2;
-
-#   if defined(BN_LLONG) && defined(BN_DIV2W) && !defined(bn_div_words)
-            q = (BN_ULONG)(((((BN_ULLONG) n0) << BN_BITS2) | n1) / d0);
-#   else
-            q = bn_div_words(n0, n1, d0);
-#    ifdef BN_DEBUG_LEVITTE
-            fprintf(stderr, "DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\
-X) -> 0x%08X\n", n0, n1, d0, q);
-#    endif
-#   endif
-
-#   ifndef REMAINDER_IS_ALREADY_CALCULATED
-            /*
-             * rem doesn't have to be BN_ULLONG. The least we
-             * know it's less that d0, isn't it?
-             */
-            rem = (n1 - q * d0) & BN_MASK2;
-#   endif
-            t2 = (BN_ULLONG) d1 *q;
-
-            for (;;) {
-                if (t2 <= ((((BN_ULLONG) rem) << BN_BITS2) | wnump[-2]))
-                    break;
-                q--;
-                rem += d0;
-                if (rem < d0)
-                    break;      /* don't let rem overflow */
-                t2 -= d1;
-            }
-#  else                         /* !BN_LLONG */
-            BN_ULONG t2l, t2h;
-
-            q = bn_div_words(n0, n1, d0);
-#   ifdef BN_DEBUG_LEVITTE
-            fprintf(stderr, "DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\
-X) -> 0x%08X\n", n0, n1, d0, q);
-#   endif
-#   ifndef REMAINDER_IS_ALREADY_CALCULATED
-            rem = (n1 - q * d0) & BN_MASK2;
-#   endif
-
-#   if defined(BN_UMULT_LOHI)
-            BN_UMULT_LOHI(t2l, t2h, d1, q);
-#   elif defined(BN_UMULT_HIGH)
-            t2l = d1 * q;
-            t2h = BN_UMULT_HIGH(d1, q);
-#   else
-            {
-                BN_ULONG ql, qh;
-                t2l = LBITS(d1);
-                t2h = HBITS(d1);
-                ql = LBITS(q);
-                qh = HBITS(q);
-                mul64(t2l, t2h, ql, qh); /* t2=(BN_ULLONG)d1*q; */
-            }
-#   endif
-
-            for (;;) {
-                if ((t2h < rem) || ((t2h == rem) && (t2l <= wnump[-2])))
-                    break;
-                q--;
-                rem += d0;
-                if (rem < d0)
-                    break;      /* don't let rem overflow */
-                if (t2l < d1)
-                    t2h--;
-                t2l -= d1;
-            }
-#  endif                        /* !BN_LLONG */
-        }
-# endif                         /* !BN_DIV3W */
-
-        l0 = bn_mul_words(tmp->d, sdiv->d, div_n, q);
-        tmp->d[div_n] = l0;
-        wnum.d--;
-        /*
-         * ingore top values of the bignums just sub the two BN_ULONG arrays
-         * with bn_sub_words
-         */
-        if (bn_sub_words(wnum.d, wnum.d, tmp->d, div_n + 1)) {
-            /*
-             * Note: As we have considered only the leading two BN_ULONGs in
-             * the calculation of q, sdiv * q might be greater than wnum (but
-             * then (q-1) * sdiv is less or equal than wnum)
-             */
-            q--;
-            if (bn_add_words(wnum.d, wnum.d, sdiv->d, div_n))
-                /*
-                 * we can't have an overflow here (assuming that q != 0, but
-                 * if q == 0 then tmp is zero anyway)
-                 */
-                (*wnump)++;
-        }
-        /* store part of the result */
-        *resp = q;
-    }
-    bn_correct_top(snum);
-    if (rm != NULL) {
-        /*
-         * Keep a copy of the neg flag in num because if rm==num BN_rshift()
-         * will overwrite it.
-         */
-        int neg = num->neg;
-        BN_rshift(rm, snum, norm_shift);
-        if (!BN_is_zero(rm))
-            rm->neg = neg;
-        bn_check_top(rm);
-    }
-    if (no_branch)
-        bn_correct_top(res);
-    BN_CTX_end(ctx);
-    return (1);
- err:
-    bn_check_top(rm);
-    BN_CTX_end(ctx);
-    return (0);
-}
-#endif
diff --git a/thirdparty/openssl/crypto/bn/bn_err.c b/thirdparty/openssl/crypto/bn/bn_err.c
deleted file mode 100644
index e7a703826e..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_err.c
+++ /dev/null
@@ -1,154 +0,0 @@
-/* crypto/bn/bn_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2015 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/bn.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_BN,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_BN,0,reason)
-
-static ERR_STRING_DATA BN_str_functs[] = {
-    {ERR_FUNC(BN_F_BNRAND), "BNRAND"},
-    {ERR_FUNC(BN_F_BN_BLINDING_CONVERT_EX), "BN_BLINDING_convert_ex"},
-    {ERR_FUNC(BN_F_BN_BLINDING_CREATE_PARAM), "BN_BLINDING_create_param"},
-    {ERR_FUNC(BN_F_BN_BLINDING_INVERT_EX), "BN_BLINDING_invert_ex"},
-    {ERR_FUNC(BN_F_BN_BLINDING_NEW), "BN_BLINDING_new"},
-    {ERR_FUNC(BN_F_BN_BLINDING_UPDATE), "BN_BLINDING_update"},
-    {ERR_FUNC(BN_F_BN_BN2DEC), "BN_bn2dec"},
-    {ERR_FUNC(BN_F_BN_BN2HEX), "BN_bn2hex"},
-    {ERR_FUNC(BN_F_BN_CTX_GET), "BN_CTX_get"},
-    {ERR_FUNC(BN_F_BN_CTX_NEW), "BN_CTX_new"},
-    {ERR_FUNC(BN_F_BN_CTX_START), "BN_CTX_start"},
-    {ERR_FUNC(BN_F_BN_DIV), "BN_div"},
-    {ERR_FUNC(BN_F_BN_DIV_NO_BRANCH), "BN_div_no_branch"},
-    {ERR_FUNC(BN_F_BN_DIV_RECP), "BN_div_recp"},
-    {ERR_FUNC(BN_F_BN_EXP), "BN_exp"},
-    {ERR_FUNC(BN_F_BN_EXPAND2), "bn_expand2"},
-    {ERR_FUNC(BN_F_BN_EXPAND_INTERNAL), "BN_EXPAND_INTERNAL"},
-    {ERR_FUNC(BN_F_BN_GF2M_MOD), "BN_GF2m_mod"},
-    {ERR_FUNC(BN_F_BN_GF2M_MOD_EXP), "BN_GF2m_mod_exp"},
-    {ERR_FUNC(BN_F_BN_GF2M_MOD_MUL), "BN_GF2m_mod_mul"},
-    {ERR_FUNC(BN_F_BN_GF2M_MOD_SOLVE_QUAD), "BN_GF2m_mod_solve_quad"},
-    {ERR_FUNC(BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR), "BN_GF2m_mod_solve_quad_arr"},
-    {ERR_FUNC(BN_F_BN_GF2M_MOD_SQR), "BN_GF2m_mod_sqr"},
-    {ERR_FUNC(BN_F_BN_GF2M_MOD_SQRT), "BN_GF2m_mod_sqrt"},
-    {ERR_FUNC(BN_F_BN_LSHIFT), "BN_lshift"},
-    {ERR_FUNC(BN_F_BN_MOD_EXP2_MONT), "BN_mod_exp2_mont"},
-    {ERR_FUNC(BN_F_BN_MOD_EXP_MONT), "BN_mod_exp_mont"},
-    {ERR_FUNC(BN_F_BN_MOD_EXP_MONT_CONSTTIME), "BN_mod_exp_mont_consttime"},
-    {ERR_FUNC(BN_F_BN_MOD_EXP_MONT_WORD), "BN_mod_exp_mont_word"},
-    {ERR_FUNC(BN_F_BN_MOD_EXP_RECP), "BN_mod_exp_recp"},
-    {ERR_FUNC(BN_F_BN_MOD_EXP_SIMPLE), "BN_mod_exp_simple"},
-    {ERR_FUNC(BN_F_BN_MOD_INVERSE), "BN_mod_inverse"},
-    {ERR_FUNC(BN_F_BN_MOD_INVERSE_NO_BRANCH), "BN_mod_inverse_no_branch"},
-    {ERR_FUNC(BN_F_BN_MOD_LSHIFT_QUICK), "BN_mod_lshift_quick"},
-    {ERR_FUNC(BN_F_BN_MOD_MUL_RECIPROCAL), "BN_mod_mul_reciprocal"},
-    {ERR_FUNC(BN_F_BN_MOD_SQRT), "BN_mod_sqrt"},
-    {ERR_FUNC(BN_F_BN_MPI2BN), "BN_mpi2bn"},
-    {ERR_FUNC(BN_F_BN_NEW), "BN_new"},
-    {ERR_FUNC(BN_F_BN_RAND), "BN_rand"},
-    {ERR_FUNC(BN_F_BN_RAND_RANGE), "BN_rand_range"},
-    {ERR_FUNC(BN_F_BN_RSHIFT), "BN_rshift"},
-    {ERR_FUNC(BN_F_BN_USUB), "BN_usub"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA BN_str_reasons[] = {
-    {ERR_REASON(BN_R_ARG2_LT_ARG3), "arg2 lt arg3"},
-    {ERR_REASON(BN_R_BAD_RECIPROCAL), "bad reciprocal"},
-    {ERR_REASON(BN_R_BIGNUM_TOO_LONG), "bignum too long"},
-    {ERR_REASON(BN_R_BITS_TOO_SMALL), "bits too small"},
-    {ERR_REASON(BN_R_CALLED_WITH_EVEN_MODULUS), "called with even modulus"},
-    {ERR_REASON(BN_R_DIV_BY_ZERO), "div by zero"},
-    {ERR_REASON(BN_R_ENCODING_ERROR), "encoding error"},
-    {ERR_REASON(BN_R_EXPAND_ON_STATIC_BIGNUM_DATA),
-     "expand on static bignum data"},
-    {ERR_REASON(BN_R_INPUT_NOT_REDUCED), "input not reduced"},
-    {ERR_REASON(BN_R_INVALID_LENGTH), "invalid length"},
-    {ERR_REASON(BN_R_INVALID_RANGE), "invalid range"},
-    {ERR_REASON(BN_R_INVALID_SHIFT), "invalid shift"},
-    {ERR_REASON(BN_R_NOT_A_SQUARE), "not a square"},
-    {ERR_REASON(BN_R_NOT_INITIALIZED), "not initialized"},
-    {ERR_REASON(BN_R_NO_INVERSE), "no inverse"},
-    {ERR_REASON(BN_R_NO_SOLUTION), "no solution"},
-    {ERR_REASON(BN_R_P_IS_NOT_PRIME), "p is not prime"},
-    {ERR_REASON(BN_R_TOO_MANY_ITERATIONS), "too many iterations"},
-    {ERR_REASON(BN_R_TOO_MANY_TEMPORARY_VARIABLES),
-     "too many temporary variables"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_BN_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(BN_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, BN_str_functs);
-        ERR_load_strings(0, BN_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/bn/bn_exp.c b/thirdparty/openssl/crypto/bn/bn_exp.c
deleted file mode 100644
index 195a7867a4..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_exp.c
+++ /dev/null
@@ -1,1458 +0,0 @@
-/* crypto/bn/bn_exp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include "constant_time_locl.h"
-#include "bn_lcl.h"
-
-#include <stdlib.h>
-#ifdef _WIN32
-# include <malloc.h>
-# ifndef alloca
-#  define alloca _alloca
-# endif
-#elif defined(__GNUC__)
-# ifndef alloca
-#  define alloca(s) __builtin_alloca((s))
-# endif
-#elif defined(__sun)
-# include <alloca.h>
-#endif
-
-#include "rsaz_exp.h"
-
-#undef SPARC_T4_MONT
-#if defined(OPENSSL_BN_ASM_MONT) && (defined(__sparc__) || defined(__sparc))
-# include "sparc_arch.h"
-extern unsigned int OPENSSL_sparcv9cap_P[];
-# define SPARC_T4_MONT
-#endif
-
-/* maximum precomputation table size for *variable* sliding windows */
-#define TABLE_SIZE      32
-
-/* this one works - simple but works */
-int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
-{
-    int i, bits, ret = 0;
-    BIGNUM *v, *rr;
-
-    if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
-        /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
-        BNerr(BN_F_BN_EXP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return -1;
-    }
-
-    BN_CTX_start(ctx);
-    if ((r == a) || (r == p))
-        rr = BN_CTX_get(ctx);
-    else
-        rr = r;
-    v = BN_CTX_get(ctx);
-    if (rr == NULL || v == NULL)
-        goto err;
-
-    if (BN_copy(v, a) == NULL)
-        goto err;
-    bits = BN_num_bits(p);
-
-    if (BN_is_odd(p)) {
-        if (BN_copy(rr, a) == NULL)
-            goto err;
-    } else {
-        if (!BN_one(rr))
-            goto err;
-    }
-
-    for (i = 1; i < bits; i++) {
-        if (!BN_sqr(v, v, ctx))
-            goto err;
-        if (BN_is_bit_set(p, i)) {
-            if (!BN_mul(rr, rr, v, ctx))
-                goto err;
-        }
-    }
-    if (r != rr && BN_copy(r, rr) == NULL)
-        goto err;
-
-    ret = 1;
- err:
-    BN_CTX_end(ctx);
-    bn_check_top(r);
-    return (ret);
-}
-
-int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
-               BN_CTX *ctx)
-{
-    int ret;
-
-    bn_check_top(a);
-    bn_check_top(p);
-    bn_check_top(m);
-
-    /*-
-     * For even modulus  m = 2^k*m_odd,  it might make sense to compute
-     * a^p mod m_odd  and  a^p mod 2^k  separately (with Montgomery
-     * exponentiation for the odd part), using appropriate exponent
-     * reductions, and combine the results using the CRT.
-     *
-     * For now, we use Montgomery only if the modulus is odd; otherwise,
-     * exponentiation using the reciprocal-based quick remaindering
-     * algorithm is used.
-     *
-     * (Timing obtained with expspeed.c [computations  a^p mod m
-     * where  a, p, m  are of the same length: 256, 512, 1024, 2048,
-     * 4096, 8192 bits], compared to the running time of the
-     * standard algorithm:
-     *
-     *   BN_mod_exp_mont   33 .. 40 %  [AMD K6-2, Linux, debug configuration]
-     *                     55 .. 77 %  [UltraSparc processor, but
-     *                                  debug-solaris-sparcv8-gcc conf.]
-     *
-     *   BN_mod_exp_recp   50 .. 70 %  [AMD K6-2, Linux, debug configuration]
-     *                     62 .. 118 % [UltraSparc, debug-solaris-sparcv8-gcc]
-     *
-     * On the Sparc, BN_mod_exp_recp was faster than BN_mod_exp_mont
-     * at 2048 and more bits, but at 512 and 1024 bits, it was
-     * slower even than the standard algorithm!
-     *
-     * "Real" timings [linux-elf, solaris-sparcv9-gcc configurations]
-     * should be obtained when the new Montgomery reduction code
-     * has been integrated into OpenSSL.)
-     */
-
-#define MONT_MUL_MOD
-#define MONT_EXP_WORD
-#define RECP_MUL_MOD
-
-#ifdef MONT_MUL_MOD
-    /*
-     * I have finally been able to take out this pre-condition of the top bit
-     * being set.  It was caused by an error in BN_div with negatives.  There
-     * was also another problem when for a^b%m a >= m.  eay 07-May-97
-     */
-    /* if ((m->d[m->top-1]&BN_TBIT) && BN_is_odd(m)) */
-
-    if (BN_is_odd(m)) {
-# ifdef MONT_EXP_WORD
-        if (a->top == 1 && !a->neg
-            && (BN_get_flags(p, BN_FLG_CONSTTIME) == 0)) {
-            BN_ULONG A = a->d[0];
-            ret = BN_mod_exp_mont_word(r, A, p, m, ctx, NULL);
-        } else
-# endif
-            ret = BN_mod_exp_mont(r, a, p, m, ctx, NULL);
-    } else
-#endif
-#ifdef RECP_MUL_MOD
-    {
-        ret = BN_mod_exp_recp(r, a, p, m, ctx);
-    }
-#else
-    {
-        ret = BN_mod_exp_simple(r, a, p, m, ctx);
-    }
-#endif
-
-    bn_check_top(r);
-    return (ret);
-}
-
-int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                    const BIGNUM *m, BN_CTX *ctx)
-{
-    int i, j, bits, ret = 0, wstart, wend, window, wvalue;
-    int start = 1;
-    BIGNUM *aa;
-    /* Table of variables obtained from 'ctx' */
-    BIGNUM *val[TABLE_SIZE];
-    BN_RECP_CTX recp;
-
-    if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
-        /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
-        BNerr(BN_F_BN_MOD_EXP_RECP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return -1;
-    }
-
-    bits = BN_num_bits(p);
-    if (bits == 0) {
-        /* x**0 mod 1 is still zero. */
-        if (BN_is_one(m)) {
-            ret = 1;
-            BN_zero(r);
-        } else {
-            ret = BN_one(r);
-        }
-        return ret;
-    }
-
-    BN_CTX_start(ctx);
-    aa = BN_CTX_get(ctx);
-    val[0] = BN_CTX_get(ctx);
-    if (!aa || !val[0])
-        goto err;
-
-    BN_RECP_CTX_init(&recp);
-    if (m->neg) {
-        /* ignore sign of 'm' */
-        if (!BN_copy(aa, m))
-            goto err;
-        aa->neg = 0;
-        if (BN_RECP_CTX_set(&recp, aa, ctx) <= 0)
-            goto err;
-    } else {
-        if (BN_RECP_CTX_set(&recp, m, ctx) <= 0)
-            goto err;
-    }
-
-    if (!BN_nnmod(val[0], a, m, ctx))
-        goto err;               /* 1 */
-    if (BN_is_zero(val[0])) {
-        BN_zero(r);
-        ret = 1;
-        goto err;
-    }
-
-    window = BN_window_bits_for_exponent_size(bits);
-    if (window > 1) {
-        if (!BN_mod_mul_reciprocal(aa, val[0], val[0], &recp, ctx))
-            goto err;           /* 2 */
-        j = 1 << (window - 1);
-        for (i = 1; i < j; i++) {
-            if (((val[i] = BN_CTX_get(ctx)) == NULL) ||
-                !BN_mod_mul_reciprocal(val[i], val[i - 1], aa, &recp, ctx))
-                goto err;
-        }
-    }
-
-    start = 1;                  /* This is used to avoid multiplication etc
-                                 * when there is only the value '1' in the
-                                 * buffer. */
-    wvalue = 0;                 /* The 'value' of the window */
-    wstart = bits - 1;          /* The top bit of the window */
-    wend = 0;                   /* The bottom bit of the window */
-
-    if (!BN_one(r))
-        goto err;
-
-    for (;;) {
-        if (BN_is_bit_set(p, wstart) == 0) {
-            if (!start)
-                if (!BN_mod_mul_reciprocal(r, r, r, &recp, ctx))
-                    goto err;
-            if (wstart == 0)
-                break;
-            wstart--;
-            continue;
-        }
-        /*
-         * We now have wstart on a 'set' bit, we now need to work out how bit
-         * a window to do.  To do this we need to scan forward until the last
-         * set bit before the end of the window
-         */
-        j = wstart;
-        wvalue = 1;
-        wend = 0;
-        for (i = 1; i < window; i++) {
-            if (wstart - i < 0)
-                break;
-            if (BN_is_bit_set(p, wstart - i)) {
-                wvalue <<= (i - wend);
-                wvalue |= 1;
-                wend = i;
-            }
-        }
-
-        /* wend is the size of the current window */
-        j = wend + 1;
-        /* add the 'bytes above' */
-        if (!start)
-            for (i = 0; i < j; i++) {
-                if (!BN_mod_mul_reciprocal(r, r, r, &recp, ctx))
-                    goto err;
-            }
-
-        /* wvalue will be an odd number < 2^window */
-        if (!BN_mod_mul_reciprocal(r, r, val[wvalue >> 1], &recp, ctx))
-            goto err;
-
-        /* move the 'window' down further */
-        wstart -= wend + 1;
-        wvalue = 0;
-        start = 0;
-        if (wstart < 0)
-            break;
-    }
-    ret = 1;
- err:
-    BN_CTX_end(ctx);
-    BN_RECP_CTX_free(&recp);
-    bn_check_top(r);
-    return (ret);
-}
-
-int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
-                    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
-{
-    int i, j, bits, ret = 0, wstart, wend, window, wvalue;
-    int start = 1;
-    BIGNUM *d, *r;
-    const BIGNUM *aa;
-    /* Table of variables obtained from 'ctx' */
-    BIGNUM *val[TABLE_SIZE];
-    BN_MONT_CTX *mont = NULL;
-
-    if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
-        return BN_mod_exp_mont_consttime(rr, a, p, m, ctx, in_mont);
-    }
-
-    bn_check_top(a);
-    bn_check_top(p);
-    bn_check_top(m);
-
-    if (!BN_is_odd(m)) {
-        BNerr(BN_F_BN_MOD_EXP_MONT, BN_R_CALLED_WITH_EVEN_MODULUS);
-        return (0);
-    }
-    bits = BN_num_bits(p);
-    if (bits == 0) {
-        /* x**0 mod 1 is still zero. */
-        if (BN_is_one(m)) {
-            ret = 1;
-            BN_zero(rr);
-        } else {
-            ret = BN_one(rr);
-        }
-        return ret;
-    }
-
-    BN_CTX_start(ctx);
-    d = BN_CTX_get(ctx);
-    r = BN_CTX_get(ctx);
-    val[0] = BN_CTX_get(ctx);
-    if (!d || !r || !val[0])
-        goto err;
-
-    /*
-     * If this is not done, things will break in the montgomery part
-     */
-
-    if (in_mont != NULL)
-        mont = in_mont;
-    else {
-        if ((mont = BN_MONT_CTX_new()) == NULL)
-            goto err;
-        if (!BN_MONT_CTX_set(mont, m, ctx))
-            goto err;
-    }
-
-    if (a->neg || BN_ucmp(a, m) >= 0) {
-        if (!BN_nnmod(val[0], a, m, ctx))
-            goto err;
-        aa = val[0];
-    } else
-        aa = a;
-    if (BN_is_zero(aa)) {
-        BN_zero(rr);
-        ret = 1;
-        goto err;
-    }
-    if (!BN_to_montgomery(val[0], aa, mont, ctx))
-        goto err;               /* 1 */
-
-    window = BN_window_bits_for_exponent_size(bits);
-    if (window > 1) {
-        if (!BN_mod_mul_montgomery(d, val[0], val[0], mont, ctx))
-            goto err;           /* 2 */
-        j = 1 << (window - 1);
-        for (i = 1; i < j; i++) {
-            if (((val[i] = BN_CTX_get(ctx)) == NULL) ||
-                !BN_mod_mul_montgomery(val[i], val[i - 1], d, mont, ctx))
-                goto err;
-        }
-    }
-
-    start = 1;                  /* This is used to avoid multiplication etc
-                                 * when there is only the value '1' in the
-                                 * buffer. */
-    wvalue = 0;                 /* The 'value' of the window */
-    wstart = bits - 1;          /* The top bit of the window */
-    wend = 0;                   /* The bottom bit of the window */
-
-#if 1                           /* by Shay Gueron's suggestion */
-    j = m->top;                 /* borrow j */
-    if (m->d[j - 1] & (((BN_ULONG)1) << (BN_BITS2 - 1))) {
-        if (bn_wexpand(r, j) == NULL)
-            goto err;
-        /* 2^(top*BN_BITS2) - m */
-        r->d[0] = (0 - m->d[0]) & BN_MASK2;
-        for (i = 1; i < j; i++)
-            r->d[i] = (~m->d[i]) & BN_MASK2;
-        r->top = j;
-        /*
-         * Upper words will be zero if the corresponding words of 'm' were
-         * 0xfff[...], so decrement r->top accordingly.
-         */
-        bn_correct_top(r);
-    } else
-#endif
-    if (!BN_to_montgomery(r, BN_value_one(), mont, ctx))
-        goto err;
-    for (;;) {
-        if (BN_is_bit_set(p, wstart) == 0) {
-            if (!start) {
-                if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
-                    goto err;
-            }
-            if (wstart == 0)
-                break;
-            wstart--;
-            continue;
-        }
-        /*
-         * We now have wstart on a 'set' bit, we now need to work out how bit
-         * a window to do.  To do this we need to scan forward until the last
-         * set bit before the end of the window
-         */
-        j = wstart;
-        wvalue = 1;
-        wend = 0;
-        for (i = 1; i < window; i++) {
-            if (wstart - i < 0)
-                break;
-            if (BN_is_bit_set(p, wstart - i)) {
-                wvalue <<= (i - wend);
-                wvalue |= 1;
-                wend = i;
-            }
-        }
-
-        /* wend is the size of the current window */
-        j = wend + 1;
-        /* add the 'bytes above' */
-        if (!start)
-            for (i = 0; i < j; i++) {
-                if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
-                    goto err;
-            }
-
-        /* wvalue will be an odd number < 2^window */
-        if (!BN_mod_mul_montgomery(r, r, val[wvalue >> 1], mont, ctx))
-            goto err;
-
-        /* move the 'window' down further */
-        wstart -= wend + 1;
-        wvalue = 0;
-        start = 0;
-        if (wstart < 0)
-            break;
-    }
-#if defined(SPARC_T4_MONT)
-    if (OPENSSL_sparcv9cap_P[0] & (SPARCV9_VIS3 | SPARCV9_PREFER_FPU)) {
-        j = mont->N.top;        /* borrow j */
-        val[0]->d[0] = 1;       /* borrow val[0] */
-        for (i = 1; i < j; i++)
-            val[0]->d[i] = 0;
-        val[0]->top = j;
-        if (!BN_mod_mul_montgomery(rr, r, val[0], mont, ctx))
-            goto err;
-    } else
-#endif
-    if (!BN_from_montgomery(rr, r, mont, ctx))
-        goto err;
-    ret = 1;
- err:
-    if ((in_mont == NULL) && (mont != NULL))
-        BN_MONT_CTX_free(mont);
-    BN_CTX_end(ctx);
-    bn_check_top(rr);
-    return (ret);
-}
-
-#if defined(SPARC_T4_MONT)
-static BN_ULONG bn_get_bits(const BIGNUM *a, int bitpos)
-{
-    BN_ULONG ret = 0;
-    int wordpos;
-
-    wordpos = bitpos / BN_BITS2;
-    bitpos %= BN_BITS2;
-    if (wordpos >= 0 && wordpos < a->top) {
-        ret = a->d[wordpos] & BN_MASK2;
-        if (bitpos) {
-            ret >>= bitpos;
-            if (++wordpos < a->top)
-                ret |= a->d[wordpos] << (BN_BITS2 - bitpos);
-        }
-    }
-
-    return ret & BN_MASK2;
-}
-#endif
-
-/*
- * BN_mod_exp_mont_consttime() stores the precomputed powers in a specific
- * layout so that accessing any of these table values shows the same access
- * pattern as far as cache lines are concerned.  The following functions are
- * used to transfer a BIGNUM from/to that table.
- */
-
-static int MOD_EXP_CTIME_COPY_TO_PREBUF(const BIGNUM *b, int top,
-                                        unsigned char *buf, int idx,
-                                        int window)
-{
-    int i, j;
-    int width = 1 << window;
-    BN_ULONG *table = (BN_ULONG *)buf;
-
-    if (top > b->top)
-        top = b->top;           /* this works because 'buf' is explicitly
-                                 * zeroed */
-    for (i = 0, j = idx; i < top; i++, j += width) {
-        table[j] = b->d[i];
-    }
-
-    return 1;
-}
-
-static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top,
-                                          unsigned char *buf, int idx,
-                                          int window)
-{
-    int i, j;
-    int width = 1 << window;
-    volatile BN_ULONG *table = (volatile BN_ULONG *)buf;
-
-    if (bn_wexpand(b, top) == NULL)
-        return 0;
-
-    if (window <= 3) {
-        for (i = 0; i < top; i++, table += width) {
-            BN_ULONG acc = 0;
-
-            for (j = 0; j < width; j++) {
-                acc |= table[j] &
-                       ((BN_ULONG)0 - (constant_time_eq_int(j,idx)&1));
-            }
-
-            b->d[i] = acc;
-        }
-    } else {
-        int xstride = 1 << (window - 2);
-        BN_ULONG y0, y1, y2, y3;
-
-        i = idx >> (window - 2);        /* equivalent of idx / xstride */
-        idx &= xstride - 1;             /* equivalent of idx % xstride */
-
-        y0 = (BN_ULONG)0 - (constant_time_eq_int(i,0)&1);
-        y1 = (BN_ULONG)0 - (constant_time_eq_int(i,1)&1);
-        y2 = (BN_ULONG)0 - (constant_time_eq_int(i,2)&1);
-        y3 = (BN_ULONG)0 - (constant_time_eq_int(i,3)&1);
-
-        for (i = 0; i < top; i++, table += width) {
-            BN_ULONG acc = 0;
-
-            for (j = 0; j < xstride; j++) {
-                acc |= ( (table[j + 0 * xstride] & y0) |
-                         (table[j + 1 * xstride] & y1) |
-                         (table[j + 2 * xstride] & y2) |
-                         (table[j + 3 * xstride] & y3) )
-                       & ((BN_ULONG)0 - (constant_time_eq_int(j,idx)&1));
-            }
-
-            b->d[i] = acc;
-        }
-    }
-
-    b->top = top;
-    bn_correct_top(b);
-    return 1;
-}
-
-/*
- * Given a pointer value, compute the next address that is a cache line
- * multiple.
- */
-#define MOD_EXP_CTIME_ALIGN(x_) \
-        ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((size_t)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
-
-/*
- * This variant of BN_mod_exp_mont() uses fixed windows and the special
- * precomputation memory layout to limit data-dependency to a minimum to
- * protect secret exponents (cf. the hyper-threading timing attacks pointed
- * out by Colin Percival,
- * http://www.daemonology.net/hyperthreading-considered-harmful/)
- */
-int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
-                              const BIGNUM *m, BN_CTX *ctx,
-                              BN_MONT_CTX *in_mont)
-{
-    int i, bits, ret = 0, window, wvalue;
-    int top;
-    BN_MONT_CTX *mont = NULL;
-
-    int numPowers;
-    unsigned char *powerbufFree = NULL;
-    int powerbufLen = 0;
-    unsigned char *powerbuf = NULL;
-    BIGNUM tmp, am;
-#if defined(SPARC_T4_MONT)
-    unsigned int t4 = 0;
-#endif
-
-    bn_check_top(a);
-    bn_check_top(p);
-    bn_check_top(m);
-
-    if (!BN_is_odd(m)) {
-        BNerr(BN_F_BN_MOD_EXP_MONT_CONSTTIME, BN_R_CALLED_WITH_EVEN_MODULUS);
-        return (0);
-    }
-
-    top = m->top;
-
-    bits = BN_num_bits(p);
-    if (bits == 0) {
-        /* x**0 mod 1 is still zero. */
-        if (BN_is_one(m)) {
-            ret = 1;
-            BN_zero(rr);
-        } else {
-            ret = BN_one(rr);
-        }
-        return ret;
-    }
-
-    BN_CTX_start(ctx);
-
-    /*
-     * Allocate a montgomery context if it was not supplied by the caller. If
-     * this is not done, things will break in the montgomery part.
-     */
-    if (in_mont != NULL)
-        mont = in_mont;
-    else {
-        if ((mont = BN_MONT_CTX_new()) == NULL)
-            goto err;
-        if (!BN_MONT_CTX_set(mont, m, ctx))
-            goto err;
-    }
-
-#ifdef RSAZ_ENABLED
-    /*
-     * If the size of the operands allow it, perform the optimized
-     * RSAZ exponentiation. For further information see
-     * crypto/bn/rsaz_exp.c and accompanying assembly modules.
-     */
-    if ((16 == a->top) && (16 == p->top) && (BN_num_bits(m) == 1024)
-        && rsaz_avx2_eligible()) {
-        if (NULL == bn_wexpand(rr, 16))
-            goto err;
-        RSAZ_1024_mod_exp_avx2(rr->d, a->d, p->d, m->d, mont->RR.d,
-                               mont->n0[0]);
-        rr->top = 16;
-        rr->neg = 0;
-        bn_correct_top(rr);
-        ret = 1;
-        goto err;
-    } else if ((8 == a->top) && (8 == p->top) && (BN_num_bits(m) == 512)) {
-        if (NULL == bn_wexpand(rr, 8))
-            goto err;
-        RSAZ_512_mod_exp(rr->d, a->d, p->d, m->d, mont->n0[0], mont->RR.d);
-        rr->top = 8;
-        rr->neg = 0;
-        bn_correct_top(rr);
-        ret = 1;
-        goto err;
-    }
-#endif
-
-    /* Get the window size to use with size of p. */
-    window = BN_window_bits_for_ctime_exponent_size(bits);
-#if defined(SPARC_T4_MONT)
-    if (window >= 5 && (top & 15) == 0 && top <= 64 &&
-        (OPENSSL_sparcv9cap_P[1] & (CFR_MONTMUL | CFR_MONTSQR)) ==
-        (CFR_MONTMUL | CFR_MONTSQR) && (t4 = OPENSSL_sparcv9cap_P[0]))
-        window = 5;
-    else
-#endif
-#if defined(OPENSSL_BN_ASM_MONT5)
-    if (window >= 5) {
-        window = 5;             /* ~5% improvement for RSA2048 sign, and even
-                                 * for RSA4096 */
-        /* reserve space for mont->N.d[] copy */
-        powerbufLen += top * sizeof(mont->N.d[0]);
-    }
-#endif
-    (void)0;
-
-    /*
-     * Allocate a buffer large enough to hold all of the pre-computed powers
-     * of am, am itself and tmp.
-     */
-    numPowers = 1 << window;
-    powerbufLen += sizeof(m->d[0]) * (top * numPowers +
-                                      ((2 * top) >
-                                       numPowers ? (2 * top) : numPowers));
-#ifdef alloca
-    if (powerbufLen < 3072)
-        powerbufFree =
-            alloca(powerbufLen + MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH);
-    else
-#endif
-        if ((powerbufFree =
-             (unsigned char *)OPENSSL_malloc(powerbufLen +
-                                             MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH))
-            == NULL)
-        goto err;
-
-    powerbuf = MOD_EXP_CTIME_ALIGN(powerbufFree);
-    memset(powerbuf, 0, powerbufLen);
-
-#ifdef alloca
-    if (powerbufLen < 3072)
-        powerbufFree = NULL;
-#endif
-
-    /* lay down tmp and am right after powers table */
-    tmp.d = (BN_ULONG *)(powerbuf + sizeof(m->d[0]) * top * numPowers);
-    am.d = tmp.d + top;
-    tmp.top = am.top = 0;
-    tmp.dmax = am.dmax = top;
-    tmp.neg = am.neg = 0;
-    tmp.flags = am.flags = BN_FLG_STATIC_DATA;
-
-    /* prepare a^0 in Montgomery domain */
-#if 1                           /* by Shay Gueron's suggestion */
-    if (m->d[top - 1] & (((BN_ULONG)1) << (BN_BITS2 - 1))) {
-        /* 2^(top*BN_BITS2) - m */
-        tmp.d[0] = (0 - m->d[0]) & BN_MASK2;
-        for (i = 1; i < top; i++)
-            tmp.d[i] = (~m->d[i]) & BN_MASK2;
-        tmp.top = top;
-    } else
-#endif
-    if (!BN_to_montgomery(&tmp, BN_value_one(), mont, ctx))
-        goto err;
-
-    /* prepare a^1 in Montgomery domain */
-    if (a->neg || BN_ucmp(a, m) >= 0) {
-        if (!BN_mod(&am, a, m, ctx))
-            goto err;
-        if (!BN_to_montgomery(&am, &am, mont, ctx))
-            goto err;
-    } else if (!BN_to_montgomery(&am, a, mont, ctx))
-        goto err;
-
-#if defined(SPARC_T4_MONT)
-    if (t4) {
-        typedef int (*bn_pwr5_mont_f) (BN_ULONG *tp, const BN_ULONG *np,
-                                       const BN_ULONG *n0, const void *table,
-                                       int power, int bits);
-        int bn_pwr5_mont_t4_8(BN_ULONG *tp, const BN_ULONG *np,
-                              const BN_ULONG *n0, const void *table,
-                              int power, int bits);
-        int bn_pwr5_mont_t4_16(BN_ULONG *tp, const BN_ULONG *np,
-                               const BN_ULONG *n0, const void *table,
-                               int power, int bits);
-        int bn_pwr5_mont_t4_24(BN_ULONG *tp, const BN_ULONG *np,
-                               const BN_ULONG *n0, const void *table,
-                               int power, int bits);
-        int bn_pwr5_mont_t4_32(BN_ULONG *tp, const BN_ULONG *np,
-                               const BN_ULONG *n0, const void *table,
-                               int power, int bits);
-        static const bn_pwr5_mont_f pwr5_funcs[4] = {
-            bn_pwr5_mont_t4_8, bn_pwr5_mont_t4_16,
-            bn_pwr5_mont_t4_24, bn_pwr5_mont_t4_32
-        };
-        bn_pwr5_mont_f pwr5_worker = pwr5_funcs[top / 16 - 1];
-
-        typedef int (*bn_mul_mont_f) (BN_ULONG *rp, const BN_ULONG *ap,
-                                      const void *bp, const BN_ULONG *np,
-                                      const BN_ULONG *n0);
-        int bn_mul_mont_t4_8(BN_ULONG *rp, const BN_ULONG *ap, const void *bp,
-                             const BN_ULONG *np, const BN_ULONG *n0);
-        int bn_mul_mont_t4_16(BN_ULONG *rp, const BN_ULONG *ap,
-                              const void *bp, const BN_ULONG *np,
-                              const BN_ULONG *n0);
-        int bn_mul_mont_t4_24(BN_ULONG *rp, const BN_ULONG *ap,
-                              const void *bp, const BN_ULONG *np,
-                              const BN_ULONG *n0);
-        int bn_mul_mont_t4_32(BN_ULONG *rp, const BN_ULONG *ap,
-                              const void *bp, const BN_ULONG *np,
-                              const BN_ULONG *n0);
-        static const bn_mul_mont_f mul_funcs[4] = {
-            bn_mul_mont_t4_8, bn_mul_mont_t4_16,
-            bn_mul_mont_t4_24, bn_mul_mont_t4_32
-        };
-        bn_mul_mont_f mul_worker = mul_funcs[top / 16 - 1];
-
-        void bn_mul_mont_vis3(BN_ULONG *rp, const BN_ULONG *ap,
-                              const void *bp, const BN_ULONG *np,
-                              const BN_ULONG *n0, int num);
-        void bn_mul_mont_t4(BN_ULONG *rp, const BN_ULONG *ap,
-                            const void *bp, const BN_ULONG *np,
-                            const BN_ULONG *n0, int num);
-        void bn_mul_mont_gather5_t4(BN_ULONG *rp, const BN_ULONG *ap,
-                                    const void *table, const BN_ULONG *np,
-                                    const BN_ULONG *n0, int num, int power);
-        void bn_flip_n_scatter5_t4(const BN_ULONG *inp, size_t num,
-                                   void *table, size_t power);
-        void bn_gather5_t4(BN_ULONG *out, size_t num,
-                           void *table, size_t power);
-        void bn_flip_t4(BN_ULONG *dst, BN_ULONG *src, size_t num);
-
-        BN_ULONG *np = mont->N.d, *n0 = mont->n0;
-        int stride = 5 * (6 - (top / 16 - 1)); /* multiple of 5, but less
-                                                * than 32 */
-
-        /*
-         * BN_to_montgomery can contaminate words above .top [in
-         * BN_DEBUG[_DEBUG] build]...
-         */
-        for (i = am.top; i < top; i++)
-            am.d[i] = 0;
-        for (i = tmp.top; i < top; i++)
-            tmp.d[i] = 0;
-
-        bn_flip_n_scatter5_t4(tmp.d, top, powerbuf, 0);
-        bn_flip_n_scatter5_t4(am.d, top, powerbuf, 1);
-        if (!(*mul_worker) (tmp.d, am.d, am.d, np, n0) &&
-            !(*mul_worker) (tmp.d, am.d, am.d, np, n0))
-            bn_mul_mont_vis3(tmp.d, am.d, am.d, np, n0, top);
-        bn_flip_n_scatter5_t4(tmp.d, top, powerbuf, 2);
-
-        for (i = 3; i < 32; i++) {
-            /* Calculate a^i = a^(i-1) * a */
-            if (!(*mul_worker) (tmp.d, tmp.d, am.d, np, n0) &&
-                !(*mul_worker) (tmp.d, tmp.d, am.d, np, n0))
-                bn_mul_mont_vis3(tmp.d, tmp.d, am.d, np, n0, top);
-            bn_flip_n_scatter5_t4(tmp.d, top, powerbuf, i);
-        }
-
-        /* switch to 64-bit domain */
-        np = alloca(top * sizeof(BN_ULONG));
-        top /= 2;
-        bn_flip_t4(np, mont->N.d, top);
-
-        bits--;
-        for (wvalue = 0, i = bits % 5; i >= 0; i--, bits--)
-            wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
-        bn_gather5_t4(tmp.d, top, powerbuf, wvalue);
-
-        /*
-         * Scan the exponent one window at a time starting from the most
-         * significant bits.
-         */
-        while (bits >= 0) {
-            if (bits < stride)
-                stride = bits + 1;
-            bits -= stride;
-            wvalue = bn_get_bits(p, bits + 1);
-
-            if ((*pwr5_worker) (tmp.d, np, n0, powerbuf, wvalue, stride))
-                continue;
-            /* retry once and fall back */
-            if ((*pwr5_worker) (tmp.d, np, n0, powerbuf, wvalue, stride))
-                continue;
-
-            bits += stride - 5;
-            wvalue >>= stride - 5;
-            wvalue &= 31;
-            bn_mul_mont_t4(tmp.d, tmp.d, tmp.d, np, n0, top);
-            bn_mul_mont_t4(tmp.d, tmp.d, tmp.d, np, n0, top);
-            bn_mul_mont_t4(tmp.d, tmp.d, tmp.d, np, n0, top);
-            bn_mul_mont_t4(tmp.d, tmp.d, tmp.d, np, n0, top);
-            bn_mul_mont_t4(tmp.d, tmp.d, tmp.d, np, n0, top);
-            bn_mul_mont_gather5_t4(tmp.d, tmp.d, powerbuf, np, n0, top,
-                                   wvalue);
-        }
-
-        bn_flip_t4(tmp.d, tmp.d, top);
-        top *= 2;
-        /* back to 32-bit domain */
-        tmp.top = top;
-        bn_correct_top(&tmp);
-        OPENSSL_cleanse(np, top * sizeof(BN_ULONG));
-    } else
-#endif
-#if defined(OPENSSL_BN_ASM_MONT5)
-    if (window == 5 && top > 1) {
-        /*
-         * This optimization uses ideas from http://eprint.iacr.org/2011/239,
-         * specifically optimization of cache-timing attack countermeasures
-         * and pre-computation optimization.
-         */
-
-        /*
-         * Dedicated window==4 case improves 512-bit RSA sign by ~15%, but as
-         * 512-bit RSA is hardly relevant, we omit it to spare size...
-         */
-        void bn_mul_mont_gather5(BN_ULONG *rp, const BN_ULONG *ap,
-                                 const void *table, const BN_ULONG *np,
-                                 const BN_ULONG *n0, int num, int power);
-        void bn_scatter5(const BN_ULONG *inp, size_t num,
-                         void *table, size_t power);
-        void bn_gather5(BN_ULONG *out, size_t num, void *table, size_t power);
-        void bn_power5(BN_ULONG *rp, const BN_ULONG *ap,
-                       const void *table, const BN_ULONG *np,
-                       const BN_ULONG *n0, int num, int power);
-        int bn_get_bits5(const BN_ULONG *ap, int off);
-        int bn_from_montgomery(BN_ULONG *rp, const BN_ULONG *ap,
-                               const BN_ULONG *not_used, const BN_ULONG *np,
-                               const BN_ULONG *n0, int num);
-
-        BN_ULONG *n0 = mont->n0, *np;
-
-        /*
-         * BN_to_montgomery can contaminate words above .top [in
-         * BN_DEBUG[_DEBUG] build]...
-         */
-        for (i = am.top; i < top; i++)
-            am.d[i] = 0;
-        for (i = tmp.top; i < top; i++)
-            tmp.d[i] = 0;
-
-        /*
-         * copy mont->N.d[] to improve cache locality
-         */
-        for (np = am.d + top, i = 0; i < top; i++)
-            np[i] = mont->N.d[i];
-
-        bn_scatter5(tmp.d, top, powerbuf, 0);
-        bn_scatter5(am.d, am.top, powerbuf, 1);
-        bn_mul_mont(tmp.d, am.d, am.d, np, n0, top);
-        bn_scatter5(tmp.d, top, powerbuf, 2);
-
-# if 0
-        for (i = 3; i < 32; i++) {
-            /* Calculate a^i = a^(i-1) * a */
-            bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, n0, top, i - 1);
-            bn_scatter5(tmp.d, top, powerbuf, i);
-        }
-# else
-        /* same as above, but uses squaring for 1/2 of operations */
-        for (i = 4; i < 32; i *= 2) {
-            bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
-            bn_scatter5(tmp.d, top, powerbuf, i);
-        }
-        for (i = 3; i < 8; i += 2) {
-            int j;
-            bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, n0, top, i - 1);
-            bn_scatter5(tmp.d, top, powerbuf, i);
-            for (j = 2 * i; j < 32; j *= 2) {
-                bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
-                bn_scatter5(tmp.d, top, powerbuf, j);
-            }
-        }
-        for (; i < 16; i += 2) {
-            bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, n0, top, i - 1);
-            bn_scatter5(tmp.d, top, powerbuf, i);
-            bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
-            bn_scatter5(tmp.d, top, powerbuf, 2 * i);
-        }
-        for (; i < 32; i += 2) {
-            bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np, n0, top, i - 1);
-            bn_scatter5(tmp.d, top, powerbuf, i);
-        }
-# endif
-        bits--;
-        for (wvalue = 0, i = bits % 5; i >= 0; i--, bits--)
-            wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
-        bn_gather5(tmp.d, top, powerbuf, wvalue);
-
-        /*
-         * Scan the exponent one window at a time starting from the most
-         * significant bits.
-         */
-        if (top & 7)
-            while (bits >= 0) {
-                for (wvalue = 0, i = 0; i < 5; i++, bits--)
-                    wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
-
-                bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
-                bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
-                bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
-                bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
-                bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
-                bn_mul_mont_gather5(tmp.d, tmp.d, powerbuf, np, n0, top,
-                                    wvalue);
-        } else {
-            while (bits >= 0) {
-                wvalue = bn_get_bits5(p->d, bits - 4);
-                bits -= 5;
-                bn_power5(tmp.d, tmp.d, powerbuf, np, n0, top, wvalue);
-            }
-        }
-
-        ret = bn_from_montgomery(tmp.d, tmp.d, NULL, np, n0, top);
-        tmp.top = top;
-        bn_correct_top(&tmp);
-        if (ret) {
-            if (!BN_copy(rr, &tmp))
-                ret = 0;
-            goto err;           /* non-zero ret means it's not error */
-        }
-    } else
-#endif
-    {
-        if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf, 0, window))
-            goto err;
-        if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&am, top, powerbuf, 1, window))
-            goto err;
-
-        /*
-         * If the window size is greater than 1, then calculate
-         * val[i=2..2^winsize-1]. Powers are computed as a*a^(i-1) (even
-         * powers could instead be computed as (a^(i/2))^2 to use the slight
-         * performance advantage of sqr over mul).
-         */
-        if (window > 1) {
-            if (!BN_mod_mul_montgomery(&tmp, &am, &am, mont, ctx))
-                goto err;
-            if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf, 2,
-                                              window))
-                goto err;
-            for (i = 3; i < numPowers; i++) {
-                /* Calculate a^i = a^(i-1) * a */
-                if (!BN_mod_mul_montgomery(&tmp, &am, &tmp, mont, ctx))
-                    goto err;
-                if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf, i,
-                                                  window))
-                    goto err;
-            }
-        }
-
-        bits--;
-        for (wvalue = 0, i = bits % window; i >= 0; i--, bits--)
-            wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
-        if (!MOD_EXP_CTIME_COPY_FROM_PREBUF(&tmp, top, powerbuf, wvalue,
-                                            window))
-            goto err;
-
-        /*
-         * Scan the exponent one window at a time starting from the most
-         * significant bits.
-         */
-        while (bits >= 0) {
-            wvalue = 0;         /* The 'value' of the window */
-
-            /* Scan the window, squaring the result as we go */
-            for (i = 0; i < window; i++, bits--) {
-                if (!BN_mod_mul_montgomery(&tmp, &tmp, &tmp, mont, ctx))
-                    goto err;
-                wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
-            }
-
-            /*
-             * Fetch the appropriate pre-computed value from the pre-buf
-             */
-            if (!MOD_EXP_CTIME_COPY_FROM_PREBUF(&am, top, powerbuf, wvalue,
-                                                window))
-                goto err;
-
-            /* Multiply the result into the intermediate result */
-            if (!BN_mod_mul_montgomery(&tmp, &tmp, &am, mont, ctx))
-                goto err;
-        }
-    }
-
-    /* Convert the final result from montgomery to standard format */
-#if defined(SPARC_T4_MONT)
-    if (OPENSSL_sparcv9cap_P[0] & (SPARCV9_VIS3 | SPARCV9_PREFER_FPU)) {
-        am.d[0] = 1;            /* borrow am */
-        for (i = 1; i < top; i++)
-            am.d[i] = 0;
-        if (!BN_mod_mul_montgomery(rr, &tmp, &am, mont, ctx))
-            goto err;
-    } else
-#endif
-    if (!BN_from_montgomery(rr, &tmp, mont, ctx))
-        goto err;
-    ret = 1;
- err:
-    if ((in_mont == NULL) && (mont != NULL))
-        BN_MONT_CTX_free(mont);
-    if (powerbuf != NULL) {
-        OPENSSL_cleanse(powerbuf, powerbufLen);
-        if (powerbufFree)
-            OPENSSL_free(powerbufFree);
-    }
-    BN_CTX_end(ctx);
-    return (ret);
-}
-
-int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
-                         const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
-{
-    BN_MONT_CTX *mont = NULL;
-    int b, bits, ret = 0;
-    int r_is_one;
-    BN_ULONG w, next_w;
-    BIGNUM *d, *r, *t;
-    BIGNUM *swap_tmp;
-#define BN_MOD_MUL_WORD(r, w, m) \
-                (BN_mul_word(r, (w)) && \
-                (/* BN_ucmp(r, (m)) < 0 ? 1 :*/  \
-                        (BN_mod(t, r, m, ctx) && (swap_tmp = r, r = t, t = swap_tmp, 1))))
-    /*
-     * BN_MOD_MUL_WORD is only used with 'w' large, so the BN_ucmp test is
-     * probably more overhead than always using BN_mod (which uses BN_copy if
-     * a similar test returns true).
-     */
-    /*
-     * We can use BN_mod and do not need BN_nnmod because our accumulator is
-     * never negative (the result of BN_mod does not depend on the sign of
-     * the modulus).
-     */
-#define BN_TO_MONTGOMERY_WORD(r, w, mont) \
-                (BN_set_word(r, (w)) && BN_to_montgomery(r, r, (mont), ctx))
-
-    if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
-        /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
-        BNerr(BN_F_BN_MOD_EXP_MONT_WORD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return -1;
-    }
-
-    bn_check_top(p);
-    bn_check_top(m);
-
-    if (!BN_is_odd(m)) {
-        BNerr(BN_F_BN_MOD_EXP_MONT_WORD, BN_R_CALLED_WITH_EVEN_MODULUS);
-        return (0);
-    }
-    if (m->top == 1)
-        a %= m->d[0];           /* make sure that 'a' is reduced */
-
-    bits = BN_num_bits(p);
-    if (bits == 0) {
-        /* x**0 mod 1 is still zero. */
-        if (BN_is_one(m)) {
-            ret = 1;
-            BN_zero(rr);
-        } else {
-            ret = BN_one(rr);
-        }
-        return ret;
-    }
-    if (a == 0) {
-        BN_zero(rr);
-        ret = 1;
-        return ret;
-    }
-
-    BN_CTX_start(ctx);
-    d = BN_CTX_get(ctx);
-    r = BN_CTX_get(ctx);
-    t = BN_CTX_get(ctx);
-    if (d == NULL || r == NULL || t == NULL)
-        goto err;
-
-    if (in_mont != NULL)
-        mont = in_mont;
-    else {
-        if ((mont = BN_MONT_CTX_new()) == NULL)
-            goto err;
-        if (!BN_MONT_CTX_set(mont, m, ctx))
-            goto err;
-    }
-
-    r_is_one = 1;               /* except for Montgomery factor */
-
-    /* bits-1 >= 0 */
-
-    /* The result is accumulated in the product r*w. */
-    w = a;                      /* bit 'bits-1' of 'p' is always set */
-    for (b = bits - 2; b >= 0; b--) {
-        /* First, square r*w. */
-        next_w = w * w;
-        if ((next_w / w) != w) { /* overflow */
-            if (r_is_one) {
-                if (!BN_TO_MONTGOMERY_WORD(r, w, mont))
-                    goto err;
-                r_is_one = 0;
-            } else {
-                if (!BN_MOD_MUL_WORD(r, w, m))
-                    goto err;
-            }
-            next_w = 1;
-        }
-        w = next_w;
-        if (!r_is_one) {
-            if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
-                goto err;
-        }
-
-        /* Second, multiply r*w by 'a' if exponent bit is set. */
-        if (BN_is_bit_set(p, b)) {
-            next_w = w * a;
-            if ((next_w / a) != w) { /* overflow */
-                if (r_is_one) {
-                    if (!BN_TO_MONTGOMERY_WORD(r, w, mont))
-                        goto err;
-                    r_is_one = 0;
-                } else {
-                    if (!BN_MOD_MUL_WORD(r, w, m))
-                        goto err;
-                }
-                next_w = a;
-            }
-            w = next_w;
-        }
-    }
-
-    /* Finally, set r:=r*w. */
-    if (w != 1) {
-        if (r_is_one) {
-            if (!BN_TO_MONTGOMERY_WORD(r, w, mont))
-                goto err;
-            r_is_one = 0;
-        } else {
-            if (!BN_MOD_MUL_WORD(r, w, m))
-                goto err;
-        }
-    }
-
-    if (r_is_one) {             /* can happen only if a == 1 */
-        if (!BN_one(rr))
-            goto err;
-    } else {
-        if (!BN_from_montgomery(rr, r, mont, ctx))
-            goto err;
-    }
-    ret = 1;
- err:
-    if ((in_mont == NULL) && (mont != NULL))
-        BN_MONT_CTX_free(mont);
-    BN_CTX_end(ctx);
-    bn_check_top(rr);
-    return (ret);
-}
-
-/* The old fallback, simple version :-) */
-int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                      const BIGNUM *m, BN_CTX *ctx)
-{
-    int i, j, bits, ret = 0, wstart, wend, window, wvalue;
-    int start = 1;
-    BIGNUM *d;
-    /* Table of variables obtained from 'ctx' */
-    BIGNUM *val[TABLE_SIZE];
-
-    if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
-        /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
-        BNerr(BN_F_BN_MOD_EXP_SIMPLE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return -1;
-    }
-
-    bits = BN_num_bits(p);
-   if (bits == 0) {
-        /* x**0 mod 1 is still zero. */
-        if (BN_is_one(m)) {
-            ret = 1;
-            BN_zero(r);
-        } else {
-            ret = BN_one(r);
-        }
-        return ret;
-    }
-
-    BN_CTX_start(ctx);
-    d = BN_CTX_get(ctx);
-    val[0] = BN_CTX_get(ctx);
-    if (!d || !val[0])
-        goto err;
-
-    if (!BN_nnmod(val[0], a, m, ctx))
-        goto err;               /* 1 */
-    if (BN_is_zero(val[0])) {
-        BN_zero(r);
-        ret = 1;
-        goto err;
-    }
-
-    window = BN_window_bits_for_exponent_size(bits);
-    if (window > 1) {
-        if (!BN_mod_mul(d, val[0], val[0], m, ctx))
-            goto err;           /* 2 */
-        j = 1 << (window - 1);
-        for (i = 1; i < j; i++) {
-            if (((val[i] = BN_CTX_get(ctx)) == NULL) ||
-                !BN_mod_mul(val[i], val[i - 1], d, m, ctx))
-                goto err;
-        }
-    }
-
-    start = 1;                  /* This is used to avoid multiplication etc
-                                 * when there is only the value '1' in the
-                                 * buffer. */
-    wvalue = 0;                 /* The 'value' of the window */
-    wstart = bits - 1;          /* The top bit of the window */
-    wend = 0;                   /* The bottom bit of the window */
-
-    if (!BN_one(r))
-        goto err;
-
-    for (;;) {
-        if (BN_is_bit_set(p, wstart) == 0) {
-            if (!start)
-                if (!BN_mod_mul(r, r, r, m, ctx))
-                    goto err;
-            if (wstart == 0)
-                break;
-            wstart--;
-            continue;
-        }
-        /*
-         * We now have wstart on a 'set' bit, we now need to work out how bit
-         * a window to do.  To do this we need to scan forward until the last
-         * set bit before the end of the window
-         */
-        j = wstart;
-        wvalue = 1;
-        wend = 0;
-        for (i = 1; i < window; i++) {
-            if (wstart - i < 0)
-                break;
-            if (BN_is_bit_set(p, wstart - i)) {
-                wvalue <<= (i - wend);
-                wvalue |= 1;
-                wend = i;
-            }
-        }
-
-        /* wend is the size of the current window */
-        j = wend + 1;
-        /* add the 'bytes above' */
-        if (!start)
-            for (i = 0; i < j; i++) {
-                if (!BN_mod_mul(r, r, r, m, ctx))
-                    goto err;
-            }
-
-        /* wvalue will be an odd number < 2^window */
-        if (!BN_mod_mul(r, r, val[wvalue >> 1], m, ctx))
-            goto err;
-
-        /* move the 'window' down further */
-        wstart -= wend + 1;
-        wvalue = 0;
-        start = 0;
-        if (wstart < 0)
-            break;
-    }
-    ret = 1;
- err:
-    BN_CTX_end(ctx);
-    bn_check_top(r);
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/bn/bn_exp2.c b/thirdparty/openssl/crypto/bn/bn_exp2.c
deleted file mode 100644
index 43fd2044c0..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_exp2.c
+++ /dev/null
@@ -1,303 +0,0 @@
-/* crypto/bn/bn_exp2.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#define TABLE_SIZE      32
-
-int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1,
-                     const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m,
-                     BN_CTX *ctx, BN_MONT_CTX *in_mont)
-{
-    int i, j, bits, b, bits1, bits2, ret =
-        0, wpos1, wpos2, window1, window2, wvalue1, wvalue2;
-    int r_is_one = 1;
-    BIGNUM *d, *r;
-    const BIGNUM *a_mod_m;
-    /* Tables of variables obtained from 'ctx' */
-    BIGNUM *val1[TABLE_SIZE], *val2[TABLE_SIZE];
-    BN_MONT_CTX *mont = NULL;
-
-    bn_check_top(a1);
-    bn_check_top(p1);
-    bn_check_top(a2);
-    bn_check_top(p2);
-    bn_check_top(m);
-
-    if (!(m->d[0] & 1)) {
-        BNerr(BN_F_BN_MOD_EXP2_MONT, BN_R_CALLED_WITH_EVEN_MODULUS);
-        return (0);
-    }
-    bits1 = BN_num_bits(p1);
-    bits2 = BN_num_bits(p2);
-    if ((bits1 == 0) && (bits2 == 0)) {
-        ret = BN_one(rr);
-        return ret;
-    }
-
-    bits = (bits1 > bits2) ? bits1 : bits2;
-
-    BN_CTX_start(ctx);
-    d = BN_CTX_get(ctx);
-    r = BN_CTX_get(ctx);
-    val1[0] = BN_CTX_get(ctx);
-    val2[0] = BN_CTX_get(ctx);
-    if (!d || !r || !val1[0] || !val2[0])
-        goto err;
-
-    if (in_mont != NULL)
-        mont = in_mont;
-    else {
-        if ((mont = BN_MONT_CTX_new()) == NULL)
-            goto err;
-        if (!BN_MONT_CTX_set(mont, m, ctx))
-            goto err;
-    }
-
-    window1 = BN_window_bits_for_exponent_size(bits1);
-    window2 = BN_window_bits_for_exponent_size(bits2);
-
-    /*
-     * Build table for a1:   val1[i] := a1^(2*i + 1) mod m  for i = 0 .. 2^(window1-1)
-     */
-    if (a1->neg || BN_ucmp(a1, m) >= 0) {
-        if (!BN_mod(val1[0], a1, m, ctx))
-            goto err;
-        a_mod_m = val1[0];
-    } else
-        a_mod_m = a1;
-    if (BN_is_zero(a_mod_m)) {
-        BN_zero(rr);
-        ret = 1;
-        goto err;
-    }
-
-    if (!BN_to_montgomery(val1[0], a_mod_m, mont, ctx))
-        goto err;
-    if (window1 > 1) {
-        if (!BN_mod_mul_montgomery(d, val1[0], val1[0], mont, ctx))
-            goto err;
-
-        j = 1 << (window1 - 1);
-        for (i = 1; i < j; i++) {
-            if (((val1[i] = BN_CTX_get(ctx)) == NULL) ||
-                !BN_mod_mul_montgomery(val1[i], val1[i - 1], d, mont, ctx))
-                goto err;
-        }
-    }
-
-    /*
-     * Build table for a2:   val2[i] := a2^(2*i + 1) mod m  for i = 0 .. 2^(window2-1)
-     */
-    if (a2->neg || BN_ucmp(a2, m) >= 0) {
-        if (!BN_mod(val2[0], a2, m, ctx))
-            goto err;
-        a_mod_m = val2[0];
-    } else
-        a_mod_m = a2;
-    if (BN_is_zero(a_mod_m)) {
-        BN_zero(rr);
-        ret = 1;
-        goto err;
-    }
-    if (!BN_to_montgomery(val2[0], a_mod_m, mont, ctx))
-        goto err;
-    if (window2 > 1) {
-        if (!BN_mod_mul_montgomery(d, val2[0], val2[0], mont, ctx))
-            goto err;
-
-        j = 1 << (window2 - 1);
-        for (i = 1; i < j; i++) {
-            if (((val2[i] = BN_CTX_get(ctx)) == NULL) ||
-                !BN_mod_mul_montgomery(val2[i], val2[i - 1], d, mont, ctx))
-                goto err;
-        }
-    }
-
-    /* Now compute the power product, using independent windows. */
-    r_is_one = 1;
-    wvalue1 = 0;                /* The 'value' of the first window */
-    wvalue2 = 0;                /* The 'value' of the second window */
-    wpos1 = 0;                  /* If wvalue1 > 0, the bottom bit of the
-                                 * first window */
-    wpos2 = 0;                  /* If wvalue2 > 0, the bottom bit of the
-                                 * second window */
-
-    if (!BN_to_montgomery(r, BN_value_one(), mont, ctx))
-        goto err;
-    for (b = bits - 1; b >= 0; b--) {
-        if (!r_is_one) {
-            if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
-                goto err;
-        }
-
-        if (!wvalue1)
-            if (BN_is_bit_set(p1, b)) {
-                /*
-                 * consider bits b-window1+1 .. b for this window
-                 */
-                i = b - window1 + 1;
-                while (!BN_is_bit_set(p1, i)) /* works for i<0 */
-                    i++;
-                wpos1 = i;
-                wvalue1 = 1;
-                for (i = b - 1; i >= wpos1; i--) {
-                    wvalue1 <<= 1;
-                    if (BN_is_bit_set(p1, i))
-                        wvalue1++;
-                }
-            }
-
-        if (!wvalue2)
-            if (BN_is_bit_set(p2, b)) {
-                /*
-                 * consider bits b-window2+1 .. b for this window
-                 */
-                i = b - window2 + 1;
-                while (!BN_is_bit_set(p2, i))
-                    i++;
-                wpos2 = i;
-                wvalue2 = 1;
-                for (i = b - 1; i >= wpos2; i--) {
-                    wvalue2 <<= 1;
-                    if (BN_is_bit_set(p2, i))
-                        wvalue2++;
-                }
-            }
-
-        if (wvalue1 && b == wpos1) {
-            /* wvalue1 is odd and < 2^window1 */
-            if (!BN_mod_mul_montgomery(r, r, val1[wvalue1 >> 1], mont, ctx))
-                goto err;
-            wvalue1 = 0;
-            r_is_one = 0;
-        }
-
-        if (wvalue2 && b == wpos2) {
-            /* wvalue2 is odd and < 2^window2 */
-            if (!BN_mod_mul_montgomery(r, r, val2[wvalue2 >> 1], mont, ctx))
-                goto err;
-            wvalue2 = 0;
-            r_is_one = 0;
-        }
-    }
-    if (!BN_from_montgomery(rr, r, mont, ctx))
-        goto err;
-    ret = 1;
- err:
-    if ((in_mont == NULL) && (mont != NULL))
-        BN_MONT_CTX_free(mont);
-    BN_CTX_end(ctx);
-    bn_check_top(rr);
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/bn/bn_gcd.c b/thirdparty/openssl/crypto/bn/bn_gcd.c
deleted file mode 100644
index ce59fe701f..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_gcd.c
+++ /dev/null
@@ -1,702 +0,0 @@
-/* crypto/bn/bn_gcd.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-static BIGNUM *euclid(BIGNUM *a, BIGNUM *b);
-
-int BN_gcd(BIGNUM *r, const BIGNUM *in_a, const BIGNUM *in_b, BN_CTX *ctx)
-{
-    BIGNUM *a, *b, *t;
-    int ret = 0;
-
-    bn_check_top(in_a);
-    bn_check_top(in_b);
-
-    BN_CTX_start(ctx);
-    a = BN_CTX_get(ctx);
-    b = BN_CTX_get(ctx);
-    if (a == NULL || b == NULL)
-        goto err;
-
-    if (BN_copy(a, in_a) == NULL)
-        goto err;
-    if (BN_copy(b, in_b) == NULL)
-        goto err;
-    a->neg = 0;
-    b->neg = 0;
-
-    if (BN_cmp(a, b) < 0) {
-        t = a;
-        a = b;
-        b = t;
-    }
-    t = euclid(a, b);
-    if (t == NULL)
-        goto err;
-
-    if (BN_copy(r, t) == NULL)
-        goto err;
-    ret = 1;
- err:
-    BN_CTX_end(ctx);
-    bn_check_top(r);
-    return (ret);
-}
-
-static BIGNUM *euclid(BIGNUM *a, BIGNUM *b)
-{
-    BIGNUM *t;
-    int shifts = 0;
-
-    bn_check_top(a);
-    bn_check_top(b);
-
-    /* 0 <= b <= a */
-    while (!BN_is_zero(b)) {
-        /* 0 < b <= a */
-
-        if (BN_is_odd(a)) {
-            if (BN_is_odd(b)) {
-                if (!BN_sub(a, a, b))
-                    goto err;
-                if (!BN_rshift1(a, a))
-                    goto err;
-                if (BN_cmp(a, b) < 0) {
-                    t = a;
-                    a = b;
-                    b = t;
-                }
-            } else {            /* a odd - b even */
-
-                if (!BN_rshift1(b, b))
-                    goto err;
-                if (BN_cmp(a, b) < 0) {
-                    t = a;
-                    a = b;
-                    b = t;
-                }
-            }
-        } else {                /* a is even */
-
-            if (BN_is_odd(b)) {
-                if (!BN_rshift1(a, a))
-                    goto err;
-                if (BN_cmp(a, b) < 0) {
-                    t = a;
-                    a = b;
-                    b = t;
-                }
-            } else {            /* a even - b even */
-
-                if (!BN_rshift1(a, a))
-                    goto err;
-                if (!BN_rshift1(b, b))
-                    goto err;
-                shifts++;
-            }
-        }
-        /* 0 <= b <= a */
-    }
-
-    if (shifts) {
-        if (!BN_lshift(a, a, shifts))
-            goto err;
-    }
-    bn_check_top(a);
-    return (a);
- err:
-    return (NULL);
-}
-
-/* solves ax == 1 (mod n) */
-static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
-                                        const BIGNUM *a, const BIGNUM *n,
-                                        BN_CTX *ctx);
-
-BIGNUM *BN_mod_inverse(BIGNUM *in,
-                       const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
-{
-    BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL;
-    BIGNUM *ret = NULL;
-    int sign;
-
-    if ((BN_get_flags(a, BN_FLG_CONSTTIME) != 0)
-        || (BN_get_flags(n, BN_FLG_CONSTTIME) != 0)) {
-        return BN_mod_inverse_no_branch(in, a, n, ctx);
-    }
-
-    bn_check_top(a);
-    bn_check_top(n);
-
-    BN_CTX_start(ctx);
-    A = BN_CTX_get(ctx);
-    B = BN_CTX_get(ctx);
-    X = BN_CTX_get(ctx);
-    D = BN_CTX_get(ctx);
-    M = BN_CTX_get(ctx);
-    Y = BN_CTX_get(ctx);
-    T = BN_CTX_get(ctx);
-    if (T == NULL)
-        goto err;
-
-    if (in == NULL)
-        R = BN_new();
-    else
-        R = in;
-    if (R == NULL)
-        goto err;
-
-    BN_one(X);
-    BN_zero(Y);
-    if (BN_copy(B, a) == NULL)
-        goto err;
-    if (BN_copy(A, n) == NULL)
-        goto err;
-    A->neg = 0;
-    if (B->neg || (BN_ucmp(B, A) >= 0)) {
-        if (!BN_nnmod(B, B, A, ctx))
-            goto err;
-    }
-    sign = -1;
-    /*-
-     * From  B = a mod |n|,  A = |n|  it follows that
-     *
-     *      0 <= B < A,
-     *     -sign*X*a  ==  B   (mod |n|),
-     *      sign*Y*a  ==  A   (mod |n|).
-     */
-
-    if (BN_is_odd(n) && (BN_num_bits(n) <= (BN_BITS <= 32 ? 450 : 2048))) {
-        /*
-         * Binary inversion algorithm; requires odd modulus. This is faster
-         * than the general algorithm if the modulus is sufficiently small
-         * (about 400 .. 500 bits on 32-bit sytems, but much more on 64-bit
-         * systems)
-         */
-        int shift;
-
-        while (!BN_is_zero(B)) {
-            /*-
-             *      0 < B < |n|,
-             *      0 < A <= |n|,
-             * (1) -sign*X*a  ==  B   (mod |n|),
-             * (2)  sign*Y*a  ==  A   (mod |n|)
-             */
-
-            /*
-             * Now divide B by the maximum possible power of two in the
-             * integers, and divide X by the same value mod |n|. When we're
-             * done, (1) still holds.
-             */
-            shift = 0;
-            while (!BN_is_bit_set(B, shift)) { /* note that 0 < B */
-                shift++;
-
-                if (BN_is_odd(X)) {
-                    if (!BN_uadd(X, X, n))
-                        goto err;
-                }
-                /*
-                 * now X is even, so we can easily divide it by two
-                 */
-                if (!BN_rshift1(X, X))
-                    goto err;
-            }
-            if (shift > 0) {
-                if (!BN_rshift(B, B, shift))
-                    goto err;
-            }
-
-            /*
-             * Same for A and Y.  Afterwards, (2) still holds.
-             */
-            shift = 0;
-            while (!BN_is_bit_set(A, shift)) { /* note that 0 < A */
-                shift++;
-
-                if (BN_is_odd(Y)) {
-                    if (!BN_uadd(Y, Y, n))
-                        goto err;
-                }
-                /* now Y is even */
-                if (!BN_rshift1(Y, Y))
-                    goto err;
-            }
-            if (shift > 0) {
-                if (!BN_rshift(A, A, shift))
-                    goto err;
-            }
-
-            /*-
-             * We still have (1) and (2).
-             * Both  A  and  B  are odd.
-             * The following computations ensure that
-             *
-             *     0 <= B < |n|,
-             *      0 < A < |n|,
-             * (1) -sign*X*a  ==  B   (mod |n|),
-             * (2)  sign*Y*a  ==  A   (mod |n|),
-             *
-             * and that either  A  or  B  is even in the next iteration.
-             */
-            if (BN_ucmp(B, A) >= 0) {
-                /* -sign*(X + Y)*a == B - A  (mod |n|) */
-                if (!BN_uadd(X, X, Y))
-                    goto err;
-                /*
-                 * NB: we could use BN_mod_add_quick(X, X, Y, n), but that
-                 * actually makes the algorithm slower
-                 */
-                if (!BN_usub(B, B, A))
-                    goto err;
-            } else {
-                /*  sign*(X + Y)*a == A - B  (mod |n|) */
-                if (!BN_uadd(Y, Y, X))
-                    goto err;
-                /*
-                 * as above, BN_mod_add_quick(Y, Y, X, n) would slow things
-                 * down
-                 */
-                if (!BN_usub(A, A, B))
-                    goto err;
-            }
-        }
-    } else {
-        /* general inversion algorithm */
-
-        while (!BN_is_zero(B)) {
-            BIGNUM *tmp;
-
-            /*-
-             *      0 < B < A,
-             * (*) -sign*X*a  ==  B   (mod |n|),
-             *      sign*Y*a  ==  A   (mod |n|)
-             */
-
-            /* (D, M) := (A/B, A%B) ... */
-            if (BN_num_bits(A) == BN_num_bits(B)) {
-                if (!BN_one(D))
-                    goto err;
-                if (!BN_sub(M, A, B))
-                    goto err;
-            } else if (BN_num_bits(A) == BN_num_bits(B) + 1) {
-                /* A/B is 1, 2, or 3 */
-                if (!BN_lshift1(T, B))
-                    goto err;
-                if (BN_ucmp(A, T) < 0) {
-                    /* A < 2*B, so D=1 */
-                    if (!BN_one(D))
-                        goto err;
-                    if (!BN_sub(M, A, B))
-                        goto err;
-                } else {
-                    /* A >= 2*B, so D=2 or D=3 */
-                    if (!BN_sub(M, A, T))
-                        goto err;
-                    if (!BN_add(D, T, B))
-                        goto err; /* use D (:= 3*B) as temp */
-                    if (BN_ucmp(A, D) < 0) {
-                        /* A < 3*B, so D=2 */
-                        if (!BN_set_word(D, 2))
-                            goto err;
-                        /*
-                         * M (= A - 2*B) already has the correct value
-                         */
-                    } else {
-                        /* only D=3 remains */
-                        if (!BN_set_word(D, 3))
-                            goto err;
-                        /*
-                         * currently M = A - 2*B, but we need M = A - 3*B
-                         */
-                        if (!BN_sub(M, M, B))
-                            goto err;
-                    }
-                }
-            } else {
-                if (!BN_div(D, M, A, B, ctx))
-                    goto err;
-            }
-
-            /*-
-             * Now
-             *      A = D*B + M;
-             * thus we have
-             * (**)  sign*Y*a  ==  D*B + M   (mod |n|).
-             */
-
-            tmp = A;            /* keep the BIGNUM object, the value does not
-                                 * matter */
-
-            /* (A, B) := (B, A mod B) ... */
-            A = B;
-            B = M;
-            /* ... so we have  0 <= B < A  again */
-
-            /*-
-             * Since the former  M  is now  B  and the former  B  is now  A,
-             * (**) translates into
-             *       sign*Y*a  ==  D*A + B    (mod |n|),
-             * i.e.
-             *       sign*Y*a - D*A  ==  B    (mod |n|).
-             * Similarly, (*) translates into
-             *      -sign*X*a  ==  A          (mod |n|).
-             *
-             * Thus,
-             *   sign*Y*a + D*sign*X*a  ==  B  (mod |n|),
-             * i.e.
-             *        sign*(Y + D*X)*a  ==  B  (mod |n|).
-             *
-             * So if we set  (X, Y, sign) := (Y + D*X, X, -sign),  we arrive back at
-             *      -sign*X*a  ==  B   (mod |n|),
-             *       sign*Y*a  ==  A   (mod |n|).
-             * Note that  X  and  Y  stay non-negative all the time.
-             */
-
-            /*
-             * most of the time D is very small, so we can optimize tmp :=
-             * D*X+Y
-             */
-            if (BN_is_one(D)) {
-                if (!BN_add(tmp, X, Y))
-                    goto err;
-            } else {
-                if (BN_is_word(D, 2)) {
-                    if (!BN_lshift1(tmp, X))
-                        goto err;
-                } else if (BN_is_word(D, 4)) {
-                    if (!BN_lshift(tmp, X, 2))
-                        goto err;
-                } else if (D->top == 1) {
-                    if (!BN_copy(tmp, X))
-                        goto err;
-                    if (!BN_mul_word(tmp, D->d[0]))
-                        goto err;
-                } else {
-                    if (!BN_mul(tmp, D, X, ctx))
-                        goto err;
-                }
-                if (!BN_add(tmp, tmp, Y))
-                    goto err;
-            }
-
-            M = Y;              /* keep the BIGNUM object, the value does not
-                                 * matter */
-            Y = X;
-            X = tmp;
-            sign = -sign;
-        }
-    }
-
-    /*-
-     * The while loop (Euclid's algorithm) ends when
-     *      A == gcd(a,n);
-     * we have
-     *       sign*Y*a  ==  A  (mod |n|),
-     * where  Y  is non-negative.
-     */
-
-    if (sign < 0) {
-        if (!BN_sub(Y, n, Y))
-            goto err;
-    }
-    /* Now  Y*a  ==  A  (mod |n|).  */
-
-    if (BN_is_one(A)) {
-        /* Y*a == 1  (mod |n|) */
-        if (!Y->neg && BN_ucmp(Y, n) < 0) {
-            if (!BN_copy(R, Y))
-                goto err;
-        } else {
-            if (!BN_nnmod(R, Y, n, ctx))
-                goto err;
-        }
-    } else {
-        BNerr(BN_F_BN_MOD_INVERSE, BN_R_NO_INVERSE);
-        goto err;
-    }
-    ret = R;
- err:
-    if ((ret == NULL) && (in == NULL))
-        BN_free(R);
-    BN_CTX_end(ctx);
-    bn_check_top(ret);
-    return (ret);
-}
-
-/*
- * BN_mod_inverse_no_branch is a special version of BN_mod_inverse. It does
- * not contain branches that may leak sensitive information.
- */
-static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
-                                        const BIGNUM *a, const BIGNUM *n,
-                                        BN_CTX *ctx)
-{
-    BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL;
-    BIGNUM local_A, local_B;
-    BIGNUM *pA, *pB;
-    BIGNUM *ret = NULL;
-    int sign;
-
-    bn_check_top(a);
-    bn_check_top(n);
-
-    BN_CTX_start(ctx);
-    A = BN_CTX_get(ctx);
-    B = BN_CTX_get(ctx);
-    X = BN_CTX_get(ctx);
-    D = BN_CTX_get(ctx);
-    M = BN_CTX_get(ctx);
-    Y = BN_CTX_get(ctx);
-    T = BN_CTX_get(ctx);
-    if (T == NULL)
-        goto err;
-
-    if (in == NULL)
-        R = BN_new();
-    else
-        R = in;
-    if (R == NULL)
-        goto err;
-
-    BN_one(X);
-    BN_zero(Y);
-    if (BN_copy(B, a) == NULL)
-        goto err;
-    if (BN_copy(A, n) == NULL)
-        goto err;
-    A->neg = 0;
-
-    if (B->neg || (BN_ucmp(B, A) >= 0)) {
-        /*
-         * Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked,
-         * BN_div_no_branch will be called eventually.
-         */
-        pB = &local_B;
-        local_B.flags = 0;
-        BN_with_flags(pB, B, BN_FLG_CONSTTIME);
-        if (!BN_nnmod(B, pB, A, ctx))
-            goto err;
-    }
-    sign = -1;
-    /*-
-     * From  B = a mod |n|,  A = |n|  it follows that
-     *
-     *      0 <= B < A,
-     *     -sign*X*a  ==  B   (mod |n|),
-     *      sign*Y*a  ==  A   (mod |n|).
-     */
-
-    while (!BN_is_zero(B)) {
-        BIGNUM *tmp;
-
-        /*-
-         *      0 < B < A,
-         * (*) -sign*X*a  ==  B   (mod |n|),
-         *      sign*Y*a  ==  A   (mod |n|)
-         */
-
-        /*
-         * Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked,
-         * BN_div_no_branch will be called eventually.
-         */
-        pA = &local_A;
-        local_A.flags = 0;
-        BN_with_flags(pA, A, BN_FLG_CONSTTIME);
-
-        /* (D, M) := (A/B, A%B) ... */
-        if (!BN_div(D, M, pA, B, ctx))
-            goto err;
-
-        /*-
-         * Now
-         *      A = D*B + M;
-         * thus we have
-         * (**)  sign*Y*a  ==  D*B + M   (mod |n|).
-         */
-
-        tmp = A;                /* keep the BIGNUM object, the value does not
-                                 * matter */
-
-        /* (A, B) := (B, A mod B) ... */
-        A = B;
-        B = M;
-        /* ... so we have  0 <= B < A  again */
-
-        /*-
-         * Since the former  M  is now  B  and the former  B  is now  A,
-         * (**) translates into
-         *       sign*Y*a  ==  D*A + B    (mod |n|),
-         * i.e.
-         *       sign*Y*a - D*A  ==  B    (mod |n|).
-         * Similarly, (*) translates into
-         *      -sign*X*a  ==  A          (mod |n|).
-         *
-         * Thus,
-         *   sign*Y*a + D*sign*X*a  ==  B  (mod |n|),
-         * i.e.
-         *        sign*(Y + D*X)*a  ==  B  (mod |n|).
-         *
-         * So if we set  (X, Y, sign) := (Y + D*X, X, -sign),  we arrive back at
-         *      -sign*X*a  ==  B   (mod |n|),
-         *       sign*Y*a  ==  A   (mod |n|).
-         * Note that  X  and  Y  stay non-negative all the time.
-         */
-
-        if (!BN_mul(tmp, D, X, ctx))
-            goto err;
-        if (!BN_add(tmp, tmp, Y))
-            goto err;
-
-        M = Y;                  /* keep the BIGNUM object, the value does not
-                                 * matter */
-        Y = X;
-        X = tmp;
-        sign = -sign;
-    }
-
-    /*-
-     * The while loop (Euclid's algorithm) ends when
-     *      A == gcd(a,n);
-     * we have
-     *       sign*Y*a  ==  A  (mod |n|),
-     * where  Y  is non-negative.
-     */
-
-    if (sign < 0) {
-        if (!BN_sub(Y, n, Y))
-            goto err;
-    }
-    /* Now  Y*a  ==  A  (mod |n|).  */
-
-    if (BN_is_one(A)) {
-        /* Y*a == 1  (mod |n|) */
-        if (!Y->neg && BN_ucmp(Y, n) < 0) {
-            if (!BN_copy(R, Y))
-                goto err;
-        } else {
-            if (!BN_nnmod(R, Y, n, ctx))
-                goto err;
-        }
-    } else {
-        BNerr(BN_F_BN_MOD_INVERSE_NO_BRANCH, BN_R_NO_INVERSE);
-        goto err;
-    }
-    ret = R;
- err:
-    if ((ret == NULL) && (in == NULL))
-        BN_free(R);
-    BN_CTX_end(ctx);
-    bn_check_top(ret);
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/bn/bn_gf2m.c b/thirdparty/openssl/crypto/bn/bn_gf2m.c
deleted file mode 100644
index 2c61da1109..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_gf2m.c
+++ /dev/null
@@ -1,1300 +0,0 @@
-/* crypto/bn/bn_gf2m.c */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
- * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
- * to the OpenSSL project.
- *
- * The ECC Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- *
- * In addition, Sun covenants to all licensees who provide a reciprocal
- * covenant with respect to their own patents if any, not to sue under
- * current and future patent claims necessarily infringed by the making,
- * using, practicing, selling, offering for sale and/or otherwise
- * disposing of the ECC Code as delivered hereunder (or portions thereof),
- * provided that such covenant shall not apply:
- *  1) for code that a licensee deletes from the ECC Code;
- *  2) separates from the ECC Code; or
- *  3) for infringements caused by:
- *       i) the modification of the ECC Code or
- *      ii) the combination of the ECC Code with other software or
- *          devices where such combination causes the infringement.
- *
- * The software is originally written by Sheueling Chang Shantz and
- * Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-/*
- * NOTE: This file is licensed pursuant to the OpenSSL license below and may
- * be modified; but after modifications, the above covenant may no longer
- * apply! In such cases, the corresponding paragraph ["In addition, Sun
- * covenants ... causes the infringement."] and this note can be edited out;
- * but please keep the Sun copyright notice and attribution.
- */
-
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <assert.h>
-#include <limits.h>
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#ifndef OPENSSL_NO_EC2M
-
-/*
- * Maximum number of iterations before BN_GF2m_mod_solve_quad_arr should
- * fail.
- */
-# define MAX_ITERATIONS 50
-
-static const BN_ULONG SQR_tb[16] = { 0, 1, 4, 5, 16, 17, 20, 21,
-    64, 65, 68, 69, 80, 81, 84, 85
-};
-
-/* Platform-specific macros to accelerate squaring. */
-# if defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
-#  define SQR1(w) \
-    SQR_tb[(w) >> 60 & 0xF] << 56 | SQR_tb[(w) >> 56 & 0xF] << 48 | \
-    SQR_tb[(w) >> 52 & 0xF] << 40 | SQR_tb[(w) >> 48 & 0xF] << 32 | \
-    SQR_tb[(w) >> 44 & 0xF] << 24 | SQR_tb[(w) >> 40 & 0xF] << 16 | \
-    SQR_tb[(w) >> 36 & 0xF] <<  8 | SQR_tb[(w) >> 32 & 0xF]
-#  define SQR0(w) \
-    SQR_tb[(w) >> 28 & 0xF] << 56 | SQR_tb[(w) >> 24 & 0xF] << 48 | \
-    SQR_tb[(w) >> 20 & 0xF] << 40 | SQR_tb[(w) >> 16 & 0xF] << 32 | \
-    SQR_tb[(w) >> 12 & 0xF] << 24 | SQR_tb[(w) >>  8 & 0xF] << 16 | \
-    SQR_tb[(w) >>  4 & 0xF] <<  8 | SQR_tb[(w)       & 0xF]
-# endif
-# ifdef THIRTY_TWO_BIT
-#  define SQR1(w) \
-    SQR_tb[(w) >> 28 & 0xF] << 24 | SQR_tb[(w) >> 24 & 0xF] << 16 | \
-    SQR_tb[(w) >> 20 & 0xF] <<  8 | SQR_tb[(w) >> 16 & 0xF]
-#  define SQR0(w) \
-    SQR_tb[(w) >> 12 & 0xF] << 24 | SQR_tb[(w) >>  8 & 0xF] << 16 | \
-    SQR_tb[(w) >>  4 & 0xF] <<  8 | SQR_tb[(w)       & 0xF]
-# endif
-
-# if !defined(OPENSSL_BN_ASM_GF2m)
-/*
- * Product of two polynomials a, b each with degree < BN_BITS2 - 1, result is
- * a polynomial r with degree < 2 * BN_BITS - 1 The caller MUST ensure that
- * the variables have the right amount of space allocated.
- */
-#  ifdef THIRTY_TWO_BIT
-static void bn_GF2m_mul_1x1(BN_ULONG *r1, BN_ULONG *r0, const BN_ULONG a,
-                            const BN_ULONG b)
-{
-    register BN_ULONG h, l, s;
-    BN_ULONG tab[8], top2b = a >> 30;
-    register BN_ULONG a1, a2, a4;
-
-    a1 = a & (0x3FFFFFFF);
-    a2 = a1 << 1;
-    a4 = a2 << 1;
-
-    tab[0] = 0;
-    tab[1] = a1;
-    tab[2] = a2;
-    tab[3] = a1 ^ a2;
-    tab[4] = a4;
-    tab[5] = a1 ^ a4;
-    tab[6] = a2 ^ a4;
-    tab[7] = a1 ^ a2 ^ a4;
-
-    s = tab[b & 0x7];
-    l = s;
-    s = tab[b >> 3 & 0x7];
-    l ^= s << 3;
-    h = s >> 29;
-    s = tab[b >> 6 & 0x7];
-    l ^= s << 6;
-    h ^= s >> 26;
-    s = tab[b >> 9 & 0x7];
-    l ^= s << 9;
-    h ^= s >> 23;
-    s = tab[b >> 12 & 0x7];
-    l ^= s << 12;
-    h ^= s >> 20;
-    s = tab[b >> 15 & 0x7];
-    l ^= s << 15;
-    h ^= s >> 17;
-    s = tab[b >> 18 & 0x7];
-    l ^= s << 18;
-    h ^= s >> 14;
-    s = tab[b >> 21 & 0x7];
-    l ^= s << 21;
-    h ^= s >> 11;
-    s = tab[b >> 24 & 0x7];
-    l ^= s << 24;
-    h ^= s >> 8;
-    s = tab[b >> 27 & 0x7];
-    l ^= s << 27;
-    h ^= s >> 5;
-    s = tab[b >> 30];
-    l ^= s << 30;
-    h ^= s >> 2;
-
-    /* compensate for the top two bits of a */
-
-    if (top2b & 01) {
-        l ^= b << 30;
-        h ^= b >> 2;
-    }
-    if (top2b & 02) {
-        l ^= b << 31;
-        h ^= b >> 1;
-    }
-
-    *r1 = h;
-    *r0 = l;
-}
-#  endif
-#  if defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
-static void bn_GF2m_mul_1x1(BN_ULONG *r1, BN_ULONG *r0, const BN_ULONG a,
-                            const BN_ULONG b)
-{
-    register BN_ULONG h, l, s;
-    BN_ULONG tab[16], top3b = a >> 61;
-    register BN_ULONG a1, a2, a4, a8;
-
-    a1 = a & (0x1FFFFFFFFFFFFFFFULL);
-    a2 = a1 << 1;
-    a4 = a2 << 1;
-    a8 = a4 << 1;
-
-    tab[0] = 0;
-    tab[1] = a1;
-    tab[2] = a2;
-    tab[3] = a1 ^ a2;
-    tab[4] = a4;
-    tab[5] = a1 ^ a4;
-    tab[6] = a2 ^ a4;
-    tab[7] = a1 ^ a2 ^ a4;
-    tab[8] = a8;
-    tab[9] = a1 ^ a8;
-    tab[10] = a2 ^ a8;
-    tab[11] = a1 ^ a2 ^ a8;
-    tab[12] = a4 ^ a8;
-    tab[13] = a1 ^ a4 ^ a8;
-    tab[14] = a2 ^ a4 ^ a8;
-    tab[15] = a1 ^ a2 ^ a4 ^ a8;
-
-    s = tab[b & 0xF];
-    l = s;
-    s = tab[b >> 4 & 0xF];
-    l ^= s << 4;
-    h = s >> 60;
-    s = tab[b >> 8 & 0xF];
-    l ^= s << 8;
-    h ^= s >> 56;
-    s = tab[b >> 12 & 0xF];
-    l ^= s << 12;
-    h ^= s >> 52;
-    s = tab[b >> 16 & 0xF];
-    l ^= s << 16;
-    h ^= s >> 48;
-    s = tab[b >> 20 & 0xF];
-    l ^= s << 20;
-    h ^= s >> 44;
-    s = tab[b >> 24 & 0xF];
-    l ^= s << 24;
-    h ^= s >> 40;
-    s = tab[b >> 28 & 0xF];
-    l ^= s << 28;
-    h ^= s >> 36;
-    s = tab[b >> 32 & 0xF];
-    l ^= s << 32;
-    h ^= s >> 32;
-    s = tab[b >> 36 & 0xF];
-    l ^= s << 36;
-    h ^= s >> 28;
-    s = tab[b >> 40 & 0xF];
-    l ^= s << 40;
-    h ^= s >> 24;
-    s = tab[b >> 44 & 0xF];
-    l ^= s << 44;
-    h ^= s >> 20;
-    s = tab[b >> 48 & 0xF];
-    l ^= s << 48;
-    h ^= s >> 16;
-    s = tab[b >> 52 & 0xF];
-    l ^= s << 52;
-    h ^= s >> 12;
-    s = tab[b >> 56 & 0xF];
-    l ^= s << 56;
-    h ^= s >> 8;
-    s = tab[b >> 60];
-    l ^= s << 60;
-    h ^= s >> 4;
-
-    /* compensate for the top three bits of a */
-
-    if (top3b & 01) {
-        l ^= b << 61;
-        h ^= b >> 3;
-    }
-    if (top3b & 02) {
-        l ^= b << 62;
-        h ^= b >> 2;
-    }
-    if (top3b & 04) {
-        l ^= b << 63;
-        h ^= b >> 1;
-    }
-
-    *r1 = h;
-    *r0 = l;
-}
-#  endif
-
-/*
- * Product of two polynomials a, b each with degree < 2 * BN_BITS2 - 1,
- * result is a polynomial r with degree < 4 * BN_BITS2 - 1 The caller MUST
- * ensure that the variables have the right amount of space allocated.
- */
-static void bn_GF2m_mul_2x2(BN_ULONG *r, const BN_ULONG a1, const BN_ULONG a0,
-                            const BN_ULONG b1, const BN_ULONG b0)
-{
-    BN_ULONG m1, m0;
-    /* r[3] = h1, r[2] = h0; r[1] = l1; r[0] = l0 */
-    bn_GF2m_mul_1x1(r + 3, r + 2, a1, b1);
-    bn_GF2m_mul_1x1(r + 1, r, a0, b0);
-    bn_GF2m_mul_1x1(&m1, &m0, a0 ^ a1, b0 ^ b1);
-    /* Correction on m1 ^= l1 ^ h1; m0 ^= l0 ^ h0; */
-    r[2] ^= m1 ^ r[1] ^ r[3];   /* h0 ^= m1 ^ l1 ^ h1; */
-    r[1] = r[3] ^ r[2] ^ r[0] ^ m1 ^ m0; /* l1 ^= l0 ^ h0 ^ m0; */
-}
-# else
-void bn_GF2m_mul_2x2(BN_ULONG *r, BN_ULONG a1, BN_ULONG a0, BN_ULONG b1,
-                     BN_ULONG b0);
-# endif
-
-/*
- * Add polynomials a and b and store result in r; r could be a or b, a and b
- * could be equal; r is the bitwise XOR of a and b.
- */
-int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
-{
-    int i;
-    const BIGNUM *at, *bt;
-
-    bn_check_top(a);
-    bn_check_top(b);
-
-    if (a->top < b->top) {
-        at = b;
-        bt = a;
-    } else {
-        at = a;
-        bt = b;
-    }
-
-    if (bn_wexpand(r, at->top) == NULL)
-        return 0;
-
-    for (i = 0; i < bt->top; i++) {
-        r->d[i] = at->d[i] ^ bt->d[i];
-    }
-    for (; i < at->top; i++) {
-        r->d[i] = at->d[i];
-    }
-
-    r->top = at->top;
-    bn_correct_top(r);
-
-    return 1;
-}
-
-/*-
- * Some functions allow for representation of the irreducible polynomials
- * as an int[], say p.  The irreducible f(t) is then of the form:
- *     t^p[0] + t^p[1] + ... + t^p[k]
- * where m = p[0] > p[1] > ... > p[k] = 0.
- */
-
-/* Performs modular reduction of a and store result in r.  r could be a. */
-int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[])
-{
-    int j, k;
-    int n, dN, d0, d1;
-    BN_ULONG zz, *z;
-
-    bn_check_top(a);
-
-    if (!p[0]) {
-        /* reduction mod 1 => return 0 */
-        BN_zero(r);
-        return 1;
-    }
-
-    /*
-     * Since the algorithm does reduction in the r value, if a != r, copy the
-     * contents of a into r so we can do reduction in r.
-     */
-    if (a != r) {
-        if (!bn_wexpand(r, a->top))
-            return 0;
-        for (j = 0; j < a->top; j++) {
-            r->d[j] = a->d[j];
-        }
-        r->top = a->top;
-    }
-    z = r->d;
-
-    /* start reduction */
-    dN = p[0] / BN_BITS2;
-    for (j = r->top - 1; j > dN;) {
-        zz = z[j];
-        if (z[j] == 0) {
-            j--;
-            continue;
-        }
-        z[j] = 0;
-
-        for (k = 1; p[k] != 0; k++) {
-            /* reducing component t^p[k] */
-            n = p[0] - p[k];
-            d0 = n % BN_BITS2;
-            d1 = BN_BITS2 - d0;
-            n /= BN_BITS2;
-            z[j - n] ^= (zz >> d0);
-            if (d0)
-                z[j - n - 1] ^= (zz << d1);
-        }
-
-        /* reducing component t^0 */
-        n = dN;
-        d0 = p[0] % BN_BITS2;
-        d1 = BN_BITS2 - d0;
-        z[j - n] ^= (zz >> d0);
-        if (d0)
-            z[j - n - 1] ^= (zz << d1);
-    }
-
-    /* final round of reduction */
-    while (j == dN) {
-
-        d0 = p[0] % BN_BITS2;
-        zz = z[dN] >> d0;
-        if (zz == 0)
-            break;
-        d1 = BN_BITS2 - d0;
-
-        /* clear up the top d1 bits */
-        if (d0)
-            z[dN] = (z[dN] << d1) >> d1;
-        else
-            z[dN] = 0;
-        z[0] ^= zz;             /* reduction t^0 component */
-
-        for (k = 1; p[k] != 0; k++) {
-            BN_ULONG tmp_ulong;
-
-            /* reducing component t^p[k] */
-            n = p[k] / BN_BITS2;
-            d0 = p[k] % BN_BITS2;
-            d1 = BN_BITS2 - d0;
-            z[n] ^= (zz << d0);
-            if (d0 && (tmp_ulong = zz >> d1))
-                z[n + 1] ^= tmp_ulong;
-        }
-
-    }
-
-    bn_correct_top(r);
-    return 1;
-}
-
-/*
- * Performs modular reduction of a by p and store result in r.  r could be a.
- * This function calls down to the BN_GF2m_mod_arr implementation; this wrapper
- * function is only provided for convenience; for best performance, use the
- * BN_GF2m_mod_arr function.
- */
-int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p)
-{
-    int ret = 0;
-    int arr[6];
-    bn_check_top(a);
-    bn_check_top(p);
-    ret = BN_GF2m_poly2arr(p, arr, sizeof(arr) / sizeof(arr[0]));
-    if (!ret || ret > (int)(sizeof(arr) / sizeof(arr[0]))) {
-        BNerr(BN_F_BN_GF2M_MOD, BN_R_INVALID_LENGTH);
-        return 0;
-    }
-    ret = BN_GF2m_mod_arr(r, a, arr);
-    bn_check_top(r);
-    return ret;
-}
-
-/*
- * Compute the product of two polynomials a and b, reduce modulo p, and store
- * the result in r.  r could be a or b; a could be b.
- */
-int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-                        const int p[], BN_CTX *ctx)
-{
-    int zlen, i, j, k, ret = 0;
-    BIGNUM *s;
-    BN_ULONG x1, x0, y1, y0, zz[4];
-
-    bn_check_top(a);
-    bn_check_top(b);
-
-    if (a == b) {
-        return BN_GF2m_mod_sqr_arr(r, a, p, ctx);
-    }
-
-    BN_CTX_start(ctx);
-    if ((s = BN_CTX_get(ctx)) == NULL)
-        goto err;
-
-    zlen = a->top + b->top + 4;
-    if (!bn_wexpand(s, zlen))
-        goto err;
-    s->top = zlen;
-
-    for (i = 0; i < zlen; i++)
-        s->d[i] = 0;
-
-    for (j = 0; j < b->top; j += 2) {
-        y0 = b->d[j];
-        y1 = ((j + 1) == b->top) ? 0 : b->d[j + 1];
-        for (i = 0; i < a->top; i += 2) {
-            x0 = a->d[i];
-            x1 = ((i + 1) == a->top) ? 0 : a->d[i + 1];
-            bn_GF2m_mul_2x2(zz, x1, x0, y1, y0);
-            for (k = 0; k < 4; k++)
-                s->d[i + j + k] ^= zz[k];
-        }
-    }
-
-    bn_correct_top(s);
-    if (BN_GF2m_mod_arr(r, s, p))
-        ret = 1;
-    bn_check_top(r);
-
- err:
-    BN_CTX_end(ctx);
-    return ret;
-}
-
-/*
- * Compute the product of two polynomials a and b, reduce modulo p, and store
- * the result in r.  r could be a or b; a could equal b. This function calls
- * down to the BN_GF2m_mod_mul_arr implementation; this wrapper function is
- * only provided for convenience; for best performance, use the
- * BN_GF2m_mod_mul_arr function.
- */
-int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-                    const BIGNUM *p, BN_CTX *ctx)
-{
-    int ret = 0;
-    const int max = BN_num_bits(p) + 1;
-    int *arr = NULL;
-    bn_check_top(a);
-    bn_check_top(b);
-    bn_check_top(p);
-    if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL)
-        goto err;
-    ret = BN_GF2m_poly2arr(p, arr, max);
-    if (!ret || ret > max) {
-        BNerr(BN_F_BN_GF2M_MOD_MUL, BN_R_INVALID_LENGTH);
-        goto err;
-    }
-    ret = BN_GF2m_mod_mul_arr(r, a, b, arr, ctx);
-    bn_check_top(r);
- err:
-    if (arr)
-        OPENSSL_free(arr);
-    return ret;
-}
-
-/* Square a, reduce the result mod p, and store it in a.  r could be a. */
-int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[],
-                        BN_CTX *ctx)
-{
-    int i, ret = 0;
-    BIGNUM *s;
-
-    bn_check_top(a);
-    BN_CTX_start(ctx);
-    if ((s = BN_CTX_get(ctx)) == NULL)
-        goto err;
-    if (!bn_wexpand(s, 2 * a->top))
-        goto err;
-
-    for (i = a->top - 1; i >= 0; i--) {
-        s->d[2 * i + 1] = SQR1(a->d[i]);
-        s->d[2 * i] = SQR0(a->d[i]);
-    }
-
-    s->top = 2 * a->top;
-    bn_correct_top(s);
-    if (!BN_GF2m_mod_arr(r, s, p))
-        goto err;
-    bn_check_top(r);
-    ret = 1;
- err:
-    BN_CTX_end(ctx);
-    return ret;
-}
-
-/*
- * Square a, reduce the result mod p, and store it in a.  r could be a. This
- * function calls down to the BN_GF2m_mod_sqr_arr implementation; this
- * wrapper function is only provided for convenience; for best performance,
- * use the BN_GF2m_mod_sqr_arr function.
- */
-int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
-{
-    int ret = 0;
-    const int max = BN_num_bits(p) + 1;
-    int *arr = NULL;
-
-    bn_check_top(a);
-    bn_check_top(p);
-    if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL)
-        goto err;
-    ret = BN_GF2m_poly2arr(p, arr, max);
-    if (!ret || ret > max) {
-        BNerr(BN_F_BN_GF2M_MOD_SQR, BN_R_INVALID_LENGTH);
-        goto err;
-    }
-    ret = BN_GF2m_mod_sqr_arr(r, a, arr, ctx);
-    bn_check_top(r);
- err:
-    if (arr)
-        OPENSSL_free(arr);
-    return ret;
-}
-
-/*
- * Invert a, reduce modulo p, and store the result in r. r could be a. Uses
- * Modified Almost Inverse Algorithm (Algorithm 10) from Hankerson, D.,
- * Hernandez, J.L., and Menezes, A.  "Software Implementation of Elliptic
- * Curve Cryptography Over Binary Fields".
- */
-int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
-{
-    BIGNUM *b, *c = NULL, *u = NULL, *v = NULL, *tmp;
-    int ret = 0;
-
-    bn_check_top(a);
-    bn_check_top(p);
-
-    BN_CTX_start(ctx);
-
-    if ((b = BN_CTX_get(ctx)) == NULL)
-        goto err;
-    if ((c = BN_CTX_get(ctx)) == NULL)
-        goto err;
-    if ((u = BN_CTX_get(ctx)) == NULL)
-        goto err;
-    if ((v = BN_CTX_get(ctx)) == NULL)
-        goto err;
-
-    if (!BN_GF2m_mod(u, a, p))
-        goto err;
-    if (BN_is_zero(u))
-        goto err;
-
-    if (!BN_copy(v, p))
-        goto err;
-# if 0
-    if (!BN_one(b))
-        goto err;
-
-    while (1) {
-        while (!BN_is_odd(u)) {
-            if (BN_is_zero(u))
-                goto err;
-            if (!BN_rshift1(u, u))
-                goto err;
-            if (BN_is_odd(b)) {
-                if (!BN_GF2m_add(b, b, p))
-                    goto err;
-            }
-            if (!BN_rshift1(b, b))
-                goto err;
-        }
-
-        if (BN_abs_is_word(u, 1))
-            break;
-
-        if (BN_num_bits(u) < BN_num_bits(v)) {
-            tmp = u;
-            u = v;
-            v = tmp;
-            tmp = b;
-            b = c;
-            c = tmp;
-        }
-
-        if (!BN_GF2m_add(u, u, v))
-            goto err;
-        if (!BN_GF2m_add(b, b, c))
-            goto err;
-    }
-# else
-    {
-        int i;
-        int ubits = BN_num_bits(u);
-        int vbits = BN_num_bits(v); /* v is copy of p */
-        int top = p->top;
-        BN_ULONG *udp, *bdp, *vdp, *cdp;
-
-        if (!bn_wexpand(u, top))
-            goto err;
-        udp = u->d;
-        for (i = u->top; i < top; i++)
-            udp[i] = 0;
-        u->top = top;
-        if (!bn_wexpand(b, top))
-          goto err;
-        bdp = b->d;
-        bdp[0] = 1;
-        for (i = 1; i < top; i++)
-            bdp[i] = 0;
-        b->top = top;
-        if (!bn_wexpand(c, top))
-          goto err;
-        cdp = c->d;
-        for (i = 0; i < top; i++)
-            cdp[i] = 0;
-        c->top = top;
-        vdp = v->d;             /* It pays off to "cache" *->d pointers,
-                                 * because it allows optimizer to be more
-                                 * aggressive. But we don't have to "cache"
-                                 * p->d, because *p is declared 'const'... */
-        while (1) {
-            while (ubits && !(udp[0] & 1)) {
-                BN_ULONG u0, u1, b0, b1, mask;
-
-                u0 = udp[0];
-                b0 = bdp[0];
-                mask = (BN_ULONG)0 - (b0 & 1);
-                b0 ^= p->d[0] & mask;
-                for (i = 0; i < top - 1; i++) {
-                    u1 = udp[i + 1];
-                    udp[i] = ((u0 >> 1) | (u1 << (BN_BITS2 - 1))) & BN_MASK2;
-                    u0 = u1;
-                    b1 = bdp[i + 1] ^ (p->d[i + 1] & mask);
-                    bdp[i] = ((b0 >> 1) | (b1 << (BN_BITS2 - 1))) & BN_MASK2;
-                    b0 = b1;
-                }
-                udp[i] = u0 >> 1;
-                bdp[i] = b0 >> 1;
-                ubits--;
-            }
-
-            if (ubits <= BN_BITS2) {
-                if (udp[0] == 0) /* poly was reducible */
-                    goto err;
-                if (udp[0] == 1)
-                    break;
-            }
-
-            if (ubits < vbits) {
-                i = ubits;
-                ubits = vbits;
-                vbits = i;
-                tmp = u;
-                u = v;
-                v = tmp;
-                tmp = b;
-                b = c;
-                c = tmp;
-                udp = vdp;
-                vdp = v->d;
-                bdp = cdp;
-                cdp = c->d;
-            }
-            for (i = 0; i < top; i++) {
-                udp[i] ^= vdp[i];
-                bdp[i] ^= cdp[i];
-            }
-            if (ubits == vbits) {
-                BN_ULONG ul;
-                int utop = (ubits - 1) / BN_BITS2;
-
-                while ((ul = udp[utop]) == 0 && utop)
-                    utop--;
-                ubits = utop * BN_BITS2 + BN_num_bits_word(ul);
-            }
-        }
-        bn_correct_top(b);
-    }
-# endif
-
-    if (!BN_copy(r, b))
-        goto err;
-    bn_check_top(r);
-    ret = 1;
-
- err:
-# ifdef BN_DEBUG                /* BN_CTX_end would complain about the
-                                 * expanded form */
-    bn_correct_top(c);
-    bn_correct_top(u);
-    bn_correct_top(v);
-# endif
-    BN_CTX_end(ctx);
-    return ret;
-}
-
-/*
- * Invert xx, reduce modulo p, and store the result in r. r could be xx.
- * This function calls down to the BN_GF2m_mod_inv implementation; this
- * wrapper function is only provided for convenience; for best performance,
- * use the BN_GF2m_mod_inv function.
- */
-int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *xx, const int p[],
-                        BN_CTX *ctx)
-{
-    BIGNUM *field;
-    int ret = 0;
-
-    bn_check_top(xx);
-    BN_CTX_start(ctx);
-    if ((field = BN_CTX_get(ctx)) == NULL)
-        goto err;
-    if (!BN_GF2m_arr2poly(p, field))
-        goto err;
-
-    ret = BN_GF2m_mod_inv(r, xx, field, ctx);
-    bn_check_top(r);
-
- err:
-    BN_CTX_end(ctx);
-    return ret;
-}
-
-# ifndef OPENSSL_SUN_GF2M_DIV
-/*
- * Divide y by x, reduce modulo p, and store the result in r. r could be x
- * or y, x could equal y.
- */
-int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x,
-                    const BIGNUM *p, BN_CTX *ctx)
-{
-    BIGNUM *xinv = NULL;
-    int ret = 0;
-
-    bn_check_top(y);
-    bn_check_top(x);
-    bn_check_top(p);
-
-    BN_CTX_start(ctx);
-    xinv = BN_CTX_get(ctx);
-    if (xinv == NULL)
-        goto err;
-
-    if (!BN_GF2m_mod_inv(xinv, x, p, ctx))
-        goto err;
-    if (!BN_GF2m_mod_mul(r, y, xinv, p, ctx))
-        goto err;
-    bn_check_top(r);
-    ret = 1;
-
- err:
-    BN_CTX_end(ctx);
-    return ret;
-}
-# else
-/*
- * Divide y by x, reduce modulo p, and store the result in r. r could be x
- * or y, x could equal y. Uses algorithm Modular_Division_GF(2^m) from
- * Chang-Shantz, S.  "From Euclid's GCD to Montgomery Multiplication to the
- * Great Divide".
- */
-int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x,
-                    const BIGNUM *p, BN_CTX *ctx)
-{
-    BIGNUM *a, *b, *u, *v;
-    int ret = 0;
-
-    bn_check_top(y);
-    bn_check_top(x);
-    bn_check_top(p);
-
-    BN_CTX_start(ctx);
-
-    a = BN_CTX_get(ctx);
-    b = BN_CTX_get(ctx);
-    u = BN_CTX_get(ctx);
-    v = BN_CTX_get(ctx);
-    if (v == NULL)
-        goto err;
-
-    /* reduce x and y mod p */
-    if (!BN_GF2m_mod(u, y, p))
-        goto err;
-    if (!BN_GF2m_mod(a, x, p))
-        goto err;
-    if (!BN_copy(b, p))
-        goto err;
-
-    while (!BN_is_odd(a)) {
-        if (!BN_rshift1(a, a))
-            goto err;
-        if (BN_is_odd(u))
-            if (!BN_GF2m_add(u, u, p))
-                goto err;
-        if (!BN_rshift1(u, u))
-            goto err;
-    }
-
-    do {
-        if (BN_GF2m_cmp(b, a) > 0) {
-            if (!BN_GF2m_add(b, b, a))
-                goto err;
-            if (!BN_GF2m_add(v, v, u))
-                goto err;
-            do {
-                if (!BN_rshift1(b, b))
-                    goto err;
-                if (BN_is_odd(v))
-                    if (!BN_GF2m_add(v, v, p))
-                        goto err;
-                if (!BN_rshift1(v, v))
-                    goto err;
-            } while (!BN_is_odd(b));
-        } else if (BN_abs_is_word(a, 1))
-            break;
-        else {
-            if (!BN_GF2m_add(a, a, b))
-                goto err;
-            if (!BN_GF2m_add(u, u, v))
-                goto err;
-            do {
-                if (!BN_rshift1(a, a))
-                    goto err;
-                if (BN_is_odd(u))
-                    if (!BN_GF2m_add(u, u, p))
-                        goto err;
-                if (!BN_rshift1(u, u))
-                    goto err;
-            } while (!BN_is_odd(a));
-        }
-    } while (1);
-
-    if (!BN_copy(r, u))
-        goto err;
-    bn_check_top(r);
-    ret = 1;
-
- err:
-    BN_CTX_end(ctx);
-    return ret;
-}
-# endif
-
-/*
- * Divide yy by xx, reduce modulo p, and store the result in r. r could be xx
- * * or yy, xx could equal yy. This function calls down to the
- * BN_GF2m_mod_div implementation; this wrapper function is only provided for
- * convenience; for best performance, use the BN_GF2m_mod_div function.
- */
-int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *yy, const BIGNUM *xx,
-                        const int p[], BN_CTX *ctx)
-{
-    BIGNUM *field;
-    int ret = 0;
-
-    bn_check_top(yy);
-    bn_check_top(xx);
-
-    BN_CTX_start(ctx);
-    if ((field = BN_CTX_get(ctx)) == NULL)
-        goto err;
-    if (!BN_GF2m_arr2poly(p, field))
-        goto err;
-
-    ret = BN_GF2m_mod_div(r, yy, xx, field, ctx);
-    bn_check_top(r);
-
- err:
-    BN_CTX_end(ctx);
-    return ret;
-}
-
-/*
- * Compute the bth power of a, reduce modulo p, and store the result in r.  r
- * could be a. Uses simple square-and-multiply algorithm A.5.1 from IEEE
- * P1363.
- */
-int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-                        const int p[], BN_CTX *ctx)
-{
-    int ret = 0, i, n;
-    BIGNUM *u;
-
-    bn_check_top(a);
-    bn_check_top(b);
-
-    if (BN_is_zero(b))
-        return (BN_one(r));
-
-    if (BN_abs_is_word(b, 1))
-        return (BN_copy(r, a) != NULL);
-
-    BN_CTX_start(ctx);
-    if ((u = BN_CTX_get(ctx)) == NULL)
-        goto err;
-
-    if (!BN_GF2m_mod_arr(u, a, p))
-        goto err;
-
-    n = BN_num_bits(b) - 1;
-    for (i = n - 1; i >= 0; i--) {
-        if (!BN_GF2m_mod_sqr_arr(u, u, p, ctx))
-            goto err;
-        if (BN_is_bit_set(b, i)) {
-            if (!BN_GF2m_mod_mul_arr(u, u, a, p, ctx))
-                goto err;
-        }
-    }
-    if (!BN_copy(r, u))
-        goto err;
-    bn_check_top(r);
-    ret = 1;
- err:
-    BN_CTX_end(ctx);
-    return ret;
-}
-
-/*
- * Compute the bth power of a, reduce modulo p, and store the result in r.  r
- * could be a. This function calls down to the BN_GF2m_mod_exp_arr
- * implementation; this wrapper function is only provided for convenience;
- * for best performance, use the BN_GF2m_mod_exp_arr function.
- */
-int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-                    const BIGNUM *p, BN_CTX *ctx)
-{
-    int ret = 0;
-    const int max = BN_num_bits(p) + 1;
-    int *arr = NULL;
-    bn_check_top(a);
-    bn_check_top(b);
-    bn_check_top(p);
-    if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL)
-        goto err;
-    ret = BN_GF2m_poly2arr(p, arr, max);
-    if (!ret || ret > max) {
-        BNerr(BN_F_BN_GF2M_MOD_EXP, BN_R_INVALID_LENGTH);
-        goto err;
-    }
-    ret = BN_GF2m_mod_exp_arr(r, a, b, arr, ctx);
-    bn_check_top(r);
- err:
-    if (arr)
-        OPENSSL_free(arr);
-    return ret;
-}
-
-/*
- * Compute the square root of a, reduce modulo p, and store the result in r.
- * r could be a. Uses exponentiation as in algorithm A.4.1 from IEEE P1363.
- */
-int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a, const int p[],
-                         BN_CTX *ctx)
-{
-    int ret = 0;
-    BIGNUM *u;
-
-    bn_check_top(a);
-
-    if (!p[0]) {
-        /* reduction mod 1 => return 0 */
-        BN_zero(r);
-        return 1;
-    }
-
-    BN_CTX_start(ctx);
-    if ((u = BN_CTX_get(ctx)) == NULL)
-        goto err;
-
-    if (!BN_set_bit(u, p[0] - 1))
-        goto err;
-    ret = BN_GF2m_mod_exp_arr(r, a, u, p, ctx);
-    bn_check_top(r);
-
- err:
-    BN_CTX_end(ctx);
-    return ret;
-}
-
-/*
- * Compute the square root of a, reduce modulo p, and store the result in r.
- * r could be a. This function calls down to the BN_GF2m_mod_sqrt_arr
- * implementation; this wrapper function is only provided for convenience;
- * for best performance, use the BN_GF2m_mod_sqrt_arr function.
- */
-int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
-{
-    int ret = 0;
-    const int max = BN_num_bits(p) + 1;
-    int *arr = NULL;
-    bn_check_top(a);
-    bn_check_top(p);
-    if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL)
-        goto err;
-    ret = BN_GF2m_poly2arr(p, arr, max);
-    if (!ret || ret > max) {
-        BNerr(BN_F_BN_GF2M_MOD_SQRT, BN_R_INVALID_LENGTH);
-        goto err;
-    }
-    ret = BN_GF2m_mod_sqrt_arr(r, a, arr, ctx);
-    bn_check_top(r);
- err:
-    if (arr)
-        OPENSSL_free(arr);
-    return ret;
-}
-
-/*
- * Find r such that r^2 + r = a mod p.  r could be a. If no r exists returns
- * 0. Uses algorithms A.4.7 and A.4.6 from IEEE P1363.
- */
-int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[],
-                               BN_CTX *ctx)
-{
-    int ret = 0, count = 0, j;
-    BIGNUM *a, *z, *rho, *w, *w2, *tmp;
-
-    bn_check_top(a_);
-
-    if (!p[0]) {
-        /* reduction mod 1 => return 0 */
-        BN_zero(r);
-        return 1;
-    }
-
-    BN_CTX_start(ctx);
-    a = BN_CTX_get(ctx);
-    z = BN_CTX_get(ctx);
-    w = BN_CTX_get(ctx);
-    if (w == NULL)
-        goto err;
-
-    if (!BN_GF2m_mod_arr(a, a_, p))
-        goto err;
-
-    if (BN_is_zero(a)) {
-        BN_zero(r);
-        ret = 1;
-        goto err;
-    }
-
-    if (p[0] & 0x1) {           /* m is odd */
-        /* compute half-trace of a */
-        if (!BN_copy(z, a))
-            goto err;
-        for (j = 1; j <= (p[0] - 1) / 2; j++) {
-            if (!BN_GF2m_mod_sqr_arr(z, z, p, ctx))
-                goto err;
-            if (!BN_GF2m_mod_sqr_arr(z, z, p, ctx))
-                goto err;
-            if (!BN_GF2m_add(z, z, a))
-                goto err;
-        }
-
-    } else {                    /* m is even */
-
-        rho = BN_CTX_get(ctx);
-        w2 = BN_CTX_get(ctx);
-        tmp = BN_CTX_get(ctx);
-        if (tmp == NULL)
-            goto err;
-        do {
-            if (!BN_rand(rho, p[0], 0, 0))
-                goto err;
-            if (!BN_GF2m_mod_arr(rho, rho, p))
-                goto err;
-            BN_zero(z);
-            if (!BN_copy(w, rho))
-                goto err;
-            for (j = 1; j <= p[0] - 1; j++) {
-                if (!BN_GF2m_mod_sqr_arr(z, z, p, ctx))
-                    goto err;
-                if (!BN_GF2m_mod_sqr_arr(w2, w, p, ctx))
-                    goto err;
-                if (!BN_GF2m_mod_mul_arr(tmp, w2, a, p, ctx))
-                    goto err;
-                if (!BN_GF2m_add(z, z, tmp))
-                    goto err;
-                if (!BN_GF2m_add(w, w2, rho))
-                    goto err;
-            }
-            count++;
-        } while (BN_is_zero(w) && (count < MAX_ITERATIONS));
-        if (BN_is_zero(w)) {
-            BNerr(BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR, BN_R_TOO_MANY_ITERATIONS);
-            goto err;
-        }
-    }
-
-    if (!BN_GF2m_mod_sqr_arr(w, z, p, ctx))
-        goto err;
-    if (!BN_GF2m_add(w, z, w))
-        goto err;
-    if (BN_GF2m_cmp(w, a)) {
-        BNerr(BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR, BN_R_NO_SOLUTION);
-        goto err;
-    }
-
-    if (!BN_copy(r, z))
-        goto err;
-    bn_check_top(r);
-
-    ret = 1;
-
- err:
-    BN_CTX_end(ctx);
-    return ret;
-}
-
-/*
- * Find r such that r^2 + r = a mod p.  r could be a. If no r exists returns
- * 0. This function calls down to the BN_GF2m_mod_solve_quad_arr
- * implementation; this wrapper function is only provided for convenience;
- * for best performance, use the BN_GF2m_mod_solve_quad_arr function.
- */
-int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                           BN_CTX *ctx)
-{
-    int ret = 0;
-    const int max = BN_num_bits(p) + 1;
-    int *arr = NULL;
-    bn_check_top(a);
-    bn_check_top(p);
-    if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL)
-        goto err;
-    ret = BN_GF2m_poly2arr(p, arr, max);
-    if (!ret || ret > max) {
-        BNerr(BN_F_BN_GF2M_MOD_SOLVE_QUAD, BN_R_INVALID_LENGTH);
-        goto err;
-    }
-    ret = BN_GF2m_mod_solve_quad_arr(r, a, arr, ctx);
-    bn_check_top(r);
- err:
-    if (arr)
-        OPENSSL_free(arr);
-    return ret;
-}
-
-/*
- * Convert the bit-string representation of a polynomial ( \sum_{i=0}^n a_i *
- * x^i) into an array of integers corresponding to the bits with non-zero
- * coefficient.  Array is terminated with -1. Up to max elements of the array
- * will be filled.  Return value is total number of array elements that would
- * be filled if array was large enough.
- */
-int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max)
-{
-    int i, j, k = 0;
-    BN_ULONG mask;
-
-    if (BN_is_zero(a))
-        return 0;
-
-    for (i = a->top - 1; i >= 0; i--) {
-        if (!a->d[i])
-            /* skip word if a->d[i] == 0 */
-            continue;
-        mask = BN_TBIT;
-        for (j = BN_BITS2 - 1; j >= 0; j--) {
-            if (a->d[i] & mask) {
-                if (k < max)
-                    p[k] = BN_BITS2 * i + j;
-                k++;
-            }
-            mask >>= 1;
-        }
-    }
-
-    if (k < max) {
-        p[k] = -1;
-        k++;
-    }
-
-    return k;
-}
-
-/*
- * Convert the coefficient array representation of a polynomial to a
- * bit-string.  The array must be terminated by -1.
- */
-int BN_GF2m_arr2poly(const int p[], BIGNUM *a)
-{
-    int i;
-
-    bn_check_top(a);
-    BN_zero(a);
-    for (i = 0; p[i] != -1; i++) {
-        if (BN_set_bit(a, p[i]) == 0)
-            return 0;
-    }
-    bn_check_top(a);
-
-    return 1;
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/bn/bn_kron.c b/thirdparty/openssl/crypto/bn/bn_kron.c
deleted file mode 100644
index 88d731ac75..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_kron.c
+++ /dev/null
@@ -1,186 +0,0 @@
-/* crypto/bn/bn_kron.c */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-/* least significant word */
-#define BN_lsw(n) (((n)->top == 0) ? (BN_ULONG) 0 : (n)->d[0])
-
-/* Returns -2 for errors because both -1 and 0 are valid results. */
-int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
-{
-    int i;
-    int ret = -2;               /* avoid 'uninitialized' warning */
-    int err = 0;
-    BIGNUM *A, *B, *tmp;
-    /*-
-     * In 'tab', only odd-indexed entries are relevant:
-     * For any odd BIGNUM n,
-     *     tab[BN_lsw(n) & 7]
-     * is $(-1)^{(n^2-1)/8}$ (using TeX notation).
-     * Note that the sign of n does not matter.
-     */
-    static const int tab[8] = { 0, 1, 0, -1, 0, -1, 0, 1 };
-
-    bn_check_top(a);
-    bn_check_top(b);
-
-    BN_CTX_start(ctx);
-    A = BN_CTX_get(ctx);
-    B = BN_CTX_get(ctx);
-    if (B == NULL)
-        goto end;
-
-    err = !BN_copy(A, a);
-    if (err)
-        goto end;
-    err = !BN_copy(B, b);
-    if (err)
-        goto end;
-
-    /*
-     * Kronecker symbol, imlemented according to Henri Cohen,
-     * "A Course in Computational Algebraic Number Theory"
-     * (algorithm 1.4.10).
-     */
-
-    /* Cohen's step 1: */
-
-    if (BN_is_zero(B)) {
-        ret = BN_abs_is_word(A, 1);
-        goto end;
-    }
-
-    /* Cohen's step 2: */
-
-    if (!BN_is_odd(A) && !BN_is_odd(B)) {
-        ret = 0;
-        goto end;
-    }
-
-    /* now  B  is non-zero */
-    i = 0;
-    while (!BN_is_bit_set(B, i))
-        i++;
-    err = !BN_rshift(B, B, i);
-    if (err)
-        goto end;
-    if (i & 1) {
-        /* i is odd */
-        /* (thus  B  was even, thus  A  must be odd!)  */
-
-        /* set 'ret' to $(-1)^{(A^2-1)/8}$ */
-        ret = tab[BN_lsw(A) & 7];
-    } else {
-        /* i is even */
-        ret = 1;
-    }
-
-    if (B->neg) {
-        B->neg = 0;
-        if (A->neg)
-            ret = -ret;
-    }
-
-    /*
-     * now B is positive and odd, so what remains to be done is to compute
-     * the Jacobi symbol (A/B) and multiply it by 'ret'
-     */
-
-    while (1) {
-        /* Cohen's step 3: */
-
-        /*  B  is positive and odd */
-
-        if (BN_is_zero(A)) {
-            ret = BN_is_one(B) ? ret : 0;
-            goto end;
-        }
-
-        /* now  A  is non-zero */
-        i = 0;
-        while (!BN_is_bit_set(A, i))
-            i++;
-        err = !BN_rshift(A, A, i);
-        if (err)
-            goto end;
-        if (i & 1) {
-            /* i is odd */
-            /* multiply 'ret' by  $(-1)^{(B^2-1)/8}$ */
-            ret = ret * tab[BN_lsw(B) & 7];
-        }
-
-        /* Cohen's step 4: */
-        /* multiply 'ret' by  $(-1)^{(A-1)(B-1)/4}$ */
-        if ((A->neg ? ~BN_lsw(A) : BN_lsw(A)) & BN_lsw(B) & 2)
-            ret = -ret;
-
-        /* (A, B) := (B mod |A|, |A|) */
-        err = !BN_nnmod(B, B, A, ctx);
-        if (err)
-            goto end;
-        tmp = A;
-        A = B;
-        B = tmp;
-        tmp->neg = 0;
-    }
- end:
-    BN_CTX_end(ctx);
-    if (err)
-        return -2;
-    else
-        return ret;
-}
diff --git a/thirdparty/openssl/crypto/bn/bn_lcl.h b/thirdparty/openssl/crypto/bn/bn_lcl.h
deleted file mode 100644
index 00f4f09945..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_lcl.h
+++ /dev/null
@@ -1,537 +0,0 @@
-/* crypto/bn/bn_lcl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_BN_LCL_H
-# define HEADER_BN_LCL_H
-
-# include <openssl/bn.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/*-
- * BN_window_bits_for_exponent_size -- macro for sliding window mod_exp functions
- *
- *
- * For window size 'w' (w >= 2) and a random 'b' bits exponent,
- * the number of multiplications is a constant plus on average
- *
- *    2^(w-1) + (b-w)/(w+1);
- *
- * here  2^(w-1)  is for precomputing the table (we actually need
- * entries only for windows that have the lowest bit set), and
- * (b-w)/(w+1)  is an approximation for the expected number of
- * w-bit windows, not counting the first one.
- *
- * Thus we should use
- *
- *    w >= 6  if        b > 671
- *     w = 5  if  671 > b > 239
- *     w = 4  if  239 > b >  79
- *     w = 3  if   79 > b >  23
- *    w <= 2  if   23 > b
- *
- * (with draws in between).  Very small exponents are often selected
- * with low Hamming weight, so we use  w = 1  for b <= 23.
- */
-# if 1
-#  define BN_window_bits_for_exponent_size(b) \
-                ((b) > 671 ? 6 : \
-                 (b) > 239 ? 5 : \
-                 (b) >  79 ? 4 : \
-                 (b) >  23 ? 3 : 1)
-# else
-/*
- * Old SSLeay/OpenSSL table. Maximum window size was 5, so this table differs
- * for b==1024; but it coincides for other interesting values (b==160,
- * b==512).
- */
-#  define BN_window_bits_for_exponent_size(b) \
-                ((b) > 255 ? 5 : \
-                 (b) > 127 ? 4 : \
-                 (b) >  17 ? 3 : 1)
-# endif
-
-/*
- * BN_mod_exp_mont_conttime is based on the assumption that the L1 data cache
- * line width of the target processor is at least the following value.
- */
-# define MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH      ( 64 )
-# define MOD_EXP_CTIME_MIN_CACHE_LINE_MASK       (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - 1)
-
-/*
- * Window sizes optimized for fixed window size modular exponentiation
- * algorithm (BN_mod_exp_mont_consttime). To achieve the security goals of
- * BN_mode_exp_mont_consttime, the maximum size of the window must not exceed
- * log_2(MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH). Window size thresholds are
- * defined for cache line sizes of 32 and 64, cache line sizes where
- * log_2(32)=5 and log_2(64)=6 respectively. A window size of 7 should only be
- * used on processors that have a 128 byte or greater cache line size.
- */
-# if MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH == 64
-
-#  define BN_window_bits_for_ctime_exponent_size(b) \
-                ((b) > 937 ? 6 : \
-                 (b) > 306 ? 5 : \
-                 (b) >  89 ? 4 : \
-                 (b) >  22 ? 3 : 1)
-#  define BN_MAX_WINDOW_BITS_FOR_CTIME_EXPONENT_SIZE    (6)
-
-# elif MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH == 32
-
-#  define BN_window_bits_for_ctime_exponent_size(b) \
-                ((b) > 306 ? 5 : \
-                 (b) >  89 ? 4 : \
-                 (b) >  22 ? 3 : 1)
-#  define BN_MAX_WINDOW_BITS_FOR_CTIME_EXPONENT_SIZE    (5)
-
-# endif
-
-/* Pentium pro 16,16,16,32,64 */
-/* Alpha       16,16,16,16.64 */
-# define BN_MULL_SIZE_NORMAL                     (16)/* 32 */
-# define BN_MUL_RECURSIVE_SIZE_NORMAL            (16)/* 32 less than */
-# define BN_SQR_RECURSIVE_SIZE_NORMAL            (16)/* 32 */
-# define BN_MUL_LOW_RECURSIVE_SIZE_NORMAL        (32)/* 32 */
-# define BN_MONT_CTX_SET_SIZE_WORD               (64)/* 32 */
-
-/*
- * 2011-02-22 SMS. In various places, a size_t variable or a type cast to
- * size_t was used to perform integer-only operations on pointers.  This
- * failed on VMS with 64-bit pointers (CC /POINTER_SIZE = 64) because size_t
- * is still only 32 bits.  What's needed in these cases is an integer type
- * with the same size as a pointer, which size_t is not certain to be. The
- * only fix here is VMS-specific.
- */
-# if defined(OPENSSL_SYS_VMS)
-#  if __INITIAL_POINTER_SIZE == 64
-#   define PTR_SIZE_INT long long
-#  else                         /* __INITIAL_POINTER_SIZE == 64 */
-#   define PTR_SIZE_INT int
-#  endif                        /* __INITIAL_POINTER_SIZE == 64 [else] */
-# elif !defined(PTR_SIZE_INT)   /* defined(OPENSSL_SYS_VMS) */
-#  define PTR_SIZE_INT size_t
-# endif                         /* defined(OPENSSL_SYS_VMS) [else] */
-
-# if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC)
-/*
- * BN_UMULT_HIGH section.
- *
- * No, I'm not trying to overwhelm you when stating that the
- * product of N-bit numbers is 2*N bits wide:-) No, I don't expect
- * you to be impressed when I say that if the compiler doesn't
- * support 2*N integer type, then you have to replace every N*N
- * multiplication with 4 (N/2)*(N/2) accompanied by some shifts
- * and additions which unavoidably results in severe performance
- * penalties. Of course provided that the hardware is capable of
- * producing 2*N result... That's when you normally start
- * considering assembler implementation. However! It should be
- * pointed out that some CPUs (most notably Alpha, PowerPC and
- * upcoming IA-64 family:-) provide *separate* instruction
- * calculating the upper half of the product placing the result
- * into a general purpose register. Now *if* the compiler supports
- * inline assembler, then it's not impossible to implement the
- * "bignum" routines (and have the compiler optimize 'em)
- * exhibiting "native" performance in C. That's what BN_UMULT_HIGH
- * macro is about:-)
- *
- *                                      <appro@fy.chalmers.se>
- */
-#  if defined(__alpha) && (defined(SIXTY_FOUR_BIT_LONG) || defined(SIXTY_FOUR_BIT))
-#   if defined(__DECC)
-#    include <c_asm.h>
-#    define BN_UMULT_HIGH(a,b)   (BN_ULONG)asm("umulh %a0,%a1,%v0",(a),(b))
-#   elif defined(__GNUC__) && __GNUC__>=2
-#    define BN_UMULT_HIGH(a,b)   ({      \
-        register BN_ULONG ret;          \
-        asm ("umulh     %1,%2,%0"       \
-             : "=r"(ret)                \
-             : "r"(a), "r"(b));         \
-        ret;                    })
-#   endif                       /* compiler */
-#  elif defined(_ARCH_PPC) && defined(__64BIT__) && defined(SIXTY_FOUR_BIT_LONG)
-#   if defined(__GNUC__) && __GNUC__>=2
-#    define BN_UMULT_HIGH(a,b)   ({      \
-        register BN_ULONG ret;          \
-        asm ("mulhdu    %0,%1,%2"       \
-             : "=r"(ret)                \
-             : "r"(a), "r"(b));         \
-        ret;                    })
-#   endif                       /* compiler */
-#  elif (defined(__x86_64) || defined(__x86_64__)) && \
-       (defined(SIXTY_FOUR_BIT_LONG) || defined(SIXTY_FOUR_BIT))
-#   if defined(__GNUC__) && __GNUC__>=2
-#    define BN_UMULT_HIGH(a,b)   ({      \
-        register BN_ULONG ret,discard;  \
-        asm ("mulq      %3"             \
-             : "=a"(discard),"=d"(ret)  \
-             : "a"(a), "g"(b)           \
-             : "cc");                   \
-        ret;                    })
-#    define BN_UMULT_LOHI(low,high,a,b)  \
-        asm ("mulq      %3"             \
-                : "=a"(low),"=d"(high)  \
-                : "a"(a),"g"(b)         \
-                : "cc");
-#   endif
-#  elif (defined(_M_AMD64) || defined(_M_X64)) && defined(SIXTY_FOUR_BIT)
-#   if defined(_MSC_VER) && _MSC_VER>=1400
-unsigned __int64 __umulh(unsigned __int64 a, unsigned __int64 b);
-unsigned __int64 _umul128(unsigned __int64 a, unsigned __int64 b,
-                          unsigned __int64 *h);
-#    pragma intrinsic(__umulh,_umul128)
-#    define BN_UMULT_HIGH(a,b)           __umulh((a),(b))
-#    define BN_UMULT_LOHI(low,high,a,b)  ((low)=_umul128((a),(b),&(high)))
-#   endif
-#  elif defined(__mips) && (defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG))
-#   if defined(__GNUC__) && __GNUC__>=2
-#    if __GNUC__>4 || (__GNUC__>=4 && __GNUC_MINOR__>=4)
-                                     /* "h" constraint is no more since 4.4 */
-#     define BN_UMULT_HIGH(a,b)          (((__uint128_t)(a)*(b))>>64)
-#     define BN_UMULT_LOHI(low,high,a,b) ({     \
-        __uint128_t ret=(__uint128_t)(a)*(b);   \
-        (high)=ret>>64; (low)=ret;       })
-#    else
-#     define BN_UMULT_HIGH(a,b) ({      \
-        register BN_ULONG ret;          \
-        asm ("dmultu    %1,%2"          \
-             : "=h"(ret)                \
-             : "r"(a), "r"(b) : "l");   \
-        ret;                    })
-#     define BN_UMULT_LOHI(low,high,a,b)\
-        asm ("dmultu    %2,%3"          \
-             : "=l"(low),"=h"(high)     \
-             : "r"(a), "r"(b));
-#    endif
-#   endif
-#  elif defined(__aarch64__) && defined(SIXTY_FOUR_BIT_LONG)
-#   if defined(__GNUC__) && __GNUC__>=2
-#    define BN_UMULT_HIGH(a,b)   ({      \
-        register BN_ULONG ret;          \
-        asm ("umulh     %0,%1,%2"       \
-             : "=r"(ret)                \
-             : "r"(a), "r"(b));         \
-        ret;                    })
-#   endif
-#  endif                        /* cpu */
-# endif                         /* OPENSSL_NO_ASM */
-
-/*************************************************************
- * Using the long long type
- */
-# define Lw(t)    (((BN_ULONG)(t))&BN_MASK2)
-# define Hw(t)    (((BN_ULONG)((t)>>BN_BITS2))&BN_MASK2)
-
-# ifdef BN_DEBUG_RAND
-#  define bn_clear_top2max(a) \
-        { \
-        int      ind = (a)->dmax - (a)->top; \
-        BN_ULONG *ftl = &(a)->d[(a)->top-1]; \
-        for (; ind != 0; ind--) \
-                *(++ftl) = 0x0; \
-        }
-# else
-#  define bn_clear_top2max(a)
-# endif
-
-# ifdef BN_LLONG
-#  define mul_add(r,a,w,c) { \
-        BN_ULLONG t; \
-        t=(BN_ULLONG)w * (a) + (r) + (c); \
-        (r)= Lw(t); \
-        (c)= Hw(t); \
-        }
-
-#  define mul(r,a,w,c) { \
-        BN_ULLONG t; \
-        t=(BN_ULLONG)w * (a) + (c); \
-        (r)= Lw(t); \
-        (c)= Hw(t); \
-        }
-
-#  define sqr(r0,r1,a) { \
-        BN_ULLONG t; \
-        t=(BN_ULLONG)(a)*(a); \
-        (r0)=Lw(t); \
-        (r1)=Hw(t); \
-        }
-
-# elif defined(BN_UMULT_LOHI)
-#  define mul_add(r,a,w,c) {              \
-        BN_ULONG high,low,ret,tmp=(a);  \
-        ret =  (r);                     \
-        BN_UMULT_LOHI(low,high,w,tmp);  \
-        ret += (c);                     \
-        (c) =  (ret<(c))?1:0;           \
-        (c) += high;                    \
-        ret += low;                     \
-        (c) += (ret<low)?1:0;           \
-        (r) =  ret;                     \
-        }
-
-#  define mul(r,a,w,c)    {               \
-        BN_ULONG high,low,ret,ta=(a);   \
-        BN_UMULT_LOHI(low,high,w,ta);   \
-        ret =  low + (c);               \
-        (c) =  high;                    \
-        (c) += (ret<low)?1:0;           \
-        (r) =  ret;                     \
-        }
-
-#  define sqr(r0,r1,a)    {               \
-        BN_ULONG tmp=(a);               \
-        BN_UMULT_LOHI(r0,r1,tmp,tmp);   \
-        }
-
-# elif defined(BN_UMULT_HIGH)
-#  define mul_add(r,a,w,c) {              \
-        BN_ULONG high,low,ret,tmp=(a);  \
-        ret =  (r);                     \
-        high=  BN_UMULT_HIGH(w,tmp);    \
-        ret += (c);                     \
-        low =  (w) * tmp;               \
-        (c) =  (ret<(c))?1:0;           \
-        (c) += high;                    \
-        ret += low;                     \
-        (c) += (ret<low)?1:0;           \
-        (r) =  ret;                     \
-        }
-
-#  define mul(r,a,w,c)    {               \
-        BN_ULONG high,low,ret,ta=(a);   \
-        low =  (w) * ta;                \
-        high=  BN_UMULT_HIGH(w,ta);     \
-        ret =  low + (c);               \
-        (c) =  high;                    \
-        (c) += (ret<low)?1:0;           \
-        (r) =  ret;                     \
-        }
-
-#  define sqr(r0,r1,a)    {               \
-        BN_ULONG tmp=(a);               \
-        (r0) = tmp * tmp;               \
-        (r1) = BN_UMULT_HIGH(tmp,tmp);  \
-        }
-
-# else
-/*************************************************************
- * No long long type
- */
-
-#  define LBITS(a)        ((a)&BN_MASK2l)
-#  define HBITS(a)        (((a)>>BN_BITS4)&BN_MASK2l)
-#  define L2HBITS(a)      (((a)<<BN_BITS4)&BN_MASK2)
-
-#  define LLBITS(a)       ((a)&BN_MASKl)
-#  define LHBITS(a)       (((a)>>BN_BITS2)&BN_MASKl)
-#  define LL2HBITS(a)     ((BN_ULLONG)((a)&BN_MASKl)<<BN_BITS2)
-
-#  define mul64(l,h,bl,bh) \
-        { \
-        BN_ULONG m,m1,lt,ht; \
- \
-        lt=l; \
-        ht=h; \
-        m =(bh)*(lt); \
-        lt=(bl)*(lt); \
-        m1=(bl)*(ht); \
-        ht =(bh)*(ht); \
-        m=(m+m1)&BN_MASK2; if (m < m1) ht+=L2HBITS((BN_ULONG)1); \
-        ht+=HBITS(m); \
-        m1=L2HBITS(m); \
-        lt=(lt+m1)&BN_MASK2; if (lt < m1) ht++; \
-        (l)=lt; \
-        (h)=ht; \
-        }
-
-#  define sqr64(lo,ho,in) \
-        { \
-        BN_ULONG l,h,m; \
- \
-        h=(in); \
-        l=LBITS(h); \
-        h=HBITS(h); \
-        m =(l)*(h); \
-        l*=l; \
-        h*=h; \
-        h+=(m&BN_MASK2h1)>>(BN_BITS4-1); \
-        m =(m&BN_MASK2l)<<(BN_BITS4+1); \
-        l=(l+m)&BN_MASK2; if (l < m) h++; \
-        (lo)=l; \
-        (ho)=h; \
-        }
-
-#  define mul_add(r,a,bl,bh,c) { \
-        BN_ULONG l,h; \
- \
-        h= (a); \
-        l=LBITS(h); \
-        h=HBITS(h); \
-        mul64(l,h,(bl),(bh)); \
- \
-        /* non-multiply part */ \
-        l=(l+(c))&BN_MASK2; if (l < (c)) h++; \
-        (c)=(r); \
-        l=(l+(c))&BN_MASK2; if (l < (c)) h++; \
-        (c)=h&BN_MASK2; \
-        (r)=l; \
-        }
-
-#  define mul(r,a,bl,bh,c) { \
-        BN_ULONG l,h; \
- \
-        h= (a); \
-        l=LBITS(h); \
-        h=HBITS(h); \
-        mul64(l,h,(bl),(bh)); \
- \
-        /* non-multiply part */ \
-        l+=(c); if ((l&BN_MASK2) < (c)) h++; \
-        (c)=h&BN_MASK2; \
-        (r)=l&BN_MASK2; \
-        }
-# endif                         /* !BN_LLONG */
-
-# if defined(OPENSSL_DOING_MAKEDEPEND) && defined(OPENSSL_FIPS)
-#  undef bn_div_words
-# endif
-
-void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb);
-void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b);
-void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b);
-void bn_sqr_normal(BN_ULONG *r, const BN_ULONG *a, int n, BN_ULONG *tmp);
-void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a);
-void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a);
-int bn_cmp_words(const BN_ULONG *a, const BN_ULONG *b, int n);
-int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b, int cl, int dl);
-void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
-                      int dna, int dnb, BN_ULONG *t);
-void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b,
-                           int n, int tna, int tnb, BN_ULONG *t);
-void bn_sqr_recursive(BN_ULONG *r, const BN_ULONG *a, int n2, BN_ULONG *t);
-void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n);
-void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
-                          BN_ULONG *t);
-void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
-                 BN_ULONG *t);
-BN_ULONG bn_add_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
-                           int cl, int dl);
-BN_ULONG bn_sub_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
-                           int cl, int dl);
-int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
-                const BN_ULONG *np, const BN_ULONG *n0, int num);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/crypto/bn/bn_lib.c b/thirdparty/openssl/crypto/bn/bn_lib.c
deleted file mode 100644
index 10b78f5126..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_lib.c
+++ /dev/null
@@ -1,916 +0,0 @@
-/* crypto/bn/bn_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef BN_DEBUG
-# undef NDEBUG                  /* avoid conflicting definitions */
-# define NDEBUG
-#endif
-
-#include <assert.h>
-#include <limits.h>
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-const char BN_version[] = "Big Number" OPENSSL_VERSION_PTEXT;
-
-/* This stuff appears to be completely unused, so is deprecated */
-#ifndef OPENSSL_NO_DEPRECATED
-/*-
- * For a 32 bit machine
- * 2 -   4 ==  128
- * 3 -   8 ==  256
- * 4 -  16 ==  512
- * 5 -  32 == 1024
- * 6 -  64 == 2048
- * 7 - 128 == 4096
- * 8 - 256 == 8192
- */
-static int bn_limit_bits = 0;
-static int bn_limit_num = 8;    /* (1<<bn_limit_bits) */
-static int bn_limit_bits_low = 0;
-static int bn_limit_num_low = 8; /* (1<<bn_limit_bits_low) */
-static int bn_limit_bits_high = 0;
-static int bn_limit_num_high = 8; /* (1<<bn_limit_bits_high) */
-static int bn_limit_bits_mont = 0;
-static int bn_limit_num_mont = 8; /* (1<<bn_limit_bits_mont) */
-
-void BN_set_params(int mult, int high, int low, int mont)
-{
-    if (mult >= 0) {
-        if (mult > (int)(sizeof(int) * 8) - 1)
-            mult = sizeof(int) * 8 - 1;
-        bn_limit_bits = mult;
-        bn_limit_num = 1 << mult;
-    }
-    if (high >= 0) {
-        if (high > (int)(sizeof(int) * 8) - 1)
-            high = sizeof(int) * 8 - 1;
-        bn_limit_bits_high = high;
-        bn_limit_num_high = 1 << high;
-    }
-    if (low >= 0) {
-        if (low > (int)(sizeof(int) * 8) - 1)
-            low = sizeof(int) * 8 - 1;
-        bn_limit_bits_low = low;
-        bn_limit_num_low = 1 << low;
-    }
-    if (mont >= 0) {
-        if (mont > (int)(sizeof(int) * 8) - 1)
-            mont = sizeof(int) * 8 - 1;
-        bn_limit_bits_mont = mont;
-        bn_limit_num_mont = 1 << mont;
-    }
-}
-
-int BN_get_params(int which)
-{
-    if (which == 0)
-        return (bn_limit_bits);
-    else if (which == 1)
-        return (bn_limit_bits_high);
-    else if (which == 2)
-        return (bn_limit_bits_low);
-    else if (which == 3)
-        return (bn_limit_bits_mont);
-    else
-        return (0);
-}
-#endif
-
-const BIGNUM *BN_value_one(void)
-{
-    static const BN_ULONG data_one = 1L;
-    static const BIGNUM const_one =
-        { (BN_ULONG *)&data_one, 1, 1, 0, BN_FLG_STATIC_DATA };
-
-    return (&const_one);
-}
-
-int BN_num_bits_word(BN_ULONG l)
-{
-    static const unsigned char bits[256] = {
-        0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4,
-        5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5,
-        6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
-        6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
-        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-    };
-
-#if defined(SIXTY_FOUR_BIT_LONG)
-    if (l & 0xffffffff00000000L) {
-        if (l & 0xffff000000000000L) {
-            if (l & 0xff00000000000000L) {
-                return (bits[(int)(l >> 56)] + 56);
-            } else
-                return (bits[(int)(l >> 48)] + 48);
-        } else {
-            if (l & 0x0000ff0000000000L) {
-                return (bits[(int)(l >> 40)] + 40);
-            } else
-                return (bits[(int)(l >> 32)] + 32);
-        }
-    } else
-#else
-# ifdef SIXTY_FOUR_BIT
-    if (l & 0xffffffff00000000LL) {
-        if (l & 0xffff000000000000LL) {
-            if (l & 0xff00000000000000LL) {
-                return (bits[(int)(l >> 56)] + 56);
-            } else
-                return (bits[(int)(l >> 48)] + 48);
-        } else {
-            if (l & 0x0000ff0000000000LL) {
-                return (bits[(int)(l >> 40)] + 40);
-            } else
-                return (bits[(int)(l >> 32)] + 32);
-        }
-    } else
-# endif
-#endif
-    {
-#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
-        if (l & 0xffff0000L) {
-            if (l & 0xff000000L)
-                return (bits[(int)(l >> 24L)] + 24);
-            else
-                return (bits[(int)(l >> 16L)] + 16);
-        } else
-#endif
-        {
-#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
-            if (l & 0xff00L)
-                return (bits[(int)(l >> 8)] + 8);
-            else
-#endif
-                return (bits[(int)(l)]);
-        }
-    }
-}
-
-int BN_num_bits(const BIGNUM *a)
-{
-    int i = a->top - 1;
-    bn_check_top(a);
-
-    if (BN_is_zero(a))
-        return 0;
-    return ((i * BN_BITS2) + BN_num_bits_word(a->d[i]));
-}
-
-void BN_clear_free(BIGNUM *a)
-{
-    int i;
-
-    if (a == NULL)
-        return;
-    bn_check_top(a);
-    if (a->d != NULL) {
-        OPENSSL_cleanse(a->d, a->dmax * sizeof(a->d[0]));
-        if (!(BN_get_flags(a, BN_FLG_STATIC_DATA)))
-            OPENSSL_free(a->d);
-    }
-    i = BN_get_flags(a, BN_FLG_MALLOCED);
-    OPENSSL_cleanse(a, sizeof(BIGNUM));
-    if (i)
-        OPENSSL_free(a);
-}
-
-void BN_free(BIGNUM *a)
-{
-    if (a == NULL)
-        return;
-    bn_check_top(a);
-    if ((a->d != NULL) && !(BN_get_flags(a, BN_FLG_STATIC_DATA)))
-        OPENSSL_free(a->d);
-    if (a->flags & BN_FLG_MALLOCED)
-        OPENSSL_free(a);
-    else {
-#ifndef OPENSSL_NO_DEPRECATED
-        a->flags |= BN_FLG_FREE;
-#endif
-        a->d = NULL;
-    }
-}
-
-void BN_init(BIGNUM *a)
-{
-    memset(a, 0, sizeof(BIGNUM));
-    bn_check_top(a);
-}
-
-BIGNUM *BN_new(void)
-{
-    BIGNUM *ret;
-
-    if ((ret = (BIGNUM *)OPENSSL_malloc(sizeof(BIGNUM))) == NULL) {
-        BNerr(BN_F_BN_NEW, ERR_R_MALLOC_FAILURE);
-        return (NULL);
-    }
-    ret->flags = BN_FLG_MALLOCED;
-    ret->top = 0;
-    ret->neg = 0;
-    ret->dmax = 0;
-    ret->d = NULL;
-    bn_check_top(ret);
-    return (ret);
-}
-
-/* This is used both by bn_expand2() and bn_dup_expand() */
-/* The caller MUST check that words > b->dmax before calling this */
-static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
-{
-    BN_ULONG *A, *a = NULL;
-    const BN_ULONG *B;
-    int i;
-
-    bn_check_top(b);
-
-    if (words > (INT_MAX / (4 * BN_BITS2))) {
-        BNerr(BN_F_BN_EXPAND_INTERNAL, BN_R_BIGNUM_TOO_LONG);
-        return NULL;
-    }
-    if (BN_get_flags(b, BN_FLG_STATIC_DATA)) {
-        BNerr(BN_F_BN_EXPAND_INTERNAL, BN_R_EXPAND_ON_STATIC_BIGNUM_DATA);
-        return (NULL);
-    }
-    a = A = (BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG) * words);
-    if (A == NULL) {
-        BNerr(BN_F_BN_EXPAND_INTERNAL, ERR_R_MALLOC_FAILURE);
-        return (NULL);
-    }
-#ifdef PURIFY
-    /*
-     * Valgrind complains in BN_consttime_swap because we process the whole
-     * array even if it's not initialised yet. This doesn't matter in that
-     * function - what's important is constant time operation (we're not
-     * actually going to use the data)
-     */
-    memset(a, 0, sizeof(BN_ULONG) * words);
-#endif
-
-#if 1
-    B = b->d;
-    /* Check if the previous number needs to be copied */
-    if (B != NULL) {
-        for (i = b->top >> 2; i > 0; i--, A += 4, B += 4) {
-            /*
-             * The fact that the loop is unrolled
-             * 4-wise is a tribute to Intel. It's
-             * the one that doesn't have enough
-             * registers to accomodate more data.
-             * I'd unroll it 8-wise otherwise:-)
-             *
-             *              <appro@fy.chalmers.se>
-             */
-            BN_ULONG a0, a1, a2, a3;
-            a0 = B[0];
-            a1 = B[1];
-            a2 = B[2];
-            a3 = B[3];
-            A[0] = a0;
-            A[1] = a1;
-            A[2] = a2;
-            A[3] = a3;
-        }
-        /*
-         * workaround for ultrix cc: without 'case 0', the optimizer does
-         * the switch table by doing a=top&3; a--; goto jump_table[a];
-         * which fails for top== 0
-         */
-        switch (b->top & 3) {
-        case 3:
-            A[2] = B[2];
-        case 2:
-            A[1] = B[1];
-        case 1:
-            A[0] = B[0];
-        case 0:
-            ;
-        }
-    }
-#else
-    memset(A, 0, sizeof(BN_ULONG) * words);
-    memcpy(A, b->d, sizeof(b->d[0]) * b->top);
-#endif
-
-    return (a);
-}
-
-/*
- * This is an internal function that can be used instead of bn_expand2() when
- * there is a need to copy BIGNUMs instead of only expanding the data part,
- * while still expanding them. Especially useful when needing to expand
- * BIGNUMs that are declared 'const' and should therefore not be changed. The
- * reason to use this instead of a BN_dup() followed by a bn_expand2() is
- * memory allocation overhead.  A BN_dup() followed by a bn_expand2() will
- * allocate new memory for the BIGNUM data twice, and free it once, while
- * bn_dup_expand() makes sure allocation is made only once.
- */
-
-#ifndef OPENSSL_NO_DEPRECATED
-BIGNUM *bn_dup_expand(const BIGNUM *b, int words)
-{
-    BIGNUM *r = NULL;
-
-    bn_check_top(b);
-
-    /*
-     * This function does not work if words <= b->dmax && top < words because
-     * BN_dup() does not preserve 'dmax'! (But bn_dup_expand() is not used
-     * anywhere yet.)
-     */
-
-    if (words > b->dmax) {
-        BN_ULONG *a = bn_expand_internal(b, words);
-
-        if (a) {
-            r = BN_new();
-            if (r) {
-                r->top = b->top;
-                r->dmax = words;
-                r->neg = b->neg;
-                r->d = a;
-            } else {
-                /* r == NULL, BN_new failure */
-                OPENSSL_free(a);
-            }
-        }
-        /*
-         * If a == NULL, there was an error in allocation in
-         * bn_expand_internal(), and NULL should be returned
-         */
-    } else {
-        r = BN_dup(b);
-    }
-
-    bn_check_top(r);
-    return r;
-}
-#endif
-
-/*
- * This is an internal function that should not be used in applications. It
- * ensures that 'b' has enough room for a 'words' word number and initialises
- * any unused part of b->d with leading zeros. It is mostly used by the
- * various BIGNUM routines. If there is an error, NULL is returned. If not,
- * 'b' is returned.
- */
-
-BIGNUM *bn_expand2(BIGNUM *b, int words)
-{
-    bn_check_top(b);
-
-    if (words > b->dmax) {
-        BN_ULONG *a = bn_expand_internal(b, words);
-        if (!a)
-            return NULL;
-        if (b->d)
-            OPENSSL_free(b->d);
-        b->d = a;
-        b->dmax = words;
-    }
-
-/* None of this should be necessary because of what b->top means! */
-#if 0
-    /*
-     * NB: bn_wexpand() calls this only if the BIGNUM really has to grow
-     */
-    if (b->top < b->dmax) {
-        int i;
-        BN_ULONG *A = &(b->d[b->top]);
-        for (i = (b->dmax - b->top) >> 3; i > 0; i--, A += 8) {
-            A[0] = 0;
-            A[1] = 0;
-            A[2] = 0;
-            A[3] = 0;
-            A[4] = 0;
-            A[5] = 0;
-            A[6] = 0;
-            A[7] = 0;
-        }
-        for (i = (b->dmax - b->top) & 7; i > 0; i--, A++)
-            A[0] = 0;
-        assert(A == &(b->d[b->dmax]));
-    }
-#endif
-    bn_check_top(b);
-    return b;
-}
-
-BIGNUM *BN_dup(const BIGNUM *a)
-{
-    BIGNUM *t;
-
-    if (a == NULL)
-        return NULL;
-    bn_check_top(a);
-
-    t = BN_new();
-    if (t == NULL)
-        return NULL;
-    if (!BN_copy(t, a)) {
-        BN_free(t);
-        return NULL;
-    }
-    bn_check_top(t);
-    return t;
-}
-
-BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b)
-{
-    int i;
-    BN_ULONG *A;
-    const BN_ULONG *B;
-
-    bn_check_top(b);
-
-    if (a == b)
-        return (a);
-    if (bn_wexpand(a, b->top) == NULL)
-        return (NULL);
-
-#if 1
-    A = a->d;
-    B = b->d;
-    for (i = b->top >> 2; i > 0; i--, A += 4, B += 4) {
-        BN_ULONG a0, a1, a2, a3;
-        a0 = B[0];
-        a1 = B[1];
-        a2 = B[2];
-        a3 = B[3];
-        A[0] = a0;
-        A[1] = a1;
-        A[2] = a2;
-        A[3] = a3;
-    }
-    /* ultrix cc workaround, see comments in bn_expand_internal */
-    switch (b->top & 3) {
-    case 3:
-        A[2] = B[2];
-    case 2:
-        A[1] = B[1];
-    case 1:
-        A[0] = B[0];
-    case 0:;
-    }
-#else
-    memcpy(a->d, b->d, sizeof(b->d[0]) * b->top);
-#endif
-
-    a->top = b->top;
-    a->neg = b->neg;
-    bn_check_top(a);
-    return (a);
-}
-
-void BN_swap(BIGNUM *a, BIGNUM *b)
-{
-    int flags_old_a, flags_old_b;
-    BN_ULONG *tmp_d;
-    int tmp_top, tmp_dmax, tmp_neg;
-
-    bn_check_top(a);
-    bn_check_top(b);
-
-    flags_old_a = a->flags;
-    flags_old_b = b->flags;
-
-    tmp_d = a->d;
-    tmp_top = a->top;
-    tmp_dmax = a->dmax;
-    tmp_neg = a->neg;
-
-    a->d = b->d;
-    a->top = b->top;
-    a->dmax = b->dmax;
-    a->neg = b->neg;
-
-    b->d = tmp_d;
-    b->top = tmp_top;
-    b->dmax = tmp_dmax;
-    b->neg = tmp_neg;
-
-    a->flags =
-        (flags_old_a & BN_FLG_MALLOCED) | (flags_old_b & BN_FLG_STATIC_DATA);
-    b->flags =
-        (flags_old_b & BN_FLG_MALLOCED) | (flags_old_a & BN_FLG_STATIC_DATA);
-    bn_check_top(a);
-    bn_check_top(b);
-}
-
-void BN_clear(BIGNUM *a)
-{
-    bn_check_top(a);
-    if (a->d != NULL)
-        OPENSSL_cleanse(a->d, a->dmax * sizeof(a->d[0]));
-    a->top = 0;
-    a->neg = 0;
-}
-
-BN_ULONG BN_get_word(const BIGNUM *a)
-{
-    if (a->top > 1)
-        return BN_MASK2;
-    else if (a->top == 1)
-        return a->d[0];
-    /* a->top == 0 */
-    return 0;
-}
-
-int BN_set_word(BIGNUM *a, BN_ULONG w)
-{
-    bn_check_top(a);
-    if (bn_expand(a, (int)sizeof(BN_ULONG) * 8) == NULL)
-        return (0);
-    a->neg = 0;
-    a->d[0] = w;
-    a->top = (w ? 1 : 0);
-    bn_check_top(a);
-    return (1);
-}
-
-BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
-{
-    unsigned int i, m;
-    unsigned int n;
-    BN_ULONG l;
-    BIGNUM *bn = NULL;
-
-    if (ret == NULL)
-        ret = bn = BN_new();
-    if (ret == NULL)
-        return (NULL);
-    bn_check_top(ret);
-    l = 0;
-    n = len;
-    if (n == 0) {
-        ret->top = 0;
-        return (ret);
-    }
-    i = ((n - 1) / BN_BYTES) + 1;
-    m = ((n - 1) % (BN_BYTES));
-    if (bn_wexpand(ret, (int)i) == NULL) {
-        if (bn)
-            BN_free(bn);
-        return NULL;
-    }
-    ret->top = i;
-    ret->neg = 0;
-    while (n--) {
-        l = (l << 8L) | *(s++);
-        if (m-- == 0) {
-            ret->d[--i] = l;
-            l = 0;
-            m = BN_BYTES - 1;
-        }
-    }
-    /*
-     * need to call this due to clear byte at top if avoiding having the top
-     * bit set (-ve number)
-     */
-    bn_correct_top(ret);
-    return (ret);
-}
-
-/* ignore negative */
-int BN_bn2bin(const BIGNUM *a, unsigned char *to)
-{
-    int n, i;
-    BN_ULONG l;
-
-    bn_check_top(a);
-    n = i = BN_num_bytes(a);
-    while (i--) {
-        l = a->d[i / BN_BYTES];
-        *(to++) = (unsigned char)(l >> (8 * (i % BN_BYTES))) & 0xff;
-    }
-    return (n);
-}
-
-int BN_ucmp(const BIGNUM *a, const BIGNUM *b)
-{
-    int i;
-    BN_ULONG t1, t2, *ap, *bp;
-
-    bn_check_top(a);
-    bn_check_top(b);
-
-    i = a->top - b->top;
-    if (i != 0)
-        return (i);
-    ap = a->d;
-    bp = b->d;
-    for (i = a->top - 1; i >= 0; i--) {
-        t1 = ap[i];
-        t2 = bp[i];
-        if (t1 != t2)
-            return ((t1 > t2) ? 1 : -1);
-    }
-    return (0);
-}
-
-int BN_cmp(const BIGNUM *a, const BIGNUM *b)
-{
-    int i;
-    int gt, lt;
-    BN_ULONG t1, t2;
-
-    if ((a == NULL) || (b == NULL)) {
-        if (a != NULL)
-            return (-1);
-        else if (b != NULL)
-            return (1);
-        else
-            return (0);
-    }
-
-    bn_check_top(a);
-    bn_check_top(b);
-
-    if (a->neg != b->neg) {
-        if (a->neg)
-            return (-1);
-        else
-            return (1);
-    }
-    if (a->neg == 0) {
-        gt = 1;
-        lt = -1;
-    } else {
-        gt = -1;
-        lt = 1;
-    }
-
-    if (a->top > b->top)
-        return (gt);
-    if (a->top < b->top)
-        return (lt);
-    for (i = a->top - 1; i >= 0; i--) {
-        t1 = a->d[i];
-        t2 = b->d[i];
-        if (t1 > t2)
-            return (gt);
-        if (t1 < t2)
-            return (lt);
-    }
-    return (0);
-}
-
-int BN_set_bit(BIGNUM *a, int n)
-{
-    int i, j, k;
-
-    if (n < 0)
-        return 0;
-
-    i = n / BN_BITS2;
-    j = n % BN_BITS2;
-    if (a->top <= i) {
-        if (bn_wexpand(a, i + 1) == NULL)
-            return (0);
-        for (k = a->top; k < i + 1; k++)
-            a->d[k] = 0;
-        a->top = i + 1;
-    }
-
-    a->d[i] |= (((BN_ULONG)1) << j);
-    bn_check_top(a);
-    return (1);
-}
-
-int BN_clear_bit(BIGNUM *a, int n)
-{
-    int i, j;
-
-    bn_check_top(a);
-    if (n < 0)
-        return 0;
-
-    i = n / BN_BITS2;
-    j = n % BN_BITS2;
-    if (a->top <= i)
-        return (0);
-
-    a->d[i] &= (~(((BN_ULONG)1) << j));
-    bn_correct_top(a);
-    return (1);
-}
-
-int BN_is_bit_set(const BIGNUM *a, int n)
-{
-    int i, j;
-
-    bn_check_top(a);
-    if (n < 0)
-        return 0;
-    i = n / BN_BITS2;
-    j = n % BN_BITS2;
-    if (a->top <= i)
-        return 0;
-    return (int)(((a->d[i]) >> j) & ((BN_ULONG)1));
-}
-
-int BN_mask_bits(BIGNUM *a, int n)
-{
-    int b, w;
-
-    bn_check_top(a);
-    if (n < 0)
-        return 0;
-
-    w = n / BN_BITS2;
-    b = n % BN_BITS2;
-    if (w >= a->top)
-        return 0;
-    if (b == 0)
-        a->top = w;
-    else {
-        a->top = w + 1;
-        a->d[w] &= ~(BN_MASK2 << b);
-    }
-    bn_correct_top(a);
-    return (1);
-}
-
-void BN_set_negative(BIGNUM *a, int b)
-{
-    if (b && !BN_is_zero(a))
-        a->neg = 1;
-    else
-        a->neg = 0;
-}
-
-int bn_cmp_words(const BN_ULONG *a, const BN_ULONG *b, int n)
-{
-    int i;
-    BN_ULONG aa, bb;
-
-    aa = a[n - 1];
-    bb = b[n - 1];
-    if (aa != bb)
-        return ((aa > bb) ? 1 : -1);
-    for (i = n - 2; i >= 0; i--) {
-        aa = a[i];
-        bb = b[i];
-        if (aa != bb)
-            return ((aa > bb) ? 1 : -1);
-    }
-    return (0);
-}
-
-/*
- * Here follows a specialised variants of bn_cmp_words().  It has the
- * property of performing the operation on arrays of different sizes. The
- * sizes of those arrays is expressed through cl, which is the common length
- * ( basicall, min(len(a),len(b)) ), and dl, which is the delta between the
- * two lengths, calculated as len(a)-len(b). All lengths are the number of
- * BN_ULONGs...
- */
-
-int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b, int cl, int dl)
-{
-    int n, i;
-    n = cl - 1;
-
-    if (dl < 0) {
-        for (i = dl; i < 0; i++) {
-            if (b[n - i] != 0)
-                return -1;      /* a < b */
-        }
-    }
-    if (dl > 0) {
-        for (i = dl; i > 0; i--) {
-            if (a[n + i] != 0)
-                return 1;       /* a > b */
-        }
-    }
-    return bn_cmp_words(a, b, cl);
-}
-
-/*
- * Constant-time conditional swap of a and b.
- * a and b are swapped if condition is not 0.  The code assumes that at most one bit of condition is set.
- * nwords is the number of words to swap.  The code assumes that at least nwords are allocated in both a and b,
- * and that no more than nwords are used by either a or b.
- * a and b cannot be the same number
- */
-void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords)
-{
-    BN_ULONG t;
-    int i;
-
-    bn_wcheck_size(a, nwords);
-    bn_wcheck_size(b, nwords);
-
-    assert(a != b);
-    assert((condition & (condition - 1)) == 0);
-    assert(sizeof(BN_ULONG) >= sizeof(int));
-
-    condition = ((condition - 1) >> (BN_BITS2 - 1)) - 1;
-
-    t = (a->top ^ b->top) & condition;
-    a->top ^= t;
-    b->top ^= t;
-
-#define BN_CONSTTIME_SWAP(ind) \
-        do { \
-                t = (a->d[ind] ^ b->d[ind]) & condition; \
-                a->d[ind] ^= t; \
-                b->d[ind] ^= t; \
-        } while (0)
-
-    switch (nwords) {
-    default:
-        for (i = 10; i < nwords; i++)
-            BN_CONSTTIME_SWAP(i);
-        /* Fallthrough */
-    case 10:
-        BN_CONSTTIME_SWAP(9);   /* Fallthrough */
-    case 9:
-        BN_CONSTTIME_SWAP(8);   /* Fallthrough */
-    case 8:
-        BN_CONSTTIME_SWAP(7);   /* Fallthrough */
-    case 7:
-        BN_CONSTTIME_SWAP(6);   /* Fallthrough */
-    case 6:
-        BN_CONSTTIME_SWAP(5);   /* Fallthrough */
-    case 5:
-        BN_CONSTTIME_SWAP(4);   /* Fallthrough */
-    case 4:
-        BN_CONSTTIME_SWAP(3);   /* Fallthrough */
-    case 3:
-        BN_CONSTTIME_SWAP(2);   /* Fallthrough */
-    case 2:
-        BN_CONSTTIME_SWAP(1);   /* Fallthrough */
-    case 1:
-        BN_CONSTTIME_SWAP(0);
-    }
-#undef BN_CONSTTIME_SWAP
-}
diff --git a/thirdparty/openssl/crypto/bn/bn_mod.c b/thirdparty/openssl/crypto/bn/bn_mod.c
deleted file mode 100644
index ffbce890cf..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_mod.c
+++ /dev/null
@@ -1,316 +0,0 @@
-/* crypto/bn/bn_mod.c */
-/*
- * Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
- * for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#if 0                           /* now just a #define */
-int BN_mod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx)
-{
-    return (BN_div(NULL, rem, m, d, ctx));
-    /* note that  rem->neg == m->neg  (unless the remainder is zero) */
-}
-#endif
-
-int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx)
-{
-    /*
-     * like BN_mod, but returns non-negative remainder (i.e., 0 <= r < |d|
-     * always holds)
-     */
-
-    if (!(BN_mod(r, m, d, ctx)))
-        return 0;
-    if (!r->neg)
-        return 1;
-    /* now   -|d| < r < 0,  so we have to set  r := r + |d| */
-    return (d->neg ? BN_sub : BN_add) (r, r, d);
-}
-
-int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
-               BN_CTX *ctx)
-{
-    if (!BN_add(r, a, b))
-        return 0;
-    return BN_nnmod(r, r, m, ctx);
-}
-
-/*
- * BN_mod_add variant that may be used if both a and b are non-negative and
- * less than m
- */
-int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-                     const BIGNUM *m)
-{
-    if (!BN_uadd(r, a, b))
-        return 0;
-    if (BN_ucmp(r, m) >= 0)
-        return BN_usub(r, r, m);
-    return 1;
-}
-
-int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
-               BN_CTX *ctx)
-{
-    if (!BN_sub(r, a, b))
-        return 0;
-    return BN_nnmod(r, r, m, ctx);
-}
-
-/*
- * BN_mod_sub variant that may be used if both a and b are non-negative and
- * less than m
- */
-int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-                     const BIGNUM *m)
-{
-    if (!BN_sub(r, a, b))
-        return 0;
-    if (r->neg)
-        return BN_add(r, r, m);
-    return 1;
-}
-
-/* slow but works */
-int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
-               BN_CTX *ctx)
-{
-    BIGNUM *t;
-    int ret = 0;
-
-    bn_check_top(a);
-    bn_check_top(b);
-    bn_check_top(m);
-
-    BN_CTX_start(ctx);
-    if ((t = BN_CTX_get(ctx)) == NULL)
-        goto err;
-    if (a == b) {
-        if (!BN_sqr(t, a, ctx))
-            goto err;
-    } else {
-        if (!BN_mul(t, a, b, ctx))
-            goto err;
-    }
-    if (!BN_nnmod(r, t, m, ctx))
-        goto err;
-    bn_check_top(r);
-    ret = 1;
- err:
-    BN_CTX_end(ctx);
-    return (ret);
-}
-
-int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx)
-{
-    if (!BN_sqr(r, a, ctx))
-        return 0;
-    /* r->neg == 0,  thus we don't need BN_nnmod */
-    return BN_mod(r, r, m, ctx);
-}
-
-int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx)
-{
-    if (!BN_lshift1(r, a))
-        return 0;
-    bn_check_top(r);
-    return BN_nnmod(r, r, m, ctx);
-}
-
-/*
- * BN_mod_lshift1 variant that may be used if a is non-negative and less than
- * m
- */
-int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m)
-{
-    if (!BN_lshift1(r, a))
-        return 0;
-    bn_check_top(r);
-    if (BN_cmp(r, m) >= 0)
-        return BN_sub(r, r, m);
-    return 1;
-}
-
-int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m,
-                  BN_CTX *ctx)
-{
-    BIGNUM *abs_m = NULL;
-    int ret;
-
-    if (!BN_nnmod(r, a, m, ctx))
-        return 0;
-
-    if (m->neg) {
-        abs_m = BN_dup(m);
-        if (abs_m == NULL)
-            return 0;
-        abs_m->neg = 0;
-    }
-
-    ret = BN_mod_lshift_quick(r, r, n, (abs_m ? abs_m : m));
-    bn_check_top(r);
-
-    if (abs_m)
-        BN_free(abs_m);
-    return ret;
-}
-
-/*
- * BN_mod_lshift variant that may be used if a is non-negative and less than
- * m
- */
-int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m)
-{
-    if (r != a) {
-        if (BN_copy(r, a) == NULL)
-            return 0;
-    }
-
-    while (n > 0) {
-        int max_shift;
-
-        /* 0 < r < m */
-        max_shift = BN_num_bits(m) - BN_num_bits(r);
-        /* max_shift >= 0 */
-
-        if (max_shift < 0) {
-            BNerr(BN_F_BN_MOD_LSHIFT_QUICK, BN_R_INPUT_NOT_REDUCED);
-            return 0;
-        }
-
-        if (max_shift > n)
-            max_shift = n;
-
-        if (max_shift) {
-            if (!BN_lshift(r, r, max_shift))
-                return 0;
-            n -= max_shift;
-        } else {
-            if (!BN_lshift1(r, r))
-                return 0;
-            --n;
-        }
-
-        /* BN_num_bits(r) <= BN_num_bits(m) */
-
-        if (BN_cmp(r, m) >= 0) {
-            if (!BN_sub(r, r, m))
-                return 0;
-        }
-    }
-    bn_check_top(r);
-
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/bn/bn_mont.c b/thirdparty/openssl/crypto/bn/bn_mont.c
deleted file mode 100644
index be95bd55d0..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_mont.c
+++ /dev/null
@@ -1,558 +0,0 @@
-/* crypto/bn/bn_mont.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * Details about Montgomery multiplication algorithms can be found at
- * http://security.ece.orst.edu/publications.html, e.g.
- * http://security.ece.orst.edu/koc/papers/j37acmon.pdf and
- * sections 3.8 and 4.2 in http://security.ece.orst.edu/koc/papers/r01rsasw.pdf
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#define MONT_WORD               /* use the faster word-based algorithm */
-
-#ifdef MONT_WORD
-static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont);
-#endif
-
-int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-                          BN_MONT_CTX *mont, BN_CTX *ctx)
-{
-    BIGNUM *tmp;
-    int ret = 0;
-#if defined(OPENSSL_BN_ASM_MONT) && defined(MONT_WORD)
-    int num = mont->N.top;
-
-    if (num > 1 && a->top == num && b->top == num) {
-        if (bn_wexpand(r, num) == NULL)
-            return (0);
-        if (bn_mul_mont(r->d, a->d, b->d, mont->N.d, mont->n0, num)) {
-            r->neg = a->neg ^ b->neg;
-            r->top = num;
-            bn_correct_top(r);
-            return (1);
-        }
-    }
-#endif
-
-    BN_CTX_start(ctx);
-    tmp = BN_CTX_get(ctx);
-    if (tmp == NULL)
-        goto err;
-
-    bn_check_top(tmp);
-    if (a == b) {
-        if (!BN_sqr(tmp, a, ctx))
-            goto err;
-    } else {
-        if (!BN_mul(tmp, a, b, ctx))
-            goto err;
-    }
-    /* reduce from aRR to aR */
-#ifdef MONT_WORD
-    if (!BN_from_montgomery_word(r, tmp, mont))
-        goto err;
-#else
-    if (!BN_from_montgomery(r, tmp, mont, ctx))
-        goto err;
-#endif
-    bn_check_top(r);
-    ret = 1;
- err:
-    BN_CTX_end(ctx);
-    return (ret);
-}
-
-#ifdef MONT_WORD
-static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
-{
-    BIGNUM *n;
-    BN_ULONG *ap, *np, *rp, n0, v, carry;
-    int nl, max, i;
-
-    n = &(mont->N);
-    nl = n->top;
-    if (nl == 0) {
-        ret->top = 0;
-        return (1);
-    }
-
-    max = (2 * nl);             /* carry is stored separately */
-    if (bn_wexpand(r, max) == NULL)
-        return (0);
-
-    r->neg ^= n->neg;
-    np = n->d;
-    rp = r->d;
-
-    /* clear the top words of T */
-# if 1
-    for (i = r->top; i < max; i++) /* memset? XXX */
-        rp[i] = 0;
-# else
-    memset(&(rp[r->top]), 0, (max - r->top) * sizeof(BN_ULONG));
-# endif
-
-    r->top = max;
-    n0 = mont->n0[0];
-
-# ifdef BN_COUNT
-    fprintf(stderr, "word BN_from_montgomery_word %d * %d\n", nl, nl);
-# endif
-    for (carry = 0, i = 0; i < nl; i++, rp++) {
-# ifdef __TANDEM
-        {
-            long long t1;
-            long long t2;
-            long long t3;
-            t1 = rp[0] * (n0 & 0177777);
-            t2 = 037777600000l;
-            t2 = n0 & t2;
-            t3 = rp[0] & 0177777;
-            t2 = (t3 * t2) & BN_MASK2;
-            t1 = t1 + t2;
-            v = bn_mul_add_words(rp, np, nl, (BN_ULONG)t1);
-        }
-# else
-        v = bn_mul_add_words(rp, np, nl, (rp[0] * n0) & BN_MASK2);
-# endif
-        v = (v + carry + rp[nl]) & BN_MASK2;
-        carry |= (v != rp[nl]);
-        carry &= (v <= rp[nl]);
-        rp[nl] = v;
-    }
-
-    if (bn_wexpand(ret, nl) == NULL)
-        return (0);
-    ret->top = nl;
-    ret->neg = r->neg;
-
-    rp = ret->d;
-    ap = &(r->d[nl]);
-
-# define BRANCH_FREE 1
-# if BRANCH_FREE
-    {
-        BN_ULONG *nrp;
-        size_t m;
-
-        v = bn_sub_words(rp, ap, np, nl) - carry;
-        /*
-         * if subtraction result is real, then trick unconditional memcpy
-         * below to perform in-place "refresh" instead of actual copy.
-         */
-        m = (0 - (size_t)v);
-        nrp =
-            (BN_ULONG *)(((PTR_SIZE_INT) rp & ~m) | ((PTR_SIZE_INT) ap & m));
-
-        for (i = 0, nl -= 4; i < nl; i += 4) {
-            BN_ULONG t1, t2, t3, t4;
-
-            t1 = nrp[i + 0];
-            t2 = nrp[i + 1];
-            t3 = nrp[i + 2];
-            ap[i + 0] = 0;
-            t4 = nrp[i + 3];
-            ap[i + 1] = 0;
-            rp[i + 0] = t1;
-            ap[i + 2] = 0;
-            rp[i + 1] = t2;
-            ap[i + 3] = 0;
-            rp[i + 2] = t3;
-            rp[i + 3] = t4;
-        }
-        for (nl += 4; i < nl; i++)
-            rp[i] = nrp[i], ap[i] = 0;
-    }
-# else
-    if (bn_sub_words(rp, ap, np, nl) - carry)
-        memcpy(rp, ap, nl * sizeof(BN_ULONG));
-# endif
-    bn_correct_top(r);
-    bn_correct_top(ret);
-    bn_check_top(ret);
-
-    return (1);
-}
-#endif                          /* MONT_WORD */
-
-int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
-                       BN_CTX *ctx)
-{
-    int retn = 0;
-#ifdef MONT_WORD
-    BIGNUM *t;
-
-    BN_CTX_start(ctx);
-    if ((t = BN_CTX_get(ctx)) && BN_copy(t, a))
-        retn = BN_from_montgomery_word(ret, t, mont);
-    BN_CTX_end(ctx);
-#else                           /* !MONT_WORD */
-    BIGNUM *t1, *t2;
-
-    BN_CTX_start(ctx);
-    t1 = BN_CTX_get(ctx);
-    t2 = BN_CTX_get(ctx);
-    if (t1 == NULL || t2 == NULL)
-        goto err;
-
-    if (!BN_copy(t1, a))
-        goto err;
-    BN_mask_bits(t1, mont->ri);
-
-    if (!BN_mul(t2, t1, &mont->Ni, ctx))
-        goto err;
-    BN_mask_bits(t2, mont->ri);
-
-    if (!BN_mul(t1, t2, &mont->N, ctx))
-        goto err;
-    if (!BN_add(t2, a, t1))
-        goto err;
-    if (!BN_rshift(ret, t2, mont->ri))
-        goto err;
-
-    if (BN_ucmp(ret, &(mont->N)) >= 0) {
-        if (!BN_usub(ret, ret, &(mont->N)))
-            goto err;
-    }
-    retn = 1;
-    bn_check_top(ret);
- err:
-    BN_CTX_end(ctx);
-#endif                          /* MONT_WORD */
-    return (retn);
-}
-
-BN_MONT_CTX *BN_MONT_CTX_new(void)
-{
-    BN_MONT_CTX *ret;
-
-    if ((ret = (BN_MONT_CTX *)OPENSSL_malloc(sizeof(BN_MONT_CTX))) == NULL)
-        return (NULL);
-
-    BN_MONT_CTX_init(ret);
-    ret->flags = BN_FLG_MALLOCED;
-    return (ret);
-}
-
-void BN_MONT_CTX_init(BN_MONT_CTX *ctx)
-{
-    ctx->ri = 0;
-    BN_init(&(ctx->RR));
-    BN_init(&(ctx->N));
-    BN_init(&(ctx->Ni));
-    ctx->n0[0] = ctx->n0[1] = 0;
-    ctx->flags = 0;
-}
-
-void BN_MONT_CTX_free(BN_MONT_CTX *mont)
-{
-    if (mont == NULL)
-        return;
-
-    BN_clear_free(&(mont->RR));
-    BN_clear_free(&(mont->N));
-    BN_clear_free(&(mont->Ni));
-    if (mont->flags & BN_FLG_MALLOCED)
-        OPENSSL_free(mont);
-}
-
-int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
-{
-    int ret = 0;
-    BIGNUM *Ri, *R;
-
-    if (BN_is_zero(mod))
-        return 0;
-
-    BN_CTX_start(ctx);
-    if ((Ri = BN_CTX_get(ctx)) == NULL)
-        goto err;
-    R = &(mont->RR);            /* grab RR as a temp */
-    if (!BN_copy(&(mont->N), mod))
-        goto err;               /* Set N */
-    mont->N.neg = 0;
-
-#ifdef MONT_WORD
-    {
-        BIGNUM tmod;
-        BN_ULONG buf[2];
-
-        BN_init(&tmod);
-        tmod.d = buf;
-        tmod.dmax = 2;
-        tmod.neg = 0;
-
-        mont->ri = (BN_num_bits(mod) + (BN_BITS2 - 1)) / BN_BITS2 * BN_BITS2;
-
-# if defined(OPENSSL_BN_ASM_MONT) && (BN_BITS2<=32)
-        /*
-         * Only certain BN_BITS2<=32 platforms actually make use of n0[1],
-         * and we could use the #else case (with a shorter R value) for the
-         * others.  However, currently only the assembler files do know which
-         * is which.
-         */
-
-        BN_zero(R);
-        if (!(BN_set_bit(R, 2 * BN_BITS2)))
-            goto err;
-
-        tmod.top = 0;
-        if ((buf[0] = mod->d[0]))
-            tmod.top = 1;
-        if ((buf[1] = mod->top > 1 ? mod->d[1] : 0))
-            tmod.top = 2;
-
-        if ((BN_mod_inverse(Ri, R, &tmod, ctx)) == NULL)
-            goto err;
-        if (!BN_lshift(Ri, Ri, 2 * BN_BITS2))
-            goto err;           /* R*Ri */
-        if (!BN_is_zero(Ri)) {
-            if (!BN_sub_word(Ri, 1))
-                goto err;
-        } else {                /* if N mod word size == 1 */
-
-            if (bn_expand(Ri, (int)sizeof(BN_ULONG) * 2) == NULL)
-                goto err;
-            /* Ri-- (mod double word size) */
-            Ri->neg = 0;
-            Ri->d[0] = BN_MASK2;
-            Ri->d[1] = BN_MASK2;
-            Ri->top = 2;
-        }
-        if (!BN_div(Ri, NULL, Ri, &tmod, ctx))
-            goto err;
-        /*
-         * Ni = (R*Ri-1)/N, keep only couple of least significant words:
-         */
-        mont->n0[0] = (Ri->top > 0) ? Ri->d[0] : 0;
-        mont->n0[1] = (Ri->top > 1) ? Ri->d[1] : 0;
-# else
-        BN_zero(R);
-        if (!(BN_set_bit(R, BN_BITS2)))
-            goto err;           /* R */
-
-        buf[0] = mod->d[0];     /* tmod = N mod word size */
-        buf[1] = 0;
-        tmod.top = buf[0] != 0 ? 1 : 0;
-        /* Ri = R^-1 mod N */
-        if ((BN_mod_inverse(Ri, R, &tmod, ctx)) == NULL)
-            goto err;
-        if (!BN_lshift(Ri, Ri, BN_BITS2))
-            goto err;           /* R*Ri */
-        if (!BN_is_zero(Ri)) {
-            if (!BN_sub_word(Ri, 1))
-                goto err;
-        } else {                /* if N mod word size == 1 */
-
-            if (!BN_set_word(Ri, BN_MASK2))
-                goto err;       /* Ri-- (mod word size) */
-        }
-        if (!BN_div(Ri, NULL, Ri, &tmod, ctx))
-            goto err;
-        /*
-         * Ni = (R*Ri-1)/N, keep only least significant word:
-         */
-        mont->n0[0] = (Ri->top > 0) ? Ri->d[0] : 0;
-        mont->n0[1] = 0;
-# endif
-    }
-#else                           /* !MONT_WORD */
-    {                           /* bignum version */
-        mont->ri = BN_num_bits(&mont->N);
-        BN_zero(R);
-        if (!BN_set_bit(R, mont->ri))
-            goto err;           /* R = 2^ri */
-        /* Ri = R^-1 mod N */
-        if ((BN_mod_inverse(Ri, R, &mont->N, ctx)) == NULL)
-            goto err;
-        if (!BN_lshift(Ri, Ri, mont->ri))
-            goto err;           /* R*Ri */
-        if (!BN_sub_word(Ri, 1))
-            goto err;
-        /*
-         * Ni = (R*Ri-1) / N
-         */
-        if (!BN_div(&(mont->Ni), NULL, Ri, &mont->N, ctx))
-            goto err;
-    }
-#endif
-
-    /* setup RR for conversions */
-    BN_zero(&(mont->RR));
-    if (!BN_set_bit(&(mont->RR), mont->ri * 2))
-        goto err;
-    if (!BN_mod(&(mont->RR), &(mont->RR), &(mont->N), ctx))
-        goto err;
-
-    ret = 1;
- err:
-    BN_CTX_end(ctx);
-    return ret;
-}
-
-BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from)
-{
-    if (to == from)
-        return (to);
-
-    if (!BN_copy(&(to->RR), &(from->RR)))
-        return NULL;
-    if (!BN_copy(&(to->N), &(from->N)))
-        return NULL;
-    if (!BN_copy(&(to->Ni), &(from->Ni)))
-        return NULL;
-    to->ri = from->ri;
-    to->n0[0] = from->n0[0];
-    to->n0[1] = from->n0[1];
-    return (to);
-}
-
-BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
-                                    const BIGNUM *mod, BN_CTX *ctx)
-{
-    BN_MONT_CTX *ret;
-
-    CRYPTO_r_lock(lock);
-    ret = *pmont;
-    CRYPTO_r_unlock(lock);
-    if (ret)
-        return ret;
-
-    /*
-     * We don't want to serialise globally while doing our lazy-init math in
-     * BN_MONT_CTX_set. That punishes threads that are doing independent
-     * things. Instead, punish the case where more than one thread tries to
-     * lazy-init the same 'pmont', by having each do the lazy-init math work
-     * independently and only use the one from the thread that wins the race
-     * (the losers throw away the work they've done).
-     */
-    ret = BN_MONT_CTX_new();
-    if (!ret)
-        return NULL;
-    if (!BN_MONT_CTX_set(ret, mod, ctx)) {
-        BN_MONT_CTX_free(ret);
-        return NULL;
-    }
-
-    /* The locked compare-and-set, after the local work is done. */
-    CRYPTO_w_lock(lock);
-    if (*pmont) {
-        BN_MONT_CTX_free(ret);
-        ret = *pmont;
-    } else
-        *pmont = ret;
-    CRYPTO_w_unlock(lock);
-    return ret;
-}
diff --git a/thirdparty/openssl/crypto/bn/bn_mpi.c b/thirdparty/openssl/crypto/bn/bn_mpi.c
deleted file mode 100644
index 3bd40bbd2b..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_mpi.c
+++ /dev/null
@@ -1,128 +0,0 @@
-/* crypto/bn/bn_mpi.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-int BN_bn2mpi(const BIGNUM *a, unsigned char *d)
-{
-    int bits;
-    int num = 0;
-    int ext = 0;
-    long l;
-
-    bits = BN_num_bits(a);
-    num = (bits + 7) / 8;
-    if (bits > 0) {
-        ext = ((bits & 0x07) == 0);
-    }
-    if (d == NULL)
-        return (num + 4 + ext);
-
-    l = num + ext;
-    d[0] = (unsigned char)(l >> 24) & 0xff;
-    d[1] = (unsigned char)(l >> 16) & 0xff;
-    d[2] = (unsigned char)(l >> 8) & 0xff;
-    d[3] = (unsigned char)(l) & 0xff;
-    if (ext)
-        d[4] = 0;
-    num = BN_bn2bin(a, &(d[4 + ext]));
-    if (a->neg)
-        d[4] |= 0x80;
-    return (num + 4 + ext);
-}
-
-BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *a)
-{
-    long len;
-    int neg = 0;
-
-    if (n < 4) {
-        BNerr(BN_F_BN_MPI2BN, BN_R_INVALID_LENGTH);
-        return (NULL);
-    }
-    len = ((long)d[0] << 24) | ((long)d[1] << 16) | ((int)d[2] << 8) | (int)
-        d[3];
-    if ((len + 4) != n) {
-        BNerr(BN_F_BN_MPI2BN, BN_R_ENCODING_ERROR);
-        return (NULL);
-    }
-
-    if (a == NULL)
-        a = BN_new();
-    if (a == NULL)
-        return (NULL);
-
-    if (len == 0) {
-        a->neg = 0;
-        a->top = 0;
-        return (a);
-    }
-    d += 4;
-    if ((*d) & 0x80)
-        neg = 1;
-    if (BN_bin2bn(d, (int)len, a) == NULL)
-        return (NULL);
-    a->neg = neg;
-    if (neg) {
-        BN_clear_bit(a, BN_num_bits(a) - 1);
-    }
-    bn_check_top(a);
-    return (a);
-}
diff --git a/thirdparty/openssl/crypto/bn/bn_mul.c b/thirdparty/openssl/crypto/bn/bn_mul.c
deleted file mode 100644
index 3c618dc307..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_mul.c
+++ /dev/null
@@ -1,1165 +0,0 @@
-/* crypto/bn/bn_mul.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef BN_DEBUG
-# undef NDEBUG                  /* avoid conflicting definitions */
-# define NDEBUG
-#endif
-
-#include <stdio.h>
-#include <assert.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-#if defined(OPENSSL_NO_ASM) || !defined(OPENSSL_BN_ASM_PART_WORDS)
-/*
- * Here follows specialised variants of bn_add_words() and bn_sub_words().
- * They have the property performing operations on arrays of different sizes.
- * The sizes of those arrays is expressed through cl, which is the common
- * length ( basicall, min(len(a),len(b)) ), and dl, which is the delta
- * between the two lengths, calculated as len(a)-len(b). All lengths are the
- * number of BN_ULONGs...  For the operations that require a result array as
- * parameter, it must have the length cl+abs(dl). These functions should
- * probably end up in bn_asm.c as soon as there are assembler counterparts
- * for the systems that use assembler files.
- */
-
-BN_ULONG bn_sub_part_words(BN_ULONG *r,
-                           const BN_ULONG *a, const BN_ULONG *b,
-                           int cl, int dl)
-{
-    BN_ULONG c, t;
-
-    assert(cl >= 0);
-    c = bn_sub_words(r, a, b, cl);
-
-    if (dl == 0)
-        return c;
-
-    r += cl;
-    a += cl;
-    b += cl;
-
-    if (dl < 0) {
-# ifdef BN_COUNT
-        fprintf(stderr, "  bn_sub_part_words %d + %d (dl < 0, c = %d)\n", cl,
-                dl, c);
-# endif
-        for (;;) {
-            t = b[0];
-            r[0] = (0 - t - c) & BN_MASK2;
-            if (t != 0)
-                c = 1;
-            if (++dl >= 0)
-                break;
-
-            t = b[1];
-            r[1] = (0 - t - c) & BN_MASK2;
-            if (t != 0)
-                c = 1;
-            if (++dl >= 0)
-                break;
-
-            t = b[2];
-            r[2] = (0 - t - c) & BN_MASK2;
-            if (t != 0)
-                c = 1;
-            if (++dl >= 0)
-                break;
-
-            t = b[3];
-            r[3] = (0 - t - c) & BN_MASK2;
-            if (t != 0)
-                c = 1;
-            if (++dl >= 0)
-                break;
-
-            b += 4;
-            r += 4;
-        }
-    } else {
-        int save_dl = dl;
-# ifdef BN_COUNT
-        fprintf(stderr, "  bn_sub_part_words %d + %d (dl > 0, c = %d)\n", cl,
-                dl, c);
-# endif
-        while (c) {
-            t = a[0];
-            r[0] = (t - c) & BN_MASK2;
-            if (t != 0)
-                c = 0;
-            if (--dl <= 0)
-                break;
-
-            t = a[1];
-            r[1] = (t - c) & BN_MASK2;
-            if (t != 0)
-                c = 0;
-            if (--dl <= 0)
-                break;
-
-            t = a[2];
-            r[2] = (t - c) & BN_MASK2;
-            if (t != 0)
-                c = 0;
-            if (--dl <= 0)
-                break;
-
-            t = a[3];
-            r[3] = (t - c) & BN_MASK2;
-            if (t != 0)
-                c = 0;
-            if (--dl <= 0)
-                break;
-
-            save_dl = dl;
-            a += 4;
-            r += 4;
-        }
-        if (dl > 0) {
-# ifdef BN_COUNT
-            fprintf(stderr, "  bn_sub_part_words %d + %d (dl > 0, c == 0)\n",
-                    cl, dl);
-# endif
-            if (save_dl > dl) {
-                switch (save_dl - dl) {
-                case 1:
-                    r[1] = a[1];
-                    if (--dl <= 0)
-                        break;
-                case 2:
-                    r[2] = a[2];
-                    if (--dl <= 0)
-                        break;
-                case 3:
-                    r[3] = a[3];
-                    if (--dl <= 0)
-                        break;
-                }
-                a += 4;
-                r += 4;
-            }
-        }
-        if (dl > 0) {
-# ifdef BN_COUNT
-            fprintf(stderr, "  bn_sub_part_words %d + %d (dl > 0, copy)\n",
-                    cl, dl);
-# endif
-            for (;;) {
-                r[0] = a[0];
-                if (--dl <= 0)
-                    break;
-                r[1] = a[1];
-                if (--dl <= 0)
-                    break;
-                r[2] = a[2];
-                if (--dl <= 0)
-                    break;
-                r[3] = a[3];
-                if (--dl <= 0)
-                    break;
-
-                a += 4;
-                r += 4;
-            }
-        }
-    }
-    return c;
-}
-#endif
-
-BN_ULONG bn_add_part_words(BN_ULONG *r,
-                           const BN_ULONG *a, const BN_ULONG *b,
-                           int cl, int dl)
-{
-    BN_ULONG c, l, t;
-
-    assert(cl >= 0);
-    c = bn_add_words(r, a, b, cl);
-
-    if (dl == 0)
-        return c;
-
-    r += cl;
-    a += cl;
-    b += cl;
-
-    if (dl < 0) {
-        int save_dl = dl;
-#ifdef BN_COUNT
-        fprintf(stderr, "  bn_add_part_words %d + %d (dl < 0, c = %d)\n", cl,
-                dl, c);
-#endif
-        while (c) {
-            l = (c + b[0]) & BN_MASK2;
-            c = (l < c);
-            r[0] = l;
-            if (++dl >= 0)
-                break;
-
-            l = (c + b[1]) & BN_MASK2;
-            c = (l < c);
-            r[1] = l;
-            if (++dl >= 0)
-                break;
-
-            l = (c + b[2]) & BN_MASK2;
-            c = (l < c);
-            r[2] = l;
-            if (++dl >= 0)
-                break;
-
-            l = (c + b[3]) & BN_MASK2;
-            c = (l < c);
-            r[3] = l;
-            if (++dl >= 0)
-                break;
-
-            save_dl = dl;
-            b += 4;
-            r += 4;
-        }
-        if (dl < 0) {
-#ifdef BN_COUNT
-            fprintf(stderr, "  bn_add_part_words %d + %d (dl < 0, c == 0)\n",
-                    cl, dl);
-#endif
-            if (save_dl < dl) {
-                switch (dl - save_dl) {
-                case 1:
-                    r[1] = b[1];
-                    if (++dl >= 0)
-                        break;
-                case 2:
-                    r[2] = b[2];
-                    if (++dl >= 0)
-                        break;
-                case 3:
-                    r[3] = b[3];
-                    if (++dl >= 0)
-                        break;
-                }
-                b += 4;
-                r += 4;
-            }
-        }
-        if (dl < 0) {
-#ifdef BN_COUNT
-            fprintf(stderr, "  bn_add_part_words %d + %d (dl < 0, copy)\n",
-                    cl, dl);
-#endif
-            for (;;) {
-                r[0] = b[0];
-                if (++dl >= 0)
-                    break;
-                r[1] = b[1];
-                if (++dl >= 0)
-                    break;
-                r[2] = b[2];
-                if (++dl >= 0)
-                    break;
-                r[3] = b[3];
-                if (++dl >= 0)
-                    break;
-
-                b += 4;
-                r += 4;
-            }
-        }
-    } else {
-        int save_dl = dl;
-#ifdef BN_COUNT
-        fprintf(stderr, "  bn_add_part_words %d + %d (dl > 0)\n", cl, dl);
-#endif
-        while (c) {
-            t = (a[0] + c) & BN_MASK2;
-            c = (t < c);
-            r[0] = t;
-            if (--dl <= 0)
-                break;
-
-            t = (a[1] + c) & BN_MASK2;
-            c = (t < c);
-            r[1] = t;
-            if (--dl <= 0)
-                break;
-
-            t = (a[2] + c) & BN_MASK2;
-            c = (t < c);
-            r[2] = t;
-            if (--dl <= 0)
-                break;
-
-            t = (a[3] + c) & BN_MASK2;
-            c = (t < c);
-            r[3] = t;
-            if (--dl <= 0)
-                break;
-
-            save_dl = dl;
-            a += 4;
-            r += 4;
-        }
-#ifdef BN_COUNT
-        fprintf(stderr, "  bn_add_part_words %d + %d (dl > 0, c == 0)\n", cl,
-                dl);
-#endif
-        if (dl > 0) {
-            if (save_dl > dl) {
-                switch (save_dl - dl) {
-                case 1:
-                    r[1] = a[1];
-                    if (--dl <= 0)
-                        break;
-                case 2:
-                    r[2] = a[2];
-                    if (--dl <= 0)
-                        break;
-                case 3:
-                    r[3] = a[3];
-                    if (--dl <= 0)
-                        break;
-                }
-                a += 4;
-                r += 4;
-            }
-        }
-        if (dl > 0) {
-#ifdef BN_COUNT
-            fprintf(stderr, "  bn_add_part_words %d + %d (dl > 0, copy)\n",
-                    cl, dl);
-#endif
-            for (;;) {
-                r[0] = a[0];
-                if (--dl <= 0)
-                    break;
-                r[1] = a[1];
-                if (--dl <= 0)
-                    break;
-                r[2] = a[2];
-                if (--dl <= 0)
-                    break;
-                r[3] = a[3];
-                if (--dl <= 0)
-                    break;
-
-                a += 4;
-                r += 4;
-            }
-        }
-    }
-    return c;
-}
-
-#ifdef BN_RECURSION
-/*
- * Karatsuba recursive multiplication algorithm (cf. Knuth, The Art of
- * Computer Programming, Vol. 2)
- */
-
-/*-
- * r is 2*n2 words in size,
- * a and b are both n2 words in size.
- * n2 must be a power of 2.
- * We multiply and return the result.
- * t must be 2*n2 words in size
- * We calculate
- * a[0]*b[0]
- * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
- * a[1]*b[1]
- */
-/* dnX may not be positive, but n2/2+dnX has to be */
-void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
-                      int dna, int dnb, BN_ULONG *t)
-{
-    int n = n2 / 2, c1, c2;
-    int tna = n + dna, tnb = n + dnb;
-    unsigned int neg, zero;
-    BN_ULONG ln, lo, *p;
-
-# ifdef BN_COUNT
-    fprintf(stderr, " bn_mul_recursive %d%+d * %d%+d\n", n2, dna, n2, dnb);
-# endif
-# ifdef BN_MUL_COMBA
-#  if 0
-    if (n2 == 4) {
-        bn_mul_comba4(r, a, b);
-        return;
-    }
-#  endif
-    /*
-     * Only call bn_mul_comba 8 if n2 == 8 and the two arrays are complete
-     * [steve]
-     */
-    if (n2 == 8 && dna == 0 && dnb == 0) {
-        bn_mul_comba8(r, a, b);
-        return;
-    }
-# endif                         /* BN_MUL_COMBA */
-    /* Else do normal multiply */
-    if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL) {
-        bn_mul_normal(r, a, n2 + dna, b, n2 + dnb);
-        if ((dna + dnb) < 0)
-            memset(&r[2 * n2 + dna + dnb], 0,
-                   sizeof(BN_ULONG) * -(dna + dnb));
-        return;
-    }
-    /* r=(a[0]-a[1])*(b[1]-b[0]) */
-    c1 = bn_cmp_part_words(a, &(a[n]), tna, n - tna);
-    c2 = bn_cmp_part_words(&(b[n]), b, tnb, tnb - n);
-    zero = neg = 0;
-    switch (c1 * 3 + c2) {
-    case -4:
-        bn_sub_part_words(t, &(a[n]), a, tna, tna - n); /* - */
-        bn_sub_part_words(&(t[n]), b, &(b[n]), tnb, n - tnb); /* - */
-        break;
-    case -3:
-        zero = 1;
-        break;
-    case -2:
-        bn_sub_part_words(t, &(a[n]), a, tna, tna - n); /* - */
-        bn_sub_part_words(&(t[n]), &(b[n]), b, tnb, tnb - n); /* + */
-        neg = 1;
-        break;
-    case -1:
-    case 0:
-    case 1:
-        zero = 1;
-        break;
-    case 2:
-        bn_sub_part_words(t, a, &(a[n]), tna, n - tna); /* + */
-        bn_sub_part_words(&(t[n]), b, &(b[n]), tnb, n - tnb); /* - */
-        neg = 1;
-        break;
-    case 3:
-        zero = 1;
-        break;
-    case 4:
-        bn_sub_part_words(t, a, &(a[n]), tna, n - tna);
-        bn_sub_part_words(&(t[n]), &(b[n]), b, tnb, tnb - n);
-        break;
-    }
-
-# ifdef BN_MUL_COMBA
-    if (n == 4 && dna == 0 && dnb == 0) { /* XXX: bn_mul_comba4 could take
-                                           * extra args to do this well */
-        if (!zero)
-            bn_mul_comba4(&(t[n2]), t, &(t[n]));
-        else
-            memset(&(t[n2]), 0, 8 * sizeof(BN_ULONG));
-
-        bn_mul_comba4(r, a, b);
-        bn_mul_comba4(&(r[n2]), &(a[n]), &(b[n]));
-    } else if (n == 8 && dna == 0 && dnb == 0) { /* XXX: bn_mul_comba8 could
-                                                  * take extra args to do
-                                                  * this well */
-        if (!zero)
-            bn_mul_comba8(&(t[n2]), t, &(t[n]));
-        else
-            memset(&(t[n2]), 0, 16 * sizeof(BN_ULONG));
-
-        bn_mul_comba8(r, a, b);
-        bn_mul_comba8(&(r[n2]), &(a[n]), &(b[n]));
-    } else
-# endif                         /* BN_MUL_COMBA */
-    {
-        p = &(t[n2 * 2]);
-        if (!zero)
-            bn_mul_recursive(&(t[n2]), t, &(t[n]), n, 0, 0, p);
-        else
-            memset(&(t[n2]), 0, n2 * sizeof(BN_ULONG));
-        bn_mul_recursive(r, a, b, n, 0, 0, p);
-        bn_mul_recursive(&(r[n2]), &(a[n]), &(b[n]), n, dna, dnb, p);
-    }
-
-    /*-
-     * t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
-     * r[10] holds (a[0]*b[0])
-     * r[32] holds (b[1]*b[1])
-     */
-
-    c1 = (int)(bn_add_words(t, r, &(r[n2]), n2));
-
-    if (neg) {                  /* if t[32] is negative */
-        c1 -= (int)(bn_sub_words(&(t[n2]), t, &(t[n2]), n2));
-    } else {
-        /* Might have a carry */
-        c1 += (int)(bn_add_words(&(t[n2]), &(t[n2]), t, n2));
-    }
-
-    /*-
-     * t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
-     * r[10] holds (a[0]*b[0])
-     * r[32] holds (b[1]*b[1])
-     * c1 holds the carry bits
-     */
-    c1 += (int)(bn_add_words(&(r[n]), &(r[n]), &(t[n2]), n2));
-    if (c1) {
-        p = &(r[n + n2]);
-        lo = *p;
-        ln = (lo + c1) & BN_MASK2;
-        *p = ln;
-
-        /*
-         * The overflow will stop before we over write words we should not
-         * overwrite
-         */
-        if (ln < (BN_ULONG)c1) {
-            do {
-                p++;
-                lo = *p;
-                ln = (lo + 1) & BN_MASK2;
-                *p = ln;
-            } while (ln == 0);
-        }
-    }
-}
-
-/*
- * n+tn is the word length t needs to be n*4 is size, as does r
- */
-/* tnX may not be negative but less than n */
-void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
-                           int tna, int tnb, BN_ULONG *t)
-{
-    int i, j, n2 = n * 2;
-    int c1, c2, neg;
-    BN_ULONG ln, lo, *p;
-
-# ifdef BN_COUNT
-    fprintf(stderr, " bn_mul_part_recursive (%d%+d) * (%d%+d)\n",
-            n, tna, n, tnb);
-# endif
-    if (n < 8) {
-        bn_mul_normal(r, a, n + tna, b, n + tnb);
-        return;
-    }
-
-    /* r=(a[0]-a[1])*(b[1]-b[0]) */
-    c1 = bn_cmp_part_words(a, &(a[n]), tna, n - tna);
-    c2 = bn_cmp_part_words(&(b[n]), b, tnb, tnb - n);
-    neg = 0;
-    switch (c1 * 3 + c2) {
-    case -4:
-        bn_sub_part_words(t, &(a[n]), a, tna, tna - n); /* - */
-        bn_sub_part_words(&(t[n]), b, &(b[n]), tnb, n - tnb); /* - */
-        break;
-    case -3:
-        /* break; */
-    case -2:
-        bn_sub_part_words(t, &(a[n]), a, tna, tna - n); /* - */
-        bn_sub_part_words(&(t[n]), &(b[n]), b, tnb, tnb - n); /* + */
-        neg = 1;
-        break;
-    case -1:
-    case 0:
-    case 1:
-        /* break; */
-    case 2:
-        bn_sub_part_words(t, a, &(a[n]), tna, n - tna); /* + */
-        bn_sub_part_words(&(t[n]), b, &(b[n]), tnb, n - tnb); /* - */
-        neg = 1;
-        break;
-    case 3:
-        /* break; */
-    case 4:
-        bn_sub_part_words(t, a, &(a[n]), tna, n - tna);
-        bn_sub_part_words(&(t[n]), &(b[n]), b, tnb, tnb - n);
-        break;
-    }
-    /*
-     * The zero case isn't yet implemented here. The speedup would probably
-     * be negligible.
-     */
-# if 0
-    if (n == 4) {
-        bn_mul_comba4(&(t[n2]), t, &(t[n]));
-        bn_mul_comba4(r, a, b);
-        bn_mul_normal(&(r[n2]), &(a[n]), tn, &(b[n]), tn);
-        memset(&(r[n2 + tn * 2]), 0, sizeof(BN_ULONG) * (n2 - tn * 2));
-    } else
-# endif
-    if (n == 8) {
-        bn_mul_comba8(&(t[n2]), t, &(t[n]));
-        bn_mul_comba8(r, a, b);
-        bn_mul_normal(&(r[n2]), &(a[n]), tna, &(b[n]), tnb);
-        memset(&(r[n2 + tna + tnb]), 0, sizeof(BN_ULONG) * (n2 - tna - tnb));
-    } else {
-        p = &(t[n2 * 2]);
-        bn_mul_recursive(&(t[n2]), t, &(t[n]), n, 0, 0, p);
-        bn_mul_recursive(r, a, b, n, 0, 0, p);
-        i = n / 2;
-        /*
-         * If there is only a bottom half to the number, just do it
-         */
-        if (tna > tnb)
-            j = tna - i;
-        else
-            j = tnb - i;
-        if (j == 0) {
-            bn_mul_recursive(&(r[n2]), &(a[n]), &(b[n]),
-                             i, tna - i, tnb - i, p);
-            memset(&(r[n2 + i * 2]), 0, sizeof(BN_ULONG) * (n2 - i * 2));
-        } else if (j > 0) {     /* eg, n == 16, i == 8 and tn == 11 */
-            bn_mul_part_recursive(&(r[n2]), &(a[n]), &(b[n]),
-                                  i, tna - i, tnb - i, p);
-            memset(&(r[n2 + tna + tnb]), 0,
-                   sizeof(BN_ULONG) * (n2 - tna - tnb));
-        } else {                /* (j < 0) eg, n == 16, i == 8 and tn == 5 */
-
-            memset(&(r[n2]), 0, sizeof(BN_ULONG) * n2);
-            if (tna < BN_MUL_RECURSIVE_SIZE_NORMAL
-                && tnb < BN_MUL_RECURSIVE_SIZE_NORMAL) {
-                bn_mul_normal(&(r[n2]), &(a[n]), tna, &(b[n]), tnb);
-            } else {
-                for (;;) {
-                    i /= 2;
-                    /*
-                     * these simplified conditions work exclusively because
-                     * difference between tna and tnb is 1 or 0
-                     */
-                    if (i < tna || i < tnb) {
-                        bn_mul_part_recursive(&(r[n2]),
-                                              &(a[n]), &(b[n]),
-                                              i, tna - i, tnb - i, p);
-                        break;
-                    } else if (i == tna || i == tnb) {
-                        bn_mul_recursive(&(r[n2]),
-                                         &(a[n]), &(b[n]),
-                                         i, tna - i, tnb - i, p);
-                        break;
-                    }
-                }
-            }
-        }
-    }
-
-    /*-
-     * t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
-     * r[10] holds (a[0]*b[0])
-     * r[32] holds (b[1]*b[1])
-     */
-
-    c1 = (int)(bn_add_words(t, r, &(r[n2]), n2));
-
-    if (neg) {                  /* if t[32] is negative */
-        c1 -= (int)(bn_sub_words(&(t[n2]), t, &(t[n2]), n2));
-    } else {
-        /* Might have a carry */
-        c1 += (int)(bn_add_words(&(t[n2]), &(t[n2]), t, n2));
-    }
-
-    /*-
-     * t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
-     * r[10] holds (a[0]*b[0])
-     * r[32] holds (b[1]*b[1])
-     * c1 holds the carry bits
-     */
-    c1 += (int)(bn_add_words(&(r[n]), &(r[n]), &(t[n2]), n2));
-    if (c1) {
-        p = &(r[n + n2]);
-        lo = *p;
-        ln = (lo + c1) & BN_MASK2;
-        *p = ln;
-
-        /*
-         * The overflow will stop before we over write words we should not
-         * overwrite
-         */
-        if (ln < (BN_ULONG)c1) {
-            do {
-                p++;
-                lo = *p;
-                ln = (lo + 1) & BN_MASK2;
-                *p = ln;
-            } while (ln == 0);
-        }
-    }
-}
-
-/*-
- * a and b must be the same size, which is n2.
- * r needs to be n2 words and t needs to be n2*2
- */
-void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
-                          BN_ULONG *t)
-{
-    int n = n2 / 2;
-
-# ifdef BN_COUNT
-    fprintf(stderr, " bn_mul_low_recursive %d * %d\n", n2, n2);
-# endif
-
-    bn_mul_recursive(r, a, b, n, 0, 0, &(t[0]));
-    if (n >= BN_MUL_LOW_RECURSIVE_SIZE_NORMAL) {
-        bn_mul_low_recursive(&(t[0]), &(a[0]), &(b[n]), n, &(t[n2]));
-        bn_add_words(&(r[n]), &(r[n]), &(t[0]), n);
-        bn_mul_low_recursive(&(t[0]), &(a[n]), &(b[0]), n, &(t[n2]));
-        bn_add_words(&(r[n]), &(r[n]), &(t[0]), n);
-    } else {
-        bn_mul_low_normal(&(t[0]), &(a[0]), &(b[n]), n);
-        bn_mul_low_normal(&(t[n]), &(a[n]), &(b[0]), n);
-        bn_add_words(&(r[n]), &(r[n]), &(t[0]), n);
-        bn_add_words(&(r[n]), &(r[n]), &(t[n]), n);
-    }
-}
-
-/*-
- * a and b must be the same size, which is n2.
- * r needs to be n2 words and t needs to be n2*2
- * l is the low words of the output.
- * t needs to be n2*3
- */
-void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
-                 BN_ULONG *t)
-{
-    int i, n;
-    int c1, c2;
-    int neg, oneg, zero;
-    BN_ULONG ll, lc, *lp, *mp;
-
-# ifdef BN_COUNT
-    fprintf(stderr, " bn_mul_high %d * %d\n", n2, n2);
-# endif
-    n = n2 / 2;
-
-    /* Calculate (al-ah)*(bh-bl) */
-    neg = zero = 0;
-    c1 = bn_cmp_words(&(a[0]), &(a[n]), n);
-    c2 = bn_cmp_words(&(b[n]), &(b[0]), n);
-    switch (c1 * 3 + c2) {
-    case -4:
-        bn_sub_words(&(r[0]), &(a[n]), &(a[0]), n);
-        bn_sub_words(&(r[n]), &(b[0]), &(b[n]), n);
-        break;
-    case -3:
-        zero = 1;
-        break;
-    case -2:
-        bn_sub_words(&(r[0]), &(a[n]), &(a[0]), n);
-        bn_sub_words(&(r[n]), &(b[n]), &(b[0]), n);
-        neg = 1;
-        break;
-    case -1:
-    case 0:
-    case 1:
-        zero = 1;
-        break;
-    case 2:
-        bn_sub_words(&(r[0]), &(a[0]), &(a[n]), n);
-        bn_sub_words(&(r[n]), &(b[0]), &(b[n]), n);
-        neg = 1;
-        break;
-    case 3:
-        zero = 1;
-        break;
-    case 4:
-        bn_sub_words(&(r[0]), &(a[0]), &(a[n]), n);
-        bn_sub_words(&(r[n]), &(b[n]), &(b[0]), n);
-        break;
-    }
-
-    oneg = neg;
-    /* t[10] = (a[0]-a[1])*(b[1]-b[0]) */
-    /* r[10] = (a[1]*b[1]) */
-# ifdef BN_MUL_COMBA
-    if (n == 8) {
-        bn_mul_comba8(&(t[0]), &(r[0]), &(r[n]));
-        bn_mul_comba8(r, &(a[n]), &(b[n]));
-    } else
-# endif
-    {
-        bn_mul_recursive(&(t[0]), &(r[0]), &(r[n]), n, 0, 0, &(t[n2]));
-        bn_mul_recursive(r, &(a[n]), &(b[n]), n, 0, 0, &(t[n2]));
-    }
-
-    /*-
-     * s0 == low(al*bl)
-     * s1 == low(ah*bh)+low((al-ah)*(bh-bl))+low(al*bl)+high(al*bl)
-     * We know s0 and s1 so the only unknown is high(al*bl)
-     * high(al*bl) == s1 - low(ah*bh+s0+(al-ah)*(bh-bl))
-     * high(al*bl) == s1 - (r[0]+l[0]+t[0])
-     */
-    if (l != NULL) {
-        lp = &(t[n2 + n]);
-        c1 = (int)(bn_add_words(lp, &(r[0]), &(l[0]), n));
-    } else {
-        c1 = 0;
-        lp = &(r[0]);
-    }
-
-    if (neg)
-        neg = (int)(bn_sub_words(&(t[n2]), lp, &(t[0]), n));
-    else {
-        bn_add_words(&(t[n2]), lp, &(t[0]), n);
-        neg = 0;
-    }
-
-    if (l != NULL) {
-        bn_sub_words(&(t[n2 + n]), &(l[n]), &(t[n2]), n);
-    } else {
-        lp = &(t[n2 + n]);
-        mp = &(t[n2]);
-        for (i = 0; i < n; i++)
-            lp[i] = ((~mp[i]) + 1) & BN_MASK2;
-    }
-
-    /*-
-     * s[0] = low(al*bl)
-     * t[3] = high(al*bl)
-     * t[10] = (a[0]-a[1])*(b[1]-b[0]) neg is the sign
-     * r[10] = (a[1]*b[1])
-     */
-    /*-
-     * R[10] = al*bl
-     * R[21] = al*bl + ah*bh + (a[0]-a[1])*(b[1]-b[0])
-     * R[32] = ah*bh
-     */
-    /*-
-     * R[1]=t[3]+l[0]+r[0](+-)t[0] (have carry/borrow)
-     * R[2]=r[0]+t[3]+r[1](+-)t[1] (have carry/borrow)
-     * R[3]=r[1]+(carry/borrow)
-     */
-    if (l != NULL) {
-        lp = &(t[n2]);
-        c1 = (int)(bn_add_words(lp, &(t[n2 + n]), &(l[0]), n));
-    } else {
-        lp = &(t[n2 + n]);
-        c1 = 0;
-    }
-    c1 += (int)(bn_add_words(&(t[n2]), lp, &(r[0]), n));
-    if (oneg)
-        c1 -= (int)(bn_sub_words(&(t[n2]), &(t[n2]), &(t[0]), n));
-    else
-        c1 += (int)(bn_add_words(&(t[n2]), &(t[n2]), &(t[0]), n));
-
-    c2 = (int)(bn_add_words(&(r[0]), &(r[0]), &(t[n2 + n]), n));
-    c2 += (int)(bn_add_words(&(r[0]), &(r[0]), &(r[n]), n));
-    if (oneg)
-        c2 -= (int)(bn_sub_words(&(r[0]), &(r[0]), &(t[n]), n));
-    else
-        c2 += (int)(bn_add_words(&(r[0]), &(r[0]), &(t[n]), n));
-
-    if (c1 != 0) {              /* Add starting at r[0], could be +ve or -ve */
-        i = 0;
-        if (c1 > 0) {
-            lc = c1;
-            do {
-                ll = (r[i] + lc) & BN_MASK2;
-                r[i++] = ll;
-                lc = (lc > ll);
-            } while (lc);
-        } else {
-            lc = -c1;
-            do {
-                ll = r[i];
-                r[i++] = (ll - lc) & BN_MASK2;
-                lc = (lc > ll);
-            } while (lc);
-        }
-    }
-    if (c2 != 0) {              /* Add starting at r[1] */
-        i = n;
-        if (c2 > 0) {
-            lc = c2;
-            do {
-                ll = (r[i] + lc) & BN_MASK2;
-                r[i++] = ll;
-                lc = (lc > ll);
-            } while (lc);
-        } else {
-            lc = -c2;
-            do {
-                ll = r[i];
-                r[i++] = (ll - lc) & BN_MASK2;
-                lc = (lc > ll);
-            } while (lc);
-        }
-    }
-}
-#endif                          /* BN_RECURSION */
-
-int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
-{
-    int ret = 0;
-    int top, al, bl;
-    BIGNUM *rr;
-#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
-    int i;
-#endif
-#ifdef BN_RECURSION
-    BIGNUM *t = NULL;
-    int j = 0, k;
-#endif
-
-#ifdef BN_COUNT
-    fprintf(stderr, "BN_mul %d * %d\n", a->top, b->top);
-#endif
-
-    bn_check_top(a);
-    bn_check_top(b);
-    bn_check_top(r);
-
-    al = a->top;
-    bl = b->top;
-
-    if ((al == 0) || (bl == 0)) {
-        BN_zero(r);
-        return (1);
-    }
-    top = al + bl;
-
-    BN_CTX_start(ctx);
-    if ((r == a) || (r == b)) {
-        if ((rr = BN_CTX_get(ctx)) == NULL)
-            goto err;
-    } else
-        rr = r;
-    rr->neg = a->neg ^ b->neg;
-
-#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
-    i = al - bl;
-#endif
-#ifdef BN_MUL_COMBA
-    if (i == 0) {
-# if 0
-        if (al == 4) {
-            if (bn_wexpand(rr, 8) == NULL)
-                goto err;
-            rr->top = 8;
-            bn_mul_comba4(rr->d, a->d, b->d);
-            goto end;
-        }
-# endif
-        if (al == 8) {
-            if (bn_wexpand(rr, 16) == NULL)
-                goto err;
-            rr->top = 16;
-            bn_mul_comba8(rr->d, a->d, b->d);
-            goto end;
-        }
-    }
-#endif                          /* BN_MUL_COMBA */
-#ifdef BN_RECURSION
-    if ((al >= BN_MULL_SIZE_NORMAL) && (bl >= BN_MULL_SIZE_NORMAL)) {
-        if (i >= -1 && i <= 1) {
-            /*
-             * Find out the power of two lower or equal to the longest of the
-             * two numbers
-             */
-            if (i >= 0) {
-                j = BN_num_bits_word((BN_ULONG)al);
-            }
-            if (i == -1) {
-                j = BN_num_bits_word((BN_ULONG)bl);
-            }
-            j = 1 << (j - 1);
-            assert(j <= al || j <= bl);
-            k = j + j;
-            t = BN_CTX_get(ctx);
-            if (t == NULL)
-                goto err;
-            if (al > j || bl > j) {
-                if (bn_wexpand(t, k * 4) == NULL)
-                    goto err;
-                if (bn_wexpand(rr, k * 4) == NULL)
-                    goto err;
-                bn_mul_part_recursive(rr->d, a->d, b->d,
-                                      j, al - j, bl - j, t->d);
-            } else {            /* al <= j || bl <= j */
-
-                if (bn_wexpand(t, k * 2) == NULL)
-                    goto err;
-                if (bn_wexpand(rr, k * 2) == NULL)
-                    goto err;
-                bn_mul_recursive(rr->d, a->d, b->d, j, al - j, bl - j, t->d);
-            }
-            rr->top = top;
-            goto end;
-        }
-# if 0
-        if (i == 1 && !BN_get_flags(b, BN_FLG_STATIC_DATA)) {
-            BIGNUM *tmp_bn = (BIGNUM *)b;
-            if (bn_wexpand(tmp_bn, al) == NULL)
-                goto err;
-            tmp_bn->d[bl] = 0;
-            bl++;
-            i--;
-        } else if (i == -1 && !BN_get_flags(a, BN_FLG_STATIC_DATA)) {
-            BIGNUM *tmp_bn = (BIGNUM *)a;
-            if (bn_wexpand(tmp_bn, bl) == NULL)
-                goto err;
-            tmp_bn->d[al] = 0;
-            al++;
-            i++;
-        }
-        if (i == 0) {
-            /* symmetric and > 4 */
-            /* 16 or larger */
-            j = BN_num_bits_word((BN_ULONG)al);
-            j = 1 << (j - 1);
-            k = j + j;
-            t = BN_CTX_get(ctx);
-            if (al == j) {      /* exact multiple */
-                if (bn_wexpand(t, k * 2) == NULL)
-                    goto err;
-                if (bn_wexpand(rr, k * 2) == NULL)
-                    goto err;
-                bn_mul_recursive(rr->d, a->d, b->d, al, t->d);
-            } else {
-                if (bn_wexpand(t, k * 4) == NULL)
-                    goto err;
-                if (bn_wexpand(rr, k * 4) == NULL)
-                    goto err;
-                bn_mul_part_recursive(rr->d, a->d, b->d, al - j, j, t->d);
-            }
-            rr->top = top;
-            goto end;
-        }
-# endif
-    }
-#endif                          /* BN_RECURSION */
-    if (bn_wexpand(rr, top) == NULL)
-        goto err;
-    rr->top = top;
-    bn_mul_normal(rr->d, a->d, al, b->d, bl);
-
-#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
- end:
-#endif
-    bn_correct_top(rr);
-    if (r != rr && BN_copy(r, rr) == NULL)
-        goto err;
-
-    ret = 1;
- err:
-    bn_check_top(r);
-    BN_CTX_end(ctx);
-    return (ret);
-}
-
-void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb)
-{
-    BN_ULONG *rr;
-
-#ifdef BN_COUNT
-    fprintf(stderr, " bn_mul_normal %d * %d\n", na, nb);
-#endif
-
-    if (na < nb) {
-        int itmp;
-        BN_ULONG *ltmp;
-
-        itmp = na;
-        na = nb;
-        nb = itmp;
-        ltmp = a;
-        a = b;
-        b = ltmp;
-
-    }
-    rr = &(r[na]);
-    if (nb <= 0) {
-        (void)bn_mul_words(r, a, na, 0);
-        return;
-    } else
-        rr[0] = bn_mul_words(r, a, na, b[0]);
-
-    for (;;) {
-        if (--nb <= 0)
-            return;
-        rr[1] = bn_mul_add_words(&(r[1]), a, na, b[1]);
-        if (--nb <= 0)
-            return;
-        rr[2] = bn_mul_add_words(&(r[2]), a, na, b[2]);
-        if (--nb <= 0)
-            return;
-        rr[3] = bn_mul_add_words(&(r[3]), a, na, b[3]);
-        if (--nb <= 0)
-            return;
-        rr[4] = bn_mul_add_words(&(r[4]), a, na, b[4]);
-        rr += 4;
-        r += 4;
-        b += 4;
-    }
-}
-
-void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
-{
-#ifdef BN_COUNT
-    fprintf(stderr, " bn_mul_low_normal %d * %d\n", n, n);
-#endif
-    bn_mul_words(r, a, n, b[0]);
-
-    for (;;) {
-        if (--n <= 0)
-            return;
-        bn_mul_add_words(&(r[1]), a, n, b[1]);
-        if (--n <= 0)
-            return;
-        bn_mul_add_words(&(r[2]), a, n, b[2]);
-        if (--n <= 0)
-            return;
-        bn_mul_add_words(&(r[3]), a, n, b[3]);
-        if (--n <= 0)
-            return;
-        bn_mul_add_words(&(r[4]), a, n, b[4]);
-        r += 4;
-        b += 4;
-    }
-}
diff --git a/thirdparty/openssl/crypto/bn/bn_nist.c b/thirdparty/openssl/crypto/bn/bn_nist.c
deleted file mode 100644
index 4a45404c6f..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_nist.c
+++ /dev/null
@@ -1,1262 +0,0 @@
-/* crypto/bn/bn_nist.c */
-/*
- * Written by Nils Larsch for the OpenSSL project
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "bn_lcl.h"
-#include "cryptlib.h"
-
-#define BN_NIST_192_TOP (192+BN_BITS2-1)/BN_BITS2
-#define BN_NIST_224_TOP (224+BN_BITS2-1)/BN_BITS2
-#define BN_NIST_256_TOP (256+BN_BITS2-1)/BN_BITS2
-#define BN_NIST_384_TOP (384+BN_BITS2-1)/BN_BITS2
-#define BN_NIST_521_TOP (521+BN_BITS2-1)/BN_BITS2
-
-/* pre-computed tables are "carry-less" values of modulus*(i+1) */
-#if BN_BITS2 == 64
-static const BN_ULONG _nist_p_192[][BN_NIST_192_TOP] = {
-    {0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFEULL, 0xFFFFFFFFFFFFFFFFULL},
-    {0xFFFFFFFFFFFFFFFEULL, 0xFFFFFFFFFFFFFFFDULL, 0xFFFFFFFFFFFFFFFFULL},
-    {0xFFFFFFFFFFFFFFFDULL, 0xFFFFFFFFFFFFFFFCULL, 0xFFFFFFFFFFFFFFFFULL}
-};
-
-static const BN_ULONG _nist_p_192_sqr[] = {
-    0x0000000000000001ULL, 0x0000000000000002ULL, 0x0000000000000001ULL,
-    0xFFFFFFFFFFFFFFFEULL, 0xFFFFFFFFFFFFFFFDULL, 0xFFFFFFFFFFFFFFFFULL
-};
-
-static const BN_ULONG _nist_p_224[][BN_NIST_224_TOP] = {
-    {0x0000000000000001ULL, 0xFFFFFFFF00000000ULL,
-     0xFFFFFFFFFFFFFFFFULL, 0x00000000FFFFFFFFULL},
-    {0x0000000000000002ULL, 0xFFFFFFFE00000000ULL,
-     0xFFFFFFFFFFFFFFFFULL, 0x00000001FFFFFFFFULL} /* this one is
-                                                    * "carry-full" */
-};
-
-static const BN_ULONG _nist_p_224_sqr[] = {
-    0x0000000000000001ULL, 0xFFFFFFFE00000000ULL,
-    0xFFFFFFFFFFFFFFFFULL, 0x0000000200000000ULL,
-    0x0000000000000000ULL, 0xFFFFFFFFFFFFFFFEULL,
-    0xFFFFFFFFFFFFFFFFULL
-};
-
-static const BN_ULONG _nist_p_256[][BN_NIST_256_TOP] = {
-    {0xFFFFFFFFFFFFFFFFULL, 0x00000000FFFFFFFFULL,
-     0x0000000000000000ULL, 0xFFFFFFFF00000001ULL},
-    {0xFFFFFFFFFFFFFFFEULL, 0x00000001FFFFFFFFULL,
-     0x0000000000000000ULL, 0xFFFFFFFE00000002ULL},
-    {0xFFFFFFFFFFFFFFFDULL, 0x00000002FFFFFFFFULL,
-     0x0000000000000000ULL, 0xFFFFFFFD00000003ULL},
-    {0xFFFFFFFFFFFFFFFCULL, 0x00000003FFFFFFFFULL,
-     0x0000000000000000ULL, 0xFFFFFFFC00000004ULL},
-    {0xFFFFFFFFFFFFFFFBULL, 0x00000004FFFFFFFFULL,
-     0x0000000000000000ULL, 0xFFFFFFFB00000005ULL},
-};
-
-static const BN_ULONG _nist_p_256_sqr[] = {
-    0x0000000000000001ULL, 0xFFFFFFFE00000000ULL,
-    0xFFFFFFFFFFFFFFFFULL, 0x00000001FFFFFFFEULL,
-    0x00000001FFFFFFFEULL, 0x00000001FFFFFFFEULL,
-    0xFFFFFFFE00000001ULL, 0xFFFFFFFE00000002ULL
-};
-
-static const BN_ULONG _nist_p_384[][BN_NIST_384_TOP] = {
-    {0x00000000FFFFFFFFULL, 0xFFFFFFFF00000000ULL, 0xFFFFFFFFFFFFFFFEULL,
-     0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL},
-    {0x00000001FFFFFFFEULL, 0xFFFFFFFE00000000ULL, 0xFFFFFFFFFFFFFFFDULL,
-     0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL},
-    {0x00000002FFFFFFFDULL, 0xFFFFFFFD00000000ULL, 0xFFFFFFFFFFFFFFFCULL,
-     0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL},
-    {0x00000003FFFFFFFCULL, 0xFFFFFFFC00000000ULL, 0xFFFFFFFFFFFFFFFBULL,
-     0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL},
-    {0x00000004FFFFFFFBULL, 0xFFFFFFFB00000000ULL, 0xFFFFFFFFFFFFFFFAULL,
-     0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL},
-};
-
-static const BN_ULONG _nist_p_384_sqr[] = {
-    0xFFFFFFFE00000001ULL, 0x0000000200000000ULL, 0xFFFFFFFE00000000ULL,
-    0x0000000200000000ULL, 0x0000000000000001ULL, 0x0000000000000000ULL,
-    0x00000001FFFFFFFEULL, 0xFFFFFFFE00000000ULL, 0xFFFFFFFFFFFFFFFDULL,
-    0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL
-};
-
-static const BN_ULONG _nist_p_521[] =
-    { 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,
-    0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,
-    0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,
-    0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,
-    0x00000000000001FFULL
-};
-
-static const BN_ULONG _nist_p_521_sqr[] = {
-    0x0000000000000001ULL, 0x0000000000000000ULL, 0x0000000000000000ULL,
-    0x0000000000000000ULL, 0x0000000000000000ULL, 0x0000000000000000ULL,
-    0x0000000000000000ULL, 0x0000000000000000ULL, 0xFFFFFFFFFFFFFC00ULL,
-    0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,
-    0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,
-    0xFFFFFFFFFFFFFFFFULL, 0x000000000003FFFFULL
-};
-#elif BN_BITS2 == 32
-static const BN_ULONG _nist_p_192[][BN_NIST_192_TOP] = {
-    {0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF},
-    {0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF},
-    {0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFC, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF}
-};
-
-static const BN_ULONG _nist_p_192_sqr[] = {
-    0x00000001, 0x00000000, 0x00000002, 0x00000000, 0x00000001, 0x00000000,
-    0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF
-};
-
-static const BN_ULONG _nist_p_224[][BN_NIST_224_TOP] = {
-    {0x00000001, 0x00000000, 0x00000000, 0xFFFFFFFF,
-     0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF},
-    {0x00000002, 0x00000000, 0x00000000, 0xFFFFFFFE,
-     0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF}
-};
-
-static const BN_ULONG _nist_p_224_sqr[] = {
-    0x00000001, 0x00000000, 0x00000000, 0xFFFFFFFE,
-    0xFFFFFFFF, 0xFFFFFFFF, 0x00000000, 0x00000002,
-    0x00000000, 0x00000000, 0xFFFFFFFE, 0xFFFFFFFF,
-    0xFFFFFFFF, 0xFFFFFFFF
-};
-
-static const BN_ULONG _nist_p_256[][BN_NIST_256_TOP] = {
-    {0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000,
-     0x00000000, 0x00000000, 0x00000001, 0xFFFFFFFF},
-    {0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000001,
-     0x00000000, 0x00000000, 0x00000002, 0xFFFFFFFE},
-    {0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000002,
-     0x00000000, 0x00000000, 0x00000003, 0xFFFFFFFD},
-    {0xFFFFFFFC, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000003,
-     0x00000000, 0x00000000, 0x00000004, 0xFFFFFFFC},
-    {0xFFFFFFFB, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000004,
-     0x00000000, 0x00000000, 0x00000005, 0xFFFFFFFB},
-};
-
-static const BN_ULONG _nist_p_256_sqr[] = {
-    0x00000001, 0x00000000, 0x00000000, 0xFFFFFFFE,
-    0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFE, 0x00000001,
-    0xFFFFFFFE, 0x00000001, 0xFFFFFFFE, 0x00000001,
-    0x00000001, 0xFFFFFFFE, 0x00000002, 0xFFFFFFFE
-};
-
-static const BN_ULONG _nist_p_384[][BN_NIST_384_TOP] = {
-    {0xFFFFFFFF, 0x00000000, 0x00000000, 0xFFFFFFFF, 0xFFFFFFFE, 0xFFFFFFFF,
-     0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF},
-    {0xFFFFFFFE, 0x00000001, 0x00000000, 0xFFFFFFFE, 0xFFFFFFFD, 0xFFFFFFFF,
-     0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF},
-    {0xFFFFFFFD, 0x00000002, 0x00000000, 0xFFFFFFFD, 0xFFFFFFFC, 0xFFFFFFFF,
-     0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF},
-    {0xFFFFFFFC, 0x00000003, 0x00000000, 0xFFFFFFFC, 0xFFFFFFFB, 0xFFFFFFFF,
-     0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF},
-    {0xFFFFFFFB, 0x00000004, 0x00000000, 0xFFFFFFFB, 0xFFFFFFFA, 0xFFFFFFFF,
-     0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF},
-};
-
-static const BN_ULONG _nist_p_384_sqr[] = {
-    0x00000001, 0xFFFFFFFE, 0x00000000, 0x00000002, 0x00000000, 0xFFFFFFFE,
-    0x00000000, 0x00000002, 0x00000001, 0x00000000, 0x00000000, 0x00000000,
-    0xFFFFFFFE, 0x00000001, 0x00000000, 0xFFFFFFFE, 0xFFFFFFFD, 0xFFFFFFFF,
-    0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF
-};
-
-static const BN_ULONG _nist_p_521[] = { 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
-    0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
-    0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
-    0xFFFFFFFF, 0x000001FF
-};
-
-static const BN_ULONG _nist_p_521_sqr[] = {
-    0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
-    0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
-    0x00000000, 0x00000000, 0x00000000, 0x00000000, 0xFFFFFC00, 0xFFFFFFFF,
-    0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
-    0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
-    0xFFFFFFFF, 0xFFFFFFFF, 0x0003FFFF
-};
-#else
-# error "unsupported BN_BITS2"
-#endif
-
-static const BIGNUM _bignum_nist_p_192 = {
-    (BN_ULONG *)_nist_p_192[0],
-    BN_NIST_192_TOP,
-    BN_NIST_192_TOP,
-    0,
-    BN_FLG_STATIC_DATA
-};
-
-static const BIGNUM _bignum_nist_p_224 = {
-    (BN_ULONG *)_nist_p_224[0],
-    BN_NIST_224_TOP,
-    BN_NIST_224_TOP,
-    0,
-    BN_FLG_STATIC_DATA
-};
-
-static const BIGNUM _bignum_nist_p_256 = {
-    (BN_ULONG *)_nist_p_256[0],
-    BN_NIST_256_TOP,
-    BN_NIST_256_TOP,
-    0,
-    BN_FLG_STATIC_DATA
-};
-
-static const BIGNUM _bignum_nist_p_384 = {
-    (BN_ULONG *)_nist_p_384[0],
-    BN_NIST_384_TOP,
-    BN_NIST_384_TOP,
-    0,
-    BN_FLG_STATIC_DATA
-};
-
-static const BIGNUM _bignum_nist_p_521 = {
-    (BN_ULONG *)_nist_p_521,
-    BN_NIST_521_TOP,
-    BN_NIST_521_TOP,
-    0,
-    BN_FLG_STATIC_DATA
-};
-
-const BIGNUM *BN_get0_nist_prime_192(void)
-{
-    return &_bignum_nist_p_192;
-}
-
-const BIGNUM *BN_get0_nist_prime_224(void)
-{
-    return &_bignum_nist_p_224;
-}
-
-const BIGNUM *BN_get0_nist_prime_256(void)
-{
-    return &_bignum_nist_p_256;
-}
-
-const BIGNUM *BN_get0_nist_prime_384(void)
-{
-    return &_bignum_nist_p_384;
-}
-
-const BIGNUM *BN_get0_nist_prime_521(void)
-{
-    return &_bignum_nist_p_521;
-}
-
-static void nist_cp_bn_0(BN_ULONG *dst, const BN_ULONG *src, int top, int max)
-{
-    int i;
-
-#ifdef BN_DEBUG
-    OPENSSL_assert(top <= max);
-#endif
-    for (i = 0; i < top; i++)
-        dst[i] = src[i];
-    for (; i < max; i++)
-        dst[i] = 0;
-}
-
-static void nist_cp_bn(BN_ULONG *dst, const BN_ULONG *src, int top)
-{
-    int i;
-
-    for (i = 0; i < top; i++)
-        dst[i] = src[i];
-}
-
-#if BN_BITS2 == 64
-# define bn_cp_64(to, n, from, m)        (to)[n] = (m>=0)?((from)[m]):0;
-# define bn_64_set_0(to, n)              (to)[n] = (BN_ULONG)0;
-/*
- * two following macros are implemented under assumption that they
- * are called in a sequence with *ascending* n, i.e. as they are...
- */
-# define bn_cp_32_naked(to, n, from, m)  (((n)&1)?(to[(n)/2]|=((m)&1)?(from[(m)/2]&BN_MASK2h):(from[(m)/2]<<32))\
-                                                :(to[(n)/2] =((m)&1)?(from[(m)/2]>>32):(from[(m)/2]&BN_MASK2l)))
-# define bn_32_set_0(to, n)              (((n)&1)?(to[(n)/2]&=BN_MASK2l):(to[(n)/2]=0));
-# define bn_cp_32(to,n,from,m)           ((m)>=0)?bn_cp_32_naked(to,n,from,m):bn_32_set_0(to,n)
-# if defined(L_ENDIAN)
-#  if defined(__arch64__)
-#   define NIST_INT64 long
-#  else
-#   define NIST_INT64 long long
-#  endif
-# endif
-#else
-# define bn_cp_64(to, n, from, m) \
-        { \
-        bn_cp_32(to, (n)*2, from, (m)*2); \
-        bn_cp_32(to, (n)*2+1, from, (m)*2+1); \
-        }
-# define bn_64_set_0(to, n) \
-        { \
-        bn_32_set_0(to, (n)*2); \
-        bn_32_set_0(to, (n)*2+1); \
-        }
-# define bn_cp_32(to, n, from, m)        (to)[n] = (m>=0)?((from)[m]):0;
-# define bn_32_set_0(to, n)              (to)[n] = (BN_ULONG)0;
-# if defined(_WIN32) && !defined(__GNUC__)
-#  define NIST_INT64 __int64
-# elif defined(BN_LLONG)
-#  define NIST_INT64 long long
-# endif
-#endif                          /* BN_BITS2 != 64 */
-
-#define nist_set_192(to, from, a1, a2, a3) \
-        { \
-        bn_cp_64(to, 0, from, (a3) - 3) \
-        bn_cp_64(to, 1, from, (a2) - 3) \
-        bn_cp_64(to, 2, from, (a1) - 3) \
-        }
-
-int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
-                    BN_CTX *ctx)
-{
-    int top = a->top, i;
-    int carry;
-    register BN_ULONG *r_d, *a_d = a->d;
-    union {
-        BN_ULONG bn[BN_NIST_192_TOP];
-        unsigned int ui[BN_NIST_192_TOP * sizeof(BN_ULONG) /
-                        sizeof(unsigned int)];
-    } buf;
-    BN_ULONG c_d[BN_NIST_192_TOP], *res;
-    PTR_SIZE_INT mask;
-    static const BIGNUM _bignum_nist_p_192_sqr = {
-        (BN_ULONG *)_nist_p_192_sqr,
-        sizeof(_nist_p_192_sqr) / sizeof(_nist_p_192_sqr[0]),
-        sizeof(_nist_p_192_sqr) / sizeof(_nist_p_192_sqr[0]),
-        0, BN_FLG_STATIC_DATA
-    };
-
-    field = &_bignum_nist_p_192; /* just to make sure */
-
-    if (BN_is_negative(a) || BN_ucmp(a, &_bignum_nist_p_192_sqr) >= 0)
-        return BN_nnmod(r, a, field, ctx);
-
-    i = BN_ucmp(field, a);
-    if (i == 0) {
-        BN_zero(r);
-        return 1;
-    } else if (i > 0)
-        return (r == a) ? 1 : (BN_copy(r, a) != NULL);
-
-    if (r != a) {
-        if (!bn_wexpand(r, BN_NIST_192_TOP))
-            return 0;
-        r_d = r->d;
-        nist_cp_bn(r_d, a_d, BN_NIST_192_TOP);
-    } else
-        r_d = a_d;
-
-    nist_cp_bn_0(buf.bn, a_d + BN_NIST_192_TOP, top - BN_NIST_192_TOP,
-                 BN_NIST_192_TOP);
-
-#if defined(NIST_INT64)
-    {
-        NIST_INT64 acc;         /* accumulator */
-        unsigned int *rp = (unsigned int *)r_d;
-        const unsigned int *bp = (const unsigned int *)buf.ui;
-
-        acc = rp[0];
-        acc += bp[3 * 2 - 6];
-        acc += bp[5 * 2 - 6];
-        rp[0] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[1];
-        acc += bp[3 * 2 - 5];
-        acc += bp[5 * 2 - 5];
-        rp[1] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[2];
-        acc += bp[3 * 2 - 6];
-        acc += bp[4 * 2 - 6];
-        acc += bp[5 * 2 - 6];
-        rp[2] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[3];
-        acc += bp[3 * 2 - 5];
-        acc += bp[4 * 2 - 5];
-        acc += bp[5 * 2 - 5];
-        rp[3] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[4];
-        acc += bp[4 * 2 - 6];
-        acc += bp[5 * 2 - 6];
-        rp[4] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[5];
-        acc += bp[4 * 2 - 5];
-        acc += bp[5 * 2 - 5];
-        rp[5] = (unsigned int)acc;
-
-        carry = (int)(acc >> 32);
-    }
-#else
-    {
-        BN_ULONG t_d[BN_NIST_192_TOP];
-
-        nist_set_192(t_d, buf.bn, 0, 3, 3);
-        carry = (int)bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP);
-        nist_set_192(t_d, buf.bn, 4, 4, 0);
-        carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP);
-        nist_set_192(t_d, buf.bn, 5, 5, 5)
-            carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP);
-    }
-#endif
-    if (carry > 0)
-        carry =
-            (int)bn_sub_words(r_d, r_d, _nist_p_192[carry - 1],
-                              BN_NIST_192_TOP);
-    else
-        carry = 1;
-
-    /*
-     * we need 'if (carry==0 || result>=modulus) result-=modulus;'
-     * as comparison implies subtraction, we can write
-     * 'tmp=result-modulus; if (!carry || !borrow) result=tmp;'
-     * this is what happens below, but without explicit if:-) a.
-     */
-    mask =
-        0 - (PTR_SIZE_INT) bn_sub_words(c_d, r_d, _nist_p_192[0],
-                                        BN_NIST_192_TOP);
-    mask &= 0 - (PTR_SIZE_INT) carry;
-    res = c_d;
-    res = (BN_ULONG *)
-        (((PTR_SIZE_INT) res & ~mask) | ((PTR_SIZE_INT) r_d & mask));
-    nist_cp_bn(r_d, res, BN_NIST_192_TOP);
-    r->top = BN_NIST_192_TOP;
-    bn_correct_top(r);
-
-    return 1;
-}
-
-typedef BN_ULONG (*bn_addsub_f) (BN_ULONG *, const BN_ULONG *,
-                                 const BN_ULONG *, int);
-
-#define nist_set_224(to, from, a1, a2, a3, a4, a5, a6, a7) \
-        { \
-        bn_cp_32(to, 0, from, (a7) - 7) \
-        bn_cp_32(to, 1, from, (a6) - 7) \
-        bn_cp_32(to, 2, from, (a5) - 7) \
-        bn_cp_32(to, 3, from, (a4) - 7) \
-        bn_cp_32(to, 4, from, (a3) - 7) \
-        bn_cp_32(to, 5, from, (a2) - 7) \
-        bn_cp_32(to, 6, from, (a1) - 7) \
-        }
-
-int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
-                    BN_CTX *ctx)
-{
-    int top = a->top, i;
-    int carry;
-    BN_ULONG *r_d, *a_d = a->d;
-    union {
-        BN_ULONG bn[BN_NIST_224_TOP];
-        unsigned int ui[BN_NIST_224_TOP * sizeof(BN_ULONG) /
-                        sizeof(unsigned int)];
-    } buf;
-    BN_ULONG c_d[BN_NIST_224_TOP], *res;
-    PTR_SIZE_INT mask;
-    union {
-        bn_addsub_f f;
-        PTR_SIZE_INT p;
-    } u;
-    static const BIGNUM _bignum_nist_p_224_sqr = {
-        (BN_ULONG *)_nist_p_224_sqr,
-        sizeof(_nist_p_224_sqr) / sizeof(_nist_p_224_sqr[0]),
-        sizeof(_nist_p_224_sqr) / sizeof(_nist_p_224_sqr[0]),
-        0, BN_FLG_STATIC_DATA
-    };
-
-    field = &_bignum_nist_p_224; /* just to make sure */
-
-    if (BN_is_negative(a) || BN_ucmp(a, &_bignum_nist_p_224_sqr) >= 0)
-        return BN_nnmod(r, a, field, ctx);
-
-    i = BN_ucmp(field, a);
-    if (i == 0) {
-        BN_zero(r);
-        return 1;
-    } else if (i > 0)
-        return (r == a) ? 1 : (BN_copy(r, a) != NULL);
-
-    if (r != a) {
-        if (!bn_wexpand(r, BN_NIST_224_TOP))
-            return 0;
-        r_d = r->d;
-        nist_cp_bn(r_d, a_d, BN_NIST_224_TOP);
-    } else
-        r_d = a_d;
-
-#if BN_BITS2==64
-    /* copy upper 256 bits of 448 bit number ... */
-    nist_cp_bn_0(c_d, a_d + (BN_NIST_224_TOP - 1),
-                 top - (BN_NIST_224_TOP - 1), BN_NIST_224_TOP);
-    /* ... and right shift by 32 to obtain upper 224 bits */
-    nist_set_224(buf.bn, c_d, 14, 13, 12, 11, 10, 9, 8);
-    /* truncate lower part to 224 bits too */
-    r_d[BN_NIST_224_TOP - 1] &= BN_MASK2l;
-#else
-    nist_cp_bn_0(buf.bn, a_d + BN_NIST_224_TOP, top - BN_NIST_224_TOP,
-                 BN_NIST_224_TOP);
-#endif
-
-#if defined(NIST_INT64) && BN_BITS2!=64
-    {
-        NIST_INT64 acc;         /* accumulator */
-        unsigned int *rp = (unsigned int *)r_d;
-        const unsigned int *bp = (const unsigned int *)buf.ui;
-
-        acc = rp[0];
-        acc -= bp[7 - 7];
-        acc -= bp[11 - 7];
-        rp[0] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[1];
-        acc -= bp[8 - 7];
-        acc -= bp[12 - 7];
-        rp[1] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[2];
-        acc -= bp[9 - 7];
-        acc -= bp[13 - 7];
-        rp[2] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[3];
-        acc += bp[7 - 7];
-        acc += bp[11 - 7];
-        acc -= bp[10 - 7];
-        rp[3] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[4];
-        acc += bp[8 - 7];
-        acc += bp[12 - 7];
-        acc -= bp[11 - 7];
-        rp[4] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[5];
-        acc += bp[9 - 7];
-        acc += bp[13 - 7];
-        acc -= bp[12 - 7];
-        rp[5] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[6];
-        acc += bp[10 - 7];
-        acc -= bp[13 - 7];
-        rp[6] = (unsigned int)acc;
-
-        carry = (int)(acc >> 32);
-# if BN_BITS2==64
-        rp[7] = carry;
-# endif
-    }
-#else
-    {
-        BN_ULONG t_d[BN_NIST_224_TOP];
-
-        nist_set_224(t_d, buf.bn, 10, 9, 8, 7, 0, 0, 0);
-        carry = (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP);
-        nist_set_224(t_d, buf.bn, 0, 13, 12, 11, 0, 0, 0);
-        carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP);
-        nist_set_224(t_d, buf.bn, 13, 12, 11, 10, 9, 8, 7);
-        carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP);
-        nist_set_224(t_d, buf.bn, 0, 0, 0, 0, 13, 12, 11);
-        carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP);
-
-# if BN_BITS2==64
-        carry = (int)(r_d[BN_NIST_224_TOP - 1] >> 32);
-# endif
-    }
-#endif
-    u.f = bn_sub_words;
-    if (carry > 0) {
-        carry =
-            (int)bn_sub_words(r_d, r_d, _nist_p_224[carry - 1],
-                              BN_NIST_224_TOP);
-#if BN_BITS2==64
-        carry = (int)(~(r_d[BN_NIST_224_TOP - 1] >> 32)) & 1;
-#endif
-    } else if (carry < 0) {
-        /*
-         * it's a bit more comlicated logic in this case. if bn_add_words
-         * yields no carry, then result has to be adjusted by unconditionally
-         * *adding* the modulus. but if it does, then result has to be
-         * compared to the modulus and conditionally adjusted by
-         * *subtracting* the latter.
-         */
-        carry =
-            (int)bn_add_words(r_d, r_d, _nist_p_224[-carry - 1],
-                              BN_NIST_224_TOP);
-        mask = 0 - (PTR_SIZE_INT) carry;
-        u.p = ((PTR_SIZE_INT) bn_sub_words & mask) |
-            ((PTR_SIZE_INT) bn_add_words & ~mask);
-    } else
-        carry = 1;
-
-    /* otherwise it's effectively same as in BN_nist_mod_192... */
-    mask =
-        0 - (PTR_SIZE_INT) (*u.f) (c_d, r_d, _nist_p_224[0], BN_NIST_224_TOP);
-    mask &= 0 - (PTR_SIZE_INT) carry;
-    res = c_d;
-    res = (BN_ULONG *)(((PTR_SIZE_INT) res & ~mask) |
-                       ((PTR_SIZE_INT) r_d & mask));
-    nist_cp_bn(r_d, res, BN_NIST_224_TOP);
-    r->top = BN_NIST_224_TOP;
-    bn_correct_top(r);
-
-    return 1;
-}
-
-#define nist_set_256(to, from, a1, a2, a3, a4, a5, a6, a7, a8) \
-        { \
-        bn_cp_32(to, 0, from, (a8) - 8) \
-        bn_cp_32(to, 1, from, (a7) - 8) \
-        bn_cp_32(to, 2, from, (a6) - 8) \
-        bn_cp_32(to, 3, from, (a5) - 8) \
-        bn_cp_32(to, 4, from, (a4) - 8) \
-        bn_cp_32(to, 5, from, (a3) - 8) \
-        bn_cp_32(to, 6, from, (a2) - 8) \
-        bn_cp_32(to, 7, from, (a1) - 8) \
-        }
-
-int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
-                    BN_CTX *ctx)
-{
-    int i, top = a->top;
-    int carry = 0;
-    register BN_ULONG *a_d = a->d, *r_d;
-    union {
-        BN_ULONG bn[BN_NIST_256_TOP];
-        unsigned int ui[BN_NIST_256_TOP * sizeof(BN_ULONG) /
-                        sizeof(unsigned int)];
-    } buf;
-    BN_ULONG c_d[BN_NIST_256_TOP], *res;
-    PTR_SIZE_INT mask;
-    union {
-        bn_addsub_f f;
-        PTR_SIZE_INT p;
-    } u;
-    static const BIGNUM _bignum_nist_p_256_sqr = {
-        (BN_ULONG *)_nist_p_256_sqr,
-        sizeof(_nist_p_256_sqr) / sizeof(_nist_p_256_sqr[0]),
-        sizeof(_nist_p_256_sqr) / sizeof(_nist_p_256_sqr[0]),
-        0, BN_FLG_STATIC_DATA
-    };
-
-    field = &_bignum_nist_p_256; /* just to make sure */
-
-    if (BN_is_negative(a) || BN_ucmp(a, &_bignum_nist_p_256_sqr) >= 0)
-        return BN_nnmod(r, a, field, ctx);
-
-    i = BN_ucmp(field, a);
-    if (i == 0) {
-        BN_zero(r);
-        return 1;
-    } else if (i > 0)
-        return (r == a) ? 1 : (BN_copy(r, a) != NULL);
-
-    if (r != a) {
-        if (!bn_wexpand(r, BN_NIST_256_TOP))
-            return 0;
-        r_d = r->d;
-        nist_cp_bn(r_d, a_d, BN_NIST_256_TOP);
-    } else
-        r_d = a_d;
-
-    nist_cp_bn_0(buf.bn, a_d + BN_NIST_256_TOP, top - BN_NIST_256_TOP,
-                 BN_NIST_256_TOP);
-
-#if defined(NIST_INT64)
-    {
-        NIST_INT64 acc;         /* accumulator */
-        unsigned int *rp = (unsigned int *)r_d;
-        const unsigned int *bp = (const unsigned int *)buf.ui;
-
-        acc = rp[0];
-        acc += bp[8 - 8];
-        acc += bp[9 - 8];
-        acc -= bp[11 - 8];
-        acc -= bp[12 - 8];
-        acc -= bp[13 - 8];
-        acc -= bp[14 - 8];
-        rp[0] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[1];
-        acc += bp[9 - 8];
-        acc += bp[10 - 8];
-        acc -= bp[12 - 8];
-        acc -= bp[13 - 8];
-        acc -= bp[14 - 8];
-        acc -= bp[15 - 8];
-        rp[1] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[2];
-        acc += bp[10 - 8];
-        acc += bp[11 - 8];
-        acc -= bp[13 - 8];
-        acc -= bp[14 - 8];
-        acc -= bp[15 - 8];
-        rp[2] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[3];
-        acc += bp[11 - 8];
-        acc += bp[11 - 8];
-        acc += bp[12 - 8];
-        acc += bp[12 - 8];
-        acc += bp[13 - 8];
-        acc -= bp[15 - 8];
-        acc -= bp[8 - 8];
-        acc -= bp[9 - 8];
-        rp[3] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[4];
-        acc += bp[12 - 8];
-        acc += bp[12 - 8];
-        acc += bp[13 - 8];
-        acc += bp[13 - 8];
-        acc += bp[14 - 8];
-        acc -= bp[9 - 8];
-        acc -= bp[10 - 8];
-        rp[4] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[5];
-        acc += bp[13 - 8];
-        acc += bp[13 - 8];
-        acc += bp[14 - 8];
-        acc += bp[14 - 8];
-        acc += bp[15 - 8];
-        acc -= bp[10 - 8];
-        acc -= bp[11 - 8];
-        rp[5] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[6];
-        acc += bp[14 - 8];
-        acc += bp[14 - 8];
-        acc += bp[15 - 8];
-        acc += bp[15 - 8];
-        acc += bp[14 - 8];
-        acc += bp[13 - 8];
-        acc -= bp[8 - 8];
-        acc -= bp[9 - 8];
-        rp[6] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[7];
-        acc += bp[15 - 8];
-        acc += bp[15 - 8];
-        acc += bp[15 - 8];
-        acc += bp[8 - 8];
-        acc -= bp[10 - 8];
-        acc -= bp[11 - 8];
-        acc -= bp[12 - 8];
-        acc -= bp[13 - 8];
-        rp[7] = (unsigned int)acc;
-
-        carry = (int)(acc >> 32);
-    }
-#else
-    {
-        BN_ULONG t_d[BN_NIST_256_TOP];
-
-        /*
-         * S1
-         */
-        nist_set_256(t_d, buf.bn, 15, 14, 13, 12, 11, 0, 0, 0);
-        /*
-         * S2
-         */
-        nist_set_256(c_d, buf.bn, 0, 15, 14, 13, 12, 0, 0, 0);
-        carry = (int)bn_add_words(t_d, t_d, c_d, BN_NIST_256_TOP);
-        /* left shift */
-        {
-            register BN_ULONG *ap, t, c;
-            ap = t_d;
-            c = 0;
-            for (i = BN_NIST_256_TOP; i != 0; --i) {
-                t = *ap;
-                *(ap++) = ((t << 1) | c) & BN_MASK2;
-                c = (t & BN_TBIT) ? 1 : 0;
-            }
-            carry <<= 1;
-            carry |= c;
-        }
-        carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP);
-        /*
-         * S3
-         */
-        nist_set_256(t_d, buf.bn, 15, 14, 0, 0, 0, 10, 9, 8);
-        carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP);
-        /*
-         * S4
-         */
-        nist_set_256(t_d, buf.bn, 8, 13, 15, 14, 13, 11, 10, 9);
-        carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP);
-        /*
-         * D1
-         */
-        nist_set_256(t_d, buf.bn, 10, 8, 0, 0, 0, 13, 12, 11);
-        carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
-        /*
-         * D2
-         */
-        nist_set_256(t_d, buf.bn, 11, 9, 0, 0, 15, 14, 13, 12);
-        carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
-        /*
-         * D3
-         */
-        nist_set_256(t_d, buf.bn, 12, 0, 10, 9, 8, 15, 14, 13);
-        carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
-        /*
-         * D4
-         */
-        nist_set_256(t_d, buf.bn, 13, 0, 11, 10, 9, 0, 15, 14);
-        carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
-
-    }
-#endif
-    /* see BN_nist_mod_224 for explanation */
-    u.f = bn_sub_words;
-    if (carry > 0)
-        carry =
-            (int)bn_sub_words(r_d, r_d, _nist_p_256[carry - 1],
-                              BN_NIST_256_TOP);
-    else if (carry < 0) {
-        carry =
-            (int)bn_add_words(r_d, r_d, _nist_p_256[-carry - 1],
-                              BN_NIST_256_TOP);
-        mask = 0 - (PTR_SIZE_INT) carry;
-        u.p = ((PTR_SIZE_INT) bn_sub_words & mask) |
-            ((PTR_SIZE_INT) bn_add_words & ~mask);
-    } else
-        carry = 1;
-
-    mask =
-        0 - (PTR_SIZE_INT) (*u.f) (c_d, r_d, _nist_p_256[0], BN_NIST_256_TOP);
-    mask &= 0 - (PTR_SIZE_INT) carry;
-    res = c_d;
-    res = (BN_ULONG *)(((PTR_SIZE_INT) res & ~mask) |
-                       ((PTR_SIZE_INT) r_d & mask));
-    nist_cp_bn(r_d, res, BN_NIST_256_TOP);
-    r->top = BN_NIST_256_TOP;
-    bn_correct_top(r);
-
-    return 1;
-}
-
-#define nist_set_384(to,from,a1,a2,a3,a4,a5,a6,a7,a8,a9,a10,a11,a12) \
-        { \
-        bn_cp_32(to, 0, from,  (a12) - 12) \
-        bn_cp_32(to, 1, from,  (a11) - 12) \
-        bn_cp_32(to, 2, from,  (a10) - 12) \
-        bn_cp_32(to, 3, from,  (a9) - 12)  \
-        bn_cp_32(to, 4, from,  (a8) - 12)  \
-        bn_cp_32(to, 5, from,  (a7) - 12)  \
-        bn_cp_32(to, 6, from,  (a6) - 12)  \
-        bn_cp_32(to, 7, from,  (a5) - 12)  \
-        bn_cp_32(to, 8, from,  (a4) - 12)  \
-        bn_cp_32(to, 9, from,  (a3) - 12)  \
-        bn_cp_32(to, 10, from, (a2) - 12)  \
-        bn_cp_32(to, 11, from, (a1) - 12)  \
-        }
-
-int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
-                    BN_CTX *ctx)
-{
-    int i, top = a->top;
-    int carry = 0;
-    register BN_ULONG *r_d, *a_d = a->d;
-    union {
-        BN_ULONG bn[BN_NIST_384_TOP];
-        unsigned int ui[BN_NIST_384_TOP * sizeof(BN_ULONG) /
-                        sizeof(unsigned int)];
-    } buf;
-    BN_ULONG c_d[BN_NIST_384_TOP], *res;
-    PTR_SIZE_INT mask;
-    union {
-        bn_addsub_f f;
-        PTR_SIZE_INT p;
-    } u;
-    static const BIGNUM _bignum_nist_p_384_sqr = {
-        (BN_ULONG *)_nist_p_384_sqr,
-        sizeof(_nist_p_384_sqr) / sizeof(_nist_p_384_sqr[0]),
-        sizeof(_nist_p_384_sqr) / sizeof(_nist_p_384_sqr[0]),
-        0, BN_FLG_STATIC_DATA
-    };
-
-    field = &_bignum_nist_p_384; /* just to make sure */
-
-    if (BN_is_negative(a) || BN_ucmp(a, &_bignum_nist_p_384_sqr) >= 0)
-        return BN_nnmod(r, a, field, ctx);
-
-    i = BN_ucmp(field, a);
-    if (i == 0) {
-        BN_zero(r);
-        return 1;
-    } else if (i > 0)
-        return (r == a) ? 1 : (BN_copy(r, a) != NULL);
-
-    if (r != a) {
-        if (!bn_wexpand(r, BN_NIST_384_TOP))
-            return 0;
-        r_d = r->d;
-        nist_cp_bn(r_d, a_d, BN_NIST_384_TOP);
-    } else
-        r_d = a_d;
-
-    nist_cp_bn_0(buf.bn, a_d + BN_NIST_384_TOP, top - BN_NIST_384_TOP,
-                 BN_NIST_384_TOP);
-
-#if defined(NIST_INT64)
-    {
-        NIST_INT64 acc;         /* accumulator */
-        unsigned int *rp = (unsigned int *)r_d;
-        const unsigned int *bp = (const unsigned int *)buf.ui;
-
-        acc = rp[0];
-        acc += bp[12 - 12];
-        acc += bp[21 - 12];
-        acc += bp[20 - 12];
-        acc -= bp[23 - 12];
-        rp[0] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[1];
-        acc += bp[13 - 12];
-        acc += bp[22 - 12];
-        acc += bp[23 - 12];
-        acc -= bp[12 - 12];
-        acc -= bp[20 - 12];
-        rp[1] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[2];
-        acc += bp[14 - 12];
-        acc += bp[23 - 12];
-        acc -= bp[13 - 12];
-        acc -= bp[21 - 12];
-        rp[2] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[3];
-        acc += bp[15 - 12];
-        acc += bp[12 - 12];
-        acc += bp[20 - 12];
-        acc += bp[21 - 12];
-        acc -= bp[14 - 12];
-        acc -= bp[22 - 12];
-        acc -= bp[23 - 12];
-        rp[3] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[4];
-        acc += bp[21 - 12];
-        acc += bp[21 - 12];
-        acc += bp[16 - 12];
-        acc += bp[13 - 12];
-        acc += bp[12 - 12];
-        acc += bp[20 - 12];
-        acc += bp[22 - 12];
-        acc -= bp[15 - 12];
-        acc -= bp[23 - 12];
-        acc -= bp[23 - 12];
-        rp[4] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[5];
-        acc += bp[22 - 12];
-        acc += bp[22 - 12];
-        acc += bp[17 - 12];
-        acc += bp[14 - 12];
-        acc += bp[13 - 12];
-        acc += bp[21 - 12];
-        acc += bp[23 - 12];
-        acc -= bp[16 - 12];
-        rp[5] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[6];
-        acc += bp[23 - 12];
-        acc += bp[23 - 12];
-        acc += bp[18 - 12];
-        acc += bp[15 - 12];
-        acc += bp[14 - 12];
-        acc += bp[22 - 12];
-        acc -= bp[17 - 12];
-        rp[6] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[7];
-        acc += bp[19 - 12];
-        acc += bp[16 - 12];
-        acc += bp[15 - 12];
-        acc += bp[23 - 12];
-        acc -= bp[18 - 12];
-        rp[7] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[8];
-        acc += bp[20 - 12];
-        acc += bp[17 - 12];
-        acc += bp[16 - 12];
-        acc -= bp[19 - 12];
-        rp[8] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[9];
-        acc += bp[21 - 12];
-        acc += bp[18 - 12];
-        acc += bp[17 - 12];
-        acc -= bp[20 - 12];
-        rp[9] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[10];
-        acc += bp[22 - 12];
-        acc += bp[19 - 12];
-        acc += bp[18 - 12];
-        acc -= bp[21 - 12];
-        rp[10] = (unsigned int)acc;
-        acc >>= 32;
-
-        acc += rp[11];
-        acc += bp[23 - 12];
-        acc += bp[20 - 12];
-        acc += bp[19 - 12];
-        acc -= bp[22 - 12];
-        rp[11] = (unsigned int)acc;
-
-        carry = (int)(acc >> 32);
-    }
-#else
-    {
-        BN_ULONG t_d[BN_NIST_384_TOP];
-
-        /*
-         * S1
-         */
-        nist_set_256(t_d, buf.bn, 0, 0, 0, 0, 0, 23 - 4, 22 - 4, 21 - 4);
-        /* left shift */
-        {
-            register BN_ULONG *ap, t, c;
-            ap = t_d;
-            c = 0;
-            for (i = 3; i != 0; --i) {
-                t = *ap;
-                *(ap++) = ((t << 1) | c) & BN_MASK2;
-                c = (t & BN_TBIT) ? 1 : 0;
-            }
-            *ap = c;
-        }
-        carry =
-            (int)bn_add_words(r_d + (128 / BN_BITS2), r_d + (128 / BN_BITS2),
-                              t_d, BN_NIST_256_TOP);
-        /*
-         * S2
-         */
-        carry += (int)bn_add_words(r_d, r_d, buf.bn, BN_NIST_384_TOP);
-        /*
-         * S3
-         */
-        nist_set_384(t_d, buf.bn, 20, 19, 18, 17, 16, 15, 14, 13, 12, 23, 22,
-                     21);
-        carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
-        /*
-         * S4
-         */
-        nist_set_384(t_d, buf.bn, 19, 18, 17, 16, 15, 14, 13, 12, 20, 0, 23,
-                     0);
-        carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
-        /*
-         * S5
-         */
-        nist_set_384(t_d, buf.bn, 0, 0, 0, 0, 23, 22, 21, 20, 0, 0, 0, 0);
-        carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
-        /*
-         * S6
-         */
-        nist_set_384(t_d, buf.bn, 0, 0, 0, 0, 0, 0, 23, 22, 21, 0, 0, 20);
-        carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
-        /*
-         * D1
-         */
-        nist_set_384(t_d, buf.bn, 22, 21, 20, 19, 18, 17, 16, 15, 14, 13, 12,
-                     23);
-        carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP);
-        /*
-         * D2
-         */
-        nist_set_384(t_d, buf.bn, 0, 0, 0, 0, 0, 0, 0, 23, 22, 21, 20, 0);
-        carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP);
-        /*
-         * D3
-         */
-        nist_set_384(t_d, buf.bn, 0, 0, 0, 0, 0, 0, 0, 23, 23, 0, 0, 0);
-        carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP);
-
-    }
-#endif
-    /* see BN_nist_mod_224 for explanation */
-    u.f = bn_sub_words;
-    if (carry > 0)
-        carry =
-            (int)bn_sub_words(r_d, r_d, _nist_p_384[carry - 1],
-                              BN_NIST_384_TOP);
-    else if (carry < 0) {
-        carry =
-            (int)bn_add_words(r_d, r_d, _nist_p_384[-carry - 1],
-                              BN_NIST_384_TOP);
-        mask = 0 - (PTR_SIZE_INT) carry;
-        u.p = ((PTR_SIZE_INT) bn_sub_words & mask) |
-            ((PTR_SIZE_INT) bn_add_words & ~mask);
-    } else
-        carry = 1;
-
-    mask =
-        0 - (PTR_SIZE_INT) (*u.f) (c_d, r_d, _nist_p_384[0], BN_NIST_384_TOP);
-    mask &= 0 - (PTR_SIZE_INT) carry;
-    res = c_d;
-    res = (BN_ULONG *)(((PTR_SIZE_INT) res & ~mask) |
-                       ((PTR_SIZE_INT) r_d & mask));
-    nist_cp_bn(r_d, res, BN_NIST_384_TOP);
-    r->top = BN_NIST_384_TOP;
-    bn_correct_top(r);
-
-    return 1;
-}
-
-#define BN_NIST_521_RSHIFT      (521%BN_BITS2)
-#define BN_NIST_521_LSHIFT      (BN_BITS2-BN_NIST_521_RSHIFT)
-#define BN_NIST_521_TOP_MASK    ((BN_ULONG)BN_MASK2>>BN_NIST_521_LSHIFT)
-
-int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
-                    BN_CTX *ctx)
-{
-    int top = a->top, i;
-    BN_ULONG *r_d, *a_d = a->d, t_d[BN_NIST_521_TOP], val, tmp, *res;
-    PTR_SIZE_INT mask;
-    static const BIGNUM _bignum_nist_p_521_sqr = {
-        (BN_ULONG *)_nist_p_521_sqr,
-        sizeof(_nist_p_521_sqr) / sizeof(_nist_p_521_sqr[0]),
-        sizeof(_nist_p_521_sqr) / sizeof(_nist_p_521_sqr[0]),
-        0, BN_FLG_STATIC_DATA
-    };
-
-    field = &_bignum_nist_p_521; /* just to make sure */
-
-    if (BN_is_negative(a) || BN_ucmp(a, &_bignum_nist_p_521_sqr) >= 0)
-        return BN_nnmod(r, a, field, ctx);
-
-    i = BN_ucmp(field, a);
-    if (i == 0) {
-        BN_zero(r);
-        return 1;
-    } else if (i > 0)
-        return (r == a) ? 1 : (BN_copy(r, a) != NULL);
-
-    if (r != a) {
-        if (!bn_wexpand(r, BN_NIST_521_TOP))
-            return 0;
-        r_d = r->d;
-        nist_cp_bn(r_d, a_d, BN_NIST_521_TOP);
-    } else
-        r_d = a_d;
-
-    /* upper 521 bits, copy ... */
-    nist_cp_bn_0(t_d, a_d + (BN_NIST_521_TOP - 1),
-                 top - (BN_NIST_521_TOP - 1), BN_NIST_521_TOP);
-    /* ... and right shift */
-    for (val = t_d[0], i = 0; i < BN_NIST_521_TOP - 1; i++) {
-        t_d[i] = (val >> BN_NIST_521_RSHIFT |
-                  (tmp = t_d[i + 1]) << BN_NIST_521_LSHIFT) & BN_MASK2;
-        val = tmp;
-    }
-    t_d[i] = val >> BN_NIST_521_RSHIFT;
-    /* lower 521 bits */
-    r_d[i] &= BN_NIST_521_TOP_MASK;
-
-    bn_add_words(r_d, r_d, t_d, BN_NIST_521_TOP);
-    mask =
-        0 - (PTR_SIZE_INT) bn_sub_words(t_d, r_d, _nist_p_521,
-                                        BN_NIST_521_TOP);
-    res = t_d;
-    res = (BN_ULONG *)(((PTR_SIZE_INT) res & ~mask) |
-                       ((PTR_SIZE_INT) r_d & mask));
-    nist_cp_bn(r_d, res, BN_NIST_521_TOP);
-    r->top = BN_NIST_521_TOP;
-    bn_correct_top(r);
-
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/bn/bn_prime.c b/thirdparty/openssl/crypto/bn/bn_prime.c
deleted file mode 100644
index e911e15785..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_prime.c
+++ /dev/null
@@ -1,504 +0,0 @@
-/* crypto/bn/bn_prime.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-#include <openssl/rand.h>
-
-/*
- * NB: these functions have been "upgraded", the deprecated versions (which
- * are compatibility wrappers using these functions) are in bn_depr.c. -
- * Geoff
- */
-
-/*
- * The quick sieve algorithm approach to weeding out primes is Philip
- * Zimmermann's, as implemented in PGP.  I have had a read of his comments
- * and implemented my own version.
- */
-#include "bn_prime.h"
-
-static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
-                   const BIGNUM *a1_odd, int k, BN_CTX *ctx,
-                   BN_MONT_CTX *mont);
-static int probable_prime(BIGNUM *rnd, int bits);
-static int probable_prime_dh(BIGNUM *rnd, int bits,
-                             const BIGNUM *add, const BIGNUM *rem,
-                             BN_CTX *ctx);
-static int probable_prime_dh_safe(BIGNUM *rnd, int bits, const BIGNUM *add,
-                                  const BIGNUM *rem, BN_CTX *ctx);
-
-int BN_GENCB_call(BN_GENCB *cb, int a, int b)
-{
-    /* No callback means continue */
-    if (!cb)
-        return 1;
-    switch (cb->ver) {
-    case 1:
-        /* Deprecated-style callbacks */
-        if (!cb->cb.cb_1)
-            return 1;
-        cb->cb.cb_1(a, b, cb->arg);
-        return 1;
-    case 2:
-        /* New-style callbacks */
-        return cb->cb.cb_2(a, b, cb);
-    default:
-        break;
-    }
-    /* Unrecognised callback type */
-    return 0;
-}
-
-int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe,
-                         const BIGNUM *add, const BIGNUM *rem, BN_GENCB *cb)
-{
-    BIGNUM *t;
-    int found = 0;
-    int i, j, c1 = 0;
-    BN_CTX *ctx;
-    int checks = BN_prime_checks_for_size(bits);
-
-    ctx = BN_CTX_new();
-    if (ctx == NULL)
-        goto err;
-    BN_CTX_start(ctx);
-    t = BN_CTX_get(ctx);
-    if (!t)
-        goto err;
- loop:
-    /* make a random number and set the top and bottom bits */
-    if (add == NULL) {
-        if (!probable_prime(ret, bits))
-            goto err;
-    } else {
-        if (safe) {
-            if (!probable_prime_dh_safe(ret, bits, add, rem, ctx))
-                goto err;
-        } else {
-            if (!probable_prime_dh(ret, bits, add, rem, ctx))
-                goto err;
-        }
-    }
-    /* if (BN_mod_word(ret,(BN_ULONG)3) == 1) goto loop; */
-    if (!BN_GENCB_call(cb, 0, c1++))
-        /* aborted */
-        goto err;
-
-    if (!safe) {
-        i = BN_is_prime_fasttest_ex(ret, checks, ctx, 0, cb);
-        if (i == -1)
-            goto err;
-        if (i == 0)
-            goto loop;
-    } else {
-        /*
-         * for "safe prime" generation, check that (p-1)/2 is prime. Since a
-         * prime is odd, We just need to divide by 2
-         */
-        if (!BN_rshift1(t, ret))
-            goto err;
-
-        for (i = 0; i < checks; i++) {
-            j = BN_is_prime_fasttest_ex(ret, 1, ctx, 0, cb);
-            if (j == -1)
-                goto err;
-            if (j == 0)
-                goto loop;
-
-            j = BN_is_prime_fasttest_ex(t, 1, ctx, 0, cb);
-            if (j == -1)
-                goto err;
-            if (j == 0)
-                goto loop;
-
-            if (!BN_GENCB_call(cb, 2, c1 - 1))
-                goto err;
-            /* We have a safe prime test pass */
-        }
-    }
-    /* we have a prime :-) */
-    found = 1;
- err:
-    if (ctx != NULL) {
-        BN_CTX_end(ctx);
-        BN_CTX_free(ctx);
-    }
-    bn_check_top(ret);
-    return found;
-}
-
-int BN_is_prime_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed,
-                   BN_GENCB *cb)
-{
-    return BN_is_prime_fasttest_ex(a, checks, ctx_passed, 0, cb);
-}
-
-int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed,
-                            int do_trial_division, BN_GENCB *cb)
-{
-    int i, j, ret = -1;
-    int k;
-    BN_CTX *ctx = NULL;
-    BIGNUM *A1, *A1_odd, *check; /* taken from ctx */
-    BN_MONT_CTX *mont = NULL;
-
-    if (BN_cmp(a, BN_value_one()) <= 0)
-        return 0;
-
-    if (checks == BN_prime_checks)
-        checks = BN_prime_checks_for_size(BN_num_bits(a));
-
-    /* first look for small factors */
-    if (!BN_is_odd(a))
-        /* a is even => a is prime if and only if a == 2 */
-        return BN_is_word(a, 2);
-    if (do_trial_division) {
-        for (i = 1; i < NUMPRIMES; i++)
-            if (BN_mod_word(a, primes[i]) == 0)
-                return 0;
-        if (!BN_GENCB_call(cb, 1, -1))
-            goto err;
-    }
-
-    if (ctx_passed != NULL)
-        ctx = ctx_passed;
-    else if ((ctx = BN_CTX_new()) == NULL)
-        goto err;
-    BN_CTX_start(ctx);
-
-    A1 = BN_CTX_get(ctx);
-    A1_odd = BN_CTX_get(ctx);
-    check = BN_CTX_get(ctx);
-    if (check == NULL)
-        goto err;
-
-    /* compute A1 := a - 1 */
-    if (!BN_copy(A1, a))
-        goto err;
-    if (!BN_sub_word(A1, 1))
-        goto err;
-    if (BN_is_zero(A1)) {
-        ret = 0;
-        goto err;
-    }
-
-    /* write  A1  as  A1_odd * 2^k */
-    k = 1;
-    while (!BN_is_bit_set(A1, k))
-        k++;
-    if (!BN_rshift(A1_odd, A1, k))
-        goto err;
-
-    /* Montgomery setup for computations mod a */
-    mont = BN_MONT_CTX_new();
-    if (mont == NULL)
-        goto err;
-    if (!BN_MONT_CTX_set(mont, a, ctx))
-        goto err;
-
-    for (i = 0; i < checks; i++) {
-        if (!BN_pseudo_rand_range(check, A1))
-            goto err;
-        if (!BN_add_word(check, 1))
-            goto err;
-        /* now 1 <= check < a */
-
-        j = witness(check, a, A1, A1_odd, k, ctx, mont);
-        if (j == -1)
-            goto err;
-        if (j) {
-            ret = 0;
-            goto err;
-        }
-        if (!BN_GENCB_call(cb, 1, i))
-            goto err;
-    }
-    ret = 1;
- err:
-    if (ctx != NULL) {
-        BN_CTX_end(ctx);
-        if (ctx_passed == NULL)
-            BN_CTX_free(ctx);
-    }
-    if (mont != NULL)
-        BN_MONT_CTX_free(mont);
-
-    return (ret);
-}
-
-static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
-                   const BIGNUM *a1_odd, int k, BN_CTX *ctx,
-                   BN_MONT_CTX *mont)
-{
-    if (!BN_mod_exp_mont(w, w, a1_odd, a, ctx, mont)) /* w := w^a1_odd mod a */
-        return -1;
-    if (BN_is_one(w))
-        return 0;               /* probably prime */
-    if (BN_cmp(w, a1) == 0)
-        return 0;               /* w == -1 (mod a), 'a' is probably prime */
-    while (--k) {
-        if (!BN_mod_mul(w, w, w, a, ctx)) /* w := w^2 mod a */
-            return -1;
-        if (BN_is_one(w))
-            return 1;           /* 'a' is composite, otherwise a previous 'w'
-                                 * would have been == -1 (mod 'a') */
-        if (BN_cmp(w, a1) == 0)
-            return 0;           /* w == -1 (mod a), 'a' is probably prime */
-    }
-    /*
-     * If we get here, 'w' is the (a-1)/2-th power of the original 'w', and
-     * it is neither -1 nor +1 -- so 'a' cannot be prime
-     */
-    bn_check_top(w);
-    return 1;
-}
-
-static int probable_prime(BIGNUM *rnd, int bits)
-{
-    int i;
-    prime_t mods[NUMPRIMES];
-    BN_ULONG delta, maxdelta;
-
- again:
-    if (!BN_rand(rnd, bits, 1, 1))
-        return (0);
-    /* we now have a random number 'rand' to test. */
-    for (i = 1; i < NUMPRIMES; i++)
-        mods[i] = (prime_t) BN_mod_word(rnd, (BN_ULONG)primes[i]);
-    maxdelta = BN_MASK2 - primes[NUMPRIMES - 1];
-    delta = 0;
- loop:for (i = 1; i < NUMPRIMES; i++) {
-        /*
-         * check that rnd is not a prime and also that gcd(rnd-1,primes) == 1
-         * (except for 2)
-         */
-        if (((mods[i] + delta) % primes[i]) <= 1) {
-            delta += 2;
-            if (delta > maxdelta)
-                goto again;
-            goto loop;
-        }
-    }
-    if (!BN_add_word(rnd, delta))
-        return (0);
-    bn_check_top(rnd);
-    return (1);
-}
-
-static int probable_prime_dh(BIGNUM *rnd, int bits,
-                             const BIGNUM *add, const BIGNUM *rem,
-                             BN_CTX *ctx)
-{
-    int i, ret = 0;
-    BIGNUM *t1;
-
-    BN_CTX_start(ctx);
-    if ((t1 = BN_CTX_get(ctx)) == NULL)
-        goto err;
-
-    if (!BN_rand(rnd, bits, 0, 1))
-        goto err;
-
-    /* we need ((rnd-rem) % add) == 0 */
-
-    if (!BN_mod(t1, rnd, add, ctx))
-        goto err;
-    if (!BN_sub(rnd, rnd, t1))
-        goto err;
-    if (rem == NULL) {
-        if (!BN_add_word(rnd, 1))
-            goto err;
-    } else {
-        if (!BN_add(rnd, rnd, rem))
-            goto err;
-    }
-
-    /* we now have a random number 'rand' to test. */
-
- loop:for (i = 1; i < NUMPRIMES; i++) {
-        /* check that rnd is a prime */
-        if (BN_mod_word(rnd, (BN_ULONG)primes[i]) <= 1) {
-            if (!BN_add(rnd, rnd, add))
-                goto err;
-            goto loop;
-        }
-    }
-    ret = 1;
- err:
-    BN_CTX_end(ctx);
-    bn_check_top(rnd);
-    return (ret);
-}
-
-static int probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd,
-                                  const BIGNUM *rem, BN_CTX *ctx)
-{
-    int i, ret = 0;
-    BIGNUM *t1, *qadd, *q;
-
-    bits--;
-    BN_CTX_start(ctx);
-    t1 = BN_CTX_get(ctx);
-    q = BN_CTX_get(ctx);
-    qadd = BN_CTX_get(ctx);
-    if (qadd == NULL)
-        goto err;
-
-    if (!BN_rshift1(qadd, padd))
-        goto err;
-
-    if (!BN_rand(q, bits, 0, 1))
-        goto err;
-
-    /* we need ((rnd-rem) % add) == 0 */
-    if (!BN_mod(t1, q, qadd, ctx))
-        goto err;
-    if (!BN_sub(q, q, t1))
-        goto err;
-    if (rem == NULL) {
-        if (!BN_add_word(q, 1))
-            goto err;
-    } else {
-        if (!BN_rshift1(t1, rem))
-            goto err;
-        if (!BN_add(q, q, t1))
-            goto err;
-    }
-
-    /* we now have a random number 'rand' to test. */
-    if (!BN_lshift1(p, q))
-        goto err;
-    if (!BN_add_word(p, 1))
-        goto err;
-
- loop:for (i = 1; i < NUMPRIMES; i++) {
-        /* check that p and q are prime */
-        /*
-         * check that for p and q gcd(p-1,primes) == 1 (except for 2)
-         */
-        if ((BN_mod_word(p, (BN_ULONG)primes[i]) == 0) ||
-            (BN_mod_word(q, (BN_ULONG)primes[i]) == 0)) {
-            if (!BN_add(p, p, padd))
-                goto err;
-            if (!BN_add(q, q, qadd))
-                goto err;
-            goto loop;
-        }
-    }
-    ret = 1;
- err:
-    BN_CTX_end(ctx);
-    bn_check_top(p);
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/bn/bn_prime.h b/thirdparty/openssl/crypto/bn/bn_prime.h
deleted file mode 100644
index 489af8b424..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_prime.h
+++ /dev/null
@@ -1,326 +0,0 @@
-/* Auto generated by bn_prime.pl */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef EIGHT_BIT
-# define NUMPRIMES 2048
-typedef unsigned short prime_t;
-#else
-# define NUMPRIMES 54
-typedef unsigned char prime_t;
-#endif
-static const prime_t primes[NUMPRIMES] = {
-         2,     3,     5,     7,    11,    13,    17,    19,
-        23,    29,    31,    37,    41,    43,    47,    53,
-        59,    61,    67,    71,    73,    79,    83,    89,
-        97,   101,   103,   107,   109,   113,   127,   131,
-       137,   139,   149,   151,   157,   163,   167,   173,
-       179,   181,   191,   193,   197,   199,   211,   223,
-       227,   229,   233,   239,   241,   251,
-#ifndef EIGHT_BIT
-       257,   263,
-       269,   271,   277,   281,   283,   293,   307,   311,
-       313,   317,   331,   337,   347,   349,   353,   359,
-       367,   373,   379,   383,   389,   397,   401,   409,
-       419,   421,   431,   433,   439,   443,   449,   457,
-       461,   463,   467,   479,   487,   491,   499,   503,
-       509,   521,   523,   541,   547,   557,   563,   569,
-       571,   577,   587,   593,   599,   601,   607,   613,
-       617,   619,   631,   641,   643,   647,   653,   659,
-       661,   673,   677,   683,   691,   701,   709,   719,
-       727,   733,   739,   743,   751,   757,   761,   769,
-       773,   787,   797,   809,   811,   821,   823,   827,
-       829,   839,   853,   857,   859,   863,   877,   881,
-       883,   887,   907,   911,   919,   929,   937,   941,
-       947,   953,   967,   971,   977,   983,   991,   997,
-      1009,  1013,  1019,  1021,  1031,  1033,  1039,  1049,
-      1051,  1061,  1063,  1069,  1087,  1091,  1093,  1097,
-      1103,  1109,  1117,  1123,  1129,  1151,  1153,  1163,
-      1171,  1181,  1187,  1193,  1201,  1213,  1217,  1223,
-      1229,  1231,  1237,  1249,  1259,  1277,  1279,  1283,
-      1289,  1291,  1297,  1301,  1303,  1307,  1319,  1321,
-      1327,  1361,  1367,  1373,  1381,  1399,  1409,  1423,
-      1427,  1429,  1433,  1439,  1447,  1451,  1453,  1459,
-      1471,  1481,  1483,  1487,  1489,  1493,  1499,  1511,
-      1523,  1531,  1543,  1549,  1553,  1559,  1567,  1571,
-      1579,  1583,  1597,  1601,  1607,  1609,  1613,  1619,
-      1621,  1627,  1637,  1657,  1663,  1667,  1669,  1693,
-      1697,  1699,  1709,  1721,  1723,  1733,  1741,  1747,
-      1753,  1759,  1777,  1783,  1787,  1789,  1801,  1811,
-      1823,  1831,  1847,  1861,  1867,  1871,  1873,  1877,
-      1879,  1889,  1901,  1907,  1913,  1931,  1933,  1949,
-      1951,  1973,  1979,  1987,  1993,  1997,  1999,  2003,
-      2011,  2017,  2027,  2029,  2039,  2053,  2063,  2069,
-      2081,  2083,  2087,  2089,  2099,  2111,  2113,  2129,
-      2131,  2137,  2141,  2143,  2153,  2161,  2179,  2203,
-      2207,  2213,  2221,  2237,  2239,  2243,  2251,  2267,
-      2269,  2273,  2281,  2287,  2293,  2297,  2309,  2311,
-      2333,  2339,  2341,  2347,  2351,  2357,  2371,  2377,
-      2381,  2383,  2389,  2393,  2399,  2411,  2417,  2423,
-      2437,  2441,  2447,  2459,  2467,  2473,  2477,  2503,
-      2521,  2531,  2539,  2543,  2549,  2551,  2557,  2579,
-      2591,  2593,  2609,  2617,  2621,  2633,  2647,  2657,
-      2659,  2663,  2671,  2677,  2683,  2687,  2689,  2693,
-      2699,  2707,  2711,  2713,  2719,  2729,  2731,  2741,
-      2749,  2753,  2767,  2777,  2789,  2791,  2797,  2801,
-      2803,  2819,  2833,  2837,  2843,  2851,  2857,  2861,
-      2879,  2887,  2897,  2903,  2909,  2917,  2927,  2939,
-      2953,  2957,  2963,  2969,  2971,  2999,  3001,  3011,
-      3019,  3023,  3037,  3041,  3049,  3061,  3067,  3079,
-      3083,  3089,  3109,  3119,  3121,  3137,  3163,  3167,
-      3169,  3181,  3187,  3191,  3203,  3209,  3217,  3221,
-      3229,  3251,  3253,  3257,  3259,  3271,  3299,  3301,
-      3307,  3313,  3319,  3323,  3329,  3331,  3343,  3347,
-      3359,  3361,  3371,  3373,  3389,  3391,  3407,  3413,
-      3433,  3449,  3457,  3461,  3463,  3467,  3469,  3491,
-      3499,  3511,  3517,  3527,  3529,  3533,  3539,  3541,
-      3547,  3557,  3559,  3571,  3581,  3583,  3593,  3607,
-      3613,  3617,  3623,  3631,  3637,  3643,  3659,  3671,
-      3673,  3677,  3691,  3697,  3701,  3709,  3719,  3727,
-      3733,  3739,  3761,  3767,  3769,  3779,  3793,  3797,
-      3803,  3821,  3823,  3833,  3847,  3851,  3853,  3863,
-      3877,  3881,  3889,  3907,  3911,  3917,  3919,  3923,
-      3929,  3931,  3943,  3947,  3967,  3989,  4001,  4003,
-      4007,  4013,  4019,  4021,  4027,  4049,  4051,  4057,
-      4073,  4079,  4091,  4093,  4099,  4111,  4127,  4129,
-      4133,  4139,  4153,  4157,  4159,  4177,  4201,  4211,
-      4217,  4219,  4229,  4231,  4241,  4243,  4253,  4259,
-      4261,  4271,  4273,  4283,  4289,  4297,  4327,  4337,
-      4339,  4349,  4357,  4363,  4373,  4391,  4397,  4409,
-      4421,  4423,  4441,  4447,  4451,  4457,  4463,  4481,
-      4483,  4493,  4507,  4513,  4517,  4519,  4523,  4547,
-      4549,  4561,  4567,  4583,  4591,  4597,  4603,  4621,
-      4637,  4639,  4643,  4649,  4651,  4657,  4663,  4673,
-      4679,  4691,  4703,  4721,  4723,  4729,  4733,  4751,
-      4759,  4783,  4787,  4789,  4793,  4799,  4801,  4813,
-      4817,  4831,  4861,  4871,  4877,  4889,  4903,  4909,
-      4919,  4931,  4933,  4937,  4943,  4951,  4957,  4967,
-      4969,  4973,  4987,  4993,  4999,  5003,  5009,  5011,
-      5021,  5023,  5039,  5051,  5059,  5077,  5081,  5087,
-      5099,  5101,  5107,  5113,  5119,  5147,  5153,  5167,
-      5171,  5179,  5189,  5197,  5209,  5227,  5231,  5233,
-      5237,  5261,  5273,  5279,  5281,  5297,  5303,  5309,
-      5323,  5333,  5347,  5351,  5381,  5387,  5393,  5399,
-      5407,  5413,  5417,  5419,  5431,  5437,  5441,  5443,
-      5449,  5471,  5477,  5479,  5483,  5501,  5503,  5507,
-      5519,  5521,  5527,  5531,  5557,  5563,  5569,  5573,
-      5581,  5591,  5623,  5639,  5641,  5647,  5651,  5653,
-      5657,  5659,  5669,  5683,  5689,  5693,  5701,  5711,
-      5717,  5737,  5741,  5743,  5749,  5779,  5783,  5791,
-      5801,  5807,  5813,  5821,  5827,  5839,  5843,  5849,
-      5851,  5857,  5861,  5867,  5869,  5879,  5881,  5897,
-      5903,  5923,  5927,  5939,  5953,  5981,  5987,  6007,
-      6011,  6029,  6037,  6043,  6047,  6053,  6067,  6073,
-      6079,  6089,  6091,  6101,  6113,  6121,  6131,  6133,
-      6143,  6151,  6163,  6173,  6197,  6199,  6203,  6211,
-      6217,  6221,  6229,  6247,  6257,  6263,  6269,  6271,
-      6277,  6287,  6299,  6301,  6311,  6317,  6323,  6329,
-      6337,  6343,  6353,  6359,  6361,  6367,  6373,  6379,
-      6389,  6397,  6421,  6427,  6449,  6451,  6469,  6473,
-      6481,  6491,  6521,  6529,  6547,  6551,  6553,  6563,
-      6569,  6571,  6577,  6581,  6599,  6607,  6619,  6637,
-      6653,  6659,  6661,  6673,  6679,  6689,  6691,  6701,
-      6703,  6709,  6719,  6733,  6737,  6761,  6763,  6779,
-      6781,  6791,  6793,  6803,  6823,  6827,  6829,  6833,
-      6841,  6857,  6863,  6869,  6871,  6883,  6899,  6907,
-      6911,  6917,  6947,  6949,  6959,  6961,  6967,  6971,
-      6977,  6983,  6991,  6997,  7001,  7013,  7019,  7027,
-      7039,  7043,  7057,  7069,  7079,  7103,  7109,  7121,
-      7127,  7129,  7151,  7159,  7177,  7187,  7193,  7207,
-      7211,  7213,  7219,  7229,  7237,  7243,  7247,  7253,
-      7283,  7297,  7307,  7309,  7321,  7331,  7333,  7349,
-      7351,  7369,  7393,  7411,  7417,  7433,  7451,  7457,
-      7459,  7477,  7481,  7487,  7489,  7499,  7507,  7517,
-      7523,  7529,  7537,  7541,  7547,  7549,  7559,  7561,
-      7573,  7577,  7583,  7589,  7591,  7603,  7607,  7621,
-      7639,  7643,  7649,  7669,  7673,  7681,  7687,  7691,
-      7699,  7703,  7717,  7723,  7727,  7741,  7753,  7757,
-      7759,  7789,  7793,  7817,  7823,  7829,  7841,  7853,
-      7867,  7873,  7877,  7879,  7883,  7901,  7907,  7919,
-      7927,  7933,  7937,  7949,  7951,  7963,  7993,  8009,
-      8011,  8017,  8039,  8053,  8059,  8069,  8081,  8087,
-      8089,  8093,  8101,  8111,  8117,  8123,  8147,  8161,
-      8167,  8171,  8179,  8191,  8209,  8219,  8221,  8231,
-      8233,  8237,  8243,  8263,  8269,  8273,  8287,  8291,
-      8293,  8297,  8311,  8317,  8329,  8353,  8363,  8369,
-      8377,  8387,  8389,  8419,  8423,  8429,  8431,  8443,
-      8447,  8461,  8467,  8501,  8513,  8521,  8527,  8537,
-      8539,  8543,  8563,  8573,  8581,  8597,  8599,  8609,
-      8623,  8627,  8629,  8641,  8647,  8663,  8669,  8677,
-      8681,  8689,  8693,  8699,  8707,  8713,  8719,  8731,
-      8737,  8741,  8747,  8753,  8761,  8779,  8783,  8803,
-      8807,  8819,  8821,  8831,  8837,  8839,  8849,  8861,
-      8863,  8867,  8887,  8893,  8923,  8929,  8933,  8941,
-      8951,  8963,  8969,  8971,  8999,  9001,  9007,  9011,
-      9013,  9029,  9041,  9043,  9049,  9059,  9067,  9091,
-      9103,  9109,  9127,  9133,  9137,  9151,  9157,  9161,
-      9173,  9181,  9187,  9199,  9203,  9209,  9221,  9227,
-      9239,  9241,  9257,  9277,  9281,  9283,  9293,  9311,
-      9319,  9323,  9337,  9341,  9343,  9349,  9371,  9377,
-      9391,  9397,  9403,  9413,  9419,  9421,  9431,  9433,
-      9437,  9439,  9461,  9463,  9467,  9473,  9479,  9491,
-      9497,  9511,  9521,  9533,  9539,  9547,  9551,  9587,
-      9601,  9613,  9619,  9623,  9629,  9631,  9643,  9649,
-      9661,  9677,  9679,  9689,  9697,  9719,  9721,  9733,
-      9739,  9743,  9749,  9767,  9769,  9781,  9787,  9791,
-      9803,  9811,  9817,  9829,  9833,  9839,  9851,  9857,
-      9859,  9871,  9883,  9887,  9901,  9907,  9923,  9929,
-      9931,  9941,  9949,  9967,  9973, 10007, 10009, 10037,
-     10039, 10061, 10067, 10069, 10079, 10091, 10093, 10099,
-     10103, 10111, 10133, 10139, 10141, 10151, 10159, 10163,
-     10169, 10177, 10181, 10193, 10211, 10223, 10243, 10247,
-     10253, 10259, 10267, 10271, 10273, 10289, 10301, 10303,
-     10313, 10321, 10331, 10333, 10337, 10343, 10357, 10369,
-     10391, 10399, 10427, 10429, 10433, 10453, 10457, 10459,
-     10463, 10477, 10487, 10499, 10501, 10513, 10529, 10531,
-     10559, 10567, 10589, 10597, 10601, 10607, 10613, 10627,
-     10631, 10639, 10651, 10657, 10663, 10667, 10687, 10691,
-     10709, 10711, 10723, 10729, 10733, 10739, 10753, 10771,
-     10781, 10789, 10799, 10831, 10837, 10847, 10853, 10859,
-     10861, 10867, 10883, 10889, 10891, 10903, 10909, 10937,
-     10939, 10949, 10957, 10973, 10979, 10987, 10993, 11003,
-     11027, 11047, 11057, 11059, 11069, 11071, 11083, 11087,
-     11093, 11113, 11117, 11119, 11131, 11149, 11159, 11161,
-     11171, 11173, 11177, 11197, 11213, 11239, 11243, 11251,
-     11257, 11261, 11273, 11279, 11287, 11299, 11311, 11317,
-     11321, 11329, 11351, 11353, 11369, 11383, 11393, 11399,
-     11411, 11423, 11437, 11443, 11447, 11467, 11471, 11483,
-     11489, 11491, 11497, 11503, 11519, 11527, 11549, 11551,
-     11579, 11587, 11593, 11597, 11617, 11621, 11633, 11657,
-     11677, 11681, 11689, 11699, 11701, 11717, 11719, 11731,
-     11743, 11777, 11779, 11783, 11789, 11801, 11807, 11813,
-     11821, 11827, 11831, 11833, 11839, 11863, 11867, 11887,
-     11897, 11903, 11909, 11923, 11927, 11933, 11939, 11941,
-     11953, 11959, 11969, 11971, 11981, 11987, 12007, 12011,
-     12037, 12041, 12043, 12049, 12071, 12073, 12097, 12101,
-     12107, 12109, 12113, 12119, 12143, 12149, 12157, 12161,
-     12163, 12197, 12203, 12211, 12227, 12239, 12241, 12251,
-     12253, 12263, 12269, 12277, 12281, 12289, 12301, 12323,
-     12329, 12343, 12347, 12373, 12377, 12379, 12391, 12401,
-     12409, 12413, 12421, 12433, 12437, 12451, 12457, 12473,
-     12479, 12487, 12491, 12497, 12503, 12511, 12517, 12527,
-     12539, 12541, 12547, 12553, 12569, 12577, 12583, 12589,
-     12601, 12611, 12613, 12619, 12637, 12641, 12647, 12653,
-     12659, 12671, 12689, 12697, 12703, 12713, 12721, 12739,
-     12743, 12757, 12763, 12781, 12791, 12799, 12809, 12821,
-     12823, 12829, 12841, 12853, 12889, 12893, 12899, 12907,
-     12911, 12917, 12919, 12923, 12941, 12953, 12959, 12967,
-     12973, 12979, 12983, 13001, 13003, 13007, 13009, 13033,
-     13037, 13043, 13049, 13063, 13093, 13099, 13103, 13109,
-     13121, 13127, 13147, 13151, 13159, 13163, 13171, 13177,
-     13183, 13187, 13217, 13219, 13229, 13241, 13249, 13259,
-     13267, 13291, 13297, 13309, 13313, 13327, 13331, 13337,
-     13339, 13367, 13381, 13397, 13399, 13411, 13417, 13421,
-     13441, 13451, 13457, 13463, 13469, 13477, 13487, 13499,
-     13513, 13523, 13537, 13553, 13567, 13577, 13591, 13597,
-     13613, 13619, 13627, 13633, 13649, 13669, 13679, 13681,
-     13687, 13691, 13693, 13697, 13709, 13711, 13721, 13723,
-     13729, 13751, 13757, 13759, 13763, 13781, 13789, 13799,
-     13807, 13829, 13831, 13841, 13859, 13873, 13877, 13879,
-     13883, 13901, 13903, 13907, 13913, 13921, 13931, 13933,
-     13963, 13967, 13997, 13999, 14009, 14011, 14029, 14033,
-     14051, 14057, 14071, 14081, 14083, 14087, 14107, 14143,
-     14149, 14153, 14159, 14173, 14177, 14197, 14207, 14221,
-     14243, 14249, 14251, 14281, 14293, 14303, 14321, 14323,
-     14327, 14341, 14347, 14369, 14387, 14389, 14401, 14407,
-     14411, 14419, 14423, 14431, 14437, 14447, 14449, 14461,
-     14479, 14489, 14503, 14519, 14533, 14537, 14543, 14549,
-     14551, 14557, 14561, 14563, 14591, 14593, 14621, 14627,
-     14629, 14633, 14639, 14653, 14657, 14669, 14683, 14699,
-     14713, 14717, 14723, 14731, 14737, 14741, 14747, 14753,
-     14759, 14767, 14771, 14779, 14783, 14797, 14813, 14821,
-     14827, 14831, 14843, 14851, 14867, 14869, 14879, 14887,
-     14891, 14897, 14923, 14929, 14939, 14947, 14951, 14957,
-     14969, 14983, 15013, 15017, 15031, 15053, 15061, 15073,
-     15077, 15083, 15091, 15101, 15107, 15121, 15131, 15137,
-     15139, 15149, 15161, 15173, 15187, 15193, 15199, 15217,
-     15227, 15233, 15241, 15259, 15263, 15269, 15271, 15277,
-     15287, 15289, 15299, 15307, 15313, 15319, 15329, 15331,
-     15349, 15359, 15361, 15373, 15377, 15383, 15391, 15401,
-     15413, 15427, 15439, 15443, 15451, 15461, 15467, 15473,
-     15493, 15497, 15511, 15527, 15541, 15551, 15559, 15569,
-     15581, 15583, 15601, 15607, 15619, 15629, 15641, 15643,
-     15647, 15649, 15661, 15667, 15671, 15679, 15683, 15727,
-     15731, 15733, 15737, 15739, 15749, 15761, 15767, 15773,
-     15787, 15791, 15797, 15803, 15809, 15817, 15823, 15859,
-     15877, 15881, 15887, 15889, 15901, 15907, 15913, 15919,
-     15923, 15937, 15959, 15971, 15973, 15991, 16001, 16007,
-     16033, 16057, 16061, 16063, 16067, 16069, 16073, 16087,
-     16091, 16097, 16103, 16111, 16127, 16139, 16141, 16183,
-     16187, 16189, 16193, 16217, 16223, 16229, 16231, 16249,
-     16253, 16267, 16273, 16301, 16319, 16333, 16339, 16349,
-     16361, 16363, 16369, 16381, 16411, 16417, 16421, 16427,
-     16433, 16447, 16451, 16453, 16477, 16481, 16487, 16493,
-     16519, 16529, 16547, 16553, 16561, 16567, 16573, 16603,
-     16607, 16619, 16631, 16633, 16649, 16651, 16657, 16661,
-     16673, 16691, 16693, 16699, 16703, 16729, 16741, 16747,
-     16759, 16763, 16787, 16811, 16823, 16829, 16831, 16843,
-     16871, 16879, 16883, 16889, 16901, 16903, 16921, 16927,
-     16931, 16937, 16943, 16963, 16979, 16981, 16987, 16993,
-     17011, 17021, 17027, 17029, 17033, 17041, 17047, 17053,
-     17077, 17093, 17099, 17107, 17117, 17123, 17137, 17159,
-     17167, 17183, 17189, 17191, 17203, 17207, 17209, 17231,
-     17239, 17257, 17291, 17293, 17299, 17317, 17321, 17327,
-     17333, 17341, 17351, 17359, 17377, 17383, 17387, 17389,
-     17393, 17401, 17417, 17419, 17431, 17443, 17449, 17467,
-     17471, 17477, 17483, 17489, 17491, 17497, 17509, 17519,
-     17539, 17551, 17569, 17573, 17579, 17581, 17597, 17599,
-     17609, 17623, 17627, 17657, 17659, 17669, 17681, 17683,
-     17707, 17713, 17729, 17737, 17747, 17749, 17761, 17783,
-     17789, 17791, 17807, 17827, 17837, 17839, 17851, 17863,
-#endif
-};
diff --git a/thirdparty/openssl/crypto/bn/bn_print.c b/thirdparty/openssl/crypto/bn/bn_print.c
deleted file mode 100644
index f85a6550a5..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_print.c
+++ /dev/null
@@ -1,402 +0,0 @@
-/* crypto/bn/bn_print.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include <limits.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include "bn_lcl.h"
-
-static const char Hex[] = "0123456789ABCDEF";
-
-/* Must 'OPENSSL_free' the returned data */
-char *BN_bn2hex(const BIGNUM *a)
-{
-    int i, j, v, z = 0;
-    char *buf;
-    char *p;
-
-    if (BN_is_zero(a))
-        return OPENSSL_strdup("0");
-    buf = OPENSSL_malloc(a->top * BN_BYTES * 2 + 2);
-    if (buf == NULL) {
-        BNerr(BN_F_BN_BN2HEX, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    p = buf;
-    if (a->neg)
-        *(p++) = '-';
-    for (i = a->top - 1; i >= 0; i--) {
-        for (j = BN_BITS2 - 8; j >= 0; j -= 8) {
-            /* strip leading zeros */
-            v = ((int)(a->d[i] >> (long)j)) & 0xff;
-            if (z || (v != 0)) {
-                *(p++) = Hex[v >> 4];
-                *(p++) = Hex[v & 0x0f];
-                z = 1;
-            }
-        }
-    }
-    *p = '\0';
- err:
-    return (buf);
-}
-
-/* Must 'OPENSSL_free' the returned data */
-char *BN_bn2dec(const BIGNUM *a)
-{
-    int i = 0, num, ok = 0;
-    char *buf = NULL;
-    char *p;
-    BIGNUM *t = NULL;
-    BN_ULONG *bn_data = NULL, *lp;
-    int bn_data_num;
-
-    /*-
-     * get an upper bound for the length of the decimal integer
-     * num <= (BN_num_bits(a) + 1) * log(2)
-     *     <= 3 * BN_num_bits(a) * 0.1001 + log(2) + 1     (rounding error)
-     *     <= BN_num_bits(a)/10 + BN_num_bits/1000 + 1 + 1
-     */
-    i = BN_num_bits(a) * 3;
-    num = (i / 10 + i / 1000 + 1) + 1;
-    bn_data_num = num / BN_DEC_NUM + 1;
-    bn_data = OPENSSL_malloc(bn_data_num * sizeof(BN_ULONG));
-    buf = OPENSSL_malloc(num + 3);
-    if ((buf == NULL) || (bn_data == NULL)) {
-        BNerr(BN_F_BN_BN2DEC, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    if ((t = BN_dup(a)) == NULL)
-        goto err;
-
-#define BUF_REMAIN (num+3 - (size_t)(p - buf))
-    p = buf;
-    lp = bn_data;
-    if (BN_is_zero(t)) {
-        *(p++) = '0';
-        *(p++) = '\0';
-    } else {
-        if (BN_is_negative(t))
-            *p++ = '-';
-
-        while (!BN_is_zero(t)) {
-            if (lp - bn_data >= bn_data_num)
-                goto err;
-            *lp = BN_div_word(t, BN_DEC_CONV);
-            if (*lp == (BN_ULONG)-1)
-                goto err;
-            lp++;
-        }
-        lp--;
-        /*
-         * We now have a series of blocks, BN_DEC_NUM chars in length, where
-         * the last one needs truncation. The blocks need to be reversed in
-         * order.
-         */
-        BIO_snprintf(p, BUF_REMAIN, BN_DEC_FMT1, *lp);
-        while (*p)
-            p++;
-        while (lp != bn_data) {
-            lp--;
-            BIO_snprintf(p, BUF_REMAIN, BN_DEC_FMT2, *lp);
-            while (*p)
-                p++;
-        }
-    }
-    ok = 1;
- err:
-    if (bn_data != NULL)
-        OPENSSL_free(bn_data);
-    if (t != NULL)
-        BN_free(t);
-    if (!ok && buf) {
-        OPENSSL_free(buf);
-        buf = NULL;
-    }
-
-    return (buf);
-}
-
-int BN_hex2bn(BIGNUM **bn, const char *a)
-{
-    BIGNUM *ret = NULL;
-    BN_ULONG l = 0;
-    int neg = 0, h, m, i, j, k, c;
-    int num;
-
-    if ((a == NULL) || (*a == '\0'))
-        return (0);
-
-    if (*a == '-') {
-        neg = 1;
-        a++;
-    }
-
-    for (i = 0; i <= (INT_MAX/4) && isxdigit((unsigned char)a[i]); i++)
-        continue;
-
-    if (i > INT_MAX/4)
-        goto err;
-
-    num = i + neg;
-    if (bn == NULL)
-        return (num);
-
-    /* a is the start of the hex digits, and it is 'i' long */
-    if (*bn == NULL) {
-        if ((ret = BN_new()) == NULL)
-            return (0);
-    } else {
-        ret = *bn;
-        BN_zero(ret);
-    }
-
-    /* i is the number of hex digits */
-    if (bn_expand(ret, i * 4) == NULL)
-        goto err;
-
-    j = i;                      /* least significant 'hex' */
-    m = 0;
-    h = 0;
-    while (j > 0) {
-        m = ((BN_BYTES * 2) <= j) ? (BN_BYTES * 2) : j;
-        l = 0;
-        for (;;) {
-            c = a[j - m];
-            if ((c >= '0') && (c <= '9'))
-                k = c - '0';
-            else if ((c >= 'a') && (c <= 'f'))
-                k = c - 'a' + 10;
-            else if ((c >= 'A') && (c <= 'F'))
-                k = c - 'A' + 10;
-            else
-                k = 0;          /* paranoia */
-            l = (l << 4) | k;
-
-            if (--m <= 0) {
-                ret->d[h++] = l;
-                break;
-            }
-        }
-        j -= (BN_BYTES * 2);
-    }
-    ret->top = h;
-    bn_correct_top(ret);
-
-    *bn = ret;
-    bn_check_top(ret);
-    /* Don't set the negative flag if it's zero. */
-    if (ret->top != 0)
-        ret->neg = neg;
-    return (num);
- err:
-    if (*bn == NULL)
-        BN_free(ret);
-    return (0);
-}
-
-int BN_dec2bn(BIGNUM **bn, const char *a)
-{
-    BIGNUM *ret = NULL;
-    BN_ULONG l = 0;
-    int neg = 0, i, j;
-    int num;
-
-    if ((a == NULL) || (*a == '\0'))
-        return (0);
-    if (*a == '-') {
-        neg = 1;
-        a++;
-    }
-
-    for (i = 0; i <= (INT_MAX/4) && isdigit((unsigned char)a[i]); i++)
-        continue;
-
-    if (i > INT_MAX/4)
-        goto err;
-
-    num = i + neg;
-    if (bn == NULL)
-        return (num);
-
-    /*
-     * a is the start of the digits, and it is 'i' long. We chop it into
-     * BN_DEC_NUM digits at a time
-     */
-    if (*bn == NULL) {
-        if ((ret = BN_new()) == NULL)
-            return (0);
-    } else {
-        ret = *bn;
-        BN_zero(ret);
-    }
-
-    /* i is the number of digits, a bit of an over expand */
-    if (bn_expand(ret, i * 4) == NULL)
-        goto err;
-
-    j = BN_DEC_NUM - (i % BN_DEC_NUM);
-    if (j == BN_DEC_NUM)
-        j = 0;
-    l = 0;
-    while (--i >= 0) {
-        l *= 10;
-        l += *a - '0';
-        a++;
-        if (++j == BN_DEC_NUM) {
-            BN_mul_word(ret, BN_DEC_CONV);
-            BN_add_word(ret, l);
-            l = 0;
-            j = 0;
-        }
-    }
-
-    bn_correct_top(ret);
-    *bn = ret;
-    bn_check_top(ret);
-    /* Don't set the negative flag if it's zero. */
-    if (ret->top != 0)
-        ret->neg = neg;
-    return (num);
- err:
-    if (*bn == NULL)
-        BN_free(ret);
-    return (0);
-}
-
-int BN_asc2bn(BIGNUM **bn, const char *a)
-{
-    const char *p = a;
-
-    if (*p == '-')
-        p++;
-
-    if (p[0] == '0' && (p[1] == 'X' || p[1] == 'x')) {
-        if (!BN_hex2bn(bn, p + 2))
-            return 0;
-    } else {
-        if (!BN_dec2bn(bn, p))
-            return 0;
-    }
-    /* Don't set the negative flag if it's zero. */
-    if (*a == '-' && (*bn)->top != 0)
-        (*bn)->neg = 1;
-    return 1;
-}
-
-#ifndef OPENSSL_NO_BIO
-# ifndef OPENSSL_NO_FP_API
-int BN_print_fp(FILE *fp, const BIGNUM *a)
-{
-    BIO *b;
-    int ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL)
-        return (0);
-    BIO_set_fp(b, fp, BIO_NOCLOSE);
-    ret = BN_print(b, a);
-    BIO_free(b);
-    return (ret);
-}
-# endif
-
-int BN_print(BIO *bp, const BIGNUM *a)
-{
-    int i, j, v, z = 0;
-    int ret = 0;
-
-    if ((a->neg) && (BIO_write(bp, "-", 1) != 1))
-        goto end;
-    if (BN_is_zero(a) && (BIO_write(bp, "0", 1) != 1))
-        goto end;
-    for (i = a->top - 1; i >= 0; i--) {
-        for (j = BN_BITS2 - 4; j >= 0; j -= 4) {
-            /* strip leading zeros */
-            v = ((int)(a->d[i] >> (long)j)) & 0x0f;
-            if (z || (v != 0)) {
-                if (BIO_write(bp, &(Hex[v]), 1) != 1)
-                    goto end;
-                z = 1;
-            }
-        }
-    }
-    ret = 1;
- end:
-    return (ret);
-}
-#endif
-
-char *BN_options(void)
-{
-    static int init = 0;
-    static char data[16];
-
-    if (!init) {
-        init++;
-#ifdef BN_LLONG
-        BIO_snprintf(data, sizeof data, "bn(%d,%d)",
-                     (int)sizeof(BN_ULLONG) * 8, (int)sizeof(BN_ULONG) * 8);
-#else
-        BIO_snprintf(data, sizeof data, "bn(%d,%d)",
-                     (int)sizeof(BN_ULONG) * 8, (int)sizeof(BN_ULONG) * 8);
-#endif
-    }
-    return (data);
-}
diff --git a/thirdparty/openssl/crypto/bn/bn_rand.c b/thirdparty/openssl/crypto/bn/bn_rand.c
deleted file mode 100644
index 60d3f2260b..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_rand.c
+++ /dev/null
@@ -1,294 +0,0 @@
-/* crypto/bn/bn_rand.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-#include <openssl/rand.h>
-
-static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
-{
-    unsigned char *buf = NULL;
-    int ret = 0, bit, bytes, mask;
-    time_t tim;
-
-    if (bits == 0) {
-        if (top != -1 || bottom != 0)
-            goto toosmall;
-        BN_zero(rnd);
-        return 1;
-    }
-    if (bits < 0 || (bits == 1 && top > 0))
-        goto toosmall;
-
-    bytes = (bits + 7) / 8;
-    bit = (bits - 1) % 8;
-    mask = 0xff << (bit + 1);
-
-    buf = (unsigned char *)OPENSSL_malloc(bytes);
-    if (buf == NULL) {
-        BNerr(BN_F_BNRAND, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    /* make a random number and set the top and bottom bits */
-    time(&tim);
-    RAND_add(&tim, sizeof(tim), 0.0);
-
-    /* We ignore the value of pseudorand and always call RAND_bytes */
-    if (RAND_bytes(buf, bytes) <= 0)
-        goto err;
-
-#if 1
-    if (pseudorand == 2) {
-        /*
-         * generate patterns that are more likely to trigger BN library bugs
-         */
-        int i;
-        unsigned char c;
-
-        for (i = 0; i < bytes; i++) {
-            if (RAND_pseudo_bytes(&c, 1) < 0)
-                goto err;
-            if (c >= 128 && i > 0)
-                buf[i] = buf[i - 1];
-            else if (c < 42)
-                buf[i] = 0;
-            else if (c < 84)
-                buf[i] = 255;
-        }
-    }
-#endif
-
-    if (top >= 0) {
-        if (top) {
-            if (bit == 0) {
-                buf[0] = 1;
-                buf[1] |= 0x80;
-            } else {
-                buf[0] |= (3 << (bit - 1));
-            }
-        } else {
-            buf[0] |= (1 << bit);
-        }
-    }
-    buf[0] &= ~mask;
-    if (bottom)                 /* set bottom bit if requested */
-        buf[bytes - 1] |= 1;
-    if (!BN_bin2bn(buf, bytes, rnd))
-        goto err;
-    ret = 1;
- err:
-    if (buf != NULL) {
-        OPENSSL_cleanse(buf, bytes);
-        OPENSSL_free(buf);
-    }
-    bn_check_top(rnd);
-    return (ret);
-
-toosmall:
-    BNerr(BN_F_BNRAND, BN_R_BITS_TOO_SMALL);
-    return 0;
-}
-
-int BN_rand(BIGNUM *rnd, int bits, int top, int bottom)
-{
-    return bnrand(0, rnd, bits, top, bottom);
-}
-
-int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom)
-{
-    return bnrand(1, rnd, bits, top, bottom);
-}
-
-#if 1
-int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom)
-{
-    return bnrand(2, rnd, bits, top, bottom);
-}
-#endif
-
-/* random number r:  0 <= r < range */
-static int bn_rand_range(int pseudo, BIGNUM *r, const BIGNUM *range)
-{
-    int (*bn_rand) (BIGNUM *, int, int, int) =
-        pseudo ? BN_pseudo_rand : BN_rand;
-    int n;
-    int count = 100;
-
-    if (range->neg || BN_is_zero(range)) {
-        BNerr(BN_F_BN_RAND_RANGE, BN_R_INVALID_RANGE);
-        return 0;
-    }
-
-    n = BN_num_bits(range);     /* n > 0 */
-
-    /* BN_is_bit_set(range, n - 1) always holds */
-
-    if (n == 1)
-        BN_zero(r);
-    else if (!BN_is_bit_set(range, n - 2) && !BN_is_bit_set(range, n - 3)) {
-        /*
-         * range = 100..._2, so 3*range (= 11..._2) is exactly one bit longer
-         * than range
-         */
-        do {
-            if (!bn_rand(r, n + 1, -1, 0))
-                return 0;
-            /*
-             * If r < 3*range, use r := r MOD range (which is either r, r -
-             * range, or r - 2*range). Otherwise, iterate once more. Since
-             * 3*range = 11..._2, each iteration succeeds with probability >=
-             * .75.
-             */
-            if (BN_cmp(r, range) >= 0) {
-                if (!BN_sub(r, r, range))
-                    return 0;
-                if (BN_cmp(r, range) >= 0)
-                    if (!BN_sub(r, r, range))
-                        return 0;
-            }
-
-            if (!--count) {
-                BNerr(BN_F_BN_RAND_RANGE, BN_R_TOO_MANY_ITERATIONS);
-                return 0;
-            }
-
-        }
-        while (BN_cmp(r, range) >= 0);
-    } else {
-        do {
-            /* range = 11..._2  or  range = 101..._2 */
-            if (!bn_rand(r, n, -1, 0))
-                return 0;
-
-            if (!--count) {
-                BNerr(BN_F_BN_RAND_RANGE, BN_R_TOO_MANY_ITERATIONS);
-                return 0;
-            }
-        }
-        while (BN_cmp(r, range) >= 0);
-    }
-
-    bn_check_top(r);
-    return 1;
-}
-
-int BN_rand_range(BIGNUM *r, const BIGNUM *range)
-{
-    return bn_rand_range(0, r, range);
-}
-
-int BN_pseudo_rand_range(BIGNUM *r, const BIGNUM *range)
-{
-    return bn_rand_range(1, r, range);
-}
diff --git a/thirdparty/openssl/crypto/bn/bn_recp.c b/thirdparty/openssl/crypto/bn/bn_recp.c
deleted file mode 100644
index f047040efe..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_recp.c
+++ /dev/null
@@ -1,252 +0,0 @@
-/* crypto/bn/bn_recp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-void BN_RECP_CTX_init(BN_RECP_CTX *recp)
-{
-    BN_init(&(recp->N));
-    BN_init(&(recp->Nr));
-    recp->num_bits = 0;
-    recp->shift = 0;
-    recp->flags = 0;
-}
-
-BN_RECP_CTX *BN_RECP_CTX_new(void)
-{
-    BN_RECP_CTX *ret;
-
-    if ((ret = (BN_RECP_CTX *)OPENSSL_malloc(sizeof(BN_RECP_CTX))) == NULL)
-        return (NULL);
-
-    BN_RECP_CTX_init(ret);
-    ret->flags = BN_FLG_MALLOCED;
-    return (ret);
-}
-
-void BN_RECP_CTX_free(BN_RECP_CTX *recp)
-{
-    if (recp == NULL)
-        return;
-
-    BN_free(&(recp->N));
-    BN_free(&(recp->Nr));
-    if (recp->flags & BN_FLG_MALLOCED)
-        OPENSSL_free(recp);
-}
-
-int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *d, BN_CTX *ctx)
-{
-    if (!BN_copy(&(recp->N), d))
-        return 0;
-    BN_zero(&(recp->Nr));
-    recp->num_bits = BN_num_bits(d);
-    recp->shift = 0;
-    return (1);
-}
-
-int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
-                          BN_RECP_CTX *recp, BN_CTX *ctx)
-{
-    int ret = 0;
-    BIGNUM *a;
-    const BIGNUM *ca;
-
-    BN_CTX_start(ctx);
-    if ((a = BN_CTX_get(ctx)) == NULL)
-        goto err;
-    if (y != NULL) {
-        if (x == y) {
-            if (!BN_sqr(a, x, ctx))
-                goto err;
-        } else {
-            if (!BN_mul(a, x, y, ctx))
-                goto err;
-        }
-        ca = a;
-    } else
-        ca = x;                 /* Just do the mod */
-
-    ret = BN_div_recp(NULL, r, ca, recp, ctx);
- err:
-    BN_CTX_end(ctx);
-    bn_check_top(r);
-    return (ret);
-}
-
-int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
-                BN_RECP_CTX *recp, BN_CTX *ctx)
-{
-    int i, j, ret = 0;
-    BIGNUM *a, *b, *d, *r;
-
-    BN_CTX_start(ctx);
-    a = BN_CTX_get(ctx);
-    b = BN_CTX_get(ctx);
-    if (dv != NULL)
-        d = dv;
-    else
-        d = BN_CTX_get(ctx);
-    if (rem != NULL)
-        r = rem;
-    else
-        r = BN_CTX_get(ctx);
-    if (a == NULL || b == NULL || d == NULL || r == NULL)
-        goto err;
-
-    if (BN_ucmp(m, &(recp->N)) < 0) {
-        BN_zero(d);
-        if (!BN_copy(r, m)) {
-            BN_CTX_end(ctx);
-            return 0;
-        }
-        BN_CTX_end(ctx);
-        return (1);
-    }
-
-    /*
-     * We want the remainder Given input of ABCDEF / ab we need multiply
-     * ABCDEF by 3 digests of the reciprocal of ab
-     */
-
-    /* i := max(BN_num_bits(m), 2*BN_num_bits(N)) */
-    i = BN_num_bits(m);
-    j = recp->num_bits << 1;
-    if (j > i)
-        i = j;
-
-    /* Nr := round(2^i / N) */
-    if (i != recp->shift)
-        recp->shift = BN_reciprocal(&(recp->Nr), &(recp->N), i, ctx);
-    /* BN_reciprocal could have returned -1 for an error */
-    if (recp->shift == -1)
-        goto err;
-
-    /*-
-     * d := |round(round(m / 2^BN_num_bits(N)) * recp->Nr / 2^(i - BN_num_bits(N)))|
-     *    = |round(round(m / 2^BN_num_bits(N)) * round(2^i / N) / 2^(i - BN_num_bits(N)))|
-     *   <= |(m / 2^BN_num_bits(N)) * (2^i / N) * (2^BN_num_bits(N) / 2^i)|
-     *    = |m/N|
-     */
-    if (!BN_rshift(a, m, recp->num_bits))
-        goto err;
-    if (!BN_mul(b, a, &(recp->Nr), ctx))
-        goto err;
-    if (!BN_rshift(d, b, i - recp->num_bits))
-        goto err;
-    d->neg = 0;
-
-    if (!BN_mul(b, &(recp->N), d, ctx))
-        goto err;
-    if (!BN_usub(r, m, b))
-        goto err;
-    r->neg = 0;
-
-#if 1
-    j = 0;
-    while (BN_ucmp(r, &(recp->N)) >= 0) {
-        if (j++ > 2) {
-            BNerr(BN_F_BN_DIV_RECP, BN_R_BAD_RECIPROCAL);
-            goto err;
-        }
-        if (!BN_usub(r, r, &(recp->N)))
-            goto err;
-        if (!BN_add_word(d, 1))
-            goto err;
-    }
-#endif
-
-    r->neg = BN_is_zero(r) ? 0 : m->neg;
-    d->neg = m->neg ^ recp->N.neg;
-    ret = 1;
- err:
-    BN_CTX_end(ctx);
-    bn_check_top(dv);
-    bn_check_top(rem);
-    return (ret);
-}
-
-/*
- * len is the expected size of the result We actually calculate with an extra
- * word of precision, so we can do faster division if the remainder is not
- * required.
- */
-/* r := 2^len / m */
-int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx)
-{
-    int ret = -1;
-    BIGNUM *t;
-
-    BN_CTX_start(ctx);
-    if ((t = BN_CTX_get(ctx)) == NULL)
-        goto err;
-
-    if (!BN_set_bit(t, len))
-        goto err;
-
-    if (!BN_div(r, NULL, t, m, ctx))
-        goto err;
-
-    ret = len;
- err:
-    bn_check_top(r);
-    BN_CTX_end(ctx);
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/bn/bn_shift.c b/thirdparty/openssl/crypto/bn/bn_shift.c
deleted file mode 100644
index 9673d9a306..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_shift.c
+++ /dev/null
@@ -1,224 +0,0 @@
-/* crypto/bn/bn_shift.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-int BN_lshift1(BIGNUM *r, const BIGNUM *a)
-{
-    register BN_ULONG *ap, *rp, t, c;
-    int i;
-
-    bn_check_top(r);
-    bn_check_top(a);
-
-    if (r != a) {
-        r->neg = a->neg;
-        if (bn_wexpand(r, a->top + 1) == NULL)
-            return (0);
-        r->top = a->top;
-    } else {
-        if (bn_wexpand(r, a->top + 1) == NULL)
-            return (0);
-    }
-    ap = a->d;
-    rp = r->d;
-    c = 0;
-    for (i = 0; i < a->top; i++) {
-        t = *(ap++);
-        *(rp++) = ((t << 1) | c) & BN_MASK2;
-        c = (t & BN_TBIT) ? 1 : 0;
-    }
-    if (c) {
-        *rp = 1;
-        r->top++;
-    }
-    bn_check_top(r);
-    return (1);
-}
-
-int BN_rshift1(BIGNUM *r, const BIGNUM *a)
-{
-    BN_ULONG *ap, *rp, t, c;
-    int i, j;
-
-    bn_check_top(r);
-    bn_check_top(a);
-
-    if (BN_is_zero(a)) {
-        BN_zero(r);
-        return (1);
-    }
-    i = a->top;
-    ap = a->d;
-    j = i - (ap[i - 1] == 1);
-    if (a != r) {
-        if (bn_wexpand(r, j) == NULL)
-            return (0);
-        r->neg = a->neg;
-    }
-    rp = r->d;
-    t = ap[--i];
-    c = (t & 1) ? BN_TBIT : 0;
-    if (t >>= 1)
-        rp[i] = t;
-    while (i > 0) {
-        t = ap[--i];
-        rp[i] = ((t >> 1) & BN_MASK2) | c;
-        c = (t & 1) ? BN_TBIT : 0;
-    }
-    r->top = j;
-    bn_check_top(r);
-    return (1);
-}
-
-int BN_lshift(BIGNUM *r, const BIGNUM *a, int n)
-{
-    int i, nw, lb, rb;
-    BN_ULONG *t, *f;
-    BN_ULONG l;
-
-    bn_check_top(r);
-    bn_check_top(a);
-
-    if (n < 0) {
-        BNerr(BN_F_BN_LSHIFT, BN_R_INVALID_SHIFT);
-        return 0;
-    }
-
-    r->neg = a->neg;
-    nw = n / BN_BITS2;
-    if (bn_wexpand(r, a->top + nw + 1) == NULL)
-        return (0);
-    lb = n % BN_BITS2;
-    rb = BN_BITS2 - lb;
-    f = a->d;
-    t = r->d;
-    t[a->top + nw] = 0;
-    if (lb == 0)
-        for (i = a->top - 1; i >= 0; i--)
-            t[nw + i] = f[i];
-    else
-        for (i = a->top - 1; i >= 0; i--) {
-            l = f[i];
-            t[nw + i + 1] |= (l >> rb) & BN_MASK2;
-            t[nw + i] = (l << lb) & BN_MASK2;
-        }
-    memset(t, 0, nw * sizeof(t[0]));
-    /*
-     * for (i=0; i<nw; i++) t[i]=0;
-     */
-    r->top = a->top + nw + 1;
-    bn_correct_top(r);
-    bn_check_top(r);
-    return (1);
-}
-
-int BN_rshift(BIGNUM *r, const BIGNUM *a, int n)
-{
-    int i, j, nw, lb, rb;
-    BN_ULONG *t, *f;
-    BN_ULONG l, tmp;
-
-    bn_check_top(r);
-    bn_check_top(a);
-
-    if (n < 0) {
-        BNerr(BN_F_BN_RSHIFT, BN_R_INVALID_SHIFT);
-        return 0;
-    }
-
-    nw = n / BN_BITS2;
-    rb = n % BN_BITS2;
-    lb = BN_BITS2 - rb;
-    if (nw >= a->top || a->top == 0) {
-        BN_zero(r);
-        return (1);
-    }
-    i = (BN_num_bits(a) - n + (BN_BITS2 - 1)) / BN_BITS2;
-    if (r != a) {
-        r->neg = a->neg;
-        if (bn_wexpand(r, i) == NULL)
-            return (0);
-    } else {
-        if (n == 0)
-            return 1;           /* or the copying loop will go berserk */
-    }
-
-    f = &(a->d[nw]);
-    t = r->d;
-    j = a->top - nw;
-    r->top = i;
-
-    if (rb == 0) {
-        for (i = j; i != 0; i--)
-            *(t++) = *(f++);
-    } else {
-        l = *(f++);
-        for (i = j - 1; i != 0; i--) {
-            tmp = (l >> rb) & BN_MASK2;
-            l = *(f++);
-            *(t++) = (tmp | (l << lb)) & BN_MASK2;
-        }
-        if ((l = (l >> rb) & BN_MASK2))
-            *(t) = l;
-    }
-    bn_check_top(r);
-    return (1);
-}
diff --git a/thirdparty/openssl/crypto/bn/bn_sqr.c b/thirdparty/openssl/crypto/bn/bn_sqr.c
deleted file mode 100644
index 256d26e8db..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_sqr.c
+++ /dev/null
@@ -1,291 +0,0 @@
-/* crypto/bn/bn_sqr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-/* r must not be a */
-/*
- * I've just gone over this and it is now %20 faster on x86 - eay - 27 Jun 96
- */
-int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
-{
-    int max, al;
-    int ret = 0;
-    BIGNUM *tmp, *rr;
-
-#ifdef BN_COUNT
-    fprintf(stderr, "BN_sqr %d * %d\n", a->top, a->top);
-#endif
-    bn_check_top(a);
-
-    al = a->top;
-    if (al <= 0) {
-        r->top = 0;
-        r->neg = 0;
-        return 1;
-    }
-
-    BN_CTX_start(ctx);
-    rr = (a != r) ? r : BN_CTX_get(ctx);
-    tmp = BN_CTX_get(ctx);
-    if (!rr || !tmp)
-        goto err;
-
-    max = 2 * al;               /* Non-zero (from above) */
-    if (bn_wexpand(rr, max) == NULL)
-        goto err;
-
-    if (al == 4) {
-#ifndef BN_SQR_COMBA
-        BN_ULONG t[8];
-        bn_sqr_normal(rr->d, a->d, 4, t);
-#else
-        bn_sqr_comba4(rr->d, a->d);
-#endif
-    } else if (al == 8) {
-#ifndef BN_SQR_COMBA
-        BN_ULONG t[16];
-        bn_sqr_normal(rr->d, a->d, 8, t);
-#else
-        bn_sqr_comba8(rr->d, a->d);
-#endif
-    } else {
-#if defined(BN_RECURSION)
-        if (al < BN_SQR_RECURSIVE_SIZE_NORMAL) {
-            BN_ULONG t[BN_SQR_RECURSIVE_SIZE_NORMAL * 2];
-            bn_sqr_normal(rr->d, a->d, al, t);
-        } else {
-            int j, k;
-
-            j = BN_num_bits_word((BN_ULONG)al);
-            j = 1 << (j - 1);
-            k = j + j;
-            if (al == j) {
-                if (bn_wexpand(tmp, k * 2) == NULL)
-                    goto err;
-                bn_sqr_recursive(rr->d, a->d, al, tmp->d);
-            } else {
-                if (bn_wexpand(tmp, max) == NULL)
-                    goto err;
-                bn_sqr_normal(rr->d, a->d, al, tmp->d);
-            }
-        }
-#else
-        if (bn_wexpand(tmp, max) == NULL)
-            goto err;
-        bn_sqr_normal(rr->d, a->d, al, tmp->d);
-#endif
-    }
-
-    rr->neg = 0;
-    /*
-     * If the most-significant half of the top word of 'a' is zero, then the
-     * square of 'a' will max-1 words.
-     */
-    if (a->d[al - 1] == (a->d[al - 1] & BN_MASK2l))
-        rr->top = max - 1;
-    else
-        rr->top = max;
-    if (r != rr && BN_copy(r, rr) == NULL)
-        goto err;
-
-    ret = 1;
- err:
-    bn_check_top(rr);
-    bn_check_top(tmp);
-    BN_CTX_end(ctx);
-    return (ret);
-}
-
-/* tmp must have 2*n words */
-void bn_sqr_normal(BN_ULONG *r, const BN_ULONG *a, int n, BN_ULONG *tmp)
-{
-    int i, j, max;
-    const BN_ULONG *ap;
-    BN_ULONG *rp;
-
-    max = n * 2;
-    ap = a;
-    rp = r;
-    rp[0] = rp[max - 1] = 0;
-    rp++;
-    j = n;
-
-    if (--j > 0) {
-        ap++;
-        rp[j] = bn_mul_words(rp, ap, j, ap[-1]);
-        rp += 2;
-    }
-
-    for (i = n - 2; i > 0; i--) {
-        j--;
-        ap++;
-        rp[j] = bn_mul_add_words(rp, ap, j, ap[-1]);
-        rp += 2;
-    }
-
-    bn_add_words(r, r, r, max);
-
-    /* There will not be a carry */
-
-    bn_sqr_words(tmp, a, n);
-
-    bn_add_words(r, r, tmp, max);
-}
-
-#ifdef BN_RECURSION
-/*-
- * r is 2*n words in size,
- * a and b are both n words in size.    (There's not actually a 'b' here ...)
- * n must be a power of 2.
- * We multiply and return the result.
- * t must be 2*n words in size
- * We calculate
- * a[0]*b[0]
- * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
- * a[1]*b[1]
- */
-void bn_sqr_recursive(BN_ULONG *r, const BN_ULONG *a, int n2, BN_ULONG *t)
-{
-    int n = n2 / 2;
-    int zero, c1;
-    BN_ULONG ln, lo, *p;
-
-# ifdef BN_COUNT
-    fprintf(stderr, " bn_sqr_recursive %d * %d\n", n2, n2);
-# endif
-    if (n2 == 4) {
-# ifndef BN_SQR_COMBA
-        bn_sqr_normal(r, a, 4, t);
-# else
-        bn_sqr_comba4(r, a);
-# endif
-        return;
-    } else if (n2 == 8) {
-# ifndef BN_SQR_COMBA
-        bn_sqr_normal(r, a, 8, t);
-# else
-        bn_sqr_comba8(r, a);
-# endif
-        return;
-    }
-    if (n2 < BN_SQR_RECURSIVE_SIZE_NORMAL) {
-        bn_sqr_normal(r, a, n2, t);
-        return;
-    }
-    /* r=(a[0]-a[1])*(a[1]-a[0]) */
-    c1 = bn_cmp_words(a, &(a[n]), n);
-    zero = 0;
-    if (c1 > 0)
-        bn_sub_words(t, a, &(a[n]), n);
-    else if (c1 < 0)
-        bn_sub_words(t, &(a[n]), a, n);
-    else
-        zero = 1;
-
-    /* The result will always be negative unless it is zero */
-    p = &(t[n2 * 2]);
-
-    if (!zero)
-        bn_sqr_recursive(&(t[n2]), t, n, p);
-    else
-        memset(&(t[n2]), 0, n2 * sizeof(BN_ULONG));
-    bn_sqr_recursive(r, a, n, p);
-    bn_sqr_recursive(&(r[n2]), &(a[n]), n, p);
-
-    /*-
-     * t[32] holds (a[0]-a[1])*(a[1]-a[0]), it is negative or zero
-     * r[10] holds (a[0]*b[0])
-     * r[32] holds (b[1]*b[1])
-     */
-
-    c1 = (int)(bn_add_words(t, r, &(r[n2]), n2));
-
-    /* t[32] is negative */
-    c1 -= (int)(bn_sub_words(&(t[n2]), t, &(t[n2]), n2));
-
-    /*-
-     * t[32] holds (a[0]-a[1])*(a[1]-a[0])+(a[0]*a[0])+(a[1]*a[1])
-     * r[10] holds (a[0]*a[0])
-     * r[32] holds (a[1]*a[1])
-     * c1 holds the carry bits
-     */
-    c1 += (int)(bn_add_words(&(r[n]), &(r[n]), &(t[n2]), n2));
-    if (c1) {
-        p = &(r[n + n2]);
-        lo = *p;
-        ln = (lo + c1) & BN_MASK2;
-        *p = ln;
-
-        /*
-         * The overflow will stop before we over write words we should not
-         * overwrite
-         */
-        if (ln < (BN_ULONG)c1) {
-            do {
-                p++;
-                lo = *p;
-                ln = (lo + 1) & BN_MASK2;
-                *p = ln;
-            } while (ln == 0);
-        }
-    }
-}
-#endif
diff --git a/thirdparty/openssl/crypto/bn/bn_sqrt.c b/thirdparty/openssl/crypto/bn/bn_sqrt.c
deleted file mode 100644
index 232af99a21..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_sqrt.c
+++ /dev/null
@@ -1,409 +0,0 @@
-/* crypto/bn/bn_sqrt.c */
-/*
- * Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> and Bodo
- * Moeller for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
-/*
- * Returns 'ret' such that ret^2 == a (mod p), using the Tonelli/Shanks
- * algorithm (cf. Henri Cohen, "A Course in Algebraic Computational Number
- * Theory", algorithm 1.5.1). 'p' must be prime!
- */
-{
-    BIGNUM *ret = in;
-    int err = 1;
-    int r;
-    BIGNUM *A, *b, *q, *t, *x, *y;
-    int e, i, j;
-
-    if (!BN_is_odd(p) || BN_abs_is_word(p, 1)) {
-        if (BN_abs_is_word(p, 2)) {
-            if (ret == NULL)
-                ret = BN_new();
-            if (ret == NULL)
-                goto end;
-            if (!BN_set_word(ret, BN_is_bit_set(a, 0))) {
-                if (ret != in)
-                    BN_free(ret);
-                return NULL;
-            }
-            bn_check_top(ret);
-            return ret;
-        }
-
-        BNerr(BN_F_BN_MOD_SQRT, BN_R_P_IS_NOT_PRIME);
-        return (NULL);
-    }
-
-    if (BN_is_zero(a) || BN_is_one(a)) {
-        if (ret == NULL)
-            ret = BN_new();
-        if (ret == NULL)
-            goto end;
-        if (!BN_set_word(ret, BN_is_one(a))) {
-            if (ret != in)
-                BN_free(ret);
-            return NULL;
-        }
-        bn_check_top(ret);
-        return ret;
-    }
-
-    BN_CTX_start(ctx);
-    A = BN_CTX_get(ctx);
-    b = BN_CTX_get(ctx);
-    q = BN_CTX_get(ctx);
-    t = BN_CTX_get(ctx);
-    x = BN_CTX_get(ctx);
-    y = BN_CTX_get(ctx);
-    if (y == NULL)
-        goto end;
-
-    if (ret == NULL)
-        ret = BN_new();
-    if (ret == NULL)
-        goto end;
-
-    /* A = a mod p */
-    if (!BN_nnmod(A, a, p, ctx))
-        goto end;
-
-    /* now write  |p| - 1  as  2^e*q  where  q  is odd */
-    e = 1;
-    while (!BN_is_bit_set(p, e))
-        e++;
-    /* we'll set  q  later (if needed) */
-
-    if (e == 1) {
-        /*-
-         * The easy case:  (|p|-1)/2  is odd, so 2 has an inverse
-         * modulo  (|p|-1)/2,  and square roots can be computed
-         * directly by modular exponentiation.
-         * We have
-         *     2 * (|p|+1)/4 == 1   (mod (|p|-1)/2),
-         * so we can use exponent  (|p|+1)/4,  i.e.  (|p|-3)/4 + 1.
-         */
-        if (!BN_rshift(q, p, 2))
-            goto end;
-        q->neg = 0;
-        if (!BN_add_word(q, 1))
-            goto end;
-        if (!BN_mod_exp(ret, A, q, p, ctx))
-            goto end;
-        err = 0;
-        goto vrfy;
-    }
-
-    if (e == 2) {
-        /*-
-         * |p| == 5  (mod 8)
-         *
-         * In this case  2  is always a non-square since
-         * Legendre(2,p) = (-1)^((p^2-1)/8)  for any odd prime.
-         * So if  a  really is a square, then  2*a  is a non-square.
-         * Thus for
-         *      b := (2*a)^((|p|-5)/8),
-         *      i := (2*a)*b^2
-         * we have
-         *     i^2 = (2*a)^((1 + (|p|-5)/4)*2)
-         *         = (2*a)^((p-1)/2)
-         *         = -1;
-         * so if we set
-         *      x := a*b*(i-1),
-         * then
-         *     x^2 = a^2 * b^2 * (i^2 - 2*i + 1)
-         *         = a^2 * b^2 * (-2*i)
-         *         = a*(-i)*(2*a*b^2)
-         *         = a*(-i)*i
-         *         = a.
-         *
-         * (This is due to A.O.L. Atkin,
-         * <URL: http://listserv.nodak.edu/scripts/wa.exe?A2=ind9211&L=nmbrthry&O=T&P=562>,
-         * November 1992.)
-         */
-
-        /* t := 2*a */
-        if (!BN_mod_lshift1_quick(t, A, p))
-            goto end;
-
-        /* b := (2*a)^((|p|-5)/8) */
-        if (!BN_rshift(q, p, 3))
-            goto end;
-        q->neg = 0;
-        if (!BN_mod_exp(b, t, q, p, ctx))
-            goto end;
-
-        /* y := b^2 */
-        if (!BN_mod_sqr(y, b, p, ctx))
-            goto end;
-
-        /* t := (2*a)*b^2 - 1 */
-        if (!BN_mod_mul(t, t, y, p, ctx))
-            goto end;
-        if (!BN_sub_word(t, 1))
-            goto end;
-
-        /* x = a*b*t */
-        if (!BN_mod_mul(x, A, b, p, ctx))
-            goto end;
-        if (!BN_mod_mul(x, x, t, p, ctx))
-            goto end;
-
-        if (!BN_copy(ret, x))
-            goto end;
-        err = 0;
-        goto vrfy;
-    }
-
-    /*
-     * e > 2, so we really have to use the Tonelli/Shanks algorithm. First,
-     * find some y that is not a square.
-     */
-    if (!BN_copy(q, p))
-        goto end;               /* use 'q' as temp */
-    q->neg = 0;
-    i = 2;
-    do {
-        /*
-         * For efficiency, try small numbers first; if this fails, try random
-         * numbers.
-         */
-        if (i < 22) {
-            if (!BN_set_word(y, i))
-                goto end;
-        } else {
-            if (!BN_pseudo_rand(y, BN_num_bits(p), 0, 0))
-                goto end;
-            if (BN_ucmp(y, p) >= 0) {
-                if (!(p->neg ? BN_add : BN_sub) (y, y, p))
-                    goto end;
-            }
-            /* now 0 <= y < |p| */
-            if (BN_is_zero(y))
-                if (!BN_set_word(y, i))
-                    goto end;
-        }
-
-        r = BN_kronecker(y, q, ctx); /* here 'q' is |p| */
-        if (r < -1)
-            goto end;
-        if (r == 0) {
-            /* m divides p */
-            BNerr(BN_F_BN_MOD_SQRT, BN_R_P_IS_NOT_PRIME);
-            goto end;
-        }
-    }
-    while (r == 1 && ++i < 82);
-
-    if (r != -1) {
-        /*
-         * Many rounds and still no non-square -- this is more likely a bug
-         * than just bad luck. Even if p is not prime, we should have found
-         * some y such that r == -1.
-         */
-        BNerr(BN_F_BN_MOD_SQRT, BN_R_TOO_MANY_ITERATIONS);
-        goto end;
-    }
-
-    /* Here's our actual 'q': */
-    if (!BN_rshift(q, q, e))
-        goto end;
-
-    /*
-     * Now that we have some non-square, we can find an element of order 2^e
-     * by computing its q'th power.
-     */
-    if (!BN_mod_exp(y, y, q, p, ctx))
-        goto end;
-    if (BN_is_one(y)) {
-        BNerr(BN_F_BN_MOD_SQRT, BN_R_P_IS_NOT_PRIME);
-        goto end;
-    }
-
-    /*-
-     * Now we know that (if  p  is indeed prime) there is an integer
-     * k,  0 <= k < 2^e,  such that
-     *
-     *      a^q * y^k == 1   (mod p).
-     *
-     * As  a^q  is a square and  y  is not,  k  must be even.
-     * q+1  is even, too, so there is an element
-     *
-     *     X := a^((q+1)/2) * y^(k/2),
-     *
-     * and it satisfies
-     *
-     *     X^2 = a^q * a     * y^k
-     *         = a,
-     *
-     * so it is the square root that we are looking for.
-     */
-
-    /* t := (q-1)/2  (note that  q  is odd) */
-    if (!BN_rshift1(t, q))
-        goto end;
-
-    /* x := a^((q-1)/2) */
-    if (BN_is_zero(t)) {        /* special case: p = 2^e + 1 */
-        if (!BN_nnmod(t, A, p, ctx))
-            goto end;
-        if (BN_is_zero(t)) {
-            /* special case: a == 0  (mod p) */
-            BN_zero(ret);
-            err = 0;
-            goto end;
-        } else if (!BN_one(x))
-            goto end;
-    } else {
-        if (!BN_mod_exp(x, A, t, p, ctx))
-            goto end;
-        if (BN_is_zero(x)) {
-            /* special case: a == 0  (mod p) */
-            BN_zero(ret);
-            err = 0;
-            goto end;
-        }
-    }
-
-    /* b := a*x^2  (= a^q) */
-    if (!BN_mod_sqr(b, x, p, ctx))
-        goto end;
-    if (!BN_mod_mul(b, b, A, p, ctx))
-        goto end;
-
-    /* x := a*x    (= a^((q+1)/2)) */
-    if (!BN_mod_mul(x, x, A, p, ctx))
-        goto end;
-
-    while (1) {
-        /*-
-         * Now  b  is  a^q * y^k  for some even  k  (0 <= k < 2^E
-         * where  E  refers to the original value of  e,  which we
-         * don't keep in a variable),  and  x  is  a^((q+1)/2) * y^(k/2).
-         *
-         * We have  a*b = x^2,
-         *    y^2^(e-1) = -1,
-         *    b^2^(e-1) = 1.
-         */
-
-        if (BN_is_one(b)) {
-            if (!BN_copy(ret, x))
-                goto end;
-            err = 0;
-            goto vrfy;
-        }
-
-        /* find smallest  i  such that  b^(2^i) = 1 */
-        i = 1;
-        if (!BN_mod_sqr(t, b, p, ctx))
-            goto end;
-        while (!BN_is_one(t)) {
-            i++;
-            if (i == e) {
-                BNerr(BN_F_BN_MOD_SQRT, BN_R_NOT_A_SQUARE);
-                goto end;
-            }
-            if (!BN_mod_mul(t, t, t, p, ctx))
-                goto end;
-        }
-
-        /* t := y^2^(e - i - 1) */
-        if (!BN_copy(t, y))
-            goto end;
-        for (j = e - i - 1; j > 0; j--) {
-            if (!BN_mod_sqr(t, t, p, ctx))
-                goto end;
-        }
-        if (!BN_mod_mul(y, t, t, p, ctx))
-            goto end;
-        if (!BN_mod_mul(x, x, t, p, ctx))
-            goto end;
-        if (!BN_mod_mul(b, b, y, p, ctx))
-            goto end;
-        e = i;
-    }
-
- vrfy:
-    if (!err) {
-        /*
-         * verify the result -- the input might have been not a square (test
-         * added in 0.9.8)
-         */
-
-        if (!BN_mod_sqr(x, ret, p, ctx))
-            err = 1;
-
-        if (!err && 0 != BN_cmp(x, A)) {
-            BNerr(BN_F_BN_MOD_SQRT, BN_R_NOT_A_SQUARE);
-            err = 1;
-        }
-    }
-
- end:
-    if (err) {
-        if (ret != NULL && ret != in) {
-            BN_clear_free(ret);
-        }
-        ret = NULL;
-    }
-    BN_CTX_end(ctx);
-    bn_check_top(ret);
-    return ret;
-}
diff --git a/thirdparty/openssl/crypto/bn/bn_word.c b/thirdparty/openssl/crypto/bn/bn_word.c
deleted file mode 100644
index 9b5f9cb98c..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_word.c
+++ /dev/null
@@ -1,249 +0,0 @@
-/* crypto/bn/bn_word.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w)
-{
-#ifndef BN_LLONG
-    BN_ULONG ret = 0;
-#else
-    BN_ULLONG ret = 0;
-#endif
-    int i;
-
-    if (w == 0)
-        return (BN_ULONG)-1;
-
-#ifndef BN_LLONG
-    /*
-     * If |w| is too long and we don't have BN_ULLONG then we need to fall
-     * back to using BN_div_word
-     */
-    if (w > ((BN_ULONG)1 << BN_BITS4)) {
-        BIGNUM *tmp = BN_dup(a);
-        if (tmp == NULL)
-            return (BN_ULONG)-1;
-
-        ret = BN_div_word(tmp, w);
-        BN_free(tmp);
-
-        return ret;
-    }
-#endif
-
-    bn_check_top(a);
-    w &= BN_MASK2;
-    for (i = a->top - 1; i >= 0; i--) {
-#ifndef BN_LLONG
-        /*
-         * We can assume here that | w <= ((BN_ULONG)1 << BN_BITS4) | and so
-         * | ret < ((BN_ULONG)1 << BN_BITS4) | and therefore the shifts here are
-         * safe and will not overflow
-         */
-        ret = ((ret << BN_BITS4) | ((a->d[i] >> BN_BITS4) & BN_MASK2l)) % w;
-        ret = ((ret << BN_BITS4) | (a->d[i] & BN_MASK2l)) % w;
-#else
-        ret = (BN_ULLONG) (((ret << (BN_ULLONG) BN_BITS2) | a->d[i]) %
-                           (BN_ULLONG) w);
-#endif
-    }
-    return ((BN_ULONG)ret);
-}
-
-BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w)
-{
-    BN_ULONG ret = 0;
-    int i, j;
-
-    bn_check_top(a);
-    w &= BN_MASK2;
-
-    if (!w)
-        /* actually this an error (division by zero) */
-        return (BN_ULONG)-1;
-    if (a->top == 0)
-        return 0;
-
-    /* normalize input (so bn_div_words doesn't complain) */
-    j = BN_BITS2 - BN_num_bits_word(w);
-    w <<= j;
-    if (!BN_lshift(a, a, j))
-        return (BN_ULONG)-1;
-
-    for (i = a->top - 1; i >= 0; i--) {
-        BN_ULONG l, d;
-
-        l = a->d[i];
-        d = bn_div_words(ret, l, w);
-        ret = (l - ((d * w) & BN_MASK2)) & BN_MASK2;
-        a->d[i] = d;
-    }
-    if ((a->top > 0) && (a->d[a->top - 1] == 0))
-        a->top--;
-    ret >>= j;
-    bn_check_top(a);
-    return (ret);
-}
-
-int BN_add_word(BIGNUM *a, BN_ULONG w)
-{
-    BN_ULONG l;
-    int i;
-
-    bn_check_top(a);
-    w &= BN_MASK2;
-
-    /* degenerate case: w is zero */
-    if (!w)
-        return 1;
-    /* degenerate case: a is zero */
-    if (BN_is_zero(a))
-        return BN_set_word(a, w);
-    /* handle 'a' when negative */
-    if (a->neg) {
-        a->neg = 0;
-        i = BN_sub_word(a, w);
-        if (!BN_is_zero(a))
-            a->neg = !(a->neg);
-        return (i);
-    }
-    for (i = 0; w != 0 && i < a->top; i++) {
-        a->d[i] = l = (a->d[i] + w) & BN_MASK2;
-        w = (w > l) ? 1 : 0;
-    }
-    if (w && i == a->top) {
-        if (bn_wexpand(a, a->top + 1) == NULL)
-            return 0;
-        a->top++;
-        a->d[i] = w;
-    }
-    bn_check_top(a);
-    return (1);
-}
-
-int BN_sub_word(BIGNUM *a, BN_ULONG w)
-{
-    int i;
-
-    bn_check_top(a);
-    w &= BN_MASK2;
-
-    /* degenerate case: w is zero */
-    if (!w)
-        return 1;
-    /* degenerate case: a is zero */
-    if (BN_is_zero(a)) {
-        i = BN_set_word(a, w);
-        if (i != 0)
-            BN_set_negative(a, 1);
-        return i;
-    }
-    /* handle 'a' when negative */
-    if (a->neg) {
-        a->neg = 0;
-        i = BN_add_word(a, w);
-        a->neg = 1;
-        return (i);
-    }
-
-    if ((a->top == 1) && (a->d[0] < w)) {
-        a->d[0] = w - a->d[0];
-        a->neg = 1;
-        return (1);
-    }
-    i = 0;
-    for (;;) {
-        if (a->d[i] >= w) {
-            a->d[i] -= w;
-            break;
-        } else {
-            a->d[i] = (a->d[i] - w) & BN_MASK2;
-            i++;
-            w = 1;
-        }
-    }
-    if ((a->d[i] == 0) && (i == (a->top - 1)))
-        a->top--;
-    bn_check_top(a);
-    return (1);
-}
-
-int BN_mul_word(BIGNUM *a, BN_ULONG w)
-{
-    BN_ULONG ll;
-
-    bn_check_top(a);
-    w &= BN_MASK2;
-    if (a->top) {
-        if (w == 0)
-            BN_zero(a);
-        else {
-            ll = bn_mul_words(a->d, a->d, a->top, w);
-            if (ll) {
-                if (bn_wexpand(a, a->top + 1) == NULL)
-                    return (0);
-                a->d[a->top++] = ll;
-            }
-        }
-    }
-    bn_check_top(a);
-    return (1);
-}
diff --git a/thirdparty/openssl/crypto/bn/bn_x931p.c b/thirdparty/openssl/crypto/bn/bn_x931p.c
deleted file mode 100644
index efa48bdf87..0000000000
--- a/thirdparty/openssl/crypto/bn/bn_x931p.c
+++ /dev/null
@@ -1,277 +0,0 @@
-/* bn_x931p.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2005.
- */
-/* ====================================================================
- * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/bn.h>
-
-/* X9.31 routines for prime derivation */
-
-/*
- * X9.31 prime derivation. This is used to generate the primes pi (p1, p2,
- * q1, q2) from a parameter Xpi by checking successive odd integers.
- */
-
-static int bn_x931_derive_pi(BIGNUM *pi, const BIGNUM *Xpi, BN_CTX *ctx,
-                             BN_GENCB *cb)
-{
-    int i = 0;
-    if (!BN_copy(pi, Xpi))
-        return 0;
-    if (!BN_is_odd(pi) && !BN_add_word(pi, 1))
-        return 0;
-    for (;;) {
-        i++;
-        BN_GENCB_call(cb, 0, i);
-        /* NB 27 MR is specificed in X9.31 */
-        if (BN_is_prime_fasttest_ex(pi, 27, ctx, 1, cb))
-            break;
-        if (!BN_add_word(pi, 2))
-            return 0;
-    }
-    BN_GENCB_call(cb, 2, i);
-    return 1;
-}
-
-/*
- * This is the main X9.31 prime derivation function. From parameters Xp1, Xp2
- * and Xp derive the prime p. If the parameters p1 or p2 are not NULL they
- * will be returned too: this is needed for testing.
- */
-
-int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
-                            const BIGNUM *Xp, const BIGNUM *Xp1,
-                            const BIGNUM *Xp2, const BIGNUM *e, BN_CTX *ctx,
-                            BN_GENCB *cb)
-{
-    int ret = 0;
-
-    BIGNUM *t, *p1p2, *pm1;
-
-    /* Only even e supported */
-    if (!BN_is_odd(e))
-        return 0;
-
-    BN_CTX_start(ctx);
-    if (!p1)
-        p1 = BN_CTX_get(ctx);
-
-    if (!p2)
-        p2 = BN_CTX_get(ctx);
-
-    t = BN_CTX_get(ctx);
-
-    p1p2 = BN_CTX_get(ctx);
-
-    pm1 = BN_CTX_get(ctx);
-
-    if (!bn_x931_derive_pi(p1, Xp1, ctx, cb))
-        goto err;
-
-    if (!bn_x931_derive_pi(p2, Xp2, ctx, cb))
-        goto err;
-
-    if (!BN_mul(p1p2, p1, p2, ctx))
-        goto err;
-
-    /* First set p to value of Rp */
-
-    if (!BN_mod_inverse(p, p2, p1, ctx))
-        goto err;
-
-    if (!BN_mul(p, p, p2, ctx))
-        goto err;
-
-    if (!BN_mod_inverse(t, p1, p2, ctx))
-        goto err;
-
-    if (!BN_mul(t, t, p1, ctx))
-        goto err;
-
-    if (!BN_sub(p, p, t))
-        goto err;
-
-    if (p->neg && !BN_add(p, p, p1p2))
-        goto err;
-
-    /* p now equals Rp */
-
-    if (!BN_mod_sub(p, p, Xp, p1p2, ctx))
-        goto err;
-
-    if (!BN_add(p, p, Xp))
-        goto err;
-
-    /* p now equals Yp0 */
-
-    for (;;) {
-        int i = 1;
-        BN_GENCB_call(cb, 0, i++);
-        if (!BN_copy(pm1, p))
-            goto err;
-        if (!BN_sub_word(pm1, 1))
-            goto err;
-        if (!BN_gcd(t, pm1, e, ctx))
-            goto err;
-        if (BN_is_one(t)
-            /*
-             * X9.31 specifies 8 MR and 1 Lucas test or any prime test
-             * offering similar or better guarantees 50 MR is considerably
-             * better.
-             */
-            && BN_is_prime_fasttest_ex(p, 50, ctx, 1, cb))
-            break;
-        if (!BN_add(p, p, p1p2))
-            goto err;
-    }
-
-    BN_GENCB_call(cb, 3, 0);
-
-    ret = 1;
-
- err:
-
-    BN_CTX_end(ctx);
-
-    return ret;
-}
-
-/*
- * Generate pair of paramters Xp, Xq for X9.31 prime generation. Note: nbits
- * paramter is sum of number of bits in both.
- */
-
-int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx)
-{
-    BIGNUM *t;
-    int i;
-    /*
-     * Number of bits for each prime is of the form 512+128s for s = 0, 1,
-     * ...
-     */
-    if ((nbits < 1024) || (nbits & 0xff))
-        return 0;
-    nbits >>= 1;
-    /*
-     * The random value Xp must be between sqrt(2) * 2^(nbits-1) and 2^nbits
-     * - 1. By setting the top two bits we ensure that the lower bound is
-     * exceeded.
-     */
-    if (!BN_rand(Xp, nbits, 1, 0))
-        goto err;
-
-    BN_CTX_start(ctx);
-    t = BN_CTX_get(ctx);
-
-    for (i = 0; i < 1000; i++) {
-        if (!BN_rand(Xq, nbits, 1, 0))
-            goto err;
-        /* Check that |Xp - Xq| > 2^(nbits - 100) */
-        BN_sub(t, Xp, Xq);
-        if (BN_num_bits(t) > (nbits - 100))
-            break;
-    }
-
-    BN_CTX_end(ctx);
-
-    if (i < 1000)
-        return 1;
-
-    return 0;
-
- err:
-    BN_CTX_end(ctx);
-    return 0;
-}
-
-/*
- * Generate primes using X9.31 algorithm. Of the values p, p1, p2, Xp1 and
- * Xp2 only 'p' needs to be non-NULL. If any of the others are not NULL the
- * relevant parameter will be stored in it. Due to the fact that |Xp - Xq| >
- * 2^(nbits - 100) must be satisfied Xp and Xq are generated using the
- * previous function and supplied as input.
- */
-
-int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
-                              BIGNUM *Xp1, BIGNUM *Xp2,
-                              const BIGNUM *Xp,
-                              const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb)
-{
-    int ret = 0;
-
-    BN_CTX_start(ctx);
-    if (!Xp1)
-        Xp1 = BN_CTX_get(ctx);
-    if (!Xp2)
-        Xp2 = BN_CTX_get(ctx);
-
-    if (!BN_rand(Xp1, 101, 0, 0))
-        goto error;
-    if (!BN_rand(Xp2, 101, 0, 0))
-        goto error;
-    if (!BN_X931_derive_prime_ex(p, p1, p2, Xp, Xp1, Xp2, e, ctx, cb))
-        goto error;
-
-    ret = 1;
-
- error:
-    BN_CTX_end(ctx);
-
-    return ret;
-
-}
diff --git a/thirdparty/openssl/crypto/bn/bnspeed.c b/thirdparty/openssl/crypto/bn/bnspeed.c
deleted file mode 100644
index e387fdfbc2..0000000000
--- a/thirdparty/openssl/crypto/bn/bnspeed.c
+++ /dev/null
@@ -1,232 +0,0 @@
-/* unused */
-
-/* crypto/bn/bnspeed.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* most of this code has been pilfered from my libdes speed.c program */
-
-#define BASENUM 1000000
-#undef PROG
-#define PROG bnspeed_main
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <signal.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-# define TIMES
-#endif
-
-#ifndef _IRIX
-# include <time.h>
-#endif
-#ifdef TIMES
-# include <sys/types.h>
-# include <sys/times.h>
-#endif
-
-/*
- * Depending on the VMS version, the tms structure is perhaps defined. The
- * __TMS macro will show if it was.  If it wasn't defined, we should undefine
- * TIMES, since that tells the rest of the program how things should be
- * handled.  -- Richard Levitte
- */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-# undef TIMES
-#endif
-
-#ifndef TIMES
-# include <sys/timeb.h>
-#endif
-
-#if defined(sun) || defined(__ultrix)
-# define _POSIX_SOURCE
-# include <limits.h>
-# include <sys/param.h>
-#endif
-
-#include <openssl/bn.h>
-#include <openssl/x509.h>
-
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-# ifndef CLK_TCK
-#  ifndef _BSD_CLK_TCK_         /* FreeBSD hack */
-#   define HZ   100.0
-#  else                         /* _BSD_CLK_TCK_ */
-#   define HZ ((double)_BSD_CLK_TCK_)
-#  endif
-# else                          /* CLK_TCK */
-#  define HZ ((double)CLK_TCK)
-# endif
-#endif
-
-#undef BUFSIZE
-#define BUFSIZE ((long)1024*8)
-int run = 0;
-
-static double Time_F(int s);
-#define START   0
-#define STOP    1
-
-static double Time_F(int s)
-{
-    double ret;
-#ifdef TIMES
-    static struct tms tstart, tend;
-
-    if (s == START) {
-        times(&tstart);
-        return (0);
-    } else {
-        times(&tend);
-        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
-        return ((ret < 1e-3) ? 1e-3 : ret);
-    }
-#else                           /* !times() */
-    static struct timeb tstart, tend;
-    long i;
-
-    if (s == START) {
-        ftime(&tstart);
-        return (0);
-    } else {
-        ftime(&tend);
-        i = (long)tend.millitm - (long)tstart.millitm;
-        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1000.0;
-        return ((ret < 0.001) ? 0.001 : ret);
-    }
-#endif
-}
-
-#define NUM_SIZES       5
-static int sizes[NUM_SIZES] = { 128, 256, 512, 1024, 2048 };
-
-/*
- * static int sizes[NUM_SIZES]={59,179,299,419,539};
- */
-
-void do_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
-
-int main(int argc, char **argv)
-{
-    BN_CTX *ctx;
-    BIGNUM a, b, c;
-
-    ctx = BN_CTX_new();
-    BN_init(&a);
-    BN_init(&b);
-    BN_init(&c);
-
-    do_mul(&a, &b, &c, ctx);
-}
-
-void do_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx)
-{
-    int i, j, k;
-    double tm;
-    long num;
-
-    for (i = 0; i < NUM_SIZES; i++) {
-        num = BASENUM;
-        if (i)
-            num /= (i * 3);
-        BN_rand(a, sizes[i], 1, 0);
-        for (j = i; j < NUM_SIZES; j++) {
-            BN_rand(b, sizes[j], 1, 0);
-            Time_F(START);
-            for (k = 0; k < num; k++)
-                BN_mul(r, b, a, ctx);
-            tm = Time_F(STOP);
-            printf("mul %4d x %4d -> %8.3fms\n", sizes[i], sizes[j],
-                   tm * 1000.0 / num);
-        }
-    }
-
-    for (i = 0; i < NUM_SIZES; i++) {
-        num = BASENUM;
-        if (i)
-            num /= (i * 3);
-        BN_rand(a, sizes[i], 1, 0);
-        Time_F(START);
-        for (k = 0; k < num; k++)
-            BN_sqr(r, a, ctx);
-        tm = Time_F(STOP);
-        printf("sqr %4d x %4d -> %8.3fms\n", sizes[i], sizes[i],
-               tm * 1000.0 / num);
-    }
-
-    for (i = 0; i < NUM_SIZES; i++) {
-        num = BASENUM / 10;
-        if (i)
-            num /= (i * 3);
-        BN_rand(a, sizes[i] - 1, 1, 0);
-        for (j = i; j < NUM_SIZES; j++) {
-            BN_rand(b, sizes[j], 1, 0);
-            Time_F(START);
-            for (k = 0; k < 100000; k++)
-                BN_div(r, NULL, b, a, ctx);
-            tm = Time_F(STOP);
-            printf("div %4d / %4d -> %8.3fms\n", sizes[j], sizes[i] - 1,
-                   tm * 1000.0 / num);
-        }
-    }
-}
diff --git a/thirdparty/openssl/crypto/bn/exp.c b/thirdparty/openssl/crypto/bn/exp.c
deleted file mode 100644
index fbce28c5be..0000000000
--- a/thirdparty/openssl/crypto/bn/exp.c
+++ /dev/null
@@ -1,61 +0,0 @@
-/* unused */
-
-#include <stdio.h>
-#include <openssl/tmdiff.h>
-#include "bn_lcl.h"
-
-#define SIZE    256
-#define NUM     (8*8*8)
-#define MOD     (8*8*8*8*8)
-
-main(argc, argv)
-int argc;
-char *argv[];
-{
-    BN_CTX ctx;
-    BIGNUM a, b, c, r, rr, t, l;
-    int j, i, size = SIZE, num = NUM, mod = MOD;
-    char *start, *end;
-    BN_MONT_CTX mont;
-    double d, md;
-
-    BN_MONT_CTX_init(&mont);
-    BN_CTX_init(&ctx);
-    BN_init(&a);
-    BN_init(&b);
-    BN_init(&c);
-    BN_init(&r);
-
-    start = ms_time_new();
-    end = ms_time_new();
-    while (size <= 1024 * 8) {
-        BN_rand(&a, size, 0, 0);
-        BN_rand(&b, size, 1, 0);
-        BN_rand(&c, size, 0, 1);
-
-        BN_mod(&a, &a, &c, &ctx);
-
-        ms_time_get(start);
-        for (i = 0; i < 10; i++)
-            BN_MONT_CTX_set(&mont, &c, &ctx);
-        ms_time_get(end);
-        md = ms_time_diff(start, end);
-
-        ms_time_get(start);
-        for (i = 0; i < num; i++) {
-            /* bn_mull(&r,&a,&b,&ctx); */
-            /* BN_sqr(&r,&a,&ctx); */
-            BN_mod_exp_mont(&r, &a, &b, &c, &ctx, &mont);
-        }
-        ms_time_get(end);
-        d = ms_time_diff(start, end) /* *50/33 */ ;
-        printf("%5d bit:%6.2f %6d %6.4f %4d m_set(%5.4f)\n", size,
-               d, num, d / num, (int)((d / num) * mod), md / 10.0);
-        num /= 8;
-        mod /= 8;
-        if (num <= 0)
-            num = 1;
-        size *= 2;
-    }
-
-}
diff --git a/thirdparty/openssl/crypto/bn/expspeed.c b/thirdparty/openssl/crypto/bn/expspeed.c
deleted file mode 100644
index 513a568a48..0000000000
--- a/thirdparty/openssl/crypto/bn/expspeed.c
+++ /dev/null
@@ -1,381 +0,0 @@
-/* unused */
-
-/* crypto/bn/expspeed.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* most of this code has been pilfered from my libdes speed.c program */
-
-#define BASENUM 5000
-#define NUM_START 0
-
-/*
- * determine timings for modexp, modmul, modsqr, gcd, Kronecker symbol,
- * modular inverse, or modular square roots
- */
-#define TEST_EXP
-#undef TEST_MUL
-#undef TEST_SQR
-#undef TEST_GCD
-#undef TEST_KRON
-#undef TEST_INV
-#undef TEST_SQRT
-#define P_MOD_64 9              /* least significant 6 bits for prime to be
-                                 * used for BN_sqrt timings */
-
-#if defined(TEST_EXP) + defined(TEST_MUL) + defined(TEST_SQR) + defined(TEST_GCD) + defined(TEST_KRON) + defined(TEST_INV) +defined(TEST_SQRT) != 1
-# error "choose one test"
-#endif
-
-#if defined(TEST_INV) || defined(TEST_SQRT)
-# define C_PRIME
-static void genprime_cb(int p, int n, void *arg);
-#endif
-
-#undef PROG
-#define PROG bnspeed_main
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <signal.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/rand.h>
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-# define TIMES
-#endif
-
-#ifndef _IRIX
-# include <time.h>
-#endif
-#ifdef TIMES
-# include <sys/types.h>
-# include <sys/times.h>
-#endif
-
-/*
- * Depending on the VMS version, the tms structure is perhaps defined. The
- * __TMS macro will show if it was.  If it wasn't defined, we should undefine
- * TIMES, since that tells the rest of the program how things should be
- * handled.  -- Richard Levitte
- */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-# undef TIMES
-#endif
-
-#ifndef TIMES
-# include <sys/timeb.h>
-#endif
-
-#if defined(sun) || defined(__ultrix)
-# define _POSIX_SOURCE
-# include <limits.h>
-# include <sys/param.h>
-#endif
-
-#include <openssl/bn.h>
-#include <openssl/x509.h>
-
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-# ifndef CLK_TCK
-#  ifndef _BSD_CLK_TCK_         /* FreeBSD hack */
-#   define HZ   100.0
-#  else                         /* _BSD_CLK_TCK_ */
-#   define HZ ((double)_BSD_CLK_TCK_)
-#  endif
-# else                          /* CLK_TCK */
-#  define HZ ((double)CLK_TCK)
-# endif
-#endif
-
-#undef BUFSIZE
-#define BUFSIZE ((long)1024*8)
-int run = 0;
-
-static double Time_F(int s);
-#define START   0
-#define STOP    1
-
-static double Time_F(int s)
-{
-    double ret;
-#ifdef TIMES
-    static struct tms tstart, tend;
-
-    if (s == START) {
-        times(&tstart);
-        return (0);
-    } else {
-        times(&tend);
-        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
-        return ((ret < 1e-3) ? 1e-3 : ret);
-    }
-#else                           /* !times() */
-    static struct timeb tstart, tend;
-    long i;
-
-    if (s == START) {
-        ftime(&tstart);
-        return (0);
-    } else {
-        ftime(&tend);
-        i = (long)tend.millitm - (long)tstart.millitm;
-        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1000.0;
-        return ((ret < 0.001) ? 0.001 : ret);
-    }
-#endif
-}
-
-#define NUM_SIZES       7
-#if NUM_START > NUM_SIZES
-# error "NUM_START > NUM_SIZES"
-#endif
-static int sizes[NUM_SIZES] = { 128, 256, 512, 1024, 2048, 4096, 8192 };
-
-static int mul_c[NUM_SIZES] =
-    { 8 * 8 * 8 * 8 * 8 * 8, 8 * 8 * 8 * 8 * 8, 8 * 8 * 8 * 8, 8 * 8 * 8,
-    8 * 8, 8, 1
-};
-
-/*
- * static int sizes[NUM_SIZES]={59,179,299,419,539};
- */
-
-#define RAND_SEED(string) { const char str[] = string; RAND_seed(string, sizeof str); }
-
-void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx);
-
-int main(int argc, char **argv)
-{
-    BN_CTX *ctx;
-    BIGNUM *a, *b, *c, *r;
-
-#if 1
-    if (!CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0))
-        abort();
-#endif
-
-    ctx = BN_CTX_new();
-    a = BN_new();
-    b = BN_new();
-    c = BN_new();
-    r = BN_new();
-
-    while (!RAND_status())
-        /* not enough bits */
-        RAND_SEED("I demand a manual recount!");
-
-    do_mul_exp(r, a, b, c, ctx);
-    return 0;
-}
-
-void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx)
-{
-    int i, k;
-    double tm;
-    long num;
-
-    num = BASENUM;
-    for (i = NUM_START; i < NUM_SIZES; i++) {
-#ifdef C_PRIME
-# ifdef TEST_SQRT
-        if (!BN_set_word(a, 64))
-            goto err;
-        if (!BN_set_word(b, P_MOD_64))
-            goto err;
-#  define ADD a
-#  define REM b
-# else
-#  define ADD NULL
-#  define REM NULL
-# endif
-        if (!BN_generate_prime(c, sizes[i], 0, ADD, REM, genprime_cb, NULL))
-            goto err;
-        putc('\n', stderr);
-        fflush(stderr);
-#endif
-
-        for (k = 0; k < num; k++) {
-            if (k % 50 == 0) {  /* Average over num/50 different choices of
-                                 * random numbers. */
-                if (!BN_pseudo_rand(a, sizes[i], 1, 0))
-                    goto err;
-
-                if (!BN_pseudo_rand(b, sizes[i], 1, 0))
-                    goto err;
-
-#ifndef C_PRIME
-                if (!BN_pseudo_rand(c, sizes[i], 1, 1))
-                    goto err;
-#endif
-
-#ifdef TEST_SQRT
-                if (!BN_mod_sqr(a, a, c, ctx))
-                    goto err;
-                if (!BN_mod_sqr(b, b, c, ctx))
-                    goto err;
-#else
-                if (!BN_nnmod(a, a, c, ctx))
-                    goto err;
-                if (!BN_nnmod(b, b, c, ctx))
-                    goto err;
-#endif
-
-                if (k == 0)
-                    Time_F(START);
-            }
-#if defined(TEST_EXP)
-            if (!BN_mod_exp(r, a, b, c, ctx))
-                goto err;
-#elif defined(TEST_MUL)
-            {
-                int i = 0;
-                for (i = 0; i < 50; i++)
-                    if (!BN_mod_mul(r, a, b, c, ctx))
-                        goto err;
-            }
-#elif defined(TEST_SQR)
-            {
-                int i = 0;
-                for (i = 0; i < 50; i++) {
-                    if (!BN_mod_sqr(r, a, c, ctx))
-                        goto err;
-                    if (!BN_mod_sqr(r, b, c, ctx))
-                        goto err;
-                }
-            }
-#elif defined(TEST_GCD)
-            if (!BN_gcd(r, a, b, ctx))
-                goto err;
-            if (!BN_gcd(r, b, c, ctx))
-                goto err;
-            if (!BN_gcd(r, c, a, ctx))
-                goto err;
-#elif defined(TEST_KRON)
-            if (-2 == BN_kronecker(a, b, ctx))
-                goto err;
-            if (-2 == BN_kronecker(b, c, ctx))
-                goto err;
-            if (-2 == BN_kronecker(c, a, ctx))
-                goto err;
-#elif defined(TEST_INV)
-            if (!BN_mod_inverse(r, a, c, ctx))
-                goto err;
-            if (!BN_mod_inverse(r, b, c, ctx))
-                goto err;
-#else                           /* TEST_SQRT */
-            if (!BN_mod_sqrt(r, a, c, ctx))
-                goto err;
-            if (!BN_mod_sqrt(r, b, c, ctx))
-                goto err;
-#endif
-        }
-        tm = Time_F(STOP);
-        printf(
-#if defined(TEST_EXP)
-                  "modexp %4d ^ %4d %% %4d"
-#elif defined(TEST_MUL)
-                  "50*modmul %4d %4d %4d"
-#elif defined(TEST_SQR)
-                  "100*modsqr %4d %4d %4d"
-#elif defined(TEST_GCD)
-                  "3*gcd %4d %4d %4d"
-#elif defined(TEST_KRON)
-                  "3*kronecker %4d %4d %4d"
-#elif defined(TEST_INV)
-                  "2*inv %4d %4d mod %4d"
-#else                           /* TEST_SQRT */
-                  "2*sqrt [prime == %d (mod 64)] %4d %4d mod %4d"
-#endif
-                  " -> %8.6fms %5.1f (%ld)\n",
-#ifdef TEST_SQRT
-                  P_MOD_64,
-#endif
-                  sizes[i], sizes[i], sizes[i], tm * 1000.0 / num,
-                  tm * mul_c[i] / num, num);
-        num /= 7;
-        if (num <= 0)
-            num = 1;
-    }
-    return;
-
- err:
-    ERR_print_errors_fp(stderr);
-}
-
-#ifdef C_PRIME
-static void genprime_cb(int p, int n, void *arg)
-{
-    char c = '*';
-
-    if (p == 0)
-        c = '.';
-    if (p == 1)
-        c = '+';
-    if (p == 2)
-        c = '*';
-    if (p == 3)
-        c = '\n';
-    putc(c, stderr);
-    fflush(stderr);
-    (void)n;
-    (void)arg;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/bn/rsaz_exp.c b/thirdparty/openssl/crypto/bn/rsaz_exp.c
deleted file mode 100644
index c54c6feb51..0000000000
--- a/thirdparty/openssl/crypto/bn/rsaz_exp.c
+++ /dev/null
@@ -1,346 +0,0 @@
-/*****************************************************************************
-*                                                                            *
-*  Copyright (c) 2012, Intel Corporation                                     *
-*                                                                            *
-*  All rights reserved.                                                      *
-*                                                                            *
-*  Redistribution and use in source and binary forms, with or without        *
-*  modification, are permitted provided that the following conditions are    *
-*  met:                                                                      *
-*                                                                            *
-*  *  Redistributions of source code must retain the above copyright         *
-*     notice, this list of conditions and the following disclaimer.          *
-*                                                                            *
-*  *  Redistributions in binary form must reproduce the above copyright      *
-*     notice, this list of conditions and the following disclaimer in the    *
-*     documentation and/or other materials provided with the                 *
-*     distribution.                                                          *
-*                                                                            *
-*  *  Neither the name of the Intel Corporation nor the names of its         *
-*     contributors may be used to endorse or promote products derived from   *
-*     this software without specific prior written permission.               *
-*                                                                            *
-*                                                                            *
-*  THIS SOFTWARE IS PROVIDED BY INTEL CORPORATION ""AS IS"" AND ANY          *
-*  EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE         *
-*  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR        *
-*  PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL INTEL CORPORATION OR            *
-*  CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,     *
-*  EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,       *
-*  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR        *
-*  PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF    *
-*  LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING      *
-*  NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS        *
-*  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.              *
-*                                                                            *
-******************************************************************************
-* Developers and authors:                                                    *
-* Shay Gueron (1, 2), and Vlad Krasnov (1)                                   *
-* (1) Intel Corporation, Israel Development Center, Haifa, Israel            *
-* (2) University of Haifa, Israel                                            *
-*****************************************************************************/
-
-#include "rsaz_exp.h"
-
-#ifdef RSAZ_ENABLED
-
-/*
- * See crypto/bn/asm/rsaz-avx2.pl for further details.
- */
-void rsaz_1024_norm2red_avx2(void *red, const void *norm);
-void rsaz_1024_mul_avx2(void *ret, const void *a, const void *b,
-                        const void *n, BN_ULONG k);
-void rsaz_1024_sqr_avx2(void *ret, const void *a, const void *n, BN_ULONG k,
-                        int cnt);
-void rsaz_1024_scatter5_avx2(void *tbl, const void *val, int i);
-void rsaz_1024_gather5_avx2(void *val, const void *tbl, int i);
-void rsaz_1024_red2norm_avx2(void *norm, const void *red);
-
-#if defined(__GNUC__)
-# define ALIGN64        __attribute__((aligned(64)))
-#elif defined(_MSC_VER)
-# define ALIGN64        __declspec(align(64))
-#elif defined(__SUNPRO_C)
-# define ALIGN64
-# pragma align 64(one,two80)
-#else
-/* not fatal, might hurt performance a little */
-# define ALIGN64
-#endif
-
-ALIGN64 static const BN_ULONG one[40] = {
-    1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-};
-
-ALIGN64 static const BN_ULONG two80[40] = {
-    0, 0, 1 << 22, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-};
-
-void RSAZ_1024_mod_exp_avx2(BN_ULONG result_norm[16],
-                            const BN_ULONG base_norm[16],
-                            const BN_ULONG exponent[16],
-                            const BN_ULONG m_norm[16], const BN_ULONG RR[16],
-                            BN_ULONG k0)
-{
-    unsigned char storage[320 * 3 + 32 * 9 * 16 + 64]; /* 5.5KB */
-    unsigned char *p_str = storage + (64 - ((size_t)storage % 64));
-    unsigned char *a_inv, *m, *result;
-    unsigned char *table_s = p_str + 320 * 3;
-    unsigned char *R2 = table_s; /* borrow */
-    int index;
-    int wvalue;
-
-    if ((((size_t)p_str & 4095) + 320) >> 12) {
-        result = p_str;
-        a_inv = p_str + 320;
-        m = p_str + 320 * 2;    /* should not cross page */
-    } else {
-        m = p_str;              /* should not cross page */
-        result = p_str + 320;
-        a_inv = p_str + 320 * 2;
-    }
-
-    rsaz_1024_norm2red_avx2(m, m_norm);
-    rsaz_1024_norm2red_avx2(a_inv, base_norm);
-    rsaz_1024_norm2red_avx2(R2, RR);
-
-    rsaz_1024_mul_avx2(R2, R2, R2, m, k0);
-    rsaz_1024_mul_avx2(R2, R2, two80, m, k0);
-
-    /* table[0] = 1 */
-    rsaz_1024_mul_avx2(result, R2, one, m, k0);
-    /* table[1] = a_inv^1 */
-    rsaz_1024_mul_avx2(a_inv, a_inv, R2, m, k0);
-
-    rsaz_1024_scatter5_avx2(table_s, result, 0);
-    rsaz_1024_scatter5_avx2(table_s, a_inv, 1);
-
-    /* table[2] = a_inv^2 */
-    rsaz_1024_sqr_avx2(result, a_inv, m, k0, 1);
-    rsaz_1024_scatter5_avx2(table_s, result, 2);
-#if 0
-    /* this is almost 2x smaller and less than 1% slower */
-    for (index = 3; index < 32; index++) {
-        rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
-        rsaz_1024_scatter5_avx2(table_s, result, index);
-    }
-#else
-    /* table[4] = a_inv^4 */
-    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
-    rsaz_1024_scatter5_avx2(table_s, result, 4);
-    /* table[8] = a_inv^8 */
-    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
-    rsaz_1024_scatter5_avx2(table_s, result, 8);
-    /* table[16] = a_inv^16 */
-    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
-    rsaz_1024_scatter5_avx2(table_s, result, 16);
-    /* table[17] = a_inv^17 */
-    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
-    rsaz_1024_scatter5_avx2(table_s, result, 17);
-
-    /* table[3] */
-    rsaz_1024_gather5_avx2(result, table_s, 2);
-    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
-    rsaz_1024_scatter5_avx2(table_s, result, 3);
-    /* table[6] */
-    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
-    rsaz_1024_scatter5_avx2(table_s, result, 6);
-    /* table[12] */
-    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
-    rsaz_1024_scatter5_avx2(table_s, result, 12);
-    /* table[24] */
-    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
-    rsaz_1024_scatter5_avx2(table_s, result, 24);
-    /* table[25] */
-    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
-    rsaz_1024_scatter5_avx2(table_s, result, 25);
-
-    /* table[5] */
-    rsaz_1024_gather5_avx2(result, table_s, 4);
-    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
-    rsaz_1024_scatter5_avx2(table_s, result, 5);
-    /* table[10] */
-    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
-    rsaz_1024_scatter5_avx2(table_s, result, 10);
-    /* table[20] */
-    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
-    rsaz_1024_scatter5_avx2(table_s, result, 20);
-    /* table[21] */
-    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
-    rsaz_1024_scatter5_avx2(table_s, result, 21);
-
-    /* table[7] */
-    rsaz_1024_gather5_avx2(result, table_s, 6);
-    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
-    rsaz_1024_scatter5_avx2(table_s, result, 7);
-    /* table[14] */
-    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
-    rsaz_1024_scatter5_avx2(table_s, result, 14);
-    /* table[28] */
-    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
-    rsaz_1024_scatter5_avx2(table_s, result, 28);
-    /* table[29] */
-    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
-    rsaz_1024_scatter5_avx2(table_s, result, 29);
-
-    /* table[9] */
-    rsaz_1024_gather5_avx2(result, table_s, 8);
-    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
-    rsaz_1024_scatter5_avx2(table_s, result, 9);
-    /* table[18] */
-    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
-    rsaz_1024_scatter5_avx2(table_s, result, 18);
-    /* table[19] */
-    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
-    rsaz_1024_scatter5_avx2(table_s, result, 19);
-
-    /* table[11] */
-    rsaz_1024_gather5_avx2(result, table_s, 10);
-    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
-    rsaz_1024_scatter5_avx2(table_s, result, 11);
-    /* table[22] */
-    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
-    rsaz_1024_scatter5_avx2(table_s, result, 22);
-    /* table[23] */
-    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
-    rsaz_1024_scatter5_avx2(table_s, result, 23);
-
-    /* table[13] */
-    rsaz_1024_gather5_avx2(result, table_s, 12);
-    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
-    rsaz_1024_scatter5_avx2(table_s, result, 13);
-    /* table[26] */
-    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
-    rsaz_1024_scatter5_avx2(table_s, result, 26);
-    /* table[27] */
-    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
-    rsaz_1024_scatter5_avx2(table_s, result, 27);
-
-    /* table[15] */
-    rsaz_1024_gather5_avx2(result, table_s, 14);
-    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
-    rsaz_1024_scatter5_avx2(table_s, result, 15);
-    /* table[30] */
-    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
-    rsaz_1024_scatter5_avx2(table_s, result, 30);
-    /* table[31] */
-    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
-    rsaz_1024_scatter5_avx2(table_s, result, 31);
-#endif
-
-    /* load first window */
-    p_str = (unsigned char *)exponent;
-    wvalue = p_str[127] >> 3;
-    rsaz_1024_gather5_avx2(result, table_s, wvalue);
-
-    index = 1014;
-
-    while (index > -1) {        /* loop for the remaining 127 windows */
-
-        rsaz_1024_sqr_avx2(result, result, m, k0, 5);
-
-        wvalue = *((unsigned short *)&p_str[index / 8]);
-        wvalue = (wvalue >> (index % 8)) & 31;
-        index -= 5;
-
-        rsaz_1024_gather5_avx2(a_inv, table_s, wvalue); /* borrow a_inv */
-        rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
-    }
-
-    /* square four times */
-    rsaz_1024_sqr_avx2(result, result, m, k0, 4);
-
-    wvalue = p_str[0] & 15;
-
-    rsaz_1024_gather5_avx2(a_inv, table_s, wvalue); /* borrow a_inv */
-    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
-
-    /* from Montgomery */
-    rsaz_1024_mul_avx2(result, result, one, m, k0);
-
-    rsaz_1024_red2norm_avx2(result_norm, result);
-
-    OPENSSL_cleanse(storage, sizeof(storage));
-}
-
-/*
- * See crypto/bn/rsaz-x86_64.pl for further details.
- */
-void rsaz_512_mul(void *ret, const void *a, const void *b, const void *n,
-                  BN_ULONG k);
-void rsaz_512_mul_scatter4(void *ret, const void *a, const void *n,
-                           BN_ULONG k, const void *tbl, unsigned int power);
-void rsaz_512_mul_gather4(void *ret, const void *a, const void *tbl,
-                          const void *n, BN_ULONG k, unsigned int power);
-void rsaz_512_mul_by_one(void *ret, const void *a, const void *n, BN_ULONG k);
-void rsaz_512_sqr(void *ret, const void *a, const void *n, BN_ULONG k,
-                  int cnt);
-void rsaz_512_scatter4(void *tbl, const BN_ULONG *val, int power);
-void rsaz_512_gather4(BN_ULONG *val, const void *tbl, int power);
-
-void RSAZ_512_mod_exp(BN_ULONG result[8],
-                      const BN_ULONG base[8], const BN_ULONG exponent[8],
-                      const BN_ULONG m[8], BN_ULONG k0, const BN_ULONG RR[8])
-{
-    unsigned char storage[16 * 8 * 8 + 64 * 2 + 64]; /* 1.2KB */
-    unsigned char *table = storage + (64 - ((size_t)storage % 64));
-    BN_ULONG *a_inv = (BN_ULONG *)(table + 16 * 8 * 8);
-    BN_ULONG *temp = (BN_ULONG *)(table + 16 * 8 * 8 + 8 * 8);
-    unsigned char *p_str = (unsigned char *)exponent;
-    int index;
-    unsigned int wvalue;
-
-    /* table[0] = 1_inv */
-    temp[0] = 0 - m[0];
-    temp[1] = ~m[1];
-    temp[2] = ~m[2];
-    temp[3] = ~m[3];
-    temp[4] = ~m[4];
-    temp[5] = ~m[5];
-    temp[6] = ~m[6];
-    temp[7] = ~m[7];
-    rsaz_512_scatter4(table, temp, 0);
-
-    /* table [1] = a_inv^1 */
-    rsaz_512_mul(a_inv, base, RR, m, k0);
-    rsaz_512_scatter4(table, a_inv, 1);
-
-    /* table [2] = a_inv^2 */
-    rsaz_512_sqr(temp, a_inv, m, k0, 1);
-    rsaz_512_scatter4(table, temp, 2);
-
-    for (index = 3; index < 16; index++)
-        rsaz_512_mul_scatter4(temp, a_inv, m, k0, table, index);
-
-    /* load first window */
-    wvalue = p_str[63];
-
-    rsaz_512_gather4(temp, table, wvalue >> 4);
-    rsaz_512_sqr(temp, temp, m, k0, 4);
-    rsaz_512_mul_gather4(temp, temp, table, m, k0, wvalue & 0xf);
-
-    for (index = 62; index >= 0; index--) {
-        wvalue = p_str[index];
-
-        rsaz_512_sqr(temp, temp, m, k0, 4);
-        rsaz_512_mul_gather4(temp, temp, table, m, k0, wvalue >> 4);
-
-        rsaz_512_sqr(temp, temp, m, k0, 4);
-        rsaz_512_mul_gather4(temp, temp, table, m, k0, wvalue & 0x0f);
-    }
-
-    /* from Montgomery */
-    rsaz_512_mul_by_one(result, temp, m, k0);
-
-    OPENSSL_cleanse(storage, sizeof(storage));
-}
-
-#else
-
-# if defined(PEDANTIC) || defined(__DECC) || defined(__clang__)
-static void *dummy = &dummy;
-# endif
-
-#endif
diff --git a/thirdparty/openssl/crypto/bn/rsaz_exp.h b/thirdparty/openssl/crypto/bn/rsaz_exp.h
deleted file mode 100644
index 229e181f67..0000000000
--- a/thirdparty/openssl/crypto/bn/rsaz_exp.h
+++ /dev/null
@@ -1,68 +0,0 @@
-/*****************************************************************************
-*                                                                            *
-*  Copyright (c) 2012, Intel Corporation                                     *
-*                                                                            *
-*  All rights reserved.                                                      *
-*                                                                            *
-*  Redistribution and use in source and binary forms, with or without        *
-*  modification, are permitted provided that the following conditions are    *
-*  met:                                                                      *
-*                                                                            *
-*  *  Redistributions of source code must retain the above copyright         *
-*     notice, this list of conditions and the following disclaimer.          *
-*                                                                            *
-*  *  Redistributions in binary form must reproduce the above copyright      *
-*     notice, this list of conditions and the following disclaimer in the    *
-*     documentation and/or other materials provided with the                 *
-*     distribution.                                                          *
-*                                                                            *
-*  *  Neither the name of the Intel Corporation nor the names of its         *
-*     contributors may be used to endorse or promote products derived from   *
-*     this software without specific prior written permission.               *
-*                                                                            *
-*                                                                            *
-*  THIS SOFTWARE IS PROVIDED BY INTEL CORPORATION ""AS IS"" AND ANY          *
-*  EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE         *
-*  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR        *
-*  PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL INTEL CORPORATION OR            *
-*  CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,     *
-*  EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,       *
-*  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR        *
-*  PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF    *
-*  LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING      *
-*  NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS        *
-*  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.              *
-*                                                                            *
-******************************************************************************
-* Developers and authors:                                                    *
-* Shay Gueron (1, 2), and Vlad Krasnov (1)                                   *
-* (1) Intel Corporation, Israel Development Center, Haifa, Israel            *
-* (2) University of Haifa, Israel                                            *
-*****************************************************************************/
-
-#ifndef RSAZ_EXP_H
-# define RSAZ_EXP_H
-
-# undef RSAZ_ENABLED
-# if defined(OPENSSL_BN_ASM_MONT) && \
-        (defined(__x86_64) || defined(__x86_64__) || \
-         defined(_M_AMD64) || defined(_M_X64))
-#  define RSAZ_ENABLED
-
-#  include <openssl/bn.h>
-
-void RSAZ_1024_mod_exp_avx2(BN_ULONG result[16],
-                            const BN_ULONG base_norm[16],
-                            const BN_ULONG exponent[16],
-                            const BN_ULONG m_norm[16], const BN_ULONG RR[16],
-                            BN_ULONG k0);
-int rsaz_avx2_eligible();
-
-void RSAZ_512_mod_exp(BN_ULONG result[8],
-                      const BN_ULONG base_norm[8], const BN_ULONG exponent[8],
-                      const BN_ULONG m_norm[8], BN_ULONG k0,
-                      const BN_ULONG RR[8]);
-
-# endif
-
-#endif
diff --git a/thirdparty/openssl/crypto/bn/todo b/thirdparty/openssl/crypto/bn/todo
deleted file mode 100644
index e47e381aea..0000000000
--- a/thirdparty/openssl/crypto/bn/todo
+++ /dev/null
@@ -1,3 +0,0 @@
-Cache RECP_CTX values
-make the result argument independant of the inputs.
-split up the _exp_ functions
diff --git a/thirdparty/openssl/crypto/bn/vms-helper.c b/thirdparty/openssl/crypto/bn/vms-helper.c
deleted file mode 100644
index f342e90cbf..0000000000
--- a/thirdparty/openssl/crypto/bn/vms-helper.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/* vms-helper.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include "bn_lcl.h"
-
-bn_div_words_abort(int i)
-{
-#ifdef BN_DEBUG
-# if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16)
-    fprintf(stderr, "Division would overflow (%d)\n", i);
-# endif
-    abort();
-#endif
-}
diff --git a/thirdparty/openssl/crypto/buffer/buf_err.c b/thirdparty/openssl/crypto/buffer/buf_err.c
deleted file mode 100644
index 631eec38d7..0000000000
--- a/thirdparty/openssl/crypto/buffer/buf_err.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/* crypto/buffer/buf_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/buffer.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_BUF,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_BUF,0,reason)
-
-static ERR_STRING_DATA BUF_str_functs[] = {
-    {ERR_FUNC(BUF_F_BUF_MEMDUP), "BUF_memdup"},
-    {ERR_FUNC(BUF_F_BUF_MEM_GROW), "BUF_MEM_grow"},
-    {ERR_FUNC(BUF_F_BUF_MEM_GROW_CLEAN), "BUF_MEM_grow_clean"},
-    {ERR_FUNC(BUF_F_BUF_MEM_NEW), "BUF_MEM_new"},
-    {ERR_FUNC(BUF_F_BUF_STRDUP), "BUF_strdup"},
-    {ERR_FUNC(BUF_F_BUF_STRNDUP), "BUF_strndup"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA BUF_str_reasons[] = {
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_BUF_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(BUF_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, BUF_str_functs);
-        ERR_load_strings(0, BUF_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/buffer/buf_str.c b/thirdparty/openssl/crypto/buffer/buf_str.c
deleted file mode 100644
index fa0d608e76..0000000000
--- a/thirdparty/openssl/crypto/buffer/buf_str.c
+++ /dev/null
@@ -1,137 +0,0 @@
-/* crypto/buffer/buffer.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <limits.h>
-#include <openssl/buffer.h>
-
-size_t BUF_strnlen(const char *str, size_t maxlen)
-{
-    const char *p;
-
-    for (p = str; maxlen-- != 0 && *p != '\0'; ++p) ;
-
-    return p - str;
-}
-
-char *BUF_strdup(const char *str)
-{
-    if (str == NULL)
-        return NULL;
-    return BUF_strndup(str, strlen(str));
-}
-
-char *BUF_strndup(const char *str, size_t siz)
-{
-    char *ret;
-
-    if (str == NULL)
-        return NULL;
-
-    siz = BUF_strnlen(str, siz);
-
-    if (siz >= INT_MAX)
-        return NULL;
-
-    ret = OPENSSL_malloc(siz + 1);
-    if (ret == NULL) {
-        BUFerr(BUF_F_BUF_STRNDUP, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    memcpy(ret, str, siz);
-    ret[siz] = '\0';
-
-    return (ret);
-}
-
-void *BUF_memdup(const void *data, size_t siz)
-{
-    void *ret;
-
-    if (data == NULL || siz >= INT_MAX)
-        return NULL;
-
-    ret = OPENSSL_malloc(siz);
-    if (ret == NULL) {
-        BUFerr(BUF_F_BUF_MEMDUP, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    return memcpy(ret, data, siz);
-}
-
-size_t BUF_strlcpy(char *dst, const char *src, size_t size)
-{
-    size_t l = 0;
-    for (; size > 1 && *src; size--) {
-        *dst++ = *src++;
-        l++;
-    }
-    if (size)
-        *dst = '\0';
-    return l + strlen(src);
-}
-
-size_t BUF_strlcat(char *dst, const char *src, size_t size)
-{
-    size_t l = 0;
-    for (; size > 0 && *dst; size--, dst++)
-        l++;
-    return l + BUF_strlcpy(dst, src, size);
-}
diff --git a/thirdparty/openssl/crypto/buffer/buffer.c b/thirdparty/openssl/crypto/buffer/buffer.c
deleted file mode 100644
index eff3e08157..0000000000
--- a/thirdparty/openssl/crypto/buffer/buffer.c
+++ /dev/null
@@ -1,187 +0,0 @@
-/* crypto/buffer/buffer.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-
-/*
- * LIMIT_BEFORE_EXPANSION is the maximum n such that (n+3)/3*4 < 2**31. That
- * function is applied in several functions in this file and this limit
- * ensures that the result fits in an int.
- */
-#define LIMIT_BEFORE_EXPANSION 0x5ffffffc
-
-BUF_MEM *BUF_MEM_new(void)
-{
-    BUF_MEM *ret;
-
-    ret = OPENSSL_malloc(sizeof(BUF_MEM));
-    if (ret == NULL) {
-        BUFerr(BUF_F_BUF_MEM_NEW, ERR_R_MALLOC_FAILURE);
-        return (NULL);
-    }
-    ret->length = 0;
-    ret->max = 0;
-    ret->data = NULL;
-    return (ret);
-}
-
-void BUF_MEM_free(BUF_MEM *a)
-{
-    if (a == NULL)
-        return;
-
-    if (a->data != NULL) {
-        OPENSSL_cleanse(a->data, a->max);
-        OPENSSL_free(a->data);
-    }
-    OPENSSL_free(a);
-}
-
-int BUF_MEM_grow(BUF_MEM *str, size_t len)
-{
-    char *ret;
-    size_t n;
-
-    if (str->length >= len) {
-        str->length = len;
-        return (len);
-    }
-    if (str->max >= len) {
-        memset(&str->data[str->length], 0, len - str->length);
-        str->length = len;
-        return (len);
-    }
-    /* This limit is sufficient to ensure (len+3)/3*4 < 2**31 */
-    if (len > LIMIT_BEFORE_EXPANSION) {
-        BUFerr(BUF_F_BUF_MEM_GROW, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    n = (len + 3) / 3 * 4;
-    if (str->data == NULL)
-        ret = OPENSSL_malloc(n);
-    else
-        ret = OPENSSL_realloc(str->data, n);
-    if (ret == NULL) {
-        BUFerr(BUF_F_BUF_MEM_GROW, ERR_R_MALLOC_FAILURE);
-        len = 0;
-    } else {
-        str->data = ret;
-        str->max = n;
-        memset(&str->data[str->length], 0, len - str->length);
-        str->length = len;
-    }
-    return (len);
-}
-
-int BUF_MEM_grow_clean(BUF_MEM *str, size_t len)
-{
-    char *ret;
-    size_t n;
-
-    if (str->length >= len) {
-        memset(&str->data[len], 0, str->length - len);
-        str->length = len;
-        return (len);
-    }
-    if (str->max >= len) {
-        memset(&str->data[str->length], 0, len - str->length);
-        str->length = len;
-        return (len);
-    }
-    /* This limit is sufficient to ensure (len+3)/3*4 < 2**31 */
-    if (len > LIMIT_BEFORE_EXPANSION) {
-        BUFerr(BUF_F_BUF_MEM_GROW_CLEAN, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    n = (len + 3) / 3 * 4;
-    if (str->data == NULL)
-        ret = OPENSSL_malloc(n);
-    else
-        ret = OPENSSL_realloc_clean(str->data, str->max, n);
-    if (ret == NULL) {
-        BUFerr(BUF_F_BUF_MEM_GROW_CLEAN, ERR_R_MALLOC_FAILURE);
-        len = 0;
-    } else {
-        str->data = ret;
-        str->max = n;
-        memset(&str->data[str->length], 0, len - str->length);
-        str->length = len;
-    }
-    return (len);
-}
-
-void BUF_reverse(unsigned char *out, const unsigned char *in, size_t size)
-{
-    size_t i;
-    if (in) {
-        out += size - 1;
-        for (i = 0; i < size; i++)
-            *out-- = *in++;
-    } else {
-        unsigned char *q;
-        char c;
-        q = out + size - 1;
-        for (i = 0; i < size / 2; i++) {
-            c = *q;
-            *q-- = *out;
-            *out++ = c;
-        }
-    }
-}
diff --git a/thirdparty/openssl/crypto/camellia/camellia.c b/thirdparty/openssl/crypto/camellia/camellia.c
deleted file mode 100644
index 719fa61cf6..0000000000
--- a/thirdparty/openssl/crypto/camellia/camellia.c
+++ /dev/null
@@ -1,584 +0,0 @@
-/* crypto/camellia/camellia.c */
-/* ====================================================================
- * Copyright 2006 NTT (Nippon Telegraph and Telephone Corporation) .
- * ALL RIGHTS RESERVED.
- *
- * Intellectual Property information for Camellia:
- *     http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html
- *
- * News Release for Announcement of Camellia open source:
- *     http://www.ntt.co.jp/news/news06e/0604/060413a.html
- *
- * The Camellia Code included herein is developed by
- * NTT (Nippon Telegraph and Telephone Corporation), and is contributed
- * to the OpenSSL project.
- *
- * The Camellia Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-/*
- * Algorithm Specification
- * http://info.isl.ntt.co.jp/crypt/eng/camellia/specifications.html
- */
-
-/*
- * This release balances code size and performance. In particular key
- * schedule setup is fully unrolled, because doing so *significantly*
- * reduces amount of instructions per setup round and code increase is
- * justifiable. In block functions on the other hand only inner loops
- * are unrolled, as full unroll gives only nominal performance boost,
- * while code size grows 4 or 7 times. Also, unlike previous versions
- * this one "encourages" compiler to keep intermediate variables in
- * registers, which should give better "all round" results, in other
- * words reasonable performance even with not so modern compilers.
- */
-
-#include "camellia.h"
-#include "cmll_locl.h"
-#include <string.h>
-#include <stdlib.h>
-
-/* 32-bit rotations */
-#if !defined(PEDANTIC) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-# if defined(_MSC_VER) && (defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64))
-#  define RightRotate(x, s) _lrotr(x, s)
-#  define LeftRotate(x, s)  _lrotl(x, s)
-#  if _MSC_VER >= 1400
-#   define SWAP(x) _byteswap_ulong(x)
-#  else
-#   define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
-#  endif
-#  define GETU32(p)   SWAP(*((u32 *)(p)))
-#  define PUTU32(p,v) (*((u32 *)(p)) = SWAP((v)))
-# elif defined(__GNUC__) && __GNUC__>=2
-#  if defined(__i386) || defined(__x86_64)
-#   define RightRotate(x,s) ({u32 ret; asm ("rorl %1,%0":"=r"(ret):"I"(s),"0"(x):"cc"); ret; })
-#   define LeftRotate(x,s)  ({u32 ret; asm ("roll %1,%0":"=r"(ret):"I"(s),"0"(x):"cc"); ret; })
-#   if defined(B_ENDIAN)        /* stratus.com does it */
-#    define GETU32(p)   (*(u32 *)(p))
-#    define PUTU32(p,v) (*(u32 *)(p)=(v))
-#   else
-#    define GETU32(p)   ({u32 r=*(const u32 *)(p); asm("bswapl %0":"=r"(r):"0"(r)); r; })
-#    define PUTU32(p,v) ({u32 r=(v); asm("bswapl %0":"=r"(r):"0"(r)); *(u32 *)(p)=r; })
-#   endif
-#  elif defined(_ARCH_PPC) || defined(_ARCH_PPC64) || \
-        defined(__powerpc) || defined(__ppc__) || defined(__powerpc64__)
-#   define LeftRotate(x,s)  ({u32 ret; asm ("rlwinm %0,%1,%2,0,31":"=r"(ret):"r"(x),"I"(s)); ret; })
-#   define RightRotate(x,s) LeftRotate(x,(32-s))
-#  elif defined(__s390x__)
-#   define LeftRotate(x,s)  ({u32 ret; asm ("rll %0,%1,%2":"=r"(ret):"r"(x),"I"(s)); ret; })
-#   define RightRotate(x,s) LeftRotate(x,(32-s))
-#   define GETU32(p)   (*(u32 *)(p))
-#   define PUTU32(p,v) (*(u32 *)(p)=(v))
-#  endif
-# endif
-#endif
-
-#if !defined(RightRotate) && !defined(LeftRotate)
-# define RightRotate(x, s) ( ((x) >> (s)) + ((x) << (32 - s)) )
-# define LeftRotate(x, s)  ( ((x) << (s)) + ((x) >> (32 - s)) )
-#endif
-
-#if !defined(GETU32) && !defined(PUTU32)
-# define GETU32(p)   (((u32)(p)[0] << 24) ^ ((u32)(p)[1] << 16) ^ ((u32)(p)[2] <<  8) ^ ((u32)(p)[3]))
-# define PUTU32(p,v) ((p)[0] = (u8)((v) >> 24), (p)[1] = (u8)((v) >> 16), (p)[2] = (u8)((v) >>  8), (p)[3] = (u8)(v))
-#endif
-
-/* S-box data */
-#define SBOX1_1110 Camellia_SBOX[0]
-#define SBOX4_4404 Camellia_SBOX[1]
-#define SBOX2_0222 Camellia_SBOX[2]
-#define SBOX3_3033 Camellia_SBOX[3]
-static const u32 Camellia_SBOX[][256] = {
-    {0x70707000, 0x82828200, 0x2c2c2c00, 0xececec00, 0xb3b3b300, 0x27272700,
-     0xc0c0c000, 0xe5e5e500, 0xe4e4e400, 0x85858500, 0x57575700, 0x35353500,
-     0xeaeaea00, 0x0c0c0c00, 0xaeaeae00, 0x41414100, 0x23232300, 0xefefef00,
-     0x6b6b6b00, 0x93939300, 0x45454500, 0x19191900, 0xa5a5a500, 0x21212100,
-     0xededed00, 0x0e0e0e00, 0x4f4f4f00, 0x4e4e4e00, 0x1d1d1d00, 0x65656500,
-     0x92929200, 0xbdbdbd00, 0x86868600, 0xb8b8b800, 0xafafaf00, 0x8f8f8f00,
-     0x7c7c7c00, 0xebebeb00, 0x1f1f1f00, 0xcecece00, 0x3e3e3e00, 0x30303000,
-     0xdcdcdc00, 0x5f5f5f00, 0x5e5e5e00, 0xc5c5c500, 0x0b0b0b00, 0x1a1a1a00,
-     0xa6a6a600, 0xe1e1e100, 0x39393900, 0xcacaca00, 0xd5d5d500, 0x47474700,
-     0x5d5d5d00, 0x3d3d3d00, 0xd9d9d900, 0x01010100, 0x5a5a5a00, 0xd6d6d600,
-     0x51515100, 0x56565600, 0x6c6c6c00, 0x4d4d4d00, 0x8b8b8b00, 0x0d0d0d00,
-     0x9a9a9a00, 0x66666600, 0xfbfbfb00, 0xcccccc00, 0xb0b0b000, 0x2d2d2d00,
-     0x74747400, 0x12121200, 0x2b2b2b00, 0x20202000, 0xf0f0f000, 0xb1b1b100,
-     0x84848400, 0x99999900, 0xdfdfdf00, 0x4c4c4c00, 0xcbcbcb00, 0xc2c2c200,
-     0x34343400, 0x7e7e7e00, 0x76767600, 0x05050500, 0x6d6d6d00, 0xb7b7b700,
-     0xa9a9a900, 0x31313100, 0xd1d1d100, 0x17171700, 0x04040400, 0xd7d7d700,
-     0x14141400, 0x58585800, 0x3a3a3a00, 0x61616100, 0xdedede00, 0x1b1b1b00,
-     0x11111100, 0x1c1c1c00, 0x32323200, 0x0f0f0f00, 0x9c9c9c00, 0x16161600,
-     0x53535300, 0x18181800, 0xf2f2f200, 0x22222200, 0xfefefe00, 0x44444400,
-     0xcfcfcf00, 0xb2b2b200, 0xc3c3c300, 0xb5b5b500, 0x7a7a7a00, 0x91919100,
-     0x24242400, 0x08080800, 0xe8e8e800, 0xa8a8a800, 0x60606000, 0xfcfcfc00,
-     0x69696900, 0x50505000, 0xaaaaaa00, 0xd0d0d000, 0xa0a0a000, 0x7d7d7d00,
-     0xa1a1a100, 0x89898900, 0x62626200, 0x97979700, 0x54545400, 0x5b5b5b00,
-     0x1e1e1e00, 0x95959500, 0xe0e0e000, 0xffffff00, 0x64646400, 0xd2d2d200,
-     0x10101000, 0xc4c4c400, 0x00000000, 0x48484800, 0xa3a3a300, 0xf7f7f700,
-     0x75757500, 0xdbdbdb00, 0x8a8a8a00, 0x03030300, 0xe6e6e600, 0xdadada00,
-     0x09090900, 0x3f3f3f00, 0xdddddd00, 0x94949400, 0x87878700, 0x5c5c5c00,
-     0x83838300, 0x02020200, 0xcdcdcd00, 0x4a4a4a00, 0x90909000, 0x33333300,
-     0x73737300, 0x67676700, 0xf6f6f600, 0xf3f3f300, 0x9d9d9d00, 0x7f7f7f00,
-     0xbfbfbf00, 0xe2e2e200, 0x52525200, 0x9b9b9b00, 0xd8d8d800, 0x26262600,
-     0xc8c8c800, 0x37373700, 0xc6c6c600, 0x3b3b3b00, 0x81818100, 0x96969600,
-     0x6f6f6f00, 0x4b4b4b00, 0x13131300, 0xbebebe00, 0x63636300, 0x2e2e2e00,
-     0xe9e9e900, 0x79797900, 0xa7a7a700, 0x8c8c8c00, 0x9f9f9f00, 0x6e6e6e00,
-     0xbcbcbc00, 0x8e8e8e00, 0x29292900, 0xf5f5f500, 0xf9f9f900, 0xb6b6b600,
-     0x2f2f2f00, 0xfdfdfd00, 0xb4b4b400, 0x59595900, 0x78787800, 0x98989800,
-     0x06060600, 0x6a6a6a00, 0xe7e7e700, 0x46464600, 0x71717100, 0xbababa00,
-     0xd4d4d400, 0x25252500, 0xababab00, 0x42424200, 0x88888800, 0xa2a2a200,
-     0x8d8d8d00, 0xfafafa00, 0x72727200, 0x07070700, 0xb9b9b900, 0x55555500,
-     0xf8f8f800, 0xeeeeee00, 0xacacac00, 0x0a0a0a00, 0x36363600, 0x49494900,
-     0x2a2a2a00, 0x68686800, 0x3c3c3c00, 0x38383800, 0xf1f1f100, 0xa4a4a400,
-     0x40404000, 0x28282800, 0xd3d3d300, 0x7b7b7b00, 0xbbbbbb00, 0xc9c9c900,
-     0x43434300, 0xc1c1c100, 0x15151500, 0xe3e3e300, 0xadadad00, 0xf4f4f400,
-     0x77777700, 0xc7c7c700, 0x80808000, 0x9e9e9e00},
-    {0x70700070, 0x2c2c002c, 0xb3b300b3, 0xc0c000c0, 0xe4e400e4, 0x57570057,
-     0xeaea00ea, 0xaeae00ae, 0x23230023, 0x6b6b006b, 0x45450045, 0xa5a500a5,
-     0xeded00ed, 0x4f4f004f, 0x1d1d001d, 0x92920092, 0x86860086, 0xafaf00af,
-     0x7c7c007c, 0x1f1f001f, 0x3e3e003e, 0xdcdc00dc, 0x5e5e005e, 0x0b0b000b,
-     0xa6a600a6, 0x39390039, 0xd5d500d5, 0x5d5d005d, 0xd9d900d9, 0x5a5a005a,
-     0x51510051, 0x6c6c006c, 0x8b8b008b, 0x9a9a009a, 0xfbfb00fb, 0xb0b000b0,
-     0x74740074, 0x2b2b002b, 0xf0f000f0, 0x84840084, 0xdfdf00df, 0xcbcb00cb,
-     0x34340034, 0x76760076, 0x6d6d006d, 0xa9a900a9, 0xd1d100d1, 0x04040004,
-     0x14140014, 0x3a3a003a, 0xdede00de, 0x11110011, 0x32320032, 0x9c9c009c,
-     0x53530053, 0xf2f200f2, 0xfefe00fe, 0xcfcf00cf, 0xc3c300c3, 0x7a7a007a,
-     0x24240024, 0xe8e800e8, 0x60600060, 0x69690069, 0xaaaa00aa, 0xa0a000a0,
-     0xa1a100a1, 0x62620062, 0x54540054, 0x1e1e001e, 0xe0e000e0, 0x64640064,
-     0x10100010, 0x00000000, 0xa3a300a3, 0x75750075, 0x8a8a008a, 0xe6e600e6,
-     0x09090009, 0xdddd00dd, 0x87870087, 0x83830083, 0xcdcd00cd, 0x90900090,
-     0x73730073, 0xf6f600f6, 0x9d9d009d, 0xbfbf00bf, 0x52520052, 0xd8d800d8,
-     0xc8c800c8, 0xc6c600c6, 0x81810081, 0x6f6f006f, 0x13130013, 0x63630063,
-     0xe9e900e9, 0xa7a700a7, 0x9f9f009f, 0xbcbc00bc, 0x29290029, 0xf9f900f9,
-     0x2f2f002f, 0xb4b400b4, 0x78780078, 0x06060006, 0xe7e700e7, 0x71710071,
-     0xd4d400d4, 0xabab00ab, 0x88880088, 0x8d8d008d, 0x72720072, 0xb9b900b9,
-     0xf8f800f8, 0xacac00ac, 0x36360036, 0x2a2a002a, 0x3c3c003c, 0xf1f100f1,
-     0x40400040, 0xd3d300d3, 0xbbbb00bb, 0x43430043, 0x15150015, 0xadad00ad,
-     0x77770077, 0x80800080, 0x82820082, 0xecec00ec, 0x27270027, 0xe5e500e5,
-     0x85850085, 0x35350035, 0x0c0c000c, 0x41410041, 0xefef00ef, 0x93930093,
-     0x19190019, 0x21210021, 0x0e0e000e, 0x4e4e004e, 0x65650065, 0xbdbd00bd,
-     0xb8b800b8, 0x8f8f008f, 0xebeb00eb, 0xcece00ce, 0x30300030, 0x5f5f005f,
-     0xc5c500c5, 0x1a1a001a, 0xe1e100e1, 0xcaca00ca, 0x47470047, 0x3d3d003d,
-     0x01010001, 0xd6d600d6, 0x56560056, 0x4d4d004d, 0x0d0d000d, 0x66660066,
-     0xcccc00cc, 0x2d2d002d, 0x12120012, 0x20200020, 0xb1b100b1, 0x99990099,
-     0x4c4c004c, 0xc2c200c2, 0x7e7e007e, 0x05050005, 0xb7b700b7, 0x31310031,
-     0x17170017, 0xd7d700d7, 0x58580058, 0x61610061, 0x1b1b001b, 0x1c1c001c,
-     0x0f0f000f, 0x16160016, 0x18180018, 0x22220022, 0x44440044, 0xb2b200b2,
-     0xb5b500b5, 0x91910091, 0x08080008, 0xa8a800a8, 0xfcfc00fc, 0x50500050,
-     0xd0d000d0, 0x7d7d007d, 0x89890089, 0x97970097, 0x5b5b005b, 0x95950095,
-     0xffff00ff, 0xd2d200d2, 0xc4c400c4, 0x48480048, 0xf7f700f7, 0xdbdb00db,
-     0x03030003, 0xdada00da, 0x3f3f003f, 0x94940094, 0x5c5c005c, 0x02020002,
-     0x4a4a004a, 0x33330033, 0x67670067, 0xf3f300f3, 0x7f7f007f, 0xe2e200e2,
-     0x9b9b009b, 0x26260026, 0x37370037, 0x3b3b003b, 0x96960096, 0x4b4b004b,
-     0xbebe00be, 0x2e2e002e, 0x79790079, 0x8c8c008c, 0x6e6e006e, 0x8e8e008e,
-     0xf5f500f5, 0xb6b600b6, 0xfdfd00fd, 0x59590059, 0x98980098, 0x6a6a006a,
-     0x46460046, 0xbaba00ba, 0x25250025, 0x42420042, 0xa2a200a2, 0xfafa00fa,
-     0x07070007, 0x55550055, 0xeeee00ee, 0x0a0a000a, 0x49490049, 0x68680068,
-     0x38380038, 0xa4a400a4, 0x28280028, 0x7b7b007b, 0xc9c900c9, 0xc1c100c1,
-     0xe3e300e3, 0xf4f400f4, 0xc7c700c7, 0x9e9e009e},
-    {0x00e0e0e0, 0x00050505, 0x00585858, 0x00d9d9d9, 0x00676767, 0x004e4e4e,
-     0x00818181, 0x00cbcbcb, 0x00c9c9c9, 0x000b0b0b, 0x00aeaeae, 0x006a6a6a,
-     0x00d5d5d5, 0x00181818, 0x005d5d5d, 0x00828282, 0x00464646, 0x00dfdfdf,
-     0x00d6d6d6, 0x00272727, 0x008a8a8a, 0x00323232, 0x004b4b4b, 0x00424242,
-     0x00dbdbdb, 0x001c1c1c, 0x009e9e9e, 0x009c9c9c, 0x003a3a3a, 0x00cacaca,
-     0x00252525, 0x007b7b7b, 0x000d0d0d, 0x00717171, 0x005f5f5f, 0x001f1f1f,
-     0x00f8f8f8, 0x00d7d7d7, 0x003e3e3e, 0x009d9d9d, 0x007c7c7c, 0x00606060,
-     0x00b9b9b9, 0x00bebebe, 0x00bcbcbc, 0x008b8b8b, 0x00161616, 0x00343434,
-     0x004d4d4d, 0x00c3c3c3, 0x00727272, 0x00959595, 0x00ababab, 0x008e8e8e,
-     0x00bababa, 0x007a7a7a, 0x00b3b3b3, 0x00020202, 0x00b4b4b4, 0x00adadad,
-     0x00a2a2a2, 0x00acacac, 0x00d8d8d8, 0x009a9a9a, 0x00171717, 0x001a1a1a,
-     0x00353535, 0x00cccccc, 0x00f7f7f7, 0x00999999, 0x00616161, 0x005a5a5a,
-     0x00e8e8e8, 0x00242424, 0x00565656, 0x00404040, 0x00e1e1e1, 0x00636363,
-     0x00090909, 0x00333333, 0x00bfbfbf, 0x00989898, 0x00979797, 0x00858585,
-     0x00686868, 0x00fcfcfc, 0x00ececec, 0x000a0a0a, 0x00dadada, 0x006f6f6f,
-     0x00535353, 0x00626262, 0x00a3a3a3, 0x002e2e2e, 0x00080808, 0x00afafaf,
-     0x00282828, 0x00b0b0b0, 0x00747474, 0x00c2c2c2, 0x00bdbdbd, 0x00363636,
-     0x00222222, 0x00383838, 0x00646464, 0x001e1e1e, 0x00393939, 0x002c2c2c,
-     0x00a6a6a6, 0x00303030, 0x00e5e5e5, 0x00444444, 0x00fdfdfd, 0x00888888,
-     0x009f9f9f, 0x00656565, 0x00878787, 0x006b6b6b, 0x00f4f4f4, 0x00232323,
-     0x00484848, 0x00101010, 0x00d1d1d1, 0x00515151, 0x00c0c0c0, 0x00f9f9f9,
-     0x00d2d2d2, 0x00a0a0a0, 0x00555555, 0x00a1a1a1, 0x00414141, 0x00fafafa,
-     0x00434343, 0x00131313, 0x00c4c4c4, 0x002f2f2f, 0x00a8a8a8, 0x00b6b6b6,
-     0x003c3c3c, 0x002b2b2b, 0x00c1c1c1, 0x00ffffff, 0x00c8c8c8, 0x00a5a5a5,
-     0x00202020, 0x00898989, 0x00000000, 0x00909090, 0x00474747, 0x00efefef,
-     0x00eaeaea, 0x00b7b7b7, 0x00151515, 0x00060606, 0x00cdcdcd, 0x00b5b5b5,
-     0x00121212, 0x007e7e7e, 0x00bbbbbb, 0x00292929, 0x000f0f0f, 0x00b8b8b8,
-     0x00070707, 0x00040404, 0x009b9b9b, 0x00949494, 0x00212121, 0x00666666,
-     0x00e6e6e6, 0x00cecece, 0x00ededed, 0x00e7e7e7, 0x003b3b3b, 0x00fefefe,
-     0x007f7f7f, 0x00c5c5c5, 0x00a4a4a4, 0x00373737, 0x00b1b1b1, 0x004c4c4c,
-     0x00919191, 0x006e6e6e, 0x008d8d8d, 0x00767676, 0x00030303, 0x002d2d2d,
-     0x00dedede, 0x00969696, 0x00262626, 0x007d7d7d, 0x00c6c6c6, 0x005c5c5c,
-     0x00d3d3d3, 0x00f2f2f2, 0x004f4f4f, 0x00191919, 0x003f3f3f, 0x00dcdcdc,
-     0x00797979, 0x001d1d1d, 0x00525252, 0x00ebebeb, 0x00f3f3f3, 0x006d6d6d,
-     0x005e5e5e, 0x00fbfbfb, 0x00696969, 0x00b2b2b2, 0x00f0f0f0, 0x00313131,
-     0x000c0c0c, 0x00d4d4d4, 0x00cfcfcf, 0x008c8c8c, 0x00e2e2e2, 0x00757575,
-     0x00a9a9a9, 0x004a4a4a, 0x00575757, 0x00848484, 0x00111111, 0x00454545,
-     0x001b1b1b, 0x00f5f5f5, 0x00e4e4e4, 0x000e0e0e, 0x00737373, 0x00aaaaaa,
-     0x00f1f1f1, 0x00dddddd, 0x00595959, 0x00141414, 0x006c6c6c, 0x00929292,
-     0x00545454, 0x00d0d0d0, 0x00787878, 0x00707070, 0x00e3e3e3, 0x00494949,
-     0x00808080, 0x00505050, 0x00a7a7a7, 0x00f6f6f6, 0x00777777, 0x00939393,
-     0x00868686, 0x00838383, 0x002a2a2a, 0x00c7c7c7, 0x005b5b5b, 0x00e9e9e9,
-     0x00eeeeee, 0x008f8f8f, 0x00010101, 0x003d3d3d},
-    {0x38003838, 0x41004141, 0x16001616, 0x76007676, 0xd900d9d9, 0x93009393,
-     0x60006060, 0xf200f2f2, 0x72007272, 0xc200c2c2, 0xab00abab, 0x9a009a9a,
-     0x75007575, 0x06000606, 0x57005757, 0xa000a0a0, 0x91009191, 0xf700f7f7,
-     0xb500b5b5, 0xc900c9c9, 0xa200a2a2, 0x8c008c8c, 0xd200d2d2, 0x90009090,
-     0xf600f6f6, 0x07000707, 0xa700a7a7, 0x27002727, 0x8e008e8e, 0xb200b2b2,
-     0x49004949, 0xde00dede, 0x43004343, 0x5c005c5c, 0xd700d7d7, 0xc700c7c7,
-     0x3e003e3e, 0xf500f5f5, 0x8f008f8f, 0x67006767, 0x1f001f1f, 0x18001818,
-     0x6e006e6e, 0xaf00afaf, 0x2f002f2f, 0xe200e2e2, 0x85008585, 0x0d000d0d,
-     0x53005353, 0xf000f0f0, 0x9c009c9c, 0x65006565, 0xea00eaea, 0xa300a3a3,
-     0xae00aeae, 0x9e009e9e, 0xec00ecec, 0x80008080, 0x2d002d2d, 0x6b006b6b,
-     0xa800a8a8, 0x2b002b2b, 0x36003636, 0xa600a6a6, 0xc500c5c5, 0x86008686,
-     0x4d004d4d, 0x33003333, 0xfd00fdfd, 0x66006666, 0x58005858, 0x96009696,
-     0x3a003a3a, 0x09000909, 0x95009595, 0x10001010, 0x78007878, 0xd800d8d8,
-     0x42004242, 0xcc00cccc, 0xef00efef, 0x26002626, 0xe500e5e5, 0x61006161,
-     0x1a001a1a, 0x3f003f3f, 0x3b003b3b, 0x82008282, 0xb600b6b6, 0xdb00dbdb,
-     0xd400d4d4, 0x98009898, 0xe800e8e8, 0x8b008b8b, 0x02000202, 0xeb00ebeb,
-     0x0a000a0a, 0x2c002c2c, 0x1d001d1d, 0xb000b0b0, 0x6f006f6f, 0x8d008d8d,
-     0x88008888, 0x0e000e0e, 0x19001919, 0x87008787, 0x4e004e4e, 0x0b000b0b,
-     0xa900a9a9, 0x0c000c0c, 0x79007979, 0x11001111, 0x7f007f7f, 0x22002222,
-     0xe700e7e7, 0x59005959, 0xe100e1e1, 0xda00dada, 0x3d003d3d, 0xc800c8c8,
-     0x12001212, 0x04000404, 0x74007474, 0x54005454, 0x30003030, 0x7e007e7e,
-     0xb400b4b4, 0x28002828, 0x55005555, 0x68006868, 0x50005050, 0xbe00bebe,
-     0xd000d0d0, 0xc400c4c4, 0x31003131, 0xcb00cbcb, 0x2a002a2a, 0xad00adad,
-     0x0f000f0f, 0xca00caca, 0x70007070, 0xff00ffff, 0x32003232, 0x69006969,
-     0x08000808, 0x62006262, 0x00000000, 0x24002424, 0xd100d1d1, 0xfb00fbfb,
-     0xba00baba, 0xed00eded, 0x45004545, 0x81008181, 0x73007373, 0x6d006d6d,
-     0x84008484, 0x9f009f9f, 0xee00eeee, 0x4a004a4a, 0xc300c3c3, 0x2e002e2e,
-     0xc100c1c1, 0x01000101, 0xe600e6e6, 0x25002525, 0x48004848, 0x99009999,
-     0xb900b9b9, 0xb300b3b3, 0x7b007b7b, 0xf900f9f9, 0xce00cece, 0xbf00bfbf,
-     0xdf00dfdf, 0x71007171, 0x29002929, 0xcd00cdcd, 0x6c006c6c, 0x13001313,
-     0x64006464, 0x9b009b9b, 0x63006363, 0x9d009d9d, 0xc000c0c0, 0x4b004b4b,
-     0xb700b7b7, 0xa500a5a5, 0x89008989, 0x5f005f5f, 0xb100b1b1, 0x17001717,
-     0xf400f4f4, 0xbc00bcbc, 0xd300d3d3, 0x46004646, 0xcf00cfcf, 0x37003737,
-     0x5e005e5e, 0x47004747, 0x94009494, 0xfa00fafa, 0xfc00fcfc, 0x5b005b5b,
-     0x97009797, 0xfe00fefe, 0x5a005a5a, 0xac00acac, 0x3c003c3c, 0x4c004c4c,
-     0x03000303, 0x35003535, 0xf300f3f3, 0x23002323, 0xb800b8b8, 0x5d005d5d,
-     0x6a006a6a, 0x92009292, 0xd500d5d5, 0x21002121, 0x44004444, 0x51005151,
-     0xc600c6c6, 0x7d007d7d, 0x39003939, 0x83008383, 0xdc00dcdc, 0xaa00aaaa,
-     0x7c007c7c, 0x77007777, 0x56005656, 0x05000505, 0x1b001b1b, 0xa400a4a4,
-     0x15001515, 0x34003434, 0x1e001e1e, 0x1c001c1c, 0xf800f8f8, 0x52005252,
-     0x20002020, 0x14001414, 0xe900e9e9, 0xbd00bdbd, 0xdd00dddd, 0xe400e4e4,
-     0xa100a1a1, 0xe000e0e0, 0x8a008a8a, 0xf100f1f1, 0xd600d6d6, 0x7a007a7a,
-     0xbb00bbbb, 0xe300e3e3, 0x40004040, 0x4f004f4f}
-};
-
-/* Key generation constants */
-static const u32 SIGMA[] = {
-    0xa09e667f, 0x3bcc908b, 0xb67ae858, 0x4caa73b2, 0xc6ef372f, 0xe94f82be,
-    0x54ff53a5, 0xf1d36f1c, 0x10e527fa, 0xde682d1d, 0xb05688c2, 0xb3e6c1fd
-};
-
-/* The phi algorithm given in C.2.7 of the Camellia spec document. */
-/*
- * This version does not attempt to minimize amount of temporary
- * variables, but instead explicitly exposes algorithm's parallelism.
- * It is therefore most appropriate for platforms with not less than
- * ~16 registers. For platforms with less registers [well, x86 to be
- * specific] assembler version should be/is provided anyway...
- */
-#define Camellia_Feistel(_s0,_s1,_s2,_s3,_key) do {\
-        register u32 _t0,_t1,_t2,_t3;\
-\
-        _t0  = _s0 ^ (_key)[0];\
-        _t3  = SBOX4_4404[_t0&0xff];\
-        _t1  = _s1 ^ (_key)[1];\
-        _t3 ^= SBOX3_3033[(_t0 >> 8)&0xff];\
-        _t2  = SBOX1_1110[_t1&0xff];\
-        _t3 ^= SBOX2_0222[(_t0 >> 16)&0xff];\
-        _t2 ^= SBOX4_4404[(_t1 >> 8)&0xff];\
-        _t3 ^= SBOX1_1110[(_t0 >> 24)];\
-        _t2 ^= _t3;\
-        _t3  = RightRotate(_t3,8);\
-        _t2 ^= SBOX3_3033[(_t1 >> 16)&0xff];\
-        _s3 ^= _t3;\
-        _t2 ^= SBOX2_0222[(_t1 >> 24)];\
-        _s2 ^= _t2; \
-        _s3 ^= _t2;\
-} while(0)
-
-/*
- * Note that n has to be less than 32. Rotations for larger amount
- * of bits are achieved by "rotating" order of s-elements and
- * adjusting n accordingly, e.g. RotLeft128(s1,s2,s3,s0,n-32).
- */
-#define RotLeft128(_s0,_s1,_s2,_s3,_n) do {\
-        u32 _t0=_s0>>(32-_n);\
-        _s0 = (_s0<<_n) | (_s1>>(32-_n));\
-        _s1 = (_s1<<_n) | (_s2>>(32-_n));\
-        _s2 = (_s2<<_n) | (_s3>>(32-_n));\
-        _s3 = (_s3<<_n) | _t0;\
-} while (0)
-
-int Camellia_Ekeygen(int keyBitLength, const u8 *rawKey, KEY_TABLE_TYPE k)
-{
-    register u32 s0, s1, s2, s3;
-
-    k[0] = s0 = GETU32(rawKey);
-    k[1] = s1 = GETU32(rawKey + 4);
-    k[2] = s2 = GETU32(rawKey + 8);
-    k[3] = s3 = GETU32(rawKey + 12);
-
-    if (keyBitLength != 128) {
-        k[8] = s0 = GETU32(rawKey + 16);
-        k[9] = s1 = GETU32(rawKey + 20);
-        if (keyBitLength == 192) {
-            k[10] = s2 = ~s0;
-            k[11] = s3 = ~s1;
-        } else {
-            k[10] = s2 = GETU32(rawKey + 24);
-            k[11] = s3 = GETU32(rawKey + 28);
-        }
-        s0 ^= k[0], s1 ^= k[1], s2 ^= k[2], s3 ^= k[3];
-    }
-
-    /* Use the Feistel routine to scramble the key material */
-    Camellia_Feistel(s0, s1, s2, s3, SIGMA + 0);
-    Camellia_Feistel(s2, s3, s0, s1, SIGMA + 2);
-
-    s0 ^= k[0], s1 ^= k[1], s2 ^= k[2], s3 ^= k[3];
-    Camellia_Feistel(s0, s1, s2, s3, SIGMA + 4);
-    Camellia_Feistel(s2, s3, s0, s1, SIGMA + 6);
-
-    /* Fill the keyTable. Requires many block rotations. */
-    if (keyBitLength == 128) {
-        k[4] = s0, k[5] = s1, k[6] = s2, k[7] = s3;
-        RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 15 */
-        k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3;
-        RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 30 */
-        k[16] = s0, k[17] = s1, k[18] = s2, k[19] = s3;
-        RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 45 */
-        k[24] = s0, k[25] = s1;
-        RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 60 */
-        k[28] = s0, k[29] = s1, k[30] = s2, k[31] = s3;
-        RotLeft128(s1, s2, s3, s0, 2); /* KA <<< 94 */
-        k[40] = s1, k[41] = s2, k[42] = s3, k[43] = s0;
-        RotLeft128(s1, s2, s3, s0, 17); /* KA <<<111 */
-        k[48] = s1, k[49] = s2, k[50] = s3, k[51] = s0;
-
-        s0 = k[0], s1 = k[1], s2 = k[2], s3 = k[3];
-        RotLeft128(s0, s1, s2, s3, 15); /* KL <<< 15 */
-        k[8] = s0, k[9] = s1, k[10] = s2, k[11] = s3;
-        RotLeft128(s0, s1, s2, s3, 30); /* KL <<< 45 */
-        k[20] = s0, k[21] = s1, k[22] = s2, k[23] = s3;
-        RotLeft128(s0, s1, s2, s3, 15); /* KL <<< 60 */
-        k[26] = s2, k[27] = s3;
-        RotLeft128(s0, s1, s2, s3, 17); /* KL <<< 77 */
-        k[32] = s0, k[33] = s1, k[34] = s2, k[35] = s3;
-        RotLeft128(s0, s1, s2, s3, 17); /* KL <<< 94 */
-        k[36] = s0, k[37] = s1, k[38] = s2, k[39] = s3;
-        RotLeft128(s0, s1, s2, s3, 17); /* KL <<<111 */
-        k[44] = s0, k[45] = s1, k[46] = s2, k[47] = s3;
-
-        return 3;               /* grand rounds */
-    } else {
-        k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3;
-        s0 ^= k[8], s1 ^= k[9], s2 ^= k[10], s3 ^= k[11];
-        Camellia_Feistel(s0, s1, s2, s3, (SIGMA + 8));
-        Camellia_Feistel(s2, s3, s0, s1, (SIGMA + 10));
-
-        k[4] = s0, k[5] = s1, k[6] = s2, k[7] = s3;
-        RotLeft128(s0, s1, s2, s3, 30); /* KB <<< 30 */
-        k[20] = s0, k[21] = s1, k[22] = s2, k[23] = s3;
-        RotLeft128(s0, s1, s2, s3, 30); /* KB <<< 60 */
-        k[40] = s0, k[41] = s1, k[42] = s2, k[43] = s3;
-        RotLeft128(s1, s2, s3, s0, 19); /* KB <<<111 */
-        k[64] = s1, k[65] = s2, k[66] = s3, k[67] = s0;
-
-        s0 = k[8], s1 = k[9], s2 = k[10], s3 = k[11];
-        RotLeft128(s0, s1, s2, s3, 15); /* KR <<< 15 */
-        k[8] = s0, k[9] = s1, k[10] = s2, k[11] = s3;
-        RotLeft128(s0, s1, s2, s3, 15); /* KR <<< 30 */
-        k[16] = s0, k[17] = s1, k[18] = s2, k[19] = s3;
-        RotLeft128(s0, s1, s2, s3, 30); /* KR <<< 60 */
-        k[36] = s0, k[37] = s1, k[38] = s2, k[39] = s3;
-        RotLeft128(s1, s2, s3, s0, 2); /* KR <<< 94 */
-        k[52] = s1, k[53] = s2, k[54] = s3, k[55] = s0;
-
-        s0 = k[12], s1 = k[13], s2 = k[14], s3 = k[15];
-        RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 15 */
-        k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3;
-        RotLeft128(s0, s1, s2, s3, 30); /* KA <<< 45 */
-        k[28] = s0, k[29] = s1, k[30] = s2, k[31] = s3;
-        /* KA <<< 77 */
-        k[48] = s1, k[49] = s2, k[50] = s3, k[51] = s0;
-        RotLeft128(s1, s2, s3, s0, 17); /* KA <<< 94 */
-        k[56] = s1, k[57] = s2, k[58] = s3, k[59] = s0;
-
-        s0 = k[0], s1 = k[1], s2 = k[2], s3 = k[3];
-        RotLeft128(s1, s2, s3, s0, 13); /* KL <<< 45 */
-        k[24] = s1, k[25] = s2, k[26] = s3, k[27] = s0;
-        RotLeft128(s1, s2, s3, s0, 15); /* KL <<< 60 */
-        k[32] = s1, k[33] = s2, k[34] = s3, k[35] = s0;
-        RotLeft128(s1, s2, s3, s0, 17); /* KL <<< 77 */
-        k[44] = s1, k[45] = s2, k[46] = s3, k[47] = s0;
-        RotLeft128(s2, s3, s0, s1, 2); /* KL <<<111 */
-        k[60] = s2, k[61] = s3, k[62] = s0, k[63] = s1;
-
-        return 4;               /* grand rounds */
-    }
-    /*
-     * It is possible to perform certain precalculations, which
-     * would spare few cycles in block procedure. It's not done,
-     * because it upsets the performance balance between key
-     * setup and block procedures, negatively affecting overall
-     * throughput in applications operating on short messages
-     * and volatile keys.
-     */
-}
-
-void Camellia_EncryptBlock_Rounds(int grandRounds, const u8 plaintext[],
-                                  const KEY_TABLE_TYPE keyTable,
-                                  u8 ciphertext[])
-{
-    register u32 s0, s1, s2, s3;
-    const u32 *k = keyTable, *kend = keyTable + grandRounds * 16;
-
-    s0 = GETU32(plaintext) ^ k[0];
-    s1 = GETU32(plaintext + 4) ^ k[1];
-    s2 = GETU32(plaintext + 8) ^ k[2];
-    s3 = GETU32(plaintext + 12) ^ k[3];
-    k += 4;
-
-    while (1) {
-        /* Camellia makes 6 Feistel rounds */
-        Camellia_Feistel(s0, s1, s2, s3, k + 0);
-        Camellia_Feistel(s2, s3, s0, s1, k + 2);
-        Camellia_Feistel(s0, s1, s2, s3, k + 4);
-        Camellia_Feistel(s2, s3, s0, s1, k + 6);
-        Camellia_Feistel(s0, s1, s2, s3, k + 8);
-        Camellia_Feistel(s2, s3, s0, s1, k + 10);
-        k += 12;
-
-        if (k == kend)
-            break;
-
-        /*
-         * This is the same function as the diffusion function D of the
-         * accompanying documentation. See section 3.2 for properties of the
-         * FLlayer function.
-         */
-        s1 ^= LeftRotate(s0 & k[0], 1);
-        s2 ^= s3 | k[3];
-        s0 ^= s1 | k[1];
-        s3 ^= LeftRotate(s2 & k[2], 1);
-        k += 4;
-    }
-
-    s2 ^= k[0], s3 ^= k[1], s0 ^= k[2], s1 ^= k[3];
-
-    PUTU32(ciphertext, s2);
-    PUTU32(ciphertext + 4, s3);
-    PUTU32(ciphertext + 8, s0);
-    PUTU32(ciphertext + 12, s1);
-}
-
-void Camellia_EncryptBlock(int keyBitLength, const u8 plaintext[],
-                           const KEY_TABLE_TYPE keyTable, u8 ciphertext[])
-{
-    Camellia_EncryptBlock_Rounds(keyBitLength == 128 ? 3 : 4,
-                                 plaintext, keyTable, ciphertext);
-}
-
-void Camellia_DecryptBlock_Rounds(int grandRounds, const u8 ciphertext[],
-                                  const KEY_TABLE_TYPE keyTable,
-                                  u8 plaintext[])
-{
-    u32 s0, s1, s2, s3;
-    const u32 *k = keyTable + grandRounds * 16, *kend = keyTable + 4;
-
-    s0 = GETU32(ciphertext) ^ k[0];
-    s1 = GETU32(ciphertext + 4) ^ k[1];
-    s2 = GETU32(ciphertext + 8) ^ k[2];
-    s3 = GETU32(ciphertext + 12) ^ k[3];
-
-    while (1) {
-        /* Camellia makes 6 Feistel rounds */
-        k -= 12;
-        Camellia_Feistel(s0, s1, s2, s3, k + 10);
-        Camellia_Feistel(s2, s3, s0, s1, k + 8);
-        Camellia_Feistel(s0, s1, s2, s3, k + 6);
-        Camellia_Feistel(s2, s3, s0, s1, k + 4);
-        Camellia_Feistel(s0, s1, s2, s3, k + 2);
-        Camellia_Feistel(s2, s3, s0, s1, k + 0);
-
-        if (k == kend)
-            break;
-
-        /*
-         * This is the same function as the diffusion function D of the
-         * accompanying documentation. See section 3.2 for properties of the
-         * FLlayer function.
-         */
-        k -= 4;
-        s1 ^= LeftRotate(s0 & k[2], 1);
-        s2 ^= s3 | k[1];
-        s0 ^= s1 | k[3];
-        s3 ^= LeftRotate(s2 & k[0], 1);
-    }
-
-    k -= 4;
-    s2 ^= k[0], s3 ^= k[1], s0 ^= k[2], s1 ^= k[3];
-
-    PUTU32(plaintext, s2);
-    PUTU32(plaintext + 4, s3);
-    PUTU32(plaintext + 8, s0);
-    PUTU32(plaintext + 12, s1);
-}
-
-void Camellia_DecryptBlock(int keyBitLength, const u8 plaintext[],
-                           const KEY_TABLE_TYPE keyTable, u8 ciphertext[])
-{
-    Camellia_DecryptBlock_Rounds(keyBitLength == 128 ? 3 : 4,
-                                 plaintext, keyTable, ciphertext);
-}
diff --git a/thirdparty/openssl/crypto/camellia/cmll_cbc.c b/thirdparty/openssl/crypto/camellia/cmll_cbc.c
deleted file mode 100644
index 4017e00d92..0000000000
--- a/thirdparty/openssl/crypto/camellia/cmll_cbc.c
+++ /dev/null
@@ -1,66 +0,0 @@
-/* crypto/camellia/camellia_cbc.c */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/camellia.h>
-#include <openssl/modes.h>
-
-void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
-                          size_t len, const CAMELLIA_KEY *key,
-                          unsigned char *ivec, const int enc)
-{
-
-    if (enc)
-        CRYPTO_cbc128_encrypt(in, out, len, key, ivec,
-                              (block128_f) Camellia_encrypt);
-    else
-        CRYPTO_cbc128_decrypt(in, out, len, key, ivec,
-                              (block128_f) Camellia_decrypt);
-}
diff --git a/thirdparty/openssl/crypto/camellia/cmll_cfb.c b/thirdparty/openssl/crypto/camellia/cmll_cfb.c
deleted file mode 100644
index 78f2ae4566..0000000000
--- a/thirdparty/openssl/crypto/camellia/cmll_cfb.c
+++ /dev/null
@@ -1,141 +0,0 @@
-/* crypto/camellia/camellia_cfb.c */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/camellia.h>
-#include <openssl/modes.h>
-
-/*
- * The input and output encrypted as though 128bit cfb mode is being used.
- * The extra state information to record how much of the 128bit block we have
- * used is contained in *num;
- */
-
-void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
-                             size_t length, const CAMELLIA_KEY *key,
-                             unsigned char *ivec, int *num, const int enc)
-{
-
-    CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc,
-                          (block128_f) Camellia_encrypt);
-}
-
-/* N.B. This expects the input to be packed, MS bit first */
-void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
-                           size_t length, const CAMELLIA_KEY *key,
-                           unsigned char *ivec, int *num, const int enc)
-{
-    CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc,
-                            (block128_f) Camellia_encrypt);
-}
-
-void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
-                           size_t length, const CAMELLIA_KEY *key,
-                           unsigned char *ivec, int *num, const int enc)
-{
-    CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc,
-                            (block128_f) Camellia_encrypt);
-}
diff --git a/thirdparty/openssl/crypto/camellia/cmll_ctr.c b/thirdparty/openssl/crypto/camellia/cmll_ctr.c
deleted file mode 100644
index 95e26621b7..0000000000
--- a/thirdparty/openssl/crypto/camellia/cmll_ctr.c
+++ /dev/null
@@ -1,64 +0,0 @@
-/* crypto/camellia/camellia_ctr.c */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/camellia.h>
-#include <openssl/modes.h>
-
-void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
-                             size_t length, const CAMELLIA_KEY *key,
-                             unsigned char ivec[CAMELLIA_BLOCK_SIZE],
-                             unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
-                             unsigned int *num)
-{
-
-    CRYPTO_ctr128_encrypt(in, out, length, key, ivec, ecount_buf, num,
-                          (block128_f) Camellia_encrypt);
-}
diff --git a/thirdparty/openssl/crypto/camellia/cmll_ecb.c b/thirdparty/openssl/crypto/camellia/cmll_ecb.c
deleted file mode 100644
index b030791b27..0000000000
--- a/thirdparty/openssl/crypto/camellia/cmll_ecb.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/* crypto/camellia/camellia_ecb.c */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef CAMELLIA_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-#include <openssl/camellia.h>
-#include "cmll_locl.h"
-
-void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
-                          const CAMELLIA_KEY *key, const int enc)
-{
-
-    assert(in && out && key);
-    assert((CAMELLIA_ENCRYPT == enc) || (CAMELLIA_DECRYPT == enc));
-
-    if (CAMELLIA_ENCRYPT == enc)
-        Camellia_encrypt(in, out, key);
-    else
-        Camellia_decrypt(in, out, key);
-}
diff --git a/thirdparty/openssl/crypto/camellia/cmll_locl.h b/thirdparty/openssl/crypto/camellia/cmll_locl.h
deleted file mode 100644
index 2bd79b8c4e..0000000000
--- a/thirdparty/openssl/crypto/camellia/cmll_locl.h
+++ /dev/null
@@ -1,88 +0,0 @@
-/* crypto/camellia/camellia_locl.h */
-/* ====================================================================
- * Copyright 2006 NTT (Nippon Telegraph and Telephone Corporation) .
- * ALL RIGHTS RESERVED.
- *
- * Intellectual Property information for Camellia:
- *     http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html
- *
- * News Release for Announcement of Camellia open source:
- *     http://www.ntt.co.jp/news/news06e/0604/060413a.html
- *
- * The Camellia Code included herein is developed by
- * NTT (Nippon Telegraph and Telephone Corporation), and is contributed
- * to the OpenSSL project.
- *
- * The Camellia Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#ifndef HEADER_CAMELLIA_LOCL_H
-# define HEADER_CAMELLIA_LOCL_H
-
-typedef unsigned int u32;
-typedef unsigned char u8;
-
-int Camellia_Ekeygen(int keyBitLength, const u8 *rawKey,
-                     KEY_TABLE_TYPE keyTable);
-void Camellia_EncryptBlock_Rounds(int grandRounds, const u8 plaintext[],
-                                  const KEY_TABLE_TYPE keyTable,
-                                  u8 ciphertext[]);
-void Camellia_DecryptBlock_Rounds(int grandRounds, const u8 ciphertext[],
-                                  const KEY_TABLE_TYPE keyTable,
-                                  u8 plaintext[]);
-void Camellia_EncryptBlock(int keyBitLength, const u8 plaintext[],
-                           const KEY_TABLE_TYPE keyTable, u8 ciphertext[]);
-void Camellia_DecryptBlock(int keyBitLength, const u8 ciphertext[],
-                           const KEY_TABLE_TYPE keyTable, u8 plaintext[]);
-int private_Camellia_set_key(const unsigned char *userKey, const int bits,
-                             CAMELLIA_KEY *key);
-#endif                          /* #ifndef HEADER_CAMELLIA_LOCL_H */
diff --git a/thirdparty/openssl/crypto/camellia/cmll_misc.c b/thirdparty/openssl/crypto/camellia/cmll_misc.c
deleted file mode 100644
index 694d2fac8f..0000000000
--- a/thirdparty/openssl/crypto/camellia/cmll_misc.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/* crypto/camellia/camellia_misc.c */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/opensslv.h>
-#include <openssl/crypto.h>
-#include <openssl/camellia.h>
-#include "cmll_locl.h"
-
-const char CAMELLIA_version[] = "CAMELLIA" OPENSSL_VERSION_PTEXT;
-
-int private_Camellia_set_key(const unsigned char *userKey, const int bits,
-                             CAMELLIA_KEY *key)
-{
-    if (!userKey || !key)
-        return -1;
-    if (bits != 128 && bits != 192 && bits != 256)
-        return -2;
-    key->grand_rounds = Camellia_Ekeygen(bits, userKey, key->u.rd_key);
-    return 0;
-}
-
-void Camellia_encrypt(const unsigned char *in, unsigned char *out,
-                      const CAMELLIA_KEY *key)
-{
-    Camellia_EncryptBlock_Rounds(key->grand_rounds, in, key->u.rd_key, out);
-}
-
-void Camellia_decrypt(const unsigned char *in, unsigned char *out,
-                      const CAMELLIA_KEY *key)
-{
-    Camellia_DecryptBlock_Rounds(key->grand_rounds, in, key->u.rd_key, out);
-}
diff --git a/thirdparty/openssl/crypto/camellia/cmll_ofb.c b/thirdparty/openssl/crypto/camellia/cmll_ofb.c
deleted file mode 100644
index 85eb892156..0000000000
--- a/thirdparty/openssl/crypto/camellia/cmll_ofb.c
+++ /dev/null
@@ -1,122 +0,0 @@
-/* crypto/camellia/camellia_ofb.c */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/camellia.h>
-#include <openssl/modes.h>
-
-/*
- * The input and output encrypted as though 128bit ofb mode is being used.
- * The extra state information to record how much of the 128bit block we have
- * used is contained in *num;
- */
-void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
-                             size_t length, const CAMELLIA_KEY *key,
-                             unsigned char *ivec, int *num)
-{
-    CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num,
-                          (block128_f) Camellia_encrypt);
-}
diff --git a/thirdparty/openssl/crypto/camellia/cmll_utl.c b/thirdparty/openssl/crypto/camellia/cmll_utl.c
deleted file mode 100644
index d5eb6b4d68..0000000000
--- a/thirdparty/openssl/crypto/camellia/cmll_utl.c
+++ /dev/null
@@ -1,64 +0,0 @@
-/* crypto/camellia/cmll_utl.c */
-/* ====================================================================
- * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/opensslv.h>
-#include <openssl/crypto.h>
-#include <openssl/camellia.h>
-#include "cmll_locl.h"
-
-int Camellia_set_key(const unsigned char *userKey, const int bits,
-                     CAMELLIA_KEY *key)
-{
-#ifdef OPENSSL_FIPS
-    fips_cipher_abort(Camellia);
-#endif
-    return private_Camellia_set_key(userKey, bits, key);
-}
diff --git a/thirdparty/openssl/crypto/cast/asm/readme b/thirdparty/openssl/crypto/cast/asm/readme
deleted file mode 100644
index fbcd76289e..0000000000
--- a/thirdparty/openssl/crypto/cast/asm/readme
+++ /dev/null
@@ -1,7 +0,0 @@
-There is a ppro flag in cast-586 which turns on/off
-generation of pentium pro/II friendly code
-
-This flag makes the inner loop one cycle longer, but generates 
-code that runs %30 faster on the pentium pro/II, while only %7 slower
-on the pentium.  By default, this flag is on.
-
diff --git a/thirdparty/openssl/crypto/cast/c_cfb64.c b/thirdparty/openssl/crypto/cast/c_cfb64.c
deleted file mode 100644
index f2f16e5d77..0000000000
--- a/thirdparty/openssl/crypto/cast/c_cfb64.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/* crypto/cast/c_cfb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/cast.h>
-#include "cast_lcl.h"
-
-/*
- * The input and output encrypted as though 64bit cfb mode is being used.
- * The extra state information to record how much of the 64bit block we have
- * used is contained in *num;
- */
-
-void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-                        long length, const CAST_KEY *schedule,
-                        unsigned char *ivec, int *num, int enc)
-{
-    register CAST_LONG v0, v1, t;
-    register int n = *num;
-    register long l = length;
-    CAST_LONG ti[2];
-    unsigned char *iv, c, cc;
-
-    iv = ivec;
-    if (enc) {
-        while (l--) {
-            if (n == 0) {
-                n2l(iv, v0);
-                ti[0] = v0;
-                n2l(iv, v1);
-                ti[1] = v1;
-                CAST_encrypt((CAST_LONG *)ti, schedule);
-                iv = ivec;
-                t = ti[0];
-                l2n(t, iv);
-                t = ti[1];
-                l2n(t, iv);
-                iv = ivec;
-            }
-            c = *(in++) ^ iv[n];
-            *(out++) = c;
-            iv[n] = c;
-            n = (n + 1) & 0x07;
-        }
-    } else {
-        while (l--) {
-            if (n == 0) {
-                n2l(iv, v0);
-                ti[0] = v0;
-                n2l(iv, v1);
-                ti[1] = v1;
-                CAST_encrypt((CAST_LONG *)ti, schedule);
-                iv = ivec;
-                t = ti[0];
-                l2n(t, iv);
-                t = ti[1];
-                l2n(t, iv);
-                iv = ivec;
-            }
-            cc = *(in++);
-            c = iv[n];
-            iv[n] = cc;
-            *(out++) = c ^ cc;
-            n = (n + 1) & 0x07;
-        }
-    }
-    v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
-    *num = n;
-}
diff --git a/thirdparty/openssl/crypto/cast/c_ecb.c b/thirdparty/openssl/crypto/cast/c_ecb.c
deleted file mode 100644
index 4793f28edf..0000000000
--- a/thirdparty/openssl/crypto/cast/c_ecb.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* crypto/cast/c_ecb.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/cast.h>
-#include "cast_lcl.h"
-#include <openssl/opensslv.h>
-
-const char CAST_version[] = "CAST" OPENSSL_VERSION_PTEXT;
-
-void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
-                      const CAST_KEY *ks, int enc)
-{
-    CAST_LONG l, d[2];
-
-    n2l(in, l);
-    d[0] = l;
-    n2l(in, l);
-    d[1] = l;
-    if (enc)
-        CAST_encrypt(d, ks);
-    else
-        CAST_decrypt(d, ks);
-    l = d[0];
-    l2n(l, out);
-    l = d[1];
-    l2n(l, out);
-    l = d[0] = d[1] = 0;
-}
diff --git a/thirdparty/openssl/crypto/cast/c_enc.c b/thirdparty/openssl/crypto/cast/c_enc.c
deleted file mode 100644
index 6e1d50f10d..0000000000
--- a/thirdparty/openssl/crypto/cast/c_enc.c
+++ /dev/null
@@ -1,200 +0,0 @@
-/* crypto/cast/c_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/cast.h>
-#include "cast_lcl.h"
-
-void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key)
-{
-    register CAST_LONG l, r, t;
-    const register CAST_LONG *k;
-
-    k = &(key->data[0]);
-    l = data[0];
-    r = data[1];
-
-    E_CAST(0, k, l, r, +, ^, -);
-    E_CAST(1, k, r, l, ^, -, +);
-    E_CAST(2, k, l, r, -, +, ^);
-    E_CAST(3, k, r, l, +, ^, -);
-    E_CAST(4, k, l, r, ^, -, +);
-    E_CAST(5, k, r, l, -, +, ^);
-    E_CAST(6, k, l, r, +, ^, -);
-    E_CAST(7, k, r, l, ^, -, +);
-    E_CAST(8, k, l, r, -, +, ^);
-    E_CAST(9, k, r, l, +, ^, -);
-    E_CAST(10, k, l, r, ^, -, +);
-    E_CAST(11, k, r, l, -, +, ^);
-    if (!key->short_key) {
-        E_CAST(12, k, l, r, +, ^, -);
-        E_CAST(13, k, r, l, ^, -, +);
-        E_CAST(14, k, l, r, -, +, ^);
-        E_CAST(15, k, r, l, +, ^, -);
-    }
-
-    data[1] = l & 0xffffffffL;
-    data[0] = r & 0xffffffffL;
-}
-
-void CAST_decrypt(CAST_LONG *data, const CAST_KEY *key)
-{
-    register CAST_LONG l, r, t;
-    const register CAST_LONG *k;
-
-    k = &(key->data[0]);
-    l = data[0];
-    r = data[1];
-
-    if (!key->short_key) {
-        E_CAST(15, k, l, r, +, ^, -);
-        E_CAST(14, k, r, l, -, +, ^);
-        E_CAST(13, k, l, r, ^, -, +);
-        E_CAST(12, k, r, l, +, ^, -);
-    }
-    E_CAST(11, k, l, r, -, +, ^);
-    E_CAST(10, k, r, l, ^, -, +);
-    E_CAST(9, k, l, r, +, ^, -);
-    E_CAST(8, k, r, l, -, +, ^);
-    E_CAST(7, k, l, r, ^, -, +);
-    E_CAST(6, k, r, l, +, ^, -);
-    E_CAST(5, k, l, r, -, +, ^);
-    E_CAST(4, k, r, l, ^, -, +);
-    E_CAST(3, k, l, r, +, ^, -);
-    E_CAST(2, k, r, l, -, +, ^);
-    E_CAST(1, k, l, r, ^, -, +);
-    E_CAST(0, k, r, l, +, ^, -);
-
-    data[1] = l & 0xffffffffL;
-    data[0] = r & 0xffffffffL;
-}
-
-void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out,
-                      long length, const CAST_KEY *ks, unsigned char *iv,
-                      int enc)
-{
-    register CAST_LONG tin0, tin1;
-    register CAST_LONG tout0, tout1, xor0, xor1;
-    register long l = length;
-    CAST_LONG tin[2];
-
-    if (enc) {
-        n2l(iv, tout0);
-        n2l(iv, tout1);
-        iv -= 8;
-        for (l -= 8; l >= 0; l -= 8) {
-            n2l(in, tin0);
-            n2l(in, tin1);
-            tin0 ^= tout0;
-            tin1 ^= tout1;
-            tin[0] = tin0;
-            tin[1] = tin1;
-            CAST_encrypt(tin, ks);
-            tout0 = tin[0];
-            tout1 = tin[1];
-            l2n(tout0, out);
-            l2n(tout1, out);
-        }
-        if (l != -8) {
-            n2ln(in, tin0, tin1, l + 8);
-            tin0 ^= tout0;
-            tin1 ^= tout1;
-            tin[0] = tin0;
-            tin[1] = tin1;
-            CAST_encrypt(tin, ks);
-            tout0 = tin[0];
-            tout1 = tin[1];
-            l2n(tout0, out);
-            l2n(tout1, out);
-        }
-        l2n(tout0, iv);
-        l2n(tout1, iv);
-    } else {
-        n2l(iv, xor0);
-        n2l(iv, xor1);
-        iv -= 8;
-        for (l -= 8; l >= 0; l -= 8) {
-            n2l(in, tin0);
-            n2l(in, tin1);
-            tin[0] = tin0;
-            tin[1] = tin1;
-            CAST_decrypt(tin, ks);
-            tout0 = tin[0] ^ xor0;
-            tout1 = tin[1] ^ xor1;
-            l2n(tout0, out);
-            l2n(tout1, out);
-            xor0 = tin0;
-            xor1 = tin1;
-        }
-        if (l != -8) {
-            n2l(in, tin0);
-            n2l(in, tin1);
-            tin[0] = tin0;
-            tin[1] = tin1;
-            CAST_decrypt(tin, ks);
-            tout0 = tin[0] ^ xor0;
-            tout1 = tin[1] ^ xor1;
-            l2nn(tout0, tout1, out, l + 8);
-            xor0 = tin0;
-            xor1 = tin1;
-        }
-        l2n(xor0, iv);
-        l2n(xor1, iv);
-    }
-    tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
-    tin[0] = tin[1] = 0;
-}
diff --git a/thirdparty/openssl/crypto/cast/c_ofb64.c b/thirdparty/openssl/crypto/cast/c_ofb64.c
deleted file mode 100644
index 4e0a7c2e6e..0000000000
--- a/thirdparty/openssl/crypto/cast/c_ofb64.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* crypto/cast/c_ofb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/cast.h>
-#include "cast_lcl.h"
-
-/*
- * The input and output encrypted as though 64bit ofb mode is being used.
- * The extra state information to record how much of the 64bit block we have
- * used is contained in *num;
- */
-void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-                        long length, const CAST_KEY *schedule,
-                        unsigned char *ivec, int *num)
-{
-    register CAST_LONG v0, v1, t;
-    register int n = *num;
-    register long l = length;
-    unsigned char d[8];
-    register char *dp;
-    CAST_LONG ti[2];
-    unsigned char *iv;
-    int save = 0;
-
-    iv = ivec;
-    n2l(iv, v0);
-    n2l(iv, v1);
-    ti[0] = v0;
-    ti[1] = v1;
-    dp = (char *)d;
-    l2n(v0, dp);
-    l2n(v1, dp);
-    while (l--) {
-        if (n == 0) {
-            CAST_encrypt((CAST_LONG *)ti, schedule);
-            dp = (char *)d;
-            t = ti[0];
-            l2n(t, dp);
-            t = ti[1];
-            l2n(t, dp);
-            save++;
-        }
-        *(out++) = *(in++) ^ d[n];
-        n = (n + 1) & 0x07;
-    }
-    if (save) {
-        v0 = ti[0];
-        v1 = ti[1];
-        iv = ivec;
-        l2n(v0, iv);
-        l2n(v1, iv);
-    }
-    t = v0 = v1 = ti[0] = ti[1] = 0;
-    *num = n;
-}
diff --git a/thirdparty/openssl/crypto/cast/c_skey.c b/thirdparty/openssl/crypto/cast/c_skey.c
deleted file mode 100644
index bbb6d56099..0000000000
--- a/thirdparty/openssl/crypto/cast/c_skey.c
+++ /dev/null
@@ -1,175 +0,0 @@
-/* crypto/cast/c_skey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/crypto.h>
-#include <openssl/cast.h>
-#include "cast_lcl.h"
-#include "cast_s.h"
-
-#define CAST_exp(l,A,a,n) \
-        A[n/4]=l; \
-        a[n+3]=(l    )&0xff; \
-        a[n+2]=(l>> 8)&0xff; \
-        a[n+1]=(l>>16)&0xff; \
-        a[n+0]=(l>>24)&0xff;
-
-#define S4 CAST_S_table4
-#define S5 CAST_S_table5
-#define S6 CAST_S_table6
-#define S7 CAST_S_table7
-void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data)
-#ifdef OPENSSL_FIPS
-{
-    fips_cipher_abort(CAST);
-    private_CAST_set_key(key, len, data);
-}
-
-void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data)
-#endif
-{
-    CAST_LONG x[16];
-    CAST_LONG z[16];
-    CAST_LONG k[32];
-    CAST_LONG X[4], Z[4];
-    CAST_LONG l, *K;
-    int i;
-
-    for (i = 0; i < 16; i++)
-        x[i] = 0;
-    if (len > 16)
-        len = 16;
-    for (i = 0; i < len; i++)
-        x[i] = data[i];
-    if (len <= 10)
-        key->short_key = 1;
-    else
-        key->short_key = 0;
-
-    K = &k[0];
-    X[0] = ((x[0] << 24) | (x[1] << 16) | (x[2] << 8) | x[3]) & 0xffffffffL;
-    X[1] = ((x[4] << 24) | (x[5] << 16) | (x[6] << 8) | x[7]) & 0xffffffffL;
-    X[2] = ((x[8] << 24) | (x[9] << 16) | (x[10] << 8) | x[11]) & 0xffffffffL;
-    X[3] =
-        ((x[12] << 24) | (x[13] << 16) | (x[14] << 8) | x[15]) & 0xffffffffL;
-
-    for (;;) {
-        l = X[0] ^ S4[x[13]] ^ S5[x[15]] ^ S6[x[12]] ^ S7[x[14]] ^ S6[x[8]];
-        CAST_exp(l, Z, z, 0);
-        l = X[2] ^ S4[z[0]] ^ S5[z[2]] ^ S6[z[1]] ^ S7[z[3]] ^ S7[x[10]];
-        CAST_exp(l, Z, z, 4);
-        l = X[3] ^ S4[z[7]] ^ S5[z[6]] ^ S6[z[5]] ^ S7[z[4]] ^ S4[x[9]];
-        CAST_exp(l, Z, z, 8);
-        l = X[1] ^ S4[z[10]] ^ S5[z[9]] ^ S6[z[11]] ^ S7[z[8]] ^ S5[x[11]];
-        CAST_exp(l, Z, z, 12);
-
-        K[0] = S4[z[8]] ^ S5[z[9]] ^ S6[z[7]] ^ S7[z[6]] ^ S4[z[2]];
-        K[1] = S4[z[10]] ^ S5[z[11]] ^ S6[z[5]] ^ S7[z[4]] ^ S5[z[6]];
-        K[2] = S4[z[12]] ^ S5[z[13]] ^ S6[z[3]] ^ S7[z[2]] ^ S6[z[9]];
-        K[3] = S4[z[14]] ^ S5[z[15]] ^ S6[z[1]] ^ S7[z[0]] ^ S7[z[12]];
-
-        l = Z[2] ^ S4[z[5]] ^ S5[z[7]] ^ S6[z[4]] ^ S7[z[6]] ^ S6[z[0]];
-        CAST_exp(l, X, x, 0);
-        l = Z[0] ^ S4[x[0]] ^ S5[x[2]] ^ S6[x[1]] ^ S7[x[3]] ^ S7[z[2]];
-        CAST_exp(l, X, x, 4);
-        l = Z[1] ^ S4[x[7]] ^ S5[x[6]] ^ S6[x[5]] ^ S7[x[4]] ^ S4[z[1]];
-        CAST_exp(l, X, x, 8);
-        l = Z[3] ^ S4[x[10]] ^ S5[x[9]] ^ S6[x[11]] ^ S7[x[8]] ^ S5[z[3]];
-        CAST_exp(l, X, x, 12);
-
-        K[4] = S4[x[3]] ^ S5[x[2]] ^ S6[x[12]] ^ S7[x[13]] ^ S4[x[8]];
-        K[5] = S4[x[1]] ^ S5[x[0]] ^ S6[x[14]] ^ S7[x[15]] ^ S5[x[13]];
-        K[6] = S4[x[7]] ^ S5[x[6]] ^ S6[x[8]] ^ S7[x[9]] ^ S6[x[3]];
-        K[7] = S4[x[5]] ^ S5[x[4]] ^ S6[x[10]] ^ S7[x[11]] ^ S7[x[7]];
-
-        l = X[0] ^ S4[x[13]] ^ S5[x[15]] ^ S6[x[12]] ^ S7[x[14]] ^ S6[x[8]];
-        CAST_exp(l, Z, z, 0);
-        l = X[2] ^ S4[z[0]] ^ S5[z[2]] ^ S6[z[1]] ^ S7[z[3]] ^ S7[x[10]];
-        CAST_exp(l, Z, z, 4);
-        l = X[3] ^ S4[z[7]] ^ S5[z[6]] ^ S6[z[5]] ^ S7[z[4]] ^ S4[x[9]];
-        CAST_exp(l, Z, z, 8);
-        l = X[1] ^ S4[z[10]] ^ S5[z[9]] ^ S6[z[11]] ^ S7[z[8]] ^ S5[x[11]];
-        CAST_exp(l, Z, z, 12);
-
-        K[8] = S4[z[3]] ^ S5[z[2]] ^ S6[z[12]] ^ S7[z[13]] ^ S4[z[9]];
-        K[9] = S4[z[1]] ^ S5[z[0]] ^ S6[z[14]] ^ S7[z[15]] ^ S5[z[12]];
-        K[10] = S4[z[7]] ^ S5[z[6]] ^ S6[z[8]] ^ S7[z[9]] ^ S6[z[2]];
-        K[11] = S4[z[5]] ^ S5[z[4]] ^ S6[z[10]] ^ S7[z[11]] ^ S7[z[6]];
-
-        l = Z[2] ^ S4[z[5]] ^ S5[z[7]] ^ S6[z[4]] ^ S7[z[6]] ^ S6[z[0]];
-        CAST_exp(l, X, x, 0);
-        l = Z[0] ^ S4[x[0]] ^ S5[x[2]] ^ S6[x[1]] ^ S7[x[3]] ^ S7[z[2]];
-        CAST_exp(l, X, x, 4);
-        l = Z[1] ^ S4[x[7]] ^ S5[x[6]] ^ S6[x[5]] ^ S7[x[4]] ^ S4[z[1]];
-        CAST_exp(l, X, x, 8);
-        l = Z[3] ^ S4[x[10]] ^ S5[x[9]] ^ S6[x[11]] ^ S7[x[8]] ^ S5[z[3]];
-        CAST_exp(l, X, x, 12);
-
-        K[12] = S4[x[8]] ^ S5[x[9]] ^ S6[x[7]] ^ S7[x[6]] ^ S4[x[3]];
-        K[13] = S4[x[10]] ^ S5[x[11]] ^ S6[x[5]] ^ S7[x[4]] ^ S5[x[7]];
-        K[14] = S4[x[12]] ^ S5[x[13]] ^ S6[x[3]] ^ S7[x[2]] ^ S6[x[8]];
-        K[15] = S4[x[14]] ^ S5[x[15]] ^ S6[x[1]] ^ S7[x[0]] ^ S7[x[13]];
-        if (K != k)
-            break;
-        K += 16;
-    }
-
-    for (i = 0; i < 16; i++) {
-        key->data[i * 2] = k[i];
-        key->data[i * 2 + 1] = ((k[i + 16]) + 16) & 0x1f;
-    }
-}
diff --git a/thirdparty/openssl/crypto/cast/cast_lcl.h b/thirdparty/openssl/crypto/cast/cast_lcl.h
deleted file mode 100644
index b0f08294e3..0000000000
--- a/thirdparty/openssl/crypto/cast/cast_lcl.h
+++ /dev/null
@@ -1,227 +0,0 @@
-/* crypto/cast/cast_lcl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "e_os.h"
-
-#ifdef OPENSSL_SYS_WIN32
-# include <stdlib.h>
-#endif
-
-#undef c2l
-#define c2l(c,l)        (l =((unsigned long)(*((c)++)))    , \
-                         l|=((unsigned long)(*((c)++)))<< 8L, \
-                         l|=((unsigned long)(*((c)++)))<<16L, \
-                         l|=((unsigned long)(*((c)++)))<<24L)
-
-/* NOTE - c is not incremented as per c2l */
-#undef c2ln
-#define c2ln(c,l1,l2,n) { \
-                        c+=n; \
-                        l1=l2=0; \
-                        switch (n) { \
-                        case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
-                        case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
-                        case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
-                        case 5: l2|=((unsigned long)(*(--(c))));     \
-                        case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
-                        case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
-                        case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
-                        case 1: l1|=((unsigned long)(*(--(c))));     \
-                                } \
-                        }
-
-#undef l2c
-#define l2c(l,c)        (*((c)++)=(unsigned char)(((l)     )&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#undef l2cn
-#define l2cn(l1,l2,c,n) { \
-                        c+=n; \
-                        switch (n) { \
-                        case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
-                        case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
-                        case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
-                        case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
-                        case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
-                        case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
-                        case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
-                        case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
-                                } \
-                        }
-
-/* NOTE - c is not incremented as per n2l */
-#define n2ln(c,l1,l2,n) { \
-                        c+=n; \
-                        l1=l2=0; \
-                        switch (n) { \
-                        case 8: l2 =((unsigned long)(*(--(c))))    ; \
-                        case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
-                        case 6: l2|=((unsigned long)(*(--(c))))<<16; \
-                        case 5: l2|=((unsigned long)(*(--(c))))<<24; \
-                        case 4: l1 =((unsigned long)(*(--(c))))    ; \
-                        case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
-                        case 2: l1|=((unsigned long)(*(--(c))))<<16; \
-                        case 1: l1|=((unsigned long)(*(--(c))))<<24; \
-                                } \
-                        }
-
-/* NOTE - c is not incremented as per l2n */
-#define l2nn(l1,l2,c,n) { \
-                        c+=n; \
-                        switch (n) { \
-                        case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
-                        case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
-                        case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
-                        case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
-                        case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
-                        case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
-                        case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
-                        case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
-                                } \
-                        }
-
-#undef n2l
-#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
-                         l|=((unsigned long)(*((c)++)))<<16L, \
-                         l|=((unsigned long)(*((c)++)))<< 8L, \
-                         l|=((unsigned long)(*((c)++))))
-
-#undef l2n
-#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)     )&0xff))
-
-#if defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER)
-# define ROTL(a,n)     (_lrotl(a,n))
-#elif defined(PEDANTIC)
-# define ROTL(a,n)     ((((a)<<(n))&0xffffffffL)|((a)>>((32-(n))&31)))
-#else
-# define ROTL(a,n)     ((((a)<<(n))&0xffffffffL)|((a)>>(32-(n))))
-#endif
-
-#define C_M    0x3fc
-#define C_0    22L
-#define C_1    14L
-#define C_2     6L
-#define C_3     2L              /* left shift */
-
-/* The rotate has an extra 16 added to it to help the x86 asm */
-#if defined(CAST_PTR)
-# define E_CAST(n,key,L,R,OP1,OP2,OP3) \
-        { \
-        int i; \
-        t=(key[n*2] OP1 R)&0xffffffffL; \
-        i=key[n*2+1]; \
-        t=ROTL(t,i); \
-        L^= (((((*(CAST_LONG *)((unsigned char *) \
-                        CAST_S_table0+((t>>C_2)&C_M)) OP2 \
-                *(CAST_LONG *)((unsigned char *) \
-                        CAST_S_table1+((t<<C_3)&C_M)))&0xffffffffL) OP3 \
-                *(CAST_LONG *)((unsigned char *) \
-                        CAST_S_table2+((t>>C_0)&C_M)))&0xffffffffL) OP1 \
-                *(CAST_LONG *)((unsigned char *) \
-                        CAST_S_table3+((t>>C_1)&C_M)))&0xffffffffL; \
-        }
-#elif defined(CAST_PTR2)
-# define E_CAST(n,key,L,R,OP1,OP2,OP3) \
-        { \
-        int i; \
-        CAST_LONG u,v,w; \
-        w=(key[n*2] OP1 R)&0xffffffffL; \
-        i=key[n*2+1]; \
-        w=ROTL(w,i); \
-        u=w>>C_2; \
-        v=w<<C_3; \
-        u&=C_M; \
-        v&=C_M; \
-        t= *(CAST_LONG *)((unsigned char *)CAST_S_table0+u); \
-        u=w>>C_0; \
-        t=(t OP2 *(CAST_LONG *)((unsigned char *)CAST_S_table1+v))&0xffffffffL;\
-        v=w>>C_1; \
-        u&=C_M; \
-        v&=C_M; \
-        t=(t OP3 *(CAST_LONG *)((unsigned char *)CAST_S_table2+u)&0xffffffffL);\
-        t=(t OP1 *(CAST_LONG *)((unsigned char *)CAST_S_table3+v)&0xffffffffL);\
-        L^=(t&0xffffffff); \
-        }
-#else
-# define E_CAST(n,key,L,R,OP1,OP2,OP3) \
-        { \
-        CAST_LONG a,b,c,d; \
-        t=(key[n*2] OP1 R)&0xffffffff; \
-        t=ROTL(t,(key[n*2+1])); \
-        a=CAST_S_table0[(t>> 8)&0xff]; \
-        b=CAST_S_table1[(t    )&0xff]; \
-        c=CAST_S_table2[(t>>24)&0xff]; \
-        d=CAST_S_table3[(t>>16)&0xff]; \
-        L^=(((((a OP2 b)&0xffffffffL) OP3 c)&0xffffffffL) OP1 d)&0xffffffffL; \
-        }
-#endif
-
-extern const CAST_LONG CAST_S_table0[256];
-extern const CAST_LONG CAST_S_table1[256];
-extern const CAST_LONG CAST_S_table2[256];
-extern const CAST_LONG CAST_S_table3[256];
-extern const CAST_LONG CAST_S_table4[256];
-extern const CAST_LONG CAST_S_table5[256];
-extern const CAST_LONG CAST_S_table6[256];
-extern const CAST_LONG CAST_S_table7[256];
diff --git a/thirdparty/openssl/crypto/cast/cast_s.h b/thirdparty/openssl/crypto/cast/cast_s.h
deleted file mode 100644
index 380dc81aef..0000000000
--- a/thirdparty/openssl/crypto/cast/cast_s.h
+++ /dev/null
@@ -1,592 +0,0 @@
-/* crypto/cast/cast_s.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table0[256] = {
-    0x30fb40d4, 0x9fa0ff0b, 0x6beccd2f, 0x3f258c7a,
-    0x1e213f2f, 0x9c004dd3, 0x6003e540, 0xcf9fc949,
-    0xbfd4af27, 0x88bbbdb5, 0xe2034090, 0x98d09675,
-    0x6e63a0e0, 0x15c361d2, 0xc2e7661d, 0x22d4ff8e,
-    0x28683b6f, 0xc07fd059, 0xff2379c8, 0x775f50e2,
-    0x43c340d3, 0xdf2f8656, 0x887ca41a, 0xa2d2bd2d,
-    0xa1c9e0d6, 0x346c4819, 0x61b76d87, 0x22540f2f,
-    0x2abe32e1, 0xaa54166b, 0x22568e3a, 0xa2d341d0,
-    0x66db40c8, 0xa784392f, 0x004dff2f, 0x2db9d2de,
-    0x97943fac, 0x4a97c1d8, 0x527644b7, 0xb5f437a7,
-    0xb82cbaef, 0xd751d159, 0x6ff7f0ed, 0x5a097a1f,
-    0x827b68d0, 0x90ecf52e, 0x22b0c054, 0xbc8e5935,
-    0x4b6d2f7f, 0x50bb64a2, 0xd2664910, 0xbee5812d,
-    0xb7332290, 0xe93b159f, 0xb48ee411, 0x4bff345d,
-    0xfd45c240, 0xad31973f, 0xc4f6d02e, 0x55fc8165,
-    0xd5b1caad, 0xa1ac2dae, 0xa2d4b76d, 0xc19b0c50,
-    0x882240f2, 0x0c6e4f38, 0xa4e4bfd7, 0x4f5ba272,
-    0x564c1d2f, 0xc59c5319, 0xb949e354, 0xb04669fe,
-    0xb1b6ab8a, 0xc71358dd, 0x6385c545, 0x110f935d,
-    0x57538ad5, 0x6a390493, 0xe63d37e0, 0x2a54f6b3,
-    0x3a787d5f, 0x6276a0b5, 0x19a6fcdf, 0x7a42206a,
-    0x29f9d4d5, 0xf61b1891, 0xbb72275e, 0xaa508167,
-    0x38901091, 0xc6b505eb, 0x84c7cb8c, 0x2ad75a0f,
-    0x874a1427, 0xa2d1936b, 0x2ad286af, 0xaa56d291,
-    0xd7894360, 0x425c750d, 0x93b39e26, 0x187184c9,
-    0x6c00b32d, 0x73e2bb14, 0xa0bebc3c, 0x54623779,
-    0x64459eab, 0x3f328b82, 0x7718cf82, 0x59a2cea6,
-    0x04ee002e, 0x89fe78e6, 0x3fab0950, 0x325ff6c2,
-    0x81383f05, 0x6963c5c8, 0x76cb5ad6, 0xd49974c9,
-    0xca180dcf, 0x380782d5, 0xc7fa5cf6, 0x8ac31511,
-    0x35e79e13, 0x47da91d0, 0xf40f9086, 0xa7e2419e,
-    0x31366241, 0x051ef495, 0xaa573b04, 0x4a805d8d,
-    0x548300d0, 0x00322a3c, 0xbf64cddf, 0xba57a68e,
-    0x75c6372b, 0x50afd341, 0xa7c13275, 0x915a0bf5,
-    0x6b54bfab, 0x2b0b1426, 0xab4cc9d7, 0x449ccd82,
-    0xf7fbf265, 0xab85c5f3, 0x1b55db94, 0xaad4e324,
-    0xcfa4bd3f, 0x2deaa3e2, 0x9e204d02, 0xc8bd25ac,
-    0xeadf55b3, 0xd5bd9e98, 0xe31231b2, 0x2ad5ad6c,
-    0x954329de, 0xadbe4528, 0xd8710f69, 0xaa51c90f,
-    0xaa786bf6, 0x22513f1e, 0xaa51a79b, 0x2ad344cc,
-    0x7b5a41f0, 0xd37cfbad, 0x1b069505, 0x41ece491,
-    0xb4c332e6, 0x032268d4, 0xc9600acc, 0xce387e6d,
-    0xbf6bb16c, 0x6a70fb78, 0x0d03d9c9, 0xd4df39de,
-    0xe01063da, 0x4736f464, 0x5ad328d8, 0xb347cc96,
-    0x75bb0fc3, 0x98511bfb, 0x4ffbcc35, 0xb58bcf6a,
-    0xe11f0abc, 0xbfc5fe4a, 0xa70aec10, 0xac39570a,
-    0x3f04442f, 0x6188b153, 0xe0397a2e, 0x5727cb79,
-    0x9ceb418f, 0x1cacd68d, 0x2ad37c96, 0x0175cb9d,
-    0xc69dff09, 0xc75b65f0, 0xd9db40d8, 0xec0e7779,
-    0x4744ead4, 0xb11c3274, 0xdd24cb9e, 0x7e1c54bd,
-    0xf01144f9, 0xd2240eb1, 0x9675b3fd, 0xa3ac3755,
-    0xd47c27af, 0x51c85f4d, 0x56907596, 0xa5bb15e6,
-    0x580304f0, 0xca042cf1, 0x011a37ea, 0x8dbfaadb,
-    0x35ba3e4a, 0x3526ffa0, 0xc37b4d09, 0xbc306ed9,
-    0x98a52666, 0x5648f725, 0xff5e569d, 0x0ced63d0,
-    0x7c63b2cf, 0x700b45e1, 0xd5ea50f1, 0x85a92872,
-    0xaf1fbda7, 0xd4234870, 0xa7870bf3, 0x2d3b4d79,
-    0x42e04198, 0x0cd0ede7, 0x26470db8, 0xf881814c,
-    0x474d6ad7, 0x7c0c5e5c, 0xd1231959, 0x381b7298,
-    0xf5d2f4db, 0xab838653, 0x6e2f1e23, 0x83719c9e,
-    0xbd91e046, 0x9a56456e, 0xdc39200c, 0x20c8c571,
-    0x962bda1c, 0xe1e696ff, 0xb141ab08, 0x7cca89b9,
-    0x1a69e783, 0x02cc4843, 0xa2f7c579, 0x429ef47d,
-    0x427b169c, 0x5ac9f049, 0xdd8f0f00, 0x5c8165bf,
-};
-
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table1[256] = {
-    0x1f201094, 0xef0ba75b, 0x69e3cf7e, 0x393f4380,
-    0xfe61cf7a, 0xeec5207a, 0x55889c94, 0x72fc0651,
-    0xada7ef79, 0x4e1d7235, 0xd55a63ce, 0xde0436ba,
-    0x99c430ef, 0x5f0c0794, 0x18dcdb7d, 0xa1d6eff3,
-    0xa0b52f7b, 0x59e83605, 0xee15b094, 0xe9ffd909,
-    0xdc440086, 0xef944459, 0xba83ccb3, 0xe0c3cdfb,
-    0xd1da4181, 0x3b092ab1, 0xf997f1c1, 0xa5e6cf7b,
-    0x01420ddb, 0xe4e7ef5b, 0x25a1ff41, 0xe180f806,
-    0x1fc41080, 0x179bee7a, 0xd37ac6a9, 0xfe5830a4,
-    0x98de8b7f, 0x77e83f4e, 0x79929269, 0x24fa9f7b,
-    0xe113c85b, 0xacc40083, 0xd7503525, 0xf7ea615f,
-    0x62143154, 0x0d554b63, 0x5d681121, 0xc866c359,
-    0x3d63cf73, 0xcee234c0, 0xd4d87e87, 0x5c672b21,
-    0x071f6181, 0x39f7627f, 0x361e3084, 0xe4eb573b,
-    0x602f64a4, 0xd63acd9c, 0x1bbc4635, 0x9e81032d,
-    0x2701f50c, 0x99847ab4, 0xa0e3df79, 0xba6cf38c,
-    0x10843094, 0x2537a95e, 0xf46f6ffe, 0xa1ff3b1f,
-    0x208cfb6a, 0x8f458c74, 0xd9e0a227, 0x4ec73a34,
-    0xfc884f69, 0x3e4de8df, 0xef0e0088, 0x3559648d,
-    0x8a45388c, 0x1d804366, 0x721d9bfd, 0xa58684bb,
-    0xe8256333, 0x844e8212, 0x128d8098, 0xfed33fb4,
-    0xce280ae1, 0x27e19ba5, 0xd5a6c252, 0xe49754bd,
-    0xc5d655dd, 0xeb667064, 0x77840b4d, 0xa1b6a801,
-    0x84db26a9, 0xe0b56714, 0x21f043b7, 0xe5d05860,
-    0x54f03084, 0x066ff472, 0xa31aa153, 0xdadc4755,
-    0xb5625dbf, 0x68561be6, 0x83ca6b94, 0x2d6ed23b,
-    0xeccf01db, 0xa6d3d0ba, 0xb6803d5c, 0xaf77a709,
-    0x33b4a34c, 0x397bc8d6, 0x5ee22b95, 0x5f0e5304,
-    0x81ed6f61, 0x20e74364, 0xb45e1378, 0xde18639b,
-    0x881ca122, 0xb96726d1, 0x8049a7e8, 0x22b7da7b,
-    0x5e552d25, 0x5272d237, 0x79d2951c, 0xc60d894c,
-    0x488cb402, 0x1ba4fe5b, 0xa4b09f6b, 0x1ca815cf,
-    0xa20c3005, 0x8871df63, 0xb9de2fcb, 0x0cc6c9e9,
-    0x0beeff53, 0xe3214517, 0xb4542835, 0x9f63293c,
-    0xee41e729, 0x6e1d2d7c, 0x50045286, 0x1e6685f3,
-    0xf33401c6, 0x30a22c95, 0x31a70850, 0x60930f13,
-    0x73f98417, 0xa1269859, 0xec645c44, 0x52c877a9,
-    0xcdff33a6, 0xa02b1741, 0x7cbad9a2, 0x2180036f,
-    0x50d99c08, 0xcb3f4861, 0xc26bd765, 0x64a3f6ab,
-    0x80342676, 0x25a75e7b, 0xe4e6d1fc, 0x20c710e6,
-    0xcdf0b680, 0x17844d3b, 0x31eef84d, 0x7e0824e4,
-    0x2ccb49eb, 0x846a3bae, 0x8ff77888, 0xee5d60f6,
-    0x7af75673, 0x2fdd5cdb, 0xa11631c1, 0x30f66f43,
-    0xb3faec54, 0x157fd7fa, 0xef8579cc, 0xd152de58,
-    0xdb2ffd5e, 0x8f32ce19, 0x306af97a, 0x02f03ef8,
-    0x99319ad5, 0xc242fa0f, 0xa7e3ebb0, 0xc68e4906,
-    0xb8da230c, 0x80823028, 0xdcdef3c8, 0xd35fb171,
-    0x088a1bc8, 0xbec0c560, 0x61a3c9e8, 0xbca8f54d,
-    0xc72feffa, 0x22822e99, 0x82c570b4, 0xd8d94e89,
-    0x8b1c34bc, 0x301e16e6, 0x273be979, 0xb0ffeaa6,
-    0x61d9b8c6, 0x00b24869, 0xb7ffce3f, 0x08dc283b,
-    0x43daf65a, 0xf7e19798, 0x7619b72f, 0x8f1c9ba4,
-    0xdc8637a0, 0x16a7d3b1, 0x9fc393b7, 0xa7136eeb,
-    0xc6bcc63e, 0x1a513742, 0xef6828bc, 0x520365d6,
-    0x2d6a77ab, 0x3527ed4b, 0x821fd216, 0x095c6e2e,
-    0xdb92f2fb, 0x5eea29cb, 0x145892f5, 0x91584f7f,
-    0x5483697b, 0x2667a8cc, 0x85196048, 0x8c4bacea,
-    0x833860d4, 0x0d23e0f9, 0x6c387e8a, 0x0ae6d249,
-    0xb284600c, 0xd835731d, 0xdcb1c647, 0xac4c56ea,
-    0x3ebd81b3, 0x230eabb0, 0x6438bc87, 0xf0b5b1fa,
-    0x8f5ea2b3, 0xfc184642, 0x0a036b7a, 0x4fb089bd,
-    0x649da589, 0xa345415e, 0x5c038323, 0x3e5d3bb9,
-    0x43d79572, 0x7e6dd07c, 0x06dfdf1e, 0x6c6cc4ef,
-    0x7160a539, 0x73bfbe70, 0x83877605, 0x4523ecf1,
-};
-
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table2[256] = {
-    0x8defc240, 0x25fa5d9f, 0xeb903dbf, 0xe810c907,
-    0x47607fff, 0x369fe44b, 0x8c1fc644, 0xaececa90,
-    0xbeb1f9bf, 0xeefbcaea, 0xe8cf1950, 0x51df07ae,
-    0x920e8806, 0xf0ad0548, 0xe13c8d83, 0x927010d5,
-    0x11107d9f, 0x07647db9, 0xb2e3e4d4, 0x3d4f285e,
-    0xb9afa820, 0xfade82e0, 0xa067268b, 0x8272792e,
-    0x553fb2c0, 0x489ae22b, 0xd4ef9794, 0x125e3fbc,
-    0x21fffcee, 0x825b1bfd, 0x9255c5ed, 0x1257a240,
-    0x4e1a8302, 0xbae07fff, 0x528246e7, 0x8e57140e,
-    0x3373f7bf, 0x8c9f8188, 0xa6fc4ee8, 0xc982b5a5,
-    0xa8c01db7, 0x579fc264, 0x67094f31, 0xf2bd3f5f,
-    0x40fff7c1, 0x1fb78dfc, 0x8e6bd2c1, 0x437be59b,
-    0x99b03dbf, 0xb5dbc64b, 0x638dc0e6, 0x55819d99,
-    0xa197c81c, 0x4a012d6e, 0xc5884a28, 0xccc36f71,
-    0xb843c213, 0x6c0743f1, 0x8309893c, 0x0feddd5f,
-    0x2f7fe850, 0xd7c07f7e, 0x02507fbf, 0x5afb9a04,
-    0xa747d2d0, 0x1651192e, 0xaf70bf3e, 0x58c31380,
-    0x5f98302e, 0x727cc3c4, 0x0a0fb402, 0x0f7fef82,
-    0x8c96fdad, 0x5d2c2aae, 0x8ee99a49, 0x50da88b8,
-    0x8427f4a0, 0x1eac5790, 0x796fb449, 0x8252dc15,
-    0xefbd7d9b, 0xa672597d, 0xada840d8, 0x45f54504,
-    0xfa5d7403, 0xe83ec305, 0x4f91751a, 0x925669c2,
-    0x23efe941, 0xa903f12e, 0x60270df2, 0x0276e4b6,
-    0x94fd6574, 0x927985b2, 0x8276dbcb, 0x02778176,
-    0xf8af918d, 0x4e48f79e, 0x8f616ddf, 0xe29d840e,
-    0x842f7d83, 0x340ce5c8, 0x96bbb682, 0x93b4b148,
-    0xef303cab, 0x984faf28, 0x779faf9b, 0x92dc560d,
-    0x224d1e20, 0x8437aa88, 0x7d29dc96, 0x2756d3dc,
-    0x8b907cee, 0xb51fd240, 0xe7c07ce3, 0xe566b4a1,
-    0xc3e9615e, 0x3cf8209d, 0x6094d1e3, 0xcd9ca341,
-    0x5c76460e, 0x00ea983b, 0xd4d67881, 0xfd47572c,
-    0xf76cedd9, 0xbda8229c, 0x127dadaa, 0x438a074e,
-    0x1f97c090, 0x081bdb8a, 0x93a07ebe, 0xb938ca15,
-    0x97b03cff, 0x3dc2c0f8, 0x8d1ab2ec, 0x64380e51,
-    0x68cc7bfb, 0xd90f2788, 0x12490181, 0x5de5ffd4,
-    0xdd7ef86a, 0x76a2e214, 0xb9a40368, 0x925d958f,
-    0x4b39fffa, 0xba39aee9, 0xa4ffd30b, 0xfaf7933b,
-    0x6d498623, 0x193cbcfa, 0x27627545, 0x825cf47a,
-    0x61bd8ba0, 0xd11e42d1, 0xcead04f4, 0x127ea392,
-    0x10428db7, 0x8272a972, 0x9270c4a8, 0x127de50b,
-    0x285ba1c8, 0x3c62f44f, 0x35c0eaa5, 0xe805d231,
-    0x428929fb, 0xb4fcdf82, 0x4fb66a53, 0x0e7dc15b,
-    0x1f081fab, 0x108618ae, 0xfcfd086d, 0xf9ff2889,
-    0x694bcc11, 0x236a5cae, 0x12deca4d, 0x2c3f8cc5,
-    0xd2d02dfe, 0xf8ef5896, 0xe4cf52da, 0x95155b67,
-    0x494a488c, 0xb9b6a80c, 0x5c8f82bc, 0x89d36b45,
-    0x3a609437, 0xec00c9a9, 0x44715253, 0x0a874b49,
-    0xd773bc40, 0x7c34671c, 0x02717ef6, 0x4feb5536,
-    0xa2d02fff, 0xd2bf60c4, 0xd43f03c0, 0x50b4ef6d,
-    0x07478cd1, 0x006e1888, 0xa2e53f55, 0xb9e6d4bc,
-    0xa2048016, 0x97573833, 0xd7207d67, 0xde0f8f3d,
-    0x72f87b33, 0xabcc4f33, 0x7688c55d, 0x7b00a6b0,
-    0x947b0001, 0x570075d2, 0xf9bb88f8, 0x8942019e,
-    0x4264a5ff, 0x856302e0, 0x72dbd92b, 0xee971b69,
-    0x6ea22fde, 0x5f08ae2b, 0xaf7a616d, 0xe5c98767,
-    0xcf1febd2, 0x61efc8c2, 0xf1ac2571, 0xcc8239c2,
-    0x67214cb8, 0xb1e583d1, 0xb7dc3e62, 0x7f10bdce,
-    0xf90a5c38, 0x0ff0443d, 0x606e6dc6, 0x60543a49,
-    0x5727c148, 0x2be98a1d, 0x8ab41738, 0x20e1be24,
-    0xaf96da0f, 0x68458425, 0x99833be5, 0x600d457d,
-    0x282f9350, 0x8334b362, 0xd91d1120, 0x2b6d8da0,
-    0x642b1e31, 0x9c305a00, 0x52bce688, 0x1b03588a,
-    0xf7baefd5, 0x4142ed9c, 0xa4315c11, 0x83323ec5,
-    0xdfef4636, 0xa133c501, 0xe9d3531c, 0xee353783,
-};
-
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table3[256] = {
-    0x9db30420, 0x1fb6e9de, 0xa7be7bef, 0xd273a298,
-    0x4a4f7bdb, 0x64ad8c57, 0x85510443, 0xfa020ed1,
-    0x7e287aff, 0xe60fb663, 0x095f35a1, 0x79ebf120,
-    0xfd059d43, 0x6497b7b1, 0xf3641f63, 0x241e4adf,
-    0x28147f5f, 0x4fa2b8cd, 0xc9430040, 0x0cc32220,
-    0xfdd30b30, 0xc0a5374f, 0x1d2d00d9, 0x24147b15,
-    0xee4d111a, 0x0fca5167, 0x71ff904c, 0x2d195ffe,
-    0x1a05645f, 0x0c13fefe, 0x081b08ca, 0x05170121,
-    0x80530100, 0xe83e5efe, 0xac9af4f8, 0x7fe72701,
-    0xd2b8ee5f, 0x06df4261, 0xbb9e9b8a, 0x7293ea25,
-    0xce84ffdf, 0xf5718801, 0x3dd64b04, 0xa26f263b,
-    0x7ed48400, 0x547eebe6, 0x446d4ca0, 0x6cf3d6f5,
-    0x2649abdf, 0xaea0c7f5, 0x36338cc1, 0x503f7e93,
-    0xd3772061, 0x11b638e1, 0x72500e03, 0xf80eb2bb,
-    0xabe0502e, 0xec8d77de, 0x57971e81, 0xe14f6746,
-    0xc9335400, 0x6920318f, 0x081dbb99, 0xffc304a5,
-    0x4d351805, 0x7f3d5ce3, 0xa6c866c6, 0x5d5bcca9,
-    0xdaec6fea, 0x9f926f91, 0x9f46222f, 0x3991467d,
-    0xa5bf6d8e, 0x1143c44f, 0x43958302, 0xd0214eeb,
-    0x022083b8, 0x3fb6180c, 0x18f8931e, 0x281658e6,
-    0x26486e3e, 0x8bd78a70, 0x7477e4c1, 0xb506e07c,
-    0xf32d0a25, 0x79098b02, 0xe4eabb81, 0x28123b23,
-    0x69dead38, 0x1574ca16, 0xdf871b62, 0x211c40b7,
-    0xa51a9ef9, 0x0014377b, 0x041e8ac8, 0x09114003,
-    0xbd59e4d2, 0xe3d156d5, 0x4fe876d5, 0x2f91a340,
-    0x557be8de, 0x00eae4a7, 0x0ce5c2ec, 0x4db4bba6,
-    0xe756bdff, 0xdd3369ac, 0xec17b035, 0x06572327,
-    0x99afc8b0, 0x56c8c391, 0x6b65811c, 0x5e146119,
-    0x6e85cb75, 0xbe07c002, 0xc2325577, 0x893ff4ec,
-    0x5bbfc92d, 0xd0ec3b25, 0xb7801ab7, 0x8d6d3b24,
-    0x20c763ef, 0xc366a5fc, 0x9c382880, 0x0ace3205,
-    0xaac9548a, 0xeca1d7c7, 0x041afa32, 0x1d16625a,
-    0x6701902c, 0x9b757a54, 0x31d477f7, 0x9126b031,
-    0x36cc6fdb, 0xc70b8b46, 0xd9e66a48, 0x56e55a79,
-    0x026a4ceb, 0x52437eff, 0x2f8f76b4, 0x0df980a5,
-    0x8674cde3, 0xedda04eb, 0x17a9be04, 0x2c18f4df,
-    0xb7747f9d, 0xab2af7b4, 0xefc34d20, 0x2e096b7c,
-    0x1741a254, 0xe5b6a035, 0x213d42f6, 0x2c1c7c26,
-    0x61c2f50f, 0x6552daf9, 0xd2c231f8, 0x25130f69,
-    0xd8167fa2, 0x0418f2c8, 0x001a96a6, 0x0d1526ab,
-    0x63315c21, 0x5e0a72ec, 0x49bafefd, 0x187908d9,
-    0x8d0dbd86, 0x311170a7, 0x3e9b640c, 0xcc3e10d7,
-    0xd5cad3b6, 0x0caec388, 0xf73001e1, 0x6c728aff,
-    0x71eae2a1, 0x1f9af36e, 0xcfcbd12f, 0xc1de8417,
-    0xac07be6b, 0xcb44a1d8, 0x8b9b0f56, 0x013988c3,
-    0xb1c52fca, 0xb4be31cd, 0xd8782806, 0x12a3a4e2,
-    0x6f7de532, 0x58fd7eb6, 0xd01ee900, 0x24adffc2,
-    0xf4990fc5, 0x9711aac5, 0x001d7b95, 0x82e5e7d2,
-    0x109873f6, 0x00613096, 0xc32d9521, 0xada121ff,
-    0x29908415, 0x7fbb977f, 0xaf9eb3db, 0x29c9ed2a,
-    0x5ce2a465, 0xa730f32c, 0xd0aa3fe8, 0x8a5cc091,
-    0xd49e2ce7, 0x0ce454a9, 0xd60acd86, 0x015f1919,
-    0x77079103, 0xdea03af6, 0x78a8565e, 0xdee356df,
-    0x21f05cbe, 0x8b75e387, 0xb3c50651, 0xb8a5c3ef,
-    0xd8eeb6d2, 0xe523be77, 0xc2154529, 0x2f69efdf,
-    0xafe67afb, 0xf470c4b2, 0xf3e0eb5b, 0xd6cc9876,
-    0x39e4460c, 0x1fda8538, 0x1987832f, 0xca007367,
-    0xa99144f8, 0x296b299e, 0x492fc295, 0x9266beab,
-    0xb5676e69, 0x9bd3ddda, 0xdf7e052f, 0xdb25701c,
-    0x1b5e51ee, 0xf65324e6, 0x6afce36c, 0x0316cc04,
-    0x8644213e, 0xb7dc59d0, 0x7965291f, 0xccd6fd43,
-    0x41823979, 0x932bcdf6, 0xb657c34d, 0x4edfd282,
-    0x7ae5290c, 0x3cb9536b, 0x851e20fe, 0x9833557e,
-    0x13ecf0b0, 0xd3ffb372, 0x3f85c5c1, 0x0aef7ed2,
-};
-
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table4[256] = {
-    0x7ec90c04, 0x2c6e74b9, 0x9b0e66df, 0xa6337911,
-    0xb86a7fff, 0x1dd358f5, 0x44dd9d44, 0x1731167f,
-    0x08fbf1fa, 0xe7f511cc, 0xd2051b00, 0x735aba00,
-    0x2ab722d8, 0x386381cb, 0xacf6243a, 0x69befd7a,
-    0xe6a2e77f, 0xf0c720cd, 0xc4494816, 0xccf5c180,
-    0x38851640, 0x15b0a848, 0xe68b18cb, 0x4caadeff,
-    0x5f480a01, 0x0412b2aa, 0x259814fc, 0x41d0efe2,
-    0x4e40b48d, 0x248eb6fb, 0x8dba1cfe, 0x41a99b02,
-    0x1a550a04, 0xba8f65cb, 0x7251f4e7, 0x95a51725,
-    0xc106ecd7, 0x97a5980a, 0xc539b9aa, 0x4d79fe6a,
-    0xf2f3f763, 0x68af8040, 0xed0c9e56, 0x11b4958b,
-    0xe1eb5a88, 0x8709e6b0, 0xd7e07156, 0x4e29fea7,
-    0x6366e52d, 0x02d1c000, 0xc4ac8e05, 0x9377f571,
-    0x0c05372a, 0x578535f2, 0x2261be02, 0xd642a0c9,
-    0xdf13a280, 0x74b55bd2, 0x682199c0, 0xd421e5ec,
-    0x53fb3ce8, 0xc8adedb3, 0x28a87fc9, 0x3d959981,
-    0x5c1ff900, 0xfe38d399, 0x0c4eff0b, 0x062407ea,
-    0xaa2f4fb1, 0x4fb96976, 0x90c79505, 0xb0a8a774,
-    0xef55a1ff, 0xe59ca2c2, 0xa6b62d27, 0xe66a4263,
-    0xdf65001f, 0x0ec50966, 0xdfdd55bc, 0x29de0655,
-    0x911e739a, 0x17af8975, 0x32c7911c, 0x89f89468,
-    0x0d01e980, 0x524755f4, 0x03b63cc9, 0x0cc844b2,
-    0xbcf3f0aa, 0x87ac36e9, 0xe53a7426, 0x01b3d82b,
-    0x1a9e7449, 0x64ee2d7e, 0xcddbb1da, 0x01c94910,
-    0xb868bf80, 0x0d26f3fd, 0x9342ede7, 0x04a5c284,
-    0x636737b6, 0x50f5b616, 0xf24766e3, 0x8eca36c1,
-    0x136e05db, 0xfef18391, 0xfb887a37, 0xd6e7f7d4,
-    0xc7fb7dc9, 0x3063fcdf, 0xb6f589de, 0xec2941da,
-    0x26e46695, 0xb7566419, 0xf654efc5, 0xd08d58b7,
-    0x48925401, 0xc1bacb7f, 0xe5ff550f, 0xb6083049,
-    0x5bb5d0e8, 0x87d72e5a, 0xab6a6ee1, 0x223a66ce,
-    0xc62bf3cd, 0x9e0885f9, 0x68cb3e47, 0x086c010f,
-    0xa21de820, 0xd18b69de, 0xf3f65777, 0xfa02c3f6,
-    0x407edac3, 0xcbb3d550, 0x1793084d, 0xb0d70eba,
-    0x0ab378d5, 0xd951fb0c, 0xded7da56, 0x4124bbe4,
-    0x94ca0b56, 0x0f5755d1, 0xe0e1e56e, 0x6184b5be,
-    0x580a249f, 0x94f74bc0, 0xe327888e, 0x9f7b5561,
-    0xc3dc0280, 0x05687715, 0x646c6bd7, 0x44904db3,
-    0x66b4f0a3, 0xc0f1648a, 0x697ed5af, 0x49e92ff6,
-    0x309e374f, 0x2cb6356a, 0x85808573, 0x4991f840,
-    0x76f0ae02, 0x083be84d, 0x28421c9a, 0x44489406,
-    0x736e4cb8, 0xc1092910, 0x8bc95fc6, 0x7d869cf4,
-    0x134f616f, 0x2e77118d, 0xb31b2be1, 0xaa90b472,
-    0x3ca5d717, 0x7d161bba, 0x9cad9010, 0xaf462ba2,
-    0x9fe459d2, 0x45d34559, 0xd9f2da13, 0xdbc65487,
-    0xf3e4f94e, 0x176d486f, 0x097c13ea, 0x631da5c7,
-    0x445f7382, 0x175683f4, 0xcdc66a97, 0x70be0288,
-    0xb3cdcf72, 0x6e5dd2f3, 0x20936079, 0x459b80a5,
-    0xbe60e2db, 0xa9c23101, 0xeba5315c, 0x224e42f2,
-    0x1c5c1572, 0xf6721b2c, 0x1ad2fff3, 0x8c25404e,
-    0x324ed72f, 0x4067b7fd, 0x0523138e, 0x5ca3bc78,
-    0xdc0fd66e, 0x75922283, 0x784d6b17, 0x58ebb16e,
-    0x44094f85, 0x3f481d87, 0xfcfeae7b, 0x77b5ff76,
-    0x8c2302bf, 0xaaf47556, 0x5f46b02a, 0x2b092801,
-    0x3d38f5f7, 0x0ca81f36, 0x52af4a8a, 0x66d5e7c0,
-    0xdf3b0874, 0x95055110, 0x1b5ad7a8, 0xf61ed5ad,
-    0x6cf6e479, 0x20758184, 0xd0cefa65, 0x88f7be58,
-    0x4a046826, 0x0ff6f8f3, 0xa09c7f70, 0x5346aba0,
-    0x5ce96c28, 0xe176eda3, 0x6bac307f, 0x376829d2,
-    0x85360fa9, 0x17e3fe2a, 0x24b79767, 0xf5a96b20,
-    0xd6cd2595, 0x68ff1ebf, 0x7555442c, 0xf19f06be,
-    0xf9e0659a, 0xeeb9491d, 0x34010718, 0xbb30cab8,
-    0xe822fe15, 0x88570983, 0x750e6249, 0xda627e55,
-    0x5e76ffa8, 0xb1534546, 0x6d47de08, 0xefe9e7d4,
-};
-
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table5[256] = {
-    0xf6fa8f9d, 0x2cac6ce1, 0x4ca34867, 0xe2337f7c,
-    0x95db08e7, 0x016843b4, 0xeced5cbc, 0x325553ac,
-    0xbf9f0960, 0xdfa1e2ed, 0x83f0579d, 0x63ed86b9,
-    0x1ab6a6b8, 0xde5ebe39, 0xf38ff732, 0x8989b138,
-    0x33f14961, 0xc01937bd, 0xf506c6da, 0xe4625e7e,
-    0xa308ea99, 0x4e23e33c, 0x79cbd7cc, 0x48a14367,
-    0xa3149619, 0xfec94bd5, 0xa114174a, 0xeaa01866,
-    0xa084db2d, 0x09a8486f, 0xa888614a, 0x2900af98,
-    0x01665991, 0xe1992863, 0xc8f30c60, 0x2e78ef3c,
-    0xd0d51932, 0xcf0fec14, 0xf7ca07d2, 0xd0a82072,
-    0xfd41197e, 0x9305a6b0, 0xe86be3da, 0x74bed3cd,
-    0x372da53c, 0x4c7f4448, 0xdab5d440, 0x6dba0ec3,
-    0x083919a7, 0x9fbaeed9, 0x49dbcfb0, 0x4e670c53,
-    0x5c3d9c01, 0x64bdb941, 0x2c0e636a, 0xba7dd9cd,
-    0xea6f7388, 0xe70bc762, 0x35f29adb, 0x5c4cdd8d,
-    0xf0d48d8c, 0xb88153e2, 0x08a19866, 0x1ae2eac8,
-    0x284caf89, 0xaa928223, 0x9334be53, 0x3b3a21bf,
-    0x16434be3, 0x9aea3906, 0xefe8c36e, 0xf890cdd9,
-    0x80226dae, 0xc340a4a3, 0xdf7e9c09, 0xa694a807,
-    0x5b7c5ecc, 0x221db3a6, 0x9a69a02f, 0x68818a54,
-    0xceb2296f, 0x53c0843a, 0xfe893655, 0x25bfe68a,
-    0xb4628abc, 0xcf222ebf, 0x25ac6f48, 0xa9a99387,
-    0x53bddb65, 0xe76ffbe7, 0xe967fd78, 0x0ba93563,
-    0x8e342bc1, 0xe8a11be9, 0x4980740d, 0xc8087dfc,
-    0x8de4bf99, 0xa11101a0, 0x7fd37975, 0xda5a26c0,
-    0xe81f994f, 0x9528cd89, 0xfd339fed, 0xb87834bf,
-    0x5f04456d, 0x22258698, 0xc9c4c83b, 0x2dc156be,
-    0x4f628daa, 0x57f55ec5, 0xe2220abe, 0xd2916ebf,
-    0x4ec75b95, 0x24f2c3c0, 0x42d15d99, 0xcd0d7fa0,
-    0x7b6e27ff, 0xa8dc8af0, 0x7345c106, 0xf41e232f,
-    0x35162386, 0xe6ea8926, 0x3333b094, 0x157ec6f2,
-    0x372b74af, 0x692573e4, 0xe9a9d848, 0xf3160289,
-    0x3a62ef1d, 0xa787e238, 0xf3a5f676, 0x74364853,
-    0x20951063, 0x4576698d, 0xb6fad407, 0x592af950,
-    0x36f73523, 0x4cfb6e87, 0x7da4cec0, 0x6c152daa,
-    0xcb0396a8, 0xc50dfe5d, 0xfcd707ab, 0x0921c42f,
-    0x89dff0bb, 0x5fe2be78, 0x448f4f33, 0x754613c9,
-    0x2b05d08d, 0x48b9d585, 0xdc049441, 0xc8098f9b,
-    0x7dede786, 0xc39a3373, 0x42410005, 0x6a091751,
-    0x0ef3c8a6, 0x890072d6, 0x28207682, 0xa9a9f7be,
-    0xbf32679d, 0xd45b5b75, 0xb353fd00, 0xcbb0e358,
-    0x830f220a, 0x1f8fb214, 0xd372cf08, 0xcc3c4a13,
-    0x8cf63166, 0x061c87be, 0x88c98f88, 0x6062e397,
-    0x47cf8e7a, 0xb6c85283, 0x3cc2acfb, 0x3fc06976,
-    0x4e8f0252, 0x64d8314d, 0xda3870e3, 0x1e665459,
-    0xc10908f0, 0x513021a5, 0x6c5b68b7, 0x822f8aa0,
-    0x3007cd3e, 0x74719eef, 0xdc872681, 0x073340d4,
-    0x7e432fd9, 0x0c5ec241, 0x8809286c, 0xf592d891,
-    0x08a930f6, 0x957ef305, 0xb7fbffbd, 0xc266e96f,
-    0x6fe4ac98, 0xb173ecc0, 0xbc60b42a, 0x953498da,
-    0xfba1ae12, 0x2d4bd736, 0x0f25faab, 0xa4f3fceb,
-    0xe2969123, 0x257f0c3d, 0x9348af49, 0x361400bc,
-    0xe8816f4a, 0x3814f200, 0xa3f94043, 0x9c7a54c2,
-    0xbc704f57, 0xda41e7f9, 0xc25ad33a, 0x54f4a084,
-    0xb17f5505, 0x59357cbe, 0xedbd15c8, 0x7f97c5ab,
-    0xba5ac7b5, 0xb6f6deaf, 0x3a479c3a, 0x5302da25,
-    0x653d7e6a, 0x54268d49, 0x51a477ea, 0x5017d55b,
-    0xd7d25d88, 0x44136c76, 0x0404a8c8, 0xb8e5a121,
-    0xb81a928a, 0x60ed5869, 0x97c55b96, 0xeaec991b,
-    0x29935913, 0x01fdb7f1, 0x088e8dfa, 0x9ab6f6f5,
-    0x3b4cbf9f, 0x4a5de3ab, 0xe6051d35, 0xa0e1d855,
-    0xd36b4cf1, 0xf544edeb, 0xb0e93524, 0xbebb8fbd,
-    0xa2d762cf, 0x49c92f54, 0x38b5f331, 0x7128a454,
-    0x48392905, 0xa65b1db8, 0x851c97bd, 0xd675cf2f,
-};
-
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table6[256] = {
-    0x85e04019, 0x332bf567, 0x662dbfff, 0xcfc65693,
-    0x2a8d7f6f, 0xab9bc912, 0xde6008a1, 0x2028da1f,
-    0x0227bce7, 0x4d642916, 0x18fac300, 0x50f18b82,
-    0x2cb2cb11, 0xb232e75c, 0x4b3695f2, 0xb28707de,
-    0xa05fbcf6, 0xcd4181e9, 0xe150210c, 0xe24ef1bd,
-    0xb168c381, 0xfde4e789, 0x5c79b0d8, 0x1e8bfd43,
-    0x4d495001, 0x38be4341, 0x913cee1d, 0x92a79c3f,
-    0x089766be, 0xbaeeadf4, 0x1286becf, 0xb6eacb19,
-    0x2660c200, 0x7565bde4, 0x64241f7a, 0x8248dca9,
-    0xc3b3ad66, 0x28136086, 0x0bd8dfa8, 0x356d1cf2,
-    0x107789be, 0xb3b2e9ce, 0x0502aa8f, 0x0bc0351e,
-    0x166bf52a, 0xeb12ff82, 0xe3486911, 0xd34d7516,
-    0x4e7b3aff, 0x5f43671b, 0x9cf6e037, 0x4981ac83,
-    0x334266ce, 0x8c9341b7, 0xd0d854c0, 0xcb3a6c88,
-    0x47bc2829, 0x4725ba37, 0xa66ad22b, 0x7ad61f1e,
-    0x0c5cbafa, 0x4437f107, 0xb6e79962, 0x42d2d816,
-    0x0a961288, 0xe1a5c06e, 0x13749e67, 0x72fc081a,
-    0xb1d139f7, 0xf9583745, 0xcf19df58, 0xbec3f756,
-    0xc06eba30, 0x07211b24, 0x45c28829, 0xc95e317f,
-    0xbc8ec511, 0x38bc46e9, 0xc6e6fa14, 0xbae8584a,
-    0xad4ebc46, 0x468f508b, 0x7829435f, 0xf124183b,
-    0x821dba9f, 0xaff60ff4, 0xea2c4e6d, 0x16e39264,
-    0x92544a8b, 0x009b4fc3, 0xaba68ced, 0x9ac96f78,
-    0x06a5b79a, 0xb2856e6e, 0x1aec3ca9, 0xbe838688,
-    0x0e0804e9, 0x55f1be56, 0xe7e5363b, 0xb3a1f25d,
-    0xf7debb85, 0x61fe033c, 0x16746233, 0x3c034c28,
-    0xda6d0c74, 0x79aac56c, 0x3ce4e1ad, 0x51f0c802,
-    0x98f8f35a, 0x1626a49f, 0xeed82b29, 0x1d382fe3,
-    0x0c4fb99a, 0xbb325778, 0x3ec6d97b, 0x6e77a6a9,
-    0xcb658b5c, 0xd45230c7, 0x2bd1408b, 0x60c03eb7,
-    0xb9068d78, 0xa33754f4, 0xf430c87d, 0xc8a71302,
-    0xb96d8c32, 0xebd4e7be, 0xbe8b9d2d, 0x7979fb06,
-    0xe7225308, 0x8b75cf77, 0x11ef8da4, 0xe083c858,
-    0x8d6b786f, 0x5a6317a6, 0xfa5cf7a0, 0x5dda0033,
-    0xf28ebfb0, 0xf5b9c310, 0xa0eac280, 0x08b9767a,
-    0xa3d9d2b0, 0x79d34217, 0x021a718d, 0x9ac6336a,
-    0x2711fd60, 0x438050e3, 0x069908a8, 0x3d7fedc4,
-    0x826d2bef, 0x4eeb8476, 0x488dcf25, 0x36c9d566,
-    0x28e74e41, 0xc2610aca, 0x3d49a9cf, 0xbae3b9df,
-    0xb65f8de6, 0x92aeaf64, 0x3ac7d5e6, 0x9ea80509,
-    0xf22b017d, 0xa4173f70, 0xdd1e16c3, 0x15e0d7f9,
-    0x50b1b887, 0x2b9f4fd5, 0x625aba82, 0x6a017962,
-    0x2ec01b9c, 0x15488aa9, 0xd716e740, 0x40055a2c,
-    0x93d29a22, 0xe32dbf9a, 0x058745b9, 0x3453dc1e,
-    0xd699296e, 0x496cff6f, 0x1c9f4986, 0xdfe2ed07,
-    0xb87242d1, 0x19de7eae, 0x053e561a, 0x15ad6f8c,
-    0x66626c1c, 0x7154c24c, 0xea082b2a, 0x93eb2939,
-    0x17dcb0f0, 0x58d4f2ae, 0x9ea294fb, 0x52cf564c,
-    0x9883fe66, 0x2ec40581, 0x763953c3, 0x01d6692e,
-    0xd3a0c108, 0xa1e7160e, 0xe4f2dfa6, 0x693ed285,
-    0x74904698, 0x4c2b0edd, 0x4f757656, 0x5d393378,
-    0xa132234f, 0x3d321c5d, 0xc3f5e194, 0x4b269301,
-    0xc79f022f, 0x3c997e7e, 0x5e4f9504, 0x3ffafbbd,
-    0x76f7ad0e, 0x296693f4, 0x3d1fce6f, 0xc61e45be,
-    0xd3b5ab34, 0xf72bf9b7, 0x1b0434c0, 0x4e72b567,
-    0x5592a33d, 0xb5229301, 0xcfd2a87f, 0x60aeb767,
-    0x1814386b, 0x30bcc33d, 0x38a0c07d, 0xfd1606f2,
-    0xc363519b, 0x589dd390, 0x5479f8e6, 0x1cb8d647,
-    0x97fd61a9, 0xea7759f4, 0x2d57539d, 0x569a58cf,
-    0xe84e63ad, 0x462e1b78, 0x6580f87e, 0xf3817914,
-    0x91da55f4, 0x40a230f3, 0xd1988f35, 0xb6e318d2,
-    0x3ffa50bc, 0x3d40f021, 0xc3c0bdae, 0x4958c24c,
-    0x518f36b2, 0x84b1d370, 0x0fedce83, 0x878ddada,
-    0xf2a279c7, 0x94e01be8, 0x90716f4b, 0x954b8aa3,
-};
-
-OPENSSL_GLOBAL const CAST_LONG CAST_S_table7[256] = {
-    0xe216300d, 0xbbddfffc, 0xa7ebdabd, 0x35648095,
-    0x7789f8b7, 0xe6c1121b, 0x0e241600, 0x052ce8b5,
-    0x11a9cfb0, 0xe5952f11, 0xece7990a, 0x9386d174,
-    0x2a42931c, 0x76e38111, 0xb12def3a, 0x37ddddfc,
-    0xde9adeb1, 0x0a0cc32c, 0xbe197029, 0x84a00940,
-    0xbb243a0f, 0xb4d137cf, 0xb44e79f0, 0x049eedfd,
-    0x0b15a15d, 0x480d3168, 0x8bbbde5a, 0x669ded42,
-    0xc7ece831, 0x3f8f95e7, 0x72df191b, 0x7580330d,
-    0x94074251, 0x5c7dcdfa, 0xabbe6d63, 0xaa402164,
-    0xb301d40a, 0x02e7d1ca, 0x53571dae, 0x7a3182a2,
-    0x12a8ddec, 0xfdaa335d, 0x176f43e8, 0x71fb46d4,
-    0x38129022, 0xce949ad4, 0xb84769ad, 0x965bd862,
-    0x82f3d055, 0x66fb9767, 0x15b80b4e, 0x1d5b47a0,
-    0x4cfde06f, 0xc28ec4b8, 0x57e8726e, 0x647a78fc,
-    0x99865d44, 0x608bd593, 0x6c200e03, 0x39dc5ff6,
-    0x5d0b00a3, 0xae63aff2, 0x7e8bd632, 0x70108c0c,
-    0xbbd35049, 0x2998df04, 0x980cf42a, 0x9b6df491,
-    0x9e7edd53, 0x06918548, 0x58cb7e07, 0x3b74ef2e,
-    0x522fffb1, 0xd24708cc, 0x1c7e27cd, 0xa4eb215b,
-    0x3cf1d2e2, 0x19b47a38, 0x424f7618, 0x35856039,
-    0x9d17dee7, 0x27eb35e6, 0xc9aff67b, 0x36baf5b8,
-    0x09c467cd, 0xc18910b1, 0xe11dbf7b, 0x06cd1af8,
-    0x7170c608, 0x2d5e3354, 0xd4de495a, 0x64c6d006,
-    0xbcc0c62c, 0x3dd00db3, 0x708f8f34, 0x77d51b42,
-    0x264f620f, 0x24b8d2bf, 0x15c1b79e, 0x46a52564,
-    0xf8d7e54e, 0x3e378160, 0x7895cda5, 0x859c15a5,
-    0xe6459788, 0xc37bc75f, 0xdb07ba0c, 0x0676a3ab,
-    0x7f229b1e, 0x31842e7b, 0x24259fd7, 0xf8bef472,
-    0x835ffcb8, 0x6df4c1f2, 0x96f5b195, 0xfd0af0fc,
-    0xb0fe134c, 0xe2506d3d, 0x4f9b12ea, 0xf215f225,
-    0xa223736f, 0x9fb4c428, 0x25d04979, 0x34c713f8,
-    0xc4618187, 0xea7a6e98, 0x7cd16efc, 0x1436876c,
-    0xf1544107, 0xbedeee14, 0x56e9af27, 0xa04aa441,
-    0x3cf7c899, 0x92ecbae6, 0xdd67016d, 0x151682eb,
-    0xa842eedf, 0xfdba60b4, 0xf1907b75, 0x20e3030f,
-    0x24d8c29e, 0xe139673b, 0xefa63fb8, 0x71873054,
-    0xb6f2cf3b, 0x9f326442, 0xcb15a4cc, 0xb01a4504,
-    0xf1e47d8d, 0x844a1be5, 0xbae7dfdc, 0x42cbda70,
-    0xcd7dae0a, 0x57e85b7a, 0xd53f5af6, 0x20cf4d8c,
-    0xcea4d428, 0x79d130a4, 0x3486ebfb, 0x33d3cddc,
-    0x77853b53, 0x37effcb5, 0xc5068778, 0xe580b3e6,
-    0x4e68b8f4, 0xc5c8b37e, 0x0d809ea2, 0x398feb7c,
-    0x132a4f94, 0x43b7950e, 0x2fee7d1c, 0x223613bd,
-    0xdd06caa2, 0x37df932b, 0xc4248289, 0xacf3ebc3,
-    0x5715f6b7, 0xef3478dd, 0xf267616f, 0xc148cbe4,
-    0x9052815e, 0x5e410fab, 0xb48a2465, 0x2eda7fa4,
-    0xe87b40e4, 0xe98ea084, 0x5889e9e1, 0xefd390fc,
-    0xdd07d35b, 0xdb485694, 0x38d7e5b2, 0x57720101,
-    0x730edebc, 0x5b643113, 0x94917e4f, 0x503c2fba,
-    0x646f1282, 0x7523d24a, 0xe0779695, 0xf9c17a8f,
-    0x7a5b2121, 0xd187b896, 0x29263a4d, 0xba510cdf,
-    0x81f47c9f, 0xad1163ed, 0xea7b5965, 0x1a00726e,
-    0x11403092, 0x00da6d77, 0x4a0cdd61, 0xad1f4603,
-    0x605bdfb0, 0x9eedc364, 0x22ebe6a8, 0xcee7d28a,
-    0xa0e736a0, 0x5564a6b9, 0x10853209, 0xc7eb8f37,
-    0x2de705ca, 0x8951570f, 0xdf09822b, 0xbd691a6c,
-    0xaa12e4f2, 0x87451c0f, 0xe0f6a27a, 0x3ada4819,
-    0x4cf1764f, 0x0d771c2b, 0x67cdb156, 0x350d8384,
-    0x5938fa0f, 0x42399ef3, 0x36997b07, 0x0e84093d,
-    0x4aa93e61, 0x8360d87b, 0x1fa98b0c, 0x1149382c,
-    0xe97625a5, 0x0614d1b7, 0x0e25244b, 0x0c768347,
-    0x589e8d82, 0x0d2059d1, 0xa466bb1e, 0xf8da0a82,
-    0x04f19130, 0xba6e4ec0, 0x99265164, 0x1ee7230d,
-    0x50b2ad80, 0xeaee6801, 0x8db2a283, 0xea8bf59e,
-};
diff --git a/thirdparty/openssl/crypto/cast/cast_spd.c b/thirdparty/openssl/crypto/cast/cast_spd.c
deleted file mode 100644
index 91d2ce23f7..0000000000
--- a/thirdparty/openssl/crypto/cast/cast_spd.c
+++ /dev/null
@@ -1,262 +0,0 @@
-/* crypto/cast/cast_spd.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
-/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-# define TIMES
-#endif
-
-#include <stdio.h>
-
-#include <openssl/e_os2.h>
-#include OPENSSL_UNISTD_IO
-OPENSSL_DECLARE_EXIT
-#ifndef OPENSSL_SYS_NETWARE
-# include <signal.h>
-#endif
-#ifndef _IRIX
-# include <time.h>
-#endif
-#ifdef TIMES
-# include <sys/types.h>
-# include <sys/times.h>
-#endif
-    /*
-     * Depending on the VMS version, the tms structure is perhaps defined.
-     * The __TMS macro will show if it was.  If it wasn't defined, we should
-     * undefine TIMES, since that tells the rest of the program how things
-     * should be handled.  -- Richard Levitte
-     */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-# undef TIMES
-#endif
-#ifndef TIMES
-# include <sys/timeb.h>
-#endif
-#if defined(sun) || defined(__ultrix)
-# define _POSIX_SOURCE
-# include <limits.h>
-# include <sys/param.h>
-#endif
-#include <openssl/cast.h>
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-# ifndef CLK_TCK
-#  define HZ      100.0
-# else                          /* CLK_TCK */
-#  define HZ ((double)CLK_TCK)
-# endif
-#endif
-#define BUFSIZE ((long)1024)
-long run = 0;
-
-double Time_F(int s);
-#ifdef SIGALRM
-# if defined(__STDC__) || defined(sgi) || defined(_AIX)
-#  define SIGRETTYPE void
-# else
-#  define SIGRETTYPE int
-# endif
-
-SIGRETTYPE sig_done(int sig);
-SIGRETTYPE sig_done(int sig)
-{
-    signal(SIGALRM, sig_done);
-    run = 0;
-# ifdef LINT
-    sig = sig;
-# endif
-}
-#endif
-
-#define START   0
-#define STOP    1
-
-double Time_F(int s)
-{
-    double ret;
-#ifdef TIMES
-    static struct tms tstart, tend;
-
-    if (s == START) {
-        times(&tstart);
-        return (0);
-    } else {
-        times(&tend);
-        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
-        return ((ret == 0.0) ? 1e-6 : ret);
-    }
-#else                           /* !times() */
-    static struct timeb tstart, tend;
-    long i;
-
-    if (s == START) {
-        ftime(&tstart);
-        return (0);
-    } else {
-        ftime(&tend);
-        i = (long)tend.millitm - (long)tstart.millitm;
-        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1e3;
-        return ((ret == 0.0) ? 1e-6 : ret);
-    }
-#endif
-}
-
-int main(int argc, char **argv)
-{
-    long count;
-    static unsigned char buf[BUFSIZE];
-    static unsigned char key[] = {
-        0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
-        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
-    };
-    CAST_KEY sch;
-    double a, b, c, d;
-#ifndef SIGALRM
-    long ca, cb, cc;
-#endif
-
-#ifndef TIMES
-    printf("To get the most accurate results, try to run this\n");
-    printf("program when this computer is idle.\n");
-#endif
-
-#ifndef SIGALRM
-    printf("First we calculate the approximate speed ...\n");
-    CAST_set_key(&sch, 16, key);
-    count = 10;
-    do {
-        long i;
-        CAST_LONG data[2];
-
-        count *= 2;
-        Time_F(START);
-        for (i = count; i; i--)
-            CAST_encrypt(data, &sch);
-        d = Time_F(STOP);
-    } while (d < 3.0);
-    ca = count / 512;
-    cb = count;
-    cc = count * 8 / BUFSIZE + 1;
-    printf("Doing CAST_set_key %ld times\n", ca);
-# define COND(d) (count != (d))
-# define COUNT(d) (d)
-#else
-# define COND(c) (run)
-# define COUNT(d) (count)
-    signal(SIGALRM, sig_done);
-    printf("Doing CAST_set_key for 10 seconds\n");
-    alarm(10);
-#endif
-
-    Time_F(START);
-    for (count = 0, run = 1; COND(ca); count += 4) {
-        CAST_set_key(&sch, 16, key);
-        CAST_set_key(&sch, 16, key);
-        CAST_set_key(&sch, 16, key);
-        CAST_set_key(&sch, 16, key);
-    }
-    d = Time_F(STOP);
-    printf("%ld cast set_key's in %.2f seconds\n", count, d);
-    a = ((double)COUNT(ca)) / d;
-
-#ifdef SIGALRM
-    printf("Doing CAST_encrypt's for 10 seconds\n");
-    alarm(10);
-#else
-    printf("Doing CAST_encrypt %ld times\n", cb);
-#endif
-    Time_F(START);
-    for (count = 0, run = 1; COND(cb); count += 4) {
-        CAST_LONG data[2];
-
-        CAST_encrypt(data, &sch);
-        CAST_encrypt(data, &sch);
-        CAST_encrypt(data, &sch);
-        CAST_encrypt(data, &sch);
-    }
-    d = Time_F(STOP);
-    printf("%ld CAST_encrypt's in %.2f second\n", count, d);
-    b = ((double)COUNT(cb) * 8) / d;
-
-#ifdef SIGALRM
-    printf("Doing CAST_cbc_encrypt on %ld byte blocks for 10 seconds\n",
-           BUFSIZE);
-    alarm(10);
-#else
-    printf("Doing CAST_cbc_encrypt %ld times on %ld byte blocks\n", cc,
-           BUFSIZE);
-#endif
-    Time_F(START);
-    for (count = 0, run = 1; COND(cc); count++)
-        CAST_cbc_encrypt(buf, buf, BUFSIZE, &sch, &(key[0]), CAST_ENCRYPT);
-    d = Time_F(STOP);
-    printf("%ld CAST_cbc_encrypt's of %ld byte blocks in %.2f second\n",
-           count, BUFSIZE, d);
-    c = ((double)COUNT(cc) * BUFSIZE) / d;
-
-    printf("CAST set_key       per sec = %12.2f (%9.3fuS)\n", a, 1.0e6 / a);
-    printf("CAST raw ecb bytes per sec = %12.2f (%9.3fuS)\n", b, 8.0e6 / b);
-    printf("CAST cbc     bytes per sec = %12.2f (%9.3fuS)\n", c, 8.0e6 / c);
-    exit(0);
-#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
-    return (0);
-#endif
-}
diff --git a/thirdparty/openssl/crypto/cast/castopts.c b/thirdparty/openssl/crypto/cast/castopts.c
deleted file mode 100644
index 42687f2884..0000000000
--- a/thirdparty/openssl/crypto/cast/castopts.c
+++ /dev/null
@@ -1,334 +0,0 @@
-/* crypto/cast/castopts.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * define PART1, PART2, PART3 or PART4 to build only with a few of the
- * options. This is for machines with 64k code segment size restrictions.
- */
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC))
-# define TIMES
-#endif
-
-#include <stdio.h>
-
-#include <openssl/e_os2.h>
-#include OPENSSL_UNISTD_IO
-OPENSSL_DECLARE_EXIT
-#ifndef OPENSSL_SYS_NETWARE
-# include <signal.h>
-#endif
-#ifndef _IRIX
-# include <time.h>
-#endif
-#ifdef TIMES
-# include <sys/types.h>
-# include <sys/times.h>
-#endif
-    /*
-     * Depending on the VMS version, the tms structure is perhaps defined.
-     * The __TMS macro will show if it was.  If it wasn't defined, we should
-     * undefine TIMES, since that tells the rest of the program how things
-     * should be handled.  -- Richard Levitte
-     */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-# undef TIMES
-#endif
-#ifndef TIMES
-# include <sys/timeb.h>
-#endif
-#if defined(sun) || defined(__ultrix)
-# define _POSIX_SOURCE
-# include <limits.h>
-# include <sys/param.h>
-#endif
-#include <openssl/cast.h>
-#define CAST_DEFAULT_OPTIONS
-#undef E_CAST
-#define CAST_encrypt  CAST_encrypt_normal
-#define CAST_decrypt  CAST_decrypt_normal
-#define CAST_cbc_encrypt  CAST_cbc_encrypt_normal
-#undef HEADER_CAST_LOCL_H
-#include "c_enc.c"
-#define CAST_PTR
-#undef CAST_PTR2
-#undef E_CAST
-#undef CAST_encrypt
-#undef CAST_decrypt
-#undef CAST_cbc_encrypt
-#define CAST_encrypt  CAST_encrypt_ptr
-#define CAST_decrypt  CAST_decrypt_ptr
-#define CAST_cbc_encrypt  CAST_cbc_encrypt_ptr
-#undef HEADER_CAST_LOCL_H
-#include "c_enc.c"
-#undef CAST_PTR
-#define CAST_PTR2
-#undef E_CAST
-#undef CAST_encrypt
-#undef CAST_decrypt
-#undef CAST_cbc_encrypt
-#define CAST_encrypt  CAST_encrypt_ptr2
-#define CAST_decrypt  CAST_decrypt_ptr2
-#define CAST_cbc_encrypt  CAST_cbc_encrypt_ptr2
-#undef HEADER_CAST_LOCL_H
-#include "c_enc.c"
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-# ifndef CLK_TCK
-#  ifndef _BSD_CLK_TCK_         /* FreeBSD fix */
-#   define HZ   100.0
-#  else                         /* _BSD_CLK_TCK_ */
-#   define HZ ((double)_BSD_CLK_TCK_)
-#  endif
-# else                          /* CLK_TCK */
-#  define HZ ((double)CLK_TCK)
-# endif
-#endif
-#define BUFSIZE ((long)1024)
-long run = 0;
-
-double Time_F(int s);
-#ifdef SIGALRM
-# if defined(__STDC__) || defined(sgi)
-#  define SIGRETTYPE void
-# else
-#  define SIGRETTYPE int
-# endif
-
-SIGRETTYPE sig_done(int sig);
-SIGRETTYPE sig_done(int sig)
-{
-    signal(SIGALRM, sig_done);
-    run = 0;
-# ifdef LINT
-    sig = sig;
-# endif
-}
-#endif
-
-#define START   0
-#define STOP    1
-
-double Time_F(int s)
-{
-    double ret;
-#ifdef TIMES
-    static struct tms tstart, tend;
-
-    if (s == START) {
-        times(&tstart);
-        return (0);
-    } else {
-        times(&tend);
-        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
-        return ((ret == 0.0) ? 1e-6 : ret);
-    }
-#else                           /* !times() */
-    static struct timeb tstart, tend;
-    long i;
-
-    if (s == START) {
-        ftime(&tstart);
-        return (0);
-    } else {
-        ftime(&tend);
-        i = (long)tend.millitm - (long)tstart.millitm;
-        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1000.0;
-        return ((ret == 0.0) ? 1e-6 : ret);
-    }
-#endif
-}
-
-#ifdef SIGALRM
-# define print_name(name) fprintf(stderr,"Doing %s's for 10 seconds\n",name); alarm(10);
-#else
-# define print_name(name) fprintf(stderr,"Doing %s %ld times\n",name,cb);
-#endif
-
-#define time_it(func,name,index) \
-        print_name(name); \
-        Time_F(START); \
-        for (count=0,run=1; COND(cb); count+=4) \
-                { \
-                unsigned long d[2]; \
-                func(d,&sch); \
-                func(d,&sch); \
-                func(d,&sch); \
-                func(d,&sch); \
-                } \
-        tm[index]=Time_F(STOP); \
-        fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \
-        tm[index]=((double)COUNT(cb))/tm[index];
-
-#define print_it(name,index) \
-        fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \
-                tm[index]*8,1.0e6/tm[index]);
-
-int main(int argc, char **argv)
-{
-    long count;
-    static unsigned char buf[BUFSIZE];
-    static char key[16] = { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
-        0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0
-    };
-    CAST_KEY sch;
-    double d, tm[16], max = 0;
-    int rank[16];
-    char *str[16];
-    int max_idx = 0, i, num = 0, j;
-#ifndef SIGALARM
-    long ca, cb, cc, cd, ce;
-#endif
-
-    for (i = 0; i < 12; i++) {
-        tm[i] = 0.0;
-        rank[i] = 0;
-    }
-
-#ifndef TIMES
-    fprintf(stderr, "To get the most accurate results, try to run this\n");
-    fprintf(stderr, "program when this computer is idle.\n");
-#endif
-
-    CAST_set_key(&sch, 16, key);
-
-#ifndef SIGALRM
-    fprintf(stderr, "First we calculate the approximate speed ...\n");
-    count = 10;
-    do {
-        long i;
-        unsigned long data[2];
-
-        count *= 2;
-        Time_F(START);
-        for (i = count; i; i--)
-            CAST_encrypt(data, &sch);
-        d = Time_F(STOP);
-    } while (d < 3.0);
-    ca = count;
-    cb = count * 3;
-    cc = count * 3 * 8 / BUFSIZE + 1;
-    cd = count * 8 / BUFSIZE + 1;
-
-    ce = count / 20 + 1;
-# define COND(d) (count != (d))
-# define COUNT(d) (d)
-#else
-# define COND(c) (run)
-# define COUNT(d) (count)
-    signal(SIGALRM, sig_done);
-    alarm(10);
-#endif
-
-    time_it(CAST_encrypt_normal, "CAST_encrypt_normal ", 0);
-    time_it(CAST_encrypt_ptr, "CAST_encrypt_ptr    ", 1);
-    time_it(CAST_encrypt_ptr2, "CAST_encrypt_ptr2   ", 2);
-    num += 3;
-
-    str[0] = "<nothing>";
-    print_it("CAST_encrypt_normal ", 0);
-    max = tm[0];
-    max_idx = 0;
-    str[1] = "ptr      ";
-    print_it("CAST_encrypt_ptr ", 1);
-    if (max < tm[1]) {
-        max = tm[1];
-        max_idx = 1;
-    }
-    str[2] = "ptr2     ";
-    print_it("CAST_encrypt_ptr2 ", 2);
-    if (max < tm[2]) {
-        max = tm[2];
-        max_idx = 2;
-    }
-
-    printf("options    CAST ecb/s\n");
-    printf("%s %12.2f 100.0%%\n", str[max_idx], tm[max_idx]);
-    d = tm[max_idx];
-    tm[max_idx] = -2.0;
-    max = -1.0;
-    for (;;) {
-        for (i = 0; i < 3; i++) {
-            if (max < tm[i]) {
-                max = tm[i];
-                j = i;
-            }
-        }
-        if (max < 0.0)
-            break;
-        printf("%s %12.2f  %4.1f%%\n", str[j], tm[j], tm[j] / d * 100.0);
-        tm[j] = -2.0;
-        max = -1.0;
-    }
-
-    switch (max_idx) {
-    case 0:
-        printf("-DCAST_DEFAULT_OPTIONS\n");
-        break;
-    case 1:
-        printf("-DCAST_PTR\n");
-        break;
-    case 2:
-        printf("-DCAST_PTR2\n");
-        break;
-    }
-    exit(0);
-#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
-    return (0);
-#endif
-}
diff --git a/thirdparty/openssl/crypto/cast/casts.cpp b/thirdparty/openssl/crypto/cast/casts.cpp
deleted file mode 100644
index 8d7bd468d2..0000000000
--- a/thirdparty/openssl/crypto/cast/casts.cpp
+++ /dev/null
@@ -1,70 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/cast.h>
-
-void main(int argc,char *argv[])
-	{
-	CAST_KEY key;
-	unsigned long s1,s2,e1,e2;
-	unsigned long data[2];
-	int i,j;
-	static unsigned char d[16]={0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF};
-
-	CAST_set_key(&key, 16,d);
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<1000; i++) /**/
-			{
-			CAST_encrypt(&data[0],&key);
-			GetTSC(s1);
-			CAST_encrypt(&data[0],&key);
-			CAST_encrypt(&data[0],&key);
-			CAST_encrypt(&data[0],&key);
-			GetTSC(e1);
-			GetTSC(s2);
-			CAST_encrypt(&data[0],&key);
-			CAST_encrypt(&data[0],&key);
-			CAST_encrypt(&data[0],&key);
-			CAST_encrypt(&data[0],&key);
-			GetTSC(e2);
-			CAST_encrypt(&data[0],&key);
-			}
-
-		printf("cast %d %d (%d)\n",
-			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
-		}
-	}
-
diff --git a/thirdparty/openssl/crypto/cmac/cm_ameth.c b/thirdparty/openssl/crypto/cmac/cm_ameth.c
deleted file mode 100644
index bf933e0866..0000000000
--- a/thirdparty/openssl/crypto/cmac/cm_ameth.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2010.
- */
-/* ====================================================================
- * Copyright (c) 2010 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/cmac.h>
-#include "asn1_locl.h"
-
-/*
- * CMAC "ASN1" method. This is just here to indicate the maximum CMAC output
- * length and to free up a CMAC key.
- */
-
-static int cmac_size(const EVP_PKEY *pkey)
-{
-    return EVP_MAX_BLOCK_LENGTH;
-}
-
-static void cmac_key_free(EVP_PKEY *pkey)
-{
-    CMAC_CTX *cmctx = (CMAC_CTX *)pkey->pkey.ptr;
-    if (cmctx)
-        CMAC_CTX_free(cmctx);
-}
-
-const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = {
-    EVP_PKEY_CMAC,
-    EVP_PKEY_CMAC,
-    0,
-
-    "CMAC",
-    "OpenSSL CMAC method",
-
-    0, 0, 0, 0,
-
-    0, 0, 0,
-
-    cmac_size,
-    0,
-    0, 0, 0, 0, 0, 0, 0,
-
-    cmac_key_free,
-    0,
-    0, 0
-};
diff --git a/thirdparty/openssl/crypto/cmac/cm_pmeth.c b/thirdparty/openssl/crypto/cmac/cm_pmeth.c
deleted file mode 100644
index a2300df187..0000000000
--- a/thirdparty/openssl/crypto/cmac/cm_pmeth.c
+++ /dev/null
@@ -1,216 +0,0 @@
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2010.
- */
-/* ====================================================================
- * Copyright (c) 2010 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/evp.h>
-#include <openssl/cmac.h>
-#include "evp_locl.h"
-
-/* The context structure and "key" is simply a CMAC_CTX */
-
-static int pkey_cmac_init(EVP_PKEY_CTX *ctx)
-{
-    ctx->data = CMAC_CTX_new();
-    if (!ctx->data)
-        return 0;
-    ctx->keygen_info_count = 0;
-    return 1;
-}
-
-static int pkey_cmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
-{
-    if (!pkey_cmac_init(dst))
-        return 0;
-    if (!CMAC_CTX_copy(dst->data, src->data))
-        return 0;
-    return 1;
-}
-
-static void pkey_cmac_cleanup(EVP_PKEY_CTX *ctx)
-{
-    CMAC_CTX_free(ctx->data);
-}
-
-static int pkey_cmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
-    CMAC_CTX *cmkey = CMAC_CTX_new();
-    CMAC_CTX *cmctx = ctx->data;
-    if (!cmkey)
-        return 0;
-    if (!CMAC_CTX_copy(cmkey, cmctx)) {
-        CMAC_CTX_free(cmkey);
-        return 0;
-    }
-    EVP_PKEY_assign(pkey, EVP_PKEY_CMAC, cmkey);
-
-    return 1;
-}
-
-static int int_update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-    if (!CMAC_Update(ctx->pctx->data, data, count))
-        return 0;
-    return 1;
-}
-
-static int cmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
-{
-    EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
-    mctx->update = int_update;
-    return 1;
-}
-
-static int cmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
-                        EVP_MD_CTX *mctx)
-{
-    return CMAC_Final(ctx->data, sig, siglen);
-}
-
-static int pkey_cmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
-{
-    CMAC_CTX *cmctx = ctx->data;
-    switch (type) {
-
-    case EVP_PKEY_CTRL_SET_MAC_KEY:
-        if (!p2 || p1 < 0)
-            return 0;
-        if (!CMAC_Init(cmctx, p2, p1, NULL, NULL))
-            return 0;
-        break;
-
-    case EVP_PKEY_CTRL_CIPHER:
-        if (!CMAC_Init(cmctx, NULL, 0, p2, ctx->engine))
-            return 0;
-        break;
-
-    case EVP_PKEY_CTRL_MD:
-        if (ctx->pkey && !CMAC_CTX_copy(ctx->data,
-                                        (CMAC_CTX *)ctx->pkey->pkey.ptr))
-            return 0;
-        if (!CMAC_Init(cmctx, NULL, 0, NULL, NULL))
-            return 0;
-        break;
-
-    default:
-        return -2;
-
-    }
-    return 1;
-}
-
-static int pkey_cmac_ctrl_str(EVP_PKEY_CTX *ctx,
-                              const char *type, const char *value)
-{
-    if (!value) {
-        return 0;
-    }
-    if (!strcmp(type, "key")) {
-        void *p = (void *)value;
-        return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, strlen(p), p);
-    }
-    if (!strcmp(type, "cipher")) {
-        const EVP_CIPHER *c;
-        c = EVP_get_cipherbyname(value);
-        if (!c)
-            return 0;
-        return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_CIPHER, -1, (void *)c);
-    }
-    if (!strcmp(type, "hexkey")) {
-        unsigned char *key;
-        int r;
-        long keylen;
-        key = string_to_hex(value, &keylen);
-        if (!key)
-            return 0;
-        r = pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key);
-        OPENSSL_free(key);
-        return r;
-    }
-    return -2;
-}
-
-const EVP_PKEY_METHOD cmac_pkey_meth = {
-    EVP_PKEY_CMAC,
-    EVP_PKEY_FLAG_SIGCTX_CUSTOM,
-    pkey_cmac_init,
-    pkey_cmac_copy,
-    pkey_cmac_cleanup,
-
-    0, 0,
-
-    0,
-    pkey_cmac_keygen,
-
-    0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    cmac_signctx_init,
-    cmac_signctx,
-
-    0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    pkey_cmac_ctrl,
-    pkey_cmac_ctrl_str
-};
diff --git a/thirdparty/openssl/crypto/cmac/cmac.c b/thirdparty/openssl/crypto/cmac/cmac.c
deleted file mode 100644
index 2954b6eb7d..0000000000
--- a/thirdparty/openssl/crypto/cmac/cmac.c
+++ /dev/null
@@ -1,306 +0,0 @@
-/* crypto/cmac/cmac.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2010 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "cryptlib.h"
-#include <openssl/cmac.h>
-
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
-struct CMAC_CTX_st {
-    /* Cipher context to use */
-    EVP_CIPHER_CTX cctx;
-    /* Keys k1 and k2 */
-    unsigned char k1[EVP_MAX_BLOCK_LENGTH];
-    unsigned char k2[EVP_MAX_BLOCK_LENGTH];
-    /* Temporary block */
-    unsigned char tbl[EVP_MAX_BLOCK_LENGTH];
-    /* Last (possibly partial) block */
-    unsigned char last_block[EVP_MAX_BLOCK_LENGTH];
-    /* Number of bytes in last block: -1 means context not initialised */
-    int nlast_block;
-};
-
-/* Make temporary keys K1 and K2 */
-
-static void make_kn(unsigned char *k1, unsigned char *l, int bl)
-{
-    int i;
-    /* Shift block to left, including carry */
-    for (i = 0; i < bl; i++) {
-        k1[i] = l[i] << 1;
-        if (i < bl - 1 && l[i + 1] & 0x80)
-            k1[i] |= 1;
-    }
-    /* If MSB set fixup with R */
-    if (l[0] & 0x80)
-        k1[bl - 1] ^= bl == 16 ? 0x87 : 0x1b;
-}
-
-CMAC_CTX *CMAC_CTX_new(void)
-{
-    CMAC_CTX *ctx;
-    ctx = OPENSSL_malloc(sizeof(CMAC_CTX));
-    if (!ctx)
-        return NULL;
-    EVP_CIPHER_CTX_init(&ctx->cctx);
-    ctx->nlast_block = -1;
-    return ctx;
-}
-
-void CMAC_CTX_cleanup(CMAC_CTX *ctx)
-{
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode() && !ctx->cctx.engine) {
-        FIPS_cmac_ctx_cleanup(ctx);
-        return;
-    }
-#endif
-    EVP_CIPHER_CTX_cleanup(&ctx->cctx);
-    OPENSSL_cleanse(ctx->tbl, EVP_MAX_BLOCK_LENGTH);
-    OPENSSL_cleanse(ctx->k1, EVP_MAX_BLOCK_LENGTH);
-    OPENSSL_cleanse(ctx->k2, EVP_MAX_BLOCK_LENGTH);
-    OPENSSL_cleanse(ctx->last_block, EVP_MAX_BLOCK_LENGTH);
-    ctx->nlast_block = -1;
-}
-
-EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx)
-{
-    return &ctx->cctx;
-}
-
-void CMAC_CTX_free(CMAC_CTX *ctx)
-{
-    if (!ctx)
-        return;
-    CMAC_CTX_cleanup(ctx);
-    OPENSSL_free(ctx);
-}
-
-int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in)
-{
-    int bl;
-    if (in->nlast_block == -1)
-        return 0;
-    if (!EVP_CIPHER_CTX_copy(&out->cctx, &in->cctx))
-        return 0;
-    bl = EVP_CIPHER_CTX_block_size(&in->cctx);
-    memcpy(out->k1, in->k1, bl);
-    memcpy(out->k2, in->k2, bl);
-    memcpy(out->tbl, in->tbl, bl);
-    memcpy(out->last_block, in->last_block, bl);
-    out->nlast_block = in->nlast_block;
-    return 1;
-}
-
-int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
-              const EVP_CIPHER *cipher, ENGINE *impl)
-{
-    static unsigned char zero_iv[EVP_MAX_BLOCK_LENGTH];
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode()) {
-        /* If we have an ENGINE need to allow non FIPS */
-        if ((impl || ctx->cctx.engine)
-            && !(ctx->cctx.flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW)) {
-            EVPerr(EVP_F_CMAC_INIT, EVP_R_DISABLED_FOR_FIPS);
-            return 0;
-        }
-
-        /* Switch to FIPS cipher implementation if possible */
-        if (cipher != NULL) {
-            const EVP_CIPHER *fcipher;
-            fcipher = FIPS_get_cipherbynid(EVP_CIPHER_nid(cipher));
-            if (fcipher != NULL)
-                cipher = fcipher;
-        }
-        /*
-         * Other algorithm blocking will be done in FIPS_cmac_init, via
-         * FIPS_cipherinit().
-         */
-        if (!impl && !ctx->cctx.engine)
-            return FIPS_cmac_init(ctx, key, keylen, cipher, NULL);
-    }
-#endif
-    /* All zeros means restart */
-    if (!key && !cipher && !impl && keylen == 0) {
-        /* Not initialised */
-        if (ctx->nlast_block == -1)
-            return 0;
-        if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, zero_iv))
-            return 0;
-        memset(ctx->tbl, 0, EVP_CIPHER_CTX_block_size(&ctx->cctx));
-        ctx->nlast_block = 0;
-        return 1;
-    }
-    /* Initialiase context */
-    if (cipher && !EVP_EncryptInit_ex(&ctx->cctx, cipher, impl, NULL, NULL))
-        return 0;
-    /* Non-NULL key means initialisation complete */
-    if (key) {
-        int bl;
-        if (!EVP_CIPHER_CTX_cipher(&ctx->cctx))
-            return 0;
-        if (!EVP_CIPHER_CTX_set_key_length(&ctx->cctx, keylen))
-            return 0;
-        if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, key, zero_iv))
-            return 0;
-        bl = EVP_CIPHER_CTX_block_size(&ctx->cctx);
-        if (!EVP_Cipher(&ctx->cctx, ctx->tbl, zero_iv, bl))
-            return 0;
-        make_kn(ctx->k1, ctx->tbl, bl);
-        make_kn(ctx->k2, ctx->k1, bl);
-        OPENSSL_cleanse(ctx->tbl, bl);
-        /* Reset context again ready for first data block */
-        if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, zero_iv))
-            return 0;
-        /* Zero tbl so resume works */
-        memset(ctx->tbl, 0, bl);
-        ctx->nlast_block = 0;
-    }
-    return 1;
-}
-
-int CMAC_Update(CMAC_CTX *ctx, const void *in, size_t dlen)
-{
-    const unsigned char *data = in;
-    size_t bl;
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode() && !ctx->cctx.engine)
-        return FIPS_cmac_update(ctx, in, dlen);
-#endif
-    if (ctx->nlast_block == -1)
-        return 0;
-    if (dlen == 0)
-        return 1;
-    bl = EVP_CIPHER_CTX_block_size(&ctx->cctx);
-    /* Copy into partial block if we need to */
-    if (ctx->nlast_block > 0) {
-        size_t nleft;
-        nleft = bl - ctx->nlast_block;
-        if (dlen < nleft)
-            nleft = dlen;
-        memcpy(ctx->last_block + ctx->nlast_block, data, nleft);
-        dlen -= nleft;
-        ctx->nlast_block += nleft;
-        /* If no more to process return */
-        if (dlen == 0)
-            return 1;
-        data += nleft;
-        /* Else not final block so encrypt it */
-        if (!EVP_Cipher(&ctx->cctx, ctx->tbl, ctx->last_block, bl))
-            return 0;
-    }
-    /* Encrypt all but one of the complete blocks left */
-    while (dlen > bl) {
-        if (!EVP_Cipher(&ctx->cctx, ctx->tbl, data, bl))
-            return 0;
-        dlen -= bl;
-        data += bl;
-    }
-    /* Copy any data left to last block buffer */
-    memcpy(ctx->last_block, data, dlen);
-    ctx->nlast_block = dlen;
-    return 1;
-
-}
-
-int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen)
-{
-    int i, bl, lb;
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode() && !ctx->cctx.engine)
-        return FIPS_cmac_final(ctx, out, poutlen);
-#endif
-    if (ctx->nlast_block == -1)
-        return 0;
-    bl = EVP_CIPHER_CTX_block_size(&ctx->cctx);
-    *poutlen = (size_t)bl;
-    if (!out)
-        return 1;
-    lb = ctx->nlast_block;
-    /* Is last block complete? */
-    if (lb == bl) {
-        for (i = 0; i < bl; i++)
-            out[i] = ctx->last_block[i] ^ ctx->k1[i];
-    } else {
-        ctx->last_block[lb] = 0x80;
-        if (bl - lb > 1)
-            memset(ctx->last_block + lb + 1, 0, bl - lb - 1);
-        for (i = 0; i < bl; i++)
-            out[i] = ctx->last_block[i] ^ ctx->k2[i];
-    }
-    if (!EVP_Cipher(&ctx->cctx, out, out, bl)) {
-        OPENSSL_cleanse(out, bl);
-        return 0;
-    }
-    return 1;
-}
-
-int CMAC_resume(CMAC_CTX *ctx)
-{
-    if (ctx->nlast_block == -1)
-        return 0;
-    /*
-     * The buffer "tbl" containes the last fully encrypted block which is the
-     * last IV (or all zeroes if no last encrypted block). The last block has
-     * not been modified since CMAC_final(). So reinitliasing using the last
-     * decrypted block will allow CMAC to continue after calling
-     * CMAC_Final().
-     */
-    return EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, ctx->tbl);
-}
diff --git a/thirdparty/openssl/crypto/cms/cms_asn1.c b/thirdparty/openssl/crypto/cms/cms_asn1.c
deleted file mode 100644
index 81a3407f12..0000000000
--- a/thirdparty/openssl/crypto/cms/cms_asn1.c
+++ /dev/null
@@ -1,459 +0,0 @@
-/* crypto/cms/cms_asn1.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/asn1t.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-#include "cms.h"
-#include "cms_lcl.h"
-
-
-ASN1_SEQUENCE(CMS_IssuerAndSerialNumber) = {
-        ASN1_SIMPLE(CMS_IssuerAndSerialNumber, issuer, X509_NAME),
-        ASN1_SIMPLE(CMS_IssuerAndSerialNumber, serialNumber, ASN1_INTEGER)
-} ASN1_SEQUENCE_END(CMS_IssuerAndSerialNumber)
-
-ASN1_SEQUENCE(CMS_OtherCertificateFormat) = {
-        ASN1_SIMPLE(CMS_OtherCertificateFormat, otherCertFormat, ASN1_OBJECT),
-        ASN1_OPT(CMS_OtherCertificateFormat, otherCert, ASN1_ANY)
-} ASN1_SEQUENCE_END(CMS_OtherCertificateFormat)
-
-ASN1_CHOICE(CMS_CertificateChoices) = {
-        ASN1_SIMPLE(CMS_CertificateChoices, d.certificate, X509),
-        ASN1_IMP(CMS_CertificateChoices, d.extendedCertificate, ASN1_SEQUENCE, 0),
-        ASN1_IMP(CMS_CertificateChoices, d.v1AttrCert, ASN1_SEQUENCE, 1),
-        ASN1_IMP(CMS_CertificateChoices, d.v2AttrCert, ASN1_SEQUENCE, 2),
-        ASN1_IMP(CMS_CertificateChoices, d.other, CMS_OtherCertificateFormat, 3)
-} ASN1_CHOICE_END(CMS_CertificateChoices)
-
-ASN1_CHOICE(CMS_SignerIdentifier) = {
-        ASN1_SIMPLE(CMS_SignerIdentifier, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber),
-        ASN1_IMP(CMS_SignerIdentifier, d.subjectKeyIdentifier, ASN1_OCTET_STRING, 0)
-} ASN1_CHOICE_END(CMS_SignerIdentifier)
-
-ASN1_NDEF_SEQUENCE(CMS_EncapsulatedContentInfo) = {
-        ASN1_SIMPLE(CMS_EncapsulatedContentInfo, eContentType, ASN1_OBJECT),
-        ASN1_NDEF_EXP_OPT(CMS_EncapsulatedContentInfo, eContent, ASN1_OCTET_STRING_NDEF, 0)
-} ASN1_NDEF_SEQUENCE_END(CMS_EncapsulatedContentInfo)
-
-/* Minor tweak to operation: free up signer key, cert */
-static int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                     void *exarg)
-{
-    if (operation == ASN1_OP_FREE_POST) {
-        CMS_SignerInfo *si = (CMS_SignerInfo *)*pval;
-        if (si->pkey)
-            EVP_PKEY_free(si->pkey);
-        if (si->signer)
-            X509_free(si->signer);
-        if (si->pctx)
-            EVP_MD_CTX_cleanup(&si->mctx);
-    }
-    return 1;
-}
-
-ASN1_SEQUENCE_cb(CMS_SignerInfo, cms_si_cb) = {
-        ASN1_SIMPLE(CMS_SignerInfo, version, LONG),
-        ASN1_SIMPLE(CMS_SignerInfo, sid, CMS_SignerIdentifier),
-        ASN1_SIMPLE(CMS_SignerInfo, digestAlgorithm, X509_ALGOR),
-        ASN1_IMP_SET_OF_OPT(CMS_SignerInfo, signedAttrs, X509_ATTRIBUTE, 0),
-        ASN1_SIMPLE(CMS_SignerInfo, signatureAlgorithm, X509_ALGOR),
-        ASN1_SIMPLE(CMS_SignerInfo, signature, ASN1_OCTET_STRING),
-        ASN1_IMP_SET_OF_OPT(CMS_SignerInfo, unsignedAttrs, X509_ATTRIBUTE, 1)
-} ASN1_SEQUENCE_END_cb(CMS_SignerInfo, CMS_SignerInfo)
-
-ASN1_SEQUENCE(CMS_OtherRevocationInfoFormat) = {
-        ASN1_SIMPLE(CMS_OtherRevocationInfoFormat, otherRevInfoFormat, ASN1_OBJECT),
-        ASN1_OPT(CMS_OtherRevocationInfoFormat, otherRevInfo, ASN1_ANY)
-} ASN1_SEQUENCE_END(CMS_OtherRevocationInfoFormat)
-
-ASN1_CHOICE(CMS_RevocationInfoChoice) = {
-        ASN1_SIMPLE(CMS_RevocationInfoChoice, d.crl, X509_CRL),
-        ASN1_IMP(CMS_RevocationInfoChoice, d.other, CMS_OtherRevocationInfoFormat, 1)
-} ASN1_CHOICE_END(CMS_RevocationInfoChoice)
-
-ASN1_NDEF_SEQUENCE(CMS_SignedData) = {
-        ASN1_SIMPLE(CMS_SignedData, version, LONG),
-        ASN1_SET_OF(CMS_SignedData, digestAlgorithms, X509_ALGOR),
-        ASN1_SIMPLE(CMS_SignedData, encapContentInfo, CMS_EncapsulatedContentInfo),
-        ASN1_IMP_SET_OF_OPT(CMS_SignedData, certificates, CMS_CertificateChoices, 0),
-        ASN1_IMP_SET_OF_OPT(CMS_SignedData, crls, CMS_RevocationInfoChoice, 1),
-        ASN1_SET_OF(CMS_SignedData, signerInfos, CMS_SignerInfo)
-} ASN1_NDEF_SEQUENCE_END(CMS_SignedData)
-
-ASN1_SEQUENCE(CMS_OriginatorInfo) = {
-        ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, certificates, CMS_CertificateChoices, 0),
-        ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, crls, CMS_RevocationInfoChoice, 1)
-} ASN1_SEQUENCE_END(CMS_OriginatorInfo)
-
-ASN1_NDEF_SEQUENCE(CMS_EncryptedContentInfo) = {
-        ASN1_SIMPLE(CMS_EncryptedContentInfo, contentType, ASN1_OBJECT),
-        ASN1_SIMPLE(CMS_EncryptedContentInfo, contentEncryptionAlgorithm, X509_ALGOR),
-        ASN1_IMP_OPT(CMS_EncryptedContentInfo, encryptedContent, ASN1_OCTET_STRING_NDEF, 0)
-} ASN1_NDEF_SEQUENCE_END(CMS_EncryptedContentInfo)
-
-ASN1_SEQUENCE(CMS_KeyTransRecipientInfo) = {
-        ASN1_SIMPLE(CMS_KeyTransRecipientInfo, version, LONG),
-        ASN1_SIMPLE(CMS_KeyTransRecipientInfo, rid, CMS_SignerIdentifier),
-        ASN1_SIMPLE(CMS_KeyTransRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR),
-        ASN1_SIMPLE(CMS_KeyTransRecipientInfo, encryptedKey, ASN1_OCTET_STRING)
-} ASN1_SEQUENCE_END(CMS_KeyTransRecipientInfo)
-
-ASN1_SEQUENCE(CMS_OtherKeyAttribute) = {
-        ASN1_SIMPLE(CMS_OtherKeyAttribute, keyAttrId, ASN1_OBJECT),
-        ASN1_OPT(CMS_OtherKeyAttribute, keyAttr, ASN1_ANY)
-} ASN1_SEQUENCE_END(CMS_OtherKeyAttribute)
-
-ASN1_SEQUENCE(CMS_RecipientKeyIdentifier) = {
-        ASN1_SIMPLE(CMS_RecipientKeyIdentifier, subjectKeyIdentifier, ASN1_OCTET_STRING),
-        ASN1_OPT(CMS_RecipientKeyIdentifier, date, ASN1_GENERALIZEDTIME),
-        ASN1_OPT(CMS_RecipientKeyIdentifier, other, CMS_OtherKeyAttribute)
-} ASN1_SEQUENCE_END(CMS_RecipientKeyIdentifier)
-
-ASN1_CHOICE(CMS_KeyAgreeRecipientIdentifier) = {
-  ASN1_SIMPLE(CMS_KeyAgreeRecipientIdentifier, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber),
-  ASN1_IMP(CMS_KeyAgreeRecipientIdentifier, d.rKeyId, CMS_RecipientKeyIdentifier, 0)
-} ASN1_CHOICE_END(CMS_KeyAgreeRecipientIdentifier)
-
-static int cms_rek_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                      void *exarg)
-{
-    CMS_RecipientEncryptedKey *rek = (CMS_RecipientEncryptedKey *)*pval;
-    if (operation == ASN1_OP_FREE_POST) {
-        if (rek->pkey)
-            EVP_PKEY_free(rek->pkey);
-    }
-    return 1;
-}
-
-ASN1_SEQUENCE_cb(CMS_RecipientEncryptedKey, cms_rek_cb) = {
-        ASN1_SIMPLE(CMS_RecipientEncryptedKey, rid, CMS_KeyAgreeRecipientIdentifier),
-        ASN1_SIMPLE(CMS_RecipientEncryptedKey, encryptedKey, ASN1_OCTET_STRING)
-} ASN1_SEQUENCE_END_cb(CMS_RecipientEncryptedKey, CMS_RecipientEncryptedKey)
-
-ASN1_SEQUENCE(CMS_OriginatorPublicKey) = {
-  ASN1_SIMPLE(CMS_OriginatorPublicKey, algorithm, X509_ALGOR),
-  ASN1_SIMPLE(CMS_OriginatorPublicKey, publicKey, ASN1_BIT_STRING)
-} ASN1_SEQUENCE_END(CMS_OriginatorPublicKey)
-
-ASN1_CHOICE(CMS_OriginatorIdentifierOrKey) = {
-  ASN1_SIMPLE(CMS_OriginatorIdentifierOrKey, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber),
-  ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.subjectKeyIdentifier, ASN1_OCTET_STRING, 0),
-  ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.originatorKey, CMS_OriginatorPublicKey, 1)
-} ASN1_CHOICE_END(CMS_OriginatorIdentifierOrKey)
-
-static int cms_kari_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                       void *exarg)
-{
-    CMS_KeyAgreeRecipientInfo *kari = (CMS_KeyAgreeRecipientInfo *)*pval;
-    if (operation == ASN1_OP_NEW_POST) {
-        EVP_CIPHER_CTX_init(&kari->ctx);
-        EVP_CIPHER_CTX_set_flags(&kari->ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
-        kari->pctx = NULL;
-    } else if (operation == ASN1_OP_FREE_POST) {
-        if (kari->pctx)
-            EVP_PKEY_CTX_free(kari->pctx);
-        EVP_CIPHER_CTX_cleanup(&kari->ctx);
-    }
-    return 1;
-}
-
-ASN1_SEQUENCE_cb(CMS_KeyAgreeRecipientInfo, cms_kari_cb) = {
-        ASN1_SIMPLE(CMS_KeyAgreeRecipientInfo, version, LONG),
-        ASN1_EXP(CMS_KeyAgreeRecipientInfo, originator, CMS_OriginatorIdentifierOrKey, 0),
-        ASN1_EXP_OPT(CMS_KeyAgreeRecipientInfo, ukm, ASN1_OCTET_STRING, 1),
-        ASN1_SIMPLE(CMS_KeyAgreeRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR),
-        ASN1_SEQUENCE_OF(CMS_KeyAgreeRecipientInfo, recipientEncryptedKeys, CMS_RecipientEncryptedKey)
-} ASN1_SEQUENCE_END_cb(CMS_KeyAgreeRecipientInfo, CMS_KeyAgreeRecipientInfo)
-
-ASN1_SEQUENCE(CMS_KEKIdentifier) = {
-        ASN1_SIMPLE(CMS_KEKIdentifier, keyIdentifier, ASN1_OCTET_STRING),
-        ASN1_OPT(CMS_KEKIdentifier, date, ASN1_GENERALIZEDTIME),
-        ASN1_OPT(CMS_KEKIdentifier, other, CMS_OtherKeyAttribute)
-} ASN1_SEQUENCE_END(CMS_KEKIdentifier)
-
-ASN1_SEQUENCE(CMS_KEKRecipientInfo) = {
-        ASN1_SIMPLE(CMS_KEKRecipientInfo, version, LONG),
-        ASN1_SIMPLE(CMS_KEKRecipientInfo, kekid, CMS_KEKIdentifier),
-        ASN1_SIMPLE(CMS_KEKRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR),
-        ASN1_SIMPLE(CMS_KEKRecipientInfo, encryptedKey, ASN1_OCTET_STRING)
-} ASN1_SEQUENCE_END(CMS_KEKRecipientInfo)
-
-ASN1_SEQUENCE(CMS_PasswordRecipientInfo) = {
-        ASN1_SIMPLE(CMS_PasswordRecipientInfo, version, LONG),
-        ASN1_IMP_OPT(CMS_PasswordRecipientInfo, keyDerivationAlgorithm, X509_ALGOR, 0),
-        ASN1_SIMPLE(CMS_PasswordRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR),
-        ASN1_SIMPLE(CMS_PasswordRecipientInfo, encryptedKey, ASN1_OCTET_STRING)
-} ASN1_SEQUENCE_END(CMS_PasswordRecipientInfo)
-
-ASN1_SEQUENCE(CMS_OtherRecipientInfo) = {
-  ASN1_SIMPLE(CMS_OtherRecipientInfo, oriType, ASN1_OBJECT),
-  ASN1_OPT(CMS_OtherRecipientInfo, oriValue, ASN1_ANY)
-} ASN1_SEQUENCE_END(CMS_OtherRecipientInfo)
-
-/* Free up RecipientInfo additional data */
-static int cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                     void *exarg)
-{
-    if (operation == ASN1_OP_FREE_PRE) {
-        CMS_RecipientInfo *ri = (CMS_RecipientInfo *)*pval;
-        if (ri->type == CMS_RECIPINFO_TRANS) {
-            CMS_KeyTransRecipientInfo *ktri = ri->d.ktri;
-            if (ktri->pkey)
-                EVP_PKEY_free(ktri->pkey);
-            if (ktri->recip)
-                X509_free(ktri->recip);
-            if (ktri->pctx)
-                EVP_PKEY_CTX_free(ktri->pctx);
-        } else if (ri->type == CMS_RECIPINFO_KEK) {
-            CMS_KEKRecipientInfo *kekri = ri->d.kekri;
-            if (kekri->key) {
-                OPENSSL_cleanse(kekri->key, kekri->keylen);
-                OPENSSL_free(kekri->key);
-            }
-        } else if (ri->type == CMS_RECIPINFO_PASS) {
-            CMS_PasswordRecipientInfo *pwri = ri->d.pwri;
-            if (pwri->pass) {
-                OPENSSL_cleanse(pwri->pass, pwri->passlen);
-                OPENSSL_free(pwri->pass);
-            }
-        }
-    }
-    return 1;
-}
-
-ASN1_CHOICE_cb(CMS_RecipientInfo, cms_ri_cb) = {
-        ASN1_SIMPLE(CMS_RecipientInfo, d.ktri, CMS_KeyTransRecipientInfo),
-        ASN1_IMP(CMS_RecipientInfo, d.kari, CMS_KeyAgreeRecipientInfo, 1),
-        ASN1_IMP(CMS_RecipientInfo, d.kekri, CMS_KEKRecipientInfo, 2),
-        ASN1_IMP(CMS_RecipientInfo, d.pwri, CMS_PasswordRecipientInfo, 3),
-        ASN1_IMP(CMS_RecipientInfo, d.ori, CMS_OtherRecipientInfo, 4)
-} ASN1_CHOICE_END_cb(CMS_RecipientInfo, CMS_RecipientInfo, type)
-
-ASN1_NDEF_SEQUENCE(CMS_EnvelopedData) = {
-        ASN1_SIMPLE(CMS_EnvelopedData, version, LONG),
-        ASN1_IMP_OPT(CMS_EnvelopedData, originatorInfo, CMS_OriginatorInfo, 0),
-        ASN1_SET_OF(CMS_EnvelopedData, recipientInfos, CMS_RecipientInfo),
-        ASN1_SIMPLE(CMS_EnvelopedData, encryptedContentInfo, CMS_EncryptedContentInfo),
-        ASN1_IMP_SET_OF_OPT(CMS_EnvelopedData, unprotectedAttrs, X509_ATTRIBUTE, 1)
-} ASN1_NDEF_SEQUENCE_END(CMS_EnvelopedData)
-
-ASN1_NDEF_SEQUENCE(CMS_DigestedData) = {
-        ASN1_SIMPLE(CMS_DigestedData, version, LONG),
-        ASN1_SIMPLE(CMS_DigestedData, digestAlgorithm, X509_ALGOR),
-        ASN1_SIMPLE(CMS_DigestedData, encapContentInfo, CMS_EncapsulatedContentInfo),
-        ASN1_SIMPLE(CMS_DigestedData, digest, ASN1_OCTET_STRING)
-} ASN1_NDEF_SEQUENCE_END(CMS_DigestedData)
-
-ASN1_NDEF_SEQUENCE(CMS_EncryptedData) = {
-        ASN1_SIMPLE(CMS_EncryptedData, version, LONG),
-        ASN1_SIMPLE(CMS_EncryptedData, encryptedContentInfo, CMS_EncryptedContentInfo),
-        ASN1_IMP_SET_OF_OPT(CMS_EncryptedData, unprotectedAttrs, X509_ATTRIBUTE, 1)
-} ASN1_NDEF_SEQUENCE_END(CMS_EncryptedData)
-
-ASN1_NDEF_SEQUENCE(CMS_AuthenticatedData) = {
-        ASN1_SIMPLE(CMS_AuthenticatedData, version, LONG),
-        ASN1_IMP_OPT(CMS_AuthenticatedData, originatorInfo, CMS_OriginatorInfo, 0),
-        ASN1_SET_OF(CMS_AuthenticatedData, recipientInfos, CMS_RecipientInfo),
-        ASN1_SIMPLE(CMS_AuthenticatedData, macAlgorithm, X509_ALGOR),
-        ASN1_IMP(CMS_AuthenticatedData, digestAlgorithm, X509_ALGOR, 1),
-        ASN1_SIMPLE(CMS_AuthenticatedData, encapContentInfo, CMS_EncapsulatedContentInfo),
-        ASN1_IMP_SET_OF_OPT(CMS_AuthenticatedData, authAttrs, X509_ALGOR, 2),
-        ASN1_SIMPLE(CMS_AuthenticatedData, mac, ASN1_OCTET_STRING),
-        ASN1_IMP_SET_OF_OPT(CMS_AuthenticatedData, unauthAttrs, X509_ALGOR, 3)
-} ASN1_NDEF_SEQUENCE_END(CMS_AuthenticatedData)
-
-ASN1_NDEF_SEQUENCE(CMS_CompressedData) = {
-        ASN1_SIMPLE(CMS_CompressedData, version, LONG),
-        ASN1_SIMPLE(CMS_CompressedData, compressionAlgorithm, X509_ALGOR),
-        ASN1_SIMPLE(CMS_CompressedData, encapContentInfo, CMS_EncapsulatedContentInfo),
-} ASN1_NDEF_SEQUENCE_END(CMS_CompressedData)
-
-/* This is the ANY DEFINED BY table for the top level ContentInfo structure */
-
-ASN1_ADB_TEMPLATE(cms_default) = ASN1_EXP(CMS_ContentInfo, d.other, ASN1_ANY, 0);
-
-ASN1_ADB(CMS_ContentInfo) = {
-        ADB_ENTRY(NID_pkcs7_data, ASN1_NDEF_EXP(CMS_ContentInfo, d.data, ASN1_OCTET_STRING_NDEF, 0)),
-        ADB_ENTRY(NID_pkcs7_signed, ASN1_NDEF_EXP(CMS_ContentInfo, d.signedData, CMS_SignedData, 0)),
-        ADB_ENTRY(NID_pkcs7_enveloped, ASN1_NDEF_EXP(CMS_ContentInfo, d.envelopedData, CMS_EnvelopedData, 0)),
-        ADB_ENTRY(NID_pkcs7_digest, ASN1_NDEF_EXP(CMS_ContentInfo, d.digestedData, CMS_DigestedData, 0)),
-        ADB_ENTRY(NID_pkcs7_encrypted, ASN1_NDEF_EXP(CMS_ContentInfo, d.encryptedData, CMS_EncryptedData, 0)),
-        ADB_ENTRY(NID_id_smime_ct_authData, ASN1_NDEF_EXP(CMS_ContentInfo, d.authenticatedData, CMS_AuthenticatedData, 0)),
-        ADB_ENTRY(NID_id_smime_ct_compressedData, ASN1_NDEF_EXP(CMS_ContentInfo, d.compressedData, CMS_CompressedData, 0)),
-} ASN1_ADB_END(CMS_ContentInfo, 0, contentType, 0, &cms_default_tt, NULL);
-
-/* CMS streaming support */
-static int cms_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                  void *exarg)
-{
-    ASN1_STREAM_ARG *sarg = exarg;
-    CMS_ContentInfo *cms = NULL;
-    if (pval)
-        cms = (CMS_ContentInfo *)*pval;
-    else
-        return 1;
-    switch (operation) {
-
-    case ASN1_OP_STREAM_PRE:
-        if (CMS_stream(&sarg->boundary, cms) <= 0)
-            return 0;
-    case ASN1_OP_DETACHED_PRE:
-        sarg->ndef_bio = CMS_dataInit(cms, sarg->out);
-        if (!sarg->ndef_bio)
-            return 0;
-        break;
-
-    case ASN1_OP_STREAM_POST:
-    case ASN1_OP_DETACHED_POST:
-        if (CMS_dataFinal(cms, sarg->ndef_bio) <= 0)
-            return 0;
-        break;
-
-    }
-    return 1;
-}
-
-ASN1_NDEF_SEQUENCE_cb(CMS_ContentInfo, cms_cb) = {
-        ASN1_SIMPLE(CMS_ContentInfo, contentType, ASN1_OBJECT),
-        ASN1_ADB_OBJECT(CMS_ContentInfo)
-} ASN1_NDEF_SEQUENCE_END_cb(CMS_ContentInfo, CMS_ContentInfo)
-
-/* Specials for signed attributes */
-
-/*
- * When signing attributes we want to reorder them to match the sorted
- * encoding.
- */
-
-ASN1_ITEM_TEMPLATE(CMS_Attributes_Sign) =
-        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_ORDER, 0, CMS_ATTRIBUTES, X509_ATTRIBUTE)
-ASN1_ITEM_TEMPLATE_END(CMS_Attributes_Sign)
-
-/*
- * When verifying attributes we need to use the received order. So we use
- * SEQUENCE OF and tag it to SET OF
- */
-
-ASN1_ITEM_TEMPLATE(CMS_Attributes_Verify) =
-        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_IMPTAG | ASN1_TFLG_UNIVERSAL,
-                                V_ASN1_SET, CMS_ATTRIBUTES, X509_ATTRIBUTE)
-ASN1_ITEM_TEMPLATE_END(CMS_Attributes_Verify)
-
-
-
-ASN1_CHOICE(CMS_ReceiptsFrom) = {
-  ASN1_IMP(CMS_ReceiptsFrom, d.allOrFirstTier, LONG, 0),
-  ASN1_IMP_SEQUENCE_OF(CMS_ReceiptsFrom, d.receiptList, GENERAL_NAMES, 1)
-} ASN1_CHOICE_END(CMS_ReceiptsFrom)
-
-ASN1_SEQUENCE(CMS_ReceiptRequest) = {
-  ASN1_SIMPLE(CMS_ReceiptRequest, signedContentIdentifier, ASN1_OCTET_STRING),
-  ASN1_SIMPLE(CMS_ReceiptRequest, receiptsFrom, CMS_ReceiptsFrom),
-  ASN1_SEQUENCE_OF(CMS_ReceiptRequest, receiptsTo, GENERAL_NAMES)
-} ASN1_SEQUENCE_END(CMS_ReceiptRequest)
-
-ASN1_SEQUENCE(CMS_Receipt) = {
-  ASN1_SIMPLE(CMS_Receipt, version, LONG),
-  ASN1_SIMPLE(CMS_Receipt, contentType, ASN1_OBJECT),
-  ASN1_SIMPLE(CMS_Receipt, signedContentIdentifier, ASN1_OCTET_STRING),
-  ASN1_SIMPLE(CMS_Receipt, originatorSignatureValue, ASN1_OCTET_STRING)
-} ASN1_SEQUENCE_END(CMS_Receipt)
-
-/*
- * Utilities to encode the CMS_SharedInfo structure used during key
- * derivation.
- */
-
-typedef struct {
-    X509_ALGOR *keyInfo;
-    ASN1_OCTET_STRING *entityUInfo;
-    ASN1_OCTET_STRING *suppPubInfo;
-} CMS_SharedInfo;
-
-ASN1_SEQUENCE(CMS_SharedInfo) = {
-  ASN1_SIMPLE(CMS_SharedInfo, keyInfo, X509_ALGOR),
-  ASN1_EXP_OPT(CMS_SharedInfo, entityUInfo, ASN1_OCTET_STRING, 0),
-  ASN1_EXP_OPT(CMS_SharedInfo, suppPubInfo, ASN1_OCTET_STRING, 2),
-} ASN1_SEQUENCE_END(CMS_SharedInfo)
-
-int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg,
-                          ASN1_OCTET_STRING *ukm, int keylen)
-{
-    union {
-        CMS_SharedInfo *pecsi;
-        ASN1_VALUE *a;
-    } intsi = {
-        NULL
-    };
-
-    ASN1_OCTET_STRING oklen;
-    unsigned char kl[4];
-    CMS_SharedInfo ecsi;
-
-    keylen <<= 3;
-    kl[0] = (keylen >> 24) & 0xff;
-    kl[1] = (keylen >> 16) & 0xff;
-    kl[2] = (keylen >> 8) & 0xff;
-    kl[3] = keylen & 0xff;
-    oklen.length = 4;
-    oklen.data = kl;
-    oklen.type = V_ASN1_OCTET_STRING;
-    oklen.flags = 0;
-    ecsi.keyInfo = kekalg;
-    ecsi.entityUInfo = ukm;
-    ecsi.suppPubInfo = &oklen;
-    intsi.pecsi = &ecsi;
-    return ASN1_item_i2d(intsi.a, pder, ASN1_ITEM_rptr(CMS_SharedInfo));
-}
diff --git a/thirdparty/openssl/crypto/cms/cms_att.c b/thirdparty/openssl/crypto/cms/cms_att.c
deleted file mode 100644
index f79a49d518..0000000000
--- a/thirdparty/openssl/crypto/cms/cms_att.c
+++ /dev/null
@@ -1,197 +0,0 @@
-/* crypto/cms/cms_att.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/asn1t.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-#include <openssl/err.h>
-#include "cms.h"
-#include "cms_lcl.h"
-
-/* CMS SignedData Attribute utilities */
-
-int CMS_signed_get_attr_count(const CMS_SignerInfo *si)
-{
-    return X509at_get_attr_count(si->signedAttrs);
-}
-
-int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid, int lastpos)
-{
-    return X509at_get_attr_by_NID(si->signedAttrs, nid, lastpos);
-}
-
-int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
-                               int lastpos)
-{
-    return X509at_get_attr_by_OBJ(si->signedAttrs, obj, lastpos);
-}
-
-X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc)
-{
-    return X509at_get_attr(si->signedAttrs, loc);
-}
-
-X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc)
-{
-    return X509at_delete_attr(si->signedAttrs, loc);
-}
-
-int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr)
-{
-    if (X509at_add1_attr(&si->signedAttrs, attr))
-        return 1;
-    return 0;
-}
-
-int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si,
-                                const ASN1_OBJECT *obj, int type,
-                                const void *bytes, int len)
-{
-    if (X509at_add1_attr_by_OBJ(&si->signedAttrs, obj, type, bytes, len))
-        return 1;
-    return 0;
-}
-
-int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si,
-                                int nid, int type, const void *bytes, int len)
-{
-    if (X509at_add1_attr_by_NID(&si->signedAttrs, nid, type, bytes, len))
-        return 1;
-    return 0;
-}
-
-int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si,
-                                const char *attrname, int type,
-                                const void *bytes, int len)
-{
-    if (X509at_add1_attr_by_txt(&si->signedAttrs, attrname, type, bytes, len))
-        return 1;
-    return 0;
-}
-
-void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
-                                  int lastpos, int type)
-{
-    return X509at_get0_data_by_OBJ(si->signedAttrs, oid, lastpos, type);
-}
-
-int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si)
-{
-    return X509at_get_attr_count(si->unsignedAttrs);
-}
-
-int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
-                                 int lastpos)
-{
-    return X509at_get_attr_by_NID(si->unsignedAttrs, nid, lastpos);
-}
-
-int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
-                                 int lastpos)
-{
-    return X509at_get_attr_by_OBJ(si->unsignedAttrs, obj, lastpos);
-}
-
-X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc)
-{
-    return X509at_get_attr(si->unsignedAttrs, loc);
-}
-
-X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc)
-{
-    return X509at_delete_attr(si->unsignedAttrs, loc);
-}
-
-int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr)
-{
-    if (X509at_add1_attr(&si->unsignedAttrs, attr))
-        return 1;
-    return 0;
-}
-
-int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si,
-                                  const ASN1_OBJECT *obj, int type,
-                                  const void *bytes, int len)
-{
-    if (X509at_add1_attr_by_OBJ(&si->unsignedAttrs, obj, type, bytes, len))
-        return 1;
-    return 0;
-}
-
-int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si,
-                                  int nid, int type,
-                                  const void *bytes, int len)
-{
-    if (X509at_add1_attr_by_NID(&si->unsignedAttrs, nid, type, bytes, len))
-        return 1;
-    return 0;
-}
-
-int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si,
-                                  const char *attrname, int type,
-                                  const void *bytes, int len)
-{
-    if (X509at_add1_attr_by_txt(&si->unsignedAttrs, attrname,
-                                type, bytes, len))
-        return 1;
-    return 0;
-}
-
-void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
-                                    int lastpos, int type)
-{
-    return X509at_get0_data_by_OBJ(si->unsignedAttrs, oid, lastpos, type);
-}
-
-/* Specific attribute cases */
diff --git a/thirdparty/openssl/crypto/cms/cms_cd.c b/thirdparty/openssl/crypto/cms/cms_cd.c
deleted file mode 100644
index aa3238f584..0000000000
--- a/thirdparty/openssl/crypto/cms/cms_cd.c
+++ /dev/null
@@ -1,134 +0,0 @@
-/* crypto/cms/cms_cd.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-#include <openssl/err.h>
-#include <openssl/cms.h>
-#include <openssl/bio.h>
-#ifndef OPENSSL_NO_COMP
-# include <openssl/comp.h>
-#endif
-#include "cms_lcl.h"
-
-DECLARE_ASN1_ITEM(CMS_CompressedData)
-
-#ifdef ZLIB
-
-/* CMS CompressedData Utilities */
-
-CMS_ContentInfo *cms_CompressedData_create(int comp_nid)
-{
-    CMS_ContentInfo *cms;
-    CMS_CompressedData *cd;
-    /*
-     * Will need something cleverer if there is ever more than one
-     * compression algorithm or parameters have some meaning...
-     */
-    if (comp_nid != NID_zlib_compression) {
-        CMSerr(CMS_F_CMS_COMPRESSEDDATA_CREATE,
-               CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
-        return NULL;
-    }
-    cms = CMS_ContentInfo_new();
-    if (!cms)
-        return NULL;
-
-    cd = M_ASN1_new_of(CMS_CompressedData);
-
-    if (!cd)
-        goto err;
-
-    cms->contentType = OBJ_nid2obj(NID_id_smime_ct_compressedData);
-    cms->d.compressedData = cd;
-
-    cd->version = 0;
-
-    X509_ALGOR_set0(cd->compressionAlgorithm,
-                    OBJ_nid2obj(NID_zlib_compression), V_ASN1_UNDEF, NULL);
-
-    cd->encapContentInfo->eContentType = OBJ_nid2obj(NID_pkcs7_data);
-
-    return cms;
-
- err:
-
-    if (cms)
-        CMS_ContentInfo_free(cms);
-
-    return NULL;
-}
-
-BIO *cms_CompressedData_init_bio(CMS_ContentInfo *cms)
-{
-    CMS_CompressedData *cd;
-    ASN1_OBJECT *compoid;
-    if (OBJ_obj2nid(cms->contentType) != NID_id_smime_ct_compressedData) {
-        CMSerr(CMS_F_CMS_COMPRESSEDDATA_INIT_BIO,
-               CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA);
-        return NULL;
-    }
-    cd = cms->d.compressedData;
-    X509_ALGOR_get0(&compoid, NULL, NULL, cd->compressionAlgorithm);
-    if (OBJ_obj2nid(compoid) != NID_zlib_compression) {
-        CMSerr(CMS_F_CMS_COMPRESSEDDATA_INIT_BIO,
-               CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
-        return NULL;
-    }
-    return BIO_new(BIO_f_zlib());
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/cms/cms_dd.c b/thirdparty/openssl/crypto/cms/cms_dd.c
deleted file mode 100644
index 23e9f2d3a4..0000000000
--- a/thirdparty/openssl/crypto/cms/cms_dd.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/* crypto/cms/cms_dd.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-#include <openssl/err.h>
-#include <openssl/cms.h>
-#include "cms_lcl.h"
-
-DECLARE_ASN1_ITEM(CMS_DigestedData)
-
-/* CMS DigestedData Utilities */
-
-CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md)
-{
-    CMS_ContentInfo *cms;
-    CMS_DigestedData *dd;
-    cms = CMS_ContentInfo_new();
-    if (!cms)
-        return NULL;
-
-    dd = M_ASN1_new_of(CMS_DigestedData);
-
-    if (!dd)
-        goto err;
-
-    cms->contentType = OBJ_nid2obj(NID_pkcs7_digest);
-    cms->d.digestedData = dd;
-
-    dd->version = 0;
-    dd->encapContentInfo->eContentType = OBJ_nid2obj(NID_pkcs7_data);
-
-    cms_DigestAlgorithm_set(dd->digestAlgorithm, md);
-
-    return cms;
-
- err:
-
-    if (cms)
-        CMS_ContentInfo_free(cms);
-
-    return NULL;
-}
-
-BIO *cms_DigestedData_init_bio(CMS_ContentInfo *cms)
-{
-    CMS_DigestedData *dd;
-    dd = cms->d.digestedData;
-    return cms_DigestAlgorithm_init_bio(dd->digestAlgorithm);
-}
-
-int cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify)
-{
-    EVP_MD_CTX mctx;
-    unsigned char md[EVP_MAX_MD_SIZE];
-    unsigned int mdlen;
-    int r = 0;
-    CMS_DigestedData *dd;
-    EVP_MD_CTX_init(&mctx);
-
-    dd = cms->d.digestedData;
-
-    if (!cms_DigestAlgorithm_find_ctx(&mctx, chain, dd->digestAlgorithm))
-        goto err;
-
-    if (EVP_DigestFinal_ex(&mctx, md, &mdlen) <= 0)
-        goto err;
-
-    if (verify) {
-        if (mdlen != (unsigned int)dd->digest->length) {
-            CMSerr(CMS_F_CMS_DIGESTEDDATA_DO_FINAL,
-                   CMS_R_MESSAGEDIGEST_WRONG_LENGTH);
-            goto err;
-        }
-
-        if (memcmp(md, dd->digest->data, mdlen))
-            CMSerr(CMS_F_CMS_DIGESTEDDATA_DO_FINAL,
-                   CMS_R_VERIFICATION_FAILURE);
-        else
-            r = 1;
-    } else {
-        if (!ASN1_STRING_set(dd->digest, md, mdlen))
-            goto err;
-        r = 1;
-    }
-
- err:
-    EVP_MD_CTX_cleanup(&mctx);
-
-    return r;
-
-}
diff --git a/thirdparty/openssl/crypto/cms/cms_enc.c b/thirdparty/openssl/crypto/cms/cms_enc.c
deleted file mode 100644
index 90b1fcc750..0000000000
--- a/thirdparty/openssl/crypto/cms/cms_enc.c
+++ /dev/null
@@ -1,264 +0,0 @@
-/* crypto/cms/cms_enc.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-#include <openssl/err.h>
-#include <openssl/cms.h>
-#include <openssl/rand.h>
-#include "cms_lcl.h"
-
-/* CMS EncryptedData Utilities */
-
-DECLARE_ASN1_ITEM(CMS_EncryptedData)
-
-/* Return BIO based on EncryptedContentInfo and key */
-
-BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
-{
-    BIO *b;
-    EVP_CIPHER_CTX *ctx;
-    const EVP_CIPHER *ciph;
-    X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
-    unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL;
-    unsigned char *tkey = NULL;
-    size_t tkeylen = 0;
-
-    int ok = 0;
-
-    int enc, keep_key = 0;
-
-    enc = ec->cipher ? 1 : 0;
-
-    b = BIO_new(BIO_f_cipher());
-    if (!b) {
-        CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    BIO_get_cipher_ctx(b, &ctx);
-
-    if (enc) {
-        ciph = ec->cipher;
-        /*
-         * If not keeping key set cipher to NULL so subsequent calls decrypt.
-         */
-        if (ec->key)
-            ec->cipher = NULL;
-    } else {
-        ciph = EVP_get_cipherbyobj(calg->algorithm);
-
-        if (!ciph) {
-            CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, CMS_R_UNKNOWN_CIPHER);
-            goto err;
-        }
-    }
-
-    if (EVP_CipherInit_ex(ctx, ciph, NULL, NULL, NULL, enc) <= 0) {
-        CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-               CMS_R_CIPHER_INITIALISATION_ERROR);
-        goto err;
-    }
-
-    if (enc) {
-        int ivlen;
-        calg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx));
-        /* Generate a random IV if we need one */
-        ivlen = EVP_CIPHER_CTX_iv_length(ctx);
-        if (ivlen > 0) {
-            if (RAND_bytes(iv, ivlen) <= 0)
-                goto err;
-            piv = iv;
-        }
-    } else if (EVP_CIPHER_asn1_to_param(ctx, calg->parameter) <= 0) {
-        CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-               CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
-        goto err;
-    }
-    tkeylen = EVP_CIPHER_CTX_key_length(ctx);
-    /* Generate random session key */
-    if (!enc || !ec->key) {
-        tkey = OPENSSL_malloc(tkeylen);
-        if (!tkey) {
-            CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        if (EVP_CIPHER_CTX_rand_key(ctx, tkey) <= 0)
-            goto err;
-    }
-
-    if (!ec->key) {
-        ec->key = tkey;
-        ec->keylen = tkeylen;
-        tkey = NULL;
-        if (enc)
-            keep_key = 1;
-        else
-            ERR_clear_error();
-
-    }
-
-    if (ec->keylen != tkeylen) {
-        /* If necessary set key length */
-        if (EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen) <= 0) {
-            /*
-             * Only reveal failure if debugging so we don't leak information
-             * which may be useful in MMA.
-             */
-            if (enc || ec->debug) {
-                CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-                       CMS_R_INVALID_KEY_LENGTH);
-                goto err;
-            } else {
-                /* Use random key */
-                OPENSSL_cleanse(ec->key, ec->keylen);
-                OPENSSL_free(ec->key);
-                ec->key = tkey;
-                ec->keylen = tkeylen;
-                tkey = NULL;
-                ERR_clear_error();
-            }
-        }
-    }
-
-    if (EVP_CipherInit_ex(ctx, NULL, NULL, ec->key, piv, enc) <= 0) {
-        CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-               CMS_R_CIPHER_INITIALISATION_ERROR);
-        goto err;
-    }
-    if (enc) {
-        calg->parameter = ASN1_TYPE_new();
-        if (calg->parameter == NULL) {
-            CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        if (EVP_CIPHER_param_to_asn1(ctx, calg->parameter) <= 0) {
-            CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-                   CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
-            goto err;
-        }
-        /* If parameter type not set omit parameter */
-        if (calg->parameter->type == V_ASN1_UNDEF) {
-            ASN1_TYPE_free(calg->parameter);
-            calg->parameter = NULL;
-        }
-    }
-    ok = 1;
-
- err:
-    if (ec->key && (!keep_key || !ok)) {
-        OPENSSL_cleanse(ec->key, ec->keylen);
-        OPENSSL_free(ec->key);
-        ec->key = NULL;
-    }
-    if (tkey) {
-        OPENSSL_cleanse(tkey, tkeylen);
-        OPENSSL_free(tkey);
-    }
-    if (ok)
-        return b;
-    BIO_free(b);
-    return NULL;
-}
-
-int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
-                              const EVP_CIPHER *cipher,
-                              const unsigned char *key, size_t keylen)
-{
-    ec->cipher = cipher;
-    if (key) {
-        ec->key = OPENSSL_malloc(keylen);
-        if (!ec->key)
-            return 0;
-        memcpy(ec->key, key, keylen);
-    }
-    ec->keylen = keylen;
-    if (cipher)
-        ec->contentType = OBJ_nid2obj(NID_pkcs7_data);
-    return 1;
-}
-
-int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
-                               const unsigned char *key, size_t keylen)
-{
-    CMS_EncryptedContentInfo *ec;
-    if (!key || !keylen) {
-        CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY, CMS_R_NO_KEY);
-        return 0;
-    }
-    if (ciph) {
-        cms->d.encryptedData = M_ASN1_new_of(CMS_EncryptedData);
-        if (!cms->d.encryptedData) {
-            CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-        cms->contentType = OBJ_nid2obj(NID_pkcs7_encrypted);
-        cms->d.encryptedData->version = 0;
-    } else if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_encrypted) {
-        CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY, CMS_R_NOT_ENCRYPTED_DATA);
-        return 0;
-    }
-    ec = cms->d.encryptedData->encryptedContentInfo;
-    return cms_EncryptedContent_init(ec, ciph, key, keylen);
-}
-
-BIO *cms_EncryptedData_init_bio(CMS_ContentInfo *cms)
-{
-    CMS_EncryptedData *enc = cms->d.encryptedData;
-    if (enc->encryptedContentInfo->cipher && enc->unprotectedAttrs)
-        enc->version = 2;
-    return cms_EncryptedContent_init_bio(enc->encryptedContentInfo);
-}
diff --git a/thirdparty/openssl/crypto/cms/cms_env.c b/thirdparty/openssl/crypto/cms/cms_env.c
deleted file mode 100644
index 93c06cb00a..0000000000
--- a/thirdparty/openssl/crypto/cms/cms_env.c
+++ /dev/null
@@ -1,974 +0,0 @@
-/* crypto/cms/cms_env.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-#include <openssl/err.h>
-#include <openssl/cms.h>
-#include <openssl/rand.h>
-#include <openssl/aes.h>
-#include "cms_lcl.h"
-#include "asn1_locl.h"
-
-/* CMS EnvelopedData Utilities */
-
-DECLARE_ASN1_ITEM(CMS_EnvelopedData)
-DECLARE_ASN1_ITEM(CMS_KeyTransRecipientInfo)
-DECLARE_ASN1_ITEM(CMS_KEKRecipientInfo)
-DECLARE_ASN1_ITEM(CMS_OtherKeyAttribute)
-
-DECLARE_STACK_OF(CMS_RecipientInfo)
-
-CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms)
-{
-    if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_enveloped) {
-        CMSerr(CMS_F_CMS_GET0_ENVELOPED,
-               CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA);
-        return NULL;
-    }
-    return cms->d.envelopedData;
-}
-
-static CMS_EnvelopedData *cms_enveloped_data_init(CMS_ContentInfo *cms)
-{
-    if (cms->d.other == NULL) {
-        cms->d.envelopedData = M_ASN1_new_of(CMS_EnvelopedData);
-        if (!cms->d.envelopedData) {
-            CMSerr(CMS_F_CMS_ENVELOPED_DATA_INIT, ERR_R_MALLOC_FAILURE);
-            return NULL;
-        }
-        cms->d.envelopedData->version = 0;
-        cms->d.envelopedData->encryptedContentInfo->contentType =
-            OBJ_nid2obj(NID_pkcs7_data);
-        ASN1_OBJECT_free(cms->contentType);
-        cms->contentType = OBJ_nid2obj(NID_pkcs7_enveloped);
-        return cms->d.envelopedData;
-    }
-    return cms_get0_enveloped(cms);
-}
-
-int cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd)
-{
-    EVP_PKEY *pkey;
-    int i;
-    if (ri->type == CMS_RECIPINFO_TRANS)
-        pkey = ri->d.ktri->pkey;
-    else if (ri->type == CMS_RECIPINFO_AGREE) {
-        EVP_PKEY_CTX *pctx = ri->d.kari->pctx;
-        if (!pctx)
-            return 0;
-        pkey = EVP_PKEY_CTX_get0_pkey(pctx);
-        if (!pkey)
-            return 0;
-    } else
-        return 0;
-    if (!pkey->ameth || !pkey->ameth->pkey_ctrl)
-        return 1;
-    i = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_CMS_ENVELOPE, cmd, ri);
-    if (i == -2) {
-        CMSerr(CMS_F_CMS_ENV_ASN1_CTRL,
-               CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
-        return 0;
-    }
-    if (i <= 0) {
-        CMSerr(CMS_F_CMS_ENV_ASN1_CTRL, CMS_R_CTRL_FAILURE);
-        return 0;
-    }
-    return 1;
-}
-
-STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms)
-{
-    CMS_EnvelopedData *env;
-    env = cms_get0_enveloped(cms);
-    if (!env)
-        return NULL;
-    return env->recipientInfos;
-}
-
-int CMS_RecipientInfo_type(CMS_RecipientInfo *ri)
-{
-    return ri->type;
-}
-
-EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri)
-{
-    if (ri->type == CMS_RECIPINFO_TRANS)
-        return ri->d.ktri->pctx;
-    else if (ri->type == CMS_RECIPINFO_AGREE)
-        return ri->d.kari->pctx;
-    return NULL;
-}
-
-CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher)
-{
-    CMS_ContentInfo *cms;
-    CMS_EnvelopedData *env;
-    cms = CMS_ContentInfo_new();
-    if (!cms)
-        goto merr;
-    env = cms_enveloped_data_init(cms);
-    if (!env)
-        goto merr;
-    if (!cms_EncryptedContent_init(env->encryptedContentInfo,
-                                   cipher, NULL, 0))
-        goto merr;
-    return cms;
- merr:
-    if (cms)
-        CMS_ContentInfo_free(cms);
-    CMSerr(CMS_F_CMS_ENVELOPEDDATA_CREATE, ERR_R_MALLOC_FAILURE);
-    return NULL;
-}
-
-/* Key Transport Recipient Info (KTRI) routines */
-
-/* Initialise a ktri based on passed certificate and key */
-
-static int cms_RecipientInfo_ktri_init(CMS_RecipientInfo *ri, X509 *recip,
-                                       EVP_PKEY *pk, unsigned int flags)
-{
-    CMS_KeyTransRecipientInfo *ktri;
-    int idtype;
-
-    ri->d.ktri = M_ASN1_new_of(CMS_KeyTransRecipientInfo);
-    if (!ri->d.ktri)
-        return 0;
-    ri->type = CMS_RECIPINFO_TRANS;
-
-    ktri = ri->d.ktri;
-
-    if (flags & CMS_USE_KEYID) {
-        ktri->version = 2;
-        idtype = CMS_RECIPINFO_KEYIDENTIFIER;
-    } else {
-        ktri->version = 0;
-        idtype = CMS_RECIPINFO_ISSUER_SERIAL;
-    }
-
-    /*
-     * Not a typo: RecipientIdentifier and SignerIdentifier are the same
-     * structure.
-     */
-
-    if (!cms_set1_SignerIdentifier(ktri->rid, recip, idtype))
-        return 0;
-
-    CRYPTO_add(&recip->references, 1, CRYPTO_LOCK_X509);
-    CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY);
-    ktri->pkey = pk;
-    ktri->recip = recip;
-
-    if (flags & CMS_KEY_PARAM) {
-        ktri->pctx = EVP_PKEY_CTX_new(ktri->pkey, NULL);
-        if (!ktri->pctx)
-            return 0;
-        if (EVP_PKEY_encrypt_init(ktri->pctx) <= 0)
-            return 0;
-    } else if (!cms_env_asn1_ctrl(ri, 0))
-        return 0;
-    return 1;
-}
-
-/*
- * Add a recipient certificate using appropriate type of RecipientInfo
- */
-
-CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
-                                           X509 *recip, unsigned int flags)
-{
-    CMS_RecipientInfo *ri = NULL;
-    CMS_EnvelopedData *env;
-    EVP_PKEY *pk = NULL;
-    env = cms_get0_enveloped(cms);
-    if (!env)
-        goto err;
-
-    /* Initialize recipient info */
-    ri = M_ASN1_new_of(CMS_RecipientInfo);
-    if (!ri)
-        goto merr;
-
-    pk = X509_get_pubkey(recip);
-    if (!pk) {
-        CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT, CMS_R_ERROR_GETTING_PUBLIC_KEY);
-        goto err;
-    }
-
-    switch (cms_pkey_get_ri_type(pk)) {
-
-    case CMS_RECIPINFO_TRANS:
-        if (!cms_RecipientInfo_ktri_init(ri, recip, pk, flags))
-            goto err;
-        break;
-
-    case CMS_RECIPINFO_AGREE:
-        if (!cms_RecipientInfo_kari_init(ri, recip, pk, flags))
-            goto err;
-        break;
-
-    default:
-        CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT,
-               CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
-        goto err;
-
-    }
-
-    if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri))
-        goto merr;
-
-    EVP_PKEY_free(pk);
-
-    return ri;
-
- merr:
-    CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT, ERR_R_MALLOC_FAILURE);
- err:
-    if (ri)
-        M_ASN1_free_of(ri, CMS_RecipientInfo);
-    if (pk)
-        EVP_PKEY_free(pk);
-    return NULL;
-
-}
-
-int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri,
-                                     EVP_PKEY **pk, X509 **recip,
-                                     X509_ALGOR **palg)
-{
-    CMS_KeyTransRecipientInfo *ktri;
-    if (ri->type != CMS_RECIPINFO_TRANS) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS,
-               CMS_R_NOT_KEY_TRANSPORT);
-        return 0;
-    }
-
-    ktri = ri->d.ktri;
-
-    if (pk)
-        *pk = ktri->pkey;
-    if (recip)
-        *recip = ktri->recip;
-    if (palg)
-        *palg = ktri->keyEncryptionAlgorithm;
-    return 1;
-}
-
-int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
-                                          ASN1_OCTET_STRING **keyid,
-                                          X509_NAME **issuer,
-                                          ASN1_INTEGER **sno)
-{
-    CMS_KeyTransRecipientInfo *ktri;
-    if (ri->type != CMS_RECIPINFO_TRANS) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID,
-               CMS_R_NOT_KEY_TRANSPORT);
-        return 0;
-    }
-    ktri = ri->d.ktri;
-
-    return cms_SignerIdentifier_get0_signer_id(ktri->rid, keyid, issuer, sno);
-}
-
-int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert)
-{
-    if (ri->type != CMS_RECIPINFO_TRANS) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP,
-               CMS_R_NOT_KEY_TRANSPORT);
-        return -2;
-    }
-    return cms_SignerIdentifier_cert_cmp(ri->d.ktri->rid, cert);
-}
-
-int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey)
-{
-    if (ri->type != CMS_RECIPINFO_TRANS) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_PKEY, CMS_R_NOT_KEY_TRANSPORT);
-        return 0;
-    }
-    ri->d.ktri->pkey = pkey;
-    return 1;
-}
-
-/* Encrypt content key in key transport recipient info */
-
-static int cms_RecipientInfo_ktri_encrypt(CMS_ContentInfo *cms,
-                                          CMS_RecipientInfo *ri)
-{
-    CMS_KeyTransRecipientInfo *ktri;
-    CMS_EncryptedContentInfo *ec;
-    EVP_PKEY_CTX *pctx;
-    unsigned char *ek = NULL;
-    size_t eklen;
-
-    int ret = 0;
-
-    if (ri->type != CMS_RECIPINFO_TRANS) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT, CMS_R_NOT_KEY_TRANSPORT);
-        return 0;
-    }
-    ktri = ri->d.ktri;
-    ec = cms->d.envelopedData->encryptedContentInfo;
-
-    pctx = ktri->pctx;
-
-    if (pctx) {
-        if (!cms_env_asn1_ctrl(ri, 0))
-            goto err;
-    } else {
-        pctx = EVP_PKEY_CTX_new(ktri->pkey, NULL);
-        if (!pctx)
-            return 0;
-
-        if (EVP_PKEY_encrypt_init(pctx) <= 0)
-            goto err;
-    }
-
-    if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT,
-                          EVP_PKEY_CTRL_CMS_ENCRYPT, 0, ri) <= 0) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT, CMS_R_CTRL_ERROR);
-        goto err;
-    }
-
-    if (EVP_PKEY_encrypt(pctx, NULL, &eklen, ec->key, ec->keylen) <= 0)
-        goto err;
-
-    ek = OPENSSL_malloc(eklen);
-
-    if (ek == NULL) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (EVP_PKEY_encrypt(pctx, ek, &eklen, ec->key, ec->keylen) <= 0)
-        goto err;
-
-    ASN1_STRING_set0(ktri->encryptedKey, ek, eklen);
-    ek = NULL;
-
-    ret = 1;
-
- err:
-    if (pctx) {
-        EVP_PKEY_CTX_free(pctx);
-        ktri->pctx = NULL;
-    }
-    if (ek)
-        OPENSSL_free(ek);
-    return ret;
-
-}
-
-/* Decrypt content key from KTRI */
-
-static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
-                                          CMS_RecipientInfo *ri)
-{
-    CMS_KeyTransRecipientInfo *ktri = ri->d.ktri;
-    EVP_PKEY *pkey = ktri->pkey;
-    unsigned char *ek = NULL;
-    size_t eklen;
-    int ret = 0;
-    CMS_EncryptedContentInfo *ec;
-    ec = cms->d.envelopedData->encryptedContentInfo;
-
-    if (ktri->pkey == NULL) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_NO_PRIVATE_KEY);
-        return 0;
-    }
-
-    ktri->pctx = EVP_PKEY_CTX_new(pkey, NULL);
-    if (!ktri->pctx)
-        return 0;
-
-    if (EVP_PKEY_decrypt_init(ktri->pctx) <= 0)
-        goto err;
-
-    if (!cms_env_asn1_ctrl(ri, 1))
-        goto err;
-
-    if (EVP_PKEY_CTX_ctrl(ktri->pctx, -1, EVP_PKEY_OP_DECRYPT,
-                          EVP_PKEY_CTRL_CMS_DECRYPT, 0, ri) <= 0) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_CTRL_ERROR);
-        goto err;
-    }
-
-    if (EVP_PKEY_decrypt(ktri->pctx, NULL, &eklen,
-                         ktri->encryptedKey->data,
-                         ktri->encryptedKey->length) <= 0)
-        goto err;
-
-    ek = OPENSSL_malloc(eklen);
-
-    if (ek == NULL) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (EVP_PKEY_decrypt(ktri->pctx, ek, &eklen,
-                         ktri->encryptedKey->data,
-                         ktri->encryptedKey->length) <= 0) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_CMS_LIB);
-        goto err;
-    }
-
-    ret = 1;
-
-    if (ec->key) {
-        OPENSSL_cleanse(ec->key, ec->keylen);
-        OPENSSL_free(ec->key);
-    }
-
-    ec->key = ek;
-    ec->keylen = eklen;
-
- err:
-    if (ktri->pctx) {
-        EVP_PKEY_CTX_free(ktri->pctx);
-        ktri->pctx = NULL;
-    }
-    if (!ret && ek)
-        OPENSSL_free(ek);
-
-    return ret;
-}
-
-/* Key Encrypted Key (KEK) RecipientInfo routines */
-
-int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
-                                   const unsigned char *id, size_t idlen)
-{
-    ASN1_OCTET_STRING tmp_os;
-    CMS_KEKRecipientInfo *kekri;
-    if (ri->type != CMS_RECIPINFO_KEK) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP, CMS_R_NOT_KEK);
-        return -2;
-    }
-    kekri = ri->d.kekri;
-    tmp_os.type = V_ASN1_OCTET_STRING;
-    tmp_os.flags = 0;
-    tmp_os.data = (unsigned char *)id;
-    tmp_os.length = (int)idlen;
-    return ASN1_OCTET_STRING_cmp(&tmp_os, kekri->kekid->keyIdentifier);
-}
-
-/* For now hard code AES key wrap info */
-
-static size_t aes_wrap_keylen(int nid)
-{
-    switch (nid) {
-    case NID_id_aes128_wrap:
-        return 16;
-
-    case NID_id_aes192_wrap:
-        return 24;
-
-    case NID_id_aes256_wrap:
-        return 32;
-
-    default:
-        return 0;
-    }
-}
-
-CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
-                                          unsigned char *key, size_t keylen,
-                                          unsigned char *id, size_t idlen,
-                                          ASN1_GENERALIZEDTIME *date,
-                                          ASN1_OBJECT *otherTypeId,
-                                          ASN1_TYPE *otherType)
-{
-    CMS_RecipientInfo *ri = NULL;
-    CMS_EnvelopedData *env;
-    CMS_KEKRecipientInfo *kekri;
-    env = cms_get0_enveloped(cms);
-    if (!env)
-        goto err;
-
-    if (nid == NID_undef) {
-        switch (keylen) {
-        case 16:
-            nid = NID_id_aes128_wrap;
-            break;
-
-        case 24:
-            nid = NID_id_aes192_wrap;
-            break;
-
-        case 32:
-            nid = NID_id_aes256_wrap;
-            break;
-
-        default:
-            CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY, CMS_R_INVALID_KEY_LENGTH);
-            goto err;
-        }
-
-    } else {
-
-        size_t exp_keylen = aes_wrap_keylen(nid);
-
-        if (!exp_keylen) {
-            CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY,
-                   CMS_R_UNSUPPORTED_KEK_ALGORITHM);
-            goto err;
-        }
-
-        if (keylen != exp_keylen) {
-            CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY, CMS_R_INVALID_KEY_LENGTH);
-            goto err;
-        }
-
-    }
-
-    /* Initialize recipient info */
-    ri = M_ASN1_new_of(CMS_RecipientInfo);
-    if (!ri)
-        goto merr;
-
-    ri->d.kekri = M_ASN1_new_of(CMS_KEKRecipientInfo);
-    if (!ri->d.kekri)
-        goto merr;
-    ri->type = CMS_RECIPINFO_KEK;
-
-    kekri = ri->d.kekri;
-
-    if (otherTypeId) {
-        kekri->kekid->other = M_ASN1_new_of(CMS_OtherKeyAttribute);
-        if (kekri->kekid->other == NULL)
-            goto merr;
-    }
-
-    if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri))
-        goto merr;
-
-    /* After this point no calls can fail */
-
-    kekri->version = 4;
-
-    kekri->key = key;
-    kekri->keylen = keylen;
-
-    ASN1_STRING_set0(kekri->kekid->keyIdentifier, id, idlen);
-
-    kekri->kekid->date = date;
-
-    if (kekri->kekid->other) {
-        kekri->kekid->other->keyAttrId = otherTypeId;
-        kekri->kekid->other->keyAttr = otherType;
-    }
-
-    X509_ALGOR_set0(kekri->keyEncryptionAlgorithm,
-                    OBJ_nid2obj(nid), V_ASN1_UNDEF, NULL);
-
-    return ri;
-
- merr:
-    CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY, ERR_R_MALLOC_FAILURE);
- err:
-    if (ri)
-        M_ASN1_free_of(ri, CMS_RecipientInfo);
-    return NULL;
-
-}
-
-int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri,
-                                    X509_ALGOR **palg,
-                                    ASN1_OCTET_STRING **pid,
-                                    ASN1_GENERALIZEDTIME **pdate,
-                                    ASN1_OBJECT **potherid,
-                                    ASN1_TYPE **pothertype)
-{
-    CMS_KEKIdentifier *rkid;
-    if (ri->type != CMS_RECIPINFO_KEK) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID, CMS_R_NOT_KEK);
-        return 0;
-    }
-    rkid = ri->d.kekri->kekid;
-    if (palg)
-        *palg = ri->d.kekri->keyEncryptionAlgorithm;
-    if (pid)
-        *pid = rkid->keyIdentifier;
-    if (pdate)
-        *pdate = rkid->date;
-    if (potherid) {
-        if (rkid->other)
-            *potherid = rkid->other->keyAttrId;
-        else
-            *potherid = NULL;
-    }
-    if (pothertype) {
-        if (rkid->other)
-            *pothertype = rkid->other->keyAttr;
-        else
-            *pothertype = NULL;
-    }
-    return 1;
-}
-
-int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
-                               unsigned char *key, size_t keylen)
-{
-    CMS_KEKRecipientInfo *kekri;
-    if (ri->type != CMS_RECIPINFO_KEK) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_KEY, CMS_R_NOT_KEK);
-        return 0;
-    }
-
-    kekri = ri->d.kekri;
-    kekri->key = key;
-    kekri->keylen = keylen;
-    return 1;
-}
-
-/* Encrypt content key in KEK recipient info */
-
-static int cms_RecipientInfo_kekri_encrypt(CMS_ContentInfo *cms,
-                                           CMS_RecipientInfo *ri)
-{
-    CMS_EncryptedContentInfo *ec;
-    CMS_KEKRecipientInfo *kekri;
-    AES_KEY actx;
-    unsigned char *wkey = NULL;
-    int wkeylen;
-    int r = 0;
-
-    ec = cms->d.envelopedData->encryptedContentInfo;
-
-    kekri = ri->d.kekri;
-
-    if (!kekri->key) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, CMS_R_NO_KEY);
-        return 0;
-    }
-
-    if (AES_set_encrypt_key(kekri->key, kekri->keylen << 3, &actx)) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT,
-               CMS_R_ERROR_SETTING_KEY);
-        goto err;
-    }
-
-    wkey = OPENSSL_malloc(ec->keylen + 8);
-
-    if (!wkey) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    wkeylen = AES_wrap_key(&actx, NULL, wkey, ec->key, ec->keylen);
-
-    if (wkeylen <= 0) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, CMS_R_WRAP_ERROR);
-        goto err;
-    }
-
-    ASN1_STRING_set0(kekri->encryptedKey, wkey, wkeylen);
-
-    r = 1;
-
- err:
-
-    if (!r && wkey)
-        OPENSSL_free(wkey);
-    OPENSSL_cleanse(&actx, sizeof(actx));
-
-    return r;
-
-}
-
-/* Decrypt content key in KEK recipient info */
-
-static int cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms,
-                                           CMS_RecipientInfo *ri)
-{
-    CMS_EncryptedContentInfo *ec;
-    CMS_KEKRecipientInfo *kekri;
-    AES_KEY actx;
-    unsigned char *ukey = NULL;
-    int ukeylen;
-    int r = 0, wrap_nid;
-
-    ec = cms->d.envelopedData->encryptedContentInfo;
-
-    kekri = ri->d.kekri;
-
-    if (!kekri->key) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, CMS_R_NO_KEY);
-        return 0;
-    }
-
-    wrap_nid = OBJ_obj2nid(kekri->keyEncryptionAlgorithm->algorithm);
-    if (aes_wrap_keylen(wrap_nid) != kekri->keylen) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT,
-               CMS_R_INVALID_KEY_LENGTH);
-        return 0;
-    }
-
-    /* If encrypted key length is invalid don't bother */
-
-    if (kekri->encryptedKey->length < 16) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT,
-               CMS_R_INVALID_ENCRYPTED_KEY_LENGTH);
-        goto err;
-    }
-
-    if (AES_set_decrypt_key(kekri->key, kekri->keylen << 3, &actx)) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT,
-               CMS_R_ERROR_SETTING_KEY);
-        goto err;
-    }
-
-    ukey = OPENSSL_malloc(kekri->encryptedKey->length - 8);
-
-    if (!ukey) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    ukeylen = AES_unwrap_key(&actx, NULL, ukey,
-                             kekri->encryptedKey->data,
-                             kekri->encryptedKey->length);
-
-    if (ukeylen <= 0) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, CMS_R_UNWRAP_ERROR);
-        goto err;
-    }
-
-    ec->key = ukey;
-    ec->keylen = ukeylen;
-
-    r = 1;
-
- err:
-
-    if (!r && ukey)
-        OPENSSL_free(ukey);
-    OPENSSL_cleanse(&actx, sizeof(actx));
-
-    return r;
-
-}
-
-int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
-{
-    switch (ri->type) {
-    case CMS_RECIPINFO_TRANS:
-        return cms_RecipientInfo_ktri_decrypt(cms, ri);
-
-    case CMS_RECIPINFO_KEK:
-        return cms_RecipientInfo_kekri_decrypt(cms, ri);
-
-    case CMS_RECIPINFO_PASS:
-        return cms_RecipientInfo_pwri_crypt(cms, ri, 0);
-
-    default:
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_DECRYPT,
-               CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE);
-        return 0;
-    }
-}
-
-int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
-{
-    switch (ri->type) {
-    case CMS_RECIPINFO_TRANS:
-        return cms_RecipientInfo_ktri_encrypt(cms, ri);
-
-    case CMS_RECIPINFO_AGREE:
-        return cms_RecipientInfo_kari_encrypt(cms, ri);
-
-    case CMS_RECIPINFO_KEK:
-        return cms_RecipientInfo_kekri_encrypt(cms, ri);
-        break;
-
-    case CMS_RECIPINFO_PASS:
-        return cms_RecipientInfo_pwri_crypt(cms, ri, 1);
-        break;
-
-    default:
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_ENCRYPT,
-               CMS_R_UNSUPPORTED_RECIPIENT_TYPE);
-        return 0;
-    }
-}
-
-/* Check structures and fixup version numbers (if necessary) */
-
-static void cms_env_set_originfo_version(CMS_EnvelopedData *env)
-{
-    CMS_OriginatorInfo *org = env->originatorInfo;
-    int i;
-    if (org == NULL)
-        return;
-    for (i = 0; i < sk_CMS_CertificateChoices_num(org->certificates); i++) {
-        CMS_CertificateChoices *cch;
-        cch = sk_CMS_CertificateChoices_value(org->certificates, i);
-        if (cch->type == CMS_CERTCHOICE_OTHER) {
-            env->version = 4;
-            return;
-        } else if (cch->type == CMS_CERTCHOICE_V2ACERT) {
-            if (env->version < 3)
-                env->version = 3;
-        }
-    }
-
-    for (i = 0; i < sk_CMS_RevocationInfoChoice_num(org->crls); i++) {
-        CMS_RevocationInfoChoice *rch;
-        rch = sk_CMS_RevocationInfoChoice_value(org->crls, i);
-        if (rch->type == CMS_REVCHOICE_OTHER) {
-            env->version = 4;
-            return;
-        }
-    }
-}
-
-static void cms_env_set_version(CMS_EnvelopedData *env)
-{
-    int i;
-    CMS_RecipientInfo *ri;
-
-    /*
-     * Can't set version higher than 4 so if 4 or more already nothing to do.
-     */
-    if (env->version >= 4)
-        return;
-
-    cms_env_set_originfo_version(env);
-
-    if (env->version >= 3)
-        return;
-
-    for (i = 0; i < sk_CMS_RecipientInfo_num(env->recipientInfos); i++) {
-        ri = sk_CMS_RecipientInfo_value(env->recipientInfos, i);
-        if (ri->type == CMS_RECIPINFO_PASS || ri->type == CMS_RECIPINFO_OTHER) {
-            env->version = 3;
-            return;
-        } else if (ri->type != CMS_RECIPINFO_TRANS
-                   || ri->d.ktri->version != 0) {
-            env->version = 2;
-        }
-    }
-    if (env->version == 2)
-        return;
-    if (env->originatorInfo || env->unprotectedAttrs)
-        env->version = 2;
-    env->version = 0;
-}
-
-BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms)
-{
-    CMS_EncryptedContentInfo *ec;
-    STACK_OF(CMS_RecipientInfo) *rinfos;
-    CMS_RecipientInfo *ri;
-    int i, ok = 0;
-    BIO *ret;
-
-    /* Get BIO first to set up key */
-
-    ec = cms->d.envelopedData->encryptedContentInfo;
-    ret = cms_EncryptedContent_init_bio(ec);
-
-    /* If error or no cipher end of processing */
-
-    if (!ret || !ec->cipher)
-        return ret;
-
-    /* Now encrypt content key according to each RecipientInfo type */
-
-    rinfos = cms->d.envelopedData->recipientInfos;
-
-    for (i = 0; i < sk_CMS_RecipientInfo_num(rinfos); i++) {
-        ri = sk_CMS_RecipientInfo_value(rinfos, i);
-        if (CMS_RecipientInfo_encrypt(cms, ri) <= 0) {
-            CMSerr(CMS_F_CMS_ENVELOPEDDATA_INIT_BIO,
-                   CMS_R_ERROR_SETTING_RECIPIENTINFO);
-            goto err;
-        }
-    }
-    cms_env_set_version(cms->d.envelopedData);
-
-    ok = 1;
-
- err:
-    ec->cipher = NULL;
-    if (ec->key) {
-        OPENSSL_cleanse(ec->key, ec->keylen);
-        OPENSSL_free(ec->key);
-        ec->key = NULL;
-        ec->keylen = 0;
-    }
-    if (ok)
-        return ret;
-    BIO_free(ret);
-    return NULL;
-
-}
-
-/*
- * Get RecipientInfo type (if any) supported by a key (public or private). To
- * retain compatibility with previous behaviour if the ctrl value isn't
- * supported we assume key transport.
- */
-int cms_pkey_get_ri_type(EVP_PKEY *pk)
-{
-    if (pk->ameth && pk->ameth->pkey_ctrl) {
-        int i, r;
-        i = pk->ameth->pkey_ctrl(pk, ASN1_PKEY_CTRL_CMS_RI_TYPE, 0, &r);
-        if (i > 0)
-            return r;
-    }
-    return CMS_RECIPINFO_TRANS;
-}
diff --git a/thirdparty/openssl/crypto/cms/cms_err.c b/thirdparty/openssl/crypto/cms/cms_err.c
deleted file mode 100644
index 15572ea348..0000000000
--- a/thirdparty/openssl/crypto/cms/cms_err.c
+++ /dev/null
@@ -1,309 +0,0 @@
-/* crypto/cms/cms_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2013 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/cms.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_CMS,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_CMS,0,reason)
-
-static ERR_STRING_DATA CMS_str_functs[] = {
-    {ERR_FUNC(CMS_F_CHECK_CONTENT), "CHECK_CONTENT"},
-    {ERR_FUNC(CMS_F_CMS_ADD0_CERT), "CMS_add0_cert"},
-    {ERR_FUNC(CMS_F_CMS_ADD0_RECIPIENT_KEY), "CMS_add0_recipient_key"},
-    {ERR_FUNC(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD),
-     "CMS_add0_recipient_password"},
-    {ERR_FUNC(CMS_F_CMS_ADD1_RECEIPTREQUEST), "CMS_add1_ReceiptRequest"},
-    {ERR_FUNC(CMS_F_CMS_ADD1_RECIPIENT_CERT), "CMS_add1_recipient_cert"},
-    {ERR_FUNC(CMS_F_CMS_ADD1_SIGNER), "CMS_add1_signer"},
-    {ERR_FUNC(CMS_F_CMS_ADD1_SIGNINGTIME), "CMS_ADD1_SIGNINGTIME"},
-    {ERR_FUNC(CMS_F_CMS_COMPRESS), "CMS_compress"},
-    {ERR_FUNC(CMS_F_CMS_COMPRESSEDDATA_CREATE), "cms_CompressedData_create"},
-    {ERR_FUNC(CMS_F_CMS_COMPRESSEDDATA_INIT_BIO),
-     "cms_CompressedData_init_bio"},
-    {ERR_FUNC(CMS_F_CMS_COPY_CONTENT), "CMS_COPY_CONTENT"},
-    {ERR_FUNC(CMS_F_CMS_COPY_MESSAGEDIGEST), "CMS_COPY_MESSAGEDIGEST"},
-    {ERR_FUNC(CMS_F_CMS_DATA), "CMS_data"},
-    {ERR_FUNC(CMS_F_CMS_DATAFINAL), "CMS_dataFinal"},
-    {ERR_FUNC(CMS_F_CMS_DATAINIT), "CMS_dataInit"},
-    {ERR_FUNC(CMS_F_CMS_DECRYPT), "CMS_decrypt"},
-    {ERR_FUNC(CMS_F_CMS_DECRYPT_SET1_KEY), "CMS_decrypt_set1_key"},
-    {ERR_FUNC(CMS_F_CMS_DECRYPT_SET1_PASSWORD), "CMS_decrypt_set1_password"},
-    {ERR_FUNC(CMS_F_CMS_DECRYPT_SET1_PKEY), "CMS_decrypt_set1_pkey"},
-    {ERR_FUNC(CMS_F_CMS_DIGESTALGORITHM_FIND_CTX),
-     "cms_DigestAlgorithm_find_ctx"},
-    {ERR_FUNC(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO),
-     "cms_DigestAlgorithm_init_bio"},
-    {ERR_FUNC(CMS_F_CMS_DIGESTEDDATA_DO_FINAL), "cms_DigestedData_do_final"},
-    {ERR_FUNC(CMS_F_CMS_DIGEST_VERIFY), "CMS_digest_verify"},
-    {ERR_FUNC(CMS_F_CMS_ENCODE_RECEIPT), "cms_encode_Receipt"},
-    {ERR_FUNC(CMS_F_CMS_ENCRYPT), "CMS_encrypt"},
-    {ERR_FUNC(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO),
-     "cms_EncryptedContent_init_bio"},
-    {ERR_FUNC(CMS_F_CMS_ENCRYPTEDDATA_DECRYPT), "CMS_EncryptedData_decrypt"},
-    {ERR_FUNC(CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT), "CMS_EncryptedData_encrypt"},
-    {ERR_FUNC(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY),
-     "CMS_EncryptedData_set1_key"},
-    {ERR_FUNC(CMS_F_CMS_ENVELOPEDDATA_CREATE), "CMS_EnvelopedData_create"},
-    {ERR_FUNC(CMS_F_CMS_ENVELOPEDDATA_INIT_BIO),
-     "cms_EnvelopedData_init_bio"},
-    {ERR_FUNC(CMS_F_CMS_ENVELOPED_DATA_INIT), "CMS_ENVELOPED_DATA_INIT"},
-    {ERR_FUNC(CMS_F_CMS_ENV_ASN1_CTRL), "cms_env_asn1_ctrl"},
-    {ERR_FUNC(CMS_F_CMS_FINAL), "CMS_final"},
-    {ERR_FUNC(CMS_F_CMS_GET0_CERTIFICATE_CHOICES),
-     "CMS_GET0_CERTIFICATE_CHOICES"},
-    {ERR_FUNC(CMS_F_CMS_GET0_CONTENT), "CMS_get0_content"},
-    {ERR_FUNC(CMS_F_CMS_GET0_ECONTENT_TYPE), "CMS_GET0_ECONTENT_TYPE"},
-    {ERR_FUNC(CMS_F_CMS_GET0_ENVELOPED), "cms_get0_enveloped"},
-    {ERR_FUNC(CMS_F_CMS_GET0_REVOCATION_CHOICES),
-     "CMS_GET0_REVOCATION_CHOICES"},
-    {ERR_FUNC(CMS_F_CMS_GET0_SIGNED), "CMS_GET0_SIGNED"},
-    {ERR_FUNC(CMS_F_CMS_MSGSIGDIGEST_ADD1), "cms_msgSigDigest_add1"},
-    {ERR_FUNC(CMS_F_CMS_RECEIPTREQUEST_CREATE0),
-     "CMS_ReceiptRequest_create0"},
-    {ERR_FUNC(CMS_F_CMS_RECEIPT_VERIFY), "cms_Receipt_verify"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_DECRYPT), "CMS_RecipientInfo_decrypt"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_ENCRYPT), "CMS_RecipientInfo_encrypt"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT),
-     "cms_RecipientInfo_kari_encrypt"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG),
-     "CMS_RecipientInfo_kari_get0_alg"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID),
-     "CMS_RecipientInfo_kari_get0_orig_id"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS),
-     "CMS_RecipientInfo_kari_get0_reks"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP),
-     "CMS_RecipientInfo_kari_orig_id_cmp"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT),
-     "CMS_RECIPIENTINFO_KEKRI_DECRYPT"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT),
-     "CMS_RECIPIENTINFO_KEKRI_ENCRYPT"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID),
-     "CMS_RecipientInfo_kekri_get0_id"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP),
-     "CMS_RecipientInfo_kekri_id_cmp"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP),
-     "CMS_RecipientInfo_ktri_cert_cmp"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT),
-     "CMS_RECIPIENTINFO_KTRI_DECRYPT"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT),
-     "CMS_RECIPIENTINFO_KTRI_ENCRYPT"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS),
-     "CMS_RecipientInfo_ktri_get0_algs"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID),
-     "CMS_RecipientInfo_ktri_get0_signer_id"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT),
-     "cms_RecipientInfo_pwri_crypt"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_SET0_KEY),
-     "CMS_RecipientInfo_set0_key"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD),
-     "CMS_RecipientInfo_set0_password"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_SET0_PKEY),
-     "CMS_RecipientInfo_set0_pkey"},
-    {ERR_FUNC(CMS_F_CMS_SD_ASN1_CTRL), "CMS_SD_ASN1_CTRL"},
-    {ERR_FUNC(CMS_F_CMS_SET1_IAS), "cms_set1_ias"},
-    {ERR_FUNC(CMS_F_CMS_SET1_KEYID), "cms_set1_keyid"},
-    {ERR_FUNC(CMS_F_CMS_SET1_SIGNERIDENTIFIER), "cms_set1_SignerIdentifier"},
-    {ERR_FUNC(CMS_F_CMS_SET_DETACHED), "CMS_set_detached"},
-    {ERR_FUNC(CMS_F_CMS_SIGN), "CMS_sign"},
-    {ERR_FUNC(CMS_F_CMS_SIGNED_DATA_INIT), "CMS_SIGNED_DATA_INIT"},
-    {ERR_FUNC(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN),
-     "CMS_SIGNERINFO_CONTENT_SIGN"},
-    {ERR_FUNC(CMS_F_CMS_SIGNERINFO_SIGN), "CMS_SignerInfo_sign"},
-    {ERR_FUNC(CMS_F_CMS_SIGNERINFO_VERIFY), "CMS_SignerInfo_verify"},
-    {ERR_FUNC(CMS_F_CMS_SIGNERINFO_VERIFY_CERT),
-     "CMS_SIGNERINFO_VERIFY_CERT"},
-    {ERR_FUNC(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT),
-     "CMS_SignerInfo_verify_content"},
-    {ERR_FUNC(CMS_F_CMS_SIGN_RECEIPT), "CMS_sign_receipt"},
-    {ERR_FUNC(CMS_F_CMS_STREAM), "CMS_stream"},
-    {ERR_FUNC(CMS_F_CMS_UNCOMPRESS), "CMS_uncompress"},
-    {ERR_FUNC(CMS_F_CMS_VERIFY), "CMS_verify"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA CMS_str_reasons[] = {
-    {ERR_REASON(CMS_R_ADD_SIGNER_ERROR), "add signer error"},
-    {ERR_REASON(CMS_R_CERTIFICATE_ALREADY_PRESENT),
-     "certificate already present"},
-    {ERR_REASON(CMS_R_CERTIFICATE_HAS_NO_KEYID), "certificate has no keyid"},
-    {ERR_REASON(CMS_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"},
-    {ERR_REASON(CMS_R_CIPHER_INITIALISATION_ERROR),
-     "cipher initialisation error"},
-    {ERR_REASON(CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR),
-     "cipher parameter initialisation error"},
-    {ERR_REASON(CMS_R_CMS_DATAFINAL_ERROR), "cms datafinal error"},
-    {ERR_REASON(CMS_R_CMS_LIB), "cms lib"},
-    {ERR_REASON(CMS_R_CONTENTIDENTIFIER_MISMATCH),
-     "contentidentifier mismatch"},
-    {ERR_REASON(CMS_R_CONTENT_NOT_FOUND), "content not found"},
-    {ERR_REASON(CMS_R_CONTENT_TYPE_MISMATCH), "content type mismatch"},
-    {ERR_REASON(CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA),
-     "content type not compressed data"},
-    {ERR_REASON(CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA),
-     "content type not enveloped data"},
-    {ERR_REASON(CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA),
-     "content type not signed data"},
-    {ERR_REASON(CMS_R_CONTENT_VERIFY_ERROR), "content verify error"},
-    {ERR_REASON(CMS_R_CTRL_ERROR), "ctrl error"},
-    {ERR_REASON(CMS_R_CTRL_FAILURE), "ctrl failure"},
-    {ERR_REASON(CMS_R_DECRYPT_ERROR), "decrypt error"},
-    {ERR_REASON(CMS_R_DIGEST_ERROR), "digest error"},
-    {ERR_REASON(CMS_R_ERROR_GETTING_PUBLIC_KEY), "error getting public key"},
-    {ERR_REASON(CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE),
-     "error reading messagedigest attribute"},
-    {ERR_REASON(CMS_R_ERROR_SETTING_KEY), "error setting key"},
-    {ERR_REASON(CMS_R_ERROR_SETTING_RECIPIENTINFO),
-     "error setting recipientinfo"},
-    {ERR_REASON(CMS_R_INVALID_ENCRYPTED_KEY_LENGTH),
-     "invalid encrypted key length"},
-    {ERR_REASON(CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER),
-     "invalid key encryption parameter"},
-    {ERR_REASON(CMS_R_INVALID_KEY_LENGTH), "invalid key length"},
-    {ERR_REASON(CMS_R_MD_BIO_INIT_ERROR), "md bio init error"},
-    {ERR_REASON(CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH),
-     "messagedigest attribute wrong length"},
-    {ERR_REASON(CMS_R_MESSAGEDIGEST_WRONG_LENGTH),
-     "messagedigest wrong length"},
-    {ERR_REASON(CMS_R_MSGSIGDIGEST_ERROR), "msgsigdigest error"},
-    {ERR_REASON(CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE),
-     "msgsigdigest verification failure"},
-    {ERR_REASON(CMS_R_MSGSIGDIGEST_WRONG_LENGTH),
-     "msgsigdigest wrong length"},
-    {ERR_REASON(CMS_R_NEED_ONE_SIGNER), "need one signer"},
-    {ERR_REASON(CMS_R_NOT_A_SIGNED_RECEIPT), "not a signed receipt"},
-    {ERR_REASON(CMS_R_NOT_ENCRYPTED_DATA), "not encrypted data"},
-    {ERR_REASON(CMS_R_NOT_KEK), "not kek"},
-    {ERR_REASON(CMS_R_NOT_KEY_AGREEMENT), "not key agreement"},
-    {ERR_REASON(CMS_R_NOT_KEY_TRANSPORT), "not key transport"},
-    {ERR_REASON(CMS_R_NOT_PWRI), "not pwri"},
-    {ERR_REASON(CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),
-     "not supported for this key type"},
-    {ERR_REASON(CMS_R_NO_CIPHER), "no cipher"},
-    {ERR_REASON(CMS_R_NO_CONTENT), "no content"},
-    {ERR_REASON(CMS_R_NO_CONTENT_TYPE), "no content type"},
-    {ERR_REASON(CMS_R_NO_DEFAULT_DIGEST), "no default digest"},
-    {ERR_REASON(CMS_R_NO_DIGEST_SET), "no digest set"},
-    {ERR_REASON(CMS_R_NO_KEY), "no key"},
-    {ERR_REASON(CMS_R_NO_KEY_OR_CERT), "no key or cert"},
-    {ERR_REASON(CMS_R_NO_MATCHING_DIGEST), "no matching digest"},
-    {ERR_REASON(CMS_R_NO_MATCHING_RECIPIENT), "no matching recipient"},
-    {ERR_REASON(CMS_R_NO_MATCHING_SIGNATURE), "no matching signature"},
-    {ERR_REASON(CMS_R_NO_MSGSIGDIGEST), "no msgsigdigest"},
-    {ERR_REASON(CMS_R_NO_PASSWORD), "no password"},
-    {ERR_REASON(CMS_R_NO_PRIVATE_KEY), "no private key"},
-    {ERR_REASON(CMS_R_NO_PUBLIC_KEY), "no public key"},
-    {ERR_REASON(CMS_R_NO_RECEIPT_REQUEST), "no receipt request"},
-    {ERR_REASON(CMS_R_NO_SIGNERS), "no signers"},
-    {ERR_REASON(CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),
-     "private key does not match certificate"},
-    {ERR_REASON(CMS_R_RECEIPT_DECODE_ERROR), "receipt decode error"},
-    {ERR_REASON(CMS_R_RECIPIENT_ERROR), "recipient error"},
-    {ERR_REASON(CMS_R_SIGNER_CERTIFICATE_NOT_FOUND),
-     "signer certificate not found"},
-    {ERR_REASON(CMS_R_SIGNFINAL_ERROR), "signfinal error"},
-    {ERR_REASON(CMS_R_SMIME_TEXT_ERROR), "smime text error"},
-    {ERR_REASON(CMS_R_STORE_INIT_ERROR), "store init error"},
-    {ERR_REASON(CMS_R_TYPE_NOT_COMPRESSED_DATA), "type not compressed data"},
-    {ERR_REASON(CMS_R_TYPE_NOT_DATA), "type not data"},
-    {ERR_REASON(CMS_R_TYPE_NOT_DIGESTED_DATA), "type not digested data"},
-    {ERR_REASON(CMS_R_TYPE_NOT_ENCRYPTED_DATA), "type not encrypted data"},
-    {ERR_REASON(CMS_R_TYPE_NOT_ENVELOPED_DATA), "type not enveloped data"},
-    {ERR_REASON(CMS_R_UNABLE_TO_FINALIZE_CONTEXT),
-     "unable to finalize context"},
-    {ERR_REASON(CMS_R_UNKNOWN_CIPHER), "unknown cipher"},
-    {ERR_REASON(CMS_R_UNKNOWN_DIGEST_ALGORIHM), "unknown digest algorihm"},
-    {ERR_REASON(CMS_R_UNKNOWN_ID), "unknown id"},
-    {ERR_REASON(CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM),
-     "unsupported compression algorithm"},
-    {ERR_REASON(CMS_R_UNSUPPORTED_CONTENT_TYPE), "unsupported content type"},
-    {ERR_REASON(CMS_R_UNSUPPORTED_KEK_ALGORITHM),
-     "unsupported kek algorithm"},
-    {ERR_REASON(CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM),
-     "unsupported key encryption algorithm"},
-    {ERR_REASON(CMS_R_UNSUPPORTED_RECIPIENT_TYPE),
-     "unsupported recipient type"},
-    {ERR_REASON(CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE),
-     "unsupported recpientinfo type"},
-    {ERR_REASON(CMS_R_UNSUPPORTED_TYPE), "unsupported type"},
-    {ERR_REASON(CMS_R_UNWRAP_ERROR), "unwrap error"},
-    {ERR_REASON(CMS_R_UNWRAP_FAILURE), "unwrap failure"},
-    {ERR_REASON(CMS_R_VERIFICATION_FAILURE), "verification failure"},
-    {ERR_REASON(CMS_R_WRAP_ERROR), "wrap error"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_CMS_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(CMS_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, CMS_str_functs);
-        ERR_load_strings(0, CMS_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/cms/cms_ess.c b/thirdparty/openssl/crypto/cms/cms_ess.c
deleted file mode 100644
index 8212560628..0000000000
--- a/thirdparty/openssl/crypto/cms/cms_ess.c
+++ /dev/null
@@ -1,394 +0,0 @@
-/* crypto/cms/cms_ess.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/pem.h>
-#include <openssl/rand.h>
-#include <openssl/x509v3.h>
-#include <openssl/err.h>
-#include <openssl/cms.h>
-#include "cms_lcl.h"
-
-DECLARE_ASN1_ITEM(CMS_ReceiptRequest)
-DECLARE_ASN1_ITEM(CMS_Receipt)
-
-IMPLEMENT_ASN1_FUNCTIONS(CMS_ReceiptRequest)
-
-/* ESS services: for now just Signed Receipt related */
-
-int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr)
-{
-    ASN1_STRING *str;
-    CMS_ReceiptRequest *rr = NULL;
-    if (prr)
-        *prr = NULL;
-    str = CMS_signed_get0_data_by_OBJ(si,
-                                      OBJ_nid2obj
-                                      (NID_id_smime_aa_receiptRequest), -3,
-                                      V_ASN1_SEQUENCE);
-    if (!str)
-        return 0;
-
-    rr = ASN1_item_unpack(str, ASN1_ITEM_rptr(CMS_ReceiptRequest));
-    if (!rr)
-        return -1;
-    if (prr)
-        *prr = rr;
-    else
-        CMS_ReceiptRequest_free(rr);
-    return 1;
-}
-
-CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
-                                               int allorfirst,
-                                               STACK_OF(GENERAL_NAMES)
-                                               *receiptList, STACK_OF(GENERAL_NAMES)
-                                               *receiptsTo)
-{
-    CMS_ReceiptRequest *rr = NULL;
-
-    rr = CMS_ReceiptRequest_new();
-    if (!rr)
-        goto merr;
-    if (id)
-        ASN1_STRING_set0(rr->signedContentIdentifier, id, idlen);
-    else {
-        if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32))
-            goto merr;
-        if (RAND_bytes(rr->signedContentIdentifier->data, 32) <= 0)
-            goto err;
-    }
-
-    sk_GENERAL_NAMES_pop_free(rr->receiptsTo, GENERAL_NAMES_free);
-    rr->receiptsTo = receiptsTo;
-
-    if (receiptList) {
-        rr->receiptsFrom->type = 1;
-        rr->receiptsFrom->d.receiptList = receiptList;
-    } else {
-        rr->receiptsFrom->type = 0;
-        rr->receiptsFrom->d.allOrFirstTier = allorfirst;
-    }
-
-    return rr;
-
- merr:
-    CMSerr(CMS_F_CMS_RECEIPTREQUEST_CREATE0, ERR_R_MALLOC_FAILURE);
-
- err:
-    if (rr)
-        CMS_ReceiptRequest_free(rr);
-
-    return NULL;
-
-}
-
-int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr)
-{
-    unsigned char *rrder = NULL;
-    int rrderlen, r = 0;
-
-    rrderlen = i2d_CMS_ReceiptRequest(rr, &rrder);
-    if (rrderlen < 0)
-        goto merr;
-
-    if (!CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_receiptRequest,
-                                     V_ASN1_SEQUENCE, rrder, rrderlen))
-        goto merr;
-
-    r = 1;
-
- merr:
-    if (!r)
-        CMSerr(CMS_F_CMS_ADD1_RECEIPTREQUEST, ERR_R_MALLOC_FAILURE);
-
-    if (rrder)
-        OPENSSL_free(rrder);
-
-    return r;
-
-}
-
-void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
-                                    ASN1_STRING **pcid,
-                                    int *pallorfirst,
-                                    STACK_OF(GENERAL_NAMES) **plist,
-                                    STACK_OF(GENERAL_NAMES) **prto)
-{
-    if (pcid)
-        *pcid = rr->signedContentIdentifier;
-    if (rr->receiptsFrom->type == 0) {
-        if (pallorfirst)
-            *pallorfirst = (int)rr->receiptsFrom->d.allOrFirstTier;
-        if (plist)
-            *plist = NULL;
-    } else {
-        if (pallorfirst)
-            *pallorfirst = -1;
-        if (plist)
-            *plist = rr->receiptsFrom->d.receiptList;
-    }
-    if (prto)
-        *prto = rr->receiptsTo;
-}
-
-/* Digest a SignerInfo structure for msgSigDigest attribute processing */
-
-static int cms_msgSigDigest(CMS_SignerInfo *si,
-                            unsigned char *dig, unsigned int *diglen)
-{
-    const EVP_MD *md;
-    md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
-    if (md == NULL)
-        return 0;
-    if (!ASN1_item_digest(ASN1_ITEM_rptr(CMS_Attributes_Verify), md,
-                          si->signedAttrs, dig, diglen))
-        return 0;
-    return 1;
-}
-
-/* Add a msgSigDigest attribute to a SignerInfo */
-
-int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src)
-{
-    unsigned char dig[EVP_MAX_MD_SIZE];
-    unsigned int diglen;
-    if (!cms_msgSigDigest(src, dig, &diglen)) {
-        CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, CMS_R_MSGSIGDIGEST_ERROR);
-        return 0;
-    }
-    if (!CMS_signed_add1_attr_by_NID(dest, NID_id_smime_aa_msgSigDigest,
-                                     V_ASN1_OCTET_STRING, dig, diglen)) {
-        CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    return 1;
-}
-
-/* Verify signed receipt after it has already passed normal CMS verify */
-
-int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
-{
-    int r = 0, i;
-    CMS_ReceiptRequest *rr = NULL;
-    CMS_Receipt *rct = NULL;
-    STACK_OF(CMS_SignerInfo) *sis, *osis;
-    CMS_SignerInfo *si, *osi = NULL;
-    ASN1_OCTET_STRING *msig, **pcont;
-    ASN1_OBJECT *octype;
-    unsigned char dig[EVP_MAX_MD_SIZE];
-    unsigned int diglen;
-
-    /* Get SignerInfos, also checks SignedData content type */
-    osis = CMS_get0_SignerInfos(req_cms);
-    sis = CMS_get0_SignerInfos(cms);
-    if (!osis || !sis)
-        goto err;
-
-    if (sk_CMS_SignerInfo_num(sis) != 1) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NEED_ONE_SIGNER);
-        goto err;
-    }
-
-    /* Check receipt content type */
-    if (OBJ_obj2nid(CMS_get0_eContentType(cms)) != NID_id_smime_ct_receipt) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NOT_A_SIGNED_RECEIPT);
-        goto err;
-    }
-
-    /* Extract and decode receipt content */
-    pcont = CMS_get0_content(cms);
-    if (!pcont || !*pcont) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT);
-        goto err;
-    }
-
-    rct = ASN1_item_unpack(*pcont, ASN1_ITEM_rptr(CMS_Receipt));
-
-    if (!rct) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_RECEIPT_DECODE_ERROR);
-        goto err;
-    }
-
-    /* Locate original request */
-
-    for (i = 0; i < sk_CMS_SignerInfo_num(osis); i++) {
-        osi = sk_CMS_SignerInfo_value(osis, i);
-        if (!ASN1_STRING_cmp(osi->signature, rct->originatorSignatureValue))
-            break;
-    }
-
-    if (i == sk_CMS_SignerInfo_num(osis)) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MATCHING_SIGNATURE);
-        goto err;
-    }
-
-    si = sk_CMS_SignerInfo_value(sis, 0);
-
-    /* Get msgSigDigest value and compare */
-
-    msig = CMS_signed_get0_data_by_OBJ(si,
-                                       OBJ_nid2obj
-                                       (NID_id_smime_aa_msgSigDigest), -3,
-                                       V_ASN1_OCTET_STRING);
-
-    if (!msig) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MSGSIGDIGEST);
-        goto err;
-    }
-
-    if (!cms_msgSigDigest(osi, dig, &diglen)) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_ERROR);
-        goto err;
-    }
-
-    if (diglen != (unsigned int)msig->length) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_WRONG_LENGTH);
-        goto err;
-    }
-
-    if (memcmp(dig, msig->data, diglen)) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
-               CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE);
-        goto err;
-    }
-
-    /* Compare content types */
-
-    octype = CMS_signed_get0_data_by_OBJ(osi,
-                                         OBJ_nid2obj(NID_pkcs9_contentType),
-                                         -3, V_ASN1_OBJECT);
-    if (!octype) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT_TYPE);
-        goto err;
-    }
-
-    /* Compare details in receipt request */
-
-    if (OBJ_cmp(octype, rct->contentType)) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENT_TYPE_MISMATCH);
-        goto err;
-    }
-
-    /* Get original receipt request details */
-
-    if (CMS_get1_ReceiptRequest(osi, &rr) <= 0) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_RECEIPT_REQUEST);
-        goto err;
-    }
-
-    if (ASN1_STRING_cmp(rr->signedContentIdentifier,
-                        rct->signedContentIdentifier)) {
-        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENTIDENTIFIER_MISMATCH);
-        goto err;
-    }
-
-    r = 1;
-
- err:
-    if (rr)
-        CMS_ReceiptRequest_free(rr);
-    if (rct)
-        M_ASN1_free_of(rct, CMS_Receipt);
-
-    return r;
-
-}
-
-/*
- * Encode a Receipt into an OCTET STRING read for including into content of a
- * SignedData ContentInfo.
- */
-
-ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si)
-{
-    CMS_Receipt rct;
-    CMS_ReceiptRequest *rr = NULL;
-    ASN1_OBJECT *ctype;
-    ASN1_OCTET_STRING *os = NULL;
-
-    /* Get original receipt request */
-
-    /* Get original receipt request details */
-
-    if (CMS_get1_ReceiptRequest(si, &rr) <= 0) {
-        CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_RECEIPT_REQUEST);
-        goto err;
-    }
-
-    /* Get original content type */
-
-    ctype = CMS_signed_get0_data_by_OBJ(si,
-                                        OBJ_nid2obj(NID_pkcs9_contentType),
-                                        -3, V_ASN1_OBJECT);
-    if (!ctype) {
-        CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_CONTENT_TYPE);
-        goto err;
-    }
-
-    rct.version = 1;
-    rct.contentType = ctype;
-    rct.signedContentIdentifier = rr->signedContentIdentifier;
-    rct.originatorSignatureValue = si->signature;
-
-    os = ASN1_item_pack(&rct, ASN1_ITEM_rptr(CMS_Receipt), NULL);
-
- err:
-    if (rr)
-        CMS_ReceiptRequest_free(rr);
-
-    return os;
-
-}
diff --git a/thirdparty/openssl/crypto/cms/cms_io.c b/thirdparty/openssl/crypto/cms/cms_io.c
deleted file mode 100644
index ec51f8e680..0000000000
--- a/thirdparty/openssl/crypto/cms/cms_io.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/* crypto/cms/cms_io.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include "cms.h"
-#include "cms_lcl.h"
-
-int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms)
-{
-    ASN1_OCTET_STRING **pos;
-    pos = CMS_get0_content(cms);
-    if (!pos)
-        return 0;
-    if (!*pos)
-        *pos = ASN1_OCTET_STRING_new();
-    if (*pos) {
-        (*pos)->flags |= ASN1_STRING_FLAG_NDEF;
-        (*pos)->flags &= ~ASN1_STRING_FLAG_CONT;
-        *boundary = &(*pos)->data;
-        return 1;
-    }
-    CMSerr(CMS_F_CMS_STREAM, ERR_R_MALLOC_FAILURE);
-    return 0;
-}
-
-CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms)
-{
-    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(CMS_ContentInfo), bp, cms);
-}
-
-int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms)
-{
-    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(CMS_ContentInfo), bp, cms);
-}
-
-IMPLEMENT_PEM_rw_const(CMS, CMS_ContentInfo, PEM_STRING_CMS, CMS_ContentInfo)
-
-BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms)
-{
-    return BIO_new_NDEF(out, (ASN1_VALUE *)cms,
-                        ASN1_ITEM_rptr(CMS_ContentInfo));
-}
-
-/* CMS wrappers round generalised stream and MIME routines */
-
-int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags)
-{
-    return i2d_ASN1_bio_stream(out, (ASN1_VALUE *)cms, in, flags,
-                               ASN1_ITEM_rptr(CMS_ContentInfo));
-}
-
-int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in,
-                             int flags)
-{
-    return PEM_write_bio_ASN1_stream(out, (ASN1_VALUE *)cms, in, flags,
-                                     "CMS", ASN1_ITEM_rptr(CMS_ContentInfo));
-}
-
-int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags)
-{
-    STACK_OF(X509_ALGOR) *mdalgs;
-    int ctype_nid = OBJ_obj2nid(cms->contentType);
-    int econt_nid = OBJ_obj2nid(CMS_get0_eContentType(cms));
-    if (ctype_nid == NID_pkcs7_signed)
-        mdalgs = cms->d.signedData->digestAlgorithms;
-    else
-        mdalgs = NULL;
-
-    return SMIME_write_ASN1(bio, (ASN1_VALUE *)cms, data, flags,
-                            ctype_nid, econt_nid, mdalgs,
-                            ASN1_ITEM_rptr(CMS_ContentInfo));
-}
-
-CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont)
-{
-    return (CMS_ContentInfo *)SMIME_read_ASN1(bio, bcont,
-                                              ASN1_ITEM_rptr
-                                              (CMS_ContentInfo));
-}
diff --git a/thirdparty/openssl/crypto/cms/cms_kari.c b/thirdparty/openssl/crypto/cms/cms_kari.c
deleted file mode 100644
index ee283172d3..0000000000
--- a/thirdparty/openssl/crypto/cms/cms_kari.c
+++ /dev/null
@@ -1,468 +0,0 @@
-/* crypto/cms/cms_kari.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2013 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-#include <openssl/err.h>
-#include <openssl/cms.h>
-#include <openssl/rand.h>
-#include <openssl/aes.h>
-#include "cms_lcl.h"
-#include "asn1_locl.h"
-
-DECLARE_ASN1_ITEM(CMS_KeyAgreeRecipientInfo)
-DECLARE_ASN1_ITEM(CMS_RecipientEncryptedKey)
-DECLARE_ASN1_ITEM(CMS_OriginatorPublicKey)
-DECLARE_ASN1_ITEM(CMS_RecipientKeyIdentifier)
-
-/* Key Agreement Recipient Info (KARI) routines */
-
-int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri,
-                                    X509_ALGOR **palg,
-                                    ASN1_OCTET_STRING **pukm)
-{
-    if (ri->type != CMS_RECIPINFO_AGREE) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG,
-               CMS_R_NOT_KEY_AGREEMENT);
-        return 0;
-    }
-    if (palg)
-        *palg = ri->d.kari->keyEncryptionAlgorithm;
-    if (pukm)
-        *pukm = ri->d.kari->ukm;
-    return 1;
-}
-
-/* Retrieve recipient encrypted keys from a kari */
-
-STACK_OF(CMS_RecipientEncryptedKey)
-*CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri)
-{
-    if (ri->type != CMS_RECIPINFO_AGREE) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS,
-               CMS_R_NOT_KEY_AGREEMENT);
-        return NULL;
-    }
-    return ri->d.kari->recipientEncryptedKeys;
-}
-
-int CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri,
-                                        X509_ALGOR **pubalg,
-                                        ASN1_BIT_STRING **pubkey,
-                                        ASN1_OCTET_STRING **keyid,
-                                        X509_NAME **issuer,
-                                        ASN1_INTEGER **sno)
-{
-    CMS_OriginatorIdentifierOrKey *oik;
-    if (ri->type != CMS_RECIPINFO_AGREE) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID,
-               CMS_R_NOT_KEY_AGREEMENT);
-        return 0;
-    }
-    oik = ri->d.kari->originator;
-    if (issuer)
-        *issuer = NULL;
-    if (sno)
-        *sno = NULL;
-    if (keyid)
-        *keyid = NULL;
-    if (pubalg)
-        *pubalg = NULL;
-    if (pubkey)
-        *pubkey = NULL;
-    if (oik->type == CMS_OIK_ISSUER_SERIAL) {
-        if (issuer)
-            *issuer = oik->d.issuerAndSerialNumber->issuer;
-        if (sno)
-            *sno = oik->d.issuerAndSerialNumber->serialNumber;
-    } else if (oik->type == CMS_OIK_KEYIDENTIFIER) {
-        if (keyid)
-            *keyid = oik->d.subjectKeyIdentifier;
-    } else if (oik->type == CMS_OIK_PUBKEY) {
-        if (pubalg)
-            *pubalg = oik->d.originatorKey->algorithm;
-        if (pubkey)
-            *pubkey = oik->d.originatorKey->publicKey;
-    } else
-        return 0;
-    return 1;
-}
-
-int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert)
-{
-    CMS_OriginatorIdentifierOrKey *oik;
-    if (ri->type != CMS_RECIPINFO_AGREE) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP,
-               CMS_R_NOT_KEY_AGREEMENT);
-        return -2;
-    }
-    oik = ri->d.kari->originator;
-    if (oik->type == CMS_OIK_ISSUER_SERIAL)
-        return cms_ias_cert_cmp(oik->d.issuerAndSerialNumber, cert);
-    else if (oik->type == CMS_OIK_KEYIDENTIFIER)
-        return cms_keyid_cert_cmp(oik->d.subjectKeyIdentifier, cert);
-    return -1;
-}
-
-int CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek,
-                                      ASN1_OCTET_STRING **keyid,
-                                      ASN1_GENERALIZEDTIME **tm,
-                                      CMS_OtherKeyAttribute **other,
-                                      X509_NAME **issuer, ASN1_INTEGER **sno)
-{
-    CMS_KeyAgreeRecipientIdentifier *rid = rek->rid;
-    if (rid->type == CMS_REK_ISSUER_SERIAL) {
-        if (issuer)
-            *issuer = rid->d.issuerAndSerialNumber->issuer;
-        if (sno)
-            *sno = rid->d.issuerAndSerialNumber->serialNumber;
-        if (keyid)
-            *keyid = NULL;
-        if (tm)
-            *tm = NULL;
-        if (other)
-            *other = NULL;
-    } else if (rid->type == CMS_REK_KEYIDENTIFIER) {
-        if (keyid)
-            *keyid = rid->d.rKeyId->subjectKeyIdentifier;
-        if (tm)
-            *tm = rid->d.rKeyId->date;
-        if (other)
-            *other = rid->d.rKeyId->other;
-        if (issuer)
-            *issuer = NULL;
-        if (sno)
-            *sno = NULL;
-    } else
-        return 0;
-    return 1;
-}
-
-int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek,
-                                       X509 *cert)
-{
-    CMS_KeyAgreeRecipientIdentifier *rid = rek->rid;
-    if (rid->type == CMS_REK_ISSUER_SERIAL)
-        return cms_ias_cert_cmp(rid->d.issuerAndSerialNumber, cert);
-    else if (rid->type == CMS_REK_KEYIDENTIFIER)
-        return cms_keyid_cert_cmp(rid->d.rKeyId->subjectKeyIdentifier, cert);
-    else
-        return -1;
-}
-
-int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk)
-{
-    EVP_PKEY_CTX *pctx;
-    CMS_KeyAgreeRecipientInfo *kari = ri->d.kari;
-    if (kari->pctx) {
-        EVP_PKEY_CTX_free(kari->pctx);
-        kari->pctx = NULL;
-    }
-    if (!pk)
-        return 1;
-    pctx = EVP_PKEY_CTX_new(pk, NULL);
-    if (!pctx || !EVP_PKEY_derive_init(pctx))
-        goto err;
-    kari->pctx = pctx;
-    return 1;
- err:
-    if (pctx)
-        EVP_PKEY_CTX_free(pctx);
-    return 0;
-}
-
-EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri)
-{
-    if (ri->type == CMS_RECIPINFO_AGREE)
-        return &ri->d.kari->ctx;
-    return NULL;
-}
-
-/*
- * Derive KEK and decrypt/encrypt with it to produce either the original CEK
- * or the encrypted CEK.
- */
-
-static int cms_kek_cipher(unsigned char **pout, size_t *poutlen,
-                          const unsigned char *in, size_t inlen,
-                          CMS_KeyAgreeRecipientInfo *kari, int enc)
-{
-    /* Key encryption key */
-    unsigned char kek[EVP_MAX_KEY_LENGTH];
-    size_t keklen;
-    int rv = 0;
-    unsigned char *out = NULL;
-    int outlen;
-    keklen = EVP_CIPHER_CTX_key_length(&kari->ctx);
-    if (keklen > EVP_MAX_KEY_LENGTH)
-        return 0;
-    /* Derive KEK */
-    if (EVP_PKEY_derive(kari->pctx, kek, &keklen) <= 0)
-        goto err;
-    /* Set KEK in context */
-    if (!EVP_CipherInit_ex(&kari->ctx, NULL, NULL, kek, NULL, enc))
-        goto err;
-    /* obtain output length of ciphered key */
-    if (!EVP_CipherUpdate(&kari->ctx, NULL, &outlen, in, inlen))
-        goto err;
-    out = OPENSSL_malloc(outlen);
-    if (!out)
-        goto err;
-    if (!EVP_CipherUpdate(&kari->ctx, out, &outlen, in, inlen))
-        goto err;
-    *pout = out;
-    *poutlen = (size_t)outlen;
-    rv = 1;
-
- err:
-    OPENSSL_cleanse(kek, keklen);
-    if (!rv && out)
-        OPENSSL_free(out);
-    EVP_CIPHER_CTX_cleanup(&kari->ctx);
-    EVP_PKEY_CTX_free(kari->pctx);
-    kari->pctx = NULL;
-    return rv;
-}
-
-int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms,
-                                   CMS_RecipientInfo *ri,
-                                   CMS_RecipientEncryptedKey *rek)
-{
-    int rv = 0;
-    unsigned char *enckey = NULL, *cek = NULL;
-    size_t enckeylen;
-    size_t ceklen;
-    CMS_EncryptedContentInfo *ec;
-    enckeylen = rek->encryptedKey->length;
-    enckey = rek->encryptedKey->data;
-    /* Setup all parameters to derive KEK */
-    if (!cms_env_asn1_ctrl(ri, 1))
-        goto err;
-    /* Attempt to decrypt CEK */
-    if (!cms_kek_cipher(&cek, &ceklen, enckey, enckeylen, ri->d.kari, 0))
-        goto err;
-    ec = cms->d.envelopedData->encryptedContentInfo;
-    if (ec->key) {
-        OPENSSL_cleanse(ec->key, ec->keylen);
-        OPENSSL_free(ec->key);
-    }
-    ec->key = cek;
-    ec->keylen = ceklen;
-    cek = NULL;
-    rv = 1;
- err:
-    if (cek)
-        OPENSSL_free(cek);
-    return rv;
-}
-
-/* Create ephemeral key and initialise context based on it */
-static int cms_kari_create_ephemeral_key(CMS_KeyAgreeRecipientInfo *kari,
-                                         EVP_PKEY *pk)
-{
-    EVP_PKEY_CTX *pctx = NULL;
-    EVP_PKEY *ekey = NULL;
-    int rv = 0;
-    pctx = EVP_PKEY_CTX_new(pk, NULL);
-    if (!pctx)
-        goto err;
-    if (EVP_PKEY_keygen_init(pctx) <= 0)
-        goto err;
-    if (EVP_PKEY_keygen(pctx, &ekey) <= 0)
-        goto err;
-    EVP_PKEY_CTX_free(pctx);
-    pctx = EVP_PKEY_CTX_new(ekey, NULL);
-    if (!pctx)
-        goto err;
-    if (EVP_PKEY_derive_init(pctx) <= 0)
-        goto err;
-    kari->pctx = pctx;
-    rv = 1;
- err:
-    if (!rv && pctx)
-        EVP_PKEY_CTX_free(pctx);
-    if (ekey)
-        EVP_PKEY_free(ekey);
-    return rv;
-}
-
-/* Initialise a ktri based on passed certificate and key */
-
-int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
-                                EVP_PKEY *pk, unsigned int flags)
-{
-    CMS_KeyAgreeRecipientInfo *kari;
-    CMS_RecipientEncryptedKey *rek = NULL;
-
-    ri->d.kari = M_ASN1_new_of(CMS_KeyAgreeRecipientInfo);
-    if (!ri->d.kari)
-        return 0;
-    ri->type = CMS_RECIPINFO_AGREE;
-
-    kari = ri->d.kari;
-    kari->version = 3;
-
-    rek = M_ASN1_new_of(CMS_RecipientEncryptedKey);
-    if (!sk_CMS_RecipientEncryptedKey_push(kari->recipientEncryptedKeys, rek)) {
-        M_ASN1_free_of(rek, CMS_RecipientEncryptedKey);
-        return 0;
-    }
-
-    if (flags & CMS_USE_KEYID) {
-        rek->rid->type = CMS_REK_KEYIDENTIFIER;
-        rek->rid->d.rKeyId = M_ASN1_new_of(CMS_RecipientKeyIdentifier);
-        if (rek->rid->d.rKeyId == NULL)
-            return 0;
-        if (!cms_set1_keyid(&rek->rid->d.rKeyId->subjectKeyIdentifier, recip))
-            return 0;
-    } else {
-        rek->rid->type = CMS_REK_ISSUER_SERIAL;
-        if (!cms_set1_ias(&rek->rid->d.issuerAndSerialNumber, recip))
-            return 0;
-    }
-
-    /* Create ephemeral key */
-    if (!cms_kari_create_ephemeral_key(kari, pk))
-        return 0;
-
-    CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY);
-    rek->pkey = pk;
-    return 1;
-}
-
-static int cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari,
-                         const EVP_CIPHER *cipher)
-{
-    EVP_CIPHER_CTX *ctx = &kari->ctx;
-    const EVP_CIPHER *kekcipher;
-    int keylen = EVP_CIPHER_key_length(cipher);
-    /* If a suitable wrap algorithm is already set nothing to do */
-    kekcipher = EVP_CIPHER_CTX_cipher(ctx);
-
-    if (kekcipher) {
-        if (EVP_CIPHER_CTX_mode(ctx) != EVP_CIPH_WRAP_MODE)
-            return 0;
-        return 1;
-    }
-    /*
-     * Pick a cipher based on content encryption cipher. If it is DES3 use
-     * DES3 wrap otherwise use AES wrap similar to key size.
-     */
-#ifndef OPENSSL_NO_DES
-    if (EVP_CIPHER_type(cipher) == NID_des_ede3_cbc)
-        kekcipher = EVP_des_ede3_wrap();
-    else
-#endif
-    if (keylen <= 16)
-        kekcipher = EVP_aes_128_wrap();
-    else if (keylen <= 24)
-        kekcipher = EVP_aes_192_wrap();
-    else
-        kekcipher = EVP_aes_256_wrap();
-    return EVP_EncryptInit_ex(ctx, kekcipher, NULL, NULL, NULL);
-}
-
-/* Encrypt content key in key agreement recipient info */
-
-int cms_RecipientInfo_kari_encrypt(CMS_ContentInfo *cms,
-                                   CMS_RecipientInfo *ri)
-{
-    CMS_KeyAgreeRecipientInfo *kari;
-    CMS_EncryptedContentInfo *ec;
-    CMS_RecipientEncryptedKey *rek;
-    STACK_OF(CMS_RecipientEncryptedKey) *reks;
-    int i;
-
-    if (ri->type != CMS_RECIPINFO_AGREE) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT, CMS_R_NOT_KEY_AGREEMENT);
-        return 0;
-    }
-    kari = ri->d.kari;
-    reks = kari->recipientEncryptedKeys;
-    ec = cms->d.envelopedData->encryptedContentInfo;
-    /* Initialise wrap algorithm parameters */
-    if (!cms_wrap_init(kari, ec->cipher))
-        return 0;
-    /*
-     * If no orignator key set up initialise for ephemeral key the public key
-     * ASN1 structure will set the actual public key value.
-     */
-    if (kari->originator->type == -1) {
-        CMS_OriginatorIdentifierOrKey *oik = kari->originator;
-        oik->type = CMS_OIK_PUBKEY;
-        oik->d.originatorKey = M_ASN1_new_of(CMS_OriginatorPublicKey);
-        if (!oik->d.originatorKey)
-            return 0;
-    }
-    /* Initialise KDF algorithm */
-    if (!cms_env_asn1_ctrl(ri, 0))
-        return 0;
-    /* For each rek, derive KEK, encrypt CEK */
-    for (i = 0; i < sk_CMS_RecipientEncryptedKey_num(reks); i++) {
-        unsigned char *enckey;
-        size_t enckeylen;
-        rek = sk_CMS_RecipientEncryptedKey_value(reks, i);
-        if (EVP_PKEY_derive_set_peer(kari->pctx, rek->pkey) <= 0)
-            return 0;
-        if (!cms_kek_cipher(&enckey, &enckeylen, ec->key, ec->keylen,
-                            kari, 1))
-            return 0;
-        ASN1_STRING_set0(rek->encryptedKey, enckey, enckeylen);
-    }
-
-    return 1;
-
-}
diff --git a/thirdparty/openssl/crypto/cms/cms_lcl.h b/thirdparty/openssl/crypto/cms/cms_lcl.h
deleted file mode 100644
index 20f2c25f5a..0000000000
--- a/thirdparty/openssl/crypto/cms/cms_lcl.h
+++ /dev/null
@@ -1,471 +0,0 @@
-/* crypto/cms/cms_lcl.h */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#ifndef HEADER_CMS_LCL_H
-# define HEADER_CMS_LCL_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# include <openssl/x509.h>
-
-/*
- * Cryptographic message syntax (CMS) structures: taken from RFC3852
- */
-
-/* Forward references */
-
-typedef struct CMS_IssuerAndSerialNumber_st CMS_IssuerAndSerialNumber;
-typedef struct CMS_EncapsulatedContentInfo_st CMS_EncapsulatedContentInfo;
-typedef struct CMS_SignerIdentifier_st CMS_SignerIdentifier;
-typedef struct CMS_SignedData_st CMS_SignedData;
-typedef struct CMS_OtherRevocationInfoFormat_st CMS_OtherRevocationInfoFormat;
-typedef struct CMS_OriginatorInfo_st CMS_OriginatorInfo;
-typedef struct CMS_EncryptedContentInfo_st CMS_EncryptedContentInfo;
-typedef struct CMS_EnvelopedData_st CMS_EnvelopedData;
-typedef struct CMS_DigestedData_st CMS_DigestedData;
-typedef struct CMS_EncryptedData_st CMS_EncryptedData;
-typedef struct CMS_AuthenticatedData_st CMS_AuthenticatedData;
-typedef struct CMS_CompressedData_st CMS_CompressedData;
-typedef struct CMS_OtherCertificateFormat_st CMS_OtherCertificateFormat;
-typedef struct CMS_KeyTransRecipientInfo_st CMS_KeyTransRecipientInfo;
-typedef struct CMS_OriginatorPublicKey_st CMS_OriginatorPublicKey;
-typedef struct CMS_OriginatorIdentifierOrKey_st CMS_OriginatorIdentifierOrKey;
-typedef struct CMS_KeyAgreeRecipientInfo_st CMS_KeyAgreeRecipientInfo;
-typedef struct CMS_RecipientKeyIdentifier_st CMS_RecipientKeyIdentifier;
-typedef struct CMS_KeyAgreeRecipientIdentifier_st
-    CMS_KeyAgreeRecipientIdentifier;
-typedef struct CMS_KEKIdentifier_st CMS_KEKIdentifier;
-typedef struct CMS_KEKRecipientInfo_st CMS_KEKRecipientInfo;
-typedef struct CMS_PasswordRecipientInfo_st CMS_PasswordRecipientInfo;
-typedef struct CMS_OtherRecipientInfo_st CMS_OtherRecipientInfo;
-typedef struct CMS_ReceiptsFrom_st CMS_ReceiptsFrom;
-
-struct CMS_ContentInfo_st {
-    ASN1_OBJECT *contentType;
-    union {
-        ASN1_OCTET_STRING *data;
-        CMS_SignedData *signedData;
-        CMS_EnvelopedData *envelopedData;
-        CMS_DigestedData *digestedData;
-        CMS_EncryptedData *encryptedData;
-        CMS_AuthenticatedData *authenticatedData;
-        CMS_CompressedData *compressedData;
-        ASN1_TYPE *other;
-        /* Other types ... */
-        void *otherData;
-    } d;
-};
-
-struct CMS_SignedData_st {
-    long version;
-    STACK_OF(X509_ALGOR) *digestAlgorithms;
-    CMS_EncapsulatedContentInfo *encapContentInfo;
-    STACK_OF(CMS_CertificateChoices) *certificates;
-    STACK_OF(CMS_RevocationInfoChoice) *crls;
-    STACK_OF(CMS_SignerInfo) *signerInfos;
-};
-
-struct CMS_EncapsulatedContentInfo_st {
-    ASN1_OBJECT *eContentType;
-    ASN1_OCTET_STRING *eContent;
-    /* Set to 1 if incomplete structure only part set up */
-    int partial;
-};
-
-struct CMS_SignerInfo_st {
-    long version;
-    CMS_SignerIdentifier *sid;
-    X509_ALGOR *digestAlgorithm;
-    STACK_OF(X509_ATTRIBUTE) *signedAttrs;
-    X509_ALGOR *signatureAlgorithm;
-    ASN1_OCTET_STRING *signature;
-    STACK_OF(X509_ATTRIBUTE) *unsignedAttrs;
-    /* Signing certificate and key */
-    X509 *signer;
-    EVP_PKEY *pkey;
-    /* Digest and public key context for alternative parameters */
-    EVP_MD_CTX mctx;
-    EVP_PKEY_CTX *pctx;
-};
-
-struct CMS_SignerIdentifier_st {
-    int type;
-    union {
-        CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
-        ASN1_OCTET_STRING *subjectKeyIdentifier;
-    } d;
-};
-
-struct CMS_EnvelopedData_st {
-    long version;
-    CMS_OriginatorInfo *originatorInfo;
-    STACK_OF(CMS_RecipientInfo) *recipientInfos;
-    CMS_EncryptedContentInfo *encryptedContentInfo;
-    STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs;
-};
-
-struct CMS_OriginatorInfo_st {
-    STACK_OF(CMS_CertificateChoices) *certificates;
-    STACK_OF(CMS_RevocationInfoChoice) *crls;
-};
-
-struct CMS_EncryptedContentInfo_st {
-    ASN1_OBJECT *contentType;
-    X509_ALGOR *contentEncryptionAlgorithm;
-    ASN1_OCTET_STRING *encryptedContent;
-    /* Content encryption algorithm and key */
-    const EVP_CIPHER *cipher;
-    unsigned char *key;
-    size_t keylen;
-    /* Set to 1 if we are debugging decrypt and don't fake keys for MMA */
-    int debug;
-};
-
-struct CMS_RecipientInfo_st {
-    int type;
-    union {
-        CMS_KeyTransRecipientInfo *ktri;
-        CMS_KeyAgreeRecipientInfo *kari;
-        CMS_KEKRecipientInfo *kekri;
-        CMS_PasswordRecipientInfo *pwri;
-        CMS_OtherRecipientInfo *ori;
-    } d;
-};
-
-typedef CMS_SignerIdentifier CMS_RecipientIdentifier;
-
-struct CMS_KeyTransRecipientInfo_st {
-    long version;
-    CMS_RecipientIdentifier *rid;
-    X509_ALGOR *keyEncryptionAlgorithm;
-    ASN1_OCTET_STRING *encryptedKey;
-    /* Recipient Key and cert */
-    X509 *recip;
-    EVP_PKEY *pkey;
-    /* Public key context for this operation */
-    EVP_PKEY_CTX *pctx;
-};
-
-struct CMS_KeyAgreeRecipientInfo_st {
-    long version;
-    CMS_OriginatorIdentifierOrKey *originator;
-    ASN1_OCTET_STRING *ukm;
-    X509_ALGOR *keyEncryptionAlgorithm;
-    STACK_OF(CMS_RecipientEncryptedKey) *recipientEncryptedKeys;
-    /* Public key context associated with current operation */
-    EVP_PKEY_CTX *pctx;
-    /* Cipher context for CEK wrapping */
-    EVP_CIPHER_CTX ctx;
-};
-
-struct CMS_OriginatorIdentifierOrKey_st {
-    int type;
-    union {
-        CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
-        ASN1_OCTET_STRING *subjectKeyIdentifier;
-        CMS_OriginatorPublicKey *originatorKey;
-    } d;
-};
-
-struct CMS_OriginatorPublicKey_st {
-    X509_ALGOR *algorithm;
-    ASN1_BIT_STRING *publicKey;
-};
-
-struct CMS_RecipientEncryptedKey_st {
-    CMS_KeyAgreeRecipientIdentifier *rid;
-    ASN1_OCTET_STRING *encryptedKey;
-    /* Public key associated with this recipient */
-    EVP_PKEY *pkey;
-};
-
-struct CMS_KeyAgreeRecipientIdentifier_st {
-    int type;
-    union {
-        CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
-        CMS_RecipientKeyIdentifier *rKeyId;
-    } d;
-};
-
-struct CMS_RecipientKeyIdentifier_st {
-    ASN1_OCTET_STRING *subjectKeyIdentifier;
-    ASN1_GENERALIZEDTIME *date;
-    CMS_OtherKeyAttribute *other;
-};
-
-struct CMS_KEKRecipientInfo_st {
-    long version;
-    CMS_KEKIdentifier *kekid;
-    X509_ALGOR *keyEncryptionAlgorithm;
-    ASN1_OCTET_STRING *encryptedKey;
-    /* Extra info: symmetric key to use */
-    unsigned char *key;
-    size_t keylen;
-};
-
-struct CMS_KEKIdentifier_st {
-    ASN1_OCTET_STRING *keyIdentifier;
-    ASN1_GENERALIZEDTIME *date;
-    CMS_OtherKeyAttribute *other;
-};
-
-struct CMS_PasswordRecipientInfo_st {
-    long version;
-    X509_ALGOR *keyDerivationAlgorithm;
-    X509_ALGOR *keyEncryptionAlgorithm;
-    ASN1_OCTET_STRING *encryptedKey;
-    /* Extra info: password to use */
-    unsigned char *pass;
-    size_t passlen;
-};
-
-struct CMS_OtherRecipientInfo_st {
-    ASN1_OBJECT *oriType;
-    ASN1_TYPE *oriValue;
-};
-
-struct CMS_DigestedData_st {
-    long version;
-    X509_ALGOR *digestAlgorithm;
-    CMS_EncapsulatedContentInfo *encapContentInfo;
-    ASN1_OCTET_STRING *digest;
-};
-
-struct CMS_EncryptedData_st {
-    long version;
-    CMS_EncryptedContentInfo *encryptedContentInfo;
-    STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs;
-};
-
-struct CMS_AuthenticatedData_st {
-    long version;
-    CMS_OriginatorInfo *originatorInfo;
-    STACK_OF(CMS_RecipientInfo) *recipientInfos;
-    X509_ALGOR *macAlgorithm;
-    X509_ALGOR *digestAlgorithm;
-    CMS_EncapsulatedContentInfo *encapContentInfo;
-    STACK_OF(X509_ATTRIBUTE) *authAttrs;
-    ASN1_OCTET_STRING *mac;
-    STACK_OF(X509_ATTRIBUTE) *unauthAttrs;
-};
-
-struct CMS_CompressedData_st {
-    long version;
-    X509_ALGOR *compressionAlgorithm;
-    STACK_OF(CMS_RecipientInfo) *recipientInfos;
-    CMS_EncapsulatedContentInfo *encapContentInfo;
-};
-
-struct CMS_RevocationInfoChoice_st {
-    int type;
-    union {
-        X509_CRL *crl;
-        CMS_OtherRevocationInfoFormat *other;
-    } d;
-};
-
-# define CMS_REVCHOICE_CRL               0
-# define CMS_REVCHOICE_OTHER             1
-
-struct CMS_OtherRevocationInfoFormat_st {
-    ASN1_OBJECT *otherRevInfoFormat;
-    ASN1_TYPE *otherRevInfo;
-};
-
-struct CMS_CertificateChoices {
-    int type;
-    union {
-        X509 *certificate;
-        ASN1_STRING *extendedCertificate; /* Obsolete */
-        ASN1_STRING *v1AttrCert; /* Left encoded for now */
-        ASN1_STRING *v2AttrCert; /* Left encoded for now */
-        CMS_OtherCertificateFormat *other;
-    } d;
-};
-
-# define CMS_CERTCHOICE_CERT             0
-# define CMS_CERTCHOICE_EXCERT           1
-# define CMS_CERTCHOICE_V1ACERT          2
-# define CMS_CERTCHOICE_V2ACERT          3
-# define CMS_CERTCHOICE_OTHER            4
-
-struct CMS_OtherCertificateFormat_st {
-    ASN1_OBJECT *otherCertFormat;
-    ASN1_TYPE *otherCert;
-};
-
-/*
- * This is also defined in pkcs7.h but we duplicate it to allow the CMS code
- * to be independent of PKCS#7
- */
-
-struct CMS_IssuerAndSerialNumber_st {
-    X509_NAME *issuer;
-    ASN1_INTEGER *serialNumber;
-};
-
-struct CMS_OtherKeyAttribute_st {
-    ASN1_OBJECT *keyAttrId;
-    ASN1_TYPE *keyAttr;
-};
-
-/* ESS structures */
-
-# ifdef HEADER_X509V3_H
-
-struct CMS_ReceiptRequest_st {
-    ASN1_OCTET_STRING *signedContentIdentifier;
-    CMS_ReceiptsFrom *receiptsFrom;
-    STACK_OF(GENERAL_NAMES) *receiptsTo;
-};
-
-struct CMS_ReceiptsFrom_st {
-    int type;
-    union {
-        long allOrFirstTier;
-        STACK_OF(GENERAL_NAMES) *receiptList;
-    } d;
-};
-# endif
-
-struct CMS_Receipt_st {
-    long version;
-    ASN1_OBJECT *contentType;
-    ASN1_OCTET_STRING *signedContentIdentifier;
-    ASN1_OCTET_STRING *originatorSignatureValue;
-};
-
-DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
-DECLARE_ASN1_ITEM(CMS_SignerInfo)
-DECLARE_ASN1_ITEM(CMS_IssuerAndSerialNumber)
-DECLARE_ASN1_ITEM(CMS_Attributes_Sign)
-DECLARE_ASN1_ITEM(CMS_Attributes_Verify)
-DECLARE_ASN1_ITEM(CMS_RecipientInfo)
-DECLARE_ASN1_ITEM(CMS_PasswordRecipientInfo)
-DECLARE_ASN1_ALLOC_FUNCTIONS(CMS_IssuerAndSerialNumber)
-
-# define CMS_SIGNERINFO_ISSUER_SERIAL    0
-# define CMS_SIGNERINFO_KEYIDENTIFIER    1
-
-# define CMS_RECIPINFO_ISSUER_SERIAL     0
-# define CMS_RECIPINFO_KEYIDENTIFIER     1
-
-# define CMS_REK_ISSUER_SERIAL           0
-# define CMS_REK_KEYIDENTIFIER           1
-
-# define CMS_OIK_ISSUER_SERIAL           0
-# define CMS_OIK_KEYIDENTIFIER           1
-# define CMS_OIK_PUBKEY                  2
-
-BIO *cms_content_bio(CMS_ContentInfo *cms);
-
-CMS_ContentInfo *cms_Data_create(void);
-
-CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md);
-BIO *cms_DigestedData_init_bio(CMS_ContentInfo *cms);
-int cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify);
-
-BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms);
-int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain);
-int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert,
-                              int type);
-int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
-                                        ASN1_OCTET_STRING **keyid,
-                                        X509_NAME **issuer,
-                                        ASN1_INTEGER **sno);
-int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert);
-
-CMS_ContentInfo *cms_CompressedData_create(int comp_nid);
-BIO *cms_CompressedData_init_bio(CMS_ContentInfo *cms);
-
-void cms_DigestAlgorithm_set(X509_ALGOR *alg, const EVP_MD *md);
-BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm);
-int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
-                                 X509_ALGOR *mdalg);
-
-int cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert);
-int cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert);
-int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert);
-int cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert);
-
-BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec);
-BIO *cms_EncryptedData_init_bio(CMS_ContentInfo *cms);
-int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
-                              const EVP_CIPHER *cipher,
-                              const unsigned char *key, size_t keylen);
-
-int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms);
-int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src);
-ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si);
-
-BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms);
-CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms);
-int cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd);
-int cms_pkey_get_ri_type(EVP_PKEY *pk);
-/* KARI routines */
-int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
-                                EVP_PKEY *pk, unsigned int flags);
-int cms_RecipientInfo_kari_encrypt(CMS_ContentInfo *cms,
-                                   CMS_RecipientInfo *ri);
-
-/* PWRI routines */
-int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
-                                 int en_de);
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/crypto/cms/cms_lib.c b/thirdparty/openssl/crypto/cms/cms_lib.c
deleted file mode 100644
index 6d27c4969b..0000000000
--- a/thirdparty/openssl/crypto/cms/cms_lib.c
+++ /dev/null
@@ -1,656 +0,0 @@
-/* crypto/cms/cms_lib.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/asn1t.h>
-#include <openssl/x509v3.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/bio.h>
-#include <openssl/asn1.h>
-#include "cms.h"
-#include "cms_lcl.h"
-
-IMPLEMENT_ASN1_FUNCTIONS(CMS_ContentInfo)
-IMPLEMENT_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
-
-DECLARE_ASN1_ITEM(CMS_CertificateChoices)
-DECLARE_ASN1_ITEM(CMS_RevocationInfoChoice)
-DECLARE_STACK_OF(CMS_CertificateChoices)
-DECLARE_STACK_OF(CMS_RevocationInfoChoice)
-
-const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms)
-{
-    return cms->contentType;
-}
-
-CMS_ContentInfo *cms_Data_create(void)
-{
-    CMS_ContentInfo *cms;
-    cms = CMS_ContentInfo_new();
-    if (cms) {
-        cms->contentType = OBJ_nid2obj(NID_pkcs7_data);
-        /* Never detached */
-        CMS_set_detached(cms, 0);
-    }
-    return cms;
-}
-
-BIO *cms_content_bio(CMS_ContentInfo *cms)
-{
-    ASN1_OCTET_STRING **pos = CMS_get0_content(cms);
-    if (!pos)
-        return NULL;
-    /* If content detached data goes nowhere: create NULL BIO */
-    if (!*pos)
-        return BIO_new(BIO_s_null());
-    /*
-     * If content not detached and created return memory BIO
-     */
-    if (!*pos || ((*pos)->flags == ASN1_STRING_FLAG_CONT))
-        return BIO_new(BIO_s_mem());
-    /* Else content was read in: return read only BIO for it */
-    return BIO_new_mem_buf((*pos)->data, (*pos)->length);
-}
-
-BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont)
-{
-    BIO *cmsbio, *cont;
-    if (icont)
-        cont = icont;
-    else
-        cont = cms_content_bio(cms);
-    if (!cont) {
-        CMSerr(CMS_F_CMS_DATAINIT, CMS_R_NO_CONTENT);
-        return NULL;
-    }
-    switch (OBJ_obj2nid(cms->contentType)) {
-
-    case NID_pkcs7_data:
-        return cont;
-
-    case NID_pkcs7_signed:
-        cmsbio = cms_SignedData_init_bio(cms);
-        break;
-
-    case NID_pkcs7_digest:
-        cmsbio = cms_DigestedData_init_bio(cms);
-        break;
-#ifdef ZLIB
-    case NID_id_smime_ct_compressedData:
-        cmsbio = cms_CompressedData_init_bio(cms);
-        break;
-#endif
-
-    case NID_pkcs7_encrypted:
-        cmsbio = cms_EncryptedData_init_bio(cms);
-        break;
-
-    case NID_pkcs7_enveloped:
-        cmsbio = cms_EnvelopedData_init_bio(cms);
-        break;
-
-    default:
-        CMSerr(CMS_F_CMS_DATAINIT, CMS_R_UNSUPPORTED_TYPE);
-        return NULL;
-    }
-
-    if (cmsbio)
-        return BIO_push(cmsbio, cont);
-
-    if (!icont)
-        BIO_free(cont);
-    return NULL;
-
-}
-
-int CMS_dataFinal(CMS_ContentInfo *cms, BIO *cmsbio)
-{
-    ASN1_OCTET_STRING **pos = CMS_get0_content(cms);
-    if (!pos)
-        return 0;
-    /* If ebmedded content find memory BIO and set content */
-    if (*pos && ((*pos)->flags & ASN1_STRING_FLAG_CONT)) {
-        BIO *mbio;
-        unsigned char *cont;
-        long contlen;
-        mbio = BIO_find_type(cmsbio, BIO_TYPE_MEM);
-        if (!mbio) {
-            CMSerr(CMS_F_CMS_DATAFINAL, CMS_R_CONTENT_NOT_FOUND);
-            return 0;
-        }
-        contlen = BIO_get_mem_data(mbio, &cont);
-        /* Set bio as read only so its content can't be clobbered */
-        BIO_set_flags(mbio, BIO_FLAGS_MEM_RDONLY);
-        BIO_set_mem_eof_return(mbio, 0);
-        ASN1_STRING_set0(*pos, cont, contlen);
-        (*pos)->flags &= ~ASN1_STRING_FLAG_CONT;
-    }
-
-    switch (OBJ_obj2nid(cms->contentType)) {
-
-    case NID_pkcs7_data:
-    case NID_pkcs7_enveloped:
-    case NID_pkcs7_encrypted:
-    case NID_id_smime_ct_compressedData:
-        /* Nothing to do */
-        return 1;
-
-    case NID_pkcs7_signed:
-        return cms_SignedData_final(cms, cmsbio);
-
-    case NID_pkcs7_digest:
-        return cms_DigestedData_do_final(cms, cmsbio, 0);
-
-    default:
-        CMSerr(CMS_F_CMS_DATAFINAL, CMS_R_UNSUPPORTED_TYPE);
-        return 0;
-    }
-}
-
-/*
- * Return an OCTET STRING pointer to content. This allows it to be accessed
- * or set later.
- */
-
-ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms)
-{
-    switch (OBJ_obj2nid(cms->contentType)) {
-
-    case NID_pkcs7_data:
-        return &cms->d.data;
-
-    case NID_pkcs7_signed:
-        return &cms->d.signedData->encapContentInfo->eContent;
-
-    case NID_pkcs7_enveloped:
-        return &cms->d.envelopedData->encryptedContentInfo->encryptedContent;
-
-    case NID_pkcs7_digest:
-        return &cms->d.digestedData->encapContentInfo->eContent;
-
-    case NID_pkcs7_encrypted:
-        return &cms->d.encryptedData->encryptedContentInfo->encryptedContent;
-
-    case NID_id_smime_ct_authData:
-        return &cms->d.authenticatedData->encapContentInfo->eContent;
-
-    case NID_id_smime_ct_compressedData:
-        return &cms->d.compressedData->encapContentInfo->eContent;
-
-    default:
-        if (cms->d.other->type == V_ASN1_OCTET_STRING)
-            return &cms->d.other->value.octet_string;
-        CMSerr(CMS_F_CMS_GET0_CONTENT, CMS_R_UNSUPPORTED_CONTENT_TYPE);
-        return NULL;
-
-    }
-}
-
-/*
- * Return an ASN1_OBJECT pointer to content type. This allows it to be
- * accessed or set later.
- */
-
-static ASN1_OBJECT **cms_get0_econtent_type(CMS_ContentInfo *cms)
-{
-    switch (OBJ_obj2nid(cms->contentType)) {
-
-    case NID_pkcs7_signed:
-        return &cms->d.signedData->encapContentInfo->eContentType;
-
-    case NID_pkcs7_enveloped:
-        return &cms->d.envelopedData->encryptedContentInfo->contentType;
-
-    case NID_pkcs7_digest:
-        return &cms->d.digestedData->encapContentInfo->eContentType;
-
-    case NID_pkcs7_encrypted:
-        return &cms->d.encryptedData->encryptedContentInfo->contentType;
-
-    case NID_id_smime_ct_authData:
-        return &cms->d.authenticatedData->encapContentInfo->eContentType;
-
-    case NID_id_smime_ct_compressedData:
-        return &cms->d.compressedData->encapContentInfo->eContentType;
-
-    default:
-        CMSerr(CMS_F_CMS_GET0_ECONTENT_TYPE, CMS_R_UNSUPPORTED_CONTENT_TYPE);
-        return NULL;
-
-    }
-}
-
-const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms)
-{
-    ASN1_OBJECT **petype;
-    petype = cms_get0_econtent_type(cms);
-    if (petype)
-        return *petype;
-    return NULL;
-}
-
-int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid)
-{
-    ASN1_OBJECT **petype, *etype;
-    petype = cms_get0_econtent_type(cms);
-    if (!petype)
-        return 0;
-    if (!oid)
-        return 1;
-    etype = OBJ_dup(oid);
-    if (!etype)
-        return 0;
-    ASN1_OBJECT_free(*petype);
-    *petype = etype;
-    return 1;
-}
-
-int CMS_is_detached(CMS_ContentInfo *cms)
-{
-    ASN1_OCTET_STRING **pos;
-    pos = CMS_get0_content(cms);
-    if (!pos)
-        return -1;
-    if (*pos)
-        return 0;
-    return 1;
-}
-
-int CMS_set_detached(CMS_ContentInfo *cms, int detached)
-{
-    ASN1_OCTET_STRING **pos;
-    pos = CMS_get0_content(cms);
-    if (!pos)
-        return 0;
-    if (detached) {
-        if (*pos) {
-            ASN1_OCTET_STRING_free(*pos);
-            *pos = NULL;
-        }
-        return 1;
-    }
-    if (!*pos)
-        *pos = ASN1_OCTET_STRING_new();
-    if (*pos) {
-        /*
-         * NB: special flag to show content is created and not read in.
-         */
-        (*pos)->flags |= ASN1_STRING_FLAG_CONT;
-        return 1;
-    }
-    CMSerr(CMS_F_CMS_SET_DETACHED, ERR_R_MALLOC_FAILURE);
-    return 0;
-}
-
-/* Set up an X509_ALGOR DigestAlgorithmIdentifier from an EVP_MD */
-
-void cms_DigestAlgorithm_set(X509_ALGOR *alg, const EVP_MD *md)
-{
-    int param_type;
-
-    if (md->flags & EVP_MD_FLAG_DIGALGID_ABSENT)
-        param_type = V_ASN1_UNDEF;
-    else
-        param_type = V_ASN1_NULL;
-
-    X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL);
-
-}
-
-/* Create a digest BIO from an X509_ALGOR structure */
-
-BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm)
-{
-    BIO *mdbio = NULL;
-    ASN1_OBJECT *digestoid;
-    const EVP_MD *digest;
-    X509_ALGOR_get0(&digestoid, NULL, NULL, digestAlgorithm);
-    digest = EVP_get_digestbyobj(digestoid);
-    if (!digest) {
-        CMSerr(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO,
-               CMS_R_UNKNOWN_DIGEST_ALGORIHM);
-        goto err;
-    }
-    mdbio = BIO_new(BIO_f_md());
-    if (!mdbio || !BIO_set_md(mdbio, digest)) {
-        CMSerr(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO, CMS_R_MD_BIO_INIT_ERROR);
-        goto err;
-    }
-    return mdbio;
- err:
-    if (mdbio)
-        BIO_free(mdbio);
-    return NULL;
-}
-
-/* Locate a message digest content from a BIO chain based on SignerInfo */
-
-int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
-                                 X509_ALGOR *mdalg)
-{
-    int nid;
-    ASN1_OBJECT *mdoid;
-    X509_ALGOR_get0(&mdoid, NULL, NULL, mdalg);
-    nid = OBJ_obj2nid(mdoid);
-    /* Look for digest type to match signature */
-    for (;;) {
-        EVP_MD_CTX *mtmp;
-        chain = BIO_find_type(chain, BIO_TYPE_MD);
-        if (chain == NULL) {
-            CMSerr(CMS_F_CMS_DIGESTALGORITHM_FIND_CTX,
-                   CMS_R_NO_MATCHING_DIGEST);
-            return 0;
-        }
-        BIO_get_md_ctx(chain, &mtmp);
-        if (EVP_MD_CTX_type(mtmp) == nid
-            /*
-             * Workaround for broken implementations that use signature
-             * algorithm OID instead of digest.
-             */
-            || EVP_MD_pkey_type(EVP_MD_CTX_md(mtmp)) == nid)
-            return EVP_MD_CTX_copy_ex(mctx, mtmp);
-        chain = BIO_next(chain);
-    }
-}
-
-static STACK_OF(CMS_CertificateChoices)
-**cms_get0_certificate_choices(CMS_ContentInfo *cms)
-{
-    switch (OBJ_obj2nid(cms->contentType)) {
-
-    case NID_pkcs7_signed:
-        return &cms->d.signedData->certificates;
-
-    case NID_pkcs7_enveloped:
-        if (cms->d.envelopedData->originatorInfo == NULL)
-            return NULL;
-        return &cms->d.envelopedData->originatorInfo->certificates;
-
-    default:
-        CMSerr(CMS_F_CMS_GET0_CERTIFICATE_CHOICES,
-               CMS_R_UNSUPPORTED_CONTENT_TYPE);
-        return NULL;
-
-    }
-}
-
-CMS_CertificateChoices *CMS_add0_CertificateChoices(CMS_ContentInfo *cms)
-{
-    STACK_OF(CMS_CertificateChoices) **pcerts;
-    CMS_CertificateChoices *cch;
-    pcerts = cms_get0_certificate_choices(cms);
-    if (!pcerts)
-        return NULL;
-    if (!*pcerts)
-        *pcerts = sk_CMS_CertificateChoices_new_null();
-    if (!*pcerts)
-        return NULL;
-    cch = M_ASN1_new_of(CMS_CertificateChoices);
-    if (!cch)
-        return NULL;
-    if (!sk_CMS_CertificateChoices_push(*pcerts, cch)) {
-        M_ASN1_free_of(cch, CMS_CertificateChoices);
-        return NULL;
-    }
-    return cch;
-}
-
-int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert)
-{
-    CMS_CertificateChoices *cch;
-    STACK_OF(CMS_CertificateChoices) **pcerts;
-    int i;
-    pcerts = cms_get0_certificate_choices(cms);
-    if (!pcerts)
-        return 0;
-    for (i = 0; i < sk_CMS_CertificateChoices_num(*pcerts); i++) {
-        cch = sk_CMS_CertificateChoices_value(*pcerts, i);
-        if (cch->type == CMS_CERTCHOICE_CERT) {
-            if (!X509_cmp(cch->d.certificate, cert)) {
-                CMSerr(CMS_F_CMS_ADD0_CERT,
-                       CMS_R_CERTIFICATE_ALREADY_PRESENT);
-                return 0;
-            }
-        }
-    }
-    cch = CMS_add0_CertificateChoices(cms);
-    if (!cch)
-        return 0;
-    cch->type = CMS_CERTCHOICE_CERT;
-    cch->d.certificate = cert;
-    return 1;
-}
-
-int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert)
-{
-    int r;
-    r = CMS_add0_cert(cms, cert);
-    if (r > 0)
-        CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
-    return r;
-}
-
-static STACK_OF(CMS_RevocationInfoChoice)
-**cms_get0_revocation_choices(CMS_ContentInfo *cms)
-{
-    switch (OBJ_obj2nid(cms->contentType)) {
-
-    case NID_pkcs7_signed:
-        return &cms->d.signedData->crls;
-
-    case NID_pkcs7_enveloped:
-        if (cms->d.envelopedData->originatorInfo == NULL)
-            return NULL;
-        return &cms->d.envelopedData->originatorInfo->crls;
-
-    default:
-        CMSerr(CMS_F_CMS_GET0_REVOCATION_CHOICES,
-               CMS_R_UNSUPPORTED_CONTENT_TYPE);
-        return NULL;
-
-    }
-}
-
-CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms)
-{
-    STACK_OF(CMS_RevocationInfoChoice) **pcrls;
-    CMS_RevocationInfoChoice *rch;
-    pcrls = cms_get0_revocation_choices(cms);
-    if (!pcrls)
-        return NULL;
-    if (!*pcrls)
-        *pcrls = sk_CMS_RevocationInfoChoice_new_null();
-    if (!*pcrls)
-        return NULL;
-    rch = M_ASN1_new_of(CMS_RevocationInfoChoice);
-    if (!rch)
-        return NULL;
-    if (!sk_CMS_RevocationInfoChoice_push(*pcrls, rch)) {
-        M_ASN1_free_of(rch, CMS_RevocationInfoChoice);
-        return NULL;
-    }
-    return rch;
-}
-
-int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl)
-{
-    CMS_RevocationInfoChoice *rch;
-    rch = CMS_add0_RevocationInfoChoice(cms);
-    if (!rch)
-        return 0;
-    rch->type = CMS_REVCHOICE_CRL;
-    rch->d.crl = crl;
-    return 1;
-}
-
-int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl)
-{
-    int r;
-    r = CMS_add0_crl(cms, crl);
-    if (r > 0)
-        CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509_CRL);
-    return r;
-}
-
-STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms)
-{
-    STACK_OF(X509) *certs = NULL;
-    CMS_CertificateChoices *cch;
-    STACK_OF(CMS_CertificateChoices) **pcerts;
-    int i;
-    pcerts = cms_get0_certificate_choices(cms);
-    if (!pcerts)
-        return NULL;
-    for (i = 0; i < sk_CMS_CertificateChoices_num(*pcerts); i++) {
-        cch = sk_CMS_CertificateChoices_value(*pcerts, i);
-        if (cch->type == 0) {
-            if (!certs) {
-                certs = sk_X509_new_null();
-                if (!certs)
-                    return NULL;
-            }
-            if (!sk_X509_push(certs, cch->d.certificate)) {
-                sk_X509_pop_free(certs, X509_free);
-                return NULL;
-            }
-            CRYPTO_add(&cch->d.certificate->references, 1, CRYPTO_LOCK_X509);
-        }
-    }
-    return certs;
-
-}
-
-STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms)
-{
-    STACK_OF(X509_CRL) *crls = NULL;
-    STACK_OF(CMS_RevocationInfoChoice) **pcrls;
-    CMS_RevocationInfoChoice *rch;
-    int i;
-    pcrls = cms_get0_revocation_choices(cms);
-    if (!pcrls)
-        return NULL;
-    for (i = 0; i < sk_CMS_RevocationInfoChoice_num(*pcrls); i++) {
-        rch = sk_CMS_RevocationInfoChoice_value(*pcrls, i);
-        if (rch->type == 0) {
-            if (!crls) {
-                crls = sk_X509_CRL_new_null();
-                if (!crls)
-                    return NULL;
-            }
-            if (!sk_X509_CRL_push(crls, rch->d.crl)) {
-                sk_X509_CRL_pop_free(crls, X509_CRL_free);
-                return NULL;
-            }
-            CRYPTO_add(&rch->d.crl->references, 1, CRYPTO_LOCK_X509_CRL);
-        }
-    }
-    return crls;
-}
-
-int cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert)
-{
-    int ret;
-    ret = X509_NAME_cmp(ias->issuer, X509_get_issuer_name(cert));
-    if (ret)
-        return ret;
-    return ASN1_INTEGER_cmp(ias->serialNumber, X509_get_serialNumber(cert));
-}
-
-int cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert)
-{
-    X509_check_purpose(cert, -1, -1);
-    if (!cert->skid)
-        return -1;
-    return ASN1_OCTET_STRING_cmp(keyid, cert->skid);
-}
-
-int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert)
-{
-    CMS_IssuerAndSerialNumber *ias;
-    ias = M_ASN1_new_of(CMS_IssuerAndSerialNumber);
-    if (!ias)
-        goto err;
-    if (!X509_NAME_set(&ias->issuer, X509_get_issuer_name(cert)))
-        goto err;
-    if (!ASN1_STRING_copy(ias->serialNumber, X509_get_serialNumber(cert)))
-        goto err;
-    if (*pias)
-        M_ASN1_free_of(*pias, CMS_IssuerAndSerialNumber);
-    *pias = ias;
-    return 1;
- err:
-    if (ias)
-        M_ASN1_free_of(ias, CMS_IssuerAndSerialNumber);
-    CMSerr(CMS_F_CMS_SET1_IAS, ERR_R_MALLOC_FAILURE);
-    return 0;
-}
-
-int cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert)
-{
-    ASN1_OCTET_STRING *keyid = NULL;
-    X509_check_purpose(cert, -1, -1);
-    if (!cert->skid) {
-        CMSerr(CMS_F_CMS_SET1_KEYID, CMS_R_CERTIFICATE_HAS_NO_KEYID);
-        return 0;
-    }
-    keyid = ASN1_STRING_dup(cert->skid);
-    if (!keyid) {
-        CMSerr(CMS_F_CMS_SET1_KEYID, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    if (*pkeyid)
-        ASN1_OCTET_STRING_free(*pkeyid);
-    *pkeyid = keyid;
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/cms/cms_pwri.c b/thirdparty/openssl/crypto/cms/cms_pwri.c
deleted file mode 100644
index 5c817caf2f..0000000000
--- a/thirdparty/openssl/crypto/cms/cms_pwri.c
+++ /dev/null
@@ -1,435 +0,0 @@
-/* crypto/cms/cms_pwri.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2009 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-#include <openssl/err.h>
-#include <openssl/cms.h>
-#include <openssl/rand.h>
-#include <openssl/aes.h>
-#include "cms_lcl.h"
-#include "asn1_locl.h"
-
-int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
-                                    unsigned char *pass, ossl_ssize_t passlen)
-{
-    CMS_PasswordRecipientInfo *pwri;
-    if (ri->type != CMS_RECIPINFO_PASS) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD, CMS_R_NOT_PWRI);
-        return 0;
-    }
-
-    pwri = ri->d.pwri;
-    pwri->pass = pass;
-    if (pass && passlen < 0)
-        passlen = strlen((char *)pass);
-    pwri->passlen = passlen;
-    return 1;
-}
-
-CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
-                                               int iter, int wrap_nid,
-                                               int pbe_nid,
-                                               unsigned char *pass,
-                                               ossl_ssize_t passlen,
-                                               const EVP_CIPHER *kekciph)
-{
-    CMS_RecipientInfo *ri = NULL;
-    CMS_EnvelopedData *env;
-    CMS_PasswordRecipientInfo *pwri;
-    EVP_CIPHER_CTX ctx;
-    X509_ALGOR *encalg = NULL;
-    unsigned char iv[EVP_MAX_IV_LENGTH];
-    int ivlen;
-
-    env = cms_get0_enveloped(cms);
-    if (!env)
-        return NULL;
-
-    if (wrap_nid <= 0)
-        wrap_nid = NID_id_alg_PWRI_KEK;
-
-    if (pbe_nid <= 0)
-        pbe_nid = NID_id_pbkdf2;
-
-    /* Get from enveloped data */
-    if (kekciph == NULL)
-        kekciph = env->encryptedContentInfo->cipher;
-
-    if (kekciph == NULL) {
-        CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, CMS_R_NO_CIPHER);
-        return NULL;
-    }
-    if (wrap_nid != NID_id_alg_PWRI_KEK) {
-        CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD,
-               CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM);
-        return NULL;
-    }
-
-    /* Setup algorithm identifier for cipher */
-    encalg = X509_ALGOR_new();
-    if (encalg == NULL) {
-        goto merr;
-    }
-    EVP_CIPHER_CTX_init(&ctx);
-
-    if (EVP_EncryptInit_ex(&ctx, kekciph, NULL, NULL, NULL) <= 0) {
-        CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_EVP_LIB);
-        goto err;
-    }
-
-    ivlen = EVP_CIPHER_CTX_iv_length(&ctx);
-
-    if (ivlen > 0) {
-        if (RAND_bytes(iv, ivlen) <= 0)
-            goto err;
-        if (EVP_EncryptInit_ex(&ctx, NULL, NULL, NULL, iv) <= 0) {
-            CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_EVP_LIB);
-            goto err;
-        }
-        encalg->parameter = ASN1_TYPE_new();
-        if (!encalg->parameter) {
-            CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        if (EVP_CIPHER_param_to_asn1(&ctx, encalg->parameter) <= 0) {
-            CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD,
-                   CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
-            goto err;
-        }
-    }
-
-    encalg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(&ctx));
-
-    EVP_CIPHER_CTX_cleanup(&ctx);
-
-    /* Initialize recipient info */
-    ri = M_ASN1_new_of(CMS_RecipientInfo);
-    if (!ri)
-        goto merr;
-
-    ri->d.pwri = M_ASN1_new_of(CMS_PasswordRecipientInfo);
-    if (!ri->d.pwri)
-        goto merr;
-    ri->type = CMS_RECIPINFO_PASS;
-
-    pwri = ri->d.pwri;
-    /* Since this is overwritten, free up empty structure already there */
-    X509_ALGOR_free(pwri->keyEncryptionAlgorithm);
-    pwri->keyEncryptionAlgorithm = X509_ALGOR_new();
-    if (!pwri->keyEncryptionAlgorithm)
-        goto merr;
-    pwri->keyEncryptionAlgorithm->algorithm = OBJ_nid2obj(wrap_nid);
-    pwri->keyEncryptionAlgorithm->parameter = ASN1_TYPE_new();
-    if (!pwri->keyEncryptionAlgorithm->parameter)
-        goto merr;
-
-    if (!ASN1_item_pack(encalg, ASN1_ITEM_rptr(X509_ALGOR),
-                        &pwri->keyEncryptionAlgorithm->parameter->
-                        value.sequence))
-         goto merr;
-    pwri->keyEncryptionAlgorithm->parameter->type = V_ASN1_SEQUENCE;
-
-    X509_ALGOR_free(encalg);
-    encalg = NULL;
-
-    /* Setup PBE algorithm */
-
-    pwri->keyDerivationAlgorithm = PKCS5_pbkdf2_set(iter, NULL, 0, -1, -1);
-
-    if (!pwri->keyDerivationAlgorithm)
-        goto err;
-
-    CMS_RecipientInfo_set0_password(ri, pass, passlen);
-    pwri->version = 0;
-
-    if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri))
-        goto merr;
-
-    return ri;
-
- merr:
-    CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_MALLOC_FAILURE);
- err:
-    EVP_CIPHER_CTX_cleanup(&ctx);
-    if (ri)
-        M_ASN1_free_of(ri, CMS_RecipientInfo);
-    if (encalg)
-        X509_ALGOR_free(encalg);
-    return NULL;
-
-}
-
-/*
- * This is an implementation of the key wrapping mechanism in RFC3211, at
- * some point this should go into EVP.
- */
-
-static int kek_unwrap_key(unsigned char *out, size_t *outlen,
-                          const unsigned char *in, size_t inlen,
-                          EVP_CIPHER_CTX *ctx)
-{
-    size_t blocklen = EVP_CIPHER_CTX_block_size(ctx);
-    unsigned char *tmp;
-    int outl, rv = 0;
-    if (inlen < 2 * blocklen) {
-        /* too small */
-        return 0;
-    }
-    if (inlen % blocklen) {
-        /* Invalid size */
-        return 0;
-    }
-    tmp = OPENSSL_malloc(inlen);
-    if (!tmp)
-        return 0;
-    /* setup IV by decrypting last two blocks */
-    EVP_DecryptUpdate(ctx, tmp + inlen - 2 * blocklen, &outl,
-                      in + inlen - 2 * blocklen, blocklen * 2);
-    /*
-     * Do a decrypt of last decrypted block to set IV to correct value output
-     * it to start of buffer so we don't corrupt decrypted block this works
-     * because buffer is at least two block lengths long.
-     */
-    EVP_DecryptUpdate(ctx, tmp, &outl, tmp + inlen - blocklen, blocklen);
-    /* Can now decrypt first n - 1 blocks */
-    EVP_DecryptUpdate(ctx, tmp, &outl, in, inlen - blocklen);
-
-    /* Reset IV to original value */
-    EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL);
-    /* Decrypt again */
-    EVP_DecryptUpdate(ctx, tmp, &outl, tmp, inlen);
-    /* Check check bytes */
-    if (((tmp[1] ^ tmp[4]) & (tmp[2] ^ tmp[5]) & (tmp[3] ^ tmp[6])) != 0xff) {
-        /* Check byte failure */
-        goto err;
-    }
-    if (inlen < (size_t)(tmp[0] - 4)) {
-        /* Invalid length value */
-        goto err;
-    }
-    *outlen = (size_t)tmp[0];
-    memcpy(out, tmp + 4, *outlen);
-    rv = 1;
- err:
-    OPENSSL_cleanse(tmp, inlen);
-    OPENSSL_free(tmp);
-    return rv;
-
-}
-
-static int kek_wrap_key(unsigned char *out, size_t *outlen,
-                        const unsigned char *in, size_t inlen,
-                        EVP_CIPHER_CTX *ctx)
-{
-    size_t blocklen = EVP_CIPHER_CTX_block_size(ctx);
-    size_t olen;
-    int dummy;
-    /*
-     * First decide length of output buffer: need header and round up to
-     * multiple of block length.
-     */
-    olen = (inlen + 4 + blocklen - 1) / blocklen;
-    olen *= blocklen;
-    if (olen < 2 * blocklen) {
-        /* Key too small */
-        return 0;
-    }
-    if (inlen > 0xFF) {
-        /* Key too large */
-        return 0;
-    }
-    if (out) {
-        /* Set header */
-        out[0] = (unsigned char)inlen;
-        out[1] = in[0] ^ 0xFF;
-        out[2] = in[1] ^ 0xFF;
-        out[3] = in[2] ^ 0xFF;
-        memcpy(out + 4, in, inlen);
-        /* Add random padding to end */
-        if (olen > inlen + 4
-            && RAND_bytes(out + 4 + inlen, olen - 4 - inlen) <= 0)
-            return 0;
-        /* Encrypt twice */
-        EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
-        EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
-    }
-
-    *outlen = olen;
-
-    return 1;
-}
-
-/* Encrypt/Decrypt content key in PWRI recipient info */
-
-int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
-                                 int en_de)
-{
-    CMS_EncryptedContentInfo *ec;
-    CMS_PasswordRecipientInfo *pwri;
-    const unsigned char *p = NULL;
-    int plen;
-    int r = 0;
-    X509_ALGOR *algtmp, *kekalg = NULL;
-    EVP_CIPHER_CTX kekctx;
-    const EVP_CIPHER *kekcipher;
-    unsigned char *key = NULL;
-    size_t keylen;
-
-    ec = cms->d.envelopedData->encryptedContentInfo;
-
-    pwri = ri->d.pwri;
-    EVP_CIPHER_CTX_init(&kekctx);
-
-    if (!pwri->pass) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_NO_PASSWORD);
-        return 0;
-    }
-    algtmp = pwri->keyEncryptionAlgorithm;
-
-    if (!algtmp || OBJ_obj2nid(algtmp->algorithm) != NID_id_alg_PWRI_KEK) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
-               CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM);
-        return 0;
-    }
-
-    if (algtmp->parameter->type == V_ASN1_SEQUENCE) {
-        p = algtmp->parameter->value.sequence->data;
-        plen = algtmp->parameter->value.sequence->length;
-        kekalg = d2i_X509_ALGOR(NULL, &p, plen);
-    }
-    if (kekalg == NULL) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
-               CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER);
-        return 0;
-    }
-
-    kekcipher = EVP_get_cipherbyobj(kekalg->algorithm);
-
-    if (!kekcipher) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_UNKNOWN_CIPHER);
-        goto err;
-    }
-
-    /* Fixup cipher based on AlgorithmIdentifier to set IV etc */
-    if (!EVP_CipherInit_ex(&kekctx, kekcipher, NULL, NULL, NULL, en_de))
-        goto err;
-    EVP_CIPHER_CTX_set_padding(&kekctx, 0);
-    if (EVP_CIPHER_asn1_to_param(&kekctx, kekalg->parameter) < 0) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
-               CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
-        goto err;
-    }
-
-    algtmp = pwri->keyDerivationAlgorithm;
-
-    /* Finish password based key derivation to setup key in "ctx" */
-
-    if (EVP_PBE_CipherInit(algtmp->algorithm,
-                           (char *)pwri->pass, pwri->passlen,
-                           algtmp->parameter, &kekctx, en_de) < 0) {
-        CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, ERR_R_EVP_LIB);
-        goto err;
-    }
-
-    /* Finally wrap/unwrap the key */
-
-    if (en_de) {
-
-        if (!kek_wrap_key(NULL, &keylen, ec->key, ec->keylen, &kekctx))
-            goto err;
-
-        key = OPENSSL_malloc(keylen);
-
-        if (!key)
-            goto err;
-
-        if (!kek_wrap_key(key, &keylen, ec->key, ec->keylen, &kekctx))
-            goto err;
-        pwri->encryptedKey->data = key;
-        pwri->encryptedKey->length = keylen;
-    } else {
-        key = OPENSSL_malloc(pwri->encryptedKey->length);
-
-        if (!key) {
-            CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        if (!kek_unwrap_key(key, &keylen,
-                            pwri->encryptedKey->data,
-                            pwri->encryptedKey->length, &kekctx)) {
-            CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_UNWRAP_FAILURE);
-            goto err;
-        }
-
-        ec->key = key;
-        ec->keylen = keylen;
-
-    }
-
-    r = 1;
-
- err:
-
-    EVP_CIPHER_CTX_cleanup(&kekctx);
-
-    if (!r && key)
-        OPENSSL_free(key);
-    X509_ALGOR_free(kekalg);
-
-    return r;
-
-}
diff --git a/thirdparty/openssl/crypto/cms/cms_sd.c b/thirdparty/openssl/crypto/cms/cms_sd.c
deleted file mode 100644
index a41aca8e12..0000000000
--- a/thirdparty/openssl/crypto/cms/cms_sd.c
+++ /dev/null
@@ -1,957 +0,0 @@
-/* crypto/cms/cms_sd.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/pem.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/err.h>
-#include <openssl/cms.h>
-#include "cms_lcl.h"
-#include "asn1_locl.h"
-
-/* CMS SignedData Utilities */
-
-DECLARE_ASN1_ITEM(CMS_SignedData)
-
-static CMS_SignedData *cms_get0_signed(CMS_ContentInfo *cms)
-{
-    if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_signed) {
-        CMSerr(CMS_F_CMS_GET0_SIGNED, CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA);
-        return NULL;
-    }
-    return cms->d.signedData;
-}
-
-static CMS_SignedData *cms_signed_data_init(CMS_ContentInfo *cms)
-{
-    if (cms->d.other == NULL) {
-        cms->d.signedData = M_ASN1_new_of(CMS_SignedData);
-        if (!cms->d.signedData) {
-            CMSerr(CMS_F_CMS_SIGNED_DATA_INIT, ERR_R_MALLOC_FAILURE);
-            return NULL;
-        }
-        cms->d.signedData->version = 1;
-        cms->d.signedData->encapContentInfo->eContentType =
-            OBJ_nid2obj(NID_pkcs7_data);
-        cms->d.signedData->encapContentInfo->partial = 1;
-        ASN1_OBJECT_free(cms->contentType);
-        cms->contentType = OBJ_nid2obj(NID_pkcs7_signed);
-        return cms->d.signedData;
-    }
-    return cms_get0_signed(cms);
-}
-
-/* Just initialize SignedData e.g. for certs only structure */
-
-int CMS_SignedData_init(CMS_ContentInfo *cms)
-{
-    if (cms_signed_data_init(cms))
-        return 1;
-    else
-        return 0;
-}
-
-/* Check structures and fixup version numbers (if necessary) */
-
-static void cms_sd_set_version(CMS_SignedData *sd)
-{
-    int i;
-    CMS_CertificateChoices *cch;
-    CMS_RevocationInfoChoice *rch;
-    CMS_SignerInfo *si;
-
-    for (i = 0; i < sk_CMS_CertificateChoices_num(sd->certificates); i++) {
-        cch = sk_CMS_CertificateChoices_value(sd->certificates, i);
-        if (cch->type == CMS_CERTCHOICE_OTHER) {
-            if (sd->version < 5)
-                sd->version = 5;
-        } else if (cch->type == CMS_CERTCHOICE_V2ACERT) {
-            if (sd->version < 4)
-                sd->version = 4;
-        } else if (cch->type == CMS_CERTCHOICE_V1ACERT) {
-            if (sd->version < 3)
-                sd->version = 3;
-        }
-    }
-
-    for (i = 0; i < sk_CMS_RevocationInfoChoice_num(sd->crls); i++) {
-        rch = sk_CMS_RevocationInfoChoice_value(sd->crls, i);
-        if (rch->type == CMS_REVCHOICE_OTHER) {
-            if (sd->version < 5)
-                sd->version = 5;
-        }
-    }
-
-    if ((OBJ_obj2nid(sd->encapContentInfo->eContentType) != NID_pkcs7_data)
-        && (sd->version < 3))
-        sd->version = 3;
-
-    for (i = 0; i < sk_CMS_SignerInfo_num(sd->signerInfos); i++) {
-        si = sk_CMS_SignerInfo_value(sd->signerInfos, i);
-        if (si->sid->type == CMS_SIGNERINFO_KEYIDENTIFIER) {
-            if (si->version < 3)
-                si->version = 3;
-            if (sd->version < 3)
-                sd->version = 3;
-        } else if (si->version < 1)
-            si->version = 1;
-    }
-
-    if (sd->version < 1)
-        sd->version = 1;
-
-}
-
-/* Copy an existing messageDigest value */
-
-static int cms_copy_messageDigest(CMS_ContentInfo *cms, CMS_SignerInfo *si)
-{
-    STACK_OF(CMS_SignerInfo) *sinfos;
-    CMS_SignerInfo *sitmp;
-    int i;
-    sinfos = CMS_get0_SignerInfos(cms);
-    for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
-        ASN1_OCTET_STRING *messageDigest;
-        sitmp = sk_CMS_SignerInfo_value(sinfos, i);
-        if (sitmp == si)
-            continue;
-        if (CMS_signed_get_attr_count(sitmp) < 0)
-            continue;
-        if (OBJ_cmp(si->digestAlgorithm->algorithm,
-                    sitmp->digestAlgorithm->algorithm))
-            continue;
-        messageDigest = CMS_signed_get0_data_by_OBJ(sitmp,
-                                                    OBJ_nid2obj
-                                                    (NID_pkcs9_messageDigest),
-                                                    -3, V_ASN1_OCTET_STRING);
-        if (!messageDigest) {
-            CMSerr(CMS_F_CMS_COPY_MESSAGEDIGEST,
-                   CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE);
-            return 0;
-        }
-
-        if (CMS_signed_add1_attr_by_NID(si, NID_pkcs9_messageDigest,
-                                        V_ASN1_OCTET_STRING,
-                                        messageDigest, -1))
-            return 1;
-        else
-            return 0;
-    }
-    CMSerr(CMS_F_CMS_COPY_MESSAGEDIGEST, CMS_R_NO_MATCHING_DIGEST);
-    return 0;
-}
-
-int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type)
-{
-    switch (type) {
-    case CMS_SIGNERINFO_ISSUER_SERIAL:
-        if (!cms_set1_ias(&sid->d.issuerAndSerialNumber, cert))
-            return 0;
-        break;
-
-    case CMS_SIGNERINFO_KEYIDENTIFIER:
-        if (!cms_set1_keyid(&sid->d.subjectKeyIdentifier, cert))
-            return 0;
-        break;
-
-    default:
-        CMSerr(CMS_F_CMS_SET1_SIGNERIDENTIFIER, CMS_R_UNKNOWN_ID);
-        return 0;
-    }
-
-    sid->type = type;
-
-    return 1;
-}
-
-int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
-                                        ASN1_OCTET_STRING **keyid,
-                                        X509_NAME **issuer,
-                                        ASN1_INTEGER **sno)
-{
-    if (sid->type == CMS_SIGNERINFO_ISSUER_SERIAL) {
-        if (issuer)
-            *issuer = sid->d.issuerAndSerialNumber->issuer;
-        if (sno)
-            *sno = sid->d.issuerAndSerialNumber->serialNumber;
-    } else if (sid->type == CMS_SIGNERINFO_KEYIDENTIFIER) {
-        if (keyid)
-            *keyid = sid->d.subjectKeyIdentifier;
-    } else
-        return 0;
-    return 1;
-}
-
-int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert)
-{
-    if (sid->type == CMS_SIGNERINFO_ISSUER_SERIAL)
-        return cms_ias_cert_cmp(sid->d.issuerAndSerialNumber, cert);
-    else if (sid->type == CMS_SIGNERINFO_KEYIDENTIFIER)
-        return cms_keyid_cert_cmp(sid->d.subjectKeyIdentifier, cert);
-    else
-        return -1;
-}
-
-static int cms_sd_asn1_ctrl(CMS_SignerInfo *si, int cmd)
-{
-    EVP_PKEY *pkey = si->pkey;
-    int i;
-    if (!pkey->ameth || !pkey->ameth->pkey_ctrl)
-        return 1;
-    i = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_CMS_SIGN, cmd, si);
-    if (i == -2) {
-        CMSerr(CMS_F_CMS_SD_ASN1_CTRL, CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
-        return 0;
-    }
-    if (i <= 0) {
-        CMSerr(CMS_F_CMS_SD_ASN1_CTRL, CMS_R_CTRL_FAILURE);
-        return 0;
-    }
-    return 1;
-}
-
-CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
-                                X509 *signer, EVP_PKEY *pk, const EVP_MD *md,
-                                unsigned int flags)
-{
-    CMS_SignedData *sd;
-    CMS_SignerInfo *si = NULL;
-    X509_ALGOR *alg;
-    int i, type;
-    if (!X509_check_private_key(signer, pk)) {
-        CMSerr(CMS_F_CMS_ADD1_SIGNER,
-               CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
-        return NULL;
-    }
-    sd = cms_signed_data_init(cms);
-    if (!sd)
-        goto err;
-    si = M_ASN1_new_of(CMS_SignerInfo);
-    if (!si)
-        goto merr;
-    X509_check_purpose(signer, -1, -1);
-
-    CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY);
-    CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509);
-
-    si->pkey = pk;
-    si->signer = signer;
-    EVP_MD_CTX_init(&si->mctx);
-    si->pctx = NULL;
-
-    if (flags & CMS_USE_KEYID) {
-        si->version = 3;
-        if (sd->version < 3)
-            sd->version = 3;
-        type = CMS_SIGNERINFO_KEYIDENTIFIER;
-    } else {
-        type = CMS_SIGNERINFO_ISSUER_SERIAL;
-        si->version = 1;
-    }
-
-    if (!cms_set1_SignerIdentifier(si->sid, signer, type))
-        goto err;
-
-    if (md == NULL) {
-        int def_nid;
-        if (EVP_PKEY_get_default_digest_nid(pk, &def_nid) <= 0)
-            goto err;
-        md = EVP_get_digestbynid(def_nid);
-        if (md == NULL) {
-            CMSerr(CMS_F_CMS_ADD1_SIGNER, CMS_R_NO_DEFAULT_DIGEST);
-            goto err;
-        }
-    }
-
-    if (!md) {
-        CMSerr(CMS_F_CMS_ADD1_SIGNER, CMS_R_NO_DIGEST_SET);
-        goto err;
-    }
-
-    cms_DigestAlgorithm_set(si->digestAlgorithm, md);
-
-    /* See if digest is present in digestAlgorithms */
-    for (i = 0; i < sk_X509_ALGOR_num(sd->digestAlgorithms); i++) {
-        ASN1_OBJECT *aoid;
-        alg = sk_X509_ALGOR_value(sd->digestAlgorithms, i);
-        X509_ALGOR_get0(&aoid, NULL, NULL, alg);
-        if (OBJ_obj2nid(aoid) == EVP_MD_type(md))
-            break;
-    }
-
-    if (i == sk_X509_ALGOR_num(sd->digestAlgorithms)) {
-        alg = X509_ALGOR_new();
-        if (!alg)
-            goto merr;
-        cms_DigestAlgorithm_set(alg, md);
-        if (!sk_X509_ALGOR_push(sd->digestAlgorithms, alg)) {
-            X509_ALGOR_free(alg);
-            goto merr;
-        }
-    }
-
-    if (!(flags & CMS_KEY_PARAM) && !cms_sd_asn1_ctrl(si, 0))
-        goto err;
-    if (!(flags & CMS_NOATTR)) {
-        /*
-         * Initialialize signed attributes strutucture so other attributes
-         * such as signing time etc are added later even if we add none here.
-         */
-        if (!si->signedAttrs) {
-            si->signedAttrs = sk_X509_ATTRIBUTE_new_null();
-            if (!si->signedAttrs)
-                goto merr;
-        }
-
-        if (!(flags & CMS_NOSMIMECAP)) {
-            STACK_OF(X509_ALGOR) *smcap = NULL;
-            i = CMS_add_standard_smimecap(&smcap);
-            if (i)
-                i = CMS_add_smimecap(si, smcap);
-            sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
-            if (!i)
-                goto merr;
-        }
-        if (flags & CMS_REUSE_DIGEST) {
-            if (!cms_copy_messageDigest(cms, si))
-                goto err;
-            if (!(flags & (CMS_PARTIAL | CMS_KEY_PARAM)) &&
-                !CMS_SignerInfo_sign(si))
-                goto err;
-        }
-    }
-
-    if (!(flags & CMS_NOCERTS)) {
-        /* NB ignore -1 return for duplicate cert */
-        if (!CMS_add1_cert(cms, signer))
-            goto merr;
-    }
-
-    if (flags & CMS_KEY_PARAM) {
-        if (flags & CMS_NOATTR) {
-            si->pctx = EVP_PKEY_CTX_new(si->pkey, NULL);
-            if (!si->pctx)
-                goto err;
-            if (EVP_PKEY_sign_init(si->pctx) <= 0)
-                goto err;
-            if (EVP_PKEY_CTX_set_signature_md(si->pctx, md) <= 0)
-                goto err;
-        } else if (EVP_DigestSignInit(&si->mctx, &si->pctx, md, NULL, pk) <=
-                   0)
-            goto err;
-    }
-
-    if (!sd->signerInfos)
-        sd->signerInfos = sk_CMS_SignerInfo_new_null();
-    if (!sd->signerInfos || !sk_CMS_SignerInfo_push(sd->signerInfos, si))
-        goto merr;
-
-    return si;
-
- merr:
-    CMSerr(CMS_F_CMS_ADD1_SIGNER, ERR_R_MALLOC_FAILURE);
- err:
-    if (si)
-        M_ASN1_free_of(si, CMS_SignerInfo);
-    return NULL;
-
-}
-
-static int cms_add1_signingTime(CMS_SignerInfo *si, ASN1_TIME *t)
-{
-    ASN1_TIME *tt;
-    int r = 0;
-    if (t)
-        tt = t;
-    else
-        tt = X509_gmtime_adj(NULL, 0);
-
-    if (!tt)
-        goto merr;
-
-    if (CMS_signed_add1_attr_by_NID(si, NID_pkcs9_signingTime,
-                                    tt->type, tt, -1) <= 0)
-        goto merr;
-
-    r = 1;
-
- merr:
-
-    if (!t)
-        ASN1_TIME_free(tt);
-
-    if (!r)
-        CMSerr(CMS_F_CMS_ADD1_SIGNINGTIME, ERR_R_MALLOC_FAILURE);
-
-    return r;
-
-}
-
-EVP_PKEY_CTX *CMS_SignerInfo_get0_pkey_ctx(CMS_SignerInfo *si)
-{
-    return si->pctx;
-}
-
-EVP_MD_CTX *CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo *si)
-{
-    return &si->mctx;
-}
-
-STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms)
-{
-    CMS_SignedData *sd;
-    sd = cms_get0_signed(cms);
-    if (!sd)
-        return NULL;
-    return sd->signerInfos;
-}
-
-STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms)
-{
-    STACK_OF(X509) *signers = NULL;
-    STACK_OF(CMS_SignerInfo) *sinfos;
-    CMS_SignerInfo *si;
-    int i;
-    sinfos = CMS_get0_SignerInfos(cms);
-    for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
-        si = sk_CMS_SignerInfo_value(sinfos, i);
-        if (si->signer) {
-            if (!signers) {
-                signers = sk_X509_new_null();
-                if (!signers)
-                    return NULL;
-            }
-            if (!sk_X509_push(signers, si->signer)) {
-                sk_X509_free(signers);
-                return NULL;
-            }
-        }
-    }
-    return signers;
-}
-
-void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer)
-{
-    if (signer) {
-        CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509);
-        if (si->pkey)
-            EVP_PKEY_free(si->pkey);
-        si->pkey = X509_get_pubkey(signer);
-    }
-    if (si->signer)
-        X509_free(si->signer);
-    si->signer = signer;
-}
-
-int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si,
-                                  ASN1_OCTET_STRING **keyid,
-                                  X509_NAME **issuer, ASN1_INTEGER **sno)
-{
-    return cms_SignerIdentifier_get0_signer_id(si->sid, keyid, issuer, sno);
-}
-
-int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert)
-{
-    return cms_SignerIdentifier_cert_cmp(si->sid, cert);
-}
-
-int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *scerts,
-                           unsigned int flags)
-{
-    CMS_SignedData *sd;
-    CMS_SignerInfo *si;
-    CMS_CertificateChoices *cch;
-    STACK_OF(CMS_CertificateChoices) *certs;
-    X509 *x;
-    int i, j;
-    int ret = 0;
-    sd = cms_get0_signed(cms);
-    if (!sd)
-        return -1;
-    certs = sd->certificates;
-    for (i = 0; i < sk_CMS_SignerInfo_num(sd->signerInfos); i++) {
-        si = sk_CMS_SignerInfo_value(sd->signerInfos, i);
-        if (si->signer)
-            continue;
-
-        for (j = 0; j < sk_X509_num(scerts); j++) {
-            x = sk_X509_value(scerts, j);
-            if (CMS_SignerInfo_cert_cmp(si, x) == 0) {
-                CMS_SignerInfo_set1_signer_cert(si, x);
-                ret++;
-                break;
-            }
-        }
-
-        if (si->signer || (flags & CMS_NOINTERN))
-            continue;
-
-        for (j = 0; j < sk_CMS_CertificateChoices_num(certs); j++) {
-            cch = sk_CMS_CertificateChoices_value(certs, j);
-            if (cch->type != 0)
-                continue;
-            x = cch->d.certificate;
-            if (CMS_SignerInfo_cert_cmp(si, x) == 0) {
-                CMS_SignerInfo_set1_signer_cert(si, x);
-                ret++;
-                break;
-            }
-        }
-    }
-    return ret;
-}
-
-void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk,
-                              X509 **signer, X509_ALGOR **pdig,
-                              X509_ALGOR **psig)
-{
-    if (pk)
-        *pk = si->pkey;
-    if (signer)
-        *signer = si->signer;
-    if (pdig)
-        *pdig = si->digestAlgorithm;
-    if (psig)
-        *psig = si->signatureAlgorithm;
-}
-
-ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si)
-{
-    return si->signature;
-}
-
-static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
-                                       CMS_SignerInfo *si, BIO *chain)
-{
-    EVP_MD_CTX mctx;
-    int r = 0;
-    EVP_PKEY_CTX *pctx = NULL;
-    EVP_MD_CTX_init(&mctx);
-
-    if (!si->pkey) {
-        CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, CMS_R_NO_PRIVATE_KEY);
-        return 0;
-    }
-
-    if (!cms_DigestAlgorithm_find_ctx(&mctx, chain, si->digestAlgorithm))
-        goto err;
-    /* Set SignerInfo algortihm details if we used custom parametsr */
-    if (si->pctx && !cms_sd_asn1_ctrl(si, 0))
-        goto err;
-
-    /*
-     * If any signed attributes calculate and add messageDigest attribute
-     */
-
-    if (CMS_signed_get_attr_count(si) >= 0) {
-        ASN1_OBJECT *ctype =
-            cms->d.signedData->encapContentInfo->eContentType;
-        unsigned char md[EVP_MAX_MD_SIZE];
-        unsigned int mdlen;
-        if (!EVP_DigestFinal_ex(&mctx, md, &mdlen))
-            goto err;
-        if (!CMS_signed_add1_attr_by_NID(si, NID_pkcs9_messageDigest,
-                                         V_ASN1_OCTET_STRING, md, mdlen))
-            goto err;
-        /* Copy content type across */
-        if (CMS_signed_add1_attr_by_NID(si, NID_pkcs9_contentType,
-                                        V_ASN1_OBJECT, ctype, -1) <= 0)
-            goto err;
-        if (!CMS_SignerInfo_sign(si))
-            goto err;
-    } else if (si->pctx) {
-        unsigned char *sig;
-        size_t siglen;
-        unsigned char md[EVP_MAX_MD_SIZE];
-        unsigned int mdlen;
-        pctx = si->pctx;
-        if (!EVP_DigestFinal_ex(&mctx, md, &mdlen))
-            goto err;
-        siglen = EVP_PKEY_size(si->pkey);
-        sig = OPENSSL_malloc(siglen);
-        if (!sig) {
-            CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        if (EVP_PKEY_sign(pctx, sig, &siglen, md, mdlen) <= 0)
-            goto err;
-        ASN1_STRING_set0(si->signature, sig, siglen);
-    } else {
-        unsigned char *sig;
-        unsigned int siglen;
-        sig = OPENSSL_malloc(EVP_PKEY_size(si->pkey));
-        if (!sig) {
-            CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        if (!EVP_SignFinal(&mctx, sig, &siglen, si->pkey)) {
-            CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, CMS_R_SIGNFINAL_ERROR);
-            OPENSSL_free(sig);
-            goto err;
-        }
-        ASN1_STRING_set0(si->signature, sig, siglen);
-    }
-
-    r = 1;
-
- err:
-    EVP_MD_CTX_cleanup(&mctx);
-    if (pctx)
-        EVP_PKEY_CTX_free(pctx);
-    return r;
-
-}
-
-int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain)
-{
-    STACK_OF(CMS_SignerInfo) *sinfos;
-    CMS_SignerInfo *si;
-    int i;
-    sinfos = CMS_get0_SignerInfos(cms);
-    for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
-        si = sk_CMS_SignerInfo_value(sinfos, i);
-        if (!cms_SignerInfo_content_sign(cms, si, chain))
-            return 0;
-    }
-    cms->d.signedData->encapContentInfo->partial = 0;
-    return 1;
-}
-
-int CMS_SignerInfo_sign(CMS_SignerInfo *si)
-{
-    EVP_MD_CTX *mctx = &si->mctx;
-    EVP_PKEY_CTX *pctx;
-    unsigned char *abuf = NULL;
-    int alen;
-    size_t siglen;
-    const EVP_MD *md = NULL;
-
-    md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
-    if (md == NULL)
-        return 0;
-
-    if (CMS_signed_get_attr_by_NID(si, NID_pkcs9_signingTime, -1) < 0) {
-        if (!cms_add1_signingTime(si, NULL))
-            goto err;
-    }
-
-    if (si->pctx)
-        pctx = si->pctx;
-    else {
-        EVP_MD_CTX_init(mctx);
-        if (EVP_DigestSignInit(mctx, &pctx, md, NULL, si->pkey) <= 0)
-            goto err;
-    }
-
-    if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
-                          EVP_PKEY_CTRL_CMS_SIGN, 0, si) <= 0) {
-        CMSerr(CMS_F_CMS_SIGNERINFO_SIGN, CMS_R_CTRL_ERROR);
-        goto err;
-    }
-
-    alen = ASN1_item_i2d((ASN1_VALUE *)si->signedAttrs, &abuf,
-                         ASN1_ITEM_rptr(CMS_Attributes_Sign));
-    if (!abuf)
-        goto err;
-    if (EVP_DigestSignUpdate(mctx, abuf, alen) <= 0)
-        goto err;
-    if (EVP_DigestSignFinal(mctx, NULL, &siglen) <= 0)
-        goto err;
-    OPENSSL_free(abuf);
-    abuf = OPENSSL_malloc(siglen);
-    if (!abuf)
-        goto err;
-    if (EVP_DigestSignFinal(mctx, abuf, &siglen) <= 0)
-        goto err;
-
-    if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
-                          EVP_PKEY_CTRL_CMS_SIGN, 1, si) <= 0) {
-        CMSerr(CMS_F_CMS_SIGNERINFO_SIGN, CMS_R_CTRL_ERROR);
-        goto err;
-    }
-
-    EVP_MD_CTX_cleanup(mctx);
-
-    ASN1_STRING_set0(si->signature, abuf, siglen);
-
-    return 1;
-
- err:
-    if (abuf)
-        OPENSSL_free(abuf);
-    EVP_MD_CTX_cleanup(mctx);
-    return 0;
-
-}
-
-int CMS_SignerInfo_verify(CMS_SignerInfo *si)
-{
-    EVP_MD_CTX *mctx = &si->mctx;
-    unsigned char *abuf = NULL;
-    int alen, r = -1;
-    const EVP_MD *md = NULL;
-
-    if (!si->pkey) {
-        CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, CMS_R_NO_PUBLIC_KEY);
-        return -1;
-    }
-
-    md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
-    if (md == NULL)
-        return -1;
-    EVP_MD_CTX_init(mctx);
-    if (EVP_DigestVerifyInit(mctx, &si->pctx, md, NULL, si->pkey) <= 0)
-        goto err;
-
-    if (!cms_sd_asn1_ctrl(si, 1))
-        goto err;
-
-    alen = ASN1_item_i2d((ASN1_VALUE *)si->signedAttrs, &abuf,
-                         ASN1_ITEM_rptr(CMS_Attributes_Verify));
-    if (!abuf)
-        goto err;
-    r = EVP_DigestVerifyUpdate(mctx, abuf, alen);
-    OPENSSL_free(abuf);
-    if (r <= 0) {
-        r = -1;
-        goto err;
-    }
-    r = EVP_DigestVerifyFinal(mctx,
-                              si->signature->data, si->signature->length);
-    if (r <= 0)
-        CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, CMS_R_VERIFICATION_FAILURE);
- err:
-    EVP_MD_CTX_cleanup(mctx);
-    return r;
-}
-
-/* Create a chain of digest BIOs from a CMS ContentInfo */
-
-BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms)
-{
-    int i;
-    CMS_SignedData *sd;
-    BIO *chain = NULL;
-    sd = cms_get0_signed(cms);
-    if (!sd)
-        return NULL;
-    if (cms->d.signedData->encapContentInfo->partial)
-        cms_sd_set_version(sd);
-    for (i = 0; i < sk_X509_ALGOR_num(sd->digestAlgorithms); i++) {
-        X509_ALGOR *digestAlgorithm;
-        BIO *mdbio;
-        digestAlgorithm = sk_X509_ALGOR_value(sd->digestAlgorithms, i);
-        mdbio = cms_DigestAlgorithm_init_bio(digestAlgorithm);
-        if (!mdbio)
-            goto err;
-        if (chain)
-            BIO_push(chain, mdbio);
-        else
-            chain = mdbio;
-    }
-    return chain;
- err:
-    if (chain)
-        BIO_free_all(chain);
-    return NULL;
-}
-
-int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
-{
-    ASN1_OCTET_STRING *os = NULL;
-    EVP_MD_CTX mctx;
-    EVP_PKEY_CTX *pkctx = NULL;
-    int r = -1;
-    unsigned char mval[EVP_MAX_MD_SIZE];
-    unsigned int mlen;
-    EVP_MD_CTX_init(&mctx);
-    /* If we have any signed attributes look for messageDigest value */
-    if (CMS_signed_get_attr_count(si) >= 0) {
-        os = CMS_signed_get0_data_by_OBJ(si,
-                                         OBJ_nid2obj(NID_pkcs9_messageDigest),
-                                         -3, V_ASN1_OCTET_STRING);
-        if (!os) {
-            CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
-                   CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE);
-            goto err;
-        }
-    }
-
-    if (!cms_DigestAlgorithm_find_ctx(&mctx, chain, si->digestAlgorithm))
-        goto err;
-
-    if (EVP_DigestFinal_ex(&mctx, mval, &mlen) <= 0) {
-        CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
-               CMS_R_UNABLE_TO_FINALIZE_CONTEXT);
-        goto err;
-    }
-
-    /* If messageDigest found compare it */
-
-    if (os) {
-        if (mlen != (unsigned int)os->length) {
-            CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
-                   CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH);
-            goto err;
-        }
-
-        if (memcmp(mval, os->data, mlen)) {
-            CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
-                   CMS_R_VERIFICATION_FAILURE);
-            r = 0;
-        } else
-            r = 1;
-    } else {
-        const EVP_MD *md = EVP_MD_CTX_md(&mctx);
-        pkctx = EVP_PKEY_CTX_new(si->pkey, NULL);
-        if (pkctx == NULL)
-            goto err;
-        if (EVP_PKEY_verify_init(pkctx) <= 0)
-            goto err;
-        if (EVP_PKEY_CTX_set_signature_md(pkctx, md) <= 0)
-            goto err;
-        si->pctx = pkctx;
-        if (!cms_sd_asn1_ctrl(si, 1))
-            goto err;
-        r = EVP_PKEY_verify(pkctx, si->signature->data,
-                            si->signature->length, mval, mlen);
-        if (r <= 0) {
-            CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
-                   CMS_R_VERIFICATION_FAILURE);
-            r = 0;
-        }
-    }
-
- err:
-    if (pkctx)
-        EVP_PKEY_CTX_free(pkctx);
-    EVP_MD_CTX_cleanup(&mctx);
-    return r;
-
-}
-
-int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs)
-{
-    unsigned char *smder = NULL;
-    int smderlen, r;
-    smderlen = i2d_X509_ALGORS(algs, &smder);
-    if (smderlen <= 0)
-        return 0;
-    r = CMS_signed_add1_attr_by_NID(si, NID_SMIMECapabilities,
-                                    V_ASN1_SEQUENCE, smder, smderlen);
-    OPENSSL_free(smder);
-    return r;
-}
-
-int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
-                            int algnid, int keysize)
-{
-    X509_ALGOR *alg;
-    ASN1_INTEGER *key = NULL;
-    if (keysize > 0) {
-        key = ASN1_INTEGER_new();
-        if (!key || !ASN1_INTEGER_set(key, keysize))
-            return 0;
-    }
-    alg = X509_ALGOR_new();
-    if (!alg) {
-        if (key)
-            ASN1_INTEGER_free(key);
-        return 0;
-    }
-
-    X509_ALGOR_set0(alg, OBJ_nid2obj(algnid),
-                    key ? V_ASN1_INTEGER : V_ASN1_UNDEF, key);
-    if (!*algs)
-        *algs = sk_X509_ALGOR_new_null();
-    if (!*algs || !sk_X509_ALGOR_push(*algs, alg)) {
-        X509_ALGOR_free(alg);
-        return 0;
-    }
-    return 1;
-}
-
-/* Check to see if a cipher exists and if so add S/MIME capabilities */
-
-static int cms_add_cipher_smcap(STACK_OF(X509_ALGOR) **sk, int nid, int arg)
-{
-    if (EVP_get_cipherbynid(nid))
-        return CMS_add_simple_smimecap(sk, nid, arg);
-    return 1;
-}
-
-static int cms_add_digest_smcap(STACK_OF(X509_ALGOR) **sk, int nid, int arg)
-{
-    if (EVP_get_digestbynid(nid))
-        return CMS_add_simple_smimecap(sk, nid, arg);
-    return 1;
-}
-
-int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap)
-{
-    if (!cms_add_cipher_smcap(smcap, NID_aes_256_cbc, -1)
-        || !cms_add_digest_smcap(smcap, NID_id_GostR3411_94, -1)
-        || !cms_add_cipher_smcap(smcap, NID_id_Gost28147_89, -1)
-        || !cms_add_cipher_smcap(smcap, NID_aes_192_cbc, -1)
-        || !cms_add_cipher_smcap(smcap, NID_aes_128_cbc, -1)
-        || !cms_add_cipher_smcap(smcap, NID_des_ede3_cbc, -1)
-        || !cms_add_cipher_smcap(smcap, NID_rc2_cbc, 128)
-        || !cms_add_cipher_smcap(smcap, NID_rc2_cbc, 64)
-        || !cms_add_cipher_smcap(smcap, NID_des_cbc, -1)
-        || !cms_add_cipher_smcap(smcap, NID_rc2_cbc, 40))
-        return 0;
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/cms/cms_smime.c b/thirdparty/openssl/crypto/cms/cms_smime.c
deleted file mode 100644
index 07e3472e10..0000000000
--- a/thirdparty/openssl/crypto/cms/cms_smime.c
+++ /dev/null
@@ -1,836 +0,0 @@
-/* crypto/cms/cms_smime.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/err.h>
-#include <openssl/cms.h>
-#include "cms_lcl.h"
-#include "asn1_locl.h"
-
-static int cms_copy_content(BIO *out, BIO *in, unsigned int flags)
-{
-    unsigned char buf[4096];
-    int r = 0, i;
-    BIO *tmpout = NULL;
-
-    if (out == NULL)
-        tmpout = BIO_new(BIO_s_null());
-    else if (flags & CMS_TEXT) {
-        tmpout = BIO_new(BIO_s_mem());
-        BIO_set_mem_eof_return(tmpout, 0);
-    } else
-        tmpout = out;
-
-    if (!tmpout) {
-        CMSerr(CMS_F_CMS_COPY_CONTENT, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    /* Read all content through chain to process digest, decrypt etc */
-    for (;;) {
-        i = BIO_read(in, buf, sizeof(buf));
-        if (i <= 0) {
-            if (BIO_method_type(in) == BIO_TYPE_CIPHER) {
-                if (!BIO_get_cipher_status(in))
-                    goto err;
-            }
-            if (i < 0)
-                goto err;
-            break;
-        }
-
-        if (tmpout && (BIO_write(tmpout, buf, i) != i))
-            goto err;
-    }
-
-    if (flags & CMS_TEXT) {
-        if (!SMIME_text(tmpout, out)) {
-            CMSerr(CMS_F_CMS_COPY_CONTENT, CMS_R_SMIME_TEXT_ERROR);
-            goto err;
-        }
-    }
-
-    r = 1;
-
- err:
-    if (tmpout && (tmpout != out))
-        BIO_free(tmpout);
-    return r;
-
-}
-
-static int check_content(CMS_ContentInfo *cms)
-{
-    ASN1_OCTET_STRING **pos = CMS_get0_content(cms);
-    if (!pos || !*pos) {
-        CMSerr(CMS_F_CHECK_CONTENT, CMS_R_NO_CONTENT);
-        return 0;
-    }
-    return 1;
-}
-
-static void do_free_upto(BIO *f, BIO *upto)
-{
-    if (upto) {
-        BIO *tbio;
-        do {
-            tbio = BIO_pop(f);
-            BIO_free(f);
-            f = tbio;
-        }
-        while (f && f != upto);
-    } else
-        BIO_free_all(f);
-}
-
-int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags)
-{
-    BIO *cont;
-    int r;
-    if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_data) {
-        CMSerr(CMS_F_CMS_DATA, CMS_R_TYPE_NOT_DATA);
-        return 0;
-    }
-    cont = CMS_dataInit(cms, NULL);
-    if (!cont)
-        return 0;
-    r = cms_copy_content(out, cont, flags);
-    BIO_free_all(cont);
-    return r;
-}
-
-CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags)
-{
-    CMS_ContentInfo *cms;
-    cms = cms_Data_create();
-    if (!cms)
-        return NULL;
-
-    if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags))
-        return cms;
-
-    CMS_ContentInfo_free(cms);
-
-    return NULL;
-}
-
-int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
-                      unsigned int flags)
-{
-    BIO *cont;
-    int r;
-    if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_digest) {
-        CMSerr(CMS_F_CMS_DIGEST_VERIFY, CMS_R_TYPE_NOT_DIGESTED_DATA);
-        return 0;
-    }
-
-    if (!dcont && !check_content(cms))
-        return 0;
-
-    cont = CMS_dataInit(cms, dcont);
-    if (!cont)
-        return 0;
-    r = cms_copy_content(out, cont, flags);
-    if (r)
-        r = cms_DigestedData_do_final(cms, cont, 1);
-    do_free_upto(cont, dcont);
-    return r;
-}
-
-CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
-                                   unsigned int flags)
-{
-    CMS_ContentInfo *cms;
-    if (!md)
-        md = EVP_sha1();
-    cms = cms_DigestedData_create(md);
-    if (!cms)
-        return NULL;
-
-    if (!(flags & CMS_DETACHED))
-        CMS_set_detached(cms, 0);
-
-    if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags))
-        return cms;
-
-    CMS_ContentInfo_free(cms);
-    return NULL;
-}
-
-int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
-                              const unsigned char *key, size_t keylen,
-                              BIO *dcont, BIO *out, unsigned int flags)
-{
-    BIO *cont;
-    int r;
-    if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_encrypted) {
-        CMSerr(CMS_F_CMS_ENCRYPTEDDATA_DECRYPT,
-               CMS_R_TYPE_NOT_ENCRYPTED_DATA);
-        return 0;
-    }
-
-    if (!dcont && !check_content(cms))
-        return 0;
-
-    if (CMS_EncryptedData_set1_key(cms, NULL, key, keylen) <= 0)
-        return 0;
-    cont = CMS_dataInit(cms, dcont);
-    if (!cont)
-        return 0;
-    r = cms_copy_content(out, cont, flags);
-    do_free_upto(cont, dcont);
-    return r;
-}
-
-CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
-                                           const unsigned char *key,
-                                           size_t keylen, unsigned int flags)
-{
-    CMS_ContentInfo *cms;
-    if (!cipher) {
-        CMSerr(CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT, CMS_R_NO_CIPHER);
-        return NULL;
-    }
-    cms = CMS_ContentInfo_new();
-    if (!cms)
-        return NULL;
-    if (!CMS_EncryptedData_set1_key(cms, cipher, key, keylen))
-        return NULL;
-
-    if (!(flags & CMS_DETACHED))
-        CMS_set_detached(cms, 0);
-
-    if ((flags & (CMS_STREAM | CMS_PARTIAL))
-        || CMS_final(cms, in, NULL, flags))
-        return cms;
-
-    CMS_ContentInfo_free(cms);
-    return NULL;
-}
-
-static int cms_signerinfo_verify_cert(CMS_SignerInfo *si,
-                                      X509_STORE *store,
-                                      STACK_OF(X509) *certs,
-                                      STACK_OF(X509_CRL) *crls,
-                                      unsigned int flags)
-{
-    X509_STORE_CTX ctx;
-    X509 *signer;
-    int i, j, r = 0;
-    CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL);
-    if (!X509_STORE_CTX_init(&ctx, store, signer, certs)) {
-        CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT, CMS_R_STORE_INIT_ERROR);
-        goto err;
-    }
-    X509_STORE_CTX_set_default(&ctx, "smime_sign");
-    if (crls)
-        X509_STORE_CTX_set0_crls(&ctx, crls);
-
-    i = X509_verify_cert(&ctx);
-    if (i <= 0) {
-        j = X509_STORE_CTX_get_error(&ctx);
-        CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT,
-               CMS_R_CERTIFICATE_VERIFY_ERROR);
-        ERR_add_error_data(2, "Verify error:",
-                           X509_verify_cert_error_string(j));
-        goto err;
-    }
-    r = 1;
- err:
-    X509_STORE_CTX_cleanup(&ctx);
-    return r;
-
-}
-
-int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
-               X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags)
-{
-    CMS_SignerInfo *si;
-    STACK_OF(CMS_SignerInfo) *sinfos;
-    STACK_OF(X509) *cms_certs = NULL;
-    STACK_OF(X509_CRL) *crls = NULL;
-    X509 *signer;
-    int i, scount = 0, ret = 0;
-    BIO *cmsbio = NULL, *tmpin = NULL;
-
-    if (!dcont && !check_content(cms))
-        return 0;
-
-    /* Attempt to find all signer certificates */
-
-    sinfos = CMS_get0_SignerInfos(cms);
-
-    if (sk_CMS_SignerInfo_num(sinfos) <= 0) {
-        CMSerr(CMS_F_CMS_VERIFY, CMS_R_NO_SIGNERS);
-        goto err;
-    }
-
-    for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
-        si = sk_CMS_SignerInfo_value(sinfos, i);
-        CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL);
-        if (signer)
-            scount++;
-    }
-
-    if (scount != sk_CMS_SignerInfo_num(sinfos))
-        scount += CMS_set1_signers_certs(cms, certs, flags);
-
-    if (scount != sk_CMS_SignerInfo_num(sinfos)) {
-        CMSerr(CMS_F_CMS_VERIFY, CMS_R_SIGNER_CERTIFICATE_NOT_FOUND);
-        goto err;
-    }
-
-    /* Attempt to verify all signers certs */
-
-    if (!(flags & CMS_NO_SIGNER_CERT_VERIFY)) {
-        cms_certs = CMS_get1_certs(cms);
-        if (!(flags & CMS_NOCRL))
-            crls = CMS_get1_crls(cms);
-        for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
-            si = sk_CMS_SignerInfo_value(sinfos, i);
-            if (!cms_signerinfo_verify_cert(si, store,
-                                            cms_certs, crls, flags))
-                goto err;
-        }
-    }
-
-    /* Attempt to verify all SignerInfo signed attribute signatures */
-
-    if (!(flags & CMS_NO_ATTR_VERIFY)) {
-        for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
-            si = sk_CMS_SignerInfo_value(sinfos, i);
-            if (CMS_signed_get_attr_count(si) < 0)
-                continue;
-            if (CMS_SignerInfo_verify(si) <= 0)
-                goto err;
-        }
-    }
-
-    /*
-     * Performance optimization: if the content is a memory BIO then store
-     * its contents in a temporary read only memory BIO. This avoids
-     * potentially large numbers of slow copies of data which will occur when
-     * reading from a read write memory BIO when signatures are calculated.
-     */
-
-    if (dcont && (BIO_method_type(dcont) == BIO_TYPE_MEM)) {
-        char *ptr;
-        long len;
-        len = BIO_get_mem_data(dcont, &ptr);
-        tmpin = BIO_new_mem_buf(ptr, len);
-        if (tmpin == NULL) {
-            CMSerr(CMS_F_CMS_VERIFY, ERR_R_MALLOC_FAILURE);
-            goto err2;
-        }
-    } else
-        tmpin = dcont;
-
-    cmsbio = CMS_dataInit(cms, tmpin);
-    if (!cmsbio)
-        goto err;
-
-    if (!cms_copy_content(out, cmsbio, flags))
-        goto err;
-
-    if (!(flags & CMS_NO_CONTENT_VERIFY)) {
-        for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
-            si = sk_CMS_SignerInfo_value(sinfos, i);
-            if (CMS_SignerInfo_verify_content(si, cmsbio) <= 0) {
-                CMSerr(CMS_F_CMS_VERIFY, CMS_R_CONTENT_VERIFY_ERROR);
-                goto err;
-            }
-        }
-    }
-
-    ret = 1;
-
- err:
-
-    if (dcont && (tmpin == dcont))
-        do_free_upto(cmsbio, dcont);
-    else
-        BIO_free_all(cmsbio);
-
- err2:
-    if (cms_certs)
-        sk_X509_pop_free(cms_certs, X509_free);
-    if (crls)
-        sk_X509_CRL_pop_free(crls, X509_CRL_free);
-
-    return ret;
-}
-
-int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
-                       STACK_OF(X509) *certs,
-                       X509_STORE *store, unsigned int flags)
-{
-    int r;
-    flags &= ~(CMS_DETACHED | CMS_TEXT);
-    r = CMS_verify(rcms, certs, store, NULL, NULL, flags);
-    if (r <= 0)
-        return r;
-    return cms_Receipt_verify(rcms, ocms);
-}
-
-CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
-                          STACK_OF(X509) *certs, BIO *data,
-                          unsigned int flags)
-{
-    CMS_ContentInfo *cms;
-    int i;
-
-    cms = CMS_ContentInfo_new();
-    if (!cms || !CMS_SignedData_init(cms))
-        goto merr;
-
-    if (pkey && !CMS_add1_signer(cms, signcert, pkey, NULL, flags)) {
-        CMSerr(CMS_F_CMS_SIGN, CMS_R_ADD_SIGNER_ERROR);
-        goto err;
-    }
-
-    for (i = 0; i < sk_X509_num(certs); i++) {
-        X509 *x = sk_X509_value(certs, i);
-        if (!CMS_add1_cert(cms, x))
-            goto merr;
-    }
-
-    if (!(flags & CMS_DETACHED))
-        CMS_set_detached(cms, 0);
-
-    if ((flags & (CMS_STREAM | CMS_PARTIAL))
-        || CMS_final(cms, data, NULL, flags))
-        return cms;
-    else
-        goto err;
-
- merr:
-    CMSerr(CMS_F_CMS_SIGN, ERR_R_MALLOC_FAILURE);
-
- err:
-    if (cms)
-        CMS_ContentInfo_free(cms);
-    return NULL;
-}
-
-CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
-                                  X509 *signcert, EVP_PKEY *pkey,
-                                  STACK_OF(X509) *certs, unsigned int flags)
-{
-    CMS_SignerInfo *rct_si;
-    CMS_ContentInfo *cms = NULL;
-    ASN1_OCTET_STRING **pos, *os;
-    BIO *rct_cont = NULL;
-    int r = 0;
-
-    flags &= ~(CMS_STREAM | CMS_TEXT);
-    /* Not really detached but avoids content being allocated */
-    flags |= CMS_PARTIAL | CMS_BINARY | CMS_DETACHED;
-    if (!pkey || !signcert) {
-        CMSerr(CMS_F_CMS_SIGN_RECEIPT, CMS_R_NO_KEY_OR_CERT);
-        return NULL;
-    }
-
-    /* Initialize signed data */
-
-    cms = CMS_sign(NULL, NULL, certs, NULL, flags);
-    if (!cms)
-        goto err;
-
-    /* Set inner content type to signed receipt */
-    if (!CMS_set1_eContentType(cms, OBJ_nid2obj(NID_id_smime_ct_receipt)))
-        goto err;
-
-    rct_si = CMS_add1_signer(cms, signcert, pkey, NULL, flags);
-    if (!rct_si) {
-        CMSerr(CMS_F_CMS_SIGN_RECEIPT, CMS_R_ADD_SIGNER_ERROR);
-        goto err;
-    }
-
-    os = cms_encode_Receipt(si);
-
-    if (!os)
-        goto err;
-
-    /* Set content to digest */
-    rct_cont = BIO_new_mem_buf(os->data, os->length);
-    if (!rct_cont)
-        goto err;
-
-    /* Add msgSigDigest attribute */
-
-    if (!cms_msgSigDigest_add1(rct_si, si))
-        goto err;
-
-    /* Finalize structure */
-    if (!CMS_final(cms, rct_cont, NULL, flags))
-        goto err;
-
-    /* Set embedded content */
-    pos = CMS_get0_content(cms);
-    *pos = os;
-
-    r = 1;
-
- err:
-    if (rct_cont)
-        BIO_free(rct_cont);
-    if (r)
-        return cms;
-    CMS_ContentInfo_free(cms);
-    return NULL;
-
-}
-
-CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *data,
-                             const EVP_CIPHER *cipher, unsigned int flags)
-{
-    CMS_ContentInfo *cms;
-    int i;
-    X509 *recip;
-    cms = CMS_EnvelopedData_create(cipher);
-    if (!cms)
-        goto merr;
-    for (i = 0; i < sk_X509_num(certs); i++) {
-        recip = sk_X509_value(certs, i);
-        if (!CMS_add1_recipient_cert(cms, recip, flags)) {
-            CMSerr(CMS_F_CMS_ENCRYPT, CMS_R_RECIPIENT_ERROR);
-            goto err;
-        }
-    }
-
-    if (!(flags & CMS_DETACHED))
-        CMS_set_detached(cms, 0);
-
-    if ((flags & (CMS_STREAM | CMS_PARTIAL))
-        || CMS_final(cms, data, NULL, flags))
-        return cms;
-    else
-        goto err;
-
- merr:
-    CMSerr(CMS_F_CMS_ENCRYPT, ERR_R_MALLOC_FAILURE);
- err:
-    if (cms)
-        CMS_ContentInfo_free(cms);
-    return NULL;
-}
-
-static int cms_kari_set1_pkey(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
-                              EVP_PKEY *pk, X509 *cert)
-{
-    int i;
-    STACK_OF(CMS_RecipientEncryptedKey) *reks;
-    CMS_RecipientEncryptedKey *rek;
-    reks = CMS_RecipientInfo_kari_get0_reks(ri);
-    if (!cert)
-        return 0;
-    for (i = 0; i < sk_CMS_RecipientEncryptedKey_num(reks); i++) {
-        int rv;
-        rek = sk_CMS_RecipientEncryptedKey_value(reks, i);
-        if (CMS_RecipientEncryptedKey_cert_cmp(rek, cert))
-            continue;
-        CMS_RecipientInfo_kari_set0_pkey(ri, pk);
-        rv = CMS_RecipientInfo_kari_decrypt(cms, ri, rek);
-        CMS_RecipientInfo_kari_set0_pkey(ri, NULL);
-        if (rv > 0)
-            return 1;
-        return -1;
-    }
-    return 0;
-}
-
-int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
-{
-    STACK_OF(CMS_RecipientInfo) *ris;
-    CMS_RecipientInfo *ri;
-    int i, r, ri_type;
-    int debug = 0, match_ri = 0;
-    ris = CMS_get0_RecipientInfos(cms);
-    if (ris)
-        debug = cms->d.envelopedData->encryptedContentInfo->debug;
-    ri_type = cms_pkey_get_ri_type(pk);
-    if (ri_type == CMS_RECIPINFO_NONE) {
-        CMSerr(CMS_F_CMS_DECRYPT_SET1_PKEY,
-               CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
-        return 0;
-    }
-
-    for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) {
-        ri = sk_CMS_RecipientInfo_value(ris, i);
-        if (CMS_RecipientInfo_type(ri) != ri_type)
-            continue;
-        match_ri = 1;
-        if (ri_type == CMS_RECIPINFO_AGREE) {
-            r = cms_kari_set1_pkey(cms, ri, pk, cert);
-            if (r > 0)
-                return 1;
-            if (r < 0)
-                return 0;
-        }
-        /*
-         * If we have a cert try matching RecipientInfo otherwise try them
-         * all.
-         */
-        else if (!cert || !CMS_RecipientInfo_ktri_cert_cmp(ri, cert)) {
-            CMS_RecipientInfo_set0_pkey(ri, pk);
-            r = CMS_RecipientInfo_decrypt(cms, ri);
-            CMS_RecipientInfo_set0_pkey(ri, NULL);
-            if (cert) {
-                /*
-                 * If not debugging clear any error and return success to
-                 * avoid leaking of information useful to MMA
-                 */
-                if (!debug) {
-                    ERR_clear_error();
-                    return 1;
-                }
-                if (r > 0)
-                    return 1;
-                CMSerr(CMS_F_CMS_DECRYPT_SET1_PKEY, CMS_R_DECRYPT_ERROR);
-                return 0;
-            }
-            /*
-             * If no cert and not debugging don't leave loop after first
-             * successful decrypt. Always attempt to decrypt all recipients
-             * to avoid leaking timing of a successful decrypt.
-             */
-            else if (r > 0 && debug)
-                return 1;
-        }
-    }
-    /* If no cert and not debugging always return success */
-    if (match_ri && !cert && !debug) {
-        ERR_clear_error();
-        return 1;
-    }
-
-    CMSerr(CMS_F_CMS_DECRYPT_SET1_PKEY, CMS_R_NO_MATCHING_RECIPIENT);
-    return 0;
-
-}
-
-int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
-                         unsigned char *key, size_t keylen,
-                         unsigned char *id, size_t idlen)
-{
-    STACK_OF(CMS_RecipientInfo) *ris;
-    CMS_RecipientInfo *ri;
-    int i, r;
-    ris = CMS_get0_RecipientInfos(cms);
-    for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) {
-        ri = sk_CMS_RecipientInfo_value(ris, i);
-        if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_KEK)
-            continue;
-
-        /*
-         * If we have an id try matching RecipientInfo otherwise try them
-         * all.
-         */
-        if (!id || (CMS_RecipientInfo_kekri_id_cmp(ri, id, idlen) == 0)) {
-            CMS_RecipientInfo_set0_key(ri, key, keylen);
-            r = CMS_RecipientInfo_decrypt(cms, ri);
-            CMS_RecipientInfo_set0_key(ri, NULL, 0);
-            if (r > 0)
-                return 1;
-            if (id) {
-                CMSerr(CMS_F_CMS_DECRYPT_SET1_KEY, CMS_R_DECRYPT_ERROR);
-                return 0;
-            }
-            ERR_clear_error();
-        }
-    }
-
-    CMSerr(CMS_F_CMS_DECRYPT_SET1_KEY, CMS_R_NO_MATCHING_RECIPIENT);
-    return 0;
-
-}
-
-int CMS_decrypt_set1_password(CMS_ContentInfo *cms,
-                              unsigned char *pass, ossl_ssize_t passlen)
-{
-    STACK_OF(CMS_RecipientInfo) *ris;
-    CMS_RecipientInfo *ri;
-    int i, r;
-    ris = CMS_get0_RecipientInfos(cms);
-    for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) {
-        ri = sk_CMS_RecipientInfo_value(ris, i);
-        if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_PASS)
-            continue;
-        CMS_RecipientInfo_set0_password(ri, pass, passlen);
-        r = CMS_RecipientInfo_decrypt(cms, ri);
-        CMS_RecipientInfo_set0_password(ri, NULL, 0);
-        if (r > 0)
-            return 1;
-    }
-
-    CMSerr(CMS_F_CMS_DECRYPT_SET1_PASSWORD, CMS_R_NO_MATCHING_RECIPIENT);
-    return 0;
-
-}
-
-int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert,
-                BIO *dcont, BIO *out, unsigned int flags)
-{
-    int r;
-    BIO *cont;
-    if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_enveloped) {
-        CMSerr(CMS_F_CMS_DECRYPT, CMS_R_TYPE_NOT_ENVELOPED_DATA);
-        return 0;
-    }
-    if (!dcont && !check_content(cms))
-        return 0;
-    if (flags & CMS_DEBUG_DECRYPT)
-        cms->d.envelopedData->encryptedContentInfo->debug = 1;
-    else
-        cms->d.envelopedData->encryptedContentInfo->debug = 0;
-    if (!pk && !cert && !dcont && !out)
-        return 1;
-    if (pk && !CMS_decrypt_set1_pkey(cms, pk, cert))
-        return 0;
-    cont = CMS_dataInit(cms, dcont);
-    if (!cont)
-        return 0;
-    r = cms_copy_content(out, cont, flags);
-    do_free_upto(cont, dcont);
-    return r;
-}
-
-int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags)
-{
-    BIO *cmsbio;
-    int ret = 0;
-    if (!(cmsbio = CMS_dataInit(cms, dcont))) {
-        CMSerr(CMS_F_CMS_FINAL, CMS_R_CMS_LIB);
-        return 0;
-    }
-
-    SMIME_crlf_copy(data, cmsbio, flags);
-
-    (void)BIO_flush(cmsbio);
-
-    if (!CMS_dataFinal(cms, cmsbio)) {
-        CMSerr(CMS_F_CMS_FINAL, CMS_R_CMS_DATAFINAL_ERROR);
-        goto err;
-    }
-
-    ret = 1;
-
- err:
-    do_free_upto(cmsbio, dcont);
-
-    return ret;
-
-}
-
-#ifdef ZLIB
-
-int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
-                   unsigned int flags)
-{
-    BIO *cont;
-    int r;
-    if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_id_smime_ct_compressedData) {
-        CMSerr(CMS_F_CMS_UNCOMPRESS, CMS_R_TYPE_NOT_COMPRESSED_DATA);
-        return 0;
-    }
-
-    if (!dcont && !check_content(cms))
-        return 0;
-
-    cont = CMS_dataInit(cms, dcont);
-    if (!cont)
-        return 0;
-    r = cms_copy_content(out, cont, flags);
-    do_free_upto(cont, dcont);
-    return r;
-}
-
-CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags)
-{
-    CMS_ContentInfo *cms;
-    if (comp_nid <= 0)
-        comp_nid = NID_zlib_compression;
-    cms = cms_CompressedData_create(comp_nid);
-    if (!cms)
-        return NULL;
-
-    if (!(flags & CMS_DETACHED))
-        CMS_set_detached(cms, 0);
-
-    if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags))
-        return cms;
-
-    CMS_ContentInfo_free(cms);
-    return NULL;
-}
-
-#else
-
-int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
-                   unsigned int flags)
-{
-    CMSerr(CMS_F_CMS_UNCOMPRESS, CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
-    return 0;
-}
-
-CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags)
-{
-    CMSerr(CMS_F_CMS_COMPRESS, CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
-    return NULL;
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/comp/c_rle.c b/thirdparty/openssl/crypto/comp/c_rle.c
deleted file mode 100644
index 41919613ee..0000000000
--- a/thirdparty/openssl/crypto/comp/c_rle.c
+++ /dev/null
@@ -1,63 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/objects.h>
-#include <openssl/comp.h>
-
-static int rle_compress_block(COMP_CTX *ctx, unsigned char *out,
-                              unsigned int olen, unsigned char *in,
-                              unsigned int ilen);
-static int rle_expand_block(COMP_CTX *ctx, unsigned char *out,
-                            unsigned int olen, unsigned char *in,
-                            unsigned int ilen);
-
-static COMP_METHOD rle_method = {
-    NID_rle_compression,
-    LN_rle_compression,
-    NULL,
-    NULL,
-    rle_compress_block,
-    rle_expand_block,
-    NULL,
-    NULL,
-};
-
-COMP_METHOD *COMP_rle(void)
-{
-    return (&rle_method);
-}
-
-static int rle_compress_block(COMP_CTX *ctx, unsigned char *out,
-                              unsigned int olen, unsigned char *in,
-                              unsigned int ilen)
-{
-    if (ilen == 0)
-        return 0;
-
-    if (olen <= ilen)
-        return -1;
-
-    *(out++) = 0;
-    memcpy(out, in, ilen);
-    return (ilen + 1);
-}
-
-static int rle_expand_block(COMP_CTX *ctx, unsigned char *out,
-                            unsigned int olen, unsigned char *in,
-                            unsigned int ilen)
-{
-    int i;
-
-    if (ilen == 0)
-        return 0;
-
-    if (olen < (ilen - 1))
-        return -1;
-
-    i = *(in++);
-    if (i != 0)
-        return -1;
-
-    memcpy(out, in, ilen - 1);
-    return (ilen - 1);
-}
diff --git a/thirdparty/openssl/crypto/comp/c_zlib.c b/thirdparty/openssl/crypto/comp/c_zlib.c
deleted file mode 100644
index 9c32614d3c..0000000000
--- a/thirdparty/openssl/crypto/comp/c_zlib.c
+++ /dev/null
@@ -1,763 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/objects.h>
-#include <openssl/comp.h>
-#include <openssl/err.h>
-
-COMP_METHOD *COMP_zlib(void);
-
-static COMP_METHOD zlib_method_nozlib = {
-    NID_undef,
-    "(undef)",
-    NULL,
-    NULL,
-    NULL,
-    NULL,
-    NULL,
-    NULL,
-};
-
-#ifndef ZLIB
-# undef ZLIB_SHARED
-#else
-
-# include <zlib.h>
-
-static int zlib_stateful_init(COMP_CTX *ctx);
-static void zlib_stateful_finish(COMP_CTX *ctx);
-static int zlib_stateful_compress_block(COMP_CTX *ctx, unsigned char *out,
-                                        unsigned int olen, unsigned char *in,
-                                        unsigned int ilen);
-static int zlib_stateful_expand_block(COMP_CTX *ctx, unsigned char *out,
-                                      unsigned int olen, unsigned char *in,
-                                      unsigned int ilen);
-
-/* memory allocations functions for zlib intialization */
-static void *zlib_zalloc(void *opaque, unsigned int no, unsigned int size)
-{
-    void *p;
-
-    p = OPENSSL_malloc(no * size);
-    if (p)
-        memset(p, 0, no * size);
-    return p;
-}
-
-static void zlib_zfree(void *opaque, void *address)
-{
-    OPENSSL_free(address);
-}
-
-# if 0
-static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out,
-                               unsigned int olen, unsigned char *in,
-                               unsigned int ilen);
-static int zlib_expand_block(COMP_CTX *ctx, unsigned char *out,
-                             unsigned int olen, unsigned char *in,
-                             unsigned int ilen);
-
-static int zz_uncompress(Bytef *dest, uLongf * destLen, const Bytef *source,
-                         uLong sourceLen);
-
-static COMP_METHOD zlib_stateless_method = {
-    NID_zlib_compression,
-    LN_zlib_compression,
-    NULL,
-    NULL,
-    zlib_compress_block,
-    zlib_expand_block,
-    NULL,
-    NULL,
-};
-# endif
-
-static COMP_METHOD zlib_stateful_method = {
-    NID_zlib_compression,
-    LN_zlib_compression,
-    zlib_stateful_init,
-    zlib_stateful_finish,
-    zlib_stateful_compress_block,
-    zlib_stateful_expand_block,
-    NULL,
-    NULL,
-};
-
-/*
- * When OpenSSL is built on Windows, we do not want to require that
- * the ZLIB.DLL be available in order for the OpenSSL DLLs to
- * work.  Therefore, all ZLIB routines are loaded at run time
- * and we do not link to a .LIB file when ZLIB_SHARED is set.
- */
-# if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
-#  include <windows.h>
-# endif                         /* !(OPENSSL_SYS_WINDOWS ||
-                                 * OPENSSL_SYS_WIN32) */
-
-# ifdef ZLIB_SHARED
-#  include <openssl/dso.h>
-
-/* Function pointers */
-typedef int (*compress_ft) (Bytef *dest, uLongf * destLen,
-                            const Bytef *source, uLong sourceLen);
-typedef int (*inflateEnd_ft) (z_streamp strm);
-typedef int (*inflate_ft) (z_streamp strm, int flush);
-typedef int (*inflateInit__ft) (z_streamp strm,
-                                const char *version, int stream_size);
-typedef int (*deflateEnd_ft) (z_streamp strm);
-typedef int (*deflate_ft) (z_streamp strm, int flush);
-typedef int (*deflateInit__ft) (z_streamp strm, int level,
-                                const char *version, int stream_size);
-typedef const char *(*zError__ft) (int err);
-static compress_ft p_compress = NULL;
-static inflateEnd_ft p_inflateEnd = NULL;
-static inflate_ft p_inflate = NULL;
-static inflateInit__ft p_inflateInit_ = NULL;
-static deflateEnd_ft p_deflateEnd = NULL;
-static deflate_ft p_deflate = NULL;
-static deflateInit__ft p_deflateInit_ = NULL;
-static zError__ft p_zError = NULL;
-
-static int zlib_loaded = 0;     /* only attempt to init func pts once */
-static DSO *zlib_dso = NULL;
-
-#  define compress                p_compress
-#  define inflateEnd              p_inflateEnd
-#  define inflate                 p_inflate
-#  define inflateInit_            p_inflateInit_
-#  define deflateEnd              p_deflateEnd
-#  define deflate                 p_deflate
-#  define deflateInit_            p_deflateInit_
-#  define zError                  p_zError
-# endif                         /* ZLIB_SHARED */
-
-struct zlib_state {
-    z_stream istream;
-    z_stream ostream;
-};
-
-static int zlib_stateful_ex_idx = -1;
-
-static int zlib_stateful_init(COMP_CTX *ctx)
-{
-    int err;
-    struct zlib_state *state =
-        (struct zlib_state *)OPENSSL_malloc(sizeof(struct zlib_state));
-
-    if (state == NULL)
-        goto err;
-
-    state->istream.zalloc = zlib_zalloc;
-    state->istream.zfree = zlib_zfree;
-    state->istream.opaque = Z_NULL;
-    state->istream.next_in = Z_NULL;
-    state->istream.next_out = Z_NULL;
-    state->istream.avail_in = 0;
-    state->istream.avail_out = 0;
-    err = inflateInit_(&state->istream, ZLIB_VERSION, sizeof(z_stream));
-    if (err != Z_OK)
-        goto err;
-
-    state->ostream.zalloc = zlib_zalloc;
-    state->ostream.zfree = zlib_zfree;
-    state->ostream.opaque = Z_NULL;
-    state->ostream.next_in = Z_NULL;
-    state->ostream.next_out = Z_NULL;
-    state->ostream.avail_in = 0;
-    state->ostream.avail_out = 0;
-    err = deflateInit_(&state->ostream, Z_DEFAULT_COMPRESSION,
-                       ZLIB_VERSION, sizeof(z_stream));
-    if (err != Z_OK)
-        goto err;
-
-    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_COMP, ctx, &ctx->ex_data);
-    CRYPTO_set_ex_data(&ctx->ex_data, zlib_stateful_ex_idx, state);
-    return 1;
- err:
-    if (state)
-        OPENSSL_free(state);
-    return 0;
-}
-
-static void zlib_stateful_finish(COMP_CTX *ctx)
-{
-    struct zlib_state *state =
-        (struct zlib_state *)CRYPTO_get_ex_data(&ctx->ex_data,
-                                                zlib_stateful_ex_idx);
-    inflateEnd(&state->istream);
-    deflateEnd(&state->ostream);
-    OPENSSL_free(state);
-    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_COMP, ctx, &ctx->ex_data);
-}
-
-static int zlib_stateful_compress_block(COMP_CTX *ctx, unsigned char *out,
-                                        unsigned int olen, unsigned char *in,
-                                        unsigned int ilen)
-{
-    int err = Z_OK;
-    struct zlib_state *state =
-        (struct zlib_state *)CRYPTO_get_ex_data(&ctx->ex_data,
-                                                zlib_stateful_ex_idx);
-
-    if (state == NULL)
-        return -1;
-
-    state->ostream.next_in = in;
-    state->ostream.avail_in = ilen;
-    state->ostream.next_out = out;
-    state->ostream.avail_out = olen;
-    if (ilen > 0)
-        err = deflate(&state->ostream, Z_SYNC_FLUSH);
-    if (err != Z_OK)
-        return -1;
-# ifdef DEBUG_ZLIB
-    fprintf(stderr, "compress(%4d)->%4d %s\n",
-            ilen, olen - state->ostream.avail_out,
-            (ilen != olen - state->ostream.avail_out) ? "zlib" : "clear");
-# endif
-    return olen - state->ostream.avail_out;
-}
-
-static int zlib_stateful_expand_block(COMP_CTX *ctx, unsigned char *out,
-                                      unsigned int olen, unsigned char *in,
-                                      unsigned int ilen)
-{
-    int err = Z_OK;
-
-    struct zlib_state *state =
-        (struct zlib_state *)CRYPTO_get_ex_data(&ctx->ex_data,
-                                                zlib_stateful_ex_idx);
-
-    if (state == NULL)
-        return 0;
-
-    state->istream.next_in = in;
-    state->istream.avail_in = ilen;
-    state->istream.next_out = out;
-    state->istream.avail_out = olen;
-    if (ilen > 0)
-        err = inflate(&state->istream, Z_SYNC_FLUSH);
-    if (err != Z_OK)
-        return -1;
-# ifdef DEBUG_ZLIB
-    fprintf(stderr, "expand(%4d)->%4d %s\n",
-            ilen, olen - state->istream.avail_out,
-            (ilen != olen - state->istream.avail_out) ? "zlib" : "clear");
-# endif
-    return olen - state->istream.avail_out;
-}
-
-# if 0
-static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out,
-                               unsigned int olen, unsigned char *in,
-                               unsigned int ilen)
-{
-    unsigned long l;
-    int i;
-    int clear = 1;
-
-    if (ilen > 128) {
-        out[0] = 1;
-        l = olen - 1;
-        i = compress(&(out[1]), &l, in, (unsigned long)ilen);
-        if (i != Z_OK)
-            return (-1);
-        if (ilen > l) {
-            clear = 0;
-            l++;
-        }
-    }
-    if (clear) {
-        out[0] = 0;
-        memcpy(&(out[1]), in, ilen);
-        l = ilen + 1;
-    }
-#  ifdef DEBUG_ZLIB
-    fprintf(stderr, "compress(%4d)->%4d %s\n",
-            ilen, (int)l, (clear) ? "clear" : "zlib");
-#  endif
-    return ((int)l);
-}
-
-static int zlib_expand_block(COMP_CTX *ctx, unsigned char *out,
-                             unsigned int olen, unsigned char *in,
-                             unsigned int ilen)
-{
-    unsigned long l;
-    int i;
-
-    if (in[0]) {
-        l = olen;
-        i = zz_uncompress(out, &l, &(in[1]), (unsigned long)ilen - 1);
-        if (i != Z_OK)
-            return (-1);
-    } else {
-        memcpy(out, &(in[1]), ilen - 1);
-        l = ilen - 1;
-    }
-#  ifdef DEBUG_ZLIB
-    fprintf(stderr, "expand  (%4d)->%4d %s\n",
-            ilen, (int)l, in[0] ? "zlib" : "clear");
-#  endif
-    return ((int)l);
-}
-
-static int zz_uncompress(Bytef *dest, uLongf * destLen, const Bytef *source,
-                         uLong sourceLen)
-{
-    z_stream stream;
-    int err;
-
-    stream.next_in = (Bytef *)source;
-    stream.avail_in = (uInt) sourceLen;
-    /* Check for source > 64K on 16-bit machine: */
-    if ((uLong) stream.avail_in != sourceLen)
-        return Z_BUF_ERROR;
-
-    stream.next_out = dest;
-    stream.avail_out = (uInt) * destLen;
-    if ((uLong) stream.avail_out != *destLen)
-        return Z_BUF_ERROR;
-
-    stream.zalloc = (alloc_func) 0;
-    stream.zfree = (free_func) 0;
-
-    err = inflateInit_(&stream, ZLIB_VERSION, sizeof(z_stream));
-    if (err != Z_OK)
-        return err;
-
-    err = inflate(&stream, Z_FINISH);
-    if (err != Z_STREAM_END) {
-        inflateEnd(&stream);
-        return err;
-    }
-    *destLen = stream.total_out;
-
-    err = inflateEnd(&stream);
-    return err;
-}
-# endif
-
-#endif
-
-COMP_METHOD *COMP_zlib(void)
-{
-    COMP_METHOD *meth = &zlib_method_nozlib;
-
-#ifdef ZLIB_SHARED
-    if (!zlib_loaded) {
-# if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
-        zlib_dso = DSO_load(NULL, "ZLIB1", NULL, 0);
-# else
-        zlib_dso = DSO_load(NULL, "z", NULL, 0);
-# endif
-        if (zlib_dso != NULL) {
-            p_compress = (compress_ft) DSO_bind_func(zlib_dso, "compress");
-            p_inflateEnd
-                = (inflateEnd_ft) DSO_bind_func(zlib_dso, "inflateEnd");
-            p_inflate = (inflate_ft) DSO_bind_func(zlib_dso, "inflate");
-            p_inflateInit_
-                = (inflateInit__ft) DSO_bind_func(zlib_dso, "inflateInit_");
-            p_deflateEnd
-                = (deflateEnd_ft) DSO_bind_func(zlib_dso, "deflateEnd");
-            p_deflate = (deflate_ft) DSO_bind_func(zlib_dso, "deflate");
-            p_deflateInit_
-                = (deflateInit__ft) DSO_bind_func(zlib_dso, "deflateInit_");
-            p_zError = (zError__ft) DSO_bind_func(zlib_dso, "zError");
-
-            if (p_compress && p_inflateEnd && p_inflate
-                && p_inflateInit_ && p_deflateEnd
-                && p_deflate && p_deflateInit_ && p_zError)
-                zlib_loaded++;
-        }
-    }
-#endif
-#ifdef ZLIB_SHARED
-    if (zlib_loaded)
-#endif
-#if defined(ZLIB) || defined(ZLIB_SHARED)
-    {
-        /*
-         * init zlib_stateful_ex_idx here so that in a multi-process
-         * application it's enough to intialize openssl before forking (idx
-         * will be inherited in all the children)
-         */
-        if (zlib_stateful_ex_idx == -1) {
-            CRYPTO_w_lock(CRYPTO_LOCK_COMP);
-            if (zlib_stateful_ex_idx == -1)
-                zlib_stateful_ex_idx =
-                    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_COMP,
-                                            0, NULL, NULL, NULL, NULL);
-            CRYPTO_w_unlock(CRYPTO_LOCK_COMP);
-            if (zlib_stateful_ex_idx == -1)
-                goto err;
-        }
-
-        meth = &zlib_stateful_method;
-    }
- err:
-#endif
-
-    return (meth);
-}
-
-void COMP_zlib_cleanup(void)
-{
-#ifdef ZLIB_SHARED
-    if (zlib_dso != NULL)
-        DSO_free(zlib_dso);
-    zlib_dso = NULL;
-#endif
-}
-
-#ifdef ZLIB
-
-/* Zlib based compression/decompression filter BIO */
-
-typedef struct {
-    unsigned char *ibuf;        /* Input buffer */
-    int ibufsize;               /* Buffer size */
-    z_stream zin;               /* Input decompress context */
-    unsigned char *obuf;        /* Output buffer */
-    int obufsize;               /* Output buffer size */
-    unsigned char *optr;        /* Position in output buffer */
-    int ocount;                 /* Amount of data in output buffer */
-    int odone;                  /* deflate EOF */
-    int comp_level;             /* Compression level to use */
-    z_stream zout;              /* Output compression context */
-} BIO_ZLIB_CTX;
-
-# define ZLIB_DEFAULT_BUFSIZE 1024
-
-static int bio_zlib_new(BIO *bi);
-static int bio_zlib_free(BIO *bi);
-static int bio_zlib_read(BIO *b, char *out, int outl);
-static int bio_zlib_write(BIO *b, const char *in, int inl);
-static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr);
-static long bio_zlib_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp);
-
-static BIO_METHOD bio_meth_zlib = {
-    BIO_TYPE_COMP,
-    "zlib",
-    bio_zlib_write,
-    bio_zlib_read,
-    NULL,
-    NULL,
-    bio_zlib_ctrl,
-    bio_zlib_new,
-    bio_zlib_free,
-    bio_zlib_callback_ctrl
-};
-
-BIO_METHOD *BIO_f_zlib(void)
-{
-    return &bio_meth_zlib;
-}
-
-static int bio_zlib_new(BIO *bi)
-{
-    BIO_ZLIB_CTX *ctx;
-# ifdef ZLIB_SHARED
-    (void)COMP_zlib();
-    if (!zlib_loaded) {
-        COMPerr(COMP_F_BIO_ZLIB_NEW, COMP_R_ZLIB_NOT_SUPPORTED);
-        return 0;
-    }
-# endif
-    ctx = OPENSSL_malloc(sizeof(BIO_ZLIB_CTX));
-    if (!ctx) {
-        COMPerr(COMP_F_BIO_ZLIB_NEW, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    ctx->ibuf = NULL;
-    ctx->obuf = NULL;
-    ctx->ibufsize = ZLIB_DEFAULT_BUFSIZE;
-    ctx->obufsize = ZLIB_DEFAULT_BUFSIZE;
-    ctx->zin.zalloc = Z_NULL;
-    ctx->zin.zfree = Z_NULL;
-    ctx->zin.next_in = NULL;
-    ctx->zin.avail_in = 0;
-    ctx->zin.next_out = NULL;
-    ctx->zin.avail_out = 0;
-    ctx->zout.zalloc = Z_NULL;
-    ctx->zout.zfree = Z_NULL;
-    ctx->zout.next_in = NULL;
-    ctx->zout.avail_in = 0;
-    ctx->zout.next_out = NULL;
-    ctx->zout.avail_out = 0;
-    ctx->odone = 0;
-    ctx->comp_level = Z_DEFAULT_COMPRESSION;
-    bi->init = 1;
-    bi->ptr = (char *)ctx;
-    bi->flags = 0;
-    return 1;
-}
-
-static int bio_zlib_free(BIO *bi)
-{
-    BIO_ZLIB_CTX *ctx;
-    if (!bi)
-        return 0;
-    ctx = (BIO_ZLIB_CTX *) bi->ptr;
-    if (ctx->ibuf) {
-        /* Destroy decompress context */
-        inflateEnd(&ctx->zin);
-        OPENSSL_free(ctx->ibuf);
-    }
-    if (ctx->obuf) {
-        /* Destroy compress context */
-        deflateEnd(&ctx->zout);
-        OPENSSL_free(ctx->obuf);
-    }
-    OPENSSL_free(ctx);
-    bi->ptr = NULL;
-    bi->init = 0;
-    bi->flags = 0;
-    return 1;
-}
-
-static int bio_zlib_read(BIO *b, char *out, int outl)
-{
-    BIO_ZLIB_CTX *ctx;
-    int ret;
-    z_stream *zin;
-    if (!out || !outl)
-        return 0;
-    ctx = (BIO_ZLIB_CTX *) b->ptr;
-    zin = &ctx->zin;
-    BIO_clear_retry_flags(b);
-    if (!ctx->ibuf) {
-        ctx->ibuf = OPENSSL_malloc(ctx->ibufsize);
-        if (!ctx->ibuf) {
-            COMPerr(COMP_F_BIO_ZLIB_READ, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-        inflateInit(zin);
-        zin->next_in = ctx->ibuf;
-        zin->avail_in = 0;
-    }
-
-    /* Copy output data directly to supplied buffer */
-    zin->next_out = (unsigned char *)out;
-    zin->avail_out = (unsigned int)outl;
-    for (;;) {
-        /* Decompress while data available */
-        while (zin->avail_in) {
-            ret = inflate(zin, 0);
-            if ((ret != Z_OK) && (ret != Z_STREAM_END)) {
-                COMPerr(COMP_F_BIO_ZLIB_READ, COMP_R_ZLIB_INFLATE_ERROR);
-                ERR_add_error_data(2, "zlib error:", zError(ret));
-                return 0;
-            }
-            /* If EOF or we've read everything then return */
-            if ((ret == Z_STREAM_END) || !zin->avail_out)
-                return outl - zin->avail_out;
-        }
-
-        /*
-         * No data in input buffer try to read some in, if an error then
-         * return the total data read.
-         */
-        ret = BIO_read(b->next_bio, ctx->ibuf, ctx->ibufsize);
-        if (ret <= 0) {
-            /* Total data read */
-            int tot = outl - zin->avail_out;
-            BIO_copy_next_retry(b);
-            if (ret < 0)
-                return (tot > 0) ? tot : ret;
-            return tot;
-        }
-        zin->avail_in = ret;
-        zin->next_in = ctx->ibuf;
-    }
-}
-
-static int bio_zlib_write(BIO *b, const char *in, int inl)
-{
-    BIO_ZLIB_CTX *ctx;
-    int ret;
-    z_stream *zout;
-    if (!in || !inl)
-        return 0;
-    ctx = (BIO_ZLIB_CTX *) b->ptr;
-    if (ctx->odone)
-        return 0;
-    zout = &ctx->zout;
-    BIO_clear_retry_flags(b);
-    if (!ctx->obuf) {
-        ctx->obuf = OPENSSL_malloc(ctx->obufsize);
-        /* Need error here */
-        if (!ctx->obuf) {
-            COMPerr(COMP_F_BIO_ZLIB_WRITE, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-        ctx->optr = ctx->obuf;
-        ctx->ocount = 0;
-        deflateInit(zout, ctx->comp_level);
-        zout->next_out = ctx->obuf;
-        zout->avail_out = ctx->obufsize;
-    }
-    /* Obtain input data directly from supplied buffer */
-    zout->next_in = (void *)in;
-    zout->avail_in = inl;
-    for (;;) {
-        /* If data in output buffer write it first */
-        while (ctx->ocount) {
-            ret = BIO_write(b->next_bio, ctx->optr, ctx->ocount);
-            if (ret <= 0) {
-                /* Total data written */
-                int tot = inl - zout->avail_in;
-                BIO_copy_next_retry(b);
-                if (ret < 0)
-                    return (tot > 0) ? tot : ret;
-                return tot;
-            }
-            ctx->optr += ret;
-            ctx->ocount -= ret;
-        }
-
-        /* Have we consumed all supplied data? */
-        if (!zout->avail_in)
-            return inl;
-
-        /* Compress some more */
-
-        /* Reset buffer */
-        ctx->optr = ctx->obuf;
-        zout->next_out = ctx->obuf;
-        zout->avail_out = ctx->obufsize;
-        /* Compress some more */
-        ret = deflate(zout, 0);
-        if (ret != Z_OK) {
-            COMPerr(COMP_F_BIO_ZLIB_WRITE, COMP_R_ZLIB_DEFLATE_ERROR);
-            ERR_add_error_data(2, "zlib error:", zError(ret));
-            return 0;
-        }
-        ctx->ocount = ctx->obufsize - zout->avail_out;
-    }
-}
-
-static int bio_zlib_flush(BIO *b)
-{
-    BIO_ZLIB_CTX *ctx;
-    int ret;
-    z_stream *zout;
-    ctx = (BIO_ZLIB_CTX *) b->ptr;
-    /* If no data written or already flush show success */
-    if (!ctx->obuf || (ctx->odone && !ctx->ocount))
-        return 1;
-    zout = &ctx->zout;
-    BIO_clear_retry_flags(b);
-    /* No more input data */
-    zout->next_in = NULL;
-    zout->avail_in = 0;
-    for (;;) {
-        /* If data in output buffer write it first */
-        while (ctx->ocount) {
-            ret = BIO_write(b->next_bio, ctx->optr, ctx->ocount);
-            if (ret <= 0) {
-                BIO_copy_next_retry(b);
-                return ret;
-            }
-            ctx->optr += ret;
-            ctx->ocount -= ret;
-        }
-        if (ctx->odone)
-            return 1;
-
-        /* Compress some more */
-
-        /* Reset buffer */
-        ctx->optr = ctx->obuf;
-        zout->next_out = ctx->obuf;
-        zout->avail_out = ctx->obufsize;
-        /* Compress some more */
-        ret = deflate(zout, Z_FINISH);
-        if (ret == Z_STREAM_END)
-            ctx->odone = 1;
-        else if (ret != Z_OK) {
-            COMPerr(COMP_F_BIO_ZLIB_FLUSH, COMP_R_ZLIB_DEFLATE_ERROR);
-            ERR_add_error_data(2, "zlib error:", zError(ret));
-            return 0;
-        }
-        ctx->ocount = ctx->obufsize - zout->avail_out;
-    }
-}
-
-static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-    BIO_ZLIB_CTX *ctx;
-    int ret, *ip;
-    int ibs, obs;
-    if (!b->next_bio)
-        return 0;
-    ctx = (BIO_ZLIB_CTX *) b->ptr;
-    switch (cmd) {
-
-    case BIO_CTRL_RESET:
-        ctx->ocount = 0;
-        ctx->odone = 0;
-        ret = 1;
-        break;
-
-    case BIO_CTRL_FLUSH:
-        ret = bio_zlib_flush(b);
-        if (ret > 0)
-            ret = BIO_flush(b->next_bio);
-        break;
-
-    case BIO_C_SET_BUFF_SIZE:
-        ibs = -1;
-        obs = -1;
-        if (ptr != NULL) {
-            ip = ptr;
-            if (*ip == 0)
-                ibs = (int)num;
-            else
-                obs = (int)num;
-        } else {
-            ibs = (int)num;
-            obs = ibs;
-        }
-
-        if (ibs != -1) {
-            if (ctx->ibuf) {
-                OPENSSL_free(ctx->ibuf);
-                ctx->ibuf = NULL;
-            }
-            ctx->ibufsize = ibs;
-        }
-
-        if (obs != -1) {
-            if (ctx->obuf) {
-                OPENSSL_free(ctx->obuf);
-                ctx->obuf = NULL;
-            }
-            ctx->obufsize = obs;
-        }
-        ret = 1;
-        break;
-
-    case BIO_C_DO_STATE_MACHINE:
-        BIO_clear_retry_flags(b);
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        BIO_copy_next_retry(b);
-        break;
-
-    default:
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-
-    }
-
-    return ret;
-}
-
-static long bio_zlib_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
-    if (!b->next_bio)
-        return 0;
-    return BIO_callback_ctrl(b->next_bio, cmd, fp);
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/comp/comp_err.c b/thirdparty/openssl/crypto/comp/comp_err.c
deleted file mode 100644
index 8ca159b60e..0000000000
--- a/thirdparty/openssl/crypto/comp/comp_err.c
+++ /dev/null
@@ -1,98 +0,0 @@
-/* crypto/comp/comp_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/comp.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_COMP,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_COMP,0,reason)
-
-static ERR_STRING_DATA COMP_str_functs[] = {
-    {ERR_FUNC(COMP_F_BIO_ZLIB_FLUSH), "BIO_ZLIB_FLUSH"},
-    {ERR_FUNC(COMP_F_BIO_ZLIB_NEW), "BIO_ZLIB_NEW"},
-    {ERR_FUNC(COMP_F_BIO_ZLIB_READ), "BIO_ZLIB_READ"},
-    {ERR_FUNC(COMP_F_BIO_ZLIB_WRITE), "BIO_ZLIB_WRITE"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA COMP_str_reasons[] = {
-    {ERR_REASON(COMP_R_ZLIB_DEFLATE_ERROR), "zlib deflate error"},
-    {ERR_REASON(COMP_R_ZLIB_INFLATE_ERROR), "zlib inflate error"},
-    {ERR_REASON(COMP_R_ZLIB_NOT_SUPPORTED), "zlib not supported"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_COMP_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(COMP_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, COMP_str_functs);
-        ERR_load_strings(0, COMP_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/comp/comp_lib.c b/thirdparty/openssl/crypto/comp/comp_lib.c
deleted file mode 100644
index bd4eb7a1ab..0000000000
--- a/thirdparty/openssl/crypto/comp/comp_lib.c
+++ /dev/null
@@ -1,66 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/objects.h>
-#include <openssl/comp.h>
-
-COMP_CTX *COMP_CTX_new(COMP_METHOD *meth)
-{
-    COMP_CTX *ret;
-
-    if ((ret = (COMP_CTX *)OPENSSL_malloc(sizeof(COMP_CTX))) == NULL) {
-        /* ZZZZZZZZZZZZZZZZ */
-        return (NULL);
-    }
-    memset(ret, 0, sizeof(COMP_CTX));
-    ret->meth = meth;
-    if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
-        OPENSSL_free(ret);
-        ret = NULL;
-    }
-    return (ret);
-}
-
-void COMP_CTX_free(COMP_CTX *ctx)
-{
-    if (ctx == NULL)
-        return;
-
-    if (ctx->meth->finish != NULL)
-        ctx->meth->finish(ctx);
-
-    OPENSSL_free(ctx);
-}
-
-int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
-                        unsigned char *in, int ilen)
-{
-    int ret;
-    if (ctx->meth->compress == NULL) {
-        /* ZZZZZZZZZZZZZZZZZ */
-        return (-1);
-    }
-    ret = ctx->meth->compress(ctx, out, olen, in, ilen);
-    if (ret > 0) {
-        ctx->compress_in += ilen;
-        ctx->compress_out += ret;
-    }
-    return (ret);
-}
-
-int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
-                      unsigned char *in, int ilen)
-{
-    int ret;
-
-    if (ctx->meth->expand == NULL) {
-        /* ZZZZZZZZZZZZZZZZZ */
-        return (-1);
-    }
-    ret = ctx->meth->expand(ctx, out, olen, in, ilen);
-    if (ret > 0) {
-        ctx->expand_in += ilen;
-        ctx->expand_out += ret;
-    }
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/conf/README b/thirdparty/openssl/crypto/conf/README
deleted file mode 100644
index 96e53b34ed..0000000000
--- a/thirdparty/openssl/crypto/conf/README
+++ /dev/null
@@ -1,73 +0,0 @@
-Configuration modules. These are a set of modules which can perform
-various configuration functions.
-
-Currently the routines should be called at most once when an application
-starts up: that is before it starts any threads.
-
-The routines read a configuration file set up like this:
-
------
-#default section
-openssl_conf=init_section
-
-[init_section]
-
-module1=value1
-#Second instance of module1
-module1.1=valueX
-module2=value2
-module3=dso_literal
-module4=dso_section
-
-[dso_section]
-
-path=/some/path/to/some/dso.so
-other_stuff=other_value
-----
-
-When this file is loaded a configuration module with the specified string
-(module* in the above example) is looked up and its init function called as:
-
-int conf_init_func(CONF_IMODULE *md, CONF *cnf);
-
-The function can then take whatever action is appropriate, for example further
-lookups based on the value. Multiple instances of the same config module can be
-loaded.
-
-When the application closes down the modules are cleaned up by calling an
-optional finish function:
-
-void conf_finish_func(CONF_IMODULE *md);
-
-The finish functions are called in reverse order: that is the last module
-loaded is the first one cleaned up.
-
-If no module exists with a given name then an attempt is made to load a DSO
-with the supplied name. This might mean that "module3" attempts to load a DSO
-called libmodule3.so or module3.dll for example. An explicit DSO name can be
-given by including a separate section as in the module4 example above.
-
-The DSO is expected to at least contain an initialization function:
-
-int OPENSSL_init(CONF_IMODULE *md, CONF *cnf);
-
-and may also include a finish function:
-
-void OPENSSL_finish(CONF_IMODULE *md);
-
-Static modules can also be added using,
-
-int CONF_module_add(char *name, dso_mod_init_func *ifunc, dso_mod_finish_func
-*ffunc);
-
-where "name" is the name in the configuration file this function corresponds
-to.
-
-A set of builtin modules (currently only an ASN1 non functional test module)
-can be added by calling OPENSSL_load_builtin_modules(). 
-
-The function OPENSSL_config() is intended as a simple configuration function
-that any application can call to perform various default configuration tasks.
-It uses the file openssl.cnf in the usual locations.
-
-
diff --git a/thirdparty/openssl/crypto/conf/cnf_save.c b/thirdparty/openssl/crypto/conf/cnf_save.c
deleted file mode 100644
index 71c4317428..0000000000
--- a/thirdparty/openssl/crypto/conf/cnf_save.c
+++ /dev/null
@@ -1,104 +0,0 @@
-/* crypto/conf/cnf_save.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/conf.h>
-
-static void print_conf(CONF_VALUE *cv);
-static IMPLEMENT_LHASH_DOALL_FN(print_conf, CONF_VALUE *);
-
-main()
-{
-    LHASH *conf;
-    long l;
-
-    conf = CONF_load(NULL, "../../apps/openssl.cnf", &l);
-    if (conf == NULL) {
-        fprintf(stderr, "error loading config, line %ld\n", l);
-        exit(1);
-    }
-
-    lh_doall(conf, LHASH_DOALL_FN(print_conf));
-}
-
-static void print_conf(CONF_VALUE *cv)
-{
-    int i;
-    CONF_VALUE *v;
-    char *section;
-    char *name;
-    char *value;
-    STACK *s;
-
-    /* If it is a single entry, return */
-
-    if (cv->name != NULL)
-        return;
-
-    printf("[ %s ]\n", cv->section);
-    s = (STACK *) cv->value;
-
-    for (i = 0; i < sk_num(s); i++) {
-        v = (CONF_VALUE *)sk_value(s, i);
-        section = (v->section == NULL) ? "None" : v->section;
-        name = (v->name == NULL) ? "None" : v->name;
-        value = (v->value == NULL) ? "None" : v->value;
-        printf("%s=%s\n", name, value);
-    }
-    printf("\n");
-}
diff --git a/thirdparty/openssl/crypto/conf/conf_api.c b/thirdparty/openssl/crypto/conf/conf_api.c
deleted file mode 100644
index 4cf7553376..0000000000
--- a/thirdparty/openssl/crypto/conf/conf_api.c
+++ /dev/null
@@ -1,305 +0,0 @@
-/* conf_api.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Part of the code in here was originally in conf.c, which is now removed */
-
-#ifndef CONF_DEBUG
-# undef NDEBUG                  /* avoid conflicting definitions */
-# define NDEBUG
-#endif
-
-#include <assert.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/conf.h>
-#include <openssl/conf_api.h>
-#include "e_os.h"
-
-static void value_free_hash_doall_arg(CONF_VALUE *a,
-                                      LHASH_OF(CONF_VALUE) *conf);
-static void value_free_stack_doall(CONF_VALUE *a);
-static IMPLEMENT_LHASH_DOALL_ARG_FN(value_free_hash, CONF_VALUE,
-                                    LHASH_OF(CONF_VALUE))
-static IMPLEMENT_LHASH_DOALL_FN(value_free_stack, CONF_VALUE)
-
-/* Up until OpenSSL 0.9.5a, this was get_section */
-CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section)
-{
-    CONF_VALUE *v, vv;
-
-    if ((conf == NULL) || (section == NULL))
-        return (NULL);
-    vv.name = NULL;
-    vv.section = (char *)section;
-    v = lh_CONF_VALUE_retrieve(conf->data, &vv);
-    return (v);
-}
-
-/* Up until OpenSSL 0.9.5a, this was CONF_get_section */
-STACK_OF(CONF_VALUE) *_CONF_get_section_values(const CONF *conf,
-                                               const char *section)
-{
-    CONF_VALUE *v;
-
-    v = _CONF_get_section(conf, section);
-    if (v != NULL)
-        return ((STACK_OF(CONF_VALUE) *)v->value);
-    else
-        return (NULL);
-}
-
-int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value)
-{
-    CONF_VALUE *v = NULL;
-    STACK_OF(CONF_VALUE) *ts;
-
-    ts = (STACK_OF(CONF_VALUE) *)section->value;
-
-    value->section = section->section;
-    if (!sk_CONF_VALUE_push(ts, value)) {
-        return 0;
-    }
-
-    v = lh_CONF_VALUE_insert(conf->data, value);
-    if (v != NULL) {
-        (void)sk_CONF_VALUE_delete_ptr(ts, v);
-        OPENSSL_free(v->name);
-        OPENSSL_free(v->value);
-        OPENSSL_free(v);
-    }
-    return 1;
-}
-
-char *_CONF_get_string(const CONF *conf, const char *section,
-                       const char *name)
-{
-    CONF_VALUE *v, vv;
-    char *p;
-
-    if (name == NULL)
-        return (NULL);
-    if (conf != NULL) {
-        if (section != NULL) {
-            vv.name = (char *)name;
-            vv.section = (char *)section;
-            v = lh_CONF_VALUE_retrieve(conf->data, &vv);
-            if (v != NULL)
-                return (v->value);
-            if (strcmp(section, "ENV") == 0) {
-                p = getenv(name);
-                if (p != NULL)
-                    return (p);
-            }
-        }
-        vv.section = "default";
-        vv.name = (char *)name;
-        v = lh_CONF_VALUE_retrieve(conf->data, &vv);
-        if (v != NULL)
-            return (v->value);
-        else
-            return (NULL);
-    } else
-        return (getenv(name));
-}
-
-#if 0                           /* There's no way to provide error checking
-                                 * with this function, so force implementors
-                                 * of the higher levels to get a string and
-                                 * read the number themselves. */
-long _CONF_get_number(CONF *conf, char *section, char *name)
-{
-    char *str;
-    long ret = 0;
-
-    str = _CONF_get_string(conf, section, name);
-    if (str == NULL)
-        return (0);
-    for (;;) {
-        if (conf->meth->is_number(conf, *str))
-            ret = ret * 10 + conf->meth->to_int(conf, *str);
-        else
-            return (ret);
-        str++;
-    }
-}
-#endif
-
-static unsigned long conf_value_hash(const CONF_VALUE *v)
-{
-    return (lh_strhash(v->section) << 2) ^ lh_strhash(v->name);
-}
-
-static IMPLEMENT_LHASH_HASH_FN(conf_value, CONF_VALUE)
-
-static int conf_value_cmp(const CONF_VALUE *a, const CONF_VALUE *b)
-{
-    int i;
-
-    if (a->section != b->section) {
-        i = strcmp(a->section, b->section);
-        if (i)
-            return (i);
-    }
-
-    if ((a->name != NULL) && (b->name != NULL)) {
-        i = strcmp(a->name, b->name);
-        return (i);
-    } else if (a->name == b->name)
-        return (0);
-    else
-        return ((a->name == NULL) ? -1 : 1);
-}
-
-static IMPLEMENT_LHASH_COMP_FN(conf_value, CONF_VALUE)
-
-int _CONF_new_data(CONF *conf)
-{
-    if (conf == NULL) {
-        return 0;
-    }
-    if (conf->data == NULL)
-        if ((conf->data = lh_CONF_VALUE_new()) == NULL) {
-            return 0;
-        }
-    return 1;
-}
-
-void _CONF_free_data(CONF *conf)
-{
-    if (conf == NULL || conf->data == NULL)
-        return;
-
-    lh_CONF_VALUE_down_load(conf->data) = 0; /* evil thing to make * sure the
-                                              * 'OPENSSL_free()' works as *
-                                              * expected */
-    lh_CONF_VALUE_doall_arg(conf->data,
-                            LHASH_DOALL_ARG_FN(value_free_hash),
-                            LHASH_OF(CONF_VALUE), conf->data);
-
-    /*
-     * We now have only 'section' entries in the hash table. Due to problems
-     * with
-     */
-
-    lh_CONF_VALUE_doall(conf->data, LHASH_DOALL_FN(value_free_stack));
-    lh_CONF_VALUE_free(conf->data);
-}
-
-static void value_free_hash_doall_arg(CONF_VALUE *a,
-                                      LHASH_OF(CONF_VALUE) *conf)
-{
-    if (a->name != NULL)
-        (void)lh_CONF_VALUE_delete(conf, a);
-}
-
-static void value_free_stack_doall(CONF_VALUE *a)
-{
-    CONF_VALUE *vv;
-    STACK_OF(CONF_VALUE) *sk;
-    int i;
-
-    if (a->name != NULL)
-        return;
-
-    sk = (STACK_OF(CONF_VALUE) *)a->value;
-    for (i = sk_CONF_VALUE_num(sk) - 1; i >= 0; i--) {
-        vv = sk_CONF_VALUE_value(sk, i);
-        OPENSSL_free(vv->value);
-        OPENSSL_free(vv->name);
-        OPENSSL_free(vv);
-    }
-    if (sk != NULL)
-        sk_CONF_VALUE_free(sk);
-    OPENSSL_free(a->section);
-    OPENSSL_free(a);
-}
-
-/* Up until OpenSSL 0.9.5a, this was new_section */
-CONF_VALUE *_CONF_new_section(CONF *conf, const char *section)
-{
-    STACK_OF(CONF_VALUE) *sk = NULL;
-    int ok = 0, i;
-    CONF_VALUE *v = NULL, *vv;
-
-    if ((sk = sk_CONF_VALUE_new_null()) == NULL)
-        goto err;
-    if ((v = OPENSSL_malloc(sizeof(CONF_VALUE))) == NULL)
-        goto err;
-    i = strlen(section) + 1;
-    if ((v->section = OPENSSL_malloc(i)) == NULL)
-        goto err;
-
-    memcpy(v->section, section, i);
-    v->name = NULL;
-    v->value = (char *)sk;
-
-    vv = lh_CONF_VALUE_insert(conf->data, v);
-    OPENSSL_assert(vv == NULL);
-    ok = 1;
- err:
-    if (!ok) {
-        if (sk != NULL)
-            sk_CONF_VALUE_free(sk);
-        if (v != NULL)
-            OPENSSL_free(v);
-        v = NULL;
-    }
-    return (v);
-}
-
-IMPLEMENT_STACK_OF(CONF_VALUE)
diff --git a/thirdparty/openssl/crypto/conf/conf_def.c b/thirdparty/openssl/crypto/conf/conf_def.c
deleted file mode 100644
index 75e309aaca..0000000000
--- a/thirdparty/openssl/crypto/conf/conf_def.c
+++ /dev/null
@@ -1,718 +0,0 @@
-/* crypto/conf/conf.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Part of the code in here was originally in conf.c, which is now removed */
-
-#include <stdio.h>
-#include <string.h>
-#include "cryptlib.h"
-#include <openssl/stack.h>
-#include <openssl/lhash.h>
-#include <openssl/conf.h>
-#include <openssl/conf_api.h>
-#include "conf_def.h"
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-/*
- * The maximum length we can grow a value to after variable expansion. 64k
- * should be more than enough for all reasonable uses.
- */
-#define MAX_CONF_VALUE_LENGTH       65536
-
-static char *eat_ws(CONF *conf, char *p);
-static char *eat_alpha_numeric(CONF *conf, char *p);
-static void clear_comments(CONF *conf, char *p);
-static int str_copy(CONF *conf, char *section, char **to, char *from);
-static char *scan_quote(CONF *conf, char *p);
-static char *scan_dquote(CONF *conf, char *p);
-#define scan_esc(conf,p)        (((IS_EOF((conf),(p)[1]))?((p)+1):((p)+2)))
-
-static CONF *def_create(CONF_METHOD *meth);
-static int def_init_default(CONF *conf);
-static int def_init_WIN32(CONF *conf);
-static int def_destroy(CONF *conf);
-static int def_destroy_data(CONF *conf);
-static int def_load(CONF *conf, const char *name, long *eline);
-static int def_load_bio(CONF *conf, BIO *bp, long *eline);
-static int def_dump(const CONF *conf, BIO *bp);
-static int def_is_number(const CONF *conf, char c);
-static int def_to_int(const CONF *conf, char c);
-
-const char CONF_def_version[] = "CONF_def" OPENSSL_VERSION_PTEXT;
-
-static CONF_METHOD default_method = {
-    "OpenSSL default",
-    def_create,
-    def_init_default,
-    def_destroy,
-    def_destroy_data,
-    def_load_bio,
-    def_dump,
-    def_is_number,
-    def_to_int,
-    def_load
-};
-
-static CONF_METHOD WIN32_method = {
-    "WIN32",
-    def_create,
-    def_init_WIN32,
-    def_destroy,
-    def_destroy_data,
-    def_load_bio,
-    def_dump,
-    def_is_number,
-    def_to_int,
-    def_load
-};
-
-CONF_METHOD *NCONF_default()
-{
-    return &default_method;
-}
-
-CONF_METHOD *NCONF_WIN32()
-{
-    return &WIN32_method;
-}
-
-static CONF *def_create(CONF_METHOD *meth)
-{
-    CONF *ret;
-
-    ret = OPENSSL_malloc(sizeof(CONF) + sizeof(unsigned short *));
-    if (ret)
-        if (meth->init(ret) == 0) {
-            OPENSSL_free(ret);
-            ret = NULL;
-        }
-    return ret;
-}
-
-static int def_init_default(CONF *conf)
-{
-    if (conf == NULL)
-        return 0;
-
-    conf->meth = &default_method;
-    conf->meth_data = CONF_type_default;
-    conf->data = NULL;
-
-    return 1;
-}
-
-static int def_init_WIN32(CONF *conf)
-{
-    if (conf == NULL)
-        return 0;
-
-    conf->meth = &WIN32_method;
-    conf->meth_data = (void *)CONF_type_win32;
-    conf->data = NULL;
-
-    return 1;
-}
-
-static int def_destroy(CONF *conf)
-{
-    if (def_destroy_data(conf)) {
-        OPENSSL_free(conf);
-        return 1;
-    }
-    return 0;
-}
-
-static int def_destroy_data(CONF *conf)
-{
-    if (conf == NULL)
-        return 0;
-    _CONF_free_data(conf);
-    return 1;
-}
-
-static int def_load(CONF *conf, const char *name, long *line)
-{
-    int ret;
-    BIO *in = NULL;
-
-#ifdef OPENSSL_SYS_VMS
-    in = BIO_new_file(name, "r");
-#else
-    in = BIO_new_file(name, "rb");
-#endif
-    if (in == NULL) {
-        if (ERR_GET_REASON(ERR_peek_last_error()) == BIO_R_NO_SUCH_FILE)
-            CONFerr(CONF_F_DEF_LOAD, CONF_R_NO_SUCH_FILE);
-        else
-            CONFerr(CONF_F_DEF_LOAD, ERR_R_SYS_LIB);
-        return 0;
-    }
-
-    ret = def_load_bio(conf, in, line);
-    BIO_free(in);
-
-    return ret;
-}
-
-static int def_load_bio(CONF *conf, BIO *in, long *line)
-{
-/* The macro BUFSIZE conflicts with a system macro in VxWorks */
-#define CONFBUFSIZE     512
-    int bufnum = 0, i, ii;
-    BUF_MEM *buff = NULL;
-    char *s, *p, *end;
-    int again;
-    long eline = 0;
-    char btmp[DECIMAL_SIZE(eline) + 1];
-    CONF_VALUE *v = NULL, *tv;
-    CONF_VALUE *sv = NULL;
-    char *section = NULL, *buf;
-    char *start, *psection, *pname;
-    void *h = (void *)(conf->data);
-
-    if ((buff = BUF_MEM_new()) == NULL) {
-        CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_BUF_LIB);
-        goto err;
-    }
-
-    section = BUF_strdup("default");
-    if (section == NULL) {
-        CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (_CONF_new_data(conf) == 0) {
-        CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    sv = _CONF_new_section(conf, section);
-    if (sv == NULL) {
-        CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
-        goto err;
-    }
-
-    bufnum = 0;
-    again = 0;
-    for (;;) {
-        if (!BUF_MEM_grow(buff, bufnum + CONFBUFSIZE)) {
-            CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_BUF_LIB);
-            goto err;
-        }
-        p = &(buff->data[bufnum]);
-        *p = '\0';
-        BIO_gets(in, p, CONFBUFSIZE - 1);
-        p[CONFBUFSIZE - 1] = '\0';
-        ii = i = strlen(p);
-        if (i == 0 && !again)
-            break;
-        again = 0;
-        while (i > 0) {
-            if ((p[i - 1] != '\r') && (p[i - 1] != '\n'))
-                break;
-            else
-                i--;
-        }
-        /*
-         * we removed some trailing stuff so there is a new line on the end.
-         */
-        if (ii && i == ii)
-            again = 1;          /* long line */
-        else {
-            p[i] = '\0';
-            eline++;            /* another input line */
-        }
-
-        /* we now have a line with trailing \r\n removed */
-
-        /* i is the number of bytes */
-        bufnum += i;
-
-        v = NULL;
-        /* check for line continuation */
-        if (bufnum >= 1) {
-            /*
-             * If we have bytes and the last char '\\' and second last char
-             * is not '\\'
-             */
-            p = &(buff->data[bufnum - 1]);
-            if (IS_ESC(conf, p[0]) && ((bufnum <= 1) || !IS_ESC(conf, p[-1]))) {
-                bufnum--;
-                again = 1;
-            }
-        }
-        if (again)
-            continue;
-        bufnum = 0;
-        buf = buff->data;
-
-        clear_comments(conf, buf);
-        s = eat_ws(conf, buf);
-        if (IS_EOF(conf, *s))
-            continue;           /* blank line */
-        if (*s == '[') {
-            char *ss;
-
-            s++;
-            start = eat_ws(conf, s);
-            ss = start;
- again:
-            end = eat_alpha_numeric(conf, ss);
-            p = eat_ws(conf, end);
-            if (*p != ']') {
-                if (*p != '\0' && ss != p) {
-                    ss = p;
-                    goto again;
-                }
-                CONFerr(CONF_F_DEF_LOAD_BIO,
-                        CONF_R_MISSING_CLOSE_SQUARE_BRACKET);
-                goto err;
-            }
-            *end = '\0';
-            if (!str_copy(conf, NULL, &section, start))
-                goto err;
-            if ((sv = _CONF_get_section(conf, section)) == NULL)
-                sv = _CONF_new_section(conf, section);
-            if (sv == NULL) {
-                CONFerr(CONF_F_DEF_LOAD_BIO,
-                        CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
-                goto err;
-            }
-            continue;
-        } else {
-            pname = s;
-            psection = NULL;
-            end = eat_alpha_numeric(conf, s);
-            if ((end[0] == ':') && (end[1] == ':')) {
-                *end = '\0';
-                end += 2;
-                psection = pname;
-                pname = end;
-                end = eat_alpha_numeric(conf, end);
-            }
-            p = eat_ws(conf, end);
-            if (*p != '=') {
-                CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_MISSING_EQUAL_SIGN);
-                goto err;
-            }
-            *end = '\0';
-            p++;
-            start = eat_ws(conf, p);
-            while (!IS_EOF(conf, *p))
-                p++;
-            p--;
-            while ((p != start) && (IS_WS(conf, *p)))
-                p--;
-            p++;
-            *p = '\0';
-
-            if (!(v = (CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) {
-                CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            if (psection == NULL)
-                psection = section;
-            v->name = (char *)OPENSSL_malloc(strlen(pname) + 1);
-            v->value = NULL;
-            if (v->name == NULL) {
-                CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            BUF_strlcpy(v->name, pname, strlen(pname) + 1);
-            if (!str_copy(conf, psection, &(v->value), start))
-                goto err;
-
-            if (strcmp(psection, section) != 0) {
-                if ((tv = _CONF_get_section(conf, psection))
-                    == NULL)
-                    tv = _CONF_new_section(conf, psection);
-                if (tv == NULL) {
-                    CONFerr(CONF_F_DEF_LOAD_BIO,
-                            CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
-                    goto err;
-                }
-            } else
-                tv = sv;
-#if 1
-            if (_CONF_add_string(conf, tv, v) == 0) {
-                CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-#else
-            v->section = tv->section;
-            if (!sk_CONF_VALUE_push(ts, v)) {
-                CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            vv = (CONF_VALUE *)lh_insert(conf->data, v);
-            if (vv != NULL) {
-                sk_CONF_VALUE_delete_ptr(ts, vv);
-                OPENSSL_free(vv->name);
-                OPENSSL_free(vv->value);
-                OPENSSL_free(vv);
-            }
-#endif
-            v = NULL;
-        }
-    }
-    if (buff != NULL)
-        BUF_MEM_free(buff);
-    if (section != NULL)
-        OPENSSL_free(section);
-    return (1);
- err:
-    if (buff != NULL)
-        BUF_MEM_free(buff);
-    if (section != NULL)
-        OPENSSL_free(section);
-    if (line != NULL)
-        *line = eline;
-    BIO_snprintf(btmp, sizeof btmp, "%ld", eline);
-    ERR_add_error_data(2, "line ", btmp);
-    if ((h != conf->data) && (conf->data != NULL)) {
-        CONF_free(conf->data);
-        conf->data = NULL;
-    }
-    if (v != NULL) {
-        if (v->name != NULL)
-            OPENSSL_free(v->name);
-        if (v->value != NULL)
-            OPENSSL_free(v->value);
-        if (v != NULL)
-            OPENSSL_free(v);
-    }
-    return (0);
-}
-
-static void clear_comments(CONF *conf, char *p)
-{
-    for (;;) {
-        if (IS_FCOMMENT(conf, *p)) {
-            *p = '\0';
-            return;
-        }
-        if (!IS_WS(conf, *p)) {
-            break;
-        }
-        p++;
-    }
-
-    for (;;) {
-        if (IS_COMMENT(conf, *p)) {
-            *p = '\0';
-            return;
-        }
-        if (IS_DQUOTE(conf, *p)) {
-            p = scan_dquote(conf, p);
-            continue;
-        }
-        if (IS_QUOTE(conf, *p)) {
-            p = scan_quote(conf, p);
-            continue;
-        }
-        if (IS_ESC(conf, *p)) {
-            p = scan_esc(conf, p);
-            continue;
-        }
-        if (IS_EOF(conf, *p))
-            return;
-        else
-            p++;
-    }
-}
-
-static int str_copy(CONF *conf, char *section, char **pto, char *from)
-{
-    int q, r, rr = 0, to = 0, len = 0;
-    char *s, *e, *rp, *p, *rrp, *np, *cp, v;
-    BUF_MEM *buf;
-
-    if ((buf = BUF_MEM_new()) == NULL)
-        return (0);
-
-    len = strlen(from) + 1;
-    if (!BUF_MEM_grow(buf, len))
-        goto err;
-
-    for (;;) {
-        if (IS_QUOTE(conf, *from)) {
-            q = *from;
-            from++;
-            while (!IS_EOF(conf, *from) && (*from != q)) {
-                if (IS_ESC(conf, *from)) {
-                    from++;
-                    if (IS_EOF(conf, *from))
-                        break;
-                }
-                buf->data[to++] = *(from++);
-            }
-            if (*from == q)
-                from++;
-        } else if (IS_DQUOTE(conf, *from)) {
-            q = *from;
-            from++;
-            while (!IS_EOF(conf, *from)) {
-                if (*from == q) {
-                    if (*(from + 1) == q) {
-                        from++;
-                    } else {
-                        break;
-                    }
-                }
-                buf->data[to++] = *(from++);
-            }
-            if (*from == q)
-                from++;
-        } else if (IS_ESC(conf, *from)) {
-            from++;
-            v = *(from++);
-            if (IS_EOF(conf, v))
-                break;
-            else if (v == 'r')
-                v = '\r';
-            else if (v == 'n')
-                v = '\n';
-            else if (v == 'b')
-                v = '\b';
-            else if (v == 't')
-                v = '\t';
-            buf->data[to++] = v;
-        } else if (IS_EOF(conf, *from))
-            break;
-        else if (*from == '$') {
-            size_t newsize;
-
-            /* try to expand it */
-            rrp = NULL;
-            s = &(from[1]);
-            if (*s == '{')
-                q = '}';
-            else if (*s == '(')
-                q = ')';
-            else
-                q = 0;
-
-            if (q)
-                s++;
-            cp = section;
-            e = np = s;
-            while (IS_ALPHA_NUMERIC(conf, *e))
-                e++;
-            if ((e[0] == ':') && (e[1] == ':')) {
-                cp = np;
-                rrp = e;
-                rr = *e;
-                *rrp = '\0';
-                e += 2;
-                np = e;
-                while (IS_ALPHA_NUMERIC(conf, *e))
-                    e++;
-            }
-            r = *e;
-            *e = '\0';
-            rp = e;
-            if (q) {
-                if (r != q) {
-                    CONFerr(CONF_F_STR_COPY, CONF_R_NO_CLOSE_BRACE);
-                    goto err;
-                }
-                e++;
-            }
-            /*-
-             * So at this point we have
-             * np which is the start of the name string which is
-             *   '\0' terminated.
-             * cp which is the start of the section string which is
-             *   '\0' terminated.
-             * e is the 'next point after'.
-             * r and rr are the chars replaced by the '\0'
-             * rp and rrp is where 'r' and 'rr' came from.
-             */
-            p = _CONF_get_string(conf, cp, np);
-            if (rrp != NULL)
-                *rrp = rr;
-            *rp = r;
-            if (p == NULL) {
-                CONFerr(CONF_F_STR_COPY, CONF_R_VARIABLE_HAS_NO_VALUE);
-                goto err;
-            }
-            newsize = strlen(p) + buf->length - (e - from);
-            if (newsize > MAX_CONF_VALUE_LENGTH) {
-                CONFerr(CONF_F_STR_COPY, CONF_R_VARIABLE_EXPANSION_TOO_LONG);
-                goto err;
-            }
-            if (!BUF_MEM_grow_clean(buf, newsize)) {
-                CONFerr(CONF_F_STR_COPY, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            while (*p)
-                buf->data[to++] = *(p++);
-
-            /*
-             * Since we change the pointer 'from', we also have to change the
-             * perceived length of the string it points at.  /RL
-             */
-            len -= e - from;
-            from = e;
-
-            /*
-             * In case there were no braces or parenthesis around the
-             * variable reference, we have to put back the character that was
-             * replaced with a '\0'.  /RL
-             */
-            *rp = r;
-        } else
-            buf->data[to++] = *(from++);
-    }
-    buf->data[to] = '\0';
-    if (*pto != NULL)
-        OPENSSL_free(*pto);
-    *pto = buf->data;
-    OPENSSL_free(buf);
-    return (1);
- err:
-    if (buf != NULL)
-        BUF_MEM_free(buf);
-    return (0);
-}
-
-static char *eat_ws(CONF *conf, char *p)
-{
-    while (IS_WS(conf, *p) && (!IS_EOF(conf, *p)))
-        p++;
-    return (p);
-}
-
-static char *eat_alpha_numeric(CONF *conf, char *p)
-{
-    for (;;) {
-        if (IS_ESC(conf, *p)) {
-            p = scan_esc(conf, p);
-            continue;
-        }
-        if (!IS_ALPHA_NUMERIC_PUNCT(conf, *p))
-            return (p);
-        p++;
-    }
-}
-
-static char *scan_quote(CONF *conf, char *p)
-{
-    int q = *p;
-
-    p++;
-    while (!(IS_EOF(conf, *p)) && (*p != q)) {
-        if (IS_ESC(conf, *p)) {
-            p++;
-            if (IS_EOF(conf, *p))
-                return (p);
-        }
-        p++;
-    }
-    if (*p == q)
-        p++;
-    return (p);
-}
-
-static char *scan_dquote(CONF *conf, char *p)
-{
-    int q = *p;
-
-    p++;
-    while (!(IS_EOF(conf, *p))) {
-        if (*p == q) {
-            if (*(p + 1) == q) {
-                p++;
-            } else {
-                break;
-            }
-        }
-        p++;
-    }
-    if (*p == q)
-        p++;
-    return (p);
-}
-
-static void dump_value_doall_arg(CONF_VALUE *a, BIO *out)
-{
-    if (a->name)
-        BIO_printf(out, "[%s] %s=%s\n", a->section, a->name, a->value);
-    else
-        BIO_printf(out, "[[%s]]\n", a->section);
-}
-
-static IMPLEMENT_LHASH_DOALL_ARG_FN(dump_value, CONF_VALUE, BIO)
-
-static int def_dump(const CONF *conf, BIO *out)
-{
-    lh_CONF_VALUE_doall_arg(conf->data, LHASH_DOALL_ARG_FN(dump_value),
-                            BIO, out);
-    return 1;
-}
-
-static int def_is_number(const CONF *conf, char c)
-{
-    return IS_NUMBER(conf, c);
-}
-
-static int def_to_int(const CONF *conf, char c)
-{
-    return c - '0';
-}
diff --git a/thirdparty/openssl/crypto/conf/conf_def.h b/thirdparty/openssl/crypto/conf/conf_def.h
deleted file mode 100644
index 48b3442181..0000000000
--- a/thirdparty/openssl/crypto/conf/conf_def.h
+++ /dev/null
@@ -1,181 +0,0 @@
-/* crypto/conf/conf_def.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * THIS FILE WAS AUTOMAGICALLY GENERATED! Please modify and use keysets.pl to
- * regenerate it.
- */
-
-#define CONF_NUMBER             1
-#define CONF_UPPER              2
-#define CONF_LOWER              4
-#define CONF_UNDER              256
-#define CONF_PUNCTUATION        512
-#define CONF_WS                 16
-#define CONF_ESC                32
-#define CONF_QUOTE              64
-#define CONF_DQUOTE             1024
-#define CONF_COMMENT            128
-#define CONF_FCOMMENT           2048
-#define CONF_EOF                8
-#define CONF_HIGHBIT            4096
-#define CONF_ALPHA              (CONF_UPPER|CONF_LOWER)
-#define CONF_ALPHA_NUMERIC      (CONF_ALPHA|CONF_NUMBER|CONF_UNDER)
-#define CONF_ALPHA_NUMERIC_PUNCT (CONF_ALPHA|CONF_NUMBER|CONF_UNDER| \
-                                        CONF_PUNCTUATION)
-
-#define KEYTYPES(c)             ((unsigned short *)((c)->meth_data))
-#ifndef CHARSET_EBCDIC
-# define IS_COMMENT(c,a)        (KEYTYPES(c)[(a)&0xff]&CONF_COMMENT)
-# define IS_FCOMMENT(c,a)       (KEYTYPES(c)[(a)&0xff]&CONF_FCOMMENT)
-# define IS_EOF(c,a)            (KEYTYPES(c)[(a)&0xff]&CONF_EOF)
-# define IS_ESC(c,a)            (KEYTYPES(c)[(a)&0xff]&CONF_ESC)
-# define IS_NUMBER(c,a)         (KEYTYPES(c)[(a)&0xff]&CONF_NUMBER)
-# define IS_WS(c,a)             (KEYTYPES(c)[(a)&0xff]&CONF_WS)
-# define IS_ALPHA_NUMERIC(c,a)  (KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC)
-# define IS_ALPHA_NUMERIC_PUNCT(c,a) \
-                                (KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC_PUNCT)
-# define IS_QUOTE(c,a)          (KEYTYPES(c)[(a)&0xff]&CONF_QUOTE)
-# define IS_DQUOTE(c,a)         (KEYTYPES(c)[(a)&0xff]&CONF_DQUOTE)
-# define IS_HIGHBIT(c,a)        (KEYTYPES(c)[(a)&0xff]&CONF_HIGHBIT)
-
-#else /*CHARSET_EBCDIC*/
-
-# define IS_COMMENT(c,a)        (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_COMMENT)
-# define IS_FCOMMENT(c,a)       (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_FCOMMENT)
-# define IS_EOF(c,a)            (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_EOF)
-# define IS_ESC(c,a)            (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ESC)
-# define IS_NUMBER(c,a)         (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_NUMBER)
-# define IS_WS(c,a)             (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_WS)
-# define IS_ALPHA_NUMERIC(c,a)  (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC)
-# define IS_ALPHA_NUMERIC_PUNCT(c,a) \
-                                (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC_PUNCT)
-# define IS_QUOTE(c,a)          (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_QUOTE)
-# define IS_DQUOTE(c,a)         (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_DQUOTE)
-# define IS_HIGHBIT(c,a)        (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_HIGHBIT)
-#endif /*CHARSET_EBCDIC*/
-
-static unsigned short CONF_type_default[256] = {
-    0x0008, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
-    0x0000, 0x0010, 0x0010, 0x0000, 0x0000, 0x0010, 0x0000, 0x0000,
-    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
-    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
-    0x0010, 0x0200, 0x0040, 0x0080, 0x0000, 0x0200, 0x0200, 0x0040,
-    0x0000, 0x0000, 0x0200, 0x0200, 0x0200, 0x0200, 0x0200, 0x0200,
-    0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001,
-    0x0001, 0x0001, 0x0000, 0x0200, 0x0000, 0x0000, 0x0000, 0x0200,
-    0x0200, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002,
-    0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002,
-    0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002,
-    0x0002, 0x0002, 0x0002, 0x0000, 0x0020, 0x0000, 0x0200, 0x0100,
-    0x0040, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004,
-    0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004,
-    0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004,
-    0x0004, 0x0004, 0x0004, 0x0000, 0x0200, 0x0000, 0x0200, 0x0000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-};
-
-static unsigned short CONF_type_win32[256] = {
-    0x0008, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
-    0x0000, 0x0010, 0x0010, 0x0000, 0x0000, 0x0010, 0x0000, 0x0000,
-    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
-    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
-    0x0010, 0x0200, 0x0400, 0x0000, 0x0000, 0x0200, 0x0200, 0x0000,
-    0x0000, 0x0000, 0x0200, 0x0200, 0x0200, 0x0200, 0x0200, 0x0200,
-    0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001,
-    0x0001, 0x0001, 0x0000, 0x0A00, 0x0000, 0x0000, 0x0000, 0x0200,
-    0x0200, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002,
-    0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002,
-    0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002,
-    0x0002, 0x0002, 0x0002, 0x0000, 0x0000, 0x0000, 0x0200, 0x0100,
-    0x0000, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004,
-    0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004,
-    0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004,
-    0x0004, 0x0004, 0x0004, 0x0000, 0x0200, 0x0000, 0x0200, 0x0000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-};
diff --git a/thirdparty/openssl/crypto/conf/conf_err.c b/thirdparty/openssl/crypto/conf/conf_err.c
deleted file mode 100644
index b0b6896f83..0000000000
--- a/thirdparty/openssl/crypto/conf/conf_err.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/* crypto/conf/conf_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/conf.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_CONF,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_CONF,0,reason)
-
-static ERR_STRING_DATA CONF_str_functs[] = {
-    {ERR_FUNC(CONF_F_CONF_DUMP_FP), "CONF_dump_fp"},
-    {ERR_FUNC(CONF_F_CONF_LOAD), "CONF_load"},
-    {ERR_FUNC(CONF_F_CONF_LOAD_BIO), "CONF_load_bio"},
-    {ERR_FUNC(CONF_F_CONF_LOAD_FP), "CONF_load_fp"},
-    {ERR_FUNC(CONF_F_CONF_MODULES_LOAD), "CONF_modules_load"},
-    {ERR_FUNC(CONF_F_CONF_PARSE_LIST), "CONF_parse_list"},
-    {ERR_FUNC(CONF_F_DEF_LOAD), "DEF_LOAD"},
-    {ERR_FUNC(CONF_F_DEF_LOAD_BIO), "DEF_LOAD_BIO"},
-    {ERR_FUNC(CONF_F_MODULE_INIT), "MODULE_INIT"},
-    {ERR_FUNC(CONF_F_MODULE_LOAD_DSO), "MODULE_LOAD_DSO"},
-    {ERR_FUNC(CONF_F_MODULE_RUN), "MODULE_RUN"},
-    {ERR_FUNC(CONF_F_NCONF_DUMP_BIO), "NCONF_dump_bio"},
-    {ERR_FUNC(CONF_F_NCONF_DUMP_FP), "NCONF_dump_fp"},
-    {ERR_FUNC(CONF_F_NCONF_GET_NUMBER), "NCONF_get_number"},
-    {ERR_FUNC(CONF_F_NCONF_GET_NUMBER_E), "NCONF_get_number_e"},
-    {ERR_FUNC(CONF_F_NCONF_GET_SECTION), "NCONF_get_section"},
-    {ERR_FUNC(CONF_F_NCONF_GET_STRING), "NCONF_get_string"},
-    {ERR_FUNC(CONF_F_NCONF_LOAD), "NCONF_load"},
-    {ERR_FUNC(CONF_F_NCONF_LOAD_BIO), "NCONF_load_bio"},
-    {ERR_FUNC(CONF_F_NCONF_LOAD_FP), "NCONF_load_fp"},
-    {ERR_FUNC(CONF_F_NCONF_NEW), "NCONF_new"},
-    {ERR_FUNC(CONF_F_STR_COPY), "STR_COPY"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA CONF_str_reasons[] = {
-    {ERR_REASON(CONF_R_ERROR_LOADING_DSO), "error loading dso"},
-    {ERR_REASON(CONF_R_LIST_CANNOT_BE_NULL), "list cannot be null"},
-    {ERR_REASON(CONF_R_MISSING_CLOSE_SQUARE_BRACKET),
-     "missing close square bracket"},
-    {ERR_REASON(CONF_R_MISSING_EQUAL_SIGN), "missing equal sign"},
-    {ERR_REASON(CONF_R_MISSING_FINISH_FUNCTION), "missing finish function"},
-    {ERR_REASON(CONF_R_MISSING_INIT_FUNCTION), "missing init function"},
-    {ERR_REASON(CONF_R_MODULE_INITIALIZATION_ERROR),
-     "module initialization error"},
-    {ERR_REASON(CONF_R_NO_CLOSE_BRACE), "no close brace"},
-    {ERR_REASON(CONF_R_NO_CONF), "no conf"},
-    {ERR_REASON(CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE),
-     "no conf or environment variable"},
-    {ERR_REASON(CONF_R_NO_SECTION), "no section"},
-    {ERR_REASON(CONF_R_NO_SUCH_FILE), "no such file"},
-    {ERR_REASON(CONF_R_NO_VALUE), "no value"},
-    {ERR_REASON(CONF_R_UNABLE_TO_CREATE_NEW_SECTION),
-     "unable to create new section"},
-    {ERR_REASON(CONF_R_UNKNOWN_MODULE_NAME), "unknown module name"},
-    {ERR_REASON(CONF_R_VARIABLE_EXPANSION_TOO_LONG),
-     "variable expansion too long"},
-    {ERR_REASON(CONF_R_VARIABLE_HAS_NO_VALUE), "variable has no value"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_CONF_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(CONF_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, CONF_str_functs);
-        ERR_load_strings(0, CONF_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/conf/conf_lib.c b/thirdparty/openssl/crypto/conf/conf_lib.c
deleted file mode 100644
index 5281384807..0000000000
--- a/thirdparty/openssl/crypto/conf/conf_lib.c
+++ /dev/null
@@ -1,391 +0,0 @@
-/* conf_lib.c */
-/*
- * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/conf.h>
-#include <openssl/conf_api.h>
-#include <openssl/lhash.h>
-
-const char CONF_version[] = "CONF" OPENSSL_VERSION_PTEXT;
-
-static CONF_METHOD *default_CONF_method = NULL;
-
-/* Init a 'CONF' structure from an old LHASH */
-
-void CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash)
-{
-    if (default_CONF_method == NULL)
-        default_CONF_method = NCONF_default();
-
-    default_CONF_method->init(conf);
-    conf->data = hash;
-}
-
-/*
- * The following section contains the "CONF classic" functions, rewritten in
- * terms of the new CONF interface.
- */
-
-int CONF_set_default_method(CONF_METHOD *meth)
-{
-    default_CONF_method = meth;
-    return 1;
-}
-
-LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file,
-                                long *eline)
-{
-    LHASH_OF(CONF_VALUE) *ltmp;
-    BIO *in = NULL;
-
-#ifdef OPENSSL_SYS_VMS
-    in = BIO_new_file(file, "r");
-#else
-    in = BIO_new_file(file, "rb");
-#endif
-    if (in == NULL) {
-        CONFerr(CONF_F_CONF_LOAD, ERR_R_SYS_LIB);
-        return NULL;
-    }
-
-    ltmp = CONF_load_bio(conf, in, eline);
-    BIO_free(in);
-
-    return ltmp;
-}
-
-#ifndef OPENSSL_NO_FP_API
-LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
-                                   long *eline)
-{
-    BIO *btmp;
-    LHASH_OF(CONF_VALUE) *ltmp;
-    if (!(btmp = BIO_new_fp(fp, BIO_NOCLOSE))) {
-        CONFerr(CONF_F_CONF_LOAD_FP, ERR_R_BUF_LIB);
-        return NULL;
-    }
-    ltmp = CONF_load_bio(conf, btmp, eline);
-    BIO_free(btmp);
-    return ltmp;
-}
-#endif
-
-LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,
-                                    long *eline)
-{
-    CONF ctmp;
-    int ret;
-
-    CONF_set_nconf(&ctmp, conf);
-
-    ret = NCONF_load_bio(&ctmp, bp, eline);
-    if (ret)
-        return ctmp.data;
-    return NULL;
-}
-
-STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
-                                       const char *section)
-{
-    if (conf == NULL) {
-        return NULL;
-    } else {
-        CONF ctmp;
-        CONF_set_nconf(&ctmp, conf);
-        return NCONF_get_section(&ctmp, section);
-    }
-}
-
-char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf, const char *group,
-                      const char *name)
-{
-    if (conf == NULL) {
-        return NCONF_get_string(NULL, group, name);
-    } else {
-        CONF ctmp;
-        CONF_set_nconf(&ctmp, conf);
-        return NCONF_get_string(&ctmp, group, name);
-    }
-}
-
-long CONF_get_number(LHASH_OF(CONF_VALUE) *conf, const char *group,
-                     const char *name)
-{
-    int status;
-    long result = 0;
-
-    if (conf == NULL) {
-        status = NCONF_get_number_e(NULL, group, name, &result);
-    } else {
-        CONF ctmp;
-        CONF_set_nconf(&ctmp, conf);
-        status = NCONF_get_number_e(&ctmp, group, name, &result);
-    }
-
-    if (status == 0) {
-        /* This function does not believe in errors... */
-        ERR_clear_error();
-    }
-    return result;
-}
-
-void CONF_free(LHASH_OF(CONF_VALUE) *conf)
-{
-    CONF ctmp;
-    CONF_set_nconf(&ctmp, conf);
-    NCONF_free_data(&ctmp);
-}
-
-#ifndef OPENSSL_NO_FP_API
-int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out)
-{
-    BIO *btmp;
-    int ret;
-
-    if (!(btmp = BIO_new_fp(out, BIO_NOCLOSE))) {
-        CONFerr(CONF_F_CONF_DUMP_FP, ERR_R_BUF_LIB);
-        return 0;
-    }
-    ret = CONF_dump_bio(conf, btmp);
-    BIO_free(btmp);
-    return ret;
-}
-#endif
-
-int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out)
-{
-    CONF ctmp;
-    CONF_set_nconf(&ctmp, conf);
-    return NCONF_dump_bio(&ctmp, out);
-}
-
-/*
- * The following section contains the "New CONF" functions.  They are
- * completely centralised around a new CONF structure that may contain
- * basically anything, but at least a method pointer and a table of data.
- * These functions are also written in terms of the bridge functions used by
- * the "CONF classic" functions, for consistency.
- */
-
-CONF *NCONF_new(CONF_METHOD *meth)
-{
-    CONF *ret;
-
-    if (meth == NULL)
-        meth = NCONF_default();
-
-    ret = meth->create(meth);
-    if (ret == NULL) {
-        CONFerr(CONF_F_NCONF_NEW, ERR_R_MALLOC_FAILURE);
-        return (NULL);
-    }
-
-    return ret;
-}
-
-void NCONF_free(CONF *conf)
-{
-    if (conf == NULL)
-        return;
-    conf->meth->destroy(conf);
-}
-
-void NCONF_free_data(CONF *conf)
-{
-    if (conf == NULL)
-        return;
-    conf->meth->destroy_data(conf);
-}
-
-int NCONF_load(CONF *conf, const char *file, long *eline)
-{
-    if (conf == NULL) {
-        CONFerr(CONF_F_NCONF_LOAD, CONF_R_NO_CONF);
-        return 0;
-    }
-
-    return conf->meth->load(conf, file, eline);
-}
-
-#ifndef OPENSSL_NO_FP_API
-int NCONF_load_fp(CONF *conf, FILE *fp, long *eline)
-{
-    BIO *btmp;
-    int ret;
-    if (!(btmp = BIO_new_fp(fp, BIO_NOCLOSE))) {
-        CONFerr(CONF_F_NCONF_LOAD_FP, ERR_R_BUF_LIB);
-        return 0;
-    }
-    ret = NCONF_load_bio(conf, btmp, eline);
-    BIO_free(btmp);
-    return ret;
-}
-#endif
-
-int NCONF_load_bio(CONF *conf, BIO *bp, long *eline)
-{
-    if (conf == NULL) {
-        CONFerr(CONF_F_NCONF_LOAD_BIO, CONF_R_NO_CONF);
-        return 0;
-    }
-
-    return conf->meth->load_bio(conf, bp, eline);
-}
-
-STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf, const char *section)
-{
-    if (conf == NULL) {
-        CONFerr(CONF_F_NCONF_GET_SECTION, CONF_R_NO_CONF);
-        return NULL;
-    }
-
-    if (section == NULL) {
-        CONFerr(CONF_F_NCONF_GET_SECTION, CONF_R_NO_SECTION);
-        return NULL;
-    }
-
-    return _CONF_get_section_values(conf, section);
-}
-
-char *NCONF_get_string(const CONF *conf, const char *group, const char *name)
-{
-    char *s = _CONF_get_string(conf, group, name);
-
-    /*
-     * Since we may get a value from an environment variable even if conf is
-     * NULL, let's check the value first
-     */
-    if (s)
-        return s;
-
-    if (conf == NULL) {
-        CONFerr(CONF_F_NCONF_GET_STRING,
-                CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE);
-        return NULL;
-    }
-    CONFerr(CONF_F_NCONF_GET_STRING, CONF_R_NO_VALUE);
-    ERR_add_error_data(4, "group=", group, " name=", name);
-    return NULL;
-}
-
-int NCONF_get_number_e(const CONF *conf, const char *group, const char *name,
-                       long *result)
-{
-    char *str;
-
-    if (result == NULL) {
-        CONFerr(CONF_F_NCONF_GET_NUMBER_E, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    str = NCONF_get_string(conf, group, name);
-
-    if (str == NULL)
-        return 0;
-
-    for (*result = 0; conf->meth->is_number(conf, *str);) {
-        *result = (*result) * 10 + conf->meth->to_int(conf, *str);
-        str++;
-    }
-
-    return 1;
-}
-
-#ifndef OPENSSL_NO_FP_API
-int NCONF_dump_fp(const CONF *conf, FILE *out)
-{
-    BIO *btmp;
-    int ret;
-    if (!(btmp = BIO_new_fp(out, BIO_NOCLOSE))) {
-        CONFerr(CONF_F_NCONF_DUMP_FP, ERR_R_BUF_LIB);
-        return 0;
-    }
-    ret = NCONF_dump_bio(conf, btmp);
-    BIO_free(btmp);
-    return ret;
-}
-#endif
-
-int NCONF_dump_bio(const CONF *conf, BIO *out)
-{
-    if (conf == NULL) {
-        CONFerr(CONF_F_NCONF_DUMP_BIO, CONF_R_NO_CONF);
-        return 0;
-    }
-
-    return conf->meth->dump(conf, out);
-}
-
-/* This function should be avoided */
-#if 0
-long NCONF_get_number(CONF *conf, char *group, char *name)
-{
-    int status;
-    long ret = 0;
-
-    status = NCONF_get_number_e(conf, group, name, &ret);
-    if (status == 0) {
-        /* This function does not believe in errors... */
-        ERR_get_error();
-    }
-    return ret;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/conf/conf_mall.c b/thirdparty/openssl/crypto/conf/conf_mall.c
deleted file mode 100644
index b4dbd662d0..0000000000
--- a/thirdparty/openssl/crypto/conf/conf_mall.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* conf_mall.c */
-/*
- * Written by Stephen Henson (steve@openssl.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/dso.h>
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-
-/* Load all OpenSSL builtin modules */
-
-void OPENSSL_load_builtin_modules(void)
-{
-    /* Add builtin modules here */
-    ASN1_add_oid_module();
-#ifndef OPENSSL_NO_ENGINE
-    ENGINE_add_conf_module();
-#endif
-    EVP_add_alg_module();
-}
diff --git a/thirdparty/openssl/crypto/conf/conf_mod.c b/thirdparty/openssl/crypto/conf/conf_mod.c
deleted file mode 100644
index e0c9a67ff6..0000000000
--- a/thirdparty/openssl/crypto/conf/conf_mod.c
+++ /dev/null
@@ -1,601 +0,0 @@
-/* conf_mod.c */
-/*
- * Written by Stephen Henson (steve@openssl.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/dso.h>
-#include <openssl/x509.h>
-
-#define DSO_mod_init_name "OPENSSL_init"
-#define DSO_mod_finish_name "OPENSSL_finish"
-
-/*
- * This structure contains a data about supported modules. entries in this
- * table correspond to either dynamic or static modules.
- */
-
-struct conf_module_st {
-    /* DSO of this module or NULL if static */
-    DSO *dso;
-    /* Name of the module */
-    char *name;
-    /* Init function */
-    conf_init_func *init;
-    /* Finish function */
-    conf_finish_func *finish;
-    /* Number of successfully initialized modules */
-    int links;
-    void *usr_data;
-};
-
-/*
- * This structure contains information about modules that have been
- * successfully initialized. There may be more than one entry for a given
- * module.
- */
-
-struct conf_imodule_st {
-    CONF_MODULE *pmod;
-    char *name;
-    char *value;
-    unsigned long flags;
-    void *usr_data;
-};
-
-static STACK_OF(CONF_MODULE) *supported_modules = NULL;
-static STACK_OF(CONF_IMODULE) *initialized_modules = NULL;
-
-static void module_free(CONF_MODULE *md);
-static void module_finish(CONF_IMODULE *imod);
-static int module_run(const CONF *cnf, char *name, char *value,
-                      unsigned long flags);
-static CONF_MODULE *module_add(DSO *dso, const char *name,
-                               conf_init_func *ifunc,
-                               conf_finish_func *ffunc);
-static CONF_MODULE *module_find(char *name);
-static int module_init(CONF_MODULE *pmod, char *name, char *value,
-                       const CONF *cnf);
-static CONF_MODULE *module_load_dso(const CONF *cnf, char *name, char *value,
-                                    unsigned long flags);
-
-/* Main function: load modules from a CONF structure */
-
-int CONF_modules_load(const CONF *cnf, const char *appname,
-                      unsigned long flags)
-{
-    STACK_OF(CONF_VALUE) *values;
-    CONF_VALUE *vl;
-    char *vsection = NULL;
-
-    int ret, i;
-
-    if (!cnf)
-        return 1;
-
-    if (appname)
-        vsection = NCONF_get_string(cnf, NULL, appname);
-
-    if (!appname || (!vsection && (flags & CONF_MFLAGS_DEFAULT_SECTION)))
-        vsection = NCONF_get_string(cnf, NULL, "openssl_conf");
-
-    if (!vsection) {
-        ERR_clear_error();
-        return 1;
-    }
-
-    values = NCONF_get_section(cnf, vsection);
-
-    if (!values)
-        return 0;
-
-    for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
-        vl = sk_CONF_VALUE_value(values, i);
-        ret = module_run(cnf, vl->name, vl->value, flags);
-        if (ret <= 0)
-            if (!(flags & CONF_MFLAGS_IGNORE_ERRORS))
-                return ret;
-    }
-
-    return 1;
-
-}
-
-int CONF_modules_load_file(const char *filename, const char *appname,
-                           unsigned long flags)
-{
-    char *file = NULL;
-    CONF *conf = NULL;
-    int ret = 0;
-    conf = NCONF_new(NULL);
-    if (!conf)
-        goto err;
-
-    if (filename == NULL) {
-        file = CONF_get1_default_config_file();
-        if (!file)
-            goto err;
-    } else
-        file = (char *)filename;
-
-    if (NCONF_load(conf, file, NULL) <= 0) {
-        if ((flags & CONF_MFLAGS_IGNORE_MISSING_FILE) &&
-            (ERR_GET_REASON(ERR_peek_last_error()) == CONF_R_NO_SUCH_FILE)) {
-            ERR_clear_error();
-            ret = 1;
-        }
-        goto err;
-    }
-
-    ret = CONF_modules_load(conf, appname, flags);
-
- err:
-    if (filename == NULL)
-        OPENSSL_free(file);
-    NCONF_free(conf);
-
-    return ret;
-}
-
-static int module_run(const CONF *cnf, char *name, char *value,
-                      unsigned long flags)
-{
-    CONF_MODULE *md;
-    int ret;
-
-    md = module_find(name);
-
-    /* Module not found: try to load DSO */
-    if (!md && !(flags & CONF_MFLAGS_NO_DSO))
-        md = module_load_dso(cnf, name, value, flags);
-
-    if (!md) {
-        if (!(flags & CONF_MFLAGS_SILENT)) {
-            CONFerr(CONF_F_MODULE_RUN, CONF_R_UNKNOWN_MODULE_NAME);
-            ERR_add_error_data(2, "module=", name);
-        }
-        return -1;
-    }
-
-    ret = module_init(md, name, value, cnf);
-
-    if (ret <= 0) {
-        if (!(flags & CONF_MFLAGS_SILENT)) {
-            char rcode[DECIMAL_SIZE(ret) + 1];
-            CONFerr(CONF_F_MODULE_RUN, CONF_R_MODULE_INITIALIZATION_ERROR);
-            BIO_snprintf(rcode, sizeof rcode, "%-8d", ret);
-            ERR_add_error_data(6, "module=", name, ", value=", value,
-                               ", retcode=", rcode);
-        }
-    }
-
-    return ret;
-}
-
-/* Load a module from a DSO */
-static CONF_MODULE *module_load_dso(const CONF *cnf, char *name, char *value,
-                                    unsigned long flags)
-{
-    DSO *dso = NULL;
-    conf_init_func *ifunc;
-    conf_finish_func *ffunc;
-    char *path = NULL;
-    int errcode = 0;
-    CONF_MODULE *md;
-    /* Look for alternative path in module section */
-    path = NCONF_get_string(cnf, value, "path");
-    if (!path) {
-        ERR_clear_error();
-        path = name;
-    }
-    dso = DSO_load(NULL, path, NULL, 0);
-    if (!dso) {
-        errcode = CONF_R_ERROR_LOADING_DSO;
-        goto err;
-    }
-    ifunc = (conf_init_func *)DSO_bind_func(dso, DSO_mod_init_name);
-    if (!ifunc) {
-        errcode = CONF_R_MISSING_INIT_FUNCTION;
-        goto err;
-    }
-    ffunc = (conf_finish_func *)DSO_bind_func(dso, DSO_mod_finish_name);
-    /* All OK, add module */
-    md = module_add(dso, name, ifunc, ffunc);
-
-    if (!md)
-        goto err;
-
-    return md;
-
- err:
-    if (dso)
-        DSO_free(dso);
-    CONFerr(CONF_F_MODULE_LOAD_DSO, errcode);
-    ERR_add_error_data(4, "module=", name, ", path=", path);
-    return NULL;
-}
-
-/* add module to list */
-static CONF_MODULE *module_add(DSO *dso, const char *name,
-                               conf_init_func *ifunc, conf_finish_func *ffunc)
-{
-    CONF_MODULE *tmod = NULL;
-    if (supported_modules == NULL)
-        supported_modules = sk_CONF_MODULE_new_null();
-    if (supported_modules == NULL)
-        return NULL;
-    tmod = OPENSSL_malloc(sizeof(CONF_MODULE));
-    if (tmod == NULL)
-        return NULL;
-
-    tmod->dso = dso;
-    tmod->name = BUF_strdup(name);
-    if (tmod->name == NULL) {
-        OPENSSL_free(tmod);
-        return NULL;
-    }
-    tmod->init = ifunc;
-    tmod->finish = ffunc;
-    tmod->links = 0;
-
-    if (!sk_CONF_MODULE_push(supported_modules, tmod)) {
-        OPENSSL_free(tmod);
-        return NULL;
-    }
-
-    return tmod;
-}
-
-/*
- * Find a module from the list. We allow module names of the form
- * modname.XXXX to just search for modname to allow the same module to be
- * initialized more than once.
- */
-
-static CONF_MODULE *module_find(char *name)
-{
-    CONF_MODULE *tmod;
-    int i, nchar;
-    char *p;
-    p = strrchr(name, '.');
-
-    if (p)
-        nchar = p - name;
-    else
-        nchar = strlen(name);
-
-    for (i = 0; i < sk_CONF_MODULE_num(supported_modules); i++) {
-        tmod = sk_CONF_MODULE_value(supported_modules, i);
-        if (!strncmp(tmod->name, name, nchar))
-            return tmod;
-    }
-
-    return NULL;
-
-}
-
-/* initialize a module */
-static int module_init(CONF_MODULE *pmod, char *name, char *value,
-                       const CONF *cnf)
-{
-    int ret = 1;
-    int init_called = 0;
-    CONF_IMODULE *imod = NULL;
-
-    /* Otherwise add initialized module to list */
-    imod = OPENSSL_malloc(sizeof(CONF_IMODULE));
-    if (!imod)
-        goto err;
-
-    imod->pmod = pmod;
-    imod->name = BUF_strdup(name);
-    imod->value = BUF_strdup(value);
-    imod->usr_data = NULL;
-
-    if (!imod->name || !imod->value)
-        goto memerr;
-
-    /* Try to initialize module */
-    if (pmod->init) {
-        ret = pmod->init(imod, cnf);
-        init_called = 1;
-        /* Error occurred, exit */
-        if (ret <= 0)
-            goto err;
-    }
-
-    if (initialized_modules == NULL) {
-        initialized_modules = sk_CONF_IMODULE_new_null();
-        if (!initialized_modules) {
-            CONFerr(CONF_F_MODULE_INIT, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-    }
-
-    if (!sk_CONF_IMODULE_push(initialized_modules, imod)) {
-        CONFerr(CONF_F_MODULE_INIT, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    pmod->links++;
-
-    return ret;
-
- err:
-
-    /* We've started the module so we'd better finish it */
-    if (pmod->finish && init_called)
-        pmod->finish(imod);
-
- memerr:
-    if (imod) {
-        if (imod->name)
-            OPENSSL_free(imod->name);
-        if (imod->value)
-            OPENSSL_free(imod->value);
-        OPENSSL_free(imod);
-    }
-
-    return -1;
-
-}
-
-/*
- * Unload any dynamic modules that have a link count of zero: i.e. have no
- * active initialized modules. If 'all' is set then all modules are unloaded
- * including static ones.
- */
-
-void CONF_modules_unload(int all)
-{
-    int i;
-    CONF_MODULE *md;
-    CONF_modules_finish();
-    /* unload modules in reverse order */
-    for (i = sk_CONF_MODULE_num(supported_modules) - 1; i >= 0; i--) {
-        md = sk_CONF_MODULE_value(supported_modules, i);
-        /* If static or in use and 'all' not set ignore it */
-        if (((md->links > 0) || !md->dso) && !all)
-            continue;
-        /* Since we're working in reverse this is OK */
-        (void)sk_CONF_MODULE_delete(supported_modules, i);
-        module_free(md);
-    }
-    if (sk_CONF_MODULE_num(supported_modules) == 0) {
-        sk_CONF_MODULE_free(supported_modules);
-        supported_modules = NULL;
-    }
-}
-
-/* unload a single module */
-static void module_free(CONF_MODULE *md)
-{
-    if (md->dso)
-        DSO_free(md->dso);
-    OPENSSL_free(md->name);
-    OPENSSL_free(md);
-}
-
-/* finish and free up all modules instances */
-
-void CONF_modules_finish(void)
-{
-    CONF_IMODULE *imod;
-    while (sk_CONF_IMODULE_num(initialized_modules) > 0) {
-        imod = sk_CONF_IMODULE_pop(initialized_modules);
-        module_finish(imod);
-    }
-    sk_CONF_IMODULE_free(initialized_modules);
-    initialized_modules = NULL;
-}
-
-/* finish a module instance */
-
-static void module_finish(CONF_IMODULE *imod)
-{
-    if (imod->pmod->finish)
-        imod->pmod->finish(imod);
-    imod->pmod->links--;
-    OPENSSL_free(imod->name);
-    OPENSSL_free(imod->value);
-    OPENSSL_free(imod);
-}
-
-/* Add a static module to OpenSSL */
-
-int CONF_module_add(const char *name, conf_init_func *ifunc,
-                    conf_finish_func *ffunc)
-{
-    if (module_add(NULL, name, ifunc, ffunc))
-        return 1;
-    else
-        return 0;
-}
-
-void CONF_modules_free(void)
-{
-    CONF_modules_finish();
-    CONF_modules_unload(1);
-}
-
-/* Utility functions */
-
-const char *CONF_imodule_get_name(const CONF_IMODULE *md)
-{
-    return md->name;
-}
-
-const char *CONF_imodule_get_value(const CONF_IMODULE *md)
-{
-    return md->value;
-}
-
-void *CONF_imodule_get_usr_data(const CONF_IMODULE *md)
-{
-    return md->usr_data;
-}
-
-void CONF_imodule_set_usr_data(CONF_IMODULE *md, void *usr_data)
-{
-    md->usr_data = usr_data;
-}
-
-CONF_MODULE *CONF_imodule_get_module(const CONF_IMODULE *md)
-{
-    return md->pmod;
-}
-
-unsigned long CONF_imodule_get_flags(const CONF_IMODULE *md)
-{
-    return md->flags;
-}
-
-void CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags)
-{
-    md->flags = flags;
-}
-
-void *CONF_module_get_usr_data(CONF_MODULE *pmod)
-{
-    return pmod->usr_data;
-}
-
-void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data)
-{
-    pmod->usr_data = usr_data;
-}
-
-/* Return default config file name */
-
-char *CONF_get1_default_config_file(void)
-{
-    char *file;
-    int len;
-
-    file = getenv("OPENSSL_CONF");
-    if (file)
-        return BUF_strdup(file);
-
-    len = strlen(X509_get_default_cert_area());
-#ifndef OPENSSL_SYS_VMS
-    len++;
-#endif
-    len += strlen(OPENSSL_CONF);
-
-    file = OPENSSL_malloc(len + 1);
-
-    if (!file)
-        return NULL;
-    BUF_strlcpy(file, X509_get_default_cert_area(), len + 1);
-#ifndef OPENSSL_SYS_VMS
-    BUF_strlcat(file, "/", len + 1);
-#endif
-    BUF_strlcat(file, OPENSSL_CONF, len + 1);
-
-    return file;
-}
-
-/*
- * This function takes a list separated by 'sep' and calls the callback
- * function giving the start and length of each member optionally stripping
- * leading and trailing whitespace. This can be used to parse comma separated
- * lists for example.
- */
-
-int CONF_parse_list(const char *list_, int sep, int nospc,
-                    int (*list_cb) (const char *elem, int len, void *usr),
-                    void *arg)
-{
-    int ret;
-    const char *lstart, *tmpend, *p;
-
-    if (list_ == NULL) {
-        CONFerr(CONF_F_CONF_PARSE_LIST, CONF_R_LIST_CANNOT_BE_NULL);
-        return 0;
-    }
-
-    lstart = list_;
-    for (;;) {
-        if (nospc) {
-            while (*lstart && isspace((unsigned char)*lstart))
-                lstart++;
-        }
-        p = strchr(lstart, sep);
-        if (p == lstart || !*lstart)
-            ret = list_cb(NULL, 0, arg);
-        else {
-            if (p)
-                tmpend = p - 1;
-            else
-                tmpend = lstart + strlen(lstart) - 1;
-            if (nospc) {
-                while (isspace((unsigned char)*tmpend))
-                    tmpend--;
-            }
-            ret = list_cb(lstart, tmpend - lstart + 1, arg);
-        }
-        if (ret <= 0)
-            return ret;
-        if (p == NULL)
-            return 1;
-        lstart = p + 1;
-    }
-}
diff --git a/thirdparty/openssl/crypto/conf/conf_sap.c b/thirdparty/openssl/crypto/conf/conf_sap.c
deleted file mode 100644
index c042cf222d..0000000000
--- a/thirdparty/openssl/crypto/conf/conf_sap.c
+++ /dev/null
@@ -1,99 +0,0 @@
-/* conf_sap.c */
-/*
- * Written by Stephen Henson (steve@openssl.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/dso.h>
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-
-/*
- * This is the automatic configuration loader: it is called automatically by
- * OpenSSL when any of a number of standard initialisation functions are
- * called, unless this is overridden by calling OPENSSL_no_config()
- */
-
-static int openssl_configured = 0;
-
-void OPENSSL_config(const char *config_name)
-{
-    if (openssl_configured)
-        return;
-
-    OPENSSL_load_builtin_modules();
-#ifndef OPENSSL_NO_ENGINE
-    /* Need to load ENGINEs */
-    ENGINE_load_builtin_engines();
-#endif
-    ERR_clear_error();
-    CONF_modules_load_file(NULL, config_name,
-                               CONF_MFLAGS_DEFAULT_SECTION |
-                               CONF_MFLAGS_IGNORE_MISSING_FILE);
-    openssl_configured = 1;
-}
-
-void OPENSSL_no_config()
-{
-    openssl_configured = 1;
-}
diff --git a/thirdparty/openssl/crypto/constant_time_locl.h b/thirdparty/openssl/crypto/constant_time_locl.h
deleted file mode 100644
index c786aea949..0000000000
--- a/thirdparty/openssl/crypto/constant_time_locl.h
+++ /dev/null
@@ -1,211 +0,0 @@
-/* crypto/constant_time_locl.h */
-/*-
- * Utilities for constant-time cryptography.
- *
- * Author: Emilia Kasper (emilia@openssl.org)
- * Based on previous work by Bodo Moeller, Emilia Kasper, Adam Langley
- * (Google).
- * ====================================================================
- * Copyright (c) 2014 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_CONSTANT_TIME_LOCL_H
-# define HEADER_CONSTANT_TIME_LOCL_H
-
-# include "e_os.h"              /* For 'inline' */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*-
- * The boolean methods return a bitmask of all ones (0xff...f) for true
- * and 0 for false. This is useful for choosing a value based on the result
- * of a conditional in constant time. For example,
- *
- * if (a < b) {
- *   c = a;
- * } else {
- *   c = b;
- * }
- *
- * can be written as
- *
- * unsigned int lt = constant_time_lt(a, b);
- * c = constant_time_select(lt, a, b);
- */
-
-/*
- * Returns the given value with the MSB copied to all the other
- * bits. Uses the fact that arithmetic shift shifts-in the sign bit.
- * However, this is not ensured by the C standard so you may need to
- * replace this with something else on odd CPUs.
- */
-static inline unsigned int constant_time_msb(unsigned int a);
-
-/*
- * Returns 0xff..f if a < b and 0 otherwise.
- */
-static inline unsigned int constant_time_lt(unsigned int a, unsigned int b);
-/* Convenience method for getting an 8-bit mask. */
-static inline unsigned char constant_time_lt_8(unsigned int a,
-                                               unsigned int b);
-
-/*
- * Returns 0xff..f if a >= b and 0 otherwise.
- */
-static inline unsigned int constant_time_ge(unsigned int a, unsigned int b);
-/* Convenience method for getting an 8-bit mask. */
-static inline unsigned char constant_time_ge_8(unsigned int a,
-                                               unsigned int b);
-
-/*
- * Returns 0xff..f if a == 0 and 0 otherwise.
- */
-static inline unsigned int constant_time_is_zero(unsigned int a);
-/* Convenience method for getting an 8-bit mask. */
-static inline unsigned char constant_time_is_zero_8(unsigned int a);
-
-/*
- * Returns 0xff..f if a == b and 0 otherwise.
- */
-static inline unsigned int constant_time_eq(unsigned int a, unsigned int b);
-/* Convenience method for getting an 8-bit mask. */
-static inline unsigned char constant_time_eq_8(unsigned int a,
-                                               unsigned int b);
-/* Signed integers. */
-static inline unsigned int constant_time_eq_int(int a, int b);
-/* Convenience method for getting an 8-bit mask. */
-static inline unsigned char constant_time_eq_int_8(int a, int b);
-
-/*-
- * Returns (mask & a) | (~mask & b).
- *
- * When |mask| is all 1s or all 0s (as returned by the methods above),
- * the select methods return either |a| (if |mask| is nonzero) or |b|
- * (if |mask| is zero).
- */
-static inline unsigned int constant_time_select(unsigned int mask,
-                                                unsigned int a,
-                                                unsigned int b);
-/* Convenience method for unsigned chars. */
-static inline unsigned char constant_time_select_8(unsigned char mask,
-                                                   unsigned char a,
-                                                   unsigned char b);
-/* Convenience method for signed integers. */
-static inline int constant_time_select_int(unsigned int mask, int a, int b);
-
-static inline unsigned int constant_time_msb(unsigned int a)
-{
-    return 0 - (a >> (sizeof(a) * 8 - 1));
-}
-
-static inline unsigned int constant_time_lt(unsigned int a, unsigned int b)
-{
-    return constant_time_msb(a ^ ((a ^ b) | ((a - b) ^ b)));
-}
-
-static inline unsigned char constant_time_lt_8(unsigned int a, unsigned int b)
-{
-    return (unsigned char)(constant_time_lt(a, b));
-}
-
-static inline unsigned int constant_time_ge(unsigned int a, unsigned int b)
-{
-    return ~constant_time_lt(a, b);
-}
-
-static inline unsigned char constant_time_ge_8(unsigned int a, unsigned int b)
-{
-    return (unsigned char)(constant_time_ge(a, b));
-}
-
-static inline unsigned int constant_time_is_zero(unsigned int a)
-{
-    return constant_time_msb(~a & (a - 1));
-}
-
-static inline unsigned char constant_time_is_zero_8(unsigned int a)
-{
-    return (unsigned char)(constant_time_is_zero(a));
-}
-
-static inline unsigned int constant_time_eq(unsigned int a, unsigned int b)
-{
-    return constant_time_is_zero(a ^ b);
-}
-
-static inline unsigned char constant_time_eq_8(unsigned int a, unsigned int b)
-{
-    return (unsigned char)(constant_time_eq(a, b));
-}
-
-static inline unsigned int constant_time_eq_int(int a, int b)
-{
-    return constant_time_eq((unsigned)(a), (unsigned)(b));
-}
-
-static inline unsigned char constant_time_eq_int_8(int a, int b)
-{
-    return constant_time_eq_8((unsigned)(a), (unsigned)(b));
-}
-
-static inline unsigned int constant_time_select(unsigned int mask,
-                                                unsigned int a,
-                                                unsigned int b)
-{
-    return (mask & a) | (~mask & b);
-}
-
-static inline unsigned char constant_time_select_8(unsigned char mask,
-                                                   unsigned char a,
-                                                   unsigned char b)
-{
-    return (unsigned char)(constant_time_select(mask, a, b));
-}
-
-static inline int constant_time_select_int(unsigned int mask, int a, int b)
-{
-    return (int)(constant_time_select(mask, (unsigned)(a), (unsigned)(b)));
-}
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif                          /* HEADER_CONSTANT_TIME_LOCL_H */
diff --git a/thirdparty/openssl/crypto/cpt_err.c b/thirdparty/openssl/crypto/cpt_err.c
deleted file mode 100644
index a5138381a0..0000000000
--- a/thirdparty/openssl/crypto/cpt_err.c
+++ /dev/null
@@ -1,104 +0,0 @@
-/* crypto/cpt_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/crypto.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_CRYPTO,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_CRYPTO,0,reason)
-
-static ERR_STRING_DATA CRYPTO_str_functs[] = {
-    {ERR_FUNC(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX), "CRYPTO_get_ex_new_index"},
-    {ERR_FUNC(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID), "CRYPTO_get_new_dynlockid"},
-    {ERR_FUNC(CRYPTO_F_CRYPTO_GET_NEW_LOCKID), "CRYPTO_get_new_lockid"},
-    {ERR_FUNC(CRYPTO_F_CRYPTO_SET_EX_DATA), "CRYPTO_set_ex_data"},
-    {ERR_FUNC(CRYPTO_F_DEF_ADD_INDEX), "DEF_ADD_INDEX"},
-    {ERR_FUNC(CRYPTO_F_DEF_GET_CLASS), "DEF_GET_CLASS"},
-    {ERR_FUNC(CRYPTO_F_FIPS_MODE_SET), "FIPS_mode_set"},
-    {ERR_FUNC(CRYPTO_F_INT_DUP_EX_DATA), "INT_DUP_EX_DATA"},
-    {ERR_FUNC(CRYPTO_F_INT_FREE_EX_DATA), "INT_FREE_EX_DATA"},
-    {ERR_FUNC(CRYPTO_F_INT_NEW_EX_DATA), "INT_NEW_EX_DATA"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA CRYPTO_str_reasons[] = {
-    {ERR_REASON(CRYPTO_R_FIPS_MODE_NOT_SUPPORTED), "fips mode not supported"},
-    {ERR_REASON(CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK),
-     "no dynlock create callback"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_CRYPTO_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(CRYPTO_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, CRYPTO_str_functs);
-        ERR_load_strings(0, CRYPTO_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/cryptlib.c b/thirdparty/openssl/crypto/cryptlib.c
deleted file mode 100644
index 1925428f5e..0000000000
--- a/thirdparty/openssl/crypto/cryptlib.c
+++ /dev/null
@@ -1,1030 +0,0 @@
-/* crypto/cryptlib.c */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#include "cryptlib.h"
-#include <openssl/safestack.h>
-
-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
-static double SSLeay_MSVC5_hack = 0.0; /* and for VC1.5 */
-#endif
-
-DECLARE_STACK_OF(CRYPTO_dynlock)
-
-/* real #defines in crypto.h, keep these upto date */
-static const char *const lock_names[CRYPTO_NUM_LOCKS] = {
-    "<<ERROR>>",
-    "err",
-    "ex_data",
-    "x509",
-    "x509_info",
-    "x509_pkey",
-    "x509_crl",
-    "x509_req",
-    "dsa",
-    "rsa",
-    "evp_pkey",
-    "x509_store",
-    "ssl_ctx",
-    "ssl_cert",
-    "ssl_session",
-    "ssl_sess_cert",
-    "ssl",
-    "ssl_method",
-    "rand",
-    "rand2",
-    "debug_malloc",
-    "BIO",
-    "gethostbyname",
-    "getservbyname",
-    "readdir",
-    "RSA_blinding",
-    "dh",
-    "debug_malloc2",
-    "dso",
-    "dynlock",
-    "engine",
-    "ui",
-    "ecdsa",
-    "ec",
-    "ecdh",
-    "bn",
-    "ec_pre_comp",
-    "store",
-    "comp",
-    "fips",
-    "fips2",
-#if CRYPTO_NUM_LOCKS != 41
-# error "Inconsistency between crypto.h and cryptlib.c"
-#endif
-};
-
-/*
- * This is for applications to allocate new type names in the non-dynamic
- * array of lock names.  These are numbered with positive numbers.
- */
-static STACK_OF(OPENSSL_STRING) *app_locks = NULL;
-
-/*
- * For applications that want a more dynamic way of handling threads, the
- * following stack is used.  These are externally numbered with negative
- * numbers.
- */
-static STACK_OF(CRYPTO_dynlock) *dyn_locks = NULL;
-
-static void (MS_FAR *locking_callback) (int mode, int type,
-                                        const char *file, int line) = 0;
-static int (MS_FAR *add_lock_callback) (int *pointer, int amount,
-                                        int type, const char *file,
-                                        int line) = 0;
-#ifndef OPENSSL_NO_DEPRECATED
-static unsigned long (MS_FAR *id_callback) (void) = 0;
-#endif
-static void (MS_FAR *threadid_callback) (CRYPTO_THREADID *) = 0;
-static struct CRYPTO_dynlock_value *(MS_FAR *dynlock_create_callback)
- (const char *file, int line) = 0;
-static void (MS_FAR *dynlock_lock_callback) (int mode,
-                                             struct CRYPTO_dynlock_value *l,
-                                             const char *file, int line) = 0;
-static void (MS_FAR *dynlock_destroy_callback) (struct CRYPTO_dynlock_value
-                                                *l, const char *file,
-                                                int line) = 0;
-
-int CRYPTO_get_new_lockid(char *name)
-{
-    char *str;
-    int i;
-
-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
-    /*
-     * A hack to make Visual C++ 5.0 work correctly when linking as a DLL
-     * using /MT. Without this, the application cannot use any floating point
-     * printf's. It also seems to be needed for Visual C 1.5 (win16)
-     */
-    SSLeay_MSVC5_hack = (double)name[0] * (double)name[1];
-#endif
-
-    if ((app_locks == NULL)
-        && ((app_locks = sk_OPENSSL_STRING_new_null()) == NULL)) {
-        CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-    if ((str = BUF_strdup(name)) == NULL) {
-        CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-    i = sk_OPENSSL_STRING_push(app_locks, str);
-    if (!i)
-        OPENSSL_free(str);
-    else
-        i += CRYPTO_NUM_LOCKS;  /* gap of one :-) */
-    return (i);
-}
-
-int CRYPTO_num_locks(void)
-{
-    return CRYPTO_NUM_LOCKS;
-}
-
-int CRYPTO_get_new_dynlockid(void)
-{
-    int i = 0;
-    CRYPTO_dynlock *pointer = NULL;
-
-    if (dynlock_create_callback == NULL) {
-        CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,
-                  CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK);
-        return (0);
-    }
-    CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
-    if ((dyn_locks == NULL)
-        && ((dyn_locks = sk_CRYPTO_dynlock_new_null()) == NULL)) {
-        CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-        CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-
-    pointer = (CRYPTO_dynlock *) OPENSSL_malloc(sizeof(CRYPTO_dynlock));
-    if (pointer == NULL) {
-        CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-    pointer->references = 1;
-    pointer->data = dynlock_create_callback(__FILE__, __LINE__);
-    if (pointer->data == NULL) {
-        OPENSSL_free(pointer);
-        CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-
-    CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
-    /* First, try to find an existing empty slot */
-    i = sk_CRYPTO_dynlock_find(dyn_locks, NULL);
-    /* If there was none, push, thereby creating a new one */
-    if (i == -1)
-        /*
-         * Since sk_push() returns the number of items on the stack, not the
-         * location of the pushed item, we need to transform the returned
-         * number into a position, by decreasing it.
-         */
-        i = sk_CRYPTO_dynlock_push(dyn_locks, pointer) - 1;
-    else
-        /*
-         * If we found a place with a NULL pointer, put our pointer in it.
-         */
-        (void)sk_CRYPTO_dynlock_set(dyn_locks, i, pointer);
-    CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-
-    if (i == -1) {
-        dynlock_destroy_callback(pointer->data, __FILE__, __LINE__);
-        OPENSSL_free(pointer);
-    } else
-        i += 1;                 /* to avoid 0 */
-    return -i;
-}
-
-void CRYPTO_destroy_dynlockid(int i)
-{
-    CRYPTO_dynlock *pointer = NULL;
-    if (i)
-        i = -i - 1;
-    if (dynlock_destroy_callback == NULL)
-        return;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
-
-    if (dyn_locks == NULL || i >= sk_CRYPTO_dynlock_num(dyn_locks)) {
-        CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-        return;
-    }
-    pointer = sk_CRYPTO_dynlock_value(dyn_locks, i);
-    if (pointer != NULL) {
-        --pointer->references;
-#ifdef REF_CHECK
-        if (pointer->references < 0) {
-            fprintf(stderr,
-                    "CRYPTO_destroy_dynlockid, bad reference count\n");
-            abort();
-        } else
-#endif
-        if (pointer->references <= 0) {
-            (void)sk_CRYPTO_dynlock_set(dyn_locks, i, NULL);
-        } else
-            pointer = NULL;
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-
-    if (pointer) {
-        dynlock_destroy_callback(pointer->data, __FILE__, __LINE__);
-        OPENSSL_free(pointer);
-    }
-}
-
-struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i)
-{
-    CRYPTO_dynlock *pointer = NULL;
-    if (i)
-        i = -i - 1;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
-
-    if (dyn_locks != NULL && i < sk_CRYPTO_dynlock_num(dyn_locks))
-        pointer = sk_CRYPTO_dynlock_value(dyn_locks, i);
-    if (pointer)
-        pointer->references++;
-
-    CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-
-    if (pointer)
-        return pointer->data;
-    return NULL;
-}
-
-struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void))
- (const char *file, int line) {
-    return (dynlock_create_callback);
-}
-
-void (*CRYPTO_get_dynlock_lock_callback(void)) (int mode,
-                                                struct CRYPTO_dynlock_value
-                                                *l, const char *file,
-                                                int line) {
-    return (dynlock_lock_callback);
-}
-
-void (*CRYPTO_get_dynlock_destroy_callback(void))
- (struct CRYPTO_dynlock_value *l, const char *file, int line) {
-    return (dynlock_destroy_callback);
-}
-
-void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*func)
-                                         (const char *file, int line))
-{
-    dynlock_create_callback = func;
-}
-
-void CRYPTO_set_dynlock_lock_callback(void (*func) (int mode,
-                                                    struct
-                                                    CRYPTO_dynlock_value *l,
-                                                    const char *file,
-                                                    int line))
-{
-    dynlock_lock_callback = func;
-}
-
-void CRYPTO_set_dynlock_destroy_callback(void (*func)
-                                          (struct CRYPTO_dynlock_value *l,
-                                           const char *file, int line))
-{
-    dynlock_destroy_callback = func;
-}
-
-void (*CRYPTO_get_locking_callback(void)) (int mode, int type,
-                                           const char *file, int line) {
-    return (locking_callback);
-}
-
-int (*CRYPTO_get_add_lock_callback(void)) (int *num, int mount, int type,
-                                           const char *file, int line) {
-    return (add_lock_callback);
-}
-
-void CRYPTO_set_locking_callback(void (*func) (int mode, int type,
-                                               const char *file, int line))
-{
-    /*
-     * Calling this here ensures initialisation before any threads are
-     * started.
-     */
-    OPENSSL_init();
-    locking_callback = func;
-}
-
-void CRYPTO_set_add_lock_callback(int (*func) (int *num, int mount, int type,
-                                               const char *file, int line))
-{
-    add_lock_callback = func;
-}
-
-/*
- * the memset() here and in set_pointer() seem overkill, but for the sake of
- * CRYPTO_THREADID_cmp() this avoids any platform silliness that might cause
- * two "equal" THREADID structs to not be memcmp()-identical.
- */
-void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val)
-{
-    memset(id, 0, sizeof(*id));
-    id->val = val;
-}
-
-static const unsigned char hash_coeffs[] = { 3, 5, 7, 11, 13, 17, 19, 23 };
-
-void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr)
-{
-    unsigned char *dest = (void *)&id->val;
-    unsigned int accum = 0;
-    unsigned char dnum = sizeof(id->val);
-
-    memset(id, 0, sizeof(*id));
-    id->ptr = ptr;
-    if (sizeof(id->val) >= sizeof(id->ptr)) {
-        /*
-         * 'ptr' can be embedded in 'val' without loss of uniqueness
-         */
-        id->val = (unsigned long)id->ptr;
-        return;
-    }
-    /*
-     * hash ptr ==> val. Each byte of 'val' gets the mod-256 total of a
-     * linear function over the bytes in 'ptr', the co-efficients of which
-     * are a sequence of low-primes (hash_coeffs is an 8-element cycle) - the
-     * starting prime for the sequence varies for each byte of 'val' (unique
-     * polynomials unless pointers are >64-bit). For added spice, the totals
-     * accumulate rather than restarting from zero, and the index of the
-     * 'val' byte is added each time (position dependence). If I was a
-     * black-belt, I'd scan big-endian pointers in reverse to give low-order
-     * bits more play, but this isn't crypto and I'd prefer nobody mistake it
-     * as such. Plus I'm lazy.
-     */
-    while (dnum--) {
-        const unsigned char *src = (void *)&id->ptr;
-        unsigned char snum = sizeof(id->ptr);
-        while (snum--)
-            accum += *(src++) * hash_coeffs[(snum + dnum) & 7];
-        accum += dnum;
-        *(dest++) = accum & 255;
-    }
-}
-
-int CRYPTO_THREADID_set_callback(void (*func) (CRYPTO_THREADID *))
-{
-    if (threadid_callback)
-        return 0;
-    threadid_callback = func;
-    return 1;
-}
-
-void (*CRYPTO_THREADID_get_callback(void)) (CRYPTO_THREADID *) {
-    return threadid_callback;
-}
-
-void CRYPTO_THREADID_current(CRYPTO_THREADID *id)
-{
-    if (threadid_callback) {
-        threadid_callback(id);
-        return;
-    }
-#ifndef OPENSSL_NO_DEPRECATED
-    /* If the deprecated callback was set, fall back to that */
-    if (id_callback) {
-        CRYPTO_THREADID_set_numeric(id, id_callback());
-        return;
-    }
-#endif
-    /* Else pick a backup */
-#ifdef OPENSSL_SYS_WIN16
-    CRYPTO_THREADID_set_numeric(id, (unsigned long)GetCurrentTask());
-#elif defined(OPENSSL_SYS_WIN32)
-    CRYPTO_THREADID_set_numeric(id, (unsigned long)GetCurrentThreadId());
-#elif defined(OPENSSL_SYS_BEOS)
-    CRYPTO_THREADID_set_numeric(id, (unsigned long)find_thread(NULL));
-#else
-    /* For everything else, default to using the address of 'errno' */
-    CRYPTO_THREADID_set_pointer(id, (void *)&errno);
-#endif
-}
-
-int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b)
-{
-    return memcmp(a, b, sizeof(*a));
-}
-
-void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src)
-{
-    memcpy(dest, src, sizeof(*src));
-}
-
-unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id)
-{
-    return id->val;
-}
-
-#ifndef OPENSSL_NO_DEPRECATED
-unsigned long (*CRYPTO_get_id_callback(void)) (void) {
-    return (id_callback);
-}
-
-void CRYPTO_set_id_callback(unsigned long (*func) (void))
-{
-    id_callback = func;
-}
-
-unsigned long CRYPTO_thread_id(void)
-{
-    unsigned long ret = 0;
-
-    if (id_callback == NULL) {
-# ifdef OPENSSL_SYS_WIN16
-        ret = (unsigned long)GetCurrentTask();
-# elif defined(OPENSSL_SYS_WIN32)
-        ret = (unsigned long)GetCurrentThreadId();
-# elif defined(GETPID_IS_MEANINGLESS)
-        ret = 1L;
-# elif defined(OPENSSL_SYS_BEOS)
-        ret = (unsigned long)find_thread(NULL);
-# else
-        ret = (unsigned long)getpid();
-# endif
-    } else
-        ret = id_callback();
-    return (ret);
-}
-#endif
-
-void CRYPTO_lock(int mode, int type, const char *file, int line)
-{
-#ifdef LOCK_DEBUG
-    {
-        CRYPTO_THREADID id;
-        char *rw_text, *operation_text;
-
-        if (mode & CRYPTO_LOCK)
-            operation_text = "lock  ";
-        else if (mode & CRYPTO_UNLOCK)
-            operation_text = "unlock";
-        else
-            operation_text = "ERROR ";
-
-        if (mode & CRYPTO_READ)
-            rw_text = "r";
-        else if (mode & CRYPTO_WRITE)
-            rw_text = "w";
-        else
-            rw_text = "ERROR";
-
-        CRYPTO_THREADID_current(&id);
-        fprintf(stderr, "lock:%08lx:(%s)%s %-18s %s:%d\n",
-                CRYPTO_THREADID_hash(&id), rw_text, operation_text,
-                CRYPTO_get_lock_name(type), file, line);
-    }
-#endif
-    if (type < 0) {
-        if (dynlock_lock_callback != NULL) {
-            struct CRYPTO_dynlock_value *pointer
-                = CRYPTO_get_dynlock_value(type);
-
-            OPENSSL_assert(pointer != NULL);
-
-            dynlock_lock_callback(mode, pointer, file, line);
-
-            CRYPTO_destroy_dynlockid(type);
-        }
-    } else if (locking_callback != NULL)
-        locking_callback(mode, type, file, line);
-}
-
-int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file,
-                    int line)
-{
-    int ret = 0;
-
-    if (add_lock_callback != NULL) {
-#ifdef LOCK_DEBUG
-        int before = *pointer;
-#endif
-
-        ret = add_lock_callback(pointer, amount, type, file, line);
-#ifdef LOCK_DEBUG
-        {
-            CRYPTO_THREADID id;
-            CRYPTO_THREADID_current(&id);
-            fprintf(stderr, "ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
-                    CRYPTO_THREADID_hash(&id), before, amount, ret,
-                    CRYPTO_get_lock_name(type), file, line);
-        }
-#endif
-    } else {
-        CRYPTO_lock(CRYPTO_LOCK | CRYPTO_WRITE, type, file, line);
-
-        ret = *pointer + amount;
-#ifdef LOCK_DEBUG
-        {
-            CRYPTO_THREADID id;
-            CRYPTO_THREADID_current(&id);
-            fprintf(stderr, "ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
-                    CRYPTO_THREADID_hash(&id),
-                    *pointer, amount, ret,
-                    CRYPTO_get_lock_name(type), file, line);
-        }
-#endif
-        *pointer = ret;
-        CRYPTO_lock(CRYPTO_UNLOCK | CRYPTO_WRITE, type, file, line);
-    }
-    return (ret);
-}
-
-const char *CRYPTO_get_lock_name(int type)
-{
-    if (type < 0)
-        return ("dynamic");
-    else if (type < CRYPTO_NUM_LOCKS)
-        return (lock_names[type]);
-    else if (type - CRYPTO_NUM_LOCKS > sk_OPENSSL_STRING_num(app_locks))
-        return ("ERROR");
-    else
-        return (sk_OPENSSL_STRING_value(app_locks, type - CRYPTO_NUM_LOCKS));
-}
-
-#if     defined(__i386)   || defined(__i386__)   || defined(_M_IX86) || \
-        defined(__INTEL__) || \
-        defined(__x86_64) || defined(__x86_64__) || \
-        defined(_M_AMD64) || defined(_M_X64)
-
-extern unsigned int OPENSSL_ia32cap_P[4];
-unsigned long *OPENSSL_ia32cap_loc(void)
-{
-    if (sizeof(long) == 4)
-        /*
-         * If 32-bit application pulls address of OPENSSL_ia32cap_P[0]
-         * clear second element to maintain the illusion that vector
-         * is 32-bit.
-         */
-        OPENSSL_ia32cap_P[1] = 0;
-
-    OPENSSL_ia32cap_P[2] = 0;
-
-    return (unsigned long *)OPENSSL_ia32cap_P;
-}
-
-# if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM) && !defined(I386_ONLY)
-#  define OPENSSL_CPUID_SETUP
-#  if defined(_WIN32)
-typedef unsigned __int64 IA32CAP;
-#  else
-typedef unsigned long long IA32CAP;
-#  endif
-void OPENSSL_cpuid_setup(void)
-{
-    static int trigger = 0;
-    IA32CAP OPENSSL_ia32_cpuid(unsigned int *);
-    IA32CAP vec;
-    char *env;
-
-    if (trigger)
-        return;
-
-    trigger = 1;
-    if ((env = getenv("OPENSSL_ia32cap"))) {
-        int off = (env[0] == '~') ? 1 : 0;
-#  if defined(_WIN32)
-        if (!sscanf(env + off, "%I64i", &vec))
-            vec = strtoul(env + off, NULL, 0);
-#  else
-        if (!sscanf(env + off, "%lli", (long long *)&vec))
-            vec = strtoul(env + off, NULL, 0);
-#  endif
-        if (off)
-            vec = OPENSSL_ia32_cpuid(OPENSSL_ia32cap_P) & ~vec;
-        else if (env[0] == ':')
-            vec = OPENSSL_ia32_cpuid(OPENSSL_ia32cap_P);
-
-        OPENSSL_ia32cap_P[2] = 0;
-        if ((env = strchr(env, ':'))) {
-            unsigned int vecx;
-            env++;
-            off = (env[0] == '~') ? 1 : 0;
-            vecx = strtoul(env + off, NULL, 0);
-            if (off)
-                OPENSSL_ia32cap_P[2] &= ~vecx;
-            else
-                OPENSSL_ia32cap_P[2] = vecx;
-        }
-    } else
-        vec = OPENSSL_ia32_cpuid(OPENSSL_ia32cap_P);
-
-    /*
-     * |(1<<10) sets a reserved bit to signal that variable
-     * was initialized already... This is to avoid interference
-     * with cpuid snippets in ELF .init segment.
-     */
-    OPENSSL_ia32cap_P[0] = (unsigned int)vec | (1 << 10);
-    OPENSSL_ia32cap_P[1] = (unsigned int)(vec >> 32);
-}
-# else
-unsigned int OPENSSL_ia32cap_P[4];
-# endif
-
-#else
-unsigned long *OPENSSL_ia32cap_loc(void)
-{
-    return NULL;
-}
-#endif
-int OPENSSL_NONPIC_relocated = 0;
-#if !defined(OPENSSL_CPUID_SETUP) && !defined(OPENSSL_CPUID_OBJ)
-void OPENSSL_cpuid_setup(void)
-{
-}
-#endif
-
-#if (defined(_WIN32) || defined(__CYGWIN__)) && defined(_WINDLL)
-# ifdef __CYGWIN__
-/* pick DLL_[PROCESS|THREAD]_[ATTACH|DETACH] definitions */
-#  include <windows.h>
-/*
- * this has side-effect of _WIN32 getting defined, which otherwise is
- * mutually exclusive with __CYGWIN__...
- */
-# endif
-
-/*
- * All we really need to do is remove the 'error' state when a thread
- * detaches
- */
-
-BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
-{
-    switch (fdwReason) {
-    case DLL_PROCESS_ATTACH:
-        OPENSSL_cpuid_setup();
-# if defined(_WIN32_WINNT)
-        {
-            IMAGE_DOS_HEADER *dos_header = (IMAGE_DOS_HEADER *) hinstDLL;
-            IMAGE_NT_HEADERS *nt_headers;
-
-            if (dos_header->e_magic == IMAGE_DOS_SIGNATURE) {
-                nt_headers = (IMAGE_NT_HEADERS *) ((char *)dos_header
-                                                   + dos_header->e_lfanew);
-                if (nt_headers->Signature == IMAGE_NT_SIGNATURE &&
-                    hinstDLL !=
-                    (HINSTANCE) (nt_headers->OptionalHeader.ImageBase))
-                    OPENSSL_NONPIC_relocated = 1;
-            }
-        }
-# endif
-        break;
-    case DLL_THREAD_ATTACH:
-        break;
-    case DLL_THREAD_DETACH:
-        break;
-    case DLL_PROCESS_DETACH:
-        break;
-    }
-    return (TRUE);
-}
-#endif
-
-#if defined(_WIN32) && !defined(__CYGWIN__)
-# include <tchar.h>
-# include <signal.h>
-# ifdef __WATCOMC__
-#  if defined(_UNICODE) || defined(__UNICODE__)
-#   define _vsntprintf _vsnwprintf
-#  else
-#   define _vsntprintf _vsnprintf
-#  endif
-# endif
-# ifdef _MSC_VER
-#  define alloca _alloca
-# endif
-
-# if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333
-int OPENSSL_isservice(void)
-{
-    HWINSTA h;
-    DWORD len;
-    WCHAR *name;
-    static union {
-        void *p;
-        int (*f) (void);
-    } _OPENSSL_isservice = {
-        NULL
-    };
-
-    if (_OPENSSL_isservice.p == NULL) {
-        HANDLE h = GetModuleHandle(NULL);
-        if (h != NULL)
-            _OPENSSL_isservice.p = GetProcAddress(h, "_OPENSSL_isservice");
-        if (_OPENSSL_isservice.p == NULL)
-            _OPENSSL_isservice.p = (void *)-1;
-    }
-
-    if (_OPENSSL_isservice.p != (void *)-1)
-        return (*_OPENSSL_isservice.f) ();
-
-    h = GetProcessWindowStation();
-    if (h == NULL)
-        return -1;
-
-    if (GetUserObjectInformationW(h, UOI_NAME, NULL, 0, &len) ||
-        GetLastError() != ERROR_INSUFFICIENT_BUFFER)
-        return -1;
-
-    if (len > 512)
-        return -1;              /* paranoia */
-    len++, len &= ~1;           /* paranoia */
-    name = (WCHAR *)alloca(len + sizeof(WCHAR));
-    if (!GetUserObjectInformationW(h, UOI_NAME, name, len, &len))
-        return -1;
-
-    len++, len &= ~1;           /* paranoia */
-    name[len / sizeof(WCHAR)] = L'\0'; /* paranoia */
-#  if 1
-    /*
-     * This doesn't cover "interactive" services [working with real
-     * WinSta0's] nor programs started non-interactively by Task Scheduler
-     * [those are working with SAWinSta].
-     */
-    if (wcsstr(name, L"Service-0x"))
-        return 1;
-#  else
-    /* This covers all non-interactive programs such as services. */
-    if (!wcsstr(name, L"WinSta0"))
-        return 1;
-#  endif
-    else
-        return 0;
-}
-# else
-int OPENSSL_isservice(void)
-{
-    return 0;
-}
-# endif
-
-void OPENSSL_showfatal(const char *fmta, ...)
-{
-    va_list ap;
-    TCHAR buf[256];
-    const TCHAR *fmt;
-# ifdef STD_ERROR_HANDLE        /* what a dirty trick! */
-    HANDLE h;
-
-    if ((h = GetStdHandle(STD_ERROR_HANDLE)) != NULL &&
-        GetFileType(h) != FILE_TYPE_UNKNOWN) {
-        /* must be console application */
-        int len;
-        DWORD out;
-
-        va_start(ap, fmta);
-        len = _vsnprintf((char *)buf, sizeof(buf), fmta, ap);
-        WriteFile(h, buf, len < 0 ? sizeof(buf) : (DWORD) len, &out, NULL);
-        va_end(ap);
-        return;
-    }
-# endif
-
-    if (sizeof(TCHAR) == sizeof(char))
-        fmt = (const TCHAR *)fmta;
-    else
-        do {
-            int keepgoing;
-            size_t len_0 = strlen(fmta) + 1, i;
-            WCHAR *fmtw;
-
-            fmtw = (WCHAR *)alloca(len_0 * sizeof(WCHAR));
-            if (fmtw == NULL) {
-                fmt = (const TCHAR *)L"no stack?";
-                break;
-            }
-# ifndef OPENSSL_NO_MULTIBYTE
-            if (!MultiByteToWideChar(CP_ACP, 0, fmta, len_0, fmtw, len_0))
-# endif
-                for (i = 0; i < len_0; i++)
-                    fmtw[i] = (WCHAR)fmta[i];
-
-            for (i = 0; i < len_0; i++) {
-                if (fmtw[i] == L'%')
-                    do {
-                        keepgoing = 0;
-                        switch (fmtw[i + 1]) {
-                        case L'0':
-                        case L'1':
-                        case L'2':
-                        case L'3':
-                        case L'4':
-                        case L'5':
-                        case L'6':
-                        case L'7':
-                        case L'8':
-                        case L'9':
-                        case L'.':
-                        case L'*':
-                        case L'-':
-                            i++;
-                            keepgoing = 1;
-                            break;
-                        case L's':
-                            fmtw[i + 1] = L'S';
-                            break;
-                        case L'S':
-                            fmtw[i + 1] = L's';
-                            break;
-                        case L'c':
-                            fmtw[i + 1] = L'C';
-                            break;
-                        case L'C':
-                            fmtw[i + 1] = L'c';
-                            break;
-                        }
-                    } while (keepgoing);
-            }
-            fmt = (const TCHAR *)fmtw;
-        } while (0);
-
-    va_start(ap, fmta);
-    _vsntprintf(buf, sizeof(buf) / sizeof(TCHAR) - 1, fmt, ap);
-    buf[sizeof(buf) / sizeof(TCHAR) - 1] = _T('\0');
-    va_end(ap);
-
-# if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333
-    /* this -------------v--- guards NT-specific calls */
-    if (check_winnt() && OPENSSL_isservice() > 0) {
-        HANDLE hEventLog = RegisterEventSource(NULL, _T("OpenSSL"));
-
-        if (hEventLog != NULL) {
-            const TCHAR *pmsg = buf;
-
-            if (!ReportEvent(hEventLog, EVENTLOG_ERROR_TYPE, 0, 0, NULL,
-                             1, 0, &pmsg, NULL)) {
-#if defined(DEBUG)
-                /*
-                 * We are in a situation where we tried to report a critical
-                 * error and this failed for some reason. As a last resort,
-                 * in debug builds, send output to the debugger or any other
-                 * tool like DebugView which can monitor the output.
-                 */
-                OutputDebugString(pmsg);
-#endif
-            }
-
-            (void)DeregisterEventSource(hEventLog);
-        }
-    } else
-# endif
-        MessageBox(NULL, buf, _T("OpenSSL: FATAL"), MB_OK | MB_ICONERROR);
-}
-#else
-void OPENSSL_showfatal(const char *fmta, ...)
-{
-    va_list ap;
-
-    va_start(ap, fmta);
-    vfprintf(stderr, fmta, ap);
-    va_end(ap);
-}
-
-int OPENSSL_isservice(void)
-{
-    return 0;
-}
-#endif
-
-void OpenSSLDie(const char *file, int line, const char *assertion)
-{
-    OPENSSL_showfatal
-        ("%s(%d): OpenSSL internal error, assertion failed: %s\n", file, line,
-         assertion);
-#if !defined(_WIN32) || defined(__CYGWIN__)
-    abort();
-#else
-    /*
-     * Win32 abort() customarily shows a dialog, but we just did that...
-     */
-# if !defined(_WIN32_WCE)
-    raise(SIGABRT);
-# endif
-    _exit(3);
-#endif
-}
-
-void *OPENSSL_stderr(void)
-{
-    return stderr;
-}
-
-int CRYPTO_memcmp(const volatile void *in_a, const volatile void *in_b, size_t len)
-{
-    size_t i;
-    const volatile unsigned char *a = in_a;
-    const volatile unsigned char *b = in_b;
-    unsigned char x = 0;
-
-    for (i = 0; i < len; i++)
-        x |= a[i] ^ b[i];
-
-    return x;
-}
diff --git a/thirdparty/openssl/crypto/cryptlib.h b/thirdparty/openssl/crypto/cryptlib.h
deleted file mode 100644
index fba180a6b2..0000000000
--- a/thirdparty/openssl/crypto/cryptlib.h
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/cryptlib.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_CRYPTLIB_H
-# define HEADER_CRYPTLIB_H
-
-# include <stdlib.h>
-# include <string.h>
-
-# include "e_os.h"
-
-# ifdef OPENSSL_USE_APPLINK
-#  define BIO_FLAGS_UPLINK 0x8000
-#  include "ms/uplink.h"
-# endif
-
-# include <openssl/crypto.h>
-# include <openssl/buffer.h>
-# include <openssl/bio.h>
-# include <openssl/err.h>
-# include <openssl/opensslconf.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# ifndef OPENSSL_SYS_VMS
-#  define X509_CERT_AREA          OPENSSLDIR
-#  define X509_CERT_DIR           OPENSSLDIR "/certs"
-#  define X509_CERT_FILE          OPENSSLDIR "/cert.pem"
-#  define X509_PRIVATE_DIR        OPENSSLDIR "/private"
-# else
-#  define X509_CERT_AREA          "SSLROOT:[000000]"
-#  define X509_CERT_DIR           "SSLCERTS:"
-#  define X509_CERT_FILE          "SSLCERTS:cert.pem"
-#  define X509_PRIVATE_DIR        "SSLPRIVATE:"
-# endif
-
-# define X509_CERT_DIR_EVP        "SSL_CERT_DIR"
-# define X509_CERT_FILE_EVP       "SSL_CERT_FILE"
-
-/* size of string representations */
-# define DECIMAL_SIZE(type)      ((sizeof(type)*8+2)/3+1)
-# define HEX_SIZE(type)          (sizeof(type)*2)
-
-void OPENSSL_cpuid_setup(void);
-extern unsigned int OPENSSL_ia32cap_P[];
-void OPENSSL_showfatal(const char *fmta, ...);
-void *OPENSSL_stderr(void);
-extern int OPENSSL_NONPIC_relocated;
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/crypto/cversion.c b/thirdparty/openssl/crypto/cversion.c
deleted file mode 100644
index bfff6995c1..0000000000
--- a/thirdparty/openssl/crypto/cversion.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/* crypto/cversion.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "cryptlib.h"
-
-#ifndef NO_WINDOWS_BRAINDEATH
-# include "buildinf.h"
-#endif
-
-const char *SSLeay_version(int t)
-{
-    if (t == SSLEAY_VERSION)
-        return OPENSSL_VERSION_TEXT;
-    if (t == SSLEAY_BUILT_ON) {
-#ifdef DATE
-# ifdef OPENSSL_USE_BUILD_DATE
-        return (DATE);
-# else
-        return ("built on: reproducible build, date unspecified");
-# endif
-#else
-        return ("built on: date not available");
-#endif
-    }
-    if (t == SSLEAY_CFLAGS) {
-#ifdef CFLAGS
-        return (CFLAGS);
-#else
-        return ("compiler: information not available");
-#endif
-    }
-    if (t == SSLEAY_PLATFORM) {
-#ifdef PLATFORM
-        return (PLATFORM);
-#else
-        return ("platform: information not available");
-#endif
-    }
-    if (t == SSLEAY_DIR) {
-#ifdef OPENSSLDIR
-        return "OPENSSLDIR: \"" OPENSSLDIR "\"";
-#else
-        return "OPENSSLDIR: N/A";
-#endif
-    }
-    return ("not available");
-}
-
-unsigned long SSLeay(void)
-{
-    return (SSLEAY_VERSION_NUMBER);
-}
diff --git a/thirdparty/openssl/crypto/des/COPYRIGHT b/thirdparty/openssl/crypto/des/COPYRIGHT
deleted file mode 100644
index 5469e1e469..0000000000
--- a/thirdparty/openssl/crypto/des/COPYRIGHT
+++ /dev/null
@@ -1,50 +0,0 @@
-Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-All rights reserved.
-
-This package is an DES implementation written by Eric Young (eay@cryptsoft.com).
-The implementation was written so as to conform with MIT's libdes.
-
-This library is free for commercial and non-commercial use as long as
-the following conditions are aheared to.  The following conditions
-apply to all code found in this distribution.
-
-Copyright remains Eric Young's, and as such any Copyright notices in
-the code are not to be removed.
-If this package is used in a product, Eric Young should be given attribution
-as the author of that the SSL library.  This can be in the form of a textual
-message at program startup or in documentation (online or textual) provided
-with the package.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions
-are met:
-1. Redistributions of source code must retain the copyright
-   notice, this list of conditions and the following disclaimer.
-2. Redistributions in binary form must reproduce the above copyright
-   notice, this list of conditions and the following disclaimer in the
-   documentation and/or other materials provided with the distribution.
-3. All advertising materials mentioning features or use of this software
-   must display the following acknowledgement:
-   This product includes software developed by Eric Young (eay@cryptsoft.com)
-
-THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGE.
-
-The license and distribution terms for any publically available version or
-derivative of this code cannot be changed.  i.e. this code cannot simply be
-copied and put under another distrubution license
-[including the GNU Public License.]
-
-The reason behind this being stated in this direct manner is past
-experience in code simply being copied and the attribution removed
-from it and then being distributed as part of other packages. This
-implementation was a non-trivial and unpaid effort.
diff --git a/thirdparty/openssl/crypto/des/DES.pm b/thirdparty/openssl/crypto/des/DES.pm
deleted file mode 100644
index 6a175b6ca4..0000000000
--- a/thirdparty/openssl/crypto/des/DES.pm
+++ /dev/null
@@ -1,19 +0,0 @@
-package DES;
-
-require Exporter;
-require DynaLoader;
-@ISA = qw(Exporter DynaLoader);
-# Items to export into callers namespace by default
-# (move infrequently used names to @EXPORT_OK below)
-@EXPORT = qw(
-);
-# Other items we are prepared to export if requested
-@EXPORT_OK = qw(
-crypt
-);
-
-# Preloaded methods go here.  Autoload methods go after __END__, and are
-# processed by the autosplit program.
-bootstrap DES;
-1;
-__END__
diff --git a/thirdparty/openssl/crypto/des/DES.xs b/thirdparty/openssl/crypto/des/DES.xs
deleted file mode 100644
index b8050b9edf..0000000000
--- a/thirdparty/openssl/crypto/des/DES.xs
+++ /dev/null
@@ -1,268 +0,0 @@
-#include "EXTERN.h"
-#include "perl.h"
-#include "XSUB.h"
-#include "des.h"
-
-#define deschar	char
-static STRLEN len;
-
-static int
-not_here(s)
-char *s;
-{
-    croak("%s not implemented on this architecture", s);
-    return -1;
-}
-
-MODULE = DES	PACKAGE = DES	PREFIX = des_
-
-char *
-des_crypt(buf,salt)
-	char *	buf
-	char *	salt
-
-void
-des_set_odd_parity(key)
-	des_cblock *	key
-PPCODE:
-	{
-	SV *s;
-
-	s=sv_newmortal();
-	sv_setpvn(s,(char *)key,8);
-	des_set_odd_parity((des_cblock *)SvPV(s,na));
-	PUSHs(s);
-	}
-
-int
-des_is_weak_key(key)
-	des_cblock *	key
-
-des_key_schedule
-des_set_key(key)
-	des_cblock *	key
-CODE:
-	des_set_key(key,RETVAL);
-OUTPUT:
-RETVAL
-
-des_cblock
-des_ecb_encrypt(input,ks,encrypt)
-	des_cblock *	input
-	des_key_schedule *	ks
-	int	encrypt
-CODE:
-	des_ecb_encrypt(input,&RETVAL,*ks,encrypt);
-OUTPUT:
-RETVAL
-
-void
-des_cbc_encrypt(input,ks,ivec,encrypt)
-	char *	input
-	des_key_schedule *	ks
-	des_cblock *	ivec
-	int	encrypt
-PPCODE:
-	{
-	SV *s;
-	STRLEN len,l;
-	char *c;
-
-	l=SvCUR(ST(0));
-	len=((((unsigned long)l)+7)/8)*8;
-	s=sv_newmortal();
-	sv_setpvn(s,"",0);
-	SvGROW(s,len);
-	SvCUR_set(s,len);
-	c=(char *)SvPV(s,na);
-	des_cbc_encrypt((des_cblock *)input,(des_cblock *)c,
-		l,*ks,ivec,encrypt);
-	sv_setpvn(ST(2),(char *)c[len-8],8);
-	PUSHs(s);
-	}
-
-void
-des_cbc3_encrypt(input,ks1,ks2,ivec1,ivec2,encrypt)
-	char *	input
-	des_key_schedule *	ks1
-	des_key_schedule *	ks2
-	des_cblock *	ivec1
-	des_cblock *	ivec2
-	int	encrypt
-PPCODE:
-	{
-	SV *s;
-	STRLEN len,l;
-
-	l=SvCUR(ST(0));
-	len=((((unsigned long)l)+7)/8)*8;
-	s=sv_newmortal();
-	sv_setpvn(s,"",0);
-	SvGROW(s,len);
-	SvCUR_set(s,len);
-	des_3cbc_encrypt((des_cblock *)input,(des_cblock *)SvPV(s,na),
-		l,*ks1,*ks2,ivec1,ivec2,encrypt);
-	sv_setpvn(ST(3),(char *)ivec1,8);
-	sv_setpvn(ST(4),(char *)ivec2,8);
-	PUSHs(s);
-	}
-
-void
-des_cbc_cksum(input,ks,ivec)
-	char *	input
-	des_key_schedule *	ks
-	des_cblock *	ivec
-PPCODE:
-	{
-	SV *s1,*s2;
-	STRLEN len,l;
-	des_cblock c;
-	unsigned long i1,i2;
-
-	s1=sv_newmortal();
-	s2=sv_newmortal();
-	l=SvCUR(ST(0));
-	des_cbc_cksum((des_cblock *)input,(des_cblock *)c,
-		l,*ks,ivec);
-	i1=c[4]|(c[5]<<8)|(c[6]<<16)|(c[7]<<24);
-	i2=c[0]|(c[1]<<8)|(c[2]<<16)|(c[3]<<24);
-	sv_setiv(s1,i1);
-	sv_setiv(s2,i2);
-	sv_setpvn(ST(2),(char *)c,8);
-	PUSHs(s1);
-	PUSHs(s2);
-	}
-
-void
-des_cfb_encrypt(input,numbits,ks,ivec,encrypt)
-	char *	input
-	int	numbits
-	des_key_schedule *	ks
-	des_cblock *	ivec
-	int	encrypt
-PPCODE:
-	{
-	SV *s;
-	STRLEN len;
-	char *c;
-
-	len=SvCUR(ST(0));
-	s=sv_newmortal();
-	sv_setpvn(s,"",0);
-	SvGROW(s,len);
-	SvCUR_set(s,len);
-	c=(char *)SvPV(s,na);
-	des_cfb_encrypt((unsigned char *)input,(unsigned char *)c,
-		(int)numbits,(long)len,*ks,ivec,encrypt);
-	sv_setpvn(ST(3),(char *)ivec,8);
-	PUSHs(s);
-	}
-
-des_cblock *
-des_ecb3_encrypt(input,ks1,ks2,encrypt)
-	des_cblock *	input
-	des_key_schedule *	ks1
-	des_key_schedule *	ks2
-	int	encrypt
-CODE:
-	{
-	des_cblock c;
-
-	des_ecb3_encrypt((des_cblock *)input,(des_cblock *)&c,
-		*ks1,*ks2,encrypt);
-	RETVAL= &c;
-	}
-OUTPUT:
-RETVAL
-
-void
-des_ofb_encrypt(input,numbits,ks,ivec)
-	unsigned char *	input
-	int	numbits
-	des_key_schedule *	ks
-	des_cblock *	ivec
-PPCODE:
-	{
-	SV *s;
-	STRLEN len,l;
-	unsigned char *c;
-
-	len=SvCUR(ST(0));
-	s=sv_newmortal();
-	sv_setpvn(s,"",0);
-	SvGROW(s,len);
-	SvCUR_set(s,len);
-	c=(unsigned char *)SvPV(s,na);
-	des_ofb_encrypt((unsigned char *)input,(unsigned char *)c,
-		numbits,len,*ks,ivec);
-	sv_setpvn(ST(3),(char *)ivec,8);
-	PUSHs(s);
-	}
-
-void
-des_pcbc_encrypt(input,ks,ivec,encrypt)
-	char *	input
-	des_key_schedule *	ks
-	des_cblock *	ivec
-	int	encrypt
-PPCODE:
-	{
-	SV *s;
-	STRLEN len,l;
-	char *c;
-
-	l=SvCUR(ST(0));
-	len=((((unsigned long)l)+7)/8)*8;
-	s=sv_newmortal();
-	sv_setpvn(s,"",0);
-	SvGROW(s,len);
-	SvCUR_set(s,len);
-	c=(char *)SvPV(s,na);
-	des_pcbc_encrypt((des_cblock *)input,(des_cblock *)c,
-		l,*ks,ivec,encrypt);
-	sv_setpvn(ST(2),(char *)c[len-8],8);
-	PUSHs(s);
-	}
-
-des_cblock *
-des_random_key()
-CODE:
-	{
-	des_cblock c;
-
-	des_random_key(c);
-	RETVAL=&c;
-	}
-OUTPUT:
-RETVAL
-
-des_cblock *
-des_string_to_key(str)
-char *	str
-CODE:
-	{
-	des_cblock c;
-
-	des_string_to_key(str,&c);
-	RETVAL=&c;
-	}
-OUTPUT:
-RETVAL
-
-void
-des_string_to_2keys(str)
-char *	str
-PPCODE:
-	{
-	des_cblock c1,c2;
-	SV *s1,*s2;
-
-	des_string_to_2keys(str,&c1,&c2);
-	EXTEND(sp,2);
-	s1=sv_newmortal();
-	sv_setpvn(s1,(char *)c1,8);
-	s2=sv_newmortal();
-	sv_setpvn(s2,(char *)c2,8);
-	PUSHs(s1);
-	PUSHs(s2);
-	}
diff --git a/thirdparty/openssl/crypto/des/FILES0 b/thirdparty/openssl/crypto/des/FILES0
deleted file mode 100644
index 4c7ea2de7a..0000000000
--- a/thirdparty/openssl/crypto/des/FILES0
+++ /dev/null
@@ -1,96 +0,0 @@
-/* General stuff */
-COPYRIGHT	- Copyright info.
-MODES.DES	- A description of the features of the different modes of DES.
-FILES		- This file.
-INSTALL		- How to make things compile.
-Imakefile	- For use with kerberos.
-README		- What this package is.
-VERSION		- Which version this is and what was changed.
-KERBEROS	- Kerberos version 4 notes.
-Makefile.PL	- An old makefile to build with perl5, not current.
-Makefile.ssl	- The SSLeay makefile
-Makefile.uni	- The normal unix makefile.
-GNUmakefile	- The makefile for use with glibc.
-makefile.bc	- A Borland C makefile
-times		- Some outputs from 'speed' on some machines.
-vms.com		- For use when compiling under VMS
-
-/* My SunOS des(1) replacement */
-des.c		- des(1) source code.
-des.man		- des(1) manual.
-
-/* Testing and timing programs. */
-destest.c	- Source for libdes.a test program.
-speed.c		- Source for libdes.a timing program.
-rpw.c		- Source for libdes.a testing password reading routines.
-
-/* libdes.a source code */
-des_crypt.man	- libdes.a manual page.
-des.h		- Public libdes.a header file.
-ecb_enc.c	- des_ecb_encrypt() source, this contains the basic DES code.
-ecb3_enc.c	- des_ecb3_encrypt() source.
-cbc_ckm.c	- des_cbc_cksum() source.
-cbc_enc.c	- des_cbc_encrypt() source.
-ncbc_enc.c	- des_cbc_encrypt() that is 'normal' in that it copies
-		  the new iv values back in the passed iv vector.
-ede_enc.c	- des_ede3_cbc_encrypt() cbc mode des using triple DES.
-cbc3_enc.c	- des_3cbc_encrypt() source, don't use this function.
-cfb_enc.c	- des_cfb_encrypt() source.
-cfb64enc.c	- des_cfb64_encrypt() cfb in 64 bit mode but setup to be
-		  used as a stream cipher.
-cfb64ede.c	- des_ede3_cfb64_encrypt() cfb in 64 bit mode but setup to be
-		  used as a stream cipher and using triple DES.
-ofb_enc.c	- des_cfb_encrypt() source.
-ofb64_enc.c	- des_ofb_encrypt() ofb in 64 bit mode but setup to be
-		  used as a stream cipher.
-ofb64ede.c	- des_ede3_ofb64_encrypt() ofb in 64 bit mode but setup to be
-		  used as a stream cipher and using triple DES.
-enc_read.c	- des_enc_read() source.
-enc_writ.c	- des_enc_write() source.
-pcbc_enc.c	- des_pcbc_encrypt() source.
-qud_cksm.c	- quad_cksum() source.
-rand_key.c	- des_random_key() source.
-read_pwd.c	- Source for des_read_password() plus related functions.
-set_key.c	- Source for des_set_key().
-str2key.c	- Covert a string of any length into a key.
-fcrypt.c	- A small, fast version of crypt(3).
-des_locl.h	- Internal libdes.a header file.
-podd.h		- Odd parity tables - used in des_set_key().
-sk.h		- Lookup tables used in des_set_key().
-spr.h		- What is left of the S tables - used in ecb_encrypt().
-des_ver.h	- header file for the external definition of the
-		  version string.
-des.doc		- SSLeay documentation for the library.
-
-/* The perl scripts - you can ignore these files they are only
- * included for the curious */
-des.pl		- des in perl anyone? des_set_key and des_ecb_encrypt
-		  both done in a perl library.
-testdes.pl	- Testing program for des.pl
-doIP		- Perl script used to develop IP xor/shift code.
-doPC1		- Perl script used to develop PC1 xor/shift code.
-doPC2		- Generates sk.h.
-PC1		- Output of doPC1 should be the same as output from PC1.
-PC2		- used in development of doPC2.
-shifts.pl	- Perl library used by my perl scripts.
-
-/* I started making a perl5 dynamic library for libdes
- * but did not fully finish, these files are part of that effort. */
-DES.pm
-DES.pod
-DES.xs
-t
-typemap
-
-/* The following are for use with sun RPC implementaions. */
-rpc_des.h
-rpc_enc.c
-
-/* The following are contibuted by Mark Murray <mark@grondar.za>.  They
- * are not normally built into libdes due to machine specific routines
- * contained in them.  They are for use in the most recent incarnation of
- * export kerberos v 4 (eBones). */
-supp.c
-new_rkey.c
-
-
diff --git a/thirdparty/openssl/crypto/des/INSTALL b/thirdparty/openssl/crypto/des/INSTALL
deleted file mode 100644
index 8aebdfe110..0000000000
--- a/thirdparty/openssl/crypto/des/INSTALL
+++ /dev/null
@@ -1,69 +0,0 @@
-Check the CC and CFLAGS lines in the makefile
-
-If your C library does not support the times(3) function, change the
-#define TIMES to
-#undef TIMES in speed.c
-If it does, check the HZ value for the times(3) function.
-If your system does not define CLK_TCK it will be assumed to
-be 100.0.
-
-If possible use gcc v 2.7.?
-Turn on the maximum optimising (normally '-O3 -fomit-frame-pointer' for gcc)
-In recent times, some system compilers give better performace.
-
-type 'make'
-
-run './destest' to check things are ok.
-run './rpw' to check the tty code for reading passwords works.
-run './speed' to see how fast those optimisations make the library run :-)
-run './des_opts' to determin the best compile time options.
-
-The output from des_opts should be put in the makefile options and des_enc.c
-should be rebuilt.  For 64 bit computers, do not use the DES_PTR option.
-For the DEC Alpha, edit des.h and change DES_LONG to 'unsigned int'
-and then you can use the 'DES_PTR' option.
-
-The file options.txt has the options listed for best speed on quite a
-few systems.  Look and the options (UNROLL, PTR, RISC2 etc) and then
-turn on the relevant option in the Makefile.
-
-There are some special Makefile targets that make life easier.
-make cc		- standard cc build
-make gcc	- standard gcc build
-make x86-elf	- x86 assembler (elf), linux-elf.
-make x86-out	- x86 assembler (a.out), FreeBSD
-make x86-solaris- x86 assembler
-make x86-bsdi	- x86 assembler (a.out with primative assembler).
-
-If at all possible use the assembler (for Windows NT/95, use
-asm/win32.obj to link with).  The x86 assembler is very very fast.
-
-A make install will by default install
-libdes.a      in /usr/local/lib/libdes.a
-des           in /usr/local/bin/des
-des_crypt.man in /usr/local/man/man3/des_crypt.3
-des.man       in /usr/local/man/man1/des.1
-des.h         in /usr/include/des.h
-
-des(1) should be compatible with sunOS's but I have been unable to
-test it.
-
-These routines should compile on MSDOS, most 32bit and 64bit version
-of Unix (BSD and SYSV) and VMS, without modification.
-The only problems should be #include files that are in the wrong places.
-
-These routines can be compiled under MSDOS.
-I have successfully encrypted files using des(1) under MSDOS and then
-decrypted the files on a SparcStation.
-I have been able to compile and test the routines with
-Microsoft C v 5.1 and Turbo C v 2.0.
-The code in this library is in no way optimised for the 16bit
-operation of MSDOS.
-
-When building for glibc, ignore all of the above and just unpack into
-glibc-1.??/des and then gmake as per normal.
-
-As a final note on performace.  Certain CPUs like sparcs and Alpha often give
-a %10 speed difference depending on the link order.  It is rather anoying
-when one program reports 'x' DES encrypts a second and another reports
-'x*0.9' the speed.
diff --git a/thirdparty/openssl/crypto/des/Imakefile b/thirdparty/openssl/crypto/des/Imakefile
deleted file mode 100644
index 1b9b5629e1..0000000000
--- a/thirdparty/openssl/crypto/des/Imakefile
+++ /dev/null
@@ -1,35 +0,0 @@
-# This Imakefile has not been tested for a while but it should still
-# work when placed in the correct directory in the kerberos v 4 distribution
-
-SRCS=   cbc_cksm.c cbc_enc.c ecb_enc.c pcbc_enc.c \
-        qud_cksm.c rand_key.c read_pwd.c set_key.c str2key.c \
-        enc_read.c enc_writ.c fcrypt.c cfb_enc.c \
-	ecb3_enc.c ofb_enc.c ofb64enc.c
-
-OBJS=   cbc_cksm.o cbc_enc.o ecb_enc.o pcbc_enc.o \
-	qud_cksm.o rand_key.o read_pwd.o set_key.o str2key.o \
-	enc_read.o enc_writ.o fcrypt.o cfb_enc.o \
-	ecb3_enc.o ofb_enc.o ofb64enc.o
-
-GENERAL=COPYRIGHT FILES INSTALL Imakefile README VERSION makefile times \
-	vms.com KERBEROS
-DES=    des.c des.man
-TESTING=destest.c speed.c rpw.c
-LIBDES= des_crypt.man des.h des_locl.h podd.h sk.h spr.h
-
-PERL=   des.pl testdes.pl doIP doPC1 doPC2 PC1 PC2 shifts.pl
-
-CODE=    $(GENERAL) $(DES) $(TESTING) $(SRCS) $(LIBDES) $(PERL)
-
-SRCDIR=$(SRCTOP)/lib/des
-
-DBG= -O
-INCLUDE= -I$(SRCDIR)
-CC= cc
-
-library_obj_rule()
-
-install_library_target(des,$(OBJS),$(SRCS),)
-
-test(destest,libdes.a,)
-test(rpw,libdes.a,)
diff --git a/thirdparty/openssl/crypto/des/KERBEROS b/thirdparty/openssl/crypto/des/KERBEROS
deleted file mode 100644
index f401b10014..0000000000
--- a/thirdparty/openssl/crypto/des/KERBEROS
+++ /dev/null
@@ -1,41 +0,0 @@
- [ This is an old file, I don't know if it is true anymore
-   but I will leave the file here - eay 21/11/95 ]
-
-To use this library with Bones (kerberos without DES):
-1) Get my modified Bones - eBones.  It can be found on
-   gondwana.ecr.mu.oz.au (128.250.1.63) /pub/athena/eBones-p9.tar.Z
-   and
-   nic.funet.fi (128.214.6.100) /pub/unix/security/Kerberos/eBones-p9.tar.Z
-
-2) Unpack this library in src/lib/des, makeing sure it is version
-   3.00 or greater (libdes.tar.93-10-07.Z).  This versions differences
-   from the version in comp.sources.misc volume 29 patchlevel2.
-   The primarily difference is that it should compile under kerberos :-).
-   It can be found at.
-   ftp.psy.uq.oz.au (130.102.32.1) /pub/DES/libdes.tar.93-10-07.Z
-
-Now do a normal kerberos build and things should work.
-
-One problem I found when I was build on my local sun.
----
-For sunOS 4.1.1 apply the following patch to src/util/ss/make_commands.c
-
-*** make_commands.c.orig	Fri Jul  3 04:18:35 1987
---- make_commands.c	Wed May 20 08:47:42 1992
-***************
-*** 98,104 ****
-       if (!rename(o_file, z_file)) {
-  	  if (!vfork()) {
-  	       chdir("/tmp");
-! 	       execl("/bin/ld", "ld", "-o", o_file+5, "-s", "-r", "-n",
-  		     z_file+5, 0);
-  	       perror("/bin/ld");
-  	       _exit(1);
---- 98,104 ----
-       if (!rename(o_file, z_file)) {
-  	  if (!vfork()) {
-  	       chdir("/tmp");
-! 	       execl("/bin/ld", "ld", "-o", o_file+5, "-s", "-r",
-  		     z_file+5, 0);
-  	       perror("/bin/ld");
-  	       _exit(1);
diff --git a/thirdparty/openssl/crypto/des/README b/thirdparty/openssl/crypto/des/README
deleted file mode 100644
index 621a5ab467..0000000000
--- a/thirdparty/openssl/crypto/des/README
+++ /dev/null
@@ -1,54 +0,0 @@
-
-		libdes, Version 4.01 10-Jan-97
-
-		Copyright (c) 1997, Eric Young
-			  All rights reserved.
-
-    This program is free software; you can redistribute it and/or modify
-    it under the terms specified in COPYRIGHT.
-    
---
-The primary ftp site for this library is
-ftp://ftp.psy.uq.oz.au/pub/Crypto/DES/libdes-x.xx.tar.gz
-libdes is now also shipped with SSLeay.  Primary ftp site of
-ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-x.x.x.tar.gz
-
-The best way to build this library is to build it as part of SSLeay.
-
-This kit builds a DES encryption library and a DES encryption program.
-It supports ecb, cbc, ofb, cfb, triple ecb, triple cbc, triple ofb,
-triple cfb, desx, and MIT's pcbc encryption modes and also has a fast
-implementation of crypt(3).
-It contains support routines to read keys from a terminal,
-generate a random key, generate a key from an arbitrary length string,
-read/write encrypted data from/to a file descriptor.
-
-The implementation was written so as to conform with the manual entry
-for the des_crypt(3) library routines from MIT's project Athena.
-
-destest should be run after compilation to test the des routines.
-rpw should be run after compilation to test the read password routines.
-The des program is a replacement for the sun des command.  I believe it
-conforms to the sun version.
-
-The Imakefile is setup for use in the kerberos distribution.
-
-These routines are best compiled with gcc or any other good
-optimising compiler.
-Just turn you optimiser up to the highest settings and run destest
-after the build to make sure everything works.
-
-I believe these routines are close to the fastest and most portable DES
-routines that use small lookup tables (4.5k) that are publicly available.
-The fcrypt routine is faster than ufc's fcrypt (when compiling with
-gcc2 -O2) on the sparc 2 (1410 vs 1270) but is not so good on other machines
-(on a sun3/260 168 vs 336).  It is a function of CPU on chip cache size.
-[ 10-Jan-97 and a function of an incorrect speed testing program in
-  ufc which gave much better test figures that reality ].
-
-It is worth noting that on sparc and Alpha CPUs, performance of the DES
-library can vary by upto %10 due to the positioning of files after application
-linkage.
-
-Eric Young (eay@cryptsoft.com)
-
diff --git a/thirdparty/openssl/crypto/des/VERSION b/thirdparty/openssl/crypto/des/VERSION
deleted file mode 100644
index c7d01542bc..0000000000
--- a/thirdparty/openssl/crypto/des/VERSION
+++ /dev/null
@@ -1,412 +0,0 @@
-	Fixed the weak key values which were wrong :-(
-	Defining SIGACTION causes sigaction() to be used instead of signal().
-	SIGUSR1/SIGUSR2 are no longer mapped in the read tty stuff because it
-	can cause problems.  This should hopefully not affect normal
-	applications.
-
-Version 4.04
-	Fixed a few tests in destest.  Also added x86 assember for
-	des_ncbc_encrypt() which is the standard cbc mode function.
-	This makes a very very large performace difference.
-	Ariel Glenn ariel@columbia.edu reports that the terminal
-	'turn echo off' can return (errno == EINVAL) under solaris
-	when redirection is used.  So I now catch that as well as ENOTTY.
-
-
-Version 4.03
-	Left a static out of enc_write.c, which caused to buffer to be
-	continiously malloc()ed.  Does anyone use these functions?  I keep
-	on feeling like removing them since I only had these in there
-	for a version of kerberised login.  Anyway, this was pointed out
-	by Theo de Raadt <deraadt@cvs.openbsd.org>
-	The 'n' bit ofb code was wrong, it was not shifting the shift
-	register. It worked correctly for n == 64.  Thanks to
-	Gigi Ankeny <Gigi.Ankeny@Eng.Sun.COM> for pointing this one out.
-
-Version 4.02
-	I was doing 'if (memcmp(weak_keys[i],key,sizeof(key)) == 0)'
-	when checking for weak keys which is wrong :-(, pointed out by
-	Markus F.X.J. Oberhumer <markus.oberhumer@jk.uni-linz.ac.at>.
-
-Version 4.01
-	Even faster inner loop in the DES assembler for x86 and a modification
-	for IP/FP which is faster on x86.  Both of these changes are
-	from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>.  His
-	changes make the assembler run %40 faster on a pentium.  This is just
-	a case of getting the instruction sequence 'just right'.
-	All credit to 'Svend' :-)
-	Quite a few special x86 'make' targets.
-	A libdes-l (lite) distribution.
-
-Version 4.00
-	After a bit of a pause, I'll up the major version number since this
-	is mostly a performace release.  I've added x86 assembler and
-	added more options for performance.  A %28 speedup for gcc 
-	on a pentium and the assembler is a %50 speedup.
-	MIPS CPU's, sparc and Alpha are the main CPU's with speedups.
-	Run des_opts to work out which options should be used.
-	DES_RISC1/DES_RISC2 use alternative inner loops which use
-	more registers but should give speedups on any CPU that does
-	dual issue (pentium).  DES_UNROLL unrolls the inner loop,
-	which costs in code size.
-
-Version 3.26
-	I've finally removed one of the shifts in D_ENCRYPT.  This
-	meant I've changed the des_SPtrans table (spr.h), the set_key()
-	function and some things in des_enc.c.  This has definitly
-	made things faster :-).  I've known about this one for some
-	time but I've been too lazy to follow it up :-).
-	Noticed that in the D_ENCRYPT() macro, we can just do L^=(..)^(..)^..
-	instead of L^=((..)|(..)|(..)..  This should save a register at
-	least.
-	Assember for x86.  The file to replace is des_enc.c, which is replaced
-	by one of the assembler files found in asm.  Look at des/asm/readme
-	for more info.
-
-	/* Modification to fcrypt so it can be compiled to support
-	HPUX 10.x's long password format, define -DLONGCRYPT to use this.
-	Thanks to Jens Kupferschmidt <bt1cu@hpboot.rz.uni-leipzig.de>. */
-
-	SIGWINCH case put in des_read_passwd() so the function does not
-	'exit' if this function is recieved.
-
-Version 3.25 17/07/96
-	Modified read_pwd.c so that stdin can be read if not a tty.
-	Thanks to Jeff Barber <jeffb@issl.atl.hp.com> for the patches.
-	des_init_random_number_generator() shortened due to VMS linker
-	limits.
-	Added RSA's DESX cbc mode.  It is a form of cbc encryption, with 2
-	8 byte quantites xored before and after encryption.
-	des_xcbc_encryption() - the name is funny to preserve the des_
-	prefix on all functions.
-
-Version 3.24 20/04/96
-	The DES_PTR macro option checked and used by SSLeay configuration
-
-Version 3.23 11/04/96
-	Added DES_LONG.  If defined to 'unsigned int' on the DEC Alpha,
-	it gives a %20 speedup :-)
-	Fixed the problem with des.pl under perl5.  The patches were
-	sent by Ed Kubaitis (ejk@uiuc.edu).
-	if fcrypt.c, changed values to handle illegal salt values the way
-	normal crypt() implementations do.  Some programs apparently use
-	them :-(. The patch was sent by Bjorn Gronvall <bg@sics.se>
-
-Version 3.22 29/11/95
-	Bug in des(1), an error with the uuencoding stuff when the
-	'data' is small, thanks to Geoff Keating <keagchon@mehta.anu.edu.au>
-	for the patch.
-
-Version 3.21 22/11/95
-	After some emailing back and forth with 
-	Colin Plumb <colin@nyx10.cs.du.edu>, I've tweaked a few things
-	and in a future version I will probably put in some of the
-	optimisation he suggested for use with the DES_USE_PTR option.
-	Extra routines from Mark Murray <mark@grondar.za> for use in
-	freeBSD.  They mostly involve random number generation for use
-	with kerberos.  They involve evil machine specific system calls
-	etc so I would normally suggest pushing this stuff into the
-	application and/or using RAND_seed()/RAND_bytes() if you are
-	using this DES library as part of SSLeay.
-	Redone the read_pw() function so that it is cleaner and
-	supports termios, thanks to Sameer Parekh <sameer@c2.org>
-	for the initial patches for this.
-	Renamed 3ecb_encrypt() to ecb3_encrypt().  This has been
-	 done just to make things more consistent.
-	I have also now added triple DES versions of cfb and ofb.
-
-Version 3.20
-	Damn, Damn, Damn, as pointed out by Mike_Spreitzer.PARC@xerox.com,
-	my des_random_seed() function was only copying 4 bytes of the
-	passed seed into the init structure.  It is now fixed to copy 8.
-	My own suggestion is to used something like MD5 :-)
-
-Version 3.19 
-	While looking at my code one day, I though, why do I keep on
-	calling des_encrypt(in,out,ks,enc) when every function that
-	calls it has in and out the same.  So I dropped the 'out'
-	parameter, people should not be using this function.
-
-Version 3.18 30/08/95
-	Fixed a few bit with the distribution and the filenames.
-	3.17 had been munged via a move to DOS and back again.
-	NO CODE CHANGES
-
-Version 3.17 14/07/95
-	Fixed ede3 cbc which I had broken in 3.16.  I have also
-	removed some unneeded variables in 7-8 of the routines.
-
-Version 3.16 26/06/95
-	Added des_encrypt2() which does not use IP/FP, used by triple
-	des routines.  Tweaked things a bit elsewhere. %13 speedup on
-	sparc and %6 on a R4400 for ede3 cbc mode.
-
-Version 3.15 06/06/95
-	Added des_ncbc_encrypt(), it is des_cbc mode except that it is
-	'normal' and copies the new iv value back over the top of the
-	passed parameter.
-	CHANGED des_ede3_cbc_encrypt() so that it too now overwrites
-	the iv.  THIS WILL BREAK EXISTING CODE, but since this function
-	only new, I feel I can change it, not so with des_cbc_encrypt :-(.
-	I need to update the documentation.
-
-Version 3.14 31/05/95
-	New release upon the world, as part of my SSL implementation.
-	New copyright and usage stuff.  Basically free for all to use
-	as long as you say it came from me :-)
-
-Version 3.13 31/05/95
-	A fix in speed.c, if HZ is not defined, I set it to 100.0
-	which is reasonable for most unixes except SunOS 4.x.
-	I now have a #ifdef sun but timing for SunOS 4.x looked very
-	good :-(.  At my last job where I used SunOS 4.x, it was
-	defined to be 60.0 (look at the old INSTALL documentation), at
-	the last release had it changed to 100.0 since I now work with
-	Solaris2 and SVR4 boxes.
-	Thanks to  Rory Chisholm <rchishol@math.ethz.ch> for pointing this
-	one out.
-
-Version 3.12 08/05/95
-	As pointed out by The Crypt Keeper <tck@bend.UCSD.EDU>,
-	my D_ENCRYPT macro in crypt() had an un-necessary variable.
-	It has been removed.
-
-Version 3.11 03/05/95
-	Added des_ede3_cbc_encrypt() which is cbc mode des with 3 keys
-	and one iv.  It is a standard and I needed it for my SSL code.
-	It makes more sense to use this for triple DES than
-	3cbc_encrypt().  I have also added (or should I say tested :-)
-	cfb64_encrypt() which is cfb64 but it will encrypt a partial
-	number of bytes - 3 bytes in 3 bytes out.  Again this is for
-	my SSL library, as a form of encryption to use with SSL
-	telnet.
-
-Version 3.10 22/03/95
-	Fixed a bug in 3cbc_encrypt() :-(.  When making repeated calls
-	to cbc3_encrypt, the 2 iv values that were being returned to
-	be used in the next call were reversed :-(.
-	Many thanks to Bill Wade <wade@Stoner.COM> for pointing out
-	this error.
-
-Version 3.09 01/02/95
-	Fixed des_random_key to far more random, it was rather feeble
-	with regards to picking the initial seed.  The problem was
-	pointed out by Olaf Kirch <okir@monad.swb.de>.
-
-Version 3.08 14/12/94
-	Added Makefile.PL so libdes can be built into perl5.
-	Changed des_locl.h so RAND is always defined.
-
-Version 3.07 05/12/94
-	Added GNUmake and stuff so the library can be build with
-	glibc.
-
-Version 3.06 30/08/94
-	Added rpc_enc.c which contains _des_crypt.  This is for use in
-	secure_rpc v 4.0
-	Finally fixed the cfb_enc problems.
-	Fixed a few parameter parsing bugs in des (-3 and -b), thanks
-	to Rob McMillan <R.McMillan@its.gu.edu.au>
-
-Version 3.05 21/04/94
-	for unsigned long l; gcc does not produce ((l>>34) == 0)
-	This causes bugs in cfb_enc.
-	Thanks to Hadmut Danisch <danisch@ira.uka.de>
-
-Version 3.04 20/04/94
-	Added a version number to des.c and libdes.a
-
-Version 3.03 12/01/94
-	Fixed a bug in non zero iv in 3cbc_enc.
-
-Version 3.02 29/10/93
-	I now work in a place where there are 6+ architectures and 14+
-	OS versions :-).
-	Fixed TERMIO definition so the most sys V boxes will work :-)
-
-Release upon comp.sources.misc
-Version 3.01 08/10/93
-	Added des_3cbc_encrypt()
-
-Version 3.00 07/10/93
-	Fixed up documentation.
-	quad_cksum definitely compatible with MIT's now.
-
-Version 2.30 24/08/93
-	Triple DES now defaults to triple cbc but can do triple ecb
-	 with the -b flag.
-	Fixed some MSDOS uuen/uudecoding problems, thanks to
-	Added prototypes.
-	
-Version 2.22 29/06/93
-	Fixed a bug in des_is_weak_key() which stopped it working :-(
-	thanks to engineering@MorningStar.Com.
-
-Version 2.21 03/06/93
-	des(1) with no arguments gives quite a bit of help.
-	Added -c (generate ckecksum) flag to des(1).
-	Added -3 (triple DES) flag to des(1).
-	Added cfb and ofb routines to the library.
-
-Version 2.20 11/03/93
-	Added -u (uuencode) flag to des(1).
-	I have been playing with byte order in quad_cksum to make it
-	 compatible with MIT's version.  All I can say is avid this
-	 function if possible since MIT's output is endian dependent.
-
-Version 2.12 14/10/92
-	Added MSDOS specific macro in ecb_encrypt which gives a %70
-	 speed up when the code is compiled with turbo C.
-
-Version 2.11 12/10/92
-	Speedup in set_key (recoding of PC-1)
-	 I now do it in 47 simple operations, down from 60.
-	 Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
-	 for motivating me to look for a faster system :-)
-	 The speedup is probably less that 1% but it is still 13
-	 instructions less :-).
-
-Version 2.10 06/10/92
-	The code now works on the 64bit ETA10 and CRAY without modifications or
-	 #defines.  I believe the code should work on any machine that
-	 defines long, int or short to be 8 bytes long.
-	Thanks to Shabbir J. Safdar (shabby@mentor.cc.purdue.edu)
-	 for helping me fix the code to run on 64bit machines (he had
-	 access to an ETA10).
-	Thanks also to John Fletcher <john_fletcher@lccmail.ocf.llnl.gov>
-	 for testing the routines on a CRAY.
-	read_password.c has been renamed to read_passwd.c
-	string_to_key.c has been renamed to string2key.c
-
-Version 2.00 14/09/92
-	Made mods so that the library should work on 64bit CPU's.
-	Removed all my uchar and ulong defs.  To many different
-	 versions of unix define them in their header files in too many
-	 different combinations :-)
-	IRIX - Sillicon Graphics mods (mostly in read_password.c).
-	 Thanks to Andrew Daviel (advax@erich.triumf.ca)
-
-Version 1.99 26/08/92
-	Fixed a bug or 2 in enc_read.c
-	Fixed a bug in enc_write.c
-	Fixed a pseudo bug in fcrypt.c (very obscure).
-
-Version 1.98 31/07/92
-	Support for the ETA10.  This is a strange machine that defines
-	longs and ints as 8 bytes and shorts as 4 bytes.
-	Since I do evil things with long * that assume that they are 4
-	bytes.  Look in the Makefile for the option to compile for
-	this machine.  quad_cksum appears to have problems but I
-	will don't have the time to fix it right now, and this is not
-	a function that uses DES and so will not effect the main uses
-	of the library.
-
-Version 1.97 20/05/92 eay
-	Fixed the Imakefile and made some changes to des.h to fix some
-	problems when building this package with Kerberos v 4.
-
-Version 1.96 18/05/92 eay
-	Fixed a small bug in string_to_key() where problems could
-	occur if des_check_key was set to true and the string
-	generated a weak key.
-
-Patch2 posted to comp.sources.misc
-Version 1.95 13/05/92 eay
-	Added an alternative version of the D_ENCRYPT macro in
-	ecb_encrypt and fcrypt.  Depending on the compiler, one version or the
-	other will be faster.  This was inspired by 
-	Dana How <how@isl.stanford.edu>, and her pointers about doing the
-	*(ulong *)((uchar *)ptr+(value&0xfc))
-	vs
-	ptr[value&0x3f]
-	to stop the C compiler doing a <<2 to convert the long array index.
-
-Version 1.94 05/05/92 eay
-	Fixed an incompatibility between my string_to_key and the MIT
-	 version.  When the key is longer than 8 chars, I was wrapping
-	 with a different method.  To use the old version, define
-	 OLD_STR_TO_KEY in the makefile.  Thanks to
-	 viktor@newsu.shearson.com (Viktor Dukhovni).
-
-Version 1.93 28/04/92 eay
-	Fixed the VMS mods so that echo is now turned off in
-	 read_password.  Thanks again to brennan@coco.cchs.su.oz.AU.
-	MSDOS support added.  The routines can be compiled with
-	 Turbo C (v2.0) and MSC (v5.1).  Make sure MSDOS is defined.
-
-Patch1 posted to comp.sources.misc
-Version 1.92 13/04/92 eay
-	Changed D_ENCRYPT so that the rotation of R occurs outside of
-	 the loop.  This required rotating all the longs in sp.h (now
-	 called spr.h). Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
-	speed.c has been changed so it will work without SIGALRM.  If
-	 times(3) is not present it will try to use ftime() instead.
-
-Version 1.91 08/04/92 eay
-	Added -E/-D options to des(1) so it can use string_to_key.
-	Added SVR4 mods suggested by witr@rwwa.COM
-	Added VMS mods suggested by brennan@coco.cchs.su.oz.AU.  If
-	anyone knows how to turn of tty echo in VMS please tell me or
-	implement it yourself :-).
-	Changed FILE *IN/*OUT to *DES_IN/*DES_OUT since it appears VMS
-	does not like IN/OUT being used.
-
-Libdes posted to comp.sources.misc
-Version 1.9 24/03/92 eay
-	Now contains a fast small crypt replacement.
-	Added des(1) command.
-	Added des_rw_mode so people can use cbc encryption with
-	enc_read and enc_write.
-
-Version 1.8 15/10/91 eay
-	Bug in cbc_cksum.
-	Many thanks to Keith Reynolds (keithr@sco.COM) for pointing this
-	one out.
-
-Version 1.7 24/09/91 eay
-	Fixed set_key :-)
-	set_key is 4 times faster and takes less space.
-	There are a few minor changes that could be made.
-
-Version 1.6 19/09/1991 eay
-	Finally go IP and FP finished.
-	Now I need to fix set_key.
-	This version is quite a bit faster that 1.51
-
-Version 1.52 15/06/1991 eay
-	20% speedup in ecb_encrypt by changing the E bit selection
-	to use 2 32bit words.  This also required modification of the
-	sp table.  There is still a way to speedup the IP and IP-1
-	(hints from outer@sq.com) still working on this one :-(.
-
-Version 1.51 07/06/1991 eay
-	Faster des_encrypt by loop unrolling
-	Fixed bug in quad_cksum.c (thanks to hughes@logos.ucs.indiana.edu)
-
-Version 1.50 28/05/1991 eay
-	Optimised the code a bit more for the sparc.  I have improved the
-	speed of the inner des_encrypt by speeding up the initial and
-	final permutations.
-
-Version 1.40 23/10/1990 eay
-	Fixed des_random_key, it did not produce a random key :-(
-
-Version 1.30  2/10/1990 eay
-	Have made des_quad_cksum the same as MIT's, the full package
-	should be compatible with MIT's
-	Have tested on a DECstation 3100
-	Still need to fix des_set_key (make it faster).
-	Does des_cbc_encrypts at 70.5k/sec on a 3100.
-
-Version 1.20 18/09/1990 eay
-	Fixed byte order dependencies.
-	Fixed (I hope) all the word alignment problems.
-	Speedup in des_ecb_encrypt.
-
-Version 1.10 11/09/1990 eay
-	Added des_enc_read and des_enc_write.
-	Still need to fix des_quad_cksum.
-	Still need to document des_enc_read and des_enc_write.
-
-Version 1.00 27/08/1990 eay
-
diff --git a/thirdparty/openssl/crypto/des/asm/readme b/thirdparty/openssl/crypto/des/asm/readme
deleted file mode 100644
index 1beafe253b..0000000000
--- a/thirdparty/openssl/crypto/des/asm/readme
+++ /dev/null
@@ -1,131 +0,0 @@
-First up, let me say I don't like writing in assembler.  It is not portable,
-dependant on the particular CPU architecture release and is generally a pig
-to debug and get right.  Having said that, the x86 architecture is probably
-the most important for speed due to number of boxes and since
-it appears to be the worst architecture to to get
-good C compilers for.  So due to this, I have lowered myself to do
-assembler for the inner DES routines in libdes :-).
-
-The file to implement in assembler is des_enc.c.  Replace the following
-4 functions
-des_encrypt1(DES_LONG data[2],des_key_schedule ks, int encrypt);
-des_encrypt2(DES_LONG data[2],des_key_schedule ks, int encrypt);
-des_encrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
-des_decrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
-
-They encrypt/decrypt the 64 bits held in 'data' using
-the 'ks' key schedules.   The only difference between the 4 functions is that
-des_encrypt2() does not perform IP() or FP() on the data (this is an
-optimization for when doing triple DES and des_encrypt3() and des_decrypt3()
-perform triple des.  The triple DES routines are in here because it does
-make a big difference to have them located near the des_encrypt2 function
-at link time..
-
-Now as we all know, there are lots of different operating systems running on
-x86 boxes, and unfortunately they normally try to make sure their assembler
-formating is not the same as the other peoples.
-The 4 main formats I know of are
-Microsoft	Windows 95/Windows NT
-Elf		Includes Linux and FreeBSD(?).
-a.out		The older Linux.
-Solaris		Same as Elf but different comments :-(.
-
-Now I was not overly keen to write 4 different copies of the same code,
-so I wrote a few perl routines to output the correct assembler, given
-a target assembler type.  This code is ugly and is just a hack.
-The libraries are x86unix.pl and x86ms.pl.
-des586.pl, des686.pl and des-som[23].pl are the programs to actually
-generate the assembler.
-
-So to generate elf assembler
-perl des-som3.pl elf >dx86-elf.s
-For Windows 95/NT
-perl des-som2.pl win32 >win32.asm
-
-[ update 4 Jan 1996 ]
-I have added another way to do things.
-perl des-som3.pl cpp >dx86-cpp.s
-generates a file that will be included by dx86unix.cpp when it is compiled.
-To build for elf, a.out, solaris, bsdi etc,
-cc -E -DELF asm/dx86unix.cpp | as -o asm/dx86-elf.o
-cc -E -DSOL asm/dx86unix.cpp | as -o asm/dx86-sol.o
-cc -E -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o
-cc -E -DBSDI asm/dx86unix.cpp | as -o asm/dx86bsdi.o
-This was done to cut down the number of files in the distribution.
-
-Now the ugly part.  I acquired my copy of Intels
-"Optimization's For Intel's 32-Bit Processors" and found a few interesting
-things.  First, the aim of the exersize is to 'extract' one byte at a time
-from a word and do an array lookup.  This involves getting the byte from
-the 4 locations in the word and moving it to a new word and doing the lookup.
-The most obvious way to do this is
-xor	eax,	eax				# clear word
-movb	al,	cl				# get low byte
-xor	edi	DWORD PTR 0x100+des_SP[eax] 	# xor in word
-movb	al,	ch				# get next byte
-xor	edi	DWORD PTR 0x300+des_SP[eax] 	# xor in word
-shr	ecx	16
-which seems ok.  For the pentium, this system appears to be the best.
-One has to do instruction interleaving to keep both functional units
-operating, but it is basically very efficient.
-
-Now the crunch.  When a full register is used after a partial write, eg.
-mov	al,	cl
-xor	edi,	DWORD PTR 0x100+des_SP[eax]
-386	- 1 cycle stall
-486	- 1 cycle stall
-586	- 0 cycle stall
-686	- at least 7 cycle stall (page 22 of the above mentioned document).
-
-So the technique that produces the best results on a pentium, according to
-the documentation, will produce hideous results on a pentium pro.
-
-To get around this, des686.pl will generate code that is not as fast on
-a pentium, should be very good on a pentium pro.
-mov	eax,	ecx				# copy word 
-shr	ecx,	8				# line up next byte
-and	eax,	0fch				# mask byte
-xor	edi	DWORD PTR 0x100+des_SP[eax] 	# xor in array lookup
-mov	eax,	ecx				# get word
-shr	ecx	8				# line up next byte
-and	eax,	0fch				# mask byte
-xor	edi	DWORD PTR 0x300+des_SP[eax] 	# xor in array lookup
-
-Due to the execution units in the pentium, this actually works quite well.
-For a pentium pro it should be very good.  This is the type of output
-Visual C++ generates.
-
-There is a third option.  instead of using
-mov	al,	ch
-which is bad on the pentium pro, one may be able to use
-movzx	eax,	ch
-which may not incur the partial write penalty.  On the pentium,
-this instruction takes 4 cycles so is not worth using but on the
-pentium pro it appears it may be worth while.  I need access to one to
-experiment :-).
-
-eric (20 Oct 1996)
-
-22 Nov 1996 - I have asked people to run the 2 different version on pentium
-pros and it appears that the intel documentation is wrong.  The
-mov al,bh is still faster on a pentium pro, so just use the des586.pl
-install des686.pl
-
-3 Dec 1996 - I added des_encrypt3/des_decrypt3 because I have moved these
-functions into des_enc.c because it does make a massive performance
-difference on some boxes to have the functions code located close to
-the des_encrypt2() function.
-
-9 Jan 1997 - des-som2.pl is now the correct perl script to use for
-pentiums.  It contains an inner loop from
-Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk> which does raw ecb DES calls at
-273,000 per second.  He had a previous version at 250,000 and the best
-I was able to get was 203,000.  The content has not changed, this is all
-due to instruction sequencing (and actual instructions choice) which is able
-to keep both functional units of the pentium going.
-We may have lost the ugly register usage restrictions when x86 went 32 bit
-but for the pentium it has been replaced by evil instruction ordering tricks.
-
-13 Jan 1997 - des-som3.pl, more optimizations from Svend Olaf.
-raw DES at 281,000 per second on a pentium 100.
-
diff --git a/thirdparty/openssl/crypto/des/cbc3_enc.c b/thirdparty/openssl/crypto/des/cbc3_enc.c
deleted file mode 100644
index 249518a6a6..0000000000
--- a/thirdparty/openssl/crypto/des/cbc3_enc.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/* crypto/des/cbc3_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/* HAS BUGS! DON'T USE - this is only present for use in des.c */
-void DES_3cbc_encrypt(DES_cblock *input, DES_cblock *output, long length,
-                      DES_key_schedule ks1, DES_key_schedule ks2,
-                      DES_cblock *iv1, DES_cblock *iv2, int enc)
-{
-    int off = ((int)length - 1) / 8;
-    long l8 = ((length + 7) / 8) * 8;
-    DES_cblock niv1, niv2;
-
-    if (enc == DES_ENCRYPT) {
-        DES_cbc_encrypt((unsigned char *)input,
-                        (unsigned char *)output, length, &ks1, iv1, enc);
-        if (length >= sizeof(DES_cblock))
-            memcpy(niv1, output[off], sizeof(DES_cblock));
-        DES_cbc_encrypt((unsigned char *)output,
-                        (unsigned char *)output, l8, &ks2, iv1, !enc);
-        DES_cbc_encrypt((unsigned char *)output,
-                        (unsigned char *)output, l8, &ks1, iv2, enc);
-        if (length >= sizeof(DES_cblock))
-            memcpy(niv2, output[off], sizeof(DES_cblock));
-    } else {
-        if (length >= sizeof(DES_cblock))
-            memcpy(niv2, input[off], sizeof(DES_cblock));
-        DES_cbc_encrypt((unsigned char *)input,
-                        (unsigned char *)output, l8, &ks1, iv2, enc);
-        DES_cbc_encrypt((unsigned char *)output,
-                        (unsigned char *)output, l8, &ks2, iv1, !enc);
-        if (length >= sizeof(DES_cblock))
-            memcpy(niv1, output[off], sizeof(DES_cblock));
-        DES_cbc_encrypt((unsigned char *)output,
-                        (unsigned char *)output, length, &ks1, iv1, enc);
-    }
-    memcpy(*iv1, niv1, sizeof(DES_cblock));
-    memcpy(*iv2, niv2, sizeof(DES_cblock));
-}
diff --git a/thirdparty/openssl/crypto/des/cbc_cksm.c b/thirdparty/openssl/crypto/des/cbc_cksm.c
deleted file mode 100644
index f89b5b98e4..0000000000
--- a/thirdparty/openssl/crypto/des/cbc_cksm.c
+++ /dev/null
@@ -1,103 +0,0 @@
-/* crypto/des/cbc_cksm.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-DES_LONG DES_cbc_cksum(const unsigned char *in, DES_cblock *output,
-                       long length, DES_key_schedule *schedule,
-                       const_DES_cblock *ivec)
-{
-    register DES_LONG tout0, tout1, tin0, tin1;
-    register long l = length;
-    DES_LONG tin[2];
-    unsigned char *out = &(*output)[0];
-    const unsigned char *iv = &(*ivec)[0];
-
-    c2l(iv, tout0);
-    c2l(iv, tout1);
-    for (; l > 0; l -= 8) {
-        if (l >= 8) {
-            c2l(in, tin0);
-            c2l(in, tin1);
-        } else
-            c2ln(in, tin0, tin1, l);
-
-        tin0 ^= tout0;
-        tin[0] = tin0;
-        tin1 ^= tout1;
-        tin[1] = tin1;
-        DES_encrypt1((DES_LONG *)tin, schedule, DES_ENCRYPT);
-        /* fix 15/10/91 eay - thanks to keithr@sco.COM */
-        tout0 = tin[0];
-        tout1 = tin[1];
-    }
-    if (out != NULL) {
-        l2c(tout0, out);
-        l2c(tout1, out);
-    }
-    tout0 = tin0 = tin1 = tin[0] = tin[1] = 0;
-    /*
-     * Transform the data in tout1 so that it will match the return value
-     * that the MIT Kerberos mit_des_cbc_cksum API returns.
-     */
-    tout1 = ((tout1 >> 24L) & 0x000000FF)
-        | ((tout1 >> 8L) & 0x0000FF00)
-        | ((tout1 << 8L) & 0x00FF0000)
-        | ((tout1 << 24L) & 0xFF000000);
-    return (tout1);
-}
diff --git a/thirdparty/openssl/crypto/des/cbc_enc.c b/thirdparty/openssl/crypto/des/cbc_enc.c
deleted file mode 100644
index 7ee359928c..0000000000
--- a/thirdparty/openssl/crypto/des/cbc_enc.c
+++ /dev/null
@@ -1,61 +0,0 @@
-/* crypto/des/cbc_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#define CBC_ENC_C__DONT_UPDATE_IV
-
-#include "ncbc_enc.c"           /* des_cbc_encrypt */
diff --git a/thirdparty/openssl/crypto/des/cfb64ede.c b/thirdparty/openssl/crypto/des/cfb64ede.c
deleted file mode 100644
index 5d709c12d3..0000000000
--- a/thirdparty/openssl/crypto/des/cfb64ede.c
+++ /dev/null
@@ -1,249 +0,0 @@
-/* crypto/des/cfb64ede.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-#include "e_os.h"
-
-/*
- * The input and output encrypted as though 64bit cfb mode is being used.
- * The extra state information to record how much of the 64bit block we have
- * used is contained in *num;
- */
-
-void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-                            long length, DES_key_schedule *ks1,
-                            DES_key_schedule *ks2, DES_key_schedule *ks3,
-                            DES_cblock *ivec, int *num, int enc)
-{
-    register DES_LONG v0, v1;
-    register long l = length;
-    register int n = *num;
-    DES_LONG ti[2];
-    unsigned char *iv, c, cc;
-
-    iv = &(*ivec)[0];
-    if (enc) {
-        while (l--) {
-            if (n == 0) {
-                c2l(iv, v0);
-                c2l(iv, v1);
-
-                ti[0] = v0;
-                ti[1] = v1;
-                DES_encrypt3(ti, ks1, ks2, ks3);
-                v0 = ti[0];
-                v1 = ti[1];
-
-                iv = &(*ivec)[0];
-                l2c(v0, iv);
-                l2c(v1, iv);
-                iv = &(*ivec)[0];
-            }
-            c = *(in++) ^ iv[n];
-            *(out++) = c;
-            iv[n] = c;
-            n = (n + 1) & 0x07;
-        }
-    } else {
-        while (l--) {
-            if (n == 0) {
-                c2l(iv, v0);
-                c2l(iv, v1);
-
-                ti[0] = v0;
-                ti[1] = v1;
-                DES_encrypt3(ti, ks1, ks2, ks3);
-                v0 = ti[0];
-                v1 = ti[1];
-
-                iv = &(*ivec)[0];
-                l2c(v0, iv);
-                l2c(v1, iv);
-                iv = &(*ivec)[0];
-            }
-            cc = *(in++);
-            c = iv[n];
-            iv[n] = cc;
-            *(out++) = c ^ cc;
-            n = (n + 1) & 0x07;
-        }
-    }
-    v0 = v1 = ti[0] = ti[1] = c = cc = 0;
-    *num = n;
-}
-
-#ifdef undef                    /* MACRO */
-void DES_ede2_cfb64_encrypt(unsigned char *in, unsigned char *out,
-                            long length, DES_key_schedule ks1,
-                            DES_key_schedule ks2, DES_cblock (*ivec),
-                            int *num, int enc)
-{
-    DES_ede3_cfb64_encrypt(in, out, length, ks1, ks2, ks1, ivec, num, enc);
-}
-#endif
-
-/*
- * This is compatible with the single key CFB-r for DES, even thought that's
- * not what EVP needs.
- */
-
-void DES_ede3_cfb_encrypt(const unsigned char *in, unsigned char *out,
-                          int numbits, long length, DES_key_schedule *ks1,
-                          DES_key_schedule *ks2, DES_key_schedule *ks3,
-                          DES_cblock *ivec, int enc)
-{
-    register DES_LONG d0, d1, v0, v1;
-    register unsigned long l = length, n = ((unsigned int)numbits + 7) / 8;
-    register int num = numbits, i;
-    DES_LONG ti[2];
-    unsigned char *iv;
-    unsigned char ovec[16];
-
-    if (num > 64)
-        return;
-    iv = &(*ivec)[0];
-    c2l(iv, v0);
-    c2l(iv, v1);
-    if (enc) {
-        while (l >= n) {
-            l -= n;
-            ti[0] = v0;
-            ti[1] = v1;
-            DES_encrypt3(ti, ks1, ks2, ks3);
-            c2ln(in, d0, d1, n);
-            in += n;
-            d0 ^= ti[0];
-            d1 ^= ti[1];
-            l2cn(d0, d1, out, n);
-            out += n;
-            /*
-             * 30-08-94 - eay - changed because l>>32 and l<<32 are bad under
-             * gcc :-(
-             */
-            if (num == 32) {
-                v0 = v1;
-                v1 = d0;
-            } else if (num == 64) {
-                v0 = d0;
-                v1 = d1;
-            } else {
-                iv = &ovec[0];
-                l2c(v0, iv);
-                l2c(v1, iv);
-                l2c(d0, iv);
-                l2c(d1, iv);
-                /* shift ovec left most of the bits... */
-                memmove(ovec, ovec + num / 8, 8 + (num % 8 ? 1 : 0));
-                /* now the remaining bits */
-                if (num % 8 != 0)
-                    for (i = 0; i < 8; ++i) {
-                        ovec[i] <<= num % 8;
-                        ovec[i] |= ovec[i + 1] >> (8 - num % 8);
-                    }
-                iv = &ovec[0];
-                c2l(iv, v0);
-                c2l(iv, v1);
-            }
-        }
-    } else {
-        while (l >= n) {
-            l -= n;
-            ti[0] = v0;
-            ti[1] = v1;
-            DES_encrypt3(ti, ks1, ks2, ks3);
-            c2ln(in, d0, d1, n);
-            in += n;
-            /*
-             * 30-08-94 - eay - changed because l>>32 and l<<32 are bad under
-             * gcc :-(
-             */
-            if (num == 32) {
-                v0 = v1;
-                v1 = d0;
-            } else if (num == 64) {
-                v0 = d0;
-                v1 = d1;
-            } else {
-                iv = &ovec[0];
-                l2c(v0, iv);
-                l2c(v1, iv);
-                l2c(d0, iv);
-                l2c(d1, iv);
-                /* shift ovec left most of the bits... */
-                memmove(ovec, ovec + num / 8, 8 + (num % 8 ? 1 : 0));
-                /* now the remaining bits */
-                if (num % 8 != 0)
-                    for (i = 0; i < 8; ++i) {
-                        ovec[i] <<= num % 8;
-                        ovec[i] |= ovec[i + 1] >> (8 - num % 8);
-                    }
-                iv = &ovec[0];
-                c2l(iv, v0);
-                c2l(iv, v1);
-            }
-            d0 ^= ti[0];
-            d1 ^= ti[1];
-            l2cn(d0, d1, out, n);
-            out += n;
-        }
-    }
-    iv = &(*ivec)[0];
-    l2c(v0, iv);
-    l2c(v1, iv);
-    v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
-}
diff --git a/thirdparty/openssl/crypto/des/cfb64enc.c b/thirdparty/openssl/crypto/des/cfb64enc.c
deleted file mode 100644
index 7346774eb2..0000000000
--- a/thirdparty/openssl/crypto/des/cfb64enc.c
+++ /dev/null
@@ -1,122 +0,0 @@
-/* crypto/des/cfb64enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/*
- * The input and output encrypted as though 64bit cfb mode is being used.
- * The extra state information to record how much of the 64bit block we have
- * used is contained in *num;
- */
-
-void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-                       long length, DES_key_schedule *schedule,
-                       DES_cblock *ivec, int *num, int enc)
-{
-    register DES_LONG v0, v1;
-    register long l = length;
-    register int n = *num;
-    DES_LONG ti[2];
-    unsigned char *iv, c, cc;
-
-    iv = &(*ivec)[0];
-    if (enc) {
-        while (l--) {
-            if (n == 0) {
-                c2l(iv, v0);
-                ti[0] = v0;
-                c2l(iv, v1);
-                ti[1] = v1;
-                DES_encrypt1(ti, schedule, DES_ENCRYPT);
-                iv = &(*ivec)[0];
-                v0 = ti[0];
-                l2c(v0, iv);
-                v0 = ti[1];
-                l2c(v0, iv);
-                iv = &(*ivec)[0];
-            }
-            c = *(in++) ^ iv[n];
-            *(out++) = c;
-            iv[n] = c;
-            n = (n + 1) & 0x07;
-        }
-    } else {
-        while (l--) {
-            if (n == 0) {
-                c2l(iv, v0);
-                ti[0] = v0;
-                c2l(iv, v1);
-                ti[1] = v1;
-                DES_encrypt1(ti, schedule, DES_ENCRYPT);
-                iv = &(*ivec)[0];
-                v0 = ti[0];
-                l2c(v0, iv);
-                v0 = ti[1];
-                l2c(v0, iv);
-                iv = &(*ivec)[0];
-            }
-            cc = *(in++);
-            c = iv[n];
-            iv[n] = cc;
-            *(out++) = c ^ cc;
-            n = (n + 1) & 0x07;
-        }
-    }
-    v0 = v1 = ti[0] = ti[1] = c = cc = 0;
-    *num = n;
-}
diff --git a/thirdparty/openssl/crypto/des/cfb_enc.c b/thirdparty/openssl/crypto/des/cfb_enc.c
deleted file mode 100644
index bd0e299716..0000000000
--- a/thirdparty/openssl/crypto/des/cfb_enc.c
+++ /dev/null
@@ -1,199 +0,0 @@
-/* crypto/des/cfb_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "e_os.h"
-#include "des_locl.h"
-#include <assert.h>
-
-/*
- * The input and output are loaded in multiples of 8 bits. What this means is
- * that if you hame numbits=12 and length=2 the first 12 bits will be
- * retrieved from the first byte and half the second.  The second 12 bits
- * will come from the 3rd and half the 4th byte.
- */
-/*
- * Until Aug 1 2003 this function did not correctly implement CFB-r, so it
- * will not be compatible with any encryption prior to that date. Ben.
- */
-void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
-                     long length, DES_key_schedule *schedule,
-                     DES_cblock *ivec, int enc)
-{
-    register DES_LONG d0, d1, v0, v1;
-    register unsigned long l = length;
-    register int num = numbits / 8, n = (numbits + 7) / 8, i, rem =
-        numbits % 8;
-    DES_LONG ti[2];
-    unsigned char *iv;
-#ifndef L_ENDIAN
-    unsigned char ovec[16];
-#else
-    unsigned int sh[4];
-    unsigned char *ovec = (unsigned char *)sh;
-
-    /* I kind of count that compiler optimizes away this assertioni, */
-    assert(sizeof(sh[0]) == 4); /* as this holds true for all, */
-    /* but 16-bit platforms...      */
-
-#endif
-
-    if (numbits <= 0 || numbits > 64)
-        return;
-    iv = &(*ivec)[0];
-    c2l(iv, v0);
-    c2l(iv, v1);
-    if (enc) {
-        while (l >= (unsigned long)n) {
-            l -= n;
-            ti[0] = v0;
-            ti[1] = v1;
-            DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT);
-            c2ln(in, d0, d1, n);
-            in += n;
-            d0 ^= ti[0];
-            d1 ^= ti[1];
-            l2cn(d0, d1, out, n);
-            out += n;
-            /*
-             * 30-08-94 - eay - changed because l>>32 and l<<32 are bad under
-             * gcc :-(
-             */
-            if (numbits == 32) {
-                v0 = v1;
-                v1 = d0;
-            } else if (numbits == 64) {
-                v0 = d0;
-                v1 = d1;
-            } else {
-#ifndef L_ENDIAN
-                iv = &ovec[0];
-                l2c(v0, iv);
-                l2c(v1, iv);
-                l2c(d0, iv);
-                l2c(d1, iv);
-#else
-                sh[0] = v0, sh[1] = v1, sh[2] = d0, sh[3] = d1;
-#endif
-                if (rem == 0)
-                    memmove(ovec, ovec + num, 8);
-                else
-                    for (i = 0; i < 8; ++i)
-                        ovec[i] = ovec[i + num] << rem |
-                            ovec[i + num + 1] >> (8 - rem);
-#ifdef L_ENDIAN
-                v0 = sh[0], v1 = sh[1];
-#else
-                iv = &ovec[0];
-                c2l(iv, v0);
-                c2l(iv, v1);
-#endif
-            }
-        }
-    } else {
-        while (l >= (unsigned long)n) {
-            l -= n;
-            ti[0] = v0;
-            ti[1] = v1;
-            DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT);
-            c2ln(in, d0, d1, n);
-            in += n;
-            /*
-             * 30-08-94 - eay - changed because l>>32 and l<<32 are bad under
-             * gcc :-(
-             */
-            if (numbits == 32) {
-                v0 = v1;
-                v1 = d0;
-            } else if (numbits == 64) {
-                v0 = d0;
-                v1 = d1;
-            } else {
-#ifndef L_ENDIAN
-                iv = &ovec[0];
-                l2c(v0, iv);
-                l2c(v1, iv);
-                l2c(d0, iv);
-                l2c(d1, iv);
-#else
-                sh[0] = v0, sh[1] = v1, sh[2] = d0, sh[3] = d1;
-#endif
-                if (rem == 0)
-                    memmove(ovec, ovec + num, 8);
-                else
-                    for (i = 0; i < 8; ++i)
-                        ovec[i] = ovec[i + num] << rem |
-                            ovec[i + num + 1] >> (8 - rem);
-#ifdef L_ENDIAN
-                v0 = sh[0], v1 = sh[1];
-#else
-                iv = &ovec[0];
-                c2l(iv, v0);
-                c2l(iv, v1);
-#endif
-            }
-            d0 ^= ti[0];
-            d1 ^= ti[1];
-            l2cn(d0, d1, out, n);
-            out += n;
-        }
-    }
-    iv = &(*ivec)[0];
-    l2c(v0, iv);
-    l2c(v1, iv);
-    v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
-}
diff --git a/thirdparty/openssl/crypto/des/des.c b/thirdparty/openssl/crypto/des/des.c
deleted file mode 100644
index d7374382d8..0000000000
--- a/thirdparty/openssl/crypto/des/des.c
+++ /dev/null
@@ -1,868 +0,0 @@
-/* crypto/des/des.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/opensslconf.h>
-#ifndef OPENSSL_SYS_MSDOS
-# ifndef OPENSSL_SYS_VMS
-#  include OPENSSL_UNISTD
-# else                          /* OPENSSL_SYS_VMS */
-#  ifdef __DECC
-#   include <unistd.h>
-#  else                         /* not __DECC */
-#   include <math.h>
-#  endif                        /* __DECC */
-# endif                         /* OPENSSL_SYS_VMS */
-#else                           /* OPENSSL_SYS_MSDOS */
-# include <io.h>
-#endif
-
-#include <time.h>
-#include "des_ver.h"
-
-#ifdef OPENSSL_SYS_VMS
-# include <types.h>
-# include <stat.h>
-#else
-# ifndef _IRIX
-#  include <sys/types.h>
-# endif
-# include <sys/stat.h>
-#endif
-#include <openssl/des.h>
-#include <openssl/rand.h>
-#include <openssl/ui_compat.h>
-
-void usage(void);
-void doencryption(void);
-int uufwrite(unsigned char *data, int size, unsigned int num, FILE *fp);
-void uufwriteEnd(FILE *fp);
-int uufread(unsigned char *out, int size, unsigned int num, FILE *fp);
-int uuencode(unsigned char *in, int num, unsigned char *out);
-int uudecode(unsigned char *in, int num, unsigned char *out);
-void DES_3cbc_encrypt(DES_cblock *input, DES_cblock *output, long length,
-                      DES_key_schedule sk1, DES_key_schedule sk2,
-                      DES_cblock *ivec1, DES_cblock *ivec2, int enc);
-#ifdef OPENSSL_SYS_VMS
-# define EXIT(a) exit(a&0x10000000L)
-#else
-# define EXIT(a) exit(a)
-#endif
-
-#define BUFSIZE (8*1024)
-#define VERIFY  1
-#define KEYSIZ  8
-#define KEYSIZB 1024            /* should hit tty line limit first :-) */
-char key[KEYSIZB + 1];
-int do_encrypt, longk = 0;
-FILE *DES_IN, *DES_OUT, *CKSUM_OUT;
-char uuname[200];
-unsigned char uubuf[50];
-int uubufnum = 0;
-#define INUUBUFN        (45*100)
-#define OUTUUBUF        (65*100)
-unsigned char b[OUTUUBUF];
-unsigned char bb[300];
-DES_cblock cksum = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
-
-char cksumname[200] = "";
-
-int vflag, cflag, eflag, dflag, kflag, bflag, fflag, sflag, uflag, flag3,
-    hflag, error;
-
-int main(int argc, char **argv)
-{
-    int i;
-    struct stat ins, outs;
-    char *p;
-    char *in = NULL, *out = NULL;
-
-    vflag = cflag = eflag = dflag = kflag = hflag = bflag = fflag = sflag =
-        uflag = flag3 = 0;
-    error = 0;
-    memset(key, 0, sizeof(key));
-
-    for (i = 1; i < argc; i++) {
-        p = argv[i];
-        if ((p[0] == '-') && (p[1] != '\0')) {
-            p++;
-            while (*p) {
-                switch (*(p++)) {
-                case '3':
-                    flag3 = 1;
-                    longk = 1;
-                    break;
-                case 'c':
-                    cflag = 1;
-                    strncpy(cksumname, p, 200);
-                    cksumname[sizeof(cksumname) - 1] = '\0';
-                    p += strlen(cksumname);
-                    break;
-                case 'C':
-                    cflag = 1;
-                    longk = 1;
-                    strncpy(cksumname, p, 200);
-                    cksumname[sizeof(cksumname) - 1] = '\0';
-                    p += strlen(cksumname);
-                    break;
-                case 'e':
-                    eflag = 1;
-                    break;
-                case 'v':
-                    vflag = 1;
-                    break;
-                case 'E':
-                    eflag = 1;
-                    longk = 1;
-                    break;
-                case 'd':
-                    dflag = 1;
-                    break;
-                case 'D':
-                    dflag = 1;
-                    longk = 1;
-                    break;
-                case 'b':
-                    bflag = 1;
-                    break;
-                case 'f':
-                    fflag = 1;
-                    break;
-                case 's':
-                    sflag = 1;
-                    break;
-                case 'u':
-                    uflag = 1;
-                    strncpy(uuname, p, 200);
-                    uuname[sizeof(uuname) - 1] = '\0';
-                    p += strlen(uuname);
-                    break;
-                case 'h':
-                    hflag = 1;
-                    break;
-                case 'k':
-                    kflag = 1;
-                    if ((i + 1) == argc) {
-                        fputs("must have a key with the -k option\n", stderr);
-                        error = 1;
-                    } else {
-                        int j;
-
-                        i++;
-                        strncpy(key, argv[i], KEYSIZB);
-                        for (j = strlen(argv[i]) - 1; j >= 0; j--)
-                            argv[i][j] = '\0';
-                    }
-                    break;
-                default:
-                    fprintf(stderr, "'%c' unknown flag\n", p[-1]);
-                    error = 1;
-                    break;
-                }
-            }
-        } else {
-            if (in == NULL)
-                in = argv[i];
-            else if (out == NULL)
-                out = argv[i];
-            else
-                error = 1;
-        }
-    }
-    if (error)
-        usage();
-    /*-
-     * We either
-     * do checksum or
-     * do encrypt or
-     * do decrypt or
-     * do decrypt then ckecksum or
-     * do checksum then encrypt
-     */
-    if (((eflag + dflag) == 1) || cflag) {
-        if (eflag)
-            do_encrypt = DES_ENCRYPT;
-        if (dflag)
-            do_encrypt = DES_DECRYPT;
-    } else {
-        if (vflag) {
-#ifndef _Windows
-            fprintf(stderr, "des(1) built with %s\n", libdes_version);
-#endif
-            EXIT(1);
-        } else
-            usage();
-    }
-
-#ifndef _Windows
-    if (vflag)
-        fprintf(stderr, "des(1) built with %s\n", libdes_version);
-#endif
-    if ((in != NULL) && (out != NULL) &&
-#ifndef OPENSSL_SYS_MSDOS
-        (stat(in, &ins) != -1) &&
-        (stat(out, &outs) != -1) &&
-        (ins.st_dev == outs.st_dev) && (ins.st_ino == outs.st_ino))
-#else                           /* OPENSSL_SYS_MSDOS */
-        (strcmp(in, out) == 0))
-#endif
-    {
-        fputs("input and output file are the same\n", stderr);
-        EXIT(3);
-    }
-
-    if (!kflag)
-        if (des_read_pw_string
-            (key, KEYSIZB + 1, "Enter key:", eflag ? VERIFY : 0)) {
-            fputs("password error\n", stderr);
-            EXIT(2);
-        }
-
-    if (in == NULL)
-        DES_IN = stdin;
-    else if ((DES_IN = fopen(in, "r")) == NULL) {
-        perror("opening input file");
-        EXIT(4);
-    }
-
-    CKSUM_OUT = stdout;
-    if (out == NULL) {
-        DES_OUT = stdout;
-        CKSUM_OUT = stderr;
-    } else if ((DES_OUT = fopen(out, "w")) == NULL) {
-        perror("opening output file");
-        EXIT(5);
-    }
-#ifdef OPENSSL_SYS_MSDOS
-    /* This should set the file to binary mode. */
-    {
-# include <fcntl.h>
-        if (!(uflag && dflag))
-            setmode(fileno(DES_IN), O_BINARY);
-        if (!(uflag && eflag))
-            setmode(fileno(DES_OUT), O_BINARY);
-    }
-#endif
-
-    doencryption();
-    fclose(DES_IN);
-    fclose(DES_OUT);
-    EXIT(0);
-}
-
-void usage(void)
-{
-    char **u;
-    static const char *Usage[] = {
-        "des <options> [input-file [output-file]]",
-        "options:",
-        "-v         : des(1) version number",
-        "-e         : encrypt using SunOS compatible user key to DES key conversion.",
-        "-E         : encrypt ",
-        "-d         : decrypt using SunOS compatible user key to DES key conversion.",
-        "-D         : decrypt ",
-        "-c[ckname] : generate a cbc_cksum using SunOS compatible user key to",
-        "             DES key conversion and output to ckname (stdout default,",
-        "             stderr if data being output on stdout).  The checksum is",
-        "             generated before encryption and after decryption if used",
-        "             in conjunction with -[eEdD].",
-        "-C[ckname] : generate a cbc_cksum as for -c but compatible with -[ED].",
-        "-k key     : use key 'key'",
-        "-h         : the key that is entered will be a hexadecimal number",
-        "             that is used directly as the des key",
-        "-u[uuname] : input file is uudecoded if -[dD] or output uuencoded data if -[eE]",
-        "             (uuname is the filename to put in the uuencode header).",
-        "-b         : encrypt using DES in ecb encryption mode, the default is cbc mode.",
-        "-3         : encrypt using triple DES encryption.  This uses 2 keys",
-        "             generated from the input key.  If the input key is less",
-        "             than 8 characters long, this is equivalent to normal",
-        "             encryption.  Default is triple cbc, -b makes it triple ecb.",
-        NULL
-    };
-    for (u = (char **)Usage; *u; u++) {
-        fputs(*u, stderr);
-        fputc('\n', stderr);
-    }
-
-    EXIT(1);
-}
-
-void doencryption(void)
-{
-#ifdef _LIBC
-    extern unsigned long time();
-#endif
-
-    register int i;
-    DES_key_schedule ks, ks2;
-    DES_cblock iv, iv2;
-    char *p;
-    int num = 0, j, k, l, rem, ll, len, last, ex = 0;
-    DES_cblock kk, k2;
-    FILE *O;
-    int Exit = 0;
-#ifndef OPENSSL_SYS_MSDOS
-    static unsigned char buf[BUFSIZE + 8], obuf[BUFSIZE + 8];
-#else
-    static unsigned char *buf = NULL, *obuf = NULL;
-
-    if (buf == NULL) {
-        if (((buf = OPENSSL_malloc(BUFSIZE + 8)) == NULL) ||
-            ((obuf = OPENSSL_malloc(BUFSIZE + 8)) == NULL)) {
-            fputs("Not enough memory\n", stderr);
-            Exit = 10;
-            goto problems;
-        }
-    }
-#endif
-
-    if (hflag) {
-        j = (flag3 ? 16 : 8);
-        p = key;
-        for (i = 0; i < j; i++) {
-            k = 0;
-            if ((*p <= '9') && (*p >= '0'))
-                k = (*p - '0') << 4;
-            else if ((*p <= 'f') && (*p >= 'a'))
-                k = (*p - 'a' + 10) << 4;
-            else if ((*p <= 'F') && (*p >= 'A'))
-                k = (*p - 'A' + 10) << 4;
-            else {
-                fputs("Bad hex key\n", stderr);
-                Exit = 9;
-                goto problems;
-            }
-            p++;
-            if ((*p <= '9') && (*p >= '0'))
-                k |= (*p - '0');
-            else if ((*p <= 'f') && (*p >= 'a'))
-                k |= (*p - 'a' + 10);
-            else if ((*p <= 'F') && (*p >= 'A'))
-                k |= (*p - 'A' + 10);
-            else {
-                fputs("Bad hex key\n", stderr);
-                Exit = 9;
-                goto problems;
-            }
-            p++;
-            if (i < 8)
-                kk[i] = k;
-            else
-                k2[i - 8] = k;
-        }
-        DES_set_key_unchecked(&k2, &ks2);
-        OPENSSL_cleanse(k2, sizeof(k2));
-    } else if (longk || flag3) {
-        if (flag3) {
-            DES_string_to_2keys(key, &kk, &k2);
-            DES_set_key_unchecked(&k2, &ks2);
-            OPENSSL_cleanse(k2, sizeof(k2));
-        } else
-            DES_string_to_key(key, &kk);
-    } else
-        for (i = 0; i < KEYSIZ; i++) {
-            l = 0;
-            k = key[i];
-            for (j = 0; j < 8; j++) {
-                if (k & 1)
-                    l++;
-                k >>= 1;
-            }
-            if (l & 1)
-                kk[i] = key[i] & 0x7f;
-            else
-                kk[i] = key[i] | 0x80;
-        }
-
-    DES_set_key_unchecked(&kk, &ks);
-    OPENSSL_cleanse(key, sizeof(key));
-    OPENSSL_cleanse(kk, sizeof(kk));
-    /* woops - A bug that does not showup under unix :-( */
-    memset(iv, 0, sizeof(iv));
-    memset(iv2, 0, sizeof(iv2));
-
-    l = 1;
-    rem = 0;
-    /* first read */
-    if (eflag || (!dflag && cflag)) {
-        for (;;) {
-            num = l = fread(&(buf[rem]), 1, BUFSIZE, DES_IN);
-            l += rem;
-            num += rem;
-            if (l < 0) {
-                perror("read error");
-                Exit = 6;
-                goto problems;
-            }
-
-            rem = l % 8;
-            len = l - rem;
-            if (feof(DES_IN)) {
-                for (i = 7 - rem; i > 0; i--) {
-                    if (RAND_bytes(buf + l++, 1) <= 0)
-                        goto problems;
-                }
-                buf[l++] = rem;
-                ex = 1;
-                len += rem;
-            } else
-                l -= rem;
-
-            if (cflag) {
-                DES_cbc_cksum(buf, &cksum, (long)len, &ks, &cksum);
-                if (!eflag) {
-                    if (feof(DES_IN))
-                        break;
-                    else
-                        continue;
-                }
-            }
-
-            if (bflag && !flag3)
-                for (i = 0; i < l; i += 8)
-                    DES_ecb_encrypt((DES_cblock *)&(buf[i]),
-                                    (DES_cblock *)&(obuf[i]),
-                                    &ks, do_encrypt);
-            else if (flag3 && bflag)
-                for (i = 0; i < l; i += 8)
-                    DES_ecb2_encrypt((DES_cblock *)&(buf[i]),
-                                     (DES_cblock *)&(obuf[i]),
-                                     &ks, &ks2, do_encrypt);
-            else if (flag3 && !bflag) {
-                char tmpbuf[8];
-
-                if (rem)
-                    memcpy(tmpbuf, &(buf[l]), (unsigned int)rem);
-                DES_3cbc_encrypt((DES_cblock *)buf, (DES_cblock *)obuf,
-                                 (long)l, ks, ks2, &iv, &iv2, do_encrypt);
-                if (rem)
-                    memcpy(&(buf[l]), tmpbuf, (unsigned int)rem);
-            } else {
-                DES_cbc_encrypt(buf, obuf, (long)l, &ks, &iv, do_encrypt);
-                if (l >= 8)
-                    memcpy(iv, &(obuf[l - 8]), 8);
-            }
-            if (rem)
-                memcpy(buf, &(buf[l]), (unsigned int)rem);
-
-            i = 0;
-            while (i < l) {
-                if (uflag)
-                    j = uufwrite(obuf, 1, (unsigned int)l - i, DES_OUT);
-                else
-                    j = fwrite(obuf, 1, (unsigned int)l - i, DES_OUT);
-                if (j == -1) {
-                    perror("Write error");
-                    Exit = 7;
-                    goto problems;
-                }
-                i += j;
-            }
-            if (feof(DES_IN)) {
-                if (uflag)
-                    uufwriteEnd(DES_OUT);
-                break;
-            }
-        }
-    } else {                    /* decrypt */
-
-        ex = 1;
-        for (;;) {
-            if (ex) {
-                if (uflag)
-                    l = uufread(buf, 1, BUFSIZE, DES_IN);
-                else
-                    l = fread(buf, 1, BUFSIZE, DES_IN);
-                ex = 0;
-                rem = l % 8;
-                l -= rem;
-            }
-            if (l < 0) {
-                perror("read error");
-                Exit = 6;
-                goto problems;
-            }
-
-            if (bflag && !flag3)
-                for (i = 0; i < l; i += 8)
-                    DES_ecb_encrypt((DES_cblock *)&(buf[i]),
-                                    (DES_cblock *)&(obuf[i]),
-                                    &ks, do_encrypt);
-            else if (flag3 && bflag)
-                for (i = 0; i < l; i += 8)
-                    DES_ecb2_encrypt((DES_cblock *)&(buf[i]),
-                                     (DES_cblock *)&(obuf[i]),
-                                     &ks, &ks2, do_encrypt);
-            else if (flag3 && !bflag) {
-                DES_3cbc_encrypt((DES_cblock *)buf, (DES_cblock *)obuf,
-                                 (long)l, ks, ks2, &iv, &iv2, do_encrypt);
-            } else {
-                DES_cbc_encrypt(buf, obuf, (long)l, &ks, &iv, do_encrypt);
-                if (l >= 8)
-                    memcpy(iv, &(buf[l - 8]), 8);
-            }
-
-            if (uflag)
-                ll = uufread(&(buf[rem]), 1, BUFSIZE, DES_IN);
-            else
-                ll = fread(&(buf[rem]), 1, BUFSIZE, DES_IN);
-            ll += rem;
-            rem = ll % 8;
-            ll -= rem;
-            if (feof(DES_IN) && (ll == 0)) {
-                last = obuf[l - 1];
-
-                if ((last > 7) || (last < 0)) {
-                    fputs("The file was not decrypted correctly.\n", stderr);
-                    Exit = 8;
-                    last = 0;
-                }
-                l = l - 8 + last;
-            }
-            i = 0;
-            if (cflag)
-                DES_cbc_cksum(obuf,
-                              (DES_cblock *)cksum, (long)l / 8 * 8, &ks,
-                              (DES_cblock *)cksum);
-            while (i != l) {
-                j = fwrite(obuf, 1, (unsigned int)l - i, DES_OUT);
-                if (j == -1) {
-                    perror("Write error");
-                    Exit = 7;
-                    goto problems;
-                }
-                i += j;
-            }
-            l = ll;
-            if ((l == 0) && feof(DES_IN))
-                break;
-        }
-    }
-    if (cflag) {
-        l = 0;
-        if (cksumname[0] != '\0') {
-            if ((O = fopen(cksumname, "w")) != NULL) {
-                CKSUM_OUT = O;
-                l = 1;
-            }
-        }
-        for (i = 0; i < 8; i++)
-            fprintf(CKSUM_OUT, "%02X", cksum[i]);
-        fprintf(CKSUM_OUT, "\n");
-        if (l)
-            fclose(CKSUM_OUT);
-    }
- problems:
-    OPENSSL_cleanse(buf, sizeof(buf));
-    OPENSSL_cleanse(obuf, sizeof(obuf));
-    OPENSSL_cleanse(&ks, sizeof(ks));
-    OPENSSL_cleanse(&ks2, sizeof(ks2));
-    OPENSSL_cleanse(iv, sizeof(iv));
-    OPENSSL_cleanse(iv2, sizeof(iv2));
-    OPENSSL_cleanse(kk, sizeof(kk));
-    OPENSSL_cleanse(k2, sizeof(k2));
-    OPENSSL_cleanse(uubuf, sizeof(uubuf));
-    OPENSSL_cleanse(b, sizeof(b));
-    OPENSSL_cleanse(bb, sizeof(bb));
-    OPENSSL_cleanse(cksum, sizeof(cksum));
-    if (Exit)
-        EXIT(Exit);
-}
-
-/*    We ignore this parameter but it should be > ~50 I believe    */
-int uufwrite(unsigned char *data, int size, unsigned int num, FILE *fp)
-{
-    int i, j, left, rem, ret = num;
-    static int start = 1;
-
-    if (start) {
-        fprintf(fp, "begin 600 %s\n",
-                (uuname[0] == '\0') ? "text.d" : uuname);
-        start = 0;
-    }
-
-    if (uubufnum) {
-        if (uubufnum + num < 45) {
-            memcpy(&(uubuf[uubufnum]), data, (unsigned int)num);
-            uubufnum += num;
-            return (num);
-        } else {
-            i = 45 - uubufnum;
-            memcpy(&(uubuf[uubufnum]), data, (unsigned int)i);
-            j = uuencode((unsigned char *)uubuf, 45, b);
-            fwrite(b, 1, (unsigned int)j, fp);
-            uubufnum = 0;
-            data += i;
-            num -= i;
-        }
-    }
-
-    for (i = 0; i < (((int)num) - INUUBUFN); i += INUUBUFN) {
-        j = uuencode(&(data[i]), INUUBUFN, b);
-        fwrite(b, 1, (unsigned int)j, fp);
-    }
-    rem = (num - i) % 45;
-    left = (num - i - rem);
-    if (left) {
-        j = uuencode(&(data[i]), left, b);
-        fwrite(b, 1, (unsigned int)j, fp);
-        i += left;
-    }
-    if (i != num) {
-        memcpy(uubuf, &(data[i]), (unsigned int)rem);
-        uubufnum = rem;
-    }
-    return (ret);
-}
-
-void uufwriteEnd(FILE *fp)
-{
-    int j;
-    static const char *end = " \nend\n";
-
-    if (uubufnum != 0) {
-        uubuf[uubufnum] = '\0';
-        uubuf[uubufnum + 1] = '\0';
-        uubuf[uubufnum + 2] = '\0';
-        j = uuencode(uubuf, uubufnum, b);
-        fwrite(b, 1, (unsigned int)j, fp);
-    }
-    fwrite(end, 1, strlen(end), fp);
-}
-
-/*
- * int size: should always be > ~ 60; I actually ignore this parameter :-)
- */
-int uufread(unsigned char *out, int size, unsigned int num, FILE *fp)
-{
-    int i, j, tot;
-    static int done = 0;
-    static int valid = 0;
-    static int start = 1;
-
-    if (start) {
-        for (;;) {
-            b[0] = '\0';
-            fgets((char *)b, 300, fp);
-            if (b[0] == '\0') {
-                fprintf(stderr, "no 'begin' found in uuencoded input\n");
-                return (-1);
-            }
-            if (strncmp((char *)b, "begin ", 6) == 0)
-                break;
-        }
-        start = 0;
-    }
-    if (done)
-        return (0);
-    tot = 0;
-    if (valid) {
-        memcpy(out, bb, (unsigned int)valid);
-        tot = valid;
-        valid = 0;
-    }
-    for (;;) {
-        b[0] = '\0';
-        fgets((char *)b, 300, fp);
-        if (b[0] == '\0')
-            break;
-        i = strlen((char *)b);
-        if ((b[0] == 'e') && (b[1] == 'n') && (b[2] == 'd')) {
-            done = 1;
-            while (!feof(fp)) {
-                fgets((char *)b, 300, fp);
-            }
-            break;
-        }
-        i = uudecode(b, i, bb);
-        if (i < 0)
-            break;
-        if ((i + tot + 8) > num) {
-            /* num to copy to make it a multiple of 8 */
-            j = (num / 8 * 8) - tot - 8;
-            memcpy(&(out[tot]), bb, (unsigned int)j);
-            tot += j;
-            memcpy(bb, &(bb[j]), (unsigned int)i - j);
-            valid = i - j;
-            break;
-        }
-        memcpy(&(out[tot]), bb, (unsigned int)i);
-        tot += i;
-    }
-    return (tot);
-}
-
-#define ccc2l(c,l)      (l =((DES_LONG)(*((c)++)))<<16, \
-                         l|=((DES_LONG)(*((c)++)))<< 8, \
-                         l|=((DES_LONG)(*((c)++))))
-
-#define l2ccc(l,c)      (*((c)++)=(unsigned char)(((l)>>16)&0xff), \
-                    *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
-                    *((c)++)=(unsigned char)(((l)    )&0xff))
-
-int uuencode(unsigned char *in, int num, unsigned char *out)
-{
-    int j, i, n, tot = 0;
-    DES_LONG l;
-    register unsigned char *p;
-    p = out;
-
-    for (j = 0; j < num; j += 45) {
-        if (j + 45 > num)
-            i = (num - j);
-        else
-            i = 45;
-        *(p++) = i + ' ';
-        for (n = 0; n < i; n += 3) {
-            ccc2l(in, l);
-            *(p++) = ((l >> 18) & 0x3f) + ' ';
-            *(p++) = ((l >> 12) & 0x3f) + ' ';
-            *(p++) = ((l >> 6) & 0x3f) + ' ';
-            *(p++) = ((l) & 0x3f) + ' ';
-            tot += 4;
-        }
-        *(p++) = '\n';
-        tot += 2;
-    }
-    *p = '\0';
-    l = 0;
-    return (tot);
-}
-
-int uudecode(unsigned char *in, int num, unsigned char *out)
-{
-    int j, i, k;
-    unsigned int n = 0, space = 0;
-    DES_LONG l;
-    DES_LONG w, x, y, z;
-    unsigned int blank = (unsigned int)'\n' - ' ';
-
-    for (j = 0; j < num;) {
-        n = *(in++) - ' ';
-        if (n == blank) {
-            n = 0;
-            in--;
-        }
-        if (n > 60) {
-            fprintf(stderr, "uuencoded line length too long\n");
-            return (-1);
-        }
-        j++;
-
-        for (i = 0; i < n; j += 4, i += 3) {
-            /*
-             * the following is for cases where spaces are removed from
-             * lines.
-             */
-            if (space) {
-                w = x = y = z = 0;
-            } else {
-                w = *(in++) - ' ';
-                x = *(in++) - ' ';
-                y = *(in++) - ' ';
-                z = *(in++) - ' ';
-            }
-            if ((w > 63) || (x > 63) || (y > 63) || (z > 63)) {
-                k = 0;
-                if (w == blank)
-                    k = 1;
-                if (x == blank)
-                    k = 2;
-                if (y == blank)
-                    k = 3;
-                if (z == blank)
-                    k = 4;
-                space = 1;
-                switch (k) {
-                case 1:
-                    w = 0;
-                    in--;
-                case 2:
-                    x = 0;
-                    in--;
-                case 3:
-                    y = 0;
-                    in--;
-                case 4:
-                    z = 0;
-                    in--;
-                    break;
-                case 0:
-                    space = 0;
-                    fprintf(stderr, "bad uuencoded data values\n");
-                    w = x = y = z = 0;
-                    return (-1);
-                    break;
-                }
-            }
-            l = (w << 18) | (x << 12) | (y << 6) | (z);
-            l2ccc(l, out);
-        }
-        if (*(in++) != '\n') {
-            fprintf(stderr, "missing nl in uuencoded line\n");
-            w = x = y = z = 0;
-            return (-1);
-        }
-        j++;
-    }
-    *out = '\0';
-    w = x = y = z = 0;
-    return (n);
-}
diff --git a/thirdparty/openssl/crypto/des/des3s.cpp b/thirdparty/openssl/crypto/des/des3s.cpp
deleted file mode 100644
index 02d527c057..0000000000
--- a/thirdparty/openssl/crypto/des/des3s.cpp
+++ /dev/null
@@ -1,67 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/des.h>
-
-void main(int argc,char *argv[])
-	{
-	des_key_schedule key1,key2,key3;
-	unsigned long s1,s2,e1,e2;
-	unsigned long data[2];
-	int i,j;
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<1000; i++) /**/
-			{
-			des_encrypt3(&data[0],key1,key2,key3);
-			GetTSC(s1);
-			des_encrypt3(&data[0],key1,key2,key3);
-			des_encrypt3(&data[0],key1,key2,key3);
-			des_encrypt3(&data[0],key1,key2,key3);
-			GetTSC(e1);
-			GetTSC(s2);
-			des_encrypt3(&data[0],key1,key2,key3);
-			des_encrypt3(&data[0],key1,key2,key3);
-			des_encrypt3(&data[0],key1,key2,key3);
-			des_encrypt3(&data[0],key1,key2,key3);
-			GetTSC(e2);
-			des_encrypt3(&data[0],key1,key2,key3);
-			}
-
-		printf("des %d %d (%d)\n",
-			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
-		}
-	}
-
diff --git a/thirdparty/openssl/crypto/des/des_enc.c b/thirdparty/openssl/crypto/des/des_enc.c
deleted file mode 100644
index c0b062da3d..0000000000
--- a/thirdparty/openssl/crypto/des/des_enc.c
+++ /dev/null
@@ -1,389 +0,0 @@
-/* crypto/des/des_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-#include "spr.h"
-
-void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc)
-{
-    register DES_LONG l, r, t, u;
-#ifdef DES_PTR
-    register const unsigned char *des_SP = (const unsigned char *)DES_SPtrans;
-#endif
-#ifndef DES_UNROLL
-    register int i;
-#endif
-    register DES_LONG *s;
-
-    r = data[0];
-    l = data[1];
-
-    IP(r, l);
-    /*
-     * Things have been modified so that the initial rotate is done outside
-     * the loop.  This required the DES_SPtrans values in sp.h to be rotated
-     * 1 bit to the right. One perl script later and things have a 5% speed
-     * up on a sparc2. Thanks to Richard Outerbridge
-     * <71755.204@CompuServe.COM> for pointing this out.
-     */
-    /* clear the top bits on machines with 8byte longs */
-    /* shift left by 2 */
-    r = ROTATE(r, 29) & 0xffffffffL;
-    l = ROTATE(l, 29) & 0xffffffffL;
-
-    s = ks->ks->deslong;
-    /*
-     * I don't know if it is worth the effort of loop unrolling the inner
-     * loop
-     */
-    if (enc) {
-#ifdef DES_UNROLL
-        D_ENCRYPT(l, r, 0);     /* 1 */
-        D_ENCRYPT(r, l, 2);     /* 2 */
-        D_ENCRYPT(l, r, 4);     /* 3 */
-        D_ENCRYPT(r, l, 6);     /* 4 */
-        D_ENCRYPT(l, r, 8);     /* 5 */
-        D_ENCRYPT(r, l, 10);    /* 6 */
-        D_ENCRYPT(l, r, 12);    /* 7 */
-        D_ENCRYPT(r, l, 14);    /* 8 */
-        D_ENCRYPT(l, r, 16);    /* 9 */
-        D_ENCRYPT(r, l, 18);    /* 10 */
-        D_ENCRYPT(l, r, 20);    /* 11 */
-        D_ENCRYPT(r, l, 22);    /* 12 */
-        D_ENCRYPT(l, r, 24);    /* 13 */
-        D_ENCRYPT(r, l, 26);    /* 14 */
-        D_ENCRYPT(l, r, 28);    /* 15 */
-        D_ENCRYPT(r, l, 30);    /* 16 */
-#else
-        for (i = 0; i < 32; i += 4) {
-            D_ENCRYPT(l, r, i + 0); /* 1 */
-            D_ENCRYPT(r, l, i + 2); /* 2 */
-        }
-#endif
-    } else {
-#ifdef DES_UNROLL
-        D_ENCRYPT(l, r, 30);    /* 16 */
-        D_ENCRYPT(r, l, 28);    /* 15 */
-        D_ENCRYPT(l, r, 26);    /* 14 */
-        D_ENCRYPT(r, l, 24);    /* 13 */
-        D_ENCRYPT(l, r, 22);    /* 12 */
-        D_ENCRYPT(r, l, 20);    /* 11 */
-        D_ENCRYPT(l, r, 18);    /* 10 */
-        D_ENCRYPT(r, l, 16);    /* 9 */
-        D_ENCRYPT(l, r, 14);    /* 8 */
-        D_ENCRYPT(r, l, 12);    /* 7 */
-        D_ENCRYPT(l, r, 10);    /* 6 */
-        D_ENCRYPT(r, l, 8);     /* 5 */
-        D_ENCRYPT(l, r, 6);     /* 4 */
-        D_ENCRYPT(r, l, 4);     /* 3 */
-        D_ENCRYPT(l, r, 2);     /* 2 */
-        D_ENCRYPT(r, l, 0);     /* 1 */
-#else
-        for (i = 30; i > 0; i -= 4) {
-            D_ENCRYPT(l, r, i - 0); /* 16 */
-            D_ENCRYPT(r, l, i - 2); /* 15 */
-        }
-#endif
-    }
-
-    /* rotate and clear the top bits on machines with 8byte longs */
-    l = ROTATE(l, 3) & 0xffffffffL;
-    r = ROTATE(r, 3) & 0xffffffffL;
-
-    FP(r, l);
-    data[0] = l;
-    data[1] = r;
-    l = r = t = u = 0;
-}
-
-void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc)
-{
-    register DES_LONG l, r, t, u;
-#ifdef DES_PTR
-    register const unsigned char *des_SP = (const unsigned char *)DES_SPtrans;
-#endif
-#ifndef DES_UNROLL
-    register int i;
-#endif
-    register DES_LONG *s;
-
-    r = data[0];
-    l = data[1];
-
-    /*
-     * Things have been modified so that the initial rotate is done outside
-     * the loop.  This required the DES_SPtrans values in sp.h to be rotated
-     * 1 bit to the right. One perl script later and things have a 5% speed
-     * up on a sparc2. Thanks to Richard Outerbridge
-     * <71755.204@CompuServe.COM> for pointing this out.
-     */
-    /* clear the top bits on machines with 8byte longs */
-    r = ROTATE(r, 29) & 0xffffffffL;
-    l = ROTATE(l, 29) & 0xffffffffL;
-
-    s = ks->ks->deslong;
-    /*
-     * I don't know if it is worth the effort of loop unrolling the inner
-     * loop
-     */
-    if (enc) {
-#ifdef DES_UNROLL
-        D_ENCRYPT(l, r, 0);     /* 1 */
-        D_ENCRYPT(r, l, 2);     /* 2 */
-        D_ENCRYPT(l, r, 4);     /* 3 */
-        D_ENCRYPT(r, l, 6);     /* 4 */
-        D_ENCRYPT(l, r, 8);     /* 5 */
-        D_ENCRYPT(r, l, 10);    /* 6 */
-        D_ENCRYPT(l, r, 12);    /* 7 */
-        D_ENCRYPT(r, l, 14);    /* 8 */
-        D_ENCRYPT(l, r, 16);    /* 9 */
-        D_ENCRYPT(r, l, 18);    /* 10 */
-        D_ENCRYPT(l, r, 20);    /* 11 */
-        D_ENCRYPT(r, l, 22);    /* 12 */
-        D_ENCRYPT(l, r, 24);    /* 13 */
-        D_ENCRYPT(r, l, 26);    /* 14 */
-        D_ENCRYPT(l, r, 28);    /* 15 */
-        D_ENCRYPT(r, l, 30);    /* 16 */
-#else
-        for (i = 0; i < 32; i += 4) {
-            D_ENCRYPT(l, r, i + 0); /* 1 */
-            D_ENCRYPT(r, l, i + 2); /* 2 */
-        }
-#endif
-    } else {
-#ifdef DES_UNROLL
-        D_ENCRYPT(l, r, 30);    /* 16 */
-        D_ENCRYPT(r, l, 28);    /* 15 */
-        D_ENCRYPT(l, r, 26);    /* 14 */
-        D_ENCRYPT(r, l, 24);    /* 13 */
-        D_ENCRYPT(l, r, 22);    /* 12 */
-        D_ENCRYPT(r, l, 20);    /* 11 */
-        D_ENCRYPT(l, r, 18);    /* 10 */
-        D_ENCRYPT(r, l, 16);    /* 9 */
-        D_ENCRYPT(l, r, 14);    /* 8 */
-        D_ENCRYPT(r, l, 12);    /* 7 */
-        D_ENCRYPT(l, r, 10);    /* 6 */
-        D_ENCRYPT(r, l, 8);     /* 5 */
-        D_ENCRYPT(l, r, 6);     /* 4 */
-        D_ENCRYPT(r, l, 4);     /* 3 */
-        D_ENCRYPT(l, r, 2);     /* 2 */
-        D_ENCRYPT(r, l, 0);     /* 1 */
-#else
-        for (i = 30; i > 0; i -= 4) {
-            D_ENCRYPT(l, r, i - 0); /* 16 */
-            D_ENCRYPT(r, l, i - 2); /* 15 */
-        }
-#endif
-    }
-    /* rotate and clear the top bits on machines with 8byte longs */
-    data[0] = ROTATE(l, 3) & 0xffffffffL;
-    data[1] = ROTATE(r, 3) & 0xffffffffL;
-    l = r = t = u = 0;
-}
-
-void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
-                  DES_key_schedule *ks2, DES_key_schedule *ks3)
-{
-    register DES_LONG l, r;
-
-    l = data[0];
-    r = data[1];
-    IP(l, r);
-    data[0] = l;
-    data[1] = r;
-    DES_encrypt2((DES_LONG *)data, ks1, DES_ENCRYPT);
-    DES_encrypt2((DES_LONG *)data, ks2, DES_DECRYPT);
-    DES_encrypt2((DES_LONG *)data, ks3, DES_ENCRYPT);
-    l = data[0];
-    r = data[1];
-    FP(r, l);
-    data[0] = l;
-    data[1] = r;
-}
-
-void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
-                  DES_key_schedule *ks2, DES_key_schedule *ks3)
-{
-    register DES_LONG l, r;
-
-    l = data[0];
-    r = data[1];
-    IP(l, r);
-    data[0] = l;
-    data[1] = r;
-    DES_encrypt2((DES_LONG *)data, ks3, DES_DECRYPT);
-    DES_encrypt2((DES_LONG *)data, ks2, DES_ENCRYPT);
-    DES_encrypt2((DES_LONG *)data, ks1, DES_DECRYPT);
-    l = data[0];
-    r = data[1];
-    FP(r, l);
-    data[0] = l;
-    data[1] = r;
-}
-
-#ifndef DES_DEFAULT_OPTIONS
-
-# undef CBC_ENC_C__DONT_UPDATE_IV
-# include "ncbc_enc.c"          /* DES_ncbc_encrypt */
-
-void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
-                          long length, DES_key_schedule *ks1,
-                          DES_key_schedule *ks2, DES_key_schedule *ks3,
-                          DES_cblock *ivec, int enc)
-{
-    register DES_LONG tin0, tin1;
-    register DES_LONG tout0, tout1, xor0, xor1;
-    register const unsigned char *in;
-    unsigned char *out;
-    register long l = length;
-    DES_LONG tin[2];
-    unsigned char *iv;
-
-    in = input;
-    out = output;
-    iv = &(*ivec)[0];
-
-    if (enc) {
-        c2l(iv, tout0);
-        c2l(iv, tout1);
-        for (l -= 8; l >= 0; l -= 8) {
-            c2l(in, tin0);
-            c2l(in, tin1);
-            tin0 ^= tout0;
-            tin1 ^= tout1;
-
-            tin[0] = tin0;
-            tin[1] = tin1;
-            DES_encrypt3((DES_LONG *)tin, ks1, ks2, ks3);
-            tout0 = tin[0];
-            tout1 = tin[1];
-
-            l2c(tout0, out);
-            l2c(tout1, out);
-        }
-        if (l != -8) {
-            c2ln(in, tin0, tin1, l + 8);
-            tin0 ^= tout0;
-            tin1 ^= tout1;
-
-            tin[0] = tin0;
-            tin[1] = tin1;
-            DES_encrypt3((DES_LONG *)tin, ks1, ks2, ks3);
-            tout0 = tin[0];
-            tout1 = tin[1];
-
-            l2c(tout0, out);
-            l2c(tout1, out);
-        }
-        iv = &(*ivec)[0];
-        l2c(tout0, iv);
-        l2c(tout1, iv);
-    } else {
-        register DES_LONG t0, t1;
-
-        c2l(iv, xor0);
-        c2l(iv, xor1);
-        for (l -= 8; l >= 0; l -= 8) {
-            c2l(in, tin0);
-            c2l(in, tin1);
-
-            t0 = tin0;
-            t1 = tin1;
-
-            tin[0] = tin0;
-            tin[1] = tin1;
-            DES_decrypt3((DES_LONG *)tin, ks1, ks2, ks3);
-            tout0 = tin[0];
-            tout1 = tin[1];
-
-            tout0 ^= xor0;
-            tout1 ^= xor1;
-            l2c(tout0, out);
-            l2c(tout1, out);
-            xor0 = t0;
-            xor1 = t1;
-        }
-        if (l != -8) {
-            c2l(in, tin0);
-            c2l(in, tin1);
-
-            t0 = tin0;
-            t1 = tin1;
-
-            tin[0] = tin0;
-            tin[1] = tin1;
-            DES_decrypt3((DES_LONG *)tin, ks1, ks2, ks3);
-            tout0 = tin[0];
-            tout1 = tin[1];
-
-            tout0 ^= xor0;
-            tout1 ^= xor1;
-            l2cn(tout0, tout1, out, l + 8);
-            xor0 = t0;
-            xor1 = t1;
-        }
-
-        iv = &(*ivec)[0];
-        l2c(xor0, iv);
-        l2c(xor1, iv);
-    }
-    tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
-    tin[0] = tin[1] = 0;
-}
-
-#endif                          /* DES_DEFAULT_OPTIONS */
diff --git a/thirdparty/openssl/crypto/des/des_locl.h b/thirdparty/openssl/crypto/des/des_locl.h
deleted file mode 100644
index 23ea9d32a7..0000000000
--- a/thirdparty/openssl/crypto/des/des_locl.h
+++ /dev/null
@@ -1,443 +0,0 @@
-/* crypto/des/des_locl.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_DES_LOCL_H
-# define HEADER_DES_LOCL_H
-
-# include <openssl/e_os2.h>
-
-# if defined(OPENSSL_SYS_WIN32)
-#  ifndef OPENSSL_SYS_MSDOS
-#   define OPENSSL_SYS_MSDOS
-#  endif
-# endif
-
-# include <stdio.h>
-# include <stdlib.h>
-
-# ifndef OPENSSL_SYS_MSDOS
-#  if !defined(OPENSSL_SYS_VMS) || defined(__DECC)
-#   ifdef OPENSSL_UNISTD
-#    include OPENSSL_UNISTD
-#   else
-#    include <unistd.h>
-#   endif
-#   include <math.h>
-#  endif
-# endif
-# include <openssl/des.h>
-
-# ifdef OPENSSL_SYS_MSDOS       /* Visual C++ 2.1 (Windows NT/95) */
-#  include <stdlib.h>
-#  include <errno.h>
-#  include <time.h>
-#  include <io.h>
-# endif
-
-# if defined(__STDC__) || defined(OPENSSL_SYS_VMS) || defined(M_XENIX) || defined(OPENSSL_SYS_MSDOS)
-#  include <string.h>
-# endif
-
-# ifdef OPENSSL_BUILD_SHLIBCRYPTO
-#  undef OPENSSL_EXTERN
-#  define OPENSSL_EXTERN OPENSSL_EXPORT
-# endif
-
-# define ITERATIONS 16
-# define HALF_ITERATIONS 8
-
-/* used in des_read and des_write */
-# define MAXWRITE        (1024*16)
-# define BSIZE           (MAXWRITE+4)
-
-# define c2l(c,l)        (l =((DES_LONG)(*((c)++)))    , \
-                         l|=((DES_LONG)(*((c)++)))<< 8L, \
-                         l|=((DES_LONG)(*((c)++)))<<16L, \
-                         l|=((DES_LONG)(*((c)++)))<<24L)
-
-/* NOTE - c is not incremented as per c2l */
-# define c2ln(c,l1,l2,n) { \
-                        c+=n; \
-                        l1=l2=0; \
-                        switch (n) { \
-                        case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \
-                        case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \
-                        case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \
-                        case 5: l2|=((DES_LONG)(*(--(c))));     \
-                        case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \
-                        case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \
-                        case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \
-                        case 1: l1|=((DES_LONG)(*(--(c))));     \
-                                } \
-                        }
-
-# define l2c(l,c)        (*((c)++)=(unsigned char)(((l)     )&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-/*
- * replacements for htonl and ntohl since I have no idea what to do when
- * faced with machines with 8 byte longs.
- */
-# define HDRSIZE 4
-
-# define n2l(c,l)        (l =((DES_LONG)(*((c)++)))<<24L, \
-                         l|=((DES_LONG)(*((c)++)))<<16L, \
-                         l|=((DES_LONG)(*((c)++)))<< 8L, \
-                         l|=((DES_LONG)(*((c)++))))
-
-# define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)     )&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-# define l2cn(l1,l2,c,n) { \
-                        c+=n; \
-                        switch (n) { \
-                        case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
-                        case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
-                        case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
-                        case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
-                        case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
-                        case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
-                        case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
-                        case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
-                                } \
-                        }
-
-# if (defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER))
-#  define ROTATE(a,n)     (_lrotr(a,n))
-# elif defined(__ICC)
-#  define ROTATE(a,n)     (_rotr(a,n))
-# elif defined(__GNUC__) && __GNUC__>=2 && !defined(__STRICT_ANSI__) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC)
-#  if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
-#   define ROTATE(a,n)   ({ register unsigned int ret;   \
-                                asm ("rorl %1,%0"       \
-                                        : "=r"(ret)     \
-                                        : "I"(n),"0"(a) \
-                                        : "cc");        \
-                           ret;                         \
-                        })
-#  endif
-# endif
-# ifndef ROTATE
-#  define ROTATE(a,n)     (((a)>>(n))+((a)<<(32-(n))))
-# endif
-
-/*
- * Don't worry about the LOAD_DATA() stuff, that is used by fcrypt() to add
- * it's little bit to the front
- */
-
-# ifdef DES_FCRYPT
-
-#  define LOAD_DATA_tmp(R,S,u,t,E0,E1) \
-        { DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); }
-
-#  define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
-        t=R^(R>>16L); \
-        u=t&E0; t&=E1; \
-        tmp=(u<<16); u^=R^s[S  ]; u^=tmp; \
-        tmp=(t<<16); t^=R^s[S+1]; t^=tmp
-# else
-#  define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g)
-#  define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
-        u=R^s[S  ]; \
-        t=R^s[S+1]
-# endif
-
-/*
- * The changes to this macro may help or hinder, depending on the compiler
- * and the architecture.  gcc2 always seems to do well :-). Inspired by Dana
- * How <how@isl.stanford.edu> DO NOT use the alternative version on machines
- * with 8 byte longs. It does not seem to work on the Alpha, even when
- * DES_LONG is 4 bytes, probably an issue of accessing non-word aligned
- * objects :-(
- */
-# ifdef DES_PTR
-
-/*
- * It recently occurred to me that 0^0^0^0^0^0^0 == 0, so there is no reason
- * to not xor all the sub items together.  This potentially saves a register
- * since things can be xored directly into L
- */
-
-#  if defined(DES_RISC1) || defined(DES_RISC2)
-#   ifdef DES_RISC1
-#    define D_ENCRYPT(LL,R,S) { \
-        unsigned int u1,u2,u3; \
-        LOAD_DATA(R,S,u,t,E0,E1,u1); \
-        u2=(int)u>>8L; \
-        u1=(int)u&0xfc; \
-        u2&=0xfc; \
-        t=ROTATE(t,4); \
-        u>>=16L; \
-        LL^= *(const DES_LONG *)(des_SP      +u1); \
-        LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
-        u3=(int)(u>>8L); \
-        u1=(int)u&0xfc; \
-        u3&=0xfc; \
-        LL^= *(const DES_LONG *)(des_SP+0x400+u1); \
-        LL^= *(const DES_LONG *)(des_SP+0x600+u3); \
-        u2=(int)t>>8L; \
-        u1=(int)t&0xfc; \
-        u2&=0xfc; \
-        t>>=16L; \
-        LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
-        LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
-        u3=(int)t>>8L; \
-        u1=(int)t&0xfc; \
-        u3&=0xfc; \
-        LL^= *(const DES_LONG *)(des_SP+0x500+u1); \
-        LL^= *(const DES_LONG *)(des_SP+0x700+u3); }
-#   endif
-#   ifdef DES_RISC2
-#    define D_ENCRYPT(LL,R,S) { \
-        unsigned int u1,u2,s1,s2; \
-        LOAD_DATA(R,S,u,t,E0,E1,u1); \
-        u2=(int)u>>8L; \
-        u1=(int)u&0xfc; \
-        u2&=0xfc; \
-        t=ROTATE(t,4); \
-        LL^= *(const DES_LONG *)(des_SP      +u1); \
-        LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
-        s1=(int)(u>>16L); \
-        s2=(int)(u>>24L); \
-        s1&=0xfc; \
-        s2&=0xfc; \
-        LL^= *(const DES_LONG *)(des_SP+0x400+s1); \
-        LL^= *(const DES_LONG *)(des_SP+0x600+s2); \
-        u2=(int)t>>8L; \
-        u1=(int)t&0xfc; \
-        u2&=0xfc; \
-        LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
-        LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
-        s1=(int)(t>>16L); \
-        s2=(int)(t>>24L); \
-        s1&=0xfc; \
-        s2&=0xfc; \
-        LL^= *(const DES_LONG *)(des_SP+0x500+s1); \
-        LL^= *(const DES_LONG *)(des_SP+0x700+s2); }
-#   endif
-#  else
-#   define D_ENCRYPT(LL,R,S) { \
-        LOAD_DATA_tmp(R,S,u,t,E0,E1); \
-        t=ROTATE(t,4); \
-        LL^= \
-        *(const DES_LONG *)(des_SP      +((u     )&0xfc))^ \
-        *(const DES_LONG *)(des_SP+0x200+((u>> 8L)&0xfc))^ \
-        *(const DES_LONG *)(des_SP+0x400+((u>>16L)&0xfc))^ \
-        *(const DES_LONG *)(des_SP+0x600+((u>>24L)&0xfc))^ \
-        *(const DES_LONG *)(des_SP+0x100+((t     )&0xfc))^ \
-        *(const DES_LONG *)(des_SP+0x300+((t>> 8L)&0xfc))^ \
-        *(const DES_LONG *)(des_SP+0x500+((t>>16L)&0xfc))^ \
-        *(const DES_LONG *)(des_SP+0x700+((t>>24L)&0xfc)); }
-#  endif
-
-# else                          /* original version */
-
-#  if defined(DES_RISC1) || defined(DES_RISC2)
-#   ifdef DES_RISC1
-#    define D_ENCRYPT(LL,R,S) {\
-        unsigned int u1,u2,u3; \
-        LOAD_DATA(R,S,u,t,E0,E1,u1); \
-        u>>=2L; \
-        t=ROTATE(t,6); \
-        u2=(int)u>>8L; \
-        u1=(int)u&0x3f; \
-        u2&=0x3f; \
-        u>>=16L; \
-        LL^=DES_SPtrans[0][u1]; \
-        LL^=DES_SPtrans[2][u2]; \
-        u3=(int)u>>8L; \
-        u1=(int)u&0x3f; \
-        u3&=0x3f; \
-        LL^=DES_SPtrans[4][u1]; \
-        LL^=DES_SPtrans[6][u3]; \
-        u2=(int)t>>8L; \
-        u1=(int)t&0x3f; \
-        u2&=0x3f; \
-        t>>=16L; \
-        LL^=DES_SPtrans[1][u1]; \
-        LL^=DES_SPtrans[3][u2]; \
-        u3=(int)t>>8L; \
-        u1=(int)t&0x3f; \
-        u3&=0x3f; \
-        LL^=DES_SPtrans[5][u1]; \
-        LL^=DES_SPtrans[7][u3]; }
-#   endif
-#   ifdef DES_RISC2
-#    define D_ENCRYPT(LL,R,S) {\
-        unsigned int u1,u2,s1,s2; \
-        LOAD_DATA(R,S,u,t,E0,E1,u1); \
-        u>>=2L; \
-        t=ROTATE(t,6); \
-        u2=(int)u>>8L; \
-        u1=(int)u&0x3f; \
-        u2&=0x3f; \
-        LL^=DES_SPtrans[0][u1]; \
-        LL^=DES_SPtrans[2][u2]; \
-        s1=(int)u>>16L; \
-        s2=(int)u>>24L; \
-        s1&=0x3f; \
-        s2&=0x3f; \
-        LL^=DES_SPtrans[4][s1]; \
-        LL^=DES_SPtrans[6][s2]; \
-        u2=(int)t>>8L; \
-        u1=(int)t&0x3f; \
-        u2&=0x3f; \
-        LL^=DES_SPtrans[1][u1]; \
-        LL^=DES_SPtrans[3][u2]; \
-        s1=(int)t>>16; \
-        s2=(int)t>>24L; \
-        s1&=0x3f; \
-        s2&=0x3f; \
-        LL^=DES_SPtrans[5][s1]; \
-        LL^=DES_SPtrans[7][s2]; }
-#   endif
-
-#  else
-
-#   define D_ENCRYPT(LL,R,S) {\
-        LOAD_DATA_tmp(R,S,u,t,E0,E1); \
-        t=ROTATE(t,4); \
-        LL^=\
-                DES_SPtrans[0][(u>> 2L)&0x3f]^ \
-                DES_SPtrans[2][(u>>10L)&0x3f]^ \
-                DES_SPtrans[4][(u>>18L)&0x3f]^ \
-                DES_SPtrans[6][(u>>26L)&0x3f]^ \
-                DES_SPtrans[1][(t>> 2L)&0x3f]^ \
-                DES_SPtrans[3][(t>>10L)&0x3f]^ \
-                DES_SPtrans[5][(t>>18L)&0x3f]^ \
-                DES_SPtrans[7][(t>>26L)&0x3f]; }
-#  endif
-# endif
-
-        /*-
-         * IP and FP
-         * The problem is more of a geometric problem that random bit fiddling.
-         0  1  2  3  4  5  6  7      62 54 46 38 30 22 14  6
-         8  9 10 11 12 13 14 15      60 52 44 36 28 20 12  4
-        16 17 18 19 20 21 22 23      58 50 42 34 26 18 10  2
-        24 25 26 27 28 29 30 31  to  56 48 40 32 24 16  8  0
-
-        32 33 34 35 36 37 38 39      63 55 47 39 31 23 15  7
-        40 41 42 43 44 45 46 47      61 53 45 37 29 21 13  5
-        48 49 50 51 52 53 54 55      59 51 43 35 27 19 11  3
-        56 57 58 59 60 61 62 63      57 49 41 33 25 17  9  1
-
-        The output has been subject to swaps of the form
-        0 1 -> 3 1 but the odd and even bits have been put into
-        2 3    2 0
-        different words.  The main trick is to remember that
-        t=((l>>size)^r)&(mask);
-        r^=t;
-        l^=(t<<size);
-        can be used to swap and move bits between words.
-
-        So l =  0  1  2  3  r = 16 17 18 19
-                4  5  6  7      20 21 22 23
-                8  9 10 11      24 25 26 27
-               12 13 14 15      28 29 30 31
-        becomes (for size == 2 and mask == 0x3333)
-           t =   2^16  3^17 -- --   l =  0  1 16 17  r =  2  3 18 19
-                 6^20  7^21 -- --        4  5 20 21       6  7 22 23
-                10^24 11^25 -- --        8  9 24 25      10 11 24 25
-                14^28 15^29 -- --       12 13 28 29      14 15 28 29
-
-        Thanks for hints from Richard Outerbridge - he told me IP&FP
-        could be done in 15 xor, 10 shifts and 5 ands.
-        When I finally started to think of the problem in 2D
-        I first got ~42 operations without xors.  When I remembered
-        how to use xors :-) I got it to its final state.
-        */
-# define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
-        (b)^=(t),\
-        (a)^=((t)<<(n)))
-
-# define IP(l,r) \
-        { \
-        register DES_LONG tt; \
-        PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
-        PERM_OP(l,r,tt,16,0x0000ffffL); \
-        PERM_OP(r,l,tt, 2,0x33333333L); \
-        PERM_OP(l,r,tt, 8,0x00ff00ffL); \
-        PERM_OP(r,l,tt, 1,0x55555555L); \
-        }
-
-# define FP(l,r) \
-        { \
-        register DES_LONG tt; \
-        PERM_OP(l,r,tt, 1,0x55555555L); \
-        PERM_OP(r,l,tt, 8,0x00ff00ffL); \
-        PERM_OP(l,r,tt, 2,0x33333333L); \
-        PERM_OP(r,l,tt,16,0x0000ffffL); \
-        PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
-        }
-
-extern const DES_LONG DES_SPtrans[8][64];
-
-void fcrypt_body(DES_LONG *out, DES_key_schedule *ks,
-                 DES_LONG Eswap0, DES_LONG Eswap1);
-
-# ifdef OPENSSL_SMALL_FOOTPRINT
-#  undef DES_UNROLL
-# endif
-#endif
diff --git a/thirdparty/openssl/crypto/des/des_old.c b/thirdparty/openssl/crypto/des/des_old.c
deleted file mode 100644
index c5c5a00f00..0000000000
--- a/thirdparty/openssl/crypto/des/des_old.c
+++ /dev/null
@@ -1,345 +0,0 @@
-/* crypto/des/des_old.c */
-
-/*-
- * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- *
- * The function names in here are deprecated and are only present to
- * provide an interface compatible with libdes.  OpenSSL now provides
- * functions where "des_" has been replaced with "DES_" in the names,
- * to make it possible to make incompatible changes that are needed
- * for C type security and other stuff.
- *
- * Please consider starting to use the DES_ functions rather than the
- * des_ ones.  The des_ functions will dissapear completely before
- * OpenSSL 1.0!
- *
- * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- */
-
-/*
- * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#define OPENSSL_DES_LIBDES_COMPATIBILITY
-#include <openssl/des.h>
-#include <openssl/rand.h>
-
-const char *_ossl_old_des_options(void)
-{
-    return DES_options();
-}
-
-void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,
-                                _ossl_old_des_cblock *output,
-                                des_key_schedule ks1, des_key_schedule ks2,
-                                des_key_schedule ks3, int enc)
-{
-    DES_ecb3_encrypt((const_DES_cblock *)input, output,
-                     (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
-                     (DES_key_schedule *)ks3, enc);
-}
-
-DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,
-                                 _ossl_old_des_cblock *output, long length,
-                                 des_key_schedule schedule,
-                                 _ossl_old_des_cblock *ivec)
-{
-    return DES_cbc_cksum((unsigned char *)input, output, length,
-                         (DES_key_schedule *)schedule, ivec);
-}
-
-void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,
-                               _ossl_old_des_cblock *output, long length,
-                               des_key_schedule schedule,
-                               _ossl_old_des_cblock *ivec, int enc)
-{
-    DES_cbc_encrypt((unsigned char *)input, (unsigned char *)output,
-                    length, (DES_key_schedule *)schedule, ivec, enc);
-}
-
-void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,
-                                _ossl_old_des_cblock *output, long length,
-                                des_key_schedule schedule,
-                                _ossl_old_des_cblock *ivec, int enc)
-{
-    DES_ncbc_encrypt((unsigned char *)input, (unsigned char *)output,
-                     length, (DES_key_schedule *)schedule, ivec, enc);
-}
-
-void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,
-                                _ossl_old_des_cblock *output, long length,
-                                des_key_schedule schedule,
-                                _ossl_old_des_cblock *ivec,
-                                _ossl_old_des_cblock *inw,
-                                _ossl_old_des_cblock *outw, int enc)
-{
-    DES_xcbc_encrypt((unsigned char *)input, (unsigned char *)output,
-                     length, (DES_key_schedule *)schedule, ivec, inw, outw,
-                     enc);
-}
-
-void _ossl_old_des_cfb_encrypt(unsigned char *in, unsigned char *out,
-                               int numbits, long length,
-                               des_key_schedule schedule,
-                               _ossl_old_des_cblock *ivec, int enc)
-{
-    DES_cfb_encrypt(in, out, numbits, length,
-                    (DES_key_schedule *)schedule, ivec, enc);
-}
-
-void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,
-                               _ossl_old_des_cblock *output,
-                               des_key_schedule ks, int enc)
-{
-    DES_ecb_encrypt(input, output, (DES_key_schedule *)ks, enc);
-}
-
-void _ossl_old_des_encrypt(DES_LONG *data, des_key_schedule ks, int enc)
-{
-    DES_encrypt1(data, (DES_key_schedule *)ks, enc);
-}
-
-void _ossl_old_des_encrypt2(DES_LONG *data, des_key_schedule ks, int enc)
-{
-    DES_encrypt2(data, (DES_key_schedule *)ks, enc);
-}
-
-void _ossl_old_des_encrypt3(DES_LONG *data, des_key_schedule ks1,
-                            des_key_schedule ks2, des_key_schedule ks3)
-{
-    DES_encrypt3(data, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
-                 (DES_key_schedule *)ks3);
-}
-
-void _ossl_old_des_decrypt3(DES_LONG *data, des_key_schedule ks1,
-                            des_key_schedule ks2, des_key_schedule ks3)
-{
-    DES_decrypt3(data, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
-                 (DES_key_schedule *)ks3);
-}
-
-void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input,
-                                    _ossl_old_des_cblock *output, long length,
-                                    des_key_schedule ks1,
-                                    des_key_schedule ks2,
-                                    des_key_schedule ks3,
-                                    _ossl_old_des_cblock *ivec, int enc)
-{
-    DES_ede3_cbc_encrypt((unsigned char *)input, (unsigned char *)output,
-                         length, (DES_key_schedule *)ks1,
-                         (DES_key_schedule *)ks2, (DES_key_schedule *)ks3,
-                         ivec, enc);
-}
-
-void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
-                                      long length, des_key_schedule ks1,
-                                      des_key_schedule ks2,
-                                      des_key_schedule ks3,
-                                      _ossl_old_des_cblock *ivec, int *num,
-                                      int enc)
-{
-    DES_ede3_cfb64_encrypt(in, out, length,
-                           (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
-                           (DES_key_schedule *)ks3, ivec, num, enc);
-}
-
-void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
-                                      long length, des_key_schedule ks1,
-                                      des_key_schedule ks2,
-                                      des_key_schedule ks3,
-                                      _ossl_old_des_cblock *ivec, int *num)
-{
-    DES_ede3_ofb64_encrypt(in, out, length,
-                           (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
-                           (DES_key_schedule *)ks3, ivec, num);
-}
-
-#if 0                           /* broken code, preserved just in case anyone
-                                 * specifically looks for this */
-void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key),
-                                 _ossl_old_des_cblock (*in_white),
-                                 _ossl_old_des_cblock (*out_white))
-{
-    DES_xwhite_in2out(des_key, in_white, out_white);
-}
-#endif
-
-int _ossl_old_des_enc_read(int fd, char *buf, int len, des_key_schedule sched,
-                           _ossl_old_des_cblock *iv)
-{
-    return DES_enc_read(fd, buf, len, (DES_key_schedule *)sched, iv);
-}
-
-int _ossl_old_des_enc_write(int fd, char *buf, int len,
-                            des_key_schedule sched, _ossl_old_des_cblock *iv)
-{
-    return DES_enc_write(fd, buf, len, (DES_key_schedule *)sched, iv);
-}
-
-char *_ossl_old_des_fcrypt(const char *buf, const char *salt, char *ret)
-{
-    return DES_fcrypt(buf, salt, ret);
-}
-
-char *_ossl_old_des_crypt(const char *buf, const char *salt)
-{
-    return DES_crypt(buf, salt);
-}
-
-char *_ossl_old_crypt(const char *buf, const char *salt)
-{
-    return DES_crypt(buf, salt);
-}
-
-void _ossl_old_des_ofb_encrypt(unsigned char *in, unsigned char *out,
-                               int numbits, long length,
-                               des_key_schedule schedule,
-                               _ossl_old_des_cblock *ivec)
-{
-    DES_ofb_encrypt(in, out, numbits, length, (DES_key_schedule *)schedule,
-                    ivec);
-}
-
-void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,
-                                _ossl_old_des_cblock *output, long length,
-                                des_key_schedule schedule,
-                                _ossl_old_des_cblock *ivec, int enc)
-{
-    DES_pcbc_encrypt((unsigned char *)input, (unsigned char *)output,
-                     length, (DES_key_schedule *)schedule, ivec, enc);
-}
-
-DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,
-                                  _ossl_old_des_cblock *output, long length,
-                                  int out_count, _ossl_old_des_cblock *seed)
-{
-    return DES_quad_cksum((unsigned char *)input, output, length,
-                          out_count, seed);
-}
-
-void _ossl_old_des_random_seed(_ossl_old_des_cblock key)
-{
-    RAND_seed(key, sizeof(_ossl_old_des_cblock));
-}
-
-void _ossl_old_des_random_key(_ossl_old_des_cblock ret)
-{
-    DES_random_key((DES_cblock *)ret);
-}
-
-int _ossl_old_des_read_password(_ossl_old_des_cblock *key, const char *prompt,
-                                int verify)
-{
-    return DES_read_password(key, prompt, verify);
-}
-
-int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1,
-                                  _ossl_old_des_cblock *key2,
-                                  const char *prompt, int verify)
-{
-    return DES_read_2passwords(key1, key2, prompt, verify);
-}
-
-void _ossl_old_des_set_odd_parity(_ossl_old_des_cblock *key)
-{
-    DES_set_odd_parity(key);
-}
-
-int _ossl_old_des_is_weak_key(_ossl_old_des_cblock *key)
-{
-    return DES_is_weak_key(key);
-}
-
-int _ossl_old_des_set_key(_ossl_old_des_cblock *key,
-                          des_key_schedule schedule)
-{
-    return DES_set_key(key, (DES_key_schedule *)schedule);
-}
-
-int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,
-                            des_key_schedule schedule)
-{
-    return DES_key_sched(key, (DES_key_schedule *)schedule);
-}
-
-void _ossl_old_des_string_to_key(char *str, _ossl_old_des_cblock *key)
-{
-    DES_string_to_key(str, key);
-}
-
-void _ossl_old_des_string_to_2keys(char *str, _ossl_old_des_cblock *key1,
-                                   _ossl_old_des_cblock *key2)
-{
-    DES_string_to_2keys(str, key1, key2);
-}
-
-void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out,
-                                 long length, des_key_schedule schedule,
-                                 _ossl_old_des_cblock *ivec, int *num,
-                                 int enc)
-{
-    DES_cfb64_encrypt(in, out, length, (DES_key_schedule *)schedule,
-                      ivec, num, enc);
-}
-
-void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out,
-                                 long length, des_key_schedule schedule,
-                                 _ossl_old_des_cblock *ivec, int *num)
-{
-    DES_ofb64_encrypt(in, out, length, (DES_key_schedule *)schedule,
-                      ivec, num);
-}
diff --git a/thirdparty/openssl/crypto/des/des_old2.c b/thirdparty/openssl/crypto/des/des_old2.c
deleted file mode 100644
index 247ff8dcf8..0000000000
--- a/thirdparty/openssl/crypto/des/des_old2.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/* crypto/des/des_old.c */
-
-/*
- * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING The
- * function names in here are deprecated and are only present to provide an
- * interface compatible with OpenSSL 0.9.6c.  OpenSSL now provides functions
- * where "des_" has been replaced with "DES_" in the names, to make it
- * possible to make incompatible changes that are needed for C type security
- * and other stuff. Please consider starting to use the DES_ functions
- * rather than the des_ ones.  The des_ functions will dissapear completely
- * before OpenSSL 1.0! WARNING WARNING WARNING WARNING WARNING WARNING
- * WARNING WARNING
- */
-
-/*
- * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#undef OPENSSL_DES_LIBDES_COMPATIBILITY
-#include <openssl/des.h>
-#include <openssl/rand.h>
-
-void _ossl_096_des_random_seed(DES_cblock *key)
-{
-    RAND_seed(key, sizeof(DES_cblock));
-}
diff --git a/thirdparty/openssl/crypto/des/des_opts.c b/thirdparty/openssl/crypto/des/des_opts.c
deleted file mode 100644
index ec50e94f55..0000000000
--- a/thirdparty/openssl/crypto/des/des_opts.c
+++ /dev/null
@@ -1,641 +0,0 @@
-/* crypto/des/des_opts.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * define PART1, PART2, PART3 or PART4 to build only with a few of the
- * options. This is for machines with 64k code segment size restrictions.
- */
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-# define TIMES
-#endif
-
-#include <stdio.h>
-#ifndef OPENSSL_SYS_MSDOS
-# include <openssl/e_os2.h>
-# include OPENSSL_UNISTD
-#else
-# include <io.h>
-extern void exit();
-#endif
-
-#ifndef OPENSSL_SYS_NETWARE
-# include <signal.h>
-#endif
-
-#ifndef _IRIX
-# include <time.h>
-#endif
-#ifdef TIMES
-# include <sys/types.h>
-# include <sys/times.h>
-#endif
-
-/*
- * Depending on the VMS version, the tms structure is perhaps defined. The
- * __TMS macro will show if it was.  If it wasn't defined, we should undefine
- * TIMES, since that tells the rest of the program how things should be
- * handled.  -- Richard Levitte
- */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-# undef TIMES
-#endif
-
-#ifndef TIMES
-# include <sys/timeb.h>
-#endif
-
-#if defined(sun) || defined(__ultrix)
-# define _POSIX_SOURCE
-# include <limits.h>
-# include <sys/param.h>
-#endif
-
-#include <openssl/des.h>
-#include "spr.h"
-
-#define DES_DEFAULT_OPTIONS
-
-#if !defined(PART1) && !defined(PART2) && !defined(PART3) && !defined(PART4)
-# define PART1
-# define PART2
-# define PART3
-# define PART4
-#endif
-
-#ifdef PART1
-
-# undef DES_UNROLL
-# undef DES_RISC1
-# undef DES_RISC2
-# undef DES_PTR
-# undef D_ENCRYPT
-# define DES_encrypt1 des_encrypt_u4_cisc_idx
-# define DES_encrypt2 des_encrypt2_u4_cisc_idx
-# define DES_encrypt3 des_encrypt3_u4_cisc_idx
-# define DES_decrypt3 des_decrypt3_u4_cisc_idx
-# undef HEADER_DES_LOCL_H
-# include "des_enc.c"
-
-# define DES_UNROLL
-# undef DES_RISC1
-# undef DES_RISC2
-# undef DES_PTR
-# undef D_ENCRYPT
-# undef DES_encrypt1
-# undef DES_encrypt2
-# undef DES_encrypt3
-# undef DES_decrypt3
-# define DES_encrypt1 des_encrypt_u16_cisc_idx
-# define DES_encrypt2 des_encrypt2_u16_cisc_idx
-# define DES_encrypt3 des_encrypt3_u16_cisc_idx
-# define DES_decrypt3 des_decrypt3_u16_cisc_idx
-# undef HEADER_DES_LOCL_H
-# include "des_enc.c"
-
-# undef DES_UNROLL
-# define DES_RISC1
-# undef DES_RISC2
-# undef DES_PTR
-# undef D_ENCRYPT
-# undef DES_encrypt1
-# undef DES_encrypt2
-# undef DES_encrypt3
-# undef DES_decrypt3
-# define DES_encrypt1 des_encrypt_u4_risc1_idx
-# define DES_encrypt2 des_encrypt2_u4_risc1_idx
-# define DES_encrypt3 des_encrypt3_u4_risc1_idx
-# define DES_decrypt3 des_decrypt3_u4_risc1_idx
-# undef HEADER_DES_LOCL_H
-# include "des_enc.c"
-
-#endif
-
-#ifdef PART2
-
-# undef DES_UNROLL
-# undef DES_RISC1
-# define DES_RISC2
-# undef DES_PTR
-# undef D_ENCRYPT
-# undef DES_encrypt1
-# undef DES_encrypt2
-# undef DES_encrypt3
-# undef DES_decrypt3
-# define DES_encrypt1 des_encrypt_u4_risc2_idx
-# define DES_encrypt2 des_encrypt2_u4_risc2_idx
-# define DES_encrypt3 des_encrypt3_u4_risc2_idx
-# define DES_decrypt3 des_decrypt3_u4_risc2_idx
-# undef HEADER_DES_LOCL_H
-# include "des_enc.c"
-
-# define DES_UNROLL
-# define DES_RISC1
-# undef DES_RISC2
-# undef DES_PTR
-# undef D_ENCRYPT
-# undef DES_encrypt1
-# undef DES_encrypt2
-# undef DES_encrypt3
-# undef DES_decrypt3
-# define DES_encrypt1 des_encrypt_u16_risc1_idx
-# define DES_encrypt2 des_encrypt2_u16_risc1_idx
-# define DES_encrypt3 des_encrypt3_u16_risc1_idx
-# define DES_decrypt3 des_decrypt3_u16_risc1_idx
-# undef HEADER_DES_LOCL_H
-# include "des_enc.c"
-
-# define DES_UNROLL
-# undef DES_RISC1
-# define DES_RISC2
-# undef DES_PTR
-# undef D_ENCRYPT
-# undef DES_encrypt1
-# undef DES_encrypt2
-# undef DES_encrypt3
-# undef DES_decrypt3
-# define DES_encrypt1 des_encrypt_u16_risc2_idx
-# define DES_encrypt2 des_encrypt2_u16_risc2_idx
-# define DES_encrypt3 des_encrypt3_u16_risc2_idx
-# define DES_decrypt3 des_decrypt3_u16_risc2_idx
-# undef HEADER_DES_LOCL_H
-# include "des_enc.c"
-
-#endif
-
-#ifdef PART3
-
-# undef DES_UNROLL
-# undef DES_RISC1
-# undef DES_RISC2
-# define DES_PTR
-# undef D_ENCRYPT
-# undef DES_encrypt1
-# undef DES_encrypt2
-# undef DES_encrypt3
-# undef DES_decrypt3
-# define DES_encrypt1 des_encrypt_u4_cisc_ptr
-# define DES_encrypt2 des_encrypt2_u4_cisc_ptr
-# define DES_encrypt3 des_encrypt3_u4_cisc_ptr
-# define DES_decrypt3 des_decrypt3_u4_cisc_ptr
-# undef HEADER_DES_LOCL_H
-# include "des_enc.c"
-
-# define DES_UNROLL
-# undef DES_RISC1
-# undef DES_RISC2
-# define DES_PTR
-# undef D_ENCRYPT
-# undef DES_encrypt1
-# undef DES_encrypt2
-# undef DES_encrypt3
-# undef DES_decrypt3
-# define DES_encrypt1 des_encrypt_u16_cisc_ptr
-# define DES_encrypt2 des_encrypt2_u16_cisc_ptr
-# define DES_encrypt3 des_encrypt3_u16_cisc_ptr
-# define DES_decrypt3 des_decrypt3_u16_cisc_ptr
-# undef HEADER_DES_LOCL_H
-# include "des_enc.c"
-
-# undef DES_UNROLL
-# define DES_RISC1
-# undef DES_RISC2
-# define DES_PTR
-# undef D_ENCRYPT
-# undef DES_encrypt1
-# undef DES_encrypt2
-# undef DES_encrypt3
-# undef DES_decrypt3
-# define DES_encrypt1 des_encrypt_u4_risc1_ptr
-# define DES_encrypt2 des_encrypt2_u4_risc1_ptr
-# define DES_encrypt3 des_encrypt3_u4_risc1_ptr
-# define DES_decrypt3 des_decrypt3_u4_risc1_ptr
-# undef HEADER_DES_LOCL_H
-# include "des_enc.c"
-
-#endif
-
-#ifdef PART4
-
-# undef DES_UNROLL
-# undef DES_RISC1
-# define DES_RISC2
-# define DES_PTR
-# undef D_ENCRYPT
-# undef DES_encrypt1
-# undef DES_encrypt2
-# undef DES_encrypt3
-# undef DES_decrypt3
-# define DES_encrypt1 des_encrypt_u4_risc2_ptr
-# define DES_encrypt2 des_encrypt2_u4_risc2_ptr
-# define DES_encrypt3 des_encrypt3_u4_risc2_ptr
-# define DES_decrypt3 des_decrypt3_u4_risc2_ptr
-# undef HEADER_DES_LOCL_H
-# include "des_enc.c"
-
-# define DES_UNROLL
-# define DES_RISC1
-# undef DES_RISC2
-# define DES_PTR
-# undef D_ENCRYPT
-# undef DES_encrypt1
-# undef DES_encrypt2
-# undef DES_encrypt3
-# undef DES_decrypt3
-# define DES_encrypt1 des_encrypt_u16_risc1_ptr
-# define DES_encrypt2 des_encrypt2_u16_risc1_ptr
-# define DES_encrypt3 des_encrypt3_u16_risc1_ptr
-# define DES_decrypt3 des_decrypt3_u16_risc1_ptr
-# undef HEADER_DES_LOCL_H
-# include "des_enc.c"
-
-# define DES_UNROLL
-# undef DES_RISC1
-# define DES_RISC2
-# define DES_PTR
-# undef D_ENCRYPT
-# undef DES_encrypt1
-# undef DES_encrypt2
-# undef DES_encrypt3
-# undef DES_decrypt3
-# define DES_encrypt1 des_encrypt_u16_risc2_ptr
-# define DES_encrypt2 des_encrypt2_u16_risc2_ptr
-# define DES_encrypt3 des_encrypt3_u16_risc2_ptr
-# define DES_decrypt3 des_decrypt3_u16_risc2_ptr
-# undef HEADER_DES_LOCL_H
-# include "des_enc.c"
-
-#endif
-
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-# ifndef CLK_TCK
-#  ifndef _BSD_CLK_TCK_         /* FreeBSD fix */
-#   define HZ   100.0
-#  else                         /* _BSD_CLK_TCK_ */
-#   define HZ ((double)_BSD_CLK_TCK_)
-#  endif
-# else                          /* CLK_TCK */
-#  define HZ ((double)CLK_TCK)
-# endif
-#endif
-
-#define BUFSIZE ((long)1024)
-long run = 0;
-
-double Time_F(int s);
-#ifdef SIGALRM
-# if defined(__STDC__) || defined(sgi)
-#  define SIGRETTYPE void
-# else
-#  define SIGRETTYPE int
-# endif
-
-SIGRETTYPE sig_done(int sig);
-SIGRETTYPE sig_done(int sig)
-{
-    signal(SIGALRM, sig_done);
-    run = 0;
-# ifdef LINT
-    sig = sig;
-# endif
-}
-#endif
-
-#define START   0
-#define STOP    1
-
-double Time_F(int s)
-{
-    double ret;
-#ifdef TIMES
-    static struct tms tstart, tend;
-
-    if (s == START) {
-        times(&tstart);
-        return (0);
-    } else {
-        times(&tend);
-        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
-        return ((ret == 0.0) ? 1e-6 : ret);
-    }
-#else                           /* !times() */
-    static struct timeb tstart, tend;
-    long i;
-
-    if (s == START) {
-        ftime(&tstart);
-        return (0);
-    } else {
-        ftime(&tend);
-        i = (long)tend.millitm - (long)tstart.millitm;
-        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1000.0;
-        return ((ret == 0.0) ? 1e-6 : ret);
-    }
-#endif
-}
-
-#ifdef SIGALRM
-# define print_name(name) fprintf(stderr,"Doing %s's for 10 seconds\n",name); alarm(10);
-#else
-# define print_name(name) fprintf(stderr,"Doing %s %ld times\n",name,cb);
-#endif
-
-#define time_it(func,name,index) \
-        print_name(name); \
-        Time_F(START); \
-        for (count=0,run=1; COND(cb); count++) \
-                { \
-                unsigned long d[2]; \
-                func(d,&sch,DES_ENCRYPT); \
-                } \
-        tm[index]=Time_F(STOP); \
-        fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \
-        tm[index]=((double)COUNT(cb))/tm[index];
-
-#define print_it(name,index) \
-        fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \
-                tm[index]*8,1.0e6/tm[index]);
-
-int main(int argc, char **argv)
-{
-    long count;
-    static unsigned char buf[BUFSIZE];
-    static DES_cblock key =
-        { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0 };
-    static DES_cblock key2 =
-        { 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12 };
-    static DES_cblock key3 =
-        { 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34 };
-    DES_key_schedule sch, sch2, sch3;
-    double d, tm[16], max = 0;
-    int rank[16];
-    char *str[16];
-    int max_idx = 0, i, num = 0, j;
-#ifndef SIGALARM
-    long ca, cb, cc, cd, ce;
-#endif
-
-    for (i = 0; i < 12; i++) {
-        tm[i] = 0.0;
-        rank[i] = 0;
-    }
-
-#ifndef TIMES
-    fprintf(stderr, "To get the most accurate results, try to run this\n");
-    fprintf(stderr, "program when this computer is idle.\n");
-#endif
-
-    DES_set_key_unchecked(&key, &sch);
-    DES_set_key_unchecked(&key2, &sch2);
-    DES_set_key_unchecked(&key3, &sch3);
-
-#ifndef SIGALRM
-    fprintf(stderr, "First we calculate the approximate speed ...\n");
-    DES_set_key_unchecked(&key, sch);
-    count = 10;
-    do {
-        long i;
-        unsigned long data[2];
-
-        count *= 2;
-        Time_F(START);
-        for (i = count; i; i--)
-            DES_encrypt1(data, &(sch[0]), DES_ENCRYPT);
-        d = Time_F(STOP);
-    } while (d < 3.0);
-    ca = count;
-    cb = count * 3;
-    cc = count * 3 * 8 / BUFSIZE + 1;
-    cd = count * 8 / BUFSIZE + 1;
-
-    ce = count / 20 + 1;
-# define COND(d) (count != (d))
-# define COUNT(d) (d)
-#else
-# define COND(c) (run)
-# define COUNT(d) (count)
-    signal(SIGALRM, sig_done);
-    alarm(10);
-#endif
-
-#ifdef PART1
-    time_it(des_encrypt_u4_cisc_idx, "des_encrypt_u4_cisc_idx  ", 0);
-    time_it(des_encrypt_u16_cisc_idx, "des_encrypt_u16_cisc_idx ", 1);
-    time_it(des_encrypt_u4_risc1_idx, "des_encrypt_u4_risc1_idx ", 2);
-    num += 3;
-#endif
-#ifdef PART2
-    time_it(des_encrypt_u16_risc1_idx, "des_encrypt_u16_risc1_idx", 3);
-    time_it(des_encrypt_u4_risc2_idx, "des_encrypt_u4_risc2_idx ", 4);
-    time_it(des_encrypt_u16_risc2_idx, "des_encrypt_u16_risc2_idx", 5);
-    num += 3;
-#endif
-#ifdef PART3
-    time_it(des_encrypt_u4_cisc_ptr, "des_encrypt_u4_cisc_ptr  ", 6);
-    time_it(des_encrypt_u16_cisc_ptr, "des_encrypt_u16_cisc_ptr ", 7);
-    time_it(des_encrypt_u4_risc1_ptr, "des_encrypt_u4_risc1_ptr ", 8);
-    num += 3;
-#endif
-#ifdef PART4
-    time_it(des_encrypt_u16_risc1_ptr, "des_encrypt_u16_risc1_ptr", 9);
-    time_it(des_encrypt_u4_risc2_ptr, "des_encrypt_u4_risc2_ptr ", 10);
-    time_it(des_encrypt_u16_risc2_ptr, "des_encrypt_u16_risc2_ptr", 11);
-    num += 3;
-#endif
-
-#ifdef PART1
-    str[0] = " 4  c i";
-    print_it("des_encrypt_u4_cisc_idx  ", 0);
-    max = tm[0];
-    max_idx = 0;
-    str[1] = "16  c i";
-    print_it("des_encrypt_u16_cisc_idx ", 1);
-    if (max < tm[1]) {
-        max = tm[1];
-        max_idx = 1;
-    }
-    str[2] = " 4 r1 i";
-    print_it("des_encrypt_u4_risc1_idx ", 2);
-    if (max < tm[2]) {
-        max = tm[2];
-        max_idx = 2;
-    }
-#endif
-#ifdef PART2
-    str[3] = "16 r1 i";
-    print_it("des_encrypt_u16_risc1_idx", 3);
-    if (max < tm[3]) {
-        max = tm[3];
-        max_idx = 3;
-    }
-    str[4] = " 4 r2 i";
-    print_it("des_encrypt_u4_risc2_idx ", 4);
-    if (max < tm[4]) {
-        max = tm[4];
-        max_idx = 4;
-    }
-    str[5] = "16 r2 i";
-    print_it("des_encrypt_u16_risc2_idx", 5);
-    if (max < tm[5]) {
-        max = tm[5];
-        max_idx = 5;
-    }
-#endif
-#ifdef PART3
-    str[6] = " 4  c p";
-    print_it("des_encrypt_u4_cisc_ptr  ", 6);
-    if (max < tm[6]) {
-        max = tm[6];
-        max_idx = 6;
-    }
-    str[7] = "16  c p";
-    print_it("des_encrypt_u16_cisc_ptr ", 7);
-    if (max < tm[7]) {
-        max = tm[7];
-        max_idx = 7;
-    }
-    str[8] = " 4 r1 p";
-    print_it("des_encrypt_u4_risc1_ptr ", 8);
-    if (max < tm[8]) {
-        max = tm[8];
-        max_idx = 8;
-    }
-#endif
-#ifdef PART4
-    str[9] = "16 r1 p";
-    print_it("des_encrypt_u16_risc1_ptr", 9);
-    if (max < tm[9]) {
-        max = tm[9];
-        max_idx = 9;
-    }
-    str[10] = " 4 r2 p";
-    print_it("des_encrypt_u4_risc2_ptr ", 10);
-    if (max < tm[10]) {
-        max = tm[10];
-        max_idx = 10;
-    }
-    str[11] = "16 r2 p";
-    print_it("des_encrypt_u16_risc2_ptr", 11);
-    if (max < tm[11]) {
-        max = tm[11];
-        max_idx = 11;
-    }
-#endif
-    printf("options    des ecb/s\n");
-    printf("%s %12.2f 100.0%%\n", str[max_idx], tm[max_idx]);
-    d = tm[max_idx];
-    tm[max_idx] = -2.0;
-    max = -1.0;
-    for (;;) {
-        for (i = 0; i < 12; i++) {
-            if (max < tm[i]) {
-                max = tm[i];
-                j = i;
-            }
-        }
-        if (max < 0.0)
-            break;
-        printf("%s %12.2f  %4.1f%%\n", str[j], tm[j], tm[j] / d * 100.0);
-        tm[j] = -2.0;
-        max = -1.0;
-    }
-
-    switch (max_idx) {
-    case 0:
-        printf("-DDES_DEFAULT_OPTIONS\n");
-        break;
-    case 1:
-        printf("-DDES_UNROLL\n");
-        break;
-    case 2:
-        printf("-DDES_RISC1\n");
-        break;
-    case 3:
-        printf("-DDES_UNROLL -DDES_RISC1\n");
-        break;
-    case 4:
-        printf("-DDES_RISC2\n");
-        break;
-    case 5:
-        printf("-DDES_UNROLL -DDES_RISC2\n");
-        break;
-    case 6:
-        printf("-DDES_PTR\n");
-        break;
-    case 7:
-        printf("-DDES_UNROLL -DDES_PTR\n");
-        break;
-    case 8:
-        printf("-DDES_RISC1 -DDES_PTR\n");
-        break;
-    case 9:
-        printf("-DDES_UNROLL -DDES_RISC1 -DDES_PTR\n");
-        break;
-    case 10:
-        printf("-DDES_RISC2 -DDES_PTR\n");
-        break;
-    case 11:
-        printf("-DDES_UNROLL -DDES_RISC2 -DDES_PTR\n");
-        break;
-    }
-    exit(0);
-#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
-    return (0);
-#endif
-}
diff --git a/thirdparty/openssl/crypto/des/des_ver.h b/thirdparty/openssl/crypto/des/des_ver.h
deleted file mode 100644
index 276de2b616..0000000000
--- a/thirdparty/openssl/crypto/des/des_ver.h
+++ /dev/null
@@ -1,73 +0,0 @@
-/* crypto/des/des_ver.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/e_os2.h>
-
-#ifdef OPENSSL_BUILD_SHLIBCRYPTO
-# undef OPENSSL_EXTERN
-# define OPENSSL_EXTERN OPENSSL_EXPORT
-#endif
-
-/* The following macros make sure the names are different from libdes names */
-#define DES_version OSSL_DES_version
-#define libdes_version OSSL_libdes_version
-
-/* SSLeay version string */
-OPENSSL_EXTERN const char OSSL_DES_version[];
-/* old libdes version string */
-OPENSSL_EXTERN const char OSSL_libdes_version[];
diff --git a/thirdparty/openssl/crypto/des/dess.cpp b/thirdparty/openssl/crypto/des/dess.cpp
deleted file mode 100644
index 5549bab90a..0000000000
--- a/thirdparty/openssl/crypto/des/dess.cpp
+++ /dev/null
@@ -1,67 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/des.h>
-
-void main(int argc,char *argv[])
-	{
-	des_key_schedule key;
-	unsigned long s1,s2,e1,e2;
-	unsigned long data[2];
-	int i,j;
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<1000; i++) /**/
-			{
-			des_encrypt1(&data[0],key,1);
-			GetTSC(s1);
-			des_encrypt1(&data[0],key,1);
-			des_encrypt1(&data[0],key,1);
-			des_encrypt1(&data[0],key,1);
-			GetTSC(e1);
-			GetTSC(s2);
-			des_encrypt1(&data[0],key,1);
-			des_encrypt1(&data[0],key,1);
-			des_encrypt1(&data[0],key,1);
-			des_encrypt1(&data[0],key,1);
-			GetTSC(e2);
-			des_encrypt1(&data[0],key,1);
-			}
-
-		printf("des %d %d (%d)\n",
-			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
-		}
-	}
-
diff --git a/thirdparty/openssl/crypto/des/ecb3_enc.c b/thirdparty/openssl/crypto/des/ecb3_enc.c
deleted file mode 100644
index c49fbd41e6..0000000000
--- a/thirdparty/openssl/crypto/des/ecb3_enc.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/* crypto/des/ecb3_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
-                      DES_key_schedule *ks1, DES_key_schedule *ks2,
-                      DES_key_schedule *ks3, int enc)
-{
-    register DES_LONG l0, l1;
-    DES_LONG ll[2];
-    const unsigned char *in = &(*input)[0];
-    unsigned char *out = &(*output)[0];
-
-    c2l(in, l0);
-    c2l(in, l1);
-    ll[0] = l0;
-    ll[1] = l1;
-    if (enc)
-        DES_encrypt3(ll, ks1, ks2, ks3);
-    else
-        DES_decrypt3(ll, ks1, ks2, ks3);
-    l0 = ll[0];
-    l1 = ll[1];
-    l2c(l0, out);
-    l2c(l1, out);
-}
diff --git a/thirdparty/openssl/crypto/des/ecb_enc.c b/thirdparty/openssl/crypto/des/ecb_enc.c
deleted file mode 100644
index f97fd971dc..0000000000
--- a/thirdparty/openssl/crypto/des/ecb_enc.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/* crypto/des/ecb_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-#include "des_ver.h"
-#include <openssl/opensslv.h>
-#include <openssl/bio.h>
-
-OPENSSL_GLOBAL const char libdes_version[] = "libdes" OPENSSL_VERSION_PTEXT;
-OPENSSL_GLOBAL const char DES_version[] = "DES" OPENSSL_VERSION_PTEXT;
-
-const char *DES_options(void)
-{
-    static int init = 1;
-    static char buf[32];
-
-    if (init) {
-        const char *ptr, *unroll, *risc, *size;
-
-#ifdef DES_PTR
-        ptr = "ptr";
-#else
-        ptr = "idx";
-#endif
-#if defined(DES_RISC1) || defined(DES_RISC2)
-# ifdef DES_RISC1
-        risc = "risc1";
-# endif
-# ifdef DES_RISC2
-        risc = "risc2";
-# endif
-#else
-        risc = "cisc";
-#endif
-#ifdef DES_UNROLL
-        unroll = "16";
-#else
-        unroll = "2";
-#endif
-        if (sizeof(DES_LONG) != sizeof(long))
-            size = "int";
-        else
-            size = "long";
-        BIO_snprintf(buf, sizeof buf, "des(%s,%s,%s,%s)", ptr, risc, unroll,
-                     size);
-        init = 0;
-    }
-    return (buf);
-}
-
-void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
-                     DES_key_schedule *ks, int enc)
-{
-    register DES_LONG l;
-    DES_LONG ll[2];
-    const unsigned char *in = &(*input)[0];
-    unsigned char *out = &(*output)[0];
-
-    c2l(in, l);
-    ll[0] = l;
-    c2l(in, l);
-    ll[1] = l;
-    DES_encrypt1(ll, ks, enc);
-    l = ll[0];
-    l2c(l, out);
-    l = ll[1];
-    l2c(l, out);
-    l = ll[0] = ll[1] = 0;
-}
diff --git a/thirdparty/openssl/crypto/des/ede_cbcm_enc.c b/thirdparty/openssl/crypto/des/ede_cbcm_enc.c
deleted file mode 100644
index 86f27d077a..0000000000
--- a/thirdparty/openssl/crypto/des/ede_cbcm_enc.c
+++ /dev/null
@@ -1,189 +0,0 @@
-/* ede_cbcm_enc.c */
-/*
- * Written by Ben Laurie <ben@algroup.co.uk> for the OpenSSL project 13 Feb
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- *
- * This is an implementation of Triple DES Cipher Block Chaining with Output
- * Feedback Masking, by Coppersmith, Johnson and Matyas, (IBM and Certicom).
- *
- * Note that there is a known attack on this by Biham and Knudsen but it
- * takes a lot of work:
- *
- * http://www.cs.technion.ac.il/users/wwwb/cgi-bin/tr-get.cgi/1998/CS/CS0928.ps.gz
- *
- */
-
-#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_DESCBCM is defined */
-
-#ifndef OPENSSL_NO_DESCBCM
-# include "des_locl.h"
-
-void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
-                           long length, DES_key_schedule *ks1,
-                           DES_key_schedule *ks2, DES_key_schedule *ks3,
-                           DES_cblock *ivec1, DES_cblock *ivec2, int enc)
-{
-    register DES_LONG tin0, tin1;
-    register DES_LONG tout0, tout1, xor0, xor1, m0, m1;
-    register long l = length;
-    DES_LONG tin[2];
-    unsigned char *iv1, *iv2;
-
-    iv1 = &(*ivec1)[0];
-    iv2 = &(*ivec2)[0];
-
-    if (enc) {
-        c2l(iv1, m0);
-        c2l(iv1, m1);
-        c2l(iv2, tout0);
-        c2l(iv2, tout1);
-        for (l -= 8; l >= -7; l -= 8) {
-            tin[0] = m0;
-            tin[1] = m1;
-            DES_encrypt1(tin, ks3, 1);
-            m0 = tin[0];
-            m1 = tin[1];
-
-            if (l < 0) {
-                c2ln(in, tin0, tin1, l + 8);
-            } else {
-                c2l(in, tin0);
-                c2l(in, tin1);
-            }
-            tin0 ^= tout0;
-            tin1 ^= tout1;
-
-            tin[0] = tin0;
-            tin[1] = tin1;
-            DES_encrypt1(tin, ks1, 1);
-            tin[0] ^= m0;
-            tin[1] ^= m1;
-            DES_encrypt1(tin, ks2, 0);
-            tin[0] ^= m0;
-            tin[1] ^= m1;
-            DES_encrypt1(tin, ks1, 1);
-            tout0 = tin[0];
-            tout1 = tin[1];
-
-            l2c(tout0, out);
-            l2c(tout1, out);
-        }
-        iv1 = &(*ivec1)[0];
-        l2c(m0, iv1);
-        l2c(m1, iv1);
-
-        iv2 = &(*ivec2)[0];
-        l2c(tout0, iv2);
-        l2c(tout1, iv2);
-    } else {
-        register DES_LONG t0, t1;
-
-        c2l(iv1, m0);
-        c2l(iv1, m1);
-        c2l(iv2, xor0);
-        c2l(iv2, xor1);
-        for (l -= 8; l >= -7; l -= 8) {
-            tin[0] = m0;
-            tin[1] = m1;
-            DES_encrypt1(tin, ks3, 1);
-            m0 = tin[0];
-            m1 = tin[1];
-
-            c2l(in, tin0);
-            c2l(in, tin1);
-
-            t0 = tin0;
-            t1 = tin1;
-
-            tin[0] = tin0;
-            tin[1] = tin1;
-            DES_encrypt1(tin, ks1, 0);
-            tin[0] ^= m0;
-            tin[1] ^= m1;
-            DES_encrypt1(tin, ks2, 1);
-            tin[0] ^= m0;
-            tin[1] ^= m1;
-            DES_encrypt1(tin, ks1, 0);
-            tout0 = tin[0];
-            tout1 = tin[1];
-
-            tout0 ^= xor0;
-            tout1 ^= xor1;
-            if (l < 0) {
-                l2cn(tout0, tout1, out, l + 8);
-            } else {
-                l2c(tout0, out);
-                l2c(tout1, out);
-            }
-            xor0 = t0;
-            xor1 = t1;
-        }
-
-        iv1 = &(*ivec1)[0];
-        l2c(m0, iv1);
-        l2c(m1, iv1);
-
-        iv2 = &(*ivec2)[0];
-        l2c(xor0, iv2);
-        l2c(xor1, iv2);
-    }
-    tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
-    tin[0] = tin[1] = 0;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/des/enc_read.c b/thirdparty/openssl/crypto/des/enc_read.c
deleted file mode 100644
index fcb66541bd..0000000000
--- a/thirdparty/openssl/crypto/des/enc_read.c
+++ /dev/null
@@ -1,235 +0,0 @@
-/* crypto/des/enc_read.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include "des_locl.h"
-
-/* This has some uglies in it but it works - even over sockets. */
-/*
- * extern int errno;
- */
-OPENSSL_IMPLEMENT_GLOBAL(int, DES_rw_mode, DES_PCBC_MODE)
-
-/*-
- * WARNINGS:
- *
- *  -  The data format used by DES_enc_write() and DES_enc_read()
- *     has a cryptographic weakness: When asked to write more
- *     than MAXWRITE bytes, DES_enc_write will split the data
- *     into several chunks that are all encrypted
- *     using the same IV.  So don't use these functions unless you
- *     are sure you know what you do (in which case you might
- *     not want to use them anyway).
- *
- *  -  This code cannot handle non-blocking sockets.
- *
- *  -  This function uses an internal state and thus cannot be
- *     used on multiple files.
- */
-int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
-                 DES_cblock *iv)
-{
-#if defined(OPENSSL_NO_POSIX_IO)
-    return (0);
-#else
-    /* data to be unencrypted */
-    int net_num = 0;
-    static unsigned char *net = NULL;
-    /*
-     * extra unencrypted data for when a block of 100 comes in but is
-     * des_read one byte at a time.
-     */
-    static unsigned char *unnet = NULL;
-    static int unnet_start = 0;
-    static int unnet_left = 0;
-    static unsigned char *tmpbuf = NULL;
-    int i;
-    long num = 0, rnum;
-    unsigned char *p;
-
-    if (tmpbuf == NULL) {
-        tmpbuf = OPENSSL_malloc(BSIZE);
-        if (tmpbuf == NULL)
-            return (-1);
-    }
-    if (net == NULL) {
-        net = OPENSSL_malloc(BSIZE);
-        if (net == NULL)
-            return (-1);
-    }
-    if (unnet == NULL) {
-        unnet = OPENSSL_malloc(BSIZE);
-        if (unnet == NULL)
-            return (-1);
-    }
-    /* left over data from last decrypt */
-    if (unnet_left != 0) {
-        if (unnet_left < len) {
-            /*
-             * we still still need more data but will return with the number
-             * of bytes we have - should always check the return value
-             */
-            memcpy(buf, &(unnet[unnet_start]), unnet_left);
-            /*
-             * eay 26/08/92 I had the next 2 lines reversed :-(
-             */
-            i = unnet_left;
-            unnet_start = unnet_left = 0;
-        } else {
-            memcpy(buf, &(unnet[unnet_start]), len);
-            unnet_start += len;
-            unnet_left -= len;
-            i = len;
-        }
-        return (i);
-    }
-
-    /* We need to get more data. */
-    if (len > MAXWRITE)
-        len = MAXWRITE;
-
-    /* first - get the length */
-    while (net_num < HDRSIZE) {
-# ifndef OPENSSL_SYS_WIN32
-        i = read(fd, (void *)&(net[net_num]), HDRSIZE - net_num);
-# else
-        i = _read(fd, (void *)&(net[net_num]), HDRSIZE - net_num);
-# endif
-# ifdef EINTR
-        if ((i == -1) && (errno == EINTR))
-            continue;
-# endif
-        if (i <= 0)
-            return (0);
-        net_num += i;
-    }
-
-    /* we now have at net_num bytes in net */
-    p = net;
-    /* num=0;  */
-    n2l(p, num);
-    /*
-     * num should be rounded up to the next group of eight we make sure that
-     * we have read a multiple of 8 bytes from the net.
-     */
-    if ((num > MAXWRITE) || (num < 0)) /* error */
-        return (-1);
-    rnum = (num < 8) ? 8 : ((num + 7) / 8 * 8);
-
-    net_num = 0;
-    while (net_num < rnum) {
-# ifndef OPENSSL_SYS_WIN32
-        i = read(fd, (void *)&(net[net_num]), rnum - net_num);
-# else
-        i = _read(fd, (void *)&(net[net_num]), rnum - net_num);
-# endif
-# ifdef EINTR
-        if ((i == -1) && (errno == EINTR))
-            continue;
-# endif
-        if (i <= 0)
-            return (0);
-        net_num += i;
-    }
-
-    /* Check if there will be data left over. */
-    if (len < num) {
-        if (DES_rw_mode & DES_PCBC_MODE)
-            DES_pcbc_encrypt(net, unnet, num, sched, iv, DES_DECRYPT);
-        else
-            DES_cbc_encrypt(net, unnet, num, sched, iv, DES_DECRYPT);
-        memcpy(buf, unnet, len);
-        unnet_start = len;
-        unnet_left = num - len;
-
-        /*
-         * The following line is done because we return num as the number of
-         * bytes read.
-         */
-        num = len;
-    } else {
-        /*-
-         * >output is a multiple of 8 byes, if len < rnum
-         * >we must be careful.  The user must be aware that this
-         * >routine will write more bytes than he asked for.
-         * >The length of the buffer must be correct.
-         * FIXED - Should be ok now 18-9-90 - eay */
-        if (len < rnum) {
-
-            if (DES_rw_mode & DES_PCBC_MODE)
-                DES_pcbc_encrypt(net, tmpbuf, num, sched, iv, DES_DECRYPT);
-            else
-                DES_cbc_encrypt(net, tmpbuf, num, sched, iv, DES_DECRYPT);
-
-            /*
-             * eay 26/08/92 fix a bug that returned more bytes than you asked
-             * for (returned len bytes :-(
-             */
-            memcpy(buf, tmpbuf, num);
-        } else {
-            if (DES_rw_mode & DES_PCBC_MODE)
-                DES_pcbc_encrypt(net, buf, num, sched, iv, DES_DECRYPT);
-            else
-                DES_cbc_encrypt(net, buf, num, sched, iv, DES_DECRYPT);
-        }
-    }
-    return num;
-#endif                          /* OPENSSL_NO_POSIX_IO */
-}
diff --git a/thirdparty/openssl/crypto/des/enc_writ.c b/thirdparty/openssl/crypto/des/enc_writ.c
deleted file mode 100644
index c2aaa8e98c..0000000000
--- a/thirdparty/openssl/crypto/des/enc_writ.c
+++ /dev/null
@@ -1,182 +0,0 @@
-/* crypto/des/enc_writ.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <time.h>
-#include <stdio.h>
-#include "cryptlib.h"
-#include "des_locl.h"
-#include <openssl/rand.h>
-
-/*-
- * WARNINGS:
- *
- *  -  The data format used by DES_enc_write() and DES_enc_read()
- *     has a cryptographic weakness: When asked to write more
- *     than MAXWRITE bytes, DES_enc_write will split the data
- *     into several chunks that are all encrypted
- *     using the same IV.  So don't use these functions unless you
- *     are sure you know what you do (in which case you might
- *     not want to use them anyway).
- *
- *  -  This code cannot handle non-blocking sockets.
- */
-
-int DES_enc_write(int fd, const void *_buf, int len,
-                  DES_key_schedule *sched, DES_cblock *iv)
-{
-#if defined(OPENSSL_NO_POSIX_IO)
-    return (-1);
-#else
-# ifdef _LIBC
-    extern unsigned long time();
-    extern int write();
-# endif
-    const unsigned char *buf = _buf;
-    long rnum;
-    int i, j, k, outnum;
-    static unsigned char *outbuf = NULL;
-    unsigned char shortbuf[8];
-    unsigned char *p;
-    const unsigned char *cp;
-    static int start = 1;
-
-    if (len < 0)
-        return -1;
-
-    if (outbuf == NULL) {
-        outbuf = OPENSSL_malloc(BSIZE + HDRSIZE);
-        if (outbuf == NULL)
-            return (-1);
-    }
-    /*
-     * If we are sending less than 8 bytes, the same char will look the same
-     * if we don't pad it out with random bytes
-     */
-    if (start) {
-        start = 0;
-    }
-
-    /* lets recurse if we want to send the data in small chunks */
-    if (len > MAXWRITE) {
-        j = 0;
-        for (i = 0; i < len; i += k) {
-            k = DES_enc_write(fd, &(buf[i]),
-                              ((len - i) > MAXWRITE) ? MAXWRITE : (len - i),
-                              sched, iv);
-            if (k < 0)
-                return (k);
-            else
-                j += k;
-        }
-        return (j);
-    }
-
-    /* write length first */
-    p = outbuf;
-    l2n(len, p);
-
-    /* pad short strings */
-    if (len < 8) {
-        cp = shortbuf;
-        memcpy(shortbuf, buf, len);
-        if (RAND_bytes(shortbuf + len, 8 - len) <= 0) {
-            return -1;
-        }
-        rnum = 8;
-    } else {
-        cp = buf;
-        rnum = ((len + 7) / 8 * 8); /* round up to nearest eight */
-    }
-
-    if (DES_rw_mode & DES_PCBC_MODE)
-        DES_pcbc_encrypt(cp, &(outbuf[HDRSIZE]), (len < 8) ? 8 : len, sched,
-                         iv, DES_ENCRYPT);
-    else
-        DES_cbc_encrypt(cp, &(outbuf[HDRSIZE]), (len < 8) ? 8 : len, sched,
-                        iv, DES_ENCRYPT);
-
-    /* output */
-    outnum = rnum + HDRSIZE;
-
-    for (j = 0; j < outnum; j += i) {
-        /*
-         * eay 26/08/92 I was not doing writing from where we got up to.
-         */
-# ifndef _WIN32
-        i = write(fd, (void *)&(outbuf[j]), outnum - j);
-# else
-        i = _write(fd, (void *)&(outbuf[j]), outnum - j);
-# endif
-        if (i == -1) {
-# ifdef EINTR
-            if (errno == EINTR)
-                i = 0;
-            else
-# endif
-                /*
-                 * This is really a bad error - very bad It will stuff-up
-                 * both ends.
-                 */
-                return (-1);
-        }
-    }
-
-    return (len);
-#endif                          /* OPENSSL_NO_POSIX_IO */
-}
diff --git a/thirdparty/openssl/crypto/des/fcrypt.c b/thirdparty/openssl/crypto/des/fcrypt.c
deleted file mode 100644
index 111f1e4617..0000000000
--- a/thirdparty/openssl/crypto/des/fcrypt.c
+++ /dev/null
@@ -1,167 +0,0 @@
-/* NOCW */
-#include <stdio.h>
-#ifdef _OSD_POSIX
-# ifndef CHARSET_EBCDIC
-#  define CHARSET_EBCDIC 1
-# endif
-#endif
-#ifdef CHARSET_EBCDIC
-# include <openssl/ebcdic.h>
-#endif
-
-/*
- * This version of crypt has been developed from my MIT compatible DES
- * library. Eric Young (eay@cryptsoft.com)
- */
-
-/*
- * Modification by Jens Kupferschmidt (Cu) I have included directive PARA for
- * shared memory computers. I have included a directive LONGCRYPT to using
- * this routine to cipher passwords with more then 8 bytes like HP-UX 10.x it
- * used. The MAXPLEN definition is the maximum of length of password and can
- * changed. I have defined 24.
- */
-
-#include "des_locl.h"
-
-/*
- * Added more values to handle illegal salt values the way normal crypt()
- * implementations do.  The patch was sent by Bjorn Gronvall <bg@sics.se>
- */
-static unsigned const char con_salt[128] = {
-    0xD2, 0xD3, 0xD4, 0xD5, 0xD6, 0xD7, 0xD8, 0xD9,
-    0xDA, 0xDB, 0xDC, 0xDD, 0xDE, 0xDF, 0xE0, 0xE1,
-    0xE2, 0xE3, 0xE4, 0xE5, 0xE6, 0xE7, 0xE8, 0xE9,
-    0xEA, 0xEB, 0xEC, 0xED, 0xEE, 0xEF, 0xF0, 0xF1,
-    0xF2, 0xF3, 0xF4, 0xF5, 0xF6, 0xF7, 0xF8, 0xF9,
-    0xFA, 0xFB, 0xFC, 0xFD, 0xFE, 0xFF, 0x00, 0x01,
-    0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,
-    0x0A, 0x0B, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A,
-    0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12,
-    0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A,
-    0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22,
-    0x23, 0x24, 0x25, 0x20, 0x21, 0x22, 0x23, 0x24,
-    0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C,
-    0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34,
-    0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C,
-    0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44,
-};
-
-static unsigned const char cov_2char[64] = {
-    0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35,
-    0x36, 0x37, 0x38, 0x39, 0x41, 0x42, 0x43, 0x44,
-    0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C,
-    0x4D, 0x4E, 0x4F, 0x50, 0x51, 0x52, 0x53, 0x54,
-    0x55, 0x56, 0x57, 0x58, 0x59, 0x5A, 0x61, 0x62,
-    0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6A,
-    0x6B, 0x6C, 0x6D, 0x6E, 0x6F, 0x70, 0x71, 0x72,
-    0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7A
-};
-
-char *DES_crypt(const char *buf, const char *salt)
-{
-    static char buff[14];
-
-#ifndef CHARSET_EBCDIC
-    return (DES_fcrypt(buf, salt, buff));
-#else
-    char e_salt[2 + 1];
-    char e_buf[32 + 1];         /* replace 32 by 8 ? */
-    char *ret;
-
-    /* Copy at most 2 chars of salt */
-    if ((e_salt[0] = salt[0]) != '\0')
-        e_salt[1] = salt[1];
-
-    /* Copy at most 32 chars of password */
-    strncpy(e_buf, buf, sizeof(e_buf));
-
-    /* Make sure we have a delimiter */
-    e_salt[sizeof(e_salt) - 1] = e_buf[sizeof(e_buf) - 1] = '\0';
-
-    /* Convert the e_salt to ASCII, as that's what DES_fcrypt works on */
-    ebcdic2ascii(e_salt, e_salt, sizeof e_salt);
-
-    /* Convert the cleartext password to ASCII */
-    ebcdic2ascii(e_buf, e_buf, sizeof e_buf);
-
-    /* Encrypt it (from/to ASCII) */
-    ret = DES_fcrypt(e_buf, e_salt, buff);
-
-    /* Convert the result back to EBCDIC */
-    ascii2ebcdic(ret, ret, strlen(ret));
-
-    return ret;
-#endif
-}
-
-char *DES_fcrypt(const char *buf, const char *salt, char *ret)
-{
-    unsigned int i, j, x, y;
-    DES_LONG Eswap0, Eswap1;
-    DES_LONG out[2], ll;
-    DES_cblock key;
-    DES_key_schedule ks;
-    unsigned char bb[9];
-    unsigned char *b = bb;
-    unsigned char c, u;
-
-    /*
-     * eay 25/08/92 If you call crypt("pwd","*") as often happens when you
-     * have * as the pwd field in /etc/passwd, the function returns
-     * *\0XXXXXXXXX The \0 makes the string look like * so the pwd "*" would
-     * crypt to "*".  This was found when replacing the crypt in our shared
-     * libraries.  People found that the disabled accounts effectively had no
-     * passwd :-(.
-     */
-#ifndef CHARSET_EBCDIC
-    x = ret[0] = ((salt[0] == '\0') ? 'A' : salt[0]);
-    Eswap0 = con_salt[x] << 2;
-    x = ret[1] = ((salt[1] == '\0') ? 'A' : salt[1]);
-    Eswap1 = con_salt[x] << 6;
-#else
-    x = ret[0] = ((salt[0] == '\0') ? os_toascii['A'] : salt[0]);
-    Eswap0 = con_salt[x] << 2;
-    x = ret[1] = ((salt[1] == '\0') ? os_toascii['A'] : salt[1]);
-    Eswap1 = con_salt[x] << 6;
-#endif
-
-    /*
-     * EAY r=strlen(buf); r=(r+7)/8;
-     */
-    for (i = 0; i < 8; i++) {
-        c = *(buf++);
-        if (!c)
-            break;
-        key[i] = (c << 1);
-    }
-    for (; i < 8; i++)
-        key[i] = 0;
-
-    DES_set_key_unchecked(&key, &ks);
-    fcrypt_body(&(out[0]), &ks, Eswap0, Eswap1);
-
-    ll = out[0];
-    l2c(ll, b);
-    ll = out[1];
-    l2c(ll, b);
-    y = 0;
-    u = 0x80;
-    bb[8] = 0;
-    for (i = 2; i < 13; i++) {
-        c = 0;
-        for (j = 0; j < 6; j++) {
-            c <<= 1;
-            if (bb[y] & u)
-                c |= 1;
-            u >>= 1;
-            if (!u) {
-                y++;
-                u = 0x80;
-            }
-        }
-        ret[i] = cov_2char[c];
-    }
-    ret[13] = '\0';
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/des/fcrypt_b.c b/thirdparty/openssl/crypto/des/fcrypt_b.c
deleted file mode 100644
index b9e87383d2..0000000000
--- a/thirdparty/openssl/crypto/des/fcrypt_b.c
+++ /dev/null
@@ -1,140 +0,0 @@
-/* crypto/des/fcrypt_b.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-/*
- * This version of crypt has been developed from my MIT compatible DES
- * library. The library is available at pub/Crypto/DES at ftp.psy.uq.oz.au
- * Eric Young (eay@cryptsoft.com)
- */
-
-#define DES_FCRYPT
-#include "des_locl.h"
-#undef DES_FCRYPT
-
-#undef PERM_OP
-#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
-        (b)^=(t),\
-        (a)^=((t)<<(n)))
-
-#undef HPERM_OP
-#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
-        (a)=(a)^(t)^(t>>(16-(n))))\
-
-void fcrypt_body(DES_LONG *out, DES_key_schedule *ks, DES_LONG Eswap0,
-                 DES_LONG Eswap1)
-{
-    register DES_LONG l, r, t, u;
-#ifdef DES_PTR
-    register const unsigned char *des_SP = (const unsigned char *)DES_SPtrans;
-#endif
-    register DES_LONG *s;
-    register int j;
-    register DES_LONG E0, E1;
-
-    l = 0;
-    r = 0;
-
-    s = (DES_LONG *)ks;
-    E0 = Eswap0;
-    E1 = Eswap1;
-
-    for (j = 0; j < 25; j++) {
-#ifndef DES_UNROLL
-        register int i;
-
-        for (i = 0; i < 32; i += 4) {
-            D_ENCRYPT(l, r, i + 0); /* 1 */
-            D_ENCRYPT(r, l, i + 2); /* 2 */
-        }
-#else
-        D_ENCRYPT(l, r, 0);     /* 1 */
-        D_ENCRYPT(r, l, 2);     /* 2 */
-        D_ENCRYPT(l, r, 4);     /* 3 */
-        D_ENCRYPT(r, l, 6);     /* 4 */
-        D_ENCRYPT(l, r, 8);     /* 5 */
-        D_ENCRYPT(r, l, 10);    /* 6 */
-        D_ENCRYPT(l, r, 12);    /* 7 */
-        D_ENCRYPT(r, l, 14);    /* 8 */
-        D_ENCRYPT(l, r, 16);    /* 9 */
-        D_ENCRYPT(r, l, 18);    /* 10 */
-        D_ENCRYPT(l, r, 20);    /* 11 */
-        D_ENCRYPT(r, l, 22);    /* 12 */
-        D_ENCRYPT(l, r, 24);    /* 13 */
-        D_ENCRYPT(r, l, 26);    /* 14 */
-        D_ENCRYPT(l, r, 28);    /* 15 */
-        D_ENCRYPT(r, l, 30);    /* 16 */
-#endif
-
-        t = l;
-        l = r;
-        r = t;
-    }
-    l = ROTATE(l, 3) & 0xffffffffL;
-    r = ROTATE(r, 3) & 0xffffffffL;
-
-    PERM_OP(l, r, t, 1, 0x55555555L);
-    PERM_OP(r, l, t, 8, 0x00ff00ffL);
-    PERM_OP(l, r, t, 2, 0x33333333L);
-    PERM_OP(r, l, t, 16, 0x0000ffffL);
-    PERM_OP(l, r, t, 4, 0x0f0f0f0fL);
-
-    out[0] = r;
-    out[1] = l;
-}
diff --git a/thirdparty/openssl/crypto/des/ncbc_enc.c b/thirdparty/openssl/crypto/des/ncbc_enc.c
deleted file mode 100644
index ab267cbf38..0000000000
--- a/thirdparty/openssl/crypto/des/ncbc_enc.c
+++ /dev/null
@@ -1,154 +0,0 @@
-/* crypto/des/ncbc_enc.c */
-/*-
- * #included by:
- *    cbc_enc.c  (DES_cbc_encrypt)
- *    des_enc.c  (DES_ncbc_encrypt)
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-#ifdef CBC_ENC_C__DONT_UPDATE_IV
-void DES_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-                     DES_key_schedule *_schedule, DES_cblock *ivec, int enc)
-#else
-void DES_ncbc_encrypt(const unsigned char *in, unsigned char *out,
-                      long length, DES_key_schedule *_schedule,
-                      DES_cblock *ivec, int enc)
-#endif
-{
-    register DES_LONG tin0, tin1;
-    register DES_LONG tout0, tout1, xor0, xor1;
-    register long l = length;
-    DES_LONG tin[2];
-    unsigned char *iv;
-
-    iv = &(*ivec)[0];
-
-    if (enc) {
-        c2l(iv, tout0);
-        c2l(iv, tout1);
-        for (l -= 8; l >= 0; l -= 8) {
-            c2l(in, tin0);
-            c2l(in, tin1);
-            tin0 ^= tout0;
-            tin[0] = tin0;
-            tin1 ^= tout1;
-            tin[1] = tin1;
-            DES_encrypt1((DES_LONG *)tin, _schedule, DES_ENCRYPT);
-            tout0 = tin[0];
-            l2c(tout0, out);
-            tout1 = tin[1];
-            l2c(tout1, out);
-        }
-        if (l != -8) {
-            c2ln(in, tin0, tin1, l + 8);
-            tin0 ^= tout0;
-            tin[0] = tin0;
-            tin1 ^= tout1;
-            tin[1] = tin1;
-            DES_encrypt1((DES_LONG *)tin, _schedule, DES_ENCRYPT);
-            tout0 = tin[0];
-            l2c(tout0, out);
-            tout1 = tin[1];
-            l2c(tout1, out);
-        }
-#ifndef CBC_ENC_C__DONT_UPDATE_IV
-        iv = &(*ivec)[0];
-        l2c(tout0, iv);
-        l2c(tout1, iv);
-#endif
-    } else {
-        c2l(iv, xor0);
-        c2l(iv, xor1);
-        for (l -= 8; l >= 0; l -= 8) {
-            c2l(in, tin0);
-            tin[0] = tin0;
-            c2l(in, tin1);
-            tin[1] = tin1;
-            DES_encrypt1((DES_LONG *)tin, _schedule, DES_DECRYPT);
-            tout0 = tin[0] ^ xor0;
-            tout1 = tin[1] ^ xor1;
-            l2c(tout0, out);
-            l2c(tout1, out);
-            xor0 = tin0;
-            xor1 = tin1;
-        }
-        if (l != -8) {
-            c2l(in, tin0);
-            tin[0] = tin0;
-            c2l(in, tin1);
-            tin[1] = tin1;
-            DES_encrypt1((DES_LONG *)tin, _schedule, DES_DECRYPT);
-            tout0 = tin[0] ^ xor0;
-            tout1 = tin[1] ^ xor1;
-            l2cn(tout0, tout1, out, l + 8);
-#ifndef CBC_ENC_C__DONT_UPDATE_IV
-            xor0 = tin0;
-            xor1 = tin1;
-#endif
-        }
-#ifndef CBC_ENC_C__DONT_UPDATE_IV
-        iv = &(*ivec)[0];
-        l2c(xor0, iv);
-        l2c(xor1, iv);
-#endif
-    }
-    tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
-    tin[0] = tin[1] = 0;
-}
diff --git a/thirdparty/openssl/crypto/des/ofb64ede.c b/thirdparty/openssl/crypto/des/ofb64ede.c
deleted file mode 100644
index 45c67505a6..0000000000
--- a/thirdparty/openssl/crypto/des/ofb64ede.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/* crypto/des/ofb64ede.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/*
- * The input and output encrypted as though 64bit ofb mode is being used.
- * The extra state information to record how much of the 64bit block we have
- * used is contained in *num;
- */
-void DES_ede3_ofb64_encrypt(register const unsigned char *in,
-                            register unsigned char *out, long length,
-                            DES_key_schedule *k1, DES_key_schedule *k2,
-                            DES_key_schedule *k3, DES_cblock *ivec, int *num)
-{
-    register DES_LONG v0, v1;
-    register int n = *num;
-    register long l = length;
-    DES_cblock d;
-    register char *dp;
-    DES_LONG ti[2];
-    unsigned char *iv;
-    int save = 0;
-
-    iv = &(*ivec)[0];
-    c2l(iv, v0);
-    c2l(iv, v1);
-    ti[0] = v0;
-    ti[1] = v1;
-    dp = (char *)d;
-    l2c(v0, dp);
-    l2c(v1, dp);
-    while (l--) {
-        if (n == 0) {
-            /* ti[0]=v0; */
-            /* ti[1]=v1; */
-            DES_encrypt3(ti, k1, k2, k3);
-            v0 = ti[0];
-            v1 = ti[1];
-
-            dp = (char *)d;
-            l2c(v0, dp);
-            l2c(v1, dp);
-            save++;
-        }
-        *(out++) = *(in++) ^ d[n];
-        n = (n + 1) & 0x07;
-    }
-    if (save) {
-/*-     v0=ti[0];
-        v1=ti[1];*/
-        iv = &(*ivec)[0];
-        l2c(v0, iv);
-        l2c(v1, iv);
-    }
-    v0 = v1 = ti[0] = ti[1] = 0;
-    *num = n;
-}
-
-#ifdef undef                    /* MACRO */
-void DES_ede2_ofb64_encrypt(register unsigned char *in,
-                            register unsigned char *out, long length,
-                            DES_key_schedule k1, DES_key_schedule k2,
-                            DES_cblock (*ivec), int *num)
-{
-    DES_ede3_ofb64_encrypt(in, out, length, k1, k2, k1, ivec, num);
-}
-#endif
diff --git a/thirdparty/openssl/crypto/des/ofb64enc.c b/thirdparty/openssl/crypto/des/ofb64enc.c
deleted file mode 100644
index 8e72dece51..0000000000
--- a/thirdparty/openssl/crypto/des/ofb64enc.c
+++ /dev/null
@@ -1,109 +0,0 @@
-/* crypto/des/ofb64enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/*
- * The input and output encrypted as though 64bit ofb mode is being used.
- * The extra state information to record how much of the 64bit block we have
- * used is contained in *num;
- */
-void DES_ofb64_encrypt(register const unsigned char *in,
-                       register unsigned char *out, long length,
-                       DES_key_schedule *schedule, DES_cblock *ivec, int *num)
-{
-    register DES_LONG v0, v1, t;
-    register int n = *num;
-    register long l = length;
-    DES_cblock d;
-    register unsigned char *dp;
-    DES_LONG ti[2];
-    unsigned char *iv;
-    int save = 0;
-
-    iv = &(*ivec)[0];
-    c2l(iv, v0);
-    c2l(iv, v1);
-    ti[0] = v0;
-    ti[1] = v1;
-    dp = d;
-    l2c(v0, dp);
-    l2c(v1, dp);
-    while (l--) {
-        if (n == 0) {
-            DES_encrypt1(ti, schedule, DES_ENCRYPT);
-            dp = d;
-            t = ti[0];
-            l2c(t, dp);
-            t = ti[1];
-            l2c(t, dp);
-            save++;
-        }
-        *(out++) = *(in++) ^ d[n];
-        n = (n + 1) & 0x07;
-    }
-    if (save) {
-        v0 = ti[0];
-        v1 = ti[1];
-        iv = &(*ivec)[0];
-        l2c(v0, iv);
-        l2c(v1, iv);
-    }
-    t = v0 = v1 = ti[0] = ti[1] = 0;
-    *num = n;
-}
diff --git a/thirdparty/openssl/crypto/des/ofb_enc.c b/thirdparty/openssl/crypto/des/ofb_enc.c
deleted file mode 100644
index 02a787752e..0000000000
--- a/thirdparty/openssl/crypto/des/ofb_enc.c
+++ /dev/null
@@ -1,131 +0,0 @@
-/* crypto/des/ofb_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/*
- * The input and output are loaded in multiples of 8 bits. What this means is
- * that if you hame numbits=12 and length=2 the first 12 bits will be
- * retrieved from the first byte and half the second.  The second 12 bits
- * will come from the 3rd and half the 4th byte.
- */
-void DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
-                     long length, DES_key_schedule *schedule,
-                     DES_cblock *ivec)
-{
-    register DES_LONG d0, d1, vv0, vv1, v0, v1, n = (numbits + 7) / 8;
-    register DES_LONG mask0, mask1;
-    register long l = length;
-    register int num = numbits;
-    DES_LONG ti[2];
-    unsigned char *iv;
-
-    if (num > 64)
-        return;
-    if (num > 32) {
-        mask0 = 0xffffffffL;
-        if (num >= 64)
-            mask1 = mask0;
-        else
-            mask1 = (1L << (num - 32)) - 1;
-    } else {
-        if (num == 32)
-            mask0 = 0xffffffffL;
-        else
-            mask0 = (1L << num) - 1;
-        mask1 = 0x00000000L;
-    }
-
-    iv = &(*ivec)[0];
-    c2l(iv, v0);
-    c2l(iv, v1);
-    ti[0] = v0;
-    ti[1] = v1;
-    while (l-- > 0) {
-        ti[0] = v0;
-        ti[1] = v1;
-        DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT);
-        vv0 = ti[0];
-        vv1 = ti[1];
-        c2ln(in, d0, d1, n);
-        in += n;
-        d0 = (d0 ^ vv0) & mask0;
-        d1 = (d1 ^ vv1) & mask1;
-        l2cn(d0, d1, out, n);
-        out += n;
-
-        if (num == 32) {
-            v0 = v1;
-            v1 = vv0;
-        } else if (num == 64) {
-            v0 = vv0;
-            v1 = vv1;
-        } else if (num > 32) {  /* && num != 64 */
-            v0 = ((v1 >> (num - 32)) | (vv0 << (64 - num))) & 0xffffffffL;
-            v1 = ((vv0 >> (num - 32)) | (vv1 << (64 - num))) & 0xffffffffL;
-        } else {                /* num < 32 */
-
-            v0 = ((v0 >> num) | (v1 << (32 - num))) & 0xffffffffL;
-            v1 = ((v1 >> num) | (vv0 << (32 - num))) & 0xffffffffL;
-        }
-    }
-    iv = &(*ivec)[0];
-    l2c(v0, iv);
-    l2c(v1, iv);
-    v0 = v1 = d0 = d1 = ti[0] = ti[1] = vv0 = vv1 = 0;
-}
diff --git a/thirdparty/openssl/crypto/des/options.txt b/thirdparty/openssl/crypto/des/options.txt
deleted file mode 100644
index 6e2b50f765..0000000000
--- a/thirdparty/openssl/crypto/des/options.txt
+++ /dev/null
@@ -1,39 +0,0 @@
-Note that the UNROLL option makes the 'inner' des loop unroll all 16 rounds
-instead of the default 4.
-RISC1 and RISC2 are 2 alternatives for the inner loop and
-PTR means to use pointers arithmatic instead of arrays.
-
-FreeBSD - Pentium Pro 200mhz - gcc 2.7.2.2 - assembler		577,000 4620k/s
-IRIX 6.2 - R10000 195mhz - cc (-O3 -n32) - UNROLL RISC2 PTR	496,000 3968k/s
-solaris 2.5.1 usparc 167mhz?? - SC4.0 - UNROLL RISC1 PTR [1]	459,400 3672k/s
-FreeBSD - Pentium Pro 200mhz - gcc 2.7.2.2 - UNROLL RISC1	433,000 3468k/s
-solaris 2.5.1 usparc 167mhz?? - gcc 2.7.2 - UNROLL 		380,000 3041k/s
-linux - pentium 100mhz - gcc 2.7.0 - assembler			281,000 2250k/s
-NT 4.0 - pentium 100mhz - VC 4.2 - assembler			281,000 2250k/s
-AIX 4.1? - PPC604 100mhz - cc - UNROLL 				275,000 2200k/s
-IRIX 5.3 - R4400 200mhz - gcc 2.6.3 - UNROLL RISC2 PTR		235,300 1882k/s
-IRIX 5.3 - R4400 200mhz - cc - UNROLL RISC2 PTR			233,700 1869k/s
-NT 4.0 - pentium 100mhz - VC 4.2 - UNROLL RISC1 PTR		191,000 1528k/s
-DEC Alpha 165mhz??  - cc - RISC2 PTR [2]			181,000 1448k/s
-linux - pentium 100mhz - gcc 2.7.0 - UNROLL RISC1 PTR		158,500 1268k/s
-HPUX 10 - 9000/887 - cc - UNROLL [3]	 			148,000	1190k/s
-solaris 2.5.1 - sparc 10 50mhz - gcc 2.7.2 - UNROLL		123,600  989k/s
-IRIX 5.3 - R4000 100mhz - cc - UNROLL RISC2 PTR			101,000  808k/s
-DGUX - 88100 50mhz(?) - gcc 2.6.3 - UNROLL			 81,000  648k/s
-solaris 2.4 486 50mhz - gcc 2.6.3 - assembler			 65,000  522k/s
-HPUX 10 - 9000/887 - k&r cc (default compiler) - UNROLL PTR	 76,000	 608k/s
-solaris 2.4 486 50mhz - gcc 2.6.3 - UNROLL RISC2		 43,500  344k/s
-AIX - old slow one :-) - cc -					 39,000  312k/s
-
-Notes.
-[1] For the ultra sparc, SunC 4.0 
-    cc -xtarget=ultra -xarch=v8plus -Xa -xO5, running 'des_opts'
-    gives a speed of 344,000 des/s while 'speed' gives 459,000 des/s.
-    I'll record the higher since it is coming from the library but it
-    is all rather weird.
-[2] Similar to the ultra sparc ([1]), 181,000 for 'des_opts' vs 175,000.
-[3] I was unable to get access to this machine when it was not heavily loaded.
-    As such, my timing program was never able to get more that %30 of the CPU.
-    This would cause the program to give much lower speed numbers because
-    it would be 'fighting' to stay in the cache with the other CPU burning
-    processes.
diff --git a/thirdparty/openssl/crypto/des/pcbc_enc.c b/thirdparty/openssl/crypto/des/pcbc_enc.c
deleted file mode 100644
index 144d5ed88f..0000000000
--- a/thirdparty/openssl/crypto/des/pcbc_enc.c
+++ /dev/null
@@ -1,115 +0,0 @@
-/* crypto/des/pcbc_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
-                      long length, DES_key_schedule *schedule,
-                      DES_cblock *ivec, int enc)
-{
-    register DES_LONG sin0, sin1, xor0, xor1, tout0, tout1;
-    DES_LONG tin[2];
-    const unsigned char *in;
-    unsigned char *out, *iv;
-
-    in = input;
-    out = output;
-    iv = &(*ivec)[0];
-
-    if (enc) {
-        c2l(iv, xor0);
-        c2l(iv, xor1);
-        for (; length > 0; length -= 8) {
-            if (length >= 8) {
-                c2l(in, sin0);
-                c2l(in, sin1);
-            } else
-                c2ln(in, sin0, sin1, length);
-            tin[0] = sin0 ^ xor0;
-            tin[1] = sin1 ^ xor1;
-            DES_encrypt1((DES_LONG *)tin, schedule, DES_ENCRYPT);
-            tout0 = tin[0];
-            tout1 = tin[1];
-            xor0 = sin0 ^ tout0;
-            xor1 = sin1 ^ tout1;
-            l2c(tout0, out);
-            l2c(tout1, out);
-        }
-    } else {
-        c2l(iv, xor0);
-        c2l(iv, xor1);
-        for (; length > 0; length -= 8) {
-            c2l(in, sin0);
-            c2l(in, sin1);
-            tin[0] = sin0;
-            tin[1] = sin1;
-            DES_encrypt1((DES_LONG *)tin, schedule, DES_DECRYPT);
-            tout0 = tin[0] ^ xor0;
-            tout1 = tin[1] ^ xor1;
-            if (length >= 8) {
-                l2c(tout0, out);
-                l2c(tout1, out);
-            } else
-                l2cn(tout0, tout1, out, length);
-            xor0 = tout0 ^ sin0;
-            xor1 = tout1 ^ sin1;
-        }
-    }
-    tin[0] = tin[1] = 0;
-    sin0 = sin1 = xor0 = xor1 = tout0 = tout1 = 0;
-}
diff --git a/thirdparty/openssl/crypto/des/qud_cksm.c b/thirdparty/openssl/crypto/des/qud_cksm.c
deleted file mode 100644
index 2a168a5769..0000000000
--- a/thirdparty/openssl/crypto/des/qud_cksm.c
+++ /dev/null
@@ -1,143 +0,0 @@
-/* crypto/des/qud_cksm.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * From "Message Authentication" R.R. Jueneman, S.M. Matyas, C.H. Meyer IEEE
- * Communications Magazine Sept 1985 Vol. 23 No. 9 p 29-40 This module in
- * only based on the code in this paper and is almost definitely not the same
- * as the MIT implementation.
- */
-#include "des_locl.h"
-
-/* bug fix for dos - 7/6/91 - Larry hughes@logos.ucs.indiana.edu */
-#define Q_B0(a) (((DES_LONG)(a)))
-#define Q_B1(a) (((DES_LONG)(a))<<8)
-#define Q_B2(a) (((DES_LONG)(a))<<16)
-#define Q_B3(a) (((DES_LONG)(a))<<24)
-
-/* used to scramble things a bit */
-/* Got the value MIT uses via brute force :-) 2/10/90 eay */
-#define NOISE   ((DES_LONG)83653421L)
-
-DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
-                        long length, int out_count, DES_cblock *seed)
-{
-    DES_LONG z0, z1, t0, t1;
-    int i;
-    long l;
-    const unsigned char *cp;
-#ifdef _CRAY
-    struct lp_st {
-        int a:32;
-        int b:32;
-    } *lp;
-#else
-    DES_LONG *lp;
-#endif
-
-    if (out_count < 1)
-        out_count = 1;
-#ifdef _CRAY
-    lp = (struct lp_st *)&(output[0])[0];
-#else
-    lp = (DES_LONG *)&(output[0])[0];
-#endif
-
-    z0 = Q_B0((*seed)[0]) | Q_B1((*seed)[1]) | Q_B2((*seed)[2]) |
-        Q_B3((*seed)[3]);
-    z1 = Q_B0((*seed)[4]) | Q_B1((*seed)[5]) | Q_B2((*seed)[6]) |
-        Q_B3((*seed)[7]);
-
-    for (i = 0; ((i < 4) && (i < out_count)); i++) {
-        cp = input;
-        l = length;
-        while (l > 0) {
-            if (l > 1) {
-                t0 = (DES_LONG)(*(cp++));
-                t0 |= (DES_LONG)Q_B1(*(cp++));
-                l--;
-            } else
-                t0 = (DES_LONG)(*(cp++));
-            l--;
-            /* add */
-            t0 += z0;
-            t0 &= 0xffffffffL;
-            t1 = z1;
-            /* square, well sort of square */
-            z0 = ((((t0 * t0) & 0xffffffffL) + ((t1 * t1) & 0xffffffffL))
-                  & 0xffffffffL) % 0x7fffffffL;
-            z1 = ((t0 * ((t1 + NOISE) & 0xffffffffL)) & 0xffffffffL) %
-                0x7fffffffL;
-        }
-        if (lp != NULL) {
-            /*
-             * The MIT library assumes that the checksum is composed of
-             * 2*out_count 32 bit ints
-             */
-#ifdef _CRAY
-            (*lp).a = z0;
-            (*lp).b = z1;
-            lp++;
-#else
-            *lp++ = z0;
-            *lp++ = z1;
-#endif
-        }
-    }
-    return (z0);
-}
diff --git a/thirdparty/openssl/crypto/des/rand_key.c b/thirdparty/openssl/crypto/des/rand_key.c
deleted file mode 100644
index b75cc5f9b0..0000000000
--- a/thirdparty/openssl/crypto/des/rand_key.c
+++ /dev/null
@@ -1,67 +0,0 @@
-/* crypto/des/rand_key.c */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/des.h>
-#include <openssl/rand.h>
-
-int DES_random_key(DES_cblock *ret)
-{
-    do {
-        if (RAND_bytes((unsigned char *)ret, sizeof(DES_cblock)) != 1)
-            return (0);
-    } while (DES_is_weak_key(ret));
-    DES_set_odd_parity(ret);
-    return (1);
-}
diff --git a/thirdparty/openssl/crypto/des/read2pwd.c b/thirdparty/openssl/crypto/des/read2pwd.c
deleted file mode 100644
index 01e275f331..0000000000
--- a/thirdparty/openssl/crypto/des/read2pwd.c
+++ /dev/null
@@ -1,140 +0,0 @@
-/* crypto/des/read2pwd.c */
-/* ====================================================================
- * Copyright (c) 2001-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <string.h>
-#include <openssl/des.h>
-#include <openssl/ui.h>
-#include <openssl/crypto.h>
-
-int DES_read_password(DES_cblock *key, const char *prompt, int verify)
-{
-    int ok;
-    char buf[BUFSIZ], buff[BUFSIZ];
-
-    if ((ok = UI_UTIL_read_pw(buf, buff, BUFSIZ, prompt, verify)) == 0)
-        DES_string_to_key(buf, key);
-    OPENSSL_cleanse(buf, BUFSIZ);
-    OPENSSL_cleanse(buff, BUFSIZ);
-    return (ok);
-}
-
-int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2,
-                        const char *prompt, int verify)
-{
-    int ok;
-    char buf[BUFSIZ], buff[BUFSIZ];
-
-    if ((ok = UI_UTIL_read_pw(buf, buff, BUFSIZ, prompt, verify)) == 0)
-        DES_string_to_2keys(buf, key1, key2);
-    OPENSSL_cleanse(buf, BUFSIZ);
-    OPENSSL_cleanse(buff, BUFSIZ);
-    return (ok);
-}
diff --git a/thirdparty/openssl/crypto/des/read_pwd.c b/thirdparty/openssl/crypto/des/read_pwd.c
deleted file mode 100644
index 514a7063b4..0000000000
--- a/thirdparty/openssl/crypto/des/read_pwd.c
+++ /dev/null
@@ -1,533 +0,0 @@
-/* crypto/des/read_pwd.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/e_os2.h>
-#if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_WIN32)
-# ifdef OPENSSL_UNISTD
-#  include OPENSSL_UNISTD
-# else
-#  include <unistd.h>
-# endif
-/*
- * If unistd.h defines _POSIX_VERSION, we conclude that we are on a POSIX
- * system and have sigaction and termios.
- */
-# if defined(_POSIX_VERSION)
-
-#  define SIGACTION
-#  if !defined(TERMIOS) && !defined(TERMIO) && !defined(SGTTY)
-#   define TERMIOS
-#  endif
-
-# endif
-#endif
-
-/* Define this if you have sigaction() */
-/* #define SIGACTION */
-
-#ifdef WIN16TTY
-# undef OPENSSL_SYS_WIN16
-# undef _WINDOWS
-# include <graph.h>
-#endif
-
-/* 06-Apr-92 Luke Brennan    Support for VMS */
-#include "des_locl.h"
-#include "cryptlib.h"
-#include <signal.h>
-#include <stdio.h>
-#include <string.h>
-#include <setjmp.h>
-#include <errno.h>
-
-#ifdef OPENSSL_SYS_VMS          /* prototypes for sys$whatever */
-# include <starlet.h>
-# ifdef __DECC
-#  pragma message disable DOLLARID
-# endif
-#endif
-
-#ifdef WIN_CONSOLE_BUG
-# include <windows.h>
-# ifndef OPENSSL_SYS_WINCE
-#  include <wincon.h>
-# endif
-#endif
-
-/*
- * There are 5 types of terminal interface supported, TERMIO, TERMIOS, VMS,
- * MSDOS and SGTTY
- */
-
-#if defined(__sgi) && !defined(TERMIOS)
-# define TERMIOS
-# undef  TERMIO
-# undef  SGTTY
-#endif
-
-#if defined(linux) && !defined(TERMIO)
-# undef  TERMIOS
-# define TERMIO
-# undef  SGTTY
-#endif
-
-#ifdef _LIBC
-# undef  TERMIOS
-# define TERMIO
-# undef  SGTTY
-#endif
-
-#if !defined(TERMIO) && !defined(TERMIOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_MSDOS) && !defined(MAC_OS_pre_X) && !defined(MAC_OS_GUSI_SOURCE)
-# undef  TERMIOS
-# undef  TERMIO
-# define SGTTY
-#endif
-
-#if defined(OPENSSL_SYS_VXWORKS)
-# undef TERMIOS
-# undef TERMIO
-# undef SGTTY
-#endif
-
-#ifdef TERMIOS
-# include <termios.h>
-# define TTY_STRUCT              struct termios
-# define TTY_FLAGS               c_lflag
-# define TTY_get(tty,data)       tcgetattr(tty,data)
-# define TTY_set(tty,data)       tcsetattr(tty,TCSANOW,data)
-#endif
-
-#ifdef TERMIO
-# include <termio.h>
-# define TTY_STRUCT              struct termio
-# define TTY_FLAGS               c_lflag
-# define TTY_get(tty,data)       ioctl(tty,TCGETA,data)
-# define TTY_set(tty,data)       ioctl(tty,TCSETA,data)
-#endif
-
-#ifdef SGTTY
-# include <sgtty.h>
-# define TTY_STRUCT              struct sgttyb
-# define TTY_FLAGS               sg_flags
-# define TTY_get(tty,data)       ioctl(tty,TIOCGETP,data)
-# define TTY_set(tty,data)       ioctl(tty,TIOCSETP,data)
-#endif
-
-#if !defined(_LIBC) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) && !defined(MAC_OS_pre_X)
-# include <sys/ioctl.h>
-#endif
-
-#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WINCE)
-# include <conio.h>
-# define fgets(a,b,c) noecho_fgets(a,b,c)
-#endif
-
-#ifdef OPENSSL_SYS_VMS
-# include <ssdef.h>
-# include <iodef.h>
-# include <ttdef.h>
-# include <descrip.h>
-struct IOSB {
-    short iosb$w_value;
-    short iosb$w_count;
-    long iosb$l_info;
-};
-#endif
-
-#if defined(MAC_OS_pre_X) || defined(MAC_OS_GUSI_SOURCE)
-/*
- * This one needs work. As a matter of fact the code is unoperational
- * and this is only a trick to get it compiled.
- *                                      <appro@fy.chalmers.se>
- */
-# define TTY_STRUCT int
-#endif
-
-#ifndef NX509_SIG
-# define NX509_SIG 32
-#endif
-
-static void read_till_nl(FILE *);
-static void recsig(int);
-static void pushsig(void);
-static void popsig(void);
-#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16)
-static int noecho_fgets(char *buf, int size, FILE *tty);
-#endif
-#ifdef SIGACTION
-static struct sigaction savsig[NX509_SIG];
-#else
-static void (*savsig[NX509_SIG]) (int);
-#endif
-static jmp_buf save;
-
-int des_read_pw_string(char *buf, int length, const char *prompt, int verify)
-{
-    char buff[BUFSIZ];
-    int ret;
-
-    ret =
-        des_read_pw(buf, buff, (length > BUFSIZ) ? BUFSIZ : length, prompt,
-                    verify);
-    OPENSSL_cleanse(buff, BUFSIZ);
-    return (ret);
-}
-
-#ifdef OPENSSL_SYS_WINCE
-
-int des_read_pw(char *buf, char *buff, int size, const char *prompt,
-                int verify)
-{
-    memset(buf, 0, size);
-    memset(buff, 0, size);
-    return (0);
-}
-
-#elif defined(OPENSSL_SYS_WIN16)
-
-int des_read_pw(char *buf, char *buff, int size, char *prompt, int verify)
-{
-    memset(buf, 0, size);
-    memset(buff, 0, size);
-    return (0);
-}
-
-#else                           /* !OPENSSL_SYS_WINCE && !OPENSSL_SYS_WIN16 */
-
-static void read_till_nl(FILE *in)
-{
-# define SIZE 4
-    char buf[SIZE + 1];
-
-    do {
-        fgets(buf, SIZE, in);
-    } while (strchr(buf, '\n') == NULL);
-}
-
-/* return 0 if ok, 1 (or -1) otherwise */
-int des_read_pw(char *buf, char *buff, int size, const char *prompt,
-                int verify)
-{
-# ifdef OPENSSL_SYS_VMS
-    struct IOSB iosb;
-    $DESCRIPTOR(terminal, "TT");
-    long tty_orig[3], tty_new[3];
-    long status;
-    unsigned short channel = 0;
-# else
-#  if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__)
-    TTY_STRUCT tty_orig, tty_new;
-#  endif
-# endif
-    int number;
-    int ok;
-    /*
-     * statics are simply to avoid warnings about longjmp clobbering things
-     */
-    static int ps;
-    int is_a_tty;
-    static FILE *tty;
-    char *p;
-
-    if (setjmp(save)) {
-        ok = 0;
-        goto error;
-    }
-
-    number = 5;
-    ok = 0;
-    ps = 0;
-    is_a_tty = 1;
-    tty = NULL;
-
-# ifdef OPENSSL_SYS_MSDOS
-    if ((tty = fopen("con", "r")) == NULL)
-        tty = stdin;
-# elif defined(MAC_OS_pre_X) || defined(OPENSSL_SYS_VXWORKS)
-    tty = stdin;
-# else
-#  ifndef OPENSSL_SYS_MPE
-    if ((tty = fopen("/dev/tty", "r")) == NULL)
-#  endif
-        tty = stdin;
-# endif
-
-# if defined(TTY_get) && !defined(OPENSSL_SYS_VMS)
-    if (TTY_get(fileno(tty), &tty_orig) == -1) {
-#  ifdef ENOTTY
-        if (errno == ENOTTY)
-            is_a_tty = 0;
-        else
-#  endif
-#  ifdef EINVAL
-            /*
-             * Ariel Glenn ariel@columbia.edu reports that solaris can return
-             * EINVAL instead.  This should be ok
-             */
-        if (errno == EINVAL)
-            is_a_tty = 0;
-        else
-#  endif
-            return (-1);
-    }
-    memcpy(&(tty_new), &(tty_orig), sizeof(tty_orig));
-# endif
-# ifdef OPENSSL_SYS_VMS
-    status = sys$assign(&terminal, &channel, 0, 0);
-    if (status != SS$_NORMAL)
-        return (-1);
-    status =
-        sys$qiow(0, channel, IO$_SENSEMODE, &iosb, 0, 0, tty_orig, 12, 0, 0,
-                 0, 0);
-    if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
-        return (-1);
-# endif
-
-    pushsig();
-    ps = 1;
-
-# ifdef TTY_FLAGS
-    tty_new.TTY_FLAGS &= ~ECHO;
-# endif
-
-# if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
-    if (is_a_tty && (TTY_set(fileno(tty), &tty_new) == -1))
-#  ifdef OPENSSL_SYS_MPE
-        ;                       /* MPE lies -- echo really has been disabled */
-#  else
-        return (-1);
-#  endif
-# endif
-# ifdef OPENSSL_SYS_VMS
-    tty_new[0] = tty_orig[0];
-    tty_new[1] = tty_orig[1] | TT$M_NOECHO;
-    tty_new[2] = tty_orig[2];
-    status =
-        sys$qiow(0, channel, IO$_SETMODE, &iosb, 0, 0, tty_new, 12, 0, 0, 0,
-                 0);
-    if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
-        return (-1);
-# endif
-    ps = 2;
-
-    while ((!ok) && (number--)) {
-        fputs(prompt, stderr);
-        fflush(stderr);
-
-        buf[0] = '\0';
-        fgets(buf, size, tty);
-        if (feof(tty))
-            goto error;
-        if (ferror(tty))
-            goto error;
-        if ((p = (char *)strchr(buf, '\n')) != NULL)
-            *p = '\0';
-        else
-            read_till_nl(tty);
-        if (verify) {
-            fprintf(stderr, "\nVerifying password - %s", prompt);
-            fflush(stderr);
-            buff[0] = '\0';
-            fgets(buff, size, tty);
-            if (feof(tty))
-                goto error;
-            if ((p = (char *)strchr(buff, '\n')) != NULL)
-                *p = '\0';
-            else
-                read_till_nl(tty);
-
-            if (strcmp(buf, buff) != 0) {
-                fprintf(stderr, "\nVerify failure");
-                fflush(stderr);
-                break;
-                /* continue; */
-            }
-        }
-        ok = 1;
-    }
-
- error:
-    fprintf(stderr, "\n");
-# if 0
-    perror("fgets(tty)");
-# endif
-    /* What can we do if there is an error? */
-# if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
-    if (ps >= 2)
-        TTY_set(fileno(tty), &tty_orig);
-# endif
-# ifdef OPENSSL_SYS_VMS
-    if (ps >= 2)
-        status =
-            sys$qiow(0, channel, IO$_SETMODE, &iosb, 0, 0, tty_orig, 12, 0, 0,
-                     0, 0);
-# endif
-
-    if (ps >= 1)
-        popsig();
-    if (stdin != tty)
-        fclose(tty);
-# ifdef OPENSSL_SYS_VMS
-    status = sys$dassgn(channel);
-# endif
-    return (!ok);
-}
-
-static void pushsig(void)
-{
-    int i;
-# ifdef SIGACTION
-    struct sigaction sa;
-
-    memset(&sa, 0, sizeof sa);
-    sa.sa_handler = recsig;
-# endif
-
-    for (i = 1; i < NX509_SIG; i++) {
-# ifdef SIGUSR1
-        if (i == SIGUSR1)
-            continue;
-# endif
-# ifdef SIGUSR2
-        if (i == SIGUSR2)
-            continue;
-# endif
-# ifdef SIGACTION
-        sigaction(i, &sa, &savsig[i]);
-# else
-        savsig[i] = signal(i, recsig);
-# endif
-    }
-
-# ifdef SIGWINCH
-    signal(SIGWINCH, SIG_DFL);
-# endif
-}
-
-static void popsig(void)
-{
-    int i;
-
-    for (i = 1; i < NX509_SIG; i++) {
-# ifdef SIGUSR1
-        if (i == SIGUSR1)
-            continue;
-# endif
-# ifdef SIGUSR2
-        if (i == SIGUSR2)
-            continue;
-# endif
-# ifdef SIGACTION
-        sigaction(i, &savsig[i], NULL);
-# else
-        signal(i, savsig[i]);
-# endif
-    }
-}
-
-static void recsig(int i)
-{
-    longjmp(save, 1);
-# ifdef LINT
-    i = i;
-# endif
-}
-
-# ifdef OPENSSL_SYS_MSDOS
-static int noecho_fgets(char *buf, int size, FILE *tty)
-{
-    int i;
-    char *p;
-
-    p = buf;
-    for (;;) {
-        if (size == 0) {
-            *p = '\0';
-            break;
-        }
-        size--;
-#  ifdef WIN16TTY
-        i = _inchar();
-#  else
-        i = getch();
-#  endif
-        if (i == '\r')
-            i = '\n';
-        *(p++) = i;
-        if (i == '\n') {
-            *p = '\0';
-            break;
-        }
-    }
-#  ifdef WIN_CONSOLE_BUG
-    /*
-     * Win95 has several evil console bugs: one of these is that the last
-     * character read using getch() is passed to the next read: this is
-     * usually a CR so this can be trouble. No STDIO fix seems to work but
-     * flushing the console appears to do the trick.
-     */
-    {
-        HANDLE inh;
-        inh = GetStdHandle(STD_INPUT_HANDLE);
-        FlushConsoleInputBuffer(inh);
-    }
-#  endif
-    return (strlen(buf));
-}
-# endif
-#endif                          /* !OPENSSL_SYS_WINCE && !WIN16 */
diff --git a/thirdparty/openssl/crypto/des/rpc_des.h b/thirdparty/openssl/crypto/des/rpc_des.h
deleted file mode 100644
index 4db9062d97..0000000000
--- a/thirdparty/openssl/crypto/des/rpc_des.h
+++ /dev/null
@@ -1,130 +0,0 @@
-/* crypto/des/rpc_des.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*  @(#)des.h   2.2 88/08/10 4.0 RPCSRC; from 2.7 88/02/08 SMI  */
-/*-
- * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
- * unrestricted use provided that this legend is included on all tape
- * media and as a part of the software program in whole or part.  Users
- * may copy or modify Sun RPC without charge, but are not authorized
- * to license or distribute it to anyone else except as part of a product or
- * program developed by the user.
- *
- * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
- * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
- *
- * Sun RPC is provided with no support and without any obligation on the
- * part of Sun Microsystems, Inc. to assist in its use, correction,
- * modification or enhancement.
- *
- * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
- * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
- * OR ANY PART THEREOF.
- *
- * In no event will Sun Microsystems, Inc. be liable for any lost revenue
- * or profits or other special, indirect and consequential damages, even if
- * Sun has been advised of the possibility of such damages.
- *
- * Sun Microsystems, Inc.
- * 2550 Garcia Avenue
- * Mountain View, California  94043
- */
-/*
- * Generic DES driver interface
- * Keep this file hardware independent!
- * Copyright (c) 1986 by Sun Microsystems, Inc.
- */
-
-#define DES_MAXLEN      65536   /* maximum # of bytes to encrypt */
-#define DES_QUICKLEN    16      /* maximum # of bytes to encrypt quickly */
-
-#ifdef HEADER_DES_H
-# undef ENCRYPT
-# undef DECRYPT
-#endif
-
-enum desdir { ENCRYPT, DECRYPT };
-enum desmode { CBC, ECB };
-
-/*
- * parameters to ioctl call
- */
-struct desparams {
-    unsigned char des_key[8];   /* key (with low bit parity) */
-    enum desdir des_dir;        /* direction */
-    enum desmode des_mode;      /* mode */
-    unsigned char des_ivec[8];  /* input vector */
-    unsigned des_len;           /* number of bytes to crypt */
-    union {
-        unsigned char UDES_data[DES_QUICKLEN];
-        unsigned char *UDES_buf;
-    } UDES;
-#define des_data UDES.UDES_data /* direct data here if quick */
-#define des_buf  UDES.UDES_buf  /* otherwise, pointer to data */
-};
-
-/*
- * Encrypt an arbitrary sized buffer
- */
-#define DESIOCBLOCK     _IOWR('d', 6, struct desparams)
-
-/*
- * Encrypt of small amount of data, quickly
- */
-#define DESIOCQUICK     _IOWR('d', 7, struct desparams)
diff --git a/thirdparty/openssl/crypto/des/rpc_enc.c b/thirdparty/openssl/crypto/des/rpc_enc.c
deleted file mode 100644
index f5a84c5b05..0000000000
--- a/thirdparty/openssl/crypto/des/rpc_enc.c
+++ /dev/null
@@ -1,100 +0,0 @@
-/* crypto/des/rpc_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "rpc_des.h"
-#include "des_locl.h"
-#include "des_ver.h"
-
-int _des_crypt(char *buf, int len, struct desparams *desp);
-int _des_crypt(char *buf, int len, struct desparams *desp)
-{
-    DES_key_schedule ks;
-    int enc;
-
-    DES_set_key_unchecked(&desp->des_key, &ks);
-    enc = (desp->des_dir == ENCRYPT) ? DES_ENCRYPT : DES_DECRYPT;
-
-    if (desp->des_mode == CBC)
-        DES_ecb_encrypt((const_DES_cblock *)desp->UDES.UDES_buf,
-                        (DES_cblock *)desp->UDES.UDES_buf, &ks, enc);
-    else {
-        DES_ncbc_encrypt(desp->UDES.UDES_buf, desp->UDES.UDES_buf,
-                         len, &ks, &desp->des_ivec, enc);
-#ifdef undef
-        /*
-         * len will always be %8 if called from common_crypt in secure_rpc.
-         * Libdes's cbc encrypt does not copy back the iv, so we have to do
-         * it here.
-         */
-        /* It does now :-) eay 20/09/95 */
-
-        a = (char *)&(desp->UDES.UDES_buf[len - 8]);
-        b = (char *)&(desp->des_ivec[0]);
-
-        *(a++) = *(b++);
-        *(a++) = *(b++);
-        *(a++) = *(b++);
-        *(a++) = *(b++);
-        *(a++) = *(b++);
-        *(a++) = *(b++);
-        *(a++) = *(b++);
-        *(a++) = *(b++);
-#endif
-    }
-    return (1);
-}
diff --git a/thirdparty/openssl/crypto/des/rpw.c b/thirdparty/openssl/crypto/des/rpw.c
deleted file mode 100644
index ab65eacae3..0000000000
--- a/thirdparty/openssl/crypto/des/rpw.c
+++ /dev/null
@@ -1,94 +0,0 @@
-/* crypto/des/rpw.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/des.h>
-
-int main(int argc, char *argv[])
-{
-    DES_cblock k, k1;
-    int i;
-
-    printf("read passwd\n");
-    if ((i = des_read_password(&k, "Enter password:", 0)) == 0) {
-        printf("password = ");
-        for (i = 0; i < 8; i++)
-            printf("%02x ", k[i]);
-    } else
-        printf("error %d\n", i);
-    printf("\n");
-    printf("read 2passwds and verify\n");
-    if ((i = des_read_2passwords(&k, &k1,
-                                 "Enter verified password:", 1)) == 0) {
-        printf("password1 = ");
-        for (i = 0; i < 8; i++)
-            printf("%02x ", k[i]);
-        printf("\n");
-        printf("password2 = ");
-        for (i = 0; i < 8; i++)
-            printf("%02x ", k1[i]);
-        printf("\n");
-        exit(1);
-    } else {
-        printf("error %d\n", i);
-        exit(0);
-    }
-#ifdef LINT
-    return (0);
-#endif
-}
diff --git a/thirdparty/openssl/crypto/des/set_key.c b/thirdparty/openssl/crypto/des/set_key.c
deleted file mode 100644
index d9c5e7fcb3..0000000000
--- a/thirdparty/openssl/crypto/des/set_key.c
+++ /dev/null
@@ -1,447 +0,0 @@
-/* crypto/des/set_key.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*-
- * set_key.c v 1.4 eay 24/9/91
- * 1.4 Speed up by 400% :-)
- * 1.3 added register declarations.
- * 1.2 unrolled make_key_sched a bit more
- * 1.1 added norm_expand_bits
- * 1.0 First working version
- */
-#include <openssl/crypto.h>
-#include "des_locl.h"
-
-OPENSSL_IMPLEMENT_GLOBAL(int, DES_check_key, 0)
-                                                    /*
-                                                     * defaults to false
-                                                     */
-static const unsigned char odd_parity[256] = {
-    1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14,
-    16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
-    32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
-    49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
-    64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
-    81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
-    97, 97, 98, 98, 100, 100, 103, 103, 104, 104, 107, 107, 109, 109, 110,
-    110,
-    112, 112, 115, 115, 117, 117, 118, 118, 121, 121, 122, 122, 124, 124, 127,
-    127,
-    128, 128, 131, 131, 133, 133, 134, 134, 137, 137, 138, 138, 140, 140, 143,
-    143,
-    145, 145, 146, 146, 148, 148, 151, 151, 152, 152, 155, 155, 157, 157, 158,
-    158,
-    161, 161, 162, 162, 164, 164, 167, 167, 168, 168, 171, 171, 173, 173, 174,
-    174,
-    176, 176, 179, 179, 181, 181, 182, 182, 185, 185, 186, 186, 188, 188, 191,
-    191,
-    193, 193, 194, 194, 196, 196, 199, 199, 200, 200, 203, 203, 205, 205, 206,
-    206,
-    208, 208, 211, 211, 213, 213, 214, 214, 217, 217, 218, 218, 220, 220, 223,
-    223,
-    224, 224, 227, 227, 229, 229, 230, 230, 233, 233, 234, 234, 236, 236, 239,
-    239,
-    241, 241, 242, 242, 244, 244, 247, 247, 248, 248, 251, 251, 253, 253, 254,
-    254
-};
-
-void DES_set_odd_parity(DES_cblock *key)
-{
-    unsigned int i;
-
-    for (i = 0; i < DES_KEY_SZ; i++)
-        (*key)[i] = odd_parity[(*key)[i]];
-}
-
-int DES_check_key_parity(const_DES_cblock *key)
-{
-    unsigned int i;
-
-    for (i = 0; i < DES_KEY_SZ; i++) {
-        if ((*key)[i] != odd_parity[(*key)[i]])
-            return (0);
-    }
-    return (1);
-}
-
-/*-
- * Weak and semi weak keys as taken from
- * %A D.W. Davies
- * %A W.L. Price
- * %T Security for Computer Networks
- * %I John Wiley & Sons
- * %D 1984
- * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference
- * (and actual cblock values).
- */
-#define NUM_WEAK_KEY    16
-static const DES_cblock weak_keys[NUM_WEAK_KEY] = {
-    /* weak keys */
-    {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01},
-    {0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE},
-    {0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E},
-    {0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1},
-    /* semi-weak keys */
-    {0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE},
-    {0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01},
-    {0x1F, 0xE0, 0x1F, 0xE0, 0x0E, 0xF1, 0x0E, 0xF1},
-    {0xE0, 0x1F, 0xE0, 0x1F, 0xF1, 0x0E, 0xF1, 0x0E},
-    {0x01, 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1},
-    {0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1, 0x01},
-    {0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E, 0xFE},
-    {0xFE, 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E},
-    {0x01, 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E},
-    {0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E, 0x01},
-    {0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE},
-    {0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1}
-};
-
-int DES_is_weak_key(const_DES_cblock *key)
-{
-    int i;
-
-    for (i = 0; i < NUM_WEAK_KEY; i++)
-        /*
-         * Added == 0 to comparison, I obviously don't run this section very
-         * often :-(, thanks to engineering@MorningStar.Com for the fix eay
-         * 93/06/29 Another problem, I was comparing only the first 4 bytes,
-         * 97/03/18
-         */
-        if (memcmp(weak_keys[i], key, sizeof(DES_cblock)) == 0)
-            return (1);
-    return (0);
-}
-
-/*-
- * NOW DEFINED IN des_local.h
- * See ecb_encrypt.c for a pseudo description of these macros.
- * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
- *      (b)^=(t),\
- *      (a)=((a)^((t)<<(n))))
- */
-
-#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
-        (a)=(a)^(t)^(t>>(16-(n))))
-
-static const DES_LONG des_skb[8][64] = {
-    {
-     /* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
-     0x00000000L, 0x00000010L, 0x20000000L, 0x20000010L,
-     0x00010000L, 0x00010010L, 0x20010000L, 0x20010010L,
-     0x00000800L, 0x00000810L, 0x20000800L, 0x20000810L,
-     0x00010800L, 0x00010810L, 0x20010800L, 0x20010810L,
-     0x00000020L, 0x00000030L, 0x20000020L, 0x20000030L,
-     0x00010020L, 0x00010030L, 0x20010020L, 0x20010030L,
-     0x00000820L, 0x00000830L, 0x20000820L, 0x20000830L,
-     0x00010820L, 0x00010830L, 0x20010820L, 0x20010830L,
-     0x00080000L, 0x00080010L, 0x20080000L, 0x20080010L,
-     0x00090000L, 0x00090010L, 0x20090000L, 0x20090010L,
-     0x00080800L, 0x00080810L, 0x20080800L, 0x20080810L,
-     0x00090800L, 0x00090810L, 0x20090800L, 0x20090810L,
-     0x00080020L, 0x00080030L, 0x20080020L, 0x20080030L,
-     0x00090020L, 0x00090030L, 0x20090020L, 0x20090030L,
-     0x00080820L, 0x00080830L, 0x20080820L, 0x20080830L,
-     0x00090820L, 0x00090830L, 0x20090820L, 0x20090830L,
-     },
-    {
-     /* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
-     0x00000000L, 0x02000000L, 0x00002000L, 0x02002000L,
-     0x00200000L, 0x02200000L, 0x00202000L, 0x02202000L,
-     0x00000004L, 0x02000004L, 0x00002004L, 0x02002004L,
-     0x00200004L, 0x02200004L, 0x00202004L, 0x02202004L,
-     0x00000400L, 0x02000400L, 0x00002400L, 0x02002400L,
-     0x00200400L, 0x02200400L, 0x00202400L, 0x02202400L,
-     0x00000404L, 0x02000404L, 0x00002404L, 0x02002404L,
-     0x00200404L, 0x02200404L, 0x00202404L, 0x02202404L,
-     0x10000000L, 0x12000000L, 0x10002000L, 0x12002000L,
-     0x10200000L, 0x12200000L, 0x10202000L, 0x12202000L,
-     0x10000004L, 0x12000004L, 0x10002004L, 0x12002004L,
-     0x10200004L, 0x12200004L, 0x10202004L, 0x12202004L,
-     0x10000400L, 0x12000400L, 0x10002400L, 0x12002400L,
-     0x10200400L, 0x12200400L, 0x10202400L, 0x12202400L,
-     0x10000404L, 0x12000404L, 0x10002404L, 0x12002404L,
-     0x10200404L, 0x12200404L, 0x10202404L, 0x12202404L,
-     },
-    {
-     /* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
-     0x00000000L, 0x00000001L, 0x00040000L, 0x00040001L,
-     0x01000000L, 0x01000001L, 0x01040000L, 0x01040001L,
-     0x00000002L, 0x00000003L, 0x00040002L, 0x00040003L,
-     0x01000002L, 0x01000003L, 0x01040002L, 0x01040003L,
-     0x00000200L, 0x00000201L, 0x00040200L, 0x00040201L,
-     0x01000200L, 0x01000201L, 0x01040200L, 0x01040201L,
-     0x00000202L, 0x00000203L, 0x00040202L, 0x00040203L,
-     0x01000202L, 0x01000203L, 0x01040202L, 0x01040203L,
-     0x08000000L, 0x08000001L, 0x08040000L, 0x08040001L,
-     0x09000000L, 0x09000001L, 0x09040000L, 0x09040001L,
-     0x08000002L, 0x08000003L, 0x08040002L, 0x08040003L,
-     0x09000002L, 0x09000003L, 0x09040002L, 0x09040003L,
-     0x08000200L, 0x08000201L, 0x08040200L, 0x08040201L,
-     0x09000200L, 0x09000201L, 0x09040200L, 0x09040201L,
-     0x08000202L, 0x08000203L, 0x08040202L, 0x08040203L,
-     0x09000202L, 0x09000203L, 0x09040202L, 0x09040203L,
-     },
-    {
-     /* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
-     0x00000000L, 0x00100000L, 0x00000100L, 0x00100100L,
-     0x00000008L, 0x00100008L, 0x00000108L, 0x00100108L,
-     0x00001000L, 0x00101000L, 0x00001100L, 0x00101100L,
-     0x00001008L, 0x00101008L, 0x00001108L, 0x00101108L,
-     0x04000000L, 0x04100000L, 0x04000100L, 0x04100100L,
-     0x04000008L, 0x04100008L, 0x04000108L, 0x04100108L,
-     0x04001000L, 0x04101000L, 0x04001100L, 0x04101100L,
-     0x04001008L, 0x04101008L, 0x04001108L, 0x04101108L,
-     0x00020000L, 0x00120000L, 0x00020100L, 0x00120100L,
-     0x00020008L, 0x00120008L, 0x00020108L, 0x00120108L,
-     0x00021000L, 0x00121000L, 0x00021100L, 0x00121100L,
-     0x00021008L, 0x00121008L, 0x00021108L, 0x00121108L,
-     0x04020000L, 0x04120000L, 0x04020100L, 0x04120100L,
-     0x04020008L, 0x04120008L, 0x04020108L, 0x04120108L,
-     0x04021000L, 0x04121000L, 0x04021100L, 0x04121100L,
-     0x04021008L, 0x04121008L, 0x04021108L, 0x04121108L,
-     },
-    {
-     /* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
-     0x00000000L, 0x10000000L, 0x00010000L, 0x10010000L,
-     0x00000004L, 0x10000004L, 0x00010004L, 0x10010004L,
-     0x20000000L, 0x30000000L, 0x20010000L, 0x30010000L,
-     0x20000004L, 0x30000004L, 0x20010004L, 0x30010004L,
-     0x00100000L, 0x10100000L, 0x00110000L, 0x10110000L,
-     0x00100004L, 0x10100004L, 0x00110004L, 0x10110004L,
-     0x20100000L, 0x30100000L, 0x20110000L, 0x30110000L,
-     0x20100004L, 0x30100004L, 0x20110004L, 0x30110004L,
-     0x00001000L, 0x10001000L, 0x00011000L, 0x10011000L,
-     0x00001004L, 0x10001004L, 0x00011004L, 0x10011004L,
-     0x20001000L, 0x30001000L, 0x20011000L, 0x30011000L,
-     0x20001004L, 0x30001004L, 0x20011004L, 0x30011004L,
-     0x00101000L, 0x10101000L, 0x00111000L, 0x10111000L,
-     0x00101004L, 0x10101004L, 0x00111004L, 0x10111004L,
-     0x20101000L, 0x30101000L, 0x20111000L, 0x30111000L,
-     0x20101004L, 0x30101004L, 0x20111004L, 0x30111004L,
-     },
-    {
-     /* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
-     0x00000000L, 0x08000000L, 0x00000008L, 0x08000008L,
-     0x00000400L, 0x08000400L, 0x00000408L, 0x08000408L,
-     0x00020000L, 0x08020000L, 0x00020008L, 0x08020008L,
-     0x00020400L, 0x08020400L, 0x00020408L, 0x08020408L,
-     0x00000001L, 0x08000001L, 0x00000009L, 0x08000009L,
-     0x00000401L, 0x08000401L, 0x00000409L, 0x08000409L,
-     0x00020001L, 0x08020001L, 0x00020009L, 0x08020009L,
-     0x00020401L, 0x08020401L, 0x00020409L, 0x08020409L,
-     0x02000000L, 0x0A000000L, 0x02000008L, 0x0A000008L,
-     0x02000400L, 0x0A000400L, 0x02000408L, 0x0A000408L,
-     0x02020000L, 0x0A020000L, 0x02020008L, 0x0A020008L,
-     0x02020400L, 0x0A020400L, 0x02020408L, 0x0A020408L,
-     0x02000001L, 0x0A000001L, 0x02000009L, 0x0A000009L,
-     0x02000401L, 0x0A000401L, 0x02000409L, 0x0A000409L,
-     0x02020001L, 0x0A020001L, 0x02020009L, 0x0A020009L,
-     0x02020401L, 0x0A020401L, 0x02020409L, 0x0A020409L,
-     },
-    {
-     /* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
-     0x00000000L, 0x00000100L, 0x00080000L, 0x00080100L,
-     0x01000000L, 0x01000100L, 0x01080000L, 0x01080100L,
-     0x00000010L, 0x00000110L, 0x00080010L, 0x00080110L,
-     0x01000010L, 0x01000110L, 0x01080010L, 0x01080110L,
-     0x00200000L, 0x00200100L, 0x00280000L, 0x00280100L,
-     0x01200000L, 0x01200100L, 0x01280000L, 0x01280100L,
-     0x00200010L, 0x00200110L, 0x00280010L, 0x00280110L,
-     0x01200010L, 0x01200110L, 0x01280010L, 0x01280110L,
-     0x00000200L, 0x00000300L, 0x00080200L, 0x00080300L,
-     0x01000200L, 0x01000300L, 0x01080200L, 0x01080300L,
-     0x00000210L, 0x00000310L, 0x00080210L, 0x00080310L,
-     0x01000210L, 0x01000310L, 0x01080210L, 0x01080310L,
-     0x00200200L, 0x00200300L, 0x00280200L, 0x00280300L,
-     0x01200200L, 0x01200300L, 0x01280200L, 0x01280300L,
-     0x00200210L, 0x00200310L, 0x00280210L, 0x00280310L,
-     0x01200210L, 0x01200310L, 0x01280210L, 0x01280310L,
-     },
-    {
-     /* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
-     0x00000000L, 0x04000000L, 0x00040000L, 0x04040000L,
-     0x00000002L, 0x04000002L, 0x00040002L, 0x04040002L,
-     0x00002000L, 0x04002000L, 0x00042000L, 0x04042000L,
-     0x00002002L, 0x04002002L, 0x00042002L, 0x04042002L,
-     0x00000020L, 0x04000020L, 0x00040020L, 0x04040020L,
-     0x00000022L, 0x04000022L, 0x00040022L, 0x04040022L,
-     0x00002020L, 0x04002020L, 0x00042020L, 0x04042020L,
-     0x00002022L, 0x04002022L, 0x00042022L, 0x04042022L,
-     0x00000800L, 0x04000800L, 0x00040800L, 0x04040800L,
-     0x00000802L, 0x04000802L, 0x00040802L, 0x04040802L,
-     0x00002800L, 0x04002800L, 0x00042800L, 0x04042800L,
-     0x00002802L, 0x04002802L, 0x00042802L, 0x04042802L,
-     0x00000820L, 0x04000820L, 0x00040820L, 0x04040820L,
-     0x00000822L, 0x04000822L, 0x00040822L, 0x04040822L,
-     0x00002820L, 0x04002820L, 0x00042820L, 0x04042820L,
-     0x00002822L, 0x04002822L, 0x00042822L, 0x04042822L,
-     }
-};
-
-int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule)
-{
-    if (DES_check_key) {
-        return DES_set_key_checked(key, schedule);
-    } else {
-        DES_set_key_unchecked(key, schedule);
-        return 0;
-    }
-}
-
-/*-
- * return 0 if key parity is odd (correct),
- * return -1 if key parity error,
- * return -2 if illegal weak key.
- */
-int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule)
-{
-    if (!DES_check_key_parity(key))
-        return (-1);
-    if (DES_is_weak_key(key))
-        return (-2);
-    DES_set_key_unchecked(key, schedule);
-    return 0;
-}
-
-void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule)
-#ifdef OPENSSL_FIPS
-{
-    fips_cipher_abort(DES);
-    private_DES_set_key_unchecked(key, schedule);
-}
-
-void private_DES_set_key_unchecked(const_DES_cblock *key,
-                                   DES_key_schedule *schedule)
-#endif
-{
-    static const int shifts2[16] =
-        { 0, 0, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0 };
-    register DES_LONG c, d, t, s, t2;
-    register const unsigned char *in;
-    register DES_LONG *k;
-    register int i;
-
-#ifdef OPENBSD_DEV_CRYPTO
-    memcpy(schedule->key, key, sizeof schedule->key);
-    schedule->session = NULL;
-#endif
-    k = &schedule->ks->deslong[0];
-    in = &(*key)[0];
-
-    c2l(in, c);
-    c2l(in, d);
-
-    /*
-     * do PC1 in 47 simple operations :-) Thanks to John Fletcher
-     * (john_fletcher@lccmail.ocf.llnl.gov) for the inspiration. :-)
-     */
-    PERM_OP(d, c, t, 4, 0x0f0f0f0fL);
-    HPERM_OP(c, t, -2, 0xcccc0000L);
-    HPERM_OP(d, t, -2, 0xcccc0000L);
-    PERM_OP(d, c, t, 1, 0x55555555L);
-    PERM_OP(c, d, t, 8, 0x00ff00ffL);
-    PERM_OP(d, c, t, 1, 0x55555555L);
-    d = (((d & 0x000000ffL) << 16L) | (d & 0x0000ff00L) |
-         ((d & 0x00ff0000L) >> 16L) | ((c & 0xf0000000L) >> 4L));
-    c &= 0x0fffffffL;
-
-    for (i = 0; i < ITERATIONS; i++) {
-        if (shifts2[i]) {
-            c = ((c >> 2L) | (c << 26L));
-            d = ((d >> 2L) | (d << 26L));
-        } else {
-            c = ((c >> 1L) | (c << 27L));
-            d = ((d >> 1L) | (d << 27L));
-        }
-        c &= 0x0fffffffL;
-        d &= 0x0fffffffL;
-        /*
-         * could be a few less shifts but I am to lazy at this point in time
-         * to investigate
-         */
-        s = des_skb[0][(c) & 0x3f] |
-            des_skb[1][((c >> 6L) & 0x03) | ((c >> 7L) & 0x3c)] |
-            des_skb[2][((c >> 13L) & 0x0f) | ((c >> 14L) & 0x30)] |
-            des_skb[3][((c >> 20L) & 0x01) | ((c >> 21L) & 0x06) |
-                       ((c >> 22L) & 0x38)];
-        t = des_skb[4][(d) & 0x3f] |
-            des_skb[5][((d >> 7L) & 0x03) | ((d >> 8L) & 0x3c)] |
-            des_skb[6][(d >> 15L) & 0x3f] |
-            des_skb[7][((d >> 21L) & 0x0f) | ((d >> 22L) & 0x30)];
-
-        /* table contained 0213 4657 */
-        t2 = ((t << 16L) | (s & 0x0000ffffL)) & 0xffffffffL;
-        *(k++) = ROTATE(t2, 30) & 0xffffffffL;
-
-        t2 = ((s >> 16L) | (t & 0xffff0000L));
-        *(k++) = ROTATE(t2, 26) & 0xffffffffL;
-    }
-}
-
-int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule)
-{
-    return (DES_set_key(key, schedule));
-}
-
-/*-
-#undef des_fixup_key_parity
-void des_fixup_key_parity(des_cblock *key)
-        {
-        des_set_odd_parity(key);
-        }
-*/
diff --git a/thirdparty/openssl/crypto/des/speed.c b/thirdparty/openssl/crypto/des/speed.c
deleted file mode 100644
index 9a3d929d29..0000000000
--- a/thirdparty/openssl/crypto/des/speed.c
+++ /dev/null
@@ -1,299 +0,0 @@
-/* crypto/des/speed.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
-/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-# define TIMES
-#endif
-
-#include <stdio.h>
-
-#include <openssl/e_os2.h>
-#include OPENSSL_UNISTD_IO
-OPENSSL_DECLARE_EXIT
-#ifndef OPENSSL_SYS_NETWARE
-# include <signal.h>
-# define crypt(c,s) (des_crypt((c),(s)))
-#endif
-#ifndef _IRIX
-# include <time.h>
-#endif
-#ifdef TIMES
-# include <sys/types.h>
-# include <sys/times.h>
-#endif
-    /*
-     * Depending on the VMS version, the tms structure is perhaps defined.
-     * The __TMS macro will show if it was.  If it wasn't defined, we should
-     * undefine TIMES, since that tells the rest of the program how things
-     * should be handled.  -- Richard Levitte
-     */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-# undef TIMES
-#endif
-#ifndef TIMES
-# include <sys/timeb.h>
-#endif
-#if defined(sun) || defined(__ultrix)
-# define _POSIX_SOURCE
-# include <limits.h>
-# include <sys/param.h>
-#endif
-#include <openssl/des.h>
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-# ifndef CLK_TCK
-#  ifndef _BSD_CLK_TCK_         /* FreeBSD fix */
-#   define HZ   100.0
-#  else                         /* _BSD_CLK_TCK_ */
-#   define HZ ((double)_BSD_CLK_TCK_)
-#  endif
-# else                          /* CLK_TCK */
-#  define HZ ((double)CLK_TCK)
-# endif
-#endif
-#define BUFSIZE ((long)1024)
-long run = 0;
-
-double Time_F(int s);
-#ifdef SIGALRM
-# if defined(__STDC__) || defined(sgi) || defined(_AIX)
-#  define SIGRETTYPE void
-# else
-#  define SIGRETTYPE int
-# endif
-
-SIGRETTYPE sig_done(int sig);
-SIGRETTYPE sig_done(int sig)
-{
-    signal(SIGALRM, sig_done);
-    run = 0;
-# ifdef LINT
-    sig = sig;
-# endif
-}
-#endif
-
-#define START   0
-#define STOP    1
-
-double Time_F(int s)
-{
-    double ret;
-#ifdef TIMES
-    static struct tms tstart, tend;
-
-    if (s == START) {
-        times(&tstart);
-        return (0);
-    } else {
-        times(&tend);
-        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
-        return ((ret == 0.0) ? 1e-6 : ret);
-    }
-#else                           /* !times() */
-    static struct timeb tstart, tend;
-    long i;
-
-    if (s == START) {
-        ftime(&tstart);
-        return (0);
-    } else {
-        ftime(&tend);
-        i = (long)tend.millitm - (long)tstart.millitm;
-        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1e3;
-        return ((ret == 0.0) ? 1e-6 : ret);
-    }
-#endif
-}
-
-int main(int argc, char **argv)
-{
-    long count;
-    static unsigned char buf[BUFSIZE];
-    static DES_cblock key =
-        { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0 };
-    static DES_cblock key2 =
-        { 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12 };
-    static DES_cblock key3 =
-        { 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34 };
-    DES_key_schedule sch, sch2, sch3;
-    double a, b, c, d, e;
-#ifndef SIGALRM
-    long ca, cb, cc, cd, ce;
-#endif
-
-#ifndef TIMES
-    printf("To get the most accurate results, try to run this\n");
-    printf("program when this computer is idle.\n");
-#endif
-
-    DES_set_key_unchecked(&key2, &sch2);
-    DES_set_key_unchecked(&key3, &sch3);
-
-#ifndef SIGALRM
-    printf("First we calculate the approximate speed ...\n");
-    DES_set_key_unchecked(&key, &sch);
-    count = 10;
-    do {
-        long i;
-        DES_LONG data[2];
-
-        count *= 2;
-        Time_F(START);
-        for (i = count; i; i--)
-            DES_encrypt1(data, &sch, DES_ENCRYPT);
-        d = Time_F(STOP);
-    } while (d < 3.0);
-    ca = count;
-    cb = count * 3;
-    cc = count * 3 * 8 / BUFSIZE + 1;
-    cd = count * 8 / BUFSIZE + 1;
-    ce = count / 20 + 1;
-    printf("Doing set_key %ld times\n", ca);
-# define COND(d) (count != (d))
-# define COUNT(d) (d)
-#else
-# define COND(c) (run)
-# define COUNT(d) (count)
-    signal(SIGALRM, sig_done);
-    printf("Doing set_key for 10 seconds\n");
-    alarm(10);
-#endif
-
-    Time_F(START);
-    for (count = 0, run = 1; COND(ca); count++)
-        DES_set_key_unchecked(&key, &sch);
-    d = Time_F(STOP);
-    printf("%ld set_key's in %.2f seconds\n", count, d);
-    a = ((double)COUNT(ca)) / d;
-
-#ifdef SIGALRM
-    printf("Doing DES_encrypt's for 10 seconds\n");
-    alarm(10);
-#else
-    printf("Doing DES_encrypt %ld times\n", cb);
-#endif
-    Time_F(START);
-    for (count = 0, run = 1; COND(cb); count++) {
-        DES_LONG data[2];
-
-        DES_encrypt1(data, &sch, DES_ENCRYPT);
-    }
-    d = Time_F(STOP);
-    printf("%ld DES_encrypt's in %.2f second\n", count, d);
-    b = ((double)COUNT(cb) * 8) / d;
-
-#ifdef SIGALRM
-    printf("Doing DES_cbc_encrypt on %ld byte blocks for 10 seconds\n",
-           BUFSIZE);
-    alarm(10);
-#else
-    printf("Doing DES_cbc_encrypt %ld times on %ld byte blocks\n", cc,
-           BUFSIZE);
-#endif
-    Time_F(START);
-    for (count = 0, run = 1; COND(cc); count++)
-        DES_ncbc_encrypt(buf, buf, BUFSIZE, &sch, &key, DES_ENCRYPT);
-    d = Time_F(STOP);
-    printf("%ld DES_cbc_encrypt's of %ld byte blocks in %.2f second\n",
-           count, BUFSIZE, d);
-    c = ((double)COUNT(cc) * BUFSIZE) / d;
-
-#ifdef SIGALRM
-    printf("Doing DES_ede_cbc_encrypt on %ld byte blocks for 10 seconds\n",
-           BUFSIZE);
-    alarm(10);
-#else
-    printf("Doing DES_ede_cbc_encrypt %ld times on %ld byte blocks\n", cd,
-           BUFSIZE);
-#endif
-    Time_F(START);
-    for (count = 0, run = 1; COND(cd); count++)
-        DES_ede3_cbc_encrypt(buf, buf, BUFSIZE,
-                             &sch, &sch2, &sch3, &key, DES_ENCRYPT);
-    d = Time_F(STOP);
-    printf("%ld DES_ede_cbc_encrypt's of %ld byte blocks in %.2f second\n",
-           count, BUFSIZE, d);
-    d = ((double)COUNT(cd) * BUFSIZE) / d;
-
-#ifdef SIGALRM
-    printf("Doing crypt for 10 seconds\n");
-    alarm(10);
-#else
-    printf("Doing crypt %ld times\n", ce);
-#endif
-    Time_F(START);
-    for (count = 0, run = 1; COND(ce); count++)
-        crypt("testing1", "ef");
-    e = Time_F(STOP);
-    printf("%ld crypts in %.2f second\n", count, e);
-    e = ((double)COUNT(ce)) / e;
-
-    printf("set_key            per sec = %12.2f (%9.3fuS)\n", a, 1.0e6 / a);
-    printf("DES raw ecb bytes  per sec = %12.2f (%9.3fuS)\n", b, 8.0e6 / b);
-    printf("DES cbc bytes      per sec = %12.2f (%9.3fuS)\n", c, 8.0e6 / c);
-    printf("DES ede cbc bytes  per sec = %12.2f (%9.3fuS)\n", d, 8.0e6 / d);
-    printf("crypt              per sec = %12.2f (%9.3fuS)\n", e, 1.0e6 / e);
-    exit(0);
-#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
-    return (0);
-#endif
-}
diff --git a/thirdparty/openssl/crypto/des/spr.h b/thirdparty/openssl/crypto/des/spr.h
deleted file mode 100644
index e85d310052..0000000000
--- a/thirdparty/openssl/crypto/des/spr.h
+++ /dev/null
@@ -1,212 +0,0 @@
-/* crypto/des/spr.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-OPENSSL_GLOBAL const DES_LONG DES_SPtrans[8][64] = {
-    {
-        /* nibble 0 */
-        0x02080800L, 0x00080000L, 0x02000002L, 0x02080802L,
-        0x02000000L, 0x00080802L, 0x00080002L, 0x02000002L,
-        0x00080802L, 0x02080800L, 0x02080000L, 0x00000802L,
-        0x02000802L, 0x02000000L, 0x00000000L, 0x00080002L,
-        0x00080000L, 0x00000002L, 0x02000800L, 0x00080800L,
-        0x02080802L, 0x02080000L, 0x00000802L, 0x02000800L,
-        0x00000002L, 0x00000800L, 0x00080800L, 0x02080002L,
-        0x00000800L, 0x02000802L, 0x02080002L, 0x00000000L,
-        0x00000000L, 0x02080802L, 0x02000800L, 0x00080002L,
-        0x02080800L, 0x00080000L, 0x00000802L, 0x02000800L,
-        0x02080002L, 0x00000800L, 0x00080800L, 0x02000002L,
-        0x00080802L, 0x00000002L, 0x02000002L, 0x02080000L,
-        0x02080802L, 0x00080800L, 0x02080000L, 0x02000802L,
-        0x02000000L, 0x00000802L, 0x00080002L, 0x00000000L,
-        0x00080000L, 0x02000000L, 0x02000802L, 0x02080800L,
-        0x00000002L, 0x02080002L, 0x00000800L, 0x00080802L,
-    },
-    {
-        /* nibble 1 */
-        0x40108010L, 0x00000000L, 0x00108000L, 0x40100000L,
-        0x40000010L, 0x00008010L, 0x40008000L, 0x00108000L,
-        0x00008000L, 0x40100010L, 0x00000010L, 0x40008000L,
-        0x00100010L, 0x40108000L, 0x40100000L, 0x00000010L,
-        0x00100000L, 0x40008010L, 0x40100010L, 0x00008000L,
-        0x00108010L, 0x40000000L, 0x00000000L, 0x00100010L,
-        0x40008010L, 0x00108010L, 0x40108000L, 0x40000010L,
-        0x40000000L, 0x00100000L, 0x00008010L, 0x40108010L,
-        0x00100010L, 0x40108000L, 0x40008000L, 0x00108010L,
-        0x40108010L, 0x00100010L, 0x40000010L, 0x00000000L,
-        0x40000000L, 0x00008010L, 0x00100000L, 0x40100010L,
-        0x00008000L, 0x40000000L, 0x00108010L, 0x40008010L,
-        0x40108000L, 0x00008000L, 0x00000000L, 0x40000010L,
-        0x00000010L, 0x40108010L, 0x00108000L, 0x40100000L,
-        0x40100010L, 0x00100000L, 0x00008010L, 0x40008000L,
-        0x40008010L, 0x00000010L, 0x40100000L, 0x00108000L,
-    },
-    {
-        /* nibble 2 */
-        0x04000001L, 0x04040100L, 0x00000100L, 0x04000101L,
-        0x00040001L, 0x04000000L, 0x04000101L, 0x00040100L,
-        0x04000100L, 0x00040000L, 0x04040000L, 0x00000001L,
-        0x04040101L, 0x00000101L, 0x00000001L, 0x04040001L,
-        0x00000000L, 0x00040001L, 0x04040100L, 0x00000100L,
-        0x00000101L, 0x04040101L, 0x00040000L, 0x04000001L,
-        0x04040001L, 0x04000100L, 0x00040101L, 0x04040000L,
-        0x00040100L, 0x00000000L, 0x04000000L, 0x00040101L,
-        0x04040100L, 0x00000100L, 0x00000001L, 0x00040000L,
-        0x00000101L, 0x00040001L, 0x04040000L, 0x04000101L,
-        0x00000000L, 0x04040100L, 0x00040100L, 0x04040001L,
-        0x00040001L, 0x04000000L, 0x04040101L, 0x00000001L,
-        0x00040101L, 0x04000001L, 0x04000000L, 0x04040101L,
-        0x00040000L, 0x04000100L, 0x04000101L, 0x00040100L,
-        0x04000100L, 0x00000000L, 0x04040001L, 0x00000101L,
-        0x04000001L, 0x00040101L, 0x00000100L, 0x04040000L,
-    },
-    {
-        /* nibble 3 */
-        0x00401008L, 0x10001000L, 0x00000008L, 0x10401008L,
-        0x00000000L, 0x10400000L, 0x10001008L, 0x00400008L,
-        0x10401000L, 0x10000008L, 0x10000000L, 0x00001008L,
-        0x10000008L, 0x00401008L, 0x00400000L, 0x10000000L,
-        0x10400008L, 0x00401000L, 0x00001000L, 0x00000008L,
-        0x00401000L, 0x10001008L, 0x10400000L, 0x00001000L,
-        0x00001008L, 0x00000000L, 0x00400008L, 0x10401000L,
-        0x10001000L, 0x10400008L, 0x10401008L, 0x00400000L,
-        0x10400008L, 0x00001008L, 0x00400000L, 0x10000008L,
-        0x00401000L, 0x10001000L, 0x00000008L, 0x10400000L,
-        0x10001008L, 0x00000000L, 0x00001000L, 0x00400008L,
-        0x00000000L, 0x10400008L, 0x10401000L, 0x00001000L,
-        0x10000000L, 0x10401008L, 0x00401008L, 0x00400000L,
-        0x10401008L, 0x00000008L, 0x10001000L, 0x00401008L,
-        0x00400008L, 0x00401000L, 0x10400000L, 0x10001008L,
-        0x00001008L, 0x10000000L, 0x10000008L, 0x10401000L,
-    },
-    {
-        /* nibble 4 */
-        0x08000000L, 0x00010000L, 0x00000400L, 0x08010420L,
-        0x08010020L, 0x08000400L, 0x00010420L, 0x08010000L,
-        0x00010000L, 0x00000020L, 0x08000020L, 0x00010400L,
-        0x08000420L, 0x08010020L, 0x08010400L, 0x00000000L,
-        0x00010400L, 0x08000000L, 0x00010020L, 0x00000420L,
-        0x08000400L, 0x00010420L, 0x00000000L, 0x08000020L,
-        0x00000020L, 0x08000420L, 0x08010420L, 0x00010020L,
-        0x08010000L, 0x00000400L, 0x00000420L, 0x08010400L,
-        0x08010400L, 0x08000420L, 0x00010020L, 0x08010000L,
-        0x00010000L, 0x00000020L, 0x08000020L, 0x08000400L,
-        0x08000000L, 0x00010400L, 0x08010420L, 0x00000000L,
-        0x00010420L, 0x08000000L, 0x00000400L, 0x00010020L,
-        0x08000420L, 0x00000400L, 0x00000000L, 0x08010420L,
-        0x08010020L, 0x08010400L, 0x00000420L, 0x00010000L,
-        0x00010400L, 0x08010020L, 0x08000400L, 0x00000420L,
-        0x00000020L, 0x00010420L, 0x08010000L, 0x08000020L,
-    },
-    {
-        /* nibble 5 */
-        0x80000040L, 0x00200040L, 0x00000000L, 0x80202000L,
-        0x00200040L, 0x00002000L, 0x80002040L, 0x00200000L,
-        0x00002040L, 0x80202040L, 0x00202000L, 0x80000000L,
-        0x80002000L, 0x80000040L, 0x80200000L, 0x00202040L,
-        0x00200000L, 0x80002040L, 0x80200040L, 0x00000000L,
-        0x00002000L, 0x00000040L, 0x80202000L, 0x80200040L,
-        0x80202040L, 0x80200000L, 0x80000000L, 0x00002040L,
-        0x00000040L, 0x00202000L, 0x00202040L, 0x80002000L,
-        0x00002040L, 0x80000000L, 0x80002000L, 0x00202040L,
-        0x80202000L, 0x00200040L, 0x00000000L, 0x80002000L,
-        0x80000000L, 0x00002000L, 0x80200040L, 0x00200000L,
-        0x00200040L, 0x80202040L, 0x00202000L, 0x00000040L,
-        0x80202040L, 0x00202000L, 0x00200000L, 0x80002040L,
-        0x80000040L, 0x80200000L, 0x00202040L, 0x00000000L,
-        0x00002000L, 0x80000040L, 0x80002040L, 0x80202000L,
-        0x80200000L, 0x00002040L, 0x00000040L, 0x80200040L,
-    },
-    {
-        /* nibble 6 */
-        0x00004000L, 0x00000200L, 0x01000200L, 0x01000004L,
-        0x01004204L, 0x00004004L, 0x00004200L, 0x00000000L,
-        0x01000000L, 0x01000204L, 0x00000204L, 0x01004000L,
-        0x00000004L, 0x01004200L, 0x01004000L, 0x00000204L,
-        0x01000204L, 0x00004000L, 0x00004004L, 0x01004204L,
-        0x00000000L, 0x01000200L, 0x01000004L, 0x00004200L,
-        0x01004004L, 0x00004204L, 0x01004200L, 0x00000004L,
-        0x00004204L, 0x01004004L, 0x00000200L, 0x01000000L,
-        0x00004204L, 0x01004000L, 0x01004004L, 0x00000204L,
-        0x00004000L, 0x00000200L, 0x01000000L, 0x01004004L,
-        0x01000204L, 0x00004204L, 0x00004200L, 0x00000000L,
-        0x00000200L, 0x01000004L, 0x00000004L, 0x01000200L,
-        0x00000000L, 0x01000204L, 0x01000200L, 0x00004200L,
-        0x00000204L, 0x00004000L, 0x01004204L, 0x01000000L,
-        0x01004200L, 0x00000004L, 0x00004004L, 0x01004204L,
-        0x01000004L, 0x01004200L, 0x01004000L, 0x00004004L,
-    },
-    {
-        /* nibble 7 */
-        0x20800080L, 0x20820000L, 0x00020080L, 0x00000000L,
-        0x20020000L, 0x00800080L, 0x20800000L, 0x20820080L,
-        0x00000080L, 0x20000000L, 0x00820000L, 0x00020080L,
-        0x00820080L, 0x20020080L, 0x20000080L, 0x20800000L,
-        0x00020000L, 0x00820080L, 0x00800080L, 0x20020000L,
-        0x20820080L, 0x20000080L, 0x00000000L, 0x00820000L,
-        0x20000000L, 0x00800000L, 0x20020080L, 0x20800080L,
-        0x00800000L, 0x00020000L, 0x20820000L, 0x00000080L,
-        0x00800000L, 0x00020000L, 0x20000080L, 0x20820080L,
-        0x00020080L, 0x20000000L, 0x00000000L, 0x00820000L,
-        0x20800080L, 0x20020080L, 0x20020000L, 0x00800080L,
-        0x20820000L, 0x00000080L, 0x00800080L, 0x20020000L,
-        0x20820080L, 0x00800000L, 0x20800000L, 0x20000080L,
-        0x00820000L, 0x00020080L, 0x20020080L, 0x20800000L,
-        0x00000080L, 0x20820000L, 0x00820080L, 0x00000000L,
-        0x20000000L, 0x20800080L, 0x00020000L, 0x00820080L,
-    }
-};
diff --git a/thirdparty/openssl/crypto/des/str2key.c b/thirdparty/openssl/crypto/des/str2key.c
deleted file mode 100644
index 38a478cf43..0000000000
--- a/thirdparty/openssl/crypto/des/str2key.c
+++ /dev/null
@@ -1,164 +0,0 @@
-/* crypto/des/str2key.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/crypto.h>
-#include "des_locl.h"
-
-void DES_string_to_key(const char *str, DES_cblock *key)
-{
-    DES_key_schedule ks;
-    int i, length;
-    register unsigned char j;
-
-    memset(key, 0, 8);
-    length = strlen(str);
-#ifdef OLD_STR_TO_KEY
-    for (i = 0; i < length; i++)
-        (*key)[i % 8] ^= (str[i] << 1);
-#else                           /* MIT COMPATIBLE */
-    for (i = 0; i < length; i++) {
-        j = str[i];
-        if ((i % 16) < 8)
-            (*key)[i % 8] ^= (j << 1);
-        else {
-            /* Reverse the bit order 05/05/92 eay */
-            j = ((j << 4) & 0xf0) | ((j >> 4) & 0x0f);
-            j = ((j << 2) & 0xcc) | ((j >> 2) & 0x33);
-            j = ((j << 1) & 0xaa) | ((j >> 1) & 0x55);
-            (*key)[7 - (i % 8)] ^= j;
-        }
-    }
-#endif
-    DES_set_odd_parity(key);
-#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
-    if (DES_is_weak_key(key))
-        (*key)[7] ^= 0xF0;
-    DES_set_key(key, &ks);
-#else
-    DES_set_key_unchecked(key, &ks);
-#endif
-    DES_cbc_cksum((const unsigned char *)str, key, length, &ks, key);
-    OPENSSL_cleanse(&ks, sizeof(ks));
-    DES_set_odd_parity(key);
-}
-
-void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2)
-{
-    DES_key_schedule ks;
-    int i, length;
-    register unsigned char j;
-
-    memset(key1, 0, 8);
-    memset(key2, 0, 8);
-    length = strlen(str);
-#ifdef OLD_STR_TO_KEY
-    if (length <= 8) {
-        for (i = 0; i < length; i++) {
-            (*key2)[i] = (*key1)[i] = (str[i] << 1);
-        }
-    } else {
-        for (i = 0; i < length; i++) {
-            if ((i / 8) & 1)
-                (*key2)[i % 8] ^= (str[i] << 1);
-            else
-                (*key1)[i % 8] ^= (str[i] << 1);
-        }
-    }
-#else                           /* MIT COMPATIBLE */
-    for (i = 0; i < length; i++) {
-        j = str[i];
-        if ((i % 32) < 16) {
-            if ((i % 16) < 8)
-                (*key1)[i % 8] ^= (j << 1);
-            else
-                (*key2)[i % 8] ^= (j << 1);
-        } else {
-            j = ((j << 4) & 0xf0) | ((j >> 4) & 0x0f);
-            j = ((j << 2) & 0xcc) | ((j >> 2) & 0x33);
-            j = ((j << 1) & 0xaa) | ((j >> 1) & 0x55);
-            if ((i % 16) < 8)
-                (*key1)[7 - (i % 8)] ^= j;
-            else
-                (*key2)[7 - (i % 8)] ^= j;
-        }
-    }
-    if (length <= 8)
-        memcpy(key2, key1, 8);
-#endif
-    DES_set_odd_parity(key1);
-    DES_set_odd_parity(key2);
-#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
-    if (DES_is_weak_key(key1))
-        (*key1)[7] ^= 0xF0;
-    DES_set_key(key1, &ks);
-#else
-    DES_set_key_unchecked(key1, &ks);
-#endif
-    DES_cbc_cksum((const unsigned char *)str, key1, length, &ks, key1);
-#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
-    if (DES_is_weak_key(key2))
-        (*key2)[7] ^= 0xF0;
-    DES_set_key(key2, &ks);
-#else
-    DES_set_key_unchecked(key2, &ks);
-#endif
-    DES_cbc_cksum((const unsigned char *)str, key2, length, &ks, key2);
-    OPENSSL_cleanse(&ks, sizeof(ks));
-    DES_set_odd_parity(key1);
-    DES_set_odd_parity(key2);
-}
diff --git a/thirdparty/openssl/crypto/des/times/aix.cc b/thirdparty/openssl/crypto/des/times/aix.cc
deleted file mode 100644
index d96b74e2ce..0000000000
--- a/thirdparty/openssl/crypto/des/times/aix.cc
+++ /dev/null
@@ -1,26 +0,0 @@
-From: Paco Garcia <pgarcia@cam.es>
-
-This machine is a Bull Estrella  Minitower Model MT604-100
-Processor        : PPC604 
-P.Speed          : 100Mhz 
-Data/Instr Cache :    16 K
-L2 Cache         :   256 K
-PCI BUS Speed    :    33 Mhz
-TransfRate PCI   :   132 MB/s
-Memory           :    96 MB
-
-options    des ecb/s       
- 4  c p    275118.61 100.0%
- 4  c i    273545.07  99.4%
- 4 r2 p    270441.02  98.3%
- 4 r1 p    253052.15  92.0%
- 4 r2 i    240842.97  87.5%
- 4 r1 i    240556.66  87.4%
-16  c i    224603.99  81.6%
-16  c p    224483.98  81.6%
-16 r2 p    215691.19  78.4%
-16 r1 p    208332.83  75.7%
-16 r1 i    199206.50  72.4%
-16 r2 i    198963.70  72.3%
--DDES_PTR
-
diff --git a/thirdparty/openssl/crypto/des/times/alpha.cc b/thirdparty/openssl/crypto/des/times/alpha.cc
deleted file mode 100644
index 95c17efae7..0000000000
--- a/thirdparty/openssl/crypto/des/times/alpha.cc
+++ /dev/null
@@ -1,18 +0,0 @@
-cc -O2
-DES_LONG is 'unsigned int'
-
-options    des ecb/s
- 4 r2 p    181146.14 100.0%
-16 r2 p    172102.94  95.0%
- 4 r2 i    165424.11  91.3%
-16  c p    160468.64  88.6%
- 4  c p    156653.59  86.5%
- 4  c i    155245.18  85.7%
- 4 r1 p    154729.68  85.4%
-16 r2 i    154137.69  85.1%
-16 r1 p    152357.96  84.1%
-16  c i    148743.91  82.1%
- 4 r1 i    146695.59  81.0%
-16 r1 i    144961.00  80.0%
--DDES_RISC2 -DDES_PTR
-
diff --git a/thirdparty/openssl/crypto/des/times/hpux.cc b/thirdparty/openssl/crypto/des/times/hpux.cc
deleted file mode 100644
index 3de856ddac..0000000000
--- a/thirdparty/openssl/crypto/des/times/hpux.cc
+++ /dev/null
@@ -1,17 +0,0 @@
-HPUX 10 - 9000/887 - cc -D_HPUX_SOURCE -Aa +ESlit +O2 -Wl,-a,archive
-
-options    des ecb/s
-16  c i    149448.90 100.0%
- 4  c i    145861.79  97.6%
-16 r2 i    141710.96  94.8%
-16 r1 i    139455.33  93.3%
- 4 r2 i    138800.00  92.9%
- 4 r1 i    136692.65  91.5%
-16 r2 p    110228.17  73.8%
-16 r1 p    109397.07  73.2%
-16  c p    109209.89  73.1%
- 4  c p    108014.71  72.3%
- 4 r2 p    107873.88  72.2%
- 4 r1 p    107685.83  72.1%
--DDES_UNROLL
-
diff --git a/thirdparty/openssl/crypto/des/times/usparc.cc b/thirdparty/openssl/crypto/des/times/usparc.cc
deleted file mode 100644
index 0864285ef6..0000000000
--- a/thirdparty/openssl/crypto/des/times/usparc.cc
+++ /dev/null
@@ -1,31 +0,0 @@
-solaris 2.5.1 usparc 167mhz?? - SC4.0 cc -fast -Xa -xO5
-
-For the ultra sparc, SunC 4.0 cc -fast -Xa -xO5, running 'des_opts'
-gives a speed of 475,000 des/s while 'speed' gives 417,000 des/s.
-I believe the difference is tied up in optimisation that the compiler
-is able to perform when the code is 'inlined'.  For 'speed', the DES
-routines are being linked from a library.  I'll record the higher
-speed since if performance is everything, you can always inline
-'des_enc.c'.
-
-[ 16-Jan-06 - I've been playing with the
-  '-xtarget=ultra -xarch=v8plus -Xa -xO5 -Xa'
-  and while it makes the des_opts numbers much slower, it makes the
-  actual 'speed' numbers look better which is a realistic version of
-  using the libraries. ]
-
-options    des ecb/s
-16 r1 p    475516.90 100.0%
-16 r2 p    439388.10  92.4%
-16  c i    427001.40  89.8%
-16  c p    419516.50  88.2%
- 4 r2 p    409491.70  86.1%
- 4 r1 p    404266.90  85.0%
- 4  c p    398121.00  83.7%
- 4  c i    370588.40  77.9%
- 4 r1 i    362742.20  76.3%
-16 r2 i    331275.50  69.7%
-16 r1 i    324730.60  68.3%
- 4 r2 i     63535.10  13.4%	<-- very very weird, must be cache problems.
--DDES_UNROLL -DDES_RISC1 -DDES_PTR
-
diff --git a/thirdparty/openssl/crypto/des/typemap b/thirdparty/openssl/crypto/des/typemap
deleted file mode 100644
index a524f53634..0000000000
--- a/thirdparty/openssl/crypto/des/typemap
+++ /dev/null
@@ -1,34 +0,0 @@
-#
-# DES SECTION
-#
-deschar *	T_DESCHARP
-des_cblock *	T_CBLOCK
-des_cblock	T_CBLOCK
-des_key_schedule	T_SCHEDULE
-des_key_schedule *	T_SCHEDULE
-
-INPUT
-T_CBLOCK
-	$var=(des_cblock *)SvPV($arg,len);
-	if (len < DES_KEY_SZ)
-		{
-		croak(\"$var needs to be at least %u bytes long\",DES_KEY_SZ);
-		}
-
-T_SCHEDULE
-	$var=(des_key_schedule *)SvPV($arg,len);
-	if (len < DES_SCHEDULE_SZ)
-		{
-		croak(\"$var needs to be at least %u bytes long\",
-			DES_SCHEDULE_SZ);
-		}
-
-OUTPUT
-T_CBLOCK
-	sv_setpvn($arg,(char *)$var,DES_KEY_SZ);
-
-T_SCHEDULE
-	sv_setpvn($arg,(char *)$var,DES_SCHEDULE_SZ);
-
-T_DESCHARP
-	sv_setpvn($arg,(char *)$var,len);
diff --git a/thirdparty/openssl/crypto/des/xcbc_enc.c b/thirdparty/openssl/crypto/des/xcbc_enc.c
deleted file mode 100644
index 6fe021be75..0000000000
--- a/thirdparty/openssl/crypto/des/xcbc_enc.c
+++ /dev/null
@@ -1,216 +0,0 @@
-/* crypto/des/xcbc_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/* RSA's DESX */
-
-#if 0                           /* broken code, preserved just in case anyone
-                                 * specifically looks for this */
-static const unsigned char desx_white_in2out[256] = {
-    0xBD, 0x56, 0xEA, 0xF2, 0xA2, 0xF1, 0xAC, 0x2A, 0xB0, 0x93, 0xD1, 0x9C,
-    0x1B, 0x33, 0xFD, 0xD0,
-    0x30, 0x04, 0xB6, 0xDC, 0x7D, 0xDF, 0x32, 0x4B, 0xF7, 0xCB, 0x45, 0x9B,
-    0x31, 0xBB, 0x21, 0x5A,
-    0x41, 0x9F, 0xE1, 0xD9, 0x4A, 0x4D, 0x9E, 0xDA, 0xA0, 0x68, 0x2C, 0xC3,
-    0x27, 0x5F, 0x80, 0x36,
-    0x3E, 0xEE, 0xFB, 0x95, 0x1A, 0xFE, 0xCE, 0xA8, 0x34, 0xA9, 0x13, 0xF0,
-    0xA6, 0x3F, 0xD8, 0x0C,
-    0x78, 0x24, 0xAF, 0x23, 0x52, 0xC1, 0x67, 0x17, 0xF5, 0x66, 0x90, 0xE7,
-    0xE8, 0x07, 0xB8, 0x60,
-    0x48, 0xE6, 0x1E, 0x53, 0xF3, 0x92, 0xA4, 0x72, 0x8C, 0x08, 0x15, 0x6E,
-    0x86, 0x00, 0x84, 0xFA,
-    0xF4, 0x7F, 0x8A, 0x42, 0x19, 0xF6, 0xDB, 0xCD, 0x14, 0x8D, 0x50, 0x12,
-    0xBA, 0x3C, 0x06, 0x4E,
-    0xEC, 0xB3, 0x35, 0x11, 0xA1, 0x88, 0x8E, 0x2B, 0x94, 0x99, 0xB7, 0x71,
-    0x74, 0xD3, 0xE4, 0xBF,
-    0x3A, 0xDE, 0x96, 0x0E, 0xBC, 0x0A, 0xED, 0x77, 0xFC, 0x37, 0x6B, 0x03,
-    0x79, 0x89, 0x62, 0xC6,
-    0xD7, 0xC0, 0xD2, 0x7C, 0x6A, 0x8B, 0x22, 0xA3, 0x5B, 0x05, 0x5D, 0x02,
-    0x75, 0xD5, 0x61, 0xE3,
-    0x18, 0x8F, 0x55, 0x51, 0xAD, 0x1F, 0x0B, 0x5E, 0x85, 0xE5, 0xC2, 0x57,
-    0x63, 0xCA, 0x3D, 0x6C,
-    0xB4, 0xC5, 0xCC, 0x70, 0xB2, 0x91, 0x59, 0x0D, 0x47, 0x20, 0xC8, 0x4F,
-    0x58, 0xE0, 0x01, 0xE2,
-    0x16, 0x38, 0xC4, 0x6F, 0x3B, 0x0F, 0x65, 0x46, 0xBE, 0x7E, 0x2D, 0x7B,
-    0x82, 0xF9, 0x40, 0xB5,
-    0x1D, 0x73, 0xF8, 0xEB, 0x26, 0xC7, 0x87, 0x97, 0x25, 0x54, 0xB1, 0x28,
-    0xAA, 0x98, 0x9D, 0xA5,
-    0x64, 0x6D, 0x7A, 0xD4, 0x10, 0x81, 0x44, 0xEF, 0x49, 0xD6, 0xAE, 0x2E,
-    0xDD, 0x76, 0x5C, 0x2F,
-    0xA7, 0x1C, 0xC9, 0x09, 0x69, 0x9A, 0x83, 0xCF, 0x29, 0x39, 0xB9, 0xE9,
-    0x4C, 0xFF, 0x43, 0xAB,
-};
-
-void DES_xwhite_in2out(const_DES_cblock *des_key, const_DES_cblock *in_white,
-                       DES_cblock *out_white)
-{
-    int out0, out1;
-    int i;
-    const unsigned char *key = &(*des_key)[0];
-    const unsigned char *in = &(*in_white)[0];
-    unsigned char *out = &(*out_white)[0];
-
-    out[0] = out[1] = out[2] = out[3] = out[4] = out[5] = out[6] = out[7] = 0;
-    out0 = out1 = 0;
-    for (i = 0; i < 8; i++) {
-        out[i] = key[i] ^ desx_white_in2out[out0 ^ out1];
-        out0 = out1;
-        out1 = (int)out[i & 0x07];
-    }
-
-    out0 = out[0];
-    out1 = out[i];              /* BUG: out-of-bounds read */
-    for (i = 0; i < 8; i++) {
-        out[i] = in[i] ^ desx_white_in2out[out0 ^ out1];
-        out0 = out1;
-        out1 = (int)out[i & 0x07];
-    }
-}
-#endif
-
-void DES_xcbc_encrypt(const unsigned char *in, unsigned char *out,
-                      long length, DES_key_schedule *schedule,
-                      DES_cblock *ivec, const_DES_cblock *inw,
-                      const_DES_cblock *outw, int enc)
-{
-    register DES_LONG tin0, tin1;
-    register DES_LONG tout0, tout1, xor0, xor1;
-    register DES_LONG inW0, inW1, outW0, outW1;
-    register const unsigned char *in2;
-    register long l = length;
-    DES_LONG tin[2];
-    unsigned char *iv;
-
-    in2 = &(*inw)[0];
-    c2l(in2, inW0);
-    c2l(in2, inW1);
-    in2 = &(*outw)[0];
-    c2l(in2, outW0);
-    c2l(in2, outW1);
-
-    iv = &(*ivec)[0];
-
-    if (enc) {
-        c2l(iv, tout0);
-        c2l(iv, tout1);
-        for (l -= 8; l >= 0; l -= 8) {
-            c2l(in, tin0);
-            c2l(in, tin1);
-            tin0 ^= tout0 ^ inW0;
-            tin[0] = tin0;
-            tin1 ^= tout1 ^ inW1;
-            tin[1] = tin1;
-            DES_encrypt1(tin, schedule, DES_ENCRYPT);
-            tout0 = tin[0] ^ outW0;
-            l2c(tout0, out);
-            tout1 = tin[1] ^ outW1;
-            l2c(tout1, out);
-        }
-        if (l != -8) {
-            c2ln(in, tin0, tin1, l + 8);
-            tin0 ^= tout0 ^ inW0;
-            tin[0] = tin0;
-            tin1 ^= tout1 ^ inW1;
-            tin[1] = tin1;
-            DES_encrypt1(tin, schedule, DES_ENCRYPT);
-            tout0 = tin[0] ^ outW0;
-            l2c(tout0, out);
-            tout1 = tin[1] ^ outW1;
-            l2c(tout1, out);
-        }
-        iv = &(*ivec)[0];
-        l2c(tout0, iv);
-        l2c(tout1, iv);
-    } else {
-        c2l(iv, xor0);
-        c2l(iv, xor1);
-        for (l -= 8; l > 0; l -= 8) {
-            c2l(in, tin0);
-            tin[0] = tin0 ^ outW0;
-            c2l(in, tin1);
-            tin[1] = tin1 ^ outW1;
-            DES_encrypt1(tin, schedule, DES_DECRYPT);
-            tout0 = tin[0] ^ xor0 ^ inW0;
-            tout1 = tin[1] ^ xor1 ^ inW1;
-            l2c(tout0, out);
-            l2c(tout1, out);
-            xor0 = tin0;
-            xor1 = tin1;
-        }
-        if (l != -8) {
-            c2l(in, tin0);
-            tin[0] = tin0 ^ outW0;
-            c2l(in, tin1);
-            tin[1] = tin1 ^ outW1;
-            DES_encrypt1(tin, schedule, DES_DECRYPT);
-            tout0 = tin[0] ^ xor0 ^ inW0;
-            tout1 = tin[1] ^ xor1 ^ inW1;
-            l2cn(tout0, tout1, out, l + 8);
-            xor0 = tin0;
-            xor1 = tin1;
-        }
-
-        iv = &(*ivec)[0];
-        l2c(xor0, iv);
-        l2c(xor1, iv);
-    }
-    tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
-    inW0 = inW1 = outW0 = outW1 = 0;
-    tin[0] = tin[1] = 0;
-}
diff --git a/thirdparty/openssl/crypto/dh/dh1024.pem b/thirdparty/openssl/crypto/dh/dh1024.pem
deleted file mode 100644
index 81d43f6a3e..0000000000
--- a/thirdparty/openssl/crypto/dh/dh1024.pem
+++ /dev/null
@@ -1,5 +0,0 @@
------BEGIN DH PARAMETERS-----
-MIGHAoGBAJf2QmHKtQXdKCjhPx1ottPb0PMTBH9A6FbaWMsTuKG/K3g6TG1Z1fkq
-/Gz/PWk/eLI9TzFgqVAuPvr3q14a1aZeVUMTgo2oO5/y2UHe6VaJ+trqCTat3xlx
-/mNbIK9HA2RgPC3gWfVLZQrY+gz3ASHHR5nXWHEyvpuZm7m3h+irAgEC
------END DH PARAMETERS-----
diff --git a/thirdparty/openssl/crypto/dh/dh192.pem b/thirdparty/openssl/crypto/dh/dh192.pem
deleted file mode 100644
index 521c07271d..0000000000
--- a/thirdparty/openssl/crypto/dh/dh192.pem
+++ /dev/null
@@ -1,3 +0,0 @@
------BEGIN DH PARAMETERS-----
-MB4CGQDUoLoCULb9LsYm5+/WN992xxbiLQlEuIsCAQM=
------END DH PARAMETERS-----
diff --git a/thirdparty/openssl/crypto/dh/dh2048.pem b/thirdparty/openssl/crypto/dh/dh2048.pem
deleted file mode 100644
index 295460f508..0000000000
--- a/thirdparty/openssl/crypto/dh/dh2048.pem
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN DH PARAMETERS-----
-MIIBCAKCAQEA7ZKJNYJFVcs7+6J2WmkEYb8h86tT0s0h2v94GRFS8Q7B4lW9aG9o
-AFO5Imov5Jo0H2XMWTKKvbHbSe3fpxJmw/0hBHAY8H/W91hRGXKCeyKpNBgdL8sh
-z22SrkO2qCnHJ6PLAMXy5fsKpFmFor2tRfCzrfnggTXu2YOzzK7q62bmqVdmufEo
-pT8igNcLpvZxk5uBDvhakObMym9mX3rAEBoe8PwttggMYiiw7NuJKO4MqD1llGkW
-aVM8U2ATsCun1IKHrRxynkE1/MJ86VHeYYX8GZt2YA8z+GuzylIOKcMH6JAWzMwA
-Gbatw6QwizOhr9iMjZ0B26TE3X8LvW84wwIBAg==
------END DH PARAMETERS-----
------BEGIN DH PARAMETERS-----
-MIIBCAKCAQEArtA3w73zP6Lu3EOQtwogiXt3AXXpuS6yD4BhzNS1pZFyPHk0/an5
-8ydEkPhQZHKDW+BZJxxPLANaTudWo2YT8TgtvUdN6KSgMiEi6McwqDw+SADuvW+F
-SKUYFxG6VFIxyEP6xBdf+vhJxEDbRG2EYsHDRRtJ76gp9cSKTHusf2R+4AAVGqnt
-gRAbNqtcOar/7FSj+Pl8G3v0Bty0LcCSpbqgYlnv6z+rErQmmC6PPvSz97TDMCok
-yKpCE9hFA1zkqK3TH4FmFvGeIaXJUIBZf4mArWuBTjWFW3nmhESRUn1VK3K3x42N
-a5k6c2+EhrMFiLjxuH6JZoqL0/E93FF9SwIBAg==
------END DH PARAMETERS-----
diff --git a/thirdparty/openssl/crypto/dh/dh4096.pem b/thirdparty/openssl/crypto/dh/dh4096.pem
deleted file mode 100644
index 390943a21d..0000000000
--- a/thirdparty/openssl/crypto/dh/dh4096.pem
+++ /dev/null
@@ -1,14 +0,0 @@
------BEGIN DH PARAMETERS-----
-MIICCAKCAgEA/urRnb6vkPYc/KEGXWnbCIOaKitq7ySIq9dTH7s+Ri59zs77zty7
-vfVlSe6VFTBWgYjD2XKUFmtqq6CqXMhVX5ElUDoYDpAyTH85xqNFLzFC7nKrff/H
-TFKNttp22cZE9V0IPpzedPfnQkE7aUdmF9JnDyv21Z/818O93u1B4r0szdnmEvEF
-bKuIxEHX+bp0ZR7RqE1AeifXGJX3d6tsd2PMAObxwwsv55RGkn50vHO4QxtTARr1
-rRUV5j3B3oPMgC7Offxx+98Xn45B1/G0Prp11anDsR1PGwtaCYipqsvMwQUSJtyE
-EOQWk+yFkeMe4vWv367eEi0Sd/wnC+TSXBE3pYvpYerJ8n1MceI5GQTdarJ77OW9
-bGTHmxRsLSCM1jpLdPja5jjb4siAa6EHc4qN9c/iFKS3PQPJEnX7pXKBRs5f7AF3
-W3RIGt+G9IVNZfXaS7Z/iCpgzgvKCs0VeqN38QsJGtC1aIkwOeyjPNy2G6jJ4yqH
-ovXYt/0mc00vCWeSNS1wren0pR2EiLxX0ypjjgsU1mk/Z3b/+zVf7fZSIB+nDLjb
-NPtUlJCVGnAeBK1J1nG3TQicqowOXoM6ISkdaXj5GPJdXHab2+S7cqhKGv5qC7rR
-jT6sx7RUr0CNTxzLI7muV2/a4tGmj0PSdXQdsZ7tw7gbXlaWT1+MM2MCAQI=
------END DH PARAMETERS-----
-
diff --git a/thirdparty/openssl/crypto/dh/dh512.pem b/thirdparty/openssl/crypto/dh/dh512.pem
deleted file mode 100644
index 0a4d863ebe..0000000000
--- a/thirdparty/openssl/crypto/dh/dh512.pem
+++ /dev/null
@@ -1,4 +0,0 @@
------BEGIN DH PARAMETERS-----
-MEYCQQDaWDwW2YUiidDkr3VvTMqS3UvlM7gE+w/tlO+cikQD7VdGUNNpmdsp13Yn
-a6LT1BLiGPTdHghM9tgAPnxHdOgzAgEC
------END DH PARAMETERS-----
diff --git a/thirdparty/openssl/crypto/dh/dh_ameth.c b/thirdparty/openssl/crypto/dh/dh_ameth.c
deleted file mode 100644
index 4558283576..0000000000
--- a/thirdparty/openssl/crypto/dh/dh_ameth.c
+++ /dev/null
@@ -1,957 +0,0 @@
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-#include <openssl/dh.h>
-#include <openssl/bn.h>
-#include "asn1_locl.h"
-#ifndef OPENSSL_NO_CMS
-# include <openssl/cms.h>
-#endif
-
-extern const EVP_PKEY_ASN1_METHOD dhx_asn1_meth;
-
-/*
- * i2d/d2i like DH parameter functions which use the appropriate routine for
- * PKCS#3 DH or X9.42 DH.
- */
-
-static DH *d2i_dhp(const EVP_PKEY *pkey, const unsigned char **pp,
-                   long length)
-{
-    if (pkey->ameth == &dhx_asn1_meth)
-        return d2i_DHxparams(NULL, pp, length);
-    return d2i_DHparams(NULL, pp, length);
-}
-
-static int i2d_dhp(const EVP_PKEY *pkey, const DH *a, unsigned char **pp)
-{
-    if (pkey->ameth == &dhx_asn1_meth)
-        return i2d_DHxparams(a, pp);
-    return i2d_DHparams(a, pp);
-}
-
-static void int_dh_free(EVP_PKEY *pkey)
-{
-    DH_free(pkey->pkey.dh);
-}
-
-static int dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
-{
-    const unsigned char *p, *pm;
-    int pklen, pmlen;
-    int ptype;
-    void *pval;
-    ASN1_STRING *pstr;
-    X509_ALGOR *palg;
-    ASN1_INTEGER *public_key = NULL;
-
-    DH *dh = NULL;
-
-    if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
-        return 0;
-    X509_ALGOR_get0(NULL, &ptype, &pval, palg);
-
-    if (ptype != V_ASN1_SEQUENCE) {
-        DHerr(DH_F_DH_PUB_DECODE, DH_R_PARAMETER_ENCODING_ERROR);
-        goto err;
-    }
-
-    pstr = pval;
-    pm = pstr->data;
-    pmlen = pstr->length;
-
-    if (!(dh = d2i_dhp(pkey, &pm, pmlen))) {
-        DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
-        goto err;
-    }
-
-    if (!(public_key = d2i_ASN1_INTEGER(NULL, &p, pklen))) {
-        DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
-        goto err;
-    }
-
-    /* We have parameters now set public key */
-    if (!(dh->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) {
-        DHerr(DH_F_DH_PUB_DECODE, DH_R_BN_DECODE_ERROR);
-        goto err;
-    }
-
-    ASN1_INTEGER_free(public_key);
-    EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, dh);
-    return 1;
-
- err:
-    if (public_key)
-        ASN1_INTEGER_free(public_key);
-    if (dh)
-        DH_free(dh);
-    return 0;
-
-}
-
-static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
-{
-    DH *dh;
-    int ptype;
-    unsigned char *penc = NULL;
-    int penclen;
-    ASN1_STRING *str;
-    ASN1_INTEGER *pub_key = NULL;
-
-    dh = pkey->pkey.dh;
-
-    str = ASN1_STRING_new();
-    if (!str) {
-        DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    str->length = i2d_dhp(pkey, dh, &str->data);
-    if (str->length <= 0) {
-        DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    ptype = V_ASN1_SEQUENCE;
-
-    pub_key = BN_to_ASN1_INTEGER(dh->pub_key, NULL);
-    if (!pub_key)
-        goto err;
-
-    penclen = i2d_ASN1_INTEGER(pub_key, &penc);
-
-    ASN1_INTEGER_free(pub_key);
-
-    if (penclen <= 0) {
-        DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(pkey->ameth->pkey_id),
-                               ptype, str, penc, penclen))
-        return 1;
-
- err:
-    if (penc)
-        OPENSSL_free(penc);
-    if (str)
-        ASN1_STRING_free(str);
-
-    return 0;
-}
-
-/*
- * PKCS#8 DH is defined in PKCS#11 of all places. It is similar to DH in that
- * the AlgorithmIdentifier contains the paramaters, the private key is
- * explcitly included and the pubkey must be recalculated.
- */
-
-static int dh_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
-{
-    const unsigned char *p, *pm;
-    int pklen, pmlen;
-    int ptype;
-    void *pval;
-    ASN1_STRING *pstr;
-    X509_ALGOR *palg;
-    ASN1_INTEGER *privkey = NULL;
-
-    DH *dh = NULL;
-
-    if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
-        return 0;
-
-    X509_ALGOR_get0(NULL, &ptype, &pval, palg);
-
-    if (ptype != V_ASN1_SEQUENCE)
-        goto decerr;
-
-    if (!(privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)))
-        goto decerr;
-
-    pstr = pval;
-    pm = pstr->data;
-    pmlen = pstr->length;
-    if (!(dh = d2i_dhp(pkey, &pm, pmlen)))
-        goto decerr;
-    /* We have parameters now set private key */
-    if (!(dh->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
-        DHerr(DH_F_DH_PRIV_DECODE, DH_R_BN_ERROR);
-        goto dherr;
-    }
-    /* Calculate public key */
-    if (!DH_generate_key(dh))
-        goto dherr;
-
-    EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, dh);
-
-    ASN1_STRING_clear_free(privkey);
-
-    return 1;
-
- decerr:
-    DHerr(DH_F_DH_PRIV_DECODE, EVP_R_DECODE_ERROR);
- dherr:
-    DH_free(dh);
-    ASN1_STRING_clear_free(privkey);
-    return 0;
-}
-
-static int dh_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
-{
-    ASN1_STRING *params = NULL;
-    ASN1_INTEGER *prkey = NULL;
-    unsigned char *dp = NULL;
-    int dplen;
-
-    params = ASN1_STRING_new();
-
-    if (!params) {
-        DHerr(DH_F_DH_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    params->length = i2d_dhp(pkey, pkey->pkey.dh, &params->data);
-    if (params->length <= 0) {
-        DHerr(DH_F_DH_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    params->type = V_ASN1_SEQUENCE;
-
-    /* Get private key into integer */
-    prkey = BN_to_ASN1_INTEGER(pkey->pkey.dh->priv_key, NULL);
-
-    if (!prkey) {
-        DHerr(DH_F_DH_PRIV_ENCODE, DH_R_BN_ERROR);
-        goto err;
-    }
-
-    dplen = i2d_ASN1_INTEGER(prkey, &dp);
-
-    ASN1_STRING_clear_free(prkey);
-    prkey = NULL;
-
-    if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(pkey->ameth->pkey_id), 0,
-                         V_ASN1_SEQUENCE, params, dp, dplen))
-        goto err;
-
-    return 1;
-
- err:
-    if (dp != NULL)
-        OPENSSL_free(dp);
-    if (params != NULL)
-        ASN1_STRING_free(params);
-    if (prkey != NULL)
-        ASN1_STRING_clear_free(prkey);
-    return 0;
-}
-
-static void update_buflen(const BIGNUM *b, size_t *pbuflen)
-{
-    size_t i;
-    if (!b)
-        return;
-    if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
-        *pbuflen = i;
-}
-
-static int dh_param_decode(EVP_PKEY *pkey,
-                           const unsigned char **pder, int derlen)
-{
-    DH *dh;
-    if (!(dh = d2i_dhp(pkey, pder, derlen))) {
-        DHerr(DH_F_DH_PARAM_DECODE, ERR_R_DH_LIB);
-        return 0;
-    }
-    EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, dh);
-    return 1;
-}
-
-static int dh_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
-{
-    return i2d_dhp(pkey, pkey->pkey.dh, pder);
-}
-
-static int do_dh_print(BIO *bp, const DH *x, int indent,
-                       ASN1_PCTX *ctx, int ptype)
-{
-    unsigned char *m = NULL;
-    int reason = ERR_R_BUF_LIB, ret = 0;
-    size_t buf_len = 0;
-
-    const char *ktype = NULL;
-
-    BIGNUM *priv_key, *pub_key;
-
-    if (ptype == 2)
-        priv_key = x->priv_key;
-    else
-        priv_key = NULL;
-
-    if (ptype > 0)
-        pub_key = x->pub_key;
-    else
-        pub_key = NULL;
-
-    update_buflen(x->p, &buf_len);
-
-    if (buf_len == 0) {
-        reason = ERR_R_PASSED_NULL_PARAMETER;
-        goto err;
-    }
-
-    update_buflen(x->g, &buf_len);
-    update_buflen(x->q, &buf_len);
-    update_buflen(x->j, &buf_len);
-    update_buflen(x->counter, &buf_len);
-    update_buflen(pub_key, &buf_len);
-    update_buflen(priv_key, &buf_len);
-
-    if (ptype == 2)
-        ktype = "DH Private-Key";
-    else if (ptype == 1)
-        ktype = "DH Public-Key";
-    else
-        ktype = "DH Parameters";
-
-    m = OPENSSL_malloc(buf_len + 10);
-    if (m == NULL) {
-        reason = ERR_R_MALLOC_FAILURE;
-        goto err;
-    }
-
-    BIO_indent(bp, indent, 128);
-    if (BIO_printf(bp, "%s: (%d bit)\n", ktype, BN_num_bits(x->p)) <= 0)
-        goto err;
-    indent += 4;
-
-    if (!ASN1_bn_print(bp, "private-key:", priv_key, m, indent))
-        goto err;
-    if (!ASN1_bn_print(bp, "public-key:", pub_key, m, indent))
-        goto err;
-
-    if (!ASN1_bn_print(bp, "prime:", x->p, m, indent))
-        goto err;
-    if (!ASN1_bn_print(bp, "generator:", x->g, m, indent))
-        goto err;
-    if (x->q && !ASN1_bn_print(bp, "subgroup order:", x->q, m, indent))
-        goto err;
-    if (x->j && !ASN1_bn_print(bp, "subgroup factor:", x->j, m, indent))
-        goto err;
-    if (x->seed) {
-        int i;
-        BIO_indent(bp, indent, 128);
-        BIO_puts(bp, "seed:");
-        for (i = 0; i < x->seedlen; i++) {
-            if ((i % 15) == 0) {
-                if (BIO_puts(bp, "\n") <= 0
-                    || !BIO_indent(bp, indent + 4, 128))
-                    goto err;
-            }
-            if (BIO_printf(bp, "%02x%s", x->seed[i],
-                           ((i + 1) == x->seedlen) ? "" : ":") <= 0)
-                goto err;
-        }
-        if (BIO_write(bp, "\n", 1) <= 0)
-            return (0);
-    }
-    if (x->counter && !ASN1_bn_print(bp, "counter:", x->counter, m, indent))
-        goto err;
-    if (x->length != 0) {
-        BIO_indent(bp, indent, 128);
-        if (BIO_printf(bp, "recommended-private-length: %d bits\n",
-                       (int)x->length) <= 0)
-            goto err;
-    }
-
-    ret = 1;
-    if (0) {
- err:
-        DHerr(DH_F_DO_DH_PRINT, reason);
-    }
-    if (m != NULL)
-        OPENSSL_free(m);
-    return (ret);
-}
-
-static int int_dh_size(const EVP_PKEY *pkey)
-{
-    return (DH_size(pkey->pkey.dh));
-}
-
-static int dh_bits(const EVP_PKEY *pkey)
-{
-    return BN_num_bits(pkey->pkey.dh->p);
-}
-
-static int dh_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
-{
-    if (BN_cmp(a->pkey.dh->p, b->pkey.dh->p) ||
-        BN_cmp(a->pkey.dh->g, b->pkey.dh->g))
-        return 0;
-    else if (a->ameth == &dhx_asn1_meth) {
-        if (BN_cmp(a->pkey.dh->q, b->pkey.dh->q))
-            return 0;
-    }
-    return 1;
-}
-
-static int int_dh_bn_cpy(BIGNUM **dst, const BIGNUM *src)
-{
-    BIGNUM *a;
-    if (src) {
-        a = BN_dup(src);
-        if (!a)
-            return 0;
-    } else
-        a = NULL;
-    if (*dst)
-        BN_free(*dst);
-    *dst = a;
-    return 1;
-}
-
-static int int_dh_param_copy(DH *to, const DH *from, int is_x942)
-{
-    if (is_x942 == -1)
-        is_x942 = ! !from->q;
-    if (!int_dh_bn_cpy(&to->p, from->p))
-        return 0;
-    if (!int_dh_bn_cpy(&to->g, from->g))
-        return 0;
-    if (is_x942) {
-        if (!int_dh_bn_cpy(&to->q, from->q))
-            return 0;
-        if (!int_dh_bn_cpy(&to->j, from->j))
-            return 0;
-        if (to->seed) {
-            OPENSSL_free(to->seed);
-            to->seed = NULL;
-            to->seedlen = 0;
-        }
-        if (from->seed) {
-            to->seed = BUF_memdup(from->seed, from->seedlen);
-            if (!to->seed)
-                return 0;
-            to->seedlen = from->seedlen;
-        }
-    } else
-        to->length = from->length;
-    return 1;
-}
-
-DH *DHparams_dup(DH *dh)
-{
-    DH *ret;
-    ret = DH_new();
-    if (!ret)
-        return NULL;
-    if (!int_dh_param_copy(ret, dh, -1)) {
-        DH_free(ret);
-        return NULL;
-    }
-    return ret;
-}
-
-static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
-{
-    return int_dh_param_copy(to->pkey.dh, from->pkey.dh,
-                             from->ameth == &dhx_asn1_meth);
-}
-
-static int dh_missing_parameters(const EVP_PKEY *a)
-{
-    if (a->pkey.dh == NULL || a->pkey.dh->p == NULL || a->pkey.dh->g == NULL)
-        return 1;
-    return 0;
-}
-
-static int dh_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
-{
-    if (dh_cmp_parameters(a, b) == 0)
-        return 0;
-    if (BN_cmp(b->pkey.dh->pub_key, a->pkey.dh->pub_key) != 0)
-        return 0;
-    else
-        return 1;
-}
-
-static int dh_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
-                          ASN1_PCTX *ctx)
-{
-    return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 0);
-}
-
-static int dh_public_print(BIO *bp, const EVP_PKEY *pkey, int indent,
-                           ASN1_PCTX *ctx)
-{
-    return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 1);
-}
-
-static int dh_private_print(BIO *bp, const EVP_PKEY *pkey, int indent,
-                            ASN1_PCTX *ctx)
-{
-    return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 2);
-}
-
-int DHparams_print(BIO *bp, const DH *x)
-{
-    return do_dh_print(bp, x, 4, NULL, 0);
-}
-
-#ifndef OPENSSL_NO_CMS
-static int dh_cms_decrypt(CMS_RecipientInfo *ri);
-static int dh_cms_encrypt(CMS_RecipientInfo *ri);
-#endif
-
-static int dh_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
-{
-    switch (op) {
-#ifndef OPENSSL_NO_CMS
-
-    case ASN1_PKEY_CTRL_CMS_ENVELOPE:
-        if (arg1 == 1)
-            return dh_cms_decrypt(arg2);
-        else if (arg1 == 0)
-            return dh_cms_encrypt(arg2);
-        return -2;
-
-    case ASN1_PKEY_CTRL_CMS_RI_TYPE:
-        *(int *)arg2 = CMS_RECIPINFO_AGREE;
-        return 1;
-#endif
-    default:
-        return -2;
-    }
-
-}
-
-const EVP_PKEY_ASN1_METHOD dh_asn1_meth = {
-    EVP_PKEY_DH,
-    EVP_PKEY_DH,
-    0,
-
-    "DH",
-    "OpenSSL PKCS#3 DH method",
-
-    dh_pub_decode,
-    dh_pub_encode,
-    dh_pub_cmp,
-    dh_public_print,
-
-    dh_priv_decode,
-    dh_priv_encode,
-    dh_private_print,
-
-    int_dh_size,
-    dh_bits,
-
-    dh_param_decode,
-    dh_param_encode,
-    dh_missing_parameters,
-    dh_copy_parameters,
-    dh_cmp_parameters,
-    dh_param_print,
-    0,
-
-    int_dh_free,
-    0
-};
-
-const EVP_PKEY_ASN1_METHOD dhx_asn1_meth = {
-    EVP_PKEY_DHX,
-    EVP_PKEY_DHX,
-    0,
-
-    "X9.42 DH",
-    "OpenSSL X9.42 DH method",
-
-    dh_pub_decode,
-    dh_pub_encode,
-    dh_pub_cmp,
-    dh_public_print,
-
-    dh_priv_decode,
-    dh_priv_encode,
-    dh_private_print,
-
-    int_dh_size,
-    dh_bits,
-
-    dh_param_decode,
-    dh_param_encode,
-    dh_missing_parameters,
-    dh_copy_parameters,
-    dh_cmp_parameters,
-    dh_param_print,
-    0,
-
-    int_dh_free,
-    dh_pkey_ctrl
-};
-
-#ifndef OPENSSL_NO_CMS
-
-static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
-                              X509_ALGOR *alg, ASN1_BIT_STRING *pubkey)
-{
-    ASN1_OBJECT *aoid;
-    int atype;
-    void *aval;
-    ASN1_INTEGER *public_key = NULL;
-    int rv = 0;
-    EVP_PKEY *pkpeer = NULL, *pk = NULL;
-    DH *dhpeer = NULL;
-    const unsigned char *p;
-    int plen;
-
-    X509_ALGOR_get0(&aoid, &atype, &aval, alg);
-    if (OBJ_obj2nid(aoid) != NID_dhpublicnumber)
-        goto err;
-    /* Only absent parameters allowed in RFC XXXX */
-    if (atype != V_ASN1_UNDEF && atype == V_ASN1_NULL)
-        goto err;
-
-    pk = EVP_PKEY_CTX_get0_pkey(pctx);
-    if (!pk)
-        goto err;
-    if (pk->type != EVP_PKEY_DHX)
-        goto err;
-    /* Get parameters from parent key */
-    dhpeer = DHparams_dup(pk->pkey.dh);
-    /* We have parameters now set public key */
-    plen = ASN1_STRING_length(pubkey);
-    p = ASN1_STRING_data(pubkey);
-    if (!p || !plen)
-        goto err;
-
-    if (!(public_key = d2i_ASN1_INTEGER(NULL, &p, plen))) {
-        DHerr(DH_F_DH_CMS_SET_PEERKEY, DH_R_DECODE_ERROR);
-        goto err;
-    }
-
-    /* We have parameters now set public key */
-    if (!(dhpeer->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) {
-        DHerr(DH_F_DH_CMS_SET_PEERKEY, DH_R_BN_DECODE_ERROR);
-        goto err;
-    }
-
-    pkpeer = EVP_PKEY_new();
-    if (!pkpeer)
-        goto err;
-    EVP_PKEY_assign(pkpeer, pk->ameth->pkey_id, dhpeer);
-    dhpeer = NULL;
-    if (EVP_PKEY_derive_set_peer(pctx, pkpeer) > 0)
-        rv = 1;
- err:
-    if (public_key)
-        ASN1_INTEGER_free(public_key);
-    if (pkpeer)
-        EVP_PKEY_free(pkpeer);
-    if (dhpeer)
-        DH_free(dhpeer);
-    return rv;
-}
-
-static int dh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri)
-{
-    int rv = 0;
-
-    X509_ALGOR *alg, *kekalg = NULL;
-    ASN1_OCTET_STRING *ukm;
-    const unsigned char *p;
-    unsigned char *dukm = NULL;
-    size_t dukmlen = 0;
-    int keylen, plen;
-    const EVP_CIPHER *kekcipher;
-    EVP_CIPHER_CTX *kekctx;
-
-    if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm))
-        goto err;
-
-    /*
-     * For DH we only have one OID permissible. If ever any more get defined
-     * we will need something cleverer.
-     */
-    if (OBJ_obj2nid(alg->algorithm) != NID_id_smime_alg_ESDH) {
-        DHerr(DH_F_DH_CMS_SET_SHARED_INFO, DH_R_KDF_PARAMETER_ERROR);
-        goto err;
-    }
-
-    if (EVP_PKEY_CTX_set_dh_kdf_type(pctx, EVP_PKEY_DH_KDF_X9_42) <= 0)
-        goto err;
-
-    if (EVP_PKEY_CTX_set_dh_kdf_md(pctx, EVP_sha1()) <= 0)
-        goto err;
-
-    if (alg->parameter->type != V_ASN1_SEQUENCE)
-        goto err;
-
-    p = alg->parameter->value.sequence->data;
-    plen = alg->parameter->value.sequence->length;
-    kekalg = d2i_X509_ALGOR(NULL, &p, plen);
-    if (!kekalg)
-        goto err;
-    kekctx = CMS_RecipientInfo_kari_get0_ctx(ri);
-    if (!kekctx)
-        goto err;
-    kekcipher = EVP_get_cipherbyobj(kekalg->algorithm);
-    if (!kekcipher || EVP_CIPHER_mode(kekcipher) != EVP_CIPH_WRAP_MODE)
-        goto err;
-    if (!EVP_EncryptInit_ex(kekctx, kekcipher, NULL, NULL, NULL))
-        goto err;
-    if (EVP_CIPHER_asn1_to_param(kekctx, kekalg->parameter) <= 0)
-        goto err;
-
-    keylen = EVP_CIPHER_CTX_key_length(kekctx);
-    if (EVP_PKEY_CTX_set_dh_kdf_outlen(pctx, keylen) <= 0)
-        goto err;
-    /* Use OBJ_nid2obj to ensure we use built in OID that isn't freed */
-    if (EVP_PKEY_CTX_set0_dh_kdf_oid(pctx,
-                                     OBJ_nid2obj(EVP_CIPHER_type(kekcipher)))
-        <= 0)
-        goto err;
-
-    if (ukm) {
-        dukmlen = ASN1_STRING_length(ukm);
-        dukm = BUF_memdup(ASN1_STRING_data(ukm), dukmlen);
-        if (!dukm)
-            goto err;
-    }
-
-    if (EVP_PKEY_CTX_set0_dh_kdf_ukm(pctx, dukm, dukmlen) <= 0)
-        goto err;
-    dukm = NULL;
-
-    rv = 1;
- err:
-    if (kekalg)
-        X509_ALGOR_free(kekalg);
-    if (dukm)
-        OPENSSL_free(dukm);
-    return rv;
-}
-
-static int dh_cms_decrypt(CMS_RecipientInfo *ri)
-{
-    EVP_PKEY_CTX *pctx;
-    pctx = CMS_RecipientInfo_get0_pkey_ctx(ri);
-    if (!pctx)
-        return 0;
-    /* See if we need to set peer key */
-    if (!EVP_PKEY_CTX_get0_peerkey(pctx)) {
-        X509_ALGOR *alg;
-        ASN1_BIT_STRING *pubkey;
-        if (!CMS_RecipientInfo_kari_get0_orig_id(ri, &alg, &pubkey,
-                                                 NULL, NULL, NULL))
-            return 0;
-        if (!alg || !pubkey)
-            return 0;
-        if (!dh_cms_set_peerkey(pctx, alg, pubkey)) {
-            DHerr(DH_F_DH_CMS_DECRYPT, DH_R_PEER_KEY_ERROR);
-            return 0;
-        }
-    }
-    /* Set DH derivation parameters and initialise unwrap context */
-    if (!dh_cms_set_shared_info(pctx, ri)) {
-        DHerr(DH_F_DH_CMS_DECRYPT, DH_R_SHARED_INFO_ERROR);
-        return 0;
-    }
-    return 1;
-}
-
-static int dh_cms_encrypt(CMS_RecipientInfo *ri)
-{
-    EVP_PKEY_CTX *pctx;
-    EVP_PKEY *pkey;
-    EVP_CIPHER_CTX *ctx;
-    int keylen;
-    X509_ALGOR *talg, *wrap_alg = NULL;
-    ASN1_OBJECT *aoid;
-    ASN1_BIT_STRING *pubkey;
-    ASN1_STRING *wrap_str;
-    ASN1_OCTET_STRING *ukm;
-    unsigned char *penc = NULL, *dukm = NULL;
-    int penclen;
-    size_t dukmlen = 0;
-    int rv = 0;
-    int kdf_type, wrap_nid;
-    const EVP_MD *kdf_md;
-    pctx = CMS_RecipientInfo_get0_pkey_ctx(ri);
-    if (!pctx)
-        return 0;
-    /* Get ephemeral key */
-    pkey = EVP_PKEY_CTX_get0_pkey(pctx);
-    if (!CMS_RecipientInfo_kari_get0_orig_id(ri, &talg, &pubkey,
-                                             NULL, NULL, NULL))
-        goto err;
-    X509_ALGOR_get0(&aoid, NULL, NULL, talg);
-    /* Is everything uninitialised? */
-    if (aoid == OBJ_nid2obj(NID_undef)) {
-        ASN1_INTEGER *pubk;
-        pubk = BN_to_ASN1_INTEGER(pkey->pkey.dh->pub_key, NULL);
-        if (!pubk)
-            goto err;
-        /* Set the key */
-
-        penclen = i2d_ASN1_INTEGER(pubk, &penc);
-        ASN1_INTEGER_free(pubk);
-        if (penclen <= 0)
-            goto err;
-        ASN1_STRING_set0(pubkey, penc, penclen);
-        pubkey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
-        pubkey->flags |= ASN1_STRING_FLAG_BITS_LEFT;
-
-        penc = NULL;
-        X509_ALGOR_set0(talg, OBJ_nid2obj(NID_dhpublicnumber),
-                        V_ASN1_UNDEF, NULL);
-    }
-
-    /* See if custom paraneters set */
-    kdf_type = EVP_PKEY_CTX_get_dh_kdf_type(pctx);
-    if (kdf_type <= 0)
-        goto err;
-    if (!EVP_PKEY_CTX_get_dh_kdf_md(pctx, &kdf_md))
-        goto err;
-
-    if (kdf_type == EVP_PKEY_DH_KDF_NONE) {
-        kdf_type = EVP_PKEY_DH_KDF_X9_42;
-        if (EVP_PKEY_CTX_set_dh_kdf_type(pctx, kdf_type) <= 0)
-            goto err;
-    } else if (kdf_type != EVP_PKEY_DH_KDF_X9_42)
-        /* Unknown KDF */
-        goto err;
-    if (kdf_md == NULL) {
-        /* Only SHA1 supported */
-        kdf_md = EVP_sha1();
-        if (EVP_PKEY_CTX_set_dh_kdf_md(pctx, kdf_md) <= 0)
-            goto err;
-    } else if (EVP_MD_type(kdf_md) != NID_sha1)
-        /* Unsupported digest */
-        goto err;
-
-    if (!CMS_RecipientInfo_kari_get0_alg(ri, &talg, &ukm))
-        goto err;
-
-    /* Get wrap NID */
-    ctx = CMS_RecipientInfo_kari_get0_ctx(ri);
-    wrap_nid = EVP_CIPHER_CTX_type(ctx);
-    if (EVP_PKEY_CTX_set0_dh_kdf_oid(pctx, OBJ_nid2obj(wrap_nid)) <= 0)
-        goto err;
-    keylen = EVP_CIPHER_CTX_key_length(ctx);
-
-    /* Package wrap algorithm in an AlgorithmIdentifier */
-
-    wrap_alg = X509_ALGOR_new();
-    if (!wrap_alg)
-        goto err;
-    wrap_alg->algorithm = OBJ_nid2obj(wrap_nid);
-    wrap_alg->parameter = ASN1_TYPE_new();
-    if (!wrap_alg->parameter)
-        goto err;
-    if (EVP_CIPHER_param_to_asn1(ctx, wrap_alg->parameter) <= 0)
-        goto err;
-    if (ASN1_TYPE_get(wrap_alg->parameter) == NID_undef) {
-        ASN1_TYPE_free(wrap_alg->parameter);
-        wrap_alg->parameter = NULL;
-    }
-
-    if (EVP_PKEY_CTX_set_dh_kdf_outlen(pctx, keylen) <= 0)
-        goto err;
-
-    if (ukm) {
-        dukmlen = ASN1_STRING_length(ukm);
-        dukm = BUF_memdup(ASN1_STRING_data(ukm), dukmlen);
-        if (!dukm)
-            goto err;
-    }
-
-    if (EVP_PKEY_CTX_set0_dh_kdf_ukm(pctx, dukm, dukmlen) <= 0)
-        goto err;
-    dukm = NULL;
-
-    /*
-     * Now need to wrap encoding of wrap AlgorithmIdentifier into parameter
-     * of another AlgorithmIdentifier.
-     */
-    penc = NULL;
-    penclen = i2d_X509_ALGOR(wrap_alg, &penc);
-    if (!penc || !penclen)
-        goto err;
-    wrap_str = ASN1_STRING_new();
-    if (!wrap_str)
-        goto err;
-    ASN1_STRING_set0(wrap_str, penc, penclen);
-    penc = NULL;
-    X509_ALGOR_set0(talg, OBJ_nid2obj(NID_id_smime_alg_ESDH),
-                    V_ASN1_SEQUENCE, wrap_str);
-
-    rv = 1;
-
- err:
-    if (penc)
-        OPENSSL_free(penc);
-    if (wrap_alg)
-        X509_ALGOR_free(wrap_alg);
-    return rv;
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/dh/dh_asn1.c b/thirdparty/openssl/crypto/dh/dh_asn1.c
deleted file mode 100644
index f470214399..0000000000
--- a/thirdparty/openssl/crypto/dh/dh_asn1.c
+++ /dev/null
@@ -1,189 +0,0 @@
-/* dh_asn1.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/objects.h>
-#include <openssl/asn1t.h>
-
-/* Override the default free and new methods */
-static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                 void *exarg)
-{
-    if (operation == ASN1_OP_NEW_PRE) {
-        *pval = (ASN1_VALUE *)DH_new();
-        if (*pval)
-            return 2;
-        return 0;
-    } else if (operation == ASN1_OP_FREE_PRE) {
-        DH_free((DH *)*pval);
-        *pval = NULL;
-        return 2;
-    }
-    return 1;
-}
-
-ASN1_SEQUENCE_cb(DHparams, dh_cb) = {
-        ASN1_SIMPLE(DH, p, BIGNUM),
-        ASN1_SIMPLE(DH, g, BIGNUM),
-        ASN1_OPT(DH, length, ZLONG),
-} ASN1_SEQUENCE_END_cb(DH, DHparams)
-
-IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DH, DHparams, DHparams)
-
-/*
- * Internal only structures for handling X9.42 DH: this gets translated to or
- * from a DH structure straight away.
- */
-
-typedef struct {
-    ASN1_BIT_STRING *seed;
-    BIGNUM *counter;
-} int_dhvparams;
-
-typedef struct {
-    BIGNUM *p;
-    BIGNUM *q;
-    BIGNUM *g;
-    BIGNUM *j;
-    int_dhvparams *vparams;
-} int_dhx942_dh;
-
-ASN1_SEQUENCE(DHvparams) = {
-        ASN1_SIMPLE(int_dhvparams, seed, ASN1_BIT_STRING),
-        ASN1_SIMPLE(int_dhvparams, counter, BIGNUM)
-} ASN1_SEQUENCE_END_name(int_dhvparams, DHvparams)
-
-ASN1_SEQUENCE(DHxparams) = {
-        ASN1_SIMPLE(int_dhx942_dh, p, BIGNUM),
-        ASN1_SIMPLE(int_dhx942_dh, g, BIGNUM),
-        ASN1_SIMPLE(int_dhx942_dh, q, BIGNUM),
-        ASN1_OPT(int_dhx942_dh, j, BIGNUM),
-        ASN1_OPT(int_dhx942_dh, vparams, DHvparams),
-} ASN1_SEQUENCE_END_name(int_dhx942_dh, DHxparams)
-
-int_dhx942_dh *d2i_int_dhx(int_dhx942_dh **a,
-                           const unsigned char **pp, long length);
-int i2d_int_dhx(const int_dhx942_dh *a, unsigned char **pp);
-
-IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(int_dhx942_dh, DHxparams, int_dhx)
-
-/* Application leve function: read in X9.42 DH parameters into DH structure */
-
-DH *d2i_DHxparams(DH **a, const unsigned char **pp, long length)
-{
-    int_dhx942_dh *dhx = NULL;
-    DH *dh = NULL;
-    dh = DH_new();
-    if (!dh)
-        return NULL;
-    dhx = d2i_int_dhx(NULL, pp, length);
-    if (!dhx) {
-        DH_free(dh);
-        return NULL;
-    }
-
-    if (a) {
-        if (*a)
-            DH_free(*a);
-        *a = dh;
-    }
-
-    dh->p = dhx->p;
-    dh->q = dhx->q;
-    dh->g = dhx->g;
-    dh->j = dhx->j;
-
-    if (dhx->vparams) {
-        dh->seed = dhx->vparams->seed->data;
-        dh->seedlen = dhx->vparams->seed->length;
-        dh->counter = dhx->vparams->counter;
-        dhx->vparams->seed->data = NULL;
-        ASN1_BIT_STRING_free(dhx->vparams->seed);
-        OPENSSL_free(dhx->vparams);
-        dhx->vparams = NULL;
-    }
-
-    OPENSSL_free(dhx);
-    return dh;
-}
-
-int i2d_DHxparams(const DH *dh, unsigned char **pp)
-{
-    int_dhx942_dh dhx;
-    int_dhvparams dhv;
-    ASN1_BIT_STRING bs;
-    dhx.p = dh->p;
-    dhx.g = dh->g;
-    dhx.q = dh->q;
-    dhx.j = dh->j;
-    if (dh->counter && dh->seed && dh->seedlen > 0) {
-        bs.flags = ASN1_STRING_FLAG_BITS_LEFT;
-        bs.data = dh->seed;
-        bs.length = dh->seedlen;
-        dhv.seed = &bs;
-        dhv.counter = dh->counter;
-        dhx.vparams = &dhv;
-    } else
-        dhx.vparams = NULL;
-
-    return i2d_int_dhx(&dhx, pp);
-}
diff --git a/thirdparty/openssl/crypto/dh/dh_check.c b/thirdparty/openssl/crypto/dh/dh_check.c
deleted file mode 100644
index 0277041114..0000000000
--- a/thirdparty/openssl/crypto/dh/dh_check.c
+++ /dev/null
@@ -1,187 +0,0 @@
-/* crypto/dh/dh_check.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-
-/*-
- * Check that p is a safe prime and
- * if g is 2, 3 or 5, check that it is a suitable generator
- * where
- * for 2, p mod 24 == 11
- * for 3, p mod 12 == 5
- * for 5, p mod 10 == 3 or 7
- * should hold.
- */
-
-int DH_check(const DH *dh, int *ret)
-{
-    int ok = 0;
-    BN_CTX *ctx = NULL;
-    BN_ULONG l;
-    BIGNUM *t1 = NULL, *t2 = NULL;
-
-    *ret = 0;
-    ctx = BN_CTX_new();
-    if (ctx == NULL)
-        goto err;
-    BN_CTX_start(ctx);
-    t1 = BN_CTX_get(ctx);
-    if (t1 == NULL)
-        goto err;
-    t2 = BN_CTX_get(ctx);
-    if (t2 == NULL)
-        goto err;
-
-    if (dh->q) {
-        if (BN_cmp(dh->g, BN_value_one()) <= 0)
-            *ret |= DH_NOT_SUITABLE_GENERATOR;
-        else if (BN_cmp(dh->g, dh->p) >= 0)
-            *ret |= DH_NOT_SUITABLE_GENERATOR;
-        else {
-            /* Check g^q == 1 mod p */
-            if (!BN_mod_exp(t1, dh->g, dh->q, dh->p, ctx))
-                goto err;
-            if (!BN_is_one(t1))
-                *ret |= DH_NOT_SUITABLE_GENERATOR;
-        }
-        if (!BN_is_prime_ex(dh->q, BN_prime_checks, ctx, NULL))
-            *ret |= DH_CHECK_Q_NOT_PRIME;
-        /* Check p == 1 mod q  i.e. q divides p - 1 */
-        if (!BN_div(t1, t2, dh->p, dh->q, ctx))
-            goto err;
-        if (!BN_is_one(t2))
-            *ret |= DH_CHECK_INVALID_Q_VALUE;
-        if (dh->j && BN_cmp(dh->j, t1))
-            *ret |= DH_CHECK_INVALID_J_VALUE;
-
-    } else if (BN_is_word(dh->g, DH_GENERATOR_2)) {
-        l = BN_mod_word(dh->p, 24);
-        if (l != 11)
-            *ret |= DH_NOT_SUITABLE_GENERATOR;
-    }
-#if 0
-    else if (BN_is_word(dh->g, DH_GENERATOR_3)) {
-        l = BN_mod_word(dh->p, 12);
-        if (l != 5)
-            *ret |= DH_NOT_SUITABLE_GENERATOR;
-    }
-#endif
-    else if (BN_is_word(dh->g, DH_GENERATOR_5)) {
-        l = BN_mod_word(dh->p, 10);
-        if ((l != 3) && (l != 7))
-            *ret |= DH_NOT_SUITABLE_GENERATOR;
-    } else
-        *ret |= DH_UNABLE_TO_CHECK_GENERATOR;
-
-    if (!BN_is_prime_ex(dh->p, BN_prime_checks, ctx, NULL))
-        *ret |= DH_CHECK_P_NOT_PRIME;
-    else if (!dh->q) {
-        if (!BN_rshift1(t1, dh->p))
-            goto err;
-        if (!BN_is_prime_ex(t1, BN_prime_checks, ctx, NULL))
-            *ret |= DH_CHECK_P_NOT_SAFE_PRIME;
-    }
-    ok = 1;
- err:
-    if (ctx != NULL) {
-        BN_CTX_end(ctx);
-        BN_CTX_free(ctx);
-    }
-    return (ok);
-}
-
-int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret)
-{
-    int ok = 0;
-    BIGNUM *tmp = NULL;
-    BN_CTX *ctx = NULL;
-
-    *ret = 0;
-    ctx = BN_CTX_new();
-    if (ctx == NULL)
-        goto err;
-    BN_CTX_start(ctx);
-    tmp = BN_CTX_get(ctx);
-    if (tmp == NULL || !BN_set_word(tmp, 1))
-        goto err;
-    if (BN_cmp(pub_key, tmp) <= 0)
-        *ret |= DH_CHECK_PUBKEY_TOO_SMALL;
-    if (BN_copy(tmp, dh->p) == NULL || !BN_sub_word(tmp, 1))
-        goto err;
-    if (BN_cmp(pub_key, tmp) >= 0)
-        *ret |= DH_CHECK_PUBKEY_TOO_LARGE;
-
-    if (dh->q != NULL) {
-        /* Check pub_key^q == 1 mod p */
-        if (!BN_mod_exp(tmp, pub_key, dh->q, dh->p, ctx))
-            goto err;
-        if (!BN_is_one(tmp))
-            *ret |= DH_CHECK_PUBKEY_INVALID;
-    }
-
-    ok = 1;
- err:
-    if (ctx != NULL) {
-        BN_CTX_end(ctx);
-        BN_CTX_free(ctx);
-    }
-    return (ok);
-}
diff --git a/thirdparty/openssl/crypto/dh/dh_depr.c b/thirdparty/openssl/crypto/dh/dh_depr.c
deleted file mode 100644
index b622119930..0000000000
--- a/thirdparty/openssl/crypto/dh/dh_depr.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/* crypto/dh/dh_depr.c */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* This file contains deprecated functions as wrappers to the new ones */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-
-static void *dummy = &dummy;
-
-#ifndef OPENSSL_NO_DEPRECATED
-DH *DH_generate_parameters(int prime_len, int generator,
-                           void (*callback) (int, int, void *), void *cb_arg)
-{
-    BN_GENCB cb;
-    DH *ret = NULL;
-
-    if ((ret = DH_new()) == NULL)
-        return NULL;
-
-    BN_GENCB_set_old(&cb, callback, cb_arg);
-
-    if (DH_generate_parameters_ex(ret, prime_len, generator, &cb))
-        return ret;
-    DH_free(ret);
-    return NULL;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/dh/dh_err.c b/thirdparty/openssl/crypto/dh/dh_err.c
deleted file mode 100644
index b890cca817..0000000000
--- a/thirdparty/openssl/crypto/dh/dh_err.c
+++ /dev/null
@@ -1,126 +0,0 @@
-/* crypto/dh/dh_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2013 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/dh.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_DH,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_DH,0,reason)
-
-static ERR_STRING_DATA DH_str_functs[] = {
-    {ERR_FUNC(DH_F_COMPUTE_KEY), "COMPUTE_KEY"},
-    {ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"},
-    {ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"},
-    {ERR_FUNC(DH_F_DH_CMS_DECRYPT), "DH_CMS_DECRYPT"},
-    {ERR_FUNC(DH_F_DH_CMS_SET_PEERKEY), "DH_CMS_SET_PEERKEY"},
-    {ERR_FUNC(DH_F_DH_CMS_SET_SHARED_INFO), "DH_CMS_SET_SHARED_INFO"},
-    {ERR_FUNC(DH_F_DH_COMPUTE_KEY), "DH_compute_key"},
-    {ERR_FUNC(DH_F_DH_GENERATE_KEY), "DH_generate_key"},
-    {ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS_EX), "DH_generate_parameters_ex"},
-    {ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"},
-    {ERR_FUNC(DH_F_DH_PARAM_DECODE), "DH_PARAM_DECODE"},
-    {ERR_FUNC(DH_F_DH_PRIV_DECODE), "DH_PRIV_DECODE"},
-    {ERR_FUNC(DH_F_DH_PRIV_ENCODE), "DH_PRIV_ENCODE"},
-    {ERR_FUNC(DH_F_DH_PUB_DECODE), "DH_PUB_DECODE"},
-    {ERR_FUNC(DH_F_DH_PUB_ENCODE), "DH_PUB_ENCODE"},
-    {ERR_FUNC(DH_F_DO_DH_PRINT), "DO_DH_PRINT"},
-    {ERR_FUNC(DH_F_GENERATE_KEY), "GENERATE_KEY"},
-    {ERR_FUNC(DH_F_GENERATE_PARAMETERS), "GENERATE_PARAMETERS"},
-    {ERR_FUNC(DH_F_PKEY_DH_DERIVE), "PKEY_DH_DERIVE"},
-    {ERR_FUNC(DH_F_PKEY_DH_KEYGEN), "PKEY_DH_KEYGEN"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA DH_str_reasons[] = {
-    {ERR_REASON(DH_R_BAD_GENERATOR), "bad generator"},
-    {ERR_REASON(DH_R_BN_DECODE_ERROR), "bn decode error"},
-    {ERR_REASON(DH_R_BN_ERROR), "bn error"},
-    {ERR_REASON(DH_R_DECODE_ERROR), "decode error"},
-    {ERR_REASON(DH_R_INVALID_PUBKEY), "invalid public key"},
-    {ERR_REASON(DH_R_KDF_PARAMETER_ERROR), "kdf parameter error"},
-    {ERR_REASON(DH_R_KEYS_NOT_SET), "keys not set"},
-    {ERR_REASON(DH_R_KEY_SIZE_TOO_SMALL), "key size too small"},
-    {ERR_REASON(DH_R_MODULUS_TOO_LARGE), "modulus too large"},
-    {ERR_REASON(DH_R_NON_FIPS_METHOD), "non fips method"},
-    {ERR_REASON(DH_R_NO_PARAMETERS_SET), "no parameters set"},
-    {ERR_REASON(DH_R_NO_PRIVATE_VALUE), "no private value"},
-    {ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR), "parameter encoding error"},
-    {ERR_REASON(DH_R_PEER_KEY_ERROR), "peer key error"},
-    {ERR_REASON(DH_R_SHARED_INFO_ERROR), "shared info error"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_DH_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(DH_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, DH_str_functs);
-        ERR_load_strings(0, DH_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/dh/dh_gen.c b/thirdparty/openssl/crypto/dh/dh_gen.c
deleted file mode 100644
index 5bedb665f2..0000000000
--- a/thirdparty/openssl/crypto/dh/dh_gen.c
+++ /dev/null
@@ -1,204 +0,0 @@
-/* crypto/dh/dh_gen.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * NB: These functions have been upgraded - the previous prototypes are in
- * dh_depr.c as wrappers to these ones.  - Geoff
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
-static int dh_builtin_genparams(DH *ret, int prime_len, int generator,
-                                BN_GENCB *cb);
-
-int DH_generate_parameters_ex(DH *ret, int prime_len, int generator,
-                              BN_GENCB *cb)
-{
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode() && !(ret->meth->flags & DH_FLAG_FIPS_METHOD)
-        && !(ret->flags & DH_FLAG_NON_FIPS_ALLOW)) {
-        DHerr(DH_F_DH_GENERATE_PARAMETERS_EX, DH_R_NON_FIPS_METHOD);
-        return 0;
-    }
-#endif
-    if (ret->meth->generate_params)
-        return ret->meth->generate_params(ret, prime_len, generator, cb);
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode())
-        return FIPS_dh_generate_parameters_ex(ret, prime_len, generator, cb);
-#endif
-    return dh_builtin_genparams(ret, prime_len, generator, cb);
-}
-
-/*-
- * We generate DH parameters as follows
- * find a prime q which is prime_len/2 bits long.
- * p=(2*q)+1 or (p-1)/2 = q
- * For this case, g is a generator if
- * g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1.
- * Since the factors of p-1 are q and 2, we just need to check
- * g^2 mod p != 1 and g^q mod p != 1.
- *
- * Having said all that,
- * there is another special case method for the generators 2, 3 and 5.
- * for 2, p mod 24 == 11
- * for 3, p mod 12 == 5  <<<<< does not work for safe primes.
- * for 5, p mod 10 == 3 or 7
- *
- * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the
- * special generators and for answering some of my questions.
- *
- * I've implemented the second simple method :-).
- * Since DH should be using a safe prime (both p and q are prime),
- * this generator function can take a very very long time to run.
- */
-/*
- * Actually there is no reason to insist that 'generator' be a generator.
- * It's just as OK (and in some sense better) to use a generator of the
- * order-q subgroup.
- */
-static int dh_builtin_genparams(DH *ret, int prime_len, int generator,
-                                BN_GENCB *cb)
-{
-    BIGNUM *t1, *t2;
-    int g, ok = -1;
-    BN_CTX *ctx = NULL;
-
-    ctx = BN_CTX_new();
-    if (ctx == NULL)
-        goto err;
-    BN_CTX_start(ctx);
-    t1 = BN_CTX_get(ctx);
-    t2 = BN_CTX_get(ctx);
-    if (t1 == NULL || t2 == NULL)
-        goto err;
-
-    /* Make sure 'ret' has the necessary elements */
-    if (!ret->p && ((ret->p = BN_new()) == NULL))
-        goto err;
-    if (!ret->g && ((ret->g = BN_new()) == NULL))
-        goto err;
-
-    if (generator <= 1) {
-        DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_BAD_GENERATOR);
-        goto err;
-    }
-    if (generator == DH_GENERATOR_2) {
-        if (!BN_set_word(t1, 24))
-            goto err;
-        if (!BN_set_word(t2, 11))
-            goto err;
-        g = 2;
-    }
-#if 0                           /* does not work for safe primes */
-    else if (generator == DH_GENERATOR_3) {
-        if (!BN_set_word(t1, 12))
-            goto err;
-        if (!BN_set_word(t2, 5))
-            goto err;
-        g = 3;
-    }
-#endif
-    else if (generator == DH_GENERATOR_5) {
-        if (!BN_set_word(t1, 10))
-            goto err;
-        if (!BN_set_word(t2, 3))
-            goto err;
-        /*
-         * BN_set_word(t3,7); just have to miss out on these ones :-(
-         */
-        g = 5;
-    } else {
-        /*
-         * in the general case, don't worry if 'generator' is a generator or
-         * not: since we are using safe primes, it will generate either an
-         * order-q or an order-2q group, which both is OK
-         */
-        if (!BN_set_word(t1, 2))
-            goto err;
-        if (!BN_set_word(t2, 1))
-            goto err;
-        g = generator;
-    }
-
-    if (!BN_generate_prime_ex(ret->p, prime_len, 1, t1, t2, cb))
-        goto err;
-    if (!BN_GENCB_call(cb, 3, 0))
-        goto err;
-    if (!BN_set_word(ret->g, g))
-        goto err;
-    ok = 1;
- err:
-    if (ok == -1) {
-        DHerr(DH_F_DH_BUILTIN_GENPARAMS, ERR_R_BN_LIB);
-        ok = 0;
-    }
-
-    if (ctx != NULL) {
-        BN_CTX_end(ctx);
-        BN_CTX_free(ctx);
-    }
-    return ok;
-}
diff --git a/thirdparty/openssl/crypto/dh/dh_kdf.c b/thirdparty/openssl/crypto/dh/dh_kdf.c
deleted file mode 100644
index a882cb286e..0000000000
--- a/thirdparty/openssl/crypto/dh/dh_kdf.c
+++ /dev/null
@@ -1,187 +0,0 @@
-/* crypto/dh/dh_kdf.c */
-/*
- * Written by Stephen Henson for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 2013 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <string.h>
-#include <openssl/dh.h>
-#include <openssl/evp.h>
-#include <openssl/asn1.h>
-#include <openssl/cms.h>
-
-/* Key derivation from X9.42/RFC2631 */
-
-#define DH_KDF_MAX      (1L << 30)
-
-/* Skip past an ASN1 structure: for OBJECT skip content octets too */
-
-static int skip_asn1(unsigned char **pp, long *plen, int exptag)
-{
-    const unsigned char *q = *pp;
-    int i, tag, xclass;
-    long tmplen;
-    i = ASN1_get_object(&q, &tmplen, &tag, &xclass, *plen);
-    if (i & 0x80)
-        return 0;
-    if (tag != exptag || xclass != V_ASN1_UNIVERSAL)
-        return 0;
-    if (tag == V_ASN1_OBJECT)
-        q += tmplen;
-    *plen -= q - *pp;
-    *pp = (unsigned char *)q;
-    return 1;
-}
-
-/*
- * Encode the DH shared info structure, return an offset to the counter value
- * so we can update the structure without reencoding it.
- */
-
-static int dh_sharedinfo_encode(unsigned char **pder, unsigned char **pctr,
-                                ASN1_OBJECT *key_oid, size_t outlen,
-                                const unsigned char *ukm, size_t ukmlen)
-{
-    unsigned char *p;
-    int derlen;
-    long tlen;
-    /* "magic" value to check offset is sane */
-    static unsigned char ctr[4] = { 0xF3, 0x17, 0x22, 0x53 };
-    X509_ALGOR atmp;
-    ASN1_OCTET_STRING ctr_oct, ukm_oct, *pukm_oct;
-    ASN1_TYPE ctr_atype;
-    if (ukmlen > DH_KDF_MAX || outlen > DH_KDF_MAX)
-        return 0;
-    ctr_oct.data = ctr;
-    ctr_oct.length = 4;
-    ctr_oct.flags = 0;
-    ctr_oct.type = V_ASN1_OCTET_STRING;
-    ctr_atype.type = V_ASN1_OCTET_STRING;
-    ctr_atype.value.octet_string = &ctr_oct;
-    atmp.algorithm = key_oid;
-    atmp.parameter = &ctr_atype;
-    if (ukm) {
-        ukm_oct.type = V_ASN1_OCTET_STRING;
-        ukm_oct.flags = 0;
-        ukm_oct.data = (unsigned char *)ukm;
-        ukm_oct.length = ukmlen;
-        pukm_oct = &ukm_oct;
-    } else
-        pukm_oct = NULL;
-    derlen = CMS_SharedInfo_encode(pder, &atmp, pukm_oct, outlen);
-    if (derlen <= 0)
-        return 0;
-    p = *pder;
-    tlen = derlen;
-    if (!skip_asn1(&p, &tlen, V_ASN1_SEQUENCE))
-        return 0;
-    if (!skip_asn1(&p, &tlen, V_ASN1_SEQUENCE))
-        return 0;
-    if (!skip_asn1(&p, &tlen, V_ASN1_OBJECT))
-        return 0;
-    if (!skip_asn1(&p, &tlen, V_ASN1_OCTET_STRING))
-        return 0;
-    if (CRYPTO_memcmp(p, ctr, 4))
-        return 0;
-    *pctr = p;
-    return derlen;
-}
-
-int DH_KDF_X9_42(unsigned char *out, size_t outlen,
-                 const unsigned char *Z, size_t Zlen,
-                 ASN1_OBJECT *key_oid,
-                 const unsigned char *ukm, size_t ukmlen, const EVP_MD *md)
-{
-    EVP_MD_CTX mctx;
-    int rv = 0;
-    unsigned int i;
-    size_t mdlen;
-    unsigned char *der = NULL, *ctr;
-    int derlen;
-    if (Zlen > DH_KDF_MAX)
-        return 0;
-    mdlen = EVP_MD_size(md);
-    EVP_MD_CTX_init(&mctx);
-    derlen = dh_sharedinfo_encode(&der, &ctr, key_oid, outlen, ukm, ukmlen);
-    if (derlen == 0)
-        goto err;
-    for (i = 1;; i++) {
-        unsigned char mtmp[EVP_MAX_MD_SIZE];
-        EVP_DigestInit_ex(&mctx, md, NULL);
-        if (!EVP_DigestUpdate(&mctx, Z, Zlen))
-            goto err;
-        ctr[3] = i & 0xFF;
-        ctr[2] = (i >> 8) & 0xFF;
-        ctr[1] = (i >> 16) & 0xFF;
-        ctr[0] = (i >> 24) & 0xFF;
-        if (!EVP_DigestUpdate(&mctx, der, derlen))
-            goto err;
-        if (outlen >= mdlen) {
-            if (!EVP_DigestFinal(&mctx, out, NULL))
-                goto err;
-            outlen -= mdlen;
-            if (outlen == 0)
-                break;
-            out += mdlen;
-        } else {
-            if (!EVP_DigestFinal(&mctx, mtmp, NULL))
-                goto err;
-            memcpy(out, mtmp, outlen);
-            OPENSSL_cleanse(mtmp, mdlen);
-            break;
-        }
-    }
-    rv = 1;
- err:
-    if (der)
-        OPENSSL_free(der);
-    EVP_MD_CTX_cleanup(&mctx);
-    return rv;
-}
diff --git a/thirdparty/openssl/crypto/dh/dh_key.c b/thirdparty/openssl/crypto/dh/dh_key.c
deleted file mode 100644
index 387558f146..0000000000
--- a/thirdparty/openssl/crypto/dh/dh_key.c
+++ /dev/null
@@ -1,291 +0,0 @@
-/* crypto/dh/dh_key.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rand.h>
-#include <openssl/dh.h>
-
-static int generate_key(DH *dh);
-static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
-static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
-                         const BIGNUM *a, const BIGNUM *p,
-                         const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-static int dh_init(DH *dh);
-static int dh_finish(DH *dh);
-
-int DH_generate_key(DH *dh)
-{
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD)
-        && !(dh->flags & DH_FLAG_NON_FIPS_ALLOW)) {
-        DHerr(DH_F_DH_GENERATE_KEY, DH_R_NON_FIPS_METHOD);
-        return 0;
-    }
-#endif
-    return dh->meth->generate_key(dh);
-}
-
-int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
-{
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD)
-        && !(dh->flags & DH_FLAG_NON_FIPS_ALLOW)) {
-        DHerr(DH_F_DH_COMPUTE_KEY, DH_R_NON_FIPS_METHOD);
-        return 0;
-    }
-#endif
-    return dh->meth->compute_key(key, pub_key, dh);
-}
-
-int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh)
-{
-    int rv, pad;
-    rv = dh->meth->compute_key(key, pub_key, dh);
-    if (rv <= 0)
-        return rv;
-    pad = BN_num_bytes(dh->p) - rv;
-    if (pad > 0) {
-        memmove(key + pad, key, rv);
-        memset(key, 0, pad);
-    }
-    return rv + pad;
-}
-
-static DH_METHOD dh_ossl = {
-    "OpenSSL DH Method",
-    generate_key,
-    compute_key,
-    dh_bn_mod_exp,
-    dh_init,
-    dh_finish,
-    0,
-    NULL,
-    NULL
-};
-
-const DH_METHOD *DH_OpenSSL(void)
-{
-    return &dh_ossl;
-}
-
-static int generate_key(DH *dh)
-{
-    int ok = 0;
-    int generate_new_key = 0;
-    unsigned l;
-    BN_CTX *ctx;
-    BN_MONT_CTX *mont = NULL;
-    BIGNUM *pub_key = NULL, *priv_key = NULL;
-
-    ctx = BN_CTX_new();
-    if (ctx == NULL)
-        goto err;
-
-    if (dh->priv_key == NULL) {
-        priv_key = BN_new();
-        if (priv_key == NULL)
-            goto err;
-        generate_new_key = 1;
-    } else
-        priv_key = dh->priv_key;
-
-    if (dh->pub_key == NULL) {
-        pub_key = BN_new();
-        if (pub_key == NULL)
-            goto err;
-    } else
-        pub_key = dh->pub_key;
-
-    if (dh->flags & DH_FLAG_CACHE_MONT_P) {
-        mont = BN_MONT_CTX_set_locked(&dh->method_mont_p,
-                                      CRYPTO_LOCK_DH, dh->p, ctx);
-        if (!mont)
-            goto err;
-    }
-
-    if (generate_new_key) {
-        if (dh->q) {
-            do {
-                if (!BN_rand_range(priv_key, dh->q))
-                    goto err;
-            }
-            while (BN_is_zero(priv_key) || BN_is_one(priv_key));
-        } else {
-            /* secret exponent length */
-            l = dh->length ? dh->length : BN_num_bits(dh->p) - 1;
-            if (!BN_rand(priv_key, l, 0, 0))
-                goto err;
-        }
-    }
-
-    {
-        BIGNUM local_prk;
-        BIGNUM *prk;
-
-        if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0) {
-            BN_init(&local_prk);
-            prk = &local_prk;
-            BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME);
-        } else
-            prk = priv_key;
-
-        if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont))
-            goto err;
-    }
-
-    dh->pub_key = pub_key;
-    dh->priv_key = priv_key;
-    ok = 1;
- err:
-    if (ok != 1)
-        DHerr(DH_F_GENERATE_KEY, ERR_R_BN_LIB);
-
-    if ((pub_key != NULL) && (dh->pub_key == NULL))
-        BN_free(pub_key);
-    if ((priv_key != NULL) && (dh->priv_key == NULL))
-        BN_free(priv_key);
-    BN_CTX_free(ctx);
-    return (ok);
-}
-
-static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
-{
-    BN_CTX *ctx = NULL;
-    BN_MONT_CTX *mont = NULL;
-    BIGNUM *tmp;
-    int ret = -1;
-    int check_result;
-
-    if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) {
-        DHerr(DH_F_COMPUTE_KEY, DH_R_MODULUS_TOO_LARGE);
-        goto err;
-    }
-
-    ctx = BN_CTX_new();
-    if (ctx == NULL)
-        goto err;
-    BN_CTX_start(ctx);
-    tmp = BN_CTX_get(ctx);
-    if (tmp == NULL)
-        goto err;
-
-    if (dh->priv_key == NULL) {
-        DHerr(DH_F_COMPUTE_KEY, DH_R_NO_PRIVATE_VALUE);
-        goto err;
-    }
-
-    if (dh->flags & DH_FLAG_CACHE_MONT_P) {
-        mont = BN_MONT_CTX_set_locked(&dh->method_mont_p,
-                                      CRYPTO_LOCK_DH, dh->p, ctx);
-        if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0) {
-            /* XXX */
-            BN_set_flags(dh->priv_key, BN_FLG_CONSTTIME);
-        }
-        if (!mont)
-            goto err;
-    }
-
-    if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result) {
-        DHerr(DH_F_COMPUTE_KEY, DH_R_INVALID_PUBKEY);
-        goto err;
-    }
-
-    if (!dh->
-        meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key, dh->p, ctx, mont)) {
-        DHerr(DH_F_COMPUTE_KEY, ERR_R_BN_LIB);
-        goto err;
-    }
-
-    ret = BN_bn2bin(tmp, key);
- err:
-    if (ctx != NULL) {
-        BN_CTX_end(ctx);
-        BN_CTX_free(ctx);
-    }
-    return (ret);
-}
-
-static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
-                         const BIGNUM *a, const BIGNUM *p,
-                         const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-{
-    /*
-     * If a is only one word long and constant time is false, use the faster
-     * exponenentiation function.
-     */
-    if (a->top == 1 && ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) != 0)) {
-        BN_ULONG A = a->d[0];
-        return BN_mod_exp_mont_word(r, A, p, m, ctx, m_ctx);
-    } else
-        return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx);
-}
-
-static int dh_init(DH *dh)
-{
-    dh->flags |= DH_FLAG_CACHE_MONT_P;
-    return (1);
-}
-
-static int dh_finish(DH *dh)
-{
-    if (dh->method_mont_p)
-        BN_MONT_CTX_free(dh->method_mont_p);
-    return (1);
-}
diff --git a/thirdparty/openssl/crypto/dh/dh_lib.c b/thirdparty/openssl/crypto/dh/dh_lib.c
deleted file mode 100644
index bebc160ed6..0000000000
--- a/thirdparty/openssl/crypto/dh/dh_lib.c
+++ /dev/null
@@ -1,263 +0,0 @@
-/* crypto/dh/dh_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
-const char DH_version[] = "Diffie-Hellman" OPENSSL_VERSION_PTEXT;
-
-static const DH_METHOD *default_DH_method = NULL;
-
-void DH_set_default_method(const DH_METHOD *meth)
-{
-    default_DH_method = meth;
-}
-
-const DH_METHOD *DH_get_default_method(void)
-{
-    if (!default_DH_method) {
-#ifdef OPENSSL_FIPS
-        if (FIPS_mode())
-            return FIPS_dh_openssl();
-        else
-            return DH_OpenSSL();
-#else
-        default_DH_method = DH_OpenSSL();
-#endif
-    }
-    return default_DH_method;
-}
-
-int DH_set_method(DH *dh, const DH_METHOD *meth)
-{
-    /*
-     * NB: The caller is specifically setting a method, so it's not up to us
-     * to deal with which ENGINE it comes from.
-     */
-    const DH_METHOD *mtmp;
-    mtmp = dh->meth;
-    if (mtmp->finish)
-        mtmp->finish(dh);
-#ifndef OPENSSL_NO_ENGINE
-    if (dh->engine) {
-        ENGINE_finish(dh->engine);
-        dh->engine = NULL;
-    }
-#endif
-    dh->meth = meth;
-    if (meth->init)
-        meth->init(dh);
-    return 1;
-}
-
-DH *DH_new(void)
-{
-    return DH_new_method(NULL);
-}
-
-DH *DH_new_method(ENGINE *engine)
-{
-    DH *ret;
-
-    ret = (DH *)OPENSSL_malloc(sizeof(DH));
-    if (ret == NULL) {
-        DHerr(DH_F_DH_NEW_METHOD, ERR_R_MALLOC_FAILURE);
-        return (NULL);
-    }
-
-    ret->meth = DH_get_default_method();
-#ifndef OPENSSL_NO_ENGINE
-    if (engine) {
-        if (!ENGINE_init(engine)) {
-            DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB);
-            OPENSSL_free(ret);
-            return NULL;
-        }
-        ret->engine = engine;
-    } else
-        ret->engine = ENGINE_get_default_DH();
-    if (ret->engine) {
-        ret->meth = ENGINE_get_DH(ret->engine);
-        if (!ret->meth) {
-            DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB);
-            ENGINE_finish(ret->engine);
-            OPENSSL_free(ret);
-            return NULL;
-        }
-    }
-#endif
-
-    ret->pad = 0;
-    ret->version = 0;
-    ret->p = NULL;
-    ret->g = NULL;
-    ret->length = 0;
-    ret->pub_key = NULL;
-    ret->priv_key = NULL;
-    ret->q = NULL;
-    ret->j = NULL;
-    ret->seed = NULL;
-    ret->seedlen = 0;
-    ret->counter = NULL;
-    ret->method_mont_p = NULL;
-    ret->references = 1;
-    ret->flags = ret->meth->flags & ~DH_FLAG_NON_FIPS_ALLOW;
-    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
-    if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
-#ifndef OPENSSL_NO_ENGINE
-        if (ret->engine)
-            ENGINE_finish(ret->engine);
-#endif
-        CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
-        OPENSSL_free(ret);
-        ret = NULL;
-    }
-    return (ret);
-}
-
-void DH_free(DH *r)
-{
-    int i;
-    if (r == NULL)
-        return;
-    i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH);
-#ifdef REF_PRINT
-    REF_PRINT("DH", r);
-#endif
-    if (i > 0)
-        return;
-#ifdef REF_CHECK
-    if (i < 0) {
-        fprintf(stderr, "DH_free, bad reference count\n");
-        abort();
-    }
-#endif
-
-    if (r->meth->finish)
-        r->meth->finish(r);
-#ifndef OPENSSL_NO_ENGINE
-    if (r->engine)
-        ENGINE_finish(r->engine);
-#endif
-
-    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data);
-
-    if (r->p != NULL)
-        BN_clear_free(r->p);
-    if (r->g != NULL)
-        BN_clear_free(r->g);
-    if (r->q != NULL)
-        BN_clear_free(r->q);
-    if (r->j != NULL)
-        BN_clear_free(r->j);
-    if (r->seed)
-        OPENSSL_free(r->seed);
-    if (r->counter != NULL)
-        BN_clear_free(r->counter);
-    if (r->pub_key != NULL)
-        BN_clear_free(r->pub_key);
-    if (r->priv_key != NULL)
-        BN_clear_free(r->priv_key);
-    OPENSSL_free(r);
-}
-
-int DH_up_ref(DH *r)
-{
-    int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DH);
-#ifdef REF_PRINT
-    REF_PRINT("DH", r);
-#endif
-#ifdef REF_CHECK
-    if (i < 2) {
-        fprintf(stderr, "DH_up, bad reference count\n");
-        abort();
-    }
-#endif
-    return ((i > 1) ? 1 : 0);
-}
-
-int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-                        CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DH, argl, argp,
-                                   new_func, dup_func, free_func);
-}
-
-int DH_set_ex_data(DH *d, int idx, void *arg)
-{
-    return (CRYPTO_set_ex_data(&d->ex_data, idx, arg));
-}
-
-void *DH_get_ex_data(DH *d, int idx)
-{
-    return (CRYPTO_get_ex_data(&d->ex_data, idx));
-}
-
-int DH_size(const DH *dh)
-{
-    return (BN_num_bytes(dh->p));
-}
diff --git a/thirdparty/openssl/crypto/dh/dh_pmeth.c b/thirdparty/openssl/crypto/dh/dh_pmeth.c
deleted file mode 100644
index b58e3fa86f..0000000000
--- a/thirdparty/openssl/crypto/dh/dh_pmeth.c
+++ /dev/null
@@ -1,551 +0,0 @@
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/evp.h>
-#include <openssl/dh.h>
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#include <openssl/objects.h>
-#include "evp_locl.h"
-
-/* DH pkey context structure */
-
-typedef struct {
-    /* Parameter gen parameters */
-    int prime_len;
-    int generator;
-    int use_dsa;
-    int subprime_len;
-    /* message digest used for parameter generation */
-    const EVP_MD *md;
-    int rfc5114_param;
-    /* Keygen callback info */
-    int gentmp[2];
-    /* KDF (if any) to use for DH */
-    char kdf_type;
-    /* OID to use for KDF */
-    ASN1_OBJECT *kdf_oid;
-    /* Message digest to use for key derivation */
-    const EVP_MD *kdf_md;
-    /* User key material */
-    unsigned char *kdf_ukm;
-    size_t kdf_ukmlen;
-    /* KDF output length */
-    size_t kdf_outlen;
-} DH_PKEY_CTX;
-
-static int pkey_dh_init(EVP_PKEY_CTX *ctx)
-{
-    DH_PKEY_CTX *dctx;
-    dctx = OPENSSL_malloc(sizeof(DH_PKEY_CTX));
-    if (!dctx)
-        return 0;
-    dctx->prime_len = 1024;
-    dctx->subprime_len = -1;
-    dctx->generator = 2;
-    dctx->use_dsa = 0;
-    dctx->md = NULL;
-    dctx->rfc5114_param = 0;
-
-    dctx->kdf_type = EVP_PKEY_DH_KDF_NONE;
-    dctx->kdf_oid = NULL;
-    dctx->kdf_md = NULL;
-    dctx->kdf_ukm = NULL;
-    dctx->kdf_ukmlen = 0;
-    dctx->kdf_outlen = 0;
-
-    ctx->data = dctx;
-    ctx->keygen_info = dctx->gentmp;
-    ctx->keygen_info_count = 2;
-
-    return 1;
-}
-
-static int pkey_dh_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
-{
-    DH_PKEY_CTX *dctx, *sctx;
-    if (!pkey_dh_init(dst))
-        return 0;
-    sctx = src->data;
-    dctx = dst->data;
-    dctx->prime_len = sctx->prime_len;
-    dctx->subprime_len = sctx->subprime_len;
-    dctx->generator = sctx->generator;
-    dctx->use_dsa = sctx->use_dsa;
-    dctx->md = sctx->md;
-    dctx->rfc5114_param = sctx->rfc5114_param;
-
-    dctx->kdf_type = sctx->kdf_type;
-    dctx->kdf_oid = OBJ_dup(sctx->kdf_oid);
-    if (!dctx->kdf_oid)
-        return 0;
-    dctx->kdf_md = sctx->kdf_md;
-    if (dctx->kdf_ukm) {
-        dctx->kdf_ukm = BUF_memdup(sctx->kdf_ukm, sctx->kdf_ukmlen);
-        dctx->kdf_ukmlen = sctx->kdf_ukmlen;
-    }
-    dctx->kdf_outlen = sctx->kdf_outlen;
-    return 1;
-}
-
-static void pkey_dh_cleanup(EVP_PKEY_CTX *ctx)
-{
-    DH_PKEY_CTX *dctx = ctx->data;
-    if (dctx) {
-        if (dctx->kdf_ukm)
-            OPENSSL_free(dctx->kdf_ukm);
-        if (dctx->kdf_oid)
-            ASN1_OBJECT_free(dctx->kdf_oid);
-        OPENSSL_free(dctx);
-    }
-}
-
-static int pkey_dh_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
-{
-    DH_PKEY_CTX *dctx = ctx->data;
-    switch (type) {
-    case EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN:
-        if (p1 < 256)
-            return -2;
-        dctx->prime_len = p1;
-        return 1;
-
-    case EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN:
-        if (dctx->use_dsa == 0)
-            return -2;
-        dctx->subprime_len = p1;
-        return 1;
-
-    case EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR:
-        if (dctx->use_dsa)
-            return -2;
-        dctx->generator = p1;
-        return 1;
-
-    case EVP_PKEY_CTRL_DH_PARAMGEN_TYPE:
-#ifdef OPENSSL_NO_DSA
-        if (p1 != 0)
-            return -2;
-#else
-        if (p1 < 0 || p1 > 2)
-            return -2;
-#endif
-        dctx->use_dsa = p1;
-        return 1;
-
-    case EVP_PKEY_CTRL_DH_RFC5114:
-        if (p1 < 1 || p1 > 3)
-            return -2;
-        dctx->rfc5114_param = p1;
-        return 1;
-
-    case EVP_PKEY_CTRL_PEER_KEY:
-        /* Default behaviour is OK */
-        return 1;
-
-    case EVP_PKEY_CTRL_DH_KDF_TYPE:
-        if (p1 == -2)
-            return dctx->kdf_type;
-        if (p1 != EVP_PKEY_DH_KDF_NONE && p1 != EVP_PKEY_DH_KDF_X9_42)
-            return -2;
-        dctx->kdf_type = p1;
-        return 1;
-
-    case EVP_PKEY_CTRL_DH_KDF_MD:
-        dctx->kdf_md = p2;
-        return 1;
-
-    case EVP_PKEY_CTRL_GET_DH_KDF_MD:
-        *(const EVP_MD **)p2 = dctx->kdf_md;
-        return 1;
-
-    case EVP_PKEY_CTRL_DH_KDF_OUTLEN:
-        if (p1 <= 0)
-            return -2;
-        dctx->kdf_outlen = (size_t)p1;
-        return 1;
-
-    case EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN:
-        *(int *)p2 = dctx->kdf_outlen;
-        return 1;
-
-    case EVP_PKEY_CTRL_DH_KDF_UKM:
-        if (dctx->kdf_ukm)
-            OPENSSL_free(dctx->kdf_ukm);
-        dctx->kdf_ukm = p2;
-        if (p2)
-            dctx->kdf_ukmlen = p1;
-        else
-            dctx->kdf_ukmlen = 0;
-        return 1;
-
-    case EVP_PKEY_CTRL_GET_DH_KDF_UKM:
-        *(unsigned char **)p2 = dctx->kdf_ukm;
-        return dctx->kdf_ukmlen;
-
-    case EVP_PKEY_CTRL_DH_KDF_OID:
-        if (dctx->kdf_oid)
-            ASN1_OBJECT_free(dctx->kdf_oid);
-        dctx->kdf_oid = p2;
-        return 1;
-
-    case EVP_PKEY_CTRL_GET_DH_KDF_OID:
-        *(ASN1_OBJECT **)p2 = dctx->kdf_oid;
-        return 1;
-
-    default:
-        return -2;
-
-    }
-}
-
-static int pkey_dh_ctrl_str(EVP_PKEY_CTX *ctx,
-                            const char *type, const char *value)
-{
-    if (!strcmp(type, "dh_paramgen_prime_len")) {
-        int len;
-        len = atoi(value);
-        return EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len);
-    }
-    if (!strcmp(type, "dh_rfc5114")) {
-        DH_PKEY_CTX *dctx = ctx->data;
-        int len;
-        len = atoi(value);
-        if (len < 0 || len > 3)
-            return -2;
-        dctx->rfc5114_param = len;
-        return 1;
-    }
-    if (!strcmp(type, "dh_paramgen_generator")) {
-        int len;
-        len = atoi(value);
-        return EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, len);
-    }
-    if (!strcmp(type, "dh_paramgen_subprime_len")) {
-        int len;
-        len = atoi(value);
-        return EVP_PKEY_CTX_set_dh_paramgen_subprime_len(ctx, len);
-    }
-    if (!strcmp(type, "dh_paramgen_type")) {
-        int typ;
-        typ = atoi(value);
-        return EVP_PKEY_CTX_set_dh_paramgen_type(ctx, typ);
-    }
-    return -2;
-}
-
-#ifndef OPENSSL_NO_DSA
-
-extern int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
-                                const EVP_MD *evpmd,
-                                const unsigned char *seed_in, size_t seed_len,
-                                unsigned char *seed_out, int *counter_ret,
-                                unsigned long *h_ret, BN_GENCB *cb);
-
-extern int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
-                                 const EVP_MD *evpmd,
-                                 const unsigned char *seed_in,
-                                 size_t seed_len, int idx,
-                                 unsigned char *seed_out, int *counter_ret,
-                                 unsigned long *h_ret, BN_GENCB *cb);
-
-static DSA *dsa_dh_generate(DH_PKEY_CTX *dctx, BN_GENCB *pcb)
-{
-    DSA *ret;
-    int rv = 0;
-    int prime_len = dctx->prime_len;
-    int subprime_len = dctx->subprime_len;
-    const EVP_MD *md = dctx->md;
-    if (dctx->use_dsa > 2)
-        return NULL;
-    ret = DSA_new();
-    if (!ret)
-        return NULL;
-    if (subprime_len == -1) {
-        if (prime_len >= 2048)
-            subprime_len = 256;
-        else
-            subprime_len = 160;
-    }
-    if (md == NULL) {
-        if (prime_len >= 2048)
-            md = EVP_sha256();
-        else
-            md = EVP_sha1();
-    }
-    if (dctx->use_dsa == 1)
-        rv = dsa_builtin_paramgen(ret, prime_len, subprime_len, md,
-                                  NULL, 0, NULL, NULL, NULL, pcb);
-    else if (dctx->use_dsa == 2)
-        rv = dsa_builtin_paramgen2(ret, prime_len, subprime_len, md,
-                                   NULL, 0, -1, NULL, NULL, NULL, pcb);
-    if (rv <= 0) {
-        DSA_free(ret);
-        return NULL;
-    }
-    return ret;
-}
-
-#endif
-
-static int pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
-    DH *dh = NULL;
-    DH_PKEY_CTX *dctx = ctx->data;
-    BN_GENCB *pcb, cb;
-    int ret;
-    if (dctx->rfc5114_param) {
-        switch (dctx->rfc5114_param) {
-        case 1:
-            dh = DH_get_1024_160();
-            break;
-
-        case 2:
-            dh = DH_get_2048_224();
-            break;
-
-        case 3:
-            dh = DH_get_2048_256();
-            break;
-
-        default:
-            return -2;
-        }
-        EVP_PKEY_assign(pkey, EVP_PKEY_DHX, dh);
-        return 1;
-    }
-
-    if (ctx->pkey_gencb) {
-        pcb = &cb;
-        evp_pkey_set_cb_translate(pcb, ctx);
-    } else
-        pcb = NULL;
-#ifndef OPENSSL_NO_DSA
-    if (dctx->use_dsa) {
-        DSA *dsa_dh;
-        dsa_dh = dsa_dh_generate(dctx, pcb);
-        if (!dsa_dh)
-            return 0;
-        dh = DSA_dup_DH(dsa_dh);
-        DSA_free(dsa_dh);
-        if (!dh)
-            return 0;
-        EVP_PKEY_assign(pkey, EVP_PKEY_DHX, dh);
-        return 1;
-    }
-#endif
-    dh = DH_new();
-    if (!dh)
-        return 0;
-    ret = DH_generate_parameters_ex(dh,
-                                    dctx->prime_len, dctx->generator, pcb);
-
-    if (ret)
-        EVP_PKEY_assign_DH(pkey, dh);
-    else
-        DH_free(dh);
-    return ret;
-}
-
-static int pkey_dh_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
-    DH *dh = NULL;
-    if (ctx->pkey == NULL) {
-        DHerr(DH_F_PKEY_DH_KEYGEN, DH_R_NO_PARAMETERS_SET);
-        return 0;
-    }
-    dh = DH_new();
-    if (!dh)
-        return 0;
-    EVP_PKEY_assign(pkey, ctx->pmeth->pkey_id, dh);
-    /* Note: if error return, pkey is freed by parent routine */
-    if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey))
-        return 0;
-    return DH_generate_key(pkey->pkey.dh);
-}
-
-static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
-                          size_t *keylen)
-{
-    int ret;
-    DH *dh;
-    DH_PKEY_CTX *dctx = ctx->data;
-    BIGNUM *dhpub;
-    if (!ctx->pkey || !ctx->peerkey) {
-        DHerr(DH_F_PKEY_DH_DERIVE, DH_R_KEYS_NOT_SET);
-        return 0;
-    }
-    dh = ctx->pkey->pkey.dh;
-    dhpub = ctx->peerkey->pkey.dh->pub_key;
-    if (dctx->kdf_type == EVP_PKEY_DH_KDF_NONE) {
-        if (key == NULL) {
-            *keylen = DH_size(dh);
-            return 1;
-        }
-        ret = DH_compute_key(key, dhpub, dh);
-        if (ret < 0)
-            return ret;
-        *keylen = ret;
-        return 1;
-    } else if (dctx->kdf_type == EVP_PKEY_DH_KDF_X9_42) {
-        unsigned char *Z = NULL;
-        size_t Zlen = 0;
-        if (!dctx->kdf_outlen || !dctx->kdf_oid)
-            return 0;
-        if (key == NULL) {
-            *keylen = dctx->kdf_outlen;
-            return 1;
-        }
-        if (*keylen != dctx->kdf_outlen)
-            return 0;
-        ret = 0;
-        Zlen = DH_size(dh);
-        Z = OPENSSL_malloc(Zlen);
-        if (!Z) {
-            goto err;
-        }
-        if (DH_compute_key_padded(Z, dhpub, dh) <= 0)
-            goto err;
-        if (!DH_KDF_X9_42(key, *keylen, Z, Zlen, dctx->kdf_oid,
-                          dctx->kdf_ukm, dctx->kdf_ukmlen, dctx->kdf_md))
-            goto err;
-        *keylen = dctx->kdf_outlen;
-        ret = 1;
- err:
-        if (Z) {
-            OPENSSL_cleanse(Z, Zlen);
-            OPENSSL_free(Z);
-        }
-        return ret;
-    }
-    return 1;
-}
-
-const EVP_PKEY_METHOD dh_pkey_meth = {
-    EVP_PKEY_DH,
-    0,
-    pkey_dh_init,
-    pkey_dh_copy,
-    pkey_dh_cleanup,
-
-    0,
-    pkey_dh_paramgen,
-
-    0,
-    pkey_dh_keygen,
-
-    0,
-    0,
-
-    0,
-    0,
-
-    0, 0,
-
-    0, 0, 0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    0,
-    pkey_dh_derive,
-
-    pkey_dh_ctrl,
-    pkey_dh_ctrl_str
-};
-
-const EVP_PKEY_METHOD dhx_pkey_meth = {
-    EVP_PKEY_DHX,
-    0,
-    pkey_dh_init,
-    pkey_dh_copy,
-    pkey_dh_cleanup,
-
-    0,
-    pkey_dh_paramgen,
-
-    0,
-    pkey_dh_keygen,
-
-    0,
-    0,
-
-    0,
-    0,
-
-    0, 0,
-
-    0, 0, 0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    0,
-    pkey_dh_derive,
-
-    pkey_dh_ctrl,
-    pkey_dh_ctrl_str
-};
diff --git a/thirdparty/openssl/crypto/dh/dh_prn.c b/thirdparty/openssl/crypto/dh/dh_prn.c
deleted file mode 100644
index 5d6c3a37e7..0000000000
--- a/thirdparty/openssl/crypto/dh/dh_prn.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* crypto/asn1/t_pkey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/dh.h>
-
-#ifndef OPENSSL_NO_FP_API
-int DHparams_print_fp(FILE *fp, const DH *x)
-{
-    BIO *b;
-    int ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        DHerr(DH_F_DHPARAMS_PRINT_FP, ERR_R_BUF_LIB);
-        return (0);
-    }
-    BIO_set_fp(b, fp, BIO_NOCLOSE);
-    ret = DHparams_print(b, x);
-    BIO_free(b);
-    return (ret);
-}
-#endif
diff --git a/thirdparty/openssl/crypto/dh/dh_rfc5114.c b/thirdparty/openssl/crypto/dh/dh_rfc5114.c
deleted file mode 100644
index e96e2aa3fc..0000000000
--- a/thirdparty/openssl/crypto/dh/dh_rfc5114.c
+++ /dev/null
@@ -1,285 +0,0 @@
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2011.
- */
-/* ====================================================================
- * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/dh.h>
-#include <openssl/bn.h>
-
-/* DH parameters from RFC5114 */
-
-#if BN_BITS2 == 64
-static const BN_ULONG dh1024_160_p[] = {
-    0xDF1FB2BC2E4A4371ULL, 0xE68CFDA76D4DA708ULL, 0x45BF37DF365C1A65ULL,
-    0xA151AF5F0DC8B4BDULL, 0xFAA31A4FF55BCCC0ULL, 0x4EFFD6FAE5644738ULL,
-    0x98488E9C219A7372ULL, 0xACCBDD7D90C4BD70ULL, 0x24975C3CD49B83BFULL,
-    0x13ECB4AEA9061123ULL, 0x9838EF1E2EE652C0ULL, 0x6073E28675A23D18ULL,
-    0x9A6A9DCA52D23B61ULL, 0x52C99FBCFB06A3C6ULL, 0xDE92DE5EAE5D54ECULL,
-    0xB10B8F96A080E01DULL
-};
-
-static const BN_ULONG dh1024_160_g[] = {
-    0x855E6EEB22B3B2E5ULL, 0x858F4DCEF97C2A24ULL, 0x2D779D5918D08BC8ULL,
-    0xD662A4D18E73AFA3ULL, 0x1DBF0A0169B6A28AULL, 0xA6A24C087A091F53ULL,
-    0x909D0D2263F80A76ULL, 0xD7FBD7D3B9A92EE1ULL, 0x5E91547F9E2749F4ULL,
-    0x160217B4B01B886AULL, 0x777E690F5504F213ULL, 0x266FEA1E5C41564BULL,
-    0xD6406CFF14266D31ULL, 0xF8104DD258AC507FULL, 0x6765A442EFB99905ULL,
-    0xA4D1CBD5C3FD3412ULL
-};
-
-static const BN_ULONG dh1024_160_q[] = {
-    0x64B7CB9D49462353ULL, 0x81A8DF278ABA4E7DULL, 0x00000000F518AA87ULL
-};
-
-static const BN_ULONG dh2048_224_p[] = {
-    0x0AC4DFFE0C10E64FULL, 0xCF9DE5384E71B81CULL, 0x7EF363E2FFA31F71ULL,
-    0xE3FB73C16B8E75B9ULL, 0xC9B53DCF4BA80A29ULL, 0x23F10B0E16E79763ULL,
-    0xC52172E413042E9BULL, 0xBE60E69CC928B2B9ULL, 0x80CD86A1B9E587E8ULL,
-    0x315D75E198C641A4ULL, 0xCDF93ACC44328387ULL, 0x15987D9ADC0A486DULL,
-    0x7310F7121FD5A074ULL, 0x278273C7DE31EFDCULL, 0x1602E714415D9330ULL,
-    0x81286130BC8985DBULL, 0xB3BF8A3170918836ULL, 0x6A00E0A0B9C49708ULL,
-    0xC6BA0B2C8BBC27BEULL, 0xC9F98D11ED34DBF6ULL, 0x7AD5B7D0B6C12207ULL,
-    0xD91E8FEF55B7394BULL, 0x9037C9EDEFDA4DF8ULL, 0x6D3F8152AD6AC212ULL,
-    0x1DE6B85A1274A0A6ULL, 0xEB3D688A309C180EULL, 0xAF9A3C407BA1DF15ULL,
-    0xE6FA141DF95A56DBULL, 0xB54B1597B61D0A75ULL, 0xA20D64E5683B9FD1ULL,
-    0xD660FAA79559C51FULL, 0xAD107E1E9123A9D0ULL
-};
-
-static const BN_ULONG dh2048_224_g[] = {
-    0x84B890D3191F2BFAULL, 0x81BC087F2A7065B3ULL, 0x19C418E1F6EC0179ULL,
-    0x7B5A0F1C71CFFF4CULL, 0xEDFE72FE9B6AA4BDULL, 0x81E1BCFE94B30269ULL,
-    0x566AFBB48D6C0191ULL, 0xB539CCE3409D13CDULL, 0x6AA21E7F5F2FF381ULL,
-    0xD9E263E4770589EFULL, 0x10E183EDD19963DDULL, 0xB70A8137150B8EEBULL,
-    0x051AE3D428C8F8ACULL, 0xBB77A86F0C1AB15BULL, 0x6E3025E316A330EFULL,
-    0x19529A45D6F83456ULL, 0xF180EB34118E98D1ULL, 0xB5F6C6B250717CBEULL,
-    0x09939D54DA7460CDULL, 0xE247150422EA1ED4ULL, 0xB8A762D0521BC98AULL,
-    0xF4D027275AC1348BULL, 0xC17669101999024AULL, 0xBE5E9001A8D66AD7ULL,
-    0xC57DB17C620A8652ULL, 0xAB739D7700C29F52ULL, 0xDD921F01A70C4AFAULL,
-    0xA6824A4E10B9A6F0ULL, 0x74866A08CFE4FFE3ULL, 0x6CDEBE7B89998CAFULL,
-    0x9DF30B5C8FFDAC50ULL, 0xAC4032EF4F2D9AE3ULL
-};
-
-static const BN_ULONG dh2048_224_q[] = {
-    0xBF389A99B36371EBULL, 0x1F80535A4738CEBCULL, 0xC58D93FE99717710ULL,
-    0x00000000801C0D34ULL
-};
-
-static const BN_ULONG dh2048_256_p[] = {
-    0xDB094AE91E1A1597ULL, 0x693877FAD7EF09CAULL, 0x6116D2276E11715FULL,
-    0xA4B54330C198AF12ULL, 0x75F26375D7014103ULL, 0xC3A3960A54E710C3ULL,
-    0xDED4010ABD0BE621ULL, 0xC0B857F689962856ULL, 0xB3CA3F7971506026ULL,
-    0x1CCACB83E6B486F6ULL, 0x67E144E514056425ULL, 0xF6A167B5A41825D9ULL,
-    0x3AD8347796524D8EULL, 0xF13C6D9A51BFA4ABULL, 0x2D52526735488A0EULL,
-    0xB63ACAE1CAA6B790ULL, 0x4FDB70C581B23F76ULL, 0xBC39A0BF12307F5CULL,
-    0xB941F54EB1E59BB8ULL, 0x6C5BFC11D45F9088ULL, 0x22E0B1EF4275BF7BULL,
-    0x91F9E6725B4758C0ULL, 0x5A8A9D306BCF67EDULL, 0x209E0C6497517ABDULL,
-    0x3BF4296D830E9A7CULL, 0x16C3D91134096FAAULL, 0xFAF7DF4561B2AA30ULL,
-    0xE00DF8F1D61957D4ULL, 0x5D2CEED4435E3B00ULL, 0x8CEEF608660DD0F2ULL,
-    0xFFBBD19C65195999ULL, 0x87A8E61DB4B6663CULL
-};
-
-static const BN_ULONG dh2048_256_g[] = {
-    0x664B4C0F6CC41659ULL, 0x5E2327CFEF98C582ULL, 0xD647D148D4795451ULL,
-    0x2F63078490F00EF8ULL, 0x184B523D1DB246C3ULL, 0xC7891428CDC67EB6ULL,
-    0x7FD028370DF92B52ULL, 0xB3353BBB64E0EC37ULL, 0xECD06E1557CD0915ULL,
-    0xB7D2BBD2DF016199ULL, 0xC8484B1E052588B9ULL, 0xDB2A3B7313D3FE14ULL,
-    0xD052B985D182EA0AULL, 0xA4BD1BFFE83B9C80ULL, 0xDFC967C1FB3F2E55ULL,
-    0xB5045AF2767164E1ULL, 0x1D14348F6F2F9193ULL, 0x64E67982428EBC83ULL,
-    0x8AC376D282D6ED38ULL, 0x777DE62AAAB8A862ULL, 0xDDF463E5E9EC144BULL,
-    0x0196F931C77A57F2ULL, 0xA55AE31341000A65ULL, 0x901228F8C28CBB18ULL,
-    0xBC3773BF7E8C6F62ULL, 0xBE3A6C1B0C6B47B1ULL, 0xFF4FED4AAC0BB555ULL,
-    0x10DBC15077BE463FULL, 0x07F4793A1A0BA125ULL, 0x4CA7B18F21EF2054ULL,
-    0x2E77506660EDBD48ULL, 0x3FB32C9B73134D0BULL
-};
-
-static const BN_ULONG dh2048_256_q[] = {
-    0xA308B0FE64F5FBD3ULL, 0x99B1A47D1EB3750BULL, 0xB447997640129DA2ULL,
-    0x8CF83642A709A097ULL
-};
-
-#elif BN_BITS2 == 32
-
-static const BN_ULONG dh1024_160_p[] = {
-    0x2E4A4371, 0xDF1FB2BC, 0x6D4DA708, 0xE68CFDA7, 0x365C1A65, 0x45BF37DF,
-    0x0DC8B4BD, 0xA151AF5F, 0xF55BCCC0, 0xFAA31A4F, 0xE5644738, 0x4EFFD6FA,
-    0x219A7372, 0x98488E9C, 0x90C4BD70, 0xACCBDD7D, 0xD49B83BF, 0x24975C3C,
-    0xA9061123, 0x13ECB4AE, 0x2EE652C0, 0x9838EF1E, 0x75A23D18, 0x6073E286,
-    0x52D23B61, 0x9A6A9DCA, 0xFB06A3C6, 0x52C99FBC, 0xAE5D54EC, 0xDE92DE5E,
-    0xA080E01D, 0xB10B8F96
-};
-
-static const BN_ULONG dh1024_160_g[] = {
-    0x22B3B2E5, 0x855E6EEB, 0xF97C2A24, 0x858F4DCE, 0x18D08BC8, 0x2D779D59,
-    0x8E73AFA3, 0xD662A4D1, 0x69B6A28A, 0x1DBF0A01, 0x7A091F53, 0xA6A24C08,
-    0x63F80A76, 0x909D0D22, 0xB9A92EE1, 0xD7FBD7D3, 0x9E2749F4, 0x5E91547F,
-    0xB01B886A, 0x160217B4, 0x5504F213, 0x777E690F, 0x5C41564B, 0x266FEA1E,
-    0x14266D31, 0xD6406CFF, 0x58AC507F, 0xF8104DD2, 0xEFB99905, 0x6765A442,
-    0xC3FD3412, 0xA4D1CBD5
-};
-
-static const BN_ULONG dh1024_160_q[] = {
-    0x49462353, 0x64B7CB9D, 0x8ABA4E7D, 0x81A8DF27, 0xF518AA87
-};
-
-static const BN_ULONG dh2048_224_p[] = {
-    0x0C10E64F, 0x0AC4DFFE, 0x4E71B81C, 0xCF9DE538, 0xFFA31F71, 0x7EF363E2,
-    0x6B8E75B9, 0xE3FB73C1, 0x4BA80A29, 0xC9B53DCF, 0x16E79763, 0x23F10B0E,
-    0x13042E9B, 0xC52172E4, 0xC928B2B9, 0xBE60E69C, 0xB9E587E8, 0x80CD86A1,
-    0x98C641A4, 0x315D75E1, 0x44328387, 0xCDF93ACC, 0xDC0A486D, 0x15987D9A,
-    0x1FD5A074, 0x7310F712, 0xDE31EFDC, 0x278273C7, 0x415D9330, 0x1602E714,
-    0xBC8985DB, 0x81286130, 0x70918836, 0xB3BF8A31, 0xB9C49708, 0x6A00E0A0,
-    0x8BBC27BE, 0xC6BA0B2C, 0xED34DBF6, 0xC9F98D11, 0xB6C12207, 0x7AD5B7D0,
-    0x55B7394B, 0xD91E8FEF, 0xEFDA4DF8, 0x9037C9ED, 0xAD6AC212, 0x6D3F8152,
-    0x1274A0A6, 0x1DE6B85A, 0x309C180E, 0xEB3D688A, 0x7BA1DF15, 0xAF9A3C40,
-    0xF95A56DB, 0xE6FA141D, 0xB61D0A75, 0xB54B1597, 0x683B9FD1, 0xA20D64E5,
-    0x9559C51F, 0xD660FAA7, 0x9123A9D0, 0xAD107E1E
-};
-
-static const BN_ULONG dh2048_224_g[] = {
-    0x191F2BFA, 0x84B890D3, 0x2A7065B3, 0x81BC087F, 0xF6EC0179, 0x19C418E1,
-    0x71CFFF4C, 0x7B5A0F1C, 0x9B6AA4BD, 0xEDFE72FE, 0x94B30269, 0x81E1BCFE,
-    0x8D6C0191, 0x566AFBB4, 0x409D13CD, 0xB539CCE3, 0x5F2FF381, 0x6AA21E7F,
-    0x770589EF, 0xD9E263E4, 0xD19963DD, 0x10E183ED, 0x150B8EEB, 0xB70A8137,
-    0x28C8F8AC, 0x051AE3D4, 0x0C1AB15B, 0xBB77A86F, 0x16A330EF, 0x6E3025E3,
-    0xD6F83456, 0x19529A45, 0x118E98D1, 0xF180EB34, 0x50717CBE, 0xB5F6C6B2,
-    0xDA7460CD, 0x09939D54, 0x22EA1ED4, 0xE2471504, 0x521BC98A, 0xB8A762D0,
-    0x5AC1348B, 0xF4D02727, 0x1999024A, 0xC1766910, 0xA8D66AD7, 0xBE5E9001,
-    0x620A8652, 0xC57DB17C, 0x00C29F52, 0xAB739D77, 0xA70C4AFA, 0xDD921F01,
-    0x10B9A6F0, 0xA6824A4E, 0xCFE4FFE3, 0x74866A08, 0x89998CAF, 0x6CDEBE7B,
-    0x8FFDAC50, 0x9DF30B5C, 0x4F2D9AE3, 0xAC4032EF
-};
-
-static const BN_ULONG dh2048_224_q[] = {
-    0xB36371EB, 0xBF389A99, 0x4738CEBC, 0x1F80535A, 0x99717710, 0xC58D93FE,
-    0x801C0D34
-};
-
-static const BN_ULONG dh2048_256_p[] = {
-    0x1E1A1597, 0xDB094AE9, 0xD7EF09CA, 0x693877FA, 0x6E11715F, 0x6116D227,
-    0xC198AF12, 0xA4B54330, 0xD7014103, 0x75F26375, 0x54E710C3, 0xC3A3960A,
-    0xBD0BE621, 0xDED4010A, 0x89962856, 0xC0B857F6, 0x71506026, 0xB3CA3F79,
-    0xE6B486F6, 0x1CCACB83, 0x14056425, 0x67E144E5, 0xA41825D9, 0xF6A167B5,
-    0x96524D8E, 0x3AD83477, 0x51BFA4AB, 0xF13C6D9A, 0x35488A0E, 0x2D525267,
-    0xCAA6B790, 0xB63ACAE1, 0x81B23F76, 0x4FDB70C5, 0x12307F5C, 0xBC39A0BF,
-    0xB1E59BB8, 0xB941F54E, 0xD45F9088, 0x6C5BFC11, 0x4275BF7B, 0x22E0B1EF,
-    0x5B4758C0, 0x91F9E672, 0x6BCF67ED, 0x5A8A9D30, 0x97517ABD, 0x209E0C64,
-    0x830E9A7C, 0x3BF4296D, 0x34096FAA, 0x16C3D911, 0x61B2AA30, 0xFAF7DF45,
-    0xD61957D4, 0xE00DF8F1, 0x435E3B00, 0x5D2CEED4, 0x660DD0F2, 0x8CEEF608,
-    0x65195999, 0xFFBBD19C, 0xB4B6663C, 0x87A8E61D
-};
-
-static const BN_ULONG dh2048_256_g[] = {
-    0x6CC41659, 0x664B4C0F, 0xEF98C582, 0x5E2327CF, 0xD4795451, 0xD647D148,
-    0x90F00EF8, 0x2F630784, 0x1DB246C3, 0x184B523D, 0xCDC67EB6, 0xC7891428,
-    0x0DF92B52, 0x7FD02837, 0x64E0EC37, 0xB3353BBB, 0x57CD0915, 0xECD06E15,
-    0xDF016199, 0xB7D2BBD2, 0x052588B9, 0xC8484B1E, 0x13D3FE14, 0xDB2A3B73,
-    0xD182EA0A, 0xD052B985, 0xE83B9C80, 0xA4BD1BFF, 0xFB3F2E55, 0xDFC967C1,
-    0x767164E1, 0xB5045AF2, 0x6F2F9193, 0x1D14348F, 0x428EBC83, 0x64E67982,
-    0x82D6ED38, 0x8AC376D2, 0xAAB8A862, 0x777DE62A, 0xE9EC144B, 0xDDF463E5,
-    0xC77A57F2, 0x0196F931, 0x41000A65, 0xA55AE313, 0xC28CBB18, 0x901228F8,
-    0x7E8C6F62, 0xBC3773BF, 0x0C6B47B1, 0xBE3A6C1B, 0xAC0BB555, 0xFF4FED4A,
-    0x77BE463F, 0x10DBC150, 0x1A0BA125, 0x07F4793A, 0x21EF2054, 0x4CA7B18F,
-    0x60EDBD48, 0x2E775066, 0x73134D0B, 0x3FB32C9B
-};
-
-static const BN_ULONG dh2048_256_q[] = {
-    0x64F5FBD3, 0xA308B0FE, 0x1EB3750B, 0x99B1A47D, 0x40129DA2, 0xB4479976,
-    0xA709A097, 0x8CF83642
-};
-
-#else
-# error "unsupported BN_BITS2"
-#endif
-
-/* Macro to make a BIGNUM from static data */
-
-#define make_dh_bn(x) static const BIGNUM _bignum_##x = { (BN_ULONG *) x, \
-                        sizeof(x)/sizeof(BN_ULONG),\
-                        sizeof(x)/sizeof(BN_ULONG),\
-                        0, BN_FLG_STATIC_DATA }
-
-/*
- * Macro to make a DH structure from BIGNUM data. NB: although just copying
- * the BIGNUM static pointers would be more efficient we can't as they get
- * wiped using BN_clear_free() when DH_free() is called.
- */
-
-#define make_dh(x) \
-DH * DH_get_##x(void) \
-        { \
-        DH *dh; \
-        make_dh_bn(dh##x##_p); \
-        make_dh_bn(dh##x##_q); \
-        make_dh_bn(dh##x##_g); \
-        dh = DH_new(); \
-        if (!dh) \
-                return NULL; \
-        dh->p = BN_dup(&_bignum_dh##x##_p); \
-        dh->g = BN_dup(&_bignum_dh##x##_g); \
-        dh->q = BN_dup(&_bignum_dh##x##_q); \
-        if (!dh->p || !dh->q || !dh->g) \
-                { \
-                DH_free(dh); \
-                return NULL; \
-                } \
-        return dh; \
-        }
-
-make_dh(1024_160)
-make_dh(2048_224)
-make_dh(2048_256)
diff --git a/thirdparty/openssl/crypto/dh/example b/thirdparty/openssl/crypto/dh/example
deleted file mode 100644
index 16a33d2910..0000000000
--- a/thirdparty/openssl/crypto/dh/example
+++ /dev/null
@@ -1,50 +0,0 @@
-From owner-cypherpunks@toad.com Mon Sep 25 10:50:51 1995
-Received: from minbne.mincom.oz.au by orb.mincom.oz.au with SMTP id AA10562
-  (5.65c/IDA-1.4.4 for eay); Wed, 27 Sep 1995 19:41:55 +1000
-Received: by minbne.mincom.oz.au id AA19958
-  (5.65c/IDA-1.4.4 for eay@orb.mincom.oz.au); Wed, 27 Sep 1995 19:34:59 +1000
-Received: from relay3.UU.NET by bunyip.cc.uq.oz.au with SMTP (PP);
-          Wed, 27 Sep 1995 19:13:05 +1000
-Received: from toad.com by relay3.UU.NET with SMTP id QQzizb16156;
-          Wed, 27 Sep 1995 04:48:46 -0400
-Received: by toad.com id AA07905; Tue, 26 Sep 95 06:31:45 PDT
-Received: from by toad.com id AB07851; Tue, 26 Sep 95 06:31:40 PDT
-Received: from servo.qualcomm.com (servo.qualcomm.com [129.46.128.14]) 
-          by cygnus.com (8.6.12/8.6.9) with ESMTP id RAA18442 
-          for <cypherpunks@toad.com>; Mon, 25 Sep 1995 17:52:47 -0700
-Received: (karn@localhost) by servo.qualcomm.com (8.6.12/QC-BSD-2.5.1) 
-          id RAA14732; Mon, 25 Sep 1995 17:50:51 -0700
-Date: Mon, 25 Sep 1995 17:50:51 -0700
-From: Phil Karn <karn@qualcomm.com>
-Message-Id: <199509260050.RAA14732@servo.qualcomm.com>
-To: cypherpunks@toad.com, ipsec-dev@eit.com
-Subject: Primality verification needed
-Sender: owner-cypherpunks@toad.com
-Precedence: bulk
-Status: RO
-X-Status: 
-
-Hi. I've generated a 2047-bit "strong" prime number that I would like to
-use with Diffie-Hellman key exchange. I assert that not only is this number
-'p' prime, but so is (p-1)/2.
-
-I've used the mpz_probab_prime() function in the Gnu Math Package (GMP) version
-1.3.2 to test this number. This function uses the Miller-Rabin primality test.
-However, to increase my confidence that this number really is a strong prime,
-I'd like to ask others to confirm it with other tests. Here's the number in hex:
-
-72a925f760b2f954ed287f1b0953f3e6aef92e456172f9fe86fdd8822241b9c9788fbc289982743e
-fbcd2ccf062b242d7a567ba8bbb40d79bca7b8e0b6c05f835a5b938d985816bc648985adcff5402a
-a76756b36c845a840a1d059ce02707e19cf47af0b5a882f32315c19d1b86a56c5389c5e9bee16b65
-fde7b1a8d74a7675de9b707d4c5a4633c0290c95ff30a605aeb7ae864ff48370f13cf01d49adb9f2
-3d19a439f753ee7703cf342d87f431105c843c78ca4df639931f3458fae8a94d1687e99a76ed99d0
-ba87189f42fd31ad8262c54a8cf5914ae6c28c540d714a5f6087a171fb74f4814c6f968d72386ef3
-56a05180c3bec7ddd5ef6fe76b1f717b
-
-The generator, g, for this prime is 2.
-
-Thanks!
-
-Phil Karn
-
-
diff --git a/thirdparty/openssl/crypto/dh/generate b/thirdparty/openssl/crypto/dh/generate
deleted file mode 100644
index 5d407231df..0000000000
--- a/thirdparty/openssl/crypto/dh/generate
+++ /dev/null
@@ -1,65 +0,0 @@
-From: stewarts@ix.netcom.com (Bill Stewart)
-Newsgroups: sci.crypt
-Subject: Re: Diffie-Hellman key exchange
-Date: Wed, 11 Oct 1995 23:08:28 GMT
-Organization: Freelance Information Architect
-Lines: 32
-Message-ID: <45hir2$7l8@ixnews7.ix.netcom.com>
-References: <458rhn$76m$1@mhadf.production.compuserve.com>
-NNTP-Posting-Host: ix-pl4-16.ix.netcom.com
-X-NETCOM-Date: Wed Oct 11  4:09:22 PM PDT 1995
-X-Newsreader: Forte Free Agent 1.0.82
-
-Kent Briggs <72124.3234@CompuServe.COM> wrote:
-
->I have a copy of the 1976 IEEE article describing the
->Diffie-Hellman public key exchange algorithm: y=a^x mod q.  I'm
->looking for sources that give examples of secure a,q pairs and
->possible some source code that I could examine.
-
-q should be prime, and ideally should be a "strong prime",
-which means it's of the form 2n+1 where n is also prime.
-q also needs to be long enough to prevent the attacks LaMacchia and
-Odlyzko described (some variant on a factoring attack which generates
-a large pile of simultaneous equations and then solves them);
-long enough is about the same size as factoring, so 512 bits may not
-be secure enough for most applications.  (The 192 bits used by
-"secure NFS" was certainly not long enough.)
-
-a should be a generator for q, which means it needs to be
-relatively prime to q-1.   Usually a small prime like 2, 3 or 5 will
-work.  
-
-....
-
-Date: Tue, 26 Sep 1995 13:52:36 MST
-From: "Richard Schroeppel" <rcs@cs.arizona.edu>
-To: karn
-Cc: ho@cs.arizona.edu
-Subject: random large primes
-
-Since your prime is really random, proving it is hard.
-My personal limit on rigorously proved primes is ~350 digits.
-If you really want a proof, we should talk to Francois Morain,
-or the Australian group.
-
-If you want 2 to be a generator (mod P), then you need it
-to be a non-square.  If (P-1)/2 is also prime, then
-non-square == primitive-root for bases << P.
-
-In the case at hand, this means 2 is a generator iff P = 11 (mod 24).
-If you want this, you should restrict your sieve accordingly.
-
-3 is a generator iff P = 5 (mod 12).
-
-5 is a generator iff P = 3 or 7 (mod 10).
-
-2 is perfectly usable as a base even if it's a non-generator, since
-it still covers half the space of possible residues.  And an
-eavesdropper can always determine the low-bit of your exponent for
-a generator anyway.
-
-Rich  rcs@cs.arizona.edu
-
-
-
diff --git a/thirdparty/openssl/crypto/dh/p1024.c b/thirdparty/openssl/crypto/dh/p1024.c
deleted file mode 100644
index a4b014b6a3..0000000000
--- a/thirdparty/openssl/crypto/dh/p1024.c
+++ /dev/null
@@ -1,92 +0,0 @@
-/* crypto/dh/p1024.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/bn.h>
-#include <openssl/asn1.h>
-#include <openssl/dh.h>
-#include <openssl/pem.h>
-
-unsigned char data[] = { 0x97, 0xF6, 0x42, 0x61, 0xCA, 0xB5, 0x05, 0xDD,
-    0x28, 0x28, 0xE1, 0x3F, 0x1D, 0x68, 0xB6, 0xD3,
-    0xDB, 0xD0, 0xF3, 0x13, 0x04, 0x7F, 0x40, 0xE8,
-    0x56, 0xDA, 0x58, 0xCB, 0x13, 0xB8, 0xA1, 0xBF,
-    0x2B, 0x78, 0x3A, 0x4C, 0x6D, 0x59, 0xD5, 0xF9,
-    0x2A, 0xFC, 0x6C, 0xFF, 0x3D, 0x69, 0x3F, 0x78,
-    0xB2, 0x3D, 0x4F, 0x31, 0x60, 0xA9, 0x50, 0x2E,
-    0x3E, 0xFA, 0xF7, 0xAB, 0x5E, 0x1A, 0xD5, 0xA6,
-    0x5E, 0x55, 0x43, 0x13, 0x82, 0x8D, 0xA8, 0x3B,
-    0x9F, 0xF2, 0xD9, 0x41, 0xDE, 0xE9, 0x56, 0x89,
-    0xFA, 0xDA, 0xEA, 0x09, 0x36, 0xAD, 0xDF, 0x19,
-    0x71, 0xFE, 0x63, 0x5B, 0x20, 0xAF, 0x47, 0x03,
-    0x64, 0x60, 0x3C, 0x2D, 0xE0, 0x59, 0xF5, 0x4B,
-    0x65, 0x0A, 0xD8, 0xFA, 0x0C, 0xF7, 0x01, 0x21,
-    0xC7, 0x47, 0x99, 0xD7, 0x58, 0x71, 0x32, 0xBE,
-    0x9B, 0x99, 0x9B, 0xB9, 0xB7, 0x87, 0xE8, 0xAB,
-};
-
-main()
-{
-    DH *dh;
-
-    dh = DH_new();
-    dh->p = BN_bin2bn(data, sizeof(data), NULL);
-    dh->g = BN_new();
-    BN_set_word(dh->g, 2);
-    PEM_write_DHparams(stdout, dh);
-}
diff --git a/thirdparty/openssl/crypto/dh/p192.c b/thirdparty/openssl/crypto/dh/p192.c
deleted file mode 100644
index 9f49f76835..0000000000
--- a/thirdparty/openssl/crypto/dh/p192.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/* crypto/dh/p192.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/bn.h>
-#include <openssl/asn1.h>
-#include <openssl/dh.h>
-#include <openssl/pem.h>
-
-unsigned char data[] = {
-    0xD4, 0xA0, 0xBA, 0x02, 0x50, 0xB6, 0xFD, 0x2E,
-    0xC6, 0x26, 0xE7, 0xEF, 0xD6, 0x37, 0xDF, 0x76,
-    0xC7, 0x16, 0xE2, 0x2D, 0x09, 0x44, 0xB8, 0x8B,
-};
-
-main()
-{
-    DH *dh;
-
-    dh = DH_new();
-    dh->p = BN_bin2bn(data, sizeof(data), NULL);
-    dh->g = BN_new();
-    BN_set_word(dh->g, 3);
-    PEM_write_DHparams(stdout, dh);
-}
diff --git a/thirdparty/openssl/crypto/dh/p512.c b/thirdparty/openssl/crypto/dh/p512.c
deleted file mode 100644
index 606fa4d6c3..0000000000
--- a/thirdparty/openssl/crypto/dh/p512.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* crypto/dh/p512.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/bn.h>
-#include <openssl/asn1.h>
-#include <openssl/dh.h>
-#include <openssl/pem.h>
-
-unsigned char data[] = {
-    0xDA, 0x58, 0x3C, 0x16, 0xD9, 0x85, 0x22, 0x89,
-    0xD0, 0xE4, 0xAF, 0x75, 0x6F, 0x4C, 0xCA, 0x92,
-    0xDD, 0x4B, 0xE5, 0x33, 0xB8, 0x04, 0xFB, 0x0F,
-    0xED, 0x94, 0xEF, 0x9C, 0x8A, 0x44, 0x03, 0xED,
-    0x57, 0x46, 0x50, 0xD3, 0x69, 0x99, 0xDB, 0x29,
-    0xD7, 0x76, 0x27, 0x6B, 0xA2, 0xD3, 0xD4, 0x12,
-    0xE2, 0x18, 0xF4, 0xDD, 0x1E, 0x08, 0x4C, 0xF6,
-    0xD8, 0x00, 0x3E, 0x7C, 0x47, 0x74, 0xE8, 0x33,
-};
-
-main()
-{
-    DH *dh;
-
-    dh = DH_new();
-    dh->p = BN_bin2bn(data, sizeof(data), NULL);
-    dh->g = BN_new();
-    BN_set_word(dh->g, 2);
-    PEM_write_DHparams(stdout, dh);
-}
diff --git a/thirdparty/openssl/crypto/dsa/README b/thirdparty/openssl/crypto/dsa/README
deleted file mode 100644
index 6a7e9c170a..0000000000
--- a/thirdparty/openssl/crypto/dsa/README
+++ /dev/null
@@ -1,4 +0,0 @@
-The stuff in here is based on patches supplied to me by
-Steven Schoch <schoch@sheba.arc.nasa.gov> to do DSS.
-I have since modified a them a little but a debt of gratitude
-is due for doing the initial work.
diff --git a/thirdparty/openssl/crypto/dsa/dsa_ameth.c b/thirdparty/openssl/crypto/dsa/dsa_ameth.c
deleted file mode 100644
index c4fa105747..0000000000
--- a/thirdparty/openssl/crypto/dsa/dsa_ameth.c
+++ /dev/null
@@ -1,678 +0,0 @@
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-#include <openssl/dsa.h>
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_CMS
-# include <openssl/cms.h>
-#endif
-#include "asn1_locl.h"
-
-static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
-{
-    const unsigned char *p, *pm;
-    int pklen, pmlen;
-    int ptype;
-    void *pval;
-    ASN1_STRING *pstr;
-    X509_ALGOR *palg;
-    ASN1_INTEGER *public_key = NULL;
-
-    DSA *dsa = NULL;
-
-    if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
-        return 0;
-    X509_ALGOR_get0(NULL, &ptype, &pval, palg);
-
-    if (ptype == V_ASN1_SEQUENCE) {
-        pstr = pval;
-        pm = pstr->data;
-        pmlen = pstr->length;
-
-        if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen))) {
-            DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
-            goto err;
-        }
-
-    } else if ((ptype == V_ASN1_NULL) || (ptype == V_ASN1_UNDEF)) {
-        if (!(dsa = DSA_new())) {
-            DSAerr(DSA_F_DSA_PUB_DECODE, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-    } else {
-        DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_PARAMETER_ENCODING_ERROR);
-        goto err;
-    }
-
-    if (!(public_key = d2i_ASN1_INTEGER(NULL, &p, pklen))) {
-        DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
-        goto err;
-    }
-
-    if (!(dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) {
-        DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_BN_DECODE_ERROR);
-        goto err;
-    }
-
-    ASN1_INTEGER_free(public_key);
-    EVP_PKEY_assign_DSA(pkey, dsa);
-    return 1;
-
- err:
-    if (public_key)
-        ASN1_INTEGER_free(public_key);
-    if (dsa)
-        DSA_free(dsa);
-    return 0;
-
-}
-
-static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
-{
-    DSA *dsa;
-    int ptype;
-    unsigned char *penc = NULL;
-    int penclen;
-    ASN1_STRING *str = NULL;
-
-    dsa = pkey->pkey.dsa;
-    if (pkey->save_parameters && dsa->p && dsa->q && dsa->g) {
-        str = ASN1_STRING_new();
-        if (!str) {
-            DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        str->length = i2d_DSAparams(dsa, &str->data);
-        if (str->length <= 0) {
-            DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        ptype = V_ASN1_SEQUENCE;
-    } else
-        ptype = V_ASN1_UNDEF;
-
-    dsa->write_params = 0;
-
-    penclen = i2d_DSAPublicKey(dsa, &penc);
-
-    if (penclen <= 0) {
-        DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA),
-                               ptype, str, penc, penclen))
-        return 1;
-
- err:
-    if (penc)
-        OPENSSL_free(penc);
-    if (str)
-        ASN1_STRING_free(str);
-
-    return 0;
-}
-
-/*
- * In PKCS#8 DSA: you just get a private key integer and parameters in the
- * AlgorithmIdentifier the pubkey must be recalculated.
- */
-
-static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
-{
-    const unsigned char *p, *pm;
-    int pklen, pmlen;
-    int ptype;
-    void *pval;
-    ASN1_STRING *pstr;
-    X509_ALGOR *palg;
-    ASN1_INTEGER *privkey = NULL;
-    BN_CTX *ctx = NULL;
-
-    STACK_OF(ASN1_TYPE) *ndsa = NULL;
-    DSA *dsa = NULL;
-
-    int ret = 0;
-
-    if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
-        return 0;
-    X509_ALGOR_get0(NULL, &ptype, &pval, palg);
-
-    /* Check for broken DSA PKCS#8, UGH! */
-    if (*p == (V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED)) {
-        ASN1_TYPE *t1, *t2;
-        if (!(ndsa = d2i_ASN1_SEQUENCE_ANY(NULL, &p, pklen)))
-            goto decerr;
-        if (sk_ASN1_TYPE_num(ndsa) != 2)
-            goto decerr;
-        /*-
-         * Handle Two broken types:
-         * SEQUENCE {parameters, priv_key}
-         * SEQUENCE {pub_key, priv_key}
-         */
-
-        t1 = sk_ASN1_TYPE_value(ndsa, 0);
-        t2 = sk_ASN1_TYPE_value(ndsa, 1);
-        if (t1->type == V_ASN1_SEQUENCE) {
-            p8->broken = PKCS8_EMBEDDED_PARAM;
-            pval = t1->value.ptr;
-        } else if (ptype == V_ASN1_SEQUENCE)
-            p8->broken = PKCS8_NS_DB;
-        else
-            goto decerr;
-
-        if (t2->type != V_ASN1_INTEGER)
-            goto decerr;
-
-        privkey = t2->value.integer;
-    } else {
-        const unsigned char *q = p;
-        if (!(privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)))
-            goto decerr;
-        if (privkey->type == V_ASN1_NEG_INTEGER) {
-            p8->broken = PKCS8_NEG_PRIVKEY;
-            ASN1_STRING_clear_free(privkey);
-            if (!(privkey = d2i_ASN1_UINTEGER(NULL, &q, pklen)))
-                goto decerr;
-        }
-        if (ptype != V_ASN1_SEQUENCE)
-            goto decerr;
-    }
-
-    pstr = pval;
-    pm = pstr->data;
-    pmlen = pstr->length;
-    if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen)))
-        goto decerr;
-    /* We have parameters now set private key */
-    if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
-        DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
-        goto dsaerr;
-    }
-    /* Calculate public key */
-    if (!(dsa->pub_key = BN_new())) {
-        DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
-        goto dsaerr;
-    }
-    if (!(ctx = BN_CTX_new())) {
-        DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
-        goto dsaerr;
-    }
-
-    if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) {
-        DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
-        goto dsaerr;
-    }
-
-    EVP_PKEY_assign_DSA(pkey, dsa);
-
-    ret = 1;
-    goto done;
-
- decerr:
-    DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_DECODE_ERROR);
- dsaerr:
-    DSA_free(dsa);
- done:
-    BN_CTX_free(ctx);
-    if (ndsa)
-        sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
-    else
-        ASN1_STRING_clear_free(privkey);
-    return ret;
-}
-
-static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
-{
-    ASN1_STRING *params = NULL;
-    ASN1_INTEGER *prkey = NULL;
-    unsigned char *dp = NULL;
-    int dplen;
-
-    if (!pkey->pkey.dsa || !pkey->pkey.dsa->priv_key) {
-        DSAerr(DSA_F_DSA_PRIV_ENCODE, DSA_R_MISSING_PARAMETERS);
-        goto err;
-    }
-
-    params = ASN1_STRING_new();
-
-    if (!params) {
-        DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    params->length = i2d_DSAparams(pkey->pkey.dsa, &params->data);
-    if (params->length <= 0) {
-        DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    params->type = V_ASN1_SEQUENCE;
-
-    /* Get private key into integer */
-    prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL);
-
-    if (!prkey) {
-        DSAerr(DSA_F_DSA_PRIV_ENCODE, DSA_R_BN_ERROR);
-        goto err;
-    }
-
-    dplen = i2d_ASN1_INTEGER(prkey, &dp);
-
-    ASN1_STRING_clear_free(prkey);
-    prkey = NULL;
-
-    if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0,
-                         V_ASN1_SEQUENCE, params, dp, dplen))
-        goto err;
-
-    return 1;
-
- err:
-    if (dp != NULL)
-        OPENSSL_free(dp);
-    if (params != NULL)
-        ASN1_STRING_free(params);
-    if (prkey != NULL)
-        ASN1_STRING_clear_free(prkey);
-    return 0;
-}
-
-static int int_dsa_size(const EVP_PKEY *pkey)
-{
-    return (DSA_size(pkey->pkey.dsa));
-}
-
-static int dsa_bits(const EVP_PKEY *pkey)
-{
-    return BN_num_bits(pkey->pkey.dsa->p);
-}
-
-static int dsa_missing_parameters(const EVP_PKEY *pkey)
-{
-    DSA *dsa;
-    dsa = pkey->pkey.dsa;
-    if (dsa == NULL || dsa->p == NULL || dsa->q == NULL || dsa->g == NULL)
-        return 1;
-    return 0;
-}
-
-static int dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
-{
-    BIGNUM *a;
-
-    if ((a = BN_dup(from->pkey.dsa->p)) == NULL)
-        return 0;
-    if (to->pkey.dsa->p != NULL)
-        BN_free(to->pkey.dsa->p);
-    to->pkey.dsa->p = a;
-
-    if ((a = BN_dup(from->pkey.dsa->q)) == NULL)
-        return 0;
-    if (to->pkey.dsa->q != NULL)
-        BN_free(to->pkey.dsa->q);
-    to->pkey.dsa->q = a;
-
-    if ((a = BN_dup(from->pkey.dsa->g)) == NULL)
-        return 0;
-    if (to->pkey.dsa->g != NULL)
-        BN_free(to->pkey.dsa->g);
-    to->pkey.dsa->g = a;
-    return 1;
-}
-
-static int dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
-{
-    if (BN_cmp(a->pkey.dsa->p, b->pkey.dsa->p) ||
-        BN_cmp(a->pkey.dsa->q, b->pkey.dsa->q) ||
-        BN_cmp(a->pkey.dsa->g, b->pkey.dsa->g))
-        return 0;
-    else
-        return 1;
-}
-
-static int dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
-{
-    if (BN_cmp(b->pkey.dsa->pub_key, a->pkey.dsa->pub_key) != 0)
-        return 0;
-    else
-        return 1;
-}
-
-static void int_dsa_free(EVP_PKEY *pkey)
-{
-    DSA_free(pkey->pkey.dsa);
-}
-
-static void update_buflen(const BIGNUM *b, size_t *pbuflen)
-{
-    size_t i;
-    if (!b)
-        return;
-    if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
-        *pbuflen = i;
-}
-
-static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype)
-{
-    unsigned char *m = NULL;
-    int ret = 0;
-    size_t buf_len = 0;
-    const char *ktype = NULL;
-
-    const BIGNUM *priv_key, *pub_key;
-
-    if (ptype == 2)
-        priv_key = x->priv_key;
-    else
-        priv_key = NULL;
-
-    if (ptype > 0)
-        pub_key = x->pub_key;
-    else
-        pub_key = NULL;
-
-    if (ptype == 2)
-        ktype = "Private-Key";
-    else if (ptype == 1)
-        ktype = "Public-Key";
-    else
-        ktype = "DSA-Parameters";
-
-    update_buflen(x->p, &buf_len);
-    update_buflen(x->q, &buf_len);
-    update_buflen(x->g, &buf_len);
-    update_buflen(priv_key, &buf_len);
-    update_buflen(pub_key, &buf_len);
-
-    m = (unsigned char *)OPENSSL_malloc(buf_len + 10);
-    if (m == NULL) {
-        DSAerr(DSA_F_DO_DSA_PRINT, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (priv_key) {
-        if (!BIO_indent(bp, off, 128))
-            goto err;
-        if (BIO_printf(bp, "%s: (%d bit)\n", ktype, BN_num_bits(x->p))
-            <= 0)
-            goto err;
-    }
-
-    if (!ASN1_bn_print(bp, "priv:", priv_key, m, off))
-        goto err;
-    if (!ASN1_bn_print(bp, "pub: ", pub_key, m, off))
-        goto err;
-    if (!ASN1_bn_print(bp, "P:   ", x->p, m, off))
-        goto err;
-    if (!ASN1_bn_print(bp, "Q:   ", x->q, m, off))
-        goto err;
-    if (!ASN1_bn_print(bp, "G:   ", x->g, m, off))
-        goto err;
-    ret = 1;
- err:
-    if (m != NULL)
-        OPENSSL_free(m);
-    return (ret);
-}
-
-static int dsa_param_decode(EVP_PKEY *pkey,
-                            const unsigned char **pder, int derlen)
-{
-    DSA *dsa;
-    if (!(dsa = d2i_DSAparams(NULL, pder, derlen))) {
-        DSAerr(DSA_F_DSA_PARAM_DECODE, ERR_R_DSA_LIB);
-        return 0;
-    }
-    EVP_PKEY_assign_DSA(pkey, dsa);
-    return 1;
-}
-
-static int dsa_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
-{
-    return i2d_DSAparams(pkey->pkey.dsa, pder);
-}
-
-static int dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
-                           ASN1_PCTX *ctx)
-{
-    return do_dsa_print(bp, pkey->pkey.dsa, indent, 0);
-}
-
-static int dsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
-                         ASN1_PCTX *ctx)
-{
-    return do_dsa_print(bp, pkey->pkey.dsa, indent, 1);
-}
-
-static int dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
-                          ASN1_PCTX *ctx)
-{
-    return do_dsa_print(bp, pkey->pkey.dsa, indent, 2);
-}
-
-static int old_dsa_priv_decode(EVP_PKEY *pkey,
-                               const unsigned char **pder, int derlen)
-{
-    DSA *dsa;
-    if (!(dsa = d2i_DSAPrivateKey(NULL, pder, derlen))) {
-        DSAerr(DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB);
-        return 0;
-    }
-    EVP_PKEY_assign_DSA(pkey, dsa);
-    return 1;
-}
-
-static int old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
-{
-    return i2d_DSAPrivateKey(pkey->pkey.dsa, pder);
-}
-
-static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
-                         const ASN1_STRING *sig, int indent, ASN1_PCTX *pctx)
-{
-    DSA_SIG *dsa_sig;
-    const unsigned char *p;
-    if (!sig) {
-        if (BIO_puts(bp, "\n") <= 0)
-            return 0;
-        else
-            return 1;
-    }
-    p = sig->data;
-    dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length);
-    if (dsa_sig) {
-        int rv = 0;
-        size_t buf_len = 0;
-        unsigned char *m = NULL;
-        update_buflen(dsa_sig->r, &buf_len);
-        update_buflen(dsa_sig->s, &buf_len);
-        m = OPENSSL_malloc(buf_len + 10);
-        if (m == NULL) {
-            DSAerr(DSA_F_DSA_SIG_PRINT, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-
-        if (BIO_write(bp, "\n", 1) != 1)
-            goto err;
-
-        if (!ASN1_bn_print(bp, "r:   ", dsa_sig->r, m, indent))
-            goto err;
-        if (!ASN1_bn_print(bp, "s:   ", dsa_sig->s, m, indent))
-            goto err;
-        rv = 1;
- err:
-        if (m)
-            OPENSSL_free(m);
-        DSA_SIG_free(dsa_sig);
-        return rv;
-    }
-    return X509_signature_dump(bp, sig, indent);
-}
-
-static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
-{
-    switch (op) {
-    case ASN1_PKEY_CTRL_PKCS7_SIGN:
-        if (arg1 == 0) {
-            int snid, hnid;
-            X509_ALGOR *alg1, *alg2;
-            PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
-            if (alg1 == NULL || alg1->algorithm == NULL)
-                return -1;
-            hnid = OBJ_obj2nid(alg1->algorithm);
-            if (hnid == NID_undef)
-                return -1;
-            if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
-                return -1;
-            X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
-        }
-        return 1;
-#ifndef OPENSSL_NO_CMS
-    case ASN1_PKEY_CTRL_CMS_SIGN:
-        if (arg1 == 0) {
-            int snid, hnid;
-            X509_ALGOR *alg1, *alg2;
-            CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2);
-            if (alg1 == NULL || alg1->algorithm == NULL)
-                return -1;
-            hnid = OBJ_obj2nid(alg1->algorithm);
-            if (hnid == NID_undef)
-                return -1;
-            if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
-                return -1;
-            X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
-        }
-        return 1;
-
-    case ASN1_PKEY_CTRL_CMS_RI_TYPE:
-        *(int *)arg2 = CMS_RECIPINFO_NONE;
-        return 1;
-#endif
-
-    case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
-        *(int *)arg2 = NID_sha256;
-        return 2;
-
-    default:
-        return -2;
-
-    }
-
-}
-
-/* NB these are sorted in pkey_id order, lowest first */
-
-const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[] = {
-
-    {
-     EVP_PKEY_DSA2,
-     EVP_PKEY_DSA,
-     ASN1_PKEY_ALIAS},
-
-    {
-     EVP_PKEY_DSA1,
-     EVP_PKEY_DSA,
-     ASN1_PKEY_ALIAS},
-
-    {
-     EVP_PKEY_DSA4,
-     EVP_PKEY_DSA,
-     ASN1_PKEY_ALIAS},
-
-    {
-     EVP_PKEY_DSA3,
-     EVP_PKEY_DSA,
-     ASN1_PKEY_ALIAS},
-
-    {
-     EVP_PKEY_DSA,
-     EVP_PKEY_DSA,
-     0,
-
-     "DSA",
-     "OpenSSL DSA method",
-
-     dsa_pub_decode,
-     dsa_pub_encode,
-     dsa_pub_cmp,
-     dsa_pub_print,
-
-     dsa_priv_decode,
-     dsa_priv_encode,
-     dsa_priv_print,
-
-     int_dsa_size,
-     dsa_bits,
-
-     dsa_param_decode,
-     dsa_param_encode,
-     dsa_missing_parameters,
-     dsa_copy_parameters,
-     dsa_cmp_parameters,
-     dsa_param_print,
-     dsa_sig_print,
-
-     int_dsa_free,
-     dsa_pkey_ctrl,
-     old_dsa_priv_decode,
-     old_dsa_priv_encode}
-};
diff --git a/thirdparty/openssl/crypto/dsa/dsa_asn1.c b/thirdparty/openssl/crypto/dsa/dsa_asn1.c
deleted file mode 100644
index 3283a2295b..0000000000
--- a/thirdparty/openssl/crypto/dsa/dsa_asn1.c
+++ /dev/null
@@ -1,202 +0,0 @@
-/* dsa_asn1.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/dsa.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/rand.h>
-
-/* Override the default new methods */
-static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                  void *exarg)
-{
-    if (operation == ASN1_OP_NEW_PRE) {
-        DSA_SIG *sig;
-        sig = OPENSSL_malloc(sizeof(DSA_SIG));
-        if (!sig) {
-            DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-        sig->r = NULL;
-        sig->s = NULL;
-        *pval = (ASN1_VALUE *)sig;
-        return 2;
-    }
-    return 1;
-}
-
-ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = {
-        ASN1_SIMPLE(DSA_SIG, r, CBIGNUM),
-        ASN1_SIMPLE(DSA_SIG, s, CBIGNUM)
-} ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG)
-
-IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA_SIG, DSA_SIG, DSA_SIG)
-
-/* Override the default free and new methods */
-static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                  void *exarg)
-{
-    if (operation == ASN1_OP_NEW_PRE) {
-        *pval = (ASN1_VALUE *)DSA_new();
-        if (*pval)
-            return 2;
-        return 0;
-    } else if (operation == ASN1_OP_FREE_PRE) {
-        DSA_free((DSA *)*pval);
-        *pval = NULL;
-        return 2;
-    }
-    return 1;
-}
-
-ASN1_SEQUENCE_cb(DSAPrivateKey, dsa_cb) = {
-        ASN1_SIMPLE(DSA, version, LONG),
-        ASN1_SIMPLE(DSA, p, BIGNUM),
-        ASN1_SIMPLE(DSA, q, BIGNUM),
-        ASN1_SIMPLE(DSA, g, BIGNUM),
-        ASN1_SIMPLE(DSA, pub_key, BIGNUM),
-        ASN1_SIMPLE(DSA, priv_key, BIGNUM)
-} ASN1_SEQUENCE_END_cb(DSA, DSAPrivateKey)
-
-IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPrivateKey, DSAPrivateKey)
-
-ASN1_SEQUENCE_cb(DSAparams, dsa_cb) = {
-        ASN1_SIMPLE(DSA, p, BIGNUM),
-        ASN1_SIMPLE(DSA, q, BIGNUM),
-        ASN1_SIMPLE(DSA, g, BIGNUM),
-} ASN1_SEQUENCE_END_cb(DSA, DSAparams)
-
-IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAparams, DSAparams)
-
-/*
- * DSA public key is a bit trickier... its effectively a CHOICE type decided
- * by a field called write_params which can either write out just the public
- * key as an INTEGER or the parameters and public key in a SEQUENCE
- */
-
-ASN1_SEQUENCE(dsa_pub_internal) = {
-        ASN1_SIMPLE(DSA, pub_key, BIGNUM),
-        ASN1_SIMPLE(DSA, p, BIGNUM),
-        ASN1_SIMPLE(DSA, q, BIGNUM),
-        ASN1_SIMPLE(DSA, g, BIGNUM)
-} ASN1_SEQUENCE_END_name(DSA, dsa_pub_internal)
-
-ASN1_CHOICE_cb(DSAPublicKey, dsa_cb) = {
-        ASN1_SIMPLE(DSA, pub_key, BIGNUM),
-        ASN1_EX_COMBINE(0, 0, dsa_pub_internal)
-} ASN1_CHOICE_END_cb(DSA, DSAPublicKey, write_params)
-
-IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey)
-
-DSA *DSAparams_dup(DSA *dsa)
-{
-    return ASN1_item_dup(ASN1_ITEM_rptr(DSAparams), dsa);
-}
-
-int DSA_sign(int type, const unsigned char *dgst, int dlen,
-             unsigned char *sig, unsigned int *siglen, DSA *dsa)
-{
-    DSA_SIG *s;
-    RAND_seed(dgst, dlen);
-    s = DSA_do_sign(dgst, dlen, dsa);
-    if (s == NULL) {
-        *siglen = 0;
-        return (0);
-    }
-    *siglen = i2d_DSA_SIG(s, &sig);
-    DSA_SIG_free(s);
-    return (1);
-}
-
-/* data has already been hashed (probably with SHA or SHA-1). */
-/*-
- * returns
- *      1: correct signature
- *      0: incorrect signature
- *     -1: error
- */
-int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
-               const unsigned char *sigbuf, int siglen, DSA *dsa)
-{
-    DSA_SIG *s;
-    const unsigned char *p = sigbuf;
-    unsigned char *der = NULL;
-    int derlen = -1;
-    int ret = -1;
-
-    s = DSA_SIG_new();
-    if (s == NULL)
-        return (ret);
-    if (d2i_DSA_SIG(&s, &p, siglen) == NULL)
-        goto err;
-    /* Ensure signature uses DER and doesn't have trailing garbage */
-    derlen = i2d_DSA_SIG(s, &der);
-    if (derlen != siglen || memcmp(sigbuf, der, derlen))
-        goto err;
-    ret = DSA_do_verify(dgst, dgst_len, s, dsa);
- err:
-    if (derlen > 0) {
-        OPENSSL_cleanse(der, derlen);
-        OPENSSL_free(der);
-    }
-    DSA_SIG_free(s);
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/dsa/dsa_depr.c b/thirdparty/openssl/crypto/dsa/dsa_depr.c
deleted file mode 100644
index 54f88bc440..0000000000
--- a/thirdparty/openssl/crypto/dsa/dsa_depr.c
+++ /dev/null
@@ -1,113 +0,0 @@
-/* crypto/dsa/dsa_depr.c */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * This file contains deprecated function(s) that are now wrappers to the new
- * version(s).
- */
-
-#undef GENUINE_DSA
-
-#ifdef GENUINE_DSA
-/*
- * Parameter generation follows the original release of FIPS PUB 186,
- * Appendix 2.2 (i.e. use SHA as defined in FIPS PUB 180)
- */
-# define HASH    EVP_sha()
-#else
-/*
- * Parameter generation follows the updated Appendix 2.2 for FIPS PUB 186,
- * also Appendix 2.2 of FIPS PUB 186-1 (i.e. use SHA as defined in FIPS PUB
- * 180-1)
- */
-# define HASH    EVP_sha1()
-#endif
-
-static void *dummy = &dummy;
-
-#ifndef OPENSSL_NO_SHA
-
-# include <stdio.h>
-# include <time.h>
-# include "cryptlib.h"
-# include <openssl/evp.h>
-# include <openssl/bn.h>
-# include <openssl/dsa.h>
-# include <openssl/rand.h>
-# include <openssl/sha.h>
-
-# ifndef OPENSSL_NO_DEPRECATED
-DSA *DSA_generate_parameters(int bits,
-                             unsigned char *seed_in, int seed_len,
-                             int *counter_ret, unsigned long *h_ret,
-                             void (*callback) (int, int, void *),
-                             void *cb_arg)
-{
-    BN_GENCB cb;
-    DSA *ret;
-
-    if ((ret = DSA_new()) == NULL)
-        return NULL;
-
-    BN_GENCB_set_old(&cb, callback, cb_arg);
-
-    if (DSA_generate_parameters_ex(ret, bits, seed_in, seed_len,
-                                   counter_ret, h_ret, &cb))
-        return ret;
-    DSA_free(ret);
-    return NULL;
-}
-# endif
-#endif
diff --git a/thirdparty/openssl/crypto/dsa/dsa_err.c b/thirdparty/openssl/crypto/dsa/dsa_err.c
deleted file mode 100644
index f5ddc66b8a..0000000000
--- a/thirdparty/openssl/crypto/dsa/dsa_err.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/* crypto/dsa/dsa_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2013 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/dsa.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_DSA,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_DSA,0,reason)
-
-static ERR_STRING_DATA DSA_str_functs[] = {
-    {ERR_FUNC(DSA_F_D2I_DSA_SIG), "d2i_DSA_SIG"},
-    {ERR_FUNC(DSA_F_DO_DSA_PRINT), "DO_DSA_PRINT"},
-    {ERR_FUNC(DSA_F_DSAPARAMS_PRINT), "DSAparams_print"},
-    {ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP), "DSAparams_print_fp"},
-    {ERR_FUNC(DSA_F_DSA_BUILTIN_PARAMGEN2), "DSA_BUILTIN_PARAMGEN2"},
-    {ERR_FUNC(DSA_F_DSA_DO_SIGN), "DSA_do_sign"},
-    {ERR_FUNC(DSA_F_DSA_DO_VERIFY), "DSA_do_verify"},
-    {ERR_FUNC(DSA_F_DSA_GENERATE_KEY), "DSA_generate_key"},
-    {ERR_FUNC(DSA_F_DSA_GENERATE_PARAMETERS_EX),
-     "DSA_generate_parameters_ex"},
-    {ERR_FUNC(DSA_F_DSA_NEW_METHOD), "DSA_new_method"},
-    {ERR_FUNC(DSA_F_DSA_PARAM_DECODE), "DSA_PARAM_DECODE"},
-    {ERR_FUNC(DSA_F_DSA_PRINT_FP), "DSA_print_fp"},
-    {ERR_FUNC(DSA_F_DSA_PRIV_DECODE), "DSA_PRIV_DECODE"},
-    {ERR_FUNC(DSA_F_DSA_PRIV_ENCODE), "DSA_PRIV_ENCODE"},
-    {ERR_FUNC(DSA_F_DSA_PUB_DECODE), "DSA_PUB_DECODE"},
-    {ERR_FUNC(DSA_F_DSA_PUB_ENCODE), "DSA_PUB_ENCODE"},
-    {ERR_FUNC(DSA_F_DSA_SIGN), "DSA_sign"},
-    {ERR_FUNC(DSA_F_DSA_SIGN_SETUP), "DSA_sign_setup"},
-    {ERR_FUNC(DSA_F_DSA_SIG_NEW), "DSA_SIG_new"},
-    {ERR_FUNC(DSA_F_DSA_SIG_PRINT), "DSA_SIG_PRINT"},
-    {ERR_FUNC(DSA_F_DSA_VERIFY), "DSA_verify"},
-    {ERR_FUNC(DSA_F_I2D_DSA_SIG), "i2d_DSA_SIG"},
-    {ERR_FUNC(DSA_F_OLD_DSA_PRIV_DECODE), "OLD_DSA_PRIV_DECODE"},
-    {ERR_FUNC(DSA_F_PKEY_DSA_CTRL), "PKEY_DSA_CTRL"},
-    {ERR_FUNC(DSA_F_PKEY_DSA_KEYGEN), "PKEY_DSA_KEYGEN"},
-    {ERR_FUNC(DSA_F_SIG_CB), "SIG_CB"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA DSA_str_reasons[] = {
-    {ERR_REASON(DSA_R_BAD_Q_VALUE), "bad q value"},
-    {ERR_REASON(DSA_R_BN_DECODE_ERROR), "bn decode error"},
-    {ERR_REASON(DSA_R_BN_ERROR), "bn error"},
-    {ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),
-     "data too large for key size"},
-    {ERR_REASON(DSA_R_DECODE_ERROR), "decode error"},
-    {ERR_REASON(DSA_R_INVALID_DIGEST_TYPE), "invalid digest type"},
-    {ERR_REASON(DSA_R_INVALID_PARAMETERS), "invalid parameters"},
-    {ERR_REASON(DSA_R_MISSING_PARAMETERS), "missing parameters"},
-    {ERR_REASON(DSA_R_MODULUS_TOO_LARGE), "modulus too large"},
-    {ERR_REASON(DSA_R_NEED_NEW_SETUP_VALUES), "need new setup values"},
-    {ERR_REASON(DSA_R_NON_FIPS_DSA_METHOD), "non fips dsa method"},
-    {ERR_REASON(DSA_R_NO_PARAMETERS_SET), "no parameters set"},
-    {ERR_REASON(DSA_R_PARAMETER_ENCODING_ERROR), "parameter encoding error"},
-    {ERR_REASON(DSA_R_Q_NOT_PRIME), "q not prime"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_DSA_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(DSA_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, DSA_str_functs);
-        ERR_load_strings(0, DSA_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/dsa/dsa_gen.c b/thirdparty/openssl/crypto/dsa/dsa_gen.c
deleted file mode 100644
index 1fce0f81c2..0000000000
--- a/thirdparty/openssl/crypto/dsa/dsa_gen.c
+++ /dev/null
@@ -1,751 +0,0 @@
-/* crypto/dsa/dsa_gen.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#undef GENUINE_DSA
-
-#ifdef GENUINE_DSA
-/*
- * Parameter generation follows the original release of FIPS PUB 186,
- * Appendix 2.2 (i.e. use SHA as defined in FIPS PUB 180)
- */
-# define HASH    EVP_sha()
-#else
-/*
- * Parameter generation follows the updated Appendix 2.2 for FIPS PUB 186,
- * also Appendix 2.2 of FIPS PUB 186-1 (i.e. use SHA as defined in FIPS PUB
- * 180-1)
- */
-# define HASH    EVP_sha1()
-#endif
-
-#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_SHA is defined */
-
-#ifndef OPENSSL_NO_SHA
-
-# include <stdio.h>
-# include "cryptlib.h"
-# include <openssl/evp.h>
-# include <openssl/bn.h>
-# include <openssl/rand.h>
-# include <openssl/sha.h>
-# include "dsa_locl.h"
-
-# ifdef OPENSSL_FIPS
-/* Workaround bug in prototype */
-#  define fips_dsa_builtin_paramgen2 fips_dsa_paramgen_bad
-#  include <openssl/fips.h>
-# endif
-
-int DSA_generate_parameters_ex(DSA *ret, int bits,
-                               const unsigned char *seed_in, int seed_len,
-                               int *counter_ret, unsigned long *h_ret,
-                               BN_GENCB *cb)
-{
-# ifdef OPENSSL_FIPS
-    if (FIPS_mode() && !(ret->meth->flags & DSA_FLAG_FIPS_METHOD)
-        && !(ret->flags & DSA_FLAG_NON_FIPS_ALLOW)) {
-        DSAerr(DSA_F_DSA_GENERATE_PARAMETERS_EX, DSA_R_NON_FIPS_DSA_METHOD);
-        return 0;
-    }
-# endif
-    if (ret->meth->dsa_paramgen)
-        return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len,
-                                       counter_ret, h_ret, cb);
-# ifdef OPENSSL_FIPS
-    else if (FIPS_mode()) {
-        return FIPS_dsa_generate_parameters_ex(ret, bits,
-                                               seed_in, seed_len,
-                                               counter_ret, h_ret, cb);
-    }
-# endif
-    else {
-        const EVP_MD *evpmd = bits >= 2048 ? EVP_sha256() : EVP_sha1();
-        size_t qbits = EVP_MD_size(evpmd) * 8;
-
-        return dsa_builtin_paramgen(ret, bits, qbits, evpmd,
-                                    seed_in, seed_len, NULL, counter_ret,
-                                    h_ret, cb);
-    }
-}
-
-int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
-                         const EVP_MD *evpmd, const unsigned char *seed_in,
-                         size_t seed_len, unsigned char *seed_out,
-                         int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
-{
-    int ok = 0;
-    unsigned char seed[SHA256_DIGEST_LENGTH];
-    unsigned char md[SHA256_DIGEST_LENGTH];
-    unsigned char buf[SHA256_DIGEST_LENGTH], buf2[SHA256_DIGEST_LENGTH];
-    BIGNUM *r0, *W, *X, *c, *test;
-    BIGNUM *g = NULL, *q = NULL, *p = NULL;
-    BN_MONT_CTX *mont = NULL;
-    int i, k, n = 0, m = 0, qsize = qbits >> 3;
-    int counter = 0;
-    int r = 0;
-    BN_CTX *ctx = NULL;
-    unsigned int h = 2;
-
-    if (qsize != SHA_DIGEST_LENGTH && qsize != SHA224_DIGEST_LENGTH &&
-        qsize != SHA256_DIGEST_LENGTH)
-        /* invalid q size */
-        return 0;
-
-    if (evpmd == NULL)
-        /* use SHA1 as default */
-        evpmd = EVP_sha1();
-
-    if (bits < 512)
-        bits = 512;
-
-    bits = (bits + 63) / 64 * 64;
-
-    /*
-     * NB: seed_len == 0 is special case: copy generated seed to seed_in if
-     * it is not NULL.
-     */
-    if (seed_len && (seed_len < (size_t)qsize))
-        seed_in = NULL;         /* seed buffer too small -- ignore */
-    if (seed_len > (size_t)qsize)
-        seed_len = qsize;       /* App. 2.2 of FIPS PUB 186 allows larger
-                                 * SEED, but our internal buffers are
-                                 * restricted to 160 bits */
-    if (seed_in != NULL)
-        memcpy(seed, seed_in, seed_len);
-
-    if ((mont = BN_MONT_CTX_new()) == NULL)
-        goto err;
-
-    if ((ctx = BN_CTX_new()) == NULL)
-        goto err;
-
-    BN_CTX_start(ctx);
-
-    r0 = BN_CTX_get(ctx);
-    g = BN_CTX_get(ctx);
-    W = BN_CTX_get(ctx);
-    q = BN_CTX_get(ctx);
-    X = BN_CTX_get(ctx);
-    c = BN_CTX_get(ctx);
-    p = BN_CTX_get(ctx);
-    test = BN_CTX_get(ctx);
-
-    if (test == NULL)
-        goto err;
-
-    if (!BN_lshift(test, BN_value_one(), bits - 1))
-        goto err;
-
-    for (;;) {
-        for (;;) {              /* find q */
-            int seed_is_random;
-
-            /* step 1 */
-            if (!BN_GENCB_call(cb, 0, m++))
-                goto err;
-
-            if (!seed_len || !seed_in) {
-                if (RAND_bytes(seed, qsize) <= 0)
-                    goto err;
-                seed_is_random = 1;
-            } else {
-                seed_is_random = 0;
-                seed_len = 0;   /* use random seed if 'seed_in' turns out to
-                                 * be bad */
-            }
-            memcpy(buf, seed, qsize);
-            memcpy(buf2, seed, qsize);
-            /* precompute "SEED + 1" for step 7: */
-            for (i = qsize - 1; i >= 0; i--) {
-                buf[i]++;
-                if (buf[i] != 0)
-                    break;
-            }
-
-            /* step 2 */
-            if (!EVP_Digest(seed, qsize, md, NULL, evpmd, NULL))
-                goto err;
-            if (!EVP_Digest(buf, qsize, buf2, NULL, evpmd, NULL))
-                goto err;
-            for (i = 0; i < qsize; i++)
-                md[i] ^= buf2[i];
-
-            /* step 3 */
-            md[0] |= 0x80;
-            md[qsize - 1] |= 0x01;
-            if (!BN_bin2bn(md, qsize, q))
-                goto err;
-
-            /* step 4 */
-            r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx,
-                                        seed_is_random, cb);
-            if (r > 0)
-                break;
-            if (r != 0)
-                goto err;
-
-            /* do a callback call */
-            /* step 5 */
-        }
-
-        if (!BN_GENCB_call(cb, 2, 0))
-            goto err;
-        if (!BN_GENCB_call(cb, 3, 0))
-            goto err;
-
-        /* step 6 */
-        counter = 0;
-        /* "offset = 2" */
-
-        n = (bits - 1) / 160;
-
-        for (;;) {
-            if ((counter != 0) && !BN_GENCB_call(cb, 0, counter))
-                goto err;
-
-            /* step 7 */
-            BN_zero(W);
-            /* now 'buf' contains "SEED + offset - 1" */
-            for (k = 0; k <= n; k++) {
-                /*
-                 * obtain "SEED + offset + k" by incrementing:
-                 */
-                for (i = qsize - 1; i >= 0; i--) {
-                    buf[i]++;
-                    if (buf[i] != 0)
-                        break;
-                }
-
-                if (!EVP_Digest(buf, qsize, md, NULL, evpmd, NULL))
-                    goto err;
-
-                /* step 8 */
-                if (!BN_bin2bn(md, qsize, r0))
-                    goto err;
-                if (!BN_lshift(r0, r0, (qsize << 3) * k))
-                    goto err;
-                if (!BN_add(W, W, r0))
-                    goto err;
-            }
-
-            /* more of step 8 */
-            if (!BN_mask_bits(W, bits - 1))
-                goto err;
-            if (!BN_copy(X, W))
-                goto err;
-            if (!BN_add(X, X, test))
-                goto err;
-
-            /* step 9 */
-            if (!BN_lshift1(r0, q))
-                goto err;
-            if (!BN_mod(c, X, r0, ctx))
-                goto err;
-            if (!BN_sub(r0, c, BN_value_one()))
-                goto err;
-            if (!BN_sub(p, X, r0))
-                goto err;
-
-            /* step 10 */
-            if (BN_cmp(p, test) >= 0) {
-                /* step 11 */
-                r = BN_is_prime_fasttest_ex(p, DSS_prime_checks, ctx, 1, cb);
-                if (r > 0)
-                    goto end;   /* found it */
-                if (r != 0)
-                    goto err;
-            }
-
-            /* step 13 */
-            counter++;
-            /* "offset = offset + n + 1" */
-
-            /* step 14 */
-            if (counter >= 4096)
-                break;
-        }
-    }
- end:
-    if (!BN_GENCB_call(cb, 2, 1))
-        goto err;
-
-    /* We now need to generate g */
-    /* Set r0=(p-1)/q */
-    if (!BN_sub(test, p, BN_value_one()))
-        goto err;
-    if (!BN_div(r0, NULL, test, q, ctx))
-        goto err;
-
-    if (!BN_set_word(test, h))
-        goto err;
-    if (!BN_MONT_CTX_set(mont, p, ctx))
-        goto err;
-
-    for (;;) {
-        /* g=test^r0%p */
-        if (!BN_mod_exp_mont(g, test, r0, p, ctx, mont))
-            goto err;
-        if (!BN_is_one(g))
-            break;
-        if (!BN_add(test, test, BN_value_one()))
-            goto err;
-        h++;
-    }
-
-    if (!BN_GENCB_call(cb, 3, 1))
-        goto err;
-
-    ok = 1;
- err:
-    if (ok) {
-        if (ret->p)
-            BN_free(ret->p);
-        if (ret->q)
-            BN_free(ret->q);
-        if (ret->g)
-            BN_free(ret->g);
-        ret->p = BN_dup(p);
-        ret->q = BN_dup(q);
-        ret->g = BN_dup(g);
-        if (ret->p == NULL || ret->q == NULL || ret->g == NULL) {
-            ok = 0;
-            goto err;
-        }
-        if (counter_ret != NULL)
-            *counter_ret = counter;
-        if (h_ret != NULL)
-            *h_ret = h;
-        if (seed_out)
-            memcpy(seed_out, seed, qsize);
-    }
-    if (ctx) {
-        BN_CTX_end(ctx);
-        BN_CTX_free(ctx);
-    }
-    if (mont != NULL)
-        BN_MONT_CTX_free(mont);
-    return ok;
-}
-
-# ifdef OPENSSL_FIPS
-#  undef fips_dsa_builtin_paramgen2
-extern int fips_dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
-                                      const EVP_MD *evpmd,
-                                      const unsigned char *seed_in,
-                                      size_t seed_len, int idx,
-                                      unsigned char *seed_out,
-                                      int *counter_ret, unsigned long *h_ret,
-                                      BN_GENCB *cb);
-# endif
-
-/*
- * This is a parameter generation algorithm for the DSA2 algorithm as
- * described in FIPS 186-3.
- */
-
-int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
-                          const EVP_MD *evpmd, const unsigned char *seed_in,
-                          size_t seed_len, int idx, unsigned char *seed_out,
-                          int *counter_ret, unsigned long *h_ret,
-                          BN_GENCB *cb)
-{
-    int ok = -1;
-    unsigned char *seed = NULL, *seed_tmp = NULL;
-    unsigned char md[EVP_MAX_MD_SIZE];
-    int mdsize;
-    BIGNUM *r0, *W, *X, *c, *test;
-    BIGNUM *g = NULL, *q = NULL, *p = NULL;
-    BN_MONT_CTX *mont = NULL;
-    int i, k, n = 0, m = 0, qsize = N >> 3;
-    int counter = 0;
-    int r = 0;
-    BN_CTX *ctx = NULL;
-    EVP_MD_CTX mctx;
-    unsigned int h = 2;
-
-# ifdef OPENSSL_FIPS
-
-    if (FIPS_mode())
-        return fips_dsa_builtin_paramgen2(ret, L, N, evpmd,
-                                          seed_in, seed_len, idx,
-                                          seed_out, counter_ret, h_ret, cb);
-# endif
-
-    EVP_MD_CTX_init(&mctx);
-
-    if (evpmd == NULL) {
-        if (N == 160)
-            evpmd = EVP_sha1();
-        else if (N == 224)
-            evpmd = EVP_sha224();
-        else
-            evpmd = EVP_sha256();
-    }
-
-    mdsize = EVP_MD_size(evpmd);
-    /* If unverificable g generation only don't need seed */
-    if (!ret->p || !ret->q || idx >= 0) {
-        if (seed_len == 0)
-            seed_len = mdsize;
-
-        seed = OPENSSL_malloc(seed_len);
-
-        if (seed_out)
-            seed_tmp = seed_out;
-        else
-            seed_tmp = OPENSSL_malloc(seed_len);
-
-        if (!seed || !seed_tmp)
-            goto err;
-
-        if (seed_in)
-            memcpy(seed, seed_in, seed_len);
-
-    }
-
-    if ((ctx = BN_CTX_new()) == NULL)
-        goto err;
-
-    if ((mont = BN_MONT_CTX_new()) == NULL)
-        goto err;
-
-    BN_CTX_start(ctx);
-    r0 = BN_CTX_get(ctx);
-    g = BN_CTX_get(ctx);
-    W = BN_CTX_get(ctx);
-    X = BN_CTX_get(ctx);
-    c = BN_CTX_get(ctx);
-    test = BN_CTX_get(ctx);
-
-    /* if p, q already supplied generate g only */
-    if (ret->p && ret->q) {
-        p = ret->p;
-        q = ret->q;
-        if (idx >= 0)
-            memcpy(seed_tmp, seed, seed_len);
-        goto g_only;
-    } else {
-        p = BN_CTX_get(ctx);
-        q = BN_CTX_get(ctx);
-    }
-
-    if (!BN_lshift(test, BN_value_one(), L - 1))
-        goto err;
-    for (;;) {
-        for (;;) {              /* find q */
-            unsigned char *pmd;
-            /* step 1 */
-            if (!BN_GENCB_call(cb, 0, m++))
-                goto err;
-
-            if (!seed_in) {
-                if (RAND_bytes(seed, seed_len) <= 0)
-                    goto err;
-            }
-            /* step 2 */
-            if (!EVP_Digest(seed, seed_len, md, NULL, evpmd, NULL))
-                goto err;
-            /* Take least significant bits of md */
-            if (mdsize > qsize)
-                pmd = md + mdsize - qsize;
-            else
-                pmd = md;
-
-            if (mdsize < qsize)
-                memset(md + mdsize, 0, qsize - mdsize);
-
-            /* step 3 */
-            pmd[0] |= 0x80;
-            pmd[qsize - 1] |= 0x01;
-            if (!BN_bin2bn(pmd, qsize, q))
-                goto err;
-
-            /* step 4 */
-            r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx,
-                                        seed_in ? 1 : 0, cb);
-            if (r > 0)
-                break;
-            if (r != 0)
-                goto err;
-            /* Provided seed didn't produce a prime: error */
-            if (seed_in) {
-                ok = 0;
-                DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_Q_NOT_PRIME);
-                goto err;
-            }
-
-            /* do a callback call */
-            /* step 5 */
-        }
-        /* Copy seed to seed_out before we mess with it */
-        if (seed_out)
-            memcpy(seed_out, seed, seed_len);
-
-        if (!BN_GENCB_call(cb, 2, 0))
-            goto err;
-        if (!BN_GENCB_call(cb, 3, 0))
-            goto err;
-
-        /* step 6 */
-        counter = 0;
-        /* "offset = 1" */
-
-        n = (L - 1) / (mdsize << 3);
-
-        for (;;) {
-            if ((counter != 0) && !BN_GENCB_call(cb, 0, counter))
-                goto err;
-
-            /* step 7 */
-            BN_zero(W);
-            /* now 'buf' contains "SEED + offset - 1" */
-            for (k = 0; k <= n; k++) {
-                /*
-                 * obtain "SEED + offset + k" by incrementing:
-                 */
-                for (i = seed_len - 1; i >= 0; i--) {
-                    seed[i]++;
-                    if (seed[i] != 0)
-                        break;
-                }
-
-                if (!EVP_Digest(seed, seed_len, md, NULL, evpmd, NULL))
-                    goto err;
-
-                /* step 8 */
-                if (!BN_bin2bn(md, mdsize, r0))
-                    goto err;
-                if (!BN_lshift(r0, r0, (mdsize << 3) * k))
-                    goto err;
-                if (!BN_add(W, W, r0))
-                    goto err;
-            }
-
-            /* more of step 8 */
-            if (!BN_mask_bits(W, L - 1))
-                goto err;
-            if (!BN_copy(X, W))
-                goto err;
-            if (!BN_add(X, X, test))
-                goto err;
-
-            /* step 9 */
-            if (!BN_lshift1(r0, q))
-                goto err;
-            if (!BN_mod(c, X, r0, ctx))
-                goto err;
-            if (!BN_sub(r0, c, BN_value_one()))
-                goto err;
-            if (!BN_sub(p, X, r0))
-                goto err;
-
-            /* step 10 */
-            if (BN_cmp(p, test) >= 0) {
-                /* step 11 */
-                r = BN_is_prime_fasttest_ex(p, DSS_prime_checks, ctx, 1, cb);
-                if (r > 0)
-                    goto end;   /* found it */
-                if (r != 0)
-                    goto err;
-            }
-
-            /* step 13 */
-            counter++;
-            /* "offset = offset + n + 1" */
-
-            /* step 14 */
-            if (counter >= (int)(4 * L))
-                break;
-        }
-        if (seed_in) {
-            ok = 0;
-            DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_INVALID_PARAMETERS);
-            goto err;
-        }
-    }
- end:
-    if (!BN_GENCB_call(cb, 2, 1))
-        goto err;
-
- g_only:
-
-    /* We now need to generate g */
-    /* Set r0=(p-1)/q */
-    if (!BN_sub(test, p, BN_value_one()))
-        goto err;
-    if (!BN_div(r0, NULL, test, q, ctx))
-        goto err;
-
-    if (idx < 0) {
-        if (!BN_set_word(test, h))
-            goto err;
-    } else
-        h = 1;
-    if (!BN_MONT_CTX_set(mont, p, ctx))
-        goto err;
-
-    for (;;) {
-        static const unsigned char ggen[4] = { 0x67, 0x67, 0x65, 0x6e };
-        if (idx >= 0) {
-            md[0] = idx & 0xff;
-            md[1] = (h >> 8) & 0xff;
-            md[2] = h & 0xff;
-            if (!EVP_DigestInit_ex(&mctx, evpmd, NULL))
-                goto err;
-            if (!EVP_DigestUpdate(&mctx, seed_tmp, seed_len))
-                goto err;
-            if (!EVP_DigestUpdate(&mctx, ggen, sizeof(ggen)))
-                goto err;
-            if (!EVP_DigestUpdate(&mctx, md, 3))
-                goto err;
-            if (!EVP_DigestFinal_ex(&mctx, md, NULL))
-                goto err;
-            if (!BN_bin2bn(md, mdsize, test))
-                goto err;
-        }
-        /* g=test^r0%p */
-        if (!BN_mod_exp_mont(g, test, r0, p, ctx, mont))
-            goto err;
-        if (!BN_is_one(g))
-            break;
-        if (idx < 0 && !BN_add(test, test, BN_value_one()))
-            goto err;
-        h++;
-        if (idx >= 0 && h > 0xffff)
-            goto err;
-    }
-
-    if (!BN_GENCB_call(cb, 3, 1))
-        goto err;
-
-    ok = 1;
- err:
-    if (ok == 1) {
-        if (p != ret->p) {
-            if (ret->p)
-                BN_free(ret->p);
-            ret->p = BN_dup(p);
-        }
-        if (q != ret->q) {
-            if (ret->q)
-                BN_free(ret->q);
-            ret->q = BN_dup(q);
-        }
-        if (ret->g)
-            BN_free(ret->g);
-        ret->g = BN_dup(g);
-        if (ret->p == NULL || ret->q == NULL || ret->g == NULL) {
-            ok = -1;
-            goto err;
-        }
-        if (counter_ret != NULL)
-            *counter_ret = counter;
-        if (h_ret != NULL)
-            *h_ret = h;
-    }
-    if (seed)
-        OPENSSL_free(seed);
-    if (seed_out != seed_tmp)
-        OPENSSL_free(seed_tmp);
-    if (ctx) {
-        BN_CTX_end(ctx);
-        BN_CTX_free(ctx);
-    }
-    if (mont != NULL)
-        BN_MONT_CTX_free(mont);
-    EVP_MD_CTX_cleanup(&mctx);
-    return ok;
-}
-
-int dsa_paramgen_check_g(DSA *dsa)
-{
-    BN_CTX *ctx;
-    BIGNUM *tmp;
-    BN_MONT_CTX *mont = NULL;
-    int rv = -1;
-    ctx = BN_CTX_new();
-    if (!ctx)
-        return -1;
-    BN_CTX_start(ctx);
-    if (BN_cmp(dsa->g, BN_value_one()) <= 0)
-        return 0;
-    if (BN_cmp(dsa->g, dsa->p) >= 0)
-        return 0;
-    tmp = BN_CTX_get(ctx);
-    if (!tmp)
-        goto err;
-    if ((mont = BN_MONT_CTX_new()) == NULL)
-        goto err;
-    if (!BN_MONT_CTX_set(mont, dsa->p, ctx))
-        goto err;
-    /* Work out g^q mod p */
-    if (!BN_mod_exp_mont(tmp, dsa->g, dsa->q, dsa->p, ctx, mont))
-        goto err;
-    if (!BN_cmp(tmp, BN_value_one()))
-        rv = 1;
-    else
-        rv = 0;
- err:
-    BN_CTX_end(ctx);
-    if (mont)
-        BN_MONT_CTX_free(mont);
-    BN_CTX_free(ctx);
-    return rv;
-
-}
-#endif
diff --git a/thirdparty/openssl/crypto/dsa/dsa_key.c b/thirdparty/openssl/crypto/dsa/dsa_key.c
deleted file mode 100644
index e8c8d2e6aa..0000000000
--- a/thirdparty/openssl/crypto/dsa/dsa_key.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/* crypto/dsa/dsa_key.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#ifndef OPENSSL_NO_SHA
-# include <openssl/bn.h>
-# include <openssl/dsa.h>
-# include <openssl/rand.h>
-
-# ifdef OPENSSL_FIPS
-#  include <openssl/fips.h>
-# endif
-
-static int dsa_builtin_keygen(DSA *dsa);
-
-int DSA_generate_key(DSA *dsa)
-{
-# ifdef OPENSSL_FIPS
-    if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
-        && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) {
-        DSAerr(DSA_F_DSA_GENERATE_KEY, DSA_R_NON_FIPS_DSA_METHOD);
-        return 0;
-    }
-# endif
-    if (dsa->meth->dsa_keygen)
-        return dsa->meth->dsa_keygen(dsa);
-# ifdef OPENSSL_FIPS
-    if (FIPS_mode())
-        return FIPS_dsa_generate_key(dsa);
-# endif
-    return dsa_builtin_keygen(dsa);
-}
-
-static int dsa_builtin_keygen(DSA *dsa)
-{
-    int ok = 0;
-    BN_CTX *ctx = NULL;
-    BIGNUM *pub_key = NULL, *priv_key = NULL;
-
-    if ((ctx = BN_CTX_new()) == NULL)
-        goto err;
-
-    if (dsa->priv_key == NULL) {
-        if ((priv_key = BN_new()) == NULL)
-            goto err;
-    } else
-        priv_key = dsa->priv_key;
-
-    do
-        if (!BN_rand_range(priv_key, dsa->q))
-            goto err;
-    while (BN_is_zero(priv_key)) ;
-
-    if (dsa->pub_key == NULL) {
-        if ((pub_key = BN_new()) == NULL)
-            goto err;
-    } else
-        pub_key = dsa->pub_key;
-
-    {
-        BIGNUM local_prk;
-        BIGNUM *prk;
-
-        if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
-            BN_init(&local_prk);
-            prk = &local_prk;
-            BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME);
-        } else
-            prk = priv_key;
-
-        if (!BN_mod_exp(pub_key, dsa->g, prk, dsa->p, ctx))
-            goto err;
-    }
-
-    dsa->priv_key = priv_key;
-    dsa->pub_key = pub_key;
-    ok = 1;
-
- err:
-    if ((pub_key != NULL) && (dsa->pub_key == NULL))
-        BN_free(pub_key);
-    if ((priv_key != NULL) && (dsa->priv_key == NULL))
-        BN_free(priv_key);
-    if (ctx != NULL)
-        BN_CTX_free(ctx);
-    return (ok);
-}
-#endif
diff --git a/thirdparty/openssl/crypto/dsa/dsa_lib.c b/thirdparty/openssl/crypto/dsa/dsa_lib.c
deleted file mode 100644
index eb9d21d9ae..0000000000
--- a/thirdparty/openssl/crypto/dsa/dsa_lib.c
+++ /dev/null
@@ -1,329 +0,0 @@
-/* crypto/dsa/dsa_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/asn1.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
-const char DSA_version[] = "DSA" OPENSSL_VERSION_PTEXT;
-
-static const DSA_METHOD *default_DSA_method = NULL;
-
-void DSA_set_default_method(const DSA_METHOD *meth)
-{
-    default_DSA_method = meth;
-}
-
-const DSA_METHOD *DSA_get_default_method(void)
-{
-    if (!default_DSA_method) {
-#ifdef OPENSSL_FIPS
-        if (FIPS_mode())
-            return FIPS_dsa_openssl();
-        else
-            return DSA_OpenSSL();
-#else
-        default_DSA_method = DSA_OpenSSL();
-#endif
-    }
-    return default_DSA_method;
-}
-
-DSA *DSA_new(void)
-{
-    return DSA_new_method(NULL);
-}
-
-int DSA_set_method(DSA *dsa, const DSA_METHOD *meth)
-{
-    /*
-     * NB: The caller is specifically setting a method, so it's not up to us
-     * to deal with which ENGINE it comes from.
-     */
-    const DSA_METHOD *mtmp;
-    mtmp = dsa->meth;
-    if (mtmp->finish)
-        mtmp->finish(dsa);
-#ifndef OPENSSL_NO_ENGINE
-    if (dsa->engine) {
-        ENGINE_finish(dsa->engine);
-        dsa->engine = NULL;
-    }
-#endif
-    dsa->meth = meth;
-    if (meth->init)
-        meth->init(dsa);
-    return 1;
-}
-
-DSA *DSA_new_method(ENGINE *engine)
-{
-    DSA *ret;
-
-    ret = (DSA *)OPENSSL_malloc(sizeof(DSA));
-    if (ret == NULL) {
-        DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
-        return (NULL);
-    }
-    ret->meth = DSA_get_default_method();
-#ifndef OPENSSL_NO_ENGINE
-    if (engine) {
-        if (!ENGINE_init(engine)) {
-            DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB);
-            OPENSSL_free(ret);
-            return NULL;
-        }
-        ret->engine = engine;
-    } else
-        ret->engine = ENGINE_get_default_DSA();
-    if (ret->engine) {
-        ret->meth = ENGINE_get_DSA(ret->engine);
-        if (!ret->meth) {
-            DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB);
-            ENGINE_finish(ret->engine);
-            OPENSSL_free(ret);
-            return NULL;
-        }
-    }
-#endif
-
-    ret->pad = 0;
-    ret->version = 0;
-    ret->write_params = 1;
-    ret->p = NULL;
-    ret->q = NULL;
-    ret->g = NULL;
-
-    ret->pub_key = NULL;
-    ret->priv_key = NULL;
-
-    ret->kinv = NULL;
-    ret->r = NULL;
-    ret->method_mont_p = NULL;
-
-    ret->references = 1;
-    ret->flags = ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW;
-    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
-    if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
-#ifndef OPENSSL_NO_ENGINE
-        if (ret->engine)
-            ENGINE_finish(ret->engine);
-#endif
-        CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
-        OPENSSL_free(ret);
-        ret = NULL;
-    }
-
-    return (ret);
-}
-
-void DSA_free(DSA *r)
-{
-    int i;
-
-    if (r == NULL)
-        return;
-
-    i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DSA);
-#ifdef REF_PRINT
-    REF_PRINT("DSA", r);
-#endif
-    if (i > 0)
-        return;
-#ifdef REF_CHECK
-    if (i < 0) {
-        fprintf(stderr, "DSA_free, bad reference count\n");
-        abort();
-    }
-#endif
-
-    if (r->meth->finish)
-        r->meth->finish(r);
-#ifndef OPENSSL_NO_ENGINE
-    if (r->engine)
-        ENGINE_finish(r->engine);
-#endif
-
-    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data);
-
-    if (r->p != NULL)
-        BN_clear_free(r->p);
-    if (r->q != NULL)
-        BN_clear_free(r->q);
-    if (r->g != NULL)
-        BN_clear_free(r->g);
-    if (r->pub_key != NULL)
-        BN_clear_free(r->pub_key);
-    if (r->priv_key != NULL)
-        BN_clear_free(r->priv_key);
-    if (r->kinv != NULL)
-        BN_clear_free(r->kinv);
-    if (r->r != NULL)
-        BN_clear_free(r->r);
-    OPENSSL_free(r);
-}
-
-int DSA_up_ref(DSA *r)
-{
-    int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DSA);
-#ifdef REF_PRINT
-    REF_PRINT("DSA", r);
-#endif
-#ifdef REF_CHECK
-    if (i < 2) {
-        fprintf(stderr, "DSA_up_ref, bad reference count\n");
-        abort();
-    }
-#endif
-    return ((i > 1) ? 1 : 0);
-}
-
-int DSA_size(const DSA *r)
-{
-    int ret, i;
-    ASN1_INTEGER bs;
-    unsigned char buf[4];       /* 4 bytes looks really small. However,
-                                 * i2d_ASN1_INTEGER() will not look beyond
-                                 * the first byte, as long as the second
-                                 * parameter is NULL. */
-
-    i = BN_num_bits(r->q);
-    bs.length = (i + 7) / 8;
-    bs.data = buf;
-    bs.type = V_ASN1_INTEGER;
-    /* If the top bit is set the asn1 encoding is 1 larger. */
-    buf[0] = 0xff;
-
-    i = i2d_ASN1_INTEGER(&bs, NULL);
-    i += i;                     /* r and s */
-    ret = ASN1_object_size(1, i, V_ASN1_SEQUENCE);
-    return (ret);
-}
-
-int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-                         CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, argl, argp,
-                                   new_func, dup_func, free_func);
-}
-
-int DSA_set_ex_data(DSA *d, int idx, void *arg)
-{
-    return (CRYPTO_set_ex_data(&d->ex_data, idx, arg));
-}
-
-void *DSA_get_ex_data(DSA *d, int idx)
-{
-    return (CRYPTO_get_ex_data(&d->ex_data, idx));
-}
-
-#ifndef OPENSSL_NO_DH
-DH *DSA_dup_DH(const DSA *r)
-{
-    /*
-     * DSA has p, q, g, optional pub_key, optional priv_key. DH has p,
-     * optional length, g, optional pub_key, optional priv_key, optional q.
-     */
-
-    DH *ret = NULL;
-
-    if (r == NULL)
-        goto err;
-    ret = DH_new();
-    if (ret == NULL)
-        goto err;
-    if (r->p != NULL)
-        if ((ret->p = BN_dup(r->p)) == NULL)
-            goto err;
-    if (r->q != NULL) {
-        ret->length = BN_num_bits(r->q);
-        if ((ret->q = BN_dup(r->q)) == NULL)
-            goto err;
-    }
-    if (r->g != NULL)
-        if ((ret->g = BN_dup(r->g)) == NULL)
-            goto err;
-    if (r->pub_key != NULL)
-        if ((ret->pub_key = BN_dup(r->pub_key)) == NULL)
-            goto err;
-    if (r->priv_key != NULL)
-        if ((ret->priv_key = BN_dup(r->priv_key)) == NULL)
-            goto err;
-
-    return ret;
-
- err:
-    if (ret != NULL)
-        DH_free(ret);
-    return NULL;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/dsa/dsa_locl.h b/thirdparty/openssl/crypto/dsa/dsa_locl.h
deleted file mode 100644
index 9c23c3ef90..0000000000
--- a/thirdparty/openssl/crypto/dsa/dsa_locl.h
+++ /dev/null
@@ -1,69 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/dsa.h>
-
-int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
-                         const EVP_MD *evpmd, const unsigned char *seed_in,
-                         size_t seed_len, unsigned char *seed_out,
-                         int *counter_ret, unsigned long *h_ret,
-                         BN_GENCB *cb);
-
-int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
-                          const EVP_MD *evpmd, const unsigned char *seed_in,
-                          size_t seed_len, int idx, unsigned char *seed_out,
-                          int *counter_ret, unsigned long *h_ret,
-                          BN_GENCB *cb);
-
-int dsa_paramgen_check_g(DSA *dsa);
diff --git a/thirdparty/openssl/crypto/dsa/dsa_ossl.c b/thirdparty/openssl/crypto/dsa/dsa_ossl.c
deleted file mode 100644
index 58013a4a13..0000000000
--- a/thirdparty/openssl/crypto/dsa/dsa_ossl.c
+++ /dev/null
@@ -1,427 +0,0 @@
-/* crypto/dsa/dsa_ossl.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/sha.h>
-#include <openssl/dsa.h>
-#include <openssl/rand.h>
-#include <openssl/asn1.h>
-
-static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
-static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
-                          BIGNUM **rp);
-static int dsa_do_verify(const unsigned char *dgst, int dgst_len,
-                         DSA_SIG *sig, DSA *dsa);
-static int dsa_init(DSA *dsa);
-static int dsa_finish(DSA *dsa);
-
-static DSA_METHOD openssl_dsa_meth = {
-    "OpenSSL DSA method",
-    dsa_do_sign,
-    dsa_sign_setup,
-    dsa_do_verify,
-    NULL,                       /* dsa_mod_exp, */
-    NULL,                       /* dsa_bn_mod_exp, */
-    dsa_init,
-    dsa_finish,
-    0,
-    NULL,
-    NULL,
-    NULL
-};
-
-/*-
- * These macro wrappers replace attempts to use the dsa_mod_exp() and
- * bn_mod_exp() handlers in the DSA_METHOD structure. We avoid the problem of
- * having a the macro work as an expression by bundling an "err_instr". So;
- *
- *     if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,
- *                 dsa->method_mont_p)) goto err;
- *
- * can be replaced by;
- *
- *     DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, &k, dsa->p, ctx,
- *                 dsa->method_mont_p);
- */
-
-#define DSA_MOD_EXP(err_instr,dsa,rr,a1,p1,a2,p2,m,ctx,in_mont) \
-        do { \
-        int _tmp_res53; \
-        if ((dsa)->meth->dsa_mod_exp) \
-                _tmp_res53 = (dsa)->meth->dsa_mod_exp((dsa), (rr), (a1), (p1), \
-                                (a2), (p2), (m), (ctx), (in_mont)); \
-        else \
-                _tmp_res53 = BN_mod_exp2_mont((rr), (a1), (p1), (a2), (p2), \
-                                (m), (ctx), (in_mont)); \
-        if (!_tmp_res53) err_instr; \
-        } while(0)
-#define DSA_BN_MOD_EXP(err_instr,dsa,r,a,p,m,ctx,m_ctx) \
-        do { \
-        int _tmp_res53; \
-        if ((dsa)->meth->bn_mod_exp) \
-                _tmp_res53 = (dsa)->meth->bn_mod_exp((dsa), (r), (a), (p), \
-                                (m), (ctx), (m_ctx)); \
-        else \
-                _tmp_res53 = BN_mod_exp_mont((r), (a), (p), (m), (ctx), (m_ctx)); \
-        if (!_tmp_res53) err_instr; \
-        } while(0)
-
-const DSA_METHOD *DSA_OpenSSL(void)
-{
-    return &openssl_dsa_meth;
-}
-
-static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
-{
-    BIGNUM *kinv = NULL, *r = NULL, *s = NULL;
-    BIGNUM m;
-    BIGNUM xr;
-    BN_CTX *ctx = NULL;
-    int reason = ERR_R_BN_LIB;
-    DSA_SIG *ret = NULL;
-    int noredo = 0;
-
-    BN_init(&m);
-    BN_init(&xr);
-
-    if (!dsa->p || !dsa->q || !dsa->g) {
-        reason = DSA_R_MISSING_PARAMETERS;
-        goto err;
-    }
-
-    s = BN_new();
-    if (s == NULL)
-        goto err;
-    ctx = BN_CTX_new();
-    if (ctx == NULL)
-        goto err;
- redo:
-    if ((dsa->kinv == NULL) || (dsa->r == NULL)) {
-        if (!DSA_sign_setup(dsa, ctx, &kinv, &r))
-            goto err;
-    } else {
-        kinv = dsa->kinv;
-        dsa->kinv = NULL;
-        r = dsa->r;
-        dsa->r = NULL;
-        noredo = 1;
-    }
-
-    if (dlen > BN_num_bytes(dsa->q))
-        /*
-         * if the digest length is greater than the size of q use the
-         * BN_num_bits(dsa->q) leftmost bits of the digest, see fips 186-3,
-         * 4.2
-         */
-        dlen = BN_num_bytes(dsa->q);
-    if (BN_bin2bn(dgst, dlen, &m) == NULL)
-        goto err;
-
-    /* Compute  s = inv(k) (m + xr) mod q */
-    if (!BN_mod_mul(&xr, dsa->priv_key, r, dsa->q, ctx))
-        goto err;               /* s = xr */
-    if (!BN_add(s, &xr, &m))
-        goto err;               /* s = m + xr */
-    if (BN_cmp(s, dsa->q) > 0)
-        if (!BN_sub(s, s, dsa->q))
-            goto err;
-    if (!BN_mod_mul(s, s, kinv, dsa->q, ctx))
-        goto err;
-
-    /*
-     * Redo if r or s is zero as required by FIPS 186-3: this is very
-     * unlikely.
-     */
-    if (BN_is_zero(r) || BN_is_zero(s)) {
-        if (noredo) {
-            reason = DSA_R_NEED_NEW_SETUP_VALUES;
-            goto err;
-        }
-        goto redo;
-    }
-    ret = DSA_SIG_new();
-    if (ret == NULL)
-        goto err;
-    ret->r = r;
-    ret->s = s;
-
- err:
-    if (ret == NULL) {
-        DSAerr(DSA_F_DSA_DO_SIGN, reason);
-        BN_free(r);
-        BN_free(s);
-    }
-    if (ctx != NULL)
-        BN_CTX_free(ctx);
-    BN_clear_free(&m);
-    BN_clear_free(&xr);
-    if (kinv != NULL)           /* dsa->kinv is NULL now if we used it */
-        BN_clear_free(kinv);
-    return (ret);
-}
-
-static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
-                          BIGNUM **rp)
-{
-    BN_CTX *ctx;
-    BIGNUM k, kq, *K, *kinv = NULL, *r = NULL;
-    int ret = 0;
-
-    if (!dsa->p || !dsa->q || !dsa->g) {
-        DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_MISSING_PARAMETERS);
-        return 0;
-    }
-
-    BN_init(&k);
-    BN_init(&kq);
-
-    if (ctx_in == NULL) {
-        if ((ctx = BN_CTX_new()) == NULL)
-            goto err;
-    } else
-        ctx = ctx_in;
-
-    if ((r = BN_new()) == NULL)
-        goto err;
-
-    /* Get random k */
-    do
-        if (!BN_rand_range(&k, dsa->q))
-            goto err;
-    while (BN_is_zero(&k));
-
-    if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
-        BN_set_flags(&k, BN_FLG_CONSTTIME);
-    }
-
-
-    if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
-        if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,
-                                    CRYPTO_LOCK_DSA, dsa->p, ctx))
-            goto err;
-    }
-
-    /* Compute r = (g^k mod p) mod q */
-
-    if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
-        if (!BN_copy(&kq, &k))
-            goto err;
-
-        BN_set_flags(&kq, BN_FLG_CONSTTIME);
-
-        /*
-         * We do not want timing information to leak the length of k, so we
-         * compute g^k using an equivalent exponent of fixed length. (This
-         * is a kludge that we need because the BN_mod_exp_mont() does not
-         * let us specify the desired timing behaviour.)
-         */
-
-        if (!BN_add(&kq, &kq, dsa->q))
-            goto err;
-        if (BN_num_bits(&kq) <= BN_num_bits(dsa->q)) {
-            if (!BN_add(&kq, &kq, dsa->q))
-                goto err;
-        }
-
-        K = &kq;
-    } else {
-        K = &k;
-    }
-
-    DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx,
-                   dsa->method_mont_p);
-    if (!BN_mod(r, r, dsa->q, ctx))
-        goto err;
-
-    /* Compute  part of 's = inv(k) (m + xr) mod q' */
-    if ((kinv = BN_mod_inverse(NULL, &k, dsa->q, ctx)) == NULL)
-        goto err;
-
-    if (*kinvp != NULL)
-        BN_clear_free(*kinvp);
-    *kinvp = kinv;
-    kinv = NULL;
-    if (*rp != NULL)
-        BN_clear_free(*rp);
-    *rp = r;
-    ret = 1;
- err:
-    if (!ret) {
-        DSAerr(DSA_F_DSA_SIGN_SETUP, ERR_R_BN_LIB);
-        if (r != NULL)
-            BN_clear_free(r);
-    }
-    if (ctx_in == NULL)
-        BN_CTX_free(ctx);
-    BN_clear_free(&k);
-    BN_clear_free(&kq);
-    return (ret);
-}
-
-static int dsa_do_verify(const unsigned char *dgst, int dgst_len,
-                         DSA_SIG *sig, DSA *dsa)
-{
-    BN_CTX *ctx;
-    BIGNUM u1, u2, t1;
-    BN_MONT_CTX *mont = NULL;
-    int ret = -1, i;
-    if (!dsa->p || !dsa->q || !dsa->g) {
-        DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_MISSING_PARAMETERS);
-        return -1;
-    }
-
-    i = BN_num_bits(dsa->q);
-    /* fips 186-3 allows only different sizes for q */
-    if (i != 160 && i != 224 && i != 256) {
-        DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_BAD_Q_VALUE);
-        return -1;
-    }
-
-    if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) {
-        DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_MODULUS_TOO_LARGE);
-        return -1;
-    }
-    BN_init(&u1);
-    BN_init(&u2);
-    BN_init(&t1);
-
-    if ((ctx = BN_CTX_new()) == NULL)
-        goto err;
-
-    if (BN_is_zero(sig->r) || BN_is_negative(sig->r) ||
-        BN_ucmp(sig->r, dsa->q) >= 0) {
-        ret = 0;
-        goto err;
-    }
-    if (BN_is_zero(sig->s) || BN_is_negative(sig->s) ||
-        BN_ucmp(sig->s, dsa->q) >= 0) {
-        ret = 0;
-        goto err;
-    }
-
-    /*
-     * Calculate W = inv(S) mod Q save W in u2
-     */
-    if ((BN_mod_inverse(&u2, sig->s, dsa->q, ctx)) == NULL)
-        goto err;
-
-    /* save M in u1 */
-    if (dgst_len > (i >> 3))
-        /*
-         * if the digest length is greater than the size of q use the
-         * BN_num_bits(dsa->q) leftmost bits of the digest, see fips 186-3,
-         * 4.2
-         */
-        dgst_len = (i >> 3);
-    if (BN_bin2bn(dgst, dgst_len, &u1) == NULL)
-        goto err;
-
-    /* u1 = M * w mod q */
-    if (!BN_mod_mul(&u1, &u1, &u2, dsa->q, ctx))
-        goto err;
-
-    /* u2 = r * w mod q */
-    if (!BN_mod_mul(&u2, sig->r, &u2, dsa->q, ctx))
-        goto err;
-
-    if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
-        mont = BN_MONT_CTX_set_locked(&dsa->method_mont_p,
-                                      CRYPTO_LOCK_DSA, dsa->p, ctx);
-        if (!mont)
-            goto err;
-    }
-
-    DSA_MOD_EXP(goto err, dsa, &t1, dsa->g, &u1, dsa->pub_key, &u2, dsa->p,
-                ctx, mont);
-    /* BN_copy(&u1,&t1); */
-    /* let u1 = u1 mod q */
-    if (!BN_mod(&u1, &t1, dsa->q, ctx))
-        goto err;
-
-    /*
-     * V is now in u1.  If the signature is correct, it will be equal to R.
-     */
-    ret = (BN_ucmp(&u1, sig->r) == 0);
-
- err:
-    if (ret < 0)
-        DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_BN_LIB);
-    if (ctx != NULL)
-        BN_CTX_free(ctx);
-    BN_free(&u1);
-    BN_free(&u2);
-    BN_free(&t1);
-    return (ret);
-}
-
-static int dsa_init(DSA *dsa)
-{
-    dsa->flags |= DSA_FLAG_CACHE_MONT_P;
-    return (1);
-}
-
-static int dsa_finish(DSA *dsa)
-{
-    if (dsa->method_mont_p)
-        BN_MONT_CTX_free(dsa->method_mont_p);
-    return (1);
-}
diff --git a/thirdparty/openssl/crypto/dsa/dsa_pmeth.c b/thirdparty/openssl/crypto/dsa/dsa_pmeth.c
deleted file mode 100644
index 78724839b5..0000000000
--- a/thirdparty/openssl/crypto/dsa/dsa_pmeth.c
+++ /dev/null
@@ -1,312 +0,0 @@
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/evp.h>
-#include <openssl/bn.h>
-#include "evp_locl.h"
-#include "dsa_locl.h"
-
-/* DSA pkey context structure */
-
-typedef struct {
-    /* Parameter gen parameters */
-    int nbits;                  /* size of p in bits (default: 1024) */
-    int qbits;                  /* size of q in bits (default: 160) */
-    const EVP_MD *pmd;          /* MD for parameter generation */
-    /* Keygen callback info */
-    int gentmp[2];
-    /* message digest */
-    const EVP_MD *md;           /* MD for the signature */
-} DSA_PKEY_CTX;
-
-static int pkey_dsa_init(EVP_PKEY_CTX *ctx)
-{
-    DSA_PKEY_CTX *dctx;
-    dctx = OPENSSL_malloc(sizeof(DSA_PKEY_CTX));
-    if (!dctx)
-        return 0;
-    dctx->nbits = 1024;
-    dctx->qbits = 160;
-    dctx->pmd = NULL;
-    dctx->md = NULL;
-
-    ctx->data = dctx;
-    ctx->keygen_info = dctx->gentmp;
-    ctx->keygen_info_count = 2;
-
-    return 1;
-}
-
-static int pkey_dsa_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
-{
-    DSA_PKEY_CTX *dctx, *sctx;
-    if (!pkey_dsa_init(dst))
-        return 0;
-    sctx = src->data;
-    dctx = dst->data;
-    dctx->nbits = sctx->nbits;
-    dctx->qbits = sctx->qbits;
-    dctx->pmd = sctx->pmd;
-    dctx->md = sctx->md;
-    return 1;
-}
-
-static void pkey_dsa_cleanup(EVP_PKEY_CTX *ctx)
-{
-    DSA_PKEY_CTX *dctx = ctx->data;
-    if (dctx)
-        OPENSSL_free(dctx);
-}
-
-static int pkey_dsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
-                         size_t *siglen, const unsigned char *tbs,
-                         size_t tbslen)
-{
-    int ret, type;
-    unsigned int sltmp;
-    DSA_PKEY_CTX *dctx = ctx->data;
-    DSA *dsa = ctx->pkey->pkey.dsa;
-
-    if (dctx->md)
-        type = EVP_MD_type(dctx->md);
-    else
-        type = NID_sha1;
-
-    ret = DSA_sign(type, tbs, tbslen, sig, &sltmp, dsa);
-
-    if (ret <= 0)
-        return ret;
-    *siglen = sltmp;
-    return 1;
-}
-
-static int pkey_dsa_verify(EVP_PKEY_CTX *ctx,
-                           const unsigned char *sig, size_t siglen,
-                           const unsigned char *tbs, size_t tbslen)
-{
-    int ret, type;
-    DSA_PKEY_CTX *dctx = ctx->data;
-    DSA *dsa = ctx->pkey->pkey.dsa;
-
-    if (dctx->md)
-        type = EVP_MD_type(dctx->md);
-    else
-        type = NID_sha1;
-
-    ret = DSA_verify(type, tbs, tbslen, sig, siglen, dsa);
-
-    return ret;
-}
-
-static int pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
-{
-    DSA_PKEY_CTX *dctx = ctx->data;
-    switch (type) {
-    case EVP_PKEY_CTRL_DSA_PARAMGEN_BITS:
-        if (p1 < 256)
-            return -2;
-        dctx->nbits = p1;
-        return 1;
-
-    case EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS:
-        if (p1 != 160 && p1 != 224 && p1 && p1 != 256)
-            return -2;
-        dctx->qbits = p1;
-        return 1;
-
-    case EVP_PKEY_CTRL_DSA_PARAMGEN_MD:
-        if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 &&
-            EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
-            EVP_MD_type((const EVP_MD *)p2) != NID_sha256) {
-            DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
-            return 0;
-        }
-        dctx->pmd = p2;
-        return 1;
-
-    case EVP_PKEY_CTRL_MD:
-        if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 &&
-            EVP_MD_type((const EVP_MD *)p2) != NID_dsa &&
-            EVP_MD_type((const EVP_MD *)p2) != NID_dsaWithSHA &&
-            EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
-            EVP_MD_type((const EVP_MD *)p2) != NID_sha256 &&
-            EVP_MD_type((const EVP_MD *)p2) != NID_sha384 &&
-            EVP_MD_type((const EVP_MD *)p2) != NID_sha512) {
-            DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
-            return 0;
-        }
-        dctx->md = p2;
-        return 1;
-
-    case EVP_PKEY_CTRL_GET_MD:
-        *(const EVP_MD **)p2 = dctx->md;
-        return 1;
-
-    case EVP_PKEY_CTRL_DIGESTINIT:
-    case EVP_PKEY_CTRL_PKCS7_SIGN:
-    case EVP_PKEY_CTRL_CMS_SIGN:
-        return 1;
-
-    case EVP_PKEY_CTRL_PEER_KEY:
-        DSAerr(DSA_F_PKEY_DSA_CTRL,
-               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-        return -2;
-    default:
-        return -2;
-
-    }
-}
-
-static int pkey_dsa_ctrl_str(EVP_PKEY_CTX *ctx,
-                             const char *type, const char *value)
-{
-    if (!strcmp(type, "dsa_paramgen_bits")) {
-        int nbits;
-        nbits = atoi(value);
-        return EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits);
-    }
-    if (!strcmp(type, "dsa_paramgen_q_bits")) {
-        int qbits = atoi(value);
-        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN,
-                                 EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, qbits,
-                                 NULL);
-    }
-    if (!strcmp(type, "dsa_paramgen_md")) {
-        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN,
-                                 EVP_PKEY_CTRL_DSA_PARAMGEN_MD, 0,
-                                 (void *)EVP_get_digestbyname(value));
-    }
-    return -2;
-}
-
-static int pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
-    DSA *dsa = NULL;
-    DSA_PKEY_CTX *dctx = ctx->data;
-    BN_GENCB *pcb, cb;
-    int ret;
-    if (ctx->pkey_gencb) {
-        pcb = &cb;
-        evp_pkey_set_cb_translate(pcb, ctx);
-    } else
-        pcb = NULL;
-    dsa = DSA_new();
-    if (!dsa)
-        return 0;
-    ret = dsa_builtin_paramgen(dsa, dctx->nbits, dctx->qbits, dctx->pmd,
-                               NULL, 0, NULL, NULL, NULL, pcb);
-    if (ret)
-        EVP_PKEY_assign_DSA(pkey, dsa);
-    else
-        DSA_free(dsa);
-    return ret;
-}
-
-static int pkey_dsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
-    DSA *dsa = NULL;
-    if (ctx->pkey == NULL) {
-        DSAerr(DSA_F_PKEY_DSA_KEYGEN, DSA_R_NO_PARAMETERS_SET);
-        return 0;
-    }
-    dsa = DSA_new();
-    if (!dsa)
-        return 0;
-    EVP_PKEY_assign_DSA(pkey, dsa);
-    /* Note: if error return, pkey is freed by parent routine */
-    if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey))
-        return 0;
-    return DSA_generate_key(pkey->pkey.dsa);
-}
-
-const EVP_PKEY_METHOD dsa_pkey_meth = {
-    EVP_PKEY_DSA,
-    EVP_PKEY_FLAG_AUTOARGLEN,
-    pkey_dsa_init,
-    pkey_dsa_copy,
-    pkey_dsa_cleanup,
-
-    0,
-    pkey_dsa_paramgen,
-
-    0,
-    pkey_dsa_keygen,
-
-    0,
-    pkey_dsa_sign,
-
-    0,
-    pkey_dsa_verify,
-
-    0, 0,
-
-    0, 0, 0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    pkey_dsa_ctrl,
-    pkey_dsa_ctrl_str
-};
diff --git a/thirdparty/openssl/crypto/dsa/dsa_prn.c b/thirdparty/openssl/crypto/dsa/dsa_prn.c
deleted file mode 100644
index ce690dfcf5..0000000000
--- a/thirdparty/openssl/crypto/dsa/dsa_prn.c
+++ /dev/null
@@ -1,119 +0,0 @@
-/* crypto/dsa/dsa_prn.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/dsa.h>
-
-#ifndef OPENSSL_NO_FP_API
-int DSA_print_fp(FILE *fp, const DSA *x, int off)
-{
-    BIO *b;
-    int ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        DSAerr(DSA_F_DSA_PRINT_FP, ERR_R_BUF_LIB);
-        return (0);
-    }
-    BIO_set_fp(b, fp, BIO_NOCLOSE);
-    ret = DSA_print(b, x, off);
-    BIO_free(b);
-    return (ret);
-}
-
-int DSAparams_print_fp(FILE *fp, const DSA *x)
-{
-    BIO *b;
-    int ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        DSAerr(DSA_F_DSAPARAMS_PRINT_FP, ERR_R_BUF_LIB);
-        return (0);
-    }
-    BIO_set_fp(b, fp, BIO_NOCLOSE);
-    ret = DSAparams_print(b, x);
-    BIO_free(b);
-    return (ret);
-}
-#endif
-
-int DSA_print(BIO *bp, const DSA *x, int off)
-{
-    EVP_PKEY *pk;
-    int ret;
-    pk = EVP_PKEY_new();
-    if (!pk || !EVP_PKEY_set1_DSA(pk, (DSA *)x))
-        return 0;
-    ret = EVP_PKEY_print_private(bp, pk, off, NULL);
-    EVP_PKEY_free(pk);
-    return ret;
-}
-
-int DSAparams_print(BIO *bp, const DSA *x)
-{
-    EVP_PKEY *pk;
-    int ret;
-    pk = EVP_PKEY_new();
-    if (!pk || !EVP_PKEY_set1_DSA(pk, (DSA *)x))
-        return 0;
-    ret = EVP_PKEY_print_params(bp, pk, 4, NULL);
-    EVP_PKEY_free(pk);
-    return ret;
-}
diff --git a/thirdparty/openssl/crypto/dsa/dsa_sign.c b/thirdparty/openssl/crypto/dsa/dsa_sign.c
deleted file mode 100644
index c2b71d856f..0000000000
--- a/thirdparty/openssl/crypto/dsa/dsa_sign.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* crypto/dsa/dsa_sign.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
-
-#include "cryptlib.h"
-#include <openssl/dsa.h>
-#include <openssl/rand.h>
-#include <openssl/bn.h>
-
-DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
-{
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
-        && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) {
-        DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_NON_FIPS_DSA_METHOD);
-        return NULL;
-    }
-#endif
-    return dsa->meth->dsa_do_sign(dgst, dlen, dsa);
-}
-
-int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
-{
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
-        && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) {
-        DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_NON_FIPS_DSA_METHOD);
-        return 0;
-    }
-#endif
-    return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
-}
-
-DSA_SIG *DSA_SIG_new(void)
-{
-    DSA_SIG *sig;
-    sig = OPENSSL_malloc(sizeof(DSA_SIG));
-    if (!sig)
-        return NULL;
-    sig->r = NULL;
-    sig->s = NULL;
-    return sig;
-}
-
-void DSA_SIG_free(DSA_SIG *sig)
-{
-    if (sig) {
-        if (sig->r)
-            BN_free(sig->r);
-        if (sig->s)
-            BN_free(sig->s);
-        OPENSSL_free(sig);
-    }
-}
diff --git a/thirdparty/openssl/crypto/dsa/dsa_vrf.c b/thirdparty/openssl/crypto/dsa/dsa_vrf.c
deleted file mode 100644
index 7dbd0ca279..0000000000
--- a/thirdparty/openssl/crypto/dsa/dsa_vrf.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/* crypto/dsa/dsa_vrf.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
-
-#include "cryptlib.h"
-#include <openssl/dsa.h>
-
-int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
-                  DSA *dsa)
-{
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
-        && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) {
-        DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_NON_FIPS_DSA_METHOD);
-        return -1;
-    }
-#endif
-    return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
-}
diff --git a/thirdparty/openssl/crypto/dsa/dsagen.c b/thirdparty/openssl/crypto/dsa/dsagen.c
deleted file mode 100644
index e7d346b1ec..0000000000
--- a/thirdparty/openssl/crypto/dsa/dsagen.c
+++ /dev/null
@@ -1,115 +0,0 @@
-/* crypto/dsa/dsagen.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/dsa.h>
-
-#define TEST
-#define GENUINE_DSA
-
-#ifdef GENUINE_DSA
-# define LAST_VALUE 0xbd
-#else
-# define LAST_VALUE 0xd3
-#endif
-
-#ifdef TEST
-unsigned char seed[20] = {
-    0xd5, 0x01, 0x4e, 0x4b,
-    0x60, 0xef, 0x2b, 0xa8,
-    0xb6, 0x21, 0x1b, 0x40,
-    0x62, 0xba, 0x32, 0x24,
-    0xe0, 0x42, 0x7d, LAST_VALUE
-};
-#endif
-
-int cb(int p, int n)
-{
-    char c = '*';
-
-    if (p == 0)
-        c = '.';
-    if (p == 1)
-        c = '+';
-    if (p == 2)
-        c = '*';
-    if (p == 3)
-        c = '\n';
-    printf("%c", c);
-    fflush(stdout);
-}
-
-main()
-{
-    int i;
-    BIGNUM *n;
-    BN_CTX *ctx;
-    unsigned char seed_buf[20];
-    DSA *dsa;
-    int counter, h;
-    BIO *bio_err = NULL;
-
-    if (bio_err == NULL)
-        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
-
-    memcpy(seed_buf, seed, 20);
-    dsa = DSA_generate_parameters(1024, seed, 20, &counter, &h, cb, bio_err);
-
-    if (dsa == NULL)
-        DSA_print(bio_err, dsa, 0);
-}
diff --git a/thirdparty/openssl/crypto/dsa/fips186a.txt b/thirdparty/openssl/crypto/dsa/fips186a.txt
deleted file mode 100644
index 3a2e0a0d51..0000000000
--- a/thirdparty/openssl/crypto/dsa/fips186a.txt
+++ /dev/null
@@ -1,122 +0,0 @@
-The origional FIPE 180 used SHA-0 (FIPS 180) for its appendix 5
-examples.  This is an updated version that uses SHA-1 (FIPS 180-1)
-supplied to me by Wei Dai
---
-		     APPENDIX 5. EXAMPLE OF THE DSA
-
-
-This appendix is for informational purposes only and is not required to meet
-the standard.
-
-Let L = 512 (size of p).  The values in this example are expressed in
-hexadecimal notation.  The p and q given here were generated by the prime
-generation standard described in appendix 2 using the 160-bit SEED:
-
-          d5014e4b 60ef2ba8 b6211b40 62ba3224 e0427dd3
-
-With this SEED, the algorithm found p and q when the counter was at 105.
-
-x was generated by the algorithm described in appendix 3, section 3.1, using
-the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit XSEED:
-
-XSEED =   
-
-	bd029bbe 7f51960b cf9edb2b 61f06f0f eb5a38b6
-
-t =
-	67452301 EFCDAB89 98BADCFE 10325476 C3D2E1F0
-
-x = G(t,XSEED) mod q
-
-k was generated by the algorithm described in appendix 3, section 3.2, using
-the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit KSEED:
-
-KSEED =
-
-	687a66d9 0648f993 867e121f 4ddf9ddb 01205584
-
-t =
-	EFCDAB89 98BADCFE 10325476 C3D2E1F0 67452301
-
-k = G(t,KSEED) mod q
-
-Finally:
-
-h = 2
-
-p =
-	8df2a494 492276aa 3d25759b b06869cb eac0d83a fb8d0cf7
-	cbb8324f 0d7882e5 d0762fc5 b7210eaf c2e9adac 32ab7aac
-	49693dfb f83724c2 ec0736ee 31c80291
-
-
-q =
-	c773218c 737ec8ee 993b4f2d ed30f48e dace915f
-
-
-g =
-	626d0278 39ea0a13 413163a5 5b4cb500 299d5522 956cefcb
-	3bff10f3 99ce2c2e 71cb9de5 fa24babf 58e5b795 21925c9c
-	c42e9f6f 464b088c c572af53 e6d78802
-
-
-x =
-	2070b322 3dba372f de1c0ffc 7b2e3b49 8b260614
-
-
-k =
-	358dad57 1462710f 50e254cf 1a376b2b deaadfbf
-
-
-kinv = 
-
-	0d516729 8202e49b 4116ac10 4fc3f415 ae52f917
-
-M = ASCII form of "abc" (See FIPS PUB 180-1, Appendix A)
-
-SHA(M) =  
-
-	a9993e36 4706816a ba3e2571 7850c26c 9cd0d89d
-
-
-y =
-
-	19131871 d75b1612 a819f29d 78d1b0d7 346f7aa7 7bb62a85 
-	9bfd6c56 75da9d21 2d3a36ef 1672ef66 0b8c7c25 5cc0ec74
-	858fba33 f44c0669 9630a76b 030ee333
-
-
-r =
-	8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0
-
-s =
-	41e2345f 1f56df24 58f426d1 55b4ba2d b6dcd8c8
-
-
-w =
-	9df4ece5 826be95f ed406d41 b43edc0b 1c18841b
-
-
-u1 =
-	bf655bd0 46f0b35e c791b004 804afcbb 8ef7d69d
-
-
-u2 =
-	821a9263 12e97ade abcc8d08 2b527897 8a2df4b0
-
-
-gu1 mod p =
-
-	51b1bf86 7888e5f3 af6fb476 9dd016bc fe667a65 aafc2753
-	9063bd3d 2b138b4c e02cc0c0 2ec62bb6 7306c63e 4db95bbf
-	6f96662a 1987a21b e4ec1071 010b6069
-
-
-yu2 mod p =
-
-	8b510071 2957e950 50d6b8fd 376a668e 4b0d633c 1e46e665
-	5c611a72 e2b28483 be52c74d 4b30de61 a668966e dc307a67 
-	c19441f4 22bf3c34 08aeba1f 0a4dbec7
-
-v =
-	8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0
diff --git a/thirdparty/openssl/crypto/dso/README b/thirdparty/openssl/crypto/dso/README
deleted file mode 100644
index d0bc9a89fb..0000000000
--- a/thirdparty/openssl/crypto/dso/README
+++ /dev/null
@@ -1,22 +0,0 @@
-NOTES
------
-
-I've checked out HPUX (well, version 11 at least) and shl_t is
-a pointer type so it's safe to use in the way it has been in
-dso_dl.c. On the other hand, HPUX11 support dlfcn too and
-according to their man page, prefer developers to move to that.
-I'll leave Richard's changes there as I guess dso_dl is needed
-for HPUX10.20.
-
-There is now a callback scheme in place where filename conversion can
-(a) be turned off altogether through the use of the
-    DSO_FLAG_NO_NAME_TRANSLATION flag,
-(b) be handled by default using the default DSO_METHOD's converter
-(c) overriden per-DSO by setting the override callback
-(d) a mix of (b) and (c) - eg. implement an override callback that;
-    (i) checks if we're win32 (if(strstr(dso->meth->name, "win32")....)
-        and if so, convert "blah" into "blah32.dll" (the default is
-	otherwise to make it "blah.dll").
-    (ii) default to the normal behaviour - we're not on win32, eg.
-         finish with (return dso->meth->dso_name_converter(dso,NULL)).
-
diff --git a/thirdparty/openssl/crypto/dso/dso_beos.c b/thirdparty/openssl/crypto/dso/dso_beos.c
deleted file mode 100644
index 68ebcd8a24..0000000000
--- a/thirdparty/openssl/crypto/dso/dso_beos.c
+++ /dev/null
@@ -1,253 +0,0 @@
-/* dso_beos.c */
-/*
- * Written by Marcin Konicki (ahwayakchih@neoni.net) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-
-#if !defined(OPENSSL_SYS_BEOS)
-DSO_METHOD *DSO_METHOD_beos(void)
-{
-    return NULL;
-}
-#else
-
-# include <kernel/image.h>
-
-static int beos_load(DSO *dso);
-static int beos_unload(DSO *dso);
-static void *beos_bind_var(DSO *dso, const char *symname);
-static DSO_FUNC_TYPE beos_bind_func(DSO *dso, const char *symname);
-# if 0
-static int beos_unbind_var(DSO *dso, char *symname, void *symptr);
-static int beos_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
-static int beos_init(DSO *dso);
-static int beos_finish(DSO *dso);
-static long beos_ctrl(DSO *dso, int cmd, long larg, void *parg);
-# endif
-static char *beos_name_converter(DSO *dso, const char *filename);
-
-static DSO_METHOD dso_meth_beos = {
-    "OpenSSL 'beos' shared library method",
-    beos_load,
-    beos_unload,
-    beos_bind_var,
-    beos_bind_func,
-/* For now, "unbind" doesn't exist */
-# if 0
-    NULL,                       /* unbind_var */
-    NULL,                       /* unbind_func */
-# endif
-    NULL,                       /* ctrl */
-    beos_name_converter,
-    NULL,                       /* init */
-    NULL                        /* finish */
-};
-
-DSO_METHOD *DSO_METHOD_beos(void)
-{
-    return (&dso_meth_beos);
-}
-
-/*
- * For this DSO_METHOD, our meth_data STACK will contain; (i) a pointer to
- * the handle (image_id) returned from load_add_on().
- */
-
-static int beos_load(DSO *dso)
-{
-    image_id id;
-    /* See applicable comments from dso_dl.c */
-    char *filename = DSO_convert_filename(dso, NULL);
-
-    if (filename == NULL) {
-        DSOerr(DSO_F_BEOS_LOAD, DSO_R_NO_FILENAME);
-        goto err;
-    }
-    id = load_add_on(filename);
-    if (id < 1) {
-        DSOerr(DSO_F_BEOS_LOAD, DSO_R_LOAD_FAILED);
-        ERR_add_error_data(3, "filename(", filename, ")");
-        goto err;
-    }
-    if (!sk_push(dso->meth_data, (char *)id)) {
-        DSOerr(DSO_F_BEOS_LOAD, DSO_R_STACK_ERROR);
-        goto err;
-    }
-    /* Success */
-    dso->loaded_filename = filename;
-    return (1);
- err:
-    /* Cleanup ! */
-    if (filename != NULL)
-        OPENSSL_free(filename);
-    if (id > 0)
-        unload_add_on(id);
-    return (0);
-}
-
-static int beos_unload(DSO *dso)
-{
-    image_id id;
-    if (dso == NULL) {
-        DSOerr(DSO_F_BEOS_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
-        return (0);
-    }
-    if (sk_num(dso->meth_data) < 1)
-        return (1);
-    id = (image_id) sk_pop(dso->meth_data);
-    if (id < 1) {
-        DSOerr(DSO_F_BEOS_UNLOAD, DSO_R_NULL_HANDLE);
-        return (0);
-    }
-    if (unload_add_on(id) != B_OK) {
-        DSOerr(DSO_F_BEOS_UNLOAD, DSO_R_UNLOAD_FAILED);
-        /*
-         * We should push the value back onto the stack in case of a retry.
-         */
-        sk_push(dso->meth_data, (char *)id);
-        return (0);
-    }
-    return (1);
-}
-
-static void *beos_bind_var(DSO *dso, const char *symname)
-{
-    image_id id;
-    void *sym;
-
-    if ((dso == NULL) || (symname == NULL)) {
-        DSOerr(DSO_F_BEOS_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
-        return (NULL);
-    }
-    if (sk_num(dso->meth_data) < 1) {
-        DSOerr(DSO_F_BEOS_BIND_VAR, DSO_R_STACK_ERROR);
-        return (NULL);
-    }
-    id = (image_id) sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
-    if (id < 1) {
-        DSOerr(DSO_F_BEOS_BIND_VAR, DSO_R_NULL_HANDLE);
-        return (NULL);
-    }
-    if (get_image_symbol(id, symname, B_SYMBOL_TYPE_DATA, &sym) != B_OK) {
-        DSOerr(DSO_F_BEOS_BIND_VAR, DSO_R_SYM_FAILURE);
-        ERR_add_error_data(3, "symname(", symname, ")");
-        return (NULL);
-    }
-    return (sym);
-}
-
-static DSO_FUNC_TYPE beos_bind_func(DSO *dso, const char *symname)
-{
-    image_id id;
-    void *sym;
-
-    if ((dso == NULL) || (symname == NULL)) {
-        DSOerr(DSO_F_BEOS_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
-        return (NULL);
-    }
-    if (sk_num(dso->meth_data) < 1) {
-        DSOerr(DSO_F_BEOS_BIND_FUNC, DSO_R_STACK_ERROR);
-        return (NULL);
-    }
-    id = (image_id) sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
-    if (id < 1) {
-        DSOerr(DSO_F_BEOS_BIND_FUNC, DSO_R_NULL_HANDLE);
-        return (NULL);
-    }
-    if (get_image_symbol(id, symname, B_SYMBOL_TYPE_TEXT, &sym) != B_OK) {
-        DSOerr(DSO_F_BEOS_BIND_FUNC, DSO_R_SYM_FAILURE);
-        ERR_add_error_data(3, "symname(", symname, ")");
-        return (NULL);
-    }
-    return ((DSO_FUNC_TYPE)sym);
-}
-
-/* This one is the same as the one in dlfcn */
-static char *beos_name_converter(DSO *dso, const char *filename)
-{
-    char *translated;
-    int len, rsize, transform;
-
-    len = strlen(filename);
-    rsize = len + 1;
-    transform = (strstr(filename, "/") == NULL);
-    if (transform) {
-        /* We will convert this to "%s.so" or "lib%s.so" */
-        rsize += 3;             /* The length of ".so" */
-        if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
-            rsize += 3;         /* The length of "lib" */
-    }
-    translated = OPENSSL_malloc(rsize);
-    if (translated == NULL) {
-        DSOerr(DSO_F_BEOS_NAME_CONVERTER, DSO_R_NAME_TRANSLATION_FAILED);
-        return (NULL);
-    }
-    if (transform) {
-        if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
-            sprintf(translated, "lib%s.so", filename);
-        else
-            sprintf(translated, "%s.so", filename);
-    } else
-        sprintf(translated, "%s", filename);
-    return (translated);
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/dso/dso_dl.c b/thirdparty/openssl/crypto/dso/dso_dl.c
deleted file mode 100644
index ceedf66e88..0000000000
--- a/thirdparty/openssl/crypto/dso/dso_dl.c
+++ /dev/null
@@ -1,380 +0,0 @@
-/* dso_dl.c */
-/*
- * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-
-#ifndef DSO_DL
-DSO_METHOD *DSO_METHOD_dl(void)
-{
-    return NULL;
-}
-#else
-
-# include <dl.h>
-
-/* Part of the hack in "dl_load" ... */
-# define DSO_MAX_TRANSLATED_SIZE 256
-
-static int dl_load(DSO *dso);
-static int dl_unload(DSO *dso);
-static void *dl_bind_var(DSO *dso, const char *symname);
-static DSO_FUNC_TYPE dl_bind_func(DSO *dso, const char *symname);
-# if 0
-static int dl_unbind_var(DSO *dso, char *symname, void *symptr);
-static int dl_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
-static int dl_init(DSO *dso);
-static int dl_finish(DSO *dso);
-static int dl_ctrl(DSO *dso, int cmd, long larg, void *parg);
-# endif
-static char *dl_name_converter(DSO *dso, const char *filename);
-static char *dl_merger(DSO *dso, const char *filespec1,
-                       const char *filespec2);
-static int dl_pathbyaddr(void *addr, char *path, int sz);
-static void *dl_globallookup(const char *name);
-
-static DSO_METHOD dso_meth_dl = {
-    "OpenSSL 'dl' shared library method",
-    dl_load,
-    dl_unload,
-    dl_bind_var,
-    dl_bind_func,
-/* For now, "unbind" doesn't exist */
-# if 0
-    NULL,                       /* unbind_var */
-    NULL,                       /* unbind_func */
-# endif
-    NULL,                       /* ctrl */
-    dl_name_converter,
-    dl_merger,
-    NULL,                       /* init */
-    NULL,                       /* finish */
-    dl_pathbyaddr,
-    dl_globallookup
-};
-
-DSO_METHOD *DSO_METHOD_dl(void)
-{
-    return (&dso_meth_dl);
-}
-
-/*
- * For this DSO_METHOD, our meth_data STACK will contain; (i) the handle
- * (shl_t) returned from shl_load(). NB: I checked on HPUX11 and shl_t is
- * itself a pointer type so the cast is safe.
- */
-
-static int dl_load(DSO *dso)
-{
-    shl_t ptr = NULL;
-    /*
-     * We don't do any fancy retries or anything, just take the method's (or
-     * DSO's if it has the callback set) best translation of the
-     * platform-independant filename and try once with that.
-     */
-    char *filename = DSO_convert_filename(dso, NULL);
-
-    if (filename == NULL) {
-        DSOerr(DSO_F_DL_LOAD, DSO_R_NO_FILENAME);
-        goto err;
-    }
-    ptr = shl_load(filename, BIND_IMMEDIATE |
-                   (dso->flags & DSO_FLAG_NO_NAME_TRANSLATION ? 0 :
-                    DYNAMIC_PATH), 0L);
-    if (ptr == NULL) {
-        DSOerr(DSO_F_DL_LOAD, DSO_R_LOAD_FAILED);
-        ERR_add_error_data(4, "filename(", filename, "): ", strerror(errno));
-        goto err;
-    }
-    if (!sk_push(dso->meth_data, (char *)ptr)) {
-        DSOerr(DSO_F_DL_LOAD, DSO_R_STACK_ERROR);
-        goto err;
-    }
-    /*
-     * Success, stick the converted filename we've loaded under into the DSO
-     * (it also serves as the indicator that we are currently loaded).
-     */
-    dso->loaded_filename = filename;
-    return (1);
- err:
-    /* Cleanup! */
-    if (filename != NULL)
-        OPENSSL_free(filename);
-    if (ptr != NULL)
-        shl_unload(ptr);
-    return (0);
-}
-
-static int dl_unload(DSO *dso)
-{
-    shl_t ptr;
-    if (dso == NULL) {
-        DSOerr(DSO_F_DL_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
-        return (0);
-    }
-    if (sk_num(dso->meth_data) < 1)
-        return (1);
-    /* Is this statement legal? */
-    ptr = (shl_t) sk_pop(dso->meth_data);
-    if (ptr == NULL) {
-        DSOerr(DSO_F_DL_UNLOAD, DSO_R_NULL_HANDLE);
-        /*
-         * Should push the value back onto the stack in case of a retry.
-         */
-        sk_push(dso->meth_data, (char *)ptr);
-        return (0);
-    }
-    shl_unload(ptr);
-    return (1);
-}
-
-static void *dl_bind_var(DSO *dso, const char *symname)
-{
-    shl_t ptr;
-    void *sym;
-
-    if ((dso == NULL) || (symname == NULL)) {
-        DSOerr(DSO_F_DL_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
-        return (NULL);
-    }
-    if (sk_num(dso->meth_data) < 1) {
-        DSOerr(DSO_F_DL_BIND_VAR, DSO_R_STACK_ERROR);
-        return (NULL);
-    }
-    ptr = (shl_t) sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
-    if (ptr == NULL) {
-        DSOerr(DSO_F_DL_BIND_VAR, DSO_R_NULL_HANDLE);
-        return (NULL);
-    }
-    if (shl_findsym(&ptr, symname, TYPE_UNDEFINED, &sym) < 0) {
-        DSOerr(DSO_F_DL_BIND_VAR, DSO_R_SYM_FAILURE);
-        ERR_add_error_data(4, "symname(", symname, "): ", strerror(errno));
-        return (NULL);
-    }
-    return (sym);
-}
-
-static DSO_FUNC_TYPE dl_bind_func(DSO *dso, const char *symname)
-{
-    shl_t ptr;
-    void *sym;
-
-    if ((dso == NULL) || (symname == NULL)) {
-        DSOerr(DSO_F_DL_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
-        return (NULL);
-    }
-    if (sk_num(dso->meth_data) < 1) {
-        DSOerr(DSO_F_DL_BIND_FUNC, DSO_R_STACK_ERROR);
-        return (NULL);
-    }
-    ptr = (shl_t) sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
-    if (ptr == NULL) {
-        DSOerr(DSO_F_DL_BIND_FUNC, DSO_R_NULL_HANDLE);
-        return (NULL);
-    }
-    if (shl_findsym(&ptr, symname, TYPE_UNDEFINED, &sym) < 0) {
-        DSOerr(DSO_F_DL_BIND_FUNC, DSO_R_SYM_FAILURE);
-        ERR_add_error_data(4, "symname(", symname, "): ", strerror(errno));
-        return (NULL);
-    }
-    return ((DSO_FUNC_TYPE)sym);
-}
-
-static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2)
-{
-    char *merged;
-
-    if (!filespec1 && !filespec2) {
-        DSOerr(DSO_F_DL_MERGER, ERR_R_PASSED_NULL_PARAMETER);
-        return (NULL);
-    }
-    /*
-     * If the first file specification is a rooted path, it rules. same goes
-     * if the second file specification is missing.
-     */
-    if (!filespec2 || filespec1[0] == '/') {
-        merged = OPENSSL_malloc(strlen(filespec1) + 1);
-        if (!merged) {
-            DSOerr(DSO_F_DL_MERGER, ERR_R_MALLOC_FAILURE);
-            return (NULL);
-        }
-        strcpy(merged, filespec1);
-    }
-    /*
-     * If the first file specification is missing, the second one rules.
-     */
-    else if (!filespec1) {
-        merged = OPENSSL_malloc(strlen(filespec2) + 1);
-        if (!merged) {
-            DSOerr(DSO_F_DL_MERGER, ERR_R_MALLOC_FAILURE);
-            return (NULL);
-        }
-        strcpy(merged, filespec2);
-    } else
-        /*
-         * This part isn't as trivial as it looks.  It assumes that the
-         * second file specification really is a directory, and makes no
-         * checks whatsoever.  Therefore, the result becomes the
-         * concatenation of filespec2 followed by a slash followed by
-         * filespec1.
-         */
-    {
-        int spec2len, len;
-
-        spec2len = (filespec2 ? strlen(filespec2) : 0);
-        len = spec2len + (filespec1 ? strlen(filespec1) : 0);
-
-        if (filespec2 && filespec2[spec2len - 1] == '/') {
-            spec2len--;
-            len--;
-        }
-        merged = OPENSSL_malloc(len + 2);
-        if (!merged) {
-            DSOerr(DSO_F_DL_MERGER, ERR_R_MALLOC_FAILURE);
-            return (NULL);
-        }
-        strcpy(merged, filespec2);
-        merged[spec2len] = '/';
-        strcpy(&merged[spec2len + 1], filespec1);
-    }
-    return (merged);
-}
-
-/*
- * This function is identical to the one in dso_dlfcn.c, but as it is highly
- * unlikely that both the "dl" *and* "dlfcn" variants are being compiled at
- * the same time, there's no great duplicating the code. Figuring out an
- * elegant way to share one copy of the code would be more difficult and
- * would not leave the implementations independant.
- */
-# if defined(__hpux)
-static const char extension[] = ".sl";
-# else
-static const char extension[] = ".so";
-# endif
-static char *dl_name_converter(DSO *dso, const char *filename)
-{
-    char *translated;
-    int len, rsize, transform;
-
-    len = strlen(filename);
-    rsize = len + 1;
-    transform = (strstr(filename, "/") == NULL);
-    {
-        /* We will convert this to "%s.s?" or "lib%s.s?" */
-        rsize += strlen(extension); /* The length of ".s?" */
-        if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
-            rsize += 3;         /* The length of "lib" */
-    }
-    translated = OPENSSL_malloc(rsize);
-    if (translated == NULL) {
-        DSOerr(DSO_F_DL_NAME_CONVERTER, DSO_R_NAME_TRANSLATION_FAILED);
-        return (NULL);
-    }
-    if (transform) {
-        if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
-            sprintf(translated, "lib%s%s", filename, extension);
-        else
-            sprintf(translated, "%s%s", filename, extension);
-    } else
-        sprintf(translated, "%s", filename);
-    return (translated);
-}
-
-static int dl_pathbyaddr(void *addr, char *path, int sz)
-{
-    struct shl_descriptor inf;
-    int i, len;
-
-    if (addr == NULL) {
-        union {
-            int (*f) (void *, char *, int);
-            void *p;
-        } t = {
-            dl_pathbyaddr
-        };
-        addr = t.p;
-    }
-
-    for (i = -1; shl_get_r(i, &inf) == 0; i++) {
-        if (((size_t)addr >= inf.tstart && (size_t)addr < inf.tend) ||
-            ((size_t)addr >= inf.dstart && (size_t)addr < inf.dend)) {
-            len = (int)strlen(inf.filename);
-            if (sz <= 0)
-                return len + 1;
-            if (len >= sz)
-                len = sz - 1;
-            memcpy(path, inf.filename, len);
-            path[len++] = 0;
-            return len;
-        }
-    }
-
-    return -1;
-}
-
-static void *dl_globallookup(const char *name)
-{
-    void *ret;
-    shl_t h = NULL;
-
-    return shl_findsym(&h, name, TYPE_UNDEFINED, &ret) ? NULL : ret;
-}
-#endif                          /* DSO_DL */
diff --git a/thirdparty/openssl/crypto/dso/dso_dlfcn.c b/thirdparty/openssl/crypto/dso/dso_dlfcn.c
deleted file mode 100644
index 78df723ffb..0000000000
--- a/thirdparty/openssl/crypto/dso/dso_dlfcn.c
+++ /dev/null
@@ -1,465 +0,0 @@
-/* dso_dlfcn.c */
-/*
- * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * We need to do this early, because stdio.h includes the header files that
- * handle _GNU_SOURCE and other similar macros.  Defining it later is simply
- * too late, because those headers are protected from re- inclusion.
- */
-#ifndef _GNU_SOURCE
-# define _GNU_SOURCE            /* make sure dladdr is declared */
-#endif
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-
-#ifndef DSO_DLFCN
-DSO_METHOD *DSO_METHOD_dlfcn(void)
-{
-    return NULL;
-}
-#else
-
-# ifdef HAVE_DLFCN_H
-#  ifdef __osf__
-#   define __EXTENSIONS__
-#  endif
-#  include <dlfcn.h>
-#  define HAVE_DLINFO 1
-#  if defined(_AIX) || defined(__CYGWIN__) || \
-     defined(__SCO_VERSION__) || defined(_SCO_ELF) || \
-     (defined(__osf__) && !defined(RTLD_NEXT))     || \
-     (defined(__OpenBSD__) && !defined(RTLD_SELF)) || \
-        defined(__ANDROID__)
-#   undef HAVE_DLINFO
-#  endif
-# endif
-
-/* Part of the hack in "dlfcn_load" ... */
-# define DSO_MAX_TRANSLATED_SIZE 256
-
-static int dlfcn_load(DSO *dso);
-static int dlfcn_unload(DSO *dso);
-static void *dlfcn_bind_var(DSO *dso, const char *symname);
-static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname);
-# if 0
-static int dlfcn_unbind(DSO *dso, char *symname, void *symptr);
-static int dlfcn_init(DSO *dso);
-static int dlfcn_finish(DSO *dso);
-static long dlfcn_ctrl(DSO *dso, int cmd, long larg, void *parg);
-# endif
-static char *dlfcn_name_converter(DSO *dso, const char *filename);
-static char *dlfcn_merger(DSO *dso, const char *filespec1,
-                          const char *filespec2);
-static int dlfcn_pathbyaddr(void *addr, char *path, int sz);
-static void *dlfcn_globallookup(const char *name);
-
-static DSO_METHOD dso_meth_dlfcn = {
-    "OpenSSL 'dlfcn' shared library method",
-    dlfcn_load,
-    dlfcn_unload,
-    dlfcn_bind_var,
-    dlfcn_bind_func,
-/* For now, "unbind" doesn't exist */
-# if 0
-    NULL,                       /* unbind_var */
-    NULL,                       /* unbind_func */
-# endif
-    NULL,                       /* ctrl */
-    dlfcn_name_converter,
-    dlfcn_merger,
-    NULL,                       /* init */
-    NULL,                       /* finish */
-    dlfcn_pathbyaddr,
-    dlfcn_globallookup
-};
-
-DSO_METHOD *DSO_METHOD_dlfcn(void)
-{
-    return (&dso_meth_dlfcn);
-}
-
-/*
- * Prior to using the dlopen() function, we should decide on the flag we
- * send. There's a few different ways of doing this and it's a messy
- * venn-diagram to match up which platforms support what. So as we don't have
- * autoconf yet, I'm implementing a hack that could be hacked further
- * relatively easily to deal with cases as we find them. Initially this is to
- * cope with OpenBSD.
- */
-# if defined(__OpenBSD__) || defined(__NetBSD__)
-#  ifdef DL_LAZY
-#   define DLOPEN_FLAG DL_LAZY
-#  else
-#   ifdef RTLD_NOW
-#    define DLOPEN_FLAG RTLD_NOW
-#   else
-#    define DLOPEN_FLAG 0
-#   endif
-#  endif
-# else
-#  ifdef OPENSSL_SYS_SUNOS
-#   define DLOPEN_FLAG 1
-#  else
-#   define DLOPEN_FLAG RTLD_NOW /* Hope this works everywhere else */
-#  endif
-# endif
-
-/*
- * For this DSO_METHOD, our meth_data STACK will contain; (i) the handle
- * (void*) returned from dlopen().
- */
-
-static int dlfcn_load(DSO *dso)
-{
-    void *ptr = NULL;
-    /* See applicable comments in dso_dl.c */
-    char *filename = DSO_convert_filename(dso, NULL);
-    int flags = DLOPEN_FLAG;
-
-    if (filename == NULL) {
-        DSOerr(DSO_F_DLFCN_LOAD, DSO_R_NO_FILENAME);
-        goto err;
-    }
-# ifdef RTLD_GLOBAL
-    if (dso->flags & DSO_FLAG_GLOBAL_SYMBOLS)
-        flags |= RTLD_GLOBAL;
-# endif
-    ptr = dlopen(filename, flags);
-    if (ptr == NULL) {
-        DSOerr(DSO_F_DLFCN_LOAD, DSO_R_LOAD_FAILED);
-        ERR_add_error_data(4, "filename(", filename, "): ", dlerror());
-        goto err;
-    }
-    if (!sk_void_push(dso->meth_data, (char *)ptr)) {
-        DSOerr(DSO_F_DLFCN_LOAD, DSO_R_STACK_ERROR);
-        goto err;
-    }
-    /* Success */
-    dso->loaded_filename = filename;
-    return (1);
- err:
-    /* Cleanup! */
-    if (filename != NULL)
-        OPENSSL_free(filename);
-    if (ptr != NULL)
-        dlclose(ptr);
-    return (0);
-}
-
-static int dlfcn_unload(DSO *dso)
-{
-    void *ptr;
-    if (dso == NULL) {
-        DSOerr(DSO_F_DLFCN_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
-        return (0);
-    }
-    if (sk_void_num(dso->meth_data) < 1)
-        return (1);
-    ptr = sk_void_pop(dso->meth_data);
-    if (ptr == NULL) {
-        DSOerr(DSO_F_DLFCN_UNLOAD, DSO_R_NULL_HANDLE);
-        /*
-         * Should push the value back onto the stack in case of a retry.
-         */
-        sk_void_push(dso->meth_data, ptr);
-        return (0);
-    }
-    /* For now I'm not aware of any errors associated with dlclose() */
-    dlclose(ptr);
-    return (1);
-}
-
-static void *dlfcn_bind_var(DSO *dso, const char *symname)
-{
-    void *ptr, *sym;
-
-    if ((dso == NULL) || (symname == NULL)) {
-        DSOerr(DSO_F_DLFCN_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
-        return (NULL);
-    }
-    if (sk_void_num(dso->meth_data) < 1) {
-        DSOerr(DSO_F_DLFCN_BIND_VAR, DSO_R_STACK_ERROR);
-        return (NULL);
-    }
-    ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
-    if (ptr == NULL) {
-        DSOerr(DSO_F_DLFCN_BIND_VAR, DSO_R_NULL_HANDLE);
-        return (NULL);
-    }
-    sym = dlsym(ptr, symname);
-    if (sym == NULL) {
-        DSOerr(DSO_F_DLFCN_BIND_VAR, DSO_R_SYM_FAILURE);
-        ERR_add_error_data(4, "symname(", symname, "): ", dlerror());
-        return (NULL);
-    }
-    return (sym);
-}
-
-static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname)
-{
-    void *ptr;
-    union {
-        DSO_FUNC_TYPE sym;
-        void *dlret;
-    } u;
-
-    if ((dso == NULL) || (symname == NULL)) {
-        DSOerr(DSO_F_DLFCN_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
-        return (NULL);
-    }
-    if (sk_void_num(dso->meth_data) < 1) {
-        DSOerr(DSO_F_DLFCN_BIND_FUNC, DSO_R_STACK_ERROR);
-        return (NULL);
-    }
-    ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
-    if (ptr == NULL) {
-        DSOerr(DSO_F_DLFCN_BIND_FUNC, DSO_R_NULL_HANDLE);
-        return (NULL);
-    }
-    u.dlret = dlsym(ptr, symname);
-    if (u.dlret == NULL) {
-        DSOerr(DSO_F_DLFCN_BIND_FUNC, DSO_R_SYM_FAILURE);
-        ERR_add_error_data(4, "symname(", symname, "): ", dlerror());
-        return (NULL);
-    }
-    return u.sym;
-}
-
-static char *dlfcn_merger(DSO *dso, const char *filespec1,
-                          const char *filespec2)
-{
-    char *merged;
-
-    if (!filespec1 && !filespec2) {
-        DSOerr(DSO_F_DLFCN_MERGER, ERR_R_PASSED_NULL_PARAMETER);
-        return (NULL);
-    }
-    /*
-     * If the first file specification is a rooted path, it rules. same goes
-     * if the second file specification is missing.
-     */
-    if (!filespec2 || (filespec1 != NULL && filespec1[0] == '/')) {
-        merged = OPENSSL_malloc(strlen(filespec1) + 1);
-        if (!merged) {
-            DSOerr(DSO_F_DLFCN_MERGER, ERR_R_MALLOC_FAILURE);
-            return (NULL);
-        }
-        strcpy(merged, filespec1);
-    }
-    /*
-     * If the first file specification is missing, the second one rules.
-     */
-    else if (!filespec1) {
-        merged = OPENSSL_malloc(strlen(filespec2) + 1);
-        if (!merged) {
-            DSOerr(DSO_F_DLFCN_MERGER, ERR_R_MALLOC_FAILURE);
-            return (NULL);
-        }
-        strcpy(merged, filespec2);
-    } else {
-        /*
-         * This part isn't as trivial as it looks.  It assumes that the
-         * second file specification really is a directory, and makes no
-         * checks whatsoever.  Therefore, the result becomes the
-         * concatenation of filespec2 followed by a slash followed by
-         * filespec1.
-         */
-        int spec2len, len;
-
-        spec2len = strlen(filespec2);
-        len = spec2len + strlen(filespec1);
-
-        if (spec2len && filespec2[spec2len - 1] == '/') {
-            spec2len--;
-            len--;
-        }
-        merged = OPENSSL_malloc(len + 2);
-        if (!merged) {
-            DSOerr(DSO_F_DLFCN_MERGER, ERR_R_MALLOC_FAILURE);
-            return (NULL);
-        }
-        strcpy(merged, filespec2);
-        merged[spec2len] = '/';
-        strcpy(&merged[spec2len + 1], filespec1);
-    }
-    return (merged);
-}
-
-# ifdef OPENSSL_SYS_MACOSX
-#  define DSO_ext ".dylib"
-#  define DSO_extlen 6
-# else
-#  define DSO_ext ".so"
-#  define DSO_extlen 3
-# endif
-
-static char *dlfcn_name_converter(DSO *dso, const char *filename)
-{
-    char *translated;
-    int len, rsize, transform;
-
-    len = strlen(filename);
-    rsize = len + 1;
-    transform = (strstr(filename, "/") == NULL);
-    if (transform) {
-        /* We will convert this to "%s.so" or "lib%s.so" etc */
-        rsize += DSO_extlen;    /* The length of ".so" */
-        if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
-            rsize += 3;         /* The length of "lib" */
-    }
-    translated = OPENSSL_malloc(rsize);
-    if (translated == NULL) {
-        DSOerr(DSO_F_DLFCN_NAME_CONVERTER, DSO_R_NAME_TRANSLATION_FAILED);
-        return (NULL);
-    }
-    if (transform) {
-        if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
-            sprintf(translated, "lib%s" DSO_ext, filename);
-        else
-            sprintf(translated, "%s" DSO_ext, filename);
-    } else
-        sprintf(translated, "%s", filename);
-    return (translated);
-}
-
-# ifdef __sgi
-/*-
-This is a quote from IRIX manual for dladdr(3c):
-
-     <dlfcn.h> does not contain a prototype for dladdr or definition of
-     Dl_info.  The #include <dlfcn.h>  in the SYNOPSIS line is traditional,
-     but contains no dladdr prototype and no IRIX library contains an
-     implementation.  Write your own declaration based on the code below.
-
-     The following code is dependent on internal interfaces that are not
-     part of the IRIX compatibility guarantee; however, there is no future
-     intention to change this interface, so on a practical level, the code
-     below is safe to use on IRIX.
-*/
-#  include <rld_interface.h>
-#  ifndef _RLD_INTERFACE_DLFCN_H_DLADDR
-#   define _RLD_INTERFACE_DLFCN_H_DLADDR
-typedef struct Dl_info {
-    const char *dli_fname;
-    void *dli_fbase;
-    const char *dli_sname;
-    void *dli_saddr;
-    int dli_version;
-    int dli_reserved1;
-    long dli_reserved[4];
-} Dl_info;
-#  else
-typedef struct Dl_info Dl_info;
-#  endif
-#  define _RLD_DLADDR             14
-
-static int dladdr(void *address, Dl_info *dl)
-{
-    void *v;
-    v = _rld_new_interface(_RLD_DLADDR, address, dl);
-    return (int)v;
-}
-# endif                         /* __sgi */
-
-static int dlfcn_pathbyaddr(void *addr, char *path, int sz)
-{
-# ifdef HAVE_DLINFO
-    Dl_info dli;
-    int len;
-
-    if (addr == NULL) {
-        union {
-            int (*f) (void *, char *, int);
-            void *p;
-        } t = {
-            dlfcn_pathbyaddr
-        };
-        addr = t.p;
-    }
-
-    if (dladdr(addr, &dli)) {
-        len = (int)strlen(dli.dli_fname);
-        if (sz <= 0)
-            return len + 1;
-        if (len >= sz)
-            len = sz - 1;
-        memcpy(path, dli.dli_fname, len);
-        path[len++] = 0;
-        return len;
-    }
-
-    ERR_add_error_data(2, "dlfcn_pathbyaddr(): ", dlerror());
-# endif
-    return -1;
-}
-
-static void *dlfcn_globallookup(const char *name)
-{
-    void *ret = NULL, *handle = dlopen(NULL, RTLD_LAZY);
-
-    if (handle) {
-        ret = dlsym(handle, name);
-        dlclose(handle);
-    }
-
-    return ret;
-}
-#endif                          /* DSO_DLFCN */
diff --git a/thirdparty/openssl/crypto/dso/dso_err.c b/thirdparty/openssl/crypto/dso/dso_err.c
deleted file mode 100644
index e143cc01f0..0000000000
--- a/thirdparty/openssl/crypto/dso/dso_err.c
+++ /dev/null
@@ -1,158 +0,0 @@
-/* crypto/dso/dso_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/dso.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_DSO,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_DSO,0,reason)
-
-static ERR_STRING_DATA DSO_str_functs[] = {
-    {ERR_FUNC(DSO_F_BEOS_BIND_FUNC), "BEOS_BIND_FUNC"},
-    {ERR_FUNC(DSO_F_BEOS_BIND_VAR), "BEOS_BIND_VAR"},
-    {ERR_FUNC(DSO_F_BEOS_LOAD), "BEOS_LOAD"},
-    {ERR_FUNC(DSO_F_BEOS_NAME_CONVERTER), "BEOS_NAME_CONVERTER"},
-    {ERR_FUNC(DSO_F_BEOS_UNLOAD), "BEOS_UNLOAD"},
-    {ERR_FUNC(DSO_F_DLFCN_BIND_FUNC), "DLFCN_BIND_FUNC"},
-    {ERR_FUNC(DSO_F_DLFCN_BIND_VAR), "DLFCN_BIND_VAR"},
-    {ERR_FUNC(DSO_F_DLFCN_LOAD), "DLFCN_LOAD"},
-    {ERR_FUNC(DSO_F_DLFCN_MERGER), "DLFCN_MERGER"},
-    {ERR_FUNC(DSO_F_DLFCN_NAME_CONVERTER), "DLFCN_NAME_CONVERTER"},
-    {ERR_FUNC(DSO_F_DLFCN_UNLOAD), "DLFCN_UNLOAD"},
-    {ERR_FUNC(DSO_F_DL_BIND_FUNC), "DL_BIND_FUNC"},
-    {ERR_FUNC(DSO_F_DL_BIND_VAR), "DL_BIND_VAR"},
-    {ERR_FUNC(DSO_F_DL_LOAD), "DL_LOAD"},
-    {ERR_FUNC(DSO_F_DL_MERGER), "DL_MERGER"},
-    {ERR_FUNC(DSO_F_DL_NAME_CONVERTER), "DL_NAME_CONVERTER"},
-    {ERR_FUNC(DSO_F_DL_UNLOAD), "DL_UNLOAD"},
-    {ERR_FUNC(DSO_F_DSO_BIND_FUNC), "DSO_bind_func"},
-    {ERR_FUNC(DSO_F_DSO_BIND_VAR), "DSO_bind_var"},
-    {ERR_FUNC(DSO_F_DSO_CONVERT_FILENAME), "DSO_convert_filename"},
-    {ERR_FUNC(DSO_F_DSO_CTRL), "DSO_ctrl"},
-    {ERR_FUNC(DSO_F_DSO_FREE), "DSO_free"},
-    {ERR_FUNC(DSO_F_DSO_GET_FILENAME), "DSO_get_filename"},
-    {ERR_FUNC(DSO_F_DSO_GET_LOADED_FILENAME), "DSO_get_loaded_filename"},
-    {ERR_FUNC(DSO_F_DSO_GLOBAL_LOOKUP), "DSO_global_lookup"},
-    {ERR_FUNC(DSO_F_DSO_LOAD), "DSO_load"},
-    {ERR_FUNC(DSO_F_DSO_MERGE), "DSO_merge"},
-    {ERR_FUNC(DSO_F_DSO_NEW_METHOD), "DSO_new_method"},
-    {ERR_FUNC(DSO_F_DSO_PATHBYADDR), "DSO_pathbyaddr"},
-    {ERR_FUNC(DSO_F_DSO_SET_FILENAME), "DSO_set_filename"},
-    {ERR_FUNC(DSO_F_DSO_SET_NAME_CONVERTER), "DSO_set_name_converter"},
-    {ERR_FUNC(DSO_F_DSO_UP_REF), "DSO_up_ref"},
-    {ERR_FUNC(DSO_F_GLOBAL_LOOKUP_FUNC), "GLOBAL_LOOKUP_FUNC"},
-    {ERR_FUNC(DSO_F_PATHBYADDR), "PATHBYADDR"},
-    {ERR_FUNC(DSO_F_VMS_BIND_SYM), "VMS_BIND_SYM"},
-    {ERR_FUNC(DSO_F_VMS_LOAD), "VMS_LOAD"},
-    {ERR_FUNC(DSO_F_VMS_MERGER), "VMS_MERGER"},
-    {ERR_FUNC(DSO_F_VMS_UNLOAD), "VMS_UNLOAD"},
-    {ERR_FUNC(DSO_F_WIN32_BIND_FUNC), "WIN32_BIND_FUNC"},
-    {ERR_FUNC(DSO_F_WIN32_BIND_VAR), "WIN32_BIND_VAR"},
-    {ERR_FUNC(DSO_F_WIN32_GLOBALLOOKUP), "WIN32_GLOBALLOOKUP"},
-    {ERR_FUNC(DSO_F_WIN32_GLOBALLOOKUP_FUNC), "WIN32_GLOBALLOOKUP_FUNC"},
-    {ERR_FUNC(DSO_F_WIN32_JOINER), "WIN32_JOINER"},
-    {ERR_FUNC(DSO_F_WIN32_LOAD), "WIN32_LOAD"},
-    {ERR_FUNC(DSO_F_WIN32_MERGER), "WIN32_MERGER"},
-    {ERR_FUNC(DSO_F_WIN32_NAME_CONVERTER), "WIN32_NAME_CONVERTER"},
-    {ERR_FUNC(DSO_F_WIN32_PATHBYADDR), "WIN32_PATHBYADDR"},
-    {ERR_FUNC(DSO_F_WIN32_SPLITTER), "WIN32_SPLITTER"},
-    {ERR_FUNC(DSO_F_WIN32_UNLOAD), "WIN32_UNLOAD"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA DSO_str_reasons[] = {
-    {ERR_REASON(DSO_R_CTRL_FAILED), "control command failed"},
-    {ERR_REASON(DSO_R_DSO_ALREADY_LOADED), "dso already loaded"},
-    {ERR_REASON(DSO_R_EMPTY_FILE_STRUCTURE), "empty file structure"},
-    {ERR_REASON(DSO_R_FAILURE), "failure"},
-    {ERR_REASON(DSO_R_FILENAME_TOO_BIG), "filename too big"},
-    {ERR_REASON(DSO_R_FINISH_FAILED), "cleanup method function failed"},
-    {ERR_REASON(DSO_R_INCORRECT_FILE_SYNTAX), "incorrect file syntax"},
-    {ERR_REASON(DSO_R_LOAD_FAILED), "could not load the shared library"},
-    {ERR_REASON(DSO_R_NAME_TRANSLATION_FAILED), "name translation failed"},
-    {ERR_REASON(DSO_R_NO_FILENAME), "no filename"},
-    {ERR_REASON(DSO_R_NO_FILE_SPECIFICATION), "no file specification"},
-    {ERR_REASON(DSO_R_NULL_HANDLE), "a null shared library handle was used"},
-    {ERR_REASON(DSO_R_SET_FILENAME_FAILED), "set filename failed"},
-    {ERR_REASON(DSO_R_STACK_ERROR), "the meth_data stack is corrupt"},
-    {ERR_REASON(DSO_R_SYM_FAILURE),
-     "could not bind to the requested symbol name"},
-    {ERR_REASON(DSO_R_UNLOAD_FAILED), "could not unload the shared library"},
-    {ERR_REASON(DSO_R_UNSUPPORTED), "functionality not supported"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_DSO_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(DSO_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, DSO_str_functs);
-        ERR_load_strings(0, DSO_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/dso/dso_lib.c b/thirdparty/openssl/crypto/dso/dso_lib.c
deleted file mode 100644
index 2beb7c1ba5..0000000000
--- a/thirdparty/openssl/crypto/dso/dso_lib.c
+++ /dev/null
@@ -1,448 +0,0 @@
-/* dso_lib.c */
-/*
- * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-
-static DSO_METHOD *default_DSO_meth = NULL;
-
-DSO *DSO_new(void)
-{
-    return (DSO_new_method(NULL));
-}
-
-void DSO_set_default_method(DSO_METHOD *meth)
-{
-    default_DSO_meth = meth;
-}
-
-DSO_METHOD *DSO_get_default_method(void)
-{
-    return (default_DSO_meth);
-}
-
-DSO_METHOD *DSO_get_method(DSO *dso)
-{
-    return (dso->meth);
-}
-
-DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth)
-{
-    DSO_METHOD *mtmp;
-    mtmp = dso->meth;
-    dso->meth = meth;
-    return (mtmp);
-}
-
-DSO *DSO_new_method(DSO_METHOD *meth)
-{
-    DSO *ret;
-
-    if (default_DSO_meth == NULL)
-        /*
-         * We default to DSO_METH_openssl() which in turn defaults to
-         * stealing the "best available" method. Will fallback to
-         * DSO_METH_null() in the worst case.
-         */
-        default_DSO_meth = DSO_METHOD_openssl();
-    ret = (DSO *)OPENSSL_malloc(sizeof(DSO));
-    if (ret == NULL) {
-        DSOerr(DSO_F_DSO_NEW_METHOD, ERR_R_MALLOC_FAILURE);
-        return (NULL);
-    }
-    memset(ret, 0, sizeof(DSO));
-    ret->meth_data = sk_void_new_null();
-    if (ret->meth_data == NULL) {
-        /* sk_new doesn't generate any errors so we do */
-        DSOerr(DSO_F_DSO_NEW_METHOD, ERR_R_MALLOC_FAILURE);
-        OPENSSL_free(ret);
-        return (NULL);
-    }
-    if (meth == NULL)
-        ret->meth = default_DSO_meth;
-    else
-        ret->meth = meth;
-    ret->references = 1;
-    if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
-        sk_void_free(ret->meth_data);
-        OPENSSL_free(ret);
-        ret = NULL;
-    }
-    return (ret);
-}
-
-int DSO_free(DSO *dso)
-{
-    int i;
-
-    if (dso == NULL) {
-        DSOerr(DSO_F_DSO_FREE, ERR_R_PASSED_NULL_PARAMETER);
-        return (0);
-    }
-
-    i = CRYPTO_add(&dso->references, -1, CRYPTO_LOCK_DSO);
-#ifdef REF_PRINT
-    REF_PRINT("DSO", dso);
-#endif
-    if (i > 0)
-        return (1);
-#ifdef REF_CHECK
-    if (i < 0) {
-        fprintf(stderr, "DSO_free, bad reference count\n");
-        abort();
-    }
-#endif
-
-    if ((dso->meth->dso_unload != NULL) && !dso->meth->dso_unload(dso)) {
-        DSOerr(DSO_F_DSO_FREE, DSO_R_UNLOAD_FAILED);
-        return (0);
-    }
-
-    if ((dso->meth->finish != NULL) && !dso->meth->finish(dso)) {
-        DSOerr(DSO_F_DSO_FREE, DSO_R_FINISH_FAILED);
-        return (0);
-    }
-
-    sk_void_free(dso->meth_data);
-    if (dso->filename != NULL)
-        OPENSSL_free(dso->filename);
-    if (dso->loaded_filename != NULL)
-        OPENSSL_free(dso->loaded_filename);
-
-    OPENSSL_free(dso);
-    return (1);
-}
-
-int DSO_flags(DSO *dso)
-{
-    return ((dso == NULL) ? 0 : dso->flags);
-}
-
-int DSO_up_ref(DSO *dso)
-{
-    if (dso == NULL) {
-        DSOerr(DSO_F_DSO_UP_REF, ERR_R_PASSED_NULL_PARAMETER);
-        return (0);
-    }
-
-    CRYPTO_add(&dso->references, 1, CRYPTO_LOCK_DSO);
-    return (1);
-}
-
-DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags)
-{
-    DSO *ret;
-    int allocated = 0;
-
-    if (dso == NULL) {
-        ret = DSO_new_method(meth);
-        if (ret == NULL) {
-            DSOerr(DSO_F_DSO_LOAD, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        allocated = 1;
-        /* Pass the provided flags to the new DSO object */
-        if (DSO_ctrl(ret, DSO_CTRL_SET_FLAGS, flags, NULL) < 0) {
-            DSOerr(DSO_F_DSO_LOAD, DSO_R_CTRL_FAILED);
-            goto err;
-        }
-    } else
-        ret = dso;
-    /* Don't load if we're currently already loaded */
-    if (ret->filename != NULL) {
-        DSOerr(DSO_F_DSO_LOAD, DSO_R_DSO_ALREADY_LOADED);
-        goto err;
-    }
-    /*
-     * filename can only be NULL if we were passed a dso that already has one
-     * set.
-     */
-    if (filename != NULL)
-        if (!DSO_set_filename(ret, filename)) {
-            DSOerr(DSO_F_DSO_LOAD, DSO_R_SET_FILENAME_FAILED);
-            goto err;
-        }
-    filename = ret->filename;
-    if (filename == NULL) {
-        DSOerr(DSO_F_DSO_LOAD, DSO_R_NO_FILENAME);
-        goto err;
-    }
-    if (ret->meth->dso_load == NULL) {
-        DSOerr(DSO_F_DSO_LOAD, DSO_R_UNSUPPORTED);
-        goto err;
-    }
-    if (!ret->meth->dso_load(ret)) {
-        DSOerr(DSO_F_DSO_LOAD, DSO_R_LOAD_FAILED);
-        goto err;
-    }
-    /* Load succeeded */
-    return (ret);
- err:
-    if (allocated)
-        DSO_free(ret);
-    return (NULL);
-}
-
-void *DSO_bind_var(DSO *dso, const char *symname)
-{
-    void *ret = NULL;
-
-    if ((dso == NULL) || (symname == NULL)) {
-        DSOerr(DSO_F_DSO_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
-        return (NULL);
-    }
-    if (dso->meth->dso_bind_var == NULL) {
-        DSOerr(DSO_F_DSO_BIND_VAR, DSO_R_UNSUPPORTED);
-        return (NULL);
-    }
-    if ((ret = dso->meth->dso_bind_var(dso, symname)) == NULL) {
-        DSOerr(DSO_F_DSO_BIND_VAR, DSO_R_SYM_FAILURE);
-        return (NULL);
-    }
-    /* Success */
-    return (ret);
-}
-
-DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname)
-{
-    DSO_FUNC_TYPE ret = NULL;
-
-    if ((dso == NULL) || (symname == NULL)) {
-        DSOerr(DSO_F_DSO_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
-        return (NULL);
-    }
-    if (dso->meth->dso_bind_func == NULL) {
-        DSOerr(DSO_F_DSO_BIND_FUNC, DSO_R_UNSUPPORTED);
-        return (NULL);
-    }
-    if ((ret = dso->meth->dso_bind_func(dso, symname)) == NULL) {
-        DSOerr(DSO_F_DSO_BIND_FUNC, DSO_R_SYM_FAILURE);
-        return (NULL);
-    }
-    /* Success */
-    return (ret);
-}
-
-/*
- * I don't really like these *_ctrl functions very much to be perfectly
- * honest. For one thing, I think I have to return a negative value for any
- * error because possible DSO_ctrl() commands may return values such as
- * "size"s that can legitimately be zero (making the standard
- * "if (DSO_cmd(...))" form that works almost everywhere else fail at odd
- * times. I'd prefer "output" values to be passed by reference and the return
- * value as success/failure like usual ... but we conform when we must... :-)
- */
-long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg)
-{
-    if (dso == NULL) {
-        DSOerr(DSO_F_DSO_CTRL, ERR_R_PASSED_NULL_PARAMETER);
-        return (-1);
-    }
-    /*
-     * We should intercept certain generic commands and only pass control to
-     * the method-specific ctrl() function if it's something we don't handle.
-     */
-    switch (cmd) {
-    case DSO_CTRL_GET_FLAGS:
-        return dso->flags;
-    case DSO_CTRL_SET_FLAGS:
-        dso->flags = (int)larg;
-        return (0);
-    case DSO_CTRL_OR_FLAGS:
-        dso->flags |= (int)larg;
-        return (0);
-    default:
-        break;
-    }
-    if ((dso->meth == NULL) || (dso->meth->dso_ctrl == NULL)) {
-        DSOerr(DSO_F_DSO_CTRL, DSO_R_UNSUPPORTED);
-        return (-1);
-    }
-    return (dso->meth->dso_ctrl(dso, cmd, larg, parg));
-}
-
-int DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
-                           DSO_NAME_CONVERTER_FUNC *oldcb)
-{
-    if (dso == NULL) {
-        DSOerr(DSO_F_DSO_SET_NAME_CONVERTER, ERR_R_PASSED_NULL_PARAMETER);
-        return (0);
-    }
-    if (oldcb)
-        *oldcb = dso->name_converter;
-    dso->name_converter = cb;
-    return (1);
-}
-
-const char *DSO_get_filename(DSO *dso)
-{
-    if (dso == NULL) {
-        DSOerr(DSO_F_DSO_GET_FILENAME, ERR_R_PASSED_NULL_PARAMETER);
-        return (NULL);
-    }
-    return (dso->filename);
-}
-
-int DSO_set_filename(DSO *dso, const char *filename)
-{
-    char *copied;
-
-    if ((dso == NULL) || (filename == NULL)) {
-        DSOerr(DSO_F_DSO_SET_FILENAME, ERR_R_PASSED_NULL_PARAMETER);
-        return (0);
-    }
-    if (dso->loaded_filename) {
-        DSOerr(DSO_F_DSO_SET_FILENAME, DSO_R_DSO_ALREADY_LOADED);
-        return (0);
-    }
-    /* We'll duplicate filename */
-    copied = OPENSSL_malloc(strlen(filename) + 1);
-    if (copied == NULL) {
-        DSOerr(DSO_F_DSO_SET_FILENAME, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-    BUF_strlcpy(copied, filename, strlen(filename) + 1);
-    if (dso->filename)
-        OPENSSL_free(dso->filename);
-    dso->filename = copied;
-    return (1);
-}
-
-char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2)
-{
-    char *result = NULL;
-
-    if (dso == NULL || filespec1 == NULL) {
-        DSOerr(DSO_F_DSO_MERGE, ERR_R_PASSED_NULL_PARAMETER);
-        return (NULL);
-    }
-    if ((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0) {
-        if (dso->merger != NULL)
-            result = dso->merger(dso, filespec1, filespec2);
-        else if (dso->meth->dso_merger != NULL)
-            result = dso->meth->dso_merger(dso, filespec1, filespec2);
-    }
-    return (result);
-}
-
-char *DSO_convert_filename(DSO *dso, const char *filename)
-{
-    char *result = NULL;
-
-    if (dso == NULL) {
-        DSOerr(DSO_F_DSO_CONVERT_FILENAME, ERR_R_PASSED_NULL_PARAMETER);
-        return (NULL);
-    }
-    if (filename == NULL)
-        filename = dso->filename;
-    if (filename == NULL) {
-        DSOerr(DSO_F_DSO_CONVERT_FILENAME, DSO_R_NO_FILENAME);
-        return (NULL);
-    }
-    if ((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0) {
-        if (dso->name_converter != NULL)
-            result = dso->name_converter(dso, filename);
-        else if (dso->meth->dso_name_converter != NULL)
-            result = dso->meth->dso_name_converter(dso, filename);
-    }
-    if (result == NULL) {
-        result = OPENSSL_malloc(strlen(filename) + 1);
-        if (result == NULL) {
-            DSOerr(DSO_F_DSO_CONVERT_FILENAME, ERR_R_MALLOC_FAILURE);
-            return (NULL);
-        }
-        BUF_strlcpy(result, filename, strlen(filename) + 1);
-    }
-    return (result);
-}
-
-const char *DSO_get_loaded_filename(DSO *dso)
-{
-    if (dso == NULL) {
-        DSOerr(DSO_F_DSO_GET_LOADED_FILENAME, ERR_R_PASSED_NULL_PARAMETER);
-        return (NULL);
-    }
-    return (dso->loaded_filename);
-}
-
-int DSO_pathbyaddr(void *addr, char *path, int sz)
-{
-    DSO_METHOD *meth = default_DSO_meth;
-    if (meth == NULL)
-        meth = DSO_METHOD_openssl();
-    if (meth->pathbyaddr == NULL) {
-        DSOerr(DSO_F_DSO_PATHBYADDR, DSO_R_UNSUPPORTED);
-        return -1;
-    }
-    return (*meth->pathbyaddr) (addr, path, sz);
-}
-
-void *DSO_global_lookup(const char *name)
-{
-    DSO_METHOD *meth = default_DSO_meth;
-    if (meth == NULL)
-        meth = DSO_METHOD_openssl();
-    if (meth->globallookup == NULL) {
-        DSOerr(DSO_F_DSO_GLOBAL_LOOKUP, DSO_R_UNSUPPORTED);
-        return NULL;
-    }
-    return (*meth->globallookup) (name);
-}
diff --git a/thirdparty/openssl/crypto/dso/dso_null.c b/thirdparty/openssl/crypto/dso/dso_null.c
deleted file mode 100644
index 20122d1cab..0000000000
--- a/thirdparty/openssl/crypto/dso/dso_null.c
+++ /dev/null
@@ -1,92 +0,0 @@
-/* dso_null.c */
-/*
- * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * This "NULL" method is provided as the fallback for systems that have no
- * appropriate support for "shared-libraries".
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-
-static DSO_METHOD dso_meth_null = {
-    "NULL shared library method",
-    NULL,                       /* load */
-    NULL,                       /* unload */
-    NULL,                       /* bind_var */
-    NULL,                       /* bind_func */
-/* For now, "unbind" doesn't exist */
-#if 0
-    NULL,                       /* unbind_var */
-    NULL,                       /* unbind_func */
-#endif
-    NULL,                       /* ctrl */
-    NULL,                       /* dso_name_converter */
-    NULL,                       /* dso_merger */
-    NULL,                       /* init */
-    NULL,                       /* finish */
-    NULL,                       /* pathbyaddr */
-    NULL                        /* globallookup */
-};
-
-DSO_METHOD *DSO_METHOD_null(void)
-{
-    return (&dso_meth_null);
-}
diff --git a/thirdparty/openssl/crypto/dso/dso_openssl.c b/thirdparty/openssl/crypto/dso/dso_openssl.c
deleted file mode 100644
index 087e989e1c..0000000000
--- a/thirdparty/openssl/crypto/dso/dso_openssl.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* dso_openssl.c */
-/*
- * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-
-/* We just pinch the method from an appropriate "default" method. */
-
-DSO_METHOD *DSO_METHOD_openssl(void)
-{
-#ifdef DEF_DSO_METHOD
-    return (DEF_DSO_METHOD());
-#elif defined(DSO_DLFCN)
-    return (DSO_METHOD_dlfcn());
-#elif defined(DSO_DL)
-    return (DSO_METHOD_dl());
-#elif defined(DSO_WIN32)
-    return (DSO_METHOD_win32());
-#elif defined(DSO_VMS)
-    return (DSO_METHOD_vms());
-#elif defined(DSO_BEOS)
-    return (DSO_METHOD_beos());
-#else
-    return (DSO_METHOD_null());
-#endif
-}
diff --git a/thirdparty/openssl/crypto/dso/dso_vms.c b/thirdparty/openssl/crypto/dso/dso_vms.c
deleted file mode 100644
index 1efd84b945..0000000000
--- a/thirdparty/openssl/crypto/dso/dso_vms.c
+++ /dev/null
@@ -1,547 +0,0 @@
-/* dso_vms.c */
-/*
- * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-
-#ifndef OPENSSL_SYS_VMS
-DSO_METHOD *DSO_METHOD_vms(void)
-{
-    return NULL;
-}
-#else
-
-# pragma message disable DOLLARID
-# include <rms.h>
-# include <lib$routines.h>
-# include <stsdef.h>
-# include <descrip.h>
-# include <starlet.h>
-# include "vms_rms.h"
-
-/* Some compiler options may mask the declaration of "_malloc32". */
-# if __INITIAL_POINTER_SIZE && defined _ANSI_C_SOURCE
-#  if __INITIAL_POINTER_SIZE == 64
-#   pragma pointer_size save
-#   pragma pointer_size 32
-void *_malloc32(__size_t);
-#   pragma pointer_size restore
-#  endif                        /* __INITIAL_POINTER_SIZE == 64 */
-# endif                         /* __INITIAL_POINTER_SIZE && defined
-                                 * _ANSI_C_SOURCE */
-
-# pragma message disable DOLLARID
-
-static int vms_load(DSO *dso);
-static int vms_unload(DSO *dso);
-static void *vms_bind_var(DSO *dso, const char *symname);
-static DSO_FUNC_TYPE vms_bind_func(DSO *dso, const char *symname);
-# if 0
-static int vms_unbind_var(DSO *dso, char *symname, void *symptr);
-static int vms_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
-static int vms_init(DSO *dso);
-static int vms_finish(DSO *dso);
-static long vms_ctrl(DSO *dso, int cmd, long larg, void *parg);
-# endif
-static char *vms_name_converter(DSO *dso, const char *filename);
-static char *vms_merger(DSO *dso, const char *filespec1,
-                        const char *filespec2);
-
-static DSO_METHOD dso_meth_vms = {
-    "OpenSSL 'VMS' shared library method",
-    vms_load,
-    NULL,                       /* unload */
-    vms_bind_var,
-    vms_bind_func,
-/* For now, "unbind" doesn't exist */
-# if 0
-    NULL,                       /* unbind_var */
-    NULL,                       /* unbind_func */
-# endif
-    NULL,                       /* ctrl */
-    vms_name_converter,
-    vms_merger,
-    NULL,                       /* init */
-    NULL                        /* finish */
-};
-
-/*
- * On VMS, the only "handle" is the file name.  LIB$FIND_IMAGE_SYMBOL depends
- * on the reference to the file name being the same for all calls regarding
- * one shared image, so we'll just store it in an instance of the following
- * structure and put a pointer to that instance in the meth_data stack.
- */
-typedef struct dso_internal_st {
-    /*
-     * This should contain the name only, no directory, no extension, nothing
-     * but a name.
-     */
-    struct dsc$descriptor_s filename_dsc;
-    char filename[NAMX_MAXRSS + 1];
-    /*
-     * This contains whatever is not in filename, if needed. Normally not
-     * defined.
-     */
-    struct dsc$descriptor_s imagename_dsc;
-    char imagename[NAMX_MAXRSS + 1];
-} DSO_VMS_INTERNAL;
-
-DSO_METHOD *DSO_METHOD_vms(void)
-{
-    return (&dso_meth_vms);
-}
-
-static int vms_load(DSO *dso)
-{
-    void *ptr = NULL;
-    /* See applicable comments in dso_dl.c */
-    char *filename = DSO_convert_filename(dso, NULL);
-
-/* Ensure 32-bit pointer for "p", and appropriate malloc() function. */
-# if __INITIAL_POINTER_SIZE == 64
-#  define DSO_MALLOC _malloc32
-#  pragma pointer_size save
-#  pragma pointer_size 32
-# else                          /* __INITIAL_POINTER_SIZE == 64 */
-#  define DSO_MALLOC OPENSSL_malloc
-# endif                         /* __INITIAL_POINTER_SIZE == 64 [else] */
-
-    DSO_VMS_INTERNAL *p = NULL;
-
-# if __INITIAL_POINTER_SIZE == 64
-#  pragma pointer_size restore
-# endif                         /* __INITIAL_POINTER_SIZE == 64 */
-
-    const char *sp1, *sp2;      /* Search result */
-    const char *ext = NULL;	/* possible extension to add */
-
-    if (filename == NULL) {
-        DSOerr(DSO_F_VMS_LOAD, DSO_R_NO_FILENAME);
-        goto err;
-    }
-
-    /*-
-     * A file specification may look like this:
-     *
-     *      node::dev:[dir-spec]name.type;ver
-     *
-     * or (for compatibility with TOPS-20):
-     *
-     *      node::dev:<dir-spec>name.type;ver
-     *
-     * and the dir-spec uses '.' as separator.  Also, a dir-spec
-     * may consist of several parts, with mixed use of [] and <>:
-     *
-     *      [dir1.]<dir2>
-     *
-     * We need to split the file specification into the name and
-     * the rest (both before and after the name itself).
-     */
-    /*
-     * Start with trying to find the end of a dir-spec, and save the position
-     * of the byte after in sp1
-     */
-    sp1 = strrchr(filename, ']');
-    sp2 = strrchr(filename, '>');
-    if (sp1 == NULL)
-        sp1 = sp2;
-    if (sp2 != NULL && sp2 > sp1)
-        sp1 = sp2;
-    if (sp1 == NULL)
-        sp1 = strrchr(filename, ':');
-    if (sp1 == NULL)
-        sp1 = filename;
-    else
-        sp1++;                  /* The byte after the found character */
-    /* Now, let's see if there's a type, and save the position in sp2 */
-    sp2 = strchr(sp1, '.');
-    /*
-     * If there is a period and the next character is a semi-colon,
-     * we need to add an extension
-     */
-    if (sp2 != NULL && sp2[1] == ';')
-        ext = ".EXE";
-    /*
-     * If we found it, that's where we'll cut.  Otherwise, look for a version
-     * number and save the position in sp2
-     */
-    if (sp2 == NULL) {
-        sp2 = strchr(sp1, ';');
-        ext = ".EXE";
-    }
-    /*
-     * If there was still nothing to find, set sp2 to point at the end of the
-     * string
-     */
-    if (sp2 == NULL)
-        sp2 = sp1 + strlen(sp1);
-
-    /* Check that we won't get buffer overflows */
-    if (sp2 - sp1 > FILENAME_MAX
-        || (sp1 - filename) + strlen(sp2) > FILENAME_MAX) {
-        DSOerr(DSO_F_VMS_LOAD, DSO_R_FILENAME_TOO_BIG);
-        goto err;
-    }
-
-    p = DSO_MALLOC(sizeof(DSO_VMS_INTERNAL));
-    if (p == NULL) {
-        DSOerr(DSO_F_VMS_LOAD, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    strncpy(p->filename, sp1, sp2 - sp1);
-    p->filename[sp2 - sp1] = '\0';
-
-    strncpy(p->imagename, filename, sp1 - filename);
-    p->imagename[sp1 - filename] = '\0';
-    if (ext) {
-        strcat(p->imagename, ext);
-        if (*sp2 == '.')
-            sp2++;
-    }
-    strcat(p->imagename, sp2);
-
-    p->filename_dsc.dsc$w_length = strlen(p->filename);
-    p->filename_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
-    p->filename_dsc.dsc$b_class = DSC$K_CLASS_S;
-    p->filename_dsc.dsc$a_pointer = p->filename;
-    p->imagename_dsc.dsc$w_length = strlen(p->imagename);
-    p->imagename_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
-    p->imagename_dsc.dsc$b_class = DSC$K_CLASS_S;
-    p->imagename_dsc.dsc$a_pointer = p->imagename;
-
-    if (!sk_void_push(dso->meth_data, (char *)p)) {
-        DSOerr(DSO_F_VMS_LOAD, DSO_R_STACK_ERROR);
-        goto err;
-    }
-
-    /* Success (for now, we lie.  We actually do not know...) */
-    dso->loaded_filename = filename;
-    return (1);
- err:
-    /* Cleanup! */
-    if (p != NULL)
-        OPENSSL_free(p);
-    if (filename != NULL)
-        OPENSSL_free(filename);
-    return (0);
-}
-
-/*
- * Note that this doesn't actually unload the shared image, as there is no
- * such thing in VMS.  Next time it get loaded again, a new copy will
- * actually be loaded.
- */
-static int vms_unload(DSO *dso)
-{
-    DSO_VMS_INTERNAL *p;
-    if (dso == NULL) {
-        DSOerr(DSO_F_VMS_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
-        return (0);
-    }
-    if (sk_void_num(dso->meth_data) < 1)
-        return (1);
-    p = (DSO_VMS_INTERNAL *)sk_void_pop(dso->meth_data);
-    if (p == NULL) {
-        DSOerr(DSO_F_VMS_UNLOAD, DSO_R_NULL_HANDLE);
-        return (0);
-    }
-    /* Cleanup */
-    OPENSSL_free(p);
-    return (1);
-}
-
-/*
- * We must do this in a separate function because of the way the exception
- * handler works (it makes this function return
- */
-static int do_find_symbol(DSO_VMS_INTERNAL *ptr,
-                          struct dsc$descriptor_s *symname_dsc, void **sym,
-                          unsigned long flags)
-{
-    /*
-     * Make sure that signals are caught and returned instead of aborting the
-     * program.  The exception handler gets unestablished automatically on
-     * return from this function.
-     */
-    lib$establish(lib$sig_to_ret);
-
-    if (ptr->imagename_dsc.dsc$w_length)
-        return lib$find_image_symbol(&ptr->filename_dsc,
-                                     symname_dsc, sym,
-                                     &ptr->imagename_dsc, flags);
-    else
-        return lib$find_image_symbol(&ptr->filename_dsc,
-                                     symname_dsc, sym, 0, flags);
-}
-
-void vms_bind_sym(DSO *dso, const char *symname, void **sym)
-{
-    DSO_VMS_INTERNAL *ptr;
-    int status;
-# if 0
-    int flags = (1 << 4);       /* LIB$M_FIS_MIXEDCASE, but this symbol isn't
-                                 * defined in VMS older than 7.0 or so */
-# else
-    int flags = 0;
-# endif
-    struct dsc$descriptor_s symname_dsc;
-
-/* Arrange 32-bit pointer to (copied) string storage, if needed. */
-# if __INITIAL_POINTER_SIZE == 64
-#  define SYMNAME symname_32p
-#  pragma pointer_size save
-#  pragma pointer_size 32
-    char *symname_32p;
-#  pragma pointer_size restore
-    char symname_32[NAMX_MAXRSS + 1];
-# else                          /* __INITIAL_POINTER_SIZE == 64 */
-#  define SYMNAME ((char *) symname)
-# endif                         /* __INITIAL_POINTER_SIZE == 64 [else] */
-
-    *sym = NULL;
-
-    if ((dso == NULL) || (symname == NULL)) {
-        DSOerr(DSO_F_VMS_BIND_SYM, ERR_R_PASSED_NULL_PARAMETER);
-        return;
-    }
-# if __INITIAL_POINTER_SIZE == 64
-    /* Copy the symbol name to storage with a 32-bit pointer. */
-    symname_32p = symname_32;
-    strcpy(symname_32p, symname);
-# endif                         /* __INITIAL_POINTER_SIZE == 64 [else] */
-
-    symname_dsc.dsc$w_length = strlen(SYMNAME);
-    symname_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
-    symname_dsc.dsc$b_class = DSC$K_CLASS_S;
-    symname_dsc.dsc$a_pointer = SYMNAME;
-
-    if (sk_void_num(dso->meth_data) < 1) {
-        DSOerr(DSO_F_VMS_BIND_SYM, DSO_R_STACK_ERROR);
-        return;
-    }
-    ptr = (DSO_VMS_INTERNAL *)sk_void_value(dso->meth_data,
-                                            sk_void_num(dso->meth_data) - 1);
-    if (ptr == NULL) {
-        DSOerr(DSO_F_VMS_BIND_SYM, DSO_R_NULL_HANDLE);
-        return;
-    }
-
-    if (dso->flags & DSO_FLAG_UPCASE_SYMBOL)
-        flags = 0;
-
-    status = do_find_symbol(ptr, &symname_dsc, sym, flags);
-
-    if (!$VMS_STATUS_SUCCESS(status)) {
-        unsigned short length;
-        char errstring[257];
-        struct dsc$descriptor_s errstring_dsc;
-
-        errstring_dsc.dsc$w_length = sizeof(errstring);
-        errstring_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
-        errstring_dsc.dsc$b_class = DSC$K_CLASS_S;
-        errstring_dsc.dsc$a_pointer = errstring;
-
-        *sym = NULL;
-
-        status = sys$getmsg(status, &length, &errstring_dsc, 1, 0);
-
-        if (!$VMS_STATUS_SUCCESS(status))
-            lib$signal(status); /* This is really bad.  Abort! */
-        else {
-            errstring[length] = '\0';
-
-            DSOerr(DSO_F_VMS_BIND_SYM, DSO_R_SYM_FAILURE);
-            if (ptr->imagename_dsc.dsc$w_length)
-                ERR_add_error_data(9,
-                                   "Symbol ", symname,
-                                   " in ", ptr->filename,
-                                   " (", ptr->imagename, ")",
-                                   ": ", errstring);
-            else
-                ERR_add_error_data(6,
-                                   "Symbol ", symname,
-                                   " in ", ptr->filename, ": ", errstring);
-        }
-        return;
-    }
-    return;
-}
-
-static void *vms_bind_var(DSO *dso, const char *symname)
-{
-    void *sym = 0;
-    vms_bind_sym(dso, symname, &sym);
-    return sym;
-}
-
-static DSO_FUNC_TYPE vms_bind_func(DSO *dso, const char *symname)
-{
-    DSO_FUNC_TYPE sym = 0;
-    vms_bind_sym(dso, symname, (void **)&sym);
-    return sym;
-}
-
-static char *vms_merger(DSO *dso, const char *filespec1,
-                        const char *filespec2)
-{
-    int status;
-    int filespec1len, filespec2len;
-    struct FAB fab;
-    struct NAMX_STRUCT nam;
-    char esa[NAMX_MAXRSS + 1];
-    char *merged;
-
-/* Arrange 32-bit pointer to (copied) string storage, if needed. */
-# if __INITIAL_POINTER_SIZE == 64
-#  define FILESPEC1 filespec1_32p;
-#  define FILESPEC2 filespec2_32p;
-#  pragma pointer_size save
-#  pragma pointer_size 32
-    char *filespec1_32p;
-    char *filespec2_32p;
-#  pragma pointer_size restore
-    char filespec1_32[NAMX_MAXRSS + 1];
-    char filespec2_32[NAMX_MAXRSS + 1];
-# else                          /* __INITIAL_POINTER_SIZE == 64 */
-#  define FILESPEC1 ((char *) filespec1)
-#  define FILESPEC2 ((char *) filespec2)
-# endif                         /* __INITIAL_POINTER_SIZE == 64 [else] */
-
-    if (!filespec1)
-        filespec1 = "";
-    if (!filespec2)
-        filespec2 = "";
-    filespec1len = strlen(filespec1);
-    filespec2len = strlen(filespec2);
-
-# if __INITIAL_POINTER_SIZE == 64
-    /* Copy the file names to storage with a 32-bit pointer. */
-    filespec1_32p = filespec1_32;
-    filespec2_32p = filespec2_32;
-    strcpy(filespec1_32p, filespec1);
-    strcpy(filespec2_32p, filespec2);
-# endif                         /* __INITIAL_POINTER_SIZE == 64 [else] */
-
-    fab = cc$rms_fab;
-    nam = CC_RMS_NAMX;
-
-    FAB_OR_NAML(fab, nam).FAB_OR_NAML_FNA = FILESPEC1;
-    FAB_OR_NAML(fab, nam).FAB_OR_NAML_FNS = filespec1len;
-    FAB_OR_NAML(fab, nam).FAB_OR_NAML_DNA = FILESPEC2;
-    FAB_OR_NAML(fab, nam).FAB_OR_NAML_DNS = filespec2len;
-    NAMX_DNA_FNA_SET(fab)
-
-        nam.NAMX_ESA = esa;
-    nam.NAMX_ESS = NAMX_MAXRSS;
-    nam.NAMX_NOP = NAM$M_SYNCHK | NAM$M_PWD;
-    SET_NAMX_NO_SHORT_UPCASE(nam);
-
-    fab.FAB_NAMX = &nam;
-
-    status = sys$parse(&fab, 0, 0);
-
-    if (!$VMS_STATUS_SUCCESS(status)) {
-        unsigned short length;
-        char errstring[257];
-        struct dsc$descriptor_s errstring_dsc;
-
-        errstring_dsc.dsc$w_length = sizeof(errstring);
-        errstring_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
-        errstring_dsc.dsc$b_class = DSC$K_CLASS_S;
-        errstring_dsc.dsc$a_pointer = errstring;
-
-        status = sys$getmsg(status, &length, &errstring_dsc, 1, 0);
-
-        if (!$VMS_STATUS_SUCCESS(status))
-            lib$signal(status); /* This is really bad.  Abort! */
-        else {
-            errstring[length] = '\0';
-
-            DSOerr(DSO_F_VMS_MERGER, DSO_R_FAILURE);
-            ERR_add_error_data(7,
-                               "filespec \"", filespec1, "\", ",
-                               "defaults \"", filespec2, "\": ", errstring);
-        }
-        return (NULL);
-    }
-
-    merged = OPENSSL_malloc(nam.NAMX_ESL + 1);
-    if (!merged)
-        goto malloc_err;
-    strncpy(merged, nam.NAMX_ESA, nam.NAMX_ESL);
-    merged[nam.NAMX_ESL] = '\0';
-    return (merged);
- malloc_err:
-    DSOerr(DSO_F_VMS_MERGER, ERR_R_MALLOC_FAILURE);
-}
-
-static char *vms_name_converter(DSO *dso, const char *filename)
-{
-    int len = strlen(filename);
-    char *not_translated = OPENSSL_malloc(len + 1);
-    if (not_translated)
-        strcpy(not_translated, filename);
-    return (not_translated);
-}
-
-#endif                          /* OPENSSL_SYS_VMS */
diff --git a/thirdparty/openssl/crypto/dso/dso_win32.c b/thirdparty/openssl/crypto/dso/dso_win32.c
deleted file mode 100644
index 706e754a3f..0000000000
--- a/thirdparty/openssl/crypto/dso/dso_win32.c
+++ /dev/null
@@ -1,788 +0,0 @@
-/* dso_win32.c */
-/*
- * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-
-#if !defined(DSO_WIN32)
-DSO_METHOD *DSO_METHOD_win32(void)
-{
-    return NULL;
-}
-#else
-
-# ifdef _WIN32_WCE
-#  if _WIN32_WCE < 300
-static FARPROC GetProcAddressA(HMODULE hModule, LPCSTR lpProcName)
-{
-    WCHAR lpProcNameW[64];
-    int i;
-
-    for (i = 0; lpProcName[i] && i < 64; i++)
-        lpProcNameW[i] = (WCHAR)lpProcName[i];
-    if (i == 64)
-        return NULL;
-    lpProcNameW[i] = 0;
-
-    return GetProcAddressW(hModule, lpProcNameW);
-}
-#  endif
-#  undef GetProcAddress
-#  define GetProcAddress GetProcAddressA
-
-static HINSTANCE LoadLibraryA(LPCSTR lpLibFileName)
-{
-    WCHAR *fnamw;
-    size_t len_0 = strlen(lpLibFileName) + 1, i;
-
-#  ifdef _MSC_VER
-    fnamw = (WCHAR *)_alloca(len_0 * sizeof(WCHAR));
-#  else
-    fnamw = (WCHAR *)alloca(len_0 * sizeof(WCHAR));
-#  endif
-    if (fnamw == NULL) {
-        SetLastError(ERROR_NOT_ENOUGH_MEMORY);
-        return NULL;
-    }
-#  if defined(_WIN32_WCE) && _WIN32_WCE>=101
-    if (!MultiByteToWideChar(CP_ACP, 0, lpLibFileName, len_0, fnamw, len_0))
-#  endif
-        for (i = 0; i < len_0; i++)
-            fnamw[i] = (WCHAR)lpLibFileName[i];
-
-    return LoadLibraryW(fnamw);
-}
-# endif
-
-/* Part of the hack in "win32_load" ... */
-# define DSO_MAX_TRANSLATED_SIZE 256
-
-static int win32_load(DSO *dso);
-static int win32_unload(DSO *dso);
-static void *win32_bind_var(DSO *dso, const char *symname);
-static DSO_FUNC_TYPE win32_bind_func(DSO *dso, const char *symname);
-# if 0
-static int win32_unbind_var(DSO *dso, char *symname, void *symptr);
-static int win32_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
-static int win32_init(DSO *dso);
-static int win32_finish(DSO *dso);
-static long win32_ctrl(DSO *dso, int cmd, long larg, void *parg);
-# endif
-static char *win32_name_converter(DSO *dso, const char *filename);
-static char *win32_merger(DSO *dso, const char *filespec1,
-                          const char *filespec2);
-static int win32_pathbyaddr(void *addr, char *path, int sz);
-static void *win32_globallookup(const char *name);
-
-static const char *openssl_strnchr(const char *string, int c, size_t len);
-
-static DSO_METHOD dso_meth_win32 = {
-    "OpenSSL 'win32' shared library method",
-    win32_load,
-    win32_unload,
-    win32_bind_var,
-    win32_bind_func,
-/* For now, "unbind" doesn't exist */
-# if 0
-    NULL,                       /* unbind_var */
-    NULL,                       /* unbind_func */
-# endif
-    NULL,                       /* ctrl */
-    win32_name_converter,
-    win32_merger,
-    NULL,                       /* init */
-    NULL,                       /* finish */
-    win32_pathbyaddr,
-    win32_globallookup
-};
-
-DSO_METHOD *DSO_METHOD_win32(void)
-{
-    return (&dso_meth_win32);
-}
-
-/*
- * For this DSO_METHOD, our meth_data STACK will contain; (i) a pointer to
- * the handle (HINSTANCE) returned from LoadLibrary(), and copied.
- */
-
-static int win32_load(DSO *dso)
-{
-    HINSTANCE h = NULL, *p = NULL;
-    /* See applicable comments from dso_dl.c */
-    char *filename = DSO_convert_filename(dso, NULL);
-
-    if (filename == NULL) {
-        DSOerr(DSO_F_WIN32_LOAD, DSO_R_NO_FILENAME);
-        goto err;
-    }
-    h = LoadLibraryA(filename);
-    if (h == NULL) {
-        DSOerr(DSO_F_WIN32_LOAD, DSO_R_LOAD_FAILED);
-        ERR_add_error_data(3, "filename(", filename, ")");
-        goto err;
-    }
-    p = (HINSTANCE *) OPENSSL_malloc(sizeof(HINSTANCE));
-    if (p == NULL) {
-        DSOerr(DSO_F_WIN32_LOAD, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    *p = h;
-    if (!sk_void_push(dso->meth_data, p)) {
-        DSOerr(DSO_F_WIN32_LOAD, DSO_R_STACK_ERROR);
-        goto err;
-    }
-    /* Success */
-    dso->loaded_filename = filename;
-    return (1);
- err:
-    /* Cleanup ! */
-    if (filename != NULL)
-        OPENSSL_free(filename);
-    if (p != NULL)
-        OPENSSL_free(p);
-    if (h != NULL)
-        FreeLibrary(h);
-    return (0);
-}
-
-static int win32_unload(DSO *dso)
-{
-    HINSTANCE *p;
-    if (dso == NULL) {
-        DSOerr(DSO_F_WIN32_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
-        return (0);
-    }
-    if (sk_void_num(dso->meth_data) < 1)
-        return (1);
-    p = sk_void_pop(dso->meth_data);
-    if (p == NULL) {
-        DSOerr(DSO_F_WIN32_UNLOAD, DSO_R_NULL_HANDLE);
-        return (0);
-    }
-    if (!FreeLibrary(*p)) {
-        DSOerr(DSO_F_WIN32_UNLOAD, DSO_R_UNLOAD_FAILED);
-        /*
-         * We should push the value back onto the stack in case of a retry.
-         */
-        sk_void_push(dso->meth_data, p);
-        return (0);
-    }
-    /* Cleanup */
-    OPENSSL_free(p);
-    return (1);
-}
-
-/*
- * Using GetProcAddress for variables? TODO: Check this out in the Win32 API
- * docs, there's probably a variant for variables.
- */
-static void *win32_bind_var(DSO *dso, const char *symname)
-{
-    HINSTANCE *ptr;
-    void *sym;
-
-    if ((dso == NULL) || (symname == NULL)) {
-        DSOerr(DSO_F_WIN32_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
-        return (NULL);
-    }
-    if (sk_void_num(dso->meth_data) < 1) {
-        DSOerr(DSO_F_WIN32_BIND_VAR, DSO_R_STACK_ERROR);
-        return (NULL);
-    }
-    ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
-    if (ptr == NULL) {
-        DSOerr(DSO_F_WIN32_BIND_VAR, DSO_R_NULL_HANDLE);
-        return (NULL);
-    }
-    sym = GetProcAddress(*ptr, symname);
-    if (sym == NULL) {
-        DSOerr(DSO_F_WIN32_BIND_VAR, DSO_R_SYM_FAILURE);
-        ERR_add_error_data(3, "symname(", symname, ")");
-        return (NULL);
-    }
-    return (sym);
-}
-
-static DSO_FUNC_TYPE win32_bind_func(DSO *dso, const char *symname)
-{
-    HINSTANCE *ptr;
-    void *sym;
-
-    if ((dso == NULL) || (symname == NULL)) {
-        DSOerr(DSO_F_WIN32_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
-        return (NULL);
-    }
-    if (sk_void_num(dso->meth_data) < 1) {
-        DSOerr(DSO_F_WIN32_BIND_FUNC, DSO_R_STACK_ERROR);
-        return (NULL);
-    }
-    ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
-    if (ptr == NULL) {
-        DSOerr(DSO_F_WIN32_BIND_FUNC, DSO_R_NULL_HANDLE);
-        return (NULL);
-    }
-    sym = GetProcAddress(*ptr, symname);
-    if (sym == NULL) {
-        DSOerr(DSO_F_WIN32_BIND_FUNC, DSO_R_SYM_FAILURE);
-        ERR_add_error_data(3, "symname(", symname, ")");
-        return (NULL);
-    }
-    return ((DSO_FUNC_TYPE)sym);
-}
-
-struct file_st {
-    const char *node;
-    int nodelen;
-    const char *device;
-    int devicelen;
-    const char *predir;
-    int predirlen;
-    const char *dir;
-    int dirlen;
-    const char *file;
-    int filelen;
-};
-
-static struct file_st *win32_splitter(DSO *dso, const char *filename,
-                                      int assume_last_is_dir)
-{
-    struct file_st *result = NULL;
-    enum { IN_NODE, IN_DEVICE, IN_FILE } position;
-    const char *start = filename;
-    char last;
-
-    if (!filename) {
-        DSOerr(DSO_F_WIN32_SPLITTER, DSO_R_NO_FILENAME);
-        /*
-         * goto err;
-         */
-        return (NULL);
-    }
-
-    result = OPENSSL_malloc(sizeof(struct file_st));
-    if (result == NULL) {
-        DSOerr(DSO_F_WIN32_SPLITTER, ERR_R_MALLOC_FAILURE);
-        return (NULL);
-    }
-
-    memset(result, 0, sizeof(struct file_st));
-    position = IN_DEVICE;
-
-    if ((filename[0] == '\\' && filename[1] == '\\')
-        || (filename[0] == '/' && filename[1] == '/')) {
-        position = IN_NODE;
-        filename += 2;
-        start = filename;
-        result->node = start;
-    }
-
-    do {
-        last = filename[0];
-        switch (last) {
-        case ':':
-            if (position != IN_DEVICE) {
-                DSOerr(DSO_F_WIN32_SPLITTER, DSO_R_INCORRECT_FILE_SYNTAX);
-                /*
-                 * goto err;
-                 */
-                OPENSSL_free(result);
-                return (NULL);
-            }
-            result->device = start;
-            result->devicelen = (int)(filename - start);
-            position = IN_FILE;
-            start = ++filename;
-            result->dir = start;
-            break;
-        case '\\':
-        case '/':
-            if (position == IN_NODE) {
-                result->nodelen = (int)(filename - start);
-                position = IN_FILE;
-                start = ++filename;
-                result->dir = start;
-            } else if (position == IN_DEVICE) {
-                position = IN_FILE;
-                filename++;
-                result->dir = start;
-                result->dirlen = (int)(filename - start);
-                start = filename;
-            } else {
-                filename++;
-                result->dirlen += (int)(filename - start);
-                start = filename;
-            }
-            break;
-        case '\0':
-            if (position == IN_NODE) {
-                result->nodelen = (int)(filename - start);
-            } else {
-                if (filename - start > 0) {
-                    if (assume_last_is_dir) {
-                        if (position == IN_DEVICE) {
-                            result->dir = start;
-                            result->dirlen = 0;
-                        }
-                        result->dirlen += (int)(filename - start);
-                    } else {
-                        result->file = start;
-                        result->filelen = (int)(filename - start);
-                    }
-                }
-            }
-            break;
-        default:
-            filename++;
-            break;
-        }
-    }
-    while (last);
-
-    if (!result->nodelen)
-        result->node = NULL;
-    if (!result->devicelen)
-        result->device = NULL;
-    if (!result->dirlen)
-        result->dir = NULL;
-    if (!result->filelen)
-        result->file = NULL;
-
-    return (result);
-}
-
-static char *win32_joiner(DSO *dso, const struct file_st *file_split)
-{
-    int len = 0, offset = 0;
-    char *result = NULL;
-    const char *start;
-
-    if (!file_split) {
-        DSOerr(DSO_F_WIN32_JOINER, ERR_R_PASSED_NULL_PARAMETER);
-        return (NULL);
-    }
-    if (file_split->node) {
-        len += 2 + file_split->nodelen; /* 2 for starting \\ */
-        if (file_split->predir || file_split->dir || file_split->file)
-            len++;              /* 1 for ending \ */
-    } else if (file_split->device) {
-        len += file_split->devicelen + 1; /* 1 for ending : */
-    }
-    len += file_split->predirlen;
-    if (file_split->predir && (file_split->dir || file_split->file)) {
-        len++;                  /* 1 for ending \ */
-    }
-    len += file_split->dirlen;
-    if (file_split->dir && file_split->file) {
-        len++;                  /* 1 for ending \ */
-    }
-    len += file_split->filelen;
-
-    if (!len) {
-        DSOerr(DSO_F_WIN32_JOINER, DSO_R_EMPTY_FILE_STRUCTURE);
-        return (NULL);
-    }
-
-    result = OPENSSL_malloc(len + 1);
-    if (!result) {
-        DSOerr(DSO_F_WIN32_JOINER, ERR_R_MALLOC_FAILURE);
-        return (NULL);
-    }
-
-    if (file_split->node) {
-        strcpy(&result[offset], "\\\\");
-        offset += 2;
-        strncpy(&result[offset], file_split->node, file_split->nodelen);
-        offset += file_split->nodelen;
-        if (file_split->predir || file_split->dir || file_split->file) {
-            result[offset] = '\\';
-            offset++;
-        }
-    } else if (file_split->device) {
-        strncpy(&result[offset], file_split->device, file_split->devicelen);
-        offset += file_split->devicelen;
-        result[offset] = ':';
-        offset++;
-    }
-    start = file_split->predir;
-    while (file_split->predirlen > (start - file_split->predir)) {
-        const char *end = openssl_strnchr(start, '/',
-                                          file_split->predirlen - (start -
-                                                                   file_split->predir));
-        if (!end)
-            end = start
-                + file_split->predirlen - (start - file_split->predir);
-        strncpy(&result[offset], start, end - start);
-        offset += (int)(end - start);
-        result[offset] = '\\';
-        offset++;
-        start = end + 1;
-    }
-# if 0                          /* Not needed, since the directory converter
-                                 * above already appeneded a backslash */
-    if (file_split->predir && (file_split->dir || file_split->file)) {
-        result[offset] = '\\';
-        offset++;
-    }
-# endif
-    start = file_split->dir;
-    while (file_split->dirlen > (start - file_split->dir)) {
-        const char *end = openssl_strnchr(start, '/',
-                                          file_split->dirlen - (start -
-                                                                file_split->dir));
-        if (!end)
-            end = start + file_split->dirlen - (start - file_split->dir);
-        strncpy(&result[offset], start, end - start);
-        offset += (int)(end - start);
-        result[offset] = '\\';
-        offset++;
-        start = end + 1;
-    }
-# if 0                          /* Not needed, since the directory converter
-                                 * above already appeneded a backslash */
-    if (file_split->dir && file_split->file) {
-        result[offset] = '\\';
-        offset++;
-    }
-# endif
-    strncpy(&result[offset], file_split->file, file_split->filelen);
-    offset += file_split->filelen;
-    result[offset] = '\0';
-    return (result);
-}
-
-static char *win32_merger(DSO *dso, const char *filespec1,
-                          const char *filespec2)
-{
-    char *merged = NULL;
-    struct file_st *filespec1_split = NULL;
-    struct file_st *filespec2_split = NULL;
-
-    if (!filespec1 && !filespec2) {
-        DSOerr(DSO_F_WIN32_MERGER, ERR_R_PASSED_NULL_PARAMETER);
-        return (NULL);
-    }
-    if (!filespec2) {
-        merged = OPENSSL_malloc(strlen(filespec1) + 1);
-        if (!merged) {
-            DSOerr(DSO_F_WIN32_MERGER, ERR_R_MALLOC_FAILURE);
-            return (NULL);
-        }
-        strcpy(merged, filespec1);
-    } else if (!filespec1) {
-        merged = OPENSSL_malloc(strlen(filespec2) + 1);
-        if (!merged) {
-            DSOerr(DSO_F_WIN32_MERGER, ERR_R_MALLOC_FAILURE);
-            return (NULL);
-        }
-        strcpy(merged, filespec2);
-    } else {
-        filespec1_split = win32_splitter(dso, filespec1, 0);
-        if (!filespec1_split) {
-            DSOerr(DSO_F_WIN32_MERGER, ERR_R_MALLOC_FAILURE);
-            return (NULL);
-        }
-        filespec2_split = win32_splitter(dso, filespec2, 1);
-        if (!filespec2_split) {
-            DSOerr(DSO_F_WIN32_MERGER, ERR_R_MALLOC_FAILURE);
-            OPENSSL_free(filespec1_split);
-            return (NULL);
-        }
-
-        /* Fill in into filespec1_split */
-        if (!filespec1_split->node && !filespec1_split->device) {
-            filespec1_split->node = filespec2_split->node;
-            filespec1_split->nodelen = filespec2_split->nodelen;
-            filespec1_split->device = filespec2_split->device;
-            filespec1_split->devicelen = filespec2_split->devicelen;
-        }
-        if (!filespec1_split->dir) {
-            filespec1_split->dir = filespec2_split->dir;
-            filespec1_split->dirlen = filespec2_split->dirlen;
-        } else if (filespec1_split->dir[0] != '\\'
-                   && filespec1_split->dir[0] != '/') {
-            filespec1_split->predir = filespec2_split->dir;
-            filespec1_split->predirlen = filespec2_split->dirlen;
-        }
-        if (!filespec1_split->file) {
-            filespec1_split->file = filespec2_split->file;
-            filespec1_split->filelen = filespec2_split->filelen;
-        }
-
-        merged = win32_joiner(dso, filespec1_split);
-    }
-    OPENSSL_free(filespec1_split);
-    OPENSSL_free(filespec2_split);
-    return (merged);
-}
-
-static char *win32_name_converter(DSO *dso, const char *filename)
-{
-    char *translated;
-    int len, transform;
-
-    len = strlen(filename);
-    transform = ((strstr(filename, "/") == NULL) &&
-                 (strstr(filename, "\\") == NULL) &&
-                 (strstr(filename, ":") == NULL));
-    if (transform)
-        /* We will convert this to "%s.dll" */
-        translated = OPENSSL_malloc(len + 5);
-    else
-        /* We will simply duplicate filename */
-        translated = OPENSSL_malloc(len + 1);
-    if (translated == NULL) {
-        DSOerr(DSO_F_WIN32_NAME_CONVERTER, DSO_R_NAME_TRANSLATION_FAILED);
-        return (NULL);
-    }
-    if (transform)
-        sprintf(translated, "%s.dll", filename);
-    else
-        sprintf(translated, "%s", filename);
-    return (translated);
-}
-
-static const char *openssl_strnchr(const char *string, int c, size_t len)
-{
-    size_t i;
-    const char *p;
-    for (i = 0, p = string; i < len && *p; i++, p++) {
-        if (*p == c)
-            return p;
-    }
-    return NULL;
-}
-
-# include <tlhelp32.h>
-# ifdef _WIN32_WCE
-#  define DLLNAME "TOOLHELP.DLL"
-# else
-#  ifdef MODULEENTRY32
-#   undef MODULEENTRY32         /* unmask the ASCII version! */
-#  endif
-#  define DLLNAME "KERNEL32.DLL"
-# endif
-
-typedef HANDLE(WINAPI *CREATETOOLHELP32SNAPSHOT) (DWORD, DWORD);
-typedef BOOL(WINAPI *CLOSETOOLHELP32SNAPSHOT) (HANDLE);
-typedef BOOL(WINAPI *MODULE32) (HANDLE, MODULEENTRY32 *);
-
-static int win32_pathbyaddr(void *addr, char *path, int sz)
-{
-    HMODULE dll;
-    HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
-    MODULEENTRY32 me32;
-    CREATETOOLHELP32SNAPSHOT create_snap;
-    CLOSETOOLHELP32SNAPSHOT close_snap;
-    MODULE32 module_first, module_next;
-
-    if (addr == NULL) {
-        union {
-            int (*f) (void *, char *, int);
-            void *p;
-        } t = {
-            win32_pathbyaddr
-        };
-        addr = t.p;
-    }
-
-    dll = LoadLibrary(TEXT(DLLNAME));
-    if (dll == NULL) {
-        DSOerr(DSO_F_WIN32_PATHBYADDR, DSO_R_UNSUPPORTED);
-        return -1;
-    }
-
-    create_snap = (CREATETOOLHELP32SNAPSHOT)
-        GetProcAddress(dll, "CreateToolhelp32Snapshot");
-    if (create_snap == NULL) {
-        FreeLibrary(dll);
-        DSOerr(DSO_F_WIN32_PATHBYADDR, DSO_R_UNSUPPORTED);
-        return -1;
-    }
-    /* We take the rest for granted... */
-# ifdef _WIN32_WCE
-    close_snap = (CLOSETOOLHELP32SNAPSHOT)
-        GetProcAddress(dll, "CloseToolhelp32Snapshot");
-# else
-    close_snap = (CLOSETOOLHELP32SNAPSHOT) CloseHandle;
-# endif
-    module_first = (MODULE32) GetProcAddress(dll, "Module32First");
-    module_next = (MODULE32) GetProcAddress(dll, "Module32Next");
-
-    hModuleSnap = (*create_snap) (TH32CS_SNAPMODULE, 0);
-    if (hModuleSnap == INVALID_HANDLE_VALUE) {
-        FreeLibrary(dll);
-        DSOerr(DSO_F_WIN32_PATHBYADDR, DSO_R_UNSUPPORTED);
-        return -1;
-    }
-
-    me32.dwSize = sizeof(me32);
-
-    if (!(*module_first) (hModuleSnap, &me32)) {
-        (*close_snap) (hModuleSnap);
-        FreeLibrary(dll);
-        DSOerr(DSO_F_WIN32_PATHBYADDR, DSO_R_FAILURE);
-        return -1;
-    }
-
-    do {
-        if ((BYTE *) addr >= me32.modBaseAddr &&
-            (BYTE *) addr < me32.modBaseAddr + me32.modBaseSize) {
-            (*close_snap) (hModuleSnap);
-            FreeLibrary(dll);
-# ifdef _WIN32_WCE
-#  if _WIN32_WCE >= 101
-            return WideCharToMultiByte(CP_ACP, 0, me32.szExePath, -1,
-                                       path, sz, NULL, NULL);
-#  else
-            {
-                int i, len = (int)wcslen(me32.szExePath);
-                if (sz <= 0)
-                    return len + 1;
-                if (len >= sz)
-                    len = sz - 1;
-                for (i = 0; i < len; i++)
-                    path[i] = (char)me32.szExePath[i];
-                path[len++] = 0;
-                return len;
-            }
-#  endif
-# else
-            {
-                int len = (int)strlen(me32.szExePath);
-                if (sz <= 0)
-                    return len + 1;
-                if (len >= sz)
-                    len = sz - 1;
-                memcpy(path, me32.szExePath, len);
-                path[len++] = 0;
-                return len;
-            }
-# endif
-        }
-    } while ((*module_next) (hModuleSnap, &me32));
-
-    (*close_snap) (hModuleSnap);
-    FreeLibrary(dll);
-    return 0;
-}
-
-static void *win32_globallookup(const char *name)
-{
-    HMODULE dll;
-    HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
-    MODULEENTRY32 me32;
-    CREATETOOLHELP32SNAPSHOT create_snap;
-    CLOSETOOLHELP32SNAPSHOT close_snap;
-    MODULE32 module_first, module_next;
-    FARPROC ret = NULL;
-
-    dll = LoadLibrary(TEXT(DLLNAME));
-    if (dll == NULL) {
-        DSOerr(DSO_F_WIN32_GLOBALLOOKUP, DSO_R_UNSUPPORTED);
-        return NULL;
-    }
-
-    create_snap = (CREATETOOLHELP32SNAPSHOT)
-        GetProcAddress(dll, "CreateToolhelp32Snapshot");
-    if (create_snap == NULL) {
-        FreeLibrary(dll);
-        DSOerr(DSO_F_WIN32_GLOBALLOOKUP, DSO_R_UNSUPPORTED);
-        return NULL;
-    }
-    /* We take the rest for granted... */
-# ifdef _WIN32_WCE
-    close_snap = (CLOSETOOLHELP32SNAPSHOT)
-        GetProcAddress(dll, "CloseToolhelp32Snapshot");
-# else
-    close_snap = (CLOSETOOLHELP32SNAPSHOT) CloseHandle;
-# endif
-    module_first = (MODULE32) GetProcAddress(dll, "Module32First");
-    module_next = (MODULE32) GetProcAddress(dll, "Module32Next");
-
-    hModuleSnap = (*create_snap) (TH32CS_SNAPMODULE, 0);
-    if (hModuleSnap == INVALID_HANDLE_VALUE) {
-        FreeLibrary(dll);
-        DSOerr(DSO_F_WIN32_GLOBALLOOKUP, DSO_R_UNSUPPORTED);
-        return NULL;
-    }
-
-    me32.dwSize = sizeof(me32);
-
-    if (!(*module_first) (hModuleSnap, &me32)) {
-        (*close_snap) (hModuleSnap);
-        FreeLibrary(dll);
-        return NULL;
-    }
-
-    do {
-        if ((ret = GetProcAddress(me32.hModule, name))) {
-            (*close_snap) (hModuleSnap);
-            FreeLibrary(dll);
-            return ret;
-        }
-    } while ((*module_next) (hModuleSnap, &me32));
-
-    (*close_snap) (hModuleSnap);
-    FreeLibrary(dll);
-    return NULL;
-}
-#endif                          /* DSO_WIN32 */
diff --git a/thirdparty/openssl/crypto/ebcdic.c b/thirdparty/openssl/crypto/ebcdic.c
deleted file mode 100644
index fd6df92b46..0000000000
--- a/thirdparty/openssl/crypto/ebcdic.c
+++ /dev/null
@@ -1,284 +0,0 @@
-/* crypto/ebcdic.c */
-
-#ifndef CHARSET_EBCDIC
-
-# include <openssl/e_os2.h>
-# if defined(PEDANTIC) || defined(__DECC) || defined(OPENSSL_SYS_MACOSX) || defined(__clang__)
-static void *dummy = &dummy;
-# endif
-
-#else                           /* CHARSET_EBCDIC */
-
-# include "ebcdic.h"
-/*-
- *      Initial Port for  Apache-1.3     by <Martin.Kraemer@Mch.SNI.De>
- *      Adapted for       OpenSSL-0.9.4  by <Martin.Kraemer@Mch.SNI.De>
- */
-
-# ifdef _OSD_POSIX
-/*
- * "BS2000 OSD" is a POSIX subsystem on a main frame. It is made by Siemens
- * AG, Germany, for their BS2000 mainframe machines. Within the POSIX
- * subsystem, the same character set was chosen as in "native BS2000", namely
- * EBCDIC. (EDF04)
- *
- * The name "ASCII" in these routines is misleading: actually, conversion is
- * not between EBCDIC and ASCII, but EBCDIC(EDF04) and ISO-8859.1; that means
- * that (western european) national characters are preserved.
- *
- * This table is identical to the one used by rsh/rcp/ftp and other POSIX
- * tools.
- */
-
-/* Here's the bijective ebcdic-to-ascii table: */
-const unsigned char os_toascii[256] = {
-    /*
-     * 00
-     */ 0x00, 0x01, 0x02, 0x03, 0x85, 0x09, 0x86, 0x7f,
-    0x87, 0x8d, 0x8e, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, /* ................ */
-    /*
-     * 10
-     */ 0x10, 0x11, 0x12, 0x13, 0x8f, 0x0a, 0x08, 0x97,
-    0x18, 0x19, 0x9c, 0x9d, 0x1c, 0x1d, 0x1e, 0x1f, /* ................ */
-    /*
-     * 20
-     */ 0x80, 0x81, 0x82, 0x83, 0x84, 0x92, 0x17, 0x1b,
-    0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x05, 0x06, 0x07, /* ................ */
-    /*
-     * 30
-     */ 0x90, 0x91, 0x16, 0x93, 0x94, 0x95, 0x96, 0x04,
-    0x98, 0x99, 0x9a, 0x9b, 0x14, 0x15, 0x9e, 0x1a, /* ................ */
-    /*
-     * 40
-     */ 0x20, 0xa0, 0xe2, 0xe4, 0xe0, 0xe1, 0xe3, 0xe5,
-    0xe7, 0xf1, 0x60, 0x2e, 0x3c, 0x28, 0x2b, 0x7c, /* .........`.<(+| */
-    /*
-     * 50
-     */ 0x26, 0xe9, 0xea, 0xeb, 0xe8, 0xed, 0xee, 0xef,
-    0xec, 0xdf, 0x21, 0x24, 0x2a, 0x29, 0x3b, 0x9f, /* &.........!$*);. */
-    /*
-     * 60
-     */ 0x2d, 0x2f, 0xc2, 0xc4, 0xc0, 0xc1, 0xc3, 0xc5,
-    0xc7, 0xd1, 0x5e, 0x2c, 0x25, 0x5f, 0x3e, 0x3f,    /*-/........^,%_>?*/
-    /*
-     * 70
-     */ 0xf8, 0xc9, 0xca, 0xcb, 0xc8, 0xcd, 0xce, 0xcf,
-    0xcc, 0xa8, 0x3a, 0x23, 0x40, 0x27, 0x3d, 0x22, /* ..........:#@'=" */
-    /*
-     * 80
-     */ 0xd8, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
-    0x68, 0x69, 0xab, 0xbb, 0xf0, 0xfd, 0xfe, 0xb1, /* .abcdefghi...... */
-    /*
-     * 90
-     */ 0xb0, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70,
-    0x71, 0x72, 0xaa, 0xba, 0xe6, 0xb8, 0xc6, 0xa4, /* .jklmnopqr...... */
-    /*
-     * a0
-     */ 0xb5, 0xaf, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78,
-    0x79, 0x7a, 0xa1, 0xbf, 0xd0, 0xdd, 0xde, 0xae, /* ..stuvwxyz...... */
-    /*
-     * b0
-     */ 0xa2, 0xa3, 0xa5, 0xb7, 0xa9, 0xa7, 0xb6, 0xbc,
-    0xbd, 0xbe, 0xac, 0x5b, 0x5c, 0x5d, 0xb4, 0xd7, /* ...........[\].. */
-    /*
-     * c0
-     */ 0xf9, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
-    0x48, 0x49, 0xad, 0xf4, 0xf6, 0xf2, 0xf3, 0xf5, /* .ABCDEFGHI...... */
-    /*
-     * d0
-     */ 0xa6, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50,
-    0x51, 0x52, 0xb9, 0xfb, 0xfc, 0xdb, 0xfa, 0xff, /* .JKLMNOPQR...... */
-    /*
-     * e0
-     */ 0xd9, 0xf7, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58,
-    0x59, 0x5a, 0xb2, 0xd4, 0xd6, 0xd2, 0xd3, 0xd5, /* ..STUVWXYZ...... */
-    /*
-     * f0
-     */ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
-    0x38, 0x39, 0xb3, 0x7b, 0xdc, 0x7d, 0xda, 0x7e /* 0123456789.{.}.~ */
-};
-
-/* The ascii-to-ebcdic table: */
-const unsigned char os_toebcdic[256] = {
-    /*
-     * 00
-     */ 0x00, 0x01, 0x02, 0x03, 0x37, 0x2d, 0x2e, 0x2f,
-    0x16, 0x05, 0x15, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, /* ................ */
-    /*
-     * 10
-     */ 0x10, 0x11, 0x12, 0x13, 0x3c, 0x3d, 0x32, 0x26,
-    0x18, 0x19, 0x3f, 0x27, 0x1c, 0x1d, 0x1e, 0x1f, /* ................ */
-    /*
-     * 20
-     */ 0x40, 0x5a, 0x7f, 0x7b, 0x5b, 0x6c, 0x50, 0x7d,
-    0x4d, 0x5d, 0x5c, 0x4e, 0x6b, 0x60, 0x4b, 0x61, /* !"#$%&'()*+,-./ */
-    /*
-     * 30
-     */ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
-    0xf8, 0xf9, 0x7a, 0x5e, 0x4c, 0x7e, 0x6e, 0x6f, /* 0123456789:;<=>? */
-    /*
-     * 40
-     */ 0x7c, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
-    0xc8, 0xc9, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, /* @ABCDEFGHIJKLMNO */
-    /*
-     * 50
-     */ 0xd7, 0xd8, 0xd9, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6,
-    0xe7, 0xe8, 0xe9, 0xbb, 0xbc, 0xbd, 0x6a, 0x6d, /* PQRSTUVWXYZ[\]^_ */
-    /*
-     * 60
-     */ 0x4a, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
-    0x88, 0x89, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, /* `abcdefghijklmno */
-    /*
-     * 70
-     */ 0x97, 0x98, 0x99, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6,
-    0xa7, 0xa8, 0xa9, 0xfb, 0x4f, 0xfd, 0xff, 0x07, /* pqrstuvwxyz{|}~. */
-    /*
-     * 80
-     */ 0x20, 0x21, 0x22, 0x23, 0x24, 0x04, 0x06, 0x08,
-    0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x09, 0x0a, 0x14, /* ................ */
-    /*
-     * 90
-     */ 0x30, 0x31, 0x25, 0x33, 0x34, 0x35, 0x36, 0x17,
-    0x38, 0x39, 0x3a, 0x3b, 0x1a, 0x1b, 0x3e, 0x5f, /* ................ */
-    /*
-     * a0
-     */ 0x41, 0xaa, 0xb0, 0xb1, 0x9f, 0xb2, 0xd0, 0xb5,
-    0x79, 0xb4, 0x9a, 0x8a, 0xba, 0xca, 0xaf, 0xa1, /* ................ */
-    /*
-     * b0
-     */ 0x90, 0x8f, 0xea, 0xfa, 0xbe, 0xa0, 0xb6, 0xb3,
-    0x9d, 0xda, 0x9b, 0x8b, 0xb7, 0xb8, 0xb9, 0xab, /* ................ */
-    /*
-     * c0
-     */ 0x64, 0x65, 0x62, 0x66, 0x63, 0x67, 0x9e, 0x68,
-    0x74, 0x71, 0x72, 0x73, 0x78, 0x75, 0x76, 0x77, /* ................ */
-    /*
-     * d0
-     */ 0xac, 0x69, 0xed, 0xee, 0xeb, 0xef, 0xec, 0xbf,
-    0x80, 0xe0, 0xfe, 0xdd, 0xfc, 0xad, 0xae, 0x59, /* ................ */
-    /*
-     * e0
-     */ 0x44, 0x45, 0x42, 0x46, 0x43, 0x47, 0x9c, 0x48,
-    0x54, 0x51, 0x52, 0x53, 0x58, 0x55, 0x56, 0x57, /* ................ */
-    /*
-     * f0
-     */ 0x8c, 0x49, 0xcd, 0xce, 0xcb, 0xcf, 0xcc, 0xe1,
-    0x70, 0xc0, 0xde, 0xdb, 0xdc, 0x8d, 0x8e, 0xdf /* ................ */
-};
-
-# else /*_OSD_POSIX*/
-
-/*
- * This code does basic character mapping for IBM's TPF and OS/390 operating
- * systems. It is a modified version of the BS2000 table.
- *
- * Bijective EBCDIC (character set IBM-1047) to US-ASCII table: This table is
- * bijective - there are no ambigous or duplicate characters.
- */
-const unsigned char os_toascii[256] = {
-    0x00, 0x01, 0x02, 0x03, 0x85, 0x09, 0x86, 0x7f, /* 00-0f: */
-    0x87, 0x8d, 0x8e, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, /* ................ */
-    0x10, 0x11, 0x12, 0x13, 0x8f, 0x0a, 0x08, 0x97, /* 10-1f: */
-    0x18, 0x19, 0x9c, 0x9d, 0x1c, 0x1d, 0x1e, 0x1f, /* ................ */
-    0x80, 0x81, 0x82, 0x83, 0x84, 0x92, 0x17, 0x1b, /* 20-2f: */
-    0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x05, 0x06, 0x07, /* ................ */
-    0x90, 0x91, 0x16, 0x93, 0x94, 0x95, 0x96, 0x04, /* 30-3f: */
-    0x98, 0x99, 0x9a, 0x9b, 0x14, 0x15, 0x9e, 0x1a, /* ................ */
-    0x20, 0xa0, 0xe2, 0xe4, 0xe0, 0xe1, 0xe3, 0xe5, /* 40-4f: */
-    0xe7, 0xf1, 0xa2, 0x2e, 0x3c, 0x28, 0x2b, 0x7c, /* ...........<(+| */
-    0x26, 0xe9, 0xea, 0xeb, 0xe8, 0xed, 0xee, 0xef, /* 50-5f: */
-    0xec, 0xdf, 0x21, 0x24, 0x2a, 0x29, 0x3b, 0x5e, /* &.........!$*);^ */
-    0x2d, 0x2f, 0xc2, 0xc4, 0xc0, 0xc1, 0xc3, 0xc5, /* 60-6f: */
-    0xc7, 0xd1, 0xa6, 0x2c, 0x25, 0x5f, 0x3e, 0x3f, /* -/.........,%_>? */
-    0xf8, 0xc9, 0xca, 0xcb, 0xc8, 0xcd, 0xce, 0xcf, /* 70-7f: */
-    0xcc, 0x60, 0x3a, 0x23, 0x40, 0x27, 0x3d, 0x22, /* .........`:#@'=" */
-    0xd8, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, /* 80-8f: */
-    0x68, 0x69, 0xab, 0xbb, 0xf0, 0xfd, 0xfe, 0xb1, /* .abcdefghi...... */
-    0xb0, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, /* 90-9f: */
-    0x71, 0x72, 0xaa, 0xba, 0xe6, 0xb8, 0xc6, 0xa4, /* .jklmnopqr...... */
-    0xb5, 0x7e, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, /* a0-af: */
-    0x79, 0x7a, 0xa1, 0xbf, 0xd0, 0x5b, 0xde, 0xae, /* .~stuvwxyz...[.. */
-    0xac, 0xa3, 0xa5, 0xb7, 0xa9, 0xa7, 0xb6, 0xbc, /* b0-bf: */
-    0xbd, 0xbe, 0xdd, 0xa8, 0xaf, 0x5d, 0xb4, 0xd7, /* .............].. */
-    0x7b, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, /* c0-cf: */
-    0x48, 0x49, 0xad, 0xf4, 0xf6, 0xf2, 0xf3, 0xf5, /* {ABCDEFGHI...... */
-    0x7d, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, /* d0-df: */
-    0x51, 0x52, 0xb9, 0xfb, 0xfc, 0xf9, 0xfa, 0xff, /* }JKLMNOPQR...... */
-    0x5c, 0xf7, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, /* e0-ef: */
-    0x59, 0x5a, 0xb2, 0xd4, 0xd6, 0xd2, 0xd3, 0xd5, /* \.STUVWXYZ...... */
-    0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* f0-ff: */
-    0x38, 0x39, 0xb3, 0xdb, 0xdc, 0xd9, 0xda, 0x9f /* 0123456789...... */
-};
-
-/*
- * The US-ASCII to EBCDIC (character set IBM-1047) table: This table is
- * bijective (no ambiguous or duplicate characters)
- */
-const unsigned char os_toebcdic[256] = {
-    0x00, 0x01, 0x02, 0x03, 0x37, 0x2d, 0x2e, 0x2f, /* 00-0f: */
-    0x16, 0x05, 0x15, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, /* ................ */
-    0x10, 0x11, 0x12, 0x13, 0x3c, 0x3d, 0x32, 0x26, /* 10-1f: */
-    0x18, 0x19, 0x3f, 0x27, 0x1c, 0x1d, 0x1e, 0x1f, /* ................ */
-    0x40, 0x5a, 0x7f, 0x7b, 0x5b, 0x6c, 0x50, 0x7d, /* 20-2f: */
-    0x4d, 0x5d, 0x5c, 0x4e, 0x6b, 0x60, 0x4b, 0x61, /* !"#$%&'()*+,-./ */
-    0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, /* 30-3f: */
-    0xf8, 0xf9, 0x7a, 0x5e, 0x4c, 0x7e, 0x6e, 0x6f, /* 0123456789:;<=>? */
-    0x7c, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, /* 40-4f: */
-    0xc8, 0xc9, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, /* @ABCDEFGHIJKLMNO */
-    0xd7, 0xd8, 0xd9, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, /* 50-5f: */
-    0xe7, 0xe8, 0xe9, 0xad, 0xe0, 0xbd, 0x5f, 0x6d, /* PQRSTUVWXYZ[\]^_ */
-    0x79, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, /* 60-6f: */
-    0x88, 0x89, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, /* `abcdefghijklmno */
-    0x97, 0x98, 0x99, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, /* 70-7f: */
-    0xa7, 0xa8, 0xa9, 0xc0, 0x4f, 0xd0, 0xa1, 0x07, /* pqrstuvwxyz{|}~. */
-    0x20, 0x21, 0x22, 0x23, 0x24, 0x04, 0x06, 0x08, /* 80-8f: */
-    0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x09, 0x0a, 0x14, /* ................ */
-    0x30, 0x31, 0x25, 0x33, 0x34, 0x35, 0x36, 0x17, /* 90-9f: */
-    0x38, 0x39, 0x3a, 0x3b, 0x1a, 0x1b, 0x3e, 0xff, /* ................ */
-    0x41, 0xaa, 0x4a, 0xb1, 0x9f, 0xb2, 0x6a, 0xb5, /* a0-af: */
-    0xbb, 0xb4, 0x9a, 0x8a, 0xb0, 0xca, 0xaf, 0xbc, /* ................ */
-    0x90, 0x8f, 0xea, 0xfa, 0xbe, 0xa0, 0xb6, 0xb3, /* b0-bf: */
-    0x9d, 0xda, 0x9b, 0x8b, 0xb7, 0xb8, 0xb9, 0xab, /* ................ */
-    0x64, 0x65, 0x62, 0x66, 0x63, 0x67, 0x9e, 0x68, /* c0-cf: */
-    0x74, 0x71, 0x72, 0x73, 0x78, 0x75, 0x76, 0x77, /* ................ */
-    0xac, 0x69, 0xed, 0xee, 0xeb, 0xef, 0xec, 0xbf, /* d0-df: */
-    0x80, 0xfd, 0xfe, 0xfb, 0xfc, 0xba, 0xae, 0x59, /* ................ */
-    0x44, 0x45, 0x42, 0x46, 0x43, 0x47, 0x9c, 0x48, /* e0-ef: */
-    0x54, 0x51, 0x52, 0x53, 0x58, 0x55, 0x56, 0x57, /* ................ */
-    0x8c, 0x49, 0xcd, 0xce, 0xcb, 0xcf, 0xcc, 0xe1, /* f0-ff: */
-    0x70, 0xdd, 0xde, 0xdb, 0xdc, 0x8d, 0x8e, 0xdf /* ................ */
-};
-# endif/*_OSD_POSIX*/
-
-/*
- * Translate a memory block from EBCDIC (host charset) to ASCII (net charset)
- * dest and srce may be identical, or separate memory blocks, but should not
- * overlap. These functions intentionally have an interface compatible to
- * memcpy(3).
- */
-
-void *ebcdic2ascii(void *dest, const void *srce, size_t count)
-{
-    unsigned char *udest = dest;
-    const unsigned char *usrce = srce;
-
-    while (count-- != 0) {
-        *udest++ = os_toascii[*usrce++];
-    }
-
-    return dest;
-}
-
-void *ascii2ebcdic(void *dest, const void *srce, size_t count)
-{
-    unsigned char *udest = dest;
-    const unsigned char *usrce = srce;
-
-    while (count-- != 0) {
-        *udest++ = os_toebcdic[*usrce++];
-    }
-
-    return dest;
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/ec/ec2_mult.c b/thirdparty/openssl/crypto/ec/ec2_mult.c
deleted file mode 100644
index 1f9cc00aea..0000000000
--- a/thirdparty/openssl/crypto/ec/ec2_mult.c
+++ /dev/null
@@ -1,465 +0,0 @@
-/* crypto/ec/ec2_mult.c */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
- * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
- * to the OpenSSL project.
- *
- * The ECC Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- *
- * The software is originally written by Sheueling Chang Shantz and
- * Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/err.h>
-
-#include "ec_lcl.h"
-
-#ifndef OPENSSL_NO_EC2M
-
-/*-
- * Compute the x-coordinate x/z for the point 2*(x/z) in Montgomery projective
- * coordinates.
- * Uses algorithm Mdouble in appendix of
- *     Lopez, J. and Dahab, R.  "Fast multiplication on elliptic curves over
- *     GF(2^m) without precomputation" (CHES '99, LNCS 1717).
- * modified to not require precomputation of c=b^{2^{m-1}}.
- */
-static int gf2m_Mdouble(const EC_GROUP *group, BIGNUM *x, BIGNUM *z,
-                        BN_CTX *ctx)
-{
-    BIGNUM *t1;
-    int ret = 0;
-
-    /* Since Mdouble is static we can guarantee that ctx != NULL. */
-    BN_CTX_start(ctx);
-    t1 = BN_CTX_get(ctx);
-    if (t1 == NULL)
-        goto err;
-
-    if (!group->meth->field_sqr(group, x, x, ctx))
-        goto err;
-    if (!group->meth->field_sqr(group, t1, z, ctx))
-        goto err;
-    if (!group->meth->field_mul(group, z, x, t1, ctx))
-        goto err;
-    if (!group->meth->field_sqr(group, x, x, ctx))
-        goto err;
-    if (!group->meth->field_sqr(group, t1, t1, ctx))
-        goto err;
-    if (!group->meth->field_mul(group, t1, &group->b, t1, ctx))
-        goto err;
-    if (!BN_GF2m_add(x, x, t1))
-        goto err;
-
-    ret = 1;
-
- err:
-    BN_CTX_end(ctx);
-    return ret;
-}
-
-/*-
- * Compute the x-coordinate x1/z1 for the point (x1/z1)+(x2/x2) in Montgomery
- * projective coordinates.
- * Uses algorithm Madd in appendix of
- *     Lopez, J. and Dahab, R.  "Fast multiplication on elliptic curves over
- *     GF(2^m) without precomputation" (CHES '99, LNCS 1717).
- */
-static int gf2m_Madd(const EC_GROUP *group, const BIGNUM *x, BIGNUM *x1,
-                     BIGNUM *z1, const BIGNUM *x2, const BIGNUM *z2,
-                     BN_CTX *ctx)
-{
-    BIGNUM *t1, *t2;
-    int ret = 0;
-
-    /* Since Madd is static we can guarantee that ctx != NULL. */
-    BN_CTX_start(ctx);
-    t1 = BN_CTX_get(ctx);
-    t2 = BN_CTX_get(ctx);
-    if (t2 == NULL)
-        goto err;
-
-    if (!BN_copy(t1, x))
-        goto err;
-    if (!group->meth->field_mul(group, x1, x1, z2, ctx))
-        goto err;
-    if (!group->meth->field_mul(group, z1, z1, x2, ctx))
-        goto err;
-    if (!group->meth->field_mul(group, t2, x1, z1, ctx))
-        goto err;
-    if (!BN_GF2m_add(z1, z1, x1))
-        goto err;
-    if (!group->meth->field_sqr(group, z1, z1, ctx))
-        goto err;
-    if (!group->meth->field_mul(group, x1, z1, t1, ctx))
-        goto err;
-    if (!BN_GF2m_add(x1, x1, t2))
-        goto err;
-
-    ret = 1;
-
- err:
-    BN_CTX_end(ctx);
-    return ret;
-}
-
-/*-
- * Compute the x, y affine coordinates from the point (x1, z1) (x2, z2)
- * using Montgomery point multiplication algorithm Mxy() in appendix of
- *     Lopez, J. and Dahab, R.  "Fast multiplication on elliptic curves over
- *     GF(2^m) without precomputation" (CHES '99, LNCS 1717).
- * Returns:
- *     0 on error
- *     1 if return value should be the point at infinity
- *     2 otherwise
- */
-static int gf2m_Mxy(const EC_GROUP *group, const BIGNUM *x, const BIGNUM *y,
-                    BIGNUM *x1, BIGNUM *z1, BIGNUM *x2, BIGNUM *z2,
-                    BN_CTX *ctx)
-{
-    BIGNUM *t3, *t4, *t5;
-    int ret = 0;
-
-    if (BN_is_zero(z1)) {
-        BN_zero(x2);
-        BN_zero(z2);
-        return 1;
-    }
-
-    if (BN_is_zero(z2)) {
-        if (!BN_copy(x2, x))
-            return 0;
-        if (!BN_GF2m_add(z2, x, y))
-            return 0;
-        return 2;
-    }
-
-    /* Since Mxy is static we can guarantee that ctx != NULL. */
-    BN_CTX_start(ctx);
-    t3 = BN_CTX_get(ctx);
-    t4 = BN_CTX_get(ctx);
-    t5 = BN_CTX_get(ctx);
-    if (t5 == NULL)
-        goto err;
-
-    if (!BN_one(t5))
-        goto err;
-
-    if (!group->meth->field_mul(group, t3, z1, z2, ctx))
-        goto err;
-
-    if (!group->meth->field_mul(group, z1, z1, x, ctx))
-        goto err;
-    if (!BN_GF2m_add(z1, z1, x1))
-        goto err;
-    if (!group->meth->field_mul(group, z2, z2, x, ctx))
-        goto err;
-    if (!group->meth->field_mul(group, x1, z2, x1, ctx))
-        goto err;
-    if (!BN_GF2m_add(z2, z2, x2))
-        goto err;
-
-    if (!group->meth->field_mul(group, z2, z2, z1, ctx))
-        goto err;
-    if (!group->meth->field_sqr(group, t4, x, ctx))
-        goto err;
-    if (!BN_GF2m_add(t4, t4, y))
-        goto err;
-    if (!group->meth->field_mul(group, t4, t4, t3, ctx))
-        goto err;
-    if (!BN_GF2m_add(t4, t4, z2))
-        goto err;
-
-    if (!group->meth->field_mul(group, t3, t3, x, ctx))
-        goto err;
-    if (!group->meth->field_div(group, t3, t5, t3, ctx))
-        goto err;
-    if (!group->meth->field_mul(group, t4, t3, t4, ctx))
-        goto err;
-    if (!group->meth->field_mul(group, x2, x1, t3, ctx))
-        goto err;
-    if (!BN_GF2m_add(z2, x2, x))
-        goto err;
-
-    if (!group->meth->field_mul(group, z2, z2, t4, ctx))
-        goto err;
-    if (!BN_GF2m_add(z2, z2, y))
-        goto err;
-
-    ret = 2;
-
- err:
-    BN_CTX_end(ctx);
-    return ret;
-}
-
-/*-
- * Computes scalar*point and stores the result in r.
- * point can not equal r.
- * Uses a modified algorithm 2P of
- *     Lopez, J. and Dahab, R.  "Fast multiplication on elliptic curves over
- *     GF(2^m) without precomputation" (CHES '99, LNCS 1717).
- *
- * To protect against side-channel attack the function uses constant time swap,
- * avoiding conditional branches.
- */
-static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group,
-                                             EC_POINT *r,
-                                             const BIGNUM *scalar,
-                                             const EC_POINT *point,
-                                             BN_CTX *ctx)
-{
-    BIGNUM *x1, *x2, *z1, *z2;
-    int ret = 0, i, group_top;
-    BN_ULONG mask, word;
-
-    if (r == point) {
-        ECerr(EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY, EC_R_INVALID_ARGUMENT);
-        return 0;
-    }
-
-    /* if result should be point at infinity */
-    if ((scalar == NULL) || BN_is_zero(scalar) || (point == NULL) ||
-        EC_POINT_is_at_infinity(group, point)) {
-        return EC_POINT_set_to_infinity(group, r);
-    }
-
-    /* only support affine coordinates */
-    if (!point->Z_is_one)
-        return 0;
-
-    /*
-     * Since point_multiply is static we can guarantee that ctx != NULL.
-     */
-    BN_CTX_start(ctx);
-    x1 = BN_CTX_get(ctx);
-    z1 = BN_CTX_get(ctx);
-    if (z1 == NULL)
-        goto err;
-
-    x2 = &r->X;
-    z2 = &r->Y;
-
-    group_top = group->field.top;
-    if (bn_wexpand(x1, group_top) == NULL
-        || bn_wexpand(z1, group_top) == NULL
-        || bn_wexpand(x2, group_top) == NULL
-        || bn_wexpand(z2, group_top) == NULL)
-        goto err;
-
-    if (!BN_GF2m_mod_arr(x1, &point->X, group->poly))
-        goto err;               /* x1 = x */
-    if (!BN_one(z1))
-        goto err;               /* z1 = 1 */
-    if (!group->meth->field_sqr(group, z2, x1, ctx))
-        goto err;               /* z2 = x1^2 = x^2 */
-    if (!group->meth->field_sqr(group, x2, z2, ctx))
-        goto err;
-    if (!BN_GF2m_add(x2, x2, &group->b))
-        goto err;               /* x2 = x^4 + b */
-
-    /* find top most bit and go one past it */
-    i = scalar->top - 1;
-    mask = BN_TBIT;
-    word = scalar->d[i];
-    while (!(word & mask))
-        mask >>= 1;
-    mask >>= 1;
-    /* if top most bit was at word break, go to next word */
-    if (!mask) {
-        i--;
-        mask = BN_TBIT;
-    }
-
-    for (; i >= 0; i--) {
-        word = scalar->d[i];
-        while (mask) {
-            BN_consttime_swap(word & mask, x1, x2, group_top);
-            BN_consttime_swap(word & mask, z1, z2, group_top);
-            if (!gf2m_Madd(group, &point->X, x2, z2, x1, z1, ctx))
-                goto err;
-            if (!gf2m_Mdouble(group, x1, z1, ctx))
-                goto err;
-            BN_consttime_swap(word & mask, x1, x2, group_top);
-            BN_consttime_swap(word & mask, z1, z2, group_top);
-            mask >>= 1;
-        }
-        mask = BN_TBIT;
-    }
-
-    /* convert out of "projective" coordinates */
-    i = gf2m_Mxy(group, &point->X, &point->Y, x1, z1, x2, z2, ctx);
-    if (i == 0)
-        goto err;
-    else if (i == 1) {
-        if (!EC_POINT_set_to_infinity(group, r))
-            goto err;
-    } else {
-        if (!BN_one(&r->Z))
-            goto err;
-        r->Z_is_one = 1;
-    }
-
-    /* GF(2^m) field elements should always have BIGNUM::neg = 0 */
-    BN_set_negative(&r->X, 0);
-    BN_set_negative(&r->Y, 0);
-
-    ret = 1;
-
- err:
-    BN_CTX_end(ctx);
-    return ret;
-}
-
-/*-
- * Computes the sum
- *     scalar*group->generator + scalars[0]*points[0] + ... + scalars[num-1]*points[num-1]
- * gracefully ignoring NULL scalar values.
- */
-int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r,
-                       const BIGNUM *scalar, size_t num,
-                       const EC_POINT *points[], const BIGNUM *scalars[],
-                       BN_CTX *ctx)
-{
-    BN_CTX *new_ctx = NULL;
-    int ret = 0;
-    size_t i;
-    EC_POINT *p = NULL;
-    EC_POINT *acc = NULL;
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL)
-            return 0;
-    }
-
-    /*
-     * This implementation is more efficient than the wNAF implementation for
-     * 2 or fewer points.  Use the ec_wNAF_mul implementation for 3 or more
-     * points, or if we can perform a fast multiplication based on
-     * precomputation.
-     */
-    if ((scalar && (num > 1)) || (num > 2)
-        || (num == 0 && EC_GROUP_have_precompute_mult(group))) {
-        ret = ec_wNAF_mul(group, r, scalar, num, points, scalars, ctx);
-        goto err;
-    }
-
-    if ((p = EC_POINT_new(group)) == NULL)
-        goto err;
-    if ((acc = EC_POINT_new(group)) == NULL)
-        goto err;
-
-    if (!EC_POINT_set_to_infinity(group, acc))
-        goto err;
-
-    if (scalar) {
-        if (!ec_GF2m_montgomery_point_multiply
-            (group, p, scalar, group->generator, ctx))
-            goto err;
-        if (BN_is_negative(scalar))
-            if (!group->meth->invert(group, p, ctx))
-                goto err;
-        if (!group->meth->add(group, acc, acc, p, ctx))
-            goto err;
-    }
-
-    for (i = 0; i < num; i++) {
-        if (!ec_GF2m_montgomery_point_multiply
-            (group, p, scalars[i], points[i], ctx))
-            goto err;
-        if (BN_is_negative(scalars[i]))
-            if (!group->meth->invert(group, p, ctx))
-                goto err;
-        if (!group->meth->add(group, acc, acc, p, ctx))
-            goto err;
-    }
-
-    if (!EC_POINT_copy(r, acc))
-        goto err;
-
-    ret = 1;
-
- err:
-    if (p)
-        EC_POINT_free(p);
-    if (acc)
-        EC_POINT_free(acc);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-
-/*
- * Precomputation for point multiplication: fall back to wNAF methods because
- * ec_GF2m_simple_mul() uses ec_wNAF_mul() if appropriate
- */
-
-int ec_GF2m_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
-{
-    return ec_wNAF_precompute_mult(group, ctx);
-}
-
-int ec_GF2m_have_precompute_mult(const EC_GROUP *group)
-{
-    return ec_wNAF_have_precompute_mult(group);
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/ec/ec2_oct.c b/thirdparty/openssl/crypto/ec/ec2_oct.c
deleted file mode 100644
index 0d04cc6923..0000000000
--- a/thirdparty/openssl/crypto/ec/ec2_oct.c
+++ /dev/null
@@ -1,403 +0,0 @@
-/* crypto/ec/ec2_oct.c */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
- * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
- * to the OpenSSL project.
- *
- * The ECC Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- *
- * The software is originally written by Sheueling Chang Shantz and
- * Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/err.h>
-
-#include "ec_lcl.h"
-
-#ifndef OPENSSL_NO_EC2M
-
-/*-
- * Calculates and sets the affine coordinates of an EC_POINT from the given
- * compressed coordinates.  Uses algorithm 2.3.4 of SEC 1.
- * Note that the simple implementation only uses affine coordinates.
- *
- * The method is from the following publication:
- *
- *     Harper, Menezes, Vanstone:
- *     "Public-Key Cryptosystems with Very Small Key Lengths",
- *     EUROCRYPT '92, Springer-Verlag LNCS 658,
- *     published February 1993
- *
- * US Patents 6,141,420 and 6,618,483 (Vanstone, Mullin, Agnew) describe
- * the same method, but claim no priority date earlier than July 29, 1994
- * (and additionally fail to cite the EUROCRYPT '92 publication as prior art).
- */
-int ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *group,
-                                              EC_POINT *point,
-                                              const BIGNUM *x_, int y_bit,
-                                              BN_CTX *ctx)
-{
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *tmp, *x, *y, *z;
-    int ret = 0, z0;
-
-    /* clear error queue */
-    ERR_clear_error();
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL)
-            return 0;
-    }
-
-    y_bit = (y_bit != 0) ? 1 : 0;
-
-    BN_CTX_start(ctx);
-    tmp = BN_CTX_get(ctx);
-    x = BN_CTX_get(ctx);
-    y = BN_CTX_get(ctx);
-    z = BN_CTX_get(ctx);
-    if (z == NULL)
-        goto err;
-
-    if (!BN_GF2m_mod_arr(x, x_, group->poly))
-        goto err;
-    if (BN_is_zero(x)) {
-        if (!BN_GF2m_mod_sqrt_arr(y, &group->b, group->poly, ctx))
-            goto err;
-    } else {
-        if (!group->meth->field_sqr(group, tmp, x, ctx))
-            goto err;
-        if (!group->meth->field_div(group, tmp, &group->b, tmp, ctx))
-            goto err;
-        if (!BN_GF2m_add(tmp, &group->a, tmp))
-            goto err;
-        if (!BN_GF2m_add(tmp, x, tmp))
-            goto err;
-        if (!BN_GF2m_mod_solve_quad_arr(z, tmp, group->poly, ctx)) {
-            unsigned long err = ERR_peek_last_error();
-
-            if (ERR_GET_LIB(err) == ERR_LIB_BN
-                && ERR_GET_REASON(err) == BN_R_NO_SOLUTION) {
-                ERR_clear_error();
-                ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES,
-                      EC_R_INVALID_COMPRESSED_POINT);
-            } else
-                ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES,
-                      ERR_R_BN_LIB);
-            goto err;
-        }
-        z0 = (BN_is_odd(z)) ? 1 : 0;
-        if (!group->meth->field_mul(group, y, x, z, ctx))
-            goto err;
-        if (z0 != y_bit) {
-            if (!BN_GF2m_add(y, y, x))
-                goto err;
-        }
-    }
-
-    if (!EC_POINT_set_affine_coordinates_GF2m(group, point, x, y, ctx))
-        goto err;
-
-    ret = 1;
-
- err:
-    BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-
-/*
- * Converts an EC_POINT to an octet string. If buf is NULL, the encoded
- * length will be returned. If the length len of buf is smaller than required
- * an error will be returned.
- */
-size_t ec_GF2m_simple_point2oct(const EC_GROUP *group, const EC_POINT *point,
-                                point_conversion_form_t form,
-                                unsigned char *buf, size_t len, BN_CTX *ctx)
-{
-    size_t ret;
-    BN_CTX *new_ctx = NULL;
-    int used_ctx = 0;
-    BIGNUM *x, *y, *yxi;
-    size_t field_len, i, skip;
-
-    if ((form != POINT_CONVERSION_COMPRESSED)
-        && (form != POINT_CONVERSION_UNCOMPRESSED)
-        && (form != POINT_CONVERSION_HYBRID)) {
-        ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_INVALID_FORM);
-        goto err;
-    }
-
-    if (EC_POINT_is_at_infinity(group, point)) {
-        /* encodes to a single 0 octet */
-        if (buf != NULL) {
-            if (len < 1) {
-                ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
-                return 0;
-            }
-            buf[0] = 0;
-        }
-        return 1;
-    }
-
-    /* ret := required output buffer length */
-    field_len = (EC_GROUP_get_degree(group) + 7) / 8;
-    ret =
-        (form ==
-         POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len;
-
-    /* if 'buf' is NULL, just return required length */
-    if (buf != NULL) {
-        if (len < ret) {
-            ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
-            goto err;
-        }
-
-        if (ctx == NULL) {
-            ctx = new_ctx = BN_CTX_new();
-            if (ctx == NULL)
-                return 0;
-        }
-
-        BN_CTX_start(ctx);
-        used_ctx = 1;
-        x = BN_CTX_get(ctx);
-        y = BN_CTX_get(ctx);
-        yxi = BN_CTX_get(ctx);
-        if (yxi == NULL)
-            goto err;
-
-        if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx))
-            goto err;
-
-        buf[0] = form;
-        if ((form != POINT_CONVERSION_UNCOMPRESSED) && !BN_is_zero(x)) {
-            if (!group->meth->field_div(group, yxi, y, x, ctx))
-                goto err;
-            if (BN_is_odd(yxi))
-                buf[0]++;
-        }
-
-        i = 1;
-
-        skip = field_len - BN_num_bytes(x);
-        if (skip > field_len) {
-            ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
-            goto err;
-        }
-        while (skip > 0) {
-            buf[i++] = 0;
-            skip--;
-        }
-        skip = BN_bn2bin(x, buf + i);
-        i += skip;
-        if (i != 1 + field_len) {
-            ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
-            goto err;
-        }
-
-        if (form == POINT_CONVERSION_UNCOMPRESSED
-            || form == POINT_CONVERSION_HYBRID) {
-            skip = field_len - BN_num_bytes(y);
-            if (skip > field_len) {
-                ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-            while (skip > 0) {
-                buf[i++] = 0;
-                skip--;
-            }
-            skip = BN_bn2bin(y, buf + i);
-            i += skip;
-        }
-
-        if (i != ret) {
-            ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
-            goto err;
-        }
-    }
-
-    if (used_ctx)
-        BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return ret;
-
- err:
-    if (used_ctx)
-        BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return 0;
-}
-
-/*
- * Converts an octet string representation to an EC_POINT. Note that the
- * simple implementation only uses affine coordinates.
- */
-int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
-                             const unsigned char *buf, size_t len,
-                             BN_CTX *ctx)
-{
-    point_conversion_form_t form;
-    int y_bit;
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *x, *y, *yxi;
-    size_t field_len, enc_len;
-    int ret = 0;
-
-    if (len == 0) {
-        ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_BUFFER_TOO_SMALL);
-        return 0;
-    }
-    form = buf[0];
-    y_bit = form & 1;
-    form = form & ~1U;
-    if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED)
-        && (form != POINT_CONVERSION_UNCOMPRESSED)
-        && (form != POINT_CONVERSION_HYBRID)) {
-        ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-        return 0;
-    }
-    if ((form == 0 || form == POINT_CONVERSION_UNCOMPRESSED) && y_bit) {
-        ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-        return 0;
-    }
-
-    if (form == 0) {
-        if (len != 1) {
-            ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-            return 0;
-        }
-
-        return EC_POINT_set_to_infinity(group, point);
-    }
-
-    field_len = (EC_GROUP_get_degree(group) + 7) / 8;
-    enc_len =
-        (form ==
-         POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len;
-
-    if (len != enc_len) {
-        ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-        return 0;
-    }
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL)
-            return 0;
-    }
-
-    BN_CTX_start(ctx);
-    x = BN_CTX_get(ctx);
-    y = BN_CTX_get(ctx);
-    yxi = BN_CTX_get(ctx);
-    if (yxi == NULL)
-        goto err;
-
-    if (!BN_bin2bn(buf + 1, field_len, x))
-        goto err;
-    if (BN_ucmp(x, &group->field) >= 0) {
-        ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-        goto err;
-    }
-
-    if (form == POINT_CONVERSION_COMPRESSED) {
-        if (!EC_POINT_set_compressed_coordinates_GF2m
-            (group, point, x, y_bit, ctx))
-            goto err;
-    } else {
-        if (!BN_bin2bn(buf + 1 + field_len, field_len, y))
-            goto err;
-        if (BN_ucmp(y, &group->field) >= 0) {
-            ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-            goto err;
-        }
-        if (form == POINT_CONVERSION_HYBRID) {
-            if (!group->meth->field_div(group, yxi, y, x, ctx))
-                goto err;
-            if (y_bit != BN_is_odd(yxi)) {
-                ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-                goto err;
-            }
-        }
-
-        if (!EC_POINT_set_affine_coordinates_GF2m(group, point, x, y, ctx))
-            goto err;
-    }
-
-    /* test required by X9.62 */
-    if (EC_POINT_is_on_curve(group, point, ctx) <= 0) {
-        ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_POINT_IS_NOT_ON_CURVE);
-        goto err;
-    }
-
-    ret = 1;
-
- err:
-    BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/ec/ec2_smpl.c b/thirdparty/openssl/crypto/ec/ec2_smpl.c
deleted file mode 100644
index 5b27b91fcc..0000000000
--- a/thirdparty/openssl/crypto/ec/ec2_smpl.c
+++ /dev/null
@@ -1,798 +0,0 @@
-/* crypto/ec/ec2_smpl.c */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
- * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
- * to the OpenSSL project.
- *
- * The ECC Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- *
- * The software is originally written by Sheueling Chang Shantz and
- * Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/err.h>
-
-#include "ec_lcl.h"
-
-#ifndef OPENSSL_NO_EC2M
-
-# ifdef OPENSSL_FIPS
-#  include <openssl/fips.h>
-# endif
-
-const EC_METHOD *EC_GF2m_simple_method(void)
-{
-    static const EC_METHOD ret = {
-        EC_FLAGS_DEFAULT_OCT,
-        NID_X9_62_characteristic_two_field,
-        ec_GF2m_simple_group_init,
-        ec_GF2m_simple_group_finish,
-        ec_GF2m_simple_group_clear_finish,
-        ec_GF2m_simple_group_copy,
-        ec_GF2m_simple_group_set_curve,
-        ec_GF2m_simple_group_get_curve,
-        ec_GF2m_simple_group_get_degree,
-        ec_GF2m_simple_group_check_discriminant,
-        ec_GF2m_simple_point_init,
-        ec_GF2m_simple_point_finish,
-        ec_GF2m_simple_point_clear_finish,
-        ec_GF2m_simple_point_copy,
-        ec_GF2m_simple_point_set_to_infinity,
-        0 /* set_Jprojective_coordinates_GFp */ ,
-        0 /* get_Jprojective_coordinates_GFp */ ,
-        ec_GF2m_simple_point_set_affine_coordinates,
-        ec_GF2m_simple_point_get_affine_coordinates,
-        0, 0, 0,
-        ec_GF2m_simple_add,
-        ec_GF2m_simple_dbl,
-        ec_GF2m_simple_invert,
-        ec_GF2m_simple_is_at_infinity,
-        ec_GF2m_simple_is_on_curve,
-        ec_GF2m_simple_cmp,
-        ec_GF2m_simple_make_affine,
-        ec_GF2m_simple_points_make_affine,
-
-        /*
-         * the following three method functions are defined in ec2_mult.c
-         */
-        ec_GF2m_simple_mul,
-        ec_GF2m_precompute_mult,
-        ec_GF2m_have_precompute_mult,
-
-        ec_GF2m_simple_field_mul,
-        ec_GF2m_simple_field_sqr,
-        ec_GF2m_simple_field_div,
-        0 /* field_encode */ ,
-        0 /* field_decode */ ,
-        0                       /* field_set_to_one */
-    };
-
-# ifdef OPENSSL_FIPS
-    if (FIPS_mode())
-        return fips_ec_gf2m_simple_method();
-# endif
-
-    return &ret;
-}
-
-/*
- * Initialize a GF(2^m)-based EC_GROUP structure. Note that all other members
- * are handled by EC_GROUP_new.
- */
-int ec_GF2m_simple_group_init(EC_GROUP *group)
-{
-    BN_init(&group->field);
-    BN_init(&group->a);
-    BN_init(&group->b);
-    return 1;
-}
-
-/*
- * Free a GF(2^m)-based EC_GROUP structure. Note that all other members are
- * handled by EC_GROUP_free.
- */
-void ec_GF2m_simple_group_finish(EC_GROUP *group)
-{
-    BN_free(&group->field);
-    BN_free(&group->a);
-    BN_free(&group->b);
-}
-
-/*
- * Clear and free a GF(2^m)-based EC_GROUP structure. Note that all other
- * members are handled by EC_GROUP_clear_free.
- */
-void ec_GF2m_simple_group_clear_finish(EC_GROUP *group)
-{
-    BN_clear_free(&group->field);
-    BN_clear_free(&group->a);
-    BN_clear_free(&group->b);
-    group->poly[0] = 0;
-    group->poly[1] = 0;
-    group->poly[2] = 0;
-    group->poly[3] = 0;
-    group->poly[4] = 0;
-    group->poly[5] = -1;
-}
-
-/*
- * Copy a GF(2^m)-based EC_GROUP structure. Note that all other members are
- * handled by EC_GROUP_copy.
- */
-int ec_GF2m_simple_group_copy(EC_GROUP *dest, const EC_GROUP *src)
-{
-    int i;
-    if (!BN_copy(&dest->field, &src->field))
-        return 0;
-    if (!BN_copy(&dest->a, &src->a))
-        return 0;
-    if (!BN_copy(&dest->b, &src->b))
-        return 0;
-    dest->poly[0] = src->poly[0];
-    dest->poly[1] = src->poly[1];
-    dest->poly[2] = src->poly[2];
-    dest->poly[3] = src->poly[3];
-    dest->poly[4] = src->poly[4];
-    dest->poly[5] = src->poly[5];
-    if (bn_wexpand(&dest->a, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2)
-        == NULL)
-        return 0;
-    if (bn_wexpand(&dest->b, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2)
-        == NULL)
-        return 0;
-    for (i = dest->a.top; i < dest->a.dmax; i++)
-        dest->a.d[i] = 0;
-    for (i = dest->b.top; i < dest->b.dmax; i++)
-        dest->b.d[i] = 0;
-    return 1;
-}
-
-/* Set the curve parameters of an EC_GROUP structure. */
-int ec_GF2m_simple_group_set_curve(EC_GROUP *group,
-                                   const BIGNUM *p, const BIGNUM *a,
-                                   const BIGNUM *b, BN_CTX *ctx)
-{
-    int ret = 0, i;
-
-    /* group->field */
-    if (!BN_copy(&group->field, p))
-        goto err;
-    i = BN_GF2m_poly2arr(&group->field, group->poly, 6) - 1;
-    if ((i != 5) && (i != 3)) {
-        ECerr(EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE, EC_R_UNSUPPORTED_FIELD);
-        goto err;
-    }
-
-    /* group->a */
-    if (!BN_GF2m_mod_arr(&group->a, a, group->poly))
-        goto err;
-    if (bn_wexpand(&group->a, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2)
-        == NULL)
-        goto err;
-    for (i = group->a.top; i < group->a.dmax; i++)
-        group->a.d[i] = 0;
-
-    /* group->b */
-    if (!BN_GF2m_mod_arr(&group->b, b, group->poly))
-        goto err;
-    if (bn_wexpand(&group->b, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2)
-        == NULL)
-        goto err;
-    for (i = group->b.top; i < group->b.dmax; i++)
-        group->b.d[i] = 0;
-
-    ret = 1;
- err:
-    return ret;
-}
-
-/*
- * Get the curve parameters of an EC_GROUP structure. If p, a, or b are NULL
- * then there values will not be set but the method will return with success.
- */
-int ec_GF2m_simple_group_get_curve(const EC_GROUP *group, BIGNUM *p,
-                                   BIGNUM *a, BIGNUM *b, BN_CTX *ctx)
-{
-    int ret = 0;
-
-    if (p != NULL) {
-        if (!BN_copy(p, &group->field))
-            return 0;
-    }
-
-    if (a != NULL) {
-        if (!BN_copy(a, &group->a))
-            goto err;
-    }
-
-    if (b != NULL) {
-        if (!BN_copy(b, &group->b))
-            goto err;
-    }
-
-    ret = 1;
-
- err:
-    return ret;
-}
-
-/*
- * Gets the degree of the field.  For a curve over GF(2^m) this is the value
- * m.
- */
-int ec_GF2m_simple_group_get_degree(const EC_GROUP *group)
-{
-    return BN_num_bits(&group->field) - 1;
-}
-
-/*
- * Checks the discriminant of the curve. y^2 + x*y = x^3 + a*x^2 + b is an
- * elliptic curve <=> b != 0 (mod p)
- */
-int ec_GF2m_simple_group_check_discriminant(const EC_GROUP *group,
-                                            BN_CTX *ctx)
-{
-    int ret = 0;
-    BIGNUM *b;
-    BN_CTX *new_ctx = NULL;
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL) {
-            ECerr(EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT,
-                  ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-    }
-    BN_CTX_start(ctx);
-    b = BN_CTX_get(ctx);
-    if (b == NULL)
-        goto err;
-
-    if (!BN_GF2m_mod_arr(b, &group->b, group->poly))
-        goto err;
-
-    /*
-     * check the discriminant: y^2 + x*y = x^3 + a*x^2 + b is an elliptic
-     * curve <=> b != 0 (mod p)
-     */
-    if (BN_is_zero(b))
-        goto err;
-
-    ret = 1;
-
- err:
-    if (ctx != NULL)
-        BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-
-/* Initializes an EC_POINT. */
-int ec_GF2m_simple_point_init(EC_POINT *point)
-{
-    BN_init(&point->X);
-    BN_init(&point->Y);
-    BN_init(&point->Z);
-    return 1;
-}
-
-/* Frees an EC_POINT. */
-void ec_GF2m_simple_point_finish(EC_POINT *point)
-{
-    BN_free(&point->X);
-    BN_free(&point->Y);
-    BN_free(&point->Z);
-}
-
-/* Clears and frees an EC_POINT. */
-void ec_GF2m_simple_point_clear_finish(EC_POINT *point)
-{
-    BN_clear_free(&point->X);
-    BN_clear_free(&point->Y);
-    BN_clear_free(&point->Z);
-    point->Z_is_one = 0;
-}
-
-/*
- * Copy the contents of one EC_POINT into another.  Assumes dest is
- * initialized.
- */
-int ec_GF2m_simple_point_copy(EC_POINT *dest, const EC_POINT *src)
-{
-    if (!BN_copy(&dest->X, &src->X))
-        return 0;
-    if (!BN_copy(&dest->Y, &src->Y))
-        return 0;
-    if (!BN_copy(&dest->Z, &src->Z))
-        return 0;
-    dest->Z_is_one = src->Z_is_one;
-
-    return 1;
-}
-
-/*
- * Set an EC_POINT to the point at infinity. A point at infinity is
- * represented by having Z=0.
- */
-int ec_GF2m_simple_point_set_to_infinity(const EC_GROUP *group,
-                                         EC_POINT *point)
-{
-    point->Z_is_one = 0;
-    BN_zero(&point->Z);
-    return 1;
-}
-
-/*
- * Set the coordinates of an EC_POINT using affine coordinates. Note that
- * the simple implementation only uses affine coordinates.
- */
-int ec_GF2m_simple_point_set_affine_coordinates(const EC_GROUP *group,
-                                                EC_POINT *point,
-                                                const BIGNUM *x,
-                                                const BIGNUM *y, BN_CTX *ctx)
-{
-    int ret = 0;
-    if (x == NULL || y == NULL) {
-        ECerr(EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES,
-              ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    if (!BN_copy(&point->X, x))
-        goto err;
-    BN_set_negative(&point->X, 0);
-    if (!BN_copy(&point->Y, y))
-        goto err;
-    BN_set_negative(&point->Y, 0);
-    if (!BN_copy(&point->Z, BN_value_one()))
-        goto err;
-    BN_set_negative(&point->Z, 0);
-    point->Z_is_one = 1;
-    ret = 1;
-
- err:
-    return ret;
-}
-
-/*
- * Gets the affine coordinates of an EC_POINT. Note that the simple
- * implementation only uses affine coordinates.
- */
-int ec_GF2m_simple_point_get_affine_coordinates(const EC_GROUP *group,
-                                                const EC_POINT *point,
-                                                BIGNUM *x, BIGNUM *y,
-                                                BN_CTX *ctx)
-{
-    int ret = 0;
-
-    if (EC_POINT_is_at_infinity(group, point)) {
-        ECerr(EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES,
-              EC_R_POINT_AT_INFINITY);
-        return 0;
-    }
-
-    if (BN_cmp(&point->Z, BN_value_one())) {
-        ECerr(EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES,
-              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    if (x != NULL) {
-        if (!BN_copy(x, &point->X))
-            goto err;
-        BN_set_negative(x, 0);
-    }
-    if (y != NULL) {
-        if (!BN_copy(y, &point->Y))
-            goto err;
-        BN_set_negative(y, 0);
-    }
-    ret = 1;
-
- err:
-    return ret;
-}
-
-/*
- * Computes a + b and stores the result in r.  r could be a or b, a could be
- * b. Uses algorithm A.10.2 of IEEE P1363.
- */
-int ec_GF2m_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
-                       const EC_POINT *b, BN_CTX *ctx)
-{
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *x0, *y0, *x1, *y1, *x2, *y2, *s, *t;
-    int ret = 0;
-
-    if (EC_POINT_is_at_infinity(group, a)) {
-        if (!EC_POINT_copy(r, b))
-            return 0;
-        return 1;
-    }
-
-    if (EC_POINT_is_at_infinity(group, b)) {
-        if (!EC_POINT_copy(r, a))
-            return 0;
-        return 1;
-    }
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL)
-            return 0;
-    }
-
-    BN_CTX_start(ctx);
-    x0 = BN_CTX_get(ctx);
-    y0 = BN_CTX_get(ctx);
-    x1 = BN_CTX_get(ctx);
-    y1 = BN_CTX_get(ctx);
-    x2 = BN_CTX_get(ctx);
-    y2 = BN_CTX_get(ctx);
-    s = BN_CTX_get(ctx);
-    t = BN_CTX_get(ctx);
-    if (t == NULL)
-        goto err;
-
-    if (a->Z_is_one) {
-        if (!BN_copy(x0, &a->X))
-            goto err;
-        if (!BN_copy(y0, &a->Y))
-            goto err;
-    } else {
-        if (!EC_POINT_get_affine_coordinates_GF2m(group, a, x0, y0, ctx))
-            goto err;
-    }
-    if (b->Z_is_one) {
-        if (!BN_copy(x1, &b->X))
-            goto err;
-        if (!BN_copy(y1, &b->Y))
-            goto err;
-    } else {
-        if (!EC_POINT_get_affine_coordinates_GF2m(group, b, x1, y1, ctx))
-            goto err;
-    }
-
-    if (BN_GF2m_cmp(x0, x1)) {
-        if (!BN_GF2m_add(t, x0, x1))
-            goto err;
-        if (!BN_GF2m_add(s, y0, y1))
-            goto err;
-        if (!group->meth->field_div(group, s, s, t, ctx))
-            goto err;
-        if (!group->meth->field_sqr(group, x2, s, ctx))
-            goto err;
-        if (!BN_GF2m_add(x2, x2, &group->a))
-            goto err;
-        if (!BN_GF2m_add(x2, x2, s))
-            goto err;
-        if (!BN_GF2m_add(x2, x2, t))
-            goto err;
-    } else {
-        if (BN_GF2m_cmp(y0, y1) || BN_is_zero(x1)) {
-            if (!EC_POINT_set_to_infinity(group, r))
-                goto err;
-            ret = 1;
-            goto err;
-        }
-        if (!group->meth->field_div(group, s, y1, x1, ctx))
-            goto err;
-        if (!BN_GF2m_add(s, s, x1))
-            goto err;
-
-        if (!group->meth->field_sqr(group, x2, s, ctx))
-            goto err;
-        if (!BN_GF2m_add(x2, x2, s))
-            goto err;
-        if (!BN_GF2m_add(x2, x2, &group->a))
-            goto err;
-    }
-
-    if (!BN_GF2m_add(y2, x1, x2))
-        goto err;
-    if (!group->meth->field_mul(group, y2, y2, s, ctx))
-        goto err;
-    if (!BN_GF2m_add(y2, y2, x2))
-        goto err;
-    if (!BN_GF2m_add(y2, y2, y1))
-        goto err;
-
-    if (!EC_POINT_set_affine_coordinates_GF2m(group, r, x2, y2, ctx))
-        goto err;
-
-    ret = 1;
-
- err:
-    BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-
-/*
- * Computes 2 * a and stores the result in r.  r could be a. Uses algorithm
- * A.10.2 of IEEE P1363.
- */
-int ec_GF2m_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
-                       BN_CTX *ctx)
-{
-    return ec_GF2m_simple_add(group, r, a, a, ctx);
-}
-
-int ec_GF2m_simple_invert(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
-{
-    if (EC_POINT_is_at_infinity(group, point) || BN_is_zero(&point->Y))
-        /* point is its own inverse */
-        return 1;
-
-    if (!EC_POINT_make_affine(group, point, ctx))
-        return 0;
-    return BN_GF2m_add(&point->Y, &point->X, &point->Y);
-}
-
-/* Indicates whether the given point is the point at infinity. */
-int ec_GF2m_simple_is_at_infinity(const EC_GROUP *group,
-                                  const EC_POINT *point)
-{
-    return BN_is_zero(&point->Z);
-}
-
-/*-
- * Determines whether the given EC_POINT is an actual point on the curve defined
- * in the EC_GROUP.  A point is valid if it satisfies the Weierstrass equation:
- *      y^2 + x*y = x^3 + a*x^2 + b.
- */
-int ec_GF2m_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
-                               BN_CTX *ctx)
-{
-    int ret = -1;
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *lh, *y2;
-    int (*field_mul) (const EC_GROUP *, BIGNUM *, const BIGNUM *,
-                      const BIGNUM *, BN_CTX *);
-    int (*field_sqr) (const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
-
-    if (EC_POINT_is_at_infinity(group, point))
-        return 1;
-
-    field_mul = group->meth->field_mul;
-    field_sqr = group->meth->field_sqr;
-
-    /* only support affine coordinates */
-    if (!point->Z_is_one)
-        return -1;
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL)
-            return -1;
-    }
-
-    BN_CTX_start(ctx);
-    y2 = BN_CTX_get(ctx);
-    lh = BN_CTX_get(ctx);
-    if (lh == NULL)
-        goto err;
-
-    /*-
-     * We have a curve defined by a Weierstrass equation
-     *      y^2 + x*y = x^3 + a*x^2 + b.
-     *  <=> x^3 + a*x^2 + x*y + b + y^2 = 0
-     *  <=> ((x + a) * x + y ) * x + b + y^2 = 0
-     */
-    if (!BN_GF2m_add(lh, &point->X, &group->a))
-        goto err;
-    if (!field_mul(group, lh, lh, &point->X, ctx))
-        goto err;
-    if (!BN_GF2m_add(lh, lh, &point->Y))
-        goto err;
-    if (!field_mul(group, lh, lh, &point->X, ctx))
-        goto err;
-    if (!BN_GF2m_add(lh, lh, &group->b))
-        goto err;
-    if (!field_sqr(group, y2, &point->Y, ctx))
-        goto err;
-    if (!BN_GF2m_add(lh, lh, y2))
-        goto err;
-    ret = BN_is_zero(lh);
- err:
-    if (ctx)
-        BN_CTX_end(ctx);
-    if (new_ctx)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-
-/*-
- * Indicates whether two points are equal.
- * Return values:
- *  -1   error
- *   0   equal (in affine coordinates)
- *   1   not equal
- */
-int ec_GF2m_simple_cmp(const EC_GROUP *group, const EC_POINT *a,
-                       const EC_POINT *b, BN_CTX *ctx)
-{
-    BIGNUM *aX, *aY, *bX, *bY;
-    BN_CTX *new_ctx = NULL;
-    int ret = -1;
-
-    if (EC_POINT_is_at_infinity(group, a)) {
-        return EC_POINT_is_at_infinity(group, b) ? 0 : 1;
-    }
-
-    if (EC_POINT_is_at_infinity(group, b))
-        return 1;
-
-    if (a->Z_is_one && b->Z_is_one) {
-        return ((BN_cmp(&a->X, &b->X) == 0)
-                && BN_cmp(&a->Y, &b->Y) == 0) ? 0 : 1;
-    }
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL)
-            return -1;
-    }
-
-    BN_CTX_start(ctx);
-    aX = BN_CTX_get(ctx);
-    aY = BN_CTX_get(ctx);
-    bX = BN_CTX_get(ctx);
-    bY = BN_CTX_get(ctx);
-    if (bY == NULL)
-        goto err;
-
-    if (!EC_POINT_get_affine_coordinates_GF2m(group, a, aX, aY, ctx))
-        goto err;
-    if (!EC_POINT_get_affine_coordinates_GF2m(group, b, bX, bY, ctx))
-        goto err;
-    ret = ((BN_cmp(aX, bX) == 0) && BN_cmp(aY, bY) == 0) ? 0 : 1;
-
- err:
-    if (ctx)
-        BN_CTX_end(ctx);
-    if (new_ctx)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-
-/* Forces the given EC_POINT to internally use affine coordinates. */
-int ec_GF2m_simple_make_affine(const EC_GROUP *group, EC_POINT *point,
-                               BN_CTX *ctx)
-{
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *x, *y;
-    int ret = 0;
-
-    if (point->Z_is_one || EC_POINT_is_at_infinity(group, point))
-        return 1;
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL)
-            return 0;
-    }
-
-    BN_CTX_start(ctx);
-    x = BN_CTX_get(ctx);
-    y = BN_CTX_get(ctx);
-    if (y == NULL)
-        goto err;
-
-    if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx))
-        goto err;
-    if (!BN_copy(&point->X, x))
-        goto err;
-    if (!BN_copy(&point->Y, y))
-        goto err;
-    if (!BN_one(&point->Z))
-        goto err;
-    point->Z_is_one = 1;
-
-    ret = 1;
-
- err:
-    if (ctx)
-        BN_CTX_end(ctx);
-    if (new_ctx)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-
-/*
- * Forces each of the EC_POINTs in the given array to use affine coordinates.
- */
-int ec_GF2m_simple_points_make_affine(const EC_GROUP *group, size_t num,
-                                      EC_POINT *points[], BN_CTX *ctx)
-{
-    size_t i;
-
-    for (i = 0; i < num; i++) {
-        if (!group->meth->make_affine(group, points[i], ctx))
-            return 0;
-    }
-
-    return 1;
-}
-
-/* Wrapper to simple binary polynomial field multiplication implementation. */
-int ec_GF2m_simple_field_mul(const EC_GROUP *group, BIGNUM *r,
-                             const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
-{
-    return BN_GF2m_mod_mul_arr(r, a, b, group->poly, ctx);
-}
-
-/* Wrapper to simple binary polynomial field squaring implementation. */
-int ec_GF2m_simple_field_sqr(const EC_GROUP *group, BIGNUM *r,
-                             const BIGNUM *a, BN_CTX *ctx)
-{
-    return BN_GF2m_mod_sqr_arr(r, a, group->poly, ctx);
-}
-
-/* Wrapper to simple binary polynomial field division implementation. */
-int ec_GF2m_simple_field_div(const EC_GROUP *group, BIGNUM *r,
-                             const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
-{
-    return BN_GF2m_mod_div(r, a, b, &group->field, ctx);
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/ec/ec_ameth.c b/thirdparty/openssl/crypto/ec/ec_ameth.c
deleted file mode 100644
index 2c41c6e7a9..0000000000
--- a/thirdparty/openssl/crypto/ec/ec_ameth.c
+++ /dev/null
@@ -1,967 +0,0 @@
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/ec.h>
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_CMS
-# include <openssl/cms.h>
-#endif
-#include <openssl/asn1t.h>
-#include "asn1_locl.h"
-#include "ec_lcl.h"
-
-#ifndef OPENSSL_NO_CMS
-static int ecdh_cms_decrypt(CMS_RecipientInfo *ri);
-static int ecdh_cms_encrypt(CMS_RecipientInfo *ri);
-#endif
-
-static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key)
-{
-    const EC_GROUP *group;
-    int nid;
-    if (ec_key == NULL || (group = EC_KEY_get0_group(ec_key)) == NULL) {
-        ECerr(EC_F_ECKEY_PARAM2TYPE, EC_R_MISSING_PARAMETERS);
-        return 0;
-    }
-    if (EC_GROUP_get_asn1_flag(group)
-        && (nid = EC_GROUP_get_curve_name(group)))
-        /* we have a 'named curve' => just set the OID */
-    {
-        *ppval = OBJ_nid2obj(nid);
-        *pptype = V_ASN1_OBJECT;
-    } else {                    /* explicit parameters */
-
-        ASN1_STRING *pstr = NULL;
-        pstr = ASN1_STRING_new();
-        if (!pstr)
-            return 0;
-        pstr->length = i2d_ECParameters(ec_key, &pstr->data);
-        if (pstr->length <= 0) {
-            ASN1_STRING_free(pstr);
-            ECerr(EC_F_ECKEY_PARAM2TYPE, ERR_R_EC_LIB);
-            return 0;
-        }
-        *ppval = pstr;
-        *pptype = V_ASN1_SEQUENCE;
-    }
-    return 1;
-}
-
-static int eckey_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
-{
-    EC_KEY *ec_key = pkey->pkey.ec;
-    void *pval = NULL;
-    int ptype;
-    unsigned char *penc = NULL, *p;
-    int penclen;
-
-    if (!eckey_param2type(&ptype, &pval, ec_key)) {
-        ECerr(EC_F_ECKEY_PUB_ENCODE, ERR_R_EC_LIB);
-        return 0;
-    }
-    penclen = i2o_ECPublicKey(ec_key, NULL);
-    if (penclen <= 0)
-        goto err;
-    penc = OPENSSL_malloc(penclen);
-    if (!penc)
-        goto err;
-    p = penc;
-    penclen = i2o_ECPublicKey(ec_key, &p);
-    if (penclen <= 0)
-        goto err;
-    if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_EC),
-                               ptype, pval, penc, penclen))
-        return 1;
- err:
-    if (ptype == V_ASN1_OBJECT)
-        ASN1_OBJECT_free(pval);
-    else
-        ASN1_STRING_free(pval);
-    if (penc)
-        OPENSSL_free(penc);
-    return 0;
-}
-
-static EC_KEY *eckey_type2param(int ptype, void *pval)
-{
-    EC_KEY *eckey = NULL;
-    if (ptype == V_ASN1_SEQUENCE) {
-        ASN1_STRING *pstr = pval;
-        const unsigned char *pm = NULL;
-        int pmlen;
-        pm = pstr->data;
-        pmlen = pstr->length;
-        if (!(eckey = d2i_ECParameters(NULL, &pm, pmlen))) {
-            ECerr(EC_F_ECKEY_TYPE2PARAM, EC_R_DECODE_ERROR);
-            goto ecerr;
-        }
-    } else if (ptype == V_ASN1_OBJECT) {
-        ASN1_OBJECT *poid = pval;
-        EC_GROUP *group;
-
-        /*
-         * type == V_ASN1_OBJECT => the parameters are given by an asn1 OID
-         */
-        if ((eckey = EC_KEY_new()) == NULL) {
-            ECerr(EC_F_ECKEY_TYPE2PARAM, ERR_R_MALLOC_FAILURE);
-            goto ecerr;
-        }
-        group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(poid));
-        if (group == NULL)
-            goto ecerr;
-        EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
-        if (EC_KEY_set_group(eckey, group) == 0)
-            goto ecerr;
-        EC_GROUP_free(group);
-    } else {
-        ECerr(EC_F_ECKEY_TYPE2PARAM, EC_R_DECODE_ERROR);
-        goto ecerr;
-    }
-
-    return eckey;
-
- ecerr:
-    if (eckey)
-        EC_KEY_free(eckey);
-    return NULL;
-}
-
-static int eckey_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
-{
-    const unsigned char *p = NULL;
-    void *pval;
-    int ptype, pklen;
-    EC_KEY *eckey = NULL;
-    X509_ALGOR *palg;
-
-    if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
-        return 0;
-    X509_ALGOR_get0(NULL, &ptype, &pval, palg);
-
-    eckey = eckey_type2param(ptype, pval);
-
-    if (!eckey) {
-        ECerr(EC_F_ECKEY_PUB_DECODE, ERR_R_EC_LIB);
-        return 0;
-    }
-
-    /* We have parameters now set public key */
-    if (!o2i_ECPublicKey(&eckey, &p, pklen)) {
-        ECerr(EC_F_ECKEY_PUB_DECODE, EC_R_DECODE_ERROR);
-        goto ecerr;
-    }
-
-    EVP_PKEY_assign_EC_KEY(pkey, eckey);
-    return 1;
-
- ecerr:
-    if (eckey)
-        EC_KEY_free(eckey);
-    return 0;
-}
-
-static int eckey_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
-{
-    int r;
-    const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec);
-    const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec),
-        *pb = EC_KEY_get0_public_key(b->pkey.ec);
-    if (group == NULL || pa == NULL || pb == NULL)
-        return -2;
-    r = EC_POINT_cmp(group, pa, pb, NULL);
-    if (r == 0)
-        return 1;
-    if (r == 1)
-        return 0;
-    return -2;
-}
-
-static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
-{
-    const unsigned char *p = NULL;
-    void *pval;
-    int ptype, pklen;
-    EC_KEY *eckey = NULL;
-    X509_ALGOR *palg;
-
-    if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
-        return 0;
-    X509_ALGOR_get0(NULL, &ptype, &pval, palg);
-
-    eckey = eckey_type2param(ptype, pval);
-
-    if (!eckey)
-        goto ecliberr;
-
-    /* We have parameters now set private key */
-    if (!d2i_ECPrivateKey(&eckey, &p, pklen)) {
-        ECerr(EC_F_ECKEY_PRIV_DECODE, EC_R_DECODE_ERROR);
-        goto ecerr;
-    }
-
-    /* calculate public key (if necessary) */
-    if (EC_KEY_get0_public_key(eckey) == NULL) {
-        const BIGNUM *priv_key;
-        const EC_GROUP *group;
-        EC_POINT *pub_key;
-        /*
-         * the public key was not included in the SEC1 private key =>
-         * calculate the public key
-         */
-        group = EC_KEY_get0_group(eckey);
-        pub_key = EC_POINT_new(group);
-        if (pub_key == NULL) {
-            ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
-            goto ecliberr;
-        }
-        if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group))) {
-            EC_POINT_free(pub_key);
-            ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
-            goto ecliberr;
-        }
-        priv_key = EC_KEY_get0_private_key(eckey);
-        if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, NULL)) {
-            EC_POINT_free(pub_key);
-            ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
-            goto ecliberr;
-        }
-        if (EC_KEY_set_public_key(eckey, pub_key) == 0) {
-            EC_POINT_free(pub_key);
-            ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
-            goto ecliberr;
-        }
-        EC_POINT_free(pub_key);
-    }
-
-    EVP_PKEY_assign_EC_KEY(pkey, eckey);
-    return 1;
-
- ecliberr:
-    ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
- ecerr:
-    if (eckey)
-        EC_KEY_free(eckey);
-    return 0;
-}
-
-static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
-{
-    EC_KEY ec_key = *(pkey->pkey.ec);
-    unsigned char *ep, *p;
-    int eplen, ptype;
-    void *pval;
-    unsigned int old_flags;
-
-    if (!eckey_param2type(&ptype, &pval, &ec_key)) {
-        ECerr(EC_F_ECKEY_PRIV_ENCODE, EC_R_DECODE_ERROR);
-        return 0;
-    }
-
-    /* set the private key */
-
-    /*
-     * do not include the parameters in the SEC1 private key see PKCS#11
-     * 12.11
-     */
-    old_flags = EC_KEY_get_enc_flags(&ec_key);
-    EC_KEY_set_enc_flags(&ec_key, old_flags | EC_PKEY_NO_PARAMETERS);
-
-    eplen = i2d_ECPrivateKey(&ec_key, NULL);
-    if (!eplen) {
-        ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
-        return 0;
-    }
-    ep = (unsigned char *)OPENSSL_malloc(eplen);
-    if (!ep) {
-        ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    p = ep;
-    if (!i2d_ECPrivateKey(&ec_key, &p)) {
-        OPENSSL_free(ep);
-        ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
-        return 0;
-    }
-
-    if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0,
-                         ptype, pval, ep, eplen)) {
-        OPENSSL_free(ep);
-        return 0;
-    }
-
-    return 1;
-}
-
-static int int_ec_size(const EVP_PKEY *pkey)
-{
-    return ECDSA_size(pkey->pkey.ec);
-}
-
-static int ec_bits(const EVP_PKEY *pkey)
-{
-    BIGNUM *order = BN_new();
-    const EC_GROUP *group;
-    int ret;
-
-    if (!order) {
-        ERR_clear_error();
-        return 0;
-    }
-    group = EC_KEY_get0_group(pkey->pkey.ec);
-    if (!EC_GROUP_get_order(group, order, NULL)) {
-        ERR_clear_error();
-        return 0;
-    }
-
-    ret = BN_num_bits(order);
-    BN_free(order);
-    return ret;
-}
-
-static int ec_missing_parameters(const EVP_PKEY *pkey)
-{
-    if (pkey->pkey.ec == NULL || EC_KEY_get0_group(pkey->pkey.ec) == NULL)
-        return 1;
-    return 0;
-}
-
-static int ec_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
-{
-    EC_GROUP *group = EC_GROUP_dup(EC_KEY_get0_group(from->pkey.ec));
-    if (group == NULL)
-        return 0;
-    if (EC_KEY_set_group(to->pkey.ec, group) == 0)
-        return 0;
-    EC_GROUP_free(group);
-    return 1;
-}
-
-static int ec_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
-{
-    const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec),
-        *group_b = EC_KEY_get0_group(b->pkey.ec);
-    if (group_a == NULL || group_b == NULL)
-        return -2;
-    if (EC_GROUP_cmp(group_a, group_b, NULL))
-        return 0;
-    else
-        return 1;
-}
-
-static void int_ec_free(EVP_PKEY *pkey)
-{
-    EC_KEY_free(pkey->pkey.ec);
-}
-
-static int do_EC_KEY_print(BIO *bp, const EC_KEY *x, int off, int ktype)
-{
-    unsigned char *buffer = NULL;
-    const char *ecstr;
-    size_t buf_len = 0, i;
-    int ret = 0, reason = ERR_R_BIO_LIB;
-    BIGNUM *pub_key = NULL, *order = NULL;
-    BN_CTX *ctx = NULL;
-    const EC_GROUP *group;
-    const EC_POINT *public_key;
-    const BIGNUM *priv_key;
-
-    if (x == NULL || (group = EC_KEY_get0_group(x)) == NULL) {
-        reason = ERR_R_PASSED_NULL_PARAMETER;
-        goto err;
-    }
-
-    ctx = BN_CTX_new();
-    if (ctx == NULL) {
-        reason = ERR_R_MALLOC_FAILURE;
-        goto err;
-    }
-
-    if (ktype > 0) {
-        public_key = EC_KEY_get0_public_key(x);
-        if (public_key != NULL) {
-            if ((pub_key = EC_POINT_point2bn(group, public_key,
-                                             EC_KEY_get_conv_form(x), NULL,
-                                             ctx)) == NULL) {
-                reason = ERR_R_EC_LIB;
-                goto err;
-            }
-            buf_len = (size_t)BN_num_bytes(pub_key);
-        }
-    }
-
-    if (ktype == 2) {
-        priv_key = EC_KEY_get0_private_key(x);
-        if (priv_key && (i = (size_t)BN_num_bytes(priv_key)) > buf_len)
-            buf_len = i;
-    } else
-        priv_key = NULL;
-
-    if (ktype > 0) {
-        buf_len += 10;
-        if ((buffer = OPENSSL_malloc(buf_len)) == NULL) {
-            reason = ERR_R_MALLOC_FAILURE;
-            goto err;
-        }
-    }
-    if (ktype == 2)
-        ecstr = "Private-Key";
-    else if (ktype == 1)
-        ecstr = "Public-Key";
-    else
-        ecstr = "ECDSA-Parameters";
-
-    if (!BIO_indent(bp, off, 128))
-        goto err;
-    if ((order = BN_new()) == NULL)
-        goto err;
-    if (!EC_GROUP_get_order(group, order, NULL))
-        goto err;
-    if (BIO_printf(bp, "%s: (%d bit)\n", ecstr, BN_num_bits(order)) <= 0)
-        goto err;
-
-    if ((priv_key != NULL) && !ASN1_bn_print(bp, "priv:", priv_key,
-                                             buffer, off))
-        goto err;
-    if ((pub_key != NULL) && !ASN1_bn_print(bp, "pub: ", pub_key,
-                                            buffer, off))
-        goto err;
-    if (!ECPKParameters_print(bp, group, off))
-        goto err;
-    ret = 1;
- err:
-    if (!ret)
-        ECerr(EC_F_DO_EC_KEY_PRINT, reason);
-    if (pub_key)
-        BN_free(pub_key);
-    if (order)
-        BN_free(order);
-    if (ctx)
-        BN_CTX_free(ctx);
-    if (buffer != NULL)
-        OPENSSL_free(buffer);
-    return (ret);
-}
-
-static int eckey_param_decode(EVP_PKEY *pkey,
-                              const unsigned char **pder, int derlen)
-{
-    EC_KEY *eckey;
-    if (!(eckey = d2i_ECParameters(NULL, pder, derlen))) {
-        ECerr(EC_F_ECKEY_PARAM_DECODE, ERR_R_EC_LIB);
-        return 0;
-    }
-    EVP_PKEY_assign_EC_KEY(pkey, eckey);
-    return 1;
-}
-
-static int eckey_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
-{
-    return i2d_ECParameters(pkey->pkey.ec, pder);
-}
-
-static int eckey_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
-                             ASN1_PCTX *ctx)
-{
-    return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 0);
-}
-
-static int eckey_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
-                           ASN1_PCTX *ctx)
-{
-    return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 1);
-}
-
-static int eckey_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
-                            ASN1_PCTX *ctx)
-{
-    return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 2);
-}
-
-static int old_ec_priv_decode(EVP_PKEY *pkey,
-                              const unsigned char **pder, int derlen)
-{
-    EC_KEY *ec;
-    if (!(ec = d2i_ECPrivateKey(NULL, pder, derlen))) {
-        ECerr(EC_F_OLD_EC_PRIV_DECODE, EC_R_DECODE_ERROR);
-        return 0;
-    }
-    EVP_PKEY_assign_EC_KEY(pkey, ec);
-    return 1;
-}
-
-static int old_ec_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
-{
-    return i2d_ECPrivateKey(pkey->pkey.ec, pder);
-}
-
-static int ec_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
-{
-    switch (op) {
-    case ASN1_PKEY_CTRL_PKCS7_SIGN:
-        if (arg1 == 0) {
-            int snid, hnid;
-            X509_ALGOR *alg1, *alg2;
-            PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
-            if (alg1 == NULL || alg1->algorithm == NULL)
-                return -1;
-            hnid = OBJ_obj2nid(alg1->algorithm);
-            if (hnid == NID_undef)
-                return -1;
-            if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
-                return -1;
-            X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
-        }
-        return 1;
-#ifndef OPENSSL_NO_CMS
-    case ASN1_PKEY_CTRL_CMS_SIGN:
-        if (arg1 == 0) {
-            int snid, hnid;
-            X509_ALGOR *alg1, *alg2;
-            CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2);
-            if (alg1 == NULL || alg1->algorithm == NULL)
-                return -1;
-            hnid = OBJ_obj2nid(alg1->algorithm);
-            if (hnid == NID_undef)
-                return -1;
-            if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
-                return -1;
-            X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
-        }
-        return 1;
-
-    case ASN1_PKEY_CTRL_CMS_ENVELOPE:
-        if (arg1 == 1)
-            return ecdh_cms_decrypt(arg2);
-        else if (arg1 == 0)
-            return ecdh_cms_encrypt(arg2);
-        return -2;
-
-    case ASN1_PKEY_CTRL_CMS_RI_TYPE:
-        *(int *)arg2 = CMS_RECIPINFO_AGREE;
-        return 1;
-#endif
-
-    case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
-        *(int *)arg2 = NID_sha256;
-        return 2;
-
-    default:
-        return -2;
-
-    }
-
-}
-
-const EVP_PKEY_ASN1_METHOD eckey_asn1_meth = {
-    EVP_PKEY_EC,
-    EVP_PKEY_EC,
-    0,
-    "EC",
-    "OpenSSL EC algorithm",
-
-    eckey_pub_decode,
-    eckey_pub_encode,
-    eckey_pub_cmp,
-    eckey_pub_print,
-
-    eckey_priv_decode,
-    eckey_priv_encode,
-    eckey_priv_print,
-
-    int_ec_size,
-    ec_bits,
-
-    eckey_param_decode,
-    eckey_param_encode,
-    ec_missing_parameters,
-    ec_copy_parameters,
-    ec_cmp_parameters,
-    eckey_param_print,
-    0,
-
-    int_ec_free,
-    ec_pkey_ctrl,
-    old_ec_priv_decode,
-    old_ec_priv_encode
-};
-
-#ifndef OPENSSL_NO_CMS
-
-static int ecdh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
-                                X509_ALGOR *alg, ASN1_BIT_STRING *pubkey)
-{
-    ASN1_OBJECT *aoid;
-    int atype;
-    void *aval;
-    int rv = 0;
-    EVP_PKEY *pkpeer = NULL;
-    EC_KEY *ecpeer = NULL;
-    const unsigned char *p;
-    int plen;
-    X509_ALGOR_get0(&aoid, &atype, &aval, alg);
-    if (OBJ_obj2nid(aoid) != NID_X9_62_id_ecPublicKey)
-        goto err;
-    /* If absent parameters get group from main key */
-    if (atype == V_ASN1_UNDEF || atype == V_ASN1_NULL) {
-        const EC_GROUP *grp;
-        EVP_PKEY *pk;
-        pk = EVP_PKEY_CTX_get0_pkey(pctx);
-        if (!pk)
-            goto err;
-        grp = EC_KEY_get0_group(pk->pkey.ec);
-        ecpeer = EC_KEY_new();
-        if (!ecpeer)
-            goto err;
-        if (!EC_KEY_set_group(ecpeer, grp))
-            goto err;
-    } else {
-        ecpeer = eckey_type2param(atype, aval);
-        if (!ecpeer)
-            goto err;
-    }
-    /* We have parameters now set public key */
-    plen = ASN1_STRING_length(pubkey);
-    p = ASN1_STRING_data(pubkey);
-    if (!p || !plen)
-        goto err;
-    if (!o2i_ECPublicKey(&ecpeer, &p, plen))
-        goto err;
-    pkpeer = EVP_PKEY_new();
-    if (!pkpeer)
-        goto err;
-    EVP_PKEY_set1_EC_KEY(pkpeer, ecpeer);
-    if (EVP_PKEY_derive_set_peer(pctx, pkpeer) > 0)
-        rv = 1;
- err:
-    if (ecpeer)
-        EC_KEY_free(ecpeer);
-    if (pkpeer)
-        EVP_PKEY_free(pkpeer);
-    return rv;
-}
-
-/* Set KDF parameters based on KDF NID */
-static int ecdh_cms_set_kdf_param(EVP_PKEY_CTX *pctx, int eckdf_nid)
-{
-    int kdf_nid, kdfmd_nid, cofactor;
-    const EVP_MD *kdf_md;
-    if (eckdf_nid == NID_undef)
-        return 0;
-
-    /* Lookup KDF type, cofactor mode and digest */
-    if (!OBJ_find_sigid_algs(eckdf_nid, &kdfmd_nid, &kdf_nid))
-        return 0;
-
-    if (kdf_nid == NID_dh_std_kdf)
-        cofactor = 0;
-    else if (kdf_nid == NID_dh_cofactor_kdf)
-        cofactor = 1;
-    else
-        return 0;
-
-    if (EVP_PKEY_CTX_set_ecdh_cofactor_mode(pctx, cofactor) <= 0)
-        return 0;
-
-    if (EVP_PKEY_CTX_set_ecdh_kdf_type(pctx, EVP_PKEY_ECDH_KDF_X9_62) <= 0)
-        return 0;
-
-    kdf_md = EVP_get_digestbynid(kdfmd_nid);
-    if (!kdf_md)
-        return 0;
-
-    if (EVP_PKEY_CTX_set_ecdh_kdf_md(pctx, kdf_md) <= 0)
-        return 0;
-    return 1;
-}
-
-static int ecdh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri)
-{
-    int rv = 0;
-
-    X509_ALGOR *alg, *kekalg = NULL;
-    ASN1_OCTET_STRING *ukm;
-    const unsigned char *p;
-    unsigned char *der = NULL;
-    int plen, keylen;
-    const EVP_CIPHER *kekcipher;
-    EVP_CIPHER_CTX *kekctx;
-
-    if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm))
-        return 0;
-
-    if (!ecdh_cms_set_kdf_param(pctx, OBJ_obj2nid(alg->algorithm))) {
-        ECerr(EC_F_ECDH_CMS_SET_SHARED_INFO, EC_R_KDF_PARAMETER_ERROR);
-        return 0;
-    }
-
-    if (alg->parameter->type != V_ASN1_SEQUENCE)
-        return 0;
-
-    p = alg->parameter->value.sequence->data;
-    plen = alg->parameter->value.sequence->length;
-    kekalg = d2i_X509_ALGOR(NULL, &p, plen);
-    if (!kekalg)
-        goto err;
-    kekctx = CMS_RecipientInfo_kari_get0_ctx(ri);
-    if (!kekctx)
-        goto err;
-    kekcipher = EVP_get_cipherbyobj(kekalg->algorithm);
-    if (!kekcipher || EVP_CIPHER_mode(kekcipher) != EVP_CIPH_WRAP_MODE)
-        goto err;
-    if (!EVP_EncryptInit_ex(kekctx, kekcipher, NULL, NULL, NULL))
-        goto err;
-    if (EVP_CIPHER_asn1_to_param(kekctx, kekalg->parameter) <= 0)
-        goto err;
-
-    keylen = EVP_CIPHER_CTX_key_length(kekctx);
-    if (EVP_PKEY_CTX_set_ecdh_kdf_outlen(pctx, keylen) <= 0)
-        goto err;
-
-    plen = CMS_SharedInfo_encode(&der, kekalg, ukm, keylen);
-
-    if (!plen)
-        goto err;
-
-    if (EVP_PKEY_CTX_set0_ecdh_kdf_ukm(pctx, der, plen) <= 0)
-        goto err;
-    der = NULL;
-
-    rv = 1;
- err:
-    if (kekalg)
-        X509_ALGOR_free(kekalg);
-    if (der)
-        OPENSSL_free(der);
-    return rv;
-}
-
-static int ecdh_cms_decrypt(CMS_RecipientInfo *ri)
-{
-    EVP_PKEY_CTX *pctx;
-    pctx = CMS_RecipientInfo_get0_pkey_ctx(ri);
-    if (!pctx)
-        return 0;
-    /* See if we need to set peer key */
-    if (!EVP_PKEY_CTX_get0_peerkey(pctx)) {
-        X509_ALGOR *alg;
-        ASN1_BIT_STRING *pubkey;
-        if (!CMS_RecipientInfo_kari_get0_orig_id(ri, &alg, &pubkey,
-                                                 NULL, NULL, NULL))
-            return 0;
-        if (!alg || !pubkey)
-            return 0;
-        if (!ecdh_cms_set_peerkey(pctx, alg, pubkey)) {
-            ECerr(EC_F_ECDH_CMS_DECRYPT, EC_R_PEER_KEY_ERROR);
-            return 0;
-        }
-    }
-    /* Set ECDH derivation parameters and initialise unwrap context */
-    if (!ecdh_cms_set_shared_info(pctx, ri)) {
-        ECerr(EC_F_ECDH_CMS_DECRYPT, EC_R_SHARED_INFO_ERROR);
-        return 0;
-    }
-    return 1;
-}
-
-static int ecdh_cms_encrypt(CMS_RecipientInfo *ri)
-{
-    EVP_PKEY_CTX *pctx;
-    EVP_PKEY *pkey;
-    EVP_CIPHER_CTX *ctx;
-    int keylen;
-    X509_ALGOR *talg, *wrap_alg = NULL;
-    ASN1_OBJECT *aoid;
-    ASN1_BIT_STRING *pubkey;
-    ASN1_STRING *wrap_str;
-    ASN1_OCTET_STRING *ukm;
-    unsigned char *penc = NULL;
-    int penclen;
-    int rv = 0;
-    int ecdh_nid, kdf_type, kdf_nid, wrap_nid;
-    const EVP_MD *kdf_md;
-    pctx = CMS_RecipientInfo_get0_pkey_ctx(ri);
-    if (!pctx)
-        return 0;
-    /* Get ephemeral key */
-    pkey = EVP_PKEY_CTX_get0_pkey(pctx);
-    if (!CMS_RecipientInfo_kari_get0_orig_id(ri, &talg, &pubkey,
-                                             NULL, NULL, NULL))
-        goto err;
-    X509_ALGOR_get0(&aoid, NULL, NULL, talg);
-    /* Is everything uninitialised? */
-    if (aoid == OBJ_nid2obj(NID_undef)) {
-
-        EC_KEY *eckey = pkey->pkey.ec;
-        /* Set the key */
-        unsigned char *p;
-
-        penclen = i2o_ECPublicKey(eckey, NULL);
-        if (penclen <= 0)
-            goto err;
-        penc = OPENSSL_malloc(penclen);
-        if (!penc)
-            goto err;
-        p = penc;
-        penclen = i2o_ECPublicKey(eckey, &p);
-        if (penclen <= 0)
-            goto err;
-        ASN1_STRING_set0(pubkey, penc, penclen);
-        pubkey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
-        pubkey->flags |= ASN1_STRING_FLAG_BITS_LEFT;
-
-        penc = NULL;
-        X509_ALGOR_set0(talg, OBJ_nid2obj(NID_X9_62_id_ecPublicKey),
-                        V_ASN1_UNDEF, NULL);
-    }
-
-    /* See if custom paraneters set */
-    kdf_type = EVP_PKEY_CTX_get_ecdh_kdf_type(pctx);
-    if (kdf_type <= 0)
-        goto err;
-    if (!EVP_PKEY_CTX_get_ecdh_kdf_md(pctx, &kdf_md))
-        goto err;
-    ecdh_nid = EVP_PKEY_CTX_get_ecdh_cofactor_mode(pctx);
-    if (ecdh_nid < 0)
-        goto err;
-    else if (ecdh_nid == 0)
-        ecdh_nid = NID_dh_std_kdf;
-    else if (ecdh_nid == 1)
-        ecdh_nid = NID_dh_cofactor_kdf;
-
-    if (kdf_type == EVP_PKEY_ECDH_KDF_NONE) {
-        kdf_type = EVP_PKEY_ECDH_KDF_X9_62;
-        if (EVP_PKEY_CTX_set_ecdh_kdf_type(pctx, kdf_type) <= 0)
-            goto err;
-    } else
-        /* Uknown KDF */
-        goto err;
-    if (kdf_md == NULL) {
-        /* Fixme later for better MD */
-        kdf_md = EVP_sha1();
-        if (EVP_PKEY_CTX_set_ecdh_kdf_md(pctx, kdf_md) <= 0)
-            goto err;
-    }
-
-    if (!CMS_RecipientInfo_kari_get0_alg(ri, &talg, &ukm))
-        goto err;
-
-    /* Lookup NID for KDF+cofactor+digest */
-
-    if (!OBJ_find_sigid_by_algs(&kdf_nid, EVP_MD_type(kdf_md), ecdh_nid))
-        goto err;
-    /* Get wrap NID */
-    ctx = CMS_RecipientInfo_kari_get0_ctx(ri);
-    wrap_nid = EVP_CIPHER_CTX_type(ctx);
-    keylen = EVP_CIPHER_CTX_key_length(ctx);
-
-    /* Package wrap algorithm in an AlgorithmIdentifier */
-
-    wrap_alg = X509_ALGOR_new();
-    if (!wrap_alg)
-        goto err;
-    wrap_alg->algorithm = OBJ_nid2obj(wrap_nid);
-    wrap_alg->parameter = ASN1_TYPE_new();
-    if (!wrap_alg->parameter)
-        goto err;
-    if (EVP_CIPHER_param_to_asn1(ctx, wrap_alg->parameter) <= 0)
-        goto err;
-    if (ASN1_TYPE_get(wrap_alg->parameter) == NID_undef) {
-        ASN1_TYPE_free(wrap_alg->parameter);
-        wrap_alg->parameter = NULL;
-    }
-
-    if (EVP_PKEY_CTX_set_ecdh_kdf_outlen(pctx, keylen) <= 0)
-        goto err;
-
-    penclen = CMS_SharedInfo_encode(&penc, wrap_alg, ukm, keylen);
-
-    if (!penclen)
-        goto err;
-
-    if (EVP_PKEY_CTX_set0_ecdh_kdf_ukm(pctx, penc, penclen) <= 0)
-        goto err;
-    penc = NULL;
-
-    /*
-     * Now need to wrap encoding of wrap AlgorithmIdentifier into parameter
-     * of another AlgorithmIdentifier.
-     */
-    penclen = i2d_X509_ALGOR(wrap_alg, &penc);
-    if (!penc || !penclen)
-        goto err;
-    wrap_str = ASN1_STRING_new();
-    if (!wrap_str)
-        goto err;
-    ASN1_STRING_set0(wrap_str, penc, penclen);
-    penc = NULL;
-    X509_ALGOR_set0(talg, OBJ_nid2obj(kdf_nid), V_ASN1_SEQUENCE, wrap_str);
-
-    rv = 1;
-
- err:
-    if (penc)
-        OPENSSL_free(penc);
-    if (wrap_alg)
-        X509_ALGOR_free(wrap_alg);
-    return rv;
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/ec/ec_asn1.c b/thirdparty/openssl/crypto/ec/ec_asn1.c
deleted file mode 100644
index b0cd3e1788..0000000000
--- a/thirdparty/openssl/crypto/ec/ec_asn1.c
+++ /dev/null
@@ -1,1331 +0,0 @@
-/* crypto/ec/ec_asn1.c */
-/*
- * Written by Nils Larsch for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 2000-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-#include "ec_lcl.h"
-#include <openssl/err.h>
-#include <openssl/asn1t.h>
-#include <openssl/objects.h>
-
-#define OSSL_NELEM(x)    (sizeof(x)/sizeof(x[0]))
-
-int EC_GROUP_get_basis_type(const EC_GROUP *group)
-{
-    int i;
-
-    if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
-        NID_X9_62_characteristic_two_field)
-        /* everything else is currently not supported */
-        return 0;
-
-    /* Find the last non-zero element of group->poly[] */
-    for (i = 0;
-         i < (int)OSSL_NELEM(group->poly) && group->poly[i] != 0;
-         i++)
-        continue;
-
-    if (i == 4)
-        return NID_X9_62_ppBasis;
-    else if (i == 2)
-        return NID_X9_62_tpBasis;
-    else
-        /* everything else is currently not supported */
-        return 0;
-}
-
-#ifndef OPENSSL_NO_EC2M
-int EC_GROUP_get_trinomial_basis(const EC_GROUP *group, unsigned int *k)
-{
-    if (group == NULL)
-        return 0;
-
-    if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
-        NID_X9_62_characteristic_two_field
-        || !((group->poly[0] != 0) && (group->poly[1] != 0)
-             && (group->poly[2] == 0))) {
-        ECerr(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS,
-              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-
-    if (k)
-        *k = group->poly[1];
-
-    return 1;
-}
-
-int EC_GROUP_get_pentanomial_basis(const EC_GROUP *group, unsigned int *k1,
-                                   unsigned int *k2, unsigned int *k3)
-{
-    if (group == NULL)
-        return 0;
-
-    if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
-        NID_X9_62_characteristic_two_field
-        || !((group->poly[0] != 0) && (group->poly[1] != 0)
-             && (group->poly[2] != 0) && (group->poly[3] != 0)
-             && (group->poly[4] == 0))) {
-        ECerr(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS,
-              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-
-    if (k1)
-        *k1 = group->poly[3];
-    if (k2)
-        *k2 = group->poly[2];
-    if (k3)
-        *k3 = group->poly[1];
-
-    return 1;
-}
-#endif
-
-/* some structures needed for the asn1 encoding */
-typedef struct x9_62_pentanomial_st {
-    long k1;
-    long k2;
-    long k3;
-} X9_62_PENTANOMIAL;
-
-typedef struct x9_62_characteristic_two_st {
-    long m;
-    ASN1_OBJECT *type;
-    union {
-        char *ptr;
-        /* NID_X9_62_onBasis */
-        ASN1_NULL *onBasis;
-        /* NID_X9_62_tpBasis */
-        ASN1_INTEGER *tpBasis;
-        /* NID_X9_62_ppBasis */
-        X9_62_PENTANOMIAL *ppBasis;
-        /* anything else */
-        ASN1_TYPE *other;
-    } p;
-} X9_62_CHARACTERISTIC_TWO;
-
-typedef struct x9_62_fieldid_st {
-    ASN1_OBJECT *fieldType;
-    union {
-        char *ptr;
-        /* NID_X9_62_prime_field */
-        ASN1_INTEGER *prime;
-        /* NID_X9_62_characteristic_two_field */
-        X9_62_CHARACTERISTIC_TWO *char_two;
-        /* anything else */
-        ASN1_TYPE *other;
-    } p;
-} X9_62_FIELDID;
-
-typedef struct x9_62_curve_st {
-    ASN1_OCTET_STRING *a;
-    ASN1_OCTET_STRING *b;
-    ASN1_BIT_STRING *seed;
-} X9_62_CURVE;
-
-typedef struct ec_parameters_st {
-    long version;
-    X9_62_FIELDID *fieldID;
-    X9_62_CURVE *curve;
-    ASN1_OCTET_STRING *base;
-    ASN1_INTEGER *order;
-    ASN1_INTEGER *cofactor;
-} ECPARAMETERS;
-
-struct ecpk_parameters_st {
-    int type;
-    union {
-        ASN1_OBJECT *named_curve;
-        ECPARAMETERS *parameters;
-        ASN1_NULL *implicitlyCA;
-    } value;
-} /* ECPKPARAMETERS */ ;
-
-/* SEC1 ECPrivateKey */
-typedef struct ec_privatekey_st {
-    long version;
-    ASN1_OCTET_STRING *privateKey;
-    ECPKPARAMETERS *parameters;
-    ASN1_BIT_STRING *publicKey;
-} EC_PRIVATEKEY;
-
-/* the OpenSSL ASN.1 definitions */
-ASN1_SEQUENCE(X9_62_PENTANOMIAL) = {
-        ASN1_SIMPLE(X9_62_PENTANOMIAL, k1, LONG),
-        ASN1_SIMPLE(X9_62_PENTANOMIAL, k2, LONG),
-        ASN1_SIMPLE(X9_62_PENTANOMIAL, k3, LONG)
-} ASN1_SEQUENCE_END(X9_62_PENTANOMIAL)
-
-DECLARE_ASN1_ALLOC_FUNCTIONS(X9_62_PENTANOMIAL)
-IMPLEMENT_ASN1_ALLOC_FUNCTIONS(X9_62_PENTANOMIAL)
-
-ASN1_ADB_TEMPLATE(char_two_def) = ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.other, ASN1_ANY);
-
-ASN1_ADB(X9_62_CHARACTERISTIC_TWO) = {
-        ADB_ENTRY(NID_X9_62_onBasis, ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.onBasis, ASN1_NULL)),
-        ADB_ENTRY(NID_X9_62_tpBasis, ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.tpBasis, ASN1_INTEGER)),
-        ADB_ENTRY(NID_X9_62_ppBasis, ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.ppBasis, X9_62_PENTANOMIAL))
-} ASN1_ADB_END(X9_62_CHARACTERISTIC_TWO, 0, type, 0, &char_two_def_tt, NULL);
-
-ASN1_SEQUENCE(X9_62_CHARACTERISTIC_TWO) = {
-        ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, m, LONG),
-        ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, type, ASN1_OBJECT),
-        ASN1_ADB_OBJECT(X9_62_CHARACTERISTIC_TWO)
-} ASN1_SEQUENCE_END(X9_62_CHARACTERISTIC_TWO)
-
-DECLARE_ASN1_ALLOC_FUNCTIONS(X9_62_CHARACTERISTIC_TWO)
-IMPLEMENT_ASN1_ALLOC_FUNCTIONS(X9_62_CHARACTERISTIC_TWO)
-
-ASN1_ADB_TEMPLATE(fieldID_def) = ASN1_SIMPLE(X9_62_FIELDID, p.other, ASN1_ANY);
-
-ASN1_ADB(X9_62_FIELDID) = {
-        ADB_ENTRY(NID_X9_62_prime_field, ASN1_SIMPLE(X9_62_FIELDID, p.prime, ASN1_INTEGER)),
-        ADB_ENTRY(NID_X9_62_characteristic_two_field, ASN1_SIMPLE(X9_62_FIELDID, p.char_two, X9_62_CHARACTERISTIC_TWO))
-} ASN1_ADB_END(X9_62_FIELDID, 0, fieldType, 0, &fieldID_def_tt, NULL);
-
-ASN1_SEQUENCE(X9_62_FIELDID) = {
-        ASN1_SIMPLE(X9_62_FIELDID, fieldType, ASN1_OBJECT),
-        ASN1_ADB_OBJECT(X9_62_FIELDID)
-} ASN1_SEQUENCE_END(X9_62_FIELDID)
-
-ASN1_SEQUENCE(X9_62_CURVE) = {
-        ASN1_SIMPLE(X9_62_CURVE, a, ASN1_OCTET_STRING),
-        ASN1_SIMPLE(X9_62_CURVE, b, ASN1_OCTET_STRING),
-        ASN1_OPT(X9_62_CURVE, seed, ASN1_BIT_STRING)
-} ASN1_SEQUENCE_END(X9_62_CURVE)
-
-ASN1_SEQUENCE(ECPARAMETERS) = {
-        ASN1_SIMPLE(ECPARAMETERS, version, LONG),
-        ASN1_SIMPLE(ECPARAMETERS, fieldID, X9_62_FIELDID),
-        ASN1_SIMPLE(ECPARAMETERS, curve, X9_62_CURVE),
-        ASN1_SIMPLE(ECPARAMETERS, base, ASN1_OCTET_STRING),
-        ASN1_SIMPLE(ECPARAMETERS, order, ASN1_INTEGER),
-        ASN1_OPT(ECPARAMETERS, cofactor, ASN1_INTEGER)
-} ASN1_SEQUENCE_END(ECPARAMETERS)
-
-DECLARE_ASN1_ALLOC_FUNCTIONS(ECPARAMETERS)
-IMPLEMENT_ASN1_ALLOC_FUNCTIONS(ECPARAMETERS)
-
-ASN1_CHOICE(ECPKPARAMETERS) = {
-        ASN1_SIMPLE(ECPKPARAMETERS, value.named_curve, ASN1_OBJECT),
-        ASN1_SIMPLE(ECPKPARAMETERS, value.parameters, ECPARAMETERS),
-        ASN1_SIMPLE(ECPKPARAMETERS, value.implicitlyCA, ASN1_NULL)
-} ASN1_CHOICE_END(ECPKPARAMETERS)
-
-DECLARE_ASN1_FUNCTIONS_const(ECPKPARAMETERS)
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECPKPARAMETERS, ECPKPARAMETERS)
-IMPLEMENT_ASN1_FUNCTIONS_const(ECPKPARAMETERS)
-
-ASN1_SEQUENCE(EC_PRIVATEKEY) = {
-        ASN1_SIMPLE(EC_PRIVATEKEY, version, LONG),
-        ASN1_SIMPLE(EC_PRIVATEKEY, privateKey, ASN1_OCTET_STRING),
-        ASN1_EXP_OPT(EC_PRIVATEKEY, parameters, ECPKPARAMETERS, 0),
-        ASN1_EXP_OPT(EC_PRIVATEKEY, publicKey, ASN1_BIT_STRING, 1)
-} ASN1_SEQUENCE_END(EC_PRIVATEKEY)
-
-DECLARE_ASN1_FUNCTIONS_const(EC_PRIVATEKEY)
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(EC_PRIVATEKEY, EC_PRIVATEKEY)
-IMPLEMENT_ASN1_FUNCTIONS_const(EC_PRIVATEKEY)
-
-/* some declarations of internal function */
-
-/* ec_asn1_group2field() sets the values in a X9_62_FIELDID object */
-static int ec_asn1_group2fieldid(const EC_GROUP *, X9_62_FIELDID *);
-/* ec_asn1_group2curve() sets the values in a X9_62_CURVE object */
-static int ec_asn1_group2curve(const EC_GROUP *, X9_62_CURVE *);
-/*
- * ec_asn1_parameters2group() creates a EC_GROUP object from a ECPARAMETERS
- * object
- */
-static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *);
-/*
- * ec_asn1_group2parameters() creates a ECPARAMETERS object from a EC_GROUP
- * object
- */
-static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *,
-                                              ECPARAMETERS *);
-/*
- * ec_asn1_pkparameters2group() creates a EC_GROUP object from a
- * ECPKPARAMETERS object
- */
-static EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *);
-/*
- * ec_asn1_group2pkparameters() creates a ECPKPARAMETERS object from a
- * EC_GROUP object
- */
-static ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *,
-                                                  ECPKPARAMETERS *);
-
-/* the function definitions */
-
-static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field)
-{
-    int ok = 0, nid;
-    BIGNUM *tmp = NULL;
-
-    if (group == NULL || field == NULL)
-        return 0;
-
-    /* clear the old values (if necessary) */
-    if (field->fieldType != NULL)
-        ASN1_OBJECT_free(field->fieldType);
-    if (field->p.other != NULL)
-        ASN1_TYPE_free(field->p.other);
-
-    nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group));
-    /* set OID for the field */
-    if ((field->fieldType = OBJ_nid2obj(nid)) == NULL) {
-        ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_OBJ_LIB);
-        goto err;
-    }
-
-    if (nid == NID_X9_62_prime_field) {
-        if ((tmp = BN_new()) == NULL) {
-            ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        /* the parameters are specified by the prime number p */
-        if (!EC_GROUP_get_curve_GFp(group, tmp, NULL, NULL, NULL)) {
-            ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_EC_LIB);
-            goto err;
-        }
-        /* set the prime number */
-        field->p.prime = BN_to_ASN1_INTEGER(tmp, NULL);
-        if (field->p.prime == NULL) {
-            ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_ASN1_LIB);
-            goto err;
-        }
-    } else                      /* nid == NID_X9_62_characteristic_two_field */
-#ifdef OPENSSL_NO_EC2M
-    {
-        ECerr(EC_F_EC_ASN1_GROUP2FIELDID, EC_R_GF2M_NOT_SUPPORTED);
-        goto err;
-    }
-#else
-    {
-        int field_type;
-        X9_62_CHARACTERISTIC_TWO *char_two;
-
-        field->p.char_two = X9_62_CHARACTERISTIC_TWO_new();
-        char_two = field->p.char_two;
-
-        if (char_two == NULL) {
-            ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-
-        char_two->m = (long)EC_GROUP_get_degree(group);
-
-        field_type = EC_GROUP_get_basis_type(group);
-
-        if (field_type == 0) {
-            ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_EC_LIB);
-            goto err;
-        }
-        /* set base type OID */
-        if ((char_two->type = OBJ_nid2obj(field_type)) == NULL) {
-            ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_OBJ_LIB);
-            goto err;
-        }
-
-        if (field_type == NID_X9_62_tpBasis) {
-            unsigned int k;
-
-            if (!EC_GROUP_get_trinomial_basis(group, &k))
-                goto err;
-
-            char_two->p.tpBasis = ASN1_INTEGER_new();
-            if (!char_two->p.tpBasis) {
-                ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            if (!ASN1_INTEGER_set(char_two->p.tpBasis, (long)k)) {
-                ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_ASN1_LIB);
-                goto err;
-            }
-        } else if (field_type == NID_X9_62_ppBasis) {
-            unsigned int k1, k2, k3;
-
-            if (!EC_GROUP_get_pentanomial_basis(group, &k1, &k2, &k3))
-                goto err;
-
-            char_two->p.ppBasis = X9_62_PENTANOMIAL_new();
-            if (!char_two->p.ppBasis) {
-                ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-
-            /* set k? values */
-            char_two->p.ppBasis->k1 = (long)k1;
-            char_two->p.ppBasis->k2 = (long)k2;
-            char_two->p.ppBasis->k3 = (long)k3;
-        } else {                /* field_type == NID_X9_62_onBasis */
-
-            /* for ONB the parameters are (asn1) NULL */
-            char_two->p.onBasis = ASN1_NULL_new();
-            if (!char_two->p.onBasis) {
-                ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-        }
-    }
-#endif
-
-    ok = 1;
-
- err:if (tmp)
-        BN_free(tmp);
-    return (ok);
-}
-
-static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve)
-{
-    int ok = 0, nid;
-    BIGNUM *tmp_1 = NULL, *tmp_2 = NULL;
-    unsigned char *buffer_1 = NULL, *buffer_2 = NULL,
-        *a_buf = NULL, *b_buf = NULL;
-    size_t len_1, len_2;
-    unsigned char char_zero = 0;
-
-    if (!group || !curve || !curve->a || !curve->b)
-        return 0;
-
-    if ((tmp_1 = BN_new()) == NULL || (tmp_2 = BN_new()) == NULL) {
-        ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group));
-
-    /* get a and b */
-    if (nid == NID_X9_62_prime_field) {
-        if (!EC_GROUP_get_curve_GFp(group, NULL, tmp_1, tmp_2, NULL)) {
-            ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_EC_LIB);
-            goto err;
-        }
-    }
-#ifndef OPENSSL_NO_EC2M
-    else {                      /* nid == NID_X9_62_characteristic_two_field */
-
-        if (!EC_GROUP_get_curve_GF2m(group, NULL, tmp_1, tmp_2, NULL)) {
-            ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_EC_LIB);
-            goto err;
-        }
-    }
-#endif
-    len_1 = (size_t)BN_num_bytes(tmp_1);
-    len_2 = (size_t)BN_num_bytes(tmp_2);
-
-    if (len_1 == 0) {
-        /* len_1 == 0 => a == 0 */
-        a_buf = &char_zero;
-        len_1 = 1;
-    } else {
-        if ((buffer_1 = OPENSSL_malloc(len_1)) == NULL) {
-            ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        if ((len_1 = BN_bn2bin(tmp_1, buffer_1)) == 0) {
-            ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_BN_LIB);
-            goto err;
-        }
-        a_buf = buffer_1;
-    }
-
-    if (len_2 == 0) {
-        /* len_2 == 0 => b == 0 */
-        b_buf = &char_zero;
-        len_2 = 1;
-    } else {
-        if ((buffer_2 = OPENSSL_malloc(len_2)) == NULL) {
-            ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        if ((len_2 = BN_bn2bin(tmp_2, buffer_2)) == 0) {
-            ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_BN_LIB);
-            goto err;
-        }
-        b_buf = buffer_2;
-    }
-
-    /* set a and b */
-    if (!M_ASN1_OCTET_STRING_set(curve->a, a_buf, len_1) ||
-        !M_ASN1_OCTET_STRING_set(curve->b, b_buf, len_2)) {
-        ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_ASN1_LIB);
-        goto err;
-    }
-
-    /* set the seed (optional) */
-    if (group->seed) {
-        if (!curve->seed)
-            if ((curve->seed = ASN1_BIT_STRING_new()) == NULL) {
-                ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-        curve->seed->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
-        curve->seed->flags |= ASN1_STRING_FLAG_BITS_LEFT;
-        if (!ASN1_BIT_STRING_set(curve->seed, group->seed,
-                                 (int)group->seed_len)) {
-            ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_ASN1_LIB);
-            goto err;
-        }
-    } else {
-        if (curve->seed) {
-            ASN1_BIT_STRING_free(curve->seed);
-            curve->seed = NULL;
-        }
-    }
-
-    ok = 1;
-
- err:if (buffer_1)
-        OPENSSL_free(buffer_1);
-    if (buffer_2)
-        OPENSSL_free(buffer_2);
-    if (tmp_1)
-        BN_free(tmp_1);
-    if (tmp_2)
-        BN_free(tmp_2);
-    return (ok);
-}
-
-static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *group,
-                                              ECPARAMETERS *param)
-{
-    int ok = 0;
-    size_t len = 0;
-    ECPARAMETERS *ret = NULL;
-    BIGNUM *tmp = NULL;
-    unsigned char *buffer = NULL;
-    const EC_POINT *point = NULL;
-    point_conversion_form_t form;
-
-    if ((tmp = BN_new()) == NULL) {
-        ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (param == NULL) {
-        if ((ret = ECPARAMETERS_new()) == NULL) {
-            ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-    } else
-        ret = param;
-
-    /* set the version (always one) */
-    ret->version = (long)0x1;
-
-    /* set the fieldID */
-    if (!ec_asn1_group2fieldid(group, ret->fieldID)) {
-        ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
-        goto err;
-    }
-
-    /* set the curve */
-    if (!ec_asn1_group2curve(group, ret->curve)) {
-        ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
-        goto err;
-    }
-
-    /* set the base point */
-    if ((point = EC_GROUP_get0_generator(group)) == NULL) {
-        ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, EC_R_UNDEFINED_GENERATOR);
-        goto err;
-    }
-
-    form = EC_GROUP_get_point_conversion_form(group);
-
-    len = EC_POINT_point2oct(group, point, form, NULL, len, NULL);
-    if (len == 0) {
-        ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
-        goto err;
-    }
-    if ((buffer = OPENSSL_malloc(len)) == NULL) {
-        ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    if (!EC_POINT_point2oct(group, point, form, buffer, len, NULL)) {
-        ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
-        goto err;
-    }
-    if (ret->base == NULL && (ret->base = ASN1_OCTET_STRING_new()) == NULL) {
-        ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    if (!ASN1_OCTET_STRING_set(ret->base, buffer, len)) {
-        ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
-        goto err;
-    }
-
-    /* set the order */
-    if (!EC_GROUP_get_order(group, tmp, NULL)) {
-        ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
-        goto err;
-    }
-    ret->order = BN_to_ASN1_INTEGER(tmp, ret->order);
-    if (ret->order == NULL) {
-        ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
-        goto err;
-    }
-
-    /* set the cofactor (optional) */
-    if (EC_GROUP_get_cofactor(group, tmp, NULL)) {
-        ret->cofactor = BN_to_ASN1_INTEGER(tmp, ret->cofactor);
-        if (ret->cofactor == NULL) {
-            ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
-            goto err;
-        }
-    }
-
-    ok = 1;
-
- err:if (!ok) {
-        if (ret && !param)
-            ECPARAMETERS_free(ret);
-        ret = NULL;
-    }
-    if (tmp)
-        BN_free(tmp);
-    if (buffer)
-        OPENSSL_free(buffer);
-    return (ret);
-}
-
-ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *group,
-                                           ECPKPARAMETERS *params)
-{
-    int ok = 1, tmp;
-    ECPKPARAMETERS *ret = params;
-
-    if (ret == NULL) {
-        if ((ret = ECPKPARAMETERS_new()) == NULL) {
-            ECerr(EC_F_EC_ASN1_GROUP2PKPARAMETERS, ERR_R_MALLOC_FAILURE);
-            return NULL;
-        }
-    } else {
-        if (ret->type == 0 && ret->value.named_curve)
-            ASN1_OBJECT_free(ret->value.named_curve);
-        else if (ret->type == 1 && ret->value.parameters)
-            ECPARAMETERS_free(ret->value.parameters);
-    }
-
-    if (EC_GROUP_get_asn1_flag(group)) {
-        /*
-         * use the asn1 OID to describe the the elliptic curve parameters
-         */
-        tmp = EC_GROUP_get_curve_name(group);
-        if (tmp) {
-            ret->type = 0;
-            if ((ret->value.named_curve = OBJ_nid2obj(tmp)) == NULL)
-                ok = 0;
-        } else
-            /* we don't kmow the nid => ERROR */
-            ok = 0;
-    } else {
-        /* use the ECPARAMETERS structure */
-        ret->type = 1;
-        if ((ret->value.parameters =
-             ec_asn1_group2parameters(group, NULL)) == NULL)
-            ok = 0;
-    }
-
-    if (!ok) {
-        ECPKPARAMETERS_free(ret);
-        return NULL;
-    }
-    return ret;
-}
-
-static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
-{
-    int ok = 0, tmp;
-    EC_GROUP *ret = NULL;
-    BIGNUM *p = NULL, *a = NULL, *b = NULL;
-    EC_POINT *point = NULL;
-    long field_bits;
-
-    if (!params->fieldID || !params->fieldID->fieldType ||
-        !params->fieldID->p.ptr) {
-        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
-        goto err;
-    }
-
-    /* now extract the curve parameters a and b */
-    if (!params->curve || !params->curve->a ||
-        !params->curve->a->data || !params->curve->b ||
-        !params->curve->b->data) {
-        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
-        goto err;
-    }
-    a = BN_bin2bn(params->curve->a->data, params->curve->a->length, NULL);
-    if (a == NULL) {
-        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_BN_LIB);
-        goto err;
-    }
-    b = BN_bin2bn(params->curve->b->data, params->curve->b->length, NULL);
-    if (b == NULL) {
-        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_BN_LIB);
-        goto err;
-    }
-
-    /* get the field parameters */
-    tmp = OBJ_obj2nid(params->fieldID->fieldType);
-    if (tmp == NID_X9_62_characteristic_two_field)
-#ifdef OPENSSL_NO_EC2M
-    {
-        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_GF2M_NOT_SUPPORTED);
-        goto err;
-    }
-#else
-    {
-        X9_62_CHARACTERISTIC_TWO *char_two;
-
-        char_two = params->fieldID->p.char_two;
-
-        field_bits = char_two->m;
-        if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS) {
-            ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_FIELD_TOO_LARGE);
-            goto err;
-        }
-
-        if ((p = BN_new()) == NULL) {
-            ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-
-        /* get the base type */
-        tmp = OBJ_obj2nid(char_two->type);
-
-        if (tmp == NID_X9_62_tpBasis) {
-            long tmp_long;
-
-            if (!char_two->p.tpBasis) {
-                ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
-                goto err;
-            }
-
-            tmp_long = ASN1_INTEGER_get(char_two->p.tpBasis);
-
-            if (!(char_two->m > tmp_long && tmp_long > 0)) {
-                ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP,
-                      EC_R_INVALID_TRINOMIAL_BASIS);
-                goto err;
-            }
-
-            /* create the polynomial */
-            if (!BN_set_bit(p, (int)char_two->m))
-                goto err;
-            if (!BN_set_bit(p, (int)tmp_long))
-                goto err;
-            if (!BN_set_bit(p, 0))
-                goto err;
-        } else if (tmp == NID_X9_62_ppBasis) {
-            X9_62_PENTANOMIAL *penta;
-
-            penta = char_two->p.ppBasis;
-            if (!penta) {
-                ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
-                goto err;
-            }
-
-            if (!
-                (char_two->m > penta->k3 && penta->k3 > penta->k2
-                 && penta->k2 > penta->k1 && penta->k1 > 0)) {
-                ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP,
-                      EC_R_INVALID_PENTANOMIAL_BASIS);
-                goto err;
-            }
-
-            /* create the polynomial */
-            if (!BN_set_bit(p, (int)char_two->m))
-                goto err;
-            if (!BN_set_bit(p, (int)penta->k1))
-                goto err;
-            if (!BN_set_bit(p, (int)penta->k2))
-                goto err;
-            if (!BN_set_bit(p, (int)penta->k3))
-                goto err;
-            if (!BN_set_bit(p, 0))
-                goto err;
-        } else if (tmp == NID_X9_62_onBasis) {
-            ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_NOT_IMPLEMENTED);
-            goto err;
-        } else {                /* error */
-
-            ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
-            goto err;
-        }
-
-        /* create the EC_GROUP structure */
-        ret = EC_GROUP_new_curve_GF2m(p, a, b, NULL);
-    }
-#endif
-    else if (tmp == NID_X9_62_prime_field) {
-        /* we have a curve over a prime field */
-        /* extract the prime number */
-        if (!params->fieldID->p.prime) {
-            ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
-            goto err;
-        }
-        p = ASN1_INTEGER_to_BN(params->fieldID->p.prime, NULL);
-        if (p == NULL) {
-            ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
-            goto err;
-        }
-
-        if (BN_is_negative(p) || BN_is_zero(p)) {
-            ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_FIELD);
-            goto err;
-        }
-
-        field_bits = BN_num_bits(p);
-        if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS) {
-            ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_FIELD_TOO_LARGE);
-            goto err;
-        }
-
-        /* create the EC_GROUP structure */
-        ret = EC_GROUP_new_curve_GFp(p, a, b, NULL);
-    } else {
-        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_FIELD);
-        goto err;
-    }
-
-    if (ret == NULL) {
-        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
-        goto err;
-    }
-
-    /* extract seed (optional) */
-    if (params->curve->seed != NULL) {
-        if (ret->seed != NULL)
-            OPENSSL_free(ret->seed);
-        if (!(ret->seed = OPENSSL_malloc(params->curve->seed->length))) {
-            ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        memcpy(ret->seed, params->curve->seed->data,
-               params->curve->seed->length);
-        ret->seed_len = params->curve->seed->length;
-    }
-
-    if (!params->order || !params->base || !params->base->data) {
-        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
-        goto err;
-    }
-
-    if ((point = EC_POINT_new(ret)) == NULL)
-        goto err;
-
-    /* set the point conversion form */
-    EC_GROUP_set_point_conversion_form(ret, (point_conversion_form_t)
-                                       (params->base->data[0] & ~0x01));
-
-    /* extract the ec point */
-    if (!EC_POINT_oct2point(ret, point, params->base->data,
-                            params->base->length, NULL)) {
-        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
-        goto err;
-    }
-
-    /* extract the order */
-    if ((a = ASN1_INTEGER_to_BN(params->order, a)) == NULL) {
-        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
-        goto err;
-    }
-    if (BN_is_negative(a) || BN_is_zero(a)) {
-        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_GROUP_ORDER);
-        goto err;
-    }
-    if (BN_num_bits(a) > (int)field_bits + 1) { /* Hasse bound */
-        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_GROUP_ORDER);
-        goto err;
-    }
-
-    /* extract the cofactor (optional) */
-    if (params->cofactor == NULL) {
-        if (b) {
-            BN_free(b);
-            b = NULL;
-        }
-    } else if ((b = ASN1_INTEGER_to_BN(params->cofactor, b)) == NULL) {
-        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
-        goto err;
-    }
-    /* set the generator, order and cofactor (if present) */
-    if (!EC_GROUP_set_generator(ret, point, a, b)) {
-        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
-        goto err;
-    }
-
-    ok = 1;
-
- err:if (!ok) {
-        if (ret)
-            EC_GROUP_clear_free(ret);
-        ret = NULL;
-    }
-
-    if (p)
-        BN_free(p);
-    if (a)
-        BN_free(a);
-    if (b)
-        BN_free(b);
-    if (point)
-        EC_POINT_free(point);
-    return (ret);
-}
-
-EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *params)
-{
-    EC_GROUP *ret = NULL;
-    int tmp = 0;
-
-    if (params == NULL) {
-        ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, EC_R_MISSING_PARAMETERS);
-        return NULL;
-    }
-
-    if (params->type == 0) {    /* the curve is given by an OID */
-        tmp = OBJ_obj2nid(params->value.named_curve);
-        if ((ret = EC_GROUP_new_by_curve_name(tmp)) == NULL) {
-            ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP,
-                  EC_R_EC_GROUP_NEW_BY_NAME_FAILURE);
-            return NULL;
-        }
-        EC_GROUP_set_asn1_flag(ret, OPENSSL_EC_NAMED_CURVE);
-    } else if (params->type == 1) { /* the parameters are given by a
-                                     * ECPARAMETERS structure */
-        ret = ec_asn1_parameters2group(params->value.parameters);
-        if (!ret) {
-            ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, ERR_R_EC_LIB);
-            return NULL;
-        }
-        EC_GROUP_set_asn1_flag(ret, 0x0);
-    } else if (params->type == 2) { /* implicitlyCA */
-        return NULL;
-    } else {
-        ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, EC_R_ASN1_ERROR);
-        return NULL;
-    }
-
-    return ret;
-}
-
-/* EC_GROUP <-> DER encoding of ECPKPARAMETERS */
-
-EC_GROUP *d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len)
-{
-    EC_GROUP *group = NULL;
-    ECPKPARAMETERS *params = NULL;
-    const unsigned char *p = *in;
-
-    if ((params = d2i_ECPKPARAMETERS(NULL, &p, len)) == NULL) {
-        ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_D2I_ECPKPARAMETERS_FAILURE);
-        ECPKPARAMETERS_free(params);
-        return NULL;
-    }
-
-    if ((group = ec_asn1_pkparameters2group(params)) == NULL) {
-        ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_PKPARAMETERS2GROUP_FAILURE);
-        ECPKPARAMETERS_free(params);
-        return NULL;
-    }
-
-    if (a && *a)
-        EC_GROUP_clear_free(*a);
-    if (a)
-        *a = group;
-
-    ECPKPARAMETERS_free(params);
-    *in = p;
-    return (group);
-}
-
-int i2d_ECPKParameters(const EC_GROUP *a, unsigned char **out)
-{
-    int ret = 0;
-    ECPKPARAMETERS *tmp = ec_asn1_group2pkparameters(a, NULL);
-    if (tmp == NULL) {
-        ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_GROUP2PKPARAMETERS_FAILURE);
-        return 0;
-    }
-    if ((ret = i2d_ECPKPARAMETERS(tmp, out)) == 0) {
-        ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_I2D_ECPKPARAMETERS_FAILURE);
-        ECPKPARAMETERS_free(tmp);
-        return 0;
-    }
-    ECPKPARAMETERS_free(tmp);
-    return (ret);
-}
-
-/* some EC_KEY functions */
-
-EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
-{
-    int ok = 0;
-    EC_KEY *ret = NULL;
-    EC_PRIVATEKEY *priv_key = NULL;
-    const unsigned char *p = *in;
-
-    if ((priv_key = d2i_EC_PRIVATEKEY(NULL, &p, len)) == NULL) {
-        ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
-        return NULL;
-    }
-
-    if (a == NULL || *a == NULL) {
-        if ((ret = EC_KEY_new()) == NULL) {
-            ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-    } else
-        ret = *a;
-
-    if (priv_key->parameters) {
-        if (ret->group)
-            EC_GROUP_clear_free(ret->group);
-        ret->group = ec_asn1_pkparameters2group(priv_key->parameters);
-    }
-
-    if (ret->group == NULL) {
-        ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
-        goto err;
-    }
-
-    ret->version = priv_key->version;
-
-    if (priv_key->privateKey) {
-        ret->priv_key = BN_bin2bn(M_ASN1_STRING_data(priv_key->privateKey),
-                                  M_ASN1_STRING_length(priv_key->privateKey),
-                                  ret->priv_key);
-        if (ret->priv_key == NULL) {
-            ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_BN_LIB);
-            goto err;
-        }
-    } else {
-        ECerr(EC_F_D2I_ECPRIVATEKEY, EC_R_MISSING_PRIVATE_KEY);
-        goto err;
-    }
-
-    if (ret->pub_key)
-        EC_POINT_clear_free(ret->pub_key);
-    ret->pub_key = EC_POINT_new(ret->group);
-    if (ret->pub_key == NULL) {
-        ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
-        goto err;
-    }
-
-    if (priv_key->publicKey) {
-        const unsigned char *pub_oct;
-        int pub_oct_len;
-
-        pub_oct = M_ASN1_STRING_data(priv_key->publicKey);
-        pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey);
-        /*
-         * The first byte - point conversion form - must be present.
-         */
-        if (pub_oct_len <= 0) {
-            ECerr(EC_F_D2I_ECPRIVATEKEY, EC_R_BUFFER_TOO_SMALL);
-            goto err;
-        }
-        /* Save the point conversion form. */
-        ret->conv_form = (point_conversion_form_t) (pub_oct[0] & ~0x01);
-        if (!EC_POINT_oct2point(ret->group, ret->pub_key,
-                                pub_oct, (size_t)(pub_oct_len), NULL)) {
-            ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
-            goto err;
-        }
-    } else {
-        if (!EC_POINT_mul
-            (ret->group, ret->pub_key, ret->priv_key, NULL, NULL, NULL)) {
-            ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
-            goto err;
-        }
-        /* Remember the original private-key-only encoding. */
-        ret->enc_flag |= EC_PKEY_NO_PUBKEY;
-    }
-
-    if (a)
-        *a = ret;
-    *in = p;
-    ok = 1;
- err:
-    if (!ok) {
-        if (ret && (a == NULL || *a != ret))
-            EC_KEY_free(ret);
-        ret = NULL;
-    }
-
-    if (priv_key)
-        EC_PRIVATEKEY_free(priv_key);
-
-    return (ret);
-}
-
-int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out)
-{
-    int ret = 0, ok = 0;
-    unsigned char *buffer = NULL;
-    size_t buf_len = 0, tmp_len, bn_len;
-    EC_PRIVATEKEY *priv_key = NULL;
-
-    if (a == NULL || a->group == NULL || a->priv_key == NULL ||
-        (!(a->enc_flag & EC_PKEY_NO_PUBKEY) && a->pub_key == NULL)) {
-        ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
-        goto err;
-    }
-
-    if ((priv_key = EC_PRIVATEKEY_new()) == NULL) {
-        ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    priv_key->version = a->version;
-
-    bn_len = (size_t)BN_num_bytes(a->priv_key);
-
-    /* Octetstring may need leading zeros if BN is to short */
-
-    buf_len = (EC_GROUP_get_degree(a->group) + 7) / 8;
-
-    if (bn_len > buf_len) {
-        ECerr(EC_F_I2D_ECPRIVATEKEY, EC_R_BUFFER_TOO_SMALL);
-        goto err;
-    }
-
-    buffer = OPENSSL_malloc(buf_len);
-    if (buffer == NULL) {
-        ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (!BN_bn2bin(a->priv_key, buffer + buf_len - bn_len)) {
-        ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_BN_LIB);
-        goto err;
-    }
-
-    if (buf_len - bn_len > 0) {
-        memset(buffer, 0, buf_len - bn_len);
-    }
-
-    if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len)) {
-        ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB);
-        goto err;
-    }
-
-    if (!(a->enc_flag & EC_PKEY_NO_PARAMETERS)) {
-        if ((priv_key->parameters =
-             ec_asn1_group2pkparameters(a->group,
-                                        priv_key->parameters)) == NULL) {
-            ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
-            goto err;
-        }
-    }
-
-    if (!(a->enc_flag & EC_PKEY_NO_PUBKEY)) {
-        priv_key->publicKey = M_ASN1_BIT_STRING_new();
-        if (priv_key->publicKey == NULL) {
-            ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-
-        tmp_len = EC_POINT_point2oct(a->group, a->pub_key,
-                                     a->conv_form, NULL, 0, NULL);
-
-        if (tmp_len > buf_len) {
-            unsigned char *tmp_buffer = OPENSSL_realloc(buffer, tmp_len);
-            if (!tmp_buffer) {
-                ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            buffer = tmp_buffer;
-            buf_len = tmp_len;
-        }
-
-        if (!EC_POINT_point2oct(a->group, a->pub_key,
-                                a->conv_form, buffer, buf_len, NULL)) {
-            ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
-            goto err;
-        }
-
-        priv_key->publicKey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
-        priv_key->publicKey->flags |= ASN1_STRING_FLAG_BITS_LEFT;
-        if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer, buf_len)) {
-            ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB);
-            goto err;
-        }
-    }
-
-    if ((ret = i2d_EC_PRIVATEKEY(priv_key, out)) == 0) {
-        ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
-        goto err;
-    }
-    ok = 1;
- err:
-    if (buffer)
-        OPENSSL_free(buffer);
-    if (priv_key)
-        EC_PRIVATEKEY_free(priv_key);
-    return (ok ? ret : 0);
-}
-
-int i2d_ECParameters(EC_KEY *a, unsigned char **out)
-{
-    if (a == NULL) {
-        ECerr(EC_F_I2D_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    return i2d_ECPKParameters(a->group, out);
-}
-
-EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len)
-{
-    EC_KEY *ret;
-
-    if (in == NULL || *in == NULL) {
-        ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER);
-        return NULL;
-    }
-
-    if (a == NULL || *a == NULL) {
-        if ((ret = EC_KEY_new()) == NULL) {
-            ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_MALLOC_FAILURE);
-            return NULL;
-        }
-    } else
-        ret = *a;
-
-    if (!d2i_ECPKParameters(&ret->group, in, len)) {
-        ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_EC_LIB);
-        if (a == NULL || *a != ret)
-             EC_KEY_free(ret);
-        return NULL;
-    }
-
-    if (a)
-        *a = ret;
-
-    return ret;
-}
-
-EC_KEY *o2i_ECPublicKey(EC_KEY **a, const unsigned char **in, long len)
-{
-    EC_KEY *ret = NULL;
-
-    if (a == NULL || (*a) == NULL || (*a)->group == NULL) {
-        /*
-         * sorry, but a EC_GROUP-structur is necessary to set the public key
-         */
-        ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    ret = *a;
-    if (ret->pub_key == NULL &&
-        (ret->pub_key = EC_POINT_new(ret->group)) == NULL) {
-        ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    if (!EC_POINT_oct2point(ret->group, ret->pub_key, *in, len, NULL)) {
-        ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_EC_LIB);
-        return 0;
-    }
-    /* save the point conversion form */
-    ret->conv_form = (point_conversion_form_t) (*in[0] & ~0x01);
-    *in += len;
-    return ret;
-}
-
-int i2o_ECPublicKey(EC_KEY *a, unsigned char **out)
-{
-    size_t buf_len = 0;
-    int new_buffer = 0;
-
-    if (a == NULL) {
-        ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    buf_len = EC_POINT_point2oct(a->group, a->pub_key,
-                                 a->conv_form, NULL, 0, NULL);
-
-    if (out == NULL || buf_len == 0)
-        /* out == NULL => just return the length of the octet string */
-        return buf_len;
-
-    if (*out == NULL) {
-        if ((*out = OPENSSL_malloc(buf_len)) == NULL) {
-            ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-        new_buffer = 1;
-    }
-    if (!EC_POINT_point2oct(a->group, a->pub_key, a->conv_form,
-                            *out, buf_len, NULL)) {
-        ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_EC_LIB);
-        if (new_buffer) {
-            OPENSSL_free(*out);
-            *out = NULL;
-        }
-        return 0;
-    }
-    if (!new_buffer)
-        *out += buf_len;
-    return buf_len;
-}
diff --git a/thirdparty/openssl/crypto/ec/ec_check.c b/thirdparty/openssl/crypto/ec/ec_check.c
deleted file mode 100644
index dd6f0ac409..0000000000
--- a/thirdparty/openssl/crypto/ec/ec_check.c
+++ /dev/null
@@ -1,120 +0,0 @@
-/* crypto/ec/ec_check.c */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ec_lcl.h"
-#include <openssl/err.h>
-
-int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx)
-{
-    int ret = 0;
-    BIGNUM *order;
-    BN_CTX *new_ctx = NULL;
-    EC_POINT *point = NULL;
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL) {
-            ECerr(EC_F_EC_GROUP_CHECK, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-    }
-    BN_CTX_start(ctx);
-    if ((order = BN_CTX_get(ctx)) == NULL)
-        goto err;
-
-    /* check the discriminant */
-    if (!EC_GROUP_check_discriminant(group, ctx)) {
-        ECerr(EC_F_EC_GROUP_CHECK, EC_R_DISCRIMINANT_IS_ZERO);
-        goto err;
-    }
-
-    /* check the generator */
-    if (group->generator == NULL) {
-        ECerr(EC_F_EC_GROUP_CHECK, EC_R_UNDEFINED_GENERATOR);
-        goto err;
-    }
-    if (EC_POINT_is_on_curve(group, group->generator, ctx) <= 0) {
-        ECerr(EC_F_EC_GROUP_CHECK, EC_R_POINT_IS_NOT_ON_CURVE);
-        goto err;
-    }
-
-    /* check the order of the generator */
-    if ((point = EC_POINT_new(group)) == NULL)
-        goto err;
-    if (!EC_GROUP_get_order(group, order, ctx))
-        goto err;
-    if (BN_is_zero(order)) {
-        ECerr(EC_F_EC_GROUP_CHECK, EC_R_UNDEFINED_ORDER);
-        goto err;
-    }
-
-    if (!EC_POINT_mul(group, point, order, NULL, NULL, ctx))
-        goto err;
-    if (!EC_POINT_is_at_infinity(group, point)) {
-        ECerr(EC_F_EC_GROUP_CHECK, EC_R_INVALID_GROUP_ORDER);
-        goto err;
-    }
-
-    ret = 1;
-
- err:
-    if (ctx != NULL)
-        BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    if (point)
-        EC_POINT_free(point);
-    return ret;
-}
diff --git a/thirdparty/openssl/crypto/ec/ec_curve.c b/thirdparty/openssl/crypto/ec/ec_curve.c
deleted file mode 100644
index 6dbe9d8258..0000000000
--- a/thirdparty/openssl/crypto/ec/ec_curve.c
+++ /dev/null
@@ -1,3248 +0,0 @@
-/* crypto/ec/ec_curve.c */
-/*
- * Written by Nils Larsch for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2010 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * The elliptic curve binary polynomial software is originally written by
- * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-#include <string.h>
-#include "ec_lcl.h"
-#include <openssl/err.h>
-#include <openssl/obj_mac.h>
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
-typedef struct {
-    int field_type,             /* either NID_X9_62_prime_field or
-                                 * NID_X9_62_characteristic_two_field */
-     seed_len, param_len;
-    unsigned int cofactor;      /* promoted to BN_ULONG */
-} EC_CURVE_DATA;
-
-/* the nist prime curves */
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 24 * 6];
-} _EC_NIST_PRIME_192 = {
-    {
-        NID_X9_62_prime_field, 20, 24, 1
-    },
-    {
-        /* seed */
-        0x30, 0x45, 0xAE, 0x6F, 0xC8, 0x42, 0x2F, 0x64, 0xED, 0x57, 0x95, 0x28,
-        0xD3, 0x81, 0x20, 0xEA, 0xE1, 0x21, 0x96, 0xD5,
-        /* p */
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        /* a */
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
-        /* b */
-        0x64, 0x21, 0x05, 0x19, 0xE5, 0x9C, 0x80, 0xE7, 0x0F, 0xA7, 0xE9, 0xAB,
-        0x72, 0x24, 0x30, 0x49, 0xFE, 0xB8, 0xDE, 0xEC, 0xC1, 0x46, 0xB9, 0xB1,
-        /* x */
-        0x18, 0x8D, 0xA8, 0x0E, 0xB0, 0x30, 0x90, 0xF6, 0x7C, 0xBF, 0x20, 0xEB,
-        0x43, 0xA1, 0x88, 0x00, 0xF4, 0xFF, 0x0A, 0xFD, 0x82, 0xFF, 0x10, 0x12,
-        /* y */
-        0x07, 0x19, 0x2b, 0x95, 0xff, 0xc8, 0xda, 0x78, 0x63, 0x10, 0x11, 0xed,
-        0x6b, 0x24, 0xcd, 0xd5, 0x73, 0xf9, 0x77, 0xa1, 0x1e, 0x79, 0x48, 0x11,
-        /* order */
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0x99, 0xDE, 0xF8, 0x36, 0x14, 0x6B, 0xC9, 0xB1, 0xB4, 0xD2, 0x28, 0x31
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 28 * 6];
-} _EC_NIST_PRIME_224 = {
-    {
-        NID_X9_62_prime_field, 20, 28, 1
-    },
-    {
-        /* seed */
-        0xBD, 0x71, 0x34, 0x47, 0x99, 0xD5, 0xC7, 0xFC, 0xDC, 0x45, 0xB5, 0x9F,
-        0xA3, 0xB9, 0xAB, 0x8F, 0x6A, 0x94, 0x8B, 0xC5,
-        /* p */
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x01,
-        /* a */
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFE,
-        /* b */
-        0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, 0xF5, 0x41, 0x32, 0x56,
-        0x50, 0x44, 0xB0, 0xB7, 0xD7, 0xBF, 0xD8, 0xBA, 0x27, 0x0B, 0x39, 0x43,
-        0x23, 0x55, 0xFF, 0xB4,
-        /* x */
-        0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, 0x32, 0x13, 0x90, 0xB9,
-        0x4A, 0x03, 0xC1, 0xD3, 0x56, 0xC2, 0x11, 0x22, 0x34, 0x32, 0x80, 0xD6,
-        0x11, 0x5C, 0x1D, 0x21,
-        /* y */
-        0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22, 0xdf, 0xe6,
-        0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64, 0x44, 0xd5, 0x81, 0x99,
-        0x85, 0x00, 0x7e, 0x34,
-        /* order */
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0x16, 0xA2, 0xE0, 0xB8, 0xF0, 0x3E, 0x13, 0xDD, 0x29, 0x45,
-        0x5C, 0x5C, 0x2A, 0x3D
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 48 * 6];
-} _EC_NIST_PRIME_384 = {
-    {
-        NID_X9_62_prime_field, 20, 48, 1
-    },
-    {
-        /* seed */
-        0xA3, 0x35, 0x92, 0x6A, 0xA3, 0x19, 0xA2, 0x7A, 0x1D, 0x00, 0x89, 0x6A,
-        0x67, 0x73, 0xA4, 0x82, 0x7A, 0xCD, 0xAC, 0x73,
-        /* p */
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
-        /* a */
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFC,
-        /* b */
-        0xB3, 0x31, 0x2F, 0xA7, 0xE2, 0x3E, 0xE7, 0xE4, 0x98, 0x8E, 0x05, 0x6B,
-        0xE3, 0xF8, 0x2D, 0x19, 0x18, 0x1D, 0x9C, 0x6E, 0xFE, 0x81, 0x41, 0x12,
-        0x03, 0x14, 0x08, 0x8F, 0x50, 0x13, 0x87, 0x5A, 0xC6, 0x56, 0x39, 0x8D,
-        0x8A, 0x2E, 0xD1, 0x9D, 0x2A, 0x85, 0xC8, 0xED, 0xD3, 0xEC, 0x2A, 0xEF,
-        /* x */
-        0xAA, 0x87, 0xCA, 0x22, 0xBE, 0x8B, 0x05, 0x37, 0x8E, 0xB1, 0xC7, 0x1E,
-        0xF3, 0x20, 0xAD, 0x74, 0x6E, 0x1D, 0x3B, 0x62, 0x8B, 0xA7, 0x9B, 0x98,
-        0x59, 0xF7, 0x41, 0xE0, 0x82, 0x54, 0x2A, 0x38, 0x55, 0x02, 0xF2, 0x5D,
-        0xBF, 0x55, 0x29, 0x6C, 0x3A, 0x54, 0x5E, 0x38, 0x72, 0x76, 0x0A, 0xB7,
-        /* y */
-        0x36, 0x17, 0xde, 0x4a, 0x96, 0x26, 0x2c, 0x6f, 0x5d, 0x9e, 0x98, 0xbf,
-        0x92, 0x92, 0xdc, 0x29, 0xf8, 0xf4, 0x1d, 0xbd, 0x28, 0x9a, 0x14, 0x7c,
-        0xe9, 0xda, 0x31, 0x13, 0xb5, 0xf0, 0xb8, 0xc0, 0x0a, 0x60, 0xb1, 0xce,
-        0x1d, 0x7e, 0x81, 0x9d, 0x7a, 0x43, 0x1d, 0x7c, 0x90, 0xea, 0x0e, 0x5f,
-        /* order */
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xC7, 0x63, 0x4D, 0x81, 0xF4, 0x37, 0x2D, 0xDF, 0x58, 0x1A, 0x0D, 0xB2,
-        0x48, 0xB0, 0xA7, 0x7A, 0xEC, 0xEC, 0x19, 0x6A, 0xCC, 0xC5, 0x29, 0x73
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 66 * 6];
-} _EC_NIST_PRIME_521 = {
-    {
-        NID_X9_62_prime_field, 20, 66, 1
-    },
-    {
-        /* seed */
-        0xD0, 0x9E, 0x88, 0x00, 0x29, 0x1C, 0xB8, 0x53, 0x96, 0xCC, 0x67, 0x17,
-        0x39, 0x32, 0x84, 0xAA, 0xA0, 0xDA, 0x64, 0xBA,
-        /* p */
-        0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        /* a */
-        0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
-        /* b */
-        0x00, 0x51, 0x95, 0x3E, 0xB9, 0x61, 0x8E, 0x1C, 0x9A, 0x1F, 0x92, 0x9A,
-        0x21, 0xA0, 0xB6, 0x85, 0x40, 0xEE, 0xA2, 0xDA, 0x72, 0x5B, 0x99, 0xB3,
-        0x15, 0xF3, 0xB8, 0xB4, 0x89, 0x91, 0x8E, 0xF1, 0x09, 0xE1, 0x56, 0x19,
-        0x39, 0x51, 0xEC, 0x7E, 0x93, 0x7B, 0x16, 0x52, 0xC0, 0xBD, 0x3B, 0xB1,
-        0xBF, 0x07, 0x35, 0x73, 0xDF, 0x88, 0x3D, 0x2C, 0x34, 0xF1, 0xEF, 0x45,
-        0x1F, 0xD4, 0x6B, 0x50, 0x3F, 0x00,
-        /* x */
-        0x00, 0xC6, 0x85, 0x8E, 0x06, 0xB7, 0x04, 0x04, 0xE9, 0xCD, 0x9E, 0x3E,
-        0xCB, 0x66, 0x23, 0x95, 0xB4, 0x42, 0x9C, 0x64, 0x81, 0x39, 0x05, 0x3F,
-        0xB5, 0x21, 0xF8, 0x28, 0xAF, 0x60, 0x6B, 0x4D, 0x3D, 0xBA, 0xA1, 0x4B,
-        0x5E, 0x77, 0xEF, 0xE7, 0x59, 0x28, 0xFE, 0x1D, 0xC1, 0x27, 0xA2, 0xFF,
-        0xA8, 0xDE, 0x33, 0x48, 0xB3, 0xC1, 0x85, 0x6A, 0x42, 0x9B, 0xF9, 0x7E,
-        0x7E, 0x31, 0xC2, 0xE5, 0xBD, 0x66,
-        /* y */
-        0x01, 0x18, 0x39, 0x29, 0x6a, 0x78, 0x9a, 0x3b, 0xc0, 0x04, 0x5c, 0x8a,
-        0x5f, 0xb4, 0x2c, 0x7d, 0x1b, 0xd9, 0x98, 0xf5, 0x44, 0x49, 0x57, 0x9b,
-        0x44, 0x68, 0x17, 0xaf, 0xbd, 0x17, 0x27, 0x3e, 0x66, 0x2c, 0x97, 0xee,
-        0x72, 0x99, 0x5e, 0xf4, 0x26, 0x40, 0xc5, 0x50, 0xb9, 0x01, 0x3f, 0xad,
-        0x07, 0x61, 0x35, 0x3c, 0x70, 0x86, 0xa2, 0x72, 0xc2, 0x40, 0x88, 0xbe,
-        0x94, 0x76, 0x9f, 0xd1, 0x66, 0x50,
-        /* order */
-        0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFA, 0x51, 0x86,
-        0x87, 0x83, 0xBF, 0x2F, 0x96, 0x6B, 0x7F, 0xCC, 0x01, 0x48, 0xF7, 0x09,
-        0xA5, 0xD0, 0x3B, 0xB5, 0xC9, 0xB8, 0x89, 0x9C, 0x47, 0xAE, 0xBB, 0x6F,
-        0xB7, 0x1E, 0x91, 0x38, 0x64, 0x09
-    }
-};
-
-/* the x9.62 prime curves (minus the nist prime curves) */
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 24 * 6];
-} _EC_X9_62_PRIME_192V2 = {
-    {
-        NID_X9_62_prime_field, 20, 24, 1
-    },
-    {
-        /* seed */
-        0x31, 0xA9, 0x2E, 0xE2, 0x02, 0x9F, 0xD1, 0x0D, 0x90, 0x1B, 0x11, 0x3E,
-        0x99, 0x07, 0x10, 0xF0, 0xD2, 0x1A, 0xC6, 0xB6,
-        /* p */
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        /* a */
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
-        /* b */
-        0xCC, 0x22, 0xD6, 0xDF, 0xB9, 0x5C, 0x6B, 0x25, 0xE4, 0x9C, 0x0D, 0x63,
-        0x64, 0xA4, 0xE5, 0x98, 0x0C, 0x39, 0x3A, 0xA2, 0x16, 0x68, 0xD9, 0x53,
-        /* x */
-        0xEE, 0xA2, 0xBA, 0xE7, 0xE1, 0x49, 0x78, 0x42, 0xF2, 0xDE, 0x77, 0x69,
-        0xCF, 0xE9, 0xC9, 0x89, 0xC0, 0x72, 0xAD, 0x69, 0x6F, 0x48, 0x03, 0x4A,
-        /* y */
-        0x65, 0x74, 0xd1, 0x1d, 0x69, 0xb6, 0xec, 0x7a, 0x67, 0x2b, 0xb8, 0x2a,
-        0x08, 0x3d, 0xf2, 0xf2, 0xb0, 0x84, 0x7d, 0xe9, 0x70, 0xb2, 0xde, 0x15,
-        /* order */
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE,
-        0x5F, 0xB1, 0xA7, 0x24, 0xDC, 0x80, 0x41, 0x86, 0x48, 0xD8, 0xDD, 0x31
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 24 * 6];
-} _EC_X9_62_PRIME_192V3 = {
-    {
-        NID_X9_62_prime_field, 20, 24, 1
-    },
-    {
-        /* seed */
-        0xC4, 0x69, 0x68, 0x44, 0x35, 0xDE, 0xB3, 0x78, 0xC4, 0xB6, 0x5C, 0xA9,
-        0x59, 0x1E, 0x2A, 0x57, 0x63, 0x05, 0x9A, 0x2E,
-        /* p */
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        /* a */
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
-        /* b */
-        0x22, 0x12, 0x3D, 0xC2, 0x39, 0x5A, 0x05, 0xCA, 0xA7, 0x42, 0x3D, 0xAE,
-        0xCC, 0xC9, 0x47, 0x60, 0xA7, 0xD4, 0x62, 0x25, 0x6B, 0xD5, 0x69, 0x16,
-        /* x */
-        0x7D, 0x29, 0x77, 0x81, 0x00, 0xC6, 0x5A, 0x1D, 0xA1, 0x78, 0x37, 0x16,
-        0x58, 0x8D, 0xCE, 0x2B, 0x8B, 0x4A, 0xEE, 0x8E, 0x22, 0x8F, 0x18, 0x96,
-        /* y */
-        0x38, 0xa9, 0x0f, 0x22, 0x63, 0x73, 0x37, 0x33, 0x4b, 0x49, 0xdc, 0xb6,
-        0x6a, 0x6d, 0xc8, 0xf9, 0x97, 0x8a, 0xca, 0x76, 0x48, 0xa9, 0x43, 0xb0,
-        /* order */
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0x7A, 0x62, 0xD0, 0x31, 0xC8, 0x3F, 0x42, 0x94, 0xF6, 0x40, 0xEC, 0x13
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 30 * 6];
-} _EC_X9_62_PRIME_239V1 = {
-    {
-        NID_X9_62_prime_field, 20, 30, 1
-    },
-    {
-        /* seed */
-        0xE4, 0x3B, 0xB4, 0x60, 0xF0, 0xB8, 0x0C, 0xC0, 0xC0, 0xB0, 0x75, 0x79,
-        0x8E, 0x94, 0x80, 0x60, 0xF8, 0x32, 0x1B, 0x7D,
-        /* p */
-        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        /* a */
-        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
-        /* b */
-        0x6B, 0x01, 0x6C, 0x3B, 0xDC, 0xF1, 0x89, 0x41, 0xD0, 0xD6, 0x54, 0x92,
-        0x14, 0x75, 0xCA, 0x71, 0xA9, 0xDB, 0x2F, 0xB2, 0x7D, 0x1D, 0x37, 0x79,
-        0x61, 0x85, 0xC2, 0x94, 0x2C, 0x0A,
-        /* x */
-        0x0F, 0xFA, 0x96, 0x3C, 0xDC, 0xA8, 0x81, 0x6C, 0xCC, 0x33, 0xB8, 0x64,
-        0x2B, 0xED, 0xF9, 0x05, 0xC3, 0xD3, 0x58, 0x57, 0x3D, 0x3F, 0x27, 0xFB,
-        0xBD, 0x3B, 0x3C, 0xB9, 0xAA, 0xAF,
-        /* y */
-        0x7d, 0xeb, 0xe8, 0xe4, 0xe9, 0x0a, 0x5d, 0xae, 0x6e, 0x40, 0x54, 0xca,
-        0x53, 0x0b, 0xa0, 0x46, 0x54, 0xb3, 0x68, 0x18, 0xce, 0x22, 0x6b, 0x39,
-        0xfc, 0xcb, 0x7b, 0x02, 0xf1, 0xae,
-        /* order */
-        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0x7F, 0xFF, 0xFF, 0x9E, 0x5E, 0x9A, 0x9F, 0x5D, 0x90, 0x71, 0xFB, 0xD1,
-        0x52, 0x26, 0x88, 0x90, 0x9D, 0x0B
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 30 * 6];
-} _EC_X9_62_PRIME_239V2 = {
-    {
-        NID_X9_62_prime_field, 20, 30, 1
-    },
-    {
-        /* seed */
-        0xE8, 0xB4, 0x01, 0x16, 0x04, 0x09, 0x53, 0x03, 0xCA, 0x3B, 0x80, 0x99,
-        0x98, 0x2B, 0xE0, 0x9F, 0xCB, 0x9A, 0xE6, 0x16,
-        /* p */
-        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        /* a */
-        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
-        /* b */
-        0x61, 0x7F, 0xAB, 0x68, 0x32, 0x57, 0x6C, 0xBB, 0xFE, 0xD5, 0x0D, 0x99,
-        0xF0, 0x24, 0x9C, 0x3F, 0xEE, 0x58, 0xB9, 0x4B, 0xA0, 0x03, 0x8C, 0x7A,
-        0xE8, 0x4C, 0x8C, 0x83, 0x2F, 0x2C,
-        /* x */
-        0x38, 0xAF, 0x09, 0xD9, 0x87, 0x27, 0x70, 0x51, 0x20, 0xC9, 0x21, 0xBB,
-        0x5E, 0x9E, 0x26, 0x29, 0x6A, 0x3C, 0xDC, 0xF2, 0xF3, 0x57, 0x57, 0xA0,
-        0xEA, 0xFD, 0x87, 0xB8, 0x30, 0xE7,
-        /* y */
-        0x5b, 0x01, 0x25, 0xe4, 0xdb, 0xea, 0x0e, 0xc7, 0x20, 0x6d, 0xa0, 0xfc,
-        0x01, 0xd9, 0xb0, 0x81, 0x32, 0x9f, 0xb5, 0x55, 0xde, 0x6e, 0xf4, 0x60,
-        0x23, 0x7d, 0xff, 0x8b, 0xe4, 0xba,
-        /* order */
-        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0x80, 0x00, 0x00, 0xCF, 0xA7, 0xE8, 0x59, 0x43, 0x77, 0xD4, 0x14, 0xC0,
-        0x38, 0x21, 0xBC, 0x58, 0x20, 0x63
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 30 * 6];
-} _EC_X9_62_PRIME_239V3 = {
-    {
-        NID_X9_62_prime_field, 20, 30, 1
-    },
-    {
-        /* seed */
-        0x7D, 0x73, 0x74, 0x16, 0x8F, 0xFE, 0x34, 0x71, 0xB6, 0x0A, 0x85, 0x76,
-        0x86, 0xA1, 0x94, 0x75, 0xD3, 0xBF, 0xA2, 0xFF,
-        /* p */
-        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        /* a */
-        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
-        /* b */
-        0x25, 0x57, 0x05, 0xFA, 0x2A, 0x30, 0x66, 0x54, 0xB1, 0xF4, 0xCB, 0x03,
-        0xD6, 0xA7, 0x50, 0xA3, 0x0C, 0x25, 0x01, 0x02, 0xD4, 0x98, 0x87, 0x17,
-        0xD9, 0xBA, 0x15, 0xAB, 0x6D, 0x3E,
-        /* x */
-        0x67, 0x68, 0xAE, 0x8E, 0x18, 0xBB, 0x92, 0xCF, 0xCF, 0x00, 0x5C, 0x94,
-        0x9A, 0xA2, 0xC6, 0xD9, 0x48, 0x53, 0xD0, 0xE6, 0x60, 0xBB, 0xF8, 0x54,
-        0xB1, 0xC9, 0x50, 0x5F, 0xE9, 0x5A,
-        /* y */
-        0x16, 0x07, 0xe6, 0x89, 0x8f, 0x39, 0x0c, 0x06, 0xbc, 0x1d, 0x55, 0x2b,
-        0xad, 0x22, 0x6f, 0x3b, 0x6f, 0xcf, 0xe4, 0x8b, 0x6e, 0x81, 0x84, 0x99,
-        0xaf, 0x18, 0xe3, 0xed, 0x6c, 0xf3,
-        /* order */
-        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0x7F, 0xFF, 0xFF, 0x97, 0x5D, 0xEB, 0x41, 0xB3, 0xA6, 0x05, 0x7C, 0x3C,
-        0x43, 0x21, 0x46, 0x52, 0x65, 0x51
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 32 * 6];
-} _EC_X9_62_PRIME_256V1 = {
-    {
-        NID_X9_62_prime_field, 20, 32, 1
-    },
-    {
-        /* seed */
-        0xC4, 0x9D, 0x36, 0x08, 0x86, 0xE7, 0x04, 0x93, 0x6A, 0x66, 0x78, 0xE1,
-        0x13, 0x9D, 0x26, 0xB7, 0x81, 0x9F, 0x7E, 0x90,
-        /* p */
-        0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        /* a */
-        0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
-        /* b */
-        0x5A, 0xC6, 0x35, 0xD8, 0xAA, 0x3A, 0x93, 0xE7, 0xB3, 0xEB, 0xBD, 0x55,
-        0x76, 0x98, 0x86, 0xBC, 0x65, 0x1D, 0x06, 0xB0, 0xCC, 0x53, 0xB0, 0xF6,
-        0x3B, 0xCE, 0x3C, 0x3E, 0x27, 0xD2, 0x60, 0x4B,
-        /* x */
-        0x6B, 0x17, 0xD1, 0xF2, 0xE1, 0x2C, 0x42, 0x47, 0xF8, 0xBC, 0xE6, 0xE5,
-        0x63, 0xA4, 0x40, 0xF2, 0x77, 0x03, 0x7D, 0x81, 0x2D, 0xEB, 0x33, 0xA0,
-        0xF4, 0xA1, 0x39, 0x45, 0xD8, 0x98, 0xC2, 0x96,
-        /* y */
-        0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b, 0x8e, 0xe7, 0xeb, 0x4a,
-        0x7c, 0x0f, 0x9e, 0x16, 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
-        0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5,
-        /* order */
-        0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
-        0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
-    }
-};
-
-/* the secg prime curves (minus the nist and x9.62 prime curves) */
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 14 * 6];
-} _EC_SECG_PRIME_112R1 = {
-    {
-        NID_X9_62_prime_field, 20, 14, 1
-    },
-    {
-        /* seed */
-        0x00, 0xF5, 0x0B, 0x02, 0x8E, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61,
-        0x51, 0x75, 0x29, 0x04, 0x72, 0x78, 0x3F, 0xB1,
-        /* p */
-        0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x66, 0x80, 0x76, 0xBE, 0xAD,
-        0x20, 0x8B,
-        /* a */
-        0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x66, 0x80, 0x76, 0xBE, 0xAD,
-        0x20, 0x88,
-        /* b */
-        0x65, 0x9E, 0xF8, 0xBA, 0x04, 0x39, 0x16, 0xEE, 0xDE, 0x89, 0x11, 0x70,
-        0x2B, 0x22,
-        /* x */
-        0x09, 0x48, 0x72, 0x39, 0x99, 0x5A, 0x5E, 0xE7, 0x6B, 0x55, 0xF9, 0xC2,
-        0xF0, 0x98,
-        /* y */
-        0xa8, 0x9c, 0xe5, 0xaf, 0x87, 0x24, 0xc0, 0xa2, 0x3e, 0x0e, 0x0f, 0xf7,
-        0x75, 0x00,
-        /* order */
-        0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x76, 0x28, 0xDF, 0xAC, 0x65,
-        0x61, 0xC5
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 14 * 6];
-} _EC_SECG_PRIME_112R2 = {
-    {
-        NID_X9_62_prime_field, 20, 14, 4
-    },
-    {
-        /* seed */
-        0x00, 0x27, 0x57, 0xA1, 0x11, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61,
-        0x51, 0x75, 0x53, 0x16, 0xC0, 0x5E, 0x0B, 0xD4,
-        /* p */
-        0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x66, 0x80, 0x76, 0xBE, 0xAD,
-        0x20, 0x8B,
-        /* a */
-        0x61, 0x27, 0xC2, 0x4C, 0x05, 0xF3, 0x8A, 0x0A, 0xAA, 0xF6, 0x5C, 0x0E,
-        0xF0, 0x2C,
-        /* b */
-        0x51, 0xDE, 0xF1, 0x81, 0x5D, 0xB5, 0xED, 0x74, 0xFC, 0xC3, 0x4C, 0x85,
-        0xD7, 0x09,
-        /* x */
-        0x4B, 0xA3, 0x0A, 0xB5, 0xE8, 0x92, 0xB4, 0xE1, 0x64, 0x9D, 0xD0, 0x92,
-        0x86, 0x43,
-        /* y */
-        0xad, 0xcd, 0x46, 0xf5, 0x88, 0x2e, 0x37, 0x47, 0xde, 0xf3, 0x6e, 0x95,
-        0x6e, 0x97,
-        /* order */
-        0x36, 0xDF, 0x0A, 0xAF, 0xD8, 0xB8, 0xD7, 0x59, 0x7C, 0xA1, 0x05, 0x20,
-        0xD0, 0x4B
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 16 * 6];
-} _EC_SECG_PRIME_128R1 = {
-    {
-        NID_X9_62_prime_field, 20, 16, 1
-    },
-    {
-        /* seed */
-        0x00, 0x0E, 0x0D, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75,
-        0x0C, 0xC0, 0x3A, 0x44, 0x73, 0xD0, 0x36, 0x79,
-        /* p */
-        0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF,
-        /* a */
-        0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFC,
-        /* b */
-        0xE8, 0x75, 0x79, 0xC1, 0x10, 0x79, 0xF4, 0x3D, 0xD8, 0x24, 0x99, 0x3C,
-        0x2C, 0xEE, 0x5E, 0xD3,
-        /* x */
-        0x16, 0x1F, 0xF7, 0x52, 0x8B, 0x89, 0x9B, 0x2D, 0x0C, 0x28, 0x60, 0x7C,
-        0xA5, 0x2C, 0x5B, 0x86,
-        /* y */
-        0xcf, 0x5a, 0xc8, 0x39, 0x5b, 0xaf, 0xeb, 0x13, 0xc0, 0x2d, 0xa2, 0x92,
-        0xdd, 0xed, 0x7a, 0x83,
-        /* order */
-        0xFF, 0xFF, 0xFF, 0xFE, 0x00, 0x00, 0x00, 0x00, 0x75, 0xA3, 0x0D, 0x1B,
-        0x90, 0x38, 0xA1, 0x15
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 16 * 6];
-} _EC_SECG_PRIME_128R2 = {
-    {
-        NID_X9_62_prime_field, 20, 16, 4
-    },
-    {
-        /* seed */
-        0x00, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75, 0x12, 0xD8,
-        0xF0, 0x34, 0x31, 0xFC, 0xE6, 0x3B, 0x88, 0xF4,
-        /* p */
-        0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF,
-        /* a */
-        0xD6, 0x03, 0x19, 0x98, 0xD1, 0xB3, 0xBB, 0xFE, 0xBF, 0x59, 0xCC, 0x9B,
-        0xBF, 0xF9, 0xAE, 0xE1,
-        /* b */
-        0x5E, 0xEE, 0xFC, 0xA3, 0x80, 0xD0, 0x29, 0x19, 0xDC, 0x2C, 0x65, 0x58,
-        0xBB, 0x6D, 0x8A, 0x5D,
-        /* x */
-        0x7B, 0x6A, 0xA5, 0xD8, 0x5E, 0x57, 0x29, 0x83, 0xE6, 0xFB, 0x32, 0xA7,
-        0xCD, 0xEB, 0xC1, 0x40,
-        /* y */
-        0x27, 0xb6, 0x91, 0x6a, 0x89, 0x4d, 0x3a, 0xee, 0x71, 0x06, 0xfe, 0x80,
-        0x5f, 0xc3, 0x4b, 0x44,
-        /* order */
-        0x3F, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF, 0xBE, 0x00, 0x24, 0x72,
-        0x06, 0x13, 0xB5, 0xA3
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 21 * 6];
-} _EC_SECG_PRIME_160K1 = {
-    {
-        NID_X9_62_prime_field, 0, 21, 1
-    },
-    {
-        /* no seed */
-        /* p */
-        0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xAC, 0x73,
-        /* a */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        /* b */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07,
-        /* x */
-        0x00, 0x3B, 0x4C, 0x38, 0x2C, 0xE3, 0x7A, 0xA1, 0x92, 0xA4, 0x01, 0x9E,
-        0x76, 0x30, 0x36, 0xF4, 0xF5, 0xDD, 0x4D, 0x7E, 0xBB,
-        /* y */
-        0x00, 0x93, 0x8c, 0xf9, 0x35, 0x31, 0x8f, 0xdc, 0xed, 0x6b, 0xc2, 0x82,
-        0x86, 0x53, 0x17, 0x33, 0xc3, 0xf0, 0x3c, 0x4f, 0xee,
-        /* order */
-        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xB8,
-        0xFA, 0x16, 0xDF, 0xAB, 0x9A, 0xCA, 0x16, 0xB6, 0xB3
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 21 * 6];
-} _EC_SECG_PRIME_160R1 = {
-    {
-        NID_X9_62_prime_field, 20, 21, 1
-    },
-    {
-        /* seed */
-        0x10, 0x53, 0xCD, 0xE4, 0x2C, 0x14, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
-        0x15, 0x17, 0x53, 0x3B, 0xF3, 0xF8, 0x33, 0x45,
-        /* p */
-        0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF,
-        /* a */
-        0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFC,
-        /* b */
-        0x00, 0x1C, 0x97, 0xBE, 0xFC, 0x54, 0xBD, 0x7A, 0x8B, 0x65, 0xAC, 0xF8,
-        0x9F, 0x81, 0xD4, 0xD4, 0xAD, 0xC5, 0x65, 0xFA, 0x45,
-        /* x */
-        0x00, 0x4A, 0x96, 0xB5, 0x68, 0x8E, 0xF5, 0x73, 0x28, 0x46, 0x64, 0x69,
-        0x89, 0x68, 0xC3, 0x8B, 0xB9, 0x13, 0xCB, 0xFC, 0x82,
-        /* y */
-        0x00, 0x23, 0xa6, 0x28, 0x55, 0x31, 0x68, 0x94, 0x7d, 0x59, 0xdc, 0xc9,
-        0x12, 0x04, 0x23, 0x51, 0x37, 0x7a, 0xc5, 0xfb, 0x32,
-        /* order */
-        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xF4,
-        0xC8, 0xF9, 0x27, 0xAE, 0xD3, 0xCA, 0x75, 0x22, 0x57
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 21 * 6];
-} _EC_SECG_PRIME_160R2 = {
-    {
-        NID_X9_62_prime_field, 20, 21, 1
-    },
-    {
-        /* seed */
-        0xB9, 0x9B, 0x99, 0xB0, 0x99, 0xB3, 0x23, 0xE0, 0x27, 0x09, 0xA4, 0xD6,
-        0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x51,
-        /* p */
-        0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xAC, 0x73,
-        /* a */
-        0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xAC, 0x70,
-        /* b */
-        0x00, 0xB4, 0xE1, 0x34, 0xD3, 0xFB, 0x59, 0xEB, 0x8B, 0xAB, 0x57, 0x27,
-        0x49, 0x04, 0x66, 0x4D, 0x5A, 0xF5, 0x03, 0x88, 0xBA,
-        /* x */
-        0x00, 0x52, 0xDC, 0xB0, 0x34, 0x29, 0x3A, 0x11, 0x7E, 0x1F, 0x4F, 0xF1,
-        0x1B, 0x30, 0xF7, 0x19, 0x9D, 0x31, 0x44, 0xCE, 0x6D,
-        /* y */
-        0x00, 0xfe, 0xaf, 0xfe, 0xf2, 0xe3, 0x31, 0xf2, 0x96, 0xe0, 0x71, 0xfa,
-        0x0d, 0xf9, 0x98, 0x2c, 0xfe, 0xa7, 0xd4, 0x3f, 0x2e,
-        /* order */
-        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x35,
-        0x1E, 0xE7, 0x86, 0xA8, 0x18, 0xF3, 0xA1, 0xA1, 0x6B
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 24 * 6];
-} _EC_SECG_PRIME_192K1 = {
-    {
-        NID_X9_62_prime_field, 0, 24, 1
-    },
-    {
-        /* no seed */
-        /* p */
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xEE, 0x37,
-        /* a */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        /* b */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03,
-        /* x */
-        0xDB, 0x4F, 0xF1, 0x0E, 0xC0, 0x57, 0xE9, 0xAE, 0x26, 0xB0, 0x7D, 0x02,
-        0x80, 0xB7, 0xF4, 0x34, 0x1D, 0xA5, 0xD1, 0xB1, 0xEA, 0xE0, 0x6C, 0x7D,
-        /* y */
-        0x9b, 0x2f, 0x2f, 0x6d, 0x9c, 0x56, 0x28, 0xa7, 0x84, 0x41, 0x63, 0xd0,
-        0x15, 0xbe, 0x86, 0x34, 0x40, 0x82, 0xaa, 0x88, 0xd9, 0x5e, 0x2f, 0x9d,
-        /* order */
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE,
-        0x26, 0xF2, 0xFC, 0x17, 0x0F, 0x69, 0x46, 0x6A, 0x74, 0xDE, 0xFD, 0x8D
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 29 * 6];
-} _EC_SECG_PRIME_224K1 = {
-    {
-        NID_X9_62_prime_field, 0, 29, 1
-    },
-    {
-        /* no seed */
-        /* p */
-        0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFE, 0xFF, 0xFF, 0xE5, 0x6D,
-        /* a */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00,
-        /* b */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x05,
-        /* x */
-        0x00, 0xA1, 0x45, 0x5B, 0x33, 0x4D, 0xF0, 0x99, 0xDF, 0x30, 0xFC, 0x28,
-        0xA1, 0x69, 0xA4, 0x67, 0xE9, 0xE4, 0x70, 0x75, 0xA9, 0x0F, 0x7E, 0x65,
-        0x0E, 0xB6, 0xB7, 0xA4, 0x5C,
-        /* y */
-        0x00, 0x7e, 0x08, 0x9f, 0xed, 0x7f, 0xba, 0x34, 0x42, 0x82, 0xca, 0xfb,
-        0xd6, 0xf7, 0xe3, 0x19, 0xf7, 0xc0, 0xb0, 0xbd, 0x59, 0xe2, 0xca, 0x4b,
-        0xdb, 0x55, 0x6d, 0x61, 0xa5,
-        /* order */
-        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x01, 0xDC, 0xE8, 0xD2, 0xEC, 0x61, 0x84, 0xCA, 0xF0, 0xA9,
-        0x71, 0x76, 0x9F, 0xB1, 0xF7
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 32 * 6];
-} _EC_SECG_PRIME_256K1 = {
-    {
-        NID_X9_62_prime_field, 0, 32, 1
-    },
-    {
-        /* no seed */
-        /* p */
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFC, 0x2F,
-        /* a */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        /* b */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07,
-        /* x */
-        0x79, 0xBE, 0x66, 0x7E, 0xF9, 0xDC, 0xBB, 0xAC, 0x55, 0xA0, 0x62, 0x95,
-        0xCE, 0x87, 0x0B, 0x07, 0x02, 0x9B, 0xFC, 0xDB, 0x2D, 0xCE, 0x28, 0xD9,
-        0x59, 0xF2, 0x81, 0x5B, 0x16, 0xF8, 0x17, 0x98,
-        /* y */
-        0x48, 0x3a, 0xda, 0x77, 0x26, 0xa3, 0xc4, 0x65, 0x5d, 0xa4, 0xfb, 0xfc,
-        0x0e, 0x11, 0x08, 0xa8, 0xfd, 0x17, 0xb4, 0x48, 0xa6, 0x85, 0x54, 0x19,
-        0x9c, 0x47, 0xd0, 0x8f, 0xfb, 0x10, 0xd4, 0xb8,
-        /* order */
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFE, 0xBA, 0xAE, 0xDC, 0xE6, 0xAF, 0x48, 0xA0, 0x3B,
-        0xBF, 0xD2, 0x5E, 0x8C, 0xD0, 0x36, 0x41, 0x41
-    }
-};
-
-/* some wap/wtls curves */
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 15 * 6];
-} _EC_WTLS_8 = {
-    {
-        NID_X9_62_prime_field, 0, 15, 1
-    },
-    {
-        /* no seed */
-        /* p */
-        0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFD, 0xE7,
-        /* a */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00,
-        /* b */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x03,
-        /* x */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x01,
-        /* y */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x02,
-        /* order */
-        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xEC, 0xEA, 0x55, 0x1A,
-        0xD8, 0x37, 0xE9
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 21 * 6];
-} _EC_WTLS_9 = {
-    {
-        NID_X9_62_prime_field, 0, 21, 1
-    },
-    {
-        /* no seed */
-        /* p */
-        0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0x80, 0x8F,
-        /* a */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        /* b */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03,
-        /* x */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-        /* y */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02,
-        /* order */
-        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xCD,
-        0xC9, 0x8A, 0xE0, 0xE2, 0xDE, 0x57, 0x4A, 0xBF, 0x33
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 28 * 6];
-} _EC_WTLS_12 = {
-    {
-        NID_X9_62_prime_field, 0, 28, 1
-    },
-    {
-        /* no seed */
-        /* p */
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x01,
-        /* a */
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFE,
-        /* b */
-        0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, 0xF5, 0x41, 0x32, 0x56,
-        0x50, 0x44, 0xB0, 0xB7, 0xD7, 0xBF, 0xD8, 0xBA, 0x27, 0x0B, 0x39, 0x43,
-        0x23, 0x55, 0xFF, 0xB4,
-        /* x */
-        0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, 0x32, 0x13, 0x90, 0xB9,
-        0x4A, 0x03, 0xC1, 0xD3, 0x56, 0xC2, 0x11, 0x22, 0x34, 0x32, 0x80, 0xD6,
-        0x11, 0x5C, 0x1D, 0x21,
-        /* y */
-        0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22, 0xdf, 0xe6,
-        0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64, 0x44, 0xd5, 0x81, 0x99,
-        0x85, 0x00, 0x7e, 0x34,
-        /* order */
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0x16, 0xA2, 0xE0, 0xB8, 0xF0, 0x3E, 0x13, 0xDD, 0x29, 0x45,
-        0x5C, 0x5C, 0x2A, 0x3D
-    }
-};
-
-#ifndef OPENSSL_NO_EC2M
-
-/* characteristic two curves */
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 15 * 6];
-} _EC_SECG_CHAR2_113R1 = {
-    {
-        NID_X9_62_characteristic_two_field, 20, 15, 2
-    },
-    {
-        /* seed */
-        0x10, 0xE7, 0x23, 0xAB, 0x14, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, 0x15,
-        0x17, 0x56, 0xFE, 0xBF, 0x8F, 0xCB, 0x49, 0xA9,
-        /* p */
-        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x02, 0x01,
-        /* a */
-        0x00, 0x30, 0x88, 0x25, 0x0C, 0xA6, 0xE7, 0xC7, 0xFE, 0x64, 0x9C, 0xE8,
-        0x58, 0x20, 0xF7,
-        /* b */
-        0x00, 0xE8, 0xBE, 0xE4, 0xD3, 0xE2, 0x26, 0x07, 0x44, 0x18, 0x8B, 0xE0,
-        0xE9, 0xC7, 0x23,
-        /* x */
-        0x00, 0x9D, 0x73, 0x61, 0x6F, 0x35, 0xF4, 0xAB, 0x14, 0x07, 0xD7, 0x35,
-        0x62, 0xC1, 0x0F,
-        /* y */
-        0x00, 0xA5, 0x28, 0x30, 0x27, 0x79, 0x58, 0xEE, 0x84, 0xD1, 0x31, 0x5E,
-        0xD3, 0x18, 0x86,
-        /* order */
-        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xD9, 0xCC, 0xEC, 0x8A,
-        0x39, 0xE5, 0x6F
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 15 * 6];
-} _EC_SECG_CHAR2_113R2 = {
-    {
-        NID_X9_62_characteristic_two_field, 20, 15, 2
-    },
-    {
-        /* seed */
-        0x10, 0xC0, 0xFB, 0x15, 0x76, 0x08, 0x60, 0xDE, 0xF1, 0xEE, 0xF4, 0xD6,
-        0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x5D,
-        /* p */
-        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x02, 0x01,
-        /* a */
-        0x00, 0x68, 0x99, 0x18, 0xDB, 0xEC, 0x7E, 0x5A, 0x0D, 0xD6, 0xDF, 0xC0,
-        0xAA, 0x55, 0xC7,
-        /* b */
-        0x00, 0x95, 0xE9, 0xA9, 0xEC, 0x9B, 0x29, 0x7B, 0xD4, 0xBF, 0x36, 0xE0,
-        0x59, 0x18, 0x4F,
-        /* x */
-        0x01, 0xA5, 0x7A, 0x6A, 0x7B, 0x26, 0xCA, 0x5E, 0xF5, 0x2F, 0xCD, 0xB8,
-        0x16, 0x47, 0x97,
-        /* y */
-        0x00, 0xB3, 0xAD, 0xC9, 0x4E, 0xD1, 0xFE, 0x67, 0x4C, 0x06, 0xE6, 0x95,
-        0xBA, 0xBA, 0x1D,
-        /* order */
-        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x08, 0x78, 0x9B, 0x24,
-        0x96, 0xAF, 0x93
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 17 * 6];
-} _EC_SECG_CHAR2_131R1 = {
-    {
-        NID_X9_62_characteristic_two_field, 20, 17, 2
-    },
-    {
-        /* seed */
-        0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75, 0x98, 0x5B, 0xD3,
-        0xAD, 0xBA, 0xDA, 0x21, 0xB4, 0x3A, 0x97, 0xE2,
-        /* p */
-        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x01, 0x0D,
-        /* a */
-        0x07, 0xA1, 0x1B, 0x09, 0xA7, 0x6B, 0x56, 0x21, 0x44, 0x41, 0x8F, 0xF3,
-        0xFF, 0x8C, 0x25, 0x70, 0xB8,
-        /* b */
-        0x02, 0x17, 0xC0, 0x56, 0x10, 0x88, 0x4B, 0x63, 0xB9, 0xC6, 0xC7, 0x29,
-        0x16, 0x78, 0xF9, 0xD3, 0x41,
-        /* x */
-        0x00, 0x81, 0xBA, 0xF9, 0x1F, 0xDF, 0x98, 0x33, 0xC4, 0x0F, 0x9C, 0x18,
-        0x13, 0x43, 0x63, 0x83, 0x99,
-        /* y */
-        0x07, 0x8C, 0x6E, 0x7E, 0xA3, 0x8C, 0x00, 0x1F, 0x73, 0xC8, 0x13, 0x4B,
-        0x1B, 0x4E, 0xF9, 0xE1, 0x50,
-        /* order */
-        0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x31, 0x23, 0x95,
-        0x3A, 0x94, 0x64, 0xB5, 0x4D
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 17 * 6];
-} _EC_SECG_CHAR2_131R2 = {
-    {
-        NID_X9_62_characteristic_two_field, 20, 17, 2
-    },
-    {
-        /* seed */
-        0x98, 0x5B, 0xD3, 0xAD, 0xBA, 0xD4, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
-        0x15, 0x17, 0x5A, 0x21, 0xB4, 0x3A, 0x97, 0xE3,
-        /* p */
-        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x01, 0x0D,
-        /* a */
-        0x03, 0xE5, 0xA8, 0x89, 0x19, 0xD7, 0xCA, 0xFC, 0xBF, 0x41, 0x5F, 0x07,
-        0xC2, 0x17, 0x65, 0x73, 0xB2,
-        /* b */
-        0x04, 0xB8, 0x26, 0x6A, 0x46, 0xC5, 0x56, 0x57, 0xAC, 0x73, 0x4C, 0xE3,
-        0x8F, 0x01, 0x8F, 0x21, 0x92,
-        /* x */
-        0x03, 0x56, 0xDC, 0xD8, 0xF2, 0xF9, 0x50, 0x31, 0xAD, 0x65, 0x2D, 0x23,
-        0x95, 0x1B, 0xB3, 0x66, 0xA8,
-        /* y */
-        0x06, 0x48, 0xF0, 0x6D, 0x86, 0x79, 0x40, 0xA5, 0x36, 0x6D, 0x9E, 0x26,
-        0x5D, 0xE9, 0xEB, 0x24, 0x0F,
-        /* order */
-        0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x69, 0x54, 0xA2,
-        0x33, 0x04, 0x9B, 0xA9, 0x8F
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 21 * 6];
-} _EC_NIST_CHAR2_163K = {
-    {
-        NID_X9_62_characteristic_two_field, 0, 21, 2
-    },
-    {
-        /* no seed */
-        /* p */
-        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xC9,
-        /* a */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-        /* b */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-        /* x */
-        0x02, 0xFE, 0x13, 0xC0, 0x53, 0x7B, 0xBC, 0x11, 0xAC, 0xAA, 0x07, 0xD7,
-        0x93, 0xDE, 0x4E, 0x6D, 0x5E, 0x5C, 0x94, 0xEE, 0xE8,
-        /* y */
-        0x02, 0x89, 0x07, 0x0F, 0xB0, 0x5D, 0x38, 0xFF, 0x58, 0x32, 0x1F, 0x2E,
-        0x80, 0x05, 0x36, 0xD5, 0x38, 0xCC, 0xDA, 0xA3, 0xD9,
-        /* order */
-        0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x01,
-        0x08, 0xA2, 0xE0, 0xCC, 0x0D, 0x99, 0xF8, 0xA5, 0xEF
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 21 * 6];
-} _EC_SECG_CHAR2_163R1 = {
-    {
-        NID_X9_62_characteristic_two_field, 0, 21, 2
-    },
-    {
-        /* no seed */
-# if 0
-        /*
-        * The algorithm used to derive the curve parameters from the seed
-        * used here is slightly different than the algorithm described in
-        * X9.62 .
-        */
-        0x24, 0xB7, 0xB1, 0x37, 0xC8, 0xA1, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75,
-        0x61, 0x51, 0x75, 0x6F, 0xD0, 0xDA, 0x2E, 0x5C,
-# endif
-        /* p */
-        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xC9,
-        /* a */
-        0x07, 0xB6, 0x88, 0x2C, 0xAA, 0xEF, 0xA8, 0x4F, 0x95, 0x54, 0xFF, 0x84,
-        0x28, 0xBD, 0x88, 0xE2, 0x46, 0xD2, 0x78, 0x2A, 0xE2,
-        /* b */
-        0x07, 0x13, 0x61, 0x2D, 0xCD, 0xDC, 0xB4, 0x0A, 0xAB, 0x94, 0x6B, 0xDA,
-        0x29, 0xCA, 0x91, 0xF7, 0x3A, 0xF9, 0x58, 0xAF, 0xD9,
-        /* x */
-        0x03, 0x69, 0x97, 0x96, 0x97, 0xAB, 0x43, 0x89, 0x77, 0x89, 0x56, 0x67,
-        0x89, 0x56, 0x7F, 0x78, 0x7A, 0x78, 0x76, 0xA6, 0x54,
-        /* y */
-        0x00, 0x43, 0x5E, 0xDB, 0x42, 0xEF, 0xAF, 0xB2, 0x98, 0x9D, 0x51, 0xFE,
-        0xFC, 0xE3, 0xC8, 0x09, 0x88, 0xF4, 0x1F, 0xF8, 0x83,
-        /* order */
-        0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x48,
-        0xAA, 0xB6, 0x89, 0xC2, 0x9C, 0xA7, 0x10, 0x27, 0x9B
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 21 * 6];
-} _EC_NIST_CHAR2_163B = {
-    {
-        NID_X9_62_characteristic_two_field, 0, 21, 2
-    },
-    {
-        /* no seed */
-# if 0
-        /*
-        * The seed here was used to created the curve parameters in normal
-        * basis representation (and not the polynomial representation used
-        * here)
-        */
-        0x85, 0xE2, 0x5B, 0xFE, 0x5C, 0x86, 0x22, 0x6C, 0xDB, 0x12, 0x01, 0x6F,
-        0x75, 0x53, 0xF9, 0xD0, 0xE6, 0x93, 0xA2, 0x68,
-# endif
-        /* p */
-        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xC9,
-        /* a */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-        /* b */
-        0x02, 0x0A, 0x60, 0x19, 0x07, 0xB8, 0xC9, 0x53, 0xCA, 0x14, 0x81, 0xEB,
-        0x10, 0x51, 0x2F, 0x78, 0x74, 0x4A, 0x32, 0x05, 0xFD,
-        /* x */
-        0x03, 0xF0, 0xEB, 0xA1, 0x62, 0x86, 0xA2, 0xD5, 0x7E, 0xA0, 0x99, 0x11,
-        0x68, 0xD4, 0x99, 0x46, 0x37, 0xE8, 0x34, 0x3E, 0x36,
-        /* y */
-        0x00, 0xD5, 0x1F, 0xBC, 0x6C, 0x71, 0xA0, 0x09, 0x4F, 0xA2, 0xCD, 0xD5,
-        0x45, 0xB1, 0x1C, 0x5C, 0x0C, 0x79, 0x73, 0x24, 0xF1,
-        /* order */
-        0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x92,
-        0xFE, 0x77, 0xE7, 0x0C, 0x12, 0xA4, 0x23, 0x4C, 0x33
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 25 * 6];
-} _EC_SECG_CHAR2_193R1 = {
-    {
-        NID_X9_62_characteristic_two_field, 20, 25, 2
-    },
-    {
-        /* seed */
-        0x10, 0x3F, 0xAE, 0xC7, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51,
-        0x75, 0x77, 0x7F, 0xC5, 0xB1, 0x91, 0xEF, 0x30,
-        /* p */
-        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80,
-        0x01,
-        /* a */
-        0x00, 0x17, 0x85, 0x8F, 0xEB, 0x7A, 0x98, 0x97, 0x51, 0x69, 0xE1, 0x71,
-        0xF7, 0x7B, 0x40, 0x87, 0xDE, 0x09, 0x8A, 0xC8, 0xA9, 0x11, 0xDF, 0x7B,
-        0x01,
-        /* b */
-        0x00, 0xFD, 0xFB, 0x49, 0xBF, 0xE6, 0xC3, 0xA8, 0x9F, 0xAC, 0xAD, 0xAA,
-        0x7A, 0x1E, 0x5B, 0xBC, 0x7C, 0xC1, 0xC2, 0xE5, 0xD8, 0x31, 0x47, 0x88,
-        0x14,
-        /* x */
-        0x01, 0xF4, 0x81, 0xBC, 0x5F, 0x0F, 0xF8, 0x4A, 0x74, 0xAD, 0x6C, 0xDF,
-        0x6F, 0xDE, 0xF4, 0xBF, 0x61, 0x79, 0x62, 0x53, 0x72, 0xD8, 0xC0, 0xC5,
-        0xE1,
-        /* y */
-        0x00, 0x25, 0xE3, 0x99, 0xF2, 0x90, 0x37, 0x12, 0xCC, 0xF3, 0xEA, 0x9E,
-        0x3A, 0x1A, 0xD1, 0x7F, 0xB0, 0xB3, 0x20, 0x1B, 0x6A, 0xF7, 0xCE, 0x1B,
-        0x05,
-        /* order */
-        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0xC7, 0xF3, 0x4A, 0x77, 0x8F, 0x44, 0x3A, 0xCC, 0x92, 0x0E, 0xBA,
-        0x49
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 25 * 6];
-} _EC_SECG_CHAR2_193R2 = {
-    {
-        NID_X9_62_characteristic_two_field, 20, 25, 2
-    },
-    {
-        /* seed */
-        0x10, 0xB7, 0xB4, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x51,
-        0x37, 0xC8, 0xA1, 0x6F, 0xD0, 0xDA, 0x22, 0x11,
-        /* p */
-        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80,
-        0x01,
-        /* a */
-        0x01, 0x63, 0xF3, 0x5A, 0x51, 0x37, 0xC2, 0xCE, 0x3E, 0xA6, 0xED, 0x86,
-        0x67, 0x19, 0x0B, 0x0B, 0xC4, 0x3E, 0xCD, 0x69, 0x97, 0x77, 0x02, 0x70,
-        0x9B,
-        /* b */
-        0x00, 0xC9, 0xBB, 0x9E, 0x89, 0x27, 0xD4, 0xD6, 0x4C, 0x37, 0x7E, 0x2A,
-        0xB2, 0x85, 0x6A, 0x5B, 0x16, 0xE3, 0xEF, 0xB7, 0xF6, 0x1D, 0x43, 0x16,
-        0xAE,
-        /* x */
-        0x00, 0xD9, 0xB6, 0x7D, 0x19, 0x2E, 0x03, 0x67, 0xC8, 0x03, 0xF3, 0x9E,
-        0x1A, 0x7E, 0x82, 0xCA, 0x14, 0xA6, 0x51, 0x35, 0x0A, 0xAE, 0x61, 0x7E,
-        0x8F,
-        /* y */
-        0x01, 0xCE, 0x94, 0x33, 0x56, 0x07, 0xC3, 0x04, 0xAC, 0x29, 0xE7, 0xDE,
-        0xFB, 0xD9, 0xCA, 0x01, 0xF5, 0x96, 0xF9, 0x27, 0x22, 0x4C, 0xDE, 0xCF,
-        0x6C,
-        /* order */
-        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x01, 0x5A, 0xAB, 0x56, 0x1B, 0x00, 0x54, 0x13, 0xCC, 0xD4, 0xEE, 0x99,
-        0xD5
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 30 * 6];
-} _EC_NIST_CHAR2_233K = {
-    {
-        NID_X9_62_characteristic_two_field, 0, 30, 4
-    },
-    {
-        /* no seed */
-        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-        /* a */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        /* b */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-        /* x */
-        0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, 0x1A, 0xF1, 0x29, 0xF2,
-        0x2F, 0xF4, 0x14, 0x95, 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C,
-        0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26,
-        /* y */
-        0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, 0xF7, 0x0F, 0x55, 0x5A,
-        0x67, 0xC4, 0x27, 0xA8, 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0,
-        0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3,
-        /* order */
-        0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x06, 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB,
-        0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 30 * 6];
-} _EC_NIST_CHAR2_233B = {
-    {
-        NID_X9_62_characteristic_two_field, 20, 30, 2
-    },
-    {
-        /* seed */
-        0x74, 0xD5, 0x9F, 0xF0, 0x7F, 0x6B, 0x41, 0x3D, 0x0E, 0xA1, 0x4B, 0x34,
-        0x4B, 0x20, 0xA2, 0xDB, 0x04, 0x9B, 0x50, 0xC3,
-        /* p */
-        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-        /* a */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-        /* b */
-        0x00, 0x66, 0x64, 0x7E, 0xDE, 0x6C, 0x33, 0x2C, 0x7F, 0x8C, 0x09, 0x23,
-        0xBB, 0x58, 0x21, 0x3B, 0x33, 0x3B, 0x20, 0xE9, 0xCE, 0x42, 0x81, 0xFE,
-        0x11, 0x5F, 0x7D, 0x8F, 0x90, 0xAD,
-        /* x */
-        0x00, 0xFA, 0xC9, 0xDF, 0xCB, 0xAC, 0x83, 0x13, 0xBB, 0x21, 0x39, 0xF1,
-        0xBB, 0x75, 0x5F, 0xEF, 0x65, 0xBC, 0x39, 0x1F, 0x8B, 0x36, 0xF8, 0xF8,
-        0xEB, 0x73, 0x71, 0xFD, 0x55, 0x8B,
-        /* y */
-        0x01, 0x00, 0x6A, 0x08, 0xA4, 0x19, 0x03, 0x35, 0x06, 0x78, 0xE5, 0x85,
-        0x28, 0xBE, 0xBF, 0x8A, 0x0B, 0xEF, 0xF8, 0x67, 0xA7, 0xCA, 0x36, 0x71,
-        0x6F, 0x7E, 0x01, 0xF8, 0x10, 0x52,
-        /* order */
-        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x13, 0xE9, 0x74, 0xE7, 0x2F, 0x8A, 0x69, 0x22, 0x03,
-        0x1D, 0x26, 0x03, 0xCF, 0xE0, 0xD7
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 30 * 6];
-} _EC_SECG_CHAR2_239K1 = {
-    {
-        NID_X9_62_characteristic_two_field, 0, 30, 4
-    },
-    {
-        /* no seed */
-        0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-        /* a */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        /* b */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-        /* x */
-        0x29, 0xA0, 0xB6, 0xA8, 0x87, 0xA9, 0x83, 0xE9, 0x73, 0x09, 0x88, 0xA6,
-        0x87, 0x27, 0xA8, 0xB2, 0xD1, 0x26, 0xC4, 0x4C, 0xC2, 0xCC, 0x7B, 0x2A,
-        0x65, 0x55, 0x19, 0x30, 0x35, 0xDC,
-        /* y */
-        0x76, 0x31, 0x08, 0x04, 0xF1, 0x2E, 0x54, 0x9B, 0xDB, 0x01, 0x1C, 0x10,
-        0x30, 0x89, 0xE7, 0x35, 0x10, 0xAC, 0xB2, 0x75, 0xFC, 0x31, 0x2A, 0x5D,
-        0xC6, 0xB7, 0x65, 0x53, 0xF0, 0xCA,
-        /* order */
-        0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x5A, 0x79, 0xFE, 0xC6, 0x7C, 0xB6, 0xE9, 0x1F, 0x1C,
-        0x1D, 0xA8, 0x00, 0xE4, 0x78, 0xA5
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 36 * 6];
-} _EC_NIST_CHAR2_283K = {
-    {
-        NID_X9_62_characteristic_two_field, 0, 36, 4
-    },
-    {
-        /* no seed */
-        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0xA1,
-        /* a */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        /* b */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-        /* x */
-        0x05, 0x03, 0x21, 0x3F, 0x78, 0xCA, 0x44, 0x88, 0x3F, 0x1A, 0x3B, 0x81,
-        0x62, 0xF1, 0x88, 0xE5, 0x53, 0xCD, 0x26, 0x5F, 0x23, 0xC1, 0x56, 0x7A,
-        0x16, 0x87, 0x69, 0x13, 0xB0, 0xC2, 0xAC, 0x24, 0x58, 0x49, 0x28, 0x36,
-        /* y */
-        0x01, 0xCC, 0xDA, 0x38, 0x0F, 0x1C, 0x9E, 0x31, 0x8D, 0x90, 0xF9, 0x5D,
-        0x07, 0xE5, 0x42, 0x6F, 0xE8, 0x7E, 0x45, 0xC0, 0xE8, 0x18, 0x46, 0x98,
-        0xE4, 0x59, 0x62, 0x36, 0x4E, 0x34, 0x11, 0x61, 0x77, 0xDD, 0x22, 0x59,
-        /* order */
-        0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xE9, 0xAE, 0x2E, 0xD0, 0x75, 0x77,
-        0x26, 0x5D, 0xFF, 0x7F, 0x94, 0x45, 0x1E, 0x06, 0x1E, 0x16, 0x3C, 0x61
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 36 * 6];
-} _EC_NIST_CHAR2_283B = {
-    {
-        NID_X9_62_characteristic_two_field, 20, 36, 2
-    },
-    {
-        /* no seed */
-        0x77, 0xE2, 0xB0, 0x73, 0x70, 0xEB, 0x0F, 0x83, 0x2A, 0x6D, 0xD5, 0xB6,
-        0x2D, 0xFC, 0x88, 0xCD, 0x06, 0xBB, 0x84, 0xBE,
-        /* p */
-        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0xA1,
-        /* a */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-        /* b */
-        0x02, 0x7B, 0x68, 0x0A, 0xC8, 0xB8, 0x59, 0x6D, 0xA5, 0xA4, 0xAF, 0x8A,
-        0x19, 0xA0, 0x30, 0x3F, 0xCA, 0x97, 0xFD, 0x76, 0x45, 0x30, 0x9F, 0xA2,
-        0xA5, 0x81, 0x48, 0x5A, 0xF6, 0x26, 0x3E, 0x31, 0x3B, 0x79, 0xA2, 0xF5,
-        /* x */
-        0x05, 0xF9, 0x39, 0x25, 0x8D, 0xB7, 0xDD, 0x90, 0xE1, 0x93, 0x4F, 0x8C,
-        0x70, 0xB0, 0xDF, 0xEC, 0x2E, 0xED, 0x25, 0xB8, 0x55, 0x7E, 0xAC, 0x9C,
-        0x80, 0xE2, 0xE1, 0x98, 0xF8, 0xCD, 0xBE, 0xCD, 0x86, 0xB1, 0x20, 0x53,
-        /* y */
-        0x03, 0x67, 0x68, 0x54, 0xFE, 0x24, 0x14, 0x1C, 0xB9, 0x8F, 0xE6, 0xD4,
-        0xB2, 0x0D, 0x02, 0xB4, 0x51, 0x6F, 0xF7, 0x02, 0x35, 0x0E, 0xDD, 0xB0,
-        0x82, 0x67, 0x79, 0xC8, 0x13, 0xF0, 0xDF, 0x45, 0xBE, 0x81, 0x12, 0xF4,
-        /* order */
-        0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xEF, 0x90, 0x39, 0x96, 0x60, 0xFC,
-        0x93, 0x8A, 0x90, 0x16, 0x5B, 0x04, 0x2A, 0x7C, 0xEF, 0xAD, 0xB3, 0x07
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 52 * 6];
-} _EC_NIST_CHAR2_409K = {
-    {
-        NID_X9_62_characteristic_two_field, 0, 52, 4
-    },
-    {
-        /* no seed */
-        /* p */
-        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x01,
-        /* a */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00,
-        /* b */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x01,
-        /* x */
-        0x00, 0x60, 0xF0, 0x5F, 0x65, 0x8F, 0x49, 0xC1, 0xAD, 0x3A, 0xB1, 0x89,
-        0x0F, 0x71, 0x84, 0x21, 0x0E, 0xFD, 0x09, 0x87, 0xE3, 0x07, 0xC8, 0x4C,
-        0x27, 0xAC, 0xCF, 0xB8, 0xF9, 0xF6, 0x7C, 0xC2, 0xC4, 0x60, 0x18, 0x9E,
-        0xB5, 0xAA, 0xAA, 0x62, 0xEE, 0x22, 0x2E, 0xB1, 0xB3, 0x55, 0x40, 0xCF,
-        0xE9, 0x02, 0x37, 0x46,
-        /* y */
-        0x01, 0xE3, 0x69, 0x05, 0x0B, 0x7C, 0x4E, 0x42, 0xAC, 0xBA, 0x1D, 0xAC,
-        0xBF, 0x04, 0x29, 0x9C, 0x34, 0x60, 0x78, 0x2F, 0x91, 0x8E, 0xA4, 0x27,
-        0xE6, 0x32, 0x51, 0x65, 0xE9, 0xEA, 0x10, 0xE3, 0xDA, 0x5F, 0x6C, 0x42,
-        0xE9, 0xC5, 0x52, 0x15, 0xAA, 0x9C, 0xA2, 0x7A, 0x58, 0x63, 0xEC, 0x48,
-        0xD8, 0xE0, 0x28, 0x6B,
-        /* order */
-        0x00, 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFE, 0x5F, 0x83, 0xB2, 0xD4, 0xEA, 0x20, 0x40, 0x0E, 0xC4,
-        0x55, 0x7D, 0x5E, 0xD3, 0xE3, 0xE7, 0xCA, 0x5B, 0x4B, 0x5C, 0x83, 0xB8,
-        0xE0, 0x1E, 0x5F, 0xCF
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 52 * 6];
-} _EC_NIST_CHAR2_409B = {
-    {
-        NID_X9_62_characteristic_two_field, 20, 52, 2
-    },
-    {
-        /* seed */
-        0x40, 0x99, 0xB5, 0xA4, 0x57, 0xF9, 0xD6, 0x9F, 0x79, 0x21, 0x3D, 0x09,
-        0x4C, 0x4B, 0xCD, 0x4D, 0x42, 0x62, 0x21, 0x0B,
-        /* p */
-        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x01,
-        /* a */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x01,
-        /* b */
-        0x00, 0x21, 0xA5, 0xC2, 0xC8, 0xEE, 0x9F, 0xEB, 0x5C, 0x4B, 0x9A, 0x75,
-        0x3B, 0x7B, 0x47, 0x6B, 0x7F, 0xD6, 0x42, 0x2E, 0xF1, 0xF3, 0xDD, 0x67,
-        0x47, 0x61, 0xFA, 0x99, 0xD6, 0xAC, 0x27, 0xC8, 0xA9, 0xA1, 0x97, 0xB2,
-        0x72, 0x82, 0x2F, 0x6C, 0xD5, 0x7A, 0x55, 0xAA, 0x4F, 0x50, 0xAE, 0x31,
-        0x7B, 0x13, 0x54, 0x5F,
-        /* x */
-        0x01, 0x5D, 0x48, 0x60, 0xD0, 0x88, 0xDD, 0xB3, 0x49, 0x6B, 0x0C, 0x60,
-        0x64, 0x75, 0x62, 0x60, 0x44, 0x1C, 0xDE, 0x4A, 0xF1, 0x77, 0x1D, 0x4D,
-        0xB0, 0x1F, 0xFE, 0x5B, 0x34, 0xE5, 0x97, 0x03, 0xDC, 0x25, 0x5A, 0x86,
-        0x8A, 0x11, 0x80, 0x51, 0x56, 0x03, 0xAE, 0xAB, 0x60, 0x79, 0x4E, 0x54,
-        0xBB, 0x79, 0x96, 0xA7,
-        /* y */
-        0x00, 0x61, 0xB1, 0xCF, 0xAB, 0x6B, 0xE5, 0xF3, 0x2B, 0xBF, 0xA7, 0x83,
-        0x24, 0xED, 0x10, 0x6A, 0x76, 0x36, 0xB9, 0xC5, 0xA7, 0xBD, 0x19, 0x8D,
-        0x01, 0x58, 0xAA, 0x4F, 0x54, 0x88, 0xD0, 0x8F, 0x38, 0x51, 0x4F, 0x1F,
-        0xDF, 0x4B, 0x4F, 0x40, 0xD2, 0x18, 0x1B, 0x36, 0x81, 0xC3, 0x64, 0xBA,
-        0x02, 0x73, 0xC7, 0x06,
-        /* order */
-        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x01, 0xE2, 0xAA, 0xD6, 0xA6, 0x12, 0xF3, 0x33, 0x07, 0xBE,
-        0x5F, 0xA4, 0x7C, 0x3C, 0x9E, 0x05, 0x2F, 0x83, 0x81, 0x64, 0xCD, 0x37,
-        0xD9, 0xA2, 0x11, 0x73
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 72 * 6];
-} _EC_NIST_CHAR2_571K = {
-    {
-        NID_X9_62_characteristic_two_field, 0, 72, 4
-    },
-    {
-        /* no seed */
-        /* p */
-        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x25,
-        /* a */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        /* b */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-        /* x */
-        0x02, 0x6E, 0xB7, 0xA8, 0x59, 0x92, 0x3F, 0xBC, 0x82, 0x18, 0x96, 0x31,
-        0xF8, 0x10, 0x3F, 0xE4, 0xAC, 0x9C, 0xA2, 0x97, 0x00, 0x12, 0xD5, 0xD4,
-        0x60, 0x24, 0x80, 0x48, 0x01, 0x84, 0x1C, 0xA4, 0x43, 0x70, 0x95, 0x84,
-        0x93, 0xB2, 0x05, 0xE6, 0x47, 0xDA, 0x30, 0x4D, 0xB4, 0xCE, 0xB0, 0x8C,
-        0xBB, 0xD1, 0xBA, 0x39, 0x49, 0x47, 0x76, 0xFB, 0x98, 0x8B, 0x47, 0x17,
-        0x4D, 0xCA, 0x88, 0xC7, 0xE2, 0x94, 0x52, 0x83, 0xA0, 0x1C, 0x89, 0x72,
-        /* y */
-        0x03, 0x49, 0xDC, 0x80, 0x7F, 0x4F, 0xBF, 0x37, 0x4F, 0x4A, 0xEA, 0xDE,
-        0x3B, 0xCA, 0x95, 0x31, 0x4D, 0xD5, 0x8C, 0xEC, 0x9F, 0x30, 0x7A, 0x54,
-        0xFF, 0xC6, 0x1E, 0xFC, 0x00, 0x6D, 0x8A, 0x2C, 0x9D, 0x49, 0x79, 0xC0,
-        0xAC, 0x44, 0xAE, 0xA7, 0x4F, 0xBE, 0xBB, 0xB9, 0xF7, 0x72, 0xAE, 0xDC,
-        0xB6, 0x20, 0xB0, 0x1A, 0x7B, 0xA7, 0xAF, 0x1B, 0x32, 0x04, 0x30, 0xC8,
-        0x59, 0x19, 0x84, 0xF6, 0x01, 0xCD, 0x4C, 0x14, 0x3E, 0xF1, 0xC7, 0xA3,
-        /* order */
-        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x13, 0x18, 0x50, 0xE1, 0xF1, 0x9A, 0x63, 0xE4, 0xB3, 0x91, 0xA8, 0xDB,
-        0x91, 0x7F, 0x41, 0x38, 0xB6, 0x30, 0xD8, 0x4B, 0xE5, 0xD6, 0x39, 0x38,
-        0x1E, 0x91, 0xDE, 0xB4, 0x5C, 0xFE, 0x77, 0x8F, 0x63, 0x7C, 0x10, 0x01
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 72 * 6];
-} _EC_NIST_CHAR2_571B = {
-    {
-        NID_X9_62_characteristic_two_field, 20, 72, 2
-    },
-    {
-        /* seed */
-        0x2A, 0xA0, 0x58, 0xF7, 0x3A, 0x0E, 0x33, 0xAB, 0x48, 0x6B, 0x0F, 0x61,
-        0x04, 0x10, 0xC5, 0x3A, 0x7F, 0x13, 0x23, 0x10,
-        /* p */
-        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x25,
-        /* a */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-        /* b */
-        0x02, 0xF4, 0x0E, 0x7E, 0x22, 0x21, 0xF2, 0x95, 0xDE, 0x29, 0x71, 0x17,
-        0xB7, 0xF3, 0xD6, 0x2F, 0x5C, 0x6A, 0x97, 0xFF, 0xCB, 0x8C, 0xEF, 0xF1,
-        0xCD, 0x6B, 0xA8, 0xCE, 0x4A, 0x9A, 0x18, 0xAD, 0x84, 0xFF, 0xAB, 0xBD,
-        0x8E, 0xFA, 0x59, 0x33, 0x2B, 0xE7, 0xAD, 0x67, 0x56, 0xA6, 0x6E, 0x29,
-        0x4A, 0xFD, 0x18, 0x5A, 0x78, 0xFF, 0x12, 0xAA, 0x52, 0x0E, 0x4D, 0xE7,
-        0x39, 0xBA, 0xCA, 0x0C, 0x7F, 0xFE, 0xFF, 0x7F, 0x29, 0x55, 0x72, 0x7A,
-        /* x */
-        0x03, 0x03, 0x00, 0x1D, 0x34, 0xB8, 0x56, 0x29, 0x6C, 0x16, 0xC0, 0xD4,
-        0x0D, 0x3C, 0xD7, 0x75, 0x0A, 0x93, 0xD1, 0xD2, 0x95, 0x5F, 0xA8, 0x0A,
-        0xA5, 0xF4, 0x0F, 0xC8, 0xDB, 0x7B, 0x2A, 0xBD, 0xBD, 0xE5, 0x39, 0x50,
-        0xF4, 0xC0, 0xD2, 0x93, 0xCD, 0xD7, 0x11, 0xA3, 0x5B, 0x67, 0xFB, 0x14,
-        0x99, 0xAE, 0x60, 0x03, 0x86, 0x14, 0xF1, 0x39, 0x4A, 0xBF, 0xA3, 0xB4,
-        0xC8, 0x50, 0xD9, 0x27, 0xE1, 0xE7, 0x76, 0x9C, 0x8E, 0xEC, 0x2D, 0x19,
-        /* y */
-        0x03, 0x7B, 0xF2, 0x73, 0x42, 0xDA, 0x63, 0x9B, 0x6D, 0xCC, 0xFF, 0xFE,
-        0xB7, 0x3D, 0x69, 0xD7, 0x8C, 0x6C, 0x27, 0xA6, 0x00, 0x9C, 0xBB, 0xCA,
-        0x19, 0x80, 0xF8, 0x53, 0x39, 0x21, 0xE8, 0xA6, 0x84, 0x42, 0x3E, 0x43,
-        0xBA, 0xB0, 0x8A, 0x57, 0x62, 0x91, 0xAF, 0x8F, 0x46, 0x1B, 0xB2, 0xA8,
-        0xB3, 0x53, 0x1D, 0x2F, 0x04, 0x85, 0xC1, 0x9B, 0x16, 0xE2, 0xF1, 0x51,
-        0x6E, 0x23, 0xDD, 0x3C, 0x1A, 0x48, 0x27, 0xAF, 0x1B, 0x8A, 0xC1, 0x5B,
-        /* order */
-        0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xE6, 0x61, 0xCE, 0x18, 0xFF, 0x55, 0x98, 0x73, 0x08, 0x05, 0x9B, 0x18,
-        0x68, 0x23, 0x85, 0x1E, 0xC7, 0xDD, 0x9C, 0xA1, 0x16, 0x1D, 0xE9, 0x3D,
-        0x51, 0x74, 0xD6, 0x6E, 0x83, 0x82, 0xE9, 0xBB, 0x2F, 0xE8, 0x4E, 0x47
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 21 * 6];
-} _EC_X9_62_CHAR2_163V1 = {
-    {
-        NID_X9_62_characteristic_two_field, 20, 21, 2
-    },
-    {
-        /* seed */
-        0xD2, 0xC0, 0xFB, 0x15, 0x76, 0x08, 0x60, 0xDE, 0xF1, 0xEE, 0xF4, 0xD6,
-        0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x54,
-        /* p */
-        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x07,
-        /* a */
-        0x07, 0x25, 0x46, 0xB5, 0x43, 0x52, 0x34, 0xA4, 0x22, 0xE0, 0x78, 0x96,
-        0x75, 0xF4, 0x32, 0xC8, 0x94, 0x35, 0xDE, 0x52, 0x42,
-        /* b */
-        0x00, 0xC9, 0x51, 0x7D, 0x06, 0xD5, 0x24, 0x0D, 0x3C, 0xFF, 0x38, 0xC7,
-        0x4B, 0x20, 0xB6, 0xCD, 0x4D, 0x6F, 0x9D, 0xD4, 0xD9,
-        /* x */
-        0x07, 0xAF, 0x69, 0x98, 0x95, 0x46, 0x10, 0x3D, 0x79, 0x32, 0x9F, 0xCC,
-        0x3D, 0x74, 0x88, 0x0F, 0x33, 0xBB, 0xE8, 0x03, 0xCB,
-        /* y */
-        0x01, 0xEC, 0x23, 0x21, 0x1B, 0x59, 0x66, 0xAD, 0xEA, 0x1D, 0x3F, 0x87,
-        0xF7, 0xEA, 0x58, 0x48, 0xAE, 0xF0, 0xB7, 0xCA, 0x9F,
-        /* order */
-        0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xE6,
-        0x0F, 0xC8, 0x82, 0x1C, 0xC7, 0x4D, 0xAE, 0xAF, 0xC1
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 21 * 6];
-} _EC_X9_62_CHAR2_163V2 = {
-    {
-        NID_X9_62_characteristic_two_field, 20, 21, 2
-    },
-    {
-        /* seed */
-        0x53, 0x81, 0x4C, 0x05, 0x0D, 0x44, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
-        0x15, 0x17, 0x58, 0x0C, 0xA4, 0xE2, 0x9F, 0xFD,
-        /* p */
-        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x07,
-        /* a */
-        0x01, 0x08, 0xB3, 0x9E, 0x77, 0xC4, 0xB1, 0x08, 0xBE, 0xD9, 0x81, 0xED,
-        0x0E, 0x89, 0x0E, 0x11, 0x7C, 0x51, 0x1C, 0xF0, 0x72,
-        /* b */
-        0x06, 0x67, 0xAC, 0xEB, 0x38, 0xAF, 0x4E, 0x48, 0x8C, 0x40, 0x74, 0x33,
-        0xFF, 0xAE, 0x4F, 0x1C, 0x81, 0x16, 0x38, 0xDF, 0x20,
-        /* x */
-        0x00, 0x24, 0x26, 0x6E, 0x4E, 0xB5, 0x10, 0x6D, 0x0A, 0x96, 0x4D, 0x92,
-        0xC4, 0x86, 0x0E, 0x26, 0x71, 0xDB, 0x9B, 0x6C, 0xC5,
-        /* y */
-        0x07, 0x9F, 0x68, 0x4D, 0xDF, 0x66, 0x84, 0xC5, 0xCD, 0x25, 0x8B, 0x38,
-        0x90, 0x02, 0x1B, 0x23, 0x86, 0xDF, 0xD1, 0x9F, 0xC5,
-        /* order */
-        0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFD, 0xF6,
-        0x4D, 0xE1, 0x15, 0x1A, 0xDB, 0xB7, 0x8F, 0x10, 0xA7
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 21 * 6];
-} _EC_X9_62_CHAR2_163V3 = {
-    {
-        NID_X9_62_characteristic_two_field, 20, 21, 2
-    },
-    {
-        /* seed */
-        0x50, 0xCB, 0xF1, 0xD9, 0x5C, 0xA9, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75,
-        0x61, 0x51, 0x75, 0xF1, 0x6A, 0x36, 0xA3, 0xB8,
-        /* p */
-        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x07,
-        /* a */
-        0x07, 0xA5, 0x26, 0xC6, 0x3D, 0x3E, 0x25, 0xA2, 0x56, 0xA0, 0x07, 0x69,
-        0x9F, 0x54, 0x47, 0xE3, 0x2A, 0xE4, 0x56, 0xB5, 0x0E,
-        /* b */
-        0x03, 0xF7, 0x06, 0x17, 0x98, 0xEB, 0x99, 0xE2, 0x38, 0xFD, 0x6F, 0x1B,
-        0xF9, 0x5B, 0x48, 0xFE, 0xEB, 0x48, 0x54, 0x25, 0x2B,
-        /* x */
-        0x02, 0xF9, 0xF8, 0x7B, 0x7C, 0x57, 0x4D, 0x0B, 0xDE, 0xCF, 0x8A, 0x22,
-        0xE6, 0x52, 0x47, 0x75, 0xF9, 0x8C, 0xDE, 0xBD, 0xCB,
-        /* y */
-        0x05, 0xB9, 0x35, 0x59, 0x0C, 0x15, 0x5E, 0x17, 0xEA, 0x48, 0xEB, 0x3F,
-        0xF3, 0x71, 0x8B, 0x89, 0x3D, 0xF5, 0x9A, 0x05, 0xD0,
-        /* order */
-        0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0x1A,
-        0xEE, 0x14, 0x0F, 0x11, 0x0A, 0xFF, 0x96, 0x13, 0x09
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 23 * 6];
-} _EC_X9_62_CHAR2_176V1 = {
-    {
-        NID_X9_62_characteristic_two_field, 0, 23, 0xFF6E
-    },
-    {
-        /* no seed */
-        /* p */
-        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x00, 0x07,
-        /* a */
-        0x00, 0xE4, 0xE6, 0xDB, 0x29, 0x95, 0x06, 0x5C, 0x40, 0x7D, 0x9D, 0x39,
-        0xB8, 0xD0, 0x96, 0x7B, 0x96, 0x70, 0x4B, 0xA8, 0xE9, 0xC9, 0x0B,
-        /* b */
-        0x00, 0x5D, 0xDA, 0x47, 0x0A, 0xBE, 0x64, 0x14, 0xDE, 0x8E, 0xC1, 0x33,
-        0xAE, 0x28, 0xE9, 0xBB, 0xD7, 0xFC, 0xEC, 0x0A, 0xE0, 0xFF, 0xF2,
-        /* x */
-        0x00, 0x8D, 0x16, 0xC2, 0x86, 0x67, 0x98, 0xB6, 0x00, 0xF9, 0xF0, 0x8B,
-        0xB4, 0xA8, 0xE8, 0x60, 0xF3, 0x29, 0x8C, 0xE0, 0x4A, 0x57, 0x98,
-        /* y */
-        0x00, 0x6F, 0xA4, 0x53, 0x9C, 0x2D, 0xAD, 0xDD, 0xD6, 0xBA, 0xB5, 0x16,
-        0x7D, 0x61, 0xB4, 0x36, 0xE1, 0xD9, 0x2B, 0xB1, 0x6A, 0x56, 0x2C,
-        /* order */
-        0x00, 0x00, 0x01, 0x00, 0x92, 0x53, 0x73, 0x97, 0xEC, 0xA4, 0xF6, 0x14,
-        0x57, 0x99, 0xD6, 0x2B, 0x0A, 0x19, 0xCE, 0x06, 0xFE, 0x26, 0xAD
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 24 * 6];
-} _EC_X9_62_CHAR2_191V1 = {
-    {
-        NID_X9_62_characteristic_two_field, 20, 24, 2
-    },
-    {
-        /* seed */
-        0x4E, 0x13, 0xCA, 0x54, 0x27, 0x44, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
-        0x15, 0x17, 0x55, 0x2F, 0x27, 0x9A, 0x8C, 0x84,
-        /* p */
-        0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x01,
-        /* a */
-        0x28, 0x66, 0x53, 0x7B, 0x67, 0x67, 0x52, 0x63, 0x6A, 0x68, 0xF5, 0x65,
-        0x54, 0xE1, 0x26, 0x40, 0x27, 0x6B, 0x64, 0x9E, 0xF7, 0x52, 0x62, 0x67,
-        /* b */
-        0x2E, 0x45, 0xEF, 0x57, 0x1F, 0x00, 0x78, 0x6F, 0x67, 0xB0, 0x08, 0x1B,
-        0x94, 0x95, 0xA3, 0xD9, 0x54, 0x62, 0xF5, 0xDE, 0x0A, 0xA1, 0x85, 0xEC,
-        /* x */
-        0x36, 0xB3, 0xDA, 0xF8, 0xA2, 0x32, 0x06, 0xF9, 0xC4, 0xF2, 0x99, 0xD7,
-        0xB2, 0x1A, 0x9C, 0x36, 0x91, 0x37, 0xF2, 0xC8, 0x4A, 0xE1, 0xAA, 0x0D,
-        /* y */
-        0x76, 0x5B, 0xE7, 0x34, 0x33, 0xB3, 0xF9, 0x5E, 0x33, 0x29, 0x32, 0xE7,
-        0x0E, 0xA2, 0x45, 0xCA, 0x24, 0x18, 0xEA, 0x0E, 0xF9, 0x80, 0x18, 0xFB,
-        /* order */
-        0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x04, 0xA2, 0x0E, 0x90, 0xC3, 0x90, 0x67, 0xC8, 0x93, 0xBB, 0xB9, 0xA5
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 24 * 6];
-} _EC_X9_62_CHAR2_191V2 = {
-    {
-        NID_X9_62_characteristic_two_field, 20, 24, 4
-    },
-    {
-        /* seed */
-        0x08, 0x71, 0xEF, 0x2F, 0xEF, 0x24, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
-        0x15, 0x17, 0x58, 0xBE, 0xE0, 0xD9, 0x5C, 0x15,
-        /* p */
-        0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x01,
-        /* a */
-        0x40, 0x10, 0x28, 0x77, 0x4D, 0x77, 0x77, 0xC7, 0xB7, 0x66, 0x6D, 0x13,
-        0x66, 0xEA, 0x43, 0x20, 0x71, 0x27, 0x4F, 0x89, 0xFF, 0x01, 0xE7, 0x18,
-        /* b */
-        0x06, 0x20, 0x04, 0x8D, 0x28, 0xBC, 0xBD, 0x03, 0xB6, 0x24, 0x9C, 0x99,
-        0x18, 0x2B, 0x7C, 0x8C, 0xD1, 0x97, 0x00, 0xC3, 0x62, 0xC4, 0x6A, 0x01,
-        /* x */
-        0x38, 0x09, 0xB2, 0xB7, 0xCC, 0x1B, 0x28, 0xCC, 0x5A, 0x87, 0x92, 0x6A,
-        0xAD, 0x83, 0xFD, 0x28, 0x78, 0x9E, 0x81, 0xE2, 0xC9, 0xE3, 0xBF, 0x10,
-        /* y */
-        0x17, 0x43, 0x43, 0x86, 0x62, 0x6D, 0x14, 0xF3, 0xDB, 0xF0, 0x17, 0x60,
-        0xD9, 0x21, 0x3A, 0x3E, 0x1C, 0xF3, 0x7A, 0xEC, 0x43, 0x7D, 0x66, 0x8A,
-        /* order */
-        0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x50, 0x50, 0x8C, 0xB8, 0x9F, 0x65, 0x28, 0x24, 0xE0, 0x6B, 0x81, 0x73
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 24 * 6];
-} _EC_X9_62_CHAR2_191V3 = {
-    {
-        NID_X9_62_characteristic_two_field, 20, 24, 6
-    },
-    {
-        /* seed */
-        0xE0, 0x53, 0x51, 0x2D, 0xC6, 0x84, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
-        0x15, 0x17, 0x50, 0x67, 0xAE, 0x78, 0x6D, 0x1F,
-        /* p */
-        0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x01,
-        /* a */
-        0x6C, 0x01, 0x07, 0x47, 0x56, 0x09, 0x91, 0x22, 0x22, 0x10, 0x56, 0x91,
-        0x1C, 0x77, 0xD7, 0x7E, 0x77, 0xA7, 0x77, 0xE7, 0xE7, 0xE7, 0x7F, 0xCB,
-        /* b */
-        0x71, 0xFE, 0x1A, 0xF9, 0x26, 0xCF, 0x84, 0x79, 0x89, 0xEF, 0xEF, 0x8D,
-        0xB4, 0x59, 0xF6, 0x63, 0x94, 0xD9, 0x0F, 0x32, 0xAD, 0x3F, 0x15, 0xE8,
-        /* x */
-        0x37, 0x5D, 0x4C, 0xE2, 0x4F, 0xDE, 0x43, 0x44, 0x89, 0xDE, 0x87, 0x46,
-        0xE7, 0x17, 0x86, 0x01, 0x50, 0x09, 0xE6, 0x6E, 0x38, 0xA9, 0x26, 0xDD,
-        /* y */
-        0x54, 0x5A, 0x39, 0x17, 0x61, 0x96, 0x57, 0x5D, 0x98, 0x59, 0x99, 0x36,
-        0x6E, 0x6A, 0xD3, 0x4C, 0xE0, 0xA7, 0x7C, 0xD7, 0x12, 0x7B, 0x06, 0xBE,
-        /* order */
-        0x15, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
-        0x61, 0x0C, 0x0B, 0x19, 0x68, 0x12, 0xBF, 0xB6, 0x28, 0x8A, 0x3E, 0xA3
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 27 * 6];
-} _EC_X9_62_CHAR2_208W1 = {
-    {
-        NID_X9_62_characteristic_two_field, 0, 27, 0xFE48
-    },
-    {
-        /* no seed */
-        /* p */
-        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x07,
-        /* a */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00,
-        /* b */
-        0x00, 0xC8, 0x61, 0x9E, 0xD4, 0x5A, 0x62, 0xE6, 0x21, 0x2E, 0x11, 0x60,
-        0x34, 0x9E, 0x2B, 0xFA, 0x84, 0x44, 0x39, 0xFA, 0xFC, 0x2A, 0x3F, 0xD1,
-        0x63, 0x8F, 0x9E,
-        /* x */
-        0x00, 0x89, 0xFD, 0xFB, 0xE4, 0xAB, 0xE1, 0x93, 0xDF, 0x95, 0x59, 0xEC,
-        0xF0, 0x7A, 0xC0, 0xCE, 0x78, 0x55, 0x4E, 0x27, 0x84, 0xEB, 0x8C, 0x1E,
-        0xD1, 0xA5, 0x7A,
-        /* y */
-        0x00, 0x0F, 0x55, 0xB5, 0x1A, 0x06, 0xE7, 0x8E, 0x9A, 0xC3, 0x8A, 0x03,
-        0x5F, 0xF5, 0x20, 0xD8, 0xB0, 0x17, 0x81, 0xBE, 0xB1, 0xA6, 0xBB, 0x08,
-        0x61, 0x7D, 0xE3,
-        /* order */
-        0x00, 0x00, 0x01, 0x01, 0xBA, 0xF9, 0x5C, 0x97, 0x23, 0xC5, 0x7B, 0x6C,
-        0x21, 0xDA, 0x2E, 0xFF, 0x2D, 0x5E, 0xD5, 0x88, 0xBD, 0xD5, 0x71, 0x7E,
-        0x21, 0x2F, 0x9D
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 30 * 6];
-} _EC_X9_62_CHAR2_239V1 = {
-    {
-        NID_X9_62_characteristic_two_field, 20, 30, 4
-    },
-    {
-        /* seed */
-        0xD3, 0x4B, 0x9A, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75,
-        0xCA, 0x71, 0xB9, 0x20, 0xBF, 0xEF, 0xB0, 0x5D,
-        /* p */
-        0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x10, 0x00, 0x00, 0x00, 0x01,
-        /* a */
-        0x32, 0x01, 0x08, 0x57, 0x07, 0x7C, 0x54, 0x31, 0x12, 0x3A, 0x46, 0xB8,
-        0x08, 0x90, 0x67, 0x56, 0xF5, 0x43, 0x42, 0x3E, 0x8D, 0x27, 0x87, 0x75,
-        0x78, 0x12, 0x57, 0x78, 0xAC, 0x76,
-        /* b */
-        0x79, 0x04, 0x08, 0xF2, 0xEE, 0xDA, 0xF3, 0x92, 0xB0, 0x12, 0xED, 0xEF,
-        0xB3, 0x39, 0x2F, 0x30, 0xF4, 0x32, 0x7C, 0x0C, 0xA3, 0xF3, 0x1F, 0xC3,
-        0x83, 0xC4, 0x22, 0xAA, 0x8C, 0x16,
-        /* x */
-        0x57, 0x92, 0x70, 0x98, 0xFA, 0x93, 0x2E, 0x7C, 0x0A, 0x96, 0xD3, 0xFD,
-        0x5B, 0x70, 0x6E, 0xF7, 0xE5, 0xF5, 0xC1, 0x56, 0xE1, 0x6B, 0x7E, 0x7C,
-        0x86, 0x03, 0x85, 0x52, 0xE9, 0x1D,
-        /* y */
-        0x61, 0xD8, 0xEE, 0x50, 0x77, 0xC3, 0x3F, 0xEC, 0xF6, 0xF1, 0xA1, 0x6B,
-        0x26, 0x8D, 0xE4, 0x69, 0xC3, 0xC7, 0x74, 0x4E, 0xA9, 0xA9, 0x71, 0x64,
-        0x9F, 0xC7, 0xA9, 0x61, 0x63, 0x05,
-        /* order */
-        0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x0F, 0x4D, 0x42, 0xFF, 0xE1, 0x49, 0x2A, 0x49, 0x93,
-        0xF1, 0xCA, 0xD6, 0x66, 0xE4, 0x47
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 30 * 6];
-} _EC_X9_62_CHAR2_239V2 = {
-    {
-        NID_X9_62_characteristic_two_field, 20, 30, 6
-    },
-    {
-        /* seed */
-        0x2A, 0xA6, 0x98, 0x2F, 0xDF, 0xA4, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
-        0x15, 0x17, 0x5D, 0x26, 0x67, 0x27, 0x27, 0x7D,
-        /* p */
-        0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x10, 0x00, 0x00, 0x00, 0x01,
-        /* a */
-        0x42, 0x30, 0x01, 0x77, 0x57, 0xA7, 0x67, 0xFA, 0xE4, 0x23, 0x98, 0x56,
-        0x9B, 0x74, 0x63, 0x25, 0xD4, 0x53, 0x13, 0xAF, 0x07, 0x66, 0x26, 0x64,
-        0x79, 0xB7, 0x56, 0x54, 0xE6, 0x5F,
-        /* b */
-        0x50, 0x37, 0xEA, 0x65, 0x41, 0x96, 0xCF, 0xF0, 0xCD, 0x82, 0xB2, 0xC1,
-        0x4A, 0x2F, 0xCF, 0x2E, 0x3F, 0xF8, 0x77, 0x52, 0x85, 0xB5, 0x45, 0x72,
-        0x2F, 0x03, 0xEA, 0xCD, 0xB7, 0x4B,
-        /* x */
-        0x28, 0xF9, 0xD0, 0x4E, 0x90, 0x00, 0x69, 0xC8, 0xDC, 0x47, 0xA0, 0x85,
-        0x34, 0xFE, 0x76, 0xD2, 0xB9, 0x00, 0xB7, 0xD7, 0xEF, 0x31, 0xF5, 0x70,
-        0x9F, 0x20, 0x0C, 0x4C, 0xA2, 0x05,
-        /* y */
-        0x56, 0x67, 0x33, 0x4C, 0x45, 0xAF, 0xF3, 0xB5, 0xA0, 0x3B, 0xAD, 0x9D,
-        0xD7, 0x5E, 0x2C, 0x71, 0xA9, 0x93, 0x62, 0x56, 0x7D, 0x54, 0x53, 0xF7,
-        0xFA, 0x6E, 0x22, 0x7E, 0xC8, 0x33,
-        /* order */
-        0x15, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
-        0x55, 0x55, 0x55, 0x3C, 0x6F, 0x28, 0x85, 0x25, 0x9C, 0x31, 0xE3, 0xFC,
-        0xDF, 0x15, 0x46, 0x24, 0x52, 0x2D
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 30 * 6];
-} _EC_X9_62_CHAR2_239V3 = {
-    {
-        NID_X9_62_characteristic_two_field, 20, 30, 0xA
-    },
-    {
-        /* seed */
-        0x9E, 0x07, 0x6F, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75,
-        0xE1, 0x1E, 0x9F, 0xDD, 0x77, 0xF9, 0x20, 0x41,
-        /* p */
-        0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x10, 0x00, 0x00, 0x00, 0x01,
-        /* a */
-        0x01, 0x23, 0x87, 0x74, 0x66, 0x6A, 0x67, 0x76, 0x6D, 0x66, 0x76, 0xF7,
-        0x78, 0xE6, 0x76, 0xB6, 0x69, 0x99, 0x17, 0x66, 0x66, 0xE6, 0x87, 0x66,
-        0x6D, 0x87, 0x66, 0xC6, 0x6A, 0x9F,
-        /* b */
-        0x6A, 0x94, 0x19, 0x77, 0xBA, 0x9F, 0x6A, 0x43, 0x51, 0x99, 0xAC, 0xFC,
-        0x51, 0x06, 0x7E, 0xD5, 0x87, 0xF5, 0x19, 0xC5, 0xEC, 0xB5, 0x41, 0xB8,
-        0xE4, 0x41, 0x11, 0xDE, 0x1D, 0x40,
-        /* x */
-        0x70, 0xF6, 0xE9, 0xD0, 0x4D, 0x28, 0x9C, 0x4E, 0x89, 0x91, 0x3C, 0xE3,
-        0x53, 0x0B, 0xFD, 0xE9, 0x03, 0x97, 0x7D, 0x42, 0xB1, 0x46, 0xD5, 0x39,
-        0xBF, 0x1B, 0xDE, 0x4E, 0x9C, 0x92,
-        /* y */
-        0x2E, 0x5A, 0x0E, 0xAF, 0x6E, 0x5E, 0x13, 0x05, 0xB9, 0x00, 0x4D, 0xCE,
-        0x5C, 0x0E, 0xD7, 0xFE, 0x59, 0xA3, 0x56, 0x08, 0xF3, 0x38, 0x37, 0xC8,
-        0x16, 0xD8, 0x0B, 0x79, 0xF4, 0x61,
-        /* order */
-        0x0C, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
-        0xCC, 0xCC, 0xCC, 0xAC, 0x49, 0x12, 0xD2, 0xD9, 0xDF, 0x90, 0x3E, 0xF9,
-        0x88, 0x8B, 0x8A, 0x0E, 0x4C, 0xFF
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 35 * 6];
-} _EC_X9_62_CHAR2_272W1 = {
-    {
-        NID_X9_62_characteristic_two_field, 0, 35, 0xFF06
-    },
-    {
-        /* no seed */
-        /* p */
-        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0B,
-        /* a */
-        0x00, 0x91, 0xA0, 0x91, 0xF0, 0x3B, 0x5F, 0xBA, 0x4A, 0xB2, 0xCC, 0xF4,
-        0x9C, 0x4E, 0xDD, 0x22, 0x0F, 0xB0, 0x28, 0x71, 0x2D, 0x42, 0xBE, 0x75,
-        0x2B, 0x2C, 0x40, 0x09, 0x4D, 0xBA, 0xCD, 0xB5, 0x86, 0xFB, 0x20,
-        /* b */
-        0x00, 0x71, 0x67, 0xEF, 0xC9, 0x2B, 0xB2, 0xE3, 0xCE, 0x7C, 0x8A, 0xAA,
-        0xFF, 0x34, 0xE1, 0x2A, 0x9C, 0x55, 0x70, 0x03, 0xD7, 0xC7, 0x3A, 0x6F,
-        0xAF, 0x00, 0x3F, 0x99, 0xF6, 0xCC, 0x84, 0x82, 0xE5, 0x40, 0xF7,
-        /* x */
-        0x00, 0x61, 0x08, 0xBA, 0xBB, 0x2C, 0xEE, 0xBC, 0xF7, 0x87, 0x05, 0x8A,
-        0x05, 0x6C, 0xBE, 0x0C, 0xFE, 0x62, 0x2D, 0x77, 0x23, 0xA2, 0x89, 0xE0,
-        0x8A, 0x07, 0xAE, 0x13, 0xEF, 0x0D, 0x10, 0xD1, 0x71, 0xDD, 0x8D,
-        /* y */
-        0x00, 0x10, 0xC7, 0x69, 0x57, 0x16, 0x85, 0x1E, 0xEF, 0x6B, 0xA7, 0xF6,
-        0x87, 0x2E, 0x61, 0x42, 0xFB, 0xD2, 0x41, 0xB8, 0x30, 0xFF, 0x5E, 0xFC,
-        0xAC, 0xEC, 0xCA, 0xB0, 0x5E, 0x02, 0x00, 0x5D, 0xDE, 0x9D, 0x23,
-        /* order */
-        0x00, 0x00, 0x01, 0x00, 0xFA, 0xF5, 0x13, 0x54, 0xE0, 0xE3, 0x9E, 0x48,
-        0x92, 0xDF, 0x6E, 0x31, 0x9C, 0x72, 0xC8, 0x16, 0x16, 0x03, 0xFA, 0x45,
-        0xAA, 0x7B, 0x99, 0x8A, 0x16, 0x7B, 0x8F, 0x1E, 0x62, 0x95, 0x21
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 39 * 6];
-} _EC_X9_62_CHAR2_304W1 = {
-    {
-        NID_X9_62_characteristic_two_field, 0, 39, 0xFE2E
-    },
-    {
-        /* no seed */
-        /* p */
-        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x08, 0x07,
-        /* a */
-        0x00, 0xFD, 0x0D, 0x69, 0x31, 0x49, 0xA1, 0x18, 0xF6, 0x51, 0xE6, 0xDC,
-        0xE6, 0x80, 0x20, 0x85, 0x37, 0x7E, 0x5F, 0x88, 0x2D, 0x1B, 0x51, 0x0B,
-        0x44, 0x16, 0x00, 0x74, 0xC1, 0x28, 0x80, 0x78, 0x36, 0x5A, 0x03, 0x96,
-        0xC8, 0xE6, 0x81,
-        /* b */
-        0x00, 0xBD, 0xDB, 0x97, 0xE5, 0x55, 0xA5, 0x0A, 0x90, 0x8E, 0x43, 0xB0,
-        0x1C, 0x79, 0x8E, 0xA5, 0xDA, 0xA6, 0x78, 0x8F, 0x1E, 0xA2, 0x79, 0x4E,
-        0xFC, 0xF5, 0x71, 0x66, 0xB8, 0xC1, 0x40, 0x39, 0x60, 0x1E, 0x55, 0x82,
-        0x73, 0x40, 0xBE,
-        /* x */
-        0x00, 0x19, 0x7B, 0x07, 0x84, 0x5E, 0x9B, 0xE2, 0xD9, 0x6A, 0xDB, 0x0F,
-        0x5F, 0x3C, 0x7F, 0x2C, 0xFF, 0xBD, 0x7A, 0x3E, 0xB8, 0xB6, 0xFE, 0xC3,
-        0x5C, 0x7F, 0xD6, 0x7F, 0x26, 0xDD, 0xF6, 0x28, 0x5A, 0x64, 0x4F, 0x74,
-        0x0A, 0x26, 0x14,
-        /* y */
-        0x00, 0xE1, 0x9F, 0xBE, 0xB7, 0x6E, 0x0D, 0xA1, 0x71, 0x51, 0x7E, 0xCF,
-        0x40, 0x1B, 0x50, 0x28, 0x9B, 0xF0, 0x14, 0x10, 0x32, 0x88, 0x52, 0x7A,
-        0x9B, 0x41, 0x6A, 0x10, 0x5E, 0x80, 0x26, 0x0B, 0x54, 0x9F, 0xDC, 0x1B,
-        0x92, 0xC0, 0x3B,
-        /* order */
-        0x00, 0x00, 0x01, 0x01, 0xD5, 0x56, 0x57, 0x2A, 0xAB, 0xAC, 0x80, 0x01,
-        0x01, 0xD5, 0x56, 0x57, 0x2A, 0xAB, 0xAC, 0x80, 0x01, 0x02, 0x2D, 0x5C,
-        0x91, 0xDD, 0x17, 0x3F, 0x8F, 0xB5, 0x61, 0xDA, 0x68, 0x99, 0x16, 0x44,
-        0x43, 0x05, 0x1D
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[20 + 45 * 6];
-} _EC_X9_62_CHAR2_359V1 = {
-    {
-        NID_X9_62_characteristic_two_field, 20, 45, 0x4C
-    },
-    {
-        /* seed */
-        0x2B, 0x35, 0x49, 0x20, 0xB7, 0x24, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
-        0x15, 0x17, 0x58, 0x5B, 0xA1, 0x33, 0x2D, 0xC6,
-        /* p */
-        0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-        /* a */
-        0x56, 0x67, 0x67, 0x6A, 0x65, 0x4B, 0x20, 0x75, 0x4F, 0x35, 0x6E, 0xA9,
-        0x20, 0x17, 0xD9, 0x46, 0x56, 0x7C, 0x46, 0x67, 0x55, 0x56, 0xF1, 0x95,
-        0x56, 0xA0, 0x46, 0x16, 0xB5, 0x67, 0xD2, 0x23, 0xA5, 0xE0, 0x56, 0x56,
-        0xFB, 0x54, 0x90, 0x16, 0xA9, 0x66, 0x56, 0xA5, 0x57,
-        /* b */
-        0x24, 0x72, 0xE2, 0xD0, 0x19, 0x7C, 0x49, 0x36, 0x3F, 0x1F, 0xE7, 0xF5,
-        0xB6, 0xDB, 0x07, 0x5D, 0x52, 0xB6, 0x94, 0x7D, 0x13, 0x5D, 0x8C, 0xA4,
-        0x45, 0x80, 0x5D, 0x39, 0xBC, 0x34, 0x56, 0x26, 0x08, 0x96, 0x87, 0x74,
-        0x2B, 0x63, 0x29, 0xE7, 0x06, 0x80, 0x23, 0x19, 0x88,
-        /* x */
-        0x3C, 0x25, 0x8E, 0xF3, 0x04, 0x77, 0x67, 0xE7, 0xED, 0xE0, 0xF1, 0xFD,
-        0xAA, 0x79, 0xDA, 0xEE, 0x38, 0x41, 0x36, 0x6A, 0x13, 0x2E, 0x16, 0x3A,
-        0xCE, 0xD4, 0xED, 0x24, 0x01, 0xDF, 0x9C, 0x6B, 0xDC, 0xDE, 0x98, 0xE8,
-        0xE7, 0x07, 0xC0, 0x7A, 0x22, 0x39, 0xB1, 0xB0, 0x97,
-        /* y */
-        0x53, 0xD7, 0xE0, 0x85, 0x29, 0x54, 0x70, 0x48, 0x12, 0x1E, 0x9C, 0x95,
-        0xF3, 0x79, 0x1D, 0xD8, 0x04, 0x96, 0x39, 0x48, 0xF3, 0x4F, 0xAE, 0x7B,
-        0xF4, 0x4E, 0xA8, 0x23, 0x65, 0xDC, 0x78, 0x68, 0xFE, 0x57, 0xE4, 0xAE,
-        0x2D, 0xE2, 0x11, 0x30, 0x5A, 0x40, 0x71, 0x04, 0xBD,
-        /* order */
-        0x01, 0xAF, 0x28, 0x6B, 0xCA, 0x1A, 0xF2, 0x86, 0xBC, 0xA1, 0xAF, 0x28,
-        0x6B, 0xCA, 0x1A, 0xF2, 0x86, 0xBC, 0xA1, 0xAF, 0x28, 0x6B, 0xC9, 0xFB,
-        0x8F, 0x6B, 0x85, 0xC5, 0x56, 0x89, 0x2C, 0x20, 0xA7, 0xEB, 0x96, 0x4F,
-        0xE7, 0x71, 0x9E, 0x74, 0xF4, 0x90, 0x75, 0x8D, 0x3B
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 47 * 6];
-} _EC_X9_62_CHAR2_368W1 = {
-    {
-        NID_X9_62_characteristic_two_field, 0, 47, 0xFF70
-    },
-    {
-        /* no seed */
-        /* p */
-        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07,
-        /* a */
-        0x00, 0xE0, 0xD2, 0xEE, 0x25, 0x09, 0x52, 0x06, 0xF5, 0xE2, 0xA4, 0xF9,
-        0xED, 0x22, 0x9F, 0x1F, 0x25, 0x6E, 0x79, 0xA0, 0xE2, 0xB4, 0x55, 0x97,
-        0x0D, 0x8D, 0x0D, 0x86, 0x5B, 0xD9, 0x47, 0x78, 0xC5, 0x76, 0xD6, 0x2F,
-        0x0A, 0xB7, 0x51, 0x9C, 0xCD, 0x2A, 0x1A, 0x90, 0x6A, 0xE3, 0x0D,
-        /* b */
-        0x00, 0xFC, 0x12, 0x17, 0xD4, 0x32, 0x0A, 0x90, 0x45, 0x2C, 0x76, 0x0A,
-        0x58, 0xED, 0xCD, 0x30, 0xC8, 0xDD, 0x06, 0x9B, 0x3C, 0x34, 0x45, 0x38,
-        0x37, 0xA3, 0x4E, 0xD5, 0x0C, 0xB5, 0x49, 0x17, 0xE1, 0xC2, 0x11, 0x2D,
-        0x84, 0xD1, 0x64, 0xF4, 0x44, 0xF8, 0xF7, 0x47, 0x86, 0x04, 0x6A,
-        /* x */
-        0x00, 0x10, 0x85, 0xE2, 0x75, 0x53, 0x81, 0xDC, 0xCC, 0xE3, 0xC1, 0x55,
-        0x7A, 0xFA, 0x10, 0xC2, 0xF0, 0xC0, 0xC2, 0x82, 0x56, 0x46, 0xC5, 0xB3,
-        0x4A, 0x39, 0x4C, 0xBC, 0xFA, 0x8B, 0xC1, 0x6B, 0x22, 0xE7, 0xE7, 0x89,
-        0xE9, 0x27, 0xBE, 0x21, 0x6F, 0x02, 0xE1, 0xFB, 0x13, 0x6A, 0x5F,
-        /* y */
-        0x00, 0x7B, 0x3E, 0xB1, 0xBD, 0xDC, 0xBA, 0x62, 0xD5, 0xD8, 0xB2, 0x05,
-        0x9B, 0x52, 0x57, 0x97, 0xFC, 0x73, 0x82, 0x2C, 0x59, 0x05, 0x9C, 0x62,
-        0x3A, 0x45, 0xFF, 0x38, 0x43, 0xCE, 0xE8, 0xF8, 0x7C, 0xD1, 0x85, 0x5A,
-        0xDA, 0xA8, 0x1E, 0x2A, 0x07, 0x50, 0xB8, 0x0F, 0xDA, 0x23, 0x10,
-        /* order */
-        0x00, 0x00, 0x01, 0x00, 0x90, 0x51, 0x2D, 0xA9, 0xAF, 0x72, 0xB0, 0x83,
-        0x49, 0xD9, 0x8A, 0x5D, 0xD4, 0xC7, 0xB0, 0x53, 0x2E, 0xCA, 0x51, 0xCE,
-        0x03, 0xE2, 0xD1, 0x0F, 0x3B, 0x7A, 0xC5, 0x79, 0xBD, 0x87, 0xE9, 0x09,
-        0xAE, 0x40, 0xA6, 0xF1, 0x31, 0xE9, 0xCF, 0xCE, 0x5B, 0xD9, 0x67
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 54 * 6];
-} _EC_X9_62_CHAR2_431R1 = {
-    {
-        NID_X9_62_characteristic_two_field, 0, 54, 0x2760
-    },
-    {
-        /* no seed */
-        /* p */
-        0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-        /* a */
-        0x1A, 0x82, 0x7E, 0xF0, 0x0D, 0xD6, 0xFC, 0x0E, 0x23, 0x4C, 0xAF, 0x04,
-        0x6C, 0x6A, 0x5D, 0x8A, 0x85, 0x39, 0x5B, 0x23, 0x6C, 0xC4, 0xAD, 0x2C,
-        0xF3, 0x2A, 0x0C, 0xAD, 0xBD, 0xC9, 0xDD, 0xF6, 0x20, 0xB0, 0xEB, 0x99,
-        0x06, 0xD0, 0x95, 0x7F, 0x6C, 0x6F, 0xEA, 0xCD, 0x61, 0x54, 0x68, 0xDF,
-        0x10, 0x4D, 0xE2, 0x96, 0xCD, 0x8F,
-        /* b */
-        0x10, 0xD9, 0xB4, 0xA3, 0xD9, 0x04, 0x7D, 0x8B, 0x15, 0x43, 0x59, 0xAB,
-        0xFB, 0x1B, 0x7F, 0x54, 0x85, 0xB0, 0x4C, 0xEB, 0x86, 0x82, 0x37, 0xDD,
-        0xC9, 0xDE, 0xDA, 0x98, 0x2A, 0x67, 0x9A, 0x5A, 0x91, 0x9B, 0x62, 0x6D,
-        0x4E, 0x50, 0xA8, 0xDD, 0x73, 0x1B, 0x10, 0x7A, 0x99, 0x62, 0x38, 0x1F,
-        0xB5, 0xD8, 0x07, 0xBF, 0x26, 0x18,
-        /* x */
-        0x12, 0x0F, 0xC0, 0x5D, 0x3C, 0x67, 0xA9, 0x9D, 0xE1, 0x61, 0xD2, 0xF4,
-        0x09, 0x26, 0x22, 0xFE, 0xCA, 0x70, 0x1B, 0xE4, 0xF5, 0x0F, 0x47, 0x58,
-        0x71, 0x4E, 0x8A, 0x87, 0xBB, 0xF2, 0xA6, 0x58, 0xEF, 0x8C, 0x21, 0xE7,
-        0xC5, 0xEF, 0xE9, 0x65, 0x36, 0x1F, 0x6C, 0x29, 0x99, 0xC0, 0xC2, 0x47,
-        0xB0, 0xDB, 0xD7, 0x0C, 0xE6, 0xB7,
-        /* y */
-        0x20, 0xD0, 0xAF, 0x89, 0x03, 0xA9, 0x6F, 0x8D, 0x5F, 0xA2, 0xC2, 0x55,
-        0x74, 0x5D, 0x3C, 0x45, 0x1B, 0x30, 0x2C, 0x93, 0x46, 0xD9, 0xB7, 0xE4,
-        0x85, 0xE7, 0xBC, 0xE4, 0x1F, 0x6B, 0x59, 0x1F, 0x3E, 0x8F, 0x6A, 0xDD,
-        0xCB, 0xB0, 0xBC, 0x4C, 0x2F, 0x94, 0x7A, 0x7D, 0xE1, 0xA8, 0x9B, 0x62,
-        0x5D, 0x6A, 0x59, 0x8B, 0x37, 0x60,
-        /* order */
-        0x00, 0x03, 0x40, 0x34, 0x03, 0x40, 0x34, 0x03, 0x40, 0x34, 0x03, 0x40,
-        0x34, 0x03, 0x40, 0x34, 0x03, 0x40, 0x34, 0x03, 0x40, 0x34, 0x03, 0x40,
-        0x34, 0x03, 0x40, 0x34, 0x03, 0x23, 0xC3, 0x13, 0xFA, 0xB5, 0x05, 0x89,
-        0x70, 0x3B, 0x5E, 0xC6, 0x8D, 0x35, 0x87, 0xFE, 0xC6, 0x0D, 0x16, 0x1C,
-        0xC1, 0x49, 0xC1, 0xAD, 0x4A, 0x91
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 15 * 6];
-} _EC_WTLS_1 = {
-    {
-        NID_X9_62_characteristic_two_field, 0, 15, 2
-    },
-    {
-        /* no seed */
-        /* p */
-        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x02, 0x01,
-        /* a */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x01,
-        /* b */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x01,
-        /* x */
-        0x01, 0x66, 0x79, 0x79, 0xA4, 0x0B, 0xA4, 0x97, 0xE5, 0xD5, 0xC2, 0x70,
-        0x78, 0x06, 0x17,
-        /* y */
-        0x00, 0xF4, 0x4B, 0x4A, 0xF1, 0xEC, 0xC2, 0x63, 0x0E, 0x08, 0x78, 0x5C,
-        0xEB, 0xCC, 0x15,
-        /* order */
-        0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFD, 0xBF, 0x91, 0xAF,
-        0x6D, 0xEA, 0x73
-    }
-};
-
-/* IPSec curves */
-/*
- * NOTE: The of curves over a extension field of non prime degree is not
- * recommended (Weil-descent). As the group order is not a prime this curve
- * is not suitable for ECDSA.
- */
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 20 * 6];
-} _EC_IPSEC_155_ID3 = {
-    {
-        NID_X9_62_characteristic_two_field, 0, 20, 3
-    },
-    {
-        /* no seed */
-        /* p */
-        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-        /* a */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        /* b */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x07, 0x33, 0x8f,
-        /* x */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x7b,
-        /* y */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xc8,
-        /* order */
-        0x02, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xC7, 0xF3,
-        0xC7, 0x88, 0x1B, 0xD0, 0x86, 0x8F, 0xA8, 0x6C
-    }
-};
-
-/*
- * NOTE: The of curves over a extension field of non prime degree is not
- * recommended (Weil-descent). As the group order is not a prime this curve
- * is not suitable for ECDSA.
- */
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 24 * 6];
-} _EC_IPSEC_185_ID4 = {
-    {
-        NID_X9_62_characteristic_two_field, 0, 24, 2
-    },
-    {
-        /* no seed */
-        /* p */
-        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-        /* a */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        /* b */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1e, 0xe9,
-        /* x */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18,
-        /* y */
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0d,
-        /* order */
-        0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-        0xED, 0xF9, 0x7C, 0x44, 0xDB, 0x9F, 0x24, 0x20, 0xBA, 0xFC, 0xA7, 0x5E
-    }
-};
-
-#endif
-
-/*
- * These curves were added by Annie Yousar <a.yousar@informatik.hu-berlin.de>
- * For the definition of RFC 5639 curves see
- * http://www.ietf.org/rfc/rfc5639.txt These curves are generated verifiable
- * at random, nevertheless the seed is omitted as parameter because the
- * generation mechanism is different from those defined in ANSI X9.62.
- */
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 20 * 6];
-} _EC_brainpoolP160r1 = {
-    {
-        NID_X9_62_prime_field, 0, 20, 1
-    },
-    {
-        /* no seed */
-        /* p */
-        0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF, 0xC7, 0xAD,
-        0x95, 0xB3, 0xD8, 0x13, 0x95, 0x15, 0x62, 0x0F,
-        /* a */
-        0x34, 0x0E, 0x7B, 0xE2, 0xA2, 0x80, 0xEB, 0x74, 0xE2, 0xBE, 0x61, 0xBA,
-        0xDA, 0x74, 0x5D, 0x97, 0xE8, 0xF7, 0xC3, 0x00,
-        /* b */
-        0x1E, 0x58, 0x9A, 0x85, 0x95, 0x42, 0x34, 0x12, 0x13, 0x4F, 0xAA, 0x2D,
-        0xBD, 0xEC, 0x95, 0xC8, 0xD8, 0x67, 0x5E, 0x58,
-        /* x */
-        0xBE, 0xD5, 0xAF, 0x16, 0xEA, 0x3F, 0x6A, 0x4F, 0x62, 0x93, 0x8C, 0x46,
-        0x31, 0xEB, 0x5A, 0xF7, 0xBD, 0xBC, 0xDB, 0xC3,
-        /* y */
-        0x16, 0x67, 0xCB, 0x47, 0x7A, 0x1A, 0x8E, 0xC3, 0x38, 0xF9, 0x47, 0x41,
-        0x66, 0x9C, 0x97, 0x63, 0x16, 0xDA, 0x63, 0x21,
-        /* order */
-        0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF, 0x59, 0x91,
-        0xD4, 0x50, 0x29, 0x40, 0x9E, 0x60, 0xFC, 0x09
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 20 * 6];
-} _EC_brainpoolP160t1 = {
-    {
-        NID_X9_62_prime_field, 0, 20, 1
-    },
-    {
-        /* no seed */
-        /* p */
-        0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF, 0xC7, 0xAD,
-        0x95, 0xB3, 0xD8, 0x13, 0x95, 0x15, 0x62, 0x0F,
-        /* a */
-        0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF, 0xC7, 0xAD,
-        0x95, 0xB3, 0xD8, 0x13, 0x95, 0x15, 0x62, 0x0C,
-        /* b */
-        0x7A, 0x55, 0x6B, 0x6D, 0xAE, 0x53, 0x5B, 0x7B, 0x51, 0xED, 0x2C, 0x4D,
-        0x7D, 0xAA, 0x7A, 0x0B, 0x5C, 0x55, 0xF3, 0x80,
-        /* x */
-        0xB1, 0x99, 0xB1, 0x3B, 0x9B, 0x34, 0xEF, 0xC1, 0x39, 0x7E, 0x64, 0xBA,
-        0xEB, 0x05, 0xAC, 0xC2, 0x65, 0xFF, 0x23, 0x78,
-        /* y */
-        0xAD, 0xD6, 0x71, 0x8B, 0x7C, 0x7C, 0x19, 0x61, 0xF0, 0x99, 0x1B, 0x84,
-        0x24, 0x43, 0x77, 0x21, 0x52, 0xC9, 0xE0, 0xAD,
-        /* order */
-        0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF, 0x59, 0x91,
-        0xD4, 0x50, 0x29, 0x40, 0x9E, 0x60, 0xFC, 0x09
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 24 * 6];
-} _EC_brainpoolP192r1 = {
-    {
-        NID_X9_62_prime_field, 0, 24, 1
-    },
-    {
-        /* no seed */
-        /* p */
-        0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3, 0x46, 0x30,
-        0x93, 0xD1, 0x8D, 0xB7, 0x8F, 0xCE, 0x47, 0x6D, 0xE1, 0xA8, 0x62, 0x97,
-        /* a */
-        0x6A, 0x91, 0x17, 0x40, 0x76, 0xB1, 0xE0, 0xE1, 0x9C, 0x39, 0xC0, 0x31,
-        0xFE, 0x86, 0x85, 0xC1, 0xCA, 0xE0, 0x40, 0xE5, 0xC6, 0x9A, 0x28, 0xEF,
-        /* b */
-        0x46, 0x9A, 0x28, 0xEF, 0x7C, 0x28, 0xCC, 0xA3, 0xDC, 0x72, 0x1D, 0x04,
-        0x4F, 0x44, 0x96, 0xBC, 0xCA, 0x7E, 0xF4, 0x14, 0x6F, 0xBF, 0x25, 0xC9,
-        /* x */
-        0xC0, 0xA0, 0x64, 0x7E, 0xAA, 0xB6, 0xA4, 0x87, 0x53, 0xB0, 0x33, 0xC5,
-        0x6C, 0xB0, 0xF0, 0x90, 0x0A, 0x2F, 0x5C, 0x48, 0x53, 0x37, 0x5F, 0xD6,
-        /* y */
-        0x14, 0xB6, 0x90, 0x86, 0x6A, 0xBD, 0x5B, 0xB8, 0x8B, 0x5F, 0x48, 0x28,
-        0xC1, 0x49, 0x00, 0x02, 0xE6, 0x77, 0x3F, 0xA2, 0xFA, 0x29, 0x9B, 0x8F,
-        /* order */
-        0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3, 0x46, 0x2F,
-        0x9E, 0x9E, 0x91, 0x6B, 0x5B, 0xE8, 0xF1, 0x02, 0x9A, 0xC4, 0xAC, 0xC1
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 24 * 6];
-} _EC_brainpoolP192t1 = {
-    {
-        NID_X9_62_prime_field, 0, 24, 1
-    },
-    {
-        /* no seed */
-        /* p */
-        0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3, 0x46, 0x30,
-        0x93, 0xD1, 0x8D, 0xB7, 0x8F, 0xCE, 0x47, 0x6D, 0xE1, 0xA8, 0x62, 0x97,
-        /* a */
-        0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3, 0x46, 0x30,
-        0x93, 0xD1, 0x8D, 0xB7, 0x8F, 0xCE, 0x47, 0x6D, 0xE1, 0xA8, 0x62, 0x94,
-        /* b */
-        0x13, 0xD5, 0x6F, 0xFA, 0xEC, 0x78, 0x68, 0x1E, 0x68, 0xF9, 0xDE, 0xB4,
-        0x3B, 0x35, 0xBE, 0xC2, 0xFB, 0x68, 0x54, 0x2E, 0x27, 0x89, 0x7B, 0x79,
-        /* x */
-        0x3A, 0xE9, 0xE5, 0x8C, 0x82, 0xF6, 0x3C, 0x30, 0x28, 0x2E, 0x1F, 0xE7,
-        0xBB, 0xF4, 0x3F, 0xA7, 0x2C, 0x44, 0x6A, 0xF6, 0xF4, 0x61, 0x81, 0x29,
-        /* y */
-        0x09, 0x7E, 0x2C, 0x56, 0x67, 0xC2, 0x22, 0x3A, 0x90, 0x2A, 0xB5, 0xCA,
-        0x44, 0x9D, 0x00, 0x84, 0xB7, 0xE5, 0xB3, 0xDE, 0x7C, 0xCC, 0x01, 0xC9,
-        /* order */
-        0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3, 0x46, 0x2F,
-        0x9E, 0x9E, 0x91, 0x6B, 0x5B, 0xE8, 0xF1, 0x02, 0x9A, 0xC4, 0xAC, 0xC1
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 28 * 6];
-} _EC_brainpoolP224r1 = {
-    {
-        NID_X9_62_prime_field, 0, 28, 1
-    },
-    {
-        /* no seed */
-        /* p */
-        0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18, 0x30, 0x25,
-        0x75, 0xD1, 0xD7, 0x87, 0xB0, 0x9F, 0x07, 0x57, 0x97, 0xDA, 0x89, 0xF5,
-        0x7E, 0xC8, 0xC0, 0xFF,
-        /* a */
-        0x68, 0xA5, 0xE6, 0x2C, 0xA9, 0xCE, 0x6C, 0x1C, 0x29, 0x98, 0x03, 0xA6,
-        0xC1, 0x53, 0x0B, 0x51, 0x4E, 0x18, 0x2A, 0xD8, 0xB0, 0x04, 0x2A, 0x59,
-        0xCA, 0xD2, 0x9F, 0x43,
-        /* b */
-        0x25, 0x80, 0xF6, 0x3C, 0xCF, 0xE4, 0x41, 0x38, 0x87, 0x07, 0x13, 0xB1,
-        0xA9, 0x23, 0x69, 0xE3, 0x3E, 0x21, 0x35, 0xD2, 0x66, 0xDB, 0xB3, 0x72,
-        0x38, 0x6C, 0x40, 0x0B,
-        /* x */
-        0x0D, 0x90, 0x29, 0xAD, 0x2C, 0x7E, 0x5C, 0xF4, 0x34, 0x08, 0x23, 0xB2,
-        0xA8, 0x7D, 0xC6, 0x8C, 0x9E, 0x4C, 0xE3, 0x17, 0x4C, 0x1E, 0x6E, 0xFD,
-        0xEE, 0x12, 0xC0, 0x7D,
-        /* y */
-        0x58, 0xAA, 0x56, 0xF7, 0x72, 0xC0, 0x72, 0x6F, 0x24, 0xC6, 0xB8, 0x9E,
-        0x4E, 0xCD, 0xAC, 0x24, 0x35, 0x4B, 0x9E, 0x99, 0xCA, 0xA3, 0xF6, 0xD3,
-        0x76, 0x14, 0x02, 0xCD,
-        /* order */
-        0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18, 0x30, 0x25,
-        0x75, 0xD0, 0xFB, 0x98, 0xD1, 0x16, 0xBC, 0x4B, 0x6D, 0xDE, 0xBC, 0xA3,
-        0xA5, 0xA7, 0x93, 0x9F
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 28 * 6];
-} _EC_brainpoolP224t1 = {
-    {
-        NID_X9_62_prime_field, 0, 28, 1
-    },
-    {
-        /* no seed */
-        /* p */
-        0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18, 0x30, 0x25,
-        0x75, 0xD1, 0xD7, 0x87, 0xB0, 0x9F, 0x07, 0x57, 0x97, 0xDA, 0x89, 0xF5,
-        0x7E, 0xC8, 0xC0, 0xFF,
-        /* a */
-        0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18, 0x30, 0x25,
-        0x75, 0xD1, 0xD7, 0x87, 0xB0, 0x9F, 0x07, 0x57, 0x97, 0xDA, 0x89, 0xF5,
-        0x7E, 0xC8, 0xC0, 0xFC,
-        /* b */
-        0x4B, 0x33, 0x7D, 0x93, 0x41, 0x04, 0xCD, 0x7B, 0xEF, 0x27, 0x1B, 0xF6,
-        0x0C, 0xED, 0x1E, 0xD2, 0x0D, 0xA1, 0x4C, 0x08, 0xB3, 0xBB, 0x64, 0xF1,
-        0x8A, 0x60, 0x88, 0x8D,
-        /* x */
-        0x6A, 0xB1, 0xE3, 0x44, 0xCE, 0x25, 0xFF, 0x38, 0x96, 0x42, 0x4E, 0x7F,
-        0xFE, 0x14, 0x76, 0x2E, 0xCB, 0x49, 0xF8, 0x92, 0x8A, 0xC0, 0xC7, 0x60,
-        0x29, 0xB4, 0xD5, 0x80,
-        /* y */
-        0x03, 0x74, 0xE9, 0xF5, 0x14, 0x3E, 0x56, 0x8C, 0xD2, 0x3F, 0x3F, 0x4D,
-        0x7C, 0x0D, 0x4B, 0x1E, 0x41, 0xC8, 0xCC, 0x0D, 0x1C, 0x6A, 0xBD, 0x5F,
-        0x1A, 0x46, 0xDB, 0x4C,
-        /* order */
-        0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18, 0x30, 0x25,
-        0x75, 0xD0, 0xFB, 0x98, 0xD1, 0x16, 0xBC, 0x4B, 0x6D, 0xDE, 0xBC, 0xA3,
-        0xA5, 0xA7, 0x93, 0x9F
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 32 * 6];
-} _EC_brainpoolP256r1 = {
-    {
-        NID_X9_62_prime_field, 0, 32, 1
-    },
-    {
-        /* no seed */
-        /* p */
-        0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, 0x3E, 0x66, 0x0A, 0x90,
-        0x9D, 0x83, 0x8D, 0x72, 0x6E, 0x3B, 0xF6, 0x23, 0xD5, 0x26, 0x20, 0x28,
-        0x20, 0x13, 0x48, 0x1D, 0x1F, 0x6E, 0x53, 0x77,
-        /* a */
-        0x7D, 0x5A, 0x09, 0x75, 0xFC, 0x2C, 0x30, 0x57, 0xEE, 0xF6, 0x75, 0x30,
-        0x41, 0x7A, 0xFF, 0xE7, 0xFB, 0x80, 0x55, 0xC1, 0x26, 0xDC, 0x5C, 0x6C,
-        0xE9, 0x4A, 0x4B, 0x44, 0xF3, 0x30, 0xB5, 0xD9,
-        /* b */
-        0x26, 0xDC, 0x5C, 0x6C, 0xE9, 0x4A, 0x4B, 0x44, 0xF3, 0x30, 0xB5, 0xD9,
-        0xBB, 0xD7, 0x7C, 0xBF, 0x95, 0x84, 0x16, 0x29, 0x5C, 0xF7, 0xE1, 0xCE,
-        0x6B, 0xCC, 0xDC, 0x18, 0xFF, 0x8C, 0x07, 0xB6,
-        /* x */
-        0x8B, 0xD2, 0xAE, 0xB9, 0xCB, 0x7E, 0x57, 0xCB, 0x2C, 0x4B, 0x48, 0x2F,
-        0xFC, 0x81, 0xB7, 0xAF, 0xB9, 0xDE, 0x27, 0xE1, 0xE3, 0xBD, 0x23, 0xC2,
-        0x3A, 0x44, 0x53, 0xBD, 0x9A, 0xCE, 0x32, 0x62,
-        /* y */
-        0x54, 0x7E, 0xF8, 0x35, 0xC3, 0xDA, 0xC4, 0xFD, 0x97, 0xF8, 0x46, 0x1A,
-        0x14, 0x61, 0x1D, 0xC9, 0xC2, 0x77, 0x45, 0x13, 0x2D, 0xED, 0x8E, 0x54,
-        0x5C, 0x1D, 0x54, 0xC7, 0x2F, 0x04, 0x69, 0x97,
-        /* order */
-        0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, 0x3E, 0x66, 0x0A, 0x90,
-        0x9D, 0x83, 0x8D, 0x71, 0x8C, 0x39, 0x7A, 0xA3, 0xB5, 0x61, 0xA6, 0xF7,
-        0x90, 0x1E, 0x0E, 0x82, 0x97, 0x48, 0x56, 0xA7
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 32 * 6];
-} _EC_brainpoolP256t1 = {
-    {
-        NID_X9_62_prime_field, 0, 32, 1
-    },
-    {
-        /* no seed */
-        /* p */
-        0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, 0x3E, 0x66, 0x0A, 0x90,
-        0x9D, 0x83, 0x8D, 0x72, 0x6E, 0x3B, 0xF6, 0x23, 0xD5, 0x26, 0x20, 0x28,
-        0x20, 0x13, 0x48, 0x1D, 0x1F, 0x6E, 0x53, 0x77,
-        /* a */
-        0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, 0x3E, 0x66, 0x0A, 0x90,
-        0x9D, 0x83, 0x8D, 0x72, 0x6E, 0x3B, 0xF6, 0x23, 0xD5, 0x26, 0x20, 0x28,
-        0x20, 0x13, 0x48, 0x1D, 0x1F, 0x6E, 0x53, 0x74,
-        /* b */
-        0x66, 0x2C, 0x61, 0xC4, 0x30, 0xD8, 0x4E, 0xA4, 0xFE, 0x66, 0xA7, 0x73,
-        0x3D, 0x0B, 0x76, 0xB7, 0xBF, 0x93, 0xEB, 0xC4, 0xAF, 0x2F, 0x49, 0x25,
-        0x6A, 0xE5, 0x81, 0x01, 0xFE, 0xE9, 0x2B, 0x04,
-        /* x */
-        0xA3, 0xE8, 0xEB, 0x3C, 0xC1, 0xCF, 0xE7, 0xB7, 0x73, 0x22, 0x13, 0xB2,
-        0x3A, 0x65, 0x61, 0x49, 0xAF, 0xA1, 0x42, 0xC4, 0x7A, 0xAF, 0xBC, 0x2B,
-        0x79, 0xA1, 0x91, 0x56, 0x2E, 0x13, 0x05, 0xF4,
-        /* y */
-        0x2D, 0x99, 0x6C, 0x82, 0x34, 0x39, 0xC5, 0x6D, 0x7F, 0x7B, 0x22, 0xE1,
-        0x46, 0x44, 0x41, 0x7E, 0x69, 0xBC, 0xB6, 0xDE, 0x39, 0xD0, 0x27, 0x00,
-        0x1D, 0xAB, 0xE8, 0xF3, 0x5B, 0x25, 0xC9, 0xBE,
-        /* order */
-        0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, 0x3E, 0x66, 0x0A, 0x90,
-        0x9D, 0x83, 0x8D, 0x71, 0x8C, 0x39, 0x7A, 0xA3, 0xB5, 0x61, 0xA6, 0xF7,
-        0x90, 0x1E, 0x0E, 0x82, 0x97, 0x48, 0x56, 0xA7
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 40 * 6];
-} _EC_brainpoolP320r1 = {
-    {
-        NID_X9_62_prime_field, 0, 40, 1
-    },
-    {
-        /* no seed */
-        /* p */
-        0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, 0xE1, 0x3C, 0x78, 0x5E,
-        0xD2, 0x01, 0xE0, 0x65, 0xF9, 0x8F, 0xCF, 0xA6, 0xF6, 0xF4, 0x0D, 0xEF,
-        0x4F, 0x92, 0xB9, 0xEC, 0x78, 0x93, 0xEC, 0x28, 0xFC, 0xD4, 0x12, 0xB1,
-        0xF1, 0xB3, 0x2E, 0x27,
-        /* a */
-        0x3E, 0xE3, 0x0B, 0x56, 0x8F, 0xBA, 0xB0, 0xF8, 0x83, 0xCC, 0xEB, 0xD4,
-        0x6D, 0x3F, 0x3B, 0xB8, 0xA2, 0xA7, 0x35, 0x13, 0xF5, 0xEB, 0x79, 0xDA,
-        0x66, 0x19, 0x0E, 0xB0, 0x85, 0xFF, 0xA9, 0xF4, 0x92, 0xF3, 0x75, 0xA9,
-        0x7D, 0x86, 0x0E, 0xB4,
-        /* b */
-        0x52, 0x08, 0x83, 0x94, 0x9D, 0xFD, 0xBC, 0x42, 0xD3, 0xAD, 0x19, 0x86,
-        0x40, 0x68, 0x8A, 0x6F, 0xE1, 0x3F, 0x41, 0x34, 0x95, 0x54, 0xB4, 0x9A,
-        0xCC, 0x31, 0xDC, 0xCD, 0x88, 0x45, 0x39, 0x81, 0x6F, 0x5E, 0xB4, 0xAC,
-        0x8F, 0xB1, 0xF1, 0xA6,
-        /* x */
-        0x43, 0xBD, 0x7E, 0x9A, 0xFB, 0x53, 0xD8, 0xB8, 0x52, 0x89, 0xBC, 0xC4,
-        0x8E, 0xE5, 0xBF, 0xE6, 0xF2, 0x01, 0x37, 0xD1, 0x0A, 0x08, 0x7E, 0xB6,
-        0xE7, 0x87, 0x1E, 0x2A, 0x10, 0xA5, 0x99, 0xC7, 0x10, 0xAF, 0x8D, 0x0D,
-        0x39, 0xE2, 0x06, 0x11,
-        /* y */
-        0x14, 0xFD, 0xD0, 0x55, 0x45, 0xEC, 0x1C, 0xC8, 0xAB, 0x40, 0x93, 0x24,
-        0x7F, 0x77, 0x27, 0x5E, 0x07, 0x43, 0xFF, 0xED, 0x11, 0x71, 0x82, 0xEA,
-        0xA9, 0xC7, 0x78, 0x77, 0xAA, 0xAC, 0x6A, 0xC7, 0xD3, 0x52, 0x45, 0xD1,
-        0x69, 0x2E, 0x8E, 0xE1,
-        /* order */
-        0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, 0xE1, 0x3C, 0x78, 0x5E,
-        0xD2, 0x01, 0xE0, 0x65, 0xF9, 0x8F, 0xCF, 0xA5, 0xB6, 0x8F, 0x12, 0xA3,
-        0x2D, 0x48, 0x2E, 0xC7, 0xEE, 0x86, 0x58, 0xE9, 0x86, 0x91, 0x55, 0x5B,
-        0x44, 0xC5, 0x93, 0x11
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 40 * 6];
-} _EC_brainpoolP320t1 = {
-    {
-        NID_X9_62_prime_field, 0, 40, 1
-    },
-    {
-        /* no seed */
-        /* p */
-        0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, 0xE1, 0x3C, 0x78, 0x5E,
-        0xD2, 0x01, 0xE0, 0x65, 0xF9, 0x8F, 0xCF, 0xA6, 0xF6, 0xF4, 0x0D, 0xEF,
-        0x4F, 0x92, 0xB9, 0xEC, 0x78, 0x93, 0xEC, 0x28, 0xFC, 0xD4, 0x12, 0xB1,
-        0xF1, 0xB3, 0x2E, 0x27,
-        /* a */
-        0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, 0xE1, 0x3C, 0x78, 0x5E,
-        0xD2, 0x01, 0xE0, 0x65, 0xF9, 0x8F, 0xCF, 0xA6, 0xF6, 0xF4, 0x0D, 0xEF,
-        0x4F, 0x92, 0xB9, 0xEC, 0x78, 0x93, 0xEC, 0x28, 0xFC, 0xD4, 0x12, 0xB1,
-        0xF1, 0xB3, 0x2E, 0x24,
-        /* b */
-        0xA7, 0xF5, 0x61, 0xE0, 0x38, 0xEB, 0x1E, 0xD5, 0x60, 0xB3, 0xD1, 0x47,
-        0xDB, 0x78, 0x20, 0x13, 0x06, 0x4C, 0x19, 0xF2, 0x7E, 0xD2, 0x7C, 0x67,
-        0x80, 0xAA, 0xF7, 0x7F, 0xB8, 0xA5, 0x47, 0xCE, 0xB5, 0xB4, 0xFE, 0xF4,
-        0x22, 0x34, 0x03, 0x53,
-        /* x */
-        0x92, 0x5B, 0xE9, 0xFB, 0x01, 0xAF, 0xC6, 0xFB, 0x4D, 0x3E, 0x7D, 0x49,
-        0x90, 0x01, 0x0F, 0x81, 0x34, 0x08, 0xAB, 0x10, 0x6C, 0x4F, 0x09, 0xCB,
-        0x7E, 0xE0, 0x78, 0x68, 0xCC, 0x13, 0x6F, 0xFF, 0x33, 0x57, 0xF6, 0x24,
-        0xA2, 0x1B, 0xED, 0x52,
-        /* y */
-        0x63, 0xBA, 0x3A, 0x7A, 0x27, 0x48, 0x3E, 0xBF, 0x66, 0x71, 0xDB, 0xEF,
-        0x7A, 0xBB, 0x30, 0xEB, 0xEE, 0x08, 0x4E, 0x58, 0xA0, 0xB0, 0x77, 0xAD,
-        0x42, 0xA5, 0xA0, 0x98, 0x9D, 0x1E, 0xE7, 0x1B, 0x1B, 0x9B, 0xC0, 0x45,
-        0x5F, 0xB0, 0xD2, 0xC3,
-        /* order */
-        0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, 0xE1, 0x3C, 0x78, 0x5E,
-        0xD2, 0x01, 0xE0, 0x65, 0xF9, 0x8F, 0xCF, 0xA5, 0xB6, 0x8F, 0x12, 0xA3,
-        0x2D, 0x48, 0x2E, 0xC7, 0xEE, 0x86, 0x58, 0xE9, 0x86, 0x91, 0x55, 0x5B,
-        0x44, 0xC5, 0x93, 0x11
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 48 * 6];
-} _EC_brainpoolP384r1 = {
-    {
-        NID_X9_62_prime_field, 0, 48, 1
-    },
-    {
-        /* no seed */
-        /* p */
-        0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, 0x0F, 0x5D, 0x6F, 0x7E,
-        0x50, 0xE6, 0x41, 0xDF, 0x15, 0x2F, 0x71, 0x09, 0xED, 0x54, 0x56, 0xB4,
-        0x12, 0xB1, 0xDA, 0x19, 0x7F, 0xB7, 0x11, 0x23, 0xAC, 0xD3, 0xA7, 0x29,
-        0x90, 0x1D, 0x1A, 0x71, 0x87, 0x47, 0x00, 0x13, 0x31, 0x07, 0xEC, 0x53,
-        /* a */
-        0x7B, 0xC3, 0x82, 0xC6, 0x3D, 0x8C, 0x15, 0x0C, 0x3C, 0x72, 0x08, 0x0A,
-        0xCE, 0x05, 0xAF, 0xA0, 0xC2, 0xBE, 0xA2, 0x8E, 0x4F, 0xB2, 0x27, 0x87,
-        0x13, 0x91, 0x65, 0xEF, 0xBA, 0x91, 0xF9, 0x0F, 0x8A, 0xA5, 0x81, 0x4A,
-        0x50, 0x3A, 0xD4, 0xEB, 0x04, 0xA8, 0xC7, 0xDD, 0x22, 0xCE, 0x28, 0x26,
-        /* b */
-        0x04, 0xA8, 0xC7, 0xDD, 0x22, 0xCE, 0x28, 0x26, 0x8B, 0x39, 0xB5, 0x54,
-        0x16, 0xF0, 0x44, 0x7C, 0x2F, 0xB7, 0x7D, 0xE1, 0x07, 0xDC, 0xD2, 0xA6,
-        0x2E, 0x88, 0x0E, 0xA5, 0x3E, 0xEB, 0x62, 0xD5, 0x7C, 0xB4, 0x39, 0x02,
-        0x95, 0xDB, 0xC9, 0x94, 0x3A, 0xB7, 0x86, 0x96, 0xFA, 0x50, 0x4C, 0x11,
-        /* x */
-        0x1D, 0x1C, 0x64, 0xF0, 0x68, 0xCF, 0x45, 0xFF, 0xA2, 0xA6, 0x3A, 0x81,
-        0xB7, 0xC1, 0x3F, 0x6B, 0x88, 0x47, 0xA3, 0xE7, 0x7E, 0xF1, 0x4F, 0xE3,
-        0xDB, 0x7F, 0xCA, 0xFE, 0x0C, 0xBD, 0x10, 0xE8, 0xE8, 0x26, 0xE0, 0x34,
-        0x36, 0xD6, 0x46, 0xAA, 0xEF, 0x87, 0xB2, 0xE2, 0x47, 0xD4, 0xAF, 0x1E,
-        /* y */
-        0x8A, 0xBE, 0x1D, 0x75, 0x20, 0xF9, 0xC2, 0xA4, 0x5C, 0xB1, 0xEB, 0x8E,
-        0x95, 0xCF, 0xD5, 0x52, 0x62, 0xB7, 0x0B, 0x29, 0xFE, 0xEC, 0x58, 0x64,
-        0xE1, 0x9C, 0x05, 0x4F, 0xF9, 0x91, 0x29, 0x28, 0x0E, 0x46, 0x46, 0x21,
-        0x77, 0x91, 0x81, 0x11, 0x42, 0x82, 0x03, 0x41, 0x26, 0x3C, 0x53, 0x15,
-        /* order */
-        0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, 0x0F, 0x5D, 0x6F, 0x7E,
-        0x50, 0xE6, 0x41, 0xDF, 0x15, 0x2F, 0x71, 0x09, 0xED, 0x54, 0x56, 0xB3,
-        0x1F, 0x16, 0x6E, 0x6C, 0xAC, 0x04, 0x25, 0xA7, 0xCF, 0x3A, 0xB6, 0xAF,
-        0x6B, 0x7F, 0xC3, 0x10, 0x3B, 0x88, 0x32, 0x02, 0xE9, 0x04, 0x65, 0x65
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 48 * 6];
-} _EC_brainpoolP384t1 = {
-    {
-        NID_X9_62_prime_field, 0, 48, 1
-    },
-    {
-        /* no seed */
-        /* p */
-        0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, 0x0F, 0x5D, 0x6F, 0x7E,
-        0x50, 0xE6, 0x41, 0xDF, 0x15, 0x2F, 0x71, 0x09, 0xED, 0x54, 0x56, 0xB4,
-        0x12, 0xB1, 0xDA, 0x19, 0x7F, 0xB7, 0x11, 0x23, 0xAC, 0xD3, 0xA7, 0x29,
-        0x90, 0x1D, 0x1A, 0x71, 0x87, 0x47, 0x00, 0x13, 0x31, 0x07, 0xEC, 0x53,
-        /* a */
-        0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, 0x0F, 0x5D, 0x6F, 0x7E,
-        0x50, 0xE6, 0x41, 0xDF, 0x15, 0x2F, 0x71, 0x09, 0xED, 0x54, 0x56, 0xB4,
-        0x12, 0xB1, 0xDA, 0x19, 0x7F, 0xB7, 0x11, 0x23, 0xAC, 0xD3, 0xA7, 0x29,
-        0x90, 0x1D, 0x1A, 0x71, 0x87, 0x47, 0x00, 0x13, 0x31, 0x07, 0xEC, 0x50,
-        /* b */
-        0x7F, 0x51, 0x9E, 0xAD, 0xA7, 0xBD, 0xA8, 0x1B, 0xD8, 0x26, 0xDB, 0xA6,
-        0x47, 0x91, 0x0F, 0x8C, 0x4B, 0x93, 0x46, 0xED, 0x8C, 0xCD, 0xC6, 0x4E,
-        0x4B, 0x1A, 0xBD, 0x11, 0x75, 0x6D, 0xCE, 0x1D, 0x20, 0x74, 0xAA, 0x26,
-        0x3B, 0x88, 0x80, 0x5C, 0xED, 0x70, 0x35, 0x5A, 0x33, 0xB4, 0x71, 0xEE,
-        /* x */
-        0x18, 0xDE, 0x98, 0xB0, 0x2D, 0xB9, 0xA3, 0x06, 0xF2, 0xAF, 0xCD, 0x72,
-        0x35, 0xF7, 0x2A, 0x81, 0x9B, 0x80, 0xAB, 0x12, 0xEB, 0xD6, 0x53, 0x17,
-        0x24, 0x76, 0xFE, 0xCD, 0x46, 0x2A, 0xAB, 0xFF, 0xC4, 0xFF, 0x19, 0x1B,
-        0x94, 0x6A, 0x5F, 0x54, 0xD8, 0xD0, 0xAA, 0x2F, 0x41, 0x88, 0x08, 0xCC,
-        /* y */
-        0x25, 0xAB, 0x05, 0x69, 0x62, 0xD3, 0x06, 0x51, 0xA1, 0x14, 0xAF, 0xD2,
-        0x75, 0x5A, 0xD3, 0x36, 0x74, 0x7F, 0x93, 0x47, 0x5B, 0x7A, 0x1F, 0xCA,
-        0x3B, 0x88, 0xF2, 0xB6, 0xA2, 0x08, 0xCC, 0xFE, 0x46, 0x94, 0x08, 0x58,
-        0x4D, 0xC2, 0xB2, 0x91, 0x26, 0x75, 0xBF, 0x5B, 0x9E, 0x58, 0x29, 0x28,
-        /* order */
-        0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, 0x0F, 0x5D, 0x6F, 0x7E,
-        0x50, 0xE6, 0x41, 0xDF, 0x15, 0x2F, 0x71, 0x09, 0xED, 0x54, 0x56, 0xB3,
-        0x1F, 0x16, 0x6E, 0x6C, 0xAC, 0x04, 0x25, 0xA7, 0xCF, 0x3A, 0xB6, 0xAF,
-        0x6B, 0x7F, 0xC3, 0x10, 0x3B, 0x88, 0x32, 0x02, 0xE9, 0x04, 0x65, 0x65
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 64 * 6];
-} _EC_brainpoolP512r1 = {
-    {
-        NID_X9_62_prime_field, 0, 64, 1
-    },
-    {
-        /* no seed */
-        /* p */
-        0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, 0x3F, 0xD4, 0xE6, 0xAE,
-        0x33, 0xC9, 0xFC, 0x07, 0xCB, 0x30, 0x8D, 0xB3, 0xB3, 0xC9, 0xD2, 0x0E,
-        0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33, 0x08, 0x71, 0x7D, 0x4D, 0x9B, 0x00,
-        0x9B, 0xC6, 0x68, 0x42, 0xAE, 0xCD, 0xA1, 0x2A, 0xE6, 0xA3, 0x80, 0xE6,
-        0x28, 0x81, 0xFF, 0x2F, 0x2D, 0x82, 0xC6, 0x85, 0x28, 0xAA, 0x60, 0x56,
-        0x58, 0x3A, 0x48, 0xF3,
-        /* a */
-        0x78, 0x30, 0xA3, 0x31, 0x8B, 0x60, 0x3B, 0x89, 0xE2, 0x32, 0x71, 0x45,
-        0xAC, 0x23, 0x4C, 0xC5, 0x94, 0xCB, 0xDD, 0x8D, 0x3D, 0xF9, 0x16, 0x10,
-        0xA8, 0x34, 0x41, 0xCA, 0xEA, 0x98, 0x63, 0xBC, 0x2D, 0xED, 0x5D, 0x5A,
-        0xA8, 0x25, 0x3A, 0xA1, 0x0A, 0x2E, 0xF1, 0xC9, 0x8B, 0x9A, 0xC8, 0xB5,
-        0x7F, 0x11, 0x17, 0xA7, 0x2B, 0xF2, 0xC7, 0xB9, 0xE7, 0xC1, 0xAC, 0x4D,
-        0x77, 0xFC, 0x94, 0xCA,
-        /* b */
-        0x3D, 0xF9, 0x16, 0x10, 0xA8, 0x34, 0x41, 0xCA, 0xEA, 0x98, 0x63, 0xBC,
-        0x2D, 0xED, 0x5D, 0x5A, 0xA8, 0x25, 0x3A, 0xA1, 0x0A, 0x2E, 0xF1, 0xC9,
-        0x8B, 0x9A, 0xC8, 0xB5, 0x7F, 0x11, 0x17, 0xA7, 0x2B, 0xF2, 0xC7, 0xB9,
-        0xE7, 0xC1, 0xAC, 0x4D, 0x77, 0xFC, 0x94, 0xCA, 0xDC, 0x08, 0x3E, 0x67,
-        0x98, 0x40, 0x50, 0xB7, 0x5E, 0xBA, 0xE5, 0xDD, 0x28, 0x09, 0xBD, 0x63,
-        0x80, 0x16, 0xF7, 0x23,
-        /* x */
-        0x81, 0xAE, 0xE4, 0xBD, 0xD8, 0x2E, 0xD9, 0x64, 0x5A, 0x21, 0x32, 0x2E,
-        0x9C, 0x4C, 0x6A, 0x93, 0x85, 0xED, 0x9F, 0x70, 0xB5, 0xD9, 0x16, 0xC1,
-        0xB4, 0x3B, 0x62, 0xEE, 0xF4, 0xD0, 0x09, 0x8E, 0xFF, 0x3B, 0x1F, 0x78,
-        0xE2, 0xD0, 0xD4, 0x8D, 0x50, 0xD1, 0x68, 0x7B, 0x93, 0xB9, 0x7D, 0x5F,
-        0x7C, 0x6D, 0x50, 0x47, 0x40, 0x6A, 0x5E, 0x68, 0x8B, 0x35, 0x22, 0x09,
-        0xBC, 0xB9, 0xF8, 0x22,
-        /* y */
-        0x7D, 0xDE, 0x38, 0x5D, 0x56, 0x63, 0x32, 0xEC, 0xC0, 0xEA, 0xBF, 0xA9,
-        0xCF, 0x78, 0x22, 0xFD, 0xF2, 0x09, 0xF7, 0x00, 0x24, 0xA5, 0x7B, 0x1A,
-        0xA0, 0x00, 0xC5, 0x5B, 0x88, 0x1F, 0x81, 0x11, 0xB2, 0xDC, 0xDE, 0x49,
-        0x4A, 0x5F, 0x48, 0x5E, 0x5B, 0xCA, 0x4B, 0xD8, 0x8A, 0x27, 0x63, 0xAE,
-        0xD1, 0xCA, 0x2B, 0x2F, 0xA8, 0xF0, 0x54, 0x06, 0x78, 0xCD, 0x1E, 0x0F,
-        0x3A, 0xD8, 0x08, 0x92,
-        /* order */
-        0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, 0x3F, 0xD4, 0xE6, 0xAE,
-        0x33, 0xC9, 0xFC, 0x07, 0xCB, 0x30, 0x8D, 0xB3, 0xB3, 0xC9, 0xD2, 0x0E,
-        0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33, 0x08, 0x70, 0x55, 0x3E, 0x5C, 0x41,
-        0x4C, 0xA9, 0x26, 0x19, 0x41, 0x86, 0x61, 0x19, 0x7F, 0xAC, 0x10, 0x47,
-        0x1D, 0xB1, 0xD3, 0x81, 0x08, 0x5D, 0xDA, 0xDD, 0xB5, 0x87, 0x96, 0x82,
-        0x9C, 0xA9, 0x00, 0x69
-    }
-};
-
-static const struct {
-    EC_CURVE_DATA h;
-    unsigned char data[0 + 64 * 6];
-} _EC_brainpoolP512t1 = {
-    {
-        NID_X9_62_prime_field, 0, 64, 1
-    },
-    {
-        /* no seed */
-        /* p */
-        0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, 0x3F, 0xD4, 0xE6, 0xAE,
-        0x33, 0xC9, 0xFC, 0x07, 0xCB, 0x30, 0x8D, 0xB3, 0xB3, 0xC9, 0xD2, 0x0E,
-        0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33, 0x08, 0x71, 0x7D, 0x4D, 0x9B, 0x00,
-        0x9B, 0xC6, 0x68, 0x42, 0xAE, 0xCD, 0xA1, 0x2A, 0xE6, 0xA3, 0x80, 0xE6,
-        0x28, 0x81, 0xFF, 0x2F, 0x2D, 0x82, 0xC6, 0x85, 0x28, 0xAA, 0x60, 0x56,
-        0x58, 0x3A, 0x48, 0xF3,
-        /* a */
-        0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, 0x3F, 0xD4, 0xE6, 0xAE,
-        0x33, 0xC9, 0xFC, 0x07, 0xCB, 0x30, 0x8D, 0xB3, 0xB3, 0xC9, 0xD2, 0x0E,
-        0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33, 0x08, 0x71, 0x7D, 0x4D, 0x9B, 0x00,
-        0x9B, 0xC6, 0x68, 0x42, 0xAE, 0xCD, 0xA1, 0x2A, 0xE6, 0xA3, 0x80, 0xE6,
-        0x28, 0x81, 0xFF, 0x2F, 0x2D, 0x82, 0xC6, 0x85, 0x28, 0xAA, 0x60, 0x56,
-        0x58, 0x3A, 0x48, 0xF0,
-        /* b */
-        0x7C, 0xBB, 0xBC, 0xF9, 0x44, 0x1C, 0xFA, 0xB7, 0x6E, 0x18, 0x90, 0xE4,
-        0x68, 0x84, 0xEA, 0xE3, 0x21, 0xF7, 0x0C, 0x0B, 0xCB, 0x49, 0x81, 0x52,
-        0x78, 0x97, 0x50, 0x4B, 0xEC, 0x3E, 0x36, 0xA6, 0x2B, 0xCD, 0xFA, 0x23,
-        0x04, 0x97, 0x65, 0x40, 0xF6, 0x45, 0x00, 0x85, 0xF2, 0xDA, 0xE1, 0x45,
-        0xC2, 0x25, 0x53, 0xB4, 0x65, 0x76, 0x36, 0x89, 0x18, 0x0E, 0xA2, 0x57,
-        0x18, 0x67, 0x42, 0x3E,
-        /* x */
-        0x64, 0x0E, 0xCE, 0x5C, 0x12, 0x78, 0x87, 0x17, 0xB9, 0xC1, 0xBA, 0x06,
-        0xCB, 0xC2, 0xA6, 0xFE, 0xBA, 0x85, 0x84, 0x24, 0x58, 0xC5, 0x6D, 0xDE,
-        0x9D, 0xB1, 0x75, 0x8D, 0x39, 0xC0, 0x31, 0x3D, 0x82, 0xBA, 0x51, 0x73,
-        0x5C, 0xDB, 0x3E, 0xA4, 0x99, 0xAA, 0x77, 0xA7, 0xD6, 0x94, 0x3A, 0x64,
-        0xF7, 0xA3, 0xF2, 0x5F, 0xE2, 0x6F, 0x06, 0xB5, 0x1B, 0xAA, 0x26, 0x96,
-        0xFA, 0x90, 0x35, 0xDA,
-        /* y */
-        0x5B, 0x53, 0x4B, 0xD5, 0x95, 0xF5, 0xAF, 0x0F, 0xA2, 0xC8, 0x92, 0x37,
-        0x6C, 0x84, 0xAC, 0xE1, 0xBB, 0x4E, 0x30, 0x19, 0xB7, 0x16, 0x34, 0xC0,
-        0x11, 0x31, 0x15, 0x9C, 0xAE, 0x03, 0xCE, 0xE9, 0xD9, 0x93, 0x21, 0x84,
-        0xBE, 0xEF, 0x21, 0x6B, 0xD7, 0x1D, 0xF2, 0xDA, 0xDF, 0x86, 0xA6, 0x27,
-        0x30, 0x6E, 0xCF, 0xF9, 0x6D, 0xBB, 0x8B, 0xAC, 0xE1, 0x98, 0xB6, 0x1E,
-        0x00, 0xF8, 0xB3, 0x32,
-        /* order */
-        0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, 0x3F, 0xD4, 0xE6, 0xAE,
-        0x33, 0xC9, 0xFC, 0x07, 0xCB, 0x30, 0x8D, 0xB3, 0xB3, 0xC9, 0xD2, 0x0E,
-        0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33, 0x08, 0x70, 0x55, 0x3E, 0x5C, 0x41,
-        0x4C, 0xA9, 0x26, 0x19, 0x41, 0x86, 0x61, 0x19, 0x7F, 0xAC, 0x10, 0x47,
-        0x1D, 0xB1, 0xD3, 0x81, 0x08, 0x5D, 0xDA, 0xDD, 0xB5, 0x87, 0x96, 0x82,
-        0x9C, 0xA9, 0x00, 0x69
-    }
-};
-
-typedef struct _ec_list_element_st {
-    int nid;
-    const EC_CURVE_DATA *data;
-    const EC_METHOD *(*meth) (void);
-    const char *comment;
-} ec_list_element;
-
-static const ec_list_element curve_list[] = {
-    /* prime field curves */
-    /* secg curves */
-    {NID_secp112r1, &_EC_SECG_PRIME_112R1.h, 0,
-     "SECG/WTLS curve over a 112 bit prime field"},
-    {NID_secp112r2, &_EC_SECG_PRIME_112R2.h, 0,
-     "SECG curve over a 112 bit prime field"},
-    {NID_secp128r1, &_EC_SECG_PRIME_128R1.h, 0,
-     "SECG curve over a 128 bit prime field"},
-    {NID_secp128r2, &_EC_SECG_PRIME_128R2.h, 0,
-     "SECG curve over a 128 bit prime field"},
-    {NID_secp160k1, &_EC_SECG_PRIME_160K1.h, 0,
-     "SECG curve over a 160 bit prime field"},
-    {NID_secp160r1, &_EC_SECG_PRIME_160R1.h, 0,
-     "SECG curve over a 160 bit prime field"},
-    {NID_secp160r2, &_EC_SECG_PRIME_160R2.h, 0,
-     "SECG/WTLS curve over a 160 bit prime field"},
-    /* SECG secp192r1 is the same as X9.62 prime192v1 and hence omitted */
-    {NID_secp192k1, &_EC_SECG_PRIME_192K1.h, 0,
-     "SECG curve over a 192 bit prime field"},
-    {NID_secp224k1, &_EC_SECG_PRIME_224K1.h, 0,
-     "SECG curve over a 224 bit prime field"},
-#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-    {NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method,
-     "NIST/SECG curve over a 224 bit prime field"},
-#else
-    {NID_secp224r1, &_EC_NIST_PRIME_224.h, 0,
-     "NIST/SECG curve over a 224 bit prime field"},
-#endif
-    {NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0,
-     "SECG curve over a 256 bit prime field"},
-    /* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */
-    {NID_secp384r1, &_EC_NIST_PRIME_384.h, 0,
-     "NIST/SECG curve over a 384 bit prime field"},
-#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-    {NID_secp521r1, &_EC_NIST_PRIME_521.h, EC_GFp_nistp521_method,
-     "NIST/SECG curve over a 521 bit prime field"},
-#else
-    {NID_secp521r1, &_EC_NIST_PRIME_521.h, 0,
-     "NIST/SECG curve over a 521 bit prime field"},
-#endif
-    /* X9.62 curves */
-    {NID_X9_62_prime192v1, &_EC_NIST_PRIME_192.h, 0,
-     "NIST/X9.62/SECG curve over a 192 bit prime field"},
-    {NID_X9_62_prime192v2, &_EC_X9_62_PRIME_192V2.h, 0,
-     "X9.62 curve over a 192 bit prime field"},
-    {NID_X9_62_prime192v3, &_EC_X9_62_PRIME_192V3.h, 0,
-     "X9.62 curve over a 192 bit prime field"},
-    {NID_X9_62_prime239v1, &_EC_X9_62_PRIME_239V1.h, 0,
-     "X9.62 curve over a 239 bit prime field"},
-    {NID_X9_62_prime239v2, &_EC_X9_62_PRIME_239V2.h, 0,
-     "X9.62 curve over a 239 bit prime field"},
-    {NID_X9_62_prime239v3, &_EC_X9_62_PRIME_239V3.h, 0,
-     "X9.62 curve over a 239 bit prime field"},
-    {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h,
-#if defined(ECP_NISTZ256_ASM)
-     EC_GFp_nistz256_method,
-#elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128)
-     EC_GFp_nistp256_method,
-#else
-     0,
-#endif
-     "X9.62/SECG curve over a 256 bit prime field"},
-#ifndef OPENSSL_NO_EC2M
-    /* characteristic two field curves */
-    /* NIST/SECG curves */
-    {NID_sect113r1, &_EC_SECG_CHAR2_113R1.h, 0,
-     "SECG curve over a 113 bit binary field"},
-    {NID_sect113r2, &_EC_SECG_CHAR2_113R2.h, 0,
-     "SECG curve over a 113 bit binary field"},
-    {NID_sect131r1, &_EC_SECG_CHAR2_131R1.h, 0,
-     "SECG/WTLS curve over a 131 bit binary field"},
-    {NID_sect131r2, &_EC_SECG_CHAR2_131R2.h, 0,
-     "SECG curve over a 131 bit binary field"},
-    {NID_sect163k1, &_EC_NIST_CHAR2_163K.h, 0,
-     "NIST/SECG/WTLS curve over a 163 bit binary field"},
-    {NID_sect163r1, &_EC_SECG_CHAR2_163R1.h, 0,
-     "SECG curve over a 163 bit binary field"},
-    {NID_sect163r2, &_EC_NIST_CHAR2_163B.h, 0,
-     "NIST/SECG curve over a 163 bit binary field"},
-    {NID_sect193r1, &_EC_SECG_CHAR2_193R1.h, 0,
-     "SECG curve over a 193 bit binary field"},
-    {NID_sect193r2, &_EC_SECG_CHAR2_193R2.h, 0,
-     "SECG curve over a 193 bit binary field"},
-    {NID_sect233k1, &_EC_NIST_CHAR2_233K.h, 0,
-     "NIST/SECG/WTLS curve over a 233 bit binary field"},
-    {NID_sect233r1, &_EC_NIST_CHAR2_233B.h, 0,
-     "NIST/SECG/WTLS curve over a 233 bit binary field"},
-    {NID_sect239k1, &_EC_SECG_CHAR2_239K1.h, 0,
-     "SECG curve over a 239 bit binary field"},
-    {NID_sect283k1, &_EC_NIST_CHAR2_283K.h, 0,
-     "NIST/SECG curve over a 283 bit binary field"},
-    {NID_sect283r1, &_EC_NIST_CHAR2_283B.h, 0,
-     "NIST/SECG curve over a 283 bit binary field"},
-    {NID_sect409k1, &_EC_NIST_CHAR2_409K.h, 0,
-     "NIST/SECG curve over a 409 bit binary field"},
-    {NID_sect409r1, &_EC_NIST_CHAR2_409B.h, 0,
-     "NIST/SECG curve over a 409 bit binary field"},
-    {NID_sect571k1, &_EC_NIST_CHAR2_571K.h, 0,
-     "NIST/SECG curve over a 571 bit binary field"},
-    {NID_sect571r1, &_EC_NIST_CHAR2_571B.h, 0,
-     "NIST/SECG curve over a 571 bit binary field"},
-    /* X9.62 curves */
-    {NID_X9_62_c2pnb163v1, &_EC_X9_62_CHAR2_163V1.h, 0,
-     "X9.62 curve over a 163 bit binary field"},
-    {NID_X9_62_c2pnb163v2, &_EC_X9_62_CHAR2_163V2.h, 0,
-     "X9.62 curve over a 163 bit binary field"},
-    {NID_X9_62_c2pnb163v3, &_EC_X9_62_CHAR2_163V3.h, 0,
-     "X9.62 curve over a 163 bit binary field"},
-    {NID_X9_62_c2pnb176v1, &_EC_X9_62_CHAR2_176V1.h, 0,
-     "X9.62 curve over a 176 bit binary field"},
-    {NID_X9_62_c2tnb191v1, &_EC_X9_62_CHAR2_191V1.h, 0,
-     "X9.62 curve over a 191 bit binary field"},
-    {NID_X9_62_c2tnb191v2, &_EC_X9_62_CHAR2_191V2.h, 0,
-     "X9.62 curve over a 191 bit binary field"},
-    {NID_X9_62_c2tnb191v3, &_EC_X9_62_CHAR2_191V3.h, 0,
-     "X9.62 curve over a 191 bit binary field"},
-    {NID_X9_62_c2pnb208w1, &_EC_X9_62_CHAR2_208W1.h, 0,
-     "X9.62 curve over a 208 bit binary field"},
-    {NID_X9_62_c2tnb239v1, &_EC_X9_62_CHAR2_239V1.h, 0,
-     "X9.62 curve over a 239 bit binary field"},
-    {NID_X9_62_c2tnb239v2, &_EC_X9_62_CHAR2_239V2.h, 0,
-     "X9.62 curve over a 239 bit binary field"},
-    {NID_X9_62_c2tnb239v3, &_EC_X9_62_CHAR2_239V3.h, 0,
-     "X9.62 curve over a 239 bit binary field"},
-    {NID_X9_62_c2pnb272w1, &_EC_X9_62_CHAR2_272W1.h, 0,
-     "X9.62 curve over a 272 bit binary field"},
-    {NID_X9_62_c2pnb304w1, &_EC_X9_62_CHAR2_304W1.h, 0,
-     "X9.62 curve over a 304 bit binary field"},
-    {NID_X9_62_c2tnb359v1, &_EC_X9_62_CHAR2_359V1.h, 0,
-     "X9.62 curve over a 359 bit binary field"},
-    {NID_X9_62_c2pnb368w1, &_EC_X9_62_CHAR2_368W1.h, 0,
-     "X9.62 curve over a 368 bit binary field"},
-    {NID_X9_62_c2tnb431r1, &_EC_X9_62_CHAR2_431R1.h, 0,
-     "X9.62 curve over a 431 bit binary field"},
-    /*
-     * the WAP/WTLS curves [unlike SECG, spec has its own OIDs for curves
-     * from X9.62]
-     */
-    {NID_wap_wsg_idm_ecid_wtls1, &_EC_WTLS_1.h, 0,
-     "WTLS curve over a 113 bit binary field"},
-    {NID_wap_wsg_idm_ecid_wtls3, &_EC_NIST_CHAR2_163K.h, 0,
-     "NIST/SECG/WTLS curve over a 163 bit binary field"},
-    {NID_wap_wsg_idm_ecid_wtls4, &_EC_SECG_CHAR2_113R1.h, 0,
-     "SECG curve over a 113 bit binary field"},
-    {NID_wap_wsg_idm_ecid_wtls5, &_EC_X9_62_CHAR2_163V1.h, 0,
-     "X9.62 curve over a 163 bit binary field"},
-#endif
-    {NID_wap_wsg_idm_ecid_wtls6, &_EC_SECG_PRIME_112R1.h, 0,
-     "SECG/WTLS curve over a 112 bit prime field"},
-    {NID_wap_wsg_idm_ecid_wtls7, &_EC_SECG_PRIME_160R2.h, 0,
-     "SECG/WTLS curve over a 160 bit prime field"},
-    {NID_wap_wsg_idm_ecid_wtls8, &_EC_WTLS_8.h, 0,
-     "WTLS curve over a 112 bit prime field"},
-    {NID_wap_wsg_idm_ecid_wtls9, &_EC_WTLS_9.h, 0,
-     "WTLS curve over a 160 bit prime field"},
-#ifndef OPENSSL_NO_EC2M
-    {NID_wap_wsg_idm_ecid_wtls10, &_EC_NIST_CHAR2_233K.h, 0,
-     "NIST/SECG/WTLS curve over a 233 bit binary field"},
-    {NID_wap_wsg_idm_ecid_wtls11, &_EC_NIST_CHAR2_233B.h, 0,
-     "NIST/SECG/WTLS curve over a 233 bit binary field"},
-#endif
-    {NID_wap_wsg_idm_ecid_wtls12, &_EC_WTLS_12.h, 0,
-     "WTLS curvs over a 224 bit prime field"},
-#ifndef OPENSSL_NO_EC2M
-    /* IPSec curves */
-    {NID_ipsec3, &_EC_IPSEC_155_ID3.h, 0,
-     "\n\tIPSec/IKE/Oakley curve #3 over a 155 bit binary field.\n"
-     "\tNot suitable for ECDSA.\n\tQuestionable extension field!"},
-    {NID_ipsec4, &_EC_IPSEC_185_ID4.h, 0,
-     "\n\tIPSec/IKE/Oakley curve #4 over a 185 bit binary field.\n"
-     "\tNot suitable for ECDSA.\n\tQuestionable extension field!"},
-#endif
-    /* brainpool curves */
-    {NID_brainpoolP160r1, &_EC_brainpoolP160r1.h, 0,
-     "RFC 5639 curve over a 160 bit prime field"},
-    {NID_brainpoolP160t1, &_EC_brainpoolP160t1.h, 0,
-     "RFC 5639 curve over a 160 bit prime field"},
-    {NID_brainpoolP192r1, &_EC_brainpoolP192r1.h, 0,
-     "RFC 5639 curve over a 192 bit prime field"},
-    {NID_brainpoolP192t1, &_EC_brainpoolP192t1.h, 0,
-     "RFC 5639 curve over a 192 bit prime field"},
-    {NID_brainpoolP224r1, &_EC_brainpoolP224r1.h, 0,
-     "RFC 5639 curve over a 224 bit prime field"},
-    {NID_brainpoolP224t1, &_EC_brainpoolP224t1.h, 0,
-     "RFC 5639 curve over a 224 bit prime field"},
-    {NID_brainpoolP256r1, &_EC_brainpoolP256r1.h, 0,
-     "RFC 5639 curve over a 256 bit prime field"},
-    {NID_brainpoolP256t1, &_EC_brainpoolP256t1.h, 0,
-     "RFC 5639 curve over a 256 bit prime field"},
-    {NID_brainpoolP320r1, &_EC_brainpoolP320r1.h, 0,
-     "RFC 5639 curve over a 320 bit prime field"},
-    {NID_brainpoolP320t1, &_EC_brainpoolP320t1.h, 0,
-     "RFC 5639 curve over a 320 bit prime field"},
-    {NID_brainpoolP384r1, &_EC_brainpoolP384r1.h, 0,
-     "RFC 5639 curve over a 384 bit prime field"},
-    {NID_brainpoolP384t1, &_EC_brainpoolP384t1.h, 0,
-     "RFC 5639 curve over a 384 bit prime field"},
-    {NID_brainpoolP512r1, &_EC_brainpoolP512r1.h, 0,
-     "RFC 5639 curve over a 512 bit prime field"},
-    {NID_brainpoolP512t1, &_EC_brainpoolP512t1.h, 0,
-     "RFC 5639 curve over a 512 bit prime field"},
-};
-
-#define curve_list_length (sizeof(curve_list)/sizeof(ec_list_element))
-
-static EC_GROUP *ec_group_new_from_data(const ec_list_element curve)
-{
-    EC_GROUP *group = NULL;
-    EC_POINT *P = NULL;
-    BN_CTX *ctx = NULL;
-    BIGNUM *p = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL, *order =
-        NULL;
-    int ok = 0;
-    int seed_len, param_len;
-    const EC_METHOD *meth;
-    const EC_CURVE_DATA *data;
-    const unsigned char *params;
-
-    if ((ctx = BN_CTX_new()) == NULL) {
-        ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    data = curve.data;
-    seed_len = data->seed_len;
-    param_len = data->param_len;
-    params = (const unsigned char *)(data + 1); /* skip header */
-    params += seed_len;         /* skip seed */
-
-    if (!(p = BN_bin2bn(params + 0 * param_len, param_len, NULL))
-        || !(a = BN_bin2bn(params + 1 * param_len, param_len, NULL))
-        || !(b = BN_bin2bn(params + 2 * param_len, param_len, NULL))) {
-        ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
-        goto err;
-    }
-
-    if (curve.meth != 0) {
-        meth = curve.meth();
-        if (((group = EC_GROUP_new(meth)) == NULL) ||
-            (!(group->meth->group_set_curve(group, p, a, b, ctx)))) {
-            ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
-            goto err;
-        }
-    } else if (data->field_type == NID_X9_62_prime_field) {
-        if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL) {
-            ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
-            goto err;
-        }
-    }
-#ifndef OPENSSL_NO_EC2M
-    else {                      /* field_type ==
-                                 * NID_X9_62_characteristic_two_field */
-
-        if ((group = EC_GROUP_new_curve_GF2m(p, a, b, ctx)) == NULL) {
-            ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
-            goto err;
-        }
-    }
-#endif
-
-    if ((P = EC_POINT_new(group)) == NULL) {
-        ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
-        goto err;
-    }
-
-    if (!(x = BN_bin2bn(params + 3 * param_len, param_len, NULL))
-        || !(y = BN_bin2bn(params + 4 * param_len, param_len, NULL))) {
-        ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
-        goto err;
-    }
-    if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx)) {
-        ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
-        goto err;
-    }
-    if (!(order = BN_bin2bn(params + 5 * param_len, param_len, NULL))
-        || !BN_set_word(x, (BN_ULONG)data->cofactor)) {
-        ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
-        goto err;
-    }
-    if (!EC_GROUP_set_generator(group, P, order, x)) {
-        ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
-        goto err;
-    }
-    if (seed_len) {
-        if (!EC_GROUP_set_seed(group, params - seed_len, seed_len)) {
-            ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
-            goto err;
-        }
-    }
-    ok = 1;
- err:
-    if (!ok) {
-        EC_GROUP_free(group);
-        group = NULL;
-    }
-    if (P)
-        EC_POINT_free(P);
-    if (ctx)
-        BN_CTX_free(ctx);
-    if (p)
-        BN_free(p);
-    if (a)
-        BN_free(a);
-    if (b)
-        BN_free(b);
-    if (order)
-        BN_free(order);
-    if (x)
-        BN_free(x);
-    if (y)
-        BN_free(y);
-    return group;
-}
-
-EC_GROUP *EC_GROUP_new_by_curve_name(int nid)
-{
-    size_t i;
-    EC_GROUP *ret = NULL;
-
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode())
-        return FIPS_ec_group_new_by_curve_name(nid);
-#endif
-    if (nid <= 0)
-        return NULL;
-
-    for (i = 0; i < curve_list_length; i++)
-        if (curve_list[i].nid == nid) {
-            ret = ec_group_new_from_data(curve_list[i]);
-            break;
-        }
-
-    if (ret == NULL) {
-        ECerr(EC_F_EC_GROUP_NEW_BY_CURVE_NAME, EC_R_UNKNOWN_GROUP);
-        return NULL;
-    }
-
-    EC_GROUP_set_curve_name(ret, nid);
-
-    return ret;
-}
-
-size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems)
-{
-    size_t i, min;
-
-    if (r == NULL || nitems == 0)
-        return curve_list_length;
-
-    min = nitems < curve_list_length ? nitems : curve_list_length;
-
-    for (i = 0; i < min; i++) {
-        r[i].nid = curve_list[i].nid;
-        r[i].comment = curve_list[i].comment;
-    }
-
-    return curve_list_length;
-}
-
-/* Functions to translate between common NIST curve names and NIDs */
-
-typedef struct {
-    const char *name;           /* NIST Name of curve */
-    int nid;                    /* Curve NID */
-} EC_NIST_NAME;
-
-static EC_NIST_NAME nist_curves[] = {
-    {"B-163", NID_sect163r2},
-    {"B-233", NID_sect233r1},
-    {"B-283", NID_sect283r1},
-    {"B-409", NID_sect409r1},
-    {"B-571", NID_sect571r1},
-    {"K-163", NID_sect163k1},
-    {"K-233", NID_sect233k1},
-    {"K-283", NID_sect283k1},
-    {"K-409", NID_sect409k1},
-    {"K-571", NID_sect571k1},
-    {"P-192", NID_X9_62_prime192v1},
-    {"P-224", NID_secp224r1},
-    {"P-256", NID_X9_62_prime256v1},
-    {"P-384", NID_secp384r1},
-    {"P-521", NID_secp521r1}
-};
-
-const char *EC_curve_nid2nist(int nid)
-{
-    size_t i;
-    for (i = 0; i < sizeof(nist_curves) / sizeof(EC_NIST_NAME); i++) {
-        if (nist_curves[i].nid == nid)
-            return nist_curves[i].name;
-    }
-    return NULL;
-}
-
-int EC_curve_nist2nid(const char *name)
-{
-    size_t i;
-    for (i = 0; i < sizeof(nist_curves) / sizeof(EC_NIST_NAME); i++) {
-        if (!strcmp(nist_curves[i].name, name))
-            return nist_curves[i].nid;
-    }
-    return NID_undef;
-}
diff --git a/thirdparty/openssl/crypto/ec/ec_cvt.c b/thirdparty/openssl/crypto/ec/ec_cvt.c
deleted file mode 100644
index 5a832ba1cf..0000000000
--- a/thirdparty/openssl/crypto/ec/ec_cvt.c
+++ /dev/null
@@ -1,180 +0,0 @@
-/* crypto/ec/ec_cvt.c */
-/*
- * Originally written by Bodo Moeller for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * The elliptic curve binary polynomial software is originally written by
- * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-#include <openssl/err.h>
-#include "ec_lcl.h"
-
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
-EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
-                                 const BIGNUM *b, BN_CTX *ctx)
-{
-    const EC_METHOD *meth;
-    EC_GROUP *ret;
-
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode())
-        return FIPS_ec_group_new_curve_gfp(p, a, b, ctx);
-#endif
-#if defined(OPENSSL_BN_ASM_MONT)
-    /*
-     * This might appear controversial, but the fact is that generic
-     * prime method was observed to deliver better performance even
-     * for NIST primes on a range of platforms, e.g.: 60%-15%
-     * improvement on IA-64, ~25% on ARM, 30%-90% on P4, 20%-25%
-     * in 32-bit build and 35%--12% in 64-bit build on Core2...
-     * Coefficients are relative to optimized bn_nist.c for most
-     * intensive ECDSA verify and ECDH operations for 192- and 521-
-     * bit keys respectively. Choice of these boundary values is
-     * arguable, because the dependency of improvement coefficient
-     * from key length is not a "monotone" curve. For example while
-     * 571-bit result is 23% on ARM, 384-bit one is -1%. But it's
-     * generally faster, sometimes "respectfully" faster, sometimes
-     * "tolerably" slower... What effectively happens is that loop
-     * with bn_mul_add_words is put against bn_mul_mont, and the
-     * latter "wins" on short vectors. Correct solution should be
-     * implementing dedicated NxN multiplication subroutines for
-     * small N. But till it materializes, let's stick to generic
-     * prime method...
-     *                                              <appro>
-     */
-    meth = EC_GFp_mont_method();
-#else
-    meth = EC_GFp_nist_method();
-#endif
-
-    ret = EC_GROUP_new(meth);
-    if (ret == NULL)
-        return NULL;
-
-    if (!EC_GROUP_set_curve_GFp(ret, p, a, b, ctx)) {
-        unsigned long err;
-
-        err = ERR_peek_last_error();
-
-        if (!(ERR_GET_LIB(err) == ERR_LIB_EC &&
-              ((ERR_GET_REASON(err) == EC_R_NOT_A_NIST_PRIME) ||
-               (ERR_GET_REASON(err) == EC_R_NOT_A_SUPPORTED_NIST_PRIME)))) {
-            /* real error */
-
-            EC_GROUP_clear_free(ret);
-            return NULL;
-        }
-
-        /*
-         * not an actual error, we just cannot use EC_GFp_nist_method
-         */
-
-        ERR_clear_error();
-
-        EC_GROUP_clear_free(ret);
-        meth = EC_GFp_mont_method();
-
-        ret = EC_GROUP_new(meth);
-        if (ret == NULL)
-            return NULL;
-
-        if (!EC_GROUP_set_curve_GFp(ret, p, a, b, ctx)) {
-            EC_GROUP_clear_free(ret);
-            return NULL;
-        }
-    }
-
-    return ret;
-}
-
-#ifndef OPENSSL_NO_EC2M
-EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
-                                  const BIGNUM *b, BN_CTX *ctx)
-{
-    const EC_METHOD *meth;
-    EC_GROUP *ret;
-
-# ifdef OPENSSL_FIPS
-    if (FIPS_mode())
-        return FIPS_ec_group_new_curve_gf2m(p, a, b, ctx);
-# endif
-    meth = EC_GF2m_simple_method();
-
-    ret = EC_GROUP_new(meth);
-    if (ret == NULL)
-        return NULL;
-
-    if (!EC_GROUP_set_curve_GF2m(ret, p, a, b, ctx)) {
-        EC_GROUP_clear_free(ret);
-        return NULL;
-    }
-
-    return ret;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/ec/ec_err.c b/thirdparty/openssl/crypto/ec/ec_err.c
deleted file mode 100644
index 6fe5baafd4..0000000000
--- a/thirdparty/openssl/crypto/ec/ec_err.c
+++ /dev/null
@@ -1,332 +0,0 @@
-/* crypto/ec/ec_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2015 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/ec.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_EC,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_EC,0,reason)
-
-static ERR_STRING_DATA EC_str_functs[] = {
-    {ERR_FUNC(EC_F_BN_TO_FELEM), "BN_TO_FELEM"},
-    {ERR_FUNC(EC_F_COMPUTE_WNAF), "COMPUTE_WNAF"},
-    {ERR_FUNC(EC_F_D2I_ECPARAMETERS), "d2i_ECParameters"},
-    {ERR_FUNC(EC_F_D2I_ECPKPARAMETERS), "d2i_ECPKParameters"},
-    {ERR_FUNC(EC_F_D2I_ECPRIVATEKEY), "d2i_ECPrivateKey"},
-    {ERR_FUNC(EC_F_DO_EC_KEY_PRINT), "DO_EC_KEY_PRINT"},
-    {ERR_FUNC(EC_F_ECDH_CMS_DECRYPT), "ECDH_CMS_DECRYPT"},
-    {ERR_FUNC(EC_F_ECDH_CMS_SET_SHARED_INFO), "ECDH_CMS_SET_SHARED_INFO"},
-    {ERR_FUNC(EC_F_ECKEY_PARAM2TYPE), "ECKEY_PARAM2TYPE"},
-    {ERR_FUNC(EC_F_ECKEY_PARAM_DECODE), "ECKEY_PARAM_DECODE"},
-    {ERR_FUNC(EC_F_ECKEY_PRIV_DECODE), "ECKEY_PRIV_DECODE"},
-    {ERR_FUNC(EC_F_ECKEY_PRIV_ENCODE), "ECKEY_PRIV_ENCODE"},
-    {ERR_FUNC(EC_F_ECKEY_PUB_DECODE), "ECKEY_PUB_DECODE"},
-    {ERR_FUNC(EC_F_ECKEY_PUB_ENCODE), "ECKEY_PUB_ENCODE"},
-    {ERR_FUNC(EC_F_ECKEY_TYPE2PARAM), "ECKEY_TYPE2PARAM"},
-    {ERR_FUNC(EC_F_ECPARAMETERS_PRINT), "ECParameters_print"},
-    {ERR_FUNC(EC_F_ECPARAMETERS_PRINT_FP), "ECParameters_print_fp"},
-    {ERR_FUNC(EC_F_ECPKPARAMETERS_PRINT), "ECPKParameters_print"},
-    {ERR_FUNC(EC_F_ECPKPARAMETERS_PRINT_FP), "ECPKParameters_print_fp"},
-    {ERR_FUNC(EC_F_ECP_NISTZ256_GET_AFFINE), "ecp_nistz256_get_affine"},
-    {ERR_FUNC(EC_F_ECP_NISTZ256_MULT_PRECOMPUTE),
-     "ecp_nistz256_mult_precompute"},
-    {ERR_FUNC(EC_F_ECP_NISTZ256_POINTS_MUL), "ecp_nistz256_points_mul"},
-    {ERR_FUNC(EC_F_ECP_NISTZ256_PRE_COMP_NEW), "ecp_nistz256_pre_comp_new"},
-    {ERR_FUNC(EC_F_ECP_NISTZ256_SET_WORDS), "ecp_nistz256_set_words"},
-    {ERR_FUNC(EC_F_ECP_NISTZ256_WINDOWED_MUL), "ecp_nistz256_windowed_mul"},
-    {ERR_FUNC(EC_F_ECP_NIST_MOD_192), "ECP_NIST_MOD_192"},
-    {ERR_FUNC(EC_F_ECP_NIST_MOD_224), "ECP_NIST_MOD_224"},
-    {ERR_FUNC(EC_F_ECP_NIST_MOD_256), "ECP_NIST_MOD_256"},
-    {ERR_FUNC(EC_F_ECP_NIST_MOD_521), "ECP_NIST_MOD_521"},
-    {ERR_FUNC(EC_F_EC_ASN1_GROUP2CURVE), "EC_ASN1_GROUP2CURVE"},
-    {ERR_FUNC(EC_F_EC_ASN1_GROUP2FIELDID), "EC_ASN1_GROUP2FIELDID"},
-    {ERR_FUNC(EC_F_EC_ASN1_GROUP2PARAMETERS), "EC_ASN1_GROUP2PARAMETERS"},
-    {ERR_FUNC(EC_F_EC_ASN1_GROUP2PKPARAMETERS), "EC_ASN1_GROUP2PKPARAMETERS"},
-    {ERR_FUNC(EC_F_EC_ASN1_PARAMETERS2GROUP), "EC_ASN1_PARAMETERS2GROUP"},
-    {ERR_FUNC(EC_F_EC_ASN1_PKPARAMETERS2GROUP), "EC_ASN1_PKPARAMETERS2GROUP"},
-    {ERR_FUNC(EC_F_EC_EX_DATA_SET_DATA), "EC_EX_DATA_set_data"},
-    {ERR_FUNC(EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY),
-     "EC_GF2M_MONTGOMERY_POINT_MULTIPLY"},
-    {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT),
-     "ec_GF2m_simple_group_check_discriminant"},
-    {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE),
-     "ec_GF2m_simple_group_set_curve"},
-    {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_OCT2POINT), "ec_GF2m_simple_oct2point"},
-    {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_POINT2OCT), "ec_GF2m_simple_point2oct"},
-    {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES),
-     "ec_GF2m_simple_point_get_affine_coordinates"},
-    {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES),
-     "ec_GF2m_simple_point_set_affine_coordinates"},
-    {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES),
-     "ec_GF2m_simple_set_compressed_coordinates"},
-    {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_DECODE), "ec_GFp_mont_field_decode"},
-    {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_ENCODE), "ec_GFp_mont_field_encode"},
-    {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_MUL), "ec_GFp_mont_field_mul"},
-    {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE),
-     "ec_GFp_mont_field_set_to_one"},
-    {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_SQR), "ec_GFp_mont_field_sqr"},
-    {ERR_FUNC(EC_F_EC_GFP_MONT_GROUP_SET_CURVE),
-     "ec_GFp_mont_group_set_curve"},
-    {ERR_FUNC(EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP),
-     "EC_GFP_MONT_GROUP_SET_CURVE_GFP"},
-    {ERR_FUNC(EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE),
-     "ec_GFp_nistp224_group_set_curve"},
-    {ERR_FUNC(EC_F_EC_GFP_NISTP224_POINTS_MUL), "ec_GFp_nistp224_points_mul"},
-    {ERR_FUNC(EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES),
-     "ec_GFp_nistp224_point_get_affine_coordinates"},
-    {ERR_FUNC(EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE),
-     "ec_GFp_nistp256_group_set_curve"},
-    {ERR_FUNC(EC_F_EC_GFP_NISTP256_POINTS_MUL), "ec_GFp_nistp256_points_mul"},
-    {ERR_FUNC(EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES),
-     "ec_GFp_nistp256_point_get_affine_coordinates"},
-    {ERR_FUNC(EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE),
-     "ec_GFp_nistp521_group_set_curve"},
-    {ERR_FUNC(EC_F_EC_GFP_NISTP521_POINTS_MUL), "ec_GFp_nistp521_points_mul"},
-    {ERR_FUNC(EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES),
-     "ec_GFp_nistp521_point_get_affine_coordinates"},
-    {ERR_FUNC(EC_F_EC_GFP_NIST_FIELD_MUL), "ec_GFp_nist_field_mul"},
-    {ERR_FUNC(EC_F_EC_GFP_NIST_FIELD_SQR), "ec_GFp_nist_field_sqr"},
-    {ERR_FUNC(EC_F_EC_GFP_NIST_GROUP_SET_CURVE),
-     "ec_GFp_nist_group_set_curve"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT),
-     "ec_GFp_simple_group_check_discriminant"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE),
-     "ec_GFp_simple_group_set_curve"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP),
-     "EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR),
-     "EC_GFP_SIMPLE_GROUP_SET_GENERATOR"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_MAKE_AFFINE), "ec_GFp_simple_make_affine"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_OCT2POINT), "ec_GFp_simple_oct2point"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT2OCT), "ec_GFp_simple_point2oct"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE),
-     "ec_GFp_simple_points_make_affine"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES),
-     "ec_GFp_simple_point_get_affine_coordinates"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP),
-     "EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES),
-     "ec_GFp_simple_point_set_affine_coordinates"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP),
-     "EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES),
-     "ec_GFp_simple_set_compressed_coordinates"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP),
-     "EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP"},
-    {ERR_FUNC(EC_F_EC_GROUP_CHECK), "EC_GROUP_check"},
-    {ERR_FUNC(EC_F_EC_GROUP_CHECK_DISCRIMINANT),
-     "EC_GROUP_check_discriminant"},
-    {ERR_FUNC(EC_F_EC_GROUP_COPY), "EC_GROUP_copy"},
-    {ERR_FUNC(EC_F_EC_GROUP_GET0_GENERATOR), "EC_GROUP_get0_generator"},
-    {ERR_FUNC(EC_F_EC_GROUP_GET_COFACTOR), "EC_GROUP_get_cofactor"},
-    {ERR_FUNC(EC_F_EC_GROUP_GET_CURVE_GF2M), "EC_GROUP_get_curve_GF2m"},
-    {ERR_FUNC(EC_F_EC_GROUP_GET_CURVE_GFP), "EC_GROUP_get_curve_GFp"},
-    {ERR_FUNC(EC_F_EC_GROUP_GET_DEGREE), "EC_GROUP_get_degree"},
-    {ERR_FUNC(EC_F_EC_GROUP_GET_ORDER), "EC_GROUP_get_order"},
-    {ERR_FUNC(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS),
-     "EC_GROUP_get_pentanomial_basis"},
-    {ERR_FUNC(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS),
-     "EC_GROUP_get_trinomial_basis"},
-    {ERR_FUNC(EC_F_EC_GROUP_NEW), "EC_GROUP_new"},
-    {ERR_FUNC(EC_F_EC_GROUP_NEW_BY_CURVE_NAME), "EC_GROUP_new_by_curve_name"},
-    {ERR_FUNC(EC_F_EC_GROUP_NEW_FROM_DATA), "EC_GROUP_NEW_FROM_DATA"},
-    {ERR_FUNC(EC_F_EC_GROUP_PRECOMPUTE_MULT), "EC_GROUP_precompute_mult"},
-    {ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GF2M), "EC_GROUP_set_curve_GF2m"},
-    {ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GFP), "EC_GROUP_set_curve_GFp"},
-    {ERR_FUNC(EC_F_EC_GROUP_SET_EXTRA_DATA), "EC_GROUP_SET_EXTRA_DATA"},
-    {ERR_FUNC(EC_F_EC_GROUP_SET_GENERATOR), "EC_GROUP_set_generator"},
-    {ERR_FUNC(EC_F_EC_KEY_CHECK_KEY), "EC_KEY_check_key"},
-    {ERR_FUNC(EC_F_EC_KEY_COPY), "EC_KEY_copy"},
-    {ERR_FUNC(EC_F_EC_KEY_GENERATE_KEY), "EC_KEY_generate_key"},
-    {ERR_FUNC(EC_F_EC_KEY_NEW), "EC_KEY_new"},
-    {ERR_FUNC(EC_F_EC_KEY_PRINT), "EC_KEY_print"},
-    {ERR_FUNC(EC_F_EC_KEY_PRINT_FP), "EC_KEY_print_fp"},
-    {ERR_FUNC(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES),
-     "EC_KEY_set_public_key_affine_coordinates"},
-    {ERR_FUNC(EC_F_EC_POINTS_MAKE_AFFINE), "EC_POINTs_make_affine"},
-    {ERR_FUNC(EC_F_EC_POINT_ADD), "EC_POINT_add"},
-    {ERR_FUNC(EC_F_EC_POINT_CMP), "EC_POINT_cmp"},
-    {ERR_FUNC(EC_F_EC_POINT_COPY), "EC_POINT_copy"},
-    {ERR_FUNC(EC_F_EC_POINT_DBL), "EC_POINT_dbl"},
-    {ERR_FUNC(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M),
-     "EC_POINT_get_affine_coordinates_GF2m"},
-    {ERR_FUNC(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP),
-     "EC_POINT_get_affine_coordinates_GFp"},
-    {ERR_FUNC(EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP),
-     "EC_POINT_get_Jprojective_coordinates_GFp"},
-    {ERR_FUNC(EC_F_EC_POINT_INVERT), "EC_POINT_invert"},
-    {ERR_FUNC(EC_F_EC_POINT_IS_AT_INFINITY), "EC_POINT_is_at_infinity"},
-    {ERR_FUNC(EC_F_EC_POINT_IS_ON_CURVE), "EC_POINT_is_on_curve"},
-    {ERR_FUNC(EC_F_EC_POINT_MAKE_AFFINE), "EC_POINT_make_affine"},
-    {ERR_FUNC(EC_F_EC_POINT_MUL), "EC_POINT_mul"},
-    {ERR_FUNC(EC_F_EC_POINT_NEW), "EC_POINT_new"},
-    {ERR_FUNC(EC_F_EC_POINT_OCT2POINT), "EC_POINT_oct2point"},
-    {ERR_FUNC(EC_F_EC_POINT_POINT2OCT), "EC_POINT_point2oct"},
-    {ERR_FUNC(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M),
-     "EC_POINT_set_affine_coordinates_GF2m"},
-    {ERR_FUNC(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP),
-     "EC_POINT_set_affine_coordinates_GFp"},
-    {ERR_FUNC(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M),
-     "EC_POINT_set_compressed_coordinates_GF2m"},
-    {ERR_FUNC(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP),
-     "EC_POINT_set_compressed_coordinates_GFp"},
-    {ERR_FUNC(EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP),
-     "EC_POINT_set_Jprojective_coordinates_GFp"},
-    {ERR_FUNC(EC_F_EC_POINT_SET_TO_INFINITY), "EC_POINT_set_to_infinity"},
-    {ERR_FUNC(EC_F_EC_PRE_COMP_DUP), "EC_PRE_COMP_DUP"},
-    {ERR_FUNC(EC_F_EC_PRE_COMP_NEW), "EC_PRE_COMP_NEW"},
-    {ERR_FUNC(EC_F_EC_WNAF_MUL), "ec_wNAF_mul"},
-    {ERR_FUNC(EC_F_EC_WNAF_PRECOMPUTE_MULT), "ec_wNAF_precompute_mult"},
-    {ERR_FUNC(EC_F_I2D_ECPARAMETERS), "i2d_ECParameters"},
-    {ERR_FUNC(EC_F_I2D_ECPKPARAMETERS), "i2d_ECPKParameters"},
-    {ERR_FUNC(EC_F_I2D_ECPRIVATEKEY), "i2d_ECPrivateKey"},
-    {ERR_FUNC(EC_F_I2O_ECPUBLICKEY), "i2o_ECPublicKey"},
-    {ERR_FUNC(EC_F_NISTP224_PRE_COMP_NEW), "NISTP224_PRE_COMP_NEW"},
-    {ERR_FUNC(EC_F_NISTP256_PRE_COMP_NEW), "NISTP256_PRE_COMP_NEW"},
-    {ERR_FUNC(EC_F_NISTP521_PRE_COMP_NEW), "NISTP521_PRE_COMP_NEW"},
-    {ERR_FUNC(EC_F_O2I_ECPUBLICKEY), "o2i_ECPublicKey"},
-    {ERR_FUNC(EC_F_OLD_EC_PRIV_DECODE), "OLD_EC_PRIV_DECODE"},
-    {ERR_FUNC(EC_F_PKEY_EC_CTRL), "PKEY_EC_CTRL"},
-    {ERR_FUNC(EC_F_PKEY_EC_CTRL_STR), "PKEY_EC_CTRL_STR"},
-    {ERR_FUNC(EC_F_PKEY_EC_DERIVE), "PKEY_EC_DERIVE"},
-    {ERR_FUNC(EC_F_PKEY_EC_KEYGEN), "PKEY_EC_KEYGEN"},
-    {ERR_FUNC(EC_F_PKEY_EC_PARAMGEN), "PKEY_EC_PARAMGEN"},
-    {ERR_FUNC(EC_F_PKEY_EC_SIGN), "PKEY_EC_SIGN"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA EC_str_reasons[] = {
-    {ERR_REASON(EC_R_ASN1_ERROR), "asn1 error"},
-    {ERR_REASON(EC_R_ASN1_UNKNOWN_FIELD), "asn1 unknown field"},
-    {ERR_REASON(EC_R_BIGNUM_OUT_OF_RANGE), "bignum out of range"},
-    {ERR_REASON(EC_R_BUFFER_TOO_SMALL), "buffer too small"},
-    {ERR_REASON(EC_R_COORDINATES_OUT_OF_RANGE), "coordinates out of range"},
-    {ERR_REASON(EC_R_D2I_ECPKPARAMETERS_FAILURE),
-     "d2i ecpkparameters failure"},
-    {ERR_REASON(EC_R_DECODE_ERROR), "decode error"},
-    {ERR_REASON(EC_R_DISCRIMINANT_IS_ZERO), "discriminant is zero"},
-    {ERR_REASON(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE),
-     "ec group new by name failure"},
-    {ERR_REASON(EC_R_FIELD_TOO_LARGE), "field too large"},
-    {ERR_REASON(EC_R_GF2M_NOT_SUPPORTED), "gf2m not supported"},
-    {ERR_REASON(EC_R_GROUP2PKPARAMETERS_FAILURE),
-     "group2pkparameters failure"},
-    {ERR_REASON(EC_R_I2D_ECPKPARAMETERS_FAILURE),
-     "i2d ecpkparameters failure"},
-    {ERR_REASON(EC_R_INCOMPATIBLE_OBJECTS), "incompatible objects"},
-    {ERR_REASON(EC_R_INVALID_ARGUMENT), "invalid argument"},
-    {ERR_REASON(EC_R_INVALID_COMPRESSED_POINT), "invalid compressed point"},
-    {ERR_REASON(EC_R_INVALID_COMPRESSION_BIT), "invalid compression bit"},
-    {ERR_REASON(EC_R_INVALID_CURVE), "invalid curve"},
-    {ERR_REASON(EC_R_INVALID_DIGEST), "invalid digest"},
-    {ERR_REASON(EC_R_INVALID_DIGEST_TYPE), "invalid digest type"},
-    {ERR_REASON(EC_R_INVALID_ENCODING), "invalid encoding"},
-    {ERR_REASON(EC_R_INVALID_FIELD), "invalid field"},
-    {ERR_REASON(EC_R_INVALID_FORM), "invalid form"},
-    {ERR_REASON(EC_R_INVALID_GROUP_ORDER), "invalid group order"},
-    {ERR_REASON(EC_R_INVALID_PENTANOMIAL_BASIS), "invalid pentanomial basis"},
-    {ERR_REASON(EC_R_INVALID_PRIVATE_KEY), "invalid private key"},
-    {ERR_REASON(EC_R_INVALID_TRINOMIAL_BASIS), "invalid trinomial basis"},
-    {ERR_REASON(EC_R_KDF_PARAMETER_ERROR), "kdf parameter error"},
-    {ERR_REASON(EC_R_KEYS_NOT_SET), "keys not set"},
-    {ERR_REASON(EC_R_MISSING_PARAMETERS), "missing parameters"},
-    {ERR_REASON(EC_R_MISSING_PRIVATE_KEY), "missing private key"},
-    {ERR_REASON(EC_R_NOT_A_NIST_PRIME), "not a NIST prime"},
-    {ERR_REASON(EC_R_NOT_A_SUPPORTED_NIST_PRIME),
-     "not a supported NIST prime"},
-    {ERR_REASON(EC_R_NOT_IMPLEMENTED), "not implemented"},
-    {ERR_REASON(EC_R_NOT_INITIALIZED), "not initialized"},
-    {ERR_REASON(EC_R_NO_FIELD_MOD), "no field mod"},
-    {ERR_REASON(EC_R_NO_PARAMETERS_SET), "no parameters set"},
-    {ERR_REASON(EC_R_PASSED_NULL_PARAMETER), "passed null parameter"},
-    {ERR_REASON(EC_R_PEER_KEY_ERROR), "peer key error"},
-    {ERR_REASON(EC_R_PKPARAMETERS2GROUP_FAILURE),
-     "pkparameters2group failure"},
-    {ERR_REASON(EC_R_POINT_AT_INFINITY), "point at infinity"},
-    {ERR_REASON(EC_R_POINT_IS_NOT_ON_CURVE), "point is not on curve"},
-    {ERR_REASON(EC_R_SHARED_INFO_ERROR), "shared info error"},
-    {ERR_REASON(EC_R_SLOT_FULL), "slot full"},
-    {ERR_REASON(EC_R_UNDEFINED_GENERATOR), "undefined generator"},
-    {ERR_REASON(EC_R_UNDEFINED_ORDER), "undefined order"},
-    {ERR_REASON(EC_R_UNKNOWN_GROUP), "unknown group"},
-    {ERR_REASON(EC_R_UNKNOWN_ORDER), "unknown order"},
-    {ERR_REASON(EC_R_UNSUPPORTED_FIELD), "unsupported field"},
-    {ERR_REASON(EC_R_WRONG_CURVE_PARAMETERS), "wrong curve parameters"},
-    {ERR_REASON(EC_R_WRONG_ORDER), "wrong order"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_EC_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(EC_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, EC_str_functs);
-        ERR_load_strings(0, EC_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/ec/ec_key.c b/thirdparty/openssl/crypto/ec/ec_key.c
deleted file mode 100644
index 456080ecfe..0000000000
--- a/thirdparty/openssl/crypto/ec/ec_key.c
+++ /dev/null
@@ -1,564 +0,0 @@
-/* crypto/ec/ec_key.c */
-/*
- * Written by Nils Larsch for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * Portions originally developed by SUN MICROSYSTEMS, INC., and
- * contributed to the OpenSSL project.
- */
-
-#include <string.h>
-#include "ec_lcl.h"
-#include <openssl/err.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
-EC_KEY *EC_KEY_new(void)
-{
-    EC_KEY *ret;
-
-    ret = (EC_KEY *)OPENSSL_malloc(sizeof(EC_KEY));
-    if (ret == NULL) {
-        ECerr(EC_F_EC_KEY_NEW, ERR_R_MALLOC_FAILURE);
-        return (NULL);
-    }
-
-    ret->version = 1;
-    ret->flags = 0;
-    ret->group = NULL;
-    ret->pub_key = NULL;
-    ret->priv_key = NULL;
-    ret->enc_flag = 0;
-    ret->conv_form = POINT_CONVERSION_UNCOMPRESSED;
-    ret->references = 1;
-    ret->method_data = NULL;
-    return (ret);
-}
-
-EC_KEY *EC_KEY_new_by_curve_name(int nid)
-{
-    EC_KEY *ret = EC_KEY_new();
-    if (ret == NULL)
-        return NULL;
-    ret->group = EC_GROUP_new_by_curve_name(nid);
-    if (ret->group == NULL) {
-        EC_KEY_free(ret);
-        return NULL;
-    }
-    return ret;
-}
-
-void EC_KEY_free(EC_KEY *r)
-{
-    int i;
-
-    if (r == NULL)
-        return;
-
-    i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_EC);
-#ifdef REF_PRINT
-    REF_PRINT("EC_KEY", r);
-#endif
-    if (i > 0)
-        return;
-#ifdef REF_CHECK
-    if (i < 0) {
-        fprintf(stderr, "EC_KEY_free, bad reference count\n");
-        abort();
-    }
-#endif
-
-    if (r->group != NULL)
-        EC_GROUP_free(r->group);
-    if (r->pub_key != NULL)
-        EC_POINT_free(r->pub_key);
-    if (r->priv_key != NULL)
-        BN_clear_free(r->priv_key);
-
-    EC_EX_DATA_free_all_data(&r->method_data);
-
-    OPENSSL_cleanse((void *)r, sizeof(EC_KEY));
-
-    OPENSSL_free(r);
-}
-
-EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src)
-{
-    EC_EXTRA_DATA *d;
-
-    if (dest == NULL || src == NULL) {
-        ECerr(EC_F_EC_KEY_COPY, ERR_R_PASSED_NULL_PARAMETER);
-        return NULL;
-    }
-    /* copy the parameters */
-    if (src->group) {
-        const EC_METHOD *meth = EC_GROUP_method_of(src->group);
-        /* clear the old group */
-        if (dest->group)
-            EC_GROUP_free(dest->group);
-        dest->group = EC_GROUP_new(meth);
-        if (dest->group == NULL)
-            return NULL;
-        if (!EC_GROUP_copy(dest->group, src->group))
-            return NULL;
-    }
-    /*  copy the public key */
-    if (src->pub_key && src->group) {
-        if (dest->pub_key)
-            EC_POINT_free(dest->pub_key);
-        dest->pub_key = EC_POINT_new(src->group);
-        if (dest->pub_key == NULL)
-            return NULL;
-        if (!EC_POINT_copy(dest->pub_key, src->pub_key))
-            return NULL;
-    }
-    /* copy the private key */
-    if (src->priv_key) {
-        if (dest->priv_key == NULL) {
-            dest->priv_key = BN_new();
-            if (dest->priv_key == NULL)
-                return NULL;
-        }
-        if (!BN_copy(dest->priv_key, src->priv_key))
-            return NULL;
-    }
-    /* copy method/extra data */
-    EC_EX_DATA_free_all_data(&dest->method_data);
-
-    for (d = src->method_data; d != NULL; d = d->next) {
-        void *t = d->dup_func(d->data);
-
-        if (t == NULL)
-            return 0;
-        if (!EC_EX_DATA_set_data
-            (&dest->method_data, t, d->dup_func, d->free_func,
-             d->clear_free_func))
-            return 0;
-    }
-
-    /* copy the rest */
-    dest->enc_flag = src->enc_flag;
-    dest->conv_form = src->conv_form;
-    dest->version = src->version;
-    dest->flags = src->flags;
-
-    return dest;
-}
-
-EC_KEY *EC_KEY_dup(const EC_KEY *ec_key)
-{
-    EC_KEY *ret = EC_KEY_new();
-    if (ret == NULL)
-        return NULL;
-    if (EC_KEY_copy(ret, ec_key) == NULL) {
-        EC_KEY_free(ret);
-        return NULL;
-    }
-    return ret;
-}
-
-int EC_KEY_up_ref(EC_KEY *r)
-{
-    int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_EC);
-#ifdef REF_PRINT
-    REF_PRINT("EC_KEY", r);
-#endif
-#ifdef REF_CHECK
-    if (i < 2) {
-        fprintf(stderr, "EC_KEY_up, bad reference count\n");
-        abort();
-    }
-#endif
-    return ((i > 1) ? 1 : 0);
-}
-
-int EC_KEY_generate_key(EC_KEY *eckey)
-{
-    int ok = 0;
-    BN_CTX *ctx = NULL;
-    BIGNUM *priv_key = NULL, *order = NULL;
-    EC_POINT *pub_key = NULL;
-
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode())
-        return FIPS_ec_key_generate_key(eckey);
-#endif
-
-    if (!eckey || !eckey->group) {
-        ECerr(EC_F_EC_KEY_GENERATE_KEY, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    if ((order = BN_new()) == NULL)
-        goto err;
-    if ((ctx = BN_CTX_new()) == NULL)
-        goto err;
-
-    if (eckey->priv_key == NULL) {
-        priv_key = BN_new();
-        if (priv_key == NULL)
-            goto err;
-    } else
-        priv_key = eckey->priv_key;
-
-    if (!EC_GROUP_get_order(eckey->group, order, ctx))
-        goto err;
-
-    do
-        if (!BN_rand_range(priv_key, order))
-            goto err;
-    while (BN_is_zero(priv_key)) ;
-
-    if (eckey->pub_key == NULL) {
-        pub_key = EC_POINT_new(eckey->group);
-        if (pub_key == NULL)
-            goto err;
-    } else
-        pub_key = eckey->pub_key;
-
-    if (!EC_POINT_mul(eckey->group, pub_key, priv_key, NULL, NULL, ctx))
-        goto err;
-
-    eckey->priv_key = priv_key;
-    eckey->pub_key = pub_key;
-
-    ok = 1;
-
- err:
-    if (order)
-        BN_free(order);
-    if (pub_key != NULL && eckey->pub_key == NULL)
-        EC_POINT_free(pub_key);
-    if (priv_key != NULL && eckey->priv_key == NULL)
-        BN_free(priv_key);
-    if (ctx != NULL)
-        BN_CTX_free(ctx);
-    return (ok);
-}
-
-int EC_KEY_check_key(const EC_KEY *eckey)
-{
-    int ok = 0;
-    BN_CTX *ctx = NULL;
-    const BIGNUM *order = NULL;
-    EC_POINT *point = NULL;
-
-    if (!eckey || !eckey->group || !eckey->pub_key) {
-        ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    if (EC_POINT_is_at_infinity(eckey->group, eckey->pub_key)) {
-        ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_POINT_AT_INFINITY);
-        goto err;
-    }
-
-    if ((ctx = BN_CTX_new()) == NULL)
-        goto err;
-    if ((point = EC_POINT_new(eckey->group)) == NULL)
-        goto err;
-
-    /* testing whether the pub_key is on the elliptic curve */
-    if (EC_POINT_is_on_curve(eckey->group, eckey->pub_key, ctx) <= 0) {
-        ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_POINT_IS_NOT_ON_CURVE);
-        goto err;
-    }
-    /* testing whether pub_key * order is the point at infinity */
-    order = &eckey->group->order;
-    if (BN_is_zero(order)) {
-        ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_INVALID_GROUP_ORDER);
-        goto err;
-    }
-    if (!EC_POINT_mul(eckey->group, point, NULL, eckey->pub_key, order, ctx)) {
-        ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_EC_LIB);
-        goto err;
-    }
-    if (!EC_POINT_is_at_infinity(eckey->group, point)) {
-        ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_WRONG_ORDER);
-        goto err;
-    }
-    /*
-     * in case the priv_key is present : check if generator * priv_key ==
-     * pub_key
-     */
-    if (eckey->priv_key) {
-        if (BN_cmp(eckey->priv_key, order) >= 0) {
-            ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_WRONG_ORDER);
-            goto err;
-        }
-        if (!EC_POINT_mul(eckey->group, point, eckey->priv_key,
-                          NULL, NULL, ctx)) {
-            ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_EC_LIB);
-            goto err;
-        }
-        if (EC_POINT_cmp(eckey->group, point, eckey->pub_key, ctx) != 0) {
-            ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_INVALID_PRIVATE_KEY);
-            goto err;
-        }
-    }
-    ok = 1;
- err:
-    if (ctx != NULL)
-        BN_CTX_free(ctx);
-    if (point != NULL)
-        EC_POINT_free(point);
-    return (ok);
-}
-
-int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
-                                             BIGNUM *y)
-{
-    BN_CTX *ctx = NULL;
-    BIGNUM *tx, *ty;
-    EC_POINT *point = NULL;
-    int ok = 0;
-#ifndef OPENSSL_NO_EC2M
-    int tmp_nid, is_char_two = 0;
-#endif
-
-    if (!key || !key->group || !x || !y) {
-        ECerr(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES,
-              ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    ctx = BN_CTX_new();
-    if (ctx == NULL)
-        return 0;
-    BN_CTX_start(ctx);
-    point = EC_POINT_new(key->group);
-
-    if (!point)
-        goto err;
-
-    tx = BN_CTX_get(ctx);
-    ty = BN_CTX_get(ctx);
-    if (ty == NULL)
-        goto err;
-
-#ifndef OPENSSL_NO_EC2M
-    tmp_nid = EC_METHOD_get_field_type(EC_GROUP_method_of(key->group));
-
-    if (tmp_nid == NID_X9_62_characteristic_two_field)
-        is_char_two = 1;
-
-    if (is_char_two) {
-        if (!EC_POINT_set_affine_coordinates_GF2m(key->group, point,
-                                                  x, y, ctx))
-            goto err;
-        if (!EC_POINT_get_affine_coordinates_GF2m(key->group, point,
-                                                  tx, ty, ctx))
-            goto err;
-    } else
-#endif
-    {
-        if (!EC_POINT_set_affine_coordinates_GFp(key->group, point,
-                                                 x, y, ctx))
-            goto err;
-        if (!EC_POINT_get_affine_coordinates_GFp(key->group, point,
-                                                 tx, ty, ctx))
-            goto err;
-    }
-    /*
-     * Check if retrieved coordinates match originals: if not values are out
-     * of range.
-     */
-    if (BN_cmp(x, tx) || BN_cmp(y, ty)) {
-        ECerr(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES,
-              EC_R_COORDINATES_OUT_OF_RANGE);
-        goto err;
-    }
-
-    if (!EC_KEY_set_public_key(key, point))
-        goto err;
-
-    if (EC_KEY_check_key(key) == 0)
-        goto err;
-
-    ok = 1;
-
- err:
-    BN_CTX_end(ctx);
-    BN_CTX_free(ctx);
-    EC_POINT_free(point);
-    return ok;
-
-}
-
-const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key)
-{
-    return key->group;
-}
-
-int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group)
-{
-    if (key->group != NULL)
-        EC_GROUP_free(key->group);
-    key->group = EC_GROUP_dup(group);
-    return (key->group == NULL) ? 0 : 1;
-}
-
-const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key)
-{
-    return key->priv_key;
-}
-
-int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *priv_key)
-{
-    if (key->priv_key)
-        BN_clear_free(key->priv_key);
-    key->priv_key = BN_dup(priv_key);
-    return (key->priv_key == NULL) ? 0 : 1;
-}
-
-const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key)
-{
-    return key->pub_key;
-}
-
-int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub_key)
-{
-    if (key->pub_key != NULL)
-        EC_POINT_free(key->pub_key);
-    key->pub_key = EC_POINT_dup(pub_key, key->group);
-    return (key->pub_key == NULL) ? 0 : 1;
-}
-
-unsigned int EC_KEY_get_enc_flags(const EC_KEY *key)
-{
-    return key->enc_flag;
-}
-
-void EC_KEY_set_enc_flags(EC_KEY *key, unsigned int flags)
-{
-    key->enc_flag = flags;
-}
-
-point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key)
-{
-    return key->conv_form;
-}
-
-void EC_KEY_set_conv_form(EC_KEY *key, point_conversion_form_t cform)
-{
-    key->conv_form = cform;
-    if (key->group != NULL)
-        EC_GROUP_set_point_conversion_form(key->group, cform);
-}
-
-void *EC_KEY_get_key_method_data(EC_KEY *key,
-                                 void *(*dup_func) (void *),
-                                 void (*free_func) (void *),
-                                 void (*clear_free_func) (void *))
-{
-    void *ret;
-
-    CRYPTO_r_lock(CRYPTO_LOCK_EC);
-    ret =
-        EC_EX_DATA_get_data(key->method_data, dup_func, free_func,
-                            clear_free_func);
-    CRYPTO_r_unlock(CRYPTO_LOCK_EC);
-
-    return ret;
-}
-
-void *EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
-                                    void *(*dup_func) (void *),
-                                    void (*free_func) (void *),
-                                    void (*clear_free_func) (void *))
-{
-    EC_EXTRA_DATA *ex_data;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_EC);
-    ex_data =
-        EC_EX_DATA_get_data(key->method_data, dup_func, free_func,
-                            clear_free_func);
-    if (ex_data == NULL)
-        EC_EX_DATA_set_data(&key->method_data, data, dup_func, free_func,
-                            clear_free_func);
-    CRYPTO_w_unlock(CRYPTO_LOCK_EC);
-
-    return ex_data;
-}
-
-void EC_KEY_set_asn1_flag(EC_KEY *key, int flag)
-{
-    if (key->group != NULL)
-        EC_GROUP_set_asn1_flag(key->group, flag);
-}
-
-int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx)
-{
-    if (key->group == NULL)
-        return 0;
-    return EC_GROUP_precompute_mult(key->group, ctx);
-}
-
-int EC_KEY_get_flags(const EC_KEY *key)
-{
-    return key->flags;
-}
-
-void EC_KEY_set_flags(EC_KEY *key, int flags)
-{
-    key->flags |= flags;
-}
-
-void EC_KEY_clear_flags(EC_KEY *key, int flags)
-{
-    key->flags &= ~flags;
-}
diff --git a/thirdparty/openssl/crypto/ec/ec_lcl.h b/thirdparty/openssl/crypto/ec/ec_lcl.h
deleted file mode 100644
index 969fd147ef..0000000000
--- a/thirdparty/openssl/crypto/ec/ec_lcl.h
+++ /dev/null
@@ -1,568 +0,0 @@
-/* crypto/ec/ec_lcl.h */
-/*
- * Originally written by Bodo Moeller for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2010 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * The elliptic curve binary polynomial software is originally written by
- * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-#include <stdlib.h>
-
-#include <openssl/obj_mac.h>
-#include <openssl/ec.h>
-#include <openssl/bn.h>
-
-#if defined(__SUNPRO_C)
-# if __SUNPRO_C >= 0x520
-#  pragma error_messages (off,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
-# endif
-#endif
-
-/* Use default functions for poin2oct, oct2point and compressed coordinates */
-#define EC_FLAGS_DEFAULT_OCT    0x1
-
-/*
- * Structure details are not part of the exported interface, so all this may
- * change in future versions.
- */
-
-struct ec_method_st {
-    /* Various method flags */
-    int flags;
-    /* used by EC_METHOD_get_field_type: */
-    int field_type;             /* a NID */
-    /*
-     * used by EC_GROUP_new, EC_GROUP_free, EC_GROUP_clear_free,
-     * EC_GROUP_copy:
-     */
-    int (*group_init) (EC_GROUP *);
-    void (*group_finish) (EC_GROUP *);
-    void (*group_clear_finish) (EC_GROUP *);
-    int (*group_copy) (EC_GROUP *, const EC_GROUP *);
-    /* used by EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, */
-    /* EC_GROUP_set_curve_GF2m, and EC_GROUP_get_curve_GF2m: */
-    int (*group_set_curve) (EC_GROUP *, const BIGNUM *p, const BIGNUM *a,
-                            const BIGNUM *b, BN_CTX *);
-    int (*group_get_curve) (const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b,
-                            BN_CTX *);
-    /* used by EC_GROUP_get_degree: */
-    int (*group_get_degree) (const EC_GROUP *);
-    /* used by EC_GROUP_check: */
-    int (*group_check_discriminant) (const EC_GROUP *, BN_CTX *);
-    /*
-     * used by EC_POINT_new, EC_POINT_free, EC_POINT_clear_free,
-     * EC_POINT_copy:
-     */
-    int (*point_init) (EC_POINT *);
-    void (*point_finish) (EC_POINT *);
-    void (*point_clear_finish) (EC_POINT *);
-    int (*point_copy) (EC_POINT *, const EC_POINT *);
-    /*-
-     * used by EC_POINT_set_to_infinity,
-     * EC_POINT_set_Jprojective_coordinates_GFp,
-     * EC_POINT_get_Jprojective_coordinates_GFp,
-     * EC_POINT_set_affine_coordinates_GFp,     ..._GF2m,
-     * EC_POINT_get_affine_coordinates_GFp,     ..._GF2m,
-     * EC_POINT_set_compressed_coordinates_GFp, ..._GF2m:
-     */
-    int (*point_set_to_infinity) (const EC_GROUP *, EC_POINT *);
-    int (*point_set_Jprojective_coordinates_GFp) (const EC_GROUP *,
-                                                  EC_POINT *, const BIGNUM *x,
-                                                  const BIGNUM *y,
-                                                  const BIGNUM *z, BN_CTX *);
-    int (*point_get_Jprojective_coordinates_GFp) (const EC_GROUP *,
-                                                  const EC_POINT *, BIGNUM *x,
-                                                  BIGNUM *y, BIGNUM *z,
-                                                  BN_CTX *);
-    int (*point_set_affine_coordinates) (const EC_GROUP *, EC_POINT *,
-                                         const BIGNUM *x, const BIGNUM *y,
-                                         BN_CTX *);
-    int (*point_get_affine_coordinates) (const EC_GROUP *, const EC_POINT *,
-                                         BIGNUM *x, BIGNUM *y, BN_CTX *);
-    int (*point_set_compressed_coordinates) (const EC_GROUP *, EC_POINT *,
-                                             const BIGNUM *x, int y_bit,
-                                             BN_CTX *);
-    /* used by EC_POINT_point2oct, EC_POINT_oct2point: */
-    size_t (*point2oct) (const EC_GROUP *, const EC_POINT *,
-                         point_conversion_form_t form, unsigned char *buf,
-                         size_t len, BN_CTX *);
-    int (*oct2point) (const EC_GROUP *, EC_POINT *, const unsigned char *buf,
-                      size_t len, BN_CTX *);
-    /* used by EC_POINT_add, EC_POINT_dbl, ECP_POINT_invert: */
-    int (*add) (const EC_GROUP *, EC_POINT *r, const EC_POINT *a,
-                const EC_POINT *b, BN_CTX *);
-    int (*dbl) (const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *);
-    int (*invert) (const EC_GROUP *, EC_POINT *, BN_CTX *);
-    /*
-     * used by EC_POINT_is_at_infinity, EC_POINT_is_on_curve, EC_POINT_cmp:
-     */
-    int (*is_at_infinity) (const EC_GROUP *, const EC_POINT *);
-    int (*is_on_curve) (const EC_GROUP *, const EC_POINT *, BN_CTX *);
-    int (*point_cmp) (const EC_GROUP *, const EC_POINT *a, const EC_POINT *b,
-                      BN_CTX *);
-    /* used by EC_POINT_make_affine, EC_POINTs_make_affine: */
-    int (*make_affine) (const EC_GROUP *, EC_POINT *, BN_CTX *);
-    int (*points_make_affine) (const EC_GROUP *, size_t num, EC_POINT *[],
-                               BN_CTX *);
-    /*
-     * used by EC_POINTs_mul, EC_POINT_mul, EC_POINT_precompute_mult,
-     * EC_POINT_have_precompute_mult (default implementations are used if the
-     * 'mul' pointer is 0):
-     */
-    int (*mul) (const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
-                size_t num, const EC_POINT *points[], const BIGNUM *scalars[],
-                BN_CTX *);
-    int (*precompute_mult) (EC_GROUP *group, BN_CTX *);
-    int (*have_precompute_mult) (const EC_GROUP *group);
-    /* internal functions */
-    /*
-     * 'field_mul', 'field_sqr', and 'field_div' can be used by 'add' and
-     * 'dbl' so that the same implementations of point operations can be used
-     * with different optimized implementations of expensive field
-     * operations:
-     */
-    int (*field_mul) (const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
-                      const BIGNUM *b, BN_CTX *);
-    int (*field_sqr) (const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
-    int (*field_div) (const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
-                      const BIGNUM *b, BN_CTX *);
-    /* e.g. to Montgomery */
-    int (*field_encode) (const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
-                         BN_CTX *);
-    /* e.g. from Montgomery */
-    int (*field_decode) (const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
-                         BN_CTX *);
-    int (*field_set_to_one) (const EC_GROUP *, BIGNUM *r, BN_CTX *);
-} /* EC_METHOD */ ;
-
-typedef struct ec_extra_data_st {
-    struct ec_extra_data_st *next;
-    void *data;
-    void *(*dup_func) (void *);
-    void (*free_func) (void *);
-    void (*clear_free_func) (void *);
-} EC_EXTRA_DATA;                /* used in EC_GROUP */
-
-struct ec_group_st {
-    const EC_METHOD *meth;
-    EC_POINT *generator;        /* optional */
-    BIGNUM order, cofactor;
-    int curve_name;             /* optional NID for named curve */
-    int asn1_flag;              /* flag to control the asn1 encoding */
-    /*
-     * Kludge: upper bit of ans1_flag is used to denote structure
-     * version. Is set, then last field is present. This is done
-     * for interoperation with FIPS code.
-     */
-#define EC_GROUP_ASN1_FLAG_MASK 0x7fffffff
-#define EC_GROUP_VERSION(p) (p->asn1_flag&~EC_GROUP_ASN1_FLAG_MASK)
-    point_conversion_form_t asn1_form;
-    unsigned char *seed;        /* optional seed for parameters (appears in
-                                 * ASN1) */
-    size_t seed_len;
-    EC_EXTRA_DATA *extra_data;  /* linked list */
-    /*
-     * The following members are handled by the method functions, even if
-     * they appear generic
-     */
-    /*
-     * Field specification. For curves over GF(p), this is the modulus; for
-     * curves over GF(2^m), this is the irreducible polynomial defining the
-     * field.
-     */
-    BIGNUM field;
-    /*
-     * Field specification for curves over GF(2^m). The irreducible f(t) is
-     * then of the form: t^poly[0] + t^poly[1] + ... + t^poly[k] where m =
-     * poly[0] > poly[1] > ... > poly[k] = 0. The array is terminated with
-     * poly[k+1]=-1. All elliptic curve irreducibles have at most 5 non-zero
-     * terms.
-     */
-    int poly[6];
-    /*
-     * Curve coefficients. (Here the assumption is that BIGNUMs can be used
-     * or abused for all kinds of fields, not just GF(p).) For characteristic
-     * > 3, the curve is defined by a Weierstrass equation of the form y^2 =
-     * x^3 + a*x + b. For characteristic 2, the curve is defined by an
-     * equation of the form y^2 + x*y = x^3 + a*x^2 + b.
-     */
-    BIGNUM a, b;
-    /* enable optimized point arithmetics for special case */
-    int a_is_minus3;
-    /* method-specific (e.g., Montgomery structure) */
-    void *field_data1;
-    /* method-specific */
-    void *field_data2;
-    /* method-specific */
-    int (*field_mod_func) (BIGNUM *, const BIGNUM *, const BIGNUM *,
-                           BN_CTX *);
-    BN_MONT_CTX *mont_data;     /* data for ECDSA inverse */
-} /* EC_GROUP */ ;
-
-struct ec_key_st {
-    int version;
-    EC_GROUP *group;
-    EC_POINT *pub_key;
-    BIGNUM *priv_key;
-    unsigned int enc_flag;
-    point_conversion_form_t conv_form;
-    int references;
-    int flags;
-    EC_EXTRA_DATA *method_data;
-} /* EC_KEY */ ;
-
-/*
- * Basically a 'mixin' for extra data, but available for EC_GROUPs/EC_KEYs
- * only (with visibility limited to 'package' level for now). We use the
- * function pointers as index for retrieval; this obviates global
- * ex_data-style index tables.
- */
-int EC_EX_DATA_set_data(EC_EXTRA_DATA **, void *data,
-                        void *(*dup_func) (void *),
-                        void (*free_func) (void *),
-                        void (*clear_free_func) (void *));
-void *EC_EX_DATA_get_data(const EC_EXTRA_DATA *, void *(*dup_func) (void *),
-                          void (*free_func) (void *),
-                          void (*clear_free_func) (void *));
-void EC_EX_DATA_free_data(EC_EXTRA_DATA **, void *(*dup_func) (void *),
-                          void (*free_func) (void *),
-                          void (*clear_free_func) (void *));
-void EC_EX_DATA_clear_free_data(EC_EXTRA_DATA **, void *(*dup_func) (void *),
-                                void (*free_func) (void *),
-                                void (*clear_free_func) (void *));
-void EC_EX_DATA_free_all_data(EC_EXTRA_DATA **);
-void EC_EX_DATA_clear_free_all_data(EC_EXTRA_DATA **);
-
-struct ec_point_st {
-    const EC_METHOD *meth;
-    /*
-     * All members except 'meth' are handled by the method functions, even if
-     * they appear generic
-     */
-    BIGNUM X;
-    BIGNUM Y;
-    BIGNUM Z;                   /* Jacobian projective coordinates: (X, Y, Z)
-                                 * represents (X/Z^2, Y/Z^3) if Z != 0 */
-    int Z_is_one;               /* enable optimized point arithmetics for
-                                 * special case */
-} /* EC_POINT */ ;
-
-/*
- * method functions in ec_mult.c (ec_lib.c uses these as defaults if
- * group->method->mul is 0)
- */
-int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
-                size_t num, const EC_POINT *points[], const BIGNUM *scalars[],
-                BN_CTX *);
-int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *);
-int ec_wNAF_have_precompute_mult(const EC_GROUP *group);
-
-/* method functions in ecp_smpl.c */
-int ec_GFp_simple_group_init(EC_GROUP *);
-void ec_GFp_simple_group_finish(EC_GROUP *);
-void ec_GFp_simple_group_clear_finish(EC_GROUP *);
-int ec_GFp_simple_group_copy(EC_GROUP *, const EC_GROUP *);
-int ec_GFp_simple_group_set_curve(EC_GROUP *, const BIGNUM *p,
-                                  const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int ec_GFp_simple_group_get_curve(const EC_GROUP *, BIGNUM *p, BIGNUM *a,
-                                  BIGNUM *b, BN_CTX *);
-int ec_GFp_simple_group_get_degree(const EC_GROUP *);
-int ec_GFp_simple_group_check_discriminant(const EC_GROUP *, BN_CTX *);
-int ec_GFp_simple_point_init(EC_POINT *);
-void ec_GFp_simple_point_finish(EC_POINT *);
-void ec_GFp_simple_point_clear_finish(EC_POINT *);
-int ec_GFp_simple_point_copy(EC_POINT *, const EC_POINT *);
-int ec_GFp_simple_point_set_to_infinity(const EC_GROUP *, EC_POINT *);
-int ec_GFp_simple_set_Jprojective_coordinates_GFp(const EC_GROUP *,
-                                                  EC_POINT *, const BIGNUM *x,
-                                                  const BIGNUM *y,
-                                                  const BIGNUM *z, BN_CTX *);
-int ec_GFp_simple_get_Jprojective_coordinates_GFp(const EC_GROUP *,
-                                                  const EC_POINT *, BIGNUM *x,
-                                                  BIGNUM *y, BIGNUM *z,
-                                                  BN_CTX *);
-int ec_GFp_simple_point_set_affine_coordinates(const EC_GROUP *, EC_POINT *,
-                                               const BIGNUM *x,
-                                               const BIGNUM *y, BN_CTX *);
-int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *,
-                                               const EC_POINT *, BIGNUM *x,
-                                               BIGNUM *y, BN_CTX *);
-int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *, EC_POINT *,
-                                             const BIGNUM *x, int y_bit,
-                                             BN_CTX *);
-size_t ec_GFp_simple_point2oct(const EC_GROUP *, const EC_POINT *,
-                               point_conversion_form_t form,
-                               unsigned char *buf, size_t len, BN_CTX *);
-int ec_GFp_simple_oct2point(const EC_GROUP *, EC_POINT *,
-                            const unsigned char *buf, size_t len, BN_CTX *);
-int ec_GFp_simple_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a,
-                      const EC_POINT *b, BN_CTX *);
-int ec_GFp_simple_dbl(const EC_GROUP *, EC_POINT *r, const EC_POINT *a,
-                      BN_CTX *);
-int ec_GFp_simple_invert(const EC_GROUP *, EC_POINT *, BN_CTX *);
-int ec_GFp_simple_is_at_infinity(const EC_GROUP *, const EC_POINT *);
-int ec_GFp_simple_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *);
-int ec_GFp_simple_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b,
-                      BN_CTX *);
-int ec_GFp_simple_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *);
-int ec_GFp_simple_points_make_affine(const EC_GROUP *, size_t num,
-                                     EC_POINT *[], BN_CTX *);
-int ec_GFp_simple_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
-                            const BIGNUM *b, BN_CTX *);
-int ec_GFp_simple_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
-                            BN_CTX *);
-
-/* method functions in ecp_mont.c */
-int ec_GFp_mont_group_init(EC_GROUP *);
-int ec_GFp_mont_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a,
-                                const BIGNUM *b, BN_CTX *);
-void ec_GFp_mont_group_finish(EC_GROUP *);
-void ec_GFp_mont_group_clear_finish(EC_GROUP *);
-int ec_GFp_mont_group_copy(EC_GROUP *, const EC_GROUP *);
-int ec_GFp_mont_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
-                          const BIGNUM *b, BN_CTX *);
-int ec_GFp_mont_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
-                          BN_CTX *);
-int ec_GFp_mont_field_encode(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
-                             BN_CTX *);
-int ec_GFp_mont_field_decode(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
-                             BN_CTX *);
-int ec_GFp_mont_field_set_to_one(const EC_GROUP *, BIGNUM *r, BN_CTX *);
-
-/* method functions in ecp_nist.c */
-int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src);
-int ec_GFp_nist_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a,
-                                const BIGNUM *b, BN_CTX *);
-int ec_GFp_nist_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
-                          const BIGNUM *b, BN_CTX *);
-int ec_GFp_nist_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
-                          BN_CTX *);
-
-/* method functions in ec2_smpl.c */
-int ec_GF2m_simple_group_init(EC_GROUP *);
-void ec_GF2m_simple_group_finish(EC_GROUP *);
-void ec_GF2m_simple_group_clear_finish(EC_GROUP *);
-int ec_GF2m_simple_group_copy(EC_GROUP *, const EC_GROUP *);
-int ec_GF2m_simple_group_set_curve(EC_GROUP *, const BIGNUM *p,
-                                   const BIGNUM *a, const BIGNUM *b,
-                                   BN_CTX *);
-int ec_GF2m_simple_group_get_curve(const EC_GROUP *, BIGNUM *p, BIGNUM *a,
-                                   BIGNUM *b, BN_CTX *);
-int ec_GF2m_simple_group_get_degree(const EC_GROUP *);
-int ec_GF2m_simple_group_check_discriminant(const EC_GROUP *, BN_CTX *);
-int ec_GF2m_simple_point_init(EC_POINT *);
-void ec_GF2m_simple_point_finish(EC_POINT *);
-void ec_GF2m_simple_point_clear_finish(EC_POINT *);
-int ec_GF2m_simple_point_copy(EC_POINT *, const EC_POINT *);
-int ec_GF2m_simple_point_set_to_infinity(const EC_GROUP *, EC_POINT *);
-int ec_GF2m_simple_point_set_affine_coordinates(const EC_GROUP *, EC_POINT *,
-                                                const BIGNUM *x,
-                                                const BIGNUM *y, BN_CTX *);
-int ec_GF2m_simple_point_get_affine_coordinates(const EC_GROUP *,
-                                                const EC_POINT *, BIGNUM *x,
-                                                BIGNUM *y, BN_CTX *);
-int ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *, EC_POINT *,
-                                              const BIGNUM *x, int y_bit,
-                                              BN_CTX *);
-size_t ec_GF2m_simple_point2oct(const EC_GROUP *, const EC_POINT *,
-                                point_conversion_form_t form,
-                                unsigned char *buf, size_t len, BN_CTX *);
-int ec_GF2m_simple_oct2point(const EC_GROUP *, EC_POINT *,
-                             const unsigned char *buf, size_t len, BN_CTX *);
-int ec_GF2m_simple_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a,
-                       const EC_POINT *b, BN_CTX *);
-int ec_GF2m_simple_dbl(const EC_GROUP *, EC_POINT *r, const EC_POINT *a,
-                       BN_CTX *);
-int ec_GF2m_simple_invert(const EC_GROUP *, EC_POINT *, BN_CTX *);
-int ec_GF2m_simple_is_at_infinity(const EC_GROUP *, const EC_POINT *);
-int ec_GF2m_simple_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *);
-int ec_GF2m_simple_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b,
-                       BN_CTX *);
-int ec_GF2m_simple_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *);
-int ec_GF2m_simple_points_make_affine(const EC_GROUP *, size_t num,
-                                      EC_POINT *[], BN_CTX *);
-int ec_GF2m_simple_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
-                             const BIGNUM *b, BN_CTX *);
-int ec_GF2m_simple_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
-                             BN_CTX *);
-int ec_GF2m_simple_field_div(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
-                             const BIGNUM *b, BN_CTX *);
-
-/* method functions in ec2_mult.c */
-int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r,
-                       const BIGNUM *scalar, size_t num,
-                       const EC_POINT *points[], const BIGNUM *scalars[],
-                       BN_CTX *);
-int ec_GF2m_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
-int ec_GF2m_have_precompute_mult(const EC_GROUP *group);
-
-#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-/* method functions in ecp_nistp224.c */
-int ec_GFp_nistp224_group_init(EC_GROUP *group);
-int ec_GFp_nistp224_group_set_curve(EC_GROUP *group, const BIGNUM *p,
-                                    const BIGNUM *a, const BIGNUM *n,
-                                    BN_CTX *);
-int ec_GFp_nistp224_point_get_affine_coordinates(const EC_GROUP *group,
-                                                 const EC_POINT *point,
-                                                 BIGNUM *x, BIGNUM *y,
-                                                 BN_CTX *ctx);
-int ec_GFp_nistp224_mul(const EC_GROUP *group, EC_POINT *r,
-                        const BIGNUM *scalar, size_t num,
-                        const EC_POINT *points[], const BIGNUM *scalars[],
-                        BN_CTX *);
-int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r,
-                               const BIGNUM *scalar, size_t num,
-                               const EC_POINT *points[],
-                               const BIGNUM *scalars[], BN_CTX *ctx);
-int ec_GFp_nistp224_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
-int ec_GFp_nistp224_have_precompute_mult(const EC_GROUP *group);
-
-/* method functions in ecp_nistp256.c */
-int ec_GFp_nistp256_group_init(EC_GROUP *group);
-int ec_GFp_nistp256_group_set_curve(EC_GROUP *group, const BIGNUM *p,
-                                    const BIGNUM *a, const BIGNUM *n,
-                                    BN_CTX *);
-int ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP *group,
-                                                 const EC_POINT *point,
-                                                 BIGNUM *x, BIGNUM *y,
-                                                 BN_CTX *ctx);
-int ec_GFp_nistp256_mul(const EC_GROUP *group, EC_POINT *r,
-                        const BIGNUM *scalar, size_t num,
-                        const EC_POINT *points[], const BIGNUM *scalars[],
-                        BN_CTX *);
-int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r,
-                               const BIGNUM *scalar, size_t num,
-                               const EC_POINT *points[],
-                               const BIGNUM *scalars[], BN_CTX *ctx);
-int ec_GFp_nistp256_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
-int ec_GFp_nistp256_have_precompute_mult(const EC_GROUP *group);
-
-/* method functions in ecp_nistp521.c */
-int ec_GFp_nistp521_group_init(EC_GROUP *group);
-int ec_GFp_nistp521_group_set_curve(EC_GROUP *group, const BIGNUM *p,
-                                    const BIGNUM *a, const BIGNUM *n,
-                                    BN_CTX *);
-int ec_GFp_nistp521_point_get_affine_coordinates(const EC_GROUP *group,
-                                                 const EC_POINT *point,
-                                                 BIGNUM *x, BIGNUM *y,
-                                                 BN_CTX *ctx);
-int ec_GFp_nistp521_mul(const EC_GROUP *group, EC_POINT *r,
-                        const BIGNUM *scalar, size_t num,
-                        const EC_POINT *points[], const BIGNUM *scalars[],
-                        BN_CTX *);
-int ec_GFp_nistp521_points_mul(const EC_GROUP *group, EC_POINT *r,
-                               const BIGNUM *scalar, size_t num,
-                               const EC_POINT *points[],
-                               const BIGNUM *scalars[], BN_CTX *ctx);
-int ec_GFp_nistp521_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
-int ec_GFp_nistp521_have_precompute_mult(const EC_GROUP *group);
-
-/* utility functions in ecp_nistputil.c */
-void ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array,
-                                              size_t felem_size,
-                                              void *tmp_felems,
-                                              void (*felem_one) (void *out),
-                                              int (*felem_is_zero) (const void
-                                                                    *in),
-                                              void (*felem_assign) (void *out,
-                                                                    const void
-                                                                    *in),
-                                              void (*felem_square) (void *out,
-                                                                    const void
-                                                                    *in),
-                                              void (*felem_mul) (void *out,
-                                                                 const void
-                                                                 *in1,
-                                                                 const void
-                                                                 *in2),
-                                              void (*felem_inv) (void *out,
-                                                                 const void
-                                                                 *in),
-                                              void (*felem_contract) (void
-                                                                      *out,
-                                                                      const
-                                                                      void
-                                                                      *in));
-void ec_GFp_nistp_recode_scalar_bits(unsigned char *sign,
-                                     unsigned char *digit, unsigned char in);
-#endif
-int ec_precompute_mont_data(EC_GROUP *);
-
-#ifdef ECP_NISTZ256_ASM
-/** Returns GFp methods using montgomery multiplication, with x86-64 optimized
- * P256. See http://eprint.iacr.org/2013/816.
- *  \return  EC_METHOD object
- */
-const EC_METHOD *EC_GFp_nistz256_method(void);
-#endif
-
-#ifdef OPENSSL_FIPS
-EC_GROUP *FIPS_ec_group_new_curve_gfp(const BIGNUM *p, const BIGNUM *a,
-                                      const BIGNUM *b, BN_CTX *ctx);
-EC_GROUP *FIPS_ec_group_new_curve_gf2m(const BIGNUM *p, const BIGNUM *a,
-                                       const BIGNUM *b, BN_CTX *ctx);
-EC_GROUP *FIPS_ec_group_new_by_curve_name(int nid);
-#endif
diff --git a/thirdparty/openssl/crypto/ec/ec_lib.c b/thirdparty/openssl/crypto/ec/ec_lib.c
deleted file mode 100644
index 3ffa112cc3..0000000000
--- a/thirdparty/openssl/crypto/ec/ec_lib.c
+++ /dev/null
@@ -1,1134 +0,0 @@
-/* crypto/ec/ec_lib.c */
-/*
- * Originally written by Bodo Moeller for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * Binary polynomial ECC support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#include <string.h>
-
-#include <openssl/err.h>
-#include <openssl/opensslv.h>
-
-#include "ec_lcl.h"
-
-const char EC_version[] = "EC" OPENSSL_VERSION_PTEXT;
-
-/* functions for EC_GROUP objects */
-
-EC_GROUP *EC_GROUP_new(const EC_METHOD *meth)
-{
-    EC_GROUP *ret;
-
-    if (meth == NULL) {
-        ECerr(EC_F_EC_GROUP_NEW, EC_R_SLOT_FULL);
-        return NULL;
-    }
-    if (meth->group_init == 0) {
-        ECerr(EC_F_EC_GROUP_NEW, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return NULL;
-    }
-
-    ret = OPENSSL_malloc(sizeof *ret);
-    if (ret == NULL) {
-        ECerr(EC_F_EC_GROUP_NEW, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    ret->meth = meth;
-
-    ret->extra_data = NULL;
-    ret->mont_data = NULL;
-
-    ret->generator = NULL;
-    BN_init(&ret->order);
-    BN_init(&ret->cofactor);
-
-    ret->curve_name = 0;
-    ret->asn1_flag = ~EC_GROUP_ASN1_FLAG_MASK;
-    ret->asn1_form = POINT_CONVERSION_UNCOMPRESSED;
-
-    ret->seed = NULL;
-    ret->seed_len = 0;
-
-    if (!meth->group_init(ret)) {
-        OPENSSL_free(ret);
-        return NULL;
-    }
-
-    return ret;
-}
-
-void EC_GROUP_free(EC_GROUP *group)
-{
-    if (!group)
-        return;
-
-    if (group->meth->group_finish != 0)
-        group->meth->group_finish(group);
-
-    EC_EX_DATA_free_all_data(&group->extra_data);
-
-    if (EC_GROUP_VERSION(group) && group->mont_data)
-        BN_MONT_CTX_free(group->mont_data);
-
-    if (group->generator != NULL)
-        EC_POINT_free(group->generator);
-    BN_free(&group->order);
-    BN_free(&group->cofactor);
-
-    if (group->seed)
-        OPENSSL_free(group->seed);
-
-    OPENSSL_free(group);
-}
-
-void EC_GROUP_clear_free(EC_GROUP *group)
-{
-    if (!group)
-        return;
-
-    if (group->meth->group_clear_finish != 0)
-        group->meth->group_clear_finish(group);
-    else if (group->meth->group_finish != 0)
-        group->meth->group_finish(group);
-
-    EC_EX_DATA_clear_free_all_data(&group->extra_data);
-
-    if (EC_GROUP_VERSION(group) && group->mont_data)
-        BN_MONT_CTX_free(group->mont_data);
-
-    if (group->generator != NULL)
-        EC_POINT_clear_free(group->generator);
-    BN_clear_free(&group->order);
-    BN_clear_free(&group->cofactor);
-
-    if (group->seed) {
-        OPENSSL_cleanse(group->seed, group->seed_len);
-        OPENSSL_free(group->seed);
-    }
-
-    OPENSSL_cleanse(group, sizeof *group);
-    OPENSSL_free(group);
-}
-
-int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src)
-{
-    EC_EXTRA_DATA *d;
-
-    if (dest->meth->group_copy == 0) {
-        ECerr(EC_F_EC_GROUP_COPY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    if (dest->meth != src->meth) {
-        ECerr(EC_F_EC_GROUP_COPY, EC_R_INCOMPATIBLE_OBJECTS);
-        return 0;
-    }
-    if (dest == src)
-        return 1;
-
-    EC_EX_DATA_free_all_data(&dest->extra_data);
-
-    for (d = src->extra_data; d != NULL; d = d->next) {
-        void *t = d->dup_func(d->data);
-
-        if (t == NULL)
-            return 0;
-        if (!EC_EX_DATA_set_data
-            (&dest->extra_data, t, d->dup_func, d->free_func,
-             d->clear_free_func))
-            return 0;
-    }
-
-    if (EC_GROUP_VERSION(src) && src->mont_data != NULL) {
-        if (dest->mont_data == NULL) {
-            dest->mont_data = BN_MONT_CTX_new();
-            if (dest->mont_data == NULL)
-                return 0;
-        }
-        if (!BN_MONT_CTX_copy(dest->mont_data, src->mont_data))
-            return 0;
-    } else {
-        /* src->generator == NULL */
-        if (EC_GROUP_VERSION(dest) && dest->mont_data != NULL) {
-            BN_MONT_CTX_free(dest->mont_data);
-            dest->mont_data = NULL;
-        }
-    }
-
-    if (src->generator != NULL) {
-        if (dest->generator == NULL) {
-            dest->generator = EC_POINT_new(dest);
-            if (dest->generator == NULL)
-                return 0;
-        }
-        if (!EC_POINT_copy(dest->generator, src->generator))
-            return 0;
-    } else {
-        /* src->generator == NULL */
-        if (dest->generator != NULL) {
-            EC_POINT_clear_free(dest->generator);
-            dest->generator = NULL;
-        }
-    }
-
-    if (!BN_copy(&dest->order, &src->order))
-        return 0;
-    if (!BN_copy(&dest->cofactor, &src->cofactor))
-        return 0;
-
-    dest->curve_name = src->curve_name;
-    dest->asn1_flag = src->asn1_flag;
-    dest->asn1_form = src->asn1_form;
-
-    if (src->seed) {
-        if (dest->seed)
-            OPENSSL_free(dest->seed);
-        dest->seed = OPENSSL_malloc(src->seed_len);
-        if (dest->seed == NULL)
-            return 0;
-        if (!memcpy(dest->seed, src->seed, src->seed_len))
-            return 0;
-        dest->seed_len = src->seed_len;
-    } else {
-        if (dest->seed)
-            OPENSSL_free(dest->seed);
-        dest->seed = NULL;
-        dest->seed_len = 0;
-    }
-
-    return dest->meth->group_copy(dest, src);
-}
-
-EC_GROUP *EC_GROUP_dup(const EC_GROUP *a)
-{
-    EC_GROUP *t = NULL;
-    int ok = 0;
-
-    if (a == NULL)
-        return NULL;
-
-    if ((t = EC_GROUP_new(a->meth)) == NULL)
-        return (NULL);
-    if (!EC_GROUP_copy(t, a))
-        goto err;
-
-    ok = 1;
-
- err:
-    if (!ok) {
-        if (t)
-            EC_GROUP_free(t);
-        return NULL;
-    } else
-        return t;
-}
-
-const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group)
-{
-    return group->meth;
-}
-
-int EC_METHOD_get_field_type(const EC_METHOD *meth)
-{
-    return meth->field_type;
-}
-
-int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
-                           const BIGNUM *order, const BIGNUM *cofactor)
-{
-    if (generator == NULL) {
-        ECerr(EC_F_EC_GROUP_SET_GENERATOR, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    if (group->generator == NULL) {
-        group->generator = EC_POINT_new(group);
-        if (group->generator == NULL)
-            return 0;
-    }
-    if (!EC_POINT_copy(group->generator, generator))
-        return 0;
-
-    if (order != NULL) {
-        if (!BN_copy(&group->order, order))
-            return 0;
-    } else
-        BN_zero(&group->order);
-
-    if (cofactor != NULL) {
-        if (!BN_copy(&group->cofactor, cofactor))
-            return 0;
-    } else
-        BN_zero(&group->cofactor);
-
-    /*
-     * We ignore the return value because some groups have an order with
-     * factors of two, which makes the Montgomery setup fail.
-     * |group->mont_data| will be NULL in this case.
-     */
-    ec_precompute_mont_data(group);
-
-    return 1;
-}
-
-const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group)
-{
-    return group->generator;
-}
-
-BN_MONT_CTX *EC_GROUP_get_mont_data(const EC_GROUP *group)
-{
-    return EC_GROUP_VERSION(group) ? group->mont_data : NULL;
-}
-
-int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx)
-{
-    if (!BN_copy(order, &group->order))
-        return 0;
-
-    return !BN_is_zero(order);
-}
-
-int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor,
-                          BN_CTX *ctx)
-{
-    if (!BN_copy(cofactor, &group->cofactor))
-        return 0;
-
-    return !BN_is_zero(&group->cofactor);
-}
-
-void EC_GROUP_set_curve_name(EC_GROUP *group, int nid)
-{
-    group->curve_name = nid;
-}
-
-int EC_GROUP_get_curve_name(const EC_GROUP *group)
-{
-    return group->curve_name;
-}
-
-void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag)
-{
-    group->asn1_flag &= ~EC_GROUP_ASN1_FLAG_MASK;
-    group->asn1_flag |= flag & EC_GROUP_ASN1_FLAG_MASK;
-}
-
-int EC_GROUP_get_asn1_flag(const EC_GROUP *group)
-{
-    return group->asn1_flag & EC_GROUP_ASN1_FLAG_MASK;
-}
-
-void EC_GROUP_set_point_conversion_form(EC_GROUP *group,
-                                        point_conversion_form_t form)
-{
-    group->asn1_form = form;
-}
-
-point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP
-                                                           *group)
-{
-    return group->asn1_form;
-}
-
-size_t EC_GROUP_set_seed(EC_GROUP *group, const unsigned char *p, size_t len)
-{
-    if (group->seed) {
-        OPENSSL_free(group->seed);
-        group->seed = NULL;
-        group->seed_len = 0;
-    }
-
-    if (!len || !p)
-        return 1;
-
-    if ((group->seed = OPENSSL_malloc(len)) == NULL)
-        return 0;
-    memcpy(group->seed, p, len);
-    group->seed_len = len;
-
-    return len;
-}
-
-unsigned char *EC_GROUP_get0_seed(const EC_GROUP *group)
-{
-    return group->seed;
-}
-
-size_t EC_GROUP_get_seed_len(const EC_GROUP *group)
-{
-    return group->seed_len;
-}
-
-int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
-                           const BIGNUM *b, BN_CTX *ctx)
-{
-    if (group->meth->group_set_curve == 0) {
-        ECerr(EC_F_EC_GROUP_SET_CURVE_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    return group->meth->group_set_curve(group, p, a, b, ctx);
-}
-
-int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
-                           BIGNUM *b, BN_CTX *ctx)
-{
-    if (group->meth->group_get_curve == 0) {
-        ECerr(EC_F_EC_GROUP_GET_CURVE_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    return group->meth->group_get_curve(group, p, a, b, ctx);
-}
-
-#ifndef OPENSSL_NO_EC2M
-int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
-                            const BIGNUM *b, BN_CTX *ctx)
-{
-    if (group->meth->group_set_curve == 0) {
-        ECerr(EC_F_EC_GROUP_SET_CURVE_GF2M,
-              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    return group->meth->group_set_curve(group, p, a, b, ctx);
-}
-
-int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
-                            BIGNUM *b, BN_CTX *ctx)
-{
-    if (group->meth->group_get_curve == 0) {
-        ECerr(EC_F_EC_GROUP_GET_CURVE_GF2M,
-              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    return group->meth->group_get_curve(group, p, a, b, ctx);
-}
-#endif
-
-int EC_GROUP_get_degree(const EC_GROUP *group)
-{
-    if (group->meth->group_get_degree == 0) {
-        ECerr(EC_F_EC_GROUP_GET_DEGREE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    return group->meth->group_get_degree(group);
-}
-
-int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
-{
-    if (group->meth->group_check_discriminant == 0) {
-        ECerr(EC_F_EC_GROUP_CHECK_DISCRIMINANT,
-              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    return group->meth->group_check_discriminant(group, ctx);
-}
-
-int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx)
-{
-    int r = 0;
-    BIGNUM *a1, *a2, *a3, *b1, *b2, *b3;
-    BN_CTX *ctx_new = NULL;
-
-    /* compare the field types */
-    if (EC_METHOD_get_field_type(EC_GROUP_method_of(a)) !=
-        EC_METHOD_get_field_type(EC_GROUP_method_of(b)))
-        return 1;
-    /* compare the curve name (if present in both) */
-    if (EC_GROUP_get_curve_name(a) && EC_GROUP_get_curve_name(b) &&
-        EC_GROUP_get_curve_name(a) != EC_GROUP_get_curve_name(b))
-        return 1;
-
-    if (!ctx)
-        ctx_new = ctx = BN_CTX_new();
-    if (!ctx)
-        return -1;
-
-    BN_CTX_start(ctx);
-    a1 = BN_CTX_get(ctx);
-    a2 = BN_CTX_get(ctx);
-    a3 = BN_CTX_get(ctx);
-    b1 = BN_CTX_get(ctx);
-    b2 = BN_CTX_get(ctx);
-    b3 = BN_CTX_get(ctx);
-    if (!b3) {
-        BN_CTX_end(ctx);
-        if (ctx_new)
-            BN_CTX_free(ctx);
-        return -1;
-    }
-
-    /*
-     * XXX This approach assumes that the external representation of curves
-     * over the same field type is the same.
-     */
-    if (!a->meth->group_get_curve(a, a1, a2, a3, ctx) ||
-        !b->meth->group_get_curve(b, b1, b2, b3, ctx))
-        r = 1;
-
-    if (r || BN_cmp(a1, b1) || BN_cmp(a2, b2) || BN_cmp(a3, b3))
-        r = 1;
-
-    /* XXX EC_POINT_cmp() assumes that the methods are equal */
-    if (r || EC_POINT_cmp(a, EC_GROUP_get0_generator(a),
-                          EC_GROUP_get0_generator(b), ctx))
-        r = 1;
-
-    if (!r) {
-        /* compare the order and cofactor */
-        if (!EC_GROUP_get_order(a, a1, ctx) ||
-            !EC_GROUP_get_order(b, b1, ctx) ||
-            !EC_GROUP_get_cofactor(a, a2, ctx) ||
-            !EC_GROUP_get_cofactor(b, b2, ctx)) {
-            BN_CTX_end(ctx);
-            if (ctx_new)
-                BN_CTX_free(ctx);
-            return -1;
-        }
-        if (BN_cmp(a1, b1) || BN_cmp(a2, b2))
-            r = 1;
-    }
-
-    BN_CTX_end(ctx);
-    if (ctx_new)
-        BN_CTX_free(ctx);
-
-    return r;
-}
-
-/* this has 'package' visibility */
-int EC_EX_DATA_set_data(EC_EXTRA_DATA **ex_data, void *data,
-                        void *(*dup_func) (void *),
-                        void (*free_func) (void *),
-                        void (*clear_free_func) (void *))
-{
-    EC_EXTRA_DATA *d;
-
-    if (ex_data == NULL)
-        return 0;
-
-    for (d = *ex_data; d != NULL; d = d->next) {
-        if (d->dup_func == dup_func && d->free_func == free_func
-            && d->clear_free_func == clear_free_func) {
-            ECerr(EC_F_EC_EX_DATA_SET_DATA, EC_R_SLOT_FULL);
-            return 0;
-        }
-    }
-
-    if (data == NULL)
-        /* no explicit entry needed */
-        return 1;
-
-    d = OPENSSL_malloc(sizeof *d);
-    if (d == NULL)
-        return 0;
-
-    d->data = data;
-    d->dup_func = dup_func;
-    d->free_func = free_func;
-    d->clear_free_func = clear_free_func;
-
-    d->next = *ex_data;
-    *ex_data = d;
-
-    return 1;
-}
-
-/* this has 'package' visibility */
-void *EC_EX_DATA_get_data(const EC_EXTRA_DATA *ex_data,
-                          void *(*dup_func) (void *),
-                          void (*free_func) (void *),
-                          void (*clear_free_func) (void *))
-{
-    const EC_EXTRA_DATA *d;
-
-    for (d = ex_data; d != NULL; d = d->next) {
-        if (d->dup_func == dup_func && d->free_func == free_func
-            && d->clear_free_func == clear_free_func)
-            return d->data;
-    }
-
-    return NULL;
-}
-
-/* this has 'package' visibility */
-void EC_EX_DATA_free_data(EC_EXTRA_DATA **ex_data,
-                          void *(*dup_func) (void *),
-                          void (*free_func) (void *),
-                          void (*clear_free_func) (void *))
-{
-    EC_EXTRA_DATA **p;
-
-    if (ex_data == NULL)
-        return;
-
-    for (p = ex_data; *p != NULL; p = &((*p)->next)) {
-        if ((*p)->dup_func == dup_func && (*p)->free_func == free_func
-            && (*p)->clear_free_func == clear_free_func) {
-            EC_EXTRA_DATA *next = (*p)->next;
-
-            (*p)->free_func((*p)->data);
-            OPENSSL_free(*p);
-
-            *p = next;
-            return;
-        }
-    }
-}
-
-/* this has 'package' visibility */
-void EC_EX_DATA_clear_free_data(EC_EXTRA_DATA **ex_data,
-                                void *(*dup_func) (void *),
-                                void (*free_func) (void *),
-                                void (*clear_free_func) (void *))
-{
-    EC_EXTRA_DATA **p;
-
-    if (ex_data == NULL)
-        return;
-
-    for (p = ex_data; *p != NULL; p = &((*p)->next)) {
-        if ((*p)->dup_func == dup_func && (*p)->free_func == free_func
-            && (*p)->clear_free_func == clear_free_func) {
-            EC_EXTRA_DATA *next = (*p)->next;
-
-            (*p)->clear_free_func((*p)->data);
-            OPENSSL_free(*p);
-
-            *p = next;
-            return;
-        }
-    }
-}
-
-/* this has 'package' visibility */
-void EC_EX_DATA_free_all_data(EC_EXTRA_DATA **ex_data)
-{
-    EC_EXTRA_DATA *d;
-
-    if (ex_data == NULL)
-        return;
-
-    d = *ex_data;
-    while (d) {
-        EC_EXTRA_DATA *next = d->next;
-
-        d->free_func(d->data);
-        OPENSSL_free(d);
-
-        d = next;
-    }
-    *ex_data = NULL;
-}
-
-/* this has 'package' visibility */
-void EC_EX_DATA_clear_free_all_data(EC_EXTRA_DATA **ex_data)
-{
-    EC_EXTRA_DATA *d;
-
-    if (ex_data == NULL)
-        return;
-
-    d = *ex_data;
-    while (d) {
-        EC_EXTRA_DATA *next = d->next;
-
-        d->clear_free_func(d->data);
-        OPENSSL_free(d);
-
-        d = next;
-    }
-    *ex_data = NULL;
-}
-
-/* functions for EC_POINT objects */
-
-EC_POINT *EC_POINT_new(const EC_GROUP *group)
-{
-    EC_POINT *ret;
-
-    if (group == NULL) {
-        ECerr(EC_F_EC_POINT_NEW, ERR_R_PASSED_NULL_PARAMETER);
-        return NULL;
-    }
-    if (group->meth->point_init == 0) {
-        ECerr(EC_F_EC_POINT_NEW, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return NULL;
-    }
-
-    ret = OPENSSL_malloc(sizeof *ret);
-    if (ret == NULL) {
-        ECerr(EC_F_EC_POINT_NEW, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    ret->meth = group->meth;
-
-    if (!ret->meth->point_init(ret)) {
-        OPENSSL_free(ret);
-        return NULL;
-    }
-
-    return ret;
-}
-
-void EC_POINT_free(EC_POINT *point)
-{
-    if (!point)
-        return;
-
-    if (point->meth->point_finish != 0)
-        point->meth->point_finish(point);
-    OPENSSL_free(point);
-}
-
-void EC_POINT_clear_free(EC_POINT *point)
-{
-    if (!point)
-        return;
-
-    if (point->meth->point_clear_finish != 0)
-        point->meth->point_clear_finish(point);
-    else if (point->meth->point_finish != 0)
-        point->meth->point_finish(point);
-    OPENSSL_cleanse(point, sizeof *point);
-    OPENSSL_free(point);
-}
-
-int EC_POINT_copy(EC_POINT *dest, const EC_POINT *src)
-{
-    if (dest->meth->point_copy == 0) {
-        ECerr(EC_F_EC_POINT_COPY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    if (dest->meth != src->meth) {
-        ECerr(EC_F_EC_POINT_COPY, EC_R_INCOMPATIBLE_OBJECTS);
-        return 0;
-    }
-    if (dest == src)
-        return 1;
-    return dest->meth->point_copy(dest, src);
-}
-
-EC_POINT *EC_POINT_dup(const EC_POINT *a, const EC_GROUP *group)
-{
-    EC_POINT *t;
-    int r;
-
-    if (a == NULL)
-        return NULL;
-
-    t = EC_POINT_new(group);
-    if (t == NULL)
-        return (NULL);
-    r = EC_POINT_copy(t, a);
-    if (!r) {
-        EC_POINT_free(t);
-        return NULL;
-    } else
-        return t;
-}
-
-const EC_METHOD *EC_POINT_method_of(const EC_POINT *point)
-{
-    return point->meth;
-}
-
-int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point)
-{
-    if (group->meth->point_set_to_infinity == 0) {
-        ECerr(EC_F_EC_POINT_SET_TO_INFINITY,
-              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    if (group->meth != point->meth) {
-        ECerr(EC_F_EC_POINT_SET_TO_INFINITY, EC_R_INCOMPATIBLE_OBJECTS);
-        return 0;
-    }
-    return group->meth->point_set_to_infinity(group, point);
-}
-
-int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
-                                             EC_POINT *point, const BIGNUM *x,
-                                             const BIGNUM *y, const BIGNUM *z,
-                                             BN_CTX *ctx)
-{
-    if (group->meth->point_set_Jprojective_coordinates_GFp == 0) {
-        ECerr(EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP,
-              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    if (group->meth != point->meth) {
-        ECerr(EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP,
-              EC_R_INCOMPATIBLE_OBJECTS);
-        return 0;
-    }
-    return group->meth->point_set_Jprojective_coordinates_GFp(group, point, x,
-                                                              y, z, ctx);
-}
-
-int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
-                                             const EC_POINT *point, BIGNUM *x,
-                                             BIGNUM *y, BIGNUM *z,
-                                             BN_CTX *ctx)
-{
-    if (group->meth->point_get_Jprojective_coordinates_GFp == 0) {
-        ECerr(EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP,
-              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    if (group->meth != point->meth) {
-        ECerr(EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP,
-              EC_R_INCOMPATIBLE_OBJECTS);
-        return 0;
-    }
-    return group->meth->point_get_Jprojective_coordinates_GFp(group, point, x,
-                                                              y, z, ctx);
-}
-
-int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group,
-                                        EC_POINT *point, const BIGNUM *x,
-                                        const BIGNUM *y, BN_CTX *ctx)
-{
-    if (group->meth->point_set_affine_coordinates == 0) {
-        ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP,
-              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    if (group->meth != point->meth) {
-        ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP,
-              EC_R_INCOMPATIBLE_OBJECTS);
-        return 0;
-    }
-    return group->meth->point_set_affine_coordinates(group, point, x, y, ctx);
-}
-
-#ifndef OPENSSL_NO_EC2M
-int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group,
-                                         EC_POINT *point, const BIGNUM *x,
-                                         const BIGNUM *y, BN_CTX *ctx)
-{
-    if (group->meth->point_set_affine_coordinates == 0) {
-        ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M,
-              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    if (group->meth != point->meth) {
-        ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M,
-              EC_R_INCOMPATIBLE_OBJECTS);
-        return 0;
-    }
-    return group->meth->point_set_affine_coordinates(group, point, x, y, ctx);
-}
-#endif
-
-int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
-                                        const EC_POINT *point, BIGNUM *x,
-                                        BIGNUM *y, BN_CTX *ctx)
-{
-    if (group->meth->point_get_affine_coordinates == 0) {
-        ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP,
-              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    if (group->meth != point->meth) {
-        ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP,
-              EC_R_INCOMPATIBLE_OBJECTS);
-        return 0;
-    }
-    return group->meth->point_get_affine_coordinates(group, point, x, y, ctx);
-}
-
-#ifndef OPENSSL_NO_EC2M
-int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
-                                         const EC_POINT *point, BIGNUM *x,
-                                         BIGNUM *y, BN_CTX *ctx)
-{
-    if (group->meth->point_get_affine_coordinates == 0) {
-        ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M,
-              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    if (group->meth != point->meth) {
-        ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M,
-              EC_R_INCOMPATIBLE_OBJECTS);
-        return 0;
-    }
-    return group->meth->point_get_affine_coordinates(group, point, x, y, ctx);
-}
-#endif
-
-int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
-                 const EC_POINT *b, BN_CTX *ctx)
-{
-    if (group->meth->add == 0) {
-        ECerr(EC_F_EC_POINT_ADD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    if ((group->meth != r->meth) || (r->meth != a->meth)
-        || (a->meth != b->meth)) {
-        ECerr(EC_F_EC_POINT_ADD, EC_R_INCOMPATIBLE_OBJECTS);
-        return 0;
-    }
-    return group->meth->add(group, r, a, b, ctx);
-}
-
-int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
-                 BN_CTX *ctx)
-{
-    if (group->meth->dbl == 0) {
-        ECerr(EC_F_EC_POINT_DBL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    if ((group->meth != r->meth) || (r->meth != a->meth)) {
-        ECerr(EC_F_EC_POINT_DBL, EC_R_INCOMPATIBLE_OBJECTS);
-        return 0;
-    }
-    return group->meth->dbl(group, r, a, ctx);
-}
-
-int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx)
-{
-    if (group->meth->invert == 0) {
-        ECerr(EC_F_EC_POINT_INVERT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    if (group->meth != a->meth) {
-        ECerr(EC_F_EC_POINT_INVERT, EC_R_INCOMPATIBLE_OBJECTS);
-        return 0;
-    }
-    return group->meth->invert(group, a, ctx);
-}
-
-int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *point)
-{
-    if (group->meth->is_at_infinity == 0) {
-        ECerr(EC_F_EC_POINT_IS_AT_INFINITY,
-              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    if (group->meth != point->meth) {
-        ECerr(EC_F_EC_POINT_IS_AT_INFINITY, EC_R_INCOMPATIBLE_OBJECTS);
-        return 0;
-    }
-    return group->meth->is_at_infinity(group, point);
-}
-
-/*
- * Check whether an EC_POINT is on the curve or not. Note that the return
- * value for this function should NOT be treated as a boolean. Return values:
- *  1: The point is on the curve
- *  0: The point is not on the curve
- * -1: An error occurred
- */
-int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
-                         BN_CTX *ctx)
-{
-    if (group->meth->is_on_curve == 0) {
-        ECerr(EC_F_EC_POINT_IS_ON_CURVE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    if (group->meth != point->meth) {
-        ECerr(EC_F_EC_POINT_IS_ON_CURVE, EC_R_INCOMPATIBLE_OBJECTS);
-        return 0;
-    }
-    return group->meth->is_on_curve(group, point, ctx);
-}
-
-int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b,
-                 BN_CTX *ctx)
-{
-    if (group->meth->point_cmp == 0) {
-        ECerr(EC_F_EC_POINT_CMP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return -1;
-    }
-    if ((group->meth != a->meth) || (a->meth != b->meth)) {
-        ECerr(EC_F_EC_POINT_CMP, EC_R_INCOMPATIBLE_OBJECTS);
-        return -1;
-    }
-    return group->meth->point_cmp(group, a, b, ctx);
-}
-
-int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
-{
-    if (group->meth->make_affine == 0) {
-        ECerr(EC_F_EC_POINT_MAKE_AFFINE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    if (group->meth != point->meth) {
-        ECerr(EC_F_EC_POINT_MAKE_AFFINE, EC_R_INCOMPATIBLE_OBJECTS);
-        return 0;
-    }
-    return group->meth->make_affine(group, point, ctx);
-}
-
-int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
-                          EC_POINT *points[], BN_CTX *ctx)
-{
-    size_t i;
-
-    if (group->meth->points_make_affine == 0) {
-        ECerr(EC_F_EC_POINTS_MAKE_AFFINE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    for (i = 0; i < num; i++) {
-        if (group->meth != points[i]->meth) {
-            ECerr(EC_F_EC_POINTS_MAKE_AFFINE, EC_R_INCOMPATIBLE_OBJECTS);
-            return 0;
-        }
-    }
-    return group->meth->points_make_affine(group, num, points, ctx);
-}
-
-/*
- * Functions for point multiplication. If group->meth->mul is 0, we use the
- * wNAF-based implementations in ec_mult.c; otherwise we dispatch through
- * methods.
- */
-
-int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
-                  size_t num, const EC_POINT *points[],
-                  const BIGNUM *scalars[], BN_CTX *ctx)
-{
-    if (group->meth->mul == 0)
-        /* use default */
-        return ec_wNAF_mul(group, r, scalar, num, points, scalars, ctx);
-
-    return group->meth->mul(group, r, scalar, num, points, scalars, ctx);
-}
-
-int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar,
-                 const EC_POINT *point, const BIGNUM *p_scalar, BN_CTX *ctx)
-{
-    /* just a convenient interface to EC_POINTs_mul() */
-
-    const EC_POINT *points[1];
-    const BIGNUM *scalars[1];
-
-    points[0] = point;
-    scalars[0] = p_scalar;
-
-    return EC_POINTs_mul(group, r, g_scalar,
-                         (point != NULL
-                          && p_scalar != NULL), points, scalars, ctx);
-}
-
-int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
-{
-    if (group->meth->mul == 0)
-        /* use default */
-        return ec_wNAF_precompute_mult(group, ctx);
-
-    if (group->meth->precompute_mult != 0)
-        return group->meth->precompute_mult(group, ctx);
-    else
-        return 1;               /* nothing to do, so report success */
-}
-
-int EC_GROUP_have_precompute_mult(const EC_GROUP *group)
-{
-    if (group->meth->mul == 0)
-        /* use default */
-        return ec_wNAF_have_precompute_mult(group);
-
-    if (group->meth->have_precompute_mult != 0)
-        return group->meth->have_precompute_mult(group);
-    else
-        return 0;               /* cannot tell whether precomputation has
-                                 * been performed */
-}
-
-/*
- * ec_precompute_mont_data sets |group->mont_data| from |group->order| and
- * returns one on success. On error it returns zero.
- */
-int ec_precompute_mont_data(EC_GROUP *group)
-{
-    BN_CTX *ctx = BN_CTX_new();
-    int ret = 0;
-
-    if (!EC_GROUP_VERSION(group))
-        goto err;
-
-    if (group->mont_data) {
-        BN_MONT_CTX_free(group->mont_data);
-        group->mont_data = NULL;
-    }
-
-    if (ctx == NULL)
-        goto err;
-
-    group->mont_data = BN_MONT_CTX_new();
-    if (!group->mont_data)
-        goto err;
-
-    if (!BN_MONT_CTX_set(group->mont_data, &group->order, ctx)) {
-        BN_MONT_CTX_free(group->mont_data);
-        group->mont_data = NULL;
-        goto err;
-    }
-
-    ret = 1;
-
- err:
-
-    if (ctx)
-        BN_CTX_free(ctx);
-    return ret;
-}
diff --git a/thirdparty/openssl/crypto/ec/ec_mult.c b/thirdparty/openssl/crypto/ec/ec_mult.c
deleted file mode 100644
index 24ca67a6ef..0000000000
--- a/thirdparty/openssl/crypto/ec/ec_mult.c
+++ /dev/null
@@ -1,917 +0,0 @@
-/* crypto/ec/ec_mult.c */
-/*
- * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * Portions of this software developed by SUN MICROSYSTEMS, INC.,
- * and contributed to the OpenSSL project.
- */
-
-#include <string.h>
-
-#include <openssl/err.h>
-
-#include "ec_lcl.h"
-
-/*
- * This file implements the wNAF-based interleaving multi-exponentiation method
- * Formerly at:
- *   http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#multiexp
- * You might now find it here:
- *   http://link.springer.com/chapter/10.1007%2F3-540-45537-X_13
- *   http://www.bmoeller.de/pdf/TI-01-08.multiexp.pdf
- * For multiplication with precomputation, we use wNAF splitting, formerly at:
- *   http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#fastexp
- */
-
-/* structure for precomputed multiples of the generator */
-typedef struct ec_pre_comp_st {
-    const EC_GROUP *group;      /* parent EC_GROUP object */
-    size_t blocksize;           /* block size for wNAF splitting */
-    size_t numblocks;           /* max. number of blocks for which we have
-                                 * precomputation */
-    size_t w;                   /* window size */
-    EC_POINT **points;          /* array with pre-calculated multiples of
-                                 * generator: 'num' pointers to EC_POINT
-                                 * objects followed by a NULL */
-    size_t num;                 /* numblocks * 2^(w-1) */
-    int references;
-} EC_PRE_COMP;
-
-/* functions to manage EC_PRE_COMP within the EC_GROUP extra_data framework */
-static void *ec_pre_comp_dup(void *);
-static void ec_pre_comp_free(void *);
-static void ec_pre_comp_clear_free(void *);
-
-static EC_PRE_COMP *ec_pre_comp_new(const EC_GROUP *group)
-{
-    EC_PRE_COMP *ret = NULL;
-
-    if (!group)
-        return NULL;
-
-    ret = (EC_PRE_COMP *)OPENSSL_malloc(sizeof(EC_PRE_COMP));
-    if (!ret) {
-        ECerr(EC_F_EC_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
-        return ret;
-    }
-    ret->group = group;
-    ret->blocksize = 8;         /* default */
-    ret->numblocks = 0;
-    ret->w = 4;                 /* default */
-    ret->points = NULL;
-    ret->num = 0;
-    ret->references = 1;
-    return ret;
-}
-
-static void *ec_pre_comp_dup(void *src_)
-{
-    EC_PRE_COMP *src = src_;
-
-    /* no need to actually copy, these objects never change! */
-
-    CRYPTO_add(&src->references, 1, CRYPTO_LOCK_EC_PRE_COMP);
-
-    return src_;
-}
-
-static void ec_pre_comp_free(void *pre_)
-{
-    int i;
-    EC_PRE_COMP *pre = pre_;
-
-    if (!pre)
-        return;
-
-    i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
-    if (i > 0)
-        return;
-
-    if (pre->points) {
-        EC_POINT **p;
-
-        for (p = pre->points; *p != NULL; p++)
-            EC_POINT_free(*p);
-        OPENSSL_free(pre->points);
-    }
-    OPENSSL_free(pre);
-}
-
-static void ec_pre_comp_clear_free(void *pre_)
-{
-    int i;
-    EC_PRE_COMP *pre = pre_;
-
-    if (!pre)
-        return;
-
-    i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
-    if (i > 0)
-        return;
-
-    if (pre->points) {
-        EC_POINT **p;
-
-        for (p = pre->points; *p != NULL; p++) {
-            EC_POINT_clear_free(*p);
-            OPENSSL_cleanse(p, sizeof *p);
-        }
-        OPENSSL_free(pre->points);
-    }
-    OPENSSL_cleanse(pre, sizeof *pre);
-    OPENSSL_free(pre);
-}
-
-/*-
- * Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'.
- * This is an array  r[]  of values that are either zero or odd with an
- * absolute value less than  2^w  satisfying
- *     scalar = \sum_j r[j]*2^j
- * where at most one of any  w+1  consecutive digits is non-zero
- * with the exception that the most significant digit may be only
- * w-1 zeros away from that next non-zero digit.
- */
-static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len)
-{
-    int window_val;
-    int ok = 0;
-    signed char *r = NULL;
-    int sign = 1;
-    int bit, next_bit, mask;
-    size_t len = 0, j;
-
-    if (BN_is_zero(scalar)) {
-        r = OPENSSL_malloc(1);
-        if (!r) {
-            ECerr(EC_F_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        r[0] = 0;
-        *ret_len = 1;
-        return r;
-    }
-
-    if (w <= 0 || w > 7) {      /* 'signed char' can represent integers with
-                                 * absolute values less than 2^7 */
-        ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-    bit = 1 << w;               /* at most 128 */
-    next_bit = bit << 1;        /* at most 256 */
-    mask = next_bit - 1;        /* at most 255 */
-
-    if (BN_is_negative(scalar)) {
-        sign = -1;
-    }
-
-    if (scalar->d == NULL || scalar->top == 0) {
-        ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-
-    len = BN_num_bits(scalar);
-    r = OPENSSL_malloc(len + 1); /* modified wNAF may be one digit longer
-                                  * than binary representation (*ret_len will
-                                  * be set to the actual length, i.e. at most
-                                  * BN_num_bits(scalar) + 1) */
-    if (r == NULL) {
-        ECerr(EC_F_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    window_val = scalar->d[0] & mask;
-    j = 0;
-    while ((window_val != 0) || (j + w + 1 < len)) { /* if j+w+1 >= len,
-                                                      * window_val will not
-                                                      * increase */
-        int digit = 0;
-
-        /* 0 <= window_val <= 2^(w+1) */
-
-        if (window_val & 1) {
-            /* 0 < window_val < 2^(w+1) */
-
-            if (window_val & bit) {
-                digit = window_val - next_bit; /* -2^w < digit < 0 */
-
-#if 1                           /* modified wNAF */
-                if (j + w + 1 >= len) {
-                    /*
-                     * special case for generating modified wNAFs: no new
-                     * bits will be added into window_val, so using a
-                     * positive digit here will decrease the total length of
-                     * the representation
-                     */
-
-                    digit = window_val & (mask >> 1); /* 0 < digit < 2^w */
-                }
-#endif
-            } else {
-                digit = window_val; /* 0 < digit < 2^w */
-            }
-
-            if (digit <= -bit || digit >= bit || !(digit & 1)) {
-                ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-
-            window_val -= digit;
-
-            /*
-             * now window_val is 0 or 2^(w+1) in standard wNAF generation;
-             * for modified window NAFs, it may also be 2^w
-             */
-            if (window_val != 0 && window_val != next_bit
-                && window_val != bit) {
-                ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-        }
-
-        r[j++] = sign * digit;
-
-        window_val >>= 1;
-        window_val += bit * BN_is_bit_set(scalar, j + w);
-
-        if (window_val > next_bit) {
-            ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
-            goto err;
-        }
-    }
-
-    if (j > len + 1) {
-        ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-    len = j;
-    ok = 1;
-
- err:
-    if (!ok) {
-        OPENSSL_free(r);
-        r = NULL;
-    }
-    if (ok)
-        *ret_len = len;
-    return r;
-}
-
-/*
- * TODO: table should be optimised for the wNAF-based implementation,
- * sometimes smaller windows will give better performance (thus the
- * boundaries should be increased)
- */
-#define EC_window_bits_for_scalar_size(b) \
-                ((size_t) \
-                 ((b) >= 2000 ? 6 : \
-                  (b) >=  800 ? 5 : \
-                  (b) >=  300 ? 4 : \
-                  (b) >=   70 ? 3 : \
-                  (b) >=   20 ? 2 : \
-                  1))
-
-/*-
- * Compute
- *      \sum scalars[i]*points[i],
- * also including
- *      scalar*generator
- * in the addition if scalar != NULL
- */
-int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
-                size_t num, const EC_POINT *points[], const BIGNUM *scalars[],
-                BN_CTX *ctx)
-{
-    BN_CTX *new_ctx = NULL;
-    const EC_POINT *generator = NULL;
-    EC_POINT *tmp = NULL;
-    size_t totalnum;
-    size_t blocksize = 0, numblocks = 0; /* for wNAF splitting */
-    size_t pre_points_per_block = 0;
-    size_t i, j;
-    int k;
-    int r_is_inverted = 0;
-    int r_is_at_infinity = 1;
-    size_t *wsize = NULL;       /* individual window sizes */
-    signed char **wNAF = NULL;  /* individual wNAFs */
-    size_t *wNAF_len = NULL;
-    size_t max_len = 0;
-    size_t num_val;
-    EC_POINT **val = NULL;      /* precomputation */
-    EC_POINT **v;
-    EC_POINT ***val_sub = NULL; /* pointers to sub-arrays of 'val' or
-                                 * 'pre_comp->points' */
-    const EC_PRE_COMP *pre_comp = NULL;
-    int num_scalar = 0;         /* flag: will be set to 1 if 'scalar' must be
-                                 * treated like other scalars, i.e.
-                                 * precomputation is not available */
-    int ret = 0;
-
-    if (group->meth != r->meth) {
-        ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS);
-        return 0;
-    }
-
-    if ((scalar == NULL) && (num == 0)) {
-        return EC_POINT_set_to_infinity(group, r);
-    }
-
-    for (i = 0; i < num; i++) {
-        if (group->meth != points[i]->meth) {
-            ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS);
-            return 0;
-        }
-    }
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL)
-            goto err;
-    }
-
-    if (scalar != NULL) {
-        generator = EC_GROUP_get0_generator(group);
-        if (generator == NULL) {
-            ECerr(EC_F_EC_WNAF_MUL, EC_R_UNDEFINED_GENERATOR);
-            goto err;
-        }
-
-        /* look if we can use precomputed multiples of generator */
-
-        pre_comp =
-            EC_EX_DATA_get_data(group->extra_data, ec_pre_comp_dup,
-                                ec_pre_comp_free, ec_pre_comp_clear_free);
-
-        if (pre_comp && pre_comp->numblocks
-            && (EC_POINT_cmp(group, generator, pre_comp->points[0], ctx) ==
-                0)) {
-            blocksize = pre_comp->blocksize;
-
-            /*
-             * determine maximum number of blocks that wNAF splitting may
-             * yield (NB: maximum wNAF length is bit length plus one)
-             */
-            numblocks = (BN_num_bits(scalar) / blocksize) + 1;
-
-            /*
-             * we cannot use more blocks than we have precomputation for
-             */
-            if (numblocks > pre_comp->numblocks)
-                numblocks = pre_comp->numblocks;
-
-            pre_points_per_block = (size_t)1 << (pre_comp->w - 1);
-
-            /* check that pre_comp looks sane */
-            if (pre_comp->num != (pre_comp->numblocks * pre_points_per_block)) {
-                ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-        } else {
-            /* can't use precomputation */
-            pre_comp = NULL;
-            numblocks = 1;
-            num_scalar = 1;     /* treat 'scalar' like 'num'-th element of
-                                 * 'scalars' */
-        }
-    }
-
-    totalnum = num + numblocks;
-
-    wsize = OPENSSL_malloc(totalnum * sizeof wsize[0]);
-    wNAF_len = OPENSSL_malloc(totalnum * sizeof wNAF_len[0]);
-    wNAF = OPENSSL_malloc((totalnum + 1) * sizeof wNAF[0]); /* includes space
-                                                             * for pivot */
-    val_sub = OPENSSL_malloc(totalnum * sizeof val_sub[0]);
-
-    /* Ensure wNAF is initialised in case we end up going to err */
-    if (wNAF)
-        wNAF[0] = NULL;         /* preliminary pivot */
-
-    if (!wsize || !wNAF_len || !wNAF || !val_sub) {
-        ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    /*
-     * num_val will be the total number of temporarily precomputed points
-     */
-    num_val = 0;
-
-    for (i = 0; i < num + num_scalar; i++) {
-        size_t bits;
-
-        bits = i < num ? BN_num_bits(scalars[i]) : BN_num_bits(scalar);
-        wsize[i] = EC_window_bits_for_scalar_size(bits);
-        num_val += (size_t)1 << (wsize[i] - 1);
-        wNAF[i + 1] = NULL;     /* make sure we always have a pivot */
-        wNAF[i] =
-            compute_wNAF((i < num ? scalars[i] : scalar), wsize[i],
-                         &wNAF_len[i]);
-        if (wNAF[i] == NULL)
-            goto err;
-        if (wNAF_len[i] > max_len)
-            max_len = wNAF_len[i];
-    }
-
-    if (numblocks) {
-        /* we go here iff scalar != NULL */
-
-        if (pre_comp == NULL) {
-            if (num_scalar != 1) {
-                ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-            /* we have already generated a wNAF for 'scalar' */
-        } else {
-            signed char *tmp_wNAF = NULL;
-            size_t tmp_len = 0;
-
-            if (num_scalar != 0) {
-                ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-
-            /*
-             * use the window size for which we have precomputation
-             */
-            wsize[num] = pre_comp->w;
-            tmp_wNAF = compute_wNAF(scalar, wsize[num], &tmp_len);
-            if (!tmp_wNAF)
-                goto err;
-
-            if (tmp_len <= max_len) {
-                /*
-                 * One of the other wNAFs is at least as long as the wNAF
-                 * belonging to the generator, so wNAF splitting will not buy
-                 * us anything.
-                 */
-
-                numblocks = 1;
-                totalnum = num + 1; /* don't use wNAF splitting */
-                wNAF[num] = tmp_wNAF;
-                wNAF[num + 1] = NULL;
-                wNAF_len[num] = tmp_len;
-                if (tmp_len > max_len)
-                    max_len = tmp_len;
-                /*
-                 * pre_comp->points starts with the points that we need here:
-                 */
-                val_sub[num] = pre_comp->points;
-            } else {
-                /*
-                 * don't include tmp_wNAF directly into wNAF array - use wNAF
-                 * splitting and include the blocks
-                 */
-
-                signed char *pp;
-                EC_POINT **tmp_points;
-
-                if (tmp_len < numblocks * blocksize) {
-                    /*
-                     * possibly we can do with fewer blocks than estimated
-                     */
-                    numblocks = (tmp_len + blocksize - 1) / blocksize;
-                    if (numblocks > pre_comp->numblocks) {
-                        ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
-                        goto err;
-                    }
-                    totalnum = num + numblocks;
-                }
-
-                /* split wNAF in 'numblocks' parts */
-                pp = tmp_wNAF;
-                tmp_points = pre_comp->points;
-
-                for (i = num; i < totalnum; i++) {
-                    if (i < totalnum - 1) {
-                        wNAF_len[i] = blocksize;
-                        if (tmp_len < blocksize) {
-                            ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
-                            goto err;
-                        }
-                        tmp_len -= blocksize;
-                    } else
-                        /*
-                         * last block gets whatever is left (this could be
-                         * more or less than 'blocksize'!)
-                         */
-                        wNAF_len[i] = tmp_len;
-
-                    wNAF[i + 1] = NULL;
-                    wNAF[i] = OPENSSL_malloc(wNAF_len[i]);
-                    if (wNAF[i] == NULL) {
-                        ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
-                        OPENSSL_free(tmp_wNAF);
-                        goto err;
-                    }
-                    memcpy(wNAF[i], pp, wNAF_len[i]);
-                    if (wNAF_len[i] > max_len)
-                        max_len = wNAF_len[i];
-
-                    if (*tmp_points == NULL) {
-                        ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
-                        OPENSSL_free(tmp_wNAF);
-                        goto err;
-                    }
-                    val_sub[i] = tmp_points;
-                    tmp_points += pre_points_per_block;
-                    pp += blocksize;
-                }
-                OPENSSL_free(tmp_wNAF);
-            }
-        }
-    }
-
-    /*
-     * All points we precompute now go into a single array 'val'.
-     * 'val_sub[i]' is a pointer to the subarray for the i-th point, or to a
-     * subarray of 'pre_comp->points' if we already have precomputation.
-     */
-    val = OPENSSL_malloc((num_val + 1) * sizeof val[0]);
-    if (val == NULL) {
-        ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    val[num_val] = NULL;        /* pivot element */
-
-    /* allocate points for precomputation */
-    v = val;
-    for (i = 0; i < num + num_scalar; i++) {
-        val_sub[i] = v;
-        for (j = 0; j < ((size_t)1 << (wsize[i] - 1)); j++) {
-            *v = EC_POINT_new(group);
-            if (*v == NULL)
-                goto err;
-            v++;
-        }
-    }
-    if (!(v == val + num_val)) {
-        ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-
-    if (!(tmp = EC_POINT_new(group)))
-        goto err;
-
-    /*-
-     * prepare precomputed values:
-     *    val_sub[i][0] :=     points[i]
-     *    val_sub[i][1] := 3 * points[i]
-     *    val_sub[i][2] := 5 * points[i]
-     *    ...
-     */
-    for (i = 0; i < num + num_scalar; i++) {
-        if (i < num) {
-            if (!EC_POINT_copy(val_sub[i][0], points[i]))
-                goto err;
-        } else {
-            if (!EC_POINT_copy(val_sub[i][0], generator))
-                goto err;
-        }
-
-        if (wsize[i] > 1) {
-            if (!EC_POINT_dbl(group, tmp, val_sub[i][0], ctx))
-                goto err;
-            for (j = 1; j < ((size_t)1 << (wsize[i] - 1)); j++) {
-                if (!EC_POINT_add
-                    (group, val_sub[i][j], val_sub[i][j - 1], tmp, ctx))
-                    goto err;
-            }
-        }
-    }
-
-#if 1                           /* optional; EC_window_bits_for_scalar_size
-                                 * assumes we do this step */
-    if (!EC_POINTs_make_affine(group, num_val, val, ctx))
-        goto err;
-#endif
-
-    r_is_at_infinity = 1;
-
-    for (k = max_len - 1; k >= 0; k--) {
-        if (!r_is_at_infinity) {
-            if (!EC_POINT_dbl(group, r, r, ctx))
-                goto err;
-        }
-
-        for (i = 0; i < totalnum; i++) {
-            if (wNAF_len[i] > (size_t)k) {
-                int digit = wNAF[i][k];
-                int is_neg;
-
-                if (digit) {
-                    is_neg = digit < 0;
-
-                    if (is_neg)
-                        digit = -digit;
-
-                    if (is_neg != r_is_inverted) {
-                        if (!r_is_at_infinity) {
-                            if (!EC_POINT_invert(group, r, ctx))
-                                goto err;
-                        }
-                        r_is_inverted = !r_is_inverted;
-                    }
-
-                    /* digit > 0 */
-
-                    if (r_is_at_infinity) {
-                        if (!EC_POINT_copy(r, val_sub[i][digit >> 1]))
-                            goto err;
-                        r_is_at_infinity = 0;
-                    } else {
-                        if (!EC_POINT_add
-                            (group, r, r, val_sub[i][digit >> 1], ctx))
-                            goto err;
-                    }
-                }
-            }
-        }
-    }
-
-    if (r_is_at_infinity) {
-        if (!EC_POINT_set_to_infinity(group, r))
-            goto err;
-    } else {
-        if (r_is_inverted)
-            if (!EC_POINT_invert(group, r, ctx))
-                goto err;
-    }
-
-    ret = 1;
-
- err:
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    if (tmp != NULL)
-        EC_POINT_free(tmp);
-    if (wsize != NULL)
-        OPENSSL_free(wsize);
-    if (wNAF_len != NULL)
-        OPENSSL_free(wNAF_len);
-    if (wNAF != NULL) {
-        signed char **w;
-
-        for (w = wNAF; *w != NULL; w++)
-            OPENSSL_free(*w);
-
-        OPENSSL_free(wNAF);
-    }
-    if (val != NULL) {
-        for (v = val; *v != NULL; v++)
-            EC_POINT_clear_free(*v);
-
-        OPENSSL_free(val);
-    }
-    if (val_sub != NULL) {
-        OPENSSL_free(val_sub);
-    }
-    return ret;
-}
-
-/*-
- * ec_wNAF_precompute_mult()
- * creates an EC_PRE_COMP object with preprecomputed multiples of the generator
- * for use with wNAF splitting as implemented in ec_wNAF_mul().
- *
- * 'pre_comp->points' is an array of multiples of the generator
- * of the following form:
- * points[0] =     generator;
- * points[1] = 3 * generator;
- * ...
- * points[2^(w-1)-1] =     (2^(w-1)-1) * generator;
- * points[2^(w-1)]   =     2^blocksize * generator;
- * points[2^(w-1)+1] = 3 * 2^blocksize * generator;
- * ...
- * points[2^(w-1)*(numblocks-1)-1] = (2^(w-1)) *  2^(blocksize*(numblocks-2)) * generator
- * points[2^(w-1)*(numblocks-1)]   =              2^(blocksize*(numblocks-1)) * generator
- * ...
- * points[2^(w-1)*numblocks-1]     = (2^(w-1)) *  2^(blocksize*(numblocks-1)) * generator
- * points[2^(w-1)*numblocks]       = NULL
- */
-int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
-{
-    const EC_POINT *generator;
-    EC_POINT *tmp_point = NULL, *base = NULL, **var;
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *order;
-    size_t i, bits, w, pre_points_per_block, blocksize, numblocks, num;
-    EC_POINT **points = NULL;
-    EC_PRE_COMP *pre_comp;
-    int ret = 0;
-
-    /* if there is an old EC_PRE_COMP object, throw it away */
-    EC_EX_DATA_free_data(&group->extra_data, ec_pre_comp_dup,
-                         ec_pre_comp_free, ec_pre_comp_clear_free);
-
-    if ((pre_comp = ec_pre_comp_new(group)) == NULL)
-        return 0;
-
-    generator = EC_GROUP_get0_generator(group);
-    if (generator == NULL) {
-        ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, EC_R_UNDEFINED_GENERATOR);
-        goto err;
-    }
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL)
-            goto err;
-    }
-
-    BN_CTX_start(ctx);
-    order = BN_CTX_get(ctx);
-    if (order == NULL)
-        goto err;
-
-    if (!EC_GROUP_get_order(group, order, ctx))
-        goto err;
-    if (BN_is_zero(order)) {
-        ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, EC_R_UNKNOWN_ORDER);
-        goto err;
-    }
-
-    bits = BN_num_bits(order);
-    /*
-     * The following parameters mean we precompute (approximately) one point
-     * per bit. TBD: The combination 8, 4 is perfect for 160 bits; for other
-     * bit lengths, other parameter combinations might provide better
-     * efficiency.
-     */
-    blocksize = 8;
-    w = 4;
-    if (EC_window_bits_for_scalar_size(bits) > w) {
-        /* let's not make the window too small ... */
-        w = EC_window_bits_for_scalar_size(bits);
-    }
-
-    numblocks = (bits + blocksize - 1) / blocksize; /* max. number of blocks
-                                                     * to use for wNAF
-                                                     * splitting */
-
-    pre_points_per_block = (size_t)1 << (w - 1);
-    num = pre_points_per_block * numblocks; /* number of points to compute
-                                             * and store */
-
-    points = OPENSSL_malloc(sizeof(EC_POINT *) * (num + 1));
-    if (!points) {
-        ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    var = points;
-    var[num] = NULL;            /* pivot */
-    for (i = 0; i < num; i++) {
-        if ((var[i] = EC_POINT_new(group)) == NULL) {
-            ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-    }
-
-    if (!(tmp_point = EC_POINT_new(group)) || !(base = EC_POINT_new(group))) {
-        ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (!EC_POINT_copy(base, generator))
-        goto err;
-
-    /* do the precomputation */
-    for (i = 0; i < numblocks; i++) {
-        size_t j;
-
-        if (!EC_POINT_dbl(group, tmp_point, base, ctx))
-            goto err;
-
-        if (!EC_POINT_copy(*var++, base))
-            goto err;
-
-        for (j = 1; j < pre_points_per_block; j++, var++) {
-            /*
-             * calculate odd multiples of the current base point
-             */
-            if (!EC_POINT_add(group, *var, tmp_point, *(var - 1), ctx))
-                goto err;
-        }
-
-        if (i < numblocks - 1) {
-            /*
-             * get the next base (multiply current one by 2^blocksize)
-             */
-            size_t k;
-
-            if (blocksize <= 2) {
-                ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-
-            if (!EC_POINT_dbl(group, base, tmp_point, ctx))
-                goto err;
-            for (k = 2; k < blocksize; k++) {
-                if (!EC_POINT_dbl(group, base, base, ctx))
-                    goto err;
-            }
-        }
-    }
-
-    if (!EC_POINTs_make_affine(group, num, points, ctx))
-        goto err;
-
-    pre_comp->group = group;
-    pre_comp->blocksize = blocksize;
-    pre_comp->numblocks = numblocks;
-    pre_comp->w = w;
-    pre_comp->points = points;
-    points = NULL;
-    pre_comp->num = num;
-
-    if (!EC_EX_DATA_set_data(&group->extra_data, pre_comp,
-                             ec_pre_comp_dup, ec_pre_comp_free,
-                             ec_pre_comp_clear_free))
-        goto err;
-    pre_comp = NULL;
-
-    ret = 1;
- err:
-    if (ctx != NULL)
-        BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    if (pre_comp)
-        ec_pre_comp_free(pre_comp);
-    if (points) {
-        EC_POINT **p;
-
-        for (p = points; *p != NULL; p++)
-            EC_POINT_free(*p);
-        OPENSSL_free(points);
-    }
-    if (tmp_point)
-        EC_POINT_free(tmp_point);
-    if (base)
-        EC_POINT_free(base);
-    return ret;
-}
-
-int ec_wNAF_have_precompute_mult(const EC_GROUP *group)
-{
-    if (EC_EX_DATA_get_data
-        (group->extra_data, ec_pre_comp_dup, ec_pre_comp_free,
-         ec_pre_comp_clear_free) != NULL)
-        return 1;
-    else
-        return 0;
-}
diff --git a/thirdparty/openssl/crypto/ec/ec_oct.c b/thirdparty/openssl/crypto/ec/ec_oct.c
deleted file mode 100644
index 040c414a33..0000000000
--- a/thirdparty/openssl/crypto/ec/ec_oct.c
+++ /dev/null
@@ -1,192 +0,0 @@
-/* crypto/ec/ec_lib.c */
-/*
- * Originally written by Bodo Moeller for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * Binary polynomial ECC support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#include <string.h>
-
-#include <openssl/err.h>
-#include <openssl/opensslv.h>
-
-#include "ec_lcl.h"
-
-int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
-                                            EC_POINT *point, const BIGNUM *x,
-                                            int y_bit, BN_CTX *ctx)
-{
-    if (group->meth->point_set_compressed_coordinates == 0
-        && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) {
-        ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP,
-              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    if (group->meth != point->meth) {
-        ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP,
-              EC_R_INCOMPATIBLE_OBJECTS);
-        return 0;
-    }
-    if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) {
-        if (group->meth->field_type == NID_X9_62_prime_field)
-            return ec_GFp_simple_set_compressed_coordinates(group, point, x,
-                                                            y_bit, ctx);
-        else
-#ifdef OPENSSL_NO_EC2M
-        {
-            ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP,
-                  EC_R_GF2M_NOT_SUPPORTED);
-            return 0;
-        }
-#else
-            return ec_GF2m_simple_set_compressed_coordinates(group, point, x,
-                                                             y_bit, ctx);
-#endif
-    }
-    return group->meth->point_set_compressed_coordinates(group, point, x,
-                                                         y_bit, ctx);
-}
-
-#ifndef OPENSSL_NO_EC2M
-int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
-                                             EC_POINT *point, const BIGNUM *x,
-                                             int y_bit, BN_CTX *ctx)
-{
-    if (group->meth->point_set_compressed_coordinates == 0
-        && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) {
-        ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M,
-              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    if (group->meth != point->meth) {
-        ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M,
-              EC_R_INCOMPATIBLE_OBJECTS);
-        return 0;
-    }
-    if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) {
-        if (group->meth->field_type == NID_X9_62_prime_field)
-            return ec_GFp_simple_set_compressed_coordinates(group, point, x,
-                                                            y_bit, ctx);
-        else
-            return ec_GF2m_simple_set_compressed_coordinates(group, point, x,
-                                                             y_bit, ctx);
-    }
-    return group->meth->point_set_compressed_coordinates(group, point, x,
-                                                         y_bit, ctx);
-}
-#endif
-
-size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *point,
-                          point_conversion_form_t form, unsigned char *buf,
-                          size_t len, BN_CTX *ctx)
-{
-    if (group->meth->point2oct == 0
-        && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) {
-        ECerr(EC_F_EC_POINT_POINT2OCT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    if (group->meth != point->meth) {
-        ECerr(EC_F_EC_POINT_POINT2OCT, EC_R_INCOMPATIBLE_OBJECTS);
-        return 0;
-    }
-    if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) {
-        if (group->meth->field_type == NID_X9_62_prime_field)
-            return ec_GFp_simple_point2oct(group, point, form, buf, len, ctx);
-        else
-#ifdef OPENSSL_NO_EC2M
-        {
-            ECerr(EC_F_EC_POINT_POINT2OCT, EC_R_GF2M_NOT_SUPPORTED);
-            return 0;
-        }
-#else
-            return ec_GF2m_simple_point2oct(group, point,
-                                            form, buf, len, ctx);
-#endif
-    }
-
-    return group->meth->point2oct(group, point, form, buf, len, ctx);
-}
-
-int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *point,
-                       const unsigned char *buf, size_t len, BN_CTX *ctx)
-{
-    if (group->meth->oct2point == 0
-        && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) {
-        ECerr(EC_F_EC_POINT_OCT2POINT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        return 0;
-    }
-    if (group->meth != point->meth) {
-        ECerr(EC_F_EC_POINT_OCT2POINT, EC_R_INCOMPATIBLE_OBJECTS);
-        return 0;
-    }
-    if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) {
-        if (group->meth->field_type == NID_X9_62_prime_field)
-            return ec_GFp_simple_oct2point(group, point, buf, len, ctx);
-        else
-#ifdef OPENSSL_NO_EC2M
-        {
-            ECerr(EC_F_EC_POINT_OCT2POINT, EC_R_GF2M_NOT_SUPPORTED);
-            return 0;
-        }
-#else
-            return ec_GF2m_simple_oct2point(group, point, buf, len, ctx);
-#endif
-    }
-    return group->meth->oct2point(group, point, buf, len, ctx);
-}
diff --git a/thirdparty/openssl/crypto/ec/ec_pmeth.c b/thirdparty/openssl/crypto/ec/ec_pmeth.c
deleted file mode 100644
index b76749010c..0000000000
--- a/thirdparty/openssl/crypto/ec/ec_pmeth.c
+++ /dev/null
@@ -1,530 +0,0 @@
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/ec.h>
-#include "ec_lcl.h"
-#include <openssl/ecdsa.h>
-#include <openssl/evp.h>
-#include "evp_locl.h"
-
-/* EC pkey context structure */
-
-typedef struct {
-    /* Key and paramgen group */
-    EC_GROUP *gen_group;
-    /* message digest */
-    const EVP_MD *md;
-    /* Duplicate key if custom cofactor needed */
-    EC_KEY *co_key;
-    /* Cofactor mode */
-    signed char cofactor_mode;
-    /* KDF (if any) to use for ECDH */
-    char kdf_type;
-    /* Message digest to use for key derivation */
-    const EVP_MD *kdf_md;
-    /* User key material */
-    unsigned char *kdf_ukm;
-    size_t kdf_ukmlen;
-    /* KDF output length */
-    size_t kdf_outlen;
-} EC_PKEY_CTX;
-
-static int pkey_ec_init(EVP_PKEY_CTX *ctx)
-{
-    EC_PKEY_CTX *dctx;
-    dctx = OPENSSL_malloc(sizeof(EC_PKEY_CTX));
-    if (!dctx)
-        return 0;
-    dctx->gen_group = NULL;
-    dctx->md = NULL;
-
-    dctx->cofactor_mode = -1;
-    dctx->co_key = NULL;
-    dctx->kdf_type = EVP_PKEY_ECDH_KDF_NONE;
-    dctx->kdf_md = NULL;
-    dctx->kdf_outlen = 0;
-    dctx->kdf_ukm = NULL;
-    dctx->kdf_ukmlen = 0;
-
-    ctx->data = dctx;
-
-    return 1;
-}
-
-static int pkey_ec_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
-{
-    EC_PKEY_CTX *dctx, *sctx;
-    if (!pkey_ec_init(dst))
-        return 0;
-    sctx = src->data;
-    dctx = dst->data;
-    if (sctx->gen_group) {
-        dctx->gen_group = EC_GROUP_dup(sctx->gen_group);
-        if (!dctx->gen_group)
-            return 0;
-    }
-    dctx->md = sctx->md;
-
-    if (sctx->co_key) {
-        dctx->co_key = EC_KEY_dup(sctx->co_key);
-        if (!dctx->co_key)
-            return 0;
-    }
-    dctx->kdf_type = sctx->kdf_type;
-    dctx->kdf_md = sctx->kdf_md;
-    dctx->kdf_outlen = sctx->kdf_outlen;
-    if (sctx->kdf_ukm) {
-        dctx->kdf_ukm = BUF_memdup(sctx->kdf_ukm, sctx->kdf_ukmlen);
-        if (!dctx->kdf_ukm)
-            return 0;
-    } else
-        dctx->kdf_ukm = NULL;
-    dctx->kdf_ukmlen = sctx->kdf_ukmlen;
-    return 1;
-}
-
-static void pkey_ec_cleanup(EVP_PKEY_CTX *ctx)
-{
-    EC_PKEY_CTX *dctx = ctx->data;
-    if (dctx) {
-        if (dctx->gen_group)
-            EC_GROUP_free(dctx->gen_group);
-        if (dctx->co_key)
-            EC_KEY_free(dctx->co_key);
-        if (dctx->kdf_ukm)
-            OPENSSL_free(dctx->kdf_ukm);
-        OPENSSL_free(dctx);
-    }
-}
-
-static int pkey_ec_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
-                        const unsigned char *tbs, size_t tbslen)
-{
-    int ret, type;
-    unsigned int sltmp;
-    EC_PKEY_CTX *dctx = ctx->data;
-    EC_KEY *ec = ctx->pkey->pkey.ec;
-
-    if (!sig) {
-        *siglen = ECDSA_size(ec);
-        return 1;
-    } else if (*siglen < (size_t)ECDSA_size(ec)) {
-        ECerr(EC_F_PKEY_EC_SIGN, EC_R_BUFFER_TOO_SMALL);
-        return 0;
-    }
-
-    if (dctx->md)
-        type = EVP_MD_type(dctx->md);
-    else
-        type = NID_sha1;
-
-    ret = ECDSA_sign(type, tbs, tbslen, sig, &sltmp, ec);
-
-    if (ret <= 0)
-        return ret;
-    *siglen = (size_t)sltmp;
-    return 1;
-}
-
-static int pkey_ec_verify(EVP_PKEY_CTX *ctx,
-                          const unsigned char *sig, size_t siglen,
-                          const unsigned char *tbs, size_t tbslen)
-{
-    int ret, type;
-    EC_PKEY_CTX *dctx = ctx->data;
-    EC_KEY *ec = ctx->pkey->pkey.ec;
-
-    if (dctx->md)
-        type = EVP_MD_type(dctx->md);
-    else
-        type = NID_sha1;
-
-    ret = ECDSA_verify(type, tbs, tbslen, sig, siglen, ec);
-
-    return ret;
-}
-
-#ifndef OPENSSL_NO_ECDH
-static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
-                          size_t *keylen)
-{
-    int ret;
-    size_t outlen;
-    const EC_POINT *pubkey = NULL;
-    EC_KEY *eckey;
-    EC_PKEY_CTX *dctx = ctx->data;
-    if (!ctx->pkey || !ctx->peerkey) {
-        ECerr(EC_F_PKEY_EC_DERIVE, EC_R_KEYS_NOT_SET);
-        return 0;
-    }
-
-    eckey = dctx->co_key ? dctx->co_key : ctx->pkey->pkey.ec;
-
-    if (!key) {
-        const EC_GROUP *group;
-        group = EC_KEY_get0_group(eckey);
-        *keylen = (EC_GROUP_get_degree(group) + 7) / 8;
-        return 1;
-    }
-    pubkey = EC_KEY_get0_public_key(ctx->peerkey->pkey.ec);
-
-    /*
-     * NB: unlike PKCS#3 DH, if *outlen is less than maximum size this is not
-     * an error, the result is truncated.
-     */
-
-    outlen = *keylen;
-
-    ret = ECDH_compute_key(key, outlen, pubkey, eckey, 0);
-    if (ret <= 0)
-        return 0;
-    *keylen = ret;
-    return 1;
-}
-
-static int pkey_ec_kdf_derive(EVP_PKEY_CTX *ctx,
-                              unsigned char *key, size_t *keylen)
-{
-    EC_PKEY_CTX *dctx = ctx->data;
-    unsigned char *ktmp = NULL;
-    size_t ktmplen;
-    int rv = 0;
-    if (dctx->kdf_type == EVP_PKEY_ECDH_KDF_NONE)
-        return pkey_ec_derive(ctx, key, keylen);
-    if (!key) {
-        *keylen = dctx->kdf_outlen;
-        return 1;
-    }
-    if (*keylen != dctx->kdf_outlen)
-        return 0;
-    if (!pkey_ec_derive(ctx, NULL, &ktmplen))
-        return 0;
-    ktmp = OPENSSL_malloc(ktmplen);
-    if (!ktmp)
-        return 0;
-    if (!pkey_ec_derive(ctx, ktmp, &ktmplen))
-        goto err;
-    /* Do KDF stuff */
-    if (!ECDH_KDF_X9_62(key, *keylen, ktmp, ktmplen,
-                        dctx->kdf_ukm, dctx->kdf_ukmlen, dctx->kdf_md))
-        goto err;
-    rv = 1;
-
- err:
-    if (ktmp) {
-        OPENSSL_cleanse(ktmp, ktmplen);
-        OPENSSL_free(ktmp);
-    }
-    return rv;
-}
-#endif
-
-static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
-{
-    EC_PKEY_CTX *dctx = ctx->data;
-    EC_GROUP *group;
-    switch (type) {
-    case EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID:
-        group = EC_GROUP_new_by_curve_name(p1);
-        if (group == NULL) {
-            ECerr(EC_F_PKEY_EC_CTRL, EC_R_INVALID_CURVE);
-            return 0;
-        }
-        if (dctx->gen_group)
-            EC_GROUP_free(dctx->gen_group);
-        dctx->gen_group = group;
-        return 1;
-
-    case EVP_PKEY_CTRL_EC_PARAM_ENC:
-        if (!dctx->gen_group) {
-            ECerr(EC_F_PKEY_EC_CTRL, EC_R_NO_PARAMETERS_SET);
-            return 0;
-        }
-        EC_GROUP_set_asn1_flag(dctx->gen_group, p1);
-        return 1;
-
-#ifndef OPENSSL_NO_ECDH
-    case EVP_PKEY_CTRL_EC_ECDH_COFACTOR:
-        if (p1 == -2) {
-            if (dctx->cofactor_mode != -1)
-                return dctx->cofactor_mode;
-            else {
-                EC_KEY *ec_key = ctx->pkey->pkey.ec;
-                return EC_KEY_get_flags(ec_key) & EC_FLAG_COFACTOR_ECDH ? 1 :
-                    0;
-            }
-        } else if (p1 < -1 || p1 > 1)
-            return -2;
-        dctx->cofactor_mode = p1;
-        if (p1 != -1) {
-            EC_KEY *ec_key = ctx->pkey->pkey.ec;
-            if (!ec_key->group)
-                return -2;
-            /* If cofactor is 1 cofactor mode does nothing */
-            if (BN_is_one(&ec_key->group->cofactor))
-                return 1;
-            if (!dctx->co_key) {
-                dctx->co_key = EC_KEY_dup(ec_key);
-                if (!dctx->co_key)
-                    return 0;
-            }
-            if (p1)
-                EC_KEY_set_flags(dctx->co_key, EC_FLAG_COFACTOR_ECDH);
-            else
-                EC_KEY_clear_flags(dctx->co_key, EC_FLAG_COFACTOR_ECDH);
-        } else if (dctx->co_key) {
-            EC_KEY_free(dctx->co_key);
-            dctx->co_key = NULL;
-        }
-        return 1;
-#endif
-
-    case EVP_PKEY_CTRL_EC_KDF_TYPE:
-        if (p1 == -2)
-            return dctx->kdf_type;
-        if (p1 != EVP_PKEY_ECDH_KDF_NONE && p1 != EVP_PKEY_ECDH_KDF_X9_62)
-            return -2;
-        dctx->kdf_type = p1;
-        return 1;
-
-    case EVP_PKEY_CTRL_EC_KDF_MD:
-        dctx->kdf_md = p2;
-        return 1;
-
-    case EVP_PKEY_CTRL_GET_EC_KDF_MD:
-        *(const EVP_MD **)p2 = dctx->kdf_md;
-        return 1;
-
-    case EVP_PKEY_CTRL_EC_KDF_OUTLEN:
-        if (p1 <= 0)
-            return -2;
-        dctx->kdf_outlen = (size_t)p1;
-        return 1;
-
-    case EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN:
-        *(int *)p2 = dctx->kdf_outlen;
-        return 1;
-
-    case EVP_PKEY_CTRL_EC_KDF_UKM:
-        if (dctx->kdf_ukm)
-            OPENSSL_free(dctx->kdf_ukm);
-        dctx->kdf_ukm = p2;
-        if (p2)
-            dctx->kdf_ukmlen = p1;
-        else
-            dctx->kdf_ukmlen = 0;
-        return 1;
-
-    case EVP_PKEY_CTRL_GET_EC_KDF_UKM:
-        *(unsigned char **)p2 = dctx->kdf_ukm;
-        return dctx->kdf_ukmlen;
-
-    case EVP_PKEY_CTRL_MD:
-        if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 &&
-            EVP_MD_type((const EVP_MD *)p2) != NID_ecdsa_with_SHA1 &&
-            EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
-            EVP_MD_type((const EVP_MD *)p2) != NID_sha256 &&
-            EVP_MD_type((const EVP_MD *)p2) != NID_sha384 &&
-            EVP_MD_type((const EVP_MD *)p2) != NID_sha512) {
-            ECerr(EC_F_PKEY_EC_CTRL, EC_R_INVALID_DIGEST_TYPE);
-            return 0;
-        }
-        dctx->md = p2;
-        return 1;
-
-    case EVP_PKEY_CTRL_GET_MD:
-        *(const EVP_MD **)p2 = dctx->md;
-        return 1;
-
-    case EVP_PKEY_CTRL_PEER_KEY:
-        /* Default behaviour is OK */
-    case EVP_PKEY_CTRL_DIGESTINIT:
-    case EVP_PKEY_CTRL_PKCS7_SIGN:
-    case EVP_PKEY_CTRL_CMS_SIGN:
-        return 1;
-
-    default:
-        return -2;
-
-    }
-}
-
-static int pkey_ec_ctrl_str(EVP_PKEY_CTX *ctx,
-                            const char *type, const char *value)
-{
-    if (!strcmp(type, "ec_paramgen_curve")) {
-        int nid;
-        nid = EC_curve_nist2nid(value);
-        if (nid == NID_undef)
-            nid = OBJ_sn2nid(value);
-        if (nid == NID_undef)
-            nid = OBJ_ln2nid(value);
-        if (nid == NID_undef) {
-            ECerr(EC_F_PKEY_EC_CTRL_STR, EC_R_INVALID_CURVE);
-            return 0;
-        }
-        return EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid);
-    } else if (!strcmp(type, "ec_param_enc")) {
-        int param_enc;
-        if (!strcmp(value, "explicit"))
-            param_enc = 0;
-        else if (!strcmp(value, "named_curve"))
-            param_enc = OPENSSL_EC_NAMED_CURVE;
-        else
-            return -2;
-        return EVP_PKEY_CTX_set_ec_param_enc(ctx, param_enc);
-    } else if (!strcmp(type, "ecdh_kdf_md")) {
-        const EVP_MD *md;
-        if (!(md = EVP_get_digestbyname(value))) {
-            ECerr(EC_F_PKEY_EC_CTRL_STR, EC_R_INVALID_DIGEST);
-            return 0;
-        }
-        return EVP_PKEY_CTX_set_ecdh_kdf_md(ctx, md);
-    } else if (!strcmp(type, "ecdh_cofactor_mode")) {
-        int co_mode;
-        co_mode = atoi(value);
-        return EVP_PKEY_CTX_set_ecdh_cofactor_mode(ctx, co_mode);
-    }
-
-    return -2;
-}
-
-static int pkey_ec_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
-    EC_KEY *ec = NULL;
-    EC_PKEY_CTX *dctx = ctx->data;
-    int ret = 0;
-    if (dctx->gen_group == NULL) {
-        ECerr(EC_F_PKEY_EC_PARAMGEN, EC_R_NO_PARAMETERS_SET);
-        return 0;
-    }
-    ec = EC_KEY_new();
-    if (!ec)
-        return 0;
-    ret = EC_KEY_set_group(ec, dctx->gen_group);
-    if (ret)
-        EVP_PKEY_assign_EC_KEY(pkey, ec);
-    else
-        EC_KEY_free(ec);
-    return ret;
-}
-
-static int pkey_ec_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
-    EC_KEY *ec = NULL;
-    EC_PKEY_CTX *dctx = ctx->data;
-    if (ctx->pkey == NULL && dctx->gen_group == NULL) {
-        ECerr(EC_F_PKEY_EC_KEYGEN, EC_R_NO_PARAMETERS_SET);
-        return 0;
-    }
-    ec = EC_KEY_new();
-    if (!ec)
-        return 0;
-    EVP_PKEY_assign_EC_KEY(pkey, ec);
-    if (ctx->pkey) {
-        /* Note: if error return, pkey is freed by parent routine */
-        if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey))
-            return 0;
-    } else {
-        if (!EC_KEY_set_group(ec, dctx->gen_group))
-            return 0;
-    }
-    return EC_KEY_generate_key(pkey->pkey.ec);
-}
-
-const EVP_PKEY_METHOD ec_pkey_meth = {
-    EVP_PKEY_EC,
-    0,
-    pkey_ec_init,
-    pkey_ec_copy,
-    pkey_ec_cleanup,
-
-    0,
-    pkey_ec_paramgen,
-
-    0,
-    pkey_ec_keygen,
-
-    0,
-    pkey_ec_sign,
-
-    0,
-    pkey_ec_verify,
-
-    0, 0,
-
-    0, 0, 0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    0,
-#ifndef OPENSSL_NO_ECDH
-    pkey_ec_kdf_derive,
-#else
-    0,
-#endif
-
-    pkey_ec_ctrl,
-    pkey_ec_ctrl_str
-};
diff --git a/thirdparty/openssl/crypto/ec/ec_print.c b/thirdparty/openssl/crypto/ec/ec_print.c
deleted file mode 100644
index 96b294d877..0000000000
--- a/thirdparty/openssl/crypto/ec/ec_print.c
+++ /dev/null
@@ -1,179 +0,0 @@
-/* crypto/ec/ec_print.c */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/crypto.h>
-#include "ec_lcl.h"
-
-BIGNUM *EC_POINT_point2bn(const EC_GROUP *group,
-                          const EC_POINT *point,
-                          point_conversion_form_t form,
-                          BIGNUM *ret, BN_CTX *ctx)
-{
-    size_t buf_len = 0;
-    unsigned char *buf;
-
-    buf_len = EC_POINT_point2oct(group, point, form, NULL, 0, ctx);
-    if (buf_len == 0)
-        return NULL;
-
-    if ((buf = OPENSSL_malloc(buf_len)) == NULL)
-        return NULL;
-
-    if (!EC_POINT_point2oct(group, point, form, buf, buf_len, ctx)) {
-        OPENSSL_free(buf);
-        return NULL;
-    }
-
-    ret = BN_bin2bn(buf, buf_len, ret);
-
-    OPENSSL_free(buf);
-
-    return ret;
-}
-
-EC_POINT *EC_POINT_bn2point(const EC_GROUP *group,
-                            const BIGNUM *bn, EC_POINT *point, BN_CTX *ctx)
-{
-    size_t buf_len = 0;
-    unsigned char *buf;
-    EC_POINT *ret;
-
-    if ((buf_len = BN_num_bytes(bn)) == 0)
-        return NULL;
-    buf = OPENSSL_malloc(buf_len);
-    if (buf == NULL)
-        return NULL;
-
-    if (!BN_bn2bin(bn, buf)) {
-        OPENSSL_free(buf);
-        return NULL;
-    }
-
-    if (point == NULL) {
-        if ((ret = EC_POINT_new(group)) == NULL) {
-            OPENSSL_free(buf);
-            return NULL;
-        }
-    } else
-        ret = point;
-
-    if (!EC_POINT_oct2point(group, ret, buf, buf_len, ctx)) {
-        if (point == NULL)
-            EC_POINT_clear_free(ret);
-        OPENSSL_free(buf);
-        return NULL;
-    }
-
-    OPENSSL_free(buf);
-    return ret;
-}
-
-static const char *HEX_DIGITS = "0123456789ABCDEF";
-
-/* the return value must be freed (using OPENSSL_free()) */
-char *EC_POINT_point2hex(const EC_GROUP *group,
-                         const EC_POINT *point,
-                         point_conversion_form_t form, BN_CTX *ctx)
-{
-    char *ret, *p;
-    size_t buf_len = 0, i;
-    unsigned char *buf, *pbuf;
-
-    buf_len = EC_POINT_point2oct(group, point, form, NULL, 0, ctx);
-    if (buf_len == 0)
-        return NULL;
-
-    if ((buf = OPENSSL_malloc(buf_len)) == NULL)
-        return NULL;
-
-    if (!EC_POINT_point2oct(group, point, form, buf, buf_len, ctx)) {
-        OPENSSL_free(buf);
-        return NULL;
-    }
-
-    ret = (char *)OPENSSL_malloc(buf_len * 2 + 2);
-    if (ret == NULL) {
-        OPENSSL_free(buf);
-        return NULL;
-    }
-    p = ret;
-    pbuf = buf;
-    for (i = buf_len; i > 0; i--) {
-        int v = (int)*(pbuf++);
-        *(p++) = HEX_DIGITS[v >> 4];
-        *(p++) = HEX_DIGITS[v & 0x0F];
-    }
-    *p = '\0';
-
-    OPENSSL_free(buf);
-
-    return ret;
-}
-
-EC_POINT *EC_POINT_hex2point(const EC_GROUP *group,
-                             const char *buf, EC_POINT *point, BN_CTX *ctx)
-{
-    EC_POINT *ret = NULL;
-    BIGNUM *tmp_bn = NULL;
-
-    if (!BN_hex2bn(&tmp_bn, buf))
-        return NULL;
-
-    ret = EC_POINT_bn2point(group, tmp_bn, point, ctx);
-
-    BN_clear_free(tmp_bn);
-
-    return ret;
-}
diff --git a/thirdparty/openssl/crypto/ec/eck_prn.c b/thirdparty/openssl/crypto/ec/eck_prn.c
deleted file mode 100644
index 176ec1f173..0000000000
--- a/thirdparty/openssl/crypto/ec/eck_prn.c
+++ /dev/null
@@ -1,377 +0,0 @@
-/* crypto/ec/eck_prn.c */
-/*
- * Written by Nils Larsch for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * Portions originally developed by SUN MICROSYSTEMS, INC., and
- * contributed to the OpenSSL project.
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/ec.h>
-#include <openssl/bn.h>
-
-#ifndef OPENSSL_NO_FP_API
-int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off)
-{
-    BIO *b;
-    int ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        ECerr(EC_F_ECPKPARAMETERS_PRINT_FP, ERR_R_BUF_LIB);
-        return (0);
-    }
-    BIO_set_fp(b, fp, BIO_NOCLOSE);
-    ret = ECPKParameters_print(b, x, off);
-    BIO_free(b);
-    return (ret);
-}
-
-int EC_KEY_print_fp(FILE *fp, const EC_KEY *x, int off)
-{
-    BIO *b;
-    int ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        ECerr(EC_F_EC_KEY_PRINT_FP, ERR_R_BIO_LIB);
-        return (0);
-    }
-    BIO_set_fp(b, fp, BIO_NOCLOSE);
-    ret = EC_KEY_print(b, x, off);
-    BIO_free(b);
-    return (ret);
-}
-
-int ECParameters_print_fp(FILE *fp, const EC_KEY *x)
-{
-    BIO *b;
-    int ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        ECerr(EC_F_ECPARAMETERS_PRINT_FP, ERR_R_BIO_LIB);
-        return (0);
-    }
-    BIO_set_fp(b, fp, BIO_NOCLOSE);
-    ret = ECParameters_print(b, x);
-    BIO_free(b);
-    return (ret);
-}
-#endif
-
-int EC_KEY_print(BIO *bp, const EC_KEY *x, int off)
-{
-    EVP_PKEY *pk;
-    int ret;
-    pk = EVP_PKEY_new();
-    if (!pk || !EVP_PKEY_set1_EC_KEY(pk, (EC_KEY *)x))
-        return 0;
-    ret = EVP_PKEY_print_private(bp, pk, off, NULL);
-    EVP_PKEY_free(pk);
-    return ret;
-}
-
-int ECParameters_print(BIO *bp, const EC_KEY *x)
-{
-    EVP_PKEY *pk;
-    int ret;
-    pk = EVP_PKEY_new();
-    if (!pk || !EVP_PKEY_set1_EC_KEY(pk, (EC_KEY *)x))
-        return 0;
-    ret = EVP_PKEY_print_params(bp, pk, 4, NULL);
-    EVP_PKEY_free(pk);
-    return ret;
-}
-
-static int print_bin(BIO *fp, const char *str, const unsigned char *num,
-                     size_t len, int off);
-
-int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off)
-{
-    unsigned char *buffer = NULL;
-    size_t buf_len = 0, i;
-    int ret = 0, reason = ERR_R_BIO_LIB;
-    BN_CTX *ctx = NULL;
-    const EC_POINT *point = NULL;
-    BIGNUM *p = NULL, *a = NULL, *b = NULL, *gen = NULL,
-        *order = NULL, *cofactor = NULL;
-    const unsigned char *seed;
-    size_t seed_len = 0;
-
-    static const char *gen_compressed = "Generator (compressed):";
-    static const char *gen_uncompressed = "Generator (uncompressed):";
-    static const char *gen_hybrid = "Generator (hybrid):";
-
-    if (!x) {
-        reason = ERR_R_PASSED_NULL_PARAMETER;
-        goto err;
-    }
-
-    ctx = BN_CTX_new();
-    if (ctx == NULL) {
-        reason = ERR_R_MALLOC_FAILURE;
-        goto err;
-    }
-
-    if (EC_GROUP_get_asn1_flag(x)) {
-        /* the curve parameter are given by an asn1 OID */
-        int nid;
-        const char *nname;
-
-        if (!BIO_indent(bp, off, 128))
-            goto err;
-
-        nid = EC_GROUP_get_curve_name(x);
-        if (nid == 0)
-            goto err;
-
-        if (BIO_printf(bp, "ASN1 OID: %s", OBJ_nid2sn(nid)) <= 0)
-            goto err;
-        if (BIO_printf(bp, "\n") <= 0)
-            goto err;
-        nname = EC_curve_nid2nist(nid);
-        if (nname) {
-            if (!BIO_indent(bp, off, 128))
-                goto err;
-            if (BIO_printf(bp, "NIST CURVE: %s\n", nname) <= 0)
-                goto err;
-        }
-    } else {
-        /* explicit parameters */
-        int is_char_two = 0;
-        point_conversion_form_t form;
-        int tmp_nid = EC_METHOD_get_field_type(EC_GROUP_method_of(x));
-
-        if (tmp_nid == NID_X9_62_characteristic_two_field)
-            is_char_two = 1;
-
-        if ((p = BN_new()) == NULL || (a = BN_new()) == NULL ||
-            (b = BN_new()) == NULL || (order = BN_new()) == NULL ||
-            (cofactor = BN_new()) == NULL) {
-            reason = ERR_R_MALLOC_FAILURE;
-            goto err;
-        }
-#ifndef OPENSSL_NO_EC2M
-        if (is_char_two) {
-            if (!EC_GROUP_get_curve_GF2m(x, p, a, b, ctx)) {
-                reason = ERR_R_EC_LIB;
-                goto err;
-            }
-        } else                  /* prime field */
-#endif
-        {
-            if (!EC_GROUP_get_curve_GFp(x, p, a, b, ctx)) {
-                reason = ERR_R_EC_LIB;
-                goto err;
-            }
-        }
-
-        if ((point = EC_GROUP_get0_generator(x)) == NULL) {
-            reason = ERR_R_EC_LIB;
-            goto err;
-        }
-        if (!EC_GROUP_get_order(x, order, NULL) ||
-            !EC_GROUP_get_cofactor(x, cofactor, NULL)) {
-            reason = ERR_R_EC_LIB;
-            goto err;
-        }
-
-        form = EC_GROUP_get_point_conversion_form(x);
-
-        if ((gen = EC_POINT_point2bn(x, point, form, NULL, ctx)) == NULL) {
-            reason = ERR_R_EC_LIB;
-            goto err;
-        }
-
-        buf_len = (size_t)BN_num_bytes(p);
-        if (buf_len < (i = (size_t)BN_num_bytes(a)))
-            buf_len = i;
-        if (buf_len < (i = (size_t)BN_num_bytes(b)))
-            buf_len = i;
-        if (buf_len < (i = (size_t)BN_num_bytes(gen)))
-            buf_len = i;
-        if (buf_len < (i = (size_t)BN_num_bytes(order)))
-            buf_len = i;
-        if (buf_len < (i = (size_t)BN_num_bytes(cofactor)))
-            buf_len = i;
-
-        if ((seed = EC_GROUP_get0_seed(x)) != NULL)
-            seed_len = EC_GROUP_get_seed_len(x);
-
-        buf_len += 10;
-        if ((buffer = OPENSSL_malloc(buf_len)) == NULL) {
-            reason = ERR_R_MALLOC_FAILURE;
-            goto err;
-        }
-
-        if (!BIO_indent(bp, off, 128))
-            goto err;
-
-        /* print the 'short name' of the field type */
-        if (BIO_printf(bp, "Field Type: %s\n", OBJ_nid2sn(tmp_nid))
-            <= 0)
-            goto err;
-
-        if (is_char_two) {
-            /* print the 'short name' of the base type OID */
-            int basis_type = EC_GROUP_get_basis_type(x);
-            if (basis_type == 0)
-                goto err;
-
-            if (!BIO_indent(bp, off, 128))
-                goto err;
-
-            if (BIO_printf(bp, "Basis Type: %s\n",
-                           OBJ_nid2sn(basis_type)) <= 0)
-                goto err;
-
-            /* print the polynomial */
-            if ((p != NULL) && !ASN1_bn_print(bp, "Polynomial:", p, buffer,
-                                              off))
-                goto err;
-        } else {
-            if ((p != NULL) && !ASN1_bn_print(bp, "Prime:", p, buffer, off))
-                goto err;
-        }
-        if ((a != NULL) && !ASN1_bn_print(bp, "A:   ", a, buffer, off))
-            goto err;
-        if ((b != NULL) && !ASN1_bn_print(bp, "B:   ", b, buffer, off))
-            goto err;
-        if (form == POINT_CONVERSION_COMPRESSED) {
-            if ((gen != NULL) && !ASN1_bn_print(bp, gen_compressed, gen,
-                                                buffer, off))
-                goto err;
-        } else if (form == POINT_CONVERSION_UNCOMPRESSED) {
-            if ((gen != NULL) && !ASN1_bn_print(bp, gen_uncompressed, gen,
-                                                buffer, off))
-                goto err;
-        } else {                /* form == POINT_CONVERSION_HYBRID */
-
-            if ((gen != NULL) && !ASN1_bn_print(bp, gen_hybrid, gen,
-                                                buffer, off))
-                goto err;
-        }
-        if ((order != NULL) && !ASN1_bn_print(bp, "Order: ", order,
-                                              buffer, off))
-            goto err;
-        if ((cofactor != NULL) && !ASN1_bn_print(bp, "Cofactor: ", cofactor,
-                                                 buffer, off))
-            goto err;
-        if (seed && !print_bin(bp, "Seed:", seed, seed_len, off))
-            goto err;
-    }
-    ret = 1;
- err:
-    if (!ret)
-        ECerr(EC_F_ECPKPARAMETERS_PRINT, reason);
-    if (p)
-        BN_free(p);
-    if (a)
-        BN_free(a);
-    if (b)
-        BN_free(b);
-    if (gen)
-        BN_free(gen);
-    if (order)
-        BN_free(order);
-    if (cofactor)
-        BN_free(cofactor);
-    if (ctx)
-        BN_CTX_free(ctx);
-    if (buffer != NULL)
-        OPENSSL_free(buffer);
-    return (ret);
-}
-
-static int print_bin(BIO *fp, const char *name, const unsigned char *buf,
-                     size_t len, int off)
-{
-    size_t i;
-    char str[128 + 1 + 4];
-
-    if (buf == NULL)
-        return 1;
-    if (off > 0) {
-        if (off > 128)
-            off = 128;
-        memset(str, ' ', off);
-        if (BIO_write(fp, str, off) <= 0)
-            return 0;
-    } else {
-        off = 0;
-    }
-
-    if (BIO_printf(fp, "%s", name) <= 0)
-        return 0;
-
-    for (i = 0; i < len; i++) {
-        if ((i % 15) == 0) {
-            str[0] = '\n';
-            memset(&(str[1]), ' ', off + 4);
-            if (BIO_write(fp, str, off + 1 + 4) <= 0)
-                return 0;
-        }
-        if (BIO_printf(fp, "%02x%s", buf[i], ((i + 1) == len) ? "" : ":") <=
-            0)
-            return 0;
-    }
-    if (BIO_write(fp, "\n", 1) <= 0)
-        return 0;
-
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/ec/ecp_mont.c b/thirdparty/openssl/crypto/ec/ecp_mont.c
deleted file mode 100644
index b2de7faea7..0000000000
--- a/thirdparty/openssl/crypto/ec/ecp_mont.c
+++ /dev/null
@@ -1,308 +0,0 @@
-/* crypto/ec/ecp_mont.c */
-/*
- * Originally written by Bodo Moeller for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * Portions of this software developed by SUN MICROSYSTEMS, INC.,
- * and contributed to the OpenSSL project.
- */
-
-#include <openssl/err.h>
-
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
-#include "ec_lcl.h"
-
-const EC_METHOD *EC_GFp_mont_method(void)
-{
-    static const EC_METHOD ret = {
-        EC_FLAGS_DEFAULT_OCT,
-        NID_X9_62_prime_field,
-        ec_GFp_mont_group_init,
-        ec_GFp_mont_group_finish,
-        ec_GFp_mont_group_clear_finish,
-        ec_GFp_mont_group_copy,
-        ec_GFp_mont_group_set_curve,
-        ec_GFp_simple_group_get_curve,
-        ec_GFp_simple_group_get_degree,
-        ec_GFp_simple_group_check_discriminant,
-        ec_GFp_simple_point_init,
-        ec_GFp_simple_point_finish,
-        ec_GFp_simple_point_clear_finish,
-        ec_GFp_simple_point_copy,
-        ec_GFp_simple_point_set_to_infinity,
-        ec_GFp_simple_set_Jprojective_coordinates_GFp,
-        ec_GFp_simple_get_Jprojective_coordinates_GFp,
-        ec_GFp_simple_point_set_affine_coordinates,
-        ec_GFp_simple_point_get_affine_coordinates,
-        0, 0, 0,
-        ec_GFp_simple_add,
-        ec_GFp_simple_dbl,
-        ec_GFp_simple_invert,
-        ec_GFp_simple_is_at_infinity,
-        ec_GFp_simple_is_on_curve,
-        ec_GFp_simple_cmp,
-        ec_GFp_simple_make_affine,
-        ec_GFp_simple_points_make_affine,
-        0 /* mul */ ,
-        0 /* precompute_mult */ ,
-        0 /* have_precompute_mult */ ,
-        ec_GFp_mont_field_mul,
-        ec_GFp_mont_field_sqr,
-        0 /* field_div */ ,
-        ec_GFp_mont_field_encode,
-        ec_GFp_mont_field_decode,
-        ec_GFp_mont_field_set_to_one
-    };
-
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode())
-        return fips_ec_gfp_mont_method();
-#endif
-
-    return &ret;
-}
-
-int ec_GFp_mont_group_init(EC_GROUP *group)
-{
-    int ok;
-
-    ok = ec_GFp_simple_group_init(group);
-    group->field_data1 = NULL;
-    group->field_data2 = NULL;
-    return ok;
-}
-
-void ec_GFp_mont_group_finish(EC_GROUP *group)
-{
-    if (group->field_data1 != NULL) {
-        BN_MONT_CTX_free(group->field_data1);
-        group->field_data1 = NULL;
-    }
-    if (group->field_data2 != NULL) {
-        BN_free(group->field_data2);
-        group->field_data2 = NULL;
-    }
-    ec_GFp_simple_group_finish(group);
-}
-
-void ec_GFp_mont_group_clear_finish(EC_GROUP *group)
-{
-    if (group->field_data1 != NULL) {
-        BN_MONT_CTX_free(group->field_data1);
-        group->field_data1 = NULL;
-    }
-    if (group->field_data2 != NULL) {
-        BN_clear_free(group->field_data2);
-        group->field_data2 = NULL;
-    }
-    ec_GFp_simple_group_clear_finish(group);
-}
-
-int ec_GFp_mont_group_copy(EC_GROUP *dest, const EC_GROUP *src)
-{
-    if (dest->field_data1 != NULL) {
-        BN_MONT_CTX_free(dest->field_data1);
-        dest->field_data1 = NULL;
-    }
-    if (dest->field_data2 != NULL) {
-        BN_clear_free(dest->field_data2);
-        dest->field_data2 = NULL;
-    }
-
-    if (!ec_GFp_simple_group_copy(dest, src))
-        return 0;
-
-    if (src->field_data1 != NULL) {
-        dest->field_data1 = BN_MONT_CTX_new();
-        if (dest->field_data1 == NULL)
-            return 0;
-        if (!BN_MONT_CTX_copy(dest->field_data1, src->field_data1))
-            goto err;
-    }
-    if (src->field_data2 != NULL) {
-        dest->field_data2 = BN_dup(src->field_data2);
-        if (dest->field_data2 == NULL)
-            goto err;
-    }
-
-    return 1;
-
- err:
-    if (dest->field_data1 != NULL) {
-        BN_MONT_CTX_free(dest->field_data1);
-        dest->field_data1 = NULL;
-    }
-    return 0;
-}
-
-int ec_GFp_mont_group_set_curve(EC_GROUP *group, const BIGNUM *p,
-                                const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
-{
-    BN_CTX *new_ctx = NULL;
-    BN_MONT_CTX *mont = NULL;
-    BIGNUM *one = NULL;
-    int ret = 0;
-
-    if (group->field_data1 != NULL) {
-        BN_MONT_CTX_free(group->field_data1);
-        group->field_data1 = NULL;
-    }
-    if (group->field_data2 != NULL) {
-        BN_free(group->field_data2);
-        group->field_data2 = NULL;
-    }
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL)
-            return 0;
-    }
-
-    mont = BN_MONT_CTX_new();
-    if (mont == NULL)
-        goto err;
-    if (!BN_MONT_CTX_set(mont, p, ctx)) {
-        ECerr(EC_F_EC_GFP_MONT_GROUP_SET_CURVE, ERR_R_BN_LIB);
-        goto err;
-    }
-    one = BN_new();
-    if (one == NULL)
-        goto err;
-    if (!BN_to_montgomery(one, BN_value_one(), mont, ctx))
-        goto err;
-
-    group->field_data1 = mont;
-    mont = NULL;
-    group->field_data2 = one;
-    one = NULL;
-
-    ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
-
-    if (!ret) {
-        BN_MONT_CTX_free(group->field_data1);
-        group->field_data1 = NULL;
-        BN_free(group->field_data2);
-        group->field_data2 = NULL;
-    }
-
- err:
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    if (mont != NULL)
-        BN_MONT_CTX_free(mont);
-    return ret;
-}
-
-int ec_GFp_mont_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
-                          const BIGNUM *b, BN_CTX *ctx)
-{
-    if (group->field_data1 == NULL) {
-        ECerr(EC_F_EC_GFP_MONT_FIELD_MUL, EC_R_NOT_INITIALIZED);
-        return 0;
-    }
-
-    return BN_mod_mul_montgomery(r, a, b, group->field_data1, ctx);
-}
-
-int ec_GFp_mont_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
-                          BN_CTX *ctx)
-{
-    if (group->field_data1 == NULL) {
-        ECerr(EC_F_EC_GFP_MONT_FIELD_SQR, EC_R_NOT_INITIALIZED);
-        return 0;
-    }
-
-    return BN_mod_mul_montgomery(r, a, a, group->field_data1, ctx);
-}
-
-int ec_GFp_mont_field_encode(const EC_GROUP *group, BIGNUM *r,
-                             const BIGNUM *a, BN_CTX *ctx)
-{
-    if (group->field_data1 == NULL) {
-        ECerr(EC_F_EC_GFP_MONT_FIELD_ENCODE, EC_R_NOT_INITIALIZED);
-        return 0;
-    }
-
-    return BN_to_montgomery(r, a, (BN_MONT_CTX *)group->field_data1, ctx);
-}
-
-int ec_GFp_mont_field_decode(const EC_GROUP *group, BIGNUM *r,
-                             const BIGNUM *a, BN_CTX *ctx)
-{
-    if (group->field_data1 == NULL) {
-        ECerr(EC_F_EC_GFP_MONT_FIELD_DECODE, EC_R_NOT_INITIALIZED);
-        return 0;
-    }
-
-    return BN_from_montgomery(r, a, group->field_data1, ctx);
-}
-
-int ec_GFp_mont_field_set_to_one(const EC_GROUP *group, BIGNUM *r,
-                                 BN_CTX *ctx)
-{
-    if (group->field_data2 == NULL) {
-        ECerr(EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE, EC_R_NOT_INITIALIZED);
-        return 0;
-    }
-
-    if (!BN_copy(r, group->field_data2))
-        return 0;
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/ec/ecp_nist.c b/thirdparty/openssl/crypto/ec/ecp_nist.c
deleted file mode 100644
index 3944e24935..0000000000
--- a/thirdparty/openssl/crypto/ec/ecp_nist.c
+++ /dev/null
@@ -1,220 +0,0 @@
-/* crypto/ec/ecp_nist.c */
-/*
- * Written by Nils Larsch for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * Portions of this software developed by SUN MICROSYSTEMS, INC.,
- * and contributed to the OpenSSL project.
- */
-
-#include <limits.h>
-
-#include <openssl/err.h>
-#include <openssl/obj_mac.h>
-#include "ec_lcl.h"
-
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
-const EC_METHOD *EC_GFp_nist_method(void)
-{
-    static const EC_METHOD ret = {
-        EC_FLAGS_DEFAULT_OCT,
-        NID_X9_62_prime_field,
-        ec_GFp_simple_group_init,
-        ec_GFp_simple_group_finish,
-        ec_GFp_simple_group_clear_finish,
-        ec_GFp_nist_group_copy,
-        ec_GFp_nist_group_set_curve,
-        ec_GFp_simple_group_get_curve,
-        ec_GFp_simple_group_get_degree,
-        ec_GFp_simple_group_check_discriminant,
-        ec_GFp_simple_point_init,
-        ec_GFp_simple_point_finish,
-        ec_GFp_simple_point_clear_finish,
-        ec_GFp_simple_point_copy,
-        ec_GFp_simple_point_set_to_infinity,
-        ec_GFp_simple_set_Jprojective_coordinates_GFp,
-        ec_GFp_simple_get_Jprojective_coordinates_GFp,
-        ec_GFp_simple_point_set_affine_coordinates,
-        ec_GFp_simple_point_get_affine_coordinates,
-        0, 0, 0,
-        ec_GFp_simple_add,
-        ec_GFp_simple_dbl,
-        ec_GFp_simple_invert,
-        ec_GFp_simple_is_at_infinity,
-        ec_GFp_simple_is_on_curve,
-        ec_GFp_simple_cmp,
-        ec_GFp_simple_make_affine,
-        ec_GFp_simple_points_make_affine,
-        0 /* mul */ ,
-        0 /* precompute_mult */ ,
-        0 /* have_precompute_mult */ ,
-        ec_GFp_nist_field_mul,
-        ec_GFp_nist_field_sqr,
-        0 /* field_div */ ,
-        0 /* field_encode */ ,
-        0 /* field_decode */ ,
-        0                       /* field_set_to_one */
-    };
-
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode())
-        return fips_ec_gfp_nist_method();
-#endif
-
-    return &ret;
-}
-
-int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src)
-{
-    dest->field_mod_func = src->field_mod_func;
-
-    return ec_GFp_simple_group_copy(dest, src);
-}
-
-int ec_GFp_nist_group_set_curve(EC_GROUP *group, const BIGNUM *p,
-                                const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
-{
-    int ret = 0;
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *tmp_bn;
-
-    if (ctx == NULL)
-        if ((ctx = new_ctx = BN_CTX_new()) == NULL)
-            return 0;
-
-    BN_CTX_start(ctx);
-    if ((tmp_bn = BN_CTX_get(ctx)) == NULL)
-        goto err;
-
-    if (BN_ucmp(BN_get0_nist_prime_192(), p) == 0)
-        group->field_mod_func = BN_nist_mod_192;
-    else if (BN_ucmp(BN_get0_nist_prime_224(), p) == 0)
-        group->field_mod_func = BN_nist_mod_224;
-    else if (BN_ucmp(BN_get0_nist_prime_256(), p) == 0)
-        group->field_mod_func = BN_nist_mod_256;
-    else if (BN_ucmp(BN_get0_nist_prime_384(), p) == 0)
-        group->field_mod_func = BN_nist_mod_384;
-    else if (BN_ucmp(BN_get0_nist_prime_521(), p) == 0)
-        group->field_mod_func = BN_nist_mod_521;
-    else {
-        ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE, EC_R_NOT_A_NIST_PRIME);
-        goto err;
-    }
-
-    ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
-
- err:
-    BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-
-int ec_GFp_nist_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
-                          const BIGNUM *b, BN_CTX *ctx)
-{
-    int ret = 0;
-    BN_CTX *ctx_new = NULL;
-
-    if (!group || !r || !a || !b) {
-        ECerr(EC_F_EC_GFP_NIST_FIELD_MUL, ERR_R_PASSED_NULL_PARAMETER);
-        goto err;
-    }
-    if (!ctx)
-        if ((ctx_new = ctx = BN_CTX_new()) == NULL)
-            goto err;
-
-    if (!BN_mul(r, a, b, ctx))
-        goto err;
-    if (!group->field_mod_func(r, r, &group->field, ctx))
-        goto err;
-
-    ret = 1;
- err:
-    if (ctx_new)
-        BN_CTX_free(ctx_new);
-    return ret;
-}
-
-int ec_GFp_nist_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
-                          BN_CTX *ctx)
-{
-    int ret = 0;
-    BN_CTX *ctx_new = NULL;
-
-    if (!group || !r || !a) {
-        ECerr(EC_F_EC_GFP_NIST_FIELD_SQR, EC_R_PASSED_NULL_PARAMETER);
-        goto err;
-    }
-    if (!ctx)
-        if ((ctx_new = ctx = BN_CTX_new()) == NULL)
-            goto err;
-
-    if (!BN_sqr(r, a, ctx))
-        goto err;
-    if (!group->field_mod_func(r, r, &group->field, ctx))
-        goto err;
-
-    ret = 1;
- err:
-    if (ctx_new)
-        BN_CTX_free(ctx_new);
-    return ret;
-}
diff --git a/thirdparty/openssl/crypto/ec/ecp_nistp224.c b/thirdparty/openssl/crypto/ec/ecp_nistp224.c
deleted file mode 100644
index d81cc9ce6b..0000000000
--- a/thirdparty/openssl/crypto/ec/ecp_nistp224.c
+++ /dev/null
@@ -1,1769 +0,0 @@
-/* crypto/ec/ecp_nistp224.c */
-/*
- * Written by Emilia Kasper (Google) for the OpenSSL project.
- */
-/* Copyright 2011 Google Inc.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- *
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS,
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/*
- * A 64-bit implementation of the NIST P-224 elliptic curve point multiplication
- *
- * Inspired by Daniel J. Bernstein's public domain nistp224 implementation
- * and Adam Langley's public domain 64-bit C implementation of curve25519
- */
-
-#include <openssl/opensslconf.h>
-#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-
-# ifndef OPENSSL_SYS_VMS
-#  include <stdint.h>
-# else
-#  include <inttypes.h>
-# endif
-
-# include <string.h>
-# include <openssl/err.h>
-# include "ec_lcl.h"
-
-# if defined(__GNUC__) && (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 1))
-  /* even with gcc, the typedef won't work for 32-bit platforms */
-typedef __uint128_t uint128_t;  /* nonstandard; implemented by gcc on 64-bit
-                                 * platforms */
-# else
-#  error "Need GCC 3.1 or later to define type uint128_t"
-# endif
-
-typedef uint8_t u8;
-typedef uint64_t u64;
-typedef int64_t s64;
-
-/******************************************************************************/
-/*-
- * INTERNAL REPRESENTATION OF FIELD ELEMENTS
- *
- * Field elements are represented as a_0 + 2^56*a_1 + 2^112*a_2 + 2^168*a_3
- * using 64-bit coefficients called 'limbs',
- * and sometimes (for multiplication results) as
- * b_0 + 2^56*b_1 + 2^112*b_2 + 2^168*b_3 + 2^224*b_4 + 2^280*b_5 + 2^336*b_6
- * using 128-bit coefficients called 'widelimbs'.
- * A 4-limb representation is an 'felem';
- * a 7-widelimb representation is a 'widefelem'.
- * Even within felems, bits of adjacent limbs overlap, and we don't always
- * reduce the representations: we ensure that inputs to each felem
- * multiplication satisfy a_i < 2^60, so outputs satisfy b_i < 4*2^60*2^60,
- * and fit into a 128-bit word without overflow. The coefficients are then
- * again partially reduced to obtain an felem satisfying a_i < 2^57.
- * We only reduce to the unique minimal representation at the end of the
- * computation.
- */
-
-typedef uint64_t limb;
-typedef uint128_t widelimb;
-
-typedef limb felem[4];
-typedef widelimb widefelem[7];
-
-/*
- * Field element represented as a byte arrary. 28*8 = 224 bits is also the
- * group order size for the elliptic curve, and we also use this type for
- * scalars for point multiplication.
- */
-typedef u8 felem_bytearray[28];
-
-static const felem_bytearray nistp224_curve_params[5] = {
-    {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, /* p */
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
-    {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, /* a */
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
-     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE},
-    {0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, 0xF5, 0x41, /* b */
-     0x32, 0x56, 0x50, 0x44, 0xB0, 0xB7, 0xD7, 0xBF, 0xD8, 0xBA,
-     0x27, 0x0B, 0x39, 0x43, 0x23, 0x55, 0xFF, 0xB4},
-    {0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, 0x32, 0x13, /* x */
-     0x90, 0xB9, 0x4A, 0x03, 0xC1, 0xD3, 0x56, 0xC2, 0x11, 0x22,
-     0x34, 0x32, 0x80, 0xD6, 0x11, 0x5C, 0x1D, 0x21},
-    {0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22, /* y */
-     0xdf, 0xe6, 0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64,
-     0x44, 0xd5, 0x81, 0x99, 0x85, 0x00, 0x7e, 0x34}
-};
-
-/*-
- * Precomputed multiples of the standard generator
- * Points are given in coordinates (X, Y, Z) where Z normally is 1
- * (0 for the point at infinity).
- * For each field element, slice a_0 is word 0, etc.
- *
- * The table has 2 * 16 elements, starting with the following:
- * index | bits    | point
- * ------+---------+------------------------------
- *     0 | 0 0 0 0 | 0G
- *     1 | 0 0 0 1 | 1G
- *     2 | 0 0 1 0 | 2^56G
- *     3 | 0 0 1 1 | (2^56 + 1)G
- *     4 | 0 1 0 0 | 2^112G
- *     5 | 0 1 0 1 | (2^112 + 1)G
- *     6 | 0 1 1 0 | (2^112 + 2^56)G
- *     7 | 0 1 1 1 | (2^112 + 2^56 + 1)G
- *     8 | 1 0 0 0 | 2^168G
- *     9 | 1 0 0 1 | (2^168 + 1)G
- *    10 | 1 0 1 0 | (2^168 + 2^56)G
- *    11 | 1 0 1 1 | (2^168 + 2^56 + 1)G
- *    12 | 1 1 0 0 | (2^168 + 2^112)G
- *    13 | 1 1 0 1 | (2^168 + 2^112 + 1)G
- *    14 | 1 1 1 0 | (2^168 + 2^112 + 2^56)G
- *    15 | 1 1 1 1 | (2^168 + 2^112 + 2^56 + 1)G
- * followed by a copy of this with each element multiplied by 2^28.
- *
- * The reason for this is so that we can clock bits into four different
- * locations when doing simple scalar multiplies against the base point,
- * and then another four locations using the second 16 elements.
- */
-static const felem gmul[2][16][3] = { {{{0, 0, 0, 0},
-                                        {0, 0, 0, 0},
-                                        {0, 0, 0, 0}},
-                                       {{0x3280d6115c1d21, 0xc1d356c2112234,
-                                         0x7f321390b94a03, 0xb70e0cbd6bb4bf},
-                                        {0xd5819985007e34, 0x75a05a07476444,
-                                         0xfb4c22dfe6cd43, 0xbd376388b5f723},
-                                        {1, 0, 0, 0}},
-                                       {{0xfd9675666ebbe9, 0xbca7664d40ce5e,
-                                         0x2242df8d8a2a43, 0x1f49bbb0f99bc5},
-                                        {0x29e0b892dc9c43, 0xece8608436e662,
-                                         0xdc858f185310d0, 0x9812dd4eb8d321},
-                                        {1, 0, 0, 0}},
-                                       {{0x6d3e678d5d8eb8, 0x559eed1cb362f1,
-                                         0x16e9a3bbce8a3f, 0xeedcccd8c2a748},
-                                        {0xf19f90ed50266d, 0xabf2b4bf65f9df,
-                                         0x313865468fafec, 0x5cb379ba910a17},
-                                        {1, 0, 0, 0}},
-                                       {{0x0641966cab26e3, 0x91fb2991fab0a0,
-                                         0xefec27a4e13a0b, 0x0499aa8a5f8ebe},
-                                        {0x7510407766af5d, 0x84d929610d5450,
-                                         0x81d77aae82f706, 0x6916f6d4338c5b},
-                                        {1, 0, 0, 0}},
-                                       {{0xea95ac3b1f15c6, 0x086000905e82d4,
-                                         0xdd323ae4d1c8b1, 0x932b56be7685a3},
-                                        {0x9ef93dea25dbbf, 0x41665960f390f0,
-                                         0xfdec76dbe2a8a7, 0x523e80f019062a},
-                                        {1, 0, 0, 0}},
-                                       {{0x822fdd26732c73, 0xa01c83531b5d0f,
-                                         0x363f37347c1ba4, 0xc391b45c84725c},
-                                        {0xbbd5e1b2d6ad24, 0xddfbcde19dfaec,
-                                         0xc393da7e222a7f, 0x1efb7890ede244},
-                                        {1, 0, 0, 0}},
-                                       {{0x4c9e90ca217da1, 0xd11beca79159bb,
-                                         0xff8d33c2c98b7c, 0x2610b39409f849},
-                                        {0x44d1352ac64da0, 0xcdbb7b2c46b4fb,
-                                         0x966c079b753c89, 0xfe67e4e820b112},
-                                        {1, 0, 0, 0}},
-                                       {{0xe28cae2df5312d, 0xc71b61d16f5c6e,
-                                         0x79b7619a3e7c4c, 0x05c73240899b47},
-                                        {0x9f7f6382c73e3a, 0x18615165c56bda,
-                                         0x641fab2116fd56, 0x72855882b08394},
-                                        {1, 0, 0, 0}},
-                                       {{0x0469182f161c09, 0x74a98ca8d00fb5,
-                                         0xb89da93489a3e0, 0x41c98768fb0c1d},
-                                        {0xe5ea05fb32da81, 0x3dce9ffbca6855,
-                                         0x1cfe2d3fbf59e6, 0x0e5e03408738a7},
-                                        {1, 0, 0, 0}},
-                                       {{0xdab22b2333e87f, 0x4430137a5dd2f6,
-                                         0xe03ab9f738beb8, 0xcb0c5d0dc34f24},
-                                        {0x764a7df0c8fda5, 0x185ba5c3fa2044,
-                                         0x9281d688bcbe50, 0xc40331df893881},
-                                        {1, 0, 0, 0}},
-                                       {{0xb89530796f0f60, 0xade92bd26909a3,
-                                         0x1a0c83fb4884da, 0x1765bf22a5a984},
-                                        {0x772a9ee75db09e, 0x23bc6c67cec16f,
-                                         0x4c1edba8b14e2f, 0xe2a215d9611369},
-                                        {1, 0, 0, 0}},
-                                       {{0x571e509fb5efb3, 0xade88696410552,
-                                         0xc8ae85fada74fe, 0x6c7e4be83bbde3},
-                                        {0xff9f51160f4652, 0xb47ce2495a6539,
-                                         0xa2946c53b582f4, 0x286d2db3ee9a60},
-                                        {1, 0, 0, 0}},
-                                       {{0x40bbd5081a44af, 0x0995183b13926c,
-                                         0xbcefba6f47f6d0, 0x215619e9cc0057},
-                                        {0x8bc94d3b0df45e, 0xf11c54a3694f6f,
-                                         0x8631b93cdfe8b5, 0xe7e3f4b0982db9},
-                                        {1, 0, 0, 0}},
-                                       {{0xb17048ab3e1c7b, 0xac38f36ff8a1d8,
-                                         0x1c29819435d2c6, 0xc813132f4c07e9},
-                                        {0x2891425503b11f, 0x08781030579fea,
-                                         0xf5426ba5cc9674, 0x1e28ebf18562bc},
-                                        {1, 0, 0, 0}},
-                                       {{0x9f31997cc864eb, 0x06cd91d28b5e4c,
-                                         0xff17036691a973, 0xf1aef351497c58},
-                                        {0xdd1f2d600564ff, 0xdead073b1402db,
-                                         0x74a684435bd693, 0xeea7471f962558},
-                                        {1, 0, 0, 0}}},
-{{{0, 0, 0, 0},
-  {0, 0, 0, 0},
-  {0, 0, 0, 0}},
- {{0x9665266dddf554, 0x9613d78b60ef2d, 0xce27a34cdba417, 0xd35ab74d6afc31},
-  {0x85ccdd22deb15e, 0x2137e5783a6aab, 0xa141cffd8c93c6, 0x355a1830e90f2d},
-  {1, 0, 0, 0}},
- {{0x1a494eadaade65, 0xd6da4da77fe53c, 0xe7992996abec86, 0x65c3553c6090e3},
-  {0xfa610b1fb09346, 0xf1c6540b8a4aaf, 0xc51a13ccd3cbab, 0x02995b1b18c28a},
-  {1, 0, 0, 0}},
- {{0x7874568e7295ef, 0x86b419fbe38d04, 0xdc0690a7550d9a, 0xd3966a44beac33},
-  {0x2b7280ec29132f, 0xbeaa3b6a032df3, 0xdc7dd88ae41200, 0xd25e2513e3a100},
-  {1, 0, 0, 0}},
- {{0x924857eb2efafd, 0xac2bce41223190, 0x8edaa1445553fc, 0x825800fd3562d5},
-  {0x8d79148ea96621, 0x23a01c3dd9ed8d, 0xaf8b219f9416b5, 0xd8db0cc277daea},
-  {1, 0, 0, 0}},
- {{0x76a9c3b1a700f0, 0xe9acd29bc7e691, 0x69212d1a6b0327, 0x6322e97fe154be},
-  {0x469fc5465d62aa, 0x8d41ed18883b05, 0x1f8eae66c52b88, 0xe4fcbe9325be51},
-  {1, 0, 0, 0}},
- {{0x825fdf583cac16, 0x020b857c7b023a, 0x683c17744b0165, 0x14ffd0a2daf2f1},
-  {0x323b36184218f9, 0x4944ec4e3b47d4, 0xc15b3080841acf, 0x0bced4b01a28bb},
-  {1, 0, 0, 0}},
- {{0x92ac22230df5c4, 0x52f33b4063eda8, 0xcb3f19870c0c93, 0x40064f2ba65233},
-  {0xfe16f0924f8992, 0x012da25af5b517, 0x1a57bb24f723a6, 0x06f8bc76760def},
-  {1, 0, 0, 0}},
- {{0x4a7084f7817cb9, 0xbcab0738ee9a78, 0x3ec11e11d9c326, 0xdc0fe90e0f1aae},
-  {0xcf639ea5f98390, 0x5c350aa22ffb74, 0x9afae98a4047b7, 0x956ec2d617fc45},
-  {1, 0, 0, 0}},
- {{0x4306d648c1be6a, 0x9247cd8bc9a462, 0xf5595e377d2f2e, 0xbd1c3caff1a52e},
-  {0x045e14472409d0, 0x29f3e17078f773, 0x745a602b2d4f7d, 0x191837685cdfbb},
-  {1, 0, 0, 0}},
- {{0x5b6ee254a8cb79, 0x4953433f5e7026, 0xe21faeb1d1def4, 0xc4c225785c09de},
-  {0x307ce7bba1e518, 0x31b125b1036db8, 0x47e91868839e8f, 0xc765866e33b9f3},
-  {1, 0, 0, 0}},
- {{0x3bfece24f96906, 0x4794da641e5093, 0xde5df64f95db26, 0x297ecd89714b05},
-  {0x701bd3ebb2c3aa, 0x7073b4f53cb1d5, 0x13c5665658af16, 0x9895089d66fe58},
-  {1, 0, 0, 0}},
- {{0x0fef05f78c4790, 0x2d773633b05d2e, 0x94229c3a951c94, 0xbbbd70df4911bb},
-  {0xb2c6963d2c1168, 0x105f47a72b0d73, 0x9fdf6111614080, 0x7b7e94b39e67b0},
-  {1, 0, 0, 0}},
- {{0xad1a7d6efbe2b3, 0xf012482c0da69d, 0x6b3bdf12438345, 0x40d7558d7aa4d9},
-  {0x8a09fffb5c6d3d, 0x9a356e5d9ffd38, 0x5973f15f4f9b1c, 0xdcd5f59f63c3ea},
-  {1, 0, 0, 0}},
- {{0xacf39f4c5ca7ab, 0x4c8071cc5fd737, 0xc64e3602cd1184, 0x0acd4644c9abba},
-  {0x6c011a36d8bf6e, 0xfecd87ba24e32a, 0x19f6f56574fad8, 0x050b204ced9405},
-  {1, 0, 0, 0}},
- {{0xed4f1cae7d9a96, 0x5ceef7ad94c40a, 0x778e4a3bf3ef9b, 0x7405783dc3b55e},
-  {0x32477c61b6e8c6, 0xb46a97570f018b, 0x91176d0a7e95d1, 0x3df90fbc4c7d0e},
-  {1, 0, 0, 0}}}
-};
-
-/* Precomputation for the group generator. */
-typedef struct {
-    felem g_pre_comp[2][16][3];
-    int references;
-} NISTP224_PRE_COMP;
-
-const EC_METHOD *EC_GFp_nistp224_method(void)
-{
-    static const EC_METHOD ret = {
-        EC_FLAGS_DEFAULT_OCT,
-        NID_X9_62_prime_field,
-        ec_GFp_nistp224_group_init,
-        ec_GFp_simple_group_finish,
-        ec_GFp_simple_group_clear_finish,
-        ec_GFp_nist_group_copy,
-        ec_GFp_nistp224_group_set_curve,
-        ec_GFp_simple_group_get_curve,
-        ec_GFp_simple_group_get_degree,
-        ec_GFp_simple_group_check_discriminant,
-        ec_GFp_simple_point_init,
-        ec_GFp_simple_point_finish,
-        ec_GFp_simple_point_clear_finish,
-        ec_GFp_simple_point_copy,
-        ec_GFp_simple_point_set_to_infinity,
-        ec_GFp_simple_set_Jprojective_coordinates_GFp,
-        ec_GFp_simple_get_Jprojective_coordinates_GFp,
-        ec_GFp_simple_point_set_affine_coordinates,
-        ec_GFp_nistp224_point_get_affine_coordinates,
-        0 /* point_set_compressed_coordinates */ ,
-        0 /* point2oct */ ,
-        0 /* oct2point */ ,
-        ec_GFp_simple_add,
-        ec_GFp_simple_dbl,
-        ec_GFp_simple_invert,
-        ec_GFp_simple_is_at_infinity,
-        ec_GFp_simple_is_on_curve,
-        ec_GFp_simple_cmp,
-        ec_GFp_simple_make_affine,
-        ec_GFp_simple_points_make_affine,
-        ec_GFp_nistp224_points_mul,
-        ec_GFp_nistp224_precompute_mult,
-        ec_GFp_nistp224_have_precompute_mult,
-        ec_GFp_nist_field_mul,
-        ec_GFp_nist_field_sqr,
-        0 /* field_div */ ,
-        0 /* field_encode */ ,
-        0 /* field_decode */ ,
-        0                       /* field_set_to_one */
-    };
-
-    return &ret;
-}
-
-/*
- * Helper functions to convert field elements to/from internal representation
- */
-static void bin28_to_felem(felem out, const u8 in[28])
-{
-    out[0] = *((const uint64_t *)(in)) & 0x00ffffffffffffff;
-    out[1] = (*((const uint64_t *)(in + 7))) & 0x00ffffffffffffff;
-    out[2] = (*((const uint64_t *)(in + 14))) & 0x00ffffffffffffff;
-    out[3] = (*((const uint64_t *)(in+20))) >> 8;
-}
-
-static void felem_to_bin28(u8 out[28], const felem in)
-{
-    unsigned i;
-    for (i = 0; i < 7; ++i) {
-        out[i] = in[0] >> (8 * i);
-        out[i + 7] = in[1] >> (8 * i);
-        out[i + 14] = in[2] >> (8 * i);
-        out[i + 21] = in[3] >> (8 * i);
-    }
-}
-
-/* To preserve endianness when using BN_bn2bin and BN_bin2bn */
-static void flip_endian(u8 *out, const u8 *in, unsigned len)
-{
-    unsigned i;
-    for (i = 0; i < len; ++i)
-        out[i] = in[len - 1 - i];
-}
-
-/* From OpenSSL BIGNUM to internal representation */
-static int BN_to_felem(felem out, const BIGNUM *bn)
-{
-    felem_bytearray b_in;
-    felem_bytearray b_out;
-    unsigned num_bytes;
-
-    /* BN_bn2bin eats leading zeroes */
-    memset(b_out, 0, sizeof b_out);
-    num_bytes = BN_num_bytes(bn);
-    if (num_bytes > sizeof b_out) {
-        ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
-        return 0;
-    }
-    if (BN_is_negative(bn)) {
-        ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
-        return 0;
-    }
-    num_bytes = BN_bn2bin(bn, b_in);
-    flip_endian(b_out, b_in, num_bytes);
-    bin28_to_felem(out, b_out);
-    return 1;
-}
-
-/* From internal representation to OpenSSL BIGNUM */
-static BIGNUM *felem_to_BN(BIGNUM *out, const felem in)
-{
-    felem_bytearray b_in, b_out;
-    felem_to_bin28(b_in, in);
-    flip_endian(b_out, b_in, sizeof b_out);
-    return BN_bin2bn(b_out, sizeof b_out, out);
-}
-
-/******************************************************************************/
-/*-
- *                              FIELD OPERATIONS
- *
- * Field operations, using the internal representation of field elements.
- * NB! These operations are specific to our point multiplication and cannot be
- * expected to be correct in general - e.g., multiplication with a large scalar
- * will cause an overflow.
- *
- */
-
-static void felem_one(felem out)
-{
-    out[0] = 1;
-    out[1] = 0;
-    out[2] = 0;
-    out[3] = 0;
-}
-
-static void felem_assign(felem out, const felem in)
-{
-    out[0] = in[0];
-    out[1] = in[1];
-    out[2] = in[2];
-    out[3] = in[3];
-}
-
-/* Sum two field elements: out += in */
-static void felem_sum(felem out, const felem in)
-{
-    out[0] += in[0];
-    out[1] += in[1];
-    out[2] += in[2];
-    out[3] += in[3];
-}
-
-/* Get negative value: out = -in */
-/* Assumes in[i] < 2^57 */
-static void felem_neg(felem out, const felem in)
-{
-    static const limb two58p2 = (((limb) 1) << 58) + (((limb) 1) << 2);
-    static const limb two58m2 = (((limb) 1) << 58) - (((limb) 1) << 2);
-    static const limb two58m42m2 = (((limb) 1) << 58) -
-        (((limb) 1) << 42) - (((limb) 1) << 2);
-
-    /* Set to 0 mod 2^224-2^96+1 to ensure out > in */
-    out[0] = two58p2 - in[0];
-    out[1] = two58m42m2 - in[1];
-    out[2] = two58m2 - in[2];
-    out[3] = two58m2 - in[3];
-}
-
-/* Subtract field elements: out -= in */
-/* Assumes in[i] < 2^57 */
-static void felem_diff(felem out, const felem in)
-{
-    static const limb two58p2 = (((limb) 1) << 58) + (((limb) 1) << 2);
-    static const limb two58m2 = (((limb) 1) << 58) - (((limb) 1) << 2);
-    static const limb two58m42m2 = (((limb) 1) << 58) -
-        (((limb) 1) << 42) - (((limb) 1) << 2);
-
-    /* Add 0 mod 2^224-2^96+1 to ensure out > in */
-    out[0] += two58p2;
-    out[1] += two58m42m2;
-    out[2] += two58m2;
-    out[3] += two58m2;
-
-    out[0] -= in[0];
-    out[1] -= in[1];
-    out[2] -= in[2];
-    out[3] -= in[3];
-}
-
-/* Subtract in unreduced 128-bit mode: out -= in */
-/* Assumes in[i] < 2^119 */
-static void widefelem_diff(widefelem out, const widefelem in)
-{
-    static const widelimb two120 = ((widelimb) 1) << 120;
-    static const widelimb two120m64 = (((widelimb) 1) << 120) -
-        (((widelimb) 1) << 64);
-    static const widelimb two120m104m64 = (((widelimb) 1) << 120) -
-        (((widelimb) 1) << 104) - (((widelimb) 1) << 64);
-
-    /* Add 0 mod 2^224-2^96+1 to ensure out > in */
-    out[0] += two120;
-    out[1] += two120m64;
-    out[2] += two120m64;
-    out[3] += two120;
-    out[4] += two120m104m64;
-    out[5] += two120m64;
-    out[6] += two120m64;
-
-    out[0] -= in[0];
-    out[1] -= in[1];
-    out[2] -= in[2];
-    out[3] -= in[3];
-    out[4] -= in[4];
-    out[5] -= in[5];
-    out[6] -= in[6];
-}
-
-/* Subtract in mixed mode: out128 -= in64 */
-/* in[i] < 2^63 */
-static void felem_diff_128_64(widefelem out, const felem in)
-{
-    static const widelimb two64p8 = (((widelimb) 1) << 64) +
-        (((widelimb) 1) << 8);
-    static const widelimb two64m8 = (((widelimb) 1) << 64) -
-        (((widelimb) 1) << 8);
-    static const widelimb two64m48m8 = (((widelimb) 1) << 64) -
-        (((widelimb) 1) << 48) - (((widelimb) 1) << 8);
-
-    /* Add 0 mod 2^224-2^96+1 to ensure out > in */
-    out[0] += two64p8;
-    out[1] += two64m48m8;
-    out[2] += two64m8;
-    out[3] += two64m8;
-
-    out[0] -= in[0];
-    out[1] -= in[1];
-    out[2] -= in[2];
-    out[3] -= in[3];
-}
-
-/*
- * Multiply a field element by a scalar: out = out * scalar The scalars we
- * actually use are small, so results fit without overflow
- */
-static void felem_scalar(felem out, const limb scalar)
-{
-    out[0] *= scalar;
-    out[1] *= scalar;
-    out[2] *= scalar;
-    out[3] *= scalar;
-}
-
-/*
- * Multiply an unreduced field element by a scalar: out = out * scalar The
- * scalars we actually use are small, so results fit without overflow
- */
-static void widefelem_scalar(widefelem out, const widelimb scalar)
-{
-    out[0] *= scalar;
-    out[1] *= scalar;
-    out[2] *= scalar;
-    out[3] *= scalar;
-    out[4] *= scalar;
-    out[5] *= scalar;
-    out[6] *= scalar;
-}
-
-/* Square a field element: out = in^2 */
-static void felem_square(widefelem out, const felem in)
-{
-    limb tmp0, tmp1, tmp2;
-    tmp0 = 2 * in[0];
-    tmp1 = 2 * in[1];
-    tmp2 = 2 * in[2];
-    out[0] = ((widelimb) in[0]) * in[0];
-    out[1] = ((widelimb) in[0]) * tmp1;
-    out[2] = ((widelimb) in[0]) * tmp2 + ((widelimb) in[1]) * in[1];
-    out[3] = ((widelimb) in[3]) * tmp0 + ((widelimb) in[1]) * tmp2;
-    out[4] = ((widelimb) in[3]) * tmp1 + ((widelimb) in[2]) * in[2];
-    out[5] = ((widelimb) in[3]) * tmp2;
-    out[6] = ((widelimb) in[3]) * in[3];
-}
-
-/* Multiply two field elements: out = in1 * in2 */
-static void felem_mul(widefelem out, const felem in1, const felem in2)
-{
-    out[0] = ((widelimb) in1[0]) * in2[0];
-    out[1] = ((widelimb) in1[0]) * in2[1] + ((widelimb) in1[1]) * in2[0];
-    out[2] = ((widelimb) in1[0]) * in2[2] + ((widelimb) in1[1]) * in2[1] +
-        ((widelimb) in1[2]) * in2[0];
-    out[3] = ((widelimb) in1[0]) * in2[3] + ((widelimb) in1[1]) * in2[2] +
-        ((widelimb) in1[2]) * in2[1] + ((widelimb) in1[3]) * in2[0];
-    out[4] = ((widelimb) in1[1]) * in2[3] + ((widelimb) in1[2]) * in2[2] +
-        ((widelimb) in1[3]) * in2[1];
-    out[5] = ((widelimb) in1[2]) * in2[3] + ((widelimb) in1[3]) * in2[2];
-    out[6] = ((widelimb) in1[3]) * in2[3];
-}
-
-/*-
- * Reduce seven 128-bit coefficients to four 64-bit coefficients.
- * Requires in[i] < 2^126,
- * ensures out[0] < 2^56, out[1] < 2^56, out[2] < 2^56, out[3] <= 2^56 + 2^16 */
-static void felem_reduce(felem out, const widefelem in)
-{
-    static const widelimb two127p15 = (((widelimb) 1) << 127) +
-        (((widelimb) 1) << 15);
-    static const widelimb two127m71 = (((widelimb) 1) << 127) -
-        (((widelimb) 1) << 71);
-    static const widelimb two127m71m55 = (((widelimb) 1) << 127) -
-        (((widelimb) 1) << 71) - (((widelimb) 1) << 55);
-    widelimb output[5];
-
-    /* Add 0 mod 2^224-2^96+1 to ensure all differences are positive */
-    output[0] = in[0] + two127p15;
-    output[1] = in[1] + two127m71m55;
-    output[2] = in[2] + two127m71;
-    output[3] = in[3];
-    output[4] = in[4];
-
-    /* Eliminate in[4], in[5], in[6] */
-    output[4] += in[6] >> 16;
-    output[3] += (in[6] & 0xffff) << 40;
-    output[2] -= in[6];
-
-    output[3] += in[5] >> 16;
-    output[2] += (in[5] & 0xffff) << 40;
-    output[1] -= in[5];
-
-    output[2] += output[4] >> 16;
-    output[1] += (output[4] & 0xffff) << 40;
-    output[0] -= output[4];
-
-    /* Carry 2 -> 3 -> 4 */
-    output[3] += output[2] >> 56;
-    output[2] &= 0x00ffffffffffffff;
-
-    output[4] = output[3] >> 56;
-    output[3] &= 0x00ffffffffffffff;
-
-    /* Now output[2] < 2^56, output[3] < 2^56, output[4] < 2^72 */
-
-    /* Eliminate output[4] */
-    output[2] += output[4] >> 16;
-    /* output[2] < 2^56 + 2^56 = 2^57 */
-    output[1] += (output[4] & 0xffff) << 40;
-    output[0] -= output[4];
-
-    /* Carry 0 -> 1 -> 2 -> 3 */
-    output[1] += output[0] >> 56;
-    out[0] = output[0] & 0x00ffffffffffffff;
-
-    output[2] += output[1] >> 56;
-    /* output[2] < 2^57 + 2^72 */
-    out[1] = output[1] & 0x00ffffffffffffff;
-    output[3] += output[2] >> 56;
-    /* output[3] <= 2^56 + 2^16 */
-    out[2] = output[2] & 0x00ffffffffffffff;
-
-    /*-
-     * out[0] < 2^56, out[1] < 2^56, out[2] < 2^56,
-     * out[3] <= 2^56 + 2^16 (due to final carry),
-     * so out < 2*p
-     */
-    out[3] = output[3];
-}
-
-static void felem_square_reduce(felem out, const felem in)
-{
-    widefelem tmp;
-    felem_square(tmp, in);
-    felem_reduce(out, tmp);
-}
-
-static void felem_mul_reduce(felem out, const felem in1, const felem in2)
-{
-    widefelem tmp;
-    felem_mul(tmp, in1, in2);
-    felem_reduce(out, tmp);
-}
-
-/*
- * Reduce to unique minimal representation. Requires 0 <= in < 2*p (always
- * call felem_reduce first)
- */
-static void felem_contract(felem out, const felem in)
-{
-    static const int64_t two56 = ((limb) 1) << 56;
-    /* 0 <= in < 2*p, p = 2^224 - 2^96 + 1 */
-    /* if in > p , reduce in = in - 2^224 + 2^96 - 1 */
-    int64_t tmp[4], a;
-    tmp[0] = in[0];
-    tmp[1] = in[1];
-    tmp[2] = in[2];
-    tmp[3] = in[3];
-    /* Case 1: a = 1 iff in >= 2^224 */
-    a = (in[3] >> 56);
-    tmp[0] -= a;
-    tmp[1] += a << 40;
-    tmp[3] &= 0x00ffffffffffffff;
-    /*
-     * Case 2: a = 0 iff p <= in < 2^224, i.e., the high 128 bits are all 1
-     * and the lower part is non-zero
-     */
-    a = ((in[3] & in[2] & (in[1] | 0x000000ffffffffff)) + 1) |
-        (((int64_t) (in[0] + (in[1] & 0x000000ffffffffff)) - 1) >> 63);
-    a &= 0x00ffffffffffffff;
-    /* turn a into an all-one mask (if a = 0) or an all-zero mask */
-    a = (a - 1) >> 63;
-    /* subtract 2^224 - 2^96 + 1 if a is all-one */
-    tmp[3] &= a ^ 0xffffffffffffffff;
-    tmp[2] &= a ^ 0xffffffffffffffff;
-    tmp[1] &= (a ^ 0xffffffffffffffff) | 0x000000ffffffffff;
-    tmp[0] -= 1 & a;
-
-    /*
-     * eliminate negative coefficients: if tmp[0] is negative, tmp[1] must be
-     * non-zero, so we only need one step
-     */
-    a = tmp[0] >> 63;
-    tmp[0] += two56 & a;
-    tmp[1] -= 1 & a;
-
-    /* carry 1 -> 2 -> 3 */
-    tmp[2] += tmp[1] >> 56;
-    tmp[1] &= 0x00ffffffffffffff;
-
-    tmp[3] += tmp[2] >> 56;
-    tmp[2] &= 0x00ffffffffffffff;
-
-    /* Now 0 <= out < p */
-    out[0] = tmp[0];
-    out[1] = tmp[1];
-    out[2] = tmp[2];
-    out[3] = tmp[3];
-}
-
-/*
- * Zero-check: returns 1 if input is 0, and 0 otherwise. We know that field
- * elements are reduced to in < 2^225, so we only need to check three cases:
- * 0, 2^224 - 2^96 + 1, and 2^225 - 2^97 + 2
- */
-static limb felem_is_zero(const felem in)
-{
-    limb zero, two224m96p1, two225m97p2;
-
-    zero = in[0] | in[1] | in[2] | in[3];
-    zero = (((int64_t) (zero) - 1) >> 63) & 1;
-    two224m96p1 = (in[0] ^ 1) | (in[1] ^ 0x00ffff0000000000)
-        | (in[2] ^ 0x00ffffffffffffff) | (in[3] ^ 0x00ffffffffffffff);
-    two224m96p1 = (((int64_t) (two224m96p1) - 1) >> 63) & 1;
-    two225m97p2 = (in[0] ^ 2) | (in[1] ^ 0x00fffe0000000000)
-        | (in[2] ^ 0x00ffffffffffffff) | (in[3] ^ 0x01ffffffffffffff);
-    two225m97p2 = (((int64_t) (two225m97p2) - 1) >> 63) & 1;
-    return (zero | two224m96p1 | two225m97p2);
-}
-
-static limb felem_is_zero_int(const felem in)
-{
-    return (int)(felem_is_zero(in) & ((limb) 1));
-}
-
-/* Invert a field element */
-/* Computation chain copied from djb's code */
-static void felem_inv(felem out, const felem in)
-{
-    felem ftmp, ftmp2, ftmp3, ftmp4;
-    widefelem tmp;
-    unsigned i;
-
-    felem_square(tmp, in);
-    felem_reduce(ftmp, tmp);    /* 2 */
-    felem_mul(tmp, in, ftmp);
-    felem_reduce(ftmp, tmp);    /* 2^2 - 1 */
-    felem_square(tmp, ftmp);
-    felem_reduce(ftmp, tmp);    /* 2^3 - 2 */
-    felem_mul(tmp, in, ftmp);
-    felem_reduce(ftmp, tmp);    /* 2^3 - 1 */
-    felem_square(tmp, ftmp);
-    felem_reduce(ftmp2, tmp);   /* 2^4 - 2 */
-    felem_square(tmp, ftmp2);
-    felem_reduce(ftmp2, tmp);   /* 2^5 - 4 */
-    felem_square(tmp, ftmp2);
-    felem_reduce(ftmp2, tmp);   /* 2^6 - 8 */
-    felem_mul(tmp, ftmp2, ftmp);
-    felem_reduce(ftmp, tmp);    /* 2^6 - 1 */
-    felem_square(tmp, ftmp);
-    felem_reduce(ftmp2, tmp);   /* 2^7 - 2 */
-    for (i = 0; i < 5; ++i) {   /* 2^12 - 2^6 */
-        felem_square(tmp, ftmp2);
-        felem_reduce(ftmp2, tmp);
-    }
-    felem_mul(tmp, ftmp2, ftmp);
-    felem_reduce(ftmp2, tmp);   /* 2^12 - 1 */
-    felem_square(tmp, ftmp2);
-    felem_reduce(ftmp3, tmp);   /* 2^13 - 2 */
-    for (i = 0; i < 11; ++i) {  /* 2^24 - 2^12 */
-        felem_square(tmp, ftmp3);
-        felem_reduce(ftmp3, tmp);
-    }
-    felem_mul(tmp, ftmp3, ftmp2);
-    felem_reduce(ftmp2, tmp);   /* 2^24 - 1 */
-    felem_square(tmp, ftmp2);
-    felem_reduce(ftmp3, tmp);   /* 2^25 - 2 */
-    for (i = 0; i < 23; ++i) {  /* 2^48 - 2^24 */
-        felem_square(tmp, ftmp3);
-        felem_reduce(ftmp3, tmp);
-    }
-    felem_mul(tmp, ftmp3, ftmp2);
-    felem_reduce(ftmp3, tmp);   /* 2^48 - 1 */
-    felem_square(tmp, ftmp3);
-    felem_reduce(ftmp4, tmp);   /* 2^49 - 2 */
-    for (i = 0; i < 47; ++i) {  /* 2^96 - 2^48 */
-        felem_square(tmp, ftmp4);
-        felem_reduce(ftmp4, tmp);
-    }
-    felem_mul(tmp, ftmp3, ftmp4);
-    felem_reduce(ftmp3, tmp);   /* 2^96 - 1 */
-    felem_square(tmp, ftmp3);
-    felem_reduce(ftmp4, tmp);   /* 2^97 - 2 */
-    for (i = 0; i < 23; ++i) {  /* 2^120 - 2^24 */
-        felem_square(tmp, ftmp4);
-        felem_reduce(ftmp4, tmp);
-    }
-    felem_mul(tmp, ftmp2, ftmp4);
-    felem_reduce(ftmp2, tmp);   /* 2^120 - 1 */
-    for (i = 0; i < 6; ++i) {   /* 2^126 - 2^6 */
-        felem_square(tmp, ftmp2);
-        felem_reduce(ftmp2, tmp);
-    }
-    felem_mul(tmp, ftmp2, ftmp);
-    felem_reduce(ftmp, tmp);    /* 2^126 - 1 */
-    felem_square(tmp, ftmp);
-    felem_reduce(ftmp, tmp);    /* 2^127 - 2 */
-    felem_mul(tmp, ftmp, in);
-    felem_reduce(ftmp, tmp);    /* 2^127 - 1 */
-    for (i = 0; i < 97; ++i) {  /* 2^224 - 2^97 */
-        felem_square(tmp, ftmp);
-        felem_reduce(ftmp, tmp);
-    }
-    felem_mul(tmp, ftmp, ftmp3);
-    felem_reduce(out, tmp);     /* 2^224 - 2^96 - 1 */
-}
-
-/*
- * Copy in constant time: if icopy == 1, copy in to out, if icopy == 0, copy
- * out to itself.
- */
-static void copy_conditional(felem out, const felem in, limb icopy)
-{
-    unsigned i;
-    /*
-     * icopy is a (64-bit) 0 or 1, so copy is either all-zero or all-one
-     */
-    const limb copy = -icopy;
-    for (i = 0; i < 4; ++i) {
-        const limb tmp = copy & (in[i] ^ out[i]);
-        out[i] ^= tmp;
-    }
-}
-
-/******************************************************************************/
-/*-
- *                       ELLIPTIC CURVE POINT OPERATIONS
- *
- * Points are represented in Jacobian projective coordinates:
- * (X, Y, Z) corresponds to the affine point (X/Z^2, Y/Z^3),
- * or to the point at infinity if Z == 0.
- *
- */
-
-/*-
- * Double an elliptic curve point:
- * (X', Y', Z') = 2 * (X, Y, Z), where
- * X' = (3 * (X - Z^2) * (X + Z^2))^2 - 8 * X * Y^2
- * Y' = 3 * (X - Z^2) * (X + Z^2) * (4 * X * Y^2 - X') - 8 * Y^2
- * Z' = (Y + Z)^2 - Y^2 - Z^2 = 2 * Y * Z
- * Outputs can equal corresponding inputs, i.e., x_out == x_in is allowed,
- * while x_out == y_in is not (maybe this works, but it's not tested).
- */
-static void
-point_double(felem x_out, felem y_out, felem z_out,
-             const felem x_in, const felem y_in, const felem z_in)
-{
-    widefelem tmp, tmp2;
-    felem delta, gamma, beta, alpha, ftmp, ftmp2;
-
-    felem_assign(ftmp, x_in);
-    felem_assign(ftmp2, x_in);
-
-    /* delta = z^2 */
-    felem_square(tmp, z_in);
-    felem_reduce(delta, tmp);
-
-    /* gamma = y^2 */
-    felem_square(tmp, y_in);
-    felem_reduce(gamma, tmp);
-
-    /* beta = x*gamma */
-    felem_mul(tmp, x_in, gamma);
-    felem_reduce(beta, tmp);
-
-    /* alpha = 3*(x-delta)*(x+delta) */
-    felem_diff(ftmp, delta);
-    /* ftmp[i] < 2^57 + 2^58 + 2 < 2^59 */
-    felem_sum(ftmp2, delta);
-    /* ftmp2[i] < 2^57 + 2^57 = 2^58 */
-    felem_scalar(ftmp2, 3);
-    /* ftmp2[i] < 3 * 2^58 < 2^60 */
-    felem_mul(tmp, ftmp, ftmp2);
-    /* tmp[i] < 2^60 * 2^59 * 4 = 2^121 */
-    felem_reduce(alpha, tmp);
-
-    /* x' = alpha^2 - 8*beta */
-    felem_square(tmp, alpha);
-    /* tmp[i] < 4 * 2^57 * 2^57 = 2^116 */
-    felem_assign(ftmp, beta);
-    felem_scalar(ftmp, 8);
-    /* ftmp[i] < 8 * 2^57 = 2^60 */
-    felem_diff_128_64(tmp, ftmp);
-    /* tmp[i] < 2^116 + 2^64 + 8 < 2^117 */
-    felem_reduce(x_out, tmp);
-
-    /* z' = (y + z)^2 - gamma - delta */
-    felem_sum(delta, gamma);
-    /* delta[i] < 2^57 + 2^57 = 2^58 */
-    felem_assign(ftmp, y_in);
-    felem_sum(ftmp, z_in);
-    /* ftmp[i] < 2^57 + 2^57 = 2^58 */
-    felem_square(tmp, ftmp);
-    /* tmp[i] < 4 * 2^58 * 2^58 = 2^118 */
-    felem_diff_128_64(tmp, delta);
-    /* tmp[i] < 2^118 + 2^64 + 8 < 2^119 */
-    felem_reduce(z_out, tmp);
-
-    /* y' = alpha*(4*beta - x') - 8*gamma^2 */
-    felem_scalar(beta, 4);
-    /* beta[i] < 4 * 2^57 = 2^59 */
-    felem_diff(beta, x_out);
-    /* beta[i] < 2^59 + 2^58 + 2 < 2^60 */
-    felem_mul(tmp, alpha, beta);
-    /* tmp[i] < 4 * 2^57 * 2^60 = 2^119 */
-    felem_square(tmp2, gamma);
-    /* tmp2[i] < 4 * 2^57 * 2^57 = 2^116 */
-    widefelem_scalar(tmp2, 8);
-    /* tmp2[i] < 8 * 2^116 = 2^119 */
-    widefelem_diff(tmp, tmp2);
-    /* tmp[i] < 2^119 + 2^120 < 2^121 */
-    felem_reduce(y_out, tmp);
-}
-
-/*-
- * Add two elliptic curve points:
- * (X_1, Y_1, Z_1) + (X_2, Y_2, Z_2) = (X_3, Y_3, Z_3), where
- * X_3 = (Z_1^3 * Y_2 - Z_2^3 * Y_1)^2 - (Z_1^2 * X_2 - Z_2^2 * X_1)^3 -
- * 2 * Z_2^2 * X_1 * (Z_1^2 * X_2 - Z_2^2 * X_1)^2
- * Y_3 = (Z_1^3 * Y_2 - Z_2^3 * Y_1) * (Z_2^2 * X_1 * (Z_1^2 * X_2 - Z_2^2 * X_1)^2 - X_3) -
- *        Z_2^3 * Y_1 * (Z_1^2 * X_2 - Z_2^2 * X_1)^3
- * Z_3 = (Z_1^2 * X_2 - Z_2^2 * X_1) * (Z_1 * Z_2)
- *
- * This runs faster if 'mixed' is set, which requires Z_2 = 1 or Z_2 = 0.
- */
-
-/*
- * This function is not entirely constant-time: it includes a branch for
- * checking whether the two input points are equal, (while not equal to the
- * point at infinity). This case never happens during single point
- * multiplication, so there is no timing leak for ECDH or ECDSA signing.
- */
-static void point_add(felem x3, felem y3, felem z3,
-                      const felem x1, const felem y1, const felem z1,
-                      const int mixed, const felem x2, const felem y2,
-                      const felem z2)
-{
-    felem ftmp, ftmp2, ftmp3, ftmp4, ftmp5, x_out, y_out, z_out;
-    widefelem tmp, tmp2;
-    limb z1_is_zero, z2_is_zero, x_equal, y_equal;
-
-    if (!mixed) {
-        /* ftmp2 = z2^2 */
-        felem_square(tmp, z2);
-        felem_reduce(ftmp2, tmp);
-
-        /* ftmp4 = z2^3 */
-        felem_mul(tmp, ftmp2, z2);
-        felem_reduce(ftmp4, tmp);
-
-        /* ftmp4 = z2^3*y1 */
-        felem_mul(tmp2, ftmp4, y1);
-        felem_reduce(ftmp4, tmp2);
-
-        /* ftmp2 = z2^2*x1 */
-        felem_mul(tmp2, ftmp2, x1);
-        felem_reduce(ftmp2, tmp2);
-    } else {
-        /*
-         * We'll assume z2 = 1 (special case z2 = 0 is handled later)
-         */
-
-        /* ftmp4 = z2^3*y1 */
-        felem_assign(ftmp4, y1);
-
-        /* ftmp2 = z2^2*x1 */
-        felem_assign(ftmp2, x1);
-    }
-
-    /* ftmp = z1^2 */
-    felem_square(tmp, z1);
-    felem_reduce(ftmp, tmp);
-
-    /* ftmp3 = z1^3 */
-    felem_mul(tmp, ftmp, z1);
-    felem_reduce(ftmp3, tmp);
-
-    /* tmp = z1^3*y2 */
-    felem_mul(tmp, ftmp3, y2);
-    /* tmp[i] < 4 * 2^57 * 2^57 = 2^116 */
-
-    /* ftmp3 = z1^3*y2 - z2^3*y1 */
-    felem_diff_128_64(tmp, ftmp4);
-    /* tmp[i] < 2^116 + 2^64 + 8 < 2^117 */
-    felem_reduce(ftmp3, tmp);
-
-    /* tmp = z1^2*x2 */
-    felem_mul(tmp, ftmp, x2);
-    /* tmp[i] < 4 * 2^57 * 2^57 = 2^116 */
-
-    /* ftmp = z1^2*x2 - z2^2*x1 */
-    felem_diff_128_64(tmp, ftmp2);
-    /* tmp[i] < 2^116 + 2^64 + 8 < 2^117 */
-    felem_reduce(ftmp, tmp);
-
-    /*
-     * the formulae are incorrect if the points are equal so we check for
-     * this and do doubling if this happens
-     */
-    x_equal = felem_is_zero(ftmp);
-    y_equal = felem_is_zero(ftmp3);
-    z1_is_zero = felem_is_zero(z1);
-    z2_is_zero = felem_is_zero(z2);
-    /* In affine coordinates, (X_1, Y_1) == (X_2, Y_2) */
-    if (x_equal && y_equal && !z1_is_zero && !z2_is_zero) {
-        point_double(x3, y3, z3, x1, y1, z1);
-        return;
-    }
-
-    /* ftmp5 = z1*z2 */
-    if (!mixed) {
-        felem_mul(tmp, z1, z2);
-        felem_reduce(ftmp5, tmp);
-    } else {
-        /* special case z2 = 0 is handled later */
-        felem_assign(ftmp5, z1);
-    }
-
-    /* z_out = (z1^2*x2 - z2^2*x1)*(z1*z2) */
-    felem_mul(tmp, ftmp, ftmp5);
-    felem_reduce(z_out, tmp);
-
-    /* ftmp = (z1^2*x2 - z2^2*x1)^2 */
-    felem_assign(ftmp5, ftmp);
-    felem_square(tmp, ftmp);
-    felem_reduce(ftmp, tmp);
-
-    /* ftmp5 = (z1^2*x2 - z2^2*x1)^3 */
-    felem_mul(tmp, ftmp, ftmp5);
-    felem_reduce(ftmp5, tmp);
-
-    /* ftmp2 = z2^2*x1*(z1^2*x2 - z2^2*x1)^2 */
-    felem_mul(tmp, ftmp2, ftmp);
-    felem_reduce(ftmp2, tmp);
-
-    /* tmp = z2^3*y1*(z1^2*x2 - z2^2*x1)^3 */
-    felem_mul(tmp, ftmp4, ftmp5);
-    /* tmp[i] < 4 * 2^57 * 2^57 = 2^116 */
-
-    /* tmp2 = (z1^3*y2 - z2^3*y1)^2 */
-    felem_square(tmp2, ftmp3);
-    /* tmp2[i] < 4 * 2^57 * 2^57 < 2^116 */
-
-    /* tmp2 = (z1^3*y2 - z2^3*y1)^2 - (z1^2*x2 - z2^2*x1)^3 */
-    felem_diff_128_64(tmp2, ftmp5);
-    /* tmp2[i] < 2^116 + 2^64 + 8 < 2^117 */
-
-    /* ftmp5 = 2*z2^2*x1*(z1^2*x2 - z2^2*x1)^2 */
-    felem_assign(ftmp5, ftmp2);
-    felem_scalar(ftmp5, 2);
-    /* ftmp5[i] < 2 * 2^57 = 2^58 */
-
-    /*-
-     * x_out = (z1^3*y2 - z2^3*y1)^2 - (z1^2*x2 - z2^2*x1)^3 -
-     *  2*z2^2*x1*(z1^2*x2 - z2^2*x1)^2
-     */
-    felem_diff_128_64(tmp2, ftmp5);
-    /* tmp2[i] < 2^117 + 2^64 + 8 < 2^118 */
-    felem_reduce(x_out, tmp2);
-
-    /* ftmp2 = z2^2*x1*(z1^2*x2 - z2^2*x1)^2 - x_out */
-    felem_diff(ftmp2, x_out);
-    /* ftmp2[i] < 2^57 + 2^58 + 2 < 2^59 */
-
-    /*
-     * tmp2 = (z1^3*y2 - z2^3*y1)*(z2^2*x1*(z1^2*x2 - z2^2*x1)^2 - x_out)
-     */
-    felem_mul(tmp2, ftmp3, ftmp2);
-    /* tmp2[i] < 4 * 2^57 * 2^59 = 2^118 */
-
-    /*-
-     * y_out = (z1^3*y2 - z2^3*y1)*(z2^2*x1*(z1^2*x2 - z2^2*x1)^2 - x_out) -
-     *  z2^3*y1*(z1^2*x2 - z2^2*x1)^3
-     */
-    widefelem_diff(tmp2, tmp);
-    /* tmp2[i] < 2^118 + 2^120 < 2^121 */
-    felem_reduce(y_out, tmp2);
-
-    /*
-     * the result (x_out, y_out, z_out) is incorrect if one of the inputs is
-     * the point at infinity, so we need to check for this separately
-     */
-
-    /*
-     * if point 1 is at infinity, copy point 2 to output, and vice versa
-     */
-    copy_conditional(x_out, x2, z1_is_zero);
-    copy_conditional(x_out, x1, z2_is_zero);
-    copy_conditional(y_out, y2, z1_is_zero);
-    copy_conditional(y_out, y1, z2_is_zero);
-    copy_conditional(z_out, z2, z1_is_zero);
-    copy_conditional(z_out, z1, z2_is_zero);
-    felem_assign(x3, x_out);
-    felem_assign(y3, y_out);
-    felem_assign(z3, z_out);
-}
-
-/*
- * select_point selects the |idx|th point from a precomputation table and
- * copies it to out.
- * The pre_comp array argument should be size of |size| argument
- */
-static void select_point(const u64 idx, unsigned int size,
-                         const felem pre_comp[][3], felem out[3])
-{
-    unsigned i, j;
-    limb *outlimbs = &out[0][0];
-    memset(outlimbs, 0, 3 * sizeof(felem));
-
-    for (i = 0; i < size; i++) {
-        const limb *inlimbs = &pre_comp[i][0][0];
-        u64 mask = i ^ idx;
-        mask |= mask >> 4;
-        mask |= mask >> 2;
-        mask |= mask >> 1;
-        mask &= 1;
-        mask--;
-        for (j = 0; j < 4 * 3; j++)
-            outlimbs[j] |= inlimbs[j] & mask;
-    }
-}
-
-/* get_bit returns the |i|th bit in |in| */
-static char get_bit(const felem_bytearray in, unsigned i)
-{
-    if (i >= 224)
-        return 0;
-    return (in[i >> 3] >> (i & 7)) & 1;
-}
-
-/*
- * Interleaved point multiplication using precomputed point multiples: The
- * small point multiples 0*P, 1*P, ..., 16*P are in pre_comp[], the scalars
- * in scalars[]. If g_scalar is non-NULL, we also add this multiple of the
- * generator, using certain (large) precomputed multiples in g_pre_comp.
- * Output point (X, Y, Z) is stored in x_out, y_out, z_out
- */
-static void batch_mul(felem x_out, felem y_out, felem z_out,
-                      const felem_bytearray scalars[],
-                      const unsigned num_points, const u8 *g_scalar,
-                      const int mixed, const felem pre_comp[][17][3],
-                      const felem g_pre_comp[2][16][3])
-{
-    int i, skip;
-    unsigned num;
-    unsigned gen_mul = (g_scalar != NULL);
-    felem nq[3], tmp[4];
-    u64 bits;
-    u8 sign, digit;
-
-    /* set nq to the point at infinity */
-    memset(nq, 0, 3 * sizeof(felem));
-
-    /*
-     * Loop over all scalars msb-to-lsb, interleaving additions of multiples
-     * of the generator (two in each of the last 28 rounds) and additions of
-     * other points multiples (every 5th round).
-     */
-    skip = 1;                   /* save two point operations in the first
-                                 * round */
-    for (i = (num_points ? 220 : 27); i >= 0; --i) {
-        /* double */
-        if (!skip)
-            point_double(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2]);
-
-        /* add multiples of the generator */
-        if (gen_mul && (i <= 27)) {
-            /* first, look 28 bits upwards */
-            bits = get_bit(g_scalar, i + 196) << 3;
-            bits |= get_bit(g_scalar, i + 140) << 2;
-            bits |= get_bit(g_scalar, i + 84) << 1;
-            bits |= get_bit(g_scalar, i + 28);
-            /* select the point to add, in constant time */
-            select_point(bits, 16, g_pre_comp[1], tmp);
-
-            if (!skip) {
-                /* value 1 below is argument for "mixed" */
-                point_add(nq[0], nq[1], nq[2],
-                          nq[0], nq[1], nq[2], 1, tmp[0], tmp[1], tmp[2]);
-            } else {
-                memcpy(nq, tmp, 3 * sizeof(felem));
-                skip = 0;
-            }
-
-            /* second, look at the current position */
-            bits = get_bit(g_scalar, i + 168) << 3;
-            bits |= get_bit(g_scalar, i + 112) << 2;
-            bits |= get_bit(g_scalar, i + 56) << 1;
-            bits |= get_bit(g_scalar, i);
-            /* select the point to add, in constant time */
-            select_point(bits, 16, g_pre_comp[0], tmp);
-            point_add(nq[0], nq[1], nq[2],
-                      nq[0], nq[1], nq[2],
-                      1 /* mixed */ , tmp[0], tmp[1], tmp[2]);
-        }
-
-        /* do other additions every 5 doublings */
-        if (num_points && (i % 5 == 0)) {
-            /* loop over all scalars */
-            for (num = 0; num < num_points; ++num) {
-                bits = get_bit(scalars[num], i + 4) << 5;
-                bits |= get_bit(scalars[num], i + 3) << 4;
-                bits |= get_bit(scalars[num], i + 2) << 3;
-                bits |= get_bit(scalars[num], i + 1) << 2;
-                bits |= get_bit(scalars[num], i) << 1;
-                bits |= get_bit(scalars[num], i - 1);
-                ec_GFp_nistp_recode_scalar_bits(&sign, &digit, bits);
-
-                /* select the point to add or subtract */
-                select_point(digit, 17, pre_comp[num], tmp);
-                felem_neg(tmp[3], tmp[1]); /* (X, -Y, Z) is the negative
-                                            * point */
-                copy_conditional(tmp[1], tmp[3], sign);
-
-                if (!skip) {
-                    point_add(nq[0], nq[1], nq[2],
-                              nq[0], nq[1], nq[2],
-                              mixed, tmp[0], tmp[1], tmp[2]);
-                } else {
-                    memcpy(nq, tmp, 3 * sizeof(felem));
-                    skip = 0;
-                }
-            }
-        }
-    }
-    felem_assign(x_out, nq[0]);
-    felem_assign(y_out, nq[1]);
-    felem_assign(z_out, nq[2]);
-}
-
-/******************************************************************************/
-/*
- * FUNCTIONS TO MANAGE PRECOMPUTATION
- */
-
-static NISTP224_PRE_COMP *nistp224_pre_comp_new()
-{
-    NISTP224_PRE_COMP *ret = NULL;
-    ret = (NISTP224_PRE_COMP *) OPENSSL_malloc(sizeof *ret);
-    if (!ret) {
-        ECerr(EC_F_NISTP224_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
-        return ret;
-    }
-    memset(ret->g_pre_comp, 0, sizeof(ret->g_pre_comp));
-    ret->references = 1;
-    return ret;
-}
-
-static void *nistp224_pre_comp_dup(void *src_)
-{
-    NISTP224_PRE_COMP *src = src_;
-
-    /* no need to actually copy, these objects never change! */
-    CRYPTO_add(&src->references, 1, CRYPTO_LOCK_EC_PRE_COMP);
-
-    return src_;
-}
-
-static void nistp224_pre_comp_free(void *pre_)
-{
-    int i;
-    NISTP224_PRE_COMP *pre = pre_;
-
-    if (!pre)
-        return;
-
-    i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
-    if (i > 0)
-        return;
-
-    OPENSSL_free(pre);
-}
-
-static void nistp224_pre_comp_clear_free(void *pre_)
-{
-    int i;
-    NISTP224_PRE_COMP *pre = pre_;
-
-    if (!pre)
-        return;
-
-    i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
-    if (i > 0)
-        return;
-
-    OPENSSL_cleanse(pre, sizeof *pre);
-    OPENSSL_free(pre);
-}
-
-/******************************************************************************/
-/*
- * OPENSSL EC_METHOD FUNCTIONS
- */
-
-int ec_GFp_nistp224_group_init(EC_GROUP *group)
-{
-    int ret;
-    ret = ec_GFp_simple_group_init(group);
-    group->a_is_minus3 = 1;
-    return ret;
-}
-
-int ec_GFp_nistp224_group_set_curve(EC_GROUP *group, const BIGNUM *p,
-                                    const BIGNUM *a, const BIGNUM *b,
-                                    BN_CTX *ctx)
-{
-    int ret = 0;
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *curve_p, *curve_a, *curve_b;
-
-    if (ctx == NULL)
-        if ((ctx = new_ctx = BN_CTX_new()) == NULL)
-            return 0;
-    BN_CTX_start(ctx);
-    if (((curve_p = BN_CTX_get(ctx)) == NULL) ||
-        ((curve_a = BN_CTX_get(ctx)) == NULL) ||
-        ((curve_b = BN_CTX_get(ctx)) == NULL))
-        goto err;
-    BN_bin2bn(nistp224_curve_params[0], sizeof(felem_bytearray), curve_p);
-    BN_bin2bn(nistp224_curve_params[1], sizeof(felem_bytearray), curve_a);
-    BN_bin2bn(nistp224_curve_params[2], sizeof(felem_bytearray), curve_b);
-    if ((BN_cmp(curve_p, p)) || (BN_cmp(curve_a, a)) || (BN_cmp(curve_b, b))) {
-        ECerr(EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE,
-              EC_R_WRONG_CURVE_PARAMETERS);
-        goto err;
-    }
-    group->field_mod_func = BN_nist_mod_224;
-    ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
- err:
-    BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-
-/*
- * Takes the Jacobian coordinates (X, Y, Z) of a point and returns (X', Y') =
- * (X/Z^2, Y/Z^3)
- */
-int ec_GFp_nistp224_point_get_affine_coordinates(const EC_GROUP *group,
-                                                 const EC_POINT *point,
-                                                 BIGNUM *x, BIGNUM *y,
-                                                 BN_CTX *ctx)
-{
-    felem z1, z2, x_in, y_in, x_out, y_out;
-    widefelem tmp;
-
-    if (EC_POINT_is_at_infinity(group, point)) {
-        ECerr(EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES,
-              EC_R_POINT_AT_INFINITY);
-        return 0;
-    }
-    if ((!BN_to_felem(x_in, &point->X)) || (!BN_to_felem(y_in, &point->Y)) ||
-        (!BN_to_felem(z1, &point->Z)))
-        return 0;
-    felem_inv(z2, z1);
-    felem_square(tmp, z2);
-    felem_reduce(z1, tmp);
-    felem_mul(tmp, x_in, z1);
-    felem_reduce(x_in, tmp);
-    felem_contract(x_out, x_in);
-    if (x != NULL) {
-        if (!felem_to_BN(x, x_out)) {
-            ECerr(EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES,
-                  ERR_R_BN_LIB);
-            return 0;
-        }
-    }
-    felem_mul(tmp, z1, z2);
-    felem_reduce(z1, tmp);
-    felem_mul(tmp, y_in, z1);
-    felem_reduce(y_in, tmp);
-    felem_contract(y_out, y_in);
-    if (y != NULL) {
-        if (!felem_to_BN(y, y_out)) {
-            ECerr(EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES,
-                  ERR_R_BN_LIB);
-            return 0;
-        }
-    }
-    return 1;
-}
-
-static void make_points_affine(size_t num, felem points[ /* num */ ][3],
-                               felem tmp_felems[ /* num+1 */ ])
-{
-    /*
-     * Runs in constant time, unless an input is the point at infinity (which
-     * normally shouldn't happen).
-     */
-    ec_GFp_nistp_points_make_affine_internal(num,
-                                             points,
-                                             sizeof(felem),
-                                             tmp_felems,
-                                             (void (*)(void *))felem_one,
-                                             (int (*)(const void *))
-                                             felem_is_zero_int,
-                                             (void (*)(void *, const void *))
-                                             felem_assign,
-                                             (void (*)(void *, const void *))
-                                             felem_square_reduce, (void (*)
-                                                                   (void *,
-                                                                    const void
-                                                                    *,
-                                                                    const void
-                                                                    *))
-                                             felem_mul_reduce,
-                                             (void (*)(void *, const void *))
-                                             felem_inv,
-                                             (void (*)(void *, const void *))
-                                             felem_contract);
-}
-
-/*
- * Computes scalar*generator + \sum scalars[i]*points[i], ignoring NULL
- * values Result is stored in r (r can equal one of the inputs).
- */
-int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r,
-                               const BIGNUM *scalar, size_t num,
-                               const EC_POINT *points[],
-                               const BIGNUM *scalars[], BN_CTX *ctx)
-{
-    int ret = 0;
-    int j;
-    unsigned i;
-    int mixed = 0;
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *x, *y, *z, *tmp_scalar;
-    felem_bytearray g_secret;
-    felem_bytearray *secrets = NULL;
-    felem(*pre_comp)[17][3] = NULL;
-    felem *tmp_felems = NULL;
-    felem_bytearray tmp;
-    unsigned num_bytes;
-    int have_pre_comp = 0;
-    size_t num_points = num;
-    felem x_in, y_in, z_in, x_out, y_out, z_out;
-    NISTP224_PRE_COMP *pre = NULL;
-    const felem(*g_pre_comp)[16][3] = NULL;
-    EC_POINT *generator = NULL;
-    const EC_POINT *p = NULL;
-    const BIGNUM *p_scalar = NULL;
-
-    if (ctx == NULL)
-        if ((ctx = new_ctx = BN_CTX_new()) == NULL)
-            return 0;
-    BN_CTX_start(ctx);
-    if (((x = BN_CTX_get(ctx)) == NULL) ||
-        ((y = BN_CTX_get(ctx)) == NULL) ||
-        ((z = BN_CTX_get(ctx)) == NULL) ||
-        ((tmp_scalar = BN_CTX_get(ctx)) == NULL))
-        goto err;
-
-    if (scalar != NULL) {
-        pre = EC_EX_DATA_get_data(group->extra_data,
-                                  nistp224_pre_comp_dup,
-                                  nistp224_pre_comp_free,
-                                  nistp224_pre_comp_clear_free);
-        if (pre)
-            /* we have precomputation, try to use it */
-            g_pre_comp = (const felem(*)[16][3])pre->g_pre_comp;
-        else
-            /* try to use the standard precomputation */
-            g_pre_comp = &gmul[0];
-        generator = EC_POINT_new(group);
-        if (generator == NULL)
-            goto err;
-        /* get the generator from precomputation */
-        if (!felem_to_BN(x, g_pre_comp[0][1][0]) ||
-            !felem_to_BN(y, g_pre_comp[0][1][1]) ||
-            !felem_to_BN(z, g_pre_comp[0][1][2])) {
-            ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_BN_LIB);
-            goto err;
-        }
-        if (!EC_POINT_set_Jprojective_coordinates_GFp(group,
-                                                      generator, x, y, z,
-                                                      ctx))
-            goto err;
-        if (0 == EC_POINT_cmp(group, generator, group->generator, ctx))
-            /* precomputation matches generator */
-            have_pre_comp = 1;
-        else
-            /*
-             * we don't have valid precomputation: treat the generator as a
-             * random point
-             */
-            num_points = num_points + 1;
-    }
-
-    if (num_points > 0) {
-        if (num_points >= 3) {
-            /*
-             * unless we precompute multiples for just one or two points,
-             * converting those into affine form is time well spent
-             */
-            mixed = 1;
-        }
-        secrets = OPENSSL_malloc(num_points * sizeof(felem_bytearray));
-        pre_comp = OPENSSL_malloc(num_points * 17 * 3 * sizeof(felem));
-        if (mixed)
-            tmp_felems =
-                OPENSSL_malloc((num_points * 17 + 1) * sizeof(felem));
-        if ((secrets == NULL) || (pre_comp == NULL)
-            || (mixed && (tmp_felems == NULL))) {
-            ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-
-        /*
-         * we treat NULL scalars as 0, and NULL points as points at infinity,
-         * i.e., they contribute nothing to the linear combination
-         */
-        memset(secrets, 0, num_points * sizeof(felem_bytearray));
-        memset(pre_comp, 0, num_points * 17 * 3 * sizeof(felem));
-        for (i = 0; i < num_points; ++i) {
-            if (i == num)
-                /* the generator */
-            {
-                p = EC_GROUP_get0_generator(group);
-                p_scalar = scalar;
-            } else
-                /* the i^th point */
-            {
-                p = points[i];
-                p_scalar = scalars[i];
-            }
-            if ((p_scalar != NULL) && (p != NULL)) {
-                /* reduce scalar to 0 <= scalar < 2^224 */
-                if ((BN_num_bits(p_scalar) > 224)
-                    || (BN_is_negative(p_scalar))) {
-                    /*
-                     * this is an unusual input, and we don't guarantee
-                     * constant-timeness
-                     */
-                    if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) {
-                        ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_BN_LIB);
-                        goto err;
-                    }
-                    num_bytes = BN_bn2bin(tmp_scalar, tmp);
-                } else
-                    num_bytes = BN_bn2bin(p_scalar, tmp);
-                flip_endian(secrets[i], tmp, num_bytes);
-                /* precompute multiples */
-                if ((!BN_to_felem(x_out, &p->X)) ||
-                    (!BN_to_felem(y_out, &p->Y)) ||
-                    (!BN_to_felem(z_out, &p->Z)))
-                    goto err;
-                felem_assign(pre_comp[i][1][0], x_out);
-                felem_assign(pre_comp[i][1][1], y_out);
-                felem_assign(pre_comp[i][1][2], z_out);
-                for (j = 2; j <= 16; ++j) {
-                    if (j & 1) {
-                        point_add(pre_comp[i][j][0], pre_comp[i][j][1],
-                                  pre_comp[i][j][2], pre_comp[i][1][0],
-                                  pre_comp[i][1][1], pre_comp[i][1][2], 0,
-                                  pre_comp[i][j - 1][0],
-                                  pre_comp[i][j - 1][1],
-                                  pre_comp[i][j - 1][2]);
-                    } else {
-                        point_double(pre_comp[i][j][0], pre_comp[i][j][1],
-                                     pre_comp[i][j][2], pre_comp[i][j / 2][0],
-                                     pre_comp[i][j / 2][1],
-                                     pre_comp[i][j / 2][2]);
-                    }
-                }
-            }
-        }
-        if (mixed)
-            make_points_affine(num_points * 17, pre_comp[0], tmp_felems);
-    }
-
-    /* the scalar for the generator */
-    if ((scalar != NULL) && (have_pre_comp)) {
-        memset(g_secret, 0, sizeof g_secret);
-        /* reduce scalar to 0 <= scalar < 2^224 */
-        if ((BN_num_bits(scalar) > 224) || (BN_is_negative(scalar))) {
-            /*
-             * this is an unusual input, and we don't guarantee
-             * constant-timeness
-             */
-            if (!BN_nnmod(tmp_scalar, scalar, &group->order, ctx)) {
-                ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_BN_LIB);
-                goto err;
-            }
-            num_bytes = BN_bn2bin(tmp_scalar, tmp);
-        } else
-            num_bytes = BN_bn2bin(scalar, tmp);
-        flip_endian(g_secret, tmp, num_bytes);
-        /* do the multiplication with generator precomputation */
-        batch_mul(x_out, y_out, z_out,
-                  (const felem_bytearray(*))secrets, num_points,
-                  g_secret,
-                  mixed, (const felem(*)[17][3])pre_comp, g_pre_comp);
-    } else
-        /* do the multiplication without generator precomputation */
-        batch_mul(x_out, y_out, z_out,
-                  (const felem_bytearray(*))secrets, num_points,
-                  NULL, mixed, (const felem(*)[17][3])pre_comp, NULL);
-    /* reduce the output to its unique minimal representation */
-    felem_contract(x_in, x_out);
-    felem_contract(y_in, y_out);
-    felem_contract(z_in, z_out);
-    if ((!felem_to_BN(x, x_in)) || (!felem_to_BN(y, y_in)) ||
-        (!felem_to_BN(z, z_in))) {
-        ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_BN_LIB);
-        goto err;
-    }
-    ret = EC_POINT_set_Jprojective_coordinates_GFp(group, r, x, y, z, ctx);
-
- err:
-    BN_CTX_end(ctx);
-    if (generator != NULL)
-        EC_POINT_free(generator);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    if (secrets != NULL)
-        OPENSSL_free(secrets);
-    if (pre_comp != NULL)
-        OPENSSL_free(pre_comp);
-    if (tmp_felems != NULL)
-        OPENSSL_free(tmp_felems);
-    return ret;
-}
-
-int ec_GFp_nistp224_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
-{
-    int ret = 0;
-    NISTP224_PRE_COMP *pre = NULL;
-    int i, j;
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *x, *y;
-    EC_POINT *generator = NULL;
-    felem tmp_felems[32];
-
-    /* throw away old precomputation */
-    EC_EX_DATA_free_data(&group->extra_data, nistp224_pre_comp_dup,
-                         nistp224_pre_comp_free,
-                         nistp224_pre_comp_clear_free);
-    if (ctx == NULL)
-        if ((ctx = new_ctx = BN_CTX_new()) == NULL)
-            return 0;
-    BN_CTX_start(ctx);
-    if (((x = BN_CTX_get(ctx)) == NULL) || ((y = BN_CTX_get(ctx)) == NULL))
-        goto err;
-    /* get the generator */
-    if (group->generator == NULL)
-        goto err;
-    generator = EC_POINT_new(group);
-    if (generator == NULL)
-        goto err;
-    BN_bin2bn(nistp224_curve_params[3], sizeof(felem_bytearray), x);
-    BN_bin2bn(nistp224_curve_params[4], sizeof(felem_bytearray), y);
-    if (!EC_POINT_set_affine_coordinates_GFp(group, generator, x, y, ctx))
-        goto err;
-    if ((pre = nistp224_pre_comp_new()) == NULL)
-        goto err;
-    /*
-     * if the generator is the standard one, use built-in precomputation
-     */
-    if (0 == EC_POINT_cmp(group, generator, group->generator, ctx)) {
-        memcpy(pre->g_pre_comp, gmul, sizeof(pre->g_pre_comp));
-        goto done;
-    }
-    if ((!BN_to_felem(pre->g_pre_comp[0][1][0], &group->generator->X)) ||
-        (!BN_to_felem(pre->g_pre_comp[0][1][1], &group->generator->Y)) ||
-        (!BN_to_felem(pre->g_pre_comp[0][1][2], &group->generator->Z)))
-        goto err;
-    /*
-     * compute 2^56*G, 2^112*G, 2^168*G for the first table, 2^28*G, 2^84*G,
-     * 2^140*G, 2^196*G for the second one
-     */
-    for (i = 1; i <= 8; i <<= 1) {
-        point_double(pre->g_pre_comp[1][i][0], pre->g_pre_comp[1][i][1],
-                     pre->g_pre_comp[1][i][2], pre->g_pre_comp[0][i][0],
-                     pre->g_pre_comp[0][i][1], pre->g_pre_comp[0][i][2]);
-        for (j = 0; j < 27; ++j) {
-            point_double(pre->g_pre_comp[1][i][0], pre->g_pre_comp[1][i][1],
-                         pre->g_pre_comp[1][i][2], pre->g_pre_comp[1][i][0],
-                         pre->g_pre_comp[1][i][1], pre->g_pre_comp[1][i][2]);
-        }
-        if (i == 8)
-            break;
-        point_double(pre->g_pre_comp[0][2 * i][0],
-                     pre->g_pre_comp[0][2 * i][1],
-                     pre->g_pre_comp[0][2 * i][2], pre->g_pre_comp[1][i][0],
-                     pre->g_pre_comp[1][i][1], pre->g_pre_comp[1][i][2]);
-        for (j = 0; j < 27; ++j) {
-            point_double(pre->g_pre_comp[0][2 * i][0],
-                         pre->g_pre_comp[0][2 * i][1],
-                         pre->g_pre_comp[0][2 * i][2],
-                         pre->g_pre_comp[0][2 * i][0],
-                         pre->g_pre_comp[0][2 * i][1],
-                         pre->g_pre_comp[0][2 * i][2]);
-        }
-    }
-    for (i = 0; i < 2; i++) {
-        /* g_pre_comp[i][0] is the point at infinity */
-        memset(pre->g_pre_comp[i][0], 0, sizeof(pre->g_pre_comp[i][0]));
-        /* the remaining multiples */
-        /* 2^56*G + 2^112*G resp. 2^84*G + 2^140*G */
-        point_add(pre->g_pre_comp[i][6][0], pre->g_pre_comp[i][6][1],
-                  pre->g_pre_comp[i][6][2], pre->g_pre_comp[i][4][0],
-                  pre->g_pre_comp[i][4][1], pre->g_pre_comp[i][4][2],
-                  0, pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1],
-                  pre->g_pre_comp[i][2][2]);
-        /* 2^56*G + 2^168*G resp. 2^84*G + 2^196*G */
-        point_add(pre->g_pre_comp[i][10][0], pre->g_pre_comp[i][10][1],
-                  pre->g_pre_comp[i][10][2], pre->g_pre_comp[i][8][0],
-                  pre->g_pre_comp[i][8][1], pre->g_pre_comp[i][8][2],
-                  0, pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1],
-                  pre->g_pre_comp[i][2][2]);
-        /* 2^112*G + 2^168*G resp. 2^140*G + 2^196*G */
-        point_add(pre->g_pre_comp[i][12][0], pre->g_pre_comp[i][12][1],
-                  pre->g_pre_comp[i][12][2], pre->g_pre_comp[i][8][0],
-                  pre->g_pre_comp[i][8][1], pre->g_pre_comp[i][8][2],
-                  0, pre->g_pre_comp[i][4][0], pre->g_pre_comp[i][4][1],
-                  pre->g_pre_comp[i][4][2]);
-        /*
-         * 2^56*G + 2^112*G + 2^168*G resp. 2^84*G + 2^140*G + 2^196*G
-         */
-        point_add(pre->g_pre_comp[i][14][0], pre->g_pre_comp[i][14][1],
-                  pre->g_pre_comp[i][14][2], pre->g_pre_comp[i][12][0],
-                  pre->g_pre_comp[i][12][1], pre->g_pre_comp[i][12][2],
-                  0, pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1],
-                  pre->g_pre_comp[i][2][2]);
-        for (j = 1; j < 8; ++j) {
-            /* odd multiples: add G resp. 2^28*G */
-            point_add(pre->g_pre_comp[i][2 * j + 1][0],
-                      pre->g_pre_comp[i][2 * j + 1][1],
-                      pre->g_pre_comp[i][2 * j + 1][2],
-                      pre->g_pre_comp[i][2 * j][0],
-                      pre->g_pre_comp[i][2 * j][1],
-                      pre->g_pre_comp[i][2 * j][2], 0,
-                      pre->g_pre_comp[i][1][0], pre->g_pre_comp[i][1][1],
-                      pre->g_pre_comp[i][1][2]);
-        }
-    }
-    make_points_affine(31, &(pre->g_pre_comp[0][1]), tmp_felems);
-
- done:
-    if (!EC_EX_DATA_set_data(&group->extra_data, pre, nistp224_pre_comp_dup,
-                             nistp224_pre_comp_free,
-                             nistp224_pre_comp_clear_free))
-        goto err;
-    ret = 1;
-    pre = NULL;
- err:
-    BN_CTX_end(ctx);
-    if (generator != NULL)
-        EC_POINT_free(generator);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    if (pre)
-        nistp224_pre_comp_free(pre);
-    return ret;
-}
-
-int ec_GFp_nistp224_have_precompute_mult(const EC_GROUP *group)
-{
-    if (EC_EX_DATA_get_data(group->extra_data, nistp224_pre_comp_dup,
-                            nistp224_pre_comp_free,
-                            nistp224_pre_comp_clear_free)
-        != NULL)
-        return 1;
-    else
-        return 0;
-}
-
-#else
-static void *dummy = &dummy;
-#endif
diff --git a/thirdparty/openssl/crypto/ec/ecp_nistp256.c b/thirdparty/openssl/crypto/ec/ecp_nistp256.c
deleted file mode 100644
index 78d191aac7..0000000000
--- a/thirdparty/openssl/crypto/ec/ecp_nistp256.c
+++ /dev/null
@@ -1,2369 +0,0 @@
-/* crypto/ec/ecp_nistp256.c */
-/*
- * Written by Adam Langley (Google) for the OpenSSL project
- */
-/* Copyright 2011 Google Inc.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- *
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS,
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/*
- * A 64-bit implementation of the NIST P-256 elliptic curve point multiplication
- *
- * OpenSSL integration was taken from Emilia Kasper's work in ecp_nistp224.c.
- * Otherwise based on Emilia's P224 work, which was inspired by my curve25519
- * work which got its smarts from Daniel J. Bernstein's work on the same.
- */
-
-#include <openssl/opensslconf.h>
-#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-
-# ifndef OPENSSL_SYS_VMS
-#  include <stdint.h>
-# else
-#  include <inttypes.h>
-# endif
-
-# include <string.h>
-# include <openssl/err.h>
-# include "ec_lcl.h"
-
-# if defined(__GNUC__) && (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 1))
-  /* even with gcc, the typedef won't work for 32-bit platforms */
-typedef __uint128_t uint128_t;  /* nonstandard; implemented by gcc on 64-bit
-                                 * platforms */
-typedef __int128_t int128_t;
-# else
-#  error "Need GCC 3.1 or later to define type uint128_t"
-# endif
-
-typedef uint8_t u8;
-typedef uint32_t u32;
-typedef uint64_t u64;
-typedef int64_t s64;
-
-/*
- * The underlying field. P256 operates over GF(2^256-2^224+2^192+2^96-1). We
- * can serialise an element of this field into 32 bytes. We call this an
- * felem_bytearray.
- */
-
-typedef u8 felem_bytearray[32];
-
-/*
- * These are the parameters of P256, taken from FIPS 186-3, page 86. These
- * values are big-endian.
- */
-static const felem_bytearray nistp256_curve_params[5] = {
-    {0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01, /* p */
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff,
-     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
-    {0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01, /* a = -3 */
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff,
-     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfc}, /* b */
-    {0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
-     0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
-     0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
-     0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b},
-    {0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47, /* x */
-     0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2,
-     0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
-     0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96},
-    {0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b, /* y */
-     0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
-     0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
-     0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5}
-};
-
-/*-
- * The representation of field elements.
- * ------------------------------------
- *
- * We represent field elements with either four 128-bit values, eight 128-bit
- * values, or four 64-bit values. The field element represented is:
- *   v[0]*2^0 + v[1]*2^64 + v[2]*2^128 + v[3]*2^192  (mod p)
- * or:
- *   v[0]*2^0 + v[1]*2^64 + v[2]*2^128 + ... + v[8]*2^512  (mod p)
- *
- * 128-bit values are called 'limbs'. Since the limbs are spaced only 64 bits
- * apart, but are 128-bits wide, the most significant bits of each limb overlap
- * with the least significant bits of the next.
- *
- * A field element with four limbs is an 'felem'. One with eight limbs is a
- * 'longfelem'
- *
- * A field element with four, 64-bit values is called a 'smallfelem'. Small
- * values are used as intermediate values before multiplication.
- */
-
-# define NLIMBS 4
-
-typedef uint128_t limb;
-typedef limb felem[NLIMBS];
-typedef limb longfelem[NLIMBS * 2];
-typedef u64 smallfelem[NLIMBS];
-
-/* This is the value of the prime as four 64-bit words, little-endian. */
-static const u64 kPrime[4] =
-    { 0xfffffffffffffffful, 0xffffffff, 0, 0xffffffff00000001ul };
-static const u64 bottom63bits = 0x7ffffffffffffffful;
-
-/*
- * bin32_to_felem takes a little-endian byte array and converts it into felem
- * form. This assumes that the CPU is little-endian.
- */
-static void bin32_to_felem(felem out, const u8 in[32])
-{
-    out[0] = *((u64 *)&in[0]);
-    out[1] = *((u64 *)&in[8]);
-    out[2] = *((u64 *)&in[16]);
-    out[3] = *((u64 *)&in[24]);
-}
-
-/*
- * smallfelem_to_bin32 takes a smallfelem and serialises into a little
- * endian, 32 byte array. This assumes that the CPU is little-endian.
- */
-static void smallfelem_to_bin32(u8 out[32], const smallfelem in)
-{
-    *((u64 *)&out[0]) = in[0];
-    *((u64 *)&out[8]) = in[1];
-    *((u64 *)&out[16]) = in[2];
-    *((u64 *)&out[24]) = in[3];
-}
-
-/* To preserve endianness when using BN_bn2bin and BN_bin2bn */
-static void flip_endian(u8 *out, const u8 *in, unsigned len)
-{
-    unsigned i;
-    for (i = 0; i < len; ++i)
-        out[i] = in[len - 1 - i];
-}
-
-/* BN_to_felem converts an OpenSSL BIGNUM into an felem */
-static int BN_to_felem(felem out, const BIGNUM *bn)
-{
-    felem_bytearray b_in;
-    felem_bytearray b_out;
-    unsigned num_bytes;
-
-    /* BN_bn2bin eats leading zeroes */
-    memset(b_out, 0, sizeof b_out);
-    num_bytes = BN_num_bytes(bn);
-    if (num_bytes > sizeof b_out) {
-        ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
-        return 0;
-    }
-    if (BN_is_negative(bn)) {
-        ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
-        return 0;
-    }
-    num_bytes = BN_bn2bin(bn, b_in);
-    flip_endian(b_out, b_in, num_bytes);
-    bin32_to_felem(out, b_out);
-    return 1;
-}
-
-/* felem_to_BN converts an felem into an OpenSSL BIGNUM */
-static BIGNUM *smallfelem_to_BN(BIGNUM *out, const smallfelem in)
-{
-    felem_bytearray b_in, b_out;
-    smallfelem_to_bin32(b_in, in);
-    flip_endian(b_out, b_in, sizeof b_out);
-    return BN_bin2bn(b_out, sizeof b_out, out);
-}
-
-/*-
- * Field operations
- * ----------------
- */
-
-static void smallfelem_one(smallfelem out)
-{
-    out[0] = 1;
-    out[1] = 0;
-    out[2] = 0;
-    out[3] = 0;
-}
-
-static void smallfelem_assign(smallfelem out, const smallfelem in)
-{
-    out[0] = in[0];
-    out[1] = in[1];
-    out[2] = in[2];
-    out[3] = in[3];
-}
-
-static void felem_assign(felem out, const felem in)
-{
-    out[0] = in[0];
-    out[1] = in[1];
-    out[2] = in[2];
-    out[3] = in[3];
-}
-
-/* felem_sum sets out = out + in. */
-static void felem_sum(felem out, const felem in)
-{
-    out[0] += in[0];
-    out[1] += in[1];
-    out[2] += in[2];
-    out[3] += in[3];
-}
-
-/* felem_small_sum sets out = out + in. */
-static void felem_small_sum(felem out, const smallfelem in)
-{
-    out[0] += in[0];
-    out[1] += in[1];
-    out[2] += in[2];
-    out[3] += in[3];
-}
-
-/* felem_scalar sets out = out * scalar */
-static void felem_scalar(felem out, const u64 scalar)
-{
-    out[0] *= scalar;
-    out[1] *= scalar;
-    out[2] *= scalar;
-    out[3] *= scalar;
-}
-
-/* longfelem_scalar sets out = out * scalar */
-static void longfelem_scalar(longfelem out, const u64 scalar)
-{
-    out[0] *= scalar;
-    out[1] *= scalar;
-    out[2] *= scalar;
-    out[3] *= scalar;
-    out[4] *= scalar;
-    out[5] *= scalar;
-    out[6] *= scalar;
-    out[7] *= scalar;
-}
-
-# define two105m41m9 (((limb)1) << 105) - (((limb)1) << 41) - (((limb)1) << 9)
-# define two105 (((limb)1) << 105)
-# define two105m41p9 (((limb)1) << 105) - (((limb)1) << 41) + (((limb)1) << 9)
-
-/* zero105 is 0 mod p */
-static const felem zero105 =
-    { two105m41m9, two105, two105m41p9, two105m41p9 };
-
-/*-
- * smallfelem_neg sets |out| to |-small|
- * On exit:
- *   out[i] < out[i] + 2^105
- */
-static void smallfelem_neg(felem out, const smallfelem small)
-{
-    /* In order to prevent underflow, we subtract from 0 mod p. */
-    out[0] = zero105[0] - small[0];
-    out[1] = zero105[1] - small[1];
-    out[2] = zero105[2] - small[2];
-    out[3] = zero105[3] - small[3];
-}
-
-/*-
- * felem_diff subtracts |in| from |out|
- * On entry:
- *   in[i] < 2^104
- * On exit:
- *   out[i] < out[i] + 2^105
- */
-static void felem_diff(felem out, const felem in)
-{
-    /*
-     * In order to prevent underflow, we add 0 mod p before subtracting.
-     */
-    out[0] += zero105[0];
-    out[1] += zero105[1];
-    out[2] += zero105[2];
-    out[3] += zero105[3];
-
-    out[0] -= in[0];
-    out[1] -= in[1];
-    out[2] -= in[2];
-    out[3] -= in[3];
-}
-
-# define two107m43m11 (((limb)1) << 107) - (((limb)1) << 43) - (((limb)1) << 11)
-# define two107 (((limb)1) << 107)
-# define two107m43p11 (((limb)1) << 107) - (((limb)1) << 43) + (((limb)1) << 11)
-
-/* zero107 is 0 mod p */
-static const felem zero107 =
-    { two107m43m11, two107, two107m43p11, two107m43p11 };
-
-/*-
- * An alternative felem_diff for larger inputs |in|
- * felem_diff_zero107 subtracts |in| from |out|
- * On entry:
- *   in[i] < 2^106
- * On exit:
- *   out[i] < out[i] + 2^107
- */
-static void felem_diff_zero107(felem out, const felem in)
-{
-    /*
-     * In order to prevent underflow, we add 0 mod p before subtracting.
-     */
-    out[0] += zero107[0];
-    out[1] += zero107[1];
-    out[2] += zero107[2];
-    out[3] += zero107[3];
-
-    out[0] -= in[0];
-    out[1] -= in[1];
-    out[2] -= in[2];
-    out[3] -= in[3];
-}
-
-/*-
- * longfelem_diff subtracts |in| from |out|
- * On entry:
- *   in[i] < 7*2^67
- * On exit:
- *   out[i] < out[i] + 2^70 + 2^40
- */
-static void longfelem_diff(longfelem out, const longfelem in)
-{
-    static const limb two70m8p6 =
-        (((limb) 1) << 70) - (((limb) 1) << 8) + (((limb) 1) << 6);
-    static const limb two70p40 = (((limb) 1) << 70) + (((limb) 1) << 40);
-    static const limb two70 = (((limb) 1) << 70);
-    static const limb two70m40m38p6 =
-        (((limb) 1) << 70) - (((limb) 1) << 40) - (((limb) 1) << 38) +
-        (((limb) 1) << 6);
-    static const limb two70m6 = (((limb) 1) << 70) - (((limb) 1) << 6);
-
-    /* add 0 mod p to avoid underflow */
-    out[0] += two70m8p6;
-    out[1] += two70p40;
-    out[2] += two70;
-    out[3] += two70m40m38p6;
-    out[4] += two70m6;
-    out[5] += two70m6;
-    out[6] += two70m6;
-    out[7] += two70m6;
-
-    /* in[i] < 7*2^67 < 2^70 - 2^40 - 2^38 + 2^6 */
-    out[0] -= in[0];
-    out[1] -= in[1];
-    out[2] -= in[2];
-    out[3] -= in[3];
-    out[4] -= in[4];
-    out[5] -= in[5];
-    out[6] -= in[6];
-    out[7] -= in[7];
-}
-
-# define two64m0 (((limb)1) << 64) - 1
-# define two110p32m0 (((limb)1) << 110) + (((limb)1) << 32) - 1
-# define two64m46 (((limb)1) << 64) - (((limb)1) << 46)
-# define two64m32 (((limb)1) << 64) - (((limb)1) << 32)
-
-/* zero110 is 0 mod p */
-static const felem zero110 = { two64m0, two110p32m0, two64m46, two64m32 };
-
-/*-
- * felem_shrink converts an felem into a smallfelem. The result isn't quite
- * minimal as the value may be greater than p.
- *
- * On entry:
- *   in[i] < 2^109
- * On exit:
- *   out[i] < 2^64
- */
-static void felem_shrink(smallfelem out, const felem in)
-{
-    felem tmp;
-    u64 a, b, mask;
-    s64 high, low;
-    static const u64 kPrime3Test = 0x7fffffff00000001ul; /* 2^63 - 2^32 + 1 */
-
-    /* Carry 2->3 */
-    tmp[3] = zero110[3] + in[3] + ((u64)(in[2] >> 64));
-    /* tmp[3] < 2^110 */
-
-    tmp[2] = zero110[2] + (u64)in[2];
-    tmp[0] = zero110[0] + in[0];
-    tmp[1] = zero110[1] + in[1];
-    /* tmp[0] < 2**110, tmp[1] < 2^111, tmp[2] < 2**65 */
-
-    /*
-     * We perform two partial reductions where we eliminate the high-word of
-     * tmp[3]. We don't update the other words till the end.
-     */
-    a = tmp[3] >> 64;           /* a < 2^46 */
-    tmp[3] = (u64)tmp[3];
-    tmp[3] -= a;
-    tmp[3] += ((limb) a) << 32;
-    /* tmp[3] < 2^79 */
-
-    b = a;
-    a = tmp[3] >> 64;           /* a < 2^15 */
-    b += a;                     /* b < 2^46 + 2^15 < 2^47 */
-    tmp[3] = (u64)tmp[3];
-    tmp[3] -= a;
-    tmp[3] += ((limb) a) << 32;
-    /* tmp[3] < 2^64 + 2^47 */
-
-    /*
-     * This adjusts the other two words to complete the two partial
-     * reductions.
-     */
-    tmp[0] += b;
-    tmp[1] -= (((limb) b) << 32);
-
-    /*
-     * In order to make space in tmp[3] for the carry from 2 -> 3, we
-     * conditionally subtract kPrime if tmp[3] is large enough.
-     */
-    high = tmp[3] >> 64;
-    /* As tmp[3] < 2^65, high is either 1 or 0 */
-    high <<= 63;
-    high >>= 63;
-    /*-
-     * high is:
-     *   all ones   if the high word of tmp[3] is 1
-     *   all zeros  if the high word of tmp[3] if 0 */
-    low = tmp[3];
-    mask = low >> 63;
-    /*-
-     * mask is:
-     *   all ones   if the MSB of low is 1
-     *   all zeros  if the MSB of low if 0 */
-    low &= bottom63bits;
-    low -= kPrime3Test;
-    /* if low was greater than kPrime3Test then the MSB is zero */
-    low = ~low;
-    low >>= 63;
-    /*-
-     * low is:
-     *   all ones   if low was > kPrime3Test
-     *   all zeros  if low was <= kPrime3Test */
-    mask = (mask & low) | high;
-    tmp[0] -= mask & kPrime[0];
-    tmp[1] -= mask & kPrime[1];
-    /* kPrime[2] is zero, so omitted */
-    tmp[3] -= mask & kPrime[3];
-    /* tmp[3] < 2**64 - 2**32 + 1 */
-
-    tmp[1] += ((u64)(tmp[0] >> 64));
-    tmp[0] = (u64)tmp[0];
-    tmp[2] += ((u64)(tmp[1] >> 64));
-    tmp[1] = (u64)tmp[1];
-    tmp[3] += ((u64)(tmp[2] >> 64));
-    tmp[2] = (u64)tmp[2];
-    /* tmp[i] < 2^64 */
-
-    out[0] = tmp[0];
-    out[1] = tmp[1];
-    out[2] = tmp[2];
-    out[3] = tmp[3];
-}
-
-/* smallfelem_expand converts a smallfelem to an felem */
-static void smallfelem_expand(felem out, const smallfelem in)
-{
-    out[0] = in[0];
-    out[1] = in[1];
-    out[2] = in[2];
-    out[3] = in[3];
-}
-
-/*-
- * smallfelem_square sets |out| = |small|^2
- * On entry:
- *   small[i] < 2^64
- * On exit:
- *   out[i] < 7 * 2^64 < 2^67
- */
-static void smallfelem_square(longfelem out, const smallfelem small)
-{
-    limb a;
-    u64 high, low;
-
-    a = ((uint128_t) small[0]) * small[0];
-    low = a;
-    high = a >> 64;
-    out[0] = low;
-    out[1] = high;
-
-    a = ((uint128_t) small[0]) * small[1];
-    low = a;
-    high = a >> 64;
-    out[1] += low;
-    out[1] += low;
-    out[2] = high;
-
-    a = ((uint128_t) small[0]) * small[2];
-    low = a;
-    high = a >> 64;
-    out[2] += low;
-    out[2] *= 2;
-    out[3] = high;
-
-    a = ((uint128_t) small[0]) * small[3];
-    low = a;
-    high = a >> 64;
-    out[3] += low;
-    out[4] = high;
-
-    a = ((uint128_t) small[1]) * small[2];
-    low = a;
-    high = a >> 64;
-    out[3] += low;
-    out[3] *= 2;
-    out[4] += high;
-
-    a = ((uint128_t) small[1]) * small[1];
-    low = a;
-    high = a >> 64;
-    out[2] += low;
-    out[3] += high;
-
-    a = ((uint128_t) small[1]) * small[3];
-    low = a;
-    high = a >> 64;
-    out[4] += low;
-    out[4] *= 2;
-    out[5] = high;
-
-    a = ((uint128_t) small[2]) * small[3];
-    low = a;
-    high = a >> 64;
-    out[5] += low;
-    out[5] *= 2;
-    out[6] = high;
-    out[6] += high;
-
-    a = ((uint128_t) small[2]) * small[2];
-    low = a;
-    high = a >> 64;
-    out[4] += low;
-    out[5] += high;
-
-    a = ((uint128_t) small[3]) * small[3];
-    low = a;
-    high = a >> 64;
-    out[6] += low;
-    out[7] = high;
-}
-
-/*-
- * felem_square sets |out| = |in|^2
- * On entry:
- *   in[i] < 2^109
- * On exit:
- *   out[i] < 7 * 2^64 < 2^67
- */
-static void felem_square(longfelem out, const felem in)
-{
-    u64 small[4];
-    felem_shrink(small, in);
-    smallfelem_square(out, small);
-}
-
-/*-
- * smallfelem_mul sets |out| = |small1| * |small2|
- * On entry:
- *   small1[i] < 2^64
- *   small2[i] < 2^64
- * On exit:
- *   out[i] < 7 * 2^64 < 2^67
- */
-static void smallfelem_mul(longfelem out, const smallfelem small1,
-                           const smallfelem small2)
-{
-    limb a;
-    u64 high, low;
-
-    a = ((uint128_t) small1[0]) * small2[0];
-    low = a;
-    high = a >> 64;
-    out[0] = low;
-    out[1] = high;
-
-    a = ((uint128_t) small1[0]) * small2[1];
-    low = a;
-    high = a >> 64;
-    out[1] += low;
-    out[2] = high;
-
-    a = ((uint128_t) small1[1]) * small2[0];
-    low = a;
-    high = a >> 64;
-    out[1] += low;
-    out[2] += high;
-
-    a = ((uint128_t) small1[0]) * small2[2];
-    low = a;
-    high = a >> 64;
-    out[2] += low;
-    out[3] = high;
-
-    a = ((uint128_t) small1[1]) * small2[1];
-    low = a;
-    high = a >> 64;
-    out[2] += low;
-    out[3] += high;
-
-    a = ((uint128_t) small1[2]) * small2[0];
-    low = a;
-    high = a >> 64;
-    out[2] += low;
-    out[3] += high;
-
-    a = ((uint128_t) small1[0]) * small2[3];
-    low = a;
-    high = a >> 64;
-    out[3] += low;
-    out[4] = high;
-
-    a = ((uint128_t) small1[1]) * small2[2];
-    low = a;
-    high = a >> 64;
-    out[3] += low;
-    out[4] += high;
-
-    a = ((uint128_t) small1[2]) * small2[1];
-    low = a;
-    high = a >> 64;
-    out[3] += low;
-    out[4] += high;
-
-    a = ((uint128_t) small1[3]) * small2[0];
-    low = a;
-    high = a >> 64;
-    out[3] += low;
-    out[4] += high;
-
-    a = ((uint128_t) small1[1]) * small2[3];
-    low = a;
-    high = a >> 64;
-    out[4] += low;
-    out[5] = high;
-
-    a = ((uint128_t) small1[2]) * small2[2];
-    low = a;
-    high = a >> 64;
-    out[4] += low;
-    out[5] += high;
-
-    a = ((uint128_t) small1[3]) * small2[1];
-    low = a;
-    high = a >> 64;
-    out[4] += low;
-    out[5] += high;
-
-    a = ((uint128_t) small1[2]) * small2[3];
-    low = a;
-    high = a >> 64;
-    out[5] += low;
-    out[6] = high;
-
-    a = ((uint128_t) small1[3]) * small2[2];
-    low = a;
-    high = a >> 64;
-    out[5] += low;
-    out[6] += high;
-
-    a = ((uint128_t) small1[3]) * small2[3];
-    low = a;
-    high = a >> 64;
-    out[6] += low;
-    out[7] = high;
-}
-
-/*-
- * felem_mul sets |out| = |in1| * |in2|
- * On entry:
- *   in1[i] < 2^109
- *   in2[i] < 2^109
- * On exit:
- *   out[i] < 7 * 2^64 < 2^67
- */
-static void felem_mul(longfelem out, const felem in1, const felem in2)
-{
-    smallfelem small1, small2;
-    felem_shrink(small1, in1);
-    felem_shrink(small2, in2);
-    smallfelem_mul(out, small1, small2);
-}
-
-/*-
- * felem_small_mul sets |out| = |small1| * |in2|
- * On entry:
- *   small1[i] < 2^64
- *   in2[i] < 2^109
- * On exit:
- *   out[i] < 7 * 2^64 < 2^67
- */
-static void felem_small_mul(longfelem out, const smallfelem small1,
-                            const felem in2)
-{
-    smallfelem small2;
-    felem_shrink(small2, in2);
-    smallfelem_mul(out, small1, small2);
-}
-
-# define two100m36m4 (((limb)1) << 100) - (((limb)1) << 36) - (((limb)1) << 4)
-# define two100 (((limb)1) << 100)
-# define two100m36p4 (((limb)1) << 100) - (((limb)1) << 36) + (((limb)1) << 4)
-/* zero100 is 0 mod p */
-static const felem zero100 =
-    { two100m36m4, two100, two100m36p4, two100m36p4 };
-
-/*-
- * Internal function for the different flavours of felem_reduce.
- * felem_reduce_ reduces the higher coefficients in[4]-in[7].
- * On entry:
- *   out[0] >= in[6] + 2^32*in[6] + in[7] + 2^32*in[7]
- *   out[1] >= in[7] + 2^32*in[4]
- *   out[2] >= in[5] + 2^32*in[5]
- *   out[3] >= in[4] + 2^32*in[5] + 2^32*in[6]
- * On exit:
- *   out[0] <= out[0] + in[4] + 2^32*in[5]
- *   out[1] <= out[1] + in[5] + 2^33*in[6]
- *   out[2] <= out[2] + in[7] + 2*in[6] + 2^33*in[7]
- *   out[3] <= out[3] + 2^32*in[4] + 3*in[7]
- */
-static void felem_reduce_(felem out, const longfelem in)
-{
-    int128_t c;
-    /* combine common terms from below */
-    c = in[4] + (in[5] << 32);
-    out[0] += c;
-    out[3] -= c;
-
-    c = in[5] - in[7];
-    out[1] += c;
-    out[2] -= c;
-
-    /* the remaining terms */
-    /* 256: [(0,1),(96,-1),(192,-1),(224,1)] */
-    out[1] -= (in[4] << 32);
-    out[3] += (in[4] << 32);
-
-    /* 320: [(32,1),(64,1),(128,-1),(160,-1),(224,-1)] */
-    out[2] -= (in[5] << 32);
-
-    /* 384: [(0,-1),(32,-1),(96,2),(128,2),(224,-1)] */
-    out[0] -= in[6];
-    out[0] -= (in[6] << 32);
-    out[1] += (in[6] << 33);
-    out[2] += (in[6] * 2);
-    out[3] -= (in[6] << 32);
-
-    /* 448: [(0,-1),(32,-1),(64,-1),(128,1),(160,2),(192,3)] */
-    out[0] -= in[7];
-    out[0] -= (in[7] << 32);
-    out[2] += (in[7] << 33);
-    out[3] += (in[7] * 3);
-}
-
-/*-
- * felem_reduce converts a longfelem into an felem.
- * To be called directly after felem_square or felem_mul.
- * On entry:
- *   in[0] < 2^64, in[1] < 3*2^64, in[2] < 5*2^64, in[3] < 7*2^64
- *   in[4] < 7*2^64, in[5] < 5*2^64, in[6] < 3*2^64, in[7] < 2*64
- * On exit:
- *   out[i] < 2^101
- */
-static void felem_reduce(felem out, const longfelem in)
-{
-    out[0] = zero100[0] + in[0];
-    out[1] = zero100[1] + in[1];
-    out[2] = zero100[2] + in[2];
-    out[3] = zero100[3] + in[3];
-
-    felem_reduce_(out, in);
-
-    /*-
-     * out[0] > 2^100 - 2^36 - 2^4 - 3*2^64 - 3*2^96 - 2^64 - 2^96 > 0
-     * out[1] > 2^100 - 2^64 - 7*2^96 > 0
-     * out[2] > 2^100 - 2^36 + 2^4 - 5*2^64 - 5*2^96 > 0
-     * out[3] > 2^100 - 2^36 + 2^4 - 7*2^64 - 5*2^96 - 3*2^96 > 0
-     *
-     * out[0] < 2^100 + 2^64 + 7*2^64 + 5*2^96 < 2^101
-     * out[1] < 2^100 + 3*2^64 + 5*2^64 + 3*2^97 < 2^101
-     * out[2] < 2^100 + 5*2^64 + 2^64 + 3*2^65 + 2^97 < 2^101
-     * out[3] < 2^100 + 7*2^64 + 7*2^96 + 3*2^64 < 2^101
-     */
-}
-
-/*-
- * felem_reduce_zero105 converts a larger longfelem into an felem.
- * On entry:
- *   in[0] < 2^71
- * On exit:
- *   out[i] < 2^106
- */
-static void felem_reduce_zero105(felem out, const longfelem in)
-{
-    out[0] = zero105[0] + in[0];
-    out[1] = zero105[1] + in[1];
-    out[2] = zero105[2] + in[2];
-    out[3] = zero105[3] + in[3];
-
-    felem_reduce_(out, in);
-
-    /*-
-     * out[0] > 2^105 - 2^41 - 2^9 - 2^71 - 2^103 - 2^71 - 2^103 > 0
-     * out[1] > 2^105 - 2^71 - 2^103 > 0
-     * out[2] > 2^105 - 2^41 + 2^9 - 2^71 - 2^103 > 0
-     * out[3] > 2^105 - 2^41 + 2^9 - 2^71 - 2^103 - 2^103 > 0
-     *
-     * out[0] < 2^105 + 2^71 + 2^71 + 2^103 < 2^106
-     * out[1] < 2^105 + 2^71 + 2^71 + 2^103 < 2^106
-     * out[2] < 2^105 + 2^71 + 2^71 + 2^71 + 2^103 < 2^106
-     * out[3] < 2^105 + 2^71 + 2^103 + 2^71 < 2^106
-     */
-}
-
-/*
- * subtract_u64 sets *result = *result - v and *carry to one if the
- * subtraction underflowed.
- */
-static void subtract_u64(u64 *result, u64 *carry, u64 v)
-{
-    uint128_t r = *result;
-    r -= v;
-    *carry = (r >> 64) & 1;
-    *result = (u64)r;
-}
-
-/*
- * felem_contract converts |in| to its unique, minimal representation. On
- * entry: in[i] < 2^109
- */
-static void felem_contract(smallfelem out, const felem in)
-{
-    unsigned i;
-    u64 all_equal_so_far = 0, result = 0, carry;
-
-    felem_shrink(out, in);
-    /* small is minimal except that the value might be > p */
-
-    all_equal_so_far--;
-    /*
-     * We are doing a constant time test if out >= kPrime. We need to compare
-     * each u64, from most-significant to least significant. For each one, if
-     * all words so far have been equal (m is all ones) then a non-equal
-     * result is the answer. Otherwise we continue.
-     */
-    for (i = 3; i < 4; i--) {
-        u64 equal;
-        uint128_t a = ((uint128_t) kPrime[i]) - out[i];
-        /*
-         * if out[i] > kPrime[i] then a will underflow and the high 64-bits
-         * will all be set.
-         */
-        result |= all_equal_so_far & ((u64)(a >> 64));
-
-        /*
-         * if kPrime[i] == out[i] then |equal| will be all zeros and the
-         * decrement will make it all ones.
-         */
-        equal = kPrime[i] ^ out[i];
-        equal--;
-        equal &= equal << 32;
-        equal &= equal << 16;
-        equal &= equal << 8;
-        equal &= equal << 4;
-        equal &= equal << 2;
-        equal &= equal << 1;
-        equal = ((s64) equal) >> 63;
-
-        all_equal_so_far &= equal;
-    }
-
-    /*
-     * if all_equal_so_far is still all ones then the two values are equal
-     * and so out >= kPrime is true.
-     */
-    result |= all_equal_so_far;
-
-    /* if out >= kPrime then we subtract kPrime. */
-    subtract_u64(&out[0], &carry, result & kPrime[0]);
-    subtract_u64(&out[1], &carry, carry);
-    subtract_u64(&out[2], &carry, carry);
-    subtract_u64(&out[3], &carry, carry);
-
-    subtract_u64(&out[1], &carry, result & kPrime[1]);
-    subtract_u64(&out[2], &carry, carry);
-    subtract_u64(&out[3], &carry, carry);
-
-    subtract_u64(&out[2], &carry, result & kPrime[2]);
-    subtract_u64(&out[3], &carry, carry);
-
-    subtract_u64(&out[3], &carry, result & kPrime[3]);
-}
-
-static void smallfelem_square_contract(smallfelem out, const smallfelem in)
-{
-    longfelem longtmp;
-    felem tmp;
-
-    smallfelem_square(longtmp, in);
-    felem_reduce(tmp, longtmp);
-    felem_contract(out, tmp);
-}
-
-static void smallfelem_mul_contract(smallfelem out, const smallfelem in1,
-                                    const smallfelem in2)
-{
-    longfelem longtmp;
-    felem tmp;
-
-    smallfelem_mul(longtmp, in1, in2);
-    felem_reduce(tmp, longtmp);
-    felem_contract(out, tmp);
-}
-
-/*-
- * felem_is_zero returns a limb with all bits set if |in| == 0 (mod p) and 0
- * otherwise.
- * On entry:
- *   small[i] < 2^64
- */
-static limb smallfelem_is_zero(const smallfelem small)
-{
-    limb result;
-    u64 is_p;
-
-    u64 is_zero = small[0] | small[1] | small[2] | small[3];
-    is_zero--;
-    is_zero &= is_zero << 32;
-    is_zero &= is_zero << 16;
-    is_zero &= is_zero << 8;
-    is_zero &= is_zero << 4;
-    is_zero &= is_zero << 2;
-    is_zero &= is_zero << 1;
-    is_zero = ((s64) is_zero) >> 63;
-
-    is_p = (small[0] ^ kPrime[0]) |
-        (small[1] ^ kPrime[1]) |
-        (small[2] ^ kPrime[2]) | (small[3] ^ kPrime[3]);
-    is_p--;
-    is_p &= is_p << 32;
-    is_p &= is_p << 16;
-    is_p &= is_p << 8;
-    is_p &= is_p << 4;
-    is_p &= is_p << 2;
-    is_p &= is_p << 1;
-    is_p = ((s64) is_p) >> 63;
-
-    is_zero |= is_p;
-
-    result = is_zero;
-    result |= ((limb) is_zero) << 64;
-    return result;
-}
-
-static int smallfelem_is_zero_int(const smallfelem small)
-{
-    return (int)(smallfelem_is_zero(small) & ((limb) 1));
-}
-
-/*-
- * felem_inv calculates |out| = |in|^{-1}
- *
- * Based on Fermat's Little Theorem:
- *   a^p = a (mod p)
- *   a^{p-1} = 1 (mod p)
- *   a^{p-2} = a^{-1} (mod p)
- */
-static void felem_inv(felem out, const felem in)
-{
-    felem ftmp, ftmp2;
-    /* each e_I will hold |in|^{2^I - 1} */
-    felem e2, e4, e8, e16, e32, e64;
-    longfelem tmp;
-    unsigned i;
-
-    felem_square(tmp, in);
-    felem_reduce(ftmp, tmp);    /* 2^1 */
-    felem_mul(tmp, in, ftmp);
-    felem_reduce(ftmp, tmp);    /* 2^2 - 2^0 */
-    felem_assign(e2, ftmp);
-    felem_square(tmp, ftmp);
-    felem_reduce(ftmp, tmp);    /* 2^3 - 2^1 */
-    felem_square(tmp, ftmp);
-    felem_reduce(ftmp, tmp);    /* 2^4 - 2^2 */
-    felem_mul(tmp, ftmp, e2);
-    felem_reduce(ftmp, tmp);    /* 2^4 - 2^0 */
-    felem_assign(e4, ftmp);
-    felem_square(tmp, ftmp);
-    felem_reduce(ftmp, tmp);    /* 2^5 - 2^1 */
-    felem_square(tmp, ftmp);
-    felem_reduce(ftmp, tmp);    /* 2^6 - 2^2 */
-    felem_square(tmp, ftmp);
-    felem_reduce(ftmp, tmp);    /* 2^7 - 2^3 */
-    felem_square(tmp, ftmp);
-    felem_reduce(ftmp, tmp);    /* 2^8 - 2^4 */
-    felem_mul(tmp, ftmp, e4);
-    felem_reduce(ftmp, tmp);    /* 2^8 - 2^0 */
-    felem_assign(e8, ftmp);
-    for (i = 0; i < 8; i++) {
-        felem_square(tmp, ftmp);
-        felem_reduce(ftmp, tmp);
-    }                           /* 2^16 - 2^8 */
-    felem_mul(tmp, ftmp, e8);
-    felem_reduce(ftmp, tmp);    /* 2^16 - 2^0 */
-    felem_assign(e16, ftmp);
-    for (i = 0; i < 16; i++) {
-        felem_square(tmp, ftmp);
-        felem_reduce(ftmp, tmp);
-    }                           /* 2^32 - 2^16 */
-    felem_mul(tmp, ftmp, e16);
-    felem_reduce(ftmp, tmp);    /* 2^32 - 2^0 */
-    felem_assign(e32, ftmp);
-    for (i = 0; i < 32; i++) {
-        felem_square(tmp, ftmp);
-        felem_reduce(ftmp, tmp);
-    }                           /* 2^64 - 2^32 */
-    felem_assign(e64, ftmp);
-    felem_mul(tmp, ftmp, in);
-    felem_reduce(ftmp, tmp);    /* 2^64 - 2^32 + 2^0 */
-    for (i = 0; i < 192; i++) {
-        felem_square(tmp, ftmp);
-        felem_reduce(ftmp, tmp);
-    }                           /* 2^256 - 2^224 + 2^192 */
-
-    felem_mul(tmp, e64, e32);
-    felem_reduce(ftmp2, tmp);   /* 2^64 - 2^0 */
-    for (i = 0; i < 16; i++) {
-        felem_square(tmp, ftmp2);
-        felem_reduce(ftmp2, tmp);
-    }                           /* 2^80 - 2^16 */
-    felem_mul(tmp, ftmp2, e16);
-    felem_reduce(ftmp2, tmp);   /* 2^80 - 2^0 */
-    for (i = 0; i < 8; i++) {
-        felem_square(tmp, ftmp2);
-        felem_reduce(ftmp2, tmp);
-    }                           /* 2^88 - 2^8 */
-    felem_mul(tmp, ftmp2, e8);
-    felem_reduce(ftmp2, tmp);   /* 2^88 - 2^0 */
-    for (i = 0; i < 4; i++) {
-        felem_square(tmp, ftmp2);
-        felem_reduce(ftmp2, tmp);
-    }                           /* 2^92 - 2^4 */
-    felem_mul(tmp, ftmp2, e4);
-    felem_reduce(ftmp2, tmp);   /* 2^92 - 2^0 */
-    felem_square(tmp, ftmp2);
-    felem_reduce(ftmp2, tmp);   /* 2^93 - 2^1 */
-    felem_square(tmp, ftmp2);
-    felem_reduce(ftmp2, tmp);   /* 2^94 - 2^2 */
-    felem_mul(tmp, ftmp2, e2);
-    felem_reduce(ftmp2, tmp);   /* 2^94 - 2^0 */
-    felem_square(tmp, ftmp2);
-    felem_reduce(ftmp2, tmp);   /* 2^95 - 2^1 */
-    felem_square(tmp, ftmp2);
-    felem_reduce(ftmp2, tmp);   /* 2^96 - 2^2 */
-    felem_mul(tmp, ftmp2, in);
-    felem_reduce(ftmp2, tmp);   /* 2^96 - 3 */
-
-    felem_mul(tmp, ftmp2, ftmp);
-    felem_reduce(out, tmp);     /* 2^256 - 2^224 + 2^192 + 2^96 - 3 */
-}
-
-static void smallfelem_inv_contract(smallfelem out, const smallfelem in)
-{
-    felem tmp;
-
-    smallfelem_expand(tmp, in);
-    felem_inv(tmp, tmp);
-    felem_contract(out, tmp);
-}
-
-/*-
- * Group operations
- * ----------------
- *
- * Building on top of the field operations we have the operations on the
- * elliptic curve group itself. Points on the curve are represented in Jacobian
- * coordinates
- */
-
-/*-
- * point_double calculates 2*(x_in, y_in, z_in)
- *
- * The method is taken from:
- *   http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#doubling-dbl-2001-b
- *
- * Outputs can equal corresponding inputs, i.e., x_out == x_in is allowed.
- * while x_out == y_in is not (maybe this works, but it's not tested).
- */
-static void
-point_double(felem x_out, felem y_out, felem z_out,
-             const felem x_in, const felem y_in, const felem z_in)
-{
-    longfelem tmp, tmp2;
-    felem delta, gamma, beta, alpha, ftmp, ftmp2;
-    smallfelem small1, small2;
-
-    felem_assign(ftmp, x_in);
-    /* ftmp[i] < 2^106 */
-    felem_assign(ftmp2, x_in);
-    /* ftmp2[i] < 2^106 */
-
-    /* delta = z^2 */
-    felem_square(tmp, z_in);
-    felem_reduce(delta, tmp);
-    /* delta[i] < 2^101 */
-
-    /* gamma = y^2 */
-    felem_square(tmp, y_in);
-    felem_reduce(gamma, tmp);
-    /* gamma[i] < 2^101 */
-    felem_shrink(small1, gamma);
-
-    /* beta = x*gamma */
-    felem_small_mul(tmp, small1, x_in);
-    felem_reduce(beta, tmp);
-    /* beta[i] < 2^101 */
-
-    /* alpha = 3*(x-delta)*(x+delta) */
-    felem_diff(ftmp, delta);
-    /* ftmp[i] < 2^105 + 2^106 < 2^107 */
-    felem_sum(ftmp2, delta);
-    /* ftmp2[i] < 2^105 + 2^106 < 2^107 */
-    felem_scalar(ftmp2, 3);
-    /* ftmp2[i] < 3 * 2^107 < 2^109 */
-    felem_mul(tmp, ftmp, ftmp2);
-    felem_reduce(alpha, tmp);
-    /* alpha[i] < 2^101 */
-    felem_shrink(small2, alpha);
-
-    /* x' = alpha^2 - 8*beta */
-    smallfelem_square(tmp, small2);
-    felem_reduce(x_out, tmp);
-    felem_assign(ftmp, beta);
-    felem_scalar(ftmp, 8);
-    /* ftmp[i] < 8 * 2^101 = 2^104 */
-    felem_diff(x_out, ftmp);
-    /* x_out[i] < 2^105 + 2^101 < 2^106 */
-
-    /* z' = (y + z)^2 - gamma - delta */
-    felem_sum(delta, gamma);
-    /* delta[i] < 2^101 + 2^101 = 2^102 */
-    felem_assign(ftmp, y_in);
-    felem_sum(ftmp, z_in);
-    /* ftmp[i] < 2^106 + 2^106 = 2^107 */
-    felem_square(tmp, ftmp);
-    felem_reduce(z_out, tmp);
-    felem_diff(z_out, delta);
-    /* z_out[i] < 2^105 + 2^101 < 2^106 */
-
-    /* y' = alpha*(4*beta - x') - 8*gamma^2 */
-    felem_scalar(beta, 4);
-    /* beta[i] < 4 * 2^101 = 2^103 */
-    felem_diff_zero107(beta, x_out);
-    /* beta[i] < 2^107 + 2^103 < 2^108 */
-    felem_small_mul(tmp, small2, beta);
-    /* tmp[i] < 7 * 2^64 < 2^67 */
-    smallfelem_square(tmp2, small1);
-    /* tmp2[i] < 7 * 2^64 */
-    longfelem_scalar(tmp2, 8);
-    /* tmp2[i] < 8 * 7 * 2^64 = 7 * 2^67 */
-    longfelem_diff(tmp, tmp2);
-    /* tmp[i] < 2^67 + 2^70 + 2^40 < 2^71 */
-    felem_reduce_zero105(y_out, tmp);
-    /* y_out[i] < 2^106 */
-}
-
-/*
- * point_double_small is the same as point_double, except that it operates on
- * smallfelems
- */
-static void
-point_double_small(smallfelem x_out, smallfelem y_out, smallfelem z_out,
-                   const smallfelem x_in, const smallfelem y_in,
-                   const smallfelem z_in)
-{
-    felem felem_x_out, felem_y_out, felem_z_out;
-    felem felem_x_in, felem_y_in, felem_z_in;
-
-    smallfelem_expand(felem_x_in, x_in);
-    smallfelem_expand(felem_y_in, y_in);
-    smallfelem_expand(felem_z_in, z_in);
-    point_double(felem_x_out, felem_y_out, felem_z_out,
-                 felem_x_in, felem_y_in, felem_z_in);
-    felem_shrink(x_out, felem_x_out);
-    felem_shrink(y_out, felem_y_out);
-    felem_shrink(z_out, felem_z_out);
-}
-
-/* copy_conditional copies in to out iff mask is all ones. */
-static void copy_conditional(felem out, const felem in, limb mask)
-{
-    unsigned i;
-    for (i = 0; i < NLIMBS; ++i) {
-        const limb tmp = mask & (in[i] ^ out[i]);
-        out[i] ^= tmp;
-    }
-}
-
-/* copy_small_conditional copies in to out iff mask is all ones. */
-static void copy_small_conditional(felem out, const smallfelem in, limb mask)
-{
-    unsigned i;
-    const u64 mask64 = mask;
-    for (i = 0; i < NLIMBS; ++i) {
-        out[i] = ((limb) (in[i] & mask64)) | (out[i] & ~mask);
-    }
-}
-
-/*-
- * point_add calcuates (x1, y1, z1) + (x2, y2, z2)
- *
- * The method is taken from:
- *   http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#addition-add-2007-bl,
- * adapted for mixed addition (z2 = 1, or z2 = 0 for the point at infinity).
- *
- * This function includes a branch for checking whether the two input points
- * are equal, (while not equal to the point at infinity). This case never
- * happens during single point multiplication, so there is no timing leak for
- * ECDH or ECDSA signing.
- */
-static void point_add(felem x3, felem y3, felem z3,
-                      const felem x1, const felem y1, const felem z1,
-                      const int mixed, const smallfelem x2,
-                      const smallfelem y2, const smallfelem z2)
-{
-    felem ftmp, ftmp2, ftmp3, ftmp4, ftmp5, ftmp6, x_out, y_out, z_out;
-    longfelem tmp, tmp2;
-    smallfelem small1, small2, small3, small4, small5;
-    limb x_equal, y_equal, z1_is_zero, z2_is_zero;
-
-    felem_shrink(small3, z1);
-
-    z1_is_zero = smallfelem_is_zero(small3);
-    z2_is_zero = smallfelem_is_zero(z2);
-
-    /* ftmp = z1z1 = z1**2 */
-    smallfelem_square(tmp, small3);
-    felem_reduce(ftmp, tmp);
-    /* ftmp[i] < 2^101 */
-    felem_shrink(small1, ftmp);
-
-    if (!mixed) {
-        /* ftmp2 = z2z2 = z2**2 */
-        smallfelem_square(tmp, z2);
-        felem_reduce(ftmp2, tmp);
-        /* ftmp2[i] < 2^101 */
-        felem_shrink(small2, ftmp2);
-
-        felem_shrink(small5, x1);
-
-        /* u1 = ftmp3 = x1*z2z2 */
-        smallfelem_mul(tmp, small5, small2);
-        felem_reduce(ftmp3, tmp);
-        /* ftmp3[i] < 2^101 */
-
-        /* ftmp5 = z1 + z2 */
-        felem_assign(ftmp5, z1);
-        felem_small_sum(ftmp5, z2);
-        /* ftmp5[i] < 2^107 */
-
-        /* ftmp5 = (z1 + z2)**2 - (z1z1 + z2z2) = 2z1z2 */
-        felem_square(tmp, ftmp5);
-        felem_reduce(ftmp5, tmp);
-        /* ftmp2 = z2z2 + z1z1 */
-        felem_sum(ftmp2, ftmp);
-        /* ftmp2[i] < 2^101 + 2^101 = 2^102 */
-        felem_diff(ftmp5, ftmp2);
-        /* ftmp5[i] < 2^105 + 2^101 < 2^106 */
-
-        /* ftmp2 = z2 * z2z2 */
-        smallfelem_mul(tmp, small2, z2);
-        felem_reduce(ftmp2, tmp);
-
-        /* s1 = ftmp2 = y1 * z2**3 */
-        felem_mul(tmp, y1, ftmp2);
-        felem_reduce(ftmp6, tmp);
-        /* ftmp6[i] < 2^101 */
-    } else {
-        /*
-         * We'll assume z2 = 1 (special case z2 = 0 is handled later)
-         */
-
-        /* u1 = ftmp3 = x1*z2z2 */
-        felem_assign(ftmp3, x1);
-        /* ftmp3[i] < 2^106 */
-
-        /* ftmp5 = 2z1z2 */
-        felem_assign(ftmp5, z1);
-        felem_scalar(ftmp5, 2);
-        /* ftmp5[i] < 2*2^106 = 2^107 */
-
-        /* s1 = ftmp2 = y1 * z2**3 */
-        felem_assign(ftmp6, y1);
-        /* ftmp6[i] < 2^106 */
-    }
-
-    /* u2 = x2*z1z1 */
-    smallfelem_mul(tmp, x2, small1);
-    felem_reduce(ftmp4, tmp);
-
-    /* h = ftmp4 = u2 - u1 */
-    felem_diff_zero107(ftmp4, ftmp3);
-    /* ftmp4[i] < 2^107 + 2^101 < 2^108 */
-    felem_shrink(small4, ftmp4);
-
-    x_equal = smallfelem_is_zero(small4);
-
-    /* z_out = ftmp5 * h */
-    felem_small_mul(tmp, small4, ftmp5);
-    felem_reduce(z_out, tmp);
-    /* z_out[i] < 2^101 */
-
-    /* ftmp = z1 * z1z1 */
-    smallfelem_mul(tmp, small1, small3);
-    felem_reduce(ftmp, tmp);
-
-    /* s2 = tmp = y2 * z1**3 */
-    felem_small_mul(tmp, y2, ftmp);
-    felem_reduce(ftmp5, tmp);
-
-    /* r = ftmp5 = (s2 - s1)*2 */
-    felem_diff_zero107(ftmp5, ftmp6);
-    /* ftmp5[i] < 2^107 + 2^107 = 2^108 */
-    felem_scalar(ftmp5, 2);
-    /* ftmp5[i] < 2^109 */
-    felem_shrink(small1, ftmp5);
-    y_equal = smallfelem_is_zero(small1);
-
-    if (x_equal && y_equal && !z1_is_zero && !z2_is_zero) {
-        point_double(x3, y3, z3, x1, y1, z1);
-        return;
-    }
-
-    /* I = ftmp = (2h)**2 */
-    felem_assign(ftmp, ftmp4);
-    felem_scalar(ftmp, 2);
-    /* ftmp[i] < 2*2^108 = 2^109 */
-    felem_square(tmp, ftmp);
-    felem_reduce(ftmp, tmp);
-
-    /* J = ftmp2 = h * I */
-    felem_mul(tmp, ftmp4, ftmp);
-    felem_reduce(ftmp2, tmp);
-
-    /* V = ftmp4 = U1 * I */
-    felem_mul(tmp, ftmp3, ftmp);
-    felem_reduce(ftmp4, tmp);
-
-    /* x_out = r**2 - J - 2V */
-    smallfelem_square(tmp, small1);
-    felem_reduce(x_out, tmp);
-    felem_assign(ftmp3, ftmp4);
-    felem_scalar(ftmp4, 2);
-    felem_sum(ftmp4, ftmp2);
-    /* ftmp4[i] < 2*2^101 + 2^101 < 2^103 */
-    felem_diff(x_out, ftmp4);
-    /* x_out[i] < 2^105 + 2^101 */
-
-    /* y_out = r(V-x_out) - 2 * s1 * J */
-    felem_diff_zero107(ftmp3, x_out);
-    /* ftmp3[i] < 2^107 + 2^101 < 2^108 */
-    felem_small_mul(tmp, small1, ftmp3);
-    felem_mul(tmp2, ftmp6, ftmp2);
-    longfelem_scalar(tmp2, 2);
-    /* tmp2[i] < 2*2^67 = 2^68 */
-    longfelem_diff(tmp, tmp2);
-    /* tmp[i] < 2^67 + 2^70 + 2^40 < 2^71 */
-    felem_reduce_zero105(y_out, tmp);
-    /* y_out[i] < 2^106 */
-
-    copy_small_conditional(x_out, x2, z1_is_zero);
-    copy_conditional(x_out, x1, z2_is_zero);
-    copy_small_conditional(y_out, y2, z1_is_zero);
-    copy_conditional(y_out, y1, z2_is_zero);
-    copy_small_conditional(z_out, z2, z1_is_zero);
-    copy_conditional(z_out, z1, z2_is_zero);
-    felem_assign(x3, x_out);
-    felem_assign(y3, y_out);
-    felem_assign(z3, z_out);
-}
-
-/*
- * point_add_small is the same as point_add, except that it operates on
- * smallfelems
- */
-static void point_add_small(smallfelem x3, smallfelem y3, smallfelem z3,
-                            smallfelem x1, smallfelem y1, smallfelem z1,
-                            smallfelem x2, smallfelem y2, smallfelem z2)
-{
-    felem felem_x3, felem_y3, felem_z3;
-    felem felem_x1, felem_y1, felem_z1;
-    smallfelem_expand(felem_x1, x1);
-    smallfelem_expand(felem_y1, y1);
-    smallfelem_expand(felem_z1, z1);
-    point_add(felem_x3, felem_y3, felem_z3, felem_x1, felem_y1, felem_z1, 0,
-              x2, y2, z2);
-    felem_shrink(x3, felem_x3);
-    felem_shrink(y3, felem_y3);
-    felem_shrink(z3, felem_z3);
-}
-
-/*-
- * Base point pre computation
- * --------------------------
- *
- * Two different sorts of precomputed tables are used in the following code.
- * Each contain various points on the curve, where each point is three field
- * elements (x, y, z).
- *
- * For the base point table, z is usually 1 (0 for the point at infinity).
- * This table has 2 * 16 elements, starting with the following:
- * index | bits    | point
- * ------+---------+------------------------------
- *     0 | 0 0 0 0 | 0G
- *     1 | 0 0 0 1 | 1G
- *     2 | 0 0 1 0 | 2^64G
- *     3 | 0 0 1 1 | (2^64 + 1)G
- *     4 | 0 1 0 0 | 2^128G
- *     5 | 0 1 0 1 | (2^128 + 1)G
- *     6 | 0 1 1 0 | (2^128 + 2^64)G
- *     7 | 0 1 1 1 | (2^128 + 2^64 + 1)G
- *     8 | 1 0 0 0 | 2^192G
- *     9 | 1 0 0 1 | (2^192 + 1)G
- *    10 | 1 0 1 0 | (2^192 + 2^64)G
- *    11 | 1 0 1 1 | (2^192 + 2^64 + 1)G
- *    12 | 1 1 0 0 | (2^192 + 2^128)G
- *    13 | 1 1 0 1 | (2^192 + 2^128 + 1)G
- *    14 | 1 1 1 0 | (2^192 + 2^128 + 2^64)G
- *    15 | 1 1 1 1 | (2^192 + 2^128 + 2^64 + 1)G
- * followed by a copy of this with each element multiplied by 2^32.
- *
- * The reason for this is so that we can clock bits into four different
- * locations when doing simple scalar multiplies against the base point,
- * and then another four locations using the second 16 elements.
- *
- * Tables for other points have table[i] = iG for i in 0 .. 16. */
-
-/* gmul is the table of precomputed base points */
-static const smallfelem gmul[2][16][3] = {
-    {{{0, 0, 0, 0},
-      {0, 0, 0, 0},
-      {0, 0, 0, 0}},
-     {{0xf4a13945d898c296, 0x77037d812deb33a0, 0xf8bce6e563a440f2,
-       0x6b17d1f2e12c4247},
-      {0xcbb6406837bf51f5, 0x2bce33576b315ece, 0x8ee7eb4a7c0f9e16,
-       0x4fe342e2fe1a7f9b},
-      {1, 0, 0, 0}},
-     {{0x90e75cb48e14db63, 0x29493baaad651f7e, 0x8492592e326e25de,
-       0x0fa822bc2811aaa5},
-      {0xe41124545f462ee7, 0x34b1a65050fe82f5, 0x6f4ad4bcb3df188b,
-       0xbff44ae8f5dba80d},
-      {1, 0, 0, 0}},
-     {{0x93391ce2097992af, 0xe96c98fd0d35f1fa, 0xb257c0de95e02789,
-       0x300a4bbc89d6726f},
-      {0xaa54a291c08127a0, 0x5bb1eeada9d806a5, 0x7f1ddb25ff1e3c6f,
-       0x72aac7e0d09b4644},
-      {1, 0, 0, 0}},
-     {{0x57c84fc9d789bd85, 0xfc35ff7dc297eac3, 0xfb982fd588c6766e,
-       0x447d739beedb5e67},
-      {0x0c7e33c972e25b32, 0x3d349b95a7fae500, 0xe12e9d953a4aaff7,
-       0x2d4825ab834131ee},
-      {1, 0, 0, 0}},
-     {{0x13949c932a1d367f, 0xef7fbd2b1a0a11b7, 0xddc6068bb91dfc60,
-       0xef9519328a9c72ff},
-      {0x196035a77376d8a8, 0x23183b0895ca1740, 0xc1ee9807022c219c,
-       0x611e9fc37dbb2c9b},
-      {1, 0, 0, 0}},
-     {{0xcae2b1920b57f4bc, 0x2936df5ec6c9bc36, 0x7dea6482e11238bf,
-       0x550663797b51f5d8},
-      {0x44ffe216348a964c, 0x9fb3d576dbdefbe1, 0x0afa40018d9d50e5,
-       0x157164848aecb851},
-      {1, 0, 0, 0}},
-     {{0xe48ecafffc5cde01, 0x7ccd84e70d715f26, 0xa2e8f483f43e4391,
-       0xeb5d7745b21141ea},
-      {0xcac917e2731a3479, 0x85f22cfe2844b645, 0x0990e6a158006cee,
-       0xeafd72ebdbecc17b},
-      {1, 0, 0, 0}},
-     {{0x6cf20ffb313728be, 0x96439591a3c6b94a, 0x2736ff8344315fc5,
-       0xa6d39677a7849276},
-      {0xf2bab833c357f5f4, 0x824a920c2284059b, 0x66b8babd2d27ecdf,
-       0x674f84749b0b8816},
-      {1, 0, 0, 0}},
-     {{0x2df48c04677c8a3e, 0x74e02f080203a56b, 0x31855f7db8c7fedb,
-       0x4e769e7672c9ddad},
-      {0xa4c36165b824bbb0, 0xfb9ae16f3b9122a5, 0x1ec0057206947281,
-       0x42b99082de830663},
-      {1, 0, 0, 0}},
-     {{0x6ef95150dda868b9, 0xd1f89e799c0ce131, 0x7fdc1ca008a1c478,
-       0x78878ef61c6ce04d},
-      {0x9c62b9121fe0d976, 0x6ace570ebde08d4f, 0xde53142c12309def,
-       0xb6cb3f5d7b72c321},
-      {1, 0, 0, 0}},
-     {{0x7f991ed2c31a3573, 0x5b82dd5bd54fb496, 0x595c5220812ffcae,
-       0x0c88bc4d716b1287},
-      {0x3a57bf635f48aca8, 0x7c8181f4df2564f3, 0x18d1b5b39c04e6aa,
-       0xdd5ddea3f3901dc6},
-      {1, 0, 0, 0}},
-     {{0xe96a79fb3e72ad0c, 0x43a0a28c42ba792f, 0xefe0a423083e49f3,
-       0x68f344af6b317466},
-      {0xcdfe17db3fb24d4a, 0x668bfc2271f5c626, 0x604ed93c24d67ff3,
-       0x31b9c405f8540a20},
-      {1, 0, 0, 0}},
-     {{0xd36b4789a2582e7f, 0x0d1a10144ec39c28, 0x663c62c3edbad7a0,
-       0x4052bf4b6f461db9},
-      {0x235a27c3188d25eb, 0xe724f33999bfcc5b, 0x862be6bd71d70cc8,
-       0xfecf4d5190b0fc61},
-      {1, 0, 0, 0}},
-     {{0x74346c10a1d4cfac, 0xafdf5cc08526a7a4, 0x123202a8f62bff7a,
-       0x1eddbae2c802e41a},
-      {0x8fa0af2dd603f844, 0x36e06b7e4c701917, 0x0c45f45273db33a0,
-       0x43104d86560ebcfc},
-      {1, 0, 0, 0}},
-     {{0x9615b5110d1d78e5, 0x66b0de3225c4744b, 0x0a4a46fb6aaf363a,
-       0xb48e26b484f7a21c},
-      {0x06ebb0f621a01b2d, 0xc004e4048b7b0f98, 0x64131bcdfed6f668,
-       0xfac015404d4d3dab},
-      {1, 0, 0, 0}}},
-    {{{0, 0, 0, 0},
-      {0, 0, 0, 0},
-      {0, 0, 0, 0}},
-     {{0x3a5a9e22185a5943, 0x1ab919365c65dfb6, 0x21656b32262c71da,
-       0x7fe36b40af22af89},
-      {0xd50d152c699ca101, 0x74b3d5867b8af212, 0x9f09f40407dca6f1,
-       0xe697d45825b63624},
-      {1, 0, 0, 0}},
-     {{0xa84aa9397512218e, 0xe9a521b074ca0141, 0x57880b3a18a2e902,
-       0x4a5b506612a677a6},
-      {0x0beada7a4c4f3840, 0x626db15419e26d9d, 0xc42604fbe1627d40,
-       0xeb13461ceac089f1},
-      {1, 0, 0, 0}},
-     {{0xf9faed0927a43281, 0x5e52c4144103ecbc, 0xc342967aa815c857,
-       0x0781b8291c6a220a},
-      {0x5a8343ceeac55f80, 0x88f80eeee54a05e3, 0x97b2a14f12916434,
-       0x690cde8df0151593},
-      {1, 0, 0, 0}},
-     {{0xaee9c75df7f82f2a, 0x9e4c35874afdf43a, 0xf5622df437371326,
-       0x8a535f566ec73617},
-      {0xc5f9a0ac223094b7, 0xcde533864c8c7669, 0x37e02819085a92bf,
-       0x0455c08468b08bd7},
-      {1, 0, 0, 0}},
-     {{0x0c0a6e2c9477b5d9, 0xf9a4bf62876dc444, 0x5050a949b6cdc279,
-       0x06bada7ab77f8276},
-      {0xc8b4aed1ea48dac9, 0xdebd8a4b7ea1070f, 0x427d49101366eb70,
-       0x5b476dfd0e6cb18a},
-      {1, 0, 0, 0}},
-     {{0x7c5c3e44278c340a, 0x4d54606812d66f3b, 0x29a751b1ae23c5d8,
-       0x3e29864e8a2ec908},
-      {0x142d2a6626dbb850, 0xad1744c4765bd780, 0x1f150e68e322d1ed,
-       0x239b90ea3dc31e7e},
-      {1, 0, 0, 0}},
-     {{0x78c416527a53322a, 0x305dde6709776f8e, 0xdbcab759f8862ed4,
-       0x820f4dd949f72ff7},
-      {0x6cc544a62b5debd4, 0x75be5d937b4e8cc4, 0x1b481b1b215c14d3,
-       0x140406ec783a05ec},
-      {1, 0, 0, 0}},
-     {{0x6a703f10e895df07, 0xfd75f3fa01876bd8, 0xeb5b06e70ce08ffe,
-       0x68f6b8542783dfee},
-      {0x90c76f8a78712655, 0xcf5293d2f310bf7f, 0xfbc8044dfda45028,
-       0xcbe1feba92e40ce6},
-      {1, 0, 0, 0}},
-     {{0xe998ceea4396e4c1, 0xfc82ef0b6acea274, 0x230f729f2250e927,
-       0xd0b2f94d2f420109},
-      {0x4305adddb38d4966, 0x10b838f8624c3b45, 0x7db2636658954e7a,
-       0x971459828b0719e5},
-      {1, 0, 0, 0}},
-     {{0x4bd6b72623369fc9, 0x57f2929e53d0b876, 0xc2d5cba4f2340687,
-       0x961610004a866aba},
-      {0x49997bcd2e407a5e, 0x69ab197d92ddcb24, 0x2cf1f2438fe5131c,
-       0x7acb9fadcee75e44},
-      {1, 0, 0, 0}},
-     {{0x254e839423d2d4c0, 0xf57f0c917aea685b, 0xa60d880f6f75aaea,
-       0x24eb9acca333bf5b},
-      {0xe3de4ccb1cda5dea, 0xfeef9341c51a6b4f, 0x743125f88bac4c4d,
-       0x69f891c5acd079cc},
-      {1, 0, 0, 0}},
-     {{0xeee44b35702476b5, 0x7ed031a0e45c2258, 0xb422d1e7bd6f8514,
-       0xe51f547c5972a107},
-      {0xa25bcd6fc9cf343d, 0x8ca922ee097c184e, 0xa62f98b3a9fe9a06,
-       0x1c309a2b25bb1387},
-      {1, 0, 0, 0}},
-     {{0x9295dbeb1967c459, 0xb00148833472c98e, 0xc504977708011828,
-       0x20b87b8aa2c4e503},
-      {0x3063175de057c277, 0x1bd539338fe582dd, 0x0d11adef5f69a044,
-       0xf5c6fa49919776be},
-      {1, 0, 0, 0}},
-     {{0x8c944e760fd59e11, 0x3876cba1102fad5f, 0xa454c3fad83faa56,
-       0x1ed7d1b9332010b9},
-      {0xa1011a270024b889, 0x05e4d0dcac0cd344, 0x52b520f0eb6a2a24,
-       0x3a2b03f03217257a},
-      {1, 0, 0, 0}},
-     {{0xf20fc2afdf1d043d, 0xf330240db58d5a62, 0xfc7d229ca0058c3b,
-       0x15fee545c78dd9f6},
-      {0x501e82885bc98cda, 0x41ef80e5d046ac04, 0x557d9f49461210fb,
-       0x4ab5b6b2b8753f81},
-      {1, 0, 0, 0}}}
-};
-
-/*
- * select_point selects the |idx|th point from a precomputation table and
- * copies it to out.
- */
-static void select_point(const u64 idx, unsigned int size,
-                         const smallfelem pre_comp[16][3], smallfelem out[3])
-{
-    unsigned i, j;
-    u64 *outlimbs = &out[0][0];
-    memset(outlimbs, 0, 3 * sizeof(smallfelem));
-
-    for (i = 0; i < size; i++) {
-        const u64 *inlimbs = (u64 *)&pre_comp[i][0][0];
-        u64 mask = i ^ idx;
-        mask |= mask >> 4;
-        mask |= mask >> 2;
-        mask |= mask >> 1;
-        mask &= 1;
-        mask--;
-        for (j = 0; j < NLIMBS * 3; j++)
-            outlimbs[j] |= inlimbs[j] & mask;
-    }
-}
-
-/* get_bit returns the |i|th bit in |in| */
-static char get_bit(const felem_bytearray in, int i)
-{
-    if ((i < 0) || (i >= 256))
-        return 0;
-    return (in[i >> 3] >> (i & 7)) & 1;
-}
-
-/*
- * Interleaved point multiplication using precomputed point multiples: The
- * small point multiples 0*P, 1*P, ..., 17*P are in pre_comp[], the scalars
- * in scalars[]. If g_scalar is non-NULL, we also add this multiple of the
- * generator, using certain (large) precomputed multiples in g_pre_comp.
- * Output point (X, Y, Z) is stored in x_out, y_out, z_out
- */
-static void batch_mul(felem x_out, felem y_out, felem z_out,
-                      const felem_bytearray scalars[],
-                      const unsigned num_points, const u8 *g_scalar,
-                      const int mixed, const smallfelem pre_comp[][17][3],
-                      const smallfelem g_pre_comp[2][16][3])
-{
-    int i, skip;
-    unsigned num, gen_mul = (g_scalar != NULL);
-    felem nq[3], ftmp;
-    smallfelem tmp[3];
-    u64 bits;
-    u8 sign, digit;
-
-    /* set nq to the point at infinity */
-    memset(nq, 0, 3 * sizeof(felem));
-
-    /*
-     * Loop over all scalars msb-to-lsb, interleaving additions of multiples
-     * of the generator (two in each of the last 32 rounds) and additions of
-     * other points multiples (every 5th round).
-     */
-    skip = 1;                   /* save two point operations in the first
-                                 * round */
-    for (i = (num_points ? 255 : 31); i >= 0; --i) {
-        /* double */
-        if (!skip)
-            point_double(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2]);
-
-        /* add multiples of the generator */
-        if (gen_mul && (i <= 31)) {
-            /* first, look 32 bits upwards */
-            bits = get_bit(g_scalar, i + 224) << 3;
-            bits |= get_bit(g_scalar, i + 160) << 2;
-            bits |= get_bit(g_scalar, i + 96) << 1;
-            bits |= get_bit(g_scalar, i + 32);
-            /* select the point to add, in constant time */
-            select_point(bits, 16, g_pre_comp[1], tmp);
-
-            if (!skip) {
-                /* Arg 1 below is for "mixed" */
-                point_add(nq[0], nq[1], nq[2],
-                          nq[0], nq[1], nq[2], 1, tmp[0], tmp[1], tmp[2]);
-            } else {
-                smallfelem_expand(nq[0], tmp[0]);
-                smallfelem_expand(nq[1], tmp[1]);
-                smallfelem_expand(nq[2], tmp[2]);
-                skip = 0;
-            }
-
-            /* second, look at the current position */
-            bits = get_bit(g_scalar, i + 192) << 3;
-            bits |= get_bit(g_scalar, i + 128) << 2;
-            bits |= get_bit(g_scalar, i + 64) << 1;
-            bits |= get_bit(g_scalar, i);
-            /* select the point to add, in constant time */
-            select_point(bits, 16, g_pre_comp[0], tmp);
-            /* Arg 1 below is for "mixed" */
-            point_add(nq[0], nq[1], nq[2],
-                      nq[0], nq[1], nq[2], 1, tmp[0], tmp[1], tmp[2]);
-        }
-
-        /* do other additions every 5 doublings */
-        if (num_points && (i % 5 == 0)) {
-            /* loop over all scalars */
-            for (num = 0; num < num_points; ++num) {
-                bits = get_bit(scalars[num], i + 4) << 5;
-                bits |= get_bit(scalars[num], i + 3) << 4;
-                bits |= get_bit(scalars[num], i + 2) << 3;
-                bits |= get_bit(scalars[num], i + 1) << 2;
-                bits |= get_bit(scalars[num], i) << 1;
-                bits |= get_bit(scalars[num], i - 1);
-                ec_GFp_nistp_recode_scalar_bits(&sign, &digit, bits);
-
-                /*
-                 * select the point to add or subtract, in constant time
-                 */
-                select_point(digit, 17, pre_comp[num], tmp);
-                smallfelem_neg(ftmp, tmp[1]); /* (X, -Y, Z) is the negative
-                                               * point */
-                copy_small_conditional(ftmp, tmp[1], (((limb) sign) - 1));
-                felem_contract(tmp[1], ftmp);
-
-                if (!skip) {
-                    point_add(nq[0], nq[1], nq[2],
-                              nq[0], nq[1], nq[2],
-                              mixed, tmp[0], tmp[1], tmp[2]);
-                } else {
-                    smallfelem_expand(nq[0], tmp[0]);
-                    smallfelem_expand(nq[1], tmp[1]);
-                    smallfelem_expand(nq[2], tmp[2]);
-                    skip = 0;
-                }
-            }
-        }
-    }
-    felem_assign(x_out, nq[0]);
-    felem_assign(y_out, nq[1]);
-    felem_assign(z_out, nq[2]);
-}
-
-/* Precomputation for the group generator. */
-typedef struct {
-    smallfelem g_pre_comp[2][16][3];
-    int references;
-} NISTP256_PRE_COMP;
-
-const EC_METHOD *EC_GFp_nistp256_method(void)
-{
-    static const EC_METHOD ret = {
-        EC_FLAGS_DEFAULT_OCT,
-        NID_X9_62_prime_field,
-        ec_GFp_nistp256_group_init,
-        ec_GFp_simple_group_finish,
-        ec_GFp_simple_group_clear_finish,
-        ec_GFp_nist_group_copy,
-        ec_GFp_nistp256_group_set_curve,
-        ec_GFp_simple_group_get_curve,
-        ec_GFp_simple_group_get_degree,
-        ec_GFp_simple_group_check_discriminant,
-        ec_GFp_simple_point_init,
-        ec_GFp_simple_point_finish,
-        ec_GFp_simple_point_clear_finish,
-        ec_GFp_simple_point_copy,
-        ec_GFp_simple_point_set_to_infinity,
-        ec_GFp_simple_set_Jprojective_coordinates_GFp,
-        ec_GFp_simple_get_Jprojective_coordinates_GFp,
-        ec_GFp_simple_point_set_affine_coordinates,
-        ec_GFp_nistp256_point_get_affine_coordinates,
-        0 /* point_set_compressed_coordinates */ ,
-        0 /* point2oct */ ,
-        0 /* oct2point */ ,
-        ec_GFp_simple_add,
-        ec_GFp_simple_dbl,
-        ec_GFp_simple_invert,
-        ec_GFp_simple_is_at_infinity,
-        ec_GFp_simple_is_on_curve,
-        ec_GFp_simple_cmp,
-        ec_GFp_simple_make_affine,
-        ec_GFp_simple_points_make_affine,
-        ec_GFp_nistp256_points_mul,
-        ec_GFp_nistp256_precompute_mult,
-        ec_GFp_nistp256_have_precompute_mult,
-        ec_GFp_nist_field_mul,
-        ec_GFp_nist_field_sqr,
-        0 /* field_div */ ,
-        0 /* field_encode */ ,
-        0 /* field_decode */ ,
-        0                       /* field_set_to_one */
-    };
-
-    return &ret;
-}
-
-/******************************************************************************/
-/*
- * FUNCTIONS TO MANAGE PRECOMPUTATION
- */
-
-static NISTP256_PRE_COMP *nistp256_pre_comp_new()
-{
-    NISTP256_PRE_COMP *ret = NULL;
-    ret = (NISTP256_PRE_COMP *) OPENSSL_malloc(sizeof *ret);
-    if (!ret) {
-        ECerr(EC_F_NISTP256_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
-        return ret;
-    }
-    memset(ret->g_pre_comp, 0, sizeof(ret->g_pre_comp));
-    ret->references = 1;
-    return ret;
-}
-
-static void *nistp256_pre_comp_dup(void *src_)
-{
-    NISTP256_PRE_COMP *src = src_;
-
-    /* no need to actually copy, these objects never change! */
-    CRYPTO_add(&src->references, 1, CRYPTO_LOCK_EC_PRE_COMP);
-
-    return src_;
-}
-
-static void nistp256_pre_comp_free(void *pre_)
-{
-    int i;
-    NISTP256_PRE_COMP *pre = pre_;
-
-    if (!pre)
-        return;
-
-    i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
-    if (i > 0)
-        return;
-
-    OPENSSL_free(pre);
-}
-
-static void nistp256_pre_comp_clear_free(void *pre_)
-{
-    int i;
-    NISTP256_PRE_COMP *pre = pre_;
-
-    if (!pre)
-        return;
-
-    i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
-    if (i > 0)
-        return;
-
-    OPENSSL_cleanse(pre, sizeof *pre);
-    OPENSSL_free(pre);
-}
-
-/******************************************************************************/
-/*
- * OPENSSL EC_METHOD FUNCTIONS
- */
-
-int ec_GFp_nistp256_group_init(EC_GROUP *group)
-{
-    int ret;
-    ret = ec_GFp_simple_group_init(group);
-    group->a_is_minus3 = 1;
-    return ret;
-}
-
-int ec_GFp_nistp256_group_set_curve(EC_GROUP *group, const BIGNUM *p,
-                                    const BIGNUM *a, const BIGNUM *b,
-                                    BN_CTX *ctx)
-{
-    int ret = 0;
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *curve_p, *curve_a, *curve_b;
-
-    if (ctx == NULL)
-        if ((ctx = new_ctx = BN_CTX_new()) == NULL)
-            return 0;
-    BN_CTX_start(ctx);
-    if (((curve_p = BN_CTX_get(ctx)) == NULL) ||
-        ((curve_a = BN_CTX_get(ctx)) == NULL) ||
-        ((curve_b = BN_CTX_get(ctx)) == NULL))
-        goto err;
-    BN_bin2bn(nistp256_curve_params[0], sizeof(felem_bytearray), curve_p);
-    BN_bin2bn(nistp256_curve_params[1], sizeof(felem_bytearray), curve_a);
-    BN_bin2bn(nistp256_curve_params[2], sizeof(felem_bytearray), curve_b);
-    if ((BN_cmp(curve_p, p)) || (BN_cmp(curve_a, a)) || (BN_cmp(curve_b, b))) {
-        ECerr(EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE,
-              EC_R_WRONG_CURVE_PARAMETERS);
-        goto err;
-    }
-    group->field_mod_func = BN_nist_mod_256;
-    ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
- err:
-    BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-
-/*
- * Takes the Jacobian coordinates (X, Y, Z) of a point and returns (X', Y') =
- * (X/Z^2, Y/Z^3)
- */
-int ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP *group,
-                                                 const EC_POINT *point,
-                                                 BIGNUM *x, BIGNUM *y,
-                                                 BN_CTX *ctx)
-{
-    felem z1, z2, x_in, y_in;
-    smallfelem x_out, y_out;
-    longfelem tmp;
-
-    if (EC_POINT_is_at_infinity(group, point)) {
-        ECerr(EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES,
-              EC_R_POINT_AT_INFINITY);
-        return 0;
-    }
-    if ((!BN_to_felem(x_in, &point->X)) || (!BN_to_felem(y_in, &point->Y)) ||
-        (!BN_to_felem(z1, &point->Z)))
-        return 0;
-    felem_inv(z2, z1);
-    felem_square(tmp, z2);
-    felem_reduce(z1, tmp);
-    felem_mul(tmp, x_in, z1);
-    felem_reduce(x_in, tmp);
-    felem_contract(x_out, x_in);
-    if (x != NULL) {
-        if (!smallfelem_to_BN(x, x_out)) {
-            ECerr(EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES,
-                  ERR_R_BN_LIB);
-            return 0;
-        }
-    }
-    felem_mul(tmp, z1, z2);
-    felem_reduce(z1, tmp);
-    felem_mul(tmp, y_in, z1);
-    felem_reduce(y_in, tmp);
-    felem_contract(y_out, y_in);
-    if (y != NULL) {
-        if (!smallfelem_to_BN(y, y_out)) {
-            ECerr(EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES,
-                  ERR_R_BN_LIB);
-            return 0;
-        }
-    }
-    return 1;
-}
-
-/* points below is of size |num|, and tmp_smallfelems is of size |num+1| */
-static void make_points_affine(size_t num, smallfelem points[][3],
-                               smallfelem tmp_smallfelems[])
-{
-    /*
-     * Runs in constant time, unless an input is the point at infinity (which
-     * normally shouldn't happen).
-     */
-    ec_GFp_nistp_points_make_affine_internal(num,
-                                             points,
-                                             sizeof(smallfelem),
-                                             tmp_smallfelems,
-                                             (void (*)(void *))smallfelem_one,
-                                             (int (*)(const void *))
-                                             smallfelem_is_zero_int,
-                                             (void (*)(void *, const void *))
-                                             smallfelem_assign,
-                                             (void (*)(void *, const void *))
-                                             smallfelem_square_contract,
-                                             (void (*)
-                                              (void *, const void *,
-                                               const void *))
-                                             smallfelem_mul_contract,
-                                             (void (*)(void *, const void *))
-                                             smallfelem_inv_contract,
-                                             /* nothing to contract */
-                                             (void (*)(void *, const void *))
-                                             smallfelem_assign);
-}
-
-/*
- * Computes scalar*generator + \sum scalars[i]*points[i], ignoring NULL
- * values Result is stored in r (r can equal one of the inputs).
- */
-int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r,
-                               const BIGNUM *scalar, size_t num,
-                               const EC_POINT *points[],
-                               const BIGNUM *scalars[], BN_CTX *ctx)
-{
-    int ret = 0;
-    int j;
-    int mixed = 0;
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *x, *y, *z, *tmp_scalar;
-    felem_bytearray g_secret;
-    felem_bytearray *secrets = NULL;
-    smallfelem(*pre_comp)[17][3] = NULL;
-    smallfelem *tmp_smallfelems = NULL;
-    felem_bytearray tmp;
-    unsigned i, num_bytes;
-    int have_pre_comp = 0;
-    size_t num_points = num;
-    smallfelem x_in, y_in, z_in;
-    felem x_out, y_out, z_out;
-    NISTP256_PRE_COMP *pre = NULL;
-    const smallfelem(*g_pre_comp)[16][3] = NULL;
-    EC_POINT *generator = NULL;
-    const EC_POINT *p = NULL;
-    const BIGNUM *p_scalar = NULL;
-
-    if (ctx == NULL)
-        if ((ctx = new_ctx = BN_CTX_new()) == NULL)
-            return 0;
-    BN_CTX_start(ctx);
-    if (((x = BN_CTX_get(ctx)) == NULL) ||
-        ((y = BN_CTX_get(ctx)) == NULL) ||
-        ((z = BN_CTX_get(ctx)) == NULL) ||
-        ((tmp_scalar = BN_CTX_get(ctx)) == NULL))
-        goto err;
-
-    if (scalar != NULL) {
-        pre = EC_EX_DATA_get_data(group->extra_data,
-                                  nistp256_pre_comp_dup,
-                                  nistp256_pre_comp_free,
-                                  nistp256_pre_comp_clear_free);
-        if (pre)
-            /* we have precomputation, try to use it */
-            g_pre_comp = (const smallfelem(*)[16][3])pre->g_pre_comp;
-        else
-            /* try to use the standard precomputation */
-            g_pre_comp = &gmul[0];
-        generator = EC_POINT_new(group);
-        if (generator == NULL)
-            goto err;
-        /* get the generator from precomputation */
-        if (!smallfelem_to_BN(x, g_pre_comp[0][1][0]) ||
-            !smallfelem_to_BN(y, g_pre_comp[0][1][1]) ||
-            !smallfelem_to_BN(z, g_pre_comp[0][1][2])) {
-            ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_BN_LIB);
-            goto err;
-        }
-        if (!EC_POINT_set_Jprojective_coordinates_GFp(group,
-                                                      generator, x, y, z,
-                                                      ctx))
-            goto err;
-        if (0 == EC_POINT_cmp(group, generator, group->generator, ctx))
-            /* precomputation matches generator */
-            have_pre_comp = 1;
-        else
-            /*
-             * we don't have valid precomputation: treat the generator as a
-             * random point
-             */
-            num_points++;
-    }
-    if (num_points > 0) {
-        if (num_points >= 3) {
-            /*
-             * unless we precompute multiples for just one or two points,
-             * converting those into affine form is time well spent
-             */
-            mixed = 1;
-        }
-        secrets = OPENSSL_malloc(num_points * sizeof(felem_bytearray));
-        pre_comp = OPENSSL_malloc(num_points * 17 * 3 * sizeof(smallfelem));
-        if (mixed)
-            tmp_smallfelems =
-                OPENSSL_malloc((num_points * 17 + 1) * sizeof(smallfelem));
-        if ((secrets == NULL) || (pre_comp == NULL)
-            || (mixed && (tmp_smallfelems == NULL))) {
-            ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-
-        /*
-         * we treat NULL scalars as 0, and NULL points as points at infinity,
-         * i.e., they contribute nothing to the linear combination
-         */
-        memset(secrets, 0, num_points * sizeof(felem_bytearray));
-        memset(pre_comp, 0, num_points * 17 * 3 * sizeof(smallfelem));
-        for (i = 0; i < num_points; ++i) {
-            if (i == num)
-                /*
-                 * we didn't have a valid precomputation, so we pick the
-                 * generator
-                 */
-            {
-                p = EC_GROUP_get0_generator(group);
-                p_scalar = scalar;
-            } else
-                /* the i^th point */
-            {
-                p = points[i];
-                p_scalar = scalars[i];
-            }
-            if ((p_scalar != NULL) && (p != NULL)) {
-                /* reduce scalar to 0 <= scalar < 2^256 */
-                if ((BN_num_bits(p_scalar) > 256)
-                    || (BN_is_negative(p_scalar))) {
-                    /*
-                     * this is an unusual input, and we don't guarantee
-                     * constant-timeness
-                     */
-                    if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) {
-                        ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_BN_LIB);
-                        goto err;
-                    }
-                    num_bytes = BN_bn2bin(tmp_scalar, tmp);
-                } else
-                    num_bytes = BN_bn2bin(p_scalar, tmp);
-                flip_endian(secrets[i], tmp, num_bytes);
-                /* precompute multiples */
-                if ((!BN_to_felem(x_out, &p->X)) ||
-                    (!BN_to_felem(y_out, &p->Y)) ||
-                    (!BN_to_felem(z_out, &p->Z)))
-                    goto err;
-                felem_shrink(pre_comp[i][1][0], x_out);
-                felem_shrink(pre_comp[i][1][1], y_out);
-                felem_shrink(pre_comp[i][1][2], z_out);
-                for (j = 2; j <= 16; ++j) {
-                    if (j & 1) {
-                        point_add_small(pre_comp[i][j][0], pre_comp[i][j][1],
-                                        pre_comp[i][j][2], pre_comp[i][1][0],
-                                        pre_comp[i][1][1], pre_comp[i][1][2],
-                                        pre_comp[i][j - 1][0],
-                                        pre_comp[i][j - 1][1],
-                                        pre_comp[i][j - 1][2]);
-                    } else {
-                        point_double_small(pre_comp[i][j][0],
-                                           pre_comp[i][j][1],
-                                           pre_comp[i][j][2],
-                                           pre_comp[i][j / 2][0],
-                                           pre_comp[i][j / 2][1],
-                                           pre_comp[i][j / 2][2]);
-                    }
-                }
-            }
-        }
-        if (mixed)
-            make_points_affine(num_points * 17, pre_comp[0], tmp_smallfelems);
-    }
-
-    /* the scalar for the generator */
-    if ((scalar != NULL) && (have_pre_comp)) {
-        memset(g_secret, 0, sizeof(g_secret));
-        /* reduce scalar to 0 <= scalar < 2^256 */
-        if ((BN_num_bits(scalar) > 256) || (BN_is_negative(scalar))) {
-            /*
-             * this is an unusual input, and we don't guarantee
-             * constant-timeness
-             */
-            if (!BN_nnmod(tmp_scalar, scalar, &group->order, ctx)) {
-                ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_BN_LIB);
-                goto err;
-            }
-            num_bytes = BN_bn2bin(tmp_scalar, tmp);
-        } else
-            num_bytes = BN_bn2bin(scalar, tmp);
-        flip_endian(g_secret, tmp, num_bytes);
-        /* do the multiplication with generator precomputation */
-        batch_mul(x_out, y_out, z_out,
-                  (const felem_bytearray(*))secrets, num_points,
-                  g_secret,
-                  mixed, (const smallfelem(*)[17][3])pre_comp, g_pre_comp);
-    } else
-        /* do the multiplication without generator precomputation */
-        batch_mul(x_out, y_out, z_out,
-                  (const felem_bytearray(*))secrets, num_points,
-                  NULL, mixed, (const smallfelem(*)[17][3])pre_comp, NULL);
-    /* reduce the output to its unique minimal representation */
-    felem_contract(x_in, x_out);
-    felem_contract(y_in, y_out);
-    felem_contract(z_in, z_out);
-    if ((!smallfelem_to_BN(x, x_in)) || (!smallfelem_to_BN(y, y_in)) ||
-        (!smallfelem_to_BN(z, z_in))) {
-        ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_BN_LIB);
-        goto err;
-    }
-    ret = EC_POINT_set_Jprojective_coordinates_GFp(group, r, x, y, z, ctx);
-
- err:
-    BN_CTX_end(ctx);
-    if (generator != NULL)
-        EC_POINT_free(generator);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    if (secrets != NULL)
-        OPENSSL_free(secrets);
-    if (pre_comp != NULL)
-        OPENSSL_free(pre_comp);
-    if (tmp_smallfelems != NULL)
-        OPENSSL_free(tmp_smallfelems);
-    return ret;
-}
-
-int ec_GFp_nistp256_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
-{
-    int ret = 0;
-    NISTP256_PRE_COMP *pre = NULL;
-    int i, j;
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *x, *y;
-    EC_POINT *generator = NULL;
-    smallfelem tmp_smallfelems[32];
-    felem x_tmp, y_tmp, z_tmp;
-
-    /* throw away old precomputation */
-    EC_EX_DATA_free_data(&group->extra_data, nistp256_pre_comp_dup,
-                         nistp256_pre_comp_free,
-                         nistp256_pre_comp_clear_free);
-    if (ctx == NULL)
-        if ((ctx = new_ctx = BN_CTX_new()) == NULL)
-            return 0;
-    BN_CTX_start(ctx);
-    if (((x = BN_CTX_get(ctx)) == NULL) || ((y = BN_CTX_get(ctx)) == NULL))
-        goto err;
-    /* get the generator */
-    if (group->generator == NULL)
-        goto err;
-    generator = EC_POINT_new(group);
-    if (generator == NULL)
-        goto err;
-    BN_bin2bn(nistp256_curve_params[3], sizeof(felem_bytearray), x);
-    BN_bin2bn(nistp256_curve_params[4], sizeof(felem_bytearray), y);
-    if (!EC_POINT_set_affine_coordinates_GFp(group, generator, x, y, ctx))
-        goto err;
-    if ((pre = nistp256_pre_comp_new()) == NULL)
-        goto err;
-    /*
-     * if the generator is the standard one, use built-in precomputation
-     */
-    if (0 == EC_POINT_cmp(group, generator, group->generator, ctx)) {
-        memcpy(pre->g_pre_comp, gmul, sizeof(pre->g_pre_comp));
-        goto done;
-    }
-    if ((!BN_to_felem(x_tmp, &group->generator->X)) ||
-        (!BN_to_felem(y_tmp, &group->generator->Y)) ||
-        (!BN_to_felem(z_tmp, &group->generator->Z)))
-        goto err;
-    felem_shrink(pre->g_pre_comp[0][1][0], x_tmp);
-    felem_shrink(pre->g_pre_comp[0][1][1], y_tmp);
-    felem_shrink(pre->g_pre_comp[0][1][2], z_tmp);
-    /*
-     * compute 2^64*G, 2^128*G, 2^192*G for the first table, 2^32*G, 2^96*G,
-     * 2^160*G, 2^224*G for the second one
-     */
-    for (i = 1; i <= 8; i <<= 1) {
-        point_double_small(pre->g_pre_comp[1][i][0], pre->g_pre_comp[1][i][1],
-                           pre->g_pre_comp[1][i][2], pre->g_pre_comp[0][i][0],
-                           pre->g_pre_comp[0][i][1],
-                           pre->g_pre_comp[0][i][2]);
-        for (j = 0; j < 31; ++j) {
-            point_double_small(pre->g_pre_comp[1][i][0],
-                               pre->g_pre_comp[1][i][1],
-                               pre->g_pre_comp[1][i][2],
-                               pre->g_pre_comp[1][i][0],
-                               pre->g_pre_comp[1][i][1],
-                               pre->g_pre_comp[1][i][2]);
-        }
-        if (i == 8)
-            break;
-        point_double_small(pre->g_pre_comp[0][2 * i][0],
-                           pre->g_pre_comp[0][2 * i][1],
-                           pre->g_pre_comp[0][2 * i][2],
-                           pre->g_pre_comp[1][i][0], pre->g_pre_comp[1][i][1],
-                           pre->g_pre_comp[1][i][2]);
-        for (j = 0; j < 31; ++j) {
-            point_double_small(pre->g_pre_comp[0][2 * i][0],
-                               pre->g_pre_comp[0][2 * i][1],
-                               pre->g_pre_comp[0][2 * i][2],
-                               pre->g_pre_comp[0][2 * i][0],
-                               pre->g_pre_comp[0][2 * i][1],
-                               pre->g_pre_comp[0][2 * i][2]);
-        }
-    }
-    for (i = 0; i < 2; i++) {
-        /* g_pre_comp[i][0] is the point at infinity */
-        memset(pre->g_pre_comp[i][0], 0, sizeof(pre->g_pre_comp[i][0]));
-        /* the remaining multiples */
-        /* 2^64*G + 2^128*G resp. 2^96*G + 2^160*G */
-        point_add_small(pre->g_pre_comp[i][6][0], pre->g_pre_comp[i][6][1],
-                        pre->g_pre_comp[i][6][2], pre->g_pre_comp[i][4][0],
-                        pre->g_pre_comp[i][4][1], pre->g_pre_comp[i][4][2],
-                        pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1],
-                        pre->g_pre_comp[i][2][2]);
-        /* 2^64*G + 2^192*G resp. 2^96*G + 2^224*G */
-        point_add_small(pre->g_pre_comp[i][10][0], pre->g_pre_comp[i][10][1],
-                        pre->g_pre_comp[i][10][2], pre->g_pre_comp[i][8][0],
-                        pre->g_pre_comp[i][8][1], pre->g_pre_comp[i][8][2],
-                        pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1],
-                        pre->g_pre_comp[i][2][2]);
-        /* 2^128*G + 2^192*G resp. 2^160*G + 2^224*G */
-        point_add_small(pre->g_pre_comp[i][12][0], pre->g_pre_comp[i][12][1],
-                        pre->g_pre_comp[i][12][2], pre->g_pre_comp[i][8][0],
-                        pre->g_pre_comp[i][8][1], pre->g_pre_comp[i][8][2],
-                        pre->g_pre_comp[i][4][0], pre->g_pre_comp[i][4][1],
-                        pre->g_pre_comp[i][4][2]);
-        /*
-         * 2^64*G + 2^128*G + 2^192*G resp. 2^96*G + 2^160*G + 2^224*G
-         */
-        point_add_small(pre->g_pre_comp[i][14][0], pre->g_pre_comp[i][14][1],
-                        pre->g_pre_comp[i][14][2], pre->g_pre_comp[i][12][0],
-                        pre->g_pre_comp[i][12][1], pre->g_pre_comp[i][12][2],
-                        pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1],
-                        pre->g_pre_comp[i][2][2]);
-        for (j = 1; j < 8; ++j) {
-            /* odd multiples: add G resp. 2^32*G */
-            point_add_small(pre->g_pre_comp[i][2 * j + 1][0],
-                            pre->g_pre_comp[i][2 * j + 1][1],
-                            pre->g_pre_comp[i][2 * j + 1][2],
-                            pre->g_pre_comp[i][2 * j][0],
-                            pre->g_pre_comp[i][2 * j][1],
-                            pre->g_pre_comp[i][2 * j][2],
-                            pre->g_pre_comp[i][1][0],
-                            pre->g_pre_comp[i][1][1],
-                            pre->g_pre_comp[i][1][2]);
-        }
-    }
-    make_points_affine(31, &(pre->g_pre_comp[0][1]), tmp_smallfelems);
-
- done:
-    if (!EC_EX_DATA_set_data(&group->extra_data, pre, nistp256_pre_comp_dup,
-                             nistp256_pre_comp_free,
-                             nistp256_pre_comp_clear_free))
-        goto err;
-    ret = 1;
-    pre = NULL;
- err:
-    BN_CTX_end(ctx);
-    if (generator != NULL)
-        EC_POINT_free(generator);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    if (pre)
-        nistp256_pre_comp_free(pre);
-    return ret;
-}
-
-int ec_GFp_nistp256_have_precompute_mult(const EC_GROUP *group)
-{
-    if (EC_EX_DATA_get_data(group->extra_data, nistp256_pre_comp_dup,
-                            nistp256_pre_comp_free,
-                            nistp256_pre_comp_clear_free)
-        != NULL)
-        return 1;
-    else
-        return 0;
-}
-#else
-static void *dummy = &dummy;
-#endif
diff --git a/thirdparty/openssl/crypto/ec/ecp_nistp521.c b/thirdparty/openssl/crypto/ec/ecp_nistp521.c
deleted file mode 100644
index c53a61bbfb..0000000000
--- a/thirdparty/openssl/crypto/ec/ecp_nistp521.c
+++ /dev/null
@@ -1,2148 +0,0 @@
-/* crypto/ec/ecp_nistp521.c */
-/*
- * Written by Adam Langley (Google) for the OpenSSL project
- */
-/* Copyright 2011 Google Inc.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- *
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS,
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/*
- * A 64-bit implementation of the NIST P-521 elliptic curve point multiplication
- *
- * OpenSSL integration was taken from Emilia Kasper's work in ecp_nistp224.c.
- * Otherwise based on Emilia's P224 work, which was inspired by my curve25519
- * work which got its smarts from Daniel J. Bernstein's work on the same.
- */
-
-#include <openssl/opensslconf.h>
-#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-
-# ifndef OPENSSL_SYS_VMS
-#  include <stdint.h>
-# else
-#  include <inttypes.h>
-# endif
-
-# include <string.h>
-# include <openssl/err.h>
-# include "ec_lcl.h"
-
-# if defined(__GNUC__) && (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 1))
-  /* even with gcc, the typedef won't work for 32-bit platforms */
-typedef __uint128_t uint128_t;  /* nonstandard; implemented by gcc on 64-bit
-                                 * platforms */
-# else
-#  error "Need GCC 3.1 or later to define type uint128_t"
-# endif
-
-typedef uint8_t u8;
-typedef uint64_t u64;
-typedef int64_t s64;
-
-/*
- * The underlying field. P521 operates over GF(2^521-1). We can serialise an
- * element of this field into 66 bytes where the most significant byte
- * contains only a single bit. We call this an felem_bytearray.
- */
-
-typedef u8 felem_bytearray[66];
-
-/*
- * These are the parameters of P521, taken from FIPS 186-3, section D.1.2.5.
- * These values are big-endian.
- */
-static const felem_bytearray nistp521_curve_params[5] = {
-    {0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, /* p */
-     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-     0xff, 0xff},
-    {0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, /* a = -3 */
-     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-     0xff, 0xfc},
-    {0x00, 0x51, 0x95, 0x3e, 0xb9, 0x61, 0x8e, 0x1c, /* b */
-     0x9a, 0x1f, 0x92, 0x9a, 0x21, 0xa0, 0xb6, 0x85,
-     0x40, 0xee, 0xa2, 0xda, 0x72, 0x5b, 0x99, 0xb3,
-     0x15, 0xf3, 0xb8, 0xb4, 0x89, 0x91, 0x8e, 0xf1,
-     0x09, 0xe1, 0x56, 0x19, 0x39, 0x51, 0xec, 0x7e,
-     0x93, 0x7b, 0x16, 0x52, 0xc0, 0xbd, 0x3b, 0xb1,
-     0xbf, 0x07, 0x35, 0x73, 0xdf, 0x88, 0x3d, 0x2c,
-     0x34, 0xf1, 0xef, 0x45, 0x1f, 0xd4, 0x6b, 0x50,
-     0x3f, 0x00},
-    {0x00, 0xc6, 0x85, 0x8e, 0x06, 0xb7, 0x04, 0x04, /* x */
-     0xe9, 0xcd, 0x9e, 0x3e, 0xcb, 0x66, 0x23, 0x95,
-     0xb4, 0x42, 0x9c, 0x64, 0x81, 0x39, 0x05, 0x3f,
-     0xb5, 0x21, 0xf8, 0x28, 0xaf, 0x60, 0x6b, 0x4d,
-     0x3d, 0xba, 0xa1, 0x4b, 0x5e, 0x77, 0xef, 0xe7,
-     0x59, 0x28, 0xfe, 0x1d, 0xc1, 0x27, 0xa2, 0xff,
-     0xa8, 0xde, 0x33, 0x48, 0xb3, 0xc1, 0x85, 0x6a,
-     0x42, 0x9b, 0xf9, 0x7e, 0x7e, 0x31, 0xc2, 0xe5,
-     0xbd, 0x66},
-    {0x01, 0x18, 0x39, 0x29, 0x6a, 0x78, 0x9a, 0x3b, /* y */
-     0xc0, 0x04, 0x5c, 0x8a, 0x5f, 0xb4, 0x2c, 0x7d,
-     0x1b, 0xd9, 0x98, 0xf5, 0x44, 0x49, 0x57, 0x9b,
-     0x44, 0x68, 0x17, 0xaf, 0xbd, 0x17, 0x27, 0x3e,
-     0x66, 0x2c, 0x97, 0xee, 0x72, 0x99, 0x5e, 0xf4,
-     0x26, 0x40, 0xc5, 0x50, 0xb9, 0x01, 0x3f, 0xad,
-     0x07, 0x61, 0x35, 0x3c, 0x70, 0x86, 0xa2, 0x72,
-     0xc2, 0x40, 0x88, 0xbe, 0x94, 0x76, 0x9f, 0xd1,
-     0x66, 0x50}
-};
-
-/*-
- * The representation of field elements.
- * ------------------------------------
- *
- * We represent field elements with nine values. These values are either 64 or
- * 128 bits and the field element represented is:
- *   v[0]*2^0 + v[1]*2^58 + v[2]*2^116 + ... + v[8]*2^464  (mod p)
- * Each of the nine values is called a 'limb'. Since the limbs are spaced only
- * 58 bits apart, but are greater than 58 bits in length, the most significant
- * bits of each limb overlap with the least significant bits of the next.
- *
- * A field element with 64-bit limbs is an 'felem'. One with 128-bit limbs is a
- * 'largefelem' */
-
-# define NLIMBS 9
-
-typedef uint64_t limb;
-typedef limb felem[NLIMBS];
-typedef uint128_t largefelem[NLIMBS];
-
-static const limb bottom57bits = 0x1ffffffffffffff;
-static const limb bottom58bits = 0x3ffffffffffffff;
-
-/*
- * bin66_to_felem takes a little-endian byte array and converts it into felem
- * form. This assumes that the CPU is little-endian.
- */
-static void bin66_to_felem(felem out, const u8 in[66])
-{
-    out[0] = (*((limb *) & in[0])) & bottom58bits;
-    out[1] = (*((limb *) & in[7]) >> 2) & bottom58bits;
-    out[2] = (*((limb *) & in[14]) >> 4) & bottom58bits;
-    out[3] = (*((limb *) & in[21]) >> 6) & bottom58bits;
-    out[4] = (*((limb *) & in[29])) & bottom58bits;
-    out[5] = (*((limb *) & in[36]) >> 2) & bottom58bits;
-    out[6] = (*((limb *) & in[43]) >> 4) & bottom58bits;
-    out[7] = (*((limb *) & in[50]) >> 6) & bottom58bits;
-    out[8] = (*((limb *) & in[58])) & bottom57bits;
-}
-
-/*
- * felem_to_bin66 takes an felem and serialises into a little endian, 66 byte
- * array. This assumes that the CPU is little-endian.
- */
-static void felem_to_bin66(u8 out[66], const felem in)
-{
-    memset(out, 0, 66);
-    (*((limb *) & out[0])) = in[0];
-    (*((limb *) & out[7])) |= in[1] << 2;
-    (*((limb *) & out[14])) |= in[2] << 4;
-    (*((limb *) & out[21])) |= in[3] << 6;
-    (*((limb *) & out[29])) = in[4];
-    (*((limb *) & out[36])) |= in[5] << 2;
-    (*((limb *) & out[43])) |= in[6] << 4;
-    (*((limb *) & out[50])) |= in[7] << 6;
-    (*((limb *) & out[58])) = in[8];
-}
-
-/* To preserve endianness when using BN_bn2bin and BN_bin2bn */
-static void flip_endian(u8 *out, const u8 *in, unsigned len)
-{
-    unsigned i;
-    for (i = 0; i < len; ++i)
-        out[i] = in[len - 1 - i];
-}
-
-/* BN_to_felem converts an OpenSSL BIGNUM into an felem */
-static int BN_to_felem(felem out, const BIGNUM *bn)
-{
-    felem_bytearray b_in;
-    felem_bytearray b_out;
-    unsigned num_bytes;
-
-    /* BN_bn2bin eats leading zeroes */
-    memset(b_out, 0, sizeof b_out);
-    num_bytes = BN_num_bytes(bn);
-    if (num_bytes > sizeof b_out) {
-        ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
-        return 0;
-    }
-    if (BN_is_negative(bn)) {
-        ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
-        return 0;
-    }
-    num_bytes = BN_bn2bin(bn, b_in);
-    flip_endian(b_out, b_in, num_bytes);
-    bin66_to_felem(out, b_out);
-    return 1;
-}
-
-/* felem_to_BN converts an felem into an OpenSSL BIGNUM */
-static BIGNUM *felem_to_BN(BIGNUM *out, const felem in)
-{
-    felem_bytearray b_in, b_out;
-    felem_to_bin66(b_in, in);
-    flip_endian(b_out, b_in, sizeof b_out);
-    return BN_bin2bn(b_out, sizeof b_out, out);
-}
-
-/*-
- * Field operations
- * ----------------
- */
-
-static void felem_one(felem out)
-{
-    out[0] = 1;
-    out[1] = 0;
-    out[2] = 0;
-    out[3] = 0;
-    out[4] = 0;
-    out[5] = 0;
-    out[6] = 0;
-    out[7] = 0;
-    out[8] = 0;
-}
-
-static void felem_assign(felem out, const felem in)
-{
-    out[0] = in[0];
-    out[1] = in[1];
-    out[2] = in[2];
-    out[3] = in[3];
-    out[4] = in[4];
-    out[5] = in[5];
-    out[6] = in[6];
-    out[7] = in[7];
-    out[8] = in[8];
-}
-
-/* felem_sum64 sets out = out + in. */
-static void felem_sum64(felem out, const felem in)
-{
-    out[0] += in[0];
-    out[1] += in[1];
-    out[2] += in[2];
-    out[3] += in[3];
-    out[4] += in[4];
-    out[5] += in[5];
-    out[6] += in[6];
-    out[7] += in[7];
-    out[8] += in[8];
-}
-
-/* felem_scalar sets out = in * scalar */
-static void felem_scalar(felem out, const felem in, limb scalar)
-{
-    out[0] = in[0] * scalar;
-    out[1] = in[1] * scalar;
-    out[2] = in[2] * scalar;
-    out[3] = in[3] * scalar;
-    out[4] = in[4] * scalar;
-    out[5] = in[5] * scalar;
-    out[6] = in[6] * scalar;
-    out[7] = in[7] * scalar;
-    out[8] = in[8] * scalar;
-}
-
-/* felem_scalar64 sets out = out * scalar */
-static void felem_scalar64(felem out, limb scalar)
-{
-    out[0] *= scalar;
-    out[1] *= scalar;
-    out[2] *= scalar;
-    out[3] *= scalar;
-    out[4] *= scalar;
-    out[5] *= scalar;
-    out[6] *= scalar;
-    out[7] *= scalar;
-    out[8] *= scalar;
-}
-
-/* felem_scalar128 sets out = out * scalar */
-static void felem_scalar128(largefelem out, limb scalar)
-{
-    out[0] *= scalar;
-    out[1] *= scalar;
-    out[2] *= scalar;
-    out[3] *= scalar;
-    out[4] *= scalar;
-    out[5] *= scalar;
-    out[6] *= scalar;
-    out[7] *= scalar;
-    out[8] *= scalar;
-}
-
-/*-
- * felem_neg sets |out| to |-in|
- * On entry:
- *   in[i] < 2^59 + 2^14
- * On exit:
- *   out[i] < 2^62
- */
-static void felem_neg(felem out, const felem in)
-{
-    /* In order to prevent underflow, we subtract from 0 mod p. */
-    static const limb two62m3 = (((limb) 1) << 62) - (((limb) 1) << 5);
-    static const limb two62m2 = (((limb) 1) << 62) - (((limb) 1) << 4);
-
-    out[0] = two62m3 - in[0];
-    out[1] = two62m2 - in[1];
-    out[2] = two62m2 - in[2];
-    out[3] = two62m2 - in[3];
-    out[4] = two62m2 - in[4];
-    out[5] = two62m2 - in[5];
-    out[6] = two62m2 - in[6];
-    out[7] = two62m2 - in[7];
-    out[8] = two62m2 - in[8];
-}
-
-/*-
- * felem_diff64 subtracts |in| from |out|
- * On entry:
- *   in[i] < 2^59 + 2^14
- * On exit:
- *   out[i] < out[i] + 2^62
- */
-static void felem_diff64(felem out, const felem in)
-{
-    /*
-     * In order to prevent underflow, we add 0 mod p before subtracting.
-     */
-    static const limb two62m3 = (((limb) 1) << 62) - (((limb) 1) << 5);
-    static const limb two62m2 = (((limb) 1) << 62) - (((limb) 1) << 4);
-
-    out[0] += two62m3 - in[0];
-    out[1] += two62m2 - in[1];
-    out[2] += two62m2 - in[2];
-    out[3] += two62m2 - in[3];
-    out[4] += two62m2 - in[4];
-    out[5] += two62m2 - in[5];
-    out[6] += two62m2 - in[6];
-    out[7] += two62m2 - in[7];
-    out[8] += two62m2 - in[8];
-}
-
-/*-
- * felem_diff_128_64 subtracts |in| from |out|
- * On entry:
- *   in[i] < 2^62 + 2^17
- * On exit:
- *   out[i] < out[i] + 2^63
- */
-static void felem_diff_128_64(largefelem out, const felem in)
-{
-    /*
-     * In order to prevent underflow, we add 0 mod p before subtracting.
-     */
-    static const limb two63m6 = (((limb) 1) << 62) - (((limb) 1) << 5);
-    static const limb two63m5 = (((limb) 1) << 62) - (((limb) 1) << 4);
-
-    out[0] += two63m6 - in[0];
-    out[1] += two63m5 - in[1];
-    out[2] += two63m5 - in[2];
-    out[3] += two63m5 - in[3];
-    out[4] += two63m5 - in[4];
-    out[5] += two63m5 - in[5];
-    out[6] += two63m5 - in[6];
-    out[7] += two63m5 - in[7];
-    out[8] += two63m5 - in[8];
-}
-
-/*-
- * felem_diff_128_64 subtracts |in| from |out|
- * On entry:
- *   in[i] < 2^126
- * On exit:
- *   out[i] < out[i] + 2^127 - 2^69
- */
-static void felem_diff128(largefelem out, const largefelem in)
-{
-    /*
-     * In order to prevent underflow, we add 0 mod p before subtracting.
-     */
-    static const uint128_t two127m70 =
-        (((uint128_t) 1) << 127) - (((uint128_t) 1) << 70);
-    static const uint128_t two127m69 =
-        (((uint128_t) 1) << 127) - (((uint128_t) 1) << 69);
-
-    out[0] += (two127m70 - in[0]);
-    out[1] += (two127m69 - in[1]);
-    out[2] += (two127m69 - in[2]);
-    out[3] += (two127m69 - in[3]);
-    out[4] += (two127m69 - in[4]);
-    out[5] += (two127m69 - in[5]);
-    out[6] += (two127m69 - in[6]);
-    out[7] += (two127m69 - in[7]);
-    out[8] += (two127m69 - in[8]);
-}
-
-/*-
- * felem_square sets |out| = |in|^2
- * On entry:
- *   in[i] < 2^62
- * On exit:
- *   out[i] < 17 * max(in[i]) * max(in[i])
- */
-static void felem_square(largefelem out, const felem in)
-{
-    felem inx2, inx4;
-    felem_scalar(inx2, in, 2);
-    felem_scalar(inx4, in, 4);
-
-    /*-
-     * We have many cases were we want to do
-     *   in[x] * in[y] +
-     *   in[y] * in[x]
-     * This is obviously just
-     *   2 * in[x] * in[y]
-     * However, rather than do the doubling on the 128 bit result, we
-     * double one of the inputs to the multiplication by reading from
-     * |inx2|
-     */
-
-    out[0] = ((uint128_t) in[0]) * in[0];
-    out[1] = ((uint128_t) in[0]) * inx2[1];
-    out[2] = ((uint128_t) in[0]) * inx2[2] + ((uint128_t) in[1]) * in[1];
-    out[3] = ((uint128_t) in[0]) * inx2[3] + ((uint128_t) in[1]) * inx2[2];
-    out[4] = ((uint128_t) in[0]) * inx2[4] +
-        ((uint128_t) in[1]) * inx2[3] + ((uint128_t) in[2]) * in[2];
-    out[5] = ((uint128_t) in[0]) * inx2[5] +
-        ((uint128_t) in[1]) * inx2[4] + ((uint128_t) in[2]) * inx2[3];
-    out[6] = ((uint128_t) in[0]) * inx2[6] +
-        ((uint128_t) in[1]) * inx2[5] +
-        ((uint128_t) in[2]) * inx2[4] + ((uint128_t) in[3]) * in[3];
-    out[7] = ((uint128_t) in[0]) * inx2[7] +
-        ((uint128_t) in[1]) * inx2[6] +
-        ((uint128_t) in[2]) * inx2[5] + ((uint128_t) in[3]) * inx2[4];
-    out[8] = ((uint128_t) in[0]) * inx2[8] +
-        ((uint128_t) in[1]) * inx2[7] +
-        ((uint128_t) in[2]) * inx2[6] +
-        ((uint128_t) in[3]) * inx2[5] + ((uint128_t) in[4]) * in[4];
-
-    /*
-     * The remaining limbs fall above 2^521, with the first falling at 2^522.
-     * They correspond to locations one bit up from the limbs produced above
-     * so we would have to multiply by two to align them. Again, rather than
-     * operate on the 128-bit result, we double one of the inputs to the
-     * multiplication. If we want to double for both this reason, and the
-     * reason above, then we end up multiplying by four.
-     */
-
-    /* 9 */
-    out[0] += ((uint128_t) in[1]) * inx4[8] +
-        ((uint128_t) in[2]) * inx4[7] +
-        ((uint128_t) in[3]) * inx4[6] + ((uint128_t) in[4]) * inx4[5];
-
-    /* 10 */
-    out[1] += ((uint128_t) in[2]) * inx4[8] +
-        ((uint128_t) in[3]) * inx4[7] +
-        ((uint128_t) in[4]) * inx4[6] + ((uint128_t) in[5]) * inx2[5];
-
-    /* 11 */
-    out[2] += ((uint128_t) in[3]) * inx4[8] +
-        ((uint128_t) in[4]) * inx4[7] + ((uint128_t) in[5]) * inx4[6];
-
-    /* 12 */
-    out[3] += ((uint128_t) in[4]) * inx4[8] +
-        ((uint128_t) in[5]) * inx4[7] + ((uint128_t) in[6]) * inx2[6];
-
-    /* 13 */
-    out[4] += ((uint128_t) in[5]) * inx4[8] + ((uint128_t) in[6]) * inx4[7];
-
-    /* 14 */
-    out[5] += ((uint128_t) in[6]) * inx4[8] + ((uint128_t) in[7]) * inx2[7];
-
-    /* 15 */
-    out[6] += ((uint128_t) in[7]) * inx4[8];
-
-    /* 16 */
-    out[7] += ((uint128_t) in[8]) * inx2[8];
-}
-
-/*-
- * felem_mul sets |out| = |in1| * |in2|
- * On entry:
- *   in1[i] < 2^64
- *   in2[i] < 2^63
- * On exit:
- *   out[i] < 17 * max(in1[i]) * max(in2[i])
- */
-static void felem_mul(largefelem out, const felem in1, const felem in2)
-{
-    felem in2x2;
-    felem_scalar(in2x2, in2, 2);
-
-    out[0] = ((uint128_t) in1[0]) * in2[0];
-
-    out[1] = ((uint128_t) in1[0]) * in2[1] + ((uint128_t) in1[1]) * in2[0];
-
-    out[2] = ((uint128_t) in1[0]) * in2[2] +
-        ((uint128_t) in1[1]) * in2[1] + ((uint128_t) in1[2]) * in2[0];
-
-    out[3] = ((uint128_t) in1[0]) * in2[3] +
-        ((uint128_t) in1[1]) * in2[2] +
-        ((uint128_t) in1[2]) * in2[1] + ((uint128_t) in1[3]) * in2[0];
-
-    out[4] = ((uint128_t) in1[0]) * in2[4] +
-        ((uint128_t) in1[1]) * in2[3] +
-        ((uint128_t) in1[2]) * in2[2] +
-        ((uint128_t) in1[3]) * in2[1] + ((uint128_t) in1[4]) * in2[0];
-
-    out[5] = ((uint128_t) in1[0]) * in2[5] +
-        ((uint128_t) in1[1]) * in2[4] +
-        ((uint128_t) in1[2]) * in2[3] +
-        ((uint128_t) in1[3]) * in2[2] +
-        ((uint128_t) in1[4]) * in2[1] + ((uint128_t) in1[5]) * in2[0];
-
-    out[6] = ((uint128_t) in1[0]) * in2[6] +
-        ((uint128_t) in1[1]) * in2[5] +
-        ((uint128_t) in1[2]) * in2[4] +
-        ((uint128_t) in1[3]) * in2[3] +
-        ((uint128_t) in1[4]) * in2[2] +
-        ((uint128_t) in1[5]) * in2[1] + ((uint128_t) in1[6]) * in2[0];
-
-    out[7] = ((uint128_t) in1[0]) * in2[7] +
-        ((uint128_t) in1[1]) * in2[6] +
-        ((uint128_t) in1[2]) * in2[5] +
-        ((uint128_t) in1[3]) * in2[4] +
-        ((uint128_t) in1[4]) * in2[3] +
-        ((uint128_t) in1[5]) * in2[2] +
-        ((uint128_t) in1[6]) * in2[1] + ((uint128_t) in1[7]) * in2[0];
-
-    out[8] = ((uint128_t) in1[0]) * in2[8] +
-        ((uint128_t) in1[1]) * in2[7] +
-        ((uint128_t) in1[2]) * in2[6] +
-        ((uint128_t) in1[3]) * in2[5] +
-        ((uint128_t) in1[4]) * in2[4] +
-        ((uint128_t) in1[5]) * in2[3] +
-        ((uint128_t) in1[6]) * in2[2] +
-        ((uint128_t) in1[7]) * in2[1] + ((uint128_t) in1[8]) * in2[0];
-
-    /* See comment in felem_square about the use of in2x2 here */
-
-    out[0] += ((uint128_t) in1[1]) * in2x2[8] +
-        ((uint128_t) in1[2]) * in2x2[7] +
-        ((uint128_t) in1[3]) * in2x2[6] +
-        ((uint128_t) in1[4]) * in2x2[5] +
-        ((uint128_t) in1[5]) * in2x2[4] +
-        ((uint128_t) in1[6]) * in2x2[3] +
-        ((uint128_t) in1[7]) * in2x2[2] + ((uint128_t) in1[8]) * in2x2[1];
-
-    out[1] += ((uint128_t) in1[2]) * in2x2[8] +
-        ((uint128_t) in1[3]) * in2x2[7] +
-        ((uint128_t) in1[4]) * in2x2[6] +
-        ((uint128_t) in1[5]) * in2x2[5] +
-        ((uint128_t) in1[6]) * in2x2[4] +
-        ((uint128_t) in1[7]) * in2x2[3] + ((uint128_t) in1[8]) * in2x2[2];
-
-    out[2] += ((uint128_t) in1[3]) * in2x2[8] +
-        ((uint128_t) in1[4]) * in2x2[7] +
-        ((uint128_t) in1[5]) * in2x2[6] +
-        ((uint128_t) in1[6]) * in2x2[5] +
-        ((uint128_t) in1[7]) * in2x2[4] + ((uint128_t) in1[8]) * in2x2[3];
-
-    out[3] += ((uint128_t) in1[4]) * in2x2[8] +
-        ((uint128_t) in1[5]) * in2x2[7] +
-        ((uint128_t) in1[6]) * in2x2[6] +
-        ((uint128_t) in1[7]) * in2x2[5] + ((uint128_t) in1[8]) * in2x2[4];
-
-    out[4] += ((uint128_t) in1[5]) * in2x2[8] +
-        ((uint128_t) in1[6]) * in2x2[7] +
-        ((uint128_t) in1[7]) * in2x2[6] + ((uint128_t) in1[8]) * in2x2[5];
-
-    out[5] += ((uint128_t) in1[6]) * in2x2[8] +
-        ((uint128_t) in1[7]) * in2x2[7] + ((uint128_t) in1[8]) * in2x2[6];
-
-    out[6] += ((uint128_t) in1[7]) * in2x2[8] +
-        ((uint128_t) in1[8]) * in2x2[7];
-
-    out[7] += ((uint128_t) in1[8]) * in2x2[8];
-}
-
-static const limb bottom52bits = 0xfffffffffffff;
-
-/*-
- * felem_reduce converts a largefelem to an felem.
- * On entry:
- *   in[i] < 2^128
- * On exit:
- *   out[i] < 2^59 + 2^14
- */
-static void felem_reduce(felem out, const largefelem in)
-{
-    u64 overflow1, overflow2;
-
-    out[0] = ((limb) in[0]) & bottom58bits;
-    out[1] = ((limb) in[1]) & bottom58bits;
-    out[2] = ((limb) in[2]) & bottom58bits;
-    out[3] = ((limb) in[3]) & bottom58bits;
-    out[4] = ((limb) in[4]) & bottom58bits;
-    out[5] = ((limb) in[5]) & bottom58bits;
-    out[6] = ((limb) in[6]) & bottom58bits;
-    out[7] = ((limb) in[7]) & bottom58bits;
-    out[8] = ((limb) in[8]) & bottom58bits;
-
-    /* out[i] < 2^58 */
-
-    out[1] += ((limb) in[0]) >> 58;
-    out[1] += (((limb) (in[0] >> 64)) & bottom52bits) << 6;
-    /*-
-     * out[1] < 2^58 + 2^6 + 2^58
-     *        = 2^59 + 2^6
-     */
-    out[2] += ((limb) (in[0] >> 64)) >> 52;
-
-    out[2] += ((limb) in[1]) >> 58;
-    out[2] += (((limb) (in[1] >> 64)) & bottom52bits) << 6;
-    out[3] += ((limb) (in[1] >> 64)) >> 52;
-
-    out[3] += ((limb) in[2]) >> 58;
-    out[3] += (((limb) (in[2] >> 64)) & bottom52bits) << 6;
-    out[4] += ((limb) (in[2] >> 64)) >> 52;
-
-    out[4] += ((limb) in[3]) >> 58;
-    out[4] += (((limb) (in[3] >> 64)) & bottom52bits) << 6;
-    out[5] += ((limb) (in[3] >> 64)) >> 52;
-
-    out[5] += ((limb) in[4]) >> 58;
-    out[5] += (((limb) (in[4] >> 64)) & bottom52bits) << 6;
-    out[6] += ((limb) (in[4] >> 64)) >> 52;
-
-    out[6] += ((limb) in[5]) >> 58;
-    out[6] += (((limb) (in[5] >> 64)) & bottom52bits) << 6;
-    out[7] += ((limb) (in[5] >> 64)) >> 52;
-
-    out[7] += ((limb) in[6]) >> 58;
-    out[7] += (((limb) (in[6] >> 64)) & bottom52bits) << 6;
-    out[8] += ((limb) (in[6] >> 64)) >> 52;
-
-    out[8] += ((limb) in[7]) >> 58;
-    out[8] += (((limb) (in[7] >> 64)) & bottom52bits) << 6;
-    /*-
-     * out[x > 1] < 2^58 + 2^6 + 2^58 + 2^12
-     *            < 2^59 + 2^13
-     */
-    overflow1 = ((limb) (in[7] >> 64)) >> 52;
-
-    overflow1 += ((limb) in[8]) >> 58;
-    overflow1 += (((limb) (in[8] >> 64)) & bottom52bits) << 6;
-    overflow2 = ((limb) (in[8] >> 64)) >> 52;
-
-    overflow1 <<= 1;            /* overflow1 < 2^13 + 2^7 + 2^59 */
-    overflow2 <<= 1;            /* overflow2 < 2^13 */
-
-    out[0] += overflow1;        /* out[0] < 2^60 */
-    out[1] += overflow2;        /* out[1] < 2^59 + 2^6 + 2^13 */
-
-    out[1] += out[0] >> 58;
-    out[0] &= bottom58bits;
-    /*-
-     * out[0] < 2^58
-     * out[1] < 2^59 + 2^6 + 2^13 + 2^2
-     *        < 2^59 + 2^14
-     */
-}
-
-static void felem_square_reduce(felem out, const felem in)
-{
-    largefelem tmp;
-    felem_square(tmp, in);
-    felem_reduce(out, tmp);
-}
-
-static void felem_mul_reduce(felem out, const felem in1, const felem in2)
-{
-    largefelem tmp;
-    felem_mul(tmp, in1, in2);
-    felem_reduce(out, tmp);
-}
-
-/*-
- * felem_inv calculates |out| = |in|^{-1}
- *
- * Based on Fermat's Little Theorem:
- *   a^p = a (mod p)
- *   a^{p-1} = 1 (mod p)
- *   a^{p-2} = a^{-1} (mod p)
- */
-static void felem_inv(felem out, const felem in)
-{
-    felem ftmp, ftmp2, ftmp3, ftmp4;
-    largefelem tmp;
-    unsigned i;
-
-    felem_square(tmp, in);
-    felem_reduce(ftmp, tmp);    /* 2^1 */
-    felem_mul(tmp, in, ftmp);
-    felem_reduce(ftmp, tmp);    /* 2^2 - 2^0 */
-    felem_assign(ftmp2, ftmp);
-    felem_square(tmp, ftmp);
-    felem_reduce(ftmp, tmp);    /* 2^3 - 2^1 */
-    felem_mul(tmp, in, ftmp);
-    felem_reduce(ftmp, tmp);    /* 2^3 - 2^0 */
-    felem_square(tmp, ftmp);
-    felem_reduce(ftmp, tmp);    /* 2^4 - 2^1 */
-
-    felem_square(tmp, ftmp2);
-    felem_reduce(ftmp3, tmp);   /* 2^3 - 2^1 */
-    felem_square(tmp, ftmp3);
-    felem_reduce(ftmp3, tmp);   /* 2^4 - 2^2 */
-    felem_mul(tmp, ftmp3, ftmp2);
-    felem_reduce(ftmp3, tmp);   /* 2^4 - 2^0 */
-
-    felem_assign(ftmp2, ftmp3);
-    felem_square(tmp, ftmp3);
-    felem_reduce(ftmp3, tmp);   /* 2^5 - 2^1 */
-    felem_square(tmp, ftmp3);
-    felem_reduce(ftmp3, tmp);   /* 2^6 - 2^2 */
-    felem_square(tmp, ftmp3);
-    felem_reduce(ftmp3, tmp);   /* 2^7 - 2^3 */
-    felem_square(tmp, ftmp3);
-    felem_reduce(ftmp3, tmp);   /* 2^8 - 2^4 */
-    felem_assign(ftmp4, ftmp3);
-    felem_mul(tmp, ftmp3, ftmp);
-    felem_reduce(ftmp4, tmp);   /* 2^8 - 2^1 */
-    felem_square(tmp, ftmp4);
-    felem_reduce(ftmp4, tmp);   /* 2^9 - 2^2 */
-    felem_mul(tmp, ftmp3, ftmp2);
-    felem_reduce(ftmp3, tmp);   /* 2^8 - 2^0 */
-    felem_assign(ftmp2, ftmp3);
-
-    for (i = 0; i < 8; i++) {
-        felem_square(tmp, ftmp3);
-        felem_reduce(ftmp3, tmp); /* 2^16 - 2^8 */
-    }
-    felem_mul(tmp, ftmp3, ftmp2);
-    felem_reduce(ftmp3, tmp);   /* 2^16 - 2^0 */
-    felem_assign(ftmp2, ftmp3);
-
-    for (i = 0; i < 16; i++) {
-        felem_square(tmp, ftmp3);
-        felem_reduce(ftmp3, tmp); /* 2^32 - 2^16 */
-    }
-    felem_mul(tmp, ftmp3, ftmp2);
-    felem_reduce(ftmp3, tmp);   /* 2^32 - 2^0 */
-    felem_assign(ftmp2, ftmp3);
-
-    for (i = 0; i < 32; i++) {
-        felem_square(tmp, ftmp3);
-        felem_reduce(ftmp3, tmp); /* 2^64 - 2^32 */
-    }
-    felem_mul(tmp, ftmp3, ftmp2);
-    felem_reduce(ftmp3, tmp);   /* 2^64 - 2^0 */
-    felem_assign(ftmp2, ftmp3);
-
-    for (i = 0; i < 64; i++) {
-        felem_square(tmp, ftmp3);
-        felem_reduce(ftmp3, tmp); /* 2^128 - 2^64 */
-    }
-    felem_mul(tmp, ftmp3, ftmp2);
-    felem_reduce(ftmp3, tmp);   /* 2^128 - 2^0 */
-    felem_assign(ftmp2, ftmp3);
-
-    for (i = 0; i < 128; i++) {
-        felem_square(tmp, ftmp3);
-        felem_reduce(ftmp3, tmp); /* 2^256 - 2^128 */
-    }
-    felem_mul(tmp, ftmp3, ftmp2);
-    felem_reduce(ftmp3, tmp);   /* 2^256 - 2^0 */
-    felem_assign(ftmp2, ftmp3);
-
-    for (i = 0; i < 256; i++) {
-        felem_square(tmp, ftmp3);
-        felem_reduce(ftmp3, tmp); /* 2^512 - 2^256 */
-    }
-    felem_mul(tmp, ftmp3, ftmp2);
-    felem_reduce(ftmp3, tmp);   /* 2^512 - 2^0 */
-
-    for (i = 0; i < 9; i++) {
-        felem_square(tmp, ftmp3);
-        felem_reduce(ftmp3, tmp); /* 2^521 - 2^9 */
-    }
-    felem_mul(tmp, ftmp3, ftmp4);
-    felem_reduce(ftmp3, tmp);   /* 2^512 - 2^2 */
-    felem_mul(tmp, ftmp3, in);
-    felem_reduce(out, tmp);     /* 2^512 - 3 */
-}
-
-/* This is 2^521-1, expressed as an felem */
-static const felem kPrime = {
-    0x03ffffffffffffff, 0x03ffffffffffffff, 0x03ffffffffffffff,
-    0x03ffffffffffffff, 0x03ffffffffffffff, 0x03ffffffffffffff,
-    0x03ffffffffffffff, 0x03ffffffffffffff, 0x01ffffffffffffff
-};
-
-/*-
- * felem_is_zero returns a limb with all bits set if |in| == 0 (mod p) and 0
- * otherwise.
- * On entry:
- *   in[i] < 2^59 + 2^14
- */
-static limb felem_is_zero(const felem in)
-{
-    felem ftmp;
-    limb is_zero, is_p;
-    felem_assign(ftmp, in);
-
-    ftmp[0] += ftmp[8] >> 57;
-    ftmp[8] &= bottom57bits;
-    /* ftmp[8] < 2^57 */
-    ftmp[1] += ftmp[0] >> 58;
-    ftmp[0] &= bottom58bits;
-    ftmp[2] += ftmp[1] >> 58;
-    ftmp[1] &= bottom58bits;
-    ftmp[3] += ftmp[2] >> 58;
-    ftmp[2] &= bottom58bits;
-    ftmp[4] += ftmp[3] >> 58;
-    ftmp[3] &= bottom58bits;
-    ftmp[5] += ftmp[4] >> 58;
-    ftmp[4] &= bottom58bits;
-    ftmp[6] += ftmp[5] >> 58;
-    ftmp[5] &= bottom58bits;
-    ftmp[7] += ftmp[6] >> 58;
-    ftmp[6] &= bottom58bits;
-    ftmp[8] += ftmp[7] >> 58;
-    ftmp[7] &= bottom58bits;
-    /* ftmp[8] < 2^57 + 4 */
-
-    /*
-     * The ninth limb of 2*(2^521-1) is 0x03ffffffffffffff, which is greater
-     * than our bound for ftmp[8]. Therefore we only have to check if the
-     * zero is zero or 2^521-1.
-     */
-
-    is_zero = 0;
-    is_zero |= ftmp[0];
-    is_zero |= ftmp[1];
-    is_zero |= ftmp[2];
-    is_zero |= ftmp[3];
-    is_zero |= ftmp[4];
-    is_zero |= ftmp[5];
-    is_zero |= ftmp[6];
-    is_zero |= ftmp[7];
-    is_zero |= ftmp[8];
-
-    is_zero--;
-    /*
-     * We know that ftmp[i] < 2^63, therefore the only way that the top bit
-     * can be set is if is_zero was 0 before the decrement.
-     */
-    is_zero = ((s64) is_zero) >> 63;
-
-    is_p = ftmp[0] ^ kPrime[0];
-    is_p |= ftmp[1] ^ kPrime[1];
-    is_p |= ftmp[2] ^ kPrime[2];
-    is_p |= ftmp[3] ^ kPrime[3];
-    is_p |= ftmp[4] ^ kPrime[4];
-    is_p |= ftmp[5] ^ kPrime[5];
-    is_p |= ftmp[6] ^ kPrime[6];
-    is_p |= ftmp[7] ^ kPrime[7];
-    is_p |= ftmp[8] ^ kPrime[8];
-
-    is_p--;
-    is_p = ((s64) is_p) >> 63;
-
-    is_zero |= is_p;
-    return is_zero;
-}
-
-static int felem_is_zero_int(const felem in)
-{
-    return (int)(felem_is_zero(in) & ((limb) 1));
-}
-
-/*-
- * felem_contract converts |in| to its unique, minimal representation.
- * On entry:
- *   in[i] < 2^59 + 2^14
- */
-static void felem_contract(felem out, const felem in)
-{
-    limb is_p, is_greater, sign;
-    static const limb two58 = ((limb) 1) << 58;
-
-    felem_assign(out, in);
-
-    out[0] += out[8] >> 57;
-    out[8] &= bottom57bits;
-    /* out[8] < 2^57 */
-    out[1] += out[0] >> 58;
-    out[0] &= bottom58bits;
-    out[2] += out[1] >> 58;
-    out[1] &= bottom58bits;
-    out[3] += out[2] >> 58;
-    out[2] &= bottom58bits;
-    out[4] += out[3] >> 58;
-    out[3] &= bottom58bits;
-    out[5] += out[4] >> 58;
-    out[4] &= bottom58bits;
-    out[6] += out[5] >> 58;
-    out[5] &= bottom58bits;
-    out[7] += out[6] >> 58;
-    out[6] &= bottom58bits;
-    out[8] += out[7] >> 58;
-    out[7] &= bottom58bits;
-    /* out[8] < 2^57 + 4 */
-
-    /*
-     * If the value is greater than 2^521-1 then we have to subtract 2^521-1
-     * out. See the comments in felem_is_zero regarding why we don't test for
-     * other multiples of the prime.
-     */
-
-    /*
-     * First, if |out| is equal to 2^521-1, we subtract it out to get zero.
-     */
-
-    is_p = out[0] ^ kPrime[0];
-    is_p |= out[1] ^ kPrime[1];
-    is_p |= out[2] ^ kPrime[2];
-    is_p |= out[3] ^ kPrime[3];
-    is_p |= out[4] ^ kPrime[4];
-    is_p |= out[5] ^ kPrime[5];
-    is_p |= out[6] ^ kPrime[6];
-    is_p |= out[7] ^ kPrime[7];
-    is_p |= out[8] ^ kPrime[8];
-
-    is_p--;
-    is_p &= is_p << 32;
-    is_p &= is_p << 16;
-    is_p &= is_p << 8;
-    is_p &= is_p << 4;
-    is_p &= is_p << 2;
-    is_p &= is_p << 1;
-    is_p = ((s64) is_p) >> 63;
-    is_p = ~is_p;
-
-    /* is_p is 0 iff |out| == 2^521-1 and all ones otherwise */
-
-    out[0] &= is_p;
-    out[1] &= is_p;
-    out[2] &= is_p;
-    out[3] &= is_p;
-    out[4] &= is_p;
-    out[5] &= is_p;
-    out[6] &= is_p;
-    out[7] &= is_p;
-    out[8] &= is_p;
-
-    /*
-     * In order to test that |out| >= 2^521-1 we need only test if out[8] >>
-     * 57 is greater than zero as (2^521-1) + x >= 2^522
-     */
-    is_greater = out[8] >> 57;
-    is_greater |= is_greater << 32;
-    is_greater |= is_greater << 16;
-    is_greater |= is_greater << 8;
-    is_greater |= is_greater << 4;
-    is_greater |= is_greater << 2;
-    is_greater |= is_greater << 1;
-    is_greater = ((s64) is_greater) >> 63;
-
-    out[0] -= kPrime[0] & is_greater;
-    out[1] -= kPrime[1] & is_greater;
-    out[2] -= kPrime[2] & is_greater;
-    out[3] -= kPrime[3] & is_greater;
-    out[4] -= kPrime[4] & is_greater;
-    out[5] -= kPrime[5] & is_greater;
-    out[6] -= kPrime[6] & is_greater;
-    out[7] -= kPrime[7] & is_greater;
-    out[8] -= kPrime[8] & is_greater;
-
-    /* Eliminate negative coefficients */
-    sign = -(out[0] >> 63);
-    out[0] += (two58 & sign);
-    out[1] -= (1 & sign);
-    sign = -(out[1] >> 63);
-    out[1] += (two58 & sign);
-    out[2] -= (1 & sign);
-    sign = -(out[2] >> 63);
-    out[2] += (two58 & sign);
-    out[3] -= (1 & sign);
-    sign = -(out[3] >> 63);
-    out[3] += (two58 & sign);
-    out[4] -= (1 & sign);
-    sign = -(out[4] >> 63);
-    out[4] += (two58 & sign);
-    out[5] -= (1 & sign);
-    sign = -(out[0] >> 63);
-    out[5] += (two58 & sign);
-    out[6] -= (1 & sign);
-    sign = -(out[6] >> 63);
-    out[6] += (two58 & sign);
-    out[7] -= (1 & sign);
-    sign = -(out[7] >> 63);
-    out[7] += (two58 & sign);
-    out[8] -= (1 & sign);
-    sign = -(out[5] >> 63);
-    out[5] += (two58 & sign);
-    out[6] -= (1 & sign);
-    sign = -(out[6] >> 63);
-    out[6] += (two58 & sign);
-    out[7] -= (1 & sign);
-    sign = -(out[7] >> 63);
-    out[7] += (two58 & sign);
-    out[8] -= (1 & sign);
-}
-
-/*-
- * Group operations
- * ----------------
- *
- * Building on top of the field operations we have the operations on the
- * elliptic curve group itself. Points on the curve are represented in Jacobian
- * coordinates */
-
-/*-
- * point_double calcuates 2*(x_in, y_in, z_in)
- *
- * The method is taken from:
- *   http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#doubling-dbl-2001-b
- *
- * Outputs can equal corresponding inputs, i.e., x_out == x_in is allowed.
- * while x_out == y_in is not (maybe this works, but it's not tested). */
-static void
-point_double(felem x_out, felem y_out, felem z_out,
-             const felem x_in, const felem y_in, const felem z_in)
-{
-    largefelem tmp, tmp2;
-    felem delta, gamma, beta, alpha, ftmp, ftmp2;
-
-    felem_assign(ftmp, x_in);
-    felem_assign(ftmp2, x_in);
-
-    /* delta = z^2 */
-    felem_square(tmp, z_in);
-    felem_reduce(delta, tmp);   /* delta[i] < 2^59 + 2^14 */
-
-    /* gamma = y^2 */
-    felem_square(tmp, y_in);
-    felem_reduce(gamma, tmp);   /* gamma[i] < 2^59 + 2^14 */
-
-    /* beta = x*gamma */
-    felem_mul(tmp, x_in, gamma);
-    felem_reduce(beta, tmp);    /* beta[i] < 2^59 + 2^14 */
-
-    /* alpha = 3*(x-delta)*(x+delta) */
-    felem_diff64(ftmp, delta);
-    /* ftmp[i] < 2^61 */
-    felem_sum64(ftmp2, delta);
-    /* ftmp2[i] < 2^60 + 2^15 */
-    felem_scalar64(ftmp2, 3);
-    /* ftmp2[i] < 3*2^60 + 3*2^15 */
-    felem_mul(tmp, ftmp, ftmp2);
-    /*-
-     * tmp[i] < 17(3*2^121 + 3*2^76)
-     *        = 61*2^121 + 61*2^76
-     *        < 64*2^121 + 64*2^76
-     *        = 2^127 + 2^82
-     *        < 2^128
-     */
-    felem_reduce(alpha, tmp);
-
-    /* x' = alpha^2 - 8*beta */
-    felem_square(tmp, alpha);
-    /*
-     * tmp[i] < 17*2^120 < 2^125
-     */
-    felem_assign(ftmp, beta);
-    felem_scalar64(ftmp, 8);
-    /* ftmp[i] < 2^62 + 2^17 */
-    felem_diff_128_64(tmp, ftmp);
-    /* tmp[i] < 2^125 + 2^63 + 2^62 + 2^17 */
-    felem_reduce(x_out, tmp);
-
-    /* z' = (y + z)^2 - gamma - delta */
-    felem_sum64(delta, gamma);
-    /* delta[i] < 2^60 + 2^15 */
-    felem_assign(ftmp, y_in);
-    felem_sum64(ftmp, z_in);
-    /* ftmp[i] < 2^60 + 2^15 */
-    felem_square(tmp, ftmp);
-    /*
-     * tmp[i] < 17(2^122) < 2^127
-     */
-    felem_diff_128_64(tmp, delta);
-    /* tmp[i] < 2^127 + 2^63 */
-    felem_reduce(z_out, tmp);
-
-    /* y' = alpha*(4*beta - x') - 8*gamma^2 */
-    felem_scalar64(beta, 4);
-    /* beta[i] < 2^61 + 2^16 */
-    felem_diff64(beta, x_out);
-    /* beta[i] < 2^61 + 2^60 + 2^16 */
-    felem_mul(tmp, alpha, beta);
-    /*-
-     * tmp[i] < 17*((2^59 + 2^14)(2^61 + 2^60 + 2^16))
-     *        = 17*(2^120 + 2^75 + 2^119 + 2^74 + 2^75 + 2^30)
-     *        = 17*(2^120 + 2^119 + 2^76 + 2^74 + 2^30)
-     *        < 2^128
-     */
-    felem_square(tmp2, gamma);
-    /*-
-     * tmp2[i] < 17*(2^59 + 2^14)^2
-     *         = 17*(2^118 + 2^74 + 2^28)
-     */
-    felem_scalar128(tmp2, 8);
-    /*-
-     * tmp2[i] < 8*17*(2^118 + 2^74 + 2^28)
-     *         = 2^125 + 2^121 + 2^81 + 2^77 + 2^35 + 2^31
-     *         < 2^126
-     */
-    felem_diff128(tmp, tmp2);
-    /*-
-     * tmp[i] < 2^127 - 2^69 + 17(2^120 + 2^119 + 2^76 + 2^74 + 2^30)
-     *        = 2^127 + 2^124 + 2^122 + 2^120 + 2^118 + 2^80 + 2^78 + 2^76 +
-     *          2^74 + 2^69 + 2^34 + 2^30
-     *        < 2^128
-     */
-    felem_reduce(y_out, tmp);
-}
-
-/* copy_conditional copies in to out iff mask is all ones. */
-static void copy_conditional(felem out, const felem in, limb mask)
-{
-    unsigned i;
-    for (i = 0; i < NLIMBS; ++i) {
-        const limb tmp = mask & (in[i] ^ out[i]);
-        out[i] ^= tmp;
-    }
-}
-
-/*-
- * point_add calcuates (x1, y1, z1) + (x2, y2, z2)
- *
- * The method is taken from
- *   http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#addition-add-2007-bl,
- * adapted for mixed addition (z2 = 1, or z2 = 0 for the point at infinity).
- *
- * This function includes a branch for checking whether the two input points
- * are equal (while not equal to the point at infinity). This case never
- * happens during single point multiplication, so there is no timing leak for
- * ECDH or ECDSA signing. */
-static void point_add(felem x3, felem y3, felem z3,
-                      const felem x1, const felem y1, const felem z1,
-                      const int mixed, const felem x2, const felem y2,
-                      const felem z2)
-{
-    felem ftmp, ftmp2, ftmp3, ftmp4, ftmp5, ftmp6, x_out, y_out, z_out;
-    largefelem tmp, tmp2;
-    limb x_equal, y_equal, z1_is_zero, z2_is_zero;
-
-    z1_is_zero = felem_is_zero(z1);
-    z2_is_zero = felem_is_zero(z2);
-
-    /* ftmp = z1z1 = z1**2 */
-    felem_square(tmp, z1);
-    felem_reduce(ftmp, tmp);
-
-    if (!mixed) {
-        /* ftmp2 = z2z2 = z2**2 */
-        felem_square(tmp, z2);
-        felem_reduce(ftmp2, tmp);
-
-        /* u1 = ftmp3 = x1*z2z2 */
-        felem_mul(tmp, x1, ftmp2);
-        felem_reduce(ftmp3, tmp);
-
-        /* ftmp5 = z1 + z2 */
-        felem_assign(ftmp5, z1);
-        felem_sum64(ftmp5, z2);
-        /* ftmp5[i] < 2^61 */
-
-        /* ftmp5 = (z1 + z2)**2 - z1z1 - z2z2 = 2*z1z2 */
-        felem_square(tmp, ftmp5);
-        /* tmp[i] < 17*2^122 */
-        felem_diff_128_64(tmp, ftmp);
-        /* tmp[i] < 17*2^122 + 2^63 */
-        felem_diff_128_64(tmp, ftmp2);
-        /* tmp[i] < 17*2^122 + 2^64 */
-        felem_reduce(ftmp5, tmp);
-
-        /* ftmp2 = z2 * z2z2 */
-        felem_mul(tmp, ftmp2, z2);
-        felem_reduce(ftmp2, tmp);
-
-        /* s1 = ftmp6 = y1 * z2**3 */
-        felem_mul(tmp, y1, ftmp2);
-        felem_reduce(ftmp6, tmp);
-    } else {
-        /*
-         * We'll assume z2 = 1 (special case z2 = 0 is handled later)
-         */
-
-        /* u1 = ftmp3 = x1*z2z2 */
-        felem_assign(ftmp3, x1);
-
-        /* ftmp5 = 2*z1z2 */
-        felem_scalar(ftmp5, z1, 2);
-
-        /* s1 = ftmp6 = y1 * z2**3 */
-        felem_assign(ftmp6, y1);
-    }
-
-    /* u2 = x2*z1z1 */
-    felem_mul(tmp, x2, ftmp);
-    /* tmp[i] < 17*2^120 */
-
-    /* h = ftmp4 = u2 - u1 */
-    felem_diff_128_64(tmp, ftmp3);
-    /* tmp[i] < 17*2^120 + 2^63 */
-    felem_reduce(ftmp4, tmp);
-
-    x_equal = felem_is_zero(ftmp4);
-
-    /* z_out = ftmp5 * h */
-    felem_mul(tmp, ftmp5, ftmp4);
-    felem_reduce(z_out, tmp);
-
-    /* ftmp = z1 * z1z1 */
-    felem_mul(tmp, ftmp, z1);
-    felem_reduce(ftmp, tmp);
-
-    /* s2 = tmp = y2 * z1**3 */
-    felem_mul(tmp, y2, ftmp);
-    /* tmp[i] < 17*2^120 */
-
-    /* r = ftmp5 = (s2 - s1)*2 */
-    felem_diff_128_64(tmp, ftmp6);
-    /* tmp[i] < 17*2^120 + 2^63 */
-    felem_reduce(ftmp5, tmp);
-    y_equal = felem_is_zero(ftmp5);
-    felem_scalar64(ftmp5, 2);
-    /* ftmp5[i] < 2^61 */
-
-    if (x_equal && y_equal && !z1_is_zero && !z2_is_zero) {
-        point_double(x3, y3, z3, x1, y1, z1);
-        return;
-    }
-
-    /* I = ftmp = (2h)**2 */
-    felem_assign(ftmp, ftmp4);
-    felem_scalar64(ftmp, 2);
-    /* ftmp[i] < 2^61 */
-    felem_square(tmp, ftmp);
-    /* tmp[i] < 17*2^122 */
-    felem_reduce(ftmp, tmp);
-
-    /* J = ftmp2 = h * I */
-    felem_mul(tmp, ftmp4, ftmp);
-    felem_reduce(ftmp2, tmp);
-
-    /* V = ftmp4 = U1 * I */
-    felem_mul(tmp, ftmp3, ftmp);
-    felem_reduce(ftmp4, tmp);
-
-    /* x_out = r**2 - J - 2V */
-    felem_square(tmp, ftmp5);
-    /* tmp[i] < 17*2^122 */
-    felem_diff_128_64(tmp, ftmp2);
-    /* tmp[i] < 17*2^122 + 2^63 */
-    felem_assign(ftmp3, ftmp4);
-    felem_scalar64(ftmp4, 2);
-    /* ftmp4[i] < 2^61 */
-    felem_diff_128_64(tmp, ftmp4);
-    /* tmp[i] < 17*2^122 + 2^64 */
-    felem_reduce(x_out, tmp);
-
-    /* y_out = r(V-x_out) - 2 * s1 * J */
-    felem_diff64(ftmp3, x_out);
-    /*
-     * ftmp3[i] < 2^60 + 2^60 = 2^61
-     */
-    felem_mul(tmp, ftmp5, ftmp3);
-    /* tmp[i] < 17*2^122 */
-    felem_mul(tmp2, ftmp6, ftmp2);
-    /* tmp2[i] < 17*2^120 */
-    felem_scalar128(tmp2, 2);
-    /* tmp2[i] < 17*2^121 */
-    felem_diff128(tmp, tmp2);
-        /*-
-         * tmp[i] < 2^127 - 2^69 + 17*2^122
-         *        = 2^126 - 2^122 - 2^6 - 2^2 - 1
-         *        < 2^127
-         */
-    felem_reduce(y_out, tmp);
-
-    copy_conditional(x_out, x2, z1_is_zero);
-    copy_conditional(x_out, x1, z2_is_zero);
-    copy_conditional(y_out, y2, z1_is_zero);
-    copy_conditional(y_out, y1, z2_is_zero);
-    copy_conditional(z_out, z2, z1_is_zero);
-    copy_conditional(z_out, z1, z2_is_zero);
-    felem_assign(x3, x_out);
-    felem_assign(y3, y_out);
-    felem_assign(z3, z_out);
-}
-
-/*-
- * Base point pre computation
- * --------------------------
- *
- * Two different sorts of precomputed tables are used in the following code.
- * Each contain various points on the curve, where each point is three field
- * elements (x, y, z).
- *
- * For the base point table, z is usually 1 (0 for the point at infinity).
- * This table has 16 elements:
- * index | bits    | point
- * ------+---------+------------------------------
- *     0 | 0 0 0 0 | 0G
- *     1 | 0 0 0 1 | 1G
- *     2 | 0 0 1 0 | 2^130G
- *     3 | 0 0 1 1 | (2^130 + 1)G
- *     4 | 0 1 0 0 | 2^260G
- *     5 | 0 1 0 1 | (2^260 + 1)G
- *     6 | 0 1 1 0 | (2^260 + 2^130)G
- *     7 | 0 1 1 1 | (2^260 + 2^130 + 1)G
- *     8 | 1 0 0 0 | 2^390G
- *     9 | 1 0 0 1 | (2^390 + 1)G
- *    10 | 1 0 1 0 | (2^390 + 2^130)G
- *    11 | 1 0 1 1 | (2^390 + 2^130 + 1)G
- *    12 | 1 1 0 0 | (2^390 + 2^260)G
- *    13 | 1 1 0 1 | (2^390 + 2^260 + 1)G
- *    14 | 1 1 1 0 | (2^390 + 2^260 + 2^130)G
- *    15 | 1 1 1 1 | (2^390 + 2^260 + 2^130 + 1)G
- *
- * The reason for this is so that we can clock bits into four different
- * locations when doing simple scalar multiplies against the base point.
- *
- * Tables for other points have table[i] = iG for i in 0 .. 16. */
-
-/* gmul is the table of precomputed base points */
-static const felem gmul[16][3] = { {{0, 0, 0, 0, 0, 0, 0, 0, 0},
-                                    {0, 0, 0, 0, 0, 0, 0, 0, 0},
-                                    {0, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x017e7e31c2e5bd66, 0x022cf0615a90a6fe, 0x00127a2ffa8de334,
-  0x01dfbf9d64a3f877, 0x006b4d3dbaa14b5e, 0x014fed487e0a2bd8,
-  0x015b4429c6481390, 0x03a73678fb2d988e, 0x00c6858e06b70404},
- {0x00be94769fd16650, 0x031c21a89cb09022, 0x039013fad0761353,
-  0x02657bd099031542, 0x03273e662c97ee72, 0x01e6d11a05ebef45,
-  0x03d1bd998f544495, 0x03001172297ed0b1, 0x011839296a789a3b},
- {1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x0373faacbc875bae, 0x00f325023721c671, 0x00f666fd3dbde5ad,
-  0x01a6932363f88ea7, 0x01fc6d9e13f9c47b, 0x03bcbffc2bbf734e,
-  0x013ee3c3647f3a92, 0x029409fefe75d07d, 0x00ef9199963d85e5},
- {0x011173743ad5b178, 0x02499c7c21bf7d46, 0x035beaeabb8b1a58,
-  0x00f989c4752ea0a3, 0x0101e1de48a9c1a3, 0x01a20076be28ba6c,
-  0x02f8052e5eb2de95, 0x01bfe8f82dea117c, 0x0160074d3c36ddb7},
- {1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x012f3fc373393b3b, 0x03d3d6172f1419fa, 0x02adc943c0b86873,
-  0x00d475584177952b, 0x012a4d1673750ee2, 0x00512517a0f13b0c,
-  0x02b184671a7b1734, 0x0315b84236f1a50a, 0x00a4afc472edbdb9},
- {0x00152a7077f385c4, 0x03044007d8d1c2ee, 0x0065829d61d52b52,
-  0x00494ff6b6631d0d, 0x00a11d94d5f06bcf, 0x02d2f89474d9282e,
-  0x0241c5727c06eeb9, 0x0386928710fbdb9d, 0x01f883f727b0dfbe},
- {1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x019b0c3c9185544d, 0x006243a37c9d97db, 0x02ee3cbe030a2ad2,
-  0x00cfdd946bb51e0d, 0x0271c00932606b91, 0x03f817d1ec68c561,
-  0x03f37009806a369c, 0x03c1f30baf184fd5, 0x01091022d6d2f065},
- {0x0292c583514c45ed, 0x0316fca51f9a286c, 0x00300af507c1489a,
-  0x0295f69008298cf1, 0x02c0ed8274943d7b, 0x016509b9b47a431e,
-  0x02bc9de9634868ce, 0x005b34929bffcb09, 0x000c1a0121681524},
- {1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x0286abc0292fb9f2, 0x02665eee9805b3f7, 0x01ed7455f17f26d6,
-  0x0346355b83175d13, 0x006284944cd0a097, 0x0191895bcdec5e51,
-  0x02e288370afda7d9, 0x03b22312bfefa67a, 0x01d104d3fc0613fe},
- {0x0092421a12f7e47f, 0x0077a83fa373c501, 0x03bd25c5f696bd0d,
-  0x035c41e4d5459761, 0x01ca0d1742b24f53, 0x00aaab27863a509c,
-  0x018b6de47df73917, 0x025c0b771705cd01, 0x01fd51d566d760a7},
- {1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x01dd92ff6b0d1dbd, 0x039c5e2e8f8afa69, 0x0261ed13242c3b27,
-  0x0382c6e67026e6a0, 0x01d60b10be2089f9, 0x03c15f3dce86723f,
-  0x03c764a32d2a062d, 0x017307eac0fad056, 0x018207c0b96c5256},
- {0x0196a16d60e13154, 0x03e6ce74c0267030, 0x00ddbf2b4e52a5aa,
-  0x012738241bbf31c8, 0x00ebe8dc04685a28, 0x024c2ad6d380d4a2,
-  0x035ee062a6e62d0e, 0x0029ed74af7d3a0f, 0x00eef32aec142ebd},
- {1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x00c31ec398993b39, 0x03a9f45bcda68253, 0x00ac733c24c70890,
-  0x00872b111401ff01, 0x01d178c23195eafb, 0x03bca2c816b87f74,
-  0x0261a9af46fbad7a, 0x0324b2a8dd3d28f9, 0x00918121d8f24e23},
- {0x032bc8c1ca983cd7, 0x00d869dfb08fc8c6, 0x01693cb61fce1516,
-  0x012a5ea68f4e88a8, 0x010869cab88d7ae3, 0x009081ad277ceee1,
-  0x033a77166d064cdc, 0x03955235a1fb3a95, 0x01251a4a9b25b65e},
- {1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x00148a3a1b27f40b, 0x0123186df1b31fdc, 0x00026e7beaad34ce,
-  0x01db446ac1d3dbba, 0x0299c1a33437eaec, 0x024540610183cbb7,
-  0x0173bb0e9ce92e46, 0x02b937e43921214b, 0x01ab0436a9bf01b5},
- {0x0383381640d46948, 0x008dacbf0e7f330f, 0x03602122bcc3f318,
-  0x01ee596b200620d6, 0x03bd0585fda430b3, 0x014aed77fd123a83,
-  0x005ace749e52f742, 0x0390fe041da2b842, 0x0189a8ceb3299242},
- {1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x012a19d6b3282473, 0x00c0915918b423ce, 0x023a954eb94405ae,
-  0x00529f692be26158, 0x0289fa1b6fa4b2aa, 0x0198ae4ceea346ef,
-  0x0047d8cdfbdedd49, 0x00cc8c8953f0f6b8, 0x001424abbff49203},
- {0x0256732a1115a03a, 0x0351bc38665c6733, 0x03f7b950fb4a6447,
-  0x000afffa94c22155, 0x025763d0a4dab540, 0x000511e92d4fc283,
-  0x030a7e9eda0ee96c, 0x004c3cd93a28bf0a, 0x017edb3a8719217f},
- {1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x011de5675a88e673, 0x031d7d0f5e567fbe, 0x0016b2062c970ae5,
-  0x03f4a2be49d90aa7, 0x03cef0bd13822866, 0x03f0923dcf774a6c,
-  0x0284bebc4f322f72, 0x016ab2645302bb2c, 0x01793f95dace0e2a},
- {0x010646e13527a28f, 0x01ca1babd59dc5e7, 0x01afedfd9a5595df,
-  0x01f15785212ea6b1, 0x0324e5d64f6ae3f4, 0x02d680f526d00645,
-  0x0127920fadf627a7, 0x03b383f75df4f684, 0x0089e0057e783b0a},
- {1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x00f334b9eb3c26c6, 0x0298fdaa98568dce, 0x01c2d24843a82292,
-  0x020bcb24fa1b0711, 0x02cbdb3d2b1875e6, 0x0014907598f89422,
-  0x03abe3aa43b26664, 0x02cbf47f720bc168, 0x0133b5e73014b79b},
- {0x034aab5dab05779d, 0x00cdc5d71fee9abb, 0x0399f16bd4bd9d30,
-  0x03582fa592d82647, 0x02be1cdfb775b0e9, 0x0034f7cea32e94cb,
-  0x0335a7f08f56f286, 0x03b707e9565d1c8b, 0x0015c946ea5b614f},
- {1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x024676f6cff72255, 0x00d14625cac96378, 0x00532b6008bc3767,
-  0x01fc16721b985322, 0x023355ea1b091668, 0x029de7afdc0317c3,
-  0x02fc8a7ca2da037c, 0x02de1217d74a6f30, 0x013f7173175b73bf},
- {0x0344913f441490b5, 0x0200f9e272b61eca, 0x0258a246b1dd55d2,
-  0x03753db9ea496f36, 0x025e02937a09c5ef, 0x030cbd3d14012692,
-  0x01793a67e70dc72a, 0x03ec1d37048a662e, 0x006550f700c32a8d},
- {1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x00d3f48a347eba27, 0x008e636649b61bd8, 0x00d3b93716778fb3,
-  0x004d1915757bd209, 0x019d5311a3da44e0, 0x016d1afcbbe6aade,
-  0x0241bf5f73265616, 0x0384672e5d50d39b, 0x005009fee522b684},
- {0x029b4fab064435fe, 0x018868ee095bbb07, 0x01ea3d6936cc92b8,
-  0x000608b00f78a2f3, 0x02db911073d1c20f, 0x018205938470100a,
-  0x01f1e4964cbe6ff2, 0x021a19a29eed4663, 0x01414485f42afa81},
- {1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x01612b3a17f63e34, 0x03813992885428e6, 0x022b3c215b5a9608,
-  0x029b4057e19f2fcb, 0x0384059a587af7e6, 0x02d6400ace6fe610,
-  0x029354d896e8e331, 0x00c047ee6dfba65e, 0x0037720542e9d49d},
- {0x02ce9eed7c5e9278, 0x0374ed703e79643b, 0x01316c54c4072006,
-  0x005aaa09054b2ee8, 0x002824000c840d57, 0x03d4eba24771ed86,
-  0x0189c50aabc3bdae, 0x0338c01541e15510, 0x00466d56e38eed42},
- {1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x007efd8330ad8bd6, 0x02465ed48047710b, 0x0034c6606b215e0c,
-  0x016ae30c53cbf839, 0x01fa17bd37161216, 0x018ead4e61ce8ab9,
-  0x005482ed5f5dee46, 0x037543755bba1d7f, 0x005e5ac7e70a9d0f},
- {0x0117e1bb2fdcb2a2, 0x03deea36249f40c4, 0x028d09b4a6246cb7,
-  0x03524b8855bcf756, 0x023d7d109d5ceb58, 0x0178e43e3223ef9c,
-  0x0154536a0c6e966a, 0x037964d1286ee9fe, 0x0199bcd90e125055},
- {1, 0, 0, 0, 0, 0, 0, 0, 0}}
-};
-
-/*
- * select_point selects the |idx|th point from a precomputation table and
- * copies it to out.
- */
- /* pre_comp below is of the size provided in |size| */
-static void select_point(const limb idx, unsigned int size,
-                         const felem pre_comp[][3], felem out[3])
-{
-    unsigned i, j;
-    limb *outlimbs = &out[0][0];
-    memset(outlimbs, 0, 3 * sizeof(felem));
-
-    for (i = 0; i < size; i++) {
-        const limb *inlimbs = &pre_comp[i][0][0];
-        limb mask = i ^ idx;
-        mask |= mask >> 4;
-        mask |= mask >> 2;
-        mask |= mask >> 1;
-        mask &= 1;
-        mask--;
-        for (j = 0; j < NLIMBS * 3; j++)
-            outlimbs[j] |= inlimbs[j] & mask;
-    }
-}
-
-/* get_bit returns the |i|th bit in |in| */
-static char get_bit(const felem_bytearray in, int i)
-{
-    if (i < 0)
-        return 0;
-    return (in[i >> 3] >> (i & 7)) & 1;
-}
-
-/*
- * Interleaved point multiplication using precomputed point multiples: The
- * small point multiples 0*P, 1*P, ..., 16*P are in pre_comp[], the scalars
- * in scalars[]. If g_scalar is non-NULL, we also add this multiple of the
- * generator, using certain (large) precomputed multiples in g_pre_comp.
- * Output point (X, Y, Z) is stored in x_out, y_out, z_out
- */
-static void batch_mul(felem x_out, felem y_out, felem z_out,
-                      const felem_bytearray scalars[],
-                      const unsigned num_points, const u8 *g_scalar,
-                      const int mixed, const felem pre_comp[][17][3],
-                      const felem g_pre_comp[16][3])
-{
-    int i, skip;
-    unsigned num, gen_mul = (g_scalar != NULL);
-    felem nq[3], tmp[4];
-    limb bits;
-    u8 sign, digit;
-
-    /* set nq to the point at infinity */
-    memset(nq, 0, 3 * sizeof(felem));
-
-    /*
-     * Loop over all scalars msb-to-lsb, interleaving additions of multiples
-     * of the generator (last quarter of rounds) and additions of other
-     * points multiples (every 5th round).
-     */
-    skip = 1;                   /* save two point operations in the first
-                                 * round */
-    for (i = (num_points ? 520 : 130); i >= 0; --i) {
-        /* double */
-        if (!skip)
-            point_double(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2]);
-
-        /* add multiples of the generator */
-        if (gen_mul && (i <= 130)) {
-            bits = get_bit(g_scalar, i + 390) << 3;
-            if (i < 130) {
-                bits |= get_bit(g_scalar, i + 260) << 2;
-                bits |= get_bit(g_scalar, i + 130) << 1;
-                bits |= get_bit(g_scalar, i);
-            }
-            /* select the point to add, in constant time */
-            select_point(bits, 16, g_pre_comp, tmp);
-            if (!skip) {
-                /* The 1 argument below is for "mixed" */
-                point_add(nq[0], nq[1], nq[2],
-                          nq[0], nq[1], nq[2], 1, tmp[0], tmp[1], tmp[2]);
-            } else {
-                memcpy(nq, tmp, 3 * sizeof(felem));
-                skip = 0;
-            }
-        }
-
-        /* do other additions every 5 doublings */
-        if (num_points && (i % 5 == 0)) {
-            /* loop over all scalars */
-            for (num = 0; num < num_points; ++num) {
-                bits = get_bit(scalars[num], i + 4) << 5;
-                bits |= get_bit(scalars[num], i + 3) << 4;
-                bits |= get_bit(scalars[num], i + 2) << 3;
-                bits |= get_bit(scalars[num], i + 1) << 2;
-                bits |= get_bit(scalars[num], i) << 1;
-                bits |= get_bit(scalars[num], i - 1);
-                ec_GFp_nistp_recode_scalar_bits(&sign, &digit, bits);
-
-                /*
-                 * select the point to add or subtract, in constant time
-                 */
-                select_point(digit, 17, pre_comp[num], tmp);
-                felem_neg(tmp[3], tmp[1]); /* (X, -Y, Z) is the negative
-                                            * point */
-                copy_conditional(tmp[1], tmp[3], (-(limb) sign));
-
-                if (!skip) {
-                    point_add(nq[0], nq[1], nq[2],
-                              nq[0], nq[1], nq[2],
-                              mixed, tmp[0], tmp[1], tmp[2]);
-                } else {
-                    memcpy(nq, tmp, 3 * sizeof(felem));
-                    skip = 0;
-                }
-            }
-        }
-    }
-    felem_assign(x_out, nq[0]);
-    felem_assign(y_out, nq[1]);
-    felem_assign(z_out, nq[2]);
-}
-
-/* Precomputation for the group generator. */
-typedef struct {
-    felem g_pre_comp[16][3];
-    int references;
-} NISTP521_PRE_COMP;
-
-const EC_METHOD *EC_GFp_nistp521_method(void)
-{
-    static const EC_METHOD ret = {
-        EC_FLAGS_DEFAULT_OCT,
-        NID_X9_62_prime_field,
-        ec_GFp_nistp521_group_init,
-        ec_GFp_simple_group_finish,
-        ec_GFp_simple_group_clear_finish,
-        ec_GFp_nist_group_copy,
-        ec_GFp_nistp521_group_set_curve,
-        ec_GFp_simple_group_get_curve,
-        ec_GFp_simple_group_get_degree,
-        ec_GFp_simple_group_check_discriminant,
-        ec_GFp_simple_point_init,
-        ec_GFp_simple_point_finish,
-        ec_GFp_simple_point_clear_finish,
-        ec_GFp_simple_point_copy,
-        ec_GFp_simple_point_set_to_infinity,
-        ec_GFp_simple_set_Jprojective_coordinates_GFp,
-        ec_GFp_simple_get_Jprojective_coordinates_GFp,
-        ec_GFp_simple_point_set_affine_coordinates,
-        ec_GFp_nistp521_point_get_affine_coordinates,
-        0 /* point_set_compressed_coordinates */ ,
-        0 /* point2oct */ ,
-        0 /* oct2point */ ,
-        ec_GFp_simple_add,
-        ec_GFp_simple_dbl,
-        ec_GFp_simple_invert,
-        ec_GFp_simple_is_at_infinity,
-        ec_GFp_simple_is_on_curve,
-        ec_GFp_simple_cmp,
-        ec_GFp_simple_make_affine,
-        ec_GFp_simple_points_make_affine,
-        ec_GFp_nistp521_points_mul,
-        ec_GFp_nistp521_precompute_mult,
-        ec_GFp_nistp521_have_precompute_mult,
-        ec_GFp_nist_field_mul,
-        ec_GFp_nist_field_sqr,
-        0 /* field_div */ ,
-        0 /* field_encode */ ,
-        0 /* field_decode */ ,
-        0                       /* field_set_to_one */
-    };
-
-    return &ret;
-}
-
-/******************************************************************************/
-/*
- * FUNCTIONS TO MANAGE PRECOMPUTATION
- */
-
-static NISTP521_PRE_COMP *nistp521_pre_comp_new()
-{
-    NISTP521_PRE_COMP *ret = NULL;
-    ret = (NISTP521_PRE_COMP *) OPENSSL_malloc(sizeof(NISTP521_PRE_COMP));
-    if (!ret) {
-        ECerr(EC_F_NISTP521_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
-        return ret;
-    }
-    memset(ret->g_pre_comp, 0, sizeof(ret->g_pre_comp));
-    ret->references = 1;
-    return ret;
-}
-
-static void *nistp521_pre_comp_dup(void *src_)
-{
-    NISTP521_PRE_COMP *src = src_;
-
-    /* no need to actually copy, these objects never change! */
-    CRYPTO_add(&src->references, 1, CRYPTO_LOCK_EC_PRE_COMP);
-
-    return src_;
-}
-
-static void nistp521_pre_comp_free(void *pre_)
-{
-    int i;
-    NISTP521_PRE_COMP *pre = pre_;
-
-    if (!pre)
-        return;
-
-    i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
-    if (i > 0)
-        return;
-
-    OPENSSL_free(pre);
-}
-
-static void nistp521_pre_comp_clear_free(void *pre_)
-{
-    int i;
-    NISTP521_PRE_COMP *pre = pre_;
-
-    if (!pre)
-        return;
-
-    i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
-    if (i > 0)
-        return;
-
-    OPENSSL_cleanse(pre, sizeof(*pre));
-    OPENSSL_free(pre);
-}
-
-/******************************************************************************/
-/*
- * OPENSSL EC_METHOD FUNCTIONS
- */
-
-int ec_GFp_nistp521_group_init(EC_GROUP *group)
-{
-    int ret;
-    ret = ec_GFp_simple_group_init(group);
-    group->a_is_minus3 = 1;
-    return ret;
-}
-
-int ec_GFp_nistp521_group_set_curve(EC_GROUP *group, const BIGNUM *p,
-                                    const BIGNUM *a, const BIGNUM *b,
-                                    BN_CTX *ctx)
-{
-    int ret = 0;
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *curve_p, *curve_a, *curve_b;
-
-    if (ctx == NULL)
-        if ((ctx = new_ctx = BN_CTX_new()) == NULL)
-            return 0;
-    BN_CTX_start(ctx);
-    if (((curve_p = BN_CTX_get(ctx)) == NULL) ||
-        ((curve_a = BN_CTX_get(ctx)) == NULL) ||
-        ((curve_b = BN_CTX_get(ctx)) == NULL))
-        goto err;
-    BN_bin2bn(nistp521_curve_params[0], sizeof(felem_bytearray), curve_p);
-    BN_bin2bn(nistp521_curve_params[1], sizeof(felem_bytearray), curve_a);
-    BN_bin2bn(nistp521_curve_params[2], sizeof(felem_bytearray), curve_b);
-    if ((BN_cmp(curve_p, p)) || (BN_cmp(curve_a, a)) || (BN_cmp(curve_b, b))) {
-        ECerr(EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE,
-              EC_R_WRONG_CURVE_PARAMETERS);
-        goto err;
-    }
-    group->field_mod_func = BN_nist_mod_521;
-    ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
- err:
-    BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-
-/*
- * Takes the Jacobian coordinates (X, Y, Z) of a point and returns (X', Y') =
- * (X/Z^2, Y/Z^3)
- */
-int ec_GFp_nistp521_point_get_affine_coordinates(const EC_GROUP *group,
-                                                 const EC_POINT *point,
-                                                 BIGNUM *x, BIGNUM *y,
-                                                 BN_CTX *ctx)
-{
-    felem z1, z2, x_in, y_in, x_out, y_out;
-    largefelem tmp;
-
-    if (EC_POINT_is_at_infinity(group, point)) {
-        ECerr(EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES,
-              EC_R_POINT_AT_INFINITY);
-        return 0;
-    }
-    if ((!BN_to_felem(x_in, &point->X)) || (!BN_to_felem(y_in, &point->Y)) ||
-        (!BN_to_felem(z1, &point->Z)))
-        return 0;
-    felem_inv(z2, z1);
-    felem_square(tmp, z2);
-    felem_reduce(z1, tmp);
-    felem_mul(tmp, x_in, z1);
-    felem_reduce(x_in, tmp);
-    felem_contract(x_out, x_in);
-    if (x != NULL) {
-        if (!felem_to_BN(x, x_out)) {
-            ECerr(EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES,
-                  ERR_R_BN_LIB);
-            return 0;
-        }
-    }
-    felem_mul(tmp, z1, z2);
-    felem_reduce(z1, tmp);
-    felem_mul(tmp, y_in, z1);
-    felem_reduce(y_in, tmp);
-    felem_contract(y_out, y_in);
-    if (y != NULL) {
-        if (!felem_to_BN(y, y_out)) {
-            ECerr(EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES,
-                  ERR_R_BN_LIB);
-            return 0;
-        }
-    }
-    return 1;
-}
-
-/* points below is of size |num|, and tmp_felems is of size |num+1/ */
-static void make_points_affine(size_t num, felem points[][3],
-                               felem tmp_felems[])
-{
-    /*
-     * Runs in constant time, unless an input is the point at infinity (which
-     * normally shouldn't happen).
-     */
-    ec_GFp_nistp_points_make_affine_internal(num,
-                                             points,
-                                             sizeof(felem),
-                                             tmp_felems,
-                                             (void (*)(void *))felem_one,
-                                             (int (*)(const void *))
-                                             felem_is_zero_int,
-                                             (void (*)(void *, const void *))
-                                             felem_assign,
-                                             (void (*)(void *, const void *))
-                                             felem_square_reduce, (void (*)
-                                                                   (void *,
-                                                                    const void
-                                                                    *,
-                                                                    const void
-                                                                    *))
-                                             felem_mul_reduce,
-                                             (void (*)(void *, const void *))
-                                             felem_inv,
-                                             (void (*)(void *, const void *))
-                                             felem_contract);
-}
-
-/*
- * Computes scalar*generator + \sum scalars[i]*points[i], ignoring NULL
- * values Result is stored in r (r can equal one of the inputs).
- */
-int ec_GFp_nistp521_points_mul(const EC_GROUP *group, EC_POINT *r,
-                               const BIGNUM *scalar, size_t num,
-                               const EC_POINT *points[],
-                               const BIGNUM *scalars[], BN_CTX *ctx)
-{
-    int ret = 0;
-    int j;
-    int mixed = 0;
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *x, *y, *z, *tmp_scalar;
-    felem_bytearray g_secret;
-    felem_bytearray *secrets = NULL;
-    felem(*pre_comp)[17][3] = NULL;
-    felem *tmp_felems = NULL;
-    felem_bytearray tmp;
-    unsigned i, num_bytes;
-    int have_pre_comp = 0;
-    size_t num_points = num;
-    felem x_in, y_in, z_in, x_out, y_out, z_out;
-    NISTP521_PRE_COMP *pre = NULL;
-    felem(*g_pre_comp)[3] = NULL;
-    EC_POINT *generator = NULL;
-    const EC_POINT *p = NULL;
-    const BIGNUM *p_scalar = NULL;
-
-    if (ctx == NULL)
-        if ((ctx = new_ctx = BN_CTX_new()) == NULL)
-            return 0;
-    BN_CTX_start(ctx);
-    if (((x = BN_CTX_get(ctx)) == NULL) ||
-        ((y = BN_CTX_get(ctx)) == NULL) ||
-        ((z = BN_CTX_get(ctx)) == NULL) ||
-        ((tmp_scalar = BN_CTX_get(ctx)) == NULL))
-        goto err;
-
-    if (scalar != NULL) {
-        pre = EC_EX_DATA_get_data(group->extra_data,
-                                  nistp521_pre_comp_dup,
-                                  nistp521_pre_comp_free,
-                                  nistp521_pre_comp_clear_free);
-        if (pre)
-            /* we have precomputation, try to use it */
-            g_pre_comp = &pre->g_pre_comp[0];
-        else
-            /* try to use the standard precomputation */
-            g_pre_comp = (felem(*)[3]) gmul;
-        generator = EC_POINT_new(group);
-        if (generator == NULL)
-            goto err;
-        /* get the generator from precomputation */
-        if (!felem_to_BN(x, g_pre_comp[1][0]) ||
-            !felem_to_BN(y, g_pre_comp[1][1]) ||
-            !felem_to_BN(z, g_pre_comp[1][2])) {
-            ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_BN_LIB);
-            goto err;
-        }
-        if (!EC_POINT_set_Jprojective_coordinates_GFp(group,
-                                                      generator, x, y, z,
-                                                      ctx))
-            goto err;
-        if (0 == EC_POINT_cmp(group, generator, group->generator, ctx))
-            /* precomputation matches generator */
-            have_pre_comp = 1;
-        else
-            /*
-             * we don't have valid precomputation: treat the generator as a
-             * random point
-             */
-            num_points++;
-    }
-
-    if (num_points > 0) {
-        if (num_points >= 2) {
-            /*
-             * unless we precompute multiples for just one point, converting
-             * those into affine form is time well spent
-             */
-            mixed = 1;
-        }
-        secrets = OPENSSL_malloc(num_points * sizeof(felem_bytearray));
-        pre_comp = OPENSSL_malloc(num_points * 17 * 3 * sizeof(felem));
-        if (mixed)
-            tmp_felems =
-                OPENSSL_malloc((num_points * 17 + 1) * sizeof(felem));
-        if ((secrets == NULL) || (pre_comp == NULL)
-            || (mixed && (tmp_felems == NULL))) {
-            ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-
-        /*
-         * we treat NULL scalars as 0, and NULL points as points at infinity,
-         * i.e., they contribute nothing to the linear combination
-         */
-        memset(secrets, 0, num_points * sizeof(felem_bytearray));
-        memset(pre_comp, 0, num_points * 17 * 3 * sizeof(felem));
-        for (i = 0; i < num_points; ++i) {
-            if (i == num)
-                /*
-                 * we didn't have a valid precomputation, so we pick the
-                 * generator
-                 */
-            {
-                p = EC_GROUP_get0_generator(group);
-                p_scalar = scalar;
-            } else
-                /* the i^th point */
-            {
-                p = points[i];
-                p_scalar = scalars[i];
-            }
-            if ((p_scalar != NULL) && (p != NULL)) {
-                /* reduce scalar to 0 <= scalar < 2^521 */
-                if ((BN_num_bits(p_scalar) > 521)
-                    || (BN_is_negative(p_scalar))) {
-                    /*
-                     * this is an unusual input, and we don't guarantee
-                     * constant-timeness
-                     */
-                    if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) {
-                        ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_BN_LIB);
-                        goto err;
-                    }
-                    num_bytes = BN_bn2bin(tmp_scalar, tmp);
-                } else
-                    num_bytes = BN_bn2bin(p_scalar, tmp);
-                flip_endian(secrets[i], tmp, num_bytes);
-                /* precompute multiples */
-                if ((!BN_to_felem(x_out, &p->X)) ||
-                    (!BN_to_felem(y_out, &p->Y)) ||
-                    (!BN_to_felem(z_out, &p->Z)))
-                    goto err;
-                memcpy(pre_comp[i][1][0], x_out, sizeof(felem));
-                memcpy(pre_comp[i][1][1], y_out, sizeof(felem));
-                memcpy(pre_comp[i][1][2], z_out, sizeof(felem));
-                for (j = 2; j <= 16; ++j) {
-                    if (j & 1) {
-                        point_add(pre_comp[i][j][0], pre_comp[i][j][1],
-                                  pre_comp[i][j][2], pre_comp[i][1][0],
-                                  pre_comp[i][1][1], pre_comp[i][1][2], 0,
-                                  pre_comp[i][j - 1][0],
-                                  pre_comp[i][j - 1][1],
-                                  pre_comp[i][j - 1][2]);
-                    } else {
-                        point_double(pre_comp[i][j][0], pre_comp[i][j][1],
-                                     pre_comp[i][j][2], pre_comp[i][j / 2][0],
-                                     pre_comp[i][j / 2][1],
-                                     pre_comp[i][j / 2][2]);
-                    }
-                }
-            }
-        }
-        if (mixed)
-            make_points_affine(num_points * 17, pre_comp[0], tmp_felems);
-    }
-
-    /* the scalar for the generator */
-    if ((scalar != NULL) && (have_pre_comp)) {
-        memset(g_secret, 0, sizeof(g_secret));
-        /* reduce scalar to 0 <= scalar < 2^521 */
-        if ((BN_num_bits(scalar) > 521) || (BN_is_negative(scalar))) {
-            /*
-             * this is an unusual input, and we don't guarantee
-             * constant-timeness
-             */
-            if (!BN_nnmod(tmp_scalar, scalar, &group->order, ctx)) {
-                ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_BN_LIB);
-                goto err;
-            }
-            num_bytes = BN_bn2bin(tmp_scalar, tmp);
-        } else
-            num_bytes = BN_bn2bin(scalar, tmp);
-        flip_endian(g_secret, tmp, num_bytes);
-        /* do the multiplication with generator precomputation */
-        batch_mul(x_out, y_out, z_out,
-                  (const felem_bytearray(*))secrets, num_points,
-                  g_secret,
-                  mixed, (const felem(*)[17][3])pre_comp,
-                  (const felem(*)[3])g_pre_comp);
-    } else
-        /* do the multiplication without generator precomputation */
-        batch_mul(x_out, y_out, z_out,
-                  (const felem_bytearray(*))secrets, num_points,
-                  NULL, mixed, (const felem(*)[17][3])pre_comp, NULL);
-    /* reduce the output to its unique minimal representation */
-    felem_contract(x_in, x_out);
-    felem_contract(y_in, y_out);
-    felem_contract(z_in, z_out);
-    if ((!felem_to_BN(x, x_in)) || (!felem_to_BN(y, y_in)) ||
-        (!felem_to_BN(z, z_in))) {
-        ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_BN_LIB);
-        goto err;
-    }
-    ret = EC_POINT_set_Jprojective_coordinates_GFp(group, r, x, y, z, ctx);
-
- err:
-    BN_CTX_end(ctx);
-    if (generator != NULL)
-        EC_POINT_free(generator);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    if (secrets != NULL)
-        OPENSSL_free(secrets);
-    if (pre_comp != NULL)
-        OPENSSL_free(pre_comp);
-    if (tmp_felems != NULL)
-        OPENSSL_free(tmp_felems);
-    return ret;
-}
-
-int ec_GFp_nistp521_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
-{
-    int ret = 0;
-    NISTP521_PRE_COMP *pre = NULL;
-    int i, j;
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *x, *y;
-    EC_POINT *generator = NULL;
-    felem tmp_felems[16];
-
-    /* throw away old precomputation */
-    EC_EX_DATA_free_data(&group->extra_data, nistp521_pre_comp_dup,
-                         nistp521_pre_comp_free,
-                         nistp521_pre_comp_clear_free);
-    if (ctx == NULL)
-        if ((ctx = new_ctx = BN_CTX_new()) == NULL)
-            return 0;
-    BN_CTX_start(ctx);
-    if (((x = BN_CTX_get(ctx)) == NULL) || ((y = BN_CTX_get(ctx)) == NULL))
-        goto err;
-    /* get the generator */
-    if (group->generator == NULL)
-        goto err;
-    generator = EC_POINT_new(group);
-    if (generator == NULL)
-        goto err;
-    BN_bin2bn(nistp521_curve_params[3], sizeof(felem_bytearray), x);
-    BN_bin2bn(nistp521_curve_params[4], sizeof(felem_bytearray), y);
-    if (!EC_POINT_set_affine_coordinates_GFp(group, generator, x, y, ctx))
-        goto err;
-    if ((pre = nistp521_pre_comp_new()) == NULL)
-        goto err;
-    /*
-     * if the generator is the standard one, use built-in precomputation
-     */
-    if (0 == EC_POINT_cmp(group, generator, group->generator, ctx)) {
-        memcpy(pre->g_pre_comp, gmul, sizeof(pre->g_pre_comp));
-        goto done;
-    }
-    if ((!BN_to_felem(pre->g_pre_comp[1][0], &group->generator->X)) ||
-        (!BN_to_felem(pre->g_pre_comp[1][1], &group->generator->Y)) ||
-        (!BN_to_felem(pre->g_pre_comp[1][2], &group->generator->Z)))
-        goto err;
-    /* compute 2^130*G, 2^260*G, 2^390*G */
-    for (i = 1; i <= 4; i <<= 1) {
-        point_double(pre->g_pre_comp[2 * i][0], pre->g_pre_comp[2 * i][1],
-                     pre->g_pre_comp[2 * i][2], pre->g_pre_comp[i][0],
-                     pre->g_pre_comp[i][1], pre->g_pre_comp[i][2]);
-        for (j = 0; j < 129; ++j) {
-            point_double(pre->g_pre_comp[2 * i][0],
-                         pre->g_pre_comp[2 * i][1],
-                         pre->g_pre_comp[2 * i][2],
-                         pre->g_pre_comp[2 * i][0],
-                         pre->g_pre_comp[2 * i][1],
-                         pre->g_pre_comp[2 * i][2]);
-        }
-    }
-    /* g_pre_comp[0] is the point at infinity */
-    memset(pre->g_pre_comp[0], 0, sizeof(pre->g_pre_comp[0]));
-    /* the remaining multiples */
-    /* 2^130*G + 2^260*G */
-    point_add(pre->g_pre_comp[6][0], pre->g_pre_comp[6][1],
-              pre->g_pre_comp[6][2], pre->g_pre_comp[4][0],
-              pre->g_pre_comp[4][1], pre->g_pre_comp[4][2],
-              0, pre->g_pre_comp[2][0], pre->g_pre_comp[2][1],
-              pre->g_pre_comp[2][2]);
-    /* 2^130*G + 2^390*G */
-    point_add(pre->g_pre_comp[10][0], pre->g_pre_comp[10][1],
-              pre->g_pre_comp[10][2], pre->g_pre_comp[8][0],
-              pre->g_pre_comp[8][1], pre->g_pre_comp[8][2],
-              0, pre->g_pre_comp[2][0], pre->g_pre_comp[2][1],
-              pre->g_pre_comp[2][2]);
-    /* 2^260*G + 2^390*G */
-    point_add(pre->g_pre_comp[12][0], pre->g_pre_comp[12][1],
-              pre->g_pre_comp[12][2], pre->g_pre_comp[8][0],
-              pre->g_pre_comp[8][1], pre->g_pre_comp[8][2],
-              0, pre->g_pre_comp[4][0], pre->g_pre_comp[4][1],
-              pre->g_pre_comp[4][2]);
-    /* 2^130*G + 2^260*G + 2^390*G */
-    point_add(pre->g_pre_comp[14][0], pre->g_pre_comp[14][1],
-              pre->g_pre_comp[14][2], pre->g_pre_comp[12][0],
-              pre->g_pre_comp[12][1], pre->g_pre_comp[12][2],
-              0, pre->g_pre_comp[2][0], pre->g_pre_comp[2][1],
-              pre->g_pre_comp[2][2]);
-    for (i = 1; i < 8; ++i) {
-        /* odd multiples: add G */
-        point_add(pre->g_pre_comp[2 * i + 1][0],
-                  pre->g_pre_comp[2 * i + 1][1],
-                  pre->g_pre_comp[2 * i + 1][2], pre->g_pre_comp[2 * i][0],
-                  pre->g_pre_comp[2 * i][1], pre->g_pre_comp[2 * i][2], 0,
-                  pre->g_pre_comp[1][0], pre->g_pre_comp[1][1],
-                  pre->g_pre_comp[1][2]);
-    }
-    make_points_affine(15, &(pre->g_pre_comp[1]), tmp_felems);
-
- done:
-    if (!EC_EX_DATA_set_data(&group->extra_data, pre, nistp521_pre_comp_dup,
-                             nistp521_pre_comp_free,
-                             nistp521_pre_comp_clear_free))
-        goto err;
-    ret = 1;
-    pre = NULL;
- err:
-    BN_CTX_end(ctx);
-    if (generator != NULL)
-        EC_POINT_free(generator);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    if (pre)
-        nistp521_pre_comp_free(pre);
-    return ret;
-}
-
-int ec_GFp_nistp521_have_precompute_mult(const EC_GROUP *group)
-{
-    if (EC_EX_DATA_get_data(group->extra_data, nistp521_pre_comp_dup,
-                            nistp521_pre_comp_free,
-                            nistp521_pre_comp_clear_free)
-        != NULL)
-        return 1;
-    else
-        return 0;
-}
-
-#else
-static void *dummy = &dummy;
-#endif
diff --git a/thirdparty/openssl/crypto/ec/ecp_nistputil.c b/thirdparty/openssl/crypto/ec/ecp_nistputil.c
deleted file mode 100644
index 8ba2a25e93..0000000000
--- a/thirdparty/openssl/crypto/ec/ecp_nistputil.c
+++ /dev/null
@@ -1,218 +0,0 @@
-/* crypto/ec/ecp_nistputil.c */
-/*
- * Written by Bodo Moeller for the OpenSSL project.
- */
-/* Copyright 2011 Google Inc.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- *
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS,
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-#include <openssl/opensslconf.h>
-#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-
-/*
- * Common utility functions for ecp_nistp224.c, ecp_nistp256.c, ecp_nistp521.c.
- */
-
-# include <stddef.h>
-# include "ec_lcl.h"
-
-/*
- * Convert an array of points into affine coordinates. (If the point at
- * infinity is found (Z = 0), it remains unchanged.) This function is
- * essentially an equivalent to EC_POINTs_make_affine(), but works with the
- * internal representation of points as used by ecp_nistp###.c rather than
- * with (BIGNUM-based) EC_POINT data structures. point_array is the
- * input/output buffer ('num' points in projective form, i.e. three
- * coordinates each), based on an internal representation of field elements
- * of size 'felem_size'. tmp_felems needs to point to a temporary array of
- * 'num'+1 field elements for storage of intermediate values.
- */
-void ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array,
-                                              size_t felem_size,
-                                              void *tmp_felems,
-                                              void (*felem_one) (void *out),
-                                              int (*felem_is_zero) (const void
-                                                                    *in),
-                                              void (*felem_assign) (void *out,
-                                                                    const void
-                                                                    *in),
-                                              void (*felem_square) (void *out,
-                                                                    const void
-                                                                    *in),
-                                              void (*felem_mul) (void *out,
-                                                                 const void
-                                                                 *in1,
-                                                                 const void
-                                                                 *in2),
-                                              void (*felem_inv) (void *out,
-                                                                 const void
-                                                                 *in),
-                                              void (*felem_contract) (void
-                                                                      *out,
-                                                                      const
-                                                                      void
-                                                                      *in))
-{
-    int i = 0;
-
-# define tmp_felem(I) (&((char *)tmp_felems)[(I) * felem_size])
-# define X(I) (&((char *)point_array)[3*(I) * felem_size])
-# define Y(I) (&((char *)point_array)[(3*(I) + 1) * felem_size])
-# define Z(I) (&((char *)point_array)[(3*(I) + 2) * felem_size])
-
-    if (!felem_is_zero(Z(0)))
-        felem_assign(tmp_felem(0), Z(0));
-    else
-        felem_one(tmp_felem(0));
-    for (i = 1; i < (int)num; i++) {
-        if (!felem_is_zero(Z(i)))
-            felem_mul(tmp_felem(i), tmp_felem(i - 1), Z(i));
-        else
-            felem_assign(tmp_felem(i), tmp_felem(i - 1));
-    }
-    /*
-     * Now each tmp_felem(i) is the product of Z(0) .. Z(i), skipping any
-     * zero-valued factors: if Z(i) = 0, we essentially pretend that Z(i) = 1
-     */
-
-    felem_inv(tmp_felem(num - 1), tmp_felem(num - 1));
-    for (i = num - 1; i >= 0; i--) {
-        if (i > 0)
-            /*
-             * tmp_felem(i-1) is the product of Z(0) .. Z(i-1), tmp_felem(i)
-             * is the inverse of the product of Z(0) .. Z(i)
-             */
-            /* 1/Z(i) */
-            felem_mul(tmp_felem(num), tmp_felem(i - 1), tmp_felem(i));
-        else
-            felem_assign(tmp_felem(num), tmp_felem(0)); /* 1/Z(0) */
-
-        if (!felem_is_zero(Z(i))) {
-            if (i > 0)
-                /*
-                 * For next iteration, replace tmp_felem(i-1) by its inverse
-                 */
-                felem_mul(tmp_felem(i - 1), tmp_felem(i), Z(i));
-
-            /*
-             * Convert point (X, Y, Z) into affine form (X/(Z^2), Y/(Z^3), 1)
-             */
-            felem_square(Z(i), tmp_felem(num)); /* 1/(Z^2) */
-            felem_mul(X(i), X(i), Z(i)); /* X/(Z^2) */
-            felem_mul(Z(i), Z(i), tmp_felem(num)); /* 1/(Z^3) */
-            felem_mul(Y(i), Y(i), Z(i)); /* Y/(Z^3) */
-            felem_contract(X(i), X(i));
-            felem_contract(Y(i), Y(i));
-            felem_one(Z(i));
-        } else {
-            if (i > 0)
-                /*
-                 * For next iteration, replace tmp_felem(i-1) by its inverse
-                 */
-                felem_assign(tmp_felem(i - 1), tmp_felem(i));
-        }
-    }
-}
-
-/*-
- * This function looks at 5+1 scalar bits (5 current, 1 adjacent less
- * significant bit), and recodes them into a signed digit for use in fast point
- * multiplication: the use of signed rather than unsigned digits means that
- * fewer points need to be precomputed, given that point inversion is easy
- * (a precomputed point dP makes -dP available as well).
- *
- * BACKGROUND:
- *
- * Signed digits for multiplication were introduced by Booth ("A signed binary
- * multiplication technique", Quart. Journ. Mech. and Applied Math., vol. IV,
- * pt. 2 (1951), pp. 236-240), in that case for multiplication of integers.
- * Booth's original encoding did not generally improve the density of nonzero
- * digits over the binary representation, and was merely meant to simplify the
- * handling of signed factors given in two's complement; but it has since been
- * shown to be the basis of various signed-digit representations that do have
- * further advantages, including the wNAF, using the following general approach:
- *
- * (1) Given a binary representation
- *
- *       b_k  ...  b_2  b_1  b_0,
- *
- *     of a nonnegative integer (b_k in {0, 1}), rewrite it in digits 0, 1, -1
- *     by using bit-wise subtraction as follows:
- *
- *        b_k b_(k-1)  ...  b_2  b_1  b_0
- *      -     b_k      ...  b_3  b_2  b_1  b_0
- *       -------------------------------------
- *        s_k b_(k-1)  ...  s_3  s_2  s_1  s_0
- *
- *     A left-shift followed by subtraction of the original value yields a new
- *     representation of the same value, using signed bits s_i = b_(i+1) - b_i.
- *     This representation from Booth's paper has since appeared in the
- *     literature under a variety of different names including "reversed binary
- *     form", "alternating greedy expansion", "mutual opposite form", and
- *     "sign-alternating {+-1}-representation".
- *
- *     An interesting property is that among the nonzero bits, values 1 and -1
- *     strictly alternate.
- *
- * (2) Various window schemes can be applied to the Booth representation of
- *     integers: for example, right-to-left sliding windows yield the wNAF
- *     (a signed-digit encoding independently discovered by various researchers
- *     in the 1990s), and left-to-right sliding windows yield a left-to-right
- *     equivalent of the wNAF (independently discovered by various researchers
- *     around 2004).
- *
- * To prevent leaking information through side channels in point multiplication,
- * we need to recode the given integer into a regular pattern: sliding windows
- * as in wNAFs won't do, we need their fixed-window equivalent -- which is a few
- * decades older: we'll be using the so-called "modified Booth encoding" due to
- * MacSorley ("High-speed arithmetic in binary computers", Proc. IRE, vol. 49
- * (1961), pp. 67-91), in a radix-2^5 setting.  That is, we always combine five
- * signed bits into a signed digit:
- *
- *       s_(4j + 4) s_(4j + 3) s_(4j + 2) s_(4j + 1) s_(4j)
- *
- * The sign-alternating property implies that the resulting digit values are
- * integers from -16 to 16.
- *
- * Of course, we don't actually need to compute the signed digits s_i as an
- * intermediate step (that's just a nice way to see how this scheme relates
- * to the wNAF): a direct computation obtains the recoded digit from the
- * six bits b_(4j + 4) ... b_(4j - 1).
- *
- * This function takes those five bits as an integer (0 .. 63), writing the
- * recoded digit to *sign (0 for positive, 1 for negative) and *digit (absolute
- * value, in the range 0 .. 8).  Note that this integer essentially provides the
- * input bits "shifted to the left" by one position: for example, the input to
- * compute the least significant recoded digit, given that there's no bit b_-1,
- * has to be b_4 b_3 b_2 b_1 b_0 0.
- *
- */
-void ec_GFp_nistp_recode_scalar_bits(unsigned char *sign,
-                                     unsigned char *digit, unsigned char in)
-{
-    unsigned char s, d;
-
-    s = ~((in >> 5) - 1);       /* sets all bits to MSB(in), 'in' seen as
-                                 * 6-bit value */
-    d = (1 << 6) - in - 1;
-    d = (d & s) | (in & ~s);
-    d = (d >> 1) + (d & 1);
-
-    *sign = s & 1;
-    *digit = d;
-}
-#else
-static void *dummy = &dummy;
-#endif
diff --git a/thirdparty/openssl/crypto/ec/ecp_nistz256.c b/thirdparty/openssl/crypto/ec/ecp_nistz256.c
deleted file mode 100644
index 99b8d613c8..0000000000
--- a/thirdparty/openssl/crypto/ec/ecp_nistz256.c
+++ /dev/null
@@ -1,1568 +0,0 @@
-/******************************************************************************
- *                                                                            *
- * Copyright 2014 Intel Corporation                                           *
- *                                                                            *
- * Licensed under the Apache License, Version 2.0 (the "License");            *
- * you may not use this file except in compliance with the License.           *
- * You may obtain a copy of the License at                                    *
- *                                                                            *
- *    http://www.apache.org/licenses/LICENSE-2.0                              *
- *                                                                            *
- * Unless required by applicable law or agreed to in writing, software        *
- * distributed under the License is distributed on an "AS IS" BASIS,          *
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   *
- * See the License for the specific language governing permissions and        *
- * limitations under the License.                                             *
- *                                                                            *
- ******************************************************************************
- *                                                                            *
- * Developers and authors:                                                    *
- * Shay Gueron (1, 2), and Vlad Krasnov (1)                                   *
- * (1) Intel Corporation, Israel Development Center                           *
- * (2) University of Haifa                                                    *
- * Reference:                                                                 *
- * S.Gueron and V.Krasnov, "Fast Prime Field Elliptic Curve Cryptography with *
- *                          256 Bit Primes"                                   *
- *                                                                            *
- ******************************************************************************/
-
-#include <string.h>
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/ec.h>
-#include "cryptlib.h"
-
-#include "ec_lcl.h"
-
-#if BN_BITS2 != 64
-# define TOBN(hi,lo)    lo,hi
-#else
-# define TOBN(hi,lo)    ((BN_ULONG)hi<<32|lo)
-#endif
-
-#if defined(__GNUC__)
-# define ALIGN32        __attribute((aligned(32)))
-#elif defined(_MSC_VER)
-# define ALIGN32        __declspec(align(32))
-#else
-# define ALIGN32
-#endif
-
-#define ALIGNPTR(p,N)   ((unsigned char *)p+N-(size_t)p%N)
-#define P256_LIMBS      (256/BN_BITS2)
-
-typedef unsigned short u16;
-
-typedef struct {
-    BN_ULONG X[P256_LIMBS];
-    BN_ULONG Y[P256_LIMBS];
-    BN_ULONG Z[P256_LIMBS];
-} P256_POINT;
-
-typedef struct {
-    BN_ULONG X[P256_LIMBS];
-    BN_ULONG Y[P256_LIMBS];
-} P256_POINT_AFFINE;
-
-typedef P256_POINT_AFFINE PRECOMP256_ROW[64];
-
-/* structure for precomputed multiples of the generator */
-typedef struct ec_pre_comp_st {
-    const EC_GROUP *group;      /* Parent EC_GROUP object */
-    size_t w;                   /* Window size */
-    /*
-     * Constant time access to the X and Y coordinates of the pre-computed,
-     * generator multiplies, in the Montgomery domain. Pre-calculated
-     * multiplies are stored in affine form.
-     */
-    PRECOMP256_ROW *precomp;
-    void *precomp_storage;
-    int references;
-} EC_PRE_COMP;
-
-/* Functions implemented in assembly */
-/*
- * Most of below mentioned functions *preserve* the property of inputs
- * being fully reduced, i.e. being in [0, modulus) range. Simply put if
- * inputs are fully reduced, then output is too. Note that reverse is
- * not true, in sense that given partially reduced inputs output can be
- * either, not unlikely reduced. And "most" in first sentence refers to
- * the fact that given the calculations flow one can tolerate that
- * addition, 1st function below, produces partially reduced result *if*
- * multiplications by 2 and 3, which customarily use addition, fully
- * reduce it. This effectively gives two options: a) addition produces
- * fully reduced result [as long as inputs are, just like remaining
- * functions]; b) addition is allowed to produce partially reduced
- * result, but multiplications by 2 and 3 perform additional reduction
- * step. Choice between the two can be platform-specific, but it was a)
- * in all cases so far...
- */
-/* Modular add: res = a+b mod P   */
-void ecp_nistz256_add(BN_ULONG res[P256_LIMBS],
-                      const BN_ULONG a[P256_LIMBS],
-                      const BN_ULONG b[P256_LIMBS]);
-/* Modular mul by 2: res = 2*a mod P */
-void ecp_nistz256_mul_by_2(BN_ULONG res[P256_LIMBS],
-                           const BN_ULONG a[P256_LIMBS]);
-/* Modular mul by 3: res = 3*a mod P */
-void ecp_nistz256_mul_by_3(BN_ULONG res[P256_LIMBS],
-                           const BN_ULONG a[P256_LIMBS]);
-
-/* Modular div by 2: res = a/2 mod P */
-void ecp_nistz256_div_by_2(BN_ULONG res[P256_LIMBS],
-                           const BN_ULONG a[P256_LIMBS]);
-/* Modular sub: res = a-b mod P   */
-void ecp_nistz256_sub(BN_ULONG res[P256_LIMBS],
-                      const BN_ULONG a[P256_LIMBS],
-                      const BN_ULONG b[P256_LIMBS]);
-/* Modular neg: res = -a mod P    */
-void ecp_nistz256_neg(BN_ULONG res[P256_LIMBS], const BN_ULONG a[P256_LIMBS]);
-/* Montgomery mul: res = a*b*2^-256 mod P */
-void ecp_nistz256_mul_mont(BN_ULONG res[P256_LIMBS],
-                           const BN_ULONG a[P256_LIMBS],
-                           const BN_ULONG b[P256_LIMBS]);
-/* Montgomery sqr: res = a*a*2^-256 mod P */
-void ecp_nistz256_sqr_mont(BN_ULONG res[P256_LIMBS],
-                           const BN_ULONG a[P256_LIMBS]);
-/* Convert a number from Montgomery domain, by multiplying with 1 */
-void ecp_nistz256_from_mont(BN_ULONG res[P256_LIMBS],
-                            const BN_ULONG in[P256_LIMBS]);
-/* Convert a number to Montgomery domain, by multiplying with 2^512 mod P*/
-void ecp_nistz256_to_mont(BN_ULONG res[P256_LIMBS],
-                          const BN_ULONG in[P256_LIMBS]);
-/* Functions that perform constant time access to the precomputed tables */
-void ecp_nistz256_select_w5(P256_POINT * val,
-                            const P256_POINT * in_t, int index);
-void ecp_nistz256_select_w7(P256_POINT_AFFINE * val,
-                            const P256_POINT_AFFINE * in_t, int index);
-
-/* One converted into the Montgomery domain */
-static const BN_ULONG ONE[P256_LIMBS] = {
-    TOBN(0x00000000, 0x00000001), TOBN(0xffffffff, 0x00000000),
-    TOBN(0xffffffff, 0xffffffff), TOBN(0x00000000, 0xfffffffe)
-};
-
-static void *ecp_nistz256_pre_comp_dup(void *);
-static void ecp_nistz256_pre_comp_free(void *);
-static void ecp_nistz256_pre_comp_clear_free(void *);
-static EC_PRE_COMP *ecp_nistz256_pre_comp_new(const EC_GROUP *group);
-
-/* Precomputed tables for the default generator */
-#include "ecp_nistz256_table.c"
-
-/* Recode window to a signed digit, see ecp_nistputil.c for details */
-static unsigned int _booth_recode_w5(unsigned int in)
-{
-    unsigned int s, d;
-
-    s = ~((in >> 5) - 1);
-    d = (1 << 6) - in - 1;
-    d = (d & s) | (in & ~s);
-    d = (d >> 1) + (d & 1);
-
-    return (d << 1) + (s & 1);
-}
-
-static unsigned int _booth_recode_w7(unsigned int in)
-{
-    unsigned int s, d;
-
-    s = ~((in >> 7) - 1);
-    d = (1 << 8) - in - 1;
-    d = (d & s) | (in & ~s);
-    d = (d >> 1) + (d & 1);
-
-    return (d << 1) + (s & 1);
-}
-
-static void copy_conditional(BN_ULONG dst[P256_LIMBS],
-                             const BN_ULONG src[P256_LIMBS], BN_ULONG move)
-{
-    BN_ULONG mask1 = -move;
-    BN_ULONG mask2 = ~mask1;
-
-    dst[0] = (src[0] & mask1) ^ (dst[0] & mask2);
-    dst[1] = (src[1] & mask1) ^ (dst[1] & mask2);
-    dst[2] = (src[2] & mask1) ^ (dst[2] & mask2);
-    dst[3] = (src[3] & mask1) ^ (dst[3] & mask2);
-    if (P256_LIMBS == 8) {
-        dst[4] = (src[4] & mask1) ^ (dst[4] & mask2);
-        dst[5] = (src[5] & mask1) ^ (dst[5] & mask2);
-        dst[6] = (src[6] & mask1) ^ (dst[6] & mask2);
-        dst[7] = (src[7] & mask1) ^ (dst[7] & mask2);
-    }
-}
-
-static BN_ULONG is_zero(BN_ULONG in)
-{
-    in |= (0 - in);
-    in = ~in;
-    in &= BN_MASK2;
-    in >>= BN_BITS2 - 1;
-    return in;
-}
-
-static BN_ULONG is_equal(const BN_ULONG a[P256_LIMBS],
-                         const BN_ULONG b[P256_LIMBS])
-{
-    BN_ULONG res;
-
-    res = a[0] ^ b[0];
-    res |= a[1] ^ b[1];
-    res |= a[2] ^ b[2];
-    res |= a[3] ^ b[3];
-    if (P256_LIMBS == 8) {
-        res |= a[4] ^ b[4];
-        res |= a[5] ^ b[5];
-        res |= a[6] ^ b[6];
-        res |= a[7] ^ b[7];
-    }
-
-    return is_zero(res);
-}
-
-static BN_ULONG is_one(const BIGNUM *z)
-{
-    BN_ULONG res = 0;
-    BN_ULONG *a = z->d;
-
-    if (z->top == (P256_LIMBS - P256_LIMBS / 8)) {
-        res = a[0] ^ ONE[0];
-        res |= a[1] ^ ONE[1];
-        res |= a[2] ^ ONE[2];
-        res |= a[3] ^ ONE[3];
-        if (P256_LIMBS == 8) {
-            res |= a[4] ^ ONE[4];
-            res |= a[5] ^ ONE[5];
-            res |= a[6] ^ ONE[6];
-            /*
-             * no check for a[7] (being zero) on 32-bit platforms,
-             * because value of "one" takes only 7 limbs.
-             */
-        }
-        res = is_zero(res);
-    }
-
-    return res;
-}
-
-static int ecp_nistz256_set_words(BIGNUM *a, BN_ULONG words[P256_LIMBS])
- {
-     if (bn_wexpand(a, P256_LIMBS) == NULL) {
-         ECerr(EC_F_ECP_NISTZ256_SET_WORDS, ERR_R_MALLOC_FAILURE);
-         return 0;
-     }
-     memcpy(a->d, words, sizeof(BN_ULONG) * P256_LIMBS);
-     a->top = P256_LIMBS;
-     bn_correct_top(a);
-     return 1;
-}
-
-#ifndef ECP_NISTZ256_REFERENCE_IMPLEMENTATION
-void ecp_nistz256_point_double(P256_POINT *r, const P256_POINT *a);
-void ecp_nistz256_point_add(P256_POINT *r,
-                            const P256_POINT *a, const P256_POINT *b);
-void ecp_nistz256_point_add_affine(P256_POINT *r,
-                                   const P256_POINT *a,
-                                   const P256_POINT_AFFINE *b);
-#else
-/* Point double: r = 2*a */
-static void ecp_nistz256_point_double(P256_POINT *r, const P256_POINT *a)
-{
-    BN_ULONG S[P256_LIMBS];
-    BN_ULONG M[P256_LIMBS];
-    BN_ULONG Zsqr[P256_LIMBS];
-    BN_ULONG tmp0[P256_LIMBS];
-
-    const BN_ULONG *in_x = a->X;
-    const BN_ULONG *in_y = a->Y;
-    const BN_ULONG *in_z = a->Z;
-
-    BN_ULONG *res_x = r->X;
-    BN_ULONG *res_y = r->Y;
-    BN_ULONG *res_z = r->Z;
-
-    ecp_nistz256_mul_by_2(S, in_y);
-
-    ecp_nistz256_sqr_mont(Zsqr, in_z);
-
-    ecp_nistz256_sqr_mont(S, S);
-
-    ecp_nistz256_mul_mont(res_z, in_z, in_y);
-    ecp_nistz256_mul_by_2(res_z, res_z);
-
-    ecp_nistz256_add(M, in_x, Zsqr);
-    ecp_nistz256_sub(Zsqr, in_x, Zsqr);
-
-    ecp_nistz256_sqr_mont(res_y, S);
-    ecp_nistz256_div_by_2(res_y, res_y);
-
-    ecp_nistz256_mul_mont(M, M, Zsqr);
-    ecp_nistz256_mul_by_3(M, M);
-
-    ecp_nistz256_mul_mont(S, S, in_x);
-    ecp_nistz256_mul_by_2(tmp0, S);
-
-    ecp_nistz256_sqr_mont(res_x, M);
-
-    ecp_nistz256_sub(res_x, res_x, tmp0);
-    ecp_nistz256_sub(S, S, res_x);
-
-    ecp_nistz256_mul_mont(S, S, M);
-    ecp_nistz256_sub(res_y, S, res_y);
-}
-
-/* Point addition: r = a+b */
-static void ecp_nistz256_point_add(P256_POINT *r,
-                                   const P256_POINT *a, const P256_POINT *b)
-{
-    BN_ULONG U2[P256_LIMBS], S2[P256_LIMBS];
-    BN_ULONG U1[P256_LIMBS], S1[P256_LIMBS];
-    BN_ULONG Z1sqr[P256_LIMBS];
-    BN_ULONG Z2sqr[P256_LIMBS];
-    BN_ULONG H[P256_LIMBS], R[P256_LIMBS];
-    BN_ULONG Hsqr[P256_LIMBS];
-    BN_ULONG Rsqr[P256_LIMBS];
-    BN_ULONG Hcub[P256_LIMBS];
-
-    BN_ULONG res_x[P256_LIMBS];
-    BN_ULONG res_y[P256_LIMBS];
-    BN_ULONG res_z[P256_LIMBS];
-
-    BN_ULONG in1infty, in2infty;
-
-    const BN_ULONG *in1_x = a->X;
-    const BN_ULONG *in1_y = a->Y;
-    const BN_ULONG *in1_z = a->Z;
-
-    const BN_ULONG *in2_x = b->X;
-    const BN_ULONG *in2_y = b->Y;
-    const BN_ULONG *in2_z = b->Z;
-
-    /*
-     * Infinity in encoded as (,,0)
-     */
-    in1infty = (in1_z[0] | in1_z[1] | in1_z[2] | in1_z[3]);
-    if (P256_LIMBS == 8)
-        in1infty |= (in1_z[4] | in1_z[5] | in1_z[6] | in1_z[7]);
-
-    in2infty = (in2_z[0] | in2_z[1] | in2_z[2] | in2_z[3]);
-    if (P256_LIMBS == 8)
-        in2infty |= (in2_z[4] | in2_z[5] | in2_z[6] | in2_z[7]);
-
-    in1infty = is_zero(in1infty);
-    in2infty = is_zero(in2infty);
-
-    ecp_nistz256_sqr_mont(Z2sqr, in2_z);        /* Z2^2 */
-    ecp_nistz256_sqr_mont(Z1sqr, in1_z);        /* Z1^2 */
-
-    ecp_nistz256_mul_mont(S1, Z2sqr, in2_z);    /* S1 = Z2^3 */
-    ecp_nistz256_mul_mont(S2, Z1sqr, in1_z);    /* S2 = Z1^3 */
-
-    ecp_nistz256_mul_mont(S1, S1, in1_y);       /* S1 = Y1*Z2^3 */
-    ecp_nistz256_mul_mont(S2, S2, in2_y);       /* S2 = Y2*Z1^3 */
-    ecp_nistz256_sub(R, S2, S1);                /* R = S2 - S1 */
-
-    ecp_nistz256_mul_mont(U1, in1_x, Z2sqr);    /* U1 = X1*Z2^2 */
-    ecp_nistz256_mul_mont(U2, in2_x, Z1sqr);    /* U2 = X2*Z1^2 */
-    ecp_nistz256_sub(H, U2, U1);                /* H = U2 - U1 */
-
-    /*
-     * This should not happen during sign/ecdh, so no constant time violation
-     */
-    if (is_equal(U1, U2) && !in1infty && !in2infty) {
-        if (is_equal(S1, S2)) {
-            ecp_nistz256_point_double(r, a);
-            return;
-        } else {
-            memset(r, 0, sizeof(*r));
-            return;
-        }
-    }
-
-    ecp_nistz256_sqr_mont(Rsqr, R);             /* R^2 */
-    ecp_nistz256_mul_mont(res_z, H, in1_z);     /* Z3 = H*Z1*Z2 */
-    ecp_nistz256_sqr_mont(Hsqr, H);             /* H^2 */
-    ecp_nistz256_mul_mont(res_z, res_z, in2_z); /* Z3 = H*Z1*Z2 */
-    ecp_nistz256_mul_mont(Hcub, Hsqr, H);       /* H^3 */
-
-    ecp_nistz256_mul_mont(U2, U1, Hsqr);        /* U1*H^2 */
-    ecp_nistz256_mul_by_2(Hsqr, U2);            /* 2*U1*H^2 */
-
-    ecp_nistz256_sub(res_x, Rsqr, Hsqr);
-    ecp_nistz256_sub(res_x, res_x, Hcub);
-
-    ecp_nistz256_sub(res_y, U2, res_x);
-
-    ecp_nistz256_mul_mont(S2, S1, Hcub);
-    ecp_nistz256_mul_mont(res_y, R, res_y);
-    ecp_nistz256_sub(res_y, res_y, S2);
-
-    copy_conditional(res_x, in2_x, in1infty);
-    copy_conditional(res_y, in2_y, in1infty);
-    copy_conditional(res_z, in2_z, in1infty);
-
-    copy_conditional(res_x, in1_x, in2infty);
-    copy_conditional(res_y, in1_y, in2infty);
-    copy_conditional(res_z, in1_z, in2infty);
-
-    memcpy(r->X, res_x, sizeof(res_x));
-    memcpy(r->Y, res_y, sizeof(res_y));
-    memcpy(r->Z, res_z, sizeof(res_z));
-}
-
-/* Point addition when b is known to be affine: r = a+b */
-static void ecp_nistz256_point_add_affine(P256_POINT *r,
-                                          const P256_POINT *a,
-                                          const P256_POINT_AFFINE *b)
-{
-    BN_ULONG U2[P256_LIMBS], S2[P256_LIMBS];
-    BN_ULONG Z1sqr[P256_LIMBS];
-    BN_ULONG H[P256_LIMBS], R[P256_LIMBS];
-    BN_ULONG Hsqr[P256_LIMBS];
-    BN_ULONG Rsqr[P256_LIMBS];
-    BN_ULONG Hcub[P256_LIMBS];
-
-    BN_ULONG res_x[P256_LIMBS];
-    BN_ULONG res_y[P256_LIMBS];
-    BN_ULONG res_z[P256_LIMBS];
-
-    BN_ULONG in1infty, in2infty;
-
-    const BN_ULONG *in1_x = a->X;
-    const BN_ULONG *in1_y = a->Y;
-    const BN_ULONG *in1_z = a->Z;
-
-    const BN_ULONG *in2_x = b->X;
-    const BN_ULONG *in2_y = b->Y;
-
-    /*
-     * Infinity in encoded as (,,0)
-     */
-    in1infty = (in1_z[0] | in1_z[1] | in1_z[2] | in1_z[3]);
-    if (P256_LIMBS == 8)
-        in1infty |= (in1_z[4] | in1_z[5] | in1_z[6] | in1_z[7]);
-
-    /*
-     * In affine representation we encode infinity as (0,0), which is
-     * not on the curve, so it is OK
-     */
-    in2infty = (in2_x[0] | in2_x[1] | in2_x[2] | in2_x[3] |
-                in2_y[0] | in2_y[1] | in2_y[2] | in2_y[3]);
-    if (P256_LIMBS == 8)
-        in2infty |= (in2_x[4] | in2_x[5] | in2_x[6] | in2_x[7] |
-                     in2_y[4] | in2_y[5] | in2_y[6] | in2_y[7]);
-
-    in1infty = is_zero(in1infty);
-    in2infty = is_zero(in2infty);
-
-    ecp_nistz256_sqr_mont(Z1sqr, in1_z);        /* Z1^2 */
-
-    ecp_nistz256_mul_mont(U2, in2_x, Z1sqr);    /* U2 = X2*Z1^2 */
-    ecp_nistz256_sub(H, U2, in1_x);             /* H = U2 - U1 */
-
-    ecp_nistz256_mul_mont(S2, Z1sqr, in1_z);    /* S2 = Z1^3 */
-
-    ecp_nistz256_mul_mont(res_z, H, in1_z);     /* Z3 = H*Z1*Z2 */
-
-    ecp_nistz256_mul_mont(S2, S2, in2_y);       /* S2 = Y2*Z1^3 */
-    ecp_nistz256_sub(R, S2, in1_y);             /* R = S2 - S1 */
-
-    ecp_nistz256_sqr_mont(Hsqr, H);             /* H^2 */
-    ecp_nistz256_sqr_mont(Rsqr, R);             /* R^2 */
-    ecp_nistz256_mul_mont(Hcub, Hsqr, H);       /* H^3 */
-
-    ecp_nistz256_mul_mont(U2, in1_x, Hsqr);     /* U1*H^2 */
-    ecp_nistz256_mul_by_2(Hsqr, U2);            /* 2*U1*H^2 */
-
-    ecp_nistz256_sub(res_x, Rsqr, Hsqr);
-    ecp_nistz256_sub(res_x, res_x, Hcub);
-    ecp_nistz256_sub(H, U2, res_x);
-
-    ecp_nistz256_mul_mont(S2, in1_y, Hcub);
-    ecp_nistz256_mul_mont(H, H, R);
-    ecp_nistz256_sub(res_y, H, S2);
-
-    copy_conditional(res_x, in2_x, in1infty);
-    copy_conditional(res_x, in1_x, in2infty);
-
-    copy_conditional(res_y, in2_y, in1infty);
-    copy_conditional(res_y, in1_y, in2infty);
-
-    copy_conditional(res_z, ONE, in1infty);
-    copy_conditional(res_z, in1_z, in2infty);
-
-    memcpy(r->X, res_x, sizeof(res_x));
-    memcpy(r->Y, res_y, sizeof(res_y));
-    memcpy(r->Z, res_z, sizeof(res_z));
-}
-#endif
-
-/* r = in^-1 mod p */
-static void ecp_nistz256_mod_inverse(BN_ULONG r[P256_LIMBS],
-                                     const BN_ULONG in[P256_LIMBS])
-{
-    /*
-     * The poly is ffffffff 00000001 00000000 00000000 00000000 ffffffff
-     * ffffffff ffffffff We use FLT and used poly-2 as exponent
-     */
-    BN_ULONG p2[P256_LIMBS];
-    BN_ULONG p4[P256_LIMBS];
-    BN_ULONG p8[P256_LIMBS];
-    BN_ULONG p16[P256_LIMBS];
-    BN_ULONG p32[P256_LIMBS];
-    BN_ULONG res[P256_LIMBS];
-    int i;
-
-    ecp_nistz256_sqr_mont(res, in);
-    ecp_nistz256_mul_mont(p2, res, in);         /* 3*p */
-
-    ecp_nistz256_sqr_mont(res, p2);
-    ecp_nistz256_sqr_mont(res, res);
-    ecp_nistz256_mul_mont(p4, res, p2);         /* f*p */
-
-    ecp_nistz256_sqr_mont(res, p4);
-    ecp_nistz256_sqr_mont(res, res);
-    ecp_nistz256_sqr_mont(res, res);
-    ecp_nistz256_sqr_mont(res, res);
-    ecp_nistz256_mul_mont(p8, res, p4);         /* ff*p */
-
-    ecp_nistz256_sqr_mont(res, p8);
-    for (i = 0; i < 7; i++)
-        ecp_nistz256_sqr_mont(res, res);
-    ecp_nistz256_mul_mont(p16, res, p8);        /* ffff*p */
-
-    ecp_nistz256_sqr_mont(res, p16);
-    for (i = 0; i < 15; i++)
-        ecp_nistz256_sqr_mont(res, res);
-    ecp_nistz256_mul_mont(p32, res, p16);       /* ffffffff*p */
-
-    ecp_nistz256_sqr_mont(res, p32);
-    for (i = 0; i < 31; i++)
-        ecp_nistz256_sqr_mont(res, res);
-    ecp_nistz256_mul_mont(res, res, in);
-
-    for (i = 0; i < 32 * 4; i++)
-        ecp_nistz256_sqr_mont(res, res);
-    ecp_nistz256_mul_mont(res, res, p32);
-
-    for (i = 0; i < 32; i++)
-        ecp_nistz256_sqr_mont(res, res);
-    ecp_nistz256_mul_mont(res, res, p32);
-
-    for (i = 0; i < 16; i++)
-        ecp_nistz256_sqr_mont(res, res);
-    ecp_nistz256_mul_mont(res, res, p16);
-
-    for (i = 0; i < 8; i++)
-        ecp_nistz256_sqr_mont(res, res);
-    ecp_nistz256_mul_mont(res, res, p8);
-
-    ecp_nistz256_sqr_mont(res, res);
-    ecp_nistz256_sqr_mont(res, res);
-    ecp_nistz256_sqr_mont(res, res);
-    ecp_nistz256_sqr_mont(res, res);
-    ecp_nistz256_mul_mont(res, res, p4);
-
-    ecp_nistz256_sqr_mont(res, res);
-    ecp_nistz256_sqr_mont(res, res);
-    ecp_nistz256_mul_mont(res, res, p2);
-
-    ecp_nistz256_sqr_mont(res, res);
-    ecp_nistz256_sqr_mont(res, res);
-    ecp_nistz256_mul_mont(res, res, in);
-
-    memcpy(r, res, sizeof(res));
-}
-
-/*
- * ecp_nistz256_bignum_to_field_elem copies the contents of |in| to |out| and
- * returns one if it fits. Otherwise it returns zero.
- */
-static int ecp_nistz256_bignum_to_field_elem(BN_ULONG out[P256_LIMBS],
-                                             const BIGNUM *in)
-{
-    if (in->top > P256_LIMBS)
-        return 0;
-
-    memset(out, 0, sizeof(BN_ULONG) * P256_LIMBS);
-    memcpy(out, in->d, sizeof(BN_ULONG) * in->top);
-    return 1;
-}
-
-/* r = sum(scalar[i]*point[i]) */
-static int ecp_nistz256_windowed_mul(const EC_GROUP *group,
-                                      P256_POINT *r,
-                                      const BIGNUM **scalar,
-                                      const EC_POINT **point,
-                                      int num, BN_CTX *ctx)
-{
-
-    int i, j, ret = 0;
-    unsigned int index;
-    unsigned char (*p_str)[33] = NULL;
-    const unsigned int window_size = 5;
-    const unsigned int mask = (1 << (window_size + 1)) - 1;
-    unsigned int wvalue;
-    BN_ULONG tmp[P256_LIMBS];
-    ALIGN32 P256_POINT h;
-    const BIGNUM **scalars = NULL;
-    P256_POINT (*table)[16] = NULL;
-    void *table_storage = NULL;
-
-    if ((table_storage =
-         OPENSSL_malloc(num * 16 * sizeof(P256_POINT) + 64)) == NULL
-        || (p_str =
-            OPENSSL_malloc(num * 33 * sizeof(unsigned char))) == NULL
-        || (scalars = OPENSSL_malloc(num * sizeof(BIGNUM *))) == NULL) {
-        ECerr(EC_F_ECP_NISTZ256_WINDOWED_MUL, ERR_R_MALLOC_FAILURE);
-        goto err;
-    } else {
-        table = (void *)ALIGNPTR(table_storage, 64);
-    }
-
-    for (i = 0; i < num; i++) {
-        P256_POINT *row = table[i];
-
-        /* This is an unusual input, we don't guarantee constant-timeness. */
-        if ((BN_num_bits(scalar[i]) > 256) || BN_is_negative(scalar[i])) {
-            BIGNUM *mod;
-
-            if ((mod = BN_CTX_get(ctx)) == NULL)
-                goto err;
-            if (!BN_nnmod(mod, scalar[i], &group->order, ctx)) {
-                ECerr(EC_F_ECP_NISTZ256_WINDOWED_MUL, ERR_R_BN_LIB);
-                goto err;
-            }
-            scalars[i] = mod;
-        } else
-            scalars[i] = scalar[i];
-
-        for (j = 0; j < scalars[i]->top * BN_BYTES; j += BN_BYTES) {
-            BN_ULONG d = scalars[i]->d[j / BN_BYTES];
-
-            p_str[i][j + 0] = d & 0xff;
-            p_str[i][j + 1] = (d >> 8) & 0xff;
-            p_str[i][j + 2] = (d >> 16) & 0xff;
-            p_str[i][j + 3] = (d >>= 24) & 0xff;
-            if (BN_BYTES == 8) {
-                d >>= 8;
-                p_str[i][j + 4] = d & 0xff;
-                p_str[i][j + 5] = (d >> 8) & 0xff;
-                p_str[i][j + 6] = (d >> 16) & 0xff;
-                p_str[i][j + 7] = (d >> 24) & 0xff;
-            }
-        }
-        for (; j < 33; j++)
-            p_str[i][j] = 0;
-
-        /* table[0] is implicitly (0,0,0) (the point at infinity),
-         * therefore it is not stored. All other values are actually
-         * stored with an offset of -1 in table.
-         */
-
-        if (!ecp_nistz256_bignum_to_field_elem(row[1 - 1].X, &point[i]->X)
-            || !ecp_nistz256_bignum_to_field_elem(row[1 - 1].Y, &point[i]->Y)
-            || !ecp_nistz256_bignum_to_field_elem(row[1 - 1].Z, &point[i]->Z)) {
-            ECerr(EC_F_ECP_NISTZ256_WINDOWED_MUL, EC_R_COORDINATES_OUT_OF_RANGE);
-            goto err;
-        }
-
-        ecp_nistz256_point_double(&row[ 2 - 1], &row[ 1 - 1]);
-        ecp_nistz256_point_add   (&row[ 3 - 1], &row[ 2 - 1], &row[1 - 1]);
-        ecp_nistz256_point_double(&row[ 4 - 1], &row[ 2 - 1]);
-        ecp_nistz256_point_double(&row[ 6 - 1], &row[ 3 - 1]);
-        ecp_nistz256_point_double(&row[ 8 - 1], &row[ 4 - 1]);
-        ecp_nistz256_point_double(&row[12 - 1], &row[ 6 - 1]);
-        ecp_nistz256_point_add   (&row[ 5 - 1], &row[ 4 - 1], &row[1 - 1]);
-        ecp_nistz256_point_add   (&row[ 7 - 1], &row[ 6 - 1], &row[1 - 1]);
-        ecp_nistz256_point_add   (&row[ 9 - 1], &row[ 8 - 1], &row[1 - 1]);
-        ecp_nistz256_point_add   (&row[13 - 1], &row[12 - 1], &row[1 - 1]);
-        ecp_nistz256_point_double(&row[14 - 1], &row[ 7 - 1]);
-        ecp_nistz256_point_double(&row[10 - 1], &row[ 5 - 1]);
-        ecp_nistz256_point_add   (&row[15 - 1], &row[14 - 1], &row[1 - 1]);
-        ecp_nistz256_point_add   (&row[11 - 1], &row[10 - 1], &row[1 - 1]);
-        ecp_nistz256_point_add   (&row[16 - 1], &row[15 - 1], &row[1 - 1]);
-    }
-
-    index = 255;
-
-    wvalue = p_str[0][(index - 1) / 8];
-    wvalue = (wvalue >> ((index - 1) % 8)) & mask;
-
-    ecp_nistz256_select_w5(r, table[0], _booth_recode_w5(wvalue) >> 1);
-
-    while (index >= 5) {
-        for (i = (index == 255 ? 1 : 0); i < num; i++) {
-            unsigned int off = (index - 1) / 8;
-
-            wvalue = p_str[i][off] | p_str[i][off + 1] << 8;
-            wvalue = (wvalue >> ((index - 1) % 8)) & mask;
-
-            wvalue = _booth_recode_w5(wvalue);
-
-            ecp_nistz256_select_w5(&h, table[i], wvalue >> 1);
-
-            ecp_nistz256_neg(tmp, h.Y);
-            copy_conditional(h.Y, tmp, (wvalue & 1));
-
-            ecp_nistz256_point_add(r, r, &h);
-        }
-
-        index -= window_size;
-
-        ecp_nistz256_point_double(r, r);
-        ecp_nistz256_point_double(r, r);
-        ecp_nistz256_point_double(r, r);
-        ecp_nistz256_point_double(r, r);
-        ecp_nistz256_point_double(r, r);
-    }
-
-    /* Final window */
-    for (i = 0; i < num; i++) {
-        wvalue = p_str[i][0];
-        wvalue = (wvalue << 1) & mask;
-
-        wvalue = _booth_recode_w5(wvalue);
-
-        ecp_nistz256_select_w5(&h, table[i], wvalue >> 1);
-
-        ecp_nistz256_neg(tmp, h.Y);
-        copy_conditional(h.Y, tmp, wvalue & 1);
-
-        ecp_nistz256_point_add(r, r, &h);
-    }
-
-    ret = 1;
- err:
-    if (table_storage)
-        OPENSSL_free(table_storage);
-    if (p_str)
-        OPENSSL_free(p_str);
-    if (scalars)
-        OPENSSL_free(scalars);
-    return ret;
-}
-
-/* Coordinates of G, for which we have precomputed tables */
-const static BN_ULONG def_xG[P256_LIMBS] = {
-    TOBN(0x79e730d4, 0x18a9143c), TOBN(0x75ba95fc, 0x5fedb601),
-    TOBN(0x79fb732b, 0x77622510), TOBN(0x18905f76, 0xa53755c6)
-};
-
-const static BN_ULONG def_yG[P256_LIMBS] = {
-    TOBN(0xddf25357, 0xce95560a), TOBN(0x8b4ab8e4, 0xba19e45c),
-    TOBN(0xd2e88688, 0xdd21f325), TOBN(0x8571ff18, 0x25885d85)
-};
-
-/*
- * ecp_nistz256_is_affine_G returns one if |generator| is the standard, P-256
- * generator.
- */
-static int ecp_nistz256_is_affine_G(const EC_POINT *generator)
-{
-    return (generator->X.top == P256_LIMBS) &&
-        (generator->Y.top == P256_LIMBS) &&
-        is_equal(generator->X.d, def_xG) &&
-        is_equal(generator->Y.d, def_yG) && is_one(&generator->Z);
-}
-
-static int ecp_nistz256_mult_precompute(EC_GROUP *group, BN_CTX *ctx)
-{
-    /*
-     * We precompute a table for a Booth encoded exponent (wNAF) based
-     * computation. Each table holds 64 values for safe access, with an
-     * implicit value of infinity at index zero. We use window of size 7, and
-     * therefore require ceil(256/7) = 37 tables.
-     */
-    BIGNUM *order;
-    EC_POINT *P = NULL, *T = NULL;
-    const EC_POINT *generator;
-    EC_PRE_COMP *pre_comp;
-    BN_CTX *new_ctx = NULL;
-    int i, j, k, ret = 0;
-    size_t w;
-
-    PRECOMP256_ROW *preComputedTable = NULL;
-    unsigned char *precomp_storage = NULL;
-
-    /* if there is an old EC_PRE_COMP object, throw it away */
-    EC_EX_DATA_free_data(&group->extra_data, ecp_nistz256_pre_comp_dup,
-                         ecp_nistz256_pre_comp_free,
-                         ecp_nistz256_pre_comp_clear_free);
-
-    generator = EC_GROUP_get0_generator(group);
-    if (generator == NULL) {
-        ECerr(EC_F_ECP_NISTZ256_MULT_PRECOMPUTE, EC_R_UNDEFINED_GENERATOR);
-        return 0;
-    }
-
-    if (ecp_nistz256_is_affine_G(generator)) {
-        /*
-         * No need to calculate tables for the standard generator because we
-         * have them statically.
-         */
-        return 1;
-    }
-
-    if ((pre_comp = ecp_nistz256_pre_comp_new(group)) == NULL)
-        return 0;
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL)
-            goto err;
-    }
-
-    BN_CTX_start(ctx);
-    order = BN_CTX_get(ctx);
-
-    if (order == NULL)
-        goto err;
-
-    if (!EC_GROUP_get_order(group, order, ctx))
-        goto err;
-
-    if (BN_is_zero(order)) {
-        ECerr(EC_F_ECP_NISTZ256_MULT_PRECOMPUTE, EC_R_UNKNOWN_ORDER);
-        goto err;
-    }
-
-    w = 7;
-
-    if ((precomp_storage =
-         OPENSSL_malloc(37 * 64 * sizeof(P256_POINT_AFFINE) + 64)) == NULL) {
-        ECerr(EC_F_ECP_NISTZ256_MULT_PRECOMPUTE, ERR_R_MALLOC_FAILURE);
-        goto err;
-    } else {
-        preComputedTable = (void *)ALIGNPTR(precomp_storage, 64);
-    }
-
-    P = EC_POINT_new(group);
-    T = EC_POINT_new(group);
-    if (P == NULL || T == NULL)
-        goto err;
-
-    /*
-     * The zero entry is implicitly infinity, and we skip it, storing other
-     * values with -1 offset.
-     */
-    if (!EC_POINT_copy(T, generator))
-        goto err;
-
-    for (k = 0; k < 64; k++) {
-        if (!EC_POINT_copy(P, T))
-            goto err;
-        for (j = 0; j < 37; j++) {
-            /*
-             * It would be faster to use EC_POINTs_make_affine and
-             * make multiple points affine at the same time.
-             */
-            if (!EC_POINT_make_affine(group, P, ctx))
-                goto err;
-            if (!ecp_nistz256_bignum_to_field_elem(preComputedTable[j][k].X,
-                                                   &P->X) ||
-                !ecp_nistz256_bignum_to_field_elem(preComputedTable[j][k].Y,
-                                                   &P->Y)) {
-                ECerr(EC_F_ECP_NISTZ256_MULT_PRECOMPUTE,
-                      EC_R_COORDINATES_OUT_OF_RANGE);
-                goto err;
-            }
-            for (i = 0; i < 7; i++) {
-                if (!EC_POINT_dbl(group, P, P, ctx))
-                    goto err;
-            }
-        }
-        if (!EC_POINT_add(group, T, T, generator, ctx))
-            goto err;
-    }
-
-    pre_comp->group = group;
-    pre_comp->w = w;
-    pre_comp->precomp = preComputedTable;
-    pre_comp->precomp_storage = precomp_storage;
-
-    precomp_storage = NULL;
-
-    if (!EC_EX_DATA_set_data(&group->extra_data, pre_comp,
-                             ecp_nistz256_pre_comp_dup,
-                             ecp_nistz256_pre_comp_free,
-                             ecp_nistz256_pre_comp_clear_free)) {
-        goto err;
-    }
-
-    pre_comp = NULL;
-
-    ret = 1;
-
- err:
-    if (ctx != NULL)
-        BN_CTX_end(ctx);
-    BN_CTX_free(new_ctx);
-
-    if (pre_comp)
-        ecp_nistz256_pre_comp_free(pre_comp);
-    if (precomp_storage)
-        OPENSSL_free(precomp_storage);
-    if (P)
-        EC_POINT_free(P);
-    if (T)
-        EC_POINT_free(T);
-    return ret;
-}
-
-/*
- * Note that by default ECP_NISTZ256_AVX2 is undefined. While it's great
- * code processing 4 points in parallel, corresponding serial operation
- * is several times slower, because it uses 29x29=58-bit multiplication
- * as opposite to 64x64=128-bit in integer-only scalar case. As result
- * it doesn't provide *significant* performance improvement. Note that
- * just defining ECP_NISTZ256_AVX2 is not sufficient to make it work,
- * you'd need to compile even asm/ecp_nistz256-avx.pl module.
- */
-#if defined(ECP_NISTZ256_AVX2)
-# if !(defined(__x86_64) || defined(__x86_64__)) || \
-       defined(_M_AMD64) || defined(_MX64)) || \
-     !(defined(__GNUC__) || defined(_MSC_VER)) /* this is for ALIGN32 */
-#  undef ECP_NISTZ256_AVX2
-# else
-/* Constant time access, loading four values, from four consecutive tables */
-void ecp_nistz256_avx2_select_w7(P256_POINT_AFFINE * val,
-                                 const P256_POINT_AFFINE * in_t, int index);
-void ecp_nistz256_avx2_multi_select_w7(void *result, const void *in, int index0,
-                                       int index1, int index2, int index3);
-void ecp_nistz256_avx2_transpose_convert(void *RESULTx4, const void *in);
-void ecp_nistz256_avx2_convert_transpose_back(void *result, const void *Ax4);
-void ecp_nistz256_avx2_point_add_affine_x4(void *RESULTx4, const void *Ax4,
-                                           const void *Bx4);
-void ecp_nistz256_avx2_point_add_affines_x4(void *RESULTx4, const void *Ax4,
-                                            const void *Bx4);
-void ecp_nistz256_avx2_to_mont(void *RESULTx4, const void *Ax4);
-void ecp_nistz256_avx2_from_mont(void *RESULTx4, const void *Ax4);
-void ecp_nistz256_avx2_set1(void *RESULTx4);
-int ecp_nistz_avx2_eligible(void);
-
-static void booth_recode_w7(unsigned char *sign,
-                            unsigned char *digit, unsigned char in)
-{
-    unsigned char s, d;
-
-    s = ~((in >> 7) - 1);
-    d = (1 << 8) - in - 1;
-    d = (d & s) | (in & ~s);
-    d = (d >> 1) + (d & 1);
-
-    *sign = s & 1;
-    *digit = d;
-}
-
-/*
- * ecp_nistz256_avx2_mul_g performs multiplication by G, using only the
- * precomputed table. It does 4 affine point additions in parallel,
- * significantly speeding up point multiplication for a fixed value.
- */
-static void ecp_nistz256_avx2_mul_g(P256_POINT *r,
-                                    unsigned char p_str[33],
-                                    const P256_POINT_AFFINE(*preComputedTable)[64])
-{
-    const unsigned int window_size = 7;
-    const unsigned int mask = (1 << (window_size + 1)) - 1;
-    unsigned int wvalue;
-    /* Using 4 windows at a time */
-    unsigned char sign0, digit0;
-    unsigned char sign1, digit1;
-    unsigned char sign2, digit2;
-    unsigned char sign3, digit3;
-    unsigned int index = 0;
-    BN_ULONG tmp[P256_LIMBS];
-    int i;
-
-    ALIGN32 BN_ULONG aX4[4 * 9 * 3] = { 0 };
-    ALIGN32 BN_ULONG bX4[4 * 9 * 2] = { 0 };
-    ALIGN32 P256_POINT_AFFINE point_arr[P256_LIMBS];
-    ALIGN32 P256_POINT res_point_arr[P256_LIMBS];
-
-    /* Initial four windows */
-    wvalue = *((u16 *) & p_str[0]);
-    wvalue = (wvalue << 1) & mask;
-    index += window_size;
-    booth_recode_w7(&sign0, &digit0, wvalue);
-    wvalue = *((u16 *) & p_str[(index - 1) / 8]);
-    wvalue = (wvalue >> ((index - 1) % 8)) & mask;
-    index += window_size;
-    booth_recode_w7(&sign1, &digit1, wvalue);
-    wvalue = *((u16 *) & p_str[(index - 1) / 8]);
-    wvalue = (wvalue >> ((index - 1) % 8)) & mask;
-    index += window_size;
-    booth_recode_w7(&sign2, &digit2, wvalue);
-    wvalue = *((u16 *) & p_str[(index - 1) / 8]);
-    wvalue = (wvalue >> ((index - 1) % 8)) & mask;
-    index += window_size;
-    booth_recode_w7(&sign3, &digit3, wvalue);
-
-    ecp_nistz256_avx2_multi_select_w7(point_arr, preComputedTable[0],
-                                      digit0, digit1, digit2, digit3);
-
-    ecp_nistz256_neg(tmp, point_arr[0].Y);
-    copy_conditional(point_arr[0].Y, tmp, sign0);
-    ecp_nistz256_neg(tmp, point_arr[1].Y);
-    copy_conditional(point_arr[1].Y, tmp, sign1);
-    ecp_nistz256_neg(tmp, point_arr[2].Y);
-    copy_conditional(point_arr[2].Y, tmp, sign2);
-    ecp_nistz256_neg(tmp, point_arr[3].Y);
-    copy_conditional(point_arr[3].Y, tmp, sign3);
-
-    ecp_nistz256_avx2_transpose_convert(aX4, point_arr);
-    ecp_nistz256_avx2_to_mont(aX4, aX4);
-    ecp_nistz256_avx2_to_mont(&aX4[4 * 9], &aX4[4 * 9]);
-    ecp_nistz256_avx2_set1(&aX4[4 * 9 * 2]);
-
-    wvalue = *((u16 *) & p_str[(index - 1) / 8]);
-    wvalue = (wvalue >> ((index - 1) % 8)) & mask;
-    index += window_size;
-    booth_recode_w7(&sign0, &digit0, wvalue);
-    wvalue = *((u16 *) & p_str[(index - 1) / 8]);
-    wvalue = (wvalue >> ((index - 1) % 8)) & mask;
-    index += window_size;
-    booth_recode_w7(&sign1, &digit1, wvalue);
-    wvalue = *((u16 *) & p_str[(index - 1) / 8]);
-    wvalue = (wvalue >> ((index - 1) % 8)) & mask;
-    index += window_size;
-    booth_recode_w7(&sign2, &digit2, wvalue);
-    wvalue = *((u16 *) & p_str[(index - 1) / 8]);
-    wvalue = (wvalue >> ((index - 1) % 8)) & mask;
-    index += window_size;
-    booth_recode_w7(&sign3, &digit3, wvalue);
-
-    ecp_nistz256_avx2_multi_select_w7(point_arr, preComputedTable[4 * 1],
-                                      digit0, digit1, digit2, digit3);
-
-    ecp_nistz256_neg(tmp, point_arr[0].Y);
-    copy_conditional(point_arr[0].Y, tmp, sign0);
-    ecp_nistz256_neg(tmp, point_arr[1].Y);
-    copy_conditional(point_arr[1].Y, tmp, sign1);
-    ecp_nistz256_neg(tmp, point_arr[2].Y);
-    copy_conditional(point_arr[2].Y, tmp, sign2);
-    ecp_nistz256_neg(tmp, point_arr[3].Y);
-    copy_conditional(point_arr[3].Y, tmp, sign3);
-
-    ecp_nistz256_avx2_transpose_convert(bX4, point_arr);
-    ecp_nistz256_avx2_to_mont(bX4, bX4);
-    ecp_nistz256_avx2_to_mont(&bX4[4 * 9], &bX4[4 * 9]);
-    /* Optimized when both inputs are affine */
-    ecp_nistz256_avx2_point_add_affines_x4(aX4, aX4, bX4);
-
-    for (i = 2; i < 9; i++) {
-        wvalue = *((u16 *) & p_str[(index - 1) / 8]);
-        wvalue = (wvalue >> ((index - 1) % 8)) & mask;
-        index += window_size;
-        booth_recode_w7(&sign0, &digit0, wvalue);
-        wvalue = *((u16 *) & p_str[(index - 1) / 8]);
-        wvalue = (wvalue >> ((index - 1) % 8)) & mask;
-        index += window_size;
-        booth_recode_w7(&sign1, &digit1, wvalue);
-        wvalue = *((u16 *) & p_str[(index - 1) / 8]);
-        wvalue = (wvalue >> ((index - 1) % 8)) & mask;
-        index += window_size;
-        booth_recode_w7(&sign2, &digit2, wvalue);
-        wvalue = *((u16 *) & p_str[(index - 1) / 8]);
-        wvalue = (wvalue >> ((index - 1) % 8)) & mask;
-        index += window_size;
-        booth_recode_w7(&sign3, &digit3, wvalue);
-
-        ecp_nistz256_avx2_multi_select_w7(point_arr,
-                                          preComputedTable[4 * i],
-                                          digit0, digit1, digit2, digit3);
-
-        ecp_nistz256_neg(tmp, point_arr[0].Y);
-        copy_conditional(point_arr[0].Y, tmp, sign0);
-        ecp_nistz256_neg(tmp, point_arr[1].Y);
-        copy_conditional(point_arr[1].Y, tmp, sign1);
-        ecp_nistz256_neg(tmp, point_arr[2].Y);
-        copy_conditional(point_arr[2].Y, tmp, sign2);
-        ecp_nistz256_neg(tmp, point_arr[3].Y);
-        copy_conditional(point_arr[3].Y, tmp, sign3);
-
-        ecp_nistz256_avx2_transpose_convert(bX4, point_arr);
-        ecp_nistz256_avx2_to_mont(bX4, bX4);
-        ecp_nistz256_avx2_to_mont(&bX4[4 * 9], &bX4[4 * 9]);
-
-        ecp_nistz256_avx2_point_add_affine_x4(aX4, aX4, bX4);
-    }
-
-    ecp_nistz256_avx2_from_mont(&aX4[4 * 9 * 0], &aX4[4 * 9 * 0]);
-    ecp_nistz256_avx2_from_mont(&aX4[4 * 9 * 1], &aX4[4 * 9 * 1]);
-    ecp_nistz256_avx2_from_mont(&aX4[4 * 9 * 2], &aX4[4 * 9 * 2]);
-
-    ecp_nistz256_avx2_convert_transpose_back(res_point_arr, aX4);
-    /* Last window is performed serially */
-    wvalue = *((u16 *) & p_str[(index - 1) / 8]);
-    wvalue = (wvalue >> ((index - 1) % 8)) & mask;
-    booth_recode_w7(&sign0, &digit0, wvalue);
-    ecp_nistz256_avx2_select_w7((P256_POINT_AFFINE *) r,
-                                preComputedTable[36], digit0);
-    ecp_nistz256_neg(tmp, r->Y);
-    copy_conditional(r->Y, tmp, sign0);
-    memcpy(r->Z, ONE, sizeof(ONE));
-    /* Sum the four windows */
-    ecp_nistz256_point_add(r, r, &res_point_arr[0]);
-    ecp_nistz256_point_add(r, r, &res_point_arr[1]);
-    ecp_nistz256_point_add(r, r, &res_point_arr[2]);
-    ecp_nistz256_point_add(r, r, &res_point_arr[3]);
-}
-# endif
-#endif
-
-static int ecp_nistz256_set_from_affine(EC_POINT *out, const EC_GROUP *group,
-                                        const P256_POINT_AFFINE *in,
-                                        BN_CTX *ctx)
-{
-    BIGNUM x, y;
-    BN_ULONG d_x[P256_LIMBS], d_y[P256_LIMBS];
-    int ret = 0;
-
-    memcpy(d_x, in->X, sizeof(d_x));
-    x.d = d_x;
-    x.dmax = x.top = P256_LIMBS;
-    x.neg = 0;
-    x.flags = BN_FLG_STATIC_DATA;
-
-    memcpy(d_y, in->Y, sizeof(d_y));
-    y.d = d_y;
-    y.dmax = y.top = P256_LIMBS;
-    y.neg = 0;
-    y.flags = BN_FLG_STATIC_DATA;
-
-    ret = EC_POINT_set_affine_coordinates_GFp(group, out, &x, &y, ctx);
-
-    return ret;
-}
-
-/* r = scalar*G + sum(scalars[i]*points[i]) */
-static int ecp_nistz256_points_mul(const EC_GROUP *group,
-                                   EC_POINT *r,
-                                   const BIGNUM *scalar,
-                                   size_t num,
-                                   const EC_POINT *points[],
-                                   const BIGNUM *scalars[], BN_CTX *ctx)
-{
-    int i = 0, ret = 0, no_precomp_for_generator = 0, p_is_infinity = 0;
-    size_t j;
-    unsigned char p_str[33] = { 0 };
-    const PRECOMP256_ROW *preComputedTable = NULL;
-    const EC_PRE_COMP *pre_comp = NULL;
-    const EC_POINT *generator = NULL;
-    unsigned int index = 0;
-    BN_CTX *new_ctx = NULL;
-    const BIGNUM **new_scalars = NULL;
-    const EC_POINT **new_points = NULL;
-    const unsigned int window_size = 7;
-    const unsigned int mask = (1 << (window_size + 1)) - 1;
-    unsigned int wvalue;
-    ALIGN32 union {
-        P256_POINT p;
-        P256_POINT_AFFINE a;
-    } t, p;
-    BIGNUM *tmp_scalar;
-
-    if (group->meth != r->meth) {
-        ECerr(EC_F_ECP_NISTZ256_POINTS_MUL, EC_R_INCOMPATIBLE_OBJECTS);
-        return 0;
-    }
-
-    if ((scalar == NULL) && (num == 0))
-        return EC_POINT_set_to_infinity(group, r);
-
-    for (j = 0; j < num; j++) {
-        if (group->meth != points[j]->meth) {
-            ECerr(EC_F_ECP_NISTZ256_POINTS_MUL, EC_R_INCOMPATIBLE_OBJECTS);
-            return 0;
-        }
-    }
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL)
-            goto err;
-    }
-
-    BN_CTX_start(ctx);
-
-    if (scalar) {
-        generator = EC_GROUP_get0_generator(group);
-        if (generator == NULL) {
-            ECerr(EC_F_ECP_NISTZ256_POINTS_MUL, EC_R_UNDEFINED_GENERATOR);
-            goto err;
-        }
-
-        /* look if we can use precomputed multiples of generator */
-        pre_comp =
-            EC_EX_DATA_get_data(group->extra_data, ecp_nistz256_pre_comp_dup,
-                                ecp_nistz256_pre_comp_free,
-                                ecp_nistz256_pre_comp_clear_free);
-
-        if (pre_comp) {
-            /*
-             * If there is a precomputed table for the generator, check that
-             * it was generated with the same generator.
-             */
-            EC_POINT *pre_comp_generator = EC_POINT_new(group);
-            if (pre_comp_generator == NULL)
-                goto err;
-
-            if (!ecp_nistz256_set_from_affine
-                (pre_comp_generator, group, pre_comp->precomp[0], ctx)) {
-                EC_POINT_free(pre_comp_generator);
-                goto err;
-            }
-
-            if (0 == EC_POINT_cmp(group, generator, pre_comp_generator, ctx))
-                preComputedTable = (const PRECOMP256_ROW *)pre_comp->precomp;
-
-            EC_POINT_free(pre_comp_generator);
-        }
-
-        if (preComputedTable == NULL && ecp_nistz256_is_affine_G(generator)) {
-            /*
-             * If there is no precomputed data, but the generator
-             * is the default, a hardcoded table of precomputed
-             * data is used. This is because applications, such as
-             * Apache, do not use EC_KEY_precompute_mult.
-             */
-            preComputedTable = (const PRECOMP256_ROW *)ecp_nistz256_precomputed;
-        }
-
-        if (preComputedTable) {
-            if ((BN_num_bits(scalar) > 256)
-                || BN_is_negative(scalar)) {
-                if ((tmp_scalar = BN_CTX_get(ctx)) == NULL)
-                    goto err;
-
-                if (!BN_nnmod(tmp_scalar, scalar, &group->order, ctx)) {
-                    ECerr(EC_F_ECP_NISTZ256_POINTS_MUL, ERR_R_BN_LIB);
-                    goto err;
-                }
-                scalar = tmp_scalar;
-            }
-
-            for (i = 0; i < scalar->top * BN_BYTES; i += BN_BYTES) {
-                BN_ULONG d = scalar->d[i / BN_BYTES];
-
-                p_str[i + 0] = d & 0xff;
-                p_str[i + 1] = (d >> 8) & 0xff;
-                p_str[i + 2] = (d >> 16) & 0xff;
-                p_str[i + 3] = (d >>= 24) & 0xff;
-                if (BN_BYTES == 8) {
-                    d >>= 8;
-                    p_str[i + 4] = d & 0xff;
-                    p_str[i + 5] = (d >> 8) & 0xff;
-                    p_str[i + 6] = (d >> 16) & 0xff;
-                    p_str[i + 7] = (d >> 24) & 0xff;
-                }
-            }
-
-            for (; i < 33; i++)
-                p_str[i] = 0;
-
-#if defined(ECP_NISTZ256_AVX2)
-            if (ecp_nistz_avx2_eligible()) {
-                ecp_nistz256_avx2_mul_g(&p.p, p_str, preComputedTable);
-            } else
-#endif
-            {
-                BN_ULONG infty;
-
-                /* First window */
-                wvalue = (p_str[0] << 1) & mask;
-                index += window_size;
-
-                wvalue = _booth_recode_w7(wvalue);
-
-                ecp_nistz256_select_w7(&p.a, preComputedTable[0], wvalue >> 1);
-
-                ecp_nistz256_neg(p.p.Z, p.p.Y);
-                copy_conditional(p.p.Y, p.p.Z, wvalue & 1);
-
-                /*
-                 * Since affine infinity is encoded as (0,0) and
-                 * Jacobian ias (,,0), we need to harmonize them
-                 * by assigning "one" or zero to Z.
-                 */
-                infty = (p.p.X[0] | p.p.X[1] | p.p.X[2] | p.p.X[3] |
-                         p.p.Y[0] | p.p.Y[1] | p.p.Y[2] | p.p.Y[3]);
-                if (P256_LIMBS == 8)
-                    infty |= (p.p.X[4] | p.p.X[5] | p.p.X[6] | p.p.X[7] |
-                              p.p.Y[4] | p.p.Y[5] | p.p.Y[6] | p.p.Y[7]);
-
-                infty = 0 - is_zero(infty);
-                infty = ~infty;
-
-                p.p.Z[0] = ONE[0] & infty;
-                p.p.Z[1] = ONE[1] & infty;
-                p.p.Z[2] = ONE[2] & infty;
-                p.p.Z[3] = ONE[3] & infty;
-                if (P256_LIMBS == 8) {
-                    p.p.Z[4] = ONE[4] & infty;
-                    p.p.Z[5] = ONE[5] & infty;
-                    p.p.Z[6] = ONE[6] & infty;
-                    p.p.Z[7] = ONE[7] & infty;
-                }
-
-                for (i = 1; i < 37; i++) {
-                    unsigned int off = (index - 1) / 8;
-                    wvalue = p_str[off] | p_str[off + 1] << 8;
-                    wvalue = (wvalue >> ((index - 1) % 8)) & mask;
-                    index += window_size;
-
-                    wvalue = _booth_recode_w7(wvalue);
-
-                    ecp_nistz256_select_w7(&t.a,
-                                           preComputedTable[i], wvalue >> 1);
-
-                    ecp_nistz256_neg(t.p.Z, t.a.Y);
-                    copy_conditional(t.a.Y, t.p.Z, wvalue & 1);
-
-                    ecp_nistz256_point_add_affine(&p.p, &p.p, &t.a);
-                }
-            }
-        } else {
-            p_is_infinity = 1;
-            no_precomp_for_generator = 1;
-        }
-    } else
-        p_is_infinity = 1;
-
-    if (no_precomp_for_generator) {
-        /*
-         * Without a precomputed table for the generator, it has to be
-         * handled like a normal point.
-         */
-        new_scalars = OPENSSL_malloc((num + 1) * sizeof(BIGNUM *));
-        if (!new_scalars) {
-            ECerr(EC_F_ECP_NISTZ256_POINTS_MUL, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-
-        new_points = OPENSSL_malloc((num + 1) * sizeof(EC_POINT *));
-        if (!new_points) {
-            ECerr(EC_F_ECP_NISTZ256_POINTS_MUL, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-
-        memcpy(new_scalars, scalars, num * sizeof(BIGNUM *));
-        new_scalars[num] = scalar;
-        memcpy(new_points, points, num * sizeof(EC_POINT *));
-        new_points[num] = generator;
-
-        scalars = new_scalars;
-        points = new_points;
-        num++;
-    }
-
-    if (num) {
-        P256_POINT *out = &t.p;
-        if (p_is_infinity)
-            out = &p.p;
-
-        if (!ecp_nistz256_windowed_mul(group, out, scalars, points, num, ctx))
-            goto err;
-
-        if (!p_is_infinity)
-            ecp_nistz256_point_add(&p.p, &p.p, out);
-    }
-
-    /* Not constant-time, but we're only operating on the public output. */
-    if (!ecp_nistz256_set_words(&r->X, p.p.X) ||
-        !ecp_nistz256_set_words(&r->Y, p.p.Y) ||
-        !ecp_nistz256_set_words(&r->Z, p.p.Z)) {
-        goto err;
-    }
-    r->Z_is_one = is_one(&r->Z) & 1;
-
-    ret = 1;
-
-err:
-    if (ctx)
-        BN_CTX_end(ctx);
-    BN_CTX_free(new_ctx);
-    if (new_points)
-        OPENSSL_free(new_points);
-    if (new_scalars)
-        OPENSSL_free(new_scalars);
-    return ret;
-}
-
-static int ecp_nistz256_get_affine(const EC_GROUP *group,
-                                   const EC_POINT *point,
-                                   BIGNUM *x, BIGNUM *y, BN_CTX *ctx)
-{
-    BN_ULONG z_inv2[P256_LIMBS];
-    BN_ULONG z_inv3[P256_LIMBS];
-    BN_ULONG x_aff[P256_LIMBS];
-    BN_ULONG y_aff[P256_LIMBS];
-    BN_ULONG point_x[P256_LIMBS], point_y[P256_LIMBS], point_z[P256_LIMBS];
-    BN_ULONG x_ret[P256_LIMBS], y_ret[P256_LIMBS];
-
-    if (EC_POINT_is_at_infinity(group, point)) {
-        ECerr(EC_F_ECP_NISTZ256_GET_AFFINE, EC_R_POINT_AT_INFINITY);
-        return 0;
-    }
-
-    if (!ecp_nistz256_bignum_to_field_elem(point_x, &point->X) ||
-        !ecp_nistz256_bignum_to_field_elem(point_y, &point->Y) ||
-        !ecp_nistz256_bignum_to_field_elem(point_z, &point->Z)) {
-        ECerr(EC_F_ECP_NISTZ256_GET_AFFINE, EC_R_COORDINATES_OUT_OF_RANGE);
-        return 0;
-    }
-
-    ecp_nistz256_mod_inverse(z_inv3, point_z);
-    ecp_nistz256_sqr_mont(z_inv2, z_inv3);
-    ecp_nistz256_mul_mont(x_aff, z_inv2, point_x);
-
-    if (x != NULL) {
-        ecp_nistz256_from_mont(x_ret, x_aff);
-        if (!ecp_nistz256_set_words(x, x_ret))
-            return 0;
-    }
-
-    if (y != NULL) {
-        ecp_nistz256_mul_mont(z_inv3, z_inv3, z_inv2);
-        ecp_nistz256_mul_mont(y_aff, z_inv3, point_y);
-        ecp_nistz256_from_mont(y_ret, y_aff);
-        if (!ecp_nistz256_set_words(y, y_ret))
-            return 0;
-    }
-
-    return 1;
-}
-
-static EC_PRE_COMP *ecp_nistz256_pre_comp_new(const EC_GROUP *group)
-{
-    EC_PRE_COMP *ret = NULL;
-
-    if (!group)
-        return NULL;
-
-    ret = (EC_PRE_COMP *)OPENSSL_malloc(sizeof(EC_PRE_COMP));
-
-    if (!ret) {
-        ECerr(EC_F_ECP_NISTZ256_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
-        return ret;
-    }
-
-    ret->group = group;
-    ret->w = 6;                 /* default */
-    ret->precomp = NULL;
-    ret->precomp_storage = NULL;
-    ret->references = 1;
-    return ret;
-}
-
-static void *ecp_nistz256_pre_comp_dup(void *src_)
-{
-    EC_PRE_COMP *src = src_;
-
-    /* no need to actually copy, these objects never change! */
-    CRYPTO_add(&src->references, 1, CRYPTO_LOCK_EC_PRE_COMP);
-
-    return src_;
-}
-
-static void ecp_nistz256_pre_comp_free(void *pre_)
-{
-    int i;
-    EC_PRE_COMP *pre = pre_;
-
-    if (!pre)
-        return;
-
-    i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
-    if (i > 0)
-        return;
-
-    if (pre->precomp_storage)
-        OPENSSL_free(pre->precomp_storage);
-
-    OPENSSL_free(pre);
-}
-
-static void ecp_nistz256_pre_comp_clear_free(void *pre_)
-{
-    int i;
-    EC_PRE_COMP *pre = pre_;
-
-    if (!pre)
-        return;
-
-    i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
-    if (i > 0)
-        return;
-
-    if (pre->precomp_storage) {
-        OPENSSL_cleanse(pre->precomp,
-                        32 * sizeof(unsigned char) * (1 << pre->w) * 2 * 37);
-        OPENSSL_free(pre->precomp_storage);
-    }
-    OPENSSL_cleanse(pre, sizeof *pre);
-    OPENSSL_free(pre);
-}
-
-static int ecp_nistz256_window_have_precompute_mult(const EC_GROUP *group)
-{
-    /* There is a hard-coded table for the default generator. */
-    const EC_POINT *generator = EC_GROUP_get0_generator(group);
-    if (generator != NULL && ecp_nistz256_is_affine_G(generator)) {
-        /* There is a hard-coded table for the default generator. */
-        return 1;
-    }
-
-    return EC_EX_DATA_get_data(group->extra_data, ecp_nistz256_pre_comp_dup,
-                               ecp_nistz256_pre_comp_free,
-                               ecp_nistz256_pre_comp_clear_free) != NULL;
-}
-
-const EC_METHOD *EC_GFp_nistz256_method(void)
-{
-    static const EC_METHOD ret = {
-        EC_FLAGS_DEFAULT_OCT,
-        NID_X9_62_prime_field,
-        ec_GFp_mont_group_init,
-        ec_GFp_mont_group_finish,
-        ec_GFp_mont_group_clear_finish,
-        ec_GFp_mont_group_copy,
-        ec_GFp_mont_group_set_curve,
-        ec_GFp_simple_group_get_curve,
-        ec_GFp_simple_group_get_degree,
-        ec_GFp_simple_group_check_discriminant,
-        ec_GFp_simple_point_init,
-        ec_GFp_simple_point_finish,
-        ec_GFp_simple_point_clear_finish,
-        ec_GFp_simple_point_copy,
-        ec_GFp_simple_point_set_to_infinity,
-        ec_GFp_simple_set_Jprojective_coordinates_GFp,
-        ec_GFp_simple_get_Jprojective_coordinates_GFp,
-        ec_GFp_simple_point_set_affine_coordinates,
-        ecp_nistz256_get_affine,
-        0, 0, 0,
-        ec_GFp_simple_add,
-        ec_GFp_simple_dbl,
-        ec_GFp_simple_invert,
-        ec_GFp_simple_is_at_infinity,
-        ec_GFp_simple_is_on_curve,
-        ec_GFp_simple_cmp,
-        ec_GFp_simple_make_affine,
-        ec_GFp_simple_points_make_affine,
-        ecp_nistz256_points_mul,                    /* mul */
-        ecp_nistz256_mult_precompute,               /* precompute_mult */
-        ecp_nistz256_window_have_precompute_mult,   /* have_precompute_mult */
-        ec_GFp_mont_field_mul,
-        ec_GFp_mont_field_sqr,
-        0,                                          /* field_div */
-        ec_GFp_mont_field_encode,
-        ec_GFp_mont_field_decode,
-        ec_GFp_mont_field_set_to_one
-    };
-
-    return &ret;
-}
diff --git a/thirdparty/openssl/crypto/ec/ecp_nistz256_table.c b/thirdparty/openssl/crypto/ec/ecp_nistz256_table.c
deleted file mode 100644
index 2f0797db6b..0000000000
--- a/thirdparty/openssl/crypto/ec/ecp_nistz256_table.c
+++ /dev/null
@@ -1,9533 +0,0 @@
-/*
- * This is the precomputed constant time access table for the code in
- * ecp_montp256.c, for the default generator. The table consists of 37
- * subtables, each subtable contains 64 affine points. The affine points are
- * encoded as eight uint64's, four for the x coordinate and four for the y.
- * Both values are in little-endian order. There are 37 tables because a
- * signed, 6-bit wNAF form of the scalar is used and ceil(256/(6 + 1)) = 37.
- * Within each table there are 64 values because the 6-bit wNAF value can
- * take 64 values, ignoring the sign bit, which is implemented by performing
- * a negation of the affine point when required. We would like to align it
- * to 2MB in order to increase the chances of using a large page but that
- * appears to lead to invalid ELF files being produced.
- */
-
-#if defined(__GNUC__)
-__attribute((aligned(4096)))
-#elif defined(_MSC_VER)
-__declspec(align(4096))
-#elif defined(__SUNPRO_C)
-# pragma align 64(ecp_nistz256_precomputed)
-#endif
-static const BN_ULONG ecp_nistz256_precomputed[37][64 *
-                                                   sizeof(P256_POINT_AFFINE) /
-                                                   sizeof(BN_ULONG)] = {
-    {TOBN(0x79e730d4, 0x18a9143c), TOBN(0x75ba95fc, 0x5fedb601),
-     TOBN(0x79fb732b, 0x77622510), TOBN(0x18905f76, 0xa53755c6),
-     TOBN(0xddf25357, 0xce95560a), TOBN(0x8b4ab8e4, 0xba19e45c),
-     TOBN(0xd2e88688, 0xdd21f325), TOBN(0x8571ff18, 0x25885d85),
-     TOBN(0x850046d4, 0x10ddd64d), TOBN(0xaa6ae3c1, 0xa433827d),
-     TOBN(0x73220503, 0x8d1490d9), TOBN(0xf6bb32e4, 0x3dcf3a3b),
-     TOBN(0x2f3648d3, 0x61bee1a5), TOBN(0x152cd7cb, 0xeb236ff8),
-     TOBN(0x19a8fb0e, 0x92042dbe), TOBN(0x78c57751, 0x0a5b8a3b),
-     TOBN(0xffac3f90, 0x4eebc127), TOBN(0xb027f84a, 0x087d81fb),
-     TOBN(0x66ad77dd, 0x87cbbc98), TOBN(0x26936a3f, 0xb6ff747e),
-     TOBN(0xb04c5c1f, 0xc983a7eb), TOBN(0x583e47ad, 0x0861fe1a),
-     TOBN(0x78820831, 0x1a2ee98e), TOBN(0xd5f06a29, 0xe587cc07),
-     TOBN(0x74b0b50d, 0x46918dcc), TOBN(0x4650a6ed, 0xc623c173),
-     TOBN(0x0cdaacac, 0xe8100af2), TOBN(0x577362f5, 0x41b0176b),
-     TOBN(0x2d96f24c, 0xe4cbaba6), TOBN(0x17628471, 0xfad6f447),
-     TOBN(0x6b6c36de, 0xe5ddd22e), TOBN(0x84b14c39, 0x4c5ab863),
-     TOBN(0xbe1b8aae, 0xc45c61f5), TOBN(0x90ec649a, 0x94b9537d),
-     TOBN(0x941cb5aa, 0xd076c20c), TOBN(0xc9079605, 0x890523c8),
-     TOBN(0xeb309b4a, 0xe7ba4f10), TOBN(0x73c568ef, 0xe5eb882b),
-     TOBN(0x3540a987, 0x7e7a1f68), TOBN(0x73a076bb, 0x2dd1e916),
-     TOBN(0x40394737, 0x3e77664a), TOBN(0x55ae744f, 0x346cee3e),
-     TOBN(0xd50a961a, 0x5b17a3ad), TOBN(0x13074b59, 0x54213673),
-     TOBN(0x93d36220, 0xd377e44b), TOBN(0x299c2b53, 0xadff14b5),
-     TOBN(0xf424d44c, 0xef639f11), TOBN(0xa4c9916d, 0x4a07f75f),
-     TOBN(0x0746354e, 0xa0173b4f), TOBN(0x2bd20213, 0xd23c00f7),
-     TOBN(0xf43eaab5, 0x0c23bb08), TOBN(0x13ba5119, 0xc3123e03),
-     TOBN(0x2847d030, 0x3f5b9d4d), TOBN(0x6742f2f2, 0x5da67bdd),
-     TOBN(0xef933bdc, 0x77c94195), TOBN(0xeaedd915, 0x6e240867),
-     TOBN(0x27f14cd1, 0x9499a78f), TOBN(0x462ab5c5, 0x6f9b3455),
-     TOBN(0x8f90f02a, 0xf02cfc6b), TOBN(0xb763891e, 0xb265230d),
-     TOBN(0xf59da3a9, 0x532d4977), TOBN(0x21e3327d, 0xcf9eba15),
-     TOBN(0x123c7b84, 0xbe60bbf0), TOBN(0x56ec12f2, 0x7706df76),
-     TOBN(0x75c96e8f, 0x264e20e8), TOBN(0xabe6bfed, 0x59a7a841),
-     TOBN(0x2cc09c04, 0x44c8eb00), TOBN(0xe05b3080, 0xf0c4e16b),
-     TOBN(0x1eb7777a, 0xa45f3314), TOBN(0x56af7bed, 0xce5d45e3),
-     TOBN(0x2b6e019a, 0x88b12f1a), TOBN(0x086659cd, 0xfd835f9b),
-     TOBN(0x2c18dbd1, 0x9dc21ec8), TOBN(0x98f9868a, 0x0fcf8139),
-     TOBN(0x737d2cd6, 0x48250b49), TOBN(0xcc61c947, 0x24b3428f),
-     TOBN(0x0c2b4078, 0x80dd9e76), TOBN(0xc43a8991, 0x383fbe08),
-     TOBN(0x5f7d2d65, 0x779be5d2), TOBN(0x78719a54, 0xeb3b4ab5),
-     TOBN(0xea7d260a, 0x6245e404), TOBN(0x9de40795, 0x6e7fdfe0),
-     TOBN(0x1ff3a415, 0x8dac1ab5), TOBN(0x3e7090f1, 0x649c9073),
-     TOBN(0x1a768561, 0x2b944e88), TOBN(0x250f939e, 0xe57f61c8),
-     TOBN(0x0c0daa89, 0x1ead643d), TOBN(0x68930023, 0xe125b88e),
-     TOBN(0x04b71aa7, 0xd2697768), TOBN(0xabdedef5, 0xca345a33),
-     TOBN(0x2409d29d, 0xee37385e), TOBN(0x4ee1df77, 0xcb83e156),
-     TOBN(0x0cac12d9, 0x1cbb5b43), TOBN(0x170ed2f6, 0xca895637),
-     TOBN(0x28228cfa, 0x8ade6d66), TOBN(0x7ff57c95, 0x53238aca),
-     TOBN(0xccc42563, 0x4b2ed709), TOBN(0x0e356769, 0x856fd30d),
-     TOBN(0xbcbcd43f, 0x559e9811), TOBN(0x738477ac, 0x5395b759),
-     TOBN(0x35752b90, 0xc00ee17f), TOBN(0x68748390, 0x742ed2e3),
-     TOBN(0x7cd06422, 0xbd1f5bc1), TOBN(0xfbc08769, 0xc9e7b797),
-     TOBN(0xa242a35b, 0xb0cf664a), TOBN(0x126e48f7, 0x7f9707e3),
-     TOBN(0x1717bf54, 0xc6832660), TOBN(0xfaae7332, 0xfd12c72e),
-     TOBN(0x27b52db7, 0x995d586b), TOBN(0xbe29569e, 0x832237c2),
-     TOBN(0xe8e4193e, 0x2a65e7db), TOBN(0x152706dc, 0x2eaa1bbb),
-     TOBN(0x72bcd8b7, 0xbc60055b), TOBN(0x03cc23ee, 0x56e27e4b),
-     TOBN(0xee337424, 0xe4819370), TOBN(0xe2aa0e43, 0x0ad3da09),
-     TOBN(0x40b8524f, 0x6383c45d), TOBN(0xd7663554, 0x42a41b25),
-     TOBN(0x64efa6de, 0x778a4797), TOBN(0x2042170a, 0x7079adf4),
-     TOBN(0x808b0b65, 0x0bc6fb80), TOBN(0x5882e075, 0x3ffe2e6b),
-     TOBN(0xd5ef2f7c, 0x2c83f549), TOBN(0x54d63c80, 0x9103b723),
-     TOBN(0xf2f11bd6, 0x52a23f9b), TOBN(0x3670c319, 0x4b0b6587),
-     TOBN(0x55c4623b, 0xb1580e9e), TOBN(0x64edf7b2, 0x01efe220),
-     TOBN(0x97091dcb, 0xd53c5c9d), TOBN(0xf17624b6, 0xac0a177b),
-     TOBN(0xb0f13975, 0x2cfe2dff), TOBN(0xc1a35c0a, 0x6c7a574e),
-     TOBN(0x227d3146, 0x93e79987), TOBN(0x0575bf30, 0xe89cb80e),
-     TOBN(0x2f4e247f, 0x0d1883bb), TOBN(0xebd51226, 0x3274c3d0),
-     TOBN(0x5f3e51c8, 0x56ada97a), TOBN(0x4afc964d, 0x8f8b403e),
-     TOBN(0xa6f247ab, 0x412e2979), TOBN(0x675abd1b, 0x6f80ebda),
-     TOBN(0x66a2bd72, 0x5e485a1d), TOBN(0x4b2a5caf, 0x8f4f0b3c),
-     TOBN(0x2626927f, 0x1b847bba), TOBN(0x6c6fc7d9, 0x0502394d),
-     TOBN(0xfea912ba, 0xa5659ae8), TOBN(0x68363aba, 0x25e1a16e),
-     TOBN(0xb8842277, 0x752c41ac), TOBN(0xfe545c28, 0x2897c3fc),
-     TOBN(0x2d36e9e7, 0xdc4c696b), TOBN(0x5806244a, 0xfba977c5),
-     TOBN(0x85665e9b, 0xe39508c1), TOBN(0xf720ee25, 0x6d12597b),
-     TOBN(0x8a979129, 0xd2337a31), TOBN(0x5916868f, 0x0f862bdc),
-     TOBN(0x048099d9, 0x5dd283ba), TOBN(0xe2d1eeb6, 0xfe5bfb4e),
-     TOBN(0x82ef1c41, 0x7884005d), TOBN(0xa2d4ec17, 0xffffcbae),
-     TOBN(0x9161c53f, 0x8aa95e66), TOBN(0x5ee104e1, 0xc5fee0d0),
-     TOBN(0x562e4cec, 0xc135b208), TOBN(0x74e1b265, 0x4783f47d),
-     TOBN(0x6d2a506c, 0x5a3f3b30), TOBN(0xecead9f4, 0xc16762fc),
-     TOBN(0xf29dd4b2, 0xe286e5b9), TOBN(0x1b0fadc0, 0x83bb3c61),
-     TOBN(0x7a75023e, 0x7fac29a4), TOBN(0xc086d5f1, 0xc9477fa3),
-     TOBN(0x0fc61135, 0x2f6f3076), TOBN(0xc99ffa23, 0xe3912a9a),
-     TOBN(0x6a0b0685, 0xd2f8ba3d), TOBN(0xfdc777e8, 0xe93358a4),
-     TOBN(0x94a787bb, 0x35415f04), TOBN(0x640c2d6a, 0x4d23fea4),
-     TOBN(0x9de917da, 0x153a35b5), TOBN(0x793e8d07, 0x5d5cd074),
-     TOBN(0xf4f87653, 0x2de45068), TOBN(0x37c7a7e8, 0x9e2e1f6e),
-     TOBN(0xd0825fa2, 0xa3584069), TOBN(0xaf2cea7c, 0x1727bf42),
-     TOBN(0x0360a4fb, 0x9e4785a9), TOBN(0xe5fda49c, 0x27299f4a),
-     TOBN(0x48068e13, 0x71ac2f71), TOBN(0x83d0687b, 0x9077666f),
-     TOBN(0x6d3883b2, 0x15d02819), TOBN(0x6d0d7550, 0x40dd9a35),
-     TOBN(0x61d7cbf9, 0x1d2b469f), TOBN(0xf97b232f, 0x2efc3115),
-     TOBN(0xa551d750, 0xb24bcbc7), TOBN(0x11ea4949, 0x88a1e356),
-     TOBN(0x7669f031, 0x93cb7501), TOBN(0x595dc55e, 0xca737b8a),
-     TOBN(0xa4a319ac, 0xd837879f), TOBN(0x6fc1b49e, 0xed6b67b0),
-     TOBN(0xe3959933, 0x32f1f3af), TOBN(0x966742eb, 0x65432a2e),
-     TOBN(0x4b8dc9fe, 0xb4966228), TOBN(0x96cc6312, 0x43f43950),
-     TOBN(0x12068859, 0xc9b731ee), TOBN(0x7b948dc3, 0x56f79968),
-     TOBN(0x61e4ad32, 0xed1f8008), TOBN(0xe6c9267a, 0xd8b17538),
-     TOBN(0x1ac7c5eb, 0x857ff6fb), TOBN(0x994baaa8, 0x55f2fb10),
-     TOBN(0x84cf14e1, 0x1d248018), TOBN(0x5a39898b, 0x628ac508),
-     TOBN(0x14fde97b, 0x5fa944f5), TOBN(0xed178030, 0xd12e5ac7),
-     TOBN(0x042c2af4, 0x97e2feb4), TOBN(0xd36a42d7, 0xaebf7313),
-     TOBN(0x49d2c9eb, 0x084ffdd7), TOBN(0x9f8aa54b, 0x2ef7c76a),
-     TOBN(0x9200b7ba, 0x09895e70), TOBN(0x3bd0c66f, 0xddb7fb58),
-     TOBN(0x2d97d108, 0x78eb4cbb), TOBN(0x2d431068, 0xd84bde31),
-     TOBN(0x4b523eb7, 0x172ccd1f), TOBN(0x7323cb28, 0x30a6a892),
-     TOBN(0x97082ec0, 0xcfe153eb), TOBN(0xe97f6b6a, 0xf2aadb97),
-     TOBN(0x1d3d393e, 0xd1a83da1), TOBN(0xa6a7f9c7, 0x804b2a68),
-     TOBN(0x4a688b48, 0x2d0cb71e), TOBN(0xa9b4cc5f, 0x40585278),
-     TOBN(0x5e5db46a, 0xcb66e132), TOBN(0xf1be963a, 0x0d925880),
-     TOBN(0x944a7027, 0x0317b9e2), TOBN(0xe266f959, 0x48603d48),
-     TOBN(0x98db6673, 0x5c208899), TOBN(0x90472447, 0xa2fb18a3),
-     TOBN(0x8a966939, 0x777c619f), TOBN(0x3798142a, 0x2a3be21b),
-     TOBN(0xb4241cb1, 0x3298b343), TOBN(0xa3a14e49, 0xb44f65a1),
-     TOBN(0xc5f4d6cd, 0x3ac77acd), TOBN(0xd0288cb5, 0x52b6fc3c),
-     TOBN(0xd5cc8c2f, 0x1c040abc), TOBN(0xb675511e, 0x06bf9b4a),
-     TOBN(0xd667da37, 0x9b3aa441), TOBN(0x460d45ce, 0x51601f72),
-     TOBN(0xe2f73c69, 0x6755ff89), TOBN(0xdd3cf7e7, 0x473017e6),
-     TOBN(0x8ef5689d, 0x3cf7600d), TOBN(0x948dc4f8, 0xb1fc87b4),
-     TOBN(0xd9e9fe81, 0x4ea53299), TOBN(0x2d921ca2, 0x98eb6028),
-     TOBN(0xfaecedfd, 0x0c9803fc), TOBN(0xf38ae891, 0x4d7b4745),
-     TOBN(0xd8c5fccf, 0xc5e3a3d8), TOBN(0xbefd904c, 0x4079dfbf),
-     TOBN(0xbc6d6a58, 0xfead0197), TOBN(0x39227077, 0x695532a4),
-     TOBN(0x09e23e6d, 0xdbef42f5), TOBN(0x7e449b64, 0x480a9908),
-     TOBN(0x7b969c1a, 0xad9a2e40), TOBN(0x6231d792, 0x9591c2a4),
-     TOBN(0x87151456, 0x0f664534), TOBN(0x85ceae7c, 0x4b68f103),
-     TOBN(0xac09c4ae, 0x65578ab9), TOBN(0x33ec6868, 0xf044b10c),
-     TOBN(0x6ac4832b, 0x3a8ec1f1), TOBN(0x5509d128, 0x5847d5ef),
-     TOBN(0xf909604f, 0x763f1574), TOBN(0xb16c4303, 0xc32f63c4),
-     TOBN(0xb6ab2014, 0x7ca23cd3), TOBN(0xcaa7a5c6, 0xa391849d),
-     TOBN(0x5b0673a3, 0x75678d94), TOBN(0xc982ddd4, 0xdd303e64),
-     TOBN(0xfd7b000b, 0x5db6f971), TOBN(0xbba2cb1f, 0x6f876f92),
-     TOBN(0xc77332a3, 0x3c569426), TOBN(0xa159100c, 0x570d74f8),
-     TOBN(0xfd16847f, 0xdec67ef5), TOBN(0x742ee464, 0x233e76b7),
-     TOBN(0x0b8e4134, 0xefc2b4c8), TOBN(0xca640b86, 0x42a3e521),
-     TOBN(0x653a0190, 0x8ceb6aa9), TOBN(0x313c300c, 0x547852d5),
-     TOBN(0x24e4ab12, 0x6b237af7), TOBN(0x2ba90162, 0x8bb47af8),
-     TOBN(0x3d5e58d6, 0xa8219bb7), TOBN(0xc691d0bd, 0x1b06c57f),
-     TOBN(0x0ae4cb10, 0xd257576e), TOBN(0x3569656c, 0xd54a3dc3),
-     TOBN(0xe5ebaebd, 0x94cda03a), TOBN(0x934e82d3, 0x162bfe13),
-     TOBN(0x450ac0ba, 0xe251a0c6), TOBN(0x480b9e11, 0xdd6da526),
-     TOBN(0x00467bc5, 0x8cce08b5), TOBN(0xb636458c, 0x7f178d55),
-     TOBN(0xc5748bae, 0xa677d806), TOBN(0x2763a387, 0xdfa394eb),
-     TOBN(0xa12b448a, 0x7d3cebb6), TOBN(0xe7adda3e, 0x6f20d850),
-     TOBN(0xf63ebce5, 0x1558462c), TOBN(0x58b36143, 0x620088a8),
-     TOBN(0x8a2cc3ca, 0x4d63c0ee), TOBN(0x51233117, 0x0fe948ce),
-     TOBN(0x7463fd85, 0x222ef33b), TOBN(0xadf0c7dc, 0x7c603d6c),
-     TOBN(0x0ec32d3b, 0xfe7765e5), TOBN(0xccaab359, 0xbf380409),
-     TOBN(0xbdaa84d6, 0x8e59319c), TOBN(0xd9a4c280, 0x9c80c34d),
-     TOBN(0xa9d89488, 0xa059c142), TOBN(0x6f5ae714, 0xff0b9346),
-     TOBN(0x068f237d, 0x16fb3664), TOBN(0x5853e4c4, 0x363186ac),
-     TOBN(0xe2d87d23, 0x63c52f98), TOBN(0x2ec4a766, 0x81828876),
-     TOBN(0x47b864fa, 0xe14e7b1c), TOBN(0x0c0bc0e5, 0x69192408),
-     TOBN(0xe4d7681d, 0xb82e9f3e), TOBN(0x83200f0b, 0xdf25e13c),
-     TOBN(0x8909984c, 0x66f27280), TOBN(0x462d7b00, 0x75f73227),
-     TOBN(0xd90ba188, 0xf2651798), TOBN(0x74c6e18c, 0x36ab1c34),
-     TOBN(0xab256ea3, 0x5ef54359), TOBN(0x03466612, 0xd1aa702f),
-     TOBN(0x624d6049, 0x2ed22e91), TOBN(0x6fdfe0b5, 0x6f072822),
-     TOBN(0xeeca1115, 0x39ce2271), TOBN(0x98100a4f, 0xdb01614f),
-     TOBN(0xb6b0daa2, 0xa35c628f), TOBN(0xb6f94d2e, 0xc87e9a47),
-     TOBN(0xc6773259, 0x1d57d9ce), TOBN(0xf70bfeec, 0x03884a7b),
-     TOBN(0x5fb35ccf, 0xed2bad01), TOBN(0xa155cbe3, 0x1da6a5c7),
-     TOBN(0xc2e2594c, 0x30a92f8f), TOBN(0x649c89ce, 0x5bfafe43),
-     TOBN(0xd158667d, 0xe9ff257a), TOBN(0x9b359611, 0xf32c50ae),
-     TOBN(0x4b00b20b, 0x906014cf), TOBN(0xf3a8cfe3, 0x89bc7d3d),
-     TOBN(0x4ff23ffd, 0x248a7d06), TOBN(0x80c5bfb4, 0x878873fa),
-     TOBN(0xb7d9ad90, 0x05745981), TOBN(0x179c85db, 0x3db01994),
-     TOBN(0xba41b062, 0x61a6966c), TOBN(0x4d82d052, 0xeadce5a8),
-     TOBN(0x9e91cd3b, 0xa5e6a318), TOBN(0x47795f4f, 0x95b2dda0),
-     TOBN(0xecfd7c1f, 0xd55a897c), TOBN(0x009194ab, 0xb29110fb),
-     TOBN(0x5f0e2046, 0xe381d3b0), TOBN(0x5f3425f6, 0xa98dd291),
-     TOBN(0xbfa06687, 0x730d50da), TOBN(0x0423446c, 0x4b083b7f),
-     TOBN(0x397a247d, 0xd69d3417), TOBN(0xeb629f90, 0x387ba42a),
-     TOBN(0x1ee426cc, 0xd5cd79bf), TOBN(0x0032940b, 0x946c6e18),
-     TOBN(0x1b1e8ae0, 0x57477f58), TOBN(0xe94f7d34, 0x6d823278),
-     TOBN(0xc747cb96, 0x782ba21a), TOBN(0xc5254469, 0xf72b33a5),
-     TOBN(0x772ef6de, 0xc7f80c81), TOBN(0xd73acbfe, 0x2cd9e6b5),
-     TOBN(0x4075b5b1, 0x49ee90d9), TOBN(0x785c339a, 0xa06e9eba),
-     TOBN(0xa1030d5b, 0xabf825e0), TOBN(0xcec684c3, 0xa42931dc),
-     TOBN(0x42ab62c9, 0xc1586e63), TOBN(0x45431d66, 0x5ab43f2b),
-     TOBN(0x57c8b2c0, 0x55f7835d), TOBN(0x033da338, 0xc1b7f865),
-     TOBN(0x283c7513, 0xcaa76097), TOBN(0x0a624fa9, 0x36c83906),
-     TOBN(0x6b20afec, 0x715af2c7), TOBN(0x4b969974, 0xeba78bfd),
-     TOBN(0x220755cc, 0xd921d60e), TOBN(0x9b944e10, 0x7baeca13),
-     TOBN(0x04819d51, 0x5ded93d4), TOBN(0x9bbff86e, 0x6dddfd27),
-     TOBN(0x6b344130, 0x77adc612), TOBN(0xa7496529, 0xbbd803a0),
-     TOBN(0x1a1baaa7, 0x6d8805bd), TOBN(0xc8403902, 0x470343ad),
-     TOBN(0x39f59f66, 0x175adff1), TOBN(0x0b26d7fb, 0xb7d8c5b7),
-     TOBN(0xa875f5ce, 0x529d75e3), TOBN(0x85efc7e9, 0x41325cc2),
-     TOBN(0x21950b42, 0x1ff6acd3), TOBN(0xffe70484, 0x53dc6909),
-     TOBN(0xff4cd0b2, 0x28766127), TOBN(0xabdbe608, 0x4fb7db2b),
-     TOBN(0x837c9228, 0x5e1109e8), TOBN(0x26147d27, 0xf4645b5a),
-     TOBN(0x4d78f592, 0xf7818ed8), TOBN(0xd394077e, 0xf247fa36),
-     TOBN(0x0fb9c2d0, 0x488c171a), TOBN(0xa78bfbaa, 0x13685278),
-     TOBN(0xedfbe268, 0xd5b1fa6a), TOBN(0x0dceb8db, 0x2b7eaba7),
-     TOBN(0xbf9e8089, 0x9ae2b710), TOBN(0xefde7ae6, 0xa4449c96),
-     TOBN(0x43b7716b, 0xcc143a46), TOBN(0xd7d34194, 0xc3628c13),
-     TOBN(0x508cec1c, 0x3b3f64c9), TOBN(0xe20bc0ba, 0x1e5edf3f),
-     TOBN(0xda1deb85, 0x2f4318d4), TOBN(0xd20ebe0d, 0x5c3fa443),
-     TOBN(0x370b4ea7, 0x73241ea3), TOBN(0x61f1511c, 0x5e1a5f65),
-     TOBN(0x99a5e23d, 0x82681c62), TOBN(0xd731e383, 0xa2f54c2d),
-     TOBN(0x2692f36e, 0x83445904), TOBN(0x2e0ec469, 0xaf45f9c0),
-     TOBN(0x905a3201, 0xc67528b7), TOBN(0x88f77f34, 0xd0e5e542),
-     TOBN(0xf67a8d29, 0x5864687c), TOBN(0x23b92eae, 0x22df3562),
-     TOBN(0x5c27014b, 0x9bbec39e), TOBN(0x7ef2f226, 0x9c0f0f8d),
-     TOBN(0x97359638, 0x546c4d8d), TOBN(0x5f9c3fc4, 0x92f24679),
-     TOBN(0x912e8bed, 0xa8c8acd9), TOBN(0xec3a318d, 0x306634b0),
-     TOBN(0x80167f41, 0xc31cb264), TOBN(0x3db82f6f, 0x522113f2),
-     TOBN(0xb155bcd2, 0xdcafe197), TOBN(0xfba1da59, 0x43465283),
-     TOBN(0xa0425b8e, 0xb212cf53), TOBN(0x4f2e512e, 0xf8557c5f),
-     TOBN(0xc1286ff9, 0x25c4d56c), TOBN(0xbb8a0fea, 0xee26c851),
-     TOBN(0xc28f70d2, 0xe7d6107e), TOBN(0x7ee0c444, 0xe76265aa),
-     TOBN(0x3df277a4, 0x1d1936b1), TOBN(0x1a556e3f, 0xea9595eb),
-     TOBN(0x258bbbf9, 0xe7305683), TOBN(0x31eea5bf, 0x07ef5be6),
-     TOBN(0x0deb0e4a, 0x46c814c1), TOBN(0x5cee8449, 0xa7b730dd),
-     TOBN(0xeab495c5, 0xa0182bde), TOBN(0xee759f87, 0x9e27a6b4),
-     TOBN(0xc2cf6a68, 0x80e518ca), TOBN(0x25e8013f, 0xf14cf3f4),
-     TOBN(0x8fc44140, 0x7e8d7a14), TOBN(0xbb1ff3ca, 0x9556f36a),
-     TOBN(0x6a844385, 0x14600044), TOBN(0xba3f0c4a, 0x7451ae63),
-     TOBN(0xdfcac25b, 0x1f9af32a), TOBN(0x01e0db86, 0xb1f2214b),
-     TOBN(0x4e9a5bc2, 0xa4b596ac), TOBN(0x83927681, 0x026c2c08),
-     TOBN(0x3ec832e7, 0x7acaca28), TOBN(0x1bfeea57, 0xc7385b29),
-     TOBN(0x068212e3, 0xfd1eaf38), TOBN(0xc1329830, 0x6acf8ccc),
-     TOBN(0xb909f2db, 0x2aac9e59), TOBN(0x5748060d, 0xb661782a),
-     TOBN(0xc5ab2632, 0xc79b7a01), TOBN(0xda44c6c6, 0x00017626),
-     TOBN(0xf26c00e8, 0xa7ea82f0), TOBN(0x99cac80d, 0xe4299aaf),
-     TOBN(0xd66fe3b6, 0x7ed78be1), TOBN(0x305f725f, 0x648d02cd),
-     TOBN(0x33ed1bc4, 0x623fb21b), TOBN(0xfa70533e, 0x7a6319ad),
-     TOBN(0x17ab562d, 0xbe5ffb3e), TOBN(0x06374994, 0x56674741),
-     TOBN(0x69d44ed6, 0x5c46aa8e), TOBN(0x2100d5d3, 0xa8d063d1),
-     TOBN(0xcb9727ea, 0xa2d17c36), TOBN(0x4c2bab1b, 0x8add53b7),
-     TOBN(0xa084e90c, 0x15426704), TOBN(0x778afcd3, 0xa837ebea),
-     TOBN(0x6651f701, 0x7ce477f8), TOBN(0xa0624998, 0x46fb7a8b),
-     TOBN(0xdc1e6828, 0xed8a6e19), TOBN(0x33fc2336, 0x4189d9c7),
-     TOBN(0x026f8fe2, 0x671c39bc), TOBN(0xd40c4ccd, 0xbc6f9915),
-     TOBN(0xafa135bb, 0xf80e75ca), TOBN(0x12c651a0, 0x22adff2c),
-     TOBN(0xc40a04bd, 0x4f51ad96), TOBN(0x04820109, 0xbbe4e832),
-     TOBN(0x3667eb1a, 0x7f4c04cc), TOBN(0x59556621, 0xa9404f84),
-     TOBN(0x71cdf653, 0x7eceb50a), TOBN(0x994a44a6, 0x9b8335fa),
-     TOBN(0xd7faf819, 0xdbeb9b69), TOBN(0x473c5680, 0xeed4350d),
-     TOBN(0xb6658466, 0xda44bba2), TOBN(0x0d1bc780, 0x872bdbf3),
-     TOBN(0xe535f175, 0xa1962f91), TOBN(0x6ed7e061, 0xed58f5a7),
-     TOBN(0x177aa4c0, 0x2089a233), TOBN(0x0dbcb03a, 0xe539b413),
-     TOBN(0xe3dc424e, 0xbb32e38e), TOBN(0x6472e5ef, 0x6806701e),
-     TOBN(0xdd47ff98, 0x814be9ee), TOBN(0x6b60cfff, 0x35ace009),
-     TOBN(0xb8d3d931, 0x9ff91fe5), TOBN(0x039c4800, 0xf0518eed),
-     TOBN(0x95c37632, 0x9182cb26), TOBN(0x0763a434, 0x82fc568d),
-     TOBN(0x707c04d5, 0x383e76ba), TOBN(0xac98b930, 0x824e8197),
-     TOBN(0x92bf7c8f, 0x91230de0), TOBN(0x90876a01, 0x40959b70),
-     TOBN(0xdb6d96f3, 0x05968b80), TOBN(0x380a0913, 0x089f73b9),
-     TOBN(0x7da70b83, 0xc2c61e01), TOBN(0x95fb8394, 0x569b38c7),
-     TOBN(0x9a3c6512, 0x80edfe2f), TOBN(0x8f726bb9, 0x8faeaf82),
-     TOBN(0x8010a4a0, 0x78424bf8), TOBN(0x29672044, 0x0e844970)}
-    ,
-    {TOBN(0x63c5cb81, 0x7a2ad62a), TOBN(0x7ef2b6b9, 0xac62ff54),
-     TOBN(0x3749bba4, 0xb3ad9db5), TOBN(0xad311f2c, 0x46d5a617),
-     TOBN(0xb77a8087, 0xc2ff3b6d), TOBN(0xb46feaf3, 0x367834ff),
-     TOBN(0xf8aa266d, 0x75d6b138), TOBN(0xfa38d320, 0xec008188),
-     TOBN(0x486d8ffa, 0x696946fc), TOBN(0x50fbc6d8, 0xb9cba56d),
-     TOBN(0x7e3d423e, 0x90f35a15), TOBN(0x7c3da195, 0xc0dd962c),
-     TOBN(0xe673fdb0, 0x3cfd5d8b), TOBN(0x0704b7c2, 0x889dfca5),
-     TOBN(0xf6ce581f, 0xf52305aa), TOBN(0x399d49eb, 0x914d5e53),
-     TOBN(0x380a496d, 0x6ec293cd), TOBN(0x733dbda7, 0x8e7051f5),
-     TOBN(0x037e388d, 0xb849140a), TOBN(0xee4b32b0, 0x5946dbf6),
-     TOBN(0xb1c4fda9, 0xcae368d1), TOBN(0x5001a7b0, 0xfdb0b2f3),
-     TOBN(0x6df59374, 0x2e3ac46e), TOBN(0x4af675f2, 0x39b3e656),
-     TOBN(0x44e38110, 0x39949296), TOBN(0x5b63827b, 0x361db1b5),
-     TOBN(0x3e5323ed, 0x206eaff5), TOBN(0x942370d2, 0xc21f4290),
-     TOBN(0xf2caaf2e, 0xe0d985a1), TOBN(0x192cc64b, 0x7239846d),
-     TOBN(0x7c0b8f47, 0xae6312f8), TOBN(0x7dc61f91, 0x96620108),
-     TOBN(0xb830fb5b, 0xc2da7de9), TOBN(0xd0e643df, 0x0ff8d3be),
-     TOBN(0x31ee77ba, 0x188a9641), TOBN(0x4e8aa3aa, 0xbcf6d502),
-     TOBN(0xf9fb6532, 0x9a49110f), TOBN(0xd18317f6, 0x2dd6b220),
-     TOBN(0x7e3ced41, 0x52c3ea5a), TOBN(0x0d296a14, 0x7d579c4a),
-     TOBN(0x35d6a53e, 0xed4c3717), TOBN(0x9f8240cf, 0x3d0ed2a3),
-     TOBN(0x8c0d4d05, 0xe5543aa5), TOBN(0x45d5bbfb, 0xdd33b4b4),
-     TOBN(0xfa04cc73, 0x137fd28e), TOBN(0x862ac6ef, 0xc73b3ffd),
-     TOBN(0x403ff9f5, 0x31f51ef2), TOBN(0x34d5e0fc, 0xbc73f5a2),
-     TOBN(0xf2526820, 0x08913f4f), TOBN(0xea20ed61, 0xeac93d95),
-     TOBN(0x51ed38b4, 0x6ca6b26c), TOBN(0x8662dcbc, 0xea4327b0),
-     TOBN(0x6daf295c, 0x725d2aaa), TOBN(0xbad2752f, 0x8e52dcda),
-     TOBN(0x2210e721, 0x0b17dacc), TOBN(0xa37f7912, 0xd51e8232),
-     TOBN(0x4f7081e1, 0x44cc3add), TOBN(0xd5ffa1d6, 0x87be82cf),
-     TOBN(0x89890b6c, 0x0edd6472), TOBN(0xada26e1a, 0x3ed17863),
-     TOBN(0x276f2715, 0x63483caa), TOBN(0xe6924cd9, 0x2f6077fd),
-     TOBN(0x05a7fe98, 0x0a466e3c), TOBN(0xf1c794b0, 0xb1902d1f),
-     TOBN(0xe5213688, 0x82a8042c), TOBN(0xd931cfaf, 0xcd278298),
-     TOBN(0x069a0ae0, 0xf597a740), TOBN(0x0adbb3f3, 0xeb59107c),
-     TOBN(0x983e951e, 0x5eaa8eb8), TOBN(0xe663a8b5, 0x11b48e78),
-     TOBN(0x1631cc0d, 0x8a03f2c5), TOBN(0x7577c11e, 0x11e271e2),
-     TOBN(0x33b2385c, 0x08369a90), TOBN(0x2990c59b, 0x190eb4f8),
-     TOBN(0x819a6145, 0xc68eac80), TOBN(0x7a786d62, 0x2ec4a014),
-     TOBN(0x33faadbe, 0x20ac3a8d), TOBN(0x31a21781, 0x5aba2d30),
-     TOBN(0x209d2742, 0xdba4f565), TOBN(0xdb2ce9e3, 0x55aa0fbb),
-     TOBN(0x8cef334b, 0x168984df), TOBN(0xe81dce17, 0x33879638),
-     TOBN(0xf6e6949c, 0x263720f0), TOBN(0x5c56feaf, 0xf593cbec),
-     TOBN(0x8bff5601, 0xfde58c84), TOBN(0x74e24117, 0x2eccb314),
-     TOBN(0xbcf01b61, 0x4c9a8a78), TOBN(0xa233e35e, 0x544c9868),
-     TOBN(0xb3156bf3, 0x8bd7aff1), TOBN(0x1b5ee4cb, 0x1d81b146),
-     TOBN(0x7ba1ac41, 0xd628a915), TOBN(0x8f3a8f9c, 0xfd89699e),
-     TOBN(0x7329b9c9, 0xa0748be7), TOBN(0x1d391c95, 0xa92e621f),
-     TOBN(0xe51e6b21, 0x4d10a837), TOBN(0xd255f53a, 0x4947b435),
-     TOBN(0x07669e04, 0xf1788ee3), TOBN(0xc14f27af, 0xa86938a2),
-     TOBN(0x8b47a334, 0xe93a01c0), TOBN(0xff627438, 0xd9366808),
-     TOBN(0x7a0985d8, 0xca2a5965), TOBN(0x3d9a5542, 0xd6e9b9b3),
-     TOBN(0xc23eb80b, 0x4cf972e8), TOBN(0x5c1c33bb, 0x4fdf72fd),
-     TOBN(0x0c4a58d4, 0x74a86108), TOBN(0xf8048a8f, 0xee4c5d90),
-     TOBN(0xe3c7c924, 0xe86d4c80), TOBN(0x28c889de, 0x056a1e60),
-     TOBN(0x57e2662e, 0xb214a040), TOBN(0xe8c48e98, 0x37e10347),
-     TOBN(0x87742862, 0x80ac748a), TOBN(0xf1c24022, 0x186b06f2),
-     TOBN(0xac2dd4c3, 0x5f74040a), TOBN(0x409aeb71, 0xfceac957),
-     TOBN(0x4fbad782, 0x55c4ec23), TOBN(0xb359ed61, 0x8a7b76ec),
-     TOBN(0x12744926, 0xed6f4a60), TOBN(0xe21e8d7f, 0x4b912de3),
-     TOBN(0xe2575a59, 0xfc705a59), TOBN(0x72f1d4de, 0xed2dbc0e),
-     TOBN(0x3d2b24b9, 0xeb7926b8), TOBN(0xbff88cb3, 0xcdbe5509),
-     TOBN(0xd0f399af, 0xe4dd640b), TOBN(0x3c5fe130, 0x2f76ed45),
-     TOBN(0x6f3562f4, 0x3764fb3d), TOBN(0x7b5af318, 0x3151b62d),
-     TOBN(0xd5bd0bc7, 0xd79ce5f3), TOBN(0xfdaf6b20, 0xec66890f),
-     TOBN(0x735c67ec, 0x6063540c), TOBN(0x50b259c2, 0xe5f9cb8f),
-     TOBN(0xb8734f9a, 0x3f99c6ab), TOBN(0xf8cc13d5, 0xa3a7bc85),
-     TOBN(0x80c1b305, 0xc5217659), TOBN(0xfe5364d4, 0x4ec12a54),
-     TOBN(0xbd87045e, 0x681345fe), TOBN(0x7f8efeb1, 0x582f897f),
-     TOBN(0xe8cbf1e5, 0xd5923359), TOBN(0xdb0cea9d, 0x539b9fb0),
-     TOBN(0x0c5b34cf, 0x49859b98), TOBN(0x5e583c56, 0xa4403cc6),
-     TOBN(0x11fc1a2d, 0xd48185b7), TOBN(0xc93fbc7e, 0x6e521787),
-     TOBN(0x47e7a058, 0x05105b8b), TOBN(0x7b4d4d58, 0xdb8260c8),
-     TOBN(0xe33930b0, 0x46eb842a), TOBN(0x8e844a9a, 0x7bdae56d),
-     TOBN(0x34ef3a9e, 0x13f7fdfc), TOBN(0xb3768f82, 0x636ca176),
-     TOBN(0x2821f4e0, 0x4e09e61c), TOBN(0x414dc3a1, 0xa0c7cddc),
-     TOBN(0xd5379437, 0x54945fcd), TOBN(0x151b6eef, 0xb3555ff1),
-     TOBN(0xb31bd613, 0x6339c083), TOBN(0x39ff8155, 0xdfb64701),
-     TOBN(0x7c3388d2, 0xe29604ab), TOBN(0x1e19084b, 0xa6b10442),
-     TOBN(0x17cf54c0, 0xeccd47ef), TOBN(0x89693385, 0x4a5dfb30),
-     TOBN(0x69d023fb, 0x47daf9f6), TOBN(0x9222840b, 0x7d91d959),
-     TOBN(0x439108f5, 0x803bac62), TOBN(0x0b7dd91d, 0x379bd45f),
-     TOBN(0xd651e827, 0xca63c581), TOBN(0x5c5d75f6, 0x509c104f),
-     TOBN(0x7d5fc738, 0x1f2dc308), TOBN(0x20faa7bf, 0xd98454be),
-     TOBN(0x95374bee, 0xa517b031), TOBN(0xf036b9b1, 0x642692ac),
-     TOBN(0xc5106109, 0x39842194), TOBN(0xb7e2353e, 0x49d05295),
-     TOBN(0xfc8c1d5c, 0xefb42ee0), TOBN(0xe04884eb, 0x08ce811c),
-     TOBN(0xf1f75d81, 0x7419f40e), TOBN(0x5b0ac162, 0xa995c241),
-     TOBN(0x120921bb, 0xc4c55646), TOBN(0x713520c2, 0x8d33cf97),
-     TOBN(0xb4a65a5c, 0xe98c5100), TOBN(0x6cec871d, 0x2ddd0f5a),
-     TOBN(0x251f0b7f, 0x9ba2e78b), TOBN(0x224a8434, 0xce3a2a5f),
-     TOBN(0x26827f61, 0x25f5c46f), TOBN(0x6a22bedc, 0x48545ec0),
-     TOBN(0x25ae5fa0, 0xb1bb5cdc), TOBN(0xd693682f, 0xfcb9b98f),
-     TOBN(0x32027fe8, 0x91e5d7d3), TOBN(0xf14b7d17, 0x73a07678),
-     TOBN(0xf88497b3, 0xc0dfdd61), TOBN(0xf7c2eec0, 0x2a8c4f48),
-     TOBN(0xaa5573f4, 0x3756e621), TOBN(0xc013a240, 0x1825b948),
-     TOBN(0x1c03b345, 0x63878572), TOBN(0xa0472bea, 0x653a4184),
-     TOBN(0xf4222e27, 0x0ac69a80), TOBN(0x34096d25, 0xf51e54f6),
-     TOBN(0x00a648cb, 0x8fffa591), TOBN(0x4e87acdc, 0x69b6527f),
-     TOBN(0x0575e037, 0xe285ccb4), TOBN(0x188089e4, 0x50ddcf52),
-     TOBN(0xaa96c9a8, 0x870ff719), TOBN(0x74a56cd8, 0x1fc7e369),
-     TOBN(0x41d04ee2, 0x1726931a), TOBN(0x0bbbb2c8, 0x3660ecfd),
-     TOBN(0xa6ef6de5, 0x24818e18), TOBN(0xe421cc51, 0xe7d57887),
-     TOBN(0xf127d208, 0xbea87be6), TOBN(0x16a475d3, 0xb1cdd682),
-     TOBN(0x9db1b684, 0x439b63f7), TOBN(0x5359b3db, 0xf0f113b6),
-     TOBN(0xdfccf1de, 0x8bf06e31), TOBN(0x1fdf8f44, 0xdd383901),
-     TOBN(0x10775cad, 0x5017e7d2), TOBN(0xdfc3a597, 0x58d11eef),
-     TOBN(0x6ec9c8a0, 0xb1ecff10), TOBN(0xee6ed6cc, 0x28400549),
-     TOBN(0xb5ad7bae, 0x1b4f8d73), TOBN(0x61b4f11d, 0xe00aaab9),
-     TOBN(0x7b32d69b, 0xd4eff2d7), TOBN(0x88ae6771, 0x4288b60f),
-     TOBN(0x159461b4, 0x37a1e723), TOBN(0x1f3d4789, 0x570aae8c),
-     TOBN(0x869118c0, 0x7f9871da), TOBN(0x35fbda78, 0xf635e278),
-     TOBN(0x738f3641, 0xe1541dac), TOBN(0x6794b13a, 0xc0dae45f),
-     TOBN(0x065064ac, 0x09cc0917), TOBN(0x27c53729, 0xc68540fd),
-     TOBN(0x0d2d4c8e, 0xef227671), TOBN(0xd23a9f80, 0xa1785a04),
-     TOBN(0x98c59528, 0x52650359), TOBN(0xfa09ad01, 0x74a1acad),
-     TOBN(0x082d5a29, 0x0b55bf5c), TOBN(0xa40f1c67, 0x419b8084),
-     TOBN(0x3a5c752e, 0xdcc18770), TOBN(0x4baf1f2f, 0x8825c3a5),
-     TOBN(0xebd63f74, 0x21b153ed), TOBN(0xa2383e47, 0xb2f64723),
-     TOBN(0xe7bf620a, 0x2646d19a), TOBN(0x56cb44ec, 0x03c83ffd),
-     TOBN(0xaf7267c9, 0x4f6be9f1), TOBN(0x8b2dfd7b, 0xc06bb5e9),
-     TOBN(0xb87072f2, 0xa672c5c7), TOBN(0xeacb11c8, 0x0d53c5e2),
-     TOBN(0x22dac29d, 0xff435932), TOBN(0x37bdb99d, 0x4408693c),
-     TOBN(0xf6e62fb6, 0x2899c20f), TOBN(0x3535d512, 0x447ece24),
-     TOBN(0xfbdc6b88, 0xff577ce3), TOBN(0x726693bd, 0x190575f2),
-     TOBN(0x6772b0e5, 0xab4b35a2), TOBN(0x1d8b6001, 0xf5eeaacf),
-     TOBN(0x728f7ce4, 0x795b9580), TOBN(0x4a20ed2a, 0x41fb81da),
-     TOBN(0x9f685cd4, 0x4fec01e6), TOBN(0x3ed7ddcc, 0xa7ff50ad),
-     TOBN(0x460fd264, 0x0c2d97fd), TOBN(0x3a241426, 0xeb82f4f9),
-     TOBN(0x17d1df2c, 0x6a8ea820), TOBN(0xb2b50d3b, 0xf22cc254),
-     TOBN(0x03856cba, 0xb7291426), TOBN(0x87fd26ae, 0x04f5ee39),
-     TOBN(0x9cb696cc, 0x02bee4ba), TOBN(0x53121804, 0x06820fd6),
-     TOBN(0xa5dfc269, 0x0212e985), TOBN(0x666f7ffa, 0x160f9a09),
-     TOBN(0xc503cd33, 0xbccd9617), TOBN(0x365dede4, 0xba7730a3),
-     TOBN(0x798c6355, 0x5ddb0786), TOBN(0xa6c3200e, 0xfc9cd3bc),
-     TOBN(0x060ffb2c, 0xe5e35efd), TOBN(0x99a4e25b, 0x5555a1c1),
-     TOBN(0x11d95375, 0xf70b3751), TOBN(0x0a57354a, 0x160e1bf6),
-     TOBN(0xecb3ae4b, 0xf8e4b065), TOBN(0x07a834c4, 0x2e53022b),
-     TOBN(0x1cd300b3, 0x8692ed96), TOBN(0x16a6f792, 0x61ee14ec),
-     TOBN(0x8f1063c6, 0x6a8649ed), TOBN(0xfbcdfcfe, 0x869f3e14),
-     TOBN(0x2cfb97c1, 0x00a7b3ec), TOBN(0xcea49b3c, 0x7130c2f1),
-     TOBN(0x462d044f, 0xe9d96488), TOBN(0x4b53d52e, 0x8182a0c1),
-     TOBN(0x84b6ddd3, 0x0391e9e9), TOBN(0x80ab7b48, 0xb1741a09),
-     TOBN(0xec0e15d4, 0x27d3317f), TOBN(0x8dfc1ddb, 0x1a64671e),
-     TOBN(0x93cc5d5f, 0xd49c5b92), TOBN(0xc995d53d, 0x3674a331),
-     TOBN(0x302e41ec, 0x090090ae), TOBN(0x2278a0cc, 0xedb06830),
-     TOBN(0x1d025932, 0xfbc99690), TOBN(0x0c32fbd2, 0xb80d68da),
-     TOBN(0xd79146da, 0xf341a6c1), TOBN(0xae0ba139, 0x1bef68a0),
-     TOBN(0xc6b8a563, 0x8d774b3a), TOBN(0x1cf307bd, 0x880ba4d7),
-     TOBN(0xc033bdc7, 0x19803511), TOBN(0xa9f97b3b, 0x8888c3be),
-     TOBN(0x3d68aebc, 0x85c6d05e), TOBN(0xc3b88a9d, 0x193919eb),
-     TOBN(0x2d300748, 0xc48b0ee3), TOBN(0x7506bc7c, 0x07a746c1),
-     TOBN(0xfc48437c, 0x6e6d57f3), TOBN(0x5bd71587, 0xcfeaa91a),
-     TOBN(0xa4ed0408, 0xc1bc5225), TOBN(0xd0b946db, 0x2719226d),
-     TOBN(0x109ecd62, 0x758d2d43), TOBN(0x75c8485a, 0x2751759b),
-     TOBN(0xb0b75f49, 0x9ce4177a), TOBN(0x4fa61a1e, 0x79c10c3d),
-     TOBN(0xc062d300, 0xa167fcd7), TOBN(0x4df3874c, 0x750f0fa8),
-     TOBN(0x29ae2cf9, 0x83dfedc9), TOBN(0xf8437134, 0x8d87631a),
-     TOBN(0xaf571711, 0x7429c8d2), TOBN(0x18d15867, 0x146d9272),
-     TOBN(0x83053ecf, 0x69769bb7), TOBN(0xc55eb856, 0xc479ab82),
-     TOBN(0x5ef7791c, 0x21b0f4b2), TOBN(0xaa5956ba, 0x3d491525),
-     TOBN(0x407a96c2, 0x9fe20eba), TOBN(0xf27168bb, 0xe52a5ad3),
-     TOBN(0x43b60ab3, 0xbf1d9d89), TOBN(0xe45c51ef, 0x710e727a),
-     TOBN(0xdfca5276, 0x099b4221), TOBN(0x8dc6407c, 0x2557a159),
-     TOBN(0x0ead8335, 0x91035895), TOBN(0x0a9db957, 0x9c55dc32),
-     TOBN(0xe40736d3, 0xdf61bc76), TOBN(0x13a619c0, 0x3f778cdb),
-     TOBN(0x6dd921a4, 0xc56ea28f), TOBN(0x76a52433, 0x2fa647b4),
-     TOBN(0x23591891, 0xac5bdc5d), TOBN(0xff4a1a72, 0xbac7dc01),
-     TOBN(0x9905e261, 0x62df8453), TOBN(0x3ac045df, 0xe63b265f),
-     TOBN(0x8a3f341b, 0xad53dba7), TOBN(0x8ec269cc, 0x837b625a),
-     TOBN(0xd71a2782, 0x3ae31189), TOBN(0x8fb4f9a3, 0x55e96120),
-     TOBN(0x804af823, 0xff9875cf), TOBN(0x23224f57, 0x5d442a9b),
-     TOBN(0x1c4d3b9e, 0xecc62679), TOBN(0x91da22fb, 0xa0e7ddb1),
-     TOBN(0xa370324d, 0x6c04a661), TOBN(0x9710d3b6, 0x5e376d17),
-     TOBN(0xed8c98f0, 0x3044e357), TOBN(0xc364ebbe, 0x6422701c),
-     TOBN(0x347f5d51, 0x7733d61c), TOBN(0xd55644b9, 0xcea826c3),
-     TOBN(0x80c6e0ad, 0x55a25548), TOBN(0x0aa7641d, 0x844220a7),
-     TOBN(0x1438ec81, 0x31810660), TOBN(0x9dfa6507, 0xde4b4043),
-     TOBN(0x10b515d8, 0xcc3e0273), TOBN(0x1b6066dd, 0x28d8cfb2),
-     TOBN(0xd3b04591, 0x9c9efebd), TOBN(0x425d4bdf, 0xa21c1ff4),
-     TOBN(0x5fe5af19, 0xd57607d3), TOBN(0xbbf773f7, 0x54481084),
-     TOBN(0x8435bd69, 0x94b03ed1), TOBN(0xd9ad1de3, 0x634cc546),
-     TOBN(0x2cf423fc, 0x00e420ca), TOBN(0xeed26d80, 0xa03096dd),
-     TOBN(0xd7f60be7, 0xa4db09d2), TOBN(0xf47f569d, 0x960622f7),
-     TOBN(0xe5925fd7, 0x7296c729), TOBN(0xeff2db26, 0x26ca2715),
-     TOBN(0xa6fcd014, 0xb913e759), TOBN(0x53da4786, 0x8ff4de93),
-     TOBN(0x14616d79, 0xc32068e1), TOBN(0xb187d664, 0xccdf352e),
-     TOBN(0xf7afb650, 0x1dc90b59), TOBN(0x8170e943, 0x7daa1b26),
-     TOBN(0xc8e3bdd8, 0x700c0a84), TOBN(0x6e8d345f, 0x6482bdfa),
-     TOBN(0x84cfbfa1, 0xc5c5ea50), TOBN(0xd3baf14c, 0x67960681),
-     TOBN(0x26398403, 0x0dd50942), TOBN(0xe4b7839c, 0x4716a663),
-     TOBN(0xd5f1f794, 0xe7de6dc0), TOBN(0x5cd0f4d4, 0x622aa7ce),
-     TOBN(0x5295f3f1, 0x59acfeec), TOBN(0x8d933552, 0x953e0607),
-     TOBN(0xc7db8ec5, 0x776c5722), TOBN(0xdc467e62, 0x2b5f290c),
-     TOBN(0xd4297e70, 0x4ff425a9), TOBN(0x4be924c1, 0x0cf7bb72),
-     TOBN(0x0d5dc5ae, 0xa1892131), TOBN(0x8bf8a8e3, 0xa705c992),
-     TOBN(0x73a0b064, 0x7a305ac5), TOBN(0x00c9ca4e, 0x9a8c77a8),
-     TOBN(0x5dfee80f, 0x83774bdd), TOBN(0x63131602, 0x85734485),
-     TOBN(0xa1b524ae, 0x914a69a9), TOBN(0xebc2ffaf, 0xd4e300d7),
-     TOBN(0x52c93db7, 0x7cfa46a5), TOBN(0x71e6161f, 0x21653b50),
-     TOBN(0x3574fc57, 0xa4bc580a), TOBN(0xc09015dd, 0xe1bc1253),
-     TOBN(0x4b7b47b2, 0xd174d7aa), TOBN(0x4072d8e8, 0xf3a15d04),
-     TOBN(0xeeb7d47f, 0xd6fa07ed), TOBN(0x6f2b9ff9, 0xedbdafb1),
-     TOBN(0x18c51615, 0x3760fe8a), TOBN(0x7a96e6bf, 0xf06c6c13),
-     TOBN(0x4d7a0410, 0x0ea2d071), TOBN(0xa1914e9b, 0x0be2a5ce),
-     TOBN(0x5726e357, 0xd8a3c5cf), TOBN(0x1197ecc3, 0x2abb2b13),
-     TOBN(0x6c0d7f7f, 0x31ae88dd), TOBN(0x15b20d1a, 0xfdbb3efe),
-     TOBN(0xcd06aa26, 0x70584039), TOBN(0x2277c969, 0xa7dc9747),
-     TOBN(0xbca69587, 0x7855d815), TOBN(0x899ea238, 0x5188b32a),
-     TOBN(0x37d9228b, 0x760c1c9d), TOBN(0xc7efbb11, 0x9b5c18da),
-     TOBN(0x7f0d1bc8, 0x19f6dbc5), TOBN(0x4875384b, 0x07e6905b),
-     TOBN(0xc7c50baa, 0x3ba8cd86), TOBN(0xb0ce40fb, 0xc2905de0),
-     TOBN(0x70840673, 0x7a231952), TOBN(0xa912a262, 0xcf43de26),
-     TOBN(0x9c38ddcc, 0xeb5b76c1), TOBN(0x746f5285, 0x26fc0ab4),
-     TOBN(0x52a63a50, 0xd62c269f), TOBN(0x60049c55, 0x99458621),
-     TOBN(0xe7f48f82, 0x3c2f7c9e), TOBN(0x6bd99043, 0x917d5cf3),
-     TOBN(0xeb1317a8, 0x8701f469), TOBN(0xbd3fe2ed, 0x9a449fe0),
-     TOBN(0x421e79ca, 0x12ef3d36), TOBN(0x9ee3c36c, 0x3e7ea5de),
-     TOBN(0xe48198b5, 0xcdff36f7), TOBN(0xaff4f967, 0xc6b82228),
-     TOBN(0x15e19dd0, 0xc47adb7e), TOBN(0x45699b23, 0x032e7dfa),
-     TOBN(0x40680c8b, 0x1fae026a), TOBN(0x5a347a48, 0x550dbf4d),
-     TOBN(0xe652533b, 0x3cef0d7d), TOBN(0xd94f7b18, 0x2bbb4381),
-     TOBN(0x838752be, 0x0e80f500), TOBN(0x8e6e2488, 0x9e9c9bfb),
-     TOBN(0xc9751697, 0x16caca6a), TOBN(0x866c49d8, 0x38531ad9),
-     TOBN(0xc917e239, 0x7151ade1), TOBN(0x2d016ec1, 0x6037c407),
-     TOBN(0xa407ccc9, 0x00eac3f9), TOBN(0x835f6280, 0xe2ed4748),
-     TOBN(0xcc54c347, 0x1cc98e0d), TOBN(0x0e969937, 0xdcb572eb),
-     TOBN(0x1b16c8e8, 0x8f30c9cb), TOBN(0xa606ae75, 0x373c4661),
-     TOBN(0x47aa689b, 0x35502cab), TOBN(0xf89014ae, 0x4d9bb64f),
-     TOBN(0x202f6a9c, 0x31c71f7b), TOBN(0x01f95aa3, 0x296ffe5c),
-     TOBN(0x5fc06014, 0x53cec3a3), TOBN(0xeb991237, 0x5f498a45),
-     TOBN(0xae9a935e, 0x5d91ba87), TOBN(0xc6ac6281, 0x0b564a19),
-     TOBN(0x8a8fe81c, 0x3bd44e69), TOBN(0x7c8b467f, 0x9dd11d45),
-     TOBN(0xf772251f, 0xea5b8e69), TOBN(0xaeecb3bd, 0xc5b75fbc),
-     TOBN(0x1aca3331, 0x887ff0e5), TOBN(0xbe5d49ff, 0x19f0a131),
-     TOBN(0x582c13aa, 0xe5c8646f), TOBN(0xdbaa12e8, 0x20e19980),
-     TOBN(0x8f40f31a, 0xf7abbd94), TOBN(0x1f13f5a8, 0x1dfc7663),
-     TOBN(0x5d81f1ee, 0xaceb4fc0), TOBN(0x36256002, 0x5e6f0f42),
-     TOBN(0x4b67d6d7, 0x751370c8), TOBN(0x2608b698, 0x03e80589),
-     TOBN(0xcfc0d2fc, 0x05268301), TOBN(0xa6943d39, 0x40309212),
-     TOBN(0x192a90c2, 0x1fd0e1c2), TOBN(0xb209f113, 0x37f1dc76),
-     TOBN(0xefcc5e06, 0x97bf1298), TOBN(0xcbdb6730, 0x219d639e),
-     TOBN(0xd009c116, 0xb81e8c6f), TOBN(0xa3ffdde3, 0x1a7ce2e5),
-     TOBN(0xc53fbaaa, 0xa914d3ba), TOBN(0x836d500f, 0x88df85ee),
-     TOBN(0xd98dc71b, 0x66ee0751), TOBN(0x5a3d7005, 0x714516fd),
-     TOBN(0x21d3634d, 0x39eedbba), TOBN(0x35cd2e68, 0x0455a46d),
-     TOBN(0xc8cafe65, 0xf9d7eb0c), TOBN(0xbda3ce9e, 0x00cefb3e),
-     TOBN(0xddc17a60, 0x2c9cf7a4), TOBN(0x01572ee4, 0x7bcb8773),
-     TOBN(0xa92b2b01, 0x8c7548df), TOBN(0x732fd309, 0xa84600e3),
-     TOBN(0xe22109c7, 0x16543a40), TOBN(0x9acafd36, 0xfede3c6c),
-     TOBN(0xfb206852, 0x6824e614), TOBN(0x2a4544a9, 0xda25dca0),
-     TOBN(0x25985262, 0x91d60b06), TOBN(0x281b7be9, 0x28753545),
-     TOBN(0xec667b1a, 0x90f13b27), TOBN(0x33a83aff, 0x940e2eb4),
-     TOBN(0x80009862, 0xd5d721d5), TOBN(0x0c3357a3, 0x5bd3a182),
-     TOBN(0x27f3a83b, 0x7aa2cda4), TOBN(0xb58ae74e, 0xf6f83085),
-     TOBN(0x2a911a81, 0x2e6dad6b), TOBN(0xde286051, 0xf43d6c5b),
-     TOBN(0x4bdccc41, 0xf996c4d8), TOBN(0xe7312ec0, 0x0ae1e24e)}
-    ,
-    {TOBN(0xf8d112e7, 0x6e6485b3), TOBN(0x4d3e24db, 0x771c52f8),
-     TOBN(0x48e3ee41, 0x684a2f6d), TOBN(0x7161957d, 0x21d95551),
-     TOBN(0x19631283, 0xcdb12a6c), TOBN(0xbf3fa882, 0x2e50e164),
-     TOBN(0xf6254b63, 0x3166cc73), TOBN(0x3aefa7ae, 0xaee8cc38),
-     TOBN(0x79b0fe62, 0x3b36f9fd), TOBN(0x26543b23, 0xfde19fc0),
-     TOBN(0x136e64a0, 0x958482ef), TOBN(0x23f63771, 0x9b095825),
-     TOBN(0x14cfd596, 0xb6a1142e), TOBN(0x5ea6aac6, 0x335aac0b),
-     TOBN(0x86a0e8bd, 0xf3081dd5), TOBN(0x5fb89d79, 0x003dc12a),
-     TOBN(0xf615c33a, 0xf72e34d4), TOBN(0x0bd9ea40, 0x110eec35),
-     TOBN(0x1c12bc5b, 0xc1dea34e), TOBN(0x686584c9, 0x49ae4699),
-     TOBN(0x13ad95d3, 0x8c97b942), TOBN(0x4609561a, 0x4e5c7562),
-     TOBN(0x9e94a4ae, 0xf2737f89), TOBN(0xf57594c6, 0x371c78b6),
-     TOBN(0x0f0165fc, 0xe3779ee3), TOBN(0xe00e7f9d, 0xbd495d9e),
-     TOBN(0x1fa4efa2, 0x20284e7a), TOBN(0x4564bade, 0x47ac6219),
-     TOBN(0x90e6312a, 0xc4708e8e), TOBN(0x4f5725fb, 0xa71e9adf),
-     TOBN(0xe95f55ae, 0x3d684b9f), TOBN(0x47f7ccb1, 0x1e94b415),
-     TOBN(0x7322851b, 0x8d946581), TOBN(0xf0d13133, 0xbdf4a012),
-     TOBN(0xa3510f69, 0x6584dae0), TOBN(0x03a7c171, 0x3c9f6c6d),
-     TOBN(0x5be97f38, 0xe475381a), TOBN(0xca1ba422, 0x85823334),
-     TOBN(0xf83cc5c7, 0x0be17dda), TOBN(0x158b1494, 0x0b918c0f),
-     TOBN(0xda3a77e5, 0x522e6b69), TOBN(0x69c908c3, 0xbbcd6c18),
-     TOBN(0x1f1b9e48, 0xd924fd56), TOBN(0x37c64e36, 0xaa4bb3f7),
-     TOBN(0x5a4fdbdf, 0xee478d7d), TOBN(0xba75c8bc, 0x0193f7a0),
-     TOBN(0x84bc1e84, 0x56cd16df), TOBN(0x1fb08f08, 0x46fad151),
-     TOBN(0x8a7cabf9, 0x842e9f30), TOBN(0xa331d4bf, 0x5eab83af),
-     TOBN(0xd272cfba, 0x017f2a6a), TOBN(0x27560abc, 0x83aba0e3),
-     TOBN(0x94b83387, 0x0e3a6b75), TOBN(0x25c6aea2, 0x6b9f50f5),
-     TOBN(0x803d691d, 0xb5fdf6d0), TOBN(0x03b77509, 0xe6333514),
-     TOBN(0x36178903, 0x61a341c1), TOBN(0x3604dc60, 0x0cfd6142),
-     TOBN(0x022295eb, 0x8533316c), TOBN(0x3dbde4ac, 0x44af2922),
-     TOBN(0x898afc5d, 0x1c7eef69), TOBN(0x58896805, 0xd14f4fa1),
-     TOBN(0x05002160, 0x203c21ca), TOBN(0x6f0d1f30, 0x40ef730b),
-     TOBN(0x8e8c44d4, 0x196224f8), TOBN(0x75a4ab95, 0x374d079d),
-     TOBN(0x79085ecc, 0x7d48f123), TOBN(0x56f04d31, 0x1bf65ad8),
-     TOBN(0xe220bf1c, 0xbda602b2), TOBN(0x73ee1742, 0xf9612c69),
-     TOBN(0x76008fc8, 0x084fd06b), TOBN(0x4000ef9f, 0xf11380d1),
-     TOBN(0x48201b4b, 0x12cfe297), TOBN(0x3eee129c, 0x292f74e5),
-     TOBN(0xe1fe114e, 0xc9e874e8), TOBN(0x899b055c, 0x92c5fc41),
-     TOBN(0x4e477a64, 0x3a39c8cf), TOBN(0x82f09efe, 0x78963cc9),
-     TOBN(0x6fd3fd8f, 0xd333f863), TOBN(0x85132b2a, 0xdc949c63),
-     TOBN(0x7e06a3ab, 0x516eb17b), TOBN(0x73bec06f, 0xd2c7372b),
-     TOBN(0xe4f74f55, 0xba896da6), TOBN(0xbb4afef8, 0x8e9eb40f),
-     TOBN(0x2d75bec8, 0xe61d66b0), TOBN(0x02bda4b4, 0xef29300b),
-     TOBN(0x8bbaa8de, 0x026baa5a), TOBN(0xff54befd, 0xa07f4440),
-     TOBN(0xbd9b8b1d, 0xbe7a2af3), TOBN(0xec51caa9, 0x4fb74a72),
-     TOBN(0xb9937a4b, 0x63879697), TOBN(0x7c9a9d20, 0xec2687d5),
-     TOBN(0x1773e44f, 0x6ef5f014), TOBN(0x8abcf412, 0xe90c6900),
-     TOBN(0x387bd022, 0x8142161e), TOBN(0x50393755, 0xfcb6ff2a),
-     TOBN(0x9813fd56, 0xed6def63), TOBN(0x53cf6482, 0x7d53106c),
-     TOBN(0x991a35bd, 0x431f7ac1), TOBN(0xf1e274dd, 0x63e65faf),
-     TOBN(0xf63ffa3c, 0x44cc7880), TOBN(0x411a426b, 0x7c256981),
-     TOBN(0xb698b9fd, 0x93a420e0), TOBN(0x89fdddc0, 0xae53f8fe),
-     TOBN(0x766e0722, 0x32398baa), TOBN(0x205fee42, 0x5cfca031),
-     TOBN(0xa49f5341, 0x7a029cf2), TOBN(0xa88c68b8, 0x4023890d),
-     TOBN(0xbc275041, 0x7337aaa8), TOBN(0x9ed364ad, 0x0eb384f4),
-     TOBN(0xe0816f85, 0x29aba92f), TOBN(0x2e9e1941, 0x04e38a88),
-     TOBN(0x57eef44a, 0x3dafd2d5), TOBN(0x35d1fae5, 0x97ed98d8),
-     TOBN(0x50628c09, 0x2307f9b1), TOBN(0x09d84aae, 0xd6cba5c6),
-     TOBN(0x67071bc7, 0x88aaa691), TOBN(0x2dea57a9, 0xafe6cb03),
-     TOBN(0xdfe11bb4, 0x3d78ac01), TOBN(0x7286418c, 0x7fd7aa51),
-     TOBN(0xfabf7709, 0x77f7195a), TOBN(0x8ec86167, 0xadeb838f),
-     TOBN(0xea1285a8, 0xbb4f012d), TOBN(0xd6883503, 0x9a3eab3f),
-     TOBN(0xee5d24f8, 0x309004c2), TOBN(0xa96e4b76, 0x13ffe95e),
-     TOBN(0x0cdffe12, 0xbd223ea4), TOBN(0x8f5c2ee5, 0xb6739a53),
-     TOBN(0x5cb4aaa5, 0xdd968198), TOBN(0xfa131c52, 0x72413a6c),
-     TOBN(0x53d46a90, 0x9536d903), TOBN(0xb270f0d3, 0x48606d8e),
-     TOBN(0x518c7564, 0xa053a3bc), TOBN(0x088254b7, 0x1a86caef),
-     TOBN(0xb3ba8cb4, 0x0ab5efd0), TOBN(0x5c59900e, 0x4605945d),
-     TOBN(0xecace1dd, 0xa1887395), TOBN(0x40960f36, 0x932a65de),
-     TOBN(0x9611ff5c, 0x3aa95529), TOBN(0xc58215b0, 0x7c1e5a36),
-     TOBN(0xd48c9b58, 0xf0e1a524), TOBN(0xb406856b, 0xf590dfb8),
-     TOBN(0xc7605e04, 0x9cd95662), TOBN(0x0dd036ee, 0xa33ecf82),
-     TOBN(0xa50171ac, 0xc33156b3), TOBN(0xf09d24ea, 0x4a80172e),
-     TOBN(0x4e1f72c6, 0x76dc8eef), TOBN(0xe60caadc, 0x5e3d44ee),
-     TOBN(0x006ef8a6, 0x979b1d8f), TOBN(0x60908a1c, 0x97788d26),
-     TOBN(0x6e08f95b, 0x266feec0), TOBN(0x618427c2, 0x22e8c94e),
-     TOBN(0x3d613339, 0x59145a65), TOBN(0xcd9bc368, 0xfa406337),
-     TOBN(0x82d11be3, 0x2d8a52a0), TOBN(0xf6877b27, 0x97a1c590),
-     TOBN(0x837a819b, 0xf5cbdb25), TOBN(0x2a4fd1d8, 0xde090249),
-     TOBN(0x622a7de7, 0x74990e5f), TOBN(0x840fa5a0, 0x7945511b),
-     TOBN(0x30b974be, 0x6558842d), TOBN(0x70df8c64, 0x17f3d0a6),
-     TOBN(0x7c803520, 0x7542e46d), TOBN(0x7251fe7f, 0xe4ecc823),
-     TOBN(0xe59134cb, 0x5e9aac9a), TOBN(0x11bb0934, 0xf0045d71),
-     TOBN(0x53e5d9b5, 0xdbcb1d4e), TOBN(0x8d97a905, 0x92defc91),
-     TOBN(0xfe289327, 0x7946d3f9), TOBN(0xe132bd24, 0x07472273),
-     TOBN(0xeeeb510c, 0x1eb6ae86), TOBN(0x777708c5, 0xf0595067),
-     TOBN(0x18e2c8cd, 0x1297029e), TOBN(0x2c61095c, 0xbbf9305e),
-     TOBN(0xe466c258, 0x6b85d6d9), TOBN(0x8ac06c36, 0xda1ea530),
-     TOBN(0xa365dc39, 0xa1304668), TOBN(0xe4a9c885, 0x07f89606),
-     TOBN(0x65a4898f, 0xacc7228d), TOBN(0x3e2347ff, 0x84ca8303),
-     TOBN(0xa5f6fb77, 0xea7d23a3), TOBN(0x2fac257d, 0x672a71cd),
-     TOBN(0x6908bef8, 0x7e6a44d3), TOBN(0x8ff87566, 0x891d3d7a),
-     TOBN(0xe58e90b3, 0x6b0cf82e), TOBN(0x6438d246, 0x2615b5e7),
-     TOBN(0x07b1f8fc, 0x669c145a), TOBN(0xb0d8b2da, 0x36f1e1cb),
-     TOBN(0x54d5dadb, 0xd9184c4d), TOBN(0x3dbb18d5, 0xf93d9976),
-     TOBN(0x0a3e0f56, 0xd1147d47), TOBN(0x2afa8c8d, 0xa0a48609),
-     TOBN(0x275353e8, 0xbc36742c), TOBN(0x898f427e, 0xeea0ed90),
-     TOBN(0x26f4947e, 0x3e477b00), TOBN(0x8ad8848a, 0x308741e3),
-     TOBN(0x6c703c38, 0xd74a2a46), TOBN(0x5e3e05a9, 0x9ba17ba2),
-     TOBN(0xc1fa6f66, 0x4ab9a9e4), TOBN(0x474a2d9a, 0x3841d6ec),
-     TOBN(0x871239ad, 0x653ae326), TOBN(0x14bcf72a, 0xa74cbb43),
-     TOBN(0x8737650e, 0x20d4c083), TOBN(0x3df86536, 0x110ed4af),
-     TOBN(0xd2d86fe7, 0xb53ca555), TOBN(0x688cb00d, 0xabd5d538),
-     TOBN(0xcf81bda3, 0x1ad38468), TOBN(0x7ccfe3cc, 0xf01167b6),
-     TOBN(0xcf4f47e0, 0x6c4c1fe6), TOBN(0x557e1f1a, 0x298bbb79),
-     TOBN(0xf93b974f, 0x30d45a14), TOBN(0x174a1d2d, 0x0baf97c4),
-     TOBN(0x7a003b30, 0xc51fbf53), TOBN(0xd8940991, 0xee68b225),
-     TOBN(0x5b0aa7b7, 0x1c0f4173), TOBN(0x975797c9, 0xa20a7153),
-     TOBN(0x26e08c07, 0xe3533d77), TOBN(0xd7222e6a, 0x2e341c99),
-     TOBN(0x9d60ec3d, 0x8d2dc4ed), TOBN(0xbdfe0d8f, 0x7c476cf8),
-     TOBN(0x1fe59ab6, 0x1d056605), TOBN(0xa9ea9df6, 0x86a8551f),
-     TOBN(0x8489941e, 0x47fb8d8c), TOBN(0xfeb874eb, 0x4a7f1b10),
-     TOBN(0xfe5fea86, 0x7ee0d98f), TOBN(0x201ad34b, 0xdbf61864),
-     TOBN(0x45d8fe47, 0x37c031d4), TOBN(0xd5f49fae, 0x795f0822),
-     TOBN(0xdb0fb291, 0xc7f4a40c), TOBN(0x2e69d9c1, 0x730ddd92),
-     TOBN(0x754e1054, 0x49d76987), TOBN(0x8a24911d, 0x7662db87),
-     TOBN(0x61fc1810, 0x60a71676), TOBN(0xe852d1a8, 0xf66a8ad1),
-     TOBN(0x172bbd65, 0x6417231e), TOBN(0x0d6de7bd, 0x3babb11f),
-     TOBN(0x6fde6f88, 0xc8e347f8), TOBN(0x1c587547, 0x9bd99cc3),
-     TOBN(0x78e54ed0, 0x34076950), TOBN(0x97f0f334, 0x796e83ba),
-     TOBN(0xe4dbe1ce, 0x4924867a), TOBN(0xbd5f51b0, 0x60b84917),
-     TOBN(0x37530040, 0x3cb09a79), TOBN(0xdb3fe0f8, 0xff1743d8),
-     TOBN(0xed7894d8, 0x556fa9db), TOBN(0xfa262169, 0x23412fbf),
-     TOBN(0x563be0db, 0xba7b9291), TOBN(0x6ca8b8c0, 0x0c9fb234),
-     TOBN(0xed406aa9, 0xbd763802), TOBN(0xc21486a0, 0x65303da1),
-     TOBN(0x61ae291e, 0xc7e62ec4), TOBN(0x622a0492, 0xdf99333e),
-     TOBN(0x7fd80c9d, 0xbb7a8ee0), TOBN(0xdc2ed3bc, 0x6c01aedb),
-     TOBN(0x35c35a12, 0x08be74ec), TOBN(0xd540cb1a, 0x469f671f),
-     TOBN(0xd16ced4e, 0xcf84f6c7), TOBN(0x8561fb9c, 0x2d090f43),
-     TOBN(0x7e693d79, 0x6f239db4), TOBN(0xa736f928, 0x77bd0d94),
-     TOBN(0x07b4d929, 0x2c1950ee), TOBN(0xda177543, 0x56dc11b3),
-     TOBN(0xa5dfbbaa, 0x7a6a878e), TOBN(0x1c70cb29, 0x4decb08a),
-     TOBN(0xfba28c8b, 0x6f0f7c50), TOBN(0xa8eba2b8, 0x854dcc6d),
-     TOBN(0x5ff8e89a, 0x36b78642), TOBN(0x070c1c8e, 0xf6873adf),
-     TOBN(0xbbd3c371, 0x6484d2e4), TOBN(0xfb78318f, 0x0d414129),
-     TOBN(0x2621a39c, 0x6ad93b0b), TOBN(0x979d74c2, 0xa9e917f7),
-     TOBN(0xfc195647, 0x61fb0428), TOBN(0x4d78954a, 0xbee624d4),
-     TOBN(0xb94896e0, 0xb8ae86fd), TOBN(0x6667ac0c, 0xc91c8b13),
-     TOBN(0x9f180512, 0x43bcf832), TOBN(0xfbadf8b7, 0xa0010137),
-     TOBN(0xc69b4089, 0xb3ba8aa7), TOBN(0xfac4bacd, 0xe687ce85),
-     TOBN(0x9164088d, 0x977eab40), TOBN(0x51f4c5b6, 0x2760b390),
-     TOBN(0xd238238f, 0x340dd553), TOBN(0x358566c3, 0xdb1d31c9),
-     TOBN(0x3a5ad69e, 0x5068f5ff), TOBN(0xf31435fc, 0xdaff6b06),
-     TOBN(0xae549a5b, 0xd6debff0), TOBN(0x59e5f0b7, 0x75e01331),
-     TOBN(0x5d492fb8, 0x98559acf), TOBN(0x96018c2e, 0x4db79b50),
-     TOBN(0x55f4a48f, 0x609f66aa), TOBN(0x1943b3af, 0x4900a14f),
-     TOBN(0xc22496df, 0x15a40d39), TOBN(0xb2a44684, 0x4c20f7c5),
-     TOBN(0x76a35afa, 0x3b98404c), TOBN(0xbec75725, 0xff5d1b77),
-     TOBN(0xb67aa163, 0xbea06444), TOBN(0x27e95bb2, 0xf724b6f2),
-     TOBN(0x3c20e3e9, 0xd238c8ab), TOBN(0x1213754e, 0xddd6ae17),
-     TOBN(0x8c431020, 0x716e0f74), TOBN(0x6679c82e, 0xffc095c2),
-     TOBN(0x2eb3adf4, 0xd0ac2932), TOBN(0x2cc970d3, 0x01bb7a76),
-     TOBN(0x70c71f2f, 0x740f0e66), TOBN(0x545c616b, 0x2b6b23cc),
-     TOBN(0x4528cfcb, 0xb40a8bd7), TOBN(0xff839633, 0x2ab27722),
-     TOBN(0x049127d9, 0x025ac99a), TOBN(0xd314d4a0, 0x2b63e33b),
-     TOBN(0xc8c310e7, 0x28d84519), TOBN(0x0fcb8983, 0xb3bc84ba),
-     TOBN(0x2cc52261, 0x38634818), TOBN(0x501814f4, 0xb44c2e0b),
-     TOBN(0xf7e181aa, 0x54dfdba3), TOBN(0xcfd58ff0, 0xe759718c),
-     TOBN(0xf90cdb14, 0xd3b507a8), TOBN(0x57bd478e, 0xc50bdad8),
-     TOBN(0x29c197e2, 0x50e5f9aa), TOBN(0x4db6eef8, 0xe40bc855),
-     TOBN(0x2cc8f21a, 0xd1fc0654), TOBN(0xc71cc963, 0x81269d73),
-     TOBN(0xecfbb204, 0x077f49f9), TOBN(0xdde92571, 0xca56b793),
-     TOBN(0x9abed6a3, 0xf97ad8f7), TOBN(0xe6c19d3f, 0x924de3bd),
-     TOBN(0x8dce92f4, 0xa140a800), TOBN(0x85f44d1e, 0x1337af07),
-     TOBN(0x5953c08b, 0x09d64c52), TOBN(0xa1b5e49f, 0xf5df9749),
-     TOBN(0x336a8fb8, 0x52735f7d), TOBN(0xb332b6db, 0x9add676b),
-     TOBN(0x558b88a0, 0xb4511aa4), TOBN(0x09788752, 0xdbd5cc55),
-     TOBN(0x16b43b9c, 0xd8cd52bd), TOBN(0x7f0bc5a0, 0xc2a2696b),
-     TOBN(0x146e12d4, 0xc11f61ef), TOBN(0x9ce10754, 0x3a83e79e),
-     TOBN(0x08ec73d9, 0x6cbfca15), TOBN(0x09ff29ad, 0x5b49653f),
-     TOBN(0xe31b72bd, 0xe7da946e), TOBN(0xebf9eb3b, 0xee80a4f2),
-     TOBN(0xd1aabd08, 0x17598ce4), TOBN(0x18b5fef4, 0x53f37e80),
-     TOBN(0xd5d5cdd3, 0x5958cd79), TOBN(0x3580a1b5, 0x1d373114),
-     TOBN(0xa36e4c91, 0xfa935726), TOBN(0xa38c534d, 0xef20d760),
-     TOBN(0x7088e40a, 0x2ff5845b), TOBN(0xe5bb40bd, 0xbd78177f),
-     TOBN(0x4f06a7a8, 0x857f9920), TOBN(0xe3cc3e50, 0xe968f05d),
-     TOBN(0x1d68b7fe, 0xe5682d26), TOBN(0x5206f76f, 0xaec7f87c),
-     TOBN(0x41110530, 0x041951ab), TOBN(0x58ec52c1, 0xd4b5a71a),
-     TOBN(0xf3488f99, 0x0f75cf9a), TOBN(0xf411951f, 0xba82d0d5),
-     TOBN(0x27ee75be, 0x618895ab), TOBN(0xeae060d4, 0x6d8aab14),
-     TOBN(0x9ae1df73, 0x7fb54dc2), TOBN(0x1f3e391b, 0x25963649),
-     TOBN(0x242ec32a, 0xfe055081), TOBN(0x5bd450ef, 0x8491c9bd),
-     TOBN(0x367efc67, 0x981eb389), TOBN(0xed7e1928, 0x3a0550d5),
-     TOBN(0x362e776b, 0xab3ce75c), TOBN(0xe890e308, 0x1f24c523),
-     TOBN(0xb961b682, 0xfeccef76), TOBN(0x8b8e11f5, 0x8bba6d92),
-     TOBN(0x8f2ccc4c, 0x2b2375c4), TOBN(0x0d7f7a52, 0xe2f86cfa),
-     TOBN(0xfd94d30a, 0x9efe5633), TOBN(0x2d8d246b, 0x5451f934),
-     TOBN(0x2234c6e3, 0x244e6a00), TOBN(0xde2b5b0d, 0xddec8c50),
-     TOBN(0x2ce53c5a, 0xbf776f5b), TOBN(0x6f724071, 0x60357b05),
-     TOBN(0xb2593717, 0x71bf3f7a), TOBN(0x87d2501c, 0x440c4a9f),
-     TOBN(0x440552e1, 0x87b05340), TOBN(0xb7bf7cc8, 0x21624c32),
-     TOBN(0x4155a6ce, 0x22facddb), TOBN(0x5a4228cb, 0x889837ef),
-     TOBN(0xef87d6d6, 0xfd4fd671), TOBN(0xa233687e, 0xc2daa10e),
-     TOBN(0x75622244, 0x03c0eb96), TOBN(0x7632d184, 0x8bf19be6),
-     TOBN(0x05d0f8e9, 0x40735ff4), TOBN(0x3a3e6e13, 0xc00931f1),
-     TOBN(0x31ccde6a, 0xdafe3f18), TOBN(0xf381366a, 0xcfe51207),
-     TOBN(0x24c222a9, 0x60167d92), TOBN(0x62f9d6f8, 0x7529f18c),
-     TOBN(0x412397c0, 0x0353b114), TOBN(0x334d89dc, 0xef808043),
-     TOBN(0xd9ec63ba, 0x2a4383ce), TOBN(0xcec8e937, 0x5cf92ba0),
-     TOBN(0xfb8b4288, 0xc8be74c0), TOBN(0x67d6912f, 0x105d4391),
-     TOBN(0x7b996c46, 0x1b913149), TOBN(0x36aae2ef, 0x3a4e02da),
-     TOBN(0xb68aa003, 0x972de594), TOBN(0x284ec70d, 0x4ec6d545),
-     TOBN(0xf3d2b2d0, 0x61391d54), TOBN(0x69c5d5d6, 0xfe114e92),
-     TOBN(0xbe0f00b5, 0xb4482dff), TOBN(0xe1596fa5, 0xf5bf33c5),
-     TOBN(0x10595b56, 0x96a71cba), TOBN(0x944938b2, 0xfdcadeb7),
-     TOBN(0xa282da4c, 0xfccd8471), TOBN(0x98ec05f3, 0x0d37bfe1),
-     TOBN(0xe171ce1b, 0x0698304a), TOBN(0x2d691444, 0x21bdf79b),
-     TOBN(0xd0cd3b74, 0x1b21dec1), TOBN(0x712ecd8b, 0x16a15f71),
-     TOBN(0x8d4c00a7, 0x00fd56e1), TOBN(0x02ec9692, 0xf9527c18),
-     TOBN(0x21c44937, 0x4a3e42e1), TOBN(0x9176fbab, 0x1392ae0a),
-     TOBN(0x8726f1ba, 0x44b7b618), TOBN(0xb4d7aae9, 0xf1de491c),
-     TOBN(0xf91df7b9, 0x07b582c0), TOBN(0x7e116c30, 0xef60aa3a),
-     TOBN(0x99270f81, 0x466265d7), TOBN(0xb15b6fe2, 0x4df7adf0),
-     TOBN(0xfe33b2d3, 0xf9738f7f), TOBN(0x48553ab9, 0xd6d70f95),
-     TOBN(0x2cc72ac8, 0xc21e94db), TOBN(0x795ac38d, 0xbdc0bbee),
-     TOBN(0x0a1be449, 0x2e40478f), TOBN(0x81bd3394, 0x052bde55),
-     TOBN(0x63c8dbe9, 0x56b3c4f2), TOBN(0x017a99cf, 0x904177cc),
-     TOBN(0x947bbddb, 0x4d010fc1), TOBN(0xacf9b00b, 0xbb2c9b21),
-     TOBN(0x2970bc8d, 0x47173611), TOBN(0x1a4cbe08, 0xac7d756f),
-     TOBN(0x06d9f4aa, 0x67d541a2), TOBN(0xa3e8b689, 0x59c2cf44),
-     TOBN(0xaad066da, 0x4d88f1dd), TOBN(0xc604f165, 0x7ad35dea),
-     TOBN(0x7edc0720, 0x4478ca67), TOBN(0xa10dfae0, 0xba02ce06),
-     TOBN(0xeceb1c76, 0xaf36f4e4), TOBN(0x994b2292, 0xaf3f8f48),
-     TOBN(0xbf9ed77b, 0x77c8a68c), TOBN(0x74f544ea, 0x51744c9d),
-     TOBN(0x82d05bb9, 0x8113a757), TOBN(0x4ef2d2b4, 0x8a9885e4),
-     TOBN(0x1e332be5, 0x1aa7865f), TOBN(0x22b76b18, 0x290d1a52),
-     TOBN(0x308a2310, 0x44351683), TOBN(0x9d861896, 0xa3f22840),
-     TOBN(0x5959ddcd, 0x841ed947), TOBN(0x0def0c94, 0x154b73bf),
-     TOBN(0xf0105417, 0x4c7c15e0), TOBN(0x539bfb02, 0x3a277c32),
-     TOBN(0xe699268e, 0xf9dccf5f), TOBN(0x9f5796a5, 0x0247a3bd),
-     TOBN(0x8b839de8, 0x4f157269), TOBN(0xc825c1e5, 0x7a30196b),
-     TOBN(0x6ef0aabc, 0xdc8a5a91), TOBN(0xf4a8ce6c, 0x498b7fe6),
-     TOBN(0x1cce35a7, 0x70cbac78), TOBN(0x83488e9b, 0xf6b23958),
-     TOBN(0x0341a070, 0xd76cb011), TOBN(0xda6c9d06, 0xae1b2658),
-     TOBN(0xb701fb30, 0xdd648c52), TOBN(0x994ca02c, 0x52fb9fd1),
-     TOBN(0x06933117, 0x6f563086), TOBN(0x3d2b8100, 0x17856bab),
-     TOBN(0xe89f48c8, 0x5963a46e), TOBN(0x658ab875, 0xa99e61c7),
-     TOBN(0x6e296f87, 0x4b8517b4), TOBN(0x36c4fcdc, 0xfc1bc656),
-     TOBN(0xde5227a1, 0xa3906def), TOBN(0x9fe95f57, 0x62418945),
-     TOBN(0x20c91e81, 0xfdd96cde), TOBN(0x5adbe47e, 0xda4480de),
-     TOBN(0xa009370f, 0x396de2b6), TOBN(0x98583d4b, 0xf0ecc7bd),
-     TOBN(0xf44f6b57, 0xe51d0672), TOBN(0x03d6b078, 0x556b1984),
-     TOBN(0x27dbdd93, 0xb0b64912), TOBN(0x9b3a3434, 0x15687b09),
-     TOBN(0x0dba6461, 0x51ec20a9), TOBN(0xec93db7f, 0xff28187c),
-     TOBN(0x00ff8c24, 0x66e48bdd), TOBN(0x2514f2f9, 0x11ccd78e),
-     TOBN(0xeba11f4f, 0xe1250603), TOBN(0x8a22cd41, 0x243fa156),
-     TOBN(0xa4e58df4, 0xb283e4c6), TOBN(0x78c29859, 0x8b39783f),
-     TOBN(0x5235aee2, 0xa5259809), TOBN(0xc16284b5, 0x0e0227dd),
-     TOBN(0xa5f57916, 0x1338830d), TOBN(0x6d4b8a6b, 0xd2123fca),
-     TOBN(0x236ea68a, 0xf9c546f8), TOBN(0xc1d36873, 0xfa608d36),
-     TOBN(0xcd76e495, 0x8d436d13), TOBN(0xd4d9c221, 0x8fb080af),
-     TOBN(0x665c1728, 0xe8ad3fb5), TOBN(0xcf1ebe4d, 0xb3d572e0),
-     TOBN(0xa7a8746a, 0x584c5e20), TOBN(0x267e4ea1, 0xb9dc7035),
-     TOBN(0x593a15cf, 0xb9548c9b), TOBN(0x5e6e2135, 0x4bd012f3),
-     TOBN(0xdf31cc6a, 0x8c8f936e), TOBN(0x8af84d04, 0xb5c241dc),
-     TOBN(0x63990a6f, 0x345efb86), TOBN(0x6fef4e61, 0xb9b962cb)}
-    ,
-    {TOBN(0xf6368f09, 0x25722608), TOBN(0x131260db, 0x131cf5c6),
-     TOBN(0x40eb353b, 0xfab4f7ac), TOBN(0x85c78880, 0x37eee829),
-     TOBN(0x4c1581ff, 0xc3bdf24e), TOBN(0x5bff75cb, 0xf5c3c5a8),
-     TOBN(0x35e8c83f, 0xa14e6f40), TOBN(0xb81d1c0f, 0x0295e0ca),
-     TOBN(0xfcde7cc8, 0xf43a730f), TOBN(0xe89b6f3c, 0x33ab590e),
-     TOBN(0xc823f529, 0xad03240b), TOBN(0x82b79afe, 0x98bea5db),
-     TOBN(0x568f2856, 0x962fe5de), TOBN(0x0c590adb, 0x60c591f3),
-     TOBN(0x1fc74a14, 0x4a28a858), TOBN(0x3b662498, 0xb3203f4c),
-     TOBN(0x91e3cf0d, 0x6c39765a), TOBN(0xa2db3acd, 0xac3cca0b),
-     TOBN(0x288f2f08, 0xcb953b50), TOBN(0x2414582c, 0xcf43cf1a),
-     TOBN(0x8dec8bbc, 0x60eee9a8), TOBN(0x54c79f02, 0x729aa042),
-     TOBN(0xd81cd5ec, 0x6532f5d5), TOBN(0xa672303a, 0xcf82e15f),
-     TOBN(0x376aafa8, 0x719c0563), TOBN(0xcd8ad2dc, 0xbc5fc79f),
-     TOBN(0x303fdb9f, 0xcb750cd3), TOBN(0x14ff052f, 0x4418b08e),
-     TOBN(0xf75084cf, 0x3e2d6520), TOBN(0x7ebdf0f8, 0x144ed509),
-     TOBN(0xf43bf0f2, 0xd3f25b98), TOBN(0x86ad71cf, 0xa354d837),
-     TOBN(0xb827fe92, 0x26f43572), TOBN(0xdfd3ab5b, 0x5d824758),
-     TOBN(0x315dd23a, 0x539094c1), TOBN(0x85c0e37a, 0x66623d68),
-     TOBN(0x575c7972, 0x7be19ae0), TOBN(0x616a3396, 0xdf0d36b5),
-     TOBN(0xa1ebb3c8, 0x26b1ff7e), TOBN(0x635b9485, 0x140ad453),
-     TOBN(0x92bf3cda, 0xda430c0b), TOBN(0x4702850e, 0x3a96dac6),
-     TOBN(0xc91cf0a5, 0x15ac326a), TOBN(0x95de4f49, 0xab8c25e4),
-     TOBN(0xb01bad09, 0xe265c17c), TOBN(0x24e45464, 0x087b3881),
-     TOBN(0xd43e583c, 0xe1fac5ca), TOBN(0xe17cb318, 0x6ead97a6),
-     TOBN(0x6cc39243, 0x74dcec46), TOBN(0x33cfc02d, 0x54c2b73f),
-     TOBN(0x82917844, 0xf26cd99c), TOBN(0x8819dd95, 0xd1773f89),
-     TOBN(0x09572aa6, 0x0871f427), TOBN(0x8e0cf365, 0xf6f01c34),
-     TOBN(0x7fa52988, 0xbff1f5af), TOBN(0x4eb357ea, 0xe75e8e50),
-     TOBN(0xd9d0c8c4, 0x868af75d), TOBN(0xd7325cff, 0x45c8c7ea),
-     TOBN(0xab471996, 0xcc81ecb0), TOBN(0xff5d55f3, 0x611824ed),
-     TOBN(0xbe314541, 0x1977a0ee), TOBN(0x5085c4c5, 0x722038c6),
-     TOBN(0x2d5335bf, 0xf94bb495), TOBN(0x894ad8a6, 0xc8e2a082),
-     TOBN(0x5c3e2341, 0xada35438), TOBN(0xf4a9fc89, 0x049b8c4e),
-     TOBN(0xbeeb355a, 0x9f17cf34), TOBN(0x3f311e0e, 0x6c91fe10),
-     TOBN(0xc2d20038, 0x92ab9891), TOBN(0x257bdcc1, 0x3e8ce9a9),
-     TOBN(0x1b2d9789, 0x88c53bee), TOBN(0x927ce89a, 0xcdba143a),
-     TOBN(0xb0a32cca, 0x523db280), TOBN(0x5c889f8a, 0x50d43783),
-     TOBN(0x503e04b3, 0x4897d16f), TOBN(0x8cdb6e78, 0x08f5f2e8),
-     TOBN(0x6ab91cf0, 0x179c8e74), TOBN(0xd8874e52, 0x48211d60),
-     TOBN(0xf948d4d5, 0xea851200), TOBN(0x4076d41e, 0xe6f9840a),
-     TOBN(0xc20e263c, 0x47b517ea), TOBN(0x79a448fd, 0x30685e5e),
-     TOBN(0xe55f6f78, 0xf90631a0), TOBN(0x88a790b1, 0xa79e6346),
-     TOBN(0x62160c7d, 0x80969fe8), TOBN(0x54f92fd4, 0x41491bb9),
-     TOBN(0xa6645c23, 0x5c957526), TOBN(0xf44cc5ae, 0xbea3ce7b),
-     TOBN(0xf7628327, 0x8b1e68b7), TOBN(0xc731ad7a, 0x303f29d3),
-     TOBN(0xfe5a9ca9, 0x57d03ecb), TOBN(0x96c0d50c, 0x41bc97a7),
-     TOBN(0xc4669fe7, 0x9b4f7f24), TOBN(0xfdd781d8, 0x3d9967ef),
-     TOBN(0x7892c7c3, 0x5d2c208d), TOBN(0x8bf64f7c, 0xae545cb3),
-     TOBN(0xc01f862c, 0x467be912), TOBN(0xf4c85ee9, 0xc73d30cc),
-     TOBN(0x1fa6f4be, 0x6ab83ec7), TOBN(0xa07a3c1c, 0x4e3e3cf9),
-     TOBN(0x87f8ef45, 0x0c00beb3), TOBN(0x30e2c2b3, 0x000d4c3e),
-     TOBN(0x1aa00b94, 0xfe08bf5b), TOBN(0x32c133aa, 0x9224ef52),
-     TOBN(0x38df16bb, 0x32e5685d), TOBN(0x68a9e069, 0x58e6f544),
-     TOBN(0x495aaff7, 0xcdc5ebc6), TOBN(0xf894a645, 0x378b135f),
-     TOBN(0xf316350a, 0x09e27ecf), TOBN(0xeced201e, 0x58f7179d),
-     TOBN(0x2eec273c, 0xe97861ba), TOBN(0x47ec2cae, 0xd693be2e),
-     TOBN(0xfa4c97c4, 0xf68367ce), TOBN(0xe4f47d0b, 0xbe5a5755),
-     TOBN(0x17de815d, 0xb298a979), TOBN(0xd7eca659, 0xc177dc7d),
-     TOBN(0x20fdbb71, 0x49ded0a3), TOBN(0x4cb2aad4, 0xfb34d3c5),
-     TOBN(0x2cf31d28, 0x60858a33), TOBN(0x3b6873ef, 0xa24aa40f),
-     TOBN(0x540234b2, 0x2c11bb37), TOBN(0x2d0366dd, 0xed4c74a3),
-     TOBN(0xf9a968da, 0xeec5f25d), TOBN(0x36601068, 0x67b63142),
-     TOBN(0x07cd6d2c, 0x68d7b6d4), TOBN(0xa8f74f09, 0x0c842942),
-     TOBN(0xe2751404, 0x7768b1ee), TOBN(0x4b5f7e89, 0xfe62aee4),
-     TOBN(0xc6a77177, 0x89070d26), TOBN(0xa1f28e4e, 0xdd1c8bc7),
-     TOBN(0xea5f4f06, 0x469e1f17), TOBN(0x78fc242a, 0xfbdb78e0),
-     TOBN(0xc9c7c592, 0x8b0588f1), TOBN(0xb6b7a0fd, 0x1535921e),
-     TOBN(0xcc5bdb91, 0xbde5ae35), TOBN(0xb42c485e, 0x12ff1864),
-     TOBN(0xa1113e13, 0xdbab98aa), TOBN(0xde9d469b, 0xa17b1024),
-     TOBN(0x23f48b37, 0xc0462d3a), TOBN(0x3752e537, 0x7c5c078d),
-     TOBN(0xe3a86add, 0x15544eb9), TOBN(0xf013aea7, 0x80fba279),
-     TOBN(0x8b5bb76c, 0xf22001b5), TOBN(0xe617ba14, 0xf02891ab),
-     TOBN(0xd39182a6, 0x936219d3), TOBN(0x5ce1f194, 0xae51cb19),
-     TOBN(0xc78f8598, 0xbf07a74c), TOBN(0x6d7158f2, 0x22cbf1bc),
-     TOBN(0x3b846b21, 0xe300ce18), TOBN(0x35fba630, 0x2d11275d),
-     TOBN(0x5fe25c36, 0xa0239b9b), TOBN(0xd8beb35d, 0xdf05d940),
-     TOBN(0x4db02bb0, 0x1f7e320d), TOBN(0x0641c364, 0x6da320ea),
-     TOBN(0x6d95fa5d, 0x821389a3), TOBN(0x92699748, 0x8fcd8e3d),
-     TOBN(0x316fef17, 0xceb6c143), TOBN(0x67fcb841, 0xd933762b),
-     TOBN(0xbb837e35, 0x118b17f8), TOBN(0x4b92552f, 0x9fd24821),
-     TOBN(0xae6bc70e, 0x46aca793), TOBN(0x1cf0b0e4, 0xe579311b),
-     TOBN(0x8dc631be, 0x5802f716), TOBN(0x099bdc6f, 0xbddbee4d),
-     TOBN(0xcc352bb2, 0x0caf8b05), TOBN(0xf74d505a, 0x72d63df2),
-     TOBN(0xb9876d4b, 0x91c4f408), TOBN(0x1ce18473, 0x9e229b2d),
-     TOBN(0x49507597, 0x83abdb4a), TOBN(0x850fbcb6, 0xdee84b18),
-     TOBN(0x6325236e, 0x609e67dc), TOBN(0x04d831d9, 0x9336c6d8),
-     TOBN(0x8deaae3b, 0xfa12d45d), TOBN(0xe425f8ce, 0x4746e246),
-     TOBN(0x8004c175, 0x24f5f31e), TOBN(0xaca16d8f, 0xad62c3b7),
-     TOBN(0x0dc15a6a, 0x9152f934), TOBN(0xf1235e5d, 0xed0e12c1),
-     TOBN(0xc33c06ec, 0xda477dac), TOBN(0x76be8732, 0xb2ea0006),
-     TOBN(0xcf3f7831, 0x0c0cd313), TOBN(0x3c524553, 0xa614260d),
-     TOBN(0x31a756f8, 0xcab22d15), TOBN(0x03ee10d1, 0x77827a20),
-     TOBN(0xd1e059b2, 0x1994ef20), TOBN(0x2a653b69, 0x638ae318),
-     TOBN(0x70d5eb58, 0x2f699010), TOBN(0x279739f7, 0x09f5f84a),
-     TOBN(0x5da4663c, 0x8b799336), TOBN(0xfdfdf14d, 0x203c37eb),
-     TOBN(0x32d8a9dc, 0xa1dbfb2d), TOBN(0xab40cff0, 0x77d48f9b),
-     TOBN(0xc018b383, 0xd20b42d5), TOBN(0xf9a810ef, 0x9f78845f),
-     TOBN(0x40af3753, 0xbdba9df0), TOBN(0xb90bdcfc, 0x131dfdf9),
-     TOBN(0x18720591, 0xf01ab782), TOBN(0xc823f211, 0x6af12a88),
-     TOBN(0xa51b80f3, 0x0dc14401), TOBN(0xde248f77, 0xfb2dfbe3),
-     TOBN(0xef5a44e5, 0x0cafe751), TOBN(0x73997c9c, 0xd4dcd221),
-     TOBN(0x32fd86d1, 0xde854024), TOBN(0xd5b53adc, 0xa09b84bb),
-     TOBN(0x008d7a11, 0xdcedd8d1), TOBN(0x406bd1c8, 0x74b32c84),
-     TOBN(0x5d4472ff, 0x05dde8b1), TOBN(0x2e25f2cd, 0xfce2b32f),
-     TOBN(0xbec0dd5e, 0x29dfc254), TOBN(0x4455fcf6, 0x2b98b267),
-     TOBN(0x0b4d43a5, 0xc72df2ad), TOBN(0xea70e6be, 0x48a75397),
-     TOBN(0x2aad6169, 0x5820f3bf), TOBN(0xf410d2dd, 0x9e37f68f),
-     TOBN(0x70fb7dba, 0x7be5ac83), TOBN(0x636bb645, 0x36ec3eec),
-     TOBN(0x27104ea3, 0x9754e21c), TOBN(0xbc87a3e6, 0x8d63c373),
-     TOBN(0x483351d7, 0x4109db9a), TOBN(0x0fa724e3, 0x60134da7),
-     TOBN(0x9ff44c29, 0xb0720b16), TOBN(0x2dd0cf13, 0x06aceead),
-     TOBN(0x5942758c, 0xe26929a6), TOBN(0x96c5db92, 0xb766a92b),
-     TOBN(0xcec7d4c0, 0x5f18395e), TOBN(0xd3f22744, 0x1f80d032),
-     TOBN(0x7a68b37a, 0xcb86075b), TOBN(0x074764dd, 0xafef92db),
-     TOBN(0xded1e950, 0x7bc7f389), TOBN(0xc580c850, 0xb9756460),
-     TOBN(0xaeeec2a4, 0x7da48157), TOBN(0x3f0b4e7f, 0x82c587b3),
-     TOBN(0x231c6de8, 0xa9f19c53), TOBN(0x5717bd73, 0x6974e34e),
-     TOBN(0xd9e1d216, 0xf1508fa9), TOBN(0x9f112361, 0xdadaa124),
-     TOBN(0x80145e31, 0x823b7348), TOBN(0x4dd8f0d5, 0xac634069),
-     TOBN(0xe3d82fc7, 0x2297c258), TOBN(0x276fcfee, 0x9cee7431),
-     TOBN(0x8eb61b5e, 0x2bc0aea9), TOBN(0x4f668fd5, 0xde329431),
-     TOBN(0x03a32ab1, 0x38e4b87e), TOBN(0xe1374517, 0x73d0ef0b),
-     TOBN(0x1a46f7e6, 0x853ac983), TOBN(0xc3bdf42e, 0x68e78a57),
-     TOBN(0xacf20785, 0x2ea96dd1), TOBN(0xa10649b9, 0xf1638460),
-     TOBN(0xf2369f0b, 0x879fbbed), TOBN(0x0ff0ae86, 0xda9d1869),
-     TOBN(0x5251d759, 0x56766f45), TOBN(0x4984d8c0, 0x2be8d0fc),
-     TOBN(0x7ecc95a6, 0xd21008f0), TOBN(0x29bd54a0, 0x3a1a1c49),
-     TOBN(0xab9828c5, 0xd26c50f3), TOBN(0x32c0087c, 0x51d0d251),
-     TOBN(0x9bac3ce6, 0x0c1cdb26), TOBN(0xcd94d947, 0x557ca205),
-     TOBN(0x1b1bd598, 0x9db1fdcd), TOBN(0x0eda0108, 0xa3d8b149),
-     TOBN(0x95066610, 0x56152fcc), TOBN(0xc2f037e6, 0xe7192b33),
-     TOBN(0xdeffb41a, 0xc92e05a4), TOBN(0x1105f6c2, 0xc2f6c62e),
-     TOBN(0x68e73500, 0x8733913c), TOBN(0xcce86163, 0x3f3adc40),
-     TOBN(0xf407a942, 0x38a278e9), TOBN(0xd13c1b9d, 0x2ab21292),
-     TOBN(0x93ed7ec7, 0x1c74cf5c), TOBN(0x8887dc48, 0xf1a4c1b4),
-     TOBN(0x3830ff30, 0x4b3a11f1), TOBN(0x358c5a3c, 0x58937cb6),
-     TOBN(0x027dc404, 0x89022829), TOBN(0x40e93977, 0x3b798f79),
-     TOBN(0x90ad3337, 0x38be6ead), TOBN(0x9c23f6bc, 0xf34c0a5d),
-     TOBN(0xd1711a35, 0xfbffd8bb), TOBN(0x60fcfb49, 0x1949d3dd),
-     TOBN(0x09c8ef4b, 0x7825d93a), TOBN(0x24233cff, 0xa0a8c968),
-     TOBN(0x67ade46c, 0xe6d982af), TOBN(0xebb6bf3e, 0xe7544d7c),
-     TOBN(0xd6b9ba76, 0x3d8bd087), TOBN(0x46fe382d, 0x4dc61280),
-     TOBN(0xbd39a7e8, 0xb5bdbd75), TOBN(0xab381331, 0xb8f228fe),
-     TOBN(0x0709a77c, 0xce1c4300), TOBN(0x6a247e56, 0xf337ceac),
-     TOBN(0x8f34f21b, 0x636288be), TOBN(0x9dfdca74, 0xc8a7c305),
-     TOBN(0x6decfd1b, 0xea919e04), TOBN(0xcdf2688d, 0x8e1991f8),
-     TOBN(0xe607df44, 0xd0f8a67e), TOBN(0xd985df4b, 0x0b58d010),
-     TOBN(0x57f834c5, 0x0c24f8f4), TOBN(0xe976ef56, 0xa0bf01ae),
-     TOBN(0x536395ac, 0xa1c32373), TOBN(0x351027aa, 0x734c0a13),
-     TOBN(0xd2f1b5d6, 0x5e6bd5bc), TOBN(0x2b539e24, 0x223debed),
-     TOBN(0xd4994cec, 0x0eaa1d71), TOBN(0x2a83381d, 0x661dcf65),
-     TOBN(0x5f1aed2f, 0x7b54c740), TOBN(0x0bea3fa5, 0xd6dda5ee),
-     TOBN(0x9d4fb684, 0x36cc6134), TOBN(0x8eb9bbf3, 0xc0a443dd),
-     TOBN(0xfc500e2e, 0x383b7d2a), TOBN(0x7aad621c, 0x5b775257),
-     TOBN(0x69284d74, 0x0a8f7cc0), TOBN(0xe820c2ce, 0x07562d65),
-     TOBN(0xbf9531b9, 0x499758ee), TOBN(0x73e95ca5, 0x6ee0cc2d),
-     TOBN(0xf61790ab, 0xfbaf50a5), TOBN(0xdf55e76b, 0x684e0750),
-     TOBN(0xec516da7, 0xf176b005), TOBN(0x575553bb, 0x7a2dddc7),
-     TOBN(0x37c87ca3, 0x553afa73), TOBN(0x315f3ffc, 0x4d55c251),
-     TOBN(0xe846442a, 0xaf3e5d35), TOBN(0x61b91149, 0x6495ff28),
-     TOBN(0x23cc95d3, 0xfa326dc3), TOBN(0x1df4da1f, 0x18fc2cea),
-     TOBN(0x24bf9adc, 0xd0a37d59), TOBN(0xb6710053, 0x320d6e1e),
-     TOBN(0x96f9667e, 0x618344d1), TOBN(0xcc7ce042, 0xa06445af),
-     TOBN(0xa02d8514, 0xd68dbc3a), TOBN(0x4ea109e4, 0x280b5a5b),
-     TOBN(0x5741a7ac, 0xb40961bf), TOBN(0x4ada5937, 0x6aa56bfa),
-     TOBN(0x7feb9145, 0x02b765d1), TOBN(0x561e97be, 0xe6ad1582),
-     TOBN(0xbbc4a5b6, 0xda3982f5), TOBN(0x0c2659ed, 0xb546f468),
-     TOBN(0xb8e7e6aa, 0x59612d20), TOBN(0xd83dfe20, 0xac19e8e0),
-     TOBN(0x8530c45f, 0xb835398c), TOBN(0x6106a8bf, 0xb38a41c2),
-     TOBN(0x21e8f9a6, 0x35f5dcdb), TOBN(0x39707137, 0xcae498ed),
-     TOBN(0x70c23834, 0xd8249f00), TOBN(0x9f14b58f, 0xab2537a0),
-     TOBN(0xd043c365, 0x5f61c0c2), TOBN(0xdc5926d6, 0x09a194a7),
-     TOBN(0xddec0339, 0x8e77738a), TOBN(0xd07a63ef, 0xfba46426),
-     TOBN(0x2e58e79c, 0xee7f6e86), TOBN(0xe59b0459, 0xff32d241),
-     TOBN(0xc5ec84e5, 0x20fa0338), TOBN(0x97939ac8, 0xeaff5ace),
-     TOBN(0x0310a4e3, 0xb4a38313), TOBN(0x9115fba2, 0x8f9d9885),
-     TOBN(0x8dd710c2, 0x5fadf8c3), TOBN(0x66be38a2, 0xce19c0e2),
-     TOBN(0xd42a279c, 0x4cfe5022), TOBN(0x597bb530, 0x0e24e1b8),
-     TOBN(0x3cde86b7, 0xc153ca7f), TOBN(0xa8d30fb3, 0x707d63bd),
-     TOBN(0xac905f92, 0xbd60d21e), TOBN(0x98e7ffb6, 0x7b9a54ab),
-     TOBN(0xd7147df8, 0xe9726a30), TOBN(0xb5e216ff, 0xafce3533),
-     TOBN(0xb550b799, 0x2ff1ec40), TOBN(0x6b613b87, 0xa1e953fd),
-     TOBN(0x87b88dba, 0x792d5610), TOBN(0x2ee1270a, 0xa190fbe1),
-     TOBN(0x02f4e2dc, 0x2ef581da), TOBN(0x016530e4, 0xeff82a95),
-     TOBN(0xcbb93dfd, 0x8fd6ee89), TOBN(0x16d3d986, 0x46848fff),
-     TOBN(0x600eff24, 0x1da47adf), TOBN(0x1b9754a0, 0x0ad47a71),
-     TOBN(0x8f9266df, 0x70c33b98), TOBN(0xaadc87ae, 0xdf34186e),
-     TOBN(0x0d2ce8e1, 0x4ad24132), TOBN(0x8a47cbfc, 0x19946eba),
-     TOBN(0x47feeb66, 0x62b5f3af), TOBN(0xcefab561, 0x0abb3734),
-     TOBN(0x449de60e, 0x19f35cb1), TOBN(0x39f8db14, 0x157f0eb9),
-     TOBN(0xffaecc5b, 0x3c61bfd6), TOBN(0xa5a4d41d, 0x41216703),
-     TOBN(0x7f8fabed, 0x224e1cc2), TOBN(0x0d5a8186, 0x871ad953),
-     TOBN(0xf10774f7, 0xd22da9a9), TOBN(0x45b8a678, 0xcc8a9b0d),
-     TOBN(0xd9c2e722, 0xbdc32cff), TOBN(0xbf71b5f5, 0x337202a5),
-     TOBN(0x95c57f2f, 0x69fc4db9), TOBN(0xb6dad34c, 0x765d01e1),
-     TOBN(0x7e0bd13f, 0xcb904635), TOBN(0x61751253, 0x763a588c),
-     TOBN(0xd85c2997, 0x81af2c2d), TOBN(0xc0f7d9c4, 0x81b9d7da),
-     TOBN(0x838a34ae, 0x08533e8d), TOBN(0x15c4cb08, 0x311d8311),
-     TOBN(0x97f83285, 0x8e121e14), TOBN(0xeea7dc1e, 0x85000a5f),
-     TOBN(0x0c6059b6, 0x5d256274), TOBN(0xec9beace, 0xb95075c0),
-     TOBN(0x173daad7, 0x1df97828), TOBN(0xbf851cb5, 0xa8937877),
-     TOBN(0xb083c594, 0x01646f3c), TOBN(0x3bad30cf, 0x50c6d352),
-     TOBN(0xfeb2b202, 0x496bbcea), TOBN(0x3cf9fd4f, 0x18a1e8ba),
-     TOBN(0xd26de7ff, 0x1c066029), TOBN(0x39c81e9e, 0x4e9ed4f8),
-     TOBN(0xd8be0cb9, 0x7b390d35), TOBN(0x01df2bbd, 0x964aab27),
-     TOBN(0x3e8c1a65, 0xc3ef64f8), TOBN(0x567291d1, 0x716ed1dd),
-     TOBN(0x95499c6c, 0x5f5406d3), TOBN(0x71fdda39, 0x5ba8e23f),
-     TOBN(0xcfeb320e, 0xd5096ece), TOBN(0xbe7ba92b, 0xca66dd16),
-     TOBN(0x4608d36b, 0xc6fb5a7d), TOBN(0xe3eea15a, 0x6d2dd0e0),
-     TOBN(0x75b0a3eb, 0x8f97a36a), TOBN(0xf59814cc, 0x1c83de1e),
-     TOBN(0x56c9c5b0, 0x1c33c23f), TOBN(0xa96c1da4, 0x6faa4136),
-     TOBN(0x46bf2074, 0xde316551), TOBN(0x3b866e7b, 0x1f756c8f),
-     TOBN(0x727727d8, 0x1495ed6b), TOBN(0xb2394243, 0xb682dce7),
-     TOBN(0x8ab8454e, 0x758610f3), TOBN(0xc243ce84, 0x857d72a4),
-     TOBN(0x7b320d71, 0xdbbf370f), TOBN(0xff9afa37, 0x78e0f7ca),
-     TOBN(0x0119d1e0, 0xea7b523f), TOBN(0xb997f8cb, 0x058c7d42),
-     TOBN(0x285bcd2a, 0x37bbb184), TOBN(0x51dcec49, 0xa45d1fa6),
-     TOBN(0x6ade3b64, 0xe29634cb), TOBN(0x080c94a7, 0x26b86ef1),
-     TOBN(0xba583db1, 0x2283fbe3), TOBN(0x902bddc8, 0x5a9315ed),
-     TOBN(0x07c1ccb3, 0x86964bec), TOBN(0x78f4eacf, 0xb6258301),
-     TOBN(0x4bdf3a49, 0x56f90823), TOBN(0xba0f5080, 0x741d777b),
-     TOBN(0x091d71c3, 0xf38bf760), TOBN(0x9633d50f, 0x9b625b02),
-     TOBN(0x03ecb743, 0xb8c9de61), TOBN(0xb4751254, 0x5de74720),
-     TOBN(0x9f9defc9, 0x74ce1cb2), TOBN(0x774a4f6a, 0x00bd32ef),
-     TOBN(0xaca385f7, 0x73848f22), TOBN(0x53dad716, 0xf3f8558e),
-     TOBN(0xab7b34b0, 0x93c471f9), TOBN(0xf530e069, 0x19644bc7),
-     TOBN(0x3d9fb1ff, 0xdd59d31a), TOBN(0x4382e0df, 0x08daa795),
-     TOBN(0x165c6f4b, 0xd5cc88d7), TOBN(0xeaa392d5, 0x4a18c900),
-     TOBN(0x94203c67, 0x648024ee), TOBN(0x188763f2, 0x8c2fabcd),
-     TOBN(0xa80f87ac, 0xbbaec835), TOBN(0x632c96e0, 0xf29d8d54),
-     TOBN(0x29b0a60e, 0x4c00a95e), TOBN(0x2ef17f40, 0xe011e9fa),
-     TOBN(0xf6c0e1d1, 0x15b77223), TOBN(0xaaec2c62, 0x14b04e32),
-     TOBN(0xd35688d8, 0x3d84e58c), TOBN(0x2af5094c, 0x958571db),
-     TOBN(0x4fff7e19, 0x760682a6), TOBN(0x4cb27077, 0xe39a407c),
-     TOBN(0x0f59c547, 0x4ff0e321), TOBN(0x169f34a6, 0x1b34c8ff),
-     TOBN(0x2bff1096, 0x52bc1ba7), TOBN(0xa25423b7, 0x83583544),
-     TOBN(0x5d55d5d5, 0x0ac8b782), TOBN(0xff6622ec, 0x2db3c892),
-     TOBN(0x48fce741, 0x6b8bb642), TOBN(0x31d6998c, 0x69d7e3dc),
-     TOBN(0xdbaf8004, 0xcadcaed0), TOBN(0x801b0142, 0xd81d053c),
-     TOBN(0x94b189fc, 0x59630ec6), TOBN(0x120e9934, 0xaf762c8e),
-     TOBN(0x53a29aa4, 0xfdc6a404), TOBN(0x19d8e01e, 0xa1909948),
-     TOBN(0x3cfcabf1, 0xd7e89681), TOBN(0x3321a50d, 0x4e132d37),
-     TOBN(0xd0496863, 0xe9a86111), TOBN(0x8c0cde61, 0x06a3bc65),
-     TOBN(0xaf866c49, 0xfc9f8eef), TOBN(0x2066350e, 0xff7f5141),
-     TOBN(0x4f8a4689, 0xe56ddfbd), TOBN(0xea1b0c07, 0xfe32983a),
-     TOBN(0x2b317462, 0x873cb8cb), TOBN(0x658deddc, 0x2d93229f),
-     TOBN(0x65efaf4d, 0x0f64ef58), TOBN(0xfe43287d, 0x730cc7a8),
-     TOBN(0xaebc0c72, 0x3d047d70), TOBN(0x92efa539, 0xd92d26c9),
-     TOBN(0x06e78457, 0x94b56526), TOBN(0x415cb80f, 0x0961002d),
-     TOBN(0x89e5c565, 0x76dcb10f), TOBN(0x8bbb6982, 0xff9259fe),
-     TOBN(0x4fe8795b, 0x9abc2668), TOBN(0xb5d4f534, 0x1e678fb1),
-     TOBN(0x6601f3be, 0x7b7da2b9), TOBN(0x98da59e2, 0xa13d6805),
-     TOBN(0x190d8ea6, 0x01799a52), TOBN(0xa20cec41, 0xb86d2952),
-     TOBN(0x3062ffb2, 0x7fff2a7c), TOBN(0x741b32e5, 0x79f19d37),
-     TOBN(0xf80d8181, 0x4eb57d47), TOBN(0x7a2d0ed4, 0x16aef06b),
-     TOBN(0x09735fb0, 0x1cecb588), TOBN(0x1641caaa, 0xc6061f5b)}
-    ,
-    {TOBN(0x7f99824f, 0x20151427), TOBN(0x206828b6, 0x92430206),
-     TOBN(0xaa9097d7, 0xe1112357), TOBN(0xacf9a2f2, 0x09e414ec),
-     TOBN(0xdbdac9da, 0x27915356), TOBN(0x7e0734b7, 0x001efee3),
-     TOBN(0x54fab5bb, 0xd2b288e2), TOBN(0x4c630fc4, 0xf62dd09c),
-     TOBN(0x8537107a, 0x1ac2703b), TOBN(0xb49258d8, 0x6bc857b5),
-     TOBN(0x57df14de, 0xbcdaccd1), TOBN(0x24ab68d7, 0xc4ae8529),
-     TOBN(0x7ed8b5d4, 0x734e59d0), TOBN(0x5f8740c8, 0xc495cc80),
-     TOBN(0x84aedd5a, 0x291db9b3), TOBN(0x80b360f8, 0x4fb995be),
-     TOBN(0xae915f5d, 0x5fa067d1), TOBN(0x4134b57f, 0x9668960c),
-     TOBN(0xbd3656d6, 0xa48edaac), TOBN(0xdac1e3e4, 0xfc1d7436),
-     TOBN(0x674ff869, 0xd81fbb26), TOBN(0x449ed3ec, 0xb26c33d4),
-     TOBN(0x85138705, 0xd94203e8), TOBN(0xccde538b, 0xbeeb6f4a),
-     TOBN(0x55d5c68d, 0xa61a76fa), TOBN(0x598b441d, 0xca1554dc),
-     TOBN(0xd39923b9, 0x773b279c), TOBN(0x33331d3c, 0x36bf9efc),
-     TOBN(0x2d4c848e, 0x298de399), TOBN(0xcfdb8e77, 0xa1a27f56),
-     TOBN(0x94c855ea, 0x57b8ab70), TOBN(0xdcdb9dae, 0x6f7879ba),
-     TOBN(0x7bdff8c2, 0x019f2a59), TOBN(0xb3ce5bb3, 0xcb4fbc74),
-     TOBN(0xea907f68, 0x8a9173dd), TOBN(0x6cd3d0d3, 0x95a75439),
-     TOBN(0x92ecc4d6, 0xefed021c), TOBN(0x09a9f9b0, 0x6a77339a),
-     TOBN(0x87ca6b15, 0x7188c64a), TOBN(0x10c29968, 0x44899158),
-     TOBN(0x5859a229, 0xed6e82ef), TOBN(0x16f338e3, 0x65ebaf4e),
-     TOBN(0x0cd31387, 0x5ead67ae), TOBN(0x1c73d228, 0x54ef0bb4),
-     TOBN(0x4cb55131, 0x74a5c8c7), TOBN(0x01cd2970, 0x7f69ad6a),
-     TOBN(0xa04d00dd, 0xe966f87e), TOBN(0xd96fe447, 0x0b7b0321),
-     TOBN(0x342ac06e, 0x88fbd381), TOBN(0x02cd4a84, 0x5c35a493),
-     TOBN(0xe8fa89de, 0x54f1bbcd), TOBN(0x341d6367, 0x2575ed4c),
-     TOBN(0xebe357fb, 0xd238202b), TOBN(0x600b4d1a, 0xa984ead9),
-     TOBN(0xc35c9f44, 0x52436ea0), TOBN(0x96fe0a39, 0xa370751b),
-     TOBN(0x4c4f0736, 0x7f636a38), TOBN(0x9f943fb7, 0x0e76d5cb),
-     TOBN(0xb03510ba, 0xa8b68b8b), TOBN(0xc246780a, 0x9ed07a1f),
-     TOBN(0x3c051415, 0x6d549fc2), TOBN(0xc2953f31, 0x607781ca),
-     TOBN(0x955e2c69, 0xd8d95413), TOBN(0xb300fadc, 0x7bd282e3),
-     TOBN(0x81fe7b50, 0x87e9189f), TOBN(0xdb17375c, 0xf42dda27),
-     TOBN(0x22f7d896, 0xcf0a5904), TOBN(0xa0e57c5a, 0xebe348e6),
-     TOBN(0xa61011d3, 0xf40e3c80), TOBN(0xb1189321, 0x8db705c5),
-     TOBN(0x4ed9309e, 0x50fedec3), TOBN(0xdcf14a10, 0x4d6d5c1d),
-     TOBN(0x056c265b, 0x55691342), TOBN(0xe8e08504, 0x91049dc7),
-     TOBN(0x131329f5, 0xc9bae20a), TOBN(0x96c8b3e8, 0xd9dccdb4),
-     TOBN(0x8c5ff838, 0xfb4ee6b4), TOBN(0xfc5a9aeb, 0x41e8ccf0),
-     TOBN(0x7417b764, 0xfae050c6), TOBN(0x0953c3d7, 0x00452080),
-     TOBN(0x21372682, 0x38dfe7e8), TOBN(0xea417e15, 0x2bb79d4b),
-     TOBN(0x59641f1c, 0x76e7cf2d), TOBN(0x271e3059, 0xea0bcfcc),
-     TOBN(0x624c7dfd, 0x7253ecbd), TOBN(0x2f552e25, 0x4fca6186),
-     TOBN(0xcbf84ecd, 0x4d866e9c), TOBN(0x73967709, 0xf68d4610),
-     TOBN(0xa14b1163, 0xc27901b4), TOBN(0xfd9236e0, 0x899b8bf3),
-     TOBN(0x42b091ec, 0xcbc6da0a), TOBN(0xbb1dac6f, 0x5ad1d297),
-     TOBN(0x80e61d53, 0xa91cf76e), TOBN(0x4110a412, 0xd31f1ee7),
-     TOBN(0x2d87c3ba, 0x13efcf77), TOBN(0x1f374bb4, 0xdf450d76),
-     TOBN(0x5e78e2f2, 0x0d188dab), TOBN(0xe3968ed0, 0xf4b885ef),
-     TOBN(0x46c0568e, 0x7314570f), TOBN(0x31616338, 0x01170521),
-     TOBN(0x18e1e7e2, 0x4f0c8afe), TOBN(0x4caa75ff, 0xdeea78da),
-     TOBN(0x82db67f2, 0x7c5d8a51), TOBN(0x36a44d86, 0x6f505370),
-     TOBN(0xd72c5bda, 0x0333974f), TOBN(0x5db516ae, 0x27a70146),
-     TOBN(0x34705281, 0x210ef921), TOBN(0xbff17a8f, 0x0c9c38e5),
-     TOBN(0x78f4814e, 0x12476da1), TOBN(0xc1e16613, 0x33c16980),
-     TOBN(0x9e5b386f, 0x424d4bca), TOBN(0x4c274e87, 0xc85740de),
-     TOBN(0xb6a9b88d, 0x6c2f5226), TOBN(0x14d1b944, 0x550d7ca8),
-     TOBN(0x580c85fc, 0x1fc41709), TOBN(0xc1da368b, 0x54c6d519),
-     TOBN(0x2b0785ce, 0xd5113cf7), TOBN(0x0670f633, 0x5a34708f),
-     TOBN(0x46e23767, 0x15cc3f88), TOBN(0x1b480cfa, 0x50c72c8f),
-     TOBN(0x20288602, 0x4147519a), TOBN(0xd0981eac, 0x26b372f0),
-     TOBN(0xa9d4a7ca, 0xa785ebc8), TOBN(0xd953c50d, 0xdbdf58e9),
-     TOBN(0x9d6361cc, 0xfd590f8f), TOBN(0x72e9626b, 0x44e6c917),
-     TOBN(0x7fd96110, 0x22eb64cf), TOBN(0x863ebb7e, 0x9eb288f3),
-     TOBN(0x6e6ab761, 0x6aca8ee7), TOBN(0x97d10b39, 0xd7b40358),
-     TOBN(0x1687d377, 0x1e5feb0d), TOBN(0xc83e50e4, 0x8265a27a),
-     TOBN(0x8f75a9fe, 0xc954b313), TOBN(0xcc2e8f47, 0x310d1f61),
-     TOBN(0xf5ba81c5, 0x6557d0e0), TOBN(0x25f9680c, 0x3eaf6207),
-     TOBN(0xf95c6609, 0x4354080b), TOBN(0x5225bfa5, 0x7bf2fe1c),
-     TOBN(0xc5c004e2, 0x5c7d98fa), TOBN(0x3561bf1c, 0x019aaf60),
-     TOBN(0x5e6f9f17, 0xba151474), TOBN(0xdec2f934, 0xb04f6eca),
-     TOBN(0x64e368a1, 0x269acb1e), TOBN(0x1332d9e4, 0x0cdda493),
-     TOBN(0x60d6cf69, 0xdf23de05), TOBN(0x66d17da2, 0x009339a0),
-     TOBN(0x9fcac985, 0x0a693923), TOBN(0xbcf057fc, 0xed7c6a6d),
-     TOBN(0xc3c5c8c5, 0xf0b5662c), TOBN(0x25318dd8, 0xdcba4f24),
-     TOBN(0x60e8cb75, 0x082b69ff), TOBN(0x7c23b3ee, 0x1e728c01),
-     TOBN(0x15e10a0a, 0x097e4403), TOBN(0xcb3d0a86, 0x19854665),
-     TOBN(0x88d8e211, 0xd67d4826), TOBN(0xb39af66e, 0x0b9d2839),
-     TOBN(0xa5f94588, 0xbd475ca8), TOBN(0xe06b7966, 0xc077b80b),
-     TOBN(0xfedb1485, 0xda27c26c), TOBN(0xd290d33a, 0xfe0fd5e0),
-     TOBN(0xa40bcc47, 0xf34fb0fa), TOBN(0xb4760cc8, 0x1fb1ab09),
-     TOBN(0x8fca0993, 0xa273bfe3), TOBN(0x13e4fe07, 0xf70b213c),
-     TOBN(0x3bcdb992, 0xfdb05163), TOBN(0x8c484b11, 0x0c2b19b6),
-     TOBN(0x1acb815f, 0xaaf2e3e2), TOBN(0xc6905935, 0xb89ff1b4),
-     TOBN(0xb2ad6f9d, 0x586e74e1), TOBN(0x488883ad, 0x67b80484),
-     TOBN(0x758aa2c7, 0x369c3ddb), TOBN(0x8ab74e69, 0x9f9afd31),
-     TOBN(0x10fc2d28, 0x5e21beb1), TOBN(0x3484518a, 0x318c42f9),
-     TOBN(0x377427dc, 0x53cf40c3), TOBN(0x9de0781a, 0x391bc1d9),
-     TOBN(0x8faee858, 0x693807e1), TOBN(0xa3865327, 0x4e81ccc7),
-     TOBN(0x02c30ff2, 0x6f835b84), TOBN(0xb604437b, 0x0d3d38d4),
-     TOBN(0xb3fc8a98, 0x5ca1823d), TOBN(0xb82f7ec9, 0x03be0324),
-     TOBN(0xee36d761, 0xcf684a33), TOBN(0x5a01df0e, 0x9f29bf7d),
-     TOBN(0x686202f3, 0x1306583d), TOBN(0x05b10da0, 0x437c622e),
-     TOBN(0xbf9aaa0f, 0x076a7bc8), TOBN(0x25e94efb, 0x8f8f4e43),
-     TOBN(0x8a35c9b7, 0xfa3dc26d), TOBN(0xe0e5fb93, 0x96ff03c5),
-     TOBN(0xa77e3843, 0xebc394ce), TOBN(0xcede6595, 0x8361de60),
-     TOBN(0xd27c22f6, 0xa1993545), TOBN(0xab01cc36, 0x24d671ba),
-     TOBN(0x63fa2877, 0xa169c28e), TOBN(0x925ef904, 0x2eb08376),
-     TOBN(0x3b2fa3cf, 0x53aa0b32), TOBN(0xb27beb5b, 0x71c49d7a),
-     TOBN(0xb60e1834, 0xd105e27f), TOBN(0xd6089788, 0x4f68570d),
-     TOBN(0x23094ce0, 0xd6fbc2ac), TOBN(0x738037a1, 0x815ff551),
-     TOBN(0xda73b1bb, 0x6bef119c), TOBN(0xdcf6c430, 0xeef506ba),
-     TOBN(0x00e4fe7b, 0xe3ef104a), TOBN(0xebdd9a2c, 0x0a065628),
-     TOBN(0x853a81c3, 0x8792043e), TOBN(0x22ad6ece, 0xb3b59108),
-     TOBN(0x9fb813c0, 0x39cd297d), TOBN(0x8ec7e16e, 0x05bda5d9),
-     TOBN(0x2834797c, 0x0d104b96), TOBN(0xcc11a2e7, 0x7c511510),
-     TOBN(0x96ca5a53, 0x96ee6380), TOBN(0x054c8655, 0xcea38742),
-     TOBN(0xb5946852, 0xd54dfa7d), TOBN(0x97c422e7, 0x1f4ab207),
-     TOBN(0xbf907509, 0x0c22b540), TOBN(0x2cde42aa, 0xb7c267d4),
-     TOBN(0xba18f9ed, 0x5ab0d693), TOBN(0x3ba62aa6, 0x6e4660d9),
-     TOBN(0xb24bf97b, 0xab9ea96a), TOBN(0x5d039642, 0xe3b60e32),
-     TOBN(0x4e6a4506, 0x7c4d9bd5), TOBN(0x666c5b9e, 0x7ed4a6a4),
-     TOBN(0xfa3fdcd9, 0x8edbd7cc), TOBN(0x4660bb87, 0xc6ccd753),
-     TOBN(0x9ae90820, 0x21e6b64f), TOBN(0x8a56a713, 0xb36bfb3f),
-     TOBN(0xabfce096, 0x5726d47f), TOBN(0x9eed01b2, 0x0b1a9a7f),
-     TOBN(0x30e9cad4, 0x4eb74a37), TOBN(0x7b2524cc, 0x53e9666d),
-     TOBN(0x6a29683b, 0x8f4b002f), TOBN(0xc2200d7a, 0x41f4fc20),
-     TOBN(0xcf3af47a, 0x3a338acc), TOBN(0x6539a4fb, 0xe7128975),
-     TOBN(0xcec31c14, 0xc33c7fcf), TOBN(0x7eb6799b, 0xc7be322b),
-     TOBN(0x119ef4e9, 0x6646f623), TOBN(0x7b7a26a5, 0x54d7299b),
-     TOBN(0xcb37f08d, 0x403f46f2), TOBN(0x94b8fc43, 0x1a0ec0c7),
-     TOBN(0xbb8514e3, 0xc332142f), TOBN(0xf3ed2c33, 0xe80d2a7a),
-     TOBN(0x8d2080af, 0xb639126c), TOBN(0xf7b6be60, 0xe3553ade),
-     TOBN(0x3950aa9f, 0x1c7e2b09), TOBN(0x847ff958, 0x6410f02b),
-     TOBN(0x877b7cf5, 0x678a31b0), TOBN(0xd50301ae, 0x3998b620),
-     TOBN(0x734257c5, 0xc00fb396), TOBN(0xf9fb18a0, 0x04e672a6),
-     TOBN(0xff8bd8eb, 0xe8758851), TOBN(0x1e64e4c6, 0x5d99ba44),
-     TOBN(0x4b8eaedf, 0x7dfd93b7), TOBN(0xba2f2a98, 0x04e76b8c),
-     TOBN(0x7d790cba, 0xe8053433), TOBN(0xc8e725a0, 0x3d2c9585),
-     TOBN(0x58c5c476, 0xcdd8f5ed), TOBN(0xd106b952, 0xefa9fe1d),
-     TOBN(0x3c5c775b, 0x0eff13a9), TOBN(0x242442ba, 0xe057b930),
-     TOBN(0xe9f458d4, 0xc9b70cbd), TOBN(0x69b71448, 0xa3cdb89a),
-     TOBN(0x41ee46f6, 0x0e2ed742), TOBN(0x573f1045, 0x40067493),
-     TOBN(0xb1e154ff, 0x9d54c304), TOBN(0x2ad0436a, 0x8d3a7502),
-     TOBN(0xee4aaa2d, 0x431a8121), TOBN(0xcd38b3ab, 0x886f11ed),
-     TOBN(0x57d49ea6, 0x034a0eb7), TOBN(0xd2b773bd, 0xf7e85e58),
-     TOBN(0x4a559ac4, 0x9b5c1f14), TOBN(0xc444be1a, 0x3e54df2b),
-     TOBN(0x13aad704, 0xeda41891), TOBN(0xcd927bec, 0x5eb5c788),
-     TOBN(0xeb3c8516, 0xe48c8a34), TOBN(0x1b7ac812, 0x4b546669),
-     TOBN(0x1815f896, 0x594df8ec), TOBN(0x87c6a79c, 0x79227865),
-     TOBN(0xae02a2f0, 0x9b56ddbd), TOBN(0x1339b5ac, 0x8a2f1cf3),
-     TOBN(0xf2b569c7, 0x839dff0d), TOBN(0xb0b9e864, 0xfee9a43d),
-     TOBN(0x4ff8ca41, 0x77bb064e), TOBN(0x145a2812, 0xfd249f63),
-     TOBN(0x3ab7beac, 0xf86f689a), TOBN(0x9bafec27, 0x01d35f5e),
-     TOBN(0x28054c65, 0x4265aa91), TOBN(0xa4b18304, 0x035efe42),
-     TOBN(0x6887b0e6, 0x9639dec7), TOBN(0xf4b8f6ad, 0x3d52aea5),
-     TOBN(0xfb9293cc, 0x971a8a13), TOBN(0x3f159e5d, 0x4c934d07),
-     TOBN(0x2c50e9b1, 0x09acbc29), TOBN(0x08eb65e6, 0x7154d129),
-     TOBN(0x4feff589, 0x30b75c3e), TOBN(0x0bb82fe2, 0x94491c93),
-     TOBN(0xd8ac377a, 0x89af62bb), TOBN(0xd7b51490, 0x9685e49f),
-     TOBN(0xabca9a7b, 0x04497f19), TOBN(0x1b35ed0a, 0x1a7ad13f),
-     TOBN(0x6b601e21, 0x3ec86ed6), TOBN(0xda91fcb9, 0xce0c76f1),
-     TOBN(0x9e28507b, 0xd7ab27e1), TOBN(0x7c19a555, 0x63945b7b),
-     TOBN(0x6b43f0a1, 0xaafc9827), TOBN(0x443b4fbd, 0x3aa55b91),
-     TOBN(0x962b2e65, 0x6962c88f), TOBN(0x139da8d4, 0xce0db0ca),
-     TOBN(0xb93f05dd, 0x1b8d6c4f), TOBN(0x779cdff7, 0x180b9824),
-     TOBN(0xbba23fdd, 0xae57c7b7), TOBN(0x345342f2, 0x1b932522),
-     TOBN(0xfd9c80fe, 0x556d4aa3), TOBN(0xa03907ba, 0x6525bb61),
-     TOBN(0x38b010e1, 0xff218933), TOBN(0xc066b654, 0xaa52117b),
-     TOBN(0x8e141920, 0x94f2e6ea), TOBN(0x66a27dca, 0x0d32f2b2),
-     TOBN(0x69c7f993, 0x048b3717), TOBN(0xbf5a989a, 0xb178ae1c),
-     TOBN(0x49fa9058, 0x564f1d6b), TOBN(0x27ec6e15, 0xd31fde4e),
-     TOBN(0x4cce0373, 0x7276e7fc), TOBN(0x64086d79, 0x89d6bf02),
-     TOBN(0x5a72f046, 0x4ccdd979), TOBN(0x909c3566, 0x47775631),
-     TOBN(0x1c07bc6b, 0x75dd7125), TOBN(0xb4c6bc97, 0x87a0428d),
-     TOBN(0x507ece52, 0xfdeb6b9d), TOBN(0xfca56512, 0xb2c95432),
-     TOBN(0x15d97181, 0xd0e8bd06), TOBN(0x384dd317, 0xc6bb46ea),
-     TOBN(0x5441ea20, 0x3952b624), TOBN(0xbcf70dee, 0x4e7dc2fb),
-     TOBN(0x372b016e, 0x6628e8c3), TOBN(0x07a0d667, 0xb60a7522),
-     TOBN(0xcf05751b, 0x0a344ee2), TOBN(0x0ec09a48, 0x118bdeec),
-     TOBN(0x6e4b3d4e, 0xd83dce46), TOBN(0x43a6316d, 0x99d2fc6e),
-     TOBN(0xa99d8989, 0x56cf044c), TOBN(0x7c7f4454, 0xae3e5fb7),
-     TOBN(0xb2e6b121, 0xfbabbe92), TOBN(0x281850fb, 0xe1330076),
-     TOBN(0x093581ec, 0x97890015), TOBN(0x69b1dded, 0x75ff77f5),
-     TOBN(0x7cf0b18f, 0xab105105), TOBN(0x953ced31, 0xa89ccfef),
-     TOBN(0x3151f85f, 0xeb914009), TOBN(0x3c9f1b87, 0x88ed48ad),
-     TOBN(0xc9aba1a1, 0x4a7eadcb), TOBN(0x928e7501, 0x522e71cf),
-     TOBN(0xeaede727, 0x3a2e4f83), TOBN(0x467e10d1, 0x1ce3bbd3),
-     TOBN(0xf3442ac3, 0xb955dcf0), TOBN(0xba96307d, 0xd3d5e527),
-     TOBN(0xf763a10e, 0xfd77f474), TOBN(0x5d744bd0, 0x6a6e1ff0),
-     TOBN(0xd287282a, 0xa777899e), TOBN(0xe20eda8f, 0xd03f3cde),
-     TOBN(0x6a7e75bb, 0x50b07d31), TOBN(0x0b7e2a94, 0x6f379de4),
-     TOBN(0x31cb64ad, 0x19f593cf), TOBN(0x7b1a9e4f, 0x1e76ef1d),
-     TOBN(0xe18c9c9d, 0xb62d609c), TOBN(0x439bad6d, 0xe779a650),
-     TOBN(0x219d9066, 0xe032f144), TOBN(0x1db632b8, 0xe8b2ec6a),
-     TOBN(0xff0d0fd4, 0xfda12f78), TOBN(0x56fb4c2d, 0x2a25d265),
-     TOBN(0x5f4e2ee1, 0x255a03f1), TOBN(0x61cd6af2, 0xe96af176),
-     TOBN(0xe0317ba8, 0xd068bc97), TOBN(0x927d6bab, 0x264b988e),
-     TOBN(0xa18f07e0, 0xe90fb21e), TOBN(0x00fd2b80, 0xbba7fca1),
-     TOBN(0x20387f27, 0x95cd67b5), TOBN(0x5b89a4e7, 0xd39707f7),
-     TOBN(0x8f83ad3f, 0x894407ce), TOBN(0xa0025b94, 0x6c226132),
-     TOBN(0xc79563c7, 0xf906c13b), TOBN(0x5f548f31, 0x4e7bb025),
-     TOBN(0x2b4c6b8f, 0xeac6d113), TOBN(0xa67e3f9c, 0x0e813c76),
-     TOBN(0x3982717c, 0x3fe1f4b9), TOBN(0x58865819, 0x26d8050e),
-     TOBN(0x99f3640c, 0xf7f06f20), TOBN(0xdc610216, 0x2a66ebc2),
-     TOBN(0x52f2c175, 0x767a1e08), TOBN(0x05660e1a, 0x5999871b),
-     TOBN(0x6b0f1762, 0x6d3c4693), TOBN(0xf0e7d627, 0x37ed7bea),
-     TOBN(0xc51758c7, 0xb75b226d), TOBN(0x40a88628, 0x1f91613b),
-     TOBN(0x889dbaa7, 0xbbb38ce0), TOBN(0xe0404b65, 0xbddcad81),
-     TOBN(0xfebccd3a, 0x8bc9671f), TOBN(0xfbf9a357, 0xee1f5375),
-     TOBN(0x5dc169b0, 0x28f33398), TOBN(0xb07ec11d, 0x72e90f65),
-     TOBN(0xae7f3b4a, 0xfaab1eb1), TOBN(0xd970195e, 0x5f17538a),
-     TOBN(0x52b05cbe, 0x0181e640), TOBN(0xf5debd62, 0x2643313d),
-     TOBN(0x76148154, 0x5df31f82), TOBN(0x23e03b33, 0x3a9e13c5),
-     TOBN(0xff758949, 0x4fde0c1f), TOBN(0xbf8a1abe, 0xe5b6ec20),
-     TOBN(0x702278fb, 0x87e1db6c), TOBN(0xc447ad7a, 0x35ed658f),
-     TOBN(0x48d4aa38, 0x03d0ccf2), TOBN(0x80acb338, 0x819a7c03),
-     TOBN(0x9bc7c89e, 0x6e17cecc), TOBN(0x46736b8b, 0x03be1d82),
-     TOBN(0xd65d7b60, 0xc0432f96), TOBN(0xddebe7a3, 0xdeb5442f),
-     TOBN(0x79a25307, 0x7dff69a2), TOBN(0x37a56d94, 0x02cf3122),
-     TOBN(0x8bab8aed, 0xf2350d0a), TOBN(0x13c3f276, 0x037b0d9a),
-     TOBN(0xc664957c, 0x44c65cae), TOBN(0x88b44089, 0xc2e71a88),
-     TOBN(0xdb88e5a3, 0x5cb02664), TOBN(0x5d4c0bf1, 0x8686c72e),
-     TOBN(0xea3d9b62, 0xa682d53e), TOBN(0x9b605ef4, 0x0b2ad431),
-     TOBN(0x71bac202, 0xc69645d0), TOBN(0xa115f03a, 0x6a1b66e7),
-     TOBN(0xfe2c563a, 0x158f4dc4), TOBN(0xf715b3a0, 0x4d12a78c),
-     TOBN(0x8f7f0a48, 0xd413213a), TOBN(0x2035806d, 0xc04becdb),
-     TOBN(0xecd34a99, 0x5d8587f5), TOBN(0x4d8c3079, 0x9f6d3a71),
-     TOBN(0x1b2a2a67, 0x8d95a8f6), TOBN(0xc58c9d7d, 0xf2110d0d),
-     TOBN(0xdeee81d5, 0xcf8fba3f), TOBN(0xa42be3c0, 0x0c7cdf68),
-     TOBN(0x2126f742, 0xd43b5eaa), TOBN(0x054a0766, 0xdfa59b85),
-     TOBN(0x9d0d5e36, 0x126bfd45), TOBN(0xa1f8fbd7, 0x384f8a8f),
-     TOBN(0x317680f5, 0xd563fccc), TOBN(0x48ca5055, 0xf280a928),
-     TOBN(0xe00b81b2, 0x27b578cf), TOBN(0x10aad918, 0x2994a514),
-     TOBN(0xd9e07b62, 0xb7bdc953), TOBN(0x9f0f6ff2, 0x5bc086dd),
-     TOBN(0x09d1ccff, 0x655eee77), TOBN(0x45475f79, 0x5bef7df1),
-     TOBN(0x3faa28fa, 0x86f702cc), TOBN(0x92e60905, 0x0f021f07),
-     TOBN(0xe9e62968, 0x7f8fa8c6), TOBN(0xbd71419a, 0xf036ea2c),
-     TOBN(0x171ee1cc, 0x6028da9a), TOBN(0x5352fe1a, 0xc251f573),
-     TOBN(0xf8ff236e, 0x3fa997f4), TOBN(0xd831b6c9, 0xa5749d5f),
-     TOBN(0x7c872e1d, 0xe350e2c2), TOBN(0xc56240d9, 0x1e0ce403),
-     TOBN(0xf9deb077, 0x6974f5cb), TOBN(0x7d50ba87, 0x961c3728),
-     TOBN(0xd6f89426, 0x5a3a2518), TOBN(0xcf817799, 0xc6303d43),
-     TOBN(0x510a0471, 0x619e5696), TOBN(0xab049ff6, 0x3a5e307b),
-     TOBN(0xe4cdf9b0, 0xfeb13ec7), TOBN(0xd5e97117, 0x9d8ff90c),
-     TOBN(0xf6f64d06, 0x9afa96af), TOBN(0x00d0bf5e, 0x9d2012a2),
-     TOBN(0xe63f301f, 0x358bcdc0), TOBN(0x07689e99, 0x0a9d47f8),
-     TOBN(0x1f689e2f, 0x4f43d43a), TOBN(0x4d542a16, 0x90920904),
-     TOBN(0xaea293d5, 0x9ca0a707), TOBN(0xd061fe45, 0x8ac68065),
-     TOBN(0x1033bf1b, 0x0090008c), TOBN(0x29749558, 0xc08a6db6),
-     TOBN(0x74b5fc59, 0xc1d5d034), TOBN(0xf712e9f6, 0x67e215e0),
-     TOBN(0xfd520cbd, 0x860200e6), TOBN(0x0229acb4, 0x3ea22588),
-     TOBN(0x9cd1e14c, 0xfff0c82e), TOBN(0x87684b62, 0x59c69e73),
-     TOBN(0xda85e61c, 0x96ccb989), TOBN(0x2d5dbb02, 0xa3d06493),
-     TOBN(0xf22ad33a, 0xe86b173c), TOBN(0xe8e41ea5, 0xa79ff0e3),
-     TOBN(0x01d2d725, 0xdd0d0c10), TOBN(0x31f39088, 0x032d28f9),
-     TOBN(0x7b3f71e1, 0x7829839e), TOBN(0x0cf691b4, 0x4502ae58),
-     TOBN(0xef658dbd, 0xbefc6115), TOBN(0xa5cd6ee5, 0xb3ab5314),
-     TOBN(0x206c8d7b, 0x5f1d2347), TOBN(0x794645ba, 0x4cc2253a),
-     TOBN(0xd517d8ff, 0x58389e08), TOBN(0x4fa20dee, 0x9f847288),
-     TOBN(0xeba072d8, 0xd797770a), TOBN(0x7360c91d, 0xbf429e26),
-     TOBN(0x7200a3b3, 0x80af8279), TOBN(0x6a1c9150, 0x82dadce3),
-     TOBN(0x0ee6d3a7, 0xc35d8794), TOBN(0x042e6558, 0x0356bae5),
-     TOBN(0x9f59698d, 0x643322fd), TOBN(0x9379ae15, 0x50a61967),
-     TOBN(0x64b9ae62, 0xfcc9981e), TOBN(0xaed3d631, 0x6d2934c6),
-     TOBN(0x2454b302, 0x5e4e65eb), TOBN(0xab09f647, 0xf9950428)}
-    ,
-    {TOBN(0xb2083a12, 0x22248acc), TOBN(0x1f6ec0ef, 0x3264e366),
-     TOBN(0x5659b704, 0x5afdee28), TOBN(0x7a823a40, 0xe6430bb5),
-     TOBN(0x24592a04, 0xe1900a79), TOBN(0xcde09d4a, 0xc9ee6576),
-     TOBN(0x52b6463f, 0x4b5ea54a), TOBN(0x1efe9ed3, 0xd3ca65a7),
-     TOBN(0xe27a6dbe, 0x305406dd), TOBN(0x8eb7dc7f, 0xdd5d1957),
-     TOBN(0xf54a6876, 0x387d4d8f), TOBN(0x9c479409, 0xc7762de4),
-     TOBN(0xbe4d5b5d, 0x99b30778), TOBN(0x25380c56, 0x6e793682),
-     TOBN(0x602d37f3, 0xdac740e3), TOBN(0x140deabe, 0x1566e4ae),
-     TOBN(0x4481d067, 0xafd32acf), TOBN(0xd8f0fcca, 0xe1f71ccf),
-     TOBN(0xd208dd0c, 0xb596f2da), TOBN(0xd049d730, 0x9aad93f9),
-     TOBN(0xc79f263d, 0x42ab580e), TOBN(0x09411bb1, 0x23f707b4),
-     TOBN(0x8cfde1ff, 0x835e0eda), TOBN(0x72707490, 0x90f03402),
-     TOBN(0xeaee6126, 0xc49a861e), TOBN(0x024f3b65, 0xe14f0d06),
-     TOBN(0x51a3f1e8, 0xc69bfc17), TOBN(0xc3c3a8e9, 0xa7686381),
-     TOBN(0x3400752c, 0xb103d4c8), TOBN(0x02bc4613, 0x9218b36b),
-     TOBN(0xc67f75eb, 0x7651504a), TOBN(0xd6848b56, 0xd02aebfa),
-     TOBN(0xbd9802e6, 0xc30fa92b), TOBN(0x5a70d96d, 0x9a552784),
-     TOBN(0x9085c4ea, 0x3f83169b), TOBN(0xfa9423bb, 0x06908228),
-     TOBN(0x2ffebe12, 0xfe97a5b9), TOBN(0x85da6049, 0x71b99118),
-     TOBN(0x9cbc2f7f, 0x63178846), TOBN(0xfd96bc70, 0x9153218e),
-     TOBN(0x958381db, 0x1782269b), TOBN(0xae34bf79, 0x2597e550),
-     TOBN(0xbb5c6064, 0x5f385153), TOBN(0x6f0e96af, 0xe3088048),
-     TOBN(0xbf6a0215, 0x77884456), TOBN(0xb3b5688c, 0x69310ea7),
-     TOBN(0x17c94295, 0x04fad2de), TOBN(0xe020f0e5, 0x17896d4d),
-     TOBN(0x730ba0ab, 0x0976505f), TOBN(0x567f6813, 0x095e2ec5),
-     TOBN(0x47062010, 0x6331ab71), TOBN(0x72cfa977, 0x41d22b9f),
-     TOBN(0x33e55ead, 0x8a2373da), TOBN(0xa8d0d5f4, 0x7ba45a68),
-     TOBN(0xba1d8f9c, 0x03029d15), TOBN(0x8f34f1cc, 0xfc55b9f3),
-     TOBN(0xcca4428d, 0xbbe5a1a9), TOBN(0x8187fd5f, 0x3126bd67),
-     TOBN(0x0036973a, 0x48105826), TOBN(0xa39b6663, 0xb8bd61a0),
-     TOBN(0x6d42deef, 0x2d65a808), TOBN(0x4969044f, 0x94636b19),
-     TOBN(0xf611ee47, 0xdd5d564c), TOBN(0x7b2f3a49, 0xd2873077),
-     TOBN(0x94157d45, 0x300eb294), TOBN(0x2b2a656e, 0x169c1494),
-     TOBN(0xc000dd76, 0xd3a47aa9), TOBN(0xa2864e4f, 0xa6243ea4),
-     TOBN(0x82716c47, 0xdb89842e), TOBN(0x12dfd7d7, 0x61479fb7),
-     TOBN(0x3b9a2c56, 0xe0b2f6dc), TOBN(0x46be862a, 0xd7f85d67),
-     TOBN(0x03b0d8dd, 0x0f82b214), TOBN(0x460c34f9, 0xf103cbc6),
-     TOBN(0xf32e5c03, 0x18d79e19), TOBN(0x8b8888ba, 0xa84117f8),
-     TOBN(0x8f3c37dc, 0xc0722677), TOBN(0x10d21be9, 0x1c1c0f27),
-     TOBN(0xd47c8468, 0xe0f7a0c6), TOBN(0x9bf02213, 0xadecc0e0),
-     TOBN(0x0baa7d12, 0x42b48b99), TOBN(0x1bcb665d, 0x48424096),
-     TOBN(0x8b847cd6, 0xebfb5cfb), TOBN(0x87c2ae56, 0x9ad4d10d),
-     TOBN(0xf1cbb122, 0x0de36726), TOBN(0xe7043c68, 0x3fdfbd21),
-     TOBN(0x4bd0826a, 0x4e79d460), TOBN(0x11f5e598, 0x4bd1a2cb),
-     TOBN(0x97554160, 0xb7fe7b6e), TOBN(0x7d16189a, 0x400a3fb2),
-     TOBN(0xd73e9bea, 0xe328ca1e), TOBN(0x0dd04b97, 0xe793d8cc),
-     TOBN(0xa9c83c9b, 0x506db8cc), TOBN(0x5cd47aae, 0xcf38814c),
-     TOBN(0x26fc430d, 0xb64b45e6), TOBN(0x079b5499, 0xd818ea84),
-     TOBN(0xebb01102, 0xc1c24a3b), TOBN(0xca24e568, 0x1c161c1a),
-     TOBN(0x103eea69, 0x36f00a4a), TOBN(0x9ad76ee8, 0x76176c7b),
-     TOBN(0x97451fc2, 0x538e0ff7), TOBN(0x94f89809, 0x6604b3b0),
-     TOBN(0x6311436e, 0x3249cfd7), TOBN(0x27b4a7bd, 0x41224f69),
-     TOBN(0x03b5d21a, 0xe0ac2941), TOBN(0x279b0254, 0xc2d31937),
-     TOBN(0x3307c052, 0xcac992d0), TOBN(0x6aa7cb92, 0xefa8b1f3),
-     TOBN(0x5a182580, 0x0d37c7a5), TOBN(0x13380c37, 0x342d5422),
-     TOBN(0x92ac2d66, 0xd5d2ef92), TOBN(0x035a70c9, 0x030c63c6),
-     TOBN(0xc16025dd, 0x4ce4f152), TOBN(0x1f419a71, 0xf9df7c06),
-     TOBN(0x6d5b2214, 0x91e4bb14), TOBN(0xfc43c6cc, 0x839fb4ce),
-     TOBN(0x49f06591, 0x925d6b2d), TOBN(0x4b37d9d3, 0x62186598),
-     TOBN(0x8c54a971, 0xd01b1629), TOBN(0xe1a9c29f, 0x51d50e05),
-     TOBN(0x5109b785, 0x71ba1861), TOBN(0x48b22d5c, 0xd0c8f93d),
-     TOBN(0xe8fa84a7, 0x8633bb93), TOBN(0x53fba6ba, 0x5aebbd08),
-     TOBN(0x7ff27df3, 0xe5eea7d8), TOBN(0x521c8796, 0x68ca7158),
-     TOBN(0xb9d5133b, 0xce6f1a05), TOBN(0x2d50cd53, 0xfd0ebee4),
-     TOBN(0xc82115d6, 0xc5a3ef16), TOBN(0x993eff9d, 0xba079221),
-     TOBN(0xe4da2c5e, 0x4b5da81c), TOBN(0x9a89dbdb, 0x8033fd85),
-     TOBN(0x60819ebf, 0x2b892891), TOBN(0x53902b21, 0x5d14a4d5),
-     TOBN(0x6ac35051, 0xd7fda421), TOBN(0xcc6ab885, 0x61c83284),
-     TOBN(0x14eba133, 0xf74cff17), TOBN(0x240aaa03, 0xecb813f2),
-     TOBN(0xcfbb6540, 0x6f665bee), TOBN(0x084b1fe4, 0xa425ad73),
-     TOBN(0x009d5d16, 0xd081f6a6), TOBN(0x35304fe8, 0xeef82c90),
-     TOBN(0xf20346d5, 0xaa9eaa22), TOBN(0x0ada9f07, 0xac1c91e3),
-     TOBN(0xa6e21678, 0x968a6144), TOBN(0x54c1f77c, 0x07b31a1e),
-     TOBN(0xd6bb787e, 0x5781fbe1), TOBN(0x61bd2ee0, 0xe31f1c4a),
-     TOBN(0xf25aa1e9, 0x781105fc), TOBN(0x9cf2971f, 0x7b2f8e80),
-     TOBN(0x26d15412, 0xcdff919b), TOBN(0x01db4ebe, 0x34bc896e),
-     TOBN(0x7d9b3e23, 0xb40df1cf), TOBN(0x59337373, 0x94e971b4),
-     TOBN(0xbf57bd14, 0x669cf921), TOBN(0x865daedf, 0x0c1a1064),
-     TOBN(0x3eb70bd3, 0x83279125), TOBN(0xbc3d5b9f, 0x34ecdaab),
-     TOBN(0x91e3ed7e, 0x5f755caf), TOBN(0x49699f54, 0xd41e6f02),
-     TOBN(0x185770e1, 0xd4a7a15b), TOBN(0x08f3587a, 0xeaac87e7),
-     TOBN(0x352018db, 0x473133ea), TOBN(0x674ce719, 0x04fd30fc),
-     TOBN(0x7b8d9835, 0x088b3e0e), TOBN(0x7a0356a9, 0x5d0d47a1),
-     TOBN(0x9d9e7659, 0x6474a3c4), TOBN(0x61ea48a7, 0xff66966c),
-     TOBN(0x30417758, 0x0f3e4834), TOBN(0xfdbb21c2, 0x17a9afcb),
-     TOBN(0x756fa17f, 0x2f9a67b3), TOBN(0x2a6b2421, 0xa245c1a8),
-     TOBN(0x64be2794, 0x4af02291), TOBN(0xade465c6, 0x2a5804fe),
-     TOBN(0x8dffbd39, 0xa6f08fd7), TOBN(0xc4efa84c, 0xaa14403b),
-     TOBN(0xa1b91b2a, 0x442b0f5c), TOBN(0xb748e317, 0xcf997736),
-     TOBN(0x8d1b62bf, 0xcee90e16), TOBN(0x907ae271, 0x0b2078c0),
-     TOBN(0xdf31534b, 0x0c9bcddd), TOBN(0x043fb054, 0x39adce83),
-     TOBN(0x99031043, 0xd826846a), TOBN(0x61a9c0d6, 0xb144f393),
-     TOBN(0xdab48046, 0x47718427), TOBN(0xdf17ff9b, 0x6e830f8b),
-     TOBN(0x408d7ee8, 0xe49a1347), TOBN(0x6ac71e23, 0x91c1d4ae),
-     TOBN(0xc8cbb9fd, 0x1defd73c), TOBN(0x19840657, 0xbbbbfec5),
-     TOBN(0x39db1cb5, 0x9e7ef8ea), TOBN(0x78aa8296, 0x64105f30),
-     TOBN(0xa3d9b7f0, 0xa3738c29), TOBN(0x0a2f235a, 0xbc3250a3),
-     TOBN(0x55e506f6, 0x445e4caf), TOBN(0x0974f73d, 0x33475f7a),
-     TOBN(0xd37dbba3, 0x5ba2f5a8), TOBN(0x542c6e63, 0x6af40066),
-     TOBN(0x26d99b53, 0xc5d73e2c), TOBN(0x06060d7d, 0x6c3ca33e),
-     TOBN(0xcdbef1c2, 0x065fef4a), TOBN(0x77e60f7d, 0xfd5b92e3),
-     TOBN(0xd7c549f0, 0x26708350), TOBN(0x201b3ad0, 0x34f121bf),
-     TOBN(0x5fcac2a1, 0x0334fc14), TOBN(0x8a9a9e09, 0x344552f6),
-     TOBN(0x7dd8a1d3, 0x97653082), TOBN(0x5fc0738f, 0x79d4f289),
-     TOBN(0x787d244d, 0x17d2d8c3), TOBN(0xeffc6345, 0x70830684),
-     TOBN(0x5ddb96dd, 0xe4f73ae5), TOBN(0x8efb14b1, 0x172549a5),
-     TOBN(0x6eb73eee, 0x2245ae7a), TOBN(0xbca4061e, 0xea11f13e),
-     TOBN(0xb577421d, 0x30b01f5d), TOBN(0xaa688b24, 0x782e152c),
-     TOBN(0x67608e71, 0xbd3502ba), TOBN(0x4ef41f24, 0xb4de75a0),
-     TOBN(0xb08dde5e, 0xfd6125e5), TOBN(0xde484825, 0xa409543f),
-     TOBN(0x1f198d98, 0x65cc2295), TOBN(0x428a3771, 0x6e0edfa2),
-     TOBN(0x4f9697a2, 0xadf35fc7), TOBN(0x01a43c79, 0xf7cac3c7),
-     TOBN(0xb05d7059, 0x0fd3659a), TOBN(0x8927f30c, 0xbb7f2d9a),
-     TOBN(0x4023d1ac, 0x8cf984d3), TOBN(0x32125ed3, 0x02897a45),
-     TOBN(0xfb572dad, 0x3d414205), TOBN(0x73000ef2, 0xe3fa82a9),
-     TOBN(0x4c0868e9, 0xf10a5581), TOBN(0x5b61fc67, 0x6b0b3ca5),
-     TOBN(0xc1258d5b, 0x7cae440c), TOBN(0x21c08b41, 0x402b7531),
-     TOBN(0xf61a8955, 0xde932321), TOBN(0x3568faf8, 0x2d1408af),
-     TOBN(0x71b15e99, 0x9ecf965b), TOBN(0xf14ed248, 0xe917276f),
-     TOBN(0xc6f4caa1, 0x820cf9e2), TOBN(0x681b20b2, 0x18d83c7e),
-     TOBN(0x6cde738d, 0xc6c01120), TOBN(0x71db0813, 0xae70e0db),
-     TOBN(0x95fc0644, 0x74afe18c), TOBN(0x34619053, 0x129e2be7),
-     TOBN(0x80615cea, 0xdb2a3b15), TOBN(0x0a49a19e, 0xdb4c7073),
-     TOBN(0x0e1b84c8, 0x8fd2d367), TOBN(0xd74bf462, 0x033fb8aa),
-     TOBN(0x889f6d65, 0x533ef217), TOBN(0x7158c7e4, 0xc3ca2e87),
-     TOBN(0xfb670dfb, 0xdc2b4167), TOBN(0x75910a01, 0x844c257f),
-     TOBN(0xf336bf07, 0xcf88577d), TOBN(0x22245250, 0xe45e2ace),
-     TOBN(0x2ed92e8d, 0x7ca23d85), TOBN(0x29f8be4c, 0x2b812f58),
-     TOBN(0xdd9ebaa7, 0x076fe12b), TOBN(0x3f2400cb, 0xae1537f9),
-     TOBN(0x1aa93528, 0x17bdfb46), TOBN(0xc0f98430, 0x67883b41),
-     TOBN(0x5590ede1, 0x0170911d), TOBN(0x7562f5bb, 0x34d4b17f),
-     TOBN(0xe1fa1df2, 0x1826b8d2), TOBN(0xb40b796a, 0x6bd80d59),
-     TOBN(0xd65bf197, 0x3467ba92), TOBN(0x8c9b46db, 0xf70954b0),
-     TOBN(0x97c8a0f3, 0x0e78f15d), TOBN(0xa8f3a69a, 0x85a4c961),
-     TOBN(0x4242660f, 0x61e4ce9b), TOBN(0xbf06aab3, 0x6ea6790c),
-     TOBN(0xc6706f8e, 0xec986416), TOBN(0x9e56dec1, 0x9a9fc225),
-     TOBN(0x527c46f4, 0x9a9898d9), TOBN(0xd799e77b, 0x5633cdef),
-     TOBN(0x24eacc16, 0x7d9e4297), TOBN(0xabb61cea, 0x6b1cb734),
-     TOBN(0xbee2e8a7, 0xf778443c), TOBN(0x3bb42bf1, 0x29de2fe6),
-     TOBN(0xcbed86a1, 0x3003bb6f), TOBN(0xd3918e6c, 0xd781cdf6),
-     TOBN(0x4bee3271, 0x9a5103f1), TOBN(0x5243efc6, 0xf50eac06),
-     TOBN(0xb8e122cb, 0x6adcc119), TOBN(0x1b7faa84, 0xc0b80a08),
-     TOBN(0x32c3d1bd, 0x6dfcd08c), TOBN(0x129dec4e, 0x0be427de),
-     TOBN(0x98ab679c, 0x1d263c83), TOBN(0xafc83cb7, 0xcef64eff),
-     TOBN(0x85eb6088, 0x2fa6be76), TOBN(0x892585fb, 0x1328cbfe),
-     TOBN(0xc154d3ed, 0xcf618dda), TOBN(0xc44f601b, 0x3abaf26e),
-     TOBN(0x7bf57d0b, 0x2be1fdfd), TOBN(0xa833bd2d, 0x21137fee),
-     TOBN(0x9353af36, 0x2db591a8), TOBN(0xc76f26dc, 0x5562a056),
-     TOBN(0x1d87e47d, 0x3fdf5a51), TOBN(0x7afb5f93, 0x55c9cab0),
-     TOBN(0x91bbf58f, 0x89e0586e), TOBN(0x7c72c018, 0x0d843709),
-     TOBN(0xa9a5aafb, 0x99b5c3dc), TOBN(0xa48a0f1d, 0x3844aeb0),
-     TOBN(0x7178b7dd, 0xb667e482), TOBN(0x453985e9, 0x6e23a59a),
-     TOBN(0x4a54c860, 0x01b25dd8), TOBN(0x0dd37f48, 0xfb897c8a),
-     TOBN(0x5f8aa610, 0x0ea90cd9), TOBN(0xc8892c68, 0x16d5830d),
-     TOBN(0xeb4befc0, 0xef514ca5), TOBN(0x478eb679, 0xe72c9ee6),
-     TOBN(0x9bca20da, 0xdbc40d5f), TOBN(0xf015de21, 0xdde4f64a),
-     TOBN(0xaa6a4de0, 0xeaf4b8a5), TOBN(0x68cfd9ca, 0x4bc60e32),
-     TOBN(0x668a4b01, 0x7fd15e70), TOBN(0xd9f0694a, 0xf27dc09d),
-     TOBN(0xf6c3cad5, 0xba708bcd), TOBN(0x5cd2ba69, 0x5bb95c2a),
-     TOBN(0xaa28c1d3, 0x33c0a58f), TOBN(0x23e274e3, 0xabc77870),
-     TOBN(0x44c3692d, 0xdfd20a4a), TOBN(0x091c5fd3, 0x81a66653),
-     TOBN(0x6c0bb691, 0x09a0757d), TOBN(0x9072e8b9, 0x667343ea),
-     TOBN(0x31d40eb0, 0x80848bec), TOBN(0x95bd480a, 0x79fd36cc),
-     TOBN(0x01a77c61, 0x65ed43f5), TOBN(0xafccd127, 0x2e0d40bf),
-     TOBN(0xeccfc82d, 0x1cc1884b), TOBN(0xc85ac201, 0x5d4753b4),
-     TOBN(0xc7a6caac, 0x658e099f), TOBN(0xcf46369e, 0x04b27390),
-     TOBN(0xe2e7d049, 0x506467ea), TOBN(0x481b63a2, 0x37cdeccc),
-     TOBN(0x4029abd8, 0xed80143a), TOBN(0x28bfe3c7, 0xbcb00b88),
-     TOBN(0x3bec1009, 0x0643d84a), TOBN(0x885f3668, 0xabd11041),
-     TOBN(0xdb02432c, 0xf83a34d6), TOBN(0x32f7b360, 0x719ceebe),
-     TOBN(0xf06c7837, 0xdad1fe7a), TOBN(0x60a157a9, 0x5441a0b0),
-     TOBN(0x704970e9, 0xe2d47550), TOBN(0xcd2bd553, 0x271b9020),
-     TOBN(0xff57f82f, 0x33e24a0b), TOBN(0x9cbee23f, 0xf2565079),
-     TOBN(0x16353427, 0xeb5f5825), TOBN(0x276feec4, 0xe948d662),
-     TOBN(0xd1b62bc6, 0xda10032b), TOBN(0x718351dd, 0xf0e72a53),
-     TOBN(0x93452076, 0x2420e7ba), TOBN(0x96368fff, 0x3a00118d),
-     TOBN(0x00ce2d26, 0x150a49e4), TOBN(0x0c28b636, 0x3f04706b),
-     TOBN(0xbad65a46, 0x58b196d0), TOBN(0x6c8455fc, 0xec9f8b7c),
-     TOBN(0xe90c895f, 0x2d71867e), TOBN(0x5c0be31b, 0xedf9f38c),
-     TOBN(0x2a37a15e, 0xd8f6ec04), TOBN(0x239639e7, 0x8cd85251),
-     TOBN(0xd8975315, 0x9c7c4c6b), TOBN(0x603aa3c0, 0xd7409af7),
-     TOBN(0xb8d53d0c, 0x007132fb), TOBN(0x68d12af7, 0xa6849238),
-     TOBN(0xbe0607e7, 0xbf5d9279), TOBN(0x9aa50055, 0xaada74ce),
-     TOBN(0xe81079cb, 0xba7e8ccb), TOBN(0x610c71d1, 0xa5f4ff5e),
-     TOBN(0x9e2ee1a7, 0x5aa07093), TOBN(0xca84004b, 0xa75da47c),
-     TOBN(0x074d3951, 0x3de75401), TOBN(0xf938f756, 0xbb311592),
-     TOBN(0x96197618, 0x00a43421), TOBN(0x39a25362, 0x07bc78c8),
-     TOBN(0x278f710a, 0x0a171276), TOBN(0xb28446ea, 0x8d1a8f08),
-     TOBN(0x184781bf, 0xe3b6a661), TOBN(0x7751cb1d, 0xe6d279f7),
-     TOBN(0xf8ff95d6, 0xc59eb662), TOBN(0x186d90b7, 0x58d3dea7),
-     TOBN(0x0e4bb6c1, 0xdfb4f754), TOBN(0x5c5cf56b, 0x2b2801dc),
-     TOBN(0xc561e452, 0x1f54564d), TOBN(0xb4fb8c60, 0xf0dd7f13),
-     TOBN(0xf8849630, 0x33ff98c7), TOBN(0x9619fffa, 0xcf17769c),
-     TOBN(0xf8090bf6, 0x1bfdd80a), TOBN(0x14d9a149, 0x422cfe63),
-     TOBN(0xb354c360, 0x6f6df9ea), TOBN(0xdbcf770d, 0x218f17ea),
-     TOBN(0x207db7c8, 0x79eb3480), TOBN(0x213dbda8, 0x559b6a26),
-     TOBN(0xac4c200b, 0x29fc81b3), TOBN(0xebc3e09f, 0x171d87c1),
-     TOBN(0x91799530, 0x1481aa9e), TOBN(0x051b92e1, 0x92e114fa),
-     TOBN(0xdf8f92e9, 0xecb5537f), TOBN(0x44b1b2cc, 0x290c7483),
-     TOBN(0xa711455a, 0x2adeb016), TOBN(0x964b6856, 0x81a10c2c),
-     TOBN(0x4f159d99, 0xcec03623), TOBN(0x05532225, 0xef3271ea),
-     TOBN(0xb231bea3, 0xc5ee4849), TOBN(0x57a54f50, 0x7094f103),
-     TOBN(0x3e2d421d, 0x9598b352), TOBN(0xe865a49c, 0x67412ab4),
-     TOBN(0xd2998a25, 0x1cc3a912), TOBN(0x5d092808, 0x0c74d65d),
-     TOBN(0x73f45908, 0x4088567a), TOBN(0xeb6b280e, 0x1f214a61),
-     TOBN(0x8c9adc34, 0xcaf0c13d), TOBN(0x39d12938, 0xf561fb80),
-     TOBN(0xb2dc3a5e, 0xbc6edfb4), TOBN(0x7485b1b1, 0xfe4d210e),
-     TOBN(0x062e0400, 0xe186ae72), TOBN(0x91e32d5c, 0x6eeb3b88),
-     TOBN(0x6df574d7, 0x4be59224), TOBN(0xebc88ccc, 0x716d55f3),
-     TOBN(0x26c2e6d0, 0xcad6ed33), TOBN(0xc6e21e7d, 0x0d3e8b10),
-     TOBN(0x2cc5840e, 0x5bcc36bb), TOBN(0x9292445e, 0x7da74f69),
-     TOBN(0x8be8d321, 0x4e5193a8), TOBN(0x3ec23629, 0x8df06413),
-     TOBN(0xc7e9ae85, 0xb134defa), TOBN(0x6073b1d0, 0x1bb2d475),
-     TOBN(0xb9ad615e, 0x2863c00d), TOBN(0x9e29493d, 0x525f4ac4),
-     TOBN(0xc32b1dea, 0x4e9acf4f), TOBN(0x3e1f01c8, 0xa50db88d),
-     TOBN(0xb05d70ea, 0x04da916c), TOBN(0x714b0d0a, 0xd865803e),
-     TOBN(0x4bd493fc, 0x9920cb5e), TOBN(0x5b44b1f7, 0x92c7a3ac),
-     TOBN(0xa2a77293, 0xbcec9235), TOBN(0x5ee06e87, 0xcd378553),
-     TOBN(0xceff8173, 0xda621607), TOBN(0x2bb03e4c, 0x99f5d290),
-     TOBN(0x2945106a, 0xa6f734ac), TOBN(0xb5056604, 0xd25c4732),
-     TOBN(0x5945920c, 0xe079afee), TOBN(0x686e17a0, 0x6789831f),
-     TOBN(0x5966bee8, 0xb74a5ae5), TOBN(0x38a673a2, 0x1e258d46),
-     TOBN(0xbd1cc1f2, 0x83141c95), TOBN(0x3b2ecf4f, 0x0e96e486),
-     TOBN(0xcd3aa896, 0x74e5fc78), TOBN(0x415ec10c, 0x2482fa7a),
-     TOBN(0x15234419, 0x80503380), TOBN(0x513d917a, 0xd314b392),
-     TOBN(0xb0b52f4e, 0x63caecae), TOBN(0x07bf22ad, 0x2dc7780b),
-     TOBN(0xe761e8a1, 0xe4306839), TOBN(0x1b3be962, 0x5dd7feaa),
-     TOBN(0x4fe728de, 0x74c778f1), TOBN(0xf1fa0bda, 0x5e0070f6),
-     TOBN(0x85205a31, 0x6ec3f510), TOBN(0x2c7e4a14, 0xd2980475),
-     TOBN(0xde3c19c0, 0x6f30ebfd), TOBN(0xdb1c1f38, 0xd4b7e644),
-     TOBN(0xfe291a75, 0x5dce364a), TOBN(0xb7b22a3c, 0x058f5be3),
-     TOBN(0x2cd2c302, 0x37fea38c), TOBN(0x2930967a, 0x2e17be17),
-     TOBN(0x87f009de, 0x0c061c65), TOBN(0xcb014aac, 0xedc6ed44),
-     TOBN(0x49bd1cb4, 0x3bafb1eb), TOBN(0x81bd8b5c, 0x282d3688),
-     TOBN(0x1cdab87e, 0xf01a17af), TOBN(0x21f37ac4, 0xe710063b),
-     TOBN(0x5a6c5676, 0x42fc8193), TOBN(0xf4753e70, 0x56a6015c),
-     TOBN(0x020f795e, 0xa15b0a44), TOBN(0x8f37c8d7, 0x8958a958),
-     TOBN(0x63b7e89b, 0xa4b675b5), TOBN(0xb4fb0c0c, 0x0fc31aea),
-     TOBN(0xed95e639, 0xa7ff1f2e), TOBN(0x9880f5a3, 0x619614fb),
-     TOBN(0xdeb6ff02, 0x947151ab), TOBN(0x5bc5118c, 0xa868dcdb),
-     TOBN(0xd8da2055, 0x4c20cea5), TOBN(0xcac2776e, 0x14c4d69a),
-     TOBN(0xcccb22c1, 0x622d599b), TOBN(0xa4ddb653, 0x68a9bb50),
-     TOBN(0x2c4ff151, 0x1b4941b4), TOBN(0xe1ff19b4, 0x6efba588),
-     TOBN(0x35034363, 0xc48345e0), TOBN(0x45542e3d, 0x1e29dfc4),
-     TOBN(0xf197cb91, 0x349f7aed), TOBN(0x3b2b5a00, 0x8fca8420),
-     TOBN(0x7c175ee8, 0x23aaf6d8), TOBN(0x54dcf421, 0x35af32b6),
-     TOBN(0x0ba14307, 0x27d6561e), TOBN(0x879d5ee4, 0xd175b1e2),
-     TOBN(0xc7c43673, 0x99807db5), TOBN(0x77a54455, 0x9cd55bcd),
-     TOBN(0xe6c2ff13, 0x0105c072), TOBN(0x18f7a99f, 0x8dda7da4),
-     TOBN(0x4c301820, 0x0e2d35c1), TOBN(0x06a53ca0, 0xd9cc6c82),
-     TOBN(0xaa21cc1e, 0xf1aa1d9e), TOBN(0x32414334, 0x4a75b1e8),
-     TOBN(0x2a6d1328, 0x0ebe9fdc), TOBN(0x16bd173f, 0x98a4755a),
-     TOBN(0xfbb9b245, 0x2133ffd9), TOBN(0x39a8b2f1, 0x830f1a20),
-     TOBN(0x484bc97d, 0xd5a1f52a), TOBN(0xd6aebf56, 0xa40eddf8),
-     TOBN(0x32257acb, 0x76ccdac6), TOBN(0xaf4d36ec, 0x1586ff27),
-     TOBN(0x8eaa8863, 0xf8de7dd1), TOBN(0x0045d5cf, 0x88647c16)}
-    ,
-    {TOBN(0xa6f3d574, 0xc005979d), TOBN(0xc2072b42, 0x6a40e350),
-     TOBN(0xfca5c156, 0x8de2ecf9), TOBN(0xa8c8bf5b, 0xa515344e),
-     TOBN(0x97aee555, 0x114df14a), TOBN(0xd4374a4d, 0xfdc5ec6b),
-     TOBN(0x754cc28f, 0x2ca85418), TOBN(0x71cb9e27, 0xd3c41f78),
-     TOBN(0x89105079, 0x03605c39), TOBN(0xf0843d9e, 0xa142c96c),
-     TOBN(0xf3744934, 0x16923684), TOBN(0x732caa2f, 0xfa0a2893),
-     TOBN(0xb2e8c270, 0x61160170), TOBN(0xc32788cc, 0x437fbaa3),
-     TOBN(0x39cd818e, 0xa6eda3ac), TOBN(0xe2e94239, 0x9e2b2e07),
-     TOBN(0x6967d39b, 0x0260e52a), TOBN(0xd42585cc, 0x90653325),
-     TOBN(0x0d9bd605, 0x21ca7954), TOBN(0x4fa20877, 0x81ed57b3),
-     TOBN(0x60c1eff8, 0xe34a0bbe), TOBN(0x56b0040c, 0x84f6ef64),
-     TOBN(0x28be2b24, 0xb1af8483), TOBN(0xb2278163, 0xf5531614),
-     TOBN(0x8df27545, 0x5922ac1c), TOBN(0xa7b3ef5c, 0xa52b3f63),
-     TOBN(0x8e77b214, 0x71de57c4), TOBN(0x31682c10, 0x834c008b),
-     TOBN(0xc76824f0, 0x4bd55d31), TOBN(0xb6d1c086, 0x17b61c71),
-     TOBN(0x31db0903, 0xc2a5089d), TOBN(0x9c092172, 0x184e5d3f),
-     TOBN(0xdd7ced5b, 0xc00cc638), TOBN(0x1a2015eb, 0x61278fc2),
-     TOBN(0x2e8e5288, 0x6a37f8d6), TOBN(0xc457786f, 0xe79933ad),
-     TOBN(0xb3fe4cce, 0x2c51211a), TOBN(0xad9b10b2, 0x24c20498),
-     TOBN(0x90d87a4f, 0xd28db5e5), TOBN(0x698cd105, 0x3aca2fc3),
-     TOBN(0x4f112d07, 0xe91b536d), TOBN(0xceb982f2, 0x9eba09d6),
-     TOBN(0x3c157b2c, 0x197c396f), TOBN(0xe23c2d41, 0x7b66eb24),
-     TOBN(0x480c57d9, 0x3f330d37), TOBN(0xb3a4c8a1, 0x79108deb),
-     TOBN(0x702388de, 0xcb199ce5), TOBN(0x0b019211, 0xb944a8d4),
-     TOBN(0x24f2a692, 0x840bb336), TOBN(0x7c353bdc, 0xa669fa7b),
-     TOBN(0xda20d6fc, 0xdec9c300), TOBN(0x625fbe2f, 0xa13a4f17),
-     TOBN(0xa2b1b61a, 0xdbc17328), TOBN(0x008965bf, 0xa9515621),
-     TOBN(0x49690939, 0xc620ff46), TOBN(0x182dd27d, 0x8717e91c),
-     TOBN(0x5ace5035, 0xea6c3997), TOBN(0x54259aaa, 0xc2610bef),
-     TOBN(0xef18bb3f, 0x3c80dd39), TOBN(0x6910b95b, 0x5fc3fa39),
-     TOBN(0xfce2f510, 0x43e09aee), TOBN(0xced56c9f, 0xa7675665),
-     TOBN(0x10e265ac, 0xd872db61), TOBN(0x6982812e, 0xae9fce69),
-     TOBN(0x29be11c6, 0xce800998), TOBN(0x72bb1752, 0xb90360d9),
-     TOBN(0x2c193197, 0x5a4ad590), TOBN(0x2ba2f548, 0x9fc1dbc0),
-     TOBN(0x7fe4eebb, 0xe490ebe0), TOBN(0x12a0a4cd, 0x7fae11c0),
-     TOBN(0x7197cf81, 0xe903ba37), TOBN(0xcf7d4aa8, 0xde1c6dd8),
-     TOBN(0x92af6bf4, 0x3fd5684c), TOBN(0x2b26eecf, 0x80360aa1),
-     TOBN(0xbd960f30, 0x00546a82), TOBN(0x407b3c43, 0xf59ad8fe),
-     TOBN(0x86cae5fe, 0x249c82ba), TOBN(0x9e0faec7, 0x2463744c),
-     TOBN(0x87f551e8, 0x94916272), TOBN(0x033f9344, 0x6ceb0615),
-     TOBN(0x1e5eb0d1, 0x8be82e84), TOBN(0x89967f0e, 0x7a582fef),
-     TOBN(0xbcf687d5, 0xa6e921fa), TOBN(0xdfee4cf3, 0xd37a09ba),
-     TOBN(0x94f06965, 0xb493c465), TOBN(0x638b9a1c, 0x7635c030),
-     TOBN(0x76667864, 0x66f05e9f), TOBN(0xccaf6808, 0xc04da725),
-     TOBN(0xca2eb690, 0x768fccfc), TOBN(0xf402d37d, 0xb835b362),
-     TOBN(0x0efac0d0, 0xe2fdfcce), TOBN(0xefc9cdef, 0xb638d990),
-     TOBN(0x2af12b72, 0xd1669a8b), TOBN(0x33c536bc, 0x5774ccbd),
-     TOBN(0x30b21909, 0xfb34870e), TOBN(0xc38fa2f7, 0x7df25aca),
-     TOBN(0x74c5f02b, 0xbf81f3f5), TOBN(0x0525a5ae, 0xaf7e4581),
-     TOBN(0x88d2aaba, 0x433c54ae), TOBN(0xed9775db, 0x806a56c5),
-     TOBN(0xd320738a, 0xc0edb37d), TOBN(0x25fdb6ee, 0x66cc1f51),
-     TOBN(0xac661d17, 0x10600d76), TOBN(0x931ec1f3, 0xbdd1ed76),
-     TOBN(0x65c11d62, 0x19ee43f1), TOBN(0x5cd57c3e, 0x60829d97),
-     TOBN(0xd26c91a3, 0x984be6e8), TOBN(0xf08d9309, 0x8b0c53bd),
-     TOBN(0x94bc9e5b, 0xc016e4ea), TOBN(0xd3916839, 0x11d43d2b),
-     TOBN(0x886c5ad7, 0x73701155), TOBN(0xe0377626, 0x20b00715),
-     TOBN(0x7f01c9ec, 0xaa80ba59), TOBN(0x3083411a, 0x68538e51),
-     TOBN(0x970370f1, 0xe88128af), TOBN(0x625cc3db, 0x91dec14b),
-     TOBN(0xfef9666c, 0x01ac3107), TOBN(0xb2a8d577, 0xd5057ac3),
-     TOBN(0xb0f26299, 0x92be5df7), TOBN(0xf579c8e5, 0x00353924),
-     TOBN(0xb8fa3d93, 0x1341ed7a), TOBN(0x4223272c, 0xa7b59d49),
-     TOBN(0x3dcb1947, 0x83b8c4a4), TOBN(0x4e413c01, 0xed1302e4),
-     TOBN(0x6d999127, 0xe17e44ce), TOBN(0xee86bf75, 0x33b3adfb),
-     TOBN(0xf6902fe6, 0x25aa96ca), TOBN(0xb73540e4, 0xe5aae47d),
-     TOBN(0x32801d7b, 0x1b4a158c), TOBN(0xe571c99e, 0x27e2a369),
-     TOBN(0x40cb76c0, 0x10d9f197), TOBN(0xc308c289, 0x3167c0ae),
-     TOBN(0xa6ef9dd3, 0xeb7958f2), TOBN(0xa7226dfc, 0x300879b1),
-     TOBN(0x6cd0b362, 0x7edf0636), TOBN(0x4efbce6c, 0x7bc37eed),
-     TOBN(0x75f92a05, 0x8d699021), TOBN(0x586d4c79, 0x772566e3),
-     TOBN(0x378ca5f1, 0x761ad23a), TOBN(0x650d86fc, 0x1465a8ac),
-     TOBN(0x7a4ed457, 0x842ba251), TOBN(0x6b65e3e6, 0x42234933),
-     TOBN(0xaf1543b7, 0x31aad657), TOBN(0xa4cefe98, 0xcbfec369),
-     TOBN(0xb587da90, 0x9f47befb), TOBN(0x6562e9fb, 0x41312d13),
-     TOBN(0xa691ea59, 0xeff1cefe), TOBN(0xcc30477a, 0x05fc4cf6),
-     TOBN(0xa1632461, 0x0b0ffd3d), TOBN(0xa1f16f3b, 0x5b355956),
-     TOBN(0x5b148d53, 0x4224ec24), TOBN(0xdc834e7b, 0xf977012a),
-     TOBN(0x7bfc5e75, 0xb2c69dbc), TOBN(0x3aa77a29, 0x03c3da6c),
-     TOBN(0xde0df03c, 0xca910271), TOBN(0xcbd5ca4a, 0x7806dc55),
-     TOBN(0xe1ca5807, 0x6db476cb), TOBN(0xfde15d62, 0x5f37a31e),
-     TOBN(0xf49af520, 0xf41af416), TOBN(0x96c5c5b1, 0x7d342db5),
-     TOBN(0x155c43b7, 0xeb4ceb9b), TOBN(0x2e993010, 0x4e77371a),
-     TOBN(0x1d2987da, 0x675d43af), TOBN(0xef2bc1c0, 0x8599fd72),
-     TOBN(0x96894b7b, 0x9342f6b2), TOBN(0x201eadf2, 0x7c8e71f0),
-     TOBN(0xf3479d9f, 0x4a1f3efc), TOBN(0xe0f8a742, 0x702a9704),
-     TOBN(0xeafd44b6, 0xb3eba40c), TOBN(0xf9739f29, 0xc1c1e0d0),
-     TOBN(0x0091471a, 0x619d505e), TOBN(0xc15f9c96, 0x9d7c263e),
-     TOBN(0x5be47285, 0x83afbe33), TOBN(0xa3b6d6af, 0x04f1e092),
-     TOBN(0xe76526b9, 0x751a9d11), TOBN(0x2ec5b26d, 0x9a4ae4d2),
-     TOBN(0xeb66f4d9, 0x02f6fb8d), TOBN(0x4063c561, 0x96912164),
-     TOBN(0xeb7050c1, 0x80ef3000), TOBN(0x288d1c33, 0xeaa5b3f0),
-     TOBN(0xe87c68d6, 0x07806fd8), TOBN(0xb2f7f9d5, 0x4bbbf50f),
-     TOBN(0x25972f3a, 0xac8d6627), TOBN(0xf8547774, 0x10e8c13b),
-     TOBN(0xcc50ef6c, 0x872b4a60), TOBN(0xab2a34a4, 0x4613521b),
-     TOBN(0x39c5c190, 0x983e15d1), TOBN(0x61dde5df, 0x59905512),
-     TOBN(0xe417f621, 0x9f2275f3), TOBN(0x0750c8b6, 0x451d894b),
-     TOBN(0x75b04ab9, 0x78b0bdaa), TOBN(0x3bfd9fd4, 0x458589bd),
-     TOBN(0xf1013e30, 0xee9120b6), TOBN(0x2b51af93, 0x23a4743e),
-     TOBN(0xea96ffae, 0x48d14d9e), TOBN(0x71dc0dbe, 0x698a1d32),
-     TOBN(0x914962d2, 0x0180cca4), TOBN(0x1ae60677, 0xc3568963),
-     TOBN(0x8cf227b1, 0x437bc444), TOBN(0xc650c83b, 0xc9962c7a),
-     TOBN(0x23c2c7dd, 0xfe7ccfc4), TOBN(0xf925c89d, 0x1b929d48),
-     TOBN(0x4460f74b, 0x06783c33), TOBN(0xac2c8d49, 0xa590475a),
-     TOBN(0xfb40b407, 0xb807bba0), TOBN(0x9d1e362d, 0x69ff8f3a),
-     TOBN(0xa33e9681, 0xcbef64a4), TOBN(0x67ece5fa, 0x332fb4b2),
-     TOBN(0x6900a99b, 0x739f10e3), TOBN(0xc3341ca9, 0xff525925),
-     TOBN(0xee18a626, 0xa9e2d041), TOBN(0xa5a83685, 0x29580ddd),
-     TOBN(0xf3470c81, 0x9d7de3cd), TOBN(0xedf02586, 0x2062cf9c),
-     TOBN(0xf43522fa, 0xc010edb0), TOBN(0x30314135, 0x13a4b1ae),
-     TOBN(0xc792e02a, 0xdb22b94b), TOBN(0x993d8ae9, 0xa1eaa45b),
-     TOBN(0x8aad6cd3, 0xcd1e1c63), TOBN(0x89529ca7, 0xc5ce688a),
-     TOBN(0x2ccee3aa, 0xe572a253), TOBN(0xe02b6438, 0x02a21efb),
-     TOBN(0xa7091b6e, 0xc9430358), TOBN(0x06d1b1fa, 0x9d7db504),
-     TOBN(0x58846d32, 0xc4744733), TOBN(0x40517c71, 0x379f9e34),
-     TOBN(0x2f65655f, 0x130ef6ca), TOBN(0x526e4488, 0xf1f3503f),
-     TOBN(0x8467bd17, 0x7ee4a976), TOBN(0x1d9dc913, 0x921363d1),
-     TOBN(0xd8d24c33, 0xb069e041), TOBN(0x5eb5da0a, 0x2cdf7f51),
-     TOBN(0x1c0f3cb1, 0x197b994f), TOBN(0x3c95a6c5, 0x2843eae9),
-     TOBN(0x7766ffc9, 0xa6097ea5), TOBN(0x7bea4093, 0xd723b867),
-     TOBN(0xb48e1f73, 0x4db378f9), TOBN(0x70025b00, 0xe37b77ac),
-     TOBN(0x943dc8e7, 0xaf24ad46), TOBN(0xb98a15ac, 0x16d00a85),
-     TOBN(0x3adc38ba, 0x2743b004), TOBN(0xb1c7f4f7, 0x334415ee),
-     TOBN(0xea43df8f, 0x1e62d05a), TOBN(0x32618905, 0x9d76a3b6),
-     TOBN(0x2fbd0bb5, 0xa23a0f46), TOBN(0x5bc971db, 0x6a01918c),
-     TOBN(0x7801d94a, 0xb4743f94), TOBN(0xb94df65e, 0x676ae22b),
-     TOBN(0xaafcbfab, 0xaf95894c), TOBN(0x7b9bdc07, 0x276b2241),
-     TOBN(0xeaf98362, 0x5bdda48b), TOBN(0x5977faf2, 0xa3fcb4df),
-     TOBN(0xbed042ef, 0x052c4b5b), TOBN(0x9fe87f71, 0x067591f0),
-     TOBN(0xc89c73ca, 0x22f24ec7), TOBN(0x7d37fa9e, 0xe64a9f1b),
-     TOBN(0x2710841a, 0x15562627), TOBN(0x2c01a613, 0xc243b034),
-     TOBN(0x1d135c56, 0x2bc68609), TOBN(0xc2ca1715, 0x8b03f1f6),
-     TOBN(0xc9966c2d, 0x3eb81d82), TOBN(0xc02abf4a, 0x8f6df13e),
-     TOBN(0x77b34bd7, 0x8f72b43b), TOBN(0xaff6218f, 0x360c82b0),
-     TOBN(0x0aa5726c, 0x8d55b9d2), TOBN(0xdc0adbe9, 0x99e9bffb),
-     TOBN(0x9097549c, 0xefb9e72a), TOBN(0x16755712, 0x9dfb3111),
-     TOBN(0xdd8bf984, 0xf26847f9), TOBN(0xbcb8e387, 0xdfb30cb7),
-     TOBN(0xc1fd32a7, 0x5171ef9c), TOBN(0x977f3fc7, 0x389b363f),
-     TOBN(0x116eaf2b, 0xf4babda0), TOBN(0xfeab68bd, 0xf7113c8e),
-     TOBN(0xd1e3f064, 0xb7def526), TOBN(0x1ac30885, 0xe0b3fa02),
-     TOBN(0x1c5a6e7b, 0x40142d9d), TOBN(0x839b5603, 0x30921c0b),
-     TOBN(0x48f301fa, 0x36a116a3), TOBN(0x380e1107, 0xcfd9ee6d),
-     TOBN(0x7945ead8, 0x58854be1), TOBN(0x4111c12e, 0xcbd4d49d),
-     TOBN(0xece3b1ec, 0x3a29c2ef), TOBN(0x6356d404, 0x8d3616f5),
-     TOBN(0x9f0d6a8f, 0x594d320e), TOBN(0x0989316d, 0xf651ccd2),
-     TOBN(0x6c32117a, 0x0f8fdde4), TOBN(0x9abe5cc5, 0xa26a9bbc),
-     TOBN(0xcff560fb, 0x9723f671), TOBN(0x21b2a12d, 0x7f3d593c),
-     TOBN(0xe4cb18da, 0x24ba0696), TOBN(0x186e2220, 0xc3543384),
-     TOBN(0x722f64e0, 0x88312c29), TOBN(0x94282a99, 0x17dc7752),
-     TOBN(0x62467bbf, 0x5a85ee89), TOBN(0xf435c650, 0xf10076a0),
-     TOBN(0xc9ff1539, 0x43b3a50b), TOBN(0x7132130c, 0x1a53efbc),
-     TOBN(0x31bfe063, 0xf7b0c5b7), TOBN(0xb0179a7d, 0x4ea994cc),
-     TOBN(0x12d064b3, 0xc85f455b), TOBN(0x47259328, 0x8f6e0062),
-     TOBN(0xf64e590b, 0xb875d6d9), TOBN(0x22dd6225, 0xad92bcc7),
-     TOBN(0xb658038e, 0xb9c3bd6d), TOBN(0x00cdb0d6, 0xfbba27c8),
-     TOBN(0x0c681337, 0x1062c45d), TOBN(0xd8515b8c, 0x2d33407d),
-     TOBN(0xcb8f699e, 0x8cbb5ecf), TOBN(0x8c4347f8, 0xc608d7d8),
-     TOBN(0x2c11850a, 0xbb3e00db), TOBN(0x20a8dafd, 0xecb49d19),
-     TOBN(0xbd781480, 0x45ee2f40), TOBN(0x75e354af, 0x416b60cf),
-     TOBN(0xde0b58a1, 0x8d49a8c4), TOBN(0xe40e94e2, 0xfa359536),
-     TOBN(0xbd4fa59f, 0x62accd76), TOBN(0x05cf466a, 0x8c762837),
-     TOBN(0xb5abda99, 0x448c277b), TOBN(0x5a9e01bf, 0x48b13740),
-     TOBN(0x9d457798, 0x326aad8d), TOBN(0xbdef4954, 0xc396f7e7),
-     TOBN(0x6fb274a2, 0xc253e292), TOBN(0x2800bf0a, 0x1cfe53e7),
-     TOBN(0x22426d31, 0x44438fd4), TOBN(0xef233923, 0x5e259f9a),
-     TOBN(0x4188503c, 0x03f66264), TOBN(0x9e5e7f13, 0x7f9fdfab),
-     TOBN(0x565eb76c, 0x5fcc1aba), TOBN(0xea632548, 0x59b5bff8),
-     TOBN(0x5587c087, 0xaab6d3fa), TOBN(0x92b639ea, 0x6ce39c1b),
-     TOBN(0x0706e782, 0x953b135c), TOBN(0x7308912e, 0x425268ef),
-     TOBN(0x599e92c7, 0x090e7469), TOBN(0x83b90f52, 0x9bc35e75),
-     TOBN(0x4750b3d0, 0x244975b3), TOBN(0xf3a44358, 0x11965d72),
-     TOBN(0x179c6774, 0x9c8dc751), TOBN(0xff18cdfe, 0xd23d9ff0),
-     TOBN(0xc4013833, 0x2028e247), TOBN(0x96e280e2, 0xf3bfbc79),
-     TOBN(0xf60417bd, 0xd0880a84), TOBN(0x263c9f3d, 0x2a568151),
-     TOBN(0x36be15b3, 0x2d2ce811), TOBN(0x846dc0c2, 0xf8291d21),
-     TOBN(0x5cfa0ecb, 0x789fcfdb), TOBN(0x45a0beed, 0xd7535b9a),
-     TOBN(0xec8e9f07, 0x96d69af1), TOBN(0x31a7c5b8, 0x599ab6dc),
-     TOBN(0xd36d45ef, 0xf9e2e09f), TOBN(0x3cf49ef1, 0xdcee954b),
-     TOBN(0x6be34cf3, 0x086cff9b), TOBN(0x88dbd491, 0x39a3360f),
-     TOBN(0x1e96b8cc, 0x0dbfbd1d), TOBN(0xc1e5f7bf, 0xcb7e2552),
-     TOBN(0x0547b214, 0x28819d98), TOBN(0xc770dd9c, 0x7aea9dcb),
-     TOBN(0xaef0d4c7, 0x041d68c8), TOBN(0xcc2b9818, 0x13cb9ba8),
-     TOBN(0x7fc7bc76, 0xfe86c607), TOBN(0x6b7b9337, 0x502a9a95),
-     TOBN(0x1948dc27, 0xd14dab63), TOBN(0x249dd198, 0xdae047be),
-     TOBN(0xe8356584, 0xa981a202), TOBN(0x3531dd18, 0x3a893387),
-     TOBN(0x1be11f90, 0xc85c7209), TOBN(0x93d2fe1e, 0xe2a52b5a),
-     TOBN(0x8225bfe2, 0xec6d6b97), TOBN(0x9cf6d6f4, 0xbd0aa5de),
-     TOBN(0x911459cb, 0x54779f5f), TOBN(0x5649cddb, 0x86aeb1f3),
-     TOBN(0x32133579, 0x3f26ce5a), TOBN(0xc289a102, 0x550f431e),
-     TOBN(0x559dcfda, 0x73b84c6f), TOBN(0x84973819, 0xee3ac4d7),
-     TOBN(0xb51e55e6, 0xf2606a82), TOBN(0xe25f7061, 0x90f2fb57),
-     TOBN(0xacef6c2a, 0xb1a4e37c), TOBN(0x864e359d, 0x5dcf2706),
-     TOBN(0x479e6b18, 0x7ce57316), TOBN(0x2cab2500, 0x3a96b23d),
-     TOBN(0xed489862, 0x8ef16df7), TOBN(0x2056538c, 0xef3758b5),
-     TOBN(0xa7df865e, 0xf15d3101), TOBN(0x80c5533a, 0x61b553d7),
-     TOBN(0x366e1997, 0x4ed14294), TOBN(0x6620741f, 0xb3c0bcd6),
-     TOBN(0x21d1d9c4, 0xedc45418), TOBN(0x005b859e, 0xc1cc4a9d),
-     TOBN(0xdf01f630, 0xa1c462f0), TOBN(0x15d06cf3, 0xf26820c7),
-     TOBN(0x9f7f24ee, 0x3484be47), TOBN(0x2ff33e96, 0x4a0c902f),
-     TOBN(0x00bdf457, 0x5a0bc453), TOBN(0x2378dfaf, 0x1aa238db),
-     TOBN(0x272420ec, 0x856720f2), TOBN(0x2ad9d95b, 0x96797291),
-     TOBN(0xd1242cc6, 0x768a1558), TOBN(0x2e287f8b, 0x5cc86aa8),
-     TOBN(0x796873d0, 0x990cecaa), TOBN(0xade55f81, 0x675d4080),
-     TOBN(0x2645eea3, 0x21f0cd84), TOBN(0x7a1efa0f, 0xb4e17d02),
-     TOBN(0xf6858420, 0x037cc061), TOBN(0x682e05f0, 0xd5d43e12),
-     TOBN(0x59c36994, 0x27218710), TOBN(0x85cbba4d, 0x3f7cd2fc),
-     TOBN(0x726f9729, 0x7a3cd22a), TOBN(0x9f8cd5dc, 0x4a628397),
-     TOBN(0x17b93ab9, 0xc23165ed), TOBN(0xff5f5dbf, 0x122823d4),
-     TOBN(0xc1e4e4b5, 0x654a446d), TOBN(0xd1a9496f, 0x677257ba),
-     TOBN(0x6387ba94, 0xde766a56), TOBN(0x23608bc8, 0x521ec74a),
-     TOBN(0x16a522d7, 0x6688c4d4), TOBN(0x9d6b4282, 0x07373abd),
-     TOBN(0xa62f07ac, 0xb42efaa3), TOBN(0xf73e00f7, 0xe3b90180),
-     TOBN(0x36175fec, 0x49421c3e), TOBN(0xc4e44f9b, 0x3dcf2678),
-     TOBN(0x76df436b, 0x7220f09f), TOBN(0x172755fb, 0x3aa8b6cf),
-     TOBN(0xbab89d57, 0x446139cc), TOBN(0x0a0a6e02, 0x5fe0208f),
-     TOBN(0xcdbb63e2, 0x11e5d399), TOBN(0x33ecaa12, 0xa8977f0b),
-     TOBN(0x59598b21, 0xf7c42664), TOBN(0xb3e91b32, 0xab65d08a),
-     TOBN(0x035822ee, 0xf4502526), TOBN(0x1dcf0176, 0x720a82a9),
-     TOBN(0x50f8598f, 0x3d589e02), TOBN(0xdf0478ff, 0xb1d63d2c),
-     TOBN(0x8b8068bd, 0x1571cd07), TOBN(0x30c3aa4f, 0xd79670cd),
-     TOBN(0x25e8fd4b, 0x941ade7f), TOBN(0x3d1debdc, 0x32790011),
-     TOBN(0x65b6dcbd, 0x3a3f9ff0), TOBN(0x282736a4, 0x793de69c),
-     TOBN(0xef69a0c3, 0xd41d3bd3), TOBN(0xb533b8c9, 0x07a26bde),
-     TOBN(0xe2801d97, 0xdb2edf9f), TOBN(0xdc4a8269, 0xe1877af0),
-     TOBN(0x6c1c5851, 0x3d590dbe), TOBN(0x84632f6b, 0xee4e9357),
-     TOBN(0xd36d36b7, 0x79b33374), TOBN(0xb46833e3, 0x9bbca2e6),
-     TOBN(0x37893913, 0xf7fc0586), TOBN(0x385315f7, 0x66bf4719),
-     TOBN(0x72c56293, 0xb31855dc), TOBN(0xd1416d4e, 0x849061fe),
-     TOBN(0xbeb3ab78, 0x51047213), TOBN(0x447f6e61, 0xf040c996),
-     TOBN(0xd06d310d, 0x638b1d0c), TOBN(0xe28a413f, 0xbad1522e),
-     TOBN(0x685a76cb, 0x82003f86), TOBN(0x610d07f7, 0x0bcdbca3),
-     TOBN(0x6ff66021, 0x9ca4c455), TOBN(0x7df39b87, 0xcea10eec),
-     TOBN(0xb9255f96, 0xe22db218), TOBN(0x8cc6d9eb, 0x08a34c44),
-     TOBN(0xcd4ffb86, 0x859f9276), TOBN(0x8fa15eb2, 0x50d07335),
-     TOBN(0xdf553845, 0xcf2c24b5), TOBN(0x89f66a9f, 0x52f9c3ba),
-     TOBN(0x8f22b5b9, 0xe4a7ceb3), TOBN(0xaffef809, 0x0e134686),
-     TOBN(0x3e53e1c6, 0x8eb8fac2), TOBN(0x93c1e4eb, 0x28aec98e),
-     TOBN(0xb6b91ec5, 0x32a43bcb), TOBN(0x2dbfa947, 0xb2d74a51),
-     TOBN(0xe065d190, 0xca84bad7), TOBN(0xfb13919f, 0xad58e65c),
-     TOBN(0x3c41718b, 0xf1cb6e31), TOBN(0x688969f0, 0x06d05c3f),
-     TOBN(0xd4f94ce7, 0x21264d45), TOBN(0xfdfb65e9, 0x7367532b),
-     TOBN(0x5b1be8b1, 0x0945a39d), TOBN(0x229f789c, 0x2b8baf3b),
-     TOBN(0xd8f41f3e, 0x6f49f15d), TOBN(0x678ce828, 0x907f0792),
-     TOBN(0xc69ace82, 0xfca6e867), TOBN(0x106451ae, 0xd01dcc89),
-     TOBN(0x1bb4f7f0, 0x19fc32d2), TOBN(0x64633dfc, 0xb00c52d2),
-     TOBN(0x8f13549a, 0xad9ea445), TOBN(0x99a3bf50, 0xfb323705),
-     TOBN(0x0c9625a2, 0x534d4dbc), TOBN(0x45b8f1d1, 0xc2a2fea3),
-     TOBN(0x76ec21a1, 0xa530fc1a), TOBN(0x4bac9c2a, 0x9e5bd734),
-     TOBN(0x5996d76a, 0x7b4e3587), TOBN(0x0045cdee, 0x1182d9e3),
-     TOBN(0x1aee24b9, 0x1207f13d), TOBN(0x66452e97, 0x97345a41),
-     TOBN(0x16e5b054, 0x9f950cd0), TOBN(0x9cc72fb1, 0xd7fdd075),
-     TOBN(0x6edd61e7, 0x66249663), TOBN(0xde4caa4d, 0xf043cccb),
-     TOBN(0x11b1f57a, 0x55c7ac17), TOBN(0x779cbd44, 0x1a85e24d),
-     TOBN(0x78030f86, 0xe46081e7), TOBN(0xfd4a6032, 0x8e20f643),
-     TOBN(0xcc7a6488, 0x0a750c0f), TOBN(0x39bacfe3, 0x4e548e83),
-     TOBN(0x3d418c76, 0x0c110f05), TOBN(0x3e4daa4c, 0xb1f11588),
-     TOBN(0x2733e7b5, 0x5ffc69ff), TOBN(0x46f147bc, 0x92053127),
-     TOBN(0x885b2434, 0xd722df94), TOBN(0x6a444f65, 0xe6fc6b7c)}
-    ,
-    {TOBN(0x7a1a465a, 0xc3f16ea8), TOBN(0x115a461d, 0xb2f1d11c),
-     TOBN(0x4767dd95, 0x6c68a172), TOBN(0x3392f2eb, 0xd13a4698),
-     TOBN(0xc7a99ccd, 0xe526cdc7), TOBN(0x8e537fdc, 0x22292b81),
-     TOBN(0x76d8cf69, 0xa6d39198), TOBN(0xffc5ff43, 0x2446852d),
-     TOBN(0x97b14f7e, 0xa90567e6), TOBN(0x513257b7, 0xb6ae5cb7),
-     TOBN(0x85454a3c, 0x9f10903d), TOBN(0xd8d2c9ad, 0x69bc3724),
-     TOBN(0x38da9324, 0x6b29cb44), TOBN(0xb540a21d, 0x77c8cbac),
-     TOBN(0x9bbfe435, 0x01918e42), TOBN(0xfffa707a, 0x56c3614e),
-     TOBN(0x0ce4e3f1, 0xd4e353b7), TOBN(0x062d8a14, 0xef46b0a0),
-     TOBN(0x6408d5ab, 0x574b73fd), TOBN(0xbc41d1c9, 0xd3273ffd),
-     TOBN(0x3538e1e7, 0x6be77800), TOBN(0x71fe8b37, 0xc5655031),
-     TOBN(0x1cd91621, 0x6b9b331a), TOBN(0xad825d0b, 0xbb388f73),
-     TOBN(0x56c2e05b, 0x1cb76219), TOBN(0x0ec0bf91, 0x71567e7e),
-     TOBN(0xe7076f86, 0x61c4c910), TOBN(0xd67b085b, 0xbabc04d9),
-     TOBN(0x9fb90459, 0x5e93a96a), TOBN(0x7526c1ea, 0xfbdc249a),
-     TOBN(0x0d44d367, 0xecdd0bb7), TOBN(0x95399917, 0x9dc0d695),
-     TOBN(0x61360ee9, 0x9e240d18), TOBN(0x057cdcac, 0xb4b94466),
-     TOBN(0xe7667cd1, 0x2fe5325c), TOBN(0x1fa297b5, 0x21974e3b),
-     TOBN(0xfa4081e7, 0xdb083d76), TOBN(0x31993be6, 0xf206bd15),
-     TOBN(0x8949269b, 0x14c19f8c), TOBN(0x21468d72, 0xa9d92357),
-     TOBN(0x2ccbc583, 0xa4c506ec), TOBN(0x957ed188, 0xd1acfe97),
-     TOBN(0x8baed833, 0x12f1aea2), TOBN(0xef2a6cb4, 0x8325362d),
-     TOBN(0x130dde42, 0x8e195c43), TOBN(0xc842025a, 0x0e6050c6),
-     TOBN(0x2da972a7, 0x08686a5d), TOBN(0xb52999a1, 0xe508b4a8),
-     TOBN(0xd9f090b9, 0x10a5a8bd), TOBN(0xca91d249, 0x096864da),
-     TOBN(0x8e6a93be, 0x3f67dbc1), TOBN(0xacae6fba, 0xf5f4764c),
-     TOBN(0x1563c6e0, 0xd21411a0), TOBN(0x28fa787f, 0xda0a4ad8),
-     TOBN(0xd524491c, 0x908c8030), TOBN(0x1257ba0e, 0x4c795f07),
-     TOBN(0x83f49167, 0xceca9754), TOBN(0x426d2cf6, 0x4b7939a0),
-     TOBN(0x2555e355, 0x723fd0bf), TOBN(0xa96e6d06, 0xc4f144e2),
-     TOBN(0x4768a8dd, 0x87880e61), TOBN(0x15543815, 0xe508e4d5),
-     TOBN(0x09d7e772, 0xb1b65e15), TOBN(0x63439dd6, 0xac302fa0),
-     TOBN(0xb93f802f, 0xc14e35c2), TOBN(0x71735b7c, 0x4341333c),
-     TOBN(0x03a25104, 0x16d4f362), TOBN(0x3f4d069b, 0xbf433c8e),
-     TOBN(0x0d83ae01, 0xf78f5a7c), TOBN(0x50a8ffbe, 0x7c4eed07),
-     TOBN(0xc74f8906, 0x76e10f83), TOBN(0x7d080966, 0x9ddaf8e1),
-     TOBN(0xb11df8e1, 0x698e04cc), TOBN(0x877be203, 0x169005c8),
-     TOBN(0x32749e8c, 0x4f3c6179), TOBN(0x2dbc9d0a, 0x7853fc05),
-     TOBN(0x187d4f93, 0x9454d937), TOBN(0xe682ce9d, 0xb4800e1b),
-     TOBN(0xa9129ad8, 0x165e68e8), TOBN(0x0fe29735, 0xbe7f785b),
-     TOBN(0x5303f40c, 0x5b9e02b7), TOBN(0xa37c9692, 0x35ee04e8),
-     TOBN(0x5f46cc20, 0x34d6632b), TOBN(0x55ef72b2, 0x96ac545b),
-     TOBN(0xabec5c1f, 0x7b91b062), TOBN(0x0a79e1c7, 0xbb33e821),
-     TOBN(0xbb04b428, 0x3a9f4117), TOBN(0x0de1f28f, 0xfd2a475a),
-     TOBN(0x31019ccf, 0x3a4434b4), TOBN(0xa3458111, 0x1a7954dc),
-     TOBN(0xa9dac80d, 0xe34972a7), TOBN(0xb043d054, 0x74f6b8dd),
-     TOBN(0x021c319e, 0x11137b1a), TOBN(0x00a754ce, 0xed5cc03f),
-     TOBN(0x0aa2c794, 0xcbea5ad4), TOBN(0x093e67f4, 0x70c015b6),
-     TOBN(0x72cdfee9, 0xc97e3f6b), TOBN(0xc10bcab4, 0xb6da7461),
-     TOBN(0x3b02d2fc, 0xb59806b9), TOBN(0x85185e89, 0xa1de6f47),
-     TOBN(0x39e6931f, 0x0eb6c4d4), TOBN(0x4d4440bd, 0xd4fa5b04),
-     TOBN(0x5418786e, 0x34be7eb8), TOBN(0x6380e521, 0x9d7259bc),
-     TOBN(0x20ac0351, 0xd598d710), TOBN(0x272c4166, 0xcb3a4da4),
-     TOBN(0xdb82fe1a, 0xca71de1f), TOBN(0x746e79f2, 0xd8f54b0f),
-     TOBN(0x6e7fc736, 0x4b573e9b), TOBN(0x75d03f46, 0xfd4b5040),
-     TOBN(0x5c1cc36d, 0x0b98d87b), TOBN(0x513ba3f1, 0x1f472da1),
-     TOBN(0x79d0af26, 0xabb177dd), TOBN(0xf82ab568, 0x7891d564),
-     TOBN(0x2b6768a9, 0x72232173), TOBN(0xefbb3bb0, 0x8c1f6619),
-     TOBN(0xb29c11db, 0xa6d18358), TOBN(0x519e2797, 0xb0916d3a),
-     TOBN(0xd4dc18f0, 0x9188e290), TOBN(0x648e86e3, 0x98b0ca7f),
-     TOBN(0x859d3145, 0x983c38b5), TOBN(0xb14f176c, 0x637abc8b),
-     TOBN(0x2793fb9d, 0xcaff7be6), TOBN(0xebe5a55f, 0x35a66a5a),
-     TOBN(0x7cec1dcd, 0x9f87dc59), TOBN(0x7c595cd3, 0xfbdbf560),
-     TOBN(0x5b543b22, 0x26eb3257), TOBN(0x69080646, 0xc4c935fd),
-     TOBN(0x7f2e4403, 0x81e9ede3), TOBN(0x243c3894, 0xcaf6df0a),
-     TOBN(0x7c605bb1, 0x1c073b11), TOBN(0xcd06a541, 0xba6a4a62),
-     TOBN(0x29168949, 0x49d4e2e5), TOBN(0x33649d07, 0x4af66880),
-     TOBN(0xbfc0c885, 0xe9a85035), TOBN(0xb4e52113, 0xfc410f4b),
-     TOBN(0xdca3b706, 0x78a6513b), TOBN(0x92ea4a2a, 0x9edb1943),
-     TOBN(0x02642216, 0xdb6e2dd8), TOBN(0x9b45d0b4, 0x9fd57894),
-     TOBN(0x114e70db, 0xc69d11ae), TOBN(0x1477dd19, 0x4c57595f),
-     TOBN(0xbc2208b4, 0xec77c272), TOBN(0x95c5b4d7, 0xdb68f59c),
-     TOBN(0xb8c4fc63, 0x42e532b7), TOBN(0x386ba422, 0x9ae35290),
-     TOBN(0xfb5dda42, 0xd201ecbc), TOBN(0x2353dc8b, 0xa0e38fd6),
-     TOBN(0x9a0b85ea, 0x68f7e978), TOBN(0x96ec5682, 0x2ad6d11f),
-     TOBN(0x5e279d6c, 0xe5f6886d), TOBN(0xd3fe03cd, 0x3cb1914d),
-     TOBN(0xfe541fa4, 0x7ea67c77), TOBN(0x952bd2af, 0xe3ea810c),
-     TOBN(0x791fef56, 0x8d01d374), TOBN(0xa3a1c621, 0x0f11336e),
-     TOBN(0x5ad0d5a9, 0xc7ec6d79), TOBN(0xff7038af, 0x3225c342),
-     TOBN(0x003c6689, 0xbc69601b), TOBN(0x25059bc7, 0x45e8747d),
-     TOBN(0xfa4965b2, 0xf2086fbf), TOBN(0xf6840ea6, 0x86916078),
-     TOBN(0xd7ac7620, 0x70081d6c), TOBN(0xe600da31, 0xb5328645),
-     TOBN(0x01916f63, 0x529b8a80), TOBN(0xe80e4858, 0x2d7d6f3e),
-     TOBN(0x29eb0fe8, 0xd664ca7c), TOBN(0xf017637b, 0xe7b43b0c),
-     TOBN(0x9a75c806, 0x76cb2566), TOBN(0x8f76acb1, 0xb24892d9),
-     TOBN(0x7ae7b9cc, 0x1f08fe45), TOBN(0x19ef7329, 0x6a4907d8),
-     TOBN(0x2db4ab71, 0x5f228bf0), TOBN(0xf3cdea39, 0x817032d7),
-     TOBN(0x0b1f482e, 0xdcabe3c0), TOBN(0x3baf76b4, 0xbb86325c),
-     TOBN(0xd49065e0, 0x10089465), TOBN(0x3bab5d29, 0x8e77c596),
-     TOBN(0x7636c3a6, 0x193dbd95), TOBN(0xdef5d294, 0xb246e499),
-     TOBN(0xb22c58b9, 0x286b2475), TOBN(0xa0b93939, 0xcd80862b),
-     TOBN(0x3002c83a, 0xf0992388), TOBN(0x6de01f9b, 0xeacbe14c),
-     TOBN(0x6aac688e, 0xadd70482), TOBN(0x708de92a, 0x7b4a4e8a),
-     TOBN(0x75b6dd73, 0x758a6eef), TOBN(0xea4bf352, 0x725b3c43),
-     TOBN(0x10041f2c, 0x87912868), TOBN(0xb1b1be95, 0xef09297a),
-     TOBN(0x19ae23c5, 0xa9f3860a), TOBN(0xc4f0f839, 0x515dcf4b),
-     TOBN(0x3c7ecca3, 0x97f6306a), TOBN(0x744c44ae, 0x68a3a4b0),
-     TOBN(0x69cd13a0, 0xb3a1d8a2), TOBN(0x7cad0a1e, 0x5256b578),
-     TOBN(0xea653fcd, 0x33791d9e), TOBN(0x9cc2a05d, 0x74b2e05f),
-     TOBN(0x73b391dc, 0xfd7affa2), TOBN(0xddb7091e, 0xb6b05442),
-     TOBN(0xc71e27bf, 0x8538a5c6), TOBN(0x195c63dd, 0x89abff17),
-     TOBN(0xfd315285, 0x1b71e3da), TOBN(0x9cbdfda7, 0xfa680fa0),
-     TOBN(0x9db876ca, 0x849d7eab), TOBN(0xebe2764b, 0x3c273271),
-     TOBN(0x663357e3, 0xf208dcea), TOBN(0x8c5bd833, 0x565b1b70),
-     TOBN(0xccc3b4f5, 0x9837fc0d), TOBN(0x9b641ba8, 0xa79cf00f),
-     TOBN(0x7428243d, 0xdfdf3990), TOBN(0x83a594c4, 0x020786b1),
-     TOBN(0xb712451a, 0x526c4502), TOBN(0x9d39438e, 0x6adb3f93),
-     TOBN(0xfdb261e3, 0xe9ff0ccd), TOBN(0x80344e3c, 0xe07af4c3),
-     TOBN(0x75900d7c, 0x2fa4f126), TOBN(0x08a3b865, 0x5c99a232),
-     TOBN(0x2478b6bf, 0xdb25e0c3), TOBN(0x482cc2c2, 0x71db2edf),
-     TOBN(0x37df7e64, 0x5f321bb8), TOBN(0x8a93821b, 0x9a8005b4),
-     TOBN(0x3fa2f10c, 0xcc8c1958), TOBN(0x0d332218, 0x2c269d0a),
-     TOBN(0x20ab8119, 0xe246b0e6), TOBN(0xb39781e4, 0xd349fd17),
-     TOBN(0xd293231e, 0xb31aa100), TOBN(0x4b779c97, 0xbb032168),
-     TOBN(0x4b3f19e1, 0xc8470500), TOBN(0x45b7efe9, 0x0c4c869d),
-     TOBN(0xdb84f38a, 0xa1a6bbcc), TOBN(0x3b59cb15, 0xb2fddbc1),
-     TOBN(0xba5514df, 0x3fd165e8), TOBN(0x499fd6a9, 0x061f8811),
-     TOBN(0x72cd1fe0, 0xbfef9f00), TOBN(0x120a4bb9, 0x79ad7e8a),
-     TOBN(0xf2ffd095, 0x5f4a5ac5), TOBN(0xcfd174f1, 0x95a7a2f0),
-     TOBN(0xd42301ba, 0x9d17baf1), TOBN(0xd2fa487a, 0x77f22089),
-     TOBN(0x9cb09efe, 0xb1dc77e1), TOBN(0xe9566939, 0x21c99682),
-     TOBN(0x8c546901, 0x6c6067bb), TOBN(0xfd378574, 0x61c24456),
-     TOBN(0x2b6a6cbe, 0x81796b33), TOBN(0x62d550f6, 0x58e87f8b),
-     TOBN(0x1b763e1c, 0x7f1b01b4), TOBN(0x4b93cfea, 0x1b1b5e12),
-     TOBN(0xb9345238, 0x1d531696), TOBN(0x57201c00, 0x88cdde69),
-     TOBN(0xdde92251, 0x9a86afc7), TOBN(0xe3043895, 0xbd35cea8),
-     TOBN(0x7608c1e1, 0x8555970d), TOBN(0x8267dfa9, 0x2535935e),
-     TOBN(0xd4c60a57, 0x322ea38b), TOBN(0xe0bf7977, 0x804ef8b5),
-     TOBN(0x1a0dab28, 0xc06fece4), TOBN(0xd405991e, 0x94e7b49d),
-     TOBN(0xc542b6d2, 0x706dab28), TOBN(0xcb228da3, 0xa91618fb),
-     TOBN(0x224e4164, 0x107d1cea), TOBN(0xeb9fdab3, 0xd0f5d8f1),
-     TOBN(0xc02ba386, 0x0d6e41cd), TOBN(0x676a72c5, 0x9b1f7146),
-     TOBN(0xffd6dd98, 0x4d6cb00b), TOBN(0xcef9c5ca, 0xde2e8d7c),
-     TOBN(0xa1bbf5d7, 0x641c7936), TOBN(0x1b95b230, 0xee8f772e),
-     TOBN(0xf765a92e, 0xe8ac25b1), TOBN(0xceb04cfc, 0x3a18b7c6),
-     TOBN(0x27944cef, 0x0acc8966), TOBN(0xcbb3c957, 0x434c1004),
-     TOBN(0x9c9971a1, 0xa43ff93c), TOBN(0x5bc2db17, 0xa1e358a9),
-     TOBN(0x45b4862e, 0xa8d9bc82), TOBN(0x70ebfbfb, 0x2201e052),
-     TOBN(0xafdf64c7, 0x92871591), TOBN(0xea5bcae6, 0xb42d0219),
-     TOBN(0xde536c55, 0x2ad8f03c), TOBN(0xcd6c3f4d, 0xa76aa33c),
-     TOBN(0xbeb5f623, 0x0bca6de3), TOBN(0xdd20dd99, 0xb1e706fd),
-     TOBN(0x90b3ff9d, 0xac9059d4), TOBN(0x2d7b2902, 0x7ccccc4e),
-     TOBN(0x8a090a59, 0xce98840f), TOBN(0xa5d947e0, 0x8410680a),
-     TOBN(0x49ae346a, 0x923379a5), TOBN(0x7dbc84f9, 0xb28a3156),
-     TOBN(0xfd40d916, 0x54a1aff2), TOBN(0xabf318ba, 0x3a78fb9b),
-     TOBN(0x50152ed8, 0x3029f95e), TOBN(0x9fc1dd77, 0xc58ad7fa),
-     TOBN(0x5fa57915, 0x13595c17), TOBN(0xb9504668, 0x8f62b3a9),
-     TOBN(0x907b5b24, 0xff3055b0), TOBN(0x2e995e35, 0x9a84f125),
-     TOBN(0x87dacf69, 0x7e9bbcfb), TOBN(0x95d0c1d6, 0xe86d96e3),
-     TOBN(0x65726e3c, 0x2d95a75c), TOBN(0x2c3c9001, 0xacd27f21),
-     TOBN(0x1deab561, 0x6c973f57), TOBN(0x108b7e2c, 0xa5221643),
-     TOBN(0x5fee9859, 0xc4ef79d4), TOBN(0xbd62b88a, 0x40d4b8c6),
-     TOBN(0xb4dd29c4, 0x197c75d6), TOBN(0x266a6df2, 0xb7076feb),
-     TOBN(0x9512d0ea, 0x4bf2df11), TOBN(0x1320c24f, 0x6b0cc9ec),
-     TOBN(0x6bb1e0e1, 0x01a59596), TOBN(0x8317c5bb, 0xeff9aaac),
-     TOBN(0x65bb405e, 0x385aa6c9), TOBN(0x613439c1, 0x8f07988f),
-     TOBN(0xd730049f, 0x16a66e91), TOBN(0xe97f2820, 0xfa1b0e0d),
-     TOBN(0x4131e003, 0x304c28ea), TOBN(0x820ab732, 0x526bac62),
-     TOBN(0xb2ac9ef9, 0x28714423), TOBN(0x54ecfffa, 0xadb10cb2),
-     TOBN(0x8781476e, 0xf886a4cc), TOBN(0x4b2c87b5, 0xdb2f8d49),
-     TOBN(0xe857cd20, 0x0a44295d), TOBN(0x707d7d21, 0x58c6b044),
-     TOBN(0xae8521f9, 0xf596757c), TOBN(0x87448f03, 0x67b2b714),
-     TOBN(0x13a9bc45, 0x5ebcd58d), TOBN(0x79bcced9, 0x9122d3c1),
-     TOBN(0x3c644247, 0x9e076642), TOBN(0x0cf22778, 0x2df4767d),
-     TOBN(0x5e61aee4, 0x71d444b6), TOBN(0x211236bf, 0xc5084a1d),
-     TOBN(0x7e15bc9a, 0x4fd3eaf6), TOBN(0x68df2c34, 0xab622bf5),
-     TOBN(0x9e674f0f, 0x59bf4f36), TOBN(0xf883669b, 0xd7f34d73),
-     TOBN(0xc48ac1b8, 0x31497b1d), TOBN(0x323b925d, 0x5106703b),
-     TOBN(0x22156f42, 0x74082008), TOBN(0xeffc521a, 0xc8482bcb),
-     TOBN(0x5c6831bf, 0x12173479), TOBN(0xcaa2528f, 0xc4739490),
-     TOBN(0x84d2102a, 0x8f1b3c4d), TOBN(0xcf64dfc1, 0x2d9bec0d),
-     TOBN(0x433febad, 0x78a546ef), TOBN(0x1f621ec3, 0x7b73cef1),
-     TOBN(0x6aecd627, 0x37338615), TOBN(0x162082ab, 0x01d8edf6),
-     TOBN(0x833a8119, 0x19e86b66), TOBN(0x6023a251, 0xd299b5db),
-     TOBN(0xf5bb0c3a, 0xbbf04b89), TOBN(0x6735eb69, 0xae749a44),
-     TOBN(0xd0e058c5, 0x4713de3b), TOBN(0xfdf2593e, 0x2c3d4ccd),
-     TOBN(0x1b8f414e, 0xfdd23667), TOBN(0xdd52aaca, 0xfa2015ee),
-     TOBN(0x3e31b517, 0xbd9625ff), TOBN(0x5ec9322d, 0x8db5918c),
-     TOBN(0xbc73ac85, 0xa96f5294), TOBN(0x82aa5bf3, 0x61a0666a),
-     TOBN(0x49755810, 0xbf08ac42), TOBN(0xd21cdfd5, 0x891cedfc),
-     TOBN(0x918cb57b, 0x67f8be10), TOBN(0x365d1a7c, 0x56ffa726),
-     TOBN(0x2435c504, 0x6532de93), TOBN(0xc0fc5e10, 0x2674cd02),
-     TOBN(0x6e51fcf8, 0x9cbbb142), TOBN(0x1d436e5a, 0xafc50692),
-     TOBN(0x766bffff, 0x3fbcae22), TOBN(0x3148c2fd, 0xfd55d3b8),
-     TOBN(0x52c7fdc9, 0x233222fa), TOBN(0x89ff1092, 0xe419fb6b),
-     TOBN(0x3cd6db99, 0x25254977), TOBN(0x2e85a161, 0x1cf12ca7),
-     TOBN(0xadd2547c, 0xdc810bc9), TOBN(0xea3f458f, 0x9d257c22),
-     TOBN(0x642c1fbe, 0x27d6b19b), TOBN(0xed07e6b5, 0x140481a6),
-     TOBN(0x6ada1d42, 0x86d2e0f8), TOBN(0xe5920122, 0x0e8a9fd5),
-     TOBN(0x02c936af, 0x708c1b49), TOBN(0x60f30fee, 0x2b4bfaff),
-     TOBN(0x6637ad06, 0x858e6a61), TOBN(0xce4c7767, 0x3fd374d0),
-     TOBN(0x39d54b2d, 0x7188defb), TOBN(0xa8c9d250, 0xf56a6b66),
-     TOBN(0x58fc0f5e, 0xb24fe1dc), TOBN(0x9eaf9dee, 0x6b73f24c),
-     TOBN(0xa90d588b, 0x33650705), TOBN(0xde5b62c5, 0xaf2ec729),
-     TOBN(0x5c72cfae, 0xd3c2b36e), TOBN(0x868c19d5, 0x034435da),
-     TOBN(0x88605f93, 0xe17ee145), TOBN(0xaa60c4ee, 0x77a5d5b1),
-     TOBN(0xbcf5bfd2, 0x3b60c472), TOBN(0xaf4ef13c, 0xeb1d3049),
-     TOBN(0x373f44fc, 0xe13895c9), TOBN(0xf29b382f, 0x0cbc9822),
-     TOBN(0x1bfcb853, 0x73efaef6), TOBN(0xcf56ac9c, 0xa8c96f40),
-     TOBN(0xd7adf109, 0x7a191e24), TOBN(0x98035f44, 0xbf8a8dc2),
-     TOBN(0xf40a71b9, 0x1e750c84), TOBN(0xc57f7b0c, 0x5dc6c469),
-     TOBN(0x49a0e79c, 0x6fbc19c1), TOBN(0x6b0f5889, 0xa48ebdb8),
-     TOBN(0x5d3fd084, 0xa07c4e9f), TOBN(0xc3830111, 0xab27de14),
-     TOBN(0x0e4929fe, 0x33e08dcc), TOBN(0xf4a5ad24, 0x40bb73a3),
-     TOBN(0xde86c2bf, 0x490f97ca), TOBN(0x288f09c6, 0x67a1ce18),
-     TOBN(0x364bb886, 0x1844478d), TOBN(0x7840fa42, 0xceedb040),
-     TOBN(0x1269fdd2, 0x5a631b37), TOBN(0x94761f1e, 0xa47c8b7d),
-     TOBN(0xfc0c2e17, 0x481c6266), TOBN(0x85e16ea2, 0x3daa5fa7),
-     TOBN(0xccd86033, 0x92491048), TOBN(0x0c2f6963, 0xf4d402d7),
-     TOBN(0x6336f7df, 0xdf6a865c), TOBN(0x0a2a463c, 0xb5c02a87),
-     TOBN(0xb0e29be7, 0xbf2f12ee), TOBN(0xf0a22002, 0x66bad988),
-     TOBN(0x27f87e03, 0x9123c1d7), TOBN(0x21669c55, 0x328a8c98),
-     TOBN(0x186b9803, 0x92f14529), TOBN(0xd3d056cc, 0x63954df3),
-     TOBN(0x2f03fd58, 0x175a46f6), TOBN(0x63e34ebe, 0x11558558),
-     TOBN(0xe13fedee, 0x5b80cfa5), TOBN(0xe872a120, 0xd401dbd1),
-     TOBN(0x52657616, 0xe8a9d667), TOBN(0xbc8da4b6, 0xe08d6693),
-     TOBN(0x370fb9bb, 0x1b703e75), TOBN(0x6773b186, 0xd4338363),
-     TOBN(0x18dad378, 0xecef7bff), TOBN(0xaac787ed, 0x995677da),
-     TOBN(0x4801ea8b, 0x0437164b), TOBN(0xf430ad20, 0x73fe795e),
-     TOBN(0xb164154d, 0x8ee5eb73), TOBN(0x0884ecd8, 0x108f7c0e),
-     TOBN(0x0e6ec096, 0x5f520698), TOBN(0x640631fe, 0x44f7b8d9),
-     TOBN(0x92fd34fc, 0xa35a68b9), TOBN(0x9c5a4b66, 0x4d40cf4e),
-     TOBN(0x949454bf, 0x80b6783d), TOBN(0x80e701fe, 0x3a320a10),
-     TOBN(0x8d1a564a, 0x1a0a39b2), TOBN(0x1436d53d, 0x320587db),
-     TOBN(0xf5096e6d, 0x6556c362), TOBN(0xbc23a3c0, 0xe2455d7e),
-     TOBN(0x3a7aee54, 0x807230f9), TOBN(0x9ba1cfa6, 0x22ae82fd),
-     TOBN(0x833a057a, 0x99c5d706), TOBN(0x8be85f4b, 0x842315c9),
-     TOBN(0xd083179a, 0x66a72f12), TOBN(0x2fc77d5d, 0xcdcc73cd),
-     TOBN(0x22b88a80, 0x5616ee30), TOBN(0xfb09548f, 0xe7ab1083),
-     TOBN(0x8ad6ab0d, 0x511270cd), TOBN(0x61f6c57a, 0x6924d9ab),
-     TOBN(0xa0f7bf72, 0x90aecb08), TOBN(0x849f87c9, 0x0df784a4),
-     TOBN(0x27c79c15, 0xcfaf1d03), TOBN(0xbbf9f675, 0xc463face),
-     TOBN(0x91502c65, 0x765ba543), TOBN(0x18ce3cac, 0x42ea60dd),
-     TOBN(0xe5cee6ac, 0x6e43ecb3), TOBN(0x63e4e910, 0x68f2aeeb),
-     TOBN(0x26234fa3, 0xc85932ee), TOBN(0x96883e8b, 0x4c90c44d),
-     TOBN(0x29b9e738, 0xa18a50f6), TOBN(0xbfc62b2a, 0x3f0420df),
-     TOBN(0xd22a7d90, 0x6d3e1fa9), TOBN(0x17115618, 0xfe05b8a3),
-     TOBN(0x2a0c9926, 0xbb2b9c01), TOBN(0xc739fcc6, 0xe07e76a2),
-     TOBN(0x540e9157, 0x165e439a), TOBN(0x06353a62, 0x6a9063d8),
-     TOBN(0x84d95594, 0x61e927a3), TOBN(0x013b9b26, 0xe2e0be7f),
-     TOBN(0x4feaec3b, 0x973497f1), TOBN(0x15c0f94e, 0x093ebc2d),
-     TOBN(0x6af5f227, 0x33af0583), TOBN(0x0c2af206, 0xc61f3340),
-     TOBN(0xd25dbdf1, 0x4457397c), TOBN(0x2e8ed017, 0xcabcbae0),
-     TOBN(0xe3010938, 0xc2815306), TOBN(0xbaa99337, 0xe8c6cd68),
-     TOBN(0x08513182, 0x3b0ec7de), TOBN(0x1e1b822b, 0x58df05df),
-     TOBN(0x5c14842f, 0xa5c3b683), TOBN(0x98fe977e, 0x3eba34ce),
-     TOBN(0xfd2316c2, 0x0d5e8873), TOBN(0xe48d839a, 0xbd0d427d),
-     TOBN(0x495b2218, 0x623fc961), TOBN(0x24ee56e7, 0xb46fba5e),
-     TOBN(0x9184a55b, 0x91e4de58), TOBN(0xa7488ca5, 0xdfdea288),
-     TOBN(0xa723862e, 0xa8dcc943), TOBN(0x92d762b2, 0x849dc0fc),
-     TOBN(0x3c444a12, 0x091ff4a9), TOBN(0x581113fa, 0x0cada274),
-     TOBN(0xb9de0a45, 0x30d8eae2), TOBN(0x5e0fcd85, 0xdf6b41ea),
-     TOBN(0x6233ea68, 0xc094dbb5), TOBN(0xb77d062e, 0xd968d410),
-     TOBN(0x3e719bbc, 0x58b3002d), TOBN(0x68e7dd3d, 0x3dc49d58),
-     TOBN(0x8d825740, 0x013a5e58), TOBN(0x21311747, 0x3c9e3c1b),
-     TOBN(0x0cb0a2a7, 0x7c99b6ab), TOBN(0x5c48a3b3, 0xc2f888f2)}
-    ,
-    {TOBN(0xc7913e91, 0x991724f3), TOBN(0x5eda799c, 0x39cbd686),
-     TOBN(0xddb595c7, 0x63d4fc1e), TOBN(0x6b63b80b, 0xac4fed54),
-     TOBN(0x6ea0fc69, 0x7e5fb516), TOBN(0x737708ba, 0xd0f1c964),
-     TOBN(0x9628745f, 0x11a92ca5), TOBN(0x61f37958, 0x9a86967a),
-     TOBN(0x9af39b2c, 0xaa665072), TOBN(0x78322fa4, 0xefd324ef),
-     TOBN(0x3d153394, 0xc327bd31), TOBN(0x81d5f271, 0x3129dab0),
-     TOBN(0xc72e0c42, 0xf48027f5), TOBN(0xaa40cdbc, 0x8536e717),
-     TOBN(0xf45a657a, 0x2d369d0f), TOBN(0xb03bbfc4, 0xea7f74e6),
-     TOBN(0x46a8c418, 0x0d738ded), TOBN(0x6f1a5bb0, 0xe0de5729),
-     TOBN(0xf10230b9, 0x8ba81675), TOBN(0x32c6f30c, 0x112b33d4),
-     TOBN(0x7559129d, 0xd8fffb62), TOBN(0x6a281b47, 0xb459bf05),
-     TOBN(0x77c1bd3a, 0xfa3b6776), TOBN(0x0709b380, 0x7829973a),
-     TOBN(0x8c26b232, 0xa3326505), TOBN(0x38d69272, 0xee1d41bf),
-     TOBN(0x0459453e, 0xffe32afa), TOBN(0xce8143ad, 0x7cb3ea87),
-     TOBN(0x932ec1fa, 0x7e6ab666), TOBN(0x6cd2d230, 0x22286264),
-     TOBN(0x459a46fe, 0x6736f8ed), TOBN(0x50bf0d00, 0x9eca85bb),
-     TOBN(0x0b825852, 0x877a21ec), TOBN(0x300414a7, 0x0f537a94),
-     TOBN(0x3f1cba40, 0x21a9a6a2), TOBN(0x50824eee, 0x76943c00),
-     TOBN(0xa0dbfcec, 0xf83cba5d), TOBN(0xf9538148, 0x93b4f3c0),
-     TOBN(0x61744162, 0x48f24dd7), TOBN(0x5322d64d, 0xe4fb09dd),
-     TOBN(0x57447384, 0x3d9325f3), TOBN(0xa9bef2d0, 0xf371cb84),
-     TOBN(0x77d2188b, 0xa61e36c5), TOBN(0xbbd6a7d7, 0xc602df72),
-     TOBN(0xba3aa902, 0x8f61bc0b), TOBN(0xf49085ed, 0x6ed0b6a1),
-     TOBN(0x8bc625d6, 0xae6e8298), TOBN(0x832b0b1d, 0xa2e9c01d),
-     TOBN(0xa337c447, 0xf1f0ced1), TOBN(0x800cc793, 0x9492dd2b),
-     TOBN(0x4b93151d, 0xbea08efa), TOBN(0x820cf3f8, 0xde0a741e),
-     TOBN(0xff1982dc, 0x1c0f7d13), TOBN(0xef921960, 0x84dde6ca),
-     TOBN(0x1ad7d972, 0x45f96ee3), TOBN(0x319c8dbe, 0x29dea0c7),
-     TOBN(0xd3ea3871, 0x7b82b99b), TOBN(0x75922d4d, 0x470eb624),
-     TOBN(0x8f66ec54, 0x3b95d466), TOBN(0x66e673cc, 0xbee1e346),
-     TOBN(0x6afe67c4, 0xb5f2b89a), TOBN(0x3de9c1e6, 0x290e5cd3),
-     TOBN(0x8c278bb6, 0x310a2ada), TOBN(0x420fa384, 0x0bdb323b),
-     TOBN(0x0ae1d63b, 0x0eb919b0), TOBN(0xd74ee51d, 0xa74b9620),
-     TOBN(0x395458d0, 0xa674290c), TOBN(0x324c930f, 0x4620a510),
-     TOBN(0x2d1f4d19, 0xfbac27d4), TOBN(0x4086e8ca, 0x9bedeeac),
-     TOBN(0x0cdd211b, 0x9b679ab8), TOBN(0x5970167d, 0x7090fec4),
-     TOBN(0x3420f2c9, 0xfaf1fc63), TOBN(0x616d333a, 0x328c8bb4),
-     TOBN(0x7d65364c, 0x57f1fe4a), TOBN(0x9343e877, 0x55e5c73a),
-     TOBN(0x5795176b, 0xe970e78c), TOBN(0xa36ccebf, 0x60533627),
-     TOBN(0xfc7c7380, 0x09cdfc1b), TOBN(0xb39a2afe, 0xb3fec326),
-     TOBN(0xb7ff1ba1, 0x6224408a), TOBN(0xcc856e92, 0x247cfc5e),
-     TOBN(0x01f102e7, 0xc18bc493), TOBN(0x4613ab74, 0x2091c727),
-     TOBN(0xaa25e89c, 0xc420bf2b), TOBN(0x00a53176, 0x90337ec2),
-     TOBN(0xd2be9f43, 0x7d025fc7), TOBN(0x3316fb85, 0x6e6fe3dc),
-     TOBN(0x27520af5, 0x9ac50814), TOBN(0xfdf95e78, 0x9a8e4223),
-     TOBN(0xb7e7df2a, 0x56bec5a0), TOBN(0xf7022f7d, 0xdf159e5d),
-     TOBN(0x93eeeab1, 0xcac1fe8f), TOBN(0x8040188c, 0x37451168),
-     TOBN(0x7ee8aa8a, 0xd967dce6), TOBN(0xfa0e79e7, 0x3abc9299),
-     TOBN(0x67332cfc, 0x2064cfd1), TOBN(0x339c31de, 0xb0651934),
-     TOBN(0x719b28d5, 0x2a3bcbea), TOBN(0xee74c82b, 0x9d6ae5c6),
-     TOBN(0x0927d05e, 0xbaf28ee6), TOBN(0x82cecf2c, 0x9d719028),
-     TOBN(0x0b0d353e, 0xddb30289), TOBN(0xfe4bb977, 0xfddb2e29),
-     TOBN(0xbb5bb990, 0x640bfd9e), TOBN(0xd226e277, 0x82f62108),
-     TOBN(0x4bf00985, 0x02ffdd56), TOBN(0x7756758a, 0x2ca1b1b5),
-     TOBN(0xc32b62a3, 0x5285fe91), TOBN(0xedbc546a, 0x8c9cd140),
-     TOBN(0x1e47a013, 0xaf5cb008), TOBN(0xbca7e720, 0x073ce8f2),
-     TOBN(0xe10b2ab8, 0x17a91cae), TOBN(0xb89aab65, 0x08e27f63),
-     TOBN(0x7b3074a7, 0xdba3ddf9), TOBN(0x1c20ce09, 0x330c2972),
-     TOBN(0x6b9917b4, 0x5fcf7e33), TOBN(0xe6793743, 0x945ceb42),
-     TOBN(0x18fc2215, 0x5c633d19), TOBN(0xad1adb3c, 0xc7485474),
-     TOBN(0x646f9679, 0x6424c49b), TOBN(0xf888dfe8, 0x67c241c9),
-     TOBN(0xe12d4b93, 0x24f68b49), TOBN(0x9a6b62d8, 0xa571df20),
-     TOBN(0x81b4b26d, 0x179483cb), TOBN(0x666f9632, 0x9511fae2),
-     TOBN(0xd281b3e4, 0xd53aa51f), TOBN(0x7f96a765, 0x7f3dbd16),
-     TOBN(0xa7f8b5bf, 0x074a30ce), TOBN(0xd7f52107, 0x005a32e6),
-     TOBN(0x6f9e0907, 0x50237ed4), TOBN(0x2f21da47, 0x8096fa2b),
-     TOBN(0xf3e19cb4, 0xeec863a0), TOBN(0xd18f77fd, 0x9527620a),
-     TOBN(0x9505c81c, 0x407c1cf8), TOBN(0x9998db4e, 0x1b6ec284),
-     TOBN(0x7e3389e5, 0xc247d44d), TOBN(0x12507141, 0x3f4f3d80),
-     TOBN(0xd4ba0110, 0x4a78a6c7), TOBN(0x312874a0, 0x767720be),
-     TOBN(0xded059a6, 0x75944370), TOBN(0xd6123d90, 0x3b2c0bdd),
-     TOBN(0xa56b717b, 0x51c108e3), TOBN(0x9bb7940e, 0x070623e9),
-     TOBN(0x794e2d59, 0x84ac066c), TOBN(0xf5954a92, 0xe68c69a0),
-     TOBN(0x28c52458, 0x4fd99dcc), TOBN(0x60e639fc, 0xb1012517),
-     TOBN(0xc2e60125, 0x7de79248), TOBN(0xe9ef6404, 0xf12fc6d7),
-     TOBN(0x4c4f2808, 0x2a3b5d32), TOBN(0x865ad32e, 0xc768eb8a),
-     TOBN(0xac02331b, 0x13fb70b6), TOBN(0x037b44c1, 0x95599b27),
-     TOBN(0x1a860fc4, 0x60bd082c), TOBN(0xa2e25745, 0xc980cd01),
-     TOBN(0xee3387a8, 0x1da0263e), TOBN(0x931bfb95, 0x2d10f3d6),
-     TOBN(0x5b687270, 0xa1f24a32), TOBN(0xf140e65d, 0xca494b86),
-     TOBN(0x4f4ddf91, 0xb2f1ac7a), TOBN(0xf99eaabb, 0x760fee27),
-     TOBN(0x57f4008a, 0x49c228e5), TOBN(0x090be440, 0x1cf713bb),
-     TOBN(0xac91fbe4, 0x5004f022), TOBN(0xd838c2c2, 0x569e1af6),
-     TOBN(0xd6c7d20b, 0x0f1daaa5), TOBN(0xaa063ac1, 0x1bbb02c0),
-     TOBN(0x0938a422, 0x59558a78), TOBN(0x5343c669, 0x8435da2f),
-     TOBN(0x96f67b18, 0x034410dc), TOBN(0x7cc1e424, 0x84510804),
-     TOBN(0x86a1543f, 0x16dfbb7d), TOBN(0x921fa942, 0x5b5bd592),
-     TOBN(0x9dcccb6e, 0xb33dd03c), TOBN(0x8581ddd9, 0xb843f51e),
-     TOBN(0x54935fcb, 0x81d73c9e), TOBN(0x6d07e979, 0x0a5e97ab),
-     TOBN(0x4dc7b30a, 0xcf3a6bab), TOBN(0x147ab1f3, 0x170bee11),
-     TOBN(0x0aaf8e3d, 0x9fafdee4), TOBN(0xfab3dbcb, 0x538a8b95),
-     TOBN(0x405df4b3, 0x6ef13871), TOBN(0xf1f4e9cb, 0x088d5a49),
-     TOBN(0x9bcd24d3, 0x66b33f1d), TOBN(0x3b97b820, 0x5ce445c0),
-     TOBN(0xe2926549, 0xba93ff61), TOBN(0xd9c341ce, 0x4dafe616),
-     TOBN(0xfb30a76e, 0x16efb6f3), TOBN(0xdf24b8ca, 0x605b953c),
-     TOBN(0x8bd52afe, 0xc2fffb9f), TOBN(0xbbac5ff7, 0xe19d0b96),
-     TOBN(0x43c01b87, 0x459afccd), TOBN(0x6bd45143, 0xb7432652),
-     TOBN(0x84734530, 0x55b5d78e), TOBN(0x81088fdb, 0x1554ba7d),
-     TOBN(0xada0a52c, 0x1e269375), TOBN(0xf9f037c4, 0x2dc5ec10),
-     TOBN(0xc0660607, 0x94bfbc11), TOBN(0xc0a630bb, 0xc9c40d2f),
-     TOBN(0x5efc797e, 0xab64c31e), TOBN(0xffdb1dab, 0x74507144),
-     TOBN(0xf6124287, 0x1ca6790c), TOBN(0xe9609d81, 0xe69bf1bf),
-     TOBN(0xdb898595, 0x00d24fc9), TOBN(0x9c750333, 0xe51fb417),
-     TOBN(0x51830a91, 0xfef7bbde), TOBN(0x0ce67dc8, 0x945f585c),
-     TOBN(0x9a730ed4, 0x4763eb50), TOBN(0x24a0e221, 0xc1ab0d66),
-     TOBN(0x643b6393, 0x648748f3), TOBN(0x1982daa1, 0x6d3c6291),
-     TOBN(0x6f00a9f7, 0x8bbc5549), TOBN(0x7a1783e1, 0x7f36384e),
-     TOBN(0xe8346323, 0xde977f50), TOBN(0x91ab688d, 0xb245502a),
-     TOBN(0x331ab6b5, 0x6d0bdd66), TOBN(0x0a6ef32e, 0x64b71229),
-     TOBN(0x1028150e, 0xfe7c352f), TOBN(0x27e04350, 0xce7b39d3),
-     TOBN(0x2a3c8acd, 0xc1070c82), TOBN(0xfb2034d3, 0x80c9feef),
-     TOBN(0x2d729621, 0x709f3729), TOBN(0x8df290bf, 0x62cb4549),
-     TOBN(0x02f99f33, 0xfc2e4326), TOBN(0x3b30076d, 0x5eddf032),
-     TOBN(0xbb21f8cf, 0x0c652fb5), TOBN(0x314fb49e, 0xed91cf7b),
-     TOBN(0xa013eca5, 0x2f700750), TOBN(0x2b9e3c23, 0x712a4575),
-     TOBN(0xe5355557, 0xaf30fbb0), TOBN(0x1ada3516, 0x7c77e771),
-     TOBN(0x45f6ecb2, 0x7b135670), TOBN(0xe85d19df, 0x7cfc202e),
-     TOBN(0x0f1b50c7, 0x58d1be9f), TOBN(0x5ebf2c0a, 0xead2e344),
-     TOBN(0x1531fe4e, 0xabc199c9), TOBN(0xc7032592, 0x56bab0ae),
-     TOBN(0x16ab2e48, 0x6c1fec54), TOBN(0x0f87fda8, 0x04280188),
-     TOBN(0xdc9f46fc, 0x609e4a74), TOBN(0x2a44a143, 0xba667f91),
-     TOBN(0xbc3d8b95, 0xb4d83436), TOBN(0xa01e4bd0, 0xc7bd2958),
-     TOBN(0x7b182932, 0x73483c90), TOBN(0xa79c6aa1, 0xa7c7b598),
-     TOBN(0xbf3983c6, 0xeaaac07e), TOBN(0x8f18181e, 0x96e0d4e6),
-     TOBN(0x8553d37c, 0x051af62b), TOBN(0xe9a998eb, 0x0bf94496),
-     TOBN(0xe0844f9f, 0xb0d59aa1), TOBN(0x983fd558, 0xe6afb813),
-     TOBN(0x9670c0ca, 0x65d69804), TOBN(0x732b22de, 0x6ea5ff2d),
-     TOBN(0xd7640ba9, 0x5fd8623b), TOBN(0x9f619163, 0xa6351782),
-     TOBN(0x0bfc27ee, 0xacee5043), TOBN(0xae419e73, 0x2eb10f02),
-     TOBN(0x19c028d1, 0x8943fb05), TOBN(0x71f01cf7, 0xff13aa2a),
-     TOBN(0x7790737e, 0x8887a132), TOBN(0x67513309, 0x66318410),
-     TOBN(0x9819e8a3, 0x7ddb795e), TOBN(0xfecb8ef5, 0xdad100b2),
-     TOBN(0x59f74a22, 0x3021926a), TOBN(0xb7c28a49, 0x6f9b4c1c),
-     TOBN(0xed1a733f, 0x912ad0ab), TOBN(0x42a910af, 0x01a5659c),
-     TOBN(0x3842c6e0, 0x7bd68cab), TOBN(0x2b57fa38, 0x76d70ac8),
-     TOBN(0x8a6707a8, 0x3c53aaeb), TOBN(0x62c1c510, 0x65b4db18),
-     TOBN(0x8de2c1fb, 0xb2d09dc7), TOBN(0xc3dfed12, 0x266bd23b),
-     TOBN(0x927d039b, 0xd5b27db6), TOBN(0x2fb2f0f1, 0x103243da),
-     TOBN(0xf855a07b, 0x80be7399), TOBN(0xed9327ce, 0x1f9f27a8),
-     TOBN(0xa0bd99c7, 0x729bdef7), TOBN(0x2b67125e, 0x28250d88),
-     TOBN(0x784b26e8, 0x8670ced7), TOBN(0xe3dfe41f, 0xc31bd3b4),
-     TOBN(0x9e353a06, 0xbcc85cbc), TOBN(0x302e2909, 0x60178a9d),
-     TOBN(0x860abf11, 0xa6eac16e), TOBN(0x76447000, 0xaa2b3aac),
-     TOBN(0x46ff9d19, 0x850afdab), TOBN(0x35bdd6a5, 0xfdb2d4c1),
-     TOBN(0xe82594b0, 0x7e5c9ce9), TOBN(0x0f379e53, 0x20af346e),
-     TOBN(0x608b31e3, 0xbc65ad4a), TOBN(0x710c6b12, 0x267c4826),
-     TOBN(0x51c966f9, 0x71954cf1), TOBN(0xb1cec793, 0x0d0aa215),
-     TOBN(0x1f155989, 0x86bd23a8), TOBN(0xae2ff99c, 0xf9452e86),
-     TOBN(0xd8dd953c, 0x340ceaa2), TOBN(0x26355275, 0x2e2e9333),
-     TOBN(0x15d4e5f9, 0x8586f06d), TOBN(0xd6bf94a8, 0xf7cab546),
-     TOBN(0x33c59a0a, 0xb76a9af0), TOBN(0x52740ab3, 0xba095af7),
-     TOBN(0xc444de8a, 0x24389ca0), TOBN(0xcc6f9863, 0x706da0cb),
-     TOBN(0xb5a741a7, 0x6b2515cf), TOBN(0x71c41601, 0x9585c749),
-     TOBN(0x78350d4f, 0xe683de97), TOBN(0x31d61524, 0x63d0b5f5),
-     TOBN(0x7a0cc5e1, 0xfbce090b), TOBN(0xaac927ed, 0xfbcb2a5b),
-     TOBN(0xe920de49, 0x20d84c35), TOBN(0x8c06a0b6, 0x22b4de26),
-     TOBN(0xd34dd58b, 0xafe7ddf3), TOBN(0x55851fed, 0xc1e6e55b),
-     TOBN(0xd1395616, 0x960696e7), TOBN(0x940304b2, 0x5f22705f),
-     TOBN(0x6f43f861, 0xb0a2a860), TOBN(0xcf121282, 0x0e7cc981),
-     TOBN(0x12186212, 0x0ab64a96), TOBN(0x09215b9a, 0xb789383c),
-     TOBN(0x311eb305, 0x37387c09), TOBN(0xc5832fce, 0xf03ee760),
-     TOBN(0x30358f58, 0x32f7ea19), TOBN(0xe01d3c34, 0x91d53551),
-     TOBN(0x1ca5ee41, 0xda48ea80), TOBN(0x34e71e8e, 0xcf4fa4c1),
-     TOBN(0x312abd25, 0x7af1e1c7), TOBN(0xe3afcdeb, 0x2153f4a5),
-     TOBN(0x9d5c84d7, 0x00235e9a), TOBN(0x0308d3f4, 0x8c4c836f),
-     TOBN(0xc0a66b04, 0x89332de5), TOBN(0x610dd399, 0x89e566ef),
-     TOBN(0xf8eea460, 0xd1ac1635), TOBN(0x84cbb3fb, 0x20a2c0df),
-     TOBN(0x40afb488, 0xe74a48c5), TOBN(0x29738198, 0xd326b150),
-     TOBN(0x2a17747f, 0xa6d74081), TOBN(0x60ea4c05, 0x55a26214),
-     TOBN(0x53514bb4, 0x1f88c5fe), TOBN(0xedd64567, 0x7e83426c),
-     TOBN(0xd5d6cbec, 0x96460b25), TOBN(0xa12fd0ce, 0x68dc115e),
-     TOBN(0xc5bc3ed2, 0x697840ea), TOBN(0x969876a8, 0xa6331e31),
-     TOBN(0x60c36217, 0x472ff580), TOBN(0xf4229705, 0x4ad41393),
-     TOBN(0x4bd99ef0, 0xa03b8b92), TOBN(0x501c7317, 0xc144f4f6),
-     TOBN(0x159009b3, 0x18464945), TOBN(0x6d5e594c, 0x74c5c6be),
-     TOBN(0x2d587011, 0x321a3660), TOBN(0xd1e184b1, 0x3898d022),
-     TOBN(0x5ba04752, 0x4c6a7e04), TOBN(0x47fa1e2b, 0x45550b65),
-     TOBN(0x9419daf0, 0x48c0a9a5), TOBN(0x66362953, 0x7c243236),
-     TOBN(0xcd0744b1, 0x5cb12a88), TOBN(0x561b6f9a, 0x2b646188),
-     TOBN(0x599415a5, 0x66c2c0c0), TOBN(0xbe3f0859, 0x0f83f09a),
-     TOBN(0x9141c5be, 0xb92041b8), TOBN(0x01ae38c7, 0x26477d0d),
-     TOBN(0xca8b71f3, 0xd12c7a94), TOBN(0xfab5b31f, 0x765c70db),
-     TOBN(0x76ae7492, 0x487443e9), TOBN(0x8595a310, 0x990d1349),
-     TOBN(0xf8dbeda8, 0x7d460a37), TOBN(0x7f7ad082, 0x1e45a38f),
-     TOBN(0xed1d4db6, 0x1059705a), TOBN(0xa3dd492a, 0xe6b9c697),
-     TOBN(0x4b92ee3a, 0x6eb38bd5), TOBN(0xbab2609d, 0x67cc0bb7),
-     TOBN(0x7fc4fe89, 0x6e70ee82), TOBN(0xeff2c56e, 0x13e6b7e3),
-     TOBN(0x9b18959e, 0x34d26fca), TOBN(0x2517ab66, 0x889d6b45),
-     TOBN(0xf167b4e0, 0xbdefdd4f), TOBN(0x69958465, 0xf366e401),
-     TOBN(0x5aa368ab, 0xa73bbec0), TOBN(0x12148709, 0x7b240c21),
-     TOBN(0x378c3233, 0x18969006), TOBN(0xcb4d73ce, 0xe1fe53d1),
-     TOBN(0x5f50a80e, 0x130c4361), TOBN(0xd67f5951, 0x7ef5212b),
-     TOBN(0xf145e21e, 0x9e70c72e), TOBN(0xb2e52e29, 0x5566d2fb),
-     TOBN(0x44eaba4a, 0x032397f5), TOBN(0x5e56937b, 0x7e31a7de),
-     TOBN(0x68dcf517, 0x456c61e1), TOBN(0xbc2e954a, 0xa8b0a388),
-     TOBN(0xe3552fa7, 0x60a8b755), TOBN(0x03442dae, 0x73ad0cde),
-     TOBN(0x37ffe747, 0xceb26210), TOBN(0x983545e8, 0x787baef9),
-     TOBN(0x8b8c8535, 0x86a3de31), TOBN(0xc621dbcb, 0xfacd46db),
-     TOBN(0x82e442e9, 0x59266fbb), TOBN(0xa3514c37, 0x339d471c),
-     TOBN(0x3a11b771, 0x62cdad96), TOBN(0xf0cb3b3c, 0xecf9bdf0),
-     TOBN(0x3fcbdbce, 0x478e2135), TOBN(0x7547b5cf, 0xbda35342),
-     TOBN(0xa97e81f1, 0x8a677af6), TOBN(0xc8c2bf83, 0x28817987),
-     TOBN(0xdf07eaaf, 0x45580985), TOBN(0xc68d1f05, 0xc93b45cb),
-     TOBN(0x106aa2fe, 0xc77b4cac), TOBN(0x4c1d8afc, 0x04a7ae86),
-     TOBN(0xdb41c3fd, 0x9eb45ab2), TOBN(0x5b234b5b, 0xd4b22e74),
-     TOBN(0xda253dec, 0xf215958a), TOBN(0x67e0606e, 0xa04edfa0),
-     TOBN(0xabbbf070, 0xef751b11), TOBN(0xf352f175, 0xf6f06dce),
-     TOBN(0xdfc4b6af, 0x6839f6b4), TOBN(0x53ddf9a8, 0x9959848e),
-     TOBN(0xda49c379, 0xc21520b0), TOBN(0x90864ff0, 0xdbd5d1b6),
-     TOBN(0x2f055d23, 0x5f49c7f7), TOBN(0xe51e4e6a, 0xa796b2d8),
-     TOBN(0xc361a67f, 0x5c9dc340), TOBN(0x5ad53c37, 0xbca7c620),
-     TOBN(0xda1d6588, 0x32c756d0), TOBN(0xad60d911, 0x8bb67e13),
-     TOBN(0xd6c47bdf, 0x0eeec8c6), TOBN(0x4a27fec1, 0x078a1821),
-     TOBN(0x081f7415, 0xc3099524), TOBN(0x8effdf0b, 0x82cd8060),
-     TOBN(0xdb70ec1c, 0x65842df8), TOBN(0x8821b358, 0xd319a901),
-     TOBN(0x72ee56ee, 0xde42b529), TOBN(0x5bb39592, 0x236e4286),
-     TOBN(0xd1183316, 0xfd6f7140), TOBN(0xf9fadb5b, 0xbd8e81f7),
-     TOBN(0x701d5e0c, 0x5a02d962), TOBN(0xfdee4dbf, 0x1b601324),
-     TOBN(0xbed17407, 0x35d7620e), TOBN(0x04e3c2c3, 0xf48c0012),
-     TOBN(0x9ee29da7, 0x3455449a), TOBN(0x562cdef4, 0x91a836c4),
-     TOBN(0x8f682a5f, 0x47701097), TOBN(0x617125d8, 0xff88d0c2),
-     TOBN(0x948fda24, 0x57bb86dd), TOBN(0x348abb8f, 0x289f7286),
-     TOBN(0xeb10eab5, 0x99d94bbd), TOBN(0xd51ba28e, 0x4684d160),
-     TOBN(0xabe0e51c, 0x30c8f41a), TOBN(0x66588b45, 0x13254f4a),
-     TOBN(0x147ebf01, 0xfad097a5), TOBN(0x49883ea8, 0x610e815d),
-     TOBN(0xe44d60ba, 0x8a11de56), TOBN(0xa970de6e, 0x827a7a6d),
-     TOBN(0x2be41424, 0x5e17fc19), TOBN(0xd833c657, 0x01214057),
-     TOBN(0x1375813b, 0x363e723f), TOBN(0x6820bb88, 0xe6a52e9b),
-     TOBN(0x7e7f6970, 0xd875d56a), TOBN(0xd6a0a9ac, 0x51fbf6bf),
-     TOBN(0x54ba8790, 0xa3083c12), TOBN(0xebaeb23d, 0x6ae7eb64),
-     TOBN(0xa8685c3a, 0xb99a907a), TOBN(0xf1e74550, 0x026bf40b),
-     TOBN(0x7b73a027, 0xc802cd9e), TOBN(0x9a8a927c, 0x4fef4635),
-     TOBN(0xe1b6f60c, 0x08191224), TOBN(0xc4126ebb, 0xde4ec091),
-     TOBN(0xe1dff4dc, 0x4ae38d84), TOBN(0xde3f57db, 0x4f2ef985),
-     TOBN(0x34964337, 0xd446a1dd), TOBN(0x7bf217a0, 0x859e77f6),
-     TOBN(0x8ff10527, 0x8e1d13f5), TOBN(0xa304ef03, 0x74eeae27),
-     TOBN(0xfc6f5e47, 0xd19dfa5a), TOBN(0xdb007de3, 0x7fad982b),
-     TOBN(0x28205ad1, 0x613715f5), TOBN(0x251e6729, 0x7889529e),
-     TOBN(0x72705184, 0x1ae98e78), TOBN(0xf818537d, 0x271cac32),
-     TOBN(0xc8a15b7e, 0xb7f410f5), TOBN(0xc474356f, 0x81f62393),
-     TOBN(0x92dbdc5a, 0xc242316b), TOBN(0xabe060ac, 0xdbf4aff5),
-     TOBN(0x6e8c38fe, 0x909a8ec6), TOBN(0x43e514e5, 0x6116cb94),
-     TOBN(0x2078fa38, 0x07d784f9), TOBN(0x1161a880, 0xf4b5b357),
-     TOBN(0x5283ce79, 0x13adea3d), TOBN(0x0756c3e6, 0xcc6a910b),
-     TOBN(0x60bcfe01, 0xaaa79697), TOBN(0x04a73b29, 0x56391db1),
-     TOBN(0xdd8dad47, 0x189b45a0), TOBN(0xbfac0dd0, 0x48d5b8d9),
-     TOBN(0x34ab3af5, 0x7d3d2ec2), TOBN(0x6fa2fc2d, 0x207bd3af),
-     TOBN(0x9ff40092, 0x66550ded), TOBN(0x719b3e87, 0x1fd5b913),
-     TOBN(0xa573a496, 0x6d17fbc7), TOBN(0x0cd1a70a, 0x73d2b24e),
-     TOBN(0x34e2c5ca, 0xb2676937), TOBN(0xe7050b06, 0xbf669f21),
-     TOBN(0xfbe948b6, 0x1ede9046), TOBN(0xa0530051, 0x97662659),
-     TOBN(0x58cbd4ed, 0xf10124c5), TOBN(0xde2646e4, 0xdd6c06c8),
-     TOBN(0x332f8108, 0x8cad38c0), TOBN(0x471b7e90, 0x6bd68ae2),
-     TOBN(0x56ac3fb2, 0x0d8e27a3), TOBN(0xb54660db, 0x136b4b0d),
-     TOBN(0x123a1e11, 0xa6fd8de4), TOBN(0x44dbffea, 0xa37799ef),
-     TOBN(0x4540b977, 0xce6ac17c), TOBN(0x495173a8, 0xaf60acef)}
-    ,
-    {TOBN(0x9ebb284d, 0x391c2a82), TOBN(0xbcdd4863, 0x158308e8),
-     TOBN(0x006f16ec, 0x83f1edca), TOBN(0xa13e2c37, 0x695dc6c8),
-     TOBN(0x2ab756f0, 0x4a057a87), TOBN(0xa8765500, 0xa6b48f98),
-     TOBN(0x4252face, 0x68651c44), TOBN(0xa52b540b, 0xe1765e02),
-     TOBN(0x4f922fc5, 0x16a0d2bb), TOBN(0x0d5cc16c, 0x1a623499),
-     TOBN(0x9241cf3a, 0x57c62c8b), TOBN(0x2f5e6961, 0xfd1b667f),
-     TOBN(0x5c15c70b, 0xf5a01797), TOBN(0x3d20b44d, 0x60956192),
-     TOBN(0x04911b37, 0x071fdb52), TOBN(0xf648f916, 0x8d6f0f7b),
-     TOBN(0x6dc1acaf, 0xe60b7cf7), TOBN(0x25860a50, 0x84a9d869),
-     TOBN(0x56fc6f09, 0xe7ba8ac4), TOBN(0x828c5bd0, 0x6148d29e),
-     TOBN(0xac6b435e, 0xdc55ae5f), TOBN(0xa527f56c, 0xc0117411),
-     TOBN(0x94d5045e, 0xfd24342c), TOBN(0x2c4c0a35, 0x70b67c0d),
-     TOBN(0x027cc8b8, 0xfac61d9a), TOBN(0x7d25e062, 0xe3c6fe8a),
-     TOBN(0xe08805bf, 0xe5bff503), TOBN(0x13271e6c, 0x6ff632f7),
-     TOBN(0x55dca6c0, 0x232f76a5), TOBN(0x8957c32d, 0x701ef426),
-     TOBN(0xee728bcb, 0xa10a5178), TOBN(0x5ea60411, 0xb62c5173),
-     TOBN(0xfc4e964e, 0xd0b8892b), TOBN(0x9ea17683, 0x9301bb74),
-     TOBN(0x6265c5ae, 0xfcc48626), TOBN(0xe60cf82e, 0xbb3e9102),
-     TOBN(0x57adf797, 0xd4df5531), TOBN(0x235b59a1, 0x8deeefe2),
-     TOBN(0x60adcf58, 0x3f306eb1), TOBN(0x105c2753, 0x3d09492d),
-     TOBN(0x4090914b, 0xb5def996), TOBN(0x1cb69c83, 0x233dd1e7),
-     TOBN(0xc1e9c1d3, 0x9b3d5e76), TOBN(0x1f3338ed, 0xfccf6012),
-     TOBN(0xb1e95d0d, 0x2f5378a8), TOBN(0xacf4c2c7, 0x2f00cd21),
-     TOBN(0x6e984240, 0xeb5fe290), TOBN(0xd66c038d, 0x248088ae),
-     TOBN(0x804d264a, 0xf94d70cf), TOBN(0xbdb802ef, 0x7314bf7e),
-     TOBN(0x8fb54de2, 0x4333ed02), TOBN(0x740461e0, 0x285635d9),
-     TOBN(0x4113b2c8, 0x365e9383), TOBN(0xea762c83, 0x3fdef652),
-     TOBN(0x4eec6e2e, 0x47b956c1), TOBN(0xa3d814be, 0x65620fa4),
-     TOBN(0x9ad5462b, 0xb4d8bc50), TOBN(0x181c0b16, 0xa9195770),
-     TOBN(0xebd4fe1c, 0x78412a68), TOBN(0xae0341bc, 0xc0dff48c),
-     TOBN(0xb6bc45cf, 0x7003e866), TOBN(0xf11a6dea, 0x8a24a41b),
-     TOBN(0x5407151a, 0xd04c24c2), TOBN(0x62c9d27d, 0xda5b7b68),
-     TOBN(0x2e964235, 0x88cceff6), TOBN(0x8594c54f, 0x8b07ed69),
-     TOBN(0x1578e73c, 0xc84d0d0d), TOBN(0x7b4e1055, 0xff532868),
-     TOBN(0xa348c0d5, 0xb5ec995a), TOBN(0xbf4b9d55, 0x14289a54),
-     TOBN(0x9ba155a6, 0x58fbd777), TOBN(0x186ed7a8, 0x1a84491d),
-     TOBN(0xd4992b30, 0x614c0900), TOBN(0xda98d121, 0xbd00c24b),
-     TOBN(0x7f534dc8, 0x7ec4bfa1), TOBN(0x4a5ff674, 0x37dc34bc),
-     TOBN(0x68c196b8, 0x1d7ea1d7), TOBN(0x38cf2893, 0x80a6d208),
-     TOBN(0xfd56cd09, 0xe3cbbd6e), TOBN(0xec72e27e, 0x4205a5b6),
-     TOBN(0x15ea68f5, 0xa44f77f7), TOBN(0x7aa5f9fd, 0xb43c52bc),
-     TOBN(0x86ff676f, 0x94f0e609), TOBN(0xa4cde963, 0x2e2d432b),
-     TOBN(0x8cafa0c0, 0xeee470af), TOBN(0x84137d0e, 0x8a3f5ec8),
-     TOBN(0xebb40411, 0xfaa31231), TOBN(0xa239c13f, 0x6f7f7ccf),
-     TOBN(0x32865719, 0xa8afd30b), TOBN(0x86798328, 0x8a826dce),
-     TOBN(0xdf04e891, 0xc4a8fbe0), TOBN(0xbb6b6e1b, 0xebf56ad3),
-     TOBN(0x0a695b11, 0x471f1ff0), TOBN(0xd76c3389, 0xbe15baf0),
-     TOBN(0x018edb95, 0xbe96c43e), TOBN(0xf2beaaf4, 0x90794158),
-     TOBN(0x152db09e, 0xc3076a27), TOBN(0x5e82908e, 0xe416545d),
-     TOBN(0xa2c41272, 0x356d6f2e), TOBN(0xdc9c9642, 0x31fd74e1),
-     TOBN(0x66ceb88d, 0x519bf615), TOBN(0xe29ecd76, 0x05a2274e),
-     TOBN(0x3a0473c4, 0xbf5e2fa0), TOBN(0x6b6eb671, 0x64284e67),
-     TOBN(0xe8b97932, 0xb88756dd), TOBN(0xed4e8652, 0xf17e3e61),
-     TOBN(0xc2dd1499, 0x3ee1c4a4), TOBN(0xc0aaee17, 0x597f8c0e),
-     TOBN(0x15c4edb9, 0x6c168af3), TOBN(0x6563c7bf, 0xb39ae875),
-     TOBN(0xadfadb6f, 0x20adb436), TOBN(0xad55e8c9, 0x9a042ac0),
-     TOBN(0x975a1ed8, 0xb76da1f5), TOBN(0x10dfa466, 0xa58acb94),
-     TOBN(0x8dd7f7e3, 0xac060282), TOBN(0x6813e66a, 0x572a051e),
-     TOBN(0xb4ccae1e, 0x350cb901), TOBN(0xb653d656, 0x50cb7822),
-     TOBN(0x42484710, 0xdfab3b87), TOBN(0xcd7ee537, 0x9b670fd0),
-     TOBN(0x0a50b12e, 0x523b8bf6), TOBN(0x8009eb5b, 0x8f910c1b),
-     TOBN(0xf535af82, 0x4a167588), TOBN(0x0f835f9c, 0xfb2a2abd),
-     TOBN(0xf59b2931, 0x2afceb62), TOBN(0xc797df2a, 0x169d383f),
-     TOBN(0xeb3f5fb0, 0x66ac02b0), TOBN(0x029d4c6f, 0xdaa2d0ca),
-     TOBN(0xd4059bc1, 0xafab4bc5), TOBN(0x833f5c6f, 0x56783247),
-     TOBN(0xb5346630, 0x8d2d3605), TOBN(0x83387891, 0xd34d8433),
-     TOBN(0xd973b30f, 0xadd9419a), TOBN(0xbcca1099, 0xafe3fce8),
-     TOBN(0x08178315, 0x0809aac6), TOBN(0x01b7f21a, 0x540f0f11),
-     TOBN(0x65c29219, 0x909523c8), TOBN(0xa62f648f, 0xa3a1c741),
-     TOBN(0x88598d4f, 0x60c9e55a), TOBN(0xbce9141b, 0x0e4f347a),
-     TOBN(0x9af97d84, 0x35f9b988), TOBN(0x0210da62, 0x320475b6),
-     TOBN(0x3c076e22, 0x9191476c), TOBN(0x7520dbd9, 0x44fc7834),
-     TOBN(0x6a6b2cfe, 0xc1ab1bbd), TOBN(0xef8a65be, 0xdc650938),
-     TOBN(0x72855540, 0x805d7bc4), TOBN(0xda389396, 0xed11fdfd),
-     TOBN(0xa9d5bd36, 0x74660876), TOBN(0x11d67c54, 0xb45dff35),
-     TOBN(0x6af7d148, 0xa4f5da94), TOBN(0xbb8d4c3f, 0xc0bbeb31),
-     TOBN(0x87a7ebd1, 0xe0a1b12a), TOBN(0x1e4ef88d, 0x770ba95f),
-     TOBN(0x8c33345c, 0xdc2ae9cb), TOBN(0xcecf1276, 0x01cc8403),
-     TOBN(0x687c012e, 0x1b39b80f), TOBN(0xfd90d0ad, 0x35c33ba4),
-     TOBN(0xa3ef5a67, 0x5c9661c2), TOBN(0x368fc88e, 0xe017429e),
-     TOBN(0xd30c6761, 0x196a2fa2), TOBN(0x931b9817, 0xbd5b312e),
-     TOBN(0xba01000c, 0x72f54a31), TOBN(0xa203d2c8, 0x66eaa541),
-     TOBN(0xf2abdee0, 0x98939db3), TOBN(0xe37d6c2c, 0x3e606c02),
-     TOBN(0xf2921574, 0x521ff643), TOBN(0x2781b3c4, 0xd7e2fca3),
-     TOBN(0x664300b0, 0x7850ec06), TOBN(0xac5a38b9, 0x7d3a10cf),
-     TOBN(0x9233188d, 0xe34ab39d), TOBN(0xe77057e4, 0x5072cbb9),
-     TOBN(0xbcf0c042, 0xb59e78df), TOBN(0x4cfc91e8, 0x1d97de52),
-     TOBN(0x4661a26c, 0x3ee0ca4a), TOBN(0x5620a4c1, 0xfb8507bc),
-     TOBN(0x4b44d4aa, 0x049f842c), TOBN(0xceabc5d5, 0x1540e82b),
-     TOBN(0x306710fd, 0x15c6f156), TOBN(0xbe5ae52b, 0x63db1d72),
-     TOBN(0x06f1e7e6, 0x334957f1), TOBN(0x57e388f0, 0x31144a70),
-     TOBN(0xfb69bb2f, 0xdf96447b), TOBN(0x0f78ebd3, 0x73e38a12),
-     TOBN(0xb8222605, 0x2b7ce542), TOBN(0xe6d4ce99, 0x7472bde1),
-     TOBN(0x53e16ebe, 0x09d2f4da), TOBN(0x180ff42e, 0x53b92b2e),
-     TOBN(0xc59bcc02, 0x2c34a1c6), TOBN(0x3803d6f9, 0x422c46c2),
-     TOBN(0x18aff74f, 0x5c14a8a2), TOBN(0x55aebf80, 0x10a08b28),
-     TOBN(0x66097d58, 0x7135593f), TOBN(0x32e6eff7, 0x2be570cd),
-     TOBN(0x584e6a10, 0x2a8c860d), TOBN(0xcd185890, 0xa2eb4163),
-     TOBN(0x7ceae99d, 0x6d97e134), TOBN(0xd42c6b70, 0xdd8447ce),
-     TOBN(0x59ddbb4a, 0xb8c50273), TOBN(0x03c612df, 0x3cf34e1e),
-     TOBN(0x84b9ca15, 0x04b6c5a0), TOBN(0x35216f39, 0x18f0e3a3),
-     TOBN(0x3ec2d2bc, 0xbd986c00), TOBN(0x8bf546d9, 0xd19228fe),
-     TOBN(0xd1c655a4, 0x4cd623c3), TOBN(0x366ce718, 0x502b8e5a),
-     TOBN(0x2cfc84b4, 0xeea0bfe7), TOBN(0xe01d5cee, 0xcf443e8e),
-     TOBN(0x8ec045d9, 0x036520f8), TOBN(0xdfb3c3d1, 0x92d40e98),
-     TOBN(0x0bac4cce, 0xcc559a04), TOBN(0x35eccae5, 0x240ea6b1),
-     TOBN(0x180b32db, 0xf8a5a0ac), TOBN(0x547972a5, 0xeb699700),
-     TOBN(0xa3765801, 0xca26bca0), TOBN(0x57e09d0e, 0xa647f25a),
-     TOBN(0xb956970e, 0x2fdd23cc), TOBN(0xb80288bc, 0x5682e971),
-     TOBN(0xe6e6d91e, 0x9ae86ebc), TOBN(0x0564c83f, 0x8c9f1939),
-     TOBN(0x551932a2, 0x39560368), TOBN(0xe893752b, 0x049c28e2),
-     TOBN(0x0b03cee5, 0xa6a158c3), TOBN(0xe12d656b, 0x04964263),
-     TOBN(0x4b47554e, 0x63e3bc1d), TOBN(0xc719b6a2, 0x45044ff7),
-     TOBN(0x4f24d30a, 0xe48daa07), TOBN(0xa3f37556, 0xc8c1edc3),
-     TOBN(0x9a47bf76, 0x0700d360), TOBN(0xbb1a1824, 0x822ae4e2),
-     TOBN(0x22e275a3, 0x89f1fb4c), TOBN(0x72b1aa23, 0x9968c5f5),
-     TOBN(0xa75feaca, 0xbe063f64), TOBN(0x9b392f43, 0xbce47a09),
-     TOBN(0xd4241509, 0x1ad07aca), TOBN(0x4b0c591b, 0x8d26cd0f),
-     TOBN(0x2d42ddfd, 0x92f1169a), TOBN(0x63aeb1ac, 0x4cbf2392),
-     TOBN(0x1de9e877, 0x0691a2af), TOBN(0xebe79af7, 0xd98021da),
-     TOBN(0xcfdf2a4e, 0x40e50acf), TOBN(0xf0a98ad7, 0xaf01d665),
-     TOBN(0xefb640bf, 0x1831be1f), TOBN(0x6fe8bd2f, 0x80e9ada0),
-     TOBN(0x94c103a1, 0x6cafbc91), TOBN(0x170f8759, 0x8308e08c),
-     TOBN(0x5de2d2ab, 0x9780ff4f), TOBN(0x666466bc, 0x45b201f2),
-     TOBN(0x58af2010, 0xf5b343bc), TOBN(0x0f2e400a, 0xf2f142fe),
-     TOBN(0x3483bfde, 0xa85f4bdf), TOBN(0xf0b1d093, 0x03bfeaa9),
-     TOBN(0x2ea01b95, 0xc7081603), TOBN(0xe943e4c9, 0x3dba1097),
-     TOBN(0x47be92ad, 0xb438f3a6), TOBN(0x00bb7742, 0xe5bf6636),
-     TOBN(0x136b7083, 0x824297b4), TOBN(0x9d0e5580, 0x5584455f),
-     TOBN(0xab48cedc, 0xf1c7d69e), TOBN(0x53a9e481, 0x2a256e76),
-     TOBN(0x0402b0e0, 0x65eb2413), TOBN(0xdadbbb84, 0x8fc407a7),
-     TOBN(0xa65cd5a4, 0x8d7f5492), TOBN(0x21d44293, 0x74bae294),
-     TOBN(0x66917ce6, 0x3b5f1cc4), TOBN(0x37ae52ea, 0xce872e62),
-     TOBN(0xbb087b72, 0x2905f244), TOBN(0x12077086, 0x1e6af74f),
-     TOBN(0x4b644e49, 0x1058edea), TOBN(0x827510e3, 0xb638ca1d),
-     TOBN(0x8cf2b704, 0x6038591c), TOBN(0xffc8b47a, 0xfe635063),
-     TOBN(0x3ae220e6, 0x1b4d5e63), TOBN(0xbd864742, 0x9d961b4b),
-     TOBN(0x610c107e, 0x9bd16bed), TOBN(0x4270352a, 0x1127147b),
-     TOBN(0x7d17ffe6, 0x64cfc50e), TOBN(0x50dee01a, 0x1e36cb42),
-     TOBN(0x068a7622, 0x35dc5f9a), TOBN(0x9a08d536, 0xdf53f62c),
-     TOBN(0x4ed71457, 0x6be5f7de), TOBN(0xd93006f8, 0xc2263c9e),
-     TOBN(0xe073694c, 0xcacacb36), TOBN(0x2ff7a5b4, 0x3ae118ab),
-     TOBN(0x3cce53f1, 0xcd871236), TOBN(0xf156a39d, 0xc2aa6d52),
-     TOBN(0x9cc5f271, 0xb198d76d), TOBN(0xbc615b6f, 0x81383d39),
-     TOBN(0xa54538e8, 0xde3eee6b), TOBN(0x58c77538, 0xab910d91),
-     TOBN(0x31e5bdbc, 0x58d278bd), TOBN(0x3cde4adf, 0xb963acae),
-     TOBN(0xb1881fd2, 0x5302169c), TOBN(0x8ca60fa0, 0xa989ed8b),
-     TOBN(0xa1999458, 0xff96a0ee), TOBN(0xc1141f03, 0xac6c283d),
-     TOBN(0x7677408d, 0x6dfafed3), TOBN(0x33a01653, 0x39661588),
-     TOBN(0x3c9c15ec, 0x0b726fa0), TOBN(0x090cfd93, 0x6c9b56da),
-     TOBN(0xe34f4bae, 0xa3c40af5), TOBN(0x3469eadb, 0xd21129f1),
-     TOBN(0xcc51674a, 0x1e207ce8), TOBN(0x1e293b24, 0xc83b1ef9),
-     TOBN(0x17173d13, 0x1e6c0bb4), TOBN(0x19004695, 0x90776d35),
-     TOBN(0xe7980e34, 0x6de6f922), TOBN(0x873554cb, 0xf4dd9a22),
-     TOBN(0x0316c627, 0xcbf18a51), TOBN(0x4d93651b, 0x3032c081),
-     TOBN(0x207f2771, 0x3946834d), TOBN(0x2c08d7b4, 0x30cdbf80),
-     TOBN(0x137a4fb4, 0x86df2a61), TOBN(0xa1ed9c07, 0xecf7b4a2),
-     TOBN(0xb2e460e2, 0x7bd042ff), TOBN(0xb7f5e2fa, 0x5f62f5ec),
-     TOBN(0x7aa6ec6b, 0xcc2423b7), TOBN(0x75ce0a7f, 0xba63eea7),
-     TOBN(0x67a45fb1, 0xf250a6e1), TOBN(0x93bc919c, 0xe53cdc9f),
-     TOBN(0x9271f56f, 0x871942df), TOBN(0x2372ff6f, 0x7859ad66),
-     TOBN(0x5f4c2b96, 0x33cb1a78), TOBN(0xe3e29101, 0x5838aa83),
-     TOBN(0xa7ed1611, 0xe4e8110c), TOBN(0x2a2d70d5, 0x330198ce),
-     TOBN(0xbdf132e8, 0x6720efe0), TOBN(0xe61a8962, 0x66a471bf),
-     TOBN(0x796d3a85, 0x825808bd), TOBN(0x51dc3cb7, 0x3fd6e902),
-     TOBN(0x643c768a, 0x916219d1), TOBN(0x36cd7685, 0xa2ad7d32),
-     TOBN(0xe3db9d05, 0xb22922a4), TOBN(0x6494c87e, 0xdba29660),
-     TOBN(0xf0ac91df, 0xbcd2ebc7), TOBN(0x4deb57a0, 0x45107f8d),
-     TOBN(0x42271f59, 0xc3d12a73), TOBN(0x5f71687c, 0xa5c2c51d),
-     TOBN(0xcb1f50c6, 0x05797bcb), TOBN(0x29ed0ed9, 0xd6d34eb0),
-     TOBN(0xe5fe5b47, 0x4683c2eb), TOBN(0x4956eeb5, 0x97447c46),
-     TOBN(0x5b163a43, 0x71207167), TOBN(0x93fa2fed, 0x0248c5ef),
-     TOBN(0x67930af2, 0x31f63950), TOBN(0xa77797c1, 0x14caa2c9),
-     TOBN(0x526e80ee, 0x27ac7e62), TOBN(0xe1e6e626, 0x58b28aec),
-     TOBN(0x636178b0, 0xb3c9fef0), TOBN(0xaf7752e0, 0x6d5f90be),
-     TOBN(0x94ecaf18, 0xeece51cf), TOBN(0x2864d0ed, 0xca806e1f),
-     TOBN(0x6de2e383, 0x97c69134), TOBN(0x5a42c316, 0xeb291293),
-     TOBN(0xc7779219, 0x6a60bae0), TOBN(0xa24de346, 0x6b7599d1),
-     TOBN(0x49d374aa, 0xb75d4941), TOBN(0x98900586, 0x2d501ff0),
-     TOBN(0x9f16d40e, 0xeb7974cf), TOBN(0x1033860b, 0xcdd8c115),
-     TOBN(0xb6c69ac8, 0x2094cec3), TOBN(0x9976fb88, 0x403b770c),
-     TOBN(0x1dea026c, 0x4859590d), TOBN(0xb6acbb46, 0x8562d1fd),
-     TOBN(0x7cd6c461, 0x44569d85), TOBN(0xc3190a36, 0x97f0891d),
-     TOBN(0xc6f53195, 0x48d5a17d), TOBN(0x7d919966, 0xd749abc8),
-     TOBN(0x65104837, 0xdd1c8a20), TOBN(0x7e5410c8, 0x2f683419),
-     TOBN(0x958c3ca8, 0xbe94022e), TOBN(0x605c3197, 0x6145dac2),
-     TOBN(0x3fc07501, 0x01683d54), TOBN(0x1d7127c5, 0x595b1234),
-     TOBN(0x10b8f87c, 0x9481277f), TOBN(0x677db2a8, 0xe65a1adb),
-     TOBN(0xec2fccaa, 0xddce3345), TOBN(0x2a6811b7, 0x012a4350),
-     TOBN(0x96760ff1, 0xac598bdc), TOBN(0x054d652a, 0xd1bf4128),
-     TOBN(0x0a1151d4, 0x92a21005), TOBN(0xad7f3971, 0x33110fdf),
-     TOBN(0x8c95928c, 0x1960100f), TOBN(0x6c91c825, 0x7bf03362),
-     TOBN(0xc8c8b2a2, 0xce309f06), TOBN(0xfdb27b59, 0xca27204b),
-     TOBN(0xd223eaa5, 0x0848e32e), TOBN(0xb93e4b2e, 0xe7bfaf1e),
-     TOBN(0xc5308ae6, 0x44aa3ded), TOBN(0x317a666a, 0xc015d573),
-     TOBN(0xc888ce23, 0x1a979707), TOBN(0xf141c1e6, 0x0d5c4958),
-     TOBN(0xb53b7de5, 0x61906373), TOBN(0x858dbade, 0xeb999595),
-     TOBN(0x8cbb47b2, 0xa59e5c36), TOBN(0x660318b3, 0xdcf4e842),
-     TOBN(0xbd161ccd, 0x12ba4b7a), TOBN(0xf399daab, 0xf8c8282a),
-     TOBN(0x1587633a, 0xeeb2130d), TOBN(0xa465311a, 0xda38dd7d),
-     TOBN(0x5f75eec8, 0x64d3779b), TOBN(0x3c5d0476, 0xad64c171),
-     TOBN(0x87410371, 0x2a914428), TOBN(0x8096a891, 0x90e2fc29),
-     TOBN(0xd3d2ae9d, 0x23b3ebc2), TOBN(0x90bdd6db, 0xa580cfd6),
-     TOBN(0x52dbb7f3, 0xc5b01f6c), TOBN(0xe68eded4, 0xe102a2dc),
-     TOBN(0x17785b77, 0x99eb6df0), TOBN(0x26c3cc51, 0x7386b779),
-     TOBN(0x345ed988, 0x6417a48e), TOBN(0xe990b4e4, 0x07d6ef31),
-     TOBN(0x0f456b7e, 0x2586abba), TOBN(0x239ca6a5, 0x59c96e9a),
-     TOBN(0xe327459c, 0xe2eb4206), TOBN(0x3a4c3313, 0xa002b90a),
-     TOBN(0x2a114806, 0xf6a3f6fb), TOBN(0xad5cad2f, 0x85c251dd),
-     TOBN(0x92c1f613, 0xf5a784d3), TOBN(0xec7bfacf, 0x349766d5),
-     TOBN(0x04b3cd33, 0x3e23cb3b), TOBN(0x3979fe84, 0xc5a64b2d),
-     TOBN(0x192e2720, 0x7e589106), TOBN(0xa60c43d1, 0xa15b527f),
-     TOBN(0x2dae9082, 0xbe7cf3a6), TOBN(0xcc86ba92, 0xbc967274),
-     TOBN(0xf28a2ce8, 0xaea0a8a9), TOBN(0x404ca6d9, 0x6ee988b3),
-     TOBN(0xfd7e9c5d, 0x005921b8), TOBN(0xf56297f1, 0x44e79bf9),
-     TOBN(0xa163b460, 0x0d75ddc2), TOBN(0x30b23616, 0xa1f2be87),
-     TOBN(0x4b070d21, 0xbfe50e2b), TOBN(0x7ef8cfd0, 0xe1bfede1),
-     TOBN(0xadba0011, 0x2aac4ae0), TOBN(0x2a3e7d01, 0xb9ebd033),
-     TOBN(0x995277ec, 0xe38d9d1c), TOBN(0xb500249e, 0x9c5d2de3),
-     TOBN(0x8912b820, 0xf13ca8c9), TOBN(0xc8798114, 0x877793af),
-     TOBN(0x19e6125d, 0xec3f1dec), TOBN(0x07b1f040, 0x911178da),
-     TOBN(0xd93ededa, 0x904a6738), TOBN(0x55187a5a, 0x0bebedcd),
-     TOBN(0xf7d04722, 0xeb329d41), TOBN(0xf449099e, 0xf170b391),
-     TOBN(0xfd317a69, 0xca99f828), TOBN(0x50c3db2b, 0x34a4976d),
-     TOBN(0xe9ba7784, 0x3757b392), TOBN(0x326caefd, 0xaa3ca05a),
-     TOBN(0x78e5293b, 0xf1e593d4), TOBN(0x7842a937, 0x0d98fd13),
-     TOBN(0xe694bf96, 0x5f96b10d), TOBN(0x373a9df6, 0x06a8cd05),
-     TOBN(0x997d1e51, 0xe8f0c7fc), TOBN(0x1d019790, 0x63fd972e),
-     TOBN(0x0064d858, 0x5499fb32), TOBN(0x7b67bad9, 0x77a8aeb7),
-     TOBN(0x1d3eb977, 0x2d08eec5), TOBN(0x5fc047a6, 0xcbabae1d),
-     TOBN(0x0577d159, 0xe54a64bb), TOBN(0x8862201b, 0xc43497e4),
-     TOBN(0xad6b4e28, 0x2ce0608d), TOBN(0x8b687b7d, 0x0b167aac),
-     TOBN(0x6ed4d367, 0x8b2ecfa9), TOBN(0x24dfe62d, 0xa90c3c38),
-     TOBN(0xa1862e10, 0x3fe5c42b), TOBN(0x1ca73dca, 0xd5732a9f),
-     TOBN(0x35f038b7, 0x76bb87ad), TOBN(0x674976ab, 0xf242b81f),
-     TOBN(0x4f2bde7e, 0xb0fd90cd), TOBN(0x6efc172e, 0xa7fdf092),
-     TOBN(0x3806b69b, 0x92222f1f), TOBN(0x5a2459ca, 0x6cf7ae70),
-     TOBN(0x6789f69c, 0xa85217ee), TOBN(0x5f232b5e, 0xe3dc85ac),
-     TOBN(0x660e3ec5, 0x48e9e516), TOBN(0x124b4e47, 0x3197eb31),
-     TOBN(0x10a0cb13, 0xaafcca23), TOBN(0x7bd63ba4, 0x8213224f),
-     TOBN(0xaffad7cc, 0x290a7f4f), TOBN(0x6b409c9e, 0x0286b461),
-     TOBN(0x58ab809f, 0xffa407af), TOBN(0xc3122eed, 0xc68ac073),
-     TOBN(0x17bf9e50, 0x4ef24d7e), TOBN(0x5d929794, 0x3e2a5811),
-     TOBN(0x519bc867, 0x02902e01), TOBN(0x76bba5da, 0x39c8a851),
-     TOBN(0xe9f9669c, 0xda94951e), TOBN(0x4b6af58d, 0x66b8d418),
-     TOBN(0xfa321074, 0x17d426a4), TOBN(0xc78e66a9, 0x9dde6027),
-     TOBN(0x0516c083, 0x4a53b964), TOBN(0xfc659d38, 0xff602330),
-     TOBN(0x0ab55e5c, 0x58c5c897), TOBN(0x985099b2, 0x838bc5df),
-     TOBN(0x061d9efc, 0xc52fc238), TOBN(0x712b2728, 0x6ac1da3f),
-     TOBN(0xfb658149, 0x9283fe08), TOBN(0x4954ac94, 0xb8aaa2f7),
-     TOBN(0x85c0ada4, 0x7fb2e74f), TOBN(0xee8ba98e, 0xb89926b0),
-     TOBN(0xe4f9d37d, 0x23d1af5b), TOBN(0x14ccdbf9, 0xba9b015e),
-     TOBN(0xb674481b, 0x7bfe7178), TOBN(0x4e1debae, 0x65405868),
-     TOBN(0x061b2821, 0xc48c867d), TOBN(0x69c15b35, 0x513b30ea),
-     TOBN(0x3b4a1666, 0x36871088), TOBN(0xe5e29f5d, 0x1220b1ff),
-     TOBN(0x4b82bb35, 0x233d9f4d), TOBN(0x4e076333, 0x18cdc675)}
-    ,
-    {TOBN(0x0d53f5c7, 0xa3e6fced), TOBN(0xe8cbbdd5, 0xf45fbdeb),
-     TOBN(0xf85c01df, 0x13339a70), TOBN(0x0ff71880, 0x142ceb81),
-     TOBN(0x4c4e8774, 0xbd70437a), TOBN(0x5fb32891, 0xba0bda6a),
-     TOBN(0x1cdbebd2, 0xf18bd26e), TOBN(0x2f9526f1, 0x03a9d522),
-     TOBN(0x40ce3051, 0x92c4d684), TOBN(0x8b04d725, 0x7612efcd),
-     TOBN(0xb9dcda36, 0x6f9cae20), TOBN(0x0edc4d24, 0xf058856c),
-     TOBN(0x64f2e6bf, 0x85427900), TOBN(0x3de81295, 0xdc09dfea),
-     TOBN(0xd41b4487, 0x379bf26c), TOBN(0x50b62c6d, 0x6df135a9),
-     TOBN(0xd4f8e3b4, 0xc72dfe67), TOBN(0xc416b0f6, 0x90e19fdf),
-     TOBN(0x18b9098d, 0x4c13bd35), TOBN(0xac11118a, 0x15b8cb9e),
-     TOBN(0xf598a318, 0xf0062841), TOBN(0xbfe0602f, 0x89f356f4),
-     TOBN(0x7ae3637e, 0x30177a0c), TOBN(0x34097747, 0x61136537),
-     TOBN(0x0db2fb5e, 0xd005832a), TOBN(0x5f5efd3b, 0x91042e4f),
-     TOBN(0x8c4ffdc6, 0xed70f8ca), TOBN(0xe4645d0b, 0xb52da9cc),
-     TOBN(0x9596f58b, 0xc9001d1f), TOBN(0x52c8f0bc, 0x4e117205),
-     TOBN(0xfd4aa0d2, 0xe398a084), TOBN(0x815bfe3a, 0x104f49de),
-     TOBN(0x97e5443f, 0x23885e5f), TOBN(0xf72f8f99, 0xe8433aab),
-     TOBN(0xbd00b154, 0xe4d4e604), TOBN(0xd0b35e6a, 0xe5e173ff),
-     TOBN(0x57b2a048, 0x9164722d), TOBN(0x3e3c665b, 0x88761ec8),
-     TOBN(0x6bdd1397, 0x3da83832), TOBN(0x3c8b1a1e, 0x73dafe3b),
-     TOBN(0x4497ace6, 0x54317cac), TOBN(0xbe600ab9, 0x521771b3),
-     TOBN(0xb42e409e, 0xb0dfe8b8), TOBN(0x386a67d7, 0x3942310f),
-     TOBN(0x25548d8d, 0x4431cc28), TOBN(0xa7cff142, 0x985dc524),
-     TOBN(0x4d60f5a1, 0x93c4be32), TOBN(0x83ebd5c8, 0xd071c6e1),
-     TOBN(0xba3a80a7, 0xb1fd2b0b), TOBN(0x9b3ad396, 0x5bec33e8),
-     TOBN(0xb3868d61, 0x79743fb3), TOBN(0xcfd169fc, 0xfdb462fa),
-     TOBN(0xd3b499d7, 0x9ce0a6af), TOBN(0x55dc1cf1, 0xe42d3ff8),
-     TOBN(0x04fb9e6c, 0xc6c3e1b2), TOBN(0x47e6961d, 0x6f69a474),
-     TOBN(0x54eb3acc, 0xe548b37b), TOBN(0xb38e7542, 0x84d40549),
-     TOBN(0x8c3daa51, 0x7b341b4f), TOBN(0x2f6928ec, 0x690bf7fa),
-     TOBN(0x0496b323, 0x86ce6c41), TOBN(0x01be1c55, 0x10adadcd),
-     TOBN(0xc04e67e7, 0x4bb5faf9), TOBN(0x3cbaf678, 0xe15c9985),
-     TOBN(0x8cd12145, 0x50ca4247), TOBN(0xba1aa47a, 0xe7dd30aa),
-     TOBN(0x2f81ddf1, 0xe58fee24), TOBN(0x03452936, 0xeec9b0e8),
-     TOBN(0x8bdc3b81, 0x243aea96), TOBN(0x9a2919af, 0x15c3d0e5),
-     TOBN(0x9ea640ec, 0x10948361), TOBN(0x5ac86d5b, 0x6e0bcccf),
-     TOBN(0xf892d918, 0xc36cf440), TOBN(0xaed3e837, 0xc939719c),
-     TOBN(0xb07b08d2, 0xc0218b64), TOBN(0x6f1bcbba, 0xce9790dd),
-     TOBN(0x4a84d6ed, 0x60919b8e), TOBN(0xd8900791, 0x8ac1f9eb),
-     TOBN(0xf84941aa, 0x0dd5daef), TOBN(0xb22fe40a, 0x67fd62c5),
-     TOBN(0x97e15ba2, 0x157f2db3), TOBN(0xbda2fc8f, 0x8e28ca9c),
-     TOBN(0x5d050da4, 0x37b9f454), TOBN(0x3d57eb57, 0x2379d72e),
-     TOBN(0xe9b5eba2, 0xfb5ee997), TOBN(0x01648ca2, 0xe11538ca),
-     TOBN(0x32bb76f6, 0xf6327974), TOBN(0x338f14b8, 0xff3f4bb7),
-     TOBN(0x524d226a, 0xd7ab9a2d), TOBN(0x9c00090d, 0x7dfae958),
-     TOBN(0x0ba5f539, 0x8751d8c2), TOBN(0x8afcbcdd, 0x3ab8262d),
-     TOBN(0x57392729, 0xe99d043b), TOBN(0xef51263b, 0xaebc943a),
-     TOBN(0x9feace93, 0x20862935), TOBN(0x639efc03, 0xb06c817b),
-     TOBN(0x1fe054b3, 0x66b4be7a), TOBN(0x3f25a9de, 0x84a37a1e),
-     TOBN(0xf39ef1ad, 0x78d75cd9), TOBN(0xd7b58f49, 0x5062c1b5),
-     TOBN(0x6f74f9a9, 0xff563436), TOBN(0xf718ff29, 0xe8af51e7),
-     TOBN(0x5234d313, 0x15e97fec), TOBN(0xb6a8e2b1, 0x292f1c0a),
-     TOBN(0xa7f53aa8, 0x327720c1), TOBN(0x956ca322, 0xba092cc8),
-     TOBN(0x8f03d64a, 0x28746c4d), TOBN(0x51fe1782, 0x66d0d392),
-     TOBN(0xd19b34db, 0x3c832c80), TOBN(0x60dccc5c, 0x6da2e3b4),
-     TOBN(0x245dd62e, 0x0a104ccc), TOBN(0xa7ab1de1, 0x620b21fd),
-     TOBN(0xb293ae0b, 0x3893d123), TOBN(0xf7b75783, 0xb15ee71c),
-     TOBN(0x5aa3c614, 0x42a9468b), TOBN(0xd686123c, 0xdb15d744),
-     TOBN(0x8c616891, 0xa7ab4116), TOBN(0x6fcd72c8, 0xa4e6a459),
-     TOBN(0xac219110, 0x77e5fad7), TOBN(0xfb6a20e7, 0x704fa46b),
-     TOBN(0xe839be7d, 0x341d81dc), TOBN(0xcddb6889, 0x32148379),
-     TOBN(0xda6211a1, 0xf7026ead), TOBN(0xf3b2575f, 0xf4d1cc5e),
-     TOBN(0x40cfc8f6, 0xa7a73ae6), TOBN(0x83879a5e, 0x61d5b483),
-     TOBN(0xc5acb1ed, 0x41a50ebc), TOBN(0x59a60cc8, 0x3c07d8fa),
-     TOBN(0x1b73bdce, 0xb1876262), TOBN(0x2b0d79f0, 0x12af4ee9),
-     TOBN(0x8bcf3b0b, 0xd46e1d07), TOBN(0x17d6af9d, 0xe45d152f),
-     TOBN(0x73520461, 0x6d736451), TOBN(0x43cbbd97, 0x56b0bf5a),
-     TOBN(0xb0833a5b, 0xd5999b9d), TOBN(0x702614f0, 0xeb72e398),
-     TOBN(0x0aadf01a, 0x59c3e9f8), TOBN(0x40200e77, 0xce6b3d16),
-     TOBN(0xda22bdd3, 0xdeddafad), TOBN(0x76dedaf4, 0x310d72e1),
-     TOBN(0x49ef807c, 0x4bc2e88f), TOBN(0x6ba81291, 0x146dd5a5),
-     TOBN(0xa1a4077a, 0x7d8d59e9), TOBN(0x87b6a2e7, 0x802db349),
-     TOBN(0xd5679997, 0x1b4e598e), TOBN(0xf499ef1f, 0x06fe4b1d),
-     TOBN(0x3978d3ae, 0xfcb267c5), TOBN(0xb582b557, 0x235786d0),
-     TOBN(0x32b3b2ca, 0x1715cb07), TOBN(0x4c3de6a2, 0x8480241d),
-     TOBN(0x63b5ffed, 0xcb571ecd), TOBN(0xeaf53900, 0xed2fe9a9),
-     TOBN(0xdec98d4a, 0xc3b81990), TOBN(0x1cb83722, 0x9e0cc8fe),
-     TOBN(0xfe0b0491, 0xd2b427b9), TOBN(0x0f2386ac, 0xe983a66c),
-     TOBN(0x930c4d1e, 0xb3291213), TOBN(0xa2f82b2e, 0x59a62ae4),
-     TOBN(0x77233853, 0xf93e89e3), TOBN(0x7f8063ac, 0x11777c7f),
-     TOBN(0xff0eb567, 0x59ad2877), TOBN(0x6f454642, 0x9865c754),
-     TOBN(0xe6fe701a, 0x236e9a84), TOBN(0xc586ef16, 0x06e40fc3),
-     TOBN(0x3f62b6e0, 0x24bafad9), TOBN(0xc8b42bd2, 0x64da906a),
-     TOBN(0xc98e1eb4, 0xda3276a0), TOBN(0x30d0e5fc, 0x06cbf852),
-     TOBN(0x1b6b2ae1, 0xe8b4dfd4), TOBN(0xd754d5c7, 0x8301cbac),
-     TOBN(0x66097629, 0x112a39ac), TOBN(0xf86b5999, 0x93ba4ab9),
-     TOBN(0x26c9dea7, 0x99f9d581), TOBN(0x0473b1a8, 0xc2fafeaa),
-     TOBN(0x1469af55, 0x3b2505a5), TOBN(0x227d16d7, 0xd6a43323),
-     TOBN(0x3316f73c, 0xad3d97f9), TOBN(0x52bf3bb5, 0x1f137455),
-     TOBN(0x953eafeb, 0x09954e7c), TOBN(0xa721dfed, 0xdd732411),
-     TOBN(0xb4929821, 0x141d4579), TOBN(0x3411321c, 0xaa3bd435),
-     TOBN(0xafb355aa, 0x17fa6015), TOBN(0xb4e7ef4a, 0x18e42f0e),
-     TOBN(0x604ac97c, 0x59371000), TOBN(0xe1c48c70, 0x7f759c18),
-     TOBN(0x3f62ecc5, 0xa5db6b65), TOBN(0x0a78b173, 0x38a21495),
-     TOBN(0x6be1819d, 0xbcc8ad94), TOBN(0x70dc04f6, 0xd89c3400),
-     TOBN(0x462557b4, 0xa6b4840a), TOBN(0x544c6ade, 0x60bd21c0),
-     TOBN(0x6a00f24e, 0x907a544b), TOBN(0xa7520dcb, 0x313da210),
-     TOBN(0xfe939b75, 0x11e4994b), TOBN(0x918b6ba6, 0xbc275d70),
-     TOBN(0xd3e5e0fc, 0x644be892), TOBN(0x707a9816, 0xfdaf6c42),
-     TOBN(0x60145567, 0xf15c13fe), TOBN(0x4818ebaa, 0xe130a54a),
-     TOBN(0x28aad3ad, 0x58d2f767), TOBN(0xdc5267fd, 0xd7e7c773),
-     TOBN(0x4919cc88, 0xc3afcc98), TOBN(0xaa2e6ab0, 0x2db8cd4b),
-     TOBN(0xd46fec04, 0xd0c63eaa), TOBN(0xa1cb92c5, 0x19ffa832),
-     TOBN(0x678dd178, 0xe43a631f), TOBN(0xfb5ae1cd, 0x3dc788b3),
-     TOBN(0x68b4fb90, 0x6e77de04), TOBN(0x7992bcf0, 0xf06dbb97),
-     TOBN(0x896e6a13, 0xc417c01d), TOBN(0x8d96332c, 0xb956be01),
-     TOBN(0x902fc93a, 0x413aa2b9), TOBN(0x99a4d915, 0xfc98c8a5),
-     TOBN(0x52c29407, 0x565f1137), TOBN(0x4072690f, 0x21e4f281),
-     TOBN(0x36e607cf, 0x02ff6072), TOBN(0xa47d2ca9, 0x8ad98cdc),
-     TOBN(0xbf471d1e, 0xf5f56609), TOBN(0xbcf86623, 0xf264ada0),
-     TOBN(0xb70c0687, 0xaa9e5cb6), TOBN(0xc98124f2, 0x17401c6c),
-     TOBN(0x8189635f, 0xd4a61435), TOBN(0xd28fb8af, 0xa9d98ea6),
-     TOBN(0xb9a67c2a, 0x40c251f8), TOBN(0x88cd5d87, 0xa2da44be),
-     TOBN(0x437deb96, 0xe09b5423), TOBN(0x150467db, 0x64287dc1),
-     TOBN(0xe161debb, 0xcdabb839), TOBN(0xa79e9742, 0xf1839a3e),
-     TOBN(0xbb8dd3c2, 0x652d202b), TOBN(0x7b3e67f7, 0xe9f97d96),
-     TOBN(0x5aa5d78f, 0xb1cb6ac9), TOBN(0xffa13e8e, 0xca1d0d45),
-     TOBN(0x369295dd, 0x2ba5bf95), TOBN(0xd68bd1f8, 0x39aff05e),
-     TOBN(0xaf0d86f9, 0x26d783f2), TOBN(0x543a59b3, 0xfc3aafc1),
-     TOBN(0x3fcf81d2, 0x7b7da97c), TOBN(0xc990a056, 0xd25dee46),
-     TOBN(0x3e6775b8, 0x519cce2c), TOBN(0xfc9af71f, 0xae13d863),
-     TOBN(0x774a4a6f, 0x47c1605c), TOBN(0x46ba4245, 0x2fd205e8),
-     TOBN(0xa06feea4, 0xd3fd524d), TOBN(0x1e724641, 0x6de1acc2),
-     TOBN(0xf53816f1, 0x334e2b42), TOBN(0x49e5918e, 0x922f0024),
-     TOBN(0x439530b6, 0x65c7322d), TOBN(0xcf12cc01, 0xb3c1b3fb),
-     TOBN(0xc70b0186, 0x0172f685), TOBN(0xb915ee22, 0x1b58391d),
-     TOBN(0x9afdf03b, 0xa317db24), TOBN(0x87dec659, 0x17b8ffc4),
-     TOBN(0x7f46597b, 0xe4d3d050), TOBN(0x80a1c1ed, 0x006500e7),
-     TOBN(0x84902a96, 0x78bf030e), TOBN(0xfb5e9c9a, 0x50560148),
-     TOBN(0x6dae0a92, 0x63362426), TOBN(0xdcaeecf4, 0xa9e30c40),
-     TOBN(0xc0d887bb, 0x518d0c6b), TOBN(0x99181152, 0xcb985b9d),
-     TOBN(0xad186898, 0xef7bc381), TOBN(0x18168ffb, 0x9ee46201),
-     TOBN(0x9a04cdaa, 0x2502753c), TOBN(0xbb279e26, 0x51407c41),
-     TOBN(0xeacb03aa, 0xf23564e5), TOBN(0x18336582, 0x71e61016),
-     TOBN(0x8684b8c4, 0xeb809877), TOBN(0xb336e18d, 0xea0e672e),
-     TOBN(0xefb601f0, 0x34ee5867), TOBN(0x2733edbe, 0x1341cfd1),
-     TOBN(0xb15e809a, 0x26025c3c), TOBN(0xe6e981a6, 0x9350df88),
-     TOBN(0x92376237, 0x8502fd8e), TOBN(0x4791f216, 0x0c12be9b),
-     TOBN(0xb7256789, 0x25f02425), TOBN(0xec863194, 0x7a974443),
-     TOBN(0x7c0ce882, 0xfb41cc52), TOBN(0xc266ff7e, 0xf25c07f2),
-     TOBN(0x3d4da8c3, 0x017025f3), TOBN(0xefcf628c, 0xfb9579b4),
-     TOBN(0x5c4d0016, 0x1f3716ec), TOBN(0x9c27ebc4, 0x6801116e),
-     TOBN(0x5eba0ea1, 0x1da1767e), TOBN(0xfe151452, 0x47004c57),
-     TOBN(0x3ace6df6, 0x8c2373b7), TOBN(0x75c3dffe, 0x5dbc37ac),
-     TOBN(0x3dc32a73, 0xddc925fc), TOBN(0xb679c841, 0x2f65ee0b),
-     TOBN(0x715a3295, 0x451cbfeb), TOBN(0xd9889768, 0xf76e9a29),
-     TOBN(0xec20ce7f, 0xb28ad247), TOBN(0xe99146c4, 0x00894d79),
-     TOBN(0x71457d7c, 0x9f5e3ea7), TOBN(0x097b2662, 0x38030031),
-     TOBN(0xdb7f6ae6, 0xcf9f82a8), TOBN(0x319decb9, 0x438f473a),
-     TOBN(0xa63ab386, 0x283856c3), TOBN(0x13e3172f, 0xb06a361b),
-     TOBN(0x2959f8dc, 0x7d5a006c), TOBN(0x2dbc27c6, 0x75fba752),
-     TOBN(0xc1227ab2, 0x87c22c9e), TOBN(0x06f61f75, 0x71a268b2),
-     TOBN(0x1b6bb971, 0x04779ce2), TOBN(0xaca83812, 0x0aadcb1d),
-     TOBN(0x297ae0bc, 0xaeaab2d5), TOBN(0xa5c14ee7, 0x5bfb9f13),
-     TOBN(0xaa00c583, 0xf17a62c7), TOBN(0x39eb962c, 0x173759f6),
-     TOBN(0x1eeba1d4, 0x86c9a88f), TOBN(0x0ab6c37a, 0xdf016c5e),
-     TOBN(0xa2a147db, 0xa28a0749), TOBN(0x246c20d6, 0xee519165),
-     TOBN(0x5068d1b1, 0xd3810715), TOBN(0xb1e7018c, 0x748160b9),
-     TOBN(0x03f5b1fa, 0xf380ff62), TOBN(0xef7fb1dd, 0xf3cb2c1e),
-     TOBN(0xeab539a8, 0xfc91a7da), TOBN(0x83ddb707, 0xf3f9b561),
-     TOBN(0xc550e211, 0xfe7df7a4), TOBN(0xa7cd07f2, 0x063f6f40),
-     TOBN(0xb0de3635, 0x2976879c), TOBN(0xb5f83f85, 0xe55741da),
-     TOBN(0x4ea9d25e, 0xf3d8ac3d), TOBN(0x6fe2066f, 0x62819f02),
-     TOBN(0x4ab2b9c2, 0xcef4a564), TOBN(0x1e155d96, 0x5ffa2de3),
-     TOBN(0x0eb0a19b, 0xc3a72d00), TOBN(0x4037665b, 0x8513c31b),
-     TOBN(0x2fb2b6bf, 0x04c64637), TOBN(0x45c34d6e, 0x08cdc639),
-     TOBN(0x56f1e10f, 0xf01fd796), TOBN(0x4dfb8101, 0xfe3667b8),
-     TOBN(0xe0eda253, 0x9021d0c0), TOBN(0x7a94e9ff, 0x8a06c6ab),
-     TOBN(0x2d3bb0d9, 0xbb9aa882), TOBN(0xea20e4e5, 0xec05fd10),
-     TOBN(0xed7eeb5f, 0x1a1ca64e), TOBN(0x2fa6b43c, 0xc6327cbd),
-     TOBN(0xb577e3cf, 0x3aa91121), TOBN(0x8c6bd5ea, 0x3a34079b),
-     TOBN(0xd7e5ba39, 0x60e02fc0), TOBN(0xf16dd2c3, 0x90141bf8),
-     TOBN(0xb57276d9, 0x80101b98), TOBN(0x760883fd, 0xb82f0f66),
-     TOBN(0x89d7de75, 0x4bc3eff3), TOBN(0x03b60643, 0x5dc2ab40),
-     TOBN(0xcd6e53df, 0xe05beeac), TOBN(0xf2f1e862, 0xbc3325cd),
-     TOBN(0xdd0f7921, 0x774f03c3), TOBN(0x97ca7221, 0x4552cc1b),
-     TOBN(0x5a0d6afe, 0x1cd19f72), TOBN(0xa20915dc, 0xf183fbeb),
-     TOBN(0x9fda4b40, 0x832c403c), TOBN(0x32738edd, 0xbe425442),
-     TOBN(0x469a1df6, 0xb5eccf1a), TOBN(0x4b5aff42, 0x28bbe1f0),
-     TOBN(0x31359d7f, 0x570dfc93), TOBN(0xa18be235, 0xf0088628),
-     TOBN(0xa5b30fba, 0xb00ed3a9), TOBN(0x34c61374, 0x73cdf8be),
-     TOBN(0x2c5c5f46, 0xabc56797), TOBN(0x5cecf93d, 0xb82a8ae2),
-     TOBN(0x7d3dbe41, 0xa968fbf0), TOBN(0xd23d4583, 0x1a5c7f3d),
-     TOBN(0xf28f69a0, 0xc087a9c7), TOBN(0xc2d75471, 0x474471ca),
-     TOBN(0x36ec9f4a, 0x4eb732ec), TOBN(0x6c943bbd, 0xb1ca6bed),
-     TOBN(0xd64535e1, 0xf2457892), TOBN(0x8b84a8ea, 0xf7e2ac06),
-     TOBN(0xe0936cd3, 0x2499dd5f), TOBN(0x12053d7e, 0x0ed04e57),
-     TOBN(0x4bdd0076, 0xe4305d9d), TOBN(0x34a527b9, 0x1f67f0a2),
-     TOBN(0xe79a4af0, 0x9cec46ea), TOBN(0xb15347a1, 0x658b9bc7),
-     TOBN(0x6bd2796f, 0x35af2f75), TOBN(0xac957990, 0x4051c435),
-     TOBN(0x2669dda3, 0xc33a655d), TOBN(0x5d503c2e, 0x88514aa3),
-     TOBN(0xdfa11337, 0x3753dd41), TOBN(0x3f054673, 0x0b754f78),
-     TOBN(0xbf185677, 0x496125bd), TOBN(0xfb0023c8, 0x3775006c),
-     TOBN(0xfa0f072f, 0x3a037899), TOBN(0x4222b6eb, 0x0e4aea57),
-     TOBN(0x3dde5e76, 0x7866d25a), TOBN(0xb6eb04f8, 0x4837aa6f),
-     TOBN(0x5315591a, 0x2cf1cdb8), TOBN(0x6dfb4f41, 0x2d4e683c),
-     TOBN(0x7e923ea4, 0x48ee1f3a), TOBN(0x9604d9f7, 0x05a2afd5),
-     TOBN(0xbe1d4a33, 0x40ea4948), TOBN(0x5b45f1f4, 0xb44cbd2f),
-     TOBN(0x5faf8376, 0x4acc757e), TOBN(0xa7cf9ab8, 0x63d68ff7),
-     TOBN(0x8ad62f69, 0xdf0e404b), TOBN(0xd65f33c2, 0x12bdafdf),
-     TOBN(0xc365de15, 0xa377b14e), TOBN(0x6bf5463b, 0x8e39f60c),
-     TOBN(0x62030d2d, 0x2ce68148), TOBN(0xd95867ef, 0xe6f843a8),
-     TOBN(0xd39a0244, 0xef5ab017), TOBN(0x0bd2d8c1, 0x4ab55d12),
-     TOBN(0xc9503db3, 0x41639169), TOBN(0x2d4e25b0, 0xf7660c8a),
-     TOBN(0x760cb3b5, 0xe224c5d7), TOBN(0xfa3baf8c, 0x68616919),
-     TOBN(0x9fbca113, 0x8d142552), TOBN(0x1ab18bf1, 0x7669ebf5),
-     TOBN(0x55e6f53e, 0x9bdf25dd), TOBN(0x04cc0bf3, 0xcb6cd154),
-     TOBN(0x595bef49, 0x95e89080), TOBN(0xfe9459a8, 0x104a9ac1),
-     TOBN(0xad2d89ca, 0xcce9bb32), TOBN(0xddea65e1, 0xf7de8285),
-     TOBN(0x62ed8c35, 0xb351bd4b), TOBN(0x4150ff36, 0x0c0e19a7),
-     TOBN(0x86e3c801, 0x345f4e47), TOBN(0x3bf21f71, 0x203a266c),
-     TOBN(0x7ae110d4, 0x855b1f13), TOBN(0x5d6aaf6a, 0x07262517),
-     TOBN(0x1e0f12e1, 0x813d28f1), TOBN(0x6000e11d, 0x7ad7a523),
-     TOBN(0xc7d8deef, 0xc744a17b), TOBN(0x1e990b48, 0x14c05a00),
-     TOBN(0x68fddaee, 0x93e976d5), TOBN(0x696241d1, 0x46610d63),
-     TOBN(0xb204e7c3, 0x893dda88), TOBN(0x8bccfa65, 0x6a3a6946),
-     TOBN(0xb59425b4, 0xc5cd1411), TOBN(0x701b4042, 0xff3658b1),
-     TOBN(0xe3e56bca, 0x4784cf93), TOBN(0x27de5f15, 0x8fe68d60),
-     TOBN(0x4ab9cfce, 0xf8d53f19), TOBN(0xddb10311, 0xa40a730d),
-     TOBN(0x6fa73cd1, 0x4eee0a8a), TOBN(0xfd548748, 0x5249719d),
-     TOBN(0x49d66316, 0xa8123ef0), TOBN(0x73c32db4, 0xe7f95438),
-     TOBN(0x2e2ed209, 0x0d9e7854), TOBN(0xf98a9329, 0x9d9f0507),
-     TOBN(0xc5d33cf6, 0x0c6aa20a), TOBN(0x9a32ba14, 0x75279bb2),
-     TOBN(0x7e3202cb, 0x774a7307), TOBN(0x64ed4bc4, 0xe8c42dbd),
-     TOBN(0xc20f1a06, 0xd4caed0d), TOBN(0xb8021407, 0x171d22b3),
-     TOBN(0xd426ca04, 0xd13268d7), TOBN(0x92377007, 0x25f4d126),
-     TOBN(0x4204cbc3, 0x71f21a85), TOBN(0x18461b7a, 0xf82369ba),
-     TOBN(0xc0c07d31, 0x3fc858f9), TOBN(0x5deb5a50, 0xe2bab569),
-     TOBN(0xd5959d46, 0xd5eea89e), TOBN(0xfdff8424, 0x08437f4b),
-     TOBN(0xf21071e4, 0x3cfe254f), TOBN(0x72417696, 0x95468321),
-     TOBN(0x5d8288b9, 0x102cae3e), TOBN(0x2d143e3d, 0xf1965dff),
-     TOBN(0x00c9a376, 0xa078d847), TOBN(0x6fc0da31, 0x26028731),
-     TOBN(0xa2baeadf, 0xe45083a2), TOBN(0x66bc7218, 0x5e5b4bcd),
-     TOBN(0x2c826442, 0xd04b8e7f), TOBN(0xc19f5451, 0x6c4b586b),
-     TOBN(0x60182c49, 0x5b7eeed5), TOBN(0xd9954ecd, 0x7aa9dfa1),
-     TOBN(0xa403a8ec, 0xc73884ad), TOBN(0x7fb17de2, 0x9bb39041),
-     TOBN(0x694b64c5, 0xabb020e8), TOBN(0x3d18c184, 0x19c4eec7),
-     TOBN(0x9c4673ef, 0x1c4793e5), TOBN(0xc7b8aeb5, 0x056092e6),
-     TOBN(0x3aa1ca43, 0xf0f8c16b), TOBN(0x224ed5ec, 0xd679b2f6),
-     TOBN(0x0d56eeaf, 0x55a205c9), TOBN(0xbfe115ba, 0x4b8e028b),
-     TOBN(0x97e60849, 0x3927f4fe), TOBN(0xf91fbf94, 0x759aa7c5),
-     TOBN(0x985af769, 0x6be90a51), TOBN(0xc1277b78, 0x78ccb823),
-     TOBN(0x395b656e, 0xe7a75952), TOBN(0x00df7de0, 0x928da5f5),
-     TOBN(0x09c23175, 0x4ca4454f), TOBN(0x4ec971f4, 0x7aa2d3c1),
-     TOBN(0x45c3c507, 0xe75d9ccc), TOBN(0x63b7be8a, 0x3dc90306),
-     TOBN(0x37e09c66, 0x5db44bdc), TOBN(0x50d60da1, 0x6841c6a2),
-     TOBN(0x6f9b65ee, 0x08df1b12), TOBN(0x38734879, 0x7ff089df),
-     TOBN(0x9c331a66, 0x3fe8013d), TOBN(0x017f5de9, 0x5f42fcc8),
-     TOBN(0x43077866, 0xe8e57567), TOBN(0xc9f781ce, 0xf9fcdb18),
-     TOBN(0x38131dda, 0x9b12e174), TOBN(0x25d84aa3, 0x8a03752a),
-     TOBN(0x45e09e09, 0x4d0c0ce2), TOBN(0x1564008b, 0x92bebba5),
-     TOBN(0xf7e8ad31, 0xa87284c7), TOBN(0xb7c4b46c, 0x97e7bbaa),
-     TOBN(0x3e22a7b3, 0x97acf4ec), TOBN(0x0426c400, 0x5ea8b640),
-     TOBN(0x5e3295a6, 0x4e969285), TOBN(0x22aabc59, 0xa6a45670),
-     TOBN(0xb929714c, 0x5f5942bc), TOBN(0x9a6168bd, 0xfa3182ed),
-     TOBN(0x2216a665, 0x104152ba), TOBN(0x46908d03, 0xb6926368)}
-    ,
-    {TOBN(0xa9f5d874, 0x5a1251fb), TOBN(0x967747a8, 0xc72725c7),
-     TOBN(0x195c33e5, 0x31ffe89e), TOBN(0x609d210f, 0xe964935e),
-     TOBN(0xcafd6ca8, 0x2fe12227), TOBN(0xaf9b5b96, 0x0426469d),
-     TOBN(0x2e9ee04c, 0x5693183c), TOBN(0x1084a333, 0xc8146fef),
-     TOBN(0x96649933, 0xaed1d1f7), TOBN(0x566eaff3, 0x50563090),
-     TOBN(0x345057f0, 0xad2e39cf), TOBN(0x148ff65b, 0x1f832124),
-     TOBN(0x042e89d4, 0xcf94cf0d), TOBN(0x319bec84, 0x520c58b3),
-     TOBN(0x2a267626, 0x5361aa0d), TOBN(0xc86fa302, 0x8fbc87ad),
-     TOBN(0xfc83d2ab, 0x5c8b06d5), TOBN(0xb1a785a2, 0xfe4eac46),
-     TOBN(0xb99315bc, 0x846f7779), TOBN(0xcf31d816, 0xef9ea505),
-     TOBN(0x2391fe6a, 0x15d7dc85), TOBN(0x2f132b04, 0xb4016b33),
-     TOBN(0x29547fe3, 0x181cb4c7), TOBN(0xdb66d8a6, 0x650155a1),
-     TOBN(0x6b66d7e1, 0xadc1696f), TOBN(0x98ebe593, 0x0acd72d0),
-     TOBN(0x65f24550, 0xcc1b7435), TOBN(0xce231393, 0xb4b9a5ec),
-     TOBN(0x234a22d4, 0xdb067df9), TOBN(0x98dda095, 0xcaff9b00),
-     TOBN(0x1bbc75a0, 0x6100c9c1), TOBN(0x1560a9c8, 0x939cf695),
-     TOBN(0xcf006d3e, 0x99e0925f), TOBN(0x2dd74a96, 0x6322375a),
-     TOBN(0xc58b446a, 0xb56af5ba), TOBN(0x50292683, 0xe0b9b4f1),
-     TOBN(0xe2c34cb4, 0x1aeaffa3), TOBN(0x8b17203f, 0x9b9587c1),
-     TOBN(0x6d559207, 0xead1350c), TOBN(0x2b66a215, 0xfb7f9604),
-     TOBN(0x0850325e, 0xfe51bf74), TOBN(0x9c4f579e, 0x5e460094),
-     TOBN(0x5c87b92a, 0x76da2f25), TOBN(0x889de4e0, 0x6febef33),
-     TOBN(0x6900ec06, 0x646083ce), TOBN(0xbe2a0335, 0xbfe12773),
-     TOBN(0xadd1da35, 0xc5344110), TOBN(0x757568b7, 0xb802cd20),
-     TOBN(0x75559779, 0x00f7e6c8), TOBN(0x38e8b94f, 0x0facd2f0),
-     TOBN(0xfea1f3af, 0x03fde375), TOBN(0x5e11a1d8, 0x75881dfc),
-     TOBN(0xb3a6b02e, 0xc1e2f2ef), TOBN(0x193d2bbb, 0xc605a6c5),
-     TOBN(0x325ffeee, 0x339a0b2d), TOBN(0x27b6a724, 0x9e0c8846),
-     TOBN(0xe4050f1c, 0xf1c367ca), TOBN(0x9bc85a9b, 0xc90fbc7d),
-     TOBN(0xa373c4a2, 0xe1a11032), TOBN(0xb64232b7, 0xad0393a9),
-     TOBN(0xf5577eb0, 0x167dad29), TOBN(0x1604f301, 0x94b78ab2),
-     TOBN(0x0baa94af, 0xe829348b), TOBN(0x77fbd8dd, 0x41654342),
-     TOBN(0xdab50ea5, 0xb964e39a), TOBN(0xd4c29e3c, 0xd0d3c76e),
-     TOBN(0x80dae67c, 0x56d11964), TOBN(0x7307a8bf, 0xe5ffcc2f),
-     TOBN(0x65bbc1aa, 0x91708c3b), TOBN(0xa151e62c, 0x28bf0eeb),
-     TOBN(0x6cb53381, 0x6fa34db7), TOBN(0x5139e05c, 0xa29403a8),
-     TOBN(0x6ff651b4, 0x94a7cd2e), TOBN(0x5671ffd1, 0x0699336c),
-     TOBN(0x6f5fd2cc, 0x979a896a), TOBN(0x11e893a8, 0xd8148cef),
-     TOBN(0x988906a1, 0x65cf7b10), TOBN(0x81b67178, 0xc50d8485),
-     TOBN(0x7c0deb35, 0x8a35b3de), TOBN(0x423ac855, 0xc1d29799),
-     TOBN(0xaf580d87, 0xdac50b74), TOBN(0x28b2b89f, 0x5869734c),
-     TOBN(0x99a3b936, 0x874e28fb), TOBN(0xbb2c9190, 0x25f3f73a),
-     TOBN(0x199f6918, 0x84a9d5b7), TOBN(0x7ebe2325, 0x7e770374),
-     TOBN(0xf442e107, 0x0738efe2), TOBN(0xcf9f3f56, 0xcf9082d2),
-     TOBN(0x719f69e1, 0x09618708), TOBN(0xcc9e8364, 0xc183f9b1),
-     TOBN(0xec203a95, 0x366a21af), TOBN(0x6aec5d6d, 0x068b141f),
-     TOBN(0xee2df78a, 0x994f04e9), TOBN(0xb39ccae8, 0x271245b0),
-     TOBN(0xb875a4a9, 0x97e43f4f), TOBN(0x507dfe11, 0xdb2cea98),
-     TOBN(0x4fbf81cb, 0x489b03e9), TOBN(0xdb86ec5b, 0x6ec414fa),
-     TOBN(0xfad444f9, 0xf51b3ae5), TOBN(0xca7d33d6, 0x1914e3fe),
-     TOBN(0xa9c32f5c, 0x0ae6c4d0), TOBN(0xa9ca1d1e, 0x73969568),
-     TOBN(0x98043c31, 0x1aa7467e), TOBN(0xe832e75c, 0xe21b5ac6),
-     TOBN(0x314b7aea, 0x5232123d), TOBN(0x08307c8c, 0x65ae86db),
-     TOBN(0x06e7165c, 0xaa4668ed), TOBN(0xb170458b, 0xb4d3ec39),
-     TOBN(0x4d2e3ec6, 0xc19bb986), TOBN(0xc5f34846, 0xae0304ed),
-     TOBN(0x917695a0, 0x6c9f9722), TOBN(0x6c7f7317, 0x4cab1c0a),
-     TOBN(0x6295940e, 0x9d6d2e8b), TOBN(0xd318b8c1, 0x549f7c97),
-     TOBN(0x22453204, 0x97713885), TOBN(0x468d834b, 0xa8a440fe),
-     TOBN(0xd81fe5b2, 0xbfba796e), TOBN(0x152364db, 0x6d71f116),
-     TOBN(0xbb8c7c59, 0xb5b66e53), TOBN(0x0b12c61b, 0x2641a192),
-     TOBN(0x31f14802, 0xfcf0a7fd), TOBN(0x42fd0789, 0x5488b01e),
-     TOBN(0x71d78d6d, 0x9952b498), TOBN(0x8eb572d9, 0x07ac5201),
-     TOBN(0xe0a2a44c, 0x4d194a88), TOBN(0xd2b63fd9, 0xba017e66),
-     TOBN(0x78efc6c8, 0xf888aefc), TOBN(0xb76f6bda, 0x4a881a11),
-     TOBN(0x187f314b, 0xb46c2397), TOBN(0x004cf566, 0x5ded2819),
-     TOBN(0xa9ea5704, 0x38764d34), TOBN(0xbba45217, 0x78084709),
-     TOBN(0x06474571, 0x1171121e), TOBN(0xad7b7eb1, 0xe7c9b671),
-     TOBN(0xdacfbc40, 0x730f7507), TOBN(0x178cd8c6, 0xc7ad7bd1),
-     TOBN(0xbf0be101, 0xb2a67238), TOBN(0x3556d367, 0xaf9c14f2),
-     TOBN(0x104b7831, 0xa5662075), TOBN(0x58ca59bb, 0x79d9e60a),
-     TOBN(0x4bc45392, 0xa569a73b), TOBN(0x517a52e8, 0x5698f6c9),
-     TOBN(0x85643da5, 0xaeadd755), TOBN(0x1aed0cd5, 0x2a581b84),
-     TOBN(0xb9b4ff84, 0x80af1372), TOBN(0x244c3113, 0xf1ba5d1f),
-     TOBN(0x2a5dacbe, 0xf5f98d31), TOBN(0x2c3323e8, 0x4375bc2a),
-     TOBN(0x17a3ab4a, 0x5594b1dd), TOBN(0xa1928bfb, 0xceb4797e),
-     TOBN(0xe83af245, 0xe4886a19), TOBN(0x8979d546, 0x72b5a74a),
-     TOBN(0xa0f726bc, 0x19f9e967), TOBN(0xd9d03152, 0xe8fbbf4e),
-     TOBN(0xcfd6f51d, 0xb7707d40), TOBN(0x633084d9, 0x63f6e6e0),
-     TOBN(0xedcd9cdc, 0x55667eaf), TOBN(0x73b7f92b, 0x2e44d56f),
-     TOBN(0xfb2e39b6, 0x4e962b14), TOBN(0x7d408f6e, 0xf671fcbf),
-     TOBN(0xcc634ddc, 0x164a89bb), TOBN(0x74a42bb2, 0x3ef3bd05),
-     TOBN(0x1280dbb2, 0x428decbb), TOBN(0x6103f6bb, 0x402c8596),
-     TOBN(0xfa2bf581, 0x355a5752), TOBN(0x562f96a8, 0x00946674),
-     TOBN(0x4e4ca16d, 0x6da0223b), TOBN(0xfe47819f, 0x28d3aa25),
-     TOBN(0x9eea3075, 0xf8dfcf8a), TOBN(0xa284f0aa, 0x95669825),
-     TOBN(0xb3fca250, 0x867d3fd8), TOBN(0x20757b5f, 0x269d691e),
-     TOBN(0xf2c24020, 0x93b8a5de), TOBN(0xd3f93359, 0xebc06da6),
-     TOBN(0x1178293e, 0xb2739c33), TOBN(0xd2a3e770, 0xbcd686e5),
-     TOBN(0xa76f49f4, 0xcd941534), TOBN(0x0d37406b, 0xe3c71c0e),
-     TOBN(0x172d9397, 0x3b97f7e3), TOBN(0xec17e239, 0xbd7fd0de),
-     TOBN(0xe3290551, 0x6f496ba2), TOBN(0x6a693172, 0x36ad50e7),
-     TOBN(0xc4e539a2, 0x83e7eff5), TOBN(0x752737e7, 0x18e1b4cf),
-     TOBN(0xa2f7932c, 0x68af43ee), TOBN(0x5502468e, 0x703d00bd),
-     TOBN(0xe5dc978f, 0x2fb061f5), TOBN(0xc9a1904a, 0x28c815ad),
-     TOBN(0xd3af538d, 0x470c56a4), TOBN(0x159abc5f, 0x193d8ced),
-     TOBN(0x2a37245f, 0x20108ef3), TOBN(0xfa17081e, 0x223f7178),
-     TOBN(0x27b0fb2b, 0x10c8c0f5), TOBN(0x2102c3ea, 0x40650547),
-     TOBN(0x594564df, 0x8ac3bfa7), TOBN(0x98102033, 0x509dad96),
-     TOBN(0x6989643f, 0xf1d18a13), TOBN(0x35eebd91, 0xd7fc5af0),
-     TOBN(0x078d096a, 0xfaeaafd8), TOBN(0xb7a89341, 0xdef3de98),
-     TOBN(0x2a206e8d, 0xecf2a73a), TOBN(0x066a6397, 0x8e551994),
-     TOBN(0x3a6a088a, 0xb98d53a2), TOBN(0x0ce7c67c, 0x2d1124aa),
-     TOBN(0x48cec671, 0x759a113c), TOBN(0xe3b373d3, 0x4f6f67fa),
-     TOBN(0x5455d479, 0xfd36727b), TOBN(0xe5a428ee, 0xa13c0d81),
-     TOBN(0xb853dbc8, 0x1c86682b), TOBN(0xb78d2727, 0xb8d02b2a),
-     TOBN(0xaaf69bed, 0x8ebc329a), TOBN(0xdb6b40b3, 0x293b2148),
-     TOBN(0xe42ea77d, 0xb8c4961f), TOBN(0xb1a12f7c, 0x20e5e0ab),
-     TOBN(0xa0ec5274, 0x79e8b05e), TOBN(0x68027391, 0xfab60a80),
-     TOBN(0x6bfeea5f, 0x16b1bd5e), TOBN(0xf957e420, 0x4de30ad3),
-     TOBN(0xcbaf664e, 0x6a353b9e), TOBN(0x5c873312, 0x26d14feb),
-     TOBN(0x4e87f98c, 0xb65f57cb), TOBN(0xdb60a621, 0x5e0cdd41),
-     TOBN(0x67c16865, 0xa6881440), TOBN(0x1093ef1a, 0x46ab52aa),
-     TOBN(0xc095afb5, 0x3f4ece64), TOBN(0x6a6bb02e, 0x7604551a),
-     TOBN(0x55d44b4e, 0x0b26b8cd), TOBN(0xe5f9a999, 0xf971268a),
-     TOBN(0xc08ec425, 0x11a7de84), TOBN(0x83568095, 0xfda469dd),
-     TOBN(0x737bfba1, 0x6c6c90a2), TOBN(0x1cb9c4a0, 0xbe229831),
-     TOBN(0x93bccbba, 0xbb2eec64), TOBN(0xa0c23b64, 0xda03adbe),
-     TOBN(0x5f7aa00a, 0xe0e86ac4), TOBN(0x470b941e, 0xfc1401e6),
-     TOBN(0x5ad8d679, 0x9df43574), TOBN(0x4ccfb8a9, 0x0f65d810),
-     TOBN(0x1bce80e3, 0xaa7fbd81), TOBN(0x273291ad, 0x9508d20a),
-     TOBN(0xf5c4b46b, 0x42a92806), TOBN(0x810684ec, 0xa86ab44a),
-     TOBN(0x4591640b, 0xca0bc9f8), TOBN(0xb5efcdfc, 0x5c4b6054),
-     TOBN(0x16fc8907, 0x6e9edd12), TOBN(0xe29d0b50, 0xd4d792f9),
-     TOBN(0xa45fd01c, 0x9b03116d), TOBN(0x85035235, 0xc81765a4),
-     TOBN(0x1fe2a9b2, 0xb4b4b67c), TOBN(0xc1d10df0, 0xe8020604),
-     TOBN(0x9d64abfc, 0xbc8058d8), TOBN(0x8943b9b2, 0x712a0fbb),
-     TOBN(0x90eed914, 0x3b3def04), TOBN(0x85ab3aa2, 0x4ce775ff),
-     TOBN(0x605fd4ca, 0x7bbc9040), TOBN(0x8b34a564, 0xe2c75dfb),
-     TOBN(0x41ffc94a, 0x10358560), TOBN(0x2d8a5072, 0x9e5c28aa),
-     TOBN(0xe915a0fc, 0x4cc7eb15), TOBN(0xe9efab05, 0x8f6d0f5d),
-     TOBN(0xdbab47a9, 0xd19e9b91), TOBN(0x8cfed745, 0x0276154c),
-     TOBN(0x154357ae, 0x2cfede0d), TOBN(0x520630df, 0x19f5a4ef),
-     TOBN(0x25759f7c, 0xe382360f), TOBN(0xb6db05c9, 0x88bf5857),
-     TOBN(0x2917d61d, 0x6c58d46c), TOBN(0x14f8e491, 0xfd20cb7a),
-     TOBN(0xb68a727a, 0x11c20340), TOBN(0x0386f86f, 0xaf7ccbb6),
-     TOBN(0x5c8bc6cc, 0xfee09a20), TOBN(0x7d76ff4a, 0xbb7eea35),
-     TOBN(0xa7bdebe7, 0xdb15be7a), TOBN(0x67a08054, 0xd89f0302),
-     TOBN(0x56bf0ea9, 0xc1193364), TOBN(0xc8244467, 0x62837ebe),
-     TOBN(0x32bd8e8b, 0x20d841b8), TOBN(0x127a0548, 0xdbb8a54f),
-     TOBN(0x83dd4ca6, 0x63b20236), TOBN(0x87714718, 0x203491fa),
-     TOBN(0x4dabcaaa, 0xaa8a5288), TOBN(0x91cc0c8a, 0xaf23a1c9),
-     TOBN(0x34c72c6a, 0x3f220e0c), TOBN(0xbcc20bdf, 0x1232144a),
-     TOBN(0x6e2f42da, 0xa20ede1b), TOBN(0xc441f00c, 0x74a00515),
-     TOBN(0xbf46a5b6, 0x734b8c4b), TOBN(0x57409503, 0x7b56c9a4),
-     TOBN(0x9f735261, 0xe4585d45), TOBN(0x9231faed, 0x6734e642),
-     TOBN(0x1158a176, 0xbe70ee6c), TOBN(0x35f1068d, 0x7c3501bf),
-     TOBN(0x6beef900, 0xa2d26115), TOBN(0x649406f2, 0xef0afee3),
-     TOBN(0x3f43a60a, 0xbc2420a1), TOBN(0x509002a7, 0xd5aee4ac),
-     TOBN(0xb46836a5, 0x3ff3571b), TOBN(0x24f98b78, 0x837927c1),
-     TOBN(0x6254256a, 0x4533c716), TOBN(0xf27abb0b, 0xd07ee196),
-     TOBN(0xd7cf64fc, 0x5c6d5bfd), TOBN(0x6915c751, 0xf0cd7a77),
-     TOBN(0xd9f59012, 0x8798f534), TOBN(0x772b0da8, 0xf81d8b5f),
-     TOBN(0x1244260c, 0x2e03fa69), TOBN(0x36cf0e3a, 0x3be1a374),
-     TOBN(0x6e7c1633, 0xef06b960), TOBN(0xa71a4c55, 0x671f90f6),
-     TOBN(0x7a941251, 0x33c673db), TOBN(0xc0bea510, 0x73e8c131),
-     TOBN(0x61a8a699, 0xd4f6c734), TOBN(0x25e78c88, 0x341ed001),
-     TOBN(0x5c18acf8, 0x8e2f7d90), TOBN(0xfdbf33d7, 0x77be32cd),
-     TOBN(0x0a085cd7, 0xd2eb5ee9), TOBN(0x2d702cfb, 0xb3201115),
-     TOBN(0xb6e0ebdb, 0x85c88ce8), TOBN(0x23a3ce3c, 0x1e01d617),
-     TOBN(0x3041618e, 0x567333ac), TOBN(0x9dd0fd8f, 0x157edb6b),
-     TOBN(0x27f74702, 0xb57872b8), TOBN(0x2ef26b4f, 0x657d5fe1),
-     TOBN(0x95426f0a, 0x57cf3d40), TOBN(0x847e2ad1, 0x65a6067a),
-     TOBN(0xd474d9a0, 0x09996a74), TOBN(0x16a56acd, 0x2a26115c),
-     TOBN(0x02a615c3, 0xd16f4d43), TOBN(0xcc3fc965, 0xaadb85b7),
-     TOBN(0x386bda73, 0xce07d1b0), TOBN(0xd82910c2, 0x58ad4178),
-     TOBN(0x124f82cf, 0xcd2617f4), TOBN(0xcc2f5e8d, 0xef691770),
-     TOBN(0x82702550, 0xb8c30ccc), TOBN(0x7b856aea, 0x1a8e575a),
-     TOBN(0xbb822fef, 0xb1ab9459), TOBN(0x085928bc, 0xec24e38e),
-     TOBN(0x5d0402ec, 0xba8f4b4d), TOBN(0xc07cd4ba, 0x00b4d58b),
-     TOBN(0x5d8dffd5, 0x29227e7a), TOBN(0x61d44d0c, 0x31bf386f),
-     TOBN(0xe486dc2b, 0x135e6f4d), TOBN(0x680962eb, 0xe79410ef),
-     TOBN(0xa61bd343, 0xf10088b5), TOBN(0x6aa76076, 0xe2e28686),
-     TOBN(0x80463d11, 0x8fb98871), TOBN(0xcb26f5c3, 0xbbc76aff),
-     TOBN(0xd4ab8edd, 0xfbe03614), TOBN(0xc8eb579b, 0xc0cf2dee),
-     TOBN(0xcc004c15, 0xc93bae41), TOBN(0x46fbae5d, 0x3aeca3b2),
-     TOBN(0x671235cf, 0x0f1e9ab1), TOBN(0xadfba934, 0x9ec285c1),
-     TOBN(0x88ded013, 0xf216c980), TOBN(0xc8ac4fb8, 0xf79e0bc1),
-     TOBN(0xa29b89c6, 0xfb97a237), TOBN(0xb697b780, 0x9922d8e7),
-     TOBN(0x3142c639, 0xddb945b5), TOBN(0x447b06c7, 0xe094c3a9),
-     TOBN(0xcdcb3642, 0x72266c90), TOBN(0x633aad08, 0xa9385046),
-     TOBN(0xa36c936b, 0xb57c6477), TOBN(0x871f8b64, 0xe94dbcc6),
-     TOBN(0x28d0fb62, 0xa591a67b), TOBN(0x9d40e081, 0xc1d926f5),
-     TOBN(0x3111eaf6, 0xf2d84b5a), TOBN(0x228993f9, 0xa565b644),
-     TOBN(0x0ccbf592, 0x2c83188b), TOBN(0xf87b30ab, 0x3df3e197),
-     TOBN(0xb8658b31, 0x7642bca8), TOBN(0x1a032d7f, 0x52800f17),
-     TOBN(0x051dcae5, 0x79bf9445), TOBN(0xeba6b8ee, 0x54a2e253),
-     TOBN(0x5c8b9cad, 0xd4485692), TOBN(0x84bda40e, 0x8986e9be),
-     TOBN(0xd16d16a4, 0x2f0db448), TOBN(0x8ec80050, 0xa14d4188),
-     TOBN(0xb2b26107, 0x98fa7aaa), TOBN(0x41209ee4, 0xf073aa4e),
-     TOBN(0xf1570359, 0xf2d6b19b), TOBN(0xcbe6868c, 0xfc577caf),
-     TOBN(0x186c4bdc, 0x32c04dd3), TOBN(0xa6c35fae, 0xcfeee397),
-     TOBN(0xb4a1b312, 0xf086c0cf), TOBN(0xe0a5ccc6, 0xd9461fe2),
-     TOBN(0xc32278aa, 0x1536189f), TOBN(0x1126c55f, 0xba6df571),
-     TOBN(0x0f71a602, 0xb194560e), TOBN(0x8b2d7405, 0x324bd6e1),
-     TOBN(0x8481939e, 0x3738be71), TOBN(0xb5090b1a, 0x1a4d97a9),
-     TOBN(0x116c65a3, 0xf05ba915), TOBN(0x21863ad3, 0xaae448aa),
-     TOBN(0xd24e2679, 0xa7aae5d3), TOBN(0x7076013d, 0x0de5c1c4),
-     TOBN(0x2d50f8ba, 0xbb05b629), TOBN(0x73c1abe2, 0x6e66efbb),
-     TOBN(0xefd4b422, 0xf2488af7), TOBN(0xe4105d02, 0x663ba575),
-     TOBN(0x7eb60a8b, 0x53a69457), TOBN(0x62210008, 0xc945973b),
-     TOBN(0xfb255478, 0x77a50ec6), TOBN(0xbf0392f7, 0x0a37a72c),
-     TOBN(0xa0a7a19c, 0x4be18e7a), TOBN(0x90d8ea16, 0x25b1e0af),
-     TOBN(0x7582a293, 0xef953f57), TOBN(0x90a64d05, 0xbdc5465a),
-     TOBN(0xca79c497, 0xe2510717), TOBN(0x560dbb7c, 0x18cb641f),
-     TOBN(0x1d8e3286, 0x4b66abfb), TOBN(0xd26f52e5, 0x59030900),
-     TOBN(0x1ee3f643, 0x5584941a), TOBN(0x6d3b3730, 0x569f5958),
-     TOBN(0x9ff2a62f, 0x4789dba5), TOBN(0x91fcb815, 0x72b5c9b7),
-     TOBN(0xf446cb7d, 0x6c8f9a0e), TOBN(0x48f625c1, 0x39b7ecb5),
-     TOBN(0xbabae801, 0x1c6219b8), TOBN(0xe7a562d9, 0x28ac2f23),
-     TOBN(0xe1b48732, 0x26e20588), TOBN(0x06ee1cad, 0x775af051),
-     TOBN(0xda29ae43, 0xfaff79f7), TOBN(0xc141a412, 0x652ee9e0),
-     TOBN(0x1e127f6f, 0x195f4bd0), TOBN(0x29c6ab4f, 0x072f34f8),
-     TOBN(0x7b7c1477, 0x30448112), TOBN(0x82b51af1, 0xe4a38656),
-     TOBN(0x2bf2028a, 0x2f315010), TOBN(0xc9a4a01f, 0x6ea88cd4),
-     TOBN(0xf63e95d8, 0x257e5818), TOBN(0xdd8efa10, 0xb4519b16),
-     TOBN(0xed8973e0, 0x0da910bf), TOBN(0xed49d077, 0x5c0fe4a9),
-     TOBN(0xac3aac5e, 0xb7caee1e), TOBN(0x1033898d, 0xa7f4da57),
-     TOBN(0x42145c0e, 0x5c6669b9), TOBN(0x42daa688, 0xc1aa2aa0),
-     TOBN(0x629cc15c, 0x1a1d885a), TOBN(0x25572ec0, 0xf4b76817),
-     TOBN(0x8312e435, 0x9c8f8f28), TOBN(0x8107f8cd, 0x81965490),
-     TOBN(0x516ff3a3, 0x6fa6110c), TOBN(0x74fb1eb1, 0xfb93561f),
-     TOBN(0x6c0c9047, 0x8457522b), TOBN(0xcfd32104, 0x6bb8bdc6),
-     TOBN(0x2d6884a2, 0xcc80ad57), TOBN(0x7c27fc35, 0x86a9b637),
-     TOBN(0x3461baed, 0xadf4e8cd), TOBN(0x1d56251a, 0x617242f0),
-     TOBN(0x0b80d209, 0xc955bef4), TOBN(0xdf02cad2, 0x06adb047),
-     TOBN(0xf0d7cb91, 0x5ec74fee), TOBN(0xd2503375, 0x1111ba44),
-     TOBN(0x9671755e, 0xdf53cb36), TOBN(0x54dcb612, 0x3368551b),
-     TOBN(0x66d69aac, 0xc8a025a4), TOBN(0x6be946c6, 0xe77ef445),
-     TOBN(0x719946d1, 0xa995e094), TOBN(0x65e848f6, 0xe51e04d8),
-     TOBN(0xe62f3300, 0x6a1e3113), TOBN(0x1541c7c1, 0x501de503),
-     TOBN(0x4daac9fa, 0xf4acfade), TOBN(0x0e585897, 0x44cd0b71),
-     TOBN(0x544fd869, 0x0a51cd77), TOBN(0x60fc20ed, 0x0031016d),
-     TOBN(0x58b404ec, 0xa4276867), TOBN(0x46f6c3cc, 0x34f34993),
-     TOBN(0x477ca007, 0xc636e5bd), TOBN(0x8018f5e5, 0x7c458b47),
-     TOBN(0xa1202270, 0xe47b668f), TOBN(0xcef48ccd, 0xee14f203),
-     TOBN(0x23f98bae, 0x62ff9b4d), TOBN(0x55acc035, 0xc589eddd),
-     TOBN(0x3fe712af, 0x64db4444), TOBN(0x19e9d634, 0xbecdd480),
-     TOBN(0xe08bc047, 0xa930978a), TOBN(0x2dbf24ec, 0xa1280733),
-     TOBN(0x3c0ae38c, 0x2cd706b2), TOBN(0x5b012a5b, 0x359017b9),
-     TOBN(0x3943c38c, 0x72e0f5ae), TOBN(0x786167ea, 0x57176fa3),
-     TOBN(0xe5f9897d, 0x594881dc), TOBN(0x6b5efad8, 0xcfb820c1),
-     TOBN(0xb2179093, 0xd55018de), TOBN(0x39ad7d32, 0x0bac56ce),
-     TOBN(0xb55122e0, 0x2cfc0e81), TOBN(0x117c4661, 0xf6d89daa),
-     TOBN(0x362d01e1, 0xcb64fa09), TOBN(0x6a309b4e, 0x3e9c4ddd),
-     TOBN(0xfa979fb7, 0xabea49b1), TOBN(0xb4b1d27d, 0x10e2c6c5),
-     TOBN(0xbd61c2c4, 0x23afde7a), TOBN(0xeb6614f8, 0x9786d358),
-     TOBN(0x4a5d816b, 0x7f6f7459), TOBN(0xe431a44f, 0x09360e7b),
-     TOBN(0x8c27a032, 0xc309914c), TOBN(0xcea5d68a, 0xcaede3d8),
-     TOBN(0x3668f665, 0x3a0a3f95), TOBN(0x89369416, 0x7ceba27b),
-     TOBN(0x89981fad, 0xe4728fe9), TOBN(0x7102c8a0, 0x8a093562),
-     TOBN(0xbb80310e, 0x235d21c8), TOBN(0x505e55d1, 0xbefb7f7b),
-     TOBN(0xa0a90811, 0x12958a67), TOBN(0xd67e106a, 0x4d851fef),
-     TOBN(0xb84011a9, 0x431dd80e), TOBN(0xeb7c7cca, 0x73306cd9),
-     TOBN(0x20fadd29, 0xd1b3b730), TOBN(0x83858b5b, 0xfe37b3d3),
-     TOBN(0xbf4cd193, 0xb6251d5c), TOBN(0x1cca1fd3, 0x1352d952),
-     TOBN(0xc66157a4, 0x90fbc051), TOBN(0x7990a638, 0x89b98636),}
-    ,
-    {TOBN(0xe5aa692a, 0x87dec0e1), TOBN(0x010ded8d, 0xf7b39d00),
-     TOBN(0x7b1b80c8, 0x54cfa0b5), TOBN(0x66beb876, 0xa0f8ea28),
-     TOBN(0x50d7f531, 0x3476cd0e), TOBN(0xa63d0e65, 0xb08d3949),
-     TOBN(0x1a09eea9, 0x53479fc6), TOBN(0x82ae9891, 0xf499e742),
-     TOBN(0xab58b910, 0x5ca7d866), TOBN(0x582967e2, 0x3adb3b34),
-     TOBN(0x89ae4447, 0xcceac0bc), TOBN(0x919c667c, 0x7bf56af5),
-     TOBN(0x9aec17b1, 0x60f5dcd7), TOBN(0xec697b9f, 0xddcaadbc),
-     TOBN(0x0b98f341, 0x463467f5), TOBN(0xb187f1f7, 0xa967132f),
-     TOBN(0x90fe7a1d, 0x214aeb18), TOBN(0x1506af3c, 0x741432f7),
-     TOBN(0xbb5565f9, 0xe591a0c4), TOBN(0x10d41a77, 0xb44f1bc3),
-     TOBN(0xa09d65e4, 0xa84bde96), TOBN(0x42f060d8, 0xf20a6a1c),
-     TOBN(0x652a3bfd, 0xf27f9ce7), TOBN(0xb6bdb65c, 0x3b3d739f),
-     TOBN(0xeb5ddcb6, 0xec7fae9f), TOBN(0x995f2714, 0xefb66e5a),
-     TOBN(0xdee95d8e, 0x69445d52), TOBN(0x1b6c2d46, 0x09e27620),
-     TOBN(0x32621c31, 0x8129d716), TOBN(0xb03909f1, 0x0958c1aa),
-     TOBN(0x8c468ef9, 0x1af4af63), TOBN(0x162c429f, 0xfba5cdf6),
-     TOBN(0x2f682343, 0x753b9371), TOBN(0x29cab45a, 0x5f1f9cd7),
-     TOBN(0x571623ab, 0xb245db96), TOBN(0xc507db09, 0x3fd79999),
-     TOBN(0x4e2ef652, 0xaf036c32), TOBN(0x86f0cc78, 0x05018e5c),
-     TOBN(0xc10a73d4, 0xab8be350), TOBN(0x6519b397, 0x7e826327),
-     TOBN(0xe8cb5eef, 0x9c053df7), TOBN(0x8de25b37, 0xb300ea6f),
-     TOBN(0xdb03fa92, 0xc849cffb), TOBN(0x242e43a7, 0xe84169bb),
-     TOBN(0xe4fa51f4, 0xdd6f958e), TOBN(0x6925a77f, 0xf4445a8d),
-     TOBN(0xe6e72a50, 0xe90d8949), TOBN(0xc66648e3, 0x2b1f6390),
-     TOBN(0xb2ab1957, 0x173e460c), TOBN(0x1bbbce75, 0x30704590),
-     TOBN(0xc0a90dbd, 0xdb1c7162), TOBN(0x505e399e, 0x15cdd65d),
-     TOBN(0x68434dcb, 0x57797ab7), TOBN(0x60ad35ba, 0x6a2ca8e8),
-     TOBN(0x4bfdb1e0, 0xde3336c1), TOBN(0xbbef99eb, 0xd8b39015),
-     TOBN(0x6c3b96f3, 0x1711ebec), TOBN(0x2da40f1f, 0xce98fdc4),
-     TOBN(0xb99774d3, 0x57b4411f), TOBN(0x87c8bdf4, 0x15b65bb6),
-     TOBN(0xda3a89e3, 0xc2eef12d), TOBN(0xde95bb9b, 0x3c7471f3),
-     TOBN(0x600f225b, 0xd812c594), TOBN(0x54907c5d, 0x2b75a56b),
-     TOBN(0xa93cc5f0, 0x8db60e35), TOBN(0x743e3cd6, 0xfa833319),
-     TOBN(0x7dad5c41, 0xf81683c9), TOBN(0x70c1e7d9, 0x9c34107e),
-     TOBN(0x0edc4a39, 0xa6be0907), TOBN(0x36d47035, 0x86d0b7d3),
-     TOBN(0x8c76da03, 0x272bfa60), TOBN(0x0b4a07ea, 0x0f08a414),
-     TOBN(0x699e4d29, 0x45c1dd53), TOBN(0xcadc5898, 0x231debb5),
-     TOBN(0xdf49fcc7, 0xa77f00e0), TOBN(0x93057bbf, 0xa73e5a0e),
-     TOBN(0x2f8b7ecd, 0x027a4cd1), TOBN(0x114734b3, 0xc614011a),
-     TOBN(0xe7a01db7, 0x67677c68), TOBN(0x89d9be5e, 0x7e273f4f),
-     TOBN(0xd225cb2e, 0x089808ef), TOBN(0xf1f7a27d, 0xd59e4107),
-     TOBN(0x53afc761, 0x8211b9c9), TOBN(0x0361bc67, 0xe6819159),
-     TOBN(0x2a865d0b, 0x7f071426), TOBN(0x6a3c1810, 0xe7072567),
-     TOBN(0x3e3bca1e, 0x0d6bcabd), TOBN(0xa1b02bc1, 0x408591bc),
-     TOBN(0xe0deee59, 0x31fba239), TOBN(0xf47424d3, 0x98bd91d1),
-     TOBN(0x0f8886f4, 0x071a3c1d), TOBN(0x3f7d41e8, 0xa819233b),
-     TOBN(0x708623c2, 0xcf6eb998), TOBN(0x86bb49af, 0x609a287f),
-     TOBN(0x942bb249, 0x63c90762), TOBN(0x0ef6eea5, 0x55a9654b),
-     TOBN(0x5f6d2d72, 0x36f5defe), TOBN(0xfa9922dc, 0x56f99176),
-     TOBN(0x6c8c5ece, 0xf78ce0c7), TOBN(0x7b44589d, 0xbe09b55e),
-     TOBN(0xe11b3bca, 0x9ea83770), TOBN(0xd7fa2c7f, 0x2ab71547),
-     TOBN(0x2a3dd6fa, 0x2a1ddcc0), TOBN(0x09acb430, 0x5a7b7707),
-     TOBN(0x4add4a2e, 0x649d4e57), TOBN(0xcd53a2b0, 0x1917526e),
-     TOBN(0xc5262330, 0x20b44ac4), TOBN(0x4028746a, 0xbaa2c31d),
-     TOBN(0x51318390, 0x64291d4c), TOBN(0xbf48f151, 0xee5ad909),
-     TOBN(0xcce57f59, 0x7b185681), TOBN(0x7c3ac1b0, 0x4854d442),
-     TOBN(0x65587dc3, 0xc093c171), TOBN(0xae7acb24, 0x24f42b65),
-     TOBN(0x5a338adb, 0x955996cb), TOBN(0xc8e65675, 0x6051f91b),
-     TOBN(0x66711fba, 0x28b8d0b1), TOBN(0x15d74137, 0xb6c10a90),
-     TOBN(0x70cdd7eb, 0x3a232a80), TOBN(0xc9e2f07f, 0x6191ed24),
-     TOBN(0xa80d1db6, 0xf79588c0), TOBN(0xfa52fc69, 0xb55768cc),
-     TOBN(0x0b4df1ae, 0x7f54438a), TOBN(0x0cadd1a7, 0xf9b46a4f),
-     TOBN(0xb40ea6b3, 0x1803dd6f), TOBN(0x488e4fa5, 0x55eaae35),
-     TOBN(0x9f047d55, 0x382e4e16), TOBN(0xc9b5b7e0, 0x2f6e0c98),
-     TOBN(0x6b1bd2d3, 0x95762649), TOBN(0xa9604ee7, 0xc7aea3f6),
-     TOBN(0x3646ff27, 0x6dc6f896), TOBN(0x9bf0e7f5, 0x2860bad1),
-     TOBN(0x2d92c821, 0x7cb44b92), TOBN(0xa2f5ce63, 0xaea9c182),
-     TOBN(0xd0a2afb1, 0x9154a5fd), TOBN(0x482e474c, 0x95801da6),
-     TOBN(0xc19972d0, 0xb611c24b), TOBN(0x1d468e65, 0x60a8f351),
-     TOBN(0xeb758069, 0x7bcf6421), TOBN(0xec9dd0ee, 0x88fbc491),
-     TOBN(0x5b59d2bf, 0x956c2e32), TOBN(0x73dc6864, 0xdcddf94e),
-     TOBN(0xfd5e2321, 0xbcee7665), TOBN(0xa7b4f8ef, 0x5e9a06c4),
-     TOBN(0xfba918dd, 0x7280f855), TOBN(0xbbaac260, 0x8baec688),
-     TOBN(0xa3b3f00f, 0x33400f42), TOBN(0x3d2dba29, 0x66f2e6e4),
-     TOBN(0xb6f71a94, 0x98509375), TOBN(0x8f33031f, 0xcea423cc),
-     TOBN(0x009b8dd0, 0x4807e6fb), TOBN(0x5163cfe5, 0x5cdb954c),
-     TOBN(0x03cc8f17, 0xcf41c6e8), TOBN(0xf1f03c2a, 0x037b925c),
-     TOBN(0xc39c19cc, 0x66d2427c), TOBN(0x823d24ba, 0x7b6c18e4),
-     TOBN(0x32ef9013, 0x901f0b4f), TOBN(0x684360f1, 0xf8941c2e),
-     TOBN(0x0ebaff52, 0x2c28092e), TOBN(0x7891e4e3, 0x256c932f),
-     TOBN(0x51264319, 0xac445e3d), TOBN(0x553432e7, 0x8ea74381),
-     TOBN(0xe6eeaa69, 0x67e9c50a), TOBN(0x27ced284, 0x62e628c7),
-     TOBN(0x3f96d375, 0x7a4afa57), TOBN(0xde0a14c3, 0xe484c150),
-     TOBN(0x364a24eb, 0x38bd9923), TOBN(0x1df18da0, 0xe5177422),
-     TOBN(0x174e8f82, 0xd8d38a9b), TOBN(0x2e97c600, 0xe7de1391),
-     TOBN(0xc5709850, 0xa1c175dd), TOBN(0x969041a0, 0x32ae5035),
-     TOBN(0xcbfd533b, 0x76a2086b), TOBN(0xd6bba71b, 0xd7c2e8fe),
-     TOBN(0xb2d58ee6, 0x099dfb67), TOBN(0x3a8b342d, 0x064a85d9),
-     TOBN(0x3bc07649, 0x522f9be3), TOBN(0x690c075b, 0xdf1f49a8),
-     TOBN(0x80e1aee8, 0x3854ec42), TOBN(0x2a7dbf44, 0x17689dc7),
-     TOBN(0xc004fc0e, 0x3faf4078), TOBN(0xb2f02e9e, 0xdf11862c),
-     TOBN(0xf10a5e0f, 0xa0a1b7b3), TOBN(0x30aca623, 0x8936ec80),
-     TOBN(0xf83cbf05, 0x02f40d9a), TOBN(0x4681c468, 0x2c318a4d),
-     TOBN(0x98575618, 0x0e9c2674), TOBN(0xbe79d046, 0x1847092e),
-     TOBN(0xaf1e480a, 0x78bd01e0), TOBN(0x6dd359e4, 0x72a51db9),
-     TOBN(0x62ce3821, 0xe3afbab6), TOBN(0xc5cee5b6, 0x17733199),
-     TOBN(0xe08b30d4, 0x6ffd9fbb), TOBN(0x6e5bc699, 0x36c610b7),
-     TOBN(0xf343cff2, 0x9ce262cf), TOBN(0xca2e4e35, 0x68b914c1),
-     TOBN(0x011d64c0, 0x16de36c5), TOBN(0xe0b10fdd, 0x42e2b829),
-     TOBN(0x78942981, 0x6685aaf8), TOBN(0xe7511708, 0x230ede97),
-     TOBN(0x671ed8fc, 0x3b922bf8), TOBN(0xe4d8c0a0, 0x4c29b133),
-     TOBN(0x87eb1239, 0x3b6e99c4), TOBN(0xaff3974c, 0x8793beba),
-     TOBN(0x03749405, 0x2c18df9b), TOBN(0xc5c3a293, 0x91007139),
-     TOBN(0x6a77234f, 0xe37a0b95), TOBN(0x02c29a21, 0xb661c96b),
-     TOBN(0xc3aaf1d6, 0x141ecf61), TOBN(0x9195509e, 0x3bb22f53),
-     TOBN(0x29597404, 0x22d51357), TOBN(0x1b083822, 0x537bed60),
-     TOBN(0xcd7d6e35, 0xe07289f0), TOBN(0x1f94c48c, 0x6dd86eff),
-     TOBN(0xc8bb1f82, 0xeb0f9cfa), TOBN(0x9ee0b7e6, 0x1b2eb97d),
-     TOBN(0x5a52fe2e, 0x34d74e31), TOBN(0xa352c310, 0x3bf79ab6),
-     TOBN(0x97ff6c5a, 0xabfeeb8f), TOBN(0xbfbe8fef, 0xf5c97305),
-     TOBN(0xd6081ce6, 0xa7904608), TOBN(0x1f812f3a, 0xc4fca249),
-     TOBN(0x9b24bc9a, 0xb9e5e200), TOBN(0x91022c67, 0x38012ee8),
-     TOBN(0xe83d9c5d, 0x30a713a1), TOBN(0x4876e3f0, 0x84ef0f93),
-     TOBN(0xc9777029, 0xc1fbf928), TOBN(0xef7a6bb3, 0xbce7d2a4),
-     TOBN(0xb8067228, 0xdfa2a659), TOBN(0xd5cd3398, 0xd877a48f),
-     TOBN(0xbea4fd8f, 0x025d0f3f), TOBN(0xd67d2e35, 0x2eae7c2b),
-     TOBN(0x184de7d7, 0xcc5f4394), TOBN(0xb5551b5c, 0x4536e142),
-     TOBN(0x2e89b212, 0xd34aa60a), TOBN(0x14a96fea, 0xf50051d5),
-     TOBN(0x4e21ef74, 0x0d12bb0b), TOBN(0xc522f020, 0x60b9677e),
-     TOBN(0x8b12e467, 0x2df7731d), TOBN(0x39f80382, 0x7b326d31),
-     TOBN(0xdfb8630c, 0x39024a94), TOBN(0xaacb96a8, 0x97319452),
-     TOBN(0xd68a3961, 0xeda3867c), TOBN(0x0c58e2b0, 0x77c4ffca),
-     TOBN(0x3d545d63, 0x4da919fa), TOBN(0xef79b69a, 0xf15e2289),
-     TOBN(0x54bc3d3d, 0x808bab10), TOBN(0xc8ab3007, 0x45f82c37),
-     TOBN(0xc12738b6, 0x7c4a658a), TOBN(0xb3c47639, 0x40e72182),
-     TOBN(0x3b77be46, 0x8798e44f), TOBN(0xdc047df2, 0x17a7f85f),
-     TOBN(0x2439d4c5, 0x5e59d92d), TOBN(0xcedca475, 0xe8e64d8d),
-     TOBN(0xa724cd0d, 0x87ca9b16), TOBN(0x35e4fd59, 0xa5540dfe),
-     TOBN(0xf8c1ff18, 0xe4bcf6b1), TOBN(0x856d6285, 0x295018fa),
-     TOBN(0x433f665c, 0x3263c949), TOBN(0xa6a76dd6, 0xa1f21409),
-     TOBN(0x17d32334, 0xcc7b4f79), TOBN(0xa1d03122, 0x06720e4a),
-     TOBN(0xadb6661d, 0x81d9bed5), TOBN(0xf0d6fb02, 0x11db15d1),
-     TOBN(0x7fd11ad5, 0x1fb747d2), TOBN(0xab50f959, 0x3033762b),
-     TOBN(0x2a7e711b, 0xfbefaf5a), TOBN(0xc7393278, 0x3fef2bbf),
-     TOBN(0xe29fa244, 0x0df6f9be), TOBN(0x9092757b, 0x71efd215),
-     TOBN(0xee60e311, 0x4f3d6fd9), TOBN(0x338542d4, 0x0acfb78b),
-     TOBN(0x44a23f08, 0x38961a0f), TOBN(0x1426eade, 0x986987ca),
-     TOBN(0x36e6ee2e, 0x4a863cc6), TOBN(0x48059420, 0x628b8b79),
-     TOBN(0x30303ad8, 0x7396e1de), TOBN(0x5c8bdc48, 0x38c5aad1),
-     TOBN(0x3e40e11f, 0x5c8f5066), TOBN(0xabd6e768, 0x8d246bbd),
-     TOBN(0x68aa40bb, 0x23330a01), TOBN(0xd23f5ee4, 0xc34eafa0),
-     TOBN(0x3bbee315, 0x5de02c21), TOBN(0x18dd4397, 0xd1d8dd06),
-     TOBN(0x3ba1939a, 0x122d7b44), TOBN(0xe6d3b40a, 0xa33870d6),
-     TOBN(0x8e620f70, 0x1c4fe3f8), TOBN(0xf6bba1a5, 0xd3a50cbf),
-     TOBN(0x4a78bde5, 0xcfc0aee0), TOBN(0x847edc46, 0xc08c50bd),
-     TOBN(0xbaa2439c, 0xad63c9b2), TOBN(0xceb4a728, 0x10fc2acb),
-     TOBN(0xa419e40e, 0x26da033d), TOBN(0x6cc3889d, 0x03e02683),
-     TOBN(0x1cd28559, 0xfdccf725), TOBN(0x0fd7e0f1, 0x8d13d208),
-     TOBN(0x01b9733b, 0x1f0df9d4), TOBN(0x8cc2c5f3, 0xa2b5e4f3),
-     TOBN(0x43053bfa, 0x3a304fd4), TOBN(0x8e87665c, 0x0a9f1aa7),
-     TOBN(0x087f29ec, 0xd73dc965), TOBN(0x15ace455, 0x3e9023db),
-     TOBN(0x2370e309, 0x2bce28b4), TOBN(0xf9723442, 0xb6b1e84a),
-     TOBN(0xbeee662e, 0xb72d9f26), TOBN(0xb19396de, 0xf0e47109),
-     TOBN(0x85b1fa73, 0xe13289d0), TOBN(0x436cf77e, 0x54e58e32),
-     TOBN(0x0ec833b3, 0xe990ef77), TOBN(0x7373e3ed, 0x1b11fc25),
-     TOBN(0xbe0eda87, 0x0fc332ce), TOBN(0xced04970, 0x8d7ea856),
-     TOBN(0xf85ff785, 0x7e977ca0), TOBN(0xb66ee8da, 0xdfdd5d2b),
-     TOBN(0xf5e37950, 0x905af461), TOBN(0x587b9090, 0x966d487c),
-     TOBN(0x6a198a1b, 0x32ba0127), TOBN(0xa7720e07, 0x141615ac),
-     TOBN(0xa23f3499, 0x996ef2f2), TOBN(0xef5f64b4, 0x470bcb3d),
-     TOBN(0xa526a962, 0x92b8c559), TOBN(0x0c14aac0, 0x69740a0f),
-     TOBN(0x0d41a9e3, 0xa6bdc0a5), TOBN(0x97d52106, 0x9c48aef4),
-     TOBN(0xcf16bd30, 0x3e7c253b), TOBN(0xcc834b1a, 0x47fdedc1),
-     TOBN(0x7362c6e5, 0x373aab2e), TOBN(0x264ed85e, 0xc5f590ff),
-     TOBN(0x7a46d9c0, 0x66d41870), TOBN(0xa50c20b1, 0x4787ba09),
-     TOBN(0x185e7e51, 0xe3d44635), TOBN(0xb3b3e080, 0x31e2d8dc),
-     TOBN(0xbed1e558, 0xa179e9d9), TOBN(0x2daa3f79, 0x74a76781),
-     TOBN(0x4372baf2, 0x3a40864f), TOBN(0x46900c54, 0x4fe75cb5),
-     TOBN(0xb95f171e, 0xf76765d0), TOBN(0x4ad726d2, 0x95c87502),
-     TOBN(0x2ec769da, 0x4d7c99bd), TOBN(0x5e2ddd19, 0xc36cdfa8),
-     TOBN(0xc22117fc, 0xa93e6dea), TOBN(0xe8a2583b, 0x93771123),
-     TOBN(0xbe2f6089, 0xfa08a3a2), TOBN(0x4809d5ed, 0x8f0e1112),
-     TOBN(0x3b414aa3, 0xda7a095e), TOBN(0x9049acf1, 0x26f5aadd),
-     TOBN(0x78d46a4d, 0x6be8b84a), TOBN(0xd66b1963, 0xb732b9b3),
-     TOBN(0x5c2ac2a0, 0xde6e9555), TOBN(0xcf52d098, 0xb5bd8770),
-     TOBN(0x15a15fa6, 0x0fd28921), TOBN(0x56ccb81e, 0x8b27536d),
-     TOBN(0x0f0d8ab8, 0x9f4ccbb8), TOBN(0xed5f44d2, 0xdb221729),
-     TOBN(0x43141988, 0x00bed10c), TOBN(0xc94348a4, 0x1d735b8b),
-     TOBN(0x79f3e9c4, 0x29ef8479), TOBN(0x4c13a4e3, 0x614c693f),
-     TOBN(0x32c9af56, 0x8e143a14), TOBN(0xbc517799, 0xe29ac5c4),
-     TOBN(0x05e17992, 0x2774856f), TOBN(0x6e52fb05, 0x6c1bf55f),
-     TOBN(0xaeda4225, 0xe4f19e16), TOBN(0x70f4728a, 0xaf5ccb26),
-     TOBN(0x5d2118d1, 0xb2947f22), TOBN(0xc827ea16, 0x281d6fb9),
-     TOBN(0x8412328d, 0x8cf0eabd), TOBN(0x45ee9fb2, 0x03ef9dcf),
-     TOBN(0x8e700421, 0xbb937d63), TOBN(0xdf8ff2d5, 0xcc4b37a6),
-     TOBN(0xa4c0d5b2, 0x5ced7b68), TOBN(0x6537c1ef, 0xc7308f59),
-     TOBN(0x25ce6a26, 0x3b37f8e8), TOBN(0x170e9a9b, 0xdeebc6ce),
-     TOBN(0xdd037952, 0x8728d72c), TOBN(0x445b0e55, 0x850154bc),
-     TOBN(0x4b7d0e06, 0x83a7337b), TOBN(0x1e3416d4, 0xffecf249),
-     TOBN(0x24840eff, 0x66a2b71f), TOBN(0xd0d9a50a, 0xb37cc26d),
-     TOBN(0xe2198150, 0x6fe28ef7), TOBN(0x3cc5ef16, 0x23324c7f),
-     TOBN(0x220f3455, 0x769b5263), TOBN(0xe2ade2f1, 0xa10bf475),
-     TOBN(0x28cd20fa, 0x458d3671), TOBN(0x1549722c, 0x2dc4847b),
-     TOBN(0x6dd01e55, 0x591941e3), TOBN(0x0e6fbcea, 0x27128ccb),
-     TOBN(0xae1a1e6b, 0x3bef0262), TOBN(0xfa8c472c, 0x8f54e103),
-     TOBN(0x7539c0a8, 0x72c052ec), TOBN(0xd7b27369, 0x5a3490e9),
-     TOBN(0x143fe1f1, 0x71684349), TOBN(0x36b4722e, 0x32e19b97),
-     TOBN(0xdc059227, 0x90980aff), TOBN(0x175c9c88, 0x9e13d674),
-     TOBN(0xa7de5b22, 0x6e6bfdb1), TOBN(0x5ea5b7b2, 0xbedb4b46),
-     TOBN(0xd5570191, 0xd34a6e44), TOBN(0xfcf60d2e, 0xa24ff7e6),
-     TOBN(0x614a392d, 0x677819e1), TOBN(0x7be74c7e, 0xaa5a29e8),
-     TOBN(0xab50fece, 0x63c85f3f), TOBN(0xaca2e2a9, 0x46cab337),
-     TOBN(0x7f700388, 0x122a6fe3), TOBN(0xdb69f703, 0x882a04a8),
-     TOBN(0x9a77935d, 0xcf7aed57), TOBN(0xdf16207c, 0x8d91c86f),
-     TOBN(0x2fca49ab, 0x63ed9998), TOBN(0xa3125c44, 0xa77ddf96),
-     TOBN(0x05dd8a86, 0x24344072), TOBN(0xa023dda2, 0xfec3fb56),
-     TOBN(0x421b41fc, 0x0c743032), TOBN(0x4f2120c1, 0x5e438639),
-     TOBN(0xfb7cae51, 0xc83c1b07), TOBN(0xb2370caa, 0xcac2171a),
-     TOBN(0x2eb2d962, 0x6cc820fb), TOBN(0x59feee5c, 0xb85a44bf),
-     TOBN(0x94620fca, 0x5b6598f0), TOBN(0x6b922cae, 0x7e314051),
-     TOBN(0xff8745ad, 0x106bed4e), TOBN(0x546e71f5, 0xdfa1e9ab),
-     TOBN(0x935c1e48, 0x1ec29487), TOBN(0x9509216c, 0x4d936530),
-     TOBN(0xc7ca3067, 0x85c9a2db), TOBN(0xd6ae5152, 0x6be8606f),
-     TOBN(0x09dbcae6, 0xe14c651d), TOBN(0xc9536e23, 0x9bc32f96),
-     TOBN(0xa90535a9, 0x34521b03), TOBN(0xf39c526c, 0x878756ff),
-     TOBN(0x383172ec, 0x8aedf03c), TOBN(0x20a8075e, 0xefe0c034),
-     TOBN(0xf22f9c62, 0x64026422), TOBN(0x8dd10780, 0x24b9d076),
-     TOBN(0x944c742a, 0x3bef2950), TOBN(0x55b9502e, 0x88a2b00b),
-     TOBN(0xa59e14b4, 0x86a09817), TOBN(0xa39dd3ac, 0x47bb4071),
-     TOBN(0x55137f66, 0x3be0592f), TOBN(0x07fcafd4, 0xc9e63f5b),
-     TOBN(0x963652ee, 0x346eb226), TOBN(0x7dfab085, 0xec2facb7),
-     TOBN(0x273bf2b8, 0x691add26), TOBN(0x30d74540, 0xf2b46c44),
-     TOBN(0x05e8e73e, 0xf2c2d065), TOBN(0xff9b8a00, 0xd42eeac9),
-     TOBN(0x2fcbd205, 0x97209d22), TOBN(0xeb740ffa, 0xde14ea2c),
-     TOBN(0xc71ff913, 0xa8aef518), TOBN(0x7bfc74bb, 0xfff4cfa2),
-     TOBN(0x1716680c, 0xb6b36048), TOBN(0x121b2cce, 0x9ef79af1),
-     TOBN(0xbff3c836, 0xa01eb3d3), TOBN(0x50eb1c6a, 0x5f79077b),
-     TOBN(0xa48c32d6, 0xa004bbcf), TOBN(0x47a59316, 0x7d64f61d),
-     TOBN(0x6068147f, 0x93102016), TOBN(0x12c5f654, 0x94d12576),
-     TOBN(0xefb071a7, 0xc9bc6b91), TOBN(0x7c2da0c5, 0x6e23ea95),
-     TOBN(0xf4fd45b6, 0xd4a1dd5d), TOBN(0x3e7ad9b6, 0x9122b13c),
-     TOBN(0x342ca118, 0xe6f57a48), TOBN(0x1c2e94a7, 0x06f8288f),
-     TOBN(0x99e68f07, 0x5a97d231), TOBN(0x7c80de97, 0x4d838758),
-     TOBN(0xbce0f5d0, 0x05872727), TOBN(0xbe5d95c2, 0x19c4d016),
-     TOBN(0x921d5cb1, 0x9c2492ee), TOBN(0x42192dc1, 0x404d6fb3),
-     TOBN(0x4c84dcd1, 0x32f988d3), TOBN(0xde26d61f, 0xa17b8e85),
-     TOBN(0xc466dcb6, 0x137c7408), TOBN(0x9a38d7b6, 0x36a266da),
-     TOBN(0x7ef5cb06, 0x83bebf1b), TOBN(0xe5cdcbbf, 0x0fd014e3),
-     TOBN(0x30aa376d, 0xf65965a0), TOBN(0x60fe88c2, 0xebb3e95e),
-     TOBN(0x33fd0b61, 0x66ee6f20), TOBN(0x8827dcdb, 0x3f41f0a0),
-     TOBN(0xbf8a9d24, 0x0c56c690), TOBN(0x40265dad, 0xddb7641d),
-     TOBN(0x522b05bf, 0x3a6b662b), TOBN(0x466d1dfe, 0xb1478c9b),
-     TOBN(0xaa616962, 0x1484469b), TOBN(0x0db60549, 0x02df8f9f),
-     TOBN(0xc37bca02, 0x3cb8bf51), TOBN(0x5effe346, 0x21371ce8),
-     TOBN(0xe8f65264, 0xff112c32), TOBN(0x8a9c736d, 0x7b971fb2),
-     TOBN(0xa4f19470, 0x7b75080d), TOBN(0xfc3f2c5a, 0x8839c59b),
-     TOBN(0x1d6c777e, 0x5aeb49c2), TOBN(0xf3db034d, 0xda1addfe),
-     TOBN(0xd76fee5a, 0x5535affc), TOBN(0x0853ac70, 0xb92251fd),
-     TOBN(0x37e3d594, 0x8b2a29d5), TOBN(0x28f1f457, 0x4de00ddb),
-     TOBN(0x8083c1b5, 0xf42c328b), TOBN(0xd8ef1d8f, 0xe493c73b),
-     TOBN(0x96fb6260, 0x41dc61bd), TOBN(0xf74e8a9d, 0x27ee2f8a),
-     TOBN(0x7c605a80, 0x2c946a5d), TOBN(0xeed48d65, 0x3839ccfd),
-     TOBN(0x9894344f, 0x3a29467a), TOBN(0xde81e949, 0xc51eba6d),
-     TOBN(0xdaea066b, 0xa5e5c2f2), TOBN(0x3fc8a614, 0x08c8c7b3),
-     TOBN(0x7adff88f, 0x06d0de9f), TOBN(0xbbc11cf5, 0x3b75ce0a),
-     TOBN(0x9fbb7acc, 0xfbbc87d5), TOBN(0xa1458e26, 0x7badfde2)}
-    ,
-    {TOBN(0x1cb43668, 0xe039c256), TOBN(0x5f26fb8b, 0x7c17fd5d),
-     TOBN(0xeee426af, 0x79aa062b), TOBN(0x072002d0, 0xd78fbf04),
-     TOBN(0x4c9ca237, 0xe84fb7e3), TOBN(0xb401d8a1, 0x0c82133d),
-     TOBN(0xaaa52592, 0x6d7e4181), TOBN(0xe9430833, 0x73dbb152),
-     TOBN(0xf92dda31, 0xbe24319a), TOBN(0x03f7d28b, 0xe095a8e7),
-     TOBN(0xa52fe840, 0x98782185), TOBN(0x276ddafe, 0x29c24dbc),
-     TOBN(0x80cd5496, 0x1d7a64eb), TOBN(0xe4360889, 0x7f1dbe42),
-     TOBN(0x2f81a877, 0x8438d2d5), TOBN(0x7e4d52a8, 0x85169036),
-     TOBN(0x19e3d5b1, 0x1d59715d), TOBN(0xc7eaa762, 0xd788983e),
-     TOBN(0xe5a730b0, 0xabf1f248), TOBN(0xfbab8084, 0xfae3fd83),
-     TOBN(0x65e50d21, 0x53765b2f), TOBN(0xbdd4e083, 0xfa127f3d),
-     TOBN(0x9cf3c074, 0x397b1b10), TOBN(0x59f8090c, 0xb1b59fd3),
-     TOBN(0x7b15fd9d, 0x615faa8f), TOBN(0x8fa1eb40, 0x968554ed),
-     TOBN(0x7bb4447e, 0x7aa44882), TOBN(0x2bb2d0d1, 0x029fff32),
-     TOBN(0x075e2a64, 0x6caa6d2f), TOBN(0x8eb879de, 0x22e7351b),
-     TOBN(0xbcd5624e, 0x9a506c62), TOBN(0x218eaef0, 0xa87e24dc),
-     TOBN(0x37e56847, 0x44ddfa35), TOBN(0x9ccfc5c5, 0xdab3f747),
-     TOBN(0x9ac1df3f, 0x1ee96cf4), TOBN(0x0c0571a1, 0x3b480b8f),
-     TOBN(0x2fbeb3d5, 0x4b3a7b3c), TOBN(0x35c03669, 0x5dcdbb99),
-     TOBN(0x52a0f5dc, 0xb2415b3a), TOBN(0xd57759b4, 0x4413ed9a),
-     TOBN(0x1fe647d8, 0x3d30a2c5), TOBN(0x0857f77e, 0xf78a81dc),
-     TOBN(0x11d5a334, 0x131a4a9b), TOBN(0xc0a94af9, 0x29d393f5),
-     TOBN(0xbc3a5c0b, 0xdaa6ec1a), TOBN(0xba9fe493, 0x88d2d7ed),
-     TOBN(0xbb4335b4, 0xbb614797), TOBN(0x991c4d68, 0x72f83533),
-     TOBN(0x53258c28, 0xd2f01cb3), TOBN(0x93d6eaa3, 0xd75db0b1),
-     TOBN(0x419a2b0d, 0xe87d0db4), TOBN(0xa1e48f03, 0xd8fe8493),
-     TOBN(0xf747faf6, 0xc508b23a), TOBN(0xf137571a, 0x35d53549),
-     TOBN(0x9f5e58e2, 0xfcf9b838), TOBN(0xc7186cee, 0xa7fd3cf5),
-     TOBN(0x77b868ce, 0xe978a1d3), TOBN(0xe3a68b33, 0x7ab92d04),
-     TOBN(0x51029794, 0x87a5b862), TOBN(0x5f0606c3, 0x3a61d41d),
-     TOBN(0x2814be27, 0x6f9326f1), TOBN(0x2f521c14, 0xc6fe3c2e),
-     TOBN(0x17464d7d, 0xacdf7351), TOBN(0x10f5f9d3, 0x777f7e44),
-     TOBN(0xce8e616b, 0x269fb37d), TOBN(0xaaf73804, 0x7de62de5),
-     TOBN(0xaba11175, 0x4fdd4153), TOBN(0x515759ba, 0x3770b49b),
-     TOBN(0x8b09ebf8, 0xaa423a61), TOBN(0x592245a1, 0xcd41fb92),
-     TOBN(0x1cba8ec1, 0x9b4c8936), TOBN(0xa87e91e3, 0xaf36710e),
-     TOBN(0x1fd84ce4, 0x3d34a2e3), TOBN(0xee3759ce, 0xb43b5d61),
-     TOBN(0x895bc78c, 0x619186c7), TOBN(0xf19c3809, 0xcbb9725a),
-     TOBN(0xc0be21aa, 0xde744b1f), TOBN(0xa7d222b0, 0x60f8056b),
-     TOBN(0x74be6157, 0xb23efe11), TOBN(0x6fab2b4f, 0x0cd68253),
-     TOBN(0xad33ea5f, 0x4bf1d725), TOBN(0x9c1d8ee2, 0x4f6c950f),
-     TOBN(0x544ee78a, 0xa377af06), TOBN(0x54f489bb, 0x94a113e1),
-     TOBN(0x8f11d634, 0x992fb7e8), TOBN(0x0169a7aa, 0xa2a44347),
-     TOBN(0x1d49d4af, 0x95020e00), TOBN(0x95945722, 0xe08e120b),
-     TOBN(0xb6e33878, 0xa4d32282), TOBN(0xe36e029d, 0x48020ae7),
-     TOBN(0xe05847fb, 0x37a9b750), TOBN(0xf876812c, 0xb29e3819),
-     TOBN(0x84ad138e, 0xd23a17f0), TOBN(0x6d7b4480, 0xf0b3950e),
-     TOBN(0xdfa8aef4, 0x2fd67ae0), TOBN(0x8d3eea24, 0x52333af6),
-     TOBN(0x0d052075, 0xb15d5acc), TOBN(0xc6d9c79f, 0xbd815bc4),
-     TOBN(0x8dcafd88, 0xdfa36cf2), TOBN(0x908ccbe2, 0x38aa9070),
-     TOBN(0x638722c4, 0xba35afce), TOBN(0x5a3da8b0, 0xfd6abf0b),
-     TOBN(0x2dce252c, 0xc9c335c1), TOBN(0x84e7f0de, 0x65aa799b),
-     TOBN(0x2101a522, 0xb99a72cb), TOBN(0x06de6e67, 0x87618016),
-     TOBN(0x5ff8c7cd, 0xe6f3653e), TOBN(0x0a821ab5, 0xc7a6754a),
-     TOBN(0x7e3fa52b, 0x7cb0b5a2), TOBN(0xa7fb121c, 0xc9048790),
-     TOBN(0x1a725020, 0x06ce053a), TOBN(0xb490a31f, 0x04e929b0),
-     TOBN(0xe17be47d, 0x62dd61ad), TOBN(0x781a961c, 0x6be01371),
-     TOBN(0x1063bfd3, 0xdae3cbba), TOBN(0x35647406, 0x7f73c9ba),
-     TOBN(0xf50e957b, 0x2736a129), TOBN(0xa6313702, 0xed13f256),
-     TOBN(0x9436ee65, 0x3a19fcc5), TOBN(0xcf2bdb29, 0xe7a4c8b6),
-     TOBN(0xb06b1244, 0xc5f95cd8), TOBN(0xda8c8af0, 0xf4ab95f4),
-     TOBN(0x1bae59c2, 0xb9e5836d), TOBN(0x07d51e7e, 0x3acffffc),
-     TOBN(0x01e15e6a, 0xc2ccbcda), TOBN(0x3bc1923f, 0x8528c3e0),
-     TOBN(0x43324577, 0xa49fead4), TOBN(0x61a1b884, 0x2aa7a711),
-     TOBN(0xf9a86e08, 0x700230ef), TOBN(0x0af585a1, 0xbd19adf8),
-     TOBN(0x7645f361, 0xf55ad8f2), TOBN(0x6e676223, 0x46c3614c),
-     TOBN(0x23cb257c, 0x4e774d3f), TOBN(0x82a38513, 0xac102d1b),
-     TOBN(0x9bcddd88, 0x7b126aa5), TOBN(0xe716998b, 0xeefd3ee4),
-     TOBN(0x4239d571, 0xfb167583), TOBN(0xdd011c78, 0xd16c8f8a),
-     TOBN(0x271c2895, 0x69a27519), TOBN(0x9ce0a3b7, 0xd2d64b6a),
-     TOBN(0x8c977289, 0xd5ec6738), TOBN(0xa3b49f9a, 0x8840ef6b),
-     TOBN(0x808c14c9, 0x9a453419), TOBN(0x5c00295b, 0x0cf0a2d5),
-     TOBN(0x524414fb, 0x1d4bcc76), TOBN(0xb07691d2, 0x459a88f1),
-     TOBN(0x77f43263, 0xf70d110f), TOBN(0x64ada5e0, 0xb7abf9f3),
-     TOBN(0xafd0f94e, 0x5b544cf5), TOBN(0xb4a13a15, 0xfd2713fe),
-     TOBN(0xb99b7d6e, 0x250c74f4), TOBN(0x097f2f73, 0x20324e45),
-     TOBN(0x994b37d8, 0xaffa8208), TOBN(0xc3c31b0b, 0xdc29aafc),
-     TOBN(0x3da74651, 0x7a3a607f), TOBN(0xd8e1b8c1, 0xfe6955d6),
-     TOBN(0x716e1815, 0xc8418682), TOBN(0x541d487f, 0x7dc91d97),
-     TOBN(0x48a04669, 0xc6996982), TOBN(0xf39cab15, 0x83a6502e),
-     TOBN(0x025801a0, 0xe68db055), TOBN(0xf3569758, 0xba3338d5),
-     TOBN(0xb0c8c0aa, 0xee2afa84), TOBN(0x4f6985d3, 0xfb6562d1),
-     TOBN(0x351f1f15, 0x132ed17a), TOBN(0x510ed0b4, 0xc04365fe),
-     TOBN(0xa3f98138, 0xe5b1f066), TOBN(0xbc9d95d6, 0x32df03dc),
-     TOBN(0xa83ccf6e, 0x19abd09e), TOBN(0x0b4097c1, 0x4ff17edb),
-     TOBN(0x58a5c478, 0xd64a06ce), TOBN(0x2ddcc3fd, 0x544a58fd),
-     TOBN(0xd449503d, 0x9e8153b8), TOBN(0x3324fd02, 0x7774179b),
-     TOBN(0xaf5d47c8, 0xdbd9120c), TOBN(0xeb860162, 0x34fa94db),
-     TOBN(0x5817bdd1, 0x972f07f4), TOBN(0xe5579e2e, 0xd27bbceb),
-     TOBN(0x86847a1f, 0x5f11e5a6), TOBN(0xb39ed255, 0x7c3cf048),
-     TOBN(0xe1076417, 0xa2f62e55), TOBN(0x6b9ab38f, 0x1bcf82a2),
-     TOBN(0x4bb7c319, 0x7aeb29f9), TOBN(0xf6d17da3, 0x17227a46),
-     TOBN(0xab53ddbd, 0x0f968c00), TOBN(0xa03da7ec, 0x000c880b),
-     TOBN(0x7b239624, 0x6a9ad24d), TOBN(0x612c0401, 0x01ec60d0),
-     TOBN(0x70d10493, 0x109f5df1), TOBN(0xfbda4030, 0x80af7550),
-     TOBN(0x30b93f95, 0xc6b9a9b3), TOBN(0x0c74ec71, 0x007d9418),
-     TOBN(0x94175564, 0x6edb951f), TOBN(0x5f4a9d78, 0x7f22c282),
-     TOBN(0xb7870895, 0xb38d1196), TOBN(0xbc593df3, 0xa228ce7c),
-     TOBN(0xc78c5bd4, 0x6af3641a), TOBN(0x7802200b, 0x3d9b3dcc),
-     TOBN(0x0dc73f32, 0x8be33304), TOBN(0x847ed87d, 0x61ffb79a),
-     TOBN(0xf85c974e, 0x6d671192), TOBN(0x1e14100a, 0xde16f60f),
-     TOBN(0x45cb0d5a, 0x95c38797), TOBN(0x18923bba, 0x9b022da4),
-     TOBN(0xef2be899, 0xbbe7e86e), TOBN(0x4a1510ee, 0x216067bf),
-     TOBN(0xd98c8154, 0x84d5ce3e), TOBN(0x1af777f0, 0xf92a2b90),
-     TOBN(0x9fbcb400, 0x4ef65724), TOBN(0x3e04a4c9, 0x3c0ca6fe),
-     TOBN(0xfb3e2cb5, 0x55002994), TOBN(0x1f3a93c5, 0x5363ecab),
-     TOBN(0x1fe00efe, 0x3923555b), TOBN(0x744bedd9, 0x1e1751ea),
-     TOBN(0x3fb2db59, 0x6ab69357), TOBN(0x8dbd7365, 0xf5e6618b),
-     TOBN(0x99d53099, 0xdf1ea40e), TOBN(0xb3f24a0b, 0x57d61e64),
-     TOBN(0xd088a198, 0x596eb812), TOBN(0x22c8361b, 0x5762940b),
-     TOBN(0x66f01f97, 0xf9c0d95c), TOBN(0x88461172, 0x8e43cdae),
-     TOBN(0x11599a7f, 0xb72b15c3), TOBN(0x135a7536, 0x420d95cc),
-     TOBN(0x2dcdf0f7, 0x5f7ae2f6), TOBN(0x15fc6e1d, 0xd7fa6da2),
-     TOBN(0x81ca829a, 0xd1d441b6), TOBN(0x84c10cf8, 0x04a106b6),
-     TOBN(0xa9b26c95, 0xa73fbbd0), TOBN(0x7f24e0cb, 0x4d8f6ee8),
-     TOBN(0x48b45937, 0x1e25a043), TOBN(0xf8a74fca, 0x036f3dfe),
-     TOBN(0x1ed46585, 0xc9f84296), TOBN(0x7fbaa8fb, 0x3bc278b0),
-     TOBN(0xa8e96cd4, 0x6c4fcbd0), TOBN(0x940a1202, 0x73b60a5f),
-     TOBN(0x34aae120, 0x55a4aec8), TOBN(0x550e9a74, 0xdbd742f0),
-     TOBN(0x794456d7, 0x228c68ab), TOBN(0x492f8868, 0xa4e25ec6),
-     TOBN(0x682915ad, 0xb2d8f398), TOBN(0xf13b51cc, 0x5b84c953),
-     TOBN(0xcda90ab8, 0x5bb917d6), TOBN(0x4b615560, 0x4ea3dee1),
-     TOBN(0x578b4e85, 0x0a52c1c8), TOBN(0xeab1a695, 0x20b75fc4),
-     TOBN(0x60c14f3c, 0xaa0bb3c6), TOBN(0x220f448a, 0xb8216094),
-     TOBN(0x4fe7ee31, 0xb0e63d34), TOBN(0xf4600572, 0xa9e54fab),
-     TOBN(0xc0493334, 0xd5e7b5a4), TOBN(0x8589fb92, 0x06d54831),
-     TOBN(0xaa70f5cc, 0x6583553a), TOBN(0x0879094a, 0xe25649e5),
-     TOBN(0xcc904507, 0x10044652), TOBN(0xebb0696d, 0x02541c4f),
-     TOBN(0x5a171fde, 0xb9718710), TOBN(0x38f1bed8, 0xf374a9f5),
-     TOBN(0xc8c582e1, 0xba39bdc1), TOBN(0xfc457b0a, 0x908cc0ce),
-     TOBN(0x9a187fd4, 0x883841e2), TOBN(0x8ec25b39, 0x38725381),
-     TOBN(0x2553ed05, 0x96f84395), TOBN(0x095c7661, 0x6f6c6897),
-     TOBN(0x917ac85c, 0x4bdc5610), TOBN(0xb2885fe4, 0x179eb301),
-     TOBN(0x5fc65547, 0x8b78bdcc), TOBN(0x4a9fc893, 0xe59e4699),
-     TOBN(0xbb7ff0cd, 0x3ce299af), TOBN(0x195be9b3, 0xadf38b20),
-     TOBN(0x6a929c87, 0xd38ddb8f), TOBN(0x55fcc99c, 0xb21a51b9),
-     TOBN(0x2b695b4c, 0x721a4593), TOBN(0xed1e9a15, 0x768eaac2),
-     TOBN(0xfb63d71c, 0x7489f914), TOBN(0xf98ba31c, 0x78118910),
-     TOBN(0x80291373, 0x9b128eb4), TOBN(0x7801214e, 0xd448af4a),
-     TOBN(0xdbd2e22b, 0x55418dd3), TOBN(0xeffb3c0d, 0xd3998242),
-     TOBN(0xdfa6077c, 0xc7bf3827), TOBN(0xf2165bcb, 0x47f8238f),
-     TOBN(0xfe37cf68, 0x8564d554), TOBN(0xe5f825c4, 0x0a81fb98),
-     TOBN(0x43cc4f67, 0xffed4d6f), TOBN(0xbc609578, 0xb50a34b0),
-     TOBN(0x8aa8fcf9, 0x5041faf1), TOBN(0x5659f053, 0x651773b6),
-     TOBN(0xe87582c3, 0x6044d63b), TOBN(0xa6089409, 0x0cdb0ca0),
-     TOBN(0x8c993e0f, 0xbfb2bcf6), TOBN(0xfc64a719, 0x45985cfc),
-     TOBN(0x15c4da80, 0x83dbedba), TOBN(0x804ae112, 0x2be67df7),
-     TOBN(0xda4c9658, 0xa23defde), TOBN(0x12002ddd, 0x5156e0d3),
-     TOBN(0xe68eae89, 0x5dd21b96), TOBN(0x8b99f28b, 0xcf44624d),
-     TOBN(0x0ae00808, 0x1ec8897a), TOBN(0xdd0a9303, 0x6712f76e),
-     TOBN(0x96237522, 0x4e233de4), TOBN(0x192445b1, 0x2b36a8a5),
-     TOBN(0xabf9ff74, 0x023993d9), TOBN(0x21f37bf4, 0x2aad4a8f),
-     TOBN(0x340a4349, 0xf8bd2bbd), TOBN(0x1d902cd9, 0x4868195d),
-     TOBN(0x3d27bbf1, 0xe5fdb6f1), TOBN(0x7a5ab088, 0x124f9f1c),
-     TOBN(0xc466ab06, 0xf7a09e03), TOBN(0x2f8a1977, 0x31f2c123),
-     TOBN(0xda355dc7, 0x041b6657), TOBN(0xcb840d12, 0x8ece2a7c),
-     TOBN(0xb600ad9f, 0x7db32675), TOBN(0x78fea133, 0x07a06f1b),
-     TOBN(0x5d032269, 0xb31f6094), TOBN(0x07753ef5, 0x83ec37aa),
-     TOBN(0x03485aed, 0x9c0bea78), TOBN(0x41bb3989, 0xbc3f4524),
-     TOBN(0x09403761, 0x697f726d), TOBN(0x6109beb3, 0xdf394820),
-     TOBN(0x804111ea, 0x3b6d1145), TOBN(0xb6271ea9, 0xa8582654),
-     TOBN(0x619615e6, 0x24e66562), TOBN(0xa2554945, 0xd7b6ad9c),
-     TOBN(0xd9c4985e, 0x99bfe35f), TOBN(0x9770ccc0, 0x7b51cdf6),
-     TOBN(0x7c327013, 0x92881832), TOBN(0x8777d45f, 0x286b26d1),
-     TOBN(0x9bbeda22, 0xd847999d), TOBN(0x03aa33b6, 0xc3525d32),
-     TOBN(0x4b7b96d4, 0x28a959a1), TOBN(0xbb3786e5, 0x31e5d234),
-     TOBN(0xaeb5d3ce, 0x6961f247), TOBN(0x20aa85af, 0x02f93d3f),
-     TOBN(0x9cd1ad3d, 0xd7a7ae4f), TOBN(0xbf6688f0, 0x781adaa8),
-     TOBN(0xb1b40e86, 0x7469cead), TOBN(0x1904c524, 0x309fca48),
-     TOBN(0x9b7312af, 0x4b54bbc7), TOBN(0xbe24bf8f, 0x593affa2),
-     TOBN(0xbe5e0790, 0xbd98764b), TOBN(0xa0f45f17, 0xa26e299e),
-     TOBN(0x4af0d2c2, 0x6b8fe4c7), TOBN(0xef170db1, 0x8ae8a3e6),
-     TOBN(0x0e8d61a0, 0x29e0ccc1), TOBN(0xcd53e87e, 0x60ad36ca),
-     TOBN(0x328c6623, 0xc8173822), TOBN(0x7ee1767d, 0xa496be55),
-     TOBN(0x89f13259, 0x648945af), TOBN(0x9e45a5fd, 0x25c8009c),
-     TOBN(0xaf2febd9, 0x1f61ab8c), TOBN(0x43f6bc86, 0x8a275385),
-     TOBN(0x87792348, 0xf2142e79), TOBN(0x17d89259, 0xc6e6238a),
-     TOBN(0x7536d2f6, 0x4a839d9b), TOBN(0x1f428fce, 0x76a1fbdc),
-     TOBN(0x1c109601, 0x0db06dfe), TOBN(0xbfc16bc1, 0x50a3a3cc),
-     TOBN(0xf9cbd9ec, 0x9b30f41b), TOBN(0x5b5da0d6, 0x00138cce),
-     TOBN(0xec1d0a48, 0x56ef96a7), TOBN(0xb47eb848, 0x982bf842),
-     TOBN(0x66deae32, 0xec3f700d), TOBN(0x4e43c42c, 0xaa1181e0),
-     TOBN(0xa1d72a31, 0xd1a4aa2a), TOBN(0x440d4668, 0xc004f3ce),
-     TOBN(0x0d6a2d3b, 0x45fe8a7a), TOBN(0x820e52e2, 0xfb128365),
-     TOBN(0x29ac5fcf, 0x25e51b09), TOBN(0x180cd2bf, 0x2023d159),
-     TOBN(0xa9892171, 0xa1ebf90e), TOBN(0xf97c4c87, 0x7c132181),
-     TOBN(0x9f1dc724, 0xc03dbb7e), TOBN(0xae043765, 0x018cbbe4),
-     TOBN(0xfb0b2a36, 0x0767d153), TOBN(0xa8e2f4d6, 0x249cbaeb),
-     TOBN(0x172a5247, 0xd95ea168), TOBN(0x1758fada, 0x2970764a),
-     TOBN(0xac803a51, 0x1d978169), TOBN(0x299cfe2e, 0xde77e01b),
-     TOBN(0x652a1e17, 0xb0a98927), TOBN(0x2e26e1d1, 0x20014495),
-     TOBN(0x7ae0af9f, 0x7175b56a), TOBN(0xc2e22a80, 0xd64b9f95),
-     TOBN(0x4d0ff9fb, 0xd90a060a), TOBN(0x496a27db, 0xbaf38085),
-     TOBN(0x32305401, 0xda776bcf), TOBN(0xb8cdcef6, 0x725f209e),
-     TOBN(0x61ba0f37, 0x436a0bba), TOBN(0x263fa108, 0x76860049),
-     TOBN(0x92beb98e, 0xda3542cf), TOBN(0xa2d4d14a, 0xd5849538),
-     TOBN(0x989b9d68, 0x12e9a1bc), TOBN(0x61d9075c, 0x5f6e3268),
-     TOBN(0x352c6aa9, 0x99ace638), TOBN(0xde4e4a55, 0x920f43ff),
-     TOBN(0xe5e4144a, 0xd673c017), TOBN(0x667417ae, 0x6f6e05ea),
-     TOBN(0x613416ae, 0xdcd1bd56), TOBN(0x5eb36201, 0x86693711),
-     TOBN(0x2d7bc504, 0x3a1aa914), TOBN(0x175a1299, 0x76dc5975),
-     TOBN(0xe900e0f2, 0x3fc8125c), TOBN(0x569ef68c, 0x11198875),
-     TOBN(0x9012db63, 0x63a113b4), TOBN(0xe3bd3f56, 0x98835766),
-     TOBN(0xa5c94a52, 0x76412dea), TOBN(0xad9e2a09, 0xaa735e5c),
-     TOBN(0x405a984c, 0x508b65e9), TOBN(0xbde4a1d1, 0x6df1a0d1),
-     TOBN(0x1a9433a1, 0xdfba80da), TOBN(0xe9192ff9, 0x9440ad2e),
-     TOBN(0x9f649696, 0x5099fe92), TOBN(0x25ddb65c, 0x0b27a54a),
-     TOBN(0x178279dd, 0xc590da61), TOBN(0x5479a999, 0xfbde681a),
-     TOBN(0xd0e84e05, 0x013fe162), TOBN(0xbe11dc92, 0x632d471b),
-     TOBN(0xdf0b0c45, 0xfc0e089f), TOBN(0x04fb15b0, 0x4c144025),
-     TOBN(0xa61d5fc2, 0x13c99927), TOBN(0xa033e9e0, 0x3de2eb35),
-     TOBN(0xf8185d5c, 0xb8dacbb4), TOBN(0x9a88e265, 0x8644549d),
-     TOBN(0xf717af62, 0x54671ff6), TOBN(0x4bd4241b, 0x5fa58603),
-     TOBN(0x06fba40b, 0xe67773c0), TOBN(0xc1d933d2, 0x6a2847e9),
-     TOBN(0xf4f5acf3, 0x689e2c70), TOBN(0x92aab0e7, 0x46bafd31),
-     TOBN(0x798d76aa, 0x3473f6e5), TOBN(0xcc6641db, 0x93141934),
-     TOBN(0xcae27757, 0xd31e535e), TOBN(0x04cc43b6, 0x87c2ee11),
-     TOBN(0x8d1f9675, 0x2e029ffa), TOBN(0xc2150672, 0xe4cc7a2c),
-     TOBN(0x3b03c1e0, 0x8d68b013), TOBN(0xa9d6816f, 0xedf298f3),
-     TOBN(0x1bfbb529, 0xa2804464), TOBN(0x95a52fae, 0x5db22125),
-     TOBN(0x55b32160, 0x0e1cb64e), TOBN(0x004828f6, 0x7e7fc9fe),
-     TOBN(0x13394b82, 0x1bb0fb93), TOBN(0xb6293a2d, 0x35f1a920),
-     TOBN(0xde35ef21, 0xd145d2d9), TOBN(0xbe6225b3, 0xbb8fa603),
-     TOBN(0x00fc8f6b, 0x32cf252d), TOBN(0xa28e52e6, 0x117cf8c2),
-     TOBN(0x9d1dc89b, 0x4c371e6d), TOBN(0xcebe0675, 0x36ef0f28),
-     TOBN(0x5de05d09, 0xa4292f81), TOBN(0xa8303593, 0x353e3083),
-     TOBN(0xa1715b0a, 0x7e37a9bb), TOBN(0x8c56f61e, 0x2b8faec3),
-     TOBN(0x52507431, 0x33c9b102), TOBN(0x0130cefc, 0xa44431f0),
-     TOBN(0x56039fa0, 0xbd865cfb), TOBN(0x4b03e578, 0xbc5f1dd7),
-     TOBN(0x40edf2e4, 0xbabe7224), TOBN(0xc752496d, 0x3a1988f6),
-     TOBN(0xd1572d3b, 0x564beb6b), TOBN(0x0db1d110, 0x39a1c608),
-     TOBN(0x568d1934, 0x16f60126), TOBN(0x05ae9668, 0xf354af33),
-     TOBN(0x19de6d37, 0xc92544f2), TOBN(0xcc084353, 0xa35837d5),
-     TOBN(0xcbb6869c, 0x1a514ece), TOBN(0xb633e728, 0x2e1d1066),
-     TOBN(0xf15dd69f, 0x936c581c), TOBN(0x96e7b8ce, 0x7439c4f9),
-     TOBN(0x5e676f48, 0x2e448a5b), TOBN(0xb2ca7d5b, 0xfd916bbb),
-     TOBN(0xd55a2541, 0xf5024025), TOBN(0x47bc5769, 0xe4c2d937),
-     TOBN(0x7d31b92a, 0x0362189f), TOBN(0x83f3086e, 0xef7816f9),
-     TOBN(0xf9f46d94, 0xb587579a), TOBN(0xec2d22d8, 0x30e76c5f),
-     TOBN(0x27d57461, 0xb000ffcf), TOBN(0xbb7e65f9, 0x364ffc2c),
-     TOBN(0x7c7c9477, 0x6652a220), TOBN(0x61618f89, 0xd696c981),
-     TOBN(0x5021701d, 0x89effff3), TOBN(0xf2c8ff8e, 0x7c314163),
-     TOBN(0x2da413ad, 0x8efb4d3e), TOBN(0x937b5adf, 0xce176d95),
-     TOBN(0x22867d34, 0x2a67d51c), TOBN(0x262b9b10, 0x18eb3ac9),
-     TOBN(0x4e314fe4, 0xc43ff28b), TOBN(0x76476627, 0x6a664e7a),
-     TOBN(0x3e90e40b, 0xb7a565c2), TOBN(0x8588993a, 0xc1acf831),
-     TOBN(0xd7b501d6, 0x8f938829), TOBN(0x996627ee, 0x3edd7d4c),
-     TOBN(0x37d44a62, 0x90cd34c7), TOBN(0xa8327499, 0xf3833e8d),
-     TOBN(0x2e18917d, 0x4bf50353), TOBN(0x85dd726b, 0x556765fb),
-     TOBN(0x54fe65d6, 0x93d5ab66), TOBN(0x3ddbaced, 0x915c25fe),
-     TOBN(0xa799d9a4, 0x12f22e85), TOBN(0xe2a24867, 0x6d06f6bc),
-     TOBN(0xf4f1ee56, 0x43ca1637), TOBN(0xfda2828b, 0x61ece30a),
-     TOBN(0x758c1a3e, 0xa2dee7a6), TOBN(0xdcde2f3c, 0x734b2284),
-     TOBN(0xaba445d2, 0x4eaba6ad), TOBN(0x35aaf668, 0x76cee0a7),
-     TOBN(0x7e0b04a9, 0xe5aa049a), TOBN(0xe74083ad, 0x91103e84),
-     TOBN(0xbeb183ce, 0x40afecc3), TOBN(0x6b89de9f, 0xea043f7a),}
-    ,
-    {TOBN(0x0e299d23, 0xfe67ba66), TOBN(0x91450760, 0x93cf2f34),
-     TOBN(0xf45b5ea9, 0x97fcf913), TOBN(0x5be00843, 0x8bd7ddda),
-     TOBN(0x358c3e05, 0xd53ff04d), TOBN(0xbf7ccdc3, 0x5de91ef7),
-     TOBN(0xad684dbf, 0xb69ec1a0), TOBN(0x367e7cf2, 0x801fd997),
-     TOBN(0x0ca1f3b7, 0xb0dc8595), TOBN(0x27de4608, 0x9f1d9f2e),
-     TOBN(0x1af3bf39, 0xbadd82a7), TOBN(0x79356a79, 0x65862448),
-     TOBN(0xc0602345, 0xf5f9a052), TOBN(0x1a8b0f89, 0x139a42f9),
-     TOBN(0xb53eee42, 0x844d40fc), TOBN(0x93b0bfe5, 0x4e5b6368),
-     TOBN(0x5434dd02, 0xc024789c), TOBN(0x90dca9ea, 0x41b57bfc),
-     TOBN(0x8aa898e2, 0x243398df), TOBN(0xf607c834, 0x894a94bb),
-     TOBN(0xbb07be97, 0xc2c99b76), TOBN(0x6576ba67, 0x18c29302),
-     TOBN(0x3d79efcc, 0xe703a88c), TOBN(0xf259ced7, 0xb6a0d106),
-     TOBN(0x0f893a5d, 0xc8de610b), TOBN(0xe8c515fb, 0x67e223ce),
-     TOBN(0x7774bfa6, 0x4ead6dc5), TOBN(0x89d20f95, 0x925c728f),
-     TOBN(0x7a1e0966, 0x098583ce), TOBN(0xa2eedb94, 0x93f2a7d7),
-     TOBN(0x1b282097, 0x4c304d4a), TOBN(0x0842e3da, 0xc077282d),
-     TOBN(0xe4d972a3, 0x3b9e2d7b), TOBN(0x7cc60b27, 0xc48218ff),
-     TOBN(0x8fc70838, 0x84149d91), TOBN(0x5c04346f, 0x2f461ecc),
-     TOBN(0xebe9fdf2, 0x614650a9), TOBN(0x5e35b537, 0xc1f666ac),
-     TOBN(0x645613d1, 0x88babc83), TOBN(0x88cace3a, 0xc5e1c93e),
-     TOBN(0x209ca375, 0x3de92e23), TOBN(0xccb03cc8, 0x5fbbb6e3),
-     TOBN(0xccb90f03, 0xd7b1487e), TOBN(0xfa9c2a38, 0xc710941f),
-     TOBN(0x756c3823, 0x6724ceed), TOBN(0x3a902258, 0x192d0323),
-     TOBN(0xb150e519, 0xea5e038e), TOBN(0xdcba2865, 0xc7427591),
-     TOBN(0xe549237f, 0x78890732), TOBN(0xc443bef9, 0x53fcb4d9),
-     TOBN(0x9884d8a6, 0xeb3480d6), TOBN(0x8a35b6a1, 0x3048b186),
-     TOBN(0xb4e44716, 0x65e9a90a), TOBN(0x45bf380d, 0x653006c0),
-     TOBN(0x8f3f820d, 0x4fe9ae3b), TOBN(0x244a35a0, 0x979a3b71),
-     TOBN(0xa1010e9d, 0x74cd06ff), TOBN(0x9c17c7df, 0xaca3eeac),
-     TOBN(0x74c86cd3, 0x8063aa2b), TOBN(0x8595c4b3, 0x734614ff),
-     TOBN(0xa3de00ca, 0x990f62cc), TOBN(0xd9bed213, 0xca0c3be5),
-     TOBN(0x7886078a, 0xdf8ce9f5), TOBN(0xddb27ce3, 0x5cd44444),
-     TOBN(0xed374a66, 0x58926ddd), TOBN(0x138b2d49, 0x908015b8),
-     TOBN(0x886c6579, 0xde1f7ab8), TOBN(0x888b9aa0, 0xc3020b7a),
-     TOBN(0xd3ec034e, 0x3a96e355), TOBN(0xba65b0b8, 0xf30fbe9a),
-     TOBN(0x064c8e50, 0xff21367a), TOBN(0x1f508ea4, 0x0b04b46e),
-     TOBN(0x98561a49, 0x747c866c), TOBN(0xbbb1e5fe, 0x0518a062),
-     TOBN(0x20ff4e8b, 0xecdc3608), TOBN(0x7f55cded, 0x20184027),
-     TOBN(0x8d73ec95, 0xf38c85f0), TOBN(0x5b589fdf, 0x8bc3b8c3),
-     TOBN(0xbe95dd98, 0x0f12b66f), TOBN(0xf5bd1a09, 0x0e338e01),
-     TOBN(0x65163ae5, 0x5e915918), TOBN(0x6158d6d9, 0x86f8a46b),
-     TOBN(0x8466b538, 0xeeebf99c), TOBN(0xca8761f6, 0xbca477ef),
-     TOBN(0xaf3449c2, 0x9ebbc601), TOBN(0xef3b0f41, 0xe0c3ae2f),
-     TOBN(0xaa6c577d, 0x5de63752), TOBN(0xe9166601, 0x64682a51),
-     TOBN(0x5a3097be, 0xfc15aa1e), TOBN(0x40d12548, 0xb54b0745),
-     TOBN(0x5bad4706, 0x519a5f12), TOBN(0xed03f717, 0xa439dee6),
-     TOBN(0x0794bb6c, 0x4a02c499), TOBN(0xf725083d, 0xcffe71d2),
-     TOBN(0x2cad7519, 0x0f3adcaf), TOBN(0x7f68ea1c, 0x43729310),
-     TOBN(0xe747c8c7, 0xb7ffd977), TOBN(0xec104c35, 0x80761a22),
-     TOBN(0x8395ebaf, 0x5a3ffb83), TOBN(0xfb3261f4, 0xe4b63db7),
-     TOBN(0x53544960, 0xd883e544), TOBN(0x13520d70, 0x8cc2eeb8),
-     TOBN(0x08f6337b, 0xd3d65f99), TOBN(0x83997db2, 0x781cf95b),
-     TOBN(0xce6ff106, 0x0dbd2c01), TOBN(0x4f8eea6b, 0x1f9ce934),
-     TOBN(0x546f7c4b, 0x0e993921), TOBN(0x6236a324, 0x5e753fc7),
-     TOBN(0x65a41f84, 0xa16022e9), TOBN(0x0c18d878, 0x43d1dbb2),
-     TOBN(0x73c55640, 0x2d4cef9c), TOBN(0xa0428108, 0x70444c74),
-     TOBN(0x68e4f15e, 0x9afdfb3c), TOBN(0x49a56143, 0x5bdfb6df),
-     TOBN(0xa9bc1bd4, 0x5f823d97), TOBN(0xbceb5970, 0xea111c2a),
-     TOBN(0x366b455f, 0xb269bbc4), TOBN(0x7cd85e1e, 0xe9bc5d62),
-     TOBN(0xc743c41c, 0x4f18b086), TOBN(0xa4b40990, 0x95294fb9),
-     TOBN(0x9c7c581d, 0x26ee8382), TOBN(0xcf17dcc5, 0x359d638e),
-     TOBN(0xee8273ab, 0xb728ae3d), TOBN(0x1d112926, 0xf821f047),
-     TOBN(0x11498477, 0x50491a74), TOBN(0x687fa761, 0xfde0dfb9),
-     TOBN(0x2c258022, 0x7ea435ab), TOBN(0x6b8bdb94, 0x91ce7e3f),
-     TOBN(0x4c5b5dc9, 0x3bf834aa), TOBN(0x04371819, 0x4f6c7e4b),
-     TOBN(0xc284e00a, 0x3736bcad), TOBN(0x0d881118, 0x21ae8f8d),
-     TOBN(0xf9cf0f82, 0xf48c8e33), TOBN(0xa11fd075, 0xa1bf40db),
-     TOBN(0xdceab0de, 0xdc2733e5), TOBN(0xc560a8b5, 0x8e986bd7),
-     TOBN(0x48dd1fe2, 0x3929d097), TOBN(0x3885b290, 0x92f188f1),
-     TOBN(0x0f2ae613, 0xda6fcdac), TOBN(0x9054303e, 0xb662a46c),
-     TOBN(0xb6871e44, 0x0738042a), TOBN(0x98e6a977, 0xbdaf6449),
-     TOBN(0xd8bc0650, 0xd1c9df1b), TOBN(0xef3d6451, 0x36e098f9),
-     TOBN(0x03fbae82, 0xb6d72d28), TOBN(0x77ca9db1, 0xf5d84080),
-     TOBN(0x8a112cff, 0xa58efc1c), TOBN(0x518d761c, 0xc564cb4a),
-     TOBN(0x69b5740e, 0xf0d1b5ce), TOBN(0x717039cc, 0xe9eb1785),
-     TOBN(0x3fe29f90, 0x22f53382), TOBN(0x8e54ba56, 0x6bc7c95c),
-     TOBN(0x9c806d8a, 0xf7f91d0f), TOBN(0x3b61b0f1, 0xa82a5728),
-     TOBN(0x4640032d, 0x94d76754), TOBN(0x273eb5de, 0x47d834c6),
-     TOBN(0x2988abf7, 0x7b4e4d53), TOBN(0xb7ce66bf, 0xde401777),
-     TOBN(0x9fba6b32, 0x715071b3), TOBN(0x82413c24, 0xad3a1a98),
-     TOBN(0x5b7fc8c4, 0xe0e8ad93), TOBN(0xb5679aee, 0x5fab868d),
-     TOBN(0xb1f9d2fa, 0x2b3946f3), TOBN(0x458897dc, 0x5685b50a),
-     TOBN(0x1e98c930, 0x89d0caf3), TOBN(0x39564c5f, 0x78642e92),
-     TOBN(0x1b77729a, 0x0dbdaf18), TOBN(0xf9170722, 0x579e82e6),
-     TOBN(0x680c0317, 0xe4515fa5), TOBN(0xf85cff84, 0xfb0c790f),
-     TOBN(0xc7a82aab, 0x6d2e0765), TOBN(0x7446bca9, 0x35c82b32),
-     TOBN(0x5de607aa, 0x6d63184f), TOBN(0x7c1a46a8, 0x262803a6),
-     TOBN(0xd218313d, 0xaebe8035), TOBN(0x92113ffd, 0xc73c51f8),
-     TOBN(0x4b38e083, 0x12e7e46c), TOBN(0x69d0a37a, 0x56126bd5),
-     TOBN(0xfb3f324b, 0x73c07e04), TOBN(0xa0c22f67, 0x8fda7267),
-     TOBN(0x8f2c0051, 0x4d2c7d8f), TOBN(0xbc45ced3, 0xcbe2cae5),
-     TOBN(0xe1c6cf07, 0xa8f0f277), TOBN(0xbc392312, 0x1eb99a98),
-     TOBN(0x75537b7e, 0x3cc8ac85), TOBN(0x8d725f57, 0xdd02753b),
-     TOBN(0xfd05ff64, 0xb737df2f), TOBN(0x55fe8712, 0xf6d2531d),
-     TOBN(0x57ce04a9, 0x6ab6b01c), TOBN(0x69a02a89, 0x7cd93724),
-     TOBN(0x4f82ac35, 0xcf86699b), TOBN(0x8242d3ad, 0x9cb4b232),
-     TOBN(0x713d0f65, 0xd62105e5), TOBN(0xbb222bfa, 0x2d29be61),
-     TOBN(0xf2f9a79e, 0x6cfbef09), TOBN(0xfc24d8d3, 0xd5d6782f),
-     TOBN(0x5db77085, 0xd4129967), TOBN(0xdb81c3cc, 0xdc3c2a43),
-     TOBN(0x9d655fc0, 0x05d8d9a3), TOBN(0x3f5d057a, 0x54298026),
-     TOBN(0x1157f56d, 0x88c54694), TOBN(0xb26baba5, 0x9b09573e),
-     TOBN(0x2cab03b0, 0x22adffd1), TOBN(0x60a412c8, 0xdd69f383),
-     TOBN(0xed76e98b, 0x54b25039), TOBN(0xd4ee67d3, 0x687e714d),
-     TOBN(0x87739648, 0x7b00b594), TOBN(0xce419775, 0xc9ef709b),
-     TOBN(0x40f76f85, 0x1c203a40), TOBN(0x30d352d6, 0xeafd8f91),
-     TOBN(0xaf196d3d, 0x95578dd2), TOBN(0xea4bb3d7, 0x77cc3f3d),
-     TOBN(0x42a5bd03, 0xb98e782b), TOBN(0xac958c40, 0x0624920d),
-     TOBN(0xb838134c, 0xfc56fcc8), TOBN(0x86ec4ccf, 0x89572e5e),
-     TOBN(0x69c43526, 0x9be47be0), TOBN(0x323b7dd8, 0xcb28fea1),
-     TOBN(0xfa5538ba, 0x3a6c67e5), TOBN(0xef921d70, 0x1d378e46),
-     TOBN(0xf92961fc, 0x3c4b880e), TOBN(0x3f6f914e, 0x98940a67),
-     TOBN(0xa990eb0a, 0xfef0ff39), TOBN(0xa6c2920f, 0xf0eeff9c),
-     TOBN(0xca804166, 0x51b8d9a3), TOBN(0x42531bc9, 0x0ffb0db1),
-     TOBN(0x72ce4718, 0xaa82e7ce), TOBN(0x6e199913, 0xdf574741),
-     TOBN(0xd5f1b13d, 0xd5d36946), TOBN(0x8255dc65, 0xf68f0194),
-     TOBN(0xdc9df4cd, 0x8710d230), TOBN(0x3453c20f, 0x138c1988),
-     TOBN(0x9af98dc0, 0x89a6ef01), TOBN(0x4dbcc3f0, 0x9857df85),
-     TOBN(0x34805601, 0x5c1ad924), TOBN(0x40448da5, 0xd0493046),
-     TOBN(0xf629926d, 0x4ee343e2), TOBN(0x6343f1bd, 0x90e8a301),
-     TOBN(0xefc93491, 0x40815b3f), TOBN(0xf882a423, 0xde8f66fb),
-     TOBN(0x3a12d5f4, 0xe7db9f57), TOBN(0x7dfba38a, 0x3c384c27),
-     TOBN(0x7a904bfd, 0x6fc660b1), TOBN(0xeb6c5db3, 0x2773b21c),
-     TOBN(0xc350ee66, 0x1cdfe049), TOBN(0x9baac0ce, 0x44540f29),
-     TOBN(0xbc57b6ab, 0xa5ec6aad), TOBN(0x167ce8c3, 0x0a7c1baa),
-     TOBN(0xb23a03a5, 0x53fb2b56), TOBN(0x6ce141e7, 0x4e057f78),
-     TOBN(0x796525c3, 0x89e490d9), TOBN(0x0bc95725, 0xa31a7e75),
-     TOBN(0x1ec56791, 0x1220fd06), TOBN(0x716e3a3c, 0x408b0bd6),
-     TOBN(0x31cd6bf7, 0xe8ebeba9), TOBN(0xa7326ca6, 0xbee6b670),
-     TOBN(0x3d9f851c, 0xcd090c43), TOBN(0x561e8f13, 0xf12c3988),
-     TOBN(0x50490b6a, 0x904b7be4), TOBN(0x61690ce1, 0x0410737b),
-     TOBN(0x299e9a37, 0x0f009052), TOBN(0x258758f0, 0xf026092e),
-     TOBN(0x9fa255f3, 0xfdfcdc0f), TOBN(0xdbc9fb1f, 0xc0e1bcd2),
-     TOBN(0x35f9dd6e, 0x24651840), TOBN(0xdca45a84, 0xa5c59abc),
-     TOBN(0x103d396f, 0xecca4938), TOBN(0x4532da0a, 0xb97b3f29),
-     TOBN(0xc4135ea5, 0x1999a6bf), TOBN(0x3aa9505a, 0x5e6bf2ee),
-     TOBN(0xf77cef06, 0x3f5be093), TOBN(0x97d1a0f8, 0xa943152e),
-     TOBN(0x2cb0ebba, 0x2e1c21dd), TOBN(0xf41b29fc, 0x2c6797c4),
-     TOBN(0xc6e17321, 0xb300101f), TOBN(0x4422b0e9, 0xd0d79a89),
-     TOBN(0x49e4901c, 0x92f1bfc4), TOBN(0x06ab1f8f, 0xe1e10ed9),
-     TOBN(0x84d35577, 0xdb2926b8), TOBN(0xca349d39, 0x356e8ec2),
-     TOBN(0x70b63d32, 0x343bf1a9), TOBN(0x8fd3bd28, 0x37d1a6b1),
-     TOBN(0x0454879c, 0x316865b4), TOBN(0xee959ff6, 0xc458efa2),
-     TOBN(0x0461dcf8, 0x9706dc3f), TOBN(0x737db0e2, 0x164e4b2e),
-     TOBN(0x09262680, 0x2f8843c8), TOBN(0x54498bbc, 0x7745e6f6),
-     TOBN(0x359473fa, 0xa29e24af), TOBN(0xfcc3c454, 0x70aa87a1),
-     TOBN(0xfd2c4bf5, 0x00573ace), TOBN(0xb65b514e, 0x28dd1965),
-     TOBN(0xe46ae7cf, 0x2193e393), TOBN(0x60e9a4e1, 0xf5444d97),
-     TOBN(0xe7594e96, 0x00ff38ed), TOBN(0x43d84d2f, 0x0a0e0f02),
-     TOBN(0x8b6db141, 0xee398a21), TOBN(0xb88a56ae, 0xe3bcc5be),
-     TOBN(0x0a1aa52f, 0x373460ea), TOBN(0x20da1a56, 0x160bb19b),
-     TOBN(0xfb54999d, 0x65bf0384), TOBN(0x71a14d24, 0x5d5a180e),
-     TOBN(0xbc44db7b, 0x21737b04), TOBN(0xd84fcb18, 0x01dd8e92),
-     TOBN(0x80de937b, 0xfa44b479), TOBN(0x53505499, 0x5c98fd4f),
-     TOBN(0x1edb12ab, 0x28f08727), TOBN(0x4c58b582, 0xa5f3ef53),
-     TOBN(0xbfb236d8, 0x8327f246), TOBN(0xc3a3bfaa, 0x4d7df320),
-     TOBN(0xecd96c59, 0xb96024f2), TOBN(0xfc293a53, 0x7f4e0433),
-     TOBN(0x5341352b, 0x5acf6e10), TOBN(0xc50343fd, 0xafe652c3),
-     TOBN(0x4af3792d, 0x18577a7f), TOBN(0xe1a4c617, 0xaf16823d),
-     TOBN(0x9b26d0cd, 0x33425d0a), TOBN(0x306399ed, 0x9b7bc47f),
-     TOBN(0x2a792f33, 0x706bb20b), TOBN(0x31219614, 0x98111055),
-     TOBN(0x864ec064, 0x87f5d28b), TOBN(0x11392d91, 0x962277fd),
-     TOBN(0xb5aa7942, 0xbb6aed5f), TOBN(0x080094dc, 0x47e799d9),
-     TOBN(0x4afa588c, 0x208ba19b), TOBN(0xd3e7570f, 0x8512f284),
-     TOBN(0xcbae64e6, 0x02f5799a), TOBN(0xdeebe7ef, 0x514b9492),
-     TOBN(0x30300f98, 0xe5c298ff), TOBN(0x17f561be, 0x3678361f),
-     TOBN(0xf52ff312, 0x98cb9a16), TOBN(0x6233c3bc, 0x5562d490),
-     TOBN(0x7bfa15a1, 0x92e3a2cb), TOBN(0x961bcfd1, 0xe6365119),
-     TOBN(0x3bdd29bf, 0x2c8c53b1), TOBN(0x739704df, 0x822844ba),
-     TOBN(0x7dacfb58, 0x7e7b754b), TOBN(0x23360791, 0xa806c9b9),
-     TOBN(0xe7eb88c9, 0x23504452), TOBN(0x2983e996, 0x852c1783),
-     TOBN(0xdd4ae529, 0x958d881d), TOBN(0x026bae03, 0x262c7b3c),
-     TOBN(0x3a6f9193, 0x960b52d1), TOBN(0xd0980f90, 0x92696cfb),
-     TOBN(0x4c1f428c, 0xd5f30851), TOBN(0x94dfed27, 0x2a4f6630),
-     TOBN(0x4df53772, 0xfc5d48a4), TOBN(0xdd2d5a2f, 0x933260ce),
-     TOBN(0x574115bd, 0xd44cc7a5), TOBN(0x4ba6b20d, 0xbd12533a),
-     TOBN(0x30e93cb8, 0x243057c9), TOBN(0x794c486a, 0x14de320e),
-     TOBN(0xe925d4ce, 0xf21496e4), TOBN(0xf951d198, 0xec696331),
-     TOBN(0x9810e2de, 0x3e8d812f), TOBN(0xd0a47259, 0x389294ab),
-     TOBN(0x513ba2b5, 0x0e3bab66), TOBN(0x462caff5, 0xabad306f),
-     TOBN(0xe2dc6d59, 0xaf04c49e), TOBN(0x1aeb8750, 0xe0b84b0b),
-     TOBN(0xc034f12f, 0x2f7d0ca2), TOBN(0x6d2e8128, 0xe06acf2f),
-     TOBN(0x801f4f83, 0x21facc2f), TOBN(0xa1170c03, 0xf40ef607),
-     TOBN(0xfe0a1d4f, 0x7805a99c), TOBN(0xbde56a36, 0xcc26aba5),
-     TOBN(0x5b1629d0, 0x35531f40), TOBN(0xac212c2b, 0x9afa6108),
-     TOBN(0x30a06bf3, 0x15697be5), TOBN(0x6f0545dc, 0x2c63c7c1),
-     TOBN(0x5d8cb842, 0x7ccdadaf), TOBN(0xd52e379b, 0xac7015bb),
-     TOBN(0xc4f56147, 0xf462c23e), TOBN(0xd44a4298, 0x46bc24b0),
-     TOBN(0xbc73d23a, 0xe2856d4f), TOBN(0x61cedd8c, 0x0832bcdf),
-     TOBN(0x60953556, 0x99f241d7), TOBN(0xee4adbd7, 0x001a349d),
-     TOBN(0x0b35bf6a, 0xaa89e491), TOBN(0x7f0076f4, 0x136f7546),
-     TOBN(0xd19a18ba, 0x9264da3d), TOBN(0x6eb2d2cd, 0x62a7a28b),
-     TOBN(0xcdba941f, 0x8761c971), TOBN(0x1550518b, 0xa3be4a5d),
-     TOBN(0xd0e8e2f0, 0x57d0b70c), TOBN(0xeea8612e, 0xcd133ba3),
-     TOBN(0x814670f0, 0x44416aec), TOBN(0x424db6c3, 0x30775061),
-     TOBN(0xd96039d1, 0x16213fd1), TOBN(0xc61e7fa5, 0x18a3478f),
-     TOBN(0xa805bdcc, 0xcb0c5021), TOBN(0xbdd6f3a8, 0x0cc616dd),
-     TOBN(0x06009667, 0x5d97f7e2), TOBN(0x31db0fc1, 0xaf0bf4b6),
-     TOBN(0x23680ed4, 0x5491627a), TOBN(0xb99a3c66, 0x7d741fb1),
-     TOBN(0xe9bb5f55, 0x36b1ff92), TOBN(0x29738577, 0x512b388d),
-     TOBN(0xdb8a2ce7, 0x50fcf263), TOBN(0x385346d4, 0x6c4f7b47),
-     TOBN(0xbe86c5ef, 0x31631f9e), TOBN(0xbf91da21, 0x03a57a29),
-     TOBN(0xc3b1f796, 0x7b23f821), TOBN(0x0f7d00d2, 0x770db354),
-     TOBN(0x8ffc6c3b, 0xd8fe79da), TOBN(0xcc5e8c40, 0xd525c996),
-     TOBN(0x4640991d, 0xcfff632a), TOBN(0x64d97e8c, 0x67112528),
-     TOBN(0xc232d973, 0x02f1cd1e), TOBN(0xce87eacb, 0x1dd212a4),
-     TOBN(0x6e4c8c73, 0xe69802f7), TOBN(0x12ef0290, 0x1fffddbd),
-     TOBN(0x941ec74e, 0x1bcea6e2), TOBN(0xd0b54024, 0x3cb92cbb),
-     TOBN(0x809fb9d4, 0x7e8f9d05), TOBN(0x3bf16159, 0xf2992aae),
-     TOBN(0xad40f279, 0xf8a7a838), TOBN(0x11aea631, 0x05615660),
-     TOBN(0xbf52e6f1, 0xa01f6fa1), TOBN(0xef046995, 0x3dc2aec9),
-     TOBN(0x785dbec9, 0xd8080711), TOBN(0xe1aec60a, 0x9fdedf76),
-     TOBN(0xece797b5, 0xfa21c126), TOBN(0xc66e898f, 0x05e52732),
-     TOBN(0x39bb69c4, 0x08811fdb), TOBN(0x8bfe1ef8, 0x2fc7f082),
-     TOBN(0xc8e7a393, 0x174f4138), TOBN(0xfba8ad1d, 0xd58d1f98),
-     TOBN(0xbc21d0ce, 0xbfd2fd5b), TOBN(0x0b839a82, 0x6ee60d61),
-     TOBN(0xaacf7658, 0xafd22253), TOBN(0xb526bed8, 0xaae396b3),
-     TOBN(0xccc1bbc2, 0x38564464), TOBN(0x9e3ff947, 0x8c45bc73),
-     TOBN(0xcde9bca3, 0x58188a78), TOBN(0x138b8ee0, 0xd73bf8f7),
-     TOBN(0x5c7e234c, 0x4123c489), TOBN(0x66e69368, 0xfa643297),
-     TOBN(0x0629eeee, 0x39a15fa3), TOBN(0x95fab881, 0xa9e2a927),
-     TOBN(0xb2497007, 0xeafbb1e1), TOBN(0xd75c9ce6, 0xe75b7a93),
-     TOBN(0x3558352d, 0xefb68d78), TOBN(0xa2f26699, 0x223f6396),
-     TOBN(0xeb911ecf, 0xe469b17a), TOBN(0x62545779, 0xe72d3ec2),
-     TOBN(0x8ea47de7, 0x82cb113f), TOBN(0xebe4b086, 0x4e1fa98d),
-     TOBN(0xec2d5ed7, 0x8cdfedb1), TOBN(0xa535c077, 0xfe211a74),
-     TOBN(0x9678109b, 0x11d244c5), TOBN(0xf17c8bfb, 0xbe299a76),
-     TOBN(0xb651412e, 0xfb11fbc4), TOBN(0xea0b5482, 0x94ab3f65),
-     TOBN(0xd8dffd95, 0x0cf78243), TOBN(0x2e719e57, 0xce0361d4),
-     TOBN(0x9007f085, 0x304ddc5b), TOBN(0x095e8c6d, 0x4daba2ea),
-     TOBN(0x5a33cdb4, 0x3f9d28a9), TOBN(0x85b95cd8, 0xe2283003),
-     TOBN(0xbcd6c819, 0xb9744733), TOBN(0x29c5f538, 0xfc7f5783),
-     TOBN(0x6c49b2fa, 0xd59038e4), TOBN(0x68349cc1, 0x3bbe1018),
-     TOBN(0xcc490c1d, 0x21830ee5), TOBN(0x36f9c4ee, 0xe9bfa297),
-     TOBN(0x58fd7294, 0x48de1a94), TOBN(0xaadb13a8, 0x4e8f2cdc),
-     TOBN(0x515eaaa0, 0x81313dba), TOBN(0xc76bb468, 0xc2152dd8),
-     TOBN(0x357f8d75, 0xa653dbf8), TOBN(0xe4d8c4d1, 0xb14ac143),
-     TOBN(0xbdb8e675, 0xb055cb40), TOBN(0x898f8e7b, 0x977b5167),
-     TOBN(0xecc65651, 0xb82fb863), TOBN(0x56544814, 0x6d88f01f),
-     TOBN(0xb0928e95, 0x263a75a9), TOBN(0xcfb6836f, 0x1a22fcda),
-     TOBN(0x651d14db, 0x3f3bd37c), TOBN(0x1d3837fb, 0xb6ad4664),
-     TOBN(0x7c5fb538, 0xff4f94ab), TOBN(0x7243c712, 0x6d7fb8f2),
-     TOBN(0xef13d60c, 0xa85c5287), TOBN(0x18cfb7c7, 0x4bb8dd1b),
-     TOBN(0x82f9bfe6, 0x72908219), TOBN(0x35c4592b, 0x9d5144ab),
-     TOBN(0x52734f37, 0x9cf4b42f), TOBN(0x6bac55e7, 0x8c60ddc4),
-     TOBN(0xb5cd811e, 0x94dea0f6), TOBN(0x259ecae4, 0xe18cc1a3),
-     TOBN(0x6a0e836e, 0x15e660f8), TOBN(0x6c639ea6, 0x0e02bff2),
-     TOBN(0x8721b8cb, 0x7e1026fd), TOBN(0x9e73b50b, 0x63261942),
-     TOBN(0xb8c70974, 0x77f01da3), TOBN(0x1839e6a6, 0x8268f57f),
-     TOBN(0x571b9415, 0x5150b805), TOBN(0x1892389e, 0xf92c7097),
-     TOBN(0x8d69c18e, 0x4a084b95), TOBN(0x7014c512, 0xbe5b495c),
-     TOBN(0x4780db36, 0x1b07523c), TOBN(0x2f6219ce, 0x2c1c64fa),
-     TOBN(0xc38b81b0, 0x602c105a), TOBN(0xab4f4f20, 0x5dc8e360),
-     TOBN(0x20d3c982, 0xcf7d62d2), TOBN(0x1f36e29d, 0x23ba8150),
-     TOBN(0x48ae0bf0, 0x92763f9e), TOBN(0x7a527e6b, 0x1d3a7007),
-     TOBN(0xb4a89097, 0x581a85e3), TOBN(0x1f1a520f, 0xdc158be5),
-     TOBN(0xf98db37d, 0x167d726e), TOBN(0x8802786e, 0x1113e862)}
-    ,
-    {TOBN(0xefb2149e, 0x36f09ab0), TOBN(0x03f163ca, 0x4a10bb5b),
-     TOBN(0xd0297045, 0x06e20998), TOBN(0x56f0af00, 0x1b5a3bab),
-     TOBN(0x7af4cfec, 0x70880e0d), TOBN(0x7332a66f, 0xbe3d913f),
-     TOBN(0x32e6c84a, 0x7eceb4bd), TOBN(0xedc4a79a, 0x9c228f55),
-     TOBN(0xc37c7dd0, 0xc55c4496), TOBN(0xa6a96357, 0x25bbabd2),
-     TOBN(0x5b7e63f2, 0xadd7f363), TOBN(0x9dce3782, 0x2e73f1df),
-     TOBN(0xe1e5a16a, 0xb2b91f71), TOBN(0xe4489823, 0x5ba0163c),
-     TOBN(0xf2759c32, 0xf6e515ad), TOBN(0xa5e2f1f8, 0x8615eecf),
-     TOBN(0x74519be7, 0xabded551), TOBN(0x03d358b8, 0xc8b74410),
-     TOBN(0x4d00b10b, 0x0e10d9a9), TOBN(0x6392b0b1, 0x28da52b7),
-     TOBN(0x6744a298, 0x0b75c904), TOBN(0xc305b0ae, 0xa8f7f96c),
-     TOBN(0x042e421d, 0x182cf932), TOBN(0xf6fc5d50, 0x9e4636ca),
-     TOBN(0x795847c9, 0xd64cc78c), TOBN(0x6c50621b, 0x9b6cb27b),
-     TOBN(0x07099bf8, 0xdf8022ab), TOBN(0x48f862eb, 0xc04eda1d),
-     TOBN(0xd12732ed, 0xe1603c16), TOBN(0x19a80e0f, 0x5c9a9450),
-     TOBN(0xe2257f54, 0xb429b4fc), TOBN(0x66d3b2c6, 0x45460515),
-     TOBN(0x6ca4f87e, 0x822e37be), TOBN(0x73f237b4, 0x253bda4e),
-     TOBN(0xf747f3a2, 0x41190aeb), TOBN(0xf06fa36f, 0x804cf284),
-     TOBN(0x0a6bbb6e, 0xfc621c12), TOBN(0x5d624b64, 0x40b80ec6),
-     TOBN(0x4b072425, 0x7ba556f3), TOBN(0x7fa0c354, 0x3e2d20a8),
-     TOBN(0xe921fa31, 0xe3229d41), TOBN(0xa929c652, 0x94531bd4),
-     TOBN(0x84156027, 0xa6d38209), TOBN(0xf3d69f73, 0x6bdb97bd),
-     TOBN(0x8906d19a, 0x16833631), TOBN(0x68a34c2e, 0x03d51be3),
-     TOBN(0xcb59583b, 0x0e511cd8), TOBN(0x99ce6bfd, 0xfdc132a8),
-     TOBN(0x3facdaaa, 0xffcdb463), TOBN(0x658bbc1a, 0x34a38b08),
-     TOBN(0x12a801f8, 0xf1a9078d), TOBN(0x1567bcf9, 0x6ab855de),
-     TOBN(0xe08498e0, 0x3572359b), TOBN(0xcf0353e5, 0x8659e68b),
-     TOBN(0xbb86e9c8, 0x7d23807c), TOBN(0xbc08728d, 0x2198e8a2),
-     TOBN(0x8de2b7bc, 0x453cadd6), TOBN(0x203900a7, 0xbc0bc1f8),
-     TOBN(0xbcd86e47, 0xa6abd3af), TOBN(0x911cac12, 0x8502effb),
-     TOBN(0x2d550242, 0xec965469), TOBN(0x0e9f7692, 0x29e0017e),
-     TOBN(0x633f078f, 0x65979885), TOBN(0xfb87d449, 0x4cf751ef),
-     TOBN(0xe1790e4b, 0xfc25419a), TOBN(0x36467203, 0x4bff3cfd),
-     TOBN(0xc8db6386, 0x25b6e83f), TOBN(0x6cc69f23, 0x6cad6fd2),
-     TOBN(0x0219e45a, 0x6bc68bb9), TOBN(0xe43d79b6, 0x297f7334),
-     TOBN(0x7d445368, 0x465dc97c), TOBN(0x4b9eea32, 0x2a0b949a),
-     TOBN(0x1b96c6ba, 0x6102d021), TOBN(0xeaafac78, 0x2f4461ea),
-     TOBN(0xd4b85c41, 0xc49f19a8), TOBN(0x275c28e4, 0xcf538875),
-     TOBN(0x35451a9d, 0xdd2e54e0), TOBN(0x6991adb5, 0x0605618b),
-     TOBN(0x5b8b4bcd, 0x7b36cd24), TOBN(0x372a4f8c, 0x56f37216),
-     TOBN(0xc890bd73, 0xa6a5da60), TOBN(0x6f083da0, 0xdc4c9ff0),
-     TOBN(0xf4e14d94, 0xf0536e57), TOBN(0xf9ee1eda, 0xaaec8243),
-     TOBN(0x571241ec, 0x8bdcf8e7), TOBN(0xa5db8271, 0x0b041e26),
-     TOBN(0x9a0b9a99, 0xe3fff040), TOBN(0xcaaf21dd, 0x7c271202),
-     TOBN(0xb4e2b2e1, 0x4f0dd2e8), TOBN(0xe77e7c4f, 0x0a377ac7),
-     TOBN(0x69202c3f, 0x0d7a2198), TOBN(0xf759b7ff, 0x28200eb8),
-     TOBN(0xc87526ed, 0xdcfe314e), TOBN(0xeb84c524, 0x53d5cf99),
-     TOBN(0xb1b52ace, 0x515138b6), TOBN(0x5aa7ff8c, 0x23fca3f4),
-     TOBN(0xff0b13c3, 0xb9791a26), TOBN(0x960022da, 0xcdd58b16),
-     TOBN(0xdbd55c92, 0x57aad2de), TOBN(0x3baaaaa3, 0xf30fe619),
-     TOBN(0x9a4b2346, 0x0d881efd), TOBN(0x506416c0, 0x46325e2a),
-     TOBN(0x91381e76, 0x035c18d4), TOBN(0xb3bb68be, 0xf27817b0),
-     TOBN(0x15bfb8bf, 0x5116f937), TOBN(0x7c64a586, 0xc1268943),
-     TOBN(0x71e25cc3, 0x8419a2c8), TOBN(0x9fd6b0c4, 0x8335f463),
-     TOBN(0x4bf0ba3c, 0xe8ee0e0e), TOBN(0x6f6fba60, 0x298c21fa),
-     TOBN(0x57d57b39, 0xae66bee0), TOBN(0x292d5130, 0x22672544),
-     TOBN(0xf451105d, 0xbab093b3), TOBN(0x012f59b9, 0x02839986),
-     TOBN(0x8a915802, 0x3474a89c), TOBN(0x048c919c, 0x2de03e97),
-     TOBN(0xc476a2b5, 0x91071cd5), TOBN(0x791ed89a, 0x034970a5),
-     TOBN(0x89bd9042, 0xe1b7994b), TOBN(0x8eaf5179, 0xa1057ffd),
-     TOBN(0x6066e2a2, 0xd551ee10), TOBN(0x87a8f1d8, 0x727e09a6),
-     TOBN(0x00d08bab, 0x2c01148d), TOBN(0x6da8e4f1, 0x424f33fe),
-     TOBN(0x466d17f0, 0xcf9a4e71), TOBN(0xff502010, 0x3bf5cb19),
-     TOBN(0xdccf97d8, 0xd062ecc0), TOBN(0x80c0d9af, 0x81d80ac4),
-     TOBN(0xe87771d8, 0x033f2876), TOBN(0xb0186ec6, 0x7d5cc3db),
-     TOBN(0x58e8bb80, 0x3bc9bc1d), TOBN(0x4d1395cc, 0x6f6ef60e),
-     TOBN(0xa73c62d6, 0x186244a0), TOBN(0x918e5f23, 0x110a5b53),
-     TOBN(0xed4878ca, 0x741b7eab), TOBN(0x3038d71a, 0xdbe03e51),
-     TOBN(0x840204b7, 0xa93c3246), TOBN(0x21ab6069, 0xa0b9b4cd),
-     TOBN(0xf5fa6e2b, 0xb1d64218), TOBN(0x1de6ad0e, 0xf3d56191),
-     TOBN(0x570aaa88, 0xff1929c7), TOBN(0xc6df4c6b, 0x640e87b5),
-     TOBN(0xde8a74f2, 0xc65f0ccc), TOBN(0x8b972fd5, 0xe6f6cc01),
-     TOBN(0x3fff36b6, 0x0b846531), TOBN(0xba7e45e6, 0x10a5e475),
-     TOBN(0x84a1d10e, 0x4145b6c5), TOBN(0xf1f7f91a, 0x5e046d9d),
-     TOBN(0x0317a692, 0x44de90d7), TOBN(0x951a1d4a, 0xf199c15e),
-     TOBN(0x91f78046, 0xc9d73deb), TOBN(0x74c82828, 0xfab8224f),
-     TOBN(0xaa6778fc, 0xe7560b90), TOBN(0xb4073e61, 0xa7e824ce),
-     TOBN(0xff0d693c, 0xd642eba8), TOBN(0x7ce2e57a, 0x5dccef38),
-     TOBN(0x89c2c789, 0x1df1ad46), TOBN(0x83a06922, 0x098346fd),
-     TOBN(0x2d715d72, 0xda2fc177), TOBN(0x7b6dd71d, 0x85b6cf1d),
-     TOBN(0xc60a6d0a, 0x73fa9cb0), TOBN(0xedd3992e, 0x328bf5a9),
-     TOBN(0xc380ddd0, 0x832c8c82), TOBN(0xd182d410, 0xa2a0bf50),
-     TOBN(0x7d9d7438, 0xd9a528db), TOBN(0xe8b1a0e9, 0xcaf53994),
-     TOBN(0xddd6e5fe, 0x0e19987c), TOBN(0xacb8df03, 0x190b059d),
-     TOBN(0x53703a32, 0x8300129f), TOBN(0x1f637662, 0x68c43bfd),
-     TOBN(0xbcbd1913, 0x00e54051), TOBN(0x812fcc62, 0x7bf5a8c5),
-     TOBN(0x3f969d5f, 0x29fb85da), TOBN(0x72f4e00a, 0x694759e8),
-     TOBN(0x426b6e52, 0x790726b7), TOBN(0x617bbc87, 0x3bdbb209),
-     TOBN(0x511f8bb9, 0x97aee317), TOBN(0x812a4096, 0xe81536a8),
-     TOBN(0x137dfe59, 0x3ac09b9b), TOBN(0x0682238f, 0xba8c9a7a),
-     TOBN(0x7072ead6, 0xaeccb4bd), TOBN(0x6a34e9aa, 0x692ba633),
-     TOBN(0xc82eaec2, 0x6fff9d33), TOBN(0xfb753512, 0x1d4d2b62),
-     TOBN(0x1a0445ff, 0x1d7aadab), TOBN(0x65d38260, 0xd5f6a67c),
-     TOBN(0x6e62fb08, 0x91cfb26f), TOBN(0xef1e0fa5, 0x5c7d91d6),
-     TOBN(0x47e7c7ba, 0x33db72cd), TOBN(0x017cbc09, 0xfa7c74b2),
-     TOBN(0x3c931590, 0xf50a503c), TOBN(0xcac54f60, 0x616baa42),
-     TOBN(0x9b6cd380, 0xb2369f0f), TOBN(0x97d3a70d, 0x23c76151),
-     TOBN(0x5f9dd6fc, 0x9862a9c6), TOBN(0x044c4ab2, 0x12312f51),
-     TOBN(0x035ea0fd, 0x834a2ddc), TOBN(0x49e6b862, 0xcc7b826d),
-     TOBN(0xb03d6883, 0x62fce490), TOBN(0x62f2497a, 0xb37e36e9),
-     TOBN(0x04b005b6, 0xc6458293), TOBN(0x36bb5276, 0xe8d10af7),
-     TOBN(0xacf2dc13, 0x8ee617b8), TOBN(0x470d2d35, 0xb004b3d4),
-     TOBN(0x06790832, 0xfeeb1b77), TOBN(0x2bb75c39, 0x85657f9c),
-     TOBN(0xd70bd4ed, 0xc0f60004), TOBN(0xfe797ecc, 0x219b018b),
-     TOBN(0x9b5bec2a, 0x753aebcc), TOBN(0xdaf9f3dc, 0xc939eca5),
-     TOBN(0xd6bc6833, 0xd095ad09), TOBN(0x98abdd51, 0xdaa4d2fc),
-     TOBN(0xd9840a31, 0x8d168be5), TOBN(0xcf7c10e0, 0x2325a23c),
-     TOBN(0xa5c02aa0, 0x7e6ecfaf), TOBN(0x2462e7e6, 0xb5bfdf18),
-     TOBN(0xab2d8a8b, 0xa0cc3f12), TOBN(0x68dd485d, 0xbc672a29),
-     TOBN(0x72039752, 0x596f2cd3), TOBN(0x5d3eea67, 0xa0cf3d8d),
-     TOBN(0x810a1a81, 0xe6602671), TOBN(0x8f144a40, 0x14026c0c),
-     TOBN(0xbc753a6d, 0x76b50f85), TOBN(0xc4dc21e8, 0x645cd4a4),
-     TOBN(0xc5262dea, 0x521d0378), TOBN(0x802b8e0e, 0x05011c6f),
-     TOBN(0x1ba19cbb, 0x0b4c19ea), TOBN(0x21db64b5, 0xebf0aaec),
-     TOBN(0x1f394ee9, 0x70342f9d), TOBN(0x93a10aee, 0x1bc44a14),
-     TOBN(0xa7eed31b, 0x3efd0baa), TOBN(0x6e7c824e, 0x1d154e65),
-     TOBN(0xee23fa81, 0x9966e7ee), TOBN(0x64ec4aa8, 0x05b7920d),
-     TOBN(0x2d44462d, 0x2d90aad4), TOBN(0xf44dd195, 0xdf277ad5),
-     TOBN(0x8d6471f1, 0xbb46b6a1), TOBN(0x1e65d313, 0xfd885090),
-     TOBN(0x33a800f5, 0x13a977b4), TOBN(0xaca9d721, 0x0797e1ef),
-     TOBN(0x9a5a85a0, 0xfcff6a17), TOBN(0x9970a3f3, 0x1eca7cee),
-     TOBN(0xbb9f0d6b, 0xc9504be3), TOBN(0xe0c504be, 0xadd24ee2),
-     TOBN(0x7e09d956, 0x77fcc2f4), TOBN(0xef1a5227, 0x65bb5fc4),
-     TOBN(0x145d4fb1, 0x8b9286aa), TOBN(0x66fd0c5d, 0x6649028b),
-     TOBN(0x98857ceb, 0x1bf4581c), TOBN(0xe635e186, 0xaca7b166),
-     TOBN(0x278ddd22, 0x659722ac), TOBN(0xa0903c4c, 0x1db68007),
-     TOBN(0x366e4589, 0x48f21402), TOBN(0x31b49c14, 0xb96abda2),
-     TOBN(0x329c4b09, 0xe0403190), TOBN(0x97197ca3, 0xd29f43fe),
-     TOBN(0x8073dd1e, 0x274983d8), TOBN(0xda1a3bde, 0x55717c8f),
-     TOBN(0xfd3d4da2, 0x0361f9d1), TOBN(0x1332d081, 0x4c7de1ce),
-     TOBN(0x9b7ef7a3, 0xaa6d0e10), TOBN(0x17db2e73, 0xf54f1c4a),
-     TOBN(0xaf3dffae, 0x4cd35567), TOBN(0xaaa2f406, 0xe56f4e71),
-     TOBN(0x8966759e, 0x7ace3fc7), TOBN(0x9594eacf, 0x45a8d8c6),
-     TOBN(0x8de3bd8b, 0x91834e0e), TOBN(0xafe4ca53, 0x548c0421),
-     TOBN(0xfdd7e856, 0xe6ee81c6), TOBN(0x8f671beb, 0x6b891a3a),
-     TOBN(0xf7a58f2b, 0xfae63829), TOBN(0x9ab186fb, 0x9c11ac9f),
-     TOBN(0x8d6eb369, 0x10b5be76), TOBN(0x046b7739, 0xfb040bcd),
-     TOBN(0xccb4529f, 0xcb73de88), TOBN(0x1df0fefc, 0xcf26be03),
-     TOBN(0xad7757a6, 0xbcfcd027), TOBN(0xa8786c75, 0xbb3165ca),
-     TOBN(0xe9db1e34, 0x7e99a4d9), TOBN(0x99ee86df, 0xb06c504b),
-     TOBN(0x5b7c2ddd, 0xc15c9f0a), TOBN(0xdf87a734, 0x4295989e),
-     TOBN(0x59ece47c, 0x03d08fda), TOBN(0xb074d3dd, 0xad5fc702),
-     TOBN(0x20407903, 0x51a03776), TOBN(0x2bb1f77b, 0x2a608007),
-     TOBN(0x25c58f4f, 0xe1153185), TOBN(0xe6df62f6, 0x766e6447),
-     TOBN(0xefb3d1be, 0xed51275a), TOBN(0x5de47dc7, 0x2f0f483f),
-     TOBN(0x7932d98e, 0x97c2bedf), TOBN(0xd5c11927, 0x0219f8a1),
-     TOBN(0x9d751200, 0xa73a294e), TOBN(0x5f88434a, 0x9dc20172),
-     TOBN(0xd28d9fd3, 0xa26f506a), TOBN(0xa890cd31, 0x9d1dcd48),
-     TOBN(0x0aebaec1, 0x70f4d3b4), TOBN(0xfd1a1369, 0x0ffc8d00),
-     TOBN(0xb9d9c240, 0x57d57838), TOBN(0x45929d26, 0x68bac361),
-     TOBN(0x5a2cd060, 0x25b15ca6), TOBN(0x4b3c83e1, 0x6e474446),
-     TOBN(0x1aac7578, 0xee1e5134), TOBN(0xa418f5d6, 0xc91e2f41),
-     TOBN(0x6936fc8a, 0x213ed68b), TOBN(0x860ae7ed, 0x510a5224),
-     TOBN(0x63660335, 0xdef09b53), TOBN(0x641b2897, 0xcd79c98d),
-     TOBN(0x29bd38e1, 0x01110f35), TOBN(0x79c26f42, 0x648b1937),
-     TOBN(0x64dae519, 0x9d9164f4), TOBN(0xd85a2310, 0x0265c273),
-     TOBN(0x7173dd5d, 0x4b07e2b1), TOBN(0xd144c4cb, 0x8d9ea221),
-     TOBN(0xe8b04ea4, 0x1105ab14), TOBN(0x92dda542, 0xfe80d8f1),
-     TOBN(0xe9982fa8, 0xcf03dce6), TOBN(0x8b5ea965, 0x1a22cffc),
-     TOBN(0xf7f4ea7f, 0x3fad88c4), TOBN(0x62db773e, 0x6a5ba95c),
-     TOBN(0xd20f02fb, 0x93f24567), TOBN(0xfd46c69a, 0x315257ca),
-     TOBN(0x0ac74cc7, 0x8bcab987), TOBN(0x46f31c01, 0x5ceca2f5),
-     TOBN(0x40aedb59, 0x888b219e), TOBN(0xe50ecc37, 0xe1fccd02),
-     TOBN(0x1bcd9dad, 0x911f816c), TOBN(0x583cc1ec, 0x8db9b00c),
-     TOBN(0xf3cd2e66, 0xa483bf11), TOBN(0xfa08a6f5, 0xb1b2c169),
-     TOBN(0xf375e245, 0x4be9fa28), TOBN(0x99a7ffec, 0x5b6d011f),
-     TOBN(0x6a3ebddb, 0xc4ae62da), TOBN(0x6cea00ae, 0x374aef5d),
-     TOBN(0xab5fb98d, 0x9d4d05bc), TOBN(0x7cba1423, 0xd560f252),
-     TOBN(0x49b2cc21, 0x208490de), TOBN(0x1ca66ec3, 0xbcfb2879),
-     TOBN(0x7f1166b7, 0x1b6fb16f), TOBN(0xfff63e08, 0x65fe5db3),
-     TOBN(0xb8345abe, 0x8b2610be), TOBN(0xb732ed80, 0x39de3df4),
-     TOBN(0x0e24ed50, 0x211c32b4), TOBN(0xd10d8a69, 0x848ff27d),
-     TOBN(0xc1074398, 0xed4de248), TOBN(0xd7cedace, 0x10488927),
-     TOBN(0xa4aa6bf8, 0x85673e13), TOBN(0xb46bae91, 0x6daf30af),
-     TOBN(0x07088472, 0xfcef7ad8), TOBN(0x61151608, 0xd4b35e97),
-     TOBN(0xbcfe8f26, 0xdde29986), TOBN(0xeb84c4c7, 0xd5a34c79),
-     TOBN(0xc1eec55c, 0x164e1214), TOBN(0x891be86d, 0xa147bb03),
-     TOBN(0x9fab4d10, 0x0ba96835), TOBN(0xbf01e9b8, 0xa5c1ae9f),
-     TOBN(0x6b4de139, 0xb186ebc0), TOBN(0xd5c74c26, 0x85b91bca),
-     TOBN(0x5086a99c, 0xc2d93854), TOBN(0xeed62a7b, 0xa7a9dfbc),
-     TOBN(0x8778ed6f, 0x76b7618a), TOBN(0xbff750a5, 0x03b66062),
-     TOBN(0x4cb7be22, 0xb65186db), TOBN(0x369dfbf0, 0xcc3a6d13),
-     TOBN(0xc7dab26c, 0x7191a321), TOBN(0x9edac3f9, 0x40ed718e),
-     TOBN(0xbc142b36, 0xd0cfd183), TOBN(0xc8af82f6, 0x7c991693),
-     TOBN(0xb3d1e4d8, 0x97ce0b2a), TOBN(0xe6d7c87f, 0xc3a55cdf),
-     TOBN(0x35846b95, 0x68b81afe), TOBN(0x018d12af, 0xd3c239d8),
-     TOBN(0x2b2c6208, 0x01206e15), TOBN(0xe0e42453, 0xa3b882c6),
-     TOBN(0x854470a3, 0xa50162d5), TOBN(0x08157478, 0x7017a62a),
-     TOBN(0x18bd3fb4, 0x820357c7), TOBN(0x992039ae, 0x6f1458ad),
-     TOBN(0x9a1df3c5, 0x25b44aa1), TOBN(0x2d780357, 0xed3d5281),
-     TOBN(0x58cf7e4d, 0xc77ad4d4), TOBN(0xd49a7998, 0xf9df4fc4),
-     TOBN(0x4465a8b5, 0x1d71205e), TOBN(0xa0ee0ea6, 0x649254aa),
-     TOBN(0x4b5eeecf, 0xab7bd771), TOBN(0x6c873073, 0x35c262b9),
-     TOBN(0xdc5bd648, 0x3c9d61e7), TOBN(0x233d6d54, 0x321460d2),
-     TOBN(0xd20c5626, 0xfc195bcc), TOBN(0x25445958, 0x04d78b63),
-     TOBN(0xe03fcb3d, 0x17ec8ef3), TOBN(0x54b690d1, 0x46b8f781),
-     TOBN(0x82fa2c8a, 0x21230646), TOBN(0xf51aabb9, 0x084f418c),
-     TOBN(0xff4fbec1, 0x1a30ba43), TOBN(0x6a5acf73, 0x743c9df7),
-     TOBN(0x1da2b357, 0xd635b4d5), TOBN(0xc3de68dd, 0xecd5c1da),
-     TOBN(0xa689080b, 0xd61af0dd), TOBN(0xdea5938a, 0xd665bf99),
-     TOBN(0x0231d71a, 0xfe637294), TOBN(0x01968aa6, 0xa5a81cd8),
-     TOBN(0x11252d50, 0x048e63b5), TOBN(0xc446bc52, 0x6ca007e9),
-     TOBN(0xef8c50a6, 0x96d6134b), TOBN(0x9361fbf5, 0x9e09a05c),
-     TOBN(0xf17f85a6, 0xdca3291a), TOBN(0xb178d548, 0xff251a21),
-     TOBN(0x87f6374b, 0xa4df3915), TOBN(0x566ce1bf, 0x2fd5d608),
-     TOBN(0x425cba4d, 0x7de35102), TOBN(0x6b745f8f, 0x58c5d5e2),
-     TOBN(0x88402af6, 0x63122edf), TOBN(0x3190f9ed, 0x3b989a89),
-     TOBN(0x4ad3d387, 0xebba3156), TOBN(0xef385ad9, 0xc7c469a5),
-     TOBN(0xb08281de, 0x3f642c29), TOBN(0x20be0888, 0x910ffb88),
-     TOBN(0xf353dd4a, 0xd5292546), TOBN(0x3f1627de, 0x8377a262),
-     TOBN(0xa5faa013, 0xeefcd638), TOBN(0x8f3bf626, 0x74cc77c3),
-     TOBN(0x32618f65, 0xa348f55e), TOBN(0x5787c0dc, 0x9fefeb9e),
-     TOBN(0xf1673aa2, 0xd9a23e44), TOBN(0x88dfa993, 0x4e10690d),
-     TOBN(0x1ced1b36, 0x2bf91108), TOBN(0x9193ceca, 0x3af48649),
-     TOBN(0xfb34327d, 0x2d738fc5), TOBN(0x6697b037, 0x975fee6c),
-     TOBN(0x2f485da0, 0xc04079a5), TOBN(0x2cdf5735, 0x2feaa1ac),
-     TOBN(0x76944420, 0xbd55659e), TOBN(0x7973e32b, 0x4376090c),
-     TOBN(0x86bb4fe1, 0x163b591a), TOBN(0x10441aed, 0xc196f0ca),
-     TOBN(0x3b431f4a, 0x045ad915), TOBN(0x6c11b437, 0xa4afacb1),
-     TOBN(0x30b0c7db, 0x71fdbbd8), TOBN(0xb642931f, 0xeda65acd),
-     TOBN(0x4baae6e8, 0x9c92b235), TOBN(0xa73bbd0e, 0x6b3993a1),
-     TOBN(0xd06d60ec, 0x693dd031), TOBN(0x03cab91b, 0x7156881c),
-     TOBN(0xd615862f, 0x1db3574b), TOBN(0x485b0185, 0x64bb061a),
-     TOBN(0x27434988, 0xa0181e06), TOBN(0x2cd61ad4, 0xc1c0c757),
-     TOBN(0x3effed5a, 0x2ff9f403), TOBN(0x8dc98d8b, 0x62239029),
-     TOBN(0x2206021e, 0x1f17b70d), TOBN(0xafbec0ca, 0xbf510015),
-     TOBN(0x9fed7164, 0x80130dfa), TOBN(0x306dc2b5, 0x8a02dcf5),
-     TOBN(0x48f06620, 0xfeb10fc0), TOBN(0x78d1e1d5, 0x5a57cf51),
-     TOBN(0xadef8c5a, 0x192ef710), TOBN(0x88afbd4b, 0x3b7431f9),
-     TOBN(0x7e1f7407, 0x64250c9e), TOBN(0x6e31318d, 0xb58bec07),
-     TOBN(0xfd4fc4b8, 0x24f89b4e), TOBN(0x65a5dd88, 0x48c36a2a),
-     TOBN(0x4f1eccff, 0xf024baa7), TOBN(0x22a21cf2, 0xcba94650),
-     TOBN(0x95d29dee, 0x42a554f7), TOBN(0x828983a5, 0x002ec4ba),
-     TOBN(0x8112a1f7, 0x8badb73d), TOBN(0x79ea8897, 0xa27c1839),
-     TOBN(0x8969a5a7, 0xd065fd83), TOBN(0xf49af791, 0xb262a0bc),
-     TOBN(0xfcdea8b6, 0xaf2b5127), TOBN(0x10e913e1, 0x564c2dbc),
-     TOBN(0x51239d14, 0xbc21ef51), TOBN(0xe51c3ceb, 0x4ce57292),
-     TOBN(0x795ff068, 0x47bbcc3b), TOBN(0x86b46e1e, 0xbd7e11e6),
-     TOBN(0x0ea6ba23, 0x80041ef4), TOBN(0xd72fe505, 0x6262342e),
-     TOBN(0x8abc6dfd, 0x31d294d4), TOBN(0xbbe017a2, 0x1278c2c9),
-     TOBN(0xb1fcfa09, 0xb389328a), TOBN(0x322fbc62, 0xd01771b5),
-     TOBN(0x04c0d063, 0x60b045bf), TOBN(0xdb652edc, 0x10e52d01),
-     TOBN(0x50ef932c, 0x03ec6627), TOBN(0xde1b3b2d, 0xc1ee50e3),
-     TOBN(0x5ab7bdc5, 0xdc37a90d), TOBN(0xfea67213, 0x31e33a96),
-     TOBN(0x6482b5cb, 0x4f2999aa), TOBN(0x38476cc6, 0xb8cbf0dd),
-     TOBN(0x93ebfacb, 0x173405bb), TOBN(0x15cdafe7, 0xe52369ec),
-     TOBN(0xd42d5ba4, 0xd935b7db), TOBN(0x648b6004, 0x1c99a4cd),
-     TOBN(0x785101bd, 0xa3b5545b), TOBN(0x4bf2c38a, 0x9dd67faf),
-     TOBN(0xb1aadc63, 0x4442449c), TOBN(0xe0e9921a, 0x33ad4fb8),
-     TOBN(0x5c552313, 0xaa686d82), TOBN(0xdee635fa, 0x465d866c),
-     TOBN(0xbc3c224a, 0x18ee6e8a), TOBN(0xeed748a6, 0xed42e02f),
-     TOBN(0xe70f930a, 0xd474cd08), TOBN(0x774ea6ec, 0xfff24adf),
-     TOBN(0x03e2de1c, 0xf3480d4a), TOBN(0xf0d8edc7, 0xbc8acf1a),
-     TOBN(0xf23e3303, 0x68295a9c), TOBN(0xfadd5f68, 0xc546a97d),
-     TOBN(0x895597ad, 0x96f8acb1), TOBN(0xbddd49d5, 0x671bdae2),
-     TOBN(0x16fcd528, 0x21dd43f4), TOBN(0xa5a45412, 0x6619141a)}
-    ,
-    {TOBN(0x8ce9b6bf, 0xc360e25a), TOBN(0xe6425195, 0x075a1a78),
-     TOBN(0x9dc756a8, 0x481732f4), TOBN(0x83c0440f, 0x5432b57a),
-     TOBN(0xc670b3f1, 0xd720281f), TOBN(0x2205910e, 0xd135e051),
-     TOBN(0xded14b0e, 0xdb052be7), TOBN(0x697b3d27, 0xc568ea39),
-     TOBN(0x2e599b9a, 0xfb3ff9ed), TOBN(0x28c2e0ab, 0x17f6515c),
-     TOBN(0x1cbee4fd, 0x474da449), TOBN(0x071279a4, 0x4f364452),
-     TOBN(0x97abff66, 0x01fbe855), TOBN(0x3ee394e8, 0x5fda51c4),
-     TOBN(0x190385f6, 0x67597c0b), TOBN(0x6e9fccc6, 0xa27ee34b),
-     TOBN(0x0b89de93, 0x14092ebb), TOBN(0xf17256bd, 0x428e240c),
-     TOBN(0xcf89a7f3, 0x93d2f064), TOBN(0x4f57841e, 0xe1ed3b14),
-     TOBN(0x4ee14405, 0xe708d855), TOBN(0x856aae72, 0x03f1c3d0),
-     TOBN(0xc8e5424f, 0xbdd7eed5), TOBN(0x3333e4ef, 0x73ab4270),
-     TOBN(0x3bc77ade, 0xdda492f8), TOBN(0xc11a3aea, 0x78297205),
-     TOBN(0x5e89a3e7, 0x34931b4c), TOBN(0x17512e2e, 0x9f5694bb),
-     TOBN(0x5dc349f3, 0x177bf8b6), TOBN(0x232ea4ba, 0x08c7ff3e),
-     TOBN(0x9c4f9d16, 0xf511145d), TOBN(0xccf109a3, 0x33b379c3),
-     TOBN(0xe75e7a88, 0xa1f25897), TOBN(0x7ac6961f, 0xa1b5d4d8),
-     TOBN(0xe3e10773, 0x08f3ed5c), TOBN(0x208a54ec, 0x0a892dfb),
-     TOBN(0xbe826e19, 0x78660710), TOBN(0x0cf70a97, 0x237df2c8),
-     TOBN(0x418a7340, 0xed704da5), TOBN(0xa3eeb9a9, 0x08ca33fd),
-     TOBN(0x49d96233, 0x169bca96), TOBN(0x04d286d4, 0x2da6aafb),
-     TOBN(0xc09606ec, 0xa0c2fa94), TOBN(0x8869d0d5, 0x23ff0fb3),
-     TOBN(0xa99937e5, 0xd0150d65), TOBN(0xa92e2503, 0x240c14c9),
-     TOBN(0x656bf945, 0x108e2d49), TOBN(0x152a733a, 0xa2f59e2b),
-     TOBN(0xb4323d58, 0x8434a920), TOBN(0xc0af8e93, 0x622103c5),
-     TOBN(0x667518ef, 0x938dbf9a), TOBN(0xa1843073, 0x83a9cdf2),
-     TOBN(0x350a94aa, 0x5447ab80), TOBN(0xe5e5a325, 0xc75a3d61),
-     TOBN(0x74ba507f, 0x68411a9e), TOBN(0x10581fc1, 0x594f70c5),
-     TOBN(0x60e28570, 0x80eb24a9), TOBN(0x7bedfb4d, 0x488e0cfd),
-     TOBN(0x721ebbd7, 0xc259cdb8), TOBN(0x0b0da855, 0xbc6390a9),
-     TOBN(0x2b4d04db, 0xde314c70), TOBN(0xcdbf1fbc, 0x6c32e846),
-     TOBN(0x33833eab, 0xb162fc9e), TOBN(0x9939b48b, 0xb0dd3ab7),
-     TOBN(0x5aaa98a7, 0xcb0c9c8c), TOBN(0x75105f30, 0x81c4375c),
-     TOBN(0xceee5057, 0x5ef1c90f), TOBN(0xb31e065f, 0xc23a17bf),
-     TOBN(0x5364d275, 0xd4b6d45a), TOBN(0xd363f3ad, 0x62ec8996),
-     TOBN(0xb5d21239, 0x4391c65b), TOBN(0x84564765, 0xebb41b47),
-     TOBN(0x20d18ecc, 0x37107c78), TOBN(0xacff3b6b, 0x570c2a66),
-     TOBN(0x22f975d9, 0x9bd0d845), TOBN(0xef0a0c46, 0xba178fa0),
-     TOBN(0x1a419651, 0x76b6028e), TOBN(0xc49ec674, 0x248612d4),
-     TOBN(0x5b6ac4f2, 0x7338af55), TOBN(0x06145e62, 0x7bee5a36),
-     TOBN(0x33e95d07, 0xe75746b5), TOBN(0x1c1e1f6d, 0xc40c78be),
-     TOBN(0x967833ef, 0x222ff8e2), TOBN(0x4bedcf6a, 0xb49180ad),
-     TOBN(0x6b37e9c1, 0x3d7a4c8a), TOBN(0x2748887c, 0x6ddfe760),
-     TOBN(0xf7055123, 0xaa3a5bbc), TOBN(0x954ff225, 0x7bbb8e74),
-     TOBN(0xc42b8ab1, 0x97c3dfb9), TOBN(0x55a549b0, 0xcf168154),
-     TOBN(0xad6748e7, 0xc1b50692), TOBN(0x2775780f, 0x6fc5cbcb),
-     TOBN(0x4eab80b8, 0xe1c9d7c8), TOBN(0x8c69dae1, 0x3fdbcd56),
-     TOBN(0x47e6b4fb, 0x9969eace), TOBN(0x002f1085, 0xa705cb5a),
-     TOBN(0x4e23ca44, 0x6d3fea55), TOBN(0xb4ae9c86, 0xf4810568),
-     TOBN(0x47bfb91b, 0x2a62f27d), TOBN(0x60deb4c9, 0xd9bac28c),
-     TOBN(0xa892d894, 0x7de6c34c), TOBN(0x4ee68259, 0x4494587d),
-     TOBN(0x914ee14e, 0x1a3f8a5b), TOBN(0xbb113eaa, 0x28700385),
-     TOBN(0x81ca03b9, 0x2115b4c9), TOBN(0x7c163d38, 0x8908cad1),
-     TOBN(0xc912a118, 0xaa18179a), TOBN(0xe09ed750, 0x886e3081),
-     TOBN(0xa676e3fa, 0x26f516ca), TOBN(0x753cacf7, 0x8e732f91),
-     TOBN(0x51592aea, 0x833da8b4), TOBN(0xc626f42f, 0x4cbea8aa),
-     TOBN(0xef9dc899, 0xa7b56eaf), TOBN(0x00c0e52c, 0x34ef7316),
-     TOBN(0x5b1e4e24, 0xfe818a86), TOBN(0x9d31e20d, 0xc538be47),
-     TOBN(0x22eb932d, 0x3ed68974), TOBN(0xe44bbc08, 0x7c4e87c4),
-     TOBN(0x4121086e, 0x0dde9aef), TOBN(0x8e6b9cff, 0x134f4345),
-     TOBN(0x96892c1f, 0x711b0eb9), TOBN(0xb905f2c8, 0x780ab954),
-     TOBN(0xace26309, 0xa20792db), TOBN(0xec8ac9b3, 0x0684e126),
-     TOBN(0x486ad8b6, 0xb40a2447), TOBN(0x60121fc1, 0x9fe3fb24),
-     TOBN(0x5626fccf, 0x1a8e3b3f), TOBN(0x4e568622, 0x6ad1f394),
-     TOBN(0xda7aae0d, 0x196aa5a1), TOBN(0xe0df8c77, 0x1041b5fb),
-     TOBN(0x451465d9, 0x26b318b7), TOBN(0xc29b6e55, 0x7ab136e9),
-     TOBN(0x2c2ab48b, 0x71148463), TOBN(0xb5738de3, 0x64454a76),
-     TOBN(0x54ccf9a0, 0x5a03abe4), TOBN(0x377c0296, 0x0427d58e),
-     TOBN(0x73f5f0b9, 0x2bb39c1f), TOBN(0x14373f2c, 0xe608d8c5),
-     TOBN(0xdcbfd314, 0x00fbb805), TOBN(0xdf18fb20, 0x83afdcfb),
-     TOBN(0x81a57f42, 0x42b3523f), TOBN(0xe958532d, 0x87f650fb),
-     TOBN(0xaa8dc8b6, 0x8b0a7d7c), TOBN(0x1b75dfb7, 0x150166be),
-     TOBN(0x90e4f7c9, 0x2d7d1413), TOBN(0x67e2d6b5, 0x9834f597),
-     TOBN(0x4fd4f4f9, 0xa808c3e8), TOBN(0xaf8237e0, 0xd5281ec1),
-     TOBN(0x25ab5fdc, 0x84687cee), TOBN(0xc5ded6b1, 0xa5b26c09),
-     TOBN(0x8e4a5aec, 0xc8ea7650), TOBN(0x23b73e5c, 0x14cc417f),
-     TOBN(0x2bfb4318, 0x3037bf52), TOBN(0xb61e6db5, 0x78c725d7),
-     TOBN(0x8efd4060, 0xbbb3e5d7), TOBN(0x2e014701, 0xdbac488e),
-     TOBN(0xac75cf9a, 0x360aa449), TOBN(0xb70cfd05, 0x79634d08),
-     TOBN(0xa591536d, 0xfffb15ef), TOBN(0xb2c37582, 0xd07c106c),
-     TOBN(0xb4293fdc, 0xf50225f9), TOBN(0xc52e175c, 0xb0e12b03),
-     TOBN(0xf649c3ba, 0xd0a8bf64), TOBN(0x745a8fef, 0xeb8ae3c6),
-     TOBN(0x30d7e5a3, 0x58321bc3), TOBN(0xb1732be7, 0x0bc4df48),
-     TOBN(0x1f217993, 0xe9ea5058), TOBN(0xf7a71cde, 0x3e4fd745),
-     TOBN(0x86cc533e, 0x894c5bbb), TOBN(0x6915c7d9, 0x69d83082),
-     TOBN(0xa6aa2d05, 0x5815c244), TOBN(0xaeeee592, 0x49b22ce5),
-     TOBN(0x89e39d13, 0x78135486), TOBN(0x3a275c1f, 0x16b76f2f),
-     TOBN(0xdb6bcc1b, 0xe036e8f5), TOBN(0x4df69b21, 0x5e4709f5),
-     TOBN(0xa188b250, 0x2d0f39aa), TOBN(0x622118bb, 0x15a85947),
-     TOBN(0x2ebf520f, 0xfde0f4fa), TOBN(0xa40e9f29, 0x4860e539),
-     TOBN(0x7b6a51eb, 0x22b57f0f), TOBN(0x849a33b9, 0x7e80644a),
-     TOBN(0x50e5d16f, 0x1cf095fe), TOBN(0xd754b54e, 0xec55f002),
-     TOBN(0x5cfbbb22, 0x236f4a98), TOBN(0x0b0c59e9, 0x066800bb),
-     TOBN(0x4ac69a8f, 0x5a9a7774), TOBN(0x2b33f804, 0xd6bec948),
-     TOBN(0xb3729295, 0x32e6c466), TOBN(0x68956d0f, 0x4e599c73),
-     TOBN(0xa47a249f, 0x155c31cc), TOBN(0x24d80f0d, 0xe1ce284e),
-     TOBN(0xcd821dfb, 0x988baf01), TOBN(0xe6331a7d, 0xdbb16647),
-     TOBN(0x1eb8ad33, 0x094cb960), TOBN(0x593cca38, 0xc91bbca5),
-     TOBN(0x384aac8d, 0x26567456), TOBN(0x40fa0309, 0xc04b6490),
-     TOBN(0x97834cd6, 0xdab6c8f6), TOBN(0x68a7318d, 0x3f91e55f),
-     TOBN(0xa00fd04e, 0xfc4d3157), TOBN(0xb56f8ab2, 0x2bf3bdea),
-     TOBN(0x014f5648, 0x4fa57172), TOBN(0x948c5860, 0x450abdb3),
-     TOBN(0x342b5df0, 0x0ebd4f08), TOBN(0x3e5168cd, 0x0e82938e),
-     TOBN(0x7aedc1ce, 0xb0df5dd0), TOBN(0x6bbbc6d9, 0xe5732516),
-     TOBN(0xc7bfd486, 0x605daaa6), TOBN(0x46fd72b7, 0xbb9a6c9e),
-     TOBN(0xe4847fb1, 0xa124fb89), TOBN(0x75959cbd, 0xa2d8ffbc),
-     TOBN(0x42579f65, 0xc8a588ee), TOBN(0x368c92e6, 0xb80b499d),
-     TOBN(0xea4ef6cd, 0x999a5df1), TOBN(0xaa73bb7f, 0x936fe604),
-     TOBN(0xf347a70d, 0x6457d188), TOBN(0x86eda86b, 0x8b7a388b),
-     TOBN(0xb7cdff06, 0x0ccd6013), TOBN(0xbeb1b6c7, 0xd0053fb2),
-     TOBN(0x0b022387, 0x99240a9f), TOBN(0x1bbb384f, 0x776189b2),
-     TOBN(0x8695e71e, 0x9066193a), TOBN(0x2eb50097, 0x06ffac7e),
-     TOBN(0x0654a9c0, 0x4a7d2caa), TOBN(0x6f3fb3d1, 0xa5aaa290),
-     TOBN(0x835db041, 0xff476e8f), TOBN(0x540b8b0b, 0xc42295e4),
-     TOBN(0xa5c73ac9, 0x05e214f5), TOBN(0x9a74075a, 0x56a0b638),
-     TOBN(0x2e4b1090, 0xce9e680b), TOBN(0x57a5b479, 0x6b8d9afa),
-     TOBN(0x0dca48e7, 0x26bfe65c), TOBN(0x097e391c, 0x7290c307),
-     TOBN(0x683c462e, 0x6669e72e), TOBN(0xf505be1e, 0x062559ac),
-     TOBN(0x5fbe3ea1, 0xe3a3035a), TOBN(0x6431ebf6, 0x9cd50da8),
-     TOBN(0xfd169d5c, 0x1f6407f2), TOBN(0x8d838a95, 0x60fce6b8),
-     TOBN(0x2a2bfa7f, 0x650006f0), TOBN(0xdfd7dad3, 0x50c0fbb2),
-     TOBN(0x92452495, 0xccf9ad96), TOBN(0x183bf494, 0xd95635f9),
-     TOBN(0x02d5df43, 0x4a7bd989), TOBN(0x505385cc, 0xa5431095),
-     TOBN(0xdd98e67d, 0xfd43f53e), TOBN(0xd61e1a6c, 0x500c34a9),
-     TOBN(0x5a4b46c6, 0x4a8a3d62), TOBN(0x8469c4d0, 0x247743d2),
-     TOBN(0x2bb3a13d, 0x88f7e433), TOBN(0x62b23a10, 0x01be5849),
-     TOBN(0xe83596b4, 0xa63d1a4c), TOBN(0x454e7fea, 0x7d183f3e),
-     TOBN(0x643fce61, 0x17afb01c), TOBN(0x4e65e5e6, 0x1c4c3638),
-     TOBN(0x41d85ea1, 0xef74c45b), TOBN(0x2cfbfa66, 0xae328506),
-     TOBN(0x98b078f5, 0x3ada7da9), TOBN(0xd985fe37, 0xec752fbb),
-     TOBN(0xeece68fe, 0x5a0148b4), TOBN(0x6f9a55c7, 0x2d78136d),
-     TOBN(0x232dccc4, 0xd2b729ce), TOBN(0xa27e0dfd, 0x90aafbc4),
-     TOBN(0x96474452, 0x12b4603e), TOBN(0xa876c551, 0x6b706d14),
-     TOBN(0xdf145fcf, 0x69a9d412), TOBN(0xe2ab75b7, 0x2d479c34),
-     TOBN(0x12df9a76, 0x1a23ff97), TOBN(0xc6138992, 0x5d359d10),
-     TOBN(0x6e51c7ae, 0xfa835f22), TOBN(0x69a79cb1, 0xc0fcc4d9),
-     TOBN(0xf57f350d, 0x594cc7e1), TOBN(0x3079ca63, 0x3350ab79),
-     TOBN(0x226fb614, 0x9aff594a), TOBN(0x35afec02, 0x6d59a62b),
-     TOBN(0x9bee46f4, 0x06ed2c6e), TOBN(0x58da1735, 0x7d939a57),
-     TOBN(0x44c50402, 0x8fd1797e), TOBN(0xd8853e7c, 0x5ccea6ca),
-     TOBN(0x4065508d, 0xa35fcd5f), TOBN(0x8965df8c, 0x495ccaeb),
-     TOBN(0x0f2da850, 0x12e1a962), TOBN(0xee471b94, 0xc1cf1cc4),
-     TOBN(0xcef19bc8, 0x0a08fb75), TOBN(0x704958f5, 0x81de3591),
-     TOBN(0x2867f8b2, 0x3aef4f88), TOBN(0x8d749384, 0xea9f9a5f),
-     TOBN(0x1b385537, 0x8c9049f4), TOBN(0x5be948f3, 0x7b92d8b6),
-     TOBN(0xd96f725d, 0xb6e2bd6b), TOBN(0x37a222bc, 0x958c454d),
-     TOBN(0xe7c61abb, 0x8809bf61), TOBN(0x46f07fbc, 0x1346f18d),
-     TOBN(0xfb567a7a, 0xe87c0d1c), TOBN(0x84a461c8, 0x7ef3d07a),
-     TOBN(0x0a5adce6, 0xd9278d98), TOBN(0x24d94813, 0x9dfc73e1),
-     TOBN(0x4f3528b6, 0x054321c3), TOBN(0x2e03fdde, 0x692ea706),
-     TOBN(0x10e60619, 0x47b533c0), TOBN(0x1a8bc73f, 0x2ca3c055),
-     TOBN(0xae58d4b2, 0x1bb62b8f), TOBN(0xb2045a73, 0x584a24e3),
-     TOBN(0x3ab3d5af, 0xbd76e195), TOBN(0x478dd1ad, 0x6938a810),
-     TOBN(0x6ffab393, 0x6ee3d5cb), TOBN(0xdfb693db, 0x22b361e4),
-     TOBN(0xf9694496, 0x51dbf1a7), TOBN(0xcab4b4ef, 0x08a2e762),
-     TOBN(0xe8c92f25, 0xd39bba9a), TOBN(0x850e61bc, 0xf1464d96),
-     TOBN(0xb7e830e3, 0xdc09508b), TOBN(0xfaf6d2cf, 0x74317655),
-     TOBN(0x72606ceb, 0xdf690355), TOBN(0x48bb92b3, 0xd0c3ded6),
-     TOBN(0x65b75484, 0x5c7cf892), TOBN(0xf6cd7ac9, 0xd5d5f01f),
-     TOBN(0xc2c30a59, 0x96401d69), TOBN(0x91268650, 0xed921878),
-     TOBN(0x380bf913, 0xb78c558f), TOBN(0x43c0baeb, 0xc8afdaa9),
-     TOBN(0x377f61d5, 0x54f169d3), TOBN(0xf8da07e3, 0xae5ff20b),
-     TOBN(0xb676c49d, 0xa8a90ea8), TOBN(0x81c1ff2b, 0x83a29b21),
-     TOBN(0x383297ac, 0x2ad8d276), TOBN(0x3001122f, 0xba89f982),
-     TOBN(0xe1d794be, 0x6718e448), TOBN(0x246c1482, 0x7c3e6e13),
-     TOBN(0x56646ef8, 0x5d26b5ef), TOBN(0x80f5091e, 0x88069cdd),
-     TOBN(0xc5992e2f, 0x724bdd38), TOBN(0x02e915b4, 0x8471e8c7),
-     TOBN(0x96ff320a, 0x0d0ff2a9), TOBN(0xbf886487, 0x4384d1a0),
-     TOBN(0xbbe1e6a6, 0xc93f72d6), TOBN(0xd5f75d12, 0xcad800ea),
-     TOBN(0xfa40a09f, 0xe7acf117), TOBN(0x32c8cdd5, 0x7581a355),
-     TOBN(0x74221992, 0x7023c499), TOBN(0xa8afe5d7, 0x38ec3901),
-     TOBN(0x5691afcb, 0xa90e83f0), TOBN(0x41bcaa03, 0x0b8f8eac),
-     TOBN(0xe38b5ff9, 0x8d2668d5), TOBN(0x0715281a, 0x7ad81965),
-     TOBN(0x1bc8fc7c, 0x03c6ce11), TOBN(0xcbbee6e2, 0x8b650436),
-     TOBN(0x06b00fe8, 0x0cdb9808), TOBN(0x17d6e066, 0xfe3ed315),
-     TOBN(0x2e9d38c6, 0x4d0b5018), TOBN(0xab8bfd56, 0x844dcaef),
-     TOBN(0x42894a59, 0x513aed8b), TOBN(0xf77f3b6d, 0x314bd07a),
-     TOBN(0xbbdecb8f, 0x8e42b582), TOBN(0xf10e2fa8, 0xd2390fe6),
-     TOBN(0xefb95022, 0x62a2f201), TOBN(0x4d59ea50, 0x50ee32b0),
-     TOBN(0xd87f7728, 0x6da789a8), TOBN(0xcf98a2cf, 0xf79492c4),
-     TOBN(0xf9577239, 0x720943c2), TOBN(0xba044cf5, 0x3990b9d0),
-     TOBN(0x5aa8e823, 0x95f2884a), TOBN(0x834de6ed, 0x0278a0af),
-     TOBN(0xc8e1ee9a, 0x5f25bd12), TOBN(0x9259ceaa, 0x6f7ab271),
-     TOBN(0x7e6d97a2, 0x77d00b76), TOBN(0x5c0c6eea, 0xa437832a),
-     TOBN(0x5232c20f, 0x5606b81d), TOBN(0xabd7b375, 0x0d991ee5),
-     TOBN(0x4d2bfe35, 0x8632d951), TOBN(0x78f85146, 0x98ed9364),
-     TOBN(0x951873f0, 0xf30c3282), TOBN(0x0da8ac80, 0xa789230b),
-     TOBN(0x3ac7789c, 0x5398967f), TOBN(0xa69b8f7f, 0xbdda0fb5),
-     TOBN(0xe5db7717, 0x6add8545), TOBN(0x1b71cb66, 0x72c49b66),
-     TOBN(0xd8560739, 0x68421d77), TOBN(0x03840fe8, 0x83e3afea),
-     TOBN(0xb391dad5, 0x1ec69977), TOBN(0xae243fb9, 0x307f6726),
-     TOBN(0xc88ac87b, 0xe8ca160c), TOBN(0x5174cced, 0x4ce355f4),
-     TOBN(0x98a35966, 0xe58ba37d), TOBN(0xfdcc8da2, 0x7817335d),
-     TOBN(0x5b752830, 0x83fbc7bf), TOBN(0x68e419d4, 0xd9c96984),
-     TOBN(0x409a39f4, 0x02a40380), TOBN(0x88940faf, 0x1fe977bc),
-     TOBN(0xc640a94b, 0x8f8edea6), TOBN(0x1e22cd17, 0xed11547d),
-     TOBN(0xe28568ce, 0x59ffc3e2), TOBN(0x60aa1b55, 0xc1dee4e7),
-     TOBN(0xc67497c8, 0x837cb363), TOBN(0x06fb438a, 0x105a2bf2),
-     TOBN(0x30357ec4, 0x500d8e20), TOBN(0x1ad9095d, 0x0670db10),
-     TOBN(0x7f589a05, 0xc73b7cfd), TOBN(0xf544607d, 0x880d6d28),
-     TOBN(0x17ba93b1, 0xa20ef103), TOBN(0xad859130, 0x6ba6577b),
-     TOBN(0x65c91cf6, 0x6fa214a0), TOBN(0xd7d49c6c, 0x27990da5),
-     TOBN(0xecd9ec8d, 0x20bb569d), TOBN(0xbd4b2502, 0xeeffbc33),
-     TOBN(0x2056ca5a, 0x6bed0467), TOBN(0x7916a1f7, 0x5b63728c),
-     TOBN(0xd4f9497d, 0x53a4f566), TOBN(0x89734664, 0x97b56810),
-     TOBN(0xf8e1da74, 0x0494a621), TOBN(0x82546a93, 0x8d011c68),
-     TOBN(0x1f3acb19, 0xc61ac162), TOBN(0x52f8fa9c, 0xabad0d3e),
-     TOBN(0x15356523, 0xb4b7ea43), TOBN(0x5a16ad61, 0xae608125),
-     TOBN(0xb0bcb87f, 0x4faed184), TOBN(0x5f236b1d, 0x5029f45f),
-     TOBN(0xd42c7607, 0x0bc6b1fc), TOBN(0xc644324e, 0x68aefce3),
-     TOBN(0x8e191d59, 0x5c5d8446), TOBN(0xc0208077, 0x13ae1979),
-     TOBN(0xadcaee55, 0x3ba59cc7), TOBN(0x20ed6d6b, 0xa2cb81ba),
-     TOBN(0x0952ba19, 0xb6efcffc), TOBN(0x60f12d68, 0x97c0b87c),
-     TOBN(0x4ee2c7c4, 0x9caa30bc), TOBN(0x767238b7, 0x97fbff4e),
-     TOBN(0xebc73921, 0x501b5d92), TOBN(0x3279e3df, 0xc2a37737),
-     TOBN(0x9fc12bc8, 0x6d197543), TOBN(0xfa94dc6f, 0x0a40db4e),
-     TOBN(0x7392b41a, 0x530ccbbd), TOBN(0x87c82146, 0xea823525),
-     TOBN(0xa52f984c, 0x05d98d0c), TOBN(0x2ae57d73, 0x5ef6974c),
-     TOBN(0x9377f7bf, 0x3042a6dd), TOBN(0xb1a007c0, 0x19647a64),
-     TOBN(0xfaa9079a, 0x0cca9767), TOBN(0x3d81a25b, 0xf68f72d5),
-     TOBN(0x752067f8, 0xff81578e), TOBN(0x78622150, 0x9045447d),
-     TOBN(0xc0c22fcf, 0x0505aa6f), TOBN(0x1030f0a6, 0x6bed1c77),
-     TOBN(0x31f29f15, 0x1f0bd739), TOBN(0x2d7989c7, 0xe6debe85),
-     TOBN(0x5c070e72, 0x8e677e98), TOBN(0x0a817bd3, 0x06e81fd5),
-     TOBN(0xc110d830, 0xb0f2ac95), TOBN(0x48d0995a, 0xab20e64e),
-     TOBN(0x0f3e00e1, 0x7729cd9a), TOBN(0x2a570c20, 0xdd556946),
-     TOBN(0x912dbcfd, 0x4e86214d), TOBN(0x2d014ee2, 0xcf615498),
-     TOBN(0x55e2b1e6, 0x3530d76e), TOBN(0xc5135ae4, 0xfd0fd6d1),
-     TOBN(0x0066273a, 0xd4f3049f), TOBN(0xbb8e9893, 0xe7087477),
-     TOBN(0x2dba1ddb, 0x14c6e5fd), TOBN(0xdba37886, 0x51f57e6c),
-     TOBN(0x5aaee0a6, 0x5a72f2cf), TOBN(0x1208bfbf, 0x7bea5642),
-     TOBN(0xf5c6aa3b, 0x67872c37), TOBN(0xd726e083, 0x43f93224),
-     TOBN(0x1854daa5, 0x061f1658), TOBN(0xc0016df1, 0xdf0cd2b3),
-     TOBN(0xc2a3f23e, 0x833d50de), TOBN(0x73b681d2, 0xbbbd3017),
-     TOBN(0x2f046dc4, 0x3ac343c0), TOBN(0x9c847e7d, 0x85716421),
-     TOBN(0xe1e13c91, 0x0917eed4), TOBN(0x3fc9eebd, 0x63a1b9c6),
-     TOBN(0x0f816a72, 0x7fe02299), TOBN(0x6335ccc2, 0x294f3319),
-     TOBN(0x3820179f, 0x4745c5be), TOBN(0xe647b782, 0x922f066e),
-     TOBN(0xc22e49de, 0x02cafb8a), TOBN(0x299bc2ff, 0xfcc2eccc),
-     TOBN(0x9a8feea2, 0x6e0e8282), TOBN(0xa627278b, 0xfe893205),
-     TOBN(0xa7e19733, 0x7933e47b), TOBN(0xf4ff6b13, 0x2e766402),
-     TOBN(0xa4d8be0a, 0x98440d9f), TOBN(0x658f5c2f, 0x38938808),
-     TOBN(0x90b75677, 0xc95b3b3e), TOBN(0xfa044269, 0x3137b6ff),
-     TOBN(0x077b039b, 0x43c47c29), TOBN(0xcca95dd3, 0x8a6445b2),
-     TOBN(0x0b498ba4, 0x2333fc4c), TOBN(0x274f8e68, 0xf736a1b1),
-     TOBN(0x6ca348fd, 0x5f1d4b2e), TOBN(0x24d3be78, 0xa8f10199),
-     TOBN(0x8535f858, 0xca14f530), TOBN(0xa6e7f163, 0x5b982e51),
-     TOBN(0x847c8512, 0x36e1bf62), TOBN(0xf6a7c58e, 0x03448418),
-     TOBN(0x583f3703, 0xf9374ab6), TOBN(0x864f9195, 0x6e564145),
-     TOBN(0x33bc3f48, 0x22526d50), TOBN(0x9f323c80, 0x1262a496),
-     TOBN(0xaa97a7ae, 0x3f046a9a), TOBN(0x70da183e, 0xdf8a039a),
-     TOBN(0x5b68f71c, 0x52aa0ba6), TOBN(0x9be0fe51, 0x21459c2d),
-     TOBN(0xc1e17eb6, 0xcbc613e5), TOBN(0x33131d55, 0x497ea61c),
-     TOBN(0x2f69d39e, 0xaf7eded5), TOBN(0x73c2f434, 0xde6af11b),
-     TOBN(0x4ca52493, 0xa4a375fa), TOBN(0x5f06787c, 0xb833c5c2),
-     TOBN(0x814e091f, 0x3e6e71cf), TOBN(0x76451f57, 0x8b746666)}
-    ,
-    {TOBN(0x80f9bdef, 0x694db7e0), TOBN(0xedca8787, 0xb9fcddc6),
-     TOBN(0x51981c34, 0x03b8dce1), TOBN(0x4274dcf1, 0x70e10ba1),
-     TOBN(0xf72743b8, 0x6def6d1a), TOBN(0xd25b1670, 0xebdb1866),
-     TOBN(0xc4491e8c, 0x050c6f58), TOBN(0x2be2b2ab, 0x87fbd7f5),
-     TOBN(0x3e0e5c9d, 0xd111f8ec), TOBN(0xbcc33f8d, 0xb7c4e760),
-     TOBN(0x702f9a91, 0xbd392a51), TOBN(0x7da4a795, 0xc132e92d),
-     TOBN(0x1a0b0ae3, 0x0bb1151b), TOBN(0x54febac8, 0x02e32251),
-     TOBN(0xea3a5082, 0x694e9e78), TOBN(0xe58ffec1, 0xe4fe40b8),
-     TOBN(0xf85592fc, 0xd1e0cf9e), TOBN(0xdea75f0d, 0xc0e7b2e8),
-     TOBN(0xc04215cf, 0xc135584e), TOBN(0x174fc727, 0x2f57092a),
-     TOBN(0xe7277877, 0xeb930bea), TOBN(0x504caccb, 0x5eb02a5a),
-     TOBN(0xf9fe08f7, 0xf5241b9b), TOBN(0xe7fb62f4, 0x8d5ca954),
-     TOBN(0xfbb8349d, 0x29c4120b), TOBN(0x9f94391f, 0xc0d0d915),
-     TOBN(0xc4074fa7, 0x5410ba51), TOBN(0xa66adbf6, 0x150a5911),
-     TOBN(0xc164543c, 0x34bfca38), TOBN(0xe0f27560, 0xb9e1ccfc),
-     TOBN(0x99da0f53, 0xe820219c), TOBN(0xe8234498, 0xc6b4997a),
-     TOBN(0xcfb88b76, 0x9d4c5423), TOBN(0x9e56eb10, 0xb0521c49),
-     TOBN(0x418e0b5e, 0xbe8700a1), TOBN(0x00cbaad6, 0xf93cb58a),
-     TOBN(0xe923fbde, 0xd92a5e67), TOBN(0xca4979ac, 0x1f347f11),
-     TOBN(0x89162d85, 0x6bc0585b), TOBN(0xdd6254af, 0xac3c70e3),
-     TOBN(0x7b23c513, 0x516e19e4), TOBN(0x56e2e847, 0xc5c4d593),
-     TOBN(0x9f727d73, 0x5ce71ef6), TOBN(0x5b6304a6, 0xf79a44c5),
-     TOBN(0x6638a736, 0x3ab7e433), TOBN(0x1adea470, 0xfe742f83),
-     TOBN(0xe054b854, 0x5b7fc19f), TOBN(0xf935381a, 0xba1d0698),
-     TOBN(0x546eab2d, 0x799e9a74), TOBN(0x96239e0e, 0xa949f729),
-     TOBN(0xca274c6b, 0x7090055a), TOBN(0x835142c3, 0x9020c9b0),
-     TOBN(0xa405667a, 0xa2e8807f), TOBN(0x29f2c085, 0x1aa3d39e),
-     TOBN(0xcc555d64, 0x42fc72f5), TOBN(0xe856e0e7, 0xfbeacb3c),
-     TOBN(0xb5504f9d, 0x918e4936), TOBN(0x65035ef6, 0xb2513982),
-     TOBN(0x0553a0c2, 0x6f4d9cb9), TOBN(0x6cb10d56, 0xbea85509),
-     TOBN(0x48d957b7, 0xa242da11), TOBN(0x16a4d3dd, 0x672b7268),
-     TOBN(0x3d7e637c, 0x8502a96b), TOBN(0x27c7032b, 0x730d463b),
-     TOBN(0xbdc02b18, 0xe4136a14), TOBN(0xbacf969d, 0x678e32bf),
-     TOBN(0xc98d89a3, 0xdd9c3c03), TOBN(0x7b92420a, 0x23becc4f),
-     TOBN(0xd4b41f78, 0xc64d565c), TOBN(0x9f969d00, 0x10f28295),
-     TOBN(0xec7f7f76, 0xb13d051a), TOBN(0x08945e1e, 0xa92da585),
-     TOBN(0x55366b7d, 0x5846426f), TOBN(0xe7d09e89, 0x247d441d),
-     TOBN(0x510b404d, 0x736fbf48), TOBN(0x7fa003d0, 0xe784bd7d),
-     TOBN(0x25f7614f, 0x17fd9596), TOBN(0x49e0e0a1, 0x35cb98db),
-     TOBN(0x2c65957b, 0x2e83a76a), TOBN(0x5d40da8d, 0xcddbe0f8),
-     TOBN(0xf2b8c405, 0x050bad24), TOBN(0x8918426d, 0xc2aa4823),
-     TOBN(0x2aeab3dd, 0xa38365a7), TOBN(0x72031717, 0x7c91b690),
-     TOBN(0x8b00d699, 0x60a94120), TOBN(0x478a255d, 0xe99eaeec),
-     TOBN(0xbf656a5f, 0x6f60aafd), TOBN(0xdfd7cb75, 0x5dee77b3),
-     TOBN(0x37f68bb4, 0xa595939d), TOBN(0x03556479, 0x28740217),
-     TOBN(0x8e740e7c, 0x84ad7612), TOBN(0xd89bc843, 0x9044695f),
-     TOBN(0xf7f3da5d, 0x85a9184d), TOBN(0x562563bb, 0x9fc0b074),
-     TOBN(0x06d2e6aa, 0xf88a888e), TOBN(0x612d8643, 0x161fbe7c),
-     TOBN(0x465edba7, 0xf64085e7), TOBN(0xb230f304, 0x29aa8511),
-     TOBN(0x53388426, 0xcda2d188), TOBN(0x90885735, 0x4b666649),
-     TOBN(0x6f02ff9a, 0x652f54f6), TOBN(0x65c82294, 0x5fae2bf0),
-     TOBN(0x7816ade0, 0x62f5eee3), TOBN(0xdcdbdf43, 0xfcc56d70),
-     TOBN(0x9fb3bba3, 0x54530bb2), TOBN(0xbde3ef77, 0xcb0869ea),
-     TOBN(0x89bc9046, 0x0b431163), TOBN(0x4d03d7d2, 0xe4819a35),
-     TOBN(0x33ae4f9e, 0x43b6a782), TOBN(0x216db307, 0x9c88a686),
-     TOBN(0x91dd88e0, 0x00ffedd9), TOBN(0xb280da9f, 0x12bd4840),
-     TOBN(0x32a7cb8a, 0x1635e741), TOBN(0xfe14008a, 0x78be02a7),
-     TOBN(0x3fafb334, 0x1b7ae030), TOBN(0x7fd508e7, 0x5add0ce9),
-     TOBN(0x72c83219, 0xd607ad51), TOBN(0x0f229c0a, 0x8d40964a),
-     TOBN(0x1be2c336, 0x1c878da2), TOBN(0xe0c96742, 0xeab2ab86),
-     TOBN(0x458f8691, 0x3e538cd7), TOBN(0xa7001f6c, 0x8e08ad53),
-     TOBN(0x52b8c6e6, 0xbf5d15ff), TOBN(0x548234a4, 0x011215dd),
-     TOBN(0xff5a9d2d, 0x3d5b4045), TOBN(0xb0ffeeb6, 0x4a904190),
-     TOBN(0x55a3aca4, 0x48607f8b), TOBN(0x8cbd665c, 0x30a0672a),
-     TOBN(0x87f834e0, 0x42583068), TOBN(0x02da2aeb, 0xf3f6e683),
-     TOBN(0x6b763e5d, 0x05c12248), TOBN(0x7230378f, 0x65a8aefc),
-     TOBN(0x93bd80b5, 0x71e8e5ca), TOBN(0x53ab041c, 0xb3b62524),
-     TOBN(0x1b860513, 0x6c9c552e), TOBN(0xe84d402c, 0xd5524e66),
-     TOBN(0xa37f3573, 0xf37f5937), TOBN(0xeb0f6c7d, 0xd1e4fca5),
-     TOBN(0x2965a554, 0xac8ab0fc), TOBN(0x17fbf56c, 0x274676ac),
-     TOBN(0x2e2f6bd9, 0xacf7d720), TOBN(0x41fc8f88, 0x10224766),
-     TOBN(0x517a14b3, 0x85d53bef), TOBN(0xdae327a5, 0x7d76a7d1),
-     TOBN(0x6ad0a065, 0xc4818267), TOBN(0x33aa189b, 0x37c1bbc1),
-     TOBN(0x64970b52, 0x27392a92), TOBN(0x21699a1c, 0x2d1535ea),
-     TOBN(0xcd20779c, 0xc2d7a7fd), TOBN(0xe3186059, 0x99c83cf2),
-     TOBN(0x9b69440b, 0x72c0b8c7), TOBN(0xa81497d7, 0x7b9e0e4d),
-     TOBN(0x515d5c89, 0x1f5f82dc), TOBN(0x9a7f67d7, 0x6361079e),
-     TOBN(0xa8da81e3, 0x11a35330), TOBN(0xe44990c4, 0x4b18be1b),
-     TOBN(0xc7d5ed95, 0xaf103e59), TOBN(0xece8aba7, 0x8dac9261),
-     TOBN(0xbe82b099, 0x9394b8d3), TOBN(0x6830f09a, 0x16adfe83),
-     TOBN(0x250a29b4, 0x88172d01), TOBN(0x8b20bd65, 0xcaff9e02),
-     TOBN(0xb8a7661e, 0xe8a6329a), TOBN(0x4520304d, 0xd3fce920),
-     TOBN(0xae45da1f, 0x2b47f7ef), TOBN(0xe07f5288, 0x5bffc540),
-     TOBN(0xf7997009, 0x3464f874), TOBN(0x2244c2cd, 0xa6fa1f38),
-     TOBN(0x43c41ac1, 0x94d7d9b1), TOBN(0x5bafdd82, 0xc82e7f17),
-     TOBN(0xdf0614c1, 0x5fda0fca), TOBN(0x74b043a7, 0xa8ae37ad),
-     TOBN(0x3ba6afa1, 0x9e71734c), TOBN(0x15d5437e, 0x9c450f2e),
-     TOBN(0x4a5883fe, 0x67e242b1), TOBN(0x5143bdc2, 0x2c1953c2),
-     TOBN(0x542b8b53, 0xfc5e8920), TOBN(0x363bf9a8, 0x9a9cee08),
-     TOBN(0x02375f10, 0xc3486e08), TOBN(0x2037543b, 0x8c5e70d2),
-     TOBN(0x7109bccc, 0x625640b4), TOBN(0xcbc1051e, 0x8bc62c3b),
-     TOBN(0xf8455fed, 0x803f26ea), TOBN(0x6badceab, 0xeb372424),
-     TOBN(0xa2a9ce7c, 0x6b53f5f9), TOBN(0x64246595, 0x1b176d99),
-     TOBN(0xb1298d36, 0xb95c081b), TOBN(0x53505bb8, 0x1d9a9ee6),
-     TOBN(0x3f6f9e61, 0xf2ba70b0), TOBN(0xd07e16c9, 0x8afad453),
-     TOBN(0x9f1694bb, 0xe7eb4a6a), TOBN(0xdfebced9, 0x3cb0bc8e),
-     TOBN(0x92d3dcdc, 0x53868c8b), TOBN(0x174311a2, 0x386107a6),
-     TOBN(0x4109e07c, 0x689b4e64), TOBN(0x30e4587f, 0x2df3dcb6),
-     TOBN(0x841aea31, 0x0811b3b2), TOBN(0x6144d41d, 0x0cce43ea),
-     TOBN(0x464c4581, 0x2a9a7803), TOBN(0xd03d371f, 0x3e158930),
-     TOBN(0xc676d7f2, 0xb1f3390b), TOBN(0x9f7a1b8c, 0xa5b61272),
-     TOBN(0x4ebebfc9, 0xc2e127a9), TOBN(0x4602500c, 0x5dd997bf),
-     TOBN(0x7f09771c, 0x4711230f), TOBN(0x058eb37c, 0x020f09c1),
-     TOBN(0xab693d4b, 0xfee5e38b), TOBN(0x9289eb1f, 0x4653cbc0),
-     TOBN(0xbecf46ab, 0xd51b9cf5), TOBN(0xd2aa9c02, 0x9f0121af),
-     TOBN(0x36aaf7d2, 0xe90dc274), TOBN(0x909e4ea0, 0x48b95a3c),
-     TOBN(0xe6b70496, 0x6f32dbdb), TOBN(0x672188a0, 0x8b030b3e),
-     TOBN(0xeeffe5b3, 0xcfb617e2), TOBN(0x87e947de, 0x7c82709e),
-     TOBN(0xa44d2b39, 0x1770f5a7), TOBN(0xe4d4d791, 0x0e44eb82),
-     TOBN(0x42e69d1e, 0x3f69712a), TOBN(0xbf11c4d6, 0xac6a820e),
-     TOBN(0xb5e7f3e5, 0x42c4224c), TOBN(0xd6b4e81c, 0x449d941c),
-     TOBN(0x5d72bd16, 0x5450e878), TOBN(0x6a61e28a, 0xee25ac54),
-     TOBN(0x33272094, 0xe6f1cd95), TOBN(0x7512f30d, 0x0d18673f),
-     TOBN(0x32f7a4ca, 0x5afc1464), TOBN(0x2f095656, 0x6bbb977b),
-     TOBN(0x586f47ca, 0xa8226200), TOBN(0x02c868ad, 0x1ac07369),
-     TOBN(0x4ef2b845, 0xc613acbe), TOBN(0x43d7563e, 0x0386054c),
-     TOBN(0x54da9dc7, 0xab952578), TOBN(0xb5423df2, 0x26e84d0b),
-     TOBN(0xa8b64eeb, 0x9b872042), TOBN(0xac205782, 0x5990f6df),
-     TOBN(0x4ff696eb, 0x21f4c77a), TOBN(0x1a79c3e4, 0xaab273af),
-     TOBN(0x29bc922e, 0x9436b3f1), TOBN(0xff807ef8, 0xd6d9a27a),
-     TOBN(0x82acea3d, 0x778f22a0), TOBN(0xfb10b2e8, 0x5b5e7469),
-     TOBN(0xc0b16980, 0x2818ee7d), TOBN(0x011afff4, 0xc91c1a2f),
-     TOBN(0x95a6d126, 0xad124418), TOBN(0x31c081a5, 0xe72e295f),
-     TOBN(0x36bb283a, 0xf2f4db75), TOBN(0xd115540f, 0x7acef462),
-     TOBN(0xc7f3a8f8, 0x33f6746c), TOBN(0x21e46f65, 0xfea990ca),
-     TOBN(0x915fd5c5, 0xcaddb0a9), TOBN(0xbd41f016, 0x78614555),
-     TOBN(0x346f4434, 0x426ffb58), TOBN(0x80559436, 0x14dbc204),
-     TOBN(0xf3dd20fe, 0x5a969b7f), TOBN(0x9d59e956, 0xe899a39a),
-     TOBN(0xf1b0971c, 0x8ad4cf4b), TOBN(0x03448860, 0x2ffb8fb8),
-     TOBN(0xf071ac3c, 0x65340ba4), TOBN(0x408d0596, 0xb27fd758),
-     TOBN(0xe7c78ea4, 0x98c364b0), TOBN(0xa4aac4a5, 0x051e8ab5),
-     TOBN(0xb9e1d560, 0x485d9002), TOBN(0x9acd518a, 0x88844455),
-     TOBN(0xe4ca688f, 0xd06f56c0), TOBN(0xa48af70d, 0xdf027972),
-     TOBN(0x691f0f04, 0x5e9a609d), TOBN(0xa9dd82cd, 0xee61270e),
-     TOBN(0x8903ca63, 0xa0ef18d3), TOBN(0x9fb7ee35, 0x3d6ca3bd),
-     TOBN(0xa7b4a09c, 0xabf47d03), TOBN(0x4cdada01, 0x1c67de8e),
-     TOBN(0x52003749, 0x9355a244), TOBN(0xe77fd2b6, 0x4f2151a9),
-     TOBN(0x695d6cf6, 0x66b4efcb), TOBN(0xc5a0cacf, 0xda2cfe25),
-     TOBN(0x104efe5c, 0xef811865), TOBN(0xf52813e8, 0x9ea5cc3d),
-     TOBN(0x855683dc, 0x40b58dbc), TOBN(0x0338ecde, 0x175fcb11),
-     TOBN(0xf9a05637, 0x74921592), TOBN(0xb4f1261d, 0xb9bb9d31),
-     TOBN(0x551429b7, 0x4e9c5459), TOBN(0xbe182e6f, 0x6ea71f53),
-     TOBN(0xd3a3b07c, 0xdfc50573), TOBN(0x9ba1afda, 0x62be8d44),
-     TOBN(0x9bcfd2cb, 0x52ab65d3), TOBN(0xdf11d547, 0xa9571802),
-     TOBN(0x099403ee, 0x02a2404a), TOBN(0x497406f4, 0x21088a71),
-     TOBN(0x99479409, 0x5004ae71), TOBN(0xbdb42078, 0xa812c362),
-     TOBN(0x2b72a30f, 0xd8828442), TOBN(0x283add27, 0xfcb5ed1c),
-     TOBN(0xf7c0e200, 0x66a40015), TOBN(0x3e3be641, 0x08b295ef),
-     TOBN(0xac127dc1, 0xe038a675), TOBN(0x729deff3, 0x8c5c6320),
-     TOBN(0xb7df8fd4, 0xa90d2c53), TOBN(0x9b74b0ec, 0x681e7cd3),
-     TOBN(0x5cb5a623, 0xdab407e5), TOBN(0xcdbd3615, 0x76b340c6),
-     TOBN(0xa184415a, 0x7d28392c), TOBN(0xc184c1d8, 0xe96f7830),
-     TOBN(0xc3204f19, 0x81d3a80f), TOBN(0xfde0c841, 0xc8e02432),
-     TOBN(0x78203b3e, 0x8149e0c1), TOBN(0x5904bdbb, 0x08053a73),
-     TOBN(0x30fc1dd1, 0x101b6805), TOBN(0x43c223bc, 0x49aa6d49),
-     TOBN(0x9ed67141, 0x7a174087), TOBN(0x311469a0, 0xd5997008),
-     TOBN(0xb189b684, 0x5e43fc61), TOBN(0xf3282375, 0xe0d3ab57),
-     TOBN(0x4fa34b67, 0xb1181da8), TOBN(0x621ed0b2, 0x99ee52b8),
-     TOBN(0x9b178de1, 0xad990676), TOBN(0xd51de67b, 0x56d54065),
-     TOBN(0x2a2c27c4, 0x7538c201), TOBN(0x33856ec8, 0x38a40f5c),
-     TOBN(0x2522fc15, 0xbe6cdcde), TOBN(0x1e603f33, 0x9f0c6f89),
-     TOBN(0x7994edc3, 0x103e30a6), TOBN(0x033a00db, 0x220c853e),
-     TOBN(0xd3cfa409, 0xf7bb7fd7), TOBN(0x70f8781e, 0x462d18f6),
-     TOBN(0xbbd82980, 0x687fe295), TOBN(0x6eef4c32, 0x595669f3),
-     TOBN(0x86a9303b, 0x2f7e85c3), TOBN(0x5fce4621, 0x71988f9b),
-     TOBN(0x5b935bf6, 0xc138acb5), TOBN(0x30ea7d67, 0x25661212),
-     TOBN(0xef1eb5f4, 0xe51ab9a2), TOBN(0x0587c98a, 0xae067c78),
-     TOBN(0xb3ce1b3c, 0x77ca9ca6), TOBN(0x2a553d4d, 0x54b5f057),
-     TOBN(0xc7898236, 0x4da29ec2), TOBN(0xdbdd5d13, 0xb9c57316),
-     TOBN(0xc57d6e6b, 0x2cd80d47), TOBN(0x80b460cf, 0xfe9e7391),
-     TOBN(0x98648cab, 0xf963c31e), TOBN(0x67f9f633, 0xcc4d32fd),
-     TOBN(0x0af42a9d, 0xfdf7c687), TOBN(0x55f292a3, 0x0b015ea7),
-     TOBN(0x89e468b2, 0xcd21ab3d), TOBN(0xe504f022, 0xc393d392),
-     TOBN(0xab21e1d4, 0xa5013af9), TOBN(0xe3283f78, 0xc2c28acb),
-     TOBN(0xf38b35f6, 0x226bf99f), TOBN(0xe8354274, 0x0e291e69),
-     TOBN(0x61673a15, 0xb20c162d), TOBN(0xc101dc75, 0xb04fbdbe),
-     TOBN(0x8323b4c2, 0x255bd617), TOBN(0x6c969693, 0x6c2a9154),
-     TOBN(0xc6e65860, 0x62679387), TOBN(0x8e01db0c, 0xb8c88e23),
-     TOBN(0x33c42873, 0x893a5559), TOBN(0x7630f04b, 0x47a3e149),
-     TOBN(0xb5d80805, 0xddcf35f8), TOBN(0x582ca080, 0x77dfe732),
-     TOBN(0x2c7156e1, 0x0b1894a0), TOBN(0x92034001, 0xd81c68c0),
-     TOBN(0xed225d00, 0xc8b115b5), TOBN(0x237f9c22, 0x83b907f2),
-     TOBN(0x0ea2f32f, 0x4470e2c0), TOBN(0xb725f7c1, 0x58be4e95),
-     TOBN(0x0f1dcafa, 0xb1ae5463), TOBN(0x59ed5187, 0x1ba2fc04),
-     TOBN(0xf6e0f316, 0xd0115d4d), TOBN(0x5180b12f, 0xd3691599),
-     TOBN(0x157e32c9, 0x527f0a41), TOBN(0x7b0b081d, 0xa8e0ecc0),
-     TOBN(0x6dbaaa8a, 0xbf4f0dd0), TOBN(0x99b289c7, 0x4d252696),
-     TOBN(0x79b7755e, 0xdbf864fe), TOBN(0x6974e2b1, 0x76cad3ab),
-     TOBN(0x35dbbee2, 0x06ddd657), TOBN(0xe7cbdd11, 0x2ff3a96d),
-     TOBN(0x88381968, 0x076be758), TOBN(0x2d737e72, 0x08c91f5d),
-     TOBN(0x5f83ab62, 0x86ec3776), TOBN(0x98aa649d, 0x945fa7a1),
-     TOBN(0xf477ec37, 0x72ef0933), TOBN(0x66f52b1e, 0x098c17b1),
-     TOBN(0x9eec58fb, 0xd803738b), TOBN(0x91aaade7, 0xe4e86aa4),
-     TOBN(0x6b1ae617, 0xa5b51492), TOBN(0x63272121, 0xbbc45974),
-     TOBN(0x7e0e28f0, 0x862c5129), TOBN(0x0a8f79a9, 0x3321a4a0),
-     TOBN(0xe26d1664, 0x5041c88f), TOBN(0x0571b805, 0x53233e3a),
-     TOBN(0xd1b0ccde, 0xc9520711), TOBN(0x55a9e4ed, 0x3c8b84bf),
-     TOBN(0x9426bd39, 0xa1fef314), TOBN(0x4f5f638e, 0x6eb93f2b),
-     TOBN(0xba2a1ed3, 0x2bf9341b), TOBN(0xd63c1321, 0x4d42d5a9),
-     TOBN(0xd2964a89, 0x316dc7c5), TOBN(0xd1759606, 0xca511851),
-     TOBN(0xd8a9201f, 0xf9e6ed35), TOBN(0xb7b5ee45, 0x6736925a),
-     TOBN(0x0a83fbbc, 0x99581af7), TOBN(0x3076bc40, 0x64eeb051),
-     TOBN(0x5511c98c, 0x02dec312), TOBN(0x270de898, 0x238dcb78),
-     TOBN(0x2cf4cf9c, 0x539c08c9), TOBN(0xa70cb65e, 0x38d3b06e),
-     TOBN(0xb12ec10e, 0xcfe57bbd), TOBN(0x82c7b656, 0x35a0c2b5),
-     TOBN(0xddc7d5cd, 0x161c67bd), TOBN(0xe32e8985, 0xae3a32cc),
-     TOBN(0x7aba9444, 0xd11a5529), TOBN(0xe964ed02, 0x2427fa1a),
-     TOBN(0x1528392d, 0x24a1770a), TOBN(0xa152ce2c, 0x12c72fcd),
-     TOBN(0x714553a4, 0x8ec07649), TOBN(0x18b4c290, 0x459dd453),
-     TOBN(0xea32b714, 0x7b64b110), TOBN(0xb871bfa5, 0x2e6f07a2),
-     TOBN(0xb67112e5, 0x9e2e3c9b), TOBN(0xfbf250e5, 0x44aa90f6),
-     TOBN(0xf77aedb8, 0xbd539006), TOBN(0x3b0cdf9a, 0xd172a66f),
-     TOBN(0xedf69fea, 0xf8c51187), TOBN(0x05bb67ec, 0x741e4da7),
-     TOBN(0x47df0f32, 0x08114345), TOBN(0x56facb07, 0xbb9792b1),
-     TOBN(0xf3e007e9, 0x8f6229e4), TOBN(0x62d103f4, 0x526fba0f),
-     TOBN(0x4f33bef7, 0xb0339d79), TOBN(0x9841357b, 0xb59bfec1),
-     TOBN(0xfa8dbb59, 0xc34e6705), TOBN(0xc3c7180b, 0x7fdaa84c),
-     TOBN(0xf95872fc, 0xa4108537), TOBN(0x8750cc3b, 0x932a3e5a),
-     TOBN(0xb61cc69d, 0xb7275d7d), TOBN(0xffa0168b, 0x2e59b2e9),
-     TOBN(0xca032abc, 0x6ecbb493), TOBN(0x1d86dbd3, 0x2c9082d8),
-     TOBN(0xae1e0b67, 0xe28ef5ba), TOBN(0x2c9a4699, 0xcb18e169),
-     TOBN(0x0ecd0e33, 0x1e6bbd20), TOBN(0x571b360e, 0xaf5e81d2),
-     TOBN(0xcd9fea58, 0x101c1d45), TOBN(0x6651788e, 0x18880452),
-     TOBN(0xa9972635, 0x1f8dd446), TOBN(0x44bed022, 0xe37281d0),
-     TOBN(0x094b2b2d, 0x33da525d), TOBN(0xf193678e, 0x13144fd8),
-     TOBN(0xb8ab5ba4, 0xf4c1061d), TOBN(0x4343b5fa, 0xdccbe0f4),
-     TOBN(0xa8702371, 0x63812713), TOBN(0x47bf6d2d, 0xf7611d93),
-     TOBN(0x46729b8c, 0xbd21e1d7), TOBN(0x7484d4e0, 0xd629e77d),
-     TOBN(0x830e6eea, 0x60dbac1f), TOBN(0x23d8c484, 0xda06a2f7),
-     TOBN(0x896714b0, 0x50ca535b), TOBN(0xdc8d3644, 0xebd97a9b),
-     TOBN(0x106ef9fa, 0xb12177b4), TOBN(0xf79bf464, 0x534d5d9c),
-     TOBN(0x2537a349, 0xa6ab360b), TOBN(0xc7c54253, 0xa00c744f),
-     TOBN(0xb3c7a047, 0xe5911a76), TOBN(0x61ffa5c8, 0x647f1ee7),
-     TOBN(0x15aed36f, 0x8f56ab42), TOBN(0x6a0d41b0, 0xa3ff9ac9),
-     TOBN(0x68f469f5, 0xcc30d357), TOBN(0xbe9adf81, 0x6b72be96),
-     TOBN(0x1cd926fe, 0x903ad461), TOBN(0x7e89e38f, 0xcaca441b),
-     TOBN(0xf0f82de5, 0xfacf69d4), TOBN(0x363b7e76, 0x4775344c),
-     TOBN(0x6894f312, 0xb2e36d04), TOBN(0x3c6cb4fe, 0x11d1c9a5),
-     TOBN(0x85d9c339, 0x4008e1f2), TOBN(0x5e9a85ea, 0x249f326c),
-     TOBN(0xdc35c60a, 0x678c5e06), TOBN(0xc08b944f, 0x9f86fba9),
-     TOBN(0xde40c02c, 0x89f71f0f), TOBN(0xad8f3e31, 0xff3da3c0),
-     TOBN(0x3ea5096b, 0x42125ded), TOBN(0x13879cbf, 0xa7379183),
-     TOBN(0x6f4714a5, 0x6b306a0b), TOBN(0x359c2ea6, 0x67646c5e),
-     TOBN(0xfacf8943, 0x07726368), TOBN(0x07a58935, 0x65ff431e),
-     TOBN(0x24d661d1, 0x68754ab0), TOBN(0x801fce1d, 0x6f429a76),
-     TOBN(0xc068a85f, 0xa58ce769), TOBN(0xedc35c54, 0x5d5eca2b),
-     TOBN(0xea31276f, 0xa3f660d1), TOBN(0xa0184ebe, 0xb8fc7167),
-     TOBN(0x0f20f21a, 0x1d8db0ae), TOBN(0xd96d095f, 0x56c35e12),
-     TOBN(0xedf402b5, 0xf8c2a25b), TOBN(0x1bb772b9, 0x059204b6),
-     TOBN(0x50cbeae2, 0x19b4e34c), TOBN(0x93109d80, 0x3fa0845a),
-     TOBN(0x54f7ccf7, 0x8ef59fb5), TOBN(0x3b438fe2, 0x88070963),
-     TOBN(0x9e28c659, 0x31f3ba9b), TOBN(0x9cc31b46, 0xead9da92),
-     TOBN(0x3c2f0ba9, 0xb733aa5f), TOBN(0xdece47cb, 0xf05af235),
-     TOBN(0xf8e3f715, 0xa2ac82a5), TOBN(0xc97ba641, 0x2203f18a),
-     TOBN(0xc3af5504, 0x09c11060), TOBN(0x56ea2c05, 0x46af512d),
-     TOBN(0xfac28daf, 0xf3f28146), TOBN(0x87fab43a, 0x959ef494),}
-    ,
-    {TOBN(0x09891641, 0xd4c5105f), TOBN(0x1ae80f8e, 0x6d7fbd65),
-     TOBN(0x9d67225f, 0xbee6bdb0), TOBN(0x3b433b59, 0x7fc4d860),
-     TOBN(0x44e66db6, 0x93e85638), TOBN(0xf7b59252, 0xe3e9862f),
-     TOBN(0xdb785157, 0x665c32ec), TOBN(0x702fefd7, 0xae362f50),
-     TOBN(0x3754475d, 0x0fefb0c3), TOBN(0xd48fb56b, 0x46d7c35d),
-     TOBN(0xa070b633, 0x363798a4), TOBN(0xae89f3d2, 0x8fdb98e6),
-     TOBN(0x970b89c8, 0x6363d14c), TOBN(0x89817521, 0x67abd27d),
-     TOBN(0x9bf7d474, 0x44d5a021), TOBN(0xb3083baf, 0xcac72aee),
-     TOBN(0x389741de, 0xbe949a44), TOBN(0x638e9388, 0x546a4fa5),
-     TOBN(0x3fe6419c, 0xa0047bdc), TOBN(0x7047f648, 0xaaea57ca),
-     TOBN(0x54e48a90, 0x41fbab17), TOBN(0xda8e0b28, 0x576bdba2),
-     TOBN(0xe807eebc, 0xc72afddc), TOBN(0x07d3336d, 0xf42577bf),
-     TOBN(0x62a8c244, 0xbfe20925), TOBN(0x91c19ac3, 0x8fdce867),
-     TOBN(0x5a96a5d5, 0xdd387063), TOBN(0x61d587d4, 0x21d324f6),
-     TOBN(0xe87673a2, 0xa37173ea), TOBN(0x23848008, 0x53778b65),
-     TOBN(0x10f8441e, 0x05bab43e), TOBN(0xfa11fe12, 0x4621efbe),
-     TOBN(0x047b772e, 0x81685d7b), TOBN(0x23f27d81, 0xbf34a976),
-     TOBN(0xc27608e2, 0x915f48ef), TOBN(0x3b0b43fa, 0xa521d5c3),
-     TOBN(0x7613fb26, 0x63ca7284), TOBN(0x7f5729b4, 0x1d4db837),
-     TOBN(0x87b14898, 0x583b526b), TOBN(0x00b732a6, 0xbbadd3d1),
-     TOBN(0x8e02f426, 0x2048e396), TOBN(0x436b50b6, 0x383d9de4),
-     TOBN(0xf78d3481, 0x471e85ad), TOBN(0x8b01ea6a, 0xd005c8d6),
-     TOBN(0xd3c7afee, 0x97015c07), TOBN(0x46cdf1a9, 0x4e3ba2ae),
-     TOBN(0x7a42e501, 0x83d3a1d2), TOBN(0xd54b5268, 0xb541dff4),
-     TOBN(0x3f24cf30, 0x4e23e9bc), TOBN(0x4387f816, 0x126e3624),
-     TOBN(0x26a46a03, 0x3b0b6d61), TOBN(0xaf1bc845, 0x8b2d777c),
-     TOBN(0x25c401ba, 0x527de79c), TOBN(0x0e1346d4, 0x4261bbb6),
-     TOBN(0x4b96c44b, 0x287b4bc7), TOBN(0x658493c7, 0x5254562f),
-     TOBN(0x23f949fe, 0xb8a24a20), TOBN(0x17ebfed1, 0xf52ca53f),
-     TOBN(0x9b691bbe, 0xbcfb4853), TOBN(0x5617ff6b, 0x6278a05d),
-     TOBN(0x241b34c5, 0xe3c99ebd), TOBN(0xfc64242e, 0x1784156a),
-     TOBN(0x4206482f, 0x695d67df), TOBN(0xb967ce0e, 0xee27c011),
-     TOBN(0x65db3751, 0x21c80b5d), TOBN(0x2e7a563c, 0xa31ecca0),
-     TOBN(0xe56ffc4e, 0x5238a07e), TOBN(0x3d6c2966, 0x32ced854),
-     TOBN(0xe99d7d1a, 0xaf70b885), TOBN(0xafc3bad9, 0x2d686459),
-     TOBN(0x9c78bf46, 0x0cc8ba5b), TOBN(0x5a439519, 0x18955aa3),
-     TOBN(0xf8b517a8, 0x5fe4e314), TOBN(0xe60234d0, 0xfcb8906f),
-     TOBN(0xffe542ac, 0xf2061b23), TOBN(0x287e191f, 0x6b4cb59c),
-     TOBN(0x21857ddc, 0x09d877d8), TOBN(0x1c23478c, 0x14678941),
-     TOBN(0xbbf0c056, 0xb6e05ea4), TOBN(0x82da4b53, 0xb01594fe),
-     TOBN(0xf7526791, 0xfadb8608), TOBN(0x049e832d, 0x7b74cdf6),
-     TOBN(0xa43581cc, 0xc2b90a34), TOBN(0x73639eb8, 0x9360b10c),
-     TOBN(0x4fba331f, 0xe1e4a71b), TOBN(0x6ffd6b93, 0x8072f919),
-     TOBN(0x6e53271c, 0x65679032), TOBN(0x67206444, 0xf14272ce),
-     TOBN(0xc0f734a3, 0xb2335834), TOBN(0x9526205a, 0x90ef6860),
-     TOBN(0xcb8be717, 0x04e2bb0d), TOBN(0x2418871e, 0x02f383fa),
-     TOBN(0xd7177681, 0x4082c157), TOBN(0xcc914ad0, 0x29c20073),
-     TOBN(0xf186c1eb, 0xe587e728), TOBN(0x6fdb3c22, 0x61bcd5fd),
-     TOBN(0x30d014a6, 0xf2f9f8e9), TOBN(0x963ece23, 0x4fec49d2),
-     TOBN(0x862025c5, 0x9605a8d9), TOBN(0x39874445, 0x19f8929a),
-     TOBN(0x01b6ff65, 0x12bf476a), TOBN(0x598a64d8, 0x09cf7d91),
-     TOBN(0xd7ec7749, 0x93be56ca), TOBN(0x10899785, 0xcbb33615),
-     TOBN(0xb8a092fd, 0x02eee3ad), TOBN(0xa86b3d35, 0x30145270),
-     TOBN(0x323d98c6, 0x8512b675), TOBN(0x4b8bc785, 0x62ebb40f),
-     TOBN(0x7d301f54, 0x413f9cde), TOBN(0xa5e4fb4f, 0x2bab5664),
-     TOBN(0x1d2b252d, 0x1cbfec23), TOBN(0xfcd576bb, 0xe177120d),
-     TOBN(0x04427d3e, 0x83731a34), TOBN(0x2bb9028e, 0xed836e8e),
-     TOBN(0xb36acff8, 0xb612ca7c), TOBN(0xb88fe5ef, 0xd3d9c73a),
-     TOBN(0xbe2a6bc6, 0xedea4eb3), TOBN(0x43b93133, 0x488eec77),
-     TOBN(0xf41ff566, 0xb17106e1), TOBN(0x469e9172, 0x654efa32),
-     TOBN(0xb4480f04, 0x41c23fa3), TOBN(0xb4712eb0, 0xc1989a2e),
-     TOBN(0x3ccbba0f, 0x93a29ca7), TOBN(0x6e205c14, 0xd619428c),
-     TOBN(0x90db7957, 0xb3641686), TOBN(0x0432691d, 0x45ac8b4e),
-     TOBN(0x07a759ac, 0xf64e0350), TOBN(0x0514d89c, 0x9c972517),
-     TOBN(0x1701147f, 0xa8e67fc3), TOBN(0x9e2e0b8b, 0xab2085be),
-     TOBN(0xd5651824, 0xac284e57), TOBN(0x890d4325, 0x74893664),
-     TOBN(0x8a7c5e6e, 0xc55e68a3), TOBN(0xbf12e90b, 0x4339c85a),
-     TOBN(0x31846b85, 0xf922b655), TOBN(0x9a54ce4d, 0x0bf4d700),
-     TOBN(0xd7f4e83a, 0xf1a14295), TOBN(0x916f955c, 0xb285d4f9),
-     TOBN(0xe57bb0e0, 0x99ffdaba), TOBN(0x28a43034, 0xeab0d152),
-     TOBN(0x0a36ffa2, 0xb8a9cef8), TOBN(0x5517407e, 0xb9ec051a),
-     TOBN(0x9c796096, 0xea68e672), TOBN(0x853db5fb, 0xfb3c77fb),
-     TOBN(0x21474ba9, 0xe864a51a), TOBN(0x6c267699, 0x6e8a1b8b),
-     TOBN(0x7c823626, 0x94120a28), TOBN(0xe61e9a48, 0x8383a5db),
-     TOBN(0x7dd75003, 0x9f84216d), TOBN(0xab020d07, 0xad43cd85),
-     TOBN(0x9437ae48, 0xda12c659), TOBN(0x6449c2eb, 0xe65452ad),
-     TOBN(0xcc7c4c1c, 0x2cf9d7c1), TOBN(0x1320886a, 0xee95e5ab),
-     TOBN(0xbb7b9056, 0xbeae170c), TOBN(0xc8a5b250, 0xdbc0d662),
-     TOBN(0x4ed81432, 0xc11d2303), TOBN(0x7da66912, 0x1f03769f),
-     TOBN(0x3ac7a5fd, 0x84539828), TOBN(0x14dada94, 0x3bccdd02),
-     TOBN(0x8b84c321, 0x7ef6b0d1), TOBN(0x52a9477a, 0x7c933f22),
-     TOBN(0x5ef6728a, 0xfd440b82), TOBN(0x5c3bd859, 0x6ce4bd5e),
-     TOBN(0x918b80f5, 0xf22c2d3e), TOBN(0x368d5040, 0xb7bb6cc5),
-     TOBN(0xb66142a1, 0x2695a11c), TOBN(0x60ac583a, 0xeb19ea70),
-     TOBN(0x317cbb98, 0x0eab2437), TOBN(0x8cc08c55, 0x5e2654c8),
-     TOBN(0xfe2d6520, 0xe6d8307f), TOBN(0xe9f147f3, 0x57428993),
-     TOBN(0x5f9c7d14, 0xd2fd6cf1), TOBN(0xa3ecd064, 0x2d4fcbb0),
-     TOBN(0xad83fef0, 0x8e7341f7), TOBN(0x643f23a0, 0x3a63115c),
-     TOBN(0xd38a78ab, 0xe65ab743), TOBN(0xbf7c75b1, 0x35edc89c),
-     TOBN(0x3dd8752e, 0x530df568), TOBN(0xf85c4a76, 0xe308c682),
-     TOBN(0x4c9955b2, 0xe68acf37), TOBN(0xa544df3d, 0xab32af85),
-     TOBN(0x4b8ec3f5, 0xa25cf493), TOBN(0x4d8f2764, 0x1a622feb),
-     TOBN(0x7bb4f7aa, 0xf0dcbc49), TOBN(0x7de551f9, 0x70bbb45b),
-     TOBN(0xcfd0f3e4, 0x9f2ca2e5), TOBN(0xece58709, 0x1f5c76ef),
-     TOBN(0x32920edd, 0x167d79ae), TOBN(0x039df8a2, 0xfa7d7ec1),
-     TOBN(0xf46206c0, 0xbb30af91), TOBN(0x1ff5e2f5, 0x22676b59),
-     TOBN(0x11f4a039, 0x6ea51d66), TOBN(0x506c1445, 0x807d7a26),
-     TOBN(0x60da5705, 0x755a9b24), TOBN(0x8fc8cc32, 0x1f1a319e),
-     TOBN(0x83642d4d, 0x9433d67d), TOBN(0x7fa5cb8f, 0x6a7dd296),
-     TOBN(0x576591db, 0x9b7bde07), TOBN(0x13173d25, 0x419716fb),
-     TOBN(0xea30599d, 0xd5b340ff), TOBN(0xfc6b5297, 0xb0fe76c5),
-     TOBN(0x1c6968c8, 0xab8f5adc), TOBN(0xf723c7f5, 0x901c928d),
-     TOBN(0x4203c321, 0x9773d402), TOBN(0xdf7c6aa3, 0x1b51dd47),
-     TOBN(0x3d49e37a, 0x552be23c), TOBN(0x57febee8, 0x0b5a6e87),
-     TOBN(0xc5ecbee4, 0x7bd8e739), TOBN(0x79d44994, 0xae63bf75),
-     TOBN(0x168bd00f, 0x38fb8923), TOBN(0x75d48ee4, 0xd0533130),
-     TOBN(0x554f77aa, 0xdb5cdf33), TOBN(0x3396e896, 0x3c696769),
-     TOBN(0x2fdddbf2, 0xd3fd674e), TOBN(0xbbb8f6ee, 0x99d0e3e5),
-     TOBN(0x51b90651, 0xcbae2f70), TOBN(0xefc4bc05, 0x93aaa8eb),
-     TOBN(0x8ecd8689, 0xdd1df499), TOBN(0x1aee99a8, 0x22f367a5),
-     TOBN(0x95d485b9, 0xae8274c5), TOBN(0x6c14d445, 0x7d30b39c),
-     TOBN(0xbafea90b, 0xbcc1ef81), TOBN(0x7c5f317a, 0xa459a2ed),
-     TOBN(0x01211075, 0x4ef44227), TOBN(0xa17bed6e, 0xdc20f496),
-     TOBN(0x0cdfe424, 0x819853cd), TOBN(0x13793298, 0xf71e2ce7),
-     TOBN(0x3c1f3078, 0xdbbe307b), TOBN(0x6dd1c20e, 0x76ee9936),
-     TOBN(0x23ee4b57, 0x423caa20), TOBN(0x4ac3793b, 0x8efb840e),
-     TOBN(0x934438eb, 0xed1f8ca0), TOBN(0x3e546658, 0x4ebb25a2),
-     TOBN(0xc415af0e, 0xc069896f), TOBN(0xc13eddb0, 0x9a5aa43d),
-     TOBN(0x7a04204f, 0xd49eb8f6), TOBN(0xd0d5bdfc, 0xd74f1670),
-     TOBN(0x3697e286, 0x56fc0558), TOBN(0x10207371, 0x01cebade),
-     TOBN(0x5f87e690, 0x0647a82b), TOBN(0x908e0ed4, 0x8f40054f),
-     TOBN(0xa9f633d4, 0x79853803), TOBN(0x8ed13c9a, 0x4a28b252),
-     TOBN(0x3e2ef676, 0x1f460f64), TOBN(0x53930b9b, 0x36d06336),
-     TOBN(0x347073ac, 0x8fc4979b), TOBN(0x84380e0e, 0x5ecd5597),
-     TOBN(0xe3b22c6b, 0xc4fe3c39), TOBN(0xba4a8153, 0x6c7bebdf),
-     TOBN(0xf23ab6b7, 0x25693459), TOBN(0x53bc3770, 0x14922b11),
-     TOBN(0x4645c8ab, 0x5afc60db), TOBN(0xaa022355, 0x20b9f2a3),
-     TOBN(0x52a2954c, 0xce0fc507), TOBN(0x8c2731bb, 0x7ce1c2e7),
-     TOBN(0xf39608ab, 0x18a0339d), TOBN(0xac7a658d, 0x3735436c),
-     TOBN(0xb22c2b07, 0xcd992b4f), TOBN(0x4e83daec, 0xf40dcfd4),
-     TOBN(0x8a34c7be, 0x2f39ea3e), TOBN(0xef0c005f, 0xb0a56d2e),
-     TOBN(0x62731f6a, 0x6edd8038), TOBN(0x5721d740, 0x4e3cb075),
-     TOBN(0x1ea41511, 0xfbeeee1b), TOBN(0xd1ef5e73, 0xef1d0c05),
-     TOBN(0x42feefd1, 0x73c07d35), TOBN(0xe530a00a, 0x8a329493),
-     TOBN(0x5d55b7fe, 0xf15ebfb0), TOBN(0x549de03c, 0xd322491a),
-     TOBN(0xf7b5f602, 0x745b3237), TOBN(0x3632a3a2, 0x1ab6e2b6),
-     TOBN(0x0d3bba89, 0x0ef59f78), TOBN(0x0dfc6443, 0xc9e52b9a),
-     TOBN(0x1dc79699, 0x72631447), TOBN(0xef033917, 0xb3be20b1),
-     TOBN(0x0c92735d, 0xb1383948), TOBN(0xc1fc29a2, 0xc0dd7d7d),
-     TOBN(0x6485b697, 0x403ed068), TOBN(0x13bfaab3, 0xaac93bdc),
-     TOBN(0x410dc6a9, 0x0deeaf52), TOBN(0xb003fb02, 0x4c641c15),
-     TOBN(0x1384978c, 0x5bc504c4), TOBN(0x37640487, 0x864a6a77),
-     TOBN(0x05991bc6, 0x222a77da), TOBN(0x62260a57, 0x5e47eb11),
-     TOBN(0xc7af6613, 0xf21b432c), TOBN(0x22f3acc9, 0xab4953e9),
-     TOBN(0x52934922, 0x8e41d155), TOBN(0x4d024568, 0x3ac059ef),
-     TOBN(0xb0201755, 0x4d884411), TOBN(0xce8055cf, 0xa59a178f),
-     TOBN(0xcd77d1af, 0xf6204549), TOBN(0xa0a00a3e, 0xc7066759),
-     TOBN(0x471071ef, 0x0272c229), TOBN(0x009bcf6b, 0xd3c4b6b0),
-     TOBN(0x2a2638a8, 0x22305177), TOBN(0xd51d59df, 0x41645bbf),
-     TOBN(0xa81142fd, 0xc0a7a3c0), TOBN(0xa17eca6d, 0x4c7063ee),
-     TOBN(0x0bb887ed, 0x60d9dcec), TOBN(0xd6d28e51, 0x20ad2455),
-     TOBN(0xebed6308, 0xa67102ba), TOBN(0x042c3114, 0x8bffa408),
-     TOBN(0xfd099ac5, 0x8aa68e30), TOBN(0x7a6a3d7c, 0x1483513e),
-     TOBN(0xffcc6b75, 0xba2d8f0c), TOBN(0x54dacf96, 0x1e78b954),
-     TOBN(0xf645696f, 0xa4a9af89), TOBN(0x3a411940, 0x06ac98ec),
-     TOBN(0x41b8b3f6, 0x22a67a20), TOBN(0x2d0b1e0f, 0x99dec626),
-     TOBN(0x27c89192, 0x40be34e8), TOBN(0xc7162b37, 0x91907f35),
-     TOBN(0x90188ec1, 0xa956702b), TOBN(0xca132f7d, 0xdf93769c),
-     TOBN(0x3ece44f9, 0x0e2025b4), TOBN(0x67aaec69, 0x0c62f14c),
-     TOBN(0xad741418, 0x22e3cc11), TOBN(0xcf9b75c3, 0x7ff9a50e),
-     TOBN(0x02fa2b16, 0x4d348272), TOBN(0xbd99d61a, 0x9959d56d),
-     TOBN(0xbc4f19db, 0x18762916), TOBN(0xcc7cce50, 0x49c1ac80),
-     TOBN(0x4d59ebaa, 0xd846bd83), TOBN(0x8775a9dc, 0xa9202849),
-     TOBN(0x07ec4ae1, 0x6e1f4ca9), TOBN(0x27eb5875, 0xba893f11),
-     TOBN(0x00284d51, 0x662cc565), TOBN(0x82353a6b, 0x0db4138d),
-     TOBN(0xd9c7aaaa, 0xaa32a594), TOBN(0xf5528b5e, 0xa5669c47),
-     TOBN(0xf3220231, 0x2f23c5ff), TOBN(0xe3e8147a, 0x6affa3a1),
-     TOBN(0xfb423d5c, 0x202ddda0), TOBN(0x3d6414ac, 0x6b871bd4),
-     TOBN(0x586f82e1, 0xa51a168a), TOBN(0xb712c671, 0x48ae5448),
-     TOBN(0x9a2e4bd1, 0x76233eb8), TOBN(0x0188223a, 0x78811ca9),
-     TOBN(0x553c5e21, 0xf7c18de1), TOBN(0x7682e451, 0xb27bb286),
-     TOBN(0x3ed036b3, 0x0e51e929), TOBN(0xf487211b, 0xec9cb34f),
-     TOBN(0x0d094277, 0x0c24efc8), TOBN(0x0349fd04, 0xbef737a4),
-     TOBN(0x6d1c9dd2, 0x514cdd28), TOBN(0x29c135ff, 0x30da9521),
-     TOBN(0xea6e4508, 0xf78b0b6f), TOBN(0x176f5dd2, 0x678c143c),
-     TOBN(0x08148418, 0x4be21e65), TOBN(0x27f7525c, 0xe7df38c4),
-     TOBN(0x1fb70e09, 0x748ab1a4), TOBN(0x9cba50a0, 0x5efe4433),
-     TOBN(0x7846c7a6, 0x15f75af2), TOBN(0x2a7c2c57, 0x5ee73ea8),
-     TOBN(0x42e566a4, 0x3f0a449a), TOBN(0x45474c3b, 0xad90fc3d),
-     TOBN(0x7447be3d, 0x8b61d057), TOBN(0x3e9d1cf1, 0x3a4ec092),
-     TOBN(0x1603e453, 0xf380a6e6), TOBN(0x0b86e431, 0x9b1437c2),
-     TOBN(0x7a4173f2, 0xef29610a), TOBN(0x8fa729a7, 0xf03d57f7),
-     TOBN(0x3e186f6e, 0x6c9c217e), TOBN(0xbe1d3079, 0x91919524),
-     TOBN(0x92a62a70, 0x153d4fb1), TOBN(0x32ed3e34, 0xd68c2f71),
-     TOBN(0xd785027f, 0x9eb1a8b7), TOBN(0xbc37eb77, 0xc5b22fe8),
-     TOBN(0x466b34f0, 0xb9d6a191), TOBN(0x008a89af, 0x9a05f816),
-     TOBN(0x19b028fb, 0x7d42c10a), TOBN(0x7fe8c92f, 0x49b3f6b8),
-     TOBN(0x58907cc0, 0xa5a0ade3), TOBN(0xb3154f51, 0x559d1a7c),
-     TOBN(0x5066efb6, 0xd9790ed6), TOBN(0xa77a0cbc, 0xa6aa793b),
-     TOBN(0x1a915f3c, 0x223e042e), TOBN(0x1c5def04, 0x69c5874b),
-     TOBN(0x0e830078, 0x73b6c1da), TOBN(0x55cf85d2, 0xfcd8557a),
-     TOBN(0x0f7c7c76, 0x0460f3b1), TOBN(0x87052acb, 0x46e58063),
-     TOBN(0x09212b80, 0x907eae66), TOBN(0x3cb068e0, 0x4d721c89),
-     TOBN(0xa87941ae, 0xdd45ac1c), TOBN(0xde8d5c0d, 0x0daa0dbb),
-     TOBN(0xda421fdc, 0xe3502e6e), TOBN(0xc8944201, 0x4d89a084),
-     TOBN(0x7307ba5e, 0xf0c24bfb), TOBN(0xda212beb, 0x20bde0ef),
-     TOBN(0xea2da24b, 0xf82ce682), TOBN(0x058d3816, 0x07f71fe4),
-     TOBN(0x35a02462, 0x5ffad8de), TOBN(0xcd7b05dc, 0xaadcefab),
-     TOBN(0xd442f8ed, 0x1d9f54ec), TOBN(0x8be3d618, 0xb2d3b5ca),
-     TOBN(0xe2220ed0, 0xe06b2ce2), TOBN(0x82699a5f, 0x1b0da4c0),
-     TOBN(0x3ff106f5, 0x71c0c3a7), TOBN(0x8f580f5a, 0x0d34180c),
-     TOBN(0x4ebb120e, 0x22d7d375), TOBN(0x5e5782cc, 0xe9513675),
-     TOBN(0x2275580c, 0x99c82a70), TOBN(0xe8359fbf, 0x15ea8c4c),
-     TOBN(0x53b48db8, 0x7b415e70), TOBN(0xaacf2240, 0x100c6014),
-     TOBN(0x9faaccf5, 0xe4652f1d), TOBN(0xbd6fdd2a, 0xd56157b2),
-     TOBN(0xa4f4fb1f, 0x6261ec50), TOBN(0x244e55ad, 0x476bcd52),
-     TOBN(0x881c9305, 0x047d320b), TOBN(0x1ca983d5, 0x6181263f),
-     TOBN(0x354e9a44, 0x278fb8ee), TOBN(0xad2dbc0f, 0x396e4964),
-     TOBN(0x723f3aa2, 0x9268b3de), TOBN(0x0d1ca29a, 0xe6e0609a),
-     TOBN(0x794866aa, 0x6cf44252), TOBN(0x0b59f3e3, 0x01af87ed),
-     TOBN(0xe234e5ff, 0x7f4a6c51), TOBN(0xa8768fd2, 0x61dc2f7e),
-     TOBN(0xdafc7332, 0x0a94d81f), TOBN(0xd7f84282, 0x06938ce1),
-     TOBN(0xae0b3c0e, 0x0546063e), TOBN(0x7fbadcb2, 0x5d61abc6),
-     TOBN(0xd5d7a2c9, 0x369ac400), TOBN(0xa5978d09, 0xae67d10c),
-     TOBN(0x290f211e, 0x4f85eaac), TOBN(0xe61e2ad1, 0xfacac681),
-     TOBN(0xae125225, 0x388384cd), TOBN(0xa7fb68e9, 0xccfde30f),
-     TOBN(0x7a59b936, 0x3daed4c2), TOBN(0x80a9aa40, 0x2606f789),
-     TOBN(0xb40c1ea5, 0xf6a6d90a), TOBN(0x948364d3, 0x514d5885),
-     TOBN(0x062ebc60, 0x70985182), TOBN(0xa6db5b0e, 0x33310895),
-     TOBN(0x64a12175, 0xe329c2f5), TOBN(0xc5f25bd2, 0x90ea237e),
-     TOBN(0x7915c524, 0x2d0a4c23), TOBN(0xeb5d26e4, 0x6bb3cc52),
-     TOBN(0x369a9116, 0xc09e2c92), TOBN(0x0c527f92, 0xcf182cf8),
-     TOBN(0x9e591938, 0x2aede0ac), TOBN(0xb2922208, 0x6cc34939),
-     TOBN(0x3c9d8962, 0x99a34361), TOBN(0x3c81836d, 0xc1905fe6),
-     TOBN(0x4bfeb57f, 0xa001ec5a), TOBN(0xe993f5bb, 0xa0dc5dba),
-     TOBN(0x47884109, 0x724a1380), TOBN(0x8a0369ab, 0x32fe9a04),
-     TOBN(0xea068d60, 0x8c927db8), TOBN(0xbf5f37cf, 0x94655741),
-     TOBN(0x47d402a2, 0x04b6c7ea), TOBN(0x4551c295, 0x6af259cb),
-     TOBN(0x698b71e7, 0xed77ee8b), TOBN(0xbddf7bd0, 0xf309d5c7),
-     TOBN(0x6201c22c, 0x34e780ca), TOBN(0xab04f7d8, 0x4c295ef4),
-     TOBN(0x1c947294, 0x4313a8ce), TOBN(0xe532e4ac, 0x92ca4cfe),
-     TOBN(0x89738f80, 0xd0a7a97a), TOBN(0xec088c88, 0xa580fd5b),
-     TOBN(0x612b1ecc, 0x42ce9e51), TOBN(0x8f9840fd, 0xb25fdd2a),
-     TOBN(0x3cda78c0, 0x01e7f839), TOBN(0x546b3d3a, 0xece05480),
-     TOBN(0x271719a9, 0x80d30916), TOBN(0x45497107, 0x584c20c4),
-     TOBN(0xaf8f9478, 0x5bc78608), TOBN(0x28c7d484, 0x277e2a4c),
-     TOBN(0xfce01767, 0x88a2ffe4), TOBN(0xdc506a35, 0x28e169a5),
-     TOBN(0x0ea10861, 0x7af9c93a), TOBN(0x1ed24361, 0x03fa0e08),
-     TOBN(0x96eaaa92, 0xa3d694e7), TOBN(0xc0f43b4d, 0xef50bc74),
-     TOBN(0xce6aa58c, 0x64114db4), TOBN(0x8218e8ea, 0x7c000fd4),
-     TOBN(0xac815dfb, 0x185f8844), TOBN(0xcd7e90cb, 0x1557abfb),
-     TOBN(0x23d16655, 0xafbfecdf), TOBN(0x80f3271f, 0x085cac4a),
-     TOBN(0x7fc39aa7, 0xd0e62f47), TOBN(0x88d519d1, 0x460a48e5),
-     TOBN(0x59559ac4, 0xd28f101e), TOBN(0x7981d9e9, 0xca9ae816),
-     TOBN(0x5c38652c, 0x9ac38203), TOBN(0x86eaf87f, 0x57657fe5),
-     TOBN(0x568fc472, 0xe21f5416), TOBN(0x2afff39c, 0xe7e597b5),
-     TOBN(0x3adbbb07, 0x256d4eab), TOBN(0x22598692, 0x8285ab89),
-     TOBN(0x35f8112a, 0x041caefe), TOBN(0x95df02e3, 0xa5064c8b),
-     TOBN(0x4d63356e, 0xc7004bf3), TOBN(0x230a08f4, 0xdb83c7de),
-     TOBN(0xca27b270, 0x8709a7b7), TOBN(0x0d1c4cc4, 0xcb9abd2d),
-     TOBN(0x8a0bc66e, 0x7550fee8), TOBN(0x369cd4c7, 0x9cf7247e),
-     TOBN(0x75562e84, 0x92b5b7e7), TOBN(0x8fed0da0, 0x5802af7b),
-     TOBN(0x6a7091c2, 0xe48fb889), TOBN(0x26882c13, 0x7b8a9d06),
-     TOBN(0xa2498663, 0x1b82a0e2), TOBN(0x844ed736, 0x3518152d),
-     TOBN(0x282f476f, 0xd86e27c7), TOBN(0xa04edaca, 0x04afefdc),
-     TOBN(0x8b256ebc, 0x6119e34d), TOBN(0x56a413e9, 0x0787d78b),}
-    ,
-    {TOBN(0x82ee061d, 0x5a74be50), TOBN(0xe41781c4, 0xdea16ff5),
-     TOBN(0xe0b0c81e, 0x99bfc8a2), TOBN(0x624f4d69, 0x0b547e2d),
-     TOBN(0x3a83545d, 0xbdcc9ae4), TOBN(0x2573dbb6, 0x409b1e8e),
-     TOBN(0x482960c4, 0xa6c93539), TOBN(0xf01059ad, 0x5ae18798),
-     TOBN(0x715c9f97, 0x3112795f), TOBN(0xe8244437, 0x984e6ee1),
-     TOBN(0x55cb4858, 0xecb66bcd), TOBN(0x7c136735, 0xabaffbee),
-     TOBN(0x54661595, 0x5dbec38e), TOBN(0x51c0782c, 0x388ad153),
-     TOBN(0x9ba4c53a, 0xc6e0952f), TOBN(0x27e6782a, 0x1b21dfa8),
-     TOBN(0x682f903d, 0x4ed2dbc2), TOBN(0x0eba59c8, 0x7c3b2d83),
-     TOBN(0x8e9dc84d, 0x9c7e9335), TOBN(0x5f9b21b0, 0x0eb226d7),
-     TOBN(0xe33bd394, 0xaf267bae), TOBN(0xaa86cc25, 0xbe2e15ae),
-     TOBN(0x4f0bf67d, 0x6a8ec500), TOBN(0x5846aa44, 0xf9630658),
-     TOBN(0xfeb09740, 0xe2c2bf15), TOBN(0x627a2205, 0xa9e99704),
-     TOBN(0xec8d73d0, 0xc2fbc565), TOBN(0x223eed8f, 0xc20c8de8),
-     TOBN(0x1ee32583, 0xa8363b49), TOBN(0x1a0b6cb9, 0xc9c2b0a6),
-     TOBN(0x49f7c3d2, 0x90dbc85c), TOBN(0xa8dfbb97, 0x1ef4c1ac),
-     TOBN(0xafb34d4c, 0x65c7c2ab), TOBN(0x1d4610e7, 0xe2c5ea84),
-     TOBN(0x893f6d1b, 0x973c4ab5), TOBN(0xa3cdd7e9, 0x945ba5c4),
-     TOBN(0x60514983, 0x064417ee), TOBN(0x1459b23c, 0xad6bdf2b),
-     TOBN(0x23b2c341, 0x5cf726c3), TOBN(0x3a829635, 0x32d6354a),
-     TOBN(0x294f901f, 0xab192c18), TOBN(0xec5fcbfe, 0x7030164f),
-     TOBN(0xe2e2fcb7, 0xe2246ba6), TOBN(0x1e7c88b3, 0x221a1a0c),
-     TOBN(0x72c7dd93, 0xc92d88c5), TOBN(0x41c2148e, 0x1106fb59),
-     TOBN(0x547dd4f5, 0xa0f60f14), TOBN(0xed9b52b2, 0x63960f31),
-     TOBN(0x6c8349eb, 0xb0a5b358), TOBN(0xb154c5c2, 0x9e7e2ed6),
-     TOBN(0xcad5eccf, 0xeda462db), TOBN(0xf2d6dbe4, 0x2de66b69),
-     TOBN(0x426aedf3, 0x8665e5b2), TOBN(0x488a8513, 0x7b7f5723),
-     TOBN(0x15cc43b3, 0x8bcbb386), TOBN(0x27ad0af3, 0xd791d879),
-     TOBN(0xc16c236e, 0x846e364f), TOBN(0x7f33527c, 0xdea50ca0),
-     TOBN(0xc4810775, 0x0926b86d), TOBN(0x6c2a3609, 0x0598e70c),
-     TOBN(0xa6755e52, 0xf024e924), TOBN(0xe0fa07a4, 0x9db4afca),
-     TOBN(0x15c3ce7d, 0x66831790), TOBN(0x5b4ef350, 0xa6cbb0d6),
-     TOBN(0x2c4aafc4, 0xb6205969), TOBN(0x42563f02, 0xf6c7854f),
-     TOBN(0x016aced5, 0x1d983b48), TOBN(0xfeb356d8, 0x99949755),
-     TOBN(0x8c2a2c81, 0xd1a39bd7), TOBN(0x8f44340f, 0xe6934ae9),
-     TOBN(0x148cf91c, 0x447904da), TOBN(0x7340185f, 0x0f51a926),
-     TOBN(0x2f8f00fb, 0x7409ab46), TOBN(0x057e78e6, 0x80e289b2),
-     TOBN(0x03e5022c, 0xa888e5d1), TOBN(0x3c87111a, 0x9dede4e2),
-     TOBN(0x5b9b0e1c, 0x7809460b), TOBN(0xe751c852, 0x71c9abc7),
-     TOBN(0x8b944e28, 0xc7cc1dc9), TOBN(0x4f201ffa, 0x1d3cfa08),
-     TOBN(0x02fc905c, 0x3e6721ce), TOBN(0xd52d70da, 0xd0b3674c),
-     TOBN(0x5dc2e5ca, 0x18810da4), TOBN(0xa984b273, 0x5c69dd99),
-     TOBN(0x63b92527, 0x84de5ca4), TOBN(0x2f1c9872, 0xc852dec4),
-     TOBN(0x18b03593, 0xc2e3de09), TOBN(0x19d70b01, 0x9813dc2f),
-     TOBN(0x42806b2d, 0xa6dc1d29), TOBN(0xd3030009, 0xf871e144),
-     TOBN(0xa1feb333, 0xaaf49276), TOBN(0xb5583b9e, 0xc70bc04b),
-     TOBN(0x1db0be78, 0x95695f20), TOBN(0xfc841811, 0x89d012b5),
-     TOBN(0x6409f272, 0x05f61643), TOBN(0x40d34174, 0xd5883128),
-     TOBN(0xd79196f5, 0x67419833), TOBN(0x6059e252, 0x863b7b08),
-     TOBN(0x84da1817, 0x1c56700c), TOBN(0x5758ee56, 0xb28d3ec4),
-     TOBN(0x7da2771d, 0x013b0ea6), TOBN(0xfddf524b, 0x54c5e9b9),
-     TOBN(0x7df4faf8, 0x24305d80), TOBN(0x58f5c1bf, 0x3a97763f),
-     TOBN(0xa5af37f1, 0x7c696042), TOBN(0xd4cba22c, 0x4a2538de),
-     TOBN(0x211cb995, 0x9ea42600), TOBN(0xcd105f41, 0x7b069889),
-     TOBN(0xb1e1cf19, 0xddb81e74), TOBN(0x472f2d89, 0x5157b8ca),
-     TOBN(0x086fb008, 0xee9db885), TOBN(0x365cd570, 0x0f26d131),
-     TOBN(0x284b02bb, 0xa2be7053), TOBN(0xdcbbf7c6, 0x7ab9a6d6),
-     TOBN(0x4425559c, 0x20f7a530), TOBN(0x961f2dfa, 0x188767c8),
-     TOBN(0xe2fd9435, 0x70dc80c4), TOBN(0x104d6b63, 0xf0784120),
-     TOBN(0x7f592bc1, 0x53567122), TOBN(0xf6bc1246, 0xf688ad77),
-     TOBN(0x05214c05, 0x0f15dde9), TOBN(0xa47a76a8, 0x0d5f2b82),
-     TOBN(0xbb254d30, 0x62e82b62), TOBN(0x11a05fe0, 0x3ec955ee),
-     TOBN(0x7eaff46e, 0x9d529b36), TOBN(0x55ab1301, 0x8f9e3df6),
-     TOBN(0xc463e371, 0x99317698), TOBN(0xfd251438, 0xccda47ad),
-     TOBN(0xca9c3547, 0x23d695ea), TOBN(0x48ce626e, 0x16e589b5),
-     TOBN(0x6b5b64c7, 0xb187d086), TOBN(0xd02e1794, 0xb2207948),
-     TOBN(0x8b58e98f, 0x7198111d), TOBN(0x90ca6305, 0xdcf9c3cc),
-     TOBN(0x5691fe72, 0xf34089b0), TOBN(0x60941af1, 0xfc7c80ff),
-     TOBN(0xa09bc0a2, 0x22eb51e5), TOBN(0xc0bb7244, 0xaa9cf09a),
-     TOBN(0x36a8077f, 0x80159f06), TOBN(0x8b5c989e, 0xdddc560e),
-     TOBN(0x19d2f316, 0x512e1f43), TOBN(0x02eac554, 0xad08ff62),
-     TOBN(0x012ab84c, 0x07d20b4e), TOBN(0x37d1e115, 0xd6d4e4e1),
-     TOBN(0xb6443e1a, 0xab7b19a8), TOBN(0xf08d067e, 0xdef8cd45),
-     TOBN(0x63adf3e9, 0x685e03da), TOBN(0xcf15a10e, 0x4792b916),
-     TOBN(0xf44bcce5, 0xb738a425), TOBN(0xebe131d5, 0x9636b2fd),
-     TOBN(0x94068841, 0x7850d605), TOBN(0x09684eaa, 0xb40d749d),
-     TOBN(0x8c3c669c, 0x72ba075b), TOBN(0x89f78b55, 0xba469015),
-     TOBN(0x5706aade, 0x3e9f8ba8), TOBN(0x6d8bd565, 0xb32d7ed7),
-     TOBN(0x25f4e63b, 0x805f08d6), TOBN(0x7f48200d, 0xc3bcc1b5),
-     TOBN(0x4e801968, 0xb025d847), TOBN(0x74afac04, 0x87cbe0a8),
-     TOBN(0x43ed2c2b, 0x7e63d690), TOBN(0xefb6bbf0, 0x0223cdb8),
-     TOBN(0x4fec3cae, 0x2884d3fe), TOBN(0x065ecce6, 0xd75e25a4),
-     TOBN(0x6c2294ce, 0x69f79071), TOBN(0x0d9a8e5f, 0x044b8666),
-     TOBN(0x5009f238, 0x17b69d8f), TOBN(0x3c29f8fe, 0xc5dfdaf7),
-     TOBN(0x9067528f, 0xebae68c4), TOBN(0x5b385632, 0x30c5ba21),
-     TOBN(0x540df119, 0x1fdd1aec), TOBN(0xcf37825b, 0xcfba4c78),
-     TOBN(0x77eff980, 0xbeb11454), TOBN(0x40a1a991, 0x60c1b066),
-     TOBN(0xe8018980, 0xf889a1c7), TOBN(0xb9c52ae9, 0x76c24be0),
-     TOBN(0x05fbbcce, 0x45650ef4), TOBN(0xae000f10, 0x8aa29ac7),
-     TOBN(0x884b7172, 0x4f04c470), TOBN(0x7cd4fde2, 0x19bb5c25),
-     TOBN(0x6477b22a, 0xe8840869), TOBN(0xa8868859, 0x5fbd0686),
-     TOBN(0xf23cc02e, 0x1116dfba), TOBN(0x76cd563f, 0xd87d7776),
-     TOBN(0xe2a37598, 0xa9d82abf), TOBN(0x5f188ccb, 0xe6c170f5),
-     TOBN(0x81682200, 0x5066b087), TOBN(0xda22c212, 0xc7155ada),
-     TOBN(0x151e5d3a, 0xfbddb479), TOBN(0x4b606b84, 0x6d715b99),
-     TOBN(0x4a73b54b, 0xf997cb2e), TOBN(0x9a1bfe43, 0x3ecd8b66),
-     TOBN(0x1c312809, 0x2a67d48a), TOBN(0xcd6a671e, 0x031fa9e2),
-     TOBN(0xbec3312a, 0x0e43a34a), TOBN(0x1d935639, 0x55ef47d3),
-     TOBN(0x5ea02489, 0x8fea73ea), TOBN(0x8247b364, 0xa035afb2),
-     TOBN(0xb58300a6, 0x5265b54c), TOBN(0x3286662f, 0x722c7148),
-     TOBN(0xb77fd76b, 0xb4ec4c20), TOBN(0xf0a12fa7, 0x0f3fe3fd),
-     TOBN(0xf845bbf5, 0x41d8c7e8), TOBN(0xe4d969ca, 0x5ec10aa8),
-     TOBN(0x4c0053b7, 0x43e232a3), TOBN(0xdc7a3fac, 0x37f8a45a),
-     TOBN(0x3c4261c5, 0x20d81c8f), TOBN(0xfd4b3453, 0xb00eab00),
-     TOBN(0x76d48f86, 0xd36e3062), TOBN(0x626c5277, 0xa143ff02),
-     TOBN(0x538174de, 0xaf76f42e), TOBN(0x2267aa86, 0x6407ceac),
-     TOBN(0xfad76351, 0x72e572d5), TOBN(0xab861af7, 0xba7330eb),
-     TOBN(0xa0a1c8c7, 0x418d8657), TOBN(0x988821cb, 0x20289a52),
-     TOBN(0x79732522, 0xcccc18ad), TOBN(0xaadf3f8d, 0xf1a6e027),
-     TOBN(0xf7382c93, 0x17c2354d), TOBN(0x5ce1680c, 0xd818b689),
-     TOBN(0x359ebbfc, 0xd9ecbee9), TOBN(0x4330689c, 0x1cae62ac),
-     TOBN(0xb55ce5b4, 0xc51ac38a), TOBN(0x7921dfea, 0xfe238ee8),
-     TOBN(0x3972bef8, 0x271d1ca5), TOBN(0x3e423bc7, 0xe8aabd18),
-     TOBN(0x57b09f3f, 0x44a3e5e3), TOBN(0x5da886ae, 0x7b444d66),
-     TOBN(0x68206634, 0xa9964375), TOBN(0x356a2fa3, 0x699cd0ff),
-     TOBN(0xaf0faa24, 0xdba515e9), TOBN(0x536e1f5c, 0xb321d79a),
-     TOBN(0xd3b9913a, 0x5c04e4ea), TOBN(0xd549dcfe, 0xd6f11513),
-     TOBN(0xee227bf5, 0x79fd1d94), TOBN(0x9f35afee, 0xb43f2c67),
-     TOBN(0xd2638d24, 0xf1314f53), TOBN(0x62baf948, 0xcabcd822),
-     TOBN(0x5542de29, 0x4ef48db0), TOBN(0xb3eb6a04, 0xfc5f6bb2),
-     TOBN(0x23c110ae, 0x1208e16a), TOBN(0x1a4d15b5, 0xf8363e24),
-     TOBN(0x30716844, 0x164be00b), TOBN(0xa8e24824, 0xf6f4690d),
-     TOBN(0x548773a2, 0x90b170cf), TOBN(0xa1bef331, 0x42f191f4),
-     TOBN(0x70f418d0, 0x9247aa97), TOBN(0xea06028e, 0x48be9147),
-     TOBN(0xe13122f3, 0xdbfb894e), TOBN(0xbe9b79f6, 0xce274b18),
-     TOBN(0x85a49de5, 0xca58aadf), TOBN(0x24957758, 0x11487351),
-     TOBN(0x111def61, 0xbb939099), TOBN(0x1d6a974a, 0x26d13694),
-     TOBN(0x4474b4ce, 0xd3fc253b), TOBN(0x3a1485e6, 0x4c5db15e),
-     TOBN(0xe79667b4, 0x147c15b4), TOBN(0xe34f553b, 0x7bc61301),
-     TOBN(0x032b80f8, 0x17094381), TOBN(0x55d8bafd, 0x723eaa21),
-     TOBN(0x5a987995, 0xf1c0e74e), TOBN(0x5a9b292e, 0xebba289c),
-     TOBN(0x413cd4b2, 0xeb4c8251), TOBN(0x98b5d243, 0xd162db0a),
-     TOBN(0xbb47bf66, 0x68342520), TOBN(0x08d68949, 0xbaa862d1),
-     TOBN(0x11f349c7, 0xe906abcd), TOBN(0x454ce985, 0xed7bf00e),
-     TOBN(0xacab5c9e, 0xb55b803b), TOBN(0xb03468ea, 0x31e3c16d),
-     TOBN(0x5c24213d, 0xd273bf12), TOBN(0x211538eb, 0x71587887),
-     TOBN(0x198e4a2f, 0x731dea2d), TOBN(0xd5856cf2, 0x74ed7b2a),
-     TOBN(0x86a632eb, 0x13a664fe), TOBN(0x932cd909, 0xbda41291),
-     TOBN(0x850e95d4, 0xc0c4ddc0), TOBN(0xc0f422f8, 0x347fc2c9),
-     TOBN(0xe68cbec4, 0x86076bcb), TOBN(0xf9e7c0c0, 0xcd6cd286),
-     TOBN(0x65994ddb, 0x0f5f27ca), TOBN(0xe85461fb, 0xa80d59ff),
-     TOBN(0xff05481a, 0x66601023), TOBN(0xc665427a, 0xfc9ebbfb),
-     TOBN(0xb0571a69, 0x7587fd52), TOBN(0x935289f8, 0x8d49efce),
-     TOBN(0x61becc60, 0xea420688), TOBN(0xb22639d9, 0x13a786af),
-     TOBN(0x1a8e6220, 0x361ecf90), TOBN(0x001f23e0, 0x25506463),
-     TOBN(0xe4ae9b5d, 0x0a5c2b79), TOBN(0xebc9cdad, 0xd8149db5),
-     TOBN(0xb33164a1, 0x934aa728), TOBN(0x750eb00e, 0xae9b60f3),
-     TOBN(0x5a91615b, 0x9b9cfbfd), TOBN(0x97015cbf, 0xef45f7f6),
-     TOBN(0xb462c4a5, 0xbf5151df), TOBN(0x21adcc41, 0xb07118f2),
-     TOBN(0xd60c545b, 0x043fa42c), TOBN(0xfc21aa54, 0xe96be1ab),
-     TOBN(0xe84bc32f, 0x4e51ea80), TOBN(0x3dae45f0, 0x259b5d8d),
-     TOBN(0xbb73c7eb, 0xc38f1b5e), TOBN(0xe405a74a, 0xe8ae617d),
-     TOBN(0xbb1ae9c6, 0x9f1c56bd), TOBN(0x8c176b98, 0x49f196a4),
-     TOBN(0xc448f311, 0x6875092b), TOBN(0xb5afe3de, 0x9f976033),
-     TOBN(0xa8dafd49, 0x145813e5), TOBN(0x687fc4d9, 0xe2b34226),
-     TOBN(0xf2dfc92d, 0x4c7ff57f), TOBN(0x004e3fc1, 0x401f1b46),
-     TOBN(0x5afddab6, 0x1430c9ab), TOBN(0x0bdd41d3, 0x2238e997),
-     TOBN(0xf0947430, 0x418042ae), TOBN(0x71f9adda, 0xcdddc4cb),
-     TOBN(0x7090c016, 0xc52dd907), TOBN(0xd9bdf44d, 0x29e2047f),
-     TOBN(0xe6f1fe80, 0x1b1011a6), TOBN(0xb63accbc, 0xd9acdc78),
-     TOBN(0xcfc7e235, 0x1272a95b), TOBN(0x0c667717, 0xa6276ac8),
-     TOBN(0x3c0d3709, 0xe2d7eef7), TOBN(0x5add2b06, 0x9a685b3e),
-     TOBN(0x363ad32d, 0x14ea5d65), TOBN(0xf8e01f06, 0x8d7dd506),
-     TOBN(0xc9ea2213, 0x75b4aac6), TOBN(0xed2a2bf9, 0x0d353466),
-     TOBN(0x439d79b5, 0xe9d3a7c3), TOBN(0x8e0ee5a6, 0x81b7f34b),
-     TOBN(0xcf3dacf5, 0x1dc4ba75), TOBN(0x1d3d1773, 0xeb3310c7),
-     TOBN(0xa8e67112, 0x7747ae83), TOBN(0x31f43160, 0x197d6b40),
-     TOBN(0x0521ccee, 0xcd961400), TOBN(0x67246f11, 0xf6535768),
-     TOBN(0x702fcc5a, 0xef0c3133), TOBN(0x247cc45d, 0x7e16693b),
-     TOBN(0xfd484e49, 0xc729b749), TOBN(0x522cef7d, 0xb218320f),
-     TOBN(0xe56ef405, 0x59ab93b3), TOBN(0x225fba11, 0x9f181071),
-     TOBN(0x33bd6595, 0x15330ed0), TOBN(0xc4be69d5, 0x1ddb32f7),
-     TOBN(0x264c7668, 0x0448087c), TOBN(0xac30903f, 0x71432dae),
-     TOBN(0x3851b266, 0x00f9bf47), TOBN(0x400ed311, 0x6cdd6d03),
-     TOBN(0x045e79fe, 0xf8fd2424), TOBN(0xfdfd974a, 0xfa6da98b),
-     TOBN(0x45c9f641, 0x0c1e673a), TOBN(0x76f2e733, 0x5b2c5168),
-     TOBN(0x1adaebb5, 0x2a601753), TOBN(0xb286514c, 0xc57c2d49),
-     TOBN(0xd8769670, 0x1e0bfd24), TOBN(0x950c547e, 0x04478922),
-     TOBN(0xd1d41969, 0xe5d32bfe), TOBN(0x30bc1472, 0x750d6c3e),
-     TOBN(0x8f3679fe, 0xe0e27f3a), TOBN(0x8f64a7dc, 0xa4a6ee0c),
-     TOBN(0x2fe59937, 0x633dfb1f), TOBN(0xea82c395, 0x977f2547),
-     TOBN(0xcbdfdf1a, 0x661ea646), TOBN(0xc7ccc591, 0xb9085451),
-     TOBN(0x82177962, 0x81761e13), TOBN(0xda57596f, 0x9196885c),
-     TOBN(0xbc17e849, 0x28ffbd70), TOBN(0x1e6e0a41, 0x2671d36f),
-     TOBN(0x61ae872c, 0x4152fcf5), TOBN(0x441c87b0, 0x9e77e754),
-     TOBN(0xd0799dd5, 0xa34dff09), TOBN(0x766b4e44, 0x88a6b171),
-     TOBN(0xdc06a512, 0x11f1c792), TOBN(0xea02ae93, 0x4be35c3e),
-     TOBN(0xe5ca4d6d, 0xe90c469e), TOBN(0x4df4368e, 0x56e4ff5c),
-     TOBN(0x7817acab, 0x4baef62e), TOBN(0x9f5a2202, 0xa85b91e8),
-     TOBN(0x9666ebe6, 0x6ce57610), TOBN(0x32ad31f3, 0xf73bfe03),
-     TOBN(0x628330a4, 0x25bcf4d6), TOBN(0xea950593, 0x515056e6),
-     TOBN(0x59811c89, 0xe1332156), TOBN(0xc89cf1fe, 0x8c11b2d7),
-     TOBN(0x75b63913, 0x04e60cc0), TOBN(0xce811e8d, 0x4625d375),
-     TOBN(0x030e43fc, 0x2d26e562), TOBN(0xfbb30b4b, 0x608d36a0),
-     TOBN(0x634ff82c, 0x48528118), TOBN(0x7c6fe085, 0xcd285911),
-     TOBN(0x7f2830c0, 0x99358f28), TOBN(0x2e60a95e, 0x665e6c09),
-     TOBN(0x08407d3d, 0x9b785dbf), TOBN(0x530889ab, 0xa759bce7),
-     TOBN(0xf228e0e6, 0x52f61239), TOBN(0x2b6d1461, 0x6879be3c),
-     TOBN(0xe6902c04, 0x51a7bbf7), TOBN(0x30ad99f0, 0x76f24a64),
-     TOBN(0x66d9317a, 0x98bc6da0), TOBN(0xf4f877f3, 0xcb596ac0),
-     TOBN(0xb05ff62d, 0x4c44f119), TOBN(0x4555f536, 0xe9b77416),
-     TOBN(0xc7c0d059, 0x8caed63b), TOBN(0x0cd2b7ce, 0xc358b2a9),
-     TOBN(0x3f33287b, 0x46945fa3), TOBN(0xf8785b20, 0xd67c8791),
-     TOBN(0xc54a7a61, 0x9637bd08), TOBN(0x54d4598c, 0x18be79d7),
-     TOBN(0x889e5acb, 0xc46d7ce1), TOBN(0x9a515bb7, 0x8b085877),
-     TOBN(0xfac1a03d, 0x0b7a5050), TOBN(0x7d3e738a, 0xf2926035),
-     TOBN(0x861cc2ce, 0x2a6cb0eb), TOBN(0x6f2e2955, 0x8f7adc79),
-     TOBN(0x61c4d451, 0x33016376), TOBN(0xd9fd2c80, 0x5ad59090),
-     TOBN(0xe5a83738, 0xb2b836a1), TOBN(0x855b41a0, 0x7c0d6622),
-     TOBN(0x186fe317, 0x7cc19af1), TOBN(0x6465c1ff, 0xfdd99acb),
-     TOBN(0x46e5c23f, 0x6974b99e), TOBN(0x75a7cf8b, 0xa2717cbe),
-     TOBN(0x4d2ebc3f, 0x062be658), TOBN(0x094b4447, 0x5f209c98),
-     TOBN(0x4af285ed, 0xb940cb5a), TOBN(0x6706d792, 0x7cc82f10),
-     TOBN(0xc8c8776c, 0x030526fa), TOBN(0xfa8e6f76, 0xa0da9140),
-     TOBN(0x77ea9d34, 0x591ee4f0), TOBN(0x5f46e337, 0x40274166),
-     TOBN(0x1bdf98bb, 0xea671457), TOBN(0xd7c08b46, 0x862a1fe2),
-     TOBN(0x46cc303c, 0x1c08ad63), TOBN(0x99543440, 0x4c845e7b),
-     TOBN(0x1b8fbdb5, 0x48f36bf7), TOBN(0x5b82c392, 0x8c8273a7),
-     TOBN(0x08f712c4, 0x928435d5), TOBN(0x071cf0f1, 0x79330380),
-     TOBN(0xc74c2d24, 0xa8da054a), TOBN(0xcb0e7201, 0x43c46b5c),
-     TOBN(0x0ad7337a, 0xc0b7eff3), TOBN(0x8552225e, 0xc5e48b3c),
-     TOBN(0xe6f78b0c, 0x73f13a5f), TOBN(0x5e70062e, 0x82349cbe),
-     TOBN(0x6b8d5048, 0xe7073969), TOBN(0x392d2a29, 0xc33cb3d2),
-     TOBN(0xee4f727c, 0x4ecaa20f), TOBN(0xa068c99e, 0x2ccde707),
-     TOBN(0xfcd5651f, 0xb87a2913), TOBN(0xea3e3c15, 0x3cc252f0),
-     TOBN(0x777d92df, 0x3b6cd3e4), TOBN(0x7a414143, 0xc5a732e7),
-     TOBN(0xa895951a, 0xa71ff493), TOBN(0xfe980c92, 0xbbd37cf6),
-     TOBN(0x45bd5e64, 0xdecfeeff), TOBN(0x910dc2a9, 0xa44c43e9),
-     TOBN(0xcb403f26, 0xcca9f54d), TOBN(0x928bbdfb, 0x9303f6db),
-     TOBN(0x3c37951e, 0xa9eee67c), TOBN(0x3bd61a52, 0xf79961c3),
-     TOBN(0x09a238e6, 0x395c9a79), TOBN(0x6940ca2d, 0x61eb352d),
-     TOBN(0x7d1e5c5e, 0xc1875631), TOBN(0x1e19742c, 0x1e1b20d1),
-     TOBN(0x4633d908, 0x23fc2e6e), TOBN(0xa76e29a9, 0x08959149),
-     TOBN(0x61069d9c, 0x84ed7da5), TOBN(0x0baa11cf, 0x5dbcad51),
-     TOBN(0xd01eec64, 0x961849da), TOBN(0x93b75f1f, 0xaf3d8c28),
-     TOBN(0x57bc4f9f, 0x1ca2ee44), TOBN(0x5a26322d, 0x00e00558),
-     TOBN(0x1888d658, 0x61a023ef), TOBN(0x1d72aab4, 0xb9e5246e),
-     TOBN(0xa9a26348, 0xe5563ec0), TOBN(0xa0971963, 0xc3439a43),
-     TOBN(0x567dd54b, 0xadb9b5b7), TOBN(0x73fac1a1, 0xc45a524b),
-     TOBN(0x8fe97ef7, 0xfe38e608), TOBN(0x608748d2, 0x3f384f48),
-     TOBN(0xb0571794, 0xc486094f), TOBN(0x869254a3, 0x8bf3a8d6),
-     TOBN(0x148a8dd1, 0x310b0e25), TOBN(0x99ab9f3f, 0x9aa3f7d8),
-     TOBN(0x0927c68a, 0x6706c02e), TOBN(0x22b5e76c, 0x69790e6c),
-     TOBN(0x6c325260, 0x6c71376c), TOBN(0x53a57690, 0x09ef6657),
-     TOBN(0x8d63f852, 0xedffcf3a), TOBN(0xb4d2ed04, 0x3c0a6f55),
-     TOBN(0xdb3aa8de, 0x12519b9e), TOBN(0x5d38e9c4, 0x1e0a569a),
-     TOBN(0x871528bf, 0x303747e2), TOBN(0xa208e77c, 0xf5b5c18d),
-     TOBN(0x9d129c88, 0xca6bf923), TOBN(0xbcbf197f, 0xbf02839f),
-     TOBN(0x9b9bf030, 0x27323194), TOBN(0x3b055a8b, 0x339ca59d),
-     TOBN(0xb46b2312, 0x0f669520), TOBN(0x19789f1f, 0x497e5f24),
-     TOBN(0x9c499468, 0xaaf01801), TOBN(0x72ee1190, 0x8b69d59c),
-     TOBN(0x8bd39595, 0xacf4c079), TOBN(0x3ee11ece, 0x8e0cd048),
-     TOBN(0xebde86ec, 0x1ed66f18), TOBN(0x225d906b, 0xd61fce43),
-     TOBN(0x5cab07d6, 0xe8bed74d), TOBN(0x16e4617f, 0x27855ab7),
-     TOBN(0x6568aadd, 0xb2fbc3dd), TOBN(0xedb5484f, 0x8aeddf5b),
-     TOBN(0x878f20e8, 0x6dcf2fad), TOBN(0x3516497c, 0x615f5699),}
-    ,
-    {TOBN(0xef0a3fec, 0xfa181e69), TOBN(0x9ea02f81, 0x30d69a98),
-     TOBN(0xb2e9cf8e, 0x66eab95d), TOBN(0x520f2beb, 0x24720021),
-     TOBN(0x621c540a, 0x1df84361), TOBN(0x12037721, 0x71fa6d5d),
-     TOBN(0x6e3c7b51, 0x0ff5f6ff), TOBN(0x817a069b, 0xabb2bef3),
-     TOBN(0x83572fb6, 0xb294cda6), TOBN(0x6ce9bf75, 0xb9039f34),
-     TOBN(0x20e012f0, 0x095cbb21), TOBN(0xa0aecc1b, 0xd063f0da),
-     TOBN(0x57c21c3a, 0xf02909e5), TOBN(0xc7d59ecf, 0x48ce9cdc),
-     TOBN(0x2732b844, 0x8ae336f8), TOBN(0x056e3723, 0x3f4f85f4),
-     TOBN(0x8a10b531, 0x89e800ca), TOBN(0x50fe0c17, 0x145208fd),
-     TOBN(0x9e43c0d3, 0xb714ba37), TOBN(0x427d200e, 0x34189acc),
-     TOBN(0x05dee24f, 0xe616e2c0), TOBN(0x9c25f4c8, 0xee1854c1),
-     TOBN(0x4d3222a5, 0x8f342a73), TOBN(0x0807804f, 0xa027c952),
-     TOBN(0xc222653a, 0x4f0d56f3), TOBN(0x961e4047, 0xca28b805),
-     TOBN(0x2c03f8b0, 0x4a73434b), TOBN(0x4c966787, 0xab712a19),
-     TOBN(0xcc196c42, 0x864fee42), TOBN(0xc1be93da, 0x5b0ece5c),
-     TOBN(0xa87d9f22, 0xc131c159), TOBN(0x2bb6d593, 0xdce45655),
-     TOBN(0x22c49ec9, 0xb809b7ce), TOBN(0x8a41486b, 0xe2c72c2c),
-     TOBN(0x813b9420, 0xfea0bf36), TOBN(0xb3d36ee9, 0xa66dac69),
-     TOBN(0x6fddc08a, 0x328cc987), TOBN(0x0a3bcd2c, 0x3a326461),
-     TOBN(0x7103c49d, 0xd810dbba), TOBN(0xf9d81a28, 0x4b78a4c4),
-     TOBN(0x3de865ad, 0xe4d55941), TOBN(0xdedafa5e, 0x30384087),
-     TOBN(0x6f414abb, 0x4ef18b9b), TOBN(0x9ee9ea42, 0xfaee5268),
-     TOBN(0x260faa16, 0x37a55a4a), TOBN(0xeb19a514, 0x015f93b9),
-     TOBN(0x51d7ebd2, 0x9e9c3598), TOBN(0x523fc56d, 0x1932178e),
-     TOBN(0x501d070c, 0xb98fe684), TOBN(0xd60fbe9a, 0x124a1458),
-     TOBN(0xa45761c8, 0x92bc6b3f), TOBN(0xf5384858, 0xfe6f27cb),
-     TOBN(0x4b0271f7, 0xb59e763b), TOBN(0x3d4606a9, 0x5b5a8e5e),
-     TOBN(0x1eda5d9b, 0x05a48292), TOBN(0xda7731d0, 0xe6fec446),
-     TOBN(0xa3e33693, 0x90d45871), TOBN(0xe9764040, 0x06166d8d),
-     TOBN(0xb5c33682, 0x89a90403), TOBN(0x4bd17983, 0x72f1d637),
-     TOBN(0xa616679e, 0xd5d2c53a), TOBN(0x5ec4bcd8, 0xfdcf3b87),
-     TOBN(0xae6d7613, 0xb66a694e), TOBN(0x7460fc76, 0xe3fc27e5),
-     TOBN(0x70469b82, 0x95caabee), TOBN(0xde024ca5, 0x889501e3),
-     TOBN(0x6bdadc06, 0x076ed265), TOBN(0x0cb1236b, 0x5a0ef8b2),
-     TOBN(0x4065ddbf, 0x0972ebf9), TOBN(0xf1dd3875, 0x22aca432),
-     TOBN(0xa88b97cf, 0x744aff76), TOBN(0xd1359afd, 0xfe8e3d24),
-     TOBN(0x52a3ba2b, 0x91502cf3), TOBN(0x2c3832a8, 0x084db75d),
-     TOBN(0x04a12ddd, 0xde30b1c9), TOBN(0x7802eabc, 0xe31fd60c),
-     TOBN(0x33707327, 0xa37fddab), TOBN(0x65d6f2ab, 0xfaafa973),
-     TOBN(0x3525c5b8, 0x11e6f91a), TOBN(0x76aeb0c9, 0x5f46530b),
-     TOBN(0xe8815ff6, 0x2f93a675), TOBN(0xa6ec9684, 0x05f48679),
-     TOBN(0x6dcbb556, 0x358ae884), TOBN(0x0af61472, 0xe19e3873),
-     TOBN(0x72334372, 0xa5f696be), TOBN(0xc65e57ea, 0x6f22fb70),
-     TOBN(0x268da30c, 0x946cea90), TOBN(0x136a8a87, 0x65681b2a),
-     TOBN(0xad5e81dc, 0x0f9f44d4), TOBN(0xf09a6960, 0x2c46585a),
-     TOBN(0xd1649164, 0xc447d1b1), TOBN(0x3b4b36c8, 0x879dc8b1),
-     TOBN(0x20d4177b, 0x3b6b234c), TOBN(0x096a2505, 0x1730d9d0),
-     TOBN(0x0611b9b8, 0xef80531d), TOBN(0xba904b3b, 0x64bb495d),
-     TOBN(0x1192d9d4, 0x93a3147a), TOBN(0x9f30a5dc, 0x9a565545),
-     TOBN(0x90b1f9cb, 0x6ef07212), TOBN(0x29958546, 0x0d87fc13),
-     TOBN(0xd3323eff, 0xc17db9ba), TOBN(0xcb18548c, 0xcb1644a8),
-     TOBN(0x18a306d4, 0x4f49ffbc), TOBN(0x28d658f1, 0x4c2e8684),
-     TOBN(0x44ba60cd, 0xa99f8c71), TOBN(0x67b7abdb, 0x4bf742ff),
-     TOBN(0x66310f9c, 0x914b3f99), TOBN(0xae430a32, 0xf412c161),
-     TOBN(0x1e6776d3, 0x88ace52f), TOBN(0x4bc0fa24, 0x52d7067d),
-     TOBN(0x03c286aa, 0x8f07cd1b), TOBN(0x4cb8f38c, 0xa985b2c1),
-     TOBN(0x83ccbe80, 0x8c3bff36), TOBN(0x005a0bd2, 0x5263e575),
-     TOBN(0x460d7dda, 0x259bdcd1), TOBN(0x4a1c5642, 0xfa5cab6b),
-     TOBN(0x2b7bdbb9, 0x9fe4fc88), TOBN(0x09418e28, 0xcc97bbb5),
-     TOBN(0xd8274fb4, 0xa12321ae), TOBN(0xb137007d, 0x5c87b64e),
-     TOBN(0x80531fe1, 0xc63c4962), TOBN(0x50541e89, 0x981fdb25),
-     TOBN(0xdc1291a1, 0xfd4c2b6b), TOBN(0xc0693a17, 0xa6df4fca),
-     TOBN(0xb2c4604e, 0x0117f203), TOBN(0x245f1963, 0x0a99b8d0),
-     TOBN(0xaedc20aa, 0xc6212c44), TOBN(0xb1ed4e56, 0x520f52a8),
-     TOBN(0xfe48f575, 0xf8547be3), TOBN(0x0a7033cd, 0xa9e45f98),
-     TOBN(0x4b45d3a9, 0x18c50100), TOBN(0xb2a6cd6a, 0xa61d41da),
-     TOBN(0x60bbb4f5, 0x57933c6b), TOBN(0xa7538ebd, 0x2b0d7ffc),
-     TOBN(0x9ea3ab8d, 0x8cd626b6), TOBN(0x8273a484, 0x3601625a),
-     TOBN(0x88859845, 0x0168e508), TOBN(0x8cbc9bb2, 0x99a94abd),
-     TOBN(0x713ac792, 0xfab0a671), TOBN(0xa3995b19, 0x6c9ebffc),
-     TOBN(0xe711668e, 0x1239e152), TOBN(0x56892558, 0xbbb8dff4),
-     TOBN(0x8bfc7dab, 0xdbf17963), TOBN(0x5b59fe5a, 0xb3de1253),
-     TOBN(0x7e3320eb, 0x34a9f7ae), TOBN(0xe5e8cf72, 0xd751efe4),
-     TOBN(0x7ea003bc, 0xd9be2f37), TOBN(0xc0f551a0, 0xb6c08ef7),
-     TOBN(0x56606268, 0x038f6725), TOBN(0x1dd38e35, 0x6d92d3b6),
-     TOBN(0x07dfce7c, 0xc3cbd686), TOBN(0x4e549e04, 0x651c5da8),
-     TOBN(0x4058f93b, 0x08b19340), TOBN(0xc2fae6f4, 0xcac6d89d),
-     TOBN(0x4bad8a8c, 0x8f159cc7), TOBN(0x0ddba4b3, 0xcb0b601c),
-     TOBN(0xda4fc7b5, 0x1dd95f8c), TOBN(0x1d163cd7, 0xcea5c255),
-     TOBN(0x30707d06, 0x274a8c4c), TOBN(0x79d9e008, 0x2802e9ce),
-     TOBN(0x02a29ebf, 0xe6ddd505), TOBN(0x37064e74, 0xb50bed1a),
-     TOBN(0x3f6bae65, 0xa7327d57), TOBN(0x3846f5f1, 0xf83920bc),
-     TOBN(0x87c37491, 0x60df1b9b), TOBN(0x4cfb2895, 0x2d1da29f),
-     TOBN(0x10a478ca, 0x4ed1743c), TOBN(0x390c6030, 0x3edd47c6),
-     TOBN(0x8f3e5312, 0x8c0a78de), TOBN(0xccd02bda, 0x1e85df70),
-     TOBN(0xd6c75c03, 0xa61b6582), TOBN(0x0762921c, 0xfc0eebd1),
-     TOBN(0xd34d0823, 0xd85010c0), TOBN(0xd73aaacb, 0x0044cf1f),
-     TOBN(0xfb4159bb, 0xa3b5e78a), TOBN(0x2287c7f7, 0xe5826f3f),
-     TOBN(0x4aeaf742, 0x580b1a01), TOBN(0xf080415d, 0x60423b79),
-     TOBN(0xe12622cd, 0xa7dea144), TOBN(0x49ea4996, 0x59d62472),
-     TOBN(0xb42991ef, 0x571f3913), TOBN(0x0610f214, 0xf5b25a8a),
-     TOBN(0x47adc585, 0x30b79e8f), TOBN(0xf90e3df6, 0x07a065a2),
-     TOBN(0x5d0a5deb, 0x43e2e034), TOBN(0x53fb5a34, 0x444024aa),
-     TOBN(0xa8628c68, 0x6b0c9f7f), TOBN(0x9c69c29c, 0xac563656),
-     TOBN(0x5a231feb, 0xbace47b6), TOBN(0xbdce0289, 0x9ea5a2ec),
-     TOBN(0x05da1fac, 0x9463853e), TOBN(0x96812c52, 0x509e78aa),
-     TOBN(0xd3fb5771, 0x57151692), TOBN(0xeb2721f8, 0xd98e1c44),
-     TOBN(0xc0506087, 0x32399be1), TOBN(0xda5a5511, 0xd979d8b8),
-     TOBN(0x737ed55d, 0xc6f56780), TOBN(0xe20d3004, 0x0dc7a7f4),
-     TOBN(0x02ce7301, 0xf5941a03), TOBN(0x91ef5215, 0xed30f83a),
-     TOBN(0x28727fc1, 0x4092d85f), TOBN(0x72d223c6, 0x5c49e41a),
-     TOBN(0xa7cf30a2, 0xba6a4d81), TOBN(0x7c086209, 0xb030d87d),
-     TOBN(0x04844c7d, 0xfc588b09), TOBN(0x728cd499, 0x5874bbb0),
-     TOBN(0xcc1281ee, 0xe84c0495), TOBN(0x0769b5ba, 0xec31958f),
-     TOBN(0x665c228b, 0xf99c2471), TOBN(0xf2d8a11b, 0x191eb110),
-     TOBN(0x4594f494, 0xd36d7024), TOBN(0x482ded8b, 0xcdcb25a1),
-     TOBN(0xc958a9d8, 0xdadd4885), TOBN(0x7004477e, 0xf1d2b547),
-     TOBN(0x0a45f6ef, 0x2a0af550), TOBN(0x4fc739d6, 0x2f8d6351),
-     TOBN(0x75cdaf27, 0x786f08a9), TOBN(0x8700bb26, 0x42c2737f),
-     TOBN(0x855a7141, 0x1c4e2670), TOBN(0x810188c1, 0x15076fef),
-     TOBN(0xc251d0c9, 0xabcd3297), TOBN(0xae4c8967, 0xf48108eb),
-     TOBN(0xbd146de7, 0x18ceed30), TOBN(0xf9d4f07a, 0xc986bced),
-     TOBN(0x5ad98ed5, 0x83fa1e08), TOBN(0x7780d33e, 0xbeabd1fb),
-     TOBN(0xe330513c, 0x903b1196), TOBN(0xba11de9e, 0xa47bc8c4),
-     TOBN(0x684334da, 0x02c2d064), TOBN(0x7ecf360d, 0xa48de23b),
-     TOBN(0x57a1b474, 0x0a9089d8), TOBN(0xf28fa439, 0xff36734c),
-     TOBN(0xf2a482cb, 0xea4570b3), TOBN(0xee65d68b, 0xa5ebcee9),
-     TOBN(0x988d0036, 0xb9694cd5), TOBN(0x53edd0e9, 0x37885d32),
-     TOBN(0xe37e3307, 0xbeb9bc6d), TOBN(0xe9abb907, 0x9f5c6768),
-     TOBN(0x4396ccd5, 0x51f2160f), TOBN(0x2500888c, 0x47336da6),
-     TOBN(0x383f9ed9, 0x926fce43), TOBN(0x809dd1c7, 0x04da2930),
-     TOBN(0x30f6f596, 0x8a4cb227), TOBN(0x0d700c7f, 0x73a56b38),
-     TOBN(0x1825ea33, 0xab64a065), TOBN(0xaab9b735, 0x1338df80),
-     TOBN(0x1516100d, 0x9b63f57f), TOBN(0x2574395a, 0x27a6a634),
-     TOBN(0xb5560fb6, 0x700a1acd), TOBN(0xe823fd73, 0xfd999681),
-     TOBN(0xda915d1f, 0x6cb4e1ba), TOBN(0x0d030118, 0x6ebe00a3),
-     TOBN(0x744fb0c9, 0x89fca8cd), TOBN(0x970d01db, 0xf9da0e0b),
-     TOBN(0x0ad8c564, 0x7931d76f), TOBN(0xb15737bf, 0xf659b96a),
-     TOBN(0xdc9933e8, 0xa8b484e7), TOBN(0xb2fdbdf9, 0x7a26dec7),
-     TOBN(0x2349e9a4, 0x9f1f0136), TOBN(0x7860368e, 0x70fddddb),
-     TOBN(0xd93d2c1c, 0xf9ad3e18), TOBN(0x6d6c5f17, 0x689f4e79),
-     TOBN(0x7a544d91, 0xb24ff1b6), TOBN(0x3e12a5eb, 0xfe16cd8c),
-     TOBN(0x543574e9, 0xa56b872f), TOBN(0xa1ad550c, 0xfcf68ea2),
-     TOBN(0x689e37d2, 0x3f560ef7), TOBN(0x8c54b9ca, 0xc9d47a8b),
-     TOBN(0x46d40a4a, 0x088ac342), TOBN(0xec450c7c, 0x1576c6d0),
-     TOBN(0xb589e31c, 0x1f9689e9), TOBN(0xdacf2602, 0xb8781718),
-     TOBN(0xa89237c6, 0xc8cb6b42), TOBN(0x1326fc93, 0xb96ef381),
-     TOBN(0x55d56c6d, 0xb5f07825), TOBN(0xacba2eea, 0x7449e22d),
-     TOBN(0x74e0887a, 0x633c3000), TOBN(0xcb6cd172, 0xd7cbcf71),
-     TOBN(0x309e81de, 0xc36cf1be), TOBN(0x07a18a6d, 0x60ae399b),
-     TOBN(0xb36c2679, 0x9edce57e), TOBN(0x52b892f4, 0xdf001d41),
-     TOBN(0xd884ae5d, 0x16a1f2c6), TOBN(0x9b329424, 0xefcc370a),
-     TOBN(0x3120daf2, 0xbd2e21df), TOBN(0x55298d2d, 0x02470a99),
-     TOBN(0x0b78af6c, 0xa05db32e), TOBN(0x5c76a331, 0x601f5636),
-     TOBN(0xaae861ff, 0xf8a4f29c), TOBN(0x70dc9240, 0xd68f8d49),
-     TOBN(0x960e649f, 0x81b1321c), TOBN(0x3d2c801b, 0x8792e4ce),
-     TOBN(0xf479f772, 0x42521876), TOBN(0x0bed93bc, 0x416c79b1),
-     TOBN(0xa67fbc05, 0x263e5bc9), TOBN(0x01e8e630, 0x521db049),
-     TOBN(0x76f26738, 0xc6f3431e), TOBN(0xe609cb02, 0xe3267541),
-     TOBN(0xb10cff2d, 0x818c877c), TOBN(0x1f0e75ce, 0x786a13cb),
-     TOBN(0xf4fdca64, 0x1158544d), TOBN(0x5d777e89, 0x6cb71ed0),
-     TOBN(0x3c233737, 0xa9aa4755), TOBN(0x7b453192, 0xe527ab40),
-     TOBN(0xdb59f688, 0x39f05ffe), TOBN(0x8f4f4be0, 0x6d82574e),
-     TOBN(0xcce3450c, 0xee292d1b), TOBN(0xaa448a12, 0x61ccd086),
-     TOBN(0xabce91b3, 0xf7914967), TOBN(0x4537f09b, 0x1908a5ed),
-     TOBN(0xa812421e, 0xf51042e7), TOBN(0xfaf5cebc, 0xec0b3a34),
-     TOBN(0x730ffd87, 0x4ca6b39a), TOBN(0x70fb72ed, 0x02efd342),
-     TOBN(0xeb4735f9, 0xd75c8edb), TOBN(0xc11f2157, 0xc278aa51),
-     TOBN(0xc459f635, 0xbf3bfebf), TOBN(0x3a1ff0b4, 0x6bd9601f),
-     TOBN(0xc9d12823, 0xc420cb73), TOBN(0x3e9af3e2, 0x3c2915a3),
-     TOBN(0xe0c82c72, 0xb41c3440), TOBN(0x175239e5, 0xe3039a5f),
-     TOBN(0xe1084b8a, 0x558795a3), TOBN(0x328d0a1d, 0xd01e5c60),
-     TOBN(0x0a495f2e, 0xd3788a04), TOBN(0x25d8ff16, 0x66c11a9f),
-     TOBN(0xf5155f05, 0x9ed692d6), TOBN(0x954fa107, 0x4f425fe4),
-     TOBN(0xd16aabf2, 0xe98aaa99), TOBN(0x90cd8ba0, 0x96b0f88a),
-     TOBN(0x957f4782, 0xc154026a), TOBN(0x54ee0734, 0x52af56d2),
-     TOBN(0xbcf89e54, 0x45b4147a), TOBN(0x3d102f21, 0x9a52816c),
-     TOBN(0x6808517e, 0x39b62e77), TOBN(0x92e25421, 0x69169ad8),
-     TOBN(0xd721d871, 0xbb608558), TOBN(0x60e4ebae, 0xf6d4ff9b),
-     TOBN(0x0ba10819, 0x41f2763e), TOBN(0xca2e45be, 0x51ee3247),
-     TOBN(0x66d172ec, 0x2bfd7a5f), TOBN(0x528a8f2f, 0x74d0b12d),
-     TOBN(0xe17f1e38, 0xdabe70dc), TOBN(0x1d5d7316, 0x9f93983c),
-     TOBN(0x51b2184a, 0xdf423e31), TOBN(0xcb417291, 0xaedb1a10),
-     TOBN(0x2054ca93, 0x625bcab9), TOBN(0x54396860, 0xa98998f0),
-     TOBN(0x4e53f6c4, 0xa54ae57e), TOBN(0x0ffeb590, 0xee648e9d),
-     TOBN(0xfbbdaadc, 0x6afaf6bc), TOBN(0xf88ae796, 0xaa3bfb8a),
-     TOBN(0x209f1d44, 0xd2359ed9), TOBN(0xac68dd03, 0xf3544ce2),
-     TOBN(0xf378da47, 0xfd51e569), TOBN(0xe1abd860, 0x2cc80097),
-     TOBN(0x23ca18d9, 0x343b6e3a), TOBN(0x480797e8, 0xb40a1bae),
-     TOBN(0xd1f0c717, 0x533f3e67), TOBN(0x44896970, 0x06e6cdfc),
-     TOBN(0x8ca21055, 0x52a82e8d), TOBN(0xb2caf785, 0x78460cdc),
-     TOBN(0x4c1b7b62, 0xe9037178), TOBN(0xefc09d2c, 0xdb514b58),
-     TOBN(0x5f2df9ee, 0x9113be5c), TOBN(0x2fbda78f, 0xb3f9271c),
-     TOBN(0xe09a81af, 0x8f83fc54), TOBN(0x06b13866, 0x8afb5141),
-     TOBN(0x38f6480f, 0x43e3865d), TOBN(0x72dd77a8, 0x1ddf47d9),
-     TOBN(0xf2a8e971, 0x4c205ff7), TOBN(0x46d449d8, 0x9d088ad8),
-     TOBN(0x926619ea, 0x185d706f), TOBN(0xe47e02eb, 0xc7dd7f62),
-     TOBN(0xe7f120a7, 0x8cbc2031), TOBN(0xc18bef00, 0x998d4ac9),
-     TOBN(0x18f37a9c, 0x6bdf22da), TOBN(0xefbc432f, 0x90dc82df),
-     TOBN(0xc52cef8e, 0x5d703651), TOBN(0x82887ba0, 0xd99881a5),
-     TOBN(0x7cec9dda, 0xb920ec1d), TOBN(0xd0d7e8c3, 0xec3e8d3b),
-     TOBN(0x445bc395, 0x4ca88747), TOBN(0xedeaa2e0, 0x9fd53535),
-     TOBN(0x461b1d93, 0x6cc87475), TOBN(0xd92a52e2, 0x6d2383bd),
-     TOBN(0xfabccb59, 0xd7903546), TOBN(0x6111a761, 0x3d14b112),
-     TOBN(0x0ae584fe, 0xb3d5f612), TOBN(0x5ea69b8d, 0x60e828ec),
-     TOBN(0x6c078985, 0x54087030), TOBN(0x649cab04, 0xac4821fe),
-     TOBN(0x25ecedcf, 0x8bdce214), TOBN(0xb5622f72, 0x86af7361),
-     TOBN(0x0e1227aa, 0x7038b9e2), TOBN(0xd0efb273, 0xac20fa77),
-     TOBN(0x817ff88b, 0x79df975b), TOBN(0x856bf286, 0x1999503e),
-     TOBN(0xb4d5351f, 0x5038ec46), TOBN(0x740a52c5, 0xfc42af6e),
-     TOBN(0x2e38bb15, 0x2cbb1a3f), TOBN(0xc3eb99fe, 0x17a83429),
-     TOBN(0xca4fcbf1, 0xdd66bb74), TOBN(0x880784d6, 0xcde5e8fc),
-     TOBN(0xddc84c1c, 0xb4e7a0be), TOBN(0x8780510d, 0xbd15a72f),
-     TOBN(0x44bcf1af, 0x81ec30e1), TOBN(0x141e50a8, 0x0a61073e),
-     TOBN(0x0d955718, 0x47be87ae), TOBN(0x68a61417, 0xf76a4372),
-     TOBN(0xf57e7e87, 0xc607c3d3), TOBN(0x043afaf8, 0x5252f332),
-     TOBN(0xcc14e121, 0x1552a4d2), TOBN(0xb6dee692, 0xbb4d4ab4),
-     TOBN(0xb6ab74c8, 0xa03816a4), TOBN(0x84001ae4, 0x6f394a29),
-     TOBN(0x5bed8344, 0xd795fb45), TOBN(0x57326e7d, 0xb79f55a5),
-     TOBN(0xc9533ce0, 0x4accdffc), TOBN(0x53473caf, 0x3993fa04),
-     TOBN(0x7906eb93, 0xa13df4c8), TOBN(0xa73e51f6, 0x97cbe46f),
-     TOBN(0xd1ab3ae1, 0x0ae4ccf8), TOBN(0x25614508, 0x8a5b3dbc),
-     TOBN(0x61eff962, 0x11a71b27), TOBN(0xdf71412b, 0x6bb7fa39),
-     TOBN(0xb31ba6b8, 0x2bd7f3ef), TOBN(0xb0b9c415, 0x69180d29),
-     TOBN(0xeec14552, 0x014cdde5), TOBN(0x702c624b, 0x227b4bbb),
-     TOBN(0x2b15e8c2, 0xd3e988f3), TOBN(0xee3bcc6d, 0xa4f7fd04),
-     TOBN(0x9d00822a, 0x42ac6c85), TOBN(0x2db0cea6, 0x1df9f2b7),
-     TOBN(0xd7cad2ab, 0x42de1e58), TOBN(0x346ed526, 0x2d6fbb61),
-     TOBN(0xb3962995, 0x1a2faf09), TOBN(0x2fa8a580, 0x7c25612e),
-     TOBN(0x30ae04da, 0x7cf56490), TOBN(0x75662908, 0x0eea3961),
-     TOBN(0x3609f5c5, 0x3d080847), TOBN(0xcb081d39, 0x5241d4f6),
-     TOBN(0xb4fb3810, 0x77961a63), TOBN(0xc20c5984, 0x2abb66fc),
-     TOBN(0x3d40aa7c, 0xf902f245), TOBN(0x9cb12736, 0x4e536b1e),
-     TOBN(0x5eda24da, 0x99b3134f), TOBN(0xafbd9c69, 0x5cd011af),
-     TOBN(0x9a16e30a, 0xc7088c7d), TOBN(0x5ab65710, 0x3207389f),
-     TOBN(0x1b09547f, 0xe7407a53), TOBN(0x2322f9d7, 0x4fdc6eab),
-     TOBN(0xc0f2f22d, 0x7430de4d), TOBN(0x19382696, 0xe68ca9a9),
-     TOBN(0x17f1eff1, 0x918e5868), TOBN(0xe3b5b635, 0x586f4204),
-     TOBN(0x146ef980, 0x3fbc4341), TOBN(0x359f2c80, 0x5b5eed4e),
-     TOBN(0x9f35744e, 0x7482e41d), TOBN(0x9a9ac3ec, 0xf3b224c2),
-     TOBN(0x9161a6fe, 0x91fc50ae), TOBN(0x89ccc66b, 0xc613fa7c),
-     TOBN(0x89268b14, 0xc732f15a), TOBN(0x7cd6f4e2, 0xb467ed03),
-     TOBN(0xfbf79869, 0xce56b40e), TOBN(0xf93e094c, 0xc02dde98),
-     TOBN(0xefe0c3a8, 0xedee2cd7), TOBN(0x90f3ffc0, 0xb268fd42),
-     TOBN(0x81a7fd56, 0x08241aed), TOBN(0x95ab7ad8, 0x00b1afe8),
-     TOBN(0x40127056, 0x3e310d52), TOBN(0xd3ffdeb1, 0x09d9fc43),
-     TOBN(0xc8f85c91, 0xd11a8594), TOBN(0x2e74d258, 0x31cf6db8),
-     TOBN(0x829c7ca3, 0x02b5dfd0), TOBN(0xe389cfbe, 0x69143c86),
-     TOBN(0xd01b6405, 0x941768d8), TOBN(0x45103995, 0x03bf825d),
-     TOBN(0xcc4ee166, 0x56cd17e2), TOBN(0xbea3c283, 0xba037e79),
-     TOBN(0x4e1ac06e, 0xd9a47520), TOBN(0xfbfe18aa, 0xaf852404),
-     TOBN(0x5615f8e2, 0x8087648a), TOBN(0x7301e47e, 0xb9d150d9),
-     TOBN(0x79f9f9dd, 0xb299b977), TOBN(0x76697a7b, 0xa5b78314),
-     TOBN(0x10d67468, 0x7d7c90e7), TOBN(0x7afffe03, 0x937210b5),
-     TOBN(0x5aef3e4b, 0x28c22cee), TOBN(0xefb0ecd8, 0x09fd55ae),
-     TOBN(0x4cea7132, 0x0d2a5d6a), TOBN(0x9cfb5fa1, 0x01db6357),
-     TOBN(0x395e0b57, 0xf36e1ac5), TOBN(0x008fa9ad, 0x36cafb7d),
-     TOBN(0x8f6cdf70, 0x5308c4db), TOBN(0x51527a37, 0x95ed2477),
-     TOBN(0xba0dee30, 0x5bd21311), TOBN(0x6ed41b22, 0x909c90d7),
-     TOBN(0xc5f6b758, 0x7c8696d3), TOBN(0x0db8eaa8, 0x3ce83a80),
-     TOBN(0xd297fe37, 0xb24b4b6f), TOBN(0xfe58afe8, 0x522d1f0d),
-     TOBN(0x97358736, 0x8c98dbd9), TOBN(0x6bc226ca, 0x9454a527),
-     TOBN(0xa12b384e, 0xce53c2d0), TOBN(0x779d897d, 0x5e4606da),
-     TOBN(0xa53e47b0, 0x73ec12b0), TOBN(0x462dbbba, 0x5756f1ad),
-     TOBN(0x69fe09f2, 0xcafe37b6), TOBN(0x273d1ebf, 0xecce2e17),
-     TOBN(0x8ac1d538, 0x3cf607fd), TOBN(0x8035f7ff, 0x12e10c25),}
-    ,
-    {TOBN(0x854d34c7, 0x7e6c5520), TOBN(0xc27df9ef, 0xdcb9ea58),
-     TOBN(0x405f2369, 0xd686666d), TOBN(0x29d1febf, 0x0417aa85),
-     TOBN(0x9846819e, 0x93470afe), TOBN(0x3e6a9669, 0xe2a27f9e),
-     TOBN(0x24d008a2, 0xe31e6504), TOBN(0xdba7cecf, 0x9cb7680a),
-     TOBN(0xecaff541, 0x338d6e43), TOBN(0x56f7dd73, 0x4541d5cc),
-     TOBN(0xb5d426de, 0x96bc88ca), TOBN(0x48d94f6b, 0x9ed3a2c3),
-     TOBN(0x6354a3bb, 0x2ef8279c), TOBN(0xd575465b, 0x0b1867f2),
-     TOBN(0xef99b0ff, 0x95225151), TOBN(0xf3e19d88, 0xf94500d8),
-     TOBN(0x92a83268, 0xe32dd620), TOBN(0x913ec99f, 0x627849a2),
-     TOBN(0xedd8fdfa, 0x2c378882), TOBN(0xaf96f33e, 0xee6f8cfe),
-     TOBN(0xc06737e5, 0xdc3fa8a5), TOBN(0x236bb531, 0xb0b03a1d),
-     TOBN(0x33e59f29, 0x89f037b0), TOBN(0x13f9b5a7, 0xd9a12a53),
-     TOBN(0x0d0df6ce, 0x51efb310), TOBN(0xcb5b2eb4, 0x958df5be),
-     TOBN(0xd6459e29, 0x36158e59), TOBN(0x82aae2b9, 0x1466e336),
-     TOBN(0xfb658a39, 0x411aa636), TOBN(0x7152ecc5, 0xd4c0a933),
-     TOBN(0xf10c758a, 0x49f026b7), TOBN(0xf4837f97, 0xcb09311f),
-     TOBN(0xddfb02c4, 0xc753c45f), TOBN(0x18ca81b6, 0xf9c840fe),
-     TOBN(0x846fd09a, 0xb0f8a3e6), TOBN(0xb1162add, 0xe7733dbc),
-     TOBN(0x7070ad20, 0x236e3ab6), TOBN(0xf88cdaf5, 0xb2a56326),
-     TOBN(0x05fc8719, 0x997cbc7a), TOBN(0x442cd452, 0x4b665272),
-     TOBN(0x7807f364, 0xb71698f5), TOBN(0x6ba418d2, 0x9f7b605e),
-     TOBN(0xfd20b00f, 0xa03b2cbb), TOBN(0x883eca37, 0xda54386f),
-     TOBN(0xff0be43f, 0xf3437f24), TOBN(0xe910b432, 0xa48bb33c),
-     TOBN(0x4963a128, 0x329df765), TOBN(0xac1dd556, 0xbe2fe6f7),
-     TOBN(0x557610f9, 0x24a0a3fc), TOBN(0x38e17bf4, 0xe881c3f9),
-     TOBN(0x6ba84faf, 0xed0dac99), TOBN(0xd4a222c3, 0x59eeb918),
-     TOBN(0xc79c1dbe, 0x13f542b6), TOBN(0x1fc65e0d, 0xe425d457),
-     TOBN(0xeffb754f, 0x1debb779), TOBN(0x638d8fd0, 0x9e08af60),
-     TOBN(0x994f523a, 0x626332d5), TOBN(0x7bc38833, 0x5561bb44),
-     TOBN(0x005ed4b0, 0x3d845ea2), TOBN(0xd39d3ee1, 0xc2a1f08a),
-     TOBN(0x6561fdd3, 0xe7676b0d), TOBN(0x620e35ff, 0xfb706017),
-     TOBN(0x36ce424f, 0xf264f9a8), TOBN(0xc4c3419f, 0xda2681f7),
-     TOBN(0xfb6afd2f, 0x69beb6e8), TOBN(0x3a50b993, 0x6d700d03),
-     TOBN(0xc840b2ad, 0x0c83a14f), TOBN(0x573207be, 0x54085bef),
-     TOBN(0x5af882e3, 0x09fe7e5b), TOBN(0x957678a4, 0x3b40a7e1),
-     TOBN(0x172d4bdd, 0x543056e2), TOBN(0x9c1b26b4, 0x0df13c0a),
-     TOBN(0x1c30861c, 0xf405ff06), TOBN(0xebac86bd, 0x486e828b),
-     TOBN(0xe791a971, 0x636933fc), TOBN(0x50e7c2be, 0x7aeee947),
-     TOBN(0xc3d4a095, 0xfa90d767), TOBN(0xae60eb7b, 0xe670ab7b),
-     TOBN(0x17633a64, 0x397b056d), TOBN(0x93a21f33, 0x105012aa),
-     TOBN(0x663c370b, 0xabb88643), TOBN(0x91df36d7, 0x22e21599),
-     TOBN(0x183ba835, 0x8b761671), TOBN(0x381eea1d, 0x728f3bf1),
-     TOBN(0xb9b2f1ba, 0x39966e6c), TOBN(0x7c464a28, 0xe7295492),
-     TOBN(0x0fd5f70a, 0x09b26b7f), TOBN(0xa9aba1f9, 0xfbe009df),
-     TOBN(0x857c1f22, 0x369b87ad), TOBN(0x3c00e5d9, 0x32fca556),
-     TOBN(0x1ad74cab, 0x90b06466), TOBN(0xa7112386, 0x550faaf2),
-     TOBN(0x7435e198, 0x6d9bd5f5), TOBN(0x2dcc7e38, 0x59c3463f),
-     TOBN(0xdc7df748, 0xca7bd4b2), TOBN(0x13cd4c08, 0x9dec2f31),
-     TOBN(0x0d3b5df8, 0xe3237710), TOBN(0x0dadb26e, 0xcbd2f7b0),
-     TOBN(0x9f5966ab, 0xe4aa082b), TOBN(0x666ec8de, 0x350e966e),
-     TOBN(0x1bfd1ed5, 0xee524216), TOBN(0xcd93c59b, 0x41dab0b6),
-     TOBN(0x658a8435, 0xd186d6ba), TOBN(0x1b7d34d2, 0x159d1195),
-     TOBN(0x5936e460, 0x22caf46b), TOBN(0x6a45dd8f, 0x9a96fe4f),
-     TOBN(0xf7925434, 0xb98f474e), TOBN(0x41410412, 0x0053ef15),
-     TOBN(0x71cf8d12, 0x41de97bf), TOBN(0xb8547b61, 0xbd80bef4),
-     TOBN(0xb47d3970, 0xc4db0037), TOBN(0xf1bcd328, 0xfef20dff),
-     TOBN(0x31a92e09, 0x10caad67), TOBN(0x1f591960, 0x5531a1e1),
-     TOBN(0x3bb852e0, 0x5f4fc840), TOBN(0x63e297ca, 0x93a72c6c),
-     TOBN(0x3c2b0b2e, 0x49abad67), TOBN(0x6ec405fc, 0xed3db0d9),
-     TOBN(0xdc14a530, 0x7fef1d40), TOBN(0xccd19846, 0x280896fc),
-     TOBN(0x00f83176, 0x9bb81648), TOBN(0xd69eb485, 0x653120d0),
-     TOBN(0xd17d75f4, 0x4ccabc62), TOBN(0x34a07f82, 0xb749fcb1),
-     TOBN(0x2c3af787, 0xbbfb5554), TOBN(0xb06ed4d0, 0x62e283f8),
-     TOBN(0x5722889f, 0xa19213a0), TOBN(0x162b085e, 0xdcf3c7b4),
-     TOBN(0xbcaecb31, 0xe0dd3eca), TOBN(0xc6237fbc, 0xe52f13a5),
-     TOBN(0xcc2b6b03, 0x27bac297), TOBN(0x2ae1cac5, 0xb917f54a),
-     TOBN(0x474807d4, 0x7845ae4f), TOBN(0xfec7dd92, 0xce5972e0),
-     TOBN(0xc3bd2541, 0x1d7915bb), TOBN(0x66f85dc4, 0xd94907ca),
-     TOBN(0xd981b888, 0xbdbcf0ca), TOBN(0xd75f5da6, 0xdf279e9f),
-     TOBN(0x128bbf24, 0x7054e934), TOBN(0x3c6ff6e5, 0x81db134b),
-     TOBN(0x795b7cf4, 0x047d26e4), TOBN(0xf370f7b8, 0x5049ec37),
-     TOBN(0xc6712d4d, 0xced945af), TOBN(0xdf30b5ec, 0x095642bc),
-     TOBN(0x9b034c62, 0x4896246e), TOBN(0x5652c016, 0xee90bbd1),
-     TOBN(0xeb38636f, 0x87fedb73), TOBN(0x5e32f847, 0x0135a613),
-     TOBN(0x0703b312, 0xcf933c83), TOBN(0xd05bb76e, 0x1a7f47e6),
-     TOBN(0x825e4f0c, 0x949c2415), TOBN(0x569e5622, 0x7250d6f8),
-     TOBN(0xbbe9eb3a, 0x6568013e), TOBN(0x8dbd203f, 0x22f243fc),
-     TOBN(0x9dbd7694, 0xb342734a), TOBN(0x8f6d12f8, 0x46afa984),
-     TOBN(0xb98610a2, 0xc9eade29), TOBN(0xbab4f323, 0x47dd0f18),
-     TOBN(0x5779737b, 0x671c0d46), TOBN(0x10b6a7c6, 0xd3e0a42a),
-     TOBN(0xfb19ddf3, 0x3035b41c), TOBN(0xd336343f, 0x99c45895),
-     TOBN(0x61fe4938, 0x54c857e5), TOBN(0xc4d506be, 0xae4e57d5),
-     TOBN(0x3cd8c8cb, 0xbbc33f75), TOBN(0x7281f08a, 0x9262c77d),
-     TOBN(0x083f4ea6, 0xf11a2823), TOBN(0x8895041e, 0x9fba2e33),
-     TOBN(0xfcdfea49, 0x9c438edf), TOBN(0x7678dcc3, 0x91edba44),
-     TOBN(0xf07b3b87, 0xe2ba50f0), TOBN(0xc13888ef, 0x43948c1b),
-     TOBN(0xc2135ad4, 0x1140af42), TOBN(0x8e5104f3, 0x926ed1a7),
-     TOBN(0xf24430cb, 0x88f6695f), TOBN(0x0ce0637b, 0x6d73c120),
-     TOBN(0xb2db01e6, 0xfe631e8f), TOBN(0x1c5563d7, 0xd7bdd24b),
-     TOBN(0x8daea3ba, 0x369ad44f), TOBN(0x000c81b6, 0x8187a9f9),
-     TOBN(0x5f48a951, 0xaae1fd9a), TOBN(0xe35626c7, 0x8d5aed8a),
-     TOBN(0x20952763, 0x0498c622), TOBN(0x76d17634, 0x773aa504),
-     TOBN(0x36d90dda, 0xeb300f7a), TOBN(0x9dcf7dfc, 0xedb5e801),
-     TOBN(0x645cb268, 0x74d5244c), TOBN(0xa127ee79, 0x348e3aa2),
-     TOBN(0x488acc53, 0x575f1dbb), TOBN(0x95037e85, 0x80e6161e),
-     TOBN(0x57e59283, 0x292650d0), TOBN(0xabe67d99, 0x14938216),
-     TOBN(0x3c7f944b, 0x3f8e1065), TOBN(0xed908cb6, 0x330e8924),
-     TOBN(0x08ee8fd5, 0x6f530136), TOBN(0x2227b7d5, 0xd7ffc169),
-     TOBN(0x4f55c893, 0xb5cd6dd5), TOBN(0x82225e11, 0xa62796e8),
-     TOBN(0x5c6cead1, 0xcb18e12c), TOBN(0x4381ae0c, 0x84f5a51a),
-     TOBN(0x345913d3, 0x7fafa4c8), TOBN(0x3d918082, 0x0491aac0),
-     TOBN(0x9347871f, 0x3e69264c), TOBN(0xbea9dd3c, 0xb4f4f0cd),
-     TOBN(0xbda5d067, 0x3eadd3e7), TOBN(0x0033c1b8, 0x0573bcd8),
-     TOBN(0x25589379, 0x5da2486c), TOBN(0xcb89ee5b, 0x86abbee7),
-     TOBN(0x8fe0a8f3, 0x22532e5d), TOBN(0xb6410ff0, 0x727dfc4c),
-     TOBN(0x619b9d58, 0x226726db), TOBN(0x5ec25669, 0x7a2b2dc7),
-     TOBN(0xaf4d2e06, 0x4c3beb01), TOBN(0x852123d0, 0x7acea556),
-     TOBN(0x0e9470fa, 0xf783487a), TOBN(0x75a7ea04, 0x5664b3eb),
-     TOBN(0x4ad78f35, 0x6798e4ba), TOBN(0x9214e6e5, 0xc7d0e091),
-     TOBN(0xc420b488, 0xb1290403), TOBN(0x64049e0a, 0xfc295749),
-     TOBN(0x03ef5af1, 0x3ae9841f), TOBN(0xdbe4ca19, 0xb0b662a6),
-     TOBN(0x46845c5f, 0xfa453458), TOBN(0xf8dabf19, 0x10b66722),
-     TOBN(0xb650f0aa, 0xcce2793b), TOBN(0x71db851e, 0xc5ec47c1),
-     TOBN(0x3eb78f3e, 0x3b234fa9), TOBN(0xb0c60f35, 0xfc0106ce),
-     TOBN(0x05427121, 0x774eadbd), TOBN(0x25367faf, 0xce323863),
-     TOBN(0x7541b5c9, 0xcd086976), TOBN(0x4ff069e2, 0xdc507ad1),
-     TOBN(0x74145256, 0x8776e667), TOBN(0x6e76142c, 0xb23c6bb5),
-     TOBN(0xdbf30712, 0x1b3a8a87), TOBN(0x60e7363e, 0x98450836),
-     TOBN(0x5741450e, 0xb7366d80), TOBN(0xe4ee14ca, 0x4837dbdf),
-     TOBN(0xa765eb9b, 0x69d4316f), TOBN(0x04548dca, 0x8ef43825),
-     TOBN(0x9c9f4e4c, 0x5ae888eb), TOBN(0x733abb51, 0x56e9ac99),
-     TOBN(0xdaad3c20, 0xba6ac029), TOBN(0x9b8dd3d3, 0x2ba3e38e),
-     TOBN(0xa9bb4c92, 0x0bc5d11a), TOBN(0xf20127a7, 0x9c5f88a3),
-     TOBN(0x4f52b06e, 0x161d3cb8), TOBN(0x26c1ff09, 0x6afaf0a6),
-     TOBN(0x32670d2f, 0x7189e71f), TOBN(0xc6438748, 0x5ecf91e7),
-     TOBN(0x15758e57, 0xdb757a21), TOBN(0x427d09f8, 0x290a9ce5),
-     TOBN(0x846a308f, 0x38384a7a), TOBN(0xaac3acb4, 0xb0732b99),
-     TOBN(0x9e941009, 0x17845819), TOBN(0x95cba111, 0xa7ce5e03),
-     TOBN(0x6f3d4f7f, 0xb00009c4), TOBN(0xb8396c27, 0x8ff28b5f),
-     TOBN(0xb1a9ae43, 0x1c97975d), TOBN(0x9d7ba8af, 0xe5d9fed5),
-     TOBN(0x338cf09f, 0x34f485b6), TOBN(0xbc0ddacc, 0x64122516),
-     TOBN(0xa450da12, 0x05d471fe), TOBN(0x4c3a6250, 0x628dd8c9),
-     TOBN(0x69c7d103, 0xd1295837), TOBN(0xa2893e50, 0x3807eb2f),
-     TOBN(0xd6e1e1de, 0xbdb41491), TOBN(0xc630745b, 0x5e138235),
-     TOBN(0xc892109e, 0x48661ae1), TOBN(0x8d17e7eb, 0xea2b2674),
-     TOBN(0x00ec0f87, 0xc328d6b5), TOBN(0x6d858645, 0xf079ff9e),
-     TOBN(0x6cdf243e, 0x19115ead), TOBN(0x1ce1393e, 0x4bac4fcf),
-     TOBN(0x2c960ed0, 0x9c29f25b), TOBN(0x59be4d8e, 0x9d388a05),
-     TOBN(0x0d46e06c, 0xd0def72b), TOBN(0xb923db5d, 0xe0342748),
-     TOBN(0xf7d3aacd, 0x936d4a3d), TOBN(0x558519cc, 0x0b0b099e),
-     TOBN(0x3ea8ebf8, 0x827097ef), TOBN(0x259353db, 0xd054f55d),
-     TOBN(0x84c89abc, 0x6d2ed089), TOBN(0x5c548b69, 0x8e096a7c),
-     TOBN(0xd587f616, 0x994b995d), TOBN(0x4d1531f6, 0xa5845601),
-     TOBN(0x792ab31e, 0x451fd9f0), TOBN(0xc8b57bb2, 0x65adf6ca),
-     TOBN(0x68440fcb, 0x1cd5ad73), TOBN(0xb9c860e6, 0x6144da4f),
-     TOBN(0x2ab286aa, 0x8462beb8), TOBN(0xcc6b8fff, 0xef46797f),
-     TOBN(0xac820da4, 0x20c8a471), TOBN(0x69ae05a1, 0x77ff7faf),
-     TOBN(0xb9163f39, 0xbfb5da77), TOBN(0xbd03e590, 0x2c73ab7a),
-     TOBN(0x7e862b5e, 0xb2940d9e), TOBN(0x3c663d86, 0x4b9af564),
-     TOBN(0xd8309031, 0xbde3033d), TOBN(0x298231b2, 0xd42c5bc6),
-     TOBN(0x42090d2c, 0x552ad093), TOBN(0xa4799d1c, 0xff854695),
-     TOBN(0x0a88b5d6, 0xd31f0d00), TOBN(0xf8b40825, 0xa2f26b46),
-     TOBN(0xec29b1ed, 0xf1bd7218), TOBN(0xd491c53b, 0x4b24c86e),
-     TOBN(0xd2fe588f, 0x3395ea65), TOBN(0x6f3764f7, 0x4456ef15),
-     TOBN(0xdb43116d, 0xcdc34800), TOBN(0xcdbcd456, 0xc1e33955),
-     TOBN(0xefdb5540, 0x74ab286b), TOBN(0x948c7a51, 0xd18c5d7c),
-     TOBN(0xeb81aa37, 0x7378058e), TOBN(0x41c746a1, 0x04411154),
-     TOBN(0xa10c73bc, 0xfb828ac7), TOBN(0x6439be91, 0x9d972b29),
-     TOBN(0x4bf3b4b0, 0x43a2fbad), TOBN(0x39e6dadf, 0x82b5e840),
-     TOBN(0x4f716408, 0x6397bd4c), TOBN(0x0f7de568, 0x7f1eeccb),
-     TOBN(0x5865c5a1, 0xd2ffbfc1), TOBN(0xf74211fa, 0x4ccb6451),
-     TOBN(0x66368a88, 0xc0b32558), TOBN(0x5b539dc2, 0x9ad7812e),
-     TOBN(0x579483d0, 0x2f3af6f6), TOBN(0x52132078, 0x99934ece),
-     TOBN(0x50b9650f, 0xdcc9e983), TOBN(0xca989ec9, 0xaee42b8a),
-     TOBN(0x6a44c829, 0xd6f62f99), TOBN(0x8f06a309, 0x4c2a7c0c),
-     TOBN(0x4ea2b3a0, 0x98a0cb0a), TOBN(0x5c547b70, 0xbeee8364),
-     TOBN(0x461d40e1, 0x682afe11), TOBN(0x9e0fc77a, 0x7b41c0a8),
-     TOBN(0x79e4aefd, 0xe20d5d36), TOBN(0x2916e520, 0x32dd9f63),
-     TOBN(0xf59e52e8, 0x3f883faf), TOBN(0x396f9639, 0x2b868d35),
-     TOBN(0xc902a9df, 0x4ca19881), TOBN(0x0fc96822, 0xdb2401a6),
-     TOBN(0x41237587, 0x66f1c68d), TOBN(0x10fc6de3, 0xfb476c0d),
-     TOBN(0xf8b6b579, 0x841f5d90), TOBN(0x2ba8446c, 0xfa24f44a),
-     TOBN(0xa237b920, 0xef4a9975), TOBN(0x60bb6004, 0x2330435f),
-     TOBN(0xd6f4ab5a, 0xcfb7e7b5), TOBN(0xb2ac5097, 0x83435391),
-     TOBN(0xf036ee2f, 0xb0d1ea67), TOBN(0xae779a6a, 0x74c56230),
-     TOBN(0x59bff8c8, 0xab838ae6), TOBN(0xcd83ca99, 0x9b38e6f0),
-     TOBN(0xbb27bef5, 0xe33deed3), TOBN(0xe6356f6f, 0x001892a8),
-     TOBN(0xbf3be6cc, 0x7adfbd3e), TOBN(0xaecbc81c, 0x33d1ac9d),
-     TOBN(0xe4feb909, 0xe6e861dc), TOBN(0x90a247a4, 0x53f5f801),
-     TOBN(0x01c50acb, 0x27346e57), TOBN(0xce29242e, 0x461acc1b),
-     TOBN(0x04dd214a, 0x2f998a91), TOBN(0x271ee9b1, 0xd4baf27b),
-     TOBN(0x7e3027d1, 0xe8c26722), TOBN(0x21d1645c, 0x1820dce5),
-     TOBN(0x086f242c, 0x7501779c), TOBN(0xf0061407, 0xfa0e8009),
-     TOBN(0xf23ce477, 0x60187129), TOBN(0x05bbdedb, 0x0fde9bd0),
-     TOBN(0x682f4832, 0x25d98473), TOBN(0xf207fe85, 0x5c658427),
-     TOBN(0xb6fdd7ba, 0x4166ffa1), TOBN(0x0c314056, 0x9eed799d),
-     TOBN(0x0db8048f, 0x4107e28f), TOBN(0x74ed3871, 0x41216840),
-     TOBN(0x74489f8f, 0x56a3c06e), TOBN(0x1e1c005b, 0x12777134),
-     TOBN(0xdb332a73, 0xf37ec3c3), TOBN(0xc65259bd, 0xdd59eba0),
-     TOBN(0x2291709c, 0xdb4d3257), TOBN(0x9a793b25, 0xbd389390),
-     TOBN(0xf39fe34b, 0xe43756f0), TOBN(0x2f76bdce, 0x9afb56c9),
-     TOBN(0x9f37867a, 0x61208b27), TOBN(0xea1d4307, 0x089972c3),
-     TOBN(0x8c595330, 0x8bdf623a), TOBN(0x5f5accda, 0x8441fb7d),
-     TOBN(0xfafa9418, 0x32ddfd95), TOBN(0x6ad40c5a, 0x0fde9be7),
-     TOBN(0x43faba89, 0xaeca8709), TOBN(0xc64a7cf1, 0x2c248a9d),
-     TOBN(0x16620252, 0x72637a76), TOBN(0xaee1c791, 0x22b8d1bb),
-     TOBN(0xf0f798fd, 0x21a843b2), TOBN(0x56e4ed4d, 0x8d005cb1),
-     TOBN(0x355f7780, 0x1f0d8abe), TOBN(0x197b04cf, 0x34522326),
-     TOBN(0x41f9b31f, 0xfd42c13f), TOBN(0x5ef7feb2, 0xb40f933d),
-     TOBN(0x27326f42, 0x5d60bad4), TOBN(0x027ecdb2, 0x8c92cf89),
-     TOBN(0x04aae4d1, 0x4e3352fe), TOBN(0x08414d2f, 0x73591b90),
-     TOBN(0x5ed6124e, 0xb7da7d60), TOBN(0xb985b931, 0x4d13d4ec),
-     TOBN(0xa592d3ab, 0x96bf36f9), TOBN(0x012dbed5, 0xbbdf51df),
-     TOBN(0xa57963c0, 0xdf6c177d), TOBN(0x010ec869, 0x87ca29cf),
-     TOBN(0xba1700f6, 0xbf926dff), TOBN(0x7c9fdbd1, 0xf4bf6bc2),
-     TOBN(0xdc18dc8f, 0x64da11f5), TOBN(0xa6074b7a, 0xd938ae75),
-     TOBN(0x14270066, 0xe84f44a4), TOBN(0x99998d38, 0xd27b954e),
-     TOBN(0xc1be8ab2, 0xb4f38e9a), TOBN(0x8bb55bbf, 0x15c01016),
-     TOBN(0xf73472b4, 0x0ea2ab30), TOBN(0xd365a340, 0xf73d68dd),
-     TOBN(0xc01a7168, 0x19c2e1eb), TOBN(0x32f49e37, 0x34061719),
-     TOBN(0xb73c57f1, 0x01d8b4d6), TOBN(0x03c8423c, 0x26b47700),
-     TOBN(0x321d0bc8, 0xa4d8826a), TOBN(0x6004213c, 0x4bc0e638),
-     TOBN(0xf78c64a1, 0xc1c06681), TOBN(0x16e0a16f, 0xef018e50),
-     TOBN(0x31cbdf91, 0xdb42b2b3), TOBN(0xf8f4ffce, 0xe0d36f58),
-     TOBN(0xcdcc71cd, 0x4cc5e3e0), TOBN(0xd55c7cfa, 0xa129e3e0),
-     TOBN(0xccdb6ba0, 0x0fb2cbf1), TOBN(0x6aba0005, 0xc4bce3cb),
-     TOBN(0x501cdb30, 0xd232cfc4), TOBN(0x9ddcf12e, 0xd58a3cef),
-     TOBN(0x02d2cf9c, 0x87e09149), TOBN(0xdc5d7ec7, 0x2c976257),
-     TOBN(0x6447986e, 0x0b50d7dd), TOBN(0x88fdbaf7, 0x807f112a),
-     TOBN(0x58c9822a, 0xb00ae9f6), TOBN(0x6abfb950, 0x6d3d27e0),
-     TOBN(0xd0a74487, 0x8a429f4f), TOBN(0x0649712b, 0xdb516609),
-     TOBN(0xb826ba57, 0xe769b5df), TOBN(0x82335df2, 0x1fc7aaf2),
-     TOBN(0x2389f067, 0x5c93d995), TOBN(0x59ac367a, 0x68677be6),
-     TOBN(0xa77985ff, 0x21d9951b), TOBN(0x038956fb, 0x85011cce),
-     TOBN(0x608e48cb, 0xbb734e37), TOBN(0xc08c0bf2, 0x2be5b26f),
-     TOBN(0x17bbdd3b, 0xf9b1a0d9), TOBN(0xeac7d898, 0x10483319),
-     TOBN(0xc95c4baf, 0xbc1a6dea), TOBN(0xfdd0e2bf, 0x172aafdb),
-     TOBN(0x40373cbc, 0x8235c41a), TOBN(0x14303f21, 0xfb6f41d5),
-     TOBN(0xba063621, 0x0408f237), TOBN(0xcad3b09a, 0xecd2d1ed),
-     TOBN(0x4667855a, 0x52abb6a2), TOBN(0xba9157dc, 0xaa8b417b),
-     TOBN(0xfe7f3507, 0x4f013efb), TOBN(0x1b112c4b, 0xaa38c4a2),
-     TOBN(0xa1406a60, 0x9ba64345), TOBN(0xe53cba33, 0x6993c80b),
-     TOBN(0x45466063, 0xded40d23), TOBN(0x3d5f1f4d, 0x54908e25),
-     TOBN(0x9ebefe62, 0x403c3c31), TOBN(0x274ea0b5, 0x0672a624),
-     TOBN(0xff818d99, 0x451d1b71), TOBN(0x80e82643, 0x8f79cf79),
-     TOBN(0xa165df13, 0x73ce37f5), TOBN(0xa744ef4f, 0xfe3a21fd),
-     TOBN(0x73f1e7f5, 0xcf551396), TOBN(0xc616898e, 0x868c676b),
-     TOBN(0x671c28c7, 0x8c442c36), TOBN(0xcfe5e558, 0x5e0a317d),
-     TOBN(0x1242d818, 0x7051f476), TOBN(0x56fad2a6, 0x14f03442),
-     TOBN(0x262068bc, 0x0a44d0f6), TOBN(0xdfa2cd6e, 0xce6edf4e),
-     TOBN(0x0f43813a, 0xd15d1517), TOBN(0x61214cb2, 0x377d44f5),
-     TOBN(0xd399aa29, 0xc639b35f), TOBN(0x42136d71, 0x54c51c19),
-     TOBN(0x9774711b, 0x08417221), TOBN(0x0a5546b3, 0x52545a57),
-     TOBN(0x80624c41, 0x1150582d), TOBN(0x9ec5c418, 0xfbc555bc),
-     TOBN(0x2c87dcad, 0x771849f1), TOBN(0xb0c932c5, 0x01d7bf6f),
-     TOBN(0x6aa5cd3e, 0x89116eb2), TOBN(0xd378c25a, 0x51ca7bd3),
-     TOBN(0xc612a0da, 0x9e6e3e31), TOBN(0x0417a54d, 0xb68ad5d0),
-     TOBN(0x00451e4a, 0x22c6edb8), TOBN(0x9fbfe019, 0xb42827ce),
-     TOBN(0x2fa92505, 0xba9384a2), TOBN(0x21b8596e, 0x64ad69c1),
-     TOBN(0x8f4fcc49, 0x983b35a6), TOBN(0xde093760, 0x72754672),
-     TOBN(0x2f14ccc8, 0xf7bffe6d), TOBN(0x27566bff, 0x5d94263d),
-     TOBN(0xb5b4e9c6, 0x2df3ec30), TOBN(0x94f1d7d5, 0x3e6ea6ba),
-     TOBN(0x97b7851a, 0xaaca5e9b), TOBN(0x518aa521, 0x56713b97),
-     TOBN(0x3357e8c7, 0x150a61f6), TOBN(0x7842e7e2, 0xec2c2b69),
-     TOBN(0x8dffaf65, 0x6868a548), TOBN(0xd963bd82, 0xe068fc81),
-     TOBN(0x64da5c8b, 0x65917733), TOBN(0x927090ff, 0x7b247328),}
-    ,
-    {TOBN(0x214bc9a7, 0xd298c241), TOBN(0xe3b697ba, 0x56807cfd),
-     TOBN(0xef1c7802, 0x4564eadb), TOBN(0xdde8cdcf, 0xb48149c5),
-     TOBN(0x946bf0a7, 0x5a4d2604), TOBN(0x27154d7f, 0x6c1538af),
-     TOBN(0x95cc9230, 0xde5b1fcc), TOBN(0xd88519e9, 0x66864f82),
-     TOBN(0xb828dd1a, 0x7cb1282c), TOBN(0xa08d7626, 0xbe46973a),
-     TOBN(0x6baf8d40, 0xe708d6b2), TOBN(0x72571fa1, 0x4daeb3f3),
-     TOBN(0x85b1732f, 0xf22dfd98), TOBN(0x87ab01a7, 0x0087108d),
-     TOBN(0xaaaafea8, 0x5988207a), TOBN(0xccc832f8, 0x69f00755),
-     TOBN(0x964d950e, 0x36ff3bf0), TOBN(0x8ad20f6f, 0xf0b34638),
-     TOBN(0x4d9177b3, 0xb5d7585f), TOBN(0xcf839760, 0xef3f019f),
-     TOBN(0x582fc5b3, 0x8288c545), TOBN(0x2f8e4e9b, 0x13116bd1),
-     TOBN(0xf91e1b2f, 0x332120ef), TOBN(0xcf568724, 0x2a17dd23),
-     TOBN(0x488f1185, 0xca8d9d1a), TOBN(0xadf2c77d, 0xd987ded2),
-     TOBN(0x5f3039f0, 0x60c46124), TOBN(0xe5d70b75, 0x71e095f4),
-     TOBN(0x82d58650, 0x6260e70f), TOBN(0x39d75ea7, 0xf750d105),
-     TOBN(0x8cf3d0b1, 0x75bac364), TOBN(0xf3a7564d, 0x21d01329),
-     TOBN(0x182f04cd, 0x2f52d2a7), TOBN(0x4fde149a, 0xe2df565a),
-     TOBN(0xb80c5eec, 0xa79fb2f7), TOBN(0xab491d7b, 0x22ddc897),
-     TOBN(0x99d76c18, 0xc6312c7f), TOBN(0xca0d5f3d, 0x6aa41a57),
-     TOBN(0x71207325, 0xd15363a0), TOBN(0xe82aa265, 0xbeb252c2),
-     TOBN(0x94ab4700, 0xec3128c2), TOBN(0x6c76d862, 0x8e383f49),
-     TOBN(0xdc36b150, 0xc03024eb), TOBN(0xfb439477, 0x53daac69),
-     TOBN(0xfc68764a, 0x8dc79623), TOBN(0x5b86995d, 0xb440fbb2),
-     TOBN(0xd66879bf, 0xccc5ee0d), TOBN(0x05228942, 0x95aa8bd3),
-     TOBN(0xb51a40a5, 0x1e6a75c1), TOBN(0x24327c76, 0x0ea7d817),
-     TOBN(0x06630182, 0x07774597), TOBN(0xd6fdbec3, 0x97fa7164),
-     TOBN(0x20c99dfb, 0x13c90f48), TOBN(0xd6ac5273, 0x686ef263),
-     TOBN(0xc6a50bdc, 0xfef64eeb), TOBN(0xcd87b281, 0x86fdfc32),
-     TOBN(0xb24aa43e, 0x3fcd3efc), TOBN(0xdd26c034, 0xb8088e9a),
-     TOBN(0xa5ef4dc9, 0xbd3d46ea), TOBN(0xa2f99d58, 0x8a4c6a6f),
-     TOBN(0xddabd355, 0x2f1da46c), TOBN(0x72c3f8ce, 0x1afacdd1),
-     TOBN(0xd90c4eee, 0x92d40578), TOBN(0xd28bb41f, 0xca623b94),
-     TOBN(0x50fc0711, 0x745edc11), TOBN(0x9dd9ad7d, 0x3dc87558),
-     TOBN(0xce6931fb, 0xb49d1e64), TOBN(0x6c77a0a2, 0xc98bd0f9),
-     TOBN(0x62b9a629, 0x6baf7cb1), TOBN(0xcf065f91, 0xccf72d22),
-     TOBN(0x7203cce9, 0x79639071), TOBN(0x09ae4885, 0xf9cb732f),
-     TOBN(0x5e7c3bec, 0xee8314f3), TOBN(0x1c068aed, 0xdbea298f),
-     TOBN(0x08d381f1, 0x7c80acec), TOBN(0x03b56be8, 0xe330495b),
-     TOBN(0xaeffb8f2, 0x9222882d), TOBN(0x95ff38f6, 0xc4af8bf7),
-     TOBN(0x50e32d35, 0x1fc57d8c), TOBN(0x6635be52, 0x17b444f0),
-     TOBN(0x04d15276, 0xa5177900), TOBN(0x4e1dbb47, 0xf6858752),
-     TOBN(0x5b475622, 0xc615796c), TOBN(0xa6fa0387, 0x691867bf),
-     TOBN(0xed7f5d56, 0x2844c6d0), TOBN(0xc633cf9b, 0x03a2477d),
-     TOBN(0xf6be5c40, 0x2d3721d6), TOBN(0xaf312eb7, 0xe9fd68e6),
-     TOBN(0x242792d2, 0xe7417ce1), TOBN(0xff42bc71, 0x970ee7f5),
-     TOBN(0x1ff4dc6d, 0x5c67a41e), TOBN(0x77709b7b, 0x20882a58),
-     TOBN(0x3554731d, 0xbe217f2c), TOBN(0x2af2a8cd, 0x5bb72177),
-     TOBN(0x58eee769, 0x591dd059), TOBN(0xbb2930c9, 0x4bba6477),
-     TOBN(0x863ee047, 0x7d930cfc), TOBN(0x4c262ad1, 0x396fd1f4),
-     TOBN(0xf4765bc8, 0x039af7e1), TOBN(0x2519834b, 0x5ba104f6),
-     TOBN(0x7cd61b4c, 0xd105f961), TOBN(0xa5415da5, 0xd63bca54),
-     TOBN(0x778280a0, 0x88a1f17c), TOBN(0xc4968949, 0x2329512c),
-     TOBN(0x174a9126, 0xcecdaa7a), TOBN(0xfc8c7e0e, 0x0b13247b),
-     TOBN(0x29c110d2, 0x3484c1c4), TOBN(0xf8eb8757, 0x831dfc3b),
-     TOBN(0x022f0212, 0xc0067452), TOBN(0x3f6f69ee, 0x7b9b926c),
-     TOBN(0x09032da0, 0xef42daf4), TOBN(0x79f00ade, 0x83f80de4),
-     TOBN(0x6210db71, 0x81236c97), TOBN(0x74f7685b, 0x3ee0781f),
-     TOBN(0x4df7da7b, 0xa3e41372), TOBN(0x2aae38b1, 0xb1a1553e),
-     TOBN(0x1688e222, 0xf6dd9d1b), TOBN(0x57695448, 0x5b8b6487),
-     TOBN(0x478d2127, 0x4b2edeaa), TOBN(0xb2818fa5, 0x1e85956a),
-     TOBN(0x1e6addda, 0xf176f2c0), TOBN(0x01ca4604, 0xe2572658),
-     TOBN(0x0a404ded, 0x85342ffb), TOBN(0x8cf60f96, 0x441838d6),
-     TOBN(0x9bbc691c, 0xc9071c4a), TOBN(0xfd588744, 0x34442803),
-     TOBN(0x97101c85, 0x809c0d81), TOBN(0xa7fb754c, 0x8c456f7f),
-     TOBN(0xc95f3c5c, 0xd51805e1), TOBN(0xab4ccd39, 0xb299dca8),
-     TOBN(0x3e03d20b, 0x47eaf500), TOBN(0xfa3165c1, 0xd7b80893),
-     TOBN(0x005e8b54, 0xe160e552), TOBN(0xdc4972ba, 0x9019d11f),
-     TOBN(0x21a6972e, 0x0c9a4a7a), TOBN(0xa52c258f, 0x37840fd7),
-     TOBN(0xf8559ff4, 0xc1e99d81), TOBN(0x08e1a7d6, 0xa3c617c0),
-     TOBN(0xb398fd43, 0x248c6ba7), TOBN(0x6ffedd91, 0xd1283794),
-     TOBN(0x8a6a59d2, 0xd629d208), TOBN(0xa9d141d5, 0x3490530e),
-     TOBN(0x42f6fc18, 0x38505989), TOBN(0x09bf250d, 0x479d94ee),
-     TOBN(0x223ad3b1, 0xb3822790), TOBN(0x6c5926c0, 0x93b8971c),
-     TOBN(0x609efc7e, 0x75f7fa62), TOBN(0x45d66a6d, 0x1ec2d989),
-     TOBN(0x4422d663, 0x987d2792), TOBN(0x4a73caad, 0x3eb31d2b),
-     TOBN(0xf06c2ac1, 0xa32cb9e6), TOBN(0xd9445c5f, 0x91aeba84),
-     TOBN(0x6af7a1d5, 0xaf71013f), TOBN(0xe68216e5, 0x0bedc946),
-     TOBN(0xf4cba30b, 0xd27370a0), TOBN(0x7981afbf, 0x870421cc),
-     TOBN(0x02496a67, 0x9449f0e1), TOBN(0x86cfc4be, 0x0a47edae),
-     TOBN(0x3073c936, 0xb1feca22), TOBN(0xf5694612, 0x03f8f8fb),
-     TOBN(0xd063b723, 0x901515ea), TOBN(0x4c6c77a5, 0x749cf038),
-     TOBN(0x6361e360, 0xab9e5059), TOBN(0x596cf171, 0xa76a37c0),
-     TOBN(0x800f53fa, 0x6530ae7a), TOBN(0x0f5e631e, 0x0792a7a6),
-     TOBN(0x5cc29c24, 0xefdb81c9), TOBN(0xa269e868, 0x3f9c40ba),
-     TOBN(0xec14f9e1, 0x2cb7191e), TOBN(0x78ea1bd8, 0xe5b08ea6),
-     TOBN(0x3c65aa9b, 0x46332bb9), TOBN(0x84cc22b3, 0xbf80ce25),
-     TOBN(0x0098e9e9, 0xd49d5bf1), TOBN(0xcd4ec1c6, 0x19087da4),
-     TOBN(0x3c9d07c5, 0xaef6e357), TOBN(0x839a0268, 0x9f8f64b8),
-     TOBN(0xc5e9eb62, 0xc6d8607f), TOBN(0x759689f5, 0x6aa995e4),
-     TOBN(0x70464669, 0xbbb48317), TOBN(0x921474bf, 0xe402417d),
-     TOBN(0xcabe135b, 0x2a354c8c), TOBN(0xd51e52d2, 0x812fa4b5),
-     TOBN(0xec741096, 0x53311fe8), TOBN(0x4f774535, 0xb864514b),
-     TOBN(0xbcadd671, 0x5bde48f8), TOBN(0xc9703873, 0x2189bc7d),
-     TOBN(0x5d45299e, 0xc709ee8a), TOBN(0xd1287ee2, 0x845aaff8),
-     TOBN(0x7d1f8874, 0xdb1dbf1f), TOBN(0xea46588b, 0x990c88d6),
-     TOBN(0x60ba649a, 0x84368313), TOBN(0xd5fdcbce, 0x60d543ae),
-     TOBN(0x90b46d43, 0x810d5ab0), TOBN(0x6739d8f9, 0x04d7e5cc),
-     TOBN(0x021c1a58, 0x0d337c33), TOBN(0x00a61162, 0x68e67c40),
-     TOBN(0x95ef413b, 0x379f0a1f), TOBN(0xfe126605, 0xe9e2ab95),
-     TOBN(0x67578b85, 0x2f5f199c), TOBN(0xf5c00329, 0x2cb84913),
-     TOBN(0xf7956430, 0x37577dd8), TOBN(0x83b82af4, 0x29c5fe88),
-     TOBN(0x9c1bea26, 0xcdbdc132), TOBN(0x589fa086, 0x9c04339e),
-     TOBN(0x033e9538, 0xb13799df), TOBN(0x85fa8b21, 0xd295d034),
-     TOBN(0xdf17f73f, 0xbd9ddcca), TOBN(0xf32bd122, 0xddb66334),
-     TOBN(0x55ef88a7, 0x858b044c), TOBN(0x1f0d69c2, 0x5aa9e397),
-     TOBN(0x55fd9cc3, 0x40d85559), TOBN(0xc774df72, 0x7785ddb2),
-     TOBN(0x5dcce9f6, 0xd3bd2e1c), TOBN(0xeb30da20, 0xa85dfed0),
-     TOBN(0x5ed7f5bb, 0xd3ed09c4), TOBN(0x7d42a35c, 0x82a9c1bd),
-     TOBN(0xcf3de995, 0x9890272d), TOBN(0x75f3432a, 0x3e713a10),
-     TOBN(0x5e13479f, 0xe28227b8), TOBN(0xb8561ea9, 0xfefacdc8),
-     TOBN(0xa6a297a0, 0x8332aafd), TOBN(0x9b0d8bb5, 0x73809b62),
-     TOBN(0xd2fa1cfd, 0x0c63036f), TOBN(0x7a16eb55, 0xbd64bda8),
-     TOBN(0x3f5cf5f6, 0x78e62ddc), TOBN(0x2267c454, 0x07fd752b),
-     TOBN(0x5e361b6b, 0x5e437bbe), TOBN(0x95c59501, 0x8354e075),
-     TOBN(0xec725f85, 0xf2b254d9), TOBN(0x844b617d, 0x2cb52b4e),
-     TOBN(0xed8554f5, 0xcf425fb5), TOBN(0xab67703e, 0x2af9f312),
-     TOBN(0x4cc34ec1, 0x3cf48283), TOBN(0xb09daa25, 0x9c8a705e),
-     TOBN(0xd1e9d0d0, 0x5b7d4f84), TOBN(0x4df6ef64, 0xdb38929d),
-     TOBN(0xe16b0763, 0xaa21ba46), TOBN(0xc6b1d178, 0xa293f8fb),
-     TOBN(0x0ff5b602, 0xd520aabf), TOBN(0x94d671bd, 0xc339397a),
-     TOBN(0x7c7d98cf, 0x4f5792fa), TOBN(0x7c5e0d67, 0x11215261),
-     TOBN(0x9b19a631, 0xa7c5a6d4), TOBN(0xc8511a62, 0x7a45274d),
-     TOBN(0x0c16621c, 0xa5a60d99), TOBN(0xf7fbab88, 0xcf5e48cb),
-     TOBN(0xab1e6ca2, 0xf7ddee08), TOBN(0x83bd08ce, 0xe7867f3c),
-     TOBN(0xf7e48e8a, 0x2ac13e27), TOBN(0x4494f6df, 0x4eb1a9f5),
-     TOBN(0xedbf84eb, 0x981f0a62), TOBN(0x49badc32, 0x536438f0),
-     TOBN(0x50bea541, 0x004f7571), TOBN(0xbac67d10, 0xdf1c94ee),
-     TOBN(0x253d73a1, 0xb727bc31), TOBN(0xb3d01cf2, 0x30686e28),
-     TOBN(0x51b77b1b, 0x55fd0b8b), TOBN(0xa099d183, 0xfeec3173),
-     TOBN(0x202b1fb7, 0x670e72b7), TOBN(0xadc88b33, 0xa8e1635f),
-     TOBN(0x34e8216a, 0xf989d905), TOBN(0xc2e68d20, 0x29b58d01),
-     TOBN(0x11f81c92, 0x6fe55a93), TOBN(0x15f1462a, 0x8f296f40),
-     TOBN(0x1915d375, 0xea3d62f2), TOBN(0xa17765a3, 0x01c8977d),
-     TOBN(0x7559710a, 0xe47b26f6), TOBN(0xe0bd29c8, 0x535077a5),
-     TOBN(0x615f976d, 0x08d84858), TOBN(0x370dfe85, 0x69ced5c1),
-     TOBN(0xbbc7503c, 0xa734fa56), TOBN(0xfbb9f1ec, 0x91ac4574),
-     TOBN(0x95d7ec53, 0x060dd7ef), TOBN(0xeef2dacd, 0x6e657979),
-     TOBN(0x54511af3, 0xe2a08235), TOBN(0x1e324aa4, 0x1f4aea3d),
-     TOBN(0x550e7e71, 0xe6e67671), TOBN(0xbccd5190, 0xbf52faf7),
-     TOBN(0xf880d316, 0x223cc62a), TOBN(0x0d402c7e, 0x2b32eb5d),
-     TOBN(0xa40bc039, 0x306a5a3b), TOBN(0x4e0a41fd, 0x96783a1b),
-     TOBN(0xa1e8d39a, 0x0253cdd4), TOBN(0x6480be26, 0xc7388638),
-     TOBN(0xee365e1d, 0x2285f382), TOBN(0x188d8d8f, 0xec0b5c36),
-     TOBN(0x34ef1a48, 0x1f0f4d82), TOBN(0x1a8f43e1, 0xa487d29a),
-     TOBN(0x8168226d, 0x77aefb3a), TOBN(0xf69a751e, 0x1e72c253),
-     TOBN(0x8e04359a, 0xe9594df1), TOBN(0x475ffd7d, 0xd14c0467),
-     TOBN(0xb5a2c2b1, 0x3844e95c), TOBN(0x85caf647, 0xdd12ef94),
-     TOBN(0x1ecd2a9f, 0xf1063d00), TOBN(0x1dd2e229, 0x23843311),
-     TOBN(0x38f0e09d, 0x73d17244), TOBN(0x3ede7746, 0x8fc653f1),
-     TOBN(0xae4459f5, 0xdc20e21c), TOBN(0x00db2ffa, 0x6a8599ea),
-     TOBN(0x11682c39, 0x30cfd905), TOBN(0x4934d074, 0xa5c112a6),
-     TOBN(0xbdf063c5, 0x568bfe95), TOBN(0x779a440a, 0x016c441a),
-     TOBN(0x0c23f218, 0x97d6fbdc), TOBN(0xd3a5cd87, 0xe0776aac),
-     TOBN(0xcee37f72, 0xd712e8db), TOBN(0xfb28c70d, 0x26f74e8d),
-     TOBN(0xffe0c728, 0xb61301a0), TOBN(0xa6282168, 0xd3724354),
-     TOBN(0x7ff4cb00, 0x768ffedc), TOBN(0xc51b3088, 0x03b02de9),
-     TOBN(0xa5a8147c, 0x3902dda5), TOBN(0x35d2f706, 0xfe6973b4),
-     TOBN(0x5ac2efcf, 0xc257457e), TOBN(0x933f48d4, 0x8700611b),
-     TOBN(0xc365af88, 0x4912beb2), TOBN(0x7f5a4de6, 0x162edf94),
-     TOBN(0xc646ba7c, 0x0c32f34b), TOBN(0x632c6af3, 0xb2091074),
-     TOBN(0x58d4f2e3, 0x753e43a9), TOBN(0x70e1d217, 0x24d4e23f),
-     TOBN(0xb24bf729, 0xafede6a6), TOBN(0x7f4a94d8, 0x710c8b60),
-     TOBN(0xaad90a96, 0x8d4faa6a), TOBN(0xd9ed0b32, 0xb066b690),
-     TOBN(0x52fcd37b, 0x78b6dbfd), TOBN(0x0b64615e, 0x8bd2b431),
-     TOBN(0x228e2048, 0xcfb9fad5), TOBN(0xbeaa386d, 0x240b76bd),
-     TOBN(0x2d6681c8, 0x90dad7bc), TOBN(0x3e553fc3, 0x06d38f5e),
-     TOBN(0xf27cdb9b, 0x9d5f9750), TOBN(0x3e85c52a, 0xd28c5b0e),
-     TOBN(0x190795af, 0x5247c39b), TOBN(0x547831eb, 0xbddd6828),
-     TOBN(0xf327a227, 0x4a82f424), TOBN(0x36919c78, 0x7e47f89d),
-     TOBN(0xe4783919, 0x43c7392c), TOBN(0xf101b9aa, 0x2316fefe),
-     TOBN(0xbcdc9e9c, 0x1c5009d2), TOBN(0xfb55ea13, 0x9cd18345),
-     TOBN(0xf5b5e231, 0xa3ce77c7), TOBN(0xde6b4527, 0xd2f2cb3d),
-     TOBN(0x10f6a333, 0x9bb26f5f), TOBN(0x1e85db8e, 0x044d85b6),
-     TOBN(0xc3697a08, 0x94197e54), TOBN(0x65e18cc0, 0xa7cb4ea8),
-     TOBN(0xa38c4f50, 0xa471fe6e), TOBN(0xf031747a, 0x2f13439c),
-     TOBN(0x53c4a6ba, 0xc007318b), TOBN(0xa8da3ee5, 0x1deccb3d),
-     TOBN(0x0555b31c, 0x558216b1), TOBN(0x90c7810c, 0x2f79e6c2),
-     TOBN(0x9b669f4d, 0xfe8eed3c), TOBN(0x70398ec8, 0xe0fac126),
-     TOBN(0xa96a449e, 0xf701b235), TOBN(0x0ceecdb3, 0xeb94f395),
-     TOBN(0x285fc368, 0xd0cb7431), TOBN(0x0d37bb52, 0x16a18c64),
-     TOBN(0x05110d38, 0xb880d2dd), TOBN(0xa60f177b, 0x65930d57),
-     TOBN(0x7da34a67, 0xf36235f5), TOBN(0x47f5e17c, 0x183816b9),
-     TOBN(0xc7664b57, 0xdb394af4), TOBN(0x39ba215d, 0x7036f789),
-     TOBN(0x46d2ca0e, 0x2f27b472), TOBN(0xc42647ee, 0xf73a84b7),
-     TOBN(0x44bc7545, 0x64488f1d), TOBN(0xaa922708, 0xf4cf85d5),
-     TOBN(0x721a01d5, 0x53e4df63), TOBN(0x649c0c51, 0x5db46ced),
-     TOBN(0x6bf0d64e, 0x3cffcb6c), TOBN(0xe3bf93fe, 0x50f71d96),
-     TOBN(0x75044558, 0xbcc194a0), TOBN(0x16ae3372, 0x6afdc554),
-     TOBN(0xbfc01adf, 0x5ca48f3f), TOBN(0x64352f06, 0xe22a9b84),
-     TOBN(0xcee54da1, 0xc1099e4a), TOBN(0xbbda54e8, 0xfa1b89c0),
-     TOBN(0x166a3df5, 0x6f6e55fb), TOBN(0x1ca44a24, 0x20176f88),
-     TOBN(0x936afd88, 0xdfb7b5ff), TOBN(0xe34c2437, 0x8611d4a0),
-     TOBN(0x7effbb75, 0x86142103), TOBN(0x6704ba1b, 0x1f34fc4d),
-     TOBN(0x7c2a468f, 0x10c1b122), TOBN(0x36b3a610, 0x8c6aace9),
-     TOBN(0xabfcc0a7, 0x75a0d050), TOBN(0x066f9197, 0x3ce33e32),
-     TOBN(0xce905ef4, 0x29fe09be), TOBN(0x89ee25ba, 0xa8376351),
-     TOBN(0x2a3ede22, 0xfd29dc76), TOBN(0x7fd32ed9, 0x36f17260),
-     TOBN(0x0cadcf68, 0x284b4126), TOBN(0x63422f08, 0xa7951fc8),
-     TOBN(0x562b24f4, 0x0807e199), TOBN(0xfe9ce5d1, 0x22ad4490),
-     TOBN(0xc2f51b10, 0x0db2b1b4), TOBN(0xeb3613ff, 0xe4541d0d),
-     TOBN(0xbd2c4a05, 0x2680813b), TOBN(0x527aa55d, 0x561b08d6),
-     TOBN(0xa9f8a40e, 0xa7205558), TOBN(0xe3eea56f, 0x243d0bec),
-     TOBN(0x7b853817, 0xa0ff58b3), TOBN(0xb67d3f65, 0x1a69e627),
-     TOBN(0x0b76bbb9, 0xa869b5d6), TOBN(0xa3afeb82, 0x546723ed),
-     TOBN(0x5f24416d, 0x3e554892), TOBN(0x8413b53d, 0x430e2a45),
-     TOBN(0x99c56aee, 0x9032a2a0), TOBN(0x09432bf6, 0xeec367b1),
-     TOBN(0x552850c6, 0xdaf0ecc1), TOBN(0x49ebce55, 0x5bc92048),
-     TOBN(0xdfb66ba6, 0x54811307), TOBN(0x1b84f797, 0x6f298597),
-     TOBN(0x79590481, 0x8d1d7a0d), TOBN(0xd9fabe03, 0x3a6fa556),
-     TOBN(0xa40f9c59, 0xba9e5d35), TOBN(0xcb1771c1, 0xf6247577),
-     TOBN(0x542a47ca, 0xe9a6312b), TOBN(0xa34b3560, 0x552dd8c5),
-     TOBN(0xfdf94de0, 0x0d794716), TOBN(0xd46124a9, 0x9c623094),
-     TOBN(0x56b7435d, 0x68afe8b4), TOBN(0x27f20540, 0x6c0d8ea1),
-     TOBN(0x12b77e14, 0x73186898), TOBN(0xdbc3dd46, 0x7479490f),
-     TOBN(0x951a9842, 0xc03b0c05), TOBN(0x8b1b3bb3, 0x7921bc96),
-     TOBN(0xa573b346, 0x2b202e0a), TOBN(0x77e4665d, 0x47254d56),
-     TOBN(0x08b70dfc, 0xd23e3984), TOBN(0xab86e8bc, 0xebd14236),
-     TOBN(0xaa3e07f8, 0x57114ba7), TOBN(0x5ac71689, 0xab0ef4f2),
-     TOBN(0x88fca384, 0x0139d9af), TOBN(0x72733f88, 0x76644af0),
-     TOBN(0xf122f72a, 0x65d74f4a), TOBN(0x13931577, 0xa5626c7a),
-     TOBN(0xd5b5d9eb, 0x70f8d5a4), TOBN(0x375adde7, 0xd7bbb228),
-     TOBN(0x31e88b86, 0x0c1c0b32), TOBN(0xd1f568c4, 0x173edbaa),
-     TOBN(0x1592fc83, 0x5459df02), TOBN(0x2beac0fb, 0x0fcd9a7e),
-     TOBN(0xb0a6fdb8, 0x1b473b0a), TOBN(0xe3224c6f, 0x0fe8fc48),
-     TOBN(0x680bd00e, 0xe87edf5b), TOBN(0x30385f02, 0x20e77cf5),
-     TOBN(0xe9ab98c0, 0x4d42d1b2), TOBN(0x72d191d2, 0xd3816d77),
-     TOBN(0x1564daca, 0x0917d9e5), TOBN(0x394eab59, 0x1f8fed7f),
-     TOBN(0xa209aa8d, 0x7fbb3896), TOBN(0x5564f3b9, 0xbe6ac98e),
-     TOBN(0xead21d05, 0xd73654ef), TOBN(0x68d1a9c4, 0x13d78d74),
-     TOBN(0x61e01708, 0x6d4973a0), TOBN(0x83da3500, 0x46e6d32a),
-     TOBN(0x6a3dfca4, 0x68ae0118), TOBN(0xa1b9a4c9, 0xd02da069),
-     TOBN(0x0b2ff9c7, 0xebab8302), TOBN(0x98af07c3, 0x944ba436),
-     TOBN(0x85997326, 0x995f0f9f), TOBN(0x467fade0, 0x71b58bc6),
-     TOBN(0x47e4495a, 0xbd625a2b), TOBN(0xfdd2d01d, 0x33c3b8cd),
-     TOBN(0x2c38ae28, 0xc693f9fa), TOBN(0x48622329, 0x348f7999),
-     TOBN(0x97bf738e, 0x2161f583), TOBN(0x15ee2fa7, 0x565e8cc9),
-     TOBN(0xa1a5c845, 0x5777e189), TOBN(0xcc10bee0, 0x456f2829),
-     TOBN(0x8ad95c56, 0xda762bd5), TOBN(0x152e2214, 0xe9d91da8),
-     TOBN(0x975b0e72, 0x7cb23c74), TOBN(0xfd5d7670, 0xa90c66df),
-     TOBN(0xb5b5b8ad, 0x225ffc53), TOBN(0xab6dff73, 0xfaded2ae),
-     TOBN(0xebd56781, 0x6f4cbe9d), TOBN(0x0ed8b249, 0x6a574bd7),
-     TOBN(0x41c246fe, 0x81a881fa), TOBN(0x91564805, 0xc3db9c70),
-     TOBN(0xd7c12b08, 0x5b862809), TOBN(0x1facd1f1, 0x55858d7b),
-     TOBN(0x7693747c, 0xaf09e92a), TOBN(0x3b69dcba, 0x189a425f),
-     TOBN(0x0be28e9f, 0x967365ef), TOBN(0x57300eb2, 0xe801f5c9),
-     TOBN(0x93b8ac6a, 0xd583352f), TOBN(0xa2cf1f89, 0xcd05b2b7),
-     TOBN(0x7c0c9b74, 0x4dcc40cc), TOBN(0xfee38c45, 0xada523fb),
-     TOBN(0xb49a4dec, 0x1099cc4d), TOBN(0x325c377f, 0x69f069c6),
-     TOBN(0xe12458ce, 0x476cc9ff), TOBN(0x580e0b6c, 0xc6d4cb63),
-     TOBN(0xd561c8b7, 0x9072289b), TOBN(0x0377f264, 0xa619e6da),
-     TOBN(0x26685362, 0x88e591a5), TOBN(0xa453a7bd, 0x7523ca2b),
-     TOBN(0x8a9536d2, 0xc1df4533), TOBN(0xc8e50f2f, 0xbe972f79),
-     TOBN(0xd433e50f, 0x6d3549cf), TOBN(0x6f33696f, 0xfacd665e),
-     TOBN(0x695bfdac, 0xce11fcb4), TOBN(0x810ee252, 0xaf7c9860),
-     TOBN(0x65450fe1, 0x7159bb2c), TOBN(0xf7dfbebe, 0x758b357b),
-     TOBN(0x2b057e74, 0xd69fea72), TOBN(0xd485717a, 0x92731745),}
-    ,
-    {TOBN(0x896c42e8, 0xee36860c), TOBN(0xdaf04dfd, 0x4113c22d),
-     TOBN(0x1adbb7b7, 0x44104213), TOBN(0xe5fd5fa1, 0x1fd394ea),
-     TOBN(0x68235d94, 0x1a4e0551), TOBN(0x6772cfbe, 0x18d10151),
-     TOBN(0x276071e3, 0x09984523), TOBN(0xe4e879de, 0x5a56ba98),
-     TOBN(0xaaafafb0, 0x285b9491), TOBN(0x01a0be88, 0x1e4c705e),
-     TOBN(0xff1d4f5d, 0x2ad9caab), TOBN(0x6e349a4a, 0xc37a233f),
-     TOBN(0xcf1c1246, 0x4a1c6a16), TOBN(0xd99e6b66, 0x29383260),
-     TOBN(0xea3d4366, 0x5f6d5471), TOBN(0x36974d04, 0xff8cc89b),
-     TOBN(0xc26c49a1, 0xcfe89d80), TOBN(0xb42c026d, 0xda9c8371),
-     TOBN(0xca6c013a, 0xdad066d2), TOBN(0xfb8f7228, 0x56a4f3ee),
-     TOBN(0x08b579ec, 0xd850935b), TOBN(0x34c1a74c, 0xd631e1b3),
-     TOBN(0xcb5fe596, 0xac198534), TOBN(0x39ff21f6, 0xe1f24f25),
-     TOBN(0x27f29e14, 0x8f929057), TOBN(0x7a64ae06, 0xc0c853df),
-     TOBN(0x256cd183, 0x58e9c5ce), TOBN(0x9d9cce82, 0xded092a5),
-     TOBN(0xcc6e5979, 0x6e93b7c7), TOBN(0xe1e47092, 0x31bb9e27),
-     TOBN(0xb70b3083, 0xaa9e29a0), TOBN(0xbf181a75, 0x3785e644),
-     TOBN(0xf53f2c65, 0x8ead09f7), TOBN(0x1335e1d5, 0x9780d14d),
-     TOBN(0x69cc20e0, 0xcd1b66bc), TOBN(0x9b670a37, 0xbbe0bfc8),
-     TOBN(0xce53dc81, 0x28efbeed), TOBN(0x0c74e77c, 0x8326a6e5),
-     TOBN(0x3604e0d2, 0xb88e9a63), TOBN(0xbab38fca, 0x13dc2248),
-     TOBN(0x8ed6e8c8, 0x5c0a3f1e), TOBN(0xbcad2492, 0x7c87c37f),
-     TOBN(0xfdfb62bb, 0x9ee3b78d), TOBN(0xeba8e477, 0xcbceba46),
-     TOBN(0x37d38cb0, 0xeeaede4b), TOBN(0x0bc498e8, 0x7976deb6),
-     TOBN(0xb2944c04, 0x6b6147fb), TOBN(0x8b123f35, 0xf71f9609),
-     TOBN(0xa155dcc7, 0xde79dc24), TOBN(0xf1168a32, 0x558f69cd),
-     TOBN(0xbac21595, 0x0d1850df), TOBN(0x15c8295b, 0xb204c848),
-     TOBN(0xf661aa36, 0x7d8184ff), TOBN(0xc396228e, 0x30447bdb),
-     TOBN(0x11cd5143, 0xbde4a59e), TOBN(0xe3a26e3b, 0x6beab5e6),
-     TOBN(0xd3b3a13f, 0x1402b9d0), TOBN(0x573441c3, 0x2c7bc863),
-     TOBN(0x4b301ec4, 0x578c3e6e), TOBN(0xc26fc9c4, 0x0adaf57e),
-     TOBN(0x96e71bfd, 0x7493cea3), TOBN(0xd05d4b3f, 0x1af81456),
-     TOBN(0xdaca2a8a, 0x6a8c608f), TOBN(0x53ef07f6, 0x0725b276),
-     TOBN(0x07a5fbd2, 0x7824fc56), TOBN(0x34675218, 0x13289077),
-     TOBN(0x5bf69fd5, 0xe0c48349), TOBN(0xa613ddd3, 0xb6aa7875),
-     TOBN(0x7f78c19c, 0x5450d866), TOBN(0x46f4409c, 0x8f84a481),
-     TOBN(0x9f1d1928, 0x90fce239), TOBN(0x016c4168, 0xb2ce44b9),
-     TOBN(0xbae023f0, 0xc7435978), TOBN(0xb152c888, 0x20e30e19),
-     TOBN(0x9c241645, 0xe3fa6faf), TOBN(0x735d95c1, 0x84823e60),
-     TOBN(0x03197573, 0x03955317), TOBN(0x0b4b02a9, 0xf03b4995),
-     TOBN(0x076bf559, 0x70274600), TOBN(0x32c5cc53, 0xaaf57508),
-     TOBN(0xe8af6d1f, 0x60624129), TOBN(0xb7bc5d64, 0x9a5e2b5e),
-     TOBN(0x3814b048, 0x5f082d72), TOBN(0x76f267f2, 0xce19677a),
-     TOBN(0x626c630f, 0xb36eed93), TOBN(0x55230cd7, 0x3bf56803),
-     TOBN(0x78837949, 0xce2736a0), TOBN(0x0d792d60, 0xaa6c55f1),
-     TOBN(0x0318dbfd, 0xd5c7c5d2), TOBN(0xb38f8da7, 0x072b342d),
-     TOBN(0x3569bddc, 0x7b8de38a), TOBN(0xf25b5887, 0xa1c94842),
-     TOBN(0xb2d5b284, 0x2946ad60), TOBN(0x854f29ad, 0xe9d1707e),
-     TOBN(0xaa5159dc, 0x2c6a4509), TOBN(0x899f94c0, 0x57189837),
-     TOBN(0xcf6adc51, 0xf4a55b03), TOBN(0x261762de, 0x35e3b2d5),
-     TOBN(0x4cc43012, 0x04827b51), TOBN(0xcd22a113, 0xc6021442),
-     TOBN(0xce2fd61a, 0x247c9569), TOBN(0x59a50973, 0xd152beca),
-     TOBN(0x6c835a11, 0x63a716d4), TOBN(0xc26455ed, 0x187dedcf),
-     TOBN(0x27f536e0, 0x49ce89e7), TOBN(0x18908539, 0xcc890cb5),
-     TOBN(0x308909ab, 0xd83c2aa1), TOBN(0xecd3142b, 0x1ab73bd3),
-     TOBN(0x6a85bf59, 0xb3f5ab84), TOBN(0x3c320a68, 0xf2bea4c6),
-     TOBN(0xad8dc538, 0x6da4541f), TOBN(0xeaf34eb0, 0xb7c41186),
-     TOBN(0x1c780129, 0x977c97c4), TOBN(0x5ff9beeb, 0xc57eb9fa),
-     TOBN(0xa24d0524, 0xc822c478), TOBN(0xfd8eec2a, 0x461cd415),
-     TOBN(0xfbde194e, 0xf027458c), TOBN(0xb4ff5319, 0x1d1be115),
-     TOBN(0x63f874d9, 0x4866d6f4), TOBN(0x35c75015, 0xb21ad0c9),
-     TOBN(0xa6b5c9d6, 0x46ac49d2), TOBN(0x42c77c0b, 0x83137aa9),
-     TOBN(0x24d000fc, 0x68225a38), TOBN(0x0f63cfc8, 0x2fe1e907),
-     TOBN(0x22d1b01b, 0xc6441f95), TOBN(0x7d38f719, 0xec8e448f),
-     TOBN(0x9b33fa5f, 0x787fb1ba), TOBN(0x94dcfda1, 0x190158df),
-     TOBN(0xc47cb339, 0x5f6d4a09), TOBN(0x6b4f355c, 0xee52b826),
-     TOBN(0x3d100f5d, 0xf51b930a), TOBN(0xf4512fac, 0x9f668f69),
-     TOBN(0x546781d5, 0x206c4c74), TOBN(0xd021d4d4, 0xcb4d2e48),
-     TOBN(0x494a54c2, 0xca085c2d), TOBN(0xf1dbaca4, 0x520850a8),
-     TOBN(0x63c79326, 0x490a1aca), TOBN(0xcb64dd9c, 0x41526b02),
-     TOBN(0xbb772591, 0xa2979258), TOBN(0x3f582970, 0x48d97846),
-     TOBN(0xd66b70d1, 0x7c213ba7), TOBN(0xc28febb5, 0xe8a0ced4),
-     TOBN(0x6b911831, 0xc10338c1), TOBN(0x0d54e389, 0xbf0126f3),
-     TOBN(0x7048d460, 0x4af206ee), TOBN(0x786c88f6, 0x77e97cb9),
-     TOBN(0xd4375ae1, 0xac64802e), TOBN(0x469bcfe1, 0xd53ec11c),
-     TOBN(0xfc9b340d, 0x47062230), TOBN(0xe743bb57, 0xc5b4a3ac),
-     TOBN(0xfe00b4aa, 0x59ef45ac), TOBN(0x29a4ef23, 0x59edf188),
-     TOBN(0x40242efe, 0xb483689b), TOBN(0x2575d3f6, 0x513ac262),
-     TOBN(0xf30037c8, 0x0ca6db72), TOBN(0xc9fcce82, 0x98864be2),
-     TOBN(0x84a112ff, 0x0149362d), TOBN(0x95e57582, 0x1c4ae971),
-     TOBN(0x1fa4b1a8, 0x945cf86c), TOBN(0x4525a734, 0x0b024a2f),
-     TOBN(0xe76c8b62, 0x8f338360), TOBN(0x483ff593, 0x28edf32b),
-     TOBN(0x67e8e90a, 0x298b1aec), TOBN(0x9caab338, 0x736d9a21),
-     TOBN(0x5c09d2fd, 0x66892709), TOBN(0x2496b4dc, 0xb55a1d41),
-     TOBN(0x93f5fb1a, 0xe24a4394), TOBN(0x08c75049, 0x6fa8f6c1),
-     TOBN(0xcaead1c2, 0xc905d85f), TOBN(0xe9d7f790, 0x0733ae57),
-     TOBN(0x24c9a65c, 0xf07cdd94), TOBN(0x7389359c, 0xa4b55931),
-     TOBN(0xf58709b7, 0x367e45f7), TOBN(0x1f203067, 0xcb7e7adc),
-     TOBN(0x82444bff, 0xc7b72818), TOBN(0x07303b35, 0xbaac8033),
-     TOBN(0x1e1ee4e4, 0xd13b7ea1), TOBN(0xe6489b24, 0xe0e74180),
-     TOBN(0xa5f2c610, 0x7e70ef70), TOBN(0xa1655412, 0xbdd10894),
-     TOBN(0x555ebefb, 0x7af4194e), TOBN(0x533c1c3c, 0x8e89bd9c),
-     TOBN(0x735b9b57, 0x89895856), TOBN(0x15fb3cd2, 0x567f5c15),
-     TOBN(0x057fed45, 0x526f09fd), TOBN(0xe8a4f10c, 0x8128240a),
-     TOBN(0x9332efc4, 0xff2bfd8d), TOBN(0x214e77a0, 0xbd35aa31),
-     TOBN(0x32896d73, 0x14faa40e), TOBN(0x767867ec, 0x01e5f186),
-     TOBN(0xc9adf8f1, 0x17a1813e), TOBN(0xcb6cda78, 0x54741795),
-     TOBN(0xb7521b6d, 0x349d51aa), TOBN(0xf56b5a9e, 0xe3c7b8e9),
-     TOBN(0xc6f1e5c9, 0x32a096df), TOBN(0x083667c4, 0xa3635024),
-     TOBN(0x365ea135, 0x18087f2f), TOBN(0xf1b8eaac, 0xd136e45d),
-     TOBN(0xc8a0e484, 0x73aec989), TOBN(0xd75a324b, 0x142c9259),
-     TOBN(0xb7b4d001, 0x01dae185), TOBN(0x45434e0b, 0x9b7a94bc),
-     TOBN(0xf54339af, 0xfbd8cb0b), TOBN(0xdcc4569e, 0xe98ef49e),
-     TOBN(0x7789318a, 0x09a51299), TOBN(0x81b4d206, 0xb2b025d8),
-     TOBN(0xf64aa418, 0xfae85792), TOBN(0x3e50258f, 0xacd7baf7),
-     TOBN(0xdce84cdb, 0x2996864b), TOBN(0xa2e67089, 0x1f485fa4),
-     TOBN(0xb28b2bb6, 0x534c6a5a), TOBN(0x31a7ec6b, 0xc94b9d39),
-     TOBN(0x1d217766, 0xd6bc20da), TOBN(0x4acdb5ec, 0x86761190),
-     TOBN(0x68726328, 0x73701063), TOBN(0x4d24ee7c, 0x2128c29b),
-     TOBN(0xc072ebd3, 0xa19fd868), TOBN(0x612e481c, 0xdb8ddd3b),
-     TOBN(0xb4e1d754, 0x1a64d852), TOBN(0x00ef95ac, 0xc4c6c4ab),
-     TOBN(0x1536d2ed, 0xaa0a6c46), TOBN(0x61294086, 0x43774790),
-     TOBN(0x54af25e8, 0x343fda10), TOBN(0x9ff9d98d, 0xfd25d6f2),
-     TOBN(0x0746af7c, 0x468b8835), TOBN(0x977a31cb, 0x730ecea7),
-     TOBN(0xa5096b80, 0xc2cf4a81), TOBN(0xaa986833, 0x6458c37a),
-     TOBN(0x6af29bf3, 0xa6bd9d34), TOBN(0x6a62fe9b, 0x33c5d854),
-     TOBN(0x50e6c304, 0xb7133b5e), TOBN(0x04b60159, 0x7d6e6848),
-     TOBN(0x4cd296df, 0x5579bea4), TOBN(0x10e35ac8, 0x5ceedaf1),
-     TOBN(0x04c4c5fd, 0xe3bcc5b1), TOBN(0x95f9ee8a, 0x89412cf9),
-     TOBN(0x2c9459ee, 0x82b6eb0f), TOBN(0x2e845765, 0x95c2aadd),
-     TOBN(0x774a84ae, 0xd327fcfe), TOBN(0xd8c93722, 0x0368d476),
-     TOBN(0x0dbd5748, 0xf83e8a3b), TOBN(0xa579aa96, 0x8d2495f3),
-     TOBN(0x535996a0, 0xae496e9b), TOBN(0x07afbfe9, 0xb7f9bcc2),
-     TOBN(0x3ac1dc6d, 0x5b7bd293), TOBN(0x3b592cff, 0x7022323d),
-     TOBN(0xba0deb98, 0x9c0a3e76), TOBN(0x18e78e9f, 0x4b197acb),
-     TOBN(0x211cde10, 0x296c36ef), TOBN(0x7ee89672, 0x82c4da77),
-     TOBN(0xb617d270, 0xa57836da), TOBN(0xf0cd9c31, 0x9cb7560b),
-     TOBN(0x01fdcbf7, 0xe455fe90), TOBN(0x3fb53cbb, 0x7e7334f3),
-     TOBN(0x781e2ea4, 0x4e7de4ec), TOBN(0x8adab3ad, 0x0b384fd0),
-     TOBN(0x129eee2f, 0x53d64829), TOBN(0x7a471e17, 0xa261492b),
-     TOBN(0xe4f9adb9, 0xe4cb4a2c), TOBN(0x3d359f6f, 0x97ba2c2d),
-     TOBN(0x346c6786, 0x0aacd697), TOBN(0x92b444c3, 0x75c2f8a8),
-     TOBN(0xc79fa117, 0xd85df44e), TOBN(0x56782372, 0x398ddf31),
-     TOBN(0x60e690f2, 0xbbbab3b8), TOBN(0x4851f8ae, 0x8b04816b),
-     TOBN(0xc72046ab, 0x9c92e4d2), TOBN(0x518c74a1, 0x7cf3136b),
-     TOBN(0xff4eb50a, 0xf9877d4c), TOBN(0x14578d90, 0xa919cabb),
-     TOBN(0x8218f8c4, 0xac5eb2b6), TOBN(0xa3ccc547, 0x542016e4),
-     TOBN(0x025bf48e, 0x327f8349), TOBN(0xf3e97346, 0xf43cb641),
-     TOBN(0xdc2bafdf, 0x500f1085), TOBN(0x57167876, 0x2f063055),
-     TOBN(0x5bd914b9, 0x411925a6), TOBN(0x7c078d48, 0xa1123de5),
-     TOBN(0xee6bf835, 0x182b165d), TOBN(0xb11b5e5b, 0xba519727),
-     TOBN(0xe33ea76c, 0x1eea7b85), TOBN(0x2352b461, 0x92d4f85e),
-     TOBN(0xf101d334, 0xafe115bb), TOBN(0xfabc1294, 0x889175a3),
-     TOBN(0x7f6bcdc0, 0x5233f925), TOBN(0xe0a802db, 0xe77fec55),
-     TOBN(0xbdb47b75, 0x8069b659), TOBN(0x1c5e12de, 0xf98fbd74),
-     TOBN(0x869c58c6, 0x4b8457ee), TOBN(0xa5360f69, 0x4f7ea9f7),
-     TOBN(0xe576c09f, 0xf460b38f), TOBN(0x6b70d548, 0x22b7fb36),
-     TOBN(0x3fd237f1, 0x3bfae315), TOBN(0x33797852, 0xcbdff369),
-     TOBN(0x97df25f5, 0x25b516f9), TOBN(0x46f388f2, 0xba38ad2d),
-     TOBN(0x656c4658, 0x89d8ddbb), TOBN(0x8830b26e, 0x70f38ee8),
-     TOBN(0x4320fd5c, 0xde1212b0), TOBN(0xc34f30cf, 0xe4a2edb2),
-     TOBN(0xabb131a3, 0x56ab64b8), TOBN(0x7f77f0cc, 0xd99c5d26),
-     TOBN(0x66856a37, 0xbf981d94), TOBN(0x19e76d09, 0x738bd76e),
-     TOBN(0xe76c8ac3, 0x96238f39), TOBN(0xc0a482be, 0xa830b366),
-     TOBN(0xb7b8eaff, 0x0b4eb499), TOBN(0x8ecd83bc, 0x4bfb4865),
-     TOBN(0x971b2cb7, 0xa2f3776f), TOBN(0xb42176a4, 0xf4b88adf),
-     TOBN(0xb9617df5, 0xbe1fa446), TOBN(0x8b32d508, 0xcd031bd2),
-     TOBN(0x1c6bd47d, 0x53b618c0), TOBN(0xc424f46c, 0x6a227923),
-     TOBN(0x7303ffde, 0xdd92d964), TOBN(0xe9712878, 0x71b5abf2),
-     TOBN(0x8f48a632, 0xf815561d), TOBN(0x85f48ff5, 0xd3c055d1),
-     TOBN(0x222a1427, 0x7525684f), TOBN(0xd0d841a0, 0x67360cc3),
-     TOBN(0x4245a926, 0x0b9267c6), TOBN(0xc78913f1, 0xcf07f863),
-     TOBN(0xaa844c8e, 0x4d0d9e24), TOBN(0xa42ad522, 0x3d5f9017),
-     TOBN(0xbd371749, 0xa2c989d5), TOBN(0x928292df, 0xe1f5e78e),
-     TOBN(0x493b383e, 0x0a1ea6da), TOBN(0x5136fd8d, 0x13aee529),
-     TOBN(0x860c44b1, 0xf2c34a99), TOBN(0x3b00aca4, 0xbf5855ac),
-     TOBN(0xabf6aaa0, 0xfaaf37be), TOBN(0x65f43682, 0x2a53ec08),
-     TOBN(0x1d9a5801, 0xa11b12e1), TOBN(0x78a7ab2c, 0xe20ed475),
-     TOBN(0x0de1067e, 0x9a41e0d5), TOBN(0x30473f5f, 0x305023ea),
-     TOBN(0xdd3ae09d, 0x169c7d97), TOBN(0x5cd5baa4, 0xcfaef9cd),
-     TOBN(0x5cd7440b, 0x65a44803), TOBN(0xdc13966a, 0x47f364de),
-     TOBN(0x077b2be8, 0x2b8357c1), TOBN(0x0cb1b4c5, 0xe9d57c2a),
-     TOBN(0x7a4ceb32, 0x05ff363e), TOBN(0xf310fa4d, 0xca35a9ef),
-     TOBN(0xdbb7b352, 0xf97f68c6), TOBN(0x0c773b50, 0x0b02cf58),
-     TOBN(0xea2e4821, 0x3c1f96d9), TOBN(0xffb357b0, 0xeee01815),
-     TOBN(0xb9c924cd, 0xe0f28039), TOBN(0x0b36c95a, 0x46a3fbe4),
-     TOBN(0x1faaaea4, 0x5e46db6c), TOBN(0xcae575c3, 0x1928aaff),
-     TOBN(0x7f671302, 0xa70dab86), TOBN(0xfcbd12a9, 0x71c58cfc),
-     TOBN(0xcbef9acf, 0xbee0cb92), TOBN(0x573da0b9, 0xf8c1b583),
-     TOBN(0x4752fcfe, 0x0d41d550), TOBN(0xe7eec0e3, 0x2155cffe),
-     TOBN(0x0fc39fcb, 0x545ae248), TOBN(0x522cb8d1, 0x8065f44e),
-     TOBN(0x263c962a, 0x70cbb96c), TOBN(0xe034362a, 0xbcd124a9),
-     TOBN(0xf120db28, 0x3c2ae58d), TOBN(0xb9a38d49, 0xfef6d507),
-     TOBN(0xb1fd2a82, 0x1ff140fd), TOBN(0xbd162f30, 0x20aee7e0),
-     TOBN(0x4e17a5d4, 0xcb251949), TOBN(0x2aebcb83, 0x4f7e1c3d),
-     TOBN(0x608eb25f, 0x937b0527), TOBN(0xf42e1e47, 0xeb7d9997),
-     TOBN(0xeba699c4, 0xb8a53a29), TOBN(0x1f921c71, 0xe091b536),
-     TOBN(0xcce29e7b, 0x5b26bbd5), TOBN(0x7a8ef5ed, 0x3b61a680),
-     TOBN(0xe5ef8043, 0xba1f1c7e), TOBN(0x16ea8217, 0x18158dda),
-     TOBN(0x01778a2b, 0x599ff0f9), TOBN(0x68a923d7, 0x8104fc6b),
-     TOBN(0x5bfa44df, 0xda694ff3), TOBN(0x4f7199db, 0xf7667f12),
-     TOBN(0xc06d8ff6, 0xe46f2a79), TOBN(0x08b5dead, 0xe9f8131d),
-     TOBN(0x02519a59, 0xabb4ce7c), TOBN(0xc4f710bc, 0xb42aec3e),
-     TOBN(0x3d77b057, 0x78bde41a), TOBN(0x6474bf80, 0xb4186b5a),
-     TOBN(0x048b3f67, 0x88c65741), TOBN(0xc64519de, 0x03c7c154),
-     TOBN(0xdf073846, 0x0edfcc4f), TOBN(0x319aa737, 0x48f1aa6b),
-     TOBN(0x8b9f8a02, 0xca909f77), TOBN(0x90258139, 0x7580bfef),
-     TOBN(0xd8bfd3ca, 0xc0c22719), TOBN(0xc60209e4, 0xc9ca151e),
-     TOBN(0x7a744ab5, 0xd9a1a69c), TOBN(0x6de5048b, 0x14937f8f),
-     TOBN(0x171938d8, 0xe115ac04), TOBN(0x7df70940, 0x1c6b16d2),
-     TOBN(0xa6aeb663, 0x7f8e94e7), TOBN(0xc130388e, 0x2a2cf094),
-     TOBN(0x1850be84, 0x77f54e6e), TOBN(0x9f258a72, 0x65d60fe5),
-     TOBN(0xff7ff0c0, 0x6c9146d6), TOBN(0x039aaf90, 0xe63a830b),
-     TOBN(0x38f27a73, 0x9460342f), TOBN(0x4703148c, 0x3f795f8a),
-     TOBN(0x1bb5467b, 0x9681a97e), TOBN(0x00931ba5, 0xecaeb594),
-     TOBN(0xcdb6719d, 0x786f337c), TOBN(0xd9c01cd2, 0xe704397d),
-     TOBN(0x0f4a3f20, 0x555c2fef), TOBN(0x00452509, 0x7c0af223),
-     TOBN(0x54a58047, 0x84db8e76), TOBN(0x3bacf1aa, 0x93c8aa06),
-     TOBN(0x11ca957c, 0xf7919422), TOBN(0x50641053, 0x78cdaa40),
-     TOBN(0x7a303874, 0x9f7144ae), TOBN(0x170c963f, 0x43d4acfd),
-     TOBN(0x5e148149, 0x58ddd3ef), TOBN(0xa7bde582, 0x9e72dba8),
-     TOBN(0x0769da8b, 0x6fa68750), TOBN(0xfa64e532, 0x572e0249),
-     TOBN(0xfcaadf9d, 0x2619ad31), TOBN(0x87882daa, 0xa7b349cd),
-     TOBN(0x9f6eb731, 0x6c67a775), TOBN(0xcb10471a, 0xefc5d0b1),
-     TOBN(0xb433750c, 0xe1b806b2), TOBN(0x19c5714d, 0x57b1ae7e),
-     TOBN(0xc0dc8b7b, 0xed03fd3f), TOBN(0xdd03344f, 0x31bc194e),
-     TOBN(0xa66c52a7, 0x8c6320b5), TOBN(0x8bc82ce3, 0xd0b6fd93),
-     TOBN(0xf8e13501, 0xb35f1341), TOBN(0xe53156dd, 0x25a43e42),
-     TOBN(0xd3adf27e, 0x4daeb85c), TOBN(0xb81d8379, 0xbbeddeb5),
-     TOBN(0x1b0b546e, 0x2e435867), TOBN(0x9020eb94, 0xeba5dd60),
-     TOBN(0x37d91161, 0x8210cb9d), TOBN(0x4c596b31, 0x5c91f1cf),
-     TOBN(0xb228a90f, 0x0e0b040d), TOBN(0xbaf02d82, 0x45ff897f),
-     TOBN(0x2aac79e6, 0x00fa6122), TOBN(0x24828817, 0x8e36f557),
-     TOBN(0xb9521d31, 0x113ec356), TOBN(0x9e48861e, 0x15eff1f8),
-     TOBN(0x2aa1d412, 0xe0d41715), TOBN(0x71f86203, 0x53f131b8),
-     TOBN(0xf60da8da, 0x3fd19408), TOBN(0x4aa716dc, 0x278d9d99),
-     TOBN(0x394531f7, 0xa8c51c90), TOBN(0xb560b0e8, 0xf59db51c),
-     TOBN(0xa28fc992, 0xfa34bdad), TOBN(0xf024fa14, 0x9cd4f8bd),
-     TOBN(0x5cf530f7, 0x23a9d0d3), TOBN(0x615ca193, 0xe28c9b56),
-     TOBN(0x6d2a483d, 0x6f73c51e), TOBN(0xa4cb2412, 0xea0dc2dd),
-     TOBN(0x50663c41, 0x1eb917ff), TOBN(0x3d3a74cf, 0xeade299e),
-     TOBN(0x29b3990f, 0x4a7a9202), TOBN(0xa9bccf59, 0xa7b15c3d),
-     TOBN(0x66a3ccdc, 0xa5df9208), TOBN(0x48027c14, 0x43f2f929),
-     TOBN(0xd385377c, 0x40b557f0), TOBN(0xe001c366, 0xcd684660),
-     TOBN(0x1b18ed6b, 0xe2183a27), TOBN(0x879738d8, 0x63210329),
-     TOBN(0xa687c74b, 0xbda94882), TOBN(0xd1bbcc48, 0xa684b299),
-     TOBN(0xaf6f1112, 0x863b3724), TOBN(0x6943d1b4, 0x2c8ce9f8),
-     TOBN(0xe044a3bb, 0x098cafb4), TOBN(0x27ed2310, 0x60d48caf),
-     TOBN(0x542b5675, 0x3a31b84d), TOBN(0xcbf3dd50, 0xfcddbed7),
-     TOBN(0x25031f16, 0x41b1d830), TOBN(0xa7ec851d, 0xcb0c1e27),
-     TOBN(0xac1c8fe0, 0xb5ae75db), TOBN(0xb24c7557, 0x08c52120),
-     TOBN(0x57f811dc, 0x1d4636c3), TOBN(0xf8436526, 0x681a9939),
-     TOBN(0x1f6bc6d9, 0x9c81adb3), TOBN(0x840f8ac3, 0x5b7d80d4),
-     TOBN(0x731a9811, 0xf4387f1a), TOBN(0x7c501cd3, 0xb5156880),
-     TOBN(0xa5ca4a07, 0xdfe68867), TOBN(0xf123d8f0, 0x5fcea120),
-     TOBN(0x1fbb0e71, 0xd607039e), TOBN(0x2b70e215, 0xcd3a4546),
-     TOBN(0x32d2f01d, 0x53324091), TOBN(0xb796ff08, 0x180ab19b),
-     TOBN(0x32d87a86, 0x3c57c4aa), TOBN(0x2aed9caf, 0xb7c49a27),
-     TOBN(0x9fb35eac, 0x31630d98), TOBN(0x338e8cdf, 0x5c3e20a3),
-     TOBN(0x80f16182, 0x66cde8db), TOBN(0x4e159980, 0x2d72fd36),
-     TOBN(0xd7b8f13b, 0x9b6e5072), TOBN(0xf5213907, 0x3b7b5dc1),
-     TOBN(0x4d431f1d, 0x8ce4396e), TOBN(0x37a1a680, 0xa7ed2142),
-     TOBN(0xbf375696, 0xd01aaf6b), TOBN(0xaa1c0c54, 0xe63aab66),
-     TOBN(0x3014368b, 0x4ed80940), TOBN(0x67e6d056, 0x7a6fcedd),
-     TOBN(0x7c208c49, 0xca97579f), TOBN(0xfe3d7a81, 0xa23597f6),
-     TOBN(0x5e203202, 0x7e096ae2), TOBN(0xb1f3e1e7, 0x24b39366),
-     TOBN(0x26da26f3, 0x2fdcdffc), TOBN(0x79422f1d, 0x6097be83),}
-    ,
-    {TOBN(0x263a2cfb, 0x9db3b381), TOBN(0x9c3a2dee, 0xd4df0a4b),
-     TOBN(0x728d06e9, 0x7d04e61f), TOBN(0x8b1adfbc, 0x42449325),
-     TOBN(0x6ec1d939, 0x7e053a1b), TOBN(0xee2be5c7, 0x66daf707),
-     TOBN(0x80ba1e14, 0x810ac7ab), TOBN(0xdd2ae778, 0xf530f174),
-     TOBN(0x0435d97a, 0x205b9d8b), TOBN(0x6eb8f064, 0x056756d4),
-     TOBN(0xd5e88a8b, 0xb6f8210e), TOBN(0x070ef12d, 0xec9fd9ea),
-     TOBN(0x4d849505, 0x3bcc876a), TOBN(0x12a75338, 0xa7404ce3),
-     TOBN(0xd22b49e1, 0xb8a1db5e), TOBN(0xec1f2051, 0x14bfa5ad),
-     TOBN(0xadbaeb79, 0xb6828f36), TOBN(0x9d7a0258, 0x01bd5b9e),
-     TOBN(0xeda01e0d, 0x1e844b0c), TOBN(0x4b625175, 0x887edfc9),
-     TOBN(0x14109fdd, 0x9669b621), TOBN(0x88a2ca56, 0xf6f87b98),
-     TOBN(0xfe2eb788, 0x170df6bc), TOBN(0x0cea06f4, 0xffa473f9),
-     TOBN(0x43ed81b5, 0xc4e83d33), TOBN(0xd9f35879, 0x5efd488b),
-     TOBN(0x164a620f, 0x9deb4d0f), TOBN(0xc6927bdb, 0xac6a7394),
-     TOBN(0x45c28df7, 0x9f9e0f03), TOBN(0x2868661e, 0xfcd7e1a9),
-     TOBN(0x7cf4e8d0, 0xffa348f1), TOBN(0x6bd4c284, 0x398538e0),
-     TOBN(0x2618a091, 0x289a8619), TOBN(0xef796e60, 0x6671b173),
-     TOBN(0x664e46e5, 0x9090c632), TOBN(0xa38062d4, 0x1e66f8fb),
-     TOBN(0x6c744a20, 0x0573274e), TOBN(0xd07b67e4, 0xa9271394),
-     TOBN(0x391223b2, 0x6bdc0e20), TOBN(0xbe2d93f1, 0xeb0a05a7),
-     TOBN(0xf23e2e53, 0x3f36d141), TOBN(0xe84bb3d4, 0x4dfca442),
-     TOBN(0xb804a48d, 0x6b7c023a), TOBN(0x1e16a8fa, 0x76431c3b),
-     TOBN(0x1b5452ad, 0xddd472e0), TOBN(0x7d405ee7, 0x0d1ee127),
-     TOBN(0x50fc6f1d, 0xffa27599), TOBN(0x351ac53c, 0xbf391b35),
-     TOBN(0x7efa14b8, 0x4444896b), TOBN(0x64974d2f, 0xf94027fb),
-     TOBN(0xefdcd0e8, 0xde84487d), TOBN(0x8c45b260, 0x2b48989b),
-     TOBN(0xa8fcbbc2, 0xd8463487), TOBN(0xd1b2b3f7, 0x3fbc476c),
-     TOBN(0x21d005b7, 0xc8f443c0), TOBN(0x518f2e67, 0x40c0139c),
-     TOBN(0x56036e8c, 0x06d75fc1), TOBN(0x2dcf7bb7, 0x3249a89f),
-     TOBN(0x81dd1d3d, 0xe245e7dd), TOBN(0xf578dc4b, 0xebd6e2a7),
-     TOBN(0x4c028903, 0xdf2ce7a0), TOBN(0xaee36288, 0x9c39afac),
-     TOBN(0xdc847c31, 0x146404ab), TOBN(0x6304c0d8, 0xa4e97818),
-     TOBN(0xae51dca2, 0xa91f6791), TOBN(0x2abe4190, 0x9baa9efc),
-     TOBN(0xd9d2e2f4, 0x559c7ac1), TOBN(0xe82f4b51, 0xfc9f773a),
-     TOBN(0xa7713027, 0x4073e81c), TOBN(0xc0276fac, 0xfbb596fc),
-     TOBN(0x1d819fc9, 0xa684f70c), TOBN(0x29b47fdd, 0xc9f7b1e0),
-     TOBN(0x358de103, 0x459b1940), TOBN(0xec881c59, 0x5b013e93),
-     TOBN(0x51574c93, 0x49532ad3), TOBN(0x2db1d445, 0xb37b46de),
-     TOBN(0xc6445b87, 0xdf239fd8), TOBN(0xc718af75, 0x151d24ee),
-     TOBN(0xaea1c4a4, 0xf43c6259), TOBN(0x40c0e5d7, 0x70be02f7),
-     TOBN(0x6a4590f4, 0x721b33f2), TOBN(0x2124f1fb, 0xfedf04ea),
-     TOBN(0xf8e53cde, 0x9745efe7), TOBN(0xe7e10432, 0x65f046d9),
-     TOBN(0xc3fca28e, 0xe4d0c7e6), TOBN(0x847e339a, 0x87253b1b),
-     TOBN(0x9b595348, 0x3743e643), TOBN(0xcb6a0a0b, 0x4fd12fc5),
-     TOBN(0xfb6836c3, 0x27d02dcc), TOBN(0x5ad00982, 0x7a68bcc2),
-     TOBN(0x1b24b44c, 0x005e912d), TOBN(0xcc83d20f, 0x811fdcfe),
-     TOBN(0x36527ec1, 0x666fba0c), TOBN(0x69948197, 0x14754635),
-     TOBN(0xfcdcb1a8, 0x556da9c2), TOBN(0xa5934267, 0x81a732b2),
-     TOBN(0xec1214ed, 0xa714181d), TOBN(0x609ac13b, 0x6067b341),
-     TOBN(0xff4b4c97, 0xa545df1f), TOBN(0xa1240501, 0x34d2076b),
-     TOBN(0x6efa0c23, 0x1409ca97), TOBN(0x254cc1a8, 0x20638c43),
-     TOBN(0xd4e363af, 0xdcfb46cd), TOBN(0x62c2adc3, 0x03942a27),
-     TOBN(0xc67b9df0, 0x56e46483), TOBN(0xa55abb20, 0x63736356),
-     TOBN(0xab93c098, 0xc551bc52), TOBN(0x382b49f9, 0xb15fe64b),
-     TOBN(0x9ec221ad, 0x4dff8d47), TOBN(0x79caf615, 0x437df4d6),
-     TOBN(0x5f13dc64, 0xbb456509), TOBN(0xe4c589d9, 0x191f0714),
-     TOBN(0x27b6a8ab, 0x3fd40e09), TOBN(0xe455842e, 0x77313ea9),
-     TOBN(0x8b51d1e2, 0x1f55988b), TOBN(0x5716dd73, 0x062bbbfc),
-     TOBN(0x633c11e5, 0x4e8bf3de), TOBN(0x9a0e77b6, 0x1b85be3b),
-     TOBN(0x56510729, 0x0911cca6), TOBN(0x27e76495, 0xefa6590f),
-     TOBN(0xe4ac8b33, 0x070d3aab), TOBN(0x2643672b, 0x9a2cd5e5),
-     TOBN(0x52eff79b, 0x1cfc9173), TOBN(0x665ca49b, 0x90a7c13f),
-     TOBN(0x5a8dda59, 0xb3efb998), TOBN(0x8a5b922d, 0x052f1341),
-     TOBN(0xae9ebbab, 0x3cf9a530), TOBN(0x35986e7b, 0xf56da4d7),
-     TOBN(0x3a636b5c, 0xff3513cc), TOBN(0xbb0cf8ba, 0x3198f7dd),
-     TOBN(0xb8d40522, 0x41f16f86), TOBN(0x760575d8, 0xde13a7bf),
-     TOBN(0x36f74e16, 0x9f7aa181), TOBN(0x163a3ecf, 0xf509ed1c),
-     TOBN(0x6aead61f, 0x3c40a491), TOBN(0x158c95fc, 0xdfe8fcaa),
-     TOBN(0xa3991b6e, 0x13cda46f), TOBN(0x79482415, 0x342faed0),
-     TOBN(0xf3ba5bde, 0x666b5970), TOBN(0x1d52e6bc, 0xb26ab6dd),
-     TOBN(0x768ba1e7, 0x8608dd3d), TOBN(0x4930db2a, 0xea076586),
-     TOBN(0xd9575714, 0xe7dc1afa), TOBN(0x1fc7bf7d, 0xf7c58817),
-     TOBN(0x6b47accd, 0xd9eee96c), TOBN(0x0ca277fb, 0xe58cec37),
-     TOBN(0x113fe413, 0xe702c42a), TOBN(0xdd1764ee, 0xc47cbe51),
-     TOBN(0x041e7cde, 0x7b3ed739), TOBN(0x50cb7459, 0x5ce9e1c0),
-     TOBN(0x35568513, 0x2925b212), TOBN(0x7cff95c4, 0x001b081c),
-     TOBN(0x63ee4cbd, 0x8088b454), TOBN(0xdb7f32f7, 0x9a9e0c8a),
-     TOBN(0xb377d418, 0x6b2447cb), TOBN(0xe3e982aa, 0xd370219b),
-     TOBN(0x06ccc1e4, 0xc2a2a593), TOBN(0x72c36865, 0x0773f24f),
-     TOBN(0xa13b4da7, 0x95859423), TOBN(0x8bbf1d33, 0x75040c8f),
-     TOBN(0x726f0973, 0xda50c991), TOBN(0x48afcd5b, 0x822d6ee2),
-     TOBN(0xe5fc718b, 0x20fd7771), TOBN(0xb9e8e77d, 0xfd0807a1),
-     TOBN(0x7f5e0f44, 0x99a7703d), TOBN(0x6972930e, 0x618e36f3),
-     TOBN(0x2b7c77b8, 0x23807bbe), TOBN(0xe5b82405, 0xcb27ff50),
-     TOBN(0xba8b8be3, 0xbd379062), TOBN(0xd64b7a1d, 0x2dce4a92),
-     TOBN(0x040a73c5, 0xb2952e37), TOBN(0x0a9e252e, 0xd438aeca),
-     TOBN(0xdd43956b, 0xc39d3bcb), TOBN(0x1a31ca00, 0xb32b2d63),
-     TOBN(0xd67133b8, 0x5c417a18), TOBN(0xd08e4790, 0x2ef442c8),
-     TOBN(0x98cb1ae9, 0x255c0980), TOBN(0x4bd86381, 0x2b4a739f),
-     TOBN(0x5a5c31e1, 0x1e4a45a1), TOBN(0x1e5d55fe, 0x9cb0db2f),
-     TOBN(0x74661b06, 0x8ff5cc29), TOBN(0x026b389f, 0x0eb8a4f4),
-     TOBN(0x536b21a4, 0x58848c24), TOBN(0x2e5bf8ec, 0x81dc72b0),
-     TOBN(0x03c187d0, 0xad886aac), TOBN(0x5c16878a, 0xb771b645),
-     TOBN(0xb07dfc6f, 0xc74045ab), TOBN(0x2c6360bf, 0x7800caed),
-     TOBN(0x24295bb5, 0xb9c972a3), TOBN(0xc9e6f88e, 0x7c9a6dba),
-     TOBN(0x90ffbf24, 0x92a79aa6), TOBN(0xde29d50a, 0x41c26ac2),
-     TOBN(0x9f0af483, 0xd309cbe6), TOBN(0x5b020d8a, 0xe0bced4f),
-     TOBN(0x606e986d, 0xb38023e3), TOBN(0xad8f2c9d, 0x1abc6933),
-     TOBN(0x19292e1d, 0xe7400e93), TOBN(0xfe3e18a9, 0x52be5e4d),
-     TOBN(0xe8e9771d, 0x2e0680bf), TOBN(0x8c5bec98, 0xc54db063),
-     TOBN(0x2af9662a, 0x74a55d1f), TOBN(0xe3fbf28f, 0x046f66d8),
-     TOBN(0xa3a72ab4, 0xd4dc4794), TOBN(0x09779f45, 0x5c7c2dd8),
-     TOBN(0xd893bdaf, 0xc3d19d8d), TOBN(0xd5a75094, 0x57d6a6df),
-     TOBN(0x8cf8fef9, 0x952e6255), TOBN(0x3da67cfb, 0xda9a8aff),
-     TOBN(0x4c23f62a, 0x2c160dcd), TOBN(0x34e6c5e3, 0x8f90eaef),
-     TOBN(0x35865519, 0xa9a65d5a), TOBN(0x07c48aae, 0x8fd38a3d),
-     TOBN(0xb7e7aeda, 0x50068527), TOBN(0x2c09ef23, 0x1c90936a),
-     TOBN(0x31ecfeb6, 0xe879324c), TOBN(0xa0871f6b, 0xfb0ec938),
-     TOBN(0xb1f0fb68, 0xd84d835d), TOBN(0xc90caf39, 0x861dc1e6),
-     TOBN(0x12e5b046, 0x7594f8d7), TOBN(0x26897ae2, 0x65012b92),
-     TOBN(0xbcf68a08, 0xa4d6755d), TOBN(0x403ee41c, 0x0991fbda),
-     TOBN(0x733e343e, 0x3bbf17e8), TOBN(0xd2c7980d, 0x679b3d65),
-     TOBN(0x33056232, 0xd2e11305), TOBN(0x966be492, 0xf3c07a6f),
-     TOBN(0x6a8878ff, 0xbb15509d), TOBN(0xff221101, 0x0a9b59a4),
-     TOBN(0x6c9f564a, 0xabe30129), TOBN(0xc6f2c940, 0x336e64cf),
-     TOBN(0x0fe75262, 0x8b0c8022), TOBN(0xbe0267e9, 0x6ae8db87),
-     TOBN(0x22e192f1, 0x93bc042b), TOBN(0xf085b534, 0xb237c458),
-     TOBN(0xa0d192bd, 0x832c4168), TOBN(0x7a76e9e3, 0xbdf6271d),
-     TOBN(0x52a882fa, 0xb88911b5), TOBN(0xc85345e4, 0xb4db0eb5),
-     TOBN(0xa3be02a6, 0x81a7c3ff), TOBN(0x51889c8c, 0xf0ec0469),
-     TOBN(0x9d031369, 0xa5e829e5), TOBN(0xcbb4c6fc, 0x1607aa41),
-     TOBN(0x75ac59a6, 0x241d84c1), TOBN(0xc043f2bf, 0x8829e0ee),
-     TOBN(0x82a38f75, 0x8ea5e185), TOBN(0x8bda40b9, 0xd87cbd9f),
-     TOBN(0x9e65e75e, 0x2d8fc601), TOBN(0x3d515f74, 0xa35690b3),
-     TOBN(0x534acf4f, 0xda79e5ac), TOBN(0x68b83b3a, 0x8630215f),
-     TOBN(0x5c748b2e, 0xd085756e), TOBN(0xb0317258, 0xe5d37cb2),
-     TOBN(0x6735841a, 0xc5ccc2c4), TOBN(0x7d7dc96b, 0x3d9d5069),
-     TOBN(0xa147e410, 0xfd1754bd), TOBN(0x65296e94, 0xd399ddd5),
-     TOBN(0xf6b5b2d0, 0xbc8fa5bc), TOBN(0x8a5ead67, 0x500c277b),
-     TOBN(0x214625e6, 0xdfa08a5d), TOBN(0x51fdfedc, 0x959cf047),
-     TOBN(0x6bc9430b, 0x289fca32), TOBN(0xe36ff0cf, 0x9d9bdc3f),
-     TOBN(0x2fe187cb, 0x58ea0ede), TOBN(0xed66af20, 0x5a900b3f),
-     TOBN(0x00e0968b, 0x5fa9f4d6), TOBN(0x2d4066ce, 0x37a362e7),
-     TOBN(0xa99a9748, 0xbd07e772), TOBN(0x710989c0, 0x06a4f1d0),
-     TOBN(0xd5dedf35, 0xce40cbd8), TOBN(0xab55c5f0, 0x1743293d),
-     TOBN(0x766f1144, 0x8aa24e2c), TOBN(0x94d874f8, 0x605fbcb4),
-     TOBN(0xa365f0e8, 0xa518001b), TOBN(0xee605eb6, 0x9d04ef0f),
-     TOBN(0x5a3915cd, 0xba8d4d25), TOBN(0x44c0e1b8, 0xb5113472),
-     TOBN(0xcbb024e8, 0x8b6740dc), TOBN(0x89087a53, 0xee1d4f0c),
-     TOBN(0xa88fa05c, 0x1fc4e372), TOBN(0x8bf395cb, 0xaf8b3af2),
-     TOBN(0x1e71c9a1, 0xdeb8568b), TOBN(0xa35daea0, 0x80fb3d32),
-     TOBN(0xe8b6f266, 0x2cf8fb81), TOBN(0x6d51afe8, 0x9490696a),
-     TOBN(0x81beac6e, 0x51803a19), TOBN(0xe3d24b7f, 0x86219080),
-     TOBN(0x727cfd9d, 0xdf6f463c), TOBN(0x8c6865ca, 0x72284ee8),
-     TOBN(0x32c88b7d, 0xb743f4ef), TOBN(0x3793909b, 0xe7d11dce),
-     TOBN(0xd398f922, 0x2ff2ebe8), TOBN(0x2c70ca44, 0xe5e49796),
-     TOBN(0xdf4d9929, 0xcb1131b1), TOBN(0x7826f298, 0x25888e79),
-     TOBN(0x4d3a112c, 0xf1d8740a), TOBN(0x00384cb6, 0x270afa8b),
-     TOBN(0xcb64125b, 0x3ab48095), TOBN(0x3451c256, 0x62d05106),
-     TOBN(0xd73d577d, 0xa4955845), TOBN(0x39570c16, 0xbf9f4433),
-     TOBN(0xd7dfaad3, 0xadecf263), TOBN(0xf1c3d8d1, 0xdc76e102),
-     TOBN(0x5e774a58, 0x54c6a836), TOBN(0xdad4b672, 0x3e92d47b),
-     TOBN(0xbe7e990f, 0xf0d796a0), TOBN(0x5fc62478, 0xdf0e8b02),
-     TOBN(0x8aae8bf4, 0x030c00ad), TOBN(0x3d2db93b, 0x9004ba0f),
-     TOBN(0xe48c8a79, 0xd85d5ddc), TOBN(0xe907caa7, 0x6bb07f34),
-     TOBN(0x58db343a, 0xa39eaed5), TOBN(0x0ea6e007, 0xadaf5724),
-     TOBN(0xe00df169, 0xd23233f3), TOBN(0x3e322796, 0x77cb637f),
-     TOBN(0x1f897c0e, 0x1da0cf6c), TOBN(0xa651f5d8, 0x31d6bbdd),
-     TOBN(0xdd61af19, 0x1a230c76), TOBN(0xbd527272, 0xcdaa5e4a),
-     TOBN(0xca753636, 0xd0abcd7e), TOBN(0x78bdd37c, 0x370bd8dc),
-     TOBN(0xc23916c2, 0x17cd93fe), TOBN(0x65b97a4d, 0xdadce6e2),
-     TOBN(0xe04ed4eb, 0x174e42f8), TOBN(0x1491ccaa, 0xbb21480a),
-     TOBN(0x145a8280, 0x23196332), TOBN(0x3c3862d7, 0x587b479a),
-     TOBN(0x9f4a88a3, 0x01dcd0ed), TOBN(0x4da2b7ef, 0x3ea12f1f),
-     TOBN(0xf8e7ae33, 0xb126e48e), TOBN(0x404a0b32, 0xf494e237),
-     TOBN(0x9beac474, 0xc55acadb), TOBN(0x4ee5cf3b, 0xcbec9fd9),
-     TOBN(0x336b33b9, 0x7df3c8c3), TOBN(0xbd905fe3, 0xb76808fd),
-     TOBN(0x8f436981, 0xaa45c16a), TOBN(0x255c5bfa, 0x3dd27b62),
-     TOBN(0x71965cbf, 0xc3dd9b4d), TOBN(0xce23edbf, 0xfc068a87),
-     TOBN(0xb78d4725, 0x745b029b), TOBN(0x74610713, 0xcefdd9bd),
-     TOBN(0x7116f75f, 0x1266bf52), TOBN(0x02046722, 0x18e49bb6),
-     TOBN(0xdf43df9f, 0x3d6f19e3), TOBN(0xef1bc7d0, 0xe685cb2f),
-     TOBN(0xcddb27c1, 0x7078c432), TOBN(0xe1961b9c, 0xb77fedb7),
-     TOBN(0x1edc2f5c, 0xc2290570), TOBN(0x2c3fefca, 0x19cbd886),
-     TOBN(0xcf880a36, 0xc2af389a), TOBN(0x96c610fd, 0xbda71cea),
-     TOBN(0xf03977a9, 0x32aa8463), TOBN(0x8eb7763f, 0x8586d90a),
-     TOBN(0x3f342454, 0x2a296e77), TOBN(0xc8718683, 0x42837a35),
-     TOBN(0x7dc71090, 0x6a09c731), TOBN(0x54778ffb, 0x51b816db),
-     TOBN(0x6b33bfec, 0xaf06defd), TOBN(0xfe3c105f, 0x8592b70b),
-     TOBN(0xf937fda4, 0x61da6114), TOBN(0x3c13e651, 0x4c266ad7),
-     TOBN(0xe363a829, 0x855938e8), TOBN(0x2eeb5d9e, 0x9de54b72),
-     TOBN(0xbeb93b0e, 0x20ccfab9), TOBN(0x3dffbb5f, 0x25e61a25),
-     TOBN(0x7f655e43, 0x1acc093d), TOBN(0x0cb6cc3d, 0x3964ce61),
-     TOBN(0x6ab283a1, 0xe5e9b460), TOBN(0x55d787c5, 0xa1c7e72d),
-     TOBN(0x4d2efd47, 0xdeadbf02), TOBN(0x11e80219, 0xac459068),
-     TOBN(0x810c7626, 0x71f311f0), TOBN(0xfa17ef8d, 0x4ab6ef53),
-     TOBN(0xaf47fd25, 0x93e43bff), TOBN(0x5cb5ff3f, 0x0be40632),
-     TOBN(0x54687106, 0x8ee61da3), TOBN(0x7764196e, 0xb08afd0f),
-     TOBN(0x831ab3ed, 0xf0290a8f), TOBN(0xcae81966, 0xcb47c387),
-     TOBN(0xaad7dece, 0x184efb4f), TOBN(0xdcfc53b3, 0x4749110e),
-     TOBN(0x6698f23c, 0x4cb632f9), TOBN(0xc42a1ad6, 0xb91f8067),
-     TOBN(0xb116a81d, 0x6284180a), TOBN(0xebedf5f8, 0xe901326f),
-     TOBN(0xf2274c9f, 0x97e3e044), TOBN(0x42018520, 0x11d09fc9),
-     TOBN(0x56a65f17, 0xd18e6e23), TOBN(0x2ea61e2a, 0x352b683c),
-     TOBN(0x27d291bc, 0x575eaa94), TOBN(0x9e7bc721, 0xb8ff522d),
-     TOBN(0x5f7268bf, 0xa7f04d6f), TOBN(0x5868c73f, 0xaba41748),
-     TOBN(0x9f85c2db, 0x7be0eead), TOBN(0x511e7842, 0xff719135),
-     TOBN(0x5a06b1e9, 0xc5ea90d7), TOBN(0x0c19e283, 0x26fab631),
-     TOBN(0x8af8f0cf, 0xe9206c55), TOBN(0x89389cb4, 0x3553c06a),
-     TOBN(0x39dbed97, 0xf65f8004), TOBN(0x0621b037, 0xc508991d),
-     TOBN(0x1c52e635, 0x96e78cc4), TOBN(0x5385c8b2, 0x0c06b4a8),
-     TOBN(0xd84ddfdb, 0xb0e87d03), TOBN(0xc49dfb66, 0x934bafad),
-     TOBN(0x7071e170, 0x59f70772), TOBN(0x3a073a84, 0x3a1db56b),
-     TOBN(0x03494903, 0x3b8af190), TOBN(0x7d882de3, 0xd32920f0),
-     TOBN(0x91633f0a, 0xb2cf8940), TOBN(0x72b0b178, 0x6f948f51),
-     TOBN(0x2d28dc30, 0x782653c8), TOBN(0x88829849, 0xdb903a05),
-     TOBN(0xb8095d0c, 0x6a19d2bb), TOBN(0x4b9e7f0c, 0x86f782cb),
-     TOBN(0x7af73988, 0x2d907064), TOBN(0xd12be0fe, 0x8b32643c),
-     TOBN(0x358ed23d, 0x0e165dc3), TOBN(0x3d47ce62, 0x4e2378ce),
-     TOBN(0x7e2bb0b9, 0xfeb8a087), TOBN(0x3246e8ae, 0xe29e10b9),
-     TOBN(0x459f4ec7, 0x03ce2b4d), TOBN(0xe9b4ca1b, 0xbbc077cf),
-     TOBN(0x2613b4f2, 0x0e9940c1), TOBN(0xfc598bb9, 0x047d1eb1),
-     TOBN(0x9744c62b, 0x45036099), TOBN(0xa9dee742, 0x167c65d8),
-     TOBN(0x0c511525, 0xdabe1943), TOBN(0xda110554, 0x93c6c624),
-     TOBN(0xae00a52c, 0x651a3be2), TOBN(0xcda5111d, 0x884449a6),
-     TOBN(0x063c06f4, 0xff33bed1), TOBN(0x73baaf9a, 0x0d3d76b4),
-     TOBN(0x52fb0c9d, 0x7fc63668), TOBN(0x6886c9dd, 0x0c039cde),
-     TOBN(0x602bd599, 0x55b22351), TOBN(0xb00cab02, 0x360c7c13),
-     TOBN(0x8cb616bc, 0x81b69442), TOBN(0x41486700, 0xb55c3cee),
-     TOBN(0x71093281, 0xf49ba278), TOBN(0xad956d9c, 0x64a50710),
-     TOBN(0x9561f28b, 0x638a7e81), TOBN(0x54155cdf, 0x5980ddc3),
-     TOBN(0xb2db4a96, 0xd26f247a), TOBN(0x9d774e4e, 0x4787d100),
-     TOBN(0x1a9e6e2e, 0x078637d2), TOBN(0x1c363e2d, 0x5e0ae06a),
-     TOBN(0x7493483e, 0xe9cfa354), TOBN(0x76843cb3, 0x7f74b98d),
-     TOBN(0xbaca6591, 0xd4b66947), TOBN(0xb452ce98, 0x04460a8c),
-     TOBN(0x6830d246, 0x43768f55), TOBN(0xf4197ed8, 0x7dff12df),
-     TOBN(0x6521b472, 0x400dd0f7), TOBN(0x59f5ca8f, 0x4b1e7093),
-     TOBN(0x6feff11b, 0x080338ae), TOBN(0x0ada31f6, 0xa29ca3c6),
-     TOBN(0x24794eb6, 0x94a2c215), TOBN(0xd83a43ab, 0x05a57ab4),
-     TOBN(0x264a543a, 0x2a6f89fe), TOBN(0x2c2a3868, 0xdd5ec7c2),
-     TOBN(0xd3373940, 0x8439d9b2), TOBN(0x715ea672, 0x0acd1f11),
-     TOBN(0x42c1d235, 0xe7e6cc19), TOBN(0x81ce6e96, 0xb990585c),
-     TOBN(0x04e5dfe0, 0xd809c7bd), TOBN(0xd7b2580c, 0x8f1050ab),
-     TOBN(0x6d91ad78, 0xd8a4176f), TOBN(0x0af556ee, 0x4e2e897c),
-     TOBN(0x162a8b73, 0x921de0ac), TOBN(0x52ac9c22, 0x7ea78400),
-     TOBN(0xee2a4eea, 0xefce2174), TOBN(0xbe61844e, 0x6d637f79),
-     TOBN(0x0491f1bc, 0x789a283b), TOBN(0x72d3ac3d, 0x880836f4),
-     TOBN(0xaa1c5ea3, 0x88e5402d), TOBN(0x1b192421, 0xd5cc473d),
-     TOBN(0x5c0b9998, 0x9dc84cac), TOBN(0xb0a8482d, 0x9c6e75b8),
-     TOBN(0x639961d0, 0x3a191ce2), TOBN(0xda3bc865, 0x6d837930),
-     TOBN(0xca990653, 0x056e6f8f), TOBN(0x84861c41, 0x64d133a7),
-     TOBN(0x8b403276, 0x746abe40), TOBN(0xb7b4d51a, 0xebf8e303),
-     TOBN(0x05b43211, 0x220a255d), TOBN(0xc997152c, 0x02419e6e),
-     TOBN(0x76ff47b6, 0x630c2fea), TOBN(0x50518677, 0x281fdade),
-     TOBN(0x3283b8ba, 0xcf902b0b), TOBN(0x8d4b4eb5, 0x37db303b),
-     TOBN(0xcc89f42d, 0x755011bc), TOBN(0xb43d74bb, 0xdd09d19b),
-     TOBN(0x65746bc9, 0x8adba350), TOBN(0x364eaf8c, 0xb51c1927),
-     TOBN(0x13c76596, 0x10ad72ec), TOBN(0x30045121, 0xf8d40c20),
-     TOBN(0x6d2d99b7, 0xea7b979b), TOBN(0xcd78cd74, 0xe6fb3bcd),
-     TOBN(0x11e45a9e, 0x86cffbfe), TOBN(0x78a61cf4, 0x637024f6),
-     TOBN(0xd06bc872, 0x3d502295), TOBN(0xf1376854, 0x458cb288),
-     TOBN(0xb9db26a1, 0x342f8586), TOBN(0xf33effcf, 0x4beee09e),
-     TOBN(0xd7e0c4cd, 0xb30cfb3a), TOBN(0x6d09b8c1, 0x6c9db4c8),
-     TOBN(0x40ba1a42, 0x07c8d9df), TOBN(0x6fd495f7, 0x1c52c66d),
-     TOBN(0xfb0e169f, 0x275264da), TOBN(0x80c2b746, 0xe57d8362),
-     TOBN(0xedd987f7, 0x49ad7222), TOBN(0xfdc229af, 0x4398ec7b),}
-    ,
-    {TOBN(0xb0d1ed84, 0x52666a58), TOBN(0x4bcb6e00, 0xe6a9c3c2),
-     TOBN(0x3c57411c, 0x26906408), TOBN(0xcfc20755, 0x13556400),
-     TOBN(0xa08b1c50, 0x5294dba3), TOBN(0xa30ba286, 0x8b7dd31e),
-     TOBN(0xd70ba90e, 0x991eca74), TOBN(0x094e142c, 0xe762c2b9),
-     TOBN(0xb81d783e, 0x979f3925), TOBN(0x1efd130a, 0xaf4c89a7),
-     TOBN(0x525c2144, 0xfd1bf7fa), TOBN(0x4b296904, 0x1b265a9e),
-     TOBN(0xed8e9634, 0xb9db65b6), TOBN(0x35c82e32, 0x03599d8a),
-     TOBN(0xdaa7a54f, 0x403563f3), TOBN(0x9df088ad, 0x022c38ab),
-     TOBN(0xe5cfb066, 0xbb3fd30a), TOBN(0x429169da, 0xeff0354e),
-     TOBN(0x809cf852, 0x3524e36c), TOBN(0x136f4fb3, 0x0155be1d),
-     TOBN(0x4826af01, 0x1fbba712), TOBN(0x6ef0f0b4, 0x506ba1a1),
-     TOBN(0xd9928b31, 0x77aea73e), TOBN(0xe2bf6af2, 0x5eaa244e),
-     TOBN(0x8d084f12, 0x4237b64b), TOBN(0x688ebe99, 0xe3ecfd07),
-     TOBN(0x57b8a70c, 0xf6845dd8), TOBN(0x808fc59c, 0x5da4a325),
-     TOBN(0xa9032b2b, 0xa3585862), TOBN(0xb66825d5, 0xedf29386),
-     TOBN(0xb5a5a8db, 0x431ec29b), TOBN(0xbb143a98, 0x3a1e8dc8),
-     TOBN(0x35ee94ce, 0x12ae381b), TOBN(0x3a7f176c, 0x86ccda90),
-     TOBN(0xc63a657e, 0x4606eaca), TOBN(0x9ae5a380, 0x43cd04df),
-     TOBN(0x9bec8d15, 0xed251b46), TOBN(0x1f5d6d30, 0xcaca5e64),
-     TOBN(0x347b3b35, 0x9ff20f07), TOBN(0x4d65f034, 0xf7e4b286),
-     TOBN(0x9e93ba24, 0xf111661e), TOBN(0xedced484, 0xb105eb04),
-     TOBN(0x96dc9ba1, 0xf424b578), TOBN(0xbf8f66b7, 0xe83e9069),
-     TOBN(0x872d4df4, 0xd7ed8216), TOBN(0xbf07f377, 0x8e2cbecf),
-     TOBN(0x4281d899, 0x98e73754), TOBN(0xfec85fbb, 0x8aab8708),
-     TOBN(0x9a3c0dee, 0xa5ba5b0b), TOBN(0xe6a116ce, 0x42d05299),
-     TOBN(0xae9775fe, 0xe9b02d42), TOBN(0x72b05200, 0xa1545cb6),
-     TOBN(0xbc506f7d, 0x31a3b4ea), TOBN(0xe5893078, 0x8bbd9b32),
-     TOBN(0xc8bc5f37, 0xe4b12a97), TOBN(0x6b000c06, 0x4a73b671),
-     TOBN(0x13b5bf22, 0x765fa7d0), TOBN(0x59805bf0, 0x1d6a5370),
-     TOBN(0x67a5e29d, 0x4280db98), TOBN(0x4f53916f, 0x776b1ce3),
-     TOBN(0x714ff61f, 0x33ddf626), TOBN(0x4206238e, 0xa085d103),
-     TOBN(0x1c50d4b7, 0xe5809ee3), TOBN(0x999f450d, 0x85f8eb1d),
-     TOBN(0x658a6051, 0xe4c79e9b), TOBN(0x1394cb73, 0xc66a9fea),
-     TOBN(0x27f31ed5, 0xc6be7b23), TOBN(0xf4c88f36, 0x5aa6f8fe),
-     TOBN(0x0fb0721f, 0x4aaa499e), TOBN(0x68b3a7d5, 0xe3fb2a6b),
-     TOBN(0xa788097d, 0x3a92851d), TOBN(0x060e7f8a, 0xe96f4913),
-     TOBN(0x82eebe73, 0x1a3a93bc), TOBN(0x42bbf465, 0xa21adc1a),
-     TOBN(0xc10b6fa4, 0xef030efd), TOBN(0x247aa4c7, 0x87b097bb),
-     TOBN(0x8b8dc632, 0xf60c77da), TOBN(0x6ffbc26a, 0xc223523e),
-     TOBN(0xa4f6ff11, 0x344579cf), TOBN(0x5825653c, 0x980250f6),
-     TOBN(0xb2dd097e, 0xbc1aa2b9), TOBN(0x07889393, 0x37a0333a),
-     TOBN(0x1cf55e71, 0x37a0db38), TOBN(0x2648487f, 0x792c1613),
-     TOBN(0xdad01336, 0x3fcef261), TOBN(0x6239c81d, 0x0eabf129),
-     TOBN(0x8ee761de, 0x9d276be2), TOBN(0x406a7a34, 0x1eda6ad3),
-     TOBN(0x4bf367ba, 0x4a493b31), TOBN(0x54f20a52, 0x9bf7f026),
-     TOBN(0xb696e062, 0x9795914b), TOBN(0xcddab96d, 0x8bf236ac),
-     TOBN(0x4ff2c70a, 0xed25ea13), TOBN(0xfa1d09eb, 0x81cbbbe7),
-     TOBN(0x88fc8c87, 0x468544c5), TOBN(0x847a670d, 0x696b3317),
-     TOBN(0xf133421e, 0x64bcb626), TOBN(0xaea638c8, 0x26dee0b5),
-     TOBN(0xd6e7680b, 0xb310346c), TOBN(0xe06f4097, 0xd5d4ced3),
-     TOBN(0x09961452, 0x7512a30b), TOBN(0xf3d867fd, 0xe589a59a),
-     TOBN(0x2e73254f, 0x52d0c180), TOBN(0x9063d8a3, 0x333c74ac),
-     TOBN(0xeda6c595, 0xd314e7bc), TOBN(0x2ee7464b, 0x467899ed),
-     TOBN(0x1cef423c, 0x0a1ed5d3), TOBN(0x217e76ea, 0x69cc7613),
-     TOBN(0x27ccce1f, 0xe7cda917), TOBN(0x12d8016b, 0x8a893f16),
-     TOBN(0xbcd6de84, 0x9fc74f6b), TOBN(0xfa5817e2, 0xf3144e61),
-     TOBN(0x1f354164, 0x0821ee4c), TOBN(0x1583eab4, 0x0bc61992),
-     TOBN(0x7490caf6, 0x1d72879f), TOBN(0x998ad9f3, 0xf76ae7b2),
-     TOBN(0x1e181950, 0xa41157f7), TOBN(0xa9d7e1e6, 0xe8da3a7e),
-     TOBN(0x963784eb, 0x8426b95f), TOBN(0x0ee4ed6e, 0x542e2a10),
-     TOBN(0xb79d4cc5, 0xac751e7b), TOBN(0x93f96472, 0xfd4211bd),
-     TOBN(0x8c72d3d2, 0xc8de4fc6), TOBN(0x7b69cbf5, 0xdf44f064),
-     TOBN(0x3da90ca2, 0xf4bf94e1), TOBN(0x1a5325f8, 0xf12894e2),
-     TOBN(0x0a437f6c, 0x7917d60b), TOBN(0x9be70486, 0x96c9cb5d),
-     TOBN(0xb4d880bf, 0xe1dc5c05), TOBN(0xd738adda, 0xeebeeb57),
-     TOBN(0x6f0119d3, 0xdf0fe6a3), TOBN(0x5c686e55, 0x66eaaf5a),
-     TOBN(0x9cb10b50, 0xdfd0b7ec), TOBN(0xbdd0264b, 0x6a497c21),
-     TOBN(0xfc093514, 0x8c546c96), TOBN(0x58a947fa, 0x79dbf42a),
-     TOBN(0xc0b48d4e, 0x49ccd6d7), TOBN(0xff8fb02c, 0x88bd5580),
-     TOBN(0xc75235e9, 0x07d473b2), TOBN(0x4fab1ac5, 0xa2188af3),
-     TOBN(0x030fa3bc, 0x97576ec0), TOBN(0xe8c946e8, 0x0b7e7d2f),
-     TOBN(0x40a5c9cc, 0x70305600), TOBN(0x6d8260a9, 0xc8b013b4),
-     TOBN(0x0368304f, 0x70bba85c), TOBN(0xad090da1, 0xa4a0d311),
-     TOBN(0x7170e870, 0x2415eec1), TOBN(0xbfba35fe, 0x8461ea47),
-     TOBN(0x6279019a, 0xc1e91938), TOBN(0xa47638f3, 0x1afc415f),
-     TOBN(0x36c65cbb, 0xbcba0e0f), TOBN(0x02160efb, 0x034e2c48),
-     TOBN(0xe6c51073, 0x615cd9e4), TOBN(0x498ec047, 0xf1243c06),
-     TOBN(0x3e5a8809, 0xb17b3d8c), TOBN(0x5cd99e61, 0x0cc565f1),
-     TOBN(0x81e312df, 0x7851dafe), TOBN(0xf156f5ba, 0xa79061e2),
-     TOBN(0x80d62b71, 0x880c590e), TOBN(0xbec9746f, 0x0a39faa1),
-     TOBN(0x1d98a9c1, 0xc8ed1f7a), TOBN(0x09e43bb5, 0xa81d5ff2),
-     TOBN(0xd5f00f68, 0x0da0794a), TOBN(0x412050d9, 0x661aa836),
-     TOBN(0xa89f7c4e, 0x90747e40), TOBN(0x6dc05ebb, 0xb62a3686),
-     TOBN(0xdf4de847, 0x308e3353), TOBN(0x53868fbb, 0x9fb53bb9),
-     TOBN(0x2b09d2c3, 0xcfdcf7dd), TOBN(0x41a9fce3, 0x723fcab4),
-     TOBN(0x73d905f7, 0x07f57ca3), TOBN(0x080f9fb1, 0xac8e1555),
-     TOBN(0x7c088e84, 0x9ba7a531), TOBN(0x07d35586, 0xed9a147f),
-     TOBN(0x602846ab, 0xaf48c336), TOBN(0x7320fd32, 0x0ccf0e79),
-     TOBN(0xaa780798, 0xb18bd1ff), TOBN(0x52c2e300, 0xafdd2905),
-     TOBN(0xf27ea3d6, 0x434267cd), TOBN(0x8b96d16d, 0x15605b5f),
-     TOBN(0x7bb31049, 0x4b45706b), TOBN(0xe7f58b8e, 0x743d25f8),
-     TOBN(0xe9b5e45b, 0x87f30076), TOBN(0xd19448d6, 0x5d053d5a),
-     TOBN(0x1ecc8cb9, 0xd3210a04), TOBN(0x6bc7d463, 0xdafb5269),
-     TOBN(0x3e59b10a, 0x67c3489f), TOBN(0x1769788c, 0x65641e1b),
-     TOBN(0x8a53b82d, 0xbd6cb838), TOBN(0x7066d6e6, 0x236d5f22),
-     TOBN(0x03aa1c61, 0x6908536e), TOBN(0xc971da0d, 0x66ae9809),
-     TOBN(0x01b3a86b, 0xc49a2fac), TOBN(0x3b8420c0, 0x3092e77a),
-     TOBN(0x02057300, 0x7d6fb556), TOBN(0x6941b2a1, 0xbff40a87),
-     TOBN(0x140b6308, 0x0658ff2a), TOBN(0x87804363, 0x3424ab36),
-     TOBN(0x0253bd51, 0x5751e299), TOBN(0xc75bcd76, 0x449c3e3a),
-     TOBN(0x92eb4090, 0x7f8f875d), TOBN(0x9c9d754e, 0x56c26bbf),
-     TOBN(0x158cea61, 0x8110bbe7), TOBN(0x62a6b802, 0x745f91ea),
-     TOBN(0xa79c41aa, 0xc6e7394b), TOBN(0x445b6a83, 0xad57ef10),
-     TOBN(0x0c5277eb, 0x6ea6f40c), TOBN(0x319fe96b, 0x88633365),
-     TOBN(0x0b0fc61f, 0x385f63cb), TOBN(0x41250c84, 0x22bdd127),
-     TOBN(0x67d153f1, 0x09e942c2), TOBN(0x60920d08, 0xc021ad5d),
-     TOBN(0x229f5746, 0x724d81a5), TOBN(0xb7ffb892, 0x5bba3299),
-     TOBN(0x518c51a1, 0xde413032), TOBN(0x2a9bfe77, 0x3c2fd94c),
-     TOBN(0xcbcde239, 0x3191f4fd), TOBN(0x43093e16, 0xd3d6ada1),
-     TOBN(0x184579f3, 0x58769606), TOBN(0x2c94a8b3, 0xd236625c),
-     TOBN(0x6922b9c0, 0x5c437d8e), TOBN(0x3d4ae423, 0xd8d9f3c8),
-     TOBN(0xf72c31c1, 0x2e7090a2), TOBN(0x4ac3f5f3, 0xd76a55bd),
-     TOBN(0x342508fc, 0x6b6af991), TOBN(0x0d527100, 0x1b5cebbd),
-     TOBN(0xb84740d0, 0xdd440dd7), TOBN(0x748ef841, 0x780162fd),
-     TOBN(0xa8dbfe0e, 0xdfc6fafb), TOBN(0xeadfdf05, 0xf7300f27),
-     TOBN(0x7d06555f, 0xfeba4ec9), TOBN(0x12c56f83, 0x9e25fa97),
-     TOBN(0x77f84203, 0xd39b8c34), TOBN(0xed8b1be6, 0x3125eddb),
-     TOBN(0x5bbf2441, 0xf6e39dc5), TOBN(0xb00f6ee6, 0x6a5d678a),
-     TOBN(0xba456ecf, 0x57d0ea99), TOBN(0xdcae0f58, 0x17e06c43),
-     TOBN(0x01643de4, 0x0f5b4baa), TOBN(0x2c324341, 0xd161b9be),
-     TOBN(0x80177f55, 0xe126d468), TOBN(0xed325f1f, 0x76748e09),
-     TOBN(0x6116004a, 0xcfa9bdc2), TOBN(0x2d8607e6, 0x3a9fb468),
-     TOBN(0x0e573e27, 0x6009d660), TOBN(0x3a525d2e, 0x8d10c5a1),
-     TOBN(0xd26cb45c, 0x3b9009a0), TOBN(0xb6b0cdc0, 0xde9d7448),
-     TOBN(0x949c9976, 0xe1337c26), TOBN(0x6faadebd, 0xd73d68e5),
-     TOBN(0x9e158614, 0xf1b768d9), TOBN(0x22dfa557, 0x9cc4f069),
-     TOBN(0xccd6da17, 0xbe93c6d6), TOBN(0x24866c61, 0xa504f5b9),
-     TOBN(0x2121353c, 0x8d694da1), TOBN(0x1c6ca580, 0x0140b8c6),
-     TOBN(0xc245ad8c, 0xe964021e), TOBN(0xb83bffba, 0x032b82b3),
-     TOBN(0xfaa220c6, 0x47ef9898), TOBN(0x7e8d3ac6, 0x982c948a),
-     TOBN(0x1faa2091, 0xbc2d124a), TOBN(0xbd54c3dd, 0x05b15ff4),
-     TOBN(0x386bf3ab, 0xc87c6fb7), TOBN(0xfb2b0563, 0xfdeb6f66),
-     TOBN(0x4e77c557, 0x5b45afb4), TOBN(0xe9ded649, 0xefb8912d),
-     TOBN(0x7ec9bbf5, 0x42f6e557), TOBN(0x2570dfff, 0x62671f00),
-     TOBN(0x2b3bfb78, 0x88e084bd), TOBN(0xa024b238, 0xf37fe5b4),
-     TOBN(0x44e7dc04, 0x95649aee), TOBN(0x498ca255, 0x5e7ec1d8),
-     TOBN(0x3bc766ea, 0xaaa07e86), TOBN(0x0db6facb, 0xf3608586),
-     TOBN(0xbadd2549, 0xbdc259c8), TOBN(0x95af3c6e, 0x041c649f),
-     TOBN(0xb36a928c, 0x02e30afb), TOBN(0x9b5356ad, 0x008a88b8),
-     TOBN(0x4b67a5f1, 0xcf1d9e9d), TOBN(0xc6542e47, 0xa5d8d8ce),
-     TOBN(0x73061fe8, 0x7adfb6cc), TOBN(0xcc826fd3, 0x98678141),
-     TOBN(0x00e758b1, 0x3c80515a), TOBN(0x6afe3247, 0x41485083),
-     TOBN(0x0fcb08b9, 0xb6ae8a75), TOBN(0xb8cf388d, 0x4acf51e1),
-     TOBN(0x344a5560, 0x6961b9d6), TOBN(0x1a6778b8, 0x6a97fd0c),
-     TOBN(0xd840fdc1, 0xecc4c7e3), TOBN(0xde9fe47d, 0x16db68cc),
-     TOBN(0xe95f89de, 0xa3e216aa), TOBN(0x84f1a6a4, 0x9594a8be),
-     TOBN(0x7ddc7d72, 0x5a7b162b), TOBN(0xc5cfda19, 0xadc817a3),
-     TOBN(0x80a5d350, 0x78b58d46), TOBN(0x93365b13, 0x82978f19),
-     TOBN(0x2e44d225, 0x26a1fc90), TOBN(0x0d6d10d2, 0x4d70705d),
-     TOBN(0xd94b6b10, 0xd70c45f4), TOBN(0x0f201022, 0xb216c079),
-     TOBN(0xcec966c5, 0x658fde41), TOBN(0xa8d2bc7d, 0x7e27601d),
-     TOBN(0xbfcce3e1, 0xff230be7), TOBN(0x3394ff6b, 0x0033ffb5),
-     TOBN(0xd890c509, 0x8132c9af), TOBN(0xaac4b0eb, 0x361e7868),
-     TOBN(0x5194ded3, 0xe82d15aa), TOBN(0x4550bd2e, 0x23ae6b7d),
-     TOBN(0x3fda318e, 0xea5399d4), TOBN(0xd989bffa, 0x91638b80),
-     TOBN(0x5ea124d0, 0xa14aa12d), TOBN(0x1fb1b899, 0x3667b944),
-     TOBN(0x95ec7969, 0x44c44d6a), TOBN(0x91df144a, 0x57e86137),
-     TOBN(0x915fd620, 0x73adac44), TOBN(0x8f01732d, 0x59a83801),
-     TOBN(0xec579d25, 0x3aa0a633), TOBN(0x06de5e7c, 0xc9d6d59c),
-     TOBN(0xc132f958, 0xb1ef8010), TOBN(0x29476f96, 0xe65c1a02),
-     TOBN(0x336a77c0, 0xd34c3565), TOBN(0xef1105b2, 0x1b9f1e9e),
-     TOBN(0x63e6d08b, 0xf9e08002), TOBN(0x9aff2f21, 0xc613809e),
-     TOBN(0xb5754f85, 0x3a80e75d), TOBN(0xde71853e, 0x6bbda681),
-     TOBN(0x86f041df, 0x8197fd7a), TOBN(0x8b332e08, 0x127817fa),
-     TOBN(0x05d99be8, 0xb9c20cda), TOBN(0x89f7aad5, 0xd5cd0c98),
-     TOBN(0x7ef936fe, 0x5bb94183), TOBN(0x92ca0753, 0xb05cd7f2),
-     TOBN(0x9d65db11, 0x74a1e035), TOBN(0x02628cc8, 0x13eaea92),
-     TOBN(0xf2d9e242, 0x49e4fbf2), TOBN(0x94fdfd9b, 0xe384f8b7),
-     TOBN(0x65f56054, 0x63428c6b), TOBN(0x2f7205b2, 0x90b409a5),
-     TOBN(0xf778bb78, 0xff45ae11), TOBN(0xa13045be, 0xc5ee53b2),
-     TOBN(0xe00a14ff, 0x03ef77fe), TOBN(0x689cd59f, 0xffef8bef),
-     TOBN(0x3578f0ed, 0x1e9ade22), TOBN(0xe99f3ec0, 0x6268b6a8),
-     TOBN(0xa2057d91, 0xea1b3c3e), TOBN(0x2d1a7053, 0xb8823a4a),
-     TOBN(0xabbb336a, 0x2cca451e), TOBN(0xcd2466e3, 0x2218bb5d),
-     TOBN(0x3ac1f42f, 0xc8cb762d), TOBN(0x7e312aae, 0x7690211f),
-     TOBN(0xebb9bd73, 0x45d07450), TOBN(0x207c4b82, 0x46c2213f),
-     TOBN(0x99d425c1, 0x375913ec), TOBN(0x94e45e96, 0x67908220),
-     TOBN(0xc08f3087, 0xcd67dbf6), TOBN(0xa5670fbe, 0xc0887056),
-     TOBN(0x6717b64a, 0x66f5b8fc), TOBN(0xd5a56aea, 0x786fec28),
-     TOBN(0xa8c3f55f, 0xc0ff4952), TOBN(0xa77fefae, 0x457ac49b),
-     TOBN(0x29882d7c, 0x98379d44), TOBN(0xd000bdfb, 0x509edc8a),
-     TOBN(0xc6f95979, 0xe66fe464), TOBN(0x504a6115, 0xfa61bde0),
-     TOBN(0x56b3b871, 0xeffea31a), TOBN(0x2d3de26d, 0xf0c21a54),
-     TOBN(0x21dbff31, 0x834753bf), TOBN(0xe67ecf49, 0x69269d86),
-     TOBN(0x7a176952, 0x151fe690), TOBN(0x03515804, 0x7f2adb5f),
-     TOBN(0xee794b15, 0xd1b62a8d), TOBN(0xf004ceec, 0xaae454e6),
-     TOBN(0x0897ea7c, 0xf0386fac), TOBN(0x3b62ff12, 0xd1fca751),
-     TOBN(0x154181df, 0x1b7a04ec), TOBN(0x2008e04a, 0xfb5847ec),
-     TOBN(0xd147148e, 0x41dbd772), TOBN(0x2b419f73, 0x22942654),
-     TOBN(0x669f30d3, 0xe9c544f7), TOBN(0x52a2c223, 0xc8540149),
-     TOBN(0x5da9ee14, 0x634dfb02), TOBN(0x5f074ff0, 0xf47869f3),
-     TOBN(0x74ee878d, 0xa3933acc), TOBN(0xe6510651, 0x4fe35ed1),
-     TOBN(0xb3eb9482, 0xf1012e7a), TOBN(0x51013cc0, 0xa8a566ae),
-     TOBN(0xdd5e9243, 0x47c00d3b), TOBN(0x7fde089d, 0x946bb0e5),
-     TOBN(0x030754fe, 0xc731b4b3), TOBN(0x12a136a4, 0x99fda062),
-     TOBN(0x7c1064b8, 0x5a1a35bc), TOBN(0xbf1f5763, 0x446c84ef),
-     TOBN(0xed29a56d, 0xa16d4b34), TOBN(0x7fba9d09, 0xdca21c4f),
-     TOBN(0x66d7ac00, 0x6d8de486), TOBN(0x60061987, 0x73a2a5e1),
-     TOBN(0x8b400f86, 0x9da28ff0), TOBN(0x3133f708, 0x43c4599c),
-     TOBN(0x9911c9b8, 0xee28cb0d), TOBN(0xcd7e2874, 0x8e0af61d),
-     TOBN(0x5a85f0f2, 0x72ed91fc), TOBN(0x85214f31, 0x9cd4a373),
-     TOBN(0x881fe5be, 0x1925253c), TOBN(0xd8dc98e0, 0x91e8bc76),
-     TOBN(0x7120affe, 0x585cc3a2), TOBN(0x724952ed, 0x735bf97a),
-     TOBN(0x5581e7dc, 0x3eb34581), TOBN(0x5cbff4f2, 0xe52ee57d),
-     TOBN(0x8d320a0e, 0x87d8cc7b), TOBN(0x9beaa7f3, 0xf1d280d0),
-     TOBN(0x7a0b9571, 0x9beec704), TOBN(0x9126332e, 0x5b7f0057),
-     TOBN(0x01fbc1b4, 0x8ed3bd6d), TOBN(0x35bb2c12, 0xd945eb24),
-     TOBN(0x6404694e, 0x9a8ae255), TOBN(0xb6092eec, 0x8d6abfb3),
-     TOBN(0x4d76143f, 0xcc058865), TOBN(0x7b0a5af2, 0x6e249922),
-     TOBN(0x8aef9440, 0x6a50d353), TOBN(0xe11e4bcc, 0x64f0e07a),
-     TOBN(0x4472993a, 0xa14a90fa), TOBN(0x7706e20c, 0xba0c51d4),
-     TOBN(0xf403292f, 0x1532672d), TOBN(0x52573bfa, 0x21829382),
-     TOBN(0x6a7bb6a9, 0x3b5bdb83), TOBN(0x08da65c0, 0xa4a72318),
-     TOBN(0xc58d22aa, 0x63eb065f), TOBN(0x1717596c, 0x1b15d685),
-     TOBN(0x112df0d0, 0xb266d88b), TOBN(0xf688ae97, 0x5941945a),
-     TOBN(0x487386e3, 0x7c292cac), TOBN(0x42f3b50d, 0x57d6985c),
-     TOBN(0x6da4f998, 0x6a90fc34), TOBN(0xc8f257d3, 0x65ca8a8d),
-     TOBN(0xc2feabca, 0x6951f762), TOBN(0xe1bc81d0, 0x74c323ac),
-     TOBN(0x1bc68f67, 0x251a2a12), TOBN(0x10d86587, 0xbe8a70dc),
-     TOBN(0xd648af7f, 0xf0f84d2e), TOBN(0xf0aa9ebc, 0x6a43ac92),
-     TOBN(0x69e3be04, 0x27596893), TOBN(0xb6bb02a6, 0x45bf452b),
-     TOBN(0x0875c11a, 0xf4c698c8), TOBN(0x6652b5c7, 0xbece3794),
-     TOBN(0x7b3755fd, 0x4f5c0499), TOBN(0x6ea16558, 0xb5532b38),
-     TOBN(0xd1c69889, 0xa2e96ef7), TOBN(0x9c773c3a, 0x61ed8f48),
-     TOBN(0x2b653a40, 0x9b323abc), TOBN(0xe26605e1, 0xf0e1d791),
-     TOBN(0x45d41064, 0x4a87157a), TOBN(0x8f9a78b7, 0xcbbce616),
-     TOBN(0xcf1e44aa, 0xc407eddd), TOBN(0x81ddd1d8, 0xa35b964f),
-     TOBN(0x473e339e, 0xfd083999), TOBN(0x6c94bdde, 0x8e796802),
-     TOBN(0x5a304ada, 0x8545d185), TOBN(0x82ae44ea, 0x738bb8cb),
-     TOBN(0x628a35e3, 0xdf87e10e), TOBN(0xd3624f3d, 0xa15b9fe3),
-     TOBN(0xcc44209b, 0x14be4254), TOBN(0x7d0efcbc, 0xbdbc2ea5),
-     TOBN(0x1f603362, 0x04c37bbe), TOBN(0x21f363f5, 0x56a5852c),
-     TOBN(0xa1503d1c, 0xa8501550), TOBN(0x2251e0e1, 0xd8ab10bb),
-     TOBN(0xde129c96, 0x6961c51c), TOBN(0x1f7246a4, 0x81910f68),
-     TOBN(0x2eb744ee, 0x5f2591f2), TOBN(0x3c47d33f, 0x5e627157),
-     TOBN(0x4d6d62c9, 0x22f3bd68), TOBN(0x6120a64b, 0xcb8df856),
-     TOBN(0x3a9ac6c0, 0x7b5d07df), TOBN(0xa92b9558, 0x7ef39783),
-     TOBN(0xe128a134, 0xab3a9b4f), TOBN(0x41c18807, 0xb1252f05),
-     TOBN(0xfc7ed089, 0x80ba9b1c), TOBN(0xac8dc6de, 0xc532a9dd),
-     TOBN(0xbf829cef, 0x55246809), TOBN(0x101b784f, 0x5b4ee80f),
-     TOBN(0xc09945bb, 0xb6f11603), TOBN(0x57b09dbe, 0x41d2801e),
-     TOBN(0xfba5202f, 0xa97534a8), TOBN(0x7fd8ae5f, 0xc17b9614),
-     TOBN(0xa50ba666, 0x78308435), TOBN(0x9572f77c, 0xd3868c4d),
-     TOBN(0x0cef7bfd, 0x2dd7aab0), TOBN(0xe7958e08, 0x2c7c79ff),
-     TOBN(0x81262e42, 0x25346689), TOBN(0x716da290, 0xb07c7004),
-     TOBN(0x35f911ea, 0xb7950ee3), TOBN(0x6fd72969, 0x261d21b5),
-     TOBN(0x52389803, 0x08b640d3), TOBN(0x5b0026ee, 0x887f12a1),
-     TOBN(0x20e21660, 0x742e9311), TOBN(0x0ef6d541, 0x5ff77ff7),
-     TOBN(0x969127f0, 0xf9c41135), TOBN(0xf21d60c9, 0x68a64993),
-     TOBN(0x656e5d0c, 0xe541875c), TOBN(0xf1e0f84e, 0xa1d3c233),
-     TOBN(0x9bcca359, 0x06002d60), TOBN(0xbe2da60c, 0x06191552),
-     TOBN(0x5da8bbae, 0x61181ec3), TOBN(0x9f04b823, 0x65806f19),
-     TOBN(0xf1604a7d, 0xd4b79bb8), TOBN(0xaee806fb, 0x52c878c8),
-     TOBN(0x34144f11, 0x8d47b8e8), TOBN(0x72edf52b, 0x949f9054),
-     TOBN(0xebfca84e, 0x2127015a), TOBN(0x9051d0c0, 0x9cb7cef3),
-     TOBN(0x86e8fe58, 0x296deec8), TOBN(0x33b28188, 0x41010d74),}
-    ,
-    {TOBN(0x01079383, 0x171b445f), TOBN(0x9bcf21e3, 0x8131ad4c),
-     TOBN(0x8cdfe205, 0xc93987e8), TOBN(0xe63f4152, 0xc92e8c8f),
-     TOBN(0x729462a9, 0x30add43d), TOBN(0x62ebb143, 0xc980f05a),
-     TOBN(0x4f3954e5, 0x3b06e968), TOBN(0xfe1d75ad, 0x242cf6b1),
-     TOBN(0x5f95c6c7, 0xaf8685c8), TOBN(0xd4c1c8ce, 0x2f8f01aa),
-     TOBN(0xc44bbe32, 0x2574692a), TOBN(0xb8003478, 0xd4a4a068),
-     TOBN(0x7c8fc6e5, 0x2eca3cdb), TOBN(0xea1db16b, 0xec04d399),
-     TOBN(0xb05bc82e, 0x8f2bc5cf), TOBN(0x763d517f, 0xf44793d2),
-     TOBN(0x4451c1b8, 0x08bd98d0), TOBN(0x644b1cd4, 0x6575f240),
-     TOBN(0x6907eb33, 0x7375d270), TOBN(0x56c8bebd, 0xfa2286bd),
-     TOBN(0xc713d2ac, 0xc4632b46), TOBN(0x17da427a, 0xafd60242),
-     TOBN(0x313065b7, 0xc95c7546), TOBN(0xf8239898, 0xbf17a3de),
-     TOBN(0xf3b7963f, 0x4c830320), TOBN(0x842c7aa0, 0x903203e3),
-     TOBN(0xaf22ca0a, 0xe7327afb), TOBN(0x38e13092, 0x967609b6),
-     TOBN(0x73b8fb62, 0x757558f1), TOBN(0x3cc3e831, 0xf7eca8c1),
-     TOBN(0xe4174474, 0xf6331627), TOBN(0xa77989ca, 0xc3c40234),
-     TOBN(0xe5fd17a1, 0x44a081e0), TOBN(0xd797fb7d, 0xb70e296a),
-     TOBN(0x2b472b30, 0x481f719c), TOBN(0x0e632a98, 0xfe6f8c52),
-     TOBN(0x89ccd116, 0xc5f0c284), TOBN(0xf51088af, 0x2d987c62),
-     TOBN(0x2a2bccda, 0x4c2de6cf), TOBN(0x810f9efe, 0xf679f0f9),
-     TOBN(0xb0f394b9, 0x7ffe4b3e), TOBN(0x0b691d21, 0xe5fa5d21),
-     TOBN(0xb0bd7747, 0x9dfbbc75), TOBN(0xd2830fda, 0xfaf78b00),
-     TOBN(0xf78c249c, 0x52434f57), TOBN(0x4b1f7545, 0x98096dab),
-     TOBN(0x73bf6f94, 0x8ff8c0b3), TOBN(0x34aef03d, 0x454e134c),
-     TOBN(0xf8d151f4, 0xb7ac7ec5), TOBN(0xd6ceb95a, 0xe50da7d5),
-     TOBN(0xa1b492b0, 0xdc3a0eb8), TOBN(0x75157b69, 0xb3dd2863),
-     TOBN(0xe2c4c74e, 0xc5413d62), TOBN(0xbe329ff7, 0xbc5fc4c7),
-     TOBN(0x835a2aea, 0x60fa9dda), TOBN(0xf117f5ad, 0x7445cb87),
-     TOBN(0xae8317f4, 0xb0166f7a), TOBN(0xfbd3e3f7, 0xceec74e6),
-     TOBN(0xfdb516ac, 0xe0874bfd), TOBN(0x3d846019, 0xc681f3a3),
-     TOBN(0x0b12ee5c, 0x7c1620b0), TOBN(0xba68b4dd, 0x2b63c501),
-     TOBN(0xac03cd32, 0x6668c51e), TOBN(0x2a6279f7, 0x4e0bcb5b),
-     TOBN(0x17bd69b0, 0x6ae85c10), TOBN(0x72946979, 0x1dfdd3a6),
-     TOBN(0xd9a03268, 0x2c078bec), TOBN(0x41c6a658, 0xbfd68a52),
-     TOBN(0xcdea1024, 0x0e023900), TOBN(0xbaeec121, 0xb10d144d),
-     TOBN(0x5a600e74, 0x058ab8dc), TOBN(0x1333af21, 0xbb89ccdd),
-     TOBN(0xdf25eae0, 0x3aaba1f1), TOBN(0x2cada16e, 0x3b7144cf),
-     TOBN(0x657ee27d, 0x71ab98bc), TOBN(0x99088b4c, 0x7a6fc96e),
-     TOBN(0x05d5c0a0, 0x3549dbd4), TOBN(0x42cbdf8f, 0xf158c3ac),
-     TOBN(0x3fb6b3b0, 0x87edd685), TOBN(0x22071cf6, 0x86f064d0),
-     TOBN(0xd2d6721f, 0xff2811e5), TOBN(0xdb81b703, 0xfe7fae8c),
-     TOBN(0x3cfb74ef, 0xd3f1f7bb), TOBN(0x0cdbcd76, 0x16cdeb5d),
-     TOBN(0x4f39642a, 0x566a808c), TOBN(0x02b74454, 0x340064d6),
-     TOBN(0xfabbadca, 0x0528fa6f), TOBN(0xe4c3074c, 0xd3fc0bb6),
-     TOBN(0xb32cb8b0, 0xb796d219), TOBN(0xc3e95f4f, 0x34741dd9),
-     TOBN(0x87212125, 0x68edf6f5), TOBN(0x7a03aee4, 0xa2b9cb8e),
-     TOBN(0x0cd3c376, 0xf53a89aa), TOBN(0x0d8af9b1, 0x948a28dc),
-     TOBN(0xcf86a3f4, 0x902ab04f), TOBN(0x8aacb62a, 0x7f42002d),
-     TOBN(0x106985eb, 0xf62ffd52), TOBN(0xe670b54e, 0x5797bf10),
-     TOBN(0x4b405209, 0xc5e30aef), TOBN(0x12c97a20, 0x4365b5e9),
-     TOBN(0x104646ce, 0x1fe32093), TOBN(0x13cb4ff6, 0x3907a8c9),
-     TOBN(0x8b9f30d1, 0xd46e726b), TOBN(0xe1985e21, 0xaba0f499),
-     TOBN(0xc573dea9, 0x10a230cd), TOBN(0x24f46a93, 0xcd30f947),
-     TOBN(0xf2623fcf, 0xabe2010a), TOBN(0x3f278cb2, 0x73f00e4f),
-     TOBN(0xed55c67d, 0x50b920eb), TOBN(0xf1cb9a2d, 0x8e760571),
-     TOBN(0x7c50d109, 0x0895b709), TOBN(0x4207cf07, 0x190d4369),
-     TOBN(0x3b027e81, 0xc4127fe1), TOBN(0xa9f8b9ad, 0x3ae9c566),
-     TOBN(0x5ab10851, 0xacbfbba5), TOBN(0xa747d648, 0x569556f5),
-     TOBN(0xcc172b5c, 0x2ba97bf7), TOBN(0x15e0f77d, 0xbcfa3324),
-     TOBN(0xa345b797, 0x7686279d), TOBN(0x5a723480, 0xe38003d3),
-     TOBN(0xfd8e139f, 0x8f5fcda8), TOBN(0xf3e558c4, 0xbdee5bfd),
-     TOBN(0xd76cbaf4, 0xe33f9f77), TOBN(0x3a4c97a4, 0x71771969),
-     TOBN(0xda27e84b, 0xf6dce6a7), TOBN(0xff373d96, 0x13e6c2d1),
-     TOBN(0xf115193c, 0xd759a6e9), TOBN(0x3f9b7025, 0x63d2262c),
-     TOBN(0xd9764a31, 0x317cd062), TOBN(0x30779d8e, 0x199f8332),
-     TOBN(0xd8074106, 0x16b11b0b), TOBN(0x7917ab9f, 0x78aeaed8),
-     TOBN(0xb67a9cbe, 0x28fb1d8e), TOBN(0x2e313563, 0x136eda33),
-     TOBN(0x010b7069, 0xa371a86c), TOBN(0x44d90fa2, 0x6744e6b7),
-     TOBN(0x68190867, 0xd6b3e243), TOBN(0x9fe6cd9d, 0x59048c48),
-     TOBN(0xb900b028, 0x95731538), TOBN(0xa012062f, 0x32cae04f),
-     TOBN(0x8107c8bc, 0x9399d082), TOBN(0x47e8c54a, 0x41df12e2),
-     TOBN(0x14ba5117, 0xb6ef3f73), TOBN(0x22260bea, 0x81362f0b),
-     TOBN(0x90ea261e, 0x1a18cc20), TOBN(0x2192999f, 0x2321d636),
-     TOBN(0xef64d314, 0xe311b6a0), TOBN(0xd7401e4c, 0x3b54a1f5),
-     TOBN(0x19019983, 0x6fbca2ba), TOBN(0x46ad3293, 0x8fbffc4b),
-     TOBN(0xa142d3f6, 0x3786bf40), TOBN(0xeb5cbc26, 0xb67039fc),
-     TOBN(0x9cb0ae6c, 0x252bd479), TOBN(0x05e0f88a, 0x12b5848f),
-     TOBN(0x78f6d2b2, 0xa5c97663), TOBN(0x6f6e149b, 0xc162225c),
-     TOBN(0xe602235c, 0xde601a89), TOBN(0xd17bbe98, 0xf373be1f),
-     TOBN(0xcaf49a5b, 0xa8471827), TOBN(0x7e1a0a85, 0x18aaa116),
-     TOBN(0x6c833196, 0x270580c3), TOBN(0x1e233839, 0xf1c98a14),
-     TOBN(0x67b2f7b4, 0xae34e0a5), TOBN(0x47ac8745, 0xd8ce7289),
-     TOBN(0x2b74779a, 0x100dd467), TOBN(0x274a4337, 0x4ee50d09),
-     TOBN(0x603dcf13, 0x83608bc9), TOBN(0xcd9da6c3, 0xc89e8388),
-     TOBN(0x2660199f, 0x355116ac), TOBN(0xcc38bb59, 0xb6d18eed),
-     TOBN(0x3075f31f, 0x2f4bc071), TOBN(0x9774457f, 0x265dc57e),
-     TOBN(0x06a6a9c8, 0xc6db88bb), TOBN(0x6429d07f, 0x4ec98e04),
-     TOBN(0x8d05e57b, 0x05ecaa8b), TOBN(0x20f140b1, 0x7872ea7b),
-     TOBN(0xdf8c0f09, 0xca494693), TOBN(0x48d3a020, 0xf252e909),
-     TOBN(0x4c5c29af, 0x57b14b12), TOBN(0x7e6fa37d, 0xbf47ad1c),
-     TOBN(0x66e7b506, 0x49a0c938), TOBN(0xb72c0d48, 0x6be5f41f),
-     TOBN(0x6a6242b8, 0xb2359412), TOBN(0xcd35c774, 0x8e859480),
-     TOBN(0x12536fea, 0x87baa627), TOBN(0x58c1fec1, 0xf72aa680),
-     TOBN(0x6c29b637, 0x601e5dc9), TOBN(0x9e3c3c1c, 0xde9e01b9),
-     TOBN(0xefc8127b, 0x2bcfe0b0), TOBN(0x35107102, 0x2a12f50d),
-     TOBN(0x6ccd6cb1, 0x4879b397), TOBN(0xf792f804, 0xf8a82f21),
-     TOBN(0x509d4804, 0xa9b46402), TOBN(0xedddf85d, 0xc10f0850),
-     TOBN(0x928410dc, 0x4b6208aa), TOBN(0xf6229c46, 0x391012dc),
-     TOBN(0xc5a7c41e, 0x7727b9b6), TOBN(0x289e4e4b, 0xaa444842),
-     TOBN(0x049ba1d9, 0xe9a947ea), TOBN(0x44f9e47f, 0x83c8debc),
-     TOBN(0xfa77a1fe, 0x611f8b8e), TOBN(0xfd2e416a, 0xf518f427),
-     TOBN(0xc5fffa70, 0x114ebac3), TOBN(0xfe57c4e9, 0x5d89697b),
-     TOBN(0xfdd053ac, 0xb1aaf613), TOBN(0x31df210f, 0xea585a45),
-     TOBN(0x318cc10e, 0x24985034), TOBN(0x1a38efd1, 0x5f1d6130),
-     TOBN(0xbf86f237, 0x0b1e9e21), TOBN(0xb258514d, 0x1dbe88aa),
-     TOBN(0x1e38a588, 0x90c1baf9), TOBN(0x2936a01e, 0xbdb9b692),
-     TOBN(0xd576de98, 0x6dd5b20c), TOBN(0xb586bf71, 0x70f98ecf),
-     TOBN(0xcccf0f12, 0xc42d2fd7), TOBN(0x8717e61c, 0xfb35bd7b),
-     TOBN(0x8b1e5722, 0x35e6fc06), TOBN(0x3477728f, 0x0b3e13d5),
-     TOBN(0x150c294d, 0xaa8a7372), TOBN(0xc0291d43, 0x3bfa528a),
-     TOBN(0xc6c8bc67, 0xcec5a196), TOBN(0xdeeb31e4, 0x5c2e8a7c),
-     TOBN(0xba93e244, 0xfb6e1c51), TOBN(0xb9f8b71b, 0x2e28e156),
-     TOBN(0xce65a287, 0x968a2ab9), TOBN(0xe3c5ce69, 0x46bbcb1f),
-     TOBN(0xf8c835b9, 0xe7ae3f30), TOBN(0x16bbee26, 0xff72b82b),
-     TOBN(0x665e2017, 0xfd42cd22), TOBN(0x1e139970, 0xf8b1d2a0),
-     TOBN(0x125cda29, 0x79204932), TOBN(0x7aee94a5, 0x49c3bee5),
-     TOBN(0x68c70160, 0x89821a66), TOBN(0xf7c37678, 0x8f981669),
-     TOBN(0xd90829fc, 0x48cc3645), TOBN(0x346af049, 0xd70addfc),
-     TOBN(0x2057b232, 0x370bf29c), TOBN(0xf90c73ce, 0x42e650ee),
-     TOBN(0xe03386ea, 0xa126ab90), TOBN(0x0e266e7e, 0x975a087b),
-     TOBN(0x80578eb9, 0x0fca65d9), TOBN(0x7e2989ea, 0x16af45b8),
-     TOBN(0x7438212d, 0xcac75a4e), TOBN(0x38c7ca39, 0x4fef36b8),
-     TOBN(0x8650c494, 0xd402676a), TOBN(0x26ab5a66, 0xf72c7c48),
-     TOBN(0x4e6cb426, 0xce3a464e), TOBN(0xf8f99896, 0x2b72f841),
-     TOBN(0x8c318491, 0x1a335cc8), TOBN(0x563459ba, 0x6a5913e4),
-     TOBN(0x1b920d61, 0xc7b32919), TOBN(0x805ab8b6, 0xa02425ad),
-     TOBN(0x2ac512da, 0x8d006086), TOBN(0x6ca4846a, 0xbcf5c0fd),
-     TOBN(0xafea51d8, 0xac2138d7), TOBN(0xcb647545, 0x344cd443),
-     TOBN(0x0429ee8f, 0xbd7d9040), TOBN(0xee66a2de, 0x819b9c96),
-     TOBN(0x54f9ec25, 0xdea7d744), TOBN(0x2ffea642, 0x671721bb),
-     TOBN(0x4f19dbd1, 0x114344ea), TOBN(0x04304536, 0xfd0dbc8b),
-     TOBN(0x014b50aa, 0x29ec7f91), TOBN(0xb5fc22fe, 0xbb06014d),
-     TOBN(0x60d963a9, 0x1ee682e0), TOBN(0xdf48abc0, 0xfe85c727),
-     TOBN(0x0cadba13, 0x2e707c2d), TOBN(0xde608d3a, 0xa645aeff),
-     TOBN(0x05f1c28b, 0xedafd883), TOBN(0x3c362ede, 0xbd94de1f),
-     TOBN(0x8dd0629d, 0x13593e41), TOBN(0x0a5e736f, 0x766d6eaf),
-     TOBN(0xbfa92311, 0xf68cf9d1), TOBN(0xa4f9ef87, 0xc1797556),
-     TOBN(0x10d75a1f, 0x5601c209), TOBN(0x651c374c, 0x09b07361),
-     TOBN(0x49950b58, 0x88b5cead), TOBN(0x0ef00058, 0x6fa9dbaa),
-     TOBN(0xf51ddc26, 0x4e15f33a), TOBN(0x1f8b5ca6, 0x2ef46140),
-     TOBN(0x343ac0a3, 0xee9523f0), TOBN(0xbb75eab2, 0x975ea978),
-     TOBN(0x1bccf332, 0x107387f4), TOBN(0x790f9259, 0x9ab0062e),
-     TOBN(0xf1a363ad, 0x1e4f6a5f), TOBN(0x06e08b84, 0x62519a50),
-     TOBN(0x60915187, 0x7265f1ee), TOBN(0x6a80ca34, 0x93ae985e),
-     TOBN(0x81b29768, 0xaaba4864), TOBN(0xb13cabf2, 0x8d52a7d6),
-     TOBN(0xb5c36348, 0x8ead03f1), TOBN(0xc932ad95, 0x81c7c1c0),
-     TOBN(0x5452708e, 0xcae1e27b), TOBN(0x9dac4269, 0x1b0df648),
-     TOBN(0x233e3f0c, 0xdfcdb8bc), TOBN(0xe6ceccdf, 0xec540174),
-     TOBN(0xbd0d845e, 0x95081181), TOBN(0xcc8a7920, 0x699355d5),
-     TOBN(0x111c0f6d, 0xc3b375a8), TOBN(0xfd95bc6b, 0xfd51e0dc),
-     TOBN(0x4a106a26, 0x6888523a), TOBN(0x4d142bd6, 0xcb01a06d),
-     TOBN(0x79bfd289, 0xadb9b397), TOBN(0x0bdbfb94, 0xe9863914),
-     TOBN(0x29d8a229, 0x1660f6a6), TOBN(0x7f6abcd6, 0x551c042d),
-     TOBN(0x13039deb, 0x0ac3ffe8), TOBN(0xa01be628, 0xec8523fb),
-     TOBN(0x6ea34103, 0x0ca1c328), TOBN(0xc74114bd, 0xb903928e),
-     TOBN(0x8aa4ff4e, 0x9e9144b0), TOBN(0x7064091f, 0x7f9a4b17),
-     TOBN(0xa3f4f521, 0xe447f2c4), TOBN(0x81b8da7a, 0x604291f0),
-     TOBN(0xd680bc46, 0x7d5926de), TOBN(0x84f21fd5, 0x34a1202f),
-     TOBN(0x1d1e3181, 0x4e9df3d8), TOBN(0x1ca4861a, 0x39ab8d34),
-     TOBN(0x809ddeec, 0x5b19aa4a), TOBN(0x59f72f7e, 0x4d329366),
-     TOBN(0xa2f93f41, 0x386d5087), TOBN(0x40bf739c, 0xdd67d64f),
-     TOBN(0xb4494205, 0x66702158), TOBN(0xc33c65be, 0x73b1e178),
-     TOBN(0xcdcd657c, 0x38ca6153), TOBN(0x97f4519a, 0xdc791976),
-     TOBN(0xcc7c7f29, 0xcd6e1f39), TOBN(0x38de9cfb, 0x7e3c3932),
-     TOBN(0xe448eba3, 0x7b793f85), TOBN(0xe9f8dbf9, 0xf067e914),
-     TOBN(0xc0390266, 0xf114ae87), TOBN(0x39ed75a7, 0xcd6a8e2a),
-     TOBN(0xadb14848, 0x7ffba390), TOBN(0x67f8cb8b, 0x6af9bc09),
-     TOBN(0x322c3848, 0x9c7476db), TOBN(0xa320fecf, 0x52a538d6),
-     TOBN(0xe0493002, 0xb2aced2b), TOBN(0xdfba1809, 0x616bd430),
-     TOBN(0x531c4644, 0xc331be70), TOBN(0xbc04d32e, 0x90d2e450),
-     TOBN(0x1805a0d1, 0x0f9f142d), TOBN(0x2c44a0c5, 0x47ee5a23),
-     TOBN(0x31875a43, 0x3989b4e3), TOBN(0x6b1949fd, 0x0c063481),
-     TOBN(0x2dfb9e08, 0xbe0f4492), TOBN(0x3ff0da03, 0xe9d5e517),
-     TOBN(0x03dbe9a1, 0xf79466a8), TOBN(0x0b87bcd0, 0x15ea9932),
-     TOBN(0xeb64fc83, 0xab1f58ab), TOBN(0x6d9598da, 0x817edc8a),
-     TOBN(0x699cff66, 0x1d3b67e5), TOBN(0x645c0f29, 0x92635853),
-     TOBN(0x253cdd82, 0xeabaf21c), TOBN(0x82b9602a, 0x2241659e),
-     TOBN(0x2cae07ec, 0x2d9f7091), TOBN(0xbe4c720c, 0x8b48cd9b),
-     TOBN(0x6ce5bc03, 0x6f08d6c9), TOBN(0x36e8a997, 0xaf10bf40),
-     TOBN(0x83422d21, 0x3e10ff12), TOBN(0x7b26d3eb, 0xbcc12494),
-     TOBN(0xb240d2d0, 0xc9469ad6), TOBN(0xc4a11b4d, 0x30afa05b),
-     TOBN(0x4b604ace, 0xdd6ba286), TOBN(0x18486600, 0x3ee2864c),
-     TOBN(0x5869d6ba, 0x8d9ce5be), TOBN(0x0d8f68c5, 0xff4bfb0d),
-     TOBN(0xb69f210b, 0x5700cf73), TOBN(0x61f6653a, 0x6d37c135),
-     TOBN(0xff3d432b, 0x5aff5a48), TOBN(0x0d81c4b9, 0x72ba3a69),
-     TOBN(0xee879ae9, 0xfa1899ef), TOBN(0xbac7e2a0, 0x2d6acafd),
-     TOBN(0xd6d93f6c, 0x1c664399), TOBN(0x4c288de1, 0x5bcb135d),
-     TOBN(0x83031dab, 0x9dab7cbf), TOBN(0xfe23feb0, 0x3abbf5f0),
-     TOBN(0x9f1b2466, 0xcdedca85), TOBN(0x140bb710, 0x1a09538c),
-     TOBN(0xac8ae851, 0x5e11115d), TOBN(0x0d63ff67, 0x6f03f59e),
-     TOBN(0x755e5551, 0x7d234afb), TOBN(0x61c2db4e, 0x7e208fc1),
-     TOBN(0xaa9859ce, 0xf28a4b5d), TOBN(0xbdd6d4fc, 0x34af030f),
-     TOBN(0xd1c4a26d, 0x3be01cb1), TOBN(0x9ba14ffc, 0x243aa07c),
-     TOBN(0xf95cd3a9, 0xb2503502), TOBN(0xe379bc06, 0x7d2a93ab),
-     TOBN(0x3efc18e9, 0xd4ca8d68), TOBN(0x083558ec, 0x80bb412a),
-     TOBN(0xd903b940, 0x9645a968), TOBN(0xa499f0b6, 0x9ba6054f),
-     TOBN(0x208b573c, 0xb8349abe), TOBN(0x3baab3e5, 0x30b4fc1c),
-     TOBN(0x87e978ba, 0xcb524990), TOBN(0x3524194e, 0xccdf0e80),
-     TOBN(0x62711725, 0x7d4bcc42), TOBN(0xe90a3d9b, 0xb90109ba),
-     TOBN(0x3b1bdd57, 0x1323e1e0), TOBN(0xb78e9bd5, 0x5eae1599),
-     TOBN(0x0794b746, 0x9e03d278), TOBN(0x80178605, 0xd70e6297),
-     TOBN(0x171792f8, 0x99c97855), TOBN(0x11b393ee, 0xf5a86b5c),
-     TOBN(0x48ef6582, 0xd8884f27), TOBN(0xbd44737a, 0xbf19ba5f),
-     TOBN(0x8698de4c, 0xa42062c6), TOBN(0x8975eb80, 0x61ce9c54),
-     TOBN(0xd50e57c7, 0xd7fe71f3), TOBN(0x15342190, 0xbc97ce38),
-     TOBN(0x51bda2de, 0x4df07b63), TOBN(0xba12aeae, 0x200eb87d),
-     TOBN(0xabe135d2, 0xa9b4f8f6), TOBN(0x04619d65, 0xfad6d99c),
-     TOBN(0x4a6683a7, 0x7994937c), TOBN(0x7a778c8b, 0x6f94f09a),
-     TOBN(0x8c508623, 0x20a71b89), TOBN(0x241a2aed, 0x1c229165),
-     TOBN(0x352be595, 0xaaf83a99), TOBN(0x9fbfee7f, 0x1562bac8),
-     TOBN(0xeaf658b9, 0x5c4017e3), TOBN(0x1dc7f9e0, 0x15120b86),
-     TOBN(0xd84f13dd, 0x4c034d6f), TOBN(0x283dd737, 0xeaea3038),
-     TOBN(0x197f2609, 0xcd85d6a2), TOBN(0x6ebbc345, 0xfae60177),
-     TOBN(0xb80f031b, 0x4e12fede), TOBN(0xde55d0c2, 0x07a2186b),
-     TOBN(0x1fb3e37f, 0x24dcdd5a), TOBN(0x8d602da5, 0x7ed191fb),
-     TOBN(0x108fb056, 0x76023e0d), TOBN(0x70178c71, 0x459c20c0),
-     TOBN(0xfad5a386, 0x3fe54cf0), TOBN(0xa4a3ec4f, 0x02bbb475),
-     TOBN(0x1aa5ec20, 0x919d94d7), TOBN(0x5d3b63b5, 0xa81e4ab3),
-     TOBN(0x7fa733d8, 0x5ad3d2af), TOBN(0xfbc586dd, 0xd1ac7a37),
-     TOBN(0x282925de, 0x40779614), TOBN(0xfe0ffffb, 0xe74a242a),
-     TOBN(0x3f39e67f, 0x906151e5), TOBN(0xcea27f5f, 0x55e10649),
-     TOBN(0xdca1d4e1, 0xc17cf7b7), TOBN(0x0c326d12, 0x2fe2362d),
-     TOBN(0x05f7ac33, 0x7dd35df3), TOBN(0x0c3b7639, 0xc396dbdf),
-     TOBN(0x0912f5ac, 0x03b7db1c), TOBN(0x9dea4b70, 0x5c9ed4a9),
-     TOBN(0x475e6e53, 0xaae3f639), TOBN(0xfaba0e7c, 0xfc278bac),
-     TOBN(0x16f9e221, 0x9490375f), TOBN(0xaebf9746, 0xa5a7ed0a),
-     TOBN(0x45f9af3f, 0xf41ad5d6), TOBN(0x03c4623c, 0xb2e99224),
-     TOBN(0x82c5bb5c, 0xb3cf56aa), TOBN(0x64311819, 0x34567ed3),
-     TOBN(0xec57f211, 0x8be489ac), TOBN(0x2821895d, 0xb9a1104b),
-     TOBN(0x610dc875, 0x6064e007), TOBN(0x8e526f3f, 0x5b20d0fe),
-     TOBN(0x6e71ca77, 0x5b645aee), TOBN(0x3d1dcb9f, 0x800e10ff),
-     TOBN(0x36b51162, 0x189cf6de), TOBN(0x2c5a3e30, 0x6bb17353),
-     TOBN(0xc186cd3e, 0x2a6c6fbf), TOBN(0xa74516fa, 0x4bf97906),
-     TOBN(0x5b4b8f4b, 0x279d6901), TOBN(0x0c4e57b4, 0x2b573743),
-     TOBN(0x75fdb229, 0xb6e386b6), TOBN(0xb46793fd, 0x99deac27),
-     TOBN(0xeeec47ea, 0xcf712629), TOBN(0xe965f3c4, 0xcbc3b2dd),
-     TOBN(0x8dd1fb83, 0x425c6559), TOBN(0x7fc00ee6, 0x0af06fda),
-     TOBN(0xe98c9225, 0x33d956df), TOBN(0x0f1ef335, 0x4fbdc8a2),
-     TOBN(0x2abb5145, 0xb79b8ea2), TOBN(0x40fd2945, 0xbdbff288),
-     TOBN(0x6a814ac4, 0xd7185db7), TOBN(0xc4329d6f, 0xc084609a),
-     TOBN(0xc9ba7b52, 0xed1be45d), TOBN(0x891dd20d, 0xe4cd2c74),
-     TOBN(0x5a4d4a7f, 0x824139b1), TOBN(0x66c17716, 0xb873c710),
-     TOBN(0x5e5bc141, 0x2843c4e0), TOBN(0xd5ac4817, 0xb97eb5bf),
-     TOBN(0xc0f8af54, 0x450c95c7), TOBN(0xc91b3fa0, 0x318406c5),
-     TOBN(0x360c340a, 0xab9d97f8), TOBN(0xfb57bd07, 0x90a2d611),
-     TOBN(0x4339ae3c, 0xa6a6f7e5), TOBN(0x9c1fcd2a, 0x2feb8a10),
-     TOBN(0x972bcca9, 0xc7ea7432), TOBN(0x1b0b924c, 0x308076f6),
-     TOBN(0x80b2814a, 0x2a5b4ca5), TOBN(0x2f78f55b, 0x61ef3b29),
-     TOBN(0xf838744a, 0xc18a414f), TOBN(0xc611eaae, 0x903d0a86),
-     TOBN(0x94dabc16, 0x2a453f55), TOBN(0xe6f2e3da, 0x14efb279),
-     TOBN(0x5b7a6017, 0x9320dc3c), TOBN(0x692e382f, 0x8df6b5a4),
-     TOBN(0x3f5e15e0, 0x2d40fa90), TOBN(0xc87883ae, 0x643dd318),
-     TOBN(0x511053e4, 0x53544774), TOBN(0x834d0ecc, 0x3adba2bc),
-     TOBN(0x4215d7f7, 0xbae371f5), TOBN(0xfcfd57bf, 0x6c8663bc),
-     TOBN(0xded2383d, 0xd6901b1d), TOBN(0x3b49fbb4, 0xb5587dc3),
-     TOBN(0xfd44a08d, 0x07625f62), TOBN(0x3ee4d65b, 0x9de9b762),}
-    ,
-    {TOBN(0x64e5137d, 0x0d63d1fa), TOBN(0x658fc052, 0x02a9d89f),
-     TOBN(0x48894874, 0x50436309), TOBN(0xe9ae30f8, 0xd598da61),
-     TOBN(0x2ed710d1, 0x818baf91), TOBN(0xe27e9e06, 0x8b6a0c20),
-     TOBN(0x1e28dcfb, 0x1c1a6b44), TOBN(0x883acb64, 0xd6ac57dc),
-     TOBN(0x8735728d, 0xc2c6ff70), TOBN(0x79d6122f, 0xc5dc2235),
-     TOBN(0x23f5d003, 0x19e277f9), TOBN(0x7ee84e25, 0xdded8cc7),
-     TOBN(0x91a8afb0, 0x63cd880a), TOBN(0x3f3ea7c6, 0x3574af60),
-     TOBN(0x0cfcdc84, 0x02de7f42), TOBN(0x62d0792f, 0xb31aa152),
-     TOBN(0x8e1b4e43, 0x8a5807ce), TOBN(0xad283893, 0xe4109a7e),
-     TOBN(0xc30cc9cb, 0xafd59dda), TOBN(0xf65f36c6, 0x3d8d8093),
-     TOBN(0xdf31469e, 0xa60d32b2), TOBN(0xee93df4b, 0x3e8191c8),
-     TOBN(0x9c1017c5, 0x355bdeb5), TOBN(0xd2623185, 0x8616aa28),
-     TOBN(0xb02c83f9, 0xdec31a21), TOBN(0x988c8b23, 0x6ad9d573),
-     TOBN(0x53e983ae, 0xa57be365), TOBN(0xe968734d, 0x646f834e),
-     TOBN(0x9137ea8f, 0x5da6309b), TOBN(0x10f3a624, 0xc1f1ce16),
-     TOBN(0x782a9ea2, 0xca440921), TOBN(0xdf94739e, 0x5b46f1b5),
-     TOBN(0x9f9be006, 0xcce85c9b), TOBN(0x360e70d6, 0xa4c7c2d3),
-     TOBN(0x2cd5beea, 0xaefa1e60), TOBN(0x64cf63c0, 0x8c3d2b6d),
-     TOBN(0xfb107fa3, 0xe1cf6f90), TOBN(0xb7e937c6, 0xd5e044e6),
-     TOBN(0x74e8ca78, 0xce34db9f), TOBN(0x4f8b36c1, 0x3e210bd0),
-     TOBN(0x1df165a4, 0x34a35ea8), TOBN(0x3418e0f7, 0x4d4412f6),
-     TOBN(0x5af1f8af, 0x518836c3), TOBN(0x42ceef4d, 0x130e1965),
-     TOBN(0x5560ca0b, 0x543a1957), TOBN(0xc33761e5, 0x886cb123),
-     TOBN(0x66624b1f, 0xfe98ed30), TOBN(0xf772f4bf, 0x1090997d),
-     TOBN(0xf4e540bb, 0x4885d410), TOBN(0x7287f810, 0x9ba5f8d7),
-     TOBN(0x22d0d865, 0xde98dfb1), TOBN(0x49ff51a1, 0xbcfbb8a3),
-     TOBN(0xb6b6fa53, 0x6bc3012e), TOBN(0x3d31fd72, 0x170d541d),
-     TOBN(0x8018724f, 0x4b0f4966), TOBN(0x79e7399f, 0x87dbde07),
-     TOBN(0x56f8410e, 0xf4f8b16a), TOBN(0x97241afe, 0xc47b266a),
-     TOBN(0x0a406b8e, 0x6d9c87c1), TOBN(0x803f3e02, 0xcd42ab1b),
-     TOBN(0x7f0309a8, 0x04dbec69), TOBN(0xa83b85f7, 0x3bbad05f),
-     TOBN(0xc6097273, 0xad8e197f), TOBN(0xc097440e, 0x5067adc1),
-     TOBN(0x730eafb6, 0x3524ff16), TOBN(0xd7f9b51e, 0x823fc6ce),
-     TOBN(0x27bd0d32, 0x443e4ac0), TOBN(0x40c59ad9, 0x4d66f217),
-     TOBN(0x6c33136f, 0x17c387a4), TOBN(0x5043b8d5, 0xeb86804d),
-     TOBN(0x74970312, 0x675a73c9), TOBN(0x838fdb31, 0xf16669b6),
-     TOBN(0xc507b6dd, 0x418e7ddd), TOBN(0x39888d93, 0x472f19d6),
-     TOBN(0x7eae26be, 0x0c27eb4d), TOBN(0x17b53ed3, 0xfbabb884),
-     TOBN(0xfc27021b, 0x2b01ae4f), TOBN(0x88462e87, 0xcf488682),
-     TOBN(0xbee096ec, 0x215e2d87), TOBN(0xeb2fea9a, 0xd242e29b),
-     TOBN(0x5d985b5f, 0xb821fc28), TOBN(0x89d2e197, 0xdc1e2ad2),
-     TOBN(0x55b566b8, 0x9030ba62), TOBN(0xe3fd41b5, 0x4f41b1c6),
-     TOBN(0xb738ac2e, 0xb9a96d61), TOBN(0x7f8567ca, 0x369443f4),
-     TOBN(0x8698622d, 0xf803a440), TOBN(0x2b586236, 0x8fe2f4dc),
-     TOBN(0xbbcc00c7, 0x56b95bce), TOBN(0x5ec03906, 0x616da680),
-     TOBN(0x79162ee6, 0x72214252), TOBN(0x43132b63, 0x86a892d2),
-     TOBN(0x4bdd3ff2, 0x2f3263bf), TOBN(0xd5b3733c, 0x9cd0a142),
-     TOBN(0x592eaa82, 0x44415ccb), TOBN(0x663e8924, 0x8d5474ea),
-     TOBN(0x8058a25e, 0x5236344e), TOBN(0x82e8df9d, 0xbda76ee6),
-     TOBN(0xdcf6efd8, 0x11cc3d22), TOBN(0x00089cda, 0x3b4ab529),
-     TOBN(0x91d3a071, 0xbd38a3db), TOBN(0x4ea97fc0, 0xef72b925),
-     TOBN(0x0c9fc15b, 0xea3edf75), TOBN(0x5a6297cd, 0xa4348ed3),
-     TOBN(0x0d38ab35, 0xce7c42d4), TOBN(0x9fd493ef, 0x82feab10),
-     TOBN(0x46056b6d, 0x82111b45), TOBN(0xda11dae1, 0x73efc5c3),
-     TOBN(0xdc740278, 0x5545a7fb), TOBN(0xbdb2601c, 0x40d507e6),
-     TOBN(0x121dfeeb, 0x7066fa58), TOBN(0x214369a8, 0x39ae8c2a),
-     TOBN(0x195709cb, 0x06e0956c), TOBN(0x4c9d254f, 0x010cd34b),
-     TOBN(0xf51e13f7, 0x0471a532), TOBN(0xe19d6791, 0x1e73054d),
-     TOBN(0xf702a628, 0xdb5c7be3), TOBN(0xc7141218, 0xb24dde05),
-     TOBN(0xdc18233c, 0xf29b2e2e), TOBN(0x3a6bd1e8, 0x85342dba),
-     TOBN(0x3f747fa0, 0xb311898c), TOBN(0xe2a272e4, 0xcd0eac65),
-     TOBN(0x4bba5851, 0xf914d0bc), TOBN(0x7a1a9660, 0xc4a43ee3),
-     TOBN(0xe5a367ce, 0xa1c8cde9), TOBN(0x9d958ba9, 0x7271abe3),
-     TOBN(0xf3ff7eb6, 0x3d1615cd), TOBN(0xa2280dce, 0xf5ae20b0),
-     TOBN(0x56dba5c1, 0xcf640147), TOBN(0xea5a2e3d, 0x5e83d118),
-     TOBN(0x04cd6b6d, 0xda24c511), TOBN(0x1c0f4671, 0xe854d214),
-     TOBN(0x91a6b7a9, 0x69565381), TOBN(0xdc966240, 0xdecf1f5b),
-     TOBN(0x1b22d21c, 0xfcf5d009), TOBN(0x2a05f641, 0x9021dbd5),
-     TOBN(0x8c0ed566, 0xd4312483), TOBN(0x5179a95d, 0x643e216f),
-     TOBN(0xcc185fec, 0x17044493), TOBN(0xb3063339, 0x54991a21),
-     TOBN(0xd801ecdb, 0x0081a726), TOBN(0x0149b0c6, 0x4fa89bbb),
-     TOBN(0xafe9065a, 0x4391b6b9), TOBN(0xedc92786, 0xd633f3a3),
-     TOBN(0xe408c24a, 0xae6a8e13), TOBN(0x85833fde, 0x9f3897ab),
-     TOBN(0x43800e7e, 0xd81a0715), TOBN(0xde08e346, 0xb44ffc5f),
-     TOBN(0x7094184c, 0xcdeff2e0), TOBN(0x49f9387b, 0x165eaed1),
-     TOBN(0x635d6129, 0x777c468a), TOBN(0x8c0dcfd1, 0x538c2dd8),
-     TOBN(0xd6d9d9e3, 0x7a6a308b), TOBN(0x62375830, 0x4c2767d3),
-     TOBN(0x874a8bc6, 0xf38cbeb6), TOBN(0xd94d3f1a, 0xccb6fd9e),
-     TOBN(0x92a9735b, 0xba21f248), TOBN(0x272ad0e5, 0x6cd1efb0),
-     TOBN(0x7437b69c, 0x05b03284), TOBN(0xe7f04702, 0x6948c225),
-     TOBN(0x8a56c04a, 0xcba2ecec), TOBN(0x0c181270, 0xe3a73e41),
-     TOBN(0x6cb34e9d, 0x03e93725), TOBN(0xf77c8713, 0x496521a9),
-     TOBN(0x94569183, 0xfa7f9f90), TOBN(0xf2e7aa4c, 0x8c9707ad),
-     TOBN(0xced2c9ba, 0x26c1c9a3), TOBN(0x9109fe96, 0x40197507),
-     TOBN(0x9ae868a9, 0xe9adfe1c), TOBN(0x3984403d, 0x314e39bb),
-     TOBN(0xb5875720, 0xf2fe378f), TOBN(0x33f901e0, 0xba44a628),
-     TOBN(0xea1125fe, 0x3652438c), TOBN(0xae9ec4e6, 0x9dd1f20b),
-     TOBN(0x1e740d9e, 0xbebf7fbd), TOBN(0x6dbd3ddc, 0x42dbe79c),
-     TOBN(0x62082aec, 0xedd36776), TOBN(0xf612c478, 0xe9859039),
-     TOBN(0xa493b201, 0x032f7065), TOBN(0xebd4d8f2, 0x4ff9b211),
-     TOBN(0x3f23a0aa, 0xaac4cb32), TOBN(0xea3aadb7, 0x15ed4005),
-     TOBN(0xacf17ea4, 0xafa27e63), TOBN(0x56125c1a, 0xc11fd66c),
-     TOBN(0x266344a4, 0x3794f8dc), TOBN(0xdcca923a, 0x483c5c36),
-     TOBN(0x2d6b6bbf, 0x3f9d10a0), TOBN(0xb320c5ca, 0x81d9bdf3),
-     TOBN(0x620e28ff, 0x47b50a95), TOBN(0x933e3b01, 0xcef03371),
-     TOBN(0xf081bf85, 0x99100153), TOBN(0x183be9a0, 0xc3a8c8d6),
-     TOBN(0x4e3ddc5a, 0xd6bbe24d), TOBN(0xc6c74630, 0x53843795),
-     TOBN(0x78193dd7, 0x65ec2d4c), TOBN(0xb8df26cc, 0xcd3c89b2),
-     TOBN(0x98dbe399, 0x5a483f8d), TOBN(0x72d8a957, 0x7dd3313a),
-     TOBN(0x65087294, 0xab0bd375), TOBN(0xfcd89248, 0x7c259d16),
-     TOBN(0x8a9443d7, 0x7613aa81), TOBN(0x80100800, 0x85fe6584),
-     TOBN(0x70fc4dbc, 0x7fb10288), TOBN(0xf58280d3, 0xe86beee8),
-     TOBN(0x14fdd82f, 0x7c978c38), TOBN(0xdf1204c1, 0x0de44d7b),
-     TOBN(0xa08a1c84, 0x4160252f), TOBN(0x591554ca, 0xc17646a5),
-     TOBN(0x214a37d6, 0xa05bd525), TOBN(0x48d5f09b, 0x07957b3c),
-     TOBN(0x0247cdcb, 0xd7109bc9), TOBN(0x40f9e4bb, 0x30599ce7),
-     TOBN(0xc325fa03, 0xf46ad2ec), TOBN(0x00f766cf, 0xc3e3f9ee),
-     TOBN(0xab556668, 0xd43a4577), TOBN(0x68d30a61, 0x3ee03b93),
-     TOBN(0x7ddc81ea, 0x77b46a08), TOBN(0xcf5a6477, 0xc7480699),
-     TOBN(0x43a8cb34, 0x6633f683), TOBN(0x1b867e6b, 0x92363c60),
-     TOBN(0x43921114, 0x1f60558e), TOBN(0xcdbcdd63, 0x2f41450e),
-     TOBN(0x7fc04601, 0xcc630e8b), TOBN(0xea7c66d5, 0x97038b43),
-     TOBN(0x7259b8a5, 0x04e99fd8), TOBN(0x98a8dd12, 0x4785549a),
-     TOBN(0x0e459a7c, 0x840552e1), TOBN(0xcdfcf4d0, 0x4bb0909e),
-     TOBN(0x34a86db2, 0x53758da7), TOBN(0xe643bb83, 0xeac997e1),
-     TOBN(0x96400bd7, 0x530c5b7e), TOBN(0x9f97af87, 0xb41c8b52),
-     TOBN(0x34fc8820, 0xfbeee3f9), TOBN(0x93e53490, 0x49091afd),
-     TOBN(0x764b9be5, 0x9a31f35c), TOBN(0x71f37864, 0x57e3d924),
-     TOBN(0x02fb34e0, 0x943aa75e), TOBN(0xa18c9c58, 0xab8ff6e4),
-     TOBN(0x080f31b1, 0x33cf0d19), TOBN(0x5c9682db, 0x083518a7),
-     TOBN(0x873d4ca6, 0xb709c3de), TOBN(0x64a84262, 0x3575b8f0),
-     TOBN(0x6275da1f, 0x020154bb), TOBN(0x97678caa, 0xd17cf1ab),
-     TOBN(0x8779795f, 0x951a95c3), TOBN(0xdd35b163, 0x50fccc08),
-     TOBN(0x32709627, 0x33d8f031), TOBN(0x3c5ab10a, 0x498dd85c),
-     TOBN(0xb6c185c3, 0x41dca566), TOBN(0x7de7feda, 0xd8622aa3),
-     TOBN(0x99e84d92, 0x901b6dfb), TOBN(0x30a02b0e, 0x7c4ad288),
-     TOBN(0xc7c81daa, 0x2fd3cf36), TOBN(0xd1319547, 0xdf89e59f),
-     TOBN(0xb2be8184, 0xcd496733), TOBN(0xd5f449eb, 0x93d3412b),
-     TOBN(0x7ea41b1b, 0x25fe531d), TOBN(0xf9797432, 0x6a1d5646),
-     TOBN(0x86067f72, 0x2bde501a), TOBN(0xf91481c0, 0x0c85e89c),
-     TOBN(0xca8ee465, 0xf8b05bc6), TOBN(0x1844e1cf, 0x02e83cda),
-     TOBN(0xca82114a, 0xb4dbe33b), TOBN(0x0f9f8769, 0x4eabfde2),
-     TOBN(0x4936b1c0, 0x38b27fe2), TOBN(0x63b6359b, 0xaba402df),
-     TOBN(0x40c0ea2f, 0x656bdbab), TOBN(0x9c992a89, 0x6580c39c),
-     TOBN(0x600e8f15, 0x2a60aed1), TOBN(0xeb089ca4, 0xe0bf49df),
-     TOBN(0x9c233d7d, 0x2d42d99a), TOBN(0x648d3f95, 0x4c6bc2fa),
-     TOBN(0xdcc383a8, 0xe1add3f3), TOBN(0xf42c0c6a, 0x4f64a348),
-     TOBN(0x2abd176f, 0x0030dbdb), TOBN(0x4de501a3, 0x7d6c215e),
-     TOBN(0x4a107c1f, 0x4b9a64bc), TOBN(0xa77f0ad3, 0x2496cd59),
-     TOBN(0xfb78ac62, 0x7688dffb), TOBN(0x7025a2ca, 0x67937d8e),
-     TOBN(0xfde8b2d1, 0xd1a8f4e7), TOBN(0xf5b3da47, 0x7354927c),
-     TOBN(0xe48606a3, 0xd9205735), TOBN(0xac477cc6, 0xe177b917),
-     TOBN(0xfb1f73d2, 0xa883239a), TOBN(0xe12572f6, 0xcc8b8357),
-     TOBN(0x9d355e9c, 0xfb1f4f86), TOBN(0x89b795f8, 0xd9f3ec6e),
-     TOBN(0x27be56f1, 0xb54398dc), TOBN(0x1890efd7, 0x3fedeed5),
-     TOBN(0x62f77f1f, 0x9c6d0140), TOBN(0x7ef0e314, 0x596f0ee4),
-     TOBN(0x50ca6631, 0xcc61dab3), TOBN(0x4a39801d, 0xf4866e4f),
-     TOBN(0x66c8d032, 0xae363b39), TOBN(0x22c591e5, 0x2ead66aa),
-     TOBN(0x954ba308, 0xde02a53e), TOBN(0x2a6c060f, 0xd389f357),
-     TOBN(0xe6cfcde8, 0xfbf40b66), TOBN(0x8e02fc56, 0xc6340ce1),
-     TOBN(0xe4957795, 0x73adb4ba), TOBN(0x7b86122c, 0xa7b03805),
-     TOBN(0x63f83512, 0x0c8e6fa6), TOBN(0x83660ea0, 0x057d7804),
-     TOBN(0xbad79105, 0x21ba473c), TOBN(0xb6c50bee, 0xded5389d),
-     TOBN(0xee2caf4d, 0xaa7c9bc0), TOBN(0xd97b8de4, 0x8c4e98a7),
-     TOBN(0xa9f63e70, 0xab3bbddb), TOBN(0x3898aabf, 0x2597815a),
-     TOBN(0x7659af89, 0xac15b3d9), TOBN(0xedf7725b, 0x703ce784),
-     TOBN(0x25470fab, 0xe085116b), TOBN(0x04a43375, 0x87285310),
-     TOBN(0x4e39187e, 0xe2bfd52f), TOBN(0x36166b44, 0x7d9ebc74),
-     TOBN(0x92ad433c, 0xfd4b322c), TOBN(0x726aa817, 0xba79ab51),
-     TOBN(0xf96eacd8, 0xc1db15eb), TOBN(0xfaf71e91, 0x0476be63),
-     TOBN(0xdd69a640, 0x641fad98), TOBN(0xb7995918, 0x29622559),
-     TOBN(0x03c6daa5, 0xde4199dc), TOBN(0x92cadc97, 0xad545eb4),
-     TOBN(0x1028238b, 0x256534e4), TOBN(0x73e80ce6, 0x8595409a),
-     TOBN(0x690d4c66, 0xd05dc59b), TOBN(0xc95f7b8f, 0x981dee80),
-     TOBN(0xf4337014, 0xd856ac25), TOBN(0x441bd9dd, 0xac524dca),
-     TOBN(0x640b3d85, 0x5f0499f5), TOBN(0x39cf84a9, 0xd5fda182),
-     TOBN(0x04e7b055, 0xb2aa95a0), TOBN(0x29e33f0a, 0x0ddf1860),
-     TOBN(0x082e74b5, 0x423f6b43), TOBN(0x217edeb9, 0x0aaa2b0f),
-     TOBN(0x58b83f35, 0x83cbea55), TOBN(0xc485ee4d, 0xbc185d70),
-     TOBN(0x833ff03b, 0x1e5f6992), TOBN(0xb5b9b9cc, 0xcf0c0dd5),
-     TOBN(0x7caaee8e, 0x4e9e8a50), TOBN(0x462e907b, 0x6269dafd),
-     TOBN(0x6ed5cee9, 0xfbe791c6), TOBN(0x68ca3259, 0xed430790),
-     TOBN(0x2b72bdf2, 0x13b5ba88), TOBN(0x60294c8a, 0x35ef0ac4),
-     TOBN(0x9c3230ed, 0x19b99b08), TOBN(0x560fff17, 0x6c2589aa),
-     TOBN(0x552b8487, 0xd6770374), TOBN(0xa373202d, 0x9a56f685),
-     TOBN(0xd3e7f907, 0x45f175d9), TOBN(0x3c2f315f, 0xd080d810),
-     TOBN(0x1130e9dd, 0x7b9520e8), TOBN(0xc078f9e2, 0x0af037b5),
-     TOBN(0x38cd2ec7, 0x1e9c104c), TOBN(0x0f684368, 0xc472fe92),
-     TOBN(0xd3f1b5ed, 0x6247e7ef), TOBN(0xb32d33a9, 0x396dfe21),
-     TOBN(0x46f59cf4, 0x4a9aa2c2), TOBN(0x69cd5168, 0xff0f7e41),
-     TOBN(0x3f59da0f, 0x4b3234da), TOBN(0xcf0b0235, 0xb4579ebe),
-     TOBN(0x6d1cbb25, 0x6d2476c7), TOBN(0x4f0837e6, 0x9dc30f08),
-     TOBN(0x9a4075bb, 0x906f6e98), TOBN(0x253bb434, 0xc761e7d1),
-     TOBN(0xde2e645f, 0x6e73af10), TOBN(0xb89a4060, 0x0c5f131c),
-     TOBN(0xd12840c5, 0xb8cc037f), TOBN(0x3d093a5b, 0x7405bb47),
-     TOBN(0x6202c253, 0x206348b8), TOBN(0xbf5d57fc, 0xc55a3ca7),
-     TOBN(0x89f6c90c, 0x8c3bef48), TOBN(0x23ac7623, 0x5a0a960a),
-     TOBN(0xdfbd3d6b, 0x552b42ab), TOBN(0x3ef22458, 0x132061f6),
-     TOBN(0xd74e9bda, 0xc97e6516), TOBN(0x88779360, 0xc230f49e),
-     TOBN(0xa6ec1de3, 0x1e74ea49), TOBN(0x581dcee5, 0x3fb645a2),
-     TOBN(0xbaef2391, 0x8f483f14), TOBN(0x6d2dddfc, 0xd137d13b),
-     TOBN(0x54cde50e, 0xd2743a42), TOBN(0x89a34fc5, 0xe4d97e67),
-     TOBN(0x13f1f5b3, 0x12e08ce5), TOBN(0xa80540b8, 0xa7f0b2ca),
-     TOBN(0x854bcf77, 0x01982805), TOBN(0xb8653ffd, 0x233bea04),
-     TOBN(0x8e7b8787, 0x02b0b4c9), TOBN(0x2675261f, 0x9acb170a),
-     TOBN(0x061a9d90, 0x930c14e5), TOBN(0xb59b30e0, 0xdef0abea),
-     TOBN(0x1dc19ea6, 0x0200ec7d), TOBN(0xb6f4a3f9, 0x0bce132b),
-     TOBN(0xb8d5de90, 0xf13e27e0), TOBN(0xbaee5ef0, 0x1fade16f),
-     TOBN(0x6f406aaa, 0xe4c6cf38), TOBN(0xab4cfe06, 0xd1369815),
-     TOBN(0x0dcffe87, 0xefd550c6), TOBN(0x9d4f59c7, 0x75ff7d39),
-     TOBN(0xb02553b1, 0x51deb6ad), TOBN(0x812399a4, 0xb1877749),
-     TOBN(0xce90f71f, 0xca6006e1), TOBN(0xc32363a6, 0xb02b6e77),
-     TOBN(0x02284fbe, 0xdc36c64d), TOBN(0x86c81e31, 0xa7e1ae61),
-     TOBN(0x2576c7e5, 0xb909d94a), TOBN(0x8b6f7d02, 0x818b2bb0),
-     TOBN(0xeca3ed07, 0x56faa38a), TOBN(0xa3790e6c, 0x9305bb54),
-     TOBN(0xd784eeda, 0x7bc73061), TOBN(0xbd56d369, 0x6dd50614),
-     TOBN(0xd6575949, 0x229a8aa9), TOBN(0xdcca8f47, 0x4595ec28),
-     TOBN(0x814305c1, 0x06ab4fe6), TOBN(0xc8c39768, 0x24f43f16),
-     TOBN(0xe2a45f36, 0x523f2b36), TOBN(0x995c6493, 0x920d93bb),
-     TOBN(0xf8afdab7, 0x90f1632b), TOBN(0x79ebbecd, 0x1c295954),
-     TOBN(0xc7bb3ddb, 0x79592f48), TOBN(0x67216a7b, 0x5f88e998),
-     TOBN(0xd91f098b, 0xbc01193e), TOBN(0xf7d928a5, 0xb1db83fc),
-     TOBN(0x55e38417, 0xe991f600), TOBN(0x2a91113e, 0x2981a934),
-     TOBN(0xcbc9d648, 0x06b13bde), TOBN(0xb011b6ac, 0x0755ff44),
-     TOBN(0x6f4cb518, 0x045ec613), TOBN(0x522d2d31, 0xc2f5930a),
-     TOBN(0x5acae1af, 0x382e65de), TOBN(0x57643067, 0x27bc966f),
-     TOBN(0x5e12705d, 0x1c7193f0), TOBN(0xf0f32f47, 0x3be8858e),
-     TOBN(0x785c3d7d, 0x96c6dfc7), TOBN(0xd75b4a20, 0xbf31795d),
-     TOBN(0x91acf17b, 0x342659d4), TOBN(0xe596ea34, 0x44f0378f),
-     TOBN(0x4515708f, 0xce52129d), TOBN(0x17387e1e, 0x79f2f585),
-     TOBN(0x72cfd2e9, 0x49dee168), TOBN(0x1ae05223, 0x3e2af239),
-     TOBN(0x009e75be, 0x1d94066a), TOBN(0x6cca31c7, 0x38abf413),
-     TOBN(0xb50bd61d, 0x9bc49908), TOBN(0x4a9b4a8c, 0xf5e2bc1e),
-     TOBN(0xeb6cc5f7, 0x946f83ac), TOBN(0x27da93fc, 0xebffab28),
-     TOBN(0xea314c96, 0x4821c8c5), TOBN(0x8de49ded, 0xa83c15f4),
-     TOBN(0x7a64cf20, 0x7af33004), TOBN(0x45f1bfeb, 0xc9627e10),
-     TOBN(0x878b0626, 0x54b9df60), TOBN(0x5e4fdc3c, 0xa95c0b33),
-     TOBN(0xe54a37ca, 0xc2035d8e), TOBN(0x9087cda9, 0x80f20b8c),
-     TOBN(0x36f61c23, 0x8319ade4), TOBN(0x766f287a, 0xde8cfdf8),
-     TOBN(0x48821948, 0x346f3705), TOBN(0x49a7b853, 0x16e4f4a2),
-     TOBN(0xb9b3f8a7, 0x5cedadfd), TOBN(0x8f562815, 0x8db2a815),
-     TOBN(0xc0b7d554, 0x01f68f95), TOBN(0x12971e27, 0x688a208e),
-     TOBN(0xc9f8b696, 0xd0ff34fc), TOBN(0x20824de2, 0x1222718c),
-     TOBN(0x7213cf9f, 0x0c95284d), TOBN(0xe2ad741b, 0xdc158240),
-     TOBN(0x0ee3a6df, 0x54043ccf), TOBN(0x16ff479b, 0xd84412b3),
-     TOBN(0xf6c74ee0, 0xdfc98af0), TOBN(0xa78a169f, 0x52fcd2fb),
-     TOBN(0xd8ae8746, 0x99c930e9), TOBN(0x1d33e858, 0x49e117a5),
-     TOBN(0x7581fcb4, 0x6624759f), TOBN(0xde50644f, 0x5bedc01d),
-     TOBN(0xbeec5d00, 0xcaf3155e), TOBN(0x672d66ac, 0xbc73e75f),
-     TOBN(0x86b9d8c6, 0x270b01db), TOBN(0xd249ef83, 0x50f55b79),
-     TOBN(0x6131d6d4, 0x73978fe3), TOBN(0xcc4e4542, 0x754b00a1),
-     TOBN(0x4e05df05, 0x57dfcfe9), TOBN(0x94b29cdd, 0x51ef6bf0),
-     TOBN(0xe4530cff, 0x9bc7edf2), TOBN(0x8ac236fd, 0xd3da65f3),
-     TOBN(0x0faf7d5f, 0xc8eb0b48), TOBN(0x4d2de14c, 0x660eb039),
-     TOBN(0xc006bba7, 0x60430e54), TOBN(0x10a2d0d6, 0xda3289ab),
-     TOBN(0x9c037a5d, 0xd7979c59), TOBN(0x04d1f3d3, 0xa116d944),
-     TOBN(0x9ff22473, 0x8a0983cd), TOBN(0x28e25b38, 0xc883cabb),
-     TOBN(0xe968dba5, 0x47a58995), TOBN(0x2c80b505, 0x774eebdf),
-     TOBN(0xee763b71, 0x4a953beb), TOBN(0x502e223f, 0x1642e7f6),
-     TOBN(0x6fe4b641, 0x61d5e722), TOBN(0x9d37c5b0, 0xdbef5316),
-     TOBN(0x0115ed70, 0xf8330bc7), TOBN(0x139850e6, 0x75a72789),
-     TOBN(0x27d7faec, 0xffceccc2), TOBN(0x3016a860, 0x4fd9f7f6),
-     TOBN(0xc492ec64, 0x4cd8f64c), TOBN(0x58a2d790, 0x279d7b51),
-     TOBN(0x0ced1fc5, 0x1fc75256), TOBN(0x3e658aed, 0x8f433017),
-     TOBN(0x0b61942e, 0x05da59eb), TOBN(0xba3d60a3, 0x0ddc3722),
-     TOBN(0x7c311cd1, 0x742e7f87), TOBN(0x6473ffee, 0xf6b01b6e),}
-    ,
-    {TOBN(0x8303604f, 0x692ac542), TOBN(0xf079ffe1, 0x227b91d3),
-     TOBN(0x19f63e63, 0x15aaf9bd), TOBN(0xf99ee565, 0xf1f344fb),
-     TOBN(0x8a1d661f, 0xd6219199), TOBN(0x8c883bc6, 0xd48ce41c),
-     TOBN(0x1065118f, 0x3c74d904), TOBN(0x713889ee, 0x0faf8b1b),
-     TOBN(0x972b3f8f, 0x81a1b3be), TOBN(0x4f3ce145, 0xce2764a0),
-     TOBN(0xe2d0f1cc, 0x28c4f5f7), TOBN(0xdeee0c0d, 0xc7f3985b),
-     TOBN(0x7df4adc0, 0xd39e25c3), TOBN(0x40619820, 0xc467a080),
-     TOBN(0x440ebc93, 0x61cf5a58), TOBN(0x527729a6, 0x422ad600),
-     TOBN(0xca6c0937, 0xb1b76ba6), TOBN(0x1a2eab85, 0x4d2026dc),
-     TOBN(0xb1715e15, 0x19d9ae0a), TOBN(0xf1ad9199, 0xbac4a026),
-     TOBN(0x35b3dfb8, 0x07ea7b0e), TOBN(0xedf5496f, 0x3ed9eb89),
-     TOBN(0x8932e5ff, 0x2d6d08ab), TOBN(0xf314874e, 0x25bd2731),
-     TOBN(0xefb26a75, 0x3f73f449), TOBN(0x1d1c94f8, 0x8d44fc79),
-     TOBN(0x49f0fbc5, 0x3bc0dc4d), TOBN(0xb747ea0b, 0x3698a0d0),
-     TOBN(0x5218c3fe, 0x228d291e), TOBN(0x35b804b5, 0x43c129d6),
-     TOBN(0xfac859b8, 0xd1acc516), TOBN(0x6c10697d, 0x95d6e668),
-     TOBN(0xc38e438f, 0x0876fd4e), TOBN(0x45f0c307, 0x83d2f383),
-     TOBN(0x203cc2ec, 0xb10934cb), TOBN(0x6a8f2439, 0x2c9d46ee),
-     TOBN(0xf16b431b, 0x65ccde7b), TOBN(0x41e2cd18, 0x27e76a6f),
-     TOBN(0xb9c8cf8f, 0x4e3484d7), TOBN(0x64426efd, 0x8315244a),
-     TOBN(0x1c0a8e44, 0xfc94dea3), TOBN(0x34c8cdbf, 0xdad6a0b0),
-     TOBN(0x919c3840, 0x04113cef), TOBN(0xfd32fba4, 0x15490ffa),
-     TOBN(0x58d190f6, 0x795dcfb7), TOBN(0xfef01b03, 0x83588baf),
-     TOBN(0x9e6d1d63, 0xca1fc1c0), TOBN(0x53173f96, 0xf0a41ac9),
-     TOBN(0x2b1d402a, 0xba16f73b), TOBN(0x2fb31014, 0x8cf9b9fc),
-     TOBN(0x2d51e60e, 0x446ef7bf), TOBN(0xc731021b, 0xb91e1745),
-     TOBN(0x9d3b4724, 0x4fee99d4), TOBN(0x4bca48b6, 0xfac5c1ea),
-     TOBN(0x70f5f514, 0xbbea9af7), TOBN(0x751f55a5, 0x974c283a),
-     TOBN(0x6e30251a, 0xcb452fdb), TOBN(0x31ee6965, 0x50f30650),
-     TOBN(0xb0b3e508, 0x933548d9), TOBN(0xb8949a4f, 0xf4b0ef5b),
-     TOBN(0x208b8326, 0x3c88f3bd), TOBN(0xab147c30, 0xdb1d9989),
-     TOBN(0xed6515fd, 0x44d4df03), TOBN(0x17a12f75, 0xe72eb0c5),
-     TOBN(0x3b59796d, 0x36cf69db), TOBN(0x1219eee9, 0x56670c18),
-     TOBN(0xfe3341f7, 0x7a070d8e), TOBN(0x9b70130b, 0xa327f90c),
-     TOBN(0x36a32462, 0x0ae18e0e), TOBN(0x2021a623, 0x46c0a638),
-     TOBN(0x251b5817, 0xc62eb0d4), TOBN(0x87bfbcdf, 0x4c762293),
-     TOBN(0xf78ab505, 0xcdd61d64), TOBN(0x8c7a53fc, 0xc8c18857),
-     TOBN(0xa653ce6f, 0x16147515), TOBN(0x9c923aa5, 0xea7d52d5),
-     TOBN(0xc24709cb, 0x5c18871f), TOBN(0x7d53bec8, 0x73b3cc74),
-     TOBN(0x59264aff, 0xfdd1d4c4), TOBN(0x5555917e, 0x240da582),
-     TOBN(0xcae8bbda, 0x548f5a0e), TOBN(0x1910eaba, 0x3bbfbbe1),
-     TOBN(0xae579685, 0x7677afc3), TOBN(0x49ea61f1, 0x73ff0b5c),
-     TOBN(0x78655478, 0x4f7c3922), TOBN(0x95d337cd, 0x20c68eef),
-     TOBN(0x68f1e1e5, 0xdf779ab9), TOBN(0x14b491b0, 0xb5cf69a8),
-     TOBN(0x7a6cbbe0, 0x28e3fe89), TOBN(0xe7e1fee4, 0xc5aac0eb),
-     TOBN(0x7f47eda5, 0x697e5140), TOBN(0x4f450137, 0xb454921f),
-     TOBN(0xdb625f84, 0x95cd8185), TOBN(0x74be0ba1, 0xcdb2e583),
-     TOBN(0xaee4fd7c, 0xdd5e6de4), TOBN(0x4251437d, 0xe8101739),
-     TOBN(0x686d72a0, 0xac620366), TOBN(0x4be3fb9c, 0xb6d59344),
-     TOBN(0x6e8b44e7, 0xa1eb75b9), TOBN(0x84e39da3, 0x91a5c10c),
-     TOBN(0x37cc1490, 0xb38f0409), TOBN(0x02951943, 0x2c2ade82),
-     TOBN(0x9b688783, 0x1190a2d8), TOBN(0x25627d14, 0x231182ba),
-     TOBN(0x6eb550aa, 0x658a6d87), TOBN(0x1405aaa7, 0xcf9c7325),
-     TOBN(0xd147142e, 0x5c8748c9), TOBN(0x7f637e4f, 0x53ede0e0),
-     TOBN(0xf8ca2776, 0x14ffad2c), TOBN(0xe58fb1bd, 0xbafb6791),
-     TOBN(0x17158c23, 0xbf8f93fc), TOBN(0x7f15b373, 0x0a4a4655),
-     TOBN(0x39d4add2, 0xd842ca72), TOBN(0xa71e4391, 0x3ed96305),
-     TOBN(0x5bb09cbe, 0x6700be14), TOBN(0x68d69d54, 0xd8befcf6),
-     TOBN(0xa45f5367, 0x37183bcf), TOBN(0x7152b7bb, 0x3370dff7),
-     TOBN(0xcf887baa, 0xbf12525b), TOBN(0xe7ac7bdd, 0xd6d1e3cd),
-     TOBN(0x25914f78, 0x81fdad90), TOBN(0xcf638f56, 0x0d2cf6ab),
-     TOBN(0xb90bc03f, 0xcc054de5), TOBN(0x932811a7, 0x18b06350),
-     TOBN(0x2f00b330, 0x9bbd11ff), TOBN(0x76108a6f, 0xb4044974),
-     TOBN(0x801bb9e0, 0xa851d266), TOBN(0x0dd099be, 0xbf8990c1),
-     TOBN(0x58c5aaaa, 0xabe32986), TOBN(0x0fe9dd2a, 0x50d59c27),
-     TOBN(0x84951ff4, 0x8d307305), TOBN(0x6c23f829, 0x86529b78),
-     TOBN(0x50bb2218, 0x0b136a79), TOBN(0x7e2174de, 0x77a20996),
-     TOBN(0x6f00a4b9, 0xc0bb4da6), TOBN(0x89a25a17, 0xefdde8da),
-     TOBN(0xf728a27e, 0xc11ee01d), TOBN(0xf900553a, 0xe5f10dfb),
-     TOBN(0x189a83c8, 0x02ec893c), TOBN(0x3ca5bdc1, 0x23f66d77),
-     TOBN(0x98781537, 0x97eada9f), TOBN(0x59c50ab3, 0x10256230),
-     TOBN(0x346042d9, 0x323c69b3), TOBN(0x1b715a6d, 0x2c460449),
-     TOBN(0xa41dd476, 0x6ae06e0b), TOBN(0xcdd7888e, 0x9d42e25f),
-     TOBN(0x0f395f74, 0x56b25a20), TOBN(0xeadfe0ae, 0x8700e27e),
-     TOBN(0xb09d52a9, 0x69950093), TOBN(0x3525d9cb, 0x327f8d40),
-     TOBN(0xb8235a94, 0x67df886a), TOBN(0x77e4b0dd, 0x035faec2),
-     TOBN(0x115eb20a, 0x517d7061), TOBN(0x77fe3433, 0x6c2df683),
-     TOBN(0x6870ddc7, 0xcdc6fc67), TOBN(0xb1610588, 0x0b87de83),
-     TOBN(0x343584ca, 0xd9c4ddbe), TOBN(0xb3164f1c, 0x3d754be2),
-     TOBN(0x0731ed3a, 0xc1e6c894), TOBN(0x26327dec, 0x4f6b904c),
-     TOBN(0x9d49c6de, 0x97b5cd32), TOBN(0x40835dae, 0xb5eceecd),
-     TOBN(0xc66350ed, 0xd9ded7fe), TOBN(0x8aeebb5c, 0x7a678804),
-     TOBN(0x51d42fb7, 0x5b8ee9ec), TOBN(0xd7a17bdd, 0x8e3ca118),
-     TOBN(0x40d7511a, 0x2ef4400e), TOBN(0xc48990ac, 0x875a66f4),
-     TOBN(0x8de07d2a, 0x2199e347), TOBN(0xbee75556, 0x2a39e051),
-     TOBN(0x56918786, 0x916e51dc), TOBN(0xeb191313, 0x4a2d89ec),
-     TOBN(0x6679610d, 0x37d341ed), TOBN(0x434fbb41, 0x56d51c2b),
-     TOBN(0xe54b7ee7, 0xd7492dba), TOBN(0xaa33a79a, 0x59021493),
-     TOBN(0x49fc5054, 0xe4bd6d3d), TOBN(0x09540f04, 0x5ab551d0),
-     TOBN(0x8acc9085, 0x4942d3a6), TOBN(0x231af02f, 0x2d28323b),
-     TOBN(0x93458cac, 0x0992c163), TOBN(0x1fef8e71, 0x888e3bb4),
-     TOBN(0x27578da5, 0xbe8c268c), TOBN(0xcc8be792, 0xe805ec00),
-     TOBN(0x29267bae, 0xc61c3855), TOBN(0xebff429d, 0x58c1fd3b),
-     TOBN(0x22d886c0, 0x8c0b93b8), TOBN(0xca5e00b2, 0x2ddb8953),
-     TOBN(0xcf330117, 0xc3fed8b7), TOBN(0xd49ac6fa, 0x819c01f6),
-     TOBN(0x6ddaa6bd, 0x3c0fbd54), TOBN(0x91743068, 0x8049a2cf),
-     TOBN(0xd67f981e, 0xaff2ef81), TOBN(0xc3654d35, 0x2818ae80),
-     TOBN(0x81d05044, 0x1b2aa892), TOBN(0x2db067bf, 0x3d099328),
-     TOBN(0xe7c79e86, 0x703dcc97), TOBN(0xe66f9b37, 0xe133e215),
-     TOBN(0xcdf119a6, 0xe39a7a5c), TOBN(0x47c60de3, 0x876f1b61),
-     TOBN(0x6e405939, 0xd860f1b2), TOBN(0x3e9a1dbc, 0xf5ed4d4a),
-     TOBN(0x3f23619e, 0xc9b6bcbd), TOBN(0x5ee790cf, 0x734e4497),
-     TOBN(0xf0a834b1, 0x5bdaf9bb), TOBN(0x02cedda7, 0x4ca295f0),
-     TOBN(0x4619aa2b, 0xcb8e378c), TOBN(0xe5613244, 0xcc987ea4),
-     TOBN(0x0bc022cc, 0x76b23a50), TOBN(0x4a2793ad, 0x0a6c21ce),
-     TOBN(0x38328780, 0x89cac3f5), TOBN(0x29176f1b, 0xcba26d56),
-     TOBN(0x06296187, 0x4f6f59eb), TOBN(0x86e9bca9, 0x8bdc658e),
-     TOBN(0x2ca9c4d3, 0x57e30402), TOBN(0x5438b216, 0x516a09bb),
-     TOBN(0x0a6a063c, 0x7672765a), TOBN(0x37a3ce64, 0x0547b9bf),
-     TOBN(0x42c099c8, 0x98b1a633), TOBN(0xb5ab800d, 0x05ee6961),
-     TOBN(0xf1963f59, 0x11a5acd6), TOBN(0xbaee6157, 0x46201063),
-     TOBN(0x36d9a649, 0xa596210a), TOBN(0xaed04363, 0x1ba7138c),
-     TOBN(0xcf817d1c, 0xa4a82b76), TOBN(0x5586960e, 0xf3806be9),
-     TOBN(0x7ab67c89, 0x09dc6bb5), TOBN(0x52ace7a0, 0x114fe7eb),
-     TOBN(0xcd987618, 0xcbbc9b70), TOBN(0x4f06fd5a, 0x604ca5e1),
-     TOBN(0x90af14ca, 0x6dbde133), TOBN(0x1afe4322, 0x948a3264),
-     TOBN(0xa70d2ca6, 0xc44b2c6c), TOBN(0xab726799, 0x0ef87dfe),
-     TOBN(0x310f64dc, 0x2e696377), TOBN(0x49b42e68, 0x4c8126a0),
-     TOBN(0x0ea444c3, 0xcea0b176), TOBN(0x53a8ddf7, 0xcb269182),
-     TOBN(0xf3e674eb, 0xbbba9dcb), TOBN(0x0d2878a8, 0xd8669d33),
-     TOBN(0x04b935d5, 0xd019b6a3), TOBN(0xbb5cf88e, 0x406f1e46),
-     TOBN(0xa1912d16, 0x5b57c111), TOBN(0x9803fc21, 0x19ebfd78),
-     TOBN(0x4f231c9e, 0xc07764a9), TOBN(0xd93286ee, 0xb75bd055),
-     TOBN(0x83a9457d, 0x8ee6c9de), TOBN(0x04695915, 0x6087ec90),
-     TOBN(0x14c6dd8a, 0x58d6cd46), TOBN(0x9cb633b5, 0x8e6634d2),
-     TOBN(0xc1305047, 0xf81bc328), TOBN(0x12ede0e2, 0x26a177e5),
-     TOBN(0x332cca62, 0x065a6f4f), TOBN(0xc3a47ecd, 0x67be487b),
-     TOBN(0x741eb187, 0x0f47ed1c), TOBN(0x99e66e58, 0xe7598b14),
-     TOBN(0x6f0544ca, 0x63d0ff12), TOBN(0xe5efc784, 0xb610a05f),
-     TOBN(0xf72917b1, 0x7cad7b47), TOBN(0x3ff6ea20, 0xf2cac0c0),
-     TOBN(0xcc23791b, 0xf21db8b7), TOBN(0x7dac70b1, 0xd7d93565),
-     TOBN(0x682cda1d, 0x694bdaad), TOBN(0xeb88bb8c, 0x1023516d),
-     TOBN(0xc4c634b4, 0xdfdbeb1b), TOBN(0x22f5ca72, 0xb4ee4dea),
-     TOBN(0x1045a368, 0xe6524821), TOBN(0xed9e8a3f, 0x052b18b2),
-     TOBN(0x9b7f2cb1, 0xb961f49a), TOBN(0x7fee2ec1, 0x7b009670),
-     TOBN(0x350d8754, 0x22507a6d), TOBN(0x561bd711, 0x4db55f1d),
-     TOBN(0x4c189ccc, 0x320bbcaf), TOBN(0x568434cf, 0xdf1de48c),
-     TOBN(0x6af1b00e, 0x0fa8f128), TOBN(0xf0ba9d02, 0x8907583c),
-     TOBN(0x735a4004, 0x32ff9f60), TOBN(0x3dd8e4b6, 0xc25dcf33),
-     TOBN(0xf2230f16, 0x42c74cef), TOBN(0xd8117623, 0x013fa8ad),
-     TOBN(0x36822876, 0xf51fe76e), TOBN(0x8a6811cc, 0x11d62589),
-     TOBN(0xc3fc7e65, 0x46225718), TOBN(0xb7df2c9f, 0xc82fdbcd),
-     TOBN(0x3b1d4e52, 0xdd7b205b), TOBN(0xb6959478, 0x47a2e414),
-     TOBN(0x05e4d793, 0xefa91148), TOBN(0xb47ed446, 0xfd2e9675),
-     TOBN(0x1a7098b9, 0x04c9d9bf), TOBN(0x661e2881, 0x1b793048),
-     TOBN(0xb1a16966, 0xb01ee461), TOBN(0xbc521308, 0x2954746f),
-     TOBN(0xc909a0fc, 0x2477de50), TOBN(0xd80bb41c, 0x7dbd51ef),
-     TOBN(0xa85be7ec, 0x53294905), TOBN(0x6d465b18, 0x83958f97),
-     TOBN(0x16f6f330, 0xfb6840fd), TOBN(0xfaaeb214, 0x3401e6c8),
-     TOBN(0xaf83d30f, 0xccb5b4f8), TOBN(0x22885739, 0x266dec4b),
-     TOBN(0x51b4367c, 0x7bc467df), TOBN(0x926562e3, 0xd842d27a),
-     TOBN(0xdfcb6614, 0x0fea14a6), TOBN(0xeb394dae, 0xf2734cd9),
-     TOBN(0x3eeae5d2, 0x11c0be98), TOBN(0xb1e6ed11, 0x814e8165),
-     TOBN(0x191086bc, 0xe52bce1c), TOBN(0x14b74cc6, 0xa75a04da),
-     TOBN(0x63cf1186, 0x8c060985), TOBN(0x071047de, 0x2dbd7f7c),
-     TOBN(0x4e433b8b, 0xce0942ca), TOBN(0xecbac447, 0xd8fec61d),
-     TOBN(0x8f0ed0e2, 0xebf3232f), TOBN(0xfff80f9e, 0xc52a2edd),
-     TOBN(0xad9ab433, 0x75b55fdb), TOBN(0x73ca7820, 0xe42e0c11),
-     TOBN(0x6dace0a0, 0xe6251b46), TOBN(0x89bc6b5c, 0x4c0d932d),
-     TOBN(0x3438cd77, 0x095da19a), TOBN(0x2f24a939, 0x8d48bdfb),
-     TOBN(0x99b47e46, 0x766561b7), TOBN(0x736600e6, 0x0ed0322a),
-     TOBN(0x06a47cb1, 0x638e1865), TOBN(0x927c1c2d, 0xcb136000),
-     TOBN(0x29542337, 0x0cc5df69), TOBN(0x99b37c02, 0x09d649a9),
-     TOBN(0xc5f0043c, 0x6aefdb27), TOBN(0x6cdd9987, 0x1be95c27),
-     TOBN(0x69850931, 0x390420d2), TOBN(0x299c40ac, 0x0983efa4),
-     TOBN(0x3a05e778, 0xaf39aead), TOBN(0x84274408, 0x43a45193),
-     TOBN(0x6bcd0fb9, 0x91a711a0), TOBN(0x461592c8, 0x9f52ab17),
-     TOBN(0xb49302b4, 0xda3c6ed6), TOBN(0xc51fddc7, 0x330d7067),
-     TOBN(0x94babeb6, 0xda50d531), TOBN(0x521b840d, 0xa6a7b9da),
-     TOBN(0x5305151e, 0x404bdc89), TOBN(0x1bcde201, 0xd0d07449),
-     TOBN(0xf427a78b, 0x3b76a59a), TOBN(0xf84841ce, 0x07791a1b),
-     TOBN(0xebd314be, 0xbf91ed1c), TOBN(0x8e61d34c, 0xbf172943),
-     TOBN(0x1d5dc451, 0x5541b892), TOBN(0xb186ee41, 0xfc9d9e54),
-     TOBN(0x9d9f345e, 0xd5bf610d), TOBN(0x3e7ba65d, 0xf6acca9f),
-     TOBN(0x9dda787a, 0xa8369486), TOBN(0x09f9dab7, 0x8eb5ba53),
-     TOBN(0x5afb2033, 0xd6481bc3), TOBN(0x76f4ce30, 0xafa62104),
-     TOBN(0xa8fa00cf, 0xf4f066b5), TOBN(0x89ab5143, 0x461dafc2),
-     TOBN(0x44339ed7, 0xa3389998), TOBN(0x2ff862f1, 0xbc214903),
-     TOBN(0x2c88f985, 0xb05556e3), TOBN(0xcd96058e, 0x3467081e),
-     TOBN(0x7d6a4176, 0xedc637ea), TOBN(0xe1743d09, 0x36a5acdc),
-     TOBN(0x66fd72e2, 0x7eb37726), TOBN(0xf7fa264e, 0x1481a037),
-     TOBN(0x9fbd3bde, 0x45f4aa79), TOBN(0xed1e0147, 0x767c3e22),
-     TOBN(0x7621f979, 0x82e7abe2), TOBN(0x19eedc72, 0x45f633f8),
-     TOBN(0xe69b155e, 0x6137bf3a), TOBN(0xa0ad13ce, 0x414ee94e),
-     TOBN(0x93e3d524, 0x1c0e651a), TOBN(0xab1a6e2a, 0x02ce227e),
-     TOBN(0xe7af1797, 0x4ab27eca), TOBN(0x245446de, 0xbd444f39),
-     TOBN(0x59e22a21, 0x56c07613), TOBN(0x43deafce, 0xf4275498),
-     TOBN(0x10834ccb, 0x67fd0946), TOBN(0xa75841e5, 0x47406edf),
-     TOBN(0xebd6a677, 0x7b0ac93d), TOBN(0xa6e37b0d, 0x78f5e0d7),
-     TOBN(0x2516c096, 0x76f5492b), TOBN(0x1e4bf888, 0x9ac05f3a),
-     TOBN(0xcdb42ce0, 0x4df0ba2b), TOBN(0x935d5cfd, 0x5062341b),
-     TOBN(0x8a303333, 0x82acac20), TOBN(0x429438c4, 0x5198b00e),
-     TOBN(0x1d083bc9, 0x049d33fa), TOBN(0x58b82dda, 0x946f67ff),
-     TOBN(0xac3e2db8, 0x67a1d6a3), TOBN(0x62e6bead, 0x1798aac8),
-     TOBN(0xfc85980f, 0xde46c58c), TOBN(0xa7f69379, 0x69c8d7be),
-     TOBN(0x23557927, 0x837b35ec), TOBN(0x06a933d8, 0xe0790c0c),
-     TOBN(0x827c0e9b, 0x077ff55d), TOBN(0x53977798, 0xbb26e680),
-     TOBN(0x59530874, 0x1d9cb54f), TOBN(0xcca3f449, 0x4aac53ef),
-     TOBN(0x11dc5c87, 0xa07eda0f), TOBN(0xc138bccf, 0xfd6400c8),
-     TOBN(0x549680d3, 0x13e5da72), TOBN(0xc93eed82, 0x4540617e),
-     TOBN(0xfd3db157, 0x4d0b75c0), TOBN(0x9716eb42, 0x6386075b),
-     TOBN(0x0639605c, 0x817b2c16), TOBN(0x09915109, 0xf1e4f201),
-     TOBN(0x35c9a928, 0x5cca6c3b), TOBN(0xb25f7d1a, 0x3505c900),
-     TOBN(0xeb9f7d20, 0x630480c4), TOBN(0xc3c7b8c6, 0x2a1a501c),
-     TOBN(0x3f99183c, 0x5a1f8e24), TOBN(0xfdb118fa, 0x9dd255f0),
-     TOBN(0xb9b18b90, 0xc27f62a6), TOBN(0xe8f732f7, 0x396ec191),
-     TOBN(0x524a2d91, 0x0be786ab), TOBN(0x5d32adef, 0x0ac5a0f5),
-     TOBN(0x9b53d4d6, 0x9725f694), TOBN(0x032a76c6, 0x0510ba89),
-     TOBN(0x840391a3, 0xebeb1544), TOBN(0x44b7b88c, 0x3ed73ac3),
-     TOBN(0xd24bae7a, 0x256cb8b3), TOBN(0x7ceb151a, 0xe394cb12),
-     TOBN(0xbd6b66d0, 0x5bc1e6a8), TOBN(0xec70cecb, 0x090f07bf),
-     TOBN(0x270644ed, 0x7d937589), TOBN(0xee9e1a3d, 0x5f1dccfe),
-     TOBN(0xb0d40a84, 0x745b98d2), TOBN(0xda429a21, 0x2556ed40),
-     TOBN(0xf676eced, 0x85148cb9), TOBN(0x5a22d40c, 0xded18936),
-     TOBN(0x3bc4b9e5, 0x70e8a4ce), TOBN(0xbfd1445b, 0x9eae0379),
-     TOBN(0xf23f2c0c, 0x1a0bd47e), TOBN(0xa9c0bb31, 0xe1845531),
-     TOBN(0x9ddc4d60, 0x0a4c3f6b), TOBN(0xbdfaad79, 0x2c15ef44),
-     TOBN(0xce55a236, 0x7f484acc), TOBN(0x08653ca7, 0x055b1f15),
-     TOBN(0x2efa8724, 0x538873a3), TOBN(0x09299e5d, 0xace1c7e7),
-     TOBN(0x07afab66, 0xade332ba), TOBN(0x9be1fdf6, 0x92dd71b7),
-     TOBN(0xa49b5d59, 0x5758b11c), TOBN(0x0b852893, 0xc8654f40),
-     TOBN(0xb63ef6f4, 0x52379447), TOBN(0xd4957d29, 0x105e690c),
-     TOBN(0x7d484363, 0x646559b0), TOBN(0xf4a8273c, 0x49788a8e),
-     TOBN(0xee406cb8, 0x34ce54a9), TOBN(0x1e1c260f, 0xf86fda9b),
-     TOBN(0xe150e228, 0xcf6a4a81), TOBN(0x1fa3b6a3, 0x1b488772),
-     TOBN(0x1e6ff110, 0xc5a9c15b), TOBN(0xc6133b91, 0x8ad6aa47),
-     TOBN(0x8ac5d55c, 0x9dffa978), TOBN(0xba1d1c1d, 0x5f3965f2),
-     TOBN(0xf969f4e0, 0x7732b52f), TOBN(0xfceecdb5, 0xa5172a07),
-     TOBN(0xb0120a5f, 0x10f2b8f5), TOBN(0xc83a6cdf, 0x5c4c2f63),
-     TOBN(0x4d47a491, 0xf8f9c213), TOBN(0xd9e1cce5, 0xd3f1bbd5),
-     TOBN(0x0d91bc7c, 0xaba7e372), TOBN(0xfcdc74c8, 0xdfd1a2db),
-     TOBN(0x05efa800, 0x374618e5), TOBN(0x11216969, 0x15a7925e),
-     TOBN(0xd4c89823, 0xf6021c5d), TOBN(0x880d5e84, 0xeff14423),
-     TOBN(0x6523bc5a, 0x6dcd1396), TOBN(0xd1acfdfc, 0x113c978b),
-     TOBN(0xb0c164e8, 0xbbb66840), TOBN(0xf7f4301e, 0x72b58459),
-     TOBN(0xc29ad4a6, 0xa638e8ec), TOBN(0xf5ab8961, 0x46b78699),
-     TOBN(0x9dbd7974, 0x0e954750), TOBN(0x0121de88, 0x64f9d2c6),
-     TOBN(0x2e597b42, 0xd985232e), TOBN(0x55b6c3c5, 0x53451777),
-     TOBN(0xbb53e547, 0x519cb9fb), TOBN(0xf134019f, 0x8428600d),
-     TOBN(0x5a473176, 0xe081791a), TOBN(0x2f3e2263, 0x35fb0c08),
-     TOBN(0xb28c3017, 0x73d273b0), TOBN(0xccd21076, 0x7721ef9a),
-     TOBN(0x054cc292, 0xb650dc39), TOBN(0x662246de, 0x6188045e),
-     TOBN(0x904b52fa, 0x6b83c0d1), TOBN(0xa72df267, 0x97e9cd46),
-     TOBN(0x886b43cd, 0x899725e4), TOBN(0x2b651688, 0xd849ff22),
-     TOBN(0x60479b79, 0x02f34533), TOBN(0x5e354c14, 0x0c77c148),
-     TOBN(0xb4bb7581, 0xa8537c78), TOBN(0x188043d7, 0xefe1495f),
-     TOBN(0x9ba12f42, 0x8c1d5026), TOBN(0x2e0c8a26, 0x93d4aaab),
-     TOBN(0xbdba7b8b, 0xaa57c450), TOBN(0x140c9ad6, 0x9bbdafef),
-     TOBN(0x2067aa42, 0x25ac0f18), TOBN(0xf7b1295b, 0x04d1fbf3),
-     TOBN(0x14829111, 0xa4b04824), TOBN(0x2ce3f192, 0x33bd5e91),
-     TOBN(0x9c7a1d55, 0x8f2e1b72), TOBN(0xfe932286, 0x302aa243),
-     TOBN(0x497ca7b4, 0xd4be9554), TOBN(0xb8e821b8, 0xe0547a6e),
-     TOBN(0xfb2838be, 0x67e573e0), TOBN(0x05891db9, 0x4084c44b),
-     TOBN(0x91311373, 0x96c1c2c5), TOBN(0x6aebfa3f, 0xd958444b),
-     TOBN(0xac9cdce9, 0xe56e55c1), TOBN(0x7148ced3, 0x2caa46d0),
-     TOBN(0x2e10c7ef, 0xb61fe8eb), TOBN(0x9fd835da, 0xff97cf4d),}
-    ,
-    {TOBN(0xa36da109, 0x081e9387), TOBN(0xfb9780d7, 0x8c935828),
-     TOBN(0xd5940332, 0xe540b015), TOBN(0xc9d7b51b, 0xe0f466fa),
-     TOBN(0xfaadcd41, 0xd6d9f671), TOBN(0xba6c1e28, 0xb1a2ac17),
-     TOBN(0x066a7833, 0xed201e5f), TOBN(0x19d99719, 0xf90f462b),
-     TOBN(0xf431f462, 0x060b5f61), TOBN(0xa56f46b4, 0x7bd057c2),
-     TOBN(0x348dca6c, 0x47e1bf65), TOBN(0x9a38783e, 0x41bcf1ff),
-     TOBN(0x7a5d33a9, 0xda710718), TOBN(0x5a779987, 0x2e0aeaf6),
-     TOBN(0xca87314d, 0x2d29d187), TOBN(0xfa0edc3e, 0xc687d733),
-     TOBN(0x9df33621, 0x6a31e09b), TOBN(0xde89e44d, 0xc1350e35),
-     TOBN(0x29214871, 0x4ca0cf52), TOBN(0xdf379672, 0x0b88a538),
-     TOBN(0xc92a510a, 0x2591d61b), TOBN(0x79aa87d7, 0x585b447b),
-     TOBN(0xf67db604, 0xe5287f77), TOBN(0x1697c8bf, 0x5efe7a80),
-     TOBN(0x1c894849, 0xcb198ac7), TOBN(0xa884a93d, 0x0f264665),
-     TOBN(0x2da964ef, 0x9b200678), TOBN(0x3c351b87, 0x009834e6),
-     TOBN(0xafb2ef9f, 0xe2c4b44b), TOBN(0x580f6c47, 0x3326790c),
-     TOBN(0xb8480521, 0x0b02264a), TOBN(0x8ba6f9e2, 0x42a194e2),
-     TOBN(0xfc87975f, 0x8fb54738), TOBN(0x35160788, 0x27c3ead3),
-     TOBN(0x834116d2, 0xb74a085a), TOBN(0x53c99a73, 0xa62fe996),
-     TOBN(0x87585be0, 0x5b81c51b), TOBN(0x925bafa8, 0xbe0852b7),
-     TOBN(0x76a4fafd, 0xa84d19a7), TOBN(0x39a45982, 0x585206d4),
-     TOBN(0x499b6ab6, 0x5eb03c0e), TOBN(0xf19b7954, 0x72bc3fde),
-     TOBN(0xa86b5b9c, 0x6e3a80d2), TOBN(0xe4377508, 0x6d42819f),
-     TOBN(0xc1663650, 0xbb3ee8a3), TOBN(0x75eb14fc, 0xb132075f),
-     TOBN(0xa8ccc906, 0x7ad834f6), TOBN(0xea6a2474, 0xe6e92ffd),
-     TOBN(0x9d72fd95, 0x0f8d6758), TOBN(0xcb84e101, 0x408c07dd),
-     TOBN(0xb9114bfd, 0xa5e23221), TOBN(0x358b5fe2, 0xe94e742c),
-     TOBN(0x1c0577ec, 0x95f40e75), TOBN(0xf0155451, 0x3d73f3d6),
-     TOBN(0x9d55cd67, 0xbd1b9b66), TOBN(0x63e86e78, 0xaf8d63c7),
-     TOBN(0x39d934ab, 0xd3c095f1), TOBN(0x04b261be, 0xe4b76d71),
-     TOBN(0x1d2e6970, 0xe73e6984), TOBN(0x879fb23b, 0x5e5fcb11),
-     TOBN(0x11506c72, 0xdfd75490), TOBN(0x3a97d085, 0x61bcf1c1),
-     TOBN(0x43201d82, 0xbf5e7007), TOBN(0x7f0ac52f, 0x798232a7),
-     TOBN(0x2715cbc4, 0x6eb564d4), TOBN(0x8d6c752c, 0x9e570e29),
-     TOBN(0xf80247c8, 0x9ef5fd5d), TOBN(0xc3c66b46, 0xd53eb514),
-     TOBN(0x9666b401, 0x0f87de56), TOBN(0xce62c06f, 0xc6c603b5),
-     TOBN(0xae7b4c60, 0x7e4fc942), TOBN(0x38ac0b77, 0x663a9c19),
-     TOBN(0xcb4d20ee, 0x4b049136), TOBN(0x8b63bf12, 0x356a4613),
-     TOBN(0x1221aef6, 0x70e08128), TOBN(0xe62d8c51, 0x4acb6b16),
-     TOBN(0x71f64a67, 0x379e7896), TOBN(0xb25237a2, 0xcafd7fa5),
-     TOBN(0xf077bd98, 0x3841ba6a), TOBN(0xc4ac0244, 0x3cd16e7e),
-     TOBN(0x548ba869, 0x21fea4ca), TOBN(0xd36d0817, 0xf3dfdac1),
-     TOBN(0x09d8d71f, 0xf4685faf), TOBN(0x8eff66be, 0xc52c459a),
-     TOBN(0x182faee7, 0x0b57235e), TOBN(0xee3c39b1, 0x0106712b),
-     TOBN(0x5107331f, 0xc0fcdcb0), TOBN(0x669fb9dc, 0xa51054ba),
-     TOBN(0xb25101fb, 0x319d7682), TOBN(0xb0293129, 0x0a982fee),
-     TOBN(0x51c1c9b9, 0x0261b344), TOBN(0x0e008c5b, 0xbfd371fa),
-     TOBN(0xd866dd1c, 0x0278ca33), TOBN(0x666f76a6, 0xe5aa53b1),
-     TOBN(0xe5cfb779, 0x6013a2cf), TOBN(0x1d3a1aad, 0xa3521836),
-     TOBN(0xcedd2531, 0x73faa485), TOBN(0xc8ee6c4f, 0xc0a76878),
-     TOBN(0xddbccfc9, 0x2a11667d), TOBN(0x1a418ea9, 0x1c2f695a),
-     TOBN(0xdb11bd92, 0x51f73971), TOBN(0x3e4b3c82, 0xda2ed89f),
-     TOBN(0x9a44f3f4, 0xe73e0319), TOBN(0xd1e3de0f, 0x303431af),
-     TOBN(0x3c5604ff, 0x50f75f9c), TOBN(0x1d8eddf3, 0x7e752b22),
-     TOBN(0x0ef074dd, 0x3c9a1118), TOBN(0xd0ffc172, 0xccb86d7b),
-     TOBN(0xabd1ece3, 0x037d90f2), TOBN(0xe3f307d6, 0x6055856c),
-     TOBN(0x422f9328, 0x7e4c6daf), TOBN(0x902aac66, 0x334879a0),
-     TOBN(0xb6a1e7bf, 0x94cdfade), TOBN(0x6c97e1ed, 0x7fc6d634),
-     TOBN(0x662ad24d, 0xa2fb63f8), TOBN(0xf81be1b9, 0xa5928405),
-     TOBN(0x86d765e4, 0xd14b4206), TOBN(0xbecc2e0e, 0x8fa0db65),
-     TOBN(0xa28838e0, 0xb17fc76c), TOBN(0xe49a602a, 0xe37cf24e),
-     TOBN(0x76b4131a, 0x567193ec), TOBN(0xaf3c305a, 0xe5f6e70b),
-     TOBN(0x9587bd39, 0x031eebdd), TOBN(0x5709def8, 0x71bbe831),
-     TOBN(0x57059983, 0x0eb2b669), TOBN(0x4d80ce1b, 0x875b7029),
-     TOBN(0x838a7da8, 0x0364ac16), TOBN(0x2f431d23, 0xbe1c83ab),
-     TOBN(0xe56812a6, 0xf9294dd3), TOBN(0xb448d01f, 0x9b4b0d77),
-     TOBN(0xf3ae6061, 0x04e8305c), TOBN(0x2bead645, 0x94d8c63e),
-     TOBN(0x0a85434d, 0x84fd8b07), TOBN(0x537b983f, 0xf7a9dee5),
-     TOBN(0xedcc5f18, 0xef55bd85), TOBN(0x2041af62, 0x21c6cf8b),
-     TOBN(0x8e52874c, 0xb940c71e), TOBN(0x211935a9, 0xdb5f4b3a),
-     TOBN(0x94350492, 0x301b1dc3), TOBN(0x33d2646d, 0x29958620),
-     TOBN(0x16b0d64b, 0xef911404), TOBN(0x9d1f25ea, 0x9a3c5ef4),
-     TOBN(0x20f200eb, 0x4a352c78), TOBN(0x43929f2c, 0x4bd0b428),
-     TOBN(0xa5656667, 0xc7196e29), TOBN(0x7992c2f0, 0x9391be48),
-     TOBN(0xaaa97cbd, 0x9ee0cd6e), TOBN(0x51b0310c, 0x3dc8c9bf),
-     TOBN(0x237f8acf, 0xdd9f22cb), TOBN(0xbb1d81a1, 0xb585d584),
-     TOBN(0x8d5d85f5, 0x8c416388), TOBN(0x0d6e5a5a, 0x42fe474f),
-     TOBN(0xe7812766, 0x38235d4e), TOBN(0x1c62bd67, 0x496e3298),
-     TOBN(0x8378660c, 0x3f175bc8), TOBN(0x4d04e189, 0x17afdd4d),
-     TOBN(0x32a81601, 0x85a8068c), TOBN(0xdb58e4e1, 0x92b29a85),
-     TOBN(0xe8a65b86, 0xc70d8a3b), TOBN(0x5f0e6f4e, 0x98a0403b),
-     TOBN(0x08129684, 0x69ed2370), TOBN(0x34dc30bd, 0x0871ee26),
-     TOBN(0x3a5ce948, 0x7c9c5b05), TOBN(0x7d487b80, 0x43a90c87),
-     TOBN(0x4089ba37, 0xdd0e7179), TOBN(0x45f80191, 0xb4041811),
-     TOBN(0x1c3e1058, 0x98747ba5), TOBN(0x98c4e13a, 0x6e1ae592),
-     TOBN(0xd44636e6, 0xe82c9f9e), TOBN(0x711db87c, 0xc33a1043),
-     TOBN(0x6f431263, 0xaa8aec05), TOBN(0x43ff120d, 0x2744a4aa),
-     TOBN(0xd3bd892f, 0xae77779b), TOBN(0xf0fe0cc9, 0x8cdc9f82),
-     TOBN(0xca5f7fe6, 0xf1c5b1bc), TOBN(0xcc63a682, 0x44929a72),
-     TOBN(0xc7eaba0c, 0x09dbe19a), TOBN(0x2f3585ad, 0x6b5c73c2),
-     TOBN(0x8ab8924b, 0x0ae50c30), TOBN(0x17fcd27a, 0x638b30ba),
-     TOBN(0xaf414d34, 0x10b3d5a5), TOBN(0x09c107d2, 0x2a9accf1),
-     TOBN(0x15dac49f, 0x946a6242), TOBN(0xaec3df2a, 0xd707d642),
-     TOBN(0x2c2492b7, 0x3f894ae0), TOBN(0xf59df3e5, 0xb75f18ce),
-     TOBN(0x7cb740d2, 0x8f53cad0), TOBN(0x3eb585fb, 0xc4f01294),
-     TOBN(0x17da0c86, 0x32c7f717), TOBN(0xeb8c795b, 0xaf943f4c),
-     TOBN(0x4ee23fb5, 0xf67c51d2), TOBN(0xef187575, 0x68889949),
-     TOBN(0xa6b4bdb2, 0x0389168b), TOBN(0xc4ecd258, 0xea577d03),
-     TOBN(0x3a63782b, 0x55743082), TOBN(0x6f678f4c, 0xc72f08cd),
-     TOBN(0x553511cf, 0x65e58dd8), TOBN(0xd53b4e3e, 0xd402c0cd),
-     TOBN(0x37de3e29, 0xa037c14c), TOBN(0x86b6c516, 0xc05712aa),
-     TOBN(0x2834da3e, 0xb38dff6f), TOBN(0xbe012c52, 0xea636be8),
-     TOBN(0x292d238c, 0x61dd37f8), TOBN(0x0e54523f, 0x8f8142db),
-     TOBN(0xe31eb436, 0x036a05d8), TOBN(0x83e3cdff, 0x1e93c0ff),
-     TOBN(0x3fd2fe0f, 0x50821ddf), TOBN(0xc8e19b0d, 0xff9eb33b),
-     TOBN(0xc8cc943f, 0xb569a5fe), TOBN(0xad0090d4, 0xd4342d75),
-     TOBN(0x82090b4b, 0xcaeca000), TOBN(0xca39687f, 0x1bd410eb),
-     TOBN(0xe7bb0df7, 0x65959d77), TOBN(0x39d78218, 0x9c964999),
-     TOBN(0xd87f62e8, 0xb2415451), TOBN(0xe5efb774, 0xbed76108),
-     TOBN(0x3ea011a4, 0xe822f0d0), TOBN(0xbc647ad1, 0x5a8704f8),
-     TOBN(0xbb315b35, 0x50c6820f), TOBN(0x863dec3d, 0xb7e76bec),
-     TOBN(0x01ff5d3a, 0xf017bfc7), TOBN(0x20054439, 0x976b8229),
-     TOBN(0x067fca37, 0x0bbd0d3b), TOBN(0xf63dde64, 0x7f5e3d0f),
-     TOBN(0x22dbefb3, 0x2a4c94e9), TOBN(0xafbff0fe, 0x96f8278a),
-     TOBN(0x80aea0b1, 0x3503793d), TOBN(0xb2238029, 0x5f06cd29),
-     TOBN(0x65703e57, 0x8ec3feca), TOBN(0x06c38314, 0x393e7053),
-     TOBN(0xa0b751eb, 0x7c6734c4), TOBN(0xd2e8a435, 0xc59f0f1e),
-     TOBN(0x147d9052, 0x5e9ca895), TOBN(0x2f4dd31e, 0x972072df),
-     TOBN(0xa16fda8e, 0xe6c6755c), TOBN(0xc66826ff, 0xcf196558),
-     TOBN(0x1f1a76a3, 0x0cf43895), TOBN(0xa9d604e0, 0x83c3097b),
-     TOBN(0xe1908309, 0x66390e0e), TOBN(0xa50bf753, 0xb3c85eff),
-     TOBN(0x0696bdde, 0xf6a70251), TOBN(0x548b801b, 0x3c6ab16a),
-     TOBN(0x37fcf704, 0xa4d08762), TOBN(0x090b3def, 0xdff76c4e),
-     TOBN(0x87e8cb89, 0x69cb9158), TOBN(0x44a90744, 0x995ece43),
-     TOBN(0xf85395f4, 0x0ad9fbf5), TOBN(0x49b0f6c5, 0x4fb0c82d),
-     TOBN(0x75d9bc15, 0xadf7cccf), TOBN(0x81a3e5d6, 0xdfa1e1b0),
-     TOBN(0x8c39e444, 0x249bc17e), TOBN(0xf37dccb2, 0x8ea7fd43),
-     TOBN(0xda654873, 0x907fba12), TOBN(0x35daa6da, 0x4a372904),
-     TOBN(0x0564cfc6, 0x6283a6c5), TOBN(0xd09fa4f6, 0x4a9395bf),
-     TOBN(0x688e9ec9, 0xaeb19a36), TOBN(0xd913f1ce, 0xc7bfbfb4),
-     TOBN(0x797b9a3c, 0x61c2faa6), TOBN(0x2f979bec, 0x6a0a9c12),
-     TOBN(0xb5969d0f, 0x359679ec), TOBN(0xebcf523d, 0x079b0460),
-     TOBN(0xfd6b0008, 0x10fab870), TOBN(0x3f2edcda, 0x9373a39c),
-     TOBN(0x0d64f9a7, 0x6f568431), TOBN(0xf848c27c, 0x02f8898c),
-     TOBN(0xf418ade1, 0x260b5bd5), TOBN(0xc1f3e323, 0x6973dee8),
-     TOBN(0x46e9319c, 0x26c185dd), TOBN(0x6d85b7d8, 0x546f0ac4),
-     TOBN(0x427965f2, 0x247f9d57), TOBN(0xb519b636, 0xb0035f48),
-     TOBN(0x6b6163a9, 0xab87d59c), TOBN(0xff9f58c3, 0x39caaa11),
-     TOBN(0x4ac39cde, 0x3177387b), TOBN(0x5f6557c2, 0x873e77f9),
-     TOBN(0x67504006, 0x36a83041), TOBN(0x9b1c96ca, 0x75ef196c),
-     TOBN(0xf34283de, 0xb08c7940), TOBN(0x7ea09644, 0x1128c316),
-     TOBN(0xb510b3b5, 0x6aa39dff), TOBN(0x59b43da2, 0x9f8e4d8c),
-     TOBN(0xa8ce31fd, 0x9e4c4b9f), TOBN(0x0e20be26, 0xc1303c01),
-     TOBN(0x18187182, 0xe8ee47c9), TOBN(0xd9687cdb, 0x7db98101),
-     TOBN(0x7a520e4d, 0xa1e14ff6), TOBN(0x429808ba, 0x8836d572),
-     TOBN(0xa37ca60d, 0x4944b663), TOBN(0xf901f7a9, 0xa3f91ae5),
-     TOBN(0xe4e3e76e, 0x9e36e3b1), TOBN(0x9aa219cf, 0x29d93250),
-     TOBN(0x347fe275, 0x056a2512), TOBN(0xa4d643d9, 0xde65d95c),
-     TOBN(0x9669d396, 0x699fc3ed), TOBN(0xb598dee2, 0xcf8c6bbe),
-     TOBN(0x682ac1e5, 0xdda9e5c6), TOBN(0x4e0d3c72, 0xcaa9fc95),
-     TOBN(0x17faaade, 0x772bea44), TOBN(0x5ef8428c, 0xab0009c8),
-     TOBN(0xcc4ce47a, 0x460ff016), TOBN(0xda6d12bf, 0x725281cb),
-     TOBN(0x44c67848, 0x0223aad2), TOBN(0x6e342afa, 0x36256e28),
-     TOBN(0x1400bb0b, 0x93a37c04), TOBN(0x62b1bc9b, 0xdd10bd96),
-     TOBN(0x7251adeb, 0x0dac46b7), TOBN(0x7d33b92e, 0x7be4ef51),
-     TOBN(0x28b2a94b, 0xe61fa29a), TOBN(0x4b2be13f, 0x06422233),
-     TOBN(0x36d6d062, 0x330d8d37), TOBN(0x5ef80e1e, 0xb28ca005),
-     TOBN(0x174d4699, 0x6d16768e), TOBN(0x9fc4ff6a, 0x628bf217),
-     TOBN(0x77705a94, 0x154e490d), TOBN(0x9d96dd28, 0x8d2d997a),
-     TOBN(0x77e2d9d8, 0xce5d72c4), TOBN(0x9d06c5a4, 0xc11c714f),
-     TOBN(0x02aa5136, 0x79e4a03e), TOBN(0x1386b3c2, 0x030ff28b),
-     TOBN(0xfe82e8a6, 0xfb283f61), TOBN(0x7df203e5, 0xf3abc3fb),
-     TOBN(0xeec7c351, 0x3a4d3622), TOBN(0xf7d17dbf, 0xdf762761),
-     TOBN(0xc3956e44, 0x522055f0), TOBN(0xde3012db, 0x8fa748db),
-     TOBN(0xca9fcb63, 0xbf1dcc14), TOBN(0xa56d9dcf, 0xbe4e2f3a),
-     TOBN(0xb86186b6, 0x8bcec9c2), TOBN(0x7cf24df9, 0x680b9f06),
-     TOBN(0xc46b45ea, 0xc0d29281), TOBN(0xfff42bc5, 0x07b10e12),
-     TOBN(0x12263c40, 0x4d289427), TOBN(0x3d5f1899, 0xb4848ec4),
-     TOBN(0x11f97010, 0xd040800c), TOBN(0xb4c5f529, 0x300feb20),
-     TOBN(0xcc543f8f, 0xde94fdcb), TOBN(0xe96af739, 0xc7c2f05e),
-     TOBN(0xaa5e0036, 0x882692e1), TOBN(0x09c75b68, 0x950d4ae9),
-     TOBN(0x62f63df2, 0xb5932a7a), TOBN(0x2658252e, 0xde0979ad),
-     TOBN(0x2a19343f, 0xb5e69631), TOBN(0x718c7501, 0x525b666b),
-     TOBN(0x26a42d69, 0xea40dc3a), TOBN(0xdc84ad22, 0xaecc018f),
-     TOBN(0x25c36c7b, 0x3270f04a), TOBN(0x46ba6d47, 0x50fa72ed),
-     TOBN(0x6c37d1c5, 0x93e58a8e), TOBN(0xa2394731, 0x120c088c),
-     TOBN(0xc3be4263, 0xcb6e86da), TOBN(0x2c417d36, 0x7126d038),
-     TOBN(0x5b70f9c5, 0x8b6f8efa), TOBN(0x671a2faa, 0x37718536),
-     TOBN(0xd3ced3c6, 0xb539c92b), TOBN(0xe56f1bd9, 0xa31203c2),
-     TOBN(0x8b096ec4, 0x9ff3c8eb), TOBN(0x2deae432, 0x43491cea),
-     TOBN(0x2465c6eb, 0x17943794), TOBN(0x5d267e66, 0x20586843),
-     TOBN(0x9d3d116d, 0xb07159d0), TOBN(0xae07a67f, 0xc1896210),
-     TOBN(0x8fc84d87, 0xbb961579), TOBN(0x30009e49, 0x1c1f8dd6),
-     TOBN(0x8a8caf22, 0xe3132819), TOBN(0xcffa197c, 0xf23ab4ff),
-     TOBN(0x58103a44, 0x205dd687), TOBN(0x57b796c3, 0x0ded67a2),
-     TOBN(0x0b9c3a6c, 0xa1779ad7), TOBN(0xa33cfe2e, 0x357c09c5),
-     TOBN(0x2ea29315, 0x3db4a57e), TOBN(0x91959695, 0x8ebeb52e),
-     TOBN(0x118db9a6, 0xe546c879), TOBN(0x8e996df4, 0x6295c8d6),
-     TOBN(0xdd990484, 0x55ec806b), TOBN(0x24f291ca, 0x165c1035),
-     TOBN(0xcca523bb, 0x440e2229), TOBN(0x324673a2, 0x73ef4d04),
-     TOBN(0xaf3adf34, 0x3e11ec39), TOBN(0x6136d7f1, 0xdc5968d3),
-     TOBN(0x7a7b2899, 0xb053a927), TOBN(0x3eaa2661, 0xae067ecd),
-     TOBN(0x8549b9c8, 0x02779cd9), TOBN(0x061d7940, 0xc53385ea),
-     TOBN(0x3e0ba883, 0xf06d18bd), TOBN(0x4ba6de53, 0xb2700843),
-     TOBN(0xb966b668, 0x591a9e4d), TOBN(0x93f67567, 0x7f4fa0ed),
-     TOBN(0x5a02711b, 0x4347237b), TOBN(0xbc041e2f, 0xe794608e),
-     TOBN(0x55af10f5, 0x70f73d8c), TOBN(0xd2d4d4f7, 0xbb7564f7),
-     TOBN(0xd7d27a89, 0xb3e93ce7), TOBN(0xf7b5a875, 0x5d3a2c1b),
-     TOBN(0xb29e68a0, 0x255b218a), TOBN(0xb533837e, 0x8af76754),
-     TOBN(0xd1b05a73, 0x579fab2e), TOBN(0xb41055a1, 0xecd74385),
-     TOBN(0xb2369274, 0x445e9115), TOBN(0x2972a7c4, 0xf520274e),
-     TOBN(0x6c08334e, 0xf678e68a), TOBN(0x4e4160f0, 0x99b057ed),
-     TOBN(0x3cfe11b8, 0x52ccb69a), TOBN(0x2fd1823a, 0x21c8f772),
-     TOBN(0xdf7f072f, 0x3298f055), TOBN(0x8c0566f9, 0xfec74a6e),
-     TOBN(0xe549e019, 0x5bb4d041), TOBN(0x7c3930ba, 0x9208d850),
-     TOBN(0xe07141fc, 0xaaa2902b), TOBN(0x539ad799, 0xe4f69ad3),
-     TOBN(0xa6453f94, 0x813f9ffd), TOBN(0xc58d3c48, 0x375bc2f7),
-     TOBN(0xb3326fad, 0x5dc64e96), TOBN(0x3aafcaa9, 0xb240e354),
-     TOBN(0x1d1b0903, 0xaca1e7a9), TOBN(0x4ceb9767, 0x1211b8a0),
-     TOBN(0xeca83e49, 0xe32a858e), TOBN(0x4c32892e, 0xae907bad),
-     TOBN(0xd5b42ab6, 0x2eb9b494), TOBN(0x7fde3ee2, 0x1eabae1b),
-     TOBN(0x13b5ab09, 0xcaf54957), TOBN(0xbfb028be, 0xe5f5d5d5),
-     TOBN(0x928a0650, 0x2003e2c0), TOBN(0x90793aac, 0x67476843),
-     TOBN(0x5e942e79, 0xc81710a0), TOBN(0x557e4a36, 0x27ccadd4),
-     TOBN(0x72a2bc56, 0x4bcf6d0c), TOBN(0x09ee5f43, 0x26d7b80c),
-     TOBN(0x6b70dbe9, 0xd4292f19), TOBN(0x56f74c26, 0x63f16b18),
-     TOBN(0xc23db0f7, 0x35fbb42a), TOBN(0xb606bdf6, 0x6ae10040),
-     TOBN(0x1eb15d4d, 0x044573ac), TOBN(0x7dc3cf86, 0x556b0ba4),
-     TOBN(0x97af9a33, 0xc60df6f7), TOBN(0x0b1ef85c, 0xa716ce8c),
-     TOBN(0x2922f884, 0xc96958be), TOBN(0x7c32fa94, 0x35690963),
-     TOBN(0x2d7f667c, 0xeaa00061), TOBN(0xeaaf7c17, 0x3547365c),
-     TOBN(0x1eb4de46, 0x87032d58), TOBN(0xc54f3d83, 0x5e2c79e0),
-     TOBN(0x07818df4, 0x5d04ef23), TOBN(0x55faa9c8, 0x673d41b4),
-     TOBN(0xced64f6f, 0x89b95355), TOBN(0x4860d2ea, 0xb7415c84),
-     TOBN(0x5fdb9bd2, 0x050ebad3), TOBN(0xdb53e0cc, 0x6685a5bf),
-     TOBN(0xb830c031, 0x9feb6593), TOBN(0xdd87f310, 0x6accff17),
-     TOBN(0x2303ebab, 0x9f555c10), TOBN(0x94603695, 0x287e7065),
-     TOBN(0xf88311c3, 0x2e83358c), TOBN(0x508dd9b4, 0xeefb0178),
-     TOBN(0x7ca23706, 0x2dba8652), TOBN(0x62aac5a3, 0x0047abe5),
-     TOBN(0x9a61d2a0, 0x8b1ea7b3), TOBN(0xd495ab63, 0xae8b1485),
-     TOBN(0x38740f84, 0x87052f99), TOBN(0x178ebe5b, 0xb2974eea),
-     TOBN(0x030bbcca, 0x5b36d17f), TOBN(0xb5e4cce3, 0xaaf86eea),
-     TOBN(0xb51a0220, 0x68f8e9e0), TOBN(0xa4348796, 0x09eb3e75),
-     TOBN(0xbe592309, 0xeef1a752), TOBN(0x5d7162d7, 0x6f2aa1ed),
-     TOBN(0xaebfb5ed, 0x0f007dd2), TOBN(0x255e14b2, 0xc89edd22),
-     TOBN(0xba85e072, 0x0303b697), TOBN(0xc5d17e25, 0xf05720ff),
-     TOBN(0x02b58d6e, 0x5128ebb6), TOBN(0x2c80242d, 0xd754e113),
-     TOBN(0x919fca5f, 0xabfae1ca), TOBN(0x937afaac, 0x1a21459b),
-     TOBN(0x9e0ca91c, 0x1f66a4d2), TOBN(0x194cc7f3, 0x23ec1331),
-     TOBN(0xad25143a, 0x8aa11690), TOBN(0xbe40ad8d, 0x09b59e08),
-     TOBN(0x37d60d9b, 0xe750860a), TOBN(0x6c53b008, 0xc6bf434c),
-     TOBN(0xb572415d, 0x1356eb80), TOBN(0xb8bf9da3, 0x9578ded8),
-     TOBN(0x22658e36, 0x5e8fb38b), TOBN(0x9b70ce22, 0x5af8cb22),
-     TOBN(0x7c00018a, 0x829a8180), TOBN(0x84329f93, 0xb81ed295),
-     TOBN(0x7c343ea2, 0x5f3cea83), TOBN(0x38f8655f, 0x67586536),
-     TOBN(0xa661a0d0, 0x1d3ec517), TOBN(0x98744652, 0x512321ae),
-     TOBN(0x084ca591, 0xeca92598), TOBN(0xa9bb9dc9, 0x1dcb3feb),
-     TOBN(0x14c54355, 0x78b4c240), TOBN(0x5ed62a3b, 0x610cafdc),
-     TOBN(0x07512f37, 0x1b38846b), TOBN(0x571bb70a, 0xb0e38161),
-     TOBN(0xb556b95b, 0x2da705d2), TOBN(0x3ef8ada6, 0xb1a08f98),
-     TOBN(0x85302ca7, 0xddecfbe5), TOBN(0x0e530573, 0x943105cd),
-     TOBN(0x60554d55, 0x21a9255d), TOBN(0x63a32fa1, 0xf2f3802a),
-     TOBN(0x35c8c5b0, 0xcd477875), TOBN(0x97f458ea, 0x6ad42da1),
-     TOBN(0x832d7080, 0xeb6b242d), TOBN(0xd30bd023, 0x3b71e246),
-     TOBN(0x7027991b, 0xbe31139d), TOBN(0x68797e91, 0x462e4e53),
-     TOBN(0x423fe20a, 0x6b4e185a), TOBN(0x82f2c67e, 0x42d9b707),
-     TOBN(0x25c81768, 0x4cf7811b), TOBN(0xbd53005e, 0x045bb95d),}
-    ,
-    {TOBN(0xe5f649be, 0x9d8e68fd), TOBN(0xdb0f0533, 0x1b044320),
-     TOBN(0xf6fde9b3, 0xe0c33398), TOBN(0x92f4209b, 0x66c8cfae),
-     TOBN(0xe9d1afcc, 0x1a739d4b), TOBN(0x09aea75f, 0xa28ab8de),
-     TOBN(0x14375fb5, 0xeac6f1d0), TOBN(0x6420b560, 0x708f7aa5),
-     TOBN(0x9eae499c, 0x6254dc41), TOBN(0x7e293924, 0x7a837e7e),
-     TOBN(0x74aec08c, 0x090524a7), TOBN(0xf82b9219, 0x8d6f55f2),
-     TOBN(0x493c962e, 0x1402cec5), TOBN(0x9f17ca17, 0xfa2f30e7),
-     TOBN(0xbcd783e8, 0xe9b879cb), TOBN(0xea3d8c14, 0x5a6f145f),
-     TOBN(0xdede15e7, 0x5e0dee6e), TOBN(0x74f24872, 0xdc628aa2),
-     TOBN(0xd3e9c4fe, 0x7861bb93), TOBN(0x56d4822a, 0x6187b2e0),
-     TOBN(0xb66417cf, 0xc59826f9), TOBN(0xca260969, 0x2408169e),
-     TOBN(0xedf69d06, 0xc79ef885), TOBN(0x00031f8a, 0xdc7d138f),
-     TOBN(0x103c46e6, 0x0ebcf726), TOBN(0x4482b831, 0x6231470e),
-     TOBN(0x6f6dfaca, 0x487c2109), TOBN(0x2e0ace97, 0x62e666ef),
-     TOBN(0x3246a9d3, 0x1f8d1f42), TOBN(0x1b1e83f1, 0x574944d2),
-     TOBN(0x13dfa63a, 0xa57f334b), TOBN(0x0cf8daed, 0x9f025d81),
-     TOBN(0x30d78ea8, 0x00ee11c1), TOBN(0xeb053cd4, 0xb5e3dd75),
-     TOBN(0x9b65b13e, 0xd58c43c5), TOBN(0xc3ad49bd, 0xbd151663),
-     TOBN(0x99fd8e41, 0xb6427990), TOBN(0x12cf15bd, 0x707eae1e),
-     TOBN(0x29ad4f1b, 0x1aabb71e), TOBN(0x5143e74d, 0x07545d0e),
-     TOBN(0x30266336, 0xc88bdee1), TOBN(0x25f29306, 0x5876767c),
-     TOBN(0x9c078571, 0xc6731996), TOBN(0xc88690b2, 0xed552951),
-     TOBN(0x274f2c2d, 0x852705b4), TOBN(0xb0bf8d44, 0x4e09552d),
-     TOBN(0x7628beeb, 0x986575d1), TOBN(0x407be238, 0x7f864651),
-     TOBN(0x0e5e3049, 0xa639fc6b), TOBN(0xe75c35d9, 0x86003625),
-     TOBN(0x0cf35bd8, 0x5dcc1646), TOBN(0x8bcaced2, 0x6c26273a),
-     TOBN(0xe22ecf1d, 0xb5536742), TOBN(0x013dd897, 0x1a9e068b),
-     TOBN(0x17f411cb, 0x8a7909c5), TOBN(0x5757ac98, 0x861dd506),
-     TOBN(0x85de1f0d, 0x1e935abb), TOBN(0xdefd10b4, 0x154de37a),
-     TOBN(0xb8d9e392, 0x369cebb5), TOBN(0x54d5ef9b, 0x761324be),
-     TOBN(0x4d6341ba, 0x74f17e26), TOBN(0xc0a0e3c8, 0x78c1dde4),
-     TOBN(0xa6d77581, 0x87d918fd), TOBN(0x66876015, 0x02ca3a13),
-     TOBN(0xc7313e9c, 0xf36658f0), TOBN(0xc433ef1c, 0x71f8057e),
-     TOBN(0x85326246, 0x1b6a835a), TOBN(0xc8f05398, 0x7c86394c),
-     TOBN(0xff398cdf, 0xe983c4a1), TOBN(0xbf5e8162, 0x03b7b931),
-     TOBN(0x93193c46, 0xb7b9045b), TOBN(0x1e4ebf5d, 0xa4a6e46b),
-     TOBN(0xf9942a60, 0x43a24fe7), TOBN(0x29c1191e, 0xffb3492b),
-     TOBN(0x9f662449, 0x902fde05), TOBN(0xc792a7ac, 0x6713c32d),
-     TOBN(0x2fd88ad8, 0xb737982c), TOBN(0x7e3a0319, 0xa21e60e3),
-     TOBN(0x09b0de44, 0x7383591a), TOBN(0x6df141ee, 0x8310a456),
-     TOBN(0xaec1a039, 0xe6d6f471), TOBN(0x14b2ba0f, 0x1198d12e),
-     TOBN(0xebc1a160, 0x3aeee5ac), TOBN(0x401f4836, 0xe0b964ce),
-     TOBN(0x2ee43796, 0x4fd03f66), TOBN(0x3fdb4e49, 0xdd8f3f12),
-     TOBN(0x6ef267f6, 0x29380f18), TOBN(0x3e8e9670, 0x8da64d16),
-     TOBN(0xbc19180c, 0x207674f1), TOBN(0x112e09a7, 0x33ae8fdb),
-     TOBN(0x99667554, 0x6aaeb71e), TOBN(0x79432af1, 0xe101b1c7),
-     TOBN(0xd5eb558f, 0xde2ddec6), TOBN(0x81392d1f, 0x5357753f),
-     TOBN(0xa7a76b97, 0x3ae1158a), TOBN(0x416fbbff, 0x4a899991),
-     TOBN(0x9e65fdfd, 0x0d4a9dcf), TOBN(0x7bc29e48, 0x944ddf12),
-     TOBN(0xbc1a92d9, 0x3c856866), TOBN(0x273c6905, 0x6e98dfe2),
-     TOBN(0x69fce418, 0xcdfaa6b8), TOBN(0x606bd823, 0x5061c69f),
-     TOBN(0x42d495a0, 0x6af75e27), TOBN(0x8ed3d505, 0x6d873a1f),
-     TOBN(0xaf552841, 0x6ab25b6a), TOBN(0xc6c0ffc7, 0x2b1a4523),
-     TOBN(0xab18827b, 0x21c99e03), TOBN(0x060e8648, 0x9034691b),
-     TOBN(0x5207f90f, 0x93c7f398), TOBN(0x9f4a96cb, 0x82f8d10b),
-     TOBN(0xdd71cd79, 0x3ad0f9e3), TOBN(0x84f435d2, 0xfc3a54f5),
-     TOBN(0x4b03c55b, 0x8e33787f), TOBN(0xef42f975, 0xa6384673),
-     TOBN(0xff7304f7, 0x5051b9f0), TOBN(0x18aca1dc, 0x741c87c2),
-     TOBN(0x56f120a7, 0x2d4bfe80), TOBN(0xfd823b3d, 0x053e732c),
-     TOBN(0x11bccfe4, 0x7537ca16), TOBN(0xdf6c9c74, 0x1b5a996b),
-     TOBN(0xee7332c7, 0x904fc3fa), TOBN(0x14a23f45, 0xc7e3636a),
-     TOBN(0xc38659c3, 0xf091d9aa), TOBN(0x4a995e5d, 0xb12d8540),
-     TOBN(0x20a53bec, 0xf3a5598a), TOBN(0x56534b17, 0xb1eaa995),
-     TOBN(0x9ed3dca4, 0xbf04e03c), TOBN(0x716c563a, 0xd8d56268),
-     TOBN(0x27ba77a4, 0x1d6178e7), TOBN(0xe4c80c40, 0x68a1ff8e),
-     TOBN(0x75011099, 0x0a13f63d), TOBN(0x7bf33521, 0xa61d46f3),
-     TOBN(0x0aff218e, 0x10b365bb), TOBN(0x81021804, 0x0fd7ea75),
-     TOBN(0x05a3fd8a, 0xa4b3a925), TOBN(0xb829e75f, 0x9b3db4e6),
-     TOBN(0x6bdc75a5, 0x4d53e5fb), TOBN(0x04a5dc02, 0xd52717e3),
-     TOBN(0x86af502f, 0xe9a42ec2), TOBN(0x8867e8fb, 0x2630e382),
-     TOBN(0xbf845c6e, 0xbec9889b), TOBN(0x54f491f2, 0xcb47c98d),
-     TOBN(0xa3091fba, 0x790c2a12), TOBN(0xd7f6fd78, 0xc20f708b),
-     TOBN(0xa569ac30, 0xacde5e17), TOBN(0xd0f996d0, 0x6852b4d7),
-     TOBN(0xe51d4bb5, 0x4609ae54), TOBN(0x3fa37d17, 0x0daed061),
-     TOBN(0x62a88684, 0x34b8fb41), TOBN(0x99a2acbd, 0x9efb64f1),
-     TOBN(0xb75c1a5e, 0x6448e1f2), TOBN(0xfa99951a, 0x42b5a069),
-     TOBN(0x6d956e89, 0x2f3b26e7), TOBN(0xf4709860, 0xda875247),
-     TOBN(0x3ad15179, 0x2482dda3), TOBN(0xd64110e3, 0x017d82f0),
-     TOBN(0x14928d2c, 0xfad414e4), TOBN(0x2b155f58, 0x2ed02b24),
-     TOBN(0x481a141b, 0xcb821bf1), TOBN(0x12e3c770, 0x4f81f5da),
-     TOBN(0xe49c5de5, 0x9fff8381), TOBN(0x11053232, 0x5bbec894),
-     TOBN(0xa0d051cc, 0x454d88c4), TOBN(0x4f6db89c, 0x1f8e531b),
-     TOBN(0x34fe3fd6, 0xca563a44), TOBN(0x7f5c2215, 0x58da8ab9),
-     TOBN(0x8445016d, 0x9474f0a1), TOBN(0x17d34d61, 0xcb7d8a0a),
-     TOBN(0x8e9d3910, 0x1c474019), TOBN(0xcaff2629, 0xd52ceefb),
-     TOBN(0xf9cf3e32, 0xc1622c2b), TOBN(0xd4b95e3c, 0xe9071a05),
-     TOBN(0xfbbca61f, 0x1594438c), TOBN(0x1eb6e6a6, 0x04aadedf),
-     TOBN(0x853027f4, 0x68e14940), TOBN(0x221d322a, 0xdfabda9c),
-     TOBN(0xed8ea9f6, 0xb7cb179a), TOBN(0xdc7b764d, 0xb7934dcc),
-     TOBN(0xfcb13940, 0x5e09180d), TOBN(0x6629a6bf, 0xb47dc2dd),
-     TOBN(0xbfc55e4e, 0x9f5a915e), TOBN(0xb1db9d37, 0x6204441e),
-     TOBN(0xf82d68cf, 0x930c5f53), TOBN(0x17d3a142, 0xcbb605b1),
-     TOBN(0xdd5944ea, 0x308780f2), TOBN(0xdc8de761, 0x3845f5e4),
-     TOBN(0x6beaba7d, 0x7624d7a3), TOBN(0x1e709afd, 0x304df11e),
-     TOBN(0x95364376, 0x02170456), TOBN(0xbf204b3a, 0xc8f94b64),
-     TOBN(0x4e53af7c, 0x5680ca68), TOBN(0x0526074a, 0xe0c67574),
-     TOBN(0x95d8cef8, 0xecd92af6), TOBN(0xe6b9fa7a, 0x6cd1745a),
-     TOBN(0x3d546d3d, 0xa325c3e4), TOBN(0x1f57691d, 0x9ae93aae),
-     TOBN(0xe891f3fe, 0x9d2e1a33), TOBN(0xd430093f, 0xac063d35),
-     TOBN(0xeda59b12, 0x5513a327), TOBN(0xdc2134f3, 0x5536f18f),
-     TOBN(0xaa51fe2c, 0x5c210286), TOBN(0x3f68aaee, 0x1cab658c),
-     TOBN(0x5a23a00b, 0xf9357292), TOBN(0x9a626f39, 0x7efdabed),
-     TOBN(0xfe2b3bf3, 0x199d78e3), TOBN(0xb7a2af77, 0x71bbc345),
-     TOBN(0x3d19827a, 0x1e59802c), TOBN(0x823bbc15, 0xb487a51c),
-     TOBN(0x856139f2, 0x99d0a422), TOBN(0x9ac3df65, 0xf456c6fb),
-     TOBN(0xaddf65c6, 0x701f8bd6), TOBN(0x149f321e, 0x3758df87),
-     TOBN(0xb1ecf714, 0x721b7eba), TOBN(0xe17df098, 0x31a3312a),
-     TOBN(0xdb2fd6ec, 0xd5c4d581), TOBN(0xfd02996f, 0x8fcea1b3),
-     TOBN(0xe29fa63e, 0x7882f14f), TOBN(0xc9f6dc35, 0x07c6cadc),
-     TOBN(0x46f22d6f, 0xb882bed0), TOBN(0x1a45755b, 0xd118e52c),
-     TOBN(0x9f2c7c27, 0x7c4608cf), TOBN(0x7ccbdf32, 0x568012c2),
-     TOBN(0xfcb0aedd, 0x61729b0e), TOBN(0x7ca2ca9e, 0xf7d75dbf),
-     TOBN(0xf58fecb1, 0x6f640f62), TOBN(0xe274b92b, 0x39f51946),
-     TOBN(0x7f4dfc04, 0x6288af44), TOBN(0x0a91f32a, 0xeac329e5),
-     TOBN(0x43ad274b, 0xd6aaba31), TOBN(0x719a1640, 0x0f6884f9),
-     TOBN(0x685d29f6, 0xdaf91e20), TOBN(0x5ec1cc33, 0x27e49d52),
-     TOBN(0x38f4de96, 0x3b54a059), TOBN(0x0e0015e5, 0xefbcfdb3),
-     TOBN(0x177d23d9, 0x4dbb8da6), TOBN(0x98724aa2, 0x97a617ad),
-     TOBN(0x30f0885b, 0xfdb6558e), TOBN(0xf9f7a28a, 0xc7899a96),
-     TOBN(0xd2ae8ac8, 0x872dc112), TOBN(0xfa0642ca, 0x73c3c459),
-     TOBN(0x15296981, 0xe7dfc8d6), TOBN(0x67cd4450, 0x1fb5b94a),
-     TOBN(0x0ec71cf1, 0x0eddfd37), TOBN(0xc7e5eeb3, 0x9a8eddc7),
-     TOBN(0x02ac8e3d, 0x81d95028), TOBN(0x0088f172, 0x70b0e35d),
-     TOBN(0xec041fab, 0xe1881fe3), TOBN(0x62cf71b8, 0xd99e7faa),
-     TOBN(0x5043dea7, 0xe0f222c2), TOBN(0x309d42ac, 0x72e65142),
-     TOBN(0x94fe9ddd, 0x9216cd30), TOBN(0xd6539c7d, 0x0f87feec),
-     TOBN(0x03c5a57c, 0x432ac7d7), TOBN(0x72692cf0, 0x327fda10),
-     TOBN(0xec28c85f, 0x280698de), TOBN(0x2331fb46, 0x7ec283b1),
-     TOBN(0xd34bfa32, 0x2867e633), TOBN(0x78709a82, 0x0a9cc815),
-     TOBN(0xb7fe6964, 0x875e2fa5), TOBN(0x25cc064f, 0x9e98bfb5),
-     TOBN(0x9eb0151c, 0x493a65c5), TOBN(0x5fb5d941, 0x53182464),
-     TOBN(0x69e6f130, 0xf04618e2), TOBN(0xa8ecec22, 0xf89c8ab6),
-     TOBN(0xcd6ac88b, 0xb96209bd), TOBN(0x65fa8cdb, 0xb3e1c9e0),
-     TOBN(0xa47d22f5, 0x4a8d8eac), TOBN(0x83895cdf, 0x8d33f963),
-     TOBN(0xa8adca59, 0xb56cd3d1), TOBN(0x10c8350b, 0xdaf38232),
-     TOBN(0x2b161fb3, 0xa5080a9f), TOBN(0xbe7f5c64, 0x3af65b3a),
-     TOBN(0x2c754039, 0x97403a11), TOBN(0x94626cf7, 0x121b96af),
-     TOBN(0x431de7c4, 0x6a983ec2), TOBN(0x3780dd3a, 0x52cc3df7),
-     TOBN(0xe28a0e46, 0x2baf8e3b), TOBN(0xabe68aad, 0x51d299ae),
-     TOBN(0x603eb8f9, 0x647a2408), TOBN(0x14c61ed6, 0x5c750981),
-     TOBN(0x88b34414, 0xc53352e7), TOBN(0x5a34889c, 0x1337d46e),
-     TOBN(0x612c1560, 0xf95f2bc8), TOBN(0x8a3f8441, 0xd4807a3a),
-     TOBN(0x680d9e97, 0x5224da68), TOBN(0x60cd6e88, 0xc3eb00e9),
-     TOBN(0x3875a98e, 0x9a6bc375), TOBN(0xdc80f924, 0x4fd554c2),
-     TOBN(0x6c4b3415, 0x6ac77407), TOBN(0xa1e5ea8f, 0x25420681),
-     TOBN(0x541bfa14, 0x4607a458), TOBN(0x5dbc7e7a, 0x96d7fbf9),
-     TOBN(0x646a851b, 0x31590a47), TOBN(0x039e85ba, 0x15ee6df8),
-     TOBN(0xd19fa231, 0xd7b43fc0), TOBN(0x84bc8be8, 0x299a0e04),
-     TOBN(0x2b9d2936, 0xf20df03a), TOBN(0x24054382, 0x8608d472),
-     TOBN(0x76b6ba04, 0x9149202a), TOBN(0xb21c3831, 0x3670e7b7),
-     TOBN(0xddd93059, 0xd6fdee10), TOBN(0x9da47ad3, 0x78488e71),
-     TOBN(0x99cc1dfd, 0xa0fcfb25), TOBN(0x42abde10, 0x64696954),
-     TOBN(0x14cc15fc, 0x17eab9fe), TOBN(0xd6e863e4, 0xd3e70972),
-     TOBN(0x29a7765c, 0x6432112c), TOBN(0x88660001, 0x5b0774d8),
-     TOBN(0x3729175a, 0x2c088eae), TOBN(0x13afbcae, 0x8230b8d4),
-     TOBN(0x44768151, 0x915f4379), TOBN(0xf086431a, 0xd8d22812),
-     TOBN(0x37461955, 0xc298b974), TOBN(0x905fb5f0, 0xf8711e04),
-     TOBN(0x787abf3a, 0xfe969d18), TOBN(0x392167c2, 0x6f6a494e),
-     TOBN(0xfc7a0d2d, 0x28c511da), TOBN(0xf127c7dc, 0xb66a262d),
-     TOBN(0xf9c4bb95, 0xfd63fdf0), TOBN(0x90016589, 0x3913ef46),
-     TOBN(0x74d2a73c, 0x11aa600d), TOBN(0x2f5379bd, 0x9fb5ab52),
-     TOBN(0xe49e53a4, 0x7fb70068), TOBN(0x68dd39e5, 0x404aa9a7),
-     TOBN(0xb9b0cf57, 0x2ecaa9c3), TOBN(0xba0e103b, 0xe824826b),
-     TOBN(0x60c2198b, 0x4631a3c4), TOBN(0xc5ff84ab, 0xfa8966a2),
-     TOBN(0x2d6ebe22, 0xac95aff8), TOBN(0x1c9bb6db, 0xb5a46d09),
-     TOBN(0x419062da, 0x53ee4f8d), TOBN(0x7b9042d0, 0xbb97efef),
-     TOBN(0x0f87f080, 0x830cf6bd), TOBN(0x4861d19a, 0x6ec8a6c6),
-     TOBN(0xd3a0daa1, 0x202f01aa), TOBN(0xb0111674, 0xf25afbd5),
-     TOBN(0x6d00d6cf, 0x1afb20d9), TOBN(0x13695000, 0x40671bc5),
-     TOBN(0x913ab0dc, 0x2485ea9b), TOBN(0x1f2bed06, 0x9eef61ac),
-     TOBN(0x850c8217, 0x6d799e20), TOBN(0x93415f37, 0x3271c2de),
-     TOBN(0x5afb06e9, 0x6c4f5910), TOBN(0x688a52df, 0xc4e9e421),
-     TOBN(0x30495ba3, 0xe2a9a6db), TOBN(0x4601303d, 0x58f9268b),
-     TOBN(0xbe3b0dad, 0x7eb0f04f), TOBN(0x4ea47250, 0x4456936d),
-     TOBN(0x8caf8798, 0xd33fd3e7), TOBN(0x1ccd8a89, 0xeb433708),
-     TOBN(0x9effe3e8, 0x87fd50ad), TOBN(0xbe240a56, 0x6b29c4df),
-     TOBN(0xec4ffd98, 0xca0e7ebd), TOBN(0xf586783a, 0xe748616e),
-     TOBN(0xa5b00d8f, 0xc77baa99), TOBN(0x0acada29, 0xb4f34c9c),
-     TOBN(0x36dad67d, 0x0fe723ac), TOBN(0x1d8e53a5, 0x39c36c1e),
-     TOBN(0xe4dd342d, 0x1f4bea41), TOBN(0x64fd5e35, 0xebc9e4e0),
-     TOBN(0x96f01f90, 0x57908805), TOBN(0xb5b9ea3d, 0x5ed480dd),
-     TOBN(0x366c5dc2, 0x3efd2dd0), TOBN(0xed2fe305, 0x6e9dfa27),
-     TOBN(0x4575e892, 0x6e9197e2), TOBN(0x11719c09, 0xab502a5d),
-     TOBN(0x264c7bec, 0xe81f213f), TOBN(0x741b9241, 0x55f5c457),
-     TOBN(0x78ac7b68, 0x49a5f4f4), TOBN(0xf91d70a2, 0x9fc45b7d),
-     TOBN(0x39b05544, 0xb0f5f355), TOBN(0x11f06bce, 0xeef930d9),
-     TOBN(0xdb84d25d, 0x038d05e1), TOBN(0x04838ee5, 0xbacc1d51),
-     TOBN(0x9da3ce86, 0x9e8ee00b), TOBN(0xc3412057, 0xc36eda1f),
-     TOBN(0xae80b913, 0x64d9c2f4), TOBN(0x7468bac3, 0xa010a8ff),
-     TOBN(0xdfd20037, 0x37359d41), TOBN(0x1a0f5ab8, 0x15efeacc),
-     TOBN(0x7c25ad2f, 0x659d0ce0), TOBN(0x4011bcbb, 0x6785cff1),
-     TOBN(0x128b9912, 0x7e2192c7), TOBN(0xa549d8e1, 0x13ccb0e8),
-     TOBN(0x805588d8, 0xc85438b1), TOBN(0x5680332d, 0xbc25cb27),
-     TOBN(0xdcd1bc96, 0x1a4bfdf4), TOBN(0x779ff428, 0x706f6566),
-     TOBN(0x8bbee998, 0xf059987a), TOBN(0xf6ce8cf2, 0xcc686de7),
-     TOBN(0xf8ad3c4a, 0x953cfdb2), TOBN(0xd1d426d9, 0x2205da36),
-     TOBN(0xb3c0f13f, 0xc781a241), TOBN(0x3e89360e, 0xd75362a8),
-     TOBN(0xccd05863, 0xc8a91184), TOBN(0x9bd0c9b7, 0xefa8a7f4),
-     TOBN(0x97ee4d53, 0x8a912a4b), TOBN(0xde5e15f8, 0xbcf518fd),
-     TOBN(0x6a055bf8, 0xc467e1e0), TOBN(0x10be4b4b, 0x1587e256),
-     TOBN(0xd90c14f2, 0x668621c9), TOBN(0xd5518f51, 0xab9c92c1),
-     TOBN(0x8e6a0100, 0xd6d47b3c), TOBN(0xcbe980dd, 0x66716175),
-     TOBN(0x500d3f10, 0xddd83683), TOBN(0x3b6cb35d, 0x99cac73c),
-     TOBN(0x53730c8b, 0x6083d550), TOBN(0xcf159767, 0xdf0a1987),
-     TOBN(0x84bfcf53, 0x43ad73b3), TOBN(0x1b528c20, 0x4f035a94),
-     TOBN(0x4294edf7, 0x33eeac69), TOBN(0xb6283e83, 0x817f3240),
-     TOBN(0xc3fdc959, 0x0a5f25b1), TOBN(0xefaf8aa5, 0x5844ee22),
-     TOBN(0xde269ba5, 0xdbdde4de), TOBN(0xe3347160, 0xc56133bf),
-     TOBN(0xc1184219, 0x8d9ea9f8), TOBN(0x090de5db, 0xf3fc1ab5),
-     TOBN(0x404c37b1, 0x0bf22cda), TOBN(0x7de20ec8, 0xf5618894),
-     TOBN(0x754c588e, 0xecdaecab), TOBN(0x6ca4b0ed, 0x88342743),
-     TOBN(0x76f08bdd, 0xf4a938ec), TOBN(0xd182de89, 0x91493ccb),
-     TOBN(0xd652c53e, 0xc8a4186a), TOBN(0xb3e878db, 0x946d8e33),
-     TOBN(0x088453c0, 0x5f37663c), TOBN(0x5cd9daaa, 0xb407748b),
-     TOBN(0xa1f5197f, 0x586d5e72), TOBN(0x47500be8, 0xc443ca59),
-     TOBN(0x78ef35b2, 0xe2652424), TOBN(0x09c5d26f, 0x6dd7767d),
-     TOBN(0x7175a79a, 0xa74d3f7b), TOBN(0x0428fd8d, 0xcf5ea459),
-     TOBN(0x511cb97c, 0xa5d1746d), TOBN(0x36363939, 0xe71d1278),
-     TOBN(0xcf2df955, 0x10350bf4), TOBN(0xb3817439, 0x60aae782),
-     TOBN(0xa748c0e4, 0x3e688809), TOBN(0x98021fbf, 0xd7a5a006),
-     TOBN(0x9076a70c, 0x0e367a98), TOBN(0xbea1bc15, 0x0f62b7c2),
-     TOBN(0x2645a68c, 0x30fe0343), TOBN(0xacaffa78, 0x699dc14f),
-     TOBN(0xf4469964, 0x457bf9c4), TOBN(0x0db6407b, 0x0d2ead83),
-     TOBN(0x68d56cad, 0xb2c6f3eb), TOBN(0x3b512e73, 0xf376356c),
-     TOBN(0xe43b0e1f, 0xfce10408), TOBN(0x89ddc003, 0x5a5e257d),
-     TOBN(0xb0ae0d12, 0x0362e5b3), TOBN(0x07f983c7, 0xb0519161),
-     TOBN(0xc2e94d15, 0x5d5231e7), TOBN(0xcff22aed, 0x0b4f9513),
-     TOBN(0xb02588dd, 0x6ad0b0b5), TOBN(0xb967d1ac, 0x11d0dcd5),
-     TOBN(0x8dac6bc6, 0xcf777b6c), TOBN(0x0062bdbd, 0x4c6d1959),
-     TOBN(0x53da71b5, 0x0ef5cc85), TOBN(0x07012c7d, 0x4006f14f),
-     TOBN(0x4617f962, 0xac47800d), TOBN(0x53365f2b, 0xc102ed75),
-     TOBN(0xb422efcb, 0x4ab8c9d3), TOBN(0x195cb26b, 0x34af31c9),
-     TOBN(0x3a926e29, 0x05f2c4ce), TOBN(0xbd2bdecb, 0x9856966c),
-     TOBN(0x5d16ab3a, 0x85527015), TOBN(0x9f81609e, 0x4486c231),
-     TOBN(0xd8b96b2c, 0xda350002), TOBN(0xbd054690, 0xfa1b7d36),
-     TOBN(0xdc90ebf5, 0xe71d79bc), TOBN(0xf241b6f9, 0x08964e4e),
-     TOBN(0x7c838643, 0x2fe3cd4c), TOBN(0xe0f33acb, 0xb4bc633c),
-     TOBN(0xb4a9ecec, 0x3d139f1f), TOBN(0x05ce69cd, 0xdc4a1f49),
-     TOBN(0xa19d1b16, 0xf5f98aaf), TOBN(0x45bb71d6, 0x6f23e0ef),
-     TOBN(0x33789fcd, 0x46cdfdd3), TOBN(0x9b8e2978, 0xcee040ca),
-     TOBN(0x9c69b246, 0xae0a6828), TOBN(0xba533d24, 0x7078d5aa),
-     TOBN(0x7a2e42c0, 0x7bb4fbdb), TOBN(0xcfb4879a, 0x7035385c),
-     TOBN(0x8c3dd30b, 0x3281705b), TOBN(0x7e361c6c, 0x404fe081),
-     TOBN(0x7b21649c, 0x3f604edf), TOBN(0x5dbf6a3f, 0xe52ffe47),
-     TOBN(0xc41b7c23, 0x4b54d9bf), TOBN(0x1374e681, 0x3511c3d9),
-     TOBN(0x1863bf16, 0xc1b2b758), TOBN(0x90e78507, 0x1e9e6a96),
-     TOBN(0xab4bf98d, 0x5d86f174), TOBN(0xd74e0bd3, 0x85e96fe4),
-     TOBN(0x8afde39f, 0xcac5d344), TOBN(0x90946dbc, 0xbd91b847),
-     TOBN(0xf5b42358, 0xfe1a838c), TOBN(0x05aae6c5, 0x620ac9d8),
-     TOBN(0x8e193bd8, 0xa1ce5a0b), TOBN(0x8f710571, 0x4dabfd72),
-     TOBN(0x8d8fdd48, 0x182caaac), TOBN(0x8c4aeefa, 0x040745cf),
-     TOBN(0x73c6c30a, 0xf3b93e6d), TOBN(0x991241f3, 0x16f42011),
-     TOBN(0xa0158eea, 0xe457a477), TOBN(0xd19857db, 0xee6ddc05),
-     TOBN(0xb3265224, 0x18c41671), TOBN(0x3ffdfc7e, 0x3c2c0d58),
-     TOBN(0x3a3a5254, 0x26ee7cda), TOBN(0x341b0869, 0xdf02c3a8),
-     TOBN(0xa023bf42, 0x723bbfc8), TOBN(0x3d15002a, 0x14452691),}
-    ,
-    {TOBN(0x5ef7324c, 0x85edfa30), TOBN(0x25976554, 0x87d4f3da),
-     TOBN(0x352f5bc0, 0xdcb50c86), TOBN(0x8f6927b0, 0x4832a96c),
-     TOBN(0xd08ee1ba, 0x55f2f94c), TOBN(0x6a996f99, 0x344b45fa),
-     TOBN(0xe133cb8d, 0xa8aa455d), TOBN(0x5d0721ec, 0x758dc1f7),
-     TOBN(0x6ba7a920, 0x79e5fb67), TOBN(0xe1331feb, 0x70aa725e),
-     TOBN(0x5080ccf5, 0x7df5d837), TOBN(0xe4cae01d, 0x7ff72e21),
-     TOBN(0xd9243ee6, 0x0412a77d), TOBN(0x06ff7cac, 0xdf449025),
-     TOBN(0xbe75f7cd, 0x23ef5a31), TOBN(0xbc957822, 0x0ddef7a8),
-     TOBN(0x8cf7230c, 0xb0ce1c55), TOBN(0x5b534d05, 0x0bbfb607),
-     TOBN(0xee1ef113, 0x0e16363b), TOBN(0x27e0aa7a, 0xb4999e82),
-     TOBN(0xce1dac2d, 0x79362c41), TOBN(0x67920c90, 0x91bb6cb0),
-     TOBN(0x1e648d63, 0x2223df24), TOBN(0x0f7d9eef, 0xe32e8f28),
-     TOBN(0x6943f39a, 0xfa833834), TOBN(0x22951722, 0xa6328562),
-     TOBN(0x81d63dd5, 0x4170fc10), TOBN(0x9f5fa58f, 0xaecc2e6d),
-     TOBN(0xb66c8725, 0xe77d9a3b), TOBN(0x11235cea, 0x6384ebe0),
-     TOBN(0x06a8c118, 0x5845e24a), TOBN(0x0137b286, 0xebd093b1),
-     TOBN(0xc589e1ce, 0x44ace150), TOBN(0xe0f8d3d9, 0x4381e97c),
-     TOBN(0x59e99b11, 0x62c5a4b8), TOBN(0x90d262f7, 0xfd0ec9f9),
-     TOBN(0xfbc854c9, 0x283e13c9), TOBN(0x2d04fde7, 0xaedc7085),
-     TOBN(0x057d7765, 0x47dcbecb), TOBN(0x8dbdf591, 0x9a76fa5f),
-     TOBN(0xd0150695, 0x0de1e578), TOBN(0x2e1463e7, 0xe9f72bc6),
-     TOBN(0xffa68441, 0x1b39eca5), TOBN(0x673c8530, 0x7c037f2f),
-     TOBN(0xd0d6a600, 0x747f91da), TOBN(0xb08d43e1, 0xc9cb78e9),
-     TOBN(0x0fc0c644, 0x27b5cef5), TOBN(0x5c1d160a, 0xa60a2fd6),
-     TOBN(0xf98cae53, 0x28c8e13b), TOBN(0x375f10c4, 0xb2eddcd1),
-     TOBN(0xd4eb8b7f, 0x5cce06ad), TOBN(0xb4669f45, 0x80a2e1ef),
-     TOBN(0xd593f9d0, 0x5bbd8699), TOBN(0x5528a4c9, 0xe7976d13),
-     TOBN(0x3923e095, 0x1c7e28d3), TOBN(0xb9293790, 0x3f6bb577),
-     TOBN(0xdb567d6a, 0xc42bd6d2), TOBN(0x6df86468, 0xbb1f96ae),
-     TOBN(0x0efe5b1a, 0x4843b28e), TOBN(0x961bbb05, 0x6379b240),
-     TOBN(0xb6caf5f0, 0x70a6a26b), TOBN(0x70686c0d, 0x328e6e39),
-     TOBN(0x80da06cf, 0x895fc8d3), TOBN(0x804d8810, 0xb363fdc9),
-     TOBN(0xbe22877b, 0x207f1670), TOBN(0x9b0dd188, 0x4e615291),
-     TOBN(0x625ae8dc, 0x97a3c2bf), TOBN(0x08584ef7, 0x439b86e8),
-     TOBN(0xde7190a5, 0xdcd898ff), TOBN(0x26286c40, 0x2058ee3d),
-     TOBN(0x3db0b217, 0x5f87b1c1), TOBN(0xcc334771, 0x102a6db5),
-     TOBN(0xd99de954, 0x2f770fb1), TOBN(0x97c1c620, 0x4cd7535e),
-     TOBN(0xd3b6c448, 0x3f09cefc), TOBN(0xd725af15, 0x5a63b4f8),
-     TOBN(0x0c95d24f, 0xc01e20ec), TOBN(0xdfd37494, 0x9ae7121f),
-     TOBN(0x7d6ddb72, 0xec77b7ec), TOBN(0xfe079d3b, 0x0353a4ae),
-     TOBN(0x3066e70a, 0x2e6ac8d2), TOBN(0x9c6b5a43, 0x106e5c05),
-     TOBN(0x52d3c6f5, 0xede59b8c), TOBN(0x30d6a5c3, 0xfccec9ae),
-     TOBN(0xedec7c22, 0x4fc0a9ef), TOBN(0x190ff083, 0x95c16ced),
-     TOBN(0xbe12ec8f, 0x94de0fde), TOBN(0x0d131ab8, 0x852d3433),
-     TOBN(0x42ace07e, 0x85701291), TOBN(0x94793ed9, 0x194061a8),
-     TOBN(0x30e83ed6, 0xd7f4a485), TOBN(0x9eec7269, 0xf9eeff4d),
-     TOBN(0x90acba59, 0x0c9d8005), TOBN(0x5feca458, 0x1e79b9d1),
-     TOBN(0x8fbe5427, 0x1d506a1e), TOBN(0xa32b2c8e, 0x2439cfa7),
-     TOBN(0x1671c173, 0x73dd0b4e), TOBN(0x37a28214, 0x44a054c6),
-     TOBN(0x81760a1b, 0x4e8b53f1), TOBN(0xa6c04224, 0xf9f93b9e),
-     TOBN(0x18784b34, 0xcf671e3c), TOBN(0x81bbecd2, 0xcda9b994),
-     TOBN(0x38831979, 0xb2ab3848), TOBN(0xef54feb7, 0xf2e03c2d),
-     TOBN(0xcf197ca7, 0xfb8088fa), TOBN(0x01427247, 0x4ddc96c5),
-     TOBN(0xa2d2550a, 0x30777176), TOBN(0x53469898, 0x4d0cf71d),
-     TOBN(0x6ce937b8, 0x3a2aaac6), TOBN(0xe9f91dc3, 0x5af38d9b),
-     TOBN(0x2598ad83, 0xc8bf2899), TOBN(0x8e706ac9, 0xb5536c16),
-     TOBN(0x40dc7495, 0xf688dc98), TOBN(0x26490cd7, 0x124c4afc),
-     TOBN(0xe651ec84, 0x1f18775c), TOBN(0x393ea6c3, 0xb4fdaf4a),
-     TOBN(0x1e1f3343, 0x7f338e0d), TOBN(0x39fb832b, 0x6053e7b5),
-     TOBN(0x46e702da, 0x619e14d5), TOBN(0x859cacd1, 0xcdeef6e0),
-     TOBN(0x63b99ce7, 0x4462007d), TOBN(0xb8ab48a5, 0x4cb5f5b7),
-     TOBN(0x9ec673d2, 0xf55edde7), TOBN(0xd1567f74, 0x8cfaefda),
-     TOBN(0x46381b6b, 0x0887bcec), TOBN(0x694497ce, 0xe178f3c2),
-     TOBN(0x5e6525e3, 0x1e6266cb), TOBN(0x5931de26, 0x697d6413),
-     TOBN(0x87f8df7c, 0x0e58d493), TOBN(0xb1ae5ed0, 0x58b73f12),
-     TOBN(0xc368f784, 0xdea0c34d), TOBN(0x9bd0a120, 0x859a91a0),
-     TOBN(0xb00d88b7, 0xcc863c68), TOBN(0x3a1cc11e, 0x3d1f4d65),
-     TOBN(0xea38e0e7, 0x0aa85593), TOBN(0x37f13e98, 0x7dc4aee8),
-     TOBN(0x10d38667, 0xbc947bad), TOBN(0x738e07ce, 0x2a36ee2e),
-     TOBN(0xc93470cd, 0xc577fcac), TOBN(0xdee1b616, 0x2782470d),
-     TOBN(0x36a25e67, 0x2e793d12), TOBN(0xd6aa6cae, 0xe0f186da),
-     TOBN(0x474d0fd9, 0x80e07af7), TOBN(0xf7cdc47d, 0xba8a5cd4),
-     TOBN(0x28af6d9d, 0xab15247f), TOBN(0x7c789c10, 0x493a537f),
-     TOBN(0x7ac9b110, 0x23a334e7), TOBN(0x0236ac09, 0x12c9c277),
-     TOBN(0xa7e5bd25, 0x1d7a5144), TOBN(0x098b9c2a, 0xf13ec4ec),
-     TOBN(0x3639daca, 0xd3f0abca), TOBN(0x642da81a, 0xa23960f9),
-     TOBN(0x7d2e5c05, 0x4f7269b1), TOBN(0xfcf30777, 0xe287c385),
-     TOBN(0x10edc84f, 0xf2a46f21), TOBN(0x35441757, 0x4f43fa36),
-     TOBN(0xf1327899, 0xfd703431), TOBN(0xa438d7a6, 0x16dd587a),
-     TOBN(0x65c34c57, 0xe9c8352d), TOBN(0xa728edab, 0x5cc5a24e),
-     TOBN(0xaed78abc, 0x42531689), TOBN(0x0a51a0e8, 0x010963ef),
-     TOBN(0x5776fa0a, 0xd717d9b3), TOBN(0xf356c239, 0x7dd3428b),
-     TOBN(0x29903fff, 0x8d3a3dac), TOBN(0x409597fa, 0x3d94491f),
-     TOBN(0x4cd7a5ff, 0xbf4a56a4), TOBN(0xe5096474, 0x8adab462),
-     TOBN(0xa97b5126, 0x5c3427b0), TOBN(0x6401405c, 0xd282c9bd),
-     TOBN(0x3629f8d7, 0x222c5c45), TOBN(0xb1c02c16, 0xe8d50aed),
-     TOBN(0xbea2ed75, 0xd9635bc9), TOBN(0x226790c7, 0x6e24552f),
-     TOBN(0x3c33f2a3, 0x65f1d066), TOBN(0x2a43463e, 0x6dfccc2e),
-     TOBN(0x8cc3453a, 0xdb483761), TOBN(0xe7cc6085, 0x65d5672b),
-     TOBN(0x277ed6cb, 0xde3efc87), TOBN(0x19f2f368, 0x69234eaf),
-     TOBN(0x9aaf4317, 0x5c0b800b), TOBN(0x1f1e7c89, 0x8b6da6e2),
-     TOBN(0x6cfb4715, 0xb94ec75e), TOBN(0xd590dd5f, 0x453118c2),
-     TOBN(0x14e49da1, 0x1f17a34c), TOBN(0x5420ab39, 0x235a1456),
-     TOBN(0xb7637241, 0x2f50363b), TOBN(0x7b15d623, 0xc3fabb6e),
-     TOBN(0xa0ef40b1, 0xe274e49c), TOBN(0x5cf50744, 0x96b1860a),
-     TOBN(0xd6583fbf, 0x66afe5a4), TOBN(0x44240510, 0xf47e3e9a),
-     TOBN(0x99254343, 0x11b2d595), TOBN(0xf1367499, 0xeec8df57),
-     TOBN(0x3cb12c61, 0x3e73dd05), TOBN(0xd248c033, 0x7dac102a),
-     TOBN(0xcf154f13, 0xa77739f5), TOBN(0xbf4288cb, 0x23d2af42),
-     TOBN(0xaa64c9b6, 0x32e4a1cf), TOBN(0xee8c07a8, 0xc8a208f3),
-     TOBN(0xe10d4999, 0x6fe8393f), TOBN(0x0f809a3f, 0xe91f3a32),
-     TOBN(0x61096d1c, 0x802f63c8), TOBN(0x289e1462, 0x57750d3d),
-     TOBN(0xed06167e, 0x9889feea), TOBN(0xd5c9c0e2, 0xe0993909),
-     TOBN(0x46fca0d8, 0x56508ac6), TOBN(0x91826047, 0x4f1b8e83),
-     TOBN(0x4f2c877a, 0x9a4a2751), TOBN(0x71bd0072, 0xcae6fead),
-     TOBN(0x38df8dcc, 0x06aa1941), TOBN(0x5a074b4c, 0x63beeaa8),
-     TOBN(0xd6d65934, 0xc1cec8ed), TOBN(0xa6ecb49e, 0xaabc03bd),
-     TOBN(0xaade91c2, 0xde8a8415), TOBN(0xcfb0efdf, 0x691136e0),
-     TOBN(0x11af45ee, 0x23ab3495), TOBN(0xa132df88, 0x0b77463d),
-     TOBN(0x8923c15c, 0x815d06f4), TOBN(0xc3ceb3f5, 0x0d61a436),
-     TOBN(0xaf52291d, 0xe88fb1da), TOBN(0xea057974, 0x1da12179),
-     TOBN(0xb0d7218c, 0xd2fef720), TOBN(0x6c0899c9, 0x8e1d8845),
-     TOBN(0x98157504, 0x752ddad7), TOBN(0xd60bd74f, 0xa1a68a97),
-     TOBN(0x7047a3a9, 0xf658fb99), TOBN(0x1f5d86d6, 0x5f8511e4),
-     TOBN(0xb8a4bc42, 0x4b5a6d88), TOBN(0x69eb2c33, 0x1abefa7d),
-     TOBN(0x95bf39e8, 0x13c9c510), TOBN(0xf571960a, 0xd48aab43),
-     TOBN(0x7e8cfbcf, 0x704e23c6), TOBN(0xc71b7d22, 0x28aaa65b),
-     TOBN(0xa041b2bd, 0x245e3c83), TOBN(0x69b98834, 0xd21854ff),
-     TOBN(0x89d227a3, 0x963bfeec), TOBN(0x99947aaa, 0xde7da7cb),
-     TOBN(0x1d9ee9db, 0xee68a9b1), TOBN(0x0a08f003, 0x698ec368),
-     TOBN(0xe9ea4094, 0x78ef2487), TOBN(0xc8d2d415, 0x02cfec26),
-     TOBN(0xc52f9a6e, 0xb7dcf328), TOBN(0x0ed489e3, 0x85b6a937),
-     TOBN(0x9b94986b, 0xbef3366e), TOBN(0x0de59c70, 0xedddddb8),
-     TOBN(0xffdb748c, 0xeadddbe2), TOBN(0x9b9784bb, 0x8266ea40),
-     TOBN(0x142b5502, 0x1a93507a), TOBN(0xb4cd1187, 0x8d3c06cf),
-     TOBN(0xdf70e76a, 0x91ec3f40), TOBN(0x484e81ad, 0x4e7553c2),
-     TOBN(0x830f87b5, 0x272e9d6e), TOBN(0xea1c93e5, 0xc6ff514a),
-     TOBN(0x67cc2adc, 0xc4192a8e), TOBN(0xc77e27e2, 0x42f4535a),
-     TOBN(0x9cdbab36, 0xd2b713c5), TOBN(0x86274ea0, 0xcf7b0cd3),
-     TOBN(0x784680f3, 0x09af826b), TOBN(0xbfcc837a, 0x0c72dea3),
-     TOBN(0xa8bdfe9d, 0xd6529b73), TOBN(0x708aa228, 0x63a88002),
-     TOBN(0x6c7a9a54, 0xc91d45b9), TOBN(0xdf1a38bb, 0xfd004f56),
-     TOBN(0x2e8c9a26, 0xb8bad853), TOBN(0x2d52cea3, 0x3723eae7),
-     TOBN(0x054d6d81, 0x56ca2830), TOBN(0xa3317d14, 0x9a8dc411),
-     TOBN(0xa08662fe, 0xfd4ddeda), TOBN(0xed2a153a, 0xb55d792b),
-     TOBN(0x7035c16a, 0xbfc6e944), TOBN(0xb6bc5834, 0x00171cf3),
-     TOBN(0xe27152b3, 0x83d102b6), TOBN(0xfe695a47, 0x0646b848),
-     TOBN(0xa5bb09d8, 0x916e6d37), TOBN(0xb4269d64, 0x0d17015e),
-     TOBN(0x8d8156a1, 0x0a1d2285), TOBN(0xfeef6c51, 0x46d26d72),
-     TOBN(0x9dac57c8, 0x4c5434a7), TOBN(0x0282e5be, 0x59d39e31),
-     TOBN(0xedfff181, 0x721c486d), TOBN(0x301baf10, 0xbc58824e),
-     TOBN(0x8136a6aa, 0x00570031), TOBN(0x55aaf78c, 0x1cddde68),
-     TOBN(0x26829371, 0x59c63952), TOBN(0x3a3bd274, 0x8bc25baf),
-     TOBN(0xecdf8657, 0xb7e52dc3), TOBN(0x2dd8c087, 0xfd78e6c8),
-     TOBN(0x20553274, 0xf5531461), TOBN(0x8b4a1281, 0x5d95499b),
-     TOBN(0xe2c8763a, 0x1a80f9d2), TOBN(0xd1dbe32b, 0x4ddec758),
-     TOBN(0xaf12210d, 0x30c34169), TOBN(0xba74a953, 0x78baa533),
-     TOBN(0x3d133c6e, 0xa438f254), TOBN(0xa431531a, 0x201bef5b),
-     TOBN(0x15295e22, 0xf669d7ec), TOBN(0xca374f64, 0x357fb515),
-     TOBN(0x8a8406ff, 0xeaa3fdb3), TOBN(0x106ae448, 0xdf3f2da8),
-     TOBN(0x8f9b0a90, 0x33c8e9a1), TOBN(0x234645e2, 0x71ad5885),
-     TOBN(0x3d083224, 0x1c0aed14), TOBN(0xf10a7d3e, 0x7a942d46),
-     TOBN(0x7c11deee, 0x40d5c9be), TOBN(0xb2bae7ff, 0xba84ed98),
-     TOBN(0x93e97139, 0xaad58ddd), TOBN(0x3d872796, 0x3f6d1fa3),
-     TOBN(0x483aca81, 0x8569ff13), TOBN(0x8b89a5fb, 0x9a600f72),
-     TOBN(0x4cbc27c3, 0xc06f2b86), TOBN(0x22130713, 0x63ad9c0b),
-     TOBN(0xb5358b1e, 0x48ac2840), TOBN(0x18311294, 0xecba9477),
-     TOBN(0xda58f990, 0xa6946b43), TOBN(0x3098baf9, 0x9ab41819),
-     TOBN(0x66c4c158, 0x4198da52), TOBN(0xab4fc17c, 0x146bfd1b),
-     TOBN(0x2f0a4c3c, 0xbf36a908), TOBN(0x2ae9e34b, 0x58cf7838),
-     TOBN(0xf411529e, 0x3fa11b1f), TOBN(0x21e43677, 0x974af2b4),
-     TOBN(0x7c20958e, 0xc230793b), TOBN(0x710ea885, 0x16e840f3),
-     TOBN(0xfc0b21fc, 0xc5dc67cf), TOBN(0x08d51647, 0x88405718),
-     TOBN(0xd955c21f, 0xcfe49eb7), TOBN(0x9722a5d5, 0x56dd4a1f),
-     TOBN(0xc9ef50e2, 0xc861baa5), TOBN(0xc0c21a5d, 0x9505ac3e),
-     TOBN(0xaf6b9a33, 0x8b7c063f), TOBN(0xc6370339, 0x2f4779c1),
-     TOBN(0x22df99c7, 0x638167c3), TOBN(0xfe6ffe76, 0x795db30c),
-     TOBN(0x2b822d33, 0xa4854989), TOBN(0xfef031dd, 0x30563aa5),
-     TOBN(0x16b09f82, 0xd57c667f), TOBN(0xc70312ce, 0xcc0b76f1),
-     TOBN(0xbf04a9e6, 0xc9118aec), TOBN(0x82fcb419, 0x3409d133),
-     TOBN(0x1a8ab385, 0xab45d44d), TOBN(0xfba07222, 0x617b83a3),
-     TOBN(0xb05f50dd, 0x58e81b52), TOBN(0x1d8db553, 0x21ce5aff),
-     TOBN(0x3097b8d4, 0xe344a873), TOBN(0x7d8d116d, 0xfe36d53e),
-     TOBN(0x6db22f58, 0x7875e750), TOBN(0x2dc5e373, 0x43e144ea),
-     TOBN(0xc05f32e6, 0xe799eb95), TOBN(0xe9e5f4df, 0x6899e6ec),
-     TOBN(0xbdc3bd68, 0x1fab23d5), TOBN(0xb72b8ab7, 0x73af60e6),
-     TOBN(0x8db27ae0, 0x2cecc84a), TOBN(0x600016d8, 0x7bdb871c),
-     TOBN(0x42a44b13, 0xd7c46f58), TOBN(0xb8919727, 0xc3a77d39),
-     TOBN(0xcfc6bbbd, 0xdafd6088), TOBN(0x1a740146, 0x6bd20d39),
-     TOBN(0x8c747abd, 0x98c41072), TOBN(0x4c91e765, 0xbdf68ea1),
-     TOBN(0x7c95e5ca, 0x08819a78), TOBN(0xcf48b729, 0xc9587921),
-     TOBN(0x091c7c5f, 0xdebbcc7d), TOBN(0x6f287404, 0xf0e05149),
-     TOBN(0xf83b5ac2, 0x26cd44ec), TOBN(0x88ae32a6, 0xcfea250e),
-     TOBN(0x6ac5047a, 0x1d06ebc5), TOBN(0xc7e550b4, 0xd434f781),
-     TOBN(0x61ab1cf2, 0x5c727bd2), TOBN(0x2e4badb1, 0x1cf915b0),
-     TOBN(0x1b4dadec, 0xf69d3920), TOBN(0xe61b1ca6, 0xf14c1dfe),
-     TOBN(0x90b479cc, 0xbd6bd51f), TOBN(0x8024e401, 0x8045ec30),
-     TOBN(0xcab29ca3, 0x25ef0e62), TOBN(0x4f2e9416, 0x49e4ebc0),
-     TOBN(0x45eb40ec, 0x0ccced58), TOBN(0x25cd4b9c, 0x0da44f98),
-     TOBN(0x43e06458, 0x871812c6), TOBN(0x99f80d55, 0x16cef651),
-     TOBN(0x571340c9, 0xce6dc153), TOBN(0x138d5117, 0xd8665521),
-     TOBN(0xacdb45bc, 0x4e07014d), TOBN(0x2f34bb38, 0x84b60b91),
-     TOBN(0xf44a4fd2, 0x2ae8921e), TOBN(0xb039288e, 0x892ba1e2),
-     TOBN(0x9da50174, 0xb1c180b2), TOBN(0x6b70ab66, 0x1693dc87),
-     TOBN(0x7e9babc9, 0xe7057481), TOBN(0x4581ddef, 0x9c80dc41),
-     TOBN(0x0c890da9, 0x51294682), TOBN(0x0b5629d3, 0x3f4736e5),
-     TOBN(0x2340c79e, 0xb06f5b41), TOBN(0xa42e84ce, 0x4e243469),
-     TOBN(0xf9a20135, 0x045a71a9), TOBN(0xefbfb415, 0xd27b6fb6),
-     TOBN(0x25ebea23, 0x9d33cd6f), TOBN(0x9caedb88, 0xaa6c0af8),
-     TOBN(0x53dc7e9a, 0xd9ce6f96), TOBN(0x3897f9fd, 0x51e0b15a),
-     TOBN(0xf51cb1f8, 0x8e5d788e), TOBN(0x1aec7ba8, 0xe1d490ee),
-     TOBN(0x265991e0, 0xcc58cb3c), TOBN(0x9f306e8c, 0x9fc3ad31),
-     TOBN(0x5fed006e, 0x5040a0ac), TOBN(0xca9d5043, 0xfb476f2e),
-     TOBN(0xa19c06e8, 0xbeea7a23), TOBN(0xd2865801, 0x0edabb63),
-     TOBN(0xdb92293f, 0x6967469a), TOBN(0x2894d839, 0x8d8a8ed8),
-     TOBN(0x87c9e406, 0xbbc77122), TOBN(0x8671c6f1, 0x2ea3a26a),
-     TOBN(0xe42df8d6, 0xd7de9853), TOBN(0x2e3ce346, 0xb1f2bcc7),
-     TOBN(0xda601dfc, 0x899d50cf), TOBN(0xbfc913de, 0xfb1b598f),
-     TOBN(0x81c4909f, 0xe61f7908), TOBN(0x192e304f, 0x9bbc7b29),
-     TOBN(0xc3ed8738, 0xc104b338), TOBN(0xedbe9e47, 0x783f5d61),
-     TOBN(0x0c06e9be, 0x2db30660), TOBN(0xda3e613f, 0xc0eb7d8e),
-     TOBN(0xd8fa3e97, 0x322e096e), TOBN(0xfebd91e8, 0xd336e247),
-     TOBN(0x8f13ccc4, 0xdf655a49), TOBN(0xa9e00dfc, 0x5eb20210),
-     TOBN(0x84631d0f, 0xc656b6ea), TOBN(0x93a058cd, 0xd8c0d947),
-     TOBN(0x6846904a, 0x67bd3448), TOBN(0x4a3d4e1a, 0xf394fd5c),
-     TOBN(0xc102c1a5, 0xdb225f52), TOBN(0xe3455bba, 0xfc4f5e9a),
-     TOBN(0x6b36985b, 0x4b9ad1ce), TOBN(0xa9818536, 0x5bb7f793),
-     TOBN(0x6c25e1d0, 0x48b1a416), TOBN(0x1381dd53, 0x3c81bee7),
-     TOBN(0xd2a30d61, 0x7a4a7620), TOBN(0xc8412926, 0x39b8944c),
-     TOBN(0x3c1c6fbe, 0x7a97c33a), TOBN(0x941e541d, 0x938664e7),
-     TOBN(0x417499e8, 0x4a34f239), TOBN(0x15fdb83c, 0xb90402d5),
-     TOBN(0xb75f46bf, 0x433aa832), TOBN(0xb61e15af, 0x63215db1),
-     TOBN(0xaabe59d4, 0xa127f89a), TOBN(0x5d541e0c, 0x07e816da),
-     TOBN(0xaaba0659, 0xa618b692), TOBN(0x55327733, 0x17266026),
-     TOBN(0xaf53a0fc, 0x95f57552), TOBN(0x32947650, 0x6cacb0c9),
-     TOBN(0x253ff58d, 0xc821be01), TOBN(0xb0309531, 0xa06f1146),
-     TOBN(0x59bbbdf5, 0x05c2e54d), TOBN(0x158f27ad, 0x26e8dd22),
-     TOBN(0xcc5b7ffb, 0x397e1e53), TOBN(0xae03f65b, 0x7fc1e50d),
-     TOBN(0xa9784ebd, 0x9c95f0f9), TOBN(0x5ed9deb2, 0x24640771),
-     TOBN(0x31244af7, 0x035561c4), TOBN(0x87332f3a, 0x7ee857de),
-     TOBN(0x09e16e9e, 0x2b9e0d88), TOBN(0x52d910f4, 0x56a06049),
-     TOBN(0x507ed477, 0xa9592f48), TOBN(0x85cb917b, 0x2365d678),
-     TOBN(0xf8511c93, 0x4c8998d1), TOBN(0x2186a3f1, 0x730ea58f),
-     TOBN(0x50189626, 0xb2029db0), TOBN(0x9137a6d9, 0x02ceb75a),
-     TOBN(0x2fe17f37, 0x748bc82c), TOBN(0x87c2e931, 0x80469f8c),
-     TOBN(0x850f71cd, 0xbf891aa2), TOBN(0x0ca1b89b, 0x75ec3d8d),
-     TOBN(0x516c43aa, 0x5e1cd3cd), TOBN(0x89397808, 0x9a887c28),
-     TOBN(0x0059c699, 0xddea1f9f), TOBN(0x7737d6fa, 0x8e6868f7),
-     TOBN(0x6d93746a, 0x60f1524b), TOBN(0x36985e55, 0xba052aa7),
-     TOBN(0x41b1d322, 0xed923ea5), TOBN(0x3429759f, 0x25852a11),
-     TOBN(0xbeca6ec3, 0x092e9f41), TOBN(0x3a238c66, 0x62256bbd),
-     TOBN(0xd82958ea, 0x70ad487d), TOBN(0x4ac8aaf9, 0x65610d93),
-     TOBN(0x3fa101b1, 0x5e4ccab0), TOBN(0x9bf430f2, 0x9de14bfb),
-     TOBN(0xa10f5cc6, 0x6531899d), TOBN(0x590005fb, 0xea8ce17d),
-     TOBN(0xc437912f, 0x24544cb6), TOBN(0x9987b71a, 0xd79ac2e3),
-     TOBN(0x13e3d9dd, 0xc058a212), TOBN(0x00075aac, 0xd2de9606),
-     TOBN(0x80ab508b, 0x6cac8369), TOBN(0x87842be7, 0xf54f6c89),
-     TOBN(0xa7ad663d, 0x6bc532a4), TOBN(0x67813de7, 0x78a91bc8),
-     TOBN(0x5dcb61ce, 0xc3427239), TOBN(0x5f3c7cf0, 0xc56934d9),
-     TOBN(0xc079e0fb, 0xe3191591), TOBN(0xe40896bd, 0xb01aada7),
-     TOBN(0x8d466791, 0x0492d25f), TOBN(0x8aeb30c9, 0xe7408276),
-     TOBN(0xe9437495, 0x9287aacc), TOBN(0x23d4708d, 0x79fe03d4),
-     TOBN(0x8cda9cf2, 0xd0c05199), TOBN(0x502fbc22, 0xfae78454),
-     TOBN(0xc0bda9df, 0xf572a182), TOBN(0x5f9b71b8, 0x6158b372),
-     TOBN(0xe0f33a59, 0x2b82dd07), TOBN(0x76302735, 0x9523032e),
-     TOBN(0x7fe1a721, 0xc4505a32), TOBN(0x7b6e3e82, 0xf796409f),}
-    ,
-    {TOBN(0xe3417bc0, 0x35d0b34a), TOBN(0x440b386b, 0x8327c0a7),
-     TOBN(0x8fb7262d, 0xac0362d1), TOBN(0x2c41114c, 0xe0cdf943),
-     TOBN(0x2ba5cef1, 0xad95a0b1), TOBN(0xc09b37a8, 0x67d54362),
-     TOBN(0x26d6cdd2, 0x01e486c9), TOBN(0x20477abf, 0x42ff9297),
-     TOBN(0xa004dcb3, 0x292a9287), TOBN(0xddc15cf6, 0x77b092c7),
-     TOBN(0x083a8464, 0x806c0605), TOBN(0x4a68df70, 0x3db997b0),
-     TOBN(0x9c134e45, 0x05bf7dd0), TOBN(0xa4e63d39, 0x8ccf7f8c),
-     TOBN(0xa6e6517f, 0x41b5f8af), TOBN(0xaa8b9342, 0xad7bc1cc),
-     TOBN(0x126f35b5, 0x1e706ad9), TOBN(0xb99cebb4, 0xc3a9ebdf),
-     TOBN(0xa75389af, 0xbf608d90), TOBN(0x76113c4f, 0xc6c89858),
-     TOBN(0x80de8eb0, 0x97e2b5aa), TOBN(0x7e1022cc, 0x63b91304),
-     TOBN(0x3bdab605, 0x6ccc066c), TOBN(0x33cbb144, 0xb2edf900),
-     TOBN(0xc4176471, 0x7af715d2), TOBN(0xe2f7f594, 0xd0134a96),
-     TOBN(0x2c1873ef, 0xa41ec956), TOBN(0xe4e7b4f6, 0x77821304),
-     TOBN(0xe5c8ff97, 0x88d5374a), TOBN(0x2b915e63, 0x80823d5b),
-     TOBN(0xea6bc755, 0xb2ee8fe2), TOBN(0x6657624c, 0xe7112651),
-     TOBN(0x157af101, 0xdace5aca), TOBN(0xc4fdbcf2, 0x11a6a267),
-     TOBN(0xdaddf340, 0xc49c8609), TOBN(0x97e49f52, 0xe9604a65),
-     TOBN(0x9be8e790, 0x937e2ad5), TOBN(0x846e2508, 0x326e17f1),
-     TOBN(0x3f38007a, 0x0bbbc0dc), TOBN(0xcf03603f, 0xb11e16d6),
-     TOBN(0xd6f800e0, 0x7442f1d5), TOBN(0x475607d1, 0x66e0e3ab),
-     TOBN(0x82807f16, 0xb7c64047), TOBN(0x8858e1e3, 0xa749883d),
-     TOBN(0x5859120b, 0x8231ee10), TOBN(0x1b80e7eb, 0x638a1ece),
-     TOBN(0xcb72525a, 0xc6aa73a4), TOBN(0xa7cdea3d, 0x844423ac),
-     TOBN(0x5ed0c007, 0xf8ae7c38), TOBN(0x6db07a5c, 0x3d740192),
-     TOBN(0xbe5e9c2a, 0x5fe36db3), TOBN(0xd5b9d57a, 0x76e95046),
-     TOBN(0x54ac32e7, 0x8eba20f2), TOBN(0xef11ca8f, 0x71b9a352),
-     TOBN(0x305e373e, 0xff98a658), TOBN(0xffe5a100, 0x823eb667),
-     TOBN(0x57477b11, 0xe51732d2), TOBN(0xdfd6eb28, 0x2538fc0e),
-     TOBN(0x5c43b0cc, 0x3b39eec5), TOBN(0x6af12778, 0xcb36cc57),
-     TOBN(0x70b0852d, 0x06c425ae), TOBN(0x6df92f8c, 0x5c221b9b),
-     TOBN(0x6c8d4f9e, 0xce826d9c), TOBN(0xf59aba7b, 0xb49359c3),
-     TOBN(0x5c8ed8d5, 0xda64309d), TOBN(0x61a6de56, 0x91b30704),
-     TOBN(0xd6b52f6a, 0x2f9b5808), TOBN(0x0eee4194, 0x98c958a7),
-     TOBN(0xcddd9aab, 0x771e4caa), TOBN(0x83965dfd, 0x78bc21be),
-     TOBN(0x02affce3, 0xb3b504f5), TOBN(0x30847a21, 0x561c8291),
-     TOBN(0xd2eb2cf1, 0x52bfda05), TOBN(0xe0e4c4e9, 0x6197b98c),
-     TOBN(0x1d35076c, 0xf8a1726f), TOBN(0x6c06085b, 0x2db11e3d),
-     TOBN(0x15c0c4d7, 0x4463ba14), TOBN(0x9d292f83, 0x0030238c),
-     TOBN(0x1311ee8b, 0x3727536d), TOBN(0xfeea86ef, 0xbeaedc1e),
-     TOBN(0xb9d18cd3, 0x66131e2e), TOBN(0xf31d974f, 0x80fe2682),
-     TOBN(0xb6e49e0f, 0xe4160289), TOBN(0x7c48ec0b, 0x08e92799),
-     TOBN(0x818111d8, 0xd1989aa7), TOBN(0xb34fa0aa, 0xebf926f9),
-     TOBN(0xdb5fe2f5, 0xa245474a), TOBN(0xf80a6ebb, 0x3c7ca756),
-     TOBN(0xa7f96054, 0xafa05dd8), TOBN(0x26dfcf21, 0xfcaf119e),
-     TOBN(0xe20ef2e3, 0x0564bb59), TOBN(0xef4dca50, 0x61cb02b8),
-     TOBN(0xcda7838a, 0x65d30672), TOBN(0x8b08d534, 0xfd657e86),
-     TOBN(0x4c5b4395, 0x46d595c8), TOBN(0x39b58725, 0x425cb836),
-     TOBN(0x8ea61059, 0x3de9abe3), TOBN(0x40434881, 0x9cdc03be),
-     TOBN(0x9b261245, 0xcfedce8c), TOBN(0x78c318b4, 0xcf5234a1),
-     TOBN(0x510bcf16, 0xfde24c99), TOBN(0x2a77cb75, 0xa2c2ff5d),
-     TOBN(0x9c895c2b, 0x27960fb4), TOBN(0xd30ce975, 0xb0eda42b),
-     TOBN(0xfda85393, 0x1a62cc26), TOBN(0x23c69b96, 0x50c0e052),
-     TOBN(0xa227df15, 0xbfc633f3), TOBN(0x2ac78848, 0x1bae7d48),
-     TOBN(0x487878f9, 0x187d073d), TOBN(0x6c2be919, 0x967f807d),
-     TOBN(0x765861d8, 0x336e6d8f), TOBN(0x88b8974c, 0xce528a43),
-     TOBN(0x09521177, 0xff57d051), TOBN(0x2ff38037, 0xfb6a1961),
-     TOBN(0xfc0aba74, 0xa3d76ad4), TOBN(0x7c764803, 0x25a7ec17),
-     TOBN(0x7532d75f, 0x48879bc8), TOBN(0xea7eacc0, 0x58ce6bc1),
-     TOBN(0xc82176b4, 0x8e896c16), TOBN(0x9a30e0b2, 0x2c750fed),
-     TOBN(0xc37e2c2e, 0x421d3aa4), TOBN(0xf926407c, 0xe84fa840),
-     TOBN(0x18abc03d, 0x1454e41c), TOBN(0x26605ecd, 0x3f7af644),
-     TOBN(0x242341a6, 0xd6a5eabf), TOBN(0x1edb84f4, 0x216b668e),
-     TOBN(0xd836edb8, 0x04010102), TOBN(0x5b337ce7, 0x945e1d8c),
-     TOBN(0xd2075c77, 0xc055dc14), TOBN(0x2a0ffa25, 0x81d89cdf),
-     TOBN(0x8ce815ea, 0x6ffdcbaf), TOBN(0xa3428878, 0xfb648867),
-     TOBN(0x277699cf, 0x884655fb), TOBN(0xfa5b5bd6, 0x364d3e41),
-     TOBN(0x01f680c6, 0x441e1cb7), TOBN(0x3fd61e66, 0xb70a7d67),
-     TOBN(0x666ba2dc, 0xcc78cf66), TOBN(0xb3018174, 0x6fdbff77),
-     TOBN(0x8d4dd0db, 0x168d4668), TOBN(0x259455d0, 0x1dab3a2a),
-     TOBN(0xf58564c5, 0xcde3acec), TOBN(0x77141925, 0x13adb276),
-     TOBN(0x527d725d, 0x8a303f65), TOBN(0x55deb6c9, 0xe6f38f7b),
-     TOBN(0xfd5bb657, 0xb1fa70fb), TOBN(0xfa07f50f, 0xd8073a00),
-     TOBN(0xf72e3aa7, 0xbca02500), TOBN(0xf68f895d, 0x9975740d),
-     TOBN(0x30112060, 0x5cae2a6a), TOBN(0x01bd7218, 0x02874842),
-     TOBN(0x3d423891, 0x7ce47bd3), TOBN(0xa66663c1, 0x789544f6),
-     TOBN(0x864d05d7, 0x3272d838), TOBN(0xe22924f9, 0xfa6295c5),
-     TOBN(0x8189593f, 0x6c2fda32), TOBN(0x330d7189, 0xb184b544),
-     TOBN(0x79efa62c, 0xbde1f714), TOBN(0x35771c94, 0xe5cb1a63),
-     TOBN(0x2f4826b8, 0x641c8332), TOBN(0x00a894fb, 0xc8cee854),
-     TOBN(0xb4b9a39b, 0x36194d40), TOBN(0xe857a7c5, 0x77612601),
-     TOBN(0xf4209dd2, 0x4ecf2f58), TOBN(0x82b9e66d, 0x5a033487),
-     TOBN(0xc1e36934, 0xe4e8b9dd), TOBN(0xd2372c9d, 0xa42377d7),
-     TOBN(0x51dc94c7, 0x0e3ae43b), TOBN(0x4c57761e, 0x04474f6f),
-     TOBN(0xdcdacd0a, 0x1058a318), TOBN(0x369cf3f5, 0x78053a9a),
-     TOBN(0xc6c3de50, 0x31c68de2), TOBN(0x4653a576, 0x3c4b6d9f),
-     TOBN(0x1688dd5a, 0xaa4e5c97), TOBN(0x5be80aa1, 0xb7ab3c74),
-     TOBN(0x70cefe7c, 0xbc65c283), TOBN(0x57f95f13, 0x06867091),
-     TOBN(0xa39114e2, 0x4415503b), TOBN(0xc08ff7c6, 0x4cbb17e9),
-     TOBN(0x1eff674d, 0xd7dec966), TOBN(0x6d4690af, 0x53376f63),
-     TOBN(0xff6fe32e, 0xea74237b), TOBN(0xc436d17e, 0xcd57508e),
-     TOBN(0x15aa28e1, 0xedcc40fe), TOBN(0x0d769c04, 0x581bbb44),
-     TOBN(0xc240b6de, 0x34eaacda), TOBN(0xd9e116e8, 0x2ba0f1de),
-     TOBN(0xcbe45ec7, 0x79438e55), TOBN(0x91787c9d, 0x96f752d7),
-     TOBN(0x897f532b, 0xf129ac2f), TOBN(0xd307b7c8, 0x5a36e22c),
-     TOBN(0x91940675, 0x749fb8f3), TOBN(0xd14f95d0, 0x157fdb28),
-     TOBN(0xfe51d029, 0x6ae55043), TOBN(0x8931e98f, 0x44a87de1),
-     TOBN(0xe57f1cc6, 0x09e4fee2), TOBN(0x0d063b67, 0x4e072d92),
-     TOBN(0x70a998b9, 0xed0e4316), TOBN(0xe74a736b, 0x306aca46),
-     TOBN(0xecf0fbf2, 0x4fda97c7), TOBN(0xa40f65cb, 0x3e178d93),
-     TOBN(0x16253604, 0x16df4285), TOBN(0xb0c9babb, 0xd0c56ae2),
-     TOBN(0x73032b19, 0xcfc5cfc3), TOBN(0xe497e5c3, 0x09752056),
-     TOBN(0x12096bb4, 0x164bda96), TOBN(0x1ee42419, 0xa0b74da1),
-     TOBN(0x8fc36243, 0x403826ba), TOBN(0x0c8f0069, 0xdc09e660),
-     TOBN(0x8667e981, 0xc27253c9), TOBN(0x05a6aefb, 0x92b36a45),
-     TOBN(0xa62c4b36, 0x9cb7bb46), TOBN(0x8394f375, 0x11f7027b),
-     TOBN(0x747bc79c, 0x5f109d0f), TOBN(0xcad88a76, 0x5b8cc60a),
-     TOBN(0x80c5a66b, 0x58f09e68), TOBN(0xe753d451, 0xf6127eac),
-     TOBN(0xc44b74a1, 0x5b0ec6f5), TOBN(0x47989fe4, 0x5289b2b8),
-     TOBN(0x745f8484, 0x58d6fc73), TOBN(0xec362a6f, 0xf61c70ab),
-     TOBN(0x070c98a7, 0xb3a8ad41), TOBN(0x73a20fc0, 0x7b63db51),
-     TOBN(0xed2c2173, 0xf44c35f4), TOBN(0x8a56149d, 0x9acc9dca),
-     TOBN(0x98f17881, 0x9ac6e0f4), TOBN(0x360fdeaf, 0xa413b5ed),
-     TOBN(0x0625b8f4, 0xa300b0fd), TOBN(0xf1f4d76a, 0x5b3222d3),
-     TOBN(0x9d6f5109, 0x587f76b8), TOBN(0x8b4ee08d, 0x2317fdb5),
-     TOBN(0x88089bb7, 0x8c68b095), TOBN(0x95570e9a, 0x5808d9b9),
-     TOBN(0xa395c36f, 0x35d33ae7), TOBN(0x200ea123, 0x50bb5a94),
-     TOBN(0x20c789bd, 0x0bafe84b), TOBN(0x243ef52d, 0x0919276a),
-     TOBN(0x3934c577, 0xe23ae233), TOBN(0xb93807af, 0xa460d1ec),
-     TOBN(0xb72a53b1, 0xf8fa76a4), TOBN(0xd8914cb0, 0xc3ca4491),
-     TOBN(0x2e128494, 0x3fb42622), TOBN(0x3b2700ac, 0x500907d5),
-     TOBN(0xf370fb09, 0x1a95ec63), TOBN(0xf8f30be2, 0x31b6dfbd),
-     TOBN(0xf2b2f8d2, 0x69e55f15), TOBN(0x1fead851, 0xcc1323e9),
-     TOBN(0xfa366010, 0xd9e5eef6), TOBN(0x64d487b0, 0xe316107e),
-     TOBN(0x4c076b86, 0xd23ddc82), TOBN(0x03fd344c, 0x7e0143f0),
-     TOBN(0xa95362ff, 0x317af2c5), TOBN(0x0add3db7, 0xe18b7a4f),
-     TOBN(0x9c673e3f, 0x8260e01b), TOBN(0xfbeb49e5, 0x54a1cc91),
-     TOBN(0x91351bf2, 0x92f2e433), TOBN(0xc755e7ec, 0x851141eb),
-     TOBN(0xc9a95139, 0x29607745), TOBN(0x0ca07420, 0xa26f2b28),
-     TOBN(0xcb2790e7, 0x4bc6f9dd), TOBN(0x345bbb58, 0xadcaffc0),
-     TOBN(0xc65ea38c, 0xbe0f27a2), TOBN(0x67c24d7c, 0x641fcb56),
-     TOBN(0x2c25f0a7, 0xa9e2c757), TOBN(0x93f5cdb0, 0x16f16c49),
-     TOBN(0x2ca5a9d7, 0xc5ee30a1), TOBN(0xd1593635, 0xb909b729),
-     TOBN(0x804ce9f3, 0xdadeff48), TOBN(0xec464751, 0xb07c30c3),
-     TOBN(0x89d65ff3, 0x9e49af6a), TOBN(0xf2d6238a, 0x6f3d01bc),
-     TOBN(0x1095561e, 0x0bced843), TOBN(0x51789e12, 0xc8a13fd8),
-     TOBN(0xd633f929, 0x763231df), TOBN(0x46df9f7d, 0xe7cbddef),
-     TOBN(0x01c889c0, 0xcb265da8), TOBN(0xfce1ad10, 0xaf4336d2),
-     TOBN(0x8d110df6, 0xfc6a0a7e), TOBN(0xdd431b98, 0x6da425dc),
-     TOBN(0xcdc4aeab, 0x1834aabe), TOBN(0x84deb124, 0x8439b7fc),
-     TOBN(0x8796f169, 0x3c2a5998), TOBN(0x9b9247b4, 0x7947190d),
-     TOBN(0x55b9d9a5, 0x11597014), TOBN(0x7e9dd70d, 0x7b1566ee),
-     TOBN(0x94ad78f7, 0xcbcd5e64), TOBN(0x0359ac17, 0x9bd4c032),
-     TOBN(0x3b11baaf, 0x7cc222ae), TOBN(0xa6a6e284, 0xba78e812),
-     TOBN(0x8392053f, 0x24cea1a0), TOBN(0xc97bce4a, 0x33621491),
-     TOBN(0x7eb1db34, 0x35399ee9), TOBN(0x473f78ef, 0xece81ad1),
-     TOBN(0x41d72fe0, 0xf63d3d0d), TOBN(0xe620b880, 0xafab62fc),
-     TOBN(0x92096bc9, 0x93158383), TOBN(0x41a21357, 0x8f896f6c),
-     TOBN(0x1b5ee2fa, 0xc7dcfcab), TOBN(0x650acfde, 0x9546e007),
-     TOBN(0xc081b749, 0xb1b02e07), TOBN(0xda9e41a0, 0xf9eca03d),
-     TOBN(0x013ba727, 0x175a54ab), TOBN(0xca0cd190, 0xea5d8d10),
-     TOBN(0x85ea52c0, 0x95fd96a9), TOBN(0x2c591b9f, 0xbc5c3940),
-     TOBN(0x6fb4d4e4, 0x2bad4d5f), TOBN(0xfa4c3590, 0xfef0059b),
-     TOBN(0x6a10218a, 0xf5122294), TOBN(0x9a78a81a, 0xa85751d1),
-     TOBN(0x04f20579, 0xa98e84e7), TOBN(0xfe1242c0, 0x4997e5b5),
-     TOBN(0xe77a273b, 0xca21e1e4), TOBN(0xfcc8b1ef, 0x9411939d),
-     TOBN(0xe20ea302, 0x92d0487a), TOBN(0x1442dbec, 0x294b91fe),
-     TOBN(0x1f7a4afe, 0xbb6b0e8f), TOBN(0x1700ef74, 0x6889c318),
-     TOBN(0xf5bbffc3, 0x70f1fc62), TOBN(0x3b31d4b6, 0x69c79cca),
-     TOBN(0xe8bc2aab, 0xa7f6340d), TOBN(0xb0b08ab4, 0xa725e10a),
-     TOBN(0x44f05701, 0xae340050), TOBN(0xba4b3016, 0x1cf0c569),
-     TOBN(0x5aa29f83, 0xfbe19a51), TOBN(0x1b9ed428, 0xb71d752e),
-     TOBN(0x1666e54e, 0xeb4819f5), TOBN(0x616cdfed, 0x9e18b75b),
-     TOBN(0x112ed5be, 0x3ee27b0b), TOBN(0xfbf28319, 0x44c7de4d),
-     TOBN(0xd685ec85, 0xe0e60d84), TOBN(0x68037e30, 0x1db7ee78),
-     TOBN(0x5b65bdcd, 0x003c4d6e), TOBN(0x33e7363a, 0x93e29a6a),
-     TOBN(0x995b3a61, 0x08d0756c), TOBN(0xd727f85c, 0x2faf134b),
-     TOBN(0xfac6edf7, 0x1d337823), TOBN(0x99b9aa50, 0x0439b8b4),
-     TOBN(0x722eb104, 0xe2b4e075), TOBN(0x49987295, 0x437c4926),
-     TOBN(0xb1e4c0e4, 0x46a9b82d), TOBN(0xd0cb3197, 0x57a006f5),
-     TOBN(0xf3de0f7d, 0xd7808c56), TOBN(0xb5c54d8f, 0x51f89772),
-     TOBN(0x500a114a, 0xadbd31aa), TOBN(0x9afaaaa6, 0x295f6cab),
-     TOBN(0x94705e21, 0x04cf667a), TOBN(0xfc2a811b, 0x9d3935d7),
-     TOBN(0x560b0280, 0x6d09267c), TOBN(0xf19ed119, 0xf780e53b),
-     TOBN(0xf0227c09, 0x067b6269), TOBN(0x967b8533, 0x5caef599),
-     TOBN(0x155b9243, 0x68efeebc), TOBN(0xcd6d34f5, 0xc497bae6),
-     TOBN(0x1dd8d5d3, 0x6cceb370), TOBN(0x2aeac579, 0xa78d7bf9),
-     TOBN(0x5d65017d, 0x70b67a62), TOBN(0x70c8e44f, 0x17c53f67),
-     TOBN(0xd1fc0950, 0x86a34d09), TOBN(0xe0fca256, 0xe7134907),
-     TOBN(0xe24fa29c, 0x80fdd315), TOBN(0x2c4acd03, 0xd87499ad),
-     TOBN(0xbaaf7517, 0x3b5a9ba6), TOBN(0xb9cbe1f6, 0x12e51a51),
-     TOBN(0xd88edae3, 0x5e154897), TOBN(0xe4309c3c, 0x77b66ca0),
-     TOBN(0xf5555805, 0xf67f3746), TOBN(0x85fc37ba, 0xa36401ff),
-     TOBN(0xdf86e2ca, 0xd9499a53), TOBN(0x6270b2a3, 0xecbc955b),
-     TOBN(0xafae64f5, 0x974ad33b), TOBN(0x04d85977, 0xfe7b2df1),
-     TOBN(0x2a3db3ff, 0x4ab03f73), TOBN(0x0b87878a, 0x8702740a),
-     TOBN(0x6d263f01, 0x5a061732), TOBN(0xc25430ce, 0xa32a1901),
-     TOBN(0xf7ebab3d, 0xdb155018), TOBN(0x3a86f693, 0x63a9b78e),
-     TOBN(0x349ae368, 0xda9f3804), TOBN(0x470f07fe, 0xa164349c),
-     TOBN(0xd52f4cc9, 0x8562baa5), TOBN(0xc74a9e86, 0x2b290df3),
-     TOBN(0xd3a1aa35, 0x43471a24), TOBN(0x239446be, 0xb8194511),
-     TOBN(0xbec2dd00, 0x81dcd44d), TOBN(0xca3d7f0f, 0xc42ac82d),
-     TOBN(0x1f3db085, 0xfdaf4520), TOBN(0xbb6d3e80, 0x4549daf2),
-     TOBN(0xf5969d8a, 0x19ad5c42), TOBN(0x7052b13d, 0xdbfd1511),
-     TOBN(0x11890d1b, 0x682b9060), TOBN(0xa71d3883, 0xac34452c),
-     TOBN(0xa438055b, 0x783805b4), TOBN(0x43241277, 0x4725b23e),
-     TOBN(0xf20cf96e, 0x4901bbed), TOBN(0x6419c710, 0xf432a2bb),
-     TOBN(0x57a0fbb9, 0xdfa9cd7d), TOBN(0x589111e4, 0x00daa249),
-     TOBN(0x19809a33, 0x7b60554e), TOBN(0xea5f8887, 0xede283a4),
-     TOBN(0x2d713802, 0x503bfd35), TOBN(0x151bb0af, 0x585d2a53),
-     TOBN(0x40b08f74, 0x43b30ca8), TOBN(0xe10b5bba, 0xd9934583),
-     TOBN(0xe8a546d6, 0xb51110ad), TOBN(0x1dd50e66, 0x28e0b6c5),
-     TOBN(0x292e9d54, 0xcff2b821), TOBN(0x3882555d, 0x47281760),
-     TOBN(0x134838f8, 0x3724d6e3), TOBN(0xf2c679e0, 0x22ddcda1),
-     TOBN(0x40ee8815, 0x6d2a5768), TOBN(0x7f227bd2, 0x1c1e7e2d),
-     TOBN(0x487ba134, 0xd04ff443), TOBN(0x76e2ff3d, 0xc614e54b),
-     TOBN(0x36b88d6f, 0xa3177ec7), TOBN(0xbf731d51, 0x2328fff5),
-     TOBN(0x758caea2, 0x49ba158e), TOBN(0x5ab8ff4c, 0x02938188),
-     TOBN(0x33e16056, 0x35edc56d), TOBN(0x5a69d349, 0x7e940d79),
-     TOBN(0x6c4fd001, 0x03866dcb), TOBN(0x20a38f57, 0x4893cdef),
-     TOBN(0xfbf3e790, 0xfac3a15b), TOBN(0x6ed7ea2e, 0x7a4f8e6b),
-     TOBN(0xa663eb4f, 0xbc3aca86), TOBN(0x22061ea5, 0x080d53f7),
-     TOBN(0x2480dfe6, 0xf546783f), TOBN(0xd38bc6da, 0x5a0a641e),
-     TOBN(0xfb093cd1, 0x2ede8965), TOBN(0x89654db4, 0xacb455cf),
-     TOBN(0x413cbf9a, 0x26e1adee), TOBN(0x291f3764, 0x373294d4),
-     TOBN(0x00797257, 0x648083fe), TOBN(0x25f504d3, 0x208cc341),
-     TOBN(0x635a8e5e, 0xc3a0ee43), TOBN(0x70aaebca, 0x679898ff),
-     TOBN(0x9ee9f547, 0x5dc63d56), TOBN(0xce987966, 0xffb34d00),
-     TOBN(0xf9f86b19, 0x5e26310a), TOBN(0x9e435484, 0x382a8ca8),
-     TOBN(0x253bcb81, 0xc2352fe4), TOBN(0xa4eac8b0, 0x4474b571),
-     TOBN(0xc1b97512, 0xc1ad8cf8), TOBN(0x193b4e9e, 0x99e0b697),
-     TOBN(0x939d2716, 0x01e85df0), TOBN(0x4fb265b3, 0xcd44eafd),
-     TOBN(0x321e7dcd, 0xe51e1ae2), TOBN(0x8e3a8ca6, 0xe3d8b096),
-     TOBN(0x8de46cb0, 0x52604998), TOBN(0x91099ad8, 0x39072aa7),
-     TOBN(0x2617f91c, 0x93aa96b8), TOBN(0x0fc8716b, 0x7fca2e13),
-     TOBN(0xa7106f5e, 0x95328723), TOBN(0xd1c9c40b, 0x262e6522),
-     TOBN(0xb9bafe86, 0x42b7c094), TOBN(0x1873439d, 0x1543c021),
-     TOBN(0xe1baa5de, 0x5cbefd5d), TOBN(0xa363fc5e, 0x521e8aff),
-     TOBN(0xefe6320d, 0xf862eaac), TOBN(0x14419c63, 0x22c647dc),
-     TOBN(0x0e06707c, 0x4e46d428), TOBN(0xcb6c834f, 0x4a178f8f),
-     TOBN(0x0f993a45, 0xd30f917c), TOBN(0xd4c4b049, 0x9879afee),
-     TOBN(0xb6142a1e, 0x70500063), TOBN(0x7c9b41c3, 0xa5d9d605),
-     TOBN(0xbc00fc2f, 0x2f8ba2c7), TOBN(0x0966eb2f, 0x7c67aa28),
-     TOBN(0x13f7b516, 0x5a786972), TOBN(0x3bfb7557, 0x8a2fbba0),
-     TOBN(0x131c4f23, 0x5a2b9620), TOBN(0xbff3ed27, 0x6faf46be),
-     TOBN(0x9b4473d1, 0x7e172323), TOBN(0x421e8878, 0x339f6246),
-     TOBN(0x0fa8587a, 0x25a41632), TOBN(0xc0814124, 0xa35b6c93),
-     TOBN(0x2b18a9f5, 0x59ebb8db), TOBN(0x264e3357, 0x76edb29c),
-     TOBN(0xaf245ccd, 0xc87c51e2), TOBN(0x16b3015b, 0x501e6214),
-     TOBN(0xbb31c560, 0x0a3882ce), TOBN(0x6961bb94, 0xfec11e04),
-     TOBN(0x3b825b8d, 0xeff7a3a0), TOBN(0xbec33738, 0xb1df7326),
-     TOBN(0x68ad747c, 0x99604a1f), TOBN(0xd154c934, 0x9a3bd499),
-     TOBN(0xac33506f, 0x1cc7a906), TOBN(0x73bb5392, 0x6c560e8f),
-     TOBN(0x6428fcbe, 0x263e3944), TOBN(0xc11828d5, 0x1c387434),
-     TOBN(0x3cd04be1, 0x3e4b12ff), TOBN(0xc3aad9f9, 0x2d88667c),
-     TOBN(0xc52ddcf8, 0x248120cf), TOBN(0x985a892e, 0x2a389532),
-     TOBN(0xfbb4b21b, 0x3bb85fa0), TOBN(0xf95375e0, 0x8dfc6269),
-     TOBN(0xfb4fb06c, 0x7ee2acea), TOBN(0x6785426e, 0x309c4d1f),
-     TOBN(0x659b17c8, 0xd8ceb147), TOBN(0x9b649eee, 0xb70a5554),
-     TOBN(0x6b7fa0b5, 0xac6bc634), TOBN(0xd99fe2c7, 0x1d6e732f),
-     TOBN(0x30e6e762, 0x8d3abba2), TOBN(0x18fee6e7, 0xa797b799),
-     TOBN(0x5c9d360d, 0xc696464d), TOBN(0xe3baeb48, 0x27bfde12),
-     TOBN(0x2bf5db47, 0xf23206d5), TOBN(0x2f6d3420, 0x1d260152),
-     TOBN(0x17b87653, 0x3f8ff89a), TOBN(0x5157c30c, 0x378fa458),
-     TOBN(0x7517c5c5, 0x2d4fb936), TOBN(0xef22f7ac, 0xe6518cdc),
-     TOBN(0xdeb483e6, 0xbf847a64), TOBN(0xf5084558, 0x92e0fa89),}
-    ,
-    {TOBN(0xab9659d8, 0xdf7304d4), TOBN(0xb71bcf1b, 0xff210e8e),
-     TOBN(0xa9a2438b, 0xd73fbd60), TOBN(0x4595cd1f, 0x5d11b4de),
-     TOBN(0x9c0d329a, 0x4835859d), TOBN(0x4a0f0d2d, 0x7dbb6e56),
-     TOBN(0xc6038e5e, 0xdf928a4e), TOBN(0xc9429621, 0x8f5ad154),
-     TOBN(0x91213462, 0xf23f2d92), TOBN(0x6cab71bd, 0x60b94078),
-     TOBN(0x6bdd0a63, 0x176cde20), TOBN(0x54c9b20c, 0xee4d54bc),
-     TOBN(0x3cd2d8aa, 0x9f2ac02f), TOBN(0x03f8e617, 0x206eedb0),
-     TOBN(0xc7f68e16, 0x93086434), TOBN(0x831469c5, 0x92dd3db9),
-     TOBN(0x8521df24, 0x8f981354), TOBN(0x587e23ec, 0x3588a259),
-     TOBN(0xcbedf281, 0xd7a0992c), TOBN(0x06930a55, 0x38961407),
-     TOBN(0x09320deb, 0xbe5bbe21), TOBN(0xa7ffa5b5, 0x2491817f),
-     TOBN(0xe6c8b4d9, 0x09065160), TOBN(0xac4f3992, 0xfff6d2a9),
-     TOBN(0x7aa7a158, 0x3ae9c1bd), TOBN(0xe0af6d98, 0xe37ce240),
-     TOBN(0xe54342d9, 0x28ab38b4), TOBN(0xe8b75007, 0x0a1c98ca),
-     TOBN(0xefce86af, 0xe02358f2), TOBN(0x31b8b856, 0xea921228),
-     TOBN(0x052a1912, 0x0a1c67fc), TOBN(0xb4069ea4, 0xe3aead59),
-     TOBN(0x3232d6e2, 0x7fa03cb3), TOBN(0xdb938e5b, 0x0fdd7d88),
-     TOBN(0x04c1d2cd, 0x2ccbfc5d), TOBN(0xd2f45c12, 0xaf3a580f),
-     TOBN(0x592620b5, 0x7883e614), TOBN(0x5fd27e68, 0xbe7c5f26),
-     TOBN(0x139e45a9, 0x1567e1e3), TOBN(0x2cc71d2d, 0x44d8aaaf),
-     TOBN(0x4a9090cd, 0xe36d0757), TOBN(0xf722d7b1, 0xd9a29382),
-     TOBN(0xfb7fb04c, 0x04b48ddf), TOBN(0x628ad2a7, 0xebe16f43),
-     TOBN(0xcd3fbfb5, 0x20226040), TOBN(0x6c34ecb1, 0x5104b6c4),
-     TOBN(0x30c0754e, 0xc903c188), TOBN(0xec336b08, 0x2d23cab0),
-     TOBN(0x473d62a2, 0x1e206ee5), TOBN(0xf1e27480, 0x8c49a633),
-     TOBN(0x87ab956c, 0xe9f6b2c3), TOBN(0x61830b48, 0x62b606ea),
-     TOBN(0x67cd6846, 0xe78e815f), TOBN(0xfe40139f, 0x4c02082a),
-     TOBN(0x52bbbfcb, 0x952ec365), TOBN(0x74c11642, 0x6b9836ab),
-     TOBN(0x9f51439e, 0x558df019), TOBN(0x230da4ba, 0xac712b27),
-     TOBN(0x518919e3, 0x55185a24), TOBN(0x4dcefcdd, 0x84b78f50),
-     TOBN(0xa7d90fb2, 0xa47d4c5a), TOBN(0x55ac9abf, 0xb30e009e),
-     TOBN(0xfd2fc359, 0x74eed273), TOBN(0xb72d824c, 0xdbea8faf),
-     TOBN(0xce721a74, 0x4513e2ca), TOBN(0x0b418612, 0x38240b2c),
-     TOBN(0x05199968, 0xd5baa450), TOBN(0xeb1757ed, 0x2b0e8c25),
-     TOBN(0x6ebc3e28, 0x3dfac6d5), TOBN(0xb2431e2e, 0x48a237f5),
-     TOBN(0x2acb5e23, 0x52f61499), TOBN(0x5558a2a7, 0xe06c936b),
-     TOBN(0xd213f923, 0xcbb13d1b), TOBN(0x98799f42, 0x5bfb9bfe),
-     TOBN(0x1ae8ddc9, 0x701144a9), TOBN(0x0b8b3bb6, 0x4c5595ee),
-     TOBN(0x0ea9ef2e, 0x3ecebb21), TOBN(0x17cb6c4b, 0x3671f9a7),
-     TOBN(0x47ef464f, 0x726f1d1f), TOBN(0x171b9484, 0x6943a276),
-     TOBN(0x51a4ae2d, 0x7ef0329c), TOBN(0x08509222, 0x91c4402a),
-     TOBN(0x64a61d35, 0xafd45bbc), TOBN(0x38f096fe, 0x3035a851),
-     TOBN(0xc7468b74, 0xa1dec027), TOBN(0xe8cf10e7, 0x4fc7dcba),
-     TOBN(0xea35ff40, 0xf4a06353), TOBN(0x0b4c0dfa, 0x8b77dd66),
-     TOBN(0x779b8552, 0xde7e5c19), TOBN(0xfab28609, 0xc1c0256c),
-     TOBN(0x64f58eee, 0xabd4743d), TOBN(0x4e8ef838, 0x7b6cc93b),
-     TOBN(0xee650d26, 0x4cb1bf3d), TOBN(0x4c1f9d09, 0x73dedf61),
-     TOBN(0xaef7c9d7, 0xbfb70ced), TOBN(0x1ec0507e, 0x1641de1e),
-     TOBN(0xcd7e5cc7, 0xcde45079), TOBN(0xde173c9a, 0x516ac9e4),
-     TOBN(0x517a8494, 0xc170315c), TOBN(0x438fd905, 0x91d8e8fb),
-     TOBN(0x5145c506, 0xc7d9630b), TOBN(0x6457a87b, 0xf47d4d75),
-     TOBN(0xd31646bf, 0x0d9a80e8), TOBN(0x453add2b, 0xcef3aabe),
-     TOBN(0xc9941109, 0xa607419d), TOBN(0xfaa71e62, 0xbb6bca80),
-     TOBN(0x34158c13, 0x07c431f3), TOBN(0x594abebc, 0x992bc47a),
-     TOBN(0x6dfea691, 0xeb78399f), TOBN(0x48aafb35, 0x3f42cba4),
-     TOBN(0xedcd65af, 0x077c04f0), TOBN(0x1a29a366, 0xe884491a),
-     TOBN(0x023a40e5, 0x1c21f2bf), TOBN(0xf99a513c, 0xa5057aee),
-     TOBN(0xa3fe7e25, 0xbcab072e), TOBN(0x8568d2e1, 0x40e32bcf),
-     TOBN(0x904594eb, 0xd3f69d9f), TOBN(0x181a9733, 0x07affab1),
-     TOBN(0xe4d68d76, 0xb6e330f4), TOBN(0x87a6dafb, 0xc75a7fc1),
-     TOBN(0x549db2b5, 0xef7d9289), TOBN(0x2480d4a8, 0x197f015a),
-     TOBN(0x61d5590b, 0xc40493b6), TOBN(0x3a55b52e, 0x6f780331),
-     TOBN(0x40eb8115, 0x309eadb0), TOBN(0xdea7de5a, 0x92e5c625),
-     TOBN(0x64d631f0, 0xcc6a3d5a), TOBN(0x9d5e9d7c, 0x93e8dd61),
-     TOBN(0xf297bef5, 0x206d3ffc), TOBN(0x23d5e033, 0x7d808bd4),
-     TOBN(0x4a4f6912, 0xd24cf5ba), TOBN(0xe4d8163b, 0x09cdaa8a),
-     TOBN(0x0e0de9ef, 0xd3082e8e), TOBN(0x4fe1246c, 0x0192f360),
-     TOBN(0x1f900150, 0x4b8eee0a), TOBN(0x5219da81, 0xf1da391b),
-     TOBN(0x7bf6a5c1, 0xf7ea25aa), TOBN(0xd165e6bf, 0xfbb07d5f),
-     TOBN(0xe3539361, 0x89e78671), TOBN(0xa3fcac89, 0x2bac4219),
-     TOBN(0xdfab6fd4, 0xf0baa8ab), TOBN(0x5a4adac1, 0xe2c1c2e5),
-     TOBN(0x6cd75e31, 0x40d85849), TOBN(0xce263fea, 0x19b39181),
-     TOBN(0xcb6803d3, 0x07032c72), TOBN(0x7f40d5ce, 0x790968c8),
-     TOBN(0xa6de86bd, 0xdce978f0), TOBN(0x25547c4f, 0x368f751c),
-     TOBN(0xb1e685fd, 0x65fb2a9e), TOBN(0xce69336f, 0x1eb9179c),
-     TOBN(0xb15d1c27, 0x12504442), TOBN(0xb7df465c, 0xb911a06b),
-     TOBN(0xb8d804a3, 0x315980cd), TOBN(0x693bc492, 0xfa3bebf7),
-     TOBN(0x3578aeee, 0x2253c504), TOBN(0x158de498, 0xcd2474a2),
-     TOBN(0x1331f5c7, 0xcfda8368), TOBN(0xd2d7bbb3, 0x78d7177e),
-     TOBN(0xdf61133a, 0xf3c1e46e), TOBN(0x5836ce7d, 0xd30e7be8),
-     TOBN(0x83084f19, 0x94f834cb), TOBN(0xd35653d4, 0x429ed782),
-     TOBN(0xa542f16f, 0x59e58243), TOBN(0xc2b52f65, 0x0470a22d),
-     TOBN(0xe3b6221b, 0x18f23d96), TOBN(0xcb05abac, 0x3f5252b4),
-     TOBN(0xca00938b, 0x87d61402), TOBN(0x2f186cdd, 0x411933e4),
-     TOBN(0xe042ece5, 0x9a29a5c5), TOBN(0xb19b3c07, 0x3b6c8402),
-     TOBN(0xc97667c7, 0x19d92684), TOBN(0xb5624622, 0xebc66372),
-     TOBN(0x0cb96e65, 0x3c04fa02), TOBN(0x83a7176c, 0x8eaa39aa),
-     TOBN(0x2033561d, 0xeaa1633f), TOBN(0x45a9d086, 0x4533df73),
-     TOBN(0xe0542c1d, 0x3dc090bc), TOBN(0x82c996ef, 0xaa59c167),
-     TOBN(0xe3f735e8, 0x0ee7fc4d), TOBN(0x7b179393, 0x7c35db79),
-     TOBN(0xb6419e25, 0xf8c5dbfd), TOBN(0x4d9d7a1e, 0x1f327b04),
-     TOBN(0x979f6f9b, 0x298dfca8), TOBN(0xc7c5dff1, 0x8de9366a),
-     TOBN(0x1b7a588d, 0x04c82bdd), TOBN(0x68005534, 0xf8319dfd),
-     TOBN(0xde8a55b5, 0xd8eb9580), TOBN(0x5ea886da, 0x8d5bca81),
-     TOBN(0xe8530a01, 0x252a0b4d), TOBN(0x1bffb4fe, 0x35eaa0a1),
-     TOBN(0x2ad828b1, 0xd8e99563), TOBN(0x7de96ef5, 0x95f9cd87),
-     TOBN(0x4abb2d0c, 0xd77d970c), TOBN(0x03cfb933, 0xd33ef9cb),
-     TOBN(0xb0547c01, 0x8b211fe9), TOBN(0x2fe64809, 0xa56ed1c6),
-     TOBN(0xcb7d5624, 0xc2ac98cc), TOBN(0x2a1372c0, 0x1a393e33),
-     TOBN(0xc8d1ec1c, 0x29660521), TOBN(0xf3d31b04, 0xb37ac3e9),
-     TOBN(0xa29ae9df, 0x5ece6e7c), TOBN(0x0603ac8f, 0x0facfb55),
-     TOBN(0xcfe85b7a, 0xdda233a5), TOBN(0xe618919f, 0xbd75f0b8),
-     TOBN(0xf555a3d2, 0x99bf1603), TOBN(0x1f43afc9, 0xf184255a),
-     TOBN(0xdcdaf341, 0x319a3e02), TOBN(0xd3b117ef, 0x03903a39),
-     TOBN(0xe095da13, 0x65d1d131), TOBN(0x86f16367, 0xc37ad03e),
-     TOBN(0x5f37389e, 0x462cd8dd), TOBN(0xc103fa04, 0xd67a60e6),
-     TOBN(0x57c34344, 0xf4b478f0), TOBN(0xce91edd8, 0xe117c98d),
-     TOBN(0x001777b0, 0x231fc12e), TOBN(0x11ae47f2, 0xb207bccb),
-     TOBN(0xd983cf8d, 0x20f8a242), TOBN(0x7aff5b1d, 0xf22e1ad8),
-     TOBN(0x68fd11d0, 0x7fc4feb3), TOBN(0x5d53ae90, 0xb0f1c3e1),
-     TOBN(0x50fb7905, 0xec041803), TOBN(0x85e3c977, 0x14404888),
-     TOBN(0x0e67faed, 0xac628d8f), TOBN(0x2e865150, 0x6668532c),
-     TOBN(0x15acaaa4, 0x6a67a6b0), TOBN(0xf4cdee25, 0xb25cec41),
-     TOBN(0x49ee565a, 0xe4c6701e), TOBN(0x2a04ca66, 0xfc7d63d8),
-     TOBN(0xeb105018, 0xef0543fb), TOBN(0xf709a4f5, 0xd1b0d81d),
-     TOBN(0x5b906ee6, 0x2915d333), TOBN(0xf4a87412, 0x96f1f0ab),
-     TOBN(0xb6b82fa7, 0x4d82f4c2), TOBN(0x90725a60, 0x6804efb3),
-     TOBN(0xbc82ec46, 0xadc3425e), TOBN(0xb7b80581, 0x2787843e),
-     TOBN(0xdf46d91c, 0xdd1fc74c), TOBN(0xdc1c62cb, 0xe783a6c4),
-     TOBN(0x59d1b9f3, 0x1a04cbba), TOBN(0xd87f6f72, 0x95e40764),
-     TOBN(0x02b4cfc1, 0x317f4a76), TOBN(0x8d2703eb, 0x91036bce),
-     TOBN(0x98206cc6, 0xa5e72a56), TOBN(0x57be9ed1, 0xcf53fb0f),
-     TOBN(0x09374571, 0xef0b17ac), TOBN(0x74b2655e, 0xd9181b38),
-     TOBN(0xc8f80ea8, 0x89935d0e), TOBN(0xc0d9e942, 0x91529936),
-     TOBN(0x19686041, 0x1e84e0e5), TOBN(0xa5db84d3, 0xaea34c93),
-     TOBN(0xf9d5bb19, 0x7073a732), TOBN(0xb8d2fe56, 0x6bcfd7c0),
-     TOBN(0x45775f36, 0xf3eb82fa), TOBN(0x8cb20ccc, 0xfdff8b58),
-     TOBN(0x1659b65f, 0x8374c110), TOBN(0xb8b4a422, 0x330c789a),
-     TOBN(0x75e3c3ea, 0x6fe8208b), TOBN(0xbd74b9e4, 0x286e78fe),
-     TOBN(0x0be2e81b, 0xd7d93a1a), TOBN(0x7ed06e27, 0xdd0a5aae),
-     TOBN(0x721f5a58, 0x6be8b800), TOBN(0x428299d1, 0xd846db28),
-     TOBN(0x95cb8e6b, 0x5be88ed3), TOBN(0xc3186b23, 0x1c034e11),
-     TOBN(0xa6312c9e, 0x8977d99b), TOBN(0xbe944331, 0x83f531e7),
-     TOBN(0x8232c0c2, 0x18d3b1d4), TOBN(0x617aae8b, 0xe1247b73),
-     TOBN(0x40153fc4, 0x282aec3b), TOBN(0xc6063d2f, 0xf7b8f823),
-     TOBN(0x68f10e58, 0x3304f94c), TOBN(0x31efae74, 0xee676346),
-     TOBN(0xbadb6c6d, 0x40a9b97c), TOBN(0x14702c63, 0x4f666256),
-     TOBN(0xdeb954f1, 0x5184b2e3), TOBN(0x5184a526, 0x94b6ca40),
-     TOBN(0xfff05337, 0x003c32ea), TOBN(0x5aa374dd, 0x205974c7),
-     TOBN(0x9a763854, 0x4b0dd71a), TOBN(0x459cd27f, 0xdeb947ec),
-     TOBN(0xa6e28161, 0x459c2b92), TOBN(0x2f020fa8, 0x75ee8ef5),
-     TOBN(0xb132ec2d, 0x30b06310), TOBN(0xc3e15899, 0xbc6a4530),
-     TOBN(0xdc5f53fe, 0xaa3f451a), TOBN(0x3a3c7f23, 0xc2d9acac),
-     TOBN(0x2ec2f892, 0x6b27e58b), TOBN(0x68466ee7, 0xd742799f),
-     TOBN(0x98324dd4, 0x1fa26613), TOBN(0xa2dc6dab, 0xbdc29d63),
-     TOBN(0xf9675faa, 0xd712d657), TOBN(0x813994be, 0x21fd8d15),
-     TOBN(0x5ccbb722, 0xfd4f7553), TOBN(0x5135ff8b, 0xf3a36b20),
-     TOBN(0x44be28af, 0x69559df5), TOBN(0x40b65bed, 0x9d41bf30),
-     TOBN(0xd98bf2a4, 0x3734e520), TOBN(0x5e3abbe3, 0x209bdcba),
-     TOBN(0x77c76553, 0xbc945b35), TOBN(0x5331c093, 0xc6ef14aa),
-     TOBN(0x518ffe29, 0x76b60c80), TOBN(0x2285593b, 0x7ace16f8),
-     TOBN(0xab1f64cc, 0xbe2b9784), TOBN(0xe8f2c0d9, 0xab2421b6),
-     TOBN(0x617d7174, 0xc1df065c), TOBN(0xafeeb5ab, 0x5f6578fa),
-     TOBN(0x16ff1329, 0x263b54a8), TOBN(0x45c55808, 0xc990dce3),
-     TOBN(0x42eab6c0, 0xecc8c177), TOBN(0x799ea9b5, 0x5982ecaa),
-     TOBN(0xf65da244, 0xb607ef8e), TOBN(0x8ab226ce, 0x32a3fc2c),
-     TOBN(0x745741e5, 0x7ea973dc), TOBN(0x5c00ca70, 0x20888f2e),
-     TOBN(0x7cdce3cf, 0x45fd9cf1), TOBN(0x8a741ef1, 0x5507f872),
-     TOBN(0x47c51c2f, 0x196b4cec), TOBN(0x70d08e43, 0xc97ea618),
-     TOBN(0x930da15c, 0x15b18a2b), TOBN(0x33b6c678, 0x2f610514),
-     TOBN(0xc662e4f8, 0x07ac9794), TOBN(0x1eccf050, 0xba06cb79),
-     TOBN(0x1ff08623, 0xe7d954e5), TOBN(0x6ef2c5fb, 0x24cf71c3),
-     TOBN(0xb2c063d2, 0x67978453), TOBN(0xa0cf3796, 0x1d654af8),
-     TOBN(0x7cb242ea, 0x7ebdaa37), TOBN(0x206e0b10, 0xb86747e0),
-     TOBN(0x481dae5f, 0xd5ecfefc), TOBN(0x07084fd8, 0xc2bff8fc),
-     TOBN(0x8040a01a, 0xea324596), TOBN(0x4c646980, 0xd4de4036),
-     TOBN(0x9eb8ab4e, 0xd65abfc3), TOBN(0xe01cb91f, 0x13541ec7),
-     TOBN(0x8f029adb, 0xfd695012), TOBN(0x9ae28483, 0x3c7569ec),
-     TOBN(0xa5614c9e, 0xa66d80a1), TOBN(0x680a3e44, 0x75f5f911),
-     TOBN(0x0c07b14d, 0xceba4fc1), TOBN(0x891c285b, 0xa13071c1),
-     TOBN(0xcac67ceb, 0x799ece3c), TOBN(0x29b910a9, 0x41e07e27),
-     TOBN(0x66bdb409, 0xf2e43123), TOBN(0x06f8b137, 0x7ac9ecbe),
-     TOBN(0x5981fafd, 0x38547090), TOBN(0x19ab8b9f, 0x85e3415d),
-     TOBN(0xfc28c194, 0xc7e31b27), TOBN(0x843be0aa, 0x6fbcbb42),
-     TOBN(0xf3b1ed43, 0xa6db836c), TOBN(0x2a1330e4, 0x01a45c05),
-     TOBN(0x4f19f3c5, 0x95c1a377), TOBN(0xa85f39d0, 0x44b5ee33),
-     TOBN(0x3da18e6d, 0x4ae52834), TOBN(0x5a403b39, 0x7423dcb0),
-     TOBN(0xbb555e0a, 0xf2374aef), TOBN(0x2ad599c4, 0x1e8ca111),
-     TOBN(0x1b3a2fb9, 0x014b3bf8), TOBN(0x73092684, 0xf66d5007),
-     TOBN(0x079f1426, 0xc4340102), TOBN(0x1827cf81, 0x8fddf4de),
-     TOBN(0xc83605f6, 0xf10ff927), TOBN(0xd3871451, 0x23739fc6),
-     TOBN(0x6d163450, 0xcac1c2cc), TOBN(0x6b521296, 0xa2ec1ac5),
-     TOBN(0x0606c4f9, 0x6e3cb4a5), TOBN(0xe47d3f41, 0x778abff7),
-     TOBN(0x425a8d5e, 0xbe8e3a45), TOBN(0x53ea9e97, 0xa6102160),
-     TOBN(0x477a106e, 0x39cbb688), TOBN(0x532401d2, 0xf3386d32),
-     TOBN(0x8e564f64, 0xb1b9b421), TOBN(0xca9b8388, 0x81dad33f),
-     TOBN(0xb1422b4e, 0x2093913e), TOBN(0x533d2f92, 0x69bc8112),
-     TOBN(0x3fa017be, 0xebe7b2c7), TOBN(0xb2767c4a, 0xcaf197c6),
-     TOBN(0xc925ff87, 0xaedbae9f), TOBN(0x7daf0eb9, 0x36880a54),
-     TOBN(0x9284ddf5, 0x9c4d0e71), TOBN(0x1581cf93, 0x316f8cf5),
-     TOBN(0x3eeca887, 0x3ac1f452), TOBN(0xb417fce9, 0xfb6aeffe),
-     TOBN(0xa5918046, 0xeefb8dc3), TOBN(0x73d318ac, 0x02209400),
-     TOBN(0xe800400f, 0x728693e5), TOBN(0xe87d814b, 0x339927ed),
-     TOBN(0x93e94d3b, 0x57ea9910), TOBN(0xff8a35b6, 0x2245fb69),
-     TOBN(0x043853d7, 0x7f200d34), TOBN(0x470f1e68, 0x0f653ce1),
-     TOBN(0x81ac05bd, 0x59a06379), TOBN(0xa14052c2, 0x03930c29),
-     TOBN(0x6b72fab5, 0x26bc2797), TOBN(0x13670d16, 0x99f16771),
-     TOBN(0x00170052, 0x1e3e48d1), TOBN(0x978fe401, 0xb7adf678),
-     TOBN(0x55ecfb92, 0xd41c5dd4), TOBN(0x5ff8e247, 0xc7b27da5),
-     TOBN(0xe7518272, 0x013fb606), TOBN(0x5768d7e5, 0x2f547a3c),
-     TOBN(0xbb24eaa3, 0x60017a5f), TOBN(0x6b18e6e4, 0x9c64ce9b),
-     TOBN(0xc225c655, 0x103dde07), TOBN(0xfc3672ae, 0x7592f7ea),
-     TOBN(0x9606ad77, 0xd06283a1), TOBN(0x542fc650, 0xe4d59d99),
-     TOBN(0xabb57c49, 0x2a40e7c2), TOBN(0xac948f13, 0xa8db9f55),
-     TOBN(0x6d4c9682, 0xb04465c3), TOBN(0xe3d062fa, 0x6468bd15),
-     TOBN(0xa51729ac, 0x5f318d7e), TOBN(0x1fc87df6, 0x9eb6fc95),
-     TOBN(0x63d146a8, 0x0591f652), TOBN(0xa861b8f7, 0x589621aa),
-     TOBN(0x59f5f15a, 0xce31348c), TOBN(0x8f663391, 0x440da6da),
-     TOBN(0xcfa778ac, 0xb591ffa3), TOBN(0x027ca9c5, 0x4cdfebce),
-     TOBN(0xbe8e05a5, 0x444ea6b3), TOBN(0x8aab4e69, 0xa78d8254),
-     TOBN(0x2437f04f, 0xb474d6b8), TOBN(0x6597ffd4, 0x045b3855),
-     TOBN(0xbb0aea4e, 0xca47ecaa), TOBN(0x568aae83, 0x85c7ebfc),
-     TOBN(0x0e966e64, 0xc73b2383), TOBN(0x49eb3447, 0xd17d8762),
-     TOBN(0xde107821, 0x8da05dab), TOBN(0x443d8baa, 0x016b7236),
-     TOBN(0x163b63a5, 0xea7610d6), TOBN(0xe47e4185, 0xce1ca979),
-     TOBN(0xae648b65, 0x80baa132), TOBN(0xebf53de2, 0x0e0d5b64),
-     TOBN(0x8d3bfcb4, 0xd3c8c1ca), TOBN(0x0d914ef3, 0x5d04b309),
-     TOBN(0x55ef6415, 0x3de7d395), TOBN(0xbde1666f, 0x26b850e8),
-     TOBN(0xdbe1ca6e, 0xd449ab19), TOBN(0x8902b322, 0xe89a2672),
-     TOBN(0xb1674b7e, 0xdacb7a53), TOBN(0x8e9faf6e, 0xf52523ff),
-     TOBN(0x6ba535da, 0x9a85788b), TOBN(0xd21f03ae, 0xbd0626d4),
-     TOBN(0x099f8c47, 0xe873dc64), TOBN(0xcda8564d, 0x018ec97e),
-     TOBN(0x3e8d7a5c, 0xde92c68c), TOBN(0x78e035a1, 0x73323cc4),
-     TOBN(0x3ef26275, 0xf880ff7c), TOBN(0xa4ee3dff, 0x273eedaa),
-     TOBN(0x58823507, 0xaf4e18f8), TOBN(0x967ec9b5, 0x0672f328),
-     TOBN(0x9ded19d9, 0x559d3186), TOBN(0x5e2ab3de, 0x6cdce39c),
-     TOBN(0xabad6e4d, 0x11c226df), TOBN(0xf9783f43, 0x87723014),
-     TOBN(0x9a49a0cf, 0x1a885719), TOBN(0xfc0c1a5a, 0x90da9dbf),
-     TOBN(0x8bbaec49, 0x571d92ac), TOBN(0x569e85fe, 0x4692517f),
-     TOBN(0x8333b014, 0xa14ea4af), TOBN(0x32f2a62f, 0x12e5c5ad),
-     TOBN(0x98c2ce3a, 0x06d89b85), TOBN(0xb90741aa, 0x2ff77a08),
-     TOBN(0x2530defc, 0x01f795a2), TOBN(0xd6e5ba0b, 0x84b3c199),
-     TOBN(0x7d8e8451, 0x12e4c936), TOBN(0xae419f7d, 0xbd0be17b),
-     TOBN(0xa583fc8c, 0x22262bc9), TOBN(0x6b842ac7, 0x91bfe2bd),
-     TOBN(0x33cef4e9, 0x440d6827), TOBN(0x5f69f4de, 0xef81fb14),
-     TOBN(0xf16cf6f6, 0x234fbb92), TOBN(0x76ae3fc3, 0xd9e7e158),
-     TOBN(0x4e89f6c2, 0xe9740b33), TOBN(0x677bc85d, 0x4962d6a1),
-     TOBN(0x6c6d8a7f, 0x68d10d15), TOBN(0x5f9a7224, 0x0257b1cd),
-     TOBN(0x7096b916, 0x4ad85961), TOBN(0x5f8c47f7, 0xe657ab4a),
-     TOBN(0xde57d7d0, 0xf7461d7e), TOBN(0x7eb6094d, 0x80ce5ee2),
-     TOBN(0x0b1e1dfd, 0x34190547), TOBN(0x8a394f43, 0xf05dd150),
-     TOBN(0x0a9eb24d, 0x97df44e6), TOBN(0x78ca06bf, 0x87675719),
-     TOBN(0x6f0b3462, 0x6ffeec22), TOBN(0x9d91bcea, 0x36cdd8fb),
-     TOBN(0xac83363c, 0xa105be47), TOBN(0x81ba76c1, 0x069710e3),
-     TOBN(0x3d1b24cb, 0x28c682c6), TOBN(0x27f25228, 0x8612575b),
-     TOBN(0xb587c779, 0xe8e66e98), TOBN(0x7b0c03e9, 0x405eb1fe),
-     TOBN(0xfdf0d030, 0x15b548e7), TOBN(0xa8be76e0, 0x38b36af7),
-     TOBN(0x4cdab04a, 0x4f310c40), TOBN(0x6287223e, 0xf47ecaec),
-     TOBN(0x678e6055, 0x8b399320), TOBN(0x61fe3fa6, 0xc01e4646),
-     TOBN(0xc482866b, 0x03261a5e), TOBN(0xdfcf45b8, 0x5c2f244a),
-     TOBN(0x8fab9a51, 0x2f684b43), TOBN(0xf796c654, 0xc7220a66),
-     TOBN(0x1d90707e, 0xf5afa58f), TOBN(0x2c421d97, 0x4fdbe0de),
-     TOBN(0xc4f4cda3, 0xaf2ebc2f), TOBN(0xa0af843d, 0xcb4efe24),
-     TOBN(0x53b857c1, 0x9ccd10b1), TOBN(0xddc9d1eb, 0x914d3e04),
-     TOBN(0x7bdec8bb, 0x62771deb), TOBN(0x829277aa, 0x91c5aa81),
-     TOBN(0x7af18dd6, 0x832391ae), TOBN(0x1740f316, 0xc71a84ca),}
-    ,
-    {TOBN(0x8928e99a, 0xeeaf8c49), TOBN(0xee7aa73d, 0x6e24d728),
-     TOBN(0x4c5007c2, 0xe72b156c), TOBN(0x5fcf57c5, 0xed408a1d),
-     TOBN(0x9f719e39, 0xb6057604), TOBN(0x7d343c01, 0xc2868bbf),
-     TOBN(0x2cca254b, 0x7e103e2d), TOBN(0xe6eb38a9, 0xf131bea2),
-     TOBN(0xb33e624f, 0x8be762b4), TOBN(0x2a9ee4d1, 0x058e3413),
-     TOBN(0x968e6369, 0x67d805fa), TOBN(0x9848949b, 0x7db8bfd7),
-     TOBN(0x5308d7e5, 0xd23a8417), TOBN(0x892f3b1d, 0xf3e29da5),
-     TOBN(0xc95c139e, 0x3dee471f), TOBN(0x8631594d, 0xd757e089),
-     TOBN(0xe0c82a3c, 0xde918dcc), TOBN(0x2e7b5994, 0x26fdcf4b),
-     TOBN(0x82c50249, 0x32cb1b2d), TOBN(0xea613a9d, 0x7657ae07),
-     TOBN(0xc2eb5f6c, 0xf1fdc9f7), TOBN(0xb6eae8b8, 0x879fe682),
-     TOBN(0x253dfee0, 0x591cbc7f), TOBN(0x000da713, 0x3e1290e6),
-     TOBN(0x1083e2ea, 0x1f095615), TOBN(0x0a28ad77, 0x14e68c33),
-     TOBN(0x6bfc0252, 0x3d8818be), TOBN(0xb585113a, 0xf35850cd),
-     TOBN(0x7d935f0b, 0x30df8aa1), TOBN(0xaddda07c, 0x4ab7e3ac),
-     TOBN(0x92c34299, 0x552f00cb), TOBN(0xc33ed1de, 0x2909df6c),
-     TOBN(0x22c2195d, 0x80e87766), TOBN(0x9e99e6d8, 0x9ddf4ac0),
-     TOBN(0x09642e4e, 0x65e74934), TOBN(0x2610ffa2, 0xff1ff241),
-     TOBN(0x4d1d47d4, 0x751c8159), TOBN(0x697b4985, 0xaf3a9363),
-     TOBN(0x0318ca46, 0x87477c33), TOBN(0xa90cb565, 0x9441eff3),
-     TOBN(0x58bb3848, 0x36f024cb), TOBN(0x85be1f77, 0x36016168),
-     TOBN(0x6c59587c, 0xdc7e07f1), TOBN(0x191be071, 0xaf1d8f02),
-     TOBN(0xbf169fa5, 0xcca5e55c), TOBN(0x3864ba3c, 0xf7d04eac),
-     TOBN(0x915e367f, 0x8d7d05db), TOBN(0xb48a876d, 0xa6549e5d),
-     TOBN(0xef89c656, 0x580e40a2), TOBN(0xf194ed8c, 0x728068bc),
-     TOBN(0x74528045, 0xa47990c9), TOBN(0xf53fc7d7, 0x5e1a4649),
-     TOBN(0xbec5ae9b, 0x78593e7d), TOBN(0x2cac4ee3, 0x41db65d7),
-     TOBN(0xa8c1eb24, 0x04a3d39b), TOBN(0x53b7d634, 0x03f8f3ef),
-     TOBN(0x2dc40d48, 0x3e07113c), TOBN(0x6e4a5d39, 0x7d8b63ae),
-     TOBN(0x5582a94b, 0x79684c2b), TOBN(0x932b33d4, 0x622da26c),
-     TOBN(0xf534f651, 0x0dbbf08d), TOBN(0x211d07c9, 0x64c23a52),
-     TOBN(0x0eeece0f, 0xee5bdc9b), TOBN(0xdf178168, 0xf7015558),
-     TOBN(0xd4294635, 0x0a712229), TOBN(0x93cbe448, 0x09273f8c),
-     TOBN(0x00b095ef, 0x8f13bc83), TOBN(0xbb741972, 0x8798978c),
-     TOBN(0x9d7309a2, 0x56dbe6e7), TOBN(0xe578ec56, 0x5a5d39ec),
-     TOBN(0x3961151b, 0x851f9a31), TOBN(0x2da7715d, 0xe5709eb4),
-     TOBN(0x867f3017, 0x53dfabf0), TOBN(0x728d2078, 0xb8e39259),
-     TOBN(0x5c75a0cd, 0x815d9958), TOBN(0xf84867a6, 0x16603be1),
-     TOBN(0xc865b13d, 0x70e35b1c), TOBN(0x02414468, 0x19b03e2c),
-     TOBN(0xe46041da, 0xac1f3121), TOBN(0x7c9017ad, 0x6f028a7c),
-     TOBN(0xabc96de9, 0x0a482873), TOBN(0x4265d6b1, 0xb77e54d4),
-     TOBN(0x68c38e79, 0xa57d88e7), TOBN(0xd461d766, 0x9ce82de3),
-     TOBN(0x817a9ec5, 0x64a7e489), TOBN(0xcc5675cd, 0xa0def5f2),
-     TOBN(0x9a00e785, 0x985d494e), TOBN(0xc626833f, 0x1b03514a),
-     TOBN(0xabe7905a, 0x83cdd60e), TOBN(0x50602fb5, 0xa1170184),
-     TOBN(0x689886cd, 0xb023642a), TOBN(0xd568d090, 0xa6e1fb00),
-     TOBN(0x5b1922c7, 0x0259217f), TOBN(0x93831cd9, 0xc43141e4),
-     TOBN(0xdfca3587, 0x0c95f86e), TOBN(0xdec2057a, 0x568ae828),
-     TOBN(0xc44ea599, 0xf98a759a), TOBN(0x55a0a7a2, 0xf7c23c1d),
-     TOBN(0xd5ffb6e6, 0x94c4f687), TOBN(0x3563cce2, 0x12848478),
-     TOBN(0x812b3517, 0xe7b1fbe1), TOBN(0x8a7dc979, 0x4f7338e0),
-     TOBN(0x211ecee9, 0x52d048db), TOBN(0x2eea4056, 0xc86ea3b8),
-     TOBN(0xd8cb68a7, 0xba772b34), TOBN(0xe16ed341, 0x5f4e2541),
-     TOBN(0x9b32f6a6, 0x0fec14db), TOBN(0xeee376f7, 0x391698be),
-     TOBN(0xe9a7aa17, 0x83674c02), TOBN(0x65832f97, 0x5843022a),
-     TOBN(0x29f3a8da, 0x5ba4990f), TOBN(0x79a59c3a, 0xfb8e3216),
-     TOBN(0x9cdc4d2e, 0xbd19bb16), TOBN(0xc6c7cfd0, 0xb3262d86),
-     TOBN(0xd4ce14d0, 0x969c0b47), TOBN(0x1fa352b7, 0x13e56128),
-     TOBN(0x383d55b8, 0x973db6d3), TOBN(0x71836850, 0xe8e5b7bf),
-     TOBN(0xc7714596, 0xe6bb571f), TOBN(0x259df31f, 0x2d5b2dd2),
-     TOBN(0x568f8925, 0x913cc16d), TOBN(0x18bc5b6d, 0xe1a26f5a),
-     TOBN(0xdfa413be, 0xf5f499ae), TOBN(0xf8835dec, 0xc3f0ae84),
-     TOBN(0xb6e60bd8, 0x65a40ab0), TOBN(0x65596439, 0x194b377e),
-     TOBN(0xbcd85625, 0x92084a69), TOBN(0x5ce433b9, 0x4f23ede0),
-     TOBN(0xe8e8f04f, 0x6ad65143), TOBN(0x11511827, 0xd6e14af6),
-     TOBN(0x3d390a10, 0x8295c0c7), TOBN(0x71e29ee4, 0x621eba16),
-     TOBN(0xa588fc09, 0x63717b46), TOBN(0x02be02fe, 0xe06ad4a2),
-     TOBN(0x931558c6, 0x04c22b22), TOBN(0xbb4d4bd6, 0x12f3c849),
-     TOBN(0x54a4f496, 0x20efd662), TOBN(0x92ba6d20, 0xc5952d14),
-     TOBN(0x2db8ea1e, 0xcc9784c2), TOBN(0x81cc10ca, 0x4b353644),
-     TOBN(0x40b570ad, 0x4b4d7f6c), TOBN(0x5c9f1d96, 0x84a1dcd2),
-     TOBN(0x01379f81, 0x3147e797), TOBN(0xe5c6097b, 0x2bd499f5),
-     TOBN(0x40dcafa6, 0x328e5e20), TOBN(0xf7b5244a, 0x54815550),
-     TOBN(0xb9a4f118, 0x47bfc978), TOBN(0x0ea0e79f, 0xd25825b1),
-     TOBN(0xa50f96eb, 0x646c7ecf), TOBN(0xeb811493, 0x446dea9d),
-     TOBN(0x2af04677, 0xdfabcf69), TOBN(0xbe3a068f, 0xc713f6e8),
-     TOBN(0x860d523d, 0x42e06189), TOBN(0xbf077941, 0x4e3aff13),
-     TOBN(0x0b616dca, 0xc1b20650), TOBN(0xe66dd6d1, 0x2131300d),
-     TOBN(0xd4a0fd67, 0xff99abde), TOBN(0xc9903550, 0xc7aac50d),
-     TOBN(0x022ecf8b, 0x7c46b2d7), TOBN(0x3333b1e8, 0x3abf92af),
-     TOBN(0x11cc113c, 0x6c491c14), TOBN(0x05976688, 0x80dd3f88),
-     TOBN(0xf5b4d9e7, 0x29d932ed), TOBN(0xe982aad8, 0xa2c38b6d),
-     TOBN(0x6f925347, 0x8be0dcf0), TOBN(0x700080ae, 0x65ca53f2),
-     TOBN(0xd8131156, 0x443ca77f), TOBN(0xe92d6942, 0xec51f984),
-     TOBN(0xd2a08af8, 0x85dfe9ae), TOBN(0xd825d9a5, 0x4d2a86ca),
-     TOBN(0x2c53988d, 0x39dff020), TOBN(0xf38b135a, 0x430cdc40),
-     TOBN(0x0c918ae0, 0x62a7150b), TOBN(0xf31fd8de, 0x0c340e9b),
-     TOBN(0xafa0e7ae, 0x4dbbf02e), TOBN(0x5847fb2a, 0x5eba6239),
-     TOBN(0x6b1647dc, 0xdccbac8b), TOBN(0xb642aa78, 0x06f485c8),
-     TOBN(0x873f3765, 0x7038ecdf), TOBN(0x2ce5e865, 0xfa49d3fe),
-     TOBN(0xea223788, 0xc98c4400), TOBN(0x8104a8cd, 0xf1fa5279),
-     TOBN(0xbcf7cc7a, 0x06becfd7), TOBN(0x49424316, 0xc8f974ae),
-     TOBN(0xc0da65e7, 0x84d6365d), TOBN(0xbcb7443f, 0x8f759fb8),
-     TOBN(0x35c712b1, 0x7ae81930), TOBN(0x80428dff, 0x4c6e08ab),
-     TOBN(0xf19dafef, 0xa4faf843), TOBN(0xced8538d, 0xffa9855f),
-     TOBN(0x20ac409c, 0xbe3ac7ce), TOBN(0x358c1fb6, 0x882da71e),
-     TOBN(0xafa9c0e5, 0xfd349961), TOBN(0x2b2cfa51, 0x8421c2fc),
-     TOBN(0x2a80db17, 0xf3a28d38), TOBN(0xa8aba539, 0x5d138e7e),
-     TOBN(0x52012d1d, 0x6e96eb8d), TOBN(0x65d8dea0, 0xcbaf9622),
-     TOBN(0x57735447, 0xb264f56c), TOBN(0xbeebef3f, 0x1b6c8da2),
-     TOBN(0xfc346d98, 0xce785254), TOBN(0xd50e8d72, 0xbb64a161),
-     TOBN(0xc03567c7, 0x49794add), TOBN(0x15a76065, 0x752c7ef6),
-     TOBN(0x59f3a222, 0x961f23d6), TOBN(0x378e4438, 0x73ecc0b0),
-     TOBN(0xc74be434, 0x5a82fde4), TOBN(0xae509af2, 0xd8b9cf34),
-     TOBN(0x4a61ee46, 0x577f44a1), TOBN(0xe09b748c, 0xb611deeb),
-     TOBN(0xc0481b2c, 0xf5f7b884), TOBN(0x35626678, 0x61acfa6b),
-     TOBN(0x37f4c518, 0xbf8d21e6), TOBN(0x22d96531, 0xb205a76d),
-     TOBN(0x37fb85e1, 0x954073c0), TOBN(0xbceafe4f, 0x65b3a567),
-     TOBN(0xefecdef7, 0xbe42a582), TOBN(0xd3fc6080, 0x65046be6),
-     TOBN(0xc9af13c8, 0x09e8dba9), TOBN(0x1e6c9847, 0x641491ff),
-     TOBN(0x3b574925, 0xd30c31f7), TOBN(0xb7eb72ba, 0xac2a2122),
-     TOBN(0x776a0dac, 0xef0859e7), TOBN(0x06fec314, 0x21900942),
-     TOBN(0x2464bc10, 0xf8c22049), TOBN(0x9bfbcce7, 0x875ebf69),
-     TOBN(0xd7a88e2a, 0x4336326b), TOBN(0xda05261c, 0x5bc2acfa),
-     TOBN(0xc29f5bdc, 0xeba7efc8), TOBN(0x471237ca, 0x25dbbf2e),
-     TOBN(0xa72773f2, 0x2975f127), TOBN(0xdc744e8e, 0x04d0b326),
-     TOBN(0x38a7ed16, 0xa56edb73), TOBN(0x64357e37, 0x2c007e70),
-     TOBN(0xa167d15b, 0x5080b400), TOBN(0x07b41164, 0x23de4be1),
-     TOBN(0xb2d91e32, 0x74c89883), TOBN(0x3c162821, 0x2882e7ed),
-     TOBN(0xad6b36ba, 0x7503e482), TOBN(0x48434e8e, 0x0ea34331),
-     TOBN(0x79f4f24f, 0x2c7ae0b9), TOBN(0xc46fbf81, 0x1939b44a),
-     TOBN(0x76fefae8, 0x56595eb1), TOBN(0x417b66ab, 0xcd5f29c7),
-     TOBN(0x5f2332b2, 0xc5ceec20), TOBN(0xd69661ff, 0xe1a1cae2),
-     TOBN(0x5ede7e52, 0x9b0286e6), TOBN(0x9d062529, 0xe276b993),
-     TOBN(0x324794b0, 0x7e50122b), TOBN(0xdd744f8b, 0x4af07ca5),
-     TOBN(0x30a12f08, 0xd63fc97b), TOBN(0x39650f1a, 0x76626d9d),
-     TOBN(0x101b47f7, 0x1fa38477), TOBN(0x3d815f19, 0xd4dc124f),
-     TOBN(0x1569ae95, 0xb26eb58a), TOBN(0xc3cde188, 0x95fb1887),
-     TOBN(0x54e9f37b, 0xf9539a48), TOBN(0xb0100e06, 0x7408c1a5),
-     TOBN(0x821d9811, 0xea580cbb), TOBN(0x8af52d35, 0x86e50c56),
-     TOBN(0xdfbd9d47, 0xdbbf698b), TOBN(0x2961a1ea, 0x03dc1c73),
-     TOBN(0x203d38f8, 0xe76a5df8), TOBN(0x08a53a68, 0x6def707a),
-     TOBN(0x26eefb48, 0x1bee45d4), TOBN(0xb3cee346, 0x3c688036),
-     TOBN(0x463c5315, 0xc42f2469), TOBN(0x19d84d2e, 0x81378162),
-     TOBN(0x22d7c3c5, 0x1c4d349f), TOBN(0x65965844, 0x163d59c5),
-     TOBN(0xcf198c56, 0xb8abceae), TOBN(0x6fb1fb1b, 0x628559d5),
-     TOBN(0x8bbffd06, 0x07bf8fe3), TOBN(0x46259c58, 0x3467734b),
-     TOBN(0xd8953cea, 0x35f7f0d3), TOBN(0x1f0bece2, 0xd65b0ff1),
-     TOBN(0xf7d5b4b3, 0xf3c72914), TOBN(0x29e8ea95, 0x3cb53389),
-     TOBN(0x4a365626, 0x836b6d46), TOBN(0xe849f910, 0xea174fde),
-     TOBN(0x7ec62fbb, 0xf4737f21), TOBN(0xd8dba5ab, 0x6209f5ac),
-     TOBN(0x24b5d7a9, 0xa5f9adbe), TOBN(0x707d28f7, 0xa61dc768),
-     TOBN(0x7711460b, 0xcaa999ea), TOBN(0xba7b174d, 0x1c92e4cc),
-     TOBN(0x3c4bab66, 0x18d4bf2d), TOBN(0xb8f0c980, 0xeb8bd279),
-     TOBN(0x024bea9a, 0x324b4737), TOBN(0xfba9e423, 0x32a83bca),
-     TOBN(0x6e635643, 0xa232dced), TOBN(0x99619367, 0x2571c8ba),
-     TOBN(0xe8c9f357, 0x54b7032b), TOBN(0xf936b3ba, 0x2442d54a),
-     TOBN(0x2263f0f0, 0x8290c65a), TOBN(0x48989780, 0xee2c7fdb),
-     TOBN(0xadc5d55a, 0x13d4f95e), TOBN(0x737cff85, 0xad9b8500),
-     TOBN(0x271c557b, 0x8a73f43d), TOBN(0xbed617a4, 0xe18bc476),
-     TOBN(0x66245401, 0x7dfd8ab2), TOBN(0xae7b89ae, 0x3a2870aa),
-     TOBN(0x1b555f53, 0x23a7e545), TOBN(0x6791e247, 0xbe057e4c),
-     TOBN(0x860136ad, 0x324fa34d), TOBN(0xea111447, 0x4cbeae28),
-     TOBN(0x023a4270, 0xbedd3299), TOBN(0x3d5c3a7f, 0xc1c35c34),
-     TOBN(0xb0f6db67, 0x8d0412d2), TOBN(0xd92625e2, 0xfcdc6b9a),
-     TOBN(0x92ae5ccc, 0x4e28a982), TOBN(0xea251c36, 0x47a3ce7e),
-     TOBN(0x9d658932, 0x790691bf), TOBN(0xed610589, 0x06b736ae),
-     TOBN(0x712c2f04, 0xc0d63b6e), TOBN(0x5cf06fd5, 0xc63d488f),
-     TOBN(0x97363fac, 0xd9588e41), TOBN(0x1f9bf762, 0x2b93257e),
-     TOBN(0xa9d1ffc4, 0x667acace), TOBN(0x1cf4a1aa, 0x0a061ecf),
-     TOBN(0x40e48a49, 0xdc1818d0), TOBN(0x0643ff39, 0xa3621ab0),
-     TOBN(0x5768640c, 0xe39ef639), TOBN(0x1fc099ea, 0x04d86854),
-     TOBN(0x9130b9c3, 0xeccd28fd), TOBN(0xd743cbd2, 0x7eec54ab),
-     TOBN(0x052b146f, 0xe5b475b6), TOBN(0x058d9a82, 0x900a7d1f),
-     TOBN(0x65e02292, 0x91262b72), TOBN(0x96f924f9, 0xbb0edf03),
-     TOBN(0x5cfa59c8, 0xfe206842), TOBN(0xf6037004, 0x5eafa720),
-     TOBN(0x5f30699e, 0x18d7dd96), TOBN(0x381e8782, 0xcbab2495),
-     TOBN(0x91669b46, 0xdd8be949), TOBN(0xb40606f5, 0x26aae8ef),
-     TOBN(0x2812b839, 0xfc6751a4), TOBN(0x16196214, 0xfba800ef),
-     TOBN(0x4398d5ca, 0x4c1a2875), TOBN(0x720c00ee, 0x653d8349),
-     TOBN(0xc2699eb0, 0xd820007c), TOBN(0x880ee660, 0xa39b5825),
-     TOBN(0x70694694, 0x471f6984), TOBN(0xf7d16ea8, 0xe3dda99a),
-     TOBN(0x28d675b2, 0xc0519a23), TOBN(0x9ebf94fe, 0x4f6952e3),
-     TOBN(0xf28bb767, 0xa2294a8a), TOBN(0x85512b4d, 0xfe0af3f5),
-     TOBN(0x18958ba8, 0x99b16a0d), TOBN(0x95c2430c, 0xba7548a7),
-     TOBN(0xb30d1b10, 0xa16be615), TOBN(0xe3ebbb97, 0x85bfb74c),
-     TOBN(0xa3273cfe, 0x18549fdb), TOBN(0xf6e200bf, 0x4fcdb792),
-     TOBN(0x54a76e18, 0x83aba56c), TOBN(0x73ec66f6, 0x89ef6aa2),
-     TOBN(0x8d17add7, 0xd1b9a305), TOBN(0xa959c5b9, 0xb7ae1b9d),
-     TOBN(0x88643522, 0x6bcc094a), TOBN(0xcc5616c4, 0xd7d429b9),
-     TOBN(0xa6dada01, 0xe6a33f7c), TOBN(0xc6217a07, 0x9d4e70ad),
-     TOBN(0xd619a818, 0x09c15b7c), TOBN(0xea06b329, 0x0e80c854),
-     TOBN(0x174811ce, 0xa5f5e7b9), TOBN(0x66dfc310, 0x787c65f4),
-     TOBN(0x4ea7bd69, 0x3316ab54), TOBN(0xc12c4acb, 0x1dcc0f70),
-     TOBN(0xe4308d1a, 0x1e407dd9), TOBN(0xe8a3587c, 0x91afa997),
-     TOBN(0xea296c12, 0xab77b7a5), TOBN(0xb5ad49e4, 0x673c0d52),
-     TOBN(0x40f9b2b2, 0x7006085a), TOBN(0xa88ff340, 0x87bf6ec2),
-     TOBN(0x978603b1, 0x4e3066a6), TOBN(0xb3f99fc2, 0xb5e486e2),
-     TOBN(0x07b53f5e, 0xb2e63645), TOBN(0xbe57e547, 0x84c84232),
-     TOBN(0xd779c216, 0x7214d5cf), TOBN(0x617969cd, 0x029a3aca),
-     TOBN(0xd17668cd, 0x8a7017a0), TOBN(0x77b4d19a, 0xbe9b7ee8),
-     TOBN(0x58fd0e93, 0x9c161776), TOBN(0xa8c4f4ef, 0xd5968a72),
-     TOBN(0x296071cc, 0x67b3de77), TOBN(0xae3c0b8e, 0x634f7905),
-     TOBN(0x67e440c2, 0x8a7100c9), TOBN(0xbb8c3c1b, 0xeb4b9b42),
-     TOBN(0x6d71e8ea, 0xc51b3583), TOBN(0x7591f5af, 0x9525e642),
-     TOBN(0xf73a2f7b, 0x13f509f3), TOBN(0x618487aa, 0x5619ac9b),
-     TOBN(0x3a72e5f7, 0x9d61718a), TOBN(0x00413bcc, 0x7592d28c),
-     TOBN(0x7d9b11d3, 0x963c35cf), TOBN(0x77623bcf, 0xb90a46ed),
-     TOBN(0xdeef273b, 0xdcdd2a50), TOBN(0x4a741f9b, 0x0601846e),
-     TOBN(0x33b89e51, 0x0ec6e929), TOBN(0xcb02319f, 0x8b7f22cd),
-     TOBN(0xbbe1500d, 0x084bae24), TOBN(0x2f0ae8d7, 0x343d2693),
-     TOBN(0xacffb5f2, 0x7cdef811), TOBN(0xaa0c030a, 0x263fb94f),
-     TOBN(0x6eef0d61, 0xa0f442de), TOBN(0xf92e1817, 0x27b139d3),
-     TOBN(0x1ae6deb7, 0x0ad8bc28), TOBN(0xa89e38dc, 0xc0514130),
-     TOBN(0x81eeb865, 0xd2fdca23), TOBN(0x5a15ee08, 0xcc8ef895),
-     TOBN(0x768fa10a, 0x01905614), TOBN(0xeff5b8ef, 0x880ee19b),
-     TOBN(0xf0c0cabb, 0xcb1c8a0e), TOBN(0x2e1ee9cd, 0xb8c838f9),
-     TOBN(0x0587d8b8, 0x8a4a14c0), TOBN(0xf6f27896, 0x2ff698e5),
-     TOBN(0xed38ef1c, 0x89ee6256), TOBN(0xf44ee1fe, 0x6b353b45),
-     TOBN(0x9115c0c7, 0x70e903b3), TOBN(0xc78ec0a1, 0x818f31df),
-     TOBN(0x6c003324, 0xb7dccbc6), TOBN(0xd96dd1f3, 0x163bbc25),
-     TOBN(0x33aa82dd, 0x5cedd805), TOBN(0x123aae4f, 0x7f7eb2f1),
-     TOBN(0x1723fcf5, 0xa26262cd), TOBN(0x1f7f4d5d, 0x0060ebd5),
-     TOBN(0xf19c5c01, 0xb2eaa3af), TOBN(0x2ccb9b14, 0x9790accf),
-     TOBN(0x1f9c1cad, 0x52324aa6), TOBN(0x63200526, 0x7247df54),
-     TOBN(0x5732fe42, 0xbac96f82), TOBN(0x52fe771f, 0x01a1c384),
-     TOBN(0x546ca13d, 0xb1001684), TOBN(0xb56b4eee, 0xa1709f75),
-     TOBN(0x266545a9, 0xd5db8672), TOBN(0xed971c90, 0x1e8f3cfb),
-     TOBN(0x4e7d8691, 0xe3a07b29), TOBN(0x7570d9ec, 0xe4b696b9),
-     TOBN(0xdc5fa067, 0x7bc7e9ae), TOBN(0x68b44caf, 0xc82c4844),
-     TOBN(0x519d34b3, 0xbf44da80), TOBN(0x283834f9, 0x5ab32e66),
-     TOBN(0x6e608797, 0x6278a000), TOBN(0x1e62960e, 0x627312f6),
-     TOBN(0x9b87b27b, 0xe6901c55), TOBN(0x80e78538, 0x24fdbc1f),
-     TOBN(0xbbbc0951, 0x2facc27d), TOBN(0x06394239, 0xac143b5a),
-     TOBN(0x35bb4a40, 0x376c1944), TOBN(0x7cb62694, 0x63da1511),
-     TOBN(0xafd29161, 0xb7148a3b), TOBN(0xa6f9d9ed, 0x4e2ea2ee),
-     TOBN(0x15dc2ca2, 0x880dd212), TOBN(0x903c3813, 0xa61139a9),
-     TOBN(0x2aa7b46d, 0x6c0f8785), TOBN(0x36ce2871, 0x901c60ff),
-     TOBN(0xc683b028, 0xe10d9c12), TOBN(0x7573baa2, 0x032f33d3),
-     TOBN(0x87a9b1f6, 0x67a31b58), TOBN(0xfd3ed11a, 0xf4ffae12),
-     TOBN(0x83dcaa9a, 0x0cb2748e), TOBN(0x8239f018, 0x5d6fdf16),
-     TOBN(0xba67b49c, 0x72753941), TOBN(0x2beec455, 0xc321cb36),
-     TOBN(0x88015606, 0x3f8b84ce), TOBN(0x76417083, 0x8d38c86f),
-     TOBN(0x054f1ca7, 0x598953dd), TOBN(0xc939e110, 0x4e8e7429),
-     TOBN(0x9b1ac2b3, 0x5a914f2f), TOBN(0x39e35ed3, 0xe74b8f9c),
-     TOBN(0xd0debdb2, 0x781b2fb0), TOBN(0x1585638f, 0x2d997ba2),
-     TOBN(0x9c4b646e, 0x9e2fce99), TOBN(0x68a21081, 0x1e80857f),
-     TOBN(0x06d54e44, 0x3643b52a), TOBN(0xde8d6d63, 0x0d8eb843),
-     TOBN(0x70321563, 0x42146a0a), TOBN(0x8ba826f2, 0x5eaa3622),
-     TOBN(0x227a58bd, 0x86138787), TOBN(0x43b6c03c, 0x10281d37),
-     TOBN(0x6326afbb, 0xb54dde39), TOBN(0x744e5e8a, 0xdb6f2d5f),
-     TOBN(0x48b2a99a, 0xcff158e1), TOBN(0xa93c8fa0, 0xef87918f),
-     TOBN(0x2182f956, 0xde058c5c), TOBN(0x216235d2, 0x936f9e7a),
-     TOBN(0xace0c0db, 0xd2e31e67), TOBN(0xc96449bf, 0xf23ac3e7),
-     TOBN(0x7e9a2874, 0x170693bd), TOBN(0xa28e14fd, 0xa45e6335),
-     TOBN(0x5757f6b3, 0x56427344), TOBN(0x822e4556, 0xacf8edf9),
-     TOBN(0x2b7a6ee2, 0xe6a285cd), TOBN(0x5866f211, 0xa9df3af0),
-     TOBN(0x40dde2dd, 0xf845b844), TOBN(0x986c3726, 0x110e5e49),
-     TOBN(0x73680c2a, 0xf7172277), TOBN(0x57b94f0f, 0x0cccb244),
-     TOBN(0xbdff7267, 0x2d438ca7), TOBN(0xbad1ce11, 0xcf4663fd),
-     TOBN(0x9813ed9d, 0xd8f71cae), TOBN(0xf43272a6, 0x961fdaa6),
-     TOBN(0xbeff0119, 0xbd6d1637), TOBN(0xfebc4f91, 0x30361978),
-     TOBN(0x02b37a95, 0x2f41deff), TOBN(0x0e44a59a, 0xe63b89b7),
-     TOBN(0x673257dc, 0x143ff951), TOBN(0x19c02205, 0xd752baf4),
-     TOBN(0x46c23069, 0xc4b7d692), TOBN(0x2e6392c3, 0xfd1502ac),
-     TOBN(0x6057b1a2, 0x1b220846), TOBN(0xe51ff946, 0x0c1b5b63),}
-    ,
-    {TOBN(0x6e85cb51, 0x566c5c43), TOBN(0xcff9c919, 0x3597f046),
-     TOBN(0x9354e90c, 0x4994d94a), TOBN(0xe0a39332, 0x2147927d),
-     TOBN(0x8427fac1, 0x0dc1eb2b), TOBN(0x88cfd8c2, 0x2ff319fa),
-     TOBN(0xe2d4e684, 0x01965274), TOBN(0xfa2e067d, 0x67aaa746),
-     TOBN(0xb6d92a7f, 0x3e5f9f11), TOBN(0x9afe153a, 0xd6cb3b8e),
-     TOBN(0x4d1a6dd7, 0xddf800bd), TOBN(0xf6c13cc0, 0xcaf17e19),
-     TOBN(0x15f6c58e, 0x325fc3ee), TOBN(0x71095400, 0xa31dc3b2),
-     TOBN(0x168e7c07, 0xafa3d3e7), TOBN(0x3f8417a1, 0x94c7ae2d),
-     TOBN(0xec234772, 0x813b230d), TOBN(0x634d0f5f, 0x17344427),
-     TOBN(0x11548ab1, 0xd77fc56a), TOBN(0x7fab1750, 0xce06af77),
-     TOBN(0xb62c10a7, 0x4f7c4f83), TOBN(0xa7d2edc4, 0x220a67d9),
-     TOBN(0x1c404170, 0x921209a0), TOBN(0x0b9815a0, 0xface59f0),
-     TOBN(0x2842589b, 0x319540c3), TOBN(0x18490f59, 0xa283d6f8),
-     TOBN(0xa2731f84, 0xdaae9fcb), TOBN(0x3db6d960, 0xc3683ba0),
-     TOBN(0xc85c63bb, 0x14611069), TOBN(0xb19436af, 0x0788bf05),
-     TOBN(0x905459df, 0x347460d2), TOBN(0x73f6e094, 0xe11a7db1),
-     TOBN(0xdc7f938e, 0xb6357f37), TOBN(0xc5d00f79, 0x2bd8aa62),
-     TOBN(0xc878dcb9, 0x2ca979fc), TOBN(0x37e83ed9, 0xeb023a99),
-     TOBN(0x6b23e273, 0x1560bf3d), TOBN(0x1086e459, 0x1d0fae61),
-     TOBN(0x78248316, 0x9a9414bd), TOBN(0x1b956bc0, 0xf0ea9ea1),
-     TOBN(0x7b85bb91, 0xc31b9c38), TOBN(0x0c5aa90b, 0x48ef57b5),
-     TOBN(0xdedeb169, 0xaf3bab6f), TOBN(0xe610ad73, 0x2d373685),
-     TOBN(0xf13870df, 0x02ba8e15), TOBN(0x0337edb6, 0x8ca7f771),
-     TOBN(0xe4acf747, 0xb62c036c), TOBN(0xd921d576, 0xb6b94e81),
-     TOBN(0xdbc86439, 0x2c422f7a), TOBN(0xfb635362, 0xed348898),
-     TOBN(0x83084668, 0xc45bfcd1), TOBN(0xc357c9e3, 0x2b315e11),
-     TOBN(0xb173b540, 0x5b2e5b8c), TOBN(0x7e946931, 0xe102b9a4),
-     TOBN(0x17c890eb, 0x7b0fb199), TOBN(0xec225a83, 0xd61b662b),
-     TOBN(0xf306a3c8, 0xee3c76cb), TOBN(0x3cf11623, 0xd32a1f6e),
-     TOBN(0xe6d5ab64, 0x6863e956), TOBN(0x3b8a4cbe, 0x5c005c26),
-     TOBN(0xdcd529a5, 0x9ce6bb27), TOBN(0xc4afaa52, 0x04d4b16f),
-     TOBN(0xb0624a26, 0x7923798d), TOBN(0x85e56df6, 0x6b307fab),
-     TOBN(0x0281893c, 0x2bf29698), TOBN(0x91fc19a4, 0xd7ce7603),
-     TOBN(0x75a5dca3, 0xad9a558f), TOBN(0x40ceb3fa, 0x4d50bf77),
-     TOBN(0x1baf6060, 0xbc9ba369), TOBN(0x927e1037, 0x597888c2),
-     TOBN(0xd936bf19, 0x86a34c07), TOBN(0xd4cf10c1, 0xc34ae980),
-     TOBN(0x3a3e5334, 0x859dd614), TOBN(0x9c475b5b, 0x18d0c8ee),
-     TOBN(0x63080d1f, 0x07cd51d5), TOBN(0xc9c0d0a6, 0xb88b4326),
-     TOBN(0x1ac98691, 0xc234296f), TOBN(0x2a0a83a4, 0x94887fb6),
-     TOBN(0x56511427, 0x0cea9cf2), TOBN(0x5230a6e8, 0xa24802f5),
-     TOBN(0xf7a2bf0f, 0x72e3d5c1), TOBN(0x37717446, 0x4f21439e),
-     TOBN(0xfedcbf25, 0x9ce30334), TOBN(0xe0030a78, 0x7ce202f9),
-     TOBN(0x6f2d9ebf, 0x1202e9ca), TOBN(0xe79dde6c, 0x75e6e591),
-     TOBN(0xf52072af, 0xf1dac4f8), TOBN(0x6c8d087e, 0xbb9b404d),
-     TOBN(0xad0fc73d, 0xbce913af), TOBN(0x909e587b, 0x458a07cb),
-     TOBN(0x1300da84, 0xd4f00c8a), TOBN(0x425cd048, 0xb54466ac),
-     TOBN(0xb59cb9be, 0x90e9d8bf), TOBN(0x991616db, 0x3e431b0e),
-     TOBN(0xd3aa117a, 0x531aecff), TOBN(0x91af92d3, 0x59f4dc3b),
-     TOBN(0x9b1ec292, 0xe93fda29), TOBN(0x76bb6c17, 0xe97d91bc),
-     TOBN(0x7509d95f, 0xaface1e6), TOBN(0x3653fe47, 0xbe855ae3),
-     TOBN(0x73180b28, 0x0f680e75), TOBN(0x75eefd1b, 0xeeb6c26c),
-     TOBN(0xa4cdf29f, 0xb66d4236), TOBN(0x2d70a997, 0x6b5821d8),
-     TOBN(0x7a3ee207, 0x20445c36), TOBN(0x71d1ac82, 0x59877174),
-     TOBN(0x0fc539f7, 0x949f73e9), TOBN(0xd05cf3d7, 0x982e3081),
-     TOBN(0x8758e20b, 0x7b1c7129), TOBN(0xffadcc20, 0x569e61f2),
-     TOBN(0xb05d3a2f, 0x59544c2d), TOBN(0xbe16f5c1, 0x9fff5e53),
-     TOBN(0x73cf65b8, 0xaad58135), TOBN(0x622c2119, 0x037aa5be),
-     TOBN(0x79373b3f, 0x646fd6a0), TOBN(0x0e029db5, 0x0d3978cf),
-     TOBN(0x8bdfc437, 0x94fba037), TOBN(0xaefbd687, 0x620797a6),
-     TOBN(0x3fa5382b, 0xbd30d38e), TOBN(0x7627cfbf, 0x585d7464),
-     TOBN(0xb2330fef, 0x4e4ca463), TOBN(0xbcef7287, 0x3566cc63),
-     TOBN(0xd161d2ca, 0xcf780900), TOBN(0x135dc539, 0x5b54827d),
-     TOBN(0x638f052e, 0x27bf1bc6), TOBN(0x10a224f0, 0x07dfa06c),
-     TOBN(0xe973586d, 0x6d3321da), TOBN(0x8b0c5738, 0x26152c8f),
-     TOBN(0x07ef4f2a, 0x34606074), TOBN(0x80fe7fe8, 0xa0f7047a),
-     TOBN(0x3d1a8152, 0xe1a0e306), TOBN(0x32cf43d8, 0x88da5222),
-     TOBN(0xbf89a95f, 0x5f02ffe6), TOBN(0x3d9eb9a4, 0x806ad3ea),
-     TOBN(0x012c17bb, 0x79c8e55e), TOBN(0xfdcd1a74, 0x99c81dac),
-     TOBN(0x7043178b, 0xb9556098), TOBN(0x4090a1df, 0x801c3886),
-     TOBN(0x759800ff, 0x9b67b912), TOBN(0x3e5c0304, 0x232620c8),
-     TOBN(0x4b9d3c4b, 0x70dceeca), TOBN(0xbb2d3c15, 0x181f648e),
-     TOBN(0xf981d837, 0x6e33345c), TOBN(0xb626289b, 0x0cf2297a),
-     TOBN(0x766ac659, 0x8baebdcf), TOBN(0x1a28ae09, 0x75df01e5),
-     TOBN(0xb71283da, 0x375876d8), TOBN(0x4865a96d, 0x607b9800),
-     TOBN(0x25dd1bcd, 0x237936b2), TOBN(0x332f4f4b, 0x60417494),
-     TOBN(0xd0923d68, 0x370a2147), TOBN(0x497f5dfb, 0xdc842203),
-     TOBN(0x9dc74cbd, 0x32be5e0f), TOBN(0x7475bcb7, 0x17a01375),
-     TOBN(0x438477c9, 0x50d872b1), TOBN(0xcec67879, 0xffe1d63d),
-     TOBN(0x9b006014, 0xd8578c70), TOBN(0xc9ad99a8, 0x78bb6b8b),
-     TOBN(0x6799008e, 0x11fb3806), TOBN(0xcfe81435, 0xcd44cab3),
-     TOBN(0xa2ee1582, 0x2f4fb344), TOBN(0xb8823450, 0x483fa6eb),
-     TOBN(0x622d323d, 0x652c7749), TOBN(0xd8474a98, 0xbeb0a15b),
-     TOBN(0xe43c154d, 0x5d1c00d0), TOBN(0x7fd581d9, 0x0e3e7aac),
-     TOBN(0x2b44c619, 0x2525ddf8), TOBN(0x67a033eb, 0xb8ae9739),
-     TOBN(0x113ffec1, 0x9ef2d2e4), TOBN(0x1bf6767e, 0xd5a0ea7f),
-     TOBN(0x57fff75e, 0x03714c0a), TOBN(0xa23c422e, 0x0a23e9ee),
-     TOBN(0xdd5f6b2d, 0x540f83af), TOBN(0xc2c2c27e, 0x55ea46a7),
-     TOBN(0xeb6b4246, 0x672a1208), TOBN(0xd13599f7, 0xae634f7a),
-     TOBN(0xcf914b5c, 0xd7b32c6e), TOBN(0x61a5a640, 0xeaf61814),
-     TOBN(0x8dc3df8b, 0x208a1bbb), TOBN(0xef627fd6, 0xb6d79aa5),
-     TOBN(0x44232ffc, 0xc4c86bc8), TOBN(0xe6f9231b, 0x061539fe),
-     TOBN(0x1d04f25a, 0x958b9533), TOBN(0x180cf934, 0x49e8c885),
-     TOBN(0x89689595, 0x9884aaf7), TOBN(0xb1959be3, 0x07b348a6),
-     TOBN(0x96250e57, 0x3c147c87), TOBN(0xae0efb3a, 0xdd0c61f8),
-     TOBN(0xed00745e, 0xca8c325e), TOBN(0x3c911696, 0xecff3f70),
-     TOBN(0x73acbc65, 0x319ad41d), TOBN(0x7b01a020, 0xf0b1c7ef),
-     TOBN(0xea32b293, 0x63a1483f), TOBN(0x89eabe71, 0x7a248f96),
-     TOBN(0x9c6231d3, 0x343157e5), TOBN(0x93a375e5, 0xdf3c546d),
-     TOBN(0xe76e9343, 0x6a2afe69), TOBN(0xc4f89100, 0xe166c88e),
-     TOBN(0x248efd0d, 0x4f872093), TOBN(0xae0eb3ea, 0x8fe0ea61),
-     TOBN(0xaf89790d, 0x9d79046e), TOBN(0x4d650f2d, 0x6cee0976),
-     TOBN(0xa3935d9a, 0x43071eca), TOBN(0x66fcd2c9, 0x283b0bfe),
-     TOBN(0x0e665eb5, 0x696605f1), TOBN(0xe77e5d07, 0xa54cd38d),
-     TOBN(0x90ee050a, 0x43d950cf), TOBN(0x86ddebda, 0xd32e69b5),
-     TOBN(0x6ad94a3d, 0xfddf7415), TOBN(0xf7fa1309, 0x3f6e8d5a),
-     TOBN(0xc4831d1d, 0xe9957f75), TOBN(0x7de28501, 0xd5817447),
-     TOBN(0x6f1d7078, 0x9e2aeb6b), TOBN(0xba2b9ff4, 0xf67a53c2),
-     TOBN(0x36963767, 0xdf9defc3), TOBN(0x479deed3, 0x0d38022c),
-     TOBN(0xd2edb89b, 0x3a8631e8), TOBN(0x8de855de, 0x7a213746),
-     TOBN(0xb2056cb7, 0xb00c5f11), TOBN(0xdeaefbd0, 0x2c9b85e4),
-     TOBN(0x03f39a8d, 0xd150892d), TOBN(0x37b84686, 0x218b7985),
-     TOBN(0x36296dd8, 0xb7375f1a), TOBN(0x472cd4b1, 0xb78e898e),
-     TOBN(0x15dff651, 0xe9f05de9), TOBN(0xd4045069, 0x2ce98ba9),
-     TOBN(0x8466a7ae, 0x9b38024c), TOBN(0xb910e700, 0xe5a6b5ef),
-     TOBN(0xae1c56ea, 0xb3aa8f0d), TOBN(0xbab2a507, 0x7eee74a6),
-     TOBN(0x0dca11e2, 0x4b4c4620), TOBN(0xfd896e2e, 0x4c47d1f4),
-     TOBN(0xeb45ae53, 0x308fbd93), TOBN(0x46cd5a2e, 0x02c36fda),
-     TOBN(0x6a3d4e90, 0xbaa48385), TOBN(0xdd55e62e, 0x9dbe9960),
-     TOBN(0xa1406aa0, 0x2a81ede7), TOBN(0x6860dd14, 0xf9274ea7),
-     TOBN(0xcfdcb0c2, 0x80414f86), TOBN(0xff410b10, 0x22f94327),
-     TOBN(0x5a33cc38, 0x49ad467b), TOBN(0xefb48b6c, 0x0a7335f1),
-     TOBN(0x14fb54a4, 0xb153a360), TOBN(0x604aa9d2, 0xb52469cc),
-     TOBN(0x5e9dc486, 0x754e48e9), TOBN(0x693cb455, 0x37471e8e),
-     TOBN(0xfb2fd7cd, 0x8d3b37b6), TOBN(0x63345e16, 0xcf09ff07),
-     TOBN(0x9910ba6b, 0x23a5d896), TOBN(0x1fe19e35, 0x7fe4364e),
-     TOBN(0x6e1da8c3, 0x9a33c677), TOBN(0x15b4488b, 0x29fd9fd0),
-     TOBN(0x1f439254, 0x1a1f22bf), TOBN(0x920a8a70, 0xab8163e8),
-     TOBN(0x3fd1b249, 0x07e5658e), TOBN(0xf2c4f79c, 0xb6ec839b),
-     TOBN(0x1abbc3d0, 0x4aa38d1b), TOBN(0x3b0db35c, 0xb5d9510e),
-     TOBN(0x1754ac78, 0x3e60dec0), TOBN(0x53272fd7, 0xea099b33),
-     TOBN(0x5fb0494f, 0x07a8e107), TOBN(0x4a89e137, 0x6a8191fa),
-     TOBN(0xa113b7f6, 0x3c4ad544), TOBN(0x88a2e909, 0x6cb9897b),
-     TOBN(0x17d55de3, 0xb44a3f84), TOBN(0xacb2f344, 0x17c6c690),
-     TOBN(0x32088168, 0x10232390), TOBN(0xf2e8a61f, 0x6c733bf7),
-     TOBN(0xa774aab6, 0x9c2d7652), TOBN(0xfb5307e3, 0xed95c5bc),
-     TOBN(0xa05c73c2, 0x4981f110), TOBN(0x1baae31c, 0xa39458c9),
-     TOBN(0x1def185b, 0xcbea62e7), TOBN(0xe8ac9eae, 0xeaf63059),
-     TOBN(0x098a8cfd, 0x9921851c), TOBN(0xd959c3f1, 0x3abe2f5b),
-     TOBN(0xa4f19525, 0x20e40ae5), TOBN(0x320789e3, 0x07a24aa1),
-     TOBN(0x259e6927, 0x7392b2bc), TOBN(0x58f6c667, 0x1918668b),
-     TOBN(0xce1db2bb, 0xc55d2d8b), TOBN(0x41d58bb7, 0xf4f6ca56),
-     TOBN(0x7650b680, 0x8f877614), TOBN(0x905e16ba, 0xf4c349ed),
-     TOBN(0xed415140, 0xf661acac), TOBN(0x3b8784f0, 0xcb2270af),
-     TOBN(0x3bc280ac, 0x8a402cba), TOBN(0xd53f7146, 0x0937921a),
-     TOBN(0xc03c8ee5, 0xe5681e83), TOBN(0x62126105, 0xf6ac9e4a),
-     TOBN(0x9503a53f, 0x936b1a38), TOBN(0x3d45e2d4, 0x782fecbd),
-     TOBN(0x69a5c439, 0x76e8ae98), TOBN(0xb53b2eeb, 0xbfb4b00e),
-     TOBN(0xf1674712, 0x72386c89), TOBN(0x30ca34a2, 0x4268bce4),
-     TOBN(0x7f1ed86c, 0x78341730), TOBN(0x8ef5beb8, 0xb525e248),
-     TOBN(0xbbc489fd, 0xb74fbf38), TOBN(0x38a92a0e, 0x91a0b382),
-     TOBN(0x7a77ba3f, 0x22433ccf), TOBN(0xde8362d6, 0xa29f05a9),
-     TOBN(0x7f6a30ea, 0x61189afc), TOBN(0x693b5505, 0x59ef114f),
-     TOBN(0x50266bc0, 0xcd1797a1), TOBN(0xea17b47e, 0xf4b7af2d),
-     TOBN(0xd6c4025c, 0x3df9483e), TOBN(0x8cbb9d9f, 0xa37b18c9),
-     TOBN(0x91cbfd9c, 0x4d8424cf), TOBN(0xdb7048f1, 0xab1c3506),
-     TOBN(0x9eaf641f, 0x028206a3), TOBN(0xf986f3f9, 0x25bdf6ce),
-     TOBN(0x262143b5, 0x224c08dc), TOBN(0x2bbb09b4, 0x81b50c91),
-     TOBN(0xc16ed709, 0xaca8c84f), TOBN(0xa6210d9d, 0xb2850ca8),
-     TOBN(0x6d8df67a, 0x09cb54d6), TOBN(0x91eef6e0, 0x500919a4),
-     TOBN(0x90f61381, 0x0f132857), TOBN(0x9acede47, 0xf8d5028b),
-     TOBN(0x844d1b71, 0x90b771c3), TOBN(0x563b71e4, 0xba6426be),
-     TOBN(0x2efa2e83, 0xbdb802ff), TOBN(0x3410cbab, 0xab5b4a41),
-     TOBN(0x555b2d26, 0x30da84dd), TOBN(0xd0711ae9, 0xee1cc29a),
-     TOBN(0xcf3e8c60, 0x2f547792), TOBN(0x03d7d5de, 0xdc678b35),
-     TOBN(0x071a2fa8, 0xced806b8), TOBN(0x222e6134, 0x697f1478),
-     TOBN(0xdc16fd5d, 0xabfcdbbf), TOBN(0x44912ebf, 0x121b53b8),
-     TOBN(0xac943674, 0x2496c27c), TOBN(0x8ea3176c, 0x1ffc26b0),
-     TOBN(0xb6e224ac, 0x13debf2c), TOBN(0x524cc235, 0xf372a832),
-     TOBN(0xd706e1d8, 0x9f6f1b18), TOBN(0x2552f005, 0x44cce35b),
-     TOBN(0x8c8326c2, 0xa88e31fc), TOBN(0xb5468b2c, 0xf9552047),
-     TOBN(0xce683e88, 0x3ff90f2b), TOBN(0x77947bdf, 0x2f0a5423),
-     TOBN(0xd0a1b28b, 0xed56e328), TOBN(0xaee35253, 0xc20134ac),
-     TOBN(0x7e98367d, 0x3567962f), TOBN(0x379ed61f, 0x8188bffb),
-     TOBN(0x73bba348, 0xfaf130a1), TOBN(0x6c1f75e1, 0x904ed734),
-     TOBN(0x18956642, 0x3b4a79fc), TOBN(0xf20bc83d, 0x54ef4493),
-     TOBN(0x836d425d, 0x9111eca1), TOBN(0xe5b5c318, 0x009a8dcf),
-     TOBN(0x3360b25d, 0x13221bc5), TOBN(0x707baad2, 0x6b3eeaf7),
-     TOBN(0xd7279ed8, 0x743a95a1), TOBN(0x7450a875, 0x969e809f),
-     TOBN(0x32b6bd53, 0xe5d0338f), TOBN(0x1e77f7af, 0x2b883bbc),
-     TOBN(0x90da12cc, 0x1063ecd0), TOBN(0xe2697b58, 0xc315be47),
-     TOBN(0x2771a5bd, 0xda85d534), TOBN(0x53e78c1f, 0xff980eea),
-     TOBN(0xadf1cf84, 0x900385e7), TOBN(0x7d3b14f6, 0xc9387b62),
-     TOBN(0x170e74b0, 0xcb8f2bd2), TOBN(0x2d50b486, 0x827fa993),
-     TOBN(0xcdbe8c9a, 0xf6f32bab), TOBN(0x55e906b0, 0xc3b93ab8),
-     TOBN(0x747f22fc, 0x8fe280d1), TOBN(0xcd8e0de5, 0xb2e114ab),
-     TOBN(0x5ab7dbeb, 0xe10b68b0), TOBN(0x9dc63a9c, 0xa480d4b2),
-     TOBN(0x78d4bc3b, 0x4be1495f), TOBN(0x25eb3db8, 0x9359122d),
-     TOBN(0x3f8ac05b, 0x0809cbdc), TOBN(0xbf4187bb, 0xd37c702f),
-     TOBN(0x84cea069, 0x1416a6a5), TOBN(0x8f860c79, 0x43ef881c),
-     TOBN(0x41311f8a, 0x38038a5d), TOBN(0xe78c2ec0, 0xfc612067),
-     TOBN(0x494d2e81, 0x5ad73581), TOBN(0xb4cc9e00, 0x59604097),
-     TOBN(0xff558aec, 0xf3612cba), TOBN(0x35beef7a, 0x9e36c39e),
-     TOBN(0x1845c7cf, 0xdbcf41b9), TOBN(0x5703662a, 0xaea997c0),
-     TOBN(0x8b925afe, 0xe402f6d8), TOBN(0xd0a1b1ae, 0x4dd72162),
-     TOBN(0x9f47b375, 0x03c41c4b), TOBN(0xa023829b, 0x0391d042),
-     TOBN(0x5f5045c3, 0x503b8b0a), TOBN(0x123c2688, 0x98c010e5),
-     TOBN(0x324ec0cc, 0x36ba06ee), TOBN(0xface3115, 0x3dd2cc0c),
-     TOBN(0xb364f3be, 0xf333e91f), TOBN(0xef8aff73, 0x28e832b0),
-     TOBN(0x1e9bad04, 0x2d05841b), TOBN(0x42f0e3df, 0x356a21e2),
-     TOBN(0xa3270bcb, 0x4add627e), TOBN(0xb09a8158, 0xd322e711),
-     TOBN(0x86e326a1, 0x0fee104a), TOBN(0xad7788f8, 0x3703f65d),
-     TOBN(0x7e765430, 0x47bc4833), TOBN(0x6cee582b, 0x2b9b893a),
-     TOBN(0x9cd2a167, 0xe8f55a7b), TOBN(0xefbee3c6, 0xd9e4190d),
-     TOBN(0x33ee7185, 0xd40c2e9d), TOBN(0x844cc9c5, 0xa380b548),
-     TOBN(0x323f8ecd, 0x66926e04), TOBN(0x0001e38f, 0x8110c1ba),
-     TOBN(0x8dbcac12, 0xfc6a7f07), TOBN(0xd65e1d58, 0x0cec0827),
-     TOBN(0xd2cd4141, 0xbe76ca2d), TOBN(0x7895cf5c, 0xe892f33a),
-     TOBN(0x956d230d, 0x367139d2), TOBN(0xa91abd3e, 0xd012c4c1),
-     TOBN(0x34fa4883, 0x87eb36bf), TOBN(0xc5f07102, 0x914b8fb4),
-     TOBN(0x90f0e579, 0xadb9c95f), TOBN(0xfe6ea8cb, 0x28888195),
-     TOBN(0x7b9b5065, 0xedfa9284), TOBN(0x6c510bd2, 0x2b8c8d65),
-     TOBN(0xd7b8ebef, 0xcbe8aafd), TOBN(0xedb3af98, 0x96b1da07),
-     TOBN(0x28ff779d, 0x6295d426), TOBN(0x0c4f6ac7, 0x3fa3ad7b),
-     TOBN(0xec44d054, 0x8b8e2604), TOBN(0x9b32a66d, 0x8b0050e1),
-     TOBN(0x1f943366, 0xf0476ce2), TOBN(0x7554d953, 0xa602c7b4),
-     TOBN(0xbe35aca6, 0x524f2809), TOBN(0xb6881229, 0xfd4edbea),
-     TOBN(0xe8cd0c8f, 0x508efb63), TOBN(0x9eb5b5c8, 0x6abcefc7),
-     TOBN(0xf5621f5f, 0xb441ab4f), TOBN(0x79e6c046, 0xb76a2b22),
-     TOBN(0x74a4792c, 0xe37a1f69), TOBN(0xcbd252cb, 0x03542b60),
-     TOBN(0x785f65d5, 0xb3c20bd3), TOBN(0x8dea6143, 0x4fabc60c),
-     TOBN(0x45e21446, 0xde673629), TOBN(0x57f7aa1e, 0x703c2d21),
-     TOBN(0xa0e99b7f, 0x98c868c7), TOBN(0x4e42f66d, 0x8b641676),
-     TOBN(0x602884dc, 0x91077896), TOBN(0xa0d690cf, 0xc2c9885b),
-     TOBN(0xfeb4da33, 0x3b9a5187), TOBN(0x5f789598, 0x153c87ee),
-     TOBN(0x2192dd47, 0x52b16dba), TOBN(0xdeefc0e6, 0x3524c1b1),
-     TOBN(0x465ea76e, 0xe4383693), TOBN(0x79401711, 0x361b8d98),
-     TOBN(0xa5f9ace9, 0xf21a15cb), TOBN(0x73d26163, 0xefee9aeb),
-     TOBN(0xcca844b3, 0xe677016c), TOBN(0x6c122b07, 0x57eaee06),
-     TOBN(0xb782dce7, 0x15f09690), TOBN(0x508b9b12, 0x2dfc0fc9),
-     TOBN(0x9015ab4b, 0x65d89fc6), TOBN(0x5e79dab7, 0xd6d5bb0f),
-     TOBN(0x64f021f0, 0x6c775aa2), TOBN(0xdf09d8cc, 0x37c7eca1),
-     TOBN(0x9a761367, 0xef2fa506), TOBN(0xed4ca476, 0x5b81eec6),
-     TOBN(0x262ede36, 0x10bbb8b5), TOBN(0x0737ce83, 0x0641ada3),
-     TOBN(0x4c94288a, 0xe9831ccc), TOBN(0x487fc1ce, 0x8065e635),
-     TOBN(0xb13d7ab3, 0xb8bb3659), TOBN(0xdea5df3e, 0x855e4120),
-     TOBN(0xb9a18573, 0x85eb0244), TOBN(0x1a1b8ea3, 0xa7cfe0a3),
-     TOBN(0x3b837119, 0x67b0867c), TOBN(0x8d5e0d08, 0x9d364520),
-     TOBN(0x52dccc1e, 0xd930f0e3), TOBN(0xefbbcec7, 0xbf20bbaf),
-     TOBN(0x99cffcab, 0x0263ad10), TOBN(0xd8199e6d, 0xfcd18f8a),
-     TOBN(0x64e2773f, 0xe9f10617), TOBN(0x0079e8e1, 0x08704848),
-     TOBN(0x1169989f, 0x8a342283), TOBN(0x8097799c, 0xa83012e6),
-     TOBN(0xece966cb, 0x8a6a9001), TOBN(0x93b3afef, 0x072ac7fc),
-     TOBN(0xe6893a2a, 0x2db3d5ba), TOBN(0x263dc462, 0x89bf4fdc),
-     TOBN(0x8852dfc9, 0xe0396673), TOBN(0x7ac70895, 0x3af362b6),
-     TOBN(0xbb9cce4d, 0x5c2f342b), TOBN(0xbf80907a, 0xb52d7aae),
-     TOBN(0x97f3d3cd, 0x2161bcd0), TOBN(0xb25b0834, 0x0962744d),
-     TOBN(0xc5b18ea5, 0x6c3a1dda), TOBN(0xfe4ec7eb, 0x06c92317),
-     TOBN(0xb787b890, 0xad1c4afe), TOBN(0xdccd9a92, 0x0ede801a),
-     TOBN(0x9ac6ddda, 0xdb58da1f), TOBN(0x22bbc12f, 0xb8cae6ee),
-     TOBN(0xc6f8bced, 0x815c4a43), TOBN(0x8105a92c, 0xf96480c7),
-     TOBN(0x0dc3dbf3, 0x7a859d51), TOBN(0xe3ec7ce6, 0x3041196b),
-     TOBN(0xd9f64b25, 0x0d1067c9), TOBN(0xf2321321, 0x3d1f8dd8),
-     TOBN(0x8b5c619c, 0x76497ee8), TOBN(0x5d2b0ac6, 0xc717370e),
-     TOBN(0x98204cb6, 0x4fcf68e1), TOBN(0x0bdec211, 0x62bc6792),
-     TOBN(0x6973ccef, 0xa63b1011), TOBN(0xf9e3fa97, 0xe0de1ac5),
-     TOBN(0x5efb693e, 0x3d0e0c8b), TOBN(0x037248e9, 0xd2d4fcb4),}
-    ,
-    {TOBN(0x80802dc9, 0x1ec34f9e), TOBN(0xd8772d35, 0x33810603),
-     TOBN(0x3f06d66c, 0x530cb4f3), TOBN(0x7be5ed0d, 0xc475c129),
-     TOBN(0xcb9e3c19, 0x31e82b10), TOBN(0xc63d2857, 0xc9ff6b4c),
-     TOBN(0xb92118c6, 0x92a1b45e), TOBN(0x0aec4414, 0x7285bbca),
-     TOBN(0xfc189ae7, 0x1e29a3ef), TOBN(0xcbe906f0, 0x4c93302e),
-     TOBN(0xd0107914, 0xceaae10e), TOBN(0xb7a23f34, 0xb68e19f8),
-     TOBN(0xe9d875c2, 0xefd2119d), TOBN(0x03198c6e, 0xfcadc9c8),
-     TOBN(0x65591bf6, 0x4da17113), TOBN(0x3cf0bbf8, 0x3d443038),
-     TOBN(0xae485bb7, 0x2b724759), TOBN(0x945353e1, 0xb2d4c63a),
-     TOBN(0x82159d07, 0xde7d6f2c), TOBN(0x389caef3, 0x4ec5b109),
-     TOBN(0x4a8ebb53, 0xdb65ef14), TOBN(0x2dc2cb7e, 0xdd99de43),
-     TOBN(0x816fa3ed, 0x83f2405f), TOBN(0x73429bb9, 0xc14208a3),
-     TOBN(0xb618d590, 0xb01e6e27), TOBN(0x047e2ccd, 0xe180b2dc),
-     TOBN(0xd1b299b5, 0x04aea4a9), TOBN(0x412c9e1e, 0x9fa403a4),
-     TOBN(0x88d28a36, 0x79407552), TOBN(0x49c50136, 0xf332b8e3),
-     TOBN(0x3a1b6fcc, 0xe668de19), TOBN(0x178851bc, 0x75122b97),
-     TOBN(0xb1e13752, 0xfb85fa4c), TOBN(0xd61257ce, 0x383c8ce9),
-     TOBN(0xd43da670, 0xd2f74dae), TOBN(0xa35aa23f, 0xbf846bbb),
-     TOBN(0x5e74235d, 0x4421fc83), TOBN(0xf6df8ee0, 0xc363473b),
-     TOBN(0x34d7f52a, 0x3c4aa158), TOBN(0x50d05aab, 0x9bc6d22e),
-     TOBN(0x8c56e735, 0xa64785f4), TOBN(0xbc56637b, 0x5f29cd07),
-     TOBN(0x53b2bb80, 0x3ee35067), TOBN(0x50235a0f, 0xdc919270),
-     TOBN(0x191ab6d8, 0xf2c4aa65), TOBN(0xc3475831, 0x8396023b),
-     TOBN(0x80400ba5, 0xf0f805ba), TOBN(0x8881065b, 0x5ec0f80f),
-     TOBN(0xc370e522, 0xcc1b5e83), TOBN(0xde2d4ad1, 0x860b8bfb),
-     TOBN(0xad364df0, 0x67b256df), TOBN(0x8f12502e, 0xe0138997),
-     TOBN(0x503fa0dc, 0x7783920a), TOBN(0xe80014ad, 0xc0bc866a),
-     TOBN(0x3f89b744, 0xd3064ba6), TOBN(0x03511dcd, 0xcba5dba5),
-     TOBN(0x197dd46d, 0x95a7b1a2), TOBN(0x9c4e7ad6, 0x3c6341fb),
-     TOBN(0x426eca29, 0x484c2ece), TOBN(0x9211e489, 0xde7f4f8a),
-     TOBN(0x14997f6e, 0xc78ef1f4), TOBN(0x2b2c0910, 0x06574586),
-     TOBN(0x17286a6e, 0x1c3eede8), TOBN(0x25f92e47, 0x0f60e018),
-     TOBN(0x805c5646, 0x31890a36), TOBN(0x703ef600, 0x57feea5b),
-     TOBN(0x389f747c, 0xaf3c3030), TOBN(0xe0e5daeb, 0x54dd3739),
-     TOBN(0xfe24a4c3, 0xc9c9f155), TOBN(0x7e4bf176, 0xb5393962),
-     TOBN(0x37183de2, 0xaf20bf29), TOBN(0x4a1bd7b5, 0xf95a8c3b),
-     TOBN(0xa83b9699, 0x46191d3d), TOBN(0x281fc8dd, 0x7b87f257),
-     TOBN(0xb18e2c13, 0x54107588), TOBN(0x6372def7, 0x9b2bafe8),
-     TOBN(0xdaf4bb48, 0x0d8972ca), TOBN(0x3f2dd4b7, 0x56167a3f),
-     TOBN(0x1eace32d, 0x84310cf4), TOBN(0xe3bcefaf, 0xe42700aa),
-     TOBN(0x5fe5691e, 0xd785e73d), TOBN(0xa5db5ab6, 0x2ea60467),
-     TOBN(0x02e23d41, 0xdfc6514a), TOBN(0x35e8048e, 0xe03c3665),
-     TOBN(0x3f8b118f, 0x1adaa0f8), TOBN(0x28ec3b45, 0x84ce1a5a),
-     TOBN(0xe8cacc6e, 0x2c6646b8), TOBN(0x1343d185, 0xdbd0e40f),
-     TOBN(0xe5d7f844, 0xcaaa358c), TOBN(0x1a1db7e4, 0x9924182a),
-     TOBN(0xd64cd42d, 0x9c875d9a), TOBN(0xb37b515f, 0x042eeec8),
-     TOBN(0x4d4dd409, 0x7b165fbe), TOBN(0xfc322ed9, 0xe206eff3),
-     TOBN(0x7dee4102, 0x59b7e17e), TOBN(0x55a481c0, 0x8236ca00),
-     TOBN(0x8c885312, 0xc23fc975), TOBN(0x15715806, 0x05d6297b),
-     TOBN(0xa078868e, 0xf78edd39), TOBN(0x956b31e0, 0x03c45e52),
-     TOBN(0x470275d5, 0xff7b33a6), TOBN(0xc8d5dc3a, 0x0c7e673f),
-     TOBN(0x419227b4, 0x7e2f2598), TOBN(0x8b37b634, 0x4c14a975),
-     TOBN(0xd0667ed6, 0x8b11888c), TOBN(0x5e0e8c3e, 0x803e25dc),
-     TOBN(0x34e5d0dc, 0xb987a24a), TOBN(0x9f40ac3b, 0xae920323),
-     TOBN(0x5463de95, 0x34e0f63a), TOBN(0xa128bf92, 0x6b6328f9),
-     TOBN(0x491ccd7c, 0xda64f1b7), TOBN(0x7ef1ec27, 0xc47bde35),
-     TOBN(0xa857240f, 0xa36a2737), TOBN(0x35dc1366, 0x63621bc1),
-     TOBN(0x7a3a6453, 0xd4fb6897), TOBN(0x80f1a439, 0xc929319d),
-     TOBN(0xfc18274b, 0xf8cb0ba0), TOBN(0xb0b53766, 0x8078c5eb),
-     TOBN(0xfb0d4924, 0x1e01d0ef), TOBN(0x50d7c67d, 0x372ab09c),
-     TOBN(0xb4e370af, 0x3aeac968), TOBN(0xe4f7fee9, 0xc4b63266),
-     TOBN(0xb4acd4c2, 0xe3ac5664), TOBN(0xf8910bd2, 0xceb38cbf),
-     TOBN(0x1c3ae50c, 0xc9c0726e), TOBN(0x15309569, 0xd97b40bf),
-     TOBN(0x70884b7f, 0xfd5a5a1b), TOBN(0x3890896a, 0xef8314cd),
-     TOBN(0x58e1515c, 0xa5618c93), TOBN(0xe665432b, 0x77d942d1),
-     TOBN(0xb32181bf, 0xb6f767a8), TOBN(0x753794e8, 0x3a604110),
-     TOBN(0x09afeb7c, 0xe8c0dbcc), TOBN(0x31e02613, 0x598673a3),
-     TOBN(0x5d98e557, 0x7d46db00), TOBN(0xfc21fb8c, 0x9d985b28),
-     TOBN(0xc9040116, 0xb0843e0b), TOBN(0x53b1b3a8, 0x69b04531),
-     TOBN(0xdd1649f0, 0x85d7d830), TOBN(0xbb3bcc87, 0xcb7427e8),
-     TOBN(0x77261100, 0xc93dce83), TOBN(0x7e79da61, 0xa1922a2a),
-     TOBN(0x587a2b02, 0xf3149ce8), TOBN(0x147e1384, 0xde92ec83),
-     TOBN(0x484c83d3, 0xaf077f30), TOBN(0xea78f844, 0x0658b53a),
-     TOBN(0x912076c2, 0x027aec53), TOBN(0xf34714e3, 0x93c8177d),
-     TOBN(0x37ef5d15, 0xc2376c84), TOBN(0x8315b659, 0x3d1aa783),
-     TOBN(0x3a75c484, 0xef852a90), TOBN(0x0ba0c58a, 0x16086bd4),
-     TOBN(0x29688d7a, 0x529a6d48), TOBN(0x9c7f250d, 0xc2f19203),
-     TOBN(0x123042fb, 0x682e2df9), TOBN(0x2b7587e7, 0xad8121bc),
-     TOBN(0x30fc0233, 0xe0182a65), TOBN(0xb82ecf87, 0xe3e1128a),
-     TOBN(0x71682861, 0x93fb098f), TOBN(0x043e21ae, 0x85e9e6a7),
-     TOBN(0xab5b49d6, 0x66c834ea), TOBN(0x3be43e18, 0x47414287),
-     TOBN(0xf40fb859, 0x219a2a47), TOBN(0x0e6559e9, 0xcc58df3c),
-     TOBN(0xfe1dfe8e, 0x0c6615b4), TOBN(0x14abc8fd, 0x56459d70),
-     TOBN(0x7be0fa8e, 0x05de0386), TOBN(0x8e63ef68, 0xe9035c7c),
-     TOBN(0x116401b4, 0x53b31e91), TOBN(0x0cba7ad4, 0x4436b4d8),
-     TOBN(0x9151f9a0, 0x107afd66), TOBN(0xafaca8d0, 0x1f0ee4c4),
-     TOBN(0x75fe5c1d, 0x9ee9761c), TOBN(0x3497a16b, 0xf0c0588f),
-     TOBN(0x3ee2bebd, 0x0304804c), TOBN(0xa8fb9a60, 0xc2c990b9),
-     TOBN(0xd14d32fe, 0x39251114), TOBN(0x36bf25bc, 0xcac73366),
-     TOBN(0xc9562c66, 0xdba7495c), TOBN(0x324d301b, 0x46ad348b),
-     TOBN(0x9f46620c, 0xd670407e), TOBN(0x0ea8d4f1, 0xe3733a01),
-     TOBN(0xd396d532, 0xb0c324e0), TOBN(0x5b211a0e, 0x03c317cd),
-     TOBN(0x090d7d20, 0x5ffe7b37), TOBN(0x3b7f3efb, 0x1747d2da),
-     TOBN(0xa2cb525f, 0xb54fc519), TOBN(0x6e220932, 0xf66a971e),
-     TOBN(0xddc160df, 0xb486d440), TOBN(0x7fcfec46, 0x3fe13465),
-     TOBN(0x83da7e4e, 0x76e4c151), TOBN(0xd6fa48a1, 0xd8d302b5),
-     TOBN(0xc6304f26, 0x5872cd88), TOBN(0x806c1d3c, 0x278b90a1),
-     TOBN(0x3553e725, 0xcaf0bc1c), TOBN(0xff59e603, 0xbb9d8d5c),
-     TOBN(0xa4550f32, 0x7a0b85dd), TOBN(0xdec5720a, 0x93ecc217),
-     TOBN(0x0b88b741, 0x69d62213), TOBN(0x7212f245, 0x5b365955),
-     TOBN(0x20764111, 0xb5cae787), TOBN(0x13cb7f58, 0x1dfd3124),
-     TOBN(0x2dca77da, 0x1175aefb), TOBN(0xeb75466b, 0xffaae775),
-     TOBN(0x74d76f3b, 0xdb6cff32), TOBN(0x7440f37a, 0x61fcda9a),
-     TOBN(0x1bb3ac92, 0xb525028b), TOBN(0x20fbf8f7, 0xa1975f29),
-     TOBN(0x982692e1, 0xdf83097f), TOBN(0x28738f6c, 0x554b0800),
-     TOBN(0xdc703717, 0xa2ce2f2f), TOBN(0x7913b93c, 0x40814194),
-     TOBN(0x04924593, 0x1fe89636), TOBN(0x7b98443f, 0xf78834a6),
-     TOBN(0x11c6ab01, 0x5114a5a1), TOBN(0x60deb383, 0xffba5f4c),
-     TOBN(0x4caa54c6, 0x01a982e6), TOBN(0x1dd35e11, 0x3491cd26),
-     TOBN(0x973c315f, 0x7cbd6b05), TOBN(0xcab00775, 0x52494724),
-     TOBN(0x04659b1f, 0x6565e15a), TOBN(0xbf30f529, 0x8c8fb026),
-     TOBN(0xfc21641b, 0xa8a0de37), TOBN(0xe9c7a366, 0xfa5e5114),
-     TOBN(0xdb849ca5, 0x52f03ad8), TOBN(0xc7e8dbe9, 0x024e35c0),
-     TOBN(0xa1a2bbac, 0xcfc3c789), TOBN(0xbf733e7d, 0x9c26f262),
-     TOBN(0x882ffbf5, 0xb8444823), TOBN(0xb7224e88, 0x6bf8483b),
-     TOBN(0x53023b8b, 0x65bef640), TOBN(0xaabfec91, 0xd4d5f8cd),
-     TOBN(0xa40e1510, 0x079ea1bd), TOBN(0x1ad9addc, 0xd05d5d26),
-     TOBN(0xdb3f2eab, 0x13e68d4f), TOBN(0x1cff1ae2, 0x640f803f),
-     TOBN(0xe0e7b749, 0xd4cee117), TOBN(0x8e9f275b, 0x4036d909),
-     TOBN(0xce34e31d, 0x8f4d4c38), TOBN(0x22b37f69, 0xd75130fc),
-     TOBN(0x83e0f1fd, 0xb4014604), TOBN(0xa8ce9919, 0x89415078),
-     TOBN(0x82375b75, 0x41792efe), TOBN(0x4f59bf5c, 0x97d4515b),
-     TOBN(0xac4f324f, 0x923a277d), TOBN(0xd9bc9b7d, 0x650f3406),
-     TOBN(0xc6fa87d1, 0x8a39bc51), TOBN(0x82588530, 0x5ccc108f),
-     TOBN(0x5ced3c9f, 0x82e4c634), TOBN(0x8efb8314, 0x3a4464f8),
-     TOBN(0xe706381b, 0x7a1dca25), TOBN(0x6cd15a3c, 0x5a2a412b),
-     TOBN(0x9347a8fd, 0xbfcd8fb5), TOBN(0x31db2eef, 0x6e54cd22),
-     TOBN(0xc4aeb11e, 0xf8d8932f), TOBN(0x11e7c1ed, 0x344411af),
-     TOBN(0x2653050c, 0xdc9a151e), TOBN(0x9edbfc08, 0x3bb0a859),
-     TOBN(0x926c81c7, 0xfd5691e7), TOBN(0x9c1b2342, 0x6f39019a),
-     TOBN(0x64a81c8b, 0x7f8474b9), TOBN(0x90657c07, 0x01761819),
-     TOBN(0x390b3331, 0x55e0375a), TOBN(0xc676c626, 0xb6ebc47d),
-     TOBN(0x51623247, 0xb7d6dee8), TOBN(0x0948d927, 0x79659313),
-     TOBN(0x99700161, 0xe9ab35ed), TOBN(0x06cc32b4, 0x8ddde408),
-     TOBN(0x6f2fd664, 0x061ef338), TOBN(0x1606fa02, 0xc202e9ed),
-     TOBN(0x55388bc1, 0x929ba99b), TOBN(0xc4428c5e, 0x1e81df69),
-     TOBN(0xce2028ae, 0xf91b0b2a), TOBN(0xce870a23, 0xf03dfd3f),
-     TOBN(0x66ec2c87, 0x0affe8ed), TOBN(0xb205fb46, 0x284d0c00),
-     TOBN(0xbf5dffe7, 0x44cefa48), TOBN(0xb6fc37a8, 0xa19876d7),
-     TOBN(0xbecfa84c, 0x08b72863), TOBN(0xd7205ff5, 0x2576374f),
-     TOBN(0x80330d32, 0x8887de41), TOBN(0x5de0df0c, 0x869ea534),
-     TOBN(0x13f42753, 0x3c56ea17), TOBN(0xeb1f6069, 0x452b1a78),
-     TOBN(0x50474396, 0xe30ea15c), TOBN(0x575816a1, 0xc1494125),
-     TOBN(0xbe1ce55b, 0xfe6bb38f), TOBN(0xb901a948, 0x96ae30f7),
-     TOBN(0xe5af0f08, 0xd8fc3548), TOBN(0x5010b5d0, 0xd73bfd08),
-     TOBN(0x993d2880, 0x53fe655a), TOBN(0x99f2630b, 0x1c1309fd),
-     TOBN(0xd8677baf, 0xb4e3b76f), TOBN(0x14e51ddc, 0xb840784b),
-     TOBN(0x326c750c, 0xbf0092ce), TOBN(0xc83d306b, 0xf528320f),
-     TOBN(0xc4456715, 0x77d4715c), TOBN(0xd30019f9, 0x6b703235),
-     TOBN(0x207ccb2e, 0xd669e986), TOBN(0x57c824af, 0xf6dbfc28),
-     TOBN(0xf0eb532f, 0xd8f92a23), TOBN(0x4a557fd4, 0x9bb98fd2),
-     TOBN(0xa57acea7, 0xc1e6199a), TOBN(0x0c663820, 0x8b94b1ed),
-     TOBN(0x9b42be8f, 0xf83a9266), TOBN(0xc7741c97, 0x0101bd45),
-     TOBN(0x95770c11, 0x07bd9ceb), TOBN(0x1f50250a, 0x8b2e0744),
-     TOBN(0xf762eec8, 0x1477b654), TOBN(0xc65b900e, 0x15efe59a),
-     TOBN(0x88c96148, 0x9546a897), TOBN(0x7e8025b3, 0xc30b4d7c),
-     TOBN(0xae4065ef, 0x12045cf9), TOBN(0x6fcb2caf, 0x9ccce8bd),
-     TOBN(0x1fa0ba4e, 0xf2cf6525), TOBN(0xf683125d, 0xcb72c312),
-     TOBN(0xa01da4ea, 0xe312410e), TOBN(0x67e28677, 0x6cd8e830),
-     TOBN(0xabd95752, 0x98fb3f07), TOBN(0x05f11e11, 0xeef649a5),
-     TOBN(0xba47faef, 0x9d3472c2), TOBN(0x3adff697, 0xc77d1345),
-     TOBN(0x4761fa04, 0xdd15afee), TOBN(0x64f1f61a, 0xb9e69462),
-     TOBN(0xfa691fab, 0x9bfb9093), TOBN(0x3df8ae8f, 0xa1133dfe),
-     TOBN(0xcd5f8967, 0x58cc710d), TOBN(0xfbb88d50, 0x16c7fe79),
-     TOBN(0x8e011b4c, 0xe88c50d1), TOBN(0x7532e807, 0xa8771c4f),
-     TOBN(0x64c78a48, 0xe2278ee4), TOBN(0x0b283e83, 0x3845072a),
-     TOBN(0x98a6f291, 0x49e69274), TOBN(0xb96e9668, 0x1868b21c),
-     TOBN(0x38f0adc2, 0xb1a8908e), TOBN(0x90afcff7, 0x1feb829d),
-     TOBN(0x9915a383, 0x210b0856), TOBN(0xa5a80602, 0xdef04889),
-     TOBN(0x800e9af9, 0x7c64d509), TOBN(0x81382d0b, 0xb8996f6f),
-     TOBN(0x490eba53, 0x81927e27), TOBN(0x46c63b32, 0x4af50182),
-     TOBN(0x784c5fd9, 0xd3ad62ce), TOBN(0xe4fa1870, 0xf8ae8736),
-     TOBN(0x4ec9d0bc, 0xd7466b25), TOBN(0x84ddbe1a, 0xdb235c65),
-     TOBN(0x5e2645ee, 0x163c1688), TOBN(0x570bd00e, 0x00eba747),
-     TOBN(0xfa51b629, 0x128bfa0f), TOBN(0x92fce1bd, 0x6c1d3b68),
-     TOBN(0x3e7361dc, 0xb66778b1), TOBN(0x9c7d249d, 0x5561d2bb),
-     TOBN(0xa40b28bf, 0x0bbc6229), TOBN(0x1c83c05e, 0xdfd91497),
-     TOBN(0x5f9f5154, 0xf083df05), TOBN(0xbac38b3c, 0xeee66c9d),
-     TOBN(0xf71db7e3, 0xec0dfcfd), TOBN(0xf2ecda8e, 0x8b0a8416),
-     TOBN(0x52fddd86, 0x7812aa66), TOBN(0x2896ef10, 0x4e6f4272),
-     TOBN(0xff27186a, 0x0fe9a745), TOBN(0x08249fcd, 0x49ca70db),
-     TOBN(0x7425a2e6, 0x441cac49), TOBN(0xf4a0885a, 0xece5ff57),
-     TOBN(0x6e2cb731, 0x7d7ead58), TOBN(0xf96cf7d6, 0x1898d104),
-     TOBN(0xafe67c9d, 0x4f2c9a89), TOBN(0x89895a50, 0x1c7bf5bc),
-     TOBN(0xdc7cb8e5, 0x573cecfa), TOBN(0x66497eae, 0xd15f03e6),
-     TOBN(0x6bc0de69, 0x3f084420), TOBN(0x323b9b36, 0xacd532b0),
-     TOBN(0xcfed390a, 0x0115a3c1), TOBN(0x9414c40b, 0x2d65ca0e),
-     TOBN(0x641406bd, 0x2f530c78), TOBN(0x29369a44, 0x833438f2),
-     TOBN(0x996884f5, 0x903fa271), TOBN(0xe6da0fd2, 0xb9da921e),
-     TOBN(0xa6f2f269, 0x5db01e54), TOBN(0x1ee3e9bd, 0x6876214e),
-     TOBN(0xa26e181c, 0xe27a9497), TOBN(0x36d254e4, 0x8e215e04),
-     TOBN(0x42f32a6c, 0x252cabca), TOBN(0x99481487, 0x80b57614),
-     TOBN(0x4c4dfe69, 0x40d9cae1), TOBN(0x05869580, 0x11a10f09),
-     TOBN(0xca287b57, 0x3491b64b), TOBN(0x77862d5d, 0x3fd4a53b),
-     TOBN(0xbf94856e, 0x50349126), TOBN(0x2be30bd1, 0x71c5268f),
-     TOBN(0x10393f19, 0xcbb650a6), TOBN(0x639531fe, 0x778cf9fd),
-     TOBN(0x02556a11, 0xb2935359), TOBN(0xda38aa96, 0xaf8c126e),
-     TOBN(0x47dbe6c2, 0x0960167f), TOBN(0x37bbabb6, 0x501901cd),
-     TOBN(0xb6e979e0, 0x2c947778), TOBN(0xd69a5175, 0x7a1a1dc6),
-     TOBN(0xc3ed5095, 0x9d9faf0c), TOBN(0x4dd9c096, 0x1d5fa5f0),
-     TOBN(0xa0c4304d, 0x64f16ea8), TOBN(0x8b1cac16, 0x7e718623),
-     TOBN(0x0b576546, 0x7c67f03e), TOBN(0x559cf5ad, 0xcbd88c01),
-     TOBN(0x074877bb, 0x0e2af19a), TOBN(0x1f717ec1, 0xa1228c92),
-     TOBN(0x70bcb800, 0x326e8920), TOBN(0xec6e2c5c, 0x4f312804),
-     TOBN(0x426aea7d, 0x3fca4752), TOBN(0xf12c0949, 0x2211f62a),
-     TOBN(0x24beecd8, 0x7be7b6b5), TOBN(0xb77eaf4c, 0x36d7a27d),
-     TOBN(0x154c2781, 0xfda78fd3), TOBN(0x848a83b0, 0x264eeabe),
-     TOBN(0x81287ef0, 0x4ffe2bc4), TOBN(0x7b6d88c6, 0xb6b6fc2a),
-     TOBN(0x805fb947, 0xce417d99), TOBN(0x4b93dcc3, 0x8b916cc4),
-     TOBN(0x72e65bb3, 0x21273323), TOBN(0xbcc1badd, 0x6ea9886e),
-     TOBN(0x0e223011, 0x4bc5ee85), TOBN(0xa561be74, 0xc18ee1e4),
-     TOBN(0x762fd2d4, 0xa6bcf1f1), TOBN(0x50e6a5a4, 0x95231489),
-     TOBN(0xca96001f, 0xa00b500b), TOBN(0x5c098cfc, 0x5d7dcdf5),
-     TOBN(0xa64e2d2e, 0x8c446a85), TOBN(0xbae9bcf1, 0x971f3c62),
-     TOBN(0x4ec22683, 0x8435a2c5), TOBN(0x8ceaed6c, 0x4bad4643),
-     TOBN(0xe9f8fb47, 0xccccf4e3), TOBN(0xbd4f3fa4, 0x1ce3b21e),
-     TOBN(0xd79fb110, 0xa3db3292), TOBN(0xe28a37da, 0xb536c66a),
-     TOBN(0x279ce87b, 0x8e49e6a9), TOBN(0x70ccfe8d, 0xfdcec8e3),
-     TOBN(0x2193e4e0, 0x3ba464b2), TOBN(0x0f39d60e, 0xaca9a398),
-     TOBN(0x7d7932af, 0xf82c12ab), TOBN(0xd8ff50ed, 0x91e7e0f7),
-     TOBN(0xea961058, 0xfa28a7e0), TOBN(0xc726cf25, 0x0bf5ec74),
-     TOBN(0xe74d55c8, 0xdb229666), TOBN(0x0bd9abbf, 0xa57f5799),
-     TOBN(0x7479ef07, 0x4dfc47b3), TOBN(0xd9c65fc3, 0x0c52f91d),
-     TOBN(0x8e0283fe, 0x36a8bde2), TOBN(0xa32a8b5e, 0x7d4b7280),
-     TOBN(0x6a677c61, 0x12e83233), TOBN(0x0fbb3512, 0xdcc9bf28),
-     TOBN(0x562e8ea5, 0x0d780f61), TOBN(0x0db8b22b, 0x1dc4e89c),
-     TOBN(0x0a6fd1fb, 0x89be0144), TOBN(0x8c77d246, 0xca57113b),
-     TOBN(0x4639075d, 0xff09c91c), TOBN(0x5b47b17f, 0x5060824c),
-     TOBN(0x58aea2b0, 0x16287b52), TOBN(0xa1343520, 0xd0cd8eb0),
-     TOBN(0x6148b4d0, 0xc5d58573), TOBN(0xdd2b6170, 0x291c68ae),
-     TOBN(0xa61b3929, 0x1da3b3b7), TOBN(0x5f946d79, 0x08c4ac10),
-     TOBN(0x4105d4a5, 0x7217d583), TOBN(0x5061da3d, 0x25e6de5e),
-     TOBN(0x3113940d, 0xec1b4991), TOBN(0xf12195e1, 0x36f485ae),
-     TOBN(0xa7507fb2, 0x731a2ee0), TOBN(0x95057a8e, 0x6e9e196e),
-     TOBN(0xa3c2c911, 0x2e130136), TOBN(0x97dfbb36, 0x33c60d15),
-     TOBN(0xcaf3c581, 0xb300ee2b), TOBN(0x77f25d90, 0xf4bac8b8),
-     TOBN(0xdb1c4f98, 0x6d840cd6), TOBN(0x471d62c0, 0xe634288c),
-     TOBN(0x8ec2f85e, 0xcec8a161), TOBN(0x41f37cbc, 0xfa6f4ae2),
-     TOBN(0x6793a20f, 0x4b709985), TOBN(0x7a7bd33b, 0xefa8985b),
-     TOBN(0x2c6a3fbd, 0x938e6446), TOBN(0x19042619, 0x2a8d47c1),
-     TOBN(0x16848667, 0xcc36975f), TOBN(0x02acf168, 0x9d5f1dfb),
-     TOBN(0x62d41ad4, 0x613baa94), TOBN(0xb56fbb92, 0x9f684670),
-     TOBN(0xce610d0d, 0xe9e40569), TOBN(0x7b99c65f, 0x35489fef),
-     TOBN(0x0c88ad1b, 0x3df18b97), TOBN(0x81b7d9be, 0x5d0e9edb),
-     TOBN(0xd85218c0, 0xc716cc0a), TOBN(0xf4b5ff90, 0x85691c49),
-     TOBN(0xa4fd666b, 0xce356ac6), TOBN(0x17c72895, 0x4b327a7a),
-     TOBN(0xf93d5085, 0xda6be7de), TOBN(0xff71530e, 0x3301d34e),
-     TOBN(0x4cd96442, 0xd8f448e8), TOBN(0x9283d331, 0x2ed18ffa),
-     TOBN(0x4d33dd99, 0x2a849870), TOBN(0xa716964b, 0x41576335),
-     TOBN(0xff5e3a9b, 0x179be0e5), TOBN(0x5b9d6b1b, 0x83b13632),
-     TOBN(0x3b8bd7d4, 0xa52f313b), TOBN(0xc9dd95a0, 0x637a4660),
-     TOBN(0x30035962, 0x0b3e218f), TOBN(0xce1481a3, 0xc7b28a3c),
-     TOBN(0xab41b43a, 0x43228d83), TOBN(0x24ae1c30, 0x4ad63f99),
-     TOBN(0x8e525f1a, 0x46a51229), TOBN(0x14af860f, 0xcd26d2b4),
-     TOBN(0xd6baef61, 0x3f714aa1), TOBN(0xf51865ad, 0xeb78795e),
-     TOBN(0xd3e21fce, 0xe6a9d694), TOBN(0x82ceb1dd, 0x8a37b527)}
-};
diff --git a/thirdparty/openssl/crypto/ec/ecp_oct.c b/thirdparty/openssl/crypto/ec/ecp_oct.c
deleted file mode 100644
index 1bc3f39ad1..0000000000
--- a/thirdparty/openssl/crypto/ec/ecp_oct.c
+++ /dev/null
@@ -1,428 +0,0 @@
-/* crypto/ec/ecp_oct.c */
-/*
- * Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
- * for the OpenSSL project. Includes code written by Bodo Moeller for the
- * OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * Portions of this software developed by SUN MICROSYSTEMS, INC.,
- * and contributed to the OpenSSL project.
- */
-
-#include <openssl/err.h>
-#include <openssl/symhacks.h>
-
-#include "ec_lcl.h"
-
-int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group,
-                                             EC_POINT *point,
-                                             const BIGNUM *x_, int y_bit,
-                                             BN_CTX *ctx)
-{
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *tmp1, *tmp2, *x, *y;
-    int ret = 0;
-
-    /* clear error queue */
-    ERR_clear_error();
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL)
-            return 0;
-    }
-
-    y_bit = (y_bit != 0);
-
-    BN_CTX_start(ctx);
-    tmp1 = BN_CTX_get(ctx);
-    tmp2 = BN_CTX_get(ctx);
-    x = BN_CTX_get(ctx);
-    y = BN_CTX_get(ctx);
-    if (y == NULL)
-        goto err;
-
-    /*-
-     * Recover y.  We have a Weierstrass equation
-     *     y^2 = x^3 + a*x + b,
-     * so  y  is one of the square roots of  x^3 + a*x + b.
-     */
-
-    /* tmp1 := x^3 */
-    if (!BN_nnmod(x, x_, &group->field, ctx))
-        goto err;
-    if (group->meth->field_decode == 0) {
-        /* field_{sqr,mul} work on standard representation */
-        if (!group->meth->field_sqr(group, tmp2, x_, ctx))
-            goto err;
-        if (!group->meth->field_mul(group, tmp1, tmp2, x_, ctx))
-            goto err;
-    } else {
-        if (!BN_mod_sqr(tmp2, x_, &group->field, ctx))
-            goto err;
-        if (!BN_mod_mul(tmp1, tmp2, x_, &group->field, ctx))
-            goto err;
-    }
-
-    /* tmp1 := tmp1 + a*x */
-    if (group->a_is_minus3) {
-        if (!BN_mod_lshift1_quick(tmp2, x, &group->field))
-            goto err;
-        if (!BN_mod_add_quick(tmp2, tmp2, x, &group->field))
-            goto err;
-        if (!BN_mod_sub_quick(tmp1, tmp1, tmp2, &group->field))
-            goto err;
-    } else {
-        if (group->meth->field_decode) {
-            if (!group->meth->field_decode(group, tmp2, &group->a, ctx))
-                goto err;
-            if (!BN_mod_mul(tmp2, tmp2, x, &group->field, ctx))
-                goto err;
-        } else {
-            /* field_mul works on standard representation */
-            if (!group->meth->field_mul(group, tmp2, &group->a, x, ctx))
-                goto err;
-        }
-
-        if (!BN_mod_add_quick(tmp1, tmp1, tmp2, &group->field))
-            goto err;
-    }
-
-    /* tmp1 := tmp1 + b */
-    if (group->meth->field_decode) {
-        if (!group->meth->field_decode(group, tmp2, &group->b, ctx))
-            goto err;
-        if (!BN_mod_add_quick(tmp1, tmp1, tmp2, &group->field))
-            goto err;
-    } else {
-        if (!BN_mod_add_quick(tmp1, tmp1, &group->b, &group->field))
-            goto err;
-    }
-
-    if (!BN_mod_sqrt(y, tmp1, &group->field, ctx)) {
-        unsigned long err = ERR_peek_last_error();
-
-        if (ERR_GET_LIB(err) == ERR_LIB_BN
-            && ERR_GET_REASON(err) == BN_R_NOT_A_SQUARE) {
-            ERR_clear_error();
-            ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES,
-                  EC_R_INVALID_COMPRESSED_POINT);
-        } else
-            ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES,
-                  ERR_R_BN_LIB);
-        goto err;
-    }
-
-    if (y_bit != BN_is_odd(y)) {
-        if (BN_is_zero(y)) {
-            int kron;
-
-            kron = BN_kronecker(x, &group->field, ctx);
-            if (kron == -2)
-                goto err;
-
-            if (kron == 1)
-                ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES,
-                      EC_R_INVALID_COMPRESSION_BIT);
-            else
-                /*
-                 * BN_mod_sqrt() should have cought this error (not a square)
-                 */
-                ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES,
-                      EC_R_INVALID_COMPRESSED_POINT);
-            goto err;
-        }
-        if (!BN_usub(y, &group->field, y))
-            goto err;
-    }
-    if (y_bit != BN_is_odd(y)) {
-        ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES,
-              ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-
-    if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx))
-        goto err;
-
-    ret = 1;
-
- err:
-    BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-
-size_t ec_GFp_simple_point2oct(const EC_GROUP *group, const EC_POINT *point,
-                               point_conversion_form_t form,
-                               unsigned char *buf, size_t len, BN_CTX *ctx)
-{
-    size_t ret;
-    BN_CTX *new_ctx = NULL;
-    int used_ctx = 0;
-    BIGNUM *x, *y;
-    size_t field_len, i, skip;
-
-    if ((form != POINT_CONVERSION_COMPRESSED)
-        && (form != POINT_CONVERSION_UNCOMPRESSED)
-        && (form != POINT_CONVERSION_HYBRID)) {
-        ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, EC_R_INVALID_FORM);
-        goto err;
-    }
-
-    if (EC_POINT_is_at_infinity(group, point)) {
-        /* encodes to a single 0 octet */
-        if (buf != NULL) {
-            if (len < 1) {
-                ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
-                return 0;
-            }
-            buf[0] = 0;
-        }
-        return 1;
-    }
-
-    /* ret := required output buffer length */
-    field_len = BN_num_bytes(&group->field);
-    ret =
-        (form ==
-         POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len;
-
-    /* if 'buf' is NULL, just return required length */
-    if (buf != NULL) {
-        if (len < ret) {
-            ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
-            goto err;
-        }
-
-        if (ctx == NULL) {
-            ctx = new_ctx = BN_CTX_new();
-            if (ctx == NULL)
-                return 0;
-        }
-
-        BN_CTX_start(ctx);
-        used_ctx = 1;
-        x = BN_CTX_get(ctx);
-        y = BN_CTX_get(ctx);
-        if (y == NULL)
-            goto err;
-
-        if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx))
-            goto err;
-
-        if ((form == POINT_CONVERSION_COMPRESSED
-             || form == POINT_CONVERSION_HYBRID) && BN_is_odd(y))
-            buf[0] = form + 1;
-        else
-            buf[0] = form;
-
-        i = 1;
-
-        skip = field_len - BN_num_bytes(x);
-        if (skip > field_len) {
-            ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
-            goto err;
-        }
-        while (skip > 0) {
-            buf[i++] = 0;
-            skip--;
-        }
-        skip = BN_bn2bin(x, buf + i);
-        i += skip;
-        if (i != 1 + field_len) {
-            ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
-            goto err;
-        }
-
-        if (form == POINT_CONVERSION_UNCOMPRESSED
-            || form == POINT_CONVERSION_HYBRID) {
-            skip = field_len - BN_num_bytes(y);
-            if (skip > field_len) {
-                ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-            while (skip > 0) {
-                buf[i++] = 0;
-                skip--;
-            }
-            skip = BN_bn2bin(y, buf + i);
-            i += skip;
-        }
-
-        if (i != ret) {
-            ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
-            goto err;
-        }
-    }
-
-    if (used_ctx)
-        BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return ret;
-
- err:
-    if (used_ctx)
-        BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return 0;
-}
-
-int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
-                            const unsigned char *buf, size_t len, BN_CTX *ctx)
-{
-    point_conversion_form_t form;
-    int y_bit;
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *x, *y;
-    size_t field_len, enc_len;
-    int ret = 0;
-
-    if (len == 0) {
-        ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_BUFFER_TOO_SMALL);
-        return 0;
-    }
-    form = buf[0];
-    y_bit = form & 1;
-    form = form & ~1U;
-    if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED)
-        && (form != POINT_CONVERSION_UNCOMPRESSED)
-        && (form != POINT_CONVERSION_HYBRID)) {
-        ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-        return 0;
-    }
-    if ((form == 0 || form == POINT_CONVERSION_UNCOMPRESSED) && y_bit) {
-        ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-        return 0;
-    }
-
-    if (form == 0) {
-        if (len != 1) {
-            ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-            return 0;
-        }
-
-        return EC_POINT_set_to_infinity(group, point);
-    }
-
-    field_len = BN_num_bytes(&group->field);
-    enc_len =
-        (form ==
-         POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len;
-
-    if (len != enc_len) {
-        ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-        return 0;
-    }
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL)
-            return 0;
-    }
-
-    BN_CTX_start(ctx);
-    x = BN_CTX_get(ctx);
-    y = BN_CTX_get(ctx);
-    if (y == NULL)
-        goto err;
-
-    if (!BN_bin2bn(buf + 1, field_len, x))
-        goto err;
-    if (BN_ucmp(x, &group->field) >= 0) {
-        ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-        goto err;
-    }
-
-    if (form == POINT_CONVERSION_COMPRESSED) {
-        if (!EC_POINT_set_compressed_coordinates_GFp
-            (group, point, x, y_bit, ctx))
-            goto err;
-    } else {
-        if (!BN_bin2bn(buf + 1 + field_len, field_len, y))
-            goto err;
-        if (BN_ucmp(y, &group->field) >= 0) {
-            ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-            goto err;
-        }
-        if (form == POINT_CONVERSION_HYBRID) {
-            if (y_bit != BN_is_odd(y)) {
-                ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-                goto err;
-            }
-        }
-
-        if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx))
-            goto err;
-    }
-
-    /* test required by X9.62 */
-    if (EC_POINT_is_on_curve(group, point, ctx) <= 0) {
-        ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_POINT_IS_NOT_ON_CURVE);
-        goto err;
-    }
-
-    ret = 1;
-
- err:
-    BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
diff --git a/thirdparty/openssl/crypto/ec/ecp_smpl.c b/thirdparty/openssl/crypto/ec/ecp_smpl.c
deleted file mode 100644
index 2b848216d7..0000000000
--- a/thirdparty/openssl/crypto/ec/ecp_smpl.c
+++ /dev/null
@@ -1,1418 +0,0 @@
-/* crypto/ec/ecp_smpl.c */
-/*
- * Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
- * for the OpenSSL project. Includes code written by Bodo Moeller for the
- * OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * Portions of this software developed by SUN MICROSYSTEMS, INC.,
- * and contributed to the OpenSSL project.
- */
-
-#include <openssl/err.h>
-#include <openssl/symhacks.h>
-
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
-#include "ec_lcl.h"
-
-const EC_METHOD *EC_GFp_simple_method(void)
-{
-    static const EC_METHOD ret = {
-        EC_FLAGS_DEFAULT_OCT,
-        NID_X9_62_prime_field,
-        ec_GFp_simple_group_init,
-        ec_GFp_simple_group_finish,
-        ec_GFp_simple_group_clear_finish,
-        ec_GFp_simple_group_copy,
-        ec_GFp_simple_group_set_curve,
-        ec_GFp_simple_group_get_curve,
-        ec_GFp_simple_group_get_degree,
-        ec_GFp_simple_group_check_discriminant,
-        ec_GFp_simple_point_init,
-        ec_GFp_simple_point_finish,
-        ec_GFp_simple_point_clear_finish,
-        ec_GFp_simple_point_copy,
-        ec_GFp_simple_point_set_to_infinity,
-        ec_GFp_simple_set_Jprojective_coordinates_GFp,
-        ec_GFp_simple_get_Jprojective_coordinates_GFp,
-        ec_GFp_simple_point_set_affine_coordinates,
-        ec_GFp_simple_point_get_affine_coordinates,
-        0, 0, 0,
-        ec_GFp_simple_add,
-        ec_GFp_simple_dbl,
-        ec_GFp_simple_invert,
-        ec_GFp_simple_is_at_infinity,
-        ec_GFp_simple_is_on_curve,
-        ec_GFp_simple_cmp,
-        ec_GFp_simple_make_affine,
-        ec_GFp_simple_points_make_affine,
-        0 /* mul */ ,
-        0 /* precompute_mult */ ,
-        0 /* have_precompute_mult */ ,
-        ec_GFp_simple_field_mul,
-        ec_GFp_simple_field_sqr,
-        0 /* field_div */ ,
-        0 /* field_encode */ ,
-        0 /* field_decode */ ,
-        0                       /* field_set_to_one */
-    };
-
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode())
-        return fips_ec_gfp_simple_method();
-#endif
-
-    return &ret;
-}
-
-/*
- * Most method functions in this file are designed to work with
- * non-trivial representations of field elements if necessary
- * (see ecp_mont.c): while standard modular addition and subtraction
- * are used, the field_mul and field_sqr methods will be used for
- * multiplication, and field_encode and field_decode (if defined)
- * will be used for converting between representations.
- *
- * Functions ec_GFp_simple_points_make_affine() and
- * ec_GFp_simple_point_get_affine_coordinates() specifically assume
- * that if a non-trivial representation is used, it is a Montgomery
- * representation (i.e. 'encoding' means multiplying by some factor R).
- */
-
-int ec_GFp_simple_group_init(EC_GROUP *group)
-{
-    BN_init(&group->field);
-    BN_init(&group->a);
-    BN_init(&group->b);
-    group->a_is_minus3 = 0;
-    return 1;
-}
-
-void ec_GFp_simple_group_finish(EC_GROUP *group)
-{
-    BN_free(&group->field);
-    BN_free(&group->a);
-    BN_free(&group->b);
-}
-
-void ec_GFp_simple_group_clear_finish(EC_GROUP *group)
-{
-    BN_clear_free(&group->field);
-    BN_clear_free(&group->a);
-    BN_clear_free(&group->b);
-}
-
-int ec_GFp_simple_group_copy(EC_GROUP *dest, const EC_GROUP *src)
-{
-    if (!BN_copy(&dest->field, &src->field))
-        return 0;
-    if (!BN_copy(&dest->a, &src->a))
-        return 0;
-    if (!BN_copy(&dest->b, &src->b))
-        return 0;
-
-    dest->a_is_minus3 = src->a_is_minus3;
-
-    return 1;
-}
-
-int ec_GFp_simple_group_set_curve(EC_GROUP *group,
-                                  const BIGNUM *p, const BIGNUM *a,
-                                  const BIGNUM *b, BN_CTX *ctx)
-{
-    int ret = 0;
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *tmp_a;
-
-    /* p must be a prime > 3 */
-    if (BN_num_bits(p) <= 2 || !BN_is_odd(p)) {
-        ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE, EC_R_INVALID_FIELD);
-        return 0;
-    }
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL)
-            return 0;
-    }
-
-    BN_CTX_start(ctx);
-    tmp_a = BN_CTX_get(ctx);
-    if (tmp_a == NULL)
-        goto err;
-
-    /* group->field */
-    if (!BN_copy(&group->field, p))
-        goto err;
-    BN_set_negative(&group->field, 0);
-
-    /* group->a */
-    if (!BN_nnmod(tmp_a, a, p, ctx))
-        goto err;
-    if (group->meth->field_encode) {
-        if (!group->meth->field_encode(group, &group->a, tmp_a, ctx))
-            goto err;
-    } else if (!BN_copy(&group->a, tmp_a))
-        goto err;
-
-    /* group->b */
-    if (!BN_nnmod(&group->b, b, p, ctx))
-        goto err;
-    if (group->meth->field_encode)
-        if (!group->meth->field_encode(group, &group->b, &group->b, ctx))
-            goto err;
-
-    /* group->a_is_minus3 */
-    if (!BN_add_word(tmp_a, 3))
-        goto err;
-    group->a_is_minus3 = (0 == BN_cmp(tmp_a, &group->field));
-
-    ret = 1;
-
- err:
-    BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-
-int ec_GFp_simple_group_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
-                                  BIGNUM *b, BN_CTX *ctx)
-{
-    int ret = 0;
-    BN_CTX *new_ctx = NULL;
-
-    if (p != NULL) {
-        if (!BN_copy(p, &group->field))
-            return 0;
-    }
-
-    if (a != NULL || b != NULL) {
-        if (group->meth->field_decode) {
-            if (ctx == NULL) {
-                ctx = new_ctx = BN_CTX_new();
-                if (ctx == NULL)
-                    return 0;
-            }
-            if (a != NULL) {
-                if (!group->meth->field_decode(group, a, &group->a, ctx))
-                    goto err;
-            }
-            if (b != NULL) {
-                if (!group->meth->field_decode(group, b, &group->b, ctx))
-                    goto err;
-            }
-        } else {
-            if (a != NULL) {
-                if (!BN_copy(a, &group->a))
-                    goto err;
-            }
-            if (b != NULL) {
-                if (!BN_copy(b, &group->b))
-                    goto err;
-            }
-        }
-    }
-
-    ret = 1;
-
- err:
-    if (new_ctx)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-
-int ec_GFp_simple_group_get_degree(const EC_GROUP *group)
-{
-    return BN_num_bits(&group->field);
-}
-
-int ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
-{
-    int ret = 0;
-    BIGNUM *a, *b, *order, *tmp_1, *tmp_2;
-    const BIGNUM *p = &group->field;
-    BN_CTX *new_ctx = NULL;
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL) {
-            ECerr(EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT,
-                  ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-    }
-    BN_CTX_start(ctx);
-    a = BN_CTX_get(ctx);
-    b = BN_CTX_get(ctx);
-    tmp_1 = BN_CTX_get(ctx);
-    tmp_2 = BN_CTX_get(ctx);
-    order = BN_CTX_get(ctx);
-    if (order == NULL)
-        goto err;
-
-    if (group->meth->field_decode) {
-        if (!group->meth->field_decode(group, a, &group->a, ctx))
-            goto err;
-        if (!group->meth->field_decode(group, b, &group->b, ctx))
-            goto err;
-    } else {
-        if (!BN_copy(a, &group->a))
-            goto err;
-        if (!BN_copy(b, &group->b))
-            goto err;
-    }
-
-    /*-
-     * check the discriminant:
-     * y^2 = x^3 + a*x + b is an elliptic curve <=> 4*a^3 + 27*b^2 != 0 (mod p)
-     * 0 =< a, b < p
-     */
-    if (BN_is_zero(a)) {
-        if (BN_is_zero(b))
-            goto err;
-    } else if (!BN_is_zero(b)) {
-        if (!BN_mod_sqr(tmp_1, a, p, ctx))
-            goto err;
-        if (!BN_mod_mul(tmp_2, tmp_1, a, p, ctx))
-            goto err;
-        if (!BN_lshift(tmp_1, tmp_2, 2))
-            goto err;
-        /* tmp_1 = 4*a^3 */
-
-        if (!BN_mod_sqr(tmp_2, b, p, ctx))
-            goto err;
-        if (!BN_mul_word(tmp_2, 27))
-            goto err;
-        /* tmp_2 = 27*b^2 */
-
-        if (!BN_mod_add(a, tmp_1, tmp_2, p, ctx))
-            goto err;
-        if (BN_is_zero(a))
-            goto err;
-    }
-    ret = 1;
-
- err:
-    if (ctx != NULL)
-        BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-
-int ec_GFp_simple_point_init(EC_POINT *point)
-{
-    BN_init(&point->X);
-    BN_init(&point->Y);
-    BN_init(&point->Z);
-    point->Z_is_one = 0;
-
-    return 1;
-}
-
-void ec_GFp_simple_point_finish(EC_POINT *point)
-{
-    BN_free(&point->X);
-    BN_free(&point->Y);
-    BN_free(&point->Z);
-}
-
-void ec_GFp_simple_point_clear_finish(EC_POINT *point)
-{
-    BN_clear_free(&point->X);
-    BN_clear_free(&point->Y);
-    BN_clear_free(&point->Z);
-    point->Z_is_one = 0;
-}
-
-int ec_GFp_simple_point_copy(EC_POINT *dest, const EC_POINT *src)
-{
-    if (!BN_copy(&dest->X, &src->X))
-        return 0;
-    if (!BN_copy(&dest->Y, &src->Y))
-        return 0;
-    if (!BN_copy(&dest->Z, &src->Z))
-        return 0;
-    dest->Z_is_one = src->Z_is_one;
-
-    return 1;
-}
-
-int ec_GFp_simple_point_set_to_infinity(const EC_GROUP *group,
-                                        EC_POINT *point)
-{
-    point->Z_is_one = 0;
-    BN_zero(&point->Z);
-    return 1;
-}
-
-int ec_GFp_simple_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
-                                                  EC_POINT *point,
-                                                  const BIGNUM *x,
-                                                  const BIGNUM *y,
-                                                  const BIGNUM *z,
-                                                  BN_CTX *ctx)
-{
-    BN_CTX *new_ctx = NULL;
-    int ret = 0;
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL)
-            return 0;
-    }
-
-    if (x != NULL) {
-        if (!BN_nnmod(&point->X, x, &group->field, ctx))
-            goto err;
-        if (group->meth->field_encode) {
-            if (!group->meth->field_encode(group, &point->X, &point->X, ctx))
-                goto err;
-        }
-    }
-
-    if (y != NULL) {
-        if (!BN_nnmod(&point->Y, y, &group->field, ctx))
-            goto err;
-        if (group->meth->field_encode) {
-            if (!group->meth->field_encode(group, &point->Y, &point->Y, ctx))
-                goto err;
-        }
-    }
-
-    if (z != NULL) {
-        int Z_is_one;
-
-        if (!BN_nnmod(&point->Z, z, &group->field, ctx))
-            goto err;
-        Z_is_one = BN_is_one(&point->Z);
-        if (group->meth->field_encode) {
-            if (Z_is_one && (group->meth->field_set_to_one != 0)) {
-                if (!group->meth->field_set_to_one(group, &point->Z, ctx))
-                    goto err;
-            } else {
-                if (!group->
-                    meth->field_encode(group, &point->Z, &point->Z, ctx))
-                    goto err;
-            }
-        }
-        point->Z_is_one = Z_is_one;
-    }
-
-    ret = 1;
-
- err:
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-
-int ec_GFp_simple_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
-                                                  const EC_POINT *point,
-                                                  BIGNUM *x, BIGNUM *y,
-                                                  BIGNUM *z, BN_CTX *ctx)
-{
-    BN_CTX *new_ctx = NULL;
-    int ret = 0;
-
-    if (group->meth->field_decode != 0) {
-        if (ctx == NULL) {
-            ctx = new_ctx = BN_CTX_new();
-            if (ctx == NULL)
-                return 0;
-        }
-
-        if (x != NULL) {
-            if (!group->meth->field_decode(group, x, &point->X, ctx))
-                goto err;
-        }
-        if (y != NULL) {
-            if (!group->meth->field_decode(group, y, &point->Y, ctx))
-                goto err;
-        }
-        if (z != NULL) {
-            if (!group->meth->field_decode(group, z, &point->Z, ctx))
-                goto err;
-        }
-    } else {
-        if (x != NULL) {
-            if (!BN_copy(x, &point->X))
-                goto err;
-        }
-        if (y != NULL) {
-            if (!BN_copy(y, &point->Y))
-                goto err;
-        }
-        if (z != NULL) {
-            if (!BN_copy(z, &point->Z))
-                goto err;
-        }
-    }
-
-    ret = 1;
-
- err:
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-
-int ec_GFp_simple_point_set_affine_coordinates(const EC_GROUP *group,
-                                               EC_POINT *point,
-                                               const BIGNUM *x,
-                                               const BIGNUM *y, BN_CTX *ctx)
-{
-    if (x == NULL || y == NULL) {
-        /*
-         * unlike for projective coordinates, we do not tolerate this
-         */
-        ECerr(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES,
-              ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    return EC_POINT_set_Jprojective_coordinates_GFp(group, point, x, y,
-                                                    BN_value_one(), ctx);
-}
-
-int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group,
-                                               const EC_POINT *point,
-                                               BIGNUM *x, BIGNUM *y,
-                                               BN_CTX *ctx)
-{
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *Z, *Z_1, *Z_2, *Z_3;
-    const BIGNUM *Z_;
-    int ret = 0;
-
-    if (EC_POINT_is_at_infinity(group, point)) {
-        ECerr(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES,
-              EC_R_POINT_AT_INFINITY);
-        return 0;
-    }
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL)
-            return 0;
-    }
-
-    BN_CTX_start(ctx);
-    Z = BN_CTX_get(ctx);
-    Z_1 = BN_CTX_get(ctx);
-    Z_2 = BN_CTX_get(ctx);
-    Z_3 = BN_CTX_get(ctx);
-    if (Z_3 == NULL)
-        goto err;
-
-    /* transform  (X, Y, Z)  into  (x, y) := (X/Z^2, Y/Z^3) */
-
-    if (group->meth->field_decode) {
-        if (!group->meth->field_decode(group, Z, &point->Z, ctx))
-            goto err;
-        Z_ = Z;
-    } else {
-        Z_ = &point->Z;
-    }
-
-    if (BN_is_one(Z_)) {
-        if (group->meth->field_decode) {
-            if (x != NULL) {
-                if (!group->meth->field_decode(group, x, &point->X, ctx))
-                    goto err;
-            }
-            if (y != NULL) {
-                if (!group->meth->field_decode(group, y, &point->Y, ctx))
-                    goto err;
-            }
-        } else {
-            if (x != NULL) {
-                if (!BN_copy(x, &point->X))
-                    goto err;
-            }
-            if (y != NULL) {
-                if (!BN_copy(y, &point->Y))
-                    goto err;
-            }
-        }
-    } else {
-        if (!BN_mod_inverse(Z_1, Z_, &group->field, ctx)) {
-            ECerr(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES,
-                  ERR_R_BN_LIB);
-            goto err;
-        }
-
-        if (group->meth->field_encode == 0) {
-            /* field_sqr works on standard representation */
-            if (!group->meth->field_sqr(group, Z_2, Z_1, ctx))
-                goto err;
-        } else {
-            if (!BN_mod_sqr(Z_2, Z_1, &group->field, ctx))
-                goto err;
-        }
-
-        if (x != NULL) {
-            /*
-             * in the Montgomery case, field_mul will cancel out Montgomery
-             * factor in X:
-             */
-            if (!group->meth->field_mul(group, x, &point->X, Z_2, ctx))
-                goto err;
-        }
-
-        if (y != NULL) {
-            if (group->meth->field_encode == 0) {
-                /*
-                 * field_mul works on standard representation
-                 */
-                if (!group->meth->field_mul(group, Z_3, Z_2, Z_1, ctx))
-                    goto err;
-            } else {
-                if (!BN_mod_mul(Z_3, Z_2, Z_1, &group->field, ctx))
-                    goto err;
-            }
-
-            /*
-             * in the Montgomery case, field_mul will cancel out Montgomery
-             * factor in Y:
-             */
-            if (!group->meth->field_mul(group, y, &point->Y, Z_3, ctx))
-                goto err;
-        }
-    }
-
-    ret = 1;
-
- err:
-    BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-
-int ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
-                      const EC_POINT *b, BN_CTX *ctx)
-{
-    int (*field_mul) (const EC_GROUP *, BIGNUM *, const BIGNUM *,
-                      const BIGNUM *, BN_CTX *);
-    int (*field_sqr) (const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
-    const BIGNUM *p;
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *n0, *n1, *n2, *n3, *n4, *n5, *n6;
-    int ret = 0;
-
-    if (a == b)
-        return EC_POINT_dbl(group, r, a, ctx);
-    if (EC_POINT_is_at_infinity(group, a))
-        return EC_POINT_copy(r, b);
-    if (EC_POINT_is_at_infinity(group, b))
-        return EC_POINT_copy(r, a);
-
-    field_mul = group->meth->field_mul;
-    field_sqr = group->meth->field_sqr;
-    p = &group->field;
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL)
-            return 0;
-    }
-
-    BN_CTX_start(ctx);
-    n0 = BN_CTX_get(ctx);
-    n1 = BN_CTX_get(ctx);
-    n2 = BN_CTX_get(ctx);
-    n3 = BN_CTX_get(ctx);
-    n4 = BN_CTX_get(ctx);
-    n5 = BN_CTX_get(ctx);
-    n6 = BN_CTX_get(ctx);
-    if (n6 == NULL)
-        goto end;
-
-    /*
-     * Note that in this function we must not read components of 'a' or 'b'
-     * once we have written the corresponding components of 'r'. ('r' might
-     * be one of 'a' or 'b'.)
-     */
-
-    /* n1, n2 */
-    if (b->Z_is_one) {
-        if (!BN_copy(n1, &a->X))
-            goto end;
-        if (!BN_copy(n2, &a->Y))
-            goto end;
-        /* n1 = X_a */
-        /* n2 = Y_a */
-    } else {
-        if (!field_sqr(group, n0, &b->Z, ctx))
-            goto end;
-        if (!field_mul(group, n1, &a->X, n0, ctx))
-            goto end;
-        /* n1 = X_a * Z_b^2 */
-
-        if (!field_mul(group, n0, n0, &b->Z, ctx))
-            goto end;
-        if (!field_mul(group, n2, &a->Y, n0, ctx))
-            goto end;
-        /* n2 = Y_a * Z_b^3 */
-    }
-
-    /* n3, n4 */
-    if (a->Z_is_one) {
-        if (!BN_copy(n3, &b->X))
-            goto end;
-        if (!BN_copy(n4, &b->Y))
-            goto end;
-        /* n3 = X_b */
-        /* n4 = Y_b */
-    } else {
-        if (!field_sqr(group, n0, &a->Z, ctx))
-            goto end;
-        if (!field_mul(group, n3, &b->X, n0, ctx))
-            goto end;
-        /* n3 = X_b * Z_a^2 */
-
-        if (!field_mul(group, n0, n0, &a->Z, ctx))
-            goto end;
-        if (!field_mul(group, n4, &b->Y, n0, ctx))
-            goto end;
-        /* n4 = Y_b * Z_a^3 */
-    }
-
-    /* n5, n6 */
-    if (!BN_mod_sub_quick(n5, n1, n3, p))
-        goto end;
-    if (!BN_mod_sub_quick(n6, n2, n4, p))
-        goto end;
-    /* n5 = n1 - n3 */
-    /* n6 = n2 - n4 */
-
-    if (BN_is_zero(n5)) {
-        if (BN_is_zero(n6)) {
-            /* a is the same point as b */
-            BN_CTX_end(ctx);
-            ret = EC_POINT_dbl(group, r, a, ctx);
-            ctx = NULL;
-            goto end;
-        } else {
-            /* a is the inverse of b */
-            BN_zero(&r->Z);
-            r->Z_is_one = 0;
-            ret = 1;
-            goto end;
-        }
-    }
-
-    /* 'n7', 'n8' */
-    if (!BN_mod_add_quick(n1, n1, n3, p))
-        goto end;
-    if (!BN_mod_add_quick(n2, n2, n4, p))
-        goto end;
-    /* 'n7' = n1 + n3 */
-    /* 'n8' = n2 + n4 */
-
-    /* Z_r */
-    if (a->Z_is_one && b->Z_is_one) {
-        if (!BN_copy(&r->Z, n5))
-            goto end;
-    } else {
-        if (a->Z_is_one) {
-            if (!BN_copy(n0, &b->Z))
-                goto end;
-        } else if (b->Z_is_one) {
-            if (!BN_copy(n0, &a->Z))
-                goto end;
-        } else {
-            if (!field_mul(group, n0, &a->Z, &b->Z, ctx))
-                goto end;
-        }
-        if (!field_mul(group, &r->Z, n0, n5, ctx))
-            goto end;
-    }
-    r->Z_is_one = 0;
-    /* Z_r = Z_a * Z_b * n5 */
-
-    /* X_r */
-    if (!field_sqr(group, n0, n6, ctx))
-        goto end;
-    if (!field_sqr(group, n4, n5, ctx))
-        goto end;
-    if (!field_mul(group, n3, n1, n4, ctx))
-        goto end;
-    if (!BN_mod_sub_quick(&r->X, n0, n3, p))
-        goto end;
-    /* X_r = n6^2 - n5^2 * 'n7' */
-
-    /* 'n9' */
-    if (!BN_mod_lshift1_quick(n0, &r->X, p))
-        goto end;
-    if (!BN_mod_sub_quick(n0, n3, n0, p))
-        goto end;
-    /* n9 = n5^2 * 'n7' - 2 * X_r */
-
-    /* Y_r */
-    if (!field_mul(group, n0, n0, n6, ctx))
-        goto end;
-    if (!field_mul(group, n5, n4, n5, ctx))
-        goto end;               /* now n5 is n5^3 */
-    if (!field_mul(group, n1, n2, n5, ctx))
-        goto end;
-    if (!BN_mod_sub_quick(n0, n0, n1, p))
-        goto end;
-    if (BN_is_odd(n0))
-        if (!BN_add(n0, n0, p))
-            goto end;
-    /* now  0 <= n0 < 2*p,  and n0 is even */
-    if (!BN_rshift1(&r->Y, n0))
-        goto end;
-    /* Y_r = (n6 * 'n9' - 'n8' * 'n5^3') / 2 */
-
-    ret = 1;
-
- end:
-    if (ctx)                    /* otherwise we already called BN_CTX_end */
-        BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-
-int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
-                      BN_CTX *ctx)
-{
-    int (*field_mul) (const EC_GROUP *, BIGNUM *, const BIGNUM *,
-                      const BIGNUM *, BN_CTX *);
-    int (*field_sqr) (const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
-    const BIGNUM *p;
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *n0, *n1, *n2, *n3;
-    int ret = 0;
-
-    if (EC_POINT_is_at_infinity(group, a)) {
-        BN_zero(&r->Z);
-        r->Z_is_one = 0;
-        return 1;
-    }
-
-    field_mul = group->meth->field_mul;
-    field_sqr = group->meth->field_sqr;
-    p = &group->field;
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL)
-            return 0;
-    }
-
-    BN_CTX_start(ctx);
-    n0 = BN_CTX_get(ctx);
-    n1 = BN_CTX_get(ctx);
-    n2 = BN_CTX_get(ctx);
-    n3 = BN_CTX_get(ctx);
-    if (n3 == NULL)
-        goto err;
-
-    /*
-     * Note that in this function we must not read components of 'a' once we
-     * have written the corresponding components of 'r'. ('r' might the same
-     * as 'a'.)
-     */
-
-    /* n1 */
-    if (a->Z_is_one) {
-        if (!field_sqr(group, n0, &a->X, ctx))
-            goto err;
-        if (!BN_mod_lshift1_quick(n1, n0, p))
-            goto err;
-        if (!BN_mod_add_quick(n0, n0, n1, p))
-            goto err;
-        if (!BN_mod_add_quick(n1, n0, &group->a, p))
-            goto err;
-        /* n1 = 3 * X_a^2 + a_curve */
-    } else if (group->a_is_minus3) {
-        if (!field_sqr(group, n1, &a->Z, ctx))
-            goto err;
-        if (!BN_mod_add_quick(n0, &a->X, n1, p))
-            goto err;
-        if (!BN_mod_sub_quick(n2, &a->X, n1, p))
-            goto err;
-        if (!field_mul(group, n1, n0, n2, ctx))
-            goto err;
-        if (!BN_mod_lshift1_quick(n0, n1, p))
-            goto err;
-        if (!BN_mod_add_quick(n1, n0, n1, p))
-            goto err;
-        /*-
-         * n1 = 3 * (X_a + Z_a^2) * (X_a - Z_a^2)
-         *    = 3 * X_a^2 - 3 * Z_a^4
-         */
-    } else {
-        if (!field_sqr(group, n0, &a->X, ctx))
-            goto err;
-        if (!BN_mod_lshift1_quick(n1, n0, p))
-            goto err;
-        if (!BN_mod_add_quick(n0, n0, n1, p))
-            goto err;
-        if (!field_sqr(group, n1, &a->Z, ctx))
-            goto err;
-        if (!field_sqr(group, n1, n1, ctx))
-            goto err;
-        if (!field_mul(group, n1, n1, &group->a, ctx))
-            goto err;
-        if (!BN_mod_add_quick(n1, n1, n0, p))
-            goto err;
-        /* n1 = 3 * X_a^2 + a_curve * Z_a^4 */
-    }
-
-    /* Z_r */
-    if (a->Z_is_one) {
-        if (!BN_copy(n0, &a->Y))
-            goto err;
-    } else {
-        if (!field_mul(group, n0, &a->Y, &a->Z, ctx))
-            goto err;
-    }
-    if (!BN_mod_lshift1_quick(&r->Z, n0, p))
-        goto err;
-    r->Z_is_one = 0;
-    /* Z_r = 2 * Y_a * Z_a */
-
-    /* n2 */
-    if (!field_sqr(group, n3, &a->Y, ctx))
-        goto err;
-    if (!field_mul(group, n2, &a->X, n3, ctx))
-        goto err;
-    if (!BN_mod_lshift_quick(n2, n2, 2, p))
-        goto err;
-    /* n2 = 4 * X_a * Y_a^2 */
-
-    /* X_r */
-    if (!BN_mod_lshift1_quick(n0, n2, p))
-        goto err;
-    if (!field_sqr(group, &r->X, n1, ctx))
-        goto err;
-    if (!BN_mod_sub_quick(&r->X, &r->X, n0, p))
-        goto err;
-    /* X_r = n1^2 - 2 * n2 */
-
-    /* n3 */
-    if (!field_sqr(group, n0, n3, ctx))
-        goto err;
-    if (!BN_mod_lshift_quick(n3, n0, 3, p))
-        goto err;
-    /* n3 = 8 * Y_a^4 */
-
-    /* Y_r */
-    if (!BN_mod_sub_quick(n0, n2, &r->X, p))
-        goto err;
-    if (!field_mul(group, n0, n1, n0, ctx))
-        goto err;
-    if (!BN_mod_sub_quick(&r->Y, n0, n3, p))
-        goto err;
-    /* Y_r = n1 * (n2 - X_r) - n3 */
-
-    ret = 1;
-
- err:
-    BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-
-int ec_GFp_simple_invert(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
-{
-    if (EC_POINT_is_at_infinity(group, point) || BN_is_zero(&point->Y))
-        /* point is its own inverse */
-        return 1;
-
-    return BN_usub(&point->Y, &group->field, &point->Y);
-}
-
-int ec_GFp_simple_is_at_infinity(const EC_GROUP *group, const EC_POINT *point)
-{
-    return BN_is_zero(&point->Z);
-}
-
-int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
-                              BN_CTX *ctx)
-{
-    int (*field_mul) (const EC_GROUP *, BIGNUM *, const BIGNUM *,
-                      const BIGNUM *, BN_CTX *);
-    int (*field_sqr) (const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
-    const BIGNUM *p;
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *rh, *tmp, *Z4, *Z6;
-    int ret = -1;
-
-    if (EC_POINT_is_at_infinity(group, point))
-        return 1;
-
-    field_mul = group->meth->field_mul;
-    field_sqr = group->meth->field_sqr;
-    p = &group->field;
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL)
-            return -1;
-    }
-
-    BN_CTX_start(ctx);
-    rh = BN_CTX_get(ctx);
-    tmp = BN_CTX_get(ctx);
-    Z4 = BN_CTX_get(ctx);
-    Z6 = BN_CTX_get(ctx);
-    if (Z6 == NULL)
-        goto err;
-
-    /*-
-     * We have a curve defined by a Weierstrass equation
-     *      y^2 = x^3 + a*x + b.
-     * The point to consider is given in Jacobian projective coordinates
-     * where  (X, Y, Z)  represents  (x, y) = (X/Z^2, Y/Z^3).
-     * Substituting this and multiplying by  Z^6  transforms the above equation into
-     *      Y^2 = X^3 + a*X*Z^4 + b*Z^6.
-     * To test this, we add up the right-hand side in 'rh'.
-     */
-
-    /* rh := X^2 */
-    if (!field_sqr(group, rh, &point->X, ctx))
-        goto err;
-
-    if (!point->Z_is_one) {
-        if (!field_sqr(group, tmp, &point->Z, ctx))
-            goto err;
-        if (!field_sqr(group, Z4, tmp, ctx))
-            goto err;
-        if (!field_mul(group, Z6, Z4, tmp, ctx))
-            goto err;
-
-        /* rh := (rh + a*Z^4)*X */
-        if (group->a_is_minus3) {
-            if (!BN_mod_lshift1_quick(tmp, Z4, p))
-                goto err;
-            if (!BN_mod_add_quick(tmp, tmp, Z4, p))
-                goto err;
-            if (!BN_mod_sub_quick(rh, rh, tmp, p))
-                goto err;
-            if (!field_mul(group, rh, rh, &point->X, ctx))
-                goto err;
-        } else {
-            if (!field_mul(group, tmp, Z4, &group->a, ctx))
-                goto err;
-            if (!BN_mod_add_quick(rh, rh, tmp, p))
-                goto err;
-            if (!field_mul(group, rh, rh, &point->X, ctx))
-                goto err;
-        }
-
-        /* rh := rh + b*Z^6 */
-        if (!field_mul(group, tmp, &group->b, Z6, ctx))
-            goto err;
-        if (!BN_mod_add_quick(rh, rh, tmp, p))
-            goto err;
-    } else {
-        /* point->Z_is_one */
-
-        /* rh := (rh + a)*X */
-        if (!BN_mod_add_quick(rh, rh, &group->a, p))
-            goto err;
-        if (!field_mul(group, rh, rh, &point->X, ctx))
-            goto err;
-        /* rh := rh + b */
-        if (!BN_mod_add_quick(rh, rh, &group->b, p))
-            goto err;
-    }
-
-    /* 'lh' := Y^2 */
-    if (!field_sqr(group, tmp, &point->Y, ctx))
-        goto err;
-
-    ret = (0 == BN_ucmp(tmp, rh));
-
- err:
-    BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-
-int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a,
-                      const EC_POINT *b, BN_CTX *ctx)
-{
-    /*-
-     * return values:
-     *  -1   error
-     *   0   equal (in affine coordinates)
-     *   1   not equal
-     */
-
-    int (*field_mul) (const EC_GROUP *, BIGNUM *, const BIGNUM *,
-                      const BIGNUM *, BN_CTX *);
-    int (*field_sqr) (const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *tmp1, *tmp2, *Za23, *Zb23;
-    const BIGNUM *tmp1_, *tmp2_;
-    int ret = -1;
-
-    if (EC_POINT_is_at_infinity(group, a)) {
-        return EC_POINT_is_at_infinity(group, b) ? 0 : 1;
-    }
-
-    if (EC_POINT_is_at_infinity(group, b))
-        return 1;
-
-    if (a->Z_is_one && b->Z_is_one) {
-        return ((BN_cmp(&a->X, &b->X) == 0)
-                && BN_cmp(&a->Y, &b->Y) == 0) ? 0 : 1;
-    }
-
-    field_mul = group->meth->field_mul;
-    field_sqr = group->meth->field_sqr;
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL)
-            return -1;
-    }
-
-    BN_CTX_start(ctx);
-    tmp1 = BN_CTX_get(ctx);
-    tmp2 = BN_CTX_get(ctx);
-    Za23 = BN_CTX_get(ctx);
-    Zb23 = BN_CTX_get(ctx);
-    if (Zb23 == NULL)
-        goto end;
-
-    /*-
-     * We have to decide whether
-     *     (X_a/Z_a^2, Y_a/Z_a^3) = (X_b/Z_b^2, Y_b/Z_b^3),
-     * or equivalently, whether
-     *     (X_a*Z_b^2, Y_a*Z_b^3) = (X_b*Z_a^2, Y_b*Z_a^3).
-     */
-
-    if (!b->Z_is_one) {
-        if (!field_sqr(group, Zb23, &b->Z, ctx))
-            goto end;
-        if (!field_mul(group, tmp1, &a->X, Zb23, ctx))
-            goto end;
-        tmp1_ = tmp1;
-    } else
-        tmp1_ = &a->X;
-    if (!a->Z_is_one) {
-        if (!field_sqr(group, Za23, &a->Z, ctx))
-            goto end;
-        if (!field_mul(group, tmp2, &b->X, Za23, ctx))
-            goto end;
-        tmp2_ = tmp2;
-    } else
-        tmp2_ = &b->X;
-
-    /* compare  X_a*Z_b^2  with  X_b*Z_a^2 */
-    if (BN_cmp(tmp1_, tmp2_) != 0) {
-        ret = 1;                /* points differ */
-        goto end;
-    }
-
-    if (!b->Z_is_one) {
-        if (!field_mul(group, Zb23, Zb23, &b->Z, ctx))
-            goto end;
-        if (!field_mul(group, tmp1, &a->Y, Zb23, ctx))
-            goto end;
-        /* tmp1_ = tmp1 */
-    } else
-        tmp1_ = &a->Y;
-    if (!a->Z_is_one) {
-        if (!field_mul(group, Za23, Za23, &a->Z, ctx))
-            goto end;
-        if (!field_mul(group, tmp2, &b->Y, Za23, ctx))
-            goto end;
-        /* tmp2_ = tmp2 */
-    } else
-        tmp2_ = &b->Y;
-
-    /* compare  Y_a*Z_b^3  with  Y_b*Z_a^3 */
-    if (BN_cmp(tmp1_, tmp2_) != 0) {
-        ret = 1;                /* points differ */
-        goto end;
-    }
-
-    /* points are equal */
-    ret = 0;
-
- end:
-    BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-
-int ec_GFp_simple_make_affine(const EC_GROUP *group, EC_POINT *point,
-                              BN_CTX *ctx)
-{
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *x, *y;
-    int ret = 0;
-
-    if (point->Z_is_one || EC_POINT_is_at_infinity(group, point))
-        return 1;
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL)
-            return 0;
-    }
-
-    BN_CTX_start(ctx);
-    x = BN_CTX_get(ctx);
-    y = BN_CTX_get(ctx);
-    if (y == NULL)
-        goto err;
-
-    if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx))
-        goto err;
-    if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx))
-        goto err;
-    if (!point->Z_is_one) {
-        ECerr(EC_F_EC_GFP_SIMPLE_MAKE_AFFINE, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-
-    ret = 1;
-
- err:
-    BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    return ret;
-}
-
-int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num,
-                                     EC_POINT *points[], BN_CTX *ctx)
-{
-    BN_CTX *new_ctx = NULL;
-    BIGNUM *tmp, *tmp_Z;
-    BIGNUM **prod_Z = NULL;
-    size_t i;
-    int ret = 0;
-
-    if (num == 0)
-        return 1;
-
-    if (ctx == NULL) {
-        ctx = new_ctx = BN_CTX_new();
-        if (ctx == NULL)
-            return 0;
-    }
-
-    BN_CTX_start(ctx);
-    tmp = BN_CTX_get(ctx);
-    tmp_Z = BN_CTX_get(ctx);
-    if (tmp == NULL || tmp_Z == NULL)
-        goto err;
-
-    prod_Z = OPENSSL_malloc(num * sizeof prod_Z[0]);
-    if (prod_Z == NULL)
-        goto err;
-    for (i = 0; i < num; i++) {
-        prod_Z[i] = BN_new();
-        if (prod_Z[i] == NULL)
-            goto err;
-    }
-
-    /*
-     * Set each prod_Z[i] to the product of points[0]->Z .. points[i]->Z,
-     * skipping any zero-valued inputs (pretend that they're 1).
-     */
-
-    if (!BN_is_zero(&points[0]->Z)) {
-        if (!BN_copy(prod_Z[0], &points[0]->Z))
-            goto err;
-    } else {
-        if (group->meth->field_set_to_one != 0) {
-            if (!group->meth->field_set_to_one(group, prod_Z[0], ctx))
-                goto err;
-        } else {
-            if (!BN_one(prod_Z[0]))
-                goto err;
-        }
-    }
-
-    for (i = 1; i < num; i++) {
-        if (!BN_is_zero(&points[i]->Z)) {
-            if (!group->meth->field_mul(group, prod_Z[i], prod_Z[i - 1],
-                                        &points[i]->Z, ctx))
-                goto err;
-        } else {
-            if (!BN_copy(prod_Z[i], prod_Z[i - 1]))
-                goto err;
-        }
-    }
-
-    /*
-     * Now use a single explicit inversion to replace every non-zero
-     * points[i]->Z by its inverse.
-     */
-
-    if (!BN_mod_inverse(tmp, prod_Z[num - 1], &group->field, ctx)) {
-        ECerr(EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE, ERR_R_BN_LIB);
-        goto err;
-    }
-    if (group->meth->field_encode != 0) {
-        /*
-         * In the Montgomery case, we just turned R*H (representing H) into
-         * 1/(R*H), but we need R*(1/H) (representing 1/H); i.e. we need to
-         * multiply by the Montgomery factor twice.
-         */
-        if (!group->meth->field_encode(group, tmp, tmp, ctx))
-            goto err;
-        if (!group->meth->field_encode(group, tmp, tmp, ctx))
-            goto err;
-    }
-
-    for (i = num - 1; i > 0; --i) {
-        /*
-         * Loop invariant: tmp is the product of the inverses of points[0]->Z
-         * .. points[i]->Z (zero-valued inputs skipped).
-         */
-        if (!BN_is_zero(&points[i]->Z)) {
-            /*
-             * Set tmp_Z to the inverse of points[i]->Z (as product of Z
-             * inverses 0 .. i, Z values 0 .. i - 1).
-             */
-            if (!group->
-                meth->field_mul(group, tmp_Z, prod_Z[i - 1], tmp, ctx))
-                goto err;
-            /*
-             * Update tmp to satisfy the loop invariant for i - 1.
-             */
-            if (!group->meth->field_mul(group, tmp, tmp, &points[i]->Z, ctx))
-                goto err;
-            /* Replace points[i]->Z by its inverse. */
-            if (!BN_copy(&points[i]->Z, tmp_Z))
-                goto err;
-        }
-    }
-
-    if (!BN_is_zero(&points[0]->Z)) {
-        /* Replace points[0]->Z by its inverse. */
-        if (!BN_copy(&points[0]->Z, tmp))
-            goto err;
-    }
-
-    /* Finally, fix up the X and Y coordinates for all points. */
-
-    for (i = 0; i < num; i++) {
-        EC_POINT *p = points[i];
-
-        if (!BN_is_zero(&p->Z)) {
-            /* turn  (X, Y, 1/Z)  into  (X/Z^2, Y/Z^3, 1) */
-
-            if (!group->meth->field_sqr(group, tmp, &p->Z, ctx))
-                goto err;
-            if (!group->meth->field_mul(group, &p->X, &p->X, tmp, ctx))
-                goto err;
-
-            if (!group->meth->field_mul(group, tmp, tmp, &p->Z, ctx))
-                goto err;
-            if (!group->meth->field_mul(group, &p->Y, &p->Y, tmp, ctx))
-                goto err;
-
-            if (group->meth->field_set_to_one != 0) {
-                if (!group->meth->field_set_to_one(group, &p->Z, ctx))
-                    goto err;
-            } else {
-                if (!BN_one(&p->Z))
-                    goto err;
-            }
-            p->Z_is_one = 1;
-        }
-    }
-
-    ret = 1;
-
- err:
-    BN_CTX_end(ctx);
-    if (new_ctx != NULL)
-        BN_CTX_free(new_ctx);
-    if (prod_Z != NULL) {
-        for (i = 0; i < num; i++) {
-            if (prod_Z[i] == NULL)
-                break;
-            BN_clear_free(prod_Z[i]);
-        }
-        OPENSSL_free(prod_Z);
-    }
-    return ret;
-}
-
-int ec_GFp_simple_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
-                            const BIGNUM *b, BN_CTX *ctx)
-{
-    return BN_mod_mul(r, a, b, &group->field, ctx);
-}
-
-int ec_GFp_simple_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
-                            BN_CTX *ctx)
-{
-    return BN_mod_sqr(r, a, &group->field, ctx);
-}
diff --git a/thirdparty/openssl/crypto/ecdh/ech_err.c b/thirdparty/openssl/crypto/ecdh/ech_err.c
deleted file mode 100644
index af9f625b41..0000000000
--- a/thirdparty/openssl/crypto/ecdh/ech_err.c
+++ /dev/null
@@ -1,98 +0,0 @@
-/* crypto/ecdh/ech_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/ecdh.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_ECDH,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_ECDH,0,reason)
-
-static ERR_STRING_DATA ECDH_str_functs[] = {
-    {ERR_FUNC(ECDH_F_ECDH_CHECK), "ECDH_CHECK"},
-    {ERR_FUNC(ECDH_F_ECDH_COMPUTE_KEY), "ECDH_compute_key"},
-    {ERR_FUNC(ECDH_F_ECDH_DATA_NEW_METHOD), "ECDH_DATA_new_method"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA ECDH_str_reasons[] = {
-    {ERR_REASON(ECDH_R_KDF_FAILED), "KDF failed"},
-    {ERR_REASON(ECDH_R_NON_FIPS_METHOD), "non fips method"},
-    {ERR_REASON(ECDH_R_NO_PRIVATE_VALUE), "no private value"},
-    {ERR_REASON(ECDH_R_POINT_ARITHMETIC_FAILURE), "point arithmetic failure"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_ECDH_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(ECDH_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, ECDH_str_functs);
-        ERR_load_strings(0, ECDH_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/ecdh/ech_kdf.c b/thirdparty/openssl/crypto/ecdh/ech_kdf.c
deleted file mode 100644
index ac722ac9ee..0000000000
--- a/thirdparty/openssl/crypto/ecdh/ech_kdf.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/ecdh/ec_kdf.c */
-/*
- * Written by Stephen Henson for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 2013 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#define OPENSSL_FIPSAPI
-
-#include <string.h>
-#include <openssl/ecdh.h>
-#include <openssl/evp.h>
-
-/* Key derivation function from X9.62/SECG */
-/* Way more than we will ever need */
-#define ECDH_KDF_MAX    (1 << 30)
-
-int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
-                   const unsigned char *Z, size_t Zlen,
-                   const unsigned char *sinfo, size_t sinfolen,
-                   const EVP_MD *md)
-{
-    EVP_MD_CTX mctx;
-    int rv = 0;
-    unsigned int i;
-    size_t mdlen;
-    unsigned char ctr[4];
-    if (sinfolen > ECDH_KDF_MAX || outlen > ECDH_KDF_MAX
-        || Zlen > ECDH_KDF_MAX)
-        return 0;
-    mdlen = EVP_MD_size(md);
-    EVP_MD_CTX_init(&mctx);
-    for (i = 1;; i++) {
-        unsigned char mtmp[EVP_MAX_MD_SIZE];
-        EVP_DigestInit_ex(&mctx, md, NULL);
-        ctr[3] = i & 0xFF;
-        ctr[2] = (i >> 8) & 0xFF;
-        ctr[1] = (i >> 16) & 0xFF;
-        ctr[0] = (i >> 24) & 0xFF;
-        if (!EVP_DigestUpdate(&mctx, Z, Zlen))
-            goto err;
-        if (!EVP_DigestUpdate(&mctx, ctr, sizeof(ctr)))
-            goto err;
-        if (!EVP_DigestUpdate(&mctx, sinfo, sinfolen))
-            goto err;
-        if (outlen >= mdlen) {
-            if (!EVP_DigestFinal(&mctx, out, NULL))
-                goto err;
-            outlen -= mdlen;
-            if (outlen == 0)
-                break;
-            out += mdlen;
-        } else {
-            if (!EVP_DigestFinal(&mctx, mtmp, NULL))
-                goto err;
-            memcpy(out, mtmp, outlen);
-            OPENSSL_cleanse(mtmp, mdlen);
-            break;
-        }
-    }
-    rv = 1;
- err:
-    EVP_MD_CTX_cleanup(&mctx);
-    return rv;
-}
diff --git a/thirdparty/openssl/crypto/ecdh/ech_key.c b/thirdparty/openssl/crypto/ecdh/ech_key.c
deleted file mode 100644
index 4f14498962..0000000000
--- a/thirdparty/openssl/crypto/ecdh/ech_key.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* crypto/ecdh/ecdh_key.c */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
- * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
- * to the OpenSSL project.
- *
- * The ECC Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- *
- * The ECDH software is originally written by Douglas Stebila of
- * Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ech_locl.h"
-
-int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
-                     EC_KEY *eckey,
-                     void *(*KDF) (const void *in, size_t inlen, void *out,
-                                   size_t *outlen))
-{
-    ECDH_DATA *ecdh = ecdh_check(eckey);
-    if (ecdh == NULL)
-        return 0;
-    return ecdh->meth->compute_key(out, outlen, pub_key, eckey, KDF);
-}
diff --git a/thirdparty/openssl/crypto/ecdh/ech_lib.c b/thirdparty/openssl/crypto/ecdh/ech_lib.c
deleted file mode 100644
index cbc21d1a27..0000000000
--- a/thirdparty/openssl/crypto/ecdh/ech_lib.c
+++ /dev/null
@@ -1,265 +0,0 @@
-/* crypto/ecdh/ech_lib.c */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
- * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
- * to the OpenSSL project.
- *
- * The ECC Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- *
- * The ECDH software is originally written by Douglas Stebila of
- * Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ech_locl.h"
-#include <string.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-#include <openssl/err.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
-const char ECDH_version[] = "ECDH" OPENSSL_VERSION_PTEXT;
-
-static const ECDH_METHOD *default_ECDH_method = NULL;
-
-static void *ecdh_data_new(void);
-static void *ecdh_data_dup(void *);
-static void ecdh_data_free(void *);
-
-void ECDH_set_default_method(const ECDH_METHOD *meth)
-{
-    default_ECDH_method = meth;
-}
-
-const ECDH_METHOD *ECDH_get_default_method(void)
-{
-    if (!default_ECDH_method) {
-#ifdef OPENSSL_FIPS
-        if (FIPS_mode())
-            return FIPS_ecdh_openssl();
-        else
-            return ECDH_OpenSSL();
-#else
-        default_ECDH_method = ECDH_OpenSSL();
-#endif
-    }
-    return default_ECDH_method;
-}
-
-int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
-{
-    ECDH_DATA *ecdh;
-
-    ecdh = ecdh_check(eckey);
-
-    if (ecdh == NULL)
-        return 0;
-
-#if 0
-    mtmp = ecdh->meth;
-    if (mtmp->finish)
-        mtmp->finish(eckey);
-#endif
-#ifndef OPENSSL_NO_ENGINE
-    if (ecdh->engine) {
-        ENGINE_finish(ecdh->engine);
-        ecdh->engine = NULL;
-    }
-#endif
-    ecdh->meth = meth;
-#if 0
-    if (meth->init)
-        meth->init(eckey);
-#endif
-    return 1;
-}
-
-static ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine)
-{
-    ECDH_DATA *ret;
-
-    ret = (ECDH_DATA *)OPENSSL_malloc(sizeof(ECDH_DATA));
-    if (ret == NULL) {
-        ECDHerr(ECDH_F_ECDH_DATA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
-        return (NULL);
-    }
-
-    ret->init = NULL;
-
-    ret->meth = ECDH_get_default_method();
-    ret->engine = engine;
-#ifndef OPENSSL_NO_ENGINE
-    if (!ret->engine)
-        ret->engine = ENGINE_get_default_ECDH();
-    if (ret->engine) {
-        ret->meth = ENGINE_get_ECDH(ret->engine);
-        if (!ret->meth) {
-            ECDHerr(ECDH_F_ECDH_DATA_NEW_METHOD, ERR_R_ENGINE_LIB);
-            ENGINE_finish(ret->engine);
-            OPENSSL_free(ret);
-            return NULL;
-        }
-    }
-#endif
-
-    ret->flags = ret->meth->flags;
-    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data);
-#if 0
-    if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
-        CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data);
-        OPENSSL_free(ret);
-        ret = NULL;
-    }
-#endif
-    return (ret);
-}
-
-static void *ecdh_data_new(void)
-{
-    return (void *)ECDH_DATA_new_method(NULL);
-}
-
-static void *ecdh_data_dup(void *data)
-{
-    ECDH_DATA *r = (ECDH_DATA *)data;
-
-    /* XXX: dummy operation */
-    if (r == NULL)
-        return NULL;
-
-    return (void *)ecdh_data_new();
-}
-
-void ecdh_data_free(void *data)
-{
-    ECDH_DATA *r = (ECDH_DATA *)data;
-
-#ifndef OPENSSL_NO_ENGINE
-    if (r->engine)
-        ENGINE_finish(r->engine);
-#endif
-
-    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, r, &r->ex_data);
-
-    OPENSSL_cleanse((void *)r, sizeof(ECDH_DATA));
-
-    OPENSSL_free(r);
-}
-
-ECDH_DATA *ecdh_check(EC_KEY *key)
-{
-    ECDH_DATA *ecdh_data;
-
-    void *data = EC_KEY_get_key_method_data(key, ecdh_data_dup,
-                                            ecdh_data_free, ecdh_data_free);
-    if (data == NULL) {
-        ecdh_data = (ECDH_DATA *)ecdh_data_new();
-        if (ecdh_data == NULL)
-            return NULL;
-        data = EC_KEY_insert_key_method_data(key, (void *)ecdh_data,
-                                             ecdh_data_dup, ecdh_data_free,
-                                             ecdh_data_free);
-        if (data != NULL) {
-            /*
-             * Another thread raced us to install the key_method data and
-             * won.
-             */
-            ecdh_data_free(ecdh_data);
-            ecdh_data = (ECDH_DATA *)data;
-        }
-    } else
-        ecdh_data = (ECDH_DATA *)data;
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode() && !(ecdh_data->flags & ECDH_FLAG_FIPS_METHOD)
-        && !(EC_KEY_get_flags(key) & EC_FLAG_NON_FIPS_ALLOW)) {
-        ECDHerr(ECDH_F_ECDH_CHECK, ECDH_R_NON_FIPS_METHOD);
-        return NULL;
-    }
-#endif
-
-    return ecdh_data;
-}
-
-int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-                          CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ECDH, argl, argp,
-                                   new_func, dup_func, free_func);
-}
-
-int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg)
-{
-    ECDH_DATA *ecdh;
-    ecdh = ecdh_check(d);
-    if (ecdh == NULL)
-        return 0;
-    return (CRYPTO_set_ex_data(&ecdh->ex_data, idx, arg));
-}
-
-void *ECDH_get_ex_data(EC_KEY *d, int idx)
-{
-    ECDH_DATA *ecdh;
-    ecdh = ecdh_check(d);
-    if (ecdh == NULL)
-        return NULL;
-    return (CRYPTO_get_ex_data(&ecdh->ex_data, idx));
-}
diff --git a/thirdparty/openssl/crypto/ecdh/ech_locl.h b/thirdparty/openssl/crypto/ecdh/ech_locl.h
deleted file mode 100644
index 4e66024c75..0000000000
--- a/thirdparty/openssl/crypto/ecdh/ech_locl.h
+++ /dev/null
@@ -1,104 +0,0 @@
-/* crypto/ecdh/ech_locl.h */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_ECH_LOCL_H
-# define HEADER_ECH_LOCL_H
-
-# include <openssl/ecdh.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-struct ecdh_method {
-    const char *name;
-    int (*compute_key) (void *key, size_t outlen, const EC_POINT *pub_key,
-                        EC_KEY *ecdh, void *(*KDF) (const void *in,
-                                                    size_t inlen, void *out,
-                                                    size_t *outlen));
-# if 0
-    int (*init) (EC_KEY *eckey);
-    int (*finish) (EC_KEY *eckey);
-# endif
-    int flags;
-    char *app_data;
-};
-
-/*
- * If this flag is set the ECDH method is FIPS compliant and can be used in
- * FIPS mode. This is set in the validated module method. If an application
- * sets this flag in its own methods it is its responsibility to ensure the
- * result is compliant.
- */
-
-# define ECDH_FLAG_FIPS_METHOD   0x1
-
-typedef struct ecdh_data_st {
-    /* EC_KEY_METH_DATA part */
-    int (*init) (EC_KEY *);
-    /* method specific part */
-    ENGINE *engine;
-    int flags;
-    const ECDH_METHOD *meth;
-    CRYPTO_EX_DATA ex_data;
-} ECDH_DATA;
-
-ECDH_DATA *ecdh_check(EC_KEY *);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif                          /* HEADER_ECH_LOCL_H */
diff --git a/thirdparty/openssl/crypto/ecdh/ech_ossl.c b/thirdparty/openssl/crypto/ecdh/ech_ossl.c
deleted file mode 100644
index d3b05247fe..0000000000
--- a/thirdparty/openssl/crypto/ecdh/ech_ossl.c
+++ /dev/null
@@ -1,220 +0,0 @@
-/* crypto/ecdh/ech_ossl.c */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
- * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
- * to the OpenSSL project.
- *
- * The ECC Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- *
- * The ECDH software is originally written by Douglas Stebila of
- * Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-#include <limits.h>
-
-#include "cryptlib.h"
-
-#include "ech_locl.h"
-#include <openssl/err.h>
-#include <openssl/sha.h>
-#include <openssl/obj_mac.h>
-#include <openssl/bn.h>
-
-static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key,
-                            EC_KEY *ecdh,
-                            void *(*KDF) (const void *in, size_t inlen,
-                                          void *out, size_t *outlen));
-
-static ECDH_METHOD openssl_ecdh_meth = {
-    "OpenSSL ECDH method",
-    ecdh_compute_key,
-#if 0
-    NULL,                       /* init */
-    NULL,                       /* finish */
-#endif
-    0,                          /* flags */
-    NULL                        /* app_data */
-};
-
-const ECDH_METHOD *ECDH_OpenSSL(void)
-{
-    return &openssl_ecdh_meth;
-}
-
-/*-
- * This implementation is based on the following primitives in the IEEE 1363 standard:
- *  - ECKAS-DH1
- *  - ECSVDP-DH
- * Finally an optional KDF is applied.
- */
-static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
-                            EC_KEY *ecdh,
-                            void *(*KDF) (const void *in, size_t inlen,
-                                          void *out, size_t *outlen))
-{
-    BN_CTX *ctx;
-    EC_POINT *tmp = NULL;
-    BIGNUM *x = NULL, *y = NULL;
-    const BIGNUM *priv_key;
-    const EC_GROUP *group;
-    int ret = -1;
-    size_t buflen, len;
-    unsigned char *buf = NULL;
-
-    if (outlen > INT_MAX) {
-        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE); /* sort of,
-                                                                 * anyway */
-        return -1;
-    }
-
-    if ((ctx = BN_CTX_new()) == NULL)
-        goto err;
-    BN_CTX_start(ctx);
-    x = BN_CTX_get(ctx);
-    y = BN_CTX_get(ctx);
-
-    priv_key = EC_KEY_get0_private_key(ecdh);
-    if (priv_key == NULL) {
-        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_NO_PRIVATE_VALUE);
-        goto err;
-    }
-
-    group = EC_KEY_get0_group(ecdh);
-
-    if (EC_KEY_get_flags(ecdh) & EC_FLAG_COFACTOR_ECDH) {
-        if (!EC_GROUP_get_cofactor(group, x, ctx) ||
-            !BN_mul(x, x, priv_key, ctx)) {
-            ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        priv_key = x;
-    }
-
-    if ((tmp = EC_POINT_new(group)) == NULL) {
-        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (!EC_POINT_mul(group, tmp, NULL, pub_key, priv_key, ctx)) {
-        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_POINT_ARITHMETIC_FAILURE);
-        goto err;
-    }
-
-    if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
-        NID_X9_62_prime_field) {
-        if (!EC_POINT_get_affine_coordinates_GFp(group, tmp, x, y, ctx)) {
-            ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_POINT_ARITHMETIC_FAILURE);
-            goto err;
-        }
-    }
-#ifndef OPENSSL_NO_EC2M
-    else {
-        if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp, x, y, ctx)) {
-            ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_POINT_ARITHMETIC_FAILURE);
-            goto err;
-        }
-    }
-#endif
-
-    buflen = (EC_GROUP_get_degree(group) + 7) / 8;
-    len = BN_num_bytes(x);
-    if (len > buflen) {
-        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-    if ((buf = OPENSSL_malloc(buflen)) == NULL) {
-        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    memset(buf, 0, buflen - len);
-    if (len != (size_t)BN_bn2bin(x, buf + buflen - len)) {
-        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_BN_LIB);
-        goto err;
-    }
-
-    if (KDF != 0) {
-        if (KDF(buf, buflen, out, &outlen) == NULL) {
-            ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_KDF_FAILED);
-            goto err;
-        }
-        ret = outlen;
-    } else {
-        /* no KDF, just copy as much as we can */
-        if (outlen > buflen)
-            outlen = buflen;
-        memcpy(out, buf, outlen);
-        ret = outlen;
-    }
-
- err:
-    if (tmp)
-        EC_POINT_free(tmp);
-    if (ctx)
-        BN_CTX_end(ctx);
-    if (ctx)
-        BN_CTX_free(ctx);
-    if (buf) {
-        OPENSSL_cleanse(buf, buflen);
-        OPENSSL_free(buf);
-    }
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/ecdsa/ecs_asn1.c b/thirdparty/openssl/crypto/ecdsa/ecs_asn1.c
deleted file mode 100644
index 508b079f25..0000000000
--- a/thirdparty/openssl/crypto/ecdsa/ecs_asn1.c
+++ /dev/null
@@ -1,67 +0,0 @@
-/* crypto/ecdsa/ecs_asn1.c */
-/* ====================================================================
- * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ecs_locl.h"
-#include <openssl/err.h>
-#include <openssl/asn1t.h>
-
-ASN1_SEQUENCE(ECDSA_SIG) = {
-        ASN1_SIMPLE(ECDSA_SIG, r, CBIGNUM),
-        ASN1_SIMPLE(ECDSA_SIG, s, CBIGNUM)
-} ASN1_SEQUENCE_END(ECDSA_SIG)
-
-DECLARE_ASN1_FUNCTIONS_const(ECDSA_SIG)
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECDSA_SIG, ECDSA_SIG)
-IMPLEMENT_ASN1_FUNCTIONS_const(ECDSA_SIG)
diff --git a/thirdparty/openssl/crypto/ecdsa/ecs_err.c b/thirdparty/openssl/crypto/ecdsa/ecs_err.c
deleted file mode 100644
index f1fa7b55f9..0000000000
--- a/thirdparty/openssl/crypto/ecdsa/ecs_err.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/* crypto/ecdsa/ecs_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/ecdsa.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_ECDSA,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_ECDSA,0,reason)
-
-static ERR_STRING_DATA ECDSA_str_functs[] = {
-    {ERR_FUNC(ECDSA_F_ECDSA_CHECK), "ECDSA_CHECK"},
-    {ERR_FUNC(ECDSA_F_ECDSA_DATA_NEW_METHOD), "ECDSA_DATA_NEW_METHOD"},
-    {ERR_FUNC(ECDSA_F_ECDSA_DO_SIGN), "ECDSA_do_sign"},
-    {ERR_FUNC(ECDSA_F_ECDSA_DO_VERIFY), "ECDSA_do_verify"},
-    {ERR_FUNC(ECDSA_F_ECDSA_METHOD_NEW), "ECDSA_METHOD_new"},
-    {ERR_FUNC(ECDSA_F_ECDSA_SIGN_SETUP), "ECDSA_sign_setup"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA ECDSA_str_reasons[] = {
-    {ERR_REASON(ECDSA_R_BAD_SIGNATURE), "bad signature"},
-    {ERR_REASON(ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),
-     "data too large for key size"},
-    {ERR_REASON(ECDSA_R_ERR_EC_LIB), "err ec lib"},
-    {ERR_REASON(ECDSA_R_MISSING_PARAMETERS), "missing parameters"},
-    {ERR_REASON(ECDSA_R_NEED_NEW_SETUP_VALUES), "need new setup values"},
-    {ERR_REASON(ECDSA_R_NON_FIPS_METHOD), "non fips method"},
-    {ERR_REASON(ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED),
-     "random number generation failed"},
-    {ERR_REASON(ECDSA_R_SIGNATURE_MALLOC_FAILED), "signature malloc failed"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_ECDSA_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(ECDSA_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, ECDSA_str_functs);
-        ERR_load_strings(0, ECDSA_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/ecdsa/ecs_lib.c b/thirdparty/openssl/crypto/ecdsa/ecs_lib.c
deleted file mode 100644
index 8dc1dda462..0000000000
--- a/thirdparty/openssl/crypto/ecdsa/ecs_lib.c
+++ /dev/null
@@ -1,354 +0,0 @@
-/* crypto/ecdsa/ecs_lib.c */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-#include "ecs_locl.h"
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-#include <openssl/err.h>
-#include <openssl/bn.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
-const char ECDSA_version[] = "ECDSA" OPENSSL_VERSION_PTEXT;
-
-static const ECDSA_METHOD *default_ECDSA_method = NULL;
-
-static void *ecdsa_data_new(void);
-static void *ecdsa_data_dup(void *);
-static void ecdsa_data_free(void *);
-
-void ECDSA_set_default_method(const ECDSA_METHOD *meth)
-{
-    default_ECDSA_method = meth;
-}
-
-const ECDSA_METHOD *ECDSA_get_default_method(void)
-{
-    if (!default_ECDSA_method) {
-#ifdef OPENSSL_FIPS
-        if (FIPS_mode())
-            return FIPS_ecdsa_openssl();
-        else
-            return ECDSA_OpenSSL();
-#else
-        default_ECDSA_method = ECDSA_OpenSSL();
-#endif
-    }
-    return default_ECDSA_method;
-}
-
-int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
-{
-    ECDSA_DATA *ecdsa;
-
-    ecdsa = ecdsa_check(eckey);
-
-    if (ecdsa == NULL)
-        return 0;
-
-#ifndef OPENSSL_NO_ENGINE
-    if (ecdsa->engine) {
-        ENGINE_finish(ecdsa->engine);
-        ecdsa->engine = NULL;
-    }
-#endif
-    ecdsa->meth = meth;
-
-    return 1;
-}
-
-static ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine)
-{
-    ECDSA_DATA *ret;
-
-    ret = (ECDSA_DATA *)OPENSSL_malloc(sizeof(ECDSA_DATA));
-    if (ret == NULL) {
-        ECDSAerr(ECDSA_F_ECDSA_DATA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
-        return (NULL);
-    }
-
-    ret->init = NULL;
-
-    ret->meth = ECDSA_get_default_method();
-    ret->engine = engine;
-#ifndef OPENSSL_NO_ENGINE
-    if (!ret->engine)
-        ret->engine = ENGINE_get_default_ECDSA();
-    if (ret->engine) {
-        ret->meth = ENGINE_get_ECDSA(ret->engine);
-        if (!ret->meth) {
-            ECDSAerr(ECDSA_F_ECDSA_DATA_NEW_METHOD, ERR_R_ENGINE_LIB);
-            ENGINE_finish(ret->engine);
-            OPENSSL_free(ret);
-            return NULL;
-        }
-    }
-#endif
-
-    ret->flags = ret->meth->flags;
-    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDSA, ret, &ret->ex_data);
-#if 0
-    if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
-        CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, ret, &ret->ex_data);
-        OPENSSL_free(ret);
-        ret = NULL;
-    }
-#endif
-    return (ret);
-}
-
-static void *ecdsa_data_new(void)
-{
-    return (void *)ECDSA_DATA_new_method(NULL);
-}
-
-static void *ecdsa_data_dup(void *data)
-{
-    ECDSA_DATA *r = (ECDSA_DATA *)data;
-
-    /* XXX: dummy operation */
-    if (r == NULL)
-        return NULL;
-
-    return ecdsa_data_new();
-}
-
-static void ecdsa_data_free(void *data)
-{
-    ECDSA_DATA *r = (ECDSA_DATA *)data;
-
-#ifndef OPENSSL_NO_ENGINE
-    if (r->engine)
-        ENGINE_finish(r->engine);
-#endif
-    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, r, &r->ex_data);
-
-    OPENSSL_cleanse((void *)r, sizeof(ECDSA_DATA));
-
-    OPENSSL_free(r);
-}
-
-ECDSA_DATA *ecdsa_check(EC_KEY *key)
-{
-    ECDSA_DATA *ecdsa_data;
-
-    void *data = EC_KEY_get_key_method_data(key, ecdsa_data_dup,
-                                            ecdsa_data_free, ecdsa_data_free);
-    if (data == NULL) {
-        ecdsa_data = (ECDSA_DATA *)ecdsa_data_new();
-        if (ecdsa_data == NULL)
-            return NULL;
-        data = EC_KEY_insert_key_method_data(key, (void *)ecdsa_data,
-                                             ecdsa_data_dup, ecdsa_data_free,
-                                             ecdsa_data_free);
-        if (data != NULL) {
-            /*
-             * Another thread raced us to install the key_method data and
-             * won.
-             */
-            ecdsa_data_free(ecdsa_data);
-            ecdsa_data = (ECDSA_DATA *)data;
-        }
-    } else
-        ecdsa_data = (ECDSA_DATA *)data;
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode() && !(ecdsa_data->flags & ECDSA_FLAG_FIPS_METHOD)
-        && !(EC_KEY_get_flags(key) & EC_FLAG_NON_FIPS_ALLOW)) {
-        ECDSAerr(ECDSA_F_ECDSA_CHECK, ECDSA_R_NON_FIPS_METHOD);
-        return NULL;
-    }
-#endif
-
-    return ecdsa_data;
-}
-
-int ECDSA_size(const EC_KEY *r)
-{
-    int ret, i;
-    ASN1_INTEGER bs;
-    BIGNUM *order = NULL;
-    unsigned char buf[4];
-    const EC_GROUP *group;
-
-    if (r == NULL)
-        return 0;
-    group = EC_KEY_get0_group(r);
-    if (group == NULL)
-        return 0;
-
-    if ((order = BN_new()) == NULL)
-        return 0;
-    if (!EC_GROUP_get_order(group, order, NULL)) {
-        BN_clear_free(order);
-        return 0;
-    }
-    i = BN_num_bits(order);
-    bs.length = (i + 7) / 8;
-    bs.data = buf;
-    bs.type = V_ASN1_INTEGER;
-    /* If the top bit is set the asn1 encoding is 1 larger. */
-    buf[0] = 0xff;
-
-    i = i2d_ASN1_INTEGER(&bs, NULL);
-    i += i;                     /* r and s */
-    ret = ASN1_object_size(1, i, V_ASN1_SEQUENCE);
-    BN_clear_free(order);
-    return (ret);
-}
-
-int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-                           CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ECDSA, argl, argp,
-                                   new_func, dup_func, free_func);
-}
-
-int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg)
-{
-    ECDSA_DATA *ecdsa;
-    ecdsa = ecdsa_check(d);
-    if (ecdsa == NULL)
-        return 0;
-    return (CRYPTO_set_ex_data(&ecdsa->ex_data, idx, arg));
-}
-
-void *ECDSA_get_ex_data(EC_KEY *d, int idx)
-{
-    ECDSA_DATA *ecdsa;
-    ecdsa = ecdsa_check(d);
-    if (ecdsa == NULL)
-        return NULL;
-    return (CRYPTO_get_ex_data(&ecdsa->ex_data, idx));
-}
-
-ECDSA_METHOD *ECDSA_METHOD_new(const ECDSA_METHOD *ecdsa_meth)
-{
-    ECDSA_METHOD *ret;
-
-    ret = OPENSSL_malloc(sizeof(ECDSA_METHOD));
-    if (ret == NULL) {
-        ECDSAerr(ECDSA_F_ECDSA_METHOD_NEW, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    if (ecdsa_meth)
-        *ret = *ecdsa_meth;
-    else {
-        ret->ecdsa_sign_setup = 0;
-        ret->ecdsa_do_sign = 0;
-        ret->ecdsa_do_verify = 0;
-        ret->name = NULL;
-        ret->flags = 0;
-    }
-    ret->flags |= ECDSA_METHOD_FLAG_ALLOCATED;
-    return ret;
-}
-
-void ECDSA_METHOD_set_sign(ECDSA_METHOD *ecdsa_method,
-                           ECDSA_SIG *(*ecdsa_do_sign) (const unsigned char
-                                                        *dgst, int dgst_len,
-                                                        const BIGNUM *inv,
-                                                        const BIGNUM *rp,
-                                                        EC_KEY *eckey))
-{
-    ecdsa_method->ecdsa_do_sign = ecdsa_do_sign;
-}
-
-void ECDSA_METHOD_set_sign_setup(ECDSA_METHOD *ecdsa_method,
-                                 int (*ecdsa_sign_setup) (EC_KEY *eckey,
-                                                          BN_CTX *ctx,
-                                                          BIGNUM **kinv,
-                                                          BIGNUM **r))
-{
-    ecdsa_method->ecdsa_sign_setup = ecdsa_sign_setup;
-}
-
-void ECDSA_METHOD_set_verify(ECDSA_METHOD *ecdsa_method,
-                             int (*ecdsa_do_verify) (const unsigned char
-                                                     *dgst, int dgst_len,
-                                                     const ECDSA_SIG *sig,
-                                                     EC_KEY *eckey))
-{
-    ecdsa_method->ecdsa_do_verify = ecdsa_do_verify;
-}
-
-void ECDSA_METHOD_set_flags(ECDSA_METHOD *ecdsa_method, int flags)
-{
-    ecdsa_method->flags = flags | ECDSA_METHOD_FLAG_ALLOCATED;
-}
-
-void ECDSA_METHOD_set_name(ECDSA_METHOD *ecdsa_method, char *name)
-{
-    ecdsa_method->name = name;
-}
-
-void ECDSA_METHOD_free(ECDSA_METHOD *ecdsa_method)
-{
-    if (ecdsa_method->flags & ECDSA_METHOD_FLAG_ALLOCATED)
-        OPENSSL_free(ecdsa_method);
-}
-
-void ECDSA_METHOD_set_app_data(ECDSA_METHOD *ecdsa_method, void *app)
-{
-    ecdsa_method->app_data = app;
-}
-
-void *ECDSA_METHOD_get_app_data(ECDSA_METHOD *ecdsa_method)
-{
-    return ecdsa_method->app_data;
-}
diff --git a/thirdparty/openssl/crypto/ecdsa/ecs_locl.h b/thirdparty/openssl/crypto/ecdsa/ecs_locl.h
deleted file mode 100644
index d3a5efc547..0000000000
--- a/thirdparty/openssl/crypto/ecdsa/ecs_locl.h
+++ /dev/null
@@ -1,120 +0,0 @@
-/* crypto/ecdsa/ecs_locl.h */
-/*
- * Written by Nils Larsch for the OpenSSL project
- */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_ECS_LOCL_H
-# define HEADER_ECS_LOCL_H
-
-# include <openssl/ecdsa.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-struct ecdsa_method {
-    const char *name;
-    ECDSA_SIG *(*ecdsa_do_sign) (const unsigned char *dgst, int dgst_len,
-                                 const BIGNUM *inv, const BIGNUM *rp,
-                                 EC_KEY *eckey);
-    int (*ecdsa_sign_setup) (EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
-                             BIGNUM **r);
-    int (*ecdsa_do_verify) (const unsigned char *dgst, int dgst_len,
-                            const ECDSA_SIG *sig, EC_KEY *eckey);
-# if 0
-    int (*init) (EC_KEY *eckey);
-    int (*finish) (EC_KEY *eckey);
-# endif
-    int flags;
-    void *app_data;
-};
-
-/* The ECDSA_METHOD was allocated and can be freed */
-
-# define ECDSA_METHOD_FLAG_ALLOCATED 0x2
-
-/*
- * If this flag is set the ECDSA method is FIPS compliant and can be used in
- * FIPS mode. This is set in the validated module method. If an application
- * sets this flag in its own methods it is its responsibility to ensure the
- * result is compliant.
- */
-
-# define ECDSA_FLAG_FIPS_METHOD  0x1
-
-typedef struct ecdsa_data_st {
-    /* EC_KEY_METH_DATA part */
-    int (*init) (EC_KEY *);
-    /* method (ECDSA) specific part */
-    ENGINE *engine;
-    int flags;
-    const ECDSA_METHOD *meth;
-    CRYPTO_EX_DATA ex_data;
-} ECDSA_DATA;
-
-/** ecdsa_check
- * checks whether ECKEY->meth_data is a pointer to a ECDSA_DATA structure
- * and if not it removes the old meth_data and creates a ECDSA_DATA structure.
- * \param  eckey pointer to a EC_KEY object
- * \return pointer to a ECDSA_DATA structure
- */
-ECDSA_DATA *ecdsa_check(EC_KEY *eckey);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif                          /* HEADER_ECS_LOCL_H */
diff --git a/thirdparty/openssl/crypto/ecdsa/ecs_ossl.c b/thirdparty/openssl/crypto/ecdsa/ecs_ossl.c
deleted file mode 100644
index dd769609be..0000000000
--- a/thirdparty/openssl/crypto/ecdsa/ecs_ossl.c
+++ /dev/null
@@ -1,464 +0,0 @@
-/* crypto/ecdsa/ecs_ossl.c */
-/*
- * Written by Nils Larsch for the OpenSSL project
- */
-/* ====================================================================
- * Copyright (c) 1998-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ecs_locl.h"
-#include <openssl/err.h>
-#include <openssl/obj_mac.h>
-#include <openssl/bn.h>
-
-static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dlen,
-                                const BIGNUM *, const BIGNUM *,
-                                EC_KEY *eckey);
-static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
-                            BIGNUM **rp);
-static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
-                           const ECDSA_SIG *sig, EC_KEY *eckey);
-
-static ECDSA_METHOD openssl_ecdsa_meth = {
-    "OpenSSL ECDSA method",
-    ecdsa_do_sign,
-    ecdsa_sign_setup,
-    ecdsa_do_verify,
-#if 0
-    NULL,                       /* init */
-    NULL,                       /* finish */
-#endif
-    0,                          /* flags */
-    NULL                        /* app_data */
-};
-
-const ECDSA_METHOD *ECDSA_OpenSSL(void)
-{
-    return &openssl_ecdsa_meth;
-}
-
-static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
-                            BIGNUM **rp)
-{
-    BN_CTX *ctx = NULL;
-    BIGNUM *k = NULL, *r = NULL, *order = NULL, *X = NULL;
-    EC_POINT *tmp_point = NULL;
-    const EC_GROUP *group;
-    int ret = 0;
-
-    if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL) {
-        ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-
-    if (ctx_in == NULL) {
-        if ((ctx = BN_CTX_new()) == NULL) {
-            ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-    } else
-        ctx = ctx_in;
-
-    k = BN_new();               /* this value is later returned in *kinvp */
-    r = BN_new();               /* this value is later returned in *rp */
-    order = BN_new();
-    X = BN_new();
-    if (!k || !r || !order || !X) {
-        ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    if ((tmp_point = EC_POINT_new(group)) == NULL) {
-        ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
-        goto err;
-    }
-    if (!EC_GROUP_get_order(group, order, ctx)) {
-        ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
-        goto err;
-    }
-
-    do {
-        /* get random k */
-        do
-            if (!BN_rand_range(k, order)) {
-                ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,
-                         ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED);
-                goto err;
-            }
-        while (BN_is_zero(k)) ;
-
-        /*
-         * We do not want timing information to leak the length of k, so we
-         * compute G*k using an equivalent scalar of fixed bit-length.
-         */
-
-        if (!BN_add(k, k, order))
-            goto err;
-        if (BN_num_bits(k) <= BN_num_bits(order))
-            if (!BN_add(k, k, order))
-                goto err;
-
-        /* compute r the x-coordinate of generator * k */
-        if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) {
-            ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
-            goto err;
-        }
-        if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
-            NID_X9_62_prime_field) {
-            if (!EC_POINT_get_affine_coordinates_GFp
-                (group, tmp_point, X, NULL, ctx)) {
-                ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
-                goto err;
-            }
-        }
-#ifndef OPENSSL_NO_EC2M
-        else {                  /* NID_X9_62_characteristic_two_field */
-
-            if (!EC_POINT_get_affine_coordinates_GF2m(group,
-                                                      tmp_point, X, NULL,
-                                                      ctx)) {
-                ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
-                goto err;
-            }
-        }
-#endif
-        if (!BN_nnmod(r, X, order, ctx)) {
-            ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
-            goto err;
-        }
-    }
-    while (BN_is_zero(r));
-
-    /* compute the inverse of k */
-    if (EC_GROUP_get_mont_data(group) != NULL) {
-        /*
-         * We want inverse in constant time, therefore we utilize the fact
-         * order must be prime and use Fermats Little Theorem instead.
-         */
-        if (!BN_set_word(X, 2)) {
-            ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
-            goto err;
-        }
-        if (!BN_mod_sub(X, order, X, order, ctx)) {
-            ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
-            goto err;
-        }
-        BN_set_flags(X, BN_FLG_CONSTTIME);
-        if (!BN_mod_exp_mont_consttime
-            (k, k, X, order, ctx, EC_GROUP_get_mont_data(group))) {
-            ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
-            goto err;
-        }
-    } else {
-        if (!BN_mod_inverse(k, k, order, ctx)) {
-            ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
-            goto err;
-        }
-    }
-
-    /* clear old values if necessary */
-    if (*rp != NULL)
-        BN_clear_free(*rp);
-    if (*kinvp != NULL)
-        BN_clear_free(*kinvp);
-    /* save the pre-computed values  */
-    *rp = r;
-    *kinvp = k;
-    ret = 1;
- err:
-    if (!ret) {
-        if (k != NULL)
-            BN_clear_free(k);
-        if (r != NULL)
-            BN_clear_free(r);
-    }
-    if (ctx_in == NULL)
-        BN_CTX_free(ctx);
-    if (order != NULL)
-        BN_free(order);
-    if (tmp_point != NULL)
-        EC_POINT_free(tmp_point);
-    if (X)
-        BN_clear_free(X);
-    return (ret);
-}
-
-static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
-                                const BIGNUM *in_kinv, const BIGNUM *in_r,
-                                EC_KEY *eckey)
-{
-    int ok = 0, i;
-    BIGNUM *kinv = NULL, *s, *m = NULL, *tmp = NULL, *order = NULL;
-    const BIGNUM *ckinv;
-    BN_CTX *ctx = NULL;
-    const EC_GROUP *group;
-    ECDSA_SIG *ret;
-    ECDSA_DATA *ecdsa;
-    const BIGNUM *priv_key;
-
-    ecdsa = ecdsa_check(eckey);
-    group = EC_KEY_get0_group(eckey);
-    priv_key = EC_KEY_get0_private_key(eckey);
-
-    if (group == NULL || priv_key == NULL || ecdsa == NULL) {
-        ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER);
-        return NULL;
-    }
-
-    ret = ECDSA_SIG_new();
-    if (!ret) {
-        ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    s = ret->s;
-
-    if ((ctx = BN_CTX_new()) == NULL || (order = BN_new()) == NULL ||
-        (tmp = BN_new()) == NULL || (m = BN_new()) == NULL) {
-        ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (!EC_GROUP_get_order(group, order, ctx)) {
-        ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
-        goto err;
-    }
-    i = BN_num_bits(order);
-    /*
-     * Need to truncate digest if it is too long: first truncate whole bytes.
-     */
-    if (8 * dgst_len > i)
-        dgst_len = (i + 7) / 8;
-    if (!BN_bin2bn(dgst, dgst_len, m)) {
-        ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
-        goto err;
-    }
-    /* If still too long truncate remaining bits with a shift */
-    if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) {
-        ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
-        goto err;
-    }
-    do {
-        if (in_kinv == NULL || in_r == NULL) {
-            if (!ECDSA_sign_setup(eckey, ctx, &kinv, &ret->r)) {
-                ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_ECDSA_LIB);
-                goto err;
-            }
-            ckinv = kinv;
-        } else {
-            ckinv = in_kinv;
-            if (BN_copy(ret->r, in_r) == NULL) {
-                ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-        }
-
-        if (!BN_mod_mul(tmp, priv_key, ret->r, order, ctx)) {
-            ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
-            goto err;
-        }
-        if (!BN_mod_add_quick(s, tmp, m, order)) {
-            ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
-            goto err;
-        }
-        if (!BN_mod_mul(s, s, ckinv, order, ctx)) {
-            ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
-            goto err;
-        }
-        if (BN_is_zero(s)) {
-            /*
-             * if kinv and r have been supplied by the caller don't to
-             * generate new kinv and r values
-             */
-            if (in_kinv != NULL && in_r != NULL) {
-                ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,
-                         ECDSA_R_NEED_NEW_SETUP_VALUES);
-                goto err;
-            }
-        } else
-            /* s != 0 => we have a valid signature */
-            break;
-    }
-    while (1);
-
-    ok = 1;
- err:
-    if (!ok) {
-        ECDSA_SIG_free(ret);
-        ret = NULL;
-    }
-    if (ctx)
-        BN_CTX_free(ctx);
-    if (m)
-        BN_clear_free(m);
-    if (tmp)
-        BN_clear_free(tmp);
-    if (order)
-        BN_free(order);
-    if (kinv)
-        BN_clear_free(kinv);
-    return ret;
-}
-
-static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
-                           const ECDSA_SIG *sig, EC_KEY *eckey)
-{
-    int ret = -1, i;
-    BN_CTX *ctx;
-    BIGNUM *order, *u1, *u2, *m, *X;
-    EC_POINT *point = NULL;
-    const EC_GROUP *group;
-    const EC_POINT *pub_key;
-
-    /* check input values */
-    if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL ||
-        (pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL) {
-        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_MISSING_PARAMETERS);
-        return -1;
-    }
-
-    ctx = BN_CTX_new();
-    if (!ctx) {
-        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
-        return -1;
-    }
-    BN_CTX_start(ctx);
-    order = BN_CTX_get(ctx);
-    u1 = BN_CTX_get(ctx);
-    u2 = BN_CTX_get(ctx);
-    m = BN_CTX_get(ctx);
-    X = BN_CTX_get(ctx);
-    if (!X) {
-        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
-        goto err;
-    }
-
-    if (!EC_GROUP_get_order(group, order, ctx)) {
-        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
-        goto err;
-    }
-
-    if (BN_is_zero(sig->r) || BN_is_negative(sig->r) ||
-        BN_ucmp(sig->r, order) >= 0 || BN_is_zero(sig->s) ||
-        BN_is_negative(sig->s) || BN_ucmp(sig->s, order) >= 0) {
-        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_BAD_SIGNATURE);
-        ret = 0;                /* signature is invalid */
-        goto err;
-    }
-    /* calculate tmp1 = inv(S) mod order */
-    if (!BN_mod_inverse(u2, sig->s, order, ctx)) {
-        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
-        goto err;
-    }
-    /* digest -> m */
-    i = BN_num_bits(order);
-    /*
-     * Need to truncate digest if it is too long: first truncate whole bytes.
-     */
-    if (8 * dgst_len > i)
-        dgst_len = (i + 7) / 8;
-    if (!BN_bin2bn(dgst, dgst_len, m)) {
-        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
-        goto err;
-    }
-    /* If still too long truncate remaining bits with a shift */
-    if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) {
-        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
-        goto err;
-    }
-    /* u1 = m * tmp mod order */
-    if (!BN_mod_mul(u1, m, u2, order, ctx)) {
-        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
-        goto err;
-    }
-    /* u2 = r * w mod q */
-    if (!BN_mod_mul(u2, sig->r, u2, order, ctx)) {
-        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
-        goto err;
-    }
-
-    if ((point = EC_POINT_new(group)) == NULL) {
-        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    if (!EC_POINT_mul(group, point, u1, pub_key, u2, ctx)) {
-        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
-        goto err;
-    }
-    if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
-        NID_X9_62_prime_field) {
-        if (!EC_POINT_get_affine_coordinates_GFp(group, point, X, NULL, ctx)) {
-            ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
-            goto err;
-        }
-    }
-#ifndef OPENSSL_NO_EC2M
-    else {                      /* NID_X9_62_characteristic_two_field */
-
-        if (!EC_POINT_get_affine_coordinates_GF2m(group, point, X, NULL, ctx)) {
-            ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
-            goto err;
-        }
-    }
-#endif
-    if (!BN_nnmod(u1, X, order, ctx)) {
-        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
-        goto err;
-    }
-    /*  if the signature is correct u1 is equal to sig->r */
-    ret = (BN_ucmp(u1, sig->r) == 0);
- err:
-    BN_CTX_end(ctx);
-    BN_CTX_free(ctx);
-    if (point)
-        EC_POINT_free(point);
-    return ret;
-}
diff --git a/thirdparty/openssl/crypto/ecdsa/ecs_sign.c b/thirdparty/openssl/crypto/ecdsa/ecs_sign.c
deleted file mode 100644
index 28652d455d..0000000000
--- a/thirdparty/openssl/crypto/ecdsa/ecs_sign.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/* crypto/ecdsa/ecdsa_sign.c */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ecs_locl.h"
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-#include <openssl/rand.h>
-
-ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey)
-{
-    return ECDSA_do_sign_ex(dgst, dlen, NULL, NULL, eckey);
-}
-
-ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dlen,
-                            const BIGNUM *kinv, const BIGNUM *rp,
-                            EC_KEY *eckey)
-{
-    ECDSA_DATA *ecdsa = ecdsa_check(eckey);
-    if (ecdsa == NULL)
-        return NULL;
-    return ecdsa->meth->ecdsa_do_sign(dgst, dlen, kinv, rp, eckey);
-}
-
-int ECDSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char
-               *sig, unsigned int *siglen, EC_KEY *eckey)
-{
-    return ECDSA_sign_ex(type, dgst, dlen, sig, siglen, NULL, NULL, eckey);
-}
-
-int ECDSA_sign_ex(int type, const unsigned char *dgst, int dlen, unsigned char
-                  *sig, unsigned int *siglen, const BIGNUM *kinv,
-                  const BIGNUM *r, EC_KEY *eckey)
-{
-    ECDSA_SIG *s;
-    RAND_seed(dgst, dlen);
-    s = ECDSA_do_sign_ex(dgst, dlen, kinv, r, eckey);
-    if (s == NULL) {
-        *siglen = 0;
-        return 0;
-    }
-    *siglen = i2d_ECDSA_SIG(s, &sig);
-    ECDSA_SIG_free(s);
-    return 1;
-}
-
-int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
-                     BIGNUM **rp)
-{
-    ECDSA_DATA *ecdsa = ecdsa_check(eckey);
-    if (ecdsa == NULL)
-        return 0;
-    return ecdsa->meth->ecdsa_sign_setup(eckey, ctx_in, kinvp, rp);
-}
diff --git a/thirdparty/openssl/crypto/ecdsa/ecs_vrf.c b/thirdparty/openssl/crypto/ecdsa/ecs_vrf.c
deleted file mode 100644
index e909aeb400..0000000000
--- a/thirdparty/openssl/crypto/ecdsa/ecs_vrf.c
+++ /dev/null
@@ -1,112 +0,0 @@
-/* crypto/ecdsa/ecdsa_vrf.c */
-/*
- * Written by Nils Larsch for the OpenSSL project
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ecs_locl.h"
-#include <string.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-
-/*-
- * returns
- *      1: correct signature
- *      0: incorrect signature
- *     -1: error
- */
-int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
-                    const ECDSA_SIG *sig, EC_KEY *eckey)
-{
-    ECDSA_DATA *ecdsa = ecdsa_check(eckey);
-    if (ecdsa == NULL)
-        return 0;
-    return ecdsa->meth->ecdsa_do_verify(dgst, dgst_len, sig, eckey);
-}
-
-/*-
- * returns
- *      1: correct signature
- *      0: incorrect signature
- *     -1: error
- */
-int ECDSA_verify(int type, const unsigned char *dgst, int dgst_len,
-                 const unsigned char *sigbuf, int sig_len, EC_KEY *eckey)
-{
-    ECDSA_SIG *s;
-    const unsigned char *p = sigbuf;
-    unsigned char *der = NULL;
-    int derlen = -1;
-    int ret = -1;
-
-    s = ECDSA_SIG_new();
-    if (s == NULL)
-        return (ret);
-    if (d2i_ECDSA_SIG(&s, &p, sig_len) == NULL)
-        goto err;
-    /* Ensure signature uses DER and doesn't have trailing garbage */
-    derlen = i2d_ECDSA_SIG(s, &der);
-    if (derlen != sig_len || memcmp(sigbuf, der, derlen))
-        goto err;
-    ret = ECDSA_do_verify(dgst, dgst_len, s, eckey);
- err:
-    if (derlen > 0) {
-        OPENSSL_cleanse(der, derlen);
-        OPENSSL_free(der);
-    }
-    ECDSA_SIG_free(s);
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/engine/README b/thirdparty/openssl/crypto/engine/README
deleted file mode 100644
index 6b69b70f57..0000000000
--- a/thirdparty/openssl/crypto/engine/README
+++ /dev/null
@@ -1,211 +0,0 @@
-Notes: 2001-09-24
------------------
-
-This "description" (if one chooses to call it that) needed some major updating
-so here goes. This update addresses a change being made at the same time to
-OpenSSL, and it pretty much completely restructures the underlying mechanics of
-the "ENGINE" code. So it serves a double purpose of being a "ENGINE internals
-for masochists" document *and* a rather extensive commit log message. (I'd get
-lynched for sticking all this in CHANGES or the commit mails :-).
-
-ENGINE_TABLE underlies this restructuring, as described in the internal header
-"eng_int.h", implemented in eng_table.c, and used in each of the "class" files;
-tb_rsa.c, tb_dsa.c, etc.
-
-However, "EVP_CIPHER" underlies the motivation and design of ENGINE_TABLE so
-I'll mention a bit about that first. EVP_CIPHER (and most of this applies
-equally to EVP_MD for digests) is both a "method" and a algorithm/mode
-identifier that, in the current API, "lingers". These cipher description +
-implementation structures can be defined or obtained directly by applications,
-or can be loaded "en masse" into EVP storage so that they can be catalogued and
-searched in various ways, ie. two ways of encrypting with the "des_cbc"
-algorithm/mode pair are;
-
-(i) directly;
-     const EVP_CIPHER *cipher = EVP_des_cbc();
-     EVP_EncryptInit(&ctx, cipher, key, iv);
-     [ ... use EVP_EncryptUpdate() and EVP_EncryptFinal() ...]
-
-(ii) indirectly; 
-     OpenSSL_add_all_ciphers();
-     cipher = EVP_get_cipherbyname("des_cbc");
-     EVP_EncryptInit(&ctx, cipher, key, iv);
-     [ ... etc ... ]
-
-The latter is more generally used because it also allows ciphers/digests to be
-looked up based on other identifiers which can be useful for automatic cipher
-selection, eg. in SSL/TLS, or by user-controllable configuration.
-
-The important point about this is that EVP_CIPHER definitions and structures are
-passed around with impunity and there is no safe way, without requiring massive
-rewrites of many applications, to assume that EVP_CIPHERs can be reference
-counted. One an EVP_CIPHER is exposed to the caller, neither it nor anything it
-comes from can "safely" be destroyed. Unless of course the way of getting to
-such ciphers is via entirely distinct API calls that didn't exist before.
-However existing API usage cannot be made to understand when an EVP_CIPHER
-pointer, that has been passed to the caller, is no longer being used.
-
-The other problem with the existing API w.r.t. to hooking EVP_CIPHER support
-into ENGINE is storage - the OBJ_NAME-based storage used by EVP to register
-ciphers simultaneously registers cipher *types* and cipher *implementations* -
-they are effectively the same thing, an "EVP_CIPHER" pointer. The problem with
-hooking in ENGINEs is that multiple ENGINEs may implement the same ciphers. The
-solution is necessarily that ENGINE-provided ciphers simply are not registered,
-stored, or exposed to the caller in the same manner as existing ciphers. This is
-especially necessary considering the fact ENGINE uses reference counts to allow
-for cleanup, modularity, and DSO support - yet EVP_CIPHERs, as exposed to
-callers in the current API, support no such controls.
-
-Another sticking point for integrating cipher support into ENGINE is linkage.
-Already there is a problem with the way ENGINE supports RSA, DSA, etc whereby
-they are available *because* they're part of a giant ENGINE called "openssl".
-Ie. all implementations *have* to come from an ENGINE, but we get round that by
-having a giant ENGINE with all the software support encapsulated. This creates
-linker hassles if nothing else - linking a 1-line application that calls 2 basic
-RSA functions (eg. "RSA_free(RSA_new());") will result in large quantities of
-ENGINE code being linked in *and* because of that DSA, DH, and RAND also. If we
-continue with this approach for EVP_CIPHER support (even if it *was* possible)
-we would lose our ability to link selectively by selectively loading certain
-implementations of certain functionality. Touching any part of any kind of
-crypto would result in massive static linkage of everything else. So the
-solution is to change the way ENGINE feeds existing "classes", ie. how the
-hooking to ENGINE works from RSA, DSA, DH, RAND, as well as adding new hooking
-for EVP_CIPHER, and EVP_MD.
-
-The way this is now being done is by mostly reverting back to how things used to
-work prior to ENGINE :-). Ie. RSA now has a "RSA_METHOD" pointer again - this
-was previously replaced by an "ENGINE" pointer and all RSA code that required
-the RSA_METHOD would call ENGINE_get_RSA() each time on its ENGINE handle to
-temporarily get and use the ENGINE's RSA implementation. Apart from being more
-efficient, switching back to each RSA having an RSA_METHOD pointer also allows
-us to conceivably operate with *no* ENGINE. As we'll see, this removes any need
-for a fallback ENGINE that encapsulates default implementations - we can simply
-have our RSA structure pointing its RSA_METHOD pointer to the software
-implementation and have its ENGINE pointer set to NULL.
-
-A look at the EVP_CIPHER hooking is most explanatory, the RSA, DSA (etc) cases
-turn out to be degenerate forms of the same thing. The EVP storage of ciphers,
-and the existing EVP API functions that return "software" implementations and
-descriptions remain untouched. However, the storage takes more meaning in terms
-of "cipher description" and less meaning in terms of "implementation". When an
-EVP_CIPHER_CTX is actually initialised with an EVP_CIPHER method and is about to
-begin en/decryption, the hooking to ENGINE comes into play. What happens is that
-cipher-specific ENGINE code is asked for an ENGINE pointer (a functional
-reference) for any ENGINE that is registered to perform the algo/mode that the
-provided EVP_CIPHER structure represents. Under normal circumstances, that
-ENGINE code will return NULL because no ENGINEs will have had any cipher
-implementations *registered*. As such, a NULL ENGINE pointer is stored in the
-EVP_CIPHER_CTX context, and the EVP_CIPHER structure is left hooked into the
-context and so is used as the implementation. Pretty much how things work now
-except we'd have a redundant ENGINE pointer set to NULL and doing nothing.
-
-Conversely, if an ENGINE *has* been registered to perform the algorithm/mode
-combination represented by the provided EVP_CIPHER, then a functional reference
-to that ENGINE will be returned to the EVP_CIPHER_CTX during initialisation.
-That functional reference will be stored in the context (and released on
-cleanup) - and having that reference provides a *safe* way to use an EVP_CIPHER
-definition that is private to the ENGINE. Ie. the EVP_CIPHER provided by the
-application will actually be replaced by an EVP_CIPHER from the registered
-ENGINE - it will support the same algorithm/mode as the original but will be a
-completely different implementation. Because this EVP_CIPHER isn't stored in the
-EVP storage, nor is it returned to applications from traditional API functions,
-there is no associated problem with it not having reference counts. And of
-course, when one of these "private" cipher implementations is hooked into
-EVP_CIPHER_CTX, it is done whilst the EVP_CIPHER_CTX holds a functional
-reference to the ENGINE that owns it, thus the use of the ENGINE's EVP_CIPHER is
-safe.
-
-The "cipher-specific ENGINE code" I mentioned is implemented in tb_cipher.c but
-in essence it is simply an instantiation of "ENGINE_TABLE" code for use by
-EVP_CIPHER code. tb_digest.c is virtually identical but, of course, it is for
-use by EVP_MD code. Ditto for tb_rsa.c, tb_dsa.c, etc. These instantiations of
-ENGINE_TABLE essentially provide linker-separation of the classes so that even
-if ENGINEs implement *all* possible algorithms, an application using only
-EVP_CIPHER code will link at most code relating to EVP_CIPHER, tb_cipher.c, core
-ENGINE code that is independant of class, and of course the ENGINE
-implementation that the application loaded. It will *not* however link any
-class-specific ENGINE code for digests, RSA, etc nor will it bleed over into
-other APIs, such as the RSA/DSA/etc library code.
-
-ENGINE_TABLE is a little more complicated than may seem necessary but this is
-mostly to avoid a lot of "init()"-thrashing on ENGINEs (that may have to load
-DSOs, and other expensive setup that shouldn't be thrashed unnecessarily) *and*
-to duplicate "default" behaviour. Basically an ENGINE_TABLE instantiation, for
-example tb_cipher.c, implements a hash-table keyed by integer "nid" values.
-These nids provide the uniquenness of an algorithm/mode - and each nid will hash
-to a potentially NULL "ENGINE_PILE". An ENGINE_PILE is essentially a list of
-pointers to ENGINEs that implement that particular 'nid'. Each "pile" uses some
-caching tricks such that requests on that 'nid' will be cached and all future
-requests will return immediately (well, at least with minimal operation) unless
-a change is made to the pile, eg. perhaps an ENGINE was unloaded. The reason is
-that an application could have support for 10 ENGINEs statically linked
-in, and the machine in question may not have any of the hardware those 10
-ENGINEs support. If each of those ENGINEs has a "des_cbc" implementation, we
-want to avoid every EVP_CIPHER_CTX setup from trying (and failing) to initialise
-each of those 10 ENGINEs. Instead, the first such request will try to do that
-and will either return (and cache) a NULL ENGINE pointer or will return a
-functional reference to the first that successfully initialised. In the latter
-case it will also cache an extra functional reference to the ENGINE as a
-"default" for that 'nid'. The caching is acknowledged by a 'uptodate' variable
-that is unset only if un/registration takes place on that pile. Ie. if
-implementations of "des_cbc" are added or removed. This behaviour can be
-tweaked; the ENGINE_TABLE_FLAG_NOINIT value can be passed to
-ENGINE_set_table_flags(), in which case the only ENGINEs that tb_cipher.c will
-try to initialise from the "pile" will be those that are already initialised
-(ie. it's simply an increment of the functional reference count, and no real
-"initialisation" will take place).
-
-RSA, DSA, DH, and RAND all have their own ENGINE_TABLE code as well, and the
-difference is that they all use an implicit 'nid' of 1. Whereas EVP_CIPHERs are
-actually qualitatively different depending on 'nid' (the "des_cbc" EVP_CIPHER is
-not an interoperable implementation of "aes_256_cbc"), RSA_METHODs are
-necessarily interoperable and don't have different flavours, only different
-implementations. In other words, the ENGINE_TABLE for RSA will either be empty,
-or will have a single ENGING_PILE hashed to by the 'nid' 1 and that pile
-represents ENGINEs that implement the single "type" of RSA there is.
-
-Cleanup - the registration and unregistration may pose questions about how
-cleanup works with the ENGINE_PILE doing all this caching nonsense (ie. when the
-application or EVP_CIPHER code releases its last reference to an ENGINE, the
-ENGINE_PILE code may still have references and thus those ENGINEs will stay
-hooked in forever). The way this is handled is via "unregistration". With these
-new ENGINE changes, an abstract ENGINE can be loaded and initialised, but that
-is an algorithm-agnostic process. Even if initialised, it will not have
-registered any of its implementations (to do so would link all class "table"
-code despite the fact the application may use only ciphers, for example). This
-is deliberately a distinct step. Moreover, registration and unregistration has
-nothing to do with whether an ENGINE is *functional* or not (ie. you can even
-register an ENGINE and its implementations without it being operational, you may
-not even have the drivers to make it operate). What actually happens with
-respect to cleanup is managed inside eng_lib.c with the "engine_cleanup_***"
-functions. These functions are internal-only and each part of ENGINE code that
-could require cleanup will, upon performing its first allocation, register a
-callback with the "engine_cleanup" code. The other part of this that makes it
-tick is that the ENGINE_TABLE instantiations (tb_***.c) use NULL as their
-initialised state. So if RSA code asks for an ENGINE and no ENGINE has
-registered an implementation, the code will simply return NULL and the tb_rsa.c
-state will be unchanged. Thus, no cleanup is required unless registration takes
-place. ENGINE_cleanup() will simply iterate across a list of registered cleanup
-callbacks calling each in turn, and will then internally delete its own storage
-(a STACK). When a cleanup callback is next registered (eg. if the cleanup() is
-part of a gracefull restart and the application wants to cleanup all state then
-start again), the internal STACK storage will be freshly allocated. This is much
-the same as the situation in the ENGINE_TABLE instantiations ... NULL is the
-initialised state, so only modification operations (not queries) will cause that
-code to have to register a cleanup.
-
-What else? The bignum callbacks and associated ENGINE functions have been
-removed for two obvious reasons; (i) there was no way to generalise them to the
-mechanism now used by RSA/DSA/..., because there's no such thing as a BIGNUM
-method, and (ii) because of (i), there was no meaningful way for library or
-application code to automatically hook and use ENGINE supplied bignum functions
-anyway. Also, ENGINE_cpy() has been removed (although an internal-only version
-exists) - the idea of providing an ENGINE_cpy() function probably wasn't a good
-one and now certainly doesn't make sense in any generalised way. Some of the
-RSA, DSA, DH, and RAND functions that were fiddled during the original ENGINE
-changes have now, as a consequence, been reverted back. This is because the
-hooking of ENGINE is now automatic (and passive, it can interally use a NULL
-ENGINE pointer to simply ignore ENGINE from then on).
-
-Hell, that should be enough for now ... comments welcome: geoff@openssl.org
-
diff --git a/thirdparty/openssl/crypto/engine/eng_all.c b/thirdparty/openssl/crypto/engine/eng_all.c
deleted file mode 100644
index 48ad0d26b4..0000000000
--- a/thirdparty/openssl/crypto/engine/eng_all.c
+++ /dev/null
@@ -1,136 +0,0 @@
-/* crypto/engine/eng_all.c */
-/*
- * Written by Richard Levitte <richard@levitte.org> for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include "eng_int.h"
-
-void ENGINE_load_builtin_engines(void)
-{
-    /* Some ENGINEs need this */
-    OPENSSL_cpuid_setup();
-#if 0
-    /*
-     * There's no longer any need for an "openssl" ENGINE unless, one day, it
-     * is the *only* way for standard builtin implementations to be be
-     * accessed (ie. it would be possible to statically link binaries with
-     * *no* builtin implementations).
-     */
-    ENGINE_load_openssl();
-#endif
-#if !defined(OPENSSL_NO_HW) && (defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV))
-    ENGINE_load_cryptodev();
-#endif
-#ifndef OPENSSL_NO_RDRAND
-    ENGINE_load_rdrand();
-#endif
-    ENGINE_load_dynamic();
-#ifndef OPENSSL_NO_STATIC_ENGINE
-# ifndef OPENSSL_NO_HW
-#  ifndef OPENSSL_NO_HW_4758_CCA
-    ENGINE_load_4758cca();
-#  endif
-#  ifndef OPENSSL_NO_HW_AEP
-    ENGINE_load_aep();
-#  endif
-#  ifndef OPENSSL_NO_HW_ATALLA
-    ENGINE_load_atalla();
-#  endif
-#  ifndef OPENSSL_NO_HW_CSWIFT
-    ENGINE_load_cswift();
-#  endif
-#  ifndef OPENSSL_NO_HW_NCIPHER
-    ENGINE_load_chil();
-#  endif
-#  ifndef OPENSSL_NO_HW_NURON
-    ENGINE_load_nuron();
-#  endif
-#  ifndef OPENSSL_NO_HW_SUREWARE
-    ENGINE_load_sureware();
-#  endif
-#  ifndef OPENSSL_NO_HW_UBSEC
-    ENGINE_load_ubsec();
-#  endif
-#  ifndef OPENSSL_NO_HW_PADLOCK
-    ENGINE_load_padlock();
-#  endif
-# endif
-# ifndef OPENSSL_NO_GOST
-    ENGINE_load_gost();
-# endif
-# ifndef OPENSSL_NO_GMP
-    ENGINE_load_gmp();
-# endif
-# if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG)
-    ENGINE_load_capi();
-# endif
-#endif
-    ENGINE_register_all_complete();
-}
-
-#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
-void ENGINE_setup_bsd_cryptodev(void)
-{
-    static int bsd_cryptodev_default_loaded = 0;
-    if (!bsd_cryptodev_default_loaded) {
-        ENGINE_load_cryptodev();
-        ENGINE_register_all_complete();
-    }
-    bsd_cryptodev_default_loaded = 1;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/engine/eng_cnf.c b/thirdparty/openssl/crypto/engine/eng_cnf.c
deleted file mode 100644
index f09bec4e9a..0000000000
--- a/thirdparty/openssl/crypto/engine/eng_cnf.c
+++ /dev/null
@@ -1,242 +0,0 @@
-/* eng_cnf.c */
-/*
- * Written by Stephen Henson (steve@openssl.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-#include <openssl/conf.h>
-
-/* #define ENGINE_CONF_DEBUG */
-
-/* ENGINE config module */
-
-static char *skip_dot(char *name)
-{
-    char *p;
-    p = strchr(name, '.');
-    if (p)
-        return p + 1;
-    return name;
-}
-
-static STACK_OF(ENGINE) *initialized_engines = NULL;
-
-static int int_engine_init(ENGINE *e)
-{
-    if (!ENGINE_init(e))
-        return 0;
-    if (!initialized_engines)
-        initialized_engines = sk_ENGINE_new_null();
-    if (!initialized_engines || !sk_ENGINE_push(initialized_engines, e)) {
-        ENGINE_finish(e);
-        return 0;
-    }
-    return 1;
-}
-
-static int int_engine_configure(char *name, char *value, const CONF *cnf)
-{
-    int i;
-    int ret = 0;
-    long do_init = -1;
-    STACK_OF(CONF_VALUE) *ecmds;
-    CONF_VALUE *ecmd = NULL;
-    char *ctrlname, *ctrlvalue;
-    ENGINE *e = NULL;
-    int soft = 0;
-
-    name = skip_dot(name);
-#ifdef ENGINE_CONF_DEBUG
-    fprintf(stderr, "Configuring engine %s\n", name);
-#endif
-    /* Value is a section containing ENGINE commands */
-    ecmds = NCONF_get_section(cnf, value);
-
-    if (!ecmds) {
-        ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE,
-                  ENGINE_R_ENGINE_SECTION_ERROR);
-        return 0;
-    }
-
-    for (i = 0; i < sk_CONF_VALUE_num(ecmds); i++) {
-        ecmd = sk_CONF_VALUE_value(ecmds, i);
-        ctrlname = skip_dot(ecmd->name);
-        ctrlvalue = ecmd->value;
-#ifdef ENGINE_CONF_DEBUG
-        fprintf(stderr, "ENGINE conf: doing ctrl(%s,%s)\n", ctrlname,
-                ctrlvalue);
-#endif
-
-        /* First handle some special pseudo ctrls */
-
-        /* Override engine name to use */
-        if (!strcmp(ctrlname, "engine_id"))
-            name = ctrlvalue;
-        else if (!strcmp(ctrlname, "soft_load"))
-            soft = 1;
-        /* Load a dynamic ENGINE */
-        else if (!strcmp(ctrlname, "dynamic_path")) {
-            e = ENGINE_by_id("dynamic");
-            if (!e)
-                goto err;
-            if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", ctrlvalue, 0))
-                goto err;
-            if (!ENGINE_ctrl_cmd_string(e, "LIST_ADD", "2", 0))
-                goto err;
-            if (!ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0))
-                goto err;
-        }
-        /* ... add other pseudos here ... */
-        else {
-            /*
-             * At this point we need an ENGINE structural reference if we
-             * don't already have one.
-             */
-            if (!e) {
-                e = ENGINE_by_id(name);
-                if (!e && soft) {
-                    ERR_clear_error();
-                    return 1;
-                }
-                if (!e)
-                    goto err;
-            }
-            /*
-             * Allow "EMPTY" to mean no value: this allows a valid "value" to
-             * be passed to ctrls of type NO_INPUT
-             */
-            if (!strcmp(ctrlvalue, "EMPTY"))
-                ctrlvalue = NULL;
-            if (!strcmp(ctrlname, "init")) {
-                if (!NCONF_get_number_e(cnf, value, "init", &do_init))
-                    goto err;
-                if (do_init == 1) {
-                    if (!int_engine_init(e))
-                        goto err;
-                } else if (do_init != 0) {
-                    ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE,
-                              ENGINE_R_INVALID_INIT_VALUE);
-                    goto err;
-                }
-            } else if (!strcmp(ctrlname, "default_algorithms")) {
-                if (!ENGINE_set_default_string(e, ctrlvalue))
-                    goto err;
-            } else if (!ENGINE_ctrl_cmd_string(e, ctrlname, ctrlvalue, 0))
-                goto err;
-        }
-
-    }
-    if (e && (do_init == -1) && !int_engine_init(e)) {
-        ecmd = NULL;
-        goto err;
-    }
-    ret = 1;
- err:
-    if (ret != 1) {
-        ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE,
-                  ENGINE_R_ENGINE_CONFIGURATION_ERROR);
-        if (ecmd)
-            ERR_add_error_data(6, "section=", ecmd->section,
-                               ", name=", ecmd->name,
-                               ", value=", ecmd->value);
-    }
-    if (e)
-        ENGINE_free(e);
-    return ret;
-}
-
-static int int_engine_module_init(CONF_IMODULE *md, const CONF *cnf)
-{
-    STACK_OF(CONF_VALUE) *elist;
-    CONF_VALUE *cval;
-    int i;
-#ifdef ENGINE_CONF_DEBUG
-    fprintf(stderr, "Called engine module: name %s, value %s\n",
-            CONF_imodule_get_name(md), CONF_imodule_get_value(md));
-#endif
-    /* Value is a section containing ENGINEs to configure */
-    elist = NCONF_get_section(cnf, CONF_imodule_get_value(md));
-
-    if (!elist) {
-        ENGINEerr(ENGINE_F_INT_ENGINE_MODULE_INIT,
-                  ENGINE_R_ENGINES_SECTION_ERROR);
-        return 0;
-    }
-
-    for (i = 0; i < sk_CONF_VALUE_num(elist); i++) {
-        cval = sk_CONF_VALUE_value(elist, i);
-        if (!int_engine_configure(cval->name, cval->value, cnf))
-            return 0;
-    }
-
-    return 1;
-}
-
-static void int_engine_module_finish(CONF_IMODULE *md)
-{
-    ENGINE *e;
-    while ((e = sk_ENGINE_pop(initialized_engines)))
-        ENGINE_finish(e);
-    sk_ENGINE_free(initialized_engines);
-    initialized_engines = NULL;
-}
-
-void ENGINE_add_conf_module(void)
-{
-    CONF_module_add("engines",
-                    int_engine_module_init, int_engine_module_finish);
-}
diff --git a/thirdparty/openssl/crypto/engine/eng_cryptodev.c b/thirdparty/openssl/crypto/engine/eng_cryptodev.c
deleted file mode 100644
index af59471c47..0000000000
--- a/thirdparty/openssl/crypto/engine/eng_cryptodev.c
+++ /dev/null
@@ -1,1549 +0,0 @@
-/*
- * Copyright (c) 2002 Bob Beck <beck@openbsd.org>
- * Copyright (c) 2002 Theo de Raadt
- * Copyright (c) 2002 Markus Friedl
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY
- * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include <string.h>
-#include <openssl/objects.h>
-#include <openssl/engine.h>
-#include <openssl/evp.h>
-#include <openssl/bn.h>
-
-#if (defined(__unix__) || defined(unix)) && !defined(USG) && \
-        (defined(OpenBSD) || defined(__FreeBSD__))
-# include <sys/param.h>
-# if (OpenBSD >= 200112) || ((__FreeBSD_version >= 470101 && __FreeBSD_version < 500000) || __FreeBSD_version >= 500041)
-#  define HAVE_CRYPTODEV
-# endif
-# if (OpenBSD >= 200110)
-#  define HAVE_SYSLOG_R
-# endif
-#endif
-
-#ifndef HAVE_CRYPTODEV
-
-void ENGINE_load_cryptodev(void)
-{
-    /* This is a NOP on platforms without /dev/crypto */
-    return;
-}
-
-#else
-
-# include <sys/types.h>
-# include <crypto/cryptodev.h>
-# include <openssl/dh.h>
-# include <openssl/dsa.h>
-# include <openssl/err.h>
-# include <openssl/rsa.h>
-# include <sys/ioctl.h>
-# include <errno.h>
-# include <stdio.h>
-# include <unistd.h>
-# include <fcntl.h>
-# include <stdarg.h>
-# include <syslog.h>
-# include <errno.h>
-# include <string.h>
-
-struct dev_crypto_state {
-    struct session_op d_sess;
-    int d_fd;
-# ifdef USE_CRYPTODEV_DIGESTS
-    char dummy_mac_key[HASH_MAX_LEN];
-    unsigned char digest_res[HASH_MAX_LEN];
-    char *mac_data;
-    int mac_len;
-# endif
-};
-
-static u_int32_t cryptodev_asymfeat = 0;
-
-static int get_asym_dev_crypto(void);
-static int open_dev_crypto(void);
-static int get_dev_crypto(void);
-static int get_cryptodev_ciphers(const int **cnids);
-# ifdef USE_CRYPTODEV_DIGESTS
-static int get_cryptodev_digests(const int **cnids);
-# endif
-static int cryptodev_usable_ciphers(const int **nids);
-static int cryptodev_usable_digests(const int **nids);
-static int cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                            const unsigned char *in, size_t inl);
-static int cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                              const unsigned char *iv, int enc);
-static int cryptodev_cleanup(EVP_CIPHER_CTX *ctx);
-static int cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
-                                    const int **nids, int nid);
-static int cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
-                                    const int **nids, int nid);
-static int bn2crparam(const BIGNUM *a, struct crparam *crp);
-static int crparam2bn(struct crparam *crp, BIGNUM *a);
-static void zapparams(struct crypt_kop *kop);
-static int cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r,
-                          int slen, BIGNUM *s);
-
-static int cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a,
-                                const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-                                BN_MONT_CTX *m_ctx);
-static int cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
-                                       BN_CTX *ctx);
-static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
-                                 BN_CTX *ctx);
-static int cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a,
-                                    const BIGNUM *p, const BIGNUM *m,
-                                    BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-static int cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g,
-                                     BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2,
-                                     BIGNUM *p, BN_CTX *ctx,
-                                     BN_MONT_CTX *mont);
-static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen,
-                                      DSA *dsa);
-static int cryptodev_dsa_verify(const unsigned char *dgst, int dgst_len,
-                                DSA_SIG *sig, DSA *dsa);
-static int cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
-                                const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-                                BN_MONT_CTX *m_ctx);
-static int cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key,
-                                    DH *dh);
-static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p,
-                          void (*f) (void));
-void ENGINE_load_cryptodev(void);
-
-static const ENGINE_CMD_DEFN cryptodev_defns[] = {
-    {0, NULL, NULL, 0}
-};
-
-static struct {
-    int id;
-    int nid;
-    int ivmax;
-    int keylen;
-} ciphers[] = {
-    {
-        CRYPTO_ARC4, NID_rc4, 0, 16,
-    },
-    {
-        CRYPTO_DES_CBC, NID_des_cbc, 8, 8,
-    },
-    {
-        CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24,
-    },
-    {
-        CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16,
-    },
-    {
-        CRYPTO_AES_CBC, NID_aes_192_cbc, 16, 24,
-    },
-    {
-        CRYPTO_AES_CBC, NID_aes_256_cbc, 16, 32,
-    },
-# ifdef CRYPTO_AES_CTR
-    {
-        CRYPTO_AES_CTR, NID_aes_128_ctr, 14, 16,
-    },
-    {
-        CRYPTO_AES_CTR, NID_aes_192_ctr, 14, 24,
-    },
-    {
-        CRYPTO_AES_CTR, NID_aes_256_ctr, 14, 32,
-    },
-# endif
-    {
-        CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16,
-    },
-    {
-        CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16,
-    },
-    {
-        CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0,
-    },
-    {
-        0, NID_undef, 0, 0,
-    },
-};
-
-# ifdef USE_CRYPTODEV_DIGESTS
-static struct {
-    int id;
-    int nid;
-    int keylen;
-} digests[] = {
-    {
-        CRYPTO_MD5_HMAC, NID_hmacWithMD5, 16
-    },
-    {
-        CRYPTO_SHA1_HMAC, NID_hmacWithSHA1, 20
-    },
-    {
-        CRYPTO_RIPEMD160_HMAC, NID_ripemd160, 16
-        /* ? */
-    },
-    {
-        CRYPTO_MD5_KPDK, NID_undef, 0
-    },
-    {
-        CRYPTO_SHA1_KPDK, NID_undef, 0
-    },
-    {
-        CRYPTO_MD5, NID_md5, 16
-    },
-    {
-        CRYPTO_SHA1, NID_sha1, 20
-    },
-    {
-        0, NID_undef, 0
-    },
-};
-# endif
-
-/*
- * Return a fd if /dev/crypto seems usable, 0 otherwise.
- */
-static int open_dev_crypto(void)
-{
-    static int fd = -1;
-
-    if (fd == -1) {
-        if ((fd = open("/dev/crypto", O_RDWR, 0)) == -1)
-            return (-1);
-        /* close on exec */
-        if (fcntl(fd, F_SETFD, 1) == -1) {
-            close(fd);
-            fd = -1;
-            return (-1);
-        }
-    }
-    return (fd);
-}
-
-static int get_dev_crypto(void)
-{
-    int fd, retfd;
-
-    if ((fd = open_dev_crypto()) == -1)
-        return (-1);
-# ifndef CRIOGET_NOT_NEEDED
-    if (ioctl(fd, CRIOGET, &retfd) == -1)
-        return (-1);
-
-    /* close on exec */
-    if (fcntl(retfd, F_SETFD, 1) == -1) {
-        close(retfd);
-        return (-1);
-    }
-# else
-    retfd = fd;
-# endif
-    return (retfd);
-}
-
-static void put_dev_crypto(int fd)
-{
-# ifndef CRIOGET_NOT_NEEDED
-    close(fd);
-# endif
-}
-
-/* Caching version for asym operations */
-static int get_asym_dev_crypto(void)
-{
-    static int fd = -1;
-
-    if (fd == -1)
-        fd = get_dev_crypto();
-    return fd;
-}
-
-/*
- * Find out what ciphers /dev/crypto will let us have a session for.
- * XXX note, that some of these openssl doesn't deal with yet!
- * returning them here is harmless, as long as we return NULL
- * when asked for a handler in the cryptodev_engine_ciphers routine
- */
-static int get_cryptodev_ciphers(const int **cnids)
-{
-    static int nids[CRYPTO_ALGORITHM_MAX];
-    struct session_op sess;
-    int fd, i, count = 0;
-
-    if ((fd = get_dev_crypto()) < 0) {
-        *cnids = NULL;
-        return (0);
-    }
-    memset(&sess, 0, sizeof(sess));
-    sess.key = (caddr_t) "123456789abcdefghijklmno";
-
-    for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
-        if (ciphers[i].nid == NID_undef)
-            continue;
-        sess.cipher = ciphers[i].id;
-        sess.keylen = ciphers[i].keylen;
-        sess.mac = 0;
-        if (ioctl(fd, CIOCGSESSION, &sess) != -1 &&
-            ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
-            nids[count++] = ciphers[i].nid;
-    }
-    put_dev_crypto(fd);
-
-    if (count > 0)
-        *cnids = nids;
-    else
-        *cnids = NULL;
-    return (count);
-}
-
-# ifdef USE_CRYPTODEV_DIGESTS
-/*
- * Find out what digests /dev/crypto will let us have a session for.
- * XXX note, that some of these openssl doesn't deal with yet!
- * returning them here is harmless, as long as we return NULL
- * when asked for a handler in the cryptodev_engine_digests routine
- */
-static int get_cryptodev_digests(const int **cnids)
-{
-    static int nids[CRYPTO_ALGORITHM_MAX];
-    struct session_op sess;
-    int fd, i, count = 0;
-
-    if ((fd = get_dev_crypto()) < 0) {
-        *cnids = NULL;
-        return (0);
-    }
-    memset(&sess, 0, sizeof(sess));
-    sess.mackey = (caddr_t) "123456789abcdefghijklmno";
-    for (i = 0; digests[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
-        if (digests[i].nid == NID_undef)
-            continue;
-        sess.mac = digests[i].id;
-        sess.mackeylen = digests[i].keylen;
-        sess.cipher = 0;
-        if (ioctl(fd, CIOCGSESSION, &sess) != -1 &&
-            ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
-            nids[count++] = digests[i].nid;
-    }
-    put_dev_crypto(fd);
-
-    if (count > 0)
-        *cnids = nids;
-    else
-        *cnids = NULL;
-    return (count);
-}
-# endif                         /* 0 */
-
-/*
- * Find the useable ciphers|digests from dev/crypto - this is the first
- * thing called by the engine init crud which determines what it
- * can use for ciphers from this engine. We want to return
- * only what we can do, anythine else is handled by software.
- *
- * If we can't initialize the device to do anything useful for
- * any reason, we want to return a NULL array, and 0 length,
- * which forces everything to be done is software. By putting
- * the initalization of the device in here, we ensure we can
- * use this engine as the default, and if for whatever reason
- * /dev/crypto won't do what we want it will just be done in
- * software
- *
- * This can (should) be greatly expanded to perhaps take into
- * account speed of the device, and what we want to do.
- * (although the disabling of particular alg's could be controlled
- * by the device driver with sysctl's.) - this is where we
- * want most of the decisions made about what we actually want
- * to use from /dev/crypto.
- */
-static int cryptodev_usable_ciphers(const int **nids)
-{
-    return (get_cryptodev_ciphers(nids));
-}
-
-static int cryptodev_usable_digests(const int **nids)
-{
-# ifdef USE_CRYPTODEV_DIGESTS
-    return (get_cryptodev_digests(nids));
-# else
-    /*
-     * XXXX just disable all digests for now, because it sucks.
-     * we need a better way to decide this - i.e. I may not
-     * want digests on slow cards like hifn on fast machines,
-     * but might want them on slow or loaded machines, etc.
-     * will also want them when using crypto cards that don't
-     * suck moose gonads - would be nice to be able to decide something
-     * as reasonable default without having hackery that's card dependent.
-     * of course, the default should probably be just do everything,
-     * with perhaps a sysctl to turn algoritms off (or have them off
-     * by default) on cards that generally suck like the hifn.
-     */
-    *nids = NULL;
-    return (0);
-# endif
-}
-
-static int
-cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                 const unsigned char *in, size_t inl)
-{
-    struct crypt_op cryp;
-    struct dev_crypto_state *state = ctx->cipher_data;
-    struct session_op *sess = &state->d_sess;
-    const void *iiv;
-    unsigned char save_iv[EVP_MAX_IV_LENGTH];
-
-    if (state->d_fd < 0)
-        return (0);
-    if (!inl)
-        return (1);
-    if ((inl % ctx->cipher->block_size) != 0)
-        return (0);
-
-    memset(&cryp, 0, sizeof(cryp));
-
-    cryp.ses = sess->ses;
-    cryp.flags = 0;
-    cryp.len = inl;
-    cryp.src = (caddr_t) in;
-    cryp.dst = (caddr_t) out;
-    cryp.mac = 0;
-
-    cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
-
-    if (ctx->cipher->iv_len) {
-        cryp.iv = (caddr_t) ctx->iv;
-        if (!ctx->encrypt) {
-            iiv = in + inl - ctx->cipher->iv_len;
-            memcpy(save_iv, iiv, ctx->cipher->iv_len);
-        }
-    } else
-        cryp.iv = NULL;
-
-    if (ioctl(state->d_fd, CIOCCRYPT, &cryp) == -1) {
-        /*
-         * XXX need better errror handling this can fail for a number of
-         * different reasons.
-         */
-        return (0);
-    }
-
-    if (ctx->cipher->iv_len) {
-        if (ctx->encrypt)
-            iiv = out + inl - ctx->cipher->iv_len;
-        else
-            iiv = save_iv;
-        memcpy(ctx->iv, iiv, ctx->cipher->iv_len);
-    }
-    return (1);
-}
-
-static int
-cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                   const unsigned char *iv, int enc)
-{
-    struct dev_crypto_state *state = ctx->cipher_data;
-    struct session_op *sess = &state->d_sess;
-    int cipher = -1, i;
-
-    for (i = 0; ciphers[i].id; i++)
-        if (ctx->cipher->nid == ciphers[i].nid &&
-            ctx->cipher->iv_len <= ciphers[i].ivmax &&
-            ctx->key_len == ciphers[i].keylen) {
-            cipher = ciphers[i].id;
-            break;
-        }
-
-    if (!ciphers[i].id) {
-        state->d_fd = -1;
-        return (0);
-    }
-
-    memset(sess, 0, sizeof(struct session_op));
-
-    if ((state->d_fd = get_dev_crypto()) < 0)
-        return (0);
-
-    sess->key = (caddr_t) key;
-    sess->keylen = ctx->key_len;
-    sess->cipher = cipher;
-
-    if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) {
-        put_dev_crypto(state->d_fd);
-        state->d_fd = -1;
-        return (0);
-    }
-    return (1);
-}
-
-/*
- * free anything we allocated earlier when initting a
- * session, and close the session.
- */
-static int cryptodev_cleanup(EVP_CIPHER_CTX *ctx)
-{
-    int ret = 0;
-    struct dev_crypto_state *state = ctx->cipher_data;
-    struct session_op *sess = &state->d_sess;
-
-    if (state->d_fd < 0)
-        return (0);
-
-    /*
-     * XXX if this ioctl fails, someting's wrong. the invoker may have called
-     * us with a bogus ctx, or we could have a device that for whatever
-     * reason just doesn't want to play ball - it's not clear what's right
-     * here - should this be an error? should it just increase a counter,
-     * hmm. For right now, we return 0 - I don't believe that to be "right".
-     * we could call the gorpy openssl lib error handlers that print messages
-     * to users of the library. hmm..
-     */
-
-    if (ioctl(state->d_fd, CIOCFSESSION, &sess->ses) == -1) {
-        ret = 0;
-    } else {
-        ret = 1;
-    }
-    put_dev_crypto(state->d_fd);
-    state->d_fd = -1;
-
-    return (ret);
-}
-
-/*
- * libcrypto EVP stuff - this is how we get wired to EVP so the engine
- * gets called when libcrypto requests a cipher NID.
- */
-
-/* RC4 */
-const EVP_CIPHER cryptodev_rc4 = {
-    NID_rc4,
-    1, 16, 0,
-    EVP_CIPH_VARIABLE_LENGTH,
-    cryptodev_init_key,
-    cryptodev_cipher,
-    cryptodev_cleanup,
-    sizeof(struct dev_crypto_state),
-    NULL,
-    NULL,
-    NULL
-};
-
-/* DES CBC EVP */
-const EVP_CIPHER cryptodev_des_cbc = {
-    NID_des_cbc,
-    8, 8, 8,
-    EVP_CIPH_CBC_MODE,
-    cryptodev_init_key,
-    cryptodev_cipher,
-    cryptodev_cleanup,
-    sizeof(struct dev_crypto_state),
-    EVP_CIPHER_set_asn1_iv,
-    EVP_CIPHER_get_asn1_iv,
-    NULL
-};
-
-/* 3DES CBC EVP */
-const EVP_CIPHER cryptodev_3des_cbc = {
-    NID_des_ede3_cbc,
-    8, 24, 8,
-    EVP_CIPH_CBC_MODE,
-    cryptodev_init_key,
-    cryptodev_cipher,
-    cryptodev_cleanup,
-    sizeof(struct dev_crypto_state),
-    EVP_CIPHER_set_asn1_iv,
-    EVP_CIPHER_get_asn1_iv,
-    NULL
-};
-
-const EVP_CIPHER cryptodev_bf_cbc = {
-    NID_bf_cbc,
-    8, 16, 8,
-    EVP_CIPH_CBC_MODE,
-    cryptodev_init_key,
-    cryptodev_cipher,
-    cryptodev_cleanup,
-    sizeof(struct dev_crypto_state),
-    EVP_CIPHER_set_asn1_iv,
-    EVP_CIPHER_get_asn1_iv,
-    NULL
-};
-
-const EVP_CIPHER cryptodev_cast_cbc = {
-    NID_cast5_cbc,
-    8, 16, 8,
-    EVP_CIPH_CBC_MODE,
-    cryptodev_init_key,
-    cryptodev_cipher,
-    cryptodev_cleanup,
-    sizeof(struct dev_crypto_state),
-    EVP_CIPHER_set_asn1_iv,
-    EVP_CIPHER_get_asn1_iv,
-    NULL
-};
-
-const EVP_CIPHER cryptodev_aes_cbc = {
-    NID_aes_128_cbc,
-    16, 16, 16,
-    EVP_CIPH_CBC_MODE,
-    cryptodev_init_key,
-    cryptodev_cipher,
-    cryptodev_cleanup,
-    sizeof(struct dev_crypto_state),
-    EVP_CIPHER_set_asn1_iv,
-    EVP_CIPHER_get_asn1_iv,
-    NULL
-};
-
-const EVP_CIPHER cryptodev_aes_192_cbc = {
-    NID_aes_192_cbc,
-    16, 24, 16,
-    EVP_CIPH_CBC_MODE,
-    cryptodev_init_key,
-    cryptodev_cipher,
-    cryptodev_cleanup,
-    sizeof(struct dev_crypto_state),
-    EVP_CIPHER_set_asn1_iv,
-    EVP_CIPHER_get_asn1_iv,
-    NULL
-};
-
-const EVP_CIPHER cryptodev_aes_256_cbc = {
-    NID_aes_256_cbc,
-    16, 32, 16,
-    EVP_CIPH_CBC_MODE,
-    cryptodev_init_key,
-    cryptodev_cipher,
-    cryptodev_cleanup,
-    sizeof(struct dev_crypto_state),
-    EVP_CIPHER_set_asn1_iv,
-    EVP_CIPHER_get_asn1_iv,
-    NULL
-};
-
-# ifdef CRYPTO_AES_CTR
-const EVP_CIPHER cryptodev_aes_ctr = {
-    NID_aes_128_ctr,
-    16, 16, 14,
-    EVP_CIPH_CTR_MODE,
-    cryptodev_init_key,
-    cryptodev_cipher,
-    cryptodev_cleanup,
-    sizeof(struct dev_crypto_state),
-    EVP_CIPHER_set_asn1_iv,
-    EVP_CIPHER_get_asn1_iv,
-    NULL
-};
-
-const EVP_CIPHER cryptodev_aes_ctr_192 = {
-    NID_aes_192_ctr,
-    16, 24, 14,
-    EVP_CIPH_CTR_MODE,
-    cryptodev_init_key,
-    cryptodev_cipher,
-    cryptodev_cleanup,
-    sizeof(struct dev_crypto_state),
-    EVP_CIPHER_set_asn1_iv,
-    EVP_CIPHER_get_asn1_iv,
-    NULL
-};
-
-const EVP_CIPHER cryptodev_aes_ctr_256 = {
-    NID_aes_256_ctr,
-    16, 32, 14,
-    EVP_CIPH_CTR_MODE,
-    cryptodev_init_key,
-    cryptodev_cipher,
-    cryptodev_cleanup,
-    sizeof(struct dev_crypto_state),
-    EVP_CIPHER_set_asn1_iv,
-    EVP_CIPHER_get_asn1_iv,
-    NULL
-};
-# endif
-/*
- * Registered by the ENGINE when used to find out how to deal with
- * a particular NID in the ENGINE. this says what we'll do at the
- * top level - note, that list is restricted by what we answer with
- */
-static int
-cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
-                         const int **nids, int nid)
-{
-    if (!cipher)
-        return (cryptodev_usable_ciphers(nids));
-
-    switch (nid) {
-    case NID_rc4:
-        *cipher = &cryptodev_rc4;
-        break;
-    case NID_des_ede3_cbc:
-        *cipher = &cryptodev_3des_cbc;
-        break;
-    case NID_des_cbc:
-        *cipher = &cryptodev_des_cbc;
-        break;
-    case NID_bf_cbc:
-        *cipher = &cryptodev_bf_cbc;
-        break;
-    case NID_cast5_cbc:
-        *cipher = &cryptodev_cast_cbc;
-        break;
-    case NID_aes_128_cbc:
-        *cipher = &cryptodev_aes_cbc;
-        break;
-    case NID_aes_192_cbc:
-        *cipher = &cryptodev_aes_192_cbc;
-        break;
-    case NID_aes_256_cbc:
-        *cipher = &cryptodev_aes_256_cbc;
-        break;
-# ifdef CRYPTO_AES_CTR
-    case NID_aes_128_ctr:
-        *cipher = &cryptodev_aes_ctr;
-        break;
-    case NID_aes_192_ctr:
-        *cipher = &cryptodev_aes_ctr_192;
-        break;
-    case NID_aes_256_ctr:
-        *cipher = &cryptodev_aes_ctr_256;
-        break;
-# endif
-    default:
-        *cipher = NULL;
-        break;
-    }
-    return (*cipher != NULL);
-}
-
-# ifdef USE_CRYPTODEV_DIGESTS
-
-/* convert digest type to cryptodev */
-static int digest_nid_to_cryptodev(int nid)
-{
-    int i;
-
-    for (i = 0; digests[i].id; i++)
-        if (digests[i].nid == nid)
-            return (digests[i].id);
-    return (0);
-}
-
-static int digest_key_length(int nid)
-{
-    int i;
-
-    for (i = 0; digests[i].id; i++)
-        if (digests[i].nid == nid)
-            return digests[i].keylen;
-    return (0);
-}
-
-static int cryptodev_digest_init(EVP_MD_CTX *ctx)
-{
-    struct dev_crypto_state *state = ctx->md_data;
-    struct session_op *sess = &state->d_sess;
-    int digest;
-
-    if ((digest = digest_nid_to_cryptodev(ctx->digest->type)) == NID_undef) {
-        printf("cryptodev_digest_init: Can't get digest \n");
-        return (0);
-    }
-
-    memset(state, 0, sizeof(struct dev_crypto_state));
-
-    if ((state->d_fd = get_dev_crypto()) < 0) {
-        printf("cryptodev_digest_init: Can't get Dev \n");
-        return (0);
-    }
-
-    sess->mackey = state->dummy_mac_key;
-    sess->mackeylen = digest_key_length(ctx->digest->type);
-    sess->mac = digest;
-
-    if (ioctl(state->d_fd, CIOCGSESSION, sess) < 0) {
-        put_dev_crypto(state->d_fd);
-        state->d_fd = -1;
-        printf("cryptodev_digest_init: Open session failed\n");
-        return (0);
-    }
-
-    return (1);
-}
-
-static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data,
-                                   size_t count)
-{
-    struct crypt_op cryp;
-    struct dev_crypto_state *state = ctx->md_data;
-    struct session_op *sess = &state->d_sess;
-
-    if (!data || state->d_fd < 0) {
-        printf("cryptodev_digest_update: illegal inputs \n");
-        return (0);
-    }
-
-    if (!count) {
-        return (0);
-    }
-
-    if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) {
-        /* if application doesn't support one buffer */
-        char *mac_data =
-            OPENSSL_realloc(state->mac_data, state->mac_len + count);
-
-        if (mac_data == NULL) {
-            printf("cryptodev_digest_update: realloc failed\n");
-            return (0);
-        }
-
-        state->mac_data = mac_data;
-        memcpy(state->mac_data + state->mac_len, data, count);
-        state->mac_len += count;
-
-        return (1);
-    }
-
-    memset(&cryp, 0, sizeof(cryp));
-
-    cryp.ses = sess->ses;
-    cryp.flags = 0;
-    cryp.len = count;
-    cryp.src = (caddr_t) data;
-    cryp.dst = NULL;
-    cryp.mac = (caddr_t) state->digest_res;
-    if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) {
-        printf("cryptodev_digest_update: digest failed\n");
-        return (0);
-    }
-    return (1);
-}
-
-static int cryptodev_digest_final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-    struct crypt_op cryp;
-    struct dev_crypto_state *state = ctx->md_data;
-    struct session_op *sess = &state->d_sess;
-
-    int ret = 1;
-
-    if (!md || state->d_fd < 0) {
-        printf("cryptodev_digest_final: illegal input\n");
-        return (0);
-    }
-
-    if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) {
-        /* if application doesn't support one buffer */
-        memset(&cryp, 0, sizeof(cryp));
-        cryp.ses = sess->ses;
-        cryp.flags = 0;
-        cryp.len = state->mac_len;
-        cryp.src = state->mac_data;
-        cryp.dst = NULL;
-        cryp.mac = (caddr_t) md;
-        if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) {
-            printf("cryptodev_digest_final: digest failed\n");
-            return (0);
-        }
-
-        return 1;
-    }
-
-    memcpy(md, state->digest_res, ctx->digest->md_size);
-
-    return (ret);
-}
-
-static int cryptodev_digest_cleanup(EVP_MD_CTX *ctx)
-{
-    int ret = 1;
-    struct dev_crypto_state *state = ctx->md_data;
-    struct session_op *sess = &state->d_sess;
-
-    if (state == NULL)
-        return 0;
-
-    if (state->d_fd < 0) {
-        printf("cryptodev_digest_cleanup: illegal input\n");
-        return (0);
-    }
-
-    if (state->mac_data) {
-        OPENSSL_free(state->mac_data);
-        state->mac_data = NULL;
-        state->mac_len = 0;
-    }
-
-    if (ioctl(state->d_fd, CIOCFSESSION, &sess->ses) < 0) {
-        printf("cryptodev_digest_cleanup: failed to close session\n");
-        ret = 0;
-    } else {
-        ret = 1;
-    }
-    put_dev_crypto(state->d_fd);
-    state->d_fd = -1;
-
-    return (ret);
-}
-
-static int cryptodev_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
-{
-    struct dev_crypto_state *fstate = from->md_data;
-    struct dev_crypto_state *dstate = to->md_data;
-    struct session_op *sess;
-    int digest;
-
-    if (dstate == NULL || fstate == NULL)
-        return 1;
-
-    memcpy(dstate, fstate, sizeof(struct dev_crypto_state));
-
-    sess = &dstate->d_sess;
-
-    digest = digest_nid_to_cryptodev(to->digest->type);
-
-    sess->mackey = dstate->dummy_mac_key;
-    sess->mackeylen = digest_key_length(to->digest->type);
-    sess->mac = digest;
-
-    dstate->d_fd = get_dev_crypto();
-
-    if (ioctl(dstate->d_fd, CIOCGSESSION, sess) < 0) {
-        put_dev_crypto(dstate->d_fd);
-        dstate->d_fd = -1;
-        printf("cryptodev_digest_init: Open session failed\n");
-        return (0);
-    }
-
-    dstate->mac_len = fstate->mac_len;
-    if (fstate->mac_len != 0) {
-        if (fstate->mac_data != NULL) {
-            dstate->mac_data = OPENSSL_malloc(fstate->mac_len);
-            if (dstate->mac_data == NULL) {
-                printf("cryptodev_digest_init: malloc failed\n");
-                return 0;
-            }
-            memcpy(dstate->mac_data, fstate->mac_data, fstate->mac_len);
-        }
-    }
-
-    return 1;
-}
-
-const EVP_MD cryptodev_sha1 = {
-    NID_sha1,
-    NID_undef,
-    SHA_DIGEST_LENGTH,
-    EVP_MD_FLAG_ONESHOT,
-    cryptodev_digest_init,
-    cryptodev_digest_update,
-    cryptodev_digest_final,
-    cryptodev_digest_copy,
-    cryptodev_digest_cleanup,
-    EVP_PKEY_NULL_method,
-    SHA_CBLOCK,
-    sizeof(struct dev_crypto_state),
-};
-
-const EVP_MD cryptodev_md5 = {
-    NID_md5,
-    NID_undef,
-    16 /* MD5_DIGEST_LENGTH */ ,
-    EVP_MD_FLAG_ONESHOT,
-    cryptodev_digest_init,
-    cryptodev_digest_update,
-    cryptodev_digest_final,
-    cryptodev_digest_copy,
-    cryptodev_digest_cleanup,
-    EVP_PKEY_NULL_method,
-    64 /* MD5_CBLOCK */ ,
-    sizeof(struct dev_crypto_state),
-};
-
-# endif                         /* USE_CRYPTODEV_DIGESTS */
-
-static int
-cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
-                         const int **nids, int nid)
-{
-    if (!digest)
-        return (cryptodev_usable_digests(nids));
-
-    switch (nid) {
-# ifdef USE_CRYPTODEV_DIGESTS
-    case NID_md5:
-        *digest = &cryptodev_md5;
-        break;
-    case NID_sha1:
-        *digest = &cryptodev_sha1;
-        break;
-    default:
-# endif                         /* USE_CRYPTODEV_DIGESTS */
-        *digest = NULL;
-        break;
-    }
-    return (*digest != NULL);
-}
-
-/*
- * Convert a BIGNUM to the representation that /dev/crypto needs.
- * Upon completion of use, the caller is responsible for freeing
- * crp->crp_p.
- */
-static int bn2crparam(const BIGNUM *a, struct crparam *crp)
-{
-    int i, j, k;
-    ssize_t bytes, bits;
-    u_char *b;
-
-    crp->crp_p = NULL;
-    crp->crp_nbits = 0;
-
-    bits = BN_num_bits(a);
-    bytes = (bits + 7) / 8;
-
-    b = malloc(bytes);
-    if (b == NULL)
-        return (1);
-    memset(b, 0, bytes);
-
-    crp->crp_p = (caddr_t) b;
-    crp->crp_nbits = bits;
-
-    for (i = 0, j = 0; i < a->top; i++) {
-        for (k = 0; k < BN_BITS2 / 8; k++) {
-            if ((j + k) >= bytes)
-                return (0);
-            b[j + k] = a->d[i] >> (k * 8);
-        }
-        j += BN_BITS2 / 8;
-    }
-    return (0);
-}
-
-/* Convert a /dev/crypto parameter to a BIGNUM */
-static int crparam2bn(struct crparam *crp, BIGNUM *a)
-{
-    u_int8_t *pd;
-    int i, bytes;
-
-    bytes = (crp->crp_nbits + 7) / 8;
-
-    if (bytes == 0)
-        return (-1);
-
-    if ((pd = (u_int8_t *) malloc(bytes)) == NULL)
-        return (-1);
-
-    for (i = 0; i < bytes; i++)
-        pd[i] = crp->crp_p[bytes - i - 1];
-
-    BN_bin2bn(pd, bytes, a);
-    free(pd);
-
-    return (0);
-}
-
-static void zapparams(struct crypt_kop *kop)
-{
-    int i;
-
-    for (i = 0; i < kop->crk_iparams + kop->crk_oparams; i++) {
-        OPENSSL_free(kop->crk_param[i].crp_p);
-        kop->crk_param[i].crp_p = NULL;
-        kop->crk_param[i].crp_nbits = 0;
-    }
-}
-
-static int
-cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen,
-               BIGNUM *s)
-{
-    int fd, ret = -1;
-
-    if ((fd = get_asym_dev_crypto()) < 0)
-        return ret;
-
-    if (r) {
-        kop->crk_param[kop->crk_iparams].crp_p = OPENSSL_malloc(rlen);
-        if (kop->crk_param[kop->crk_iparams].crp_p == NULL)
-            return ret;
-        memset(kop->crk_param[kop->crk_iparams].crp_p, 0, (size_t)rlen);
-        kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8;
-        kop->crk_oparams++;
-    }
-    if (s) {
-        kop->crk_param[kop->crk_iparams + 1].crp_p = OPENSSL_malloc(slen);
-        /* No need to free the kop->crk_iparams parameter if it was allocated,
-         * callers of this routine have to free allocated parameters through
-         * zapparams both in case of success and failure
-         */
-        if (kop->crk_param[kop->crk_iparams+1].crp_p == NULL)
-            return ret;
-        memset(kop->crk_param[kop->crk_iparams + 1].crp_p, 0, (size_t)slen);
-        kop->crk_param[kop->crk_iparams + 1].crp_nbits = slen * 8;
-        kop->crk_oparams++;
-    }
-
-    if (ioctl(fd, CIOCKEY, kop) == 0) {
-        if (r)
-            crparam2bn(&kop->crk_param[kop->crk_iparams], r);
-        if (s)
-            crparam2bn(&kop->crk_param[kop->crk_iparams + 1], s);
-        ret = 0;
-    }
-
-    return ret;
-}
-
-static int
-cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                     const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
-{
-    struct crypt_kop kop;
-    int ret = 1;
-
-    /*
-     * Currently, we know we can do mod exp iff we can do any asymmetric
-     * operations at all.
-     */
-    if (cryptodev_asymfeat == 0) {
-        ret = BN_mod_exp(r, a, p, m, ctx);
-        return (ret);
-    }
-
-    memset(&kop, 0, sizeof kop);
-    kop.crk_op = CRK_MOD_EXP;
-
-    /* inputs: a^p % m */
-    if (bn2crparam(a, &kop.crk_param[0]))
-        goto err;
-    if (bn2crparam(p, &kop.crk_param[1]))
-        goto err;
-    if (bn2crparam(m, &kop.crk_param[2]))
-        goto err;
-    kop.crk_iparams = 3;
-
-    if (cryptodev_asym(&kop, BN_num_bytes(m), r, 0, NULL)) {
-        const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
-        printf("OCF asym process failed, Running in software\n");
-        ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont);
-
-    } else if (ECANCELED == kop.crk_status) {
-        const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
-        printf("OCF hardware operation cancelled. Running in Software\n");
-        ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont);
-    }
-    /* else cryptodev operation worked ok ==> ret = 1 */
-
- err:
-    zapparams(&kop);
-    return (ret);
-}
-
-static int
-cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
-                            BN_CTX *ctx)
-{
-    int r;
-    ctx = BN_CTX_new();
-    r = cryptodev_bn_mod_exp(r0, I, rsa->d, rsa->n, ctx, NULL);
-    BN_CTX_free(ctx);
-    return (r);
-}
-
-static int
-cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
-{
-    struct crypt_kop kop;
-    int ret = 1;
-
-    if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) {
-        /* XXX 0 means failure?? */
-        return (0);
-    }
-
-    memset(&kop, 0, sizeof kop);
-    kop.crk_op = CRK_MOD_EXP_CRT;
-    /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */
-    if (bn2crparam(rsa->p, &kop.crk_param[0]))
-        goto err;
-    if (bn2crparam(rsa->q, &kop.crk_param[1]))
-        goto err;
-    if (bn2crparam(I, &kop.crk_param[2]))
-        goto err;
-    if (bn2crparam(rsa->dmp1, &kop.crk_param[3]))
-        goto err;
-    if (bn2crparam(rsa->dmq1, &kop.crk_param[4]))
-        goto err;
-    if (bn2crparam(rsa->iqmp, &kop.crk_param[5]))
-        goto err;
-    kop.crk_iparams = 6;
-
-    if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL)) {
-        const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
-        printf("OCF asym process failed, running in Software\n");
-        ret = (*meth->rsa_mod_exp) (r0, I, rsa, ctx);
-
-    } else if (ECANCELED == kop.crk_status) {
-        const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
-        printf("OCF hardware operation cancelled. Running in Software\n");
-        ret = (*meth->rsa_mod_exp) (r0, I, rsa, ctx);
-    }
-    /* else cryptodev operation worked ok ==> ret = 1 */
-
- err:
-    zapparams(&kop);
-    return (ret);
-}
-
-static RSA_METHOD cryptodev_rsa = {
-    "cryptodev RSA method",
-    NULL,                       /* rsa_pub_enc */
-    NULL,                       /* rsa_pub_dec */
-    NULL,                       /* rsa_priv_enc */
-    NULL,                       /* rsa_priv_dec */
-    NULL,
-    NULL,
-    NULL,                       /* init */
-    NULL,                       /* finish */
-    0,                          /* flags */
-    NULL,                       /* app_data */
-    NULL,                       /* rsa_sign */
-    NULL                        /* rsa_verify */
-};
-
-static int
-cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
-                         const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-{
-    return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx));
-}
-
-static int
-cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g,
-                          BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p,
-                          BN_CTX *ctx, BN_MONT_CTX *mont)
-{
-    BIGNUM t2;
-    int ret = 0;
-
-    BN_init(&t2);
-
-    /* v = ( g^u1 * y^u2 mod p ) mod q */
-    /* let t1 = g ^ u1 mod p */
-    ret = 0;
-
-    if (!dsa->meth->bn_mod_exp(dsa, t1, dsa->g, u1, dsa->p, ctx, mont))
-        goto err;
-
-    /* let t2 = y ^ u2 mod p */
-    if (!dsa->meth->bn_mod_exp(dsa, &t2, dsa->pub_key, u2, dsa->p, ctx, mont))
-        goto err;
-    /* let u1 = t1 * t2 mod p */
-    if (!BN_mod_mul(u1, t1, &t2, dsa->p, ctx))
-        goto err;
-
-    BN_copy(t1, u1);
-
-    ret = 1;
- err:
-    BN_free(&t2);
-    return (ret);
-}
-
-static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen,
-                                      DSA *dsa)
-{
-    struct crypt_kop kop;
-    BIGNUM *r = NULL, *s = NULL;
-    DSA_SIG *dsaret = NULL;
-
-    if ((r = BN_new()) == NULL)
-        goto err;
-    if ((s = BN_new()) == NULL) {
-        BN_free(r);
-        goto err;
-    }
-
-    memset(&kop, 0, sizeof kop);
-    kop.crk_op = CRK_DSA_SIGN;
-
-    /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */
-    kop.crk_param[0].crp_p = (caddr_t) dgst;
-    kop.crk_param[0].crp_nbits = dlen * 8;
-    if (bn2crparam(dsa->p, &kop.crk_param[1]))
-        goto err;
-    if (bn2crparam(dsa->q, &kop.crk_param[2]))
-        goto err;
-    if (bn2crparam(dsa->g, &kop.crk_param[3]))
-        goto err;
-    if (bn2crparam(dsa->priv_key, &kop.crk_param[4]))
-        goto err;
-    kop.crk_iparams = 5;
-
-    if (cryptodev_asym(&kop, BN_num_bytes(dsa->q), r,
-                       BN_num_bytes(dsa->q), s) == 0) {
-        dsaret = DSA_SIG_new();
-        if (dsaret == NULL)
-            goto err;
-        dsaret->r = r;
-        dsaret->s = s;
-        r = s = NULL;
-    } else {
-        const DSA_METHOD *meth = DSA_OpenSSL();
-        dsaret = (meth->dsa_do_sign) (dgst, dlen, dsa);
-    }
- err:
-    BN_free(r);
-    BN_free(s);
-    kop.crk_param[0].crp_p = NULL;
-    zapparams(&kop);
-    return (dsaret);
-}
-
-static int
-cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
-                     DSA_SIG *sig, DSA *dsa)
-{
-    struct crypt_kop kop;
-    int dsaret = 1;
-
-    memset(&kop, 0, sizeof kop);
-    kop.crk_op = CRK_DSA_VERIFY;
-
-    /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */
-    kop.crk_param[0].crp_p = (caddr_t) dgst;
-    kop.crk_param[0].crp_nbits = dlen * 8;
-    if (bn2crparam(dsa->p, &kop.crk_param[1]))
-        goto err;
-    if (bn2crparam(dsa->q, &kop.crk_param[2]))
-        goto err;
-    if (bn2crparam(dsa->g, &kop.crk_param[3]))
-        goto err;
-    if (bn2crparam(dsa->pub_key, &kop.crk_param[4]))
-        goto err;
-    if (bn2crparam(sig->r, &kop.crk_param[5]))
-        goto err;
-    if (bn2crparam(sig->s, &kop.crk_param[6]))
-        goto err;
-    kop.crk_iparams = 7;
-
-    if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) {
-        /*
-         * OCF success value is 0, if not zero, change dsaret to fail
-         */
-        if (0 != kop.crk_status)
-            dsaret = 0;
-    } else {
-        const DSA_METHOD *meth = DSA_OpenSSL();
-
-        dsaret = (meth->dsa_do_verify) (dgst, dlen, sig, dsa);
-    }
- err:
-    kop.crk_param[0].crp_p = NULL;
-    zapparams(&kop);
-    return (dsaret);
-}
-
-static DSA_METHOD cryptodev_dsa = {
-    "cryptodev DSA method",
-    NULL,
-    NULL,                       /* dsa_sign_setup */
-    NULL,
-    NULL,                       /* dsa_mod_exp */
-    NULL,
-    NULL,                       /* init */
-    NULL,                       /* finish */
-    0,                          /* flags */
-    NULL                        /* app_data */
-};
-
-static int
-cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
-                     const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-                     BN_MONT_CTX *m_ctx)
-{
-    return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx));
-}
-
-static int
-cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
-{
-    struct crypt_kop kop;
-    int dhret = 1;
-    int fd, keylen;
-
-    if ((fd = get_asym_dev_crypto()) < 0) {
-        const DH_METHOD *meth = DH_OpenSSL();
-
-        return ((meth->compute_key) (key, pub_key, dh));
-    }
-
-    keylen = BN_num_bits(dh->p);
-
-    memset(&kop, 0, sizeof kop);
-    kop.crk_op = CRK_DH_COMPUTE_KEY;
-
-    /* inputs: dh->priv_key pub_key dh->p key */
-    if (bn2crparam(dh->priv_key, &kop.crk_param[0]))
-        goto err;
-    if (bn2crparam(pub_key, &kop.crk_param[1]))
-        goto err;
-    if (bn2crparam(dh->p, &kop.crk_param[2]))
-        goto err;
-    kop.crk_iparams = 3;
-
-    kop.crk_param[3].crp_p = (caddr_t) key;
-    kop.crk_param[3].crp_nbits = keylen * 8;
-    kop.crk_oparams = 1;
-
-    if (ioctl(fd, CIOCKEY, &kop) == -1) {
-        const DH_METHOD *meth = DH_OpenSSL();
-
-        dhret = (meth->compute_key) (key, pub_key, dh);
-    }
- err:
-    kop.crk_param[3].crp_p = NULL;
-    zapparams(&kop);
-    return (dhret);
-}
-
-static DH_METHOD cryptodev_dh = {
-    "cryptodev DH method",
-    NULL,                       /* cryptodev_dh_generate_key */
-    NULL,
-    NULL,
-    NULL,
-    NULL,
-    0,                          /* flags */
-    NULL                        /* app_data */
-};
-
-/*
- * ctrl right now is just a wrapper that doesn't do much
- * but I expect we'll want some options soon.
- */
-static int
-cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
-{
-# ifdef HAVE_SYSLOG_R
-    struct syslog_data sd = SYSLOG_DATA_INIT;
-# endif
-
-    switch (cmd) {
-    default:
-# ifdef HAVE_SYSLOG_R
-        syslog_r(LOG_ERR, &sd, "cryptodev_ctrl: unknown command %d", cmd);
-# else
-        syslog(LOG_ERR, "cryptodev_ctrl: unknown command %d", cmd);
-# endif
-        break;
-    }
-    return (1);
-}
-
-void ENGINE_load_cryptodev(void)
-{
-    ENGINE *engine = ENGINE_new();
-    int fd;
-
-    if (engine == NULL)
-        return;
-    if ((fd = get_dev_crypto()) < 0) {
-        ENGINE_free(engine);
-        return;
-    }
-
-    /*
-     * find out what asymmetric crypto algorithms we support
-     */
-    if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) {
-        put_dev_crypto(fd);
-        ENGINE_free(engine);
-        return;
-    }
-    put_dev_crypto(fd);
-
-    if (!ENGINE_set_id(engine, "cryptodev") ||
-        !ENGINE_set_name(engine, "BSD cryptodev engine") ||
-        !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) ||
-        !ENGINE_set_digests(engine, cryptodev_engine_digests) ||
-        !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) ||
-        !ENGINE_set_cmd_defns(engine, cryptodev_defns)) {
-        ENGINE_free(engine);
-        return;
-    }
-
-    if (ENGINE_set_RSA(engine, &cryptodev_rsa)) {
-        const RSA_METHOD *rsa_meth = RSA_PKCS1_SSLeay();
-
-        cryptodev_rsa.bn_mod_exp = rsa_meth->bn_mod_exp;
-        cryptodev_rsa.rsa_mod_exp = rsa_meth->rsa_mod_exp;
-        cryptodev_rsa.rsa_pub_enc = rsa_meth->rsa_pub_enc;
-        cryptodev_rsa.rsa_pub_dec = rsa_meth->rsa_pub_dec;
-        cryptodev_rsa.rsa_priv_enc = rsa_meth->rsa_priv_enc;
-        cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec;
-        if (cryptodev_asymfeat & CRF_MOD_EXP) {
-            cryptodev_rsa.bn_mod_exp = cryptodev_bn_mod_exp;
-            if (cryptodev_asymfeat & CRF_MOD_EXP_CRT)
-                cryptodev_rsa.rsa_mod_exp = cryptodev_rsa_mod_exp;
-            else
-                cryptodev_rsa.rsa_mod_exp = cryptodev_rsa_nocrt_mod_exp;
-        }
-    }
-
-    if (ENGINE_set_DSA(engine, &cryptodev_dsa)) {
-        const DSA_METHOD *meth = DSA_OpenSSL();
-
-        memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD));
-        if (cryptodev_asymfeat & CRF_DSA_SIGN)
-            cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign;
-        if (cryptodev_asymfeat & CRF_MOD_EXP) {
-            cryptodev_dsa.bn_mod_exp = cryptodev_dsa_bn_mod_exp;
-            cryptodev_dsa.dsa_mod_exp = cryptodev_dsa_dsa_mod_exp;
-        }
-        if (cryptodev_asymfeat & CRF_DSA_VERIFY)
-            cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify;
-    }
-
-    if (ENGINE_set_DH(engine, &cryptodev_dh)) {
-        const DH_METHOD *dh_meth = DH_OpenSSL();
-
-        cryptodev_dh.generate_key = dh_meth->generate_key;
-        cryptodev_dh.compute_key = dh_meth->compute_key;
-        cryptodev_dh.bn_mod_exp = dh_meth->bn_mod_exp;
-        if (cryptodev_asymfeat & CRF_MOD_EXP) {
-            cryptodev_dh.bn_mod_exp = cryptodev_mod_exp_dh;
-            if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY)
-                cryptodev_dh.compute_key = cryptodev_dh_compute_key;
-        }
-    }
-
-    ENGINE_add(engine);
-    ENGINE_free(engine);
-    ERR_clear_error();
-}
-
-#endif                          /* HAVE_CRYPTODEV */
diff --git a/thirdparty/openssl/crypto/engine/eng_ctrl.c b/thirdparty/openssl/crypto/engine/eng_ctrl.c
deleted file mode 100644
index e6c0dfb011..0000000000
--- a/thirdparty/openssl/crypto/engine/eng_ctrl.c
+++ /dev/null
@@ -1,385 +0,0 @@
-/* crypto/engine/eng_ctrl.c */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/*
- * When querying a ENGINE-specific control command's 'description', this
- * string is used if the ENGINE_CMD_DEFN has cmd_desc set to NULL.
- */
-static const char *int_no_description = "";
-
-/*
- * These internal functions handle 'CMD'-related control commands when the
- * ENGINE in question has asked us to take care of it (ie. the ENGINE did not
- * set the ENGINE_FLAGS_MANUAL_CMD_CTRL flag.
- */
-
-static int int_ctrl_cmd_is_null(const ENGINE_CMD_DEFN *defn)
-{
-    if ((defn->cmd_num == 0) || (defn->cmd_name == NULL))
-        return 1;
-    return 0;
-}
-
-static int int_ctrl_cmd_by_name(const ENGINE_CMD_DEFN *defn, const char *s)
-{
-    int idx = 0;
-    while (!int_ctrl_cmd_is_null(defn) && (strcmp(defn->cmd_name, s) != 0)) {
-        idx++;
-        defn++;
-    }
-    if (int_ctrl_cmd_is_null(defn))
-        /* The given name wasn't found */
-        return -1;
-    return idx;
-}
-
-static int int_ctrl_cmd_by_num(const ENGINE_CMD_DEFN *defn, unsigned int num)
-{
-    int idx = 0;
-    /*
-     * NB: It is stipulated that 'cmd_defn' lists are ordered by cmd_num. So
-     * our searches don't need to take any longer than necessary.
-     */
-    while (!int_ctrl_cmd_is_null(defn) && (defn->cmd_num < num)) {
-        idx++;
-        defn++;
-    }
-    if (defn->cmd_num == num)
-        return idx;
-    /* The given cmd_num wasn't found */
-    return -1;
-}
-
-static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p,
-                           void (*f) (void))
-{
-    int idx;
-    char *s = (char *)p;
-    /* Take care of the easy one first (eg. it requires no searches) */
-    if (cmd == ENGINE_CTRL_GET_FIRST_CMD_TYPE) {
-        if ((e->cmd_defns == NULL) || int_ctrl_cmd_is_null(e->cmd_defns))
-            return 0;
-        return e->cmd_defns->cmd_num;
-    }
-    /* One or two commands require that "p" be a valid string buffer */
-    if ((cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) ||
-        (cmd == ENGINE_CTRL_GET_NAME_FROM_CMD) ||
-        (cmd == ENGINE_CTRL_GET_DESC_FROM_CMD)) {
-        if (s == NULL) {
-            ENGINEerr(ENGINE_F_INT_CTRL_HELPER, ERR_R_PASSED_NULL_PARAMETER);
-            return -1;
-        }
-    }
-    /* Now handle cmd_name -> cmd_num conversion */
-    if (cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) {
-        if ((e->cmd_defns == NULL)
-            || ((idx = int_ctrl_cmd_by_name(e->cmd_defns, s)) < 0)) {
-            ENGINEerr(ENGINE_F_INT_CTRL_HELPER, ENGINE_R_INVALID_CMD_NAME);
-            return -1;
-        }
-        return e->cmd_defns[idx].cmd_num;
-    }
-    /*
-     * For the rest of the commands, the 'long' argument must specify a valie
-     * command number - so we need to conduct a search.
-     */
-    if ((e->cmd_defns == NULL) || ((idx = int_ctrl_cmd_by_num(e->cmd_defns,
-                                                              (unsigned int)
-                                                              i)) < 0)) {
-        ENGINEerr(ENGINE_F_INT_CTRL_HELPER, ENGINE_R_INVALID_CMD_NUMBER);
-        return -1;
-    }
-    /* Now the logic splits depending on command type */
-    switch (cmd) {
-    case ENGINE_CTRL_GET_NEXT_CMD_TYPE:
-        idx++;
-        if (int_ctrl_cmd_is_null(e->cmd_defns + idx))
-            /* end-of-list */
-            return 0;
-        else
-            return e->cmd_defns[idx].cmd_num;
-    case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
-        return strlen(e->cmd_defns[idx].cmd_name);
-    case ENGINE_CTRL_GET_NAME_FROM_CMD:
-        return BIO_snprintf(s, strlen(e->cmd_defns[idx].cmd_name) + 1,
-                            "%s", e->cmd_defns[idx].cmd_name);
-    case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
-        if (e->cmd_defns[idx].cmd_desc)
-            return strlen(e->cmd_defns[idx].cmd_desc);
-        return strlen(int_no_description);
-    case ENGINE_CTRL_GET_DESC_FROM_CMD:
-        if (e->cmd_defns[idx].cmd_desc)
-            return BIO_snprintf(s,
-                                strlen(e->cmd_defns[idx].cmd_desc) + 1,
-                                "%s", e->cmd_defns[idx].cmd_desc);
-        return BIO_snprintf(s, strlen(int_no_description) + 1, "%s",
-                            int_no_description);
-    case ENGINE_CTRL_GET_CMD_FLAGS:
-        return e->cmd_defns[idx].cmd_flags;
-    }
-    /* Shouldn't really be here ... */
-    ENGINEerr(ENGINE_F_INT_CTRL_HELPER, ENGINE_R_INTERNAL_LIST_ERROR);
-    return -1;
-}
-
-int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
-{
-    int ctrl_exists, ref_exists;
-    if (e == NULL) {
-        ENGINEerr(ENGINE_F_ENGINE_CTRL, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-    ref_exists = ((e->struct_ref > 0) ? 1 : 0);
-    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-    ctrl_exists = ((e->ctrl == NULL) ? 0 : 1);
-    if (!ref_exists) {
-        ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_NO_REFERENCE);
-        return 0;
-    }
-    /*
-     * Intercept any "root-level" commands before trying to hand them on to
-     * ctrl() handlers.
-     */
-    switch (cmd) {
-    case ENGINE_CTRL_HAS_CTRL_FUNCTION:
-        return ctrl_exists;
-    case ENGINE_CTRL_GET_FIRST_CMD_TYPE:
-    case ENGINE_CTRL_GET_NEXT_CMD_TYPE:
-    case ENGINE_CTRL_GET_CMD_FROM_NAME:
-    case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
-    case ENGINE_CTRL_GET_NAME_FROM_CMD:
-    case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
-    case ENGINE_CTRL_GET_DESC_FROM_CMD:
-    case ENGINE_CTRL_GET_CMD_FLAGS:
-        if (ctrl_exists && !(e->flags & ENGINE_FLAGS_MANUAL_CMD_CTRL))
-            return int_ctrl_helper(e, cmd, i, p, f);
-        if (!ctrl_exists) {
-            ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_NO_CONTROL_FUNCTION);
-            /*
-             * For these cmd-related functions, failure is indicated by a -1
-             * return value (because 0 is used as a valid return in some
-             * places).
-             */
-            return -1;
-        }
-    default:
-        break;
-    }
-    /* Anything else requires a ctrl() handler to exist. */
-    if (!ctrl_exists) {
-        ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_NO_CONTROL_FUNCTION);
-        return 0;
-    }
-    return e->ctrl(e, cmd, i, p, f);
-}
-
-int ENGINE_cmd_is_executable(ENGINE *e, int cmd)
-{
-    int flags;
-    if ((flags =
-         ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, cmd, NULL, NULL)) < 0) {
-        ENGINEerr(ENGINE_F_ENGINE_CMD_IS_EXECUTABLE,
-                  ENGINE_R_INVALID_CMD_NUMBER);
-        return 0;
-    }
-    if (!(flags & ENGINE_CMD_FLAG_NO_INPUT) &&
-        !(flags & ENGINE_CMD_FLAG_NUMERIC) &&
-        !(flags & ENGINE_CMD_FLAG_STRING))
-        return 0;
-    return 1;
-}
-
-int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
-                    long i, void *p, void (*f) (void), int cmd_optional)
-{
-    int num;
-
-    if ((e == NULL) || (cmd_name == NULL)) {
-        ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    if ((e->ctrl == NULL) || ((num = ENGINE_ctrl(e,
-                                                 ENGINE_CTRL_GET_CMD_FROM_NAME,
-                                                 0, (void *)cmd_name,
-                                                 NULL)) <= 0)) {
-        /*
-         * If the command didn't *have* to be supported, we fake success.
-         * This allows certain settings to be specified for multiple ENGINEs
-         * and only require a change of ENGINE id (without having to
-         * selectively apply settings). Eg. changing from a hardware device
-         * back to the regular software ENGINE without editing the config
-         * file, etc.
-         */
-        if (cmd_optional) {
-            ERR_clear_error();
-            return 1;
-        }
-        ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD, ENGINE_R_INVALID_CMD_NAME);
-        return 0;
-    }
-    /*
-     * Force the result of the control command to 0 or 1, for the reasons
-     * mentioned before.
-     */
-    if (ENGINE_ctrl(e, num, i, p, f) > 0)
-        return 1;
-    return 0;
-}
-
-int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
-                           int cmd_optional)
-{
-    int num, flags;
-    long l;
-    char *ptr;
-    if ((e == NULL) || (cmd_name == NULL)) {
-        ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-                  ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    if ((e->ctrl == NULL) || ((num = ENGINE_ctrl(e,
-                                                 ENGINE_CTRL_GET_CMD_FROM_NAME,
-                                                 0, (void *)cmd_name,
-                                                 NULL)) <= 0)) {
-        /*
-         * If the command didn't *have* to be supported, we fake success.
-         * This allows certain settings to be specified for multiple ENGINEs
-         * and only require a change of ENGINE id (without having to
-         * selectively apply settings). Eg. changing from a hardware device
-         * back to the regular software ENGINE without editing the config
-         * file, etc.
-         */
-        if (cmd_optional) {
-            ERR_clear_error();
-            return 1;
-        }
-        ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING, ENGINE_R_INVALID_CMD_NAME);
-        return 0;
-    }
-    if (!ENGINE_cmd_is_executable(e, num)) {
-        ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-                  ENGINE_R_CMD_NOT_EXECUTABLE);
-        return 0;
-    }
-    if ((flags =
-         ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num, NULL, NULL)) < 0) {
-        /*
-         * Shouldn't happen, given that ENGINE_cmd_is_executable() returned
-         * success.
-         */
-        ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-                  ENGINE_R_INTERNAL_LIST_ERROR);
-        return 0;
-    }
-    /*
-     * If the command takes no input, there must be no input. And vice versa.
-     */
-    if (flags & ENGINE_CMD_FLAG_NO_INPUT) {
-        if (arg != NULL) {
-            ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-                      ENGINE_R_COMMAND_TAKES_NO_INPUT);
-            return 0;
-        }
-        /*
-         * We deliberately force the result of ENGINE_ctrl() to 0 or 1 rather
-         * than returning it as "return data". This is to ensure usage of
-         * these commands is consistent across applications and that certain
-         * applications don't understand it one way, and others another.
-         */
-        if (ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0)
-            return 1;
-        return 0;
-    }
-    /* So, we require input */
-    if (arg == NULL) {
-        ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-                  ENGINE_R_COMMAND_TAKES_INPUT);
-        return 0;
-    }
-    /* If it takes string input, that's easy */
-    if (flags & ENGINE_CMD_FLAG_STRING) {
-        /* Same explanation as above */
-        if (ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0)
-            return 1;
-        return 0;
-    }
-    /*
-     * If it doesn't take numeric either, then it is unsupported for use in a
-     * config-setting situation, which is what this function is for. This
-     * should never happen though, because ENGINE_cmd_is_executable() was
-     * used.
-     */
-    if (!(flags & ENGINE_CMD_FLAG_NUMERIC)) {
-        ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-                  ENGINE_R_INTERNAL_LIST_ERROR);
-        return 0;
-    }
-    l = strtol(arg, &ptr, 10);
-    if ((arg == ptr) || (*ptr != '\0')) {
-        ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-                  ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER);
-        return 0;
-    }
-    /*
-     * Force the result of the control command to 0 or 1, for the reasons
-     * mentioned before.
-     */
-    if (ENGINE_ctrl(e, num, l, NULL, NULL) > 0)
-        return 1;
-    return 0;
-}
diff --git a/thirdparty/openssl/crypto/engine/eng_dyn.c b/thirdparty/openssl/crypto/engine/eng_dyn.c
deleted file mode 100644
index 40f30e9d58..0000000000
--- a/thirdparty/openssl/crypto/engine/eng_dyn.c
+++ /dev/null
@@ -1,570 +0,0 @@
-/* crypto/engine/eng_dyn.c */
-/*
- * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-#include <openssl/dso.h>
-
-/*
- * Shared libraries implementing ENGINEs for use by the "dynamic" ENGINE
- * loader should implement the hook-up functions with the following
- * prototypes.
- */
-
-/* Our ENGINE handlers */
-static int dynamic_init(ENGINE *e);
-static int dynamic_finish(ENGINE *e);
-static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p,
-                        void (*f) (void));
-/* Predeclare our context type */
-typedef struct st_dynamic_data_ctx dynamic_data_ctx;
-/* The implementation for the important control command */
-static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx);
-
-#define DYNAMIC_CMD_SO_PATH             ENGINE_CMD_BASE
-#define DYNAMIC_CMD_NO_VCHECK           (ENGINE_CMD_BASE + 1)
-#define DYNAMIC_CMD_ID                  (ENGINE_CMD_BASE + 2)
-#define DYNAMIC_CMD_LIST_ADD            (ENGINE_CMD_BASE + 3)
-#define DYNAMIC_CMD_DIR_LOAD            (ENGINE_CMD_BASE + 4)
-#define DYNAMIC_CMD_DIR_ADD             (ENGINE_CMD_BASE + 5)
-#define DYNAMIC_CMD_LOAD                (ENGINE_CMD_BASE + 6)
-
-/* The constants used when creating the ENGINE */
-static const char *engine_dynamic_id = "dynamic";
-static const char *engine_dynamic_name = "Dynamic engine loading support";
-static const ENGINE_CMD_DEFN dynamic_cmd_defns[] = {
-    {DYNAMIC_CMD_SO_PATH,
-     "SO_PATH",
-     "Specifies the path to the new ENGINE shared library",
-     ENGINE_CMD_FLAG_STRING},
-    {DYNAMIC_CMD_NO_VCHECK,
-     "NO_VCHECK",
-     "Specifies to continue even if version checking fails (boolean)",
-     ENGINE_CMD_FLAG_NUMERIC},
-    {DYNAMIC_CMD_ID,
-     "ID",
-     "Specifies an ENGINE id name for loading",
-     ENGINE_CMD_FLAG_STRING},
-    {DYNAMIC_CMD_LIST_ADD,
-     "LIST_ADD",
-     "Whether to add a loaded ENGINE to the internal list (0=no,1=yes,2=mandatory)",
-     ENGINE_CMD_FLAG_NUMERIC},
-    {DYNAMIC_CMD_DIR_LOAD,
-     "DIR_LOAD",
-     "Specifies whether to load from 'DIR_ADD' directories (0=no,1=yes,2=mandatory)",
-     ENGINE_CMD_FLAG_NUMERIC},
-    {DYNAMIC_CMD_DIR_ADD,
-     "DIR_ADD",
-     "Adds a directory from which ENGINEs can be loaded",
-     ENGINE_CMD_FLAG_STRING},
-    {DYNAMIC_CMD_LOAD,
-     "LOAD",
-     "Load up the ENGINE specified by other settings",
-     ENGINE_CMD_FLAG_NO_INPUT},
-    {0, NULL, NULL, 0}
-};
-
-/*
- * Loading code stores state inside the ENGINE structure via the "ex_data"
- * element. We load all our state into a single structure and use that as a
- * single context in the "ex_data" stack.
- */
-struct st_dynamic_data_ctx {
-    /* The DSO object we load that supplies the ENGINE code */
-    DSO *dynamic_dso;
-    /*
-     * The function pointer to the version checking shared library function
-     */
-    dynamic_v_check_fn v_check;
-    /*
-     * The function pointer to the engine-binding shared library function
-     */
-    dynamic_bind_engine bind_engine;
-    /* The default name/path for loading the shared library */
-    const char *DYNAMIC_LIBNAME;
-    /* Whether to continue loading on a version check failure */
-    int no_vcheck;
-    /* If non-NULL, stipulates the 'id' of the ENGINE to be loaded */
-    const char *engine_id;
-    /*
-     * If non-zero, a successfully loaded ENGINE should be added to the
-     * internal ENGINE list. If 2, the add must succeed or the entire load
-     * should fail.
-     */
-    int list_add_value;
-    /* The symbol name for the version checking function */
-    const char *DYNAMIC_F1;
-    /* The symbol name for the "initialise ENGINE structure" function */
-    const char *DYNAMIC_F2;
-    /*
-     * Whether to never use 'dirs', use 'dirs' as a fallback, or only use
-     * 'dirs' for loading. Default is to use 'dirs' as a fallback.
-     */
-    int dir_load;
-    /* A stack of directories from which ENGINEs could be loaded */
-    STACK_OF(OPENSSL_STRING) *dirs;
-};
-
-/*
- * This is the "ex_data" index we obtain and reserve for use with our context
- * structure.
- */
-static int dynamic_ex_data_idx = -1;
-
-static void int_free_str(char *s)
-{
-    OPENSSL_free(s);
-}
-
-/*
- * Because our ex_data element may or may not get allocated depending on
- * whether a "first-use" occurs before the ENGINE is freed, we have a memory
- * leak problem to solve. We can't declare a "new" handler for the ex_data as
- * we don't want a dynamic_data_ctx in *all* ENGINE structures of all types
- * (this is a bug in the design of CRYPTO_EX_DATA). As such, we just declare
- * a "free" handler and that will get called if an ENGINE is being destroyed
- * and there was an ex_data element corresponding to our context type.
- */
-static void dynamic_data_ctx_free_func(void *parent, void *ptr,
-                                       CRYPTO_EX_DATA *ad, int idx, long argl,
-                                       void *argp)
-{
-    if (ptr) {
-        dynamic_data_ctx *ctx = (dynamic_data_ctx *)ptr;
-        if (ctx->dynamic_dso)
-            DSO_free(ctx->dynamic_dso);
-        if (ctx->DYNAMIC_LIBNAME)
-            OPENSSL_free((void *)ctx->DYNAMIC_LIBNAME);
-        if (ctx->engine_id)
-            OPENSSL_free((void *)ctx->engine_id);
-        if (ctx->dirs)
-            sk_OPENSSL_STRING_pop_free(ctx->dirs, int_free_str);
-        OPENSSL_free(ctx);
-    }
-}
-
-/*
- * Construct the per-ENGINE context. We create it blindly and then use a lock
- * to check for a race - if so, all but one of the threads "racing" will have
- * wasted their time. The alternative involves creating everything inside the
- * lock which is far worse.
- */
-static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx)
-{
-    dynamic_data_ctx *c;
-    c = OPENSSL_malloc(sizeof(dynamic_data_ctx));
-    if (!c) {
-        ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    memset(c, 0, sizeof(dynamic_data_ctx));
-    c->dynamic_dso = NULL;
-    c->v_check = NULL;
-    c->bind_engine = NULL;
-    c->DYNAMIC_LIBNAME = NULL;
-    c->no_vcheck = 0;
-    c->engine_id = NULL;
-    c->list_add_value = 0;
-    c->DYNAMIC_F1 = "v_check";
-    c->DYNAMIC_F2 = "bind_engine";
-    c->dir_load = 1;
-    c->dirs = sk_OPENSSL_STRING_new_null();
-    if (!c->dirs) {
-        ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE);
-        OPENSSL_free(c);
-        return 0;
-    }
-    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-    if ((*ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e,
-                                                       dynamic_ex_data_idx))
-        == NULL) {
-        /* Good, we're the first */
-        ENGINE_set_ex_data(e, dynamic_ex_data_idx, c);
-        *ctx = c;
-        c = NULL;
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-    /*
-     * If we lost the race to set the context, c is non-NULL and *ctx is the
-     * context of the thread that won.
-     */
-    if (c) {
-        sk_OPENSSL_STRING_free(c->dirs);
-        OPENSSL_free(c);
-    }
-    return 1;
-}
-
-/*
- * This function retrieves the context structure from an ENGINE's "ex_data",
- * or if it doesn't exist yet, sets it up.
- */
-static dynamic_data_ctx *dynamic_get_data_ctx(ENGINE *e)
-{
-    dynamic_data_ctx *ctx;
-    if (dynamic_ex_data_idx < 0) {
-        /*
-         * Create and register the ENGINE ex_data, and associate our "free"
-         * function with it to ensure any allocated contexts get freed when
-         * an ENGINE goes underground.
-         */
-        int new_idx = ENGINE_get_ex_new_index(0, NULL, NULL, NULL,
-                                              dynamic_data_ctx_free_func);
-        if (new_idx == -1) {
-            ENGINEerr(ENGINE_F_DYNAMIC_GET_DATA_CTX, ENGINE_R_NO_INDEX);
-            return NULL;
-        }
-        CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-        /* Avoid a race by checking again inside this lock */
-        if (dynamic_ex_data_idx < 0) {
-            /* Good, someone didn't beat us to it */
-            dynamic_ex_data_idx = new_idx;
-            new_idx = -1;
-        }
-        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-        /*
-         * In theory we could "give back" the index here if (new_idx>-1), but
-         * it's not possible and wouldn't gain us much if it were.
-         */
-    }
-    ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e, dynamic_ex_data_idx);
-    /* Check if the context needs to be created */
-    if ((ctx == NULL) && !dynamic_set_data_ctx(e, &ctx))
-        /* "set_data" will set errors if necessary */
-        return NULL;
-    return ctx;
-}
-
-static ENGINE *engine_dynamic(void)
-{
-    ENGINE *ret = ENGINE_new();
-    if (!ret)
-        return NULL;
-    if (!ENGINE_set_id(ret, engine_dynamic_id) ||
-        !ENGINE_set_name(ret, engine_dynamic_name) ||
-        !ENGINE_set_init_function(ret, dynamic_init) ||
-        !ENGINE_set_finish_function(ret, dynamic_finish) ||
-        !ENGINE_set_ctrl_function(ret, dynamic_ctrl) ||
-        !ENGINE_set_flags(ret, ENGINE_FLAGS_BY_ID_COPY) ||
-        !ENGINE_set_cmd_defns(ret, dynamic_cmd_defns)) {
-        ENGINE_free(ret);
-        return NULL;
-    }
-    return ret;
-}
-
-void ENGINE_load_dynamic(void)
-{
-    ENGINE *toadd = engine_dynamic();
-    if (!toadd)
-        return;
-    ENGINE_add(toadd);
-    /*
-     * If the "add" worked, it gets a structural reference. So either way, we
-     * release our just-created reference.
-     */
-    ENGINE_free(toadd);
-    /*
-     * If the "add" didn't work, it was probably a conflict because it was
-     * already added (eg. someone calling ENGINE_load_blah then calling
-     * ENGINE_load_builtin_engines() perhaps).
-     */
-    ERR_clear_error();
-}
-
-static int dynamic_init(ENGINE *e)
-{
-    /*
-     * We always return failure - the "dyanamic" engine itself can't be used
-     * for anything.
-     */
-    return 0;
-}
-
-static int dynamic_finish(ENGINE *e)
-{
-    /*
-     * This should never be called on account of "dynamic_init" always
-     * failing.
-     */
-    return 0;
-}
-
-static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
-{
-    dynamic_data_ctx *ctx = dynamic_get_data_ctx(e);
-    int initialised;
-
-    if (!ctx) {
-        ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_NOT_LOADED);
-        return 0;
-    }
-    initialised = ((ctx->dynamic_dso == NULL) ? 0 : 1);
-    /* All our control commands require the ENGINE to be uninitialised */
-    if (initialised) {
-        ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_ALREADY_LOADED);
-        return 0;
-    }
-    switch (cmd) {
-    case DYNAMIC_CMD_SO_PATH:
-        /* a NULL 'p' or a string of zero-length is the same thing */
-        if (p && (strlen((const char *)p) < 1))
-            p = NULL;
-        if (ctx->DYNAMIC_LIBNAME)
-            OPENSSL_free((void *)ctx->DYNAMIC_LIBNAME);
-        if (p)
-            ctx->DYNAMIC_LIBNAME = BUF_strdup(p);
-        else
-            ctx->DYNAMIC_LIBNAME = NULL;
-        return (ctx->DYNAMIC_LIBNAME ? 1 : 0);
-    case DYNAMIC_CMD_NO_VCHECK:
-        ctx->no_vcheck = ((i == 0) ? 0 : 1);
-        return 1;
-    case DYNAMIC_CMD_ID:
-        /* a NULL 'p' or a string of zero-length is the same thing */
-        if (p && (strlen((const char *)p) < 1))
-            p = NULL;
-        if (ctx->engine_id)
-            OPENSSL_free((void *)ctx->engine_id);
-        if (p)
-            ctx->engine_id = BUF_strdup(p);
-        else
-            ctx->engine_id = NULL;
-        return (ctx->engine_id ? 1 : 0);
-    case DYNAMIC_CMD_LIST_ADD:
-        if ((i < 0) || (i > 2)) {
-            ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_INVALID_ARGUMENT);
-            return 0;
-        }
-        ctx->list_add_value = (int)i;
-        return 1;
-    case DYNAMIC_CMD_LOAD:
-        return dynamic_load(e, ctx);
-    case DYNAMIC_CMD_DIR_LOAD:
-        if ((i < 0) || (i > 2)) {
-            ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_INVALID_ARGUMENT);
-            return 0;
-        }
-        ctx->dir_load = (int)i;
-        return 1;
-    case DYNAMIC_CMD_DIR_ADD:
-        /* a NULL 'p' or a string of zero-length is the same thing */
-        if (!p || (strlen((const char *)p) < 1)) {
-            ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_INVALID_ARGUMENT);
-            return 0;
-        }
-        {
-            char *tmp_str = BUF_strdup(p);
-            if (!tmp_str) {
-                ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ERR_R_MALLOC_FAILURE);
-                return 0;
-            }
-            sk_OPENSSL_STRING_insert(ctx->dirs, tmp_str, -1);
-        }
-        return 1;
-    default:
-        break;
-    }
-    ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
-    return 0;
-}
-
-static int int_load(dynamic_data_ctx *ctx)
-{
-    int num, loop;
-    /* Unless told not to, try a direct load */
-    if ((ctx->dir_load != 2) && (DSO_load(ctx->dynamic_dso,
-                                          ctx->DYNAMIC_LIBNAME, NULL,
-                                          0)) != NULL)
-        return 1;
-    /* If we're not allowed to use 'dirs' or we have none, fail */
-    if (!ctx->dir_load || (num = sk_OPENSSL_STRING_num(ctx->dirs)) < 1)
-        return 0;
-    for (loop = 0; loop < num; loop++) {
-        const char *s = sk_OPENSSL_STRING_value(ctx->dirs, loop);
-        char *merge = DSO_merge(ctx->dynamic_dso, ctx->DYNAMIC_LIBNAME, s);
-        if (!merge)
-            return 0;
-        if (DSO_load(ctx->dynamic_dso, merge, NULL, 0)) {
-            /* Found what we're looking for */
-            OPENSSL_free(merge);
-            return 1;
-        }
-        OPENSSL_free(merge);
-    }
-    return 0;
-}
-
-static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx)
-{
-    ENGINE cpy;
-    dynamic_fns fns;
-
-    if (!ctx->dynamic_dso)
-        ctx->dynamic_dso = DSO_new();
-    if (!ctx->DYNAMIC_LIBNAME) {
-        if (!ctx->engine_id)
-            return 0;
-        ctx->DYNAMIC_LIBNAME =
-            DSO_convert_filename(ctx->dynamic_dso, ctx->engine_id);
-    }
-    if (!int_load(ctx)) {
-        ENGINEerr(ENGINE_F_DYNAMIC_LOAD, ENGINE_R_DSO_NOT_FOUND);
-        DSO_free(ctx->dynamic_dso);
-        ctx->dynamic_dso = NULL;
-        return 0;
-    }
-    /* We have to find a bind function otherwise it'll always end badly */
-    if (!
-        (ctx->bind_engine =
-         (dynamic_bind_engine) DSO_bind_func(ctx->dynamic_dso,
-                                             ctx->DYNAMIC_F2))) {
-        ctx->bind_engine = NULL;
-        DSO_free(ctx->dynamic_dso);
-        ctx->dynamic_dso = NULL;
-        ENGINEerr(ENGINE_F_DYNAMIC_LOAD, ENGINE_R_DSO_FAILURE);
-        return 0;
-    }
-    /* Do we perform version checking? */
-    if (!ctx->no_vcheck) {
-        unsigned long vcheck_res = 0;
-        /*
-         * Now we try to find a version checking function and decide how to
-         * cope with failure if/when it fails.
-         */
-        ctx->v_check =
-            (dynamic_v_check_fn) DSO_bind_func(ctx->dynamic_dso,
-                                               ctx->DYNAMIC_F1);
-        if (ctx->v_check)
-            vcheck_res = ctx->v_check(OSSL_DYNAMIC_VERSION);
-        /*
-         * We fail if the version checker veto'd the load *or* if it is
-         * deferring to us (by returning its version) and we think it is too
-         * old.
-         */
-        if (vcheck_res < OSSL_DYNAMIC_OLDEST) {
-            /* Fail */
-            ctx->bind_engine = NULL;
-            ctx->v_check = NULL;
-            DSO_free(ctx->dynamic_dso);
-            ctx->dynamic_dso = NULL;
-            ENGINEerr(ENGINE_F_DYNAMIC_LOAD,
-                      ENGINE_R_VERSION_INCOMPATIBILITY);
-            return 0;
-        }
-    }
-    /*
-     * First binary copy the ENGINE structure so that we can roll back if the
-     * hand-over fails
-     */
-    memcpy(&cpy, e, sizeof(ENGINE));
-    /*
-     * Provide the ERR, "ex_data", memory, and locking callbacks so the
-     * loaded library uses our state rather than its own. FIXME: As noted in
-     * engine.h, much of this would be simplified if each area of code
-     * provided its own "summary" structure of all related callbacks. It
-     * would also increase opaqueness.
-     */
-    fns.static_state = ENGINE_get_static_state();
-    fns.err_fns = ERR_get_implementation();
-    fns.ex_data_fns = CRYPTO_get_ex_data_implementation();
-    CRYPTO_get_mem_functions(&fns.mem_fns.malloc_cb,
-                             &fns.mem_fns.realloc_cb, &fns.mem_fns.free_cb);
-    fns.lock_fns.lock_locking_cb = CRYPTO_get_locking_callback();
-    fns.lock_fns.lock_add_lock_cb = CRYPTO_get_add_lock_callback();
-    fns.lock_fns.dynlock_create_cb = CRYPTO_get_dynlock_create_callback();
-    fns.lock_fns.dynlock_lock_cb = CRYPTO_get_dynlock_lock_callback();
-    fns.lock_fns.dynlock_destroy_cb = CRYPTO_get_dynlock_destroy_callback();
-    /*
-     * Now that we've loaded the dynamic engine, make sure no "dynamic"
-     * ENGINE elements will show through.
-     */
-    engine_set_all_null(e);
-
-    /* Try to bind the ENGINE onto our own ENGINE structure */
-    if (!ctx->bind_engine(e, ctx->engine_id, &fns)) {
-        ctx->bind_engine = NULL;
-        ctx->v_check = NULL;
-        DSO_free(ctx->dynamic_dso);
-        ctx->dynamic_dso = NULL;
-        ENGINEerr(ENGINE_F_DYNAMIC_LOAD, ENGINE_R_INIT_FAILED);
-        /* Copy the original ENGINE structure back */
-        memcpy(e, &cpy, sizeof(ENGINE));
-        return 0;
-    }
-    /* Do we try to add this ENGINE to the internal list too? */
-    if (ctx->list_add_value > 0) {
-        if (!ENGINE_add(e)) {
-            /* Do we tolerate this or fail? */
-            if (ctx->list_add_value > 1) {
-                /*
-                 * Fail - NB: By this time, it's too late to rollback, and
-                 * trying to do so allows the bind_engine() code to have
-                 * created leaks. We just have to fail where we are, after
-                 * the ENGINE has changed.
-                 */
-                ENGINEerr(ENGINE_F_DYNAMIC_LOAD,
-                          ENGINE_R_CONFLICTING_ENGINE_ID);
-                return 0;
-            }
-            /* Tolerate */
-            ERR_clear_error();
-        }
-    }
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/engine/eng_err.c b/thirdparty/openssl/crypto/engine/eng_err.c
deleted file mode 100644
index bcc234852d..0000000000
--- a/thirdparty/openssl/crypto/engine/eng_err.c
+++ /dev/null
@@ -1,181 +0,0 @@
-/* crypto/engine/eng_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2010 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/engine.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_ENGINE,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_ENGINE,0,reason)
-
-static ERR_STRING_DATA ENGINE_str_functs[] = {
-    {ERR_FUNC(ENGINE_F_DYNAMIC_CTRL), "DYNAMIC_CTRL"},
-    {ERR_FUNC(ENGINE_F_DYNAMIC_GET_DATA_CTX), "DYNAMIC_GET_DATA_CTX"},
-    {ERR_FUNC(ENGINE_F_DYNAMIC_LOAD), "DYNAMIC_LOAD"},
-    {ERR_FUNC(ENGINE_F_DYNAMIC_SET_DATA_CTX), "DYNAMIC_SET_DATA_CTX"},
-    {ERR_FUNC(ENGINE_F_ENGINE_ADD), "ENGINE_add"},
-    {ERR_FUNC(ENGINE_F_ENGINE_BY_ID), "ENGINE_by_id"},
-    {ERR_FUNC(ENGINE_F_ENGINE_CMD_IS_EXECUTABLE), "ENGINE_cmd_is_executable"},
-    {ERR_FUNC(ENGINE_F_ENGINE_CTRL), "ENGINE_ctrl"},
-    {ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD), "ENGINE_ctrl_cmd"},
-    {ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD_STRING), "ENGINE_ctrl_cmd_string"},
-    {ERR_FUNC(ENGINE_F_ENGINE_FINISH), "ENGINE_finish"},
-    {ERR_FUNC(ENGINE_F_ENGINE_FREE_UTIL), "ENGINE_FREE_UTIL"},
-    {ERR_FUNC(ENGINE_F_ENGINE_GET_CIPHER), "ENGINE_get_cipher"},
-    {ERR_FUNC(ENGINE_F_ENGINE_GET_DEFAULT_TYPE), "ENGINE_GET_DEFAULT_TYPE"},
-    {ERR_FUNC(ENGINE_F_ENGINE_GET_DIGEST), "ENGINE_get_digest"},
-    {ERR_FUNC(ENGINE_F_ENGINE_GET_NEXT), "ENGINE_get_next"},
-    {ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_ASN1_METH),
-     "ENGINE_get_pkey_asn1_meth"},
-    {ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_METH), "ENGINE_get_pkey_meth"},
-    {ERR_FUNC(ENGINE_F_ENGINE_GET_PREV), "ENGINE_get_prev"},
-    {ERR_FUNC(ENGINE_F_ENGINE_INIT), "ENGINE_init"},
-    {ERR_FUNC(ENGINE_F_ENGINE_LIST_ADD), "ENGINE_LIST_ADD"},
-    {ERR_FUNC(ENGINE_F_ENGINE_LIST_REMOVE), "ENGINE_LIST_REMOVE"},
-    {ERR_FUNC(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY), "ENGINE_load_private_key"},
-    {ERR_FUNC(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY), "ENGINE_load_public_key"},
-    {ERR_FUNC(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT),
-     "ENGINE_load_ssl_client_cert"},
-    {ERR_FUNC(ENGINE_F_ENGINE_NEW), "ENGINE_new"},
-    {ERR_FUNC(ENGINE_F_ENGINE_REMOVE), "ENGINE_remove"},
-    {ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_STRING),
-     "ENGINE_set_default_string"},
-    {ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_TYPE), "ENGINE_SET_DEFAULT_TYPE"},
-    {ERR_FUNC(ENGINE_F_ENGINE_SET_ID), "ENGINE_set_id"},
-    {ERR_FUNC(ENGINE_F_ENGINE_SET_NAME), "ENGINE_set_name"},
-    {ERR_FUNC(ENGINE_F_ENGINE_TABLE_REGISTER), "ENGINE_TABLE_REGISTER"},
-    {ERR_FUNC(ENGINE_F_ENGINE_UNLOAD_KEY), "ENGINE_UNLOAD_KEY"},
-    {ERR_FUNC(ENGINE_F_ENGINE_UNLOCKED_FINISH), "ENGINE_UNLOCKED_FINISH"},
-    {ERR_FUNC(ENGINE_F_ENGINE_UP_REF), "ENGINE_up_ref"},
-    {ERR_FUNC(ENGINE_F_INT_CTRL_HELPER), "INT_CTRL_HELPER"},
-    {ERR_FUNC(ENGINE_F_INT_ENGINE_CONFIGURE), "INT_ENGINE_CONFIGURE"},
-    {ERR_FUNC(ENGINE_F_INT_ENGINE_MODULE_INIT), "INT_ENGINE_MODULE_INIT"},
-    {ERR_FUNC(ENGINE_F_LOG_MESSAGE), "LOG_MESSAGE"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA ENGINE_str_reasons[] = {
-    {ERR_REASON(ENGINE_R_ALREADY_LOADED), "already loaded"},
-    {ERR_REASON(ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER),
-     "argument is not a number"},
-    {ERR_REASON(ENGINE_R_CMD_NOT_EXECUTABLE), "cmd not executable"},
-    {ERR_REASON(ENGINE_R_COMMAND_TAKES_INPUT), "command takes input"},
-    {ERR_REASON(ENGINE_R_COMMAND_TAKES_NO_INPUT), "command takes no input"},
-    {ERR_REASON(ENGINE_R_CONFLICTING_ENGINE_ID), "conflicting engine id"},
-    {ERR_REASON(ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED),
-     "ctrl command not implemented"},
-    {ERR_REASON(ENGINE_R_DH_NOT_IMPLEMENTED), "dh not implemented"},
-    {ERR_REASON(ENGINE_R_DSA_NOT_IMPLEMENTED), "dsa not implemented"},
-    {ERR_REASON(ENGINE_R_DSO_FAILURE), "DSO failure"},
-    {ERR_REASON(ENGINE_R_DSO_NOT_FOUND), "dso not found"},
-    {ERR_REASON(ENGINE_R_ENGINES_SECTION_ERROR), "engines section error"},
-    {ERR_REASON(ENGINE_R_ENGINE_CONFIGURATION_ERROR),
-     "engine configuration error"},
-    {ERR_REASON(ENGINE_R_ENGINE_IS_NOT_IN_LIST), "engine is not in the list"},
-    {ERR_REASON(ENGINE_R_ENGINE_SECTION_ERROR), "engine section error"},
-    {ERR_REASON(ENGINE_R_FAILED_LOADING_PRIVATE_KEY),
-     "failed loading private key"},
-    {ERR_REASON(ENGINE_R_FAILED_LOADING_PUBLIC_KEY),
-     "failed loading public key"},
-    {ERR_REASON(ENGINE_R_FINISH_FAILED), "finish failed"},
-    {ERR_REASON(ENGINE_R_GET_HANDLE_FAILED),
-     "could not obtain hardware handle"},
-    {ERR_REASON(ENGINE_R_ID_OR_NAME_MISSING), "'id' or 'name' missing"},
-    {ERR_REASON(ENGINE_R_INIT_FAILED), "init failed"},
-    {ERR_REASON(ENGINE_R_INTERNAL_LIST_ERROR), "internal list error"},
-    {ERR_REASON(ENGINE_R_INVALID_ARGUMENT), "invalid argument"},
-    {ERR_REASON(ENGINE_R_INVALID_CMD_NAME), "invalid cmd name"},
-    {ERR_REASON(ENGINE_R_INVALID_CMD_NUMBER), "invalid cmd number"},
-    {ERR_REASON(ENGINE_R_INVALID_INIT_VALUE), "invalid init value"},
-    {ERR_REASON(ENGINE_R_INVALID_STRING), "invalid string"},
-    {ERR_REASON(ENGINE_R_NOT_INITIALISED), "not initialised"},
-    {ERR_REASON(ENGINE_R_NOT_LOADED), "not loaded"},
-    {ERR_REASON(ENGINE_R_NO_CONTROL_FUNCTION), "no control function"},
-    {ERR_REASON(ENGINE_R_NO_INDEX), "no index"},
-    {ERR_REASON(ENGINE_R_NO_LOAD_FUNCTION), "no load function"},
-    {ERR_REASON(ENGINE_R_NO_REFERENCE), "no reference"},
-    {ERR_REASON(ENGINE_R_NO_SUCH_ENGINE), "no such engine"},
-    {ERR_REASON(ENGINE_R_NO_UNLOAD_FUNCTION), "no unload function"},
-    {ERR_REASON(ENGINE_R_PROVIDE_PARAMETERS), "provide parameters"},
-    {ERR_REASON(ENGINE_R_RSA_NOT_IMPLEMENTED), "rsa not implemented"},
-    {ERR_REASON(ENGINE_R_UNIMPLEMENTED_CIPHER), "unimplemented cipher"},
-    {ERR_REASON(ENGINE_R_UNIMPLEMENTED_DIGEST), "unimplemented digest"},
-    {ERR_REASON(ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD),
-     "unimplemented public key method"},
-    {ERR_REASON(ENGINE_R_VERSION_INCOMPATIBILITY), "version incompatibility"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_ENGINE_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(ENGINE_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, ENGINE_str_functs);
-        ERR_load_strings(0, ENGINE_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/engine/eng_fat.c b/thirdparty/openssl/crypto/engine/eng_fat.c
deleted file mode 100644
index 4279dd94b1..0000000000
--- a/thirdparty/openssl/crypto/engine/eng_fat.c
+++ /dev/null
@@ -1,181 +0,0 @@
-/* crypto/engine/eng_fat.c */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#include "eng_int.h"
-#include <openssl/conf.h>
-
-int ENGINE_set_default(ENGINE *e, unsigned int flags)
-{
-    if ((flags & ENGINE_METHOD_CIPHERS) && !ENGINE_set_default_ciphers(e))
-        return 0;
-    if ((flags & ENGINE_METHOD_DIGESTS) && !ENGINE_set_default_digests(e))
-        return 0;
-#ifndef OPENSSL_NO_RSA
-    if ((flags & ENGINE_METHOD_RSA) && !ENGINE_set_default_RSA(e))
-        return 0;
-#endif
-#ifndef OPENSSL_NO_DSA
-    if ((flags & ENGINE_METHOD_DSA) && !ENGINE_set_default_DSA(e))
-        return 0;
-#endif
-#ifndef OPENSSL_NO_DH
-    if ((flags & ENGINE_METHOD_DH) && !ENGINE_set_default_DH(e))
-        return 0;
-#endif
-#ifndef OPENSSL_NO_ECDH
-    if ((flags & ENGINE_METHOD_ECDH) && !ENGINE_set_default_ECDH(e))
-        return 0;
-#endif
-#ifndef OPENSSL_NO_ECDSA
-    if ((flags & ENGINE_METHOD_ECDSA) && !ENGINE_set_default_ECDSA(e))
-        return 0;
-#endif
-    if ((flags & ENGINE_METHOD_RAND) && !ENGINE_set_default_RAND(e))
-        return 0;
-    if ((flags & ENGINE_METHOD_PKEY_METHS)
-        && !ENGINE_set_default_pkey_meths(e))
-        return 0;
-    if ((flags & ENGINE_METHOD_PKEY_ASN1_METHS)
-        && !ENGINE_set_default_pkey_asn1_meths(e))
-        return 0;
-    return 1;
-}
-
-/* Set default algorithms using a string */
-
-static int int_def_cb(const char *alg, int len, void *arg)
-{
-    unsigned int *pflags = arg;
-    if (alg == NULL)
-        return 0;
-    if (!strncmp(alg, "ALL", len))
-        *pflags |= ENGINE_METHOD_ALL;
-    else if (!strncmp(alg, "RSA", len))
-        *pflags |= ENGINE_METHOD_RSA;
-    else if (!strncmp(alg, "DSA", len))
-        *pflags |= ENGINE_METHOD_DSA;
-    else if (!strncmp(alg, "ECDH", len))
-        *pflags |= ENGINE_METHOD_ECDH;
-    else if (!strncmp(alg, "ECDSA", len))
-        *pflags |= ENGINE_METHOD_ECDSA;
-    else if (!strncmp(alg, "DH", len))
-        *pflags |= ENGINE_METHOD_DH;
-    else if (!strncmp(alg, "RAND", len))
-        *pflags |= ENGINE_METHOD_RAND;
-    else if (!strncmp(alg, "CIPHERS", len))
-        *pflags |= ENGINE_METHOD_CIPHERS;
-    else if (!strncmp(alg, "DIGESTS", len))
-        *pflags |= ENGINE_METHOD_DIGESTS;
-    else if (!strncmp(alg, "PKEY", len))
-        *pflags |= ENGINE_METHOD_PKEY_METHS | ENGINE_METHOD_PKEY_ASN1_METHS;
-    else if (!strncmp(alg, "PKEY_CRYPTO", len))
-        *pflags |= ENGINE_METHOD_PKEY_METHS;
-    else if (!strncmp(alg, "PKEY_ASN1", len))
-        *pflags |= ENGINE_METHOD_PKEY_ASN1_METHS;
-    else
-        return 0;
-    return 1;
-}
-
-int ENGINE_set_default_string(ENGINE *e, const char *def_list)
-{
-    unsigned int flags = 0;
-    if (!CONF_parse_list(def_list, ',', 1, int_def_cb, &flags)) {
-        ENGINEerr(ENGINE_F_ENGINE_SET_DEFAULT_STRING,
-                  ENGINE_R_INVALID_STRING);
-        ERR_add_error_data(2, "str=", def_list);
-        return 0;
-    }
-    return ENGINE_set_default(e, flags);
-}
-
-int ENGINE_register_complete(ENGINE *e)
-{
-    ENGINE_register_ciphers(e);
-    ENGINE_register_digests(e);
-#ifndef OPENSSL_NO_RSA
-    ENGINE_register_RSA(e);
-#endif
-#ifndef OPENSSL_NO_DSA
-    ENGINE_register_DSA(e);
-#endif
-#ifndef OPENSSL_NO_DH
-    ENGINE_register_DH(e);
-#endif
-#ifndef OPENSSL_NO_ECDH
-    ENGINE_register_ECDH(e);
-#endif
-#ifndef OPENSSL_NO_ECDSA
-    ENGINE_register_ECDSA(e);
-#endif
-    ENGINE_register_RAND(e);
-    ENGINE_register_pkey_meths(e);
-    return 1;
-}
-
-int ENGINE_register_all_complete(void)
-{
-    ENGINE *e;
-
-    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-        if (!(e->flags & ENGINE_FLAGS_NO_REGISTER_ALL))
-            ENGINE_register_complete(e);
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/engine/eng_init.c b/thirdparty/openssl/crypto/engine/eng_init.c
deleted file mode 100644
index 4ea7fe633c..0000000000
--- a/thirdparty/openssl/crypto/engine/eng_init.c
+++ /dev/null
@@ -1,157 +0,0 @@
-/* crypto/engine/eng_init.c */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/*
- * Initialise a engine type for use (or up its functional reference count if
- * it's already in use). This version is only used internally.
- */
-int engine_unlocked_init(ENGINE *e)
-{
-    int to_return = 1;
-
-    if ((e->funct_ref == 0) && e->init)
-        /*
-         * This is the first functional reference and the engine requires
-         * initialisation so we do it now.
-         */
-        to_return = e->init(e);
-    if (to_return) {
-        /*
-         * OK, we return a functional reference which is also a structural
-         * reference.
-         */
-        e->struct_ref++;
-        e->funct_ref++;
-        engine_ref_debug(e, 0, 1)
-            engine_ref_debug(e, 1, 1)
-    }
-    return to_return;
-}
-
-/*
- * Free a functional reference to a engine type. This version is only used
- * internally.
- */
-int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers)
-{
-    int to_return = 1;
-
-    /*
-     * Reduce the functional reference count here so if it's the terminating
-     * case, we can release the lock safely and call the finish() handler
-     * without risk of a race. We get a race if we leave the count until
-     * after and something else is calling "finish" at the same time -
-     * there's a chance that both threads will together take the count from 2
-     * to 0 without either calling finish().
-     */
-    e->funct_ref--;
-    engine_ref_debug(e, 1, -1);
-    if ((e->funct_ref == 0) && e->finish) {
-        if (unlock_for_handlers)
-            CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-        to_return = e->finish(e);
-        if (unlock_for_handlers)
-            CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-        if (!to_return)
-            return 0;
-    }
-#ifdef REF_CHECK
-    if (e->funct_ref < 0) {
-        fprintf(stderr, "ENGINE_finish, bad functional reference count\n");
-        abort();
-    }
-#endif
-    /* Release the structural reference too */
-    if (!engine_free_util(e, 0)) {
-        ENGINEerr(ENGINE_F_ENGINE_UNLOCKED_FINISH, ENGINE_R_FINISH_FAILED);
-        return 0;
-    }
-    return to_return;
-}
-
-/* The API (locked) version of "init" */
-int ENGINE_init(ENGINE *e)
-{
-    int ret;
-    if (e == NULL) {
-        ENGINEerr(ENGINE_F_ENGINE_INIT, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-    ret = engine_unlocked_init(e);
-    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-    return ret;
-}
-
-/* The API (locked) version of "finish" */
-int ENGINE_finish(ENGINE *e)
-{
-    int to_return = 1;
-
-    if (e == NULL) {
-        ENGINEerr(ENGINE_F_ENGINE_FINISH, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-    to_return = engine_unlocked_finish(e, 1);
-    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-    if (!to_return) {
-        ENGINEerr(ENGINE_F_ENGINE_FINISH, ENGINE_R_FINISH_FAILED);
-        return 0;
-    }
-    return to_return;
-}
diff --git a/thirdparty/openssl/crypto/engine/eng_int.h b/thirdparty/openssl/crypto/engine/eng_int.h
deleted file mode 100644
index 46f163b1f5..0000000000
--- a/thirdparty/openssl/crypto/engine/eng_int.h
+++ /dev/null
@@ -1,224 +0,0 @@
-/* crypto/engine/eng_int.h */
-/*
- * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#ifndef HEADER_ENGINE_INT_H
-# define HEADER_ENGINE_INT_H
-
-# include "cryptlib.h"
-/* Take public definitions from engine.h */
-# include <openssl/engine.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/*
- * If we compile with this symbol defined, then both reference counts in the
- * ENGINE structure will be monitored with a line of output on stderr for
- * each change. This prints the engine's pointer address (truncated to
- * unsigned int), "struct" or "funct" to indicate the reference type, the
- * before and after reference count, and the file:line-number pair. The
- * "engine_ref_debug" statements must come *after* the change.
- */
-# ifdef ENGINE_REF_COUNT_DEBUG
-
-#  define engine_ref_debug(e, isfunct, diff) \
-        fprintf(stderr, "engine: %08x %s from %d to %d (%s:%d)\n", \
-                (unsigned int)(e), (isfunct ? "funct" : "struct"), \
-                ((isfunct) ? ((e)->funct_ref - (diff)) : ((e)->struct_ref - (diff))), \
-                ((isfunct) ? (e)->funct_ref : (e)->struct_ref), \
-                (__FILE__), (__LINE__));
-
-# else
-
-#  define engine_ref_debug(e, isfunct, diff)
-
-# endif
-
-/*
- * Any code that will need cleanup operations should use these functions to
- * register callbacks. ENGINE_cleanup() will call all registered callbacks in
- * order. NB: both the "add" functions assume CRYPTO_LOCK_ENGINE to already be
- * held (in "write" mode).
- */
-typedef void (ENGINE_CLEANUP_CB) (void);
-typedef struct st_engine_cleanup_item {
-    ENGINE_CLEANUP_CB *cb;
-} ENGINE_CLEANUP_ITEM;
-DECLARE_STACK_OF(ENGINE_CLEANUP_ITEM)
-void engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb);
-void engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb);
-
-/* We need stacks of ENGINEs for use in eng_table.c */
-DECLARE_STACK_OF(ENGINE)
-
-/*
- * If this symbol is defined then engine_table_select(), the function that is
- * used by RSA, DSA (etc) code to select registered ENGINEs, cache defaults
- * and functional references (etc), will display debugging summaries to
- * stderr.
- */
-/* #define ENGINE_TABLE_DEBUG */
-
-/*
- * This represents an implementation table. Dependent code should instantiate
- * it as a (ENGINE_TABLE *) pointer value set initially to NULL.
- */
-typedef struct st_engine_table ENGINE_TABLE;
-int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
-                          ENGINE *e, const int *nids, int num_nids,
-                          int setdefault);
-void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e);
-void engine_table_cleanup(ENGINE_TABLE **table);
-# ifndef ENGINE_TABLE_DEBUG
-ENGINE *engine_table_select(ENGINE_TABLE **table, int nid);
-# else
-ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f,
-                                int l);
-#  define engine_table_select(t,n) engine_table_select_tmp(t,n,__FILE__,__LINE__)
-# endif
-typedef void (engine_table_doall_cb) (int nid, STACK_OF(ENGINE) *sk,
-                                      ENGINE *def, void *arg);
-void engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb,
-                        void *arg);
-
-/*
- * Internal versions of API functions that have control over locking. These
- * are used between C files when functionality needs to be shared but the
- * caller may already be controlling of the CRYPTO_LOCK_ENGINE lock.
- */
-int engine_unlocked_init(ENGINE *e);
-int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers);
-int engine_free_util(ENGINE *e, int locked);
-
-/*
- * This function will reset all "set"able values in an ENGINE to NULL. This
- * won't touch reference counts or ex_data, but is equivalent to calling all
- * the ENGINE_set_***() functions with a NULL value.
- */
-void engine_set_all_null(ENGINE *e);
-
-/*
- * NB: Bitwise OR-able values for the "flags" variable in ENGINE are now
- * exposed in engine.h.
- */
-
-/* Free up dynamically allocated public key methods associated with ENGINE */
-
-void engine_pkey_meths_free(ENGINE *e);
-void engine_pkey_asn1_meths_free(ENGINE *e);
-
-/*
- * This is a structure for storing implementations of various crypto
- * algorithms and functions.
- */
-struct engine_st {
-    const char *id;
-    const char *name;
-    const RSA_METHOD *rsa_meth;
-    const DSA_METHOD *dsa_meth;
-    const DH_METHOD *dh_meth;
-    const ECDH_METHOD *ecdh_meth;
-    const ECDSA_METHOD *ecdsa_meth;
-    const RAND_METHOD *rand_meth;
-    const STORE_METHOD *store_meth;
-    /* Cipher handling is via this callback */
-    ENGINE_CIPHERS_PTR ciphers;
-    /* Digest handling is via this callback */
-    ENGINE_DIGESTS_PTR digests;
-    /* Public key handling via this callback */
-    ENGINE_PKEY_METHS_PTR pkey_meths;
-    /* ASN1 public key handling via this callback */
-    ENGINE_PKEY_ASN1_METHS_PTR pkey_asn1_meths;
-    ENGINE_GEN_INT_FUNC_PTR destroy;
-    ENGINE_GEN_INT_FUNC_PTR init;
-    ENGINE_GEN_INT_FUNC_PTR finish;
-    ENGINE_CTRL_FUNC_PTR ctrl;
-    ENGINE_LOAD_KEY_PTR load_privkey;
-    ENGINE_LOAD_KEY_PTR load_pubkey;
-    ENGINE_SSL_CLIENT_CERT_PTR load_ssl_client_cert;
-    const ENGINE_CMD_DEFN *cmd_defns;
-    int flags;
-    /* reference count on the structure itself */
-    int struct_ref;
-    /*
-     * reference count on usability of the engine type. NB: This controls the
-     * loading and initialisation of any functionlity required by this
-     * engine, whereas the previous count is simply to cope with
-     * (de)allocation of this structure. Hence, running_ref <= struct_ref at
-     * all times.
-     */
-    int funct_ref;
-    /* A place to store per-ENGINE data */
-    CRYPTO_EX_DATA ex_data;
-    /* Used to maintain the linked-list of engines. */
-    struct engine_st *prev;
-    struct engine_st *next;
-};
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif                          /* HEADER_ENGINE_INT_H */
diff --git a/thirdparty/openssl/crypto/engine/eng_lib.c b/thirdparty/openssl/crypto/engine/eng_lib.c
deleted file mode 100644
index dc2abd28ec..0000000000
--- a/thirdparty/openssl/crypto/engine/eng_lib.c
+++ /dev/null
@@ -1,347 +0,0 @@
-/* crypto/engine/eng_lib.c */
-/*
- * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-#include <openssl/rand.h>
-
-/* The "new"/"free" stuff first */
-
-ENGINE *ENGINE_new(void)
-{
-    ENGINE *ret;
-
-    ret = (ENGINE *)OPENSSL_malloc(sizeof(ENGINE));
-    if (ret == NULL) {
-        ENGINEerr(ENGINE_F_ENGINE_NEW, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    memset(ret, 0, sizeof(ENGINE));
-    ret->struct_ref = 1;
-    engine_ref_debug(ret, 0, 1)
-        CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ENGINE, ret, &ret->ex_data);
-    return ret;
-}
-
-/*
- * Placed here (close proximity to ENGINE_new) so that modifications to the
- * elements of the ENGINE structure are more likely to be caught and changed
- * here.
- */
-void engine_set_all_null(ENGINE *e)
-{
-    e->id = NULL;
-    e->name = NULL;
-    e->rsa_meth = NULL;
-    e->dsa_meth = NULL;
-    e->dh_meth = NULL;
-    e->rand_meth = NULL;
-    e->store_meth = NULL;
-    e->ciphers = NULL;
-    e->digests = NULL;
-    e->destroy = NULL;
-    e->init = NULL;
-    e->finish = NULL;
-    e->ctrl = NULL;
-    e->load_privkey = NULL;
-    e->load_pubkey = NULL;
-    e->cmd_defns = NULL;
-    e->flags = 0;
-}
-
-int engine_free_util(ENGINE *e, int locked)
-{
-    int i;
-
-    if (e == NULL) {
-        ENGINEerr(ENGINE_F_ENGINE_FREE_UTIL, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    if (locked)
-        i = CRYPTO_add(&e->struct_ref, -1, CRYPTO_LOCK_ENGINE);
-    else
-        i = --e->struct_ref;
-    engine_ref_debug(e, 0, -1)
-        if (i > 0)
-        return 1;
-#ifdef REF_CHECK
-    if (i < 0) {
-        fprintf(stderr, "ENGINE_free, bad structural reference count\n");
-        abort();
-    }
-#endif
-    /* Free up any dynamically allocated public key methods */
-    engine_pkey_meths_free(e);
-    engine_pkey_asn1_meths_free(e);
-    /*
-     * Give the ENGINE a chance to do any structural cleanup corresponding to
-     * allocation it did in its constructor (eg. unload error strings)
-     */
-    if (e->destroy)
-        e->destroy(e);
-    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ENGINE, e, &e->ex_data);
-    OPENSSL_free(e);
-    return 1;
-}
-
-int ENGINE_free(ENGINE *e)
-{
-    return engine_free_util(e, 1);
-}
-
-/* Cleanup stuff */
-
-/*
- * ENGINE_cleanup() is coded such that anything that does work that will need
- * cleanup can register a "cleanup" callback here. That way we don't get
- * linker bloat by referring to all *possible* cleanups, but any linker bloat
- * into code "X" will cause X's cleanup function to end up here.
- */
-static STACK_OF(ENGINE_CLEANUP_ITEM) *cleanup_stack = NULL;
-static int int_cleanup_check(int create)
-{
-    if (cleanup_stack)
-        return 1;
-    if (!create)
-        return 0;
-    cleanup_stack = sk_ENGINE_CLEANUP_ITEM_new_null();
-    return (cleanup_stack ? 1 : 0);
-}
-
-static ENGINE_CLEANUP_ITEM *int_cleanup_item(ENGINE_CLEANUP_CB *cb)
-{
-    ENGINE_CLEANUP_ITEM *item = OPENSSL_malloc(sizeof(ENGINE_CLEANUP_ITEM));
-    if (!item)
-        return NULL;
-    item->cb = cb;
-    return item;
-}
-
-void engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb)
-{
-    ENGINE_CLEANUP_ITEM *item;
-    if (!int_cleanup_check(1))
-        return;
-    item = int_cleanup_item(cb);
-    if (item)
-        sk_ENGINE_CLEANUP_ITEM_insert(cleanup_stack, item, 0);
-}
-
-void engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb)
-{
-    ENGINE_CLEANUP_ITEM *item;
-    if (!int_cleanup_check(1))
-        return;
-    item = int_cleanup_item(cb);
-    if (item)
-        sk_ENGINE_CLEANUP_ITEM_push(cleanup_stack, item);
-}
-
-/* The API function that performs all cleanup */
-static void engine_cleanup_cb_free(ENGINE_CLEANUP_ITEM *item)
-{
-    (*(item->cb)) ();
-    OPENSSL_free(item);
-}
-
-void ENGINE_cleanup(void)
-{
-    if (int_cleanup_check(0)) {
-        sk_ENGINE_CLEANUP_ITEM_pop_free(cleanup_stack,
-                                        engine_cleanup_cb_free);
-        cleanup_stack = NULL;
-    }
-    /*
-     * FIXME: This should be handled (somehow) through RAND, eg. by it
-     * registering a cleanup callback.
-     */
-    RAND_set_rand_method(NULL);
-}
-
-/* Now the "ex_data" support */
-
-int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-                            CRYPTO_EX_dup *dup_func,
-                            CRYPTO_EX_free *free_func)
-{
-    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, argl, argp,
-                                   new_func, dup_func, free_func);
-}
-
-int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg)
-{
-    return (CRYPTO_set_ex_data(&e->ex_data, idx, arg));
-}
-
-void *ENGINE_get_ex_data(const ENGINE *e, int idx)
-{
-    return (CRYPTO_get_ex_data(&e->ex_data, idx));
-}
-
-/*
- * Functions to get/set an ENGINE's elements - mainly to avoid exposing the
- * ENGINE structure itself.
- */
-
-int ENGINE_set_id(ENGINE *e, const char *id)
-{
-    if (id == NULL) {
-        ENGINEerr(ENGINE_F_ENGINE_SET_ID, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    e->id = id;
-    return 1;
-}
-
-int ENGINE_set_name(ENGINE *e, const char *name)
-{
-    if (name == NULL) {
-        ENGINEerr(ENGINE_F_ENGINE_SET_NAME, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    e->name = name;
-    return 1;
-}
-
-int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f)
-{
-    e->destroy = destroy_f;
-    return 1;
-}
-
-int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f)
-{
-    e->init = init_f;
-    return 1;
-}
-
-int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f)
-{
-    e->finish = finish_f;
-    return 1;
-}
-
-int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f)
-{
-    e->ctrl = ctrl_f;
-    return 1;
-}
-
-int ENGINE_set_flags(ENGINE *e, int flags)
-{
-    e->flags = flags;
-    return 1;
-}
-
-int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns)
-{
-    e->cmd_defns = defns;
-    return 1;
-}
-
-const char *ENGINE_get_id(const ENGINE *e)
-{
-    return e->id;
-}
-
-const char *ENGINE_get_name(const ENGINE *e)
-{
-    return e->name;
-}
-
-ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e)
-{
-    return e->destroy;
-}
-
-ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e)
-{
-    return e->init;
-}
-
-ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e)
-{
-    return e->finish;
-}
-
-ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e)
-{
-    return e->ctrl;
-}
-
-int ENGINE_get_flags(const ENGINE *e)
-{
-    return e->flags;
-}
-
-const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e)
-{
-    return e->cmd_defns;
-}
-
-/*
- * eng_lib.o is pretty much linked into anything that touches ENGINE already,
- * so put the "static_state" hack here.
- */
-
-static int internal_static_hack = 0;
-
-void *ENGINE_get_static_state(void)
-{
-    return &internal_static_hack;
-}
diff --git a/thirdparty/openssl/crypto/engine/eng_list.c b/thirdparty/openssl/crypto/engine/eng_list.c
deleted file mode 100644
index 83c95d56f4..0000000000
--- a/thirdparty/openssl/crypto/engine/eng_list.c
+++ /dev/null
@@ -1,405 +0,0 @@
-/* crypto/engine/eng_list.c */
-/*
- * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#include "eng_int.h"
-
-/*
- * The linked-list of pointers to engine types. engine_list_head incorporates
- * an implicit structural reference but engine_list_tail does not - the
- * latter is a computational niceity and only points to something that is
- * already pointed to by its predecessor in the list (or engine_list_head
- * itself). In the same way, the use of the "prev" pointer in each ENGINE is
- * to save excessive list iteration, it doesn't correspond to an extra
- * structural reference. Hence, engine_list_head, and each non-null "next"
- * pointer account for the list itself assuming exactly 1 structural
- * reference on each list member.
- */
-static ENGINE *engine_list_head = NULL;
-static ENGINE *engine_list_tail = NULL;
-
-/*
- * This cleanup function is only needed internally. If it should be called,
- * we register it with the "ENGINE_cleanup()" stack to be called during
- * cleanup.
- */
-
-static void engine_list_cleanup(void)
-{
-    ENGINE *iterator = engine_list_head;
-
-    while (iterator != NULL) {
-        ENGINE_remove(iterator);
-        iterator = engine_list_head;
-    }
-    return;
-}
-
-/*
- * These static functions starting with a lower case "engine_" always take
- * place when CRYPTO_LOCK_ENGINE has been locked up.
- */
-static int engine_list_add(ENGINE *e)
-{
-    int conflict = 0;
-    ENGINE *iterator = NULL;
-
-    if (e == NULL) {
-        ENGINEerr(ENGINE_F_ENGINE_LIST_ADD, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    iterator = engine_list_head;
-    while (iterator && !conflict) {
-        conflict = (strcmp(iterator->id, e->id) == 0);
-        iterator = iterator->next;
-    }
-    if (conflict) {
-        ENGINEerr(ENGINE_F_ENGINE_LIST_ADD, ENGINE_R_CONFLICTING_ENGINE_ID);
-        return 0;
-    }
-    if (engine_list_head == NULL) {
-        /* We are adding to an empty list. */
-        if (engine_list_tail) {
-            ENGINEerr(ENGINE_F_ENGINE_LIST_ADD, ENGINE_R_INTERNAL_LIST_ERROR);
-            return 0;
-        }
-        engine_list_head = e;
-        e->prev = NULL;
-        /*
-         * The first time the list allocates, we should register the cleanup.
-         */
-        engine_cleanup_add_last(engine_list_cleanup);
-    } else {
-        /* We are adding to the tail of an existing list. */
-        if ((engine_list_tail == NULL) || (engine_list_tail->next != NULL)) {
-            ENGINEerr(ENGINE_F_ENGINE_LIST_ADD, ENGINE_R_INTERNAL_LIST_ERROR);
-            return 0;
-        }
-        engine_list_tail->next = e;
-        e->prev = engine_list_tail;
-    }
-    /*
-     * Having the engine in the list assumes a structural reference.
-     */
-    e->struct_ref++;
-    engine_ref_debug(e, 0, 1)
-        /* However it came to be, e is the last item in the list. */
-        engine_list_tail = e;
-    e->next = NULL;
-    return 1;
-}
-
-static int engine_list_remove(ENGINE *e)
-{
-    ENGINE *iterator;
-
-    if (e == NULL) {
-        ENGINEerr(ENGINE_F_ENGINE_LIST_REMOVE, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    /* We need to check that e is in our linked list! */
-    iterator = engine_list_head;
-    while (iterator && (iterator != e))
-        iterator = iterator->next;
-    if (iterator == NULL) {
-        ENGINEerr(ENGINE_F_ENGINE_LIST_REMOVE,
-                  ENGINE_R_ENGINE_IS_NOT_IN_LIST);
-        return 0;
-    }
-    /* un-link e from the chain. */
-    if (e->next)
-        e->next->prev = e->prev;
-    if (e->prev)
-        e->prev->next = e->next;
-    /* Correct our head/tail if necessary. */
-    if (engine_list_head == e)
-        engine_list_head = e->next;
-    if (engine_list_tail == e)
-        engine_list_tail = e->prev;
-    engine_free_util(e, 0);
-    return 1;
-}
-
-/* Get the first/last "ENGINE" type available. */
-ENGINE *ENGINE_get_first(void)
-{
-    ENGINE *ret;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-    ret = engine_list_head;
-    if (ret) {
-        ret->struct_ref++;
-        engine_ref_debug(ret, 0, 1)
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-    return ret;
-}
-
-ENGINE *ENGINE_get_last(void)
-{
-    ENGINE *ret;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-    ret = engine_list_tail;
-    if (ret) {
-        ret->struct_ref++;
-        engine_ref_debug(ret, 0, 1)
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-    return ret;
-}
-
-/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */
-ENGINE *ENGINE_get_next(ENGINE *e)
-{
-    ENGINE *ret = NULL;
-    if (e == NULL) {
-        ENGINEerr(ENGINE_F_ENGINE_GET_NEXT, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-    ret = e->next;
-    if (ret) {
-        /* Return a valid structural refernce to the next ENGINE */
-        ret->struct_ref++;
-        engine_ref_debug(ret, 0, 1)
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-    /* Release the structural reference to the previous ENGINE */
-    ENGINE_free(e);
-    return ret;
-}
-
-ENGINE *ENGINE_get_prev(ENGINE *e)
-{
-    ENGINE *ret = NULL;
-    if (e == NULL) {
-        ENGINEerr(ENGINE_F_ENGINE_GET_PREV, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-    ret = e->prev;
-    if (ret) {
-        /* Return a valid structural reference to the next ENGINE */
-        ret->struct_ref++;
-        engine_ref_debug(ret, 0, 1)
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-    /* Release the structural reference to the previous ENGINE */
-    ENGINE_free(e);
-    return ret;
-}
-
-/* Add another "ENGINE" type into the list. */
-int ENGINE_add(ENGINE *e)
-{
-    int to_return = 1;
-    if (e == NULL) {
-        ENGINEerr(ENGINE_F_ENGINE_ADD, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    if ((e->id == NULL) || (e->name == NULL)) {
-        ENGINEerr(ENGINE_F_ENGINE_ADD, ENGINE_R_ID_OR_NAME_MISSING);
-        return 0;
-    }
-    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-    if (!engine_list_add(e)) {
-        ENGINEerr(ENGINE_F_ENGINE_ADD, ENGINE_R_INTERNAL_LIST_ERROR);
-        to_return = 0;
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-    return to_return;
-}
-
-/* Remove an existing "ENGINE" type from the array. */
-int ENGINE_remove(ENGINE *e)
-{
-    int to_return = 1;
-    if (e == NULL) {
-        ENGINEerr(ENGINE_F_ENGINE_REMOVE, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-    if (!engine_list_remove(e)) {
-        ENGINEerr(ENGINE_F_ENGINE_REMOVE, ENGINE_R_INTERNAL_LIST_ERROR);
-        to_return = 0;
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-    return to_return;
-}
-
-static void engine_cpy(ENGINE *dest, const ENGINE *src)
-{
-    dest->id = src->id;
-    dest->name = src->name;
-#ifndef OPENSSL_NO_RSA
-    dest->rsa_meth = src->rsa_meth;
-#endif
-#ifndef OPENSSL_NO_DSA
-    dest->dsa_meth = src->dsa_meth;
-#endif
-#ifndef OPENSSL_NO_DH
-    dest->dh_meth = src->dh_meth;
-#endif
-#ifndef OPENSSL_NO_ECDH
-    dest->ecdh_meth = src->ecdh_meth;
-#endif
-#ifndef OPENSSL_NO_ECDSA
-    dest->ecdsa_meth = src->ecdsa_meth;
-#endif
-    dest->rand_meth = src->rand_meth;
-    dest->store_meth = src->store_meth;
-    dest->ciphers = src->ciphers;
-    dest->digests = src->digests;
-    dest->pkey_meths = src->pkey_meths;
-    dest->destroy = src->destroy;
-    dest->init = src->init;
-    dest->finish = src->finish;
-    dest->ctrl = src->ctrl;
-    dest->load_privkey = src->load_privkey;
-    dest->load_pubkey = src->load_pubkey;
-    dest->cmd_defns = src->cmd_defns;
-    dest->flags = src->flags;
-}
-
-ENGINE *ENGINE_by_id(const char *id)
-{
-    ENGINE *iterator;
-    char *load_dir = NULL;
-    if (id == NULL) {
-        ENGINEerr(ENGINE_F_ENGINE_BY_ID, ERR_R_PASSED_NULL_PARAMETER);
-        return NULL;
-    }
-    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-    iterator = engine_list_head;
-    while (iterator && (strcmp(id, iterator->id) != 0))
-        iterator = iterator->next;
-    if (iterator) {
-        /*
-         * We need to return a structural reference. If this is an ENGINE
-         * type that returns copies, make a duplicate - otherwise increment
-         * the existing ENGINE's reference count.
-         */
-        if (iterator->flags & ENGINE_FLAGS_BY_ID_COPY) {
-            ENGINE *cp = ENGINE_new();
-            if (!cp)
-                iterator = NULL;
-            else {
-                engine_cpy(cp, iterator);
-                iterator = cp;
-            }
-        } else {
-            iterator->struct_ref++;
-            engine_ref_debug(iterator, 0, 1)
-        }
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-#if 0
-    if (iterator == NULL) {
-        ENGINEerr(ENGINE_F_ENGINE_BY_ID, ENGINE_R_NO_SUCH_ENGINE);
-        ERR_add_error_data(2, "id=", id);
-    }
-    return iterator;
-#else
-    /* EEK! Experimental code starts */
-    if (iterator)
-        return iterator;
-    /*
-     * Prevent infinite recusrion if we're looking for the dynamic engine.
-     */
-    if (strcmp(id, "dynamic")) {
-# ifdef OPENSSL_SYS_VMS
-        if ((load_dir = getenv("OPENSSL_ENGINES")) == 0)
-            load_dir = "SSLROOT:[ENGINES]";
-# else
-        if ((load_dir = getenv("OPENSSL_ENGINES")) == 0)
-            load_dir = ENGINESDIR;
-# endif
-        iterator = ENGINE_by_id("dynamic");
-        if (!iterator || !ENGINE_ctrl_cmd_string(iterator, "ID", id, 0) ||
-            !ENGINE_ctrl_cmd_string(iterator, "DIR_LOAD", "2", 0) ||
-            !ENGINE_ctrl_cmd_string(iterator, "DIR_ADD",
-                                    load_dir, 0) ||
-            !ENGINE_ctrl_cmd_string(iterator, "LIST_ADD", "1", 0) ||
-            !ENGINE_ctrl_cmd_string(iterator, "LOAD", NULL, 0))
-            goto notfound;
-        return iterator;
-    }
- notfound:
-    ENGINE_free(iterator);
-    ENGINEerr(ENGINE_F_ENGINE_BY_ID, ENGINE_R_NO_SUCH_ENGINE);
-    ERR_add_error_data(2, "id=", id);
-    return NULL;
-    /* EEK! Experimental code ends */
-#endif
-}
-
-int ENGINE_up_ref(ENGINE *e)
-{
-    if (e == NULL) {
-        ENGINEerr(ENGINE_F_ENGINE_UP_REF, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    CRYPTO_add(&e->struct_ref, 1, CRYPTO_LOCK_ENGINE);
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/engine/eng_openssl.c b/thirdparty/openssl/crypto/engine/eng_openssl.c
deleted file mode 100644
index 34b002950e..0000000000
--- a/thirdparty/openssl/crypto/engine/eng_openssl.c
+++ /dev/null
@@ -1,402 +0,0 @@
-/* crypto/engine/eng_openssl.c */
-/*
- * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/engine.h>
-#include <openssl/dso.h>
-#include <openssl/pem.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-
-/*
- * This testing gunk is implemented (and explained) lower down. It also
- * assumes the application explicitly calls "ENGINE_load_openssl()" because
- * this is no longer automatic in ENGINE_load_builtin_engines().
- */
-#define TEST_ENG_OPENSSL_RC4
-#define TEST_ENG_OPENSSL_PKEY
-/* #define TEST_ENG_OPENSSL_RC4_OTHERS */
-#define TEST_ENG_OPENSSL_RC4_P_INIT
-/* #define TEST_ENG_OPENSSL_RC4_P_CIPHER */
-#define TEST_ENG_OPENSSL_SHA
-/* #define TEST_ENG_OPENSSL_SHA_OTHERS */
-/* #define TEST_ENG_OPENSSL_SHA_P_INIT */
-/* #define TEST_ENG_OPENSSL_SHA_P_UPDATE */
-/* #define TEST_ENG_OPENSSL_SHA_P_FINAL */
-
-/* Now check what of those algorithms are actually enabled */
-#ifdef OPENSSL_NO_RC4
-# undef TEST_ENG_OPENSSL_RC4
-# undef TEST_ENG_OPENSSL_RC4_OTHERS
-# undef TEST_ENG_OPENSSL_RC4_P_INIT
-# undef TEST_ENG_OPENSSL_RC4_P_CIPHER
-#endif
-#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA0) || defined(OPENSSL_NO_SHA1)
-# undef TEST_ENG_OPENSSL_SHA
-# undef TEST_ENG_OPENSSL_SHA_OTHERS
-# undef TEST_ENG_OPENSSL_SHA_P_INIT
-# undef TEST_ENG_OPENSSL_SHA_P_UPDATE
-# undef TEST_ENG_OPENSSL_SHA_P_FINAL
-#endif
-
-#ifdef TEST_ENG_OPENSSL_RC4
-static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
-                           const int **nids, int nid);
-#endif
-#ifdef TEST_ENG_OPENSSL_SHA
-static int openssl_digests(ENGINE *e, const EVP_MD **digest,
-                           const int **nids, int nid);
-#endif
-
-#ifdef TEST_ENG_OPENSSL_PKEY
-static EVP_PKEY *openssl_load_privkey(ENGINE *eng, const char *key_id,
-                                      UI_METHOD *ui_method,
-                                      void *callback_data);
-#endif
-
-/* The constants used when creating the ENGINE */
-static const char *engine_openssl_id = "openssl";
-static const char *engine_openssl_name = "Software engine support";
-
-/*
- * This internal function is used by ENGINE_openssl() and possibly by the
- * "dynamic" ENGINE support too
- */
-static int bind_helper(ENGINE *e)
-{
-    if (!ENGINE_set_id(e, engine_openssl_id)
-        || !ENGINE_set_name(e, engine_openssl_name)
-#ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS
-# ifndef OPENSSL_NO_RSA
-        || !ENGINE_set_RSA(e, RSA_get_default_method())
-# endif
-# ifndef OPENSSL_NO_DSA
-        || !ENGINE_set_DSA(e, DSA_get_default_method())
-# endif
-# ifndef OPENSSL_NO_ECDH
-        || !ENGINE_set_ECDH(e, ECDH_OpenSSL())
-# endif
-# ifndef OPENSSL_NO_ECDSA
-        || !ENGINE_set_ECDSA(e, ECDSA_OpenSSL())
-# endif
-# ifndef OPENSSL_NO_DH
-        || !ENGINE_set_DH(e, DH_get_default_method())
-# endif
-        || !ENGINE_set_RAND(e, RAND_SSLeay())
-# ifdef TEST_ENG_OPENSSL_RC4
-        || !ENGINE_set_ciphers(e, openssl_ciphers)
-# endif
-# ifdef TEST_ENG_OPENSSL_SHA
-        || !ENGINE_set_digests(e, openssl_digests)
-# endif
-#endif
-#ifdef TEST_ENG_OPENSSL_PKEY
-        || !ENGINE_set_load_privkey_function(e, openssl_load_privkey)
-#endif
-        )
-        return 0;
-    /*
-     * If we add errors to this ENGINE, ensure the error handling is setup
-     * here
-     */
-    /* openssl_load_error_strings(); */
-    return 1;
-}
-
-static ENGINE *engine_openssl(void)
-{
-    ENGINE *ret = ENGINE_new();
-    if (!ret)
-        return NULL;
-    if (!bind_helper(ret)) {
-        ENGINE_free(ret);
-        return NULL;
-    }
-    return ret;
-}
-
-void ENGINE_load_openssl(void)
-{
-    ENGINE *toadd = engine_openssl();
-    if (!toadd)
-        return;
-    ENGINE_add(toadd);
-    /*
-     * If the "add" worked, it gets a structural reference. So either way, we
-     * release our just-created reference.
-     */
-    ENGINE_free(toadd);
-    ERR_clear_error();
-}
-
-/*
- * This stuff is needed if this ENGINE is being compiled into a
- * self-contained shared-library.
- */
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static int bind_fn(ENGINE *e, const char *id)
-{
-    if (id && (strcmp(id, engine_openssl_id) != 0))
-        return 0;
-    if (!bind_helper(e))
-        return 0;
-    return 1;
-}
-
-IMPLEMENT_DYNAMIC_CHECK_FN()
-    IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-#endif                          /* ENGINE_DYNAMIC_SUPPORT */
-#ifdef TEST_ENG_OPENSSL_RC4
-/*-
- * This section of code compiles an "alternative implementation" of two modes of
- * RC4 into this ENGINE. The result is that EVP_CIPHER operation for "rc4"
- * should under normal circumstances go via this support rather than the default
- * EVP support. There are other symbols to tweak the testing;
- *    TEST_ENC_OPENSSL_RC4_OTHERS - print a one line message to stderr each time
- *        we're asked for a cipher we don't support (should not happen).
- *    TEST_ENG_OPENSSL_RC4_P_INIT - print a one line message to stderr each time
- *        the "init_key" handler is called.
- *    TEST_ENG_OPENSSL_RC4_P_CIPHER - ditto for the "cipher" handler.
- */
-# include <openssl/rc4.h>
-# define TEST_RC4_KEY_SIZE               16
-static int test_cipher_nids[] = { NID_rc4, NID_rc4_40 };
-
-static int test_cipher_nids_number = 2;
-typedef struct {
-    unsigned char key[TEST_RC4_KEY_SIZE];
-    RC4_KEY ks;
-} TEST_RC4_KEY;
-# define test(ctx) ((TEST_RC4_KEY *)(ctx)->cipher_data)
-static int test_rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                             const unsigned char *iv, int enc)
-{
-# ifdef TEST_ENG_OPENSSL_RC4_P_INIT
-    fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_init_key() called\n");
-# endif
-    memcpy(&test(ctx)->key[0], key, EVP_CIPHER_CTX_key_length(ctx));
-    RC4_set_key(&test(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx),
-                test(ctx)->key);
-    return 1;
-}
-
-static int test_rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                           const unsigned char *in, size_t inl)
-{
-# ifdef TEST_ENG_OPENSSL_RC4_P_CIPHER
-    fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_cipher() called\n");
-# endif
-    RC4(&test(ctx)->ks, inl, in, out);
-    return 1;
-}
-
-static const EVP_CIPHER test_r4_cipher = {
-    NID_rc4,
-    1, TEST_RC4_KEY_SIZE, 0,
-    EVP_CIPH_VARIABLE_LENGTH,
-    test_rc4_init_key,
-    test_rc4_cipher,
-    NULL,
-    sizeof(TEST_RC4_KEY),
-    NULL,
-    NULL,
-    NULL,
-    NULL
-};
-
-static const EVP_CIPHER test_r4_40_cipher = {
-    NID_rc4_40,
-    1, 5 /* 40 bit */ , 0,
-    EVP_CIPH_VARIABLE_LENGTH,
-    test_rc4_init_key,
-    test_rc4_cipher,
-    NULL,
-    sizeof(TEST_RC4_KEY),
-    NULL,
-    NULL,
-    NULL,
-    NULL
-};
-
-static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
-                           const int **nids, int nid)
-{
-    if (!cipher) {
-        /* We are returning a list of supported nids */
-        *nids = test_cipher_nids;
-        return test_cipher_nids_number;
-    }
-    /* We are being asked for a specific cipher */
-    if (nid == NID_rc4)
-        *cipher = &test_r4_cipher;
-    else if (nid == NID_rc4_40)
-        *cipher = &test_r4_40_cipher;
-    else {
-# ifdef TEST_ENG_OPENSSL_RC4_OTHERS
-        fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) returning NULL for "
-                "nid %d\n", nid);
-# endif
-        *cipher = NULL;
-        return 0;
-    }
-    return 1;
-}
-#endif
-
-#ifdef TEST_ENG_OPENSSL_SHA
-/* Much the same sort of comment as for TEST_ENG_OPENSSL_RC4 */
-# include <openssl/sha.h>
-static int test_digest_nids[] = { NID_sha1 };
-
-static int test_digest_nids_number = 1;
-static int test_sha1_init(EVP_MD_CTX *ctx)
-{
-# ifdef TEST_ENG_OPENSSL_SHA_P_INIT
-    fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_init() called\n");
-# endif
-    return SHA1_Init(ctx->md_data);
-}
-
-static int test_sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-# ifdef TEST_ENG_OPENSSL_SHA_P_UPDATE
-    fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_update() called\n");
-# endif
-    return SHA1_Update(ctx->md_data, data, count);
-}
-
-static int test_sha1_final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-# ifdef TEST_ENG_OPENSSL_SHA_P_FINAL
-    fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_final() called\n");
-# endif
-    return SHA1_Final(md, ctx->md_data);
-}
-
-static const EVP_MD test_sha_md = {
-    NID_sha1,
-    NID_sha1WithRSAEncryption,
-    SHA_DIGEST_LENGTH,
-    0,
-    test_sha1_init,
-    test_sha1_update,
-    test_sha1_final,
-    NULL,
-    NULL,
-    EVP_PKEY_RSA_method,
-    SHA_CBLOCK,
-    sizeof(EVP_MD *) + sizeof(SHA_CTX),
-};
-
-static int openssl_digests(ENGINE *e, const EVP_MD **digest,
-                           const int **nids, int nid)
-{
-    if (!digest) {
-        /* We are returning a list of supported nids */
-        *nids = test_digest_nids;
-        return test_digest_nids_number;
-    }
-    /* We are being asked for a specific digest */
-    if (nid == NID_sha1)
-        *digest = &test_sha_md;
-    else {
-# ifdef TEST_ENG_OPENSSL_SHA_OTHERS
-        fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) returning NULL for "
-                "nid %d\n", nid);
-# endif
-        *digest = NULL;
-        return 0;
-    }
-    return 1;
-}
-#endif
-
-#ifdef TEST_ENG_OPENSSL_PKEY
-static EVP_PKEY *openssl_load_privkey(ENGINE *eng, const char *key_id,
-                                      UI_METHOD *ui_method,
-                                      void *callback_data)
-{
-    BIO *in;
-    EVP_PKEY *key;
-    fprintf(stderr, "(TEST_ENG_OPENSSL_PKEY)Loading Private key %s\n",
-            key_id);
-    in = BIO_new_file(key_id, "r");
-    if (!in)
-        return NULL;
-    key = PEM_read_bio_PrivateKey(in, NULL, 0, NULL);
-    BIO_free(in);
-    return key;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/engine/eng_pkey.c b/thirdparty/openssl/crypto/engine/eng_pkey.c
deleted file mode 100644
index 23580d9ec8..0000000000
--- a/thirdparty/openssl/crypto/engine/eng_pkey.c
+++ /dev/null
@@ -1,186 +0,0 @@
-/* crypto/engine/eng_pkey.c */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/* Basic get/set stuff */
-
-int ENGINE_set_load_privkey_function(ENGINE *e,
-                                     ENGINE_LOAD_KEY_PTR loadpriv_f)
-{
-    e->load_privkey = loadpriv_f;
-    return 1;
-}
-
-int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f)
-{
-    e->load_pubkey = loadpub_f;
-    return 1;
-}
-
-int ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
-                                             ENGINE_SSL_CLIENT_CERT_PTR
-                                             loadssl_f)
-{
-    e->load_ssl_client_cert = loadssl_f;
-    return 1;
-}
-
-ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e)
-{
-    return e->load_privkey;
-}
-
-ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e)
-{
-    return e->load_pubkey;
-}
-
-ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE
-                                                               *e)
-{
-    return e->load_ssl_client_cert;
-}
-
-/* API functions to load public/private keys */
-
-EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
-                                  UI_METHOD *ui_method, void *callback_data)
-{
-    EVP_PKEY *pkey;
-
-    if (e == NULL) {
-        ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
-                  ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-    if (e->funct_ref == 0) {
-        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-        ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY, ENGINE_R_NOT_INITIALISED);
-        return 0;
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-    if (!e->load_privkey) {
-        ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
-                  ENGINE_R_NO_LOAD_FUNCTION);
-        return 0;
-    }
-    pkey = e->load_privkey(e, key_id, ui_method, callback_data);
-    if (!pkey) {
-        ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
-                  ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
-        return 0;
-    }
-    return pkey;
-}
-
-EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
-                                 UI_METHOD *ui_method, void *callback_data)
-{
-    EVP_PKEY *pkey;
-
-    if (e == NULL) {
-        ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
-                  ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-    if (e->funct_ref == 0) {
-        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-        ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY, ENGINE_R_NOT_INITIALISED);
-        return 0;
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-    if (!e->load_pubkey) {
-        ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY, ENGINE_R_NO_LOAD_FUNCTION);
-        return 0;
-    }
-    pkey = e->load_pubkey(e, key_id, ui_method, callback_data);
-    if (!pkey) {
-        ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
-                  ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
-        return 0;
-    }
-    return pkey;
-}
-
-int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s,
-                                STACK_OF(X509_NAME) *ca_dn, X509 **pcert,
-                                EVP_PKEY **ppkey, STACK_OF(X509) **pother,
-                                UI_METHOD *ui_method, void *callback_data)
-{
-
-    if (e == NULL) {
-        ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT,
-                  ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-    if (e->funct_ref == 0) {
-        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-        ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT,
-                  ENGINE_R_NOT_INITIALISED);
-        return 0;
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-    if (!e->load_ssl_client_cert) {
-        ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT,
-                  ENGINE_R_NO_LOAD_FUNCTION);
-        return 0;
-    }
-    return e->load_ssl_client_cert(e, s, ca_dn, pcert, ppkey, pother,
-                                   ui_method, callback_data);
-}
diff --git a/thirdparty/openssl/crypto/engine/eng_rdrand.c b/thirdparty/openssl/crypto/engine/eng_rdrand.c
deleted file mode 100644
index 9316d6fe21..0000000000
--- a/thirdparty/openssl/crypto/engine/eng_rdrand.c
+++ /dev/null
@@ -1,149 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/opensslconf.h>
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/engine.h>
-#include <openssl/rand.h>
-#include <openssl/err.h>
-
-#if (defined(__i386)   || defined(__i386__)   || defined(_M_IX86) || \
-     defined(__x86_64) || defined(__x86_64__) || \
-     defined(_M_AMD64) || defined (_M_X64)) && defined(OPENSSL_CPUID_OBJ)
-
-size_t OPENSSL_ia32_rdrand(void);
-
-static int get_random_bytes(unsigned char *buf, int num)
-{
-    size_t rnd;
-
-    while (num >= (int)sizeof(size_t)) {
-        if ((rnd = OPENSSL_ia32_rdrand()) == 0)
-            return 0;
-
-        *((size_t *)buf) = rnd;
-        buf += sizeof(size_t);
-        num -= sizeof(size_t);
-    }
-    if (num) {
-        if ((rnd = OPENSSL_ia32_rdrand()) == 0)
-            return 0;
-
-        memcpy(buf, &rnd, num);
-    }
-
-    return 1;
-}
-
-static int random_status(void)
-{
-    return 1;
-}
-
-static RAND_METHOD rdrand_meth = {
-    NULL,                       /* seed */
-    get_random_bytes,
-    NULL,                       /* cleanup */
-    NULL,                       /* add */
-    get_random_bytes,
-    random_status,
-};
-
-static int rdrand_init(ENGINE *e)
-{
-    return 1;
-}
-
-static const char *engine_e_rdrand_id = "rdrand";
-static const char *engine_e_rdrand_name = "Intel RDRAND engine";
-
-static int bind_helper(ENGINE *e)
-{
-    if (!ENGINE_set_id(e, engine_e_rdrand_id) ||
-        !ENGINE_set_name(e, engine_e_rdrand_name) ||
-        !ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL) ||
-        !ENGINE_set_init_function(e, rdrand_init) ||
-        !ENGINE_set_RAND(e, &rdrand_meth))
-        return 0;
-
-    return 1;
-}
-
-static ENGINE *ENGINE_rdrand(void)
-{
-    ENGINE *ret = ENGINE_new();
-    if (!ret)
-        return NULL;
-    if (!bind_helper(ret)) {
-        ENGINE_free(ret);
-        return NULL;
-    }
-    return ret;
-}
-
-void ENGINE_load_rdrand(void)
-{
-    extern unsigned int OPENSSL_ia32cap_P[];
-
-    if (OPENSSL_ia32cap_P[1] & (1 << (62 - 32))) {
-        ENGINE *toadd = ENGINE_rdrand();
-        if (!toadd)
-            return;
-        ENGINE_add(toadd);
-        ENGINE_free(toadd);
-        ERR_clear_error();
-    }
-}
-#else
-void ENGINE_load_rdrand(void)
-{
-}
-#endif
diff --git a/thirdparty/openssl/crypto/engine/eng_table.c b/thirdparty/openssl/crypto/engine/eng_table.c
deleted file mode 100644
index 27d31f70c8..0000000000
--- a/thirdparty/openssl/crypto/engine/eng_table.c
+++ /dev/null
@@ -1,358 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/lhash.h>
-#include "eng_int.h"
-
-/* The type of the items in the table */
-typedef struct st_engine_pile {
-    /* The 'nid' of this algorithm/mode */
-    int nid;
-    /* ENGINEs that implement this algorithm/mode. */
-    STACK_OF(ENGINE) *sk;
-    /* The default ENGINE to perform this algorithm/mode. */
-    ENGINE *funct;
-    /*
-     * Zero if 'sk' is newer than the cached 'funct', non-zero otherwise
-     */
-    int uptodate;
-} ENGINE_PILE;
-
-DECLARE_LHASH_OF(ENGINE_PILE);
-
-/* The type exposed in eng_int.h */
-struct st_engine_table {
-    LHASH_OF(ENGINE_PILE) piles;
-};                              /* ENGINE_TABLE */
-
-typedef struct st_engine_pile_doall {
-    engine_table_doall_cb *cb;
-    void *arg;
-} ENGINE_PILE_DOALL;
-
-/* Global flags (ENGINE_TABLE_FLAG_***). */
-static unsigned int table_flags = 0;
-
-/* API function manipulating 'table_flags' */
-unsigned int ENGINE_get_table_flags(void)
-{
-    return table_flags;
-}
-
-void ENGINE_set_table_flags(unsigned int flags)
-{
-    table_flags = flags;
-}
-
-/* Internal functions for the "piles" hash table */
-static unsigned long engine_pile_hash(const ENGINE_PILE *c)
-{
-    return c->nid;
-}
-
-static int engine_pile_cmp(const ENGINE_PILE *a, const ENGINE_PILE *b)
-{
-    return a->nid - b->nid;
-}
-
-static IMPLEMENT_LHASH_HASH_FN(engine_pile, ENGINE_PILE)
-static IMPLEMENT_LHASH_COMP_FN(engine_pile, ENGINE_PILE)
-
-static int int_table_check(ENGINE_TABLE **t, int create)
-{
-    LHASH_OF(ENGINE_PILE) *lh;
-
-    if (*t)
-        return 1;
-    if (!create)
-        return 0;
-    if ((lh = lh_ENGINE_PILE_new()) == NULL)
-        return 0;
-    *t = (ENGINE_TABLE *)lh;
-    return 1;
-}
-
-/*
- * Privately exposed (via eng_int.h) functions for adding and/or removing
- * ENGINEs from the implementation table
- */
-int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
-                          ENGINE *e, const int *nids, int num_nids,
-                          int setdefault)
-{
-    int ret = 0, added = 0;
-    ENGINE_PILE tmplate, *fnd;
-    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-    if (!(*table))
-        added = 1;
-    if (!int_table_check(table, 1))
-        goto end;
-    if (added)
-        /* The cleanup callback needs to be added */
-        engine_cleanup_add_first(cleanup);
-    while (num_nids--) {
-        tmplate.nid = *nids;
-        fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate);
-        if (!fnd) {
-            fnd = OPENSSL_malloc(sizeof(ENGINE_PILE));
-            if (!fnd)
-                goto end;
-            fnd->uptodate = 1;
-            fnd->nid = *nids;
-            fnd->sk = sk_ENGINE_new_null();
-            if (!fnd->sk) {
-                OPENSSL_free(fnd);
-                goto end;
-            }
-            fnd->funct = NULL;
-            (void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd);
-        }
-        /* A registration shouldn't add duplciate entries */
-        (void)sk_ENGINE_delete_ptr(fnd->sk, e);
-        /*
-         * if 'setdefault', this ENGINE goes to the head of the list
-         */
-        if (!sk_ENGINE_push(fnd->sk, e))
-            goto end;
-        /* "touch" this ENGINE_PILE */
-        fnd->uptodate = 0;
-        if (setdefault) {
-            if (!engine_unlocked_init(e)) {
-                ENGINEerr(ENGINE_F_ENGINE_TABLE_REGISTER,
-                          ENGINE_R_INIT_FAILED);
-                goto end;
-            }
-            if (fnd->funct)
-                engine_unlocked_finish(fnd->funct, 0);
-            fnd->funct = e;
-            fnd->uptodate = 1;
-        }
-        nids++;
-    }
-    ret = 1;
- end:
-    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-    return ret;
-}
-
-static void int_unregister_cb_doall_arg(ENGINE_PILE *pile, ENGINE *e)
-{
-    int n;
-    /* Iterate the 'c->sk' stack removing any occurance of 'e' */
-    while ((n = sk_ENGINE_find(pile->sk, e)) >= 0) {
-        (void)sk_ENGINE_delete(pile->sk, n);
-        pile->uptodate = 0;
-    }
-    if (pile->funct == e) {
-        engine_unlocked_finish(e, 0);
-        pile->funct = NULL;
-    }
-}
-
-static IMPLEMENT_LHASH_DOALL_ARG_FN(int_unregister_cb, ENGINE_PILE, ENGINE)
-
-void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e)
-{
-    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-    if (int_table_check(table, 0))
-        lh_ENGINE_PILE_doall_arg(&(*table)->piles,
-                                 LHASH_DOALL_ARG_FN(int_unregister_cb),
-                                 ENGINE, e);
-    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-}
-
-static void int_cleanup_cb_doall(ENGINE_PILE *p)
-{
-    sk_ENGINE_free(p->sk);
-    if (p->funct)
-        engine_unlocked_finish(p->funct, 0);
-    OPENSSL_free(p);
-}
-
-static IMPLEMENT_LHASH_DOALL_FN(int_cleanup_cb, ENGINE_PILE)
-
-void engine_table_cleanup(ENGINE_TABLE **table)
-{
-    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-    if (*table) {
-        lh_ENGINE_PILE_doall(&(*table)->piles,
-                             LHASH_DOALL_FN(int_cleanup_cb));
-        lh_ENGINE_PILE_free(&(*table)->piles);
-        *table = NULL;
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-}
-
-/* return a functional reference for a given 'nid' */
-#ifndef ENGINE_TABLE_DEBUG
-ENGINE *engine_table_select(ENGINE_TABLE **table, int nid)
-#else
-ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f,
-                                int l)
-#endif
-{
-    ENGINE *ret = NULL;
-    ENGINE_PILE tmplate, *fnd = NULL;
-    int initres, loop = 0;
-
-    if (!(*table)) {
-#ifdef ENGINE_TABLE_DEBUG
-        fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, nothing "
-                "registered!\n", f, l, nid);
-#endif
-        return NULL;
-    }
-    ERR_set_mark();
-    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-    /*
-     * Check again inside the lock otherwise we could race against cleanup
-     * operations. But don't worry about a fprintf(stderr).
-     */
-    if (!int_table_check(table, 0))
-        goto end;
-    tmplate.nid = nid;
-    fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate);
-    if (!fnd)
-        goto end;
-    if (fnd->funct && engine_unlocked_init(fnd->funct)) {
-#ifdef ENGINE_TABLE_DEBUG
-        fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using "
-                "ENGINE '%s' cached\n", f, l, nid, fnd->funct->id);
-#endif
-        ret = fnd->funct;
-        goto end;
-    }
-    if (fnd->uptodate) {
-        ret = fnd->funct;
-        goto end;
-    }
- trynext:
-    ret = sk_ENGINE_value(fnd->sk, loop++);
-    if (!ret) {
-#ifdef ENGINE_TABLE_DEBUG
-        fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, no "
-                "registered implementations would initialise\n", f, l, nid);
-#endif
-        goto end;
-    }
-    /* Try to initialise the ENGINE? */
-    if ((ret->funct_ref > 0) || !(table_flags & ENGINE_TABLE_FLAG_NOINIT))
-        initres = engine_unlocked_init(ret);
-    else
-        initres = 0;
-    if (initres) {
-        /* Update 'funct' */
-        if ((fnd->funct != ret) && engine_unlocked_init(ret)) {
-            /* If there was a previous default we release it. */
-            if (fnd->funct)
-                engine_unlocked_finish(fnd->funct, 0);
-            fnd->funct = ret;
-#ifdef ENGINE_TABLE_DEBUG
-            fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, "
-                    "setting default to '%s'\n", f, l, nid, ret->id);
-#endif
-        }
-#ifdef ENGINE_TABLE_DEBUG
-        fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using "
-                "newly initialised '%s'\n", f, l, nid, ret->id);
-#endif
-        goto end;
-    }
-    goto trynext;
- end:
-    /*
-     * If it failed, it is unlikely to succeed again until some future
-     * registrations have taken place. In all cases, we cache.
-     */
-    if (fnd)
-        fnd->uptodate = 1;
-#ifdef ENGINE_TABLE_DEBUG
-    if (ret)
-        fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching "
-                "ENGINE '%s'\n", f, l, nid, ret->id);
-    else
-        fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching "
-                "'no matching ENGINE'\n", f, l, nid);
-#endif
-    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-    /*
-     * Whatever happened, any failed init()s are not failures in this
-     * context, so clear our error state.
-     */
-    ERR_pop_to_mark();
-    return ret;
-}
-
-/* Table enumeration */
-
-static void int_cb_doall_arg(ENGINE_PILE *pile, ENGINE_PILE_DOALL *dall)
-{
-    dall->cb(pile->nid, pile->sk, pile->funct, dall->arg);
-}
-
-static IMPLEMENT_LHASH_DOALL_ARG_FN(int_cb, ENGINE_PILE, ENGINE_PILE_DOALL)
-
-void engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb,
-                        void *arg)
-{
-    ENGINE_PILE_DOALL dall;
-    dall.cb = cb;
-    dall.arg = arg;
-    if (table)
-        lh_ENGINE_PILE_doall_arg(&table->piles,
-                                 LHASH_DOALL_ARG_FN(int_cb),
-                                 ENGINE_PILE_DOALL, &dall);
-}
diff --git a/thirdparty/openssl/crypto/engine/tb_asnmth.c b/thirdparty/openssl/crypto/engine/tb_asnmth.c
deleted file mode 100644
index a1a9b88c43..0000000000
--- a/thirdparty/openssl/crypto/engine/tb_asnmth.c
+++ /dev/null
@@ -1,246 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-#include "asn1_locl.h"
-#include <openssl/evp.h>
-
-/*
- * If this symbol is defined then ENGINE_get_pkey_asn1_meth_engine(), the
- * function that is used by EVP to hook in pkey_asn1_meth code and cache
- * defaults (etc), will display brief debugging summaries to stderr with the
- * 'nid'.
- */
-/* #define ENGINE_PKEY_ASN1_METH_DEBUG */
-
-static ENGINE_TABLE *pkey_asn1_meth_table = NULL;
-
-void ENGINE_unregister_pkey_asn1_meths(ENGINE *e)
-{
-    engine_table_unregister(&pkey_asn1_meth_table, e);
-}
-
-static void engine_unregister_all_pkey_asn1_meths(void)
-{
-    engine_table_cleanup(&pkey_asn1_meth_table);
-}
-
-int ENGINE_register_pkey_asn1_meths(ENGINE *e)
-{
-    if (e->pkey_asn1_meths) {
-        const int *nids;
-        int num_nids = e->pkey_asn1_meths(e, NULL, &nids, 0);
-        if (num_nids > 0)
-            return engine_table_register(&pkey_asn1_meth_table,
-                                         engine_unregister_all_pkey_asn1_meths,
-                                         e, nids, num_nids, 0);
-    }
-    return 1;
-}
-
-void ENGINE_register_all_pkey_asn1_meths(void)
-{
-    ENGINE *e;
-
-    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-        ENGINE_register_pkey_asn1_meths(e);
-}
-
-int ENGINE_set_default_pkey_asn1_meths(ENGINE *e)
-{
-    if (e->pkey_asn1_meths) {
-        const int *nids;
-        int num_nids = e->pkey_asn1_meths(e, NULL, &nids, 0);
-        if (num_nids > 0)
-            return engine_table_register(&pkey_asn1_meth_table,
-                                         engine_unregister_all_pkey_asn1_meths,
-                                         e, nids, num_nids, 1);
-    }
-    return 1;
-}
-
-/*
- * Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references) for a given pkey_asn1_meth 'nid'
- */
-ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid)
-{
-    return engine_table_select(&pkey_asn1_meth_table, nid);
-}
-
-/*
- * Obtains a pkey_asn1_meth implementation from an ENGINE functional
- * reference
- */
-const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid)
-{
-    EVP_PKEY_ASN1_METHOD *ret;
-    ENGINE_PKEY_ASN1_METHS_PTR fn = ENGINE_get_pkey_asn1_meths(e);
-    if (!fn || !fn(e, &ret, NULL, nid)) {
-        ENGINEerr(ENGINE_F_ENGINE_GET_PKEY_ASN1_METH,
-                  ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD);
-        return NULL;
-    }
-    return ret;
-}
-
-/* Gets the pkey_asn1_meth callback from an ENGINE structure */
-ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e)
-{
-    return e->pkey_asn1_meths;
-}
-
-/* Sets the pkey_asn1_meth callback in an ENGINE structure */
-int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f)
-{
-    e->pkey_asn1_meths = f;
-    return 1;
-}
-
-/*
- * Internal function to free up EVP_PKEY_ASN1_METHOD structures before an
- * ENGINE is destroyed
- */
-
-void engine_pkey_asn1_meths_free(ENGINE *e)
-{
-    int i;
-    EVP_PKEY_ASN1_METHOD *pkm;
-    if (e->pkey_asn1_meths) {
-        const int *pknids;
-        int npknids;
-        npknids = e->pkey_asn1_meths(e, NULL, &pknids, 0);
-        for (i = 0; i < npknids; i++) {
-            if (e->pkey_asn1_meths(e, &pkm, NULL, pknids[i])) {
-                EVP_PKEY_asn1_free(pkm);
-            }
-        }
-    }
-}
-
-/*
- * Find a method based on a string. This does a linear search through all
- * implemented algorithms. This is OK in practice because only a small number
- * of algorithms are likely to be implemented in an engine and it is not used
- * for speed critical operations.
- */
-
-const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e,
-                                                          const char *str,
-                                                          int len)
-{
-    int i, nidcount;
-    const int *nids;
-    EVP_PKEY_ASN1_METHOD *ameth;
-    if (!e->pkey_asn1_meths)
-        return NULL;
-    if (len == -1)
-        len = strlen(str);
-    nidcount = e->pkey_asn1_meths(e, NULL, &nids, 0);
-    for (i = 0; i < nidcount; i++) {
-        e->pkey_asn1_meths(e, &ameth, NULL, nids[i]);
-        if (((int)strlen(ameth->pem_str) == len) &&
-            !strncasecmp(ameth->pem_str, str, len))
-            return ameth;
-    }
-    return NULL;
-}
-
-typedef struct {
-    ENGINE *e;
-    const EVP_PKEY_ASN1_METHOD *ameth;
-    const char *str;
-    int len;
-} ENGINE_FIND_STR;
-
-static void look_str_cb(int nid, STACK_OF(ENGINE) *sk, ENGINE *def, void *arg)
-{
-    ENGINE_FIND_STR *lk = arg;
-    int i;
-    if (lk->ameth)
-        return;
-    for (i = 0; i < sk_ENGINE_num(sk); i++) {
-        ENGINE *e = sk_ENGINE_value(sk, i);
-        EVP_PKEY_ASN1_METHOD *ameth;
-        e->pkey_asn1_meths(e, &ameth, NULL, nid);
-        if (((int)strlen(ameth->pem_str) == lk->len) &&
-            !strncasecmp(ameth->pem_str, lk->str, lk->len)) {
-            lk->e = e;
-            lk->ameth = ameth;
-            return;
-        }
-    }
-}
-
-const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe,
-                                                      const char *str,
-                                                      int len)
-{
-    ENGINE_FIND_STR fstr;
-    fstr.e = NULL;
-    fstr.ameth = NULL;
-    fstr.str = str;
-    fstr.len = len;
-    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-    engine_table_doall(pkey_asn1_meth_table, look_str_cb, &fstr);
-    /* If found obtain a structural reference to engine */
-    if (fstr.e) {
-        fstr.e->struct_ref++;
-        engine_ref_debug(fstr.e, 0, 1)
-    }
-    *pe = fstr.e;
-    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-    return fstr.ameth;
-}
diff --git a/thirdparty/openssl/crypto/engine/tb_cipher.c b/thirdparty/openssl/crypto/engine/tb_cipher.c
deleted file mode 100644
index fcfb2efd8f..0000000000
--- a/thirdparty/openssl/crypto/engine/tb_cipher.c
+++ /dev/null
@@ -1,143 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/*
- * If this symbol is defined then ENGINE_get_cipher_engine(), the function
- * that is used by EVP to hook in cipher code and cache defaults (etc), will
- * display brief debugging summaries to stderr with the 'nid'.
- */
-/* #define ENGINE_CIPHER_DEBUG */
-
-static ENGINE_TABLE *cipher_table = NULL;
-
-void ENGINE_unregister_ciphers(ENGINE *e)
-{
-    engine_table_unregister(&cipher_table, e);
-}
-
-static void engine_unregister_all_ciphers(void)
-{
-    engine_table_cleanup(&cipher_table);
-}
-
-int ENGINE_register_ciphers(ENGINE *e)
-{
-    if (e->ciphers) {
-        const int *nids;
-        int num_nids = e->ciphers(e, NULL, &nids, 0);
-        if (num_nids > 0)
-            return engine_table_register(&cipher_table,
-                                         engine_unregister_all_ciphers, e,
-                                         nids, num_nids, 0);
-    }
-    return 1;
-}
-
-void ENGINE_register_all_ciphers()
-{
-    ENGINE *e;
-
-    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-        ENGINE_register_ciphers(e);
-}
-
-int ENGINE_set_default_ciphers(ENGINE *e)
-{
-    if (e->ciphers) {
-        const int *nids;
-        int num_nids = e->ciphers(e, NULL, &nids, 0);
-        if (num_nids > 0)
-            return engine_table_register(&cipher_table,
-                                         engine_unregister_all_ciphers, e,
-                                         nids, num_nids, 1);
-    }
-    return 1;
-}
-
-/*
- * Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references) for a given cipher 'nid'
- */
-ENGINE *ENGINE_get_cipher_engine(int nid)
-{
-    return engine_table_select(&cipher_table, nid);
-}
-
-/* Obtains a cipher implementation from an ENGINE functional reference */
-const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid)
-{
-    const EVP_CIPHER *ret;
-    ENGINE_CIPHERS_PTR fn = ENGINE_get_ciphers(e);
-    if (!fn || !fn(e, &ret, NULL, nid)) {
-        ENGINEerr(ENGINE_F_ENGINE_GET_CIPHER, ENGINE_R_UNIMPLEMENTED_CIPHER);
-        return NULL;
-    }
-    return ret;
-}
-
-/* Gets the cipher callback from an ENGINE structure */
-ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e)
-{
-    return e->ciphers;
-}
-
-/* Sets the cipher callback in an ENGINE structure */
-int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f)
-{
-    e->ciphers = f;
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/engine/tb_dh.c b/thirdparty/openssl/crypto/engine/tb_dh.c
deleted file mode 100644
index 8114afa63a..0000000000
--- a/thirdparty/openssl/crypto/engine/tb_dh.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/*
- * If this symbol is defined then ENGINE_get_default_DH(), the function that
- * is used by DH to hook in implementation code and cache defaults (etc),
- * will display brief debugging summaries to stderr with the 'nid'.
- */
-/* #define ENGINE_DH_DEBUG */
-
-static ENGINE_TABLE *dh_table = NULL;
-static const int dummy_nid = 1;
-
-void ENGINE_unregister_DH(ENGINE *e)
-{
-    engine_table_unregister(&dh_table, e);
-}
-
-static void engine_unregister_all_DH(void)
-{
-    engine_table_cleanup(&dh_table);
-}
-
-int ENGINE_register_DH(ENGINE *e)
-{
-    if (e->dh_meth)
-        return engine_table_register(&dh_table,
-                                     engine_unregister_all_DH, e, &dummy_nid,
-                                     1, 0);
-    return 1;
-}
-
-void ENGINE_register_all_DH()
-{
-    ENGINE *e;
-
-    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-        ENGINE_register_DH(e);
-}
-
-int ENGINE_set_default_DH(ENGINE *e)
-{
-    if (e->dh_meth)
-        return engine_table_register(&dh_table,
-                                     engine_unregister_all_DH, e, &dummy_nid,
-                                     1, 1);
-    return 1;
-}
-
-/*
- * Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references).
- */
-ENGINE *ENGINE_get_default_DH(void)
-{
-    return engine_table_select(&dh_table, dummy_nid);
-}
-
-/* Obtains an DH implementation from an ENGINE functional reference */
-const DH_METHOD *ENGINE_get_DH(const ENGINE *e)
-{
-    return e->dh_meth;
-}
-
-/* Sets an DH implementation in an ENGINE structure */
-int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth)
-{
-    e->dh_meth = dh_meth;
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/engine/tb_digest.c b/thirdparty/openssl/crypto/engine/tb_digest.c
deleted file mode 100644
index de1ad9c01b..0000000000
--- a/thirdparty/openssl/crypto/engine/tb_digest.c
+++ /dev/null
@@ -1,143 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/*
- * If this symbol is defined then ENGINE_get_digest_engine(), the function
- * that is used by EVP to hook in digest code and cache defaults (etc), will
- * display brief debugging summaries to stderr with the 'nid'.
- */
-/* #define ENGINE_DIGEST_DEBUG */
-
-static ENGINE_TABLE *digest_table = NULL;
-
-void ENGINE_unregister_digests(ENGINE *e)
-{
-    engine_table_unregister(&digest_table, e);
-}
-
-static void engine_unregister_all_digests(void)
-{
-    engine_table_cleanup(&digest_table);
-}
-
-int ENGINE_register_digests(ENGINE *e)
-{
-    if (e->digests) {
-        const int *nids;
-        int num_nids = e->digests(e, NULL, &nids, 0);
-        if (num_nids > 0)
-            return engine_table_register(&digest_table,
-                                         engine_unregister_all_digests, e,
-                                         nids, num_nids, 0);
-    }
-    return 1;
-}
-
-void ENGINE_register_all_digests()
-{
-    ENGINE *e;
-
-    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-        ENGINE_register_digests(e);
-}
-
-int ENGINE_set_default_digests(ENGINE *e)
-{
-    if (e->digests) {
-        const int *nids;
-        int num_nids = e->digests(e, NULL, &nids, 0);
-        if (num_nids > 0)
-            return engine_table_register(&digest_table,
-                                         engine_unregister_all_digests, e,
-                                         nids, num_nids, 1);
-    }
-    return 1;
-}
-
-/*
- * Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references) for a given digest 'nid'
- */
-ENGINE *ENGINE_get_digest_engine(int nid)
-{
-    return engine_table_select(&digest_table, nid);
-}
-
-/* Obtains a digest implementation from an ENGINE functional reference */
-const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid)
-{
-    const EVP_MD *ret;
-    ENGINE_DIGESTS_PTR fn = ENGINE_get_digests(e);
-    if (!fn || !fn(e, &ret, NULL, nid)) {
-        ENGINEerr(ENGINE_F_ENGINE_GET_DIGEST, ENGINE_R_UNIMPLEMENTED_DIGEST);
-        return NULL;
-    }
-    return ret;
-}
-
-/* Gets the digest callback from an ENGINE structure */
-ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e)
-{
-    return e->digests;
-}
-
-/* Sets the digest callback in an ENGINE structure */
-int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f)
-{
-    e->digests = f;
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/engine/tb_dsa.c b/thirdparty/openssl/crypto/engine/tb_dsa.c
deleted file mode 100644
index c1f57f146c..0000000000
--- a/thirdparty/openssl/crypto/engine/tb_dsa.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/*
- * If this symbol is defined then ENGINE_get_default_DSA(), the function that
- * is used by DSA to hook in implementation code and cache defaults (etc),
- * will display brief debugging summaries to stderr with the 'nid'.
- */
-/* #define ENGINE_DSA_DEBUG */
-
-static ENGINE_TABLE *dsa_table = NULL;
-static const int dummy_nid = 1;
-
-void ENGINE_unregister_DSA(ENGINE *e)
-{
-    engine_table_unregister(&dsa_table, e);
-}
-
-static void engine_unregister_all_DSA(void)
-{
-    engine_table_cleanup(&dsa_table);
-}
-
-int ENGINE_register_DSA(ENGINE *e)
-{
-    if (e->dsa_meth)
-        return engine_table_register(&dsa_table,
-                                     engine_unregister_all_DSA, e, &dummy_nid,
-                                     1, 0);
-    return 1;
-}
-
-void ENGINE_register_all_DSA()
-{
-    ENGINE *e;
-
-    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-        ENGINE_register_DSA(e);
-}
-
-int ENGINE_set_default_DSA(ENGINE *e)
-{
-    if (e->dsa_meth)
-        return engine_table_register(&dsa_table,
-                                     engine_unregister_all_DSA, e, &dummy_nid,
-                                     1, 1);
-    return 1;
-}
-
-/*
- * Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references).
- */
-ENGINE *ENGINE_get_default_DSA(void)
-{
-    return engine_table_select(&dsa_table, dummy_nid);
-}
-
-/* Obtains an DSA implementation from an ENGINE functional reference */
-const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e)
-{
-    return e->dsa_meth;
-}
-
-/* Sets an DSA implementation in an ENGINE structure */
-int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth)
-{
-    e->dsa_meth = dsa_meth;
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/engine/tb_ecdh.c b/thirdparty/openssl/crypto/engine/tb_ecdh.c
deleted file mode 100644
index c51441be8a..0000000000
--- a/thirdparty/openssl/crypto/engine/tb_ecdh.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/* crypto/engine/tb_ecdh.c */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
- * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
- * to the OpenSSL project.
- *
- * The ECC Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- *
- * The ECDH engine software is originally written by Nils Gura and
- * Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/*
- * If this symbol is defined then ENGINE_get_default_ECDH(), the function
- * that is used by ECDH to hook in implementation code and cache defaults
- * (etc), will display brief debugging summaries to stderr with the 'nid'.
- */
-/* #define ENGINE_ECDH_DEBUG */
-
-static ENGINE_TABLE *ecdh_table = NULL;
-static const int dummy_nid = 1;
-
-void ENGINE_unregister_ECDH(ENGINE *e)
-{
-    engine_table_unregister(&ecdh_table, e);
-}
-
-static void engine_unregister_all_ECDH(void)
-{
-    engine_table_cleanup(&ecdh_table);
-}
-
-int ENGINE_register_ECDH(ENGINE *e)
-{
-    if (e->ecdh_meth)
-        return engine_table_register(&ecdh_table,
-                                     engine_unregister_all_ECDH, e,
-                                     &dummy_nid, 1, 0);
-    return 1;
-}
-
-void ENGINE_register_all_ECDH()
-{
-    ENGINE *e;
-
-    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-        ENGINE_register_ECDH(e);
-}
-
-int ENGINE_set_default_ECDH(ENGINE *e)
-{
-    if (e->ecdh_meth)
-        return engine_table_register(&ecdh_table,
-                                     engine_unregister_all_ECDH, e,
-                                     &dummy_nid, 1, 1);
-    return 1;
-}
-
-/*
- * Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references).
- */
-ENGINE *ENGINE_get_default_ECDH(void)
-{
-    return engine_table_select(&ecdh_table, dummy_nid);
-}
-
-/* Obtains an ECDH implementation from an ENGINE functional reference */
-const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e)
-{
-    return e->ecdh_meth;
-}
-
-/* Sets an ECDH implementation in an ENGINE structure */
-int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth)
-{
-    e->ecdh_meth = ecdh_meth;
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/engine/tb_ecdsa.c b/thirdparty/openssl/crypto/engine/tb_ecdsa.c
deleted file mode 100644
index a8b9be60d7..0000000000
--- a/thirdparty/openssl/crypto/engine/tb_ecdsa.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/*
- * If this symbol is defined then ENGINE_get_default_ECDSA(), the function
- * that is used by ECDSA to hook in implementation code and cache defaults
- * (etc), will display brief debugging summaries to stderr with the 'nid'.
- */
-/* #define ENGINE_ECDSA_DEBUG */
-
-static ENGINE_TABLE *ecdsa_table = NULL;
-static const int dummy_nid = 1;
-
-void ENGINE_unregister_ECDSA(ENGINE *e)
-{
-    engine_table_unregister(&ecdsa_table, e);
-}
-
-static void engine_unregister_all_ECDSA(void)
-{
-    engine_table_cleanup(&ecdsa_table);
-}
-
-int ENGINE_register_ECDSA(ENGINE *e)
-{
-    if (e->ecdsa_meth)
-        return engine_table_register(&ecdsa_table,
-                                     engine_unregister_all_ECDSA, e,
-                                     &dummy_nid, 1, 0);
-    return 1;
-}
-
-void ENGINE_register_all_ECDSA()
-{
-    ENGINE *e;
-
-    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-        ENGINE_register_ECDSA(e);
-}
-
-int ENGINE_set_default_ECDSA(ENGINE *e)
-{
-    if (e->ecdsa_meth)
-        return engine_table_register(&ecdsa_table,
-                                     engine_unregister_all_ECDSA, e,
-                                     &dummy_nid, 1, 1);
-    return 1;
-}
-
-/*
- * Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references).
- */
-ENGINE *ENGINE_get_default_ECDSA(void)
-{
-    return engine_table_select(&ecdsa_table, dummy_nid);
-}
-
-/* Obtains an ECDSA implementation from an ENGINE functional reference */
-const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e)
-{
-    return e->ecdsa_meth;
-}
-
-/* Sets an ECDSA implementation in an ENGINE structure */
-int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth)
-{
-    e->ecdsa_meth = ecdsa_meth;
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/engine/tb_pkmeth.c b/thirdparty/openssl/crypto/engine/tb_pkmeth.c
deleted file mode 100644
index 29e65be1ad..0000000000
--- a/thirdparty/openssl/crypto/engine/tb_pkmeth.c
+++ /dev/null
@@ -1,166 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-#include <openssl/evp.h>
-
-/*
- * If this symbol is defined then ENGINE_get_pkey_meth_engine(), the function
- * that is used by EVP to hook in pkey_meth code and cache defaults (etc),
- * will display brief debugging summaries to stderr with the 'nid'.
- */
-/* #define ENGINE_PKEY_METH_DEBUG */
-
-static ENGINE_TABLE *pkey_meth_table = NULL;
-
-void ENGINE_unregister_pkey_meths(ENGINE *e)
-{
-    engine_table_unregister(&pkey_meth_table, e);
-}
-
-static void engine_unregister_all_pkey_meths(void)
-{
-    engine_table_cleanup(&pkey_meth_table);
-}
-
-int ENGINE_register_pkey_meths(ENGINE *e)
-{
-    if (e->pkey_meths) {
-        const int *nids;
-        int num_nids = e->pkey_meths(e, NULL, &nids, 0);
-        if (num_nids > 0)
-            return engine_table_register(&pkey_meth_table,
-                                         engine_unregister_all_pkey_meths, e,
-                                         nids, num_nids, 0);
-    }
-    return 1;
-}
-
-void ENGINE_register_all_pkey_meths()
-{
-    ENGINE *e;
-
-    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-        ENGINE_register_pkey_meths(e);
-}
-
-int ENGINE_set_default_pkey_meths(ENGINE *e)
-{
-    if (e->pkey_meths) {
-        const int *nids;
-        int num_nids = e->pkey_meths(e, NULL, &nids, 0);
-        if (num_nids > 0)
-            return engine_table_register(&pkey_meth_table,
-                                         engine_unregister_all_pkey_meths, e,
-                                         nids, num_nids, 1);
-    }
-    return 1;
-}
-
-/*
- * Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references) for a given pkey_meth 'nid'
- */
-ENGINE *ENGINE_get_pkey_meth_engine(int nid)
-{
-    return engine_table_select(&pkey_meth_table, nid);
-}
-
-/* Obtains a pkey_meth implementation from an ENGINE functional reference */
-const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid)
-{
-    EVP_PKEY_METHOD *ret;
-    ENGINE_PKEY_METHS_PTR fn = ENGINE_get_pkey_meths(e);
-    if (!fn || !fn(e, &ret, NULL, nid)) {
-        ENGINEerr(ENGINE_F_ENGINE_GET_PKEY_METH,
-                  ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD);
-        return NULL;
-    }
-    return ret;
-}
-
-/* Gets the pkey_meth callback from an ENGINE structure */
-ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e)
-{
-    return e->pkey_meths;
-}
-
-/* Sets the pkey_meth callback in an ENGINE structure */
-int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f)
-{
-    e->pkey_meths = f;
-    return 1;
-}
-
-/*
- * Internal function to free up EVP_PKEY_METHOD structures before an ENGINE
- * is destroyed
- */
-
-void engine_pkey_meths_free(ENGINE *e)
-{
-    int i;
-    EVP_PKEY_METHOD *pkm;
-    if (e->pkey_meths) {
-        const int *pknids;
-        int npknids;
-        npknids = e->pkey_meths(e, NULL, &pknids, 0);
-        for (i = 0; i < npknids; i++) {
-            if (e->pkey_meths(e, &pkm, NULL, pknids[i])) {
-                EVP_PKEY_meth_free(pkm);
-            }
-        }
-    }
-}
diff --git a/thirdparty/openssl/crypto/engine/tb_rand.c b/thirdparty/openssl/crypto/engine/tb_rand.c
deleted file mode 100644
index a522264d04..0000000000
--- a/thirdparty/openssl/crypto/engine/tb_rand.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/*
- * If this symbol is defined then ENGINE_get_default_RAND(), the function
- * that is used by RAND to hook in implementation code and cache defaults
- * (etc), will display brief debugging summaries to stderr with the 'nid'.
- */
-/* #define ENGINE_RAND_DEBUG */
-
-static ENGINE_TABLE *rand_table = NULL;
-static const int dummy_nid = 1;
-
-void ENGINE_unregister_RAND(ENGINE *e)
-{
-    engine_table_unregister(&rand_table, e);
-}
-
-static void engine_unregister_all_RAND(void)
-{
-    engine_table_cleanup(&rand_table);
-}
-
-int ENGINE_register_RAND(ENGINE *e)
-{
-    if (e->rand_meth)
-        return engine_table_register(&rand_table,
-                                     engine_unregister_all_RAND, e,
-                                     &dummy_nid, 1, 0);
-    return 1;
-}
-
-void ENGINE_register_all_RAND()
-{
-    ENGINE *e;
-
-    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-        ENGINE_register_RAND(e);
-}
-
-int ENGINE_set_default_RAND(ENGINE *e)
-{
-    if (e->rand_meth)
-        return engine_table_register(&rand_table,
-                                     engine_unregister_all_RAND, e,
-                                     &dummy_nid, 1, 1);
-    return 1;
-}
-
-/*
- * Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references).
- */
-ENGINE *ENGINE_get_default_RAND(void)
-{
-    return engine_table_select(&rand_table, dummy_nid);
-}
-
-/* Obtains an RAND implementation from an ENGINE functional reference */
-const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e)
-{
-    return e->rand_meth;
-}
-
-/* Sets an RAND implementation in an ENGINE structure */
-int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth)
-{
-    e->rand_meth = rand_meth;
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/engine/tb_rsa.c b/thirdparty/openssl/crypto/engine/tb_rsa.c
deleted file mode 100644
index 2790a82192..0000000000
--- a/thirdparty/openssl/crypto/engine/tb_rsa.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/*
- * If this symbol is defined then ENGINE_get_default_RSA(), the function that
- * is used by RSA to hook in implementation code and cache defaults (etc),
- * will display brief debugging summaries to stderr with the 'nid'.
- */
-/* #define ENGINE_RSA_DEBUG */
-
-static ENGINE_TABLE *rsa_table = NULL;
-static const int dummy_nid = 1;
-
-void ENGINE_unregister_RSA(ENGINE *e)
-{
-    engine_table_unregister(&rsa_table, e);
-}
-
-static void engine_unregister_all_RSA(void)
-{
-    engine_table_cleanup(&rsa_table);
-}
-
-int ENGINE_register_RSA(ENGINE *e)
-{
-    if (e->rsa_meth)
-        return engine_table_register(&rsa_table,
-                                     engine_unregister_all_RSA, e, &dummy_nid,
-                                     1, 0);
-    return 1;
-}
-
-void ENGINE_register_all_RSA()
-{
-    ENGINE *e;
-
-    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-        ENGINE_register_RSA(e);
-}
-
-int ENGINE_set_default_RSA(ENGINE *e)
-{
-    if (e->rsa_meth)
-        return engine_table_register(&rsa_table,
-                                     engine_unregister_all_RSA, e, &dummy_nid,
-                                     1, 1);
-    return 1;
-}
-
-/*
- * Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references).
- */
-ENGINE *ENGINE_get_default_RSA(void)
-{
-    return engine_table_select(&rsa_table, dummy_nid);
-}
-
-/* Obtains an RSA implementation from an ENGINE functional reference */
-const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e)
-{
-    return e->rsa_meth;
-}
-
-/* Sets an RSA implementation in an ENGINE structure */
-int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth)
-{
-    e->rsa_meth = rsa_meth;
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/engine/tb_store.c b/thirdparty/openssl/crypto/engine/tb_store.c
deleted file mode 100644
index 1eab49d745..0000000000
--- a/thirdparty/openssl/crypto/engine/tb_store.c
+++ /dev/null
@@ -1,129 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/*
- * If this symbol is defined then ENGINE_get_default_STORE(), the function
- * that is used by STORE to hook in implementation code and cache defaults
- * (etc), will display brief debugging summaries to stderr with the 'nid'.
- */
-/* #define ENGINE_STORE_DEBUG */
-
-static ENGINE_TABLE *store_table = NULL;
-static const int dummy_nid = 1;
-
-void ENGINE_unregister_STORE(ENGINE *e)
-{
-    engine_table_unregister(&store_table, e);
-}
-
-static void engine_unregister_all_STORE(void)
-{
-    engine_table_cleanup(&store_table);
-}
-
-int ENGINE_register_STORE(ENGINE *e)
-{
-    if (e->store_meth)
-        return engine_table_register(&store_table,
-                                     engine_unregister_all_STORE, e,
-                                     &dummy_nid, 1, 0);
-    return 1;
-}
-
-void ENGINE_register_all_STORE()
-{
-    ENGINE *e;
-
-    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-        ENGINE_register_STORE(e);
-}
-
-/* The following two functions are removed because they're useless. */
-#if 0
-int ENGINE_set_default_STORE(ENGINE *e)
-{
-    if (e->store_meth)
-        return engine_table_register(&store_table,
-                                     engine_unregister_all_STORE, e,
-                                     &dummy_nid, 1, 1);
-    return 1;
-}
-#endif
-
-#if 0
-/*
- * Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references).
- */
-ENGINE *ENGINE_get_default_STORE(void)
-{
-    return engine_table_select(&store_table, dummy_nid);
-}
-#endif
-
-/* Obtains an STORE implementation from an ENGINE functional reference */
-const STORE_METHOD *ENGINE_get_STORE(const ENGINE *e)
-{
-    return e->store_meth;
-}
-
-/* Sets an STORE implementation in an ENGINE structure */
-int ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth)
-{
-    e->store_meth = store_meth;
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/err/err.c b/thirdparty/openssl/crypto/err/err.c
deleted file mode 100644
index 0b1fcfc1f1..0000000000
--- a/thirdparty/openssl/crypto/err/err.c
+++ /dev/null
@@ -1,1149 +0,0 @@
-/* crypto/err/err.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdarg.h>
-#include <string.h>
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/crypto.h>
-#include <openssl/buffer.h>
-#include <openssl/bio.h>
-#include <openssl/err.h>
-
-DECLARE_LHASH_OF(ERR_STRING_DATA);
-DECLARE_LHASH_OF(ERR_STATE);
-
-static void err_load_strings(int lib, ERR_STRING_DATA *str);
-
-static void ERR_STATE_free(ERR_STATE *s);
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA ERR_str_libraries[] = {
-    {ERR_PACK(ERR_LIB_NONE, 0, 0), "unknown library"},
-    {ERR_PACK(ERR_LIB_SYS, 0, 0), "system library"},
-    {ERR_PACK(ERR_LIB_BN, 0, 0), "bignum routines"},
-    {ERR_PACK(ERR_LIB_RSA, 0, 0), "rsa routines"},
-    {ERR_PACK(ERR_LIB_DH, 0, 0), "Diffie-Hellman routines"},
-    {ERR_PACK(ERR_LIB_EVP, 0, 0), "digital envelope routines"},
-    {ERR_PACK(ERR_LIB_BUF, 0, 0), "memory buffer routines"},
-    {ERR_PACK(ERR_LIB_OBJ, 0, 0), "object identifier routines"},
-    {ERR_PACK(ERR_LIB_PEM, 0, 0), "PEM routines"},
-    {ERR_PACK(ERR_LIB_DSA, 0, 0), "dsa routines"},
-    {ERR_PACK(ERR_LIB_X509, 0, 0), "x509 certificate routines"},
-    {ERR_PACK(ERR_LIB_ASN1, 0, 0), "asn1 encoding routines"},
-    {ERR_PACK(ERR_LIB_CONF, 0, 0), "configuration file routines"},
-    {ERR_PACK(ERR_LIB_CRYPTO, 0, 0), "common libcrypto routines"},
-    {ERR_PACK(ERR_LIB_EC, 0, 0), "elliptic curve routines"},
-    {ERR_PACK(ERR_LIB_SSL, 0, 0), "SSL routines"},
-    {ERR_PACK(ERR_LIB_BIO, 0, 0), "BIO routines"},
-    {ERR_PACK(ERR_LIB_PKCS7, 0, 0), "PKCS7 routines"},
-    {ERR_PACK(ERR_LIB_X509V3, 0, 0), "X509 V3 routines"},
-    {ERR_PACK(ERR_LIB_PKCS12, 0, 0), "PKCS12 routines"},
-    {ERR_PACK(ERR_LIB_RAND, 0, 0), "random number generator"},
-    {ERR_PACK(ERR_LIB_DSO, 0, 0), "DSO support routines"},
-    {ERR_PACK(ERR_LIB_TS, 0, 0), "time stamp routines"},
-    {ERR_PACK(ERR_LIB_ENGINE, 0, 0), "engine routines"},
-    {ERR_PACK(ERR_LIB_OCSP, 0, 0), "OCSP routines"},
-    {ERR_PACK(ERR_LIB_FIPS, 0, 0), "FIPS routines"},
-    {ERR_PACK(ERR_LIB_CMS, 0, 0), "CMS routines"},
-    {ERR_PACK(ERR_LIB_HMAC, 0, 0), "HMAC routines"},
-    {0, NULL},
-};
-
-static ERR_STRING_DATA ERR_str_functs[] = {
-    {ERR_PACK(0, SYS_F_FOPEN, 0), "fopen"},
-    {ERR_PACK(0, SYS_F_CONNECT, 0), "connect"},
-    {ERR_PACK(0, SYS_F_GETSERVBYNAME, 0), "getservbyname"},
-    {ERR_PACK(0, SYS_F_SOCKET, 0), "socket"},
-    {ERR_PACK(0, SYS_F_IOCTLSOCKET, 0), "ioctlsocket"},
-    {ERR_PACK(0, SYS_F_BIND, 0), "bind"},
-    {ERR_PACK(0, SYS_F_LISTEN, 0), "listen"},
-    {ERR_PACK(0, SYS_F_ACCEPT, 0), "accept"},
-# ifdef OPENSSL_SYS_WINDOWS
-    {ERR_PACK(0, SYS_F_WSASTARTUP, 0), "WSAstartup"},
-# endif
-    {ERR_PACK(0, SYS_F_OPENDIR, 0), "opendir"},
-    {ERR_PACK(0, SYS_F_FREAD, 0), "fread"},
-    {ERR_PACK(0, SYS_F_FFLUSH, 0), "fflush"},
-    {0, NULL},
-};
-
-static ERR_STRING_DATA ERR_str_reasons[] = {
-    {ERR_R_SYS_LIB, "system lib"},
-    {ERR_R_BN_LIB, "BN lib"},
-    {ERR_R_RSA_LIB, "RSA lib"},
-    {ERR_R_DH_LIB, "DH lib"},
-    {ERR_R_EVP_LIB, "EVP lib"},
-    {ERR_R_BUF_LIB, "BUF lib"},
-    {ERR_R_OBJ_LIB, "OBJ lib"},
-    {ERR_R_PEM_LIB, "PEM lib"},
-    {ERR_R_DSA_LIB, "DSA lib"},
-    {ERR_R_X509_LIB, "X509 lib"},
-    {ERR_R_ASN1_LIB, "ASN1 lib"},
-    {ERR_R_CONF_LIB, "CONF lib"},
-    {ERR_R_CRYPTO_LIB, "CRYPTO lib"},
-    {ERR_R_EC_LIB, "EC lib"},
-    {ERR_R_SSL_LIB, "SSL lib"},
-    {ERR_R_BIO_LIB, "BIO lib"},
-    {ERR_R_PKCS7_LIB, "PKCS7 lib"},
-    {ERR_R_X509V3_LIB, "X509V3 lib"},
-    {ERR_R_PKCS12_LIB, "PKCS12 lib"},
-    {ERR_R_RAND_LIB, "RAND lib"},
-    {ERR_R_DSO_LIB, "DSO lib"},
-    {ERR_R_ENGINE_LIB, "ENGINE lib"},
-    {ERR_R_OCSP_LIB, "OCSP lib"},
-    {ERR_R_TS_LIB, "TS lib"},
-
-    {ERR_R_NESTED_ASN1_ERROR, "nested asn1 error"},
-    {ERR_R_BAD_ASN1_OBJECT_HEADER, "bad asn1 object header"},
-    {ERR_R_BAD_GET_ASN1_OBJECT_CALL, "bad get asn1 object call"},
-    {ERR_R_EXPECTING_AN_ASN1_SEQUENCE, "expecting an asn1 sequence"},
-    {ERR_R_ASN1_LENGTH_MISMATCH, "asn1 length mismatch"},
-    {ERR_R_MISSING_ASN1_EOS, "missing asn1 eos"},
-
-    {ERR_R_FATAL, "fatal"},
-    {ERR_R_MALLOC_FAILURE, "malloc failure"},
-    {ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
-     "called a function you should not call"},
-    {ERR_R_PASSED_NULL_PARAMETER, "passed a null parameter"},
-    {ERR_R_INTERNAL_ERROR, "internal error"},
-    {ERR_R_DISABLED, "called a function that was disabled at compile-time"},
-
-    {0, NULL},
-};
-#endif
-
-/* Define the predeclared (but externally opaque) "ERR_FNS" type */
-struct st_ERR_FNS {
-    /* Works on the "error_hash" string table */
-    LHASH_OF(ERR_STRING_DATA) *(*cb_err_get) (int create);
-    void (*cb_err_del) (void);
-    ERR_STRING_DATA *(*cb_err_get_item) (const ERR_STRING_DATA *);
-    ERR_STRING_DATA *(*cb_err_set_item) (ERR_STRING_DATA *);
-    ERR_STRING_DATA *(*cb_err_del_item) (ERR_STRING_DATA *);
-    /* Works on the "thread_hash" error-state table */
-    LHASH_OF(ERR_STATE) *(*cb_thread_get) (int create);
-    void (*cb_thread_release) (LHASH_OF(ERR_STATE) **hash);
-    ERR_STATE *(*cb_thread_get_item) (const ERR_STATE *);
-    ERR_STATE *(*cb_thread_set_item) (ERR_STATE *);
-    void (*cb_thread_del_item) (const ERR_STATE *);
-    /* Returns the next available error "library" numbers */
-    int (*cb_get_next_lib) (void);
-};
-
-/* Predeclarations of the "err_defaults" functions */
-static LHASH_OF(ERR_STRING_DATA) *int_err_get(int create);
-static void int_err_del(void);
-static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *);
-static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *);
-static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *);
-static LHASH_OF(ERR_STATE) *int_thread_get(int create);
-static void int_thread_release(LHASH_OF(ERR_STATE) **hash);
-static ERR_STATE *int_thread_get_item(const ERR_STATE *);
-static ERR_STATE *int_thread_set_item(ERR_STATE *);
-static void int_thread_del_item(const ERR_STATE *);
-static int int_err_get_next_lib(void);
-/* The static ERR_FNS table using these defaults functions */
-static const ERR_FNS err_defaults = {
-    int_err_get,
-    int_err_del,
-    int_err_get_item,
-    int_err_set_item,
-    int_err_del_item,
-    int_thread_get,
-    int_thread_release,
-    int_thread_get_item,
-    int_thread_set_item,
-    int_thread_del_item,
-    int_err_get_next_lib
-};
-
-/* The replacable table of ERR_FNS functions we use at run-time */
-static const ERR_FNS *err_fns = NULL;
-
-/* Eg. rather than using "err_get()", use "ERRFN(err_get)()". */
-#define ERRFN(a) err_fns->cb_##a
-
-/*
- * The internal state used by "err_defaults" - as such, the setting, reading,
- * creating, and deleting of this data should only be permitted via the
- * "err_defaults" functions. This way, a linked module can completely defer
- * all ERR state operation (together with requisite locking) to the
- * implementations and state in the loading application.
- */
-static LHASH_OF(ERR_STRING_DATA) *int_error_hash = NULL;
-static LHASH_OF(ERR_STATE) *int_thread_hash = NULL;
-static int int_thread_hash_references = 0;
-static int int_err_library_number = ERR_LIB_USER;
-
-/*
- * Internal function that checks whether "err_fns" is set and if not, sets it
- * to the defaults.
- */
-static void err_fns_check(void)
-{
-    if (err_fns)
-        return;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-    if (!err_fns)
-        err_fns = &err_defaults;
-    CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-}
-
-/* API functions to get or set the underlying ERR functions. */
-
-const ERR_FNS *ERR_get_implementation(void)
-{
-    err_fns_check();
-    return err_fns;
-}
-
-int ERR_set_implementation(const ERR_FNS *fns)
-{
-    int ret = 0;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-    /*
-     * It's too late if 'err_fns' is non-NULL. BTW: not much point setting an
-     * error is there?!
-     */
-    if (!err_fns) {
-        err_fns = fns;
-        ret = 1;
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-    return ret;
-}
-
-/*
- * These are the callbacks provided to "lh_new()" when creating the LHASH
- * tables internal to the "err_defaults" implementation.
- */
-
-static unsigned long get_error_values(int inc, int top, const char **file,
-                                      int *line, const char **data,
-                                      int *flags);
-
-/* The internal functions used in the "err_defaults" implementation */
-
-static unsigned long err_string_data_hash(const ERR_STRING_DATA *a)
-{
-    unsigned long ret, l;
-
-    l = a->error;
-    ret = l ^ ERR_GET_LIB(l) ^ ERR_GET_FUNC(l);
-    return (ret ^ ret % 19 * 13);
-}
-
-static IMPLEMENT_LHASH_HASH_FN(err_string_data, ERR_STRING_DATA)
-
-static int err_string_data_cmp(const ERR_STRING_DATA *a,
-                               const ERR_STRING_DATA *b)
-{
-    return (int)(a->error - b->error);
-}
-
-static IMPLEMENT_LHASH_COMP_FN(err_string_data, ERR_STRING_DATA)
-
-static LHASH_OF(ERR_STRING_DATA) *int_err_get(int create)
-{
-    LHASH_OF(ERR_STRING_DATA) *ret = NULL;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-    if (!int_error_hash && create) {
-        CRYPTO_push_info("int_err_get (err.c)");
-        int_error_hash = lh_ERR_STRING_DATA_new();
-        CRYPTO_pop_info();
-    }
-    if (int_error_hash)
-        ret = int_error_hash;
-    CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-
-    return ret;
-}
-
-static void int_err_del(void)
-{
-    CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-    if (int_error_hash) {
-        lh_ERR_STRING_DATA_free(int_error_hash);
-        int_error_hash = NULL;
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-}
-
-static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *d)
-{
-    ERR_STRING_DATA *p;
-    LHASH_OF(ERR_STRING_DATA) *hash;
-
-    err_fns_check();
-    hash = ERRFN(err_get) (0);
-    if (!hash)
-        return NULL;
-
-    CRYPTO_r_lock(CRYPTO_LOCK_ERR);
-    p = lh_ERR_STRING_DATA_retrieve(hash, d);
-    CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
-
-    return p;
-}
-
-static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *d)
-{
-    ERR_STRING_DATA *p;
-    LHASH_OF(ERR_STRING_DATA) *hash;
-
-    err_fns_check();
-    hash = ERRFN(err_get) (1);
-    if (!hash)
-        return NULL;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-    p = lh_ERR_STRING_DATA_insert(hash, d);
-    CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-
-    return p;
-}
-
-static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *d)
-{
-    ERR_STRING_DATA *p;
-    LHASH_OF(ERR_STRING_DATA) *hash;
-
-    err_fns_check();
-    hash = ERRFN(err_get) (0);
-    if (!hash)
-        return NULL;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-    p = lh_ERR_STRING_DATA_delete(hash, d);
-    CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-
-    return p;
-}
-
-static unsigned long err_state_hash(const ERR_STATE *a)
-{
-    return CRYPTO_THREADID_hash(&a->tid) * 13;
-}
-
-static IMPLEMENT_LHASH_HASH_FN(err_state, ERR_STATE)
-
-static int err_state_cmp(const ERR_STATE *a, const ERR_STATE *b)
-{
-    return CRYPTO_THREADID_cmp(&a->tid, &b->tid);
-}
-
-static IMPLEMENT_LHASH_COMP_FN(err_state, ERR_STATE)
-
-static LHASH_OF(ERR_STATE) *int_thread_get(int create)
-{
-    LHASH_OF(ERR_STATE) *ret = NULL;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-    if (!int_thread_hash && create) {
-        CRYPTO_push_info("int_thread_get (err.c)");
-        int_thread_hash = lh_ERR_STATE_new();
-        CRYPTO_pop_info();
-    }
-    if (int_thread_hash) {
-        int_thread_hash_references++;
-        ret = int_thread_hash;
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-    return ret;
-}
-
-static void int_thread_release(LHASH_OF(ERR_STATE) **hash)
-{
-    int i;
-
-    if (hash == NULL || *hash == NULL)
-        return;
-
-    i = CRYPTO_add(&int_thread_hash_references, -1, CRYPTO_LOCK_ERR);
-
-#ifdef REF_PRINT
-    fprintf(stderr, "%4d:%s\n", int_thread_hash_references, "ERR");
-#endif
-    if (i > 0)
-        return;
-#ifdef REF_CHECK
-    if (i < 0) {
-        fprintf(stderr, "int_thread_release, bad reference count\n");
-        abort();                /* ok */
-    }
-#endif
-    *hash = NULL;
-}
-
-static ERR_STATE *int_thread_get_item(const ERR_STATE *d)
-{
-    ERR_STATE *p;
-    LHASH_OF(ERR_STATE) *hash;
-
-    err_fns_check();
-    hash = ERRFN(thread_get) (0);
-    if (!hash)
-        return NULL;
-
-    CRYPTO_r_lock(CRYPTO_LOCK_ERR);
-    p = lh_ERR_STATE_retrieve(hash, d);
-    CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
-
-    ERRFN(thread_release) (&hash);
-    return p;
-}
-
-static ERR_STATE *int_thread_set_item(ERR_STATE *d)
-{
-    ERR_STATE *p;
-    LHASH_OF(ERR_STATE) *hash;
-
-    err_fns_check();
-    hash = ERRFN(thread_get) (1);
-    if (!hash)
-        return NULL;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-    p = lh_ERR_STATE_insert(hash, d);
-    CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-
-    ERRFN(thread_release) (&hash);
-    return p;
-}
-
-static void int_thread_del_item(const ERR_STATE *d)
-{
-    ERR_STATE *p;
-    LHASH_OF(ERR_STATE) *hash;
-
-    err_fns_check();
-    hash = ERRFN(thread_get) (0);
-    if (!hash)
-        return;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-    p = lh_ERR_STATE_delete(hash, d);
-    /* make sure we don't leak memory */
-    if (int_thread_hash_references == 1
-        && int_thread_hash && lh_ERR_STATE_num_items(int_thread_hash) == 0) {
-        lh_ERR_STATE_free(int_thread_hash);
-        int_thread_hash = NULL;
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-
-    ERRFN(thread_release) (&hash);
-    if (p)
-        ERR_STATE_free(p);
-}
-
-static int int_err_get_next_lib(void)
-{
-    int ret;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-    ret = int_err_library_number++;
-    CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-
-    return ret;
-}
-
-#ifndef OPENSSL_NO_ERR
-# define NUM_SYS_STR_REASONS 127
-# define LEN_SYS_STR_REASON 32
-
-static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1];
-/*
- * SYS_str_reasons is filled with copies of strerror() results at
- * initialization. 'errno' values up to 127 should cover all usual errors,
- * others will be displayed numerically by ERR_error_string. It is crucial
- * that we have something for each reason code that occurs in
- * ERR_str_reasons, or bogus reason strings will be returned for SYSerr(),
- * which always gets an errno value and never one of those 'standard' reason
- * codes.
- */
-
-static void build_SYS_str_reasons(void)
-{
-    /* OPENSSL_malloc cannot be used here, use static storage instead */
-    static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON];
-    int i;
-    static int init = 1;
-
-    CRYPTO_r_lock(CRYPTO_LOCK_ERR);
-    if (!init) {
-        CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
-        return;
-    }
-
-    CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
-    CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-    if (!init) {
-        CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-        return;
-    }
-
-    for (i = 1; i <= NUM_SYS_STR_REASONS; i++) {
-        ERR_STRING_DATA *str = &SYS_str_reasons[i - 1];
-
-        str->error = (unsigned long)i;
-        if (str->string == NULL) {
-            char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]);
-            char *src = strerror(i);
-            if (src != NULL) {
-                strncpy(*dest, src, sizeof *dest);
-                (*dest)[sizeof *dest - 1] = '\0';
-                str->string = *dest;
-            }
-        }
-        if (str->string == NULL)
-            str->string = "unknown";
-    }
-
-    /*
-     * Now we still have SYS_str_reasons[NUM_SYS_STR_REASONS] = {0, NULL}, as
-     * required by ERR_load_strings.
-     */
-
-    init = 0;
-
-    CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-}
-#endif
-
-#define err_clear_data(p,i) \
-        do { \
-        if (((p)->err_data[i] != NULL) && \
-                (p)->err_data_flags[i] & ERR_TXT_MALLOCED) \
-                {  \
-                OPENSSL_free((p)->err_data[i]); \
-                (p)->err_data[i]=NULL; \
-                } \
-        (p)->err_data_flags[i]=0; \
-        } while(0)
-
-#define err_clear(p,i) \
-        do { \
-        (p)->err_flags[i]=0; \
-        (p)->err_buffer[i]=0; \
-        err_clear_data(p,i); \
-        (p)->err_file[i]=NULL; \
-        (p)->err_line[i]= -1; \
-        } while(0)
-
-static void ERR_STATE_free(ERR_STATE *s)
-{
-    int i;
-
-    if (s == NULL)
-        return;
-
-    for (i = 0; i < ERR_NUM_ERRORS; i++) {
-        err_clear_data(s, i);
-    }
-    OPENSSL_free(s);
-}
-
-void ERR_load_ERR_strings(void)
-{
-    err_fns_check();
-#ifndef OPENSSL_NO_ERR
-    err_load_strings(0, ERR_str_libraries);
-    err_load_strings(0, ERR_str_reasons);
-    err_load_strings(ERR_LIB_SYS, ERR_str_functs);
-    build_SYS_str_reasons();
-    err_load_strings(ERR_LIB_SYS, SYS_str_reasons);
-#endif
-}
-
-static void err_load_strings(int lib, ERR_STRING_DATA *str)
-{
-    while (str->error) {
-        if (lib)
-            str->error |= ERR_PACK(lib, 0, 0);
-        ERRFN(err_set_item) (str);
-        str++;
-    }
-}
-
-void ERR_load_strings(int lib, ERR_STRING_DATA *str)
-{
-    ERR_load_ERR_strings();
-    err_load_strings(lib, str);
-}
-
-void ERR_unload_strings(int lib, ERR_STRING_DATA *str)
-{
-    while (str->error) {
-        if (lib)
-            str->error |= ERR_PACK(lib, 0, 0);
-        ERRFN(err_del_item) (str);
-        str++;
-    }
-}
-
-void ERR_free_strings(void)
-{
-    err_fns_check();
-    ERRFN(err_del) ();
-}
-
-/********************************************************/
-
-void ERR_put_error(int lib, int func, int reason, const char *file, int line)
-{
-    ERR_STATE *es;
-
-#ifdef _OSD_POSIX
-    /*
-     * In the BS2000-OSD POSIX subsystem, the compiler generates path names
-     * in the form "*POSIX(/etc/passwd)". This dirty hack strips them to
-     * something sensible. @@@ We shouldn't modify a const string, though.
-     */
-    if (strncmp(file, "*POSIX(", sizeof("*POSIX(") - 1) == 0) {
-        char *end;
-
-        /* Skip the "*POSIX(" prefix */
-        file += sizeof("*POSIX(") - 1;
-        end = &file[strlen(file) - 1];
-        if (*end == ')')
-            *end = '\0';
-        /* Optional: use the basename of the path only. */
-        if ((end = strrchr(file, '/')) != NULL)
-            file = &end[1];
-    }
-#endif
-    es = ERR_get_state();
-
-    es->top = (es->top + 1) % ERR_NUM_ERRORS;
-    if (es->top == es->bottom)
-        es->bottom = (es->bottom + 1) % ERR_NUM_ERRORS;
-    es->err_flags[es->top] = 0;
-    es->err_buffer[es->top] = ERR_PACK(lib, func, reason);
-    es->err_file[es->top] = file;
-    es->err_line[es->top] = line;
-    err_clear_data(es, es->top);
-}
-
-void ERR_clear_error(void)
-{
-    int i;
-    ERR_STATE *es;
-
-    es = ERR_get_state();
-
-    for (i = 0; i < ERR_NUM_ERRORS; i++) {
-        err_clear(es, i);
-    }
-    es->top = es->bottom = 0;
-}
-
-unsigned long ERR_get_error(void)
-{
-    return (get_error_values(1, 0, NULL, NULL, NULL, NULL));
-}
-
-unsigned long ERR_get_error_line(const char **file, int *line)
-{
-    return (get_error_values(1, 0, file, line, NULL, NULL));
-}
-
-unsigned long ERR_get_error_line_data(const char **file, int *line,
-                                      const char **data, int *flags)
-{
-    return (get_error_values(1, 0, file, line, data, flags));
-}
-
-unsigned long ERR_peek_error(void)
-{
-    return (get_error_values(0, 0, NULL, NULL, NULL, NULL));
-}
-
-unsigned long ERR_peek_error_line(const char **file, int *line)
-{
-    return (get_error_values(0, 0, file, line, NULL, NULL));
-}
-
-unsigned long ERR_peek_error_line_data(const char **file, int *line,
-                                       const char **data, int *flags)
-{
-    return (get_error_values(0, 0, file, line, data, flags));
-}
-
-unsigned long ERR_peek_last_error(void)
-{
-    return (get_error_values(0, 1, NULL, NULL, NULL, NULL));
-}
-
-unsigned long ERR_peek_last_error_line(const char **file, int *line)
-{
-    return (get_error_values(0, 1, file, line, NULL, NULL));
-}
-
-unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
-                                            const char **data, int *flags)
-{
-    return (get_error_values(0, 1, file, line, data, flags));
-}
-
-static unsigned long get_error_values(int inc, int top, const char **file,
-                                      int *line, const char **data,
-                                      int *flags)
-{
-    int i = 0;
-    ERR_STATE *es;
-    unsigned long ret;
-
-    es = ERR_get_state();
-
-    if (inc && top) {
-        if (file)
-            *file = "";
-        if (line)
-            *line = 0;
-        if (data)
-            *data = "";
-        if (flags)
-            *flags = 0;
-
-        return ERR_R_INTERNAL_ERROR;
-    }
-
-    if (es->bottom == es->top)
-        return 0;
-    if (top)
-        i = es->top;            /* last error */
-    else
-        i = (es->bottom + 1) % ERR_NUM_ERRORS; /* first error */
-
-    ret = es->err_buffer[i];
-    if (inc) {
-        es->bottom = i;
-        es->err_buffer[i] = 0;
-    }
-
-    if ((file != NULL) && (line != NULL)) {
-        if (es->err_file[i] == NULL) {
-            *file = "NA";
-            if (line != NULL)
-                *line = 0;
-        } else {
-            *file = es->err_file[i];
-            if (line != NULL)
-                *line = es->err_line[i];
-        }
-    }
-
-    if (data == NULL) {
-        if (inc) {
-            err_clear_data(es, i);
-        }
-    } else {
-        if (es->err_data[i] == NULL) {
-            *data = "";
-            if (flags != NULL)
-                *flags = 0;
-        } else {
-            *data = es->err_data[i];
-            if (flags != NULL)
-                *flags = es->err_data_flags[i];
-        }
-    }
-    return ret;
-}
-
-void ERR_error_string_n(unsigned long e, char *buf, size_t len)
-{
-    char lsbuf[64], fsbuf[64], rsbuf[64];
-    const char *ls, *fs, *rs;
-    unsigned long l, f, r;
-
-    if (len == 0)
-        return;
-
-    l = ERR_GET_LIB(e);
-    f = ERR_GET_FUNC(e);
-    r = ERR_GET_REASON(e);
-
-    ls = ERR_lib_error_string(e);
-    fs = ERR_func_error_string(e);
-    rs = ERR_reason_error_string(e);
-
-    if (ls == NULL)
-        BIO_snprintf(lsbuf, sizeof(lsbuf), "lib(%lu)", l);
-    if (fs == NULL)
-        BIO_snprintf(fsbuf, sizeof(fsbuf), "func(%lu)", f);
-    if (rs == NULL)
-        BIO_snprintf(rsbuf, sizeof(rsbuf), "reason(%lu)", r);
-
-    BIO_snprintf(buf, len, "error:%08lX:%s:%s:%s", e, ls ? ls : lsbuf,
-                 fs ? fs : fsbuf, rs ? rs : rsbuf);
-    if (strlen(buf) == len - 1) {
-        /*
-         * output may be truncated; make sure we always have 5
-         * colon-separated fields, i.e. 4 colons ...
-         */
-#define NUM_COLONS 4
-        if (len > NUM_COLONS) { /* ... if possible */
-            int i;
-            char *s = buf;
-
-            for (i = 0; i < NUM_COLONS; i++) {
-                char *colon = strchr(s, ':');
-                if (colon == NULL || colon > &buf[len - 1] - NUM_COLONS + i) {
-                    /*
-                     * set colon no. i at last possible position (buf[len-1]
-                     * is the terminating 0)
-                     */
-                    colon = &buf[len - 1] - NUM_COLONS + i;
-                    *colon = ':';
-                }
-                s = colon + 1;
-            }
-        }
-    }
-}
-
-/* BAD for multi-threading: uses a local buffer if ret == NULL */
-/*
- * ERR_error_string_n should be used instead for ret != NULL as
- * ERR_error_string cannot know how large the buffer is
- */
-char *ERR_error_string(unsigned long e, char *ret)
-{
-    static char buf[256];
-
-    if (ret == NULL)
-        ret = buf;
-    ERR_error_string_n(e, ret, 256);
-
-    return ret;
-}
-
-LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void)
-{
-    err_fns_check();
-    return ERRFN(err_get) (0);
-}
-
-LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void)
-{
-    err_fns_check();
-    return ERRFN(thread_get) (0);
-}
-
-void ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash)
-{
-    err_fns_check();
-    ERRFN(thread_release) (hash);
-}
-
-const char *ERR_lib_error_string(unsigned long e)
-{
-    ERR_STRING_DATA d, *p;
-    unsigned long l;
-
-    err_fns_check();
-    l = ERR_GET_LIB(e);
-    d.error = ERR_PACK(l, 0, 0);
-    p = ERRFN(err_get_item) (&d);
-    return ((p == NULL) ? NULL : p->string);
-}
-
-const char *ERR_func_error_string(unsigned long e)
-{
-    ERR_STRING_DATA d, *p;
-    unsigned long l, f;
-
-    err_fns_check();
-    l = ERR_GET_LIB(e);
-    f = ERR_GET_FUNC(e);
-    d.error = ERR_PACK(l, f, 0);
-    p = ERRFN(err_get_item) (&d);
-    return ((p == NULL) ? NULL : p->string);
-}
-
-const char *ERR_reason_error_string(unsigned long e)
-{
-    ERR_STRING_DATA d, *p = NULL;
-    unsigned long l, r;
-
-    err_fns_check();
-    l = ERR_GET_LIB(e);
-    r = ERR_GET_REASON(e);
-    d.error = ERR_PACK(l, 0, r);
-    p = ERRFN(err_get_item) (&d);
-    if (!p) {
-        d.error = ERR_PACK(0, 0, r);
-        p = ERRFN(err_get_item) (&d);
-    }
-    return ((p == NULL) ? NULL : p->string);
-}
-
-void ERR_remove_thread_state(const CRYPTO_THREADID *id)
-{
-    ERR_STATE tmp;
-
-    if (id)
-        CRYPTO_THREADID_cpy(&tmp.tid, id);
-    else
-        CRYPTO_THREADID_current(&tmp.tid);
-    err_fns_check();
-    /*
-     * thread_del_item automatically destroys the LHASH if the number of
-     * items reaches zero.
-     */
-    ERRFN(thread_del_item) (&tmp);
-}
-
-#ifndef OPENSSL_NO_DEPRECATED
-void ERR_remove_state(unsigned long pid)
-{
-    ERR_remove_thread_state(NULL);
-}
-#endif
-
-ERR_STATE *ERR_get_state(void)
-{
-    static ERR_STATE fallback;
-    ERR_STATE *ret, tmp, *tmpp = NULL;
-    int i;
-    CRYPTO_THREADID tid;
-
-    err_fns_check();
-    CRYPTO_THREADID_current(&tid);
-    CRYPTO_THREADID_cpy(&tmp.tid, &tid);
-    ret = ERRFN(thread_get_item) (&tmp);
-
-    /* ret == the error state, if NULL, make a new one */
-    if (ret == NULL) {
-        ret = (ERR_STATE *)OPENSSL_malloc(sizeof(ERR_STATE));
-        if (ret == NULL)
-            return (&fallback);
-        CRYPTO_THREADID_cpy(&ret->tid, &tid);
-        ret->top = 0;
-        ret->bottom = 0;
-        for (i = 0; i < ERR_NUM_ERRORS; i++) {
-            ret->err_data[i] = NULL;
-            ret->err_data_flags[i] = 0;
-        }
-        tmpp = ERRFN(thread_set_item) (ret);
-        /* To check if insertion failed, do a get. */
-        if (ERRFN(thread_get_item) (ret) != ret) {
-            ERR_STATE_free(ret); /* could not insert it */
-            return (&fallback);
-        }
-        /*
-         * If a race occured in this function and we came second, tmpp is the
-         * first one that we just replaced.
-         */
-        if (tmpp)
-            ERR_STATE_free(tmpp);
-    }
-    return ret;
-}
-
-int ERR_get_next_error_library(void)
-{
-    err_fns_check();
-    return ERRFN(get_next_lib) ();
-}
-
-void ERR_set_error_data(char *data, int flags)
-{
-    ERR_STATE *es;
-    int i;
-
-    es = ERR_get_state();
-
-    i = es->top;
-    if (i == 0)
-        i = ERR_NUM_ERRORS - 1;
-
-    err_clear_data(es, i);
-    es->err_data[i] = data;
-    es->err_data_flags[i] = flags;
-}
-
-void ERR_add_error_data(int num, ...)
-{
-    va_list args;
-    va_start(args, num);
-    ERR_add_error_vdata(num, args);
-    va_end(args);
-}
-
-void ERR_add_error_vdata(int num, va_list args)
-{
-    int i, n, s;
-    char *str, *p, *a;
-
-    s = 80;
-    str = OPENSSL_malloc(s + 1);
-    if (str == NULL)
-        return;
-    str[0] = '\0';
-
-    n = 0;
-    for (i = 0; i < num; i++) {
-        a = va_arg(args, char *);
-        /* ignore NULLs, thanks to Bob Beck <beck@obtuse.com> */
-        if (a != NULL) {
-            n += strlen(a);
-            if (n > s) {
-                s = n + 20;
-                p = OPENSSL_realloc(str, s + 1);
-                if (p == NULL) {
-                    OPENSSL_free(str);
-                    return;
-                } else
-                    str = p;
-            }
-            BUF_strlcat(str, a, (size_t)s + 1);
-        }
-    }
-    ERR_set_error_data(str, ERR_TXT_MALLOCED | ERR_TXT_STRING);
-}
-
-int ERR_set_mark(void)
-{
-    ERR_STATE *es;
-
-    es = ERR_get_state();
-
-    if (es->bottom == es->top)
-        return 0;
-    es->err_flags[es->top] |= ERR_FLAG_MARK;
-    return 1;
-}
-
-int ERR_pop_to_mark(void)
-{
-    ERR_STATE *es;
-
-    es = ERR_get_state();
-
-    while (es->bottom != es->top
-           && (es->err_flags[es->top] & ERR_FLAG_MARK) == 0) {
-        err_clear(es, es->top);
-        es->top -= 1;
-        if (es->top == -1)
-            es->top = ERR_NUM_ERRORS - 1;
-    }
-
-    if (es->bottom == es->top)
-        return 0;
-    es->err_flags[es->top] &= ~ERR_FLAG_MARK;
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/err/err_all.c b/thirdparty/openssl/crypto/err/err_all.c
deleted file mode 100644
index d7575a7ef8..0000000000
--- a/thirdparty/openssl/crypto/err/err_all.c
+++ /dev/null
@@ -1,168 +0,0 @@
-/* crypto/err/err_all.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/asn1.h>
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_EC
-# include <openssl/ec.h>
-#endif
-#include <openssl/buffer.h>
-#include <openssl/bio.h>
-#ifndef OPENSSL_NO_COMP
-# include <openssl/comp.h>
-#endif
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_ECDSA
-# include <openssl/ecdsa.h>
-#endif
-#ifndef OPENSSL_NO_ECDH
-# include <openssl/ecdh.h>
-#endif
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/pem2.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/conf.h>
-#include <openssl/pkcs12.h>
-#include <openssl/rand.h>
-#include <openssl/dso.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-#include <openssl/ui.h>
-#include <openssl/ocsp.h>
-#include <openssl/err.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-#include <openssl/ts.h>
-#ifndef OPENSSL_NO_CMS
-# include <openssl/cms.h>
-#endif
-#ifndef OPENSSL_NO_JPAKE
-# include <openssl/jpake.h>
-#endif
-
-void ERR_load_crypto_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-    ERR_load_ERR_strings();     /* include error strings for SYSerr */
-    ERR_load_BN_strings();
-# ifndef OPENSSL_NO_RSA
-    ERR_load_RSA_strings();
-# endif
-# ifndef OPENSSL_NO_DH
-    ERR_load_DH_strings();
-# endif
-    ERR_load_EVP_strings();
-    ERR_load_BUF_strings();
-    ERR_load_OBJ_strings();
-    ERR_load_PEM_strings();
-# ifndef OPENSSL_NO_DSA
-    ERR_load_DSA_strings();
-# endif
-    ERR_load_X509_strings();
-    ERR_load_ASN1_strings();
-    ERR_load_CONF_strings();
-    ERR_load_CRYPTO_strings();
-# ifndef OPENSSL_NO_COMP
-    ERR_load_COMP_strings();
-# endif
-# ifndef OPENSSL_NO_EC
-    ERR_load_EC_strings();
-# endif
-# ifndef OPENSSL_NO_ECDSA
-    ERR_load_ECDSA_strings();
-# endif
-# ifndef OPENSSL_NO_ECDH
-    ERR_load_ECDH_strings();
-# endif
-    /* skip ERR_load_SSL_strings() because it is not in this library */
-    ERR_load_BIO_strings();
-    ERR_load_PKCS7_strings();
-    ERR_load_X509V3_strings();
-    ERR_load_PKCS12_strings();
-    ERR_load_RAND_strings();
-    ERR_load_DSO_strings();
-    ERR_load_TS_strings();
-# ifndef OPENSSL_NO_ENGINE
-    ERR_load_ENGINE_strings();
-# endif
-    ERR_load_OCSP_strings();
-    ERR_load_UI_strings();
-# ifdef OPENSSL_FIPS
-    ERR_load_FIPS_strings();
-# endif
-# ifndef OPENSSL_NO_CMS
-    ERR_load_CMS_strings();
-# endif
-# ifndef OPENSSL_NO_JPAKE
-    ERR_load_JPAKE_strings();
-# endif
-#endif
-}
diff --git a/thirdparty/openssl/crypto/err/err_prn.c b/thirdparty/openssl/crypto/err/err_prn.c
deleted file mode 100644
index 6e352effe3..0000000000
--- a/thirdparty/openssl/crypto/err/err_prn.c
+++ /dev/null
@@ -1,113 +0,0 @@
-/* crypto/err/err_prn.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/crypto.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-void ERR_print_errors_cb(int (*cb) (const char *str, size_t len, void *u),
-                         void *u)
-{
-    unsigned long l;
-    char buf[256];
-    char buf2[4096];
-    const char *file, *data;
-    int line, flags;
-    unsigned long es;
-    CRYPTO_THREADID cur;
-
-    CRYPTO_THREADID_current(&cur);
-    es = CRYPTO_THREADID_hash(&cur);
-    while ((l = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0) {
-        ERR_error_string_n(l, buf, sizeof buf);
-        BIO_snprintf(buf2, sizeof(buf2), "%lu:%s:%s:%d:%s\n", es, buf,
-                     file, line, (flags & ERR_TXT_STRING) ? data : "");
-        if (cb(buf2, strlen(buf2), u) <= 0)
-            break;              /* abort outputting the error report */
-    }
-}
-
-#ifndef OPENSSL_NO_FP_API
-static int print_fp(const char *str, size_t len, void *fp)
-{
-    BIO bio;
-
-    BIO_set(&bio, BIO_s_file());
-    BIO_set_fp(&bio, fp, BIO_NOCLOSE);
-
-    return BIO_printf(&bio, "%s", str);
-}
-
-void ERR_print_errors_fp(FILE *fp)
-{
-    ERR_print_errors_cb(print_fp, fp);
-}
-#endif
-
-static int print_bio(const char *str, size_t len, void *bp)
-{
-    return BIO_write((BIO *)bp, str, len);
-}
-
-void ERR_print_errors(BIO *bp)
-{
-    ERR_print_errors_cb(print_bio, bp);
-}
diff --git a/thirdparty/openssl/crypto/evp/bio_b64.c b/thirdparty/openssl/crypto/evp/bio_b64.c
deleted file mode 100644
index 538b520264..0000000000
--- a/thirdparty/openssl/crypto/evp/bio_b64.c
+++ /dev/null
@@ -1,573 +0,0 @@
-/* crypto/evp/bio_b64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-
-static int b64_write(BIO *h, const char *buf, int num);
-static int b64_read(BIO *h, char *buf, int size);
-static int b64_puts(BIO *h, const char *str);
-/*
- * static int b64_gets(BIO *h, char *str, int size);
- */
-static long b64_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int b64_new(BIO *h);
-static int b64_free(BIO *data);
-static long b64_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-#define B64_BLOCK_SIZE  1024
-#define B64_BLOCK_SIZE2 768
-#define B64_NONE        0
-#define B64_ENCODE      1
-#define B64_DECODE      2
-
-typedef struct b64_struct {
-    /*
-     * BIO *bio; moved to the BIO structure
-     */
-    int buf_len;
-    int buf_off;
-    int tmp_len;                /* used to find the start when decoding */
-    int tmp_nl;                 /* If true, scan until '\n' */
-    int encode;
-    int start;                  /* have we started decoding yet? */
-    int cont;                   /* <= 0 when finished */
-    EVP_ENCODE_CTX base64;
-    char buf[EVP_ENCODE_LENGTH(B64_BLOCK_SIZE) + 10];
-    char tmp[B64_BLOCK_SIZE];
-} BIO_B64_CTX;
-
-static BIO_METHOD methods_b64 = {
-    BIO_TYPE_BASE64, "base64 encoding",
-    b64_write,
-    b64_read,
-    b64_puts,
-    NULL,                       /* b64_gets, */
-    b64_ctrl,
-    b64_new,
-    b64_free,
-    b64_callback_ctrl,
-};
-
-BIO_METHOD *BIO_f_base64(void)
-{
-    return (&methods_b64);
-}
-
-static int b64_new(BIO *bi)
-{
-    BIO_B64_CTX *ctx;
-
-    ctx = (BIO_B64_CTX *)OPENSSL_malloc(sizeof(BIO_B64_CTX));
-    if (ctx == NULL)
-        return (0);
-
-    ctx->buf_len = 0;
-    ctx->tmp_len = 0;
-    ctx->tmp_nl = 0;
-    ctx->buf_off = 0;
-    ctx->cont = 1;
-    ctx->start = 1;
-    ctx->encode = 0;
-
-    bi->init = 1;
-    bi->ptr = (char *)ctx;
-    bi->flags = 0;
-    bi->num = 0;
-    return (1);
-}
-
-static int b64_free(BIO *a)
-{
-    if (a == NULL)
-        return (0);
-    OPENSSL_free(a->ptr);
-    a->ptr = NULL;
-    a->init = 0;
-    a->flags = 0;
-    return (1);
-}
-
-static int b64_read(BIO *b, char *out, int outl)
-{
-    int ret = 0, i, ii, j, k, x, n, num, ret_code = 0;
-    BIO_B64_CTX *ctx;
-    unsigned char *p, *q;
-
-    if (out == NULL)
-        return (0);
-    ctx = (BIO_B64_CTX *)b->ptr;
-
-    if ((ctx == NULL) || (b->next_bio == NULL))
-        return (0);
-
-    BIO_clear_retry_flags(b);
-
-    if (ctx->encode != B64_DECODE) {
-        ctx->encode = B64_DECODE;
-        ctx->buf_len = 0;
-        ctx->buf_off = 0;
-        ctx->tmp_len = 0;
-        EVP_DecodeInit(&(ctx->base64));
-    }
-
-    /* First check if there are bytes decoded/encoded */
-    if (ctx->buf_len > 0) {
-        OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
-        i = ctx->buf_len - ctx->buf_off;
-        if (i > outl)
-            i = outl;
-        OPENSSL_assert(ctx->buf_off + i < (int)sizeof(ctx->buf));
-        memcpy(out, &(ctx->buf[ctx->buf_off]), i);
-        ret = i;
-        out += i;
-        outl -= i;
-        ctx->buf_off += i;
-        if (ctx->buf_len == ctx->buf_off) {
-            ctx->buf_len = 0;
-            ctx->buf_off = 0;
-        }
-    }
-
-    /*
-     * At this point, we have room of outl bytes and an empty buffer, so we
-     * should read in some more.
-     */
-
-    ret_code = 0;
-    while (outl > 0) {
-        if (ctx->cont <= 0)
-            break;
-
-        i = BIO_read(b->next_bio, &(ctx->tmp[ctx->tmp_len]),
-                     B64_BLOCK_SIZE - ctx->tmp_len);
-
-        if (i <= 0) {
-            ret_code = i;
-
-            /* Should we continue next time we are called? */
-            if (!BIO_should_retry(b->next_bio)) {
-                ctx->cont = i;
-                /* If buffer empty break */
-                if (ctx->tmp_len == 0)
-                    break;
-                /* Fall through and process what we have */
-                else
-                    i = 0;
-            }
-            /* else we retry and add more data to buffer */
-            else
-                break;
-        }
-        i += ctx->tmp_len;
-        ctx->tmp_len = i;
-
-        /*
-         * We need to scan, a line at a time until we have a valid line if we
-         * are starting.
-         */
-        if (ctx->start && (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)) {
-            /* ctx->start=1; */
-            ctx->tmp_len = 0;
-        } else if (ctx->start) {
-            q = p = (unsigned char *)ctx->tmp;
-            num = 0;
-            for (j = 0; j < i; j++) {
-                if (*(q++) != '\n')
-                    continue;
-
-                /*
-                 * due to a previous very long line, we need to keep on
-                 * scanning for a '\n' before we even start looking for
-                 * base64 encoded stuff.
-                 */
-                if (ctx->tmp_nl) {
-                    p = q;
-                    ctx->tmp_nl = 0;
-                    continue;
-                }
-
-                k = EVP_DecodeUpdate(&(ctx->base64),
-                                     (unsigned char *)ctx->buf,
-                                     &num, p, q - p);
-                if ((k <= 0) && (num == 0) && (ctx->start))
-                    EVP_DecodeInit(&ctx->base64);
-                else {
-                    if (p != (unsigned char *)
-                        &(ctx->tmp[0])) {
-                        i -= (p - (unsigned char *)
-                              &(ctx->tmp[0]));
-                        for (x = 0; x < i; x++)
-                            ctx->tmp[x] = p[x];
-                    }
-                    EVP_DecodeInit(&ctx->base64);
-                    ctx->start = 0;
-                    break;
-                }
-                p = q;
-            }
-
-            /* we fell off the end without starting */
-            if ((j == i) && (num == 0)) {
-                /*
-                 * Is this is one long chunk?, if so, keep on reading until a
-                 * new line.
-                 */
-                if (p == (unsigned char *)&(ctx->tmp[0])) {
-                    /* Check buffer full */
-                    if (i == B64_BLOCK_SIZE) {
-                        ctx->tmp_nl = 1;
-                        ctx->tmp_len = 0;
-                    }
-                } else if (p != q) { /* finished on a '\n' */
-                    n = q - p;
-                    for (ii = 0; ii < n; ii++)
-                        ctx->tmp[ii] = p[ii];
-                    ctx->tmp_len = n;
-                }
-                /* else finished on a '\n' */
-                continue;
-            } else {
-                ctx->tmp_len = 0;
-            }
-        } else if ((i < B64_BLOCK_SIZE) && (ctx->cont > 0)) {
-            /*
-             * If buffer isn't full and we can retry then restart to read in
-             * more data.
-             */
-            continue;
-        }
-
-        if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) {
-            int z, jj;
-
-#if 0
-            jj = (i >> 2) << 2;
-#else
-            jj = i & ~3;        /* process per 4 */
-#endif
-            z = EVP_DecodeBlock((unsigned char *)ctx->buf,
-                                (unsigned char *)ctx->tmp, jj);
-            if (jj > 2) {
-                if (ctx->tmp[jj - 1] == '=') {
-                    z--;
-                    if (ctx->tmp[jj - 2] == '=')
-                        z--;
-                }
-            }
-            /*
-             * z is now number of output bytes and jj is the number consumed
-             */
-            if (jj != i) {
-                memmove(ctx->tmp, &ctx->tmp[jj], i - jj);
-                ctx->tmp_len = i - jj;
-            }
-            ctx->buf_len = 0;
-            if (z > 0) {
-                ctx->buf_len = z;
-            }
-            i = z;
-        } else {
-            i = EVP_DecodeUpdate(&(ctx->base64),
-                                 (unsigned char *)ctx->buf, &ctx->buf_len,
-                                 (unsigned char *)ctx->tmp, i);
-            ctx->tmp_len = 0;
-        }
-        ctx->buf_off = 0;
-        if (i < 0) {
-            ret_code = 0;
-            ctx->buf_len = 0;
-            break;
-        }
-
-        if (ctx->buf_len <= outl)
-            i = ctx->buf_len;
-        else
-            i = outl;
-
-        memcpy(out, ctx->buf, i);
-        ret += i;
-        ctx->buf_off = i;
-        if (ctx->buf_off == ctx->buf_len) {
-            ctx->buf_len = 0;
-            ctx->buf_off = 0;
-        }
-        outl -= i;
-        out += i;
-    }
-    /* BIO_clear_retry_flags(b); */
-    BIO_copy_next_retry(b);
-    return ((ret == 0) ? ret_code : ret);
-}
-
-static int b64_write(BIO *b, const char *in, int inl)
-{
-    int ret = 0;
-    int n;
-    int i;
-    BIO_B64_CTX *ctx;
-
-    ctx = (BIO_B64_CTX *)b->ptr;
-    BIO_clear_retry_flags(b);
-
-    if (ctx->encode != B64_ENCODE) {
-        ctx->encode = B64_ENCODE;
-        ctx->buf_len = 0;
-        ctx->buf_off = 0;
-        ctx->tmp_len = 0;
-        EVP_EncodeInit(&(ctx->base64));
-    }
-
-    OPENSSL_assert(ctx->buf_off < (int)sizeof(ctx->buf));
-    OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
-    OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
-    n = ctx->buf_len - ctx->buf_off;
-    while (n > 0) {
-        i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
-        if (i <= 0) {
-            BIO_copy_next_retry(b);
-            return (i);
-        }
-        OPENSSL_assert(i <= n);
-        ctx->buf_off += i;
-        OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf));
-        OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
-        n -= i;
-    }
-    /* at this point all pending data has been written */
-    ctx->buf_off = 0;
-    ctx->buf_len = 0;
-
-    if ((in == NULL) || (inl <= 0))
-        return (0);
-
-    while (inl > 0) {
-        n = (inl > B64_BLOCK_SIZE) ? B64_BLOCK_SIZE : inl;
-
-        if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) {
-            if (ctx->tmp_len > 0) {
-                OPENSSL_assert(ctx->tmp_len <= 3);
-                n = 3 - ctx->tmp_len;
-                /*
-                 * There's a theoretical possibility for this
-                 */
-                if (n > inl)
-                    n = inl;
-                memcpy(&(ctx->tmp[ctx->tmp_len]), in, n);
-                ctx->tmp_len += n;
-                ret += n;
-                if (ctx->tmp_len < 3)
-                    break;
-                ctx->buf_len =
-                    EVP_EncodeBlock((unsigned char *)ctx->buf,
-                                    (unsigned char *)ctx->tmp, ctx->tmp_len);
-                OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
-                OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
-                /*
-                 * Since we're now done using the temporary buffer, the
-                 * length should be 0'd
-                 */
-                ctx->tmp_len = 0;
-            } else {
-                if (n < 3) {
-                    memcpy(ctx->tmp, in, n);
-                    ctx->tmp_len = n;
-                    ret += n;
-                    break;
-                }
-                n -= n % 3;
-                ctx->buf_len =
-                    EVP_EncodeBlock((unsigned char *)ctx->buf,
-                                    (const unsigned char *)in, n);
-                OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
-                OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
-                ret += n;
-            }
-        } else {
-            EVP_EncodeUpdate(&(ctx->base64),
-                             (unsigned char *)ctx->buf, &ctx->buf_len,
-                             (unsigned char *)in, n);
-            OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
-            OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
-            ret += n;
-        }
-        inl -= n;
-        in += n;
-
-        ctx->buf_off = 0;
-        n = ctx->buf_len;
-        while (n > 0) {
-            i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
-            if (i <= 0) {
-                BIO_copy_next_retry(b);
-                return ((ret == 0) ? i : ret);
-            }
-            OPENSSL_assert(i <= n);
-            n -= i;
-            ctx->buf_off += i;
-            OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf));
-            OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
-        }
-        ctx->buf_len = 0;
-        ctx->buf_off = 0;
-    }
-    return (ret);
-}
-
-static long b64_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-    BIO_B64_CTX *ctx;
-    long ret = 1;
-    int i;
-
-    ctx = (BIO_B64_CTX *)b->ptr;
-
-    switch (cmd) {
-    case BIO_CTRL_RESET:
-        ctx->cont = 1;
-        ctx->start = 1;
-        ctx->encode = B64_NONE;
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    case BIO_CTRL_EOF:         /* More to read */
-        if (ctx->cont <= 0)
-            ret = 1;
-        else
-            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    case BIO_CTRL_WPENDING:    /* More to write in buffer */
-        OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
-        ret = ctx->buf_len - ctx->buf_off;
-        if ((ret == 0) && (ctx->encode != B64_NONE)
-            && (ctx->base64.num != 0))
-            ret = 1;
-        else if (ret <= 0)
-            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    case BIO_CTRL_PENDING:     /* More to read in buffer */
-        OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
-        ret = ctx->buf_len - ctx->buf_off;
-        if (ret <= 0)
-            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    case BIO_CTRL_FLUSH:
-        /* do a final write */
- again:
-        while (ctx->buf_len != ctx->buf_off) {
-            i = b64_write(b, NULL, 0);
-            if (i < 0)
-                return i;
-        }
-        if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) {
-            if (ctx->tmp_len != 0) {
-                ctx->buf_len = EVP_EncodeBlock((unsigned char *)ctx->buf,
-                                               (unsigned char *)ctx->tmp,
-                                               ctx->tmp_len);
-                ctx->buf_off = 0;
-                ctx->tmp_len = 0;
-                goto again;
-            }
-        } else if (ctx->encode != B64_NONE && ctx->base64.num != 0) {
-            ctx->buf_off = 0;
-            EVP_EncodeFinal(&(ctx->base64),
-                            (unsigned char *)ctx->buf, &(ctx->buf_len));
-            /* push out the bytes */
-            goto again;
-        }
-        /* Finally flush the underlying BIO */
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-
-    case BIO_C_DO_STATE_MACHINE:
-        BIO_clear_retry_flags(b);
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        BIO_copy_next_retry(b);
-        break;
-
-    case BIO_CTRL_DUP:
-        break;
-    case BIO_CTRL_INFO:
-    case BIO_CTRL_GET:
-    case BIO_CTRL_SET:
-    default:
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    }
-    return (ret);
-}
-
-static long b64_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
-    long ret = 1;
-
-    if (b->next_bio == NULL)
-        return (0);
-    switch (cmd) {
-    default:
-        ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
-        break;
-    }
-    return (ret);
-}
-
-static int b64_puts(BIO *b, const char *str)
-{
-    return b64_write(b, str, strlen(str));
-}
diff --git a/thirdparty/openssl/crypto/evp/bio_enc.c b/thirdparty/openssl/crypto/evp/bio_enc.c
deleted file mode 100644
index 0806f233b6..0000000000
--- a/thirdparty/openssl/crypto/evp/bio_enc.c
+++ /dev/null
@@ -1,437 +0,0 @@
-/* crypto/evp/bio_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-
-static int enc_write(BIO *h, const char *buf, int num);
-static int enc_read(BIO *h, char *buf, int size);
-/*
- * static int enc_puts(BIO *h, const char *str);
- */
-/*
- * static int enc_gets(BIO *h, char *str, int size);
- */
-static long enc_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int enc_new(BIO *h);
-static int enc_free(BIO *data);
-static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps);
-#define ENC_BLOCK_SIZE  (1024*4)
-#define BUF_OFFSET      (EVP_MAX_BLOCK_LENGTH*2)
-
-typedef struct enc_struct {
-    int buf_len;
-    int buf_off;
-    int cont;                   /* <= 0 when finished */
-    int finished;
-    int ok;                     /* bad decrypt */
-    EVP_CIPHER_CTX cipher;
-    /*
-     * buf is larger than ENC_BLOCK_SIZE because EVP_DecryptUpdate can return
-     * up to a block more data than is presented to it
-     */
-    char buf[ENC_BLOCK_SIZE + BUF_OFFSET + 2];
-} BIO_ENC_CTX;
-
-static BIO_METHOD methods_enc = {
-    BIO_TYPE_CIPHER, "cipher",
-    enc_write,
-    enc_read,
-    NULL,                       /* enc_puts, */
-    NULL,                       /* enc_gets, */
-    enc_ctrl,
-    enc_new,
-    enc_free,
-    enc_callback_ctrl,
-};
-
-BIO_METHOD *BIO_f_cipher(void)
-{
-    return (&methods_enc);
-}
-
-static int enc_new(BIO *bi)
-{
-    BIO_ENC_CTX *ctx;
-
-    ctx = (BIO_ENC_CTX *)OPENSSL_malloc(sizeof(BIO_ENC_CTX));
-    if (ctx == NULL)
-        return (0);
-    EVP_CIPHER_CTX_init(&ctx->cipher);
-
-    ctx->buf_len = 0;
-    ctx->buf_off = 0;
-    ctx->cont = 1;
-    ctx->finished = 0;
-    ctx->ok = 1;
-
-    bi->init = 0;
-    bi->ptr = (char *)ctx;
-    bi->flags = 0;
-    return (1);
-}
-
-static int enc_free(BIO *a)
-{
-    BIO_ENC_CTX *b;
-
-    if (a == NULL)
-        return (0);
-    b = (BIO_ENC_CTX *)a->ptr;
-    EVP_CIPHER_CTX_cleanup(&(b->cipher));
-    OPENSSL_cleanse(a->ptr, sizeof(BIO_ENC_CTX));
-    OPENSSL_free(a->ptr);
-    a->ptr = NULL;
-    a->init = 0;
-    a->flags = 0;
-    return (1);
-}
-
-static int enc_read(BIO *b, char *out, int outl)
-{
-    int ret = 0, i;
-    BIO_ENC_CTX *ctx;
-
-    if (out == NULL)
-        return (0);
-    ctx = (BIO_ENC_CTX *)b->ptr;
-
-    if ((ctx == NULL) || (b->next_bio == NULL))
-        return (0);
-
-    /* First check if there are bytes decoded/encoded */
-    if (ctx->buf_len > 0) {
-        i = ctx->buf_len - ctx->buf_off;
-        if (i > outl)
-            i = outl;
-        memcpy(out, &(ctx->buf[ctx->buf_off]), i);
-        ret = i;
-        out += i;
-        outl -= i;
-        ctx->buf_off += i;
-        if (ctx->buf_len == ctx->buf_off) {
-            ctx->buf_len = 0;
-            ctx->buf_off = 0;
-        }
-    }
-
-    /*
-     * At this point, we have room of outl bytes and an empty buffer, so we
-     * should read in some more.
-     */
-
-    while (outl > 0) {
-        if (ctx->cont <= 0)
-            break;
-
-        /*
-         * read in at IV offset, read the EVP_Cipher documentation about why
-         */
-        i = BIO_read(b->next_bio, &(ctx->buf[BUF_OFFSET]), ENC_BLOCK_SIZE);
-
-        if (i <= 0) {
-            /* Should be continue next time we are called? */
-            if (!BIO_should_retry(b->next_bio)) {
-                ctx->cont = i;
-                i = EVP_CipherFinal_ex(&(ctx->cipher),
-                                       (unsigned char *)ctx->buf,
-                                       &(ctx->buf_len));
-                ctx->ok = i;
-                ctx->buf_off = 0;
-            } else {
-                ret = (ret == 0) ? i : ret;
-                break;
-            }
-        } else {
-            if (!EVP_CipherUpdate(&ctx->cipher,
-                                  (unsigned char *)ctx->buf, &ctx->buf_len,
-                                  (unsigned char *)&(ctx->buf[BUF_OFFSET]),
-                                  i)) {
-                BIO_clear_retry_flags(b);
-                ctx->ok = 0;
-                return 0;
-            }
-            ctx->cont = 1;
-            /*
-             * Note: it is possible for EVP_CipherUpdate to decrypt zero
-             * bytes because this is or looks like the final block: if this
-             * happens we should retry and either read more data or decrypt
-             * the final block
-             */
-            if (ctx->buf_len == 0)
-                continue;
-        }
-
-        if (ctx->buf_len <= outl)
-            i = ctx->buf_len;
-        else
-            i = outl;
-        if (i <= 0)
-            break;
-        memcpy(out, ctx->buf, i);
-        ret += i;
-        ctx->buf_off = i;
-        outl -= i;
-        out += i;
-    }
-
-    BIO_clear_retry_flags(b);
-    BIO_copy_next_retry(b);
-    return ((ret == 0) ? ctx->cont : ret);
-}
-
-static int enc_write(BIO *b, const char *in, int inl)
-{
-    int ret = 0, n, i;
-    BIO_ENC_CTX *ctx;
-
-    ctx = (BIO_ENC_CTX *)b->ptr;
-    ret = inl;
-
-    BIO_clear_retry_flags(b);
-    n = ctx->buf_len - ctx->buf_off;
-    while (n > 0) {
-        i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
-        if (i <= 0) {
-            BIO_copy_next_retry(b);
-            return (i);
-        }
-        ctx->buf_off += i;
-        n -= i;
-    }
-    /* at this point all pending data has been written */
-
-    if ((in == NULL) || (inl <= 0))
-        return (0);
-
-    ctx->buf_off = 0;
-    while (inl > 0) {
-        n = (inl > ENC_BLOCK_SIZE) ? ENC_BLOCK_SIZE : inl;
-        if (!EVP_CipherUpdate(&ctx->cipher,
-                              (unsigned char *)ctx->buf, &ctx->buf_len,
-                              (unsigned char *)in, n)) {
-            BIO_clear_retry_flags(b);
-            ctx->ok = 0;
-            return 0;
-        }
-        inl -= n;
-        in += n;
-
-        ctx->buf_off = 0;
-        n = ctx->buf_len;
-        while (n > 0) {
-            i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
-            if (i <= 0) {
-                BIO_copy_next_retry(b);
-                return (ret == inl) ? i : ret - inl;
-            }
-            n -= i;
-            ctx->buf_off += i;
-        }
-        ctx->buf_len = 0;
-        ctx->buf_off = 0;
-    }
-    BIO_copy_next_retry(b);
-    return (ret);
-}
-
-static long enc_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-    BIO *dbio;
-    BIO_ENC_CTX *ctx, *dctx;
-    long ret = 1;
-    int i;
-    EVP_CIPHER_CTX **c_ctx;
-
-    ctx = (BIO_ENC_CTX *)b->ptr;
-
-    switch (cmd) {
-    case BIO_CTRL_RESET:
-        ctx->ok = 1;
-        ctx->finished = 0;
-        EVP_CipherInit_ex(&(ctx->cipher), NULL, NULL, NULL, NULL,
-                          ctx->cipher.encrypt);
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    case BIO_CTRL_EOF:         /* More to read */
-        if (ctx->cont <= 0)
-            ret = 1;
-        else
-            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    case BIO_CTRL_WPENDING:
-        ret = ctx->buf_len - ctx->buf_off;
-        if (ret <= 0)
-            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    case BIO_CTRL_PENDING:     /* More to read in buffer */
-        ret = ctx->buf_len - ctx->buf_off;
-        if (ret <= 0)
-            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    case BIO_CTRL_FLUSH:
-        /* do a final write */
- again:
-        while (ctx->buf_len != ctx->buf_off) {
-            i = enc_write(b, NULL, 0);
-            if (i < 0)
-                return i;
-        }
-
-        if (!ctx->finished) {
-            ctx->finished = 1;
-            ctx->buf_off = 0;
-            ret = EVP_CipherFinal_ex(&(ctx->cipher),
-                                     (unsigned char *)ctx->buf,
-                                     &(ctx->buf_len));
-            ctx->ok = (int)ret;
-            if (ret <= 0)
-                break;
-
-            /* push out the bytes */
-            goto again;
-        }
-
-        /* Finally flush the underlying BIO */
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    case BIO_C_GET_CIPHER_STATUS:
-        ret = (long)ctx->ok;
-        break;
-    case BIO_C_DO_STATE_MACHINE:
-        BIO_clear_retry_flags(b);
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        BIO_copy_next_retry(b);
-        break;
-    case BIO_C_GET_CIPHER_CTX:
-        c_ctx = (EVP_CIPHER_CTX **)ptr;
-        (*c_ctx) = &(ctx->cipher);
-        b->init = 1;
-        break;
-    case BIO_CTRL_DUP:
-        dbio = (BIO *)ptr;
-        dctx = (BIO_ENC_CTX *)dbio->ptr;
-        EVP_CIPHER_CTX_init(&dctx->cipher);
-        ret = EVP_CIPHER_CTX_copy(&dctx->cipher, &ctx->cipher);
-        if (ret)
-            dbio->init = 1;
-        break;
-    default:
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    }
-    return (ret);
-}
-
-static long enc_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
-    long ret = 1;
-
-    if (b->next_bio == NULL)
-        return (0);
-    switch (cmd) {
-    default:
-        ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
-        break;
-    }
-    return (ret);
-}
-
-/*-
-void BIO_set_cipher_ctx(b,c)
-BIO *b;
-EVP_CIPHER_ctx *c;
-        {
-        if (b == NULL) return;
-
-        if ((b->callback != NULL) &&
-                (b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0))
-                return;
-
-        b->init=1;
-        ctx=(BIO_ENC_CTX *)b->ptr;
-        memcpy(ctx->cipher,c,sizeof(EVP_CIPHER_CTX));
-
-        if (b->callback != NULL)
-                b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L);
-        }
-*/
-
-void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k,
-                    const unsigned char *i, int e)
-{
-    BIO_ENC_CTX *ctx;
-
-    if (b == NULL)
-        return;
-
-    if ((b->callback != NULL) &&
-        (b->callback(b, BIO_CB_CTRL, (const char *)c, BIO_CTRL_SET, e, 0L) <=
-         0))
-        return;
-
-    b->init = 1;
-    ctx = (BIO_ENC_CTX *)b->ptr;
-    EVP_CipherInit_ex(&(ctx->cipher), c, NULL, k, i, e);
-
-    if (b->callback != NULL)
-        b->callback(b, BIO_CB_CTRL, (const char *)c, BIO_CTRL_SET, e, 1L);
-}
diff --git a/thirdparty/openssl/crypto/evp/bio_md.c b/thirdparty/openssl/crypto/evp/bio_md.c
deleted file mode 100644
index f0b0c0c0a7..0000000000
--- a/thirdparty/openssl/crypto/evp/bio_md.c
+++ /dev/null
@@ -1,272 +0,0 @@
-/* crypto/evp/bio_md.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-
-/*
- * BIO_put and BIO_get both add to the digest, BIO_gets returns the digest
- */
-
-static int md_write(BIO *h, char const *buf, int num);
-static int md_read(BIO *h, char *buf, int size);
-/*
- * static int md_puts(BIO *h, const char *str);
- */
-static int md_gets(BIO *h, char *str, int size);
-static long md_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int md_new(BIO *h);
-static int md_free(BIO *data);
-static long md_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-
-static BIO_METHOD methods_md = {
-    BIO_TYPE_MD, "message digest",
-    md_write,
-    md_read,
-    NULL,                       /* md_puts, */
-    md_gets,
-    md_ctrl,
-    md_new,
-    md_free,
-    md_callback_ctrl,
-};
-
-BIO_METHOD *BIO_f_md(void)
-{
-    return (&methods_md);
-}
-
-static int md_new(BIO *bi)
-{
-    EVP_MD_CTX *ctx;
-
-    ctx = EVP_MD_CTX_create();
-    if (ctx == NULL)
-        return (0);
-
-    bi->init = 0;
-    bi->ptr = (char *)ctx;
-    bi->flags = 0;
-    return (1);
-}
-
-static int md_free(BIO *a)
-{
-    if (a == NULL)
-        return (0);
-    EVP_MD_CTX_destroy(a->ptr);
-    a->ptr = NULL;
-    a->init = 0;
-    a->flags = 0;
-    return (1);
-}
-
-static int md_read(BIO *b, char *out, int outl)
-{
-    int ret = 0;
-    EVP_MD_CTX *ctx;
-
-    if (out == NULL)
-        return (0);
-    ctx = b->ptr;
-
-    if ((ctx == NULL) || (b->next_bio == NULL))
-        return (0);
-
-    ret = BIO_read(b->next_bio, out, outl);
-    if (b->init) {
-        if (ret > 0) {
-            if (EVP_DigestUpdate(ctx, (unsigned char *)out,
-                                 (unsigned int)ret) <= 0)
-                return (-1);
-        }
-    }
-    BIO_clear_retry_flags(b);
-    BIO_copy_next_retry(b);
-    return (ret);
-}
-
-static int md_write(BIO *b, const char *in, int inl)
-{
-    int ret = 0;
-    EVP_MD_CTX *ctx;
-
-    if ((in == NULL) || (inl <= 0))
-        return (0);
-    ctx = b->ptr;
-
-    if ((ctx != NULL) && (b->next_bio != NULL))
-        ret = BIO_write(b->next_bio, in, inl);
-    if (b->init) {
-        if (ret > 0) {
-            if (!EVP_DigestUpdate(ctx, (const unsigned char *)in,
-                                  (unsigned int)ret)) {
-                BIO_clear_retry_flags(b);
-                return 0;
-            }
-        }
-    }
-    if (b->next_bio != NULL) {
-        BIO_clear_retry_flags(b);
-        BIO_copy_next_retry(b);
-    }
-    return (ret);
-}
-
-static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-    EVP_MD_CTX *ctx, *dctx, **pctx;
-    const EVP_MD **ppmd;
-    EVP_MD *md;
-    long ret = 1;
-    BIO *dbio;
-
-    ctx = b->ptr;
-
-    switch (cmd) {
-    case BIO_CTRL_RESET:
-        if (b->init)
-            ret = EVP_DigestInit_ex(ctx, ctx->digest, NULL);
-        else
-            ret = 0;
-        if (ret > 0)
-            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    case BIO_C_GET_MD:
-        if (b->init) {
-            ppmd = ptr;
-            *ppmd = ctx->digest;
-        } else
-            ret = 0;
-        break;
-    case BIO_C_GET_MD_CTX:
-        pctx = ptr;
-        *pctx = ctx;
-        b->init = 1;
-        break;
-    case BIO_C_SET_MD_CTX:
-        if (b->init)
-            b->ptr = ptr;
-        else
-            ret = 0;
-        break;
-    case BIO_C_DO_STATE_MACHINE:
-        BIO_clear_retry_flags(b);
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        BIO_copy_next_retry(b);
-        break;
-
-    case BIO_C_SET_MD:
-        md = ptr;
-        ret = EVP_DigestInit_ex(ctx, md, NULL);
-        if (ret > 0)
-            b->init = 1;
-        break;
-    case BIO_CTRL_DUP:
-        dbio = ptr;
-        dctx = dbio->ptr;
-        if (!EVP_MD_CTX_copy_ex(dctx, ctx))
-            return 0;
-        b->init = 1;
-        break;
-    default:
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    }
-    return (ret);
-}
-
-static long md_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
-    long ret = 1;
-
-    if (b->next_bio == NULL)
-        return (0);
-    switch (cmd) {
-    default:
-        ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
-        break;
-    }
-    return (ret);
-}
-
-static int md_gets(BIO *bp, char *buf, int size)
-{
-    EVP_MD_CTX *ctx;
-    unsigned int ret;
-
-    ctx = bp->ptr;
-    if (size < ctx->digest->md_size)
-        return (0);
-    if (EVP_DigestFinal_ex(ctx, (unsigned char *)buf, &ret) <= 0)
-        return -1;
-
-    return ((int)ret);
-}
-
-/*-
-static int md_puts(bp,str)
-BIO *bp;
-char *str;
-        {
-        return(-1);
-        }
-*/
diff --git a/thirdparty/openssl/crypto/evp/bio_ok.c b/thirdparty/openssl/crypto/evp/bio_ok.c
deleted file mode 100644
index 16e151f110..0000000000
--- a/thirdparty/openssl/crypto/evp/bio_ok.c
+++ /dev/null
@@ -1,624 +0,0 @@
-/* crypto/evp/bio_ok.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*-
-        From: Arne Ansper <arne@cyber.ee>
-
-        Why BIO_f_reliable?
-
-        I wrote function which took BIO* as argument, read data from it
-        and processed it. Then I wanted to store the input file in
-        encrypted form. OK I pushed BIO_f_cipher to the BIO stack
-        and everything was OK. BUT if user types wrong password
-        BIO_f_cipher outputs only garbage and my function crashes. Yes
-        I can and I should fix my function, but BIO_f_cipher is
-        easy way to add encryption support to many existing applications
-        and it's hard to debug and fix them all.
-
-        So I wanted another BIO which would catch the incorrect passwords and
-        file damages which cause garbage on BIO_f_cipher's output.
-
-        The easy way is to push the BIO_f_md and save the checksum at
-        the end of the file. However there are several problems with this
-        approach:
-
-        1) you must somehow separate checksum from actual data.
-        2) you need lot's of memory when reading the file, because you
-        must read to the end of the file and verify the checksum before
-        letting the application to read the data.
-
-        BIO_f_reliable tries to solve both problems, so that you can
-        read and write arbitrary long streams using only fixed amount
-        of memory.
-
-        BIO_f_reliable splits data stream into blocks. Each block is prefixed
-        with it's length and suffixed with it's digest. So you need only
-        several Kbytes of memory to buffer single block before verifying
-        it's digest.
-
-        BIO_f_reliable goes further and adds several important capabilities:
-
-        1) the digest of the block is computed over the whole stream
-        -- so nobody can rearrange the blocks or remove or replace them.
-
-        2) to detect invalid passwords right at the start BIO_f_reliable
-        adds special prefix to the stream. In order to avoid known plain-text
-        attacks this prefix is generated as follows:
-
-                *) digest is initialized with random seed instead of
-                standardized one.
-                *) same seed is written to output
-                *) well-known text is then hashed and the output
-                of the digest is also written to output.
-
-        reader can now read the seed from stream, hash the same string
-        and then compare the digest output.
-
-        Bad things: BIO_f_reliable knows what's going on in EVP_Digest. I
-        initially wrote and tested this code on x86 machine and wrote the
-        digests out in machine-dependent order :( There are people using
-        this code and I cannot change this easily without making existing
-        data files unreadable.
-
-*/
-
-#include <stdio.h>
-#include <errno.h>
-#include <assert.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-
-static int ok_write(BIO *h, const char *buf, int num);
-static int ok_read(BIO *h, char *buf, int size);
-static long ok_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int ok_new(BIO *h);
-static int ok_free(BIO *data);
-static long ok_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-
-static int sig_out(BIO *b);
-static int sig_in(BIO *b);
-static int block_out(BIO *b);
-static int block_in(BIO *b);
-#define OK_BLOCK_SIZE   (1024*4)
-#define OK_BLOCK_BLOCK  4
-#define IOBS            (OK_BLOCK_SIZE+ OK_BLOCK_BLOCK+ 3*EVP_MAX_MD_SIZE)
-#define WELLKNOWN "The quick brown fox jumped over the lazy dog's back."
-
-typedef struct ok_struct {
-    size_t buf_len;
-    size_t buf_off;
-    size_t buf_len_save;
-    size_t buf_off_save;
-    int cont;                   /* <= 0 when finished */
-    int finished;
-    EVP_MD_CTX md;
-    int blockout;               /* output block is ready */
-    int sigio;                  /* must process signature */
-    unsigned char buf[IOBS];
-} BIO_OK_CTX;
-
-static BIO_METHOD methods_ok = {
-    BIO_TYPE_CIPHER, "reliable",
-    ok_write,
-    ok_read,
-    NULL,                       /* ok_puts, */
-    NULL,                       /* ok_gets, */
-    ok_ctrl,
-    ok_new,
-    ok_free,
-    ok_callback_ctrl,
-};
-
-BIO_METHOD *BIO_f_reliable(void)
-{
-    return (&methods_ok);
-}
-
-static int ok_new(BIO *bi)
-{
-    BIO_OK_CTX *ctx;
-
-    ctx = (BIO_OK_CTX *)OPENSSL_malloc(sizeof(BIO_OK_CTX));
-    if (ctx == NULL)
-        return (0);
-
-    ctx->buf_len = 0;
-    ctx->buf_off = 0;
-    ctx->buf_len_save = 0;
-    ctx->buf_off_save = 0;
-    ctx->cont = 1;
-    ctx->finished = 0;
-    ctx->blockout = 0;
-    ctx->sigio = 1;
-
-    EVP_MD_CTX_init(&ctx->md);
-
-    bi->init = 0;
-    bi->ptr = (char *)ctx;
-    bi->flags = 0;
-    return (1);
-}
-
-static int ok_free(BIO *a)
-{
-    if (a == NULL)
-        return (0);
-    EVP_MD_CTX_cleanup(&((BIO_OK_CTX *)a->ptr)->md);
-    OPENSSL_cleanse(a->ptr, sizeof(BIO_OK_CTX));
-    OPENSSL_free(a->ptr);
-    a->ptr = NULL;
-    a->init = 0;
-    a->flags = 0;
-    return (1);
-}
-
-static int ok_read(BIO *b, char *out, int outl)
-{
-    int ret = 0, i, n;
-    BIO_OK_CTX *ctx;
-
-    if (out == NULL)
-        return (0);
-    ctx = (BIO_OK_CTX *)b->ptr;
-
-    if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0))
-        return (0);
-
-    while (outl > 0) {
-
-        /* copy clean bytes to output buffer */
-        if (ctx->blockout) {
-            i = ctx->buf_len - ctx->buf_off;
-            if (i > outl)
-                i = outl;
-            memcpy(out, &(ctx->buf[ctx->buf_off]), i);
-            ret += i;
-            out += i;
-            outl -= i;
-            ctx->buf_off += i;
-
-            /* all clean bytes are out */
-            if (ctx->buf_len == ctx->buf_off) {
-                ctx->buf_off = 0;
-
-                /*
-                 * copy start of the next block into proper place
-                 */
-                if (ctx->buf_len_save - ctx->buf_off_save > 0) {
-                    ctx->buf_len = ctx->buf_len_save - ctx->buf_off_save;
-                    memmove(ctx->buf, &(ctx->buf[ctx->buf_off_save]),
-                            ctx->buf_len);
-                } else {
-                    ctx->buf_len = 0;
-                }
-                ctx->blockout = 0;
-            }
-        }
-
-        /* output buffer full -- cancel */
-        if (outl == 0)
-            break;
-
-        /* no clean bytes in buffer -- fill it */
-        n = IOBS - ctx->buf_len;
-        i = BIO_read(b->next_bio, &(ctx->buf[ctx->buf_len]), n);
-
-        if (i <= 0)
-            break;              /* nothing new */
-
-        ctx->buf_len += i;
-
-        /* no signature yet -- check if we got one */
-        if (ctx->sigio == 1) {
-            if (!sig_in(b)) {
-                BIO_clear_retry_flags(b);
-                return 0;
-            }
-        }
-
-        /* signature ok -- check if we got block */
-        if (ctx->sigio == 0) {
-            if (!block_in(b)) {
-                BIO_clear_retry_flags(b);
-                return 0;
-            }
-        }
-
-        /* invalid block -- cancel */
-        if (ctx->cont <= 0)
-            break;
-
-    }
-
-    BIO_clear_retry_flags(b);
-    BIO_copy_next_retry(b);
-    return (ret);
-}
-
-static int ok_write(BIO *b, const char *in, int inl)
-{
-    int ret = 0, n, i;
-    BIO_OK_CTX *ctx;
-
-    if (inl <= 0)
-        return inl;
-
-    ctx = (BIO_OK_CTX *)b->ptr;
-    ret = inl;
-
-    if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0))
-        return (0);
-
-    if (ctx->sigio && !sig_out(b))
-        return 0;
-
-    do {
-        BIO_clear_retry_flags(b);
-        n = ctx->buf_len - ctx->buf_off;
-        while (ctx->blockout && n > 0) {
-            i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
-            if (i <= 0) {
-                BIO_copy_next_retry(b);
-                if (!BIO_should_retry(b))
-                    ctx->cont = 0;
-                return (i);
-            }
-            ctx->buf_off += i;
-            n -= i;
-        }
-
-        /* at this point all pending data has been written */
-        ctx->blockout = 0;
-        if (ctx->buf_len == ctx->buf_off) {
-            ctx->buf_len = OK_BLOCK_BLOCK;
-            ctx->buf_off = 0;
-        }
-
-        if ((in == NULL) || (inl <= 0))
-            return (0);
-
-        n = (inl + ctx->buf_len > OK_BLOCK_SIZE + OK_BLOCK_BLOCK) ?
-            (int)(OK_BLOCK_SIZE + OK_BLOCK_BLOCK - ctx->buf_len) : inl;
-
-        memcpy((unsigned char *)(&(ctx->buf[ctx->buf_len])),
-               (unsigned char *)in, n);
-        ctx->buf_len += n;
-        inl -= n;
-        in += n;
-
-        if (ctx->buf_len >= OK_BLOCK_SIZE + OK_BLOCK_BLOCK) {
-            if (!block_out(b)) {
-                BIO_clear_retry_flags(b);
-                return 0;
-            }
-        }
-    } while (inl > 0);
-
-    BIO_clear_retry_flags(b);
-    BIO_copy_next_retry(b);
-    return (ret);
-}
-
-static long ok_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-    BIO_OK_CTX *ctx;
-    EVP_MD *md;
-    const EVP_MD **ppmd;
-    long ret = 1;
-    int i;
-
-    ctx = b->ptr;
-
-    switch (cmd) {
-    case BIO_CTRL_RESET:
-        ctx->buf_len = 0;
-        ctx->buf_off = 0;
-        ctx->buf_len_save = 0;
-        ctx->buf_off_save = 0;
-        ctx->cont = 1;
-        ctx->finished = 0;
-        ctx->blockout = 0;
-        ctx->sigio = 1;
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    case BIO_CTRL_EOF:         /* More to read */
-        if (ctx->cont <= 0)
-            ret = 1;
-        else
-            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    case BIO_CTRL_PENDING:     /* More to read in buffer */
-    case BIO_CTRL_WPENDING:    /* More to read in buffer */
-        ret = ctx->blockout ? ctx->buf_len - ctx->buf_off : 0;
-        if (ret <= 0)
-            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    case BIO_CTRL_FLUSH:
-        /* do a final write */
-        if (ctx->blockout == 0)
-            if (!block_out(b))
-                return 0;
-
-        while (ctx->blockout) {
-            i = ok_write(b, NULL, 0);
-            if (i < 0) {
-                ret = i;
-                break;
-            }
-        }
-
-        ctx->finished = 1;
-        ctx->buf_off = ctx->buf_len = 0;
-        ctx->cont = (int)ret;
-
-        /* Finally flush the underlying BIO */
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    case BIO_C_DO_STATE_MACHINE:
-        BIO_clear_retry_flags(b);
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        BIO_copy_next_retry(b);
-        break;
-    case BIO_CTRL_INFO:
-        ret = (long)ctx->cont;
-        break;
-    case BIO_C_SET_MD:
-        md = ptr;
-        if (!EVP_DigestInit_ex(&ctx->md, md, NULL))
-            return 0;
-        b->init = 1;
-        break;
-    case BIO_C_GET_MD:
-        if (b->init) {
-            ppmd = ptr;
-            *ppmd = ctx->md.digest;
-        } else
-            ret = 0;
-        break;
-    default:
-        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        break;
-    }
-    return (ret);
-}
-
-static long ok_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
-    long ret = 1;
-
-    if (b->next_bio == NULL)
-        return (0);
-    switch (cmd) {
-    default:
-        ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
-        break;
-    }
-    return (ret);
-}
-
-static void longswap(void *_ptr, size_t len)
-{
-    const union {
-        long one;
-        char little;
-    } is_endian = {
-        1
-    };
-
-    if (is_endian.little) {
-        size_t i;
-        unsigned char *p = _ptr, c;
-
-        for (i = 0; i < len; i += 4) {
-            c = p[0], p[0] = p[3], p[3] = c;
-            c = p[1], p[1] = p[2], p[2] = c;
-        }
-    }
-}
-
-static int sig_out(BIO *b)
-{
-    BIO_OK_CTX *ctx;
-    EVP_MD_CTX *md;
-
-    ctx = b->ptr;
-    md = &ctx->md;
-
-    if (ctx->buf_len + 2 * md->digest->md_size > OK_BLOCK_SIZE)
-        return 1;
-
-    if (!EVP_DigestInit_ex(md, md->digest, NULL))
-        goto berr;
-    /*
-     * FIXME: there's absolutely no guarantee this makes any sense at all,
-     * particularly now EVP_MD_CTX has been restructured.
-     */
-    if (RAND_bytes(md->md_data, md->digest->md_size) <= 0)
-        goto berr;
-    memcpy(&(ctx->buf[ctx->buf_len]), md->md_data, md->digest->md_size);
-    longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size);
-    ctx->buf_len += md->digest->md_size;
-
-    if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)))
-        goto berr;
-    if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL))
-        goto berr;
-    ctx->buf_len += md->digest->md_size;
-    ctx->blockout = 1;
-    ctx->sigio = 0;
-    return 1;
- berr:
-    BIO_clear_retry_flags(b);
-    return 0;
-}
-
-static int sig_in(BIO *b)
-{
-    BIO_OK_CTX *ctx;
-    EVP_MD_CTX *md;
-    unsigned char tmp[EVP_MAX_MD_SIZE];
-    int ret = 0;
-
-    ctx = b->ptr;
-    md = &ctx->md;
-
-    if ((int)(ctx->buf_len - ctx->buf_off) < 2 * md->digest->md_size)
-        return 1;
-
-    if (!EVP_DigestInit_ex(md, md->digest, NULL))
-        goto berr;
-    memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size);
-    longswap(md->md_data, md->digest->md_size);
-    ctx->buf_off += md->digest->md_size;
-
-    if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)))
-        goto berr;
-    if (!EVP_DigestFinal_ex(md, tmp, NULL))
-        goto berr;
-    ret = memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0;
-    ctx->buf_off += md->digest->md_size;
-    if (ret == 1) {
-        ctx->sigio = 0;
-        if (ctx->buf_len != ctx->buf_off) {
-            memmove(ctx->buf, &(ctx->buf[ctx->buf_off]),
-                    ctx->buf_len - ctx->buf_off);
-        }
-        ctx->buf_len -= ctx->buf_off;
-        ctx->buf_off = 0;
-    } else {
-        ctx->cont = 0;
-    }
-    return 1;
- berr:
-    BIO_clear_retry_flags(b);
-    return 0;
-}
-
-static int block_out(BIO *b)
-{
-    BIO_OK_CTX *ctx;
-    EVP_MD_CTX *md;
-    unsigned long tl;
-
-    ctx = b->ptr;
-    md = &ctx->md;
-
-    tl = ctx->buf_len - OK_BLOCK_BLOCK;
-    ctx->buf[0] = (unsigned char)(tl >> 24);
-    ctx->buf[1] = (unsigned char)(tl >> 16);
-    ctx->buf[2] = (unsigned char)(tl >> 8);
-    ctx->buf[3] = (unsigned char)(tl);
-    if (!EVP_DigestUpdate(md,
-                          (unsigned char *)&(ctx->buf[OK_BLOCK_BLOCK]), tl))
-        goto berr;
-    if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL))
-        goto berr;
-    ctx->buf_len += md->digest->md_size;
-    ctx->blockout = 1;
-    return 1;
- berr:
-    BIO_clear_retry_flags(b);
-    return 0;
-}
-
-static int block_in(BIO *b)
-{
-    BIO_OK_CTX *ctx;
-    EVP_MD_CTX *md;
-    unsigned long tl = 0;
-    unsigned char tmp[EVP_MAX_MD_SIZE];
-
-    ctx = b->ptr;
-    md = &ctx->md;
-
-    assert(sizeof(tl) >= OK_BLOCK_BLOCK); /* always true */
-    tl = ctx->buf[0];
-    tl <<= 8;
-    tl |= ctx->buf[1];
-    tl <<= 8;
-    tl |= ctx->buf[2];
-    tl <<= 8;
-    tl |= ctx->buf[3];
-
-    if (ctx->buf_len < tl + OK_BLOCK_BLOCK + md->digest->md_size)
-        return 1;
-
-    if (!EVP_DigestUpdate(md,
-                          (unsigned char *)&(ctx->buf[OK_BLOCK_BLOCK]), tl))
-        goto berr;
-    if (!EVP_DigestFinal_ex(md, tmp, NULL))
-        goto berr;
-    if (memcmp(&(ctx->buf[tl + OK_BLOCK_BLOCK]), tmp, md->digest->md_size) ==
-        0) {
-        /* there might be parts from next block lurking around ! */
-        ctx->buf_off_save = tl + OK_BLOCK_BLOCK + md->digest->md_size;
-        ctx->buf_len_save = ctx->buf_len;
-        ctx->buf_off = OK_BLOCK_BLOCK;
-        ctx->buf_len = tl + OK_BLOCK_BLOCK;
-        ctx->blockout = 1;
-    } else {
-        ctx->cont = 0;
-    }
-    return 1;
- berr:
-    BIO_clear_retry_flags(b);
-    return 0;
-}
diff --git a/thirdparty/openssl/crypto/evp/c_all.c b/thirdparty/openssl/crypto/evp/c_all.c
deleted file mode 100644
index 719e34d22f..0000000000
--- a/thirdparty/openssl/crypto/evp/c_all.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* crypto/evp/c_all.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-
-#if 0
-# undef OpenSSL_add_all_algorithms
-
-void OpenSSL_add_all_algorithms(void)
-{
-    OPENSSL_add_all_algorithms_noconf();
-}
-#endif
-
-void OPENSSL_add_all_algorithms_noconf(void)
-{
-    /*
-     * For the moment OPENSSL_cpuid_setup does something
-     * only on IA-32, but we reserve the option for all
-     * platforms...
-     */
-    OPENSSL_cpuid_setup();
-    OpenSSL_add_all_ciphers();
-    OpenSSL_add_all_digests();
-}
diff --git a/thirdparty/openssl/crypto/evp/c_allc.c b/thirdparty/openssl/crypto/evp/c_allc.c
deleted file mode 100644
index 280e58408f..0000000000
--- a/thirdparty/openssl/crypto/evp/c_allc.c
+++ /dev/null
@@ -1,241 +0,0 @@
-/* crypto/evp/c_allc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/pkcs12.h>
-#include <openssl/objects.h>
-
-void OpenSSL_add_all_ciphers(void)
-{
-
-#ifndef OPENSSL_NO_DES
-    EVP_add_cipher(EVP_des_cfb());
-    EVP_add_cipher(EVP_des_cfb1());
-    EVP_add_cipher(EVP_des_cfb8());
-    EVP_add_cipher(EVP_des_ede_cfb());
-    EVP_add_cipher(EVP_des_ede3_cfb());
-    EVP_add_cipher(EVP_des_ede3_cfb1());
-    EVP_add_cipher(EVP_des_ede3_cfb8());
-
-    EVP_add_cipher(EVP_des_ofb());
-    EVP_add_cipher(EVP_des_ede_ofb());
-    EVP_add_cipher(EVP_des_ede3_ofb());
-
-    EVP_add_cipher(EVP_desx_cbc());
-    EVP_add_cipher_alias(SN_desx_cbc, "DESX");
-    EVP_add_cipher_alias(SN_desx_cbc, "desx");
-
-    EVP_add_cipher(EVP_des_cbc());
-    EVP_add_cipher_alias(SN_des_cbc, "DES");
-    EVP_add_cipher_alias(SN_des_cbc, "des");
-    EVP_add_cipher(EVP_des_ede_cbc());
-    EVP_add_cipher(EVP_des_ede3_cbc());
-    EVP_add_cipher_alias(SN_des_ede3_cbc, "DES3");
-    EVP_add_cipher_alias(SN_des_ede3_cbc, "des3");
-
-    EVP_add_cipher(EVP_des_ecb());
-    EVP_add_cipher(EVP_des_ede());
-    EVP_add_cipher(EVP_des_ede3());
-    EVP_add_cipher(EVP_des_ede3_wrap());
-#endif
-
-#ifndef OPENSSL_NO_RC4
-    EVP_add_cipher(EVP_rc4());
-    EVP_add_cipher(EVP_rc4_40());
-# ifndef OPENSSL_NO_MD5
-    EVP_add_cipher(EVP_rc4_hmac_md5());
-# endif
-#endif
-
-#ifndef OPENSSL_NO_IDEA
-    EVP_add_cipher(EVP_idea_ecb());
-    EVP_add_cipher(EVP_idea_cfb());
-    EVP_add_cipher(EVP_idea_ofb());
-    EVP_add_cipher(EVP_idea_cbc());
-    EVP_add_cipher_alias(SN_idea_cbc, "IDEA");
-    EVP_add_cipher_alias(SN_idea_cbc, "idea");
-#endif
-
-#ifndef OPENSSL_NO_SEED
-    EVP_add_cipher(EVP_seed_ecb());
-    EVP_add_cipher(EVP_seed_cfb());
-    EVP_add_cipher(EVP_seed_ofb());
-    EVP_add_cipher(EVP_seed_cbc());
-    EVP_add_cipher_alias(SN_seed_cbc, "SEED");
-    EVP_add_cipher_alias(SN_seed_cbc, "seed");
-#endif
-
-#ifndef OPENSSL_NO_RC2
-    EVP_add_cipher(EVP_rc2_ecb());
-    EVP_add_cipher(EVP_rc2_cfb());
-    EVP_add_cipher(EVP_rc2_ofb());
-    EVP_add_cipher(EVP_rc2_cbc());
-    EVP_add_cipher(EVP_rc2_40_cbc());
-    EVP_add_cipher(EVP_rc2_64_cbc());
-    EVP_add_cipher_alias(SN_rc2_cbc, "RC2");
-    EVP_add_cipher_alias(SN_rc2_cbc, "rc2");
-#endif
-
-#ifndef OPENSSL_NO_BF
-    EVP_add_cipher(EVP_bf_ecb());
-    EVP_add_cipher(EVP_bf_cfb());
-    EVP_add_cipher(EVP_bf_ofb());
-    EVP_add_cipher(EVP_bf_cbc());
-    EVP_add_cipher_alias(SN_bf_cbc, "BF");
-    EVP_add_cipher_alias(SN_bf_cbc, "bf");
-    EVP_add_cipher_alias(SN_bf_cbc, "blowfish");
-#endif
-
-#ifndef OPENSSL_NO_CAST
-    EVP_add_cipher(EVP_cast5_ecb());
-    EVP_add_cipher(EVP_cast5_cfb());
-    EVP_add_cipher(EVP_cast5_ofb());
-    EVP_add_cipher(EVP_cast5_cbc());
-    EVP_add_cipher_alias(SN_cast5_cbc, "CAST");
-    EVP_add_cipher_alias(SN_cast5_cbc, "cast");
-    EVP_add_cipher_alias(SN_cast5_cbc, "CAST-cbc");
-    EVP_add_cipher_alias(SN_cast5_cbc, "cast-cbc");
-#endif
-
-#ifndef OPENSSL_NO_RC5
-    EVP_add_cipher(EVP_rc5_32_12_16_ecb());
-    EVP_add_cipher(EVP_rc5_32_12_16_cfb());
-    EVP_add_cipher(EVP_rc5_32_12_16_ofb());
-    EVP_add_cipher(EVP_rc5_32_12_16_cbc());
-    EVP_add_cipher_alias(SN_rc5_cbc, "rc5");
-    EVP_add_cipher_alias(SN_rc5_cbc, "RC5");
-#endif
-
-#ifndef OPENSSL_NO_AES
-    EVP_add_cipher(EVP_aes_128_ecb());
-    EVP_add_cipher(EVP_aes_128_cbc());
-    EVP_add_cipher(EVP_aes_128_cfb());
-    EVP_add_cipher(EVP_aes_128_cfb1());
-    EVP_add_cipher(EVP_aes_128_cfb8());
-    EVP_add_cipher(EVP_aes_128_ofb());
-    EVP_add_cipher(EVP_aes_128_ctr());
-    EVP_add_cipher(EVP_aes_128_gcm());
-    EVP_add_cipher(EVP_aes_128_xts());
-    EVP_add_cipher(EVP_aes_128_ccm());
-    EVP_add_cipher(EVP_aes_128_wrap());
-    EVP_add_cipher_alias(SN_aes_128_cbc, "AES128");
-    EVP_add_cipher_alias(SN_aes_128_cbc, "aes128");
-    EVP_add_cipher(EVP_aes_192_ecb());
-    EVP_add_cipher(EVP_aes_192_cbc());
-    EVP_add_cipher(EVP_aes_192_cfb());
-    EVP_add_cipher(EVP_aes_192_cfb1());
-    EVP_add_cipher(EVP_aes_192_cfb8());
-    EVP_add_cipher(EVP_aes_192_ofb());
-    EVP_add_cipher(EVP_aes_192_ctr());
-    EVP_add_cipher(EVP_aes_192_gcm());
-    EVP_add_cipher(EVP_aes_192_ccm());
-    EVP_add_cipher(EVP_aes_192_wrap());
-    EVP_add_cipher_alias(SN_aes_192_cbc, "AES192");
-    EVP_add_cipher_alias(SN_aes_192_cbc, "aes192");
-    EVP_add_cipher(EVP_aes_256_ecb());
-    EVP_add_cipher(EVP_aes_256_cbc());
-    EVP_add_cipher(EVP_aes_256_cfb());
-    EVP_add_cipher(EVP_aes_256_cfb1());
-    EVP_add_cipher(EVP_aes_256_cfb8());
-    EVP_add_cipher(EVP_aes_256_ofb());
-    EVP_add_cipher(EVP_aes_256_ctr());
-    EVP_add_cipher(EVP_aes_256_gcm());
-    EVP_add_cipher(EVP_aes_256_xts());
-    EVP_add_cipher(EVP_aes_256_ccm());
-    EVP_add_cipher(EVP_aes_256_wrap());
-    EVP_add_cipher_alias(SN_aes_256_cbc, "AES256");
-    EVP_add_cipher_alias(SN_aes_256_cbc, "aes256");
-# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
-    EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
-    EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
-# endif
-# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256)
-    EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256());
-    EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256());
-# endif
-#endif
-
-#ifndef OPENSSL_NO_CAMELLIA
-    EVP_add_cipher(EVP_camellia_128_ecb());
-    EVP_add_cipher(EVP_camellia_128_cbc());
-    EVP_add_cipher(EVP_camellia_128_cfb());
-    EVP_add_cipher(EVP_camellia_128_cfb1());
-    EVP_add_cipher(EVP_camellia_128_cfb8());
-    EVP_add_cipher(EVP_camellia_128_ofb());
-    EVP_add_cipher_alias(SN_camellia_128_cbc, "CAMELLIA128");
-    EVP_add_cipher_alias(SN_camellia_128_cbc, "camellia128");
-    EVP_add_cipher(EVP_camellia_192_ecb());
-    EVP_add_cipher(EVP_camellia_192_cbc());
-    EVP_add_cipher(EVP_camellia_192_cfb());
-    EVP_add_cipher(EVP_camellia_192_cfb1());
-    EVP_add_cipher(EVP_camellia_192_cfb8());
-    EVP_add_cipher(EVP_camellia_192_ofb());
-    EVP_add_cipher_alias(SN_camellia_192_cbc, "CAMELLIA192");
-    EVP_add_cipher_alias(SN_camellia_192_cbc, "camellia192");
-    EVP_add_cipher(EVP_camellia_256_ecb());
-    EVP_add_cipher(EVP_camellia_256_cbc());
-    EVP_add_cipher(EVP_camellia_256_cfb());
-    EVP_add_cipher(EVP_camellia_256_cfb1());
-    EVP_add_cipher(EVP_camellia_256_cfb8());
-    EVP_add_cipher(EVP_camellia_256_ofb());
-    EVP_add_cipher_alias(SN_camellia_256_cbc, "CAMELLIA256");
-    EVP_add_cipher_alias(SN_camellia_256_cbc, "camellia256");
-#endif
-}
diff --git a/thirdparty/openssl/crypto/evp/c_alld.c b/thirdparty/openssl/crypto/evp/c_alld.c
deleted file mode 100644
index fdbe3ee048..0000000000
--- a/thirdparty/openssl/crypto/evp/c_alld.c
+++ /dev/null
@@ -1,114 +0,0 @@
-/* crypto/evp/c_alld.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/pkcs12.h>
-#include <openssl/objects.h>
-
-void OpenSSL_add_all_digests(void)
-{
-#ifndef OPENSSL_NO_MD4
-    EVP_add_digest(EVP_md4());
-#endif
-#ifndef OPENSSL_NO_MD5
-    EVP_add_digest(EVP_md5());
-    EVP_add_digest_alias(SN_md5, "ssl2-md5");
-    EVP_add_digest_alias(SN_md5, "ssl3-md5");
-#endif
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
-    EVP_add_digest(EVP_sha());
-# ifndef OPENSSL_NO_DSA
-    EVP_add_digest(EVP_dss());
-# endif
-#endif
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
-    EVP_add_digest(EVP_sha1());
-    EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
-    EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
-# ifndef OPENSSL_NO_DSA
-    EVP_add_digest(EVP_dss1());
-    EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);
-    EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");
-    EVP_add_digest_alias(SN_dsaWithSHA1, "dss1");
-# endif
-# ifndef OPENSSL_NO_ECDSA
-    EVP_add_digest(EVP_ecdsa());
-# endif
-#endif
-#if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES)
-    EVP_add_digest(EVP_mdc2());
-#endif
-#ifndef OPENSSL_NO_RIPEMD
-    EVP_add_digest(EVP_ripemd160());
-    EVP_add_digest_alias(SN_ripemd160, "ripemd");
-    EVP_add_digest_alias(SN_ripemd160, "rmd160");
-#endif
-#ifndef OPENSSL_NO_SHA256
-    EVP_add_digest(EVP_sha224());
-    EVP_add_digest(EVP_sha256());
-#endif
-#ifndef OPENSSL_NO_SHA512
-    EVP_add_digest(EVP_sha384());
-    EVP_add_digest(EVP_sha512());
-#endif
-#ifndef OPENSSL_NO_WHIRLPOOL
-    EVP_add_digest(EVP_whirlpool());
-#endif
-}
diff --git a/thirdparty/openssl/crypto/evp/digest.c b/thirdparty/openssl/crypto/evp/digest.c
deleted file mode 100644
index 4db179629d..0000000000
--- a/thirdparty/openssl/crypto/evp/digest.c
+++ /dev/null
@@ -1,408 +0,0 @@
-/* crypto/evp/digest.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-# include "evp_locl.h"
-#endif
-
-void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
-{
-    memset(ctx, '\0', sizeof *ctx);
-}
-
-EVP_MD_CTX *EVP_MD_CTX_create(void)
-{
-    EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
-
-    if (ctx)
-        EVP_MD_CTX_init(ctx);
-
-    return ctx;
-}
-
-int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
-{
-    EVP_MD_CTX_init(ctx);
-    return EVP_DigestInit_ex(ctx, type, NULL);
-}
-
-int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
-{
-    EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
-#ifdef OPENSSL_FIPS
-    /* If FIPS mode switch to approved implementation if possible */
-    if (FIPS_mode()) {
-        const EVP_MD *fipsmd;
-        if (type) {
-            fipsmd = evp_get_fips_md(type);
-            if (fipsmd)
-                type = fipsmd;
-        }
-    }
-#endif
-#ifndef OPENSSL_NO_ENGINE
-    /*
-     * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so
-     * this context may already have an ENGINE! Try to avoid releasing the
-     * previous handle, re-querying for an ENGINE, and having a
-     * reinitialisation, when it may all be unecessary.
-     */
-    if (ctx->engine && ctx->digest && (!type ||
-                                       (type
-                                        && (type->type ==
-                                            ctx->digest->type))))
-        goto skip_to_init;
-    if (type) {
-        /*
-         * Ensure an ENGINE left lying around from last time is cleared (the
-         * previous check attempted to avoid this if the same ENGINE and
-         * EVP_MD could be used).
-         */
-        if (ctx->engine)
-            ENGINE_finish(ctx->engine);
-        if (impl) {
-            if (!ENGINE_init(impl)) {
-                EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR);
-                return 0;
-            }
-        } else
-            /* Ask if an ENGINE is reserved for this job */
-            impl = ENGINE_get_digest_engine(type->type);
-        if (impl) {
-            /* There's an ENGINE for this job ... (apparently) */
-            const EVP_MD *d = ENGINE_get_digest(impl, type->type);
-            if (!d) {
-                /* Same comment from evp_enc.c */
-                EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR);
-                ENGINE_finish(impl);
-                return 0;
-            }
-            /* We'll use the ENGINE's private digest definition */
-            type = d;
-            /*
-             * Store the ENGINE functional reference so we know 'type' came
-             * from an ENGINE and we need to release it when done.
-             */
-            ctx->engine = impl;
-        } else
-            ctx->engine = NULL;
-    } else {
-        if (!ctx->digest) {
-            EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_NO_DIGEST_SET);
-            return 0;
-        }
-        type = ctx->digest;
-    }
-#endif
-    if (ctx->digest != type) {
-        if (ctx->digest && ctx->digest->ctx_size) {
-            OPENSSL_free(ctx->md_data);
-            ctx->md_data = NULL;
-        }
-        ctx->digest = type;
-        if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) {
-            ctx->update = type->update;
-            ctx->md_data = OPENSSL_malloc(type->ctx_size);
-            if (ctx->md_data == NULL) {
-                EVPerr(EVP_F_EVP_DIGESTINIT_EX, ERR_R_MALLOC_FAILURE);
-                return 0;
-            }
-        }
-    }
-#ifndef OPENSSL_NO_ENGINE
- skip_to_init:
-#endif
-    if (ctx->pctx) {
-        int r;
-        r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG,
-                              EVP_PKEY_CTRL_DIGESTINIT, 0, ctx);
-        if (r <= 0 && (r != -2))
-            return 0;
-    }
-    if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT)
-        return 1;
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode()) {
-        if (FIPS_digestinit(ctx, type))
-            return 1;
-        OPENSSL_free(ctx->md_data);
-        ctx->md_data = NULL;
-        return 0;
-    }
-#endif
-    return ctx->digest->init(ctx);
-}
-
-int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode())
-        return FIPS_digestupdate(ctx, data, count);
-#endif
-    return ctx->update(ctx, data, count);
-}
-
-/* The caller can assume that this removes any secret data from the context */
-int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
-{
-    int ret;
-    ret = EVP_DigestFinal_ex(ctx, md, size);
-    EVP_MD_CTX_cleanup(ctx);
-    return ret;
-}
-
-/* The caller can assume that this removes any secret data from the context */
-int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
-{
-    int ret;
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode())
-        return FIPS_digestfinal(ctx, md, size);
-#endif
-
-    OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
-    ret = ctx->digest->final(ctx, md);
-    if (size != NULL)
-        *size = ctx->digest->md_size;
-    if (ctx->digest->cleanup) {
-        ctx->digest->cleanup(ctx);
-        EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
-    }
-    OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size);
-    return ret;
-}
-
-int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
-{
-    EVP_MD_CTX_init(out);
-    return EVP_MD_CTX_copy_ex(out, in);
-}
-
-int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
-{
-    unsigned char *tmp_buf;
-    if ((in == NULL) || (in->digest == NULL)) {
-        EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, EVP_R_INPUT_NOT_INITIALIZED);
-        return 0;
-    }
-#ifndef OPENSSL_NO_ENGINE
-    /* Make sure it's safe to copy a digest context using an ENGINE */
-    if (in->engine && !ENGINE_init(in->engine)) {
-        EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, ERR_R_ENGINE_LIB);
-        return 0;
-    }
-#endif
-
-    if (out->digest == in->digest) {
-        tmp_buf = out->md_data;
-        EVP_MD_CTX_set_flags(out, EVP_MD_CTX_FLAG_REUSE);
-    } else
-        tmp_buf = NULL;
-    EVP_MD_CTX_cleanup(out);
-    memcpy(out, in, sizeof *out);
-
-    if (in->md_data && out->digest->ctx_size) {
-        if (tmp_buf)
-            out->md_data = tmp_buf;
-        else {
-            out->md_data = OPENSSL_malloc(out->digest->ctx_size);
-            if (!out->md_data) {
-                EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, ERR_R_MALLOC_FAILURE);
-                return 0;
-            }
-        }
-        memcpy(out->md_data, in->md_data, out->digest->ctx_size);
-    }
-
-    out->update = in->update;
-
-    if (in->pctx) {
-        out->pctx = EVP_PKEY_CTX_dup(in->pctx);
-        if (!out->pctx) {
-            EVP_MD_CTX_cleanup(out);
-            return 0;
-        }
-    }
-
-    if (out->digest->copy)
-        return out->digest->copy(out, in);
-
-    return 1;
-}
-
-int EVP_Digest(const void *data, size_t count,
-               unsigned char *md, unsigned int *size, const EVP_MD *type,
-               ENGINE *impl)
-{
-    EVP_MD_CTX ctx;
-    int ret;
-
-    EVP_MD_CTX_init(&ctx);
-    EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_ONESHOT);
-    ret = EVP_DigestInit_ex(&ctx, type, impl)
-        && EVP_DigestUpdate(&ctx, data, count)
-        && EVP_DigestFinal_ex(&ctx, md, size);
-    EVP_MD_CTX_cleanup(&ctx);
-
-    return ret;
-}
-
-void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
-{
-    if (ctx) {
-        EVP_MD_CTX_cleanup(ctx);
-        OPENSSL_free(ctx);
-    }
-}
-
-/* This call frees resources associated with the context */
-int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
-{
-#ifndef OPENSSL_FIPS
-    /*
-     * Don't assume ctx->md_data was cleaned in EVP_Digest_Final, because
-     * sometimes only copies of the context are ever finalised.
-     */
-    if (ctx->digest && ctx->digest->cleanup
-        && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED))
-        ctx->digest->cleanup(ctx);
-    if (ctx->digest && ctx->digest->ctx_size && ctx->md_data
-        && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
-        OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size);
-        OPENSSL_free(ctx->md_data);
-    }
-#endif
-    if (ctx->pctx)
-        EVP_PKEY_CTX_free(ctx->pctx);
-#ifndef OPENSSL_NO_ENGINE
-    if (ctx->engine)
-        /*
-         * The EVP_MD we used belongs to an ENGINE, release the functional
-         * reference we held for this reason.
-         */
-        ENGINE_finish(ctx->engine);
-#endif
-#ifdef OPENSSL_FIPS
-    FIPS_md_ctx_cleanup(ctx);
-#endif
-    memset(ctx, '\0', sizeof *ctx);
-
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/evp/e_aes.c b/thirdparty/openssl/crypto/evp/e_aes.c
deleted file mode 100644
index b45b364466..0000000000
--- a/thirdparty/openssl/crypto/evp/e_aes.c
+++ /dev/null
@@ -1,2031 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001-2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/opensslconf.h>
-#ifndef OPENSSL_NO_AES
-#include <openssl/crypto.h>
-# include <openssl/evp.h>
-# include <openssl/err.h>
-# include <string.h>
-# include <assert.h>
-# include <openssl/aes.h>
-# include "evp_locl.h"
-# include "modes_lcl.h"
-# include <openssl/rand.h>
-
-# undef EVP_CIPH_FLAG_FIPS
-# define EVP_CIPH_FLAG_FIPS 0
-
-typedef struct {
-    union {
-        double align;
-        AES_KEY ks;
-    } ks;
-    block128_f block;
-    union {
-        cbc128_f cbc;
-        ctr128_f ctr;
-    } stream;
-} EVP_AES_KEY;
-
-typedef struct {
-    union {
-        double align;
-        AES_KEY ks;
-    } ks;                       /* AES key schedule to use */
-    int key_set;                /* Set if key initialised */
-    int iv_set;                 /* Set if an iv is set */
-    GCM128_CONTEXT gcm;
-    unsigned char *iv;          /* Temporary IV store */
-    int ivlen;                  /* IV length */
-    int taglen;
-    int iv_gen;                 /* It is OK to generate IVs */
-    int tls_aad_len;            /* TLS AAD length */
-    ctr128_f ctr;
-} EVP_AES_GCM_CTX;
-
-typedef struct {
-    union {
-        double align;
-        AES_KEY ks;
-    } ks1, ks2;                 /* AES key schedules to use */
-    XTS128_CONTEXT xts;
-    void (*stream) (const unsigned char *in,
-                    unsigned char *out, size_t length,
-                    const AES_KEY *key1, const AES_KEY *key2,
-                    const unsigned char iv[16]);
-} EVP_AES_XTS_CTX;
-
-typedef struct {
-    union {
-        double align;
-        AES_KEY ks;
-    } ks;                       /* AES key schedule to use */
-    int key_set;                /* Set if key initialised */
-    int iv_set;                 /* Set if an iv is set */
-    int tag_set;                /* Set if tag is valid */
-    int len_set;                /* Set if message length set */
-    int L, M;                   /* L and M parameters from RFC3610 */
-    CCM128_CONTEXT ccm;
-    ccm128_f str;
-} EVP_AES_CCM_CTX;
-
-# define MAXBITCHUNK     ((size_t)1<<(sizeof(size_t)*8-4))
-
-# ifdef VPAES_ASM
-int vpaes_set_encrypt_key(const unsigned char *userKey, int bits,
-                          AES_KEY *key);
-int vpaes_set_decrypt_key(const unsigned char *userKey, int bits,
-                          AES_KEY *key);
-
-void vpaes_encrypt(const unsigned char *in, unsigned char *out,
-                   const AES_KEY *key);
-void vpaes_decrypt(const unsigned char *in, unsigned char *out,
-                   const AES_KEY *key);
-
-void vpaes_cbc_encrypt(const unsigned char *in,
-                       unsigned char *out,
-                       size_t length,
-                       const AES_KEY *key, unsigned char *ivec, int enc);
-# endif
-# ifdef BSAES_ASM
-void bsaes_cbc_encrypt(const unsigned char *in, unsigned char *out,
-                       size_t length, const AES_KEY *key,
-                       unsigned char ivec[16], int enc);
-void bsaes_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
-                                size_t len, const AES_KEY *key,
-                                const unsigned char ivec[16]);
-void bsaes_xts_encrypt(const unsigned char *inp, unsigned char *out,
-                       size_t len, const AES_KEY *key1,
-                       const AES_KEY *key2, const unsigned char iv[16]);
-void bsaes_xts_decrypt(const unsigned char *inp, unsigned char *out,
-                       size_t len, const AES_KEY *key1,
-                       const AES_KEY *key2, const unsigned char iv[16]);
-# endif
-# ifdef AES_CTR_ASM
-void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out,
-                       size_t blocks, const AES_KEY *key,
-                       const unsigned char ivec[AES_BLOCK_SIZE]);
-# endif
-# ifdef AES_XTS_ASM
-void AES_xts_encrypt(const unsigned char *inp, unsigned char *out, size_t len,
-                     const AES_KEY *key1, const AES_KEY *key2,
-                     const unsigned char iv[16]);
-void AES_xts_decrypt(const unsigned char *inp, unsigned char *out, size_t len,
-                     const AES_KEY *key1, const AES_KEY *key2,
-                     const unsigned char iv[16]);
-# endif
-
-# if     defined(OPENSSL_CPUID_OBJ) && (defined(__powerpc__) || defined(__ppc__) || defined(_ARCH_PPC))
-#  include "ppc_arch.h"
-#  ifdef VPAES_ASM
-#   define VPAES_CAPABLE (OPENSSL_ppccap_P & PPC_ALTIVEC)
-#  endif
-#  define HWAES_CAPABLE  (OPENSSL_ppccap_P & PPC_CRYPTO207)
-#  define HWAES_set_encrypt_key aes_p8_set_encrypt_key
-#  define HWAES_set_decrypt_key aes_p8_set_decrypt_key
-#  define HWAES_encrypt aes_p8_encrypt
-#  define HWAES_decrypt aes_p8_decrypt
-#  define HWAES_cbc_encrypt aes_p8_cbc_encrypt
-#  define HWAES_ctr32_encrypt_blocks aes_p8_ctr32_encrypt_blocks
-# endif
-
-# if     defined(AES_ASM) && !defined(I386_ONLY) &&      (  \
-        ((defined(__i386)       || defined(__i386__)    || \
-          defined(_M_IX86)) && defined(OPENSSL_IA32_SSE2))|| \
-        defined(__x86_64)       || defined(__x86_64__)  || \
-        defined(_M_AMD64)       || defined(_M_X64)      || \
-        defined(__INTEL__)                              )
-
-extern unsigned int OPENSSL_ia32cap_P[];
-
-#  ifdef VPAES_ASM
-#   define VPAES_CAPABLE   (OPENSSL_ia32cap_P[1]&(1<<(41-32)))
-#  endif
-#  ifdef BSAES_ASM
-#   define BSAES_CAPABLE   (OPENSSL_ia32cap_P[1]&(1<<(41-32)))
-#  endif
-/*
- * AES-NI section
- */
-#  define AESNI_CAPABLE   (OPENSSL_ia32cap_P[1]&(1<<(57-32)))
-
-int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
-                          AES_KEY *key);
-int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
-                          AES_KEY *key);
-
-void aesni_encrypt(const unsigned char *in, unsigned char *out,
-                   const AES_KEY *key);
-void aesni_decrypt(const unsigned char *in, unsigned char *out,
-                   const AES_KEY *key);
-
-void aesni_ecb_encrypt(const unsigned char *in,
-                       unsigned char *out,
-                       size_t length, const AES_KEY *key, int enc);
-void aesni_cbc_encrypt(const unsigned char *in,
-                       unsigned char *out,
-                       size_t length,
-                       const AES_KEY *key, unsigned char *ivec, int enc);
-
-void aesni_ctr32_encrypt_blocks(const unsigned char *in,
-                                unsigned char *out,
-                                size_t blocks,
-                                const void *key, const unsigned char *ivec);
-
-void aesni_xts_encrypt(const unsigned char *in,
-                       unsigned char *out,
-                       size_t length,
-                       const AES_KEY *key1, const AES_KEY *key2,
-                       const unsigned char iv[16]);
-
-void aesni_xts_decrypt(const unsigned char *in,
-                       unsigned char *out,
-                       size_t length,
-                       const AES_KEY *key1, const AES_KEY *key2,
-                       const unsigned char iv[16]);
-
-void aesni_ccm64_encrypt_blocks(const unsigned char *in,
-                                unsigned char *out,
-                                size_t blocks,
-                                const void *key,
-                                const unsigned char ivec[16],
-                                unsigned char cmac[16]);
-
-void aesni_ccm64_decrypt_blocks(const unsigned char *in,
-                                unsigned char *out,
-                                size_t blocks,
-                                const void *key,
-                                const unsigned char ivec[16],
-                                unsigned char cmac[16]);
-
-#  if defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64)
-size_t aesni_gcm_encrypt(const unsigned char *in,
-                         unsigned char *out,
-                         size_t len,
-                         const void *key, unsigned char ivec[16], u64 *Xi);
-#   define AES_gcm_encrypt aesni_gcm_encrypt
-size_t aesni_gcm_decrypt(const unsigned char *in,
-                         unsigned char *out,
-                         size_t len,
-                         const void *key, unsigned char ivec[16], u64 *Xi);
-#   define AES_gcm_decrypt aesni_gcm_decrypt
-void gcm_ghash_avx(u64 Xi[2], const u128 Htable[16], const u8 *in,
-                   size_t len);
-#   define AES_GCM_ASM(gctx)       (gctx->ctr==aesni_ctr32_encrypt_blocks && \
-                                 gctx->gcm.ghash==gcm_ghash_avx)
-#   define AES_GCM_ASM2(gctx)      (gctx->gcm.block==(block128_f)aesni_encrypt && \
-                                 gctx->gcm.ghash==gcm_ghash_avx)
-#   undef AES_GCM_ASM2          /* minor size optimization */
-#  endif
-
-static int aesni_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                          const unsigned char *iv, int enc)
-{
-    int ret, mode;
-    EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
-
-    mode = ctx->cipher->flags & EVP_CIPH_MODE;
-    if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
-        && !enc) {
-        ret = aesni_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
-        dat->block = (block128_f) aesni_decrypt;
-        dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
-            (cbc128_f) aesni_cbc_encrypt : NULL;
-    } else {
-        ret = aesni_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
-        dat->block = (block128_f) aesni_encrypt;
-        if (mode == EVP_CIPH_CBC_MODE)
-            dat->stream.cbc = (cbc128_f) aesni_cbc_encrypt;
-        else if (mode == EVP_CIPH_CTR_MODE)
-            dat->stream.ctr = (ctr128_f) aesni_ctr32_encrypt_blocks;
-        else
-            dat->stream.cbc = NULL;
-    }
-
-    if (ret < 0) {
-        EVPerr(EVP_F_AESNI_INIT_KEY, EVP_R_AES_KEY_SETUP_FAILED);
-        return 0;
-    }
-
-    return 1;
-}
-
-static int aesni_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                            const unsigned char *in, size_t len)
-{
-    aesni_cbc_encrypt(in, out, len, ctx->cipher_data, ctx->iv, ctx->encrypt);
-
-    return 1;
-}
-
-static int aesni_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                            const unsigned char *in, size_t len)
-{
-    size_t bl = ctx->cipher->block_size;
-
-    if (len < bl)
-        return 1;
-
-    aesni_ecb_encrypt(in, out, len, ctx->cipher_data, ctx->encrypt);
-
-    return 1;
-}
-
-#  define aesni_ofb_cipher aes_ofb_cipher
-static int aesni_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                            const unsigned char *in, size_t len);
-
-#  define aesni_cfb_cipher aes_cfb_cipher
-static int aesni_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                            const unsigned char *in, size_t len);
-
-#  define aesni_cfb8_cipher aes_cfb8_cipher
-static int aesni_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                             const unsigned char *in, size_t len);
-
-#  define aesni_cfb1_cipher aes_cfb1_cipher
-static int aesni_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                             const unsigned char *in, size_t len);
-
-#  define aesni_ctr_cipher aes_ctr_cipher
-static int aesni_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                            const unsigned char *in, size_t len);
-
-static int aesni_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                              const unsigned char *iv, int enc)
-{
-    EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
-    if (!iv && !key)
-        return 1;
-    if (key) {
-        aesni_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks.ks);
-        CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks, (block128_f) aesni_encrypt);
-        gctx->ctr = (ctr128_f) aesni_ctr32_encrypt_blocks;
-        /*
-         * If we have an iv can set it directly, otherwise use saved IV.
-         */
-        if (iv == NULL && gctx->iv_set)
-            iv = gctx->iv;
-        if (iv) {
-            CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
-            gctx->iv_set = 1;
-        }
-        gctx->key_set = 1;
-    } else {
-        /* If key set use IV, otherwise copy */
-        if (gctx->key_set)
-            CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
-        else
-            memcpy(gctx->iv, iv, gctx->ivlen);
-        gctx->iv_set = 1;
-        gctx->iv_gen = 0;
-    }
-    return 1;
-}
-
-#  define aesni_gcm_cipher aes_gcm_cipher
-static int aesni_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                            const unsigned char *in, size_t len);
-
-static int aesni_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                              const unsigned char *iv, int enc)
-{
-    EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
-    if (!iv && !key)
-        return 1;
-
-    if (key) {
-        /* key_len is two AES keys */
-        if (enc) {
-            aesni_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1.ks);
-            xctx->xts.block1 = (block128_f) aesni_encrypt;
-            xctx->stream = aesni_xts_encrypt;
-        } else {
-            aesni_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1.ks);
-            xctx->xts.block1 = (block128_f) aesni_decrypt;
-            xctx->stream = aesni_xts_decrypt;
-        }
-
-        aesni_set_encrypt_key(key + ctx->key_len / 2,
-                              ctx->key_len * 4, &xctx->ks2.ks);
-        xctx->xts.block2 = (block128_f) aesni_encrypt;
-
-        xctx->xts.key1 = &xctx->ks1;
-    }
-
-    if (iv) {
-        xctx->xts.key2 = &xctx->ks2;
-        memcpy(ctx->iv, iv, 16);
-    }
-
-    return 1;
-}
-
-#  define aesni_xts_cipher aes_xts_cipher
-static int aesni_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                            const unsigned char *in, size_t len);
-
-static int aesni_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                              const unsigned char *iv, int enc)
-{
-    EVP_AES_CCM_CTX *cctx = ctx->cipher_data;
-    if (!iv && !key)
-        return 1;
-    if (key) {
-        aesni_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks.ks);
-        CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
-                           &cctx->ks, (block128_f) aesni_encrypt);
-        cctx->str = enc ? (ccm128_f) aesni_ccm64_encrypt_blocks :
-            (ccm128_f) aesni_ccm64_decrypt_blocks;
-        cctx->key_set = 1;
-    }
-    if (iv) {
-        memcpy(ctx->iv, iv, 15 - cctx->L);
-        cctx->iv_set = 1;
-    }
-    return 1;
-}
-
-#  define aesni_ccm_cipher aes_ccm_cipher
-static int aesni_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                            const unsigned char *in, size_t len);
-
-#  define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
-static const EVP_CIPHER aesni_##keylen##_##mode = { \
-        nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
-        flags|EVP_CIPH_##MODE##_MODE,   \
-        aesni_init_key,                 \
-        aesni_##mode##_cipher,          \
-        NULL,                           \
-        sizeof(EVP_AES_KEY),            \
-        NULL,NULL,NULL,NULL }; \
-static const EVP_CIPHER aes_##keylen##_##mode = { \
-        nid##_##keylen##_##nmode,blocksize,     \
-        keylen/8,ivlen, \
-        flags|EVP_CIPH_##MODE##_MODE,   \
-        aes_init_key,                   \
-        aes_##mode##_cipher,            \
-        NULL,                           \
-        sizeof(EVP_AES_KEY),            \
-        NULL,NULL,NULL,NULL }; \
-const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
-{ return AESNI_CAPABLE?&aesni_##keylen##_##mode:&aes_##keylen##_##mode; }
-
-#  define BLOCK_CIPHER_custom(nid,keylen,blocksize,ivlen,mode,MODE,flags) \
-static const EVP_CIPHER aesni_##keylen##_##mode = { \
-        nid##_##keylen##_##mode,blocksize, \
-        (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \
-        flags|EVP_CIPH_##MODE##_MODE,   \
-        aesni_##mode##_init_key,        \
-        aesni_##mode##_cipher,          \
-        aes_##mode##_cleanup,           \
-        sizeof(EVP_AES_##MODE##_CTX),   \
-        NULL,NULL,aes_##mode##_ctrl,NULL }; \
-static const EVP_CIPHER aes_##keylen##_##mode = { \
-        nid##_##keylen##_##mode,blocksize, \
-        (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \
-        flags|EVP_CIPH_##MODE##_MODE,   \
-        aes_##mode##_init_key,          \
-        aes_##mode##_cipher,            \
-        aes_##mode##_cleanup,           \
-        sizeof(EVP_AES_##MODE##_CTX),   \
-        NULL,NULL,aes_##mode##_ctrl,NULL }; \
-const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
-{ return AESNI_CAPABLE?&aesni_##keylen##_##mode:&aes_##keylen##_##mode; }
-
-# elif   defined(AES_ASM) && (defined(__sparc) || defined(__sparc__))
-
-#  include "sparc_arch.h"
-
-extern unsigned int OPENSSL_sparcv9cap_P[];
-
-#  define SPARC_AES_CAPABLE       (OPENSSL_sparcv9cap_P[1] & CFR_AES)
-
-void aes_t4_set_encrypt_key(const unsigned char *key, int bits, AES_KEY *ks);
-void aes_t4_set_decrypt_key(const unsigned char *key, int bits, AES_KEY *ks);
-void aes_t4_encrypt(const unsigned char *in, unsigned char *out,
-                    const AES_KEY *key);
-void aes_t4_decrypt(const unsigned char *in, unsigned char *out,
-                    const AES_KEY *key);
-/*
- * Key-length specific subroutines were chosen for following reason.
- * Each SPARC T4 core can execute up to 8 threads which share core's
- * resources. Loading as much key material to registers allows to
- * minimize references to shared memory interface, as well as amount
- * of instructions in inner loops [much needed on T4]. But then having
- * non-key-length specific routines would require conditional branches
- * either in inner loops or on subroutines' entries. Former is hardly
- * acceptable, while latter means code size increase to size occupied
- * by multiple key-length specfic subroutines, so why fight?
- */
-void aes128_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
-                           size_t len, const AES_KEY *key,
-                           unsigned char *ivec);
-void aes128_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
-                           size_t len, const AES_KEY *key,
-                           unsigned char *ivec);
-void aes192_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
-                           size_t len, const AES_KEY *key,
-                           unsigned char *ivec);
-void aes192_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
-                           size_t len, const AES_KEY *key,
-                           unsigned char *ivec);
-void aes256_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
-                           size_t len, const AES_KEY *key,
-                           unsigned char *ivec);
-void aes256_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
-                           size_t len, const AES_KEY *key,
-                           unsigned char *ivec);
-void aes128_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
-                             size_t blocks, const AES_KEY *key,
-                             unsigned char *ivec);
-void aes192_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
-                             size_t blocks, const AES_KEY *key,
-                             unsigned char *ivec);
-void aes256_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
-                             size_t blocks, const AES_KEY *key,
-                             unsigned char *ivec);
-void aes128_t4_xts_encrypt(const unsigned char *in, unsigned char *out,
-                           size_t blocks, const AES_KEY *key1,
-                           const AES_KEY *key2, const unsigned char *ivec);
-void aes128_t4_xts_decrypt(const unsigned char *in, unsigned char *out,
-                           size_t blocks, const AES_KEY *key1,
-                           const AES_KEY *key2, const unsigned char *ivec);
-void aes256_t4_xts_encrypt(const unsigned char *in, unsigned char *out,
-                           size_t blocks, const AES_KEY *key1,
-                           const AES_KEY *key2, const unsigned char *ivec);
-void aes256_t4_xts_decrypt(const unsigned char *in, unsigned char *out,
-                           size_t blocks, const AES_KEY *key1,
-                           const AES_KEY *key2, const unsigned char *ivec);
-
-static int aes_t4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                           const unsigned char *iv, int enc)
-{
-    int ret, mode, bits;
-    EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
-
-    mode = ctx->cipher->flags & EVP_CIPH_MODE;
-    bits = ctx->key_len * 8;
-    if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
-        && !enc) {
-        ret = 0;
-        aes_t4_set_decrypt_key(key, bits, ctx->cipher_data);
-        dat->block = (block128_f) aes_t4_decrypt;
-        switch (bits) {
-        case 128:
-            dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
-                (cbc128_f) aes128_t4_cbc_decrypt : NULL;
-            break;
-        case 192:
-            dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
-                (cbc128_f) aes192_t4_cbc_decrypt : NULL;
-            break;
-        case 256:
-            dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
-                (cbc128_f) aes256_t4_cbc_decrypt : NULL;
-            break;
-        default:
-            ret = -1;
-        }
-    } else {
-        ret = 0;
-        aes_t4_set_encrypt_key(key, bits, ctx->cipher_data);
-        dat->block = (block128_f) aes_t4_encrypt;
-        switch (bits) {
-        case 128:
-            if (mode == EVP_CIPH_CBC_MODE)
-                dat->stream.cbc = (cbc128_f) aes128_t4_cbc_encrypt;
-            else if (mode == EVP_CIPH_CTR_MODE)
-                dat->stream.ctr = (ctr128_f) aes128_t4_ctr32_encrypt;
-            else
-                dat->stream.cbc = NULL;
-            break;
-        case 192:
-            if (mode == EVP_CIPH_CBC_MODE)
-                dat->stream.cbc = (cbc128_f) aes192_t4_cbc_encrypt;
-            else if (mode == EVP_CIPH_CTR_MODE)
-                dat->stream.ctr = (ctr128_f) aes192_t4_ctr32_encrypt;
-            else
-                dat->stream.cbc = NULL;
-            break;
-        case 256:
-            if (mode == EVP_CIPH_CBC_MODE)
-                dat->stream.cbc = (cbc128_f) aes256_t4_cbc_encrypt;
-            else if (mode == EVP_CIPH_CTR_MODE)
-                dat->stream.ctr = (ctr128_f) aes256_t4_ctr32_encrypt;
-            else
-                dat->stream.cbc = NULL;
-            break;
-        default:
-            ret = -1;
-        }
-    }
-
-    if (ret < 0) {
-        EVPerr(EVP_F_AES_T4_INIT_KEY, EVP_R_AES_KEY_SETUP_FAILED);
-        return 0;
-    }
-
-    return 1;
-}
-
-#  define aes_t4_cbc_cipher aes_cbc_cipher
-static int aes_t4_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                             const unsigned char *in, size_t len);
-
-#  define aes_t4_ecb_cipher aes_ecb_cipher
-static int aes_t4_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                             const unsigned char *in, size_t len);
-
-#  define aes_t4_ofb_cipher aes_ofb_cipher
-static int aes_t4_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                             const unsigned char *in, size_t len);
-
-#  define aes_t4_cfb_cipher aes_cfb_cipher
-static int aes_t4_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                             const unsigned char *in, size_t len);
-
-#  define aes_t4_cfb8_cipher aes_cfb8_cipher
-static int aes_t4_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                              const unsigned char *in, size_t len);
-
-#  define aes_t4_cfb1_cipher aes_cfb1_cipher
-static int aes_t4_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                              const unsigned char *in, size_t len);
-
-#  define aes_t4_ctr_cipher aes_ctr_cipher
-static int aes_t4_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                             const unsigned char *in, size_t len);
-
-static int aes_t4_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                               const unsigned char *iv, int enc)
-{
-    EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
-    if (!iv && !key)
-        return 1;
-    if (key) {
-        int bits = ctx->key_len * 8;
-        aes_t4_set_encrypt_key(key, bits, &gctx->ks.ks);
-        CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
-                           (block128_f) aes_t4_encrypt);
-        switch (bits) {
-        case 128:
-            gctx->ctr = (ctr128_f) aes128_t4_ctr32_encrypt;
-            break;
-        case 192:
-            gctx->ctr = (ctr128_f) aes192_t4_ctr32_encrypt;
-            break;
-        case 256:
-            gctx->ctr = (ctr128_f) aes256_t4_ctr32_encrypt;
-            break;
-        default:
-            return 0;
-        }
-        /*
-         * If we have an iv can set it directly, otherwise use saved IV.
-         */
-        if (iv == NULL && gctx->iv_set)
-            iv = gctx->iv;
-        if (iv) {
-            CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
-            gctx->iv_set = 1;
-        }
-        gctx->key_set = 1;
-    } else {
-        /* If key set use IV, otherwise copy */
-        if (gctx->key_set)
-            CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
-        else
-            memcpy(gctx->iv, iv, gctx->ivlen);
-        gctx->iv_set = 1;
-        gctx->iv_gen = 0;
-    }
-    return 1;
-}
-
-#  define aes_t4_gcm_cipher aes_gcm_cipher
-static int aes_t4_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                             const unsigned char *in, size_t len);
-
-static int aes_t4_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                               const unsigned char *iv, int enc)
-{
-    EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
-    if (!iv && !key)
-        return 1;
-
-    if (key) {
-        int bits = ctx->key_len * 4;
-        xctx->stream = NULL;
-        /* key_len is two AES keys */
-        if (enc) {
-            aes_t4_set_encrypt_key(key, bits, &xctx->ks1.ks);
-            xctx->xts.block1 = (block128_f) aes_t4_encrypt;
-            switch (bits) {
-            case 128:
-                xctx->stream = aes128_t4_xts_encrypt;
-                break;
-#  if 0                         /* not yet */
-            case 192:
-                xctx->stream = aes192_t4_xts_encrypt;
-                break;
-#  endif
-            case 256:
-                xctx->stream = aes256_t4_xts_encrypt;
-                break;
-            default:
-                return 0;
-            }
-        } else {
-            aes_t4_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1.ks);
-            xctx->xts.block1 = (block128_f) aes_t4_decrypt;
-            switch (bits) {
-            case 128:
-                xctx->stream = aes128_t4_xts_decrypt;
-                break;
-#  if 0                         /* not yet */
-            case 192:
-                xctx->stream = aes192_t4_xts_decrypt;
-                break;
-#  endif
-            case 256:
-                xctx->stream = aes256_t4_xts_decrypt;
-                break;
-            default:
-                return 0;
-            }
-        }
-
-        aes_t4_set_encrypt_key(key + ctx->key_len / 2,
-                               ctx->key_len * 4, &xctx->ks2.ks);
-        xctx->xts.block2 = (block128_f) aes_t4_encrypt;
-
-        xctx->xts.key1 = &xctx->ks1;
-    }
-
-    if (iv) {
-        xctx->xts.key2 = &xctx->ks2;
-        memcpy(ctx->iv, iv, 16);
-    }
-
-    return 1;
-}
-
-#  define aes_t4_xts_cipher aes_xts_cipher
-static int aes_t4_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                             const unsigned char *in, size_t len);
-
-static int aes_t4_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                               const unsigned char *iv, int enc)
-{
-    EVP_AES_CCM_CTX *cctx = ctx->cipher_data;
-    if (!iv && !key)
-        return 1;
-    if (key) {
-        int bits = ctx->key_len * 8;
-        aes_t4_set_encrypt_key(key, bits, &cctx->ks.ks);
-        CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
-                           &cctx->ks, (block128_f) aes_t4_encrypt);
-#  if 0                         /* not yet */
-        switch (bits) {
-        case 128:
-            cctx->str = enc ? (ccm128_f) aes128_t4_ccm64_encrypt :
-                (ccm128_f) ae128_t4_ccm64_decrypt;
-            break;
-        case 192:
-            cctx->str = enc ? (ccm128_f) aes192_t4_ccm64_encrypt :
-                (ccm128_f) ae192_t4_ccm64_decrypt;
-            break;
-        case 256:
-            cctx->str = enc ? (ccm128_f) aes256_t4_ccm64_encrypt :
-                (ccm128_f) ae256_t4_ccm64_decrypt;
-            break;
-        default:
-            return 0;
-        }
-#  else
-        cctx->str = NULL;
-#  endif
-        cctx->key_set = 1;
-    }
-    if (iv) {
-        memcpy(ctx->iv, iv, 15 - cctx->L);
-        cctx->iv_set = 1;
-    }
-    return 1;
-}
-
-#  define aes_t4_ccm_cipher aes_ccm_cipher
-static int aes_t4_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                             const unsigned char *in, size_t len);
-
-#  define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
-static const EVP_CIPHER aes_t4_##keylen##_##mode = { \
-        nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
-        flags|EVP_CIPH_##MODE##_MODE,   \
-        aes_t4_init_key,                \
-        aes_t4_##mode##_cipher,         \
-        NULL,                           \
-        sizeof(EVP_AES_KEY),            \
-        NULL,NULL,NULL,NULL }; \
-static const EVP_CIPHER aes_##keylen##_##mode = { \
-        nid##_##keylen##_##nmode,blocksize,     \
-        keylen/8,ivlen, \
-        flags|EVP_CIPH_##MODE##_MODE,   \
-        aes_init_key,                   \
-        aes_##mode##_cipher,            \
-        NULL,                           \
-        sizeof(EVP_AES_KEY),            \
-        NULL,NULL,NULL,NULL }; \
-const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
-{ return SPARC_AES_CAPABLE?&aes_t4_##keylen##_##mode:&aes_##keylen##_##mode; }
-
-#  define BLOCK_CIPHER_custom(nid,keylen,blocksize,ivlen,mode,MODE,flags) \
-static const EVP_CIPHER aes_t4_##keylen##_##mode = { \
-        nid##_##keylen##_##mode,blocksize, \
-        (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \
-        flags|EVP_CIPH_##MODE##_MODE,   \
-        aes_t4_##mode##_init_key,       \
-        aes_t4_##mode##_cipher,         \
-        aes_##mode##_cleanup,           \
-        sizeof(EVP_AES_##MODE##_CTX),   \
-        NULL,NULL,aes_##mode##_ctrl,NULL }; \
-static const EVP_CIPHER aes_##keylen##_##mode = { \
-        nid##_##keylen##_##mode,blocksize, \
-        (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \
-        flags|EVP_CIPH_##MODE##_MODE,   \
-        aes_##mode##_init_key,          \
-        aes_##mode##_cipher,            \
-        aes_##mode##_cleanup,           \
-        sizeof(EVP_AES_##MODE##_CTX),   \
-        NULL,NULL,aes_##mode##_ctrl,NULL }; \
-const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
-{ return SPARC_AES_CAPABLE?&aes_t4_##keylen##_##mode:&aes_##keylen##_##mode; }
-
-# else
-
-#  define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
-static const EVP_CIPHER aes_##keylen##_##mode = { \
-        nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
-        flags|EVP_CIPH_##MODE##_MODE,   \
-        aes_init_key,                   \
-        aes_##mode##_cipher,            \
-        NULL,                           \
-        sizeof(EVP_AES_KEY),            \
-        NULL,NULL,NULL,NULL }; \
-const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
-{ return &aes_##keylen##_##mode; }
-
-#  define BLOCK_CIPHER_custom(nid,keylen,blocksize,ivlen,mode,MODE,flags) \
-static const EVP_CIPHER aes_##keylen##_##mode = { \
-        nid##_##keylen##_##mode,blocksize, \
-        (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \
-        flags|EVP_CIPH_##MODE##_MODE,   \
-        aes_##mode##_init_key,          \
-        aes_##mode##_cipher,            \
-        aes_##mode##_cleanup,           \
-        sizeof(EVP_AES_##MODE##_CTX),   \
-        NULL,NULL,aes_##mode##_ctrl,NULL }; \
-const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
-{ return &aes_##keylen##_##mode; }
-# endif
-
-# if defined(OPENSSL_CPUID_OBJ) && (defined(__arm__) || defined(__arm) || defined(__aarch64__))
-#  include "arm_arch.h"
-#  if __ARM_MAX_ARCH__>=7
-#   if defined(BSAES_ASM)
-#    define BSAES_CAPABLE (OPENSSL_armcap_P & ARMV7_NEON)
-#   endif
-#   define HWAES_CAPABLE (OPENSSL_armcap_P & ARMV8_AES)
-#   define HWAES_set_encrypt_key aes_v8_set_encrypt_key
-#   define HWAES_set_decrypt_key aes_v8_set_decrypt_key
-#   define HWAES_encrypt aes_v8_encrypt
-#   define HWAES_decrypt aes_v8_decrypt
-#   define HWAES_cbc_encrypt aes_v8_cbc_encrypt
-#   define HWAES_ctr32_encrypt_blocks aes_v8_ctr32_encrypt_blocks
-#  endif
-# endif
-
-# if defined(HWAES_CAPABLE)
-int HWAES_set_encrypt_key(const unsigned char *userKey, const int bits,
-                          AES_KEY *key);
-int HWAES_set_decrypt_key(const unsigned char *userKey, const int bits,
-                          AES_KEY *key);
-void HWAES_encrypt(const unsigned char *in, unsigned char *out,
-                   const AES_KEY *key);
-void HWAES_decrypt(const unsigned char *in, unsigned char *out,
-                   const AES_KEY *key);
-void HWAES_cbc_encrypt(const unsigned char *in, unsigned char *out,
-                       size_t length, const AES_KEY *key,
-                       unsigned char *ivec, const int enc);
-void HWAES_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
-                                size_t len, const AES_KEY *key,
-                                const unsigned char ivec[16]);
-# endif
-
-# define BLOCK_CIPHER_generic_pack(nid,keylen,flags)             \
-        BLOCK_CIPHER_generic(nid,keylen,16,16,cbc,cbc,CBC,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)     \
-        BLOCK_CIPHER_generic(nid,keylen,16,0,ecb,ecb,ECB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)      \
-        BLOCK_CIPHER_generic(nid,keylen,1,16,ofb128,ofb,OFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)   \
-        BLOCK_CIPHER_generic(nid,keylen,1,16,cfb128,cfb,CFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)   \
-        BLOCK_CIPHER_generic(nid,keylen,1,16,cfb1,cfb1,CFB,flags)       \
-        BLOCK_CIPHER_generic(nid,keylen,1,16,cfb8,cfb8,CFB,flags)       \
-        BLOCK_CIPHER_generic(nid,keylen,1,16,ctr,ctr,CTR,flags)
-
-static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                        const unsigned char *iv, int enc)
-{
-    int ret, mode;
-    EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
-
-    mode = ctx->cipher->flags & EVP_CIPH_MODE;
-    if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
-        && !enc)
-# ifdef HWAES_CAPABLE
-        if (HWAES_CAPABLE) {
-            ret = HWAES_set_decrypt_key(key, ctx->key_len * 8, &dat->ks.ks);
-            dat->block = (block128_f) HWAES_decrypt;
-            dat->stream.cbc = NULL;
-#  ifdef HWAES_cbc_encrypt
-            if (mode == EVP_CIPH_CBC_MODE)
-                dat->stream.cbc = (cbc128_f) HWAES_cbc_encrypt;
-#  endif
-        } else
-# endif
-# ifdef BSAES_CAPABLE
-        if (BSAES_CAPABLE && mode == EVP_CIPH_CBC_MODE) {
-            ret = AES_set_decrypt_key(key, ctx->key_len * 8, &dat->ks.ks);
-            dat->block = (block128_f) AES_decrypt;
-            dat->stream.cbc = (cbc128_f) bsaes_cbc_encrypt;
-        } else
-# endif
-# ifdef VPAES_CAPABLE
-        if (VPAES_CAPABLE) {
-            ret = vpaes_set_decrypt_key(key, ctx->key_len * 8, &dat->ks.ks);
-            dat->block = (block128_f) vpaes_decrypt;
-            dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
-                (cbc128_f) vpaes_cbc_encrypt : NULL;
-        } else
-# endif
-        {
-            ret = AES_set_decrypt_key(key, ctx->key_len * 8, &dat->ks.ks);
-            dat->block = (block128_f) AES_decrypt;
-            dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
-                (cbc128_f) AES_cbc_encrypt : NULL;
-    } else
-# ifdef HWAES_CAPABLE
-    if (HWAES_CAPABLE) {
-        ret = HWAES_set_encrypt_key(key, ctx->key_len * 8, &dat->ks.ks);
-        dat->block = (block128_f) HWAES_encrypt;
-        dat->stream.cbc = NULL;
-#  ifdef HWAES_cbc_encrypt
-        if (mode == EVP_CIPH_CBC_MODE)
-            dat->stream.cbc = (cbc128_f) HWAES_cbc_encrypt;
-        else
-#  endif
-#  ifdef HWAES_ctr32_encrypt_blocks
-        if (mode == EVP_CIPH_CTR_MODE)
-            dat->stream.ctr = (ctr128_f) HWAES_ctr32_encrypt_blocks;
-        else
-#  endif
-            (void)0;            /* terminate potentially open 'else' */
-    } else
-# endif
-# ifdef BSAES_CAPABLE
-    if (BSAES_CAPABLE && mode == EVP_CIPH_CTR_MODE) {
-        ret = AES_set_encrypt_key(key, ctx->key_len * 8, &dat->ks.ks);
-        dat->block = (block128_f) AES_encrypt;
-        dat->stream.ctr = (ctr128_f) bsaes_ctr32_encrypt_blocks;
-    } else
-# endif
-# ifdef VPAES_CAPABLE
-    if (VPAES_CAPABLE) {
-        ret = vpaes_set_encrypt_key(key, ctx->key_len * 8, &dat->ks.ks);
-        dat->block = (block128_f) vpaes_encrypt;
-        dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
-            (cbc128_f) vpaes_cbc_encrypt : NULL;
-    } else
-# endif
-    {
-        ret = AES_set_encrypt_key(key, ctx->key_len * 8, &dat->ks.ks);
-        dat->block = (block128_f) AES_encrypt;
-        dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
-            (cbc128_f) AES_cbc_encrypt : NULL;
-# ifdef AES_CTR_ASM
-        if (mode == EVP_CIPH_CTR_MODE)
-            dat->stream.ctr = (ctr128_f) AES_ctr32_encrypt;
-# endif
-    }
-
-    if (ret < 0) {
-        EVPerr(EVP_F_AES_INIT_KEY, EVP_R_AES_KEY_SETUP_FAILED);
-        return 0;
-    }
-
-    return 1;
-}
-
-static int aes_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                          const unsigned char *in, size_t len)
-{
-    EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
-
-    if (dat->stream.cbc)
-        (*dat->stream.cbc) (in, out, len, &dat->ks, ctx->iv, ctx->encrypt);
-    else if (ctx->encrypt)
-        CRYPTO_cbc128_encrypt(in, out, len, &dat->ks, ctx->iv, dat->block);
-    else
-        CRYPTO_cbc128_decrypt(in, out, len, &dat->ks, ctx->iv, dat->block);
-
-    return 1;
-}
-
-static int aes_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                          const unsigned char *in, size_t len)
-{
-    size_t bl = ctx->cipher->block_size;
-    size_t i;
-    EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
-
-    if (len < bl)
-        return 1;
-
-    for (i = 0, len -= bl; i <= len; i += bl)
-        (*dat->block) (in + i, out + i, &dat->ks);
-
-    return 1;
-}
-
-static int aes_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                          const unsigned char *in, size_t len)
-{
-    EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
-
-    CRYPTO_ofb128_encrypt(in, out, len, &dat->ks,
-                          ctx->iv, &ctx->num, dat->block);
-    return 1;
-}
-
-static int aes_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                          const unsigned char *in, size_t len)
-{
-    EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
-
-    CRYPTO_cfb128_encrypt(in, out, len, &dat->ks,
-                          ctx->iv, &ctx->num, ctx->encrypt, dat->block);
-    return 1;
-}
-
-static int aes_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                           const unsigned char *in, size_t len)
-{
-    EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
-
-    CRYPTO_cfb128_8_encrypt(in, out, len, &dat->ks,
-                            ctx->iv, &ctx->num, ctx->encrypt, dat->block);
-    return 1;
-}
-
-static int aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                           const unsigned char *in, size_t len)
-{
-    EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
-
-    if (ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) {
-        CRYPTO_cfb128_1_encrypt(in, out, len, &dat->ks,
-                                ctx->iv, &ctx->num, ctx->encrypt, dat->block);
-        return 1;
-    }
-
-    while (len >= MAXBITCHUNK) {
-        CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks,
-                                ctx->iv, &ctx->num, ctx->encrypt, dat->block);
-        len -= MAXBITCHUNK;
-    }
-    if (len)
-        CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks,
-                                ctx->iv, &ctx->num, ctx->encrypt, dat->block);
-
-    return 1;
-}
-
-static int aes_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                          const unsigned char *in, size_t len)
-{
-    unsigned int num = ctx->num;
-    EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
-
-    if (dat->stream.ctr)
-        CRYPTO_ctr128_encrypt_ctr32(in, out, len, &dat->ks,
-                                    ctx->iv, ctx->buf, &num, dat->stream.ctr);
-    else
-        CRYPTO_ctr128_encrypt(in, out, len, &dat->ks,
-                              ctx->iv, ctx->buf, &num, dat->block);
-    ctx->num = (size_t)num;
-    return 1;
-}
-
-BLOCK_CIPHER_generic_pack(NID_aes, 128, EVP_CIPH_FLAG_FIPS)
-    BLOCK_CIPHER_generic_pack(NID_aes, 192, EVP_CIPH_FLAG_FIPS)
-    BLOCK_CIPHER_generic_pack(NID_aes, 256, EVP_CIPH_FLAG_FIPS)
-
-static int aes_gcm_cleanup(EVP_CIPHER_CTX *c)
-{
-    EVP_AES_GCM_CTX *gctx = c->cipher_data;
-    if (gctx == NULL)
-        return 0;
-    OPENSSL_cleanse(&gctx->gcm, sizeof(gctx->gcm));
-    if (gctx->iv != c->iv)
-        OPENSSL_free(gctx->iv);
-    return 1;
-}
-
-/* increment counter (64-bit int) by 1 */
-static void ctr64_inc(unsigned char *counter)
-{
-    int n = 8;
-    unsigned char c;
-
-    do {
-        --n;
-        c = counter[n];
-        ++c;
-        counter[n] = c;
-        if (c)
-            return;
-    } while (n);
-}
-
-static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
-{
-    EVP_AES_GCM_CTX *gctx = c->cipher_data;
-    switch (type) {
-    case EVP_CTRL_INIT:
-        gctx->key_set = 0;
-        gctx->iv_set = 0;
-        gctx->ivlen = c->cipher->iv_len;
-        gctx->iv = c->iv;
-        gctx->taglen = -1;
-        gctx->iv_gen = 0;
-        gctx->tls_aad_len = -1;
-        return 1;
-
-    case EVP_CTRL_GCM_SET_IVLEN:
-        if (arg <= 0)
-            return 0;
-        /* Allocate memory for IV if needed */
-        if ((arg > EVP_MAX_IV_LENGTH) && (arg > gctx->ivlen)) {
-            if (gctx->iv != c->iv)
-                OPENSSL_free(gctx->iv);
-            gctx->iv = OPENSSL_malloc(arg);
-            if (!gctx->iv)
-                return 0;
-        }
-        gctx->ivlen = arg;
-        return 1;
-
-    case EVP_CTRL_GCM_SET_TAG:
-        if (arg <= 0 || arg > 16 || c->encrypt)
-            return 0;
-        memcpy(c->buf, ptr, arg);
-        gctx->taglen = arg;
-        return 1;
-
-    case EVP_CTRL_GCM_GET_TAG:
-        if (arg <= 0 || arg > 16 || !c->encrypt || gctx->taglen < 0)
-            return 0;
-        memcpy(ptr, c->buf, arg);
-        return 1;
-
-    case EVP_CTRL_GCM_SET_IV_FIXED:
-        /* Special case: -1 length restores whole IV */
-        if (arg == -1) {
-            memcpy(gctx->iv, ptr, gctx->ivlen);
-            gctx->iv_gen = 1;
-            return 1;
-        }
-        /*
-         * Fixed field must be at least 4 bytes and invocation field at least
-         * 8.
-         */
-        if ((arg < 4) || (gctx->ivlen - arg) < 8)
-            return 0;
-        if (arg)
-            memcpy(gctx->iv, ptr, arg);
-        if (c->encrypt && RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0)
-            return 0;
-        gctx->iv_gen = 1;
-        return 1;
-
-    case EVP_CTRL_GCM_IV_GEN:
-        if (gctx->iv_gen == 0 || gctx->key_set == 0)
-            return 0;
-        CRYPTO_gcm128_setiv(&gctx->gcm, gctx->iv, gctx->ivlen);
-        if (arg <= 0 || arg > gctx->ivlen)
-            arg = gctx->ivlen;
-        memcpy(ptr, gctx->iv + gctx->ivlen - arg, arg);
-        /*
-         * Invocation field will be at least 8 bytes in size and so no need
-         * to check wrap around or increment more than last 8 bytes.
-         */
-        ctr64_inc(gctx->iv + gctx->ivlen - 8);
-        gctx->iv_set = 1;
-        return 1;
-
-    case EVP_CTRL_GCM_SET_IV_INV:
-        if (gctx->iv_gen == 0 || gctx->key_set == 0 || c->encrypt)
-            return 0;
-        memcpy(gctx->iv + gctx->ivlen - arg, ptr, arg);
-        CRYPTO_gcm128_setiv(&gctx->gcm, gctx->iv, gctx->ivlen);
-        gctx->iv_set = 1;
-        return 1;
-
-    case EVP_CTRL_AEAD_TLS1_AAD:
-        /* Save the AAD for later use */
-        if (arg != EVP_AEAD_TLS1_AAD_LEN)
-            return 0;
-        memcpy(c->buf, ptr, arg);
-        gctx->tls_aad_len = arg;
-        {
-            unsigned int len = c->buf[arg - 2] << 8 | c->buf[arg - 1];
-            /* Correct length for explicit IV */
-            if (len < EVP_GCM_TLS_EXPLICIT_IV_LEN)
-                return 0;
-            len -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
-            /* If decrypting correct for tag too */
-            if (!c->encrypt) {
-                if (len < EVP_GCM_TLS_TAG_LEN)
-                    return 0;
-                len -= EVP_GCM_TLS_TAG_LEN;
-            }
-            c->buf[arg - 2] = len >> 8;
-            c->buf[arg - 1] = len & 0xff;
-        }
-        /* Extra padding: tag appended to record */
-        return EVP_GCM_TLS_TAG_LEN;
-
-    case EVP_CTRL_COPY:
-        {
-            EVP_CIPHER_CTX *out = ptr;
-            EVP_AES_GCM_CTX *gctx_out = out->cipher_data;
-            if (gctx->gcm.key) {
-                if (gctx->gcm.key != &gctx->ks)
-                    return 0;
-                gctx_out->gcm.key = &gctx_out->ks;
-            }
-            if (gctx->iv == c->iv)
-                gctx_out->iv = out->iv;
-            else {
-                gctx_out->iv = OPENSSL_malloc(gctx->ivlen);
-                if (!gctx_out->iv)
-                    return 0;
-                memcpy(gctx_out->iv, gctx->iv, gctx->ivlen);
-            }
-            return 1;
-        }
-
-    default:
-        return -1;
-
-    }
-}
-
-static int aes_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                            const unsigned char *iv, int enc)
-{
-    EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
-    if (!iv && !key)
-        return 1;
-    if (key) {
-        do {
-# ifdef HWAES_CAPABLE
-            if (HWAES_CAPABLE) {
-                HWAES_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks.ks);
-                CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
-                                   (block128_f) HWAES_encrypt);
-#  ifdef HWAES_ctr32_encrypt_blocks
-                gctx->ctr = (ctr128_f) HWAES_ctr32_encrypt_blocks;
-#  else
-                gctx->ctr = NULL;
-#  endif
-                break;
-            } else
-# endif
-# ifdef BSAES_CAPABLE
-            if (BSAES_CAPABLE) {
-                AES_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks.ks);
-                CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
-                                   (block128_f) AES_encrypt);
-                gctx->ctr = (ctr128_f) bsaes_ctr32_encrypt_blocks;
-                break;
-            } else
-# endif
-# ifdef VPAES_CAPABLE
-            if (VPAES_CAPABLE) {
-                vpaes_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks.ks);
-                CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
-                                   (block128_f) vpaes_encrypt);
-                gctx->ctr = NULL;
-                break;
-            } else
-# endif
-                (void)0;        /* terminate potentially open 'else' */
-
-            AES_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks.ks);
-            CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
-                               (block128_f) AES_encrypt);
-# ifdef AES_CTR_ASM
-            gctx->ctr = (ctr128_f) AES_ctr32_encrypt;
-# else
-            gctx->ctr = NULL;
-# endif
-        } while (0);
-
-        /*
-         * If we have an iv can set it directly, otherwise use saved IV.
-         */
-        if (iv == NULL && gctx->iv_set)
-            iv = gctx->iv;
-        if (iv) {
-            CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
-            gctx->iv_set = 1;
-        }
-        gctx->key_set = 1;
-    } else {
-        /* If key set use IV, otherwise copy */
-        if (gctx->key_set)
-            CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
-        else
-            memcpy(gctx->iv, iv, gctx->ivlen);
-        gctx->iv_set = 1;
-        gctx->iv_gen = 0;
-    }
-    return 1;
-}
-
-/*
- * Handle TLS GCM packet format. This consists of the last portion of the IV
- * followed by the payload and finally the tag. On encrypt generate IV,
- * encrypt payload and write the tag. On verify retrieve IV, decrypt payload
- * and verify tag.
- */
-
-static int aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                              const unsigned char *in, size_t len)
-{
-    EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
-    int rv = -1;
-    /* Encrypt/decrypt must be performed in place */
-    if (out != in
-        || len < (EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN))
-        return -1;
-    /*
-     * Set IV from start of buffer or generate IV and write to start of
-     * buffer.
-     */
-    if (EVP_CIPHER_CTX_ctrl(ctx, ctx->encrypt ?
-                            EVP_CTRL_GCM_IV_GEN : EVP_CTRL_GCM_SET_IV_INV,
-                            EVP_GCM_TLS_EXPLICIT_IV_LEN, out) <= 0)
-        goto err;
-    /* Use saved AAD */
-    if (CRYPTO_gcm128_aad(&gctx->gcm, ctx->buf, gctx->tls_aad_len))
-        goto err;
-    /* Fix buffer and length to point to payload */
-    in += EVP_GCM_TLS_EXPLICIT_IV_LEN;
-    out += EVP_GCM_TLS_EXPLICIT_IV_LEN;
-    len -= EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN;
-    if (ctx->encrypt) {
-        /* Encrypt payload */
-        if (gctx->ctr) {
-            size_t bulk = 0;
-# if defined(AES_GCM_ASM)
-            if (len >= 32 && AES_GCM_ASM(gctx)) {
-                if (CRYPTO_gcm128_encrypt(&gctx->gcm, NULL, NULL, 0))
-                    return -1;
-
-                bulk = AES_gcm_encrypt(in, out, len,
-                                       gctx->gcm.key,
-                                       gctx->gcm.Yi.c, gctx->gcm.Xi.u);
-                gctx->gcm.len.u[1] += bulk;
-            }
-# endif
-            if (CRYPTO_gcm128_encrypt_ctr32(&gctx->gcm,
-                                            in + bulk,
-                                            out + bulk,
-                                            len - bulk, gctx->ctr))
-                goto err;
-        } else {
-            size_t bulk = 0;
-# if defined(AES_GCM_ASM2)
-            if (len >= 32 && AES_GCM_ASM2(gctx)) {
-                if (CRYPTO_gcm128_encrypt(&gctx->gcm, NULL, NULL, 0))
-                    return -1;
-
-                bulk = AES_gcm_encrypt(in, out, len,
-                                       gctx->gcm.key,
-                                       gctx->gcm.Yi.c, gctx->gcm.Xi.u);
-                gctx->gcm.len.u[1] += bulk;
-            }
-# endif
-            if (CRYPTO_gcm128_encrypt(&gctx->gcm,
-                                      in + bulk, out + bulk, len - bulk))
-                goto err;
-        }
-        out += len;
-        /* Finally write tag */
-        CRYPTO_gcm128_tag(&gctx->gcm, out, EVP_GCM_TLS_TAG_LEN);
-        rv = len + EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN;
-    } else {
-        /* Decrypt */
-        if (gctx->ctr) {
-            size_t bulk = 0;
-# if defined(AES_GCM_ASM)
-            if (len >= 16 && AES_GCM_ASM(gctx)) {
-                if (CRYPTO_gcm128_decrypt(&gctx->gcm, NULL, NULL, 0))
-                    return -1;
-
-                bulk = AES_gcm_decrypt(in, out, len,
-                                       gctx->gcm.key,
-                                       gctx->gcm.Yi.c, gctx->gcm.Xi.u);
-                gctx->gcm.len.u[1] += bulk;
-            }
-# endif
-            if (CRYPTO_gcm128_decrypt_ctr32(&gctx->gcm,
-                                            in + bulk,
-                                            out + bulk,
-                                            len - bulk, gctx->ctr))
-                goto err;
-        } else {
-            size_t bulk = 0;
-# if defined(AES_GCM_ASM2)
-            if (len >= 16 && AES_GCM_ASM2(gctx)) {
-                if (CRYPTO_gcm128_decrypt(&gctx->gcm, NULL, NULL, 0))
-                    return -1;
-
-                bulk = AES_gcm_decrypt(in, out, len,
-                                       gctx->gcm.key,
-                                       gctx->gcm.Yi.c, gctx->gcm.Xi.u);
-                gctx->gcm.len.u[1] += bulk;
-            }
-# endif
-            if (CRYPTO_gcm128_decrypt(&gctx->gcm,
-                                      in + bulk, out + bulk, len - bulk))
-                goto err;
-        }
-        /* Retrieve tag */
-        CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf, EVP_GCM_TLS_TAG_LEN);
-        /* If tag mismatch wipe buffer */
-        if (CRYPTO_memcmp(ctx->buf, in + len, EVP_GCM_TLS_TAG_LEN)) {
-            OPENSSL_cleanse(out, len);
-            goto err;
-        }
-        rv = len;
-    }
-
- err:
-    gctx->iv_set = 0;
-    gctx->tls_aad_len = -1;
-    return rv;
-}
-
-static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                          const unsigned char *in, size_t len)
-{
-    EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
-    /* If not set up, return error */
-    if (!gctx->key_set)
-        return -1;
-
-    if (gctx->tls_aad_len >= 0)
-        return aes_gcm_tls_cipher(ctx, out, in, len);
-
-    if (!gctx->iv_set)
-        return -1;
-    if (in) {
-        if (out == NULL) {
-            if (CRYPTO_gcm128_aad(&gctx->gcm, in, len))
-                return -1;
-        } else if (ctx->encrypt) {
-            if (gctx->ctr) {
-                size_t bulk = 0;
-# if defined(AES_GCM_ASM)
-                if (len >= 32 && AES_GCM_ASM(gctx)) {
-                    size_t res = (16 - gctx->gcm.mres) % 16;
-
-                    if (CRYPTO_gcm128_encrypt(&gctx->gcm, in, out, res))
-                        return -1;
-
-                    bulk = AES_gcm_encrypt(in + res,
-                                           out + res, len - res,
-                                           gctx->gcm.key, gctx->gcm.Yi.c,
-                                           gctx->gcm.Xi.u);
-                    gctx->gcm.len.u[1] += bulk;
-                    bulk += res;
-                }
-# endif
-                if (CRYPTO_gcm128_encrypt_ctr32(&gctx->gcm,
-                                                in + bulk,
-                                                out + bulk,
-                                                len - bulk, gctx->ctr))
-                    return -1;
-            } else {
-                size_t bulk = 0;
-# if defined(AES_GCM_ASM2)
-                if (len >= 32 && AES_GCM_ASM2(gctx)) {
-                    size_t res = (16 - gctx->gcm.mres) % 16;
-
-                    if (CRYPTO_gcm128_encrypt(&gctx->gcm, in, out, res))
-                        return -1;
-
-                    bulk = AES_gcm_encrypt(in + res,
-                                           out + res, len - res,
-                                           gctx->gcm.key, gctx->gcm.Yi.c,
-                                           gctx->gcm.Xi.u);
-                    gctx->gcm.len.u[1] += bulk;
-                    bulk += res;
-                }
-# endif
-                if (CRYPTO_gcm128_encrypt(&gctx->gcm,
-                                          in + bulk, out + bulk, len - bulk))
-                    return -1;
-            }
-        } else {
-            if (gctx->ctr) {
-                size_t bulk = 0;
-# if defined(AES_GCM_ASM)
-                if (len >= 16 && AES_GCM_ASM(gctx)) {
-                    size_t res = (16 - gctx->gcm.mres) % 16;
-
-                    if (CRYPTO_gcm128_decrypt(&gctx->gcm, in, out, res))
-                        return -1;
-
-                    bulk = AES_gcm_decrypt(in + res,
-                                           out + res, len - res,
-                                           gctx->gcm.key,
-                                           gctx->gcm.Yi.c, gctx->gcm.Xi.u);
-                    gctx->gcm.len.u[1] += bulk;
-                    bulk += res;
-                }
-# endif
-                if (CRYPTO_gcm128_decrypt_ctr32(&gctx->gcm,
-                                                in + bulk,
-                                                out + bulk,
-                                                len - bulk, gctx->ctr))
-                    return -1;
-            } else {
-                size_t bulk = 0;
-# if defined(AES_GCM_ASM2)
-                if (len >= 16 && AES_GCM_ASM2(gctx)) {
-                    size_t res = (16 - gctx->gcm.mres) % 16;
-
-                    if (CRYPTO_gcm128_decrypt(&gctx->gcm, in, out, res))
-                        return -1;
-
-                    bulk = AES_gcm_decrypt(in + res,
-                                           out + res, len - res,
-                                           gctx->gcm.key,
-                                           gctx->gcm.Yi.c, gctx->gcm.Xi.u);
-                    gctx->gcm.len.u[1] += bulk;
-                    bulk += res;
-                }
-# endif
-                if (CRYPTO_gcm128_decrypt(&gctx->gcm,
-                                          in + bulk, out + bulk, len - bulk))
-                    return -1;
-            }
-        }
-        return len;
-    } else {
-        if (!ctx->encrypt) {
-            if (gctx->taglen < 0)
-                return -1;
-            if (CRYPTO_gcm128_finish(&gctx->gcm, ctx->buf, gctx->taglen) != 0)
-                return -1;
-            gctx->iv_set = 0;
-            return 0;
-        }
-        CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf, 16);
-        gctx->taglen = 16;
-        /* Don't reuse the IV */
-        gctx->iv_set = 0;
-        return 0;
-    }
-
-}
-
-# define CUSTOM_FLAGS    (EVP_CIPH_FLAG_DEFAULT_ASN1 \
-                | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \
-                | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \
-                | EVP_CIPH_CUSTOM_COPY)
-
-BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, gcm, GCM,
-                    EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER |
-                    CUSTOM_FLAGS)
-    BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, gcm, GCM,
-                    EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER |
-                    CUSTOM_FLAGS)
-    BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, gcm, GCM,
-                    EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER |
-                    CUSTOM_FLAGS)
-
-static int aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
-{
-    EVP_AES_XTS_CTX *xctx = c->cipher_data;
-    if (type == EVP_CTRL_COPY) {
-        EVP_CIPHER_CTX *out = ptr;
-        EVP_AES_XTS_CTX *xctx_out = out->cipher_data;
-        if (xctx->xts.key1) {
-            if (xctx->xts.key1 != &xctx->ks1)
-                return 0;
-            xctx_out->xts.key1 = &xctx_out->ks1;
-        }
-        if (xctx->xts.key2) {
-            if (xctx->xts.key2 != &xctx->ks2)
-                return 0;
-            xctx_out->xts.key2 = &xctx_out->ks2;
-        }
-        return 1;
-    } else if (type != EVP_CTRL_INIT)
-        return -1;
-    /* key1 and key2 are used as an indicator both key and IV are set */
-    xctx->xts.key1 = NULL;
-    xctx->xts.key2 = NULL;
-    return 1;
-}
-
-static int aes_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                            const unsigned char *iv, int enc)
-{
-    EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
-    if (!iv && !key)
-        return 1;
-
-    if (key)
-        do {
-# ifdef AES_XTS_ASM
-            xctx->stream = enc ? AES_xts_encrypt : AES_xts_decrypt;
-# else
-            xctx->stream = NULL;
-# endif
-            /* key_len is two AES keys */
-# ifdef HWAES_CAPABLE
-            if (HWAES_CAPABLE) {
-                if (enc) {
-                    HWAES_set_encrypt_key(key, ctx->key_len * 4,
-                                          &xctx->ks1.ks);
-                    xctx->xts.block1 = (block128_f) HWAES_encrypt;
-                } else {
-                    HWAES_set_decrypt_key(key, ctx->key_len * 4,
-                                          &xctx->ks1.ks);
-                    xctx->xts.block1 = (block128_f) HWAES_decrypt;
-                }
-
-                HWAES_set_encrypt_key(key + ctx->key_len / 2,
-                                      ctx->key_len * 4, &xctx->ks2.ks);
-                xctx->xts.block2 = (block128_f) HWAES_encrypt;
-
-                xctx->xts.key1 = &xctx->ks1;
-                break;
-            } else
-# endif
-# ifdef BSAES_CAPABLE
-            if (BSAES_CAPABLE)
-                xctx->stream = enc ? bsaes_xts_encrypt : bsaes_xts_decrypt;
-            else
-# endif
-# ifdef VPAES_CAPABLE
-            if (VPAES_CAPABLE) {
-                if (enc) {
-                    vpaes_set_encrypt_key(key, ctx->key_len * 4,
-                                          &xctx->ks1.ks);
-                    xctx->xts.block1 = (block128_f) vpaes_encrypt;
-                } else {
-                    vpaes_set_decrypt_key(key, ctx->key_len * 4,
-                                          &xctx->ks1.ks);
-                    xctx->xts.block1 = (block128_f) vpaes_decrypt;
-                }
-
-                vpaes_set_encrypt_key(key + ctx->key_len / 2,
-                                      ctx->key_len * 4, &xctx->ks2.ks);
-                xctx->xts.block2 = (block128_f) vpaes_encrypt;
-
-                xctx->xts.key1 = &xctx->ks1;
-                break;
-            } else
-# endif
-                (void)0;        /* terminate potentially open 'else' */
-
-            if (enc) {
-                AES_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1.ks);
-                xctx->xts.block1 = (block128_f) AES_encrypt;
-            } else {
-                AES_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1.ks);
-                xctx->xts.block1 = (block128_f) AES_decrypt;
-            }
-
-            AES_set_encrypt_key(key + ctx->key_len / 2,
-                                ctx->key_len * 4, &xctx->ks2.ks);
-            xctx->xts.block2 = (block128_f) AES_encrypt;
-
-            xctx->xts.key1 = &xctx->ks1;
-        } while (0);
-
-    if (iv) {
-        xctx->xts.key2 = &xctx->ks2;
-        memcpy(ctx->iv, iv, 16);
-    }
-
-    return 1;
-}
-
-static int aes_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                          const unsigned char *in, size_t len)
-{
-    EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
-    if (!xctx->xts.key1 || !xctx->xts.key2)
-        return 0;
-    if (!out || !in || len < AES_BLOCK_SIZE)
-        return 0;
-    if (xctx->stream)
-        (*xctx->stream) (in, out, len,
-                         xctx->xts.key1, xctx->xts.key2, ctx->iv);
-    else if (CRYPTO_xts128_encrypt(&xctx->xts, ctx->iv, in, out, len,
-                                   ctx->encrypt))
-        return 0;
-    return 1;
-}
-
-# define aes_xts_cleanup NULL
-
-# define XTS_FLAGS       (EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV \
-                         | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \
-                         | EVP_CIPH_CUSTOM_COPY)
-
-BLOCK_CIPHER_custom(NID_aes, 128, 1, 16, xts, XTS,
-                    EVP_CIPH_FLAG_FIPS | XTS_FLAGS)
-    BLOCK_CIPHER_custom(NID_aes, 256, 1, 16, xts, XTS,
-                    EVP_CIPH_FLAG_FIPS | XTS_FLAGS)
-
-static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
-{
-    EVP_AES_CCM_CTX *cctx = c->cipher_data;
-    switch (type) {
-    case EVP_CTRL_INIT:
-        cctx->key_set = 0;
-        cctx->iv_set = 0;
-        cctx->L = 8;
-        cctx->M = 12;
-        cctx->tag_set = 0;
-        cctx->len_set = 0;
-        return 1;
-
-    case EVP_CTRL_CCM_SET_IVLEN:
-        arg = 15 - arg;
-    case EVP_CTRL_CCM_SET_L:
-        if (arg < 2 || arg > 8)
-            return 0;
-        cctx->L = arg;
-        return 1;
-
-    case EVP_CTRL_CCM_SET_TAG:
-        if ((arg & 1) || arg < 4 || arg > 16)
-            return 0;
-        if (c->encrypt && ptr)
-            return 0;
-        if (ptr) {
-            cctx->tag_set = 1;
-            memcpy(c->buf, ptr, arg);
-        }
-        cctx->M = arg;
-        return 1;
-
-    case EVP_CTRL_CCM_GET_TAG:
-        if (!c->encrypt || !cctx->tag_set)
-            return 0;
-        if (!CRYPTO_ccm128_tag(&cctx->ccm, ptr, (size_t)arg))
-            return 0;
-        cctx->tag_set = 0;
-        cctx->iv_set = 0;
-        cctx->len_set = 0;
-        return 1;
-
-    case EVP_CTRL_COPY:
-        {
-            EVP_CIPHER_CTX *out = ptr;
-            EVP_AES_CCM_CTX *cctx_out = out->cipher_data;
-            if (cctx->ccm.key) {
-                if (cctx->ccm.key != &cctx->ks)
-                    return 0;
-                cctx_out->ccm.key = &cctx_out->ks;
-            }
-            return 1;
-        }
-
-    default:
-        return -1;
-
-    }
-}
-
-static int aes_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                            const unsigned char *iv, int enc)
-{
-    EVP_AES_CCM_CTX *cctx = ctx->cipher_data;
-    if (!iv && !key)
-        return 1;
-    if (key)
-        do {
-# ifdef HWAES_CAPABLE
-            if (HWAES_CAPABLE) {
-                HWAES_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks.ks);
-
-                CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
-                                   &cctx->ks, (block128_f) HWAES_encrypt);
-                cctx->str = NULL;
-                cctx->key_set = 1;
-                break;
-            } else
-# endif
-# ifdef VPAES_CAPABLE
-            if (VPAES_CAPABLE) {
-                vpaes_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks.ks);
-                CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
-                                   &cctx->ks, (block128_f) vpaes_encrypt);
-                cctx->str = NULL;
-                cctx->key_set = 1;
-                break;
-            }
-# endif
-            AES_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks.ks);
-            CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
-                               &cctx->ks, (block128_f) AES_encrypt);
-            cctx->str = NULL;
-            cctx->key_set = 1;
-        } while (0);
-    if (iv) {
-        memcpy(ctx->iv, iv, 15 - cctx->L);
-        cctx->iv_set = 1;
-    }
-    return 1;
-}
-
-static int aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                          const unsigned char *in, size_t len)
-{
-    EVP_AES_CCM_CTX *cctx = ctx->cipher_data;
-    CCM128_CONTEXT *ccm = &cctx->ccm;
-    /* If not set up, return error */
-    if (!cctx->iv_set && !cctx->key_set)
-        return -1;
-    if (!ctx->encrypt && !cctx->tag_set)
-        return -1;
-    if (!out) {
-        if (!in) {
-            if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L, len))
-                return -1;
-            cctx->len_set = 1;
-            return len;
-        }
-        /* If have AAD need message length */
-        if (!cctx->len_set && len)
-            return -1;
-        CRYPTO_ccm128_aad(ccm, in, len);
-        return len;
-    }
-    /* EVP_*Final() doesn't return any data */
-    if (!in)
-        return 0;
-    /* If not set length yet do it */
-    if (!cctx->len_set) {
-        if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L, len))
-            return -1;
-        cctx->len_set = 1;
-    }
-    if (ctx->encrypt) {
-        if (cctx->str ? CRYPTO_ccm128_encrypt_ccm64(ccm, in, out, len,
-                                                    cctx->str) :
-            CRYPTO_ccm128_encrypt(ccm, in, out, len))
-            return -1;
-        cctx->tag_set = 1;
-        return len;
-    } else {
-        int rv = -1;
-        if (cctx->str ? !CRYPTO_ccm128_decrypt_ccm64(ccm, in, out, len,
-                                                     cctx->str) :
-            !CRYPTO_ccm128_decrypt(ccm, in, out, len)) {
-            unsigned char tag[16];
-            if (CRYPTO_ccm128_tag(ccm, tag, cctx->M)) {
-                if (!CRYPTO_memcmp(tag, ctx->buf, cctx->M))
-                    rv = len;
-            }
-        }
-        if (rv == -1)
-            OPENSSL_cleanse(out, len);
-        cctx->iv_set = 0;
-        cctx->tag_set = 0;
-        cctx->len_set = 0;
-        return rv;
-    }
-
-}
-
-# define aes_ccm_cleanup NULL
-
-BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, ccm, CCM,
-                    EVP_CIPH_FLAG_FIPS | CUSTOM_FLAGS)
-    BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, ccm, CCM,
-                    EVP_CIPH_FLAG_FIPS | CUSTOM_FLAGS)
-    BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, ccm, CCM,
-                    EVP_CIPH_FLAG_FIPS | CUSTOM_FLAGS)
-#endif
-typedef struct {
-    union {
-        double align;
-        AES_KEY ks;
-    } ks;
-    /* Indicates if IV has been set */
-    unsigned char *iv;
-} EVP_AES_WRAP_CTX;
-
-static int aes_wrap_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                             const unsigned char *iv, int enc)
-{
-    EVP_AES_WRAP_CTX *wctx = ctx->cipher_data;
-    if (!iv && !key)
-        return 1;
-    if (key) {
-        if (ctx->encrypt)
-            AES_set_encrypt_key(key, ctx->key_len * 8, &wctx->ks.ks);
-        else
-            AES_set_decrypt_key(key, ctx->key_len * 8, &wctx->ks.ks);
-        if (!iv)
-            wctx->iv = NULL;
-    }
-    if (iv) {
-        memcpy(ctx->iv, iv, 8);
-        wctx->iv = ctx->iv;
-    }
-    return 1;
-}
-
-static int aes_wrap_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                           const unsigned char *in, size_t inlen)
-{
-    EVP_AES_WRAP_CTX *wctx = ctx->cipher_data;
-    size_t rv;
-    if (!in)
-        return 0;
-    if (inlen % 8)
-        return -1;
-    if (ctx->encrypt && inlen < 8)
-        return -1;
-    if (!ctx->encrypt && inlen < 16)
-        return -1;
-    if (!out) {
-        if (ctx->encrypt)
-            return inlen + 8;
-        else
-            return inlen - 8;
-    }
-    if (ctx->encrypt)
-        rv = CRYPTO_128_wrap(&wctx->ks.ks, wctx->iv, out, in, inlen,
-                             (block128_f) AES_encrypt);
-    else
-        rv = CRYPTO_128_unwrap(&wctx->ks.ks, wctx->iv, out, in, inlen,
-                               (block128_f) AES_decrypt);
-    return rv ? (int)rv : -1;
-}
-
-#define WRAP_FLAGS      (EVP_CIPH_WRAP_MODE \
-                | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \
-                | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_FLAG_DEFAULT_ASN1)
-
-static const EVP_CIPHER aes_128_wrap = {
-    NID_id_aes128_wrap,
-    8, 16, 8, WRAP_FLAGS,
-    aes_wrap_init_key, aes_wrap_cipher,
-    NULL,
-    sizeof(EVP_AES_WRAP_CTX),
-    NULL, NULL, NULL, NULL
-};
-
-const EVP_CIPHER *EVP_aes_128_wrap(void)
-{
-    return &aes_128_wrap;
-}
-
-static const EVP_CIPHER aes_192_wrap = {
-    NID_id_aes192_wrap,
-    8, 24, 8, WRAP_FLAGS,
-    aes_wrap_init_key, aes_wrap_cipher,
-    NULL,
-    sizeof(EVP_AES_WRAP_CTX),
-    NULL, NULL, NULL, NULL
-};
-
-const EVP_CIPHER *EVP_aes_192_wrap(void)
-{
-    return &aes_192_wrap;
-}
-
-static const EVP_CIPHER aes_256_wrap = {
-    NID_id_aes256_wrap,
-    8, 32, 8, WRAP_FLAGS,
-    aes_wrap_init_key, aes_wrap_cipher,
-    NULL,
-    sizeof(EVP_AES_WRAP_CTX),
-    NULL, NULL, NULL, NULL
-};
-
-const EVP_CIPHER *EVP_aes_256_wrap(void)
-{
-    return &aes_256_wrap;
-}
diff --git a/thirdparty/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c b/thirdparty/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c
deleted file mode 100644
index d114710e98..0000000000
--- a/thirdparty/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c
+++ /dev/null
@@ -1,1010 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2011-2013 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/opensslconf.h>
-
-#include <stdio.h>
-#include <string.h>
-
-#if !defined(OPENSSL_NO_AES) && !defined(OPENSSL_NO_SHA1)
-
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include <openssl/aes.h>
-# include <openssl/sha.h>
-# include <openssl/rand.h>
-# include "modes_lcl.h"
-# include "constant_time_locl.h"
-
-# ifndef EVP_CIPH_FLAG_AEAD_CIPHER
-#  define EVP_CIPH_FLAG_AEAD_CIPHER       0x200000
-#  define EVP_CTRL_AEAD_TLS1_AAD          0x16
-#  define EVP_CTRL_AEAD_SET_MAC_KEY       0x17
-# endif
-
-# if !defined(EVP_CIPH_FLAG_DEFAULT_ASN1)
-#  define EVP_CIPH_FLAG_DEFAULT_ASN1 0
-# endif
-
-# if !defined(EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)
-#  define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0
-# endif
-
-# define TLS1_1_VERSION 0x0302
-
-typedef struct {
-    AES_KEY ks;
-    SHA_CTX head, tail, md;
-    size_t payload_length;      /* AAD length in decrypt case */
-    union {
-        unsigned int tls_ver;
-        unsigned char tls_aad[16]; /* 13 used */
-    } aux;
-} EVP_AES_HMAC_SHA1;
-
-# define NO_PAYLOAD_LENGTH       ((size_t)-1)
-
-# if     defined(AES_ASM) &&     ( \
-        defined(__x86_64)       || defined(__x86_64__)  || \
-        defined(_M_AMD64)       || defined(_M_X64)      || \
-        defined(__INTEL__)      )
-
-extern unsigned int OPENSSL_ia32cap_P[];
-#  define AESNI_CAPABLE   (1<<(57-32))
-
-int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
-                          AES_KEY *key);
-int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
-                          AES_KEY *key);
-
-void aesni_cbc_encrypt(const unsigned char *in,
-                       unsigned char *out,
-                       size_t length,
-                       const AES_KEY *key, unsigned char *ivec, int enc);
-
-void aesni_cbc_sha1_enc(const void *inp, void *out, size_t blocks,
-                        const AES_KEY *key, unsigned char iv[16],
-                        SHA_CTX *ctx, const void *in0);
-
-void aesni256_cbc_sha1_dec(const void *inp, void *out, size_t blocks,
-                           const AES_KEY *key, unsigned char iv[16],
-                           SHA_CTX *ctx, const void *in0);
-
-#  define data(ctx) ((EVP_AES_HMAC_SHA1 *)(ctx)->cipher_data)
-
-static int aesni_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx,
-                                        const unsigned char *inkey,
-                                        const unsigned char *iv, int enc)
-{
-    EVP_AES_HMAC_SHA1 *key = data(ctx);
-    int ret;
-
-    if (enc)
-        ret = aesni_set_encrypt_key(inkey, ctx->key_len * 8, &key->ks);
-    else
-        ret = aesni_set_decrypt_key(inkey, ctx->key_len * 8, &key->ks);
-
-    SHA1_Init(&key->head);      /* handy when benchmarking */
-    key->tail = key->head;
-    key->md = key->head;
-
-    key->payload_length = NO_PAYLOAD_LENGTH;
-
-    return ret < 0 ? 0 : 1;
-}
-
-#  define STITCHED_CALL
-#  undef  STITCHED_DECRYPT_CALL
-
-#  if !defined(STITCHED_CALL)
-#   define aes_off 0
-#  endif
-
-void sha1_block_data_order(void *c, const void *p, size_t len);
-
-static void sha1_update(SHA_CTX *c, const void *data, size_t len)
-{
-    const unsigned char *ptr = data;
-    size_t res;
-
-    if ((res = c->num)) {
-        res = SHA_CBLOCK - res;
-        if (len < res)
-            res = len;
-        SHA1_Update(c, ptr, res);
-        ptr += res;
-        len -= res;
-    }
-
-    res = len % SHA_CBLOCK;
-    len -= res;
-
-    if (len) {
-        sha1_block_data_order(c, ptr, len / SHA_CBLOCK);
-
-        ptr += len;
-        c->Nh += len >> 29;
-        c->Nl += len <<= 3;
-        if (c->Nl < (unsigned int)len)
-            c->Nh++;
-    }
-
-    if (res)
-        SHA1_Update(c, ptr, res);
-}
-
-#  ifdef SHA1_Update
-#   undef SHA1_Update
-#  endif
-#  define SHA1_Update sha1_update
-
-#  if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
-
-typedef struct {
-    unsigned int A[8], B[8], C[8], D[8], E[8];
-} SHA1_MB_CTX;
-typedef struct {
-    const unsigned char *ptr;
-    int blocks;
-} HASH_DESC;
-
-void sha1_multi_block(SHA1_MB_CTX *, const HASH_DESC *, int);
-
-typedef struct {
-    const unsigned char *inp;
-    unsigned char *out;
-    int blocks;
-    u64 iv[2];
-} CIPH_DESC;
-
-void aesni_multi_cbc_encrypt(CIPH_DESC *, void *, int);
-
-static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA1 *key,
-                                         unsigned char *out,
-                                         const unsigned char *inp,
-                                         size_t inp_len, int n4x)
-{                               /* n4x is 1 or 2 */
-    HASH_DESC hash_d[8], edges[8];
-    CIPH_DESC ciph_d[8];
-    unsigned char storage[sizeof(SHA1_MB_CTX) + 32];
-    union {
-        u64 q[16];
-        u32 d[32];
-        u8 c[128];
-    } blocks[8];
-    SHA1_MB_CTX *ctx;
-    unsigned int frag, last, packlen, i, x4 = 4 * n4x, minblocks, processed =
-        0;
-    size_t ret = 0;
-    u8 *IVs;
-#   if defined(BSWAP8)
-    u64 seqnum;
-#   endif
-
-    /* ask for IVs in bulk */
-    if (RAND_bytes((IVs = blocks[0].c), 16 * x4) <= 0)
-        return 0;
-
-    ctx = (SHA1_MB_CTX *) (storage + 32 - ((size_t)storage % 32)); /* align */
-
-    frag = (unsigned int)inp_len >> (1 + n4x);
-    last = (unsigned int)inp_len + frag - (frag << (1 + n4x));
-    if (last > frag && ((last + 13 + 9) % 64) < (x4 - 1)) {
-        frag++;
-        last -= x4 - 1;
-    }
-
-    packlen = 5 + 16 + ((frag + 20 + 16) & -16);
-
-    /* populate descriptors with pointers and IVs */
-    hash_d[0].ptr = inp;
-    ciph_d[0].inp = inp;
-    /* 5+16 is place for header and explicit IV */
-    ciph_d[0].out = out + 5 + 16;
-    memcpy(ciph_d[0].out - 16, IVs, 16);
-    memcpy(ciph_d[0].iv, IVs, 16);
-    IVs += 16;
-
-    for (i = 1; i < x4; i++) {
-        ciph_d[i].inp = hash_d[i].ptr = hash_d[i - 1].ptr + frag;
-        ciph_d[i].out = ciph_d[i - 1].out + packlen;
-        memcpy(ciph_d[i].out - 16, IVs, 16);
-        memcpy(ciph_d[i].iv, IVs, 16);
-        IVs += 16;
-    }
-
-#   if defined(BSWAP8)
-    memcpy(blocks[0].c, key->md.data, 8);
-    seqnum = BSWAP8(blocks[0].q[0]);
-#   endif
-    for (i = 0; i < x4; i++) {
-        unsigned int len = (i == (x4 - 1) ? last : frag);
-#   if !defined(BSWAP8)
-        unsigned int carry, j;
-#   endif
-
-        ctx->A[i] = key->md.h0;
-        ctx->B[i] = key->md.h1;
-        ctx->C[i] = key->md.h2;
-        ctx->D[i] = key->md.h3;
-        ctx->E[i] = key->md.h4;
-
-        /* fix seqnum */
-#   if defined(BSWAP8)
-        blocks[i].q[0] = BSWAP8(seqnum + i);
-#   else
-        for (carry = i, j = 8; j--;) {
-            blocks[i].c[j] = ((u8 *)key->md.data)[j] + carry;
-            carry = (blocks[i].c[j] - carry) >> (sizeof(carry) * 8 - 1);
-        }
-#   endif
-        blocks[i].c[8] = ((u8 *)key->md.data)[8];
-        blocks[i].c[9] = ((u8 *)key->md.data)[9];
-        blocks[i].c[10] = ((u8 *)key->md.data)[10];
-        /* fix length */
-        blocks[i].c[11] = (u8)(len >> 8);
-        blocks[i].c[12] = (u8)(len);
-
-        memcpy(blocks[i].c + 13, hash_d[i].ptr, 64 - 13);
-        hash_d[i].ptr += 64 - 13;
-        hash_d[i].blocks = (len - (64 - 13)) / 64;
-
-        edges[i].ptr = blocks[i].c;
-        edges[i].blocks = 1;
-    }
-
-    /* hash 13-byte headers and first 64-13 bytes of inputs */
-    sha1_multi_block(ctx, edges, n4x);
-    /* hash bulk inputs */
-#   define MAXCHUNKSIZE    2048
-#   if     MAXCHUNKSIZE%64
-#    error  "MAXCHUNKSIZE is not divisible by 64"
-#   elif   MAXCHUNKSIZE
-    /*
-     * goal is to minimize pressure on L1 cache by moving in shorter steps,
-     * so that hashed data is still in the cache by the time we encrypt it
-     */
-    minblocks = ((frag <= last ? frag : last) - (64 - 13)) / 64;
-    if (minblocks > MAXCHUNKSIZE / 64) {
-        for (i = 0; i < x4; i++) {
-            edges[i].ptr = hash_d[i].ptr;
-            edges[i].blocks = MAXCHUNKSIZE / 64;
-            ciph_d[i].blocks = MAXCHUNKSIZE / 16;
-        }
-        do {
-            sha1_multi_block(ctx, edges, n4x);
-            aesni_multi_cbc_encrypt(ciph_d, &key->ks, n4x);
-
-            for (i = 0; i < x4; i++) {
-                edges[i].ptr = hash_d[i].ptr += MAXCHUNKSIZE;
-                hash_d[i].blocks -= MAXCHUNKSIZE / 64;
-                edges[i].blocks = MAXCHUNKSIZE / 64;
-                ciph_d[i].inp += MAXCHUNKSIZE;
-                ciph_d[i].out += MAXCHUNKSIZE;
-                ciph_d[i].blocks = MAXCHUNKSIZE / 16;
-                memcpy(ciph_d[i].iv, ciph_d[i].out - 16, 16);
-            }
-            processed += MAXCHUNKSIZE;
-            minblocks -= MAXCHUNKSIZE / 64;
-        } while (minblocks > MAXCHUNKSIZE / 64);
-    }
-#   endif
-#   undef  MAXCHUNKSIZE
-    sha1_multi_block(ctx, hash_d, n4x);
-
-    memset(blocks, 0, sizeof(blocks));
-    for (i = 0; i < x4; i++) {
-        unsigned int len = (i == (x4 - 1) ? last : frag),
-            off = hash_d[i].blocks * 64;
-        const unsigned char *ptr = hash_d[i].ptr + off;
-
-        off = (len - processed) - (64 - 13) - off; /* remainder actually */
-        memcpy(blocks[i].c, ptr, off);
-        blocks[i].c[off] = 0x80;
-        len += 64 + 13;         /* 64 is HMAC header */
-        len *= 8;               /* convert to bits */
-        if (off < (64 - 8)) {
-#   ifdef BSWAP4
-            blocks[i].d[15] = BSWAP4(len);
-#   else
-            PUTU32(blocks[i].c + 60, len);
-#   endif
-            edges[i].blocks = 1;
-        } else {
-#   ifdef BSWAP4
-            blocks[i].d[31] = BSWAP4(len);
-#   else
-            PUTU32(blocks[i].c + 124, len);
-#   endif
-            edges[i].blocks = 2;
-        }
-        edges[i].ptr = blocks[i].c;
-    }
-
-    /* hash input tails and finalize */
-    sha1_multi_block(ctx, edges, n4x);
-
-    memset(blocks, 0, sizeof(blocks));
-    for (i = 0; i < x4; i++) {
-#   ifdef BSWAP4
-        blocks[i].d[0] = BSWAP4(ctx->A[i]);
-        ctx->A[i] = key->tail.h0;
-        blocks[i].d[1] = BSWAP4(ctx->B[i]);
-        ctx->B[i] = key->tail.h1;
-        blocks[i].d[2] = BSWAP4(ctx->C[i]);
-        ctx->C[i] = key->tail.h2;
-        blocks[i].d[3] = BSWAP4(ctx->D[i]);
-        ctx->D[i] = key->tail.h3;
-        blocks[i].d[4] = BSWAP4(ctx->E[i]);
-        ctx->E[i] = key->tail.h4;
-        blocks[i].c[20] = 0x80;
-        blocks[i].d[15] = BSWAP4((64 + 20) * 8);
-#   else
-        PUTU32(blocks[i].c + 0, ctx->A[i]);
-        ctx->A[i] = key->tail.h0;
-        PUTU32(blocks[i].c + 4, ctx->B[i]);
-        ctx->B[i] = key->tail.h1;
-        PUTU32(blocks[i].c + 8, ctx->C[i]);
-        ctx->C[i] = key->tail.h2;
-        PUTU32(blocks[i].c + 12, ctx->D[i]);
-        ctx->D[i] = key->tail.h3;
-        PUTU32(blocks[i].c + 16, ctx->E[i]);
-        ctx->E[i] = key->tail.h4;
-        blocks[i].c[20] = 0x80;
-        PUTU32(blocks[i].c + 60, (64 + 20) * 8);
-#   endif
-        edges[i].ptr = blocks[i].c;
-        edges[i].blocks = 1;
-    }
-
-    /* finalize MACs */
-    sha1_multi_block(ctx, edges, n4x);
-
-    for (i = 0; i < x4; i++) {
-        unsigned int len = (i == (x4 - 1) ? last : frag), pad, j;
-        unsigned char *out0 = out;
-
-        memcpy(ciph_d[i].out, ciph_d[i].inp, len - processed);
-        ciph_d[i].inp = ciph_d[i].out;
-
-        out += 5 + 16 + len;
-
-        /* write MAC */
-        PUTU32(out + 0, ctx->A[i]);
-        PUTU32(out + 4, ctx->B[i]);
-        PUTU32(out + 8, ctx->C[i]);
-        PUTU32(out + 12, ctx->D[i]);
-        PUTU32(out + 16, ctx->E[i]);
-        out += 20;
-        len += 20;
-
-        /* pad */
-        pad = 15 - len % 16;
-        for (j = 0; j <= pad; j++)
-            *(out++) = pad;
-        len += pad + 1;
-
-        ciph_d[i].blocks = (len - processed) / 16;
-        len += 16;              /* account for explicit iv */
-
-        /* arrange header */
-        out0[0] = ((u8 *)key->md.data)[8];
-        out0[1] = ((u8 *)key->md.data)[9];
-        out0[2] = ((u8 *)key->md.data)[10];
-        out0[3] = (u8)(len >> 8);
-        out0[4] = (u8)(len);
-
-        ret += len + 5;
-        inp += frag;
-    }
-
-    aesni_multi_cbc_encrypt(ciph_d, &key->ks, n4x);
-
-    OPENSSL_cleanse(blocks, sizeof(blocks));
-    OPENSSL_cleanse(ctx, sizeof(*ctx));
-
-    return ret;
-}
-#  endif
-
-static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                                      const unsigned char *in, size_t len)
-{
-    EVP_AES_HMAC_SHA1 *key = data(ctx);
-    unsigned int l;
-    size_t plen = key->payload_length, iv = 0, /* explicit IV in TLS 1.1 and
-                                                * later */
-        sha_off = 0;
-#  if defined(STITCHED_CALL)
-    size_t aes_off = 0, blocks;
-
-    sha_off = SHA_CBLOCK - key->md.num;
-#  endif
-
-    key->payload_length = NO_PAYLOAD_LENGTH;
-
-    if (len % AES_BLOCK_SIZE)
-        return 0;
-
-    if (ctx->encrypt) {
-        if (plen == NO_PAYLOAD_LENGTH)
-            plen = len;
-        else if (len !=
-                 ((plen + SHA_DIGEST_LENGTH +
-                   AES_BLOCK_SIZE) & -AES_BLOCK_SIZE))
-            return 0;
-        else if (key->aux.tls_ver >= TLS1_1_VERSION)
-            iv = AES_BLOCK_SIZE;
-
-#  if defined(STITCHED_CALL)
-        if (plen > (sha_off + iv)
-            && (blocks = (plen - (sha_off + iv)) / SHA_CBLOCK)) {
-            SHA1_Update(&key->md, in + iv, sha_off);
-
-            aesni_cbc_sha1_enc(in, out, blocks, &key->ks,
-                               ctx->iv, &key->md, in + iv + sha_off);
-            blocks *= SHA_CBLOCK;
-            aes_off += blocks;
-            sha_off += blocks;
-            key->md.Nh += blocks >> 29;
-            key->md.Nl += blocks <<= 3;
-            if (key->md.Nl < (unsigned int)blocks)
-                key->md.Nh++;
-        } else {
-            sha_off = 0;
-        }
-#  endif
-        sha_off += iv;
-        SHA1_Update(&key->md, in + sha_off, plen - sha_off);
-
-        if (plen != len) {      /* "TLS" mode of operation */
-            if (in != out)
-                memcpy(out + aes_off, in + aes_off, plen - aes_off);
-
-            /* calculate HMAC and append it to payload */
-            SHA1_Final(out + plen, &key->md);
-            key->md = key->tail;
-            SHA1_Update(&key->md, out + plen, SHA_DIGEST_LENGTH);
-            SHA1_Final(out + plen, &key->md);
-
-            /* pad the payload|hmac */
-            plen += SHA_DIGEST_LENGTH;
-            for (l = len - plen - 1; plen < len; plen++)
-                out[plen] = l;
-            /* encrypt HMAC|padding at once */
-            aesni_cbc_encrypt(out + aes_off, out + aes_off, len - aes_off,
-                              &key->ks, ctx->iv, 1);
-        } else {
-            aesni_cbc_encrypt(in + aes_off, out + aes_off, len - aes_off,
-                              &key->ks, ctx->iv, 1);
-        }
-    } else {
-        union {
-            unsigned int u[SHA_DIGEST_LENGTH / sizeof(unsigned int)];
-            unsigned char c[32 + SHA_DIGEST_LENGTH];
-        } mac, *pmac;
-
-        /* arrange cache line alignment */
-        pmac = (void *)(((size_t)mac.c + 31) & ((size_t)0 - 32));
-
-        if (plen != NO_PAYLOAD_LENGTH) { /* "TLS" mode of operation */
-            size_t inp_len, mask, j, i;
-            unsigned int res, maxpad, pad, bitlen;
-            int ret = 1;
-            union {
-                unsigned int u[SHA_LBLOCK];
-                unsigned char c[SHA_CBLOCK];
-            } *data = (void *)key->md.data;
-#  if defined(STITCHED_DECRYPT_CALL)
-            unsigned char tail_iv[AES_BLOCK_SIZE];
-            int stitch = 0;
-#  endif
-
-            if ((key->aux.tls_aad[plen - 4] << 8 | key->aux.tls_aad[plen - 3])
-                >= TLS1_1_VERSION) {
-                if (len < (AES_BLOCK_SIZE + SHA_DIGEST_LENGTH + 1))
-                    return 0;
-
-                /* omit explicit iv */
-                memcpy(ctx->iv, in, AES_BLOCK_SIZE);
-                in += AES_BLOCK_SIZE;
-                out += AES_BLOCK_SIZE;
-                len -= AES_BLOCK_SIZE;
-            } else if (len < (SHA_DIGEST_LENGTH + 1))
-                return 0;
-
-#  if defined(STITCHED_DECRYPT_CALL)
-            if (len >= 1024 && ctx->key_len == 32) {
-                /* decrypt last block */
-                memcpy(tail_iv, in + len - 2 * AES_BLOCK_SIZE,
-                       AES_BLOCK_SIZE);
-                aesni_cbc_encrypt(in + len - AES_BLOCK_SIZE,
-                                  out + len - AES_BLOCK_SIZE, AES_BLOCK_SIZE,
-                                  &key->ks, tail_iv, 0);
-                stitch = 1;
-            } else
-#  endif
-                /* decrypt HMAC|padding at once */
-                aesni_cbc_encrypt(in, out, len, &key->ks, ctx->iv, 0);
-
-            /* figure out payload length */
-            pad = out[len - 1];
-            maxpad = len - (SHA_DIGEST_LENGTH + 1);
-            maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8);
-            maxpad &= 255;
-
-            ret &= constant_time_ge(maxpad, pad);
-
-            inp_len = len - (SHA_DIGEST_LENGTH + pad + 1);
-            mask = (0 - ((inp_len - len) >> (sizeof(inp_len) * 8 - 1)));
-            inp_len &= mask;
-            ret &= (int)mask;
-
-            key->aux.tls_aad[plen - 2] = inp_len >> 8;
-            key->aux.tls_aad[plen - 1] = inp_len;
-
-            /* calculate HMAC */
-            key->md = key->head;
-            SHA1_Update(&key->md, key->aux.tls_aad, plen);
-
-#  if defined(STITCHED_DECRYPT_CALL)
-            if (stitch) {
-                blocks = (len - (256 + 32 + SHA_CBLOCK)) / SHA_CBLOCK;
-                aes_off = len - AES_BLOCK_SIZE - blocks * SHA_CBLOCK;
-                sha_off = SHA_CBLOCK - plen;
-
-                aesni_cbc_encrypt(in, out, aes_off, &key->ks, ctx->iv, 0);
-
-                SHA1_Update(&key->md, out, sha_off);
-                aesni256_cbc_sha1_dec(in + aes_off,
-                                      out + aes_off, blocks, &key->ks,
-                                      ctx->iv, &key->md, out + sha_off);
-
-                sha_off += blocks *= SHA_CBLOCK;
-                out += sha_off;
-                len -= sha_off;
-                inp_len -= sha_off;
-
-                key->md.Nl += (blocks << 3); /* at most 18 bits */
-                memcpy(ctx->iv, tail_iv, AES_BLOCK_SIZE);
-            }
-#  endif
-
-#  if 1
-            len -= SHA_DIGEST_LENGTH; /* amend mac */
-            if (len >= (256 + SHA_CBLOCK)) {
-                j = (len - (256 + SHA_CBLOCK)) & (0 - SHA_CBLOCK);
-                j += SHA_CBLOCK - key->md.num;
-                SHA1_Update(&key->md, out, j);
-                out += j;
-                len -= j;
-                inp_len -= j;
-            }
-
-            /* but pretend as if we hashed padded payload */
-            bitlen = key->md.Nl + (inp_len << 3); /* at most 18 bits */
-#   ifdef BSWAP4
-            bitlen = BSWAP4(bitlen);
-#   else
-            mac.c[0] = 0;
-            mac.c[1] = (unsigned char)(bitlen >> 16);
-            mac.c[2] = (unsigned char)(bitlen >> 8);
-            mac.c[3] = (unsigned char)bitlen;
-            bitlen = mac.u[0];
-#   endif
-
-            pmac->u[0] = 0;
-            pmac->u[1] = 0;
-            pmac->u[2] = 0;
-            pmac->u[3] = 0;
-            pmac->u[4] = 0;
-
-            for (res = key->md.num, j = 0; j < len; j++) {
-                size_t c = out[j];
-                mask = (j - inp_len) >> (sizeof(j) * 8 - 8);
-                c &= mask;
-                c |= 0x80 & ~mask & ~((inp_len - j) >> (sizeof(j) * 8 - 8));
-                data->c[res++] = (unsigned char)c;
-
-                if (res != SHA_CBLOCK)
-                    continue;
-
-                /* j is not incremented yet */
-                mask = 0 - ((inp_len + 7 - j) >> (sizeof(j) * 8 - 1));
-                data->u[SHA_LBLOCK - 1] |= bitlen & mask;
-                sha1_block_data_order(&key->md, data, 1);
-                mask &= 0 - ((j - inp_len - 72) >> (sizeof(j) * 8 - 1));
-                pmac->u[0] |= key->md.h0 & mask;
-                pmac->u[1] |= key->md.h1 & mask;
-                pmac->u[2] |= key->md.h2 & mask;
-                pmac->u[3] |= key->md.h3 & mask;
-                pmac->u[4] |= key->md.h4 & mask;
-                res = 0;
-            }
-
-            for (i = res; i < SHA_CBLOCK; i++, j++)
-                data->c[i] = 0;
-
-            if (res > SHA_CBLOCK - 8) {
-                mask = 0 - ((inp_len + 8 - j) >> (sizeof(j) * 8 - 1));
-                data->u[SHA_LBLOCK - 1] |= bitlen & mask;
-                sha1_block_data_order(&key->md, data, 1);
-                mask &= 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1));
-                pmac->u[0] |= key->md.h0 & mask;
-                pmac->u[1] |= key->md.h1 & mask;
-                pmac->u[2] |= key->md.h2 & mask;
-                pmac->u[3] |= key->md.h3 & mask;
-                pmac->u[4] |= key->md.h4 & mask;
-
-                memset(data, 0, SHA_CBLOCK);
-                j += 64;
-            }
-            data->u[SHA_LBLOCK - 1] = bitlen;
-            sha1_block_data_order(&key->md, data, 1);
-            mask = 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1));
-            pmac->u[0] |= key->md.h0 & mask;
-            pmac->u[1] |= key->md.h1 & mask;
-            pmac->u[2] |= key->md.h2 & mask;
-            pmac->u[3] |= key->md.h3 & mask;
-            pmac->u[4] |= key->md.h4 & mask;
-
-#   ifdef BSWAP4
-            pmac->u[0] = BSWAP4(pmac->u[0]);
-            pmac->u[1] = BSWAP4(pmac->u[1]);
-            pmac->u[2] = BSWAP4(pmac->u[2]);
-            pmac->u[3] = BSWAP4(pmac->u[3]);
-            pmac->u[4] = BSWAP4(pmac->u[4]);
-#   else
-            for (i = 0; i < 5; i++) {
-                res = pmac->u[i];
-                pmac->c[4 * i + 0] = (unsigned char)(res >> 24);
-                pmac->c[4 * i + 1] = (unsigned char)(res >> 16);
-                pmac->c[4 * i + 2] = (unsigned char)(res >> 8);
-                pmac->c[4 * i + 3] = (unsigned char)res;
-            }
-#   endif
-            len += SHA_DIGEST_LENGTH;
-#  else
-            SHA1_Update(&key->md, out, inp_len);
-            res = key->md.num;
-            SHA1_Final(pmac->c, &key->md);
-
-            {
-                unsigned int inp_blocks, pad_blocks;
-
-                /* but pretend as if we hashed padded payload */
-                inp_blocks =
-                    1 + ((SHA_CBLOCK - 9 - res) >> (sizeof(res) * 8 - 1));
-                res += (unsigned int)(len - inp_len);
-                pad_blocks = res / SHA_CBLOCK;
-                res %= SHA_CBLOCK;
-                pad_blocks +=
-                    1 + ((SHA_CBLOCK - 9 - res) >> (sizeof(res) * 8 - 1));
-                for (; inp_blocks < pad_blocks; inp_blocks++)
-                    sha1_block_data_order(&key->md, data, 1);
-            }
-#  endif
-            key->md = key->tail;
-            SHA1_Update(&key->md, pmac->c, SHA_DIGEST_LENGTH);
-            SHA1_Final(pmac->c, &key->md);
-
-            /* verify HMAC */
-            out += inp_len;
-            len -= inp_len;
-#  if 1
-            {
-                unsigned char *p = out + len - 1 - maxpad - SHA_DIGEST_LENGTH;
-                size_t off = out - p;
-                unsigned int c, cmask;
-
-                maxpad += SHA_DIGEST_LENGTH;
-                for (res = 0, i = 0, j = 0; j < maxpad; j++) {
-                    c = p[j];
-                    cmask =
-                        ((int)(j - off - SHA_DIGEST_LENGTH)) >> (sizeof(int) *
-                                                                 8 - 1);
-                    res |= (c ^ pad) & ~cmask; /* ... and padding */
-                    cmask &= ((int)(off - 1 - j)) >> (sizeof(int) * 8 - 1);
-                    res |= (c ^ pmac->c[i]) & cmask;
-                    i += 1 & cmask;
-                }
-                maxpad -= SHA_DIGEST_LENGTH;
-
-                res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
-                ret &= (int)~res;
-            }
-#  else
-            for (res = 0, i = 0; i < SHA_DIGEST_LENGTH; i++)
-                res |= out[i] ^ pmac->c[i];
-            res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
-            ret &= (int)~res;
-
-            /* verify padding */
-            pad = (pad & ~res) | (maxpad & res);
-            out = out + len - 1 - pad;
-            for (res = 0, i = 0; i < pad; i++)
-                res |= out[i] ^ pad;
-
-            res = (0 - res) >> (sizeof(res) * 8 - 1);
-            ret &= (int)~res;
-#  endif
-            return ret;
-        } else {
-#  if defined(STITCHED_DECRYPT_CALL)
-            if (len >= 1024 && ctx->key_len == 32) {
-                if (sha_off %= SHA_CBLOCK)
-                    blocks = (len - 3 * SHA_CBLOCK) / SHA_CBLOCK;
-                else
-                    blocks = (len - 2 * SHA_CBLOCK) / SHA_CBLOCK;
-                aes_off = len - blocks * SHA_CBLOCK;
-
-                aesni_cbc_encrypt(in, out, aes_off, &key->ks, ctx->iv, 0);
-                SHA1_Update(&key->md, out, sha_off);
-                aesni256_cbc_sha1_dec(in + aes_off,
-                                      out + aes_off, blocks, &key->ks,
-                                      ctx->iv, &key->md, out + sha_off);
-
-                sha_off += blocks *= SHA_CBLOCK;
-                out += sha_off;
-                len -= sha_off;
-
-                key->md.Nh += blocks >> 29;
-                key->md.Nl += blocks <<= 3;
-                if (key->md.Nl < (unsigned int)blocks)
-                    key->md.Nh++;
-            } else
-#  endif
-                /* decrypt HMAC|padding at once */
-                aesni_cbc_encrypt(in, out, len, &key->ks, ctx->iv, 0);
-
-            SHA1_Update(&key->md, out, len);
-        }
-    }
-
-    return 1;
-}
-
-static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
-                                    void *ptr)
-{
-    EVP_AES_HMAC_SHA1 *key = data(ctx);
-
-    switch (type) {
-    case EVP_CTRL_AEAD_SET_MAC_KEY:
-        {
-            unsigned int i;
-            unsigned char hmac_key[64];
-
-            memset(hmac_key, 0, sizeof(hmac_key));
-
-            if (arg > (int)sizeof(hmac_key)) {
-                SHA1_Init(&key->head);
-                SHA1_Update(&key->head, ptr, arg);
-                SHA1_Final(hmac_key, &key->head);
-            } else {
-                memcpy(hmac_key, ptr, arg);
-            }
-
-            for (i = 0; i < sizeof(hmac_key); i++)
-                hmac_key[i] ^= 0x36; /* ipad */
-            SHA1_Init(&key->head);
-            SHA1_Update(&key->head, hmac_key, sizeof(hmac_key));
-
-            for (i = 0; i < sizeof(hmac_key); i++)
-                hmac_key[i] ^= 0x36 ^ 0x5c; /* opad */
-            SHA1_Init(&key->tail);
-            SHA1_Update(&key->tail, hmac_key, sizeof(hmac_key));
-
-            OPENSSL_cleanse(hmac_key, sizeof(hmac_key));
-
-            return 1;
-        }
-    case EVP_CTRL_AEAD_TLS1_AAD:
-        {
-            unsigned char *p = ptr;
-            unsigned int len;
-
-            if (arg != EVP_AEAD_TLS1_AAD_LEN)
-                return -1;
- 
-            len = p[arg - 2] << 8 | p[arg - 1];
-
-            if (ctx->encrypt) {
-                key->payload_length = len;
-                if ((key->aux.tls_ver =
-                     p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) {
-                    if (len < AES_BLOCK_SIZE)
-                        return 0;
-                    len -= AES_BLOCK_SIZE;
-                    p[arg - 2] = len >> 8;
-                    p[arg - 1] = len;
-                }
-                key->md = key->head;
-                SHA1_Update(&key->md, p, arg);
-
-                return (int)(((len + SHA_DIGEST_LENGTH +
-                               AES_BLOCK_SIZE) & -AES_BLOCK_SIZE)
-                             - len);
-            } else {
-                memcpy(key->aux.tls_aad, ptr, arg);
-                key->payload_length = arg;
-
-                return SHA_DIGEST_LENGTH;
-            }
-        }
-#  if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
-    case EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE:
-        return (int)(5 + 16 + ((arg + 20 + 16) & -16));
-    case EVP_CTRL_TLS1_1_MULTIBLOCK_AAD:
-        {
-            EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param =
-                (EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *) ptr;
-            unsigned int n4x = 1, x4;
-            unsigned int frag, last, packlen, inp_len;
-
-            if (arg < (int)sizeof(EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM))
-                return -1;
-
-            inp_len = param->inp[11] << 8 | param->inp[12];
-
-            if (ctx->encrypt) {
-                if ((param->inp[9] << 8 | param->inp[10]) < TLS1_1_VERSION)
-                    return -1;
-
-                if (inp_len) {
-                    if (inp_len < 4096)
-                        return 0; /* too short */
-
-                    if (inp_len >= 8192 && OPENSSL_ia32cap_P[2] & (1 << 5))
-                        n4x = 2; /* AVX2 */
-                } else if ((n4x = param->interleave / 4) && n4x <= 2)
-                    inp_len = param->len;
-                else
-                    return -1;
-
-                key->md = key->head;
-                SHA1_Update(&key->md, param->inp, 13);
-
-                x4 = 4 * n4x;
-                n4x += 1;
-
-                frag = inp_len >> n4x;
-                last = inp_len + frag - (frag << n4x);
-                if (last > frag && ((last + 13 + 9) % 64 < (x4 - 1))) {
-                    frag++;
-                    last -= x4 - 1;
-                }
-
-                packlen = 5 + 16 + ((frag + 20 + 16) & -16);
-                packlen = (packlen << n4x) - packlen;
-                packlen += 5 + 16 + ((last + 20 + 16) & -16);
-
-                param->interleave = x4;
-
-                return (int)packlen;
-            } else
-                return -1;      /* not yet */
-        }
-    case EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT:
-        {
-            EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param =
-                (EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *) ptr;
-
-            return (int)tls1_1_multi_block_encrypt(key, param->out,
-                                                   param->inp, param->len,
-                                                   param->interleave / 4);
-        }
-    case EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT:
-#  endif
-    default:
-        return -1;
-    }
-}
-
-static EVP_CIPHER aesni_128_cbc_hmac_sha1_cipher = {
-#  ifdef NID_aes_128_cbc_hmac_sha1
-    NID_aes_128_cbc_hmac_sha1,
-#  else
-    NID_undef,
-#  endif
-    16, 16, 16,
-    EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 |
-        EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK,
-    aesni_cbc_hmac_sha1_init_key,
-    aesni_cbc_hmac_sha1_cipher,
-    NULL,
-    sizeof(EVP_AES_HMAC_SHA1),
-    EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_set_asn1_iv,
-    EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_get_asn1_iv,
-    aesni_cbc_hmac_sha1_ctrl,
-    NULL
-};
-
-static EVP_CIPHER aesni_256_cbc_hmac_sha1_cipher = {
-#  ifdef NID_aes_256_cbc_hmac_sha1
-    NID_aes_256_cbc_hmac_sha1,
-#  else
-    NID_undef,
-#  endif
-    16, 32, 16,
-    EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 |
-        EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK,
-    aesni_cbc_hmac_sha1_init_key,
-    aesni_cbc_hmac_sha1_cipher,
-    NULL,
-    sizeof(EVP_AES_HMAC_SHA1),
-    EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_set_asn1_iv,
-    EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_get_asn1_iv,
-    aesni_cbc_hmac_sha1_ctrl,
-    NULL
-};
-
-const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void)
-{
-    return (OPENSSL_ia32cap_P[1] & AESNI_CAPABLE ?
-            &aesni_128_cbc_hmac_sha1_cipher : NULL);
-}
-
-const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void)
-{
-    return (OPENSSL_ia32cap_P[1] & AESNI_CAPABLE ?
-            &aesni_256_cbc_hmac_sha1_cipher : NULL);
-}
-# else
-const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void)
-{
-    return NULL;
-}
-
-const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void)
-{
-    return NULL;
-}
-# endif
-#endif
diff --git a/thirdparty/openssl/crypto/evp/e_aes_cbc_hmac_sha256.c b/thirdparty/openssl/crypto/evp/e_aes_cbc_hmac_sha256.c
deleted file mode 100644
index 917ae0751d..0000000000
--- a/thirdparty/openssl/crypto/evp/e_aes_cbc_hmac_sha256.c
+++ /dev/null
@@ -1,989 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2011-2013 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/opensslconf.h>
-
-#include <stdio.h>
-#include <string.h>
-
-#if !defined(OPENSSL_NO_AES) && !defined(OPENSSL_NO_SHA256)
-
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include <openssl/aes.h>
-# include <openssl/sha.h>
-# include <openssl/rand.h>
-# include "modes_lcl.h"
-# include "constant_time_locl.h"
-
-# ifndef EVP_CIPH_FLAG_AEAD_CIPHER
-#  define EVP_CIPH_FLAG_AEAD_CIPHER       0x200000
-#  define EVP_CTRL_AEAD_TLS1_AAD          0x16
-#  define EVP_CTRL_AEAD_SET_MAC_KEY       0x17
-# endif
-
-# if !defined(EVP_CIPH_FLAG_DEFAULT_ASN1)
-#  define EVP_CIPH_FLAG_DEFAULT_ASN1 0
-# endif
-
-# if !defined(EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)
-#  define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0
-# endif
-
-# define TLS1_1_VERSION 0x0302
-
-typedef struct {
-    AES_KEY ks;
-    SHA256_CTX head, tail, md;
-    size_t payload_length;      /* AAD length in decrypt case */
-    union {
-        unsigned int tls_ver;
-        unsigned char tls_aad[16]; /* 13 used */
-    } aux;
-} EVP_AES_HMAC_SHA256;
-
-# define NO_PAYLOAD_LENGTH       ((size_t)-1)
-
-# if     defined(AES_ASM) &&     ( \
-        defined(__x86_64)       || defined(__x86_64__)  || \
-        defined(_M_AMD64)       || defined(_M_X64)      || \
-        defined(__INTEL__)      )
-
-extern unsigned int OPENSSL_ia32cap_P[];
-#  define AESNI_CAPABLE   (1<<(57-32))
-
-int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
-                          AES_KEY *key);
-int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
-                          AES_KEY *key);
-
-void aesni_cbc_encrypt(const unsigned char *in,
-                       unsigned char *out,
-                       size_t length,
-                       const AES_KEY *key, unsigned char *ivec, int enc);
-
-int aesni_cbc_sha256_enc(const void *inp, void *out, size_t blocks,
-                         const AES_KEY *key, unsigned char iv[16],
-                         SHA256_CTX *ctx, const void *in0);
-
-#  define data(ctx) ((EVP_AES_HMAC_SHA256 *)(ctx)->cipher_data)
-
-static int aesni_cbc_hmac_sha256_init_key(EVP_CIPHER_CTX *ctx,
-                                          const unsigned char *inkey,
-                                          const unsigned char *iv, int enc)
-{
-    EVP_AES_HMAC_SHA256 *key = data(ctx);
-    int ret;
-
-    if (enc)
-        memset(&key->ks, 0, sizeof(key->ks.rd_key)),
-            ret = aesni_set_encrypt_key(inkey, ctx->key_len * 8, &key->ks);
-    else
-        ret = aesni_set_decrypt_key(inkey, ctx->key_len * 8, &key->ks);
-
-    SHA256_Init(&key->head);    /* handy when benchmarking */
-    key->tail = key->head;
-    key->md = key->head;
-
-    key->payload_length = NO_PAYLOAD_LENGTH;
-
-    return ret < 0 ? 0 : 1;
-}
-
-#  define STITCHED_CALL
-
-#  if !defined(STITCHED_CALL)
-#   define aes_off 0
-#  endif
-
-void sha256_block_data_order(void *c, const void *p, size_t len);
-
-static void sha256_update(SHA256_CTX *c, const void *data, size_t len)
-{
-    const unsigned char *ptr = data;
-    size_t res;
-
-    if ((res = c->num)) {
-        res = SHA256_CBLOCK - res;
-        if (len < res)
-            res = len;
-        SHA256_Update(c, ptr, res);
-        ptr += res;
-        len -= res;
-    }
-
-    res = len % SHA256_CBLOCK;
-    len -= res;
-
-    if (len) {
-        sha256_block_data_order(c, ptr, len / SHA256_CBLOCK);
-
-        ptr += len;
-        c->Nh += len >> 29;
-        c->Nl += len <<= 3;
-        if (c->Nl < (unsigned int)len)
-            c->Nh++;
-    }
-
-    if (res)
-        SHA256_Update(c, ptr, res);
-}
-
-#  ifdef SHA256_Update
-#   undef SHA256_Update
-#  endif
-#  define SHA256_Update sha256_update
-
-#  if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
-
-typedef struct {
-    unsigned int A[8], B[8], C[8], D[8], E[8], F[8], G[8], H[8];
-} SHA256_MB_CTX;
-typedef struct {
-    const unsigned char *ptr;
-    int blocks;
-} HASH_DESC;
-
-void sha256_multi_block(SHA256_MB_CTX *, const HASH_DESC *, int);
-
-typedef struct {
-    const unsigned char *inp;
-    unsigned char *out;
-    int blocks;
-    u64 iv[2];
-} CIPH_DESC;
-
-void aesni_multi_cbc_encrypt(CIPH_DESC *, void *, int);
-
-static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA256 *key,
-                                         unsigned char *out,
-                                         const unsigned char *inp,
-                                         size_t inp_len, int n4x)
-{                               /* n4x is 1 or 2 */
-    HASH_DESC hash_d[8], edges[8];
-    CIPH_DESC ciph_d[8];
-    unsigned char storage[sizeof(SHA256_MB_CTX) + 32];
-    union {
-        u64 q[16];
-        u32 d[32];
-        u8 c[128];
-    } blocks[8];
-    SHA256_MB_CTX *ctx;
-    unsigned int frag, last, packlen, i, x4 = 4 * n4x, minblocks, processed =
-        0;
-    size_t ret = 0;
-    u8 *IVs;
-#   if defined(BSWAP8)
-    u64 seqnum;
-#   endif
-
-    /* ask for IVs in bulk */
-    if (RAND_bytes((IVs = blocks[0].c), 16 * x4) <= 0)
-        return 0;
-
-    /* align */
-    ctx = (SHA256_MB_CTX *) (storage + 32 - ((size_t)storage % 32));
-
-    frag = (unsigned int)inp_len >> (1 + n4x);
-    last = (unsigned int)inp_len + frag - (frag << (1 + n4x));
-    if (last > frag && ((last + 13 + 9) % 64) < (x4 - 1)) {
-        frag++;
-        last -= x4 - 1;
-    }
-
-    packlen = 5 + 16 + ((frag + 32 + 16) & -16);
-
-    /* populate descriptors with pointers and IVs */
-    hash_d[0].ptr = inp;
-    ciph_d[0].inp = inp;
-    /* 5+16 is place for header and explicit IV */
-    ciph_d[0].out = out + 5 + 16;
-    memcpy(ciph_d[0].out - 16, IVs, 16);
-    memcpy(ciph_d[0].iv, IVs, 16);
-    IVs += 16;
-
-    for (i = 1; i < x4; i++) {
-        ciph_d[i].inp = hash_d[i].ptr = hash_d[i - 1].ptr + frag;
-        ciph_d[i].out = ciph_d[i - 1].out + packlen;
-        memcpy(ciph_d[i].out - 16, IVs, 16);
-        memcpy(ciph_d[i].iv, IVs, 16);
-        IVs += 16;
-    }
-
-#   if defined(BSWAP8)
-    memcpy(blocks[0].c, key->md.data, 8);
-    seqnum = BSWAP8(blocks[0].q[0]);
-#   endif
-    for (i = 0; i < x4; i++) {
-        unsigned int len = (i == (x4 - 1) ? last : frag);
-#   if !defined(BSWAP8)
-        unsigned int carry, j;
-#   endif
-
-        ctx->A[i] = key->md.h[0];
-        ctx->B[i] = key->md.h[1];
-        ctx->C[i] = key->md.h[2];
-        ctx->D[i] = key->md.h[3];
-        ctx->E[i] = key->md.h[4];
-        ctx->F[i] = key->md.h[5];
-        ctx->G[i] = key->md.h[6];
-        ctx->H[i] = key->md.h[7];
-
-        /* fix seqnum */
-#   if defined(BSWAP8)
-        blocks[i].q[0] = BSWAP8(seqnum + i);
-#   else
-        for (carry = i, j = 8; j--;) {
-            blocks[i].c[j] = ((u8 *)key->md.data)[j] + carry;
-            carry = (blocks[i].c[j] - carry) >> (sizeof(carry) * 8 - 1);
-        }
-#   endif
-        blocks[i].c[8] = ((u8 *)key->md.data)[8];
-        blocks[i].c[9] = ((u8 *)key->md.data)[9];
-        blocks[i].c[10] = ((u8 *)key->md.data)[10];
-        /* fix length */
-        blocks[i].c[11] = (u8)(len >> 8);
-        blocks[i].c[12] = (u8)(len);
-
-        memcpy(blocks[i].c + 13, hash_d[i].ptr, 64 - 13);
-        hash_d[i].ptr += 64 - 13;
-        hash_d[i].blocks = (len - (64 - 13)) / 64;
-
-        edges[i].ptr = blocks[i].c;
-        edges[i].blocks = 1;
-    }
-
-    /* hash 13-byte headers and first 64-13 bytes of inputs */
-    sha256_multi_block(ctx, edges, n4x);
-    /* hash bulk inputs */
-#   define MAXCHUNKSIZE    2048
-#   if     MAXCHUNKSIZE%64
-#    error  "MAXCHUNKSIZE is not divisible by 64"
-#   elif   MAXCHUNKSIZE
-    /*
-     * goal is to minimize pressure on L1 cache by moving in shorter steps,
-     * so that hashed data is still in the cache by the time we encrypt it
-     */
-    minblocks = ((frag <= last ? frag : last) - (64 - 13)) / 64;
-    if (minblocks > MAXCHUNKSIZE / 64) {
-        for (i = 0; i < x4; i++) {
-            edges[i].ptr = hash_d[i].ptr;
-            edges[i].blocks = MAXCHUNKSIZE / 64;
-            ciph_d[i].blocks = MAXCHUNKSIZE / 16;
-        }
-        do {
-            sha256_multi_block(ctx, edges, n4x);
-            aesni_multi_cbc_encrypt(ciph_d, &key->ks, n4x);
-
-            for (i = 0; i < x4; i++) {
-                edges[i].ptr = hash_d[i].ptr += MAXCHUNKSIZE;
-                hash_d[i].blocks -= MAXCHUNKSIZE / 64;
-                edges[i].blocks = MAXCHUNKSIZE / 64;
-                ciph_d[i].inp += MAXCHUNKSIZE;
-                ciph_d[i].out += MAXCHUNKSIZE;
-                ciph_d[i].blocks = MAXCHUNKSIZE / 16;
-                memcpy(ciph_d[i].iv, ciph_d[i].out - 16, 16);
-            }
-            processed += MAXCHUNKSIZE;
-            minblocks -= MAXCHUNKSIZE / 64;
-        } while (minblocks > MAXCHUNKSIZE / 64);
-    }
-#   endif
-#   undef  MAXCHUNKSIZE
-    sha256_multi_block(ctx, hash_d, n4x);
-
-    memset(blocks, 0, sizeof(blocks));
-    for (i = 0; i < x4; i++) {
-        unsigned int len = (i == (x4 - 1) ? last : frag),
-            off = hash_d[i].blocks * 64;
-        const unsigned char *ptr = hash_d[i].ptr + off;
-
-        off = (len - processed) - (64 - 13) - off; /* remainder actually */
-        memcpy(blocks[i].c, ptr, off);
-        blocks[i].c[off] = 0x80;
-        len += 64 + 13;         /* 64 is HMAC header */
-        len *= 8;               /* convert to bits */
-        if (off < (64 - 8)) {
-#   ifdef BSWAP4
-            blocks[i].d[15] = BSWAP4(len);
-#   else
-            PUTU32(blocks[i].c + 60, len);
-#   endif
-            edges[i].blocks = 1;
-        } else {
-#   ifdef BSWAP4
-            blocks[i].d[31] = BSWAP4(len);
-#   else
-            PUTU32(blocks[i].c + 124, len);
-#   endif
-            edges[i].blocks = 2;
-        }
-        edges[i].ptr = blocks[i].c;
-    }
-
-    /* hash input tails and finalize */
-    sha256_multi_block(ctx, edges, n4x);
-
-    memset(blocks, 0, sizeof(blocks));
-    for (i = 0; i < x4; i++) {
-#   ifdef BSWAP4
-        blocks[i].d[0] = BSWAP4(ctx->A[i]);
-        ctx->A[i] = key->tail.h[0];
-        blocks[i].d[1] = BSWAP4(ctx->B[i]);
-        ctx->B[i] = key->tail.h[1];
-        blocks[i].d[2] = BSWAP4(ctx->C[i]);
-        ctx->C[i] = key->tail.h[2];
-        blocks[i].d[3] = BSWAP4(ctx->D[i]);
-        ctx->D[i] = key->tail.h[3];
-        blocks[i].d[4] = BSWAP4(ctx->E[i]);
-        ctx->E[i] = key->tail.h[4];
-        blocks[i].d[5] = BSWAP4(ctx->F[i]);
-        ctx->F[i] = key->tail.h[5];
-        blocks[i].d[6] = BSWAP4(ctx->G[i]);
-        ctx->G[i] = key->tail.h[6];
-        blocks[i].d[7] = BSWAP4(ctx->H[i]);
-        ctx->H[i] = key->tail.h[7];
-        blocks[i].c[32] = 0x80;
-        blocks[i].d[15] = BSWAP4((64 + 32) * 8);
-#   else
-        PUTU32(blocks[i].c + 0, ctx->A[i]);
-        ctx->A[i] = key->tail.h[0];
-        PUTU32(blocks[i].c + 4, ctx->B[i]);
-        ctx->B[i] = key->tail.h[1];
-        PUTU32(blocks[i].c + 8, ctx->C[i]);
-        ctx->C[i] = key->tail.h[2];
-        PUTU32(blocks[i].c + 12, ctx->D[i]);
-        ctx->D[i] = key->tail.h[3];
-        PUTU32(blocks[i].c + 16, ctx->E[i]);
-        ctx->E[i] = key->tail.h[4];
-        PUTU32(blocks[i].c + 20, ctx->F[i]);
-        ctx->F[i] = key->tail.h[5];
-        PUTU32(blocks[i].c + 24, ctx->G[i]);
-        ctx->G[i] = key->tail.h[6];
-        PUTU32(blocks[i].c + 28, ctx->H[i]);
-        ctx->H[i] = key->tail.h[7];
-        blocks[i].c[32] = 0x80;
-        PUTU32(blocks[i].c + 60, (64 + 32) * 8);
-#   endif
-        edges[i].ptr = blocks[i].c;
-        edges[i].blocks = 1;
-    }
-
-    /* finalize MACs */
-    sha256_multi_block(ctx, edges, n4x);
-
-    for (i = 0; i < x4; i++) {
-        unsigned int len = (i == (x4 - 1) ? last : frag), pad, j;
-        unsigned char *out0 = out;
-
-        memcpy(ciph_d[i].out, ciph_d[i].inp, len - processed);
-        ciph_d[i].inp = ciph_d[i].out;
-
-        out += 5 + 16 + len;
-
-        /* write MAC */
-        PUTU32(out + 0, ctx->A[i]);
-        PUTU32(out + 4, ctx->B[i]);
-        PUTU32(out + 8, ctx->C[i]);
-        PUTU32(out + 12, ctx->D[i]);
-        PUTU32(out + 16, ctx->E[i]);
-        PUTU32(out + 20, ctx->F[i]);
-        PUTU32(out + 24, ctx->G[i]);
-        PUTU32(out + 28, ctx->H[i]);
-        out += 32;
-        len += 32;
-
-        /* pad */
-        pad = 15 - len % 16;
-        for (j = 0; j <= pad; j++)
-            *(out++) = pad;
-        len += pad + 1;
-
-        ciph_d[i].blocks = (len - processed) / 16;
-        len += 16;              /* account for explicit iv */
-
-        /* arrange header */
-        out0[0] = ((u8 *)key->md.data)[8];
-        out0[1] = ((u8 *)key->md.data)[9];
-        out0[2] = ((u8 *)key->md.data)[10];
-        out0[3] = (u8)(len >> 8);
-        out0[4] = (u8)(len);
-
-        ret += len + 5;
-        inp += frag;
-    }
-
-    aesni_multi_cbc_encrypt(ciph_d, &key->ks, n4x);
-
-    OPENSSL_cleanse(blocks, sizeof(blocks));
-    OPENSSL_cleanse(ctx, sizeof(*ctx));
-
-    return ret;
-}
-#  endif
-
-static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx,
-                                        unsigned char *out,
-                                        const unsigned char *in, size_t len)
-{
-    EVP_AES_HMAC_SHA256 *key = data(ctx);
-    unsigned int l;
-    size_t plen = key->payload_length, iv = 0, /* explicit IV in TLS 1.1 and
-                                                * later */
-        sha_off = 0;
-#  if defined(STITCHED_CALL)
-    size_t aes_off = 0, blocks;
-
-    sha_off = SHA256_CBLOCK - key->md.num;
-#  endif
-
-    key->payload_length = NO_PAYLOAD_LENGTH;
-
-    if (len % AES_BLOCK_SIZE)
-        return 0;
-
-    if (ctx->encrypt) {
-        if (plen == NO_PAYLOAD_LENGTH)
-            plen = len;
-        else if (len !=
-                 ((plen + SHA256_DIGEST_LENGTH +
-                   AES_BLOCK_SIZE) & -AES_BLOCK_SIZE))
-            return 0;
-        else if (key->aux.tls_ver >= TLS1_1_VERSION)
-            iv = AES_BLOCK_SIZE;
-
-#  if defined(STITCHED_CALL)
-        /*
-         * Assembly stitch handles AVX-capable processors, but its
-         * performance is not optimal on AMD Jaguar, ~40% worse, for
-         * unknown reasons. Incidentally processor in question supports
-         * AVX, but not AMD-specific XOP extension, which can be used
-         * to identify it and avoid stitch invocation. So that after we
-         * establish that current CPU supports AVX, we even see if it's
-         * either even XOP-capable Bulldozer-based or GenuineIntel one.
-         */
-        if (OPENSSL_ia32cap_P[1] & (1 << (60 - 32)) && /* AVX? */
-            ((OPENSSL_ia32cap_P[1] & (1 << (43 - 32))) /* XOP? */
-             | (OPENSSL_ia32cap_P[0] & (1<<30))) &&    /* "Intel CPU"? */
-            plen > (sha_off + iv) &&
-            (blocks = (plen - (sha_off + iv)) / SHA256_CBLOCK)) {
-            SHA256_Update(&key->md, in + iv, sha_off);
-
-            (void)aesni_cbc_sha256_enc(in, out, blocks, &key->ks,
-                                       ctx->iv, &key->md, in + iv + sha_off);
-            blocks *= SHA256_CBLOCK;
-            aes_off += blocks;
-            sha_off += blocks;
-            key->md.Nh += blocks >> 29;
-            key->md.Nl += blocks <<= 3;
-            if (key->md.Nl < (unsigned int)blocks)
-                key->md.Nh++;
-        } else {
-            sha_off = 0;
-        }
-#  endif
-        sha_off += iv;
-        SHA256_Update(&key->md, in + sha_off, plen - sha_off);
-
-        if (plen != len) {      /* "TLS" mode of operation */
-            if (in != out)
-                memcpy(out + aes_off, in + aes_off, plen - aes_off);
-
-            /* calculate HMAC and append it to payload */
-            SHA256_Final(out + plen, &key->md);
-            key->md = key->tail;
-            SHA256_Update(&key->md, out + plen, SHA256_DIGEST_LENGTH);
-            SHA256_Final(out + plen, &key->md);
-
-            /* pad the payload|hmac */
-            plen += SHA256_DIGEST_LENGTH;
-            for (l = len - plen - 1; plen < len; plen++)
-                out[plen] = l;
-            /* encrypt HMAC|padding at once */
-            aesni_cbc_encrypt(out + aes_off, out + aes_off, len - aes_off,
-                              &key->ks, ctx->iv, 1);
-        } else {
-            aesni_cbc_encrypt(in + aes_off, out + aes_off, len - aes_off,
-                              &key->ks, ctx->iv, 1);
-        }
-    } else {
-        union {
-            unsigned int u[SHA256_DIGEST_LENGTH / sizeof(unsigned int)];
-            unsigned char c[64 + SHA256_DIGEST_LENGTH];
-        } mac, *pmac;
-
-        /* arrange cache line alignment */
-        pmac = (void *)(((size_t)mac.c + 63) & ((size_t)0 - 64));
-
-        /* decrypt HMAC|padding at once */
-        aesni_cbc_encrypt(in, out, len, &key->ks, ctx->iv, 0);
-
-        if (plen != NO_PAYLOAD_LENGTH) { /* "TLS" mode of operation */
-            size_t inp_len, mask, j, i;
-            unsigned int res, maxpad, pad, bitlen;
-            int ret = 1;
-            union {
-                unsigned int u[SHA_LBLOCK];
-                unsigned char c[SHA256_CBLOCK];
-            } *data = (void *)key->md.data;
-
-            if ((key->aux.tls_aad[plen - 4] << 8 | key->aux.tls_aad[plen - 3])
-                >= TLS1_1_VERSION)
-                iv = AES_BLOCK_SIZE;
-
-            if (len < (iv + SHA256_DIGEST_LENGTH + 1))
-                return 0;
-
-            /* omit explicit iv */
-            out += iv;
-            len -= iv;
-
-            /* figure out payload length */
-            pad = out[len - 1];
-            maxpad = len - (SHA256_DIGEST_LENGTH + 1);
-            maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8);
-            maxpad &= 255;
-
-            ret &= constant_time_ge(maxpad, pad);
-
-            inp_len = len - (SHA256_DIGEST_LENGTH + pad + 1);
-            mask = (0 - ((inp_len - len) >> (sizeof(inp_len) * 8 - 1)));
-            inp_len &= mask;
-            ret &= (int)mask;
-
-            key->aux.tls_aad[plen - 2] = inp_len >> 8;
-            key->aux.tls_aad[plen - 1] = inp_len;
-
-            /* calculate HMAC */
-            key->md = key->head;
-            SHA256_Update(&key->md, key->aux.tls_aad, plen);
-
-#  if 1
-            len -= SHA256_DIGEST_LENGTH; /* amend mac */
-            if (len >= (256 + SHA256_CBLOCK)) {
-                j = (len - (256 + SHA256_CBLOCK)) & (0 - SHA256_CBLOCK);
-                j += SHA256_CBLOCK - key->md.num;
-                SHA256_Update(&key->md, out, j);
-                out += j;
-                len -= j;
-                inp_len -= j;
-            }
-
-            /* but pretend as if we hashed padded payload */
-            bitlen = key->md.Nl + (inp_len << 3); /* at most 18 bits */
-#   ifdef BSWAP4
-            bitlen = BSWAP4(bitlen);
-#   else
-            mac.c[0] = 0;
-            mac.c[1] = (unsigned char)(bitlen >> 16);
-            mac.c[2] = (unsigned char)(bitlen >> 8);
-            mac.c[3] = (unsigned char)bitlen;
-            bitlen = mac.u[0];
-#   endif
-
-            pmac->u[0] = 0;
-            pmac->u[1] = 0;
-            pmac->u[2] = 0;
-            pmac->u[3] = 0;
-            pmac->u[4] = 0;
-            pmac->u[5] = 0;
-            pmac->u[6] = 0;
-            pmac->u[7] = 0;
-
-            for (res = key->md.num, j = 0; j < len; j++) {
-                size_t c = out[j];
-                mask = (j - inp_len) >> (sizeof(j) * 8 - 8);
-                c &= mask;
-                c |= 0x80 & ~mask & ~((inp_len - j) >> (sizeof(j) * 8 - 8));
-                data->c[res++] = (unsigned char)c;
-
-                if (res != SHA256_CBLOCK)
-                    continue;
-
-                /* j is not incremented yet */
-                mask = 0 - ((inp_len + 7 - j) >> (sizeof(j) * 8 - 1));
-                data->u[SHA_LBLOCK - 1] |= bitlen & mask;
-                sha256_block_data_order(&key->md, data, 1);
-                mask &= 0 - ((j - inp_len - 72) >> (sizeof(j) * 8 - 1));
-                pmac->u[0] |= key->md.h[0] & mask;
-                pmac->u[1] |= key->md.h[1] & mask;
-                pmac->u[2] |= key->md.h[2] & mask;
-                pmac->u[3] |= key->md.h[3] & mask;
-                pmac->u[4] |= key->md.h[4] & mask;
-                pmac->u[5] |= key->md.h[5] & mask;
-                pmac->u[6] |= key->md.h[6] & mask;
-                pmac->u[7] |= key->md.h[7] & mask;
-                res = 0;
-            }
-
-            for (i = res; i < SHA256_CBLOCK; i++, j++)
-                data->c[i] = 0;
-
-            if (res > SHA256_CBLOCK - 8) {
-                mask = 0 - ((inp_len + 8 - j) >> (sizeof(j) * 8 - 1));
-                data->u[SHA_LBLOCK - 1] |= bitlen & mask;
-                sha256_block_data_order(&key->md, data, 1);
-                mask &= 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1));
-                pmac->u[0] |= key->md.h[0] & mask;
-                pmac->u[1] |= key->md.h[1] & mask;
-                pmac->u[2] |= key->md.h[2] & mask;
-                pmac->u[3] |= key->md.h[3] & mask;
-                pmac->u[4] |= key->md.h[4] & mask;
-                pmac->u[5] |= key->md.h[5] & mask;
-                pmac->u[6] |= key->md.h[6] & mask;
-                pmac->u[7] |= key->md.h[7] & mask;
-
-                memset(data, 0, SHA256_CBLOCK);
-                j += 64;
-            }
-            data->u[SHA_LBLOCK - 1] = bitlen;
-            sha256_block_data_order(&key->md, data, 1);
-            mask = 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1));
-            pmac->u[0] |= key->md.h[0] & mask;
-            pmac->u[1] |= key->md.h[1] & mask;
-            pmac->u[2] |= key->md.h[2] & mask;
-            pmac->u[3] |= key->md.h[3] & mask;
-            pmac->u[4] |= key->md.h[4] & mask;
-            pmac->u[5] |= key->md.h[5] & mask;
-            pmac->u[6] |= key->md.h[6] & mask;
-            pmac->u[7] |= key->md.h[7] & mask;
-
-#   ifdef BSWAP4
-            pmac->u[0] = BSWAP4(pmac->u[0]);
-            pmac->u[1] = BSWAP4(pmac->u[1]);
-            pmac->u[2] = BSWAP4(pmac->u[2]);
-            pmac->u[3] = BSWAP4(pmac->u[3]);
-            pmac->u[4] = BSWAP4(pmac->u[4]);
-            pmac->u[5] = BSWAP4(pmac->u[5]);
-            pmac->u[6] = BSWAP4(pmac->u[6]);
-            pmac->u[7] = BSWAP4(pmac->u[7]);
-#   else
-            for (i = 0; i < 8; i++) {
-                res = pmac->u[i];
-                pmac->c[4 * i + 0] = (unsigned char)(res >> 24);
-                pmac->c[4 * i + 1] = (unsigned char)(res >> 16);
-                pmac->c[4 * i + 2] = (unsigned char)(res >> 8);
-                pmac->c[4 * i + 3] = (unsigned char)res;
-            }
-#   endif
-            len += SHA256_DIGEST_LENGTH;
-#  else
-            SHA256_Update(&key->md, out, inp_len);
-            res = key->md.num;
-            SHA256_Final(pmac->c, &key->md);
-
-            {
-                unsigned int inp_blocks, pad_blocks;
-
-                /* but pretend as if we hashed padded payload */
-                inp_blocks =
-                    1 + ((SHA256_CBLOCK - 9 - res) >> (sizeof(res) * 8 - 1));
-                res += (unsigned int)(len - inp_len);
-                pad_blocks = res / SHA256_CBLOCK;
-                res %= SHA256_CBLOCK;
-                pad_blocks +=
-                    1 + ((SHA256_CBLOCK - 9 - res) >> (sizeof(res) * 8 - 1));
-                for (; inp_blocks < pad_blocks; inp_blocks++)
-                    sha1_block_data_order(&key->md, data, 1);
-            }
-#  endif
-            key->md = key->tail;
-            SHA256_Update(&key->md, pmac->c, SHA256_DIGEST_LENGTH);
-            SHA256_Final(pmac->c, &key->md);
-
-            /* verify HMAC */
-            out += inp_len;
-            len -= inp_len;
-#  if 1
-            {
-                unsigned char *p =
-                    out + len - 1 - maxpad - SHA256_DIGEST_LENGTH;
-                size_t off = out - p;
-                unsigned int c, cmask;
-
-                maxpad += SHA256_DIGEST_LENGTH;
-                for (res = 0, i = 0, j = 0; j < maxpad; j++) {
-                    c = p[j];
-                    cmask =
-                        ((int)(j - off - SHA256_DIGEST_LENGTH)) >>
-                        (sizeof(int) * 8 - 1);
-                    res |= (c ^ pad) & ~cmask; /* ... and padding */
-                    cmask &= ((int)(off - 1 - j)) >> (sizeof(int) * 8 - 1);
-                    res |= (c ^ pmac->c[i]) & cmask;
-                    i += 1 & cmask;
-                }
-                maxpad -= SHA256_DIGEST_LENGTH;
-
-                res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
-                ret &= (int)~res;
-            }
-#  else
-            for (res = 0, i = 0; i < SHA256_DIGEST_LENGTH; i++)
-                res |= out[i] ^ pmac->c[i];
-            res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
-            ret &= (int)~res;
-
-            /* verify padding */
-            pad = (pad & ~res) | (maxpad & res);
-            out = out + len - 1 - pad;
-            for (res = 0, i = 0; i < pad; i++)
-                res |= out[i] ^ pad;
-
-            res = (0 - res) >> (sizeof(res) * 8 - 1);
-            ret &= (int)~res;
-#  endif
-            return ret;
-        } else {
-            SHA256_Update(&key->md, out, len);
-        }
-    }
-
-    return 1;
-}
-
-static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
-                                      void *ptr)
-{
-    EVP_AES_HMAC_SHA256 *key = data(ctx);
-
-    switch (type) {
-    case EVP_CTRL_AEAD_SET_MAC_KEY:
-        {
-            unsigned int i;
-            unsigned char hmac_key[64];
-
-            memset(hmac_key, 0, sizeof(hmac_key));
-
-            if (arg > (int)sizeof(hmac_key)) {
-                SHA256_Init(&key->head);
-                SHA256_Update(&key->head, ptr, arg);
-                SHA256_Final(hmac_key, &key->head);
-            } else {
-                memcpy(hmac_key, ptr, arg);
-            }
-
-            for (i = 0; i < sizeof(hmac_key); i++)
-                hmac_key[i] ^= 0x36; /* ipad */
-            SHA256_Init(&key->head);
-            SHA256_Update(&key->head, hmac_key, sizeof(hmac_key));
-
-            for (i = 0; i < sizeof(hmac_key); i++)
-                hmac_key[i] ^= 0x36 ^ 0x5c; /* opad */
-            SHA256_Init(&key->tail);
-            SHA256_Update(&key->tail, hmac_key, sizeof(hmac_key));
-
-            OPENSSL_cleanse(hmac_key, sizeof(hmac_key));
-
-            return 1;
-        }
-    case EVP_CTRL_AEAD_TLS1_AAD:
-        {
-            unsigned char *p = ptr;
-            unsigned int len;
-
-            if (arg != EVP_AEAD_TLS1_AAD_LEN)
-                return -1;
-
-            len = p[arg - 2] << 8 | p[arg - 1];
-
-            if (ctx->encrypt) {
-                key->payload_length = len;
-                if ((key->aux.tls_ver =
-                     p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) {
-                    if (len < AES_BLOCK_SIZE)
-                        return 0;
-                    len -= AES_BLOCK_SIZE;
-                    p[arg - 2] = len >> 8;
-                    p[arg - 1] = len;
-                }
-                key->md = key->head;
-                SHA256_Update(&key->md, p, arg);
-
-                return (int)(((len + SHA256_DIGEST_LENGTH +
-                               AES_BLOCK_SIZE) & -AES_BLOCK_SIZE)
-                             - len);
-            } else {
-                memcpy(key->aux.tls_aad, ptr, arg);
-                key->payload_length = arg;
-
-                return SHA256_DIGEST_LENGTH;
-            }
-        }
-#  if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
-    case EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE:
-        return (int)(5 + 16 + ((arg + 32 + 16) & -16));
-    case EVP_CTRL_TLS1_1_MULTIBLOCK_AAD:
-        {
-            EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param =
-                (EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *) ptr;
-            unsigned int n4x = 1, x4;
-            unsigned int frag, last, packlen, inp_len;
-
-            if (arg < (int)sizeof(EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM))
-                return -1;
-
-            inp_len = param->inp[11] << 8 | param->inp[12];
-
-            if (ctx->encrypt) {
-                if ((param->inp[9] << 8 | param->inp[10]) < TLS1_1_VERSION)
-                    return -1;
-
-                if (inp_len) {
-                    if (inp_len < 4096)
-                        return 0; /* too short */
-
-                    if (inp_len >= 8192 && OPENSSL_ia32cap_P[2] & (1 << 5))
-                        n4x = 2; /* AVX2 */
-                } else if ((n4x = param->interleave / 4) && n4x <= 2)
-                    inp_len = param->len;
-                else
-                    return -1;
-
-                key->md = key->head;
-                SHA256_Update(&key->md, param->inp, 13);
-
-                x4 = 4 * n4x;
-                n4x += 1;
-
-                frag = inp_len >> n4x;
-                last = inp_len + frag - (frag << n4x);
-                if (last > frag && ((last + 13 + 9) % 64 < (x4 - 1))) {
-                    frag++;
-                    last -= x4 - 1;
-                }
-
-                packlen = 5 + 16 + ((frag + 32 + 16) & -16);
-                packlen = (packlen << n4x) - packlen;
-                packlen += 5 + 16 + ((last + 32 + 16) & -16);
-
-                param->interleave = x4;
-
-                return (int)packlen;
-            } else
-                return -1;      /* not yet */
-        }
-    case EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT:
-        {
-            EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param =
-                (EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *) ptr;
-
-            return (int)tls1_1_multi_block_encrypt(key, param->out,
-                                                   param->inp, param->len,
-                                                   param->interleave / 4);
-        }
-    case EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT:
-#  endif
-    default:
-        return -1;
-    }
-}
-
-static EVP_CIPHER aesni_128_cbc_hmac_sha256_cipher = {
-#  ifdef NID_aes_128_cbc_hmac_sha256
-    NID_aes_128_cbc_hmac_sha256,
-#  else
-    NID_undef,
-#  endif
-    16, 16, 16,
-    EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 |
-        EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK,
-    aesni_cbc_hmac_sha256_init_key,
-    aesni_cbc_hmac_sha256_cipher,
-    NULL,
-    sizeof(EVP_AES_HMAC_SHA256),
-    EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_set_asn1_iv,
-    EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_get_asn1_iv,
-    aesni_cbc_hmac_sha256_ctrl,
-    NULL
-};
-
-static EVP_CIPHER aesni_256_cbc_hmac_sha256_cipher = {
-#  ifdef NID_aes_256_cbc_hmac_sha256
-    NID_aes_256_cbc_hmac_sha256,
-#  else
-    NID_undef,
-#  endif
-    16, 32, 16,
-    EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 |
-        EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK,
-    aesni_cbc_hmac_sha256_init_key,
-    aesni_cbc_hmac_sha256_cipher,
-    NULL,
-    sizeof(EVP_AES_HMAC_SHA256),
-    EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_set_asn1_iv,
-    EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_get_asn1_iv,
-    aesni_cbc_hmac_sha256_ctrl,
-    NULL
-};
-
-const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha256(void)
-{
-    return ((OPENSSL_ia32cap_P[1] & AESNI_CAPABLE) &&
-            aesni_cbc_sha256_enc(NULL, NULL, 0, NULL, NULL, NULL, NULL) ?
-            &aesni_128_cbc_hmac_sha256_cipher : NULL);
-}
-
-const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha256(void)
-{
-    return ((OPENSSL_ia32cap_P[1] & AESNI_CAPABLE) &&
-            aesni_cbc_sha256_enc(NULL, NULL, 0, NULL, NULL, NULL, NULL) ?
-            &aesni_256_cbc_hmac_sha256_cipher : NULL);
-}
-# else
-const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha256(void)
-{
-    return NULL;
-}
-
-const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha256(void)
-{
-    return NULL;
-}
-# endif
-#endif
diff --git a/thirdparty/openssl/crypto/evp/e_bf.c b/thirdparty/openssl/crypto/evp/e_bf.c
deleted file mode 100644
index d6a017826e..0000000000
--- a/thirdparty/openssl/crypto/evp/e_bf.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/* crypto/evp/e_bf.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#ifndef OPENSSL_NO_BF
-# include <openssl/evp.h>
-# include "evp_locl.h"
-# include <openssl/objects.h>
-# include <openssl/blowfish.h>
-
-static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                       const unsigned char *iv, int enc);
-
-typedef struct {
-    BF_KEY ks;
-} EVP_BF_KEY;
-
-# define data(ctx)       EVP_C_DATA(EVP_BF_KEY,ctx)
-
-IMPLEMENT_BLOCK_CIPHER(bf, ks, BF, EVP_BF_KEY, NID_bf, 8, 16, 8, 64,
-                       EVP_CIPH_VARIABLE_LENGTH, bf_init_key, NULL,
-                       EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
-
-static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                       const unsigned char *iv, int enc)
-{
-    BF_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx), key);
-    return 1;
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/evp/e_camellia.c b/thirdparty/openssl/crypto/evp/e_camellia.c
deleted file mode 100644
index f273f9c947..0000000000
--- a/thirdparty/openssl/crypto/evp/e_camellia.c
+++ /dev/null
@@ -1,394 +0,0 @@
-/* crypto/evp/e_camellia.c */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/opensslconf.h>
-#ifndef OPENSSL_NO_CAMELLIA
-# include <openssl/evp.h>
-# include <openssl/err.h>
-# include <string.h>
-# include <assert.h>
-# include <openssl/camellia.h>
-# include "evp_locl.h"
-# include "modes_lcl.h"
-
-static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                             const unsigned char *iv, int enc);
-
-/* Camellia subkey Structure */
-typedef struct {
-    CAMELLIA_KEY ks;
-    block128_f block;
-    union {
-        cbc128_f cbc;
-        ctr128_f ctr;
-    } stream;
-} EVP_CAMELLIA_KEY;
-
-# define MAXBITCHUNK     ((size_t)1<<(sizeof(size_t)*8-4))
-
-/* Attribute operation for Camellia */
-# define data(ctx)       EVP_C_DATA(EVP_CAMELLIA_KEY,ctx)
-
-# if defined(AES_ASM) && (defined(__sparc) || defined(__sparc__))
-/* ---------^^^ this is not a typo, just a way to detect that
- * assembler support was in general requested... */
-#  include "sparc_arch.h"
-
-extern unsigned int OPENSSL_sparcv9cap_P[];
-
-#  define SPARC_CMLL_CAPABLE      (OPENSSL_sparcv9cap_P[1] & CFR_CAMELLIA)
-
-void cmll_t4_set_key(const unsigned char *key, int bits, CAMELLIA_KEY *ks);
-void cmll_t4_encrypt(const unsigned char *in, unsigned char *out,
-                     const CAMELLIA_KEY *key);
-void cmll_t4_decrypt(const unsigned char *in, unsigned char *out,
-                     const CAMELLIA_KEY *key);
-
-void cmll128_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
-                            size_t len, const CAMELLIA_KEY *key,
-                            unsigned char *ivec);
-void cmll128_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
-                            size_t len, const CAMELLIA_KEY *key,
-                            unsigned char *ivec);
-void cmll256_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
-                            size_t len, const CAMELLIA_KEY *key,
-                            unsigned char *ivec);
-void cmll256_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
-                            size_t len, const CAMELLIA_KEY *key,
-                            unsigned char *ivec);
-void cmll128_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
-                              size_t blocks, const CAMELLIA_KEY *key,
-                              unsigned char *ivec);
-void cmll256_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
-                              size_t blocks, const CAMELLIA_KEY *key,
-                              unsigned char *ivec);
-
-static int cmll_t4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                            const unsigned char *iv, int enc)
-{
-    int ret, mode, bits;
-    EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data;
-
-    mode = ctx->cipher->flags & EVP_CIPH_MODE;
-    bits = ctx->key_len * 8;
-
-    cmll_t4_set_key(key, bits, &dat->ks);
-
-    if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
-        && !enc) {
-        ret = 0;
-        dat->block = (block128_f) cmll_t4_decrypt;
-        switch (bits) {
-        case 128:
-            dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
-                (cbc128_f) cmll128_t4_cbc_decrypt : NULL;
-            break;
-        case 192:
-        case 256:
-            dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
-                (cbc128_f) cmll256_t4_cbc_decrypt : NULL;
-            break;
-        default:
-            ret = -1;
-        }
-    } else {
-        ret = 0;
-        dat->block = (block128_f) cmll_t4_encrypt;
-        switch (bits) {
-        case 128:
-            if (mode == EVP_CIPH_CBC_MODE)
-                dat->stream.cbc = (cbc128_f) cmll128_t4_cbc_encrypt;
-            else if (mode == EVP_CIPH_CTR_MODE)
-                dat->stream.ctr = (ctr128_f) cmll128_t4_ctr32_encrypt;
-            else
-                dat->stream.cbc = NULL;
-            break;
-        case 192:
-        case 256:
-            if (mode == EVP_CIPH_CBC_MODE)
-                dat->stream.cbc = (cbc128_f) cmll256_t4_cbc_encrypt;
-            else if (mode == EVP_CIPH_CTR_MODE)
-                dat->stream.ctr = (ctr128_f) cmll256_t4_ctr32_encrypt;
-            else
-                dat->stream.cbc = NULL;
-            break;
-        default:
-            ret = -1;
-        }
-    }
-
-    if (ret < 0) {
-        EVPerr(EVP_F_CMLL_T4_INIT_KEY, EVP_R_CAMELLIA_KEY_SETUP_FAILED);
-        return 0;
-    }
-
-    return 1;
-}
-
-#  define cmll_t4_cbc_cipher camellia_cbc_cipher
-static int cmll_t4_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                              const unsigned char *in, size_t len);
-
-#  define cmll_t4_ecb_cipher camellia_ecb_cipher
-static int cmll_t4_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                              const unsigned char *in, size_t len);
-
-#  define cmll_t4_ofb_cipher camellia_ofb_cipher
-static int cmll_t4_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                              const unsigned char *in, size_t len);
-
-#  define cmll_t4_cfb_cipher camellia_cfb_cipher
-static int cmll_t4_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                              const unsigned char *in, size_t len);
-
-#  define cmll_t4_cfb8_cipher camellia_cfb8_cipher
-static int cmll_t4_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                               const unsigned char *in, size_t len);
-
-#  define cmll_t4_cfb1_cipher camellia_cfb1_cipher
-static int cmll_t4_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                               const unsigned char *in, size_t len);
-
-#  define cmll_t4_ctr_cipher camellia_ctr_cipher
-static int cmll_t4_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                              const unsigned char *in, size_t len);
-
-#  define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
-static const EVP_CIPHER cmll_t4_##keylen##_##mode = { \
-        nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
-        flags|EVP_CIPH_##MODE##_MODE,   \
-        cmll_t4_init_key,               \
-        cmll_t4_##mode##_cipher,        \
-        NULL,                           \
-        sizeof(EVP_CAMELLIA_KEY),       \
-        NULL,NULL,NULL,NULL }; \
-static const EVP_CIPHER camellia_##keylen##_##mode = { \
-        nid##_##keylen##_##nmode,blocksize,     \
-        keylen/8,ivlen, \
-        flags|EVP_CIPH_##MODE##_MODE,   \
-        camellia_init_key,              \
-        camellia_##mode##_cipher,       \
-        NULL,                           \
-        sizeof(EVP_CAMELLIA_KEY),       \
-        NULL,NULL,NULL,NULL }; \
-const EVP_CIPHER *EVP_camellia_##keylen##_##mode(void) \
-{ return SPARC_CMLL_CAPABLE?&cmll_t4_##keylen##_##mode:&camellia_##keylen##_##mode; }
-
-# else
-
-#  define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
-static const EVP_CIPHER camellia_##keylen##_##mode = { \
-        nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
-        flags|EVP_CIPH_##MODE##_MODE,   \
-        camellia_init_key,              \
-        camellia_##mode##_cipher,       \
-        NULL,                           \
-        sizeof(EVP_CAMELLIA_KEY),       \
-        NULL,NULL,NULL,NULL }; \
-const EVP_CIPHER *EVP_camellia_##keylen##_##mode(void) \
-{ return &camellia_##keylen##_##mode; }
-
-# endif
-
-# define BLOCK_CIPHER_generic_pack(nid,keylen,flags)             \
-        BLOCK_CIPHER_generic(nid,keylen,16,16,cbc,cbc,CBC,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)     \
-        BLOCK_CIPHER_generic(nid,keylen,16,0,ecb,ecb,ECB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)      \
-        BLOCK_CIPHER_generic(nid,keylen,1,16,ofb128,ofb,OFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)   \
-        BLOCK_CIPHER_generic(nid,keylen,1,16,cfb128,cfb,CFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)   \
-        BLOCK_CIPHER_generic(nid,keylen,1,16,cfb1,cfb1,CFB,flags)       \
-        BLOCK_CIPHER_generic(nid,keylen,1,16,cfb8,cfb8,CFB,flags)
-# if 0                          /* not yet, missing NID */
-BLOCK_CIPHER_generic(nid, keylen, 1, 16, ctr, ctr, CTR, flags)
-# endif
-/* The subkey for Camellia is generated. */
-static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                             const unsigned char *iv, int enc)
-{
-    int ret, mode;
-    EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data;
-
-    ret = Camellia_set_key(key, ctx->key_len * 8, &dat->ks);
-    if (ret < 0) {
-        EVPerr(EVP_F_CAMELLIA_INIT_KEY, EVP_R_CAMELLIA_KEY_SETUP_FAILED);
-        return 0;
-    }
-
-    mode = ctx->cipher->flags & EVP_CIPH_MODE;
-    if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
-        && !enc) {
-        dat->block = (block128_f) Camellia_decrypt;
-        dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
-            (cbc128_f) Camellia_cbc_encrypt : NULL;
-    } else {
-        dat->block = (block128_f) Camellia_encrypt;
-        dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
-            (cbc128_f) Camellia_cbc_encrypt : NULL;
-    }
-
-    return 1;
-}
-
-static int camellia_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                               const unsigned char *in, size_t len)
-{
-    EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data;
-
-    if (dat->stream.cbc)
-        (*dat->stream.cbc) (in, out, len, &dat->ks, ctx->iv, ctx->encrypt);
-    else if (ctx->encrypt)
-        CRYPTO_cbc128_encrypt(in, out, len, &dat->ks, ctx->iv, dat->block);
-    else
-        CRYPTO_cbc128_decrypt(in, out, len, &dat->ks, ctx->iv, dat->block);
-
-    return 1;
-}
-
-static int camellia_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                               const unsigned char *in, size_t len)
-{
-    size_t bl = ctx->cipher->block_size;
-    size_t i;
-    EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data;
-
-    if (len < bl)
-        return 1;
-
-    for (i = 0, len -= bl; i <= len; i += bl)
-        (*dat->block) (in + i, out + i, &dat->ks);
-
-    return 1;
-}
-
-static int camellia_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                               const unsigned char *in, size_t len)
-{
-    EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data;
-
-    CRYPTO_ofb128_encrypt(in, out, len, &dat->ks,
-                          ctx->iv, &ctx->num, dat->block);
-    return 1;
-}
-
-static int camellia_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                               const unsigned char *in, size_t len)
-{
-    EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data;
-
-    CRYPTO_cfb128_encrypt(in, out, len, &dat->ks,
-                          ctx->iv, &ctx->num, ctx->encrypt, dat->block);
-    return 1;
-}
-
-static int camellia_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                                const unsigned char *in, size_t len)
-{
-    EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data;
-
-    CRYPTO_cfb128_8_encrypt(in, out, len, &dat->ks,
-                            ctx->iv, &ctx->num, ctx->encrypt, dat->block);
-    return 1;
-}
-
-static int camellia_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                                const unsigned char *in, size_t len)
-{
-    EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data;
-
-    if (ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) {
-        CRYPTO_cfb128_1_encrypt(in, out, len, &dat->ks,
-                                ctx->iv, &ctx->num, ctx->encrypt, dat->block);
-        return 1;
-    }
-
-    while (len >= MAXBITCHUNK) {
-        CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks,
-                                ctx->iv, &ctx->num, ctx->encrypt, dat->block);
-        len -= MAXBITCHUNK;
-    }
-    if (len)
-        CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks,
-                                ctx->iv, &ctx->num, ctx->encrypt, dat->block);
-
-    return 1;
-}
-
-# if 0                          /* not yet, missing NID */
-static int camellia_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                               const unsigned char *in, size_t len)
-{
-    unsigned int num = ctx->num;
-    EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data;
-
-    if (dat->stream.ctr)
-        CRYPTO_ctr128_encrypt_ctr32(in, out, len, &dat->ks,
-                                    ctx->iv, ctx->buf, &num, dat->stream.ctr);
-    else
-        CRYPTO_ctr128_encrypt(in, out, len, &dat->ks,
-                              ctx->iv, ctx->buf, &num, dat->block);
-    ctx->num = (size_t)num;
-    return 1;
-}
-# endif
-
-BLOCK_CIPHER_generic_pack(NID_camellia, 128, 0)
-    BLOCK_CIPHER_generic_pack(NID_camellia, 192, 0)
-    BLOCK_CIPHER_generic_pack(NID_camellia, 256, 0)
-#else
-
-# ifdef PEDANTIC
-static void *dummy = &dummy;
-# endif
-
-#endif
diff --git a/thirdparty/openssl/crypto/evp/e_cast.c b/thirdparty/openssl/crypto/evp/e_cast.c
deleted file mode 100644
index 3f74548569..0000000000
--- a/thirdparty/openssl/crypto/evp/e_cast.c
+++ /dev/null
@@ -1,89 +0,0 @@
-/* crypto/evp/e_cast.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-
-#ifndef OPENSSL_NO_CAST
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include "evp_locl.h"
-# include <openssl/cast.h>
-
-static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                         const unsigned char *iv, int enc);
-
-typedef struct {
-    CAST_KEY ks;
-} EVP_CAST_KEY;
-
-# define data(ctx)       EVP_C_DATA(EVP_CAST_KEY,ctx)
-
-IMPLEMENT_BLOCK_CIPHER(cast5, ks, CAST, EVP_CAST_KEY,
-                       NID_cast5, 8, CAST_KEY_LENGTH, 8, 64,
-                       EVP_CIPH_VARIABLE_LENGTH, cast_init_key, NULL,
-                       EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
-
-static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                         const unsigned char *iv, int enc)
-{
-    CAST_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx), key);
-    return 1;
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/evp/e_des.c b/thirdparty/openssl/crypto/evp/e_des.c
deleted file mode 100644
index 8ca65cd03a..0000000000
--- a/thirdparty/openssl/crypto/evp/e_des.c
+++ /dev/null
@@ -1,269 +0,0 @@
-/* crypto/evp/e_des.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#ifndef OPENSSL_NO_DES
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include "evp_locl.h"
-# include <openssl/des.h>
-# include <openssl/rand.h>
-
-typedef struct {
-    union {
-        double align;
-        DES_key_schedule ks;
-    } ks;
-    union {
-        void (*cbc) (const void *, void *, size_t,
-                     const DES_key_schedule *, unsigned char *);
-    } stream;
-} EVP_DES_KEY;
-
-# if defined(AES_ASM) && (defined(__sparc) || defined(__sparc__))
-/* ----------^^^ this is not a typo, just a way to detect that
- * assembler support was in general requested... */
-#  include "sparc_arch.h"
-
-extern unsigned int OPENSSL_sparcv9cap_P[];
-
-#  define SPARC_DES_CAPABLE       (OPENSSL_sparcv9cap_P[1] & CFR_DES)
-
-void des_t4_key_expand(const void *key, DES_key_schedule *ks);
-void des_t4_cbc_encrypt(const void *inp, void *out, size_t len,
-                        const DES_key_schedule *ks, unsigned char iv[8]);
-void des_t4_cbc_decrypt(const void *inp, void *out, size_t len,
-                        const DES_key_schedule *ks, unsigned char iv[8]);
-# endif
-
-static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                        const unsigned char *iv, int enc);
-static int des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
-
-/*
- * Because of various casts and different names can't use
- * IMPLEMENT_BLOCK_CIPHER
- */
-
-static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                          const unsigned char *in, size_t inl)
-{
-    BLOCK_CIPHER_ecb_loop()
-        DES_ecb_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i),
-                        ctx->cipher_data, ctx->encrypt);
-    return 1;
-}
-
-static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                          const unsigned char *in, size_t inl)
-{
-    while (inl >= EVP_MAXCHUNK) {
-        DES_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
-                          (DES_cblock *)ctx->iv, &ctx->num);
-        inl -= EVP_MAXCHUNK;
-        in += EVP_MAXCHUNK;
-        out += EVP_MAXCHUNK;
-    }
-    if (inl)
-        DES_ofb64_encrypt(in, out, (long)inl, ctx->cipher_data,
-                          (DES_cblock *)ctx->iv, &ctx->num);
-    return 1;
-}
-
-static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                          const unsigned char *in, size_t inl)
-{
-    EVP_DES_KEY *dat = (EVP_DES_KEY *) ctx->cipher_data;
-
-    if (dat->stream.cbc != NULL) {
-        (*dat->stream.cbc) (in, out, inl, &dat->ks.ks, ctx->iv);
-        return 1;
-    }
-    while (inl >= EVP_MAXCHUNK) {
-        DES_ncbc_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
-                         (DES_cblock *)ctx->iv, ctx->encrypt);
-        inl -= EVP_MAXCHUNK;
-        in += EVP_MAXCHUNK;
-        out += EVP_MAXCHUNK;
-    }
-    if (inl)
-        DES_ncbc_encrypt(in, out, (long)inl, ctx->cipher_data,
-                         (DES_cblock *)ctx->iv, ctx->encrypt);
-    return 1;
-}
-
-static int des_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                            const unsigned char *in, size_t inl)
-{
-    while (inl >= EVP_MAXCHUNK) {
-        DES_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
-                          (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
-        inl -= EVP_MAXCHUNK;
-        in += EVP_MAXCHUNK;
-        out += EVP_MAXCHUNK;
-    }
-    if (inl)
-        DES_cfb64_encrypt(in, out, (long)inl, ctx->cipher_data,
-                          (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
-    return 1;
-}
-
-/*
- * Although we have a CFB-r implementation for DES, it doesn't pack the right
- * way, so wrap it here
- */
-static int des_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                           const unsigned char *in, size_t inl)
-{
-    size_t n, chunk = EVP_MAXCHUNK / 8;
-    unsigned char c[1], d[1];
-
-    if (inl < chunk)
-        chunk = inl;
-
-    while (inl && inl >= chunk) {
-        for (n = 0; n < chunk * 8; ++n) {
-            c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
-            DES_cfb_encrypt(c, d, 1, 1, ctx->cipher_data,
-                            (DES_cblock *)ctx->iv, ctx->encrypt);
-            out[n / 8] =
-                (out[n / 8] & ~(0x80 >> (unsigned int)(n % 8))) |
-                ((d[0] & 0x80) >> (unsigned int)(n % 8));
-        }
-        inl -= chunk;
-        in += chunk;
-        out += chunk;
-        if (inl < chunk)
-            chunk = inl;
-    }
-
-    return 1;
-}
-
-static int des_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                           const unsigned char *in, size_t inl)
-{
-    while (inl >= EVP_MAXCHUNK) {
-        DES_cfb_encrypt(in, out, 8, (long)EVP_MAXCHUNK, ctx->cipher_data,
-                        (DES_cblock *)ctx->iv, ctx->encrypt);
-        inl -= EVP_MAXCHUNK;
-        in += EVP_MAXCHUNK;
-        out += EVP_MAXCHUNK;
-    }
-    if (inl)
-        DES_cfb_encrypt(in, out, 8, (long)inl, ctx->cipher_data,
-                        (DES_cblock *)ctx->iv, ctx->encrypt);
-    return 1;
-}
-
-BLOCK_CIPHER_defs(des, EVP_DES_KEY, NID_des, 8, 8, 8, 64,
-                  EVP_CIPH_RAND_KEY, des_init_key, NULL,
-                  EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl)
-
-    BLOCK_CIPHER_def_cfb(des, EVP_DES_KEY, NID_des, 8, 8, 1,
-                     EVP_CIPH_RAND_KEY, des_init_key, NULL,
-                     EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl)
-
-    BLOCK_CIPHER_def_cfb(des, EVP_DES_KEY, NID_des, 8, 8, 8,
-                     EVP_CIPH_RAND_KEY, des_init_key, NULL,
-                     EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl)
-
-static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                        const unsigned char *iv, int enc)
-{
-    DES_cblock *deskey = (DES_cblock *)key;
-    EVP_DES_KEY *dat = (EVP_DES_KEY *) ctx->cipher_data;
-
-    dat->stream.cbc = NULL;
-# if defined(SPARC_DES_CAPABLE)
-    if (SPARC_DES_CAPABLE) {
-        int mode = ctx->cipher->flags & EVP_CIPH_MODE;
-
-        if (mode == EVP_CIPH_CBC_MODE) {
-            des_t4_key_expand(key, &dat->ks.ks);
-            dat->stream.cbc = enc ? des_t4_cbc_encrypt : des_t4_cbc_decrypt;
-            return 1;
-        }
-    }
-# endif
-# ifdef EVP_CHECK_DES_KEY
-    if (DES_set_key_checked(deskey, dat->ks.ks) != 0)
-        return 0;
-# else
-    DES_set_key_unchecked(deskey, ctx->cipher_data);
-# endif
-    return 1;
-}
-
-static int des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
-{
-
-    switch (type) {
-    case EVP_CTRL_RAND_KEY:
-        if (RAND_bytes(ptr, 8) <= 0)
-            return 0;
-        DES_set_odd_parity((DES_cblock *)ptr);
-        return 1;
-
-    default:
-        return -1;
-    }
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/evp/e_des3.c b/thirdparty/openssl/crypto/evp/e_des3.c
deleted file mode 100644
index ab8126e5c9..0000000000
--- a/thirdparty/openssl/crypto/evp/e_des3.c
+++ /dev/null
@@ -1,497 +0,0 @@
-/* crypto/evp/e_des3.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#ifndef OPENSSL_NO_DES
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include "evp_locl.h"
-# include <openssl/des.h>
-# include <openssl/rand.h>
-
-/* Block use of implementations in FIPS mode */
-# undef EVP_CIPH_FLAG_FIPS
-# define EVP_CIPH_FLAG_FIPS      0
-
-typedef struct {
-    union {
-        double align;
-        DES_key_schedule ks[3];
-    } ks;
-    union {
-        void (*cbc) (const void *, void *, size_t,
-                     const DES_key_schedule *, unsigned char *);
-    } stream;
-} DES_EDE_KEY;
-# define ks1 ks.ks[0]
-# define ks2 ks.ks[1]
-# define ks3 ks.ks[2]
-
-# if defined(AES_ASM) && (defined(__sparc) || defined(__sparc__))
-/* ---------^^^ this is not a typo, just a way to detect that
- * assembler support was in general requested... */
-#  include "sparc_arch.h"
-
-extern unsigned int OPENSSL_sparcv9cap_P[];
-
-#  define SPARC_DES_CAPABLE       (OPENSSL_sparcv9cap_P[1] & CFR_DES)
-
-void des_t4_key_expand(const void *key, DES_key_schedule *ks);
-void des_t4_ede3_cbc_encrypt(const void *inp, void *out, size_t len,
-                             const DES_key_schedule ks[3], unsigned char iv[8]);
-void des_t4_ede3_cbc_decrypt(const void *inp, void *out, size_t len,
-                             const DES_key_schedule ks[3], unsigned char iv[8]);
-# endif
-
-static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                            const unsigned char *iv, int enc);
-
-static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                             const unsigned char *iv, int enc);
-
-static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
-
-# define data(ctx) ((DES_EDE_KEY *)(ctx)->cipher_data)
-
-/*
- * Because of various casts and different args can't use
- * IMPLEMENT_BLOCK_CIPHER
- */
-
-static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                              const unsigned char *in, size_t inl)
-{
-    BLOCK_CIPHER_ecb_loop()
-        DES_ecb3_encrypt((const_DES_cblock *)(in + i),
-                         (DES_cblock *)(out + i),
-                         &data(ctx)->ks1, &data(ctx)->ks2,
-                         &data(ctx)->ks3, ctx->encrypt);
-    return 1;
-}
-
-static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                              const unsigned char *in, size_t inl)
-{
-    while (inl >= EVP_MAXCHUNK) {
-        DES_ede3_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK,
-                               &data(ctx)->ks1, &data(ctx)->ks2,
-                               &data(ctx)->ks3, (DES_cblock *)ctx->iv,
-                               &ctx->num);
-        inl -= EVP_MAXCHUNK;
-        in += EVP_MAXCHUNK;
-        out += EVP_MAXCHUNK;
-    }
-    if (inl)
-        DES_ede3_ofb64_encrypt(in, out, (long)inl,
-                               &data(ctx)->ks1, &data(ctx)->ks2,
-                               &data(ctx)->ks3, (DES_cblock *)ctx->iv,
-                               &ctx->num);
-
-    return 1;
-}
-
-static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                              const unsigned char *in, size_t inl)
-{
-    DES_EDE_KEY *dat = data(ctx);
-
-# ifdef KSSL_DEBUG
-    {
-        int i;
-        fprintf(stderr, "des_ede_cbc_cipher(ctx=%p, buflen=%d)\n", ctx,
-                ctx->buf_len);
-        fprintf(stderr, "\t iv= ");
-        for (i = 0; i < 8; i++)
-            fprintf(stderr, "%02X", ctx->iv[i]);
-        fprintf(stderr, "\n");
-    }
-# endif                         /* KSSL_DEBUG */
-    if (dat->stream.cbc) {
-        (*dat->stream.cbc) (in, out, inl, dat->ks.ks, ctx->iv);
-        return 1;
-    }
-
-    while (inl >= EVP_MAXCHUNK) {
-        DES_ede3_cbc_encrypt(in, out, (long)EVP_MAXCHUNK,
-                             &dat->ks1, &dat->ks2, &dat->ks3,
-                             (DES_cblock *)ctx->iv, ctx->encrypt);
-        inl -= EVP_MAXCHUNK;
-        in += EVP_MAXCHUNK;
-        out += EVP_MAXCHUNK;
-    }
-    if (inl)
-        DES_ede3_cbc_encrypt(in, out, (long)inl,
-                             &dat->ks1, &dat->ks2, &dat->ks3,
-                             (DES_cblock *)ctx->iv, ctx->encrypt);
-    return 1;
-}
-
-static int des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                                const unsigned char *in, size_t inl)
-{
-    while (inl >= EVP_MAXCHUNK) {
-        DES_ede3_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK,
-                               &data(ctx)->ks1, &data(ctx)->ks2,
-                               &data(ctx)->ks3, (DES_cblock *)ctx->iv,
-                               &ctx->num, ctx->encrypt);
-        inl -= EVP_MAXCHUNK;
-        in += EVP_MAXCHUNK;
-        out += EVP_MAXCHUNK;
-    }
-    if (inl)
-        DES_ede3_cfb64_encrypt(in, out, (long)inl,
-                               &data(ctx)->ks1, &data(ctx)->ks2,
-                               &data(ctx)->ks3, (DES_cblock *)ctx->iv,
-                               &ctx->num, ctx->encrypt);
-    return 1;
-}
-
-/*
- * Although we have a CFB-r implementation for 3-DES, it doesn't pack the
- * right way, so wrap it here
- */
-static int des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                                const unsigned char *in, size_t inl)
-{
-    size_t n;
-    unsigned char c[1], d[1];
-
-    if (!EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS))
-            inl *= 8;
-    for (n = 0; n < inl; ++n) {
-        c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
-        DES_ede3_cfb_encrypt(c, d, 1, 1,
-                             &data(ctx)->ks1, &data(ctx)->ks2,
-                             &data(ctx)->ks3, (DES_cblock *)ctx->iv,
-                             ctx->encrypt);
-        out[n / 8] = (out[n / 8] & ~(0x80 >> (unsigned int)(n % 8)))
-            | ((d[0] & 0x80) >> (unsigned int)(n % 8));
-    }
-
-    return 1;
-}
-
-static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                                const unsigned char *in, size_t inl)
-{
-    while (inl >= EVP_MAXCHUNK) {
-        DES_ede3_cfb_encrypt(in, out, 8, (long)EVP_MAXCHUNK,
-                             &data(ctx)->ks1, &data(ctx)->ks2,
-                             &data(ctx)->ks3, (DES_cblock *)ctx->iv,
-                             ctx->encrypt);
-        inl -= EVP_MAXCHUNK;
-        in += EVP_MAXCHUNK;
-        out += EVP_MAXCHUNK;
-    }
-    if (inl)
-        DES_ede3_cfb_encrypt(in, out, 8, (long)inl,
-                             &data(ctx)->ks1, &data(ctx)->ks2,
-                             &data(ctx)->ks3, (DES_cblock *)ctx->iv,
-                             ctx->encrypt);
-    return 1;
-}
-
-BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64,
-                  EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1,
-                  des_ede_init_key, NULL, NULL, NULL, des3_ctrl)
-# define des_ede3_cfb64_cipher des_ede_cfb64_cipher
-# define des_ede3_ofb_cipher des_ede_ofb_cipher
-# define des_ede3_cbc_cipher des_ede_cbc_cipher
-# define des_ede3_ecb_cipher des_ede_ecb_cipher
-    BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64,
-                  EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_FIPS |
-                  EVP_CIPH_FLAG_DEFAULT_ASN1, des_ede3_init_key, NULL, NULL, NULL,
-                  des3_ctrl)
-
-    BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 1,
-                     EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_FIPS |
-                     EVP_CIPH_FLAG_DEFAULT_ASN1, des_ede3_init_key, NULL, NULL,
-                     NULL, des3_ctrl)
-
-    BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 8,
-                     EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_FIPS |
-                     EVP_CIPH_FLAG_DEFAULT_ASN1, des_ede3_init_key, NULL, NULL,
-                     NULL, des3_ctrl)
-
-static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                            const unsigned char *iv, int enc)
-{
-    DES_cblock *deskey = (DES_cblock *)key;
-    DES_EDE_KEY *dat = data(ctx);
-
-    dat->stream.cbc = NULL;
-# if defined(SPARC_DES_CAPABLE)
-    if (SPARC_DES_CAPABLE) {
-        int mode = ctx->cipher->flags & EVP_CIPH_MODE;
-
-        if (mode == EVP_CIPH_CBC_MODE) {
-            des_t4_key_expand(&deskey[0], &dat->ks1);
-            des_t4_key_expand(&deskey[1], &dat->ks2);
-            memcpy(&dat->ks3, &dat->ks1, sizeof(dat->ks1));
-            dat->stream.cbc = enc ? des_t4_ede3_cbc_encrypt :
-                des_t4_ede3_cbc_decrypt;
-            return 1;
-        }
-    }
-# endif
-# ifdef EVP_CHECK_DES_KEY
-    if (DES_set_key_checked(&deskey[0], &dat->ks1)
-        || DES_set_key_checked(&deskey[1], &dat->ks2))
-        return 0;
-# else
-    DES_set_key_unchecked(&deskey[0], &dat->ks1);
-    DES_set_key_unchecked(&deskey[1], &dat->ks2);
-# endif
-    memcpy(&dat->ks3, &dat->ks1, sizeof(dat->ks1));
-    return 1;
-}
-
-static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                             const unsigned char *iv, int enc)
-{
-    DES_cblock *deskey = (DES_cblock *)key;
-    DES_EDE_KEY *dat = data(ctx);
-
-# ifdef KSSL_DEBUG
-    {
-        int i;
-        fprintf(stderr, "des_ede3_init_key(ctx=%p)\n", ctx);
-        fprintf(stderr, "\tKEY= ");
-        for (i = 0; i < 24; i++)
-            fprintf(stderr, "%02X", key[i]);
-        fprintf(stderr, "\n");
-        if (iv) {
-            fprintf(stderr, "\t IV= ");
-            for (i = 0; i < 8; i++)
-                fprintf(stderr, "%02X", iv[i]);
-            fprintf(stderr, "\n");
-        }
-    }
-# endif                         /* KSSL_DEBUG */
-
-    dat->stream.cbc = NULL;
-# if defined(SPARC_DES_CAPABLE)
-    if (SPARC_DES_CAPABLE) {
-        int mode = ctx->cipher->flags & EVP_CIPH_MODE;
-
-        if (mode == EVP_CIPH_CBC_MODE) {
-            des_t4_key_expand(&deskey[0], &dat->ks1);
-            des_t4_key_expand(&deskey[1], &dat->ks2);
-            des_t4_key_expand(&deskey[2], &dat->ks3);
-            dat->stream.cbc = enc ? des_t4_ede3_cbc_encrypt :
-                des_t4_ede3_cbc_decrypt;
-            return 1;
-        }
-    }
-# endif
-# ifdef EVP_CHECK_DES_KEY
-    if (DES_set_key_checked(&deskey[0], &dat->ks1)
-        || DES_set_key_checked(&deskey[1], &dat->ks2)
-        || DES_set_key_checked(&deskey[2], &dat->ks3))
-        return 0;
-# else
-    DES_set_key_unchecked(&deskey[0], &dat->ks1);
-    DES_set_key_unchecked(&deskey[1], &dat->ks2);
-    DES_set_key_unchecked(&deskey[2], &dat->ks3);
-# endif
-    return 1;
-}
-
-static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
-{
-
-    DES_cblock *deskey = ptr;
-
-    switch (type) {
-    case EVP_CTRL_RAND_KEY:
-        if (RAND_bytes(ptr, c->key_len) <= 0)
-            return 0;
-        DES_set_odd_parity(deskey);
-        if (c->key_len >= 16)
-            DES_set_odd_parity(deskey + 1);
-        if (c->key_len >= 24)
-            DES_set_odd_parity(deskey + 2);
-        return 1;
-
-    default:
-        return -1;
-    }
-}
-
-const EVP_CIPHER *EVP_des_ede(void)
-{
-    return &des_ede_ecb;
-}
-
-const EVP_CIPHER *EVP_des_ede3(void)
-{
-    return &des_ede3_ecb;
-}
-
-# ifndef OPENSSL_NO_SHA
-
-#  include <openssl/sha.h>
-
-static const unsigned char wrap_iv[8] =
-    { 0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05 };
-
-static int des_ede3_unwrap(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                           const unsigned char *in, size_t inl)
-{
-    unsigned char icv[8], iv[8], sha1tmp[SHA_DIGEST_LENGTH];
-    int rv = -1;
-    if (inl < 24)
-        return -1;
-    if (out == NULL)
-        return inl - 16;
-    memcpy(ctx->iv, wrap_iv, 8);
-    /* Decrypt first block which will end up as icv */
-    des_ede_cbc_cipher(ctx, icv, in, 8);
-    /* Decrypt central blocks */
-    /*
-     * If decrypting in place move whole output along a block so the next
-     * des_ede_cbc_cipher is in place.
-     */
-    if (out == in) {
-        memmove(out, out + 8, inl - 8);
-        in -= 8;
-    }
-    des_ede_cbc_cipher(ctx, out, in + 8, inl - 16);
-    /* Decrypt final block which will be IV */
-    des_ede_cbc_cipher(ctx, iv, in + inl - 8, 8);
-    /* Reverse order of everything */
-    BUF_reverse(icv, NULL, 8);
-    BUF_reverse(out, NULL, inl - 16);
-    BUF_reverse(ctx->iv, iv, 8);
-    /* Decrypt again using new IV */
-    des_ede_cbc_cipher(ctx, out, out, inl - 16);
-    des_ede_cbc_cipher(ctx, icv, icv, 8);
-    /* Work out SHA1 hash of first portion */
-    SHA1(out, inl - 16, sha1tmp);
-
-    if (!CRYPTO_memcmp(sha1tmp, icv, 8))
-        rv = inl - 16;
-    OPENSSL_cleanse(icv, 8);
-    OPENSSL_cleanse(sha1tmp, SHA_DIGEST_LENGTH);
-    OPENSSL_cleanse(iv, 8);
-    OPENSSL_cleanse(ctx->iv, 8);
-    if (rv == -1)
-        OPENSSL_cleanse(out, inl - 16);
-
-    return rv;
-}
-
-static int des_ede3_wrap(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                         const unsigned char *in, size_t inl)
-{
-    unsigned char sha1tmp[SHA_DIGEST_LENGTH];
-    if (out == NULL)
-        return inl + 16;
-    /* Copy input to output buffer + 8 so we have space for IV */
-    memmove(out + 8, in, inl);
-    /* Work out ICV */
-    SHA1(in, inl, sha1tmp);
-    memcpy(out + inl + 8, sha1tmp, 8);
-    OPENSSL_cleanse(sha1tmp, SHA_DIGEST_LENGTH);
-    /* Generate random IV */
-    if (RAND_bytes(ctx->iv, 8) <= 0)
-        return -1;
-    memcpy(out, ctx->iv, 8);
-    /* Encrypt everything after IV in place */
-    des_ede_cbc_cipher(ctx, out + 8, out + 8, inl + 8);
-    BUF_reverse(out, NULL, inl + 16);
-    memcpy(ctx->iv, wrap_iv, 8);
-    des_ede_cbc_cipher(ctx, out, out, inl + 16);
-    return inl + 16;
-}
-
-static int des_ede3_wrap_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                                const unsigned char *in, size_t inl)
-{
-    /*
-     * Sanity check input length: we typically only wrap keys so EVP_MAXCHUNK
-     * is more than will ever be needed. Also input length must be a multiple
-     * of 8 bits.
-     */
-    if (inl >= EVP_MAXCHUNK || inl % 8)
-        return -1;
-    if (ctx->encrypt)
-        return des_ede3_wrap(ctx, out, in, inl);
-    else
-        return des_ede3_unwrap(ctx, out, in, inl);
-}
-
-static const EVP_CIPHER des3_wrap = {
-    NID_id_smime_alg_CMS3DESwrap,
-    8, 24, 0,
-    EVP_CIPH_WRAP_MODE | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER
-        | EVP_CIPH_FLAG_DEFAULT_ASN1,
-    des_ede3_init_key, des_ede3_wrap_cipher,
-    NULL,
-    sizeof(DES_EDE_KEY),
-    NULL, NULL, NULL, NULL
-};
-
-const EVP_CIPHER *EVP_des_ede3_wrap(void)
-{
-    return &des3_wrap;
-}
-
-# endif
-#endif
diff --git a/thirdparty/openssl/crypto/evp/e_dsa.c b/thirdparty/openssl/crypto/evp/e_dsa.c
deleted file mode 100644
index 523993f4d9..0000000000
--- a/thirdparty/openssl/crypto/evp/e_dsa.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/* crypto/evp/e_dsa.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-static EVP_PKEY_METHOD dss_method = {
-    DSA_sign,
-    DSA_verify,
-    {EVP_PKEY_DSA, EVP_PKEY_DSA2, EVP_PKEY_DSA3, NULL},
-};
diff --git a/thirdparty/openssl/crypto/evp/e_idea.c b/thirdparty/openssl/crypto/evp/e_idea.c
deleted file mode 100644
index cac72b33ba..0000000000
--- a/thirdparty/openssl/crypto/evp/e_idea.c
+++ /dev/null
@@ -1,119 +0,0 @@
-/* crypto/evp/e_idea.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-
-#ifndef OPENSSL_NO_IDEA
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include "evp_locl.h"
-# include <openssl/idea.h>
-
-static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                         const unsigned char *iv, int enc);
-
-/*
- * NB idea_ecb_encrypt doesn't take an 'encrypt' argument so we treat it as a
- * special case
- */
-
-static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                           const unsigned char *in, size_t inl)
-{
-    BLOCK_CIPHER_ecb_loop()
-        idea_ecb_encrypt(in + i, out + i, ctx->cipher_data);
-    return 1;
-}
-
-/* Can't use IMPLEMENT_BLOCK_CIPHER because idea_ecb_encrypt is different */
-
-typedef struct {
-    IDEA_KEY_SCHEDULE ks;
-} EVP_IDEA_KEY;
-
-BLOCK_CIPHER_func_cbc(idea, idea, EVP_IDEA_KEY, ks)
-    BLOCK_CIPHER_func_ofb(idea, idea, 64, EVP_IDEA_KEY, ks)
-    BLOCK_CIPHER_func_cfb(idea, idea, 64, EVP_IDEA_KEY, ks)
-
-    BLOCK_CIPHER_defs(idea, IDEA_KEY_SCHEDULE, NID_idea, 8, 16, 8, 64,
-                  0, idea_init_key, NULL,
-                  EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
-
-static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                         const unsigned char *iv, int enc)
-{
-    if (!enc) {
-        if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE)
-            enc = 1;
-        else if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE)
-            enc = 1;
-    }
-    if (enc)
-        idea_set_encrypt_key(key, ctx->cipher_data);
-    else {
-        IDEA_KEY_SCHEDULE tmp;
-
-        idea_set_encrypt_key(key, &tmp);
-        idea_set_decrypt_key(&tmp, ctx->cipher_data);
-        OPENSSL_cleanse((unsigned char *)&tmp, sizeof(IDEA_KEY_SCHEDULE));
-    }
-    return 1;
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/evp/e_null.c b/thirdparty/openssl/crypto/evp/e_null.c
deleted file mode 100644
index 599fcb808d..0000000000
--- a/thirdparty/openssl/crypto/evp/e_null.c
+++ /dev/null
@@ -1,100 +0,0 @@
-/* crypto/evp/e_null.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                         const unsigned char *iv, int enc);
-static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                       const unsigned char *in, size_t inl);
-static const EVP_CIPHER n_cipher = {
-    NID_undef,
-    1, 0, 0,
-    0,
-    null_init_key,
-    null_cipher,
-    NULL,
-    0,
-    NULL,
-    NULL,
-    NULL,
-    NULL
-};
-
-const EVP_CIPHER *EVP_enc_null(void)
-{
-    return (&n_cipher);
-}
-
-static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                         const unsigned char *iv, int enc)
-{
-    /*      memset(&(ctx->c),0,sizeof(ctx->c)); */
-    return 1;
-}
-
-static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                       const unsigned char *in, size_t inl)
-{
-    if (in != out)
-        memcpy((char *)out, (const char *)in, inl);
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/evp/e_old.c b/thirdparty/openssl/crypto/evp/e_old.c
deleted file mode 100644
index a23d143b7f..0000000000
--- a/thirdparty/openssl/crypto/evp/e_old.c
+++ /dev/null
@@ -1,164 +0,0 @@
-/* crypto/evp/e_old.c */
-/*
- * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
- * 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifdef OPENSSL_NO_DEPRECATED
-static void *dummy = &dummy;
-#else
-
-# include <openssl/evp.h>
-
-/*
- * Define some deprecated functions, so older programs don't crash and burn
- * too quickly.  On Windows and VMS, these will never be used, since
- * functions and variables in shared libraries are selected by entry point
- * location, not by name.
- */
-
-# ifndef OPENSSL_NO_BF
-#  undef EVP_bf_cfb
-const EVP_CIPHER *EVP_bf_cfb(void);
-const EVP_CIPHER *EVP_bf_cfb(void)
-{
-    return EVP_bf_cfb64();
-}
-# endif
-
-# ifndef OPENSSL_NO_DES
-#  undef EVP_des_cfb
-const EVP_CIPHER *EVP_des_cfb(void);
-const EVP_CIPHER *EVP_des_cfb(void)
-{
-    return EVP_des_cfb64();
-}
-
-#  undef EVP_des_ede3_cfb
-const EVP_CIPHER *EVP_des_ede3_cfb(void);
-const EVP_CIPHER *EVP_des_ede3_cfb(void)
-{
-    return EVP_des_ede3_cfb64();
-}
-
-#  undef EVP_des_ede_cfb
-const EVP_CIPHER *EVP_des_ede_cfb(void);
-const EVP_CIPHER *EVP_des_ede_cfb(void)
-{
-    return EVP_des_ede_cfb64();
-}
-# endif
-
-# ifndef OPENSSL_NO_IDEA
-#  undef EVP_idea_cfb
-const EVP_CIPHER *EVP_idea_cfb(void);
-const EVP_CIPHER *EVP_idea_cfb(void)
-{
-    return EVP_idea_cfb64();
-}
-# endif
-
-# ifndef OPENSSL_NO_RC2
-#  undef EVP_rc2_cfb
-const EVP_CIPHER *EVP_rc2_cfb(void);
-const EVP_CIPHER *EVP_rc2_cfb(void)
-{
-    return EVP_rc2_cfb64();
-}
-# endif
-
-# ifndef OPENSSL_NO_CAST
-#  undef EVP_cast5_cfb
-const EVP_CIPHER *EVP_cast5_cfb(void);
-const EVP_CIPHER *EVP_cast5_cfb(void)
-{
-    return EVP_cast5_cfb64();
-}
-# endif
-
-# ifndef OPENSSL_NO_RC5
-#  undef EVP_rc5_32_12_16_cfb
-const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void);
-const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void)
-{
-    return EVP_rc5_32_12_16_cfb64();
-}
-# endif
-
-# ifndef OPENSSL_NO_AES
-#  undef EVP_aes_128_cfb
-const EVP_CIPHER *EVP_aes_128_cfb(void);
-const EVP_CIPHER *EVP_aes_128_cfb(void)
-{
-    return EVP_aes_128_cfb128();
-}
-
-#  undef EVP_aes_192_cfb
-const EVP_CIPHER *EVP_aes_192_cfb(void);
-const EVP_CIPHER *EVP_aes_192_cfb(void)
-{
-    return EVP_aes_192_cfb128();
-}
-
-#  undef EVP_aes_256_cfb
-const EVP_CIPHER *EVP_aes_256_cfb(void);
-const EVP_CIPHER *EVP_aes_256_cfb(void)
-{
-    return EVP_aes_256_cfb128();
-}
-# endif
-
-#endif
diff --git a/thirdparty/openssl/crypto/evp/e_rc2.c b/thirdparty/openssl/crypto/evp/e_rc2.c
deleted file mode 100644
index 718cc8694f..0000000000
--- a/thirdparty/openssl/crypto/evp/e_rc2.c
+++ /dev/null
@@ -1,235 +0,0 @@
-/* crypto/evp/e_rc2.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-
-#ifndef OPENSSL_NO_RC2
-
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include "evp_locl.h"
-# include <openssl/rc2.h>
-
-static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                        const unsigned char *iv, int enc);
-static int rc2_meth_to_magic(EVP_CIPHER_CTX *ctx);
-static int rc2_magic_to_meth(int i);
-static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
-
-typedef struct {
-    int key_bits;               /* effective key bits */
-    RC2_KEY ks;                 /* key schedule */
-} EVP_RC2_KEY;
-
-# define data(ctx)       ((EVP_RC2_KEY *)(ctx)->cipher_data)
-
-IMPLEMENT_BLOCK_CIPHER(rc2, ks, RC2, EVP_RC2_KEY, NID_rc2,
-                       8,
-                       RC2_KEY_LENGTH, 8, 64,
-                       EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
-                       rc2_init_key, NULL,
-                       rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv,
-                       rc2_ctrl)
-# define RC2_40_MAGIC    0xa0
-# define RC2_64_MAGIC    0x78
-# define RC2_128_MAGIC   0x3a
-static const EVP_CIPHER r2_64_cbc_cipher = {
-    NID_rc2_64_cbc,
-    8, 8 /* 64 bit */ , 8,
-    EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
-    rc2_init_key,
-    rc2_cbc_cipher,
-    NULL,
-    sizeof(EVP_RC2_KEY),
-    rc2_set_asn1_type_and_iv,
-    rc2_get_asn1_type_and_iv,
-    rc2_ctrl,
-    NULL
-};
-
-static const EVP_CIPHER r2_40_cbc_cipher = {
-    NID_rc2_40_cbc,
-    8, 5 /* 40 bit */ , 8,
-    EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
-    rc2_init_key,
-    rc2_cbc_cipher,
-    NULL,
-    sizeof(EVP_RC2_KEY),
-    rc2_set_asn1_type_and_iv,
-    rc2_get_asn1_type_and_iv,
-    rc2_ctrl,
-    NULL
-};
-
-const EVP_CIPHER *EVP_rc2_64_cbc(void)
-{
-    return (&r2_64_cbc_cipher);
-}
-
-const EVP_CIPHER *EVP_rc2_40_cbc(void)
-{
-    return (&r2_40_cbc_cipher);
-}
-
-static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                        const unsigned char *iv, int enc)
-{
-    RC2_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx),
-                key, data(ctx)->key_bits);
-    return 1;
-}
-
-static int rc2_meth_to_magic(EVP_CIPHER_CTX *e)
-{
-    int i;
-
-    EVP_CIPHER_CTX_ctrl(e, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i);
-    if (i == 128)
-        return (RC2_128_MAGIC);
-    else if (i == 64)
-        return (RC2_64_MAGIC);
-    else if (i == 40)
-        return (RC2_40_MAGIC);
-    else
-        return (0);
-}
-
-static int rc2_magic_to_meth(int i)
-{
-    if (i == RC2_128_MAGIC)
-        return 128;
-    else if (i == RC2_64_MAGIC)
-        return 64;
-    else if (i == RC2_40_MAGIC)
-        return 40;
-    else {
-        EVPerr(EVP_F_RC2_MAGIC_TO_METH, EVP_R_UNSUPPORTED_KEY_SIZE);
-        return (0);
-    }
-}
-
-static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-{
-    long num = 0;
-    int i = 0;
-    int key_bits;
-    unsigned int l;
-    unsigned char iv[EVP_MAX_IV_LENGTH];
-
-    if (type != NULL) {
-        l = EVP_CIPHER_CTX_iv_length(c);
-        OPENSSL_assert(l <= sizeof(iv));
-        i = ASN1_TYPE_get_int_octetstring(type, &num, iv, l);
-        if (i != (int)l)
-            return (-1);
-        key_bits = rc2_magic_to_meth((int)num);
-        if (!key_bits)
-            return (-1);
-        if (i > 0 && !EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1))
-            return -1;
-        EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL);
-        EVP_CIPHER_CTX_set_key_length(c, key_bits / 8);
-    }
-    return (i);
-}
-
-static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-{
-    long num;
-    int i = 0, j;
-
-    if (type != NULL) {
-        num = rc2_meth_to_magic(c);
-        j = EVP_CIPHER_CTX_iv_length(c);
-        i = ASN1_TYPE_set_int_octetstring(type, num, c->oiv, j);
-    }
-    return (i);
-}
-
-static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
-{
-    switch (type) {
-    case EVP_CTRL_INIT:
-        data(c)->key_bits = EVP_CIPHER_CTX_key_length(c) * 8;
-        return 1;
-
-    case EVP_CTRL_GET_RC2_KEY_BITS:
-        *(int *)ptr = data(c)->key_bits;
-        return 1;
-
-    case EVP_CTRL_SET_RC2_KEY_BITS:
-        if (arg > 0) {
-            data(c)->key_bits = arg;
-            return 1;
-        }
-        return 0;
-# ifdef PBE_PRF_TEST
-    case EVP_CTRL_PBE_PRF_NID:
-        *(int *)ptr = NID_hmacWithMD5;
-        return 1;
-# endif
-
-    default:
-        return -1;
-    }
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/evp/e_rc4.c b/thirdparty/openssl/crypto/evp/e_rc4.c
deleted file mode 100644
index 08e48f391d..0000000000
--- a/thirdparty/openssl/crypto/evp/e_rc4.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/* crypto/evp/e_rc4.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-
-#ifndef OPENSSL_NO_RC4
-
-# include <openssl/evp.h>
-# include "evp_locl.h"
-# include <openssl/objects.h>
-# include <openssl/rc4.h>
-
-/* FIXME: surely this is available elsewhere? */
-# define EVP_RC4_KEY_SIZE                16
-
-typedef struct {
-    RC4_KEY ks;                 /* working key */
-} EVP_RC4_KEY;
-
-# define data(ctx) ((EVP_RC4_KEY *)(ctx)->cipher_data)
-
-static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                        const unsigned char *iv, int enc);
-static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                      const unsigned char *in, size_t inl);
-static const EVP_CIPHER r4_cipher = {
-    NID_rc4,
-    1, EVP_RC4_KEY_SIZE, 0,
-    EVP_CIPH_VARIABLE_LENGTH,
-    rc4_init_key,
-    rc4_cipher,
-    NULL,
-    sizeof(EVP_RC4_KEY),
-    NULL,
-    NULL,
-    NULL,
-    NULL
-};
-
-static const EVP_CIPHER r4_40_cipher = {
-    NID_rc4_40,
-    1, 5 /* 40 bit */ , 0,
-    EVP_CIPH_VARIABLE_LENGTH,
-    rc4_init_key,
-    rc4_cipher,
-    NULL,
-    sizeof(EVP_RC4_KEY),
-    NULL,
-    NULL,
-    NULL,
-    NULL
-};
-
-const EVP_CIPHER *EVP_rc4(void)
-{
-    return (&r4_cipher);
-}
-
-const EVP_CIPHER *EVP_rc4_40(void)
-{
-    return (&r4_40_cipher);
-}
-
-static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                        const unsigned char *iv, int enc)
-{
-    RC4_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx), key);
-    return 1;
-}
-
-static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                      const unsigned char *in, size_t inl)
-{
-    RC4(&data(ctx)->ks, inl, in, out);
-    return 1;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/evp/e_rc4_hmac_md5.c b/thirdparty/openssl/crypto/evp/e_rc4_hmac_md5.c
deleted file mode 100644
index 93cfe3f107..0000000000
--- a/thirdparty/openssl/crypto/evp/e_rc4_hmac_md5.c
+++ /dev/null
@@ -1,312 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/opensslconf.h>
-
-#include <stdio.h>
-#include <string.h>
-
-#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_MD5)
-
-# include <openssl/crypto.h>
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include <openssl/rc4.h>
-# include <openssl/md5.h>
-
-# ifndef EVP_CIPH_FLAG_AEAD_CIPHER
-#  define EVP_CIPH_FLAG_AEAD_CIPHER       0x200000
-#  define EVP_CTRL_AEAD_TLS1_AAD          0x16
-#  define EVP_CTRL_AEAD_SET_MAC_KEY       0x17
-# endif
-
-/* FIXME: surely this is available elsewhere? */
-# define EVP_RC4_KEY_SIZE                16
-
-typedef struct {
-    RC4_KEY ks;
-    MD5_CTX head, tail, md;
-    size_t payload_length;
-} EVP_RC4_HMAC_MD5;
-
-# define NO_PAYLOAD_LENGTH       ((size_t)-1)
-
-void rc4_md5_enc(RC4_KEY *key, const void *in0, void *out,
-                 MD5_CTX *ctx, const void *inp, size_t blocks);
-
-# define data(ctx) ((EVP_RC4_HMAC_MD5 *)(ctx)->cipher_data)
-
-static int rc4_hmac_md5_init_key(EVP_CIPHER_CTX *ctx,
-                                 const unsigned char *inkey,
-                                 const unsigned char *iv, int enc)
-{
-    EVP_RC4_HMAC_MD5 *key = data(ctx);
-
-    RC4_set_key(&key->ks, EVP_CIPHER_CTX_key_length(ctx), inkey);
-
-    MD5_Init(&key->head);       /* handy when benchmarking */
-    key->tail = key->head;
-    key->md = key->head;
-
-    key->payload_length = NO_PAYLOAD_LENGTH;
-
-    return 1;
-}
-
-# if     defined(RC4_ASM) && defined(MD5_ASM) &&     (	   \
-        defined(__x86_64)       || defined(__x86_64__)  || \
-        defined(_M_AMD64)       || defined(_M_X64)      || \
-        defined(__INTEL__)              ) && \
-        !(defined(__APPLE__) && defined(__MACH__))
-#  define STITCHED_CALL
-# endif
-
-# if !defined(STITCHED_CALL)
-#  define rc4_off 0
-#  define md5_off 0
-# endif
-
-static int rc4_hmac_md5_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                               const unsigned char *in, size_t len)
-{
-    EVP_RC4_HMAC_MD5 *key = data(ctx);
-# if defined(STITCHED_CALL)
-    size_t rc4_off = 32 - 1 - (key->ks.x & (32 - 1)), /* 32 is $MOD from
-                                                       * rc4_md5-x86_64.pl */
-        md5_off = MD5_CBLOCK - key->md.num, blocks;
-    unsigned int l;
-    extern unsigned int OPENSSL_ia32cap_P[];
-# endif
-    size_t plen = key->payload_length;
-
-    if (plen != NO_PAYLOAD_LENGTH && len != (plen + MD5_DIGEST_LENGTH))
-        return 0;
-
-    if (ctx->encrypt) {
-        if (plen == NO_PAYLOAD_LENGTH)
-            plen = len;
-# if defined(STITCHED_CALL)
-        /* cipher has to "fall behind" */
-        if (rc4_off > md5_off)
-            md5_off += MD5_CBLOCK;
-
-        if (plen > md5_off && (blocks = (plen - md5_off) / MD5_CBLOCK) &&
-            (OPENSSL_ia32cap_P[0] & (1 << 20)) == 0) {
-            MD5_Update(&key->md, in, md5_off);
-            RC4(&key->ks, rc4_off, in, out);
-
-            rc4_md5_enc(&key->ks, in + rc4_off, out + rc4_off,
-                        &key->md, in + md5_off, blocks);
-            blocks *= MD5_CBLOCK;
-            rc4_off += blocks;
-            md5_off += blocks;
-            key->md.Nh += blocks >> 29;
-            key->md.Nl += blocks <<= 3;
-            if (key->md.Nl < (unsigned int)blocks)
-                key->md.Nh++;
-        } else {
-            rc4_off = 0;
-            md5_off = 0;
-        }
-# endif
-        MD5_Update(&key->md, in + md5_off, plen - md5_off);
-
-        if (plen != len) {      /* "TLS" mode of operation */
-            if (in != out)
-                memcpy(out + rc4_off, in + rc4_off, plen - rc4_off);
-
-            /* calculate HMAC and append it to payload */
-            MD5_Final(out + plen, &key->md);
-            key->md = key->tail;
-            MD5_Update(&key->md, out + plen, MD5_DIGEST_LENGTH);
-            MD5_Final(out + plen, &key->md);
-            /* encrypt HMAC at once */
-            RC4(&key->ks, len - rc4_off, out + rc4_off, out + rc4_off);
-        } else {
-            RC4(&key->ks, len - rc4_off, in + rc4_off, out + rc4_off);
-        }
-    } else {
-        unsigned char mac[MD5_DIGEST_LENGTH];
-# if defined(STITCHED_CALL)
-        /* digest has to "fall behind" */
-        if (md5_off > rc4_off)
-            rc4_off += 2 * MD5_CBLOCK;
-        else
-            rc4_off += MD5_CBLOCK;
-
-        if (len > rc4_off && (blocks = (len - rc4_off) / MD5_CBLOCK) &&
-            (OPENSSL_ia32cap_P[0] & (1 << 20)) == 0) {
-            RC4(&key->ks, rc4_off, in, out);
-            MD5_Update(&key->md, out, md5_off);
-
-            rc4_md5_enc(&key->ks, in + rc4_off, out + rc4_off,
-                        &key->md, out + md5_off, blocks);
-            blocks *= MD5_CBLOCK;
-            rc4_off += blocks;
-            md5_off += blocks;
-            l = (key->md.Nl + (blocks << 3)) & 0xffffffffU;
-            if (l < key->md.Nl)
-                key->md.Nh++;
-            key->md.Nl = l;
-            key->md.Nh += blocks >> 29;
-        } else {
-            md5_off = 0;
-            rc4_off = 0;
-        }
-# endif
-        /* decrypt HMAC at once */
-        RC4(&key->ks, len - rc4_off, in + rc4_off, out + rc4_off);
-        if (plen != NO_PAYLOAD_LENGTH) { /* "TLS" mode of operation */
-            MD5_Update(&key->md, out + md5_off, plen - md5_off);
-
-            /* calculate HMAC and verify it */
-            MD5_Final(mac, &key->md);
-            key->md = key->tail;
-            MD5_Update(&key->md, mac, MD5_DIGEST_LENGTH);
-            MD5_Final(mac, &key->md);
-
-            if (CRYPTO_memcmp(out + plen, mac, MD5_DIGEST_LENGTH))
-                return 0;
-        } else {
-            MD5_Update(&key->md, out + md5_off, len - md5_off);
-        }
-    }
-
-    key->payload_length = NO_PAYLOAD_LENGTH;
-
-    return 1;
-}
-
-static int rc4_hmac_md5_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
-                             void *ptr)
-{
-    EVP_RC4_HMAC_MD5 *key = data(ctx);
-
-    switch (type) {
-    case EVP_CTRL_AEAD_SET_MAC_KEY:
-        {
-            unsigned int i;
-            unsigned char hmac_key[64];
-
-            memset(hmac_key, 0, sizeof(hmac_key));
-
-            if (arg > (int)sizeof(hmac_key)) {
-                MD5_Init(&key->head);
-                MD5_Update(&key->head, ptr, arg);
-                MD5_Final(hmac_key, &key->head);
-            } else {
-                memcpy(hmac_key, ptr, arg);
-            }
-
-            for (i = 0; i < sizeof(hmac_key); i++)
-                hmac_key[i] ^= 0x36; /* ipad */
-            MD5_Init(&key->head);
-            MD5_Update(&key->head, hmac_key, sizeof(hmac_key));
-
-            for (i = 0; i < sizeof(hmac_key); i++)
-                hmac_key[i] ^= 0x36 ^ 0x5c; /* opad */
-            MD5_Init(&key->tail);
-            MD5_Update(&key->tail, hmac_key, sizeof(hmac_key));
-
-            OPENSSL_cleanse(hmac_key, sizeof(hmac_key));
-
-            return 1;
-        }
-    case EVP_CTRL_AEAD_TLS1_AAD:
-        {
-            unsigned char *p = ptr;
-            unsigned int len;
-
-            if (arg != EVP_AEAD_TLS1_AAD_LEN)
-                return -1;
-
-            len = p[arg - 2] << 8 | p[arg - 1];
-
-            if (!ctx->encrypt) {
-                if (len < MD5_DIGEST_LENGTH)
-                    return -1;
-                len -= MD5_DIGEST_LENGTH;
-                p[arg - 2] = len >> 8;
-                p[arg - 1] = len;
-            }
-            key->payload_length = len;
-            key->md = key->head;
-            MD5_Update(&key->md, p, arg);
-
-            return MD5_DIGEST_LENGTH;
-        }
-    default:
-        return -1;
-    }
-}
-
-static EVP_CIPHER r4_hmac_md5_cipher = {
-# ifdef NID_rc4_hmac_md5
-    NID_rc4_hmac_md5,
-# else
-    NID_undef,
-# endif
-    1, EVP_RC4_KEY_SIZE, 0,
-    EVP_CIPH_STREAM_CIPHER | EVP_CIPH_VARIABLE_LENGTH |
-        EVP_CIPH_FLAG_AEAD_CIPHER,
-    rc4_hmac_md5_init_key,
-    rc4_hmac_md5_cipher,
-    NULL,
-    sizeof(EVP_RC4_HMAC_MD5),
-    NULL,
-    NULL,
-    rc4_hmac_md5_ctrl,
-    NULL
-};
-
-const EVP_CIPHER *EVP_rc4_hmac_md5(void)
-{
-    return (&r4_hmac_md5_cipher);
-}
-#endif
diff --git a/thirdparty/openssl/crypto/evp/e_rc5.c b/thirdparty/openssl/crypto/evp/e_rc5.c
deleted file mode 100644
index f17e99d0c5..0000000000
--- a/thirdparty/openssl/crypto/evp/e_rc5.c
+++ /dev/null
@@ -1,122 +0,0 @@
-/* crypto/evp/e_rc5.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-
-#ifndef OPENSSL_NO_RC5
-
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include "evp_locl.h"
-# include <openssl/rc5.h>
-
-static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                               const unsigned char *iv, int enc);
-static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
-
-typedef struct {
-    int rounds;                 /* number of rounds */
-    RC5_32_KEY ks;              /* key schedule */
-} EVP_RC5_KEY;
-
-# define data(ctx)       EVP_C_DATA(EVP_RC5_KEY,ctx)
-
-IMPLEMENT_BLOCK_CIPHER(rc5_32_12_16, ks, RC5_32, EVP_RC5_KEY, NID_rc5,
-                       8, RC5_32_KEY_LENGTH, 8, 64,
-                       EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
-                       r_32_12_16_init_key, NULL, NULL, NULL, rc5_ctrl)
-
-static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
-{
-    switch (type) {
-    case EVP_CTRL_INIT:
-        data(c)->rounds = RC5_12_ROUNDS;
-        return 1;
-
-    case EVP_CTRL_GET_RC5_ROUNDS:
-        *(int *)ptr = data(c)->rounds;
-        return 1;
-
-    case EVP_CTRL_SET_RC5_ROUNDS:
-        switch (arg) {
-        case RC5_8_ROUNDS:
-        case RC5_12_ROUNDS:
-        case RC5_16_ROUNDS:
-            data(c)->rounds = arg;
-            return 1;
-
-        default:
-            EVPerr(EVP_F_RC5_CTRL, EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS);
-            return 0;
-        }
-
-    default:
-        return -1;
-    }
-}
-
-static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                               const unsigned char *iv, int enc)
-{
-    RC5_32_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx),
-                   key, data(ctx)->rounds);
-    return 1;
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/evp/e_seed.c b/thirdparty/openssl/crypto/evp/e_seed.c
deleted file mode 100644
index 3d01eacac0..0000000000
--- a/thirdparty/openssl/crypto/evp/e_seed.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* crypto/evp/e_seed.c */
-/* ====================================================================
- * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/opensslconf.h>
-#ifndef OPENSSL_NO_SEED
-# include <openssl/evp.h>
-# include <openssl/err.h>
-# include <string.h>
-# include <assert.h>
-# include <openssl/seed.h>
-# include "evp_locl.h"
-
-static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                         const unsigned char *iv, int enc);
-
-typedef struct {
-    SEED_KEY_SCHEDULE ks;
-} EVP_SEED_KEY;
-
-IMPLEMENT_BLOCK_CIPHER(seed, ks, SEED, EVP_SEED_KEY, NID_seed,
-                       16, 16, 16, 128, EVP_CIPH_FLAG_DEFAULT_ASN1,
-                       seed_init_key, 0, 0, 0, 0)
-
-static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                         const unsigned char *iv, int enc)
-{
-    SEED_set_key(key, ctx->cipher_data);
-    return 1;
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/evp/e_xcbc_d.c b/thirdparty/openssl/crypto/evp/e_xcbc_d.c
deleted file mode 100644
index 3430df9e8e..0000000000
--- a/thirdparty/openssl/crypto/evp/e_xcbc_d.c
+++ /dev/null
@@ -1,130 +0,0 @@
-/* crypto/evp/e_xcbc_d.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-
-#ifndef OPENSSL_NO_DES
-
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include "evp_locl.h"
-# include <openssl/des.h>
-
-static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                             const unsigned char *iv, int enc);
-static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                           const unsigned char *in, size_t inl);
-
-typedef struct {
-    DES_key_schedule ks;        /* key schedule */
-    DES_cblock inw;
-    DES_cblock outw;
-} DESX_CBC_KEY;
-
-# define data(ctx) ((DESX_CBC_KEY *)(ctx)->cipher_data)
-
-static const EVP_CIPHER d_xcbc_cipher = {
-    NID_desx_cbc,
-    8, 24, 8,
-    EVP_CIPH_CBC_MODE,
-    desx_cbc_init_key,
-    desx_cbc_cipher,
-    NULL,
-    sizeof(DESX_CBC_KEY),
-    EVP_CIPHER_set_asn1_iv,
-    EVP_CIPHER_get_asn1_iv,
-    NULL,
-    NULL
-};
-
-const EVP_CIPHER *EVP_desx_cbc(void)
-{
-    return (&d_xcbc_cipher);
-}
-
-static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                             const unsigned char *iv, int enc)
-{
-    DES_cblock *deskey = (DES_cblock *)key;
-
-    DES_set_key_unchecked(deskey, &data(ctx)->ks);
-    memcpy(&data(ctx)->inw[0], &key[8], 8);
-    memcpy(&data(ctx)->outw[0], &key[16], 8);
-
-    return 1;
-}
-
-static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                           const unsigned char *in, size_t inl)
-{
-    while (inl >= EVP_MAXCHUNK) {
-        DES_xcbc_encrypt(in, out, (long)EVP_MAXCHUNK, &data(ctx)->ks,
-                         (DES_cblock *)&(ctx->iv[0]),
-                         &data(ctx)->inw, &data(ctx)->outw, ctx->encrypt);
-        inl -= EVP_MAXCHUNK;
-        in += EVP_MAXCHUNK;
-        out += EVP_MAXCHUNK;
-    }
-    if (inl)
-        DES_xcbc_encrypt(in, out, (long)inl, &data(ctx)->ks,
-                         (DES_cblock *)&(ctx->iv[0]),
-                         &data(ctx)->inw, &data(ctx)->outw, ctx->encrypt);
-    return 1;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/evp/encode.c b/thirdparty/openssl/crypto/evp/encode.c
deleted file mode 100644
index c6c775e0a0..0000000000
--- a/thirdparty/openssl/crypto/evp/encode.c
+++ /dev/null
@@ -1,460 +0,0 @@
-/* crypto/evp/encode.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <limits.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-
-static unsigned char conv_ascii2bin(unsigned char a);
-#ifndef CHARSET_EBCDIC
-# define conv_bin2ascii(a)       (data_bin2ascii[(a)&0x3f])
-#else
-/*
- * We assume that PEM encoded files are EBCDIC files (i.e., printable text
- * files). Convert them here while decoding. When encoding, output is EBCDIC
- * (text) format again. (No need for conversion in the conv_bin2ascii macro,
- * as the underlying textstring data_bin2ascii[] is already EBCDIC)
- */
-# define conv_bin2ascii(a)       (data_bin2ascii[(a)&0x3f])
-#endif
-
-/*-
- * 64 char lines
- * pad input with 0
- * left over chars are set to =
- * 1 byte  => xx==
- * 2 bytes => xxx=
- * 3 bytes => xxxx
- */
-#define BIN_PER_LINE    (64/4*3)
-#define CHUNKS_PER_LINE (64/4)
-#define CHAR_PER_LINE   (64+1)
-
-static const unsigned char data_bin2ascii[65] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ\
-abcdefghijklmnopqrstuvwxyz0123456789+/";
-
-/*-
- * 0xF0 is a EOLN
- * 0xF1 is ignore but next needs to be 0xF0 (for \r\n processing).
- * 0xF2 is EOF
- * 0xE0 is ignore at start of line.
- * 0xFF is error
- */
-
-#define B64_EOLN                0xF0
-#define B64_CR                  0xF1
-#define B64_EOF                 0xF2
-#define B64_WS                  0xE0
-#define B64_ERROR               0xFF
-#define B64_NOT_BASE64(a)       (((a)|0x13) == 0xF3)
-#define B64_BASE64(a)           !B64_NOT_BASE64(a)
-
-static const unsigned char data_ascii2bin[128] = {
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xFF, 0xE0, 0xF0, 0xFF, 0xFF, 0xF1, 0xFF, 0xFF,
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xE0, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xFF, 0xFF, 0xFF, 0x3E, 0xFF, 0xF2, 0xFF, 0x3F,
-    0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B,
-    0x3C, 0x3D, 0xFF, 0xFF, 0xFF, 0x00, 0xFF, 0xFF,
-    0xFF, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
-    0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E,
-    0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
-    0x17, 0x18, 0x19, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xFF, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20,
-    0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28,
-    0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30,
-    0x31, 0x32, 0x33, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-};
-
-#ifndef CHARSET_EBCDIC
-static unsigned char conv_ascii2bin(unsigned char a)
-{
-    if (a & 0x80)
-        return B64_ERROR;
-    return data_ascii2bin[a];
-}
-#else
-static unsigned char conv_ascii2bin(unsigned char a)
-{
-    a = os_toascii[a];
-    if (a & 0x80)
-        return B64_ERROR;
-    return data_ascii2bin[a];
-}
-#endif
-
-void EVP_EncodeInit(EVP_ENCODE_CTX *ctx)
-{
-    ctx->length = 48;
-    ctx->num = 0;
-    ctx->line_num = 0;
-}
-
-void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
-                      const unsigned char *in, int inl)
-{
-    int i, j;
-    size_t total = 0;
-
-    *outl = 0;
-    if (inl <= 0)
-        return;
-    OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data));
-    if (ctx->length - ctx->num > inl) {
-        memcpy(&(ctx->enc_data[ctx->num]), in, inl);
-        ctx->num += inl;
-        return;
-    }
-    if (ctx->num != 0) {
-        i = ctx->length - ctx->num;
-        memcpy(&(ctx->enc_data[ctx->num]), in, i);
-        in += i;
-        inl -= i;
-        j = EVP_EncodeBlock(out, ctx->enc_data, ctx->length);
-        ctx->num = 0;
-        out += j;
-        *(out++) = '\n';
-        *out = '\0';
-        total = j + 1;
-    }
-    while (inl >= ctx->length && total <= INT_MAX) {
-        j = EVP_EncodeBlock(out, in, ctx->length);
-        in += ctx->length;
-        inl -= ctx->length;
-        out += j;
-        *(out++) = '\n';
-        *out = '\0';
-        total += j + 1;
-    }
-    if (total > INT_MAX) {
-        /* Too much output data! */
-        *outl = 0;
-        return;
-    }
-    if (inl != 0)
-        memcpy(&(ctx->enc_data[0]), in, inl);
-    ctx->num = inl;
-    *outl = total;
-}
-
-void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
-{
-    unsigned int ret = 0;
-
-    if (ctx->num != 0) {
-        ret = EVP_EncodeBlock(out, ctx->enc_data, ctx->num);
-        out[ret++] = '\n';
-        out[ret] = '\0';
-        ctx->num = 0;
-    }
-    *outl = ret;
-}
-
-int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int dlen)
-{
-    int i, ret = 0;
-    unsigned long l;
-
-    for (i = dlen; i > 0; i -= 3) {
-        if (i >= 3) {
-            l = (((unsigned long)f[0]) << 16L) |
-                (((unsigned long)f[1]) << 8L) | f[2];
-            *(t++) = conv_bin2ascii(l >> 18L);
-            *(t++) = conv_bin2ascii(l >> 12L);
-            *(t++) = conv_bin2ascii(l >> 6L);
-            *(t++) = conv_bin2ascii(l);
-        } else {
-            l = ((unsigned long)f[0]) << 16L;
-            if (i == 2)
-                l |= ((unsigned long)f[1] << 8L);
-
-            *(t++) = conv_bin2ascii(l >> 18L);
-            *(t++) = conv_bin2ascii(l >> 12L);
-            *(t++) = (i == 1) ? '=' : conv_bin2ascii(l >> 6L);
-            *(t++) = '=';
-        }
-        ret += 4;
-        f += 3;
-    }
-
-    *t = '\0';
-    return (ret);
-}
-
-void EVP_DecodeInit(EVP_ENCODE_CTX *ctx)
-{
-    /* Only ctx->num is used during decoding. */
-    ctx->num = 0;
-    ctx->length = 0;
-    ctx->line_num = 0;
-    ctx->expect_nl = 0;
-}
-
-/*-
- * -1 for error
- *  0 for last line
- *  1 for full line
- *
- * Note: even though EVP_DecodeUpdate attempts to detect and report end of
- * content, the context doesn't currently remember it and will accept more data
- * in the next call. Therefore, the caller is responsible for checking and
- * rejecting a 0 return value in the middle of content.
- *
- * Note: even though EVP_DecodeUpdate has historically tried to detect end of
- * content based on line length, this has never worked properly. Therefore,
- * we now return 0 when one of the following is true:
- *   - Padding or B64_EOF was detected and the last block is complete.
- *   - Input has zero-length.
- * -1 is returned if:
- *   - Invalid characters are detected.
- *   - There is extra trailing padding, or data after padding.
- *   - B64_EOF is detected after an incomplete base64 block.
- */
-int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
-                     const unsigned char *in, int inl)
-{
-    int seof = 0, eof = 0, rv = -1, ret = 0, i, v, tmp, n, decoded_len;
-    unsigned char *d;
-
-    n = ctx->num;
-    d = ctx->enc_data;
-
-    if (n > 0 && d[n - 1] == '=') {
-        eof++;
-        if (n > 1 && d[n - 2] == '=')
-            eof++;
-    }
-
-     /* Legacy behaviour: an empty input chunk signals end of input. */
-    if (inl == 0) {
-        rv = 0;
-        goto end;
-    }
-
-    for (i = 0; i < inl; i++) {
-        tmp = *(in++);
-        v = conv_ascii2bin(tmp);
-        if (v == B64_ERROR) {
-            rv = -1;
-            goto end;
-        }
-
-        if (tmp == '=') {
-            eof++;
-        } else if (eof > 0 && B64_BASE64(v)) {
-            /* More data after padding. */
-            rv = -1;
-            goto end;
-        }
-
-        if (eof > 2) {
-            rv = -1;
-            goto end;
-        }
-
-        if (v == B64_EOF) {
-            seof = 1;
-            goto tail;
-        }
-
-        /* Only save valid base64 characters. */
-        if (B64_BASE64(v)) {
-            if (n >= 64) {
-                /*
-                 * We increment n once per loop, and empty the buffer as soon as
-                 * we reach 64 characters, so this can only happen if someone's
-                 * manually messed with the ctx. Refuse to write any more data.
-                 */
-                rv = -1;
-                goto end;
-            }
-            OPENSSL_assert(n < (int)sizeof(ctx->enc_data));
-            d[n++] = tmp;
-        }
-
-        if (n == 64) {
-            decoded_len = EVP_DecodeBlock(out, d, n);
-            n = 0;
-            if (decoded_len < 0 || eof > decoded_len) {
-                rv = -1;
-                goto end;
-            }
-            ret += decoded_len - eof;
-            out += decoded_len - eof;
-        }
-    }
-
-    /*
-     * Legacy behaviour: if the current line is a full base64-block (i.e., has
-     * 0 mod 4 base64 characters), it is processed immediately. We keep this
-     * behaviour as applications may not be calling EVP_DecodeFinal properly.
-     */
-tail:
-    if (n > 0) {
-        if ((n & 3) == 0) {
-            decoded_len = EVP_DecodeBlock(out, d, n);
-            n = 0;
-            if (decoded_len < 0 || eof > decoded_len) {
-                rv = -1;
-                goto end;
-            }
-            ret += (decoded_len - eof);
-        } else if (seof) {
-            /* EOF in the middle of a base64 block. */
-            rv = -1;
-            goto end;
-        }
-    }
-
-    rv = seof || (n == 0 && eof) ? 0 : 1;
-end:
-    /* Legacy behaviour. This should probably rather be zeroed on error. */
-    *outl = ret;
-    ctx->num = n;
-    return (rv);
-}
-
-int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n)
-{
-    int i, ret = 0, a, b, c, d;
-    unsigned long l;
-
-    /* trim white space from the start of the line. */
-    while ((conv_ascii2bin(*f) == B64_WS) && (n > 0)) {
-        f++;
-        n--;
-    }
-
-    /*
-     * strip off stuff at the end of the line ascii2bin values B64_WS,
-     * B64_EOLN, B64_EOLN and B64_EOF
-     */
-    while ((n > 3) && (B64_NOT_BASE64(conv_ascii2bin(f[n - 1]))))
-        n--;
-
-    if (n % 4 != 0)
-        return (-1);
-
-    for (i = 0; i < n; i += 4) {
-        a = conv_ascii2bin(*(f++));
-        b = conv_ascii2bin(*(f++));
-        c = conv_ascii2bin(*(f++));
-        d = conv_ascii2bin(*(f++));
-        if ((a & 0x80) || (b & 0x80) || (c & 0x80) || (d & 0x80))
-            return (-1);
-        l = ((((unsigned long)a) << 18L) |
-             (((unsigned long)b) << 12L) |
-             (((unsigned long)c) << 6L) | (((unsigned long)d)));
-        *(t++) = (unsigned char)(l >> 16L) & 0xff;
-        *(t++) = (unsigned char)(l >> 8L) & 0xff;
-        *(t++) = (unsigned char)(l) & 0xff;
-        ret += 3;
-    }
-    return (ret);
-}
-
-int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
-{
-    int i;
-
-    *outl = 0;
-    if (ctx->num != 0) {
-        i = EVP_DecodeBlock(out, ctx->enc_data, ctx->num);
-        if (i < 0)
-            return (-1);
-        ctx->num = 0;
-        *outl = i;
-        return (1);
-    } else
-        return (1);
-}
-
-#ifdef undef
-int EVP_DecodeValid(unsigned char *buf, int len)
-{
-    int i, num = 0, bad = 0;
-
-    if (len == 0)
-        return (-1);
-    while (conv_ascii2bin(*buf) == B64_WS) {
-        buf++;
-        len--;
-        if (len == 0)
-            return (-1);
-    }
-
-    for (i = len; i >= 4; i -= 4) {
-        if ((conv_ascii2bin(buf[0]) >= 0x40) ||
-            (conv_ascii2bin(buf[1]) >= 0x40) ||
-            (conv_ascii2bin(buf[2]) >= 0x40) ||
-            (conv_ascii2bin(buf[3]) >= 0x40))
-            return (-1);
-        buf += 4;
-        num += 1 + (buf[2] != '=') + (buf[3] != '=');
-    }
-    if ((i == 1) && (conv_ascii2bin(buf[0]) == B64_EOLN))
-        return (num);
-    if ((i == 2) && (conv_ascii2bin(buf[0]) == B64_EOLN) &&
-        (conv_ascii2bin(buf[0]) == B64_EOLN))
-        return (num);
-    return (1);
-}
-#endif
diff --git a/thirdparty/openssl/crypto/evp/evp_acnf.c b/thirdparty/openssl/crypto/evp/evp_acnf.c
deleted file mode 100644
index 9703116e02..0000000000
--- a/thirdparty/openssl/crypto/evp/evp_acnf.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/* evp_acnf.c */
-/*
- * Written by Stephen Henson (steve@openssl.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/conf.h>
-
-/*
- * Load all algorithms and configure OpenSSL. This function is called
- * automatically when OPENSSL_LOAD_CONF is set.
- */
-
-void OPENSSL_add_all_algorithms_conf(void)
-{
-    OPENSSL_add_all_algorithms_noconf();
-    OPENSSL_config(NULL);
-}
diff --git a/thirdparty/openssl/crypto/evp/evp_cnf.c b/thirdparty/openssl/crypto/evp/evp_cnf.c
deleted file mode 100644
index 6fd3a6da0b..0000000000
--- a/thirdparty/openssl/crypto/evp/evp_cnf.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* evp_cnf.c */
-/*
- * Written by Stephen Henson (steve@openssl.org) for the OpenSSL project
- * 2007.
- */
-/* ====================================================================
- * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/dso.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
-/* Algorithm configuration module. */
-
-static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
-{
-    int i;
-    const char *oid_section;
-    STACK_OF(CONF_VALUE) *sktmp;
-    CONF_VALUE *oval;
-    oid_section = CONF_imodule_get_value(md);
-    if (!(sktmp = NCONF_get_section(cnf, oid_section))) {
-        EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION);
-        return 0;
-    }
-    for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
-        oval = sk_CONF_VALUE_value(sktmp, i);
-        if (!strcmp(oval->name, "fips_mode")) {
-            int m;
-            if (!X509V3_get_value_bool(oval, &m)) {
-                EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_INVALID_FIPS_MODE);
-                return 0;
-            }
-            if (m > 0) {
-#ifdef OPENSSL_FIPS
-                if (!FIPS_mode() && !FIPS_mode_set(1)) {
-                    EVPerr(EVP_F_ALG_MODULE_INIT,
-                           EVP_R_ERROR_SETTING_FIPS_MODE);
-                    return 0;
-                }
-#else
-                EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_FIPS_MODE_NOT_SUPPORTED);
-                return 0;
-#endif
-            }
-        } else {
-            EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_UNKNOWN_OPTION);
-            ERR_add_error_data(4, "name=", oval->name,
-                               ", value=", oval->value);
-        }
-
-    }
-    return 1;
-}
-
-void EVP_add_alg_module(void)
-{
-    CONF_module_add("alg_section", alg_module_init, 0);
-}
diff --git a/thirdparty/openssl/crypto/evp/evp_enc.c b/thirdparty/openssl/crypto/evp/evp_enc.c
deleted file mode 100644
index be577bac76..0000000000
--- a/thirdparty/openssl/crypto/evp/evp_enc.c
+++ /dev/null
@@ -1,673 +0,0 @@
-/* crypto/evp/evp_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/err.h>
-#include <openssl/rand.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-#include "evp_locl.h"
-
-#ifdef OPENSSL_FIPS
-# define M_do_cipher(ctx, out, in, inl) FIPS_cipher(ctx, out, in, inl)
-#else
-# define M_do_cipher(ctx, out, in, inl) ctx->cipher->do_cipher(ctx, out, in, inl)
-#endif
-
-const char EVP_version[] = "EVP" OPENSSL_VERSION_PTEXT;
-
-void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
-{
-    memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
-    /* ctx->cipher=NULL; */
-}
-
-EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void)
-{
-    EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
-    if (ctx)
-        EVP_CIPHER_CTX_init(ctx);
-    return ctx;
-}
-
-int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-                   const unsigned char *key, const unsigned char *iv, int enc)
-{
-    if (cipher)
-        EVP_CIPHER_CTX_init(ctx);
-    return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, enc);
-}
-
-int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-                      ENGINE *impl, const unsigned char *key,
-                      const unsigned char *iv, int enc)
-{
-    if (enc == -1)
-        enc = ctx->encrypt;
-    else {
-        if (enc)
-            enc = 1;
-        ctx->encrypt = enc;
-    }
-#ifndef OPENSSL_NO_ENGINE
-    /*
-     * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so
-     * this context may already have an ENGINE! Try to avoid releasing the
-     * previous handle, re-querying for an ENGINE, and having a
-     * reinitialisation, when it may all be unecessary.
-     */
-    if (ctx->engine && ctx->cipher && (!cipher ||
-                                       (cipher
-                                        && (cipher->nid ==
-                                            ctx->cipher->nid))))
-        goto skip_to_init;
-#endif
-    if (cipher) {
-        /*
-         * Ensure a context left lying around from last time is cleared (the
-         * previous check attempted to avoid this if the same ENGINE and
-         * EVP_CIPHER could be used).
-         */
-        if (ctx->cipher) {
-            unsigned long flags = ctx->flags;
-            EVP_CIPHER_CTX_cleanup(ctx);
-            /* Restore encrypt and flags */
-            ctx->encrypt = enc;
-            ctx->flags = flags;
-        }
-#ifndef OPENSSL_NO_ENGINE
-        if (impl) {
-            if (!ENGINE_init(impl)) {
-                EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
-                return 0;
-            }
-        } else
-            /* Ask if an ENGINE is reserved for this job */
-            impl = ENGINE_get_cipher_engine(cipher->nid);
-        if (impl) {
-            /* There's an ENGINE for this job ... (apparently) */
-            const EVP_CIPHER *c = ENGINE_get_cipher(impl, cipher->nid);
-            if (!c) {
-                /*
-                 * One positive side-effect of US's export control history,
-                 * is that we should at least be able to avoid using US
-                 * mispellings of "initialisation"?
-                 */
-                EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
-                return 0;
-            }
-            /* We'll use the ENGINE's private cipher definition */
-            cipher = c;
-            /*
-             * Store the ENGINE functional reference so we know 'cipher' came
-             * from an ENGINE and we need to release it when done.
-             */
-            ctx->engine = impl;
-        } else
-            ctx->engine = NULL;
-#endif
-
-#ifdef OPENSSL_FIPS
-        if (FIPS_mode()) {
-            const EVP_CIPHER *fcipher = NULL;
-            if (cipher)
-                fcipher = evp_get_fips_cipher(cipher);
-            if (fcipher)
-                cipher = fcipher;
-            return FIPS_cipherinit(ctx, cipher, key, iv, enc);
-        }
-#endif
-        ctx->cipher = cipher;
-        if (ctx->cipher->ctx_size) {
-            ctx->cipher_data = OPENSSL_malloc(ctx->cipher->ctx_size);
-            if (!ctx->cipher_data) {
-                ctx->cipher = NULL;
-                EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE);
-                return 0;
-            }
-        } else {
-            ctx->cipher_data = NULL;
-        }
-        ctx->key_len = cipher->key_len;
-        /* Preserve wrap enable flag, zero everything else */
-        ctx->flags &= EVP_CIPHER_CTX_FLAG_WRAP_ALLOW;
-        if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) {
-            if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) {
-                ctx->cipher = NULL;
-                EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
-                return 0;
-            }
-        }
-    } else if (!ctx->cipher) {
-        EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET);
-        return 0;
-    }
-#ifndef OPENSSL_NO_ENGINE
- skip_to_init:
-#endif
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode())
-        return FIPS_cipherinit(ctx, cipher, key, iv, enc);
-#endif
-    /* we assume block size is a power of 2 in *cryptUpdate */
-    OPENSSL_assert(ctx->cipher->block_size == 1
-                   || ctx->cipher->block_size == 8
-                   || ctx->cipher->block_size == 16);
-
-    if (!(ctx->flags & EVP_CIPHER_CTX_FLAG_WRAP_ALLOW)
-        && EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_WRAP_MODE) {
-        EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_WRAP_MODE_NOT_ALLOWED);
-        return 0;
-    }
-
-    if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
-        switch (EVP_CIPHER_CTX_mode(ctx)) {
-
-        case EVP_CIPH_STREAM_CIPHER:
-        case EVP_CIPH_ECB_MODE:
-            break;
-
-        case EVP_CIPH_CFB_MODE:
-        case EVP_CIPH_OFB_MODE:
-
-            ctx->num = 0;
-            /* fall-through */
-
-        case EVP_CIPH_CBC_MODE:
-
-            OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <=
-                           (int)sizeof(ctx->iv));
-            if (iv)
-                memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
-            memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
-            break;
-
-        case EVP_CIPH_CTR_MODE:
-            ctx->num = 0;
-            /* Don't reuse IV for CTR mode */
-            if (iv)
-                memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
-            break;
-
-        default:
-            return 0;
-            break;
-        }
-    }
-
-    if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
-        if (!ctx->cipher->init(ctx, key, iv, enc))
-            return 0;
-    }
-    ctx->buf_len = 0;
-    ctx->final_used = 0;
-    ctx->block_mask = ctx->cipher->block_size - 1;
-    return 1;
-}
-
-int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
-                     const unsigned char *in, int inl)
-{
-    if (ctx->encrypt)
-        return EVP_EncryptUpdate(ctx, out, outl, in, inl);
-    else
-        return EVP_DecryptUpdate(ctx, out, outl, in, inl);
-}
-
-int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-{
-    if (ctx->encrypt)
-        return EVP_EncryptFinal_ex(ctx, out, outl);
-    else
-        return EVP_DecryptFinal_ex(ctx, out, outl);
-}
-
-int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-{
-    if (ctx->encrypt)
-        return EVP_EncryptFinal(ctx, out, outl);
-    else
-        return EVP_DecryptFinal(ctx, out, outl);
-}
-
-int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-                    const unsigned char *key, const unsigned char *iv)
-{
-    return EVP_CipherInit(ctx, cipher, key, iv, 1);
-}
-
-int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-                       ENGINE *impl, const unsigned char *key,
-                       const unsigned char *iv)
-{
-    return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 1);
-}
-
-int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-                    const unsigned char *key, const unsigned char *iv)
-{
-    return EVP_CipherInit(ctx, cipher, key, iv, 0);
-}
-
-int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-                       ENGINE *impl, const unsigned char *key,
-                       const unsigned char *iv)
-{
-    return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0);
-}
-
-int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
-                      const unsigned char *in, int inl)
-{
-    int i, j, bl;
-
-    if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
-        i = M_do_cipher(ctx, out, in, inl);
-        if (i < 0)
-            return 0;
-        else
-            *outl = i;
-        return 1;
-    }
-
-    if (inl <= 0) {
-        *outl = 0;
-        return inl == 0;
-    }
-
-    if (ctx->buf_len == 0 && (inl & (ctx->block_mask)) == 0) {
-        if (M_do_cipher(ctx, out, in, inl)) {
-            *outl = inl;
-            return 1;
-        } else {
-            *outl = 0;
-            return 0;
-        }
-    }
-    i = ctx->buf_len;
-    bl = ctx->cipher->block_size;
-    OPENSSL_assert(bl <= (int)sizeof(ctx->buf));
-    if (i != 0) {
-        if (bl - i > inl) {
-            memcpy(&(ctx->buf[i]), in, inl);
-            ctx->buf_len += inl;
-            *outl = 0;
-            return 1;
-        } else {
-            j = bl - i;
-            memcpy(&(ctx->buf[i]), in, j);
-            if (!M_do_cipher(ctx, out, ctx->buf, bl))
-                return 0;
-            inl -= j;
-            in += j;
-            out += bl;
-            *outl = bl;
-        }
-    } else
-        *outl = 0;
-    i = inl & (bl - 1);
-    inl -= i;
-    if (inl > 0) {
-        if (!M_do_cipher(ctx, out, in, inl))
-            return 0;
-        *outl += inl;
-    }
-
-    if (i != 0)
-        memcpy(ctx->buf, &(in[inl]), i);
-    ctx->buf_len = i;
-    return 1;
-}
-
-int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-{
-    int ret;
-    ret = EVP_EncryptFinal_ex(ctx, out, outl);
-    return ret;
-}
-
-int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-{
-    int n, ret;
-    unsigned int i, b, bl;
-
-    if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
-        ret = M_do_cipher(ctx, out, NULL, 0);
-        if (ret < 0)
-            return 0;
-        else
-            *outl = ret;
-        return 1;
-    }
-
-    b = ctx->cipher->block_size;
-    OPENSSL_assert(b <= sizeof ctx->buf);
-    if (b == 1) {
-        *outl = 0;
-        return 1;
-    }
-    bl = ctx->buf_len;
-    if (ctx->flags & EVP_CIPH_NO_PADDING) {
-        if (bl) {
-            EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,
-                   EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
-            return 0;
-        }
-        *outl = 0;
-        return 1;
-    }
-
-    n = b - bl;
-    for (i = bl; i < b; i++)
-        ctx->buf[i] = n;
-    ret = M_do_cipher(ctx, out, ctx->buf, b);
-
-    if (ret)
-        *outl = b;
-
-    return ret;
-}
-
-int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
-                      const unsigned char *in, int inl)
-{
-    int fix_len;
-    unsigned int b;
-
-    if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
-        fix_len = M_do_cipher(ctx, out, in, inl);
-        if (fix_len < 0) {
-            *outl = 0;
-            return 0;
-        } else
-            *outl = fix_len;
-        return 1;
-    }
-
-    if (inl <= 0) {
-        *outl = 0;
-        return inl == 0;
-    }
-
-    if (ctx->flags & EVP_CIPH_NO_PADDING)
-        return EVP_EncryptUpdate(ctx, out, outl, in, inl);
-
-    b = ctx->cipher->block_size;
-    OPENSSL_assert(b <= sizeof ctx->final);
-
-    if (ctx->final_used) {
-        memcpy(out, ctx->final, b);
-        out += b;
-        fix_len = 1;
-    } else
-        fix_len = 0;
-
-    if (!EVP_EncryptUpdate(ctx, out, outl, in, inl))
-        return 0;
-
-    /*
-     * if we have 'decrypted' a multiple of block size, make sure we have a
-     * copy of this last block
-     */
-    if (b > 1 && !ctx->buf_len) {
-        *outl -= b;
-        ctx->final_used = 1;
-        memcpy(ctx->final, &out[*outl], b);
-    } else
-        ctx->final_used = 0;
-
-    if (fix_len)
-        *outl += b;
-
-    return 1;
-}
-
-int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-{
-    int ret;
-    ret = EVP_DecryptFinal_ex(ctx, out, outl);
-    return ret;
-}
-
-int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-{
-    int i, n;
-    unsigned int b;
-    *outl = 0;
-
-    if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
-        i = M_do_cipher(ctx, out, NULL, 0);
-        if (i < 0)
-            return 0;
-        else
-            *outl = i;
-        return 1;
-    }
-
-    b = ctx->cipher->block_size;
-    if (ctx->flags & EVP_CIPH_NO_PADDING) {
-        if (ctx->buf_len) {
-            EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
-                   EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
-            return 0;
-        }
-        *outl = 0;
-        return 1;
-    }
-    if (b > 1) {
-        if (ctx->buf_len || !ctx->final_used) {
-            EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_WRONG_FINAL_BLOCK_LENGTH);
-            return (0);
-        }
-        OPENSSL_assert(b <= sizeof ctx->final);
-
-        /*
-         * The following assumes that the ciphertext has been authenticated.
-         * Otherwise it provides a padding oracle.
-         */
-        n = ctx->final[b - 1];
-        if (n == 0 || n > (int)b) {
-            EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);
-            return (0);
-        }
-        for (i = 0; i < n; i++) {
-            if (ctx->final[--b] != n) {
-                EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);
-                return (0);
-            }
-        }
-        n = ctx->cipher->block_size - n;
-        for (i = 0; i < n; i++)
-            out[i] = ctx->final[i];
-        *outl = n;
-    } else
-        *outl = 0;
-    return (1);
-}
-
-void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
-{
-    if (ctx) {
-        EVP_CIPHER_CTX_cleanup(ctx);
-        OPENSSL_free(ctx);
-    }
-}
-
-int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
-{
-#ifndef OPENSSL_FIPS
-    if (c->cipher != NULL) {
-        if (c->cipher->cleanup && !c->cipher->cleanup(c))
-            return 0;
-        /* Cleanse cipher context data */
-        if (c->cipher_data)
-            OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size);
-    }
-    if (c->cipher_data)
-        OPENSSL_free(c->cipher_data);
-#endif
-#ifndef OPENSSL_NO_ENGINE
-    if (c->engine)
-        /*
-         * The EVP_CIPHER we used belongs to an ENGINE, release the
-         * functional reference we held for this reason.
-         */
-        ENGINE_finish(c->engine);
-#endif
-#ifdef OPENSSL_FIPS
-    FIPS_cipher_ctx_cleanup(c);
-#endif
-    memset(c, 0, sizeof(EVP_CIPHER_CTX));
-    return 1;
-}
-
-int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
-{
-    if (c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH)
-        return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH, keylen, NULL);
-    if (c->key_len == keylen)
-        return 1;
-    if ((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) {
-        c->key_len = keylen;
-        return 1;
-    }
-    EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH, EVP_R_INVALID_KEY_LENGTH);
-    return 0;
-}
-
-int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad)
-{
-    if (pad)
-        ctx->flags &= ~EVP_CIPH_NO_PADDING;
-    else
-        ctx->flags |= EVP_CIPH_NO_PADDING;
-    return 1;
-}
-
-int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
-{
-    int ret;
-    if (!ctx->cipher) {
-        EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET);
-        return 0;
-    }
-
-    if (!ctx->cipher->ctrl) {
-        EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED);
-        return 0;
-    }
-
-    ret = ctx->cipher->ctrl(ctx, type, arg, ptr);
-    if (ret == -1) {
-        EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL,
-               EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
-        return 0;
-    }
-    return ret;
-}
-
-int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
-{
-    if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
-        return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key);
-    if (RAND_bytes(key, ctx->key_len) <= 0)
-        return 0;
-    return 1;
-}
-
-int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
-{
-    if ((in == NULL) || (in->cipher == NULL)) {
-        EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, EVP_R_INPUT_NOT_INITIALIZED);
-        return 0;
-    }
-#ifndef OPENSSL_NO_ENGINE
-    /* Make sure it's safe to copy a cipher context using an ENGINE */
-    if (in->engine && !ENGINE_init(in->engine)) {
-        EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_ENGINE_LIB);
-        return 0;
-    }
-#endif
-
-    EVP_CIPHER_CTX_cleanup(out);
-    memcpy(out, in, sizeof *out);
-
-    if (in->cipher_data && in->cipher->ctx_size) {
-        out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size);
-        if (!out->cipher_data) {
-            out->cipher = NULL;
-            EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-        memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
-    }
-
-    if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY)
-        if (!in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out)) {
-            out->cipher = NULL;
-            EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, EVP_R_INITIALIZATION_ERROR);
-            return 0;
-        }
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/evp/evp_err.c b/thirdparty/openssl/crypto/evp/evp_err.c
deleted file mode 100644
index bcd841eb77..0000000000
--- a/thirdparty/openssl/crypto/evp/evp_err.c
+++ /dev/null
@@ -1,255 +0,0 @@
-/* crypto/evp/evp_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2016 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_EVP,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_EVP,0,reason)
-
-static ERR_STRING_DATA EVP_str_functs[] = {
-    {ERR_FUNC(EVP_F_AESNI_INIT_KEY), "AESNI_INIT_KEY"},
-    {ERR_FUNC(EVP_F_AESNI_XTS_CIPHER), "AESNI_XTS_CIPHER"},
-    {ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"},
-    {ERR_FUNC(EVP_F_AES_T4_INIT_KEY), "AES_T4_INIT_KEY"},
-    {ERR_FUNC(EVP_F_AES_XTS), "AES_XTS"},
-    {ERR_FUNC(EVP_F_AES_XTS_CIPHER), "AES_XTS_CIPHER"},
-    {ERR_FUNC(EVP_F_ALG_MODULE_INIT), "ALG_MODULE_INIT"},
-    {ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"},
-    {ERR_FUNC(EVP_F_CMAC_INIT), "CMAC_INIT"},
-    {ERR_FUNC(EVP_F_CMLL_T4_INIT_KEY), "CMLL_T4_INIT_KEY"},
-    {ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"},
-    {ERR_FUNC(EVP_F_DO_SIGVER_INIT), "DO_SIGVER_INIT"},
-    {ERR_FUNC(EVP_F_DSAPKEY2PKCS8), "DSAPKEY2PKCS8"},
-    {ERR_FUNC(EVP_F_DSA_PKEY2PKCS8), "DSA_PKEY2PKCS8"},
-    {ERR_FUNC(EVP_F_ECDSA_PKEY2PKCS8), "ECDSA_PKEY2PKCS8"},
-    {ERR_FUNC(EVP_F_ECKEY_PKEY2PKCS8), "ECKEY_PKEY2PKCS8"},
-    {ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"},
-    {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_COPY), "EVP_CIPHER_CTX_copy"},
-    {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"},
-    {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH),
-     "EVP_CIPHER_CTX_set_key_length"},
-    {ERR_FUNC(EVP_F_EVP_DECRYPTFINAL_EX), "EVP_DecryptFinal_ex"},
-    {ERR_FUNC(EVP_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"},
-    {ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL_EX), "EVP_EncryptFinal_ex"},
-    {ERR_FUNC(EVP_F_EVP_MD_CTX_COPY_EX), "EVP_MD_CTX_copy_ex"},
-    {ERR_FUNC(EVP_F_EVP_MD_SIZE), "EVP_MD_size"},
-    {ERR_FUNC(EVP_F_EVP_OPENINIT), "EVP_OpenInit"},
-    {ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD), "EVP_PBE_alg_add"},
-    {ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD_TYPE), "EVP_PBE_alg_add_type"},
-    {ERR_FUNC(EVP_F_EVP_PBE_CIPHERINIT), "EVP_PBE_CipherInit"},
-    {ERR_FUNC(EVP_F_EVP_PKCS82PKEY), "EVP_PKCS82PKEY"},
-    {ERR_FUNC(EVP_F_EVP_PKCS82PKEY_BROKEN), "EVP_PKCS82PKEY_BROKEN"},
-    {ERR_FUNC(EVP_F_EVP_PKEY2PKCS8_BROKEN), "EVP_PKEY2PKCS8_broken"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS), "EVP_PKEY_copy_parameters"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL), "EVP_PKEY_CTX_ctrl"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL_STR), "EVP_PKEY_CTX_ctrl_str"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_CTX_DUP), "EVP_PKEY_CTX_dup"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT), "EVP_PKEY_decrypt"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_INIT), "EVP_PKEY_decrypt_init"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_OLD), "EVP_PKEY_decrypt_old"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE), "EVP_PKEY_derive"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_INIT), "EVP_PKEY_derive_init"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_SET_PEER), "EVP_PKEY_derive_set_peer"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT), "EVP_PKEY_encrypt"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_INIT), "EVP_PKEY_encrypt_init"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_OLD), "EVP_PKEY_encrypt_old"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DH), "EVP_PKEY_get1_DH"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DSA), "EVP_PKEY_get1_DSA"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_GET1_ECDSA), "EVP_PKEY_GET1_ECDSA"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_GET1_EC_KEY), "EVP_PKEY_get1_EC_KEY"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_GET1_RSA), "EVP_PKEY_get1_RSA"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN), "EVP_PKEY_keygen"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN_INIT), "EVP_PKEY_keygen_init"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN), "EVP_PKEY_paramgen"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN_INIT), "EVP_PKEY_paramgen_init"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_SIGN), "EVP_PKEY_sign"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_SIGN_INIT), "EVP_PKEY_sign_init"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY), "EVP_PKEY_verify"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_INIT), "EVP_PKEY_verify_init"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER), "EVP_PKEY_verify_recover"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT),
-     "EVP_PKEY_verify_recover_init"},
-    {ERR_FUNC(EVP_F_EVP_RIJNDAEL), "EVP_RIJNDAEL"},
-    {ERR_FUNC(EVP_F_EVP_SIGNFINAL), "EVP_SignFinal"},
-    {ERR_FUNC(EVP_F_EVP_VERIFYFINAL), "EVP_VerifyFinal"},
-    {ERR_FUNC(EVP_F_FIPS_CIPHERINIT), "FIPS_CIPHERINIT"},
-    {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_COPY), "FIPS_CIPHER_CTX_COPY"},
-    {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_CTRL), "FIPS_CIPHER_CTX_CTRL"},
-    {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH),
-     "FIPS_CIPHER_CTX_SET_KEY_LENGTH"},
-    {ERR_FUNC(EVP_F_FIPS_DIGESTINIT), "FIPS_DIGESTINIT"},
-    {ERR_FUNC(EVP_F_FIPS_MD_CTX_COPY), "FIPS_MD_CTX_COPY"},
-    {ERR_FUNC(EVP_F_HMAC_INIT_EX), "HMAC_Init_ex"},
-    {ERR_FUNC(EVP_F_INT_CTX_NEW), "INT_CTX_NEW"},
-    {ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN), "PKCS5_PBE_keyivgen"},
-    {ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN), "PKCS5_v2_PBE_keyivgen"},
-    {ERR_FUNC(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN), "PKCS5_V2_PBKDF2_KEYIVGEN"},
-    {ERR_FUNC(EVP_F_PKCS8_SET_BROKEN), "PKCS8_set_broken"},
-    {ERR_FUNC(EVP_F_PKEY_SET_TYPE), "PKEY_SET_TYPE"},
-    {ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH), "RC2_MAGIC_TO_METH"},
-    {ERR_FUNC(EVP_F_RC5_CTRL), "RC5_CTRL"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA EVP_str_reasons[] = {
-    {ERR_REASON(EVP_R_AES_IV_SETUP_FAILED), "aes iv setup failed"},
-    {ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED), "aes key setup failed"},
-    {ERR_REASON(EVP_R_ASN1_LIB), "asn1 lib"},
-    {ERR_REASON(EVP_R_BAD_BLOCK_LENGTH), "bad block length"},
-    {ERR_REASON(EVP_R_BAD_DECRYPT), "bad decrypt"},
-    {ERR_REASON(EVP_R_BAD_KEY_LENGTH), "bad key length"},
-    {ERR_REASON(EVP_R_BN_DECODE_ERROR), "bn decode error"},
-    {ERR_REASON(EVP_R_BN_PUBKEY_ERROR), "bn pubkey error"},
-    {ERR_REASON(EVP_R_BUFFER_TOO_SMALL), "buffer too small"},
-    {ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED),
-     "camellia key setup failed"},
-    {ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR), "cipher parameter error"},
-    {ERR_REASON(EVP_R_COMMAND_NOT_SUPPORTED), "command not supported"},
-    {ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED), "ctrl not implemented"},
-    {ERR_REASON(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED),
-     "ctrl operation not implemented"},
-    {ERR_REASON(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH),
-     "data not multiple of block length"},
-    {ERR_REASON(EVP_R_DECODE_ERROR), "decode error"},
-    {ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES), "different key types"},
-    {ERR_REASON(EVP_R_DIFFERENT_PARAMETERS), "different parameters"},
-    {ERR_REASON(EVP_R_DISABLED_FOR_FIPS), "disabled for fips"},
-    {ERR_REASON(EVP_R_ENCODE_ERROR), "encode error"},
-    {ERR_REASON(EVP_R_ERROR_LOADING_SECTION), "error loading section"},
-    {ERR_REASON(EVP_R_ERROR_SETTING_FIPS_MODE), "error setting fips mode"},
-    {ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR), "evp pbe cipherinit error"},
-    {ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY), "expecting an rsa key"},
-    {ERR_REASON(EVP_R_EXPECTING_A_DH_KEY), "expecting a dh key"},
-    {ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY), "expecting a dsa key"},
-    {ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY), "expecting a ecdsa key"},
-    {ERR_REASON(EVP_R_EXPECTING_A_EC_KEY), "expecting a ec key"},
-    {ERR_REASON(EVP_R_FIPS_MODE_NOT_SUPPORTED), "fips mode not supported"},
-    {ERR_REASON(EVP_R_INITIALIZATION_ERROR), "initialization error"},
-    {ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED), "input not initialized"},
-    {ERR_REASON(EVP_R_INVALID_DIGEST), "invalid digest"},
-    {ERR_REASON(EVP_R_INVALID_FIPS_MODE), "invalid fips mode"},
-    {ERR_REASON(EVP_R_INVALID_KEY), "invalid key"},
-    {ERR_REASON(EVP_R_INVALID_KEY_LENGTH), "invalid key length"},
-    {ERR_REASON(EVP_R_INVALID_OPERATION), "invalid operation"},
-    {ERR_REASON(EVP_R_IV_TOO_LARGE), "iv too large"},
-    {ERR_REASON(EVP_R_KEYGEN_FAILURE), "keygen failure"},
-    {ERR_REASON(EVP_R_MESSAGE_DIGEST_IS_NULL), "message digest is null"},
-    {ERR_REASON(EVP_R_METHOD_NOT_SUPPORTED), "method not supported"},
-    {ERR_REASON(EVP_R_MISSING_PARAMETERS), "missing parameters"},
-    {ERR_REASON(EVP_R_NO_CIPHER_SET), "no cipher set"},
-    {ERR_REASON(EVP_R_NO_DEFAULT_DIGEST), "no default digest"},
-    {ERR_REASON(EVP_R_NO_DIGEST_SET), "no digest set"},
-    {ERR_REASON(EVP_R_NO_DSA_PARAMETERS), "no dsa parameters"},
-    {ERR_REASON(EVP_R_NO_KEY_SET), "no key set"},
-    {ERR_REASON(EVP_R_NO_OPERATION_SET), "no operation set"},
-    {ERR_REASON(EVP_R_NO_SIGN_FUNCTION_CONFIGURED),
-     "no sign function configured"},
-    {ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED),
-     "no verify function configured"},
-    {ERR_REASON(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
-     "operation not supported for this keytype"},
-    {ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED), "operaton not initialized"},
-    {ERR_REASON(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE),
-     "pkcs8 unknown broken type"},
-    {ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR), "private key decode error"},
-    {ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR), "private key encode error"},
-    {ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA), "public key not rsa"},
-    {ERR_REASON(EVP_R_TOO_LARGE), "too large"},
-    {ERR_REASON(EVP_R_UNKNOWN_CIPHER), "unknown cipher"},
-    {ERR_REASON(EVP_R_UNKNOWN_DIGEST), "unknown digest"},
-    {ERR_REASON(EVP_R_UNKNOWN_OPTION), "unknown option"},
-    {ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM), "unknown pbe algorithm"},
-    {ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS),
-     "unsuported number of rounds"},
-    {ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM), "unsupported algorithm"},
-    {ERR_REASON(EVP_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
-    {ERR_REASON(EVP_R_UNSUPPORTED_KEYLENGTH), "unsupported keylength"},
-    {ERR_REASON(EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION),
-     "unsupported key derivation function"},
-    {ERR_REASON(EVP_R_UNSUPPORTED_KEY_SIZE), "unsupported key size"},
-    {ERR_REASON(EVP_R_UNSUPPORTED_PRF), "unsupported prf"},
-    {ERR_REASON(EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM),
-     "unsupported private key algorithm"},
-    {ERR_REASON(EVP_R_UNSUPPORTED_SALT_TYPE), "unsupported salt type"},
-    {ERR_REASON(EVP_R_WRAP_MODE_NOT_ALLOWED), "wrap mode not allowed"},
-    {ERR_REASON(EVP_R_WRONG_FINAL_BLOCK_LENGTH), "wrong final block length"},
-    {ERR_REASON(EVP_R_WRONG_PUBLIC_KEY_TYPE), "wrong public key type"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_EVP_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(EVP_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, EVP_str_functs);
-        ERR_load_strings(0, EVP_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/evp/evp_key.c b/thirdparty/openssl/crypto/evp/evp_key.c
deleted file mode 100644
index 5be9e336f9..0000000000
--- a/thirdparty/openssl/crypto/evp/evp_key.c
+++ /dev/null
@@ -1,195 +0,0 @@
-/* crypto/evp/evp_key.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/ui.h>
-
-/* should be init to zeros. */
-static char prompt_string[80];
-
-void EVP_set_pw_prompt(const char *prompt)
-{
-    if (prompt == NULL)
-        prompt_string[0] = '\0';
-    else {
-        strncpy(prompt_string, prompt, 79);
-        prompt_string[79] = '\0';
-    }
-}
-
-char *EVP_get_pw_prompt(void)
-{
-    if (prompt_string[0] == '\0')
-        return (NULL);
-    else
-        return (prompt_string);
-}
-
-/*
- * For historical reasons, the standard function for reading passwords is in
- * the DES library -- if someone ever wants to disable DES, this function
- * will fail
- */
-int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
-{
-    return EVP_read_pw_string_min(buf, 0, len, prompt, verify);
-}
-
-int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt,
-                           int verify)
-{
-    int ret;
-    char buff[BUFSIZ];
-    UI *ui;
-
-    if ((prompt == NULL) && (prompt_string[0] != '\0'))
-        prompt = prompt_string;
-    ui = UI_new();
-    if (ui == NULL)
-        return -1;
-    UI_add_input_string(ui, prompt, 0, buf, min,
-                        (len >= BUFSIZ) ? BUFSIZ - 1 : len);
-    if (verify)
-        UI_add_verify_string(ui, prompt, 0,
-                             buff, min, (len >= BUFSIZ) ? BUFSIZ - 1 : len,
-                             buf);
-    ret = UI_process(ui);
-    UI_free(ui);
-    OPENSSL_cleanse(buff, BUFSIZ);
-    return ret;
-}
-
-int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
-                   const unsigned char *salt, const unsigned char *data,
-                   int datal, int count, unsigned char *key,
-                   unsigned char *iv)
-{
-    EVP_MD_CTX c;
-    unsigned char md_buf[EVP_MAX_MD_SIZE];
-    int niv, nkey, addmd = 0;
-    unsigned int mds = 0, i;
-    int rv = 0;
-    nkey = type->key_len;
-    niv = type->iv_len;
-    OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH);
-    OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH);
-
-    if (data == NULL)
-        return (nkey);
-
-    EVP_MD_CTX_init(&c);
-    for (;;) {
-        if (!EVP_DigestInit_ex(&c, md, NULL))
-            goto err;
-        if (addmd++)
-            if (!EVP_DigestUpdate(&c, &(md_buf[0]), mds))
-                goto err;
-        if (!EVP_DigestUpdate(&c, data, datal))
-            goto err;
-        if (salt != NULL)
-            if (!EVP_DigestUpdate(&c, salt, PKCS5_SALT_LEN))
-                goto err;
-        if (!EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds))
-            goto err;
-
-        for (i = 1; i < (unsigned int)count; i++) {
-            if (!EVP_DigestInit_ex(&c, md, NULL))
-                goto err;
-            if (!EVP_DigestUpdate(&c, &(md_buf[0]), mds))
-                goto err;
-            if (!EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds))
-                goto err;
-        }
-        i = 0;
-        if (nkey) {
-            for (;;) {
-                if (nkey == 0)
-                    break;
-                if (i == mds)
-                    break;
-                if (key != NULL)
-                    *(key++) = md_buf[i];
-                nkey--;
-                i++;
-            }
-        }
-        if (niv && (i != mds)) {
-            for (;;) {
-                if (niv == 0)
-                    break;
-                if (i == mds)
-                    break;
-                if (iv != NULL)
-                    *(iv++) = md_buf[i];
-                niv--;
-                i++;
-            }
-        }
-        if ((nkey == 0) && (niv == 0))
-            break;
-    }
-    rv = type->key_len;
- err:
-    EVP_MD_CTX_cleanup(&c);
-    OPENSSL_cleanse(md_buf, sizeof(md_buf));
-    return rv;
-}
diff --git a/thirdparty/openssl/crypto/evp/evp_lib.c b/thirdparty/openssl/crypto/evp/evp_lib.c
deleted file mode 100644
index 7e0bab90d4..0000000000
--- a/thirdparty/openssl/crypto/evp/evp_lib.c
+++ /dev/null
@@ -1,391 +0,0 @@
-/* crypto/evp/evp_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-# include "evp_locl.h"
-#endif
-
-int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-{
-    int ret;
-
-    if (c->cipher->set_asn1_parameters != NULL)
-        ret = c->cipher->set_asn1_parameters(c, type);
-    else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) {
-        switch (EVP_CIPHER_CTX_mode(c)) {
-        case EVP_CIPH_WRAP_MODE:
-            if (EVP_CIPHER_CTX_nid(c) == NID_id_smime_alg_CMS3DESwrap)
-                ASN1_TYPE_set(type, V_ASN1_NULL, NULL);
-            ret = 1;
-            break;
-
-        case EVP_CIPH_GCM_MODE:
-        case EVP_CIPH_CCM_MODE:
-        case EVP_CIPH_XTS_MODE:
-            ret = -1;
-            break;
-
-        default:
-            ret = EVP_CIPHER_set_asn1_iv(c, type);
-        }
-    } else
-        ret = -1;
-    return (ret);
-}
-
-int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-{
-    int ret;
-
-    if (c->cipher->get_asn1_parameters != NULL)
-        ret = c->cipher->get_asn1_parameters(c, type);
-    else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) {
-        switch (EVP_CIPHER_CTX_mode(c)) {
-
-        case EVP_CIPH_WRAP_MODE:
-            ret = 1;
-            break;
-
-        case EVP_CIPH_GCM_MODE:
-        case EVP_CIPH_CCM_MODE:
-        case EVP_CIPH_XTS_MODE:
-            ret = -1;
-            break;
-
-        default:
-            ret = EVP_CIPHER_get_asn1_iv(c, type);
-            break;
-        }
-    } else
-        ret = -1;
-    return (ret);
-}
-
-int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-{
-    int i = 0;
-    unsigned int l;
-
-    if (type != NULL) {
-        l = EVP_CIPHER_CTX_iv_length(c);
-        OPENSSL_assert(l <= sizeof(c->iv));
-        i = ASN1_TYPE_get_octetstring(type, c->oiv, l);
-        if (i != (int)l)
-            return (-1);
-        else if (i > 0)
-            memcpy(c->iv, c->oiv, l);
-    }
-    return (i);
-}
-
-int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-{
-    int i = 0;
-    unsigned int j;
-
-    if (type != NULL) {
-        j = EVP_CIPHER_CTX_iv_length(c);
-        OPENSSL_assert(j <= sizeof(c->iv));
-        i = ASN1_TYPE_set_octetstring(type, c->oiv, j);
-    }
-    return (i);
-}
-
-/* Convert the various cipher NIDs and dummies to a proper OID NID */
-int EVP_CIPHER_type(const EVP_CIPHER *ctx)
-{
-    int nid;
-    ASN1_OBJECT *otmp;
-    nid = EVP_CIPHER_nid(ctx);
-
-    switch (nid) {
-
-    case NID_rc2_cbc:
-    case NID_rc2_64_cbc:
-    case NID_rc2_40_cbc:
-
-        return NID_rc2_cbc;
-
-    case NID_rc4:
-    case NID_rc4_40:
-
-        return NID_rc4;
-
-    case NID_aes_128_cfb128:
-    case NID_aes_128_cfb8:
-    case NID_aes_128_cfb1:
-
-        return NID_aes_128_cfb128;
-
-    case NID_aes_192_cfb128:
-    case NID_aes_192_cfb8:
-    case NID_aes_192_cfb1:
-
-        return NID_aes_192_cfb128;
-
-    case NID_aes_256_cfb128:
-    case NID_aes_256_cfb8:
-    case NID_aes_256_cfb1:
-
-        return NID_aes_256_cfb128;
-
-    case NID_des_cfb64:
-    case NID_des_cfb8:
-    case NID_des_cfb1:
-
-        return NID_des_cfb64;
-
-    case NID_des_ede3_cfb64:
-    case NID_des_ede3_cfb8:
-    case NID_des_ede3_cfb1:
-
-        return NID_des_cfb64;
-
-    default:
-        /* Check it has an OID and it is valid */
-        otmp = OBJ_nid2obj(nid);
-        if (!otmp || !otmp->data)
-            nid = NID_undef;
-        ASN1_OBJECT_free(otmp);
-        return nid;
-    }
-}
-
-int EVP_CIPHER_block_size(const EVP_CIPHER *e)
-{
-    return e->block_size;
-}
-
-int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
-{
-    return ctx->cipher->block_size;
-}
-
-int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-               const unsigned char *in, unsigned int inl)
-{
-    return ctx->cipher->do_cipher(ctx, out, in, inl);
-}
-
-const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx)
-{
-    return ctx->cipher;
-}
-
-unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher)
-{
-#ifdef OPENSSL_FIPS
-    const EVP_CIPHER *fcipher;
-    fcipher = evp_get_fips_cipher(cipher);
-    if (fcipher && fcipher->flags & EVP_CIPH_FLAG_FIPS)
-        return cipher->flags | EVP_CIPH_FLAG_FIPS;
-#endif
-    return cipher->flags;
-}
-
-unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
-{
-#ifdef OPENSSL_FIPS
-    return EVP_CIPHER_flags(ctx->cipher);
-#else
-    return ctx->cipher->flags;
-#endif
-}
-
-void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
-{
-    return ctx->app_data;
-}
-
-void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
-{
-    ctx->app_data = data;
-}
-
-int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
-{
-    return cipher->iv_len;
-}
-
-int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
-{
-    return ctx->cipher->iv_len;
-}
-
-int EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
-{
-    return cipher->key_len;
-}
-
-int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
-{
-    return ctx->key_len;
-}
-
-int EVP_CIPHER_nid(const EVP_CIPHER *cipher)
-{
-    return cipher->nid;
-}
-
-int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx)
-{
-    return ctx->cipher->nid;
-}
-
-int EVP_MD_block_size(const EVP_MD *md)
-{
-    return md->block_size;
-}
-
-int EVP_MD_type(const EVP_MD *md)
-{
-    return md->type;
-}
-
-int EVP_MD_pkey_type(const EVP_MD *md)
-{
-    return md->pkey_type;
-}
-
-int EVP_MD_size(const EVP_MD *md)
-{
-    if (!md) {
-        EVPerr(EVP_F_EVP_MD_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL);
-        return -1;
-    }
-    return md->md_size;
-}
-
-#ifdef OPENSSL_FIPS
-
-const EVP_MD *evp_get_fips_md(const EVP_MD *md)
-{
-    int nid = EVP_MD_type(md);
-    if (nid == NID_dsa)
-        return FIPS_evp_dss1();
-    else if (nid == NID_dsaWithSHA)
-        return FIPS_evp_dss();
-    else if (nid == NID_ecdsa_with_SHA1)
-        return FIPS_evp_ecdsa();
-    else
-        return FIPS_get_digestbynid(nid);
-}
-
-const EVP_CIPHER *evp_get_fips_cipher(const EVP_CIPHER *cipher)
-{
-    int nid = cipher->nid;
-    if (nid == NID_undef)
-        return FIPS_evp_enc_null();
-    else
-        return FIPS_get_cipherbynid(nid);
-}
-
-#endif
-
-unsigned long EVP_MD_flags(const EVP_MD *md)
-{
-#ifdef OPENSSL_FIPS
-    const EVP_MD *fmd;
-    fmd = evp_get_fips_md(md);
-    if (fmd && fmd->flags & EVP_MD_FLAG_FIPS)
-        return md->flags | EVP_MD_FLAG_FIPS;
-#endif
-    return md->flags;
-}
-
-const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx)
-{
-    if (!ctx)
-        return NULL;
-    return ctx->digest;
-}
-
-void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags)
-{
-    ctx->flags |= flags;
-}
-
-void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags)
-{
-    ctx->flags &= ~flags;
-}
-
-int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags)
-{
-    return (ctx->flags & flags);
-}
-
-void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags)
-{
-    ctx->flags |= flags;
-}
-
-void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags)
-{
-    ctx->flags &= ~flags;
-}
-
-int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags)
-{
-    return (ctx->flags & flags);
-}
diff --git a/thirdparty/openssl/crypto/evp/evp_locl.h b/thirdparty/openssl/crypto/evp/evp_locl.h
deleted file mode 100644
index 2bb709a065..0000000000
--- a/thirdparty/openssl/crypto/evp/evp_locl.h
+++ /dev/null
@@ -1,373 +0,0 @@
-/* evp_locl.h */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* Macros to code block cipher wrappers */
-
-/* Wrapper functions for each cipher mode */
-
-#define BLOCK_CIPHER_ecb_loop() \
-        size_t i, bl; \
-        bl = ctx->cipher->block_size;\
-        if(inl < bl) return 1;\
-        inl -= bl; \
-        for(i=0; i <= inl; i+=bl)
-
-#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
-static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
-{\
-        BLOCK_CIPHER_ecb_loop() \
-                cprefix##_ecb_encrypt(in + i, out + i, &((kstruct *)ctx->cipher_data)->ksched, ctx->encrypt);\
-        return 1;\
-}
-
-#define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2))
-
-#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
-static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
-{\
-        while(inl>=EVP_MAXCHUNK)\
-            {\
-            cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\
-            inl-=EVP_MAXCHUNK;\
-            in +=EVP_MAXCHUNK;\
-            out+=EVP_MAXCHUNK;\
-            }\
-        if (inl)\
-            cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\
-        return 1;\
-}
-
-#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
-static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
-{\
-        while(inl>=EVP_MAXCHUNK) \
-            {\
-            cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\
-            inl-=EVP_MAXCHUNK;\
-            in +=EVP_MAXCHUNK;\
-            out+=EVP_MAXCHUNK;\
-            }\
-        if (inl)\
-            cprefix##_cbc_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\
-        return 1;\
-}
-
-#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
-static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
-{\
-        size_t chunk=EVP_MAXCHUNK;\
-        if (cbits==1)  chunk>>=3;\
-        if (inl<chunk) chunk=inl;\
-        while(inl && inl>=chunk)\
-            {\
-            cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
-            inl-=chunk;\
-            in +=chunk;\
-            out+=chunk;\
-            if(inl<chunk) chunk=inl;\
-            }\
-        return 1;\
-}
-
-#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
-        BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
-        BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
-        BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
-        BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched)
-
-#define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \
-                          key_len, iv_len, flags, init_key, cleanup, \
-                          set_asn1, get_asn1, ctrl) \
-static const EVP_CIPHER cname##_##mode = { \
-        nid##_##nmode, block_size, key_len, iv_len, \
-        flags | EVP_CIPH_##MODE##_MODE, \
-        init_key, \
-        cname##_##mode##_cipher, \
-        cleanup, \
-        sizeof(kstruct), \
-        set_asn1, get_asn1,\
-        ctrl, \
-        NULL \
-}; \
-const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; }
-
-#define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \
-                             iv_len, flags, init_key, cleanup, set_asn1, \
-                             get_asn1, ctrl) \
-BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \
-                  iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
-
-#define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \
-                             iv_len, cbits, flags, init_key, cleanup, \
-                             set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \
-                  key_len, iv_len, flags, init_key, cleanup, set_asn1, \
-                  get_asn1, ctrl)
-
-#define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \
-                             iv_len, cbits, flags, init_key, cleanup, \
-                             set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, 1, \
-                  key_len, iv_len, flags, init_key, cleanup, set_asn1, \
-                  get_asn1, ctrl)
-
-#define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \
-                             flags, init_key, cleanup, set_asn1, \
-                             get_asn1, ctrl) \
-BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \
-                  0, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
-
-#define BLOCK_CIPHER_defs(cname, kstruct, \
-                          nid, block_size, key_len, iv_len, cbits, flags, \
-                          init_key, cleanup, set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
-                     init_key, cleanup, set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \
-                     flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \
-                     flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \
-                     init_key, cleanup, set_asn1, get_asn1, ctrl)
-
-/*-
-#define BLOCK_CIPHER_defs(cname, kstruct, \
-                                nid, block_size, key_len, iv_len, flags,\
-                                 init_key, cleanup, set_asn1, get_asn1, ctrl)\
-static const EVP_CIPHER cname##_cbc = {\
-        nid##_cbc, block_size, key_len, iv_len, \
-        flags | EVP_CIPH_CBC_MODE,\
-        init_key,\
-        cname##_cbc_cipher,\
-        cleanup,\
-        sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
-                sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
-        set_asn1, get_asn1,\
-        ctrl, \
-        NULL \
-};\
-const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\
-static const EVP_CIPHER cname##_cfb = {\
-        nid##_cfb64, 1, key_len, iv_len, \
-        flags | EVP_CIPH_CFB_MODE,\
-        init_key,\
-        cname##_cfb_cipher,\
-        cleanup,\
-        sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
-                sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
-        set_asn1, get_asn1,\
-        ctrl,\
-        NULL \
-};\
-const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\
-static const EVP_CIPHER cname##_ofb = {\
-        nid##_ofb64, 1, key_len, iv_len, \
-        flags | EVP_CIPH_OFB_MODE,\
-        init_key,\
-        cname##_ofb_cipher,\
-        cleanup,\
-        sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
-                sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
-        set_asn1, get_asn1,\
-        ctrl,\
-        NULL \
-};\
-const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\
-static const EVP_CIPHER cname##_ecb = {\
-        nid##_ecb, block_size, key_len, iv_len, \
-        flags | EVP_CIPH_ECB_MODE,\
-        init_key,\
-        cname##_ecb_cipher,\
-        cleanup,\
-        sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
-                sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
-        set_asn1, get_asn1,\
-        ctrl,\
-        NULL \
-};\
-const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
-*/
-
-#define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \
-                               block_size, key_len, iv_len, cbits, \
-                               flags, init_key, \
-                               cleanup, set_asn1, get_asn1, ctrl) \
-        BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
-        BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \
-                          cbits, flags, init_key, cleanup, set_asn1, \
-                          get_asn1, ctrl)
-
-#define EVP_C_DATA(kstruct, ctx)        ((kstruct *)(ctx)->cipher_data)
-
-#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len) \
-        BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \
-        BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \
-                             NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \
-                             0, cipher##_init_key, NULL, \
-                             EVP_CIPHER_set_asn1_iv, \
-                             EVP_CIPHER_get_asn1_iv, \
-                             NULL)
-
-struct evp_pkey_ctx_st {
-    /* Method associated with this operation */
-    const EVP_PKEY_METHOD *pmeth;
-    /* Engine that implements this method or NULL if builtin */
-    ENGINE *engine;
-    /* Key: may be NULL */
-    EVP_PKEY *pkey;
-    /* Peer key for key agreement, may be NULL */
-    EVP_PKEY *peerkey;
-    /* Actual operation */
-    int operation;
-    /* Algorithm specific data */
-    void *data;
-    /* Application specific data */
-    void *app_data;
-    /* Keygen callback */
-    EVP_PKEY_gen_cb *pkey_gencb;
-    /* implementation specific keygen data */
-    int *keygen_info;
-    int keygen_info_count;
-} /* EVP_PKEY_CTX */ ;
-
-#define EVP_PKEY_FLAG_DYNAMIC   1
-
-struct evp_pkey_method_st {
-    int pkey_id;
-    int flags;
-    int (*init) (EVP_PKEY_CTX *ctx);
-    int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
-    void (*cleanup) (EVP_PKEY_CTX *ctx);
-    int (*paramgen_init) (EVP_PKEY_CTX *ctx);
-    int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
-    int (*keygen_init) (EVP_PKEY_CTX *ctx);
-    int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
-    int (*sign_init) (EVP_PKEY_CTX *ctx);
-    int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
-                 const unsigned char *tbs, size_t tbslen);
-    int (*verify_init) (EVP_PKEY_CTX *ctx);
-    int (*verify) (EVP_PKEY_CTX *ctx,
-                   const unsigned char *sig, size_t siglen,
-                   const unsigned char *tbs, size_t tbslen);
-    int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
-    int (*verify_recover) (EVP_PKEY_CTX *ctx,
-                           unsigned char *rout, size_t *routlen,
-                           const unsigned char *sig, size_t siglen);
-    int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
-    int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
-                    EVP_MD_CTX *mctx);
-    int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
-    int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
-                      EVP_MD_CTX *mctx);
-    int (*encrypt_init) (EVP_PKEY_CTX *ctx);
-    int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
-                    const unsigned char *in, size_t inlen);
-    int (*decrypt_init) (EVP_PKEY_CTX *ctx);
-    int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
-                    const unsigned char *in, size_t inlen);
-    int (*derive_init) (EVP_PKEY_CTX *ctx);
-    int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
-    int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
-    int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);
-} /* EVP_PKEY_METHOD */ ;
-
-void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
-
-int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
-                             int passlen, ASN1_TYPE *param,
-                             const EVP_CIPHER *c, const EVP_MD *md,
-                             int en_de);
-
-const EVP_MD *evp_get_fips_md(const EVP_MD *md);
-const EVP_CIPHER *evp_get_fips_cipher(const EVP_CIPHER *cipher);
-
-#ifdef OPENSSL_FIPS
-
-# ifdef OPENSSL_DOING_MAKEDEPEND
-#  undef SHA1_Init
-#  undef SHA1_Update
-#  undef SHA224_Init
-#  undef SHA256_Init
-#  undef SHA384_Init
-#  undef SHA512_Init
-#  undef DES_set_key_unchecked
-# endif
-
-# define RIPEMD160_Init  private_RIPEMD160_Init
-# define WHIRLPOOL_Init  private_WHIRLPOOL_Init
-# define MD5_Init        private_MD5_Init
-# define MD4_Init        private_MD4_Init
-# define MD2_Init        private_MD2_Init
-# define MDC2_Init       private_MDC2_Init
-# define SHA_Init        private_SHA_Init
-# define SHA1_Init       private_SHA1_Init
-# define SHA224_Init     private_SHA224_Init
-# define SHA256_Init     private_SHA256_Init
-# define SHA384_Init     private_SHA384_Init
-# define SHA512_Init     private_SHA512_Init
-
-# define BF_set_key      private_BF_set_key
-# define CAST_set_key    private_CAST_set_key
-# define idea_set_encrypt_key    private_idea_set_encrypt_key
-# define SEED_set_key    private_SEED_set_key
-# define RC2_set_key     private_RC2_set_key
-# define RC4_set_key     private_RC4_set_key
-# define DES_set_key_unchecked   private_DES_set_key_unchecked
-# define Camellia_set_key        private_Camellia_set_key
-
-#endif
diff --git a/thirdparty/openssl/crypto/evp/evp_pbe.c b/thirdparty/openssl/crypto/evp/evp_pbe.c
deleted file mode 100644
index 7934c95fad..0000000000
--- a/thirdparty/openssl/crypto/evp/evp_pbe.c
+++ /dev/null
@@ -1,312 +0,0 @@
-/* evp_pbe.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/pkcs12.h>
-#include <openssl/x509.h>
-#include "evp_locl.h"
-
-/* Password based encryption (PBE) functions */
-
-DECLARE_STACK_OF(EVP_PBE_CTL)
-static STACK_OF(EVP_PBE_CTL) *pbe_algs;
-
-/* Setup a cipher context from a PBE algorithm */
-
-typedef struct {
-    int pbe_type;
-    int pbe_nid;
-    int cipher_nid;
-    int md_nid;
-    EVP_PBE_KEYGEN *keygen;
-} EVP_PBE_CTL;
-
-static const EVP_PBE_CTL builtin_pbe[] = {
-    {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndDES_CBC,
-     NID_des_cbc, NID_md2, PKCS5_PBE_keyivgen},
-    {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndDES_CBC,
-     NID_des_cbc, NID_md5, PKCS5_PBE_keyivgen},
-    {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndRC2_CBC,
-     NID_rc2_64_cbc, NID_sha1, PKCS5_PBE_keyivgen},
-
-#ifndef OPENSSL_NO_HMAC
-    {EVP_PBE_TYPE_OUTER, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen},
-#endif
-
-    {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC4,
-     NID_rc4, NID_sha1, PKCS12_PBE_keyivgen},
-    {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC4,
-     NID_rc4_40, NID_sha1, PKCS12_PBE_keyivgen},
-    {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
-     NID_des_ede3_cbc, NID_sha1, PKCS12_PBE_keyivgen},
-    {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And2_Key_TripleDES_CBC,
-     NID_des_ede_cbc, NID_sha1, PKCS12_PBE_keyivgen},
-    {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC2_CBC,
-     NID_rc2_cbc, NID_sha1, PKCS12_PBE_keyivgen},
-    {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC2_CBC,
-     NID_rc2_40_cbc, NID_sha1, PKCS12_PBE_keyivgen},
-
-#ifndef OPENSSL_NO_HMAC
-    {EVP_PBE_TYPE_OUTER, NID_pbes2, -1, -1, PKCS5_v2_PBE_keyivgen},
-#endif
-    {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndRC2_CBC,
-     NID_rc2_64_cbc, NID_md2, PKCS5_PBE_keyivgen},
-    {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndRC2_CBC,
-     NID_rc2_64_cbc, NID_md5, PKCS5_PBE_keyivgen},
-    {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndDES_CBC,
-     NID_des_cbc, NID_sha1, PKCS5_PBE_keyivgen},
-
-    {EVP_PBE_TYPE_PRF, NID_hmacWithSHA1, -1, NID_sha1, 0},
-    {EVP_PBE_TYPE_PRF, NID_hmacWithMD5, -1, NID_md5, 0},
-    {EVP_PBE_TYPE_PRF, NID_hmacWithSHA224, -1, NID_sha224, 0},
-    {EVP_PBE_TYPE_PRF, NID_hmacWithSHA256, -1, NID_sha256, 0},
-    {EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0},
-    {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0},
-    {EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0},
-};
-
-#ifdef TEST
-int main(int argc, char **argv)
-{
-    int i, nid_md, nid_cipher;
-    EVP_PBE_CTL *tpbe, *tpbe2;
-    /*
-     * OpenSSL_add_all_algorithms();
-     */
-
-    for (i = 0; i < sizeof(builtin_pbe) / sizeof(EVP_PBE_CTL); i++) {
-        tpbe = builtin_pbe + i;
-        fprintf(stderr, "%d %d %s ", tpbe->pbe_type, tpbe->pbe_nid,
-                OBJ_nid2sn(tpbe->pbe_nid));
-        if (EVP_PBE_find(tpbe->pbe_type, tpbe->pbe_nid,
-                         &nid_cipher, &nid_md, 0))
-            fprintf(stderr, "Found %s %s\n",
-                    OBJ_nid2sn(nid_cipher), OBJ_nid2sn(nid_md));
-        else
-            fprintf(stderr, "Find ERROR!!\n");
-    }
-
-    return 0;
-}
-#endif
-
-int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
-                       ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de)
-{
-    const EVP_CIPHER *cipher;
-    const EVP_MD *md;
-    int cipher_nid, md_nid;
-    EVP_PBE_KEYGEN *keygen;
-
-    if (!EVP_PBE_find(EVP_PBE_TYPE_OUTER, OBJ_obj2nid(pbe_obj),
-                      &cipher_nid, &md_nid, &keygen)) {
-        char obj_tmp[80];
-        EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM);
-        if (!pbe_obj)
-            BUF_strlcpy(obj_tmp, "NULL", sizeof obj_tmp);
-        else
-            i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
-        ERR_add_error_data(2, "TYPE=", obj_tmp);
-        return 0;
-    }
-
-    if (!pass)
-        passlen = 0;
-    else if (passlen == -1)
-        passlen = strlen(pass);
-
-    if (cipher_nid == -1)
-        cipher = NULL;
-    else {
-        cipher = EVP_get_cipherbynid(cipher_nid);
-        if (!cipher) {
-            EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_CIPHER);
-            return 0;
-        }
-    }
-
-    if (md_nid == -1)
-        md = NULL;
-    else {
-        md = EVP_get_digestbynid(md_nid);
-        if (!md) {
-            EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_DIGEST);
-            return 0;
-        }
-    }
-
-    if (!keygen(ctx, pass, passlen, param, cipher, md, en_de)) {
-        EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_KEYGEN_FAILURE);
-        return 0;
-    }
-    return 1;
-}
-
-DECLARE_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
-
-static int pbe2_cmp(const EVP_PBE_CTL *pbe1, const EVP_PBE_CTL *pbe2)
-{
-    int ret = pbe1->pbe_type - pbe2->pbe_type;
-    if (ret)
-        return ret;
-    else
-        return pbe1->pbe_nid - pbe2->pbe_nid;
-}
-
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
-
-static int pbe_cmp(const EVP_PBE_CTL *const *a, const EVP_PBE_CTL *const *b)
-{
-    int ret = (*a)->pbe_type - (*b)->pbe_type;
-    if (ret)
-        return ret;
-    else
-        return (*a)->pbe_nid - (*b)->pbe_nid;
-}
-
-/* Add a PBE algorithm */
-
-int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid,
-                         int md_nid, EVP_PBE_KEYGEN *keygen)
-{
-    EVP_PBE_CTL *pbe_tmp;
-
-    if (pbe_algs == NULL) {
-        pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp);
-        if (pbe_algs == NULL)
-            goto err;
-    }
-
-    if ((pbe_tmp = OPENSSL_malloc(sizeof(*pbe_tmp))) == NULL)
-        goto err;
-
-    pbe_tmp->pbe_type = pbe_type;
-    pbe_tmp->pbe_nid = pbe_nid;
-    pbe_tmp->cipher_nid = cipher_nid;
-    pbe_tmp->md_nid = md_nid;
-    pbe_tmp->keygen = keygen;
-
-    sk_EVP_PBE_CTL_push(pbe_algs, pbe_tmp);
-    return 1;
-
- err:
-    EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE);
-    return 0;
-}
-
-int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
-                    EVP_PBE_KEYGEN *keygen)
-{
-    int cipher_nid, md_nid;
-    if (cipher)
-        cipher_nid = EVP_CIPHER_nid(cipher);
-    else
-        cipher_nid = -1;
-    if (md)
-        md_nid = EVP_MD_type(md);
-    else
-        md_nid = -1;
-
-    return EVP_PBE_alg_add_type(EVP_PBE_TYPE_OUTER, nid,
-                                cipher_nid, md_nid, keygen);
-}
-
-int EVP_PBE_find(int type, int pbe_nid,
-                 int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen)
-{
-    EVP_PBE_CTL *pbetmp = NULL, pbelu;
-    int i;
-    if (pbe_nid == NID_undef)
-        return 0;
-
-    pbelu.pbe_type = type;
-    pbelu.pbe_nid = pbe_nid;
-
-    if (pbe_algs) {
-        i = sk_EVP_PBE_CTL_find(pbe_algs, &pbelu);
-        if (i != -1)
-            pbetmp = sk_EVP_PBE_CTL_value(pbe_algs, i);
-    }
-    if (pbetmp == NULL) {
-        pbetmp = OBJ_bsearch_pbe2(&pbelu, builtin_pbe,
-                                  sizeof(builtin_pbe) / sizeof(EVP_PBE_CTL));
-    }
-    if (pbetmp == NULL)
-        return 0;
-    if (pcnid)
-        *pcnid = pbetmp->cipher_nid;
-    if (pmnid)
-        *pmnid = pbetmp->md_nid;
-    if (pkeygen)
-        *pkeygen = pbetmp->keygen;
-    return 1;
-}
-
-static void free_evp_pbe_ctl(EVP_PBE_CTL *pbe)
-{
-    OPENSSL_freeFunc(pbe);
-}
-
-void EVP_PBE_cleanup(void)
-{
-    sk_EVP_PBE_CTL_pop_free(pbe_algs, free_evp_pbe_ctl);
-    pbe_algs = NULL;
-}
diff --git a/thirdparty/openssl/crypto/evp/evp_pkey.c b/thirdparty/openssl/crypto/evp/evp_pkey.c
deleted file mode 100644
index 6a456297bc..0000000000
--- a/thirdparty/openssl/crypto/evp/evp_pkey.c
+++ /dev/null
@@ -1,229 +0,0 @@
-/* evp_pkey.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/rand.h>
-#include "asn1_locl.h"
-
-/* Extract a private key from a PKCS8 structure */
-
-EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
-{
-    EVP_PKEY *pkey = NULL;
-    ASN1_OBJECT *algoid;
-    char obj_tmp[80];
-
-    if (!PKCS8_pkey_get0(&algoid, NULL, NULL, NULL, p8))
-        return NULL;
-
-    if (!(pkey = EVP_PKEY_new())) {
-        EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid))) {
-        EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
-        i2t_ASN1_OBJECT(obj_tmp, 80, algoid);
-        ERR_add_error_data(2, "TYPE=", obj_tmp);
-        goto error;
-    }
-
-    if (pkey->ameth->priv_decode) {
-        if (!pkey->ameth->priv_decode(pkey, p8)) {
-            EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_PRIVATE_KEY_DECODE_ERROR);
-            goto error;
-        }
-    } else {
-        EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_METHOD_NOT_SUPPORTED);
-        goto error;
-    }
-
-    return pkey;
-
- error:
-    EVP_PKEY_free(pkey);
-    return NULL;
-}
-
-PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
-{
-    return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK);
-}
-
-/* Turn a private key into a PKCS8 structure */
-
-PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
-{
-    PKCS8_PRIV_KEY_INFO *p8;
-
-    if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) {
-        EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    p8->broken = broken;
-
-    if (pkey->ameth) {
-        if (pkey->ameth->priv_encode) {
-            if (!pkey->ameth->priv_encode(p8, pkey)) {
-                EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
-                       EVP_R_PRIVATE_KEY_ENCODE_ERROR);
-                goto error;
-            }
-        } else {
-            EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, EVP_R_METHOD_NOT_SUPPORTED);
-            goto error;
-        }
-    } else {
-        EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
-               EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
-        goto error;
-    }
-    RAND_add(p8->pkey->value.octet_string->data,
-             p8->pkey->value.octet_string->length, 0.0);
-    return p8;
- error:
-    PKCS8_PRIV_KEY_INFO_free(p8);
-    return NULL;
-}
-
-PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
-{
-    switch (broken) {
-
-    case PKCS8_OK:
-        p8->broken = PKCS8_OK;
-        return p8;
-        break;
-
-    case PKCS8_NO_OCTET:
-        p8->broken = PKCS8_NO_OCTET;
-        p8->pkey->type = V_ASN1_SEQUENCE;
-        return p8;
-        break;
-
-    default:
-        EVPerr(EVP_F_PKCS8_SET_BROKEN, EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE);
-        return NULL;
-    }
-}
-
-/* EVP_PKEY attribute functions */
-
-int EVP_PKEY_get_attr_count(const EVP_PKEY *key)
-{
-    return X509at_get_attr_count(key->attributes);
-}
-
-int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, int lastpos)
-{
-    return X509at_get_attr_by_NID(key->attributes, nid, lastpos);
-}
-
-int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj,
-                             int lastpos)
-{
-    return X509at_get_attr_by_OBJ(key->attributes, obj, lastpos);
-}
-
-X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc)
-{
-    return X509at_get_attr(key->attributes, loc);
-}
-
-X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc)
-{
-    return X509at_delete_attr(key->attributes, loc);
-}
-
-int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr)
-{
-    if (X509at_add1_attr(&key->attributes, attr))
-        return 1;
-    return 0;
-}
-
-int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key,
-                              const ASN1_OBJECT *obj, int type,
-                              const unsigned char *bytes, int len)
-{
-    if (X509at_add1_attr_by_OBJ(&key->attributes, obj, type, bytes, len))
-        return 1;
-    return 0;
-}
-
-int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key,
-                              int nid, int type,
-                              const unsigned char *bytes, int len)
-{
-    if (X509at_add1_attr_by_NID(&key->attributes, nid, type, bytes, len))
-        return 1;
-    return 0;
-}
-
-int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key,
-                              const char *attrname, int type,
-                              const unsigned char *bytes, int len)
-{
-    if (X509at_add1_attr_by_txt(&key->attributes, attrname, type, bytes, len))
-        return 1;
-    return 0;
-}
diff --git a/thirdparty/openssl/crypto/evp/m_dss.c b/thirdparty/openssl/crypto/evp/m_dss.c
deleted file mode 100644
index 147844862d..0000000000
--- a/thirdparty/openssl/crypto/evp/m_dss.c
+++ /dev/null
@@ -1,104 +0,0 @@
-/* crypto/evp/m_dss.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/sha.h>
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-
-#ifndef OPENSSL_NO_SHA
-
-static int init(EVP_MD_CTX *ctx)
-{
-    return SHA1_Init(ctx->md_data);
-}
-
-static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-    return SHA1_Update(ctx->md_data, data, count);
-}
-
-static int final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-    return SHA1_Final(md, ctx->md_data);
-}
-
-static const EVP_MD dsa_md = {
-    NID_dsaWithSHA,
-    NID_dsaWithSHA,
-    SHA_DIGEST_LENGTH,
-    EVP_MD_FLAG_PKEY_DIGEST,
-    init,
-    update,
-    final,
-    NULL,
-    NULL,
-    EVP_PKEY_DSA_method,
-    SHA_CBLOCK,
-    sizeof(EVP_MD *) + sizeof(SHA_CTX),
-};
-
-const EVP_MD *EVP_dss(void)
-{
-    return (&dsa_md);
-}
-#endif
diff --git a/thirdparty/openssl/crypto/evp/m_dss1.c b/thirdparty/openssl/crypto/evp/m_dss1.c
deleted file mode 100644
index e36fabff70..0000000000
--- a/thirdparty/openssl/crypto/evp/m_dss1.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/* crypto/evp/m_dss1.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-
-#ifndef OPENSSL_NO_SHA
-
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include <openssl/sha.h>
-# ifndef OPENSSL_NO_DSA
-#  include <openssl/dsa.h>
-# endif
-
-static int init(EVP_MD_CTX *ctx)
-{
-    return SHA1_Init(ctx->md_data);
-}
-
-static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-    return SHA1_Update(ctx->md_data, data, count);
-}
-
-static int final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-    return SHA1_Final(md, ctx->md_data);
-}
-
-static const EVP_MD dss1_md = {
-    NID_dsa,
-    NID_dsaWithSHA1,
-    SHA_DIGEST_LENGTH,
-    EVP_MD_FLAG_PKEY_DIGEST,
-    init,
-    update,
-    final,
-    NULL,
-    NULL,
-    EVP_PKEY_DSA_method,
-    SHA_CBLOCK,
-    sizeof(EVP_MD *) + sizeof(SHA_CTX),
-};
-
-const EVP_MD *EVP_dss1(void)
-{
-    return (&dss1_md);
-}
-#endif
diff --git a/thirdparty/openssl/crypto/evp/m_ecdsa.c b/thirdparty/openssl/crypto/evp/m_ecdsa.c
deleted file mode 100644
index 803d314955..0000000000
--- a/thirdparty/openssl/crypto/evp/m_ecdsa.c
+++ /dev/null
@@ -1,154 +0,0 @@
-/* crypto/evp/m_ecdsa.c */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_SHA
-
-static int init(EVP_MD_CTX *ctx)
-{
-    return SHA1_Init(ctx->md_data);
-}
-
-static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-    return SHA1_Update(ctx->md_data, data, count);
-}
-
-static int final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-    return SHA1_Final(md, ctx->md_data);
-}
-
-static const EVP_MD ecdsa_md = {
-    NID_ecdsa_with_SHA1,
-    NID_ecdsa_with_SHA1,
-    SHA_DIGEST_LENGTH,
-    EVP_MD_FLAG_PKEY_DIGEST,
-    init,
-    update,
-    final,
-    NULL,
-    NULL,
-    EVP_PKEY_ECDSA_method,
-    SHA_CBLOCK,
-    sizeof(EVP_MD *) + sizeof(SHA_CTX),
-};
-
-const EVP_MD *EVP_ecdsa(void)
-{
-    return (&ecdsa_md);
-}
-#endif
diff --git a/thirdparty/openssl/crypto/evp/m_md2.c b/thirdparty/openssl/crypto/evp/m_md2.c
deleted file mode 100644
index 3c4cd7bf88..0000000000
--- a/thirdparty/openssl/crypto/evp/m_md2.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/* crypto/evp/m_md2.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-
-#ifndef OPENSSL_NO_MD2
-
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include <openssl/x509.h>
-# include <openssl/md2.h>
-# ifndef OPENSSL_NO_RSA
-#  include <openssl/rsa.h>
-# endif
-
-static int init(EVP_MD_CTX *ctx)
-{
-    return MD2_Init(ctx->md_data);
-}
-
-static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-    return MD2_Update(ctx->md_data, data, count);
-}
-
-static int final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-    return MD2_Final(md, ctx->md_data);
-}
-
-static const EVP_MD md2_md = {
-    NID_md2,
-    NID_md2WithRSAEncryption,
-    MD2_DIGEST_LENGTH,
-    0,
-    init,
-    update,
-    final,
-    NULL,
-    NULL,
-    EVP_PKEY_RSA_method,
-    MD2_BLOCK,
-    sizeof(EVP_MD *) + sizeof(MD2_CTX),
-};
-
-const EVP_MD *EVP_md2(void)
-{
-    return (&md2_md);
-}
-#endif
diff --git a/thirdparty/openssl/crypto/evp/m_md4.c b/thirdparty/openssl/crypto/evp/m_md4.c
deleted file mode 100644
index 851de69f88..0000000000
--- a/thirdparty/openssl/crypto/evp/m_md4.c
+++ /dev/null
@@ -1,108 +0,0 @@
-/* crypto/evp/m_md4.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-
-#ifndef OPENSSL_NO_MD4
-
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include <openssl/x509.h>
-# include <openssl/md4.h>
-# ifndef OPENSSL_NO_RSA
-#  include <openssl/rsa.h>
-# endif
-
-# include "evp_locl.h"
-
-static int init(EVP_MD_CTX *ctx)
-{
-    return MD4_Init(ctx->md_data);
-}
-
-static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-    return MD4_Update(ctx->md_data, data, count);
-}
-
-static int final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-    return MD4_Final(md, ctx->md_data);
-}
-
-static const EVP_MD md4_md = {
-    NID_md4,
-    NID_md4WithRSAEncryption,
-    MD4_DIGEST_LENGTH,
-    0,
-    init,
-    update,
-    final,
-    NULL,
-    NULL,
-    EVP_PKEY_RSA_method,
-    MD4_CBLOCK,
-    sizeof(EVP_MD *) + sizeof(MD4_CTX),
-};
-
-const EVP_MD *EVP_md4(void)
-{
-    return (&md4_md);
-}
-#endif
diff --git a/thirdparty/openssl/crypto/evp/m_md5.c b/thirdparty/openssl/crypto/evp/m_md5.c
deleted file mode 100644
index e5d5f71b87..0000000000
--- a/thirdparty/openssl/crypto/evp/m_md5.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/* crypto/evp/m_md5.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-
-#ifndef OPENSSL_NO_MD5
-
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include <openssl/x509.h>
-# include <openssl/md5.h>
-# ifndef OPENSSL_NO_RSA
-#  include <openssl/rsa.h>
-# endif
-# include "evp_locl.h"
-
-static int init(EVP_MD_CTX *ctx)
-{
-    return MD5_Init(ctx->md_data);
-}
-
-static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-    return MD5_Update(ctx->md_data, data, count);
-}
-
-static int final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-    return MD5_Final(md, ctx->md_data);
-}
-
-static const EVP_MD md5_md = {
-    NID_md5,
-    NID_md5WithRSAEncryption,
-    MD5_DIGEST_LENGTH,
-    0,
-    init,
-    update,
-    final,
-    NULL,
-    NULL,
-    EVP_PKEY_RSA_method,
-    MD5_CBLOCK,
-    sizeof(EVP_MD *) + sizeof(MD5_CTX),
-};
-
-const EVP_MD *EVP_md5(void)
-{
-    return (&md5_md);
-}
-#endif
diff --git a/thirdparty/openssl/crypto/evp/m_mdc2.c b/thirdparty/openssl/crypto/evp/m_mdc2.c
deleted file mode 100644
index 94e12a6bd5..0000000000
--- a/thirdparty/openssl/crypto/evp/m_mdc2.c
+++ /dev/null
@@ -1,108 +0,0 @@
-/* crypto/evp/m_mdc2.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-
-#ifndef OPENSSL_NO_MDC2
-
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include <openssl/x509.h>
-# include <openssl/mdc2.h>
-# ifndef OPENSSL_NO_RSA
-#  include <openssl/rsa.h>
-# endif
-
-# include "evp_locl.h"
-
-static int init(EVP_MD_CTX *ctx)
-{
-    return MDC2_Init(ctx->md_data);
-}
-
-static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-    return MDC2_Update(ctx->md_data, data, count);
-}
-
-static int final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-    return MDC2_Final(md, ctx->md_data);
-}
-
-static const EVP_MD mdc2_md = {
-    NID_mdc2,
-    NID_mdc2WithRSA,
-    MDC2_DIGEST_LENGTH,
-    0,
-    init,
-    update,
-    final,
-    NULL,
-    NULL,
-    EVP_PKEY_RSA_ASN1_OCTET_STRING_method,
-    MDC2_BLOCK,
-    sizeof(EVP_MD *) + sizeof(MDC2_CTX),
-};
-
-const EVP_MD *EVP_mdc2(void)
-{
-    return (&mdc2_md);
-}
-#endif
diff --git a/thirdparty/openssl/crypto/evp/m_null.c b/thirdparty/openssl/crypto/evp/m_null.c
deleted file mode 100644
index 017e1feb0b..0000000000
--- a/thirdparty/openssl/crypto/evp/m_null.c
+++ /dev/null
@@ -1,98 +0,0 @@
-/* crypto/evp/m_null.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-static int init(EVP_MD_CTX *ctx)
-{
-    return 1;
-}
-
-static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-    return 1;
-}
-
-static int final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-    return 1;
-}
-
-static const EVP_MD null_md = {
-    NID_undef,
-    NID_undef,
-    0,
-    0,
-    init,
-    update,
-    final,
-    NULL,
-    NULL,
-    EVP_PKEY_NULL_method,
-    0,
-    sizeof(EVP_MD *),
-};
-
-const EVP_MD *EVP_md_null(void)
-{
-    return (&null_md);
-}
diff --git a/thirdparty/openssl/crypto/evp/m_ripemd.c b/thirdparty/openssl/crypto/evp/m_ripemd.c
deleted file mode 100644
index 81de0ef4e1..0000000000
--- a/thirdparty/openssl/crypto/evp/m_ripemd.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/* crypto/evp/m_ripemd.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-
-#ifndef OPENSSL_NO_RIPEMD
-
-# include <openssl/ripemd.h>
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include <openssl/x509.h>
-# ifndef OPENSSL_NO_RSA
-#  include <openssl/rsa.h>
-# endif
-# include "evp_locl.h"
-
-static int init(EVP_MD_CTX *ctx)
-{
-    return RIPEMD160_Init(ctx->md_data);
-}
-
-static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-    return RIPEMD160_Update(ctx->md_data, data, count);
-}
-
-static int final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-    return RIPEMD160_Final(md, ctx->md_data);
-}
-
-static const EVP_MD ripemd160_md = {
-    NID_ripemd160,
-    NID_ripemd160WithRSA,
-    RIPEMD160_DIGEST_LENGTH,
-    0,
-    init,
-    update,
-    final,
-    NULL,
-    NULL,
-    EVP_PKEY_RSA_method,
-    RIPEMD160_CBLOCK,
-    sizeof(EVP_MD *) + sizeof(RIPEMD160_CTX),
-};
-
-const EVP_MD *EVP_ripemd160(void)
-{
-    return (&ripemd160_md);
-}
-#endif
diff --git a/thirdparty/openssl/crypto/evp/m_sha.c b/thirdparty/openssl/crypto/evp/m_sha.c
deleted file mode 100644
index e1e22e0c19..0000000000
--- a/thirdparty/openssl/crypto/evp/m_sha.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/* crypto/evp/m_sha.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
-
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include <openssl/x509.h>
-# ifndef OPENSSL_NO_RSA
-#  include <openssl/rsa.h>
-# endif
-# include "evp_locl.h"
-
-static int init(EVP_MD_CTX *ctx)
-{
-    return SHA_Init(ctx->md_data);
-}
-
-static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-    return SHA_Update(ctx->md_data, data, count);
-}
-
-static int final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-    return SHA_Final(md, ctx->md_data);
-}
-
-static const EVP_MD sha_md = {
-    NID_sha,
-    NID_shaWithRSAEncryption,
-    SHA_DIGEST_LENGTH,
-    0,
-    init,
-    update,
-    final,
-    NULL,
-    NULL,
-    EVP_PKEY_RSA_method,
-    SHA_CBLOCK,
-    sizeof(EVP_MD *) + sizeof(SHA_CTX),
-};
-
-const EVP_MD *EVP_sha(void)
-{
-    return (&sha_md);
-}
-#endif
diff --git a/thirdparty/openssl/crypto/evp/m_sha1.c b/thirdparty/openssl/crypto/evp/m_sha1.c
deleted file mode 100644
index a74e6b7794..0000000000
--- a/thirdparty/openssl/crypto/evp/m_sha1.c
+++ /dev/null
@@ -1,235 +0,0 @@
-/* crypto/evp/m_sha1.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-
-#ifndef OPENSSL_NO_SHA
-
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include <openssl/sha.h>
-# ifndef OPENSSL_NO_RSA
-#  include <openssl/rsa.h>
-# endif
-
-static int init(EVP_MD_CTX *ctx)
-{
-    return SHA1_Init(ctx->md_data);
-}
-
-static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-    return SHA1_Update(ctx->md_data, data, count);
-}
-
-static int final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-    return SHA1_Final(md, ctx->md_data);
-}
-
-static const EVP_MD sha1_md = {
-    NID_sha1,
-    NID_sha1WithRSAEncryption,
-    SHA_DIGEST_LENGTH,
-    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
-    init,
-    update,
-    final,
-    NULL,
-    NULL,
-    EVP_PKEY_RSA_method,
-    SHA_CBLOCK,
-    sizeof(EVP_MD *) + sizeof(SHA_CTX),
-};
-
-const EVP_MD *EVP_sha1(void)
-{
-    return (&sha1_md);
-}
-#endif
-
-#ifndef OPENSSL_NO_SHA256
-static int init224(EVP_MD_CTX *ctx)
-{
-    return SHA224_Init(ctx->md_data);
-}
-
-static int init256(EVP_MD_CTX *ctx)
-{
-    return SHA256_Init(ctx->md_data);
-}
-
-/*
- * Even though there're separate SHA224_[Update|Final], we call
- * SHA256 functions even in SHA224 context. This is what happens
- * there anyway, so we can spare few CPU cycles:-)
- */
-static int update256(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-    return SHA256_Update(ctx->md_data, data, count);
-}
-
-static int final256(EVP_MD_CTX *ctx, unsigned char *md)
-{
-    return SHA256_Final(md, ctx->md_data);
-}
-
-static const EVP_MD sha224_md = {
-    NID_sha224,
-    NID_sha224WithRSAEncryption,
-    SHA224_DIGEST_LENGTH,
-    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
-    init224,
-    update256,
-    final256,
-    NULL,
-    NULL,
-    EVP_PKEY_RSA_method,
-    SHA256_CBLOCK,
-    sizeof(EVP_MD *) + sizeof(SHA256_CTX),
-};
-
-const EVP_MD *EVP_sha224(void)
-{
-    return (&sha224_md);
-}
-
-static const EVP_MD sha256_md = {
-    NID_sha256,
-    NID_sha256WithRSAEncryption,
-    SHA256_DIGEST_LENGTH,
-    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
-    init256,
-    update256,
-    final256,
-    NULL,
-    NULL,
-    EVP_PKEY_RSA_method,
-    SHA256_CBLOCK,
-    sizeof(EVP_MD *) + sizeof(SHA256_CTX),
-};
-
-const EVP_MD *EVP_sha256(void)
-{
-    return (&sha256_md);
-}
-#endif                          /* ifndef OPENSSL_NO_SHA256 */
-
-#ifndef OPENSSL_NO_SHA512
-static int init384(EVP_MD_CTX *ctx)
-{
-    return SHA384_Init(ctx->md_data);
-}
-
-static int init512(EVP_MD_CTX *ctx)
-{
-    return SHA512_Init(ctx->md_data);
-}
-
-/* See comment in SHA224/256 section */
-static int update512(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-    return SHA512_Update(ctx->md_data, data, count);
-}
-
-static int final512(EVP_MD_CTX *ctx, unsigned char *md)
-{
-    return SHA512_Final(md, ctx->md_data);
-}
-
-static const EVP_MD sha384_md = {
-    NID_sha384,
-    NID_sha384WithRSAEncryption,
-    SHA384_DIGEST_LENGTH,
-    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
-    init384,
-    update512,
-    final512,
-    NULL,
-    NULL,
-    EVP_PKEY_RSA_method,
-    SHA512_CBLOCK,
-    sizeof(EVP_MD *) + sizeof(SHA512_CTX),
-};
-
-const EVP_MD *EVP_sha384(void)
-{
-    return (&sha384_md);
-}
-
-static const EVP_MD sha512_md = {
-    NID_sha512,
-    NID_sha512WithRSAEncryption,
-    SHA512_DIGEST_LENGTH,
-    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
-    init512,
-    update512,
-    final512,
-    NULL,
-    NULL,
-    EVP_PKEY_RSA_method,
-    SHA512_CBLOCK,
-    sizeof(EVP_MD *) + sizeof(SHA512_CTX),
-};
-
-const EVP_MD *EVP_sha512(void)
-{
-    return (&sha512_md);
-}
-#endif                          /* ifndef OPENSSL_NO_SHA512 */
diff --git a/thirdparty/openssl/crypto/evp/m_sigver.c b/thirdparty/openssl/crypto/evp/m_sigver.c
deleted file mode 100644
index 4492d207f2..0000000000
--- a/thirdparty/openssl/crypto/evp/m_sigver.c
+++ /dev/null
@@ -1,203 +0,0 @@
-/* m_sigver.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006,2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include "evp_locl.h"
-
-static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
-                          const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey,
-                          int ver)
-{
-    if (ctx->pctx == NULL)
-        ctx->pctx = EVP_PKEY_CTX_new(pkey, e);
-    if (ctx->pctx == NULL)
-        return 0;
-
-    if (!(ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)) {
-
-        if (type == NULL) {
-            int def_nid;
-            if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0)
-                type = EVP_get_digestbynid(def_nid);
-        }
-
-        if (type == NULL) {
-            EVPerr(EVP_F_DO_SIGVER_INIT, EVP_R_NO_DEFAULT_DIGEST);
-            return 0;
-        }
-    }
-
-    if (ver) {
-        if (ctx->pctx->pmeth->verifyctx_init) {
-            if (ctx->pctx->pmeth->verifyctx_init(ctx->pctx, ctx) <= 0)
-                return 0;
-            ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX;
-        } else if (EVP_PKEY_verify_init(ctx->pctx) <= 0)
-            return 0;
-    } else {
-        if (ctx->pctx->pmeth->signctx_init) {
-            if (ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx) <= 0)
-                return 0;
-            ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX;
-        } else if (EVP_PKEY_sign_init(ctx->pctx) <= 0)
-            return 0;
-    }
-    if (EVP_PKEY_CTX_set_signature_md(ctx->pctx, type) <= 0)
-        return 0;
-    if (pctx)
-        *pctx = ctx->pctx;
-    if (ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)
-        return 1;
-    if (!EVP_DigestInit_ex(ctx, type, e))
-        return 0;
-    return 1;
-}
-
-int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
-                       const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
-{
-    return do_sigver_init(ctx, pctx, type, e, pkey, 0);
-}
-
-int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
-                         const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
-{
-    return do_sigver_init(ctx, pctx, type, e, pkey, 1);
-}
-
-int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
-                        size_t *siglen)
-{
-    int sctx, r = 0;
-    EVP_PKEY_CTX *pctx = ctx->pctx;
-    if (pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM) {
-        EVP_PKEY_CTX *dctx;
-        if (!sigret)
-            return pctx->pmeth->signctx(pctx, sigret, siglen, ctx);
-        dctx = EVP_PKEY_CTX_dup(ctx->pctx);
-        if (!dctx)
-            return 0;
-        r = dctx->pmeth->signctx(dctx, sigret, siglen, ctx);
-        EVP_PKEY_CTX_free(dctx);
-        return r;
-    }
-    if (pctx->pmeth->signctx)
-        sctx = 1;
-    else
-        sctx = 0;
-    if (sigret) {
-        EVP_MD_CTX tmp_ctx;
-        unsigned char md[EVP_MAX_MD_SIZE];
-        unsigned int mdlen;
-        EVP_MD_CTX_init(&tmp_ctx);
-        if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
-            return 0;
-        if (sctx)
-            r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx,
-                                             sigret, siglen, &tmp_ctx);
-        else
-            r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
-        EVP_MD_CTX_cleanup(&tmp_ctx);
-        if (sctx || !r)
-            return r;
-        if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)
-            return 0;
-    } else {
-        if (sctx) {
-            if (pctx->pmeth->signctx(pctx, sigret, siglen, ctx) <= 0)
-                return 0;
-        } else {
-            int s = EVP_MD_size(ctx->digest);
-            if (s < 0 || EVP_PKEY_sign(pctx, sigret, siglen, NULL, s) <= 0)
-                return 0;
-        }
-    }
-    return 1;
-}
-
-int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig,
-                          size_t siglen)
-{
-    EVP_MD_CTX tmp_ctx;
-    unsigned char md[EVP_MAX_MD_SIZE];
-    int r;
-    unsigned int mdlen;
-    int vctx;
-
-    if (ctx->pctx->pmeth->verifyctx)
-        vctx = 1;
-    else
-        vctx = 0;
-    EVP_MD_CTX_init(&tmp_ctx);
-    if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
-        return -1;
-    if (vctx) {
-        r = tmp_ctx.pctx->pmeth->verifyctx(tmp_ctx.pctx,
-                                           sig, siglen, &tmp_ctx);
-    } else
-        r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
-    EVP_MD_CTX_cleanup(&tmp_ctx);
-    if (vctx || !r)
-        return r;
-    return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen);
-}
diff --git a/thirdparty/openssl/crypto/evp/m_wp.c b/thirdparty/openssl/crypto/evp/m_wp.c
deleted file mode 100644
index a890939ec4..0000000000
--- a/thirdparty/openssl/crypto/evp/m_wp.c
+++ /dev/null
@@ -1,48 +0,0 @@
-/* crypto/evp/m_wp.c */
-
-#include <stdio.h>
-#include "cryptlib.h"
-
-#ifndef OPENSSL_NO_WHIRLPOOL
-
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include <openssl/x509.h>
-# include <openssl/whrlpool.h>
-# include "evp_locl.h"
-
-static int init(EVP_MD_CTX *ctx)
-{
-    return WHIRLPOOL_Init(ctx->md_data);
-}
-
-static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-    return WHIRLPOOL_Update(ctx->md_data, data, count);
-}
-
-static int final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-    return WHIRLPOOL_Final(md, ctx->md_data);
-}
-
-static const EVP_MD whirlpool_md = {
-    NID_whirlpool,
-    0,
-    WHIRLPOOL_DIGEST_LENGTH,
-    0,
-    init,
-    update,
-    final,
-    NULL,
-    NULL,
-    EVP_PKEY_NULL_method,
-    WHIRLPOOL_BBLOCK / 8,
-    sizeof(EVP_MD *) + sizeof(WHIRLPOOL_CTX),
-};
-
-const EVP_MD *EVP_whirlpool(void)
-{
-    return (&whirlpool_md);
-}
-#endif
diff --git a/thirdparty/openssl/crypto/evp/names.c b/thirdparty/openssl/crypto/evp/names.c
deleted file mode 100644
index ff115a31c8..0000000000
--- a/thirdparty/openssl/crypto/evp/names.c
+++ /dev/null
@@ -1,215 +0,0 @@
-/* crypto/evp/names.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int EVP_add_cipher(const EVP_CIPHER *c)
-{
-    int r;
-
-    if (c == NULL)
-        return 0;
-
-    OPENSSL_init();
-
-    r = OBJ_NAME_add(OBJ_nid2sn(c->nid), OBJ_NAME_TYPE_CIPHER_METH,
-                     (const char *)c);
-    if (r == 0)
-        return (0);
-    check_defer(c->nid);
-    r = OBJ_NAME_add(OBJ_nid2ln(c->nid), OBJ_NAME_TYPE_CIPHER_METH,
-                     (const char *)c);
-    return (r);
-}
-
-int EVP_add_digest(const EVP_MD *md)
-{
-    int r;
-    const char *name;
-    OPENSSL_init();
-
-    name = OBJ_nid2sn(md->type);
-    r = OBJ_NAME_add(name, OBJ_NAME_TYPE_MD_METH, (const char *)md);
-    if (r == 0)
-        return (0);
-    check_defer(md->type);
-    r = OBJ_NAME_add(OBJ_nid2ln(md->type), OBJ_NAME_TYPE_MD_METH,
-                     (const char *)md);
-    if (r == 0)
-        return (0);
-
-    if (md->pkey_type && md->type != md->pkey_type) {
-        r = OBJ_NAME_add(OBJ_nid2sn(md->pkey_type),
-                         OBJ_NAME_TYPE_MD_METH | OBJ_NAME_ALIAS, name);
-        if (r == 0)
-            return (0);
-        check_defer(md->pkey_type);
-        r = OBJ_NAME_add(OBJ_nid2ln(md->pkey_type),
-                         OBJ_NAME_TYPE_MD_METH | OBJ_NAME_ALIAS, name);
-    }
-    return (r);
-}
-
-const EVP_CIPHER *EVP_get_cipherbyname(const char *name)
-{
-    const EVP_CIPHER *cp;
-
-    cp = (const EVP_CIPHER *)OBJ_NAME_get(name, OBJ_NAME_TYPE_CIPHER_METH);
-    return (cp);
-}
-
-const EVP_MD *EVP_get_digestbyname(const char *name)
-{
-    const EVP_MD *cp;
-
-    cp = (const EVP_MD *)OBJ_NAME_get(name, OBJ_NAME_TYPE_MD_METH);
-    return (cp);
-}
-
-void EVP_cleanup(void)
-{
-    OBJ_NAME_cleanup(OBJ_NAME_TYPE_CIPHER_METH);
-    OBJ_NAME_cleanup(OBJ_NAME_TYPE_MD_METH);
-    /*
-     * The above calls will only clean out the contents of the name hash
-     * table, but not the hash table itself.  The following line does that
-     * part.  -- Richard Levitte
-     */
-    OBJ_NAME_cleanup(-1);
-
-    EVP_PBE_cleanup();
-    if (obj_cleanup_defer == 2) {
-        obj_cleanup_defer = 0;
-        OBJ_cleanup();
-    }
-    OBJ_sigid_free();
-}
-
-struct doall_cipher {
-    void *arg;
-    void (*fn) (const EVP_CIPHER *ciph,
-                const char *from, const char *to, void *arg);
-};
-
-static void do_all_cipher_fn(const OBJ_NAME *nm, void *arg)
-{
-    struct doall_cipher *dc = arg;
-    if (nm->alias)
-        dc->fn(NULL, nm->name, nm->data, dc->arg);
-    else
-        dc->fn((const EVP_CIPHER *)nm->data, nm->name, NULL, dc->arg);
-}
-
-void EVP_CIPHER_do_all(void (*fn) (const EVP_CIPHER *ciph,
-                                   const char *from, const char *to, void *x),
-                       void *arg)
-{
-    struct doall_cipher dc;
-    dc.fn = fn;
-    dc.arg = arg;
-    OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH, do_all_cipher_fn, &dc);
-}
-
-void EVP_CIPHER_do_all_sorted(void (*fn) (const EVP_CIPHER *ciph,
-                                          const char *from, const char *to,
-                                          void *x), void *arg)
-{
-    struct doall_cipher dc;
-    dc.fn = fn;
-    dc.arg = arg;
-    OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, do_all_cipher_fn, &dc);
-}
-
-struct doall_md {
-    void *arg;
-    void (*fn) (const EVP_MD *ciph,
-                const char *from, const char *to, void *arg);
-};
-
-static void do_all_md_fn(const OBJ_NAME *nm, void *arg)
-{
-    struct doall_md *dc = arg;
-    if (nm->alias)
-        dc->fn(NULL, nm->name, nm->data, dc->arg);
-    else
-        dc->fn((const EVP_MD *)nm->data, nm->name, NULL, dc->arg);
-}
-
-void EVP_MD_do_all(void (*fn) (const EVP_MD *md,
-                               const char *from, const char *to, void *x),
-                   void *arg)
-{
-    struct doall_md dc;
-    dc.fn = fn;
-    dc.arg = arg;
-    OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc);
-}
-
-void EVP_MD_do_all_sorted(void (*fn) (const EVP_MD *md,
-                                      const char *from, const char *to,
-                                      void *x), void *arg)
-{
-    struct doall_md dc;
-    dc.fn = fn;
-    dc.arg = arg;
-    OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc);
-}
diff --git a/thirdparty/openssl/crypto/evp/openbsd_hw.c b/thirdparty/openssl/crypto/evp/openbsd_hw.c
deleted file mode 100644
index 07decf2674..0000000000
--- a/thirdparty/openssl/crypto/evp/openbsd_hw.c
+++ /dev/null
@@ -1,453 +0,0 @@
-/* Written by Ben Laurie, 2001 */
-/*
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/rsa.h>
-#include "evp_locl.h"
-
-/*
- * This stuff should now all be supported through
- * crypto/engine/hw_openbsd_dev_crypto.c unless I botched it up
- */
-static void *dummy = &dummy;
-
-#if 0
-
-/* check flag after OpenSSL headers to ensure make depend works */
-# ifdef OPENSSL_OPENBSD_DEV_CRYPTO
-
-#  include <fcntl.h>
-#  include <stdio.h>
-#  include <errno.h>
-#  include <sys/ioctl.h>
-#  include <crypto/cryptodev.h>
-#  include <unistd.h>
-#  include <assert.h>
-
-/* longest key supported in hardware */
-#  define MAX_HW_KEY      24
-#  define MAX_HW_IV       8
-
-#  define MD5_DIGEST_LENGTH       16
-#  define MD5_CBLOCK              64
-
-static int fd;
-static int dev_failed;
-
-typedef struct session_op session_op;
-
-#  define CDATA(ctx) EVP_C_DATA(session_op,ctx)
-
-static void err(const char *str)
-{
-    fprintf(stderr, "%s: errno %d\n", str, errno);
-}
-
-static int dev_crypto_init(session_op *ses)
-{
-    if (dev_failed)
-        return 0;
-    if (!fd) {
-        int cryptodev_fd;
-
-        if ((cryptodev_fd = open("/dev/crypto", O_RDWR, 0)) < 0) {
-            err("/dev/crypto");
-            dev_failed = 1;
-            return 0;
-        }
-        if (ioctl(cryptodev_fd, CRIOGET, &fd) == -1) {
-            err("CRIOGET failed");
-            close(cryptodev_fd);
-            dev_failed = 1;
-            return 0;
-        }
-        close(cryptodev_fd);
-    }
-    assert(ses);
-    memset(ses, '\0', sizeof *ses);
-
-    return 1;
-}
-
-static int dev_crypto_cleanup(EVP_CIPHER_CTX *ctx)
-{
-    if (ioctl(fd, CIOCFSESSION, &CDATA(ctx)->ses) == -1)
-        err("CIOCFSESSION failed");
-
-    OPENSSL_free(CDATA(ctx)->key);
-
-    return 1;
-}
-
-static int dev_crypto_init_key(EVP_CIPHER_CTX *ctx, int cipher,
-                               const unsigned char *key, int klen)
-{
-    if (!dev_crypto_init(CDATA(ctx)))
-        return 0;
-
-    CDATA(ctx)->key = OPENSSL_malloc(MAX_HW_KEY);
-    if (CDATA(ctx)->key == NULL {
-        err("CDATA(ctx)->key memory allocation failed");
-        return 0;
-    }
-
-    assert(ctx->cipher->iv_len <= MAX_HW_IV);
-
-    memcpy(CDATA(ctx)->key, key, klen);
-
-    CDATA(ctx)->cipher = cipher;
-    CDATA(ctx)->keylen = klen;
-
-    if (ioctl(fd, CIOCGSESSION, CDATA(ctx)) == -1) {
-        err("CIOCGSESSION failed");
-        return 0;
-    }
-    return 1;
-}
-
-static int dev_crypto_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                             const unsigned char *in, unsigned int inl)
-{
-    struct crypt_op cryp;
-    unsigned char lb[MAX_HW_IV];
-
-    if (!inl)
-        return 1;
-
-    assert(CDATA(ctx));
-    assert(!dev_failed);
-
-    memset(&cryp, '\0', sizeof cryp);
-    cryp.ses = CDATA(ctx)->ses;
-    cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
-    cryp.flags = 0;
-    cryp.len = inl;
-    assert((inl & (ctx->cipher->block_size - 1)) == 0);
-    cryp.src = (caddr_t) in;
-    cryp.dst = (caddr_t) out;
-    cryp.mac = 0;
-    if (ctx->cipher->iv_len)
-        cryp.iv = (caddr_t) ctx->iv;
-
-    if (!ctx->encrypt)
-        memcpy(lb, &in[cryp.len - ctx->cipher->iv_len], ctx->cipher->iv_len);
-
-    if (ioctl(fd, CIOCCRYPT, &cryp) == -1) {
-        if (errno == EINVAL) {  /* buffers are misaligned */
-            unsigned int cinl = 0;
-            char *cin = NULL;
-            char *cout = NULL;
-
-            /* NB: this can only make cinl != inl with stream ciphers */
-            cinl = (inl + 3) / 4 * 4;
-
-            if (((unsigned long)in & 3) || cinl != inl) {
-                cin = OPENSSL_malloc(cinl);
-                if (cin == NULL) {
-                    err("cin - memory allocation failed");
-                    abort();
-                    return 0;
-                }
-                memcpy(cin, in, inl);
-                cryp.src = cin;
-            }
-
-            if (((unsigned long)out & 3) || cinl != inl) {
-                cout = OPENSSL_malloc(cinl);
-                cryp.dst = cout;
-            }
-
-            cryp.len = cinl;
-
-            if (ioctl(fd, CIOCCRYPT, &cryp) == -1) {
-                err("CIOCCRYPT(2) failed");
-                printf("src=%p dst=%p\n", cryp.src, cryp.dst);
-                abort();
-                return 0;
-            }
-
-            if (cout) {
-                memcpy(out, cout, inl);
-                OPENSSL_free(cout);
-            }
-            if (cin)
-                OPENSSL_free(cin);
-        } else {
-            err("CIOCCRYPT failed");
-            abort();
-            return 0;
-        }
-    }
-
-    if (ctx->encrypt)
-        memcpy(ctx->iv, &out[cryp.len - ctx->cipher->iv_len],
-               ctx->cipher->iv_len);
-    else
-        memcpy(ctx->iv, lb, ctx->cipher->iv_len);
-
-    return 1;
-}
-
-static int dev_crypto_des_ede3_init_key(EVP_CIPHER_CTX *ctx,
-                                        const unsigned char *key,
-                                        const unsigned char *iv, int enc)
-{
-    return dev_crypto_init_key(ctx, CRYPTO_3DES_CBC, key, 24);
-}
-
-#  define dev_crypto_des_ede3_cbc_cipher dev_crypto_cipher
-
-BLOCK_CIPHER_def_cbc(dev_crypto_des_ede3, session_op, NID_des_ede3, 8, 24, 8,
-                     0, dev_crypto_des_ede3_init_key,
-                     dev_crypto_cleanup,
-                     EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
-
-static int dev_crypto_rc4_init_key(EVP_CIPHER_CTX *ctx,
-                                   const unsigned char *key,
-                                   const unsigned char *iv, int enc)
-{
-    return dev_crypto_init_key(ctx, CRYPTO_ARC4, key, 16);
-}
-
-static const EVP_CIPHER r4_cipher = {
-    NID_rc4,
-    1, 16, 0,                   /* FIXME: key should be up to 256 bytes */
-    EVP_CIPH_VARIABLE_LENGTH,
-    dev_crypto_rc4_init_key,
-    dev_crypto_cipher,
-    dev_crypto_cleanup,
-    sizeof(session_op),
-    NULL,
-    NULL,
-    NULL
-};
-
-const EVP_CIPHER *EVP_dev_crypto_rc4(void)
-{
-    return &r4_cipher;
-}
-
-typedef struct {
-    session_op sess;
-    char *data;
-    int len;
-    unsigned char md[EVP_MAX_MD_SIZE];
-} MD_DATA;
-
-static int dev_crypto_init_digest(MD_DATA *md_data, int mac)
-{
-    if (!dev_crypto_init(&md_data->sess))
-        return 0;
-
-    md_data->len = 0;
-    md_data->data = NULL;
-
-    md_data->sess.mac = mac;
-
-    if (ioctl(fd, CIOCGSESSION, &md_data->sess) == -1) {
-        err("CIOCGSESSION failed");
-        return 0;
-    }
-    return 1;
-}
-
-static int dev_crypto_cleanup_digest(MD_DATA *md_data)
-{
-    if (ioctl(fd, CIOCFSESSION, &md_data->sess.ses) == -1) {
-        err("CIOCFSESSION failed");
-        return 0;
-    }
-
-    return 1;
-}
-
-/* FIXME: if device can do chained MACs, then don't accumulate */
-/* FIXME: move accumulation to the framework */
-static int dev_crypto_md5_init(EVP_MD_CTX *ctx)
-{
-    return dev_crypto_init_digest(ctx->md_data, CRYPTO_MD5);
-}
-
-static int do_digest(int ses, unsigned char *md, const void *data, int len)
-{
-    struct crypt_op cryp;
-    static unsigned char md5zero[16] = {
-        0xd4, 0x1d, 0x8c, 0xd9, 0x8f, 0x00, 0xb2, 0x04,
-        0xe9, 0x80, 0x09, 0x98, 0xec, 0xf8, 0x42, 0x7e
-    };
-
-    /* some cards can't do zero length */
-    if (!len) {
-        memcpy(md, md5zero, 16);
-        return 1;
-    }
-
-    memset(&cryp, '\0', sizeof cryp);
-    cryp.ses = ses;
-    cryp.op = COP_ENCRYPT;      /* required to do the MAC rather than check
-                                 * it */
-    cryp.len = len;
-    cryp.src = (caddr_t) data;
-    cryp.dst = (caddr_t) data;  // FIXME!!!
-    cryp.mac = (caddr_t) md;
-
-    if (ioctl(fd, CIOCCRYPT, &cryp) == -1) {
-        if (errno == EINVAL) {  /* buffer is misaligned */
-            char *dcopy;
-
-            dcopy = OPENSSL_malloc(len);
-            if (dcopy == NULL) {
-                err("dcopy - memory allocation failed");
-                abort();
-                return 0;
-            }
-            memcpy(dcopy, data, len);
-            cryp.src = dcopy;
-            cryp.dst = cryp.src; // FIXME!!!
-
-            if (ioctl(fd, CIOCCRYPT, &cryp) == -1) {
-                err("CIOCCRYPT(MAC2) failed");
-                abort();
-                return 0;
-            }
-            OPENSSL_free(dcopy);
-        } else {
-            err("CIOCCRYPT(MAC) failed");
-            abort();
-            return 0;
-        }
-    }
-    // printf("done\n");
-
-    return 1;
-}
-
-static int dev_crypto_md5_update(EVP_MD_CTX *ctx, const void *data,
-                                 unsigned long len)
-{
-    MD_DATA *md_data = ctx->md_data;
-
-    if (ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)
-        return do_digest(md_data->sess.ses, md_data->md, data, len);
-
-    md_data->data = OPENSSL_realloc(md_data->data, md_data->len + len);
-    if (md_data->data == NULL) {
-        err("DEV_CRYPTO_MD5_UPDATE: unable to allocate memory");
-        abort();
-    }
-    memcpy(md_data->data + md_data->len, data, len);
-    md_data->len += len;
-
-    return 1;
-}
-
-static int dev_crypto_md5_final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-    int ret;
-    MD_DATA *md_data = ctx->md_data;
-
-    if (ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) {
-        memcpy(md, md_data->md, MD5_DIGEST_LENGTH);
-        ret = 1;
-    } else {
-        ret = do_digest(md_data->sess.ses, md, md_data->data, md_data->len);
-        OPENSSL_free(md_data->data);
-        md_data->data = NULL;
-        md_data->len = 0;
-    }
-
-    return ret;
-}
-
-static int dev_crypto_md5_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
-{
-    const MD_DATA *from_md = from->md_data;
-    MD_DATA *to_md = to->md_data;
-
-    // How do we copy sessions?
-    assert(from->digest->flags & EVP_MD_FLAG_ONESHOT);
-
-    to_md->data = OPENSSL_malloc(from_md->len);
-    if (to_md->data == NULL) {
-        err("DEV_CRYPTO_MD5_COPY: unable to allocate memory");
-        abort();
-    }
-    memcpy(to_md->data, from_md->data, from_md->len);
-
-    return 1;
-}
-
-static int dev_crypto_md5_cleanup(EVP_MD_CTX *ctx)
-{
-    return dev_crypto_cleanup_digest(ctx->md_data);
-}
-
-static const EVP_MD md5_md = {
-    NID_md5,
-    NID_md5WithRSAEncryption,
-    MD5_DIGEST_LENGTH,
-    EVP_MD_FLAG_ONESHOT,        // XXX: set according to device info...
-    dev_crypto_md5_init,
-    dev_crypto_md5_update,
-    dev_crypto_md5_final,
-    dev_crypto_md5_copy,
-    dev_crypto_md5_cleanup,
-    EVP_PKEY_RSA_method,
-    MD5_CBLOCK,
-    sizeof(MD_DATA),
-};
-
-const EVP_MD *EVP_dev_crypto_md5(void)
-{
-    return &md5_md;
-}
-
-# endif
-#endif
diff --git a/thirdparty/openssl/crypto/evp/p5_crpt.c b/thirdparty/openssl/crypto/evp/p5_crpt.c
deleted file mode 100644
index d06ab90a3e..0000000000
--- a/thirdparty/openssl/crypto/evp/p5_crpt.c
+++ /dev/null
@@ -1,149 +0,0 @@
-/* p5_crpt.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/evp.h>
-
-/*
- * Doesn't do anything now: Builtin PBE algorithms in static table.
- */
-
-void PKCS5_PBE_add(void)
-{
-}
-
-int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
-                       ASN1_TYPE *param, const EVP_CIPHER *cipher,
-                       const EVP_MD *md, int en_de)
-{
-    EVP_MD_CTX ctx;
-    unsigned char md_tmp[EVP_MAX_MD_SIZE];
-    unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
-    int i;
-    PBEPARAM *pbe;
-    int saltlen, iter;
-    unsigned char *salt;
-    const unsigned char *pbuf;
-    int mdsize;
-    int rv = 0;
-    EVP_MD_CTX_init(&ctx);
-
-    /* Extract useful info from parameter */
-    if (param == NULL || param->type != V_ASN1_SEQUENCE ||
-        param->value.sequence == NULL) {
-        EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
-        return 0;
-    }
-
-    pbuf = param->value.sequence->data;
-    if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) {
-        EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
-        return 0;
-    }
-
-    if (!pbe->iter)
-        iter = 1;
-    else
-        iter = ASN1_INTEGER_get(pbe->iter);
-    salt = pbe->salt->data;
-    saltlen = pbe->salt->length;
-
-    if (!pass)
-        passlen = 0;
-    else if (passlen == -1)
-        passlen = strlen(pass);
-
-    if (!EVP_DigestInit_ex(&ctx, md, NULL))
-        goto err;
-    if (!EVP_DigestUpdate(&ctx, pass, passlen))
-        goto err;
-    if (!EVP_DigestUpdate(&ctx, salt, saltlen))
-        goto err;
-    PBEPARAM_free(pbe);
-    if (!EVP_DigestFinal_ex(&ctx, md_tmp, NULL))
-        goto err;
-    mdsize = EVP_MD_size(md);
-    if (mdsize < 0)
-        return 0;
-    for (i = 1; i < iter; i++) {
-        if (!EVP_DigestInit_ex(&ctx, md, NULL))
-            goto err;
-        if (!EVP_DigestUpdate(&ctx, md_tmp, mdsize))
-            goto err;
-        if (!EVP_DigestFinal_ex(&ctx, md_tmp, NULL))
-            goto err;
-    }
-    OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= (int)sizeof(md_tmp));
-    memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
-    OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16);
-    memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
-           EVP_CIPHER_iv_length(cipher));
-    if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de))
-        goto err;
-    OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE);
-    OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
-    OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
-    rv = 1;
- err:
-    EVP_MD_CTX_cleanup(&ctx);
-    return rv;
-}
diff --git a/thirdparty/openssl/crypto/evp/p5_crpt2.c b/thirdparty/openssl/crypto/evp/p5_crpt2.c
deleted file mode 100644
index f2ae1e5790..0000000000
--- a/thirdparty/openssl/crypto/evp/p5_crpt2.c
+++ /dev/null
@@ -1,334 +0,0 @@
-/* p5_crpt2.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <stdio.h>
-#include <stdlib.h>
-#include "cryptlib.h"
-#if !defined(OPENSSL_NO_HMAC) && !defined(OPENSSL_NO_SHA)
-# include <openssl/x509.h>
-# include <openssl/evp.h>
-# include <openssl/hmac.h>
-# include "evp_locl.h"
-
-/* set this to print out info about the keygen algorithm */
-/* #define DEBUG_PKCS5V2 */
-
-# ifdef DEBUG_PKCS5V2
-static void h__dump(const unsigned char *p, int len);
-# endif
-
-/*
- * This is an implementation of PKCS#5 v2.0 password based encryption key
- * derivation function PBKDF2. SHA1 version verified against test vectors
- * posted by Peter Gutmann <pgut001@cs.auckland.ac.nz> to the PKCS-TNG
- * <pkcs-tng@rsa.com> mailing list.
- */
-
-int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
-                      const unsigned char *salt, int saltlen, int iter,
-                      const EVP_MD *digest, int keylen, unsigned char *out)
-{
-    unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4];
-    int cplen, j, k, tkeylen, mdlen;
-    unsigned long i = 1;
-    HMAC_CTX hctx_tpl, hctx;
-
-    mdlen = EVP_MD_size(digest);
-    if (mdlen < 0)
-        return 0;
-
-    HMAC_CTX_init(&hctx_tpl);
-    p = out;
-    tkeylen = keylen;
-    if (!pass)
-        passlen = 0;
-    else if (passlen == -1)
-        passlen = strlen(pass);
-    if (!HMAC_Init_ex(&hctx_tpl, pass, passlen, digest, NULL)) {
-        HMAC_CTX_cleanup(&hctx_tpl);
-        return 0;
-    }
-    while (tkeylen) {
-        if (tkeylen > mdlen)
-            cplen = mdlen;
-        else
-            cplen = tkeylen;
-        /*
-         * We are unlikely to ever use more than 256 blocks (5120 bits!) but
-         * just in case...
-         */
-        itmp[0] = (unsigned char)((i >> 24) & 0xff);
-        itmp[1] = (unsigned char)((i >> 16) & 0xff);
-        itmp[2] = (unsigned char)((i >> 8) & 0xff);
-        itmp[3] = (unsigned char)(i & 0xff);
-        if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) {
-            HMAC_CTX_cleanup(&hctx_tpl);
-            return 0;
-        }
-        if (!HMAC_Update(&hctx, salt, saltlen)
-            || !HMAC_Update(&hctx, itmp, 4)
-            || !HMAC_Final(&hctx, digtmp, NULL)) {
-            HMAC_CTX_cleanup(&hctx_tpl);
-            HMAC_CTX_cleanup(&hctx);
-            return 0;
-        }
-        HMAC_CTX_cleanup(&hctx);
-        memcpy(p, digtmp, cplen);
-        for (j = 1; j < iter; j++) {
-            if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) {
-                HMAC_CTX_cleanup(&hctx_tpl);
-                return 0;
-            }
-            if (!HMAC_Update(&hctx, digtmp, mdlen)
-                || !HMAC_Final(&hctx, digtmp, NULL)) {
-                HMAC_CTX_cleanup(&hctx_tpl);
-                HMAC_CTX_cleanup(&hctx);
-                return 0;
-            }
-            HMAC_CTX_cleanup(&hctx);
-            for (k = 0; k < cplen; k++)
-                p[k] ^= digtmp[k];
-        }
-        tkeylen -= cplen;
-        i++;
-        p += cplen;
-    }
-    HMAC_CTX_cleanup(&hctx_tpl);
-# ifdef DEBUG_PKCS5V2
-    fprintf(stderr, "Password:\n");
-    h__dump(pass, passlen);
-    fprintf(stderr, "Salt:\n");
-    h__dump(salt, saltlen);
-    fprintf(stderr, "Iteration count %d\n", iter);
-    fprintf(stderr, "Key:\n");
-    h__dump(out, keylen);
-# endif
-    return 1;
-}
-
-int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
-                           const unsigned char *salt, int saltlen, int iter,
-                           int keylen, unsigned char *out)
-{
-    return PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, EVP_sha1(),
-                             keylen, out);
-}
-
-# ifdef DO_TEST
-main()
-{
-    unsigned char out[4];
-    unsigned char salt[] = { 0x12, 0x34, 0x56, 0x78 };
-    PKCS5_PBKDF2_HMAC_SHA1("password", -1, salt, 4, 5, 4, out);
-    fprintf(stderr, "Out %02X %02X %02X %02X\n",
-            out[0], out[1], out[2], out[3]);
-}
-
-# endif
-
-/*
- * Now the key derivation function itself. This is a bit evil because it has
- * to check the ASN1 parameters are valid: and there are quite a few of
- * them...
- */
-
-int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-                          ASN1_TYPE *param, const EVP_CIPHER *c,
-                          const EVP_MD *md, int en_de)
-{
-    const unsigned char *pbuf;
-    int plen;
-    PBE2PARAM *pbe2 = NULL;
-    const EVP_CIPHER *cipher;
-
-    int rv = 0;
-
-    if (param == NULL || param->type != V_ASN1_SEQUENCE ||
-        param->value.sequence == NULL) {
-        EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
-        goto err;
-    }
-
-    pbuf = param->value.sequence->data;
-    plen = param->value.sequence->length;
-    if (!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) {
-        EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
-        goto err;
-    }
-
-    /* See if we recognise the key derivation function */
-
-    if (OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) {
-        EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
-               EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION);
-        goto err;
-    }
-
-    /*
-     * lets see if we recognise the encryption algorithm.
-     */
-
-    cipher = EVP_get_cipherbyobj(pbe2->encryption->algorithm);
-
-    if (!cipher) {
-        EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_CIPHER);
-        goto err;
-    }
-
-    /* Fixup cipher based on AlgorithmIdentifier */
-    if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de))
-        goto err;
-    if (EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) {
-        EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_CIPHER_PARAMETER_ERROR);
-        goto err;
-    }
-    rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen,
-                                  pbe2->keyfunc->parameter, c, md, en_de);
- err:
-    PBE2PARAM_free(pbe2);
-    return rv;
-}
-
-int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
-                             int passlen, ASN1_TYPE *param,
-                             const EVP_CIPHER *c, const EVP_MD *md, int en_de)
-{
-    unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
-    const unsigned char *pbuf;
-    int saltlen, iter, plen;
-    int rv = 0;
-    unsigned int keylen = 0;
-    int prf_nid, hmac_md_nid;
-    PBKDF2PARAM *kdf = NULL;
-    const EVP_MD *prfmd;
-
-    if (EVP_CIPHER_CTX_cipher(ctx) == NULL) {
-        EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_NO_CIPHER_SET);
-        goto err;
-    }
-    keylen = EVP_CIPHER_CTX_key_length(ctx);
-    OPENSSL_assert(keylen <= sizeof key);
-
-    /* Decode parameter */
-
-    if (!param || (param->type != V_ASN1_SEQUENCE)) {
-        EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR);
-        goto err;
-    }
-
-    pbuf = param->value.sequence->data;
-    plen = param->value.sequence->length;
-
-    if (!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen))) {
-        EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR);
-        goto err;
-    }
-
-    keylen = EVP_CIPHER_CTX_key_length(ctx);
-
-    /* Now check the parameters of the kdf */
-
-    if (kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)) {
-        EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_KEYLENGTH);
-        goto err;
-    }
-
-    if (kdf->prf)
-        prf_nid = OBJ_obj2nid(kdf->prf->algorithm);
-    else
-        prf_nid = NID_hmacWithSHA1;
-
-    if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, prf_nid, NULL, &hmac_md_nid, 0)) {
-        EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
-        goto err;
-    }
-
-    prfmd = EVP_get_digestbynid(hmac_md_nid);
-    if (prfmd == NULL) {
-        EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
-        goto err;
-    }
-
-    if (kdf->salt->type != V_ASN1_OCTET_STRING) {
-        EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_SALT_TYPE);
-        goto err;
-    }
-
-    /* it seems that its all OK */
-    salt = kdf->salt->value.octet_string->data;
-    saltlen = kdf->salt->value.octet_string->length;
-    iter = ASN1_INTEGER_get(kdf->iter);
-    if (!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd,
-                           keylen, key))
-        goto err;
-    rv = EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);
- err:
-    OPENSSL_cleanse(key, keylen);
-    PBKDF2PARAM_free(kdf);
-    return rv;
-}
-
-# ifdef DEBUG_PKCS5V2
-static void h__dump(const unsigned char *p, int len)
-{
-    for (; len--; p++)
-        fprintf(stderr, "%02X ", *p);
-    fprintf(stderr, "\n");
-}
-# endif
-#endif
diff --git a/thirdparty/openssl/crypto/evp/p_dec.c b/thirdparty/openssl/crypto/evp/p_dec.c
deleted file mode 100644
index 225b8b45ed..0000000000
--- a/thirdparty/openssl/crypto/evp/p_dec.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/* crypto/evp/p_dec.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl,
-                         EVP_PKEY *priv)
-{
-    int ret = -1;
-
-#ifndef OPENSSL_NO_RSA
-    if (priv->type != EVP_PKEY_RSA) {
-#endif
-        EVPerr(EVP_F_EVP_PKEY_DECRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA);
-#ifndef OPENSSL_NO_RSA
-        goto err;
-    }
-
-    ret =
-        RSA_private_decrypt(ekl, ek, key, priv->pkey.rsa, RSA_PKCS1_PADDING);
- err:
-#endif
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/evp/p_enc.c b/thirdparty/openssl/crypto/evp/p_enc.c
deleted file mode 100644
index f565f33fbf..0000000000
--- a/thirdparty/openssl/crypto/evp/p_enc.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/* crypto/evp/p_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key,
-                         int key_len, EVP_PKEY *pubk)
-{
-    int ret = 0;
-
-#ifndef OPENSSL_NO_RSA
-    if (pubk->type != EVP_PKEY_RSA) {
-#endif
-        EVPerr(EVP_F_EVP_PKEY_ENCRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA);
-#ifndef OPENSSL_NO_RSA
-        goto err;
-    }
-    ret =
-        RSA_public_encrypt(key_len, key, ek, pubk->pkey.rsa,
-                           RSA_PKCS1_PADDING);
- err:
-#endif
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/evp/p_lib.c b/thirdparty/openssl/crypto/evp/p_lib.c
deleted file mode 100644
index 545d04fd77..0000000000
--- a/thirdparty/openssl/crypto/evp/p_lib.c
+++ /dev/null
@@ -1,464 +0,0 @@
-/* crypto/evp/p_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-
-#include "asn1_locl.h"
-
-static void EVP_PKEY_free_it(EVP_PKEY *x);
-
-int EVP_PKEY_bits(EVP_PKEY *pkey)
-{
-    if (pkey && pkey->ameth && pkey->ameth->pkey_bits)
-        return pkey->ameth->pkey_bits(pkey);
-    return 0;
-}
-
-int EVP_PKEY_size(EVP_PKEY *pkey)
-{
-    if (pkey && pkey->ameth && pkey->ameth->pkey_size)
-        return pkey->ameth->pkey_size(pkey);
-    return 0;
-}
-
-int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
-{
-#ifndef OPENSSL_NO_DSA
-    if (pkey->type == EVP_PKEY_DSA) {
-        int ret = pkey->save_parameters;
-
-        if (mode >= 0)
-            pkey->save_parameters = mode;
-        return (ret);
-    }
-#endif
-#ifndef OPENSSL_NO_EC
-    if (pkey->type == EVP_PKEY_EC) {
-        int ret = pkey->save_parameters;
-
-        if (mode >= 0)
-            pkey->save_parameters = mode;
-        return (ret);
-    }
-#endif
-    return (0);
-}
-
-int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
-{
-    if (to->type != from->type) {
-        EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_DIFFERENT_KEY_TYPES);
-        goto err;
-    }
-
-    if (EVP_PKEY_missing_parameters(from)) {
-        EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_MISSING_PARAMETERS);
-        goto err;
-    }
-
-    if (!EVP_PKEY_missing_parameters(to)) {
-        if (EVP_PKEY_cmp_parameters(to, from) == 1)
-            return 1;
-        EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_DIFFERENT_PARAMETERS);
-        return 0;
-    }
-
-    if (from->ameth && from->ameth->param_copy)
-        return from->ameth->param_copy(to, from);
- err:
-    return 0;
-}
-
-int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey)
-{
-    if (pkey->ameth && pkey->ameth->param_missing)
-        return pkey->ameth->param_missing(pkey);
-    return 0;
-}
-
-int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
-{
-    if (a->type != b->type)
-        return -1;
-    if (a->ameth && a->ameth->param_cmp)
-        return a->ameth->param_cmp(a, b);
-    return -2;
-}
-
-int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
-{
-    if (a->type != b->type)
-        return -1;
-
-    if (a->ameth) {
-        int ret;
-        /* Compare parameters if the algorithm has them */
-        if (a->ameth->param_cmp) {
-            ret = a->ameth->param_cmp(a, b);
-            if (ret <= 0)
-                return ret;
-        }
-
-        if (a->ameth->pub_cmp)
-            return a->ameth->pub_cmp(a, b);
-    }
-
-    return -2;
-}
-
-EVP_PKEY *EVP_PKEY_new(void)
-{
-    EVP_PKEY *ret;
-
-    ret = (EVP_PKEY *)OPENSSL_malloc(sizeof(EVP_PKEY));
-    if (ret == NULL) {
-        EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE);
-        return (NULL);
-    }
-    ret->type = EVP_PKEY_NONE;
-    ret->save_type = EVP_PKEY_NONE;
-    ret->references = 1;
-    ret->ameth = NULL;
-    ret->engine = NULL;
-    ret->pkey.ptr = NULL;
-    ret->attributes = NULL;
-    ret->save_parameters = 1;
-    return (ret);
-}
-
-/*
- * Setup a public key ASN1 method and ENGINE from a NID or a string. If pkey
- * is NULL just return 1 or 0 if the algorithm exists.
- */
-
-static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
-{
-    const EVP_PKEY_ASN1_METHOD *ameth;
-    ENGINE *e = NULL;
-    if (pkey) {
-        if (pkey->pkey.ptr)
-            EVP_PKEY_free_it(pkey);
-        /*
-         * If key type matches and a method exists then this lookup has
-         * succeeded once so just indicate success.
-         */
-        if ((type == pkey->save_type) && pkey->ameth)
-            return 1;
-#ifndef OPENSSL_NO_ENGINE
-        /* If we have an ENGINE release it */
-        if (pkey->engine) {
-            ENGINE_finish(pkey->engine);
-            pkey->engine = NULL;
-        }
-#endif
-    }
-    if (str)
-        ameth = EVP_PKEY_asn1_find_str(&e, str, len);
-    else
-        ameth = EVP_PKEY_asn1_find(&e, type);
-#ifndef OPENSSL_NO_ENGINE
-    if (!pkey && e)
-        ENGINE_finish(e);
-#endif
-    if (!ameth) {
-        EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM);
-        return 0;
-    }
-    if (pkey) {
-        pkey->ameth = ameth;
-        pkey->engine = e;
-
-        pkey->type = pkey->ameth->pkey_id;
-        pkey->save_type = type;
-    }
-    return 1;
-}
-
-int EVP_PKEY_set_type(EVP_PKEY *pkey, int type)
-{
-    return pkey_set_type(pkey, type, NULL, -1);
-}
-
-int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len)
-{
-    return pkey_set_type(pkey, EVP_PKEY_NONE, str, len);
-}
-
-int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key)
-{
-    if (pkey == NULL || !EVP_PKEY_set_type(pkey, type))
-        return 0;
-    pkey->pkey.ptr = key;
-    return (key != NULL);
-}
-
-void *EVP_PKEY_get0(EVP_PKEY *pkey)
-{
-    return pkey->pkey.ptr;
-}
-
-#ifndef OPENSSL_NO_RSA
-int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
-{
-    int ret = EVP_PKEY_assign_RSA(pkey, key);
-    if (ret)
-        RSA_up_ref(key);
-    return ret;
-}
-
-RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
-{
-    if (pkey->type != EVP_PKEY_RSA) {
-        EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
-        return NULL;
-    }
-    RSA_up_ref(pkey->pkey.rsa);
-    return pkey->pkey.rsa;
-}
-#endif
-
-#ifndef OPENSSL_NO_DSA
-int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
-{
-    int ret = EVP_PKEY_assign_DSA(pkey, key);
-    if (ret)
-        DSA_up_ref(key);
-    return ret;
-}
-
-DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
-{
-    if (pkey->type != EVP_PKEY_DSA) {
-        EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY);
-        return NULL;
-    }
-    DSA_up_ref(pkey->pkey.dsa);
-    return pkey->pkey.dsa;
-}
-#endif
-
-#ifndef OPENSSL_NO_EC
-
-int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key)
-{
-    int ret = EVP_PKEY_assign_EC_KEY(pkey, key);
-    if (ret)
-        EC_KEY_up_ref(key);
-    return ret;
-}
-
-EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
-{
-    if (pkey->type != EVP_PKEY_EC) {
-        EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY);
-        return NULL;
-    }
-    EC_KEY_up_ref(pkey->pkey.ec);
-    return pkey->pkey.ec;
-}
-#endif
-
-#ifndef OPENSSL_NO_DH
-
-int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
-{
-    int ret = EVP_PKEY_assign_DH(pkey, key);
-    if (ret)
-        DH_up_ref(key);
-    return ret;
-}
-
-DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey)
-{
-    if (pkey->type != EVP_PKEY_DH && pkey->type != EVP_PKEY_DHX) {
-        EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY);
-        return NULL;
-    }
-    DH_up_ref(pkey->pkey.dh);
-    return pkey->pkey.dh;
-}
-#endif
-
-int EVP_PKEY_type(int type)
-{
-    int ret;
-    const EVP_PKEY_ASN1_METHOD *ameth;
-    ENGINE *e;
-    ameth = EVP_PKEY_asn1_find(&e, type);
-    if (ameth)
-        ret = ameth->pkey_id;
-    else
-        ret = NID_undef;
-#ifndef OPENSSL_NO_ENGINE
-    if (e)
-        ENGINE_finish(e);
-#endif
-    return ret;
-}
-
-int EVP_PKEY_id(const EVP_PKEY *pkey)
-{
-    return pkey->type;
-}
-
-int EVP_PKEY_base_id(const EVP_PKEY *pkey)
-{
-    return EVP_PKEY_type(pkey->type);
-}
-
-void EVP_PKEY_free(EVP_PKEY *x)
-{
-    int i;
-
-    if (x == NULL)
-        return;
-
-    i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_EVP_PKEY);
-#ifdef REF_PRINT
-    REF_PRINT("EVP_PKEY", x);
-#endif
-    if (i > 0)
-        return;
-#ifdef REF_CHECK
-    if (i < 0) {
-        fprintf(stderr, "EVP_PKEY_free, bad reference count\n");
-        abort();
-    }
-#endif
-    EVP_PKEY_free_it(x);
-    if (x->attributes)
-        sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free);
-    OPENSSL_free(x);
-}
-
-static void EVP_PKEY_free_it(EVP_PKEY *x)
-{
-    if (x->ameth && x->ameth->pkey_free) {
-        x->ameth->pkey_free(x);
-        x->pkey.ptr = NULL;
-    }
-#ifndef OPENSSL_NO_ENGINE
-    if (x->engine) {
-        ENGINE_finish(x->engine);
-        x->engine = NULL;
-    }
-#endif
-}
-
-static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent,
-                     const char *kstr)
-{
-    BIO_indent(out, indent, 128);
-    BIO_printf(out, "%s algorithm \"%s\" unsupported\n",
-               kstr, OBJ_nid2ln(pkey->type));
-    return 1;
-}
-
-int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
-                          int indent, ASN1_PCTX *pctx)
-{
-    if (pkey->ameth && pkey->ameth->pub_print)
-        return pkey->ameth->pub_print(out, pkey, indent, pctx);
-
-    return unsup_alg(out, pkey, indent, "Public Key");
-}
-
-int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
-                           int indent, ASN1_PCTX *pctx)
-{
-    if (pkey->ameth && pkey->ameth->priv_print)
-        return pkey->ameth->priv_print(out, pkey, indent, pctx);
-
-    return unsup_alg(out, pkey, indent, "Private Key");
-}
-
-int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
-                          int indent, ASN1_PCTX *pctx)
-{
-    if (pkey->ameth && pkey->ameth->param_print)
-        return pkey->ameth->param_print(out, pkey, indent, pctx);
-    return unsup_alg(out, pkey, indent, "Parameters");
-}
-
-int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid)
-{
-    if (!pkey->ameth || !pkey->ameth->pkey_ctrl)
-        return -2;
-    return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID,
-                                  0, pnid);
-}
diff --git a/thirdparty/openssl/crypto/evp/p_open.c b/thirdparty/openssl/crypto/evp/p_open.c
deleted file mode 100644
index 229eb6417a..0000000000
--- a/thirdparty/openssl/crypto/evp/p_open.c
+++ /dev/null
@@ -1,129 +0,0 @@
-/* crypto/evp/p_open.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-
-#ifndef OPENSSL_NO_RSA
-
-# include <openssl/evp.h>
-# include <openssl/objects.h>
-# include <openssl/x509.h>
-# include <openssl/rsa.h>
-
-int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-                 const unsigned char *ek, int ekl, const unsigned char *iv,
-                 EVP_PKEY *priv)
-{
-    unsigned char *key = NULL;
-    int i, size = 0, ret = 0;
-
-    if (type) {
-        EVP_CIPHER_CTX_init(ctx);
-        if (!EVP_DecryptInit_ex(ctx, type, NULL, NULL, NULL))
-            return 0;
-    }
-
-    if (!priv)
-        return 1;
-
-    if (priv->type != EVP_PKEY_RSA) {
-        EVPerr(EVP_F_EVP_OPENINIT, EVP_R_PUBLIC_KEY_NOT_RSA);
-        goto err;
-    }
-
-    size = RSA_size(priv->pkey.rsa);
-    key = (unsigned char *)OPENSSL_malloc(size + 2);
-    if (key == NULL) {
-        /* ERROR */
-        EVPerr(EVP_F_EVP_OPENINIT, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    i = EVP_PKEY_decrypt_old(key, ek, ekl, priv);
-    if ((i <= 0) || !EVP_CIPHER_CTX_set_key_length(ctx, i)) {
-        /* ERROR */
-        goto err;
-    }
-    if (!EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv))
-        goto err;
-
-    ret = 1;
- err:
-    if (key != NULL)
-        OPENSSL_cleanse(key, size);
-    OPENSSL_free(key);
-    return (ret);
-}
-
-int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-{
-    int i;
-
-    i = EVP_DecryptFinal_ex(ctx, out, outl);
-    if (i)
-        i = EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL);
-    return (i);
-}
-#else                           /* !OPENSSL_NO_RSA */
-
-# ifdef PEDANTIC
-static void *dummy = &dummy;
-# endif
-
-#endif
diff --git a/thirdparty/openssl/crypto/evp/p_seal.c b/thirdparty/openssl/crypto/evp/p_seal.c
deleted file mode 100644
index ba9dfff215..0000000000
--- a/thirdparty/openssl/crypto/evp/p_seal.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* crypto/evp/p_seal.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-                 unsigned char **ek, int *ekl, unsigned char *iv,
-                 EVP_PKEY **pubk, int npubk)
-{
-    unsigned char key[EVP_MAX_KEY_LENGTH];
-    int i;
-
-    if (type) {
-        EVP_CIPHER_CTX_init(ctx);
-        if (!EVP_EncryptInit_ex(ctx, type, NULL, NULL, NULL))
-            return 0;
-    }
-    if ((npubk <= 0) || !pubk)
-        return 1;
-    if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
-        return 0;
-    if (EVP_CIPHER_CTX_iv_length(ctx)
-        && RAND_bytes(iv, EVP_CIPHER_CTX_iv_length(ctx)) <= 0)
-        return 0;
-
-    if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))
-        return 0;
-
-    for (i = 0; i < npubk; i++) {
-        ekl[i] =
-            EVP_PKEY_encrypt_old(ek[i], key, EVP_CIPHER_CTX_key_length(ctx),
-                                 pubk[i]);
-        if (ekl[i] <= 0)
-            return (-1);
-    }
-    return (npubk);
-}
-
-/*- MACRO
-void EVP_SealUpdate(ctx,out,outl,in,inl)
-EVP_CIPHER_CTX *ctx;
-unsigned char *out;
-int *outl;
-unsigned char *in;
-int inl;
-        {
-        EVP_EncryptUpdate(ctx,out,outl,in,inl);
-        }
-*/
-
-int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-{
-    int i;
-    i = EVP_EncryptFinal_ex(ctx, out, outl);
-    if (i)
-        i = EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, NULL);
-    return i;
-}
diff --git a/thirdparty/openssl/crypto/evp/p_sign.c b/thirdparty/openssl/crypto/evp/p_sign.c
deleted file mode 100644
index 1b9ba060d4..0000000000
--- a/thirdparty/openssl/crypto/evp/p_sign.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/* crypto/evp/p_sign.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#ifdef undef
-void EVP_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
-{
-    EVP_DigestInit_ex(ctx, type);
-}
-
-void EVP_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data, unsigned int count)
-{
-    EVP_DigestUpdate(ctx, data, count);
-}
-#endif
-
-int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
-                  unsigned int *siglen, EVP_PKEY *pkey)
-{
-    unsigned char m[EVP_MAX_MD_SIZE];
-    unsigned int m_len;
-    int i = 0, ok = 0, v;
-    EVP_MD_CTX tmp_ctx;
-    EVP_PKEY_CTX *pkctx = NULL;
-
-    *siglen = 0;
-    EVP_MD_CTX_init(&tmp_ctx);
-    if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
-        goto err;
-    if (!EVP_DigestFinal_ex(&tmp_ctx, &(m[0]), &m_len))
-        goto err;
-    EVP_MD_CTX_cleanup(&tmp_ctx);
-
-    if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
-        size_t sltmp = (size_t)EVP_PKEY_size(pkey);
-        i = 0;
-        pkctx = EVP_PKEY_CTX_new(pkey, NULL);
-        if (!pkctx)
-            goto err;
-        if (EVP_PKEY_sign_init(pkctx) <= 0)
-            goto err;
-        if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
-            goto err;
-        if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
-            goto err;
-        *siglen = sltmp;
-        i = 1;
- err:
-        EVP_PKEY_CTX_free(pkctx);
-        return i;
-    }
-
-    for (i = 0; i < 4; i++) {
-        v = ctx->digest->required_pkey_type[i];
-        if (v == 0)
-            break;
-        if (pkey->type == v) {
-            ok = 1;
-            break;
-        }
-    }
-    if (!ok) {
-        EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE);
-        return (0);
-    }
-
-    if (ctx->digest->sign == NULL) {
-        EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
-        return (0);
-    }
-    return (ctx->digest->sign(ctx->digest->type, m, m_len, sigret, siglen,
-                              pkey->pkey.ptr));
-}
diff --git a/thirdparty/openssl/crypto/evp/p_verify.c b/thirdparty/openssl/crypto/evp/p_verify.c
deleted file mode 100644
index 65e1e21692..0000000000
--- a/thirdparty/openssl/crypto/evp/p_verify.c
+++ /dev/null
@@ -1,116 +0,0 @@
-/* crypto/evp/p_verify.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
-                    unsigned int siglen, EVP_PKEY *pkey)
-{
-    unsigned char m[EVP_MAX_MD_SIZE];
-    unsigned int m_len;
-    int i = 0, ok = 0, v;
-    EVP_MD_CTX tmp_ctx;
-    EVP_PKEY_CTX *pkctx = NULL;
-
-    EVP_MD_CTX_init(&tmp_ctx);
-    if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
-        goto err;
-    if (!EVP_DigestFinal_ex(&tmp_ctx, &(m[0]), &m_len))
-        goto err;
-    EVP_MD_CTX_cleanup(&tmp_ctx);
-
-    if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
-        i = -1;
-        pkctx = EVP_PKEY_CTX_new(pkey, NULL);
-        if (!pkctx)
-            goto err;
-        if (EVP_PKEY_verify_init(pkctx) <= 0)
-            goto err;
-        if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
-            goto err;
-        i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
- err:
-        EVP_PKEY_CTX_free(pkctx);
-        return i;
-    }
-
-    for (i = 0; i < 4; i++) {
-        v = ctx->digest->required_pkey_type[i];
-        if (v == 0)
-            break;
-        if (pkey->type == v) {
-            ok = 1;
-            break;
-        }
-    }
-    if (!ok) {
-        EVPerr(EVP_F_EVP_VERIFYFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE);
-        return (-1);
-    }
-    if (ctx->digest->verify == NULL) {
-        EVPerr(EVP_F_EVP_VERIFYFINAL, EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
-        return (0);
-    }
-
-    return (ctx->digest->verify(ctx->digest->type, m, m_len,
-                                sigbuf, siglen, pkey->pkey.ptr));
-}
diff --git a/thirdparty/openssl/crypto/evp/pmeth_fn.c b/thirdparty/openssl/crypto/evp/pmeth_fn.c
deleted file mode 100644
index 727869e3ee..0000000000
--- a/thirdparty/openssl/crypto/evp/pmeth_fn.c
+++ /dev/null
@@ -1,348 +0,0 @@
-/* pmeth_fn.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include "evp_locl.h"
-
-#define M_check_autoarg(ctx, arg, arglen, err) \
-    if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) {           \
-        size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey);         \
-                                                                  \
-        if (pksize == 0) {                                        \
-            EVPerr(err, EVP_R_INVALID_KEY); /*ckerr_ignore*/      \
-            return 0;                                             \
-        }                                                         \
-        if (!arg) {                                               \
-            *arglen = pksize;                                     \
-            return 1;                                             \
-        }                                                         \
-        if (*arglen < pksize) {                                   \
-            EVPerr(err, EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/ \
-            return 0;                                             \
-        }                                                         \
-    }
-
-int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
-{
-    int ret;
-    if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {
-        EVPerr(EVP_F_EVP_PKEY_SIGN_INIT,
-               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-        return -2;
-    }
-    ctx->operation = EVP_PKEY_OP_SIGN;
-    if (!ctx->pmeth->sign_init)
-        return 1;
-    ret = ctx->pmeth->sign_init(ctx);
-    if (ret <= 0)
-        ctx->operation = EVP_PKEY_OP_UNDEFINED;
-    return ret;
-}
-
-int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
-                  unsigned char *sig, size_t *siglen,
-                  const unsigned char *tbs, size_t tbslen)
-{
-    if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {
-        EVPerr(EVP_F_EVP_PKEY_SIGN,
-               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-        return -2;
-    }
-    if (ctx->operation != EVP_PKEY_OP_SIGN) {
-        EVPerr(EVP_F_EVP_PKEY_SIGN, EVP_R_OPERATON_NOT_INITIALIZED);
-        return -1;
-    }
-    M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN)
-        return ctx->pmeth->sign(ctx, sig, siglen, tbs, tbslen);
-}
-
-int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx)
-{
-    int ret;
-    if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {
-        EVPerr(EVP_F_EVP_PKEY_VERIFY_INIT,
-               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-        return -2;
-    }
-    ctx->operation = EVP_PKEY_OP_VERIFY;
-    if (!ctx->pmeth->verify_init)
-        return 1;
-    ret = ctx->pmeth->verify_init(ctx);
-    if (ret <= 0)
-        ctx->operation = EVP_PKEY_OP_UNDEFINED;
-    return ret;
-}
-
-int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
-                    const unsigned char *sig, size_t siglen,
-                    const unsigned char *tbs, size_t tbslen)
-{
-    if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {
-        EVPerr(EVP_F_EVP_PKEY_VERIFY,
-               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-        return -2;
-    }
-    if (ctx->operation != EVP_PKEY_OP_VERIFY) {
-        EVPerr(EVP_F_EVP_PKEY_VERIFY, EVP_R_OPERATON_NOT_INITIALIZED);
-        return -1;
-    }
-    return ctx->pmeth->verify(ctx, sig, siglen, tbs, tbslen);
-}
-
-int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx)
-{
-    int ret;
-    if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {
-        EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT,
-               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-        return -2;
-    }
-    ctx->operation = EVP_PKEY_OP_VERIFYRECOVER;
-    if (!ctx->pmeth->verify_recover_init)
-        return 1;
-    ret = ctx->pmeth->verify_recover_init(ctx);
-    if (ret <= 0)
-        ctx->operation = EVP_PKEY_OP_UNDEFINED;
-    return ret;
-}
-
-int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
-                            unsigned char *rout, size_t *routlen,
-                            const unsigned char *sig, size_t siglen)
-{
-    if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {
-        EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER,
-               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-        return -2;
-    }
-    if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER) {
-        EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER, EVP_R_OPERATON_NOT_INITIALIZED);
-        return -1;
-    }
-    M_check_autoarg(ctx, rout, routlen, EVP_F_EVP_PKEY_VERIFY_RECOVER)
-        return ctx->pmeth->verify_recover(ctx, rout, routlen, sig, siglen);
-}
-
-int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx)
-{
-    int ret;
-    if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {
-        EVPerr(EVP_F_EVP_PKEY_ENCRYPT_INIT,
-               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-        return -2;
-    }
-    ctx->operation = EVP_PKEY_OP_ENCRYPT;
-    if (!ctx->pmeth->encrypt_init)
-        return 1;
-    ret = ctx->pmeth->encrypt_init(ctx);
-    if (ret <= 0)
-        ctx->operation = EVP_PKEY_OP_UNDEFINED;
-    return ret;
-}
-
-int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
-                     unsigned char *out, size_t *outlen,
-                     const unsigned char *in, size_t inlen)
-{
-    if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {
-        EVPerr(EVP_F_EVP_PKEY_ENCRYPT,
-               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-        return -2;
-    }
-    if (ctx->operation != EVP_PKEY_OP_ENCRYPT) {
-        EVPerr(EVP_F_EVP_PKEY_ENCRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
-        return -1;
-    }
-    M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_ENCRYPT)
-        return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen);
-}
-
-int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx)
-{
-    int ret;
-    if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {
-        EVPerr(EVP_F_EVP_PKEY_DECRYPT_INIT,
-               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-        return -2;
-    }
-    ctx->operation = EVP_PKEY_OP_DECRYPT;
-    if (!ctx->pmeth->decrypt_init)
-        return 1;
-    ret = ctx->pmeth->decrypt_init(ctx);
-    if (ret <= 0)
-        ctx->operation = EVP_PKEY_OP_UNDEFINED;
-    return ret;
-}
-
-int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
-                     unsigned char *out, size_t *outlen,
-                     const unsigned char *in, size_t inlen)
-{
-    if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {
-        EVPerr(EVP_F_EVP_PKEY_DECRYPT,
-               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-        return -2;
-    }
-    if (ctx->operation != EVP_PKEY_OP_DECRYPT) {
-        EVPerr(EVP_F_EVP_PKEY_DECRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
-        return -1;
-    }
-    M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT)
-        return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen);
-}
-
-int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
-{
-    int ret;
-    if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
-        EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT,
-               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-        return -2;
-    }
-    ctx->operation = EVP_PKEY_OP_DERIVE;
-    if (!ctx->pmeth->derive_init)
-        return 1;
-    ret = ctx->pmeth->derive_init(ctx);
-    if (ret <= 0)
-        ctx->operation = EVP_PKEY_OP_UNDEFINED;
-    return ret;
-}
-
-int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
-{
-    int ret;
-    if (!ctx || !ctx->pmeth
-        || !(ctx->pmeth->derive || ctx->pmeth->encrypt || ctx->pmeth->decrypt)
-        || !ctx->pmeth->ctrl) {
-        EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
-               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-        return -2;
-    }
-    if (ctx->operation != EVP_PKEY_OP_DERIVE
-        && ctx->operation != EVP_PKEY_OP_ENCRYPT
-        && ctx->operation != EVP_PKEY_OP_DECRYPT) {
-        EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
-               EVP_R_OPERATON_NOT_INITIALIZED);
-        return -1;
-    }
-
-    ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);
-
-    if (ret <= 0)
-        return ret;
-
-    if (ret == 2)
-        return 1;
-
-    if (!ctx->pkey) {
-        EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_NO_KEY_SET);
-        return -1;
-    }
-
-    if (ctx->pkey->type != peer->type) {
-        EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_DIFFERENT_KEY_TYPES);
-        return -1;
-    }
-
-    /*
-     * ran@cryptocom.ru: For clarity.  The error is if parameters in peer are
-     * present (!missing) but don't match.  EVP_PKEY_cmp_parameters may return
-     * 1 (match), 0 (don't match) and -2 (comparison is not defined).  -1
-     * (different key types) is impossible here because it is checked earlier.
-     * -2 is OK for us here, as well as 1, so we can check for 0 only.
-     */
-    if (!EVP_PKEY_missing_parameters(peer) &&
-        !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) {
-        EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_DIFFERENT_PARAMETERS);
-        return -1;
-    }
-
-    if (ctx->peerkey)
-        EVP_PKEY_free(ctx->peerkey);
-    ctx->peerkey = peer;
-
-    ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
-
-    if (ret <= 0) {
-        ctx->peerkey = NULL;
-        return ret;
-    }
-
-    CRYPTO_add(&peer->references, 1, CRYPTO_LOCK_EVP_PKEY);
-    return 1;
-}
-
-int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
-{
-    if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
-        EVPerr(EVP_F_EVP_PKEY_DERIVE,
-               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-        return -2;
-    }
-    if (ctx->operation != EVP_PKEY_OP_DERIVE) {
-        EVPerr(EVP_F_EVP_PKEY_DERIVE, EVP_R_OPERATON_NOT_INITIALIZED);
-        return -1;
-    }
-    M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE)
-        return ctx->pmeth->derive(ctx, key, pkeylen);
-}
diff --git a/thirdparty/openssl/crypto/evp/pmeth_gn.c b/thirdparty/openssl/crypto/evp/pmeth_gn.c
deleted file mode 100644
index 6a4d3573ff..0000000000
--- a/thirdparty/openssl/crypto/evp/pmeth_gn.c
+++ /dev/null
@@ -1,222 +0,0 @@
-/* pmeth_gn.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/bn.h>
-#include "evp_locl.h"
-
-int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx)
-{
-    int ret;
-    if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) {
-        EVPerr(EVP_F_EVP_PKEY_PARAMGEN_INIT,
-               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-        return -2;
-    }
-    ctx->operation = EVP_PKEY_OP_PARAMGEN;
-    if (!ctx->pmeth->paramgen_init)
-        return 1;
-    ret = ctx->pmeth->paramgen_init(ctx);
-    if (ret <= 0)
-        ctx->operation = EVP_PKEY_OP_UNDEFINED;
-    return ret;
-}
-
-int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
-{
-    int ret;
-    if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) {
-        EVPerr(EVP_F_EVP_PKEY_PARAMGEN,
-               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-        return -2;
-    }
-
-    if (ctx->operation != EVP_PKEY_OP_PARAMGEN) {
-        EVPerr(EVP_F_EVP_PKEY_PARAMGEN, EVP_R_OPERATON_NOT_INITIALIZED);
-        return -1;
-    }
-
-    if (ppkey == NULL)
-        return -1;
-
-    if (*ppkey == NULL)
-        *ppkey = EVP_PKEY_new();
-
-    if (*ppkey == NULL) {
-        EVPerr(EVP_F_EVP_PKEY_PARAMGEN, ERR_R_MALLOC_FAILURE);
-        return -1;
-    }
-
-    ret = ctx->pmeth->paramgen(ctx, *ppkey);
-    if (ret <= 0) {
-        EVP_PKEY_free(*ppkey);
-        *ppkey = NULL;
-    }
-    return ret;
-}
-
-int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx)
-{
-    int ret;
-    if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {
-        EVPerr(EVP_F_EVP_PKEY_KEYGEN_INIT,
-               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-        return -2;
-    }
-    ctx->operation = EVP_PKEY_OP_KEYGEN;
-    if (!ctx->pmeth->keygen_init)
-        return 1;
-    ret = ctx->pmeth->keygen_init(ctx);
-    if (ret <= 0)
-        ctx->operation = EVP_PKEY_OP_UNDEFINED;
-    return ret;
-}
-
-int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
-{
-    int ret;
-
-    if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {
-        EVPerr(EVP_F_EVP_PKEY_KEYGEN,
-               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-        return -2;
-    }
-    if (ctx->operation != EVP_PKEY_OP_KEYGEN) {
-        EVPerr(EVP_F_EVP_PKEY_KEYGEN, EVP_R_OPERATON_NOT_INITIALIZED);
-        return -1;
-    }
-
-    if (!ppkey)
-        return -1;
-
-    if (*ppkey == NULL)
-        *ppkey = EVP_PKEY_new();
-    if (*ppkey == NULL)
-        return -1;
-
-    ret = ctx->pmeth->keygen(ctx, *ppkey);
-    if (ret <= 0) {
-        EVP_PKEY_free(*ppkey);
-        *ppkey = NULL;
-    }
-    return ret;
-}
-
-void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb)
-{
-    ctx->pkey_gencb = cb;
-}
-
-EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx)
-{
-    return ctx->pkey_gencb;
-}
-
-/*
- * "translation callback" to call EVP_PKEY_CTX callbacks using BN_GENCB style
- * callbacks.
- */
-
-static int trans_cb(int a, int b, BN_GENCB *gcb)
-{
-    EVP_PKEY_CTX *ctx = gcb->arg;
-    ctx->keygen_info[0] = a;
-    ctx->keygen_info[1] = b;
-    return ctx->pkey_gencb(ctx);
-}
-
-void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx)
-{
-    BN_GENCB_set(cb, trans_cb, ctx)
-}
-
-int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx)
-{
-    if (idx == -1)
-        return ctx->keygen_info_count;
-    if (idx < 0 || idx > ctx->keygen_info_count)
-        return 0;
-    return ctx->keygen_info[idx];
-}
-
-EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
-                               const unsigned char *key, int keylen)
-{
-    EVP_PKEY_CTX *mac_ctx = NULL;
-    EVP_PKEY *mac_key = NULL;
-    mac_ctx = EVP_PKEY_CTX_new_id(type, e);
-    if (!mac_ctx)
-        return NULL;
-    if (EVP_PKEY_keygen_init(mac_ctx) <= 0)
-        goto merr;
-    if (EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN,
-                          EVP_PKEY_CTRL_SET_MAC_KEY,
-                          keylen, (void *)key) <= 0)
-        goto merr;
-    if (EVP_PKEY_keygen(mac_ctx, &mac_key) <= 0)
-        goto merr;
- merr:
-    if (mac_ctx)
-        EVP_PKEY_CTX_free(mac_ctx);
-    return mac_key;
-}
diff --git a/thirdparty/openssl/crypto/evp/pmeth_lib.c b/thirdparty/openssl/crypto/evp/pmeth_lib.c
deleted file mode 100644
index b7b7bdcd02..0000000000
--- a/thirdparty/openssl/crypto/evp/pmeth_lib.c
+++ /dev/null
@@ -1,591 +0,0 @@
-/* pmeth_lib.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-#include "asn1_locl.h"
-#include "evp_locl.h"
-
-typedef int sk_cmp_fn_type(const char *const *a, const char *const *b);
-
-DECLARE_STACK_OF(EVP_PKEY_METHOD)
-STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL;
-
-extern const EVP_PKEY_METHOD rsa_pkey_meth, dh_pkey_meth, dsa_pkey_meth;
-extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth, cmac_pkey_meth;
-extern const EVP_PKEY_METHOD dhx_pkey_meth;
-
-static const EVP_PKEY_METHOD *standard_methods[] = {
-#ifndef OPENSSL_NO_RSA
-    &rsa_pkey_meth,
-#endif
-#ifndef OPENSSL_NO_DH
-    &dh_pkey_meth,
-#endif
-#ifndef OPENSSL_NO_DSA
-    &dsa_pkey_meth,
-#endif
-#ifndef OPENSSL_NO_EC
-    &ec_pkey_meth,
-#endif
-    &hmac_pkey_meth,
-#ifndef OPENSSL_NO_CMAC
-    &cmac_pkey_meth,
-#endif
-#ifndef OPENSSL_NO_DH
-    &dhx_pkey_meth
-#endif
-};
-
-DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *,
-                           pmeth);
-
-static int pmeth_cmp(const EVP_PKEY_METHOD *const *a,
-                     const EVP_PKEY_METHOD *const *b)
-{
-    return ((*a)->pkey_id - (*b)->pkey_id);
-}
-
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *,
-                             pmeth);
-
-const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type)
-{
-    EVP_PKEY_METHOD tmp;
-    const EVP_PKEY_METHOD *t = &tmp, **ret;
-    tmp.pkey_id = type;
-    if (app_pkey_methods) {
-        int idx;
-        idx = sk_EVP_PKEY_METHOD_find(app_pkey_methods, &tmp);
-        if (idx >= 0)
-            return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx);
-    }
-    ret = OBJ_bsearch_pmeth(&t, standard_methods,
-                            sizeof(standard_methods) /
-                            sizeof(EVP_PKEY_METHOD *));
-    if (!ret || !*ret)
-        return NULL;
-    return *ret;
-}
-
-static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
-{
-    EVP_PKEY_CTX *ret;
-    const EVP_PKEY_METHOD *pmeth;
-    if (id == -1) {
-        if (!pkey || !pkey->ameth)
-            return NULL;
-        id = pkey->ameth->pkey_id;
-    }
-#ifndef OPENSSL_NO_ENGINE
-    if (pkey && pkey->engine)
-        e = pkey->engine;
-    /* Try to find an ENGINE which implements this method */
-    if (e) {
-        if (!ENGINE_init(e)) {
-            EVPerr(EVP_F_INT_CTX_NEW, ERR_R_ENGINE_LIB);
-            return NULL;
-        }
-    } else
-        e = ENGINE_get_pkey_meth_engine(id);
-
-    /*
-     * If an ENGINE handled this method look it up. Othewise use internal
-     * tables.
-     */
-
-    if (e)
-        pmeth = ENGINE_get_pkey_meth(e, id);
-    else
-#endif
-        pmeth = EVP_PKEY_meth_find(id);
-
-    if (pmeth == NULL) {
-        EVPerr(EVP_F_INT_CTX_NEW, EVP_R_UNSUPPORTED_ALGORITHM);
-        return NULL;
-    }
-
-    ret = OPENSSL_malloc(sizeof(EVP_PKEY_CTX));
-    if (!ret) {
-#ifndef OPENSSL_NO_ENGINE
-        if (e)
-            ENGINE_finish(e);
-#endif
-        EVPerr(EVP_F_INT_CTX_NEW, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    ret->engine = e;
-    ret->pmeth = pmeth;
-    ret->operation = EVP_PKEY_OP_UNDEFINED;
-    ret->pkey = pkey;
-    ret->peerkey = NULL;
-    ret->pkey_gencb = 0;
-    if (pkey)
-        CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
-    ret->data = NULL;
-
-    if (pmeth->init) {
-        if (pmeth->init(ret) <= 0) {
-            ret->pmeth = NULL;
-            EVP_PKEY_CTX_free(ret);
-            return NULL;
-        }
-    }
-
-    return ret;
-}
-
-EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags)
-{
-    EVP_PKEY_METHOD *pmeth;
-
-    pmeth = OPENSSL_malloc(sizeof(EVP_PKEY_METHOD));
-    if (!pmeth)
-        return NULL;
-
-    memset(pmeth, 0, sizeof(EVP_PKEY_METHOD));
-
-    pmeth->pkey_id = id;
-    pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
-    return pmeth;
-}
-
-void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
-                             const EVP_PKEY_METHOD *meth)
-{
-    if (ppkey_id)
-        *ppkey_id = meth->pkey_id;
-    if (pflags)
-        *pflags = meth->flags;
-}
-
-void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
-{
-
-    dst->init = src->init;
-    dst->copy = src->copy;
-    dst->cleanup = src->cleanup;
-
-    dst->paramgen_init = src->paramgen_init;
-    dst->paramgen = src->paramgen;
-
-    dst->keygen_init = src->keygen_init;
-    dst->keygen = src->keygen;
-
-    dst->sign_init = src->sign_init;
-    dst->sign = src->sign;
-
-    dst->verify_init = src->verify_init;
-    dst->verify = src->verify;
-
-    dst->verify_recover_init = src->verify_recover_init;
-    dst->verify_recover = src->verify_recover;
-
-    dst->signctx_init = src->signctx_init;
-    dst->signctx = src->signctx;
-
-    dst->verifyctx_init = src->verifyctx_init;
-    dst->verifyctx = src->verifyctx;
-
-    dst->encrypt_init = src->encrypt_init;
-    dst->encrypt = src->encrypt;
-
-    dst->decrypt_init = src->decrypt_init;
-    dst->decrypt = src->decrypt;
-
-    dst->derive_init = src->derive_init;
-    dst->derive = src->derive;
-
-    dst->ctrl = src->ctrl;
-    dst->ctrl_str = src->ctrl_str;
-}
-
-void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
-{
-    if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC))
-        OPENSSL_free(pmeth);
-}
-
-EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e)
-{
-    return int_ctx_new(pkey, e, -1);
-}
-
-EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e)
-{
-    return int_ctx_new(NULL, e, id);
-}
-
-EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
-{
-    EVP_PKEY_CTX *rctx;
-    if (!pctx->pmeth || !pctx->pmeth->copy)
-        return NULL;
-#ifndef OPENSSL_NO_ENGINE
-    /* Make sure it's safe to copy a pkey context using an ENGINE */
-    if (pctx->engine && !ENGINE_init(pctx->engine)) {
-        EVPerr(EVP_F_EVP_PKEY_CTX_DUP, ERR_R_ENGINE_LIB);
-        return 0;
-    }
-#endif
-    rctx = OPENSSL_malloc(sizeof(EVP_PKEY_CTX));
-    if (!rctx)
-        return NULL;
-
-    rctx->pmeth = pctx->pmeth;
-#ifndef OPENSSL_NO_ENGINE
-    rctx->engine = pctx->engine;
-#endif
-
-    if (pctx->pkey)
-        CRYPTO_add(&pctx->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
-
-    rctx->pkey = pctx->pkey;
-
-    if (pctx->peerkey)
-        CRYPTO_add(&pctx->peerkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
-
-    rctx->peerkey = pctx->peerkey;
-
-    rctx->data = NULL;
-    rctx->app_data = NULL;
-    rctx->operation = pctx->operation;
-
-    if (pctx->pmeth->copy(rctx, pctx) > 0)
-        return rctx;
-
-    rctx->pmeth = NULL;
-    EVP_PKEY_CTX_free(rctx);
-    return NULL;
-
-}
-
-int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth)
-{
-    if (app_pkey_methods == NULL) {
-        app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp);
-        if (!app_pkey_methods)
-            return 0;
-    }
-    if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth))
-        return 0;
-    sk_EVP_PKEY_METHOD_sort(app_pkey_methods);
-    return 1;
-}
-
-void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
-{
-    if (ctx == NULL)
-        return;
-    if (ctx->pmeth && ctx->pmeth->cleanup)
-        ctx->pmeth->cleanup(ctx);
-    if (ctx->pkey)
-        EVP_PKEY_free(ctx->pkey);
-    if (ctx->peerkey)
-        EVP_PKEY_free(ctx->peerkey);
-#ifndef OPENSSL_NO_ENGINE
-    if (ctx->engine)
-        /*
-         * The EVP_PKEY_CTX we used belongs to an ENGINE, release the
-         * functional reference we held for this reason.
-         */
-        ENGINE_finish(ctx->engine);
-#endif
-    OPENSSL_free(ctx);
-}
-
-int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
-                      int cmd, int p1, void *p2)
-{
-    int ret;
-    if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl) {
-        EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
-        return -2;
-    }
-    if ((keytype != -1) && (ctx->pmeth->pkey_id != keytype))
-        return -1;
-
-    if (ctx->operation == EVP_PKEY_OP_UNDEFINED) {
-        EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_NO_OPERATION_SET);
-        return -1;
-    }
-
-    if ((optype != -1) && !(ctx->operation & optype)) {
-        EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_INVALID_OPERATION);
-        return -1;
-    }
-
-    ret = ctx->pmeth->ctrl(ctx, cmd, p1, p2);
-
-    if (ret == -2)
-        EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
-
-    return ret;
-
-}
-
-int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx,
-                          const char *name, const char *value)
-{
-    if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl_str) {
-        EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR, EVP_R_COMMAND_NOT_SUPPORTED);
-        return -2;
-    }
-    if (!strcmp(name, "digest")) {
-        const EVP_MD *md;
-        if (!value || !(md = EVP_get_digestbyname(value))) {
-            EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR, EVP_R_INVALID_DIGEST);
-            return 0;
-        }
-        return EVP_PKEY_CTX_set_signature_md(ctx, md);
-    }
-    return ctx->pmeth->ctrl_str(ctx, name, value);
-}
-
-int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx)
-{
-    return ctx->operation;
-}
-
-void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen)
-{
-    ctx->keygen_info = dat;
-    ctx->keygen_info_count = datlen;
-}
-
-void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data)
-{
-    ctx->data = data;
-}
-
-void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx)
-{
-    return ctx->data;
-}
-
-EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx)
-{
-    return ctx->pkey;
-}
-
-EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx)
-{
-    return ctx->peerkey;
-}
-
-void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data)
-{
-    ctx->app_data = data;
-}
-
-void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx)
-{
-    return ctx->app_data;
-}
-
-void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
-                            int (*init) (EVP_PKEY_CTX *ctx))
-{
-    pmeth->init = init;
-}
-
-void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
-                            int (*copy) (EVP_PKEY_CTX *dst,
-                                         EVP_PKEY_CTX *src))
-{
-    pmeth->copy = copy;
-}
-
-void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
-                               void (*cleanup) (EVP_PKEY_CTX *ctx))
-{
-    pmeth->cleanup = cleanup;
-}
-
-void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
-                                int (*paramgen_init) (EVP_PKEY_CTX *ctx),
-                                int (*paramgen) (EVP_PKEY_CTX *ctx,
-                                                 EVP_PKEY *pkey))
-{
-    pmeth->paramgen_init = paramgen_init;
-    pmeth->paramgen = paramgen;
-}
-
-void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
-                              int (*keygen_init) (EVP_PKEY_CTX *ctx),
-                              int (*keygen) (EVP_PKEY_CTX *ctx,
-                                             EVP_PKEY *pkey))
-{
-    pmeth->keygen_init = keygen_init;
-    pmeth->keygen = keygen;
-}
-
-void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
-                            int (*sign_init) (EVP_PKEY_CTX *ctx),
-                            int (*sign) (EVP_PKEY_CTX *ctx,
-                                         unsigned char *sig, size_t *siglen,
-                                         const unsigned char *tbs,
-                                         size_t tbslen))
-{
-    pmeth->sign_init = sign_init;
-    pmeth->sign = sign;
-}
-
-void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
-                              int (*verify_init) (EVP_PKEY_CTX *ctx),
-                              int (*verify) (EVP_PKEY_CTX *ctx,
-                                             const unsigned char *sig,
-                                             size_t siglen,
-                                             const unsigned char *tbs,
-                                             size_t tbslen))
-{
-    pmeth->verify_init = verify_init;
-    pmeth->verify = verify;
-}
-
-void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
-                                      int (*verify_recover_init) (EVP_PKEY_CTX
-                                                                  *ctx),
-                                      int (*verify_recover) (EVP_PKEY_CTX
-                                                             *ctx,
-                                                             unsigned char
-                                                             *sig,
-                                                             size_t *siglen,
-                                                             const unsigned
-                                                             char *tbs,
-                                                             size_t tbslen))
-{
-    pmeth->verify_recover_init = verify_recover_init;
-    pmeth->verify_recover = verify_recover;
-}
-
-void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
-                               int (*signctx_init) (EVP_PKEY_CTX *ctx,
-                                                    EVP_MD_CTX *mctx),
-                               int (*signctx) (EVP_PKEY_CTX *ctx,
-                                               unsigned char *sig,
-                                               size_t *siglen,
-                                               EVP_MD_CTX *mctx))
-{
-    pmeth->signctx_init = signctx_init;
-    pmeth->signctx = signctx;
-}
-
-void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
-                                 int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
-                                                        EVP_MD_CTX *mctx),
-                                 int (*verifyctx) (EVP_PKEY_CTX *ctx,
-                                                   const unsigned char *sig,
-                                                   int siglen,
-                                                   EVP_MD_CTX *mctx))
-{
-    pmeth->verifyctx_init = verifyctx_init;
-    pmeth->verifyctx = verifyctx;
-}
-
-void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
-                               int (*encrypt_init) (EVP_PKEY_CTX *ctx),
-                               int (*encryptfn) (EVP_PKEY_CTX *ctx,
-                                                 unsigned char *out,
-                                                 size_t *outlen,
-                                                 const unsigned char *in,
-                                                 size_t inlen))
-{
-    pmeth->encrypt_init = encrypt_init;
-    pmeth->encrypt = encryptfn;
-}
-
-void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
-                               int (*decrypt_init) (EVP_PKEY_CTX *ctx),
-                               int (*decrypt) (EVP_PKEY_CTX *ctx,
-                                               unsigned char *out,
-                                               size_t *outlen,
-                                               const unsigned char *in,
-                                               size_t inlen))
-{
-    pmeth->decrypt_init = decrypt_init;
-    pmeth->decrypt = decrypt;
-}
-
-void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
-                              int (*derive_init) (EVP_PKEY_CTX *ctx),
-                              int (*derive) (EVP_PKEY_CTX *ctx,
-                                             unsigned char *key,
-                                             size_t *keylen))
-{
-    pmeth->derive_init = derive_init;
-    pmeth->derive = derive;
-}
-
-void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
-                            int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
-                                         void *p2),
-                            int (*ctrl_str) (EVP_PKEY_CTX *ctx,
-                                             const char *type,
-                                             const char *value))
-{
-    pmeth->ctrl = ctrl;
-    pmeth->ctrl_str = ctrl_str;
-}
diff --git a/thirdparty/openssl/crypto/ex_data.c b/thirdparty/openssl/crypto/ex_data.c
deleted file mode 100644
index 108a1959ea..0000000000
--- a/thirdparty/openssl/crypto/ex_data.c
+++ /dev/null
@@ -1,653 +0,0 @@
-/* crypto/ex_data.c */
-
-/*
- * Overhaul notes;
- *
- * This code is now *mostly* thread-safe. It is now easier to understand in what
- * ways it is safe and in what ways it is not, which is an improvement. Firstly,
- * all per-class stacks and index-counters for ex_data are stored in the same
- * global LHASH table (keyed by class). This hash table uses locking for all
- * access with the exception of CRYPTO_cleanup_all_ex_data(), which must only be
- * called when no other threads can possibly race against it (even if it was
- * locked, the race would mean it's possible the hash table might have been
- * recreated after the cleanup). As classes can only be added to the hash table,
- * and within each class, the stack of methods can only be incremented, the
- * locking mechanics are simpler than they would otherwise be. For example, the
- * new/dup/free ex_data functions will lock the hash table, copy the method
- * pointers it needs from the relevant class, then unlock the hash table before
- * actually applying those method pointers to the task of the new/dup/free
- * operations. As they can't be removed from the method-stack, only
- * supplemented, there's no race conditions associated with using them outside
- * the lock. The get/set_ex_data functions are not locked because they do not
- * involve this global state at all - they operate directly with a previously
- * obtained per-class method index and a particular "ex_data" variable. These
- * variables are usually instantiated per-context (eg. each RSA structure has
- * one) so locking on read/write access to that variable can be locked locally
- * if required (eg. using the "RSA" lock to synchronise access to a
- * per-RSA-structure ex_data variable if required).
- * [Geoff]
- */
-
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-
-/* What an "implementation of ex_data functionality" looks like */
-struct st_CRYPTO_EX_DATA_IMPL {
-        /*********************/
-    /* GLOBAL OPERATIONS */
-    /* Return a new class index */
-    int (*cb_new_class) (void);
-    /* Cleanup all state used by the implementation */
-    void (*cb_cleanup) (void);
-        /************************/
-    /* PER-CLASS OPERATIONS */
-    /* Get a new method index within a class */
-    int (*cb_get_new_index) (int class_index, long argl, void *argp,
-                             CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
-                             CRYPTO_EX_free *free_func);
-    /* Initialise a new CRYPTO_EX_DATA of a given class */
-    int (*cb_new_ex_data) (int class_index, void *obj, CRYPTO_EX_DATA *ad);
-    /* Duplicate a CRYPTO_EX_DATA of a given class onto a copy */
-    int (*cb_dup_ex_data) (int class_index, CRYPTO_EX_DATA *to,
-                           CRYPTO_EX_DATA *from);
-    /* Cleanup a CRYPTO_EX_DATA of a given class */
-    void (*cb_free_ex_data) (int class_index, void *obj, CRYPTO_EX_DATA *ad);
-};
-
-/* The implementation we use at run-time */
-static const CRYPTO_EX_DATA_IMPL *impl = NULL;
-
-/*
- * To call "impl" functions, use this macro rather than referring to 'impl'
- * directly, eg. EX_IMPL(get_new_index)(...);
- */
-#define EX_IMPL(a) impl->cb_##a
-
-/* Predeclare the "default" ex_data implementation */
-static int int_new_class(void);
-static void int_cleanup(void);
-static int int_get_new_index(int class_index, long argl, void *argp,
-                             CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
-                             CRYPTO_EX_free *free_func);
-static int int_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
-static int int_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
-                           CRYPTO_EX_DATA *from);
-static void int_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
-static CRYPTO_EX_DATA_IMPL impl_default = {
-    int_new_class,
-    int_cleanup,
-    int_get_new_index,
-    int_new_ex_data,
-    int_dup_ex_data,
-    int_free_ex_data
-};
-
-/*
- * Internal function that checks whether "impl" is set and if not, sets it to
- * the default.
- */
-static void impl_check(void)
-{
-    CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
-    if (!impl)
-        impl = &impl_default;
-    CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
-}
-
-/*
- * A macro wrapper for impl_check that first uses a non-locked test before
- * invoking the function (which checks again inside a lock).
- */
-#define IMPL_CHECK if(!impl) impl_check();
-
-/* API functions to get/set the "ex_data" implementation */
-const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void)
-{
-    IMPL_CHECK return impl;
-}
-
-int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i)
-{
-    int toret = 0;
-    CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
-    if (!impl) {
-        impl = i;
-        toret = 1;
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
-    return toret;
-}
-
-/****************************************************************************/
-/*
- * Interal (default) implementation of "ex_data" support. API functions are
- * further down.
- */
-
-/*
- * The type that represents what each "class" used to implement locally. A
- * STACK of CRYPTO_EX_DATA_FUNCS plus a index-counter. The 'class_index' is
- * the global value representing the class that is used to distinguish these
- * items.
- */
-typedef struct st_ex_class_item {
-    int class_index;
-    STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth;
-    int meth_num;
-} EX_CLASS_ITEM;
-
-/* When assigning new class indexes, this is our counter */
-static int ex_class = CRYPTO_EX_INDEX_USER;
-
-/* The global hash table of EX_CLASS_ITEM items */
-DECLARE_LHASH_OF(EX_CLASS_ITEM);
-static LHASH_OF(EX_CLASS_ITEM) *ex_data = NULL;
-
-/* The callbacks required in the "ex_data" hash table */
-static unsigned long ex_class_item_hash(const EX_CLASS_ITEM *a)
-{
-    return a->class_index;
-}
-
-static IMPLEMENT_LHASH_HASH_FN(ex_class_item, EX_CLASS_ITEM)
-
-static int ex_class_item_cmp(const EX_CLASS_ITEM *a, const EX_CLASS_ITEM *b)
-{
-    return a->class_index - b->class_index;
-}
-
-static IMPLEMENT_LHASH_COMP_FN(ex_class_item, EX_CLASS_ITEM)
-
-/*
- * Internal functions used by the "impl_default" implementation to access the
- * state
- */
-static int ex_data_check(void)
-{
-    int toret = 1;
-    CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
-    if (!ex_data && (ex_data = lh_EX_CLASS_ITEM_new()) == NULL)
-        toret = 0;
-    CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
-    return toret;
-}
-
-/*
- * This macros helps reduce the locking from repeated checks because the
- * ex_data_check() function checks ex_data again inside a lock.
- */
-#define EX_DATA_CHECK(iffail) if(!ex_data && !ex_data_check()) {iffail}
-
-/* This "inner" callback is used by the callback function that follows it */
-static void def_cleanup_util_cb(CRYPTO_EX_DATA_FUNCS *funcs)
-{
-    OPENSSL_free(funcs);
-}
-
-/*
- * This callback is used in lh_doall to destroy all EX_CLASS_ITEM values from
- * "ex_data" prior to the ex_data hash table being itself destroyed. Doesn't
- * do any locking.
- */
-static void def_cleanup_cb(void *a_void)
-{
-    EX_CLASS_ITEM *item = (EX_CLASS_ITEM *)a_void;
-    sk_CRYPTO_EX_DATA_FUNCS_pop_free(item->meth, def_cleanup_util_cb);
-    OPENSSL_free(item);
-}
-
-/*
- * Return the EX_CLASS_ITEM from the "ex_data" hash table that corresponds to
- * a given class. Handles locking.
- */
-static EX_CLASS_ITEM *def_get_class(int class_index)
-{
-    EX_CLASS_ITEM d, *p, *gen;
-    EX_DATA_CHECK(return NULL;)
-        d.class_index = class_index;
-    CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
-    p = lh_EX_CLASS_ITEM_retrieve(ex_data, &d);
-    if (!p) {
-        gen = OPENSSL_malloc(sizeof(EX_CLASS_ITEM));
-        if (gen) {
-            gen->class_index = class_index;
-            gen->meth_num = 0;
-            gen->meth = sk_CRYPTO_EX_DATA_FUNCS_new_null();
-            if (!gen->meth)
-                OPENSSL_free(gen);
-            else {
-                /*
-                 * Because we're inside the ex_data lock, the return value
-                 * from the insert will be NULL
-                 */
-                (void)lh_EX_CLASS_ITEM_insert(ex_data, gen);
-                p = lh_EX_CLASS_ITEM_retrieve(ex_data, &d);
-                if (p != gen) {
-                    sk_CRYPTO_EX_DATA_FUNCS_free(gen->meth);
-                    OPENSSL_free(gen);
-                }
-            }
-        }
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
-    if (!p)
-        CRYPTOerr(CRYPTO_F_DEF_GET_CLASS, ERR_R_MALLOC_FAILURE);
-    return p;
-}
-
-/*
- * Add a new method to the given EX_CLASS_ITEM and return the corresponding
- * index (or -1 for error). Handles locking.
- */
-static int def_add_index(EX_CLASS_ITEM *item, long argl, void *argp,
-                         CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
-                         CRYPTO_EX_free *free_func)
-{
-    int toret = -1;
-    CRYPTO_EX_DATA_FUNCS *a =
-        (CRYPTO_EX_DATA_FUNCS *)OPENSSL_malloc(sizeof(CRYPTO_EX_DATA_FUNCS));
-    if (!a) {
-        CRYPTOerr(CRYPTO_F_DEF_ADD_INDEX, ERR_R_MALLOC_FAILURE);
-        return -1;
-    }
-    a->argl = argl;
-    a->argp = argp;
-    a->new_func = new_func;
-    a->dup_func = dup_func;
-    a->free_func = free_func;
-    CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
-    while (sk_CRYPTO_EX_DATA_FUNCS_num(item->meth) <= item->meth_num) {
-        if (!sk_CRYPTO_EX_DATA_FUNCS_push(item->meth, NULL)) {
-            CRYPTOerr(CRYPTO_F_DEF_ADD_INDEX, ERR_R_MALLOC_FAILURE);
-            OPENSSL_free(a);
-            goto err;
-        }
-    }
-    toret = item->meth_num++;
-    (void)sk_CRYPTO_EX_DATA_FUNCS_set(item->meth, toret, a);
- err:
-    CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
-    return toret;
-}
-
-/**************************************************************/
-/* The functions in the default CRYPTO_EX_DATA_IMPL structure */
-
-static int int_new_class(void)
-{
-    int toret;
-    CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
-    toret = ex_class++;
-    CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
-    return toret;
-}
-
-static void int_cleanup(void)
-{
-    EX_DATA_CHECK(return;)
-        lh_EX_CLASS_ITEM_doall(ex_data, def_cleanup_cb);
-    lh_EX_CLASS_ITEM_free(ex_data);
-    ex_data = NULL;
-    impl = NULL;
-}
-
-static int int_get_new_index(int class_index, long argl, void *argp,
-                             CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
-                             CRYPTO_EX_free *free_func)
-{
-    EX_CLASS_ITEM *item = def_get_class(class_index);
-    if (!item)
-        return -1;
-    return def_add_index(item, argl, argp, new_func, dup_func, free_func);
-}
-
-/*
- * Thread-safe by copying a class's array of "CRYPTO_EX_DATA_FUNCS" entries
- * in the lock, then using them outside the lock. NB: Thread-safety only
- * applies to the global "ex_data" state (ie. class definitions), not
- * thread-safe on 'ad' itself.
- */
-static int int_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
-{
-    int mx, i;
-    void *ptr;
-    CRYPTO_EX_DATA_FUNCS **storage = NULL;
-    EX_CLASS_ITEM *item = def_get_class(class_index);
-    if (!item)
-        /* error is already set */
-        return 0;
-    ad->sk = NULL;
-    CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA);
-    mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth);
-    if (mx > 0) {
-        storage = OPENSSL_malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS *));
-        if (!storage)
-            goto skip;
-        for (i = 0; i < mx; i++)
-            storage[i] = sk_CRYPTO_EX_DATA_FUNCS_value(item->meth, i);
-    }
- skip:
-    CRYPTO_r_unlock(CRYPTO_LOCK_EX_DATA);
-    if ((mx > 0) && !storage) {
-        CRYPTOerr(CRYPTO_F_INT_NEW_EX_DATA, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    for (i = 0; i < mx; i++) {
-        if (storage[i] && storage[i]->new_func) {
-            ptr = CRYPTO_get_ex_data(ad, i);
-            storage[i]->new_func(obj, ptr, ad, i,
-                                 storage[i]->argl, storage[i]->argp);
-        }
-    }
-    if (storage)
-        OPENSSL_free(storage);
-    return 1;
-}
-
-/* Same thread-safety notes as for "int_new_ex_data" */
-static int int_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
-                           CRYPTO_EX_DATA *from)
-{
-    int mx, j, i;
-    void *ptr;
-    CRYPTO_EX_DATA_FUNCS **storage = NULL;
-    EX_CLASS_ITEM *item;
-    if (!from->sk)
-        /* 'to' should be "blank" which *is* just like 'from' */
-        return 1;
-    if ((item = def_get_class(class_index)) == NULL)
-        return 0;
-    CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA);
-    mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth);
-    j = sk_void_num(from->sk);
-    if (j < mx)
-        mx = j;
-    if (mx > 0) {
-        if (!CRYPTO_set_ex_data(to, mx - 1, NULL))
-            goto skip;
-        storage = OPENSSL_malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS *));
-        if (!storage)
-            goto skip;
-        for (i = 0; i < mx; i++)
-            storage[i] = sk_CRYPTO_EX_DATA_FUNCS_value(item->meth, i);
-    }
- skip:
-    CRYPTO_r_unlock(CRYPTO_LOCK_EX_DATA);
-    if ((mx > 0) && !storage) {
-        CRYPTOerr(CRYPTO_F_INT_DUP_EX_DATA, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    for (i = 0; i < mx; i++) {
-        ptr = CRYPTO_get_ex_data(from, i);
-        if (storage[i] && storage[i]->dup_func)
-            storage[i]->dup_func(to, from, &ptr, i,
-                                 storage[i]->argl, storage[i]->argp);
-        CRYPTO_set_ex_data(to, i, ptr);
-    }
-    if (storage)
-        OPENSSL_free(storage);
-    return 1;
-}
-
-/* Same thread-safety notes as for "int_new_ex_data" */
-static void int_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
-{
-    int mx, i;
-    EX_CLASS_ITEM *item;
-    void *ptr;
-    CRYPTO_EX_DATA_FUNCS *f;
-    CRYPTO_EX_DATA_FUNCS **storage = NULL;
-    if (ex_data == NULL)
-        goto err;
-    if ((item = def_get_class(class_index)) == NULL)
-        goto err;
-    CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA);
-    mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth);
-    if (mx > 0) {
-        storage = OPENSSL_malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS *));
-        if (!storage)
-            goto skip;
-        for (i = 0; i < mx; i++)
-            storage[i] = sk_CRYPTO_EX_DATA_FUNCS_value(item->meth, i);
-    }
- skip:
-    CRYPTO_r_unlock(CRYPTO_LOCK_EX_DATA);
-    for (i = 0; i < mx; i++) {
-        if (storage != NULL)
-            f = storage[i];
-        else {
-            CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA);
-            f = sk_CRYPTO_EX_DATA_FUNCS_value(item->meth, i);
-            CRYPTO_r_unlock(CRYPTO_LOCK_EX_DATA);
-        }
-        if (f != NULL && f->free_func != NULL) {
-            ptr = CRYPTO_get_ex_data(ad, i);
-            f->free_func(obj, ptr, ad, i, f->argl, f->argp);
-        }
-    }
-    OPENSSL_free(storage);
- err:
-    sk_void_free(ad->sk);
-    ad->sk = NULL;
-}
-
-/********************************************************************/
-/*
- * API functions that defer all "state" operations to the "ex_data"
- * implementation we have set.
- */
-
-/*
- * Obtain an index for a new class (not the same as getting a new index
- * within an existing class - this is actually getting a new *class*)
- */
-int CRYPTO_ex_data_new_class(void)
-{
-    IMPL_CHECK return EX_IMPL(new_class) ();
-}
-
-/*
- * Release all "ex_data" state to prevent memory leaks. This can't be made
- * thread-safe without overhauling a lot of stuff, and shouldn't really be
- * called under potential race-conditions anyway (it's for program shutdown
- * after all).
- */
-void CRYPTO_cleanup_all_ex_data(void)
-{
-    IMPL_CHECK EX_IMPL(cleanup) ();
-}
-
-/* Inside an existing class, get/register a new index. */
-int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
-                            CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
-                            CRYPTO_EX_free *free_func)
-{
-    int ret = -1;
-
-    IMPL_CHECK
-        ret = EX_IMPL(get_new_index) (class_index,
-                                      argl, argp, new_func, dup_func,
-                                      free_func);
-    return ret;
-}
-
-/*
- * Initialise a new CRYPTO_EX_DATA for use in a particular class - including
- * calling new() callbacks for each index in the class used by this variable
- */
-int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
-{
-    IMPL_CHECK return EX_IMPL(new_ex_data) (class_index, obj, ad);
-}
-
-/*
- * Duplicate a CRYPTO_EX_DATA variable - including calling dup() callbacks
- * for each index in the class used by this variable
- */
-int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
-                       CRYPTO_EX_DATA *from)
-{
-    IMPL_CHECK return EX_IMPL(dup_ex_data) (class_index, to, from);
-}
-
-/*
- * Cleanup a CRYPTO_EX_DATA variable - including calling free() callbacks for
- * each index in the class used by this variable
- */
-void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
-{
-    IMPL_CHECK EX_IMPL(free_ex_data) (class_index, obj, ad);
-}
-
-/*
- * For a given CRYPTO_EX_DATA variable, set the value corresponding to a
- * particular index in the class used by this variable
- */
-int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val)
-{
-    int i;
-
-    if (ad->sk == NULL) {
-        if ((ad->sk = sk_void_new_null()) == NULL) {
-            CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA, ERR_R_MALLOC_FAILURE);
-            return (0);
-        }
-    }
-    i = sk_void_num(ad->sk);
-
-    while (i <= idx) {
-        if (!sk_void_push(ad->sk, NULL)) {
-            CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA, ERR_R_MALLOC_FAILURE);
-            return (0);
-        }
-        i++;
-    }
-    sk_void_set(ad->sk, idx, val);
-    return (1);
-}
-
-/*
- * For a given CRYPTO_EX_DATA_ variable, get the value corresponding to a
- * particular index in the class used by this variable
- */
-void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx)
-{
-    if (ad->sk == NULL)
-        return (0);
-    else if (idx >= sk_void_num(ad->sk))
-        return (0);
-    else
-        return (sk_void_value(ad->sk, idx));
-}
-
-IMPLEMENT_STACK_OF(CRYPTO_EX_DATA_FUNCS)
diff --git a/thirdparty/openssl/crypto/fips_err.h b/thirdparty/openssl/crypto/fips_err.h
deleted file mode 100644
index 0308b63bbc..0000000000
--- a/thirdparty/openssl/crypto/fips_err.h
+++ /dev/null
@@ -1,223 +0,0 @@
-/* crypto/fips_err.h */
-/* ====================================================================
- * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/fips.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_FIPS,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_FIPS,0,reason)
-
-static ERR_STRING_DATA FIPS_str_functs[] = {
-    {ERR_FUNC(FIPS_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"},
-    {ERR_FUNC(FIPS_F_DH_INIT), "DH_INIT"},
-    {ERR_FUNC(FIPS_F_DRBG_RESEED), "DRBG_RESEED"},
-    {ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN), "DSA_BUILTIN_PARAMGEN"},
-    {ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN2), "DSA_BUILTIN_PARAMGEN2"},
-    {ERR_FUNC(FIPS_F_DSA_DO_SIGN), "DSA_do_sign"},
-    {ERR_FUNC(FIPS_F_DSA_DO_VERIFY), "DSA_do_verify"},
-    {ERR_FUNC(FIPS_F_FIPS_CHECK_DSA), "FIPS_CHECK_DSA"},
-    {ERR_FUNC(FIPS_F_FIPS_CHECK_DSA_PRNG), "fips_check_dsa_prng"},
-    {ERR_FUNC(FIPS_F_FIPS_CHECK_EC), "FIPS_CHECK_EC"},
-    {ERR_FUNC(FIPS_F_FIPS_CHECK_EC_PRNG), "fips_check_ec_prng"},
-    {ERR_FUNC(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT),
-     "FIPS_check_incore_fingerprint"},
-    {ERR_FUNC(FIPS_F_FIPS_CHECK_RSA), "fips_check_rsa"},
-    {ERR_FUNC(FIPS_F_FIPS_CHECK_RSA_PRNG), "fips_check_rsa_prng"},
-    {ERR_FUNC(FIPS_F_FIPS_CIPHER), "FIPS_cipher"},
-    {ERR_FUNC(FIPS_F_FIPS_CIPHERINIT), "FIPS_cipherinit"},
-    {ERR_FUNC(FIPS_F_FIPS_CIPHER_CTX_CTRL), "FIPS_CIPHER_CTX_CTRL"},
-    {ERR_FUNC(FIPS_F_FIPS_DIGESTFINAL), "FIPS_digestfinal"},
-    {ERR_FUNC(FIPS_F_FIPS_DIGESTINIT), "FIPS_digestinit"},
-    {ERR_FUNC(FIPS_F_FIPS_DIGESTUPDATE), "FIPS_digestupdate"},
-    {ERR_FUNC(FIPS_F_FIPS_DRBG_BYTES), "FIPS_DRBG_BYTES"},
-    {ERR_FUNC(FIPS_F_FIPS_DRBG_CHECK), "FIPS_DRBG_CHECK"},
-    {ERR_FUNC(FIPS_F_FIPS_DRBG_CPRNG_TEST), "FIPS_DRBG_CPRNG_TEST"},
-    {ERR_FUNC(FIPS_F_FIPS_DRBG_ERROR_CHECK), "FIPS_DRBG_ERROR_CHECK"},
-    {ERR_FUNC(FIPS_F_FIPS_DRBG_GENERATE), "FIPS_drbg_generate"},
-    {ERR_FUNC(FIPS_F_FIPS_DRBG_INIT), "FIPS_drbg_init"},
-    {ERR_FUNC(FIPS_F_FIPS_DRBG_INSTANTIATE), "FIPS_drbg_instantiate"},
-    {ERR_FUNC(FIPS_F_FIPS_DRBG_NEW), "FIPS_drbg_new"},
-    {ERR_FUNC(FIPS_F_FIPS_DRBG_RESEED), "FIPS_drbg_reseed"},
-    {ERR_FUNC(FIPS_F_FIPS_DRBG_SINGLE_KAT), "FIPS_DRBG_SINGLE_KAT"},
-    {ERR_FUNC(FIPS_F_FIPS_DSA_SIGN_DIGEST), "FIPS_dsa_sign_digest"},
-    {ERR_FUNC(FIPS_F_FIPS_DSA_VERIFY_DIGEST), "FIPS_dsa_verify_digest"},
-    {ERR_FUNC(FIPS_F_FIPS_GET_ENTROPY), "FIPS_GET_ENTROPY"},
-    {ERR_FUNC(FIPS_F_FIPS_MODULE_MODE_SET), "FIPS_module_mode_set"},
-    {ERR_FUNC(FIPS_F_FIPS_PKEY_SIGNATURE_TEST), "fips_pkey_signature_test"},
-    {ERR_FUNC(FIPS_F_FIPS_RAND_ADD), "FIPS_rand_add"},
-    {ERR_FUNC(FIPS_F_FIPS_RAND_BYTES), "FIPS_rand_bytes"},
-    {ERR_FUNC(FIPS_F_FIPS_RAND_PSEUDO_BYTES), "FIPS_rand_pseudo_bytes"},
-    {ERR_FUNC(FIPS_F_FIPS_RAND_SEED), "FIPS_rand_seed"},
-    {ERR_FUNC(FIPS_F_FIPS_RAND_SET_METHOD), "FIPS_rand_set_method"},
-    {ERR_FUNC(FIPS_F_FIPS_RAND_STATUS), "FIPS_rand_status"},
-    {ERR_FUNC(FIPS_F_FIPS_RSA_SIGN_DIGEST), "FIPS_rsa_sign_digest"},
-    {ERR_FUNC(FIPS_F_FIPS_RSA_VERIFY_DIGEST), "FIPS_rsa_verify_digest"},
-    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES), "FIPS_selftest_aes"},
-    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_CCM), "FIPS_selftest_aes_ccm"},
-    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_GCM), "FIPS_selftest_aes_gcm"},
-    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_XTS), "FIPS_selftest_aes_xts"},
-    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_CMAC), "FIPS_selftest_cmac"},
-    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_DES), "FIPS_selftest_des"},
-    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_DSA), "FIPS_selftest_dsa"},
-    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_ECDSA), "FIPS_selftest_ecdsa"},
-    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_HMAC), "FIPS_selftest_hmac"},
-    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_SHA1), "FIPS_selftest_sha1"},
-    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_X931), "FIPS_selftest_x931"},
-    {ERR_FUNC(FIPS_F_FIPS_SET_PRNG_KEY), "FIPS_SET_PRNG_KEY"},
-    {ERR_FUNC(FIPS_F_HASH_FINAL), "HASH_FINAL"},
-    {ERR_FUNC(FIPS_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"},
-    {ERR_FUNC(FIPS_F_RSA_EAY_INIT), "RSA_EAY_INIT"},
-    {ERR_FUNC(FIPS_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"},
-    {ERR_FUNC(FIPS_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"},
-    {ERR_FUNC(FIPS_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"},
-    {ERR_FUNC(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"},
-    {ERR_FUNC(FIPS_F_RSA_X931_GENERATE_KEY_EX), "RSA_X931_generate_key_ex"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA FIPS_str_reasons[] = {
-    {ERR_REASON(FIPS_R_ADDITIONAL_INPUT_ERROR_UNDETECTED),
-     "additional input error undetected"},
-    {ERR_REASON(FIPS_R_ADDITIONAL_INPUT_TOO_LONG),
-     "additional input too long"},
-    {ERR_REASON(FIPS_R_ALREADY_INSTANTIATED), "already instantiated"},
-    {ERR_REASON(FIPS_R_AUTHENTICATION_FAILURE), "authentication failure"},
-    {ERR_REASON(FIPS_R_CONTRADICTING_EVIDENCE), "contradicting evidence"},
-    {ERR_REASON(FIPS_R_DRBG_NOT_INITIALISED), "drbg not initialised"},
-    {ERR_REASON(FIPS_R_DRBG_STUCK), "drbg stuck"},
-    {ERR_REASON(FIPS_R_ENTROPY_ERROR_UNDETECTED), "entropy error undetected"},
-    {ERR_REASON(FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED),
-     "entropy not requested for reseed"},
-    {ERR_REASON(FIPS_R_ENTROPY_SOURCE_STUCK), "entropy source stuck"},
-    {ERR_REASON(FIPS_R_ERROR_INITIALISING_DRBG), "error initialising drbg"},
-    {ERR_REASON(FIPS_R_ERROR_INSTANTIATING_DRBG), "error instantiating drbg"},
-    {ERR_REASON(FIPS_R_ERROR_RETRIEVING_ADDITIONAL_INPUT),
-     "error retrieving additional input"},
-    {ERR_REASON(FIPS_R_ERROR_RETRIEVING_ENTROPY), "error retrieving entropy"},
-    {ERR_REASON(FIPS_R_ERROR_RETRIEVING_NONCE), "error retrieving nonce"},
-    {ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH),
-     "fingerprint does not match"},
-    {ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED),
-     "fingerprint does not match nonpic relocated"},
-    {ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING),
-     "fingerprint does not match segment aliasing"},
-    {ERR_REASON(FIPS_R_FIPS_MODE_ALREADY_SET), "fips mode already set"},
-    {ERR_REASON(FIPS_R_FIPS_SELFTEST_FAILED), "fips selftest failed"},
-    {ERR_REASON(FIPS_R_FUNCTION_ERROR), "function error"},
-    {ERR_REASON(FIPS_R_GENERATE_ERROR), "generate error"},
-    {ERR_REASON(FIPS_R_GENERATE_ERROR_UNDETECTED),
-     "generate error undetected"},
-    {ERR_REASON(FIPS_R_INSTANTIATE_ERROR), "instantiate error"},
-    {ERR_REASON(FIPS_R_INSUFFICIENT_SECURITY_STRENGTH),
-     "insufficient security strength"},
-    {ERR_REASON(FIPS_R_INTERNAL_ERROR), "internal error"},
-    {ERR_REASON(FIPS_R_INVALID_KEY_LENGTH), "invalid key length"},
-    {ERR_REASON(FIPS_R_INVALID_PARAMETERS), "invalid parameters"},
-    {ERR_REASON(FIPS_R_IN_ERROR_STATE), "in error state"},
-    {ERR_REASON(FIPS_R_KEY_TOO_SHORT), "key too short"},
-    {ERR_REASON(FIPS_R_NONCE_ERROR_UNDETECTED), "nonce error undetected"},
-    {ERR_REASON(FIPS_R_NON_FIPS_METHOD), "non fips method"},
-    {ERR_REASON(FIPS_R_NOPR_TEST1_FAILURE), "nopr test1 failure"},
-    {ERR_REASON(FIPS_R_NOPR_TEST2_FAILURE), "nopr test2 failure"},
-    {ERR_REASON(FIPS_R_NOT_INSTANTIATED), "not instantiated"},
-    {ERR_REASON(FIPS_R_PAIRWISE_TEST_FAILED), "pairwise test failed"},
-    {ERR_REASON(FIPS_R_PERSONALISATION_ERROR_UNDETECTED),
-     "personalisation error undetected"},
-    {ERR_REASON(FIPS_R_PERSONALISATION_STRING_TOO_LONG),
-     "personalisation string too long"},
-    {ERR_REASON(FIPS_R_PRNG_STRENGTH_TOO_LOW), "prng strength too low"},
-    {ERR_REASON(FIPS_R_PR_TEST1_FAILURE), "pr test1 failure"},
-    {ERR_REASON(FIPS_R_PR_TEST2_FAILURE), "pr test2 failure"},
-    {ERR_REASON(FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED),
-     "request length error undetected"},
-    {ERR_REASON(FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG),
-     "request too large for drbg"},
-    {ERR_REASON(FIPS_R_RESEED_COUNTER_ERROR), "reseed counter error"},
-    {ERR_REASON(FIPS_R_RESEED_ERROR), "reseed error"},
-    {ERR_REASON(FIPS_R_SELFTEST_FAILED), "selftest failed"},
-    {ERR_REASON(FIPS_R_SELFTEST_FAILURE), "selftest failure"},
-    {ERR_REASON(FIPS_R_STRENGTH_ERROR_UNDETECTED),
-     "strength error undetected"},
-    {ERR_REASON(FIPS_R_TEST_FAILURE), "test failure"},
-    {ERR_REASON(FIPS_R_UNINSTANTIATE_ERROR), "uninstantiate error"},
-    {ERR_REASON(FIPS_R_UNINSTANTIATE_ZEROISE_ERROR),
-     "uninstantiate zeroise error"},
-    {ERR_REASON(FIPS_R_UNSUPPORTED_DRBG_TYPE), "unsupported drbg type"},
-    {ERR_REASON(FIPS_R_UNSUPPORTED_PLATFORM), "unsupported platform"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_FIPS_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(FIPS_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, FIPS_str_functs);
-        ERR_load_strings(0, FIPS_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/fips_ers.c b/thirdparty/openssl/crypto/fips_ers.c
deleted file mode 100644
index 1788ed2884..0000000000
--- a/thirdparty/openssl/crypto/fips_ers.c
+++ /dev/null
@@ -1,7 +0,0 @@
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_FIPS
-# include "fips_err.h"
-#else
-static void *dummy = &dummy;
-#endif
diff --git a/thirdparty/openssl/crypto/hmac/hm_ameth.c b/thirdparty/openssl/crypto/hmac/hm_ameth.c
deleted file mode 100644
index 944c6c857b..0000000000
--- a/thirdparty/openssl/crypto/hmac/hm_ameth.c
+++ /dev/null
@@ -1,167 +0,0 @@
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2007.
- */
-/* ====================================================================
- * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include "asn1_locl.h"
-
-#define HMAC_TEST_PRIVATE_KEY_FORMAT
-
-/*
- * HMAC "ASN1" method. This is just here to indicate the maximum HMAC output
- * length and to free up an HMAC key.
- */
-
-static int hmac_size(const EVP_PKEY *pkey)
-{
-    return EVP_MAX_MD_SIZE;
-}
-
-static void hmac_key_free(EVP_PKEY *pkey)
-{
-    ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr;
-    if (os) {
-        if (os->data)
-            OPENSSL_cleanse(os->data, os->length);
-        ASN1_OCTET_STRING_free(os);
-    }
-}
-
-static int hmac_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
-{
-    switch (op) {
-    case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
-        *(int *)arg2 = NID_sha256;
-        return 1;
-
-    default:
-        return -2;
-    }
-}
-
-#ifdef HMAC_TEST_PRIVATE_KEY_FORMAT
-/*
- * A bogus private key format for test purposes. This is simply the HMAC key
- * with "HMAC PRIVATE KEY" in the headers. When enabled the genpkey utility
- * can be used to "generate" HMAC keys.
- */
-
-static int old_hmac_decode(EVP_PKEY *pkey,
-                           const unsigned char **pder, int derlen)
-{
-    ASN1_OCTET_STRING *os;
-    os = ASN1_OCTET_STRING_new();
-    if (!os || !ASN1_OCTET_STRING_set(os, *pder, derlen))
-        goto err;
-    if (!EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, os))
-        goto err;
-    return 1;
-
- err:
-    ASN1_OCTET_STRING_free(os);
-    return 0;
-}
-
-static int old_hmac_encode(const EVP_PKEY *pkey, unsigned char **pder)
-{
-    int inc;
-    ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr;
-    if (pder) {
-        if (!*pder) {
-            *pder = OPENSSL_malloc(os->length);
-            inc = 0;
-        } else
-            inc = 1;
-
-        memcpy(*pder, os->data, os->length);
-
-        if (inc)
-            *pder += os->length;
-    }
-
-    return os->length;
-}
-
-#endif
-
-const EVP_PKEY_ASN1_METHOD hmac_asn1_meth = {
-    EVP_PKEY_HMAC,
-    EVP_PKEY_HMAC,
-    0,
-
-    "HMAC",
-    "OpenSSL HMAC method",
-
-    0, 0, 0, 0,
-
-    0, 0, 0,
-
-    hmac_size,
-    0,
-    0, 0, 0, 0, 0, 0, 0,
-
-    hmac_key_free,
-    hmac_pkey_ctrl,
-#ifdef HMAC_TEST_PRIVATE_KEY_FORMAT
-    old_hmac_decode,
-    old_hmac_encode
-#else
-    0, 0
-#endif
-};
diff --git a/thirdparty/openssl/crypto/hmac/hm_pmeth.c b/thirdparty/openssl/crypto/hmac/hm_pmeth.c
deleted file mode 100644
index 0a59a01cf0..0000000000
--- a/thirdparty/openssl/crypto/hmac/hm_pmeth.c
+++ /dev/null
@@ -1,265 +0,0 @@
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2007.
- */
-/* ====================================================================
- * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/evp.h>
-#include <openssl/hmac.h>
-#include "evp_locl.h"
-
-/* HMAC pkey context structure */
-
-typedef struct {
-    const EVP_MD *md;           /* MD for HMAC use */
-    ASN1_OCTET_STRING ktmp;     /* Temp storage for key */
-    HMAC_CTX ctx;
-} HMAC_PKEY_CTX;
-
-static int pkey_hmac_init(EVP_PKEY_CTX *ctx)
-{
-    HMAC_PKEY_CTX *hctx;
-    hctx = OPENSSL_malloc(sizeof(HMAC_PKEY_CTX));
-    if (!hctx)
-        return 0;
-    hctx->md = NULL;
-    hctx->ktmp.data = NULL;
-    hctx->ktmp.length = 0;
-    hctx->ktmp.flags = 0;
-    hctx->ktmp.type = V_ASN1_OCTET_STRING;
-    HMAC_CTX_init(&hctx->ctx);
-
-    ctx->data = hctx;
-    ctx->keygen_info_count = 0;
-
-    return 1;
-}
-
-static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
-{
-    HMAC_PKEY_CTX *sctx, *dctx;
-    if (!pkey_hmac_init(dst))
-        return 0;
-    sctx = src->data;
-    dctx = dst->data;
-    dctx->md = sctx->md;
-    if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx))
-        goto err;
-    if (sctx->ktmp.data != NULL) {
-        if (!ASN1_OCTET_STRING_set(&dctx->ktmp,
-                                   sctx->ktmp.data, sctx->ktmp.length))
-            goto err;
-    }
-    return 1;
- err:
-    HMAC_CTX_cleanup(&dctx->ctx);
-    OPENSSL_free(dctx);
-    return 0;
-}
-
-static void pkey_hmac_cleanup(EVP_PKEY_CTX *ctx)
-{
-    HMAC_PKEY_CTX *hctx = ctx->data;
-    HMAC_CTX_cleanup(&hctx->ctx);
-    if (hctx->ktmp.data) {
-        if (hctx->ktmp.length)
-            OPENSSL_cleanse(hctx->ktmp.data, hctx->ktmp.length);
-        OPENSSL_free(hctx->ktmp.data);
-        hctx->ktmp.data = NULL;
-    }
-    OPENSSL_free(hctx);
-}
-
-static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
-    ASN1_OCTET_STRING *hkey = NULL;
-    HMAC_PKEY_CTX *hctx = ctx->data;
-    if (!hctx->ktmp.data)
-        return 0;
-    hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp);
-    if (!hkey)
-        return 0;
-    EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey);
-
-    return 1;
-}
-
-static int int_update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-    HMAC_PKEY_CTX *hctx = ctx->pctx->data;
-    if (!HMAC_Update(&hctx->ctx, data, count))
-        return 0;
-    return 1;
-}
-
-static int hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
-{
-    HMAC_PKEY_CTX *hctx = ctx->data;
-    HMAC_CTX_set_flags(&hctx->ctx, mctx->flags & ~EVP_MD_CTX_FLAG_NO_INIT);
-    EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
-    mctx->update = int_update;
-    return 1;
-}
-
-static int hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
-                        EVP_MD_CTX *mctx)
-{
-    unsigned int hlen;
-    HMAC_PKEY_CTX *hctx = ctx->data;
-    int l = EVP_MD_CTX_size(mctx);
-
-    if (l < 0)
-        return 0;
-    *siglen = l;
-    if (!sig)
-        return 1;
-
-    if (!HMAC_Final(&hctx->ctx, sig, &hlen))
-        return 0;
-    *siglen = (size_t)hlen;
-    return 1;
-}
-
-static int pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
-{
-    HMAC_PKEY_CTX *hctx = ctx->data;
-    ASN1_OCTET_STRING *key;
-    switch (type) {
-
-    case EVP_PKEY_CTRL_SET_MAC_KEY:
-        if ((!p2 && p1 > 0) || (p1 < -1))
-            return 0;
-        if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1))
-            return 0;
-        break;
-
-    case EVP_PKEY_CTRL_MD:
-        hctx->md = p2;
-        break;
-
-    case EVP_PKEY_CTRL_DIGESTINIT:
-        key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr;
-        if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md,
-                          ctx->engine))
-            return 0;
-        break;
-
-    default:
-        return -2;
-
-    }
-    return 1;
-}
-
-static int pkey_hmac_ctrl_str(EVP_PKEY_CTX *ctx,
-                              const char *type, const char *value)
-{
-    if (!value) {
-        return 0;
-    }
-    if (!strcmp(type, "key")) {
-        void *p = (void *)value;
-        return pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, -1, p);
-    }
-    if (!strcmp(type, "hexkey")) {
-        unsigned char *key;
-        int r;
-        long keylen;
-        key = string_to_hex(value, &keylen);
-        if (!key)
-            return 0;
-        r = pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key);
-        OPENSSL_free(key);
-        return r;
-    }
-    return -2;
-}
-
-const EVP_PKEY_METHOD hmac_pkey_meth = {
-    EVP_PKEY_HMAC,
-    0,
-    pkey_hmac_init,
-    pkey_hmac_copy,
-    pkey_hmac_cleanup,
-
-    0, 0,
-
-    0,
-    pkey_hmac_keygen,
-
-    0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    hmac_signctx_init,
-    hmac_signctx,
-
-    0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    0, 0,
-
-    pkey_hmac_ctrl,
-    pkey_hmac_ctrl_str
-};
diff --git a/thirdparty/openssl/crypto/hmac/hmac.c b/thirdparty/openssl/crypto/hmac/hmac.c
deleted file mode 100644
index 213504e85f..0000000000
--- a/thirdparty/openssl/crypto/hmac/hmac.c
+++ /dev/null
@@ -1,268 +0,0 @@
-/* crypto/hmac/hmac.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "cryptlib.h"
-#include <openssl/hmac.h>
-
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
-int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
-                 const EVP_MD *md, ENGINE *impl)
-{
-    int i, j, reset = 0;
-    unsigned char pad[HMAC_MAX_MD_CBLOCK];
-
-#ifdef OPENSSL_FIPS
-    /* If FIPS mode switch to approved implementation if possible */
-    if (FIPS_mode()) {
-        const EVP_MD *fipsmd;
-        if (md) {
-            fipsmd = FIPS_get_digestbynid(EVP_MD_type(md));
-            if (fipsmd)
-                md = fipsmd;
-        }
-    }
-
-    if (FIPS_mode()) {
-        /* If we have an ENGINE need to allow non FIPS */
-        if ((impl || ctx->i_ctx.engine)
-            && !(ctx->i_ctx.flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW)) {
-            EVPerr(EVP_F_HMAC_INIT_EX, EVP_R_DISABLED_FOR_FIPS);
-            return 0;
-        }
-        /*
-         * Other algorithm blocking will be done in FIPS_cmac_init, via
-         * FIPS_hmac_init_ex().
-         */
-        if (!impl && !ctx->i_ctx.engine)
-            return FIPS_hmac_init_ex(ctx, key, len, md, NULL);
-    }
-#endif
-    /* If we are changing MD then we must have a key */
-    if (md != NULL && md != ctx->md && (key == NULL || len < 0))
-        return 0;
-
-    if (md != NULL) {
-        reset = 1;
-        ctx->md = md;
-    } else if (ctx->md) {
-        md = ctx->md;
-    } else {
-        return 0;
-    }
-
-    if (key != NULL) {
-        reset = 1;
-        j = EVP_MD_block_size(md);
-        OPENSSL_assert(j <= (int)sizeof(ctx->key));
-        if (j < len) {
-            if (!EVP_DigestInit_ex(&ctx->md_ctx, md, impl))
-                goto err;
-            if (!EVP_DigestUpdate(&ctx->md_ctx, key, len))
-                goto err;
-            if (!EVP_DigestFinal_ex(&(ctx->md_ctx), ctx->key,
-                                    &ctx->key_length))
-                goto err;
-        } else {
-            if (len < 0 || len > (int)sizeof(ctx->key))
-                return 0;
-            memcpy(ctx->key, key, len);
-            ctx->key_length = len;
-        }
-        if (ctx->key_length != HMAC_MAX_MD_CBLOCK)
-            memset(&ctx->key[ctx->key_length], 0,
-                   HMAC_MAX_MD_CBLOCK - ctx->key_length);
-    }
-
-    if (reset) {
-        for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
-            pad[i] = 0x36 ^ ctx->key[i];
-        if (!EVP_DigestInit_ex(&ctx->i_ctx, md, impl))
-            goto err;
-        if (!EVP_DigestUpdate(&ctx->i_ctx, pad, EVP_MD_block_size(md)))
-            goto err;
-
-        for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
-            pad[i] = 0x5c ^ ctx->key[i];
-        if (!EVP_DigestInit_ex(&ctx->o_ctx, md, impl))
-            goto err;
-        if (!EVP_DigestUpdate(&ctx->o_ctx, pad, EVP_MD_block_size(md)))
-            goto err;
-    }
-    if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->i_ctx))
-        goto err;
-    return 1;
- err:
-    return 0;
-}
-
-int HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md)
-{
-    if (key && md)
-        HMAC_CTX_init(ctx);
-    return HMAC_Init_ex(ctx, key, len, md, NULL);
-}
-
-int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len)
-{
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode() && !ctx->i_ctx.engine)
-        return FIPS_hmac_update(ctx, data, len);
-#endif
-    if (!ctx->md)
-        return 0;
-
-    return EVP_DigestUpdate(&ctx->md_ctx, data, len);
-}
-
-int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
-{
-    unsigned int i;
-    unsigned char buf[EVP_MAX_MD_SIZE];
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode() && !ctx->i_ctx.engine)
-        return FIPS_hmac_final(ctx, md, len);
-#endif
-
-    if (!ctx->md)
-        goto err;
-
-    if (!EVP_DigestFinal_ex(&ctx->md_ctx, buf, &i))
-        goto err;
-    if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->o_ctx))
-        goto err;
-    if (!EVP_DigestUpdate(&ctx->md_ctx, buf, i))
-        goto err;
-    if (!EVP_DigestFinal_ex(&ctx->md_ctx, md, len))
-        goto err;
-    return 1;
- err:
-    return 0;
-}
-
-void HMAC_CTX_init(HMAC_CTX *ctx)
-{
-    EVP_MD_CTX_init(&ctx->i_ctx);
-    EVP_MD_CTX_init(&ctx->o_ctx);
-    EVP_MD_CTX_init(&ctx->md_ctx);
-    ctx->md = NULL;
-}
-
-int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
-{
-    if (!EVP_MD_CTX_copy(&dctx->i_ctx, &sctx->i_ctx))
-        goto err;
-    if (!EVP_MD_CTX_copy(&dctx->o_ctx, &sctx->o_ctx))
-        goto err;
-    if (!EVP_MD_CTX_copy(&dctx->md_ctx, &sctx->md_ctx))
-        goto err;
-    memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK);
-    dctx->key_length = sctx->key_length;
-    dctx->md = sctx->md;
-    return 1;
- err:
-    return 0;
-}
-
-void HMAC_CTX_cleanup(HMAC_CTX *ctx)
-{
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode() && !ctx->i_ctx.engine) {
-        FIPS_hmac_ctx_cleanup(ctx);
-        return;
-    }
-#endif
-    EVP_MD_CTX_cleanup(&ctx->i_ctx);
-    EVP_MD_CTX_cleanup(&ctx->o_ctx);
-    EVP_MD_CTX_cleanup(&ctx->md_ctx);
-    OPENSSL_cleanse(ctx, sizeof *ctx);
-}
-
-unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
-                    const unsigned char *d, size_t n, unsigned char *md,
-                    unsigned int *md_len)
-{
-    HMAC_CTX c;
-    static unsigned char m[EVP_MAX_MD_SIZE];
-
-    if (md == NULL)
-        md = m;
-    HMAC_CTX_init(&c);
-    if (!HMAC_Init(&c, key, key_len, evp_md))
-        goto err;
-    if (!HMAC_Update(&c, d, n))
-        goto err;
-    if (!HMAC_Final(&c, md, md_len))
-        goto err;
-    HMAC_CTX_cleanup(&c);
-    return md;
- err:
-    HMAC_CTX_cleanup(&c);
-    return NULL;
-}
-
-void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags)
-{
-    EVP_MD_CTX_set_flags(&ctx->i_ctx, flags);
-    EVP_MD_CTX_set_flags(&ctx->o_ctx, flags);
-    EVP_MD_CTX_set_flags(&ctx->md_ctx, flags);
-}
diff --git a/thirdparty/openssl/crypto/idea/i_cbc.c b/thirdparty/openssl/crypto/idea/i_cbc.c
deleted file mode 100644
index 950df98c95..0000000000
--- a/thirdparty/openssl/crypto/idea/i_cbc.c
+++ /dev/null
@@ -1,171 +0,0 @@
-/* crypto/idea/i_cbc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/idea.h>
-#include "idea_lcl.h"
-
-void idea_cbc_encrypt(const unsigned char *in, unsigned char *out,
-                      long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
-                      int encrypt)
-{
-    register unsigned long tin0, tin1;
-    register unsigned long tout0, tout1, xor0, xor1;
-    register long l = length;
-    unsigned long tin[2];
-
-    if (encrypt) {
-        n2l(iv, tout0);
-        n2l(iv, tout1);
-        iv -= 8;
-        for (l -= 8; l >= 0; l -= 8) {
-            n2l(in, tin0);
-            n2l(in, tin1);
-            tin0 ^= tout0;
-            tin1 ^= tout1;
-            tin[0] = tin0;
-            tin[1] = tin1;
-            idea_encrypt(tin, ks);
-            tout0 = tin[0];
-            l2n(tout0, out);
-            tout1 = tin[1];
-            l2n(tout1, out);
-        }
-        if (l != -8) {
-            n2ln(in, tin0, tin1, l + 8);
-            tin0 ^= tout0;
-            tin1 ^= tout1;
-            tin[0] = tin0;
-            tin[1] = tin1;
-            idea_encrypt(tin, ks);
-            tout0 = tin[0];
-            l2n(tout0, out);
-            tout1 = tin[1];
-            l2n(tout1, out);
-        }
-        l2n(tout0, iv);
-        l2n(tout1, iv);
-    } else {
-        n2l(iv, xor0);
-        n2l(iv, xor1);
-        iv -= 8;
-        for (l -= 8; l >= 0; l -= 8) {
-            n2l(in, tin0);
-            tin[0] = tin0;
-            n2l(in, tin1);
-            tin[1] = tin1;
-            idea_encrypt(tin, ks);
-            tout0 = tin[0] ^ xor0;
-            tout1 = tin[1] ^ xor1;
-            l2n(tout0, out);
-            l2n(tout1, out);
-            xor0 = tin0;
-            xor1 = tin1;
-        }
-        if (l != -8) {
-            n2l(in, tin0);
-            tin[0] = tin0;
-            n2l(in, tin1);
-            tin[1] = tin1;
-            idea_encrypt(tin, ks);
-            tout0 = tin[0] ^ xor0;
-            tout1 = tin[1] ^ xor1;
-            l2nn(tout0, tout1, out, l + 8);
-            xor0 = tin0;
-            xor1 = tin1;
-        }
-        l2n(xor0, iv);
-        l2n(xor1, iv);
-    }
-    tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
-    tin[0] = tin[1] = 0;
-}
-
-void idea_encrypt(unsigned long *d, IDEA_KEY_SCHEDULE *key)
-{
-    register IDEA_INT *p;
-    register unsigned long x1, x2, x3, x4, t0, t1, ul;
-
-    x2 = d[0];
-    x1 = (x2 >> 16);
-    x4 = d[1];
-    x3 = (x4 >> 16);
-
-    p = &(key->data[0][0]);
-
-    E_IDEA(0);
-    E_IDEA(1);
-    E_IDEA(2);
-    E_IDEA(3);
-    E_IDEA(4);
-    E_IDEA(5);
-    E_IDEA(6);
-    E_IDEA(7);
-
-    x1 &= 0xffff;
-    idea_mul(x1, x1, *p, ul);
-    p++;
-
-    t0 = x3 + *(p++);
-    t1 = x2 + *(p++);
-
-    x4 &= 0xffff;
-    idea_mul(x4, x4, *p, ul);
-
-    d[0] = (t0 & 0xffff) | ((x1 & 0xffff) << 16);
-    d[1] = (x4 & 0xffff) | ((t1 & 0xffff) << 16);
-}
diff --git a/thirdparty/openssl/crypto/idea/i_cfb64.c b/thirdparty/openssl/crypto/idea/i_cfb64.c
deleted file mode 100644
index a1547ed5d7..0000000000
--- a/thirdparty/openssl/crypto/idea/i_cfb64.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/* crypto/idea/i_cfb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/idea.h>
-#include "idea_lcl.h"
-
-/*
- * The input and output encrypted as though 64bit cfb mode is being used.
- * The extra state information to record how much of the 64bit block we have
- * used is contained in *num;
- */
-
-void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-                        long length, IDEA_KEY_SCHEDULE *schedule,
-                        unsigned char *ivec, int *num, int encrypt)
-{
-    register unsigned long v0, v1, t;
-    register int n = *num;
-    register long l = length;
-    unsigned long ti[2];
-    unsigned char *iv, c, cc;
-
-    iv = (unsigned char *)ivec;
-    if (encrypt) {
-        while (l--) {
-            if (n == 0) {
-                n2l(iv, v0);
-                ti[0] = v0;
-                n2l(iv, v1);
-                ti[1] = v1;
-                idea_encrypt((unsigned long *)ti, schedule);
-                iv = (unsigned char *)ivec;
-                t = ti[0];
-                l2n(t, iv);
-                t = ti[1];
-                l2n(t, iv);
-                iv = (unsigned char *)ivec;
-            }
-            c = *(in++) ^ iv[n];
-            *(out++) = c;
-            iv[n] = c;
-            n = (n + 1) & 0x07;
-        }
-    } else {
-        while (l--) {
-            if (n == 0) {
-                n2l(iv, v0);
-                ti[0] = v0;
-                n2l(iv, v1);
-                ti[1] = v1;
-                idea_encrypt((unsigned long *)ti, schedule);
-                iv = (unsigned char *)ivec;
-                t = ti[0];
-                l2n(t, iv);
-                t = ti[1];
-                l2n(t, iv);
-                iv = (unsigned char *)ivec;
-            }
-            cc = *(in++);
-            c = iv[n];
-            iv[n] = cc;
-            *(out++) = c ^ cc;
-            n = (n + 1) & 0x07;
-        }
-    }
-    v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
-    *num = n;
-}
diff --git a/thirdparty/openssl/crypto/idea/i_ecb.c b/thirdparty/openssl/crypto/idea/i_ecb.c
deleted file mode 100644
index a6b879a927..0000000000
--- a/thirdparty/openssl/crypto/idea/i_ecb.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/* crypto/idea/i_ecb.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/idea.h>
-#include "idea_lcl.h"
-#include <openssl/opensslv.h>
-
-const char IDEA_version[] = "IDEA" OPENSSL_VERSION_PTEXT;
-
-const char *idea_options(void)
-{
-    if (sizeof(short) != sizeof(IDEA_INT))
-        return ("idea(int)");
-    else
-        return ("idea(short)");
-}
-
-void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
-                      IDEA_KEY_SCHEDULE *ks)
-{
-    unsigned long l0, l1, d[2];
-
-    n2l(in, l0);
-    d[0] = l0;
-    n2l(in, l1);
-    d[1] = l1;
-    idea_encrypt(d, ks);
-    l0 = d[0];
-    l2n(l0, out);
-    l1 = d[1];
-    l2n(l1, out);
-    l0 = l1 = d[0] = d[1] = 0;
-}
diff --git a/thirdparty/openssl/crypto/idea/i_ofb64.c b/thirdparty/openssl/crypto/idea/i_ofb64.c
deleted file mode 100644
index aa5948801b..0000000000
--- a/thirdparty/openssl/crypto/idea/i_ofb64.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* crypto/idea/i_ofb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/idea.h>
-#include "idea_lcl.h"
-
-/*
- * The input and output encrypted as though 64bit ofb mode is being used.
- * The extra state information to record how much of the 64bit block we have
- * used is contained in *num;
- */
-void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-                        long length, IDEA_KEY_SCHEDULE *schedule,
-                        unsigned char *ivec, int *num)
-{
-    register unsigned long v0, v1, t;
-    register int n = *num;
-    register long l = length;
-    unsigned char d[8];
-    register char *dp;
-    unsigned long ti[2];
-    unsigned char *iv;
-    int save = 0;
-
-    iv = (unsigned char *)ivec;
-    n2l(iv, v0);
-    n2l(iv, v1);
-    ti[0] = v0;
-    ti[1] = v1;
-    dp = (char *)d;
-    l2n(v0, dp);
-    l2n(v1, dp);
-    while (l--) {
-        if (n == 0) {
-            idea_encrypt((unsigned long *)ti, schedule);
-            dp = (char *)d;
-            t = ti[0];
-            l2n(t, dp);
-            t = ti[1];
-            l2n(t, dp);
-            save++;
-        }
-        *(out++) = *(in++) ^ d[n];
-        n = (n + 1) & 0x07;
-    }
-    if (save) {
-        v0 = ti[0];
-        v1 = ti[1];
-        iv = (unsigned char *)ivec;
-        l2n(v0, iv);
-        l2n(v1, iv);
-    }
-    t = v0 = v1 = ti[0] = ti[1] = 0;
-    *num = n;
-}
diff --git a/thirdparty/openssl/crypto/idea/i_skey.c b/thirdparty/openssl/crypto/idea/i_skey.c
deleted file mode 100644
index 5365151335..0000000000
--- a/thirdparty/openssl/crypto/idea/i_skey.c
+++ /dev/null
@@ -1,171 +0,0 @@
-/* crypto/idea/i_skey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/crypto.h>
-#include <openssl/idea.h>
-#include "idea_lcl.h"
-
-static IDEA_INT inverse(unsigned int xin);
-void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks)
-#ifdef OPENSSL_FIPS
-{
-    fips_cipher_abort(IDEA);
-    private_idea_set_encrypt_key(key, ks);
-}
-
-void private_idea_set_encrypt_key(const unsigned char *key,
-                                  IDEA_KEY_SCHEDULE *ks)
-#endif
-{
-    int i;
-    register IDEA_INT *kt, *kf, r0, r1, r2;
-
-    kt = &(ks->data[0][0]);
-    n2s(key, kt[0]);
-    n2s(key, kt[1]);
-    n2s(key, kt[2]);
-    n2s(key, kt[3]);
-    n2s(key, kt[4]);
-    n2s(key, kt[5]);
-    n2s(key, kt[6]);
-    n2s(key, kt[7]);
-
-    kf = kt;
-    kt += 8;
-    for (i = 0; i < 6; i++) {
-        r2 = kf[1];
-        r1 = kf[2];
-        *(kt++) = ((r2 << 9) | (r1 >> 7)) & 0xffff;
-        r0 = kf[3];
-        *(kt++) = ((r1 << 9) | (r0 >> 7)) & 0xffff;
-        r1 = kf[4];
-        *(kt++) = ((r0 << 9) | (r1 >> 7)) & 0xffff;
-        r0 = kf[5];
-        *(kt++) = ((r1 << 9) | (r0 >> 7)) & 0xffff;
-        r1 = kf[6];
-        *(kt++) = ((r0 << 9) | (r1 >> 7)) & 0xffff;
-        r0 = kf[7];
-        *(kt++) = ((r1 << 9) | (r0 >> 7)) & 0xffff;
-        r1 = kf[0];
-        if (i >= 5)
-            break;
-        *(kt++) = ((r0 << 9) | (r1 >> 7)) & 0xffff;
-        *(kt++) = ((r1 << 9) | (r2 >> 7)) & 0xffff;
-        kf += 8;
-    }
-}
-
-void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk)
-{
-    int r;
-    register IDEA_INT *fp, *tp, t;
-
-    tp = &(dk->data[0][0]);
-    fp = &(ek->data[8][0]);
-    for (r = 0; r < 9; r++) {
-        *(tp++) = inverse(fp[0]);
-        *(tp++) = ((int)(0x10000L - fp[2]) & 0xffff);
-        *(tp++) = ((int)(0x10000L - fp[1]) & 0xffff);
-        *(tp++) = inverse(fp[3]);
-        if (r == 8)
-            break;
-        fp -= 6;
-        *(tp++) = fp[4];
-        *(tp++) = fp[5];
-    }
-
-    tp = &(dk->data[0][0]);
-    t = tp[1];
-    tp[1] = tp[2];
-    tp[2] = t;
-
-    t = tp[49];
-    tp[49] = tp[50];
-    tp[50] = t;
-}
-
-/* taken directly from the 'paper' I'll have a look at it later */
-static IDEA_INT inverse(unsigned int xin)
-{
-    long n1, n2, q, r, b1, b2, t;
-
-    if (xin == 0)
-        b2 = 0;
-    else {
-        n1 = 0x10001;
-        n2 = xin;
-        b2 = 1;
-        b1 = 0;
-
-        do {
-            r = (n1 % n2);
-            q = (n1 - r) / n2;
-            if (r == 0) {
-                if (b2 < 0)
-                    b2 = 0x10001 + b2;
-            } else {
-                n1 = n2;
-                n2 = r;
-                t = b2;
-                b2 = b1 - q * b2;
-                b1 = t;
-            }
-        } while (r != 0);
-    }
-    return ((IDEA_INT) b2);
-}
diff --git a/thirdparty/openssl/crypto/idea/idea_lcl.h b/thirdparty/openssl/crypto/idea/idea_lcl.h
deleted file mode 100644
index e40695384d..0000000000
--- a/thirdparty/openssl/crypto/idea/idea_lcl.h
+++ /dev/null
@@ -1,216 +0,0 @@
-/* crypto/idea/idea_lcl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * The new form of this macro (check if the a*b == 0) was suggested by Colin
- * Plumb <colin@nyx10.cs.du.edu>
- */
-/* Removal of the inner if from from Wei Dai 24/4/96 */
-#define idea_mul(r,a,b,ul) \
-ul=(unsigned long)a*b; \
-if (ul != 0) \
-        { \
-        r=(ul&0xffff)-(ul>>16); \
-        r-=((r)>>16); \
-        } \
-else \
-        r=(-(int)a-b+1);        /* assuming a or b is 0 and in range */
-
-#ifdef undef
-# define idea_mul(r,a,b,ul,sl) \
-if (a == 0) r=(0x10001-b)&0xffff; \
-else if (b == 0) r=(0x10001-a)&0xffff; \
-else    { \
-        ul=(unsigned long)a*b; \
-        sl=(ul&0xffff)-(ul>>16); \
-        if (sl <= 0) sl+=0x10001; \
-        r=sl; \
-        }
-#endif
-
-/*
- * 7/12/95 - Many thanks to Rhys Weatherley <rweather@us.oracle.com> for
- * pointing out that I was assuming little endian byte order for all
- * quantities what idea actually used bigendian.  No where in the spec does
- * it mention this, it is all in terms of 16 bit numbers and even the example
- * does not use byte streams for the input example :-(. If you byte swap each
- * pair of input, keys and iv, the functions would produce the output as the
- * old version :-(.
- */
-
-/* NOTE - c is not incremented as per n2l */
-#define n2ln(c,l1,l2,n) { \
-                        c+=n; \
-                        l1=l2=0; \
-                        switch (n) { \
-                        case 8: l2 =((unsigned long)(*(--(c))))    ; \
-                        case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
-                        case 6: l2|=((unsigned long)(*(--(c))))<<16; \
-                        case 5: l2|=((unsigned long)(*(--(c))))<<24; \
-                        case 4: l1 =((unsigned long)(*(--(c))))    ; \
-                        case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
-                        case 2: l1|=((unsigned long)(*(--(c))))<<16; \
-                        case 1: l1|=((unsigned long)(*(--(c))))<<24; \
-                                } \
-                        }
-
-/* NOTE - c is not incremented as per l2n */
-#define l2nn(l1,l2,c,n) { \
-                        c+=n; \
-                        switch (n) { \
-                        case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
-                        case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
-                        case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
-                        case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
-                        case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
-                        case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
-                        case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
-                        case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
-                                } \
-                        }
-
-#undef n2l
-#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
-                         l|=((unsigned long)(*((c)++)))<<16L, \
-                         l|=((unsigned long)(*((c)++)))<< 8L, \
-                         l|=((unsigned long)(*((c)++))))
-
-#undef l2n
-#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)     )&0xff))
-
-#undef s2n
-#define s2n(l,c)        (*((c)++)=(unsigned char)(((l)     )&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff))
-
-#undef n2s
-#define n2s(c,l)        (l =((IDEA_INT)(*((c)++)))<< 8L, \
-                         l|=((IDEA_INT)(*((c)++)))      )
-
-#ifdef undef
-/* NOTE - c is not incremented as per c2l */
-# define c2ln(c,l1,l2,n) { \
-                        c+=n; \
-                        l1=l2=0; \
-                        switch (n) { \
-                        case 8: l2 =((unsigned long)(*(--(c))))<<24; \
-                        case 7: l2|=((unsigned long)(*(--(c))))<<16; \
-                        case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
-                        case 5: l2|=((unsigned long)(*(--(c))));     \
-                        case 4: l1 =((unsigned long)(*(--(c))))<<24; \
-                        case 3: l1|=((unsigned long)(*(--(c))))<<16; \
-                        case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
-                        case 1: l1|=((unsigned long)(*(--(c))));     \
-                                } \
-                        }
-
-/* NOTE - c is not incremented as per l2c */
-# define l2cn(l1,l2,c,n) { \
-                        c+=n; \
-                        switch (n) { \
-                        case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
-                        case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
-                        case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
-                        case 5: *(--(c))=(unsigned char)(((l2)    )&0xff); \
-                        case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
-                        case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
-                        case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
-                        case 1: *(--(c))=(unsigned char)(((l1)    )&0xff); \
-                                } \
-                        }
-
-# undef c2s
-# define c2s(c,l)        (l =((unsigned long)(*((c)++)))    , \
-                         l|=((unsigned long)(*((c)++)))<< 8L)
-
-# undef s2c
-# define s2c(l,c)        (*((c)++)=(unsigned char)(((l)     )&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff))
-
-# undef c2l
-# define c2l(c,l)        (l =((unsigned long)(*((c)++)))     , \
-                         l|=((unsigned long)(*((c)++)))<< 8L, \
-                         l|=((unsigned long)(*((c)++)))<<16L, \
-                         l|=((unsigned long)(*((c)++)))<<24L)
-
-# undef l2c
-# define l2c(l,c)        (*((c)++)=(unsigned char)(((l)     )&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-#endif
-
-#define E_IDEA(num) \
-        x1&=0xffff; \
-        idea_mul(x1,x1,*p,ul); p++; \
-        x2+= *(p++); \
-        x3+= *(p++); \
-        x4&=0xffff; \
-        idea_mul(x4,x4,*p,ul); p++; \
-        t0=(x1^x3)&0xffff; \
-        idea_mul(t0,t0,*p,ul); p++; \
-        t1=(t0+(x2^x4))&0xffff; \
-        idea_mul(t1,t1,*p,ul); p++; \
-        t0+=t1; \
-        x1^=t1; \
-        x4^=t0; \
-        ul=x2^t0; /* do the swap to x3 */ \
-        x2=x3^t1; \
-        x3=ul;
diff --git a/thirdparty/openssl/crypto/idea/idea_spd.c b/thirdparty/openssl/crypto/idea/idea_spd.c
deleted file mode 100644
index 59acc407d7..0000000000
--- a/thirdparty/openssl/crypto/idea/idea_spd.c
+++ /dev/null
@@ -1,283 +0,0 @@
-/* crypto/idea/idea_spd.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
-/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-# define TIMES
-#endif
-
-#include <stdio.h>
-
-#include <openssl/e_os2.h>
-#include OPENSSL_UNISTD_IO
-OPENSSL_DECLARE_EXIT
-#ifndef OPENSSL_SYS_NETWARE
-# include <signal.h>
-#endif
-#ifndef _IRIX
-# include <time.h>
-#endif
-#ifdef TIMES
-# include <sys/types.h>
-# include <sys/times.h>
-#endif
-    /*
-     * Depending on the VMS version, the tms structure is perhaps defined.
-     * The __TMS macro will show if it was.  If it wasn't defined, we should
-     * undefine TIMES, since that tells the rest of the program how things
-     * should be handled.  -- Richard Levitte
-     */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-# undef TIMES
-#endif
-#ifndef TIMES
-# include <sys/timeb.h>
-#endif
-#if defined(sun) || defined(__ultrix)
-# define _POSIX_SOURCE
-# include <limits.h>
-# include <sys/param.h>
-#endif
-#include <openssl/idea.h>
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-# ifndef CLK_TCK
-#  define HZ      100.0
-# else                          /* CLK_TCK */
-#  define HZ ((double)CLK_TCK)
-# endif
-#endif
-#define BUFSIZE ((long)1024)
-long run = 0;
-
-double Time_F(int s);
-#ifdef SIGALRM
-# if defined(__STDC__) || defined(sgi) || defined(_AIX)
-#  define SIGRETTYPE void
-# else
-#  define SIGRETTYPE int
-# endif
-
-SIGRETTYPE sig_done(int sig);
-SIGRETTYPE sig_done(int sig)
-{
-    signal(SIGALRM, sig_done);
-    run = 0;
-# ifdef LINT
-    sig = sig;
-# endif
-}
-#endif
-
-#define START   0
-#define STOP    1
-
-double Time_F(int s)
-{
-    double ret;
-#ifdef TIMES
-    static struct tms tstart, tend;
-
-    if (s == START) {
-        times(&tstart);
-        return (0);
-    } else {
-        times(&tend);
-        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
-        return ((ret == 0.0) ? 1e-6 : ret);
-    }
-#else                           /* !times() */
-    static struct timeb tstart, tend;
-    long i;
-
-    if (s == START) {
-        ftime(&tstart);
-        return (0);
-    } else {
-        ftime(&tend);
-        i = (long)tend.millitm - (long)tstart.millitm;
-        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1e3;
-        return ((ret == 0.0) ? 1e-6 : ret);
-    }
-#endif
-}
-
-int main(int argc, char **argv)
-{
-    long count;
-    static unsigned char buf[BUFSIZE];
-    static unsigned char key[] = {
-        0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
-        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
-    };
-    IDEA_KEY_SCHEDULE sch;
-    double a, aa, b, c, d;
-#ifndef SIGALRM
-    long ca, cca, cb, cc;
-#endif
-
-#ifndef TIMES
-    printf("To get the most accurate results, try to run this\n");
-    printf("program when this computer is idle.\n");
-#endif
-
-#ifndef SIGALRM
-    printf("First we calculate the approximate speed ...\n");
-    idea_set_encrypt_key(key, &sch);
-    count = 10;
-    do {
-        long i;
-        IDEA_INT data[2];
-
-        count *= 2;
-        Time_F(START);
-        for (i = count; i; i--)
-            idea_encrypt(data, &sch);
-        d = Time_F(STOP);
-    } while (d < 3.0);
-    ca = count / 4;
-    cca = count / 200;
-    cb = count;
-    cc = count * 8 / BUFSIZE + 1;
-    printf("idea_set_encrypt_key %ld times\n", ca);
-# define COND(d) (count <= (d))
-# define COUNT(d) (d)
-#else
-# define COND(c) (run)
-# define COUNT(d) (count)
-    signal(SIGALRM, sig_done);
-    printf("Doing idea_set_encrypt_key for 10 seconds\n");
-    alarm(10);
-#endif
-
-    Time_F(START);
-    for (count = 0, run = 1; COND(ca); count += 4) {
-        idea_set_encrypt_key(key, &sch);
-        idea_set_encrypt_key(key, &sch);
-        idea_set_encrypt_key(key, &sch);
-        idea_set_encrypt_key(key, &sch);
-    }
-    d = Time_F(STOP);
-    printf("%ld idea idea_set_encrypt_key's in %.2f seconds\n", count, d);
-    a = ((double)COUNT(ca)) / d;
-
-#ifdef SIGALRM
-    printf("Doing idea_set_decrypt_key for 10 seconds\n");
-    alarm(10);
-#else
-    printf("Doing idea_set_decrypt_key %ld times\n", cca);
-#endif
-
-    Time_F(START);
-    for (count = 0, run = 1; COND(cca); count += 4) {
-        idea_set_decrypt_key(&sch, &sch);
-        idea_set_decrypt_key(&sch, &sch);
-        idea_set_decrypt_key(&sch, &sch);
-        idea_set_decrypt_key(&sch, &sch);
-    }
-    d = Time_F(STOP);
-    printf("%ld idea idea_set_decrypt_key's in %.2f seconds\n", count, d);
-    aa = ((double)COUNT(cca)) / d;
-
-#ifdef SIGALRM
-    printf("Doing idea_encrypt's for 10 seconds\n");
-    alarm(10);
-#else
-    printf("Doing idea_encrypt %ld times\n", cb);
-#endif
-    Time_F(START);
-    for (count = 0, run = 1; COND(cb); count += 4) {
-        unsigned long data[2];
-
-        idea_encrypt(data, &sch);
-        idea_encrypt(data, &sch);
-        idea_encrypt(data, &sch);
-        idea_encrypt(data, &sch);
-    }
-    d = Time_F(STOP);
-    printf("%ld idea_encrypt's in %.2f second\n", count, d);
-    b = ((double)COUNT(cb) * 8) / d;
-
-#ifdef SIGALRM
-    printf("Doing idea_cbc_encrypt on %ld byte blocks for 10 seconds\n",
-           BUFSIZE);
-    alarm(10);
-#else
-    printf("Doing idea_cbc_encrypt %ld times on %ld byte blocks\n", cc,
-           BUFSIZE);
-#endif
-    Time_F(START);
-    for (count = 0, run = 1; COND(cc); count++)
-        idea_cbc_encrypt(buf, buf, BUFSIZE, &sch, &(key[0]), IDEA_ENCRYPT);
-    d = Time_F(STOP);
-    printf("%ld idea_cbc_encrypt's of %ld byte blocks in %.2f second\n",
-           count, BUFSIZE, d);
-    c = ((double)COUNT(cc) * BUFSIZE) / d;
-
-    printf("IDEA set_encrypt_key per sec = %12.2f (%9.3fuS)\n", a, 1.0e6 / a);
-    printf("IDEA set_decrypt_key per sec = %12.2f (%9.3fuS)\n", aa,
-           1.0e6 / aa);
-    printf("IDEA raw ecb bytes   per sec = %12.2f (%9.3fuS)\n", b, 8.0e6 / b);
-    printf("IDEA cbc     bytes   per sec = %12.2f (%9.3fuS)\n", c, 8.0e6 / c);
-    exit(0);
-#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
-    return (0);
-#endif
-}
diff --git a/thirdparty/openssl/crypto/idea/version b/thirdparty/openssl/crypto/idea/version
deleted file mode 100644
index 3f22293795..0000000000
--- a/thirdparty/openssl/crypto/idea/version
+++ /dev/null
@@ -1,12 +0,0 @@
-1.1 07/12/95 - eay
-	Many thanks to Rhys Weatherley <rweather@us.oracle.com>
-	for pointing out that I was assuming little endian byte
-	order for all quantities what idea actually used
-	bigendian.  No where in the spec does it mention
-	this, it is all in terms of 16 bit numbers and even the example
-	does not use byte streams for the input example :-(.
-	If you byte swap each pair of input, keys and iv, the functions
-	would produce the output as the old version :-(.
-
-1.0 ??/??/95 - eay
-	First version.
diff --git a/thirdparty/openssl/crypto/include/internal/bn_conf.h b/thirdparty/openssl/crypto/include/internal/bn_conf.h
deleted file mode 100644
index 34bd8b78b4..0000000000
--- a/thirdparty/openssl/crypto/include/internal/bn_conf.h
+++ /dev/null
@@ -1,28 +0,0 @@
-/* WARNING: do not edit! */
-/* Generated by Makefile from crypto/include/internal/bn_conf.h.in */
-/*
- * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#ifndef HEADER_BN_CONF_H
-# define HEADER_BN_CONF_H
-
-/*
- * The contents of this file are not used in the UEFI build, as
- * both 32-bit and 64-bit builds are supported from a single run
- * of the Configure script.
- */
-
-/* Should we define BN_DIV2W here? */
-
-/* Only one for the following should be defined */
-#define SIXTY_FOUR_BIT_LONG
-#undef SIXTY_FOUR_BIT
-#undef THIRTY_TWO_BIT
-
-#endif
diff --git a/thirdparty/openssl/crypto/include/internal/dso_conf.h b/thirdparty/openssl/crypto/include/internal/dso_conf.h
deleted file mode 100644
index 7a52dd1f1a..0000000000
--- a/thirdparty/openssl/crypto/include/internal/dso_conf.h
+++ /dev/null
@@ -1,16 +0,0 @@
-/* WARNING: do not edit! */
-/* Generated by Makefile from crypto/include/internal/dso_conf.h.in */
-/*
- * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License").  You may not use
- * this file except in compliance with the License.  You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#ifndef HEADER_DSO_CONF_H
-# define HEADER_DSO_CONF_H
-
-# define DSO_EXTENSION ".so"
-#endif
diff --git a/thirdparty/openssl/crypto/jpake/jpake.c b/thirdparty/openssl/crypto/jpake/jpake.c
deleted file mode 100644
index 2ba75f0172..0000000000
--- a/thirdparty/openssl/crypto/jpake/jpake.c
+++ /dev/null
@@ -1,516 +0,0 @@
-#include "jpake.h"
-
-#include <openssl/crypto.h>
-#include <openssl/sha.h>
-#include <openssl/err.h>
-#include <memory.h>
-#include <string.h>
-
-/*
- * In the definition, (xa, xb, xc, xd) are Alice's (x1, x2, x3, x4) or
- * Bob's (x3, x4, x1, x2). If you see what I mean.
- */
-
-typedef struct {
-    char *name;                 /* Must be unique */
-    char *peer_name;
-    BIGNUM *p;
-    BIGNUM *g;
-    BIGNUM *q;
-    BIGNUM *gxc;                /* Alice's g^{x3} or Bob's g^{x1} */
-    BIGNUM *gxd;                /* Alice's g^{x4} or Bob's g^{x2} */
-} JPAKE_CTX_PUBLIC;
-
-struct JPAKE_CTX {
-    JPAKE_CTX_PUBLIC p;
-    BIGNUM *secret;             /* The shared secret */
-    BN_CTX *ctx;
-    BIGNUM *xa;                 /* Alice's x1 or Bob's x3 */
-    BIGNUM *xb;                 /* Alice's x2 or Bob's x4 */
-    BIGNUM *key;                /* The calculated (shared) key */
-};
-
-static void JPAKE_ZKP_init(JPAKE_ZKP *zkp)
-{
-    zkp->gr = BN_new();
-    zkp->b = BN_new();
-}
-
-static void JPAKE_ZKP_release(JPAKE_ZKP *zkp)
-{
-    BN_free(zkp->b);
-    BN_free(zkp->gr);
-}
-
-/* Two birds with one stone - make the global name as expected */
-#define JPAKE_STEP_PART_init    JPAKE_STEP2_init
-#define JPAKE_STEP_PART_release JPAKE_STEP2_release
-
-void JPAKE_STEP_PART_init(JPAKE_STEP_PART *p)
-{
-    p->gx = BN_new();
-    JPAKE_ZKP_init(&p->zkpx);
-}
-
-void JPAKE_STEP_PART_release(JPAKE_STEP_PART *p)
-{
-    JPAKE_ZKP_release(&p->zkpx);
-    BN_free(p->gx);
-}
-
-void JPAKE_STEP1_init(JPAKE_STEP1 *s1)
-{
-    JPAKE_STEP_PART_init(&s1->p1);
-    JPAKE_STEP_PART_init(&s1->p2);
-}
-
-void JPAKE_STEP1_release(JPAKE_STEP1 *s1)
-{
-    JPAKE_STEP_PART_release(&s1->p2);
-    JPAKE_STEP_PART_release(&s1->p1);
-}
-
-static void JPAKE_CTX_init(JPAKE_CTX *ctx, const char *name,
-                           const char *peer_name, const BIGNUM *p,
-                           const BIGNUM *g, const BIGNUM *q,
-                           const BIGNUM *secret)
-{
-    ctx->p.name = OPENSSL_strdup(name);
-    ctx->p.peer_name = OPENSSL_strdup(peer_name);
-    ctx->p.p = BN_dup(p);
-    ctx->p.g = BN_dup(g);
-    ctx->p.q = BN_dup(q);
-    ctx->secret = BN_dup(secret);
-
-    ctx->p.gxc = BN_new();
-    ctx->p.gxd = BN_new();
-
-    ctx->xa = BN_new();
-    ctx->xb = BN_new();
-    ctx->key = BN_new();
-    ctx->ctx = BN_CTX_new();
-}
-
-static void JPAKE_CTX_release(JPAKE_CTX *ctx)
-{
-    BN_CTX_free(ctx->ctx);
-    BN_clear_free(ctx->key);
-    BN_clear_free(ctx->xb);
-    BN_clear_free(ctx->xa);
-
-    BN_free(ctx->p.gxd);
-    BN_free(ctx->p.gxc);
-
-    BN_clear_free(ctx->secret);
-    BN_free(ctx->p.q);
-    BN_free(ctx->p.g);
-    BN_free(ctx->p.p);
-    OPENSSL_free(ctx->p.peer_name);
-    OPENSSL_free(ctx->p.name);
-
-    memset(ctx, '\0', sizeof *ctx);
-}
-
-JPAKE_CTX *JPAKE_CTX_new(const char *name, const char *peer_name,
-                         const BIGNUM *p, const BIGNUM *g, const BIGNUM *q,
-                         const BIGNUM *secret)
-{
-    JPAKE_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
-    if (ctx == NULL)
-        return NULL;
-
-    JPAKE_CTX_init(ctx, name, peer_name, p, g, q, secret);
-
-    return ctx;
-}
-
-void JPAKE_CTX_free(JPAKE_CTX *ctx)
-{
-    JPAKE_CTX_release(ctx);
-    OPENSSL_free(ctx);
-}
-
-static void hashlength(SHA_CTX *sha, size_t l)
-{
-    unsigned char b[2];
-
-    OPENSSL_assert(l <= 0xffff);
-    b[0] = l >> 8;
-    b[1] = l & 0xff;
-    SHA1_Update(sha, b, 2);
-}
-
-static void hashstring(SHA_CTX *sha, const char *string)
-{
-    size_t l = strlen(string);
-
-    hashlength(sha, l);
-    SHA1_Update(sha, string, l);
-}
-
-static void hashbn(SHA_CTX *sha, const BIGNUM *bn)
-{
-    size_t l = BN_num_bytes(bn);
-    unsigned char *bin = OPENSSL_malloc(l);
-
-    if (bin == NULL)
-        return;
-    hashlength(sha, l);
-    BN_bn2bin(bn, bin);
-    SHA1_Update(sha, bin, l);
-    OPENSSL_free(bin);
-}
-
-/* h=hash(g, g^r, g^x, name) */
-static void zkp_hash(BIGNUM *h, const BIGNUM *zkpg, const JPAKE_STEP_PART *p,
-                     const char *proof_name)
-{
-    unsigned char md[SHA_DIGEST_LENGTH];
-    SHA_CTX sha;
-
-    /*
-     * XXX: hash should not allow moving of the boundaries - Java code
-     * is flawed in this respect. Length encoding seems simplest.
-     */
-    SHA1_Init(&sha);
-    hashbn(&sha, zkpg);
-    OPENSSL_assert(!BN_is_zero(p->zkpx.gr));
-    hashbn(&sha, p->zkpx.gr);
-    hashbn(&sha, p->gx);
-    hashstring(&sha, proof_name);
-    SHA1_Final(md, &sha);
-    BN_bin2bn(md, SHA_DIGEST_LENGTH, h);
-}
-
-/*
- * Prove knowledge of x
- * Note that p->gx has already been calculated
- */
-static void generate_zkp(JPAKE_STEP_PART *p, const BIGNUM *x,
-                         const BIGNUM *zkpg, JPAKE_CTX *ctx)
-{
-    BIGNUM *r = BN_new();
-    BIGNUM *h = BN_new();
-    BIGNUM *t = BN_new();
-
-   /*-
-    * r in [0,q)
-    * XXX: Java chooses r in [0, 2^160) - i.e. distribution not uniform
-    */
-    BN_rand_range(r, ctx->p.q);
-    /* g^r */
-    BN_mod_exp(p->zkpx.gr, zkpg, r, ctx->p.p, ctx->ctx);
-
-    /* h=hash... */
-    zkp_hash(h, zkpg, p, ctx->p.name);
-
-    /* b = r - x*h */
-    BN_mod_mul(t, x, h, ctx->p.q, ctx->ctx);
-    BN_mod_sub(p->zkpx.b, r, t, ctx->p.q, ctx->ctx);
-
-    /* cleanup */
-    BN_free(t);
-    BN_free(h);
-    BN_free(r);
-}
-
-static int verify_zkp(const JPAKE_STEP_PART *p, const BIGNUM *zkpg,
-                      JPAKE_CTX *ctx)
-{
-    BIGNUM *h = BN_new();
-    BIGNUM *t1 = BN_new();
-    BIGNUM *t2 = BN_new();
-    BIGNUM *t3 = BN_new();
-    int ret = 0;
-
-    if (h == NULL || t1 == NULL || t2 == NULL || t3 == NULL)
-        goto end;
-
-    zkp_hash(h, zkpg, p, ctx->p.peer_name);
-
-    /* t1 = g^b */
-    BN_mod_exp(t1, zkpg, p->zkpx.b, ctx->p.p, ctx->ctx);
-    /* t2 = (g^x)^h = g^{hx} */
-    BN_mod_exp(t2, p->gx, h, ctx->p.p, ctx->ctx);
-    /* t3 = t1 * t2 = g^{hx} * g^b = g^{hx+b} = g^r (allegedly) */
-    BN_mod_mul(t3, t1, t2, ctx->p.p, ctx->ctx);
-
-    /* verify t3 == g^r */
-    if (BN_cmp(t3, p->zkpx.gr) == 0)
-        ret = 1;
-    else
-        JPAKEerr(JPAKE_F_VERIFY_ZKP, JPAKE_R_ZKP_VERIFY_FAILED);
-
-end:
-    /* cleanup */
-    BN_free(t3);
-    BN_free(t2);
-    BN_free(t1);
-    BN_free(h);
-
-    return ret;
-}
-
-static void generate_step_part(JPAKE_STEP_PART *p, const BIGNUM *x,
-                               const BIGNUM *g, JPAKE_CTX *ctx)
-{
-    BN_mod_exp(p->gx, g, x, ctx->p.p, ctx->ctx);
-    generate_zkp(p, x, g, ctx);
-}
-
-/* Generate each party's random numbers. xa is in [0, q), xb is in [1, q). */
-static void genrand(JPAKE_CTX *ctx)
-{
-    BIGNUM *qm1;
-
-    /* xa in [0, q) */
-    BN_rand_range(ctx->xa, ctx->p.q);
-
-    /* q-1 */
-    qm1 = BN_new();
-    BN_copy(qm1, ctx->p.q);
-    BN_sub_word(qm1, 1);
-
-    /* ... and xb in [0, q-1) */
-    BN_rand_range(ctx->xb, qm1);
-    /* [1, q) */
-    BN_add_word(ctx->xb, 1);
-
-    /* cleanup */
-    BN_free(qm1);
-}
-
-int JPAKE_STEP1_generate(JPAKE_STEP1 *send, JPAKE_CTX *ctx)
-{
-    genrand(ctx);
-    generate_step_part(&send->p1, ctx->xa, ctx->p.g, ctx);
-    generate_step_part(&send->p2, ctx->xb, ctx->p.g, ctx);
-
-    return 1;
-}
-
-/* g^x is a legal value */
-static int is_legal(const BIGNUM *gx, const JPAKE_CTX *ctx)
-{
-    BIGNUM *t;
-    int res;
-
-    if (BN_is_negative(gx) || BN_is_zero(gx) || BN_cmp(gx, ctx->p.p) >= 0)
-        return 0;
-
-    t = BN_new();
-    BN_mod_exp(t, gx, ctx->p.q, ctx->p.p, ctx->ctx);
-    res = BN_is_one(t);
-    BN_free(t);
-
-    return res;
-}
-
-int JPAKE_STEP1_process(JPAKE_CTX *ctx, const JPAKE_STEP1 *received)
-{
-    if (!is_legal(received->p1.gx, ctx)) {
-        JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS,
-                 JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL);
-        return 0;
-    }
-
-    if (!is_legal(received->p2.gx, ctx)) {
-        JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS,
-                 JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL);
-        return 0;
-    }
-
-    /* verify their ZKP(xc) */
-    if (!verify_zkp(&received->p1, ctx->p.g, ctx)) {
-        JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_VERIFY_X3_FAILED);
-        return 0;
-    }
-
-    /* verify their ZKP(xd) */
-    if (!verify_zkp(&received->p2, ctx->p.g, ctx)) {
-        JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_VERIFY_X4_FAILED);
-        return 0;
-    }
-
-    /* g^xd != 1 */
-    if (BN_is_one(received->p2.gx)) {
-        JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_G_TO_THE_X4_IS_ONE);
-        return 0;
-    }
-
-    /* Save the bits we need for later */
-    BN_copy(ctx->p.gxc, received->p1.gx);
-    BN_copy(ctx->p.gxd, received->p2.gx);
-
-    return 1;
-}
-
-int JPAKE_STEP2_generate(JPAKE_STEP2 *send, JPAKE_CTX *ctx)
-{
-    BIGNUM *t1 = BN_new();
-    BIGNUM *t2 = BN_new();
-
-   /*-
-    * X = g^{(xa + xc + xd) * xb * s}
-    * t1 = g^xa
-    */
-    BN_mod_exp(t1, ctx->p.g, ctx->xa, ctx->p.p, ctx->ctx);
-    /* t2 = t1 * g^{xc} = g^{xa} * g^{xc} = g^{xa + xc} */
-    BN_mod_mul(t2, t1, ctx->p.gxc, ctx->p.p, ctx->ctx);
-    /* t1 = t2 * g^{xd} = g^{xa + xc + xd} */
-    BN_mod_mul(t1, t2, ctx->p.gxd, ctx->p.p, ctx->ctx);
-    /* t2 = xb * s */
-    BN_mod_mul(t2, ctx->xb, ctx->secret, ctx->p.q, ctx->ctx);
-
-   /*-
-    * ZKP(xb * s)
-    * XXX: this is kinda funky, because we're using
-    *
-    * g' = g^{xa + xc + xd}
-    *
-    * as the generator, which means X is g'^{xb * s}
-    * X = t1^{t2} = t1^{xb * s} = g^{(xa + xc + xd) * xb * s}
-    */
-    generate_step_part(send, t2, t1, ctx);
-
-    /* cleanup */
-    BN_free(t1);
-    BN_free(t2);
-
-    return 1;
-}
-
-/* gx = g^{xc + xa + xb} * xd * s */
-static int compute_key(JPAKE_CTX *ctx, const BIGNUM *gx)
-{
-    BIGNUM *t1 = BN_new();
-    BIGNUM *t2 = BN_new();
-    BIGNUM *t3 = BN_new();
-
-   /*-
-    * K = (gx/g^{xb * xd * s})^{xb}
-    *   = (g^{(xc + xa + xb) * xd * s - xb * xd *s})^{xb}
-    *   = (g^{(xa + xc) * xd * s})^{xb}
-    *   = g^{(xa + xc) * xb * xd * s}
-    * [which is the same regardless of who calculates it]
-    */
-
-    /* t1 = (g^{xd})^{xb} = g^{xb * xd} */
-    BN_mod_exp(t1, ctx->p.gxd, ctx->xb, ctx->p.p, ctx->ctx);
-    /* t2 = -s = q-s */
-    BN_sub(t2, ctx->p.q, ctx->secret);
-    /* t3 = t1^t2 = g^{-xb * xd * s} */
-    BN_mod_exp(t3, t1, t2, ctx->p.p, ctx->ctx);
-    /* t1 = gx * t3 = X/g^{xb * xd * s} */
-    BN_mod_mul(t1, gx, t3, ctx->p.p, ctx->ctx);
-    /* K = t1^{xb} */
-    BN_mod_exp(ctx->key, t1, ctx->xb, ctx->p.p, ctx->ctx);
-
-    /* cleanup */
-    BN_free(t3);
-    BN_free(t2);
-    BN_free(t1);
-
-    return 1;
-}
-
-int JPAKE_STEP2_process(JPAKE_CTX *ctx, const JPAKE_STEP2 *received)
-{
-    BIGNUM *t1 = BN_new();
-    BIGNUM *t2 = BN_new();
-    int ret = 0;
-
-   /*-
-    * g' = g^{xc + xa + xb} [from our POV]
-    * t1 = xa + xb
-    */
-    BN_mod_add(t1, ctx->xa, ctx->xb, ctx->p.q, ctx->ctx);
-    /* t2 = g^{t1} = g^{xa+xb} */
-    BN_mod_exp(t2, ctx->p.g, t1, ctx->p.p, ctx->ctx);
-    /* t1 = g^{xc} * t2 = g^{xc + xa + xb} */
-    BN_mod_mul(t1, ctx->p.gxc, t2, ctx->p.p, ctx->ctx);
-
-    if (verify_zkp(received, t1, ctx))
-        ret = 1;
-    else
-        JPAKEerr(JPAKE_F_JPAKE_STEP2_PROCESS, JPAKE_R_VERIFY_B_FAILED);
-
-    compute_key(ctx, received->gx);
-
-    /* cleanup */
-    BN_free(t2);
-    BN_free(t1);
-
-    return ret;
-}
-
-static void quickhashbn(unsigned char *md, const BIGNUM *bn)
-{
-    SHA_CTX sha;
-
-    SHA1_Init(&sha);
-    hashbn(&sha, bn);
-    SHA1_Final(md, &sha);
-}
-
-void JPAKE_STEP3A_init(JPAKE_STEP3A *s3a)
-{
-}
-
-int JPAKE_STEP3A_generate(JPAKE_STEP3A *send, JPAKE_CTX *ctx)
-{
-    quickhashbn(send->hhk, ctx->key);
-    SHA1(send->hhk, sizeof send->hhk, send->hhk);
-
-    return 1;
-}
-
-int JPAKE_STEP3A_process(JPAKE_CTX *ctx, const JPAKE_STEP3A *received)
-{
-    unsigned char hhk[SHA_DIGEST_LENGTH];
-
-    quickhashbn(hhk, ctx->key);
-    SHA1(hhk, sizeof hhk, hhk);
-    if (memcmp(hhk, received->hhk, sizeof hhk)) {
-        JPAKEerr(JPAKE_F_JPAKE_STEP3A_PROCESS,
-                 JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH);
-        return 0;
-    }
-    return 1;
-}
-
-void JPAKE_STEP3A_release(JPAKE_STEP3A *s3a)
-{
-}
-
-void JPAKE_STEP3B_init(JPAKE_STEP3B *s3b)
-{
-}
-
-int JPAKE_STEP3B_generate(JPAKE_STEP3B *send, JPAKE_CTX *ctx)
-{
-    quickhashbn(send->hk, ctx->key);
-
-    return 1;
-}
-
-int JPAKE_STEP3B_process(JPAKE_CTX *ctx, const JPAKE_STEP3B *received)
-{
-    unsigned char hk[SHA_DIGEST_LENGTH];
-
-    quickhashbn(hk, ctx->key);
-    if (memcmp(hk, received->hk, sizeof hk)) {
-        JPAKEerr(JPAKE_F_JPAKE_STEP3B_PROCESS, JPAKE_R_HASH_OF_KEY_MISMATCH);
-        return 0;
-    }
-    return 1;
-}
-
-void JPAKE_STEP3B_release(JPAKE_STEP3B *s3b)
-{
-}
-
-const BIGNUM *JPAKE_get_shared_key(JPAKE_CTX *ctx)
-{
-    return ctx->key;
-}
diff --git a/thirdparty/openssl/crypto/jpake/jpake.h b/thirdparty/openssl/crypto/jpake/jpake.h
deleted file mode 100644
index 371eed679c..0000000000
--- a/thirdparty/openssl/crypto/jpake/jpake.h
+++ /dev/null
@@ -1,128 +0,0 @@
-/*
- * Implement J-PAKE, as described in
- * http://grouper.ieee.org/groups/1363/Research/contributions/hao-ryan-2008.pdf
- *
- * With hints from http://www.cl.cam.ac.uk/~fh240/software/JPAKE2.java.
- */
-
-#ifndef HEADER_JPAKE_H
-# define HEADER_JPAKE_H
-
-# include <openssl/opensslconf.h>
-
-# ifdef OPENSSL_NO_JPAKE
-#  error JPAKE is disabled.
-# endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# include <openssl/bn.h>
-# include <openssl/sha.h>
-
-typedef struct JPAKE_CTX JPAKE_CTX;
-
-/* Note that "g" in the ZKPs is not necessarily the J-PAKE g. */
-typedef struct {
-    BIGNUM *gr;                 /* g^r (r random) */
-    BIGNUM *b;                  /* b = r - x*h, h=hash(g, g^r, g^x, name) */
-} JPAKE_ZKP;
-
-typedef struct {
-    BIGNUM *gx;                 /* g^x in step 1, g^(xa + xc + xd) * xb * s
-                                 * in step 2 */
-    JPAKE_ZKP zkpx;             /* ZKP(x) or ZKP(xb * s) */
-} JPAKE_STEP_PART;
-
-typedef struct {
-    JPAKE_STEP_PART p1;         /* g^x3, ZKP(x3) or g^x1, ZKP(x1) */
-    JPAKE_STEP_PART p2;         /* g^x4, ZKP(x4) or g^x2, ZKP(x2) */
-} JPAKE_STEP1;
-
-typedef JPAKE_STEP_PART JPAKE_STEP2;
-
-typedef struct {
-    unsigned char hhk[SHA_DIGEST_LENGTH];
-} JPAKE_STEP3A;
-
-typedef struct {
-    unsigned char hk[SHA_DIGEST_LENGTH];
-} JPAKE_STEP3B;
-
-/* Parameters are copied */
-JPAKE_CTX *JPAKE_CTX_new(const char *name, const char *peer_name,
-                         const BIGNUM *p, const BIGNUM *g, const BIGNUM *q,
-                         const BIGNUM *secret);
-void JPAKE_CTX_free(JPAKE_CTX *ctx);
-
-/*
- * Note that JPAKE_STEP1 can be used multiple times before release
- * without another init.
- */
-void JPAKE_STEP1_init(JPAKE_STEP1 *s1);
-int JPAKE_STEP1_generate(JPAKE_STEP1 *send, JPAKE_CTX *ctx);
-int JPAKE_STEP1_process(JPAKE_CTX *ctx, const JPAKE_STEP1 *received);
-void JPAKE_STEP1_release(JPAKE_STEP1 *s1);
-
-/*
- * Note that JPAKE_STEP2 can be used multiple times before release
- * without another init.
- */
-void JPAKE_STEP2_init(JPAKE_STEP2 *s2);
-int JPAKE_STEP2_generate(JPAKE_STEP2 *send, JPAKE_CTX *ctx);
-int JPAKE_STEP2_process(JPAKE_CTX *ctx, const JPAKE_STEP2 *received);
-void JPAKE_STEP2_release(JPAKE_STEP2 *s2);
-
-/*
- * Optionally verify the shared key. If the shared secrets do not
- * match, the two ends will disagree about the shared key, but
- * otherwise the protocol will succeed.
- */
-void JPAKE_STEP3A_init(JPAKE_STEP3A *s3a);
-int JPAKE_STEP3A_generate(JPAKE_STEP3A *send, JPAKE_CTX *ctx);
-int JPAKE_STEP3A_process(JPAKE_CTX *ctx, const JPAKE_STEP3A *received);
-void JPAKE_STEP3A_release(JPAKE_STEP3A *s3a);
-
-void JPAKE_STEP3B_init(JPAKE_STEP3B *s3b);
-int JPAKE_STEP3B_generate(JPAKE_STEP3B *send, JPAKE_CTX *ctx);
-int JPAKE_STEP3B_process(JPAKE_CTX *ctx, const JPAKE_STEP3B *received);
-void JPAKE_STEP3B_release(JPAKE_STEP3B *s3b);
-
-/*
- * the return value belongs to the library and will be released when
- * ctx is released, and will change when a new handshake is performed.
- */
-const BIGNUM *JPAKE_get_shared_key(JPAKE_CTX *ctx);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_JPAKE_strings(void);
-
-/* Error codes for the JPAKE functions. */
-
-/* Function codes. */
-# define JPAKE_F_JPAKE_STEP1_PROCESS                      101
-# define JPAKE_F_JPAKE_STEP2_PROCESS                      102
-# define JPAKE_F_JPAKE_STEP3A_PROCESS                     103
-# define JPAKE_F_JPAKE_STEP3B_PROCESS                     104
-# define JPAKE_F_VERIFY_ZKP                               100
-
-/* Reason codes. */
-# define JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL                 108
-# define JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL                 109
-# define JPAKE_R_G_TO_THE_X4_IS_ONE                       105
-# define JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH             106
-# define JPAKE_R_HASH_OF_KEY_MISMATCH                     107
-# define JPAKE_R_VERIFY_B_FAILED                          102
-# define JPAKE_R_VERIFY_X3_FAILED                         103
-# define JPAKE_R_VERIFY_X4_FAILED                         104
-# define JPAKE_R_ZKP_VERIFY_FAILED                        100
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/crypto/jpake/jpake_err.c b/thirdparty/openssl/crypto/jpake/jpake_err.c
deleted file mode 100644
index be236d9ea8..0000000000
--- a/thirdparty/openssl/crypto/jpake/jpake_err.c
+++ /dev/null
@@ -1,108 +0,0 @@
-/* crypto/jpake/jpake_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2010 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/jpake.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_JPAKE,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_JPAKE,0,reason)
-
-static ERR_STRING_DATA JPAKE_str_functs[] = {
-    {ERR_FUNC(JPAKE_F_JPAKE_STEP1_PROCESS), "JPAKE_STEP1_process"},
-    {ERR_FUNC(JPAKE_F_JPAKE_STEP2_PROCESS), "JPAKE_STEP2_process"},
-    {ERR_FUNC(JPAKE_F_JPAKE_STEP3A_PROCESS), "JPAKE_STEP3A_process"},
-    {ERR_FUNC(JPAKE_F_JPAKE_STEP3B_PROCESS), "JPAKE_STEP3B_process"},
-    {ERR_FUNC(JPAKE_F_VERIFY_ZKP), "VERIFY_ZKP"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA JPAKE_str_reasons[] = {
-    {ERR_REASON(JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL),
-     "g to the x3 is not legal"},
-    {ERR_REASON(JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL),
-     "g to the x4 is not legal"},
-    {ERR_REASON(JPAKE_R_G_TO_THE_X4_IS_ONE), "g to the x4 is one"},
-    {ERR_REASON(JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH),
-     "hash of hash of key mismatch"},
-    {ERR_REASON(JPAKE_R_HASH_OF_KEY_MISMATCH), "hash of key mismatch"},
-    {ERR_REASON(JPAKE_R_VERIFY_B_FAILED), "verify b failed"},
-    {ERR_REASON(JPAKE_R_VERIFY_X3_FAILED), "verify x3 failed"},
-    {ERR_REASON(JPAKE_R_VERIFY_X4_FAILED), "verify x4 failed"},
-    {ERR_REASON(JPAKE_R_ZKP_VERIFY_FAILED), "zkp verify failed"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_JPAKE_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(JPAKE_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, JPAKE_str_functs);
-        ERR_load_strings(0, JPAKE_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/krb5/krb5_asn.c b/thirdparty/openssl/crypto/krb5/krb5_asn.c
deleted file mode 100644
index d9851e9737..0000000000
--- a/thirdparty/openssl/crypto/krb5/krb5_asn.c
+++ /dev/null
@@ -1,162 +0,0 @@
-/* krb5_asn.c */
-/*
- * Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project, **
- * using ocsp/{*.h,*asn*.c} as a starting point
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/krb5_asn.h>
-
-
-ASN1_SEQUENCE(KRB5_ENCDATA) = {
-        ASN1_EXP(KRB5_ENCDATA, etype,           ASN1_INTEGER,     0),
-        ASN1_EXP_OPT(KRB5_ENCDATA, kvno,        ASN1_INTEGER,     1),
-        ASN1_EXP(KRB5_ENCDATA, cipher,          ASN1_OCTET_STRING,2)
-} ASN1_SEQUENCE_END(KRB5_ENCDATA)
-
-IMPLEMENT_ASN1_FUNCTIONS(KRB5_ENCDATA)
-
-
-ASN1_SEQUENCE(KRB5_PRINCNAME) = {
-        ASN1_EXP(KRB5_PRINCNAME, nametype,      ASN1_INTEGER,     0),
-        ASN1_EXP_SEQUENCE_OF(KRB5_PRINCNAME, namestring, ASN1_GENERALSTRING, 1)
-} ASN1_SEQUENCE_END(KRB5_PRINCNAME)
-
-IMPLEMENT_ASN1_FUNCTIONS(KRB5_PRINCNAME)
-
-/* [APPLICATION 1] = 0x61 */
-ASN1_SEQUENCE(KRB5_TKTBODY) = {
-        ASN1_EXP(KRB5_TKTBODY, tktvno,          ASN1_INTEGER,     0),
-        ASN1_EXP(KRB5_TKTBODY, realm,           ASN1_GENERALSTRING, 1),
-        ASN1_EXP(KRB5_TKTBODY, sname,           KRB5_PRINCNAME,   2),
-        ASN1_EXP(KRB5_TKTBODY, encdata,         KRB5_ENCDATA,     3)
-} ASN1_SEQUENCE_END(KRB5_TKTBODY)
-
-IMPLEMENT_ASN1_FUNCTIONS(KRB5_TKTBODY)
-
-
-ASN1_ITEM_TEMPLATE(KRB5_TICKET) =
-        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_EXPTAG|ASN1_TFLG_APPLICATION, 1,
-                        KRB5_TICKET, KRB5_TKTBODY)
-ASN1_ITEM_TEMPLATE_END(KRB5_TICKET)
-
-IMPLEMENT_ASN1_FUNCTIONS(KRB5_TICKET)
-
-/* [APPLICATION 14] = 0x6e */
-ASN1_SEQUENCE(KRB5_APREQBODY) = {
-        ASN1_EXP(KRB5_APREQBODY, pvno,          ASN1_INTEGER,     0),
-        ASN1_EXP(KRB5_APREQBODY, msgtype,       ASN1_INTEGER,     1),
-        ASN1_EXP(KRB5_APREQBODY, apoptions,     ASN1_BIT_STRING,  2),
-        ASN1_EXP(KRB5_APREQBODY, ticket,        KRB5_TICKET,      3),
-        ASN1_EXP(KRB5_APREQBODY, authenticator, KRB5_ENCDATA,     4),
-} ASN1_SEQUENCE_END(KRB5_APREQBODY)
-
-IMPLEMENT_ASN1_FUNCTIONS(KRB5_APREQBODY)
-
-ASN1_ITEM_TEMPLATE(KRB5_APREQ) =
-        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_EXPTAG|ASN1_TFLG_APPLICATION, 14,
-                        KRB5_APREQ, KRB5_APREQBODY)
-ASN1_ITEM_TEMPLATE_END(KRB5_APREQ)
-
-IMPLEMENT_ASN1_FUNCTIONS(KRB5_APREQ)
-
-/*  Authenticator stuff         */
-
-ASN1_SEQUENCE(KRB5_CHECKSUM) = {
-        ASN1_EXP(KRB5_CHECKSUM, ctype,          ASN1_INTEGER,     0),
-        ASN1_EXP(KRB5_CHECKSUM, checksum,       ASN1_OCTET_STRING,1)
-} ASN1_SEQUENCE_END(KRB5_CHECKSUM)
-
-IMPLEMENT_ASN1_FUNCTIONS(KRB5_CHECKSUM)
-
-
-ASN1_SEQUENCE(KRB5_ENCKEY) = {
-        ASN1_EXP(KRB5_ENCKEY,   ktype,          ASN1_INTEGER,     0),
-        ASN1_EXP(KRB5_ENCKEY,   keyvalue,       ASN1_OCTET_STRING,1)
-} ASN1_SEQUENCE_END(KRB5_ENCKEY)
-
-IMPLEMENT_ASN1_FUNCTIONS(KRB5_ENCKEY)
-
-/* SEQ OF SEQ; see ASN1_EXP_SEQUENCE_OF_OPT() below */
-ASN1_SEQUENCE(KRB5_AUTHDATA) = {
-        ASN1_EXP(KRB5_AUTHDATA, adtype,         ASN1_INTEGER,     0),
-        ASN1_EXP(KRB5_AUTHDATA, addata,         ASN1_OCTET_STRING,1)
-} ASN1_SEQUENCE_END(KRB5_AUTHDATA)
-
-IMPLEMENT_ASN1_FUNCTIONS(KRB5_AUTHDATA)
-
-/* [APPLICATION 2] = 0x62 */
-ASN1_SEQUENCE(KRB5_AUTHENTBODY) = {
-        ASN1_EXP(KRB5_AUTHENTBODY,      avno,   ASN1_INTEGER,     0),
-        ASN1_EXP(KRB5_AUTHENTBODY,      crealm, ASN1_GENERALSTRING, 1),
-        ASN1_EXP(KRB5_AUTHENTBODY,      cname,  KRB5_PRINCNAME,   2),
-        ASN1_EXP_OPT(KRB5_AUTHENTBODY,  cksum,  KRB5_CHECKSUM,    3),
-        ASN1_EXP(KRB5_AUTHENTBODY,      cusec,  ASN1_INTEGER,     4),
-        ASN1_EXP(KRB5_AUTHENTBODY,      ctime,  ASN1_GENERALIZEDTIME, 5),
-        ASN1_EXP_OPT(KRB5_AUTHENTBODY,  subkey, KRB5_ENCKEY,      6),
-        ASN1_EXP_OPT(KRB5_AUTHENTBODY,  seqnum, ASN1_INTEGER,     7),
-        ASN1_EXP_SEQUENCE_OF_OPT
-                    (KRB5_AUTHENTBODY,  authorization,  KRB5_AUTHDATA, 8),
-} ASN1_SEQUENCE_END(KRB5_AUTHENTBODY)
-
-IMPLEMENT_ASN1_FUNCTIONS(KRB5_AUTHENTBODY)
-
-ASN1_ITEM_TEMPLATE(KRB5_AUTHENT) =
-        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_EXPTAG|ASN1_TFLG_APPLICATION, 2,
-                        KRB5_AUTHENT, KRB5_AUTHENTBODY)
-ASN1_ITEM_TEMPLATE_END(KRB5_AUTHENT)
-
-IMPLEMENT_ASN1_FUNCTIONS(KRB5_AUTHENT)
diff --git a/thirdparty/openssl/crypto/lhash/lh_stats.c b/thirdparty/openssl/crypto/lhash/lh_stats.c
deleted file mode 100644
index 0bfec2322e..0000000000
--- a/thirdparty/openssl/crypto/lhash/lh_stats.c
+++ /dev/null
@@ -1,246 +0,0 @@
-/* crypto/lhash/lh_stats.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-/*
- * If you wish to build this outside of SSLeay, remove the following lines
- * and things should work as expected
- */
-#include "cryptlib.h"
-
-#ifndef OPENSSL_NO_BIO
-# include <openssl/bio.h>
-#endif
-#include <openssl/lhash.h>
-
-#ifdef OPENSSL_NO_BIO
-
-void lh_stats(LHASH *lh, FILE *out)
-{
-    fprintf(out, "num_items             = %lu\n", lh->num_items);
-    fprintf(out, "num_nodes             = %u\n", lh->num_nodes);
-    fprintf(out, "num_alloc_nodes       = %u\n", lh->num_alloc_nodes);
-    fprintf(out, "num_expands           = %lu\n", lh->num_expands);
-    fprintf(out, "num_expand_reallocs   = %lu\n", lh->num_expand_reallocs);
-    fprintf(out, "num_contracts         = %lu\n", lh->num_contracts);
-    fprintf(out, "num_contract_reallocs = %lu\n", lh->num_contract_reallocs);
-    fprintf(out, "num_hash_calls        = %lu\n", lh->num_hash_calls);
-    fprintf(out, "num_comp_calls        = %lu\n", lh->num_comp_calls);
-    fprintf(out, "num_insert            = %lu\n", lh->num_insert);
-    fprintf(out, "num_replace           = %lu\n", lh->num_replace);
-    fprintf(out, "num_delete            = %lu\n", lh->num_delete);
-    fprintf(out, "num_no_delete         = %lu\n", lh->num_no_delete);
-    fprintf(out, "num_retrieve          = %lu\n", lh->num_retrieve);
-    fprintf(out, "num_retrieve_miss     = %lu\n", lh->num_retrieve_miss);
-    fprintf(out, "num_hash_comps        = %lu\n", lh->num_hash_comps);
-# if 0
-    fprintf(out, "p                     = %u\n", lh->p);
-    fprintf(out, "pmax                  = %u\n", lh->pmax);
-    fprintf(out, "up_load               = %lu\n", lh->up_load);
-    fprintf(out, "down_load             = %lu\n", lh->down_load);
-# endif
-}
-
-void lh_node_stats(LHASH *lh, FILE *out)
-{
-    LHASH_NODE *n;
-    unsigned int i, num;
-
-    for (i = 0; i < lh->num_nodes; i++) {
-        for (n = lh->b[i], num = 0; n != NULL; n = n->next)
-            num++;
-        fprintf(out, "node %6u -> %3u\n", i, num);
-    }
-}
-
-void lh_node_usage_stats(LHASH *lh, FILE *out)
-{
-    LHASH_NODE *n;
-    unsigned long num;
-    unsigned int i;
-    unsigned long total = 0, n_used = 0;
-
-    for (i = 0; i < lh->num_nodes; i++) {
-        for (n = lh->b[i], num = 0; n != NULL; n = n->next)
-            num++;
-        if (num != 0) {
-            n_used++;
-            total += num;
-        }
-    }
-    fprintf(out, "%lu nodes used out of %u\n", n_used, lh->num_nodes);
-    fprintf(out, "%lu items\n", total);
-    if (n_used == 0)
-        return;
-    fprintf(out, "load %d.%02d  actual load %d.%02d\n",
-            (int)(total / lh->num_nodes),
-            (int)((total % lh->num_nodes) * 100 / lh->num_nodes),
-            (int)(total / n_used), (int)((total % n_used) * 100 / n_used));
-}
-
-#else
-
-# ifndef OPENSSL_NO_FP_API
-void lh_stats(const _LHASH *lh, FILE *fp)
-{
-    BIO *bp;
-
-    bp = BIO_new(BIO_s_file());
-    if (bp == NULL)
-        goto end;
-    BIO_set_fp(bp, fp, BIO_NOCLOSE);
-    lh_stats_bio(lh, bp);
-    BIO_free(bp);
- end:;
-}
-
-void lh_node_stats(const _LHASH *lh, FILE *fp)
-{
-    BIO *bp;
-
-    bp = BIO_new(BIO_s_file());
-    if (bp == NULL)
-        goto end;
-    BIO_set_fp(bp, fp, BIO_NOCLOSE);
-    lh_node_stats_bio(lh, bp);
-    BIO_free(bp);
- end:;
-}
-
-void lh_node_usage_stats(const _LHASH *lh, FILE *fp)
-{
-    BIO *bp;
-
-    bp = BIO_new(BIO_s_file());
-    if (bp == NULL)
-        goto end;
-    BIO_set_fp(bp, fp, BIO_NOCLOSE);
-    lh_node_usage_stats_bio(lh, bp);
-    BIO_free(bp);
- end:;
-}
-
-# endif
-
-void lh_stats_bio(const _LHASH *lh, BIO *out)
-{
-    BIO_printf(out, "num_items             = %lu\n", lh->num_items);
-    BIO_printf(out, "num_nodes             = %u\n", lh->num_nodes);
-    BIO_printf(out, "num_alloc_nodes       = %u\n", lh->num_alloc_nodes);
-    BIO_printf(out, "num_expands           = %lu\n", lh->num_expands);
-    BIO_printf(out, "num_expand_reallocs   = %lu\n", lh->num_expand_reallocs);
-    BIO_printf(out, "num_contracts         = %lu\n", lh->num_contracts);
-    BIO_printf(out, "num_contract_reallocs = %lu\n",
-               lh->num_contract_reallocs);
-    BIO_printf(out, "num_hash_calls        = %lu\n", lh->num_hash_calls);
-    BIO_printf(out, "num_comp_calls        = %lu\n", lh->num_comp_calls);
-    BIO_printf(out, "num_insert            = %lu\n", lh->num_insert);
-    BIO_printf(out, "num_replace           = %lu\n", lh->num_replace);
-    BIO_printf(out, "num_delete            = %lu\n", lh->num_delete);
-    BIO_printf(out, "num_no_delete         = %lu\n", lh->num_no_delete);
-    BIO_printf(out, "num_retrieve          = %lu\n", lh->num_retrieve);
-    BIO_printf(out, "num_retrieve_miss     = %lu\n", lh->num_retrieve_miss);
-    BIO_printf(out, "num_hash_comps        = %lu\n", lh->num_hash_comps);
-# if 0
-    BIO_printf(out, "p                     = %u\n", lh->p);
-    BIO_printf(out, "pmax                  = %u\n", lh->pmax);
-    BIO_printf(out, "up_load               = %lu\n", lh->up_load);
-    BIO_printf(out, "down_load             = %lu\n", lh->down_load);
-# endif
-}
-
-void lh_node_stats_bio(const _LHASH *lh, BIO *out)
-{
-    LHASH_NODE *n;
-    unsigned int i, num;
-
-    for (i = 0; i < lh->num_nodes; i++) {
-        for (n = lh->b[i], num = 0; n != NULL; n = n->next)
-            num++;
-        BIO_printf(out, "node %6u -> %3u\n", i, num);
-    }
-}
-
-void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out)
-{
-    LHASH_NODE *n;
-    unsigned long num;
-    unsigned int i;
-    unsigned long total = 0, n_used = 0;
-
-    for (i = 0; i < lh->num_nodes; i++) {
-        for (n = lh->b[i], num = 0; n != NULL; n = n->next)
-            num++;
-        if (num != 0) {
-            n_used++;
-            total += num;
-        }
-    }
-    BIO_printf(out, "%lu nodes used out of %u\n", n_used, lh->num_nodes);
-    BIO_printf(out, "%lu items\n", total);
-    if (n_used == 0)
-        return;
-    BIO_printf(out, "load %d.%02d  actual load %d.%02d\n",
-               (int)(total / lh->num_nodes),
-               (int)((total % lh->num_nodes) * 100 / lh->num_nodes),
-               (int)(total / n_used), (int)((total % n_used) * 100 / n_used));
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/lhash/lhash.c b/thirdparty/openssl/crypto/lhash/lhash.c
deleted file mode 100644
index f20353aea3..0000000000
--- a/thirdparty/openssl/crypto/lhash/lhash.c
+++ /dev/null
@@ -1,458 +0,0 @@
-/* crypto/lhash/lhash.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*-
- * Code for dynamic hash table routines
- * Author - Eric Young v 2.0
- *
- * 2.2 eay - added #include "crypto.h" so the memory leak checking code is
- *           present. eay 18-Jun-98
- *
- * 2.1 eay - Added an 'error in last operation' flag. eay 6-May-98
- *
- * 2.0 eay - Fixed a bug that occurred when using lh_delete
- *           from inside lh_doall().  As entries were deleted,
- *           the 'table' was 'contract()ed', making some entries
- *           jump from the end of the table to the start, there by
- *           skipping the lh_doall() processing. eay - 4/12/95
- *
- * 1.9 eay - Fixed a memory leak in lh_free, the LHASH_NODEs
- *           were not being free()ed. 21/11/95
- *
- * 1.8 eay - Put the stats routines into a separate file, lh_stats.c
- *           19/09/95
- *
- * 1.7 eay - Removed the fputs() for realloc failures - the code
- *           should silently tolerate them.  I have also fixed things
- *           lint complained about 04/05/95
- *
- * 1.6 eay - Fixed an invalid pointers in contract/expand 27/07/92
- *
- * 1.5 eay - Fixed a misuse of realloc in expand 02/03/1992
- *
- * 1.4 eay - Fixed lh_doall so the function can call lh_delete 28/05/91
- *
- * 1.3 eay - Fixed a few lint problems 19/3/1991
- *
- * 1.2 eay - Fixed lh_doall problem 13/3/1991
- *
- * 1.1 eay - Added lh_doall
- *
- * 1.0 eay - First version
- */
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <openssl/crypto.h>
-#include <openssl/lhash.h>
-
-const char lh_version[] = "lhash" OPENSSL_VERSION_PTEXT;
-
-#undef MIN_NODES
-#define MIN_NODES       16
-#define UP_LOAD         (2*LH_LOAD_MULT) /* load times 256 (default 2) */
-#define DOWN_LOAD       (LH_LOAD_MULT) /* load times 256 (default 1) */
-
-static void expand(_LHASH *lh);
-static void contract(_LHASH *lh);
-static LHASH_NODE **getrn(_LHASH *lh, const void *data, unsigned long *rhash);
-
-_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c)
-{
-    _LHASH *ret;
-    int i;
-
-    if ((ret = OPENSSL_malloc(sizeof(_LHASH))) == NULL)
-        goto err0;
-    if ((ret->b = OPENSSL_malloc(sizeof(LHASH_NODE *) * MIN_NODES)) == NULL)
-        goto err1;
-    for (i = 0; i < MIN_NODES; i++)
-        ret->b[i] = NULL;
-    ret->comp = ((c == NULL) ? (LHASH_COMP_FN_TYPE)strcmp : c);
-    ret->hash = ((h == NULL) ? (LHASH_HASH_FN_TYPE)lh_strhash : h);
-    ret->num_nodes = MIN_NODES / 2;
-    ret->num_alloc_nodes = MIN_NODES;
-    ret->p = 0;
-    ret->pmax = MIN_NODES / 2;
-    ret->up_load = UP_LOAD;
-    ret->down_load = DOWN_LOAD;
-    ret->num_items = 0;
-
-    ret->num_expands = 0;
-    ret->num_expand_reallocs = 0;
-    ret->num_contracts = 0;
-    ret->num_contract_reallocs = 0;
-    ret->num_hash_calls = 0;
-    ret->num_comp_calls = 0;
-    ret->num_insert = 0;
-    ret->num_replace = 0;
-    ret->num_delete = 0;
-    ret->num_no_delete = 0;
-    ret->num_retrieve = 0;
-    ret->num_retrieve_miss = 0;
-    ret->num_hash_comps = 0;
-
-    ret->error = 0;
-    return (ret);
- err1:
-    OPENSSL_free(ret);
- err0:
-    return (NULL);
-}
-
-void lh_free(_LHASH *lh)
-{
-    unsigned int i;
-    LHASH_NODE *n, *nn;
-
-    if (lh == NULL)
-        return;
-
-    for (i = 0; i < lh->num_nodes; i++) {
-        n = lh->b[i];
-        while (n != NULL) {
-            nn = n->next;
-            OPENSSL_free(n);
-            n = nn;
-        }
-    }
-    OPENSSL_free(lh->b);
-    OPENSSL_free(lh);
-}
-
-void *lh_insert(_LHASH *lh, void *data)
-{
-    unsigned long hash;
-    LHASH_NODE *nn, **rn;
-    void *ret;
-
-    lh->error = 0;
-    if (lh->up_load <= (lh->num_items * LH_LOAD_MULT / lh->num_nodes))
-        expand(lh);
-
-    rn = getrn(lh, data, &hash);
-
-    if (*rn == NULL) {
-        if ((nn = (LHASH_NODE *)OPENSSL_malloc(sizeof(LHASH_NODE))) == NULL) {
-            lh->error++;
-            return (NULL);
-        }
-        nn->data = data;
-        nn->next = NULL;
-#ifndef OPENSSL_NO_HASH_COMP
-        nn->hash = hash;
-#endif
-        *rn = nn;
-        ret = NULL;
-        lh->num_insert++;
-        lh->num_items++;
-    } else {                    /* replace same key */
-
-        ret = (*rn)->data;
-        (*rn)->data = data;
-        lh->num_replace++;
-    }
-    return (ret);
-}
-
-void *lh_delete(_LHASH *lh, const void *data)
-{
-    unsigned long hash;
-    LHASH_NODE *nn, **rn;
-    void *ret;
-
-    lh->error = 0;
-    rn = getrn(lh, data, &hash);
-
-    if (*rn == NULL) {
-        lh->num_no_delete++;
-        return (NULL);
-    } else {
-        nn = *rn;
-        *rn = nn->next;
-        ret = nn->data;
-        OPENSSL_free(nn);
-        lh->num_delete++;
-    }
-
-    lh->num_items--;
-    if ((lh->num_nodes > MIN_NODES) &&
-        (lh->down_load >= (lh->num_items * LH_LOAD_MULT / lh->num_nodes)))
-        contract(lh);
-
-    return (ret);
-}
-
-void *lh_retrieve(_LHASH *lh, const void *data)
-{
-    unsigned long hash;
-    LHASH_NODE **rn;
-    void *ret;
-
-    lh->error = 0;
-    rn = getrn(lh, data, &hash);
-
-    if (*rn == NULL) {
-        lh->num_retrieve_miss++;
-        return (NULL);
-    } else {
-        ret = (*rn)->data;
-        lh->num_retrieve++;
-    }
-    return (ret);
-}
-
-static void doall_util_fn(_LHASH *lh, int use_arg, LHASH_DOALL_FN_TYPE func,
-                          LHASH_DOALL_ARG_FN_TYPE func_arg, void *arg)
-{
-    int i;
-    LHASH_NODE *a, *n;
-
-    if (lh == NULL)
-        return;
-
-    /*
-     * reverse the order so we search from 'top to bottom' We were having
-     * memory leaks otherwise
-     */
-    for (i = lh->num_nodes - 1; i >= 0; i--) {
-        a = lh->b[i];
-        while (a != NULL) {
-            /*
-             * 28/05/91 - eay - n added so items can be deleted via lh_doall
-             */
-            /*
-             * 22/05/08 - ben - eh? since a is not passed, this should not be
-             * needed
-             */
-            n = a->next;
-            if (use_arg)
-                func_arg(a->data, arg);
-            else
-                func(a->data);
-            a = n;
-        }
-    }
-}
-
-void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func)
-{
-    doall_util_fn(lh, 0, func, (LHASH_DOALL_ARG_FN_TYPE)0, NULL);
-}
-
-void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg)
-{
-    doall_util_fn(lh, 1, (LHASH_DOALL_FN_TYPE)0, func, arg);
-}
-
-static void expand(_LHASH *lh)
-{
-    LHASH_NODE **n, **n1, **n2, *np;
-    unsigned int p, i, j;
-    unsigned long hash, nni;
-
-    lh->num_nodes++;
-    lh->num_expands++;
-    p = (int)lh->p++;
-    n1 = &(lh->b[p]);
-    n2 = &(lh->b[p + (int)lh->pmax]);
-    *n2 = NULL;                 /* 27/07/92 - eay - undefined pointer bug */
-    nni = lh->num_alloc_nodes;
-
-    for (np = *n1; np != NULL;) {
-#ifndef OPENSSL_NO_HASH_COMP
-        hash = np->hash;
-#else
-        hash = lh->hash(np->data);
-        lh->num_hash_calls++;
-#endif
-        if ((hash % nni) != p) { /* move it */
-            *n1 = (*n1)->next;
-            np->next = *n2;
-            *n2 = np;
-        } else
-            n1 = &((*n1)->next);
-        np = *n1;
-    }
-
-    if ((lh->p) >= lh->pmax) {
-        j = (int)lh->num_alloc_nodes * 2;
-        n = (LHASH_NODE **)OPENSSL_realloc(lh->b,
-                                           (int)(sizeof(LHASH_NODE *) * j));
-        if (n == NULL) {
-            lh->error++;
-            lh->num_nodes--;
-            lh->p = 0;
-            return;
-        }
-        /* else */
-        for (i = (int)lh->num_alloc_nodes; i < j; i++) /* 26/02/92 eay */
-            n[i] = NULL;        /* 02/03/92 eay */
-        lh->pmax = lh->num_alloc_nodes;
-        lh->num_alloc_nodes = j;
-        lh->num_expand_reallocs++;
-        lh->p = 0;
-        lh->b = n;
-    }
-}
-
-static void contract(_LHASH *lh)
-{
-    LHASH_NODE **n, *n1, *np;
-
-    np = lh->b[lh->p + lh->pmax - 1];
-    lh->b[lh->p + lh->pmax - 1] = NULL; /* 24/07-92 - eay - weird but :-( */
-    if (lh->p == 0) {
-        n = (LHASH_NODE **)OPENSSL_realloc(lh->b,
-                                           (unsigned int)(sizeof(LHASH_NODE *)
-                                                          * lh->pmax));
-        if (n == NULL) {
-/*                      fputs("realloc error in lhash",stderr); */
-            lh->error++;
-            return;
-        }
-        lh->num_contract_reallocs++;
-        lh->num_alloc_nodes /= 2;
-        lh->pmax /= 2;
-        lh->p = lh->pmax - 1;
-        lh->b = n;
-    } else
-        lh->p--;
-
-    lh->num_nodes--;
-    lh->num_contracts++;
-
-    n1 = lh->b[(int)lh->p];
-    if (n1 == NULL)
-        lh->b[(int)lh->p] = np;
-    else {
-        while (n1->next != NULL)
-            n1 = n1->next;
-        n1->next = np;
-    }
-}
-
-static LHASH_NODE **getrn(_LHASH *lh, const void *data, unsigned long *rhash)
-{
-    LHASH_NODE **ret, *n1;
-    unsigned long hash, nn;
-    LHASH_COMP_FN_TYPE cf;
-
-    hash = (*(lh->hash)) (data);
-    lh->num_hash_calls++;
-    *rhash = hash;
-
-    nn = hash % lh->pmax;
-    if (nn < lh->p)
-        nn = hash % lh->num_alloc_nodes;
-
-    cf = lh->comp;
-    ret = &(lh->b[(int)nn]);
-    for (n1 = *ret; n1 != NULL; n1 = n1->next) {
-#ifndef OPENSSL_NO_HASH_COMP
-        lh->num_hash_comps++;
-        if (n1->hash != hash) {
-            ret = &(n1->next);
-            continue;
-        }
-#endif
-        lh->num_comp_calls++;
-        if (cf(n1->data, data) == 0)
-            break;
-        ret = &(n1->next);
-    }
-    return (ret);
-}
-
-/*
- * The following hash seems to work very well on normal text strings no
- * collisions on /usr/dict/words and it distributes on %2^n quite well, not
- * as good as MD5, but still good.
- */
-unsigned long lh_strhash(const char *c)
-{
-    unsigned long ret = 0;
-    long n;
-    unsigned long v;
-    int r;
-
-    if ((c == NULL) || (*c == '\0'))
-        return (ret);
-/*-
-    unsigned char b[16];
-    MD5(c,strlen(c),b);
-    return(b[0]|(b[1]<<8)|(b[2]<<16)|(b[3]<<24));
-*/
-
-    n = 0x100;
-    while (*c) {
-        v = n | (*c);
-        n += 0x100;
-        r = (int)((v >> 2) ^ v) & 0x0f;
-        ret = (ret << r) | (ret >> (32 - r));
-        ret &= 0xFFFFFFFFL;
-        ret ^= v * v;
-        c++;
-    }
-    return ((ret >> 16) ^ ret);
-}
-
-unsigned long lh_num_items(const _LHASH *lh)
-{
-    return lh ? lh->num_items : 0;
-}
diff --git a/thirdparty/openssl/crypto/md2/md2.c b/thirdparty/openssl/crypto/md2/md2.c
deleted file mode 100644
index 584e34a648..0000000000
--- a/thirdparty/openssl/crypto/md2/md2.c
+++ /dev/null
@@ -1,119 +0,0 @@
-/* crypto/md2/md2.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/md2.h>
-
-#define BUFSIZE 1024*16
-
-void do_fp(FILE *f);
-void pt(unsigned char *md);
-int read(int, void *, unsigned int);
-void exit(int);
-int main(int argc, char *argv[])
-{
-    int i, err = 0;
-    FILE *IN;
-
-    if (argc == 1) {
-        do_fp(stdin);
-    } else {
-        for (i = 1; i < argc; i++) {
-            IN = fopen(argv[i], "r");
-            if (IN == NULL) {
-                perror(argv[i]);
-                err++;
-                continue;
-            }
-            printf("MD2(%s)= ", argv[i]);
-            do_fp(IN);
-            fclose(IN);
-        }
-    }
-    exit(err);
-    return (err);
-}
-
-void do_fp(FILE *f)
-{
-    MD2_CTX c;
-    unsigned char md[MD2_DIGEST_LENGTH];
-    int fd, i;
-    static unsigned char buf[BUFSIZE];
-
-    fd = fileno(f);
-    MD2_Init(&c);
-    for (;;) {
-        i = read(fd, buf, BUFSIZE);
-        if (i <= 0)
-            break;
-        MD2_Update(&c, buf, (unsigned long)i);
-    }
-    MD2_Final(&(md[0]), &c);
-    pt(md);
-}
-
-void pt(unsigned char *md)
-{
-    int i;
-
-    for (i = 0; i < MD2_DIGEST_LENGTH; i++)
-        printf("%02x", md[i]);
-    printf("\n");
-}
diff --git a/thirdparty/openssl/crypto/md2/md2.h b/thirdparty/openssl/crypto/md2/md2.h
deleted file mode 100644
index b568d3f987..0000000000
--- a/thirdparty/openssl/crypto/md2/md2.h
+++ /dev/null
@@ -1,94 +0,0 @@
-/* crypto/md/md2.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_MD2_H
-# define HEADER_MD2_H
-
-# include <openssl/opensslconf.h>/* OPENSSL_NO_MD2, MD2_INT */
-# ifdef OPENSSL_NO_MD2
-#  error MD2 is disabled.
-# endif
-# include <stddef.h>
-
-# define MD2_DIGEST_LENGTH       16
-# define MD2_BLOCK               16
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct MD2state_st {
-    unsigned int num;
-    unsigned char data[MD2_BLOCK];
-    MD2_INT cksm[MD2_BLOCK];
-    MD2_INT state[MD2_BLOCK];
-} MD2_CTX;
-
-const char *MD2_options(void);
-# ifdef OPENSSL_FIPS
-int private_MD2_Init(MD2_CTX *c);
-# endif
-int MD2_Init(MD2_CTX *c);
-int MD2_Update(MD2_CTX *c, const unsigned char *data, size_t len);
-int MD2_Final(unsigned char *md, MD2_CTX *c);
-unsigned char *MD2(const unsigned char *d, size_t n, unsigned char *md);
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/crypto/md2/md2_dgst.c b/thirdparty/openssl/crypto/md2/md2_dgst.c
deleted file mode 100644
index 7f5d9ba69b..0000000000
--- a/thirdparty/openssl/crypto/md2/md2_dgst.c
+++ /dev/null
@@ -1,224 +0,0 @@
-/* crypto/md2/md2_dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/md2.h>
-#include <openssl/opensslv.h>
-#include <openssl/crypto.h>
-
-const char MD2_version[] = "MD2" OPENSSL_VERSION_PTEXT;
-
-/*
- * Implemented from RFC1319 The MD2 Message-Digest Algorithm
- */
-
-#define UCHAR   unsigned char
-
-static void md2_block(MD2_CTX *c, const unsigned char *d);
-/*
- * The magic S table - I have converted it to hex since it is basically just
- * a random byte string.
- */
-static const MD2_INT S[256] = {
-    0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01,
-    0x3D, 0x36, 0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13,
-    0x62, 0xA7, 0x05, 0xF3, 0xC0, 0xC7, 0x73, 0x8C,
-    0x98, 0x93, 0x2B, 0xD9, 0xBC, 0x4C, 0x82, 0xCA,
-    0x1E, 0x9B, 0x57, 0x3C, 0xFD, 0xD4, 0xE0, 0x16,
-    0x67, 0x42, 0x6F, 0x18, 0x8A, 0x17, 0xE5, 0x12,
-    0xBE, 0x4E, 0xC4, 0xD6, 0xDA, 0x9E, 0xDE, 0x49,
-    0xA0, 0xFB, 0xF5, 0x8E, 0xBB, 0x2F, 0xEE, 0x7A,
-    0xA9, 0x68, 0x79, 0x91, 0x15, 0xB2, 0x07, 0x3F,
-    0x94, 0xC2, 0x10, 0x89, 0x0B, 0x22, 0x5F, 0x21,
-    0x80, 0x7F, 0x5D, 0x9A, 0x5A, 0x90, 0x32, 0x27,
-    0x35, 0x3E, 0xCC, 0xE7, 0xBF, 0xF7, 0x97, 0x03,
-    0xFF, 0x19, 0x30, 0xB3, 0x48, 0xA5, 0xB5, 0xD1,
-    0xD7, 0x5E, 0x92, 0x2A, 0xAC, 0x56, 0xAA, 0xC6,
-    0x4F, 0xB8, 0x38, 0xD2, 0x96, 0xA4, 0x7D, 0xB6,
-    0x76, 0xFC, 0x6B, 0xE2, 0x9C, 0x74, 0x04, 0xF1,
-    0x45, 0x9D, 0x70, 0x59, 0x64, 0x71, 0x87, 0x20,
-    0x86, 0x5B, 0xCF, 0x65, 0xE6, 0x2D, 0xA8, 0x02,
-    0x1B, 0x60, 0x25, 0xAD, 0xAE, 0xB0, 0xB9, 0xF6,
-    0x1C, 0x46, 0x61, 0x69, 0x34, 0x40, 0x7E, 0x0F,
-    0x55, 0x47, 0xA3, 0x23, 0xDD, 0x51, 0xAF, 0x3A,
-    0xC3, 0x5C, 0xF9, 0xCE, 0xBA, 0xC5, 0xEA, 0x26,
-    0x2C, 0x53, 0x0D, 0x6E, 0x85, 0x28, 0x84, 0x09,
-    0xD3, 0xDF, 0xCD, 0xF4, 0x41, 0x81, 0x4D, 0x52,
-    0x6A, 0xDC, 0x37, 0xC8, 0x6C, 0xC1, 0xAB, 0xFA,
-    0x24, 0xE1, 0x7B, 0x08, 0x0C, 0xBD, 0xB1, 0x4A,
-    0x78, 0x88, 0x95, 0x8B, 0xE3, 0x63, 0xE8, 0x6D,
-    0xE9, 0xCB, 0xD5, 0xFE, 0x3B, 0x00, 0x1D, 0x39,
-    0xF2, 0xEF, 0xB7, 0x0E, 0x66, 0x58, 0xD0, 0xE4,
-    0xA6, 0x77, 0x72, 0xF8, 0xEB, 0x75, 0x4B, 0x0A,
-    0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A,
-    0xDB, 0x99, 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14,
-};
-
-const char *MD2_options(void)
-{
-    if (sizeof(MD2_INT) == 1)
-        return ("md2(char)");
-    else
-        return ("md2(int)");
-}
-
-fips_md_init(MD2)
-{
-    c->num = 0;
-    memset(c->state, 0, sizeof c->state);
-    memset(c->cksm, 0, sizeof c->cksm);
-    memset(c->data, 0, sizeof c->data);
-    return 1;
-}
-
-int MD2_Update(MD2_CTX *c, const unsigned char *data, size_t len)
-{
-    register UCHAR *p;
-
-    if (len == 0)
-        return 1;
-
-    p = c->data;
-    if (c->num != 0) {
-        if ((c->num + len) >= MD2_BLOCK) {
-            memcpy(&(p[c->num]), data, MD2_BLOCK - c->num);
-            md2_block(c, c->data);
-            data += (MD2_BLOCK - c->num);
-            len -= (MD2_BLOCK - c->num);
-            c->num = 0;
-            /* drop through and do the rest */
-        } else {
-            memcpy(&(p[c->num]), data, len);
-            /* data+=len; */
-            c->num += (int)len;
-            return 1;
-        }
-    }
-    /*
-     * we now can process the input data in blocks of MD2_BLOCK chars and
-     * save the leftovers to c->data.
-     */
-    while (len >= MD2_BLOCK) {
-        md2_block(c, data);
-        data += MD2_BLOCK;
-        len -= MD2_BLOCK;
-    }
-    memcpy(p, data, len);
-    c->num = (int)len;
-    return 1;
-}
-
-static void md2_block(MD2_CTX *c, const unsigned char *d)
-{
-    register MD2_INT t, *sp1, *sp2;
-    register int i, j;
-    MD2_INT state[48];
-
-    sp1 = c->state;
-    sp2 = c->cksm;
-    j = sp2[MD2_BLOCK - 1];
-    for (i = 0; i < 16; i++) {
-        state[i] = sp1[i];
-        state[i + 16] = t = d[i];
-        state[i + 32] = (t ^ sp1[i]);
-        j = sp2[i] ^= S[t ^ j];
-    }
-    t = 0;
-    for (i = 0; i < 18; i++) {
-        for (j = 0; j < 48; j += 8) {
-            t = state[j + 0] ^= S[t];
-            t = state[j + 1] ^= S[t];
-            t = state[j + 2] ^= S[t];
-            t = state[j + 3] ^= S[t];
-            t = state[j + 4] ^= S[t];
-            t = state[j + 5] ^= S[t];
-            t = state[j + 6] ^= S[t];
-            t = state[j + 7] ^= S[t];
-        }
-        t = (t + i) & 0xff;
-    }
-    memcpy(sp1, state, 16 * sizeof(MD2_INT));
-    OPENSSL_cleanse(state, 48 * sizeof(MD2_INT));
-}
-
-int MD2_Final(unsigned char *md, MD2_CTX *c)
-{
-    int i, v;
-    register UCHAR *cp;
-    register MD2_INT *p1, *p2;
-
-    cp = c->data;
-    p1 = c->state;
-    p2 = c->cksm;
-    v = MD2_BLOCK - c->num;
-    for (i = c->num; i < MD2_BLOCK; i++)
-        cp[i] = (UCHAR) v;
-
-    md2_block(c, cp);
-
-    for (i = 0; i < MD2_BLOCK; i++)
-        cp[i] = (UCHAR) p2[i];
-    md2_block(c, cp);
-
-    for (i = 0; i < 16; i++)
-        md[i] = (UCHAR) (p1[i] & 0xff);
-    OPENSSL_cleanse(c, sizeof(*c));
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/md2/md2_one.c b/thirdparty/openssl/crypto/md2/md2_one.c
deleted file mode 100644
index cd2631b261..0000000000
--- a/thirdparty/openssl/crypto/md2/md2_one.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/* crypto/md2/md2_one.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/md2.h>
-
-/*
- * This is a separate file so that #defines in cryptlib.h can map my MD
- * functions to different names
- */
-
-unsigned char *MD2(const unsigned char *d, size_t n, unsigned char *md)
-{
-    MD2_CTX c;
-    static unsigned char m[MD2_DIGEST_LENGTH];
-
-    if (md == NULL)
-        md = m;
-    if (!MD2_Init(&c))
-        return NULL;
-#ifndef CHARSET_EBCDIC
-    MD2_Update(&c, d, n);
-#else
-    {
-        char temp[1024];
-        unsigned long chunk;
-
-        while (n > 0) {
-            chunk = (n > sizeof(temp)) ? sizeof(temp) : n;
-            ebcdic2ascii(temp, d, chunk);
-            MD2_Update(&c, temp, chunk);
-            n -= chunk;
-            d += chunk;
-        }
-    }
-#endif
-    MD2_Final(md, &c);
-    OPENSSL_cleanse(&c, sizeof(c)); /* Security consideration */
-    return (md);
-}
diff --git a/thirdparty/openssl/crypto/md32_common.h b/thirdparty/openssl/crypto/md32_common.h
deleted file mode 100644
index b5a04bf133..0000000000
--- a/thirdparty/openssl/crypto/md32_common.h
+++ /dev/null
@@ -1,436 +0,0 @@
-/* crypto/md32_common.h */
-/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-/*-
- * This is a generic 32 bit "collector" for message digest algorithms.
- * Whenever needed it collects input character stream into chunks of
- * 32 bit values and invokes a block function that performs actual hash
- * calculations.
- *
- * Porting guide.
- *
- * Obligatory macros:
- *
- * DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN
- *      this macro defines byte order of input stream.
- * HASH_CBLOCK
- *      size of a unit chunk HASH_BLOCK operates on.
- * HASH_LONG
- *      has to be at lest 32 bit wide, if it's wider, then
- *      HASH_LONG_LOG2 *has to* be defined along
- * HASH_CTX
- *      context structure that at least contains following
- *      members:
- *              typedef struct {
- *                      ...
- *                      HASH_LONG       Nl,Nh;
- *                      either {
- *                      HASH_LONG       data[HASH_LBLOCK];
- *                      unsigned char   data[HASH_CBLOCK];
- *                      };
- *                      unsigned int    num;
- *                      ...
- *                      } HASH_CTX;
- *      data[] vector is expected to be zeroed upon first call to
- *      HASH_UPDATE.
- * HASH_UPDATE
- *      name of "Update" function, implemented here.
- * HASH_TRANSFORM
- *      name of "Transform" function, implemented here.
- * HASH_FINAL
- *      name of "Final" function, implemented here.
- * HASH_BLOCK_DATA_ORDER
- *      name of "block" function capable of treating *unaligned* input
- *      message in original (data) byte order, implemented externally.
- * HASH_MAKE_STRING
- *      macro convering context variables to an ASCII hash string.
- *
- * MD5 example:
- *
- *      #define DATA_ORDER_IS_LITTLE_ENDIAN
- *
- *      #define HASH_LONG               MD5_LONG
- *      #define HASH_LONG_LOG2          MD5_LONG_LOG2
- *      #define HASH_CTX                MD5_CTX
- *      #define HASH_CBLOCK             MD5_CBLOCK
- *      #define HASH_UPDATE             MD5_Update
- *      #define HASH_TRANSFORM          MD5_Transform
- *      #define HASH_FINAL              MD5_Final
- *      #define HASH_BLOCK_DATA_ORDER   md5_block_data_order
- *
- *                                      <appro@fy.chalmers.se>
- */
-
-#include <openssl/crypto.h>
-
-#if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN)
-# error "DATA_ORDER must be defined!"
-#endif
-
-#ifndef HASH_CBLOCK
-# error "HASH_CBLOCK must be defined!"
-#endif
-#ifndef HASH_LONG
-# error "HASH_LONG must be defined!"
-#endif
-#ifndef HASH_CTX
-# error "HASH_CTX must be defined!"
-#endif
-
-#ifndef HASH_UPDATE
-# error "HASH_UPDATE must be defined!"
-#endif
-#ifndef HASH_TRANSFORM
-# error "HASH_TRANSFORM must be defined!"
-#endif
-#ifndef HASH_FINAL
-# error "HASH_FINAL must be defined!"
-#endif
-
-#ifndef HASH_BLOCK_DATA_ORDER
-# error "HASH_BLOCK_DATA_ORDER must be defined!"
-#endif
-
-/*
- * Engage compiler specific rotate intrinsic function if available.
- */
-#undef ROTATE
-#ifndef PEDANTIC
-# if defined(_MSC_VER)
-#  define ROTATE(a,n)   _lrotl(a,n)
-# elif defined(__ICC)
-#  define ROTATE(a,n)   _rotl(a,n)
-# elif defined(__MWERKS__)
-#  if defined(__POWERPC__)
-#   define ROTATE(a,n)  __rlwinm(a,n,0,31)
-#  elif defined(__MC68K__)
-    /* Motorola specific tweak. <appro@fy.chalmers.se> */
-#   define ROTATE(a,n)  ( n<24 ? __rol(a,n) : __ror(a,32-n) )
-#  else
-#   define ROTATE(a,n)  __rol(a,n)
-#  endif
-# elif defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-  /*
-   * Some GNU C inline assembler templates. Note that these are
-   * rotates by *constant* number of bits! But that's exactly
-   * what we need here...
-   *                                    <appro@fy.chalmers.se>
-   */
-#  if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
-#   define ROTATE(a,n)  ({ register unsigned int ret;   \
-                                asm (                   \
-                                "roll %1,%0"            \
-                                : "=r"(ret)             \
-                                : "I"(n), "0"((unsigned int)(a))        \
-                                : "cc");                \
-                           ret;                         \
-                        })
-#  elif defined(_ARCH_PPC) || defined(_ARCH_PPC64) || \
-        defined(__powerpc) || defined(__ppc__) || defined(__powerpc64__)
-#   define ROTATE(a,n)  ({ register unsigned int ret;   \
-                                asm (                   \
-                                "rlwinm %0,%1,%2,0,31"  \
-                                : "=r"(ret)             \
-                                : "r"(a), "I"(n));      \
-                           ret;                         \
-                        })
-#  elif defined(__s390x__)
-#   define ROTATE(a,n) ({ register unsigned int ret;    \
-                                asm ("rll %0,%1,%2"     \
-                                : "=r"(ret)             \
-                                : "r"(a), "I"(n));      \
-                          ret;                          \
-                        })
-#  endif
-# endif
-#endif                          /* PEDANTIC */
-
-#ifndef ROTATE
-# define ROTATE(a,n)     (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
-#endif
-
-#if defined(DATA_ORDER_IS_BIG_ENDIAN)
-
-# ifndef PEDANTIC
-#  if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-#   if ((defined(__i386) || defined(__i386__)) && !defined(I386_ONLY)) || \
-      (defined(__x86_64) || defined(__x86_64__))
-#    if !defined(B_ENDIAN)
-    /*
-     * This gives ~30-40% performance improvement in SHA-256 compiled
-     * with gcc [on P4]. Well, first macro to be frank. We can pull
-     * this trick on x86* platforms only, because these CPUs can fetch
-     * unaligned data without raising an exception.
-     */
-#     define HOST_c2l(c,l)        ({ unsigned int r=*((const unsigned int *)(c)); \
-                                   asm ("bswapl %0":"=r"(r):"0"(r));    \
-                                   (c)+=4; (l)=r;                       })
-#     define HOST_l2c(l,c)        ({ unsigned int r=(l);                  \
-                                   asm ("bswapl %0":"=r"(r):"0"(r));    \
-                                   *((unsigned int *)(c))=r; (c)+=4; r; })
-#    endif
-#   elif defined(__aarch64__)
-#    if defined(__BYTE_ORDER__)
-#     if defined(__ORDER_LITTLE_ENDIAN__) && __BYTE_ORDER__==__ORDER_LITTLE_ENDIAN__
-#      define HOST_c2l(c,l)      ({ unsigned int r;              \
-                                   asm ("rev    %w0,%w1"        \
-                                        :"=r"(r)                \
-                                        :"r"(*((const unsigned int *)(c))));\
-                                   (c)+=4; (l)=r;               })
-#      define HOST_l2c(l,c)      ({ unsigned int r;              \
-                                   asm ("rev    %w0,%w1"        \
-                                        :"=r"(r)                \
-                                        :"r"((unsigned int)(l)));\
-                                   *((unsigned int *)(c))=r; (c)+=4; r; })
-#     elif defined(__ORDER_BIG_ENDIAN__) && __BYTE_ORDER__==__ORDER_BIG_ENDIAN__
-#      define HOST_c2l(c,l)      ((l)=*((const unsigned int *)(c)), (c)+=4, (l))
-#      define HOST_l2c(l,c)      (*((unsigned int *)(c))=(l), (c)+=4, (l))
-#     endif
-#    endif
-#   endif
-#  endif
-#  if defined(__s390__) || defined(__s390x__)
-#   define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, (l))
-#   define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, (l))
-#  endif
-# endif
-
-# ifndef HOST_c2l
-#  define HOST_c2l(c,l)   (l =(((unsigned long)(*((c)++)))<<24),          \
-                         l|=(((unsigned long)(*((c)++)))<<16),          \
-                         l|=(((unsigned long)(*((c)++)))<< 8),          \
-                         l|=(((unsigned long)(*((c)++)))    )           )
-# endif
-# ifndef HOST_l2c
-#  define HOST_l2c(l,c)   (*((c)++)=(unsigned char)(((l)>>24)&0xff),      \
-                         *((c)++)=(unsigned char)(((l)>>16)&0xff),      \
-                         *((c)++)=(unsigned char)(((l)>> 8)&0xff),      \
-                         *((c)++)=(unsigned char)(((l)    )&0xff),      \
-                         l)
-# endif
-
-#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
-
-# ifndef PEDANTIC
-#  if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-#   if defined(__s390x__)
-#    define HOST_c2l(c,l)        ({ asm ("lrv    %0,%1"                  \
-                                   :"=d"(l) :"m"(*(const unsigned int *)(c)));\
-                                   (c)+=4; (l);                         })
-#    define HOST_l2c(l,c)        ({ asm ("strv   %1,%0"                  \
-                                   :"=m"(*(unsigned int *)(c)) :"d"(l));\
-                                   (c)+=4; (l);                         })
-#   endif
-#  endif
-#  if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
-#   ifndef B_ENDIAN
-    /* See comment in DATA_ORDER_IS_BIG_ENDIAN section. */
-#    define HOST_c2l(c,l)        ((l)=*((const unsigned int *)(c)), (c)+=4, l)
-#    define HOST_l2c(l,c)        (*((unsigned int *)(c))=(l), (c)+=4, l)
-#   endif
-#  endif
-# endif
-
-# ifndef HOST_c2l
-#  define HOST_c2l(c,l)   (l =(((unsigned long)(*((c)++)))    ),          \
-                         l|=(((unsigned long)(*((c)++)))<< 8),          \
-                         l|=(((unsigned long)(*((c)++)))<<16),          \
-                         l|=(((unsigned long)(*((c)++)))<<24)           )
-# endif
-# ifndef HOST_l2c
-#  define HOST_l2c(l,c)   (*((c)++)=(unsigned char)(((l)    )&0xff),      \
-                         *((c)++)=(unsigned char)(((l)>> 8)&0xff),      \
-                         *((c)++)=(unsigned char)(((l)>>16)&0xff),      \
-                         *((c)++)=(unsigned char)(((l)>>24)&0xff),      \
-                         l)
-# endif
-
-#endif
-
-/*
- * Time for some action:-)
- */
-
-int HASH_UPDATE(HASH_CTX *c, const void *data_, size_t len)
-{
-    const unsigned char *data = data_;
-    unsigned char *p;
-    HASH_LONG l;
-    size_t n;
-
-    if (len == 0)
-        return 1;
-
-    l = (c->Nl + (((HASH_LONG) len) << 3)) & 0xffffffffUL;
-    /*
-     * 95-05-24 eay Fixed a bug with the overflow handling, thanks to Wei Dai
-     * <weidai@eskimo.com> for pointing it out.
-     */
-    if (l < c->Nl)              /* overflow */
-        c->Nh++;
-    c->Nh += (HASH_LONG) (len >> 29); /* might cause compiler warning on
-                                       * 16-bit */
-    c->Nl = l;
-
-    n = c->num;
-    if (n != 0) {
-        p = (unsigned char *)c->data;
-
-        if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) {
-            memcpy(p + n, data, HASH_CBLOCK - n);
-            HASH_BLOCK_DATA_ORDER(c, p, 1);
-            n = HASH_CBLOCK - n;
-            data += n;
-            len -= n;
-            c->num = 0;
-            /*
-             * We use memset rather than OPENSSL_cleanse() here deliberately.
-             * Using OPENSSL_cleanse() here could be a performance issue. It
-             * will get properly cleansed on finalisation so this isn't a
-             * security problem.
-             */
-            memset(p, 0, HASH_CBLOCK); /* keep it zeroed */
-        } else {
-            memcpy(p + n, data, len);
-            c->num += (unsigned int)len;
-            return 1;
-        }
-    }
-
-    n = len / HASH_CBLOCK;
-    if (n > 0) {
-        HASH_BLOCK_DATA_ORDER(c, data, n);
-        n *= HASH_CBLOCK;
-        data += n;
-        len -= n;
-    }
-
-    if (len != 0) {
-        p = (unsigned char *)c->data;
-        c->num = (unsigned int)len;
-        memcpy(p, data, len);
-    }
-    return 1;
-}
-
-void HASH_TRANSFORM(HASH_CTX *c, const unsigned char *data)
-{
-    HASH_BLOCK_DATA_ORDER(c, data, 1);
-}
-
-int HASH_FINAL(unsigned char *md, HASH_CTX *c)
-{
-    unsigned char *p = (unsigned char *)c->data;
-    size_t n = c->num;
-
-    p[n] = 0x80;                /* there is always room for one */
-    n++;
-
-    if (n > (HASH_CBLOCK - 8)) {
-        memset(p + n, 0, HASH_CBLOCK - n);
-        n = 0;
-        HASH_BLOCK_DATA_ORDER(c, p, 1);
-    }
-    memset(p + n, 0, HASH_CBLOCK - 8 - n);
-
-    p += HASH_CBLOCK - 8;
-#if   defined(DATA_ORDER_IS_BIG_ENDIAN)
-    (void)HOST_l2c(c->Nh, p);
-    (void)HOST_l2c(c->Nl, p);
-#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
-    (void)HOST_l2c(c->Nl, p);
-    (void)HOST_l2c(c->Nh, p);
-#endif
-    p -= HASH_CBLOCK;
-    HASH_BLOCK_DATA_ORDER(c, p, 1);
-    c->num = 0;
-    OPENSSL_cleanse(p, HASH_CBLOCK);
-
-#ifndef HASH_MAKE_STRING
-# error "HASH_MAKE_STRING must be defined!"
-#else
-    HASH_MAKE_STRING(c, md);
-#endif
-
-    return 1;
-}
-
-#ifndef MD32_REG_T
-# if defined(__alpha) || defined(__sparcv9) || defined(__mips)
-#  define MD32_REG_T long
-/*
- * This comment was originaly written for MD5, which is why it
- * discusses A-D. But it basically applies to all 32-bit digests,
- * which is why it was moved to common header file.
- *
- * In case you wonder why A-D are declared as long and not
- * as MD5_LONG. Doing so results in slight performance
- * boost on LP64 architectures. The catch is we don't
- * really care if 32 MSBs of a 64-bit register get polluted
- * with eventual overflows as we *save* only 32 LSBs in
- * *either* case. Now declaring 'em long excuses the compiler
- * from keeping 32 MSBs zeroed resulting in 13% performance
- * improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
- * Well, to be honest it should say that this *prevents*
- * performance degradation.
- *                              <appro@fy.chalmers.se>
- */
-# else
-/*
- * Above is not absolute and there are LP64 compilers that
- * generate better code if MD32_REG_T is defined int. The above
- * pre-processor condition reflects the circumstances under which
- * the conclusion was made and is subject to further extension.
- *                              <appro@fy.chalmers.se>
- */
-#  define MD32_REG_T int
-# endif
-#endif
diff --git a/thirdparty/openssl/crypto/md4/md4.c b/thirdparty/openssl/crypto/md4/md4.c
deleted file mode 100644
index c9fab6669a..0000000000
--- a/thirdparty/openssl/crypto/md4/md4.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* crypto/md4/md4.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/md4.h>
-
-#define BUFSIZE 1024*16
-
-void do_fp(FILE *f);
-void pt(unsigned char *md);
-#if !defined(_OSD_POSIX) && !defined(__DJGPP__)
-int read(int, void *, unsigned int);
-#endif
-
-int main(int argc, char **argv)
-{
-    int i, err = 0;
-    FILE *IN;
-
-    if (argc == 1) {
-        do_fp(stdin);
-    } else {
-        for (i = 1; i < argc; i++) {
-            IN = fopen(argv[i], "r");
-            if (IN == NULL) {
-                perror(argv[i]);
-                err++;
-                continue;
-            }
-            printf("MD4(%s)= ", argv[i]);
-            do_fp(IN);
-            fclose(IN);
-        }
-    }
-    exit(err);
-}
-
-void do_fp(FILE *f)
-{
-    MD4_CTX c;
-    unsigned char md[MD4_DIGEST_LENGTH];
-    int fd;
-    int i;
-    static unsigned char buf[BUFSIZE];
-
-    fd = fileno(f);
-    MD4_Init(&c);
-    for (;;) {
-        i = read(fd, buf, sizeof buf);
-        if (i <= 0)
-            break;
-        MD4_Update(&c, buf, (unsigned long)i);
-    }
-    MD4_Final(&(md[0]), &c);
-    pt(md);
-}
-
-void pt(unsigned char *md)
-{
-    int i;
-
-    for (i = 0; i < MD4_DIGEST_LENGTH; i++)
-        printf("%02x", md[i]);
-    printf("\n");
-}
diff --git a/thirdparty/openssl/crypto/md4/md4_dgst.c b/thirdparty/openssl/crypto/md4/md4_dgst.c
deleted file mode 100644
index 614fca0056..0000000000
--- a/thirdparty/openssl/crypto/md4/md4_dgst.c
+++ /dev/null
@@ -1,199 +0,0 @@
-/* crypto/md4/md4_dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/opensslv.h>
-#include <openssl/crypto.h>
-#include "md4_locl.h"
-
-const char MD4_version[] = "MD4" OPENSSL_VERSION_PTEXT;
-
-/*
- * Implemented from RFC1186 The MD4 Message-Digest Algorithm
- */
-
-#define INIT_DATA_A (unsigned long)0x67452301L
-#define INIT_DATA_B (unsigned long)0xefcdab89L
-#define INIT_DATA_C (unsigned long)0x98badcfeL
-#define INIT_DATA_D (unsigned long)0x10325476L
-
-fips_md_init(MD4)
-{
-    memset(c, 0, sizeof(*c));
-    c->A = INIT_DATA_A;
-    c->B = INIT_DATA_B;
-    c->C = INIT_DATA_C;
-    c->D = INIT_DATA_D;
-    return 1;
-}
-
-#ifndef md4_block_data_order
-# ifdef X
-#  undef X
-# endif
-void md4_block_data_order(MD4_CTX *c, const void *data_, size_t num)
-{
-    const unsigned char *data = data_;
-    register unsigned MD32_REG_T A, B, C, D, l;
-# ifndef MD32_XARRAY
-    /* See comment in crypto/sha/sha_locl.h for details. */
-    unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
-        XX8, XX9, XX10, XX11, XX12, XX13, XX14, XX15;
-#  define X(i)   XX##i
-# else
-    MD4_LONG XX[MD4_LBLOCK];
-#  define X(i)   XX[i]
-# endif
-
-    A = c->A;
-    B = c->B;
-    C = c->C;
-    D = c->D;
-
-    for (; num--;) {
-        (void)HOST_c2l(data, l);
-        X(0) = l;
-        (void)HOST_c2l(data, l);
-        X(1) = l;
-        /* Round 0 */
-        R0(A, B, C, D, X(0), 3, 0);
-        (void)HOST_c2l(data, l);
-        X(2) = l;
-        R0(D, A, B, C, X(1), 7, 0);
-        (void)HOST_c2l(data, l);
-        X(3) = l;
-        R0(C, D, A, B, X(2), 11, 0);
-        (void)HOST_c2l(data, l);
-        X(4) = l;
-        R0(B, C, D, A, X(3), 19, 0);
-        (void)HOST_c2l(data, l);
-        X(5) = l;
-        R0(A, B, C, D, X(4), 3, 0);
-        (void)HOST_c2l(data, l);
-        X(6) = l;
-        R0(D, A, B, C, X(5), 7, 0);
-        (void)HOST_c2l(data, l);
-        X(7) = l;
-        R0(C, D, A, B, X(6), 11, 0);
-        (void)HOST_c2l(data, l);
-        X(8) = l;
-        R0(B, C, D, A, X(7), 19, 0);
-        (void)HOST_c2l(data, l);
-        X(9) = l;
-        R0(A, B, C, D, X(8), 3, 0);
-        (void)HOST_c2l(data, l);
-        X(10) = l;
-        R0(D, A, B, C, X(9), 7, 0);
-        (void)HOST_c2l(data, l);
-        X(11) = l;
-        R0(C, D, A, B, X(10), 11, 0);
-        (void)HOST_c2l(data, l);
-        X(12) = l;
-        R0(B, C, D, A, X(11), 19, 0);
-        (void)HOST_c2l(data, l);
-        X(13) = l;
-        R0(A, B, C, D, X(12), 3, 0);
-        (void)HOST_c2l(data, l);
-        X(14) = l;
-        R0(D, A, B, C, X(13), 7, 0);
-        (void)HOST_c2l(data, l);
-        X(15) = l;
-        R0(C, D, A, B, X(14), 11, 0);
-        R0(B, C, D, A, X(15), 19, 0);
-        /* Round 1 */
-        R1(A, B, C, D, X(0), 3, 0x5A827999L);
-        R1(D, A, B, C, X(4), 5, 0x5A827999L);
-        R1(C, D, A, B, X(8), 9, 0x5A827999L);
-        R1(B, C, D, A, X(12), 13, 0x5A827999L);
-        R1(A, B, C, D, X(1), 3, 0x5A827999L);
-        R1(D, A, B, C, X(5), 5, 0x5A827999L);
-        R1(C, D, A, B, X(9), 9, 0x5A827999L);
-        R1(B, C, D, A, X(13), 13, 0x5A827999L);
-        R1(A, B, C, D, X(2), 3, 0x5A827999L);
-        R1(D, A, B, C, X(6), 5, 0x5A827999L);
-        R1(C, D, A, B, X(10), 9, 0x5A827999L);
-        R1(B, C, D, A, X(14), 13, 0x5A827999L);
-        R1(A, B, C, D, X(3), 3, 0x5A827999L);
-        R1(D, A, B, C, X(7), 5, 0x5A827999L);
-        R1(C, D, A, B, X(11), 9, 0x5A827999L);
-        R1(B, C, D, A, X(15), 13, 0x5A827999L);
-        /* Round 2 */
-        R2(A, B, C, D, X(0), 3, 0x6ED9EBA1L);
-        R2(D, A, B, C, X(8), 9, 0x6ED9EBA1L);
-        R2(C, D, A, B, X(4), 11, 0x6ED9EBA1L);
-        R2(B, C, D, A, X(12), 15, 0x6ED9EBA1L);
-        R2(A, B, C, D, X(2), 3, 0x6ED9EBA1L);
-        R2(D, A, B, C, X(10), 9, 0x6ED9EBA1L);
-        R2(C, D, A, B, X(6), 11, 0x6ED9EBA1L);
-        R2(B, C, D, A, X(14), 15, 0x6ED9EBA1L);
-        R2(A, B, C, D, X(1), 3, 0x6ED9EBA1L);
-        R2(D, A, B, C, X(9), 9, 0x6ED9EBA1L);
-        R2(C, D, A, B, X(5), 11, 0x6ED9EBA1L);
-        R2(B, C, D, A, X(13), 15, 0x6ED9EBA1L);
-        R2(A, B, C, D, X(3), 3, 0x6ED9EBA1L);
-        R2(D, A, B, C, X(11), 9, 0x6ED9EBA1L);
-        R2(C, D, A, B, X(7), 11, 0x6ED9EBA1L);
-        R2(B, C, D, A, X(15), 15, 0x6ED9EBA1L);
-
-        A = c->A += A;
-        B = c->B += B;
-        C = c->C += C;
-        D = c->D += D;
-    }
-}
-#endif
diff --git a/thirdparty/openssl/crypto/md4/md4_locl.h b/thirdparty/openssl/crypto/md4/md4_locl.h
deleted file mode 100644
index dc86a86c56..0000000000
--- a/thirdparty/openssl/crypto/md4/md4_locl.h
+++ /dev/null
@@ -1,113 +0,0 @@
-/* crypto/md4/md4_locl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/opensslconf.h>
-#include <openssl/md4.h>
-
-#ifndef MD4_LONG_LOG2
-# define MD4_LONG_LOG2 2        /* default to 32 bits */
-#endif
-
-void md4_block_data_order(MD4_CTX *c, const void *p, size_t num);
-
-#define DATA_ORDER_IS_LITTLE_ENDIAN
-
-#define HASH_LONG               MD4_LONG
-#define HASH_CTX                MD4_CTX
-#define HASH_CBLOCK             MD4_CBLOCK
-#define HASH_UPDATE             MD4_Update
-#define HASH_TRANSFORM          MD4_Transform
-#define HASH_FINAL              MD4_Final
-#define HASH_MAKE_STRING(c,s)   do {    \
-        unsigned long ll;               \
-        ll=(c)->A; (void)HOST_l2c(ll,(s));      \
-        ll=(c)->B; (void)HOST_l2c(ll,(s));      \
-        ll=(c)->C; (void)HOST_l2c(ll,(s));      \
-        ll=(c)->D; (void)HOST_l2c(ll,(s));      \
-        } while (0)
-#define HASH_BLOCK_DATA_ORDER   md4_block_data_order
-
-#include "md32_common.h"
-
-/*-
-#define F(x,y,z)        (((x) & (y))  |  ((~(x)) & (z)))
-#define G(x,y,z)        (((x) & (y))  |  ((x) & ((z))) | ((y) & ((z))))
-*/
-
-/*
- * As pointed out by Wei Dai <weidai@eskimo.com>, the above can be simplified
- * to the code below.  Wei attributes these optimizations to Peter Gutmann's
- * SHS code, and he attributes it to Rich Schroeppel.
- */
-#define F(b,c,d)        ((((c) ^ (d)) & (b)) ^ (d))
-#define G(b,c,d)        (((b) & (c)) | ((b) & (d)) | ((c) & (d)))
-#define H(b,c,d)        ((b) ^ (c) ^ (d))
-
-#define R0(a,b,c,d,k,s,t) { \
-        a+=((k)+(t)+F((b),(c),(d))); \
-        a=ROTATE(a,s); };
-
-#define R1(a,b,c,d,k,s,t) { \
-        a+=((k)+(t)+G((b),(c),(d))); \
-        a=ROTATE(a,s); };\
-
-#define R2(a,b,c,d,k,s,t) { \
-        a+=((k)+(t)+H((b),(c),(d))); \
-        a=ROTATE(a,s); };
diff --git a/thirdparty/openssl/crypto/md4/md4_one.c b/thirdparty/openssl/crypto/md4/md4_one.c
deleted file mode 100644
index 32ebd5facf..0000000000
--- a/thirdparty/openssl/crypto/md4/md4_one.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/* crypto/md4/md4_one.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/md4.h>
-#include <openssl/crypto.h>
-
-#ifdef CHARSET_EBCDIC
-# include <openssl/ebcdic.h>
-#endif
-
-unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md)
-{
-    MD4_CTX c;
-    static unsigned char m[MD4_DIGEST_LENGTH];
-
-    if (md == NULL)
-        md = m;
-    if (!MD4_Init(&c))
-        return NULL;
-#ifndef CHARSET_EBCDIC
-    MD4_Update(&c, d, n);
-#else
-    {
-        char temp[1024];
-        unsigned long chunk;
-
-        while (n > 0) {
-            chunk = (n > sizeof(temp)) ? sizeof(temp) : n;
-            ebcdic2ascii(temp, d, chunk);
-            MD4_Update(&c, temp, chunk);
-            n -= chunk;
-            d += chunk;
-        }
-    }
-#endif
-    MD4_Final(md, &c);
-    OPENSSL_cleanse(&c, sizeof(c)); /* security consideration */
-    return (md);
-}
diff --git a/thirdparty/openssl/crypto/md4/md4s.cpp b/thirdparty/openssl/crypto/md4/md4s.cpp
deleted file mode 100644
index c0ec97fc9f..0000000000
--- a/thirdparty/openssl/crypto/md4/md4s.cpp
+++ /dev/null
@@ -1,78 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/md4.h>
-
-extern "C" {
-void md4_block_x86(MD4_CTX *ctx, unsigned char *buffer,int num);
-}
-
-void main(int argc,char *argv[])
-	{
-	unsigned char buffer[64*256];
-	MD4_CTX ctx;
-	unsigned long s1,s2,e1,e2;
-	unsigned char k[16];
-	unsigned long data[2];
-	unsigned char iv[8];
-	int i,num=0,numm;
-	int j=0;
-
-	if (argc >= 2)
-		num=atoi(argv[1]);
-
-	if (num == 0) num=16;
-	if (num > 250) num=16;
-	numm=num+2;
-	num*=64;
-	numm*=64;
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<10; i++) /**/
-			{
-			md4_block_x86(&ctx,buffer,numm);
-			GetTSC(s1);
-			md4_block_x86(&ctx,buffer,numm);
-			GetTSC(e1);
-			GetTSC(s2);
-			md4_block_x86(&ctx,buffer,num);
-			GetTSC(e2);
-			md4_block_x86(&ctx,buffer,num);
-			}
-		printf("md4 (%d bytes) %d %d (%.2f)\n",num,
-			e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
-		}
-	}
-
diff --git a/thirdparty/openssl/crypto/md5/md5.c b/thirdparty/openssl/crypto/md5/md5.c
deleted file mode 100644
index f0282c507e..0000000000
--- a/thirdparty/openssl/crypto/md5/md5.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* crypto/md5/md5.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/md5.h>
-
-#define BUFSIZE 1024*16
-
-void do_fp(FILE *f);
-void pt(unsigned char *md);
-#if !defined(_OSD_POSIX) && !defined(__DJGPP__)
-int read(int, void *, unsigned int);
-#endif
-
-int main(int argc, char **argv)
-{
-    int i, err = 0;
-    FILE *IN;
-
-    if (argc == 1) {
-        do_fp(stdin);
-    } else {
-        for (i = 1; i < argc; i++) {
-            IN = fopen(argv[i], "r");
-            if (IN == NULL) {
-                perror(argv[i]);
-                err++;
-                continue;
-            }
-            printf("MD5(%s)= ", argv[i]);
-            do_fp(IN);
-            fclose(IN);
-        }
-    }
-    exit(err);
-}
-
-void do_fp(FILE *f)
-{
-    MD5_CTX c;
-    unsigned char md[MD5_DIGEST_LENGTH];
-    int fd;
-    int i;
-    static unsigned char buf[BUFSIZE];
-
-    fd = fileno(f);
-    MD5_Init(&c);
-    for (;;) {
-        i = read(fd, buf, BUFSIZE);
-        if (i <= 0)
-            break;
-        MD5_Update(&c, buf, (unsigned long)i);
-    }
-    MD5_Final(&(md[0]), &c);
-    pt(md);
-}
-
-void pt(unsigned char *md)
-{
-    int i;
-
-    for (i = 0; i < MD5_DIGEST_LENGTH; i++)
-        printf("%02x", md[i]);
-    printf("\n");
-}
diff --git a/thirdparty/openssl/crypto/md5/md5_dgst.c b/thirdparty/openssl/crypto/md5/md5_dgst.c
deleted file mode 100644
index 2b51946708..0000000000
--- a/thirdparty/openssl/crypto/md5/md5_dgst.c
+++ /dev/null
@@ -1,216 +0,0 @@
-/* crypto/md5/md5_dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "md5_locl.h"
-#include <openssl/opensslv.h>
-#include <openssl/crypto.h>
-
-const char MD5_version[] = "MD5" OPENSSL_VERSION_PTEXT;
-
-/*
- * Implemented from RFC1321 The MD5 Message-Digest Algorithm
- */
-
-#define INIT_DATA_A (unsigned long)0x67452301L
-#define INIT_DATA_B (unsigned long)0xefcdab89L
-#define INIT_DATA_C (unsigned long)0x98badcfeL
-#define INIT_DATA_D (unsigned long)0x10325476L
-
-fips_md_init(MD5)
-{
-    memset(c, 0, sizeof(*c));
-    c->A = INIT_DATA_A;
-    c->B = INIT_DATA_B;
-    c->C = INIT_DATA_C;
-    c->D = INIT_DATA_D;
-    return 1;
-}
-
-#ifndef md5_block_data_order
-# ifdef X
-#  undef X
-# endif
-void md5_block_data_order(MD5_CTX *c, const void *data_, size_t num)
-{
-    const unsigned char *data = data_;
-    register unsigned MD32_REG_T A, B, C, D, l;
-# ifndef MD32_XARRAY
-    /* See comment in crypto/sha/sha_locl.h for details. */
-    unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
-        XX8, XX9, XX10, XX11, XX12, XX13, XX14, XX15;
-#  define X(i)   XX##i
-# else
-    MD5_LONG XX[MD5_LBLOCK];
-#  define X(i)   XX[i]
-# endif
-
-    A = c->A;
-    B = c->B;
-    C = c->C;
-    D = c->D;
-
-    for (; num--;) {
-        HOST_c2l(data, l);
-        X(0) = l;
-        HOST_c2l(data, l);
-        X(1) = l;
-        /* Round 0 */
-        R0(A, B, C, D, X(0), 7, 0xd76aa478L);
-        HOST_c2l(data, l);
-        X(2) = l;
-        R0(D, A, B, C, X(1), 12, 0xe8c7b756L);
-        HOST_c2l(data, l);
-        X(3) = l;
-        R0(C, D, A, B, X(2), 17, 0x242070dbL);
-        HOST_c2l(data, l);
-        X(4) = l;
-        R0(B, C, D, A, X(3), 22, 0xc1bdceeeL);
-        HOST_c2l(data, l);
-        X(5) = l;
-        R0(A, B, C, D, X(4), 7, 0xf57c0fafL);
-        HOST_c2l(data, l);
-        X(6) = l;
-        R0(D, A, B, C, X(5), 12, 0x4787c62aL);
-        HOST_c2l(data, l);
-        X(7) = l;
-        R0(C, D, A, B, X(6), 17, 0xa8304613L);
-        HOST_c2l(data, l);
-        X(8) = l;
-        R0(B, C, D, A, X(7), 22, 0xfd469501L);
-        HOST_c2l(data, l);
-        X(9) = l;
-        R0(A, B, C, D, X(8), 7, 0x698098d8L);
-        HOST_c2l(data, l);
-        X(10) = l;
-        R0(D, A, B, C, X(9), 12, 0x8b44f7afL);
-        HOST_c2l(data, l);
-        X(11) = l;
-        R0(C, D, A, B, X(10), 17, 0xffff5bb1L);
-        HOST_c2l(data, l);
-        X(12) = l;
-        R0(B, C, D, A, X(11), 22, 0x895cd7beL);
-        HOST_c2l(data, l);
-        X(13) = l;
-        R0(A, B, C, D, X(12), 7, 0x6b901122L);
-        HOST_c2l(data, l);
-        X(14) = l;
-        R0(D, A, B, C, X(13), 12, 0xfd987193L);
-        HOST_c2l(data, l);
-        X(15) = l;
-        R0(C, D, A, B, X(14), 17, 0xa679438eL);
-        R0(B, C, D, A, X(15), 22, 0x49b40821L);
-        /* Round 1 */
-        R1(A, B, C, D, X(1), 5, 0xf61e2562L);
-        R1(D, A, B, C, X(6), 9, 0xc040b340L);
-        R1(C, D, A, B, X(11), 14, 0x265e5a51L);
-        R1(B, C, D, A, X(0), 20, 0xe9b6c7aaL);
-        R1(A, B, C, D, X(5), 5, 0xd62f105dL);
-        R1(D, A, B, C, X(10), 9, 0x02441453L);
-        R1(C, D, A, B, X(15), 14, 0xd8a1e681L);
-        R1(B, C, D, A, X(4), 20, 0xe7d3fbc8L);
-        R1(A, B, C, D, X(9), 5, 0x21e1cde6L);
-        R1(D, A, B, C, X(14), 9, 0xc33707d6L);
-        R1(C, D, A, B, X(3), 14, 0xf4d50d87L);
-        R1(B, C, D, A, X(8), 20, 0x455a14edL);
-        R1(A, B, C, D, X(13), 5, 0xa9e3e905L);
-        R1(D, A, B, C, X(2), 9, 0xfcefa3f8L);
-        R1(C, D, A, B, X(7), 14, 0x676f02d9L);
-        R1(B, C, D, A, X(12), 20, 0x8d2a4c8aL);
-        /* Round 2 */
-        R2(A, B, C, D, X(5), 4, 0xfffa3942L);
-        R2(D, A, B, C, X(8), 11, 0x8771f681L);
-        R2(C, D, A, B, X(11), 16, 0x6d9d6122L);
-        R2(B, C, D, A, X(14), 23, 0xfde5380cL);
-        R2(A, B, C, D, X(1), 4, 0xa4beea44L);
-        R2(D, A, B, C, X(4), 11, 0x4bdecfa9L);
-        R2(C, D, A, B, X(7), 16, 0xf6bb4b60L);
-        R2(B, C, D, A, X(10), 23, 0xbebfbc70L);
-        R2(A, B, C, D, X(13), 4, 0x289b7ec6L);
-        R2(D, A, B, C, X(0), 11, 0xeaa127faL);
-        R2(C, D, A, B, X(3), 16, 0xd4ef3085L);
-        R2(B, C, D, A, X(6), 23, 0x04881d05L);
-        R2(A, B, C, D, X(9), 4, 0xd9d4d039L);
-        R2(D, A, B, C, X(12), 11, 0xe6db99e5L);
-        R2(C, D, A, B, X(15), 16, 0x1fa27cf8L);
-        R2(B, C, D, A, X(2), 23, 0xc4ac5665L);
-        /* Round 3 */
-        R3(A, B, C, D, X(0), 6, 0xf4292244L);
-        R3(D, A, B, C, X(7), 10, 0x432aff97L);
-        R3(C, D, A, B, X(14), 15, 0xab9423a7L);
-        R3(B, C, D, A, X(5), 21, 0xfc93a039L);
-        R3(A, B, C, D, X(12), 6, 0x655b59c3L);
-        R3(D, A, B, C, X(3), 10, 0x8f0ccc92L);
-        R3(C, D, A, B, X(10), 15, 0xffeff47dL);
-        R3(B, C, D, A, X(1), 21, 0x85845dd1L);
-        R3(A, B, C, D, X(8), 6, 0x6fa87e4fL);
-        R3(D, A, B, C, X(15), 10, 0xfe2ce6e0L);
-        R3(C, D, A, B, X(6), 15, 0xa3014314L);
-        R3(B, C, D, A, X(13), 21, 0x4e0811a1L);
-        R3(A, B, C, D, X(4), 6, 0xf7537e82L);
-        R3(D, A, B, C, X(11), 10, 0xbd3af235L);
-        R3(C, D, A, B, X(2), 15, 0x2ad7d2bbL);
-        R3(B, C, D, A, X(9), 21, 0xeb86d391L);
-
-        A = c->A += A;
-        B = c->B += B;
-        C = c->C += C;
-        D = c->D += D;
-    }
-}
-#endif
diff --git a/thirdparty/openssl/crypto/md5/md5_locl.h b/thirdparty/openssl/crypto/md5/md5_locl.h
deleted file mode 100644
index 82e69218da..0000000000
--- a/thirdparty/openssl/crypto/md5/md5_locl.h
+++ /dev/null
@@ -1,133 +0,0 @@
-/* crypto/md5/md5_locl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/e_os2.h>
-#include <openssl/md5.h>
-
-#ifndef MD5_LONG_LOG2
-# define MD5_LONG_LOG2 2        /* default to 32 bits */
-#endif
-
-#ifdef MD5_ASM
-# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) || \
-     defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64)
-#  define md5_block_data_order md5_block_asm_data_order
-# elif defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
-#  define md5_block_data_order md5_block_asm_data_order
-# elif defined(__sparc) || defined(__sparc__)
-#  define md5_block_data_order md5_block_asm_data_order
-# endif
-#endif
-
-void md5_block_data_order(MD5_CTX *c, const void *p, size_t num);
-
-#define DATA_ORDER_IS_LITTLE_ENDIAN
-
-#define HASH_LONG               MD5_LONG
-#define HASH_CTX                MD5_CTX
-#define HASH_CBLOCK             MD5_CBLOCK
-#define HASH_UPDATE             MD5_Update
-#define HASH_TRANSFORM          MD5_Transform
-#define HASH_FINAL              MD5_Final
-#define HASH_MAKE_STRING(c,s)   do {    \
-        unsigned long ll;               \
-        ll=(c)->A; (void)HOST_l2c(ll,(s));      \
-        ll=(c)->B; (void)HOST_l2c(ll,(s));      \
-        ll=(c)->C; (void)HOST_l2c(ll,(s));      \
-        ll=(c)->D; (void)HOST_l2c(ll,(s));      \
-        } while (0)
-#define HASH_BLOCK_DATA_ORDER   md5_block_data_order
-
-#include "md32_common.h"
-
-/*-
-#define F(x,y,z)        (((x) & (y))  |  ((~(x)) & (z)))
-#define G(x,y,z)        (((x) & (z))  |  ((y) & (~(z))))
-*/
-
-/*
- * As pointed out by Wei Dai <weidai@eskimo.com>, the above can be simplified
- * to the code below.  Wei attributes these optimizations to Peter Gutmann's
- * SHS code, and he attributes it to Rich Schroeppel.
- */
-#define F(b,c,d)        ((((c) ^ (d)) & (b)) ^ (d))
-#define G(b,c,d)        ((((b) ^ (c)) & (d)) ^ (c))
-#define H(b,c,d)        ((b) ^ (c) ^ (d))
-#define I(b,c,d)        (((~(d)) | (b)) ^ (c))
-
-#define R0(a,b,c,d,k,s,t) { \
-        a+=((k)+(t)+F((b),(c),(d))); \
-        a=ROTATE(a,s); \
-        a+=b; };\
-
-#define R1(a,b,c,d,k,s,t) { \
-        a+=((k)+(t)+G((b),(c),(d))); \
-        a=ROTATE(a,s); \
-        a+=b; };
-
-#define R2(a,b,c,d,k,s,t) { \
-        a+=((k)+(t)+H((b),(c),(d))); \
-        a=ROTATE(a,s); \
-        a+=b; };
-
-#define R3(a,b,c,d,k,s,t) { \
-        a+=((k)+(t)+I((b),(c),(d))); \
-        a=ROTATE(a,s); \
-        a+=b; };
diff --git a/thirdparty/openssl/crypto/md5/md5_one.c b/thirdparty/openssl/crypto/md5/md5_one.c
deleted file mode 100644
index 4ac882e739..0000000000
--- a/thirdparty/openssl/crypto/md5/md5_one.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/* crypto/md5/md5_one.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/md5.h>
-#include <openssl/crypto.h>
-
-#ifdef CHARSET_EBCDIC
-# include <openssl/ebcdic.h>
-#endif
-
-unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md)
-{
-    MD5_CTX c;
-    static unsigned char m[MD5_DIGEST_LENGTH];
-
-    if (md == NULL)
-        md = m;
-    if (!MD5_Init(&c))
-        return NULL;
-#ifndef CHARSET_EBCDIC
-    MD5_Update(&c, d, n);
-#else
-    {
-        char temp[1024];
-        unsigned long chunk;
-
-        while (n > 0) {
-            chunk = (n > sizeof(temp)) ? sizeof(temp) : n;
-            ebcdic2ascii(temp, d, chunk);
-            MD5_Update(&c, temp, chunk);
-            n -= chunk;
-            d += chunk;
-        }
-    }
-#endif
-    MD5_Final(md, &c);
-    OPENSSL_cleanse(&c, sizeof(c)); /* security consideration */
-    return (md);
-}
diff --git a/thirdparty/openssl/crypto/md5/md5s.cpp b/thirdparty/openssl/crypto/md5/md5s.cpp
deleted file mode 100644
index dd343fd4e6..0000000000
--- a/thirdparty/openssl/crypto/md5/md5s.cpp
+++ /dev/null
@@ -1,78 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/md5.h>
-
-extern "C" {
-void md5_block_x86(MD5_CTX *ctx, unsigned char *buffer,int num);
-}
-
-void main(int argc,char *argv[])
-	{
-	unsigned char buffer[64*256];
-	MD5_CTX ctx;
-	unsigned long s1,s2,e1,e2;
-	unsigned char k[16];
-	unsigned long data[2];
-	unsigned char iv[8];
-	int i,num=0,numm;
-	int j=0;
-
-	if (argc >= 2)
-		num=atoi(argv[1]);
-
-	if (num == 0) num=16;
-	if (num > 250) num=16;
-	numm=num+2;
-	num*=64;
-	numm*=64;
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<10; i++) /**/
-			{
-			md5_block_x86(&ctx,buffer,numm);
-			GetTSC(s1);
-			md5_block_x86(&ctx,buffer,numm);
-			GetTSC(e1);
-			GetTSC(s2);
-			md5_block_x86(&ctx,buffer,num);
-			GetTSC(e2);
-			md5_block_x86(&ctx,buffer,num);
-			}
-		printf("md5 (%d bytes) %d %d (%.2f)\n",num,
-			e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
-		}
-	}
-
diff --git a/thirdparty/openssl/crypto/mdc2/mdc2_one.c b/thirdparty/openssl/crypto/mdc2/mdc2_one.c
deleted file mode 100644
index 790775c6fe..0000000000
--- a/thirdparty/openssl/crypto/mdc2/mdc2_one.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/* crypto/mdc2/mdc2_one.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/mdc2.h>
-
-unsigned char *MDC2(const unsigned char *d, size_t n, unsigned char *md)
-{
-    MDC2_CTX c;
-    static unsigned char m[MDC2_DIGEST_LENGTH];
-
-    if (md == NULL)
-        md = m;
-    if (!MDC2_Init(&c))
-        return NULL;
-    MDC2_Update(&c, d, n);
-    MDC2_Final(md, &c);
-    OPENSSL_cleanse(&c, sizeof(c)); /* security consideration */
-    return (md);
-}
diff --git a/thirdparty/openssl/crypto/mdc2/mdc2dgst.c b/thirdparty/openssl/crypto/mdc2/mdc2dgst.c
deleted file mode 100644
index 2dce493633..0000000000
--- a/thirdparty/openssl/crypto/mdc2/mdc2dgst.c
+++ /dev/null
@@ -1,196 +0,0 @@
-/* crypto/mdc2/mdc2dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/des.h>
-#include <openssl/mdc2.h>
-
-#undef c2l
-#define c2l(c,l)        (l =((DES_LONG)(*((c)++)))    , \
-                         l|=((DES_LONG)(*((c)++)))<< 8L, \
-                         l|=((DES_LONG)(*((c)++)))<<16L, \
-                         l|=((DES_LONG)(*((c)++)))<<24L)
-
-#undef l2c
-#define l2c(l,c)        (*((c)++)=(unsigned char)(((l)     )&0xff), \
-                        *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-                        *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-                        *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-static void mdc2_body(MDC2_CTX *c, const unsigned char *in, size_t len);
-fips_md_init(MDC2)
-{
-    c->num = 0;
-    c->pad_type = 1;
-    memset(&(c->h[0]), 0x52, MDC2_BLOCK);
-    memset(&(c->hh[0]), 0x25, MDC2_BLOCK);
-    return 1;
-}
-
-int MDC2_Update(MDC2_CTX *c, const unsigned char *in, size_t len)
-{
-    size_t i, j;
-
-    i = c->num;
-    if (i != 0) {
-        if (len < MDC2_BLOCK - i) {
-            /* partial block */
-            memcpy(&(c->data[i]), in, len);
-            c->num += (int)len;
-            return 1;
-        } else {
-            /* filled one */
-            j = MDC2_BLOCK - i;
-            memcpy(&(c->data[i]), in, j);
-            len -= j;
-            in += j;
-            c->num = 0;
-            mdc2_body(c, &(c->data[0]), MDC2_BLOCK);
-        }
-    }
-    i = len & ~((size_t)MDC2_BLOCK - 1);
-    if (i > 0)
-        mdc2_body(c, in, i);
-    j = len - i;
-    if (j > 0) {
-        memcpy(&(c->data[0]), &(in[i]), j);
-        c->num = (int)j;
-    }
-    return 1;
-}
-
-static void mdc2_body(MDC2_CTX *c, const unsigned char *in, size_t len)
-{
-    register DES_LONG tin0, tin1;
-    register DES_LONG ttin0, ttin1;
-    DES_LONG d[2], dd[2];
-    DES_key_schedule k;
-    unsigned char *p;
-    size_t i;
-
-    for (i = 0; i < len; i += 8) {
-        c2l(in, tin0);
-        d[0] = dd[0] = tin0;
-        c2l(in, tin1);
-        d[1] = dd[1] = tin1;
-        c->h[0] = (c->h[0] & 0x9f) | 0x40;
-        c->hh[0] = (c->hh[0] & 0x9f) | 0x20;
-
-        DES_set_odd_parity(&c->h);
-        DES_set_key_unchecked(&c->h, &k);
-        DES_encrypt1(d, &k, 1);
-
-        DES_set_odd_parity(&c->hh);
-        DES_set_key_unchecked(&c->hh, &k);
-        DES_encrypt1(dd, &k, 1);
-
-        ttin0 = tin0 ^ dd[0];
-        ttin1 = tin1 ^ dd[1];
-        tin0 ^= d[0];
-        tin1 ^= d[1];
-
-        p = c->h;
-        l2c(tin0, p);
-        l2c(ttin1, p);
-        p = c->hh;
-        l2c(ttin0, p);
-        l2c(tin1, p);
-    }
-}
-
-int MDC2_Final(unsigned char *md, MDC2_CTX *c)
-{
-    unsigned int i;
-    int j;
-
-    i = c->num;
-    j = c->pad_type;
-    if ((i > 0) || (j == 2)) {
-        if (j == 2)
-            c->data[i++] = 0x80;
-        memset(&(c->data[i]), 0, MDC2_BLOCK - i);
-        mdc2_body(c, c->data, MDC2_BLOCK);
-    }
-    memcpy(md, (char *)c->h, MDC2_BLOCK);
-    memcpy(&(md[MDC2_BLOCK]), (char *)c->hh, MDC2_BLOCK);
-    return 1;
-}
-
-#undef TEST
-
-#ifdef TEST
-main()
-{
-    unsigned char md[MDC2_DIGEST_LENGTH];
-    int i;
-    MDC2_CTX c;
-    static char *text = "Now is the time for all ";
-
-    MDC2_Init(&c);
-    MDC2_Update(&c, text, strlen(text));
-    MDC2_Final(&(md[0]), &c);
-
-    for (i = 0; i < MDC2_DIGEST_LENGTH; i++)
-        printf("%02X", md[i]);
-    printf("\n");
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/mem.c b/thirdparty/openssl/crypto/mem.c
deleted file mode 100644
index dd4c9ce9e0..0000000000
--- a/thirdparty/openssl/crypto/mem.c
+++ /dev/null
@@ -1,458 +0,0 @@
-/* crypto/mem.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-
-static int allow_customize = 1; /* we provide flexible functions for */
-static int allow_customize_debug = 1; /* exchanging memory-related functions
-                                       * at run-time, but this must be done
-                                       * before any blocks are actually
-                                       * allocated; or we'll run into huge
-                                       * problems when malloc/free pairs
-                                       * don't match etc. */
-
-/*
- * the following pointers may be changed as long as 'allow_customize' is set
- */
-
-static void *(*malloc_func) (size_t) = malloc;
-static void *default_malloc_ex(size_t num, const char *file, int line)
-{
-    return malloc_func(num);
-}
-
-static void *(*malloc_ex_func) (size_t, const char *file, int line)
-    = default_malloc_ex;
-
-#ifdef OPENSSL_SYS_VMS
-# if __INITIAL_POINTER_SIZE == 64
-#  define realloc _realloc64
-# elif __INITIAL_POINTER_SIZE == 32
-#  define realloc _realloc32
-# endif
-#endif
-
-static void *(*realloc_func) (void *, size_t) = realloc;
-static void *default_realloc_ex(void *str, size_t num,
-                                const char *file, int line)
-{
-    return realloc_func(str, num);
-}
-
-static void *(*realloc_ex_func) (void *, size_t, const char *file, int line)
-    = default_realloc_ex;
-
-#ifdef OPENSSL_SYS_VMS
-   static void (*free_func) (__void_ptr64) = free;
-#else
-   static void (*free_func) (void *) = free;
-#endif
-
-static void *(*malloc_locked_func) (size_t) = malloc;
-static void *default_malloc_locked_ex(size_t num, const char *file, int line)
-{
-    return malloc_locked_func(num);
-}
-
-static void *(*malloc_locked_ex_func) (size_t, const char *file, int line)
-    = default_malloc_locked_ex;
-
-#ifdef OPENSSL_SYS_VMS
-   static void (*free_locked_func) (__void_ptr64) = free;
-#else
-   static void (*free_locked_func) (void *) = free;
-#endif
-
-/* may be changed as long as 'allow_customize_debug' is set */
-/* XXX use correct function pointer types */
-#ifdef CRYPTO_MDEBUG
-/* use default functions from mem_dbg.c */
-static void (*malloc_debug_func) (void *, int, const char *, int, int)
-    = CRYPTO_dbg_malloc;
-static void (*realloc_debug_func) (void *, void *, int, const char *, int,
-                                   int)
-    = CRYPTO_dbg_realloc;
-static void (*free_debug_func) (void *, int) = CRYPTO_dbg_free;
-static void (*set_debug_options_func) (long) = CRYPTO_dbg_set_options;
-static long (*get_debug_options_func) (void) = CRYPTO_dbg_get_options;
-#else
-/*
- * applications can use CRYPTO_malloc_debug_init() to select above case at
- * run-time
- */
-static void (*malloc_debug_func) (void *, int, const char *, int, int) = NULL;
-static void (*realloc_debug_func) (void *, void *, int, const char *, int,
-                                   int)
-    = NULL;
-static void (*free_debug_func) (void *, int) = NULL;
-static void (*set_debug_options_func) (long) = NULL;
-static long (*get_debug_options_func) (void) = NULL;
-#endif
-
-int CRYPTO_set_mem_functions(void *(*m) (size_t), void *(*r) (void *, size_t),
-                             void (*f) (void *))
-{
-    if (!allow_customize)
-        return 0;
-    if ((m == 0) || (r == 0) || (f == 0))
-        return 0;
-    /* Dummy call just to ensure OPENSSL_init() gets linked in */
-    OPENSSL_init();
-    malloc_func = m;
-    malloc_ex_func = default_malloc_ex;
-    realloc_func = r;
-    realloc_ex_func = default_realloc_ex;
-    free_func = f;
-    malloc_locked_func = m;
-    malloc_locked_ex_func = default_malloc_locked_ex;
-    free_locked_func = f;
-    return 1;
-}
-
-int CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int),
-                                void *(*r) (void *, size_t, const char *,
-                                            int), void (*f) (void *))
-{
-    if (!allow_customize)
-        return 0;
-    if ((m == 0) || (r == 0) || (f == 0))
-        return 0;
-    malloc_func = 0;
-    malloc_ex_func = m;
-    realloc_func = 0;
-    realloc_ex_func = r;
-    free_func = f;
-    malloc_locked_func = 0;
-    malloc_locked_ex_func = m;
-    free_locked_func = f;
-    return 1;
-}
-
-int CRYPTO_set_locked_mem_functions(void *(*m) (size_t), void (*f) (void *))
-{
-    if (!allow_customize)
-        return 0;
-    if ((m == NULL) || (f == NULL))
-        return 0;
-    malloc_locked_func = m;
-    malloc_locked_ex_func = default_malloc_locked_ex;
-    free_locked_func = f;
-    return 1;
-}
-
-int CRYPTO_set_locked_mem_ex_functions(void *(*m) (size_t, const char *, int),
-                                       void (*f) (void *))
-{
-    if (!allow_customize)
-        return 0;
-    if ((m == NULL) || (f == NULL))
-        return 0;
-    malloc_locked_func = 0;
-    malloc_locked_ex_func = m;
-    free_func = f;
-    return 1;
-}
-
-int CRYPTO_set_mem_debug_functions(void (*m)
-                                    (void *, int, const char *, int, int),
-                                   void (*r) (void *, void *, int,
-                                              const char *, int, int),
-                                   void (*f) (void *, int), void (*so) (long),
-                                   long (*go) (void))
-{
-    if (!allow_customize_debug)
-        return 0;
-    OPENSSL_init();
-    malloc_debug_func = m;
-    realloc_debug_func = r;
-    free_debug_func = f;
-    set_debug_options_func = so;
-    get_debug_options_func = go;
-    return 1;
-}
-
-void CRYPTO_get_mem_functions(void *(**m) (size_t),
-                              void *(**r) (void *, size_t),
-                              void (**f) (void *))
-{
-    if (m != NULL)
-        *m = (malloc_ex_func == default_malloc_ex) ? malloc_func : 0;
-    if (r != NULL)
-        *r = (realloc_ex_func == default_realloc_ex) ? realloc_func : 0;
-    if (f != NULL)
-        *f = free_func;
-}
-
-void CRYPTO_get_mem_ex_functions(void *(**m) (size_t, const char *, int),
-                                 void *(**r) (void *, size_t, const char *,
-                                              int), void (**f) (void *))
-{
-    if (m != NULL)
-        *m = (malloc_ex_func != default_malloc_ex) ? malloc_ex_func : 0;
-    if (r != NULL)
-        *r = (realloc_ex_func != default_realloc_ex) ? realloc_ex_func : 0;
-    if (f != NULL)
-        *f = free_func;
-}
-
-void CRYPTO_get_locked_mem_functions(void *(**m) (size_t),
-                                     void (**f) (void *))
-{
-    if (m != NULL)
-        *m = (malloc_locked_ex_func == default_malloc_locked_ex) ?
-            malloc_locked_func : 0;
-    if (f != NULL)
-        *f = free_locked_func;
-}
-
-void CRYPTO_get_locked_mem_ex_functions(void
-                                        *(**m) (size_t, const char *, int),
-                                        void (**f) (void *))
-{
-    if (m != NULL)
-        *m = (malloc_locked_ex_func != default_malloc_locked_ex) ?
-            malloc_locked_ex_func : 0;
-    if (f != NULL)
-        *f = free_locked_func;
-}
-
-void CRYPTO_get_mem_debug_functions(void (**m)
-                                     (void *, int, const char *, int, int),
-                                    void (**r) (void *, void *, int,
-                                                const char *, int, int),
-                                    void (**f) (void *, int),
-                                    void (**so) (long), long (**go) (void))
-{
-    if (m != NULL)
-        *m = malloc_debug_func;
-    if (r != NULL)
-        *r = realloc_debug_func;
-    if (f != NULL)
-        *f = free_debug_func;
-    if (so != NULL)
-        *so = set_debug_options_func;
-    if (go != NULL)
-        *go = get_debug_options_func;
-}
-
-void *CRYPTO_malloc_locked(int num, const char *file, int line)
-{
-    void *ret = NULL;
-
-    if (num <= 0)
-        return NULL;
-
-    if (allow_customize)
-        allow_customize = 0;
-    if (malloc_debug_func != NULL) {
-        if (allow_customize_debug)
-            allow_customize_debug = 0;
-        malloc_debug_func(NULL, num, file, line, 0);
-    }
-    ret = malloc_locked_ex_func(num, file, line);
-#ifdef LEVITTE_DEBUG_MEM
-    fprintf(stderr, "LEVITTE_DEBUG_MEM:         > 0x%p (%d)\n", ret, num);
-#endif
-    if (malloc_debug_func != NULL)
-        malloc_debug_func(ret, num, file, line, 1);
-
-    return ret;
-}
-
-void CRYPTO_free_locked(void *str)
-{
-    if (free_debug_func != NULL)
-        free_debug_func(str, 0);
-#ifdef LEVITTE_DEBUG_MEM
-    fprintf(stderr, "LEVITTE_DEBUG_MEM:         < 0x%p\n", str);
-#endif
-    free_locked_func(str);
-    if (free_debug_func != NULL)
-        free_debug_func(NULL, 1);
-}
-
-void *CRYPTO_malloc(int num, const char *file, int line)
-{
-    void *ret = NULL;
-
-    if (num <= 0)
-        return NULL;
-
-    if (allow_customize)
-        allow_customize = 0;
-    if (malloc_debug_func != NULL) {
-        if (allow_customize_debug)
-            allow_customize_debug = 0;
-        malloc_debug_func(NULL, num, file, line, 0);
-    }
-    ret = malloc_ex_func(num, file, line);
-#ifdef LEVITTE_DEBUG_MEM
-    fprintf(stderr, "LEVITTE_DEBUG_MEM:         > 0x%p (%d)\n", ret, num);
-#endif
-    if (malloc_debug_func != NULL)
-        malloc_debug_func(ret, num, file, line, 1);
-
-    return ret;
-}
-
-char *CRYPTO_strdup(const char *str, const char *file, int line)
-{
-    char *ret = CRYPTO_malloc(strlen(str) + 1, file, line);
-
-    if (ret == NULL)
-        return NULL;
-
-    strcpy(ret, str);
-    return ret;
-}
-
-void *CRYPTO_realloc(void *str, int num, const char *file, int line)
-{
-    void *ret = NULL;
-
-    if (str == NULL)
-        return CRYPTO_malloc(num, file, line);
-
-    if (num <= 0)
-        return NULL;
-
-    if (realloc_debug_func != NULL)
-        realloc_debug_func(str, NULL, num, file, line, 0);
-    ret = realloc_ex_func(str, num, file, line);
-#ifdef LEVITTE_DEBUG_MEM
-    fprintf(stderr, "LEVITTE_DEBUG_MEM:         | 0x%p -> 0x%p (%d)\n", str,
-            ret, num);
-#endif
-    if (realloc_debug_func != NULL)
-        realloc_debug_func(str, ret, num, file, line, 1);
-
-    return ret;
-}
-
-void *CRYPTO_realloc_clean(void *str, int old_len, int num, const char *file,
-                           int line)
-{
-    void *ret = NULL;
-
-    if (str == NULL)
-        return CRYPTO_malloc(num, file, line);
-
-    if (num <= 0)
-        return NULL;
-
-    /*
-     * We don't support shrinking the buffer. Note the memcpy that copies
-     * |old_len| bytes to the new buffer, below.
-     */
-    if (num < old_len)
-        return NULL;
-
-    if (realloc_debug_func != NULL)
-        realloc_debug_func(str, NULL, num, file, line, 0);
-    ret = malloc_ex_func(num, file, line);
-    if (ret) {
-        memcpy(ret, str, old_len);
-        OPENSSL_cleanse(str, old_len);
-        free_func(str);
-    }
-#ifdef LEVITTE_DEBUG_MEM
-    fprintf(stderr,
-            "LEVITTE_DEBUG_MEM:         | 0x%p -> 0x%p (%d)\n",
-            str, ret, num);
-#endif
-    if (realloc_debug_func != NULL)
-        realloc_debug_func(str, ret, num, file, line, 1);
-
-    return ret;
-}
-
-void CRYPTO_free(void *str)
-{
-    if (free_debug_func != NULL)
-        free_debug_func(str, 0);
-#ifdef LEVITTE_DEBUG_MEM
-    fprintf(stderr, "LEVITTE_DEBUG_MEM:         < 0x%p\n", str);
-#endif
-    free_func(str);
-    if (free_debug_func != NULL)
-        free_debug_func(NULL, 1);
-}
-
-void *CRYPTO_remalloc(void *a, int num, const char *file, int line)
-{
-    if (a != NULL)
-        OPENSSL_free(a);
-    a = (char *)OPENSSL_malloc(num);
-    return (a);
-}
-
-void CRYPTO_set_mem_debug_options(long bits)
-{
-    if (set_debug_options_func != NULL)
-        set_debug_options_func(bits);
-}
-
-long CRYPTO_get_mem_debug_options(void)
-{
-    if (get_debug_options_func != NULL)
-        return get_debug_options_func();
-    return 0;
-}
diff --git a/thirdparty/openssl/crypto/mem_clr.c b/thirdparty/openssl/crypto/mem_clr.c
deleted file mode 100644
index 579e9d1825..0000000000
--- a/thirdparty/openssl/crypto/mem_clr.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/* crypto/mem_clr.c */
-/*
- * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
- * 2002.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-#include <openssl/crypto.h>
-
-/*
- * Pointer to memset is volatile so that compiler must de-reference
- * the pointer and can't assume that it points to any function in
- * particular (such as memset, which it then might further "optimize")
- */
-typedef void *(*memset_t)(void *,int,size_t);
-
-static volatile memset_t memset_func = memset;
-
-void OPENSSL_cleanse(void *ptr, size_t len)
-{
-    memset_func(ptr, 0, len);
-}
diff --git a/thirdparty/openssl/crypto/mem_dbg.c b/thirdparty/openssl/crypto/mem_dbg.c
deleted file mode 100644
index 8525ded78c..0000000000
--- a/thirdparty/openssl/crypto/mem_dbg.c
+++ /dev/null
@@ -1,830 +0,0 @@
-/* crypto/mem_dbg.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <time.h>
-#include "cryptlib.h"
-#include <openssl/crypto.h>
-#include <openssl/buffer.h>
-#include <openssl/bio.h>
-#include <openssl/lhash.h>
-
-static int mh_mode = CRYPTO_MEM_CHECK_OFF;
-/*
- * The state changes to CRYPTO_MEM_CHECK_ON | CRYPTO_MEM_CHECK_ENABLE when
- * the application asks for it (usually after library initialisation for
- * which no book-keeping is desired). State CRYPTO_MEM_CHECK_ON exists only
- * temporarily when the library thinks that certain allocations should not be
- * checked (e.g. the data structures used for memory checking).  It is not
- * suitable as an initial state: the library will unexpectedly enable memory
- * checking when it executes one of those sections that want to disable
- * checking temporarily. State CRYPTO_MEM_CHECK_ENABLE without ..._ON makes
- * no sense whatsoever.
- */
-
-static unsigned long order = 0; /* number of memory requests */
-
-DECLARE_LHASH_OF(MEM);
-static LHASH_OF(MEM) *mh = NULL; /* hash-table of memory requests (address as
-                                  * key); access requires MALLOC2 lock */
-
-typedef struct app_mem_info_st
-/*-
- * For application-defined information (static C-string `info')
- * to be displayed in memory leak list.
- * Each thread has its own stack.  For applications, there is
- *   CRYPTO_push_info("...")     to push an entry,
- *   CRYPTO_pop_info()           to pop an entry,
- *   CRYPTO_remove_all_info()    to pop all entries.
- */
-{
-    CRYPTO_THREADID threadid;
-    const char *file;
-    int line;
-    const char *info;
-    struct app_mem_info_st *next; /* tail of thread's stack */
-    int references;
-} APP_INFO;
-
-static void app_info_free(APP_INFO *);
-
-DECLARE_LHASH_OF(APP_INFO);
-static LHASH_OF(APP_INFO) *amih = NULL; /* hash-table with those
-                                         * app_mem_info_st's that are at the
-                                         * top of their thread's stack (with
-                                         * `thread' as key); access requires
-                                         * MALLOC2 lock */
-
-typedef struct mem_st
-/* memory-block description */
-{
-    void *addr;
-    int num;
-    const char *file;
-    int line;
-    CRYPTO_THREADID threadid;
-    unsigned long order;
-    time_t time;
-    APP_INFO *app_info;
-} MEM;
-
-static long options =           /* extra information to be recorded */
-#if defined(CRYPTO_MDEBUG_TIME) || defined(CRYPTO_MDEBUG_ALL)
-    V_CRYPTO_MDEBUG_TIME |
-#endif
-#if defined(CRYPTO_MDEBUG_THREAD) || defined(CRYPTO_MDEBUG_ALL)
-    V_CRYPTO_MDEBUG_THREAD |
-#endif
-    0;
-
-static unsigned int num_disable = 0; /* num_disable > 0 iff mh_mode ==
-                                      * CRYPTO_MEM_CHECK_ON (w/o ..._ENABLE) */
-
-/*
- * Valid iff num_disable > 0.  CRYPTO_LOCK_MALLOC2 is locked exactly in this
- * case (by the thread named in disabling_thread).
- */
-static CRYPTO_THREADID disabling_threadid;
-
-static void app_info_free(APP_INFO *inf)
-{
-    if (--(inf->references) <= 0) {
-        if (inf->next != NULL) {
-            app_info_free(inf->next);
-        }
-        OPENSSL_free(inf);
-    }
-}
-
-int CRYPTO_mem_ctrl(int mode)
-{
-    int ret = mh_mode;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
-    switch (mode) {
-        /*
-         * for applications (not to be called while multiple threads use the
-         * library):
-         */
-    case CRYPTO_MEM_CHECK_ON:  /* aka MemCheck_start() */
-        mh_mode = CRYPTO_MEM_CHECK_ON | CRYPTO_MEM_CHECK_ENABLE;
-        num_disable = 0;
-        break;
-    case CRYPTO_MEM_CHECK_OFF: /* aka MemCheck_stop() */
-        mh_mode = 0;
-        num_disable = 0;        /* should be true *before* MemCheck_stop is
-                                 * used, or there'll be a lot of confusion */
-        break;
-
-        /* switch off temporarily (for library-internal use): */
-    case CRYPTO_MEM_CHECK_DISABLE: /* aka MemCheck_off() */
-        if (mh_mode & CRYPTO_MEM_CHECK_ON) {
-            CRYPTO_THREADID cur;
-            CRYPTO_THREADID_current(&cur);
-            /* see if we don't have the MALLOC2 lock already */
-            if (!num_disable
-                || CRYPTO_THREADID_cmp(&disabling_threadid, &cur)) {
-                /*
-                 * Long-time lock CRYPTO_LOCK_MALLOC2 must not be claimed
-                 * while we're holding CRYPTO_LOCK_MALLOC, or we'll deadlock
-                 * if somebody else holds CRYPTO_LOCK_MALLOC2 (and cannot
-                 * release it because we block entry to this function). Give
-                 * them a chance, first, and then claim the locks in
-                 * appropriate order (long-time lock first).
-                 */
-                CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
-                /*
-                 * Note that after we have waited for CRYPTO_LOCK_MALLOC2 and
-                 * CRYPTO_LOCK_MALLOC, we'll still be in the right "case" and
-                 * "if" branch because MemCheck_start and MemCheck_stop may
-                 * never be used while there are multiple OpenSSL threads.
-                 */
-                CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2);
-                CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
-                mh_mode &= ~CRYPTO_MEM_CHECK_ENABLE;
-                CRYPTO_THREADID_cpy(&disabling_threadid, &cur);
-            }
-            num_disable++;
-        }
-        break;
-    case CRYPTO_MEM_CHECK_ENABLE: /* aka MemCheck_on() */
-        if (mh_mode & CRYPTO_MEM_CHECK_ON) {
-            if (num_disable) {  /* always true, or something is going wrong */
-                num_disable--;
-                if (num_disable == 0) {
-                    mh_mode |= CRYPTO_MEM_CHECK_ENABLE;
-                    CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2);
-                }
-            }
-        }
-        break;
-
-    default:
-        break;
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
-    return (ret);
-}
-
-int CRYPTO_is_mem_check_on(void)
-{
-    int ret = 0;
-
-    if (mh_mode & CRYPTO_MEM_CHECK_ON) {
-        CRYPTO_THREADID cur;
-        CRYPTO_THREADID_current(&cur);
-        CRYPTO_r_lock(CRYPTO_LOCK_MALLOC);
-
-        ret = (mh_mode & CRYPTO_MEM_CHECK_ENABLE)
-            || CRYPTO_THREADID_cmp(&disabling_threadid, &cur);
-
-        CRYPTO_r_unlock(CRYPTO_LOCK_MALLOC);
-    }
-    return (ret);
-}
-
-void CRYPTO_dbg_set_options(long bits)
-{
-    options = bits;
-}
-
-long CRYPTO_dbg_get_options(void)
-{
-    return options;
-}
-
-static int mem_cmp(const MEM *a, const MEM *b)
-{
-#ifdef _WIN64
-    const char *ap = (const char *)a->addr, *bp = (const char *)b->addr;
-    if (ap == bp)
-        return 0;
-    else if (ap > bp)
-        return 1;
-    else
-        return -1;
-#else
-    return (const char *)a->addr - (const char *)b->addr;
-#endif
-}
-
-static IMPLEMENT_LHASH_COMP_FN(mem, MEM)
-
-static unsigned long mem_hash(const MEM *a)
-{
-    unsigned long ret;
-
-    ret = (unsigned long)a->addr;
-
-    ret = ret * 17851 + (ret >> 14) * 7 + (ret >> 4) * 251;
-    return (ret);
-}
-
-static IMPLEMENT_LHASH_HASH_FN(mem, MEM)
-
-/* static int app_info_cmp(APP_INFO *a, APP_INFO *b) */
-static int app_info_cmp(const void *a_void, const void *b_void)
-{
-    return CRYPTO_THREADID_cmp(&((const APP_INFO *)a_void)->threadid,
-                               &((const APP_INFO *)b_void)->threadid);
-}
-
-static IMPLEMENT_LHASH_COMP_FN(app_info, APP_INFO)
-
-static unsigned long app_info_hash(const APP_INFO *a)
-{
-    unsigned long ret;
-
-    ret = CRYPTO_THREADID_hash(&a->threadid);
-    /* This is left in as a "who am I to question legacy?" measure */
-    ret = ret * 17851 + (ret >> 14) * 7 + (ret >> 4) * 251;
-    return (ret);
-}
-
-static IMPLEMENT_LHASH_HASH_FN(app_info, APP_INFO)
-
-static APP_INFO *pop_info(void)
-{
-    APP_INFO tmp;
-    APP_INFO *ret = NULL;
-
-    if (amih != NULL) {
-        CRYPTO_THREADID_current(&tmp.threadid);
-        if ((ret = lh_APP_INFO_delete(amih, &tmp)) != NULL) {
-            APP_INFO *next = ret->next;
-
-            if (next != NULL) {
-                next->references++;
-                (void)lh_APP_INFO_insert(amih, next);
-            }
-#ifdef LEVITTE_DEBUG_MEM
-            if (CRYPTO_THREADID_cmp(&ret->threadid, &tmp.threadid)) {
-                fprintf(stderr,
-                        "pop_info(): deleted info has other thread ID (%lu) than the current thread (%lu)!!!!\n",
-                        CRYPTO_THREADID_hash(&ret->threadid),
-                        CRYPTO_THREADID_hash(&tmp.threadid));
-                abort();
-            }
-#endif
-            if (--(ret->references) <= 0) {
-                ret->next = NULL;
-                if (next != NULL)
-                    next->references--;
-                OPENSSL_free(ret);
-            }
-        }
-    }
-    return (ret);
-}
-
-int CRYPTO_push_info_(const char *info, const char *file, int line)
-{
-    APP_INFO *ami, *amim;
-    int ret = 0;
-
-    if (is_MemCheck_on()) {
-        MemCheck_off();         /* obtain MALLOC2 lock */
-
-        if ((ami = (APP_INFO *)OPENSSL_malloc(sizeof(APP_INFO))) == NULL) {
-            ret = 0;
-            goto err;
-        }
-        if (amih == NULL) {
-            if ((amih = lh_APP_INFO_new()) == NULL) {
-                OPENSSL_free(ami);
-                ret = 0;
-                goto err;
-            }
-        }
-
-        CRYPTO_THREADID_current(&ami->threadid);
-        ami->file = file;
-        ami->line = line;
-        ami->info = info;
-        ami->references = 1;
-        ami->next = NULL;
-
-        if ((amim = lh_APP_INFO_insert(amih, ami)) != NULL) {
-#ifdef LEVITTE_DEBUG_MEM
-            if (CRYPTO_THREADID_cmp(&ami->threadid, &amim->threadid)) {
-                fprintf(stderr,
-                        "CRYPTO_push_info(): previous info has other thread ID (%lu) than the current thread (%lu)!!!!\n",
-                        CRYPTO_THREADID_hash(&amim->threadid),
-                        CRYPTO_THREADID_hash(&ami->threadid));
-                abort();
-            }
-#endif
-            ami->next = amim;
-        }
- err:
-        MemCheck_on();          /* release MALLOC2 lock */
-    }
-
-    return (ret);
-}
-
-int CRYPTO_pop_info(void)
-{
-    int ret = 0;
-
-    if (is_MemCheck_on()) {     /* _must_ be true, or something went severely
-                                 * wrong */
-        MemCheck_off();         /* obtain MALLOC2 lock */
-
-        ret = (pop_info() != NULL);
-
-        MemCheck_on();          /* release MALLOC2 lock */
-    }
-    return (ret);
-}
-
-int CRYPTO_remove_all_info(void)
-{
-    int ret = 0;
-
-    if (is_MemCheck_on()) {     /* _must_ be true */
-        MemCheck_off();         /* obtain MALLOC2 lock */
-
-        while (pop_info() != NULL)
-            ret++;
-
-        MemCheck_on();          /* release MALLOC2 lock */
-    }
-    return (ret);
-}
-
-static unsigned long break_order_num = 0;
-void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line,
-                       int before_p)
-{
-    MEM *m, *mm;
-    APP_INFO tmp, *amim;
-
-    switch (before_p & 127) {
-    case 0:
-        break;
-    case 1:
-        if (addr == NULL)
-            break;
-
-        if (is_MemCheck_on()) {
-            MemCheck_off();     /* make sure we hold MALLOC2 lock */
-            if ((m = (MEM *)OPENSSL_malloc(sizeof(MEM))) == NULL) {
-                OPENSSL_free(addr);
-                MemCheck_on();  /* release MALLOC2 lock if num_disabled drops
-                                 * to 0 */
-                return;
-            }
-            if (mh == NULL) {
-                if ((mh = lh_MEM_new()) == NULL) {
-                    OPENSSL_free(addr);
-                    OPENSSL_free(m);
-                    addr = NULL;
-                    goto err;
-                }
-            }
-
-            m->addr = addr;
-            m->file = file;
-            m->line = line;
-            m->num = num;
-            if (options & V_CRYPTO_MDEBUG_THREAD)
-                CRYPTO_THREADID_current(&m->threadid);
-            else
-                memset(&m->threadid, 0, sizeof(m->threadid));
-
-            if (order == break_order_num) {
-                /* BREAK HERE */
-                m->order = order;
-            }
-            m->order = order++;
-#ifdef LEVITTE_DEBUG_MEM
-            fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5ld] %c 0x%p (%d)\n",
-                    m->order, (before_p & 128) ? '*' : '+', m->addr, m->num);
-#endif
-            if (options & V_CRYPTO_MDEBUG_TIME)
-                m->time = time(NULL);
-            else
-                m->time = 0;
-
-            CRYPTO_THREADID_current(&tmp.threadid);
-            m->app_info = NULL;
-            if (amih != NULL
-                && (amim = lh_APP_INFO_retrieve(amih, &tmp)) != NULL) {
-                m->app_info = amim;
-                amim->references++;
-            }
-
-            if ((mm = lh_MEM_insert(mh, m)) != NULL) {
-                /* Not good, but don't sweat it */
-                if (mm->app_info != NULL) {
-                    mm->app_info->references--;
-                }
-                OPENSSL_free(mm);
-            }
- err:
-            MemCheck_on();      /* release MALLOC2 lock if num_disabled drops
-                                 * to 0 */
-        }
-        break;
-    }
-    return;
-}
-
-void CRYPTO_dbg_free(void *addr, int before_p)
-{
-    MEM m, *mp;
-
-    switch (before_p) {
-    case 0:
-        if (addr == NULL)
-            break;
-
-        if (is_MemCheck_on() && (mh != NULL)) {
-            MemCheck_off();     /* make sure we hold MALLOC2 lock */
-
-            m.addr = addr;
-            mp = lh_MEM_delete(mh, &m);
-            if (mp != NULL) {
-#ifdef LEVITTE_DEBUG_MEM
-                fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5ld] - 0x%p (%d)\n",
-                        mp->order, mp->addr, mp->num);
-#endif
-                if (mp->app_info != NULL)
-                    app_info_free(mp->app_info);
-                OPENSSL_free(mp);
-            }
-
-            MemCheck_on();      /* release MALLOC2 lock if num_disabled drops
-                                 * to 0 */
-        }
-        break;
-    case 1:
-        break;
-    }
-}
-
-void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num,
-                        const char *file, int line, int before_p)
-{
-    MEM m, *mp;
-
-#ifdef LEVITTE_DEBUG_MEM
-    fprintf(stderr,
-            "LEVITTE_DEBUG_MEM: --> CRYPTO_dbg_malloc(addr1 = %p, addr2 = %p, num = %d, file = \"%s\", line = %d, before_p = %d)\n",
-            addr1, addr2, num, file, line, before_p);
-#endif
-
-    switch (before_p) {
-    case 0:
-        break;
-    case 1:
-        if (addr2 == NULL)
-            break;
-
-        if (addr1 == NULL) {
-            CRYPTO_dbg_malloc(addr2, num, file, line, 128 | before_p);
-            break;
-        }
-
-        if (is_MemCheck_on()) {
-            MemCheck_off();     /* make sure we hold MALLOC2 lock */
-
-            m.addr = addr1;
-            mp = lh_MEM_delete(mh, &m);
-            if (mp != NULL) {
-#ifdef LEVITTE_DEBUG_MEM
-                fprintf(stderr,
-                        "LEVITTE_DEBUG_MEM: [%5ld] * 0x%p (%d) -> 0x%p (%d)\n",
-                        mp->order, mp->addr, mp->num, addr2, num);
-#endif
-                mp->addr = addr2;
-                mp->num = num;
-                (void)lh_MEM_insert(mh, mp);
-            }
-
-            MemCheck_on();      /* release MALLOC2 lock if num_disabled drops
-                                 * to 0 */
-        }
-        break;
-    }
-    return;
-}
-
-typedef struct mem_leak_st {
-    BIO *bio;
-    int chunks;
-    long bytes;
-} MEM_LEAK;
-
-static void print_leak_doall_arg(const MEM *m, MEM_LEAK *l)
-{
-    char buf[1024];
-    char *bufp = buf;
-    APP_INFO *amip;
-    int ami_cnt;
-    struct tm *lcl = NULL;
-    CRYPTO_THREADID ti;
-
-#define BUF_REMAIN (sizeof buf - (size_t)(bufp - buf))
-
-    if (m->addr == (char *)l->bio)
-        return;
-
-    if (options & V_CRYPTO_MDEBUG_TIME) {
-        lcl = localtime(&m->time);
-
-        BIO_snprintf(bufp, BUF_REMAIN, "[%02d:%02d:%02d] ",
-                     lcl->tm_hour, lcl->tm_min, lcl->tm_sec);
-        bufp += strlen(bufp);
-    }
-
-    BIO_snprintf(bufp, BUF_REMAIN, "%5lu file=%s, line=%d, ",
-                 m->order, m->file, m->line);
-    bufp += strlen(bufp);
-
-    if (options & V_CRYPTO_MDEBUG_THREAD) {
-        BIO_snprintf(bufp, BUF_REMAIN, "thread=%lu, ",
-                     CRYPTO_THREADID_hash(&m->threadid));
-        bufp += strlen(bufp);
-    }
-
-    BIO_snprintf(bufp, BUF_REMAIN, "number=%d, address=%08lX\n",
-                 m->num, (unsigned long)m->addr);
-    bufp += strlen(bufp);
-
-    BIO_puts(l->bio, buf);
-
-    l->chunks++;
-    l->bytes += m->num;
-
-    amip = m->app_info;
-    ami_cnt = 0;
-    if (!amip)
-        return;
-    CRYPTO_THREADID_cpy(&ti, &amip->threadid);
-
-    do {
-        int buf_len;
-        int info_len;
-
-        ami_cnt++;
-        memset(buf, '>', ami_cnt);
-        BIO_snprintf(buf + ami_cnt, sizeof buf - ami_cnt,
-                     " thread=%lu, file=%s, line=%d, info=\"",
-                     CRYPTO_THREADID_hash(&amip->threadid), amip->file,
-                     amip->line);
-        buf_len = strlen(buf);
-        info_len = strlen(amip->info);
-        if (128 - buf_len - 3 < info_len) {
-            memcpy(buf + buf_len, amip->info, 128 - buf_len - 3);
-            buf_len = 128 - 3;
-        } else {
-            BUF_strlcpy(buf + buf_len, amip->info, sizeof buf - buf_len);
-            buf_len = strlen(buf);
-        }
-        BIO_snprintf(buf + buf_len, sizeof buf - buf_len, "\"\n");
-
-        BIO_puts(l->bio, buf);
-
-        amip = amip->next;
-    }
-    while (amip && !CRYPTO_THREADID_cmp(&amip->threadid, &ti));
-
-#ifdef LEVITTE_DEBUG_MEM
-    if (amip) {
-        fprintf(stderr, "Thread switch detected in backtrace!!!!\n");
-        abort();
-    }
-#endif
-}
-
-static IMPLEMENT_LHASH_DOALL_ARG_FN(print_leak, const MEM, MEM_LEAK)
-
-void CRYPTO_mem_leaks(BIO *b)
-{
-    MEM_LEAK ml;
-
-    if (mh == NULL && amih == NULL)
-        return;
-
-    MemCheck_off();             /* obtain MALLOC2 lock */
-
-    ml.bio = b;
-    ml.bytes = 0;
-    ml.chunks = 0;
-    if (mh != NULL)
-        lh_MEM_doall_arg(mh, LHASH_DOALL_ARG_FN(print_leak), MEM_LEAK, &ml);
-    if (ml.chunks != 0) {
-        BIO_printf(b, "%ld bytes leaked in %d chunks\n", ml.bytes, ml.chunks);
-#ifdef CRYPTO_MDEBUG_ABORT
-        abort();
-#endif
-    } else {
-        /*
-         * Make sure that, if we found no leaks, memory-leak debugging itself
-         * does not introduce memory leaks (which might irritate external
-         * debugging tools). (When someone enables leak checking, but does not
-         * call this function, we declare it to be their fault.) XXX This
-         * should be in CRYPTO_mem_leaks_cb, and CRYPTO_mem_leaks should be
-         * implemented by using CRYPTO_mem_leaks_cb. (Also there should be a
-         * variant of lh_doall_arg that takes a function pointer instead of a
-         * void *; this would obviate the ugly and illegal void_fn_to_char
-         * kludge in CRYPTO_mem_leaks_cb. Otherwise the code police will come
-         * and get us.)
-         */
-        int old_mh_mode;
-
-        CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
-
-        /*
-         * avoid deadlock when lh_free() uses CRYPTO_dbg_free(), which uses
-         * CRYPTO_is_mem_check_on
-         */
-        old_mh_mode = mh_mode;
-        mh_mode = CRYPTO_MEM_CHECK_OFF;
-
-        if (mh != NULL) {
-            lh_MEM_free(mh);
-            mh = NULL;
-        }
-        if (amih != NULL) {
-            if (lh_APP_INFO_num_items(amih) == 0) {
-                lh_APP_INFO_free(amih);
-                amih = NULL;
-            }
-        }
-
-        mh_mode = old_mh_mode;
-        CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
-    }
-    MemCheck_on();              /* release MALLOC2 lock */
-}
-
-#ifndef OPENSSL_NO_FP_API
-void CRYPTO_mem_leaks_fp(FILE *fp)
-{
-    BIO *b;
-
-    if (mh == NULL)
-        return;
-    /*
-     * Need to turn off memory checking when allocated BIOs ... especially as
-     * we're creating them at a time when we're trying to check we've not
-     * left anything un-free()'d!!
-     */
-    MemCheck_off();
-    b = BIO_new(BIO_s_file());
-    MemCheck_on();
-    if (!b)
-        return;
-    BIO_set_fp(b, fp, BIO_NOCLOSE);
-    CRYPTO_mem_leaks(b);
-    BIO_free(b);
-}
-#endif
-
-/*
- * FIXME: We really don't allow much to the callback.  For example, it has no
- * chance of reaching the info stack for the item it processes.  Should it
- * really be this way? -- Richard Levitte
- */
-/*
- * NB: The prototypes have been typedef'd to CRYPTO_MEM_LEAK_CB inside
- * crypto.h If this code is restructured, remove the callback type if it is
- * no longer needed. -- Geoff Thorpe
- */
-
-/*
- * Can't pass CRYPTO_MEM_LEAK_CB directly to lh_MEM_doall_arg because it is a
- * function pointer and conversion to void * is prohibited. Instead pass its
- * address
- */
-
-typedef CRYPTO_MEM_LEAK_CB *PCRYPTO_MEM_LEAK_CB;
-
-static void cb_leak_doall_arg(const MEM *m, PCRYPTO_MEM_LEAK_CB *cb)
-{
-    (*cb) (m->order, m->file, m->line, m->num, m->addr);
-}
-
-static IMPLEMENT_LHASH_DOALL_ARG_FN(cb_leak, const MEM, PCRYPTO_MEM_LEAK_CB)
-
-void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb)
-{
-    if (mh == NULL)
-        return;
-    CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2);
-    lh_MEM_doall_arg(mh, LHASH_DOALL_ARG_FN(cb_leak), PCRYPTO_MEM_LEAK_CB,
-                     &cb);
-    CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2);
-}
diff --git a/thirdparty/openssl/crypto/modes/cbc128.c b/thirdparty/openssl/crypto/modes/cbc128.c
deleted file mode 100644
index c13caea535..0000000000
--- a/thirdparty/openssl/crypto/modes/cbc128.c
+++ /dev/null
@@ -1,207 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/crypto.h>
-#include "modes_lcl.h"
-#include <string.h>
-
-#ifndef MODES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-#if !defined(STRICT_ALIGNMENT) && !defined(PEDANTIC)
-# define STRICT_ALIGNMENT 0
-#endif
-
-void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
-                           size_t len, const void *key,
-                           unsigned char ivec[16], block128_f block)
-{
-    size_t n;
-    const unsigned char *iv = ivec;
-
-    assert(in && out && key && ivec);
-
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-    if (STRICT_ALIGNMENT &&
-        ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(size_t) != 0) {
-        while (len >= 16) {
-            for (n = 0; n < 16; ++n)
-                out[n] = in[n] ^ iv[n];
-            (*block) (out, out, key);
-            iv = out;
-            len -= 16;
-            in += 16;
-            out += 16;
-        }
-    } else {
-        while (len >= 16) {
-            for (n = 0; n < 16; n += sizeof(size_t))
-                *(size_t *)(out + n) =
-                    *(size_t *)(in + n) ^ *(size_t *)(iv + n);
-            (*block) (out, out, key);
-            iv = out;
-            len -= 16;
-            in += 16;
-            out += 16;
-        }
-    }
-#endif
-    while (len) {
-        for (n = 0; n < 16 && n < len; ++n)
-            out[n] = in[n] ^ iv[n];
-        for (; n < 16; ++n)
-            out[n] = iv[n];
-        (*block) (out, out, key);
-        iv = out;
-        if (len <= 16)
-            break;
-        len -= 16;
-        in += 16;
-        out += 16;
-    }
-    memcpy(ivec, iv, 16);
-}
-
-void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
-                           size_t len, const void *key,
-                           unsigned char ivec[16], block128_f block)
-{
-    size_t n;
-    union {
-        size_t t[16 / sizeof(size_t)];
-        unsigned char c[16];
-    } tmp;
-
-    assert(in && out && key && ivec);
-
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-    if (in != out) {
-        const unsigned char *iv = ivec;
-
-        if (STRICT_ALIGNMENT &&
-            ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(size_t) != 0) {
-            while (len >= 16) {
-                (*block) (in, out, key);
-                for (n = 0; n < 16; ++n)
-                    out[n] ^= iv[n];
-                iv = in;
-                len -= 16;
-                in += 16;
-                out += 16;
-            }
-        } else if (16 % sizeof(size_t) == 0) { /* always true */
-            while (len >= 16) {
-                size_t *out_t = (size_t *)out, *iv_t = (size_t *)iv;
-
-                (*block) (in, out, key);
-                for (n = 0; n < 16 / sizeof(size_t); n++)
-                    out_t[n] ^= iv_t[n];
-                iv = in;
-                len -= 16;
-                in += 16;
-                out += 16;
-            }
-        }
-        memcpy(ivec, iv, 16);
-    } else {
-        if (STRICT_ALIGNMENT &&
-            ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(size_t) != 0) {
-            unsigned char c;
-            while (len >= 16) {
-                (*block) (in, tmp.c, key);
-                for (n = 0; n < 16; ++n) {
-                    c = in[n];
-                    out[n] = tmp.c[n] ^ ivec[n];
-                    ivec[n] = c;
-                }
-                len -= 16;
-                in += 16;
-                out += 16;
-            }
-        } else if (16 % sizeof(size_t) == 0) { /* always true */
-            while (len >= 16) {
-                size_t c, *out_t = (size_t *)out, *ivec_t = (size_t *)ivec;
-                const size_t *in_t = (const size_t *)in;
-
-                (*block) (in, tmp.c, key);
-                for (n = 0; n < 16 / sizeof(size_t); n++) {
-                    c = in_t[n];
-                    out_t[n] = tmp.t[n] ^ ivec_t[n];
-                    ivec_t[n] = c;
-                }
-                len -= 16;
-                in += 16;
-                out += 16;
-            }
-        }
-    }
-#endif
-    while (len) {
-        unsigned char c;
-        (*block) (in, tmp.c, key);
-        for (n = 0; n < 16 && n < len; ++n) {
-            c = in[n];
-            out[n] = tmp.c[n] ^ ivec[n];
-            ivec[n] = c;
-        }
-        if (len <= 16) {
-            for (; n < 16; ++n)
-                ivec[n] = in[n];
-            break;
-        }
-        len -= 16;
-        in += 16;
-        out += 16;
-    }
-}
diff --git a/thirdparty/openssl/crypto/modes/ccm128.c b/thirdparty/openssl/crypto/modes/ccm128.c
deleted file mode 100644
index c1ded0f914..0000000000
--- a/thirdparty/openssl/crypto/modes/ccm128.c
+++ /dev/null
@@ -1,479 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/crypto.h>
-#include "modes_lcl.h"
-#include <string.h>
-
-#ifndef MODES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-/*
- * First you setup M and L parameters and pass the key schedule. This is
- * called once per session setup...
- */
-void CRYPTO_ccm128_init(CCM128_CONTEXT *ctx,
-                        unsigned int M, unsigned int L, void *key,
-                        block128_f block)
-{
-    memset(ctx->nonce.c, 0, sizeof(ctx->nonce.c));
-    ctx->nonce.c[0] = ((u8)(L - 1) & 7) | (u8)(((M - 2) / 2) & 7) << 3;
-    ctx->blocks = 0;
-    ctx->block = block;
-    ctx->key = key;
-}
-
-/* !!! Following interfaces are to be called *once* per packet !!! */
-
-/* Then you setup per-message nonce and pass the length of the message */
-int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx,
-                        const unsigned char *nonce, size_t nlen, size_t mlen)
-{
-    unsigned int L = ctx->nonce.c[0] & 7; /* the L parameter */
-
-    if (nlen < (14 - L))
-        return -1;              /* nonce is too short */
-
-    if (sizeof(mlen) == 8 && L >= 3) {
-        ctx->nonce.c[8] = (u8)(mlen >> (56 % (sizeof(mlen) * 8)));
-        ctx->nonce.c[9] = (u8)(mlen >> (48 % (sizeof(mlen) * 8)));
-        ctx->nonce.c[10] = (u8)(mlen >> (40 % (sizeof(mlen) * 8)));
-        ctx->nonce.c[11] = (u8)(mlen >> (32 % (sizeof(mlen) * 8)));
-    } else
-        ctx->nonce.u[1] = 0;
-
-    ctx->nonce.c[12] = (u8)(mlen >> 24);
-    ctx->nonce.c[13] = (u8)(mlen >> 16);
-    ctx->nonce.c[14] = (u8)(mlen >> 8);
-    ctx->nonce.c[15] = (u8)mlen;
-
-    ctx->nonce.c[0] &= ~0x40;   /* clear Adata flag */
-    memcpy(&ctx->nonce.c[1], nonce, 14 - L);
-
-    return 0;
-}
-
-/* Then you pass additional authentication data, this is optional */
-void CRYPTO_ccm128_aad(CCM128_CONTEXT *ctx,
-                       const unsigned char *aad, size_t alen)
-{
-    unsigned int i;
-    block128_f block = ctx->block;
-
-    if (alen == 0)
-        return;
-
-    ctx->nonce.c[0] |= 0x40;    /* set Adata flag */
-    (*block) (ctx->nonce.c, ctx->cmac.c, ctx->key), ctx->blocks++;
-
-    if (alen < (0x10000 - 0x100)) {
-        ctx->cmac.c[0] ^= (u8)(alen >> 8);
-        ctx->cmac.c[1] ^= (u8)alen;
-        i = 2;
-    } else if (sizeof(alen) == 8
-               && alen >= (size_t)1 << (32 % (sizeof(alen) * 8))) {
-        ctx->cmac.c[0] ^= 0xFF;
-        ctx->cmac.c[1] ^= 0xFF;
-        ctx->cmac.c[2] ^= (u8)(alen >> (56 % (sizeof(alen) * 8)));
-        ctx->cmac.c[3] ^= (u8)(alen >> (48 % (sizeof(alen) * 8)));
-        ctx->cmac.c[4] ^= (u8)(alen >> (40 % (sizeof(alen) * 8)));
-        ctx->cmac.c[5] ^= (u8)(alen >> (32 % (sizeof(alen) * 8)));
-        ctx->cmac.c[6] ^= (u8)(alen >> 24);
-        ctx->cmac.c[7] ^= (u8)(alen >> 16);
-        ctx->cmac.c[8] ^= (u8)(alen >> 8);
-        ctx->cmac.c[9] ^= (u8)alen;
-        i = 10;
-    } else {
-        ctx->cmac.c[0] ^= 0xFF;
-        ctx->cmac.c[1] ^= 0xFE;
-        ctx->cmac.c[2] ^= (u8)(alen >> 24);
-        ctx->cmac.c[3] ^= (u8)(alen >> 16);
-        ctx->cmac.c[4] ^= (u8)(alen >> 8);
-        ctx->cmac.c[5] ^= (u8)alen;
-        i = 6;
-    }
-
-    do {
-        for (; i < 16 && alen; ++i, ++aad, --alen)
-            ctx->cmac.c[i] ^= *aad;
-        (*block) (ctx->cmac.c, ctx->cmac.c, ctx->key), ctx->blocks++;
-        i = 0;
-    } while (alen);
-}
-
-/* Finally you encrypt or decrypt the message */
-
-/*
- * counter part of nonce may not be larger than L*8 bits, L is not larger
- * than 8, therefore 64-bit counter...
- */
-static void ctr64_inc(unsigned char *counter)
-{
-    unsigned int n = 8;
-    u8 c;
-
-    counter += 8;
-    do {
-        --n;
-        c = counter[n];
-        ++c;
-        counter[n] = c;
-        if (c)
-            return;
-    } while (n);
-}
-
-int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx,
-                          const unsigned char *inp, unsigned char *out,
-                          size_t len)
-{
-    size_t n;
-    unsigned int i, L;
-    unsigned char flags0 = ctx->nonce.c[0];
-    block128_f block = ctx->block;
-    void *key = ctx->key;
-    union {
-        u64 u[2];
-        u8 c[16];
-    } scratch;
-
-    if (!(flags0 & 0x40))
-        (*block) (ctx->nonce.c, ctx->cmac.c, key), ctx->blocks++;
-
-    ctx->nonce.c[0] = L = flags0 & 7;
-    for (n = 0, i = 15 - L; i < 15; ++i) {
-        n |= ctx->nonce.c[i];
-        ctx->nonce.c[i] = 0;
-        n <<= 8;
-    }
-    n |= ctx->nonce.c[15];      /* reconstructed length */
-    ctx->nonce.c[15] = 1;
-
-    if (n != len)
-        return -1;              /* length mismatch */
-
-    ctx->blocks += ((len + 15) >> 3) | 1;
-    if (ctx->blocks > (U64(1) << 61))
-        return -2;              /* too much data */
-
-    while (len >= 16) {
-#if defined(STRICT_ALIGNMENT)
-        union {
-            u64 u[2];
-            u8 c[16];
-        } temp;
-
-        memcpy(temp.c, inp, 16);
-        ctx->cmac.u[0] ^= temp.u[0];
-        ctx->cmac.u[1] ^= temp.u[1];
-#else
-        ctx->cmac.u[0] ^= ((u64 *)inp)[0];
-        ctx->cmac.u[1] ^= ((u64 *)inp)[1];
-#endif
-        (*block) (ctx->cmac.c, ctx->cmac.c, key);
-        (*block) (ctx->nonce.c, scratch.c, key);
-        ctr64_inc(ctx->nonce.c);
-#if defined(STRICT_ALIGNMENT)
-        temp.u[0] ^= scratch.u[0];
-        temp.u[1] ^= scratch.u[1];
-        memcpy(out, temp.c, 16);
-#else
-        ((u64 *)out)[0] = scratch.u[0] ^ ((u64 *)inp)[0];
-        ((u64 *)out)[1] = scratch.u[1] ^ ((u64 *)inp)[1];
-#endif
-        inp += 16;
-        out += 16;
-        len -= 16;
-    }
-
-    if (len) {
-        for (i = 0; i < len; ++i)
-            ctx->cmac.c[i] ^= inp[i];
-        (*block) (ctx->cmac.c, ctx->cmac.c, key);
-        (*block) (ctx->nonce.c, scratch.c, key);
-        for (i = 0; i < len; ++i)
-            out[i] = scratch.c[i] ^ inp[i];
-    }
-
-    for (i = 15 - L; i < 16; ++i)
-        ctx->nonce.c[i] = 0;
-
-    (*block) (ctx->nonce.c, scratch.c, key);
-    ctx->cmac.u[0] ^= scratch.u[0];
-    ctx->cmac.u[1] ^= scratch.u[1];
-
-    ctx->nonce.c[0] = flags0;
-
-    return 0;
-}
-
-int CRYPTO_ccm128_decrypt(CCM128_CONTEXT *ctx,
-                          const unsigned char *inp, unsigned char *out,
-                          size_t len)
-{
-    size_t n;
-    unsigned int i, L;
-    unsigned char flags0 = ctx->nonce.c[0];
-    block128_f block = ctx->block;
-    void *key = ctx->key;
-    union {
-        u64 u[2];
-        u8 c[16];
-    } scratch;
-
-    if (!(flags0 & 0x40))
-        (*block) (ctx->nonce.c, ctx->cmac.c, key);
-
-    ctx->nonce.c[0] = L = flags0 & 7;
-    for (n = 0, i = 15 - L; i < 15; ++i) {
-        n |= ctx->nonce.c[i];
-        ctx->nonce.c[i] = 0;
-        n <<= 8;
-    }
-    n |= ctx->nonce.c[15];      /* reconstructed length */
-    ctx->nonce.c[15] = 1;
-
-    if (n != len)
-        return -1;
-
-    while (len >= 16) {
-#if defined(STRICT_ALIGNMENT)
-        union {
-            u64 u[2];
-            u8 c[16];
-        } temp;
-#endif
-        (*block) (ctx->nonce.c, scratch.c, key);
-        ctr64_inc(ctx->nonce.c);
-#if defined(STRICT_ALIGNMENT)
-        memcpy(temp.c, inp, 16);
-        ctx->cmac.u[0] ^= (scratch.u[0] ^= temp.u[0]);
-        ctx->cmac.u[1] ^= (scratch.u[1] ^= temp.u[1]);
-        memcpy(out, scratch.c, 16);
-#else
-        ctx->cmac.u[0] ^= (((u64 *)out)[0] = scratch.u[0] ^ ((u64 *)inp)[0]);
-        ctx->cmac.u[1] ^= (((u64 *)out)[1] = scratch.u[1] ^ ((u64 *)inp)[1]);
-#endif
-        (*block) (ctx->cmac.c, ctx->cmac.c, key);
-
-        inp += 16;
-        out += 16;
-        len -= 16;
-    }
-
-    if (len) {
-        (*block) (ctx->nonce.c, scratch.c, key);
-        for (i = 0; i < len; ++i)
-            ctx->cmac.c[i] ^= (out[i] = scratch.c[i] ^ inp[i]);
-        (*block) (ctx->cmac.c, ctx->cmac.c, key);
-    }
-
-    for (i = 15 - L; i < 16; ++i)
-        ctx->nonce.c[i] = 0;
-
-    (*block) (ctx->nonce.c, scratch.c, key);
-    ctx->cmac.u[0] ^= scratch.u[0];
-    ctx->cmac.u[1] ^= scratch.u[1];
-
-    ctx->nonce.c[0] = flags0;
-
-    return 0;
-}
-
-static void ctr64_add(unsigned char *counter, size_t inc)
-{
-    size_t n = 8, val = 0;
-
-    counter += 8;
-    do {
-        --n;
-        val += counter[n] + (inc & 0xff);
-        counter[n] = (unsigned char)val;
-        val >>= 8;              /* carry bit */
-        inc >>= 8;
-    } while (n && (inc || val));
-}
-
-int CRYPTO_ccm128_encrypt_ccm64(CCM128_CONTEXT *ctx,
-                                const unsigned char *inp, unsigned char *out,
-                                size_t len, ccm128_f stream)
-{
-    size_t n;
-    unsigned int i, L;
-    unsigned char flags0 = ctx->nonce.c[0];
-    block128_f block = ctx->block;
-    void *key = ctx->key;
-    union {
-        u64 u[2];
-        u8 c[16];
-    } scratch;
-
-    if (!(flags0 & 0x40))
-        (*block) (ctx->nonce.c, ctx->cmac.c, key), ctx->blocks++;
-
-    ctx->nonce.c[0] = L = flags0 & 7;
-    for (n = 0, i = 15 - L; i < 15; ++i) {
-        n |= ctx->nonce.c[i];
-        ctx->nonce.c[i] = 0;
-        n <<= 8;
-    }
-    n |= ctx->nonce.c[15];      /* reconstructed length */
-    ctx->nonce.c[15] = 1;
-
-    if (n != len)
-        return -1;              /* length mismatch */
-
-    ctx->blocks += ((len + 15) >> 3) | 1;
-    if (ctx->blocks > (U64(1) << 61))
-        return -2;              /* too much data */
-
-    if ((n = len / 16)) {
-        (*stream) (inp, out, n, key, ctx->nonce.c, ctx->cmac.c);
-        n *= 16;
-        inp += n;
-        out += n;
-        len -= n;
-        if (len)
-            ctr64_add(ctx->nonce.c, n / 16);
-    }
-
-    if (len) {
-        for (i = 0; i < len; ++i)
-            ctx->cmac.c[i] ^= inp[i];
-        (*block) (ctx->cmac.c, ctx->cmac.c, key);
-        (*block) (ctx->nonce.c, scratch.c, key);
-        for (i = 0; i < len; ++i)
-            out[i] = scratch.c[i] ^ inp[i];
-    }
-
-    for (i = 15 - L; i < 16; ++i)
-        ctx->nonce.c[i] = 0;
-
-    (*block) (ctx->nonce.c, scratch.c, key);
-    ctx->cmac.u[0] ^= scratch.u[0];
-    ctx->cmac.u[1] ^= scratch.u[1];
-
-    ctx->nonce.c[0] = flags0;
-
-    return 0;
-}
-
-int CRYPTO_ccm128_decrypt_ccm64(CCM128_CONTEXT *ctx,
-                                const unsigned char *inp, unsigned char *out,
-                                size_t len, ccm128_f stream)
-{
-    size_t n;
-    unsigned int i, L;
-    unsigned char flags0 = ctx->nonce.c[0];
-    block128_f block = ctx->block;
-    void *key = ctx->key;
-    union {
-        u64 u[2];
-        u8 c[16];
-    } scratch;
-
-    if (!(flags0 & 0x40))
-        (*block) (ctx->nonce.c, ctx->cmac.c, key);
-
-    ctx->nonce.c[0] = L = flags0 & 7;
-    for (n = 0, i = 15 - L; i < 15; ++i) {
-        n |= ctx->nonce.c[i];
-        ctx->nonce.c[i] = 0;
-        n <<= 8;
-    }
-    n |= ctx->nonce.c[15];      /* reconstructed length */
-    ctx->nonce.c[15] = 1;
-
-    if (n != len)
-        return -1;
-
-    if ((n = len / 16)) {
-        (*stream) (inp, out, n, key, ctx->nonce.c, ctx->cmac.c);
-        n *= 16;
-        inp += n;
-        out += n;
-        len -= n;
-        if (len)
-            ctr64_add(ctx->nonce.c, n / 16);
-    }
-
-    if (len) {
-        (*block) (ctx->nonce.c, scratch.c, key);
-        for (i = 0; i < len; ++i)
-            ctx->cmac.c[i] ^= (out[i] = scratch.c[i] ^ inp[i]);
-        (*block) (ctx->cmac.c, ctx->cmac.c, key);
-    }
-
-    for (i = 15 - L; i < 16; ++i)
-        ctx->nonce.c[i] = 0;
-
-    (*block) (ctx->nonce.c, scratch.c, key);
-    ctx->cmac.u[0] ^= scratch.u[0];
-    ctx->cmac.u[1] ^= scratch.u[1];
-
-    ctx->nonce.c[0] = flags0;
-
-    return 0;
-}
-
-size_t CRYPTO_ccm128_tag(CCM128_CONTEXT *ctx, unsigned char *tag, size_t len)
-{
-    unsigned int M = (ctx->nonce.c[0] >> 3) & 7; /* the M parameter */
-
-    M *= 2;
-    M += 2;
-    if (len < M)
-        return 0;
-    memcpy(tag, ctx->cmac.c, M);
-    return M;
-}
diff --git a/thirdparty/openssl/crypto/modes/cfb128.c b/thirdparty/openssl/crypto/modes/cfb128.c
deleted file mode 100644
index d4ecbd08ee..0000000000
--- a/thirdparty/openssl/crypto/modes/cfb128.c
+++ /dev/null
@@ -1,254 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/crypto.h>
-#include "modes_lcl.h"
-#include <string.h>
-
-#ifndef MODES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-/*
- * The input and output encrypted as though 128bit cfb mode is being used.
- * The extra state information to record how much of the 128bit block we have
- * used is contained in *num;
- */
-void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
-                           size_t len, const void *key,
-                           unsigned char ivec[16], int *num,
-                           int enc, block128_f block)
-{
-    unsigned int n;
-    size_t l = 0;
-
-    assert(in && out && key && ivec && num);
-
-    n = *num;
-
-    if (enc) {
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-        if (16 % sizeof(size_t) == 0) { /* always true actually */
-            do {
-                while (n && len) {
-                    *(out++) = ivec[n] ^= *(in++);
-                    --len;
-                    n = (n + 1) % 16;
-                }
-# if defined(STRICT_ALIGNMENT)
-                if (((size_t)in | (size_t)out | (size_t)ivec) %
-                    sizeof(size_t) != 0)
-                    break;
-# endif
-                while (len >= 16) {
-                    (*block) (ivec, ivec, key);
-                    for (; n < 16; n += sizeof(size_t)) {
-                        *(size_t *)(out + n) =
-                            *(size_t *)(ivec + n) ^= *(size_t *)(in + n);
-                    }
-                    len -= 16;
-                    out += 16;
-                    in += 16;
-                    n = 0;
-                }
-                if (len) {
-                    (*block) (ivec, ivec, key);
-                    while (len--) {
-                        out[n] = ivec[n] ^= in[n];
-                        ++n;
-                    }
-                }
-                *num = n;
-                return;
-            } while (0);
-        }
-        /* the rest would be commonly eliminated by x86* compiler */
-#endif
-        while (l < len) {
-            if (n == 0) {
-                (*block) (ivec, ivec, key);
-            }
-            out[l] = ivec[n] ^= in[l];
-            ++l;
-            n = (n + 1) % 16;
-        }
-        *num = n;
-    } else {
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-        if (16 % sizeof(size_t) == 0) { /* always true actually */
-            do {
-                while (n && len) {
-                    unsigned char c;
-                    *(out++) = ivec[n] ^ (c = *(in++));
-                    ivec[n] = c;
-                    --len;
-                    n = (n + 1) % 16;
-                }
-# if defined(STRICT_ALIGNMENT)
-                if (((size_t)in | (size_t)out | (size_t)ivec) %
-                    sizeof(size_t) != 0)
-                    break;
-# endif
-                while (len >= 16) {
-                    (*block) (ivec, ivec, key);
-                    for (; n < 16; n += sizeof(size_t)) {
-                        size_t t = *(size_t *)(in + n);
-                        *(size_t *)(out + n) = *(size_t *)(ivec + n) ^ t;
-                        *(size_t *)(ivec + n) = t;
-                    }
-                    len -= 16;
-                    out += 16;
-                    in += 16;
-                    n = 0;
-                }
-                if (len) {
-                    (*block) (ivec, ivec, key);
-                    while (len--) {
-                        unsigned char c;
-                        out[n] = ivec[n] ^ (c = in[n]);
-                        ivec[n] = c;
-                        ++n;
-                    }
-                }
-                *num = n;
-                return;
-            } while (0);
-        }
-        /* the rest would be commonly eliminated by x86* compiler */
-#endif
-        while (l < len) {
-            unsigned char c;
-            if (n == 0) {
-                (*block) (ivec, ivec, key);
-            }
-            out[l] = ivec[n] ^ (c = in[l]);
-            ivec[n] = c;
-            ++l;
-            n = (n + 1) % 16;
-        }
-        *num = n;
-    }
-}
-
-/*
- * This expects a single block of size nbits for both in and out. Note that
- * it corrupts any extra bits in the last byte of out
- */
-static void cfbr_encrypt_block(const unsigned char *in, unsigned char *out,
-                               int nbits, const void *key,
-                               unsigned char ivec[16], int enc,
-                               block128_f block)
-{
-    int n, rem, num;
-    unsigned char ovec[16 * 2 + 1]; /* +1 because we dererefence (but don't
-                                     * use) one byte off the end */
-
-    if (nbits <= 0 || nbits > 128)
-        return;
-
-    /* fill in the first half of the new IV with the current IV */
-    memcpy(ovec, ivec, 16);
-    /* construct the new IV */
-    (*block) (ivec, ivec, key);
-    num = (nbits + 7) / 8;
-    if (enc)                    /* encrypt the input */
-        for (n = 0; n < num; ++n)
-            out[n] = (ovec[16 + n] = in[n] ^ ivec[n]);
-    else                        /* decrypt the input */
-        for (n = 0; n < num; ++n)
-            out[n] = (ovec[16 + n] = in[n]) ^ ivec[n];
-    /* shift ovec left... */
-    rem = nbits % 8;
-    num = nbits / 8;
-    if (rem == 0)
-        memcpy(ivec, ovec + num, 16);
-    else
-        for (n = 0; n < 16; ++n)
-            ivec[n] = ovec[n + num] << rem | ovec[n + num + 1] >> (8 - rem);
-
-    /* it is not necessary to cleanse ovec, since the IV is not secret */
-}
-
-/* N.B. This expects the input to be packed, MS bit first */
-void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
-                             size_t bits, const void *key,
-                             unsigned char ivec[16], int *num,
-                             int enc, block128_f block)
-{
-    size_t n;
-    unsigned char c[1], d[1];
-
-    assert(in && out && key && ivec && num);
-    assert(*num == 0);
-
-    for (n = 0; n < bits; ++n) {
-        c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
-        cfbr_encrypt_block(c, d, 1, key, ivec, enc, block);
-        out[n / 8] = (out[n / 8] & ~(1 << (unsigned int)(7 - n % 8))) |
-            ((d[0] & 0x80) >> (unsigned int)(n % 8));
-    }
-}
-
-void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out,
-                             size_t length, const void *key,
-                             unsigned char ivec[16], int *num,
-                             int enc, block128_f block)
-{
-    size_t n;
-
-    assert(in && out && key && ivec && num);
-    assert(*num == 0);
-
-    for (n = 0; n < length; ++n)
-        cfbr_encrypt_block(&in[n], &out[n], 8, key, ivec, enc, block);
-}
diff --git a/thirdparty/openssl/crypto/modes/ctr128.c b/thirdparty/openssl/crypto/modes/ctr128.c
deleted file mode 100644
index d4b22728e6..0000000000
--- a/thirdparty/openssl/crypto/modes/ctr128.c
+++ /dev/null
@@ -1,263 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/crypto.h>
-#include "modes_lcl.h"
-#include <string.h>
-
-#ifndef MODES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-/*
- * NOTE: the IV/counter CTR mode is big-endian.  The code itself is
- * endian-neutral.
- */
-
-/* increment counter (128-bit int) by 1 */
-static void ctr128_inc(unsigned char *counter)
-{
-    u32 n = 16, c = 1;
-
-    do {
-        --n;
-        c += counter[n];
-        counter[n] = (u8)c;
-        c >>= 8;
-    } while (n);
-}
-
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-static void ctr128_inc_aligned(unsigned char *counter)
-{
-    size_t *data, c, d, n;
-    const union {
-        long one;
-        char little;
-    } is_endian = {
-        1
-    };
-
-    if (is_endian.little || ((size_t)counter % sizeof(size_t)) != 0) {
-        ctr128_inc(counter);
-        return;
-    }
-
-    data = (size_t *)counter;
-    c = 1;
-    n = 16 / sizeof(size_t);
-    do {
-        --n;
-        d = data[n] += c;
-        /* did addition carry? */
-        c = ((d - c) & ~d) >> (sizeof(size_t) * 8 - 1);
-    } while (n);
-}
-#endif
-
-/*
- * The input encrypted as though 128bit counter mode is being used.  The
- * extra state information to record how much of the 128bit block we have
- * used is contained in *num, and the encrypted counter is kept in
- * ecount_buf.  Both *num and ecount_buf must be initialised with zeros
- * before the first call to CRYPTO_ctr128_encrypt(). This algorithm assumes
- * that the counter is in the x lower bits of the IV (ivec), and that the
- * application has full control over overflow and the rest of the IV.  This
- * implementation takes NO responsability for checking that the counter
- * doesn't overflow into the rest of the IV when incremented.
- */
-void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
-                           size_t len, const void *key,
-                           unsigned char ivec[16],
-                           unsigned char ecount_buf[16], unsigned int *num,
-                           block128_f block)
-{
-    unsigned int n;
-    size_t l = 0;
-
-    assert(in && out && key && ecount_buf && num);
-    assert(*num < 16);
-
-    n = *num;
-
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-    if (16 % sizeof(size_t) == 0) { /* always true actually */
-        do {
-            while (n && len) {
-                *(out++) = *(in++) ^ ecount_buf[n];
-                --len;
-                n = (n + 1) % 16;
-            }
-
-# if defined(STRICT_ALIGNMENT)
-            if (((size_t)in | (size_t)out | (size_t)ecount_buf)
-                % sizeof(size_t) != 0)
-                break;
-# endif
-            while (len >= 16) {
-                (*block) (ivec, ecount_buf, key);
-                ctr128_inc_aligned(ivec);
-                for (n = 0; n < 16; n += sizeof(size_t))
-                    *(size_t *)(out + n) =
-                        *(size_t *)(in + n) ^ *(size_t *)(ecount_buf + n);
-                len -= 16;
-                out += 16;
-                in += 16;
-                n = 0;
-            }
-            if (len) {
-                (*block) (ivec, ecount_buf, key);
-                ctr128_inc_aligned(ivec);
-                while (len--) {
-                    out[n] = in[n] ^ ecount_buf[n];
-                    ++n;
-                }
-            }
-            *num = n;
-            return;
-        } while (0);
-    }
-    /* the rest would be commonly eliminated by x86* compiler */
-#endif
-    while (l < len) {
-        if (n == 0) {
-            (*block) (ivec, ecount_buf, key);
-            ctr128_inc(ivec);
-        }
-        out[l] = in[l] ^ ecount_buf[n];
-        ++l;
-        n = (n + 1) % 16;
-    }
-
-    *num = n;
-}
-
-/* increment upper 96 bits of 128-bit counter by 1 */
-static void ctr96_inc(unsigned char *counter)
-{
-    u32 n = 12, c = 1;
-
-    do {
-        --n;
-        c += counter[n];
-        counter[n] = (u8)c;
-        c >>= 8;
-    } while (n);
-}
-
-void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
-                                 size_t len, const void *key,
-                                 unsigned char ivec[16],
-                                 unsigned char ecount_buf[16],
-                                 unsigned int *num, ctr128_f func)
-{
-    unsigned int n, ctr32;
-
-    assert(in && out && key && ecount_buf && num);
-    assert(*num < 16);
-
-    n = *num;
-
-    while (n && len) {
-        *(out++) = *(in++) ^ ecount_buf[n];
-        --len;
-        n = (n + 1) % 16;
-    }
-
-    ctr32 = GETU32(ivec + 12);
-    while (len >= 16) {
-        size_t blocks = len / 16;
-        /*
-         * 1<<28 is just a not-so-small yet not-so-large number...
-         * Below condition is practically never met, but it has to
-         * be checked for code correctness.
-         */
-        if (sizeof(size_t) > sizeof(unsigned int) && blocks > (1U << 28))
-            blocks = (1U << 28);
-        /*
-         * As (*func) operates on 32-bit counter, caller
-         * has to handle overflow. 'if' below detects the
-         * overflow, which is then handled by limiting the
-         * amount of blocks to the exact overflow point...
-         */
-        ctr32 += (u32)blocks;
-        if (ctr32 < blocks) {
-            blocks -= ctr32;
-            ctr32 = 0;
-        }
-        (*func) (in, out, blocks, key, ivec);
-        /* (*ctr) does not update ivec, caller does: */
-        PUTU32(ivec + 12, ctr32);
-        /* ... overflow was detected, propogate carry. */
-        if (ctr32 == 0)
-            ctr96_inc(ivec);
-        blocks *= 16;
-        len -= blocks;
-        out += blocks;
-        in += blocks;
-    }
-    if (len) {
-        memset(ecount_buf, 0, 16);
-        (*func) (ecount_buf, ecount_buf, 1, key, ivec);
-        ++ctr32;
-        PUTU32(ivec + 12, ctr32);
-        if (ctr32 == 0)
-            ctr96_inc(ivec);
-        while (len--) {
-            out[n] = in[n] ^ ecount_buf[n];
-            ++n;
-        }
-    }
-
-    *num = n;
-}
diff --git a/thirdparty/openssl/crypto/modes/cts128.c b/thirdparty/openssl/crypto/modes/cts128.c
deleted file mode 100644
index 137be595a1..0000000000
--- a/thirdparty/openssl/crypto/modes/cts128.c
+++ /dev/null
@@ -1,544 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Rights for redistribution and usage in source and binary
- * forms are granted according to the OpenSSL license.
- */
-
-#include <openssl/crypto.h>
-#include "modes_lcl.h"
-#include <string.h>
-
-#ifndef MODES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-/*
- * Trouble with Ciphertext Stealing, CTS, mode is that there is no
- * common official specification, but couple of cipher/application
- * specific ones: RFC2040 and RFC3962. Then there is 'Proposal to
- * Extend CBC Mode By "Ciphertext Stealing"' at NIST site, which
- * deviates from mentioned RFCs. Most notably it allows input to be
- * of block length and it doesn't flip the order of the last two
- * blocks. CTS is being discussed even in ECB context, but it's not
- * adopted for any known application. This implementation provides
- * two interfaces: one compliant with above mentioned RFCs and one
- * compliant with the NIST proposal, both extending CBC mode.
- */
-
-size_t CRYPTO_cts128_encrypt_block(const unsigned char *in,
-                                   unsigned char *out, size_t len,
-                                   const void *key, unsigned char ivec[16],
-                                   block128_f block)
-{
-    size_t residue, n;
-
-    assert(in && out && key && ivec);
-
-    if (len <= 16)
-        return 0;
-
-    if ((residue = len % 16) == 0)
-        residue = 16;
-
-    len -= residue;
-
-    CRYPTO_cbc128_encrypt(in, out, len, key, ivec, block);
-
-    in += len;
-    out += len;
-
-    for (n = 0; n < residue; ++n)
-        ivec[n] ^= in[n];
-    (*block) (ivec, ivec, key);
-    memcpy(out, out - 16, residue);
-    memcpy(out - 16, ivec, 16);
-
-    return len + residue;
-}
-
-size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in,
-                                       unsigned char *out, size_t len,
-                                       const void *key,
-                                       unsigned char ivec[16],
-                                       block128_f block)
-{
-    size_t residue, n;
-
-    assert(in && out && key && ivec);
-
-    if (len < 16)
-        return 0;
-
-    residue = len % 16;
-
-    len -= residue;
-
-    CRYPTO_cbc128_encrypt(in, out, len, key, ivec, block);
-
-    if (residue == 0)
-        return len;
-
-    in += len;
-    out += len;
-
-    for (n = 0; n < residue; ++n)
-        ivec[n] ^= in[n];
-    (*block) (ivec, ivec, key);
-    memcpy(out - 16 + residue, ivec, 16);
-
-    return len + residue;
-}
-
-size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
-                             size_t len, const void *key,
-                             unsigned char ivec[16], cbc128_f cbc)
-{
-    size_t residue;
-    union {
-        size_t align;
-        unsigned char c[16];
-    } tmp;
-
-    assert(in && out && key && ivec);
-
-    if (len <= 16)
-        return 0;
-
-    if ((residue = len % 16) == 0)
-        residue = 16;
-
-    len -= residue;
-
-    (*cbc) (in, out, len, key, ivec, 1);
-
-    in += len;
-    out += len;
-
-#if defined(CBC_HANDLES_TRUNCATED_IO)
-    memcpy(tmp.c, out - 16, 16);
-    (*cbc) (in, out - 16, residue, key, ivec, 1);
-    memcpy(out, tmp.c, residue);
-#else
-    memset(tmp.c, 0, sizeof(tmp));
-    memcpy(tmp.c, in, residue);
-    memcpy(out, out - 16, residue);
-    (*cbc) (tmp.c, out - 16, 16, key, ivec, 1);
-#endif
-    return len + residue;
-}
-
-size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
-                                 size_t len, const void *key,
-                                 unsigned char ivec[16], cbc128_f cbc)
-{
-    size_t residue;
-    union {
-        size_t align;
-        unsigned char c[16];
-    } tmp;
-
-    assert(in && out && key && ivec);
-
-    if (len < 16)
-        return 0;
-
-    residue = len % 16;
-
-    len -= residue;
-
-    (*cbc) (in, out, len, key, ivec, 1);
-
-    if (residue == 0)
-        return len;
-
-    in += len;
-    out += len;
-
-#if defined(CBC_HANDLES_TRUNCATED_IO)
-    (*cbc) (in, out - 16 + residue, residue, key, ivec, 1);
-#else
-    memset(tmp.c, 0, sizeof(tmp));
-    memcpy(tmp.c, in, residue);
-    (*cbc) (tmp.c, out - 16 + residue, 16, key, ivec, 1);
-#endif
-    return len + residue;
-}
-
-size_t CRYPTO_cts128_decrypt_block(const unsigned char *in,
-                                   unsigned char *out, size_t len,
-                                   const void *key, unsigned char ivec[16],
-                                   block128_f block)
-{
-    size_t residue, n;
-    union {
-        size_t align;
-        unsigned char c[32];
-    } tmp;
-
-    assert(in && out && key && ivec);
-
-    if (len <= 16)
-        return 0;
-
-    if ((residue = len % 16) == 0)
-        residue = 16;
-
-    len -= 16 + residue;
-
-    if (len) {
-        CRYPTO_cbc128_decrypt(in, out, len, key, ivec, block);
-        in += len;
-        out += len;
-    }
-
-    (*block) (in, tmp.c + 16, key);
-
-    memcpy(tmp.c, tmp.c + 16, 16);
-    memcpy(tmp.c, in + 16, residue);
-    (*block) (tmp.c, tmp.c, key);
-
-    for (n = 0; n < 16; ++n) {
-        unsigned char c = in[n];
-        out[n] = tmp.c[n] ^ ivec[n];
-        ivec[n] = c;
-    }
-    for (residue += 16; n < residue; ++n)
-        out[n] = tmp.c[n] ^ in[n];
-
-    return 16 + len + residue;
-}
-
-size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in,
-                                       unsigned char *out, size_t len,
-                                       const void *key,
-                                       unsigned char ivec[16],
-                                       block128_f block)
-{
-    size_t residue, n;
-    union {
-        size_t align;
-        unsigned char c[32];
-    } tmp;
-
-    assert(in && out && key && ivec);
-
-    if (len < 16)
-        return 0;
-
-    residue = len % 16;
-
-    if (residue == 0) {
-        CRYPTO_cbc128_decrypt(in, out, len, key, ivec, block);
-        return len;
-    }
-
-    len -= 16 + residue;
-
-    if (len) {
-        CRYPTO_cbc128_decrypt(in, out, len, key, ivec, block);
-        in += len;
-        out += len;
-    }
-
-    (*block) (in + residue, tmp.c + 16, key);
-
-    memcpy(tmp.c, tmp.c + 16, 16);
-    memcpy(tmp.c, in, residue);
-    (*block) (tmp.c, tmp.c, key);
-
-    for (n = 0; n < 16; ++n) {
-        unsigned char c = in[n];
-        out[n] = tmp.c[n] ^ ivec[n];
-        ivec[n] = in[n + residue];
-        tmp.c[n] = c;
-    }
-    for (residue += 16; n < residue; ++n)
-        out[n] = tmp.c[n] ^ tmp.c[n - 16];
-
-    return 16 + len + residue;
-}
-
-size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
-                             size_t len, const void *key,
-                             unsigned char ivec[16], cbc128_f cbc)
-{
-    size_t residue;
-    union {
-        size_t align;
-        unsigned char c[32];
-    } tmp;
-
-    assert(in && out && key && ivec);
-
-    if (len <= 16)
-        return 0;
-
-    if ((residue = len % 16) == 0)
-        residue = 16;
-
-    len -= 16 + residue;
-
-    if (len) {
-        (*cbc) (in, out, len, key, ivec, 0);
-        in += len;
-        out += len;
-    }
-
-    memset(tmp.c, 0, sizeof(tmp));
-    /*
-     * this places in[16] at &tmp.c[16] and decrypted block at &tmp.c[0]
-     */
-    (*cbc) (in, tmp.c, 16, key, tmp.c + 16, 0);
-
-    memcpy(tmp.c, in + 16, residue);
-#if defined(CBC_HANDLES_TRUNCATED_IO)
-    (*cbc) (tmp.c, out, 16 + residue, key, ivec, 0);
-#else
-    (*cbc) (tmp.c, tmp.c, 32, key, ivec, 0);
-    memcpy(out, tmp.c, 16 + residue);
-#endif
-    return 16 + len + residue;
-}
-
-size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
-                                 size_t len, const void *key,
-                                 unsigned char ivec[16], cbc128_f cbc)
-{
-    size_t residue;
-    union {
-        size_t align;
-        unsigned char c[32];
-    } tmp;
-
-    assert(in && out && key && ivec);
-
-    if (len < 16)
-        return 0;
-
-    residue = len % 16;
-
-    if (residue == 0) {
-        (*cbc) (in, out, len, key, ivec, 0);
-        return len;
-    }
-
-    len -= 16 + residue;
-
-    if (len) {
-        (*cbc) (in, out, len, key, ivec, 0);
-        in += len;
-        out += len;
-    }
-
-    memset(tmp.c, 0, sizeof(tmp));
-    /*
-     * this places in[16] at &tmp.c[16] and decrypted block at &tmp.c[0]
-     */
-    (*cbc) (in + residue, tmp.c, 16, key, tmp.c + 16, 0);
-
-    memcpy(tmp.c, in, residue);
-#if defined(CBC_HANDLES_TRUNCATED_IO)
-    (*cbc) (tmp.c, out, 16 + residue, key, ivec, 0);
-#else
-    (*cbc) (tmp.c, tmp.c, 32, key, ivec, 0);
-    memcpy(out, tmp.c, 16 + residue);
-#endif
-    return 16 + len + residue;
-}
-
-#if defined(SELFTEST)
-# include <stdio.h>
-# include <openssl/aes.h>
-
-/* test vectors from RFC 3962 */
-static const unsigned char test_key[16] = "chicken teriyaki";
-static const unsigned char test_input[64] =
-    "I would like the" " General Gau's C"
-    "hicken, please, " "and wonton soup.";
-static const unsigned char test_iv[16] =
-    { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
-
-static const unsigned char vector_17[17] = {
-    0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4,
-    0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f,
-    0x97
-};
-
-static const unsigned char vector_31[31] = {
-    0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1,
-    0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22,
-    0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
-    0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5
-};
-
-static const unsigned char vector_32[32] = {
-    0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
-    0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
-    0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
-    0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84
-};
-
-static const unsigned char vector_47[47] = {
-    0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
-    0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
-    0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c,
-    0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e,
-    0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
-    0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5
-};
-
-static const unsigned char vector_48[48] = {
-    0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
-    0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
-    0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
-    0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
-    0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
-    0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8
-};
-
-static const unsigned char vector_64[64] = {
-    0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
-    0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
-    0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
-    0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
-    0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5,
-    0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40,
-    0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
-    0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8
-};
-
-static AES_KEY encks, decks;
-
-void test_vector(const unsigned char *vector, size_t len)
-{
-    unsigned char iv[sizeof(test_iv)];
-    unsigned char cleartext[64], ciphertext[64];
-    size_t tail;
-
-    printf("vector_%d\n", len);
-    fflush(stdout);
-
-    if ((tail = len % 16) == 0)
-        tail = 16;
-    tail += 16;
-
-    /* test block-based encryption */
-    memcpy(iv, test_iv, sizeof(test_iv));
-    CRYPTO_cts128_encrypt_block(test_input, ciphertext, len, &encks, iv,
-                                (block128_f) AES_encrypt);
-    if (memcmp(ciphertext, vector, len))
-        fprintf(stderr, "output_%d mismatch\n", len), exit(1);
-    if (memcmp(iv, vector + len - tail, sizeof(iv)))
-        fprintf(stderr, "iv_%d mismatch\n", len), exit(1);
-
-    /* test block-based decryption */
-    memcpy(iv, test_iv, sizeof(test_iv));
-    CRYPTO_cts128_decrypt_block(ciphertext, cleartext, len, &decks, iv,
-                                (block128_f) AES_decrypt);
-    if (memcmp(cleartext, test_input, len))
-        fprintf(stderr, "input_%d mismatch\n", len), exit(2);
-    if (memcmp(iv, vector + len - tail, sizeof(iv)))
-        fprintf(stderr, "iv_%d mismatch\n", len), exit(2);
-
-    /* test streamed encryption */
-    memcpy(iv, test_iv, sizeof(test_iv));
-    CRYPTO_cts128_encrypt(test_input, ciphertext, len, &encks, iv,
-                          (cbc128_f) AES_cbc_encrypt);
-    if (memcmp(ciphertext, vector, len))
-        fprintf(stderr, "output_%d mismatch\n", len), exit(3);
-    if (memcmp(iv, vector + len - tail, sizeof(iv)))
-        fprintf(stderr, "iv_%d mismatch\n", len), exit(3);
-
-    /* test streamed decryption */
-    memcpy(iv, test_iv, sizeof(test_iv));
-    CRYPTO_cts128_decrypt(ciphertext, cleartext, len, &decks, iv,
-                          (cbc128_f) AES_cbc_encrypt);
-    if (memcmp(cleartext, test_input, len))
-        fprintf(stderr, "input_%d mismatch\n", len), exit(4);
-    if (memcmp(iv, vector + len - tail, sizeof(iv)))
-        fprintf(stderr, "iv_%d mismatch\n", len), exit(4);
-}
-
-void test_nistvector(const unsigned char *vector, size_t len)
-{
-    unsigned char iv[sizeof(test_iv)];
-    unsigned char cleartext[64], ciphertext[64], nistvector[64];
-    size_t tail;
-
-    printf("nistvector_%d\n", len);
-    fflush(stdout);
-
-    if ((tail = len % 16) == 0)
-        tail = 16;
-
-    len -= 16 + tail;
-    memcpy(nistvector, vector, len);
-    /* flip two last blocks */
-    memcpy(nistvector + len, vector + len + 16, tail);
-    memcpy(nistvector + len + tail, vector + len, 16);
-    len += 16 + tail;
-    tail = 16;
-
-    /* test block-based encryption */
-    memcpy(iv, test_iv, sizeof(test_iv));
-    CRYPTO_nistcts128_encrypt_block(test_input, ciphertext, len, &encks, iv,
-                                    (block128_f) AES_encrypt);
-    if (memcmp(ciphertext, nistvector, len))
-        fprintf(stderr, "output_%d mismatch\n", len), exit(1);
-    if (memcmp(iv, nistvector + len - tail, sizeof(iv)))
-        fprintf(stderr, "iv_%d mismatch\n", len), exit(1);
-
-    /* test block-based decryption */
-    memcpy(iv, test_iv, sizeof(test_iv));
-    CRYPTO_nistcts128_decrypt_block(ciphertext, cleartext, len, &decks, iv,
-                                    (block128_f) AES_decrypt);
-    if (memcmp(cleartext, test_input, len))
-        fprintf(stderr, "input_%d mismatch\n", len), exit(2);
-    if (memcmp(iv, nistvector + len - tail, sizeof(iv)))
-        fprintf(stderr, "iv_%d mismatch\n", len), exit(2);
-
-    /* test streamed encryption */
-    memcpy(iv, test_iv, sizeof(test_iv));
-    CRYPTO_nistcts128_encrypt(test_input, ciphertext, len, &encks, iv,
-                              (cbc128_f) AES_cbc_encrypt);
-    if (memcmp(ciphertext, nistvector, len))
-        fprintf(stderr, "output_%d mismatch\n", len), exit(3);
-    if (memcmp(iv, nistvector + len - tail, sizeof(iv)))
-        fprintf(stderr, "iv_%d mismatch\n", len), exit(3);
-
-    /* test streamed decryption */
-    memcpy(iv, test_iv, sizeof(test_iv));
-    CRYPTO_nistcts128_decrypt(ciphertext, cleartext, len, &decks, iv,
-                              (cbc128_f) AES_cbc_encrypt);
-    if (memcmp(cleartext, test_input, len))
-        fprintf(stderr, "input_%d mismatch\n", len), exit(4);
-    if (memcmp(iv, nistvector + len - tail, sizeof(iv)))
-        fprintf(stderr, "iv_%d mismatch\n", len), exit(4);
-}
-
-int main()
-{
-    AES_set_encrypt_key(test_key, 128, &encks);
-    AES_set_decrypt_key(test_key, 128, &decks);
-
-    test_vector(vector_17, sizeof(vector_17));
-    test_vector(vector_31, sizeof(vector_31));
-    test_vector(vector_32, sizeof(vector_32));
-    test_vector(vector_47, sizeof(vector_47));
-    test_vector(vector_48, sizeof(vector_48));
-    test_vector(vector_64, sizeof(vector_64));
-
-    test_nistvector(vector_17, sizeof(vector_17));
-    test_nistvector(vector_31, sizeof(vector_31));
-    test_nistvector(vector_32, sizeof(vector_32));
-    test_nistvector(vector_47, sizeof(vector_47));
-    test_nistvector(vector_48, sizeof(vector_48));
-    test_nistvector(vector_64, sizeof(vector_64));
-
-    return 0;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/modes/gcm128.c b/thirdparty/openssl/crypto/modes/gcm128.c
deleted file mode 100644
index e299131c13..0000000000
--- a/thirdparty/openssl/crypto/modes/gcm128.c
+++ /dev/null
@@ -1,2371 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2010 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#define OPENSSL_FIPSAPI
-
-#include <openssl/crypto.h>
-#include "modes_lcl.h"
-#include <string.h>
-
-#ifndef MODES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-#if defined(BSWAP4) && defined(STRICT_ALIGNMENT)
-/* redefine, because alignment is ensured */
-# undef  GETU32
-# define GETU32(p)       BSWAP4(*(const u32 *)(p))
-# undef  PUTU32
-# define PUTU32(p,v)     *(u32 *)(p) = BSWAP4(v)
-#endif
-
-#define PACK(s)         ((size_t)(s)<<(sizeof(size_t)*8-16))
-#define REDUCE1BIT(V)   do { \
-        if (sizeof(size_t)==8) { \
-                u64 T = U64(0xe100000000000000) & (0-(V.lo&1)); \
-                V.lo  = (V.hi<<63)|(V.lo>>1); \
-                V.hi  = (V.hi>>1 )^T; \
-        } \
-        else { \
-                u32 T = 0xe1000000U & (0-(u32)(V.lo&1)); \
-                V.lo  = (V.hi<<63)|(V.lo>>1); \
-                V.hi  = (V.hi>>1 )^((u64)T<<32); \
-        } \
-} while(0)
-
-/*-
- * Even though permitted values for TABLE_BITS are 8, 4 and 1, it should
- * never be set to 8. 8 is effectively reserved for testing purposes.
- * TABLE_BITS>1 are lookup-table-driven implementations referred to as
- * "Shoup's" in GCM specification. In other words OpenSSL does not cover
- * whole spectrum of possible table driven implementations. Why? In
- * non-"Shoup's" case memory access pattern is segmented in such manner,
- * that it's trivial to see that cache timing information can reveal
- * fair portion of intermediate hash value. Given that ciphertext is
- * always available to attacker, it's possible for him to attempt to
- * deduce secret parameter H and if successful, tamper with messages
- * [which is nothing but trivial in CTR mode]. In "Shoup's" case it's
- * not as trivial, but there is no reason to believe that it's resistant
- * to cache-timing attack. And the thing about "8-bit" implementation is
- * that it consumes 16 (sixteen) times more memory, 4KB per individual
- * key + 1KB shared. Well, on pros side it should be twice as fast as
- * "4-bit" version. And for gcc-generated x86[_64] code, "8-bit" version
- * was observed to run ~75% faster, closer to 100% for commercial
- * compilers... Yet "4-bit" procedure is preferred, because it's
- * believed to provide better security-performance balance and adequate
- * all-round performance. "All-round" refers to things like:
- *
- * - shorter setup time effectively improves overall timing for
- *   handling short messages;
- * - larger table allocation can become unbearable because of VM
- *   subsystem penalties (for example on Windows large enough free
- *   results in VM working set trimming, meaning that consequent
- *   malloc would immediately incur working set expansion);
- * - larger table has larger cache footprint, which can affect
- *   performance of other code paths (not necessarily even from same
- *   thread in Hyper-Threading world);
- *
- * Value of 1 is not appropriate for performance reasons.
- */
-#if     TABLE_BITS==8
-
-static void gcm_init_8bit(u128 Htable[256], u64 H[2])
-{
-    int i, j;
-    u128 V;
-
-    Htable[0].hi = 0;
-    Htable[0].lo = 0;
-    V.hi = H[0];
-    V.lo = H[1];
-
-    for (Htable[128] = V, i = 64; i > 0; i >>= 1) {
-        REDUCE1BIT(V);
-        Htable[i] = V;
-    }
-
-    for (i = 2; i < 256; i <<= 1) {
-        u128 *Hi = Htable + i, H0 = *Hi;
-        for (j = 1; j < i; ++j) {
-            Hi[j].hi = H0.hi ^ Htable[j].hi;
-            Hi[j].lo = H0.lo ^ Htable[j].lo;
-        }
-    }
-}
-
-static void gcm_gmult_8bit(u64 Xi[2], const u128 Htable[256])
-{
-    u128 Z = { 0, 0 };
-    const u8 *xi = (const u8 *)Xi + 15;
-    size_t rem, n = *xi;
-    const union {
-        long one;
-        char little;
-    } is_endian = {
-        1
-    };
-    static const size_t rem_8bit[256] = {
-        PACK(0x0000), PACK(0x01C2), PACK(0x0384), PACK(0x0246),
-        PACK(0x0708), PACK(0x06CA), PACK(0x048C), PACK(0x054E),
-        PACK(0x0E10), PACK(0x0FD2), PACK(0x0D94), PACK(0x0C56),
-        PACK(0x0918), PACK(0x08DA), PACK(0x0A9C), PACK(0x0B5E),
-        PACK(0x1C20), PACK(0x1DE2), PACK(0x1FA4), PACK(0x1E66),
-        PACK(0x1B28), PACK(0x1AEA), PACK(0x18AC), PACK(0x196E),
-        PACK(0x1230), PACK(0x13F2), PACK(0x11B4), PACK(0x1076),
-        PACK(0x1538), PACK(0x14FA), PACK(0x16BC), PACK(0x177E),
-        PACK(0x3840), PACK(0x3982), PACK(0x3BC4), PACK(0x3A06),
-        PACK(0x3F48), PACK(0x3E8A), PACK(0x3CCC), PACK(0x3D0E),
-        PACK(0x3650), PACK(0x3792), PACK(0x35D4), PACK(0x3416),
-        PACK(0x3158), PACK(0x309A), PACK(0x32DC), PACK(0x331E),
-        PACK(0x2460), PACK(0x25A2), PACK(0x27E4), PACK(0x2626),
-        PACK(0x2368), PACK(0x22AA), PACK(0x20EC), PACK(0x212E),
-        PACK(0x2A70), PACK(0x2BB2), PACK(0x29F4), PACK(0x2836),
-        PACK(0x2D78), PACK(0x2CBA), PACK(0x2EFC), PACK(0x2F3E),
-        PACK(0x7080), PACK(0x7142), PACK(0x7304), PACK(0x72C6),
-        PACK(0x7788), PACK(0x764A), PACK(0x740C), PACK(0x75CE),
-        PACK(0x7E90), PACK(0x7F52), PACK(0x7D14), PACK(0x7CD6),
-        PACK(0x7998), PACK(0x785A), PACK(0x7A1C), PACK(0x7BDE),
-        PACK(0x6CA0), PACK(0x6D62), PACK(0x6F24), PACK(0x6EE6),
-        PACK(0x6BA8), PACK(0x6A6A), PACK(0x682C), PACK(0x69EE),
-        PACK(0x62B0), PACK(0x6372), PACK(0x6134), PACK(0x60F6),
-        PACK(0x65B8), PACK(0x647A), PACK(0x663C), PACK(0x67FE),
-        PACK(0x48C0), PACK(0x4902), PACK(0x4B44), PACK(0x4A86),
-        PACK(0x4FC8), PACK(0x4E0A), PACK(0x4C4C), PACK(0x4D8E),
-        PACK(0x46D0), PACK(0x4712), PACK(0x4554), PACK(0x4496),
-        PACK(0x41D8), PACK(0x401A), PACK(0x425C), PACK(0x439E),
-        PACK(0x54E0), PACK(0x5522), PACK(0x5764), PACK(0x56A6),
-        PACK(0x53E8), PACK(0x522A), PACK(0x506C), PACK(0x51AE),
-        PACK(0x5AF0), PACK(0x5B32), PACK(0x5974), PACK(0x58B6),
-        PACK(0x5DF8), PACK(0x5C3A), PACK(0x5E7C), PACK(0x5FBE),
-        PACK(0xE100), PACK(0xE0C2), PACK(0xE284), PACK(0xE346),
-        PACK(0xE608), PACK(0xE7CA), PACK(0xE58C), PACK(0xE44E),
-        PACK(0xEF10), PACK(0xEED2), PACK(0xEC94), PACK(0xED56),
-        PACK(0xE818), PACK(0xE9DA), PACK(0xEB9C), PACK(0xEA5E),
-        PACK(0xFD20), PACK(0xFCE2), PACK(0xFEA4), PACK(0xFF66),
-        PACK(0xFA28), PACK(0xFBEA), PACK(0xF9AC), PACK(0xF86E),
-        PACK(0xF330), PACK(0xF2F2), PACK(0xF0B4), PACK(0xF176),
-        PACK(0xF438), PACK(0xF5FA), PACK(0xF7BC), PACK(0xF67E),
-        PACK(0xD940), PACK(0xD882), PACK(0xDAC4), PACK(0xDB06),
-        PACK(0xDE48), PACK(0xDF8A), PACK(0xDDCC), PACK(0xDC0E),
-        PACK(0xD750), PACK(0xD692), PACK(0xD4D4), PACK(0xD516),
-        PACK(0xD058), PACK(0xD19A), PACK(0xD3DC), PACK(0xD21E),
-        PACK(0xC560), PACK(0xC4A2), PACK(0xC6E4), PACK(0xC726),
-        PACK(0xC268), PACK(0xC3AA), PACK(0xC1EC), PACK(0xC02E),
-        PACK(0xCB70), PACK(0xCAB2), PACK(0xC8F4), PACK(0xC936),
-        PACK(0xCC78), PACK(0xCDBA), PACK(0xCFFC), PACK(0xCE3E),
-        PACK(0x9180), PACK(0x9042), PACK(0x9204), PACK(0x93C6),
-        PACK(0x9688), PACK(0x974A), PACK(0x950C), PACK(0x94CE),
-        PACK(0x9F90), PACK(0x9E52), PACK(0x9C14), PACK(0x9DD6),
-        PACK(0x9898), PACK(0x995A), PACK(0x9B1C), PACK(0x9ADE),
-        PACK(0x8DA0), PACK(0x8C62), PACK(0x8E24), PACK(0x8FE6),
-        PACK(0x8AA8), PACK(0x8B6A), PACK(0x892C), PACK(0x88EE),
-        PACK(0x83B0), PACK(0x8272), PACK(0x8034), PACK(0x81F6),
-        PACK(0x84B8), PACK(0x857A), PACK(0x873C), PACK(0x86FE),
-        PACK(0xA9C0), PACK(0xA802), PACK(0xAA44), PACK(0xAB86),
-        PACK(0xAEC8), PACK(0xAF0A), PACK(0xAD4C), PACK(0xAC8E),
-        PACK(0xA7D0), PACK(0xA612), PACK(0xA454), PACK(0xA596),
-        PACK(0xA0D8), PACK(0xA11A), PACK(0xA35C), PACK(0xA29E),
-        PACK(0xB5E0), PACK(0xB422), PACK(0xB664), PACK(0xB7A6),
-        PACK(0xB2E8), PACK(0xB32A), PACK(0xB16C), PACK(0xB0AE),
-        PACK(0xBBF0), PACK(0xBA32), PACK(0xB874), PACK(0xB9B6),
-        PACK(0xBCF8), PACK(0xBD3A), PACK(0xBF7C), PACK(0xBEBE)
-    };
-
-    while (1) {
-        Z.hi ^= Htable[n].hi;
-        Z.lo ^= Htable[n].lo;
-
-        if ((u8 *)Xi == xi)
-            break;
-
-        n = *(--xi);
-
-        rem = (size_t)Z.lo & 0xff;
-        Z.lo = (Z.hi << 56) | (Z.lo >> 8);
-        Z.hi = (Z.hi >> 8);
-        if (sizeof(size_t) == 8)
-            Z.hi ^= rem_8bit[rem];
-        else
-            Z.hi ^= (u64)rem_8bit[rem] << 32;
-    }
-
-    if (is_endian.little) {
-# ifdef BSWAP8
-        Xi[0] = BSWAP8(Z.hi);
-        Xi[1] = BSWAP8(Z.lo);
-# else
-        u8 *p = (u8 *)Xi;
-        u32 v;
-        v = (u32)(Z.hi >> 32);
-        PUTU32(p, v);
-        v = (u32)(Z.hi);
-        PUTU32(p + 4, v);
-        v = (u32)(Z.lo >> 32);
-        PUTU32(p + 8, v);
-        v = (u32)(Z.lo);
-        PUTU32(p + 12, v);
-# endif
-    } else {
-        Xi[0] = Z.hi;
-        Xi[1] = Z.lo;
-    }
-}
-
-# define GCM_MUL(ctx,Xi)   gcm_gmult_8bit(ctx->Xi.u,ctx->Htable)
-
-#elif   TABLE_BITS==4
-
-static void gcm_init_4bit(u128 Htable[16], u64 H[2])
-{
-    u128 V;
-# if defined(OPENSSL_SMALL_FOOTPRINT)
-    int i;
-# endif
-
-    Htable[0].hi = 0;
-    Htable[0].lo = 0;
-    V.hi = H[0];
-    V.lo = H[1];
-
-# if defined(OPENSSL_SMALL_FOOTPRINT)
-    for (Htable[8] = V, i = 4; i > 0; i >>= 1) {
-        REDUCE1BIT(V);
-        Htable[i] = V;
-    }
-
-    for (i = 2; i < 16; i <<= 1) {
-        u128 *Hi = Htable + i;
-        int j;
-        for (V = *Hi, j = 1; j < i; ++j) {
-            Hi[j].hi = V.hi ^ Htable[j].hi;
-            Hi[j].lo = V.lo ^ Htable[j].lo;
-        }
-    }
-# else
-    Htable[8] = V;
-    REDUCE1BIT(V);
-    Htable[4] = V;
-    REDUCE1BIT(V);
-    Htable[2] = V;
-    REDUCE1BIT(V);
-    Htable[1] = V;
-    Htable[3].hi = V.hi ^ Htable[2].hi, Htable[3].lo = V.lo ^ Htable[2].lo;
-    V = Htable[4];
-    Htable[5].hi = V.hi ^ Htable[1].hi, Htable[5].lo = V.lo ^ Htable[1].lo;
-    Htable[6].hi = V.hi ^ Htable[2].hi, Htable[6].lo = V.lo ^ Htable[2].lo;
-    Htable[7].hi = V.hi ^ Htable[3].hi, Htable[7].lo = V.lo ^ Htable[3].lo;
-    V = Htable[8];
-    Htable[9].hi = V.hi ^ Htable[1].hi, Htable[9].lo = V.lo ^ Htable[1].lo;
-    Htable[10].hi = V.hi ^ Htable[2].hi, Htable[10].lo = V.lo ^ Htable[2].lo;
-    Htable[11].hi = V.hi ^ Htable[3].hi, Htable[11].lo = V.lo ^ Htable[3].lo;
-    Htable[12].hi = V.hi ^ Htable[4].hi, Htable[12].lo = V.lo ^ Htable[4].lo;
-    Htable[13].hi = V.hi ^ Htable[5].hi, Htable[13].lo = V.lo ^ Htable[5].lo;
-    Htable[14].hi = V.hi ^ Htable[6].hi, Htable[14].lo = V.lo ^ Htable[6].lo;
-    Htable[15].hi = V.hi ^ Htable[7].hi, Htable[15].lo = V.lo ^ Htable[7].lo;
-# endif
-# if defined(GHASH_ASM) && (defined(__arm__) || defined(__arm))
-    /*
-     * ARM assembler expects specific dword order in Htable.
-     */
-    {
-        int j;
-        const union {
-            long one;
-            char little;
-        } is_endian = {
-            1
-        };
-
-        if (is_endian.little)
-            for (j = 0; j < 16; ++j) {
-                V = Htable[j];
-                Htable[j].hi = V.lo;
-                Htable[j].lo = V.hi;
-        } else
-            for (j = 0; j < 16; ++j) {
-                V = Htable[j];
-                Htable[j].hi = V.lo << 32 | V.lo >> 32;
-                Htable[j].lo = V.hi << 32 | V.hi >> 32;
-            }
-    }
-# endif
-}
-
-# ifndef GHASH_ASM
-static const size_t rem_4bit[16] = {
-    PACK(0x0000), PACK(0x1C20), PACK(0x3840), PACK(0x2460),
-    PACK(0x7080), PACK(0x6CA0), PACK(0x48C0), PACK(0x54E0),
-    PACK(0xE100), PACK(0xFD20), PACK(0xD940), PACK(0xC560),
-    PACK(0x9180), PACK(0x8DA0), PACK(0xA9C0), PACK(0xB5E0)
-};
-
-static void gcm_gmult_4bit(u64 Xi[2], const u128 Htable[16])
-{
-    u128 Z;
-    int cnt = 15;
-    size_t rem, nlo, nhi;
-    const union {
-        long one;
-        char little;
-    } is_endian = {
-        1
-    };
-
-    nlo = ((const u8 *)Xi)[15];
-    nhi = nlo >> 4;
-    nlo &= 0xf;
-
-    Z.hi = Htable[nlo].hi;
-    Z.lo = Htable[nlo].lo;
-
-    while (1) {
-        rem = (size_t)Z.lo & 0xf;
-        Z.lo = (Z.hi << 60) | (Z.lo >> 4);
-        Z.hi = (Z.hi >> 4);
-        if (sizeof(size_t) == 8)
-            Z.hi ^= rem_4bit[rem];
-        else
-            Z.hi ^= (u64)rem_4bit[rem] << 32;
-
-        Z.hi ^= Htable[nhi].hi;
-        Z.lo ^= Htable[nhi].lo;
-
-        if (--cnt < 0)
-            break;
-
-        nlo = ((const u8 *)Xi)[cnt];
-        nhi = nlo >> 4;
-        nlo &= 0xf;
-
-        rem = (size_t)Z.lo & 0xf;
-        Z.lo = (Z.hi << 60) | (Z.lo >> 4);
-        Z.hi = (Z.hi >> 4);
-        if (sizeof(size_t) == 8)
-            Z.hi ^= rem_4bit[rem];
-        else
-            Z.hi ^= (u64)rem_4bit[rem] << 32;
-
-        Z.hi ^= Htable[nlo].hi;
-        Z.lo ^= Htable[nlo].lo;
-    }
-
-    if (is_endian.little) {
-#  ifdef BSWAP8
-        Xi[0] = BSWAP8(Z.hi);
-        Xi[1] = BSWAP8(Z.lo);
-#  else
-        u8 *p = (u8 *)Xi;
-        u32 v;
-        v = (u32)(Z.hi >> 32);
-        PUTU32(p, v);
-        v = (u32)(Z.hi);
-        PUTU32(p + 4, v);
-        v = (u32)(Z.lo >> 32);
-        PUTU32(p + 8, v);
-        v = (u32)(Z.lo);
-        PUTU32(p + 12, v);
-#  endif
-    } else {
-        Xi[0] = Z.hi;
-        Xi[1] = Z.lo;
-    }
-}
-
-#  if !defined(OPENSSL_SMALL_FOOTPRINT)
-/*
- * Streamed gcm_mult_4bit, see CRYPTO_gcm128_[en|de]crypt for
- * details... Compiler-generated code doesn't seem to give any
- * performance improvement, at least not on x86[_64]. It's here
- * mostly as reference and a placeholder for possible future
- * non-trivial optimization[s]...
- */
-static void gcm_ghash_4bit(u64 Xi[2], const u128 Htable[16],
-                           const u8 *inp, size_t len)
-{
-    u128 Z;
-    int cnt;
-    size_t rem, nlo, nhi;
-    const union {
-        long one;
-        char little;
-    } is_endian = {
-        1
-    };
-
-#   if 1
-    do {
-        cnt = 15;
-        nlo = ((const u8 *)Xi)[15];
-        nlo ^= inp[15];
-        nhi = nlo >> 4;
-        nlo &= 0xf;
-
-        Z.hi = Htable[nlo].hi;
-        Z.lo = Htable[nlo].lo;
-
-        while (1) {
-            rem = (size_t)Z.lo & 0xf;
-            Z.lo = (Z.hi << 60) | (Z.lo >> 4);
-            Z.hi = (Z.hi >> 4);
-            if (sizeof(size_t) == 8)
-                Z.hi ^= rem_4bit[rem];
-            else
-                Z.hi ^= (u64)rem_4bit[rem] << 32;
-
-            Z.hi ^= Htable[nhi].hi;
-            Z.lo ^= Htable[nhi].lo;
-
-            if (--cnt < 0)
-                break;
-
-            nlo = ((const u8 *)Xi)[cnt];
-            nlo ^= inp[cnt];
-            nhi = nlo >> 4;
-            nlo &= 0xf;
-
-            rem = (size_t)Z.lo & 0xf;
-            Z.lo = (Z.hi << 60) | (Z.lo >> 4);
-            Z.hi = (Z.hi >> 4);
-            if (sizeof(size_t) == 8)
-                Z.hi ^= rem_4bit[rem];
-            else
-                Z.hi ^= (u64)rem_4bit[rem] << 32;
-
-            Z.hi ^= Htable[nlo].hi;
-            Z.lo ^= Htable[nlo].lo;
-        }
-#   else
-    /*
-     * Extra 256+16 bytes per-key plus 512 bytes shared tables
-     * [should] give ~50% improvement... One could have PACK()-ed
-     * the rem_8bit even here, but the priority is to minimize
-     * cache footprint...
-     */
-    u128 Hshr4[16];             /* Htable shifted right by 4 bits */
-    u8 Hshl4[16];               /* Htable shifted left by 4 bits */
-    static const unsigned short rem_8bit[256] = {
-        0x0000, 0x01C2, 0x0384, 0x0246, 0x0708, 0x06CA, 0x048C, 0x054E,
-        0x0E10, 0x0FD2, 0x0D94, 0x0C56, 0x0918, 0x08DA, 0x0A9C, 0x0B5E,
-        0x1C20, 0x1DE2, 0x1FA4, 0x1E66, 0x1B28, 0x1AEA, 0x18AC, 0x196E,
-        0x1230, 0x13F2, 0x11B4, 0x1076, 0x1538, 0x14FA, 0x16BC, 0x177E,
-        0x3840, 0x3982, 0x3BC4, 0x3A06, 0x3F48, 0x3E8A, 0x3CCC, 0x3D0E,
-        0x3650, 0x3792, 0x35D4, 0x3416, 0x3158, 0x309A, 0x32DC, 0x331E,
-        0x2460, 0x25A2, 0x27E4, 0x2626, 0x2368, 0x22AA, 0x20EC, 0x212E,
-        0x2A70, 0x2BB2, 0x29F4, 0x2836, 0x2D78, 0x2CBA, 0x2EFC, 0x2F3E,
-        0x7080, 0x7142, 0x7304, 0x72C6, 0x7788, 0x764A, 0x740C, 0x75CE,
-        0x7E90, 0x7F52, 0x7D14, 0x7CD6, 0x7998, 0x785A, 0x7A1C, 0x7BDE,
-        0x6CA0, 0x6D62, 0x6F24, 0x6EE6, 0x6BA8, 0x6A6A, 0x682C, 0x69EE,
-        0x62B0, 0x6372, 0x6134, 0x60F6, 0x65B8, 0x647A, 0x663C, 0x67FE,
-        0x48C0, 0x4902, 0x4B44, 0x4A86, 0x4FC8, 0x4E0A, 0x4C4C, 0x4D8E,
-        0x46D0, 0x4712, 0x4554, 0x4496, 0x41D8, 0x401A, 0x425C, 0x439E,
-        0x54E0, 0x5522, 0x5764, 0x56A6, 0x53E8, 0x522A, 0x506C, 0x51AE,
-        0x5AF0, 0x5B32, 0x5974, 0x58B6, 0x5DF8, 0x5C3A, 0x5E7C, 0x5FBE,
-        0xE100, 0xE0C2, 0xE284, 0xE346, 0xE608, 0xE7CA, 0xE58C, 0xE44E,
-        0xEF10, 0xEED2, 0xEC94, 0xED56, 0xE818, 0xE9DA, 0xEB9C, 0xEA5E,
-        0xFD20, 0xFCE2, 0xFEA4, 0xFF66, 0xFA28, 0xFBEA, 0xF9AC, 0xF86E,
-        0xF330, 0xF2F2, 0xF0B4, 0xF176, 0xF438, 0xF5FA, 0xF7BC, 0xF67E,
-        0xD940, 0xD882, 0xDAC4, 0xDB06, 0xDE48, 0xDF8A, 0xDDCC, 0xDC0E,
-        0xD750, 0xD692, 0xD4D4, 0xD516, 0xD058, 0xD19A, 0xD3DC, 0xD21E,
-        0xC560, 0xC4A2, 0xC6E4, 0xC726, 0xC268, 0xC3AA, 0xC1EC, 0xC02E,
-        0xCB70, 0xCAB2, 0xC8F4, 0xC936, 0xCC78, 0xCDBA, 0xCFFC, 0xCE3E,
-        0x9180, 0x9042, 0x9204, 0x93C6, 0x9688, 0x974A, 0x950C, 0x94CE,
-        0x9F90, 0x9E52, 0x9C14, 0x9DD6, 0x9898, 0x995A, 0x9B1C, 0x9ADE,
-        0x8DA0, 0x8C62, 0x8E24, 0x8FE6, 0x8AA8, 0x8B6A, 0x892C, 0x88EE,
-        0x83B0, 0x8272, 0x8034, 0x81F6, 0x84B8, 0x857A, 0x873C, 0x86FE,
-        0xA9C0, 0xA802, 0xAA44, 0xAB86, 0xAEC8, 0xAF0A, 0xAD4C, 0xAC8E,
-        0xA7D0, 0xA612, 0xA454, 0xA596, 0xA0D8, 0xA11A, 0xA35C, 0xA29E,
-        0xB5E0, 0xB422, 0xB664, 0xB7A6, 0xB2E8, 0xB32A, 0xB16C, 0xB0AE,
-        0xBBF0, 0xBA32, 0xB874, 0xB9B6, 0xBCF8, 0xBD3A, 0xBF7C, 0xBEBE
-    };
-    /*
-     * This pre-processing phase slows down procedure by approximately
-     * same time as it makes each loop spin faster. In other words
-     * single block performance is approximately same as straightforward
-     * "4-bit" implementation, and then it goes only faster...
-     */
-    for (cnt = 0; cnt < 16; ++cnt) {
-        Z.hi = Htable[cnt].hi;
-        Z.lo = Htable[cnt].lo;
-        Hshr4[cnt].lo = (Z.hi << 60) | (Z.lo >> 4);
-        Hshr4[cnt].hi = (Z.hi >> 4);
-        Hshl4[cnt] = (u8)(Z.lo << 4);
-    }
-
-    do {
-        for (Z.lo = 0, Z.hi = 0, cnt = 15; cnt; --cnt) {
-            nlo = ((const u8 *)Xi)[cnt];
-            nlo ^= inp[cnt];
-            nhi = nlo >> 4;
-            nlo &= 0xf;
-
-            Z.hi ^= Htable[nlo].hi;
-            Z.lo ^= Htable[nlo].lo;
-
-            rem = (size_t)Z.lo & 0xff;
-
-            Z.lo = (Z.hi << 56) | (Z.lo >> 8);
-            Z.hi = (Z.hi >> 8);
-
-            Z.hi ^= Hshr4[nhi].hi;
-            Z.lo ^= Hshr4[nhi].lo;
-            Z.hi ^= (u64)rem_8bit[rem ^ Hshl4[nhi]] << 48;
-        }
-
-        nlo = ((const u8 *)Xi)[0];
-        nlo ^= inp[0];
-        nhi = nlo >> 4;
-        nlo &= 0xf;
-
-        Z.hi ^= Htable[nlo].hi;
-        Z.lo ^= Htable[nlo].lo;
-
-        rem = (size_t)Z.lo & 0xf;
-
-        Z.lo = (Z.hi << 60) | (Z.lo >> 4);
-        Z.hi = (Z.hi >> 4);
-
-        Z.hi ^= Htable[nhi].hi;
-        Z.lo ^= Htable[nhi].lo;
-        Z.hi ^= ((u64)rem_8bit[rem << 4]) << 48;
-#   endif
-
-        if (is_endian.little) {
-#   ifdef BSWAP8
-            Xi[0] = BSWAP8(Z.hi);
-            Xi[1] = BSWAP8(Z.lo);
-#   else
-            u8 *p = (u8 *)Xi;
-            u32 v;
-            v = (u32)(Z.hi >> 32);
-            PUTU32(p, v);
-            v = (u32)(Z.hi);
-            PUTU32(p + 4, v);
-            v = (u32)(Z.lo >> 32);
-            PUTU32(p + 8, v);
-            v = (u32)(Z.lo);
-            PUTU32(p + 12, v);
-#   endif
-        } else {
-            Xi[0] = Z.hi;
-            Xi[1] = Z.lo;
-        }
-    } while (inp += 16, len -= 16);
-}
-#  endif
-# else
-void gcm_gmult_4bit(u64 Xi[2], const u128 Htable[16]);
-void gcm_ghash_4bit(u64 Xi[2], const u128 Htable[16], const u8 *inp,
-                    size_t len);
-# endif
-
-# define GCM_MUL(ctx,Xi)   gcm_gmult_4bit(ctx->Xi.u,ctx->Htable)
-# if defined(GHASH_ASM) || !defined(OPENSSL_SMALL_FOOTPRINT)
-#  define GHASH(ctx,in,len) gcm_ghash_4bit((ctx)->Xi.u,(ctx)->Htable,in,len)
-/*
- * GHASH_CHUNK is "stride parameter" missioned to mitigate cache trashing
- * effect. In other words idea is to hash data while it's still in L1 cache
- * after encryption pass...
- */
-#  define GHASH_CHUNK       (3*1024)
-# endif
-
-#else                           /* TABLE_BITS */
-
-static void gcm_gmult_1bit(u64 Xi[2], const u64 H[2])
-{
-    u128 V, Z = { 0, 0 };
-    long X;
-    int i, j;
-    const long *xi = (const long *)Xi;
-    const union {
-        long one;
-        char little;
-    } is_endian = {
-        1
-    };
-
-    V.hi = H[0];                /* H is in host byte order, no byte swapping */
-    V.lo = H[1];
-
-    for (j = 0; j < 16 / sizeof(long); ++j) {
-        if (is_endian.little) {
-            if (sizeof(long) == 8) {
-# ifdef BSWAP8
-                X = (long)(BSWAP8(xi[j]));
-# else
-                const u8 *p = (const u8 *)(xi + j);
-                X = (long)((u64)GETU32(p) << 32 | GETU32(p + 4));
-# endif
-            } else {
-                const u8 *p = (const u8 *)(xi + j);
-                X = (long)GETU32(p);
-            }
-        } else
-            X = xi[j];
-
-        for (i = 0; i < 8 * sizeof(long); ++i, X <<= 1) {
-            u64 M = (u64)(X >> (8 * sizeof(long) - 1));
-            Z.hi ^= V.hi & M;
-            Z.lo ^= V.lo & M;
-
-            REDUCE1BIT(V);
-        }
-    }
-
-    if (is_endian.little) {
-# ifdef BSWAP8
-        Xi[0] = BSWAP8(Z.hi);
-        Xi[1] = BSWAP8(Z.lo);
-# else
-        u8 *p = (u8 *)Xi;
-        u32 v;
-        v = (u32)(Z.hi >> 32);
-        PUTU32(p, v);
-        v = (u32)(Z.hi);
-        PUTU32(p + 4, v);
-        v = (u32)(Z.lo >> 32);
-        PUTU32(p + 8, v);
-        v = (u32)(Z.lo);
-        PUTU32(p + 12, v);
-# endif
-    } else {
-        Xi[0] = Z.hi;
-        Xi[1] = Z.lo;
-    }
-}
-
-# define GCM_MUL(ctx,Xi)   gcm_gmult_1bit(ctx->Xi.u,ctx->H.u)
-
-#endif
-
-#if     TABLE_BITS==4 && (defined(GHASH_ASM) || defined(OPENSSL_CPUID_OBJ))
-# if    !defined(I386_ONLY) && \
-        (defined(__i386)        || defined(__i386__)    || \
-         defined(__x86_64)      || defined(__x86_64__)  || \
-         defined(_M_IX86)       || defined(_M_AMD64)    || defined(_M_X64))
-#  define GHASH_ASM_X86_OR_64
-#  define GCM_FUNCREF_4BIT
-extern unsigned int OPENSSL_ia32cap_P[];
-
-void gcm_init_clmul(u128 Htable[16], const u64 Xi[2]);
-void gcm_gmult_clmul(u64 Xi[2], const u128 Htable[16]);
-void gcm_ghash_clmul(u64 Xi[2], const u128 Htable[16], const u8 *inp,
-                     size_t len);
-
-#  if defined(__i386) || defined(__i386__) || defined(_M_IX86)
-#   define gcm_init_avx   gcm_init_clmul
-#   define gcm_gmult_avx  gcm_gmult_clmul
-#   define gcm_ghash_avx  gcm_ghash_clmul
-#  else
-void gcm_init_avx(u128 Htable[16], const u64 Xi[2]);
-void gcm_gmult_avx(u64 Xi[2], const u128 Htable[16]);
-void gcm_ghash_avx(u64 Xi[2], const u128 Htable[16], const u8 *inp,
-                   size_t len);
-#  endif
-
-#  if   defined(__i386) || defined(__i386__) || defined(_M_IX86)
-#   define GHASH_ASM_X86
-void gcm_gmult_4bit_mmx(u64 Xi[2], const u128 Htable[16]);
-void gcm_ghash_4bit_mmx(u64 Xi[2], const u128 Htable[16], const u8 *inp,
-                        size_t len);
-
-void gcm_gmult_4bit_x86(u64 Xi[2], const u128 Htable[16]);
-void gcm_ghash_4bit_x86(u64 Xi[2], const u128 Htable[16], const u8 *inp,
-                        size_t len);
-#  endif
-# elif defined(__arm__) || defined(__arm) || defined(__aarch64__)
-#  include "arm_arch.h"
-#  if __ARM_MAX_ARCH__>=7
-#   define GHASH_ASM_ARM
-#   define GCM_FUNCREF_4BIT
-#   define PMULL_CAPABLE        (OPENSSL_armcap_P & ARMV8_PMULL)
-#   if defined(__arm__) || defined(__arm)
-#    define NEON_CAPABLE        (OPENSSL_armcap_P & ARMV7_NEON)
-#   endif
-void gcm_init_neon(u128 Htable[16], const u64 Xi[2]);
-void gcm_gmult_neon(u64 Xi[2], const u128 Htable[16]);
-void gcm_ghash_neon(u64 Xi[2], const u128 Htable[16], const u8 *inp,
-                    size_t len);
-void gcm_init_v8(u128 Htable[16], const u64 Xi[2]);
-void gcm_gmult_v8(u64 Xi[2], const u128 Htable[16]);
-void gcm_ghash_v8(u64 Xi[2], const u128 Htable[16], const u8 *inp,
-                  size_t len);
-#  endif
-# elif defined(__sparc__) || defined(__sparc)
-#  include "sparc_arch.h"
-#  define GHASH_ASM_SPARC
-#  define GCM_FUNCREF_4BIT
-extern unsigned int OPENSSL_sparcv9cap_P[];
-void gcm_init_vis3(u128 Htable[16], const u64 Xi[2]);
-void gcm_gmult_vis3(u64 Xi[2], const u128 Htable[16]);
-void gcm_ghash_vis3(u64 Xi[2], const u128 Htable[16], const u8 *inp,
-                    size_t len);
-# elif defined(OPENSSL_CPUID_OBJ) && (defined(__powerpc__) || defined(__ppc__) || defined(_ARCH_PPC))
-#  include "ppc_arch.h"
-#  define GHASH_ASM_PPC
-#  define GCM_FUNCREF_4BIT
-void gcm_init_p8(u128 Htable[16], const u64 Xi[2]);
-void gcm_gmult_p8(u64 Xi[2], const u128 Htable[16]);
-void gcm_ghash_p8(u64 Xi[2], const u128 Htable[16], const u8 *inp,
-                  size_t len);
-# endif
-#endif
-
-#ifdef GCM_FUNCREF_4BIT
-# undef  GCM_MUL
-# define GCM_MUL(ctx,Xi)        (*gcm_gmult_p)(ctx->Xi.u,ctx->Htable)
-# ifdef GHASH
-#  undef  GHASH
-#  define GHASH(ctx,in,len)     (*gcm_ghash_p)(ctx->Xi.u,ctx->Htable,in,len)
-# endif
-#endif
-
-void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block)
-{
-    const union {
-        long one;
-        char little;
-    } is_endian = {
-        1
-    };
-
-    memset(ctx, 0, sizeof(*ctx));
-    ctx->block = block;
-    ctx->key = key;
-
-    (*block) (ctx->H.c, ctx->H.c, key);
-
-    if (is_endian.little) {
-        /* H is stored in host byte order */
-#ifdef BSWAP8
-        ctx->H.u[0] = BSWAP8(ctx->H.u[0]);
-        ctx->H.u[1] = BSWAP8(ctx->H.u[1]);
-#else
-        u8 *p = ctx->H.c;
-        u64 hi, lo;
-        hi = (u64)GETU32(p) << 32 | GETU32(p + 4);
-        lo = (u64)GETU32(p + 8) << 32 | GETU32(p + 12);
-        ctx->H.u[0] = hi;
-        ctx->H.u[1] = lo;
-#endif
-    }
-#if     TABLE_BITS==8
-    gcm_init_8bit(ctx->Htable, ctx->H.u);
-#elif   TABLE_BITS==4
-# if    defined(GHASH_ASM_X86_OR_64)
-#  if   !defined(GHASH_ASM_X86) || defined(OPENSSL_IA32_SSE2)
-    if (OPENSSL_ia32cap_P[0] & (1 << 24) && /* check FXSR bit */
-        OPENSSL_ia32cap_P[1] & (1 << 1)) { /* check PCLMULQDQ bit */
-        if (((OPENSSL_ia32cap_P[1] >> 22) & 0x41) == 0x41) { /* AVX+MOVBE */
-            gcm_init_avx(ctx->Htable, ctx->H.u);
-            ctx->gmult = gcm_gmult_avx;
-            ctx->ghash = gcm_ghash_avx;
-        } else {
-            gcm_init_clmul(ctx->Htable, ctx->H.u);
-            ctx->gmult = gcm_gmult_clmul;
-            ctx->ghash = gcm_ghash_clmul;
-        }
-        return;
-    }
-#  endif
-    gcm_init_4bit(ctx->Htable, ctx->H.u);
-#  if   defined(GHASH_ASM_X86)  /* x86 only */
-#   if  defined(OPENSSL_IA32_SSE2)
-    if (OPENSSL_ia32cap_P[0] & (1 << 25)) { /* check SSE bit */
-#   else
-    if (OPENSSL_ia32cap_P[0] & (1 << 23)) { /* check MMX bit */
-#   endif
-        ctx->gmult = gcm_gmult_4bit_mmx;
-        ctx->ghash = gcm_ghash_4bit_mmx;
-    } else {
-        ctx->gmult = gcm_gmult_4bit_x86;
-        ctx->ghash = gcm_ghash_4bit_x86;
-    }
-#  else
-    ctx->gmult = gcm_gmult_4bit;
-    ctx->ghash = gcm_ghash_4bit;
-#  endif
-# elif  defined(GHASH_ASM_ARM)
-#  ifdef PMULL_CAPABLE
-    if (PMULL_CAPABLE) {
-        gcm_init_v8(ctx->Htable, ctx->H.u);
-        ctx->gmult = gcm_gmult_v8;
-        ctx->ghash = gcm_ghash_v8;
-    } else
-#  endif
-#  ifdef NEON_CAPABLE
-    if (NEON_CAPABLE) {
-        gcm_init_neon(ctx->Htable, ctx->H.u);
-        ctx->gmult = gcm_gmult_neon;
-        ctx->ghash = gcm_ghash_neon;
-    } else
-#  endif
-    {
-        gcm_init_4bit(ctx->Htable, ctx->H.u);
-        ctx->gmult = gcm_gmult_4bit;
-#  if defined(GHASH)
-        ctx->ghash = gcm_ghash_4bit;
-#  else
-        ctx->ghash = NULL;
-#  endif
-    }
-# elif  defined(GHASH_ASM_SPARC)
-    if (OPENSSL_sparcv9cap_P[0] & SPARCV9_VIS3) {
-        gcm_init_vis3(ctx->Htable, ctx->H.u);
-        ctx->gmult = gcm_gmult_vis3;
-        ctx->ghash = gcm_ghash_vis3;
-    } else {
-        gcm_init_4bit(ctx->Htable, ctx->H.u);
-        ctx->gmult = gcm_gmult_4bit;
-        ctx->ghash = gcm_ghash_4bit;
-    }
-# elif  defined(GHASH_ASM_PPC)
-    if (OPENSSL_ppccap_P & PPC_CRYPTO207) {
-        gcm_init_p8(ctx->Htable, ctx->H.u);
-        ctx->gmult = gcm_gmult_p8;
-        ctx->ghash = gcm_ghash_p8;
-    } else {
-        gcm_init_4bit(ctx->Htable, ctx->H.u);
-        ctx->gmult = gcm_gmult_4bit;
-#  if defined(GHASH)
-        ctx->ghash = gcm_ghash_4bit;
-#  else
-        ctx->ghash = NULL;
-#  endif
-    }
-# else
-    gcm_init_4bit(ctx->Htable, ctx->H.u);
-# endif
-#endif
-}
-
-void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const unsigned char *iv,
-                         size_t len)
-{
-    const union {
-        long one;
-        char little;
-    } is_endian = {
-        1
-    };
-    unsigned int ctr;
-#ifdef GCM_FUNCREF_4BIT
-    void (*gcm_gmult_p) (u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
-#endif
-
-    ctx->Yi.u[0] = 0;
-    ctx->Yi.u[1] = 0;
-    ctx->Xi.u[0] = 0;
-    ctx->Xi.u[1] = 0;
-    ctx->len.u[0] = 0;          /* AAD length */
-    ctx->len.u[1] = 0;          /* message length */
-    ctx->ares = 0;
-    ctx->mres = 0;
-
-    if (len == 12) {
-        memcpy(ctx->Yi.c, iv, 12);
-        ctx->Yi.c[15] = 1;
-        ctr = 1;
-    } else {
-        size_t i;
-        u64 len0 = len;
-
-        while (len >= 16) {
-            for (i = 0; i < 16; ++i)
-                ctx->Yi.c[i] ^= iv[i];
-            GCM_MUL(ctx, Yi);
-            iv += 16;
-            len -= 16;
-        }
-        if (len) {
-            for (i = 0; i < len; ++i)
-                ctx->Yi.c[i] ^= iv[i];
-            GCM_MUL(ctx, Yi);
-        }
-        len0 <<= 3;
-        if (is_endian.little) {
-#ifdef BSWAP8
-            ctx->Yi.u[1] ^= BSWAP8(len0);
-#else
-            ctx->Yi.c[8] ^= (u8)(len0 >> 56);
-            ctx->Yi.c[9] ^= (u8)(len0 >> 48);
-            ctx->Yi.c[10] ^= (u8)(len0 >> 40);
-            ctx->Yi.c[11] ^= (u8)(len0 >> 32);
-            ctx->Yi.c[12] ^= (u8)(len0 >> 24);
-            ctx->Yi.c[13] ^= (u8)(len0 >> 16);
-            ctx->Yi.c[14] ^= (u8)(len0 >> 8);
-            ctx->Yi.c[15] ^= (u8)(len0);
-#endif
-        } else
-            ctx->Yi.u[1] ^= len0;
-
-        GCM_MUL(ctx, Yi);
-
-        if (is_endian.little)
-#ifdef BSWAP4
-            ctr = BSWAP4(ctx->Yi.d[3]);
-#else
-            ctr = GETU32(ctx->Yi.c + 12);
-#endif
-        else
-            ctr = ctx->Yi.d[3];
-    }
-
-    (*ctx->block) (ctx->Yi.c, ctx->EK0.c, ctx->key);
-    ++ctr;
-    if (is_endian.little)
-#ifdef BSWAP4
-        ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-        PUTU32(ctx->Yi.c + 12, ctr);
-#endif
-    else
-        ctx->Yi.d[3] = ctr;
-}
-
-int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const unsigned char *aad,
-                      size_t len)
-{
-    size_t i;
-    unsigned int n;
-    u64 alen = ctx->len.u[0];
-#ifdef GCM_FUNCREF_4BIT
-    void (*gcm_gmult_p) (u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
-# ifdef GHASH
-    void (*gcm_ghash_p) (u64 Xi[2], const u128 Htable[16],
-                         const u8 *inp, size_t len) = ctx->ghash;
-# endif
-#endif
-
-    if (ctx->len.u[1])
-        return -2;
-
-    alen += len;
-    if (alen > (U64(1) << 61) || (sizeof(len) == 8 && alen < len))
-        return -1;
-    ctx->len.u[0] = alen;
-
-    n = ctx->ares;
-    if (n) {
-        while (n && len) {
-            ctx->Xi.c[n] ^= *(aad++);
-            --len;
-            n = (n + 1) % 16;
-        }
-        if (n == 0)
-            GCM_MUL(ctx, Xi);
-        else {
-            ctx->ares = n;
-            return 0;
-        }
-    }
-#ifdef GHASH
-    if ((i = (len & (size_t)-16))) {
-        GHASH(ctx, aad, i);
-        aad += i;
-        len -= i;
-    }
-#else
-    while (len >= 16) {
-        for (i = 0; i < 16; ++i)
-            ctx->Xi.c[i] ^= aad[i];
-        GCM_MUL(ctx, Xi);
-        aad += 16;
-        len -= 16;
-    }
-#endif
-    if (len) {
-        n = (unsigned int)len;
-        for (i = 0; i < len; ++i)
-            ctx->Xi.c[i] ^= aad[i];
-    }
-
-    ctx->ares = n;
-    return 0;
-}
-
-int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
-                          const unsigned char *in, unsigned char *out,
-                          size_t len)
-{
-    const union {
-        long one;
-        char little;
-    } is_endian = {
-        1
-    };
-    unsigned int n, ctr;
-    size_t i;
-    u64 mlen = ctx->len.u[1];
-    block128_f block = ctx->block;
-    void *key = ctx->key;
-#ifdef GCM_FUNCREF_4BIT
-    void (*gcm_gmult_p) (u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
-# ifdef GHASH
-    void (*gcm_ghash_p) (u64 Xi[2], const u128 Htable[16],
-                         const u8 *inp, size_t len) = ctx->ghash;
-# endif
-#endif
-
-#if 0
-    n = (unsigned int)mlen % 16; /* alternative to ctx->mres */
-#endif
-    mlen += len;
-    if (mlen > ((U64(1) << 36) - 32) || (sizeof(len) == 8 && mlen < len))
-        return -1;
-    ctx->len.u[1] = mlen;
-
-    if (ctx->ares) {
-        /* First call to encrypt finalizes GHASH(AAD) */
-        GCM_MUL(ctx, Xi);
-        ctx->ares = 0;
-    }
-
-    if (is_endian.little)
-#ifdef BSWAP4
-        ctr = BSWAP4(ctx->Yi.d[3]);
-#else
-        ctr = GETU32(ctx->Yi.c + 12);
-#endif
-    else
-        ctr = ctx->Yi.d[3];
-
-    n = ctx->mres;
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-    if (16 % sizeof(size_t) == 0) { /* always true actually */
-        do {
-            if (n) {
-                while (n && len) {
-                    ctx->Xi.c[n] ^= *(out++) = *(in++) ^ ctx->EKi.c[n];
-                    --len;
-                    n = (n + 1) % 16;
-                }
-                if (n == 0)
-                    GCM_MUL(ctx, Xi);
-                else {
-                    ctx->mres = n;
-                    return 0;
-                }
-            }
-# if defined(STRICT_ALIGNMENT)
-            if (((size_t)in | (size_t)out) % sizeof(size_t) != 0)
-                break;
-# endif
-# if defined(GHASH) && defined(GHASH_CHUNK)
-            while (len >= GHASH_CHUNK) {
-                size_t j = GHASH_CHUNK;
-
-                while (j) {
-                    size_t *out_t = (size_t *)out;
-                    const size_t *in_t = (const size_t *)in;
-
-                    (*block) (ctx->Yi.c, ctx->EKi.c, key);
-                    ++ctr;
-                    if (is_endian.little)
-#  ifdef BSWAP4
-                        ctx->Yi.d[3] = BSWAP4(ctr);
-#  else
-                        PUTU32(ctx->Yi.c + 12, ctr);
-#  endif
-                    else
-                        ctx->Yi.d[3] = ctr;
-                    for (i = 0; i < 16 / sizeof(size_t); ++i)
-                        out_t[i] = in_t[i] ^ ctx->EKi.t[i];
-                    out += 16;
-                    in += 16;
-                    j -= 16;
-                }
-                GHASH(ctx, out - GHASH_CHUNK, GHASH_CHUNK);
-                len -= GHASH_CHUNK;
-            }
-            if ((i = (len & (size_t)-16))) {
-                size_t j = i;
-
-                while (len >= 16) {
-                    size_t *out_t = (size_t *)out;
-                    const size_t *in_t = (const size_t *)in;
-
-                    (*block) (ctx->Yi.c, ctx->EKi.c, key);
-                    ++ctr;
-                    if (is_endian.little)
-#  ifdef BSWAP4
-                        ctx->Yi.d[3] = BSWAP4(ctr);
-#  else
-                        PUTU32(ctx->Yi.c + 12, ctr);
-#  endif
-                    else
-                        ctx->Yi.d[3] = ctr;
-                    for (i = 0; i < 16 / sizeof(size_t); ++i)
-                        out_t[i] = in_t[i] ^ ctx->EKi.t[i];
-                    out += 16;
-                    in += 16;
-                    len -= 16;
-                }
-                GHASH(ctx, out - j, j);
-            }
-# else
-            while (len >= 16) {
-                size_t *out_t = (size_t *)out;
-                const size_t *in_t = (const size_t *)in;
-
-                (*block) (ctx->Yi.c, ctx->EKi.c, key);
-                ++ctr;
-                if (is_endian.little)
-#  ifdef BSWAP4
-                    ctx->Yi.d[3] = BSWAP4(ctr);
-#  else
-                    PUTU32(ctx->Yi.c + 12, ctr);
-#  endif
-                else
-                    ctx->Yi.d[3] = ctr;
-                for (i = 0; i < 16 / sizeof(size_t); ++i)
-                    ctx->Xi.t[i] ^= out_t[i] = in_t[i] ^ ctx->EKi.t[i];
-                GCM_MUL(ctx, Xi);
-                out += 16;
-                in += 16;
-                len -= 16;
-            }
-# endif
-            if (len) {
-                (*block) (ctx->Yi.c, ctx->EKi.c, key);
-                ++ctr;
-                if (is_endian.little)
-# ifdef BSWAP4
-                    ctx->Yi.d[3] = BSWAP4(ctr);
-# else
-                    PUTU32(ctx->Yi.c + 12, ctr);
-# endif
-                else
-                    ctx->Yi.d[3] = ctr;
-                while (len--) {
-                    ctx->Xi.c[n] ^= out[n] = in[n] ^ ctx->EKi.c[n];
-                    ++n;
-                }
-            }
-
-            ctx->mres = n;
-            return 0;
-        } while (0);
-    }
-#endif
-    for (i = 0; i < len; ++i) {
-        if (n == 0) {
-            (*block) (ctx->Yi.c, ctx->EKi.c, key);
-            ++ctr;
-            if (is_endian.little)
-#ifdef BSWAP4
-                ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-                PUTU32(ctx->Yi.c + 12, ctr);
-#endif
-            else
-                ctx->Yi.d[3] = ctr;
-        }
-        ctx->Xi.c[n] ^= out[i] = in[i] ^ ctx->EKi.c[n];
-        n = (n + 1) % 16;
-        if (n == 0)
-            GCM_MUL(ctx, Xi);
-    }
-
-    ctx->mres = n;
-    return 0;
-}
-
-int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
-                          const unsigned char *in, unsigned char *out,
-                          size_t len)
-{
-    const union {
-        long one;
-        char little;
-    } is_endian = {
-        1
-    };
-    unsigned int n, ctr;
-    size_t i;
-    u64 mlen = ctx->len.u[1];
-    block128_f block = ctx->block;
-    void *key = ctx->key;
-#ifdef GCM_FUNCREF_4BIT
-    void (*gcm_gmult_p) (u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
-# ifdef GHASH
-    void (*gcm_ghash_p) (u64 Xi[2], const u128 Htable[16],
-                         const u8 *inp, size_t len) = ctx->ghash;
-# endif
-#endif
-
-    mlen += len;
-    if (mlen > ((U64(1) << 36) - 32) || (sizeof(len) == 8 && mlen < len))
-        return -1;
-    ctx->len.u[1] = mlen;
-
-    if (ctx->ares) {
-        /* First call to decrypt finalizes GHASH(AAD) */
-        GCM_MUL(ctx, Xi);
-        ctx->ares = 0;
-    }
-
-    if (is_endian.little)
-#ifdef BSWAP4
-        ctr = BSWAP4(ctx->Yi.d[3]);
-#else
-        ctr = GETU32(ctx->Yi.c + 12);
-#endif
-    else
-        ctr = ctx->Yi.d[3];
-
-    n = ctx->mres;
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-    if (16 % sizeof(size_t) == 0) { /* always true actually */
-        do {
-            if (n) {
-                while (n && len) {
-                    u8 c = *(in++);
-                    *(out++) = c ^ ctx->EKi.c[n];
-                    ctx->Xi.c[n] ^= c;
-                    --len;
-                    n = (n + 1) % 16;
-                }
-                if (n == 0)
-                    GCM_MUL(ctx, Xi);
-                else {
-                    ctx->mres = n;
-                    return 0;
-                }
-            }
-# if defined(STRICT_ALIGNMENT)
-            if (((size_t)in | (size_t)out) % sizeof(size_t) != 0)
-                break;
-# endif
-# if defined(GHASH) && defined(GHASH_CHUNK)
-            while (len >= GHASH_CHUNK) {
-                size_t j = GHASH_CHUNK;
-
-                GHASH(ctx, in, GHASH_CHUNK);
-                while (j) {
-                    size_t *out_t = (size_t *)out;
-                    const size_t *in_t = (const size_t *)in;
-
-                    (*block) (ctx->Yi.c, ctx->EKi.c, key);
-                    ++ctr;
-                    if (is_endian.little)
-#  ifdef BSWAP4
-                        ctx->Yi.d[3] = BSWAP4(ctr);
-#  else
-                        PUTU32(ctx->Yi.c + 12, ctr);
-#  endif
-                    else
-                        ctx->Yi.d[3] = ctr;
-                    for (i = 0; i < 16 / sizeof(size_t); ++i)
-                        out_t[i] = in_t[i] ^ ctx->EKi.t[i];
-                    out += 16;
-                    in += 16;
-                    j -= 16;
-                }
-                len -= GHASH_CHUNK;
-            }
-            if ((i = (len & (size_t)-16))) {
-                GHASH(ctx, in, i);
-                while (len >= 16) {
-                    size_t *out_t = (size_t *)out;
-                    const size_t *in_t = (const size_t *)in;
-
-                    (*block) (ctx->Yi.c, ctx->EKi.c, key);
-                    ++ctr;
-                    if (is_endian.little)
-#  ifdef BSWAP4
-                        ctx->Yi.d[3] = BSWAP4(ctr);
-#  else
-                        PUTU32(ctx->Yi.c + 12, ctr);
-#  endif
-                    else
-                        ctx->Yi.d[3] = ctr;
-                    for (i = 0; i < 16 / sizeof(size_t); ++i)
-                        out_t[i] = in_t[i] ^ ctx->EKi.t[i];
-                    out += 16;
-                    in += 16;
-                    len -= 16;
-                }
-            }
-# else
-            while (len >= 16) {
-                size_t *out_t = (size_t *)out;
-                const size_t *in_t = (const size_t *)in;
-
-                (*block) (ctx->Yi.c, ctx->EKi.c, key);
-                ++ctr;
-                if (is_endian.little)
-#  ifdef BSWAP4
-                    ctx->Yi.d[3] = BSWAP4(ctr);
-#  else
-                    PUTU32(ctx->Yi.c + 12, ctr);
-#  endif
-                else
-                    ctx->Yi.d[3] = ctr;
-                for (i = 0; i < 16 / sizeof(size_t); ++i) {
-                    size_t c = in[i];
-                    out[i] = c ^ ctx->EKi.t[i];
-                    ctx->Xi.t[i] ^= c;
-                }
-                GCM_MUL(ctx, Xi);
-                out += 16;
-                in += 16;
-                len -= 16;
-            }
-# endif
-            if (len) {
-                (*block) (ctx->Yi.c, ctx->EKi.c, key);
-                ++ctr;
-                if (is_endian.little)
-# ifdef BSWAP4
-                    ctx->Yi.d[3] = BSWAP4(ctr);
-# else
-                    PUTU32(ctx->Yi.c + 12, ctr);
-# endif
-                else
-                    ctx->Yi.d[3] = ctr;
-                while (len--) {
-                    u8 c = in[n];
-                    ctx->Xi.c[n] ^= c;
-                    out[n] = c ^ ctx->EKi.c[n];
-                    ++n;
-                }
-            }
-
-            ctx->mres = n;
-            return 0;
-        } while (0);
-    }
-#endif
-    for (i = 0; i < len; ++i) {
-        u8 c;
-        if (n == 0) {
-            (*block) (ctx->Yi.c, ctx->EKi.c, key);
-            ++ctr;
-            if (is_endian.little)
-#ifdef BSWAP4
-                ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-                PUTU32(ctx->Yi.c + 12, ctr);
-#endif
-            else
-                ctx->Yi.d[3] = ctr;
-        }
-        c = in[i];
-        out[i] = c ^ ctx->EKi.c[n];
-        ctx->Xi.c[n] ^= c;
-        n = (n + 1) % 16;
-        if (n == 0)
-            GCM_MUL(ctx, Xi);
-    }
-
-    ctx->mres = n;
-    return 0;
-}
-
-int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx,
-                                const unsigned char *in, unsigned char *out,
-                                size_t len, ctr128_f stream)
-{
-    const union {
-        long one;
-        char little;
-    } is_endian = {
-        1
-    };
-    unsigned int n, ctr;
-    size_t i;
-    u64 mlen = ctx->len.u[1];
-    void *key = ctx->key;
-#ifdef GCM_FUNCREF_4BIT
-    void (*gcm_gmult_p) (u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
-# ifdef GHASH
-    void (*gcm_ghash_p) (u64 Xi[2], const u128 Htable[16],
-                         const u8 *inp, size_t len) = ctx->ghash;
-# endif
-#endif
-
-    mlen += len;
-    if (mlen > ((U64(1) << 36) - 32) || (sizeof(len) == 8 && mlen < len))
-        return -1;
-    ctx->len.u[1] = mlen;
-
-    if (ctx->ares) {
-        /* First call to encrypt finalizes GHASH(AAD) */
-        GCM_MUL(ctx, Xi);
-        ctx->ares = 0;
-    }
-
-    if (is_endian.little)
-#ifdef BSWAP4
-        ctr = BSWAP4(ctx->Yi.d[3]);
-#else
-        ctr = GETU32(ctx->Yi.c + 12);
-#endif
-    else
-        ctr = ctx->Yi.d[3];
-
-    n = ctx->mres;
-    if (n) {
-        while (n && len) {
-            ctx->Xi.c[n] ^= *(out++) = *(in++) ^ ctx->EKi.c[n];
-            --len;
-            n = (n + 1) % 16;
-        }
-        if (n == 0)
-            GCM_MUL(ctx, Xi);
-        else {
-            ctx->mres = n;
-            return 0;
-        }
-    }
-#if defined(GHASH) && !defined(OPENSSL_SMALL_FOOTPRINT)
-    while (len >= GHASH_CHUNK) {
-        (*stream) (in, out, GHASH_CHUNK / 16, key, ctx->Yi.c);
-        ctr += GHASH_CHUNK / 16;
-        if (is_endian.little)
-# ifdef BSWAP4
-            ctx->Yi.d[3] = BSWAP4(ctr);
-# else
-            PUTU32(ctx->Yi.c + 12, ctr);
-# endif
-        else
-            ctx->Yi.d[3] = ctr;
-        GHASH(ctx, out, GHASH_CHUNK);
-        out += GHASH_CHUNK;
-        in += GHASH_CHUNK;
-        len -= GHASH_CHUNK;
-    }
-#endif
-    if ((i = (len & (size_t)-16))) {
-        size_t j = i / 16;
-
-        (*stream) (in, out, j, key, ctx->Yi.c);
-        ctr += (unsigned int)j;
-        if (is_endian.little)
-#ifdef BSWAP4
-            ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-            PUTU32(ctx->Yi.c + 12, ctr);
-#endif
-        else
-            ctx->Yi.d[3] = ctr;
-        in += i;
-        len -= i;
-#if defined(GHASH)
-        GHASH(ctx, out, i);
-        out += i;
-#else
-        while (j--) {
-            for (i = 0; i < 16; ++i)
-                ctx->Xi.c[i] ^= out[i];
-            GCM_MUL(ctx, Xi);
-            out += 16;
-        }
-#endif
-    }
-    if (len) {
-        (*ctx->block) (ctx->Yi.c, ctx->EKi.c, key);
-        ++ctr;
-        if (is_endian.little)
-#ifdef BSWAP4
-            ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-            PUTU32(ctx->Yi.c + 12, ctr);
-#endif
-        else
-            ctx->Yi.d[3] = ctr;
-        while (len--) {
-            ctx->Xi.c[n] ^= out[n] = in[n] ^ ctx->EKi.c[n];
-            ++n;
-        }
-    }
-
-    ctx->mres = n;
-    return 0;
-}
-
-int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx,
-                                const unsigned char *in, unsigned char *out,
-                                size_t len, ctr128_f stream)
-{
-    const union {
-        long one;
-        char little;
-    } is_endian = {
-        1
-    };
-    unsigned int n, ctr;
-    size_t i;
-    u64 mlen = ctx->len.u[1];
-    void *key = ctx->key;
-#ifdef GCM_FUNCREF_4BIT
-    void (*gcm_gmult_p) (u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
-# ifdef GHASH
-    void (*gcm_ghash_p) (u64 Xi[2], const u128 Htable[16],
-                         const u8 *inp, size_t len) = ctx->ghash;
-# endif
-#endif
-
-    mlen += len;
-    if (mlen > ((U64(1) << 36) - 32) || (sizeof(len) == 8 && mlen < len))
-        return -1;
-    ctx->len.u[1] = mlen;
-
-    if (ctx->ares) {
-        /* First call to decrypt finalizes GHASH(AAD) */
-        GCM_MUL(ctx, Xi);
-        ctx->ares = 0;
-    }
-
-    if (is_endian.little)
-#ifdef BSWAP4
-        ctr = BSWAP4(ctx->Yi.d[3]);
-#else
-        ctr = GETU32(ctx->Yi.c + 12);
-#endif
-    else
-        ctr = ctx->Yi.d[3];
-
-    n = ctx->mres;
-    if (n) {
-        while (n && len) {
-            u8 c = *(in++);
-            *(out++) = c ^ ctx->EKi.c[n];
-            ctx->Xi.c[n] ^= c;
-            --len;
-            n = (n + 1) % 16;
-        }
-        if (n == 0)
-            GCM_MUL(ctx, Xi);
-        else {
-            ctx->mres = n;
-            return 0;
-        }
-    }
-#if defined(GHASH) && !defined(OPENSSL_SMALL_FOOTPRINT)
-    while (len >= GHASH_CHUNK) {
-        GHASH(ctx, in, GHASH_CHUNK);
-        (*stream) (in, out, GHASH_CHUNK / 16, key, ctx->Yi.c);
-        ctr += GHASH_CHUNK / 16;
-        if (is_endian.little)
-# ifdef BSWAP4
-            ctx->Yi.d[3] = BSWAP4(ctr);
-# else
-            PUTU32(ctx->Yi.c + 12, ctr);
-# endif
-        else
-            ctx->Yi.d[3] = ctr;
-        out += GHASH_CHUNK;
-        in += GHASH_CHUNK;
-        len -= GHASH_CHUNK;
-    }
-#endif
-    if ((i = (len & (size_t)-16))) {
-        size_t j = i / 16;
-
-#if defined(GHASH)
-        GHASH(ctx, in, i);
-#else
-        while (j--) {
-            size_t k;
-            for (k = 0; k < 16; ++k)
-                ctx->Xi.c[k] ^= in[k];
-            GCM_MUL(ctx, Xi);
-            in += 16;
-        }
-        j = i / 16;
-        in -= i;
-#endif
-        (*stream) (in, out, j, key, ctx->Yi.c);
-        ctr += (unsigned int)j;
-        if (is_endian.little)
-#ifdef BSWAP4
-            ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-            PUTU32(ctx->Yi.c + 12, ctr);
-#endif
-        else
-            ctx->Yi.d[3] = ctr;
-        out += i;
-        in += i;
-        len -= i;
-    }
-    if (len) {
-        (*ctx->block) (ctx->Yi.c, ctx->EKi.c, key);
-        ++ctr;
-        if (is_endian.little)
-#ifdef BSWAP4
-            ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-            PUTU32(ctx->Yi.c + 12, ctr);
-#endif
-        else
-            ctx->Yi.d[3] = ctr;
-        while (len--) {
-            u8 c = in[n];
-            ctx->Xi.c[n] ^= c;
-            out[n] = c ^ ctx->EKi.c[n];
-            ++n;
-        }
-    }
-
-    ctx->mres = n;
-    return 0;
-}
-
-int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx, const unsigned char *tag,
-                         size_t len)
-{
-    const union {
-        long one;
-        char little;
-    } is_endian = {
-        1
-    };
-    u64 alen = ctx->len.u[0] << 3;
-    u64 clen = ctx->len.u[1] << 3;
-#ifdef GCM_FUNCREF_4BIT
-    void (*gcm_gmult_p) (u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
-#endif
-
-    if (ctx->mres || ctx->ares)
-        GCM_MUL(ctx, Xi);
-
-    if (is_endian.little) {
-#ifdef BSWAP8
-        alen = BSWAP8(alen);
-        clen = BSWAP8(clen);
-#else
-        u8 *p = ctx->len.c;
-
-        ctx->len.u[0] = alen;
-        ctx->len.u[1] = clen;
-
-        alen = (u64)GETU32(p) << 32 | GETU32(p + 4);
-        clen = (u64)GETU32(p + 8) << 32 | GETU32(p + 12);
-#endif
-    }
-
-    ctx->Xi.u[0] ^= alen;
-    ctx->Xi.u[1] ^= clen;
-    GCM_MUL(ctx, Xi);
-
-    ctx->Xi.u[0] ^= ctx->EK0.u[0];
-    ctx->Xi.u[1] ^= ctx->EK0.u[1];
-
-    if (tag && len <= sizeof(ctx->Xi))
-        return CRYPTO_memcmp(ctx->Xi.c, tag, len);
-    else
-        return -1;
-}
-
-void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, unsigned char *tag, size_t len)
-{
-    CRYPTO_gcm128_finish(ctx, NULL, 0);
-    memcpy(tag, ctx->Xi.c,
-           len <= sizeof(ctx->Xi.c) ? len : sizeof(ctx->Xi.c));
-}
-
-GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block)
-{
-    GCM128_CONTEXT *ret;
-
-    if ((ret = (GCM128_CONTEXT *)OPENSSL_malloc(sizeof(GCM128_CONTEXT))))
-        CRYPTO_gcm128_init(ret, key, block);
-
-    return ret;
-}
-
-void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx)
-{
-    if (ctx) {
-        OPENSSL_cleanse(ctx, sizeof(*ctx));
-        OPENSSL_free(ctx);
-    }
-}
-
-#if defined(SELFTEST)
-# include <stdio.h>
-# include <openssl/aes.h>
-
-/* Test Case 1 */
-static const u8 K1[16], *P1 = NULL, *A1 = NULL, IV1[12], *C1 = NULL;
-static const u8 T1[] = {
-    0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61,
-    0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a
-};
-
-/* Test Case 2 */
-# define K2 K1
-# define A2 A1
-# define IV2 IV1
-static const u8 P2[16];
-static const u8 C2[] = {
-    0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92,
-    0xf3, 0x28, 0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78
-};
-
-static const u8 T2[] = {
-    0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec, 0x13, 0xbd,
-    0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf
-};
-
-/* Test Case 3 */
-# define A3 A2
-static const u8 K3[] = {
-    0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
-    0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
-};
-
-static const u8 P3[] = {
-    0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
-    0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
-    0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
-    0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
-    0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
-    0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
-    0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
-    0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
-};
-
-static const u8 IV3[] = {
-    0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
-    0xde, 0xca, 0xf8, 0x88
-};
-
-static const u8 C3[] = {
-    0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
-    0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
-    0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
-    0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
-    0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
-    0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
-    0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
-    0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85
-};
-
-static const u8 T3[] = {
-    0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6,
-    0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4
-};
-
-/* Test Case 4 */
-# define K4 K3
-# define IV4 IV3
-static const u8 P4[] = {
-    0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
-    0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
-    0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
-    0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
-    0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
-    0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
-    0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
-    0xba, 0x63, 0x7b, 0x39
-};
-
-static const u8 A4[] = {
-    0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
-    0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
-    0xab, 0xad, 0xda, 0xd2
-};
-
-static const u8 C4[] = {
-    0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
-    0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
-    0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
-    0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
-    0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
-    0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
-    0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
-    0x3d, 0x58, 0xe0, 0x91
-};
-
-static const u8 T4[] = {
-    0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb,
-    0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47
-};
-
-/* Test Case 5 */
-# define K5 K4
-# define P5 P4
-# define A5 A4
-static const u8 IV5[] = {
-    0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad
-};
-
-static const u8 C5[] = {
-    0x61, 0x35, 0x3b, 0x4c, 0x28, 0x06, 0x93, 0x4a,
-    0x77, 0x7f, 0xf5, 0x1f, 0xa2, 0x2a, 0x47, 0x55,
-    0x69, 0x9b, 0x2a, 0x71, 0x4f, 0xcd, 0xc6, 0xf8,
-    0x37, 0x66, 0xe5, 0xf9, 0x7b, 0x6c, 0x74, 0x23,
-    0x73, 0x80, 0x69, 0x00, 0xe4, 0x9f, 0x24, 0xb2,
-    0x2b, 0x09, 0x75, 0x44, 0xd4, 0x89, 0x6b, 0x42,
-    0x49, 0x89, 0xb5, 0xe1, 0xeb, 0xac, 0x0f, 0x07,
-    0xc2, 0x3f, 0x45, 0x98
-};
-
-static const u8 T5[] = {
-    0x36, 0x12, 0xd2, 0xe7, 0x9e, 0x3b, 0x07, 0x85,
-    0x56, 0x1b, 0xe1, 0x4a, 0xac, 0xa2, 0xfc, 0xcb
-};
-
-/* Test Case 6 */
-# define K6 K5
-# define P6 P5
-# define A6 A5
-static const u8 IV6[] = {
-    0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
-    0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
-    0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
-    0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
-    0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
-    0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
-    0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
-    0xa6, 0x37, 0xb3, 0x9b
-};
-
-static const u8 C6[] = {
-    0x8c, 0xe2, 0x49, 0x98, 0x62, 0x56, 0x15, 0xb6,
-    0x03, 0xa0, 0x33, 0xac, 0xa1, 0x3f, 0xb8, 0x94,
-    0xbe, 0x91, 0x12, 0xa5, 0xc3, 0xa2, 0x11, 0xa8,
-    0xba, 0x26, 0x2a, 0x3c, 0xca, 0x7e, 0x2c, 0xa7,
-    0x01, 0xe4, 0xa9, 0xa4, 0xfb, 0xa4, 0x3c, 0x90,
-    0xcc, 0xdc, 0xb2, 0x81, 0xd4, 0x8c, 0x7c, 0x6f,
-    0xd6, 0x28, 0x75, 0xd2, 0xac, 0xa4, 0x17, 0x03,
-    0x4c, 0x34, 0xae, 0xe5
-};
-
-static const u8 T6[] = {
-    0x61, 0x9c, 0xc5, 0xae, 0xff, 0xfe, 0x0b, 0xfa,
-    0x46, 0x2a, 0xf4, 0x3c, 0x16, 0x99, 0xd0, 0x50
-};
-
-/* Test Case 7 */
-static const u8 K7[24], *P7 = NULL, *A7 = NULL, IV7[12], *C7 = NULL;
-static const u8 T7[] = {
-    0xcd, 0x33, 0xb2, 0x8a, 0xc7, 0x73, 0xf7, 0x4b,
-    0xa0, 0x0e, 0xd1, 0xf3, 0x12, 0x57, 0x24, 0x35
-};
-
-/* Test Case 8 */
-# define K8 K7
-# define IV8 IV7
-# define A8 A7
-static const u8 P8[16];
-static const u8 C8[] = {
-    0x98, 0xe7, 0x24, 0x7c, 0x07, 0xf0, 0xfe, 0x41,
-    0x1c, 0x26, 0x7e, 0x43, 0x84, 0xb0, 0xf6, 0x00
-};
-
-static const u8 T8[] = {
-    0x2f, 0xf5, 0x8d, 0x80, 0x03, 0x39, 0x27, 0xab,
-    0x8e, 0xf4, 0xd4, 0x58, 0x75, 0x14, 0xf0, 0xfb
-};
-
-/* Test Case 9 */
-# define A9 A8
-static const u8 K9[] = {
-    0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
-    0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
-    0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c
-};
-
-static const u8 P9[] = {
-    0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
-    0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
-    0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
-    0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
-    0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
-    0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
-    0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
-    0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
-};
-
-static const u8 IV9[] = {
-    0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
-    0xde, 0xca, 0xf8, 0x88
-};
-
-static const u8 C9[] = {
-    0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
-    0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
-    0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
-    0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
-    0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
-    0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
-    0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
-    0xcc, 0xda, 0x27, 0x10, 0xac, 0xad, 0xe2, 0x56
-};
-
-static const u8 T9[] = {
-    0x99, 0x24, 0xa7, 0xc8, 0x58, 0x73, 0x36, 0xbf,
-    0xb1, 0x18, 0x02, 0x4d, 0xb8, 0x67, 0x4a, 0x14
-};
-
-/* Test Case 10 */
-# define K10 K9
-# define IV10 IV9
-static const u8 P10[] = {
-    0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
-    0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
-    0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
-    0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
-    0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
-    0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
-    0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
-    0xba, 0x63, 0x7b, 0x39
-};
-
-static const u8 A10[] = {
-    0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
-    0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
-    0xab, 0xad, 0xda, 0xd2
-};
-
-static const u8 C10[] = {
-    0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
-    0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
-    0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
-    0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
-    0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
-    0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
-    0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
-    0xcc, 0xda, 0x27, 0x10
-};
-
-static const u8 T10[] = {
-    0x25, 0x19, 0x49, 0x8e, 0x80, 0xf1, 0x47, 0x8f,
-    0x37, 0xba, 0x55, 0xbd, 0x6d, 0x27, 0x61, 0x8c
-};
-
-/* Test Case 11 */
-# define K11 K10
-# define P11 P10
-# define A11 A10
-static const u8 IV11[] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad };
-
-static const u8 C11[] = {
-    0x0f, 0x10, 0xf5, 0x99, 0xae, 0x14, 0xa1, 0x54,
-    0xed, 0x24, 0xb3, 0x6e, 0x25, 0x32, 0x4d, 0xb8,
-    0xc5, 0x66, 0x63, 0x2e, 0xf2, 0xbb, 0xb3, 0x4f,
-    0x83, 0x47, 0x28, 0x0f, 0xc4, 0x50, 0x70, 0x57,
-    0xfd, 0xdc, 0x29, 0xdf, 0x9a, 0x47, 0x1f, 0x75,
-    0xc6, 0x65, 0x41, 0xd4, 0xd4, 0xda, 0xd1, 0xc9,
-    0xe9, 0x3a, 0x19, 0xa5, 0x8e, 0x8b, 0x47, 0x3f,
-    0xa0, 0xf0, 0x62, 0xf7
-};
-
-static const u8 T11[] = {
-    0x65, 0xdc, 0xc5, 0x7f, 0xcf, 0x62, 0x3a, 0x24,
-    0x09, 0x4f, 0xcc, 0xa4, 0x0d, 0x35, 0x33, 0xf8
-};
-
-/* Test Case 12 */
-# define K12 K11
-# define P12 P11
-# define A12 A11
-static const u8 IV12[] = {
-    0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
-    0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
-    0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
-    0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
-    0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
-    0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
-    0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
-    0xa6, 0x37, 0xb3, 0x9b
-};
-
-static const u8 C12[] = {
-    0xd2, 0x7e, 0x88, 0x68, 0x1c, 0xe3, 0x24, 0x3c,
-    0x48, 0x30, 0x16, 0x5a, 0x8f, 0xdc, 0xf9, 0xff,
-    0x1d, 0xe9, 0xa1, 0xd8, 0xe6, 0xb4, 0x47, 0xef,
-    0x6e, 0xf7, 0xb7, 0x98, 0x28, 0x66, 0x6e, 0x45,
-    0x81, 0xe7, 0x90, 0x12, 0xaf, 0x34, 0xdd, 0xd9,
-    0xe2, 0xf0, 0x37, 0x58, 0x9b, 0x29, 0x2d, 0xb3,
-    0xe6, 0x7c, 0x03, 0x67, 0x45, 0xfa, 0x22, 0xe7,
-    0xe9, 0xb7, 0x37, 0x3b
-};
-
-static const u8 T12[] = {
-    0xdc, 0xf5, 0x66, 0xff, 0x29, 0x1c, 0x25, 0xbb,
-    0xb8, 0x56, 0x8f, 0xc3, 0xd3, 0x76, 0xa6, 0xd9
-};
-
-/* Test Case 13 */
-static const u8 K13[32], *P13 = NULL, *A13 = NULL, IV13[12], *C13 = NULL;
-static const u8 T13[] = {
-    0x53, 0x0f, 0x8a, 0xfb, 0xc7, 0x45, 0x36, 0xb9,
-    0xa9, 0x63, 0xb4, 0xf1, 0xc4, 0xcb, 0x73, 0x8b
-};
-
-/* Test Case 14 */
-# define K14 K13
-# define A14 A13
-static const u8 P14[16], IV14[12];
-static const u8 C14[] = {
-    0xce, 0xa7, 0x40, 0x3d, 0x4d, 0x60, 0x6b, 0x6e,
-    0x07, 0x4e, 0xc5, 0xd3, 0xba, 0xf3, 0x9d, 0x18
-};
-
-static const u8 T14[] = {
-    0xd0, 0xd1, 0xc8, 0xa7, 0x99, 0x99, 0x6b, 0xf0,
-    0x26, 0x5b, 0x98, 0xb5, 0xd4, 0x8a, 0xb9, 0x19
-};
-
-/* Test Case 15 */
-# define A15 A14
-static const u8 K15[] = {
-    0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
-    0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
-    0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
-    0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
-};
-
-static const u8 P15[] = {
-    0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
-    0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
-    0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
-    0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
-    0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
-    0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
-    0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
-    0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
-};
-
-static const u8 IV15[] = {
-    0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
-    0xde, 0xca, 0xf8, 0x88
-};
-
-static const u8 C15[] = {
-    0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
-    0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
-    0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
-    0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
-    0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
-    0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
-    0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
-    0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad
-};
-
-static const u8 T15[] = {
-    0xb0, 0x94, 0xda, 0xc5, 0xd9, 0x34, 0x71, 0xbd,
-    0xec, 0x1a, 0x50, 0x22, 0x70, 0xe3, 0xcc, 0x6c
-};
-
-/* Test Case 16 */
-# define K16 K15
-# define IV16 IV15
-static const u8 P16[] = {
-    0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
-    0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
-    0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
-    0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
-    0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
-    0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
-    0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
-    0xba, 0x63, 0x7b, 0x39
-};
-
-static const u8 A16[] = {
-    0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
-    0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
-    0xab, 0xad, 0xda, 0xd2
-};
-
-static const u8 C16[] = {
-    0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
-    0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
-    0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
-    0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
-    0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
-    0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
-    0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
-    0xbc, 0xc9, 0xf6, 0x62
-};
-
-static const u8 T16[] = {
-    0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68,
-    0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b
-};
-
-/* Test Case 17 */
-# define K17 K16
-# define P17 P16
-# define A17 A16
-static const u8 IV17[] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad };
-
-static const u8 C17[] = {
-    0xc3, 0x76, 0x2d, 0xf1, 0xca, 0x78, 0x7d, 0x32,
-    0xae, 0x47, 0xc1, 0x3b, 0xf1, 0x98, 0x44, 0xcb,
-    0xaf, 0x1a, 0xe1, 0x4d, 0x0b, 0x97, 0x6a, 0xfa,
-    0xc5, 0x2f, 0xf7, 0xd7, 0x9b, 0xba, 0x9d, 0xe0,
-    0xfe, 0xb5, 0x82, 0xd3, 0x39, 0x34, 0xa4, 0xf0,
-    0x95, 0x4c, 0xc2, 0x36, 0x3b, 0xc7, 0x3f, 0x78,
-    0x62, 0xac, 0x43, 0x0e, 0x64, 0xab, 0xe4, 0x99,
-    0xf4, 0x7c, 0x9b, 0x1f
-};
-
-static const u8 T17[] = {
-    0x3a, 0x33, 0x7d, 0xbf, 0x46, 0xa7, 0x92, 0xc4,
-    0x5e, 0x45, 0x49, 0x13, 0xfe, 0x2e, 0xa8, 0xf2
-};
-
-/* Test Case 18 */
-# define K18 K17
-# define P18 P17
-# define A18 A17
-static const u8 IV18[] = {
-    0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
-    0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
-    0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
-    0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
-    0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
-    0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
-    0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
-    0xa6, 0x37, 0xb3, 0x9b
-};
-
-static const u8 C18[] = {
-    0x5a, 0x8d, 0xef, 0x2f, 0x0c, 0x9e, 0x53, 0xf1,
-    0xf7, 0x5d, 0x78, 0x53, 0x65, 0x9e, 0x2a, 0x20,
-    0xee, 0xb2, 0xb2, 0x2a, 0xaf, 0xde, 0x64, 0x19,
-    0xa0, 0x58, 0xab, 0x4f, 0x6f, 0x74, 0x6b, 0xf4,
-    0x0f, 0xc0, 0xc3, 0xb7, 0x80, 0xf2, 0x44, 0x45,
-    0x2d, 0xa3, 0xeb, 0xf1, 0xc5, 0xd8, 0x2c, 0xde,
-    0xa2, 0x41, 0x89, 0x97, 0x20, 0x0e, 0xf8, 0x2e,
-    0x44, 0xae, 0x7e, 0x3f
-};
-
-static const u8 T18[] = {
-    0xa4, 0x4a, 0x82, 0x66, 0xee, 0x1c, 0x8e, 0xb0,
-    0xc8, 0xb5, 0xd4, 0xcf, 0x5a, 0xe9, 0xf1, 0x9a
-};
-
-/* Test Case 19 */
-# define K19 K1
-# define P19 P1
-# define IV19 IV1
-# define C19 C1
-static const u8 A19[] = {
-    0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
-    0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
-    0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
-    0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
-    0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
-    0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
-    0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
-    0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55,
-    0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
-    0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
-    0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
-    0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
-    0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
-    0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
-    0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
-    0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad
-};
-
-static const u8 T19[] = {
-    0x5f, 0xea, 0x79, 0x3a, 0x2d, 0x6f, 0x97, 0x4d,
-    0x37, 0xe6, 0x8e, 0x0c, 0xb8, 0xff, 0x94, 0x92
-};
-
-/* Test Case 20 */
-# define K20 K1
-# define A20 A1
-/* this results in 0xff in counter LSB */
-static const u8 IV20[64] = { 0xff, 0xff, 0xff, 0xff };
-
-static const u8 P20[288];
-static const u8 C20[] = {
-    0x56, 0xb3, 0x37, 0x3c, 0xa9, 0xef, 0x6e, 0x4a,
-    0x2b, 0x64, 0xfe, 0x1e, 0x9a, 0x17, 0xb6, 0x14,
-    0x25, 0xf1, 0x0d, 0x47, 0xa7, 0x5a, 0x5f, 0xce,
-    0x13, 0xef, 0xc6, 0xbc, 0x78, 0x4a, 0xf2, 0x4f,
-    0x41, 0x41, 0xbd, 0xd4, 0x8c, 0xf7, 0xc7, 0x70,
-    0x88, 0x7a, 0xfd, 0x57, 0x3c, 0xca, 0x54, 0x18,
-    0xa9, 0xae, 0xff, 0xcd, 0x7c, 0x5c, 0xed, 0xdf,
-    0xc6, 0xa7, 0x83, 0x97, 0xb9, 0xa8, 0x5b, 0x49,
-    0x9d, 0xa5, 0x58, 0x25, 0x72, 0x67, 0xca, 0xab,
-    0x2a, 0xd0, 0xb2, 0x3c, 0xa4, 0x76, 0xa5, 0x3c,
-    0xb1, 0x7f, 0xb4, 0x1c, 0x4b, 0x8b, 0x47, 0x5c,
-    0xb4, 0xf3, 0xf7, 0x16, 0x50, 0x94, 0xc2, 0x29,
-    0xc9, 0xe8, 0xc4, 0xdc, 0x0a, 0x2a, 0x5f, 0xf1,
-    0x90, 0x3e, 0x50, 0x15, 0x11, 0x22, 0x13, 0x76,
-    0xa1, 0xcd, 0xb8, 0x36, 0x4c, 0x50, 0x61, 0xa2,
-    0x0c, 0xae, 0x74, 0xbc, 0x4a, 0xcd, 0x76, 0xce,
-    0xb0, 0xab, 0xc9, 0xfd, 0x32, 0x17, 0xef, 0x9f,
-    0x8c, 0x90, 0xbe, 0x40, 0x2d, 0xdf, 0x6d, 0x86,
-    0x97, 0xf4, 0xf8, 0x80, 0xdf, 0xf1, 0x5b, 0xfb,
-    0x7a, 0x6b, 0x28, 0x24, 0x1e, 0xc8, 0xfe, 0x18,
-    0x3c, 0x2d, 0x59, 0xe3, 0xf9, 0xdf, 0xff, 0x65,
-    0x3c, 0x71, 0x26, 0xf0, 0xac, 0xb9, 0xe6, 0x42,
-    0x11, 0xf4, 0x2b, 0xae, 0x12, 0xaf, 0x46, 0x2b,
-    0x10, 0x70, 0xbe, 0xf1, 0xab, 0x5e, 0x36, 0x06,
-    0x87, 0x2c, 0xa1, 0x0d, 0xee, 0x15, 0xb3, 0x24,
-    0x9b, 0x1a, 0x1b, 0x95, 0x8f, 0x23, 0x13, 0x4c,
-    0x4b, 0xcc, 0xb7, 0xd0, 0x32, 0x00, 0xbc, 0xe4,
-    0x20, 0xa2, 0xf8, 0xeb, 0x66, 0xdc, 0xf3, 0x64,
-    0x4d, 0x14, 0x23, 0xc1, 0xb5, 0x69, 0x90, 0x03,
-    0xc1, 0x3e, 0xce, 0xf4, 0xbf, 0x38, 0xa3, 0xb6,
-    0x0e, 0xed, 0xc3, 0x40, 0x33, 0xba, 0xc1, 0x90,
-    0x27, 0x83, 0xdc, 0x6d, 0x89, 0xe2, 0xe7, 0x74,
-    0x18, 0x8a, 0x43, 0x9c, 0x7e, 0xbc, 0xc0, 0x67,
-    0x2d, 0xbd, 0xa4, 0xdd, 0xcf, 0xb2, 0x79, 0x46,
-    0x13, 0xb0, 0xbe, 0x41, 0x31, 0x5e, 0xf7, 0x78,
-    0x70, 0x8a, 0x70, 0xee, 0x7d, 0x75, 0x16, 0x5c
-};
-
-static const u8 T20[] = {
-    0x8b, 0x30, 0x7f, 0x6b, 0x33, 0x28, 0x6d, 0x0a,
-    0xb0, 0x26, 0xa9, 0xed, 0x3f, 0xe1, 0xe8, 0x5f
-};
-
-# define TEST_CASE(n)    do {                                    \
-        u8 out[sizeof(P##n)];                                   \
-        AES_set_encrypt_key(K##n,sizeof(K##n)*8,&key);          \
-        CRYPTO_gcm128_init(&ctx,&key,(block128_f)AES_encrypt);  \
-        CRYPTO_gcm128_setiv(&ctx,IV##n,sizeof(IV##n));          \
-        memset(out,0,sizeof(out));                              \
-        if (A##n) CRYPTO_gcm128_aad(&ctx,A##n,sizeof(A##n));    \
-        if (P##n) CRYPTO_gcm128_encrypt(&ctx,P##n,out,sizeof(out));     \
-        if (CRYPTO_gcm128_finish(&ctx,T##n,16) ||               \
-            (C##n && memcmp(out,C##n,sizeof(out))))             \
-                ret++, printf ("encrypt test#%d failed.\n",n);  \
-        CRYPTO_gcm128_setiv(&ctx,IV##n,sizeof(IV##n));          \
-        memset(out,0,sizeof(out));                              \
-        if (A##n) CRYPTO_gcm128_aad(&ctx,A##n,sizeof(A##n));    \
-        if (C##n) CRYPTO_gcm128_decrypt(&ctx,C##n,out,sizeof(out));     \
-        if (CRYPTO_gcm128_finish(&ctx,T##n,16) ||               \
-            (P##n && memcmp(out,P##n,sizeof(out))))             \
-                ret++, printf ("decrypt test#%d failed.\n",n);  \
-        } while(0)
-
-int main()
-{
-    GCM128_CONTEXT ctx;
-    AES_KEY key;
-    int ret = 0;
-
-    TEST_CASE(1);
-    TEST_CASE(2);
-    TEST_CASE(3);
-    TEST_CASE(4);
-    TEST_CASE(5);
-    TEST_CASE(6);
-    TEST_CASE(7);
-    TEST_CASE(8);
-    TEST_CASE(9);
-    TEST_CASE(10);
-    TEST_CASE(11);
-    TEST_CASE(12);
-    TEST_CASE(13);
-    TEST_CASE(14);
-    TEST_CASE(15);
-    TEST_CASE(16);
-    TEST_CASE(17);
-    TEST_CASE(18);
-    TEST_CASE(19);
-    TEST_CASE(20);
-
-# ifdef OPENSSL_CPUID_OBJ
-    {
-        size_t start, stop, gcm_t, ctr_t, OPENSSL_rdtsc();
-        union {
-            u64 u;
-            u8 c[1024];
-        } buf;
-        int i;
-
-        AES_set_encrypt_key(K1, sizeof(K1) * 8, &key);
-        CRYPTO_gcm128_init(&ctx, &key, (block128_f) AES_encrypt);
-        CRYPTO_gcm128_setiv(&ctx, IV1, sizeof(IV1));
-
-        CRYPTO_gcm128_encrypt(&ctx, buf.c, buf.c, sizeof(buf));
-        start = OPENSSL_rdtsc();
-        CRYPTO_gcm128_encrypt(&ctx, buf.c, buf.c, sizeof(buf));
-        gcm_t = OPENSSL_rdtsc() - start;
-
-        CRYPTO_ctr128_encrypt(buf.c, buf.c, sizeof(buf),
-                              &key, ctx.Yi.c, ctx.EKi.c, &ctx.mres,
-                              (block128_f) AES_encrypt);
-        start = OPENSSL_rdtsc();
-        CRYPTO_ctr128_encrypt(buf.c, buf.c, sizeof(buf),
-                              &key, ctx.Yi.c, ctx.EKi.c, &ctx.mres,
-                              (block128_f) AES_encrypt);
-        ctr_t = OPENSSL_rdtsc() - start;
-
-        printf("%.2f-%.2f=%.2f\n",
-               gcm_t / (double)sizeof(buf),
-               ctr_t / (double)sizeof(buf),
-               (gcm_t - ctr_t) / (double)sizeof(buf));
-#  ifdef GHASH
-        {
-            void (*gcm_ghash_p) (u64 Xi[2], const u128 Htable[16],
-                                 const u8 *inp, size_t len) = ctx.ghash;
-
-            GHASH((&ctx), buf.c, sizeof(buf));
-            start = OPENSSL_rdtsc();
-            for (i = 0; i < 100; ++i)
-                GHASH((&ctx), buf.c, sizeof(buf));
-            gcm_t = OPENSSL_rdtsc() - start;
-            printf("%.2f\n", gcm_t / (double)sizeof(buf) / (double)i);
-        }
-#  endif
-    }
-# endif
-
-    return ret;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/modes/modes_lcl.h b/thirdparty/openssl/crypto/modes/modes_lcl.h
deleted file mode 100644
index fe14ec7002..0000000000
--- a/thirdparty/openssl/crypto/modes/modes_lcl.h
+++ /dev/null
@@ -1,143 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2010 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use is governed by OpenSSL license.
- * ====================================================================
- */
-
-#include <openssl/modes.h>
-
-#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
-typedef __int64 i64;
-typedef unsigned __int64 u64;
-# define U64(C) C##UI64
-#elif defined(__arch64__)
-typedef long i64;
-typedef unsigned long u64;
-# define U64(C) C##UL
-#else
-typedef long long i64;
-typedef unsigned long long u64;
-# define U64(C) C##ULL
-#endif
-
-typedef unsigned int u32;
-typedef unsigned char u8;
-
-#define STRICT_ALIGNMENT 1
-#ifndef PEDANTIC
-# if defined(__i386)    || defined(__i386__)    || \
-     defined(__x86_64)  || defined(__x86_64__)  || \
-     defined(_M_IX86)   || defined(_M_AMD64)    || defined(_M_X64) || \
-     defined(__aarch64__)                       || \
-     defined(__s390__)  || defined(__s390x__)
-#  undef STRICT_ALIGNMENT
-# endif
-#endif
-
-#if !defined(PEDANTIC) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-# if defined(__GNUC__) && __GNUC__>=2
-#  if defined(__x86_64) || defined(__x86_64__)
-#   define BSWAP8(x) ({ u64 ret_=(x);                   \
-                        asm ("bswapq %0"                \
-                        : "+r"(ret_));   ret_;          })
-#   define BSWAP4(x) ({ u32 ret_=(x);                   \
-                        asm ("bswapl %0"                \
-                        : "+r"(ret_));   ret_;          })
-#  elif (defined(__i386) || defined(__i386__)) && !defined(I386_ONLY)
-#   define BSWAP8(x) ({ u32 lo_=(u64)(x)>>32,hi_=(x);   \
-                        asm ("bswapl %0; bswapl %1"     \
-                        : "+r"(hi_),"+r"(lo_));         \
-                        (u64)hi_<<32|lo_;               })
-#   define BSWAP4(x) ({ u32 ret_=(x);                   \
-                        asm ("bswapl %0"                \
-                        : "+r"(ret_));   ret_;          })
-#  elif defined(__aarch64__)
-#   define BSWAP8(x) ({ u64 ret_;                       \
-                        asm ("rev %0,%1"                \
-                        : "=r"(ret_) : "r"(x)); ret_;   })
-#   define BSWAP4(x) ({ u32 ret_;                       \
-                        asm ("rev %w0,%w1"              \
-                        : "=r"(ret_) : "r"(x)); ret_;   })
-#  elif (defined(__arm__) || defined(__arm)) && !defined(STRICT_ALIGNMENT)
-#   define BSWAP8(x) ({ u32 lo_=(u64)(x)>>32,hi_=(x);   \
-                        asm ("rev %0,%0; rev %1,%1"     \
-                        : "+r"(hi_),"+r"(lo_));         \
-                        (u64)hi_<<32|lo_;               })
-#   define BSWAP4(x) ({ u32 ret_;                       \
-                        asm ("rev %0,%1"                \
-                        : "=r"(ret_) : "r"((u32)(x)));  \
-                        ret_;                           })
-#  endif
-# elif defined(_MSC_VER)
-#  if _MSC_VER>=1300
-#   pragma intrinsic(_byteswap_uint64,_byteswap_ulong)
-#   define BSWAP8(x)    _byteswap_uint64((u64)(x))
-#   define BSWAP4(x)    _byteswap_ulong((u32)(x))
-#  elif defined(_M_IX86)
-__inline u32 _bswap4(u32 val)
-{
-_asm mov eax, val _asm bswap eax}
-#   define BSWAP4(x)    _bswap4(x)
-#  endif
-# endif
-#endif
-#if defined(BSWAP4) && !defined(STRICT_ALIGNMENT)
-# define GETU32(p)       BSWAP4(*(const u32 *)(p))
-# define PUTU32(p,v)     *(u32 *)(p) = BSWAP4(v)
-#else
-# define GETU32(p)       ((u32)(p)[0]<<24|(u32)(p)[1]<<16|(u32)(p)[2]<<8|(u32)(p)[3])
-# define PUTU32(p,v)     ((p)[0]=(u8)((v)>>24),(p)[1]=(u8)((v)>>16),(p)[2]=(u8)((v)>>8),(p)[3]=(u8)(v))
-#endif
-/*- GCM definitions */ typedef struct {
-    u64 hi, lo;
-} u128;
-
-#ifdef  TABLE_BITS
-# undef  TABLE_BITS
-#endif
-/*
- * Even though permitted values for TABLE_BITS are 8, 4 and 1, it should
- * never be set to 8 [or 1]. For further information see gcm128.c.
- */
-#define TABLE_BITS 4
-
-struct gcm128_context {
-    /* Following 6 names follow names in GCM specification */
-    union {
-        u64 u[2];
-        u32 d[4];
-        u8 c[16];
-        size_t t[16 / sizeof(size_t)];
-    } Yi, EKi, EK0, len, Xi, H;
-    /*
-     * Relative position of Xi, H and pre-computed Htable is used in some
-     * assembler modules, i.e. don't change the order!
-     */
-#if TABLE_BITS==8
-    u128 Htable[256];
-#else
-    u128 Htable[16];
-    void (*gmult) (u64 Xi[2], const u128 Htable[16]);
-    void (*ghash) (u64 Xi[2], const u128 Htable[16], const u8 *inp,
-                   size_t len);
-#endif
-    unsigned int mres, ares;
-    block128_f block;
-    void *key;
-};
-
-struct xts128_context {
-    void *key1, *key2;
-    block128_f block1, block2;
-};
-
-struct ccm128_context {
-    union {
-        u64 u[2];
-        u8 c[16];
-    } nonce, cmac;
-    u64 blocks;
-    block128_f block;
-    void *key;
-};
diff --git a/thirdparty/openssl/crypto/modes/ofb128.c b/thirdparty/openssl/crypto/modes/ofb128.c
deleted file mode 100644
index 4dbaccd7a6..0000000000
--- a/thirdparty/openssl/crypto/modes/ofb128.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/crypto.h>
-#include "modes_lcl.h"
-#include <string.h>
-
-#ifndef MODES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-/*
- * The input and output encrypted as though 128bit ofb mode is being used.
- * The extra state information to record how much of the 128bit block we have
- * used is contained in *num;
- */
-void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
-                           size_t len, const void *key,
-                           unsigned char ivec[16], int *num, block128_f block)
-{
-    unsigned int n;
-    size_t l = 0;
-
-    assert(in && out && key && ivec && num);
-
-    n = *num;
-
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-    if (16 % sizeof(size_t) == 0) { /* always true actually */
-        do {
-            while (n && len) {
-                *(out++) = *(in++) ^ ivec[n];
-                --len;
-                n = (n + 1) % 16;
-            }
-# if defined(STRICT_ALIGNMENT)
-            if (((size_t)in | (size_t)out | (size_t)ivec) % sizeof(size_t) !=
-                0)
-                break;
-# endif
-            while (len >= 16) {
-                (*block) (ivec, ivec, key);
-                for (; n < 16; n += sizeof(size_t))
-                    *(size_t *)(out + n) =
-                        *(size_t *)(in + n) ^ *(size_t *)(ivec + n);
-                len -= 16;
-                out += 16;
-                in += 16;
-                n = 0;
-            }
-            if (len) {
-                (*block) (ivec, ivec, key);
-                while (len--) {
-                    out[n] = in[n] ^ ivec[n];
-                    ++n;
-                }
-            }
-            *num = n;
-            return;
-        } while (0);
-    }
-    /* the rest would be commonly eliminated by x86* compiler */
-#endif
-    while (l < len) {
-        if (n == 0) {
-            (*block) (ivec, ivec, key);
-        }
-        out[l] = in[l] ^ ivec[n];
-        ++l;
-        n = (n + 1) % 16;
-    }
-
-    *num = n;
-}
diff --git a/thirdparty/openssl/crypto/modes/wrap128.c b/thirdparty/openssl/crypto/modes/wrap128.c
deleted file mode 100644
index 384978371a..0000000000
--- a/thirdparty/openssl/crypto/modes/wrap128.c
+++ /dev/null
@@ -1,138 +0,0 @@
-/* crypto/modes/wrap128.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2013 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include "cryptlib.h"
-#include <openssl/modes.h>
-
-static const unsigned char default_iv[] = {
-    0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6,
-};
-
-/*
- * Input size limit: lower than maximum of standards but far larger than
- * anything that will be used in practice.
- */
-#define CRYPTO128_WRAP_MAX (1UL << 31)
-
-size_t CRYPTO_128_wrap(void *key, const unsigned char *iv,
-                       unsigned char *out,
-                       const unsigned char *in, size_t inlen,
-                       block128_f block)
-{
-    unsigned char *A, B[16], *R;
-    size_t i, j, t;
-    if ((inlen & 0x7) || (inlen < 8) || (inlen > CRYPTO128_WRAP_MAX))
-        return 0;
-    A = B;
-    t = 1;
-    memmove(out + 8, in, inlen);
-    if (!iv)
-        iv = default_iv;
-
-    memcpy(A, iv, 8);
-
-    for (j = 0; j < 6; j++) {
-        R = out + 8;
-        for (i = 0; i < inlen; i += 8, t++, R += 8) {
-            memcpy(B + 8, R, 8);
-            block(B, B, key);
-            A[7] ^= (unsigned char)(t & 0xff);
-            if (t > 0xff) {
-                A[6] ^= (unsigned char)((t >> 8) & 0xff);
-                A[5] ^= (unsigned char)((t >> 16) & 0xff);
-                A[4] ^= (unsigned char)((t >> 24) & 0xff);
-            }
-            memcpy(R, B + 8, 8);
-        }
-    }
-    memcpy(out, A, 8);
-    return inlen + 8;
-}
-
-size_t CRYPTO_128_unwrap(void *key, const unsigned char *iv,
-                         unsigned char *out,
-                         const unsigned char *in, size_t inlen,
-                         block128_f block)
-{
-    unsigned char *A, B[16], *R;
-    size_t i, j, t;
-    inlen -= 8;
-    if ((inlen & 0x7) || (inlen < 16) || (inlen > CRYPTO128_WRAP_MAX))
-        return 0;
-    A = B;
-    t = 6 * (inlen >> 3);
-    memcpy(A, in, 8);
-    memmove(out, in + 8, inlen);
-    for (j = 0; j < 6; j++) {
-        R = out + inlen - 8;
-        for (i = 0; i < inlen; i += 8, t--, R -= 8) {
-            A[7] ^= (unsigned char)(t & 0xff);
-            if (t > 0xff) {
-                A[6] ^= (unsigned char)((t >> 8) & 0xff);
-                A[5] ^= (unsigned char)((t >> 16) & 0xff);
-                A[4] ^= (unsigned char)((t >> 24) & 0xff);
-            }
-            memcpy(B + 8, R, 8);
-            block(B, B, key);
-            memcpy(R, B + 8, 8);
-        }
-    }
-    if (!iv)
-        iv = default_iv;
-    if (memcmp(A, iv, 8)) {
-        OPENSSL_cleanse(out, inlen);
-        return 0;
-    }
-    return inlen;
-}
diff --git a/thirdparty/openssl/crypto/modes/xts128.c b/thirdparty/openssl/crypto/modes/xts128.c
deleted file mode 100644
index 8f2af588b2..0000000000
--- a/thirdparty/openssl/crypto/modes/xts128.c
+++ /dev/null
@@ -1,204 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/crypto.h>
-#include "modes_lcl.h"
-#include <string.h>
-
-#ifndef MODES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx,
-                          const unsigned char iv[16],
-                          const unsigned char *inp, unsigned char *out,
-                          size_t len, int enc)
-{
-    const union {
-        long one;
-        char little;
-    } is_endian = {
-        1
-    };
-    union {
-        u64 u[2];
-        u32 d[4];
-        u8 c[16];
-    } tweak, scratch;
-    unsigned int i;
-
-    if (len < 16)
-        return -1;
-
-    memcpy(tweak.c, iv, 16);
-
-    (*ctx->block2) (tweak.c, tweak.c, ctx->key2);
-
-    if (!enc && (len % 16))
-        len -= 16;
-
-    while (len >= 16) {
-#if defined(STRICT_ALIGNMENT)
-        memcpy(scratch.c, inp, 16);
-        scratch.u[0] ^= tweak.u[0];
-        scratch.u[1] ^= tweak.u[1];
-#else
-        scratch.u[0] = ((u64 *)inp)[0] ^ tweak.u[0];
-        scratch.u[1] = ((u64 *)inp)[1] ^ tweak.u[1];
-#endif
-        (*ctx->block1) (scratch.c, scratch.c, ctx->key1);
-#if defined(STRICT_ALIGNMENT)
-        scratch.u[0] ^= tweak.u[0];
-        scratch.u[1] ^= tweak.u[1];
-        memcpy(out, scratch.c, 16);
-#else
-        ((u64 *)out)[0] = scratch.u[0] ^= tweak.u[0];
-        ((u64 *)out)[1] = scratch.u[1] ^= tweak.u[1];
-#endif
-        inp += 16;
-        out += 16;
-        len -= 16;
-
-        if (len == 0)
-            return 0;
-
-        if (is_endian.little) {
-            unsigned int carry, res;
-
-            res = 0x87 & (((int)tweak.d[3]) >> 31);
-            carry = (unsigned int)(tweak.u[0] >> 63);
-            tweak.u[0] = (tweak.u[0] << 1) ^ res;
-            tweak.u[1] = (tweak.u[1] << 1) | carry;
-        } else {
-            size_t c;
-
-            for (c = 0, i = 0; i < 16; ++i) {
-                /*
-                 * + substitutes for |, because c is 1 bit
-                 */
-                c += ((size_t)tweak.c[i]) << 1;
-                tweak.c[i] = (u8)c;
-                c = c >> 8;
-            }
-            tweak.c[0] ^= (u8)(0x87 & (0 - c));
-        }
-    }
-    if (enc) {
-        for (i = 0; i < len; ++i) {
-            u8 c = inp[i];
-            out[i] = scratch.c[i];
-            scratch.c[i] = c;
-        }
-        scratch.u[0] ^= tweak.u[0];
-        scratch.u[1] ^= tweak.u[1];
-        (*ctx->block1) (scratch.c, scratch.c, ctx->key1);
-        scratch.u[0] ^= tweak.u[0];
-        scratch.u[1] ^= tweak.u[1];
-        memcpy(out - 16, scratch.c, 16);
-    } else {
-        union {
-            u64 u[2];
-            u8 c[16];
-        } tweak1;
-
-        if (is_endian.little) {
-            unsigned int carry, res;
-
-            res = 0x87 & (((int)tweak.d[3]) >> 31);
-            carry = (unsigned int)(tweak.u[0] >> 63);
-            tweak1.u[0] = (tweak.u[0] << 1) ^ res;
-            tweak1.u[1] = (tweak.u[1] << 1) | carry;
-        } else {
-            size_t c;
-
-            for (c = 0, i = 0; i < 16; ++i) {
-                /*
-                 * + substitutes for |, because c is 1 bit
-                 */
-                c += ((size_t)tweak.c[i]) << 1;
-                tweak1.c[i] = (u8)c;
-                c = c >> 8;
-            }
-            tweak1.c[0] ^= (u8)(0x87 & (0 - c));
-        }
-#if defined(STRICT_ALIGNMENT)
-        memcpy(scratch.c, inp, 16);
-        scratch.u[0] ^= tweak1.u[0];
-        scratch.u[1] ^= tweak1.u[1];
-#else
-        scratch.u[0] = ((u64 *)inp)[0] ^ tweak1.u[0];
-        scratch.u[1] = ((u64 *)inp)[1] ^ tweak1.u[1];
-#endif
-        (*ctx->block1) (scratch.c, scratch.c, ctx->key1);
-        scratch.u[0] ^= tweak1.u[0];
-        scratch.u[1] ^= tweak1.u[1];
-
-        for (i = 0; i < len; ++i) {
-            u8 c = inp[16 + i];
-            out[16 + i] = scratch.c[i];
-            scratch.c[i] = c;
-        }
-        scratch.u[0] ^= tweak.u[0];
-        scratch.u[1] ^= tweak.u[1];
-        (*ctx->block1) (scratch.c, scratch.c, ctx->key1);
-#if defined(STRICT_ALIGNMENT)
-        scratch.u[0] ^= tweak.u[0];
-        scratch.u[1] ^= tweak.u[1];
-        memcpy(out, scratch.c, 16);
-#else
-        ((u64 *)out)[0] = scratch.u[0] ^ tweak.u[0];
-        ((u64 *)out)[1] = scratch.u[1] ^ tweak.u[1];
-#endif
-    }
-
-    return 0;
-}
diff --git a/thirdparty/openssl/crypto/o_dir.c b/thirdparty/openssl/crypto/o_dir.c
deleted file mode 100644
index fb3b2fd8e4..0000000000
--- a/thirdparty/openssl/crypto/o_dir.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/* crypto/o_dir.c */
-/*
- * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
- * 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <errno.h>
-#include <e_os.h>
-
-/*
- * The routines really come from the Levitte Programming, so to make life
- * simple, let's just use the raw files and hack the symbols to fit our
- * namespace.
- */
-#define LP_DIR_CTX OPENSSL_DIR_CTX
-#define LP_dir_context_st OPENSSL_dir_context_st
-#define LP_find_file OPENSSL_DIR_read
-#define LP_find_file_end OPENSSL_DIR_end
-
-#include "o_dir.h"
-
-#define LPDIR_H
-#if defined OPENSSL_SYS_UNIX || defined DJGPP \
-    || (defined __VMS_VER && __VMS_VER >= 70000000)
-# include "LPdir_unix.c"
-#elif defined OPENSSL_SYS_VMS
-# include "LPdir_vms.c"
-#elif defined OPENSSL_SYS_WIN32
-# include "LPdir_win32.c"
-#elif defined OPENSSL_SYS_WINCE
-# include "LPdir_wince.c"
-#else
-# include "LPdir_nyi.c"
-#endif
diff --git a/thirdparty/openssl/crypto/o_dir.h b/thirdparty/openssl/crypto/o_dir.h
deleted file mode 100644
index bf45a14d02..0000000000
--- a/thirdparty/openssl/crypto/o_dir.h
+++ /dev/null
@@ -1,55 +0,0 @@
-/* crypto/o_dir.h */
-/*
- * Copied from Richard Levitte's (richard@levitte.org) LP library.  All
- * symbol names have been changed, with permission from the author.
- */
-
-/* $LP: LPlib/source/LPdir.h,v 1.1 2004/06/14 08:56:04 _cvs_levitte Exp $ */
-/*
- * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef O_DIR_H
-# define O_DIR_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct OPENSSL_dir_context_st OPENSSL_DIR_CTX;
-
-  /*
-   * returns NULL on error or end-of-directory. If it is end-of-directory,
-   * errno will be zero
-   */
-const char *OPENSSL_DIR_read(OPENSSL_DIR_CTX **ctx, const char *directory);
-  /* returns 1 on success, 0 on error */
-int OPENSSL_DIR_end(OPENSSL_DIR_CTX **ctx);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif                          /* LPDIR_H */
diff --git a/thirdparty/openssl/crypto/o_fips.c b/thirdparty/openssl/crypto/o_fips.c
deleted file mode 100644
index f56d5bb79d..0000000000
--- a/thirdparty/openssl/crypto/o_fips.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/*
- * Written by Stephen henson (steve@openssl.org) for the OpenSSL project
- * 2011.
- */
-/* ====================================================================
- * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-# include <openssl/fips_rand.h>
-# include <openssl/rand.h>
-#endif
-
-int FIPS_mode(void)
-{
-    OPENSSL_init();
-#ifdef OPENSSL_FIPS
-    return FIPS_module_mode();
-#else
-    return 0;
-#endif
-}
-
-int FIPS_mode_set(int r)
-{
-    OPENSSL_init();
-#ifdef OPENSSL_FIPS
-# ifndef FIPS_AUTH_USER_PASS
-#  define FIPS_AUTH_USER_PASS     "Default FIPS Crypto User Password"
-# endif
-    if (!FIPS_module_mode_set(r, FIPS_AUTH_USER_PASS))
-        return 0;
-    if (r)
-        RAND_set_rand_method(FIPS_rand_get_method());
-    else
-        RAND_set_rand_method(NULL);
-    return 1;
-#else
-    if (r == 0)
-        return 1;
-    CRYPTOerr(CRYPTO_F_FIPS_MODE_SET, CRYPTO_R_FIPS_MODE_NOT_SUPPORTED);
-    return 0;
-#endif
-}
diff --git a/thirdparty/openssl/crypto/o_init.c b/thirdparty/openssl/crypto/o_init.c
deleted file mode 100644
index 185841ea04..0000000000
--- a/thirdparty/openssl/crypto/o_init.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/* o_init.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <e_os.h>
-#include <openssl/err.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-# include <openssl/rand.h>
-#endif
-
-/*
- * Perform any essential OpenSSL initialization operations. Currently only
- * sets FIPS callbacks
- */
-
-void OPENSSL_init(void)
-{
-    static int done = 0;
-    if (done)
-        return;
-    done = 1;
-#ifdef OPENSSL_FIPS
-    FIPS_set_locking_callbacks(CRYPTO_lock, CRYPTO_add_lock);
-# ifndef OPENSSL_NO_DEPRECATED
-    FIPS_crypto_set_id_callback(CRYPTO_thread_id);
-# endif
-    FIPS_set_error_callbacks(ERR_put_error, ERR_add_error_vdata);
-    FIPS_set_malloc_callbacks(CRYPTO_malloc, CRYPTO_free);
-    RAND_init_fips();
-#endif
-#if 0
-    fprintf(stderr, "Called OPENSSL_init\n");
-#endif
-}
diff --git a/thirdparty/openssl/crypto/o_str.c b/thirdparty/openssl/crypto/o_str.c
deleted file mode 100644
index 1854798e2c..0000000000
--- a/thirdparty/openssl/crypto/o_str.c
+++ /dev/null
@@ -1,119 +0,0 @@
-/* crypto/o_str.c */
-/*
- * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
- * 2003.
- */
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <ctype.h>
-#include <e_os.h>
-// -- GODOT start --
-#include <openssl/opensslconf.h>
-// -- GODOT end --
-#include "o_str.h"
-
-#if !defined(OPENSSL_IMPLEMENTS_strncasecmp) && \
-    !defined(OPENSSL_SYSNAME_WIN32) && !defined(OPENSSL_SYSNAME_WINCE) && \
-    !defined(NETWARE_CLIB)
-# include <strings.h>
-#endif
-
-int OPENSSL_strncasecmp(const char *str1, const char *str2, size_t n)
-{
-#if defined(OPENSSL_IMPLEMENTS_strncasecmp)
-    while (*str1 && *str2 && n) {
-        int res = toupper(*str1) - toupper(*str2);
-        if (res)
-            return res < 0 ? -1 : 1;
-        str1++;
-        str2++;
-        n--;
-    }
-    if (n == 0)
-        return 0;
-    if (*str1)
-        return 1;
-    if (*str2)
-        return -1;
-    return 0;
-#else
-    /*
-     * Recursion hazard warning! Whenever strncasecmp is #defined as
-     * OPENSSL_strncasecmp, OPENSSL_IMPLEMENTS_strncasecmp must be defined as
-     * well.
-     */
-    return strncasecmp(str1, str2, n);
-#endif
-}
-
-int OPENSSL_strcasecmp(const char *str1, const char *str2)
-{
-#if defined(OPENSSL_IMPLEMENTS_strncasecmp)
-    return OPENSSL_strncasecmp(str1, str2, (size_t)-1);
-#else
-    return strcasecmp(str1, str2);
-#endif
-}
-
-int OPENSSL_memcmp(const void *v1, const void *v2, size_t n)
-{
-    const unsigned char *c1 = v1, *c2 = v2;
-    int ret = 0;
-
-    while (n && (ret = *c1 - *c2) == 0)
-        n--, c1++, c2++;
-
-    return ret;
-}
diff --git a/thirdparty/openssl/crypto/o_str.h b/thirdparty/openssl/crypto/o_str.h
deleted file mode 100644
index fa512eb397..0000000000
--- a/thirdparty/openssl/crypto/o_str.h
+++ /dev/null
@@ -1,69 +0,0 @@
-/* crypto/o_str.h */
-/*
- * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
- * 2003.
- */
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_O_STR_H
-# define HEADER_O_STR_H
-
-# include <stddef.h>            /* to get size_t */
-
-int OPENSSL_strcasecmp(const char *str1, const char *str2);
-int OPENSSL_strncasecmp(const char *str1, const char *str2, size_t n);
-int OPENSSL_memcmp(const void *p1, const void *p2, size_t n);
-
-#endif
diff --git a/thirdparty/openssl/crypto/o_time.c b/thirdparty/openssl/crypto/o_time.c
deleted file mode 100755
index 04d805d9a9..0000000000
--- a/thirdparty/openssl/crypto/o_time.c
+++ /dev/null
@@ -1,474 +0,0 @@
-/* crypto/o_time.c */
-/*
- * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
- * 2001.
- */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2008.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/e_os2.h>
-#include <string.h>
-#include "o_time.h"
-
-#ifdef OPENSSL_SYS_VMS
-# if __CRTL_VER >= 70000000 && \
-     (defined _POSIX_C_SOURCE || !defined _ANSI_C_SOURCE)
-#  define VMS_GMTIME_OK
-# endif
-# ifndef VMS_GMTIME_OK
-#  include <libdtdef.h>
-#  include <lib$routines.h>
-#  include <lnmdef.h>
-#  include <starlet.h>
-#  include <descrip.h>
-#  include <stdlib.h>
-# endif                         /* ndef VMS_GMTIME_OK */
-
-
-/*
- * Needed to pick up the correct definitions and declarations in some of the
- * DEC C Header Files (*.H).
- */
-# define __NEW_STARLET 1
-
-# if (defined(__alpha) || defined(__ia64))
-#  include <iledef.h>
-# else
-
-/* VAX */
-typedef struct _ile3 {          /* Copied from ILEDEF.H for Alpha   */
-#  pragma __nomember_alignment
-    unsigned short int ile3$w_length;        /* Length of buffer in bytes */
-    unsigned short int ile3$w_code;          /* Item code value */
-    void *ile3$ps_bufaddr;                   /* Buffer address */
-    unsigned short int *ile3$ps_retlen_addr; /* Address of word for returned length */
-} ILE3;
-# endif   /* alpha || ia64    */
-#endif    /* OPENSSL_SYS_VMS  */
-
-struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
-{
-    struct tm *ts = NULL;
-
-#if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_MACOSX) && !defined(OPENSSL_SYS_SUNOS)
-    if (gmtime_r(timer, result) == NULL)
-        return NULL;
-    ts = result;
-#elif !defined(OPENSSL_SYS_VMS) || defined(VMS_GMTIME_OK)
-    ts = gmtime(timer);
-    if (ts == NULL)
-        return NULL;
-
-    memcpy(result, ts, sizeof(struct tm));
-    ts = result;
-#endif
-#if defined( OPENSSL_SYS_VMS) && !defined( VMS_GMTIME_OK)
-    if (ts == NULL) {
-        static $DESCRIPTOR(tabnam, "LNM$DCL_LOGICAL");
-        static $DESCRIPTOR(lognam, "SYS$TIMEZONE_DIFFERENTIAL");
-        char logvalue[256];
-        unsigned int reslen = 0;
-# if __INITIAL_POINTER_SIZE == 64
-        ILEB_64 itemlist[2], *pitem;
-# else
-        ILE3 itemlist[2], *pitem;
-# endif
-        int status;
-        time_t t;
-
-
-        /*
-         * Setup an itemlist for the call to $TRNLNM - Translate Logical Name.
-         */
-        pitem = itemlist;
-
-# if __INITIAL_POINTER_SIZE == 64
-        pitem->ileb_64$w_mbo = 1;
-        pitem->ileb_64$w_code = LNM$_STRING;
-        pitem->ileb_64$l_mbmo = -1;
-        pitem->ileb_64$q_length = sizeof (logvalue);
-        pitem->ileb_64$pq_bufaddr = logvalue;
-        pitem->ileb_64$pq_retlen_addr = (unsigned __int64 *) &reslen;
-        pitem++;
-        /* Last item of the item list is null terminated */
-        pitem->ileb_64$q_length = pitem->ileb_64$w_code = 0;
-# else
-        pitem->ile3$w_length = sizeof (logvalue);
-        pitem->ile3$w_code = LNM$_STRING;
-        pitem->ile3$ps_bufaddr = logvalue;
-        pitem->ile3$ps_retlen_addr = (unsigned short int *) &reslen;
-        pitem++;
-        /* Last item of the item list is null terminated */
-        pitem->ile3$w_length = pitem->ile3$w_code = 0;
-# endif
-
-
-        /* Get the value for SYS$TIMEZONE_DIFFERENTIAL */
-        status = sys$trnlnm(0, &tabnam, &lognam, 0, itemlist);
-        if (!(status & 1))
-            return NULL;
-        logvalue[reslen] = '\0';
-
-        t = *timer;
-
-        /* The following is extracted from the DEC C header time.h */
-        /*
-         **  Beginning in OpenVMS Version 7.0 mktime, time, ctime, strftime
-         **  have two implementations.  One implementation is provided
-         **  for compatibility and deals with time in terms of local time,
-         **  the other __utc_* deals with time in terms of UTC.
-         */
-        /*
-         * We use the same conditions as in said time.h to check if we should
-         * assume that t contains local time (and should therefore be
-         * adjusted) or UTC (and should therefore be left untouched).
-         */
-# if __CRTL_VER < 70000000 || defined _VMS_V6_SOURCE
-        /* Get the numerical value of the equivalence string */
-        status = atoi(logvalue);
-
-        /* and use it to move time to GMT */
-        t -= status;
-# endif
-
-        /* then convert the result to the time structure */
-
-        /*
-         * Since there was no gmtime_r() to do this stuff for us, we have to
-         * do it the hard way.
-         */
-        {
-            /*-
-             * The VMS epoch is the astronomical Smithsonian date,
-               if I remember correctly, which is November 17, 1858.
-               Furthermore, time is measure in thenths of microseconds
-               and stored in quadwords (64 bit integers).  unix_epoch
-               below is January 1st 1970 expressed as a VMS time.  The
-               following code was used to get this number:
-
-               #include <stdio.h>
-               #include <stdlib.h>
-               #include <lib$routines.h>
-               #include <starlet.h>
-
-               main()
-               {
-                 unsigned long systime[2];
-                 unsigned short epoch_values[7] =
-                   { 1970, 1, 1, 0, 0, 0, 0 };
-
-                 lib$cvt_vectim(epoch_values, systime);
-
-                 printf("%u %u", systime[0], systime[1]);
-               }
-            */
-            unsigned long unix_epoch[2] = { 1273708544, 8164711 };
-            unsigned long deltatime[2];
-            unsigned long systime[2];
-            struct vms_vectime {
-                short year, month, day, hour, minute, second, centi_second;
-            } time_values;
-            long operation;
-
-            /*
-             * Turn the number of seconds since January 1st 1970 to an
-             * internal delta time. Note that lib$cvt_to_internal_time() will
-             * assume that t is signed, and will therefore break on 32-bit
-             * systems some time in 2038.
-             */
-            operation = LIB$K_DELTA_SECONDS;
-            status = lib$cvt_to_internal_time(&operation, &t, deltatime);
-
-            /*
-             * Add the delta time with the Unix epoch and we have the current
-             * UTC time in internal format
-             */
-            status = lib$add_times(unix_epoch, deltatime, systime);
-
-            /* Turn the internal time into a time vector */
-            status = sys$numtim(&time_values, systime);
-
-            /* Fill in the struct tm with the result */
-            result->tm_sec = time_values.second;
-            result->tm_min = time_values.minute;
-            result->tm_hour = time_values.hour;
-            result->tm_mday = time_values.day;
-            result->tm_mon = time_values.month - 1;
-            result->tm_year = time_values.year - 1900;
-
-            operation = LIB$K_DAY_OF_WEEK;
-            status = lib$cvt_from_internal_time(&operation,
-                                                &result->tm_wday, systime);
-            result->tm_wday %= 7;
-
-            operation = LIB$K_DAY_OF_YEAR;
-            status = lib$cvt_from_internal_time(&operation,
-                                                &result->tm_yday, systime);
-            result->tm_yday--;
-
-            result->tm_isdst = 0; /* There's no way to know... */
-
-            ts = result;
-        }
-    }
-#endif
-    return ts;
-}
-
-/*
- * Take a tm structure and add an offset to it. This avoids any OS issues
- * with restricted date types and overflows which cause the year 2038
- * problem.
- */
-
-#define SECS_PER_DAY (24 * 60 * 60)
-
-static long date_to_julian(int y, int m, int d);
-static void julian_to_date(long jd, int *y, int *m, int *d);
-static int julian_adj(const struct tm *tm, int off_day, long offset_sec,
-                      long *pday, int *psec);
-
-int OPENSSL_gmtime_adj(struct tm *tm, int off_day, long offset_sec)
-{
-    int time_sec, time_year, time_month, time_day;
-    long time_jd;
-
-    /* Convert time and offset into julian day and seconds */
-    if (!julian_adj(tm, off_day, offset_sec, &time_jd, &time_sec))
-        return 0;
-
-    /* Convert Julian day back to date */
-
-    julian_to_date(time_jd, &time_year, &time_month, &time_day);
-
-    if (time_year < 1900 || time_year > 9999)
-        return 0;
-
-    /* Update tm structure */
-
-    tm->tm_year = time_year - 1900;
-    tm->tm_mon = time_month - 1;
-    tm->tm_mday = time_day;
-
-    tm->tm_hour = time_sec / 3600;
-    tm->tm_min = (time_sec / 60) % 60;
-    tm->tm_sec = time_sec % 60;
-
-    return 1;
-
-}
-
-int OPENSSL_gmtime_diff(int *pday, int *psec,
-                        const struct tm *from, const struct tm *to)
-{
-    int from_sec, to_sec, diff_sec;
-    long from_jd, to_jd, diff_day;
-    if (!julian_adj(from, 0, 0, &from_jd, &from_sec))
-        return 0;
-    if (!julian_adj(to, 0, 0, &to_jd, &to_sec))
-        return 0;
-    diff_day = to_jd - from_jd;
-    diff_sec = to_sec - from_sec;
-    /* Adjust differences so both positive or both negative */
-    if (diff_day > 0 && diff_sec < 0) {
-        diff_day--;
-        diff_sec += SECS_PER_DAY;
-    }
-    if (diff_day < 0 && diff_sec > 0) {
-        diff_day++;
-        diff_sec -= SECS_PER_DAY;
-    }
-
-    if (pday)
-        *pday = (int)diff_day;
-    if (psec)
-        *psec = diff_sec;
-
-    return 1;
-
-}
-
-/* Convert tm structure and offset into julian day and seconds */
-static int julian_adj(const struct tm *tm, int off_day, long offset_sec,
-                      long *pday, int *psec)
-{
-    int offset_hms, offset_day;
-    long time_jd;
-    int time_year, time_month, time_day;
-    /* split offset into days and day seconds */
-    offset_day = offset_sec / SECS_PER_DAY;
-    /* Avoid sign issues with % operator */
-    offset_hms = offset_sec - (offset_day * SECS_PER_DAY);
-    offset_day += off_day;
-    /* Add current time seconds to offset */
-    offset_hms += tm->tm_hour * 3600 + tm->tm_min * 60 + tm->tm_sec;
-    /* Adjust day seconds if overflow */
-    if (offset_hms >= SECS_PER_DAY) {
-        offset_day++;
-        offset_hms -= SECS_PER_DAY;
-    } else if (offset_hms < 0) {
-        offset_day--;
-        offset_hms += SECS_PER_DAY;
-    }
-
-    /*
-     * Convert date of time structure into a Julian day number.
-     */
-
-    time_year = tm->tm_year + 1900;
-    time_month = tm->tm_mon + 1;
-    time_day = tm->tm_mday;
-
-    time_jd = date_to_julian(time_year, time_month, time_day);
-
-    /* Work out Julian day of new date */
-    time_jd += offset_day;
-
-    if (time_jd < 0)
-        return 0;
-
-    *pday = time_jd;
-    *psec = offset_hms;
-    return 1;
-}
-
-/*
- * Convert date to and from julian day Uses Fliegel & Van Flandern algorithm
- */
-static long date_to_julian(int y, int m, int d)
-{
-    return (1461 * (y + 4800 + (m - 14) / 12)) / 4 +
-        (367 * (m - 2 - 12 * ((m - 14) / 12))) / 12 -
-        (3 * ((y + 4900 + (m - 14) / 12) / 100)) / 4 + d - 32075;
-}
-
-static void julian_to_date(long jd, int *y, int *m, int *d)
-{
-    long L = jd + 68569;
-    long n = (4 * L) / 146097;
-    long i, j;
-
-    L = L - (146097 * n + 3) / 4;
-    i = (4000 * (L + 1)) / 1461001;
-    L = L - (1461 * i) / 4 + 31;
-    j = (80 * L) / 2447;
-    *d = L - (2447 * j) / 80;
-    L = j / 11;
-    *m = j + 2 - (12 * L);
-    *y = 100 * (n - 49) + i + L;
-}
-
-#ifdef OPENSSL_TIME_TEST
-
-# include <stdio.h>
-
-/*
- * Time checking test code. Check times are identical for a wide range of
- * offsets. This should be run on a machine with 64 bit time_t or it will
- * trigger the very errors the routines fix.
- */
-
-int main(int argc, char **argv)
-{
-    long offset;
-    for (offset = 0; offset < 1000000; offset++) {
-        check_time(offset);
-        check_time(-offset);
-        check_time(offset * 1000);
-        check_time(-offset * 1000);
-    }
-}
-
-int check_time(long offset)
-{
-    struct tm tm1, tm2, o1;
-    int off_day, off_sec;
-    long toffset;
-    time_t t1, t2;
-    time(&t1);
-    t2 = t1 + offset;
-    OPENSSL_gmtime(&t2, &tm2);
-    OPENSSL_gmtime(&t1, &tm1);
-    o1 = tm1;
-    OPENSSL_gmtime_adj(&tm1, 0, offset);
-    if ((tm1.tm_year != tm2.tm_year) ||
-        (tm1.tm_mon != tm2.tm_mon) ||
-        (tm1.tm_mday != tm2.tm_mday) ||
-        (tm1.tm_hour != tm2.tm_hour) ||
-        (tm1.tm_min != tm2.tm_min) || (tm1.tm_sec != tm2.tm_sec)) {
-        fprintf(stderr, "TIME ERROR!!\n");
-        fprintf(stderr, "Time1: %d/%d/%d, %d:%02d:%02d\n",
-                tm2.tm_mday, tm2.tm_mon + 1, tm2.tm_year + 1900,
-                tm2.tm_hour, tm2.tm_min, tm2.tm_sec);
-        fprintf(stderr, "Time2: %d/%d/%d, %d:%02d:%02d\n",
-                tm1.tm_mday, tm1.tm_mon + 1, tm1.tm_year + 1900,
-                tm1.tm_hour, tm1.tm_min, tm1.tm_sec);
-        return 0;
-    }
-    OPENSSL_gmtime_diff(&o1, &tm1, &off_day, &off_sec);
-    toffset = (long)off_day *SECS_PER_DAY + off_sec;
-    if (offset != toffset) {
-        fprintf(stderr, "TIME OFFSET ERROR!!\n");
-        fprintf(stderr, "Expected %ld, Got %ld (%d:%d)\n",
-                offset, toffset, off_day, off_sec);
-        return 0;
-    }
-    return 1;
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/o_time.h b/thirdparty/openssl/crypto/o_time.h
deleted file mode 100644
index f192c6dccf..0000000000
--- a/thirdparty/openssl/crypto/o_time.h
+++ /dev/null
@@ -1,70 +0,0 @@
-/* crypto/o_time.h */
-/*
- * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_O_TIME_H
-# define HEADER_O_TIME_H
-
-# include <time.h>
-
-struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result);
-int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec);
-int OPENSSL_gmtime_diff(int *pday, int *psec,
-                        const struct tm *from, const struct tm *to);
-
-#endif
diff --git a/thirdparty/openssl/crypto/objects/o_names.c b/thirdparty/openssl/crypto/objects/o_names.c
deleted file mode 100644
index f106905ffa..0000000000
--- a/thirdparty/openssl/crypto/objects/o_names.c
+++ /dev/null
@@ -1,367 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/err.h>
-#include <openssl/lhash.h>
-#include <openssl/objects.h>
-#include <openssl/safestack.h>
-#include <openssl/e_os2.h>
-
-/*
- * Later versions of DEC C has started to add lnkage information to certain
- * functions, which makes it tricky to use them as values to regular function
- * pointers.  One way is to define a macro that takes care of casting them
- * correctly.
- */
-#ifdef OPENSSL_SYS_VMS_DECC
-# define OPENSSL_strcmp (int (*)(const char *,const char *))strcmp
-#else
-# define OPENSSL_strcmp strcmp
-#endif
-
-/*
- * I use the ex_data stuff to manage the identifiers for the obj_name_types
- * that applications may define.  I only really use the free function field.
- */
-DECLARE_LHASH_OF(OBJ_NAME);
-static LHASH_OF(OBJ_NAME) *names_lh = NULL;
-static int names_type_num = OBJ_NAME_TYPE_NUM;
-
-typedef struct name_funcs_st {
-    unsigned long (*hash_func) (const char *name);
-    int (*cmp_func) (const char *a, const char *b);
-    void (*free_func) (const char *, int, const char *);
-} NAME_FUNCS;
-
-DECLARE_STACK_OF(NAME_FUNCS)
-IMPLEMENT_STACK_OF(NAME_FUNCS)
-
-static STACK_OF(NAME_FUNCS) *name_funcs_stack;
-
-/*
- * The LHASH callbacks now use the raw "void *" prototypes and do
- * per-variable casting in the functions. This prevents function pointer
- * casting without the need for macro-generated wrapper functions.
- */
-
-/* static unsigned long obj_name_hash(OBJ_NAME *a); */
-static unsigned long obj_name_hash(const void *a_void);
-/* static int obj_name_cmp(OBJ_NAME *a,OBJ_NAME *b); */
-static int obj_name_cmp(const void *a_void, const void *b_void);
-
-static IMPLEMENT_LHASH_HASH_FN(obj_name, OBJ_NAME)
-static IMPLEMENT_LHASH_COMP_FN(obj_name, OBJ_NAME)
-
-int OBJ_NAME_init(void)
-{
-    if (names_lh != NULL)
-        return (1);
-    MemCheck_off();
-    names_lh = lh_OBJ_NAME_new();
-    MemCheck_on();
-    return (names_lh != NULL);
-}
-
-int OBJ_NAME_new_index(unsigned long (*hash_func) (const char *),
-                       int (*cmp_func) (const char *, const char *),
-                       void (*free_func) (const char *, int, const char *))
-{
-    int ret;
-    int i;
-    NAME_FUNCS *name_funcs;
-
-    if (name_funcs_stack == NULL) {
-        MemCheck_off();
-        name_funcs_stack = sk_NAME_FUNCS_new_null();
-        MemCheck_on();
-    }
-    if (name_funcs_stack == NULL) {
-        /* ERROR */
-        return (0);
-    }
-    ret = names_type_num;
-    names_type_num++;
-    for (i = sk_NAME_FUNCS_num(name_funcs_stack); i < names_type_num; i++) {
-        MemCheck_off();
-        name_funcs = OPENSSL_malloc(sizeof(NAME_FUNCS));
-        MemCheck_on();
-        if (!name_funcs) {
-            OBJerr(OBJ_F_OBJ_NAME_NEW_INDEX, ERR_R_MALLOC_FAILURE);
-            return (0);
-        }
-        name_funcs->hash_func = lh_strhash;
-        name_funcs->cmp_func = OPENSSL_strcmp;
-        name_funcs->free_func = 0; /* NULL is often declared to * ((void
-                                    * *)0), which according * to Compaq C is
-                                    * not really * compatible with a function
-                                    * * pointer.  -- Richard Levitte */
-        MemCheck_off();
-        sk_NAME_FUNCS_push(name_funcs_stack, name_funcs);
-        MemCheck_on();
-    }
-    name_funcs = sk_NAME_FUNCS_value(name_funcs_stack, ret);
-    if (hash_func != NULL)
-        name_funcs->hash_func = hash_func;
-    if (cmp_func != NULL)
-        name_funcs->cmp_func = cmp_func;
-    if (free_func != NULL)
-        name_funcs->free_func = free_func;
-    return (ret);
-}
-
-/* static int obj_name_cmp(OBJ_NAME *a, OBJ_NAME *b) */
-static int obj_name_cmp(const void *a_void, const void *b_void)
-{
-    int ret;
-    const OBJ_NAME *a = (const OBJ_NAME *)a_void;
-    const OBJ_NAME *b = (const OBJ_NAME *)b_void;
-
-    ret = a->type - b->type;
-    if (ret == 0) {
-        if ((name_funcs_stack != NULL)
-            && (sk_NAME_FUNCS_num(name_funcs_stack) > a->type)) {
-            ret = sk_NAME_FUNCS_value(name_funcs_stack,
-                                      a->type)->cmp_func(a->name, b->name);
-        } else
-            ret = strcmp(a->name, b->name);
-    }
-    return (ret);
-}
-
-/* static unsigned long obj_name_hash(OBJ_NAME *a) */
-static unsigned long obj_name_hash(const void *a_void)
-{
-    unsigned long ret;
-    const OBJ_NAME *a = (const OBJ_NAME *)a_void;
-
-    if ((name_funcs_stack != NULL)
-        && (sk_NAME_FUNCS_num(name_funcs_stack) > a->type)) {
-        ret =
-            sk_NAME_FUNCS_value(name_funcs_stack,
-                                a->type)->hash_func(a->name);
-    } else {
-        ret = lh_strhash(a->name);
-    }
-    ret ^= a->type;
-    return (ret);
-}
-
-const char *OBJ_NAME_get(const char *name, int type)
-{
-    OBJ_NAME on, *ret;
-    int num = 0, alias;
-
-    if (name == NULL)
-        return (NULL);
-    if ((names_lh == NULL) && !OBJ_NAME_init())
-        return (NULL);
-
-    alias = type & OBJ_NAME_ALIAS;
-    type &= ~OBJ_NAME_ALIAS;
-
-    on.name = name;
-    on.type = type;
-
-    for (;;) {
-        ret = lh_OBJ_NAME_retrieve(names_lh, &on);
-        if (ret == NULL)
-            return (NULL);
-        if ((ret->alias) && !alias) {
-            if (++num > 10)
-                return (NULL);
-            on.name = ret->data;
-        } else {
-            return (ret->data);
-        }
-    }
-}
-
-int OBJ_NAME_add(const char *name, int type, const char *data)
-{
-    OBJ_NAME *onp, *ret;
-    int alias;
-
-    if ((names_lh == NULL) && !OBJ_NAME_init())
-        return (0);
-
-    alias = type & OBJ_NAME_ALIAS;
-    type &= ~OBJ_NAME_ALIAS;
-
-    onp = (OBJ_NAME *)OPENSSL_malloc(sizeof(OBJ_NAME));
-    if (onp == NULL) {
-        /* ERROR */
-        return 0;
-    }
-
-    onp->name = name;
-    onp->alias = alias;
-    onp->type = type;
-    onp->data = data;
-
-    ret = lh_OBJ_NAME_insert(names_lh, onp);
-    if (ret != NULL) {
-        /* free things */
-        if ((name_funcs_stack != NULL)
-            && (sk_NAME_FUNCS_num(name_funcs_stack) > ret->type)) {
-            /*
-             * XXX: I'm not sure I understand why the free function should
-             * get three arguments... -- Richard Levitte
-             */
-            sk_NAME_FUNCS_value(name_funcs_stack,
-                                ret->type)->free_func(ret->name, ret->type,
-                                                      ret->data);
-        }
-        OPENSSL_free(ret);
-    } else {
-        if (lh_OBJ_NAME_error(names_lh)) {
-            /* ERROR */
-            OPENSSL_free(onp);
-            return 0;
-        }
-    }
-    return 1;
-}
-
-int OBJ_NAME_remove(const char *name, int type)
-{
-    OBJ_NAME on, *ret;
-
-    if (names_lh == NULL)
-        return (0);
-
-    type &= ~OBJ_NAME_ALIAS;
-    on.name = name;
-    on.type = type;
-    ret = lh_OBJ_NAME_delete(names_lh, &on);
-    if (ret != NULL) {
-        /* free things */
-        if ((name_funcs_stack != NULL)
-            && (sk_NAME_FUNCS_num(name_funcs_stack) > ret->type)) {
-            /*
-             * XXX: I'm not sure I understand why the free function should
-             * get three arguments... -- Richard Levitte
-             */
-            sk_NAME_FUNCS_value(name_funcs_stack,
-                                ret->type)->free_func(ret->name, ret->type,
-                                                      ret->data);
-        }
-        OPENSSL_free(ret);
-        return (1);
-    } else
-        return (0);
-}
-
-struct doall {
-    int type;
-    void (*fn) (const OBJ_NAME *, void *arg);
-    void *arg;
-};
-
-static void do_all_fn_doall_arg(const OBJ_NAME *name, struct doall *d)
-{
-    if (name->type == d->type)
-        d->fn(name, d->arg);
-}
-
-static IMPLEMENT_LHASH_DOALL_ARG_FN(do_all_fn, const OBJ_NAME, struct doall)
-
-void OBJ_NAME_do_all(int type, void (*fn) (const OBJ_NAME *, void *arg),
-                     void *arg)
-{
-    struct doall d;
-
-    d.type = type;
-    d.fn = fn;
-    d.arg = arg;
-
-    lh_OBJ_NAME_doall_arg(names_lh, LHASH_DOALL_ARG_FN(do_all_fn),
-                          struct doall, &d);
-}
-
-struct doall_sorted {
-    int type;
-    int n;
-    const OBJ_NAME **names;
-};
-
-static void do_all_sorted_fn(const OBJ_NAME *name, void *d_)
-{
-    struct doall_sorted *d = d_;
-
-    if (name->type != d->type)
-        return;
-
-    d->names[d->n++] = name;
-}
-
-static int do_all_sorted_cmp(const void *n1_, const void *n2_)
-{
-    const OBJ_NAME *const *n1 = n1_;
-    const OBJ_NAME *const *n2 = n2_;
-
-    return strcmp((*n1)->name, (*n2)->name);
-}
-
-void OBJ_NAME_do_all_sorted(int type,
-                            void (*fn) (const OBJ_NAME *, void *arg),
-                            void *arg)
-{
-    struct doall_sorted d;
-    int n;
-
-    d.type = type;
-    d.names =
-        OPENSSL_malloc(lh_OBJ_NAME_num_items(names_lh) * sizeof *d.names);
-    /* Really should return an error if !d.names...but its a void function! */
-    if (d.names) {
-        d.n = 0;
-        OBJ_NAME_do_all(type, do_all_sorted_fn, &d);
-
-        qsort((void *)d.names, d.n, sizeof *d.names, do_all_sorted_cmp);
-
-        for (n = 0; n < d.n; ++n)
-            fn(d.names[n], arg);
-
-        OPENSSL_free((void *)d.names);
-    }
-}
-
-static int free_type;
-
-static void names_lh_free_doall(OBJ_NAME *onp)
-{
-    if (onp == NULL)
-        return;
-
-    if (free_type < 0 || free_type == onp->type)
-        OBJ_NAME_remove(onp->name, onp->type);
-}
-
-static IMPLEMENT_LHASH_DOALL_FN(names_lh_free, OBJ_NAME)
-
-static void name_funcs_free(NAME_FUNCS *ptr)
-{
-    OPENSSL_free(ptr);
-}
-
-void OBJ_NAME_cleanup(int type)
-{
-    unsigned long down_load;
-
-    if (names_lh == NULL)
-        return;
-
-    free_type = type;
-    down_load = lh_OBJ_NAME_down_load(names_lh);
-    lh_OBJ_NAME_down_load(names_lh) = 0;
-
-    lh_OBJ_NAME_doall(names_lh, LHASH_DOALL_FN(names_lh_free));
-    if (type < 0) {
-        lh_OBJ_NAME_free(names_lh);
-        sk_NAME_FUNCS_pop_free(name_funcs_stack, name_funcs_free);
-        names_lh = NULL;
-        name_funcs_stack = NULL;
-    } else
-        lh_OBJ_NAME_down_load(names_lh) = down_load;
-}
diff --git a/thirdparty/openssl/crypto/objects/obj_dat.c b/thirdparty/openssl/crypto/objects/obj_dat.c
deleted file mode 100644
index aca382a6e9..0000000000
--- a/thirdparty/openssl/crypto/objects/obj_dat.c
+++ /dev/null
@@ -1,801 +0,0 @@
-/* crypto/objects/obj_dat.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include <limits.h>
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/bn.h>
-
-/* obj_dat.h is generated from objects.h by obj_dat.pl */
-#ifndef OPENSSL_NO_OBJECT
-# include "obj_dat.h"
-#else
-/* You will have to load all the objects needed manually in the application */
-# define NUM_NID 0
-# define NUM_SN 0
-# define NUM_LN 0
-# define NUM_OBJ 0
-static const unsigned char lvalues[1];
-static const ASN1_OBJECT nid_objs[1];
-static const unsigned int sn_objs[1];
-static const unsigned int ln_objs[1];
-static const unsigned int obj_objs[1];
-#endif
-
-DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, sn);
-DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, ln);
-DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, obj);
-
-#define ADDED_DATA      0
-#define ADDED_SNAME     1
-#define ADDED_LNAME     2
-#define ADDED_NID       3
-
-typedef struct added_obj_st {
-    int type;
-    ASN1_OBJECT *obj;
-} ADDED_OBJ;
-DECLARE_LHASH_OF(ADDED_OBJ);
-
-static int new_nid = NUM_NID;
-static LHASH_OF(ADDED_OBJ) *added = NULL;
-
-static int sn_cmp(const ASN1_OBJECT *const *a, const unsigned int *b)
-{
-    return (strcmp((*a)->sn, nid_objs[*b].sn));
-}
-
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, sn);
-
-static int ln_cmp(const ASN1_OBJECT *const *a, const unsigned int *b)
-{
-    return (strcmp((*a)->ln, nid_objs[*b].ln));
-}
-
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, ln);
-
-static unsigned long added_obj_hash(const ADDED_OBJ *ca)
-{
-    const ASN1_OBJECT *a;
-    int i;
-    unsigned long ret = 0;
-    unsigned char *p;
-
-    a = ca->obj;
-    switch (ca->type) {
-    case ADDED_DATA:
-        ret = a->length << 20L;
-        p = (unsigned char *)a->data;
-        for (i = 0; i < a->length; i++)
-            ret ^= p[i] << ((i * 3) % 24);
-        break;
-    case ADDED_SNAME:
-        ret = lh_strhash(a->sn);
-        break;
-    case ADDED_LNAME:
-        ret = lh_strhash(a->ln);
-        break;
-    case ADDED_NID:
-        ret = a->nid;
-        break;
-    default:
-        /* abort(); */
-        return 0;
-    }
-    ret &= 0x3fffffffL;
-    ret |= ((unsigned long)ca->type) << 30L;
-    return (ret);
-}
-
-static IMPLEMENT_LHASH_HASH_FN(added_obj, ADDED_OBJ)
-
-static int added_obj_cmp(const ADDED_OBJ *ca, const ADDED_OBJ *cb)
-{
-    ASN1_OBJECT *a, *b;
-    int i;
-
-    i = ca->type - cb->type;
-    if (i)
-        return (i);
-    a = ca->obj;
-    b = cb->obj;
-    switch (ca->type) {
-    case ADDED_DATA:
-        i = (a->length - b->length);
-        if (i)
-            return (i);
-        return (memcmp(a->data, b->data, (size_t)a->length));
-    case ADDED_SNAME:
-        if (a->sn == NULL)
-            return (-1);
-        else if (b->sn == NULL)
-            return (1);
-        else
-            return (strcmp(a->sn, b->sn));
-    case ADDED_LNAME:
-        if (a->ln == NULL)
-            return (-1);
-        else if (b->ln == NULL)
-            return (1);
-        else
-            return (strcmp(a->ln, b->ln));
-    case ADDED_NID:
-        return (a->nid - b->nid);
-    default:
-        /* abort(); */
-        return 0;
-    }
-}
-
-static IMPLEMENT_LHASH_COMP_FN(added_obj, ADDED_OBJ)
-
-static int init_added(void)
-{
-    if (added != NULL)
-        return (1);
-    added = lh_ADDED_OBJ_new();
-    return (added != NULL);
-}
-
-static void cleanup1_doall(ADDED_OBJ *a)
-{
-    a->obj->nid = 0;
-    a->obj->flags |= ASN1_OBJECT_FLAG_DYNAMIC |
-        ASN1_OBJECT_FLAG_DYNAMIC_STRINGS | ASN1_OBJECT_FLAG_DYNAMIC_DATA;
-}
-
-static void cleanup2_doall(ADDED_OBJ *a)
-{
-    a->obj->nid++;
-}
-
-static void cleanup3_doall(ADDED_OBJ *a)
-{
-    if (--a->obj->nid == 0)
-        ASN1_OBJECT_free(a->obj);
-    OPENSSL_free(a);
-}
-
-static IMPLEMENT_LHASH_DOALL_FN(cleanup1, ADDED_OBJ)
-static IMPLEMENT_LHASH_DOALL_FN(cleanup2, ADDED_OBJ)
-static IMPLEMENT_LHASH_DOALL_FN(cleanup3, ADDED_OBJ)
-
-/*
- * The purpose of obj_cleanup_defer is to avoid EVP_cleanup() attempting to
- * use freed up OIDs. If neccessary the actual freeing up of OIDs is delayed.
- */
-int obj_cleanup_defer = 0;
-
-void check_defer(int nid)
-{
-    if (!obj_cleanup_defer && nid >= NUM_NID)
-        obj_cleanup_defer = 1;
-}
-
-void OBJ_cleanup(void)
-{
-    if (obj_cleanup_defer) {
-        obj_cleanup_defer = 2;
-        return;
-    }
-    if (added == NULL)
-        return;
-    lh_ADDED_OBJ_down_load(added) = 0;
-    lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup1)); /* zero counters */
-    lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup2)); /* set counters */
-    lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup3)); /* free objects */
-    lh_ADDED_OBJ_free(added);
-    added = NULL;
-}
-
-int OBJ_new_nid(int num)
-{
-    int i;
-
-    i = new_nid;
-    new_nid += num;
-    return (i);
-}
-
-int OBJ_add_object(const ASN1_OBJECT *obj)
-{
-    ASN1_OBJECT *o;
-    ADDED_OBJ *ao[4] = { NULL, NULL, NULL, NULL }, *aop;
-    int i;
-
-    if (added == NULL)
-        if (!init_added())
-            return (0);
-    if ((o = OBJ_dup(obj)) == NULL)
-        goto err;
-    if (!(ao[ADDED_NID] = (ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ))))
-        goto err2;
-    if ((o->length != 0) && (obj->data != NULL))
-        if (!
-            (ao[ADDED_DATA] = (ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ))))
-            goto err2;
-    if (o->sn != NULL)
-        if (!
-            (ao[ADDED_SNAME] =
-             (ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ))))
-            goto err2;
-    if (o->ln != NULL)
-        if (!
-            (ao[ADDED_LNAME] =
-             (ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ))))
-            goto err2;
-
-    for (i = ADDED_DATA; i <= ADDED_NID; i++) {
-        if (ao[i] != NULL) {
-            ao[i]->type = i;
-            ao[i]->obj = o;
-            aop = lh_ADDED_OBJ_insert(added, ao[i]);
-            /* memory leak, buit should not normally matter */
-            if (aop != NULL)
-                OPENSSL_free(aop);
-        }
-    }
-    o->flags &=
-        ~(ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
-          ASN1_OBJECT_FLAG_DYNAMIC_DATA);
-
-    return (o->nid);
- err2:
-    OBJerr(OBJ_F_OBJ_ADD_OBJECT, ERR_R_MALLOC_FAILURE);
- err:
-    for (i = ADDED_DATA; i <= ADDED_NID; i++)
-        if (ao[i] != NULL)
-            OPENSSL_free(ao[i]);
-    if (o != NULL)
-        OPENSSL_free(o);
-    return (NID_undef);
-}
-
-ASN1_OBJECT *OBJ_nid2obj(int n)
-{
-    ADDED_OBJ ad, *adp;
-    ASN1_OBJECT ob;
-
-    if ((n >= 0) && (n < NUM_NID)) {
-        if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) {
-            OBJerr(OBJ_F_OBJ_NID2OBJ, OBJ_R_UNKNOWN_NID);
-            return (NULL);
-        }
-        return ((ASN1_OBJECT *)&(nid_objs[n]));
-    } else if (added == NULL)
-        return (NULL);
-    else {
-        ad.type = ADDED_NID;
-        ad.obj = &ob;
-        ob.nid = n;
-        adp = lh_ADDED_OBJ_retrieve(added, &ad);
-        if (adp != NULL)
-            return (adp->obj);
-        else {
-            OBJerr(OBJ_F_OBJ_NID2OBJ, OBJ_R_UNKNOWN_NID);
-            return (NULL);
-        }
-    }
-}
-
-const char *OBJ_nid2sn(int n)
-{
-    ADDED_OBJ ad, *adp;
-    ASN1_OBJECT ob;
-
-    if ((n >= 0) && (n < NUM_NID)) {
-        if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) {
-            OBJerr(OBJ_F_OBJ_NID2SN, OBJ_R_UNKNOWN_NID);
-            return (NULL);
-        }
-        return (nid_objs[n].sn);
-    } else if (added == NULL)
-        return (NULL);
-    else {
-        ad.type = ADDED_NID;
-        ad.obj = &ob;
-        ob.nid = n;
-        adp = lh_ADDED_OBJ_retrieve(added, &ad);
-        if (adp != NULL)
-            return (adp->obj->sn);
-        else {
-            OBJerr(OBJ_F_OBJ_NID2SN, OBJ_R_UNKNOWN_NID);
-            return (NULL);
-        }
-    }
-}
-
-const char *OBJ_nid2ln(int n)
-{
-    ADDED_OBJ ad, *adp;
-    ASN1_OBJECT ob;
-
-    if ((n >= 0) && (n < NUM_NID)) {
-        if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) {
-            OBJerr(OBJ_F_OBJ_NID2LN, OBJ_R_UNKNOWN_NID);
-            return (NULL);
-        }
-        return (nid_objs[n].ln);
-    } else if (added == NULL)
-        return (NULL);
-    else {
-        ad.type = ADDED_NID;
-        ad.obj = &ob;
-        ob.nid = n;
-        adp = lh_ADDED_OBJ_retrieve(added, &ad);
-        if (adp != NULL)
-            return (adp->obj->ln);
-        else {
-            OBJerr(OBJ_F_OBJ_NID2LN, OBJ_R_UNKNOWN_NID);
-            return (NULL);
-        }
-    }
-}
-
-static int obj_cmp(const ASN1_OBJECT *const *ap, const unsigned int *bp)
-{
-    int j;
-    const ASN1_OBJECT *a = *ap;
-    const ASN1_OBJECT *b = &nid_objs[*bp];
-
-    j = (a->length - b->length);
-    if (j)
-        return (j);
-    if (a->length == 0)
-        return 0;
-    return (memcmp(a->data, b->data, a->length));
-}
-
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, obj);
-
-int OBJ_obj2nid(const ASN1_OBJECT *a)
-{
-    const unsigned int *op;
-    ADDED_OBJ ad, *adp;
-
-    if (a == NULL)
-        return (NID_undef);
-    if (a->nid != 0)
-        return (a->nid);
-
-    if (a->length == 0)
-        return NID_undef;
-
-    if (added != NULL) {
-        ad.type = ADDED_DATA;
-        ad.obj = (ASN1_OBJECT *)a; /* XXX: ugly but harmless */
-        adp = lh_ADDED_OBJ_retrieve(added, &ad);
-        if (adp != NULL)
-            return (adp->obj->nid);
-    }
-    op = OBJ_bsearch_obj(&a, obj_objs, NUM_OBJ);
-    if (op == NULL)
-        return (NID_undef);
-    return (nid_objs[*op].nid);
-}
-
-/*
- * Convert an object name into an ASN1_OBJECT if "noname" is not set then
- * search for short and long names first. This will convert the "dotted" form
- * into an object: unlike OBJ_txt2nid it can be used with any objects, not
- * just registered ones.
- */
-
-ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name)
-{
-    int nid = NID_undef;
-    ASN1_OBJECT *op = NULL;
-    unsigned char *buf;
-    unsigned char *p;
-    const unsigned char *cp;
-    int i, j;
-
-    if (!no_name) {
-        if (((nid = OBJ_sn2nid(s)) != NID_undef) ||
-            ((nid = OBJ_ln2nid(s)) != NID_undef))
-            return OBJ_nid2obj(nid);
-    }
-
-    /* Work out size of content octets */
-    i = a2d_ASN1_OBJECT(NULL, 0, s, -1);
-    if (i <= 0) {
-        /* Don't clear the error */
-        /*
-         * ERR_clear_error();
-         */
-        return NULL;
-    }
-    /* Work out total size */
-    j = ASN1_object_size(0, i, V_ASN1_OBJECT);
-
-    if ((buf = (unsigned char *)OPENSSL_malloc(j)) == NULL)
-        return NULL;
-
-    p = buf;
-    /* Write out tag+length */
-    ASN1_put_object(&p, 0, i, V_ASN1_OBJECT, V_ASN1_UNIVERSAL);
-    /* Write out contents */
-    a2d_ASN1_OBJECT(p, i, s, -1);
-
-    cp = buf;
-    op = d2i_ASN1_OBJECT(NULL, &cp, j);
-    OPENSSL_free(buf);
-    return op;
-}
-
-int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
-{
-    int i, n = 0, len, nid, first, use_bn;
-    BIGNUM *bl;
-    unsigned long l;
-    const unsigned char *p;
-    char tbuf[DECIMAL_SIZE(i) + DECIMAL_SIZE(l) + 2];
-
-    /* Ensure that, at every state, |buf| is NUL-terminated. */
-    if (buf && buf_len > 0)
-        buf[0] = '\0';
-
-    if ((a == NULL) || (a->data == NULL))
-        return (0);
-
-    if (!no_name && (nid = OBJ_obj2nid(a)) != NID_undef) {
-        const char *s;
-        s = OBJ_nid2ln(nid);
-        if (s == NULL)
-            s = OBJ_nid2sn(nid);
-        if (s) {
-            if (buf)
-                BUF_strlcpy(buf, s, buf_len);
-            n = strlen(s);
-            return n;
-        }
-    }
-
-    len = a->length;
-    p = a->data;
-
-    first = 1;
-    bl = NULL;
-
-    while (len > 0) {
-        l = 0;
-        use_bn = 0;
-        for (;;) {
-            unsigned char c = *p++;
-            len--;
-            if ((len == 0) && (c & 0x80))
-                goto err;
-            if (use_bn) {
-                if (!BN_add_word(bl, c & 0x7f))
-                    goto err;
-            } else
-                l |= c & 0x7f;
-            if (!(c & 0x80))
-                break;
-            if (!use_bn && (l > (ULONG_MAX >> 7L))) {
-                if (!bl && !(bl = BN_new()))
-                    goto err;
-                if (!BN_set_word(bl, l))
-                    goto err;
-                use_bn = 1;
-            }
-            if (use_bn) {
-                if (!BN_lshift(bl, bl, 7))
-                    goto err;
-            } else
-                l <<= 7L;
-        }
-
-        if (first) {
-            first = 0;
-            if (l >= 80) {
-                i = 2;
-                if (use_bn) {
-                    if (!BN_sub_word(bl, 80))
-                        goto err;
-                } else
-                    l -= 80;
-            } else {
-                i = (int)(l / 40);
-                l -= (long)(i * 40);
-            }
-            if (buf && (buf_len > 1)) {
-                *buf++ = i + '0';
-                *buf = '\0';
-                buf_len--;
-            }
-            n++;
-        }
-
-        if (use_bn) {
-            char *bndec;
-            bndec = BN_bn2dec(bl);
-            if (!bndec)
-                goto err;
-            i = strlen(bndec);
-            if (buf) {
-                if (buf_len > 1) {
-                    *buf++ = '.';
-                    *buf = '\0';
-                    buf_len--;
-                }
-                BUF_strlcpy(buf, bndec, buf_len);
-                if (i > buf_len) {
-                    buf += buf_len;
-                    buf_len = 0;
-                } else {
-                    buf += i;
-                    buf_len -= i;
-                }
-            }
-            n++;
-            n += i;
-            OPENSSL_free(bndec);
-        } else {
-            BIO_snprintf(tbuf, sizeof tbuf, ".%lu", l);
-            i = strlen(tbuf);
-            if (buf && (buf_len > 0)) {
-                BUF_strlcpy(buf, tbuf, buf_len);
-                if (i > buf_len) {
-                    buf += buf_len;
-                    buf_len = 0;
-                } else {
-                    buf += i;
-                    buf_len -= i;
-                }
-            }
-            n += i;
-            l = 0;
-        }
-    }
-
-    if (bl)
-        BN_free(bl);
-    return n;
-
- err:
-    if (bl)
-        BN_free(bl);
-    return -1;
-}
-
-int OBJ_txt2nid(const char *s)
-{
-    ASN1_OBJECT *obj;
-    int nid;
-    obj = OBJ_txt2obj(s, 0);
-    nid = OBJ_obj2nid(obj);
-    ASN1_OBJECT_free(obj);
-    return nid;
-}
-
-int OBJ_ln2nid(const char *s)
-{
-    ASN1_OBJECT o;
-    const ASN1_OBJECT *oo = &o;
-    ADDED_OBJ ad, *adp;
-    const unsigned int *op;
-
-    o.ln = s;
-    if (added != NULL) {
-        ad.type = ADDED_LNAME;
-        ad.obj = &o;
-        adp = lh_ADDED_OBJ_retrieve(added, &ad);
-        if (adp != NULL)
-            return (adp->obj->nid);
-    }
-    op = OBJ_bsearch_ln(&oo, ln_objs, NUM_LN);
-    if (op == NULL)
-        return (NID_undef);
-    return (nid_objs[*op].nid);
-}
-
-int OBJ_sn2nid(const char *s)
-{
-    ASN1_OBJECT o;
-    const ASN1_OBJECT *oo = &o;
-    ADDED_OBJ ad, *adp;
-    const unsigned int *op;
-
-    o.sn = s;
-    if (added != NULL) {
-        ad.type = ADDED_SNAME;
-        ad.obj = &o;
-        adp = lh_ADDED_OBJ_retrieve(added, &ad);
-        if (adp != NULL)
-            return (adp->obj->nid);
-    }
-    op = OBJ_bsearch_sn(&oo, sn_objs, NUM_SN);
-    if (op == NULL)
-        return (NID_undef);
-    return (nid_objs[*op].nid);
-}
-
-const void *OBJ_bsearch_(const void *key, const void *base, int num, int size,
-                         int (*cmp) (const void *, const void *))
-{
-    return OBJ_bsearch_ex_(key, base, num, size, cmp, 0);
-}
-
-const void *OBJ_bsearch_ex_(const void *key, const void *base_, int num,
-                            int size,
-                            int (*cmp) (const void *, const void *),
-                            int flags)
-{
-    const char *base = base_;
-    int l, h, i = 0, c = 0;
-    const char *p = NULL;
-
-    if (num == 0)
-        return (NULL);
-    l = 0;
-    h = num;
-    while (l < h) {
-        i = (l + h) / 2;
-        p = &(base[i * size]);
-        c = (*cmp) (key, p);
-        if (c < 0)
-            h = i;
-        else if (c > 0)
-            l = i + 1;
-        else
-            break;
-    }
-#ifdef CHARSET_EBCDIC
-    /*
-     * THIS IS A KLUDGE - Because the *_obj is sorted in ASCII order, and I
-     * don't have perl (yet), we revert to a *LINEAR* search when the object
-     * wasn't found in the binary search.
-     */
-    if (c != 0) {
-        for (i = 0; i < num; ++i) {
-            p = &(base[i * size]);
-            c = (*cmp) (key, p);
-            if (c == 0 || (c < 0 && (flags & OBJ_BSEARCH_VALUE_ON_NOMATCH)))
-                return p;
-        }
-    }
-#endif
-    if (c != 0 && !(flags & OBJ_BSEARCH_VALUE_ON_NOMATCH))
-        p = NULL;
-    else if (c == 0 && (flags & OBJ_BSEARCH_FIRST_VALUE_ON_MATCH)) {
-        while (i > 0 && (*cmp) (key, &(base[(i - 1) * size])) == 0)
-            i--;
-        p = &(base[i * size]);
-    }
-    return (p);
-}
-
-int OBJ_create_objects(BIO *in)
-{
-    MS_STATIC char buf[512];
-    int i, num = 0;
-    char *o, *s, *l = NULL;
-
-    for (;;) {
-        s = o = NULL;
-        i = BIO_gets(in, buf, 512);
-        if (i <= 0)
-            return (num);
-        buf[i - 1] = '\0';
-        if (!isalnum((unsigned char)buf[0]))
-            return (num);
-        o = s = buf;
-        while (isdigit((unsigned char)*s) || (*s == '.'))
-            s++;
-        if (*s != '\0') {
-            *(s++) = '\0';
-            while (isspace((unsigned char)*s))
-                s++;
-            if (*s == '\0')
-                s = NULL;
-            else {
-                l = s;
-                while ((*l != '\0') && !isspace((unsigned char)*l))
-                    l++;
-                if (*l != '\0') {
-                    *(l++) = '\0';
-                    while (isspace((unsigned char)*l))
-                        l++;
-                    if (*l == '\0')
-                        l = NULL;
-                } else
-                    l = NULL;
-            }
-        } else
-            s = NULL;
-        if ((o == NULL) || (*o == '\0'))
-            return (num);
-        if (!OBJ_create(o, s, l))
-            return (num);
-        num++;
-    }
-    /* return(num); */
-}
-
-int OBJ_create(const char *oid, const char *sn, const char *ln)
-{
-    int ok = 0;
-    ASN1_OBJECT *op = NULL;
-    unsigned char *buf;
-    int i;
-
-    i = a2d_ASN1_OBJECT(NULL, 0, oid, -1);
-    if (i <= 0)
-        return (0);
-
-    if ((buf = (unsigned char *)OPENSSL_malloc(i)) == NULL) {
-        OBJerr(OBJ_F_OBJ_CREATE, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-    i = a2d_ASN1_OBJECT(buf, i, oid, -1);
-    if (i == 0)
-        goto err;
-    op = (ASN1_OBJECT *)ASN1_OBJECT_create(OBJ_new_nid(1), buf, i, sn, ln);
-    if (op == NULL)
-        goto err;
-    ok = OBJ_add_object(op);
- err:
-    ASN1_OBJECT_free(op);
-    OPENSSL_free(buf);
-    return (ok);
-}
diff --git a/thirdparty/openssl/crypto/objects/obj_dat.h b/thirdparty/openssl/crypto/objects/obj_dat.h
deleted file mode 100644
index b7e3cf280e..0000000000
--- a/thirdparty/openssl/crypto/objects/obj_dat.h
+++ /dev/null
@@ -1,5319 +0,0 @@
-/* crypto/objects/obj_dat.h */
-
-/* THIS FILE IS GENERATED FROM objects.h by obj_dat.pl via the
- * following command:
- * perl obj_dat.pl obj_mac.h obj_dat.h
- */
-
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#define NUM_NID 958
-#define NUM_SN 951
-#define NUM_LN 951
-#define NUM_OBJ 890
-
-static const unsigned char lvalues[6255]={
-0x2A,0x86,0x48,0x86,0xF7,0x0D,               /* [  0] OBJ_rsadsi */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,          /* [  6] OBJ_pkcs */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02,     /* [ 13] OBJ_md2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x05,     /* [ 21] OBJ_md5 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x04,     /* [ 29] OBJ_rc4 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,/* [ 37] OBJ_rsaEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x02,/* [ 46] OBJ_md2WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x04,/* [ 55] OBJ_md5WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x01,/* [ 64] OBJ_pbeWithMD2AndDES_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x03,/* [ 73] OBJ_pbeWithMD5AndDES_CBC */
-0x55,                                        /* [ 82] OBJ_X500 */
-0x55,0x04,                                   /* [ 83] OBJ_X509 */
-0x55,0x04,0x03,                              /* [ 85] OBJ_commonName */
-0x55,0x04,0x06,                              /* [ 88] OBJ_countryName */
-0x55,0x04,0x07,                              /* [ 91] OBJ_localityName */
-0x55,0x04,0x08,                              /* [ 94] OBJ_stateOrProvinceName */
-0x55,0x04,0x0A,                              /* [ 97] OBJ_organizationName */
-0x55,0x04,0x0B,                              /* [100] OBJ_organizationalUnitName */
-0x55,0x08,0x01,0x01,                         /* [103] OBJ_rsa */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,     /* [107] OBJ_pkcs7 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x01,/* [115] OBJ_pkcs7_data */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x02,/* [124] OBJ_pkcs7_signed */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x03,/* [133] OBJ_pkcs7_enveloped */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x04,/* [142] OBJ_pkcs7_signedAndEnveloped */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x05,/* [151] OBJ_pkcs7_digest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x06,/* [160] OBJ_pkcs7_encrypted */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,     /* [169] OBJ_pkcs3 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,0x01,/* [177] OBJ_dhKeyAgreement */
-0x2B,0x0E,0x03,0x02,0x06,                    /* [186] OBJ_des_ecb */
-0x2B,0x0E,0x03,0x02,0x09,                    /* [191] OBJ_des_cfb64 */
-0x2B,0x0E,0x03,0x02,0x07,                    /* [196] OBJ_des_cbc */
-0x2B,0x0E,0x03,0x02,0x11,                    /* [201] OBJ_des_ede_ecb */
-0x2B,0x06,0x01,0x04,0x01,0x81,0x3C,0x07,0x01,0x01,0x02,/* [206] OBJ_idea_cbc */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x02,     /* [217] OBJ_rc2_cbc */
-0x2B,0x0E,0x03,0x02,0x12,                    /* [225] OBJ_sha */
-0x2B,0x0E,0x03,0x02,0x0F,                    /* [230] OBJ_shaWithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x07,     /* [235] OBJ_des_ede3_cbc */
-0x2B,0x0E,0x03,0x02,0x08,                    /* [243] OBJ_des_ofb64 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,     /* [248] OBJ_pkcs9 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,/* [256] OBJ_pkcs9_emailAddress */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x02,/* [265] OBJ_pkcs9_unstructuredName */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x03,/* [274] OBJ_pkcs9_contentType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x04,/* [283] OBJ_pkcs9_messageDigest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x05,/* [292] OBJ_pkcs9_signingTime */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x06,/* [301] OBJ_pkcs9_countersignature */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x07,/* [310] OBJ_pkcs9_challengePassword */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x08,/* [319] OBJ_pkcs9_unstructuredAddress */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x09,/* [328] OBJ_pkcs9_extCertAttributes */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,          /* [337] OBJ_netscape */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,     /* [344] OBJ_netscape_cert_extension */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,     /* [352] OBJ_netscape_data_type */
-0x2B,0x0E,0x03,0x02,0x1A,                    /* [360] OBJ_sha1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,/* [365] OBJ_sha1WithRSAEncryption */
-0x2B,0x0E,0x03,0x02,0x0D,                    /* [374] OBJ_dsaWithSHA */
-0x2B,0x0E,0x03,0x02,0x0C,                    /* [379] OBJ_dsa_2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0B,/* [384] OBJ_pbeWithSHA1AndRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0C,/* [393] OBJ_id_pbkdf2 */
-0x2B,0x0E,0x03,0x02,0x1B,                    /* [402] OBJ_dsaWithSHA1_2 */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x01,/* [407] OBJ_netscape_cert_type */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x02,/* [416] OBJ_netscape_base_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [425] OBJ_netscape_revocation_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x04,/* [434] OBJ_netscape_ca_revocation_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x07,/* [443] OBJ_netscape_renewal_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x08,/* [452] OBJ_netscape_ca_policy_url */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0C,/* [461] OBJ_netscape_ssl_server_name */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0D,/* [470] OBJ_netscape_comment */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,0x05,/* [479] OBJ_netscape_cert_sequence */
-0x55,0x1D,                                   /* [488] OBJ_id_ce */
-0x55,0x1D,0x0E,                              /* [490] OBJ_subject_key_identifier */
-0x55,0x1D,0x0F,                              /* [493] OBJ_key_usage */
-0x55,0x1D,0x10,                              /* [496] OBJ_private_key_usage_period */
-0x55,0x1D,0x11,                              /* [499] OBJ_subject_alt_name */
-0x55,0x1D,0x12,                              /* [502] OBJ_issuer_alt_name */
-0x55,0x1D,0x13,                              /* [505] OBJ_basic_constraints */
-0x55,0x1D,0x14,                              /* [508] OBJ_crl_number */
-0x55,0x1D,0x20,                              /* [511] OBJ_certificate_policies */
-0x55,0x1D,0x23,                              /* [514] OBJ_authority_key_identifier */
-0x2B,0x06,0x01,0x04,0x01,0x97,0x55,0x01,0x02,/* [517] OBJ_bf_cbc */
-0x55,0x08,0x03,0x65,                         /* [526] OBJ_mdc2 */
-0x55,0x08,0x03,0x64,                         /* [530] OBJ_mdc2WithRSA */
-0x55,0x04,0x2A,                              /* [534] OBJ_givenName */
-0x55,0x04,0x04,                              /* [537] OBJ_surname */
-0x55,0x04,0x2B,                              /* [540] OBJ_initials */
-0x55,0x1D,0x1F,                              /* [543] OBJ_crl_distribution_points */
-0x2B,0x0E,0x03,0x02,0x03,                    /* [546] OBJ_md5WithRSA */
-0x55,0x04,0x05,                              /* [551] OBJ_serialNumber */
-0x55,0x04,0x0C,                              /* [554] OBJ_title */
-0x55,0x04,0x0D,                              /* [557] OBJ_description */
-0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0A,/* [560] OBJ_cast5_cbc */
-0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0C,/* [569] OBJ_pbeWithMD5AndCast5_CBC */
-0x2A,0x86,0x48,0xCE,0x38,0x04,0x03,          /* [578] OBJ_dsaWithSHA1 */
-0x2B,0x0E,0x03,0x02,0x1D,                    /* [585] OBJ_sha1WithRSA */
-0x2A,0x86,0x48,0xCE,0x38,0x04,0x01,          /* [590] OBJ_dsa */
-0x2B,0x24,0x03,0x02,0x01,                    /* [597] OBJ_ripemd160 */
-0x2B,0x24,0x03,0x03,0x01,0x02,               /* [602] OBJ_ripemd160WithRSA */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08,     /* [608] OBJ_rc5_cbc */
-0x29,0x01,0x01,0x85,0x1A,0x01,               /* [616] OBJ_rle_compression */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x08,/* [622] OBJ_zlib_compression */
-0x55,0x1D,0x25,                              /* [633] OBJ_ext_key_usage */
-0x2B,0x06,0x01,0x05,0x05,0x07,               /* [636] OBJ_id_pkix */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,          /* [642] OBJ_id_kp */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01,     /* [649] OBJ_server_auth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02,     /* [657] OBJ_client_auth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03,     /* [665] OBJ_code_sign */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04,     /* [673] OBJ_email_protect */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08,     /* [681] OBJ_time_stamp */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [689] OBJ_ms_code_ind */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [699] OBJ_ms_code_com */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [709] OBJ_ms_ctl_sign */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x03,/* [719] OBJ_ms_sgc */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x04,/* [729] OBJ_ms_efs */
-0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x04,0x01,/* [739] OBJ_ns_sgc */
-0x55,0x1D,0x1B,                              /* [748] OBJ_delta_crl */
-0x55,0x1D,0x15,                              /* [751] OBJ_crl_reason */
-0x55,0x1D,0x18,                              /* [754] OBJ_invalidity_date */
-0x2B,0x65,0x01,0x04,0x01,                    /* [757] OBJ_sxnet */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x01,/* [762] OBJ_pbe_WithSHA1And128BitRC4 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x02,/* [772] OBJ_pbe_WithSHA1And40BitRC4 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x03,/* [782] OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x04,/* [792] OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x05,/* [802] OBJ_pbe_WithSHA1And128BitRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x06,/* [812] OBJ_pbe_WithSHA1And40BitRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x01,/* [822] OBJ_keyBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x02,/* [833] OBJ_pkcs8ShroudedKeyBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x03,/* [844] OBJ_certBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x04,/* [855] OBJ_crlBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x05,/* [866] OBJ_secretBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x06,/* [877] OBJ_safeContentsBag */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x14,/* [888] OBJ_friendlyName */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x15,/* [897] OBJ_localKeyID */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x01,/* [906] OBJ_x509Certificate */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x02,/* [916] OBJ_sdsiCertificate */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x17,0x01,/* [926] OBJ_x509Crl */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [936] OBJ_pbes2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [945] OBJ_pbmac1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07,     /* [954] OBJ_hmacWithSHA1 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01,     /* [962] OBJ_id_qt_cps */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02,     /* [970] OBJ_id_qt_unotice */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [978] OBJ_SMIMECapabilities */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [987] OBJ_pbeWithMD2AndRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [996] OBJ_pbeWithMD5AndRC2_CBC */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [1005] OBJ_pbeWithSHA1AndDES_CBC */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [1014] OBJ_ms_ext_req */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1024] OBJ_ext_req */
-0x55,0x04,0x29,                              /* [1033] OBJ_name */
-0x55,0x04,0x2E,                              /* [1036] OBJ_dnQualifier */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,          /* [1039] OBJ_id_pe */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,          /* [1046] OBJ_id_ad */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01,     /* [1053] OBJ_info_access */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,     /* [1061] OBJ_ad_OCSP */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02,     /* [1069] OBJ_ad_ca_issuers */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09,     /* [1077] OBJ_OCSP_sign */
-0x2A,                                        /* [1085] OBJ_member_body */
-0x2A,0x86,0x48,                              /* [1086] OBJ_ISO_US */
-0x2A,0x86,0x48,0xCE,0x38,                    /* [1089] OBJ_X9_57 */
-0x2A,0x86,0x48,0xCE,0x38,0x04,               /* [1094] OBJ_X9cm */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,     /* [1100] OBJ_pkcs1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,     /* [1108] OBJ_pkcs5 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,/* [1116] OBJ_SMIME */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,/* [1125] OBJ_id_smime_mod */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,/* [1135] OBJ_id_smime_ct */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,/* [1145] OBJ_id_smime_aa */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,/* [1155] OBJ_id_smime_alg */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,/* [1165] OBJ_id_smime_cd */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,/* [1175] OBJ_id_smime_spq */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,/* [1185] OBJ_id_smime_cti */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x01,/* [1195] OBJ_id_smime_mod_cms */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x02,/* [1206] OBJ_id_smime_mod_ess */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x03,/* [1217] OBJ_id_smime_mod_oid */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x04,/* [1228] OBJ_id_smime_mod_msg_v3 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x05,/* [1239] OBJ_id_smime_mod_ets_eSignature_88 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x06,/* [1250] OBJ_id_smime_mod_ets_eSignature_97 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x07,/* [1261] OBJ_id_smime_mod_ets_eSigPolicy_88 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x08,/* [1272] OBJ_id_smime_mod_ets_eSigPolicy_97 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x01,/* [1283] OBJ_id_smime_ct_receipt */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x02,/* [1294] OBJ_id_smime_ct_authData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x03,/* [1305] OBJ_id_smime_ct_publishCert */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x04,/* [1316] OBJ_id_smime_ct_TSTInfo */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x05,/* [1327] OBJ_id_smime_ct_TDTInfo */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x06,/* [1338] OBJ_id_smime_ct_contentInfo */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x07,/* [1349] OBJ_id_smime_ct_DVCSRequestData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x08,/* [1360] OBJ_id_smime_ct_DVCSResponseData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x01,/* [1371] OBJ_id_smime_aa_receiptRequest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x02,/* [1382] OBJ_id_smime_aa_securityLabel */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x03,/* [1393] OBJ_id_smime_aa_mlExpandHistory */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x04,/* [1404] OBJ_id_smime_aa_contentHint */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x05,/* [1415] OBJ_id_smime_aa_msgSigDigest */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x06,/* [1426] OBJ_id_smime_aa_encapContentType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x07,/* [1437] OBJ_id_smime_aa_contentIdentifier */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x08,/* [1448] OBJ_id_smime_aa_macValue */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x09,/* [1459] OBJ_id_smime_aa_equivalentLabels */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0A,/* [1470] OBJ_id_smime_aa_contentReference */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0B,/* [1481] OBJ_id_smime_aa_encrypKeyPref */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0C,/* [1492] OBJ_id_smime_aa_signingCertificate */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0D,/* [1503] OBJ_id_smime_aa_smimeEncryptCerts */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0E,/* [1514] OBJ_id_smime_aa_timeStampToken */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0F,/* [1525] OBJ_id_smime_aa_ets_sigPolicyId */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x10,/* [1536] OBJ_id_smime_aa_ets_commitmentType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x11,/* [1547] OBJ_id_smime_aa_ets_signerLocation */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x12,/* [1558] OBJ_id_smime_aa_ets_signerAttr */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x13,/* [1569] OBJ_id_smime_aa_ets_otherSigCert */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x14,/* [1580] OBJ_id_smime_aa_ets_contentTimestamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x15,/* [1591] OBJ_id_smime_aa_ets_CertificateRefs */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x16,/* [1602] OBJ_id_smime_aa_ets_RevocationRefs */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x17,/* [1613] OBJ_id_smime_aa_ets_certValues */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x18,/* [1624] OBJ_id_smime_aa_ets_revocationValues */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x19,/* [1635] OBJ_id_smime_aa_ets_escTimeStamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1A,/* [1646] OBJ_id_smime_aa_ets_certCRLTimestamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1B,/* [1657] OBJ_id_smime_aa_ets_archiveTimeStamp */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1C,/* [1668] OBJ_id_smime_aa_signatureType */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1D,/* [1679] OBJ_id_smime_aa_dvcs_dvc */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x01,/* [1690] OBJ_id_smime_alg_ESDHwith3DES */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x02,/* [1701] OBJ_id_smime_alg_ESDHwithRC2 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x03,/* [1712] OBJ_id_smime_alg_3DESwrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x04,/* [1723] OBJ_id_smime_alg_RC2wrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x05,/* [1734] OBJ_id_smime_alg_ESDH */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x06,/* [1745] OBJ_id_smime_alg_CMS3DESwrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x07,/* [1756] OBJ_id_smime_alg_CMSRC2wrap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,0x01,/* [1767] OBJ_id_smime_cd_ldap */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x01,/* [1778] OBJ_id_smime_spq_ets_sqt_uri */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x02,/* [1789] OBJ_id_smime_spq_ets_sqt_unotice */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x01,/* [1800] OBJ_id_smime_cti_ets_proofOfOrigin */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x02,/* [1811] OBJ_id_smime_cti_ets_proofOfReceipt */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x03,/* [1822] OBJ_id_smime_cti_ets_proofOfDelivery */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x04,/* [1833] OBJ_id_smime_cti_ets_proofOfSender */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x05,/* [1844] OBJ_id_smime_cti_ets_proofOfApproval */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x06,/* [1855] OBJ_id_smime_cti_ets_proofOfCreation */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x04,     /* [1866] OBJ_md4 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,          /* [1874] OBJ_id_pkix_mod */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,          /* [1881] OBJ_id_qt */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,          /* [1888] OBJ_id_it */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,          /* [1895] OBJ_id_pkip */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,          /* [1902] OBJ_id_alg */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,          /* [1909] OBJ_id_cmc */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x08,          /* [1916] OBJ_id_on */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,          /* [1923] OBJ_id_pda */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,          /* [1930] OBJ_id_aca */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,          /* [1937] OBJ_id_qcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,          /* [1944] OBJ_id_cct */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x01,     /* [1951] OBJ_id_pkix1_explicit_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x02,     /* [1959] OBJ_id_pkix1_implicit_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x03,     /* [1967] OBJ_id_pkix1_explicit_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x04,     /* [1975] OBJ_id_pkix1_implicit_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x05,     /* [1983] OBJ_id_mod_crmf */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x06,     /* [1991] OBJ_id_mod_cmc */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x07,     /* [1999] OBJ_id_mod_kea_profile_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x08,     /* [2007] OBJ_id_mod_kea_profile_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x09,     /* [2015] OBJ_id_mod_cmp */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0A,     /* [2023] OBJ_id_mod_qualified_cert_88 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0B,     /* [2031] OBJ_id_mod_qualified_cert_93 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0C,     /* [2039] OBJ_id_mod_attribute_cert */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0D,     /* [2047] OBJ_id_mod_timestamp_protocol */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0E,     /* [2055] OBJ_id_mod_ocsp */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0F,     /* [2063] OBJ_id_mod_dvcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x10,     /* [2071] OBJ_id_mod_cmp2000 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x02,     /* [2079] OBJ_biometricInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x03,     /* [2087] OBJ_qcStatements */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04,     /* [2095] OBJ_ac_auditEntity */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05,     /* [2103] OBJ_ac_targeting */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06,     /* [2111] OBJ_aaControls */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07,     /* [2119] OBJ_sbgp_ipAddrBlock */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08,     /* [2127] OBJ_sbgp_autonomousSysNum */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09,     /* [2135] OBJ_sbgp_routerIdentifier */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03,     /* [2143] OBJ_textNotice */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05,     /* [2151] OBJ_ipsecEndSystem */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06,     /* [2159] OBJ_ipsecTunnel */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x07,     /* [2167] OBJ_ipsecUser */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x0A,     /* [2175] OBJ_dvcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x01,     /* [2183] OBJ_id_it_caProtEncCert */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x02,     /* [2191] OBJ_id_it_signKeyPairTypes */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x03,     /* [2199] OBJ_id_it_encKeyPairTypes */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x04,     /* [2207] OBJ_id_it_preferredSymmAlg */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x05,     /* [2215] OBJ_id_it_caKeyUpdateInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x06,     /* [2223] OBJ_id_it_currentCRL */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x07,     /* [2231] OBJ_id_it_unsupportedOIDs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x08,     /* [2239] OBJ_id_it_subscriptionRequest */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x09,     /* [2247] OBJ_id_it_subscriptionResponse */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0A,     /* [2255] OBJ_id_it_keyPairParamReq */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0B,     /* [2263] OBJ_id_it_keyPairParamRep */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0C,     /* [2271] OBJ_id_it_revPassphrase */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0D,     /* [2279] OBJ_id_it_implicitConfirm */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0E,     /* [2287] OBJ_id_it_confirmWaitTime */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0F,     /* [2295] OBJ_id_it_origPKIMessage */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,     /* [2303] OBJ_id_regCtrl */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,     /* [2311] OBJ_id_regInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x01,/* [2319] OBJ_id_regCtrl_regToken */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x02,/* [2328] OBJ_id_regCtrl_authenticator */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x03,/* [2337] OBJ_id_regCtrl_pkiPublicationInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x04,/* [2346] OBJ_id_regCtrl_pkiArchiveOptions */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x05,/* [2355] OBJ_id_regCtrl_oldCertID */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x06,/* [2364] OBJ_id_regCtrl_protocolEncrKey */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x01,/* [2373] OBJ_id_regInfo_utf8Pairs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x02,/* [2382] OBJ_id_regInfo_certReq */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x01,     /* [2391] OBJ_id_alg_des40 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x02,     /* [2399] OBJ_id_alg_noSignature */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x03,     /* [2407] OBJ_id_alg_dh_sig_hmac_sha1 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x04,     /* [2415] OBJ_id_alg_dh_pop */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x01,     /* [2423] OBJ_id_cmc_statusInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x02,     /* [2431] OBJ_id_cmc_identification */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x03,     /* [2439] OBJ_id_cmc_identityProof */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x04,     /* [2447] OBJ_id_cmc_dataReturn */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x05,     /* [2455] OBJ_id_cmc_transactionId */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x06,     /* [2463] OBJ_id_cmc_senderNonce */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x07,     /* [2471] OBJ_id_cmc_recipientNonce */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x08,     /* [2479] OBJ_id_cmc_addExtensions */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x09,     /* [2487] OBJ_id_cmc_encryptedPOP */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0A,     /* [2495] OBJ_id_cmc_decryptedPOP */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0B,     /* [2503] OBJ_id_cmc_lraPOPWitness */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0F,     /* [2511] OBJ_id_cmc_getCert */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x10,     /* [2519] OBJ_id_cmc_getCRL */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x11,     /* [2527] OBJ_id_cmc_revokeRequest */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x12,     /* [2535] OBJ_id_cmc_regInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x13,     /* [2543] OBJ_id_cmc_responseInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x15,     /* [2551] OBJ_id_cmc_queryPending */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x16,     /* [2559] OBJ_id_cmc_popLinkRandom */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x17,     /* [2567] OBJ_id_cmc_popLinkWitness */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x18,     /* [2575] OBJ_id_cmc_confirmCertAcceptance */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x01,     /* [2583] OBJ_id_on_personalData */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x01,     /* [2591] OBJ_id_pda_dateOfBirth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x02,     /* [2599] OBJ_id_pda_placeOfBirth */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x03,     /* [2607] OBJ_id_pda_gender */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x04,     /* [2615] OBJ_id_pda_countryOfCitizenship */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x05,     /* [2623] OBJ_id_pda_countryOfResidence */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x01,     /* [2631] OBJ_id_aca_authenticationInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x02,     /* [2639] OBJ_id_aca_accessIdentity */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x03,     /* [2647] OBJ_id_aca_chargingIdentity */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x04,     /* [2655] OBJ_id_aca_group */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x05,     /* [2663] OBJ_id_aca_role */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,0x01,     /* [2671] OBJ_id_qcs_pkixQCSyntax_v1 */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x01,     /* [2679] OBJ_id_cct_crs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x02,     /* [2687] OBJ_id_cct_PKIData */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x03,     /* [2695] OBJ_id_cct_PKIResponse */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x03,     /* [2703] OBJ_ad_timeStamping */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x04,     /* [2711] OBJ_ad_dvcs */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x01,/* [2719] OBJ_id_pkix_OCSP_basic */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x02,/* [2728] OBJ_id_pkix_OCSP_Nonce */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x03,/* [2737] OBJ_id_pkix_OCSP_CrlID */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x04,/* [2746] OBJ_id_pkix_OCSP_acceptableResponses */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x05,/* [2755] OBJ_id_pkix_OCSP_noCheck */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x06,/* [2764] OBJ_id_pkix_OCSP_archiveCutoff */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x07,/* [2773] OBJ_id_pkix_OCSP_serviceLocator */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x08,/* [2782] OBJ_id_pkix_OCSP_extendedStatus */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x09,/* [2791] OBJ_id_pkix_OCSP_valid */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0A,/* [2800] OBJ_id_pkix_OCSP_path */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0B,/* [2809] OBJ_id_pkix_OCSP_trustRoot */
-0x2B,0x0E,0x03,0x02,                         /* [2818] OBJ_algorithm */
-0x2B,0x0E,0x03,0x02,0x0B,                    /* [2822] OBJ_rsaSignature */
-0x55,0x08,                                   /* [2827] OBJ_X500algorithms */
-0x2B,                                        /* [2829] OBJ_org */
-0x2B,0x06,                                   /* [2830] OBJ_dod */
-0x2B,0x06,0x01,                              /* [2832] OBJ_iana */
-0x2B,0x06,0x01,0x01,                         /* [2835] OBJ_Directory */
-0x2B,0x06,0x01,0x02,                         /* [2839] OBJ_Management */
-0x2B,0x06,0x01,0x03,                         /* [2843] OBJ_Experimental */
-0x2B,0x06,0x01,0x04,                         /* [2847] OBJ_Private */
-0x2B,0x06,0x01,0x05,                         /* [2851] OBJ_Security */
-0x2B,0x06,0x01,0x06,                         /* [2855] OBJ_SNMPv2 */
-0x2B,0x06,0x01,0x07,                         /* [2859] OBJ_Mail */
-0x2B,0x06,0x01,0x04,0x01,                    /* [2863] OBJ_Enterprises */
-0x2B,0x06,0x01,0x04,0x01,0x8B,0x3A,0x82,0x58,/* [2868] OBJ_dcObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2877] OBJ_domainComponent */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2887] OBJ_Domain */
-0x55,0x01,0x05,                              /* [2897] OBJ_selected_attribute_types */
-0x55,0x01,0x05,0x37,                         /* [2900] OBJ_clearance */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x03,/* [2904] OBJ_md4WithRSAEncryption */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0A,     /* [2913] OBJ_ac_proxying */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0B,     /* [2921] OBJ_sinfo_access */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x06,     /* [2929] OBJ_id_aca_encAttrs */
-0x55,0x04,0x48,                              /* [2937] OBJ_role */
-0x55,0x1D,0x24,                              /* [2940] OBJ_policy_constraints */
-0x55,0x1D,0x37,                              /* [2943] OBJ_target_information */
-0x55,0x1D,0x38,                              /* [2946] OBJ_no_rev_avail */
-0x2A,0x86,0x48,0xCE,0x3D,                    /* [2949] OBJ_ansi_X9_62 */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x01,          /* [2954] OBJ_X9_62_prime_field */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,          /* [2961] OBJ_X9_62_characteristic_two_field */
-0x2A,0x86,0x48,0xCE,0x3D,0x02,0x01,          /* [2968] OBJ_X9_62_id_ecPublicKey */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x01,     /* [2975] OBJ_X9_62_prime192v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x02,     /* [2983] OBJ_X9_62_prime192v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x03,     /* [2991] OBJ_X9_62_prime192v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x04,     /* [2999] OBJ_X9_62_prime239v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x05,     /* [3007] OBJ_X9_62_prime239v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06,     /* [3015] OBJ_X9_62_prime239v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07,     /* [3023] OBJ_X9_62_prime256v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x01,          /* [3031] OBJ_ecdsa_with_SHA1 */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3038] OBJ_ms_csp_name */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [3047] OBJ_aes_128_ecb */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [3056] OBJ_aes_128_cbc */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [3065] OBJ_aes_128_ofb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [3074] OBJ_aes_128_cfb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [3083] OBJ_aes_192_ecb */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [3092] OBJ_aes_192_cbc */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [3101] OBJ_aes_192_ofb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [3110] OBJ_aes_192_cfb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [3119] OBJ_aes_256_ecb */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [3128] OBJ_aes_256_cbc */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [3137] OBJ_aes_256_ofb128 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [3146] OBJ_aes_256_cfb128 */
-0x55,0x1D,0x17,                              /* [3155] OBJ_hold_instruction_code */
-0x2A,0x86,0x48,0xCE,0x38,0x02,0x01,          /* [3158] OBJ_hold_instruction_none */
-0x2A,0x86,0x48,0xCE,0x38,0x02,0x02,          /* [3165] OBJ_hold_instruction_call_issuer */
-0x2A,0x86,0x48,0xCE,0x38,0x02,0x03,          /* [3172] OBJ_hold_instruction_reject */
-0x09,                                        /* [3179] OBJ_data */
-0x09,0x92,0x26,                              /* [3180] OBJ_pss */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,          /* [3183] OBJ_ucl */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,     /* [3190] OBJ_pilot */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,/* [3198] OBJ_pilotAttributeType */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,/* [3207] OBJ_pilotAttributeSyntax */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,/* [3216] OBJ_pilotObjectClass */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x0A,/* [3225] OBJ_pilotGroups */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x04,/* [3234] OBJ_iA5StringSyntax */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x05,/* [3244] OBJ_caseIgnoreIA5StringSyntax */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x03,/* [3254] OBJ_pilotObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x04,/* [3264] OBJ_pilotPerson */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x05,/* [3274] OBJ_account */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x06,/* [3284] OBJ_document */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x07,/* [3294] OBJ_room */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x09,/* [3304] OBJ_documentSeries */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0E,/* [3314] OBJ_rFC822localPart */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0F,/* [3324] OBJ_dNSDomain */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x11,/* [3334] OBJ_domainRelatedObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x12,/* [3344] OBJ_friendlyCountry */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x13,/* [3354] OBJ_simpleSecurityObject */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x14,/* [3364] OBJ_pilotOrganization */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x15,/* [3374] OBJ_pilotDSA */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x16,/* [3384] OBJ_qualityLabelledData */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x01,/* [3394] OBJ_userId */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x02,/* [3404] OBJ_textEncodedORAddress */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x03,/* [3414] OBJ_rfc822Mailbox */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x04,/* [3424] OBJ_info */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x05,/* [3434] OBJ_favouriteDrink */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x06,/* [3444] OBJ_roomNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x07,/* [3454] OBJ_photo */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x08,/* [3464] OBJ_userClass */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x09,/* [3474] OBJ_host */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0A,/* [3484] OBJ_manager */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0B,/* [3494] OBJ_documentIdentifier */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0C,/* [3504] OBJ_documentTitle */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0D,/* [3514] OBJ_documentVersion */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0E,/* [3524] OBJ_documentAuthor */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0F,/* [3534] OBJ_documentLocation */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x14,/* [3544] OBJ_homeTelephoneNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x15,/* [3554] OBJ_secretary */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x16,/* [3564] OBJ_otherMailbox */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x17,/* [3574] OBJ_lastModifiedTime */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x18,/* [3584] OBJ_lastModifiedBy */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1A,/* [3594] OBJ_aRecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1B,/* [3604] OBJ_pilotAttributeType27 */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1C,/* [3614] OBJ_mXRecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1D,/* [3624] OBJ_nSRecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1E,/* [3634] OBJ_sOARecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1F,/* [3644] OBJ_cNAMERecord */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x25,/* [3654] OBJ_associatedDomain */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x26,/* [3664] OBJ_associatedName */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x27,/* [3674] OBJ_homePostalAddress */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x28,/* [3684] OBJ_personalTitle */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x29,/* [3694] OBJ_mobileTelephoneNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2A,/* [3704] OBJ_pagerTelephoneNumber */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2B,/* [3714] OBJ_friendlyCountryName */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2D,/* [3724] OBJ_organizationalStatus */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2E,/* [3734] OBJ_janetMailbox */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2F,/* [3744] OBJ_mailPreferenceOption */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x30,/* [3754] OBJ_buildingName */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x31,/* [3764] OBJ_dSAQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x32,/* [3774] OBJ_singleLevelQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x33,/* [3784] OBJ_subtreeMinimumQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x34,/* [3794] OBJ_subtreeMaximumQuality */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x35,/* [3804] OBJ_personalSignature */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x36,/* [3814] OBJ_dITRedirect */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x37,/* [3824] OBJ_audio */
-0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x38,/* [3834] OBJ_documentPublisher */
-0x55,0x04,0x2D,                              /* [3844] OBJ_x500UniqueIdentifier */
-0x2B,0x06,0x01,0x07,0x01,                    /* [3847] OBJ_mime_mhs */
-0x2B,0x06,0x01,0x07,0x01,0x01,               /* [3852] OBJ_mime_mhs_headings */
-0x2B,0x06,0x01,0x07,0x01,0x02,               /* [3858] OBJ_mime_mhs_bodies */
-0x2B,0x06,0x01,0x07,0x01,0x01,0x01,          /* [3864] OBJ_id_hex_partial_message */
-0x2B,0x06,0x01,0x07,0x01,0x01,0x02,          /* [3871] OBJ_id_hex_multipart_message */
-0x55,0x04,0x2C,                              /* [3878] OBJ_generationQualifier */
-0x55,0x04,0x41,                              /* [3881] OBJ_pseudonym */
-0x67,0x2A,                                   /* [3884] OBJ_id_set */
-0x67,0x2A,0x00,                              /* [3886] OBJ_set_ctype */
-0x67,0x2A,0x01,                              /* [3889] OBJ_set_msgExt */
-0x67,0x2A,0x03,                              /* [3892] OBJ_set_attr */
-0x67,0x2A,0x05,                              /* [3895] OBJ_set_policy */
-0x67,0x2A,0x07,                              /* [3898] OBJ_set_certExt */
-0x67,0x2A,0x08,                              /* [3901] OBJ_set_brand */
-0x67,0x2A,0x00,0x00,                         /* [3904] OBJ_setct_PANData */
-0x67,0x2A,0x00,0x01,                         /* [3908] OBJ_setct_PANToken */
-0x67,0x2A,0x00,0x02,                         /* [3912] OBJ_setct_PANOnly */
-0x67,0x2A,0x00,0x03,                         /* [3916] OBJ_setct_OIData */
-0x67,0x2A,0x00,0x04,                         /* [3920] OBJ_setct_PI */
-0x67,0x2A,0x00,0x05,                         /* [3924] OBJ_setct_PIData */
-0x67,0x2A,0x00,0x06,                         /* [3928] OBJ_setct_PIDataUnsigned */
-0x67,0x2A,0x00,0x07,                         /* [3932] OBJ_setct_HODInput */
-0x67,0x2A,0x00,0x08,                         /* [3936] OBJ_setct_AuthResBaggage */
-0x67,0x2A,0x00,0x09,                         /* [3940] OBJ_setct_AuthRevReqBaggage */
-0x67,0x2A,0x00,0x0A,                         /* [3944] OBJ_setct_AuthRevResBaggage */
-0x67,0x2A,0x00,0x0B,                         /* [3948] OBJ_setct_CapTokenSeq */
-0x67,0x2A,0x00,0x0C,                         /* [3952] OBJ_setct_PInitResData */
-0x67,0x2A,0x00,0x0D,                         /* [3956] OBJ_setct_PI_TBS */
-0x67,0x2A,0x00,0x0E,                         /* [3960] OBJ_setct_PResData */
-0x67,0x2A,0x00,0x10,                         /* [3964] OBJ_setct_AuthReqTBS */
-0x67,0x2A,0x00,0x11,                         /* [3968] OBJ_setct_AuthResTBS */
-0x67,0x2A,0x00,0x12,                         /* [3972] OBJ_setct_AuthResTBSX */
-0x67,0x2A,0x00,0x13,                         /* [3976] OBJ_setct_AuthTokenTBS */
-0x67,0x2A,0x00,0x14,                         /* [3980] OBJ_setct_CapTokenData */
-0x67,0x2A,0x00,0x15,                         /* [3984] OBJ_setct_CapTokenTBS */
-0x67,0x2A,0x00,0x16,                         /* [3988] OBJ_setct_AcqCardCodeMsg */
-0x67,0x2A,0x00,0x17,                         /* [3992] OBJ_setct_AuthRevReqTBS */
-0x67,0x2A,0x00,0x18,                         /* [3996] OBJ_setct_AuthRevResData */
-0x67,0x2A,0x00,0x19,                         /* [4000] OBJ_setct_AuthRevResTBS */
-0x67,0x2A,0x00,0x1A,                         /* [4004] OBJ_setct_CapReqTBS */
-0x67,0x2A,0x00,0x1B,                         /* [4008] OBJ_setct_CapReqTBSX */
-0x67,0x2A,0x00,0x1C,                         /* [4012] OBJ_setct_CapResData */
-0x67,0x2A,0x00,0x1D,                         /* [4016] OBJ_setct_CapRevReqTBS */
-0x67,0x2A,0x00,0x1E,                         /* [4020] OBJ_setct_CapRevReqTBSX */
-0x67,0x2A,0x00,0x1F,                         /* [4024] OBJ_setct_CapRevResData */
-0x67,0x2A,0x00,0x20,                         /* [4028] OBJ_setct_CredReqTBS */
-0x67,0x2A,0x00,0x21,                         /* [4032] OBJ_setct_CredReqTBSX */
-0x67,0x2A,0x00,0x22,                         /* [4036] OBJ_setct_CredResData */
-0x67,0x2A,0x00,0x23,                         /* [4040] OBJ_setct_CredRevReqTBS */
-0x67,0x2A,0x00,0x24,                         /* [4044] OBJ_setct_CredRevReqTBSX */
-0x67,0x2A,0x00,0x25,                         /* [4048] OBJ_setct_CredRevResData */
-0x67,0x2A,0x00,0x26,                         /* [4052] OBJ_setct_PCertReqData */
-0x67,0x2A,0x00,0x27,                         /* [4056] OBJ_setct_PCertResTBS */
-0x67,0x2A,0x00,0x28,                         /* [4060] OBJ_setct_BatchAdminReqData */
-0x67,0x2A,0x00,0x29,                         /* [4064] OBJ_setct_BatchAdminResData */
-0x67,0x2A,0x00,0x2A,                         /* [4068] OBJ_setct_CardCInitResTBS */
-0x67,0x2A,0x00,0x2B,                         /* [4072] OBJ_setct_MeAqCInitResTBS */
-0x67,0x2A,0x00,0x2C,                         /* [4076] OBJ_setct_RegFormResTBS */
-0x67,0x2A,0x00,0x2D,                         /* [4080] OBJ_setct_CertReqData */
-0x67,0x2A,0x00,0x2E,                         /* [4084] OBJ_setct_CertReqTBS */
-0x67,0x2A,0x00,0x2F,                         /* [4088] OBJ_setct_CertResData */
-0x67,0x2A,0x00,0x30,                         /* [4092] OBJ_setct_CertInqReqTBS */
-0x67,0x2A,0x00,0x31,                         /* [4096] OBJ_setct_ErrorTBS */
-0x67,0x2A,0x00,0x32,                         /* [4100] OBJ_setct_PIDualSignedTBE */
-0x67,0x2A,0x00,0x33,                         /* [4104] OBJ_setct_PIUnsignedTBE */
-0x67,0x2A,0x00,0x34,                         /* [4108] OBJ_setct_AuthReqTBE */
-0x67,0x2A,0x00,0x35,                         /* [4112] OBJ_setct_AuthResTBE */
-0x67,0x2A,0x00,0x36,                         /* [4116] OBJ_setct_AuthResTBEX */
-0x67,0x2A,0x00,0x37,                         /* [4120] OBJ_setct_AuthTokenTBE */
-0x67,0x2A,0x00,0x38,                         /* [4124] OBJ_setct_CapTokenTBE */
-0x67,0x2A,0x00,0x39,                         /* [4128] OBJ_setct_CapTokenTBEX */
-0x67,0x2A,0x00,0x3A,                         /* [4132] OBJ_setct_AcqCardCodeMsgTBE */
-0x67,0x2A,0x00,0x3B,                         /* [4136] OBJ_setct_AuthRevReqTBE */
-0x67,0x2A,0x00,0x3C,                         /* [4140] OBJ_setct_AuthRevResTBE */
-0x67,0x2A,0x00,0x3D,                         /* [4144] OBJ_setct_AuthRevResTBEB */
-0x67,0x2A,0x00,0x3E,                         /* [4148] OBJ_setct_CapReqTBE */
-0x67,0x2A,0x00,0x3F,                         /* [4152] OBJ_setct_CapReqTBEX */
-0x67,0x2A,0x00,0x40,                         /* [4156] OBJ_setct_CapResTBE */
-0x67,0x2A,0x00,0x41,                         /* [4160] OBJ_setct_CapRevReqTBE */
-0x67,0x2A,0x00,0x42,                         /* [4164] OBJ_setct_CapRevReqTBEX */
-0x67,0x2A,0x00,0x43,                         /* [4168] OBJ_setct_CapRevResTBE */
-0x67,0x2A,0x00,0x44,                         /* [4172] OBJ_setct_CredReqTBE */
-0x67,0x2A,0x00,0x45,                         /* [4176] OBJ_setct_CredReqTBEX */
-0x67,0x2A,0x00,0x46,                         /* [4180] OBJ_setct_CredResTBE */
-0x67,0x2A,0x00,0x47,                         /* [4184] OBJ_setct_CredRevReqTBE */
-0x67,0x2A,0x00,0x48,                         /* [4188] OBJ_setct_CredRevReqTBEX */
-0x67,0x2A,0x00,0x49,                         /* [4192] OBJ_setct_CredRevResTBE */
-0x67,0x2A,0x00,0x4A,                         /* [4196] OBJ_setct_BatchAdminReqTBE */
-0x67,0x2A,0x00,0x4B,                         /* [4200] OBJ_setct_BatchAdminResTBE */
-0x67,0x2A,0x00,0x4C,                         /* [4204] OBJ_setct_RegFormReqTBE */
-0x67,0x2A,0x00,0x4D,                         /* [4208] OBJ_setct_CertReqTBE */
-0x67,0x2A,0x00,0x4E,                         /* [4212] OBJ_setct_CertReqTBEX */
-0x67,0x2A,0x00,0x4F,                         /* [4216] OBJ_setct_CertResTBE */
-0x67,0x2A,0x00,0x50,                         /* [4220] OBJ_setct_CRLNotificationTBS */
-0x67,0x2A,0x00,0x51,                         /* [4224] OBJ_setct_CRLNotificationResTBS */
-0x67,0x2A,0x00,0x52,                         /* [4228] OBJ_setct_BCIDistributionTBS */
-0x67,0x2A,0x01,0x01,                         /* [4232] OBJ_setext_genCrypt */
-0x67,0x2A,0x01,0x03,                         /* [4236] OBJ_setext_miAuth */
-0x67,0x2A,0x01,0x04,                         /* [4240] OBJ_setext_pinSecure */
-0x67,0x2A,0x01,0x05,                         /* [4244] OBJ_setext_pinAny */
-0x67,0x2A,0x01,0x07,                         /* [4248] OBJ_setext_track2 */
-0x67,0x2A,0x01,0x08,                         /* [4252] OBJ_setext_cv */
-0x67,0x2A,0x05,0x00,                         /* [4256] OBJ_set_policy_root */
-0x67,0x2A,0x07,0x00,                         /* [4260] OBJ_setCext_hashedRoot */
-0x67,0x2A,0x07,0x01,                         /* [4264] OBJ_setCext_certType */
-0x67,0x2A,0x07,0x02,                         /* [4268] OBJ_setCext_merchData */
-0x67,0x2A,0x07,0x03,                         /* [4272] OBJ_setCext_cCertRequired */
-0x67,0x2A,0x07,0x04,                         /* [4276] OBJ_setCext_tunneling */
-0x67,0x2A,0x07,0x05,                         /* [4280] OBJ_setCext_setExt */
-0x67,0x2A,0x07,0x06,                         /* [4284] OBJ_setCext_setQualf */
-0x67,0x2A,0x07,0x07,                         /* [4288] OBJ_setCext_PGWYcapabilities */
-0x67,0x2A,0x07,0x08,                         /* [4292] OBJ_setCext_TokenIdentifier */
-0x67,0x2A,0x07,0x09,                         /* [4296] OBJ_setCext_Track2Data */
-0x67,0x2A,0x07,0x0A,                         /* [4300] OBJ_setCext_TokenType */
-0x67,0x2A,0x07,0x0B,                         /* [4304] OBJ_setCext_IssuerCapabilities */
-0x67,0x2A,0x03,0x00,                         /* [4308] OBJ_setAttr_Cert */
-0x67,0x2A,0x03,0x01,                         /* [4312] OBJ_setAttr_PGWYcap */
-0x67,0x2A,0x03,0x02,                         /* [4316] OBJ_setAttr_TokenType */
-0x67,0x2A,0x03,0x03,                         /* [4320] OBJ_setAttr_IssCap */
-0x67,0x2A,0x03,0x00,0x00,                    /* [4324] OBJ_set_rootKeyThumb */
-0x67,0x2A,0x03,0x00,0x01,                    /* [4329] OBJ_set_addPolicy */
-0x67,0x2A,0x03,0x02,0x01,                    /* [4334] OBJ_setAttr_Token_EMV */
-0x67,0x2A,0x03,0x02,0x02,                    /* [4339] OBJ_setAttr_Token_B0Prime */
-0x67,0x2A,0x03,0x03,0x03,                    /* [4344] OBJ_setAttr_IssCap_CVM */
-0x67,0x2A,0x03,0x03,0x04,                    /* [4349] OBJ_setAttr_IssCap_T2 */
-0x67,0x2A,0x03,0x03,0x05,                    /* [4354] OBJ_setAttr_IssCap_Sig */
-0x67,0x2A,0x03,0x03,0x03,0x01,               /* [4359] OBJ_setAttr_GenCryptgrm */
-0x67,0x2A,0x03,0x03,0x04,0x01,               /* [4365] OBJ_setAttr_T2Enc */
-0x67,0x2A,0x03,0x03,0x04,0x02,               /* [4371] OBJ_setAttr_T2cleartxt */
-0x67,0x2A,0x03,0x03,0x05,0x01,               /* [4377] OBJ_setAttr_TokICCsig */
-0x67,0x2A,0x03,0x03,0x05,0x02,               /* [4383] OBJ_setAttr_SecDevSig */
-0x67,0x2A,0x08,0x01,                         /* [4389] OBJ_set_brand_IATA_ATA */
-0x67,0x2A,0x08,0x1E,                         /* [4393] OBJ_set_brand_Diners */
-0x67,0x2A,0x08,0x22,                         /* [4397] OBJ_set_brand_AmericanExpress */
-0x67,0x2A,0x08,0x23,                         /* [4401] OBJ_set_brand_JCB */
-0x67,0x2A,0x08,0x04,                         /* [4405] OBJ_set_brand_Visa */
-0x67,0x2A,0x08,0x05,                         /* [4409] OBJ_set_brand_MasterCard */
-0x67,0x2A,0x08,0xAE,0x7B,                    /* [4413] OBJ_set_brand_Novus */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A,     /* [4418] OBJ_des_cdmf */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4426] OBJ_rsaOAEPEncryptionSET */
-0x67,                                        /* [4435] OBJ_international_organizations */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4436] OBJ_ms_smartcard_login */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4446] OBJ_ms_upn */
-0x55,0x04,0x09,                              /* [4456] OBJ_streetAddress */
-0x55,0x04,0x11,                              /* [4459] OBJ_postalCode */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,          /* [4462] OBJ_id_ppl */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E,     /* [4469] OBJ_proxyCertInfo */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00,     /* [4477] OBJ_id_ppl_anyLanguage */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01,     /* [4485] OBJ_id_ppl_inheritAll */
-0x55,0x1D,0x1E,                              /* [4493] OBJ_name_constraints */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02,     /* [4496] OBJ_Independent */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4504] OBJ_sha256WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4513] OBJ_sha384WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4522] OBJ_sha512WithRSAEncryption */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4531] OBJ_sha224WithRSAEncryption */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4540] OBJ_sha256 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4549] OBJ_sha384 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4558] OBJ_sha512 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4567] OBJ_sha224 */
-0x2B,                                        /* [4576] OBJ_identified_organization */
-0x2B,0x81,0x04,                              /* [4577] OBJ_certicom_arc */
-0x67,0x2B,                                   /* [4580] OBJ_wap */
-0x67,0x2B,0x01,                              /* [4582] OBJ_wap_wsg */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,     /* [4585] OBJ_X9_62_id_characteristic_two_basis */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x01,/* [4593] OBJ_X9_62_onBasis */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x02,/* [4602] OBJ_X9_62_tpBasis */
-0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x03,/* [4611] OBJ_X9_62_ppBasis */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x01,     /* [4620] OBJ_X9_62_c2pnb163v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x02,     /* [4628] OBJ_X9_62_c2pnb163v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x03,     /* [4636] OBJ_X9_62_c2pnb163v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x04,     /* [4644] OBJ_X9_62_c2pnb176v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x05,     /* [4652] OBJ_X9_62_c2tnb191v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x06,     /* [4660] OBJ_X9_62_c2tnb191v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x07,     /* [4668] OBJ_X9_62_c2tnb191v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x08,     /* [4676] OBJ_X9_62_c2onb191v4 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x09,     /* [4684] OBJ_X9_62_c2onb191v5 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0A,     /* [4692] OBJ_X9_62_c2pnb208w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0B,     /* [4700] OBJ_X9_62_c2tnb239v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0C,     /* [4708] OBJ_X9_62_c2tnb239v2 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0D,     /* [4716] OBJ_X9_62_c2tnb239v3 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0E,     /* [4724] OBJ_X9_62_c2onb239v4 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0F,     /* [4732] OBJ_X9_62_c2onb239v5 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x10,     /* [4740] OBJ_X9_62_c2pnb272w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x11,     /* [4748] OBJ_X9_62_c2pnb304w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x12,     /* [4756] OBJ_X9_62_c2tnb359v1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x13,     /* [4764] OBJ_X9_62_c2pnb368w1 */
-0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x14,     /* [4772] OBJ_X9_62_c2tnb431r1 */
-0x2B,0x81,0x04,0x00,0x06,                    /* [4780] OBJ_secp112r1 */
-0x2B,0x81,0x04,0x00,0x07,                    /* [4785] OBJ_secp112r2 */
-0x2B,0x81,0x04,0x00,0x1C,                    /* [4790] OBJ_secp128r1 */
-0x2B,0x81,0x04,0x00,0x1D,                    /* [4795] OBJ_secp128r2 */
-0x2B,0x81,0x04,0x00,0x09,                    /* [4800] OBJ_secp160k1 */
-0x2B,0x81,0x04,0x00,0x08,                    /* [4805] OBJ_secp160r1 */
-0x2B,0x81,0x04,0x00,0x1E,                    /* [4810] OBJ_secp160r2 */
-0x2B,0x81,0x04,0x00,0x1F,                    /* [4815] OBJ_secp192k1 */
-0x2B,0x81,0x04,0x00,0x20,                    /* [4820] OBJ_secp224k1 */
-0x2B,0x81,0x04,0x00,0x21,                    /* [4825] OBJ_secp224r1 */
-0x2B,0x81,0x04,0x00,0x0A,                    /* [4830] OBJ_secp256k1 */
-0x2B,0x81,0x04,0x00,0x22,                    /* [4835] OBJ_secp384r1 */
-0x2B,0x81,0x04,0x00,0x23,                    /* [4840] OBJ_secp521r1 */
-0x2B,0x81,0x04,0x00,0x04,                    /* [4845] OBJ_sect113r1 */
-0x2B,0x81,0x04,0x00,0x05,                    /* [4850] OBJ_sect113r2 */
-0x2B,0x81,0x04,0x00,0x16,                    /* [4855] OBJ_sect131r1 */
-0x2B,0x81,0x04,0x00,0x17,                    /* [4860] OBJ_sect131r2 */
-0x2B,0x81,0x04,0x00,0x01,                    /* [4865] OBJ_sect163k1 */
-0x2B,0x81,0x04,0x00,0x02,                    /* [4870] OBJ_sect163r1 */
-0x2B,0x81,0x04,0x00,0x0F,                    /* [4875] OBJ_sect163r2 */
-0x2B,0x81,0x04,0x00,0x18,                    /* [4880] OBJ_sect193r1 */
-0x2B,0x81,0x04,0x00,0x19,                    /* [4885] OBJ_sect193r2 */
-0x2B,0x81,0x04,0x00,0x1A,                    /* [4890] OBJ_sect233k1 */
-0x2B,0x81,0x04,0x00,0x1B,                    /* [4895] OBJ_sect233r1 */
-0x2B,0x81,0x04,0x00,0x03,                    /* [4900] OBJ_sect239k1 */
-0x2B,0x81,0x04,0x00,0x10,                    /* [4905] OBJ_sect283k1 */
-0x2B,0x81,0x04,0x00,0x11,                    /* [4910] OBJ_sect283r1 */
-0x2B,0x81,0x04,0x00,0x24,                    /* [4915] OBJ_sect409k1 */
-0x2B,0x81,0x04,0x00,0x25,                    /* [4920] OBJ_sect409r1 */
-0x2B,0x81,0x04,0x00,0x26,                    /* [4925] OBJ_sect571k1 */
-0x2B,0x81,0x04,0x00,0x27,                    /* [4930] OBJ_sect571r1 */
-0x67,0x2B,0x01,0x04,0x01,                    /* [4935] OBJ_wap_wsg_idm_ecid_wtls1 */
-0x67,0x2B,0x01,0x04,0x03,                    /* [4940] OBJ_wap_wsg_idm_ecid_wtls3 */
-0x67,0x2B,0x01,0x04,0x04,                    /* [4945] OBJ_wap_wsg_idm_ecid_wtls4 */
-0x67,0x2B,0x01,0x04,0x05,                    /* [4950] OBJ_wap_wsg_idm_ecid_wtls5 */
-0x67,0x2B,0x01,0x04,0x06,                    /* [4955] OBJ_wap_wsg_idm_ecid_wtls6 */
-0x67,0x2B,0x01,0x04,0x07,                    /* [4960] OBJ_wap_wsg_idm_ecid_wtls7 */
-0x67,0x2B,0x01,0x04,0x08,                    /* [4965] OBJ_wap_wsg_idm_ecid_wtls8 */
-0x67,0x2B,0x01,0x04,0x09,                    /* [4970] OBJ_wap_wsg_idm_ecid_wtls9 */
-0x67,0x2B,0x01,0x04,0x0A,                    /* [4975] OBJ_wap_wsg_idm_ecid_wtls10 */
-0x67,0x2B,0x01,0x04,0x0B,                    /* [4980] OBJ_wap_wsg_idm_ecid_wtls11 */
-0x67,0x2B,0x01,0x04,0x0C,                    /* [4985] OBJ_wap_wsg_idm_ecid_wtls12 */
-0x55,0x1D,0x20,0x00,                         /* [4990] OBJ_any_policy */
-0x55,0x1D,0x21,                              /* [4994] OBJ_policy_mappings */
-0x55,0x1D,0x36,                              /* [4997] OBJ_inhibit_any_policy */
-0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x02,/* [5000] OBJ_camellia_128_cbc */
-0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x03,/* [5011] OBJ_camellia_192_cbc */
-0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x04,/* [5022] OBJ_camellia_256_cbc */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x01,     /* [5033] OBJ_camellia_128_ecb */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x15,     /* [5041] OBJ_camellia_192_ecb */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x29,     /* [5049] OBJ_camellia_256_ecb */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x04,     /* [5057] OBJ_camellia_128_cfb128 */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x18,     /* [5065] OBJ_camellia_192_cfb128 */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2C,     /* [5073] OBJ_camellia_256_cfb128 */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x03,     /* [5081] OBJ_camellia_128_ofb128 */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x17,     /* [5089] OBJ_camellia_192_ofb128 */
-0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2B,     /* [5097] OBJ_camellia_256_ofb128 */
-0x55,0x1D,0x09,                              /* [5105] OBJ_subject_directory_attributes */
-0x55,0x1D,0x1C,                              /* [5108] OBJ_issuing_distribution_point */
-0x55,0x1D,0x1D,                              /* [5111] OBJ_certificate_issuer */
-0x2A,0x83,0x1A,0x8C,0x9A,0x44,               /* [5114] OBJ_kisa */
-0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x03,     /* [5120] OBJ_seed_ecb */
-0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x04,     /* [5128] OBJ_seed_cbc */
-0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x06,     /* [5136] OBJ_seed_ofb128 */
-0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x05,     /* [5144] OBJ_seed_cfb128 */
-0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x01,     /* [5152] OBJ_hmac_md5 */
-0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x02,     /* [5160] OBJ_hmac_sha1 */
-0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0D,/* [5168] OBJ_id_PasswordBasedMAC */
-0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x1E,/* [5177] OBJ_id_DHBasedMac */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x10,     /* [5186] OBJ_id_it_suppLangTags */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x05,     /* [5194] OBJ_caRepository */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x09,/* [5202] OBJ_id_smime_ct_compressedData */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x1B,/* [5213] OBJ_id_ct_asciiTextWithCRLF */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x05,/* [5224] OBJ_id_aes128_wrap */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x19,/* [5233] OBJ_id_aes192_wrap */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2D,/* [5242] OBJ_id_aes256_wrap */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x02,          /* [5251] OBJ_ecdsa_with_Recommended */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,          /* [5258] OBJ_ecdsa_with_Specified */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x01,     /* [5265] OBJ_ecdsa_with_SHA224 */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x02,     /* [5273] OBJ_ecdsa_with_SHA256 */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x03,     /* [5281] OBJ_ecdsa_with_SHA384 */
-0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x04,     /* [5289] OBJ_ecdsa_with_SHA512 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x06,     /* [5297] OBJ_hmacWithMD5 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x08,     /* [5305] OBJ_hmacWithSHA224 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x09,     /* [5313] OBJ_hmacWithSHA256 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0A,     /* [5321] OBJ_hmacWithSHA384 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0B,     /* [5329] OBJ_hmacWithSHA512 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x01,/* [5337] OBJ_dsa_with_SHA224 */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x02,/* [5346] OBJ_dsa_with_SHA256 */
-0x28,0xCF,0x06,0x03,0x00,0x37,               /* [5355] OBJ_whirlpool */
-0x2A,0x85,0x03,0x02,0x02,                    /* [5361] OBJ_cryptopro */
-0x2A,0x85,0x03,0x02,0x09,                    /* [5366] OBJ_cryptocom */
-0x2A,0x85,0x03,0x02,0x02,0x03,               /* [5371] OBJ_id_GostR3411_94_with_GostR3410_2001 */
-0x2A,0x85,0x03,0x02,0x02,0x04,               /* [5377] OBJ_id_GostR3411_94_with_GostR3410_94 */
-0x2A,0x85,0x03,0x02,0x02,0x09,               /* [5383] OBJ_id_GostR3411_94 */
-0x2A,0x85,0x03,0x02,0x02,0x0A,               /* [5389] OBJ_id_HMACGostR3411_94 */
-0x2A,0x85,0x03,0x02,0x02,0x13,               /* [5395] OBJ_id_GostR3410_2001 */
-0x2A,0x85,0x03,0x02,0x02,0x14,               /* [5401] OBJ_id_GostR3410_94 */
-0x2A,0x85,0x03,0x02,0x02,0x15,               /* [5407] OBJ_id_Gost28147_89 */
-0x2A,0x85,0x03,0x02,0x02,0x16,               /* [5413] OBJ_id_Gost28147_89_MAC */
-0x2A,0x85,0x03,0x02,0x02,0x17,               /* [5419] OBJ_id_GostR3411_94_prf */
-0x2A,0x85,0x03,0x02,0x02,0x62,               /* [5425] OBJ_id_GostR3410_2001DH */
-0x2A,0x85,0x03,0x02,0x02,0x63,               /* [5431] OBJ_id_GostR3410_94DH */
-0x2A,0x85,0x03,0x02,0x02,0x0E,0x01,          /* [5437] OBJ_id_Gost28147_89_CryptoPro_KeyMeshing */
-0x2A,0x85,0x03,0x02,0x02,0x0E,0x00,          /* [5444] OBJ_id_Gost28147_89_None_KeyMeshing */
-0x2A,0x85,0x03,0x02,0x02,0x1E,0x00,          /* [5451] OBJ_id_GostR3411_94_TestParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1E,0x01,          /* [5458] OBJ_id_GostR3411_94_CryptoProParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x00,          /* [5465] OBJ_id_Gost28147_89_TestParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x01,          /* [5472] OBJ_id_Gost28147_89_CryptoPro_A_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x02,          /* [5479] OBJ_id_Gost28147_89_CryptoPro_B_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x03,          /* [5486] OBJ_id_Gost28147_89_CryptoPro_C_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x04,          /* [5493] OBJ_id_Gost28147_89_CryptoPro_D_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x05,          /* [5500] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x06,          /* [5507] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x1F,0x07,          /* [5514] OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x20,0x00,          /* [5521] OBJ_id_GostR3410_94_TestParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x20,0x02,          /* [5528] OBJ_id_GostR3410_94_CryptoPro_A_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x20,0x03,          /* [5535] OBJ_id_GostR3410_94_CryptoPro_B_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x20,0x04,          /* [5542] OBJ_id_GostR3410_94_CryptoPro_C_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x20,0x05,          /* [5549] OBJ_id_GostR3410_94_CryptoPro_D_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x21,0x01,          /* [5556] OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x21,0x02,          /* [5563] OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x21,0x03,          /* [5570] OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x23,0x00,          /* [5577] OBJ_id_GostR3410_2001_TestParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x23,0x01,          /* [5584] OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x23,0x02,          /* [5591] OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x23,0x03,          /* [5598] OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x24,0x00,          /* [5605] OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x24,0x01,          /* [5612] OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet */
-0x2A,0x85,0x03,0x02,0x02,0x14,0x01,          /* [5619] OBJ_id_GostR3410_94_a */
-0x2A,0x85,0x03,0x02,0x02,0x14,0x02,          /* [5626] OBJ_id_GostR3410_94_aBis */
-0x2A,0x85,0x03,0x02,0x02,0x14,0x03,          /* [5633] OBJ_id_GostR3410_94_b */
-0x2A,0x85,0x03,0x02,0x02,0x14,0x04,          /* [5640] OBJ_id_GostR3410_94_bBis */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x06,0x01,     /* [5647] OBJ_id_Gost28147_89_cc */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x03,     /* [5655] OBJ_id_GostR3410_94_cc */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x04,     /* [5663] OBJ_id_GostR3410_2001_cc */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x03,     /* [5671] OBJ_id_GostR3411_94_with_GostR3410_94_cc */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x04,     /* [5679] OBJ_id_GostR3411_94_with_GostR3410_2001_cc */
-0x2A,0x85,0x03,0x02,0x09,0x01,0x08,0x01,     /* [5687] OBJ_id_GostR3410_2001_ParamSet_cc */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x02,/* [5695] OBJ_LocalKeySet */
-0x55,0x1D,0x2E,                              /* [5704] OBJ_freshest_crl */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x03,     /* [5707] OBJ_id_on_permanentIdentifier */
-0x55,0x04,0x0E,                              /* [5715] OBJ_searchGuide */
-0x55,0x04,0x0F,                              /* [5718] OBJ_businessCategory */
-0x55,0x04,0x10,                              /* [5721] OBJ_postalAddress */
-0x55,0x04,0x12,                              /* [5724] OBJ_postOfficeBox */
-0x55,0x04,0x13,                              /* [5727] OBJ_physicalDeliveryOfficeName */
-0x55,0x04,0x14,                              /* [5730] OBJ_telephoneNumber */
-0x55,0x04,0x15,                              /* [5733] OBJ_telexNumber */
-0x55,0x04,0x16,                              /* [5736] OBJ_teletexTerminalIdentifier */
-0x55,0x04,0x17,                              /* [5739] OBJ_facsimileTelephoneNumber */
-0x55,0x04,0x18,                              /* [5742] OBJ_x121Address */
-0x55,0x04,0x19,                              /* [5745] OBJ_internationaliSDNNumber */
-0x55,0x04,0x1A,                              /* [5748] OBJ_registeredAddress */
-0x55,0x04,0x1B,                              /* [5751] OBJ_destinationIndicator */
-0x55,0x04,0x1C,                              /* [5754] OBJ_preferredDeliveryMethod */
-0x55,0x04,0x1D,                              /* [5757] OBJ_presentationAddress */
-0x55,0x04,0x1E,                              /* [5760] OBJ_supportedApplicationContext */
-0x55,0x04,0x1F,                              /* [5763] OBJ_member */
-0x55,0x04,0x20,                              /* [5766] OBJ_owner */
-0x55,0x04,0x21,                              /* [5769] OBJ_roleOccupant */
-0x55,0x04,0x22,                              /* [5772] OBJ_seeAlso */
-0x55,0x04,0x23,                              /* [5775] OBJ_userPassword */
-0x55,0x04,0x24,                              /* [5778] OBJ_userCertificate */
-0x55,0x04,0x25,                              /* [5781] OBJ_cACertificate */
-0x55,0x04,0x26,                              /* [5784] OBJ_authorityRevocationList */
-0x55,0x04,0x27,                              /* [5787] OBJ_certificateRevocationList */
-0x55,0x04,0x28,                              /* [5790] OBJ_crossCertificatePair */
-0x55,0x04,0x2F,                              /* [5793] OBJ_enhancedSearchGuide */
-0x55,0x04,0x30,                              /* [5796] OBJ_protocolInformation */
-0x55,0x04,0x31,                              /* [5799] OBJ_distinguishedName */
-0x55,0x04,0x32,                              /* [5802] OBJ_uniqueMember */
-0x55,0x04,0x33,                              /* [5805] OBJ_houseIdentifier */
-0x55,0x04,0x34,                              /* [5808] OBJ_supportedAlgorithms */
-0x55,0x04,0x35,                              /* [5811] OBJ_deltaRevocationList */
-0x55,0x04,0x36,                              /* [5814] OBJ_dmdName */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x09,/* [5817] OBJ_id_alg_PWRI_KEK */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x06,/* [5828] OBJ_aes_128_gcm */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x07,/* [5837] OBJ_aes_128_ccm */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x08,/* [5846] OBJ_id_aes128_wrap_pad */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1A,/* [5855] OBJ_aes_192_gcm */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1B,/* [5864] OBJ_aes_192_ccm */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1C,/* [5873] OBJ_id_aes192_wrap_pad */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2E,/* [5882] OBJ_aes_256_gcm */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2F,/* [5891] OBJ_aes_256_ccm */
-0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x30,/* [5900] OBJ_id_aes256_wrap_pad */
-0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x02,/* [5909] OBJ_id_camellia128_wrap */
-0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x03,/* [5920] OBJ_id_camellia192_wrap */
-0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x04,/* [5931] OBJ_id_camellia256_wrap */
-0x55,0x1D,0x25,0x00,                         /* [5942] OBJ_anyExtendedKeyUsage */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x08,/* [5946] OBJ_mgf1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0A,/* [5955] OBJ_rsassaPss */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x07,/* [5964] OBJ_rsaesOaep */
-0x2A,0x86,0x48,0xCE,0x3E,0x02,0x01,          /* [5973] OBJ_dhpublicnumber */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x01,/* [5980] OBJ_brainpoolP160r1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x02,/* [5989] OBJ_brainpoolP160t1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x03,/* [5998] OBJ_brainpoolP192r1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x04,/* [6007] OBJ_brainpoolP192t1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x05,/* [6016] OBJ_brainpoolP224r1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x06,/* [6025] OBJ_brainpoolP224t1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x07,/* [6034] OBJ_brainpoolP256r1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x08,/* [6043] OBJ_brainpoolP256t1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x09,/* [6052] OBJ_brainpoolP320r1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0A,/* [6061] OBJ_brainpoolP320t1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0B,/* [6070] OBJ_brainpoolP384r1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0C,/* [6079] OBJ_brainpoolP384t1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0D,/* [6088] OBJ_brainpoolP512r1 */
-0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0E,/* [6097] OBJ_brainpoolP512t1 */
-0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x09,/* [6106] OBJ_pSpecified */
-0x2B,0x81,0x05,0x10,0x86,0x48,0x3F,0x00,0x02,/* [6115] OBJ_dhSinglePass_stdDH_sha1kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0B,0x00,               /* [6124] OBJ_dhSinglePass_stdDH_sha224kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0B,0x01,               /* [6130] OBJ_dhSinglePass_stdDH_sha256kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0B,0x02,               /* [6136] OBJ_dhSinglePass_stdDH_sha384kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0B,0x03,               /* [6142] OBJ_dhSinglePass_stdDH_sha512kdf_scheme */
-0x2B,0x81,0x05,0x10,0x86,0x48,0x3F,0x00,0x03,/* [6148] OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0E,0x00,               /* [6157] OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0E,0x01,               /* [6163] OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0E,0x02,               /* [6169] OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme */
-0x2B,0x81,0x04,0x01,0x0E,0x03,               /* [6175] OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme */
-0x2B,0x06,0x01,0x04,0x01,0xD6,0x79,0x02,0x04,0x02,/* [6181] OBJ_ct_precert_scts */
-0x2B,0x06,0x01,0x04,0x01,0xD6,0x79,0x02,0x04,0x03,/* [6191] OBJ_ct_precert_poison */
-0x2B,0x06,0x01,0x04,0x01,0xD6,0x79,0x02,0x04,0x04,/* [6201] OBJ_ct_precert_signer */
-0x2B,0x06,0x01,0x04,0x01,0xD6,0x79,0x02,0x04,0x05,/* [6211] OBJ_ct_cert_scts */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x3C,0x02,0x01,0x01,/* [6221] OBJ_jurisdictionLocalityName */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x3C,0x02,0x01,0x02,/* [6232] OBJ_jurisdictionStateOrProvinceName */
-0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x3C,0x02,0x01,0x03,/* [6243] OBJ_jurisdictionCountryName */
-};
-
-static const ASN1_OBJECT nid_objs[NUM_NID]={
-{"UNDEF","undefined",NID_undef,0,NULL,0},
-{"rsadsi","RSA Data Security, Inc.",NID_rsadsi,6,&(lvalues[0]),0},
-{"pkcs","RSA Data Security, Inc. PKCS",NID_pkcs,7,&(lvalues[6]),0},
-{"MD2","md2",NID_md2,8,&(lvalues[13]),0},
-{"MD5","md5",NID_md5,8,&(lvalues[21]),0},
-{"RC4","rc4",NID_rc4,8,&(lvalues[29]),0},
-{"rsaEncryption","rsaEncryption",NID_rsaEncryption,9,&(lvalues[37]),0},
-{"RSA-MD2","md2WithRSAEncryption",NID_md2WithRSAEncryption,9,
-	&(lvalues[46]),0},
-{"RSA-MD5","md5WithRSAEncryption",NID_md5WithRSAEncryption,9,
-	&(lvalues[55]),0},
-{"PBE-MD2-DES","pbeWithMD2AndDES-CBC",NID_pbeWithMD2AndDES_CBC,9,
-	&(lvalues[64]),0},
-{"PBE-MD5-DES","pbeWithMD5AndDES-CBC",NID_pbeWithMD5AndDES_CBC,9,
-	&(lvalues[73]),0},
-{"X500","directory services (X.500)",NID_X500,1,&(lvalues[82]),0},
-{"X509","X509",NID_X509,2,&(lvalues[83]),0},
-{"CN","commonName",NID_commonName,3,&(lvalues[85]),0},
-{"C","countryName",NID_countryName,3,&(lvalues[88]),0},
-{"L","localityName",NID_localityName,3,&(lvalues[91]),0},
-{"ST","stateOrProvinceName",NID_stateOrProvinceName,3,&(lvalues[94]),0},
-{"O","organizationName",NID_organizationName,3,&(lvalues[97]),0},
-{"OU","organizationalUnitName",NID_organizationalUnitName,3,
-	&(lvalues[100]),0},
-{"RSA","rsa",NID_rsa,4,&(lvalues[103]),0},
-{"pkcs7","pkcs7",NID_pkcs7,8,&(lvalues[107]),0},
-{"pkcs7-data","pkcs7-data",NID_pkcs7_data,9,&(lvalues[115]),0},
-{"pkcs7-signedData","pkcs7-signedData",NID_pkcs7_signed,9,
-	&(lvalues[124]),0},
-{"pkcs7-envelopedData","pkcs7-envelopedData",NID_pkcs7_enveloped,9,
-	&(lvalues[133]),0},
-{"pkcs7-signedAndEnvelopedData","pkcs7-signedAndEnvelopedData",
-	NID_pkcs7_signedAndEnveloped,9,&(lvalues[142]),0},
-{"pkcs7-digestData","pkcs7-digestData",NID_pkcs7_digest,9,
-	&(lvalues[151]),0},
-{"pkcs7-encryptedData","pkcs7-encryptedData",NID_pkcs7_encrypted,9,
-	&(lvalues[160]),0},
-{"pkcs3","pkcs3",NID_pkcs3,8,&(lvalues[169]),0},
-{"dhKeyAgreement","dhKeyAgreement",NID_dhKeyAgreement,9,
-	&(lvalues[177]),0},
-{"DES-ECB","des-ecb",NID_des_ecb,5,&(lvalues[186]),0},
-{"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[191]),0},
-{"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[196]),0},
-{"DES-EDE","des-ede",NID_des_ede_ecb,5,&(lvalues[201]),0},
-{"DES-EDE3","des-ede3",NID_des_ede3_ecb,0,NULL,0},
-{"IDEA-CBC","idea-cbc",NID_idea_cbc,11,&(lvalues[206]),0},
-{"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL,0},
-{"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL,0},
-{"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[217]),0},
-{"RC2-ECB","rc2-ecb",NID_rc2_ecb,0,NULL,0},
-{"RC2-CFB","rc2-cfb",NID_rc2_cfb64,0,NULL,0},
-{"RC2-OFB","rc2-ofb",NID_rc2_ofb64,0,NULL,0},
-{"SHA","sha",NID_sha,5,&(lvalues[225]),0},
-{"RSA-SHA","shaWithRSAEncryption",NID_shaWithRSAEncryption,5,
-	&(lvalues[230]),0},
-{"DES-EDE-CBC","des-ede-cbc",NID_des_ede_cbc,0,NULL,0},
-{"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[235]),0},
-{"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[243]),0},
-{"IDEA-OFB","idea-ofb",NID_idea_ofb64,0,NULL,0},
-{"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[248]),0},
-{"emailAddress","emailAddress",NID_pkcs9_emailAddress,9,
-	&(lvalues[256]),0},
-{"unstructuredName","unstructuredName",NID_pkcs9_unstructuredName,9,
-	&(lvalues[265]),0},
-{"contentType","contentType",NID_pkcs9_contentType,9,&(lvalues[274]),0},
-{"messageDigest","messageDigest",NID_pkcs9_messageDigest,9,
-	&(lvalues[283]),0},
-{"signingTime","signingTime",NID_pkcs9_signingTime,9,&(lvalues[292]),0},
-{"countersignature","countersignature",NID_pkcs9_countersignature,9,
-	&(lvalues[301]),0},
-{"challengePassword","challengePassword",NID_pkcs9_challengePassword,
-	9,&(lvalues[310]),0},
-{"unstructuredAddress","unstructuredAddress",
-	NID_pkcs9_unstructuredAddress,9,&(lvalues[319]),0},
-{"extendedCertificateAttributes","extendedCertificateAttributes",
-	NID_pkcs9_extCertAttributes,9,&(lvalues[328]),0},
-{"Netscape","Netscape Communications Corp.",NID_netscape,7,
-	&(lvalues[337]),0},
-{"nsCertExt","Netscape Certificate Extension",
-	NID_netscape_cert_extension,8,&(lvalues[344]),0},
-{"nsDataType","Netscape Data Type",NID_netscape_data_type,8,
-	&(lvalues[352]),0},
-{"DES-EDE-CFB","des-ede-cfb",NID_des_ede_cfb64,0,NULL,0},
-{"DES-EDE3-CFB","des-ede3-cfb",NID_des_ede3_cfb64,0,NULL,0},
-{"DES-EDE-OFB","des-ede-ofb",NID_des_ede_ofb64,0,NULL,0},
-{"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL,0},
-{"SHA1","sha1",NID_sha1,5,&(lvalues[360]),0},
-{"RSA-SHA1","sha1WithRSAEncryption",NID_sha1WithRSAEncryption,9,
-	&(lvalues[365]),0},
-{"DSA-SHA","dsaWithSHA",NID_dsaWithSHA,5,&(lvalues[374]),0},
-{"DSA-old","dsaEncryption-old",NID_dsa_2,5,&(lvalues[379]),0},
-{"PBE-SHA1-RC2-64","pbeWithSHA1AndRC2-CBC",NID_pbeWithSHA1AndRC2_CBC,
-	9,&(lvalues[384]),0},
-{"PBKDF2","PBKDF2",NID_id_pbkdf2,9,&(lvalues[393]),0},
-{"DSA-SHA1-old","dsaWithSHA1-old",NID_dsaWithSHA1_2,5,&(lvalues[402]),0},
-{"nsCertType","Netscape Cert Type",NID_netscape_cert_type,9,
-	&(lvalues[407]),0},
-{"nsBaseUrl","Netscape Base Url",NID_netscape_base_url,9,
-	&(lvalues[416]),0},
-{"nsRevocationUrl","Netscape Revocation Url",
-	NID_netscape_revocation_url,9,&(lvalues[425]),0},
-{"nsCaRevocationUrl","Netscape CA Revocation Url",
-	NID_netscape_ca_revocation_url,9,&(lvalues[434]),0},
-{"nsRenewalUrl","Netscape Renewal Url",NID_netscape_renewal_url,9,
-	&(lvalues[443]),0},
-{"nsCaPolicyUrl","Netscape CA Policy Url",NID_netscape_ca_policy_url,
-	9,&(lvalues[452]),0},
-{"nsSslServerName","Netscape SSL Server Name",
-	NID_netscape_ssl_server_name,9,&(lvalues[461]),0},
-{"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[470]),0},
-{"nsCertSequence","Netscape Certificate Sequence",
-	NID_netscape_cert_sequence,9,&(lvalues[479]),0},
-{"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL,0},
-{"id-ce","id-ce",NID_id_ce,2,&(lvalues[488]),0},
-{"subjectKeyIdentifier","X509v3 Subject Key Identifier",
-	NID_subject_key_identifier,3,&(lvalues[490]),0},
-{"keyUsage","X509v3 Key Usage",NID_key_usage,3,&(lvalues[493]),0},
-{"privateKeyUsagePeriod","X509v3 Private Key Usage Period",
-	NID_private_key_usage_period,3,&(lvalues[496]),0},
-{"subjectAltName","X509v3 Subject Alternative Name",
-	NID_subject_alt_name,3,&(lvalues[499]),0},
-{"issuerAltName","X509v3 Issuer Alternative Name",NID_issuer_alt_name,
-	3,&(lvalues[502]),0},
-{"basicConstraints","X509v3 Basic Constraints",NID_basic_constraints,
-	3,&(lvalues[505]),0},
-{"crlNumber","X509v3 CRL Number",NID_crl_number,3,&(lvalues[508]),0},
-{"certificatePolicies","X509v3 Certificate Policies",
-	NID_certificate_policies,3,&(lvalues[511]),0},
-{"authorityKeyIdentifier","X509v3 Authority Key Identifier",
-	NID_authority_key_identifier,3,&(lvalues[514]),0},
-{"BF-CBC","bf-cbc",NID_bf_cbc,9,&(lvalues[517]),0},
-{"BF-ECB","bf-ecb",NID_bf_ecb,0,NULL,0},
-{"BF-CFB","bf-cfb",NID_bf_cfb64,0,NULL,0},
-{"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL,0},
-{"MDC2","mdc2",NID_mdc2,4,&(lvalues[526]),0},
-{"RSA-MDC2","mdc2WithRSA",NID_mdc2WithRSA,4,&(lvalues[530]),0},
-{"RC4-40","rc4-40",NID_rc4_40,0,NULL,0},
-{"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL,0},
-{"GN","givenName",NID_givenName,3,&(lvalues[534]),0},
-{"SN","surname",NID_surname,3,&(lvalues[537]),0},
-{"initials","initials",NID_initials,3,&(lvalues[540]),0},
-{NULL,NULL,NID_undef,0,NULL,0},
-{"crlDistributionPoints","X509v3 CRL Distribution Points",
-	NID_crl_distribution_points,3,&(lvalues[543]),0},
-{"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[546]),0},
-{"serialNumber","serialNumber",NID_serialNumber,3,&(lvalues[551]),0},
-{"title","title",NID_title,3,&(lvalues[554]),0},
-{"description","description",NID_description,3,&(lvalues[557]),0},
-{"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[560]),0},
-{"CAST5-ECB","cast5-ecb",NID_cast5_ecb,0,NULL,0},
-{"CAST5-CFB","cast5-cfb",NID_cast5_cfb64,0,NULL,0},
-{"CAST5-OFB","cast5-ofb",NID_cast5_ofb64,0,NULL,0},
-{"pbeWithMD5AndCast5CBC","pbeWithMD5AndCast5CBC",
-	NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[569]),0},
-{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[578]),0},
-{"MD5-SHA1","md5-sha1",NID_md5_sha1,0,NULL,0},
-{"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[585]),0},
-{"DSA","dsaEncryption",NID_dsa,7,&(lvalues[590]),0},
-{"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[597]),0},
-{NULL,NULL,NID_undef,0,NULL,0},
-{"RSA-RIPEMD160","ripemd160WithRSA",NID_ripemd160WithRSA,6,
-	&(lvalues[602]),0},
-{"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[608]),0},
-{"RC5-ECB","rc5-ecb",NID_rc5_ecb,0,NULL,0},
-{"RC5-CFB","rc5-cfb",NID_rc5_cfb64,0,NULL,0},
-{"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL,0},
-{"RLE","run length compression",NID_rle_compression,6,&(lvalues[616]),0},
-{"ZLIB","zlib compression",NID_zlib_compression,11,&(lvalues[622]),0},
-{"extendedKeyUsage","X509v3 Extended Key Usage",NID_ext_key_usage,3,
-	&(lvalues[633]),0},
-{"PKIX","PKIX",NID_id_pkix,6,&(lvalues[636]),0},
-{"id-kp","id-kp",NID_id_kp,7,&(lvalues[642]),0},
-{"serverAuth","TLS Web Server Authentication",NID_server_auth,8,
-	&(lvalues[649]),0},
-{"clientAuth","TLS Web Client Authentication",NID_client_auth,8,
-	&(lvalues[657]),0},
-{"codeSigning","Code Signing",NID_code_sign,8,&(lvalues[665]),0},
-{"emailProtection","E-mail Protection",NID_email_protect,8,
-	&(lvalues[673]),0},
-{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[681]),0},
-{"msCodeInd","Microsoft Individual Code Signing",NID_ms_code_ind,10,
-	&(lvalues[689]),0},
-{"msCodeCom","Microsoft Commercial Code Signing",NID_ms_code_com,10,
-	&(lvalues[699]),0},
-{"msCTLSign","Microsoft Trust List Signing",NID_ms_ctl_sign,10,
-	&(lvalues[709]),0},
-{"msSGC","Microsoft Server Gated Crypto",NID_ms_sgc,10,&(lvalues[719]),0},
-{"msEFS","Microsoft Encrypted File System",NID_ms_efs,10,
-	&(lvalues[729]),0},
-{"nsSGC","Netscape Server Gated Crypto",NID_ns_sgc,9,&(lvalues[739]),0},
-{"deltaCRL","X509v3 Delta CRL Indicator",NID_delta_crl,3,
-	&(lvalues[748]),0},
-{"CRLReason","X509v3 CRL Reason Code",NID_crl_reason,3,&(lvalues[751]),0},
-{"invalidityDate","Invalidity Date",NID_invalidity_date,3,
-	&(lvalues[754]),0},
-{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[757]),0},
-{"PBE-SHA1-RC4-128","pbeWithSHA1And128BitRC4",
-	NID_pbe_WithSHA1And128BitRC4,10,&(lvalues[762]),0},
-{"PBE-SHA1-RC4-40","pbeWithSHA1And40BitRC4",
-	NID_pbe_WithSHA1And40BitRC4,10,&(lvalues[772]),0},
-{"PBE-SHA1-3DES","pbeWithSHA1And3-KeyTripleDES-CBC",
-	NID_pbe_WithSHA1And3_Key_TripleDES_CBC,10,&(lvalues[782]),0},
-{"PBE-SHA1-2DES","pbeWithSHA1And2-KeyTripleDES-CBC",
-	NID_pbe_WithSHA1And2_Key_TripleDES_CBC,10,&(lvalues[792]),0},
-{"PBE-SHA1-RC2-128","pbeWithSHA1And128BitRC2-CBC",
-	NID_pbe_WithSHA1And128BitRC2_CBC,10,&(lvalues[802]),0},
-{"PBE-SHA1-RC2-40","pbeWithSHA1And40BitRC2-CBC",
-	NID_pbe_WithSHA1And40BitRC2_CBC,10,&(lvalues[812]),0},
-{"keyBag","keyBag",NID_keyBag,11,&(lvalues[822]),0},
-{"pkcs8ShroudedKeyBag","pkcs8ShroudedKeyBag",NID_pkcs8ShroudedKeyBag,
-	11,&(lvalues[833]),0},
-{"certBag","certBag",NID_certBag,11,&(lvalues[844]),0},
-{"crlBag","crlBag",NID_crlBag,11,&(lvalues[855]),0},
-{"secretBag","secretBag",NID_secretBag,11,&(lvalues[866]),0},
-{"safeContentsBag","safeContentsBag",NID_safeContentsBag,11,
-	&(lvalues[877]),0},
-{"friendlyName","friendlyName",NID_friendlyName,9,&(lvalues[888]),0},
-{"localKeyID","localKeyID",NID_localKeyID,9,&(lvalues[897]),0},
-{"x509Certificate","x509Certificate",NID_x509Certificate,10,
-	&(lvalues[906]),0},
-{"sdsiCertificate","sdsiCertificate",NID_sdsiCertificate,10,
-	&(lvalues[916]),0},
-{"x509Crl","x509Crl",NID_x509Crl,10,&(lvalues[926]),0},
-{"PBES2","PBES2",NID_pbes2,9,&(lvalues[936]),0},
-{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[945]),0},
-{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[954]),0},
-{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[962]),0},
-{"id-qt-unotice","Policy Qualifier User Notice",NID_id_qt_unotice,8,
-	&(lvalues[970]),0},
-{"RC2-64-CBC","rc2-64-cbc",NID_rc2_64_cbc,0,NULL,0},
-{"SMIME-CAPS","S/MIME Capabilities",NID_SMIMECapabilities,9,
-	&(lvalues[978]),0},
-{"PBE-MD2-RC2-64","pbeWithMD2AndRC2-CBC",NID_pbeWithMD2AndRC2_CBC,9,
-	&(lvalues[987]),0},
-{"PBE-MD5-RC2-64","pbeWithMD5AndRC2-CBC",NID_pbeWithMD5AndRC2_CBC,9,
-	&(lvalues[996]),0},
-{"PBE-SHA1-DES","pbeWithSHA1AndDES-CBC",NID_pbeWithSHA1AndDES_CBC,9,
-	&(lvalues[1005]),0},
-{"msExtReq","Microsoft Extension Request",NID_ms_ext_req,10,
-	&(lvalues[1014]),0},
-{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1024]),0},
-{"name","name",NID_name,3,&(lvalues[1033]),0},
-{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1036]),0},
-{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1039]),0},
-{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1046]),0},
-{"authorityInfoAccess","Authority Information Access",NID_info_access,
-	8,&(lvalues[1053]),0},
-{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1061]),0},
-{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1069]),0},
-{"OCSPSigning","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1077]),0},
-{"ISO","iso",NID_iso,0,NULL,0},
-{"member-body","ISO Member Body",NID_member_body,1,&(lvalues[1085]),0},
-{"ISO-US","ISO US Member Body",NID_ISO_US,3,&(lvalues[1086]),0},
-{"X9-57","X9.57",NID_X9_57,5,&(lvalues[1089]),0},
-{"X9cm","X9.57 CM ?",NID_X9cm,6,&(lvalues[1094]),0},
-{"pkcs1","pkcs1",NID_pkcs1,8,&(lvalues[1100]),0},
-{"pkcs5","pkcs5",NID_pkcs5,8,&(lvalues[1108]),0},
-{"SMIME","S/MIME",NID_SMIME,9,&(lvalues[1116]),0},
-{"id-smime-mod","id-smime-mod",NID_id_smime_mod,10,&(lvalues[1125]),0},
-{"id-smime-ct","id-smime-ct",NID_id_smime_ct,10,&(lvalues[1135]),0},
-{"id-smime-aa","id-smime-aa",NID_id_smime_aa,10,&(lvalues[1145]),0},
-{"id-smime-alg","id-smime-alg",NID_id_smime_alg,10,&(lvalues[1155]),0},
-{"id-smime-cd","id-smime-cd",NID_id_smime_cd,10,&(lvalues[1165]),0},
-{"id-smime-spq","id-smime-spq",NID_id_smime_spq,10,&(lvalues[1175]),0},
-{"id-smime-cti","id-smime-cti",NID_id_smime_cti,10,&(lvalues[1185]),0},
-{"id-smime-mod-cms","id-smime-mod-cms",NID_id_smime_mod_cms,11,
-	&(lvalues[1195]),0},
-{"id-smime-mod-ess","id-smime-mod-ess",NID_id_smime_mod_ess,11,
-	&(lvalues[1206]),0},
-{"id-smime-mod-oid","id-smime-mod-oid",NID_id_smime_mod_oid,11,
-	&(lvalues[1217]),0},
-{"id-smime-mod-msg-v3","id-smime-mod-msg-v3",NID_id_smime_mod_msg_v3,
-	11,&(lvalues[1228]),0},
-{"id-smime-mod-ets-eSignature-88","id-smime-mod-ets-eSignature-88",
-	NID_id_smime_mod_ets_eSignature_88,11,&(lvalues[1239]),0},
-{"id-smime-mod-ets-eSignature-97","id-smime-mod-ets-eSignature-97",
-	NID_id_smime_mod_ets_eSignature_97,11,&(lvalues[1250]),0},
-{"id-smime-mod-ets-eSigPolicy-88","id-smime-mod-ets-eSigPolicy-88",
-	NID_id_smime_mod_ets_eSigPolicy_88,11,&(lvalues[1261]),0},
-{"id-smime-mod-ets-eSigPolicy-97","id-smime-mod-ets-eSigPolicy-97",
-	NID_id_smime_mod_ets_eSigPolicy_97,11,&(lvalues[1272]),0},
-{"id-smime-ct-receipt","id-smime-ct-receipt",NID_id_smime_ct_receipt,
-	11,&(lvalues[1283]),0},
-{"id-smime-ct-authData","id-smime-ct-authData",
-	NID_id_smime_ct_authData,11,&(lvalues[1294]),0},
-{"id-smime-ct-publishCert","id-smime-ct-publishCert",
-	NID_id_smime_ct_publishCert,11,&(lvalues[1305]),0},
-{"id-smime-ct-TSTInfo","id-smime-ct-TSTInfo",NID_id_smime_ct_TSTInfo,
-	11,&(lvalues[1316]),0},
-{"id-smime-ct-TDTInfo","id-smime-ct-TDTInfo",NID_id_smime_ct_TDTInfo,
-	11,&(lvalues[1327]),0},
-{"id-smime-ct-contentInfo","id-smime-ct-contentInfo",
-	NID_id_smime_ct_contentInfo,11,&(lvalues[1338]),0},
-{"id-smime-ct-DVCSRequestData","id-smime-ct-DVCSRequestData",
-	NID_id_smime_ct_DVCSRequestData,11,&(lvalues[1349]),0},
-{"id-smime-ct-DVCSResponseData","id-smime-ct-DVCSResponseData",
-	NID_id_smime_ct_DVCSResponseData,11,&(lvalues[1360]),0},
-{"id-smime-aa-receiptRequest","id-smime-aa-receiptRequest",
-	NID_id_smime_aa_receiptRequest,11,&(lvalues[1371]),0},
-{"id-smime-aa-securityLabel","id-smime-aa-securityLabel",
-	NID_id_smime_aa_securityLabel,11,&(lvalues[1382]),0},
-{"id-smime-aa-mlExpandHistory","id-smime-aa-mlExpandHistory",
-	NID_id_smime_aa_mlExpandHistory,11,&(lvalues[1393]),0},
-{"id-smime-aa-contentHint","id-smime-aa-contentHint",
-	NID_id_smime_aa_contentHint,11,&(lvalues[1404]),0},
-{"id-smime-aa-msgSigDigest","id-smime-aa-msgSigDigest",
-	NID_id_smime_aa_msgSigDigest,11,&(lvalues[1415]),0},
-{"id-smime-aa-encapContentType","id-smime-aa-encapContentType",
-	NID_id_smime_aa_encapContentType,11,&(lvalues[1426]),0},
-{"id-smime-aa-contentIdentifier","id-smime-aa-contentIdentifier",
-	NID_id_smime_aa_contentIdentifier,11,&(lvalues[1437]),0},
-{"id-smime-aa-macValue","id-smime-aa-macValue",
-	NID_id_smime_aa_macValue,11,&(lvalues[1448]),0},
-{"id-smime-aa-equivalentLabels","id-smime-aa-equivalentLabels",
-	NID_id_smime_aa_equivalentLabels,11,&(lvalues[1459]),0},
-{"id-smime-aa-contentReference","id-smime-aa-contentReference",
-	NID_id_smime_aa_contentReference,11,&(lvalues[1470]),0},
-{"id-smime-aa-encrypKeyPref","id-smime-aa-encrypKeyPref",
-	NID_id_smime_aa_encrypKeyPref,11,&(lvalues[1481]),0},
-{"id-smime-aa-signingCertificate","id-smime-aa-signingCertificate",
-	NID_id_smime_aa_signingCertificate,11,&(lvalues[1492]),0},
-{"id-smime-aa-smimeEncryptCerts","id-smime-aa-smimeEncryptCerts",
-	NID_id_smime_aa_smimeEncryptCerts,11,&(lvalues[1503]),0},
-{"id-smime-aa-timeStampToken","id-smime-aa-timeStampToken",
-	NID_id_smime_aa_timeStampToken,11,&(lvalues[1514]),0},
-{"id-smime-aa-ets-sigPolicyId","id-smime-aa-ets-sigPolicyId",
-	NID_id_smime_aa_ets_sigPolicyId,11,&(lvalues[1525]),0},
-{"id-smime-aa-ets-commitmentType","id-smime-aa-ets-commitmentType",
-	NID_id_smime_aa_ets_commitmentType,11,&(lvalues[1536]),0},
-{"id-smime-aa-ets-signerLocation","id-smime-aa-ets-signerLocation",
-	NID_id_smime_aa_ets_signerLocation,11,&(lvalues[1547]),0},
-{"id-smime-aa-ets-signerAttr","id-smime-aa-ets-signerAttr",
-	NID_id_smime_aa_ets_signerAttr,11,&(lvalues[1558]),0},
-{"id-smime-aa-ets-otherSigCert","id-smime-aa-ets-otherSigCert",
-	NID_id_smime_aa_ets_otherSigCert,11,&(lvalues[1569]),0},
-{"id-smime-aa-ets-contentTimestamp",
-	"id-smime-aa-ets-contentTimestamp",
-	NID_id_smime_aa_ets_contentTimestamp,11,&(lvalues[1580]),0},
-{"id-smime-aa-ets-CertificateRefs","id-smime-aa-ets-CertificateRefs",
-	NID_id_smime_aa_ets_CertificateRefs,11,&(lvalues[1591]),0},
-{"id-smime-aa-ets-RevocationRefs","id-smime-aa-ets-RevocationRefs",
-	NID_id_smime_aa_ets_RevocationRefs,11,&(lvalues[1602]),0},
-{"id-smime-aa-ets-certValues","id-smime-aa-ets-certValues",
-	NID_id_smime_aa_ets_certValues,11,&(lvalues[1613]),0},
-{"id-smime-aa-ets-revocationValues",
-	"id-smime-aa-ets-revocationValues",
-	NID_id_smime_aa_ets_revocationValues,11,&(lvalues[1624]),0},
-{"id-smime-aa-ets-escTimeStamp","id-smime-aa-ets-escTimeStamp",
-	NID_id_smime_aa_ets_escTimeStamp,11,&(lvalues[1635]),0},
-{"id-smime-aa-ets-certCRLTimestamp",
-	"id-smime-aa-ets-certCRLTimestamp",
-	NID_id_smime_aa_ets_certCRLTimestamp,11,&(lvalues[1646]),0},
-{"id-smime-aa-ets-archiveTimeStamp",
-	"id-smime-aa-ets-archiveTimeStamp",
-	NID_id_smime_aa_ets_archiveTimeStamp,11,&(lvalues[1657]),0},
-{"id-smime-aa-signatureType","id-smime-aa-signatureType",
-	NID_id_smime_aa_signatureType,11,&(lvalues[1668]),0},
-{"id-smime-aa-dvcs-dvc","id-smime-aa-dvcs-dvc",
-	NID_id_smime_aa_dvcs_dvc,11,&(lvalues[1679]),0},
-{"id-smime-alg-ESDHwith3DES","id-smime-alg-ESDHwith3DES",
-	NID_id_smime_alg_ESDHwith3DES,11,&(lvalues[1690]),0},
-{"id-smime-alg-ESDHwithRC2","id-smime-alg-ESDHwithRC2",
-	NID_id_smime_alg_ESDHwithRC2,11,&(lvalues[1701]),0},
-{"id-smime-alg-3DESwrap","id-smime-alg-3DESwrap",
-	NID_id_smime_alg_3DESwrap,11,&(lvalues[1712]),0},
-{"id-smime-alg-RC2wrap","id-smime-alg-RC2wrap",
-	NID_id_smime_alg_RC2wrap,11,&(lvalues[1723]),0},
-{"id-smime-alg-ESDH","id-smime-alg-ESDH",NID_id_smime_alg_ESDH,11,
-	&(lvalues[1734]),0},
-{"id-smime-alg-CMS3DESwrap","id-smime-alg-CMS3DESwrap",
-	NID_id_smime_alg_CMS3DESwrap,11,&(lvalues[1745]),0},
-{"id-smime-alg-CMSRC2wrap","id-smime-alg-CMSRC2wrap",
-	NID_id_smime_alg_CMSRC2wrap,11,&(lvalues[1756]),0},
-{"id-smime-cd-ldap","id-smime-cd-ldap",NID_id_smime_cd_ldap,11,
-	&(lvalues[1767]),0},
-{"id-smime-spq-ets-sqt-uri","id-smime-spq-ets-sqt-uri",
-	NID_id_smime_spq_ets_sqt_uri,11,&(lvalues[1778]),0},
-{"id-smime-spq-ets-sqt-unotice","id-smime-spq-ets-sqt-unotice",
-	NID_id_smime_spq_ets_sqt_unotice,11,&(lvalues[1789]),0},
-{"id-smime-cti-ets-proofOfOrigin","id-smime-cti-ets-proofOfOrigin",
-	NID_id_smime_cti_ets_proofOfOrigin,11,&(lvalues[1800]),0},
-{"id-smime-cti-ets-proofOfReceipt","id-smime-cti-ets-proofOfReceipt",
-	NID_id_smime_cti_ets_proofOfReceipt,11,&(lvalues[1811]),0},
-{"id-smime-cti-ets-proofOfDelivery",
-	"id-smime-cti-ets-proofOfDelivery",
-	NID_id_smime_cti_ets_proofOfDelivery,11,&(lvalues[1822]),0},
-{"id-smime-cti-ets-proofOfSender","id-smime-cti-ets-proofOfSender",
-	NID_id_smime_cti_ets_proofOfSender,11,&(lvalues[1833]),0},
-{"id-smime-cti-ets-proofOfApproval",
-	"id-smime-cti-ets-proofOfApproval",
-	NID_id_smime_cti_ets_proofOfApproval,11,&(lvalues[1844]),0},
-{"id-smime-cti-ets-proofOfCreation",
-	"id-smime-cti-ets-proofOfCreation",
-	NID_id_smime_cti_ets_proofOfCreation,11,&(lvalues[1855]),0},
-{"MD4","md4",NID_md4,8,&(lvalues[1866]),0},
-{"id-pkix-mod","id-pkix-mod",NID_id_pkix_mod,7,&(lvalues[1874]),0},
-{"id-qt","id-qt",NID_id_qt,7,&(lvalues[1881]),0},
-{"id-it","id-it",NID_id_it,7,&(lvalues[1888]),0},
-{"id-pkip","id-pkip",NID_id_pkip,7,&(lvalues[1895]),0},
-{"id-alg","id-alg",NID_id_alg,7,&(lvalues[1902]),0},
-{"id-cmc","id-cmc",NID_id_cmc,7,&(lvalues[1909]),0},
-{"id-on","id-on",NID_id_on,7,&(lvalues[1916]),0},
-{"id-pda","id-pda",NID_id_pda,7,&(lvalues[1923]),0},
-{"id-aca","id-aca",NID_id_aca,7,&(lvalues[1930]),0},
-{"id-qcs","id-qcs",NID_id_qcs,7,&(lvalues[1937]),0},
-{"id-cct","id-cct",NID_id_cct,7,&(lvalues[1944]),0},
-{"id-pkix1-explicit-88","id-pkix1-explicit-88",
-	NID_id_pkix1_explicit_88,8,&(lvalues[1951]),0},
-{"id-pkix1-implicit-88","id-pkix1-implicit-88",
-	NID_id_pkix1_implicit_88,8,&(lvalues[1959]),0},
-{"id-pkix1-explicit-93","id-pkix1-explicit-93",
-	NID_id_pkix1_explicit_93,8,&(lvalues[1967]),0},
-{"id-pkix1-implicit-93","id-pkix1-implicit-93",
-	NID_id_pkix1_implicit_93,8,&(lvalues[1975]),0},
-{"id-mod-crmf","id-mod-crmf",NID_id_mod_crmf,8,&(lvalues[1983]),0},
-{"id-mod-cmc","id-mod-cmc",NID_id_mod_cmc,8,&(lvalues[1991]),0},
-{"id-mod-kea-profile-88","id-mod-kea-profile-88",
-	NID_id_mod_kea_profile_88,8,&(lvalues[1999]),0},
-{"id-mod-kea-profile-93","id-mod-kea-profile-93",
-	NID_id_mod_kea_profile_93,8,&(lvalues[2007]),0},
-{"id-mod-cmp","id-mod-cmp",NID_id_mod_cmp,8,&(lvalues[2015]),0},
-{"id-mod-qualified-cert-88","id-mod-qualified-cert-88",
-	NID_id_mod_qualified_cert_88,8,&(lvalues[2023]),0},
-{"id-mod-qualified-cert-93","id-mod-qualified-cert-93",
-	NID_id_mod_qualified_cert_93,8,&(lvalues[2031]),0},
-{"id-mod-attribute-cert","id-mod-attribute-cert",
-	NID_id_mod_attribute_cert,8,&(lvalues[2039]),0},
-{"id-mod-timestamp-protocol","id-mod-timestamp-protocol",
-	NID_id_mod_timestamp_protocol,8,&(lvalues[2047]),0},
-{"id-mod-ocsp","id-mod-ocsp",NID_id_mod_ocsp,8,&(lvalues[2055]),0},
-{"id-mod-dvcs","id-mod-dvcs",NID_id_mod_dvcs,8,&(lvalues[2063]),0},
-{"id-mod-cmp2000","id-mod-cmp2000",NID_id_mod_cmp2000,8,
-	&(lvalues[2071]),0},
-{"biometricInfo","Biometric Info",NID_biometricInfo,8,&(lvalues[2079]),0},
-{"qcStatements","qcStatements",NID_qcStatements,8,&(lvalues[2087]),0},
-{"ac-auditEntity","ac-auditEntity",NID_ac_auditEntity,8,
-	&(lvalues[2095]),0},
-{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2103]),0},
-{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2111]),0},
-{"sbgp-ipAddrBlock","sbgp-ipAddrBlock",NID_sbgp_ipAddrBlock,8,
-	&(lvalues[2119]),0},
-{"sbgp-autonomousSysNum","sbgp-autonomousSysNum",
-	NID_sbgp_autonomousSysNum,8,&(lvalues[2127]),0},
-{"sbgp-routerIdentifier","sbgp-routerIdentifier",
-	NID_sbgp_routerIdentifier,8,&(lvalues[2135]),0},
-{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2143]),0},
-{"ipsecEndSystem","IPSec End System",NID_ipsecEndSystem,8,
-	&(lvalues[2151]),0},
-{"ipsecTunnel","IPSec Tunnel",NID_ipsecTunnel,8,&(lvalues[2159]),0},
-{"ipsecUser","IPSec User",NID_ipsecUser,8,&(lvalues[2167]),0},
-{"DVCS","dvcs",NID_dvcs,8,&(lvalues[2175]),0},
-{"id-it-caProtEncCert","id-it-caProtEncCert",NID_id_it_caProtEncCert,
-	8,&(lvalues[2183]),0},
-{"id-it-signKeyPairTypes","id-it-signKeyPairTypes",
-	NID_id_it_signKeyPairTypes,8,&(lvalues[2191]),0},
-{"id-it-encKeyPairTypes","id-it-encKeyPairTypes",
-	NID_id_it_encKeyPairTypes,8,&(lvalues[2199]),0},
-{"id-it-preferredSymmAlg","id-it-preferredSymmAlg",
-	NID_id_it_preferredSymmAlg,8,&(lvalues[2207]),0},
-{"id-it-caKeyUpdateInfo","id-it-caKeyUpdateInfo",
-	NID_id_it_caKeyUpdateInfo,8,&(lvalues[2215]),0},
-{"id-it-currentCRL","id-it-currentCRL",NID_id_it_currentCRL,8,
-	&(lvalues[2223]),0},
-{"id-it-unsupportedOIDs","id-it-unsupportedOIDs",
-	NID_id_it_unsupportedOIDs,8,&(lvalues[2231]),0},
-{"id-it-subscriptionRequest","id-it-subscriptionRequest",
-	NID_id_it_subscriptionRequest,8,&(lvalues[2239]),0},
-{"id-it-subscriptionResponse","id-it-subscriptionResponse",
-	NID_id_it_subscriptionResponse,8,&(lvalues[2247]),0},
-{"id-it-keyPairParamReq","id-it-keyPairParamReq",
-	NID_id_it_keyPairParamReq,8,&(lvalues[2255]),0},
-{"id-it-keyPairParamRep","id-it-keyPairParamRep",
-	NID_id_it_keyPairParamRep,8,&(lvalues[2263]),0},
-{"id-it-revPassphrase","id-it-revPassphrase",NID_id_it_revPassphrase,
-	8,&(lvalues[2271]),0},
-{"id-it-implicitConfirm","id-it-implicitConfirm",
-	NID_id_it_implicitConfirm,8,&(lvalues[2279]),0},
-{"id-it-confirmWaitTime","id-it-confirmWaitTime",
-	NID_id_it_confirmWaitTime,8,&(lvalues[2287]),0},
-{"id-it-origPKIMessage","id-it-origPKIMessage",
-	NID_id_it_origPKIMessage,8,&(lvalues[2295]),0},
-{"id-regCtrl","id-regCtrl",NID_id_regCtrl,8,&(lvalues[2303]),0},
-{"id-regInfo","id-regInfo",NID_id_regInfo,8,&(lvalues[2311]),0},
-{"id-regCtrl-regToken","id-regCtrl-regToken",NID_id_regCtrl_regToken,
-	9,&(lvalues[2319]),0},
-{"id-regCtrl-authenticator","id-regCtrl-authenticator",
-	NID_id_regCtrl_authenticator,9,&(lvalues[2328]),0},
-{"id-regCtrl-pkiPublicationInfo","id-regCtrl-pkiPublicationInfo",
-	NID_id_regCtrl_pkiPublicationInfo,9,&(lvalues[2337]),0},
-{"id-regCtrl-pkiArchiveOptions","id-regCtrl-pkiArchiveOptions",
-	NID_id_regCtrl_pkiArchiveOptions,9,&(lvalues[2346]),0},
-{"id-regCtrl-oldCertID","id-regCtrl-oldCertID",
-	NID_id_regCtrl_oldCertID,9,&(lvalues[2355]),0},
-{"id-regCtrl-protocolEncrKey","id-regCtrl-protocolEncrKey",
-	NID_id_regCtrl_protocolEncrKey,9,&(lvalues[2364]),0},
-{"id-regInfo-utf8Pairs","id-regInfo-utf8Pairs",
-	NID_id_regInfo_utf8Pairs,9,&(lvalues[2373]),0},
-{"id-regInfo-certReq","id-regInfo-certReq",NID_id_regInfo_certReq,9,
-	&(lvalues[2382]),0},
-{"id-alg-des40","id-alg-des40",NID_id_alg_des40,8,&(lvalues[2391]),0},
-{"id-alg-noSignature","id-alg-noSignature",NID_id_alg_noSignature,8,
-	&(lvalues[2399]),0},
-{"id-alg-dh-sig-hmac-sha1","id-alg-dh-sig-hmac-sha1",
-	NID_id_alg_dh_sig_hmac_sha1,8,&(lvalues[2407]),0},
-{"id-alg-dh-pop","id-alg-dh-pop",NID_id_alg_dh_pop,8,&(lvalues[2415]),0},
-{"id-cmc-statusInfo","id-cmc-statusInfo",NID_id_cmc_statusInfo,8,
-	&(lvalues[2423]),0},
-{"id-cmc-identification","id-cmc-identification",
-	NID_id_cmc_identification,8,&(lvalues[2431]),0},
-{"id-cmc-identityProof","id-cmc-identityProof",
-	NID_id_cmc_identityProof,8,&(lvalues[2439]),0},
-{"id-cmc-dataReturn","id-cmc-dataReturn",NID_id_cmc_dataReturn,8,
-	&(lvalues[2447]),0},
-{"id-cmc-transactionId","id-cmc-transactionId",
-	NID_id_cmc_transactionId,8,&(lvalues[2455]),0},
-{"id-cmc-senderNonce","id-cmc-senderNonce",NID_id_cmc_senderNonce,8,
-	&(lvalues[2463]),0},
-{"id-cmc-recipientNonce","id-cmc-recipientNonce",
-	NID_id_cmc_recipientNonce,8,&(lvalues[2471]),0},
-{"id-cmc-addExtensions","id-cmc-addExtensions",
-	NID_id_cmc_addExtensions,8,&(lvalues[2479]),0},
-{"id-cmc-encryptedPOP","id-cmc-encryptedPOP",NID_id_cmc_encryptedPOP,
-	8,&(lvalues[2487]),0},
-{"id-cmc-decryptedPOP","id-cmc-decryptedPOP",NID_id_cmc_decryptedPOP,
-	8,&(lvalues[2495]),0},
-{"id-cmc-lraPOPWitness","id-cmc-lraPOPWitness",
-	NID_id_cmc_lraPOPWitness,8,&(lvalues[2503]),0},
-{"id-cmc-getCert","id-cmc-getCert",NID_id_cmc_getCert,8,
-	&(lvalues[2511]),0},
-{"id-cmc-getCRL","id-cmc-getCRL",NID_id_cmc_getCRL,8,&(lvalues[2519]),0},
-{"id-cmc-revokeRequest","id-cmc-revokeRequest",
-	NID_id_cmc_revokeRequest,8,&(lvalues[2527]),0},
-{"id-cmc-regInfo","id-cmc-regInfo",NID_id_cmc_regInfo,8,
-	&(lvalues[2535]),0},
-{"id-cmc-responseInfo","id-cmc-responseInfo",NID_id_cmc_responseInfo,
-	8,&(lvalues[2543]),0},
-{"id-cmc-queryPending","id-cmc-queryPending",NID_id_cmc_queryPending,
-	8,&(lvalues[2551]),0},
-{"id-cmc-popLinkRandom","id-cmc-popLinkRandom",
-	NID_id_cmc_popLinkRandom,8,&(lvalues[2559]),0},
-{"id-cmc-popLinkWitness","id-cmc-popLinkWitness",
-	NID_id_cmc_popLinkWitness,8,&(lvalues[2567]),0},
-{"id-cmc-confirmCertAcceptance","id-cmc-confirmCertAcceptance",
-	NID_id_cmc_confirmCertAcceptance,8,&(lvalues[2575]),0},
-{"id-on-personalData","id-on-personalData",NID_id_on_personalData,8,
-	&(lvalues[2583]),0},
-{"id-pda-dateOfBirth","id-pda-dateOfBirth",NID_id_pda_dateOfBirth,8,
-	&(lvalues[2591]),0},
-{"id-pda-placeOfBirth","id-pda-placeOfBirth",NID_id_pda_placeOfBirth,
-	8,&(lvalues[2599]),0},
-{NULL,NULL,NID_undef,0,NULL,0},
-{"id-pda-gender","id-pda-gender",NID_id_pda_gender,8,&(lvalues[2607]),0},
-{"id-pda-countryOfCitizenship","id-pda-countryOfCitizenship",
-	NID_id_pda_countryOfCitizenship,8,&(lvalues[2615]),0},
-{"id-pda-countryOfResidence","id-pda-countryOfResidence",
-	NID_id_pda_countryOfResidence,8,&(lvalues[2623]),0},
-{"id-aca-authenticationInfo","id-aca-authenticationInfo",
-	NID_id_aca_authenticationInfo,8,&(lvalues[2631]),0},
-{"id-aca-accessIdentity","id-aca-accessIdentity",
-	NID_id_aca_accessIdentity,8,&(lvalues[2639]),0},
-{"id-aca-chargingIdentity","id-aca-chargingIdentity",
-	NID_id_aca_chargingIdentity,8,&(lvalues[2647]),0},
-{"id-aca-group","id-aca-group",NID_id_aca_group,8,&(lvalues[2655]),0},
-{"id-aca-role","id-aca-role",NID_id_aca_role,8,&(lvalues[2663]),0},
-{"id-qcs-pkixQCSyntax-v1","id-qcs-pkixQCSyntax-v1",
-	NID_id_qcs_pkixQCSyntax_v1,8,&(lvalues[2671]),0},
-{"id-cct-crs","id-cct-crs",NID_id_cct_crs,8,&(lvalues[2679]),0},
-{"id-cct-PKIData","id-cct-PKIData",NID_id_cct_PKIData,8,
-	&(lvalues[2687]),0},
-{"id-cct-PKIResponse","id-cct-PKIResponse",NID_id_cct_PKIResponse,8,
-	&(lvalues[2695]),0},
-{"ad_timestamping","AD Time Stamping",NID_ad_timeStamping,8,
-	&(lvalues[2703]),0},
-{"AD_DVCS","ad dvcs",NID_ad_dvcs,8,&(lvalues[2711]),0},
-{"basicOCSPResponse","Basic OCSP Response",NID_id_pkix_OCSP_basic,9,
-	&(lvalues[2719]),0},
-{"Nonce","OCSP Nonce",NID_id_pkix_OCSP_Nonce,9,&(lvalues[2728]),0},
-{"CrlID","OCSP CRL ID",NID_id_pkix_OCSP_CrlID,9,&(lvalues[2737]),0},
-{"acceptableResponses","Acceptable OCSP Responses",
-	NID_id_pkix_OCSP_acceptableResponses,9,&(lvalues[2746]),0},
-{"noCheck","OCSP No Check",NID_id_pkix_OCSP_noCheck,9,&(lvalues[2755]),0},
-{"archiveCutoff","OCSP Archive Cutoff",NID_id_pkix_OCSP_archiveCutoff,
-	9,&(lvalues[2764]),0},
-{"serviceLocator","OCSP Service Locator",
-	NID_id_pkix_OCSP_serviceLocator,9,&(lvalues[2773]),0},
-{"extendedStatus","Extended OCSP Status",
-	NID_id_pkix_OCSP_extendedStatus,9,&(lvalues[2782]),0},
-{"valid","valid",NID_id_pkix_OCSP_valid,9,&(lvalues[2791]),0},
-{"path","path",NID_id_pkix_OCSP_path,9,&(lvalues[2800]),0},
-{"trustRoot","Trust Root",NID_id_pkix_OCSP_trustRoot,9,
-	&(lvalues[2809]),0},
-{"algorithm","algorithm",NID_algorithm,4,&(lvalues[2818]),0},
-{"rsaSignature","rsaSignature",NID_rsaSignature,5,&(lvalues[2822]),0},
-{"X500algorithms","directory services - algorithms",
-	NID_X500algorithms,2,&(lvalues[2827]),0},
-{"ORG","org",NID_org,1,&(lvalues[2829]),0},
-{"DOD","dod",NID_dod,2,&(lvalues[2830]),0},
-{"IANA","iana",NID_iana,3,&(lvalues[2832]),0},
-{"directory","Directory",NID_Directory,4,&(lvalues[2835]),0},
-{"mgmt","Management",NID_Management,4,&(lvalues[2839]),0},
-{"experimental","Experimental",NID_Experimental,4,&(lvalues[2843]),0},
-{"private","Private",NID_Private,4,&(lvalues[2847]),0},
-{"security","Security",NID_Security,4,&(lvalues[2851]),0},
-{"snmpv2","SNMPv2",NID_SNMPv2,4,&(lvalues[2855]),0},
-{"Mail","Mail",NID_Mail,4,&(lvalues[2859]),0},
-{"enterprises","Enterprises",NID_Enterprises,5,&(lvalues[2863]),0},
-{"dcobject","dcObject",NID_dcObject,9,&(lvalues[2868]),0},
-{"DC","domainComponent",NID_domainComponent,10,&(lvalues[2877]),0},
-{"domain","Domain",NID_Domain,10,&(lvalues[2887]),0},
-{"NULL","NULL",NID_joint_iso_ccitt,0,NULL,0},
-{"selected-attribute-types","Selected Attribute Types",
-	NID_selected_attribute_types,3,&(lvalues[2897]),0},
-{"clearance","clearance",NID_clearance,4,&(lvalues[2900]),0},
-{"RSA-MD4","md4WithRSAEncryption",NID_md4WithRSAEncryption,9,
-	&(lvalues[2904]),0},
-{"ac-proxying","ac-proxying",NID_ac_proxying,8,&(lvalues[2913]),0},
-{"subjectInfoAccess","Subject Information Access",NID_sinfo_access,8,
-	&(lvalues[2921]),0},
-{"id-aca-encAttrs","id-aca-encAttrs",NID_id_aca_encAttrs,8,
-	&(lvalues[2929]),0},
-{"role","role",NID_role,3,&(lvalues[2937]),0},
-{"policyConstraints","X509v3 Policy Constraints",
-	NID_policy_constraints,3,&(lvalues[2940]),0},
-{"targetInformation","X509v3 AC Targeting",NID_target_information,3,
-	&(lvalues[2943]),0},
-{"noRevAvail","X509v3 No Revocation Available",NID_no_rev_avail,3,
-	&(lvalues[2946]),0},
-{"NULL","NULL",NID_ccitt,0,NULL,0},
-{"ansi-X9-62","ANSI X9.62",NID_ansi_X9_62,5,&(lvalues[2949]),0},
-{"prime-field","prime-field",NID_X9_62_prime_field,7,&(lvalues[2954]),0},
-{"characteristic-two-field","characteristic-two-field",
-	NID_X9_62_characteristic_two_field,7,&(lvalues[2961]),0},
-{"id-ecPublicKey","id-ecPublicKey",NID_X9_62_id_ecPublicKey,7,
-	&(lvalues[2968]),0},
-{"prime192v1","prime192v1",NID_X9_62_prime192v1,8,&(lvalues[2975]),0},
-{"prime192v2","prime192v2",NID_X9_62_prime192v2,8,&(lvalues[2983]),0},
-{"prime192v3","prime192v3",NID_X9_62_prime192v3,8,&(lvalues[2991]),0},
-{"prime239v1","prime239v1",NID_X9_62_prime239v1,8,&(lvalues[2999]),0},
-{"prime239v2","prime239v2",NID_X9_62_prime239v2,8,&(lvalues[3007]),0},
-{"prime239v3","prime239v3",NID_X9_62_prime239v3,8,&(lvalues[3015]),0},
-{"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3023]),0},
-{"ecdsa-with-SHA1","ecdsa-with-SHA1",NID_ecdsa_with_SHA1,7,
-	&(lvalues[3031]),0},
-{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3038]),0},
-{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[3047]),0},
-{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[3056]),0},
-{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb128,9,&(lvalues[3065]),0},
-{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb128,9,&(lvalues[3074]),0},
-{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[3083]),0},
-{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[3092]),0},
-{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb128,9,&(lvalues[3101]),0},
-{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb128,9,&(lvalues[3110]),0},
-{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[3119]),0},
-{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[3128]),0},
-{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb128,9,&(lvalues[3137]),0},
-{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb128,9,&(lvalues[3146]),0},
-{"holdInstructionCode","Hold Instruction Code",
-	NID_hold_instruction_code,3,&(lvalues[3155]),0},
-{"holdInstructionNone","Hold Instruction None",
-	NID_hold_instruction_none,7,&(lvalues[3158]),0},
-{"holdInstructionCallIssuer","Hold Instruction Call Issuer",
-	NID_hold_instruction_call_issuer,7,&(lvalues[3165]),0},
-{"holdInstructionReject","Hold Instruction Reject",
-	NID_hold_instruction_reject,7,&(lvalues[3172]),0},
-{"data","data",NID_data,1,&(lvalues[3179]),0},
-{"pss","pss",NID_pss,3,&(lvalues[3180]),0},
-{"ucl","ucl",NID_ucl,7,&(lvalues[3183]),0},
-{"pilot","pilot",NID_pilot,8,&(lvalues[3190]),0},
-{"pilotAttributeType","pilotAttributeType",NID_pilotAttributeType,9,
-	&(lvalues[3198]),0},
-{"pilotAttributeSyntax","pilotAttributeSyntax",
-	NID_pilotAttributeSyntax,9,&(lvalues[3207]),0},
-{"pilotObjectClass","pilotObjectClass",NID_pilotObjectClass,9,
-	&(lvalues[3216]),0},
-{"pilotGroups","pilotGroups",NID_pilotGroups,9,&(lvalues[3225]),0},
-{"iA5StringSyntax","iA5StringSyntax",NID_iA5StringSyntax,10,
-	&(lvalues[3234]),0},
-{"caseIgnoreIA5StringSyntax","caseIgnoreIA5StringSyntax",
-	NID_caseIgnoreIA5StringSyntax,10,&(lvalues[3244]),0},
-{"pilotObject","pilotObject",NID_pilotObject,10,&(lvalues[3254]),0},
-{"pilotPerson","pilotPerson",NID_pilotPerson,10,&(lvalues[3264]),0},
-{"account","account",NID_account,10,&(lvalues[3274]),0},
-{"document","document",NID_document,10,&(lvalues[3284]),0},
-{"room","room",NID_room,10,&(lvalues[3294]),0},
-{"documentSeries","documentSeries",NID_documentSeries,10,
-	&(lvalues[3304]),0},
-{"rFC822localPart","rFC822localPart",NID_rFC822localPart,10,
-	&(lvalues[3314]),0},
-{"dNSDomain","dNSDomain",NID_dNSDomain,10,&(lvalues[3324]),0},
-{"domainRelatedObject","domainRelatedObject",NID_domainRelatedObject,
-	10,&(lvalues[3334]),0},
-{"friendlyCountry","friendlyCountry",NID_friendlyCountry,10,
-	&(lvalues[3344]),0},
-{"simpleSecurityObject","simpleSecurityObject",
-	NID_simpleSecurityObject,10,&(lvalues[3354]),0},
-{"pilotOrganization","pilotOrganization",NID_pilotOrganization,10,
-	&(lvalues[3364]),0},
-{"pilotDSA","pilotDSA",NID_pilotDSA,10,&(lvalues[3374]),0},
-{"qualityLabelledData","qualityLabelledData",NID_qualityLabelledData,
-	10,&(lvalues[3384]),0},
-{"UID","userId",NID_userId,10,&(lvalues[3394]),0},
-{"textEncodedORAddress","textEncodedORAddress",
-	NID_textEncodedORAddress,10,&(lvalues[3404]),0},
-{"mail","rfc822Mailbox",NID_rfc822Mailbox,10,&(lvalues[3414]),0},
-{"info","info",NID_info,10,&(lvalues[3424]),0},
-{"favouriteDrink","favouriteDrink",NID_favouriteDrink,10,
-	&(lvalues[3434]),0},
-{"roomNumber","roomNumber",NID_roomNumber,10,&(lvalues[3444]),0},
-{"photo","photo",NID_photo,10,&(lvalues[3454]),0},
-{"userClass","userClass",NID_userClass,10,&(lvalues[3464]),0},
-{"host","host",NID_host,10,&(lvalues[3474]),0},
-{"manager","manager",NID_manager,10,&(lvalues[3484]),0},
-{"documentIdentifier","documentIdentifier",NID_documentIdentifier,10,
-	&(lvalues[3494]),0},
-{"documentTitle","documentTitle",NID_documentTitle,10,&(lvalues[3504]),0},
-{"documentVersion","documentVersion",NID_documentVersion,10,
-	&(lvalues[3514]),0},
-{"documentAuthor","documentAuthor",NID_documentAuthor,10,
-	&(lvalues[3524]),0},
-{"documentLocation","documentLocation",NID_documentLocation,10,
-	&(lvalues[3534]),0},
-{"homeTelephoneNumber","homeTelephoneNumber",NID_homeTelephoneNumber,
-	10,&(lvalues[3544]),0},
-{"secretary","secretary",NID_secretary,10,&(lvalues[3554]),0},
-{"otherMailbox","otherMailbox",NID_otherMailbox,10,&(lvalues[3564]),0},
-{"lastModifiedTime","lastModifiedTime",NID_lastModifiedTime,10,
-	&(lvalues[3574]),0},
-{"lastModifiedBy","lastModifiedBy",NID_lastModifiedBy,10,
-	&(lvalues[3584]),0},
-{"aRecord","aRecord",NID_aRecord,10,&(lvalues[3594]),0},
-{"pilotAttributeType27","pilotAttributeType27",
-	NID_pilotAttributeType27,10,&(lvalues[3604]),0},
-{"mXRecord","mXRecord",NID_mXRecord,10,&(lvalues[3614]),0},
-{"nSRecord","nSRecord",NID_nSRecord,10,&(lvalues[3624]),0},
-{"sOARecord","sOARecord",NID_sOARecord,10,&(lvalues[3634]),0},
-{"cNAMERecord","cNAMERecord",NID_cNAMERecord,10,&(lvalues[3644]),0},
-{"associatedDomain","associatedDomain",NID_associatedDomain,10,
-	&(lvalues[3654]),0},
-{"associatedName","associatedName",NID_associatedName,10,
-	&(lvalues[3664]),0},
-{"homePostalAddress","homePostalAddress",NID_homePostalAddress,10,
-	&(lvalues[3674]),0},
-{"personalTitle","personalTitle",NID_personalTitle,10,&(lvalues[3684]),0},
-{"mobileTelephoneNumber","mobileTelephoneNumber",
-	NID_mobileTelephoneNumber,10,&(lvalues[3694]),0},
-{"pagerTelephoneNumber","pagerTelephoneNumber",
-	NID_pagerTelephoneNumber,10,&(lvalues[3704]),0},
-{"friendlyCountryName","friendlyCountryName",NID_friendlyCountryName,
-	10,&(lvalues[3714]),0},
-{"organizationalStatus","organizationalStatus",
-	NID_organizationalStatus,10,&(lvalues[3724]),0},
-{"janetMailbox","janetMailbox",NID_janetMailbox,10,&(lvalues[3734]),0},
-{"mailPreferenceOption","mailPreferenceOption",
-	NID_mailPreferenceOption,10,&(lvalues[3744]),0},
-{"buildingName","buildingName",NID_buildingName,10,&(lvalues[3754]),0},
-{"dSAQuality","dSAQuality",NID_dSAQuality,10,&(lvalues[3764]),0},
-{"singleLevelQuality","singleLevelQuality",NID_singleLevelQuality,10,
-	&(lvalues[3774]),0},
-{"subtreeMinimumQuality","subtreeMinimumQuality",
-	NID_subtreeMinimumQuality,10,&(lvalues[3784]),0},
-{"subtreeMaximumQuality","subtreeMaximumQuality",
-	NID_subtreeMaximumQuality,10,&(lvalues[3794]),0},
-{"personalSignature","personalSignature",NID_personalSignature,10,
-	&(lvalues[3804]),0},
-{"dITRedirect","dITRedirect",NID_dITRedirect,10,&(lvalues[3814]),0},
-{"audio","audio",NID_audio,10,&(lvalues[3824]),0},
-{"documentPublisher","documentPublisher",NID_documentPublisher,10,
-	&(lvalues[3834]),0},
-{"x500UniqueIdentifier","x500UniqueIdentifier",
-	NID_x500UniqueIdentifier,3,&(lvalues[3844]),0},
-{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[3847]),0},
-{"mime-mhs-headings","mime-mhs-headings",NID_mime_mhs_headings,6,
-	&(lvalues[3852]),0},
-{"mime-mhs-bodies","mime-mhs-bodies",NID_mime_mhs_bodies,6,
-	&(lvalues[3858]),0},
-{"id-hex-partial-message","id-hex-partial-message",
-	NID_id_hex_partial_message,7,&(lvalues[3864]),0},
-{"id-hex-multipart-message","id-hex-multipart-message",
-	NID_id_hex_multipart_message,7,&(lvalues[3871]),0},
-{"generationQualifier","generationQualifier",NID_generationQualifier,
-	3,&(lvalues[3878]),0},
-{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[3881]),0},
-{NULL,NULL,NID_undef,0,NULL,0},
-{"id-set","Secure Electronic Transactions",NID_id_set,2,
-	&(lvalues[3884]),0},
-{"set-ctype","content types",NID_set_ctype,3,&(lvalues[3886]),0},
-{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[3889]),0},
-{"set-attr","set-attr",NID_set_attr,3,&(lvalues[3892]),0},
-{"set-policy","set-policy",NID_set_policy,3,&(lvalues[3895]),0},
-{"set-certExt","certificate extensions",NID_set_certExt,3,
-	&(lvalues[3898]),0},
-{"set-brand","set-brand",NID_set_brand,3,&(lvalues[3901]),0},
-{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[3904]),0},
-{"setct-PANToken","setct-PANToken",NID_setct_PANToken,4,
-	&(lvalues[3908]),0},
-{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[3912]),0},
-{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[3916]),0},
-{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[3920]),0},
-{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[3924]),0},
-{"setct-PIDataUnsigned","setct-PIDataUnsigned",
-	NID_setct_PIDataUnsigned,4,&(lvalues[3928]),0},
-{"setct-HODInput","setct-HODInput",NID_setct_HODInput,4,
-	&(lvalues[3932]),0},
-{"setct-AuthResBaggage","setct-AuthResBaggage",
-	NID_setct_AuthResBaggage,4,&(lvalues[3936]),0},
-{"setct-AuthRevReqBaggage","setct-AuthRevReqBaggage",
-	NID_setct_AuthRevReqBaggage,4,&(lvalues[3940]),0},
-{"setct-AuthRevResBaggage","setct-AuthRevResBaggage",
-	NID_setct_AuthRevResBaggage,4,&(lvalues[3944]),0},
-{"setct-CapTokenSeq","setct-CapTokenSeq",NID_setct_CapTokenSeq,4,
-	&(lvalues[3948]),0},
-{"setct-PInitResData","setct-PInitResData",NID_setct_PInitResData,4,
-	&(lvalues[3952]),0},
-{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[3956]),0},
-{"setct-PResData","setct-PResData",NID_setct_PResData,4,
-	&(lvalues[3960]),0},
-{"setct-AuthReqTBS","setct-AuthReqTBS",NID_setct_AuthReqTBS,4,
-	&(lvalues[3964]),0},
-{"setct-AuthResTBS","setct-AuthResTBS",NID_setct_AuthResTBS,4,
-	&(lvalues[3968]),0},
-{"setct-AuthResTBSX","setct-AuthResTBSX",NID_setct_AuthResTBSX,4,
-	&(lvalues[3972]),0},
-{"setct-AuthTokenTBS","setct-AuthTokenTBS",NID_setct_AuthTokenTBS,4,
-	&(lvalues[3976]),0},
-{"setct-CapTokenData","setct-CapTokenData",NID_setct_CapTokenData,4,
-	&(lvalues[3980]),0},
-{"setct-CapTokenTBS","setct-CapTokenTBS",NID_setct_CapTokenTBS,4,
-	&(lvalues[3984]),0},
-{"setct-AcqCardCodeMsg","setct-AcqCardCodeMsg",
-	NID_setct_AcqCardCodeMsg,4,&(lvalues[3988]),0},
-{"setct-AuthRevReqTBS","setct-AuthRevReqTBS",NID_setct_AuthRevReqTBS,
-	4,&(lvalues[3992]),0},
-{"setct-AuthRevResData","setct-AuthRevResData",
-	NID_setct_AuthRevResData,4,&(lvalues[3996]),0},
-{"setct-AuthRevResTBS","setct-AuthRevResTBS",NID_setct_AuthRevResTBS,
-	4,&(lvalues[4000]),0},
-{"setct-CapReqTBS","setct-CapReqTBS",NID_setct_CapReqTBS,4,
-	&(lvalues[4004]),0},
-{"setct-CapReqTBSX","setct-CapReqTBSX",NID_setct_CapReqTBSX,4,
-	&(lvalues[4008]),0},
-{"setct-CapResData","setct-CapResData",NID_setct_CapResData,4,
-	&(lvalues[4012]),0},
-{"setct-CapRevReqTBS","setct-CapRevReqTBS",NID_setct_CapRevReqTBS,4,
-	&(lvalues[4016]),0},
-{"setct-CapRevReqTBSX","setct-CapRevReqTBSX",NID_setct_CapRevReqTBSX,
-	4,&(lvalues[4020]),0},
-{"setct-CapRevResData","setct-CapRevResData",NID_setct_CapRevResData,
-	4,&(lvalues[4024]),0},
-{"setct-CredReqTBS","setct-CredReqTBS",NID_setct_CredReqTBS,4,
-	&(lvalues[4028]),0},
-{"setct-CredReqTBSX","setct-CredReqTBSX",NID_setct_CredReqTBSX,4,
-	&(lvalues[4032]),0},
-{"setct-CredResData","setct-CredResData",NID_setct_CredResData,4,
-	&(lvalues[4036]),0},
-{"setct-CredRevReqTBS","setct-CredRevReqTBS",NID_setct_CredRevReqTBS,
-	4,&(lvalues[4040]),0},
-{"setct-CredRevReqTBSX","setct-CredRevReqTBSX",
-	NID_setct_CredRevReqTBSX,4,&(lvalues[4044]),0},
-{"setct-CredRevResData","setct-CredRevResData",
-	NID_setct_CredRevResData,4,&(lvalues[4048]),0},
-{"setct-PCertReqData","setct-PCertReqData",NID_setct_PCertReqData,4,
-	&(lvalues[4052]),0},
-{"setct-PCertResTBS","setct-PCertResTBS",NID_setct_PCertResTBS,4,
-	&(lvalues[4056]),0},
-{"setct-BatchAdminReqData","setct-BatchAdminReqData",
-	NID_setct_BatchAdminReqData,4,&(lvalues[4060]),0},
-{"setct-BatchAdminResData","setct-BatchAdminResData",
-	NID_setct_BatchAdminResData,4,&(lvalues[4064]),0},
-{"setct-CardCInitResTBS","setct-CardCInitResTBS",
-	NID_setct_CardCInitResTBS,4,&(lvalues[4068]),0},
-{"setct-MeAqCInitResTBS","setct-MeAqCInitResTBS",
-	NID_setct_MeAqCInitResTBS,4,&(lvalues[4072]),0},
-{"setct-RegFormResTBS","setct-RegFormResTBS",NID_setct_RegFormResTBS,
-	4,&(lvalues[4076]),0},
-{"setct-CertReqData","setct-CertReqData",NID_setct_CertReqData,4,
-	&(lvalues[4080]),0},
-{"setct-CertReqTBS","setct-CertReqTBS",NID_setct_CertReqTBS,4,
-	&(lvalues[4084]),0},
-{"setct-CertResData","setct-CertResData",NID_setct_CertResData,4,
-	&(lvalues[4088]),0},
-{"setct-CertInqReqTBS","setct-CertInqReqTBS",NID_setct_CertInqReqTBS,
-	4,&(lvalues[4092]),0},
-{"setct-ErrorTBS","setct-ErrorTBS",NID_setct_ErrorTBS,4,
-	&(lvalues[4096]),0},
-{"setct-PIDualSignedTBE","setct-PIDualSignedTBE",
-	NID_setct_PIDualSignedTBE,4,&(lvalues[4100]),0},
-{"setct-PIUnsignedTBE","setct-PIUnsignedTBE",NID_setct_PIUnsignedTBE,
-	4,&(lvalues[4104]),0},
-{"setct-AuthReqTBE","setct-AuthReqTBE",NID_setct_AuthReqTBE,4,
-	&(lvalues[4108]),0},
-{"setct-AuthResTBE","setct-AuthResTBE",NID_setct_AuthResTBE,4,
-	&(lvalues[4112]),0},
-{"setct-AuthResTBEX","setct-AuthResTBEX",NID_setct_AuthResTBEX,4,
-	&(lvalues[4116]),0},
-{"setct-AuthTokenTBE","setct-AuthTokenTBE",NID_setct_AuthTokenTBE,4,
-	&(lvalues[4120]),0},
-{"setct-CapTokenTBE","setct-CapTokenTBE",NID_setct_CapTokenTBE,4,
-	&(lvalues[4124]),0},
-{"setct-CapTokenTBEX","setct-CapTokenTBEX",NID_setct_CapTokenTBEX,4,
-	&(lvalues[4128]),0},
-{"setct-AcqCardCodeMsgTBE","setct-AcqCardCodeMsgTBE",
-	NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4132]),0},
-{"setct-AuthRevReqTBE","setct-AuthRevReqTBE",NID_setct_AuthRevReqTBE,
-	4,&(lvalues[4136]),0},
-{"setct-AuthRevResTBE","setct-AuthRevResTBE",NID_setct_AuthRevResTBE,
-	4,&(lvalues[4140]),0},
-{"setct-AuthRevResTBEB","setct-AuthRevResTBEB",
-	NID_setct_AuthRevResTBEB,4,&(lvalues[4144]),0},
-{"setct-CapReqTBE","setct-CapReqTBE",NID_setct_CapReqTBE,4,
-	&(lvalues[4148]),0},
-{"setct-CapReqTBEX","setct-CapReqTBEX",NID_setct_CapReqTBEX,4,
-	&(lvalues[4152]),0},
-{"setct-CapResTBE","setct-CapResTBE",NID_setct_CapResTBE,4,
-	&(lvalues[4156]),0},
-{"setct-CapRevReqTBE","setct-CapRevReqTBE",NID_setct_CapRevReqTBE,4,
-	&(lvalues[4160]),0},
-{"setct-CapRevReqTBEX","setct-CapRevReqTBEX",NID_setct_CapRevReqTBEX,
-	4,&(lvalues[4164]),0},
-{"setct-CapRevResTBE","setct-CapRevResTBE",NID_setct_CapRevResTBE,4,
-	&(lvalues[4168]),0},
-{"setct-CredReqTBE","setct-CredReqTBE",NID_setct_CredReqTBE,4,
-	&(lvalues[4172]),0},
-{"setct-CredReqTBEX","setct-CredReqTBEX",NID_setct_CredReqTBEX,4,
-	&(lvalues[4176]),0},
-{"setct-CredResTBE","setct-CredResTBE",NID_setct_CredResTBE,4,
-	&(lvalues[4180]),0},
-{"setct-CredRevReqTBE","setct-CredRevReqTBE",NID_setct_CredRevReqTBE,
-	4,&(lvalues[4184]),0},
-{"setct-CredRevReqTBEX","setct-CredRevReqTBEX",
-	NID_setct_CredRevReqTBEX,4,&(lvalues[4188]),0},
-{"setct-CredRevResTBE","setct-CredRevResTBE",NID_setct_CredRevResTBE,
-	4,&(lvalues[4192]),0},
-{"setct-BatchAdminReqTBE","setct-BatchAdminReqTBE",
-	NID_setct_BatchAdminReqTBE,4,&(lvalues[4196]),0},
-{"setct-BatchAdminResTBE","setct-BatchAdminResTBE",
-	NID_setct_BatchAdminResTBE,4,&(lvalues[4200]),0},
-{"setct-RegFormReqTBE","setct-RegFormReqTBE",NID_setct_RegFormReqTBE,
-	4,&(lvalues[4204]),0},
-{"setct-CertReqTBE","setct-CertReqTBE",NID_setct_CertReqTBE,4,
-	&(lvalues[4208]),0},
-{"setct-CertReqTBEX","setct-CertReqTBEX",NID_setct_CertReqTBEX,4,
-	&(lvalues[4212]),0},
-{"setct-CertResTBE","setct-CertResTBE",NID_setct_CertResTBE,4,
-	&(lvalues[4216]),0},
-{"setct-CRLNotificationTBS","setct-CRLNotificationTBS",
-	NID_setct_CRLNotificationTBS,4,&(lvalues[4220]),0},
-{"setct-CRLNotificationResTBS","setct-CRLNotificationResTBS",
-	NID_setct_CRLNotificationResTBS,4,&(lvalues[4224]),0},
-{"setct-BCIDistributionTBS","setct-BCIDistributionTBS",
-	NID_setct_BCIDistributionTBS,4,&(lvalues[4228]),0},
-{"setext-genCrypt","generic cryptogram",NID_setext_genCrypt,4,
-	&(lvalues[4232]),0},
-{"setext-miAuth","merchant initiated auth",NID_setext_miAuth,4,
-	&(lvalues[4236]),0},
-{"setext-pinSecure","setext-pinSecure",NID_setext_pinSecure,4,
-	&(lvalues[4240]),0},
-{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4244]),0},
-{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4248]),0},
-{"setext-cv","additional verification",NID_setext_cv,4,
-	&(lvalues[4252]),0},
-{"set-policy-root","set-policy-root",NID_set_policy_root,4,
-	&(lvalues[4256]),0},
-{"setCext-hashedRoot","setCext-hashedRoot",NID_setCext_hashedRoot,4,
-	&(lvalues[4260]),0},
-{"setCext-certType","setCext-certType",NID_setCext_certType,4,
-	&(lvalues[4264]),0},
-{"setCext-merchData","setCext-merchData",NID_setCext_merchData,4,
-	&(lvalues[4268]),0},
-{"setCext-cCertRequired","setCext-cCertRequired",
-	NID_setCext_cCertRequired,4,&(lvalues[4272]),0},
-{"setCext-tunneling","setCext-tunneling",NID_setCext_tunneling,4,
-	&(lvalues[4276]),0},
-{"setCext-setExt","setCext-setExt",NID_setCext_setExt,4,
-	&(lvalues[4280]),0},
-{"setCext-setQualf","setCext-setQualf",NID_setCext_setQualf,4,
-	&(lvalues[4284]),0},
-{"setCext-PGWYcapabilities","setCext-PGWYcapabilities",
-	NID_setCext_PGWYcapabilities,4,&(lvalues[4288]),0},
-{"setCext-TokenIdentifier","setCext-TokenIdentifier",
-	NID_setCext_TokenIdentifier,4,&(lvalues[4292]),0},
-{"setCext-Track2Data","setCext-Track2Data",NID_setCext_Track2Data,4,
-	&(lvalues[4296]),0},
-{"setCext-TokenType","setCext-TokenType",NID_setCext_TokenType,4,
-	&(lvalues[4300]),0},
-{"setCext-IssuerCapabilities","setCext-IssuerCapabilities",
-	NID_setCext_IssuerCapabilities,4,&(lvalues[4304]),0},
-{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4308]),0},
-{"setAttr-PGWYcap","payment gateway capabilities",NID_setAttr_PGWYcap,
-	4,&(lvalues[4312]),0},
-{"setAttr-TokenType","setAttr-TokenType",NID_setAttr_TokenType,4,
-	&(lvalues[4316]),0},
-{"setAttr-IssCap","issuer capabilities",NID_setAttr_IssCap,4,
-	&(lvalues[4320]),0},
-{"set-rootKeyThumb","set-rootKeyThumb",NID_set_rootKeyThumb,5,
-	&(lvalues[4324]),0},
-{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4329]),0},
-{"setAttr-Token-EMV","setAttr-Token-EMV",NID_setAttr_Token_EMV,5,
-	&(lvalues[4334]),0},
-{"setAttr-Token-B0Prime","setAttr-Token-B0Prime",
-	NID_setAttr_Token_B0Prime,5,&(lvalues[4339]),0},
-{"setAttr-IssCap-CVM","setAttr-IssCap-CVM",NID_setAttr_IssCap_CVM,5,
-	&(lvalues[4344]),0},
-{"setAttr-IssCap-T2","setAttr-IssCap-T2",NID_setAttr_IssCap_T2,5,
-	&(lvalues[4349]),0},
-{"setAttr-IssCap-Sig","setAttr-IssCap-Sig",NID_setAttr_IssCap_Sig,5,
-	&(lvalues[4354]),0},
-{"setAttr-GenCryptgrm","generate cryptogram",NID_setAttr_GenCryptgrm,
-	6,&(lvalues[4359]),0},
-{"setAttr-T2Enc","encrypted track 2",NID_setAttr_T2Enc,6,
-	&(lvalues[4365]),0},
-{"setAttr-T2cleartxt","cleartext track 2",NID_setAttr_T2cleartxt,6,
-	&(lvalues[4371]),0},
-{"setAttr-TokICCsig","ICC or token signature",NID_setAttr_TokICCsig,6,
-	&(lvalues[4377]),0},
-{"setAttr-SecDevSig","secure device signature",NID_setAttr_SecDevSig,
-	6,&(lvalues[4383]),0},
-{"set-brand-IATA-ATA","set-brand-IATA-ATA",NID_set_brand_IATA_ATA,4,
-	&(lvalues[4389]),0},
-{"set-brand-Diners","set-brand-Diners",NID_set_brand_Diners,4,
-	&(lvalues[4393]),0},
-{"set-brand-AmericanExpress","set-brand-AmericanExpress",
-	NID_set_brand_AmericanExpress,4,&(lvalues[4397]),0},
-{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4401]),0},
-{"set-brand-Visa","set-brand-Visa",NID_set_brand_Visa,4,
-	&(lvalues[4405]),0},
-{"set-brand-MasterCard","set-brand-MasterCard",
-	NID_set_brand_MasterCard,4,&(lvalues[4409]),0},
-{"set-brand-Novus","set-brand-Novus",NID_set_brand_Novus,5,
-	&(lvalues[4413]),0},
-{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4418]),0},
-{"rsaOAEPEncryptionSET","rsaOAEPEncryptionSET",
-	NID_rsaOAEPEncryptionSET,9,&(lvalues[4426]),0},
-{"ITU-T","itu-t",NID_itu_t,0,NULL,0},
-{"JOINT-ISO-ITU-T","joint-iso-itu-t",NID_joint_iso_itu_t,0,NULL,0},
-{"international-organizations","International Organizations",
-	NID_international_organizations,1,&(lvalues[4435]),0},
-{"msSmartcardLogin","Microsoft Smartcardlogin",NID_ms_smartcard_login,
-	10,&(lvalues[4436]),0},
-{"msUPN","Microsoft Universal Principal Name",NID_ms_upn,10,
-	&(lvalues[4446]),0},
-{"AES-128-CFB1","aes-128-cfb1",NID_aes_128_cfb1,0,NULL,0},
-{"AES-192-CFB1","aes-192-cfb1",NID_aes_192_cfb1,0,NULL,0},
-{"AES-256-CFB1","aes-256-cfb1",NID_aes_256_cfb1,0,NULL,0},
-{"AES-128-CFB8","aes-128-cfb8",NID_aes_128_cfb8,0,NULL,0},
-{"AES-192-CFB8","aes-192-cfb8",NID_aes_192_cfb8,0,NULL,0},
-{"AES-256-CFB8","aes-256-cfb8",NID_aes_256_cfb8,0,NULL,0},
-{"DES-CFB1","des-cfb1",NID_des_cfb1,0,NULL,0},
-{"DES-CFB8","des-cfb8",NID_des_cfb8,0,NULL,0},
-{"DES-EDE3-CFB1","des-ede3-cfb1",NID_des_ede3_cfb1,0,NULL,0},
-{"DES-EDE3-CFB8","des-ede3-cfb8",NID_des_ede3_cfb8,0,NULL,0},
-{"street","streetAddress",NID_streetAddress,3,&(lvalues[4456]),0},
-{"postalCode","postalCode",NID_postalCode,3,&(lvalues[4459]),0},
-{"id-ppl","id-ppl",NID_id_ppl,7,&(lvalues[4462]),0},
-{"proxyCertInfo","Proxy Certificate Information",NID_proxyCertInfo,8,
-	&(lvalues[4469]),0},
-{"id-ppl-anyLanguage","Any language",NID_id_ppl_anyLanguage,8,
-	&(lvalues[4477]),0},
-{"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8,
-	&(lvalues[4485]),0},
-{"nameConstraints","X509v3 Name Constraints",NID_name_constraints,3,
-	&(lvalues[4493]),0},
-{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4496]),0},
-{"RSA-SHA256","sha256WithRSAEncryption",NID_sha256WithRSAEncryption,9,
-	&(lvalues[4504]),0},
-{"RSA-SHA384","sha384WithRSAEncryption",NID_sha384WithRSAEncryption,9,
-	&(lvalues[4513]),0},
-{"RSA-SHA512","sha512WithRSAEncryption",NID_sha512WithRSAEncryption,9,
-	&(lvalues[4522]),0},
-{"RSA-SHA224","sha224WithRSAEncryption",NID_sha224WithRSAEncryption,9,
-	&(lvalues[4531]),0},
-{"SHA256","sha256",NID_sha256,9,&(lvalues[4540]),0},
-{"SHA384","sha384",NID_sha384,9,&(lvalues[4549]),0},
-{"SHA512","sha512",NID_sha512,9,&(lvalues[4558]),0},
-{"SHA224","sha224",NID_sha224,9,&(lvalues[4567]),0},
-{"identified-organization","identified-organization",
-	NID_identified_organization,1,&(lvalues[4576]),0},
-{"certicom-arc","certicom-arc",NID_certicom_arc,3,&(lvalues[4577]),0},
-{"wap","wap",NID_wap,2,&(lvalues[4580]),0},
-{"wap-wsg","wap-wsg",NID_wap_wsg,3,&(lvalues[4582]),0},
-{"id-characteristic-two-basis","id-characteristic-two-basis",
-	NID_X9_62_id_characteristic_two_basis,8,&(lvalues[4585]),0},
-{"onBasis","onBasis",NID_X9_62_onBasis,9,&(lvalues[4593]),0},
-{"tpBasis","tpBasis",NID_X9_62_tpBasis,9,&(lvalues[4602]),0},
-{"ppBasis","ppBasis",NID_X9_62_ppBasis,9,&(lvalues[4611]),0},
-{"c2pnb163v1","c2pnb163v1",NID_X9_62_c2pnb163v1,8,&(lvalues[4620]),0},
-{"c2pnb163v2","c2pnb163v2",NID_X9_62_c2pnb163v2,8,&(lvalues[4628]),0},
-{"c2pnb163v3","c2pnb163v3",NID_X9_62_c2pnb163v3,8,&(lvalues[4636]),0},
-{"c2pnb176v1","c2pnb176v1",NID_X9_62_c2pnb176v1,8,&(lvalues[4644]),0},
-{"c2tnb191v1","c2tnb191v1",NID_X9_62_c2tnb191v1,8,&(lvalues[4652]),0},
-{"c2tnb191v2","c2tnb191v2",NID_X9_62_c2tnb191v2,8,&(lvalues[4660]),0},
-{"c2tnb191v3","c2tnb191v3",NID_X9_62_c2tnb191v3,8,&(lvalues[4668]),0},
-{"c2onb191v4","c2onb191v4",NID_X9_62_c2onb191v4,8,&(lvalues[4676]),0},
-{"c2onb191v5","c2onb191v5",NID_X9_62_c2onb191v5,8,&(lvalues[4684]),0},
-{"c2pnb208w1","c2pnb208w1",NID_X9_62_c2pnb208w1,8,&(lvalues[4692]),0},
-{"c2tnb239v1","c2tnb239v1",NID_X9_62_c2tnb239v1,8,&(lvalues[4700]),0},
-{"c2tnb239v2","c2tnb239v2",NID_X9_62_c2tnb239v2,8,&(lvalues[4708]),0},
-{"c2tnb239v3","c2tnb239v3",NID_X9_62_c2tnb239v3,8,&(lvalues[4716]),0},
-{"c2onb239v4","c2onb239v4",NID_X9_62_c2onb239v4,8,&(lvalues[4724]),0},
-{"c2onb239v5","c2onb239v5",NID_X9_62_c2onb239v5,8,&(lvalues[4732]),0},
-{"c2pnb272w1","c2pnb272w1",NID_X9_62_c2pnb272w1,8,&(lvalues[4740]),0},
-{"c2pnb304w1","c2pnb304w1",NID_X9_62_c2pnb304w1,8,&(lvalues[4748]),0},
-{"c2tnb359v1","c2tnb359v1",NID_X9_62_c2tnb359v1,8,&(lvalues[4756]),0},
-{"c2pnb368w1","c2pnb368w1",NID_X9_62_c2pnb368w1,8,&(lvalues[4764]),0},
-{"c2tnb431r1","c2tnb431r1",NID_X9_62_c2tnb431r1,8,&(lvalues[4772]),0},
-{"secp112r1","secp112r1",NID_secp112r1,5,&(lvalues[4780]),0},
-{"secp112r2","secp112r2",NID_secp112r2,5,&(lvalues[4785]),0},
-{"secp128r1","secp128r1",NID_secp128r1,5,&(lvalues[4790]),0},
-{"secp128r2","secp128r2",NID_secp128r2,5,&(lvalues[4795]),0},
-{"secp160k1","secp160k1",NID_secp160k1,5,&(lvalues[4800]),0},
-{"secp160r1","secp160r1",NID_secp160r1,5,&(lvalues[4805]),0},
-{"secp160r2","secp160r2",NID_secp160r2,5,&(lvalues[4810]),0},
-{"secp192k1","secp192k1",NID_secp192k1,5,&(lvalues[4815]),0},
-{"secp224k1","secp224k1",NID_secp224k1,5,&(lvalues[4820]),0},
-{"secp224r1","secp224r1",NID_secp224r1,5,&(lvalues[4825]),0},
-{"secp256k1","secp256k1",NID_secp256k1,5,&(lvalues[4830]),0},
-{"secp384r1","secp384r1",NID_secp384r1,5,&(lvalues[4835]),0},
-{"secp521r1","secp521r1",NID_secp521r1,5,&(lvalues[4840]),0},
-{"sect113r1","sect113r1",NID_sect113r1,5,&(lvalues[4845]),0},
-{"sect113r2","sect113r2",NID_sect113r2,5,&(lvalues[4850]),0},
-{"sect131r1","sect131r1",NID_sect131r1,5,&(lvalues[4855]),0},
-{"sect131r2","sect131r2",NID_sect131r2,5,&(lvalues[4860]),0},
-{"sect163k1","sect163k1",NID_sect163k1,5,&(lvalues[4865]),0},
-{"sect163r1","sect163r1",NID_sect163r1,5,&(lvalues[4870]),0},
-{"sect163r2","sect163r2",NID_sect163r2,5,&(lvalues[4875]),0},
-{"sect193r1","sect193r1",NID_sect193r1,5,&(lvalues[4880]),0},
-{"sect193r2","sect193r2",NID_sect193r2,5,&(lvalues[4885]),0},
-{"sect233k1","sect233k1",NID_sect233k1,5,&(lvalues[4890]),0},
-{"sect233r1","sect233r1",NID_sect233r1,5,&(lvalues[4895]),0},
-{"sect239k1","sect239k1",NID_sect239k1,5,&(lvalues[4900]),0},
-{"sect283k1","sect283k1",NID_sect283k1,5,&(lvalues[4905]),0},
-{"sect283r1","sect283r1",NID_sect283r1,5,&(lvalues[4910]),0},
-{"sect409k1","sect409k1",NID_sect409k1,5,&(lvalues[4915]),0},
-{"sect409r1","sect409r1",NID_sect409r1,5,&(lvalues[4920]),0},
-{"sect571k1","sect571k1",NID_sect571k1,5,&(lvalues[4925]),0},
-{"sect571r1","sect571r1",NID_sect571r1,5,&(lvalues[4930]),0},
-{"wap-wsg-idm-ecid-wtls1","wap-wsg-idm-ecid-wtls1",
-	NID_wap_wsg_idm_ecid_wtls1,5,&(lvalues[4935]),0},
-{"wap-wsg-idm-ecid-wtls3","wap-wsg-idm-ecid-wtls3",
-	NID_wap_wsg_idm_ecid_wtls3,5,&(lvalues[4940]),0},
-{"wap-wsg-idm-ecid-wtls4","wap-wsg-idm-ecid-wtls4",
-	NID_wap_wsg_idm_ecid_wtls4,5,&(lvalues[4945]),0},
-{"wap-wsg-idm-ecid-wtls5","wap-wsg-idm-ecid-wtls5",
-	NID_wap_wsg_idm_ecid_wtls5,5,&(lvalues[4950]),0},
-{"wap-wsg-idm-ecid-wtls6","wap-wsg-idm-ecid-wtls6",
-	NID_wap_wsg_idm_ecid_wtls6,5,&(lvalues[4955]),0},
-{"wap-wsg-idm-ecid-wtls7","wap-wsg-idm-ecid-wtls7",
-	NID_wap_wsg_idm_ecid_wtls7,5,&(lvalues[4960]),0},
-{"wap-wsg-idm-ecid-wtls8","wap-wsg-idm-ecid-wtls8",
-	NID_wap_wsg_idm_ecid_wtls8,5,&(lvalues[4965]),0},
-{"wap-wsg-idm-ecid-wtls9","wap-wsg-idm-ecid-wtls9",
-	NID_wap_wsg_idm_ecid_wtls9,5,&(lvalues[4970]),0},
-{"wap-wsg-idm-ecid-wtls10","wap-wsg-idm-ecid-wtls10",
-	NID_wap_wsg_idm_ecid_wtls10,5,&(lvalues[4975]),0},
-{"wap-wsg-idm-ecid-wtls11","wap-wsg-idm-ecid-wtls11",
-	NID_wap_wsg_idm_ecid_wtls11,5,&(lvalues[4980]),0},
-{"wap-wsg-idm-ecid-wtls12","wap-wsg-idm-ecid-wtls12",
-	NID_wap_wsg_idm_ecid_wtls12,5,&(lvalues[4985]),0},
-{"anyPolicy","X509v3 Any Policy",NID_any_policy,4,&(lvalues[4990]),0},
-{"policyMappings","X509v3 Policy Mappings",NID_policy_mappings,3,
-	&(lvalues[4994]),0},
-{"inhibitAnyPolicy","X509v3 Inhibit Any Policy",
-	NID_inhibit_any_policy,3,&(lvalues[4997]),0},
-{"Oakley-EC2N-3","ipsec3",NID_ipsec3,0,NULL,0},
-{"Oakley-EC2N-4","ipsec4",NID_ipsec4,0,NULL,0},
-{"CAMELLIA-128-CBC","camellia-128-cbc",NID_camellia_128_cbc,11,
-	&(lvalues[5000]),0},
-{"CAMELLIA-192-CBC","camellia-192-cbc",NID_camellia_192_cbc,11,
-	&(lvalues[5011]),0},
-{"CAMELLIA-256-CBC","camellia-256-cbc",NID_camellia_256_cbc,11,
-	&(lvalues[5022]),0},
-{"CAMELLIA-128-ECB","camellia-128-ecb",NID_camellia_128_ecb,8,
-	&(lvalues[5033]),0},
-{"CAMELLIA-192-ECB","camellia-192-ecb",NID_camellia_192_ecb,8,
-	&(lvalues[5041]),0},
-{"CAMELLIA-256-ECB","camellia-256-ecb",NID_camellia_256_ecb,8,
-	&(lvalues[5049]),0},
-{"CAMELLIA-128-CFB","camellia-128-cfb",NID_camellia_128_cfb128,8,
-	&(lvalues[5057]),0},
-{"CAMELLIA-192-CFB","camellia-192-cfb",NID_camellia_192_cfb128,8,
-	&(lvalues[5065]),0},
-{"CAMELLIA-256-CFB","camellia-256-cfb",NID_camellia_256_cfb128,8,
-	&(lvalues[5073]),0},
-{"CAMELLIA-128-CFB1","camellia-128-cfb1",NID_camellia_128_cfb1,0,NULL,0},
-{"CAMELLIA-192-CFB1","camellia-192-cfb1",NID_camellia_192_cfb1,0,NULL,0},
-{"CAMELLIA-256-CFB1","camellia-256-cfb1",NID_camellia_256_cfb1,0,NULL,0},
-{"CAMELLIA-128-CFB8","camellia-128-cfb8",NID_camellia_128_cfb8,0,NULL,0},
-{"CAMELLIA-192-CFB8","camellia-192-cfb8",NID_camellia_192_cfb8,0,NULL,0},
-{"CAMELLIA-256-CFB8","camellia-256-cfb8",NID_camellia_256_cfb8,0,NULL,0},
-{"CAMELLIA-128-OFB","camellia-128-ofb",NID_camellia_128_ofb128,8,
-	&(lvalues[5081]),0},
-{"CAMELLIA-192-OFB","camellia-192-ofb",NID_camellia_192_ofb128,8,
-	&(lvalues[5089]),0},
-{"CAMELLIA-256-OFB","camellia-256-ofb",NID_camellia_256_ofb128,8,
-	&(lvalues[5097]),0},
-{"subjectDirectoryAttributes","X509v3 Subject Directory Attributes",
-	NID_subject_directory_attributes,3,&(lvalues[5105]),0},
-{"issuingDistributionPoint","X509v3 Issuing Distrubution Point",
-	NID_issuing_distribution_point,3,&(lvalues[5108]),0},
-{"certificateIssuer","X509v3 Certificate Issuer",
-	NID_certificate_issuer,3,&(lvalues[5111]),0},
-{NULL,NULL,NID_undef,0,NULL,0},
-{"KISA","kisa",NID_kisa,6,&(lvalues[5114]),0},
-{NULL,NULL,NID_undef,0,NULL,0},
-{NULL,NULL,NID_undef,0,NULL,0},
-{"SEED-ECB","seed-ecb",NID_seed_ecb,8,&(lvalues[5120]),0},
-{"SEED-CBC","seed-cbc",NID_seed_cbc,8,&(lvalues[5128]),0},
-{"SEED-OFB","seed-ofb",NID_seed_ofb128,8,&(lvalues[5136]),0},
-{"SEED-CFB","seed-cfb",NID_seed_cfb128,8,&(lvalues[5144]),0},
-{"HMAC-MD5","hmac-md5",NID_hmac_md5,8,&(lvalues[5152]),0},
-{"HMAC-SHA1","hmac-sha1",NID_hmac_sha1,8,&(lvalues[5160]),0},
-{"id-PasswordBasedMAC","password based MAC",NID_id_PasswordBasedMAC,9,
-	&(lvalues[5168]),0},
-{"id-DHBasedMac","Diffie-Hellman based MAC",NID_id_DHBasedMac,9,
-	&(lvalues[5177]),0},
-{"id-it-suppLangTags","id-it-suppLangTags",NID_id_it_suppLangTags,8,
-	&(lvalues[5186]),0},
-{"caRepository","CA Repository",NID_caRepository,8,&(lvalues[5194]),0},
-{"id-smime-ct-compressedData","id-smime-ct-compressedData",
-	NID_id_smime_ct_compressedData,11,&(lvalues[5202]),0},
-{"id-ct-asciiTextWithCRLF","id-ct-asciiTextWithCRLF",
-	NID_id_ct_asciiTextWithCRLF,11,&(lvalues[5213]),0},
-{"id-aes128-wrap","id-aes128-wrap",NID_id_aes128_wrap,9,
-	&(lvalues[5224]),0},
-{"id-aes192-wrap","id-aes192-wrap",NID_id_aes192_wrap,9,
-	&(lvalues[5233]),0},
-{"id-aes256-wrap","id-aes256-wrap",NID_id_aes256_wrap,9,
-	&(lvalues[5242]),0},
-{"ecdsa-with-Recommended","ecdsa-with-Recommended",
-	NID_ecdsa_with_Recommended,7,&(lvalues[5251]),0},
-{"ecdsa-with-Specified","ecdsa-with-Specified",
-	NID_ecdsa_with_Specified,7,&(lvalues[5258]),0},
-{"ecdsa-with-SHA224","ecdsa-with-SHA224",NID_ecdsa_with_SHA224,8,
-	&(lvalues[5265]),0},
-{"ecdsa-with-SHA256","ecdsa-with-SHA256",NID_ecdsa_with_SHA256,8,
-	&(lvalues[5273]),0},
-{"ecdsa-with-SHA384","ecdsa-with-SHA384",NID_ecdsa_with_SHA384,8,
-	&(lvalues[5281]),0},
-{"ecdsa-with-SHA512","ecdsa-with-SHA512",NID_ecdsa_with_SHA512,8,
-	&(lvalues[5289]),0},
-{"hmacWithMD5","hmacWithMD5",NID_hmacWithMD5,8,&(lvalues[5297]),0},
-{"hmacWithSHA224","hmacWithSHA224",NID_hmacWithSHA224,8,
-	&(lvalues[5305]),0},
-{"hmacWithSHA256","hmacWithSHA256",NID_hmacWithSHA256,8,
-	&(lvalues[5313]),0},
-{"hmacWithSHA384","hmacWithSHA384",NID_hmacWithSHA384,8,
-	&(lvalues[5321]),0},
-{"hmacWithSHA512","hmacWithSHA512",NID_hmacWithSHA512,8,
-	&(lvalues[5329]),0},
-{"dsa_with_SHA224","dsa_with_SHA224",NID_dsa_with_SHA224,9,
-	&(lvalues[5337]),0},
-{"dsa_with_SHA256","dsa_with_SHA256",NID_dsa_with_SHA256,9,
-	&(lvalues[5346]),0},
-{"whirlpool","whirlpool",NID_whirlpool,6,&(lvalues[5355]),0},
-{"cryptopro","cryptopro",NID_cryptopro,5,&(lvalues[5361]),0},
-{"cryptocom","cryptocom",NID_cryptocom,5,&(lvalues[5366]),0},
-{"id-GostR3411-94-with-GostR3410-2001",
-	"GOST R 34.11-94 with GOST R 34.10-2001",
-	NID_id_GostR3411_94_with_GostR3410_2001,6,&(lvalues[5371]),0},
-{"id-GostR3411-94-with-GostR3410-94",
-	"GOST R 34.11-94 with GOST R 34.10-94",
-	NID_id_GostR3411_94_with_GostR3410_94,6,&(lvalues[5377]),0},
-{"md_gost94","GOST R 34.11-94",NID_id_GostR3411_94,6,&(lvalues[5383]),0},
-{"id-HMACGostR3411-94","HMAC GOST 34.11-94",NID_id_HMACGostR3411_94,6,
-	&(lvalues[5389]),0},
-{"gost2001","GOST R 34.10-2001",NID_id_GostR3410_2001,6,
-	&(lvalues[5395]),0},
-{"gost94","GOST R 34.10-94",NID_id_GostR3410_94,6,&(lvalues[5401]),0},
-{"gost89","GOST 28147-89",NID_id_Gost28147_89,6,&(lvalues[5407]),0},
-{"gost89-cnt","gost89-cnt",NID_gost89_cnt,0,NULL,0},
-{"gost-mac","GOST 28147-89 MAC",NID_id_Gost28147_89_MAC,6,
-	&(lvalues[5413]),0},
-{"prf-gostr3411-94","GOST R 34.11-94 PRF",NID_id_GostR3411_94_prf,6,
-	&(lvalues[5419]),0},
-{"id-GostR3410-2001DH","GOST R 34.10-2001 DH",NID_id_GostR3410_2001DH,
-	6,&(lvalues[5425]),0},
-{"id-GostR3410-94DH","GOST R 34.10-94 DH",NID_id_GostR3410_94DH,6,
-	&(lvalues[5431]),0},
-{"id-Gost28147-89-CryptoPro-KeyMeshing",
-	"id-Gost28147-89-CryptoPro-KeyMeshing",
-	NID_id_Gost28147_89_CryptoPro_KeyMeshing,7,&(lvalues[5437]),0},
-{"id-Gost28147-89-None-KeyMeshing","id-Gost28147-89-None-KeyMeshing",
-	NID_id_Gost28147_89_None_KeyMeshing,7,&(lvalues[5444]),0},
-{"id-GostR3411-94-TestParamSet","id-GostR3411-94-TestParamSet",
-	NID_id_GostR3411_94_TestParamSet,7,&(lvalues[5451]),0},
-{"id-GostR3411-94-CryptoProParamSet",
-	"id-GostR3411-94-CryptoProParamSet",
-	NID_id_GostR3411_94_CryptoProParamSet,7,&(lvalues[5458]),0},
-{"id-Gost28147-89-TestParamSet","id-Gost28147-89-TestParamSet",
-	NID_id_Gost28147_89_TestParamSet,7,&(lvalues[5465]),0},
-{"id-Gost28147-89-CryptoPro-A-ParamSet",
-	"id-Gost28147-89-CryptoPro-A-ParamSet",
-	NID_id_Gost28147_89_CryptoPro_A_ParamSet,7,&(lvalues[5472]),0},
-{"id-Gost28147-89-CryptoPro-B-ParamSet",
-	"id-Gost28147-89-CryptoPro-B-ParamSet",
-	NID_id_Gost28147_89_CryptoPro_B_ParamSet,7,&(lvalues[5479]),0},
-{"id-Gost28147-89-CryptoPro-C-ParamSet",
-	"id-Gost28147-89-CryptoPro-C-ParamSet",
-	NID_id_Gost28147_89_CryptoPro_C_ParamSet,7,&(lvalues[5486]),0},
-{"id-Gost28147-89-CryptoPro-D-ParamSet",
-	"id-Gost28147-89-CryptoPro-D-ParamSet",
-	NID_id_Gost28147_89_CryptoPro_D_ParamSet,7,&(lvalues[5493]),0},
-{"id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet",
-	"id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet",
-	NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet,7,&(lvalues[5500]),
-	0},
-{"id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet",
-	"id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet",
-	NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet,7,&(lvalues[5507]),
-	0},
-{"id-Gost28147-89-CryptoPro-RIC-1-ParamSet",
-	"id-Gost28147-89-CryptoPro-RIC-1-ParamSet",
-	NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet,7,&(lvalues[5514]),0},
-{"id-GostR3410-94-TestParamSet","id-GostR3410-94-TestParamSet",
-	NID_id_GostR3410_94_TestParamSet,7,&(lvalues[5521]),0},
-{"id-GostR3410-94-CryptoPro-A-ParamSet",
-	"id-GostR3410-94-CryptoPro-A-ParamSet",
-	NID_id_GostR3410_94_CryptoPro_A_ParamSet,7,&(lvalues[5528]),0},
-{"id-GostR3410-94-CryptoPro-B-ParamSet",
-	"id-GostR3410-94-CryptoPro-B-ParamSet",
-	NID_id_GostR3410_94_CryptoPro_B_ParamSet,7,&(lvalues[5535]),0},
-{"id-GostR3410-94-CryptoPro-C-ParamSet",
-	"id-GostR3410-94-CryptoPro-C-ParamSet",
-	NID_id_GostR3410_94_CryptoPro_C_ParamSet,7,&(lvalues[5542]),0},
-{"id-GostR3410-94-CryptoPro-D-ParamSet",
-	"id-GostR3410-94-CryptoPro-D-ParamSet",
-	NID_id_GostR3410_94_CryptoPro_D_ParamSet,7,&(lvalues[5549]),0},
-{"id-GostR3410-94-CryptoPro-XchA-ParamSet",
-	"id-GostR3410-94-CryptoPro-XchA-ParamSet",
-	NID_id_GostR3410_94_CryptoPro_XchA_ParamSet,7,&(lvalues[5556]),0},
-{"id-GostR3410-94-CryptoPro-XchB-ParamSet",
-	"id-GostR3410-94-CryptoPro-XchB-ParamSet",
-	NID_id_GostR3410_94_CryptoPro_XchB_ParamSet,7,&(lvalues[5563]),0},
-{"id-GostR3410-94-CryptoPro-XchC-ParamSet",
-	"id-GostR3410-94-CryptoPro-XchC-ParamSet",
-	NID_id_GostR3410_94_CryptoPro_XchC_ParamSet,7,&(lvalues[5570]),0},
-{"id-GostR3410-2001-TestParamSet","id-GostR3410-2001-TestParamSet",
-	NID_id_GostR3410_2001_TestParamSet,7,&(lvalues[5577]),0},
-{"id-GostR3410-2001-CryptoPro-A-ParamSet",
-	"id-GostR3410-2001-CryptoPro-A-ParamSet",
-	NID_id_GostR3410_2001_CryptoPro_A_ParamSet,7,&(lvalues[5584]),0},
-{"id-GostR3410-2001-CryptoPro-B-ParamSet",
-	"id-GostR3410-2001-CryptoPro-B-ParamSet",
-	NID_id_GostR3410_2001_CryptoPro_B_ParamSet,7,&(lvalues[5591]),0},
-{"id-GostR3410-2001-CryptoPro-C-ParamSet",
-	"id-GostR3410-2001-CryptoPro-C-ParamSet",
-	NID_id_GostR3410_2001_CryptoPro_C_ParamSet,7,&(lvalues[5598]),0},
-{"id-GostR3410-2001-CryptoPro-XchA-ParamSet",
-	"id-GostR3410-2001-CryptoPro-XchA-ParamSet",
-	NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet,7,&(lvalues[5605]),0},
-	
-{"id-GostR3410-2001-CryptoPro-XchB-ParamSet",
-	"id-GostR3410-2001-CryptoPro-XchB-ParamSet",
-	NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet,7,&(lvalues[5612]),0},
-	
-{"id-GostR3410-94-a","id-GostR3410-94-a",NID_id_GostR3410_94_a,7,
-	&(lvalues[5619]),0},
-{"id-GostR3410-94-aBis","id-GostR3410-94-aBis",
-	NID_id_GostR3410_94_aBis,7,&(lvalues[5626]),0},
-{"id-GostR3410-94-b","id-GostR3410-94-b",NID_id_GostR3410_94_b,7,
-	&(lvalues[5633]),0},
-{"id-GostR3410-94-bBis","id-GostR3410-94-bBis",
-	NID_id_GostR3410_94_bBis,7,&(lvalues[5640]),0},
-{"id-Gost28147-89-cc","GOST 28147-89 Cryptocom ParamSet",
-	NID_id_Gost28147_89_cc,8,&(lvalues[5647]),0},
-{"gost94cc","GOST 34.10-94 Cryptocom",NID_id_GostR3410_94_cc,8,
-	&(lvalues[5655]),0},
-{"gost2001cc","GOST 34.10-2001 Cryptocom",NID_id_GostR3410_2001_cc,8,
-	&(lvalues[5663]),0},
-{"id-GostR3411-94-with-GostR3410-94-cc",
-	"GOST R 34.11-94 with GOST R 34.10-94 Cryptocom",
-	NID_id_GostR3411_94_with_GostR3410_94_cc,8,&(lvalues[5671]),0},
-{"id-GostR3411-94-with-GostR3410-2001-cc",
-	"GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom",
-	NID_id_GostR3411_94_with_GostR3410_2001_cc,8,&(lvalues[5679]),0},
-{"id-GostR3410-2001-ParamSet-cc",
-	"GOST R 3410-2001 Parameter Set Cryptocom",
-	NID_id_GostR3410_2001_ParamSet_cc,8,&(lvalues[5687]),0},
-{"HMAC","hmac",NID_hmac,0,NULL,0},
-{"LocalKeySet","Microsoft Local Key set",NID_LocalKeySet,9,
-	&(lvalues[5695]),0},
-{"freshestCRL","X509v3 Freshest CRL",NID_freshest_crl,3,
-	&(lvalues[5704]),0},
-{"id-on-permanentIdentifier","Permanent Identifier",
-	NID_id_on_permanentIdentifier,8,&(lvalues[5707]),0},
-{"searchGuide","searchGuide",NID_searchGuide,3,&(lvalues[5715]),0},
-{"businessCategory","businessCategory",NID_businessCategory,3,
-	&(lvalues[5718]),0},
-{"postalAddress","postalAddress",NID_postalAddress,3,&(lvalues[5721]),0},
-{"postOfficeBox","postOfficeBox",NID_postOfficeBox,3,&(lvalues[5724]),0},
-{"physicalDeliveryOfficeName","physicalDeliveryOfficeName",
-	NID_physicalDeliveryOfficeName,3,&(lvalues[5727]),0},
-{"telephoneNumber","telephoneNumber",NID_telephoneNumber,3,
-	&(lvalues[5730]),0},
-{"telexNumber","telexNumber",NID_telexNumber,3,&(lvalues[5733]),0},
-{"teletexTerminalIdentifier","teletexTerminalIdentifier",
-	NID_teletexTerminalIdentifier,3,&(lvalues[5736]),0},
-{"facsimileTelephoneNumber","facsimileTelephoneNumber",
-	NID_facsimileTelephoneNumber,3,&(lvalues[5739]),0},
-{"x121Address","x121Address",NID_x121Address,3,&(lvalues[5742]),0},
-{"internationaliSDNNumber","internationaliSDNNumber",
-	NID_internationaliSDNNumber,3,&(lvalues[5745]),0},
-{"registeredAddress","registeredAddress",NID_registeredAddress,3,
-	&(lvalues[5748]),0},
-{"destinationIndicator","destinationIndicator",
-	NID_destinationIndicator,3,&(lvalues[5751]),0},
-{"preferredDeliveryMethod","preferredDeliveryMethod",
-	NID_preferredDeliveryMethod,3,&(lvalues[5754]),0},
-{"presentationAddress","presentationAddress",NID_presentationAddress,
-	3,&(lvalues[5757]),0},
-{"supportedApplicationContext","supportedApplicationContext",
-	NID_supportedApplicationContext,3,&(lvalues[5760]),0},
-{"member","member",NID_member,3,&(lvalues[5763]),0},
-{"owner","owner",NID_owner,3,&(lvalues[5766]),0},
-{"roleOccupant","roleOccupant",NID_roleOccupant,3,&(lvalues[5769]),0},
-{"seeAlso","seeAlso",NID_seeAlso,3,&(lvalues[5772]),0},
-{"userPassword","userPassword",NID_userPassword,3,&(lvalues[5775]),0},
-{"userCertificate","userCertificate",NID_userCertificate,3,
-	&(lvalues[5778]),0},
-{"cACertificate","cACertificate",NID_cACertificate,3,&(lvalues[5781]),0},
-{"authorityRevocationList","authorityRevocationList",
-	NID_authorityRevocationList,3,&(lvalues[5784]),0},
-{"certificateRevocationList","certificateRevocationList",
-	NID_certificateRevocationList,3,&(lvalues[5787]),0},
-{"crossCertificatePair","crossCertificatePair",
-	NID_crossCertificatePair,3,&(lvalues[5790]),0},
-{"enhancedSearchGuide","enhancedSearchGuide",NID_enhancedSearchGuide,
-	3,&(lvalues[5793]),0},
-{"protocolInformation","protocolInformation",NID_protocolInformation,
-	3,&(lvalues[5796]),0},
-{"distinguishedName","distinguishedName",NID_distinguishedName,3,
-	&(lvalues[5799]),0},
-{"uniqueMember","uniqueMember",NID_uniqueMember,3,&(lvalues[5802]),0},
-{"houseIdentifier","houseIdentifier",NID_houseIdentifier,3,
-	&(lvalues[5805]),0},
-{"supportedAlgorithms","supportedAlgorithms",NID_supportedAlgorithms,
-	3,&(lvalues[5808]),0},
-{"deltaRevocationList","deltaRevocationList",NID_deltaRevocationList,
-	3,&(lvalues[5811]),0},
-{"dmdName","dmdName",NID_dmdName,3,&(lvalues[5814]),0},
-{"id-alg-PWRI-KEK","id-alg-PWRI-KEK",NID_id_alg_PWRI_KEK,11,
-	&(lvalues[5817]),0},
-{"CMAC","cmac",NID_cmac,0,NULL,0},
-{"id-aes128-GCM","aes-128-gcm",NID_aes_128_gcm,9,&(lvalues[5828]),0},
-{"id-aes128-CCM","aes-128-ccm",NID_aes_128_ccm,9,&(lvalues[5837]),0},
-{"id-aes128-wrap-pad","id-aes128-wrap-pad",NID_id_aes128_wrap_pad,9,
-	&(lvalues[5846]),0},
-{"id-aes192-GCM","aes-192-gcm",NID_aes_192_gcm,9,&(lvalues[5855]),0},
-{"id-aes192-CCM","aes-192-ccm",NID_aes_192_ccm,9,&(lvalues[5864]),0},
-{"id-aes192-wrap-pad","id-aes192-wrap-pad",NID_id_aes192_wrap_pad,9,
-	&(lvalues[5873]),0},
-{"id-aes256-GCM","aes-256-gcm",NID_aes_256_gcm,9,&(lvalues[5882]),0},
-{"id-aes256-CCM","aes-256-ccm",NID_aes_256_ccm,9,&(lvalues[5891]),0},
-{"id-aes256-wrap-pad","id-aes256-wrap-pad",NID_id_aes256_wrap_pad,9,
-	&(lvalues[5900]),0},
-{"AES-128-CTR","aes-128-ctr",NID_aes_128_ctr,0,NULL,0},
-{"AES-192-CTR","aes-192-ctr",NID_aes_192_ctr,0,NULL,0},
-{"AES-256-CTR","aes-256-ctr",NID_aes_256_ctr,0,NULL,0},
-{"id-camellia128-wrap","id-camellia128-wrap",NID_id_camellia128_wrap,
-	11,&(lvalues[5909]),0},
-{"id-camellia192-wrap","id-camellia192-wrap",NID_id_camellia192_wrap,
-	11,&(lvalues[5920]),0},
-{"id-camellia256-wrap","id-camellia256-wrap",NID_id_camellia256_wrap,
-	11,&(lvalues[5931]),0},
-{"anyExtendedKeyUsage","Any Extended Key Usage",
-	NID_anyExtendedKeyUsage,4,&(lvalues[5942]),0},
-{"MGF1","mgf1",NID_mgf1,9,&(lvalues[5946]),0},
-{"RSASSA-PSS","rsassaPss",NID_rsassaPss,9,&(lvalues[5955]),0},
-{"AES-128-XTS","aes-128-xts",NID_aes_128_xts,0,NULL,0},
-{"AES-256-XTS","aes-256-xts",NID_aes_256_xts,0,NULL,0},
-{"RC4-HMAC-MD5","rc4-hmac-md5",NID_rc4_hmac_md5,0,NULL,0},
-{"AES-128-CBC-HMAC-SHA1","aes-128-cbc-hmac-sha1",
-	NID_aes_128_cbc_hmac_sha1,0,NULL,0},
-{"AES-192-CBC-HMAC-SHA1","aes-192-cbc-hmac-sha1",
-	NID_aes_192_cbc_hmac_sha1,0,NULL,0},
-{"AES-256-CBC-HMAC-SHA1","aes-256-cbc-hmac-sha1",
-	NID_aes_256_cbc_hmac_sha1,0,NULL,0},
-{"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5964]),0},
-{"dhpublicnumber","X9.42 DH",NID_dhpublicnumber,7,&(lvalues[5973]),0},
-{"brainpoolP160r1","brainpoolP160r1",NID_brainpoolP160r1,9,
-	&(lvalues[5980]),0},
-{"brainpoolP160t1","brainpoolP160t1",NID_brainpoolP160t1,9,
-	&(lvalues[5989]),0},
-{"brainpoolP192r1","brainpoolP192r1",NID_brainpoolP192r1,9,
-	&(lvalues[5998]),0},
-{"brainpoolP192t1","brainpoolP192t1",NID_brainpoolP192t1,9,
-	&(lvalues[6007]),0},
-{"brainpoolP224r1","brainpoolP224r1",NID_brainpoolP224r1,9,
-	&(lvalues[6016]),0},
-{"brainpoolP224t1","brainpoolP224t1",NID_brainpoolP224t1,9,
-	&(lvalues[6025]),0},
-{"brainpoolP256r1","brainpoolP256r1",NID_brainpoolP256r1,9,
-	&(lvalues[6034]),0},
-{"brainpoolP256t1","brainpoolP256t1",NID_brainpoolP256t1,9,
-	&(lvalues[6043]),0},
-{"brainpoolP320r1","brainpoolP320r1",NID_brainpoolP320r1,9,
-	&(lvalues[6052]),0},
-{"brainpoolP320t1","brainpoolP320t1",NID_brainpoolP320t1,9,
-	&(lvalues[6061]),0},
-{"brainpoolP384r1","brainpoolP384r1",NID_brainpoolP384r1,9,
-	&(lvalues[6070]),0},
-{"brainpoolP384t1","brainpoolP384t1",NID_brainpoolP384t1,9,
-	&(lvalues[6079]),0},
-{"brainpoolP512r1","brainpoolP512r1",NID_brainpoolP512r1,9,
-	&(lvalues[6088]),0},
-{"brainpoolP512t1","brainpoolP512t1",NID_brainpoolP512t1,9,
-	&(lvalues[6097]),0},
-{"PSPECIFIED","pSpecified",NID_pSpecified,9,&(lvalues[6106]),0},
-{"dhSinglePass-stdDH-sha1kdf-scheme",
-	"dhSinglePass-stdDH-sha1kdf-scheme",
-	NID_dhSinglePass_stdDH_sha1kdf_scheme,9,&(lvalues[6115]),0},
-{"dhSinglePass-stdDH-sha224kdf-scheme",
-	"dhSinglePass-stdDH-sha224kdf-scheme",
-	NID_dhSinglePass_stdDH_sha224kdf_scheme,6,&(lvalues[6124]),0},
-{"dhSinglePass-stdDH-sha256kdf-scheme",
-	"dhSinglePass-stdDH-sha256kdf-scheme",
-	NID_dhSinglePass_stdDH_sha256kdf_scheme,6,&(lvalues[6130]),0},
-{"dhSinglePass-stdDH-sha384kdf-scheme",
-	"dhSinglePass-stdDH-sha384kdf-scheme",
-	NID_dhSinglePass_stdDH_sha384kdf_scheme,6,&(lvalues[6136]),0},
-{"dhSinglePass-stdDH-sha512kdf-scheme",
-	"dhSinglePass-stdDH-sha512kdf-scheme",
-	NID_dhSinglePass_stdDH_sha512kdf_scheme,6,&(lvalues[6142]),0},
-{"dhSinglePass-cofactorDH-sha1kdf-scheme",
-	"dhSinglePass-cofactorDH-sha1kdf-scheme",
-	NID_dhSinglePass_cofactorDH_sha1kdf_scheme,9,&(lvalues[6148]),0},
-{"dhSinglePass-cofactorDH-sha224kdf-scheme",
-	"dhSinglePass-cofactorDH-sha224kdf-scheme",
-	NID_dhSinglePass_cofactorDH_sha224kdf_scheme,6,&(lvalues[6157]),0},
-{"dhSinglePass-cofactorDH-sha256kdf-scheme",
-	"dhSinglePass-cofactorDH-sha256kdf-scheme",
-	NID_dhSinglePass_cofactorDH_sha256kdf_scheme,6,&(lvalues[6163]),0},
-{"dhSinglePass-cofactorDH-sha384kdf-scheme",
-	"dhSinglePass-cofactorDH-sha384kdf-scheme",
-	NID_dhSinglePass_cofactorDH_sha384kdf_scheme,6,&(lvalues[6169]),0},
-{"dhSinglePass-cofactorDH-sha512kdf-scheme",
-	"dhSinglePass-cofactorDH-sha512kdf-scheme",
-	NID_dhSinglePass_cofactorDH_sha512kdf_scheme,6,&(lvalues[6175]),0},
-{"dh-std-kdf","dh-std-kdf",NID_dh_std_kdf,0,NULL,0},
-{"dh-cofactor-kdf","dh-cofactor-kdf",NID_dh_cofactor_kdf,0,NULL,0},
-{"AES-128-CBC-HMAC-SHA256","aes-128-cbc-hmac-sha256",
-	NID_aes_128_cbc_hmac_sha256,0,NULL,0},
-{"AES-192-CBC-HMAC-SHA256","aes-192-cbc-hmac-sha256",
-	NID_aes_192_cbc_hmac_sha256,0,NULL,0},
-{"AES-256-CBC-HMAC-SHA256","aes-256-cbc-hmac-sha256",
-	NID_aes_256_cbc_hmac_sha256,0,NULL,0},
-{"ct_precert_scts","CT Precertificate SCTs",NID_ct_precert_scts,10,
-	&(lvalues[6181]),0},
-{"ct_precert_poison","CT Precertificate Poison",NID_ct_precert_poison,
-	10,&(lvalues[6191]),0},
-{"ct_precert_signer","CT Precertificate Signer",NID_ct_precert_signer,
-	10,&(lvalues[6201]),0},
-{"ct_cert_scts","CT Certificate SCTs",NID_ct_cert_scts,10,
-	&(lvalues[6211]),0},
-{"jurisdictionL","jurisdictionLocalityName",
-	NID_jurisdictionLocalityName,11,&(lvalues[6221]),0},
-{"jurisdictionST","jurisdictionStateOrProvinceName",
-	NID_jurisdictionStateOrProvinceName,11,&(lvalues[6232]),0},
-{"jurisdictionC","jurisdictionCountryName",
-	NID_jurisdictionCountryName,11,&(lvalues[6243]),0},
-};
-
-static const unsigned int sn_objs[NUM_SN]={
-364,	/* "AD_DVCS" */
-419,	/* "AES-128-CBC" */
-916,	/* "AES-128-CBC-HMAC-SHA1" */
-948,	/* "AES-128-CBC-HMAC-SHA256" */
-421,	/* "AES-128-CFB" */
-650,	/* "AES-128-CFB1" */
-653,	/* "AES-128-CFB8" */
-904,	/* "AES-128-CTR" */
-418,	/* "AES-128-ECB" */
-420,	/* "AES-128-OFB" */
-913,	/* "AES-128-XTS" */
-423,	/* "AES-192-CBC" */
-917,	/* "AES-192-CBC-HMAC-SHA1" */
-949,	/* "AES-192-CBC-HMAC-SHA256" */
-425,	/* "AES-192-CFB" */
-651,	/* "AES-192-CFB1" */
-654,	/* "AES-192-CFB8" */
-905,	/* "AES-192-CTR" */
-422,	/* "AES-192-ECB" */
-424,	/* "AES-192-OFB" */
-427,	/* "AES-256-CBC" */
-918,	/* "AES-256-CBC-HMAC-SHA1" */
-950,	/* "AES-256-CBC-HMAC-SHA256" */
-429,	/* "AES-256-CFB" */
-652,	/* "AES-256-CFB1" */
-655,	/* "AES-256-CFB8" */
-906,	/* "AES-256-CTR" */
-426,	/* "AES-256-ECB" */
-428,	/* "AES-256-OFB" */
-914,	/* "AES-256-XTS" */
-91,	/* "BF-CBC" */
-93,	/* "BF-CFB" */
-92,	/* "BF-ECB" */
-94,	/* "BF-OFB" */
-14,	/* "C" */
-751,	/* "CAMELLIA-128-CBC" */
-757,	/* "CAMELLIA-128-CFB" */
-760,	/* "CAMELLIA-128-CFB1" */
-763,	/* "CAMELLIA-128-CFB8" */
-754,	/* "CAMELLIA-128-ECB" */
-766,	/* "CAMELLIA-128-OFB" */
-752,	/* "CAMELLIA-192-CBC" */
-758,	/* "CAMELLIA-192-CFB" */
-761,	/* "CAMELLIA-192-CFB1" */
-764,	/* "CAMELLIA-192-CFB8" */
-755,	/* "CAMELLIA-192-ECB" */
-767,	/* "CAMELLIA-192-OFB" */
-753,	/* "CAMELLIA-256-CBC" */
-759,	/* "CAMELLIA-256-CFB" */
-762,	/* "CAMELLIA-256-CFB1" */
-765,	/* "CAMELLIA-256-CFB8" */
-756,	/* "CAMELLIA-256-ECB" */
-768,	/* "CAMELLIA-256-OFB" */
-108,	/* "CAST5-CBC" */
-110,	/* "CAST5-CFB" */
-109,	/* "CAST5-ECB" */
-111,	/* "CAST5-OFB" */
-894,	/* "CMAC" */
-13,	/* "CN" */
-141,	/* "CRLReason" */
-417,	/* "CSPName" */
-367,	/* "CrlID" */
-391,	/* "DC" */
-31,	/* "DES-CBC" */
-643,	/* "DES-CDMF" */
-30,	/* "DES-CFB" */
-656,	/* "DES-CFB1" */
-657,	/* "DES-CFB8" */
-29,	/* "DES-ECB" */
-32,	/* "DES-EDE" */
-43,	/* "DES-EDE-CBC" */
-60,	/* "DES-EDE-CFB" */
-62,	/* "DES-EDE-OFB" */
-33,	/* "DES-EDE3" */
-44,	/* "DES-EDE3-CBC" */
-61,	/* "DES-EDE3-CFB" */
-658,	/* "DES-EDE3-CFB1" */
-659,	/* "DES-EDE3-CFB8" */
-63,	/* "DES-EDE3-OFB" */
-45,	/* "DES-OFB" */
-80,	/* "DESX-CBC" */
-380,	/* "DOD" */
-116,	/* "DSA" */
-66,	/* "DSA-SHA" */
-113,	/* "DSA-SHA1" */
-70,	/* "DSA-SHA1-old" */
-67,	/* "DSA-old" */
-297,	/* "DVCS" */
-99,	/* "GN" */
-855,	/* "HMAC" */
-780,	/* "HMAC-MD5" */
-781,	/* "HMAC-SHA1" */
-381,	/* "IANA" */
-34,	/* "IDEA-CBC" */
-35,	/* "IDEA-CFB" */
-36,	/* "IDEA-ECB" */
-46,	/* "IDEA-OFB" */
-181,	/* "ISO" */
-183,	/* "ISO-US" */
-645,	/* "ITU-T" */
-646,	/* "JOINT-ISO-ITU-T" */
-773,	/* "KISA" */
-15,	/* "L" */
-856,	/* "LocalKeySet" */
- 3,	/* "MD2" */
-257,	/* "MD4" */
- 4,	/* "MD5" */
-114,	/* "MD5-SHA1" */
-95,	/* "MDC2" */
-911,	/* "MGF1" */
-388,	/* "Mail" */
-393,	/* "NULL" */
-404,	/* "NULL" */
-57,	/* "Netscape" */
-366,	/* "Nonce" */
-17,	/* "O" */
-178,	/* "OCSP" */
-180,	/* "OCSPSigning" */
-379,	/* "ORG" */
-18,	/* "OU" */
-749,	/* "Oakley-EC2N-3" */
-750,	/* "Oakley-EC2N-4" */
- 9,	/* "PBE-MD2-DES" */
-168,	/* "PBE-MD2-RC2-64" */
-10,	/* "PBE-MD5-DES" */
-169,	/* "PBE-MD5-RC2-64" */
-147,	/* "PBE-SHA1-2DES" */
-146,	/* "PBE-SHA1-3DES" */
-170,	/* "PBE-SHA1-DES" */
-148,	/* "PBE-SHA1-RC2-128" */
-149,	/* "PBE-SHA1-RC2-40" */
-68,	/* "PBE-SHA1-RC2-64" */
-144,	/* "PBE-SHA1-RC4-128" */
-145,	/* "PBE-SHA1-RC4-40" */
-161,	/* "PBES2" */
-69,	/* "PBKDF2" */
-162,	/* "PBMAC1" */
-127,	/* "PKIX" */
-935,	/* "PSPECIFIED" */
-98,	/* "RC2-40-CBC" */
-166,	/* "RC2-64-CBC" */
-37,	/* "RC2-CBC" */
-39,	/* "RC2-CFB" */
-38,	/* "RC2-ECB" */
-40,	/* "RC2-OFB" */
- 5,	/* "RC4" */
-97,	/* "RC4-40" */
-915,	/* "RC4-HMAC-MD5" */
-120,	/* "RC5-CBC" */
-122,	/* "RC5-CFB" */
-121,	/* "RC5-ECB" */
-123,	/* "RC5-OFB" */
-117,	/* "RIPEMD160" */
-124,	/* "RLE" */
-19,	/* "RSA" */
- 7,	/* "RSA-MD2" */
-396,	/* "RSA-MD4" */
- 8,	/* "RSA-MD5" */
-96,	/* "RSA-MDC2" */
-104,	/* "RSA-NP-MD5" */
-119,	/* "RSA-RIPEMD160" */
-42,	/* "RSA-SHA" */
-65,	/* "RSA-SHA1" */
-115,	/* "RSA-SHA1-2" */
-671,	/* "RSA-SHA224" */
-668,	/* "RSA-SHA256" */
-669,	/* "RSA-SHA384" */
-670,	/* "RSA-SHA512" */
-919,	/* "RSAES-OAEP" */
-912,	/* "RSASSA-PSS" */
-777,	/* "SEED-CBC" */
-779,	/* "SEED-CFB" */
-776,	/* "SEED-ECB" */
-778,	/* "SEED-OFB" */
-41,	/* "SHA" */
-64,	/* "SHA1" */
-675,	/* "SHA224" */
-672,	/* "SHA256" */
-673,	/* "SHA384" */
-674,	/* "SHA512" */
-188,	/* "SMIME" */
-167,	/* "SMIME-CAPS" */
-100,	/* "SN" */
-16,	/* "ST" */
-143,	/* "SXNetID" */
-458,	/* "UID" */
- 0,	/* "UNDEF" */
-11,	/* "X500" */
-378,	/* "X500algorithms" */
-12,	/* "X509" */
-184,	/* "X9-57" */
-185,	/* "X9cm" */
-125,	/* "ZLIB" */
-478,	/* "aRecord" */
-289,	/* "aaControls" */
-287,	/* "ac-auditEntity" */
-397,	/* "ac-proxying" */
-288,	/* "ac-targeting" */
-368,	/* "acceptableResponses" */
-446,	/* "account" */
-363,	/* "ad_timestamping" */
-376,	/* "algorithm" */
-405,	/* "ansi-X9-62" */
-910,	/* "anyExtendedKeyUsage" */
-746,	/* "anyPolicy" */
-370,	/* "archiveCutoff" */
-484,	/* "associatedDomain" */
-485,	/* "associatedName" */
-501,	/* "audio" */
-177,	/* "authorityInfoAccess" */
-90,	/* "authorityKeyIdentifier" */
-882,	/* "authorityRevocationList" */
-87,	/* "basicConstraints" */
-365,	/* "basicOCSPResponse" */
-285,	/* "biometricInfo" */
-921,	/* "brainpoolP160r1" */
-922,	/* "brainpoolP160t1" */
-923,	/* "brainpoolP192r1" */
-924,	/* "brainpoolP192t1" */
-925,	/* "brainpoolP224r1" */
-926,	/* "brainpoolP224t1" */
-927,	/* "brainpoolP256r1" */
-928,	/* "brainpoolP256t1" */
-929,	/* "brainpoolP320r1" */
-930,	/* "brainpoolP320t1" */
-931,	/* "brainpoolP384r1" */
-932,	/* "brainpoolP384t1" */
-933,	/* "brainpoolP512r1" */
-934,	/* "brainpoolP512t1" */
-494,	/* "buildingName" */
-860,	/* "businessCategory" */
-691,	/* "c2onb191v4" */
-692,	/* "c2onb191v5" */
-697,	/* "c2onb239v4" */
-698,	/* "c2onb239v5" */
-684,	/* "c2pnb163v1" */
-685,	/* "c2pnb163v2" */
-686,	/* "c2pnb163v3" */
-687,	/* "c2pnb176v1" */
-693,	/* "c2pnb208w1" */
-699,	/* "c2pnb272w1" */
-700,	/* "c2pnb304w1" */
-702,	/* "c2pnb368w1" */
-688,	/* "c2tnb191v1" */
-689,	/* "c2tnb191v2" */
-690,	/* "c2tnb191v3" */
-694,	/* "c2tnb239v1" */
-695,	/* "c2tnb239v2" */
-696,	/* "c2tnb239v3" */
-701,	/* "c2tnb359v1" */
-703,	/* "c2tnb431r1" */
-881,	/* "cACertificate" */
-483,	/* "cNAMERecord" */
-179,	/* "caIssuers" */
-785,	/* "caRepository" */
-443,	/* "caseIgnoreIA5StringSyntax" */
-152,	/* "certBag" */
-677,	/* "certicom-arc" */
-771,	/* "certificateIssuer" */
-89,	/* "certificatePolicies" */
-883,	/* "certificateRevocationList" */
-54,	/* "challengePassword" */
-407,	/* "characteristic-two-field" */
-395,	/* "clearance" */
-130,	/* "clientAuth" */
-131,	/* "codeSigning" */
-50,	/* "contentType" */
-53,	/* "countersignature" */
-153,	/* "crlBag" */
-103,	/* "crlDistributionPoints" */
-88,	/* "crlNumber" */
-884,	/* "crossCertificatePair" */
-806,	/* "cryptocom" */
-805,	/* "cryptopro" */
-954,	/* "ct_cert_scts" */
-952,	/* "ct_precert_poison" */
-951,	/* "ct_precert_scts" */
-953,	/* "ct_precert_signer" */
-500,	/* "dITRedirect" */
-451,	/* "dNSDomain" */
-495,	/* "dSAQuality" */
-434,	/* "data" */
-390,	/* "dcobject" */
-140,	/* "deltaCRL" */
-891,	/* "deltaRevocationList" */
-107,	/* "description" */
-871,	/* "destinationIndicator" */
-947,	/* "dh-cofactor-kdf" */
-946,	/* "dh-std-kdf" */
-28,	/* "dhKeyAgreement" */
-941,	/* "dhSinglePass-cofactorDH-sha1kdf-scheme" */
-942,	/* "dhSinglePass-cofactorDH-sha224kdf-scheme" */
-943,	/* "dhSinglePass-cofactorDH-sha256kdf-scheme" */
-944,	/* "dhSinglePass-cofactorDH-sha384kdf-scheme" */
-945,	/* "dhSinglePass-cofactorDH-sha512kdf-scheme" */
-936,	/* "dhSinglePass-stdDH-sha1kdf-scheme" */
-937,	/* "dhSinglePass-stdDH-sha224kdf-scheme" */
-938,	/* "dhSinglePass-stdDH-sha256kdf-scheme" */
-939,	/* "dhSinglePass-stdDH-sha384kdf-scheme" */
-940,	/* "dhSinglePass-stdDH-sha512kdf-scheme" */
-920,	/* "dhpublicnumber" */
-382,	/* "directory" */
-887,	/* "distinguishedName" */
-892,	/* "dmdName" */
-174,	/* "dnQualifier" */
-447,	/* "document" */
-471,	/* "documentAuthor" */
-468,	/* "documentIdentifier" */
-472,	/* "documentLocation" */
-502,	/* "documentPublisher" */
-449,	/* "documentSeries" */
-469,	/* "documentTitle" */
-470,	/* "documentVersion" */
-392,	/* "domain" */
-452,	/* "domainRelatedObject" */
-802,	/* "dsa_with_SHA224" */
-803,	/* "dsa_with_SHA256" */
-791,	/* "ecdsa-with-Recommended" */
-416,	/* "ecdsa-with-SHA1" */
-793,	/* "ecdsa-with-SHA224" */
-794,	/* "ecdsa-with-SHA256" */
-795,	/* "ecdsa-with-SHA384" */
-796,	/* "ecdsa-with-SHA512" */
-792,	/* "ecdsa-with-Specified" */
-48,	/* "emailAddress" */
-132,	/* "emailProtection" */
-885,	/* "enhancedSearchGuide" */
-389,	/* "enterprises" */
-384,	/* "experimental" */
-172,	/* "extReq" */
-56,	/* "extendedCertificateAttributes" */
-126,	/* "extendedKeyUsage" */
-372,	/* "extendedStatus" */
-867,	/* "facsimileTelephoneNumber" */
-462,	/* "favouriteDrink" */
-857,	/* "freshestCRL" */
-453,	/* "friendlyCountry" */
-490,	/* "friendlyCountryName" */
-156,	/* "friendlyName" */
-509,	/* "generationQualifier" */
-815,	/* "gost-mac" */
-811,	/* "gost2001" */
-851,	/* "gost2001cc" */
-813,	/* "gost89" */
-814,	/* "gost89-cnt" */
-812,	/* "gost94" */
-850,	/* "gost94cc" */
-797,	/* "hmacWithMD5" */
-163,	/* "hmacWithSHA1" */
-798,	/* "hmacWithSHA224" */
-799,	/* "hmacWithSHA256" */
-800,	/* "hmacWithSHA384" */
-801,	/* "hmacWithSHA512" */
-432,	/* "holdInstructionCallIssuer" */
-430,	/* "holdInstructionCode" */
-431,	/* "holdInstructionNone" */
-433,	/* "holdInstructionReject" */
-486,	/* "homePostalAddress" */
-473,	/* "homeTelephoneNumber" */
-466,	/* "host" */
-889,	/* "houseIdentifier" */
-442,	/* "iA5StringSyntax" */
-783,	/* "id-DHBasedMac" */
-824,	/* "id-Gost28147-89-CryptoPro-A-ParamSet" */
-825,	/* "id-Gost28147-89-CryptoPro-B-ParamSet" */
-826,	/* "id-Gost28147-89-CryptoPro-C-ParamSet" */
-827,	/* "id-Gost28147-89-CryptoPro-D-ParamSet" */
-819,	/* "id-Gost28147-89-CryptoPro-KeyMeshing" */
-829,	/* "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet" */
-828,	/* "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet" */
-830,	/* "id-Gost28147-89-CryptoPro-RIC-1-ParamSet" */
-820,	/* "id-Gost28147-89-None-KeyMeshing" */
-823,	/* "id-Gost28147-89-TestParamSet" */
-849,	/* "id-Gost28147-89-cc" */
-840,	/* "id-GostR3410-2001-CryptoPro-A-ParamSet" */
-841,	/* "id-GostR3410-2001-CryptoPro-B-ParamSet" */
-842,	/* "id-GostR3410-2001-CryptoPro-C-ParamSet" */
-843,	/* "id-GostR3410-2001-CryptoPro-XchA-ParamSet" */
-844,	/* "id-GostR3410-2001-CryptoPro-XchB-ParamSet" */
-854,	/* "id-GostR3410-2001-ParamSet-cc" */
-839,	/* "id-GostR3410-2001-TestParamSet" */
-817,	/* "id-GostR3410-2001DH" */
-832,	/* "id-GostR3410-94-CryptoPro-A-ParamSet" */
-833,	/* "id-GostR3410-94-CryptoPro-B-ParamSet" */
-834,	/* "id-GostR3410-94-CryptoPro-C-ParamSet" */
-835,	/* "id-GostR3410-94-CryptoPro-D-ParamSet" */
-836,	/* "id-GostR3410-94-CryptoPro-XchA-ParamSet" */
-837,	/* "id-GostR3410-94-CryptoPro-XchB-ParamSet" */
-838,	/* "id-GostR3410-94-CryptoPro-XchC-ParamSet" */
-831,	/* "id-GostR3410-94-TestParamSet" */
-845,	/* "id-GostR3410-94-a" */
-846,	/* "id-GostR3410-94-aBis" */
-847,	/* "id-GostR3410-94-b" */
-848,	/* "id-GostR3410-94-bBis" */
-818,	/* "id-GostR3410-94DH" */
-822,	/* "id-GostR3411-94-CryptoProParamSet" */
-821,	/* "id-GostR3411-94-TestParamSet" */
-807,	/* "id-GostR3411-94-with-GostR3410-2001" */
-853,	/* "id-GostR3411-94-with-GostR3410-2001-cc" */
-808,	/* "id-GostR3411-94-with-GostR3410-94" */
-852,	/* "id-GostR3411-94-with-GostR3410-94-cc" */
-810,	/* "id-HMACGostR3411-94" */
-782,	/* "id-PasswordBasedMAC" */
-266,	/* "id-aca" */
-355,	/* "id-aca-accessIdentity" */
-354,	/* "id-aca-authenticationInfo" */
-356,	/* "id-aca-chargingIdentity" */
-399,	/* "id-aca-encAttrs" */
-357,	/* "id-aca-group" */
-358,	/* "id-aca-role" */
-176,	/* "id-ad" */
-896,	/* "id-aes128-CCM" */
-895,	/* "id-aes128-GCM" */
-788,	/* "id-aes128-wrap" */
-897,	/* "id-aes128-wrap-pad" */
-899,	/* "id-aes192-CCM" */
-898,	/* "id-aes192-GCM" */
-789,	/* "id-aes192-wrap" */
-900,	/* "id-aes192-wrap-pad" */
-902,	/* "id-aes256-CCM" */
-901,	/* "id-aes256-GCM" */
-790,	/* "id-aes256-wrap" */
-903,	/* "id-aes256-wrap-pad" */
-262,	/* "id-alg" */
-893,	/* "id-alg-PWRI-KEK" */
-323,	/* "id-alg-des40" */
-326,	/* "id-alg-dh-pop" */
-325,	/* "id-alg-dh-sig-hmac-sha1" */
-324,	/* "id-alg-noSignature" */
-907,	/* "id-camellia128-wrap" */
-908,	/* "id-camellia192-wrap" */
-909,	/* "id-camellia256-wrap" */
-268,	/* "id-cct" */
-361,	/* "id-cct-PKIData" */
-362,	/* "id-cct-PKIResponse" */
-360,	/* "id-cct-crs" */
-81,	/* "id-ce" */
-680,	/* "id-characteristic-two-basis" */
-263,	/* "id-cmc" */
-334,	/* "id-cmc-addExtensions" */
-346,	/* "id-cmc-confirmCertAcceptance" */
-330,	/* "id-cmc-dataReturn" */
-336,	/* "id-cmc-decryptedPOP" */
-335,	/* "id-cmc-encryptedPOP" */
-339,	/* "id-cmc-getCRL" */
-338,	/* "id-cmc-getCert" */
-328,	/* "id-cmc-identification" */
-329,	/* "id-cmc-identityProof" */
-337,	/* "id-cmc-lraPOPWitness" */
-344,	/* "id-cmc-popLinkRandom" */
-345,	/* "id-cmc-popLinkWitness" */
-343,	/* "id-cmc-queryPending" */
-333,	/* "id-cmc-recipientNonce" */
-341,	/* "id-cmc-regInfo" */
-342,	/* "id-cmc-responseInfo" */
-340,	/* "id-cmc-revokeRequest" */
-332,	/* "id-cmc-senderNonce" */
-327,	/* "id-cmc-statusInfo" */
-331,	/* "id-cmc-transactionId" */
-787,	/* "id-ct-asciiTextWithCRLF" */
-408,	/* "id-ecPublicKey" */
-508,	/* "id-hex-multipart-message" */
-507,	/* "id-hex-partial-message" */
-260,	/* "id-it" */
-302,	/* "id-it-caKeyUpdateInfo" */
-298,	/* "id-it-caProtEncCert" */
-311,	/* "id-it-confirmWaitTime" */
-303,	/* "id-it-currentCRL" */
-300,	/* "id-it-encKeyPairTypes" */
-310,	/* "id-it-implicitConfirm" */
-308,	/* "id-it-keyPairParamRep" */
-307,	/* "id-it-keyPairParamReq" */
-312,	/* "id-it-origPKIMessage" */
-301,	/* "id-it-preferredSymmAlg" */
-309,	/* "id-it-revPassphrase" */
-299,	/* "id-it-signKeyPairTypes" */
-305,	/* "id-it-subscriptionRequest" */
-306,	/* "id-it-subscriptionResponse" */
-784,	/* "id-it-suppLangTags" */
-304,	/* "id-it-unsupportedOIDs" */
-128,	/* "id-kp" */
-280,	/* "id-mod-attribute-cert" */
-274,	/* "id-mod-cmc" */
-277,	/* "id-mod-cmp" */
-284,	/* "id-mod-cmp2000" */
-273,	/* "id-mod-crmf" */
-283,	/* "id-mod-dvcs" */
-275,	/* "id-mod-kea-profile-88" */
-276,	/* "id-mod-kea-profile-93" */
-282,	/* "id-mod-ocsp" */
-278,	/* "id-mod-qualified-cert-88" */
-279,	/* "id-mod-qualified-cert-93" */
-281,	/* "id-mod-timestamp-protocol" */
-264,	/* "id-on" */
-858,	/* "id-on-permanentIdentifier" */
-347,	/* "id-on-personalData" */
-265,	/* "id-pda" */
-352,	/* "id-pda-countryOfCitizenship" */
-353,	/* "id-pda-countryOfResidence" */
-348,	/* "id-pda-dateOfBirth" */
-351,	/* "id-pda-gender" */
-349,	/* "id-pda-placeOfBirth" */
-175,	/* "id-pe" */
-261,	/* "id-pkip" */
-258,	/* "id-pkix-mod" */
-269,	/* "id-pkix1-explicit-88" */
-271,	/* "id-pkix1-explicit-93" */
-270,	/* "id-pkix1-implicit-88" */
-272,	/* "id-pkix1-implicit-93" */
-662,	/* "id-ppl" */
-664,	/* "id-ppl-anyLanguage" */
-667,	/* "id-ppl-independent" */
-665,	/* "id-ppl-inheritAll" */
-267,	/* "id-qcs" */
-359,	/* "id-qcs-pkixQCSyntax-v1" */
-259,	/* "id-qt" */
-164,	/* "id-qt-cps" */
-165,	/* "id-qt-unotice" */
-313,	/* "id-regCtrl" */
-316,	/* "id-regCtrl-authenticator" */
-319,	/* "id-regCtrl-oldCertID" */
-318,	/* "id-regCtrl-pkiArchiveOptions" */
-317,	/* "id-regCtrl-pkiPublicationInfo" */
-320,	/* "id-regCtrl-protocolEncrKey" */
-315,	/* "id-regCtrl-regToken" */
-314,	/* "id-regInfo" */
-322,	/* "id-regInfo-certReq" */
-321,	/* "id-regInfo-utf8Pairs" */
-512,	/* "id-set" */
-191,	/* "id-smime-aa" */
-215,	/* "id-smime-aa-contentHint" */
-218,	/* "id-smime-aa-contentIdentifier" */
-221,	/* "id-smime-aa-contentReference" */
-240,	/* "id-smime-aa-dvcs-dvc" */
-217,	/* "id-smime-aa-encapContentType" */
-222,	/* "id-smime-aa-encrypKeyPref" */
-220,	/* "id-smime-aa-equivalentLabels" */
-232,	/* "id-smime-aa-ets-CertificateRefs" */
-233,	/* "id-smime-aa-ets-RevocationRefs" */
-238,	/* "id-smime-aa-ets-archiveTimeStamp" */
-237,	/* "id-smime-aa-ets-certCRLTimestamp" */
-234,	/* "id-smime-aa-ets-certValues" */
-227,	/* "id-smime-aa-ets-commitmentType" */
-231,	/* "id-smime-aa-ets-contentTimestamp" */
-236,	/* "id-smime-aa-ets-escTimeStamp" */
-230,	/* "id-smime-aa-ets-otherSigCert" */
-235,	/* "id-smime-aa-ets-revocationValues" */
-226,	/* "id-smime-aa-ets-sigPolicyId" */
-229,	/* "id-smime-aa-ets-signerAttr" */
-228,	/* "id-smime-aa-ets-signerLocation" */
-219,	/* "id-smime-aa-macValue" */
-214,	/* "id-smime-aa-mlExpandHistory" */
-216,	/* "id-smime-aa-msgSigDigest" */
-212,	/* "id-smime-aa-receiptRequest" */
-213,	/* "id-smime-aa-securityLabel" */
-239,	/* "id-smime-aa-signatureType" */
-223,	/* "id-smime-aa-signingCertificate" */
-224,	/* "id-smime-aa-smimeEncryptCerts" */
-225,	/* "id-smime-aa-timeStampToken" */
-192,	/* "id-smime-alg" */
-243,	/* "id-smime-alg-3DESwrap" */
-246,	/* "id-smime-alg-CMS3DESwrap" */
-247,	/* "id-smime-alg-CMSRC2wrap" */
-245,	/* "id-smime-alg-ESDH" */
-241,	/* "id-smime-alg-ESDHwith3DES" */
-242,	/* "id-smime-alg-ESDHwithRC2" */
-244,	/* "id-smime-alg-RC2wrap" */
-193,	/* "id-smime-cd" */
-248,	/* "id-smime-cd-ldap" */
-190,	/* "id-smime-ct" */
-210,	/* "id-smime-ct-DVCSRequestData" */
-211,	/* "id-smime-ct-DVCSResponseData" */
-208,	/* "id-smime-ct-TDTInfo" */
-207,	/* "id-smime-ct-TSTInfo" */
-205,	/* "id-smime-ct-authData" */
-786,	/* "id-smime-ct-compressedData" */
-209,	/* "id-smime-ct-contentInfo" */
-206,	/* "id-smime-ct-publishCert" */
-204,	/* "id-smime-ct-receipt" */
-195,	/* "id-smime-cti" */
-255,	/* "id-smime-cti-ets-proofOfApproval" */
-256,	/* "id-smime-cti-ets-proofOfCreation" */
-253,	/* "id-smime-cti-ets-proofOfDelivery" */
-251,	/* "id-smime-cti-ets-proofOfOrigin" */
-252,	/* "id-smime-cti-ets-proofOfReceipt" */
-254,	/* "id-smime-cti-ets-proofOfSender" */
-189,	/* "id-smime-mod" */
-196,	/* "id-smime-mod-cms" */
-197,	/* "id-smime-mod-ess" */
-202,	/* "id-smime-mod-ets-eSigPolicy-88" */
-203,	/* "id-smime-mod-ets-eSigPolicy-97" */
-200,	/* "id-smime-mod-ets-eSignature-88" */
-201,	/* "id-smime-mod-ets-eSignature-97" */
-199,	/* "id-smime-mod-msg-v3" */
-198,	/* "id-smime-mod-oid" */
-194,	/* "id-smime-spq" */
-250,	/* "id-smime-spq-ets-sqt-unotice" */
-249,	/* "id-smime-spq-ets-sqt-uri" */
-676,	/* "identified-organization" */
-461,	/* "info" */
-748,	/* "inhibitAnyPolicy" */
-101,	/* "initials" */
-647,	/* "international-organizations" */
-869,	/* "internationaliSDNNumber" */
-142,	/* "invalidityDate" */
-294,	/* "ipsecEndSystem" */
-295,	/* "ipsecTunnel" */
-296,	/* "ipsecUser" */
-86,	/* "issuerAltName" */
-770,	/* "issuingDistributionPoint" */
-492,	/* "janetMailbox" */
-957,	/* "jurisdictionC" */
-955,	/* "jurisdictionL" */
-956,	/* "jurisdictionST" */
-150,	/* "keyBag" */
-83,	/* "keyUsage" */
-477,	/* "lastModifiedBy" */
-476,	/* "lastModifiedTime" */
-157,	/* "localKeyID" */
-480,	/* "mXRecord" */
-460,	/* "mail" */
-493,	/* "mailPreferenceOption" */
-467,	/* "manager" */
-809,	/* "md_gost94" */
-875,	/* "member" */
-182,	/* "member-body" */
-51,	/* "messageDigest" */
-383,	/* "mgmt" */
-504,	/* "mime-mhs" */
-506,	/* "mime-mhs-bodies" */
-505,	/* "mime-mhs-headings" */
-488,	/* "mobileTelephoneNumber" */
-136,	/* "msCTLSign" */
-135,	/* "msCodeCom" */
-134,	/* "msCodeInd" */
-138,	/* "msEFS" */
-171,	/* "msExtReq" */
-137,	/* "msSGC" */
-648,	/* "msSmartcardLogin" */
-649,	/* "msUPN" */
-481,	/* "nSRecord" */
-173,	/* "name" */
-666,	/* "nameConstraints" */
-369,	/* "noCheck" */
-403,	/* "noRevAvail" */
-72,	/* "nsBaseUrl" */
-76,	/* "nsCaPolicyUrl" */
-74,	/* "nsCaRevocationUrl" */
-58,	/* "nsCertExt" */
-79,	/* "nsCertSequence" */
-71,	/* "nsCertType" */
-78,	/* "nsComment" */
-59,	/* "nsDataType" */
-75,	/* "nsRenewalUrl" */
-73,	/* "nsRevocationUrl" */
-139,	/* "nsSGC" */
-77,	/* "nsSslServerName" */
-681,	/* "onBasis" */
-491,	/* "organizationalStatus" */
-475,	/* "otherMailbox" */
-876,	/* "owner" */
-489,	/* "pagerTelephoneNumber" */
-374,	/* "path" */
-112,	/* "pbeWithMD5AndCast5CBC" */
-499,	/* "personalSignature" */
-487,	/* "personalTitle" */
-464,	/* "photo" */
-863,	/* "physicalDeliveryOfficeName" */
-437,	/* "pilot" */
-439,	/* "pilotAttributeSyntax" */
-438,	/* "pilotAttributeType" */
-479,	/* "pilotAttributeType27" */
-456,	/* "pilotDSA" */
-441,	/* "pilotGroups" */
-444,	/* "pilotObject" */
-440,	/* "pilotObjectClass" */
-455,	/* "pilotOrganization" */
-445,	/* "pilotPerson" */
- 2,	/* "pkcs" */
-186,	/* "pkcs1" */
-27,	/* "pkcs3" */
-187,	/* "pkcs5" */
-20,	/* "pkcs7" */
-21,	/* "pkcs7-data" */
-25,	/* "pkcs7-digestData" */
-26,	/* "pkcs7-encryptedData" */
-23,	/* "pkcs7-envelopedData" */
-24,	/* "pkcs7-signedAndEnvelopedData" */
-22,	/* "pkcs7-signedData" */
-151,	/* "pkcs8ShroudedKeyBag" */
-47,	/* "pkcs9" */
-401,	/* "policyConstraints" */
-747,	/* "policyMappings" */
-862,	/* "postOfficeBox" */
-861,	/* "postalAddress" */
-661,	/* "postalCode" */
-683,	/* "ppBasis" */
-872,	/* "preferredDeliveryMethod" */
-873,	/* "presentationAddress" */
-816,	/* "prf-gostr3411-94" */
-406,	/* "prime-field" */
-409,	/* "prime192v1" */
-410,	/* "prime192v2" */
-411,	/* "prime192v3" */
-412,	/* "prime239v1" */
-413,	/* "prime239v2" */
-414,	/* "prime239v3" */
-415,	/* "prime256v1" */
-385,	/* "private" */
-84,	/* "privateKeyUsagePeriod" */
-886,	/* "protocolInformation" */
-663,	/* "proxyCertInfo" */
-510,	/* "pseudonym" */
-435,	/* "pss" */
-286,	/* "qcStatements" */
-457,	/* "qualityLabelledData" */
-450,	/* "rFC822localPart" */
-870,	/* "registeredAddress" */
-400,	/* "role" */
-877,	/* "roleOccupant" */
-448,	/* "room" */
-463,	/* "roomNumber" */
- 6,	/* "rsaEncryption" */
-644,	/* "rsaOAEPEncryptionSET" */
-377,	/* "rsaSignature" */
- 1,	/* "rsadsi" */
-482,	/* "sOARecord" */
-155,	/* "safeContentsBag" */
-291,	/* "sbgp-autonomousSysNum" */
-290,	/* "sbgp-ipAddrBlock" */
-292,	/* "sbgp-routerIdentifier" */
-159,	/* "sdsiCertificate" */
-859,	/* "searchGuide" */
-704,	/* "secp112r1" */
-705,	/* "secp112r2" */
-706,	/* "secp128r1" */
-707,	/* "secp128r2" */
-708,	/* "secp160k1" */
-709,	/* "secp160r1" */
-710,	/* "secp160r2" */
-711,	/* "secp192k1" */
-712,	/* "secp224k1" */
-713,	/* "secp224r1" */
-714,	/* "secp256k1" */
-715,	/* "secp384r1" */
-716,	/* "secp521r1" */
-154,	/* "secretBag" */
-474,	/* "secretary" */
-717,	/* "sect113r1" */
-718,	/* "sect113r2" */
-719,	/* "sect131r1" */
-720,	/* "sect131r2" */
-721,	/* "sect163k1" */
-722,	/* "sect163r1" */
-723,	/* "sect163r2" */
-724,	/* "sect193r1" */
-725,	/* "sect193r2" */
-726,	/* "sect233k1" */
-727,	/* "sect233r1" */
-728,	/* "sect239k1" */
-729,	/* "sect283k1" */
-730,	/* "sect283r1" */
-731,	/* "sect409k1" */
-732,	/* "sect409r1" */
-733,	/* "sect571k1" */
-734,	/* "sect571r1" */
-386,	/* "security" */
-878,	/* "seeAlso" */
-394,	/* "selected-attribute-types" */
-105,	/* "serialNumber" */
-129,	/* "serverAuth" */
-371,	/* "serviceLocator" */
-625,	/* "set-addPolicy" */
-515,	/* "set-attr" */
-518,	/* "set-brand" */
-638,	/* "set-brand-AmericanExpress" */
-637,	/* "set-brand-Diners" */
-636,	/* "set-brand-IATA-ATA" */
-639,	/* "set-brand-JCB" */
-641,	/* "set-brand-MasterCard" */
-642,	/* "set-brand-Novus" */
-640,	/* "set-brand-Visa" */
-517,	/* "set-certExt" */
-513,	/* "set-ctype" */
-514,	/* "set-msgExt" */
-516,	/* "set-policy" */
-607,	/* "set-policy-root" */
-624,	/* "set-rootKeyThumb" */
-620,	/* "setAttr-Cert" */
-631,	/* "setAttr-GenCryptgrm" */
-623,	/* "setAttr-IssCap" */
-628,	/* "setAttr-IssCap-CVM" */
-630,	/* "setAttr-IssCap-Sig" */
-629,	/* "setAttr-IssCap-T2" */
-621,	/* "setAttr-PGWYcap" */
-635,	/* "setAttr-SecDevSig" */
-632,	/* "setAttr-T2Enc" */
-633,	/* "setAttr-T2cleartxt" */
-634,	/* "setAttr-TokICCsig" */
-627,	/* "setAttr-Token-B0Prime" */
-626,	/* "setAttr-Token-EMV" */
-622,	/* "setAttr-TokenType" */
-619,	/* "setCext-IssuerCapabilities" */
-615,	/* "setCext-PGWYcapabilities" */
-616,	/* "setCext-TokenIdentifier" */
-618,	/* "setCext-TokenType" */
-617,	/* "setCext-Track2Data" */
-611,	/* "setCext-cCertRequired" */
-609,	/* "setCext-certType" */
-608,	/* "setCext-hashedRoot" */
-610,	/* "setCext-merchData" */
-613,	/* "setCext-setExt" */
-614,	/* "setCext-setQualf" */
-612,	/* "setCext-tunneling" */
-540,	/* "setct-AcqCardCodeMsg" */
-576,	/* "setct-AcqCardCodeMsgTBE" */
-570,	/* "setct-AuthReqTBE" */
-534,	/* "setct-AuthReqTBS" */
-527,	/* "setct-AuthResBaggage" */
-571,	/* "setct-AuthResTBE" */
-572,	/* "setct-AuthResTBEX" */
-535,	/* "setct-AuthResTBS" */
-536,	/* "setct-AuthResTBSX" */
-528,	/* "setct-AuthRevReqBaggage" */
-577,	/* "setct-AuthRevReqTBE" */
-541,	/* "setct-AuthRevReqTBS" */
-529,	/* "setct-AuthRevResBaggage" */
-542,	/* "setct-AuthRevResData" */
-578,	/* "setct-AuthRevResTBE" */
-579,	/* "setct-AuthRevResTBEB" */
-543,	/* "setct-AuthRevResTBS" */
-573,	/* "setct-AuthTokenTBE" */
-537,	/* "setct-AuthTokenTBS" */
-600,	/* "setct-BCIDistributionTBS" */
-558,	/* "setct-BatchAdminReqData" */
-592,	/* "setct-BatchAdminReqTBE" */
-559,	/* "setct-BatchAdminResData" */
-593,	/* "setct-BatchAdminResTBE" */
-599,	/* "setct-CRLNotificationResTBS" */
-598,	/* "setct-CRLNotificationTBS" */
-580,	/* "setct-CapReqTBE" */
-581,	/* "setct-CapReqTBEX" */
-544,	/* "setct-CapReqTBS" */
-545,	/* "setct-CapReqTBSX" */
-546,	/* "setct-CapResData" */
-582,	/* "setct-CapResTBE" */
-583,	/* "setct-CapRevReqTBE" */
-584,	/* "setct-CapRevReqTBEX" */
-547,	/* "setct-CapRevReqTBS" */
-548,	/* "setct-CapRevReqTBSX" */
-549,	/* "setct-CapRevResData" */
-585,	/* "setct-CapRevResTBE" */
-538,	/* "setct-CapTokenData" */
-530,	/* "setct-CapTokenSeq" */
-574,	/* "setct-CapTokenTBE" */
-575,	/* "setct-CapTokenTBEX" */
-539,	/* "setct-CapTokenTBS" */
-560,	/* "setct-CardCInitResTBS" */
-566,	/* "setct-CertInqReqTBS" */
-563,	/* "setct-CertReqData" */
-595,	/* "setct-CertReqTBE" */
-596,	/* "setct-CertReqTBEX" */
-564,	/* "setct-CertReqTBS" */
-565,	/* "setct-CertResData" */
-597,	/* "setct-CertResTBE" */
-586,	/* "setct-CredReqTBE" */
-587,	/* "setct-CredReqTBEX" */
-550,	/* "setct-CredReqTBS" */
-551,	/* "setct-CredReqTBSX" */
-552,	/* "setct-CredResData" */
-588,	/* "setct-CredResTBE" */
-589,	/* "setct-CredRevReqTBE" */
-590,	/* "setct-CredRevReqTBEX" */
-553,	/* "setct-CredRevReqTBS" */
-554,	/* "setct-CredRevReqTBSX" */
-555,	/* "setct-CredRevResData" */
-591,	/* "setct-CredRevResTBE" */
-567,	/* "setct-ErrorTBS" */
-526,	/* "setct-HODInput" */
-561,	/* "setct-MeAqCInitResTBS" */
-522,	/* "setct-OIData" */
-519,	/* "setct-PANData" */
-521,	/* "setct-PANOnly" */
-520,	/* "setct-PANToken" */
-556,	/* "setct-PCertReqData" */
-557,	/* "setct-PCertResTBS" */
-523,	/* "setct-PI" */
-532,	/* "setct-PI-TBS" */
-524,	/* "setct-PIData" */
-525,	/* "setct-PIDataUnsigned" */
-568,	/* "setct-PIDualSignedTBE" */
-569,	/* "setct-PIUnsignedTBE" */
-531,	/* "setct-PInitResData" */
-533,	/* "setct-PResData" */
-594,	/* "setct-RegFormReqTBE" */
-562,	/* "setct-RegFormResTBS" */
-606,	/* "setext-cv" */
-601,	/* "setext-genCrypt" */
-602,	/* "setext-miAuth" */
-604,	/* "setext-pinAny" */
-603,	/* "setext-pinSecure" */
-605,	/* "setext-track2" */
-52,	/* "signingTime" */
-454,	/* "simpleSecurityObject" */
-496,	/* "singleLevelQuality" */
-387,	/* "snmpv2" */
-660,	/* "street" */
-85,	/* "subjectAltName" */
-769,	/* "subjectDirectoryAttributes" */
-398,	/* "subjectInfoAccess" */
-82,	/* "subjectKeyIdentifier" */
-498,	/* "subtreeMaximumQuality" */
-497,	/* "subtreeMinimumQuality" */
-890,	/* "supportedAlgorithms" */
-874,	/* "supportedApplicationContext" */
-402,	/* "targetInformation" */
-864,	/* "telephoneNumber" */
-866,	/* "teletexTerminalIdentifier" */
-865,	/* "telexNumber" */
-459,	/* "textEncodedORAddress" */
-293,	/* "textNotice" */
-133,	/* "timeStamping" */
-106,	/* "title" */
-682,	/* "tpBasis" */
-375,	/* "trustRoot" */
-436,	/* "ucl" */
-888,	/* "uniqueMember" */
-55,	/* "unstructuredAddress" */
-49,	/* "unstructuredName" */
-880,	/* "userCertificate" */
-465,	/* "userClass" */
-879,	/* "userPassword" */
-373,	/* "valid" */
-678,	/* "wap" */
-679,	/* "wap-wsg" */
-735,	/* "wap-wsg-idm-ecid-wtls1" */
-743,	/* "wap-wsg-idm-ecid-wtls10" */
-744,	/* "wap-wsg-idm-ecid-wtls11" */
-745,	/* "wap-wsg-idm-ecid-wtls12" */
-736,	/* "wap-wsg-idm-ecid-wtls3" */
-737,	/* "wap-wsg-idm-ecid-wtls4" */
-738,	/* "wap-wsg-idm-ecid-wtls5" */
-739,	/* "wap-wsg-idm-ecid-wtls6" */
-740,	/* "wap-wsg-idm-ecid-wtls7" */
-741,	/* "wap-wsg-idm-ecid-wtls8" */
-742,	/* "wap-wsg-idm-ecid-wtls9" */
-804,	/* "whirlpool" */
-868,	/* "x121Address" */
-503,	/* "x500UniqueIdentifier" */
-158,	/* "x509Certificate" */
-160,	/* "x509Crl" */
-};
-
-static const unsigned int ln_objs[NUM_LN]={
-363,	/* "AD Time Stamping" */
-405,	/* "ANSI X9.62" */
-368,	/* "Acceptable OCSP Responses" */
-910,	/* "Any Extended Key Usage" */
-664,	/* "Any language" */
-177,	/* "Authority Information Access" */
-365,	/* "Basic OCSP Response" */
-285,	/* "Biometric Info" */
-179,	/* "CA Issuers" */
-785,	/* "CA Repository" */
-954,	/* "CT Certificate SCTs" */
-952,	/* "CT Precertificate Poison" */
-951,	/* "CT Precertificate SCTs" */
-953,	/* "CT Precertificate Signer" */
-131,	/* "Code Signing" */
-783,	/* "Diffie-Hellman based MAC" */
-382,	/* "Directory" */
-392,	/* "Domain" */
-132,	/* "E-mail Protection" */
-389,	/* "Enterprises" */
-384,	/* "Experimental" */
-372,	/* "Extended OCSP Status" */
-172,	/* "Extension Request" */
-813,	/* "GOST 28147-89" */
-849,	/* "GOST 28147-89 Cryptocom ParamSet" */
-815,	/* "GOST 28147-89 MAC" */
-851,	/* "GOST 34.10-2001 Cryptocom" */
-850,	/* "GOST 34.10-94 Cryptocom" */
-811,	/* "GOST R 34.10-2001" */
-817,	/* "GOST R 34.10-2001 DH" */
-812,	/* "GOST R 34.10-94" */
-818,	/* "GOST R 34.10-94 DH" */
-809,	/* "GOST R 34.11-94" */
-816,	/* "GOST R 34.11-94 PRF" */
-807,	/* "GOST R 34.11-94 with GOST R 34.10-2001" */
-853,	/* "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom" */
-808,	/* "GOST R 34.11-94 with GOST R 34.10-94" */
-852,	/* "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom" */
-854,	/* "GOST R 3410-2001 Parameter Set Cryptocom" */
-810,	/* "HMAC GOST 34.11-94" */
-432,	/* "Hold Instruction Call Issuer" */
-430,	/* "Hold Instruction Code" */
-431,	/* "Hold Instruction None" */
-433,	/* "Hold Instruction Reject" */
-634,	/* "ICC or token signature" */
-294,	/* "IPSec End System" */
-295,	/* "IPSec Tunnel" */
-296,	/* "IPSec User" */
-182,	/* "ISO Member Body" */
-183,	/* "ISO US Member Body" */
-667,	/* "Independent" */
-665,	/* "Inherit all" */
-647,	/* "International Organizations" */
-142,	/* "Invalidity Date" */
-504,	/* "MIME MHS" */
-388,	/* "Mail" */
-383,	/* "Management" */
-417,	/* "Microsoft CSP Name" */
-135,	/* "Microsoft Commercial Code Signing" */
-138,	/* "Microsoft Encrypted File System" */
-171,	/* "Microsoft Extension Request" */
-134,	/* "Microsoft Individual Code Signing" */
-856,	/* "Microsoft Local Key set" */
-137,	/* "Microsoft Server Gated Crypto" */
-648,	/* "Microsoft Smartcardlogin" */
-136,	/* "Microsoft Trust List Signing" */
-649,	/* "Microsoft Universal Principal Name" */
-393,	/* "NULL" */
-404,	/* "NULL" */
-72,	/* "Netscape Base Url" */
-76,	/* "Netscape CA Policy Url" */
-74,	/* "Netscape CA Revocation Url" */
-71,	/* "Netscape Cert Type" */
-58,	/* "Netscape Certificate Extension" */
-79,	/* "Netscape Certificate Sequence" */
-78,	/* "Netscape Comment" */
-57,	/* "Netscape Communications Corp." */
-59,	/* "Netscape Data Type" */
-75,	/* "Netscape Renewal Url" */
-73,	/* "Netscape Revocation Url" */
-77,	/* "Netscape SSL Server Name" */
-139,	/* "Netscape Server Gated Crypto" */
-178,	/* "OCSP" */
-370,	/* "OCSP Archive Cutoff" */
-367,	/* "OCSP CRL ID" */
-369,	/* "OCSP No Check" */
-366,	/* "OCSP Nonce" */
-371,	/* "OCSP Service Locator" */
-180,	/* "OCSP Signing" */
-161,	/* "PBES2" */
-69,	/* "PBKDF2" */
-162,	/* "PBMAC1" */
-127,	/* "PKIX" */
-858,	/* "Permanent Identifier" */
-164,	/* "Policy Qualifier CPS" */
-165,	/* "Policy Qualifier User Notice" */
-385,	/* "Private" */
-663,	/* "Proxy Certificate Information" */
- 1,	/* "RSA Data Security, Inc." */
- 2,	/* "RSA Data Security, Inc. PKCS" */
-188,	/* "S/MIME" */
-167,	/* "S/MIME Capabilities" */
-387,	/* "SNMPv2" */
-512,	/* "Secure Electronic Transactions" */
-386,	/* "Security" */
-394,	/* "Selected Attribute Types" */
-143,	/* "Strong Extranet ID" */
-398,	/* "Subject Information Access" */
-130,	/* "TLS Web Client Authentication" */
-129,	/* "TLS Web Server Authentication" */
-133,	/* "Time Stamping" */
-375,	/* "Trust Root" */
-12,	/* "X509" */
-402,	/* "X509v3 AC Targeting" */
-746,	/* "X509v3 Any Policy" */
-90,	/* "X509v3 Authority Key Identifier" */
-87,	/* "X509v3 Basic Constraints" */
-103,	/* "X509v3 CRL Distribution Points" */
-88,	/* "X509v3 CRL Number" */
-141,	/* "X509v3 CRL Reason Code" */
-771,	/* "X509v3 Certificate Issuer" */
-89,	/* "X509v3 Certificate Policies" */
-140,	/* "X509v3 Delta CRL Indicator" */
-126,	/* "X509v3 Extended Key Usage" */
-857,	/* "X509v3 Freshest CRL" */
-748,	/* "X509v3 Inhibit Any Policy" */
-86,	/* "X509v3 Issuer Alternative Name" */
-770,	/* "X509v3 Issuing Distrubution Point" */
-83,	/* "X509v3 Key Usage" */
-666,	/* "X509v3 Name Constraints" */
-403,	/* "X509v3 No Revocation Available" */
-401,	/* "X509v3 Policy Constraints" */
-747,	/* "X509v3 Policy Mappings" */
-84,	/* "X509v3 Private Key Usage Period" */
-85,	/* "X509v3 Subject Alternative Name" */
-769,	/* "X509v3 Subject Directory Attributes" */
-82,	/* "X509v3 Subject Key Identifier" */
-920,	/* "X9.42 DH" */
-184,	/* "X9.57" */
-185,	/* "X9.57 CM ?" */
-478,	/* "aRecord" */
-289,	/* "aaControls" */
-287,	/* "ac-auditEntity" */
-397,	/* "ac-proxying" */
-288,	/* "ac-targeting" */
-446,	/* "account" */
-364,	/* "ad dvcs" */
-606,	/* "additional verification" */
-419,	/* "aes-128-cbc" */
-916,	/* "aes-128-cbc-hmac-sha1" */
-948,	/* "aes-128-cbc-hmac-sha256" */
-896,	/* "aes-128-ccm" */
-421,	/* "aes-128-cfb" */
-650,	/* "aes-128-cfb1" */
-653,	/* "aes-128-cfb8" */
-904,	/* "aes-128-ctr" */
-418,	/* "aes-128-ecb" */
-895,	/* "aes-128-gcm" */
-420,	/* "aes-128-ofb" */
-913,	/* "aes-128-xts" */
-423,	/* "aes-192-cbc" */
-917,	/* "aes-192-cbc-hmac-sha1" */
-949,	/* "aes-192-cbc-hmac-sha256" */
-899,	/* "aes-192-ccm" */
-425,	/* "aes-192-cfb" */
-651,	/* "aes-192-cfb1" */
-654,	/* "aes-192-cfb8" */
-905,	/* "aes-192-ctr" */
-422,	/* "aes-192-ecb" */
-898,	/* "aes-192-gcm" */
-424,	/* "aes-192-ofb" */
-427,	/* "aes-256-cbc" */
-918,	/* "aes-256-cbc-hmac-sha1" */
-950,	/* "aes-256-cbc-hmac-sha256" */
-902,	/* "aes-256-ccm" */
-429,	/* "aes-256-cfb" */
-652,	/* "aes-256-cfb1" */
-655,	/* "aes-256-cfb8" */
-906,	/* "aes-256-ctr" */
-426,	/* "aes-256-ecb" */
-901,	/* "aes-256-gcm" */
-428,	/* "aes-256-ofb" */
-914,	/* "aes-256-xts" */
-376,	/* "algorithm" */
-484,	/* "associatedDomain" */
-485,	/* "associatedName" */
-501,	/* "audio" */
-882,	/* "authorityRevocationList" */
-91,	/* "bf-cbc" */
-93,	/* "bf-cfb" */
-92,	/* "bf-ecb" */
-94,	/* "bf-ofb" */
-921,	/* "brainpoolP160r1" */
-922,	/* "brainpoolP160t1" */
-923,	/* "brainpoolP192r1" */
-924,	/* "brainpoolP192t1" */
-925,	/* "brainpoolP224r1" */
-926,	/* "brainpoolP224t1" */
-927,	/* "brainpoolP256r1" */
-928,	/* "brainpoolP256t1" */
-929,	/* "brainpoolP320r1" */
-930,	/* "brainpoolP320t1" */
-931,	/* "brainpoolP384r1" */
-932,	/* "brainpoolP384t1" */
-933,	/* "brainpoolP512r1" */
-934,	/* "brainpoolP512t1" */
-494,	/* "buildingName" */
-860,	/* "businessCategory" */
-691,	/* "c2onb191v4" */
-692,	/* "c2onb191v5" */
-697,	/* "c2onb239v4" */
-698,	/* "c2onb239v5" */
-684,	/* "c2pnb163v1" */
-685,	/* "c2pnb163v2" */
-686,	/* "c2pnb163v3" */
-687,	/* "c2pnb176v1" */
-693,	/* "c2pnb208w1" */
-699,	/* "c2pnb272w1" */
-700,	/* "c2pnb304w1" */
-702,	/* "c2pnb368w1" */
-688,	/* "c2tnb191v1" */
-689,	/* "c2tnb191v2" */
-690,	/* "c2tnb191v3" */
-694,	/* "c2tnb239v1" */
-695,	/* "c2tnb239v2" */
-696,	/* "c2tnb239v3" */
-701,	/* "c2tnb359v1" */
-703,	/* "c2tnb431r1" */
-881,	/* "cACertificate" */
-483,	/* "cNAMERecord" */
-751,	/* "camellia-128-cbc" */
-757,	/* "camellia-128-cfb" */
-760,	/* "camellia-128-cfb1" */
-763,	/* "camellia-128-cfb8" */
-754,	/* "camellia-128-ecb" */
-766,	/* "camellia-128-ofb" */
-752,	/* "camellia-192-cbc" */
-758,	/* "camellia-192-cfb" */
-761,	/* "camellia-192-cfb1" */
-764,	/* "camellia-192-cfb8" */
-755,	/* "camellia-192-ecb" */
-767,	/* "camellia-192-ofb" */
-753,	/* "camellia-256-cbc" */
-759,	/* "camellia-256-cfb" */
-762,	/* "camellia-256-cfb1" */
-765,	/* "camellia-256-cfb8" */
-756,	/* "camellia-256-ecb" */
-768,	/* "camellia-256-ofb" */
-443,	/* "caseIgnoreIA5StringSyntax" */
-108,	/* "cast5-cbc" */
-110,	/* "cast5-cfb" */
-109,	/* "cast5-ecb" */
-111,	/* "cast5-ofb" */
-152,	/* "certBag" */
-677,	/* "certicom-arc" */
-517,	/* "certificate extensions" */
-883,	/* "certificateRevocationList" */
-54,	/* "challengePassword" */
-407,	/* "characteristic-two-field" */
-395,	/* "clearance" */
-633,	/* "cleartext track 2" */
-894,	/* "cmac" */
-13,	/* "commonName" */
-513,	/* "content types" */
-50,	/* "contentType" */
-53,	/* "countersignature" */
-14,	/* "countryName" */
-153,	/* "crlBag" */
-884,	/* "crossCertificatePair" */
-806,	/* "cryptocom" */
-805,	/* "cryptopro" */
-500,	/* "dITRedirect" */
-451,	/* "dNSDomain" */
-495,	/* "dSAQuality" */
-434,	/* "data" */
-390,	/* "dcObject" */
-891,	/* "deltaRevocationList" */
-31,	/* "des-cbc" */
-643,	/* "des-cdmf" */
-30,	/* "des-cfb" */
-656,	/* "des-cfb1" */
-657,	/* "des-cfb8" */
-29,	/* "des-ecb" */
-32,	/* "des-ede" */
-43,	/* "des-ede-cbc" */
-60,	/* "des-ede-cfb" */
-62,	/* "des-ede-ofb" */
-33,	/* "des-ede3" */
-44,	/* "des-ede3-cbc" */
-61,	/* "des-ede3-cfb" */
-658,	/* "des-ede3-cfb1" */
-659,	/* "des-ede3-cfb8" */
-63,	/* "des-ede3-ofb" */
-45,	/* "des-ofb" */
-107,	/* "description" */
-871,	/* "destinationIndicator" */
-80,	/* "desx-cbc" */
-947,	/* "dh-cofactor-kdf" */
-946,	/* "dh-std-kdf" */
-28,	/* "dhKeyAgreement" */
-941,	/* "dhSinglePass-cofactorDH-sha1kdf-scheme" */
-942,	/* "dhSinglePass-cofactorDH-sha224kdf-scheme" */
-943,	/* "dhSinglePass-cofactorDH-sha256kdf-scheme" */
-944,	/* "dhSinglePass-cofactorDH-sha384kdf-scheme" */
-945,	/* "dhSinglePass-cofactorDH-sha512kdf-scheme" */
-936,	/* "dhSinglePass-stdDH-sha1kdf-scheme" */
-937,	/* "dhSinglePass-stdDH-sha224kdf-scheme" */
-938,	/* "dhSinglePass-stdDH-sha256kdf-scheme" */
-939,	/* "dhSinglePass-stdDH-sha384kdf-scheme" */
-940,	/* "dhSinglePass-stdDH-sha512kdf-scheme" */
-11,	/* "directory services (X.500)" */
-378,	/* "directory services - algorithms" */
-887,	/* "distinguishedName" */
-892,	/* "dmdName" */
-174,	/* "dnQualifier" */
-447,	/* "document" */
-471,	/* "documentAuthor" */
-468,	/* "documentIdentifier" */
-472,	/* "documentLocation" */
-502,	/* "documentPublisher" */
-449,	/* "documentSeries" */
-469,	/* "documentTitle" */
-470,	/* "documentVersion" */
-380,	/* "dod" */
-391,	/* "domainComponent" */
-452,	/* "domainRelatedObject" */
-116,	/* "dsaEncryption" */
-67,	/* "dsaEncryption-old" */
-66,	/* "dsaWithSHA" */
-113,	/* "dsaWithSHA1" */
-70,	/* "dsaWithSHA1-old" */
-802,	/* "dsa_with_SHA224" */
-803,	/* "dsa_with_SHA256" */
-297,	/* "dvcs" */
-791,	/* "ecdsa-with-Recommended" */
-416,	/* "ecdsa-with-SHA1" */
-793,	/* "ecdsa-with-SHA224" */
-794,	/* "ecdsa-with-SHA256" */
-795,	/* "ecdsa-with-SHA384" */
-796,	/* "ecdsa-with-SHA512" */
-792,	/* "ecdsa-with-Specified" */
-48,	/* "emailAddress" */
-632,	/* "encrypted track 2" */
-885,	/* "enhancedSearchGuide" */
-56,	/* "extendedCertificateAttributes" */
-867,	/* "facsimileTelephoneNumber" */
-462,	/* "favouriteDrink" */
-453,	/* "friendlyCountry" */
-490,	/* "friendlyCountryName" */
-156,	/* "friendlyName" */
-631,	/* "generate cryptogram" */
-509,	/* "generationQualifier" */
-601,	/* "generic cryptogram" */
-99,	/* "givenName" */
-814,	/* "gost89-cnt" */
-855,	/* "hmac" */
-780,	/* "hmac-md5" */
-781,	/* "hmac-sha1" */
-797,	/* "hmacWithMD5" */
-163,	/* "hmacWithSHA1" */
-798,	/* "hmacWithSHA224" */
-799,	/* "hmacWithSHA256" */
-800,	/* "hmacWithSHA384" */
-801,	/* "hmacWithSHA512" */
-486,	/* "homePostalAddress" */
-473,	/* "homeTelephoneNumber" */
-466,	/* "host" */
-889,	/* "houseIdentifier" */
-442,	/* "iA5StringSyntax" */
-381,	/* "iana" */
-824,	/* "id-Gost28147-89-CryptoPro-A-ParamSet" */
-825,	/* "id-Gost28147-89-CryptoPro-B-ParamSet" */
-826,	/* "id-Gost28147-89-CryptoPro-C-ParamSet" */
-827,	/* "id-Gost28147-89-CryptoPro-D-ParamSet" */
-819,	/* "id-Gost28147-89-CryptoPro-KeyMeshing" */
-829,	/* "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet" */
-828,	/* "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet" */
-830,	/* "id-Gost28147-89-CryptoPro-RIC-1-ParamSet" */
-820,	/* "id-Gost28147-89-None-KeyMeshing" */
-823,	/* "id-Gost28147-89-TestParamSet" */
-840,	/* "id-GostR3410-2001-CryptoPro-A-ParamSet" */
-841,	/* "id-GostR3410-2001-CryptoPro-B-ParamSet" */
-842,	/* "id-GostR3410-2001-CryptoPro-C-ParamSet" */
-843,	/* "id-GostR3410-2001-CryptoPro-XchA-ParamSet" */
-844,	/* "id-GostR3410-2001-CryptoPro-XchB-ParamSet" */
-839,	/* "id-GostR3410-2001-TestParamSet" */
-832,	/* "id-GostR3410-94-CryptoPro-A-ParamSet" */
-833,	/* "id-GostR3410-94-CryptoPro-B-ParamSet" */
-834,	/* "id-GostR3410-94-CryptoPro-C-ParamSet" */
-835,	/* "id-GostR3410-94-CryptoPro-D-ParamSet" */
-836,	/* "id-GostR3410-94-CryptoPro-XchA-ParamSet" */
-837,	/* "id-GostR3410-94-CryptoPro-XchB-ParamSet" */
-838,	/* "id-GostR3410-94-CryptoPro-XchC-ParamSet" */
-831,	/* "id-GostR3410-94-TestParamSet" */
-845,	/* "id-GostR3410-94-a" */
-846,	/* "id-GostR3410-94-aBis" */
-847,	/* "id-GostR3410-94-b" */
-848,	/* "id-GostR3410-94-bBis" */
-822,	/* "id-GostR3411-94-CryptoProParamSet" */
-821,	/* "id-GostR3411-94-TestParamSet" */
-266,	/* "id-aca" */
-355,	/* "id-aca-accessIdentity" */
-354,	/* "id-aca-authenticationInfo" */
-356,	/* "id-aca-chargingIdentity" */
-399,	/* "id-aca-encAttrs" */
-357,	/* "id-aca-group" */
-358,	/* "id-aca-role" */
-176,	/* "id-ad" */
-788,	/* "id-aes128-wrap" */
-897,	/* "id-aes128-wrap-pad" */
-789,	/* "id-aes192-wrap" */
-900,	/* "id-aes192-wrap-pad" */
-790,	/* "id-aes256-wrap" */
-903,	/* "id-aes256-wrap-pad" */
-262,	/* "id-alg" */
-893,	/* "id-alg-PWRI-KEK" */
-323,	/* "id-alg-des40" */
-326,	/* "id-alg-dh-pop" */
-325,	/* "id-alg-dh-sig-hmac-sha1" */
-324,	/* "id-alg-noSignature" */
-907,	/* "id-camellia128-wrap" */
-908,	/* "id-camellia192-wrap" */
-909,	/* "id-camellia256-wrap" */
-268,	/* "id-cct" */
-361,	/* "id-cct-PKIData" */
-362,	/* "id-cct-PKIResponse" */
-360,	/* "id-cct-crs" */
-81,	/* "id-ce" */
-680,	/* "id-characteristic-two-basis" */
-263,	/* "id-cmc" */
-334,	/* "id-cmc-addExtensions" */
-346,	/* "id-cmc-confirmCertAcceptance" */
-330,	/* "id-cmc-dataReturn" */
-336,	/* "id-cmc-decryptedPOP" */
-335,	/* "id-cmc-encryptedPOP" */
-339,	/* "id-cmc-getCRL" */
-338,	/* "id-cmc-getCert" */
-328,	/* "id-cmc-identification" */
-329,	/* "id-cmc-identityProof" */
-337,	/* "id-cmc-lraPOPWitness" */
-344,	/* "id-cmc-popLinkRandom" */
-345,	/* "id-cmc-popLinkWitness" */
-343,	/* "id-cmc-queryPending" */
-333,	/* "id-cmc-recipientNonce" */
-341,	/* "id-cmc-regInfo" */
-342,	/* "id-cmc-responseInfo" */
-340,	/* "id-cmc-revokeRequest" */
-332,	/* "id-cmc-senderNonce" */
-327,	/* "id-cmc-statusInfo" */
-331,	/* "id-cmc-transactionId" */
-787,	/* "id-ct-asciiTextWithCRLF" */
-408,	/* "id-ecPublicKey" */
-508,	/* "id-hex-multipart-message" */
-507,	/* "id-hex-partial-message" */
-260,	/* "id-it" */
-302,	/* "id-it-caKeyUpdateInfo" */
-298,	/* "id-it-caProtEncCert" */
-311,	/* "id-it-confirmWaitTime" */
-303,	/* "id-it-currentCRL" */
-300,	/* "id-it-encKeyPairTypes" */
-310,	/* "id-it-implicitConfirm" */
-308,	/* "id-it-keyPairParamRep" */
-307,	/* "id-it-keyPairParamReq" */
-312,	/* "id-it-origPKIMessage" */
-301,	/* "id-it-preferredSymmAlg" */
-309,	/* "id-it-revPassphrase" */
-299,	/* "id-it-signKeyPairTypes" */
-305,	/* "id-it-subscriptionRequest" */
-306,	/* "id-it-subscriptionResponse" */
-784,	/* "id-it-suppLangTags" */
-304,	/* "id-it-unsupportedOIDs" */
-128,	/* "id-kp" */
-280,	/* "id-mod-attribute-cert" */
-274,	/* "id-mod-cmc" */
-277,	/* "id-mod-cmp" */
-284,	/* "id-mod-cmp2000" */
-273,	/* "id-mod-crmf" */
-283,	/* "id-mod-dvcs" */
-275,	/* "id-mod-kea-profile-88" */
-276,	/* "id-mod-kea-profile-93" */
-282,	/* "id-mod-ocsp" */
-278,	/* "id-mod-qualified-cert-88" */
-279,	/* "id-mod-qualified-cert-93" */
-281,	/* "id-mod-timestamp-protocol" */
-264,	/* "id-on" */
-347,	/* "id-on-personalData" */
-265,	/* "id-pda" */
-352,	/* "id-pda-countryOfCitizenship" */
-353,	/* "id-pda-countryOfResidence" */
-348,	/* "id-pda-dateOfBirth" */
-351,	/* "id-pda-gender" */
-349,	/* "id-pda-placeOfBirth" */
-175,	/* "id-pe" */
-261,	/* "id-pkip" */
-258,	/* "id-pkix-mod" */
-269,	/* "id-pkix1-explicit-88" */
-271,	/* "id-pkix1-explicit-93" */
-270,	/* "id-pkix1-implicit-88" */
-272,	/* "id-pkix1-implicit-93" */
-662,	/* "id-ppl" */
-267,	/* "id-qcs" */
-359,	/* "id-qcs-pkixQCSyntax-v1" */
-259,	/* "id-qt" */
-313,	/* "id-regCtrl" */
-316,	/* "id-regCtrl-authenticator" */
-319,	/* "id-regCtrl-oldCertID" */
-318,	/* "id-regCtrl-pkiArchiveOptions" */
-317,	/* "id-regCtrl-pkiPublicationInfo" */
-320,	/* "id-regCtrl-protocolEncrKey" */
-315,	/* "id-regCtrl-regToken" */
-314,	/* "id-regInfo" */
-322,	/* "id-regInfo-certReq" */
-321,	/* "id-regInfo-utf8Pairs" */
-191,	/* "id-smime-aa" */
-215,	/* "id-smime-aa-contentHint" */
-218,	/* "id-smime-aa-contentIdentifier" */
-221,	/* "id-smime-aa-contentReference" */
-240,	/* "id-smime-aa-dvcs-dvc" */
-217,	/* "id-smime-aa-encapContentType" */
-222,	/* "id-smime-aa-encrypKeyPref" */
-220,	/* "id-smime-aa-equivalentLabels" */
-232,	/* "id-smime-aa-ets-CertificateRefs" */
-233,	/* "id-smime-aa-ets-RevocationRefs" */
-238,	/* "id-smime-aa-ets-archiveTimeStamp" */
-237,	/* "id-smime-aa-ets-certCRLTimestamp" */
-234,	/* "id-smime-aa-ets-certValues" */
-227,	/* "id-smime-aa-ets-commitmentType" */
-231,	/* "id-smime-aa-ets-contentTimestamp" */
-236,	/* "id-smime-aa-ets-escTimeStamp" */
-230,	/* "id-smime-aa-ets-otherSigCert" */
-235,	/* "id-smime-aa-ets-revocationValues" */
-226,	/* "id-smime-aa-ets-sigPolicyId" */
-229,	/* "id-smime-aa-ets-signerAttr" */
-228,	/* "id-smime-aa-ets-signerLocation" */
-219,	/* "id-smime-aa-macValue" */
-214,	/* "id-smime-aa-mlExpandHistory" */
-216,	/* "id-smime-aa-msgSigDigest" */
-212,	/* "id-smime-aa-receiptRequest" */
-213,	/* "id-smime-aa-securityLabel" */
-239,	/* "id-smime-aa-signatureType" */
-223,	/* "id-smime-aa-signingCertificate" */
-224,	/* "id-smime-aa-smimeEncryptCerts" */
-225,	/* "id-smime-aa-timeStampToken" */
-192,	/* "id-smime-alg" */
-243,	/* "id-smime-alg-3DESwrap" */
-246,	/* "id-smime-alg-CMS3DESwrap" */
-247,	/* "id-smime-alg-CMSRC2wrap" */
-245,	/* "id-smime-alg-ESDH" */
-241,	/* "id-smime-alg-ESDHwith3DES" */
-242,	/* "id-smime-alg-ESDHwithRC2" */
-244,	/* "id-smime-alg-RC2wrap" */
-193,	/* "id-smime-cd" */
-248,	/* "id-smime-cd-ldap" */
-190,	/* "id-smime-ct" */
-210,	/* "id-smime-ct-DVCSRequestData" */
-211,	/* "id-smime-ct-DVCSResponseData" */
-208,	/* "id-smime-ct-TDTInfo" */
-207,	/* "id-smime-ct-TSTInfo" */
-205,	/* "id-smime-ct-authData" */
-786,	/* "id-smime-ct-compressedData" */
-209,	/* "id-smime-ct-contentInfo" */
-206,	/* "id-smime-ct-publishCert" */
-204,	/* "id-smime-ct-receipt" */
-195,	/* "id-smime-cti" */
-255,	/* "id-smime-cti-ets-proofOfApproval" */
-256,	/* "id-smime-cti-ets-proofOfCreation" */
-253,	/* "id-smime-cti-ets-proofOfDelivery" */
-251,	/* "id-smime-cti-ets-proofOfOrigin" */
-252,	/* "id-smime-cti-ets-proofOfReceipt" */
-254,	/* "id-smime-cti-ets-proofOfSender" */
-189,	/* "id-smime-mod" */
-196,	/* "id-smime-mod-cms" */
-197,	/* "id-smime-mod-ess" */
-202,	/* "id-smime-mod-ets-eSigPolicy-88" */
-203,	/* "id-smime-mod-ets-eSigPolicy-97" */
-200,	/* "id-smime-mod-ets-eSignature-88" */
-201,	/* "id-smime-mod-ets-eSignature-97" */
-199,	/* "id-smime-mod-msg-v3" */
-198,	/* "id-smime-mod-oid" */
-194,	/* "id-smime-spq" */
-250,	/* "id-smime-spq-ets-sqt-unotice" */
-249,	/* "id-smime-spq-ets-sqt-uri" */
-34,	/* "idea-cbc" */
-35,	/* "idea-cfb" */
-36,	/* "idea-ecb" */
-46,	/* "idea-ofb" */
-676,	/* "identified-organization" */
-461,	/* "info" */
-101,	/* "initials" */
-869,	/* "internationaliSDNNumber" */
-749,	/* "ipsec3" */
-750,	/* "ipsec4" */
-181,	/* "iso" */
-623,	/* "issuer capabilities" */
-645,	/* "itu-t" */
-492,	/* "janetMailbox" */
-646,	/* "joint-iso-itu-t" */
-957,	/* "jurisdictionCountryName" */
-955,	/* "jurisdictionLocalityName" */
-956,	/* "jurisdictionStateOrProvinceName" */
-150,	/* "keyBag" */
-773,	/* "kisa" */
-477,	/* "lastModifiedBy" */
-476,	/* "lastModifiedTime" */
-157,	/* "localKeyID" */
-15,	/* "localityName" */
-480,	/* "mXRecord" */
-493,	/* "mailPreferenceOption" */
-467,	/* "manager" */
- 3,	/* "md2" */
- 7,	/* "md2WithRSAEncryption" */
-257,	/* "md4" */
-396,	/* "md4WithRSAEncryption" */
- 4,	/* "md5" */
-114,	/* "md5-sha1" */
-104,	/* "md5WithRSA" */
- 8,	/* "md5WithRSAEncryption" */
-95,	/* "mdc2" */
-96,	/* "mdc2WithRSA" */
-875,	/* "member" */
-602,	/* "merchant initiated auth" */
-514,	/* "message extensions" */
-51,	/* "messageDigest" */
-911,	/* "mgf1" */
-506,	/* "mime-mhs-bodies" */
-505,	/* "mime-mhs-headings" */
-488,	/* "mobileTelephoneNumber" */
-481,	/* "nSRecord" */
-173,	/* "name" */
-681,	/* "onBasis" */
-379,	/* "org" */
-17,	/* "organizationName" */
-491,	/* "organizationalStatus" */
-18,	/* "organizationalUnitName" */
-475,	/* "otherMailbox" */
-876,	/* "owner" */
-935,	/* "pSpecified" */
-489,	/* "pagerTelephoneNumber" */
-782,	/* "password based MAC" */
-374,	/* "path" */
-621,	/* "payment gateway capabilities" */
- 9,	/* "pbeWithMD2AndDES-CBC" */
-168,	/* "pbeWithMD2AndRC2-CBC" */
-112,	/* "pbeWithMD5AndCast5CBC" */
-10,	/* "pbeWithMD5AndDES-CBC" */
-169,	/* "pbeWithMD5AndRC2-CBC" */
-148,	/* "pbeWithSHA1And128BitRC2-CBC" */
-144,	/* "pbeWithSHA1And128BitRC4" */
-147,	/* "pbeWithSHA1And2-KeyTripleDES-CBC" */
-146,	/* "pbeWithSHA1And3-KeyTripleDES-CBC" */
-149,	/* "pbeWithSHA1And40BitRC2-CBC" */
-145,	/* "pbeWithSHA1And40BitRC4" */
-170,	/* "pbeWithSHA1AndDES-CBC" */
-68,	/* "pbeWithSHA1AndRC2-CBC" */
-499,	/* "personalSignature" */
-487,	/* "personalTitle" */
-464,	/* "photo" */
-863,	/* "physicalDeliveryOfficeName" */
-437,	/* "pilot" */
-439,	/* "pilotAttributeSyntax" */
-438,	/* "pilotAttributeType" */
-479,	/* "pilotAttributeType27" */
-456,	/* "pilotDSA" */
-441,	/* "pilotGroups" */
-444,	/* "pilotObject" */
-440,	/* "pilotObjectClass" */
-455,	/* "pilotOrganization" */
-445,	/* "pilotPerson" */
-186,	/* "pkcs1" */
-27,	/* "pkcs3" */
-187,	/* "pkcs5" */
-20,	/* "pkcs7" */
-21,	/* "pkcs7-data" */
-25,	/* "pkcs7-digestData" */
-26,	/* "pkcs7-encryptedData" */
-23,	/* "pkcs7-envelopedData" */
-24,	/* "pkcs7-signedAndEnvelopedData" */
-22,	/* "pkcs7-signedData" */
-151,	/* "pkcs8ShroudedKeyBag" */
-47,	/* "pkcs9" */
-862,	/* "postOfficeBox" */
-861,	/* "postalAddress" */
-661,	/* "postalCode" */
-683,	/* "ppBasis" */
-872,	/* "preferredDeliveryMethod" */
-873,	/* "presentationAddress" */
-406,	/* "prime-field" */
-409,	/* "prime192v1" */
-410,	/* "prime192v2" */
-411,	/* "prime192v3" */
-412,	/* "prime239v1" */
-413,	/* "prime239v2" */
-414,	/* "prime239v3" */
-415,	/* "prime256v1" */
-886,	/* "protocolInformation" */
-510,	/* "pseudonym" */
-435,	/* "pss" */
-286,	/* "qcStatements" */
-457,	/* "qualityLabelledData" */
-450,	/* "rFC822localPart" */
-98,	/* "rc2-40-cbc" */
-166,	/* "rc2-64-cbc" */
-37,	/* "rc2-cbc" */
-39,	/* "rc2-cfb" */
-38,	/* "rc2-ecb" */
-40,	/* "rc2-ofb" */
- 5,	/* "rc4" */
-97,	/* "rc4-40" */
-915,	/* "rc4-hmac-md5" */
-120,	/* "rc5-cbc" */
-122,	/* "rc5-cfb" */
-121,	/* "rc5-ecb" */
-123,	/* "rc5-ofb" */
-870,	/* "registeredAddress" */
-460,	/* "rfc822Mailbox" */
-117,	/* "ripemd160" */
-119,	/* "ripemd160WithRSA" */
-400,	/* "role" */
-877,	/* "roleOccupant" */
-448,	/* "room" */
-463,	/* "roomNumber" */
-19,	/* "rsa" */
- 6,	/* "rsaEncryption" */
-644,	/* "rsaOAEPEncryptionSET" */
-377,	/* "rsaSignature" */
-919,	/* "rsaesOaep" */
-912,	/* "rsassaPss" */
-124,	/* "run length compression" */
-482,	/* "sOARecord" */
-155,	/* "safeContentsBag" */
-291,	/* "sbgp-autonomousSysNum" */
-290,	/* "sbgp-ipAddrBlock" */
-292,	/* "sbgp-routerIdentifier" */
-159,	/* "sdsiCertificate" */
-859,	/* "searchGuide" */
-704,	/* "secp112r1" */
-705,	/* "secp112r2" */
-706,	/* "secp128r1" */
-707,	/* "secp128r2" */
-708,	/* "secp160k1" */
-709,	/* "secp160r1" */
-710,	/* "secp160r2" */
-711,	/* "secp192k1" */
-712,	/* "secp224k1" */
-713,	/* "secp224r1" */
-714,	/* "secp256k1" */
-715,	/* "secp384r1" */
-716,	/* "secp521r1" */
-154,	/* "secretBag" */
-474,	/* "secretary" */
-717,	/* "sect113r1" */
-718,	/* "sect113r2" */
-719,	/* "sect131r1" */
-720,	/* "sect131r2" */
-721,	/* "sect163k1" */
-722,	/* "sect163r1" */
-723,	/* "sect163r2" */
-724,	/* "sect193r1" */
-725,	/* "sect193r2" */
-726,	/* "sect233k1" */
-727,	/* "sect233r1" */
-728,	/* "sect239k1" */
-729,	/* "sect283k1" */
-730,	/* "sect283r1" */
-731,	/* "sect409k1" */
-732,	/* "sect409r1" */
-733,	/* "sect571k1" */
-734,	/* "sect571r1" */
-635,	/* "secure device signature" */
-878,	/* "seeAlso" */
-777,	/* "seed-cbc" */
-779,	/* "seed-cfb" */
-776,	/* "seed-ecb" */
-778,	/* "seed-ofb" */
-105,	/* "serialNumber" */
-625,	/* "set-addPolicy" */
-515,	/* "set-attr" */
-518,	/* "set-brand" */
-638,	/* "set-brand-AmericanExpress" */
-637,	/* "set-brand-Diners" */
-636,	/* "set-brand-IATA-ATA" */
-639,	/* "set-brand-JCB" */
-641,	/* "set-brand-MasterCard" */
-642,	/* "set-brand-Novus" */
-640,	/* "set-brand-Visa" */
-516,	/* "set-policy" */
-607,	/* "set-policy-root" */
-624,	/* "set-rootKeyThumb" */
-620,	/* "setAttr-Cert" */
-628,	/* "setAttr-IssCap-CVM" */
-630,	/* "setAttr-IssCap-Sig" */
-629,	/* "setAttr-IssCap-T2" */
-627,	/* "setAttr-Token-B0Prime" */
-626,	/* "setAttr-Token-EMV" */
-622,	/* "setAttr-TokenType" */
-619,	/* "setCext-IssuerCapabilities" */
-615,	/* "setCext-PGWYcapabilities" */
-616,	/* "setCext-TokenIdentifier" */
-618,	/* "setCext-TokenType" */
-617,	/* "setCext-Track2Data" */
-611,	/* "setCext-cCertRequired" */
-609,	/* "setCext-certType" */
-608,	/* "setCext-hashedRoot" */
-610,	/* "setCext-merchData" */
-613,	/* "setCext-setExt" */
-614,	/* "setCext-setQualf" */
-612,	/* "setCext-tunneling" */
-540,	/* "setct-AcqCardCodeMsg" */
-576,	/* "setct-AcqCardCodeMsgTBE" */
-570,	/* "setct-AuthReqTBE" */
-534,	/* "setct-AuthReqTBS" */
-527,	/* "setct-AuthResBaggage" */
-571,	/* "setct-AuthResTBE" */
-572,	/* "setct-AuthResTBEX" */
-535,	/* "setct-AuthResTBS" */
-536,	/* "setct-AuthResTBSX" */
-528,	/* "setct-AuthRevReqBaggage" */
-577,	/* "setct-AuthRevReqTBE" */
-541,	/* "setct-AuthRevReqTBS" */
-529,	/* "setct-AuthRevResBaggage" */
-542,	/* "setct-AuthRevResData" */
-578,	/* "setct-AuthRevResTBE" */
-579,	/* "setct-AuthRevResTBEB" */
-543,	/* "setct-AuthRevResTBS" */
-573,	/* "setct-AuthTokenTBE" */
-537,	/* "setct-AuthTokenTBS" */
-600,	/* "setct-BCIDistributionTBS" */
-558,	/* "setct-BatchAdminReqData" */
-592,	/* "setct-BatchAdminReqTBE" */
-559,	/* "setct-BatchAdminResData" */
-593,	/* "setct-BatchAdminResTBE" */
-599,	/* "setct-CRLNotificationResTBS" */
-598,	/* "setct-CRLNotificationTBS" */
-580,	/* "setct-CapReqTBE" */
-581,	/* "setct-CapReqTBEX" */
-544,	/* "setct-CapReqTBS" */
-545,	/* "setct-CapReqTBSX" */
-546,	/* "setct-CapResData" */
-582,	/* "setct-CapResTBE" */
-583,	/* "setct-CapRevReqTBE" */
-584,	/* "setct-CapRevReqTBEX" */
-547,	/* "setct-CapRevReqTBS" */
-548,	/* "setct-CapRevReqTBSX" */
-549,	/* "setct-CapRevResData" */
-585,	/* "setct-CapRevResTBE" */
-538,	/* "setct-CapTokenData" */
-530,	/* "setct-CapTokenSeq" */
-574,	/* "setct-CapTokenTBE" */
-575,	/* "setct-CapTokenTBEX" */
-539,	/* "setct-CapTokenTBS" */
-560,	/* "setct-CardCInitResTBS" */
-566,	/* "setct-CertInqReqTBS" */
-563,	/* "setct-CertReqData" */
-595,	/* "setct-CertReqTBE" */
-596,	/* "setct-CertReqTBEX" */
-564,	/* "setct-CertReqTBS" */
-565,	/* "setct-CertResData" */
-597,	/* "setct-CertResTBE" */
-586,	/* "setct-CredReqTBE" */
-587,	/* "setct-CredReqTBEX" */
-550,	/* "setct-CredReqTBS" */
-551,	/* "setct-CredReqTBSX" */
-552,	/* "setct-CredResData" */
-588,	/* "setct-CredResTBE" */
-589,	/* "setct-CredRevReqTBE" */
-590,	/* "setct-CredRevReqTBEX" */
-553,	/* "setct-CredRevReqTBS" */
-554,	/* "setct-CredRevReqTBSX" */
-555,	/* "setct-CredRevResData" */
-591,	/* "setct-CredRevResTBE" */
-567,	/* "setct-ErrorTBS" */
-526,	/* "setct-HODInput" */
-561,	/* "setct-MeAqCInitResTBS" */
-522,	/* "setct-OIData" */
-519,	/* "setct-PANData" */
-521,	/* "setct-PANOnly" */
-520,	/* "setct-PANToken" */
-556,	/* "setct-PCertReqData" */
-557,	/* "setct-PCertResTBS" */
-523,	/* "setct-PI" */
-532,	/* "setct-PI-TBS" */
-524,	/* "setct-PIData" */
-525,	/* "setct-PIDataUnsigned" */
-568,	/* "setct-PIDualSignedTBE" */
-569,	/* "setct-PIUnsignedTBE" */
-531,	/* "setct-PInitResData" */
-533,	/* "setct-PResData" */
-594,	/* "setct-RegFormReqTBE" */
-562,	/* "setct-RegFormResTBS" */
-604,	/* "setext-pinAny" */
-603,	/* "setext-pinSecure" */
-605,	/* "setext-track2" */
-41,	/* "sha" */
-64,	/* "sha1" */
-115,	/* "sha1WithRSA" */
-65,	/* "sha1WithRSAEncryption" */
-675,	/* "sha224" */
-671,	/* "sha224WithRSAEncryption" */
-672,	/* "sha256" */
-668,	/* "sha256WithRSAEncryption" */
-673,	/* "sha384" */
-669,	/* "sha384WithRSAEncryption" */
-674,	/* "sha512" */
-670,	/* "sha512WithRSAEncryption" */
-42,	/* "shaWithRSAEncryption" */
-52,	/* "signingTime" */
-454,	/* "simpleSecurityObject" */
-496,	/* "singleLevelQuality" */
-16,	/* "stateOrProvinceName" */
-660,	/* "streetAddress" */
-498,	/* "subtreeMaximumQuality" */
-497,	/* "subtreeMinimumQuality" */
-890,	/* "supportedAlgorithms" */
-874,	/* "supportedApplicationContext" */
-100,	/* "surname" */
-864,	/* "telephoneNumber" */
-866,	/* "teletexTerminalIdentifier" */
-865,	/* "telexNumber" */
-459,	/* "textEncodedORAddress" */
-293,	/* "textNotice" */
-106,	/* "title" */
-682,	/* "tpBasis" */
-436,	/* "ucl" */
- 0,	/* "undefined" */
-888,	/* "uniqueMember" */
-55,	/* "unstructuredAddress" */
-49,	/* "unstructuredName" */
-880,	/* "userCertificate" */
-465,	/* "userClass" */
-458,	/* "userId" */
-879,	/* "userPassword" */
-373,	/* "valid" */
-678,	/* "wap" */
-679,	/* "wap-wsg" */
-735,	/* "wap-wsg-idm-ecid-wtls1" */
-743,	/* "wap-wsg-idm-ecid-wtls10" */
-744,	/* "wap-wsg-idm-ecid-wtls11" */
-745,	/* "wap-wsg-idm-ecid-wtls12" */
-736,	/* "wap-wsg-idm-ecid-wtls3" */
-737,	/* "wap-wsg-idm-ecid-wtls4" */
-738,	/* "wap-wsg-idm-ecid-wtls5" */
-739,	/* "wap-wsg-idm-ecid-wtls6" */
-740,	/* "wap-wsg-idm-ecid-wtls7" */
-741,	/* "wap-wsg-idm-ecid-wtls8" */
-742,	/* "wap-wsg-idm-ecid-wtls9" */
-804,	/* "whirlpool" */
-868,	/* "x121Address" */
-503,	/* "x500UniqueIdentifier" */
-158,	/* "x509Certificate" */
-160,	/* "x509Crl" */
-125,	/* "zlib compression" */
-};
-
-static const unsigned int obj_objs[NUM_OBJ]={
- 0,	/* OBJ_undef                        0 */
-181,	/* OBJ_iso                          1 */
-393,	/* OBJ_joint_iso_ccitt              OBJ_joint_iso_itu_t */
-404,	/* OBJ_ccitt                        OBJ_itu_t */
-645,	/* OBJ_itu_t                        0 */
-646,	/* OBJ_joint_iso_itu_t              2 */
-434,	/* OBJ_data                         0 9 */
-182,	/* OBJ_member_body                  1 2 */
-379,	/* OBJ_org                          1 3 */
-676,	/* OBJ_identified_organization      1 3 */
-11,	/* OBJ_X500                         2 5 */
-647,	/* OBJ_international_organizations  2 23 */
-380,	/* OBJ_dod                          1 3 6 */
-12,	/* OBJ_X509                         2 5 4 */
-378,	/* OBJ_X500algorithms               2 5 8 */
-81,	/* OBJ_id_ce                        2 5 29 */
-512,	/* OBJ_id_set                       2 23 42 */
-678,	/* OBJ_wap                          2 23 43 */
-435,	/* OBJ_pss                          0 9 2342 */
-183,	/* OBJ_ISO_US                       1 2 840 */
-381,	/* OBJ_iana                         1 3 6 1 */
-677,	/* OBJ_certicom_arc                 1 3 132 */
-394,	/* OBJ_selected_attribute_types     2 5 1 5 */
-13,	/* OBJ_commonName                   2 5 4 3 */
-100,	/* OBJ_surname                      2 5 4 4 */
-105,	/* OBJ_serialNumber                 2 5 4 5 */
-14,	/* OBJ_countryName                  2 5 4 6 */
-15,	/* OBJ_localityName                 2 5 4 7 */
-16,	/* OBJ_stateOrProvinceName          2 5 4 8 */
-660,	/* OBJ_streetAddress                2 5 4 9 */
-17,	/* OBJ_organizationName             2 5 4 10 */
-18,	/* OBJ_organizationalUnitName       2 5 4 11 */
-106,	/* OBJ_title                        2 5 4 12 */
-107,	/* OBJ_description                  2 5 4 13 */
-859,	/* OBJ_searchGuide                  2 5 4 14 */
-860,	/* OBJ_businessCategory             2 5 4 15 */
-861,	/* OBJ_postalAddress                2 5 4 16 */
-661,	/* OBJ_postalCode                   2 5 4 17 */
-862,	/* OBJ_postOfficeBox                2 5 4 18 */
-863,	/* OBJ_physicalDeliveryOfficeName   2 5 4 19 */
-864,	/* OBJ_telephoneNumber              2 5 4 20 */
-865,	/* OBJ_telexNumber                  2 5 4 21 */
-866,	/* OBJ_teletexTerminalIdentifier    2 5 4 22 */
-867,	/* OBJ_facsimileTelephoneNumber     2 5 4 23 */
-868,	/* OBJ_x121Address                  2 5 4 24 */
-869,	/* OBJ_internationaliSDNNumber      2 5 4 25 */
-870,	/* OBJ_registeredAddress            2 5 4 26 */
-871,	/* OBJ_destinationIndicator         2 5 4 27 */
-872,	/* OBJ_preferredDeliveryMethod      2 5 4 28 */
-873,	/* OBJ_presentationAddress          2 5 4 29 */
-874,	/* OBJ_supportedApplicationContext  2 5 4 30 */
-875,	/* OBJ_member                       2 5 4 31 */
-876,	/* OBJ_owner                        2 5 4 32 */
-877,	/* OBJ_roleOccupant                 2 5 4 33 */
-878,	/* OBJ_seeAlso                      2 5 4 34 */
-879,	/* OBJ_userPassword                 2 5 4 35 */
-880,	/* OBJ_userCertificate              2 5 4 36 */
-881,	/* OBJ_cACertificate                2 5 4 37 */
-882,	/* OBJ_authorityRevocationList      2 5 4 38 */
-883,	/* OBJ_certificateRevocationList    2 5 4 39 */
-884,	/* OBJ_crossCertificatePair         2 5 4 40 */
-173,	/* OBJ_name                         2 5 4 41 */
-99,	/* OBJ_givenName                    2 5 4 42 */
-101,	/* OBJ_initials                     2 5 4 43 */
-509,	/* OBJ_generationQualifier          2 5 4 44 */
-503,	/* OBJ_x500UniqueIdentifier         2 5 4 45 */
-174,	/* OBJ_dnQualifier                  2 5 4 46 */
-885,	/* OBJ_enhancedSearchGuide          2 5 4 47 */
-886,	/* OBJ_protocolInformation          2 5 4 48 */
-887,	/* OBJ_distinguishedName            2 5 4 49 */
-888,	/* OBJ_uniqueMember                 2 5 4 50 */
-889,	/* OBJ_houseIdentifier              2 5 4 51 */
-890,	/* OBJ_supportedAlgorithms          2 5 4 52 */
-891,	/* OBJ_deltaRevocationList          2 5 4 53 */
-892,	/* OBJ_dmdName                      2 5 4 54 */
-510,	/* OBJ_pseudonym                    2 5 4 65 */
-400,	/* OBJ_role                         2 5 4 72 */
-769,	/* OBJ_subject_directory_attributes 2 5 29 9 */
-82,	/* OBJ_subject_key_identifier       2 5 29 14 */
-83,	/* OBJ_key_usage                    2 5 29 15 */
-84,	/* OBJ_private_key_usage_period     2 5 29 16 */
-85,	/* OBJ_subject_alt_name             2 5 29 17 */
-86,	/* OBJ_issuer_alt_name              2 5 29 18 */
-87,	/* OBJ_basic_constraints            2 5 29 19 */
-88,	/* OBJ_crl_number                   2 5 29 20 */
-141,	/* OBJ_crl_reason                   2 5 29 21 */
-430,	/* OBJ_hold_instruction_code        2 5 29 23 */
-142,	/* OBJ_invalidity_date              2 5 29 24 */
-140,	/* OBJ_delta_crl                    2 5 29 27 */
-770,	/* OBJ_issuing_distribution_point   2 5 29 28 */
-771,	/* OBJ_certificate_issuer           2 5 29 29 */
-666,	/* OBJ_name_constraints             2 5 29 30 */
-103,	/* OBJ_crl_distribution_points      2 5 29 31 */
-89,	/* OBJ_certificate_policies         2 5 29 32 */
-747,	/* OBJ_policy_mappings              2 5 29 33 */
-90,	/* OBJ_authority_key_identifier     2 5 29 35 */
-401,	/* OBJ_policy_constraints           2 5 29 36 */
-126,	/* OBJ_ext_key_usage                2 5 29 37 */
-857,	/* OBJ_freshest_crl                 2 5 29 46 */
-748,	/* OBJ_inhibit_any_policy           2 5 29 54 */
-402,	/* OBJ_target_information           2 5 29 55 */
-403,	/* OBJ_no_rev_avail                 2 5 29 56 */
-513,	/* OBJ_set_ctype                    2 23 42 0 */
-514,	/* OBJ_set_msgExt                   2 23 42 1 */
-515,	/* OBJ_set_attr                     2 23 42 3 */
-516,	/* OBJ_set_policy                   2 23 42 5 */
-517,	/* OBJ_set_certExt                  2 23 42 7 */
-518,	/* OBJ_set_brand                    2 23 42 8 */
-679,	/* OBJ_wap_wsg                      2 23 43 1 */
-382,	/* OBJ_Directory                    1 3 6 1 1 */
-383,	/* OBJ_Management                   1 3 6 1 2 */
-384,	/* OBJ_Experimental                 1 3 6 1 3 */
-385,	/* OBJ_Private                      1 3 6 1 4 */
-386,	/* OBJ_Security                     1 3 6 1 5 */
-387,	/* OBJ_SNMPv2                       1 3 6 1 6 */
-388,	/* OBJ_Mail                         1 3 6 1 7 */
-376,	/* OBJ_algorithm                    1 3 14 3 2 */
-395,	/* OBJ_clearance                    2 5 1 5 55 */
-19,	/* OBJ_rsa                          2 5 8 1 1 */
-96,	/* OBJ_mdc2WithRSA                  2 5 8 3 100 */
-95,	/* OBJ_mdc2                         2 5 8 3 101 */
-746,	/* OBJ_any_policy                   2 5 29 32 0 */
-910,	/* OBJ_anyExtendedKeyUsage          2 5 29 37 0 */
-519,	/* OBJ_setct_PANData                2 23 42 0 0 */
-520,	/* OBJ_setct_PANToken               2 23 42 0 1 */
-521,	/* OBJ_setct_PANOnly                2 23 42 0 2 */
-522,	/* OBJ_setct_OIData                 2 23 42 0 3 */
-523,	/* OBJ_setct_PI                     2 23 42 0 4 */
-524,	/* OBJ_setct_PIData                 2 23 42 0 5 */
-525,	/* OBJ_setct_PIDataUnsigned         2 23 42 0 6 */
-526,	/* OBJ_setct_HODInput               2 23 42 0 7 */
-527,	/* OBJ_setct_AuthResBaggage         2 23 42 0 8 */
-528,	/* OBJ_setct_AuthRevReqBaggage      2 23 42 0 9 */
-529,	/* OBJ_setct_AuthRevResBaggage      2 23 42 0 10 */
-530,	/* OBJ_setct_CapTokenSeq            2 23 42 0 11 */
-531,	/* OBJ_setct_PInitResData           2 23 42 0 12 */
-532,	/* OBJ_setct_PI_TBS                 2 23 42 0 13 */
-533,	/* OBJ_setct_PResData               2 23 42 0 14 */
-534,	/* OBJ_setct_AuthReqTBS             2 23 42 0 16 */
-535,	/* OBJ_setct_AuthResTBS             2 23 42 0 17 */
-536,	/* OBJ_setct_AuthResTBSX            2 23 42 0 18 */
-537,	/* OBJ_setct_AuthTokenTBS           2 23 42 0 19 */
-538,	/* OBJ_setct_CapTokenData           2 23 42 0 20 */
-539,	/* OBJ_setct_CapTokenTBS            2 23 42 0 21 */
-540,	/* OBJ_setct_AcqCardCodeMsg         2 23 42 0 22 */
-541,	/* OBJ_setct_AuthRevReqTBS          2 23 42 0 23 */
-542,	/* OBJ_setct_AuthRevResData         2 23 42 0 24 */
-543,	/* OBJ_setct_AuthRevResTBS          2 23 42 0 25 */
-544,	/* OBJ_setct_CapReqTBS              2 23 42 0 26 */
-545,	/* OBJ_setct_CapReqTBSX             2 23 42 0 27 */
-546,	/* OBJ_setct_CapResData             2 23 42 0 28 */
-547,	/* OBJ_setct_CapRevReqTBS           2 23 42 0 29 */
-548,	/* OBJ_setct_CapRevReqTBSX          2 23 42 0 30 */
-549,	/* OBJ_setct_CapRevResData          2 23 42 0 31 */
-550,	/* OBJ_setct_CredReqTBS             2 23 42 0 32 */
-551,	/* OBJ_setct_CredReqTBSX            2 23 42 0 33 */
-552,	/* OBJ_setct_CredResData            2 23 42 0 34 */
-553,	/* OBJ_setct_CredRevReqTBS          2 23 42 0 35 */
-554,	/* OBJ_setct_CredRevReqTBSX         2 23 42 0 36 */
-555,	/* OBJ_setct_CredRevResData         2 23 42 0 37 */
-556,	/* OBJ_setct_PCertReqData           2 23 42 0 38 */
-557,	/* OBJ_setct_PCertResTBS            2 23 42 0 39 */
-558,	/* OBJ_setct_BatchAdminReqData      2 23 42 0 40 */
-559,	/* OBJ_setct_BatchAdminResData      2 23 42 0 41 */
-560,	/* OBJ_setct_CardCInitResTBS        2 23 42 0 42 */
-561,	/* OBJ_setct_MeAqCInitResTBS        2 23 42 0 43 */
-562,	/* OBJ_setct_RegFormResTBS          2 23 42 0 44 */
-563,	/* OBJ_setct_CertReqData            2 23 42 0 45 */
-564,	/* OBJ_setct_CertReqTBS             2 23 42 0 46 */
-565,	/* OBJ_setct_CertResData            2 23 42 0 47 */
-566,	/* OBJ_setct_CertInqReqTBS          2 23 42 0 48 */
-567,	/* OBJ_setct_ErrorTBS               2 23 42 0 49 */
-568,	/* OBJ_setct_PIDualSignedTBE        2 23 42 0 50 */
-569,	/* OBJ_setct_PIUnsignedTBE          2 23 42 0 51 */
-570,	/* OBJ_setct_AuthReqTBE             2 23 42 0 52 */
-571,	/* OBJ_setct_AuthResTBE             2 23 42 0 53 */
-572,	/* OBJ_setct_AuthResTBEX            2 23 42 0 54 */
-573,	/* OBJ_setct_AuthTokenTBE           2 23 42 0 55 */
-574,	/* OBJ_setct_CapTokenTBE            2 23 42 0 56 */
-575,	/* OBJ_setct_CapTokenTBEX           2 23 42 0 57 */
-576,	/* OBJ_setct_AcqCardCodeMsgTBE      2 23 42 0 58 */
-577,	/* OBJ_setct_AuthRevReqTBE          2 23 42 0 59 */
-578,	/* OBJ_setct_AuthRevResTBE          2 23 42 0 60 */
-579,	/* OBJ_setct_AuthRevResTBEB         2 23 42 0 61 */
-580,	/* OBJ_setct_CapReqTBE              2 23 42 0 62 */
-581,	/* OBJ_setct_CapReqTBEX             2 23 42 0 63 */
-582,	/* OBJ_setct_CapResTBE              2 23 42 0 64 */
-583,	/* OBJ_setct_CapRevReqTBE           2 23 42 0 65 */
-584,	/* OBJ_setct_CapRevReqTBEX          2 23 42 0 66 */
-585,	/* OBJ_setct_CapRevResTBE           2 23 42 0 67 */
-586,	/* OBJ_setct_CredReqTBE             2 23 42 0 68 */
-587,	/* OBJ_setct_CredReqTBEX            2 23 42 0 69 */
-588,	/* OBJ_setct_CredResTBE             2 23 42 0 70 */
-589,	/* OBJ_setct_CredRevReqTBE          2 23 42 0 71 */
-590,	/* OBJ_setct_CredRevReqTBEX         2 23 42 0 72 */
-591,	/* OBJ_setct_CredRevResTBE          2 23 42 0 73 */
-592,	/* OBJ_setct_BatchAdminReqTBE       2 23 42 0 74 */
-593,	/* OBJ_setct_BatchAdminResTBE       2 23 42 0 75 */
-594,	/* OBJ_setct_RegFormReqTBE          2 23 42 0 76 */
-595,	/* OBJ_setct_CertReqTBE             2 23 42 0 77 */
-596,	/* OBJ_setct_CertReqTBEX            2 23 42 0 78 */
-597,	/* OBJ_setct_CertResTBE             2 23 42 0 79 */
-598,	/* OBJ_setct_CRLNotificationTBS     2 23 42 0 80 */
-599,	/* OBJ_setct_CRLNotificationResTBS  2 23 42 0 81 */
-600,	/* OBJ_setct_BCIDistributionTBS     2 23 42 0 82 */
-601,	/* OBJ_setext_genCrypt              2 23 42 1 1 */
-602,	/* OBJ_setext_miAuth                2 23 42 1 3 */
-603,	/* OBJ_setext_pinSecure             2 23 42 1 4 */
-604,	/* OBJ_setext_pinAny                2 23 42 1 5 */
-605,	/* OBJ_setext_track2                2 23 42 1 7 */
-606,	/* OBJ_setext_cv                    2 23 42 1 8 */
-620,	/* OBJ_setAttr_Cert                 2 23 42 3 0 */
-621,	/* OBJ_setAttr_PGWYcap              2 23 42 3 1 */
-622,	/* OBJ_setAttr_TokenType            2 23 42 3 2 */
-623,	/* OBJ_setAttr_IssCap               2 23 42 3 3 */
-607,	/* OBJ_set_policy_root              2 23 42 5 0 */
-608,	/* OBJ_setCext_hashedRoot           2 23 42 7 0 */
-609,	/* OBJ_setCext_certType             2 23 42 7 1 */
-610,	/* OBJ_setCext_merchData            2 23 42 7 2 */
-611,	/* OBJ_setCext_cCertRequired        2 23 42 7 3 */
-612,	/* OBJ_setCext_tunneling            2 23 42 7 4 */
-613,	/* OBJ_setCext_setExt               2 23 42 7 5 */
-614,	/* OBJ_setCext_setQualf             2 23 42 7 6 */
-615,	/* OBJ_setCext_PGWYcapabilities     2 23 42 7 7 */
-616,	/* OBJ_setCext_TokenIdentifier      2 23 42 7 8 */
-617,	/* OBJ_setCext_Track2Data           2 23 42 7 9 */
-618,	/* OBJ_setCext_TokenType            2 23 42 7 10 */
-619,	/* OBJ_setCext_IssuerCapabilities   2 23 42 7 11 */
-636,	/* OBJ_set_brand_IATA_ATA           2 23 42 8 1 */
-640,	/* OBJ_set_brand_Visa               2 23 42 8 4 */
-641,	/* OBJ_set_brand_MasterCard         2 23 42 8 5 */
-637,	/* OBJ_set_brand_Diners             2 23 42 8 30 */
-638,	/* OBJ_set_brand_AmericanExpress    2 23 42 8 34 */
-639,	/* OBJ_set_brand_JCB                2 23 42 8 35 */
-805,	/* OBJ_cryptopro                    1 2 643 2 2 */
-806,	/* OBJ_cryptocom                    1 2 643 2 9 */
-184,	/* OBJ_X9_57                        1 2 840 10040 */
-405,	/* OBJ_ansi_X9_62                   1 2 840 10045 */
-389,	/* OBJ_Enterprises                  1 3 6 1 4 1 */
-504,	/* OBJ_mime_mhs                     1 3 6 1 7 1 */
-104,	/* OBJ_md5WithRSA                   1 3 14 3 2 3 */
-29,	/* OBJ_des_ecb                      1 3 14 3 2 6 */
-31,	/* OBJ_des_cbc                      1 3 14 3 2 7 */
-45,	/* OBJ_des_ofb64                    1 3 14 3 2 8 */
-30,	/* OBJ_des_cfb64                    1 3 14 3 2 9 */
-377,	/* OBJ_rsaSignature                 1 3 14 3 2 11 */
-67,	/* OBJ_dsa_2                        1 3 14 3 2 12 */
-66,	/* OBJ_dsaWithSHA                   1 3 14 3 2 13 */
-42,	/* OBJ_shaWithRSAEncryption         1 3 14 3 2 15 */
-32,	/* OBJ_des_ede_ecb                  1 3 14 3 2 17 */
-41,	/* OBJ_sha                          1 3 14 3 2 18 */
-64,	/* OBJ_sha1                         1 3 14 3 2 26 */
-70,	/* OBJ_dsaWithSHA1_2                1 3 14 3 2 27 */
-115,	/* OBJ_sha1WithRSA                  1 3 14 3 2 29 */
-117,	/* OBJ_ripemd160                    1 3 36 3 2 1 */
-143,	/* OBJ_sxnet                        1 3 101 1 4 1 */
-721,	/* OBJ_sect163k1                    1 3 132 0 1 */
-722,	/* OBJ_sect163r1                    1 3 132 0 2 */
-728,	/* OBJ_sect239k1                    1 3 132 0 3 */
-717,	/* OBJ_sect113r1                    1 3 132 0 4 */
-718,	/* OBJ_sect113r2                    1 3 132 0 5 */
-704,	/* OBJ_secp112r1                    1 3 132 0 6 */
-705,	/* OBJ_secp112r2                    1 3 132 0 7 */
-709,	/* OBJ_secp160r1                    1 3 132 0 8 */
-708,	/* OBJ_secp160k1                    1 3 132 0 9 */
-714,	/* OBJ_secp256k1                    1 3 132 0 10 */
-723,	/* OBJ_sect163r2                    1 3 132 0 15 */
-729,	/* OBJ_sect283k1                    1 3 132 0 16 */
-730,	/* OBJ_sect283r1                    1 3 132 0 17 */
-719,	/* OBJ_sect131r1                    1 3 132 0 22 */
-720,	/* OBJ_sect131r2                    1 3 132 0 23 */
-724,	/* OBJ_sect193r1                    1 3 132 0 24 */
-725,	/* OBJ_sect193r2                    1 3 132 0 25 */
-726,	/* OBJ_sect233k1                    1 3 132 0 26 */
-727,	/* OBJ_sect233r1                    1 3 132 0 27 */
-706,	/* OBJ_secp128r1                    1 3 132 0 28 */
-707,	/* OBJ_secp128r2                    1 3 132 0 29 */
-710,	/* OBJ_secp160r2                    1 3 132 0 30 */
-711,	/* OBJ_secp192k1                    1 3 132 0 31 */
-712,	/* OBJ_secp224k1                    1 3 132 0 32 */
-713,	/* OBJ_secp224r1                    1 3 132 0 33 */
-715,	/* OBJ_secp384r1                    1 3 132 0 34 */
-716,	/* OBJ_secp521r1                    1 3 132 0 35 */
-731,	/* OBJ_sect409k1                    1 3 132 0 36 */
-732,	/* OBJ_sect409r1                    1 3 132 0 37 */
-733,	/* OBJ_sect571k1                    1 3 132 0 38 */
-734,	/* OBJ_sect571r1                    1 3 132 0 39 */
-624,	/* OBJ_set_rootKeyThumb             2 23 42 3 0 0 */
-625,	/* OBJ_set_addPolicy                2 23 42 3 0 1 */
-626,	/* OBJ_setAttr_Token_EMV            2 23 42 3 2 1 */
-627,	/* OBJ_setAttr_Token_B0Prime        2 23 42 3 2 2 */
-628,	/* OBJ_setAttr_IssCap_CVM           2 23 42 3 3 3 */
-629,	/* OBJ_setAttr_IssCap_T2            2 23 42 3 3 4 */
-630,	/* OBJ_setAttr_IssCap_Sig           2 23 42 3 3 5 */
-642,	/* OBJ_set_brand_Novus              2 23 42 8 6011 */
-735,	/* OBJ_wap_wsg_idm_ecid_wtls1       2 23 43 1 4 1 */
-736,	/* OBJ_wap_wsg_idm_ecid_wtls3       2 23 43 1 4 3 */
-737,	/* OBJ_wap_wsg_idm_ecid_wtls4       2 23 43 1 4 4 */
-738,	/* OBJ_wap_wsg_idm_ecid_wtls5       2 23 43 1 4 5 */
-739,	/* OBJ_wap_wsg_idm_ecid_wtls6       2 23 43 1 4 6 */
-740,	/* OBJ_wap_wsg_idm_ecid_wtls7       2 23 43 1 4 7 */
-741,	/* OBJ_wap_wsg_idm_ecid_wtls8       2 23 43 1 4 8 */
-742,	/* OBJ_wap_wsg_idm_ecid_wtls9       2 23 43 1 4 9 */
-743,	/* OBJ_wap_wsg_idm_ecid_wtls10      2 23 43 1 4 10 */
-744,	/* OBJ_wap_wsg_idm_ecid_wtls11      2 23 43 1 4 11 */
-745,	/* OBJ_wap_wsg_idm_ecid_wtls12      2 23 43 1 4 12 */
-804,	/* OBJ_whirlpool                    1 0 10118 3 0 55 */
-124,	/* OBJ_rle_compression              1 1 1 1 666 1 */
-773,	/* OBJ_kisa                         1 2 410 200004 */
-807,	/* OBJ_id_GostR3411_94_with_GostR3410_2001 1 2 643 2 2 3 */
-808,	/* OBJ_id_GostR3411_94_with_GostR3410_94 1 2 643 2 2 4 */
-809,	/* OBJ_id_GostR3411_94              1 2 643 2 2 9 */
-810,	/* OBJ_id_HMACGostR3411_94          1 2 643 2 2 10 */
-811,	/* OBJ_id_GostR3410_2001            1 2 643 2 2 19 */
-812,	/* OBJ_id_GostR3410_94              1 2 643 2 2 20 */
-813,	/* OBJ_id_Gost28147_89              1 2 643 2 2 21 */
-815,	/* OBJ_id_Gost28147_89_MAC          1 2 643 2 2 22 */
-816,	/* OBJ_id_GostR3411_94_prf          1 2 643 2 2 23 */
-817,	/* OBJ_id_GostR3410_2001DH          1 2 643 2 2 98 */
-818,	/* OBJ_id_GostR3410_94DH            1 2 643 2 2 99 */
- 1,	/* OBJ_rsadsi                       1 2 840 113549 */
-185,	/* OBJ_X9cm                         1 2 840 10040 4 */
-127,	/* OBJ_id_pkix                      1 3 6 1 5 5 7 */
-505,	/* OBJ_mime_mhs_headings            1 3 6 1 7 1 1 */
-506,	/* OBJ_mime_mhs_bodies              1 3 6 1 7 1 2 */
-119,	/* OBJ_ripemd160WithRSA             1 3 36 3 3 1 2 */
-937,	/* OBJ_dhSinglePass_stdDH_sha224kdf_scheme 1 3 132 1 11 0 */
-938,	/* OBJ_dhSinglePass_stdDH_sha256kdf_scheme 1 3 132 1 11 1 */
-939,	/* OBJ_dhSinglePass_stdDH_sha384kdf_scheme 1 3 132 1 11 2 */
-940,	/* OBJ_dhSinglePass_stdDH_sha512kdf_scheme 1 3 132 1 11 3 */
-942,	/* OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme 1 3 132 1 14 0 */
-943,	/* OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme 1 3 132 1 14 1 */
-944,	/* OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme 1 3 132 1 14 2 */
-945,	/* OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme 1 3 132 1 14 3 */
-631,	/* OBJ_setAttr_GenCryptgrm          2 23 42 3 3 3 1 */
-632,	/* OBJ_setAttr_T2Enc                2 23 42 3 3 4 1 */
-633,	/* OBJ_setAttr_T2cleartxt           2 23 42 3 3 4 2 */
-634,	/* OBJ_setAttr_TokICCsig            2 23 42 3 3 5 1 */
-635,	/* OBJ_setAttr_SecDevSig            2 23 42 3 3 5 2 */
-436,	/* OBJ_ucl                          0 9 2342 19200300 */
-820,	/* OBJ_id_Gost28147_89_None_KeyMeshing 1 2 643 2 2 14 0 */
-819,	/* OBJ_id_Gost28147_89_CryptoPro_KeyMeshing 1 2 643 2 2 14 1 */
-845,	/* OBJ_id_GostR3410_94_a            1 2 643 2 2 20 1 */
-846,	/* OBJ_id_GostR3410_94_aBis         1 2 643 2 2 20 2 */
-847,	/* OBJ_id_GostR3410_94_b            1 2 643 2 2 20 3 */
-848,	/* OBJ_id_GostR3410_94_bBis         1 2 643 2 2 20 4 */
-821,	/* OBJ_id_GostR3411_94_TestParamSet 1 2 643 2 2 30 0 */
-822,	/* OBJ_id_GostR3411_94_CryptoProParamSet 1 2 643 2 2 30 1 */
-823,	/* OBJ_id_Gost28147_89_TestParamSet 1 2 643 2 2 31 0 */
-824,	/* OBJ_id_Gost28147_89_CryptoPro_A_ParamSet 1 2 643 2 2 31 1 */
-825,	/* OBJ_id_Gost28147_89_CryptoPro_B_ParamSet 1 2 643 2 2 31 2 */
-826,	/* OBJ_id_Gost28147_89_CryptoPro_C_ParamSet 1 2 643 2 2 31 3 */
-827,	/* OBJ_id_Gost28147_89_CryptoPro_D_ParamSet 1 2 643 2 2 31 4 */
-828,	/* OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet 1 2 643 2 2 31 5 */
-829,	/* OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet 1 2 643 2 2 31 6 */
-830,	/* OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet 1 2 643 2 2 31 7 */
-831,	/* OBJ_id_GostR3410_94_TestParamSet 1 2 643 2 2 32 0 */
-832,	/* OBJ_id_GostR3410_94_CryptoPro_A_ParamSet 1 2 643 2 2 32 2 */
-833,	/* OBJ_id_GostR3410_94_CryptoPro_B_ParamSet 1 2 643 2 2 32 3 */
-834,	/* OBJ_id_GostR3410_94_CryptoPro_C_ParamSet 1 2 643 2 2 32 4 */
-835,	/* OBJ_id_GostR3410_94_CryptoPro_D_ParamSet 1 2 643 2 2 32 5 */
-836,	/* OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet 1 2 643 2 2 33 1 */
-837,	/* OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet 1 2 643 2 2 33 2 */
-838,	/* OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet 1 2 643 2 2 33 3 */
-839,	/* OBJ_id_GostR3410_2001_TestParamSet 1 2 643 2 2 35 0 */
-840,	/* OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet 1 2 643 2 2 35 1 */
-841,	/* OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet 1 2 643 2 2 35 2 */
-842,	/* OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet 1 2 643 2 2 35 3 */
-843,	/* OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet 1 2 643 2 2 36 0 */
-844,	/* OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet 1 2 643 2 2 36 1 */
- 2,	/* OBJ_pkcs                         1 2 840 113549 1 */
-431,	/* OBJ_hold_instruction_none        1 2 840 10040 2 1 */
-432,	/* OBJ_hold_instruction_call_issuer 1 2 840 10040 2 2 */
-433,	/* OBJ_hold_instruction_reject      1 2 840 10040 2 3 */
-116,	/* OBJ_dsa                          1 2 840 10040 4 1 */
-113,	/* OBJ_dsaWithSHA1                  1 2 840 10040 4 3 */
-406,	/* OBJ_X9_62_prime_field            1 2 840 10045 1 1 */
-407,	/* OBJ_X9_62_characteristic_two_field 1 2 840 10045 1 2 */
-408,	/* OBJ_X9_62_id_ecPublicKey         1 2 840 10045 2 1 */
-416,	/* OBJ_ecdsa_with_SHA1              1 2 840 10045 4 1 */
-791,	/* OBJ_ecdsa_with_Recommended       1 2 840 10045 4 2 */
-792,	/* OBJ_ecdsa_with_Specified         1 2 840 10045 4 3 */
-920,	/* OBJ_dhpublicnumber               1 2 840 10046 2 1 */
-258,	/* OBJ_id_pkix_mod                  1 3 6 1 5 5 7 0 */
-175,	/* OBJ_id_pe                        1 3 6 1 5 5 7 1 */
-259,	/* OBJ_id_qt                        1 3 6 1 5 5 7 2 */
-128,	/* OBJ_id_kp                        1 3 6 1 5 5 7 3 */
-260,	/* OBJ_id_it                        1 3 6 1 5 5 7 4 */
-261,	/* OBJ_id_pkip                      1 3 6 1 5 5 7 5 */
-262,	/* OBJ_id_alg                       1 3 6 1 5 5 7 6 */
-263,	/* OBJ_id_cmc                       1 3 6 1 5 5 7 7 */
-264,	/* OBJ_id_on                        1 3 6 1 5 5 7 8 */
-265,	/* OBJ_id_pda                       1 3 6 1 5 5 7 9 */
-266,	/* OBJ_id_aca                       1 3 6 1 5 5 7 10 */
-267,	/* OBJ_id_qcs                       1 3 6 1 5 5 7 11 */
-268,	/* OBJ_id_cct                       1 3 6 1 5 5 7 12 */
-662,	/* OBJ_id_ppl                       1 3 6 1 5 5 7 21 */
-176,	/* OBJ_id_ad                        1 3 6 1 5 5 7 48 */
-507,	/* OBJ_id_hex_partial_message       1 3 6 1 7 1 1 1 */
-508,	/* OBJ_id_hex_multipart_message     1 3 6 1 7 1 1 2 */
-57,	/* OBJ_netscape                     2 16 840 1 113730 */
-754,	/* OBJ_camellia_128_ecb             0 3 4401 5 3 1 9 1 */
-766,	/* OBJ_camellia_128_ofb128          0 3 4401 5 3 1 9 3 */
-757,	/* OBJ_camellia_128_cfb128          0 3 4401 5 3 1 9 4 */
-755,	/* OBJ_camellia_192_ecb             0 3 4401 5 3 1 9 21 */
-767,	/* OBJ_camellia_192_ofb128          0 3 4401 5 3 1 9 23 */
-758,	/* OBJ_camellia_192_cfb128          0 3 4401 5 3 1 9 24 */
-756,	/* OBJ_camellia_256_ecb             0 3 4401 5 3 1 9 41 */
-768,	/* OBJ_camellia_256_ofb128          0 3 4401 5 3 1 9 43 */
-759,	/* OBJ_camellia_256_cfb128          0 3 4401 5 3 1 9 44 */
-437,	/* OBJ_pilot                        0 9 2342 19200300 100 */
-776,	/* OBJ_seed_ecb                     1 2 410 200004 1 3 */
-777,	/* OBJ_seed_cbc                     1 2 410 200004 1 4 */
-779,	/* OBJ_seed_cfb128                  1 2 410 200004 1 5 */
-778,	/* OBJ_seed_ofb128                  1 2 410 200004 1 6 */
-852,	/* OBJ_id_GostR3411_94_with_GostR3410_94_cc 1 2 643 2 9 1 3 3 */
-853,	/* OBJ_id_GostR3411_94_with_GostR3410_2001_cc 1 2 643 2 9 1 3 4 */
-850,	/* OBJ_id_GostR3410_94_cc           1 2 643 2 9 1 5 3 */
-851,	/* OBJ_id_GostR3410_2001_cc         1 2 643 2 9 1 5 4 */
-849,	/* OBJ_id_Gost28147_89_cc           1 2 643 2 9 1 6 1 */
-854,	/* OBJ_id_GostR3410_2001_ParamSet_cc 1 2 643 2 9 1 8 1 */
-186,	/* OBJ_pkcs1                        1 2 840 113549 1 1 */
-27,	/* OBJ_pkcs3                        1 2 840 113549 1 3 */
-187,	/* OBJ_pkcs5                        1 2 840 113549 1 5 */
-20,	/* OBJ_pkcs7                        1 2 840 113549 1 7 */
-47,	/* OBJ_pkcs9                        1 2 840 113549 1 9 */
- 3,	/* OBJ_md2                          1 2 840 113549 2 2 */
-257,	/* OBJ_md4                          1 2 840 113549 2 4 */
- 4,	/* OBJ_md5                          1 2 840 113549 2 5 */
-797,	/* OBJ_hmacWithMD5                  1 2 840 113549 2 6 */
-163,	/* OBJ_hmacWithSHA1                 1 2 840 113549 2 7 */
-798,	/* OBJ_hmacWithSHA224               1 2 840 113549 2 8 */
-799,	/* OBJ_hmacWithSHA256               1 2 840 113549 2 9 */
-800,	/* OBJ_hmacWithSHA384               1 2 840 113549 2 10 */
-801,	/* OBJ_hmacWithSHA512               1 2 840 113549 2 11 */
-37,	/* OBJ_rc2_cbc                      1 2 840 113549 3 2 */
- 5,	/* OBJ_rc4                          1 2 840 113549 3 4 */
-44,	/* OBJ_des_ede3_cbc                 1 2 840 113549 3 7 */
-120,	/* OBJ_rc5_cbc                      1 2 840 113549 3 8 */
-643,	/* OBJ_des_cdmf                     1 2 840 113549 3 10 */
-680,	/* OBJ_X9_62_id_characteristic_two_basis 1 2 840 10045 1 2 3 */
-684,	/* OBJ_X9_62_c2pnb163v1             1 2 840 10045 3 0 1 */
-685,	/* OBJ_X9_62_c2pnb163v2             1 2 840 10045 3 0 2 */
-686,	/* OBJ_X9_62_c2pnb163v3             1 2 840 10045 3 0 3 */
-687,	/* OBJ_X9_62_c2pnb176v1             1 2 840 10045 3 0 4 */
-688,	/* OBJ_X9_62_c2tnb191v1             1 2 840 10045 3 0 5 */
-689,	/* OBJ_X9_62_c2tnb191v2             1 2 840 10045 3 0 6 */
-690,	/* OBJ_X9_62_c2tnb191v3             1 2 840 10045 3 0 7 */
-691,	/* OBJ_X9_62_c2onb191v4             1 2 840 10045 3 0 8 */
-692,	/* OBJ_X9_62_c2onb191v5             1 2 840 10045 3 0 9 */
-693,	/* OBJ_X9_62_c2pnb208w1             1 2 840 10045 3 0 10 */
-694,	/* OBJ_X9_62_c2tnb239v1             1 2 840 10045 3 0 11 */
-695,	/* OBJ_X9_62_c2tnb239v2             1 2 840 10045 3 0 12 */
-696,	/* OBJ_X9_62_c2tnb239v3             1 2 840 10045 3 0 13 */
-697,	/* OBJ_X9_62_c2onb239v4             1 2 840 10045 3 0 14 */
-698,	/* OBJ_X9_62_c2onb239v5             1 2 840 10045 3 0 15 */
-699,	/* OBJ_X9_62_c2pnb272w1             1 2 840 10045 3 0 16 */
-700,	/* OBJ_X9_62_c2pnb304w1             1 2 840 10045 3 0 17 */
-701,	/* OBJ_X9_62_c2tnb359v1             1 2 840 10045 3 0 18 */
-702,	/* OBJ_X9_62_c2pnb368w1             1 2 840 10045 3 0 19 */
-703,	/* OBJ_X9_62_c2tnb431r1             1 2 840 10045 3 0 20 */
-409,	/* OBJ_X9_62_prime192v1             1 2 840 10045 3 1 1 */
-410,	/* OBJ_X9_62_prime192v2             1 2 840 10045 3 1 2 */
-411,	/* OBJ_X9_62_prime192v3             1 2 840 10045 3 1 3 */
-412,	/* OBJ_X9_62_prime239v1             1 2 840 10045 3 1 4 */
-413,	/* OBJ_X9_62_prime239v2             1 2 840 10045 3 1 5 */
-414,	/* OBJ_X9_62_prime239v3             1 2 840 10045 3 1 6 */
-415,	/* OBJ_X9_62_prime256v1             1 2 840 10045 3 1 7 */
-793,	/* OBJ_ecdsa_with_SHA224            1 2 840 10045 4 3 1 */
-794,	/* OBJ_ecdsa_with_SHA256            1 2 840 10045 4 3 2 */
-795,	/* OBJ_ecdsa_with_SHA384            1 2 840 10045 4 3 3 */
-796,	/* OBJ_ecdsa_with_SHA512            1 2 840 10045 4 3 4 */
-269,	/* OBJ_id_pkix1_explicit_88         1 3 6 1 5 5 7 0 1 */
-270,	/* OBJ_id_pkix1_implicit_88         1 3 6 1 5 5 7 0 2 */
-271,	/* OBJ_id_pkix1_explicit_93         1 3 6 1 5 5 7 0 3 */
-272,	/* OBJ_id_pkix1_implicit_93         1 3 6 1 5 5 7 0 4 */
-273,	/* OBJ_id_mod_crmf                  1 3 6 1 5 5 7 0 5 */
-274,	/* OBJ_id_mod_cmc                   1 3 6 1 5 5 7 0 6 */
-275,	/* OBJ_id_mod_kea_profile_88        1 3 6 1 5 5 7 0 7 */
-276,	/* OBJ_id_mod_kea_profile_93        1 3 6 1 5 5 7 0 8 */
-277,	/* OBJ_id_mod_cmp                   1 3 6 1 5 5 7 0 9 */
-278,	/* OBJ_id_mod_qualified_cert_88     1 3 6 1 5 5 7 0 10 */
-279,	/* OBJ_id_mod_qualified_cert_93     1 3 6 1 5 5 7 0 11 */
-280,	/* OBJ_id_mod_attribute_cert        1 3 6 1 5 5 7 0 12 */
-281,	/* OBJ_id_mod_timestamp_protocol    1 3 6 1 5 5 7 0 13 */
-282,	/* OBJ_id_mod_ocsp                  1 3 6 1 5 5 7 0 14 */
-283,	/* OBJ_id_mod_dvcs                  1 3 6 1 5 5 7 0 15 */
-284,	/* OBJ_id_mod_cmp2000               1 3 6 1 5 5 7 0 16 */
-177,	/* OBJ_info_access                  1 3 6 1 5 5 7 1 1 */
-285,	/* OBJ_biometricInfo                1 3 6 1 5 5 7 1 2 */
-286,	/* OBJ_qcStatements                 1 3 6 1 5 5 7 1 3 */
-287,	/* OBJ_ac_auditEntity               1 3 6 1 5 5 7 1 4 */
-288,	/* OBJ_ac_targeting                 1 3 6 1 5 5 7 1 5 */
-289,	/* OBJ_aaControls                   1 3 6 1 5 5 7 1 6 */
-290,	/* OBJ_sbgp_ipAddrBlock             1 3 6 1 5 5 7 1 7 */
-291,	/* OBJ_sbgp_autonomousSysNum        1 3 6 1 5 5 7 1 8 */
-292,	/* OBJ_sbgp_routerIdentifier        1 3 6 1 5 5 7 1 9 */
-397,	/* OBJ_ac_proxying                  1 3 6 1 5 5 7 1 10 */
-398,	/* OBJ_sinfo_access                 1 3 6 1 5 5 7 1 11 */
-663,	/* OBJ_proxyCertInfo                1 3 6 1 5 5 7 1 14 */
-164,	/* OBJ_id_qt_cps                    1 3 6 1 5 5 7 2 1 */
-165,	/* OBJ_id_qt_unotice                1 3 6 1 5 5 7 2 2 */
-293,	/* OBJ_textNotice                   1 3 6 1 5 5 7 2 3 */
-129,	/* OBJ_server_auth                  1 3 6 1 5 5 7 3 1 */
-130,	/* OBJ_client_auth                  1 3 6 1 5 5 7 3 2 */
-131,	/* OBJ_code_sign                    1 3 6 1 5 5 7 3 3 */
-132,	/* OBJ_email_protect                1 3 6 1 5 5 7 3 4 */
-294,	/* OBJ_ipsecEndSystem               1 3 6 1 5 5 7 3 5 */
-295,	/* OBJ_ipsecTunnel                  1 3 6 1 5 5 7 3 6 */
-296,	/* OBJ_ipsecUser                    1 3 6 1 5 5 7 3 7 */
-133,	/* OBJ_time_stamp                   1 3 6 1 5 5 7 3 8 */
-180,	/* OBJ_OCSP_sign                    1 3 6 1 5 5 7 3 9 */
-297,	/* OBJ_dvcs                         1 3 6 1 5 5 7 3 10 */
-298,	/* OBJ_id_it_caProtEncCert          1 3 6 1 5 5 7 4 1 */
-299,	/* OBJ_id_it_signKeyPairTypes       1 3 6 1 5 5 7 4 2 */
-300,	/* OBJ_id_it_encKeyPairTypes        1 3 6 1 5 5 7 4 3 */
-301,	/* OBJ_id_it_preferredSymmAlg       1 3 6 1 5 5 7 4 4 */
-302,	/* OBJ_id_it_caKeyUpdateInfo        1 3 6 1 5 5 7 4 5 */
-303,	/* OBJ_id_it_currentCRL             1 3 6 1 5 5 7 4 6 */
-304,	/* OBJ_id_it_unsupportedOIDs        1 3 6 1 5 5 7 4 7 */
-305,	/* OBJ_id_it_subscriptionRequest    1 3 6 1 5 5 7 4 8 */
-306,	/* OBJ_id_it_subscriptionResponse   1 3 6 1 5 5 7 4 9 */
-307,	/* OBJ_id_it_keyPairParamReq        1 3 6 1 5 5 7 4 10 */
-308,	/* OBJ_id_it_keyPairParamRep        1 3 6 1 5 5 7 4 11 */
-309,	/* OBJ_id_it_revPassphrase          1 3 6 1 5 5 7 4 12 */
-310,	/* OBJ_id_it_implicitConfirm        1 3 6 1 5 5 7 4 13 */
-311,	/* OBJ_id_it_confirmWaitTime        1 3 6 1 5 5 7 4 14 */
-312,	/* OBJ_id_it_origPKIMessage         1 3 6 1 5 5 7 4 15 */
-784,	/* OBJ_id_it_suppLangTags           1 3 6 1 5 5 7 4 16 */
-313,	/* OBJ_id_regCtrl                   1 3 6 1 5 5 7 5 1 */
-314,	/* OBJ_id_regInfo                   1 3 6 1 5 5 7 5 2 */
-323,	/* OBJ_id_alg_des40                 1 3 6 1 5 5 7 6 1 */
-324,	/* OBJ_id_alg_noSignature           1 3 6 1 5 5 7 6 2 */
-325,	/* OBJ_id_alg_dh_sig_hmac_sha1      1 3 6 1 5 5 7 6 3 */
-326,	/* OBJ_id_alg_dh_pop                1 3 6 1 5 5 7 6 4 */
-327,	/* OBJ_id_cmc_statusInfo            1 3 6 1 5 5 7 7 1 */
-328,	/* OBJ_id_cmc_identification        1 3 6 1 5 5 7 7 2 */
-329,	/* OBJ_id_cmc_identityProof         1 3 6 1 5 5 7 7 3 */
-330,	/* OBJ_id_cmc_dataReturn            1 3 6 1 5 5 7 7 4 */
-331,	/* OBJ_id_cmc_transactionId         1 3 6 1 5 5 7 7 5 */
-332,	/* OBJ_id_cmc_senderNonce           1 3 6 1 5 5 7 7 6 */
-333,	/* OBJ_id_cmc_recipientNonce        1 3 6 1 5 5 7 7 7 */
-334,	/* OBJ_id_cmc_addExtensions         1 3 6 1 5 5 7 7 8 */
-335,	/* OBJ_id_cmc_encryptedPOP          1 3 6 1 5 5 7 7 9 */
-336,	/* OBJ_id_cmc_decryptedPOP          1 3 6 1 5 5 7 7 10 */
-337,	/* OBJ_id_cmc_lraPOPWitness         1 3 6 1 5 5 7 7 11 */
-338,	/* OBJ_id_cmc_getCert               1 3 6 1 5 5 7 7 15 */
-339,	/* OBJ_id_cmc_getCRL                1 3 6 1 5 5 7 7 16 */
-340,	/* OBJ_id_cmc_revokeRequest         1 3 6 1 5 5 7 7 17 */
-341,	/* OBJ_id_cmc_regInfo               1 3 6 1 5 5 7 7 18 */
-342,	/* OBJ_id_cmc_responseInfo          1 3 6 1 5 5 7 7 19 */
-343,	/* OBJ_id_cmc_queryPending          1 3 6 1 5 5 7 7 21 */
-344,	/* OBJ_id_cmc_popLinkRandom         1 3 6 1 5 5 7 7 22 */
-345,	/* OBJ_id_cmc_popLinkWitness        1 3 6 1 5 5 7 7 23 */
-346,	/* OBJ_id_cmc_confirmCertAcceptance 1 3 6 1 5 5 7 7 24 */
-347,	/* OBJ_id_on_personalData           1 3 6 1 5 5 7 8 1 */
-858,	/* OBJ_id_on_permanentIdentifier    1 3 6 1 5 5 7 8 3 */
-348,	/* OBJ_id_pda_dateOfBirth           1 3 6 1 5 5 7 9 1 */
-349,	/* OBJ_id_pda_placeOfBirth          1 3 6 1 5 5 7 9 2 */
-351,	/* OBJ_id_pda_gender                1 3 6 1 5 5 7 9 3 */
-352,	/* OBJ_id_pda_countryOfCitizenship  1 3 6 1 5 5 7 9 4 */
-353,	/* OBJ_id_pda_countryOfResidence    1 3 6 1 5 5 7 9 5 */
-354,	/* OBJ_id_aca_authenticationInfo    1 3 6 1 5 5 7 10 1 */
-355,	/* OBJ_id_aca_accessIdentity        1 3 6 1 5 5 7 10 2 */
-356,	/* OBJ_id_aca_chargingIdentity      1 3 6 1 5 5 7 10 3 */
-357,	/* OBJ_id_aca_group                 1 3 6 1 5 5 7 10 4 */
-358,	/* OBJ_id_aca_role                  1 3 6 1 5 5 7 10 5 */
-399,	/* OBJ_id_aca_encAttrs              1 3 6 1 5 5 7 10 6 */
-359,	/* OBJ_id_qcs_pkixQCSyntax_v1       1 3 6 1 5 5 7 11 1 */
-360,	/* OBJ_id_cct_crs                   1 3 6 1 5 5 7 12 1 */
-361,	/* OBJ_id_cct_PKIData               1 3 6 1 5 5 7 12 2 */
-362,	/* OBJ_id_cct_PKIResponse           1 3 6 1 5 5 7 12 3 */
-664,	/* OBJ_id_ppl_anyLanguage           1 3 6 1 5 5 7 21 0 */
-665,	/* OBJ_id_ppl_inheritAll            1 3 6 1 5 5 7 21 1 */
-667,	/* OBJ_Independent                  1 3 6 1 5 5 7 21 2 */
-178,	/* OBJ_ad_OCSP                      1 3 6 1 5 5 7 48 1 */
-179,	/* OBJ_ad_ca_issuers                1 3 6 1 5 5 7 48 2 */
-363,	/* OBJ_ad_timeStamping              1 3 6 1 5 5 7 48 3 */
-364,	/* OBJ_ad_dvcs                      1 3 6 1 5 5 7 48 4 */
-785,	/* OBJ_caRepository                 1 3 6 1 5 5 7 48 5 */
-780,	/* OBJ_hmac_md5                     1 3 6 1 5 5 8 1 1 */
-781,	/* OBJ_hmac_sha1                    1 3 6 1 5 5 8 1 2 */
-58,	/* OBJ_netscape_cert_extension      2 16 840 1 113730 1 */
-59,	/* OBJ_netscape_data_type           2 16 840 1 113730 2 */
-438,	/* OBJ_pilotAttributeType           0 9 2342 19200300 100 1 */
-439,	/* OBJ_pilotAttributeSyntax         0 9 2342 19200300 100 3 */
-440,	/* OBJ_pilotObjectClass             0 9 2342 19200300 100 4 */
-441,	/* OBJ_pilotGroups                  0 9 2342 19200300 100 10 */
-108,	/* OBJ_cast5_cbc                    1 2 840 113533 7 66 10 */
-112,	/* OBJ_pbeWithMD5AndCast5_CBC       1 2 840 113533 7 66 12 */
-782,	/* OBJ_id_PasswordBasedMAC          1 2 840 113533 7 66 13 */
-783,	/* OBJ_id_DHBasedMac                1 2 840 113533 7 66 30 */
- 6,	/* OBJ_rsaEncryption                1 2 840 113549 1 1 1 */
- 7,	/* OBJ_md2WithRSAEncryption         1 2 840 113549 1 1 2 */
-396,	/* OBJ_md4WithRSAEncryption         1 2 840 113549 1 1 3 */
- 8,	/* OBJ_md5WithRSAEncryption         1 2 840 113549 1 1 4 */
-65,	/* OBJ_sha1WithRSAEncryption        1 2 840 113549 1 1 5 */
-644,	/* OBJ_rsaOAEPEncryptionSET         1 2 840 113549 1 1 6 */
-919,	/* OBJ_rsaesOaep                    1 2 840 113549 1 1 7 */
-911,	/* OBJ_mgf1                         1 2 840 113549 1 1 8 */
-935,	/* OBJ_pSpecified                   1 2 840 113549 1 1 9 */
-912,	/* OBJ_rsassaPss                    1 2 840 113549 1 1 10 */
-668,	/* OBJ_sha256WithRSAEncryption      1 2 840 113549 1 1 11 */
-669,	/* OBJ_sha384WithRSAEncryption      1 2 840 113549 1 1 12 */
-670,	/* OBJ_sha512WithRSAEncryption      1 2 840 113549 1 1 13 */
-671,	/* OBJ_sha224WithRSAEncryption      1 2 840 113549 1 1 14 */
-28,	/* OBJ_dhKeyAgreement               1 2 840 113549 1 3 1 */
- 9,	/* OBJ_pbeWithMD2AndDES_CBC         1 2 840 113549 1 5 1 */
-10,	/* OBJ_pbeWithMD5AndDES_CBC         1 2 840 113549 1 5 3 */
-168,	/* OBJ_pbeWithMD2AndRC2_CBC         1 2 840 113549 1 5 4 */
-169,	/* OBJ_pbeWithMD5AndRC2_CBC         1 2 840 113549 1 5 6 */
-170,	/* OBJ_pbeWithSHA1AndDES_CBC        1 2 840 113549 1 5 10 */
-68,	/* OBJ_pbeWithSHA1AndRC2_CBC        1 2 840 113549 1 5 11 */
-69,	/* OBJ_id_pbkdf2                    1 2 840 113549 1 5 12 */
-161,	/* OBJ_pbes2                        1 2 840 113549 1 5 13 */
-162,	/* OBJ_pbmac1                       1 2 840 113549 1 5 14 */
-21,	/* OBJ_pkcs7_data                   1 2 840 113549 1 7 1 */
-22,	/* OBJ_pkcs7_signed                 1 2 840 113549 1 7 2 */
-23,	/* OBJ_pkcs7_enveloped              1 2 840 113549 1 7 3 */
-24,	/* OBJ_pkcs7_signedAndEnveloped     1 2 840 113549 1 7 4 */
-25,	/* OBJ_pkcs7_digest                 1 2 840 113549 1 7 5 */
-26,	/* OBJ_pkcs7_encrypted              1 2 840 113549 1 7 6 */
-48,	/* OBJ_pkcs9_emailAddress           1 2 840 113549 1 9 1 */
-49,	/* OBJ_pkcs9_unstructuredName       1 2 840 113549 1 9 2 */
-50,	/* OBJ_pkcs9_contentType            1 2 840 113549 1 9 3 */
-51,	/* OBJ_pkcs9_messageDigest          1 2 840 113549 1 9 4 */
-52,	/* OBJ_pkcs9_signingTime            1 2 840 113549 1 9 5 */
-53,	/* OBJ_pkcs9_countersignature       1 2 840 113549 1 9 6 */
-54,	/* OBJ_pkcs9_challengePassword      1 2 840 113549 1 9 7 */
-55,	/* OBJ_pkcs9_unstructuredAddress    1 2 840 113549 1 9 8 */
-56,	/* OBJ_pkcs9_extCertAttributes      1 2 840 113549 1 9 9 */
-172,	/* OBJ_ext_req                      1 2 840 113549 1 9 14 */
-167,	/* OBJ_SMIMECapabilities            1 2 840 113549 1 9 15 */
-188,	/* OBJ_SMIME                        1 2 840 113549 1 9 16 */
-156,	/* OBJ_friendlyName                 1 2 840 113549 1 9 20 */
-157,	/* OBJ_localKeyID                   1 2 840 113549 1 9 21 */
-681,	/* OBJ_X9_62_onBasis                1 2 840 10045 1 2 3 1 */
-682,	/* OBJ_X9_62_tpBasis                1 2 840 10045 1 2 3 2 */
-683,	/* OBJ_X9_62_ppBasis                1 2 840 10045 1 2 3 3 */
-417,	/* OBJ_ms_csp_name                  1 3 6 1 4 1 311 17 1 */
-856,	/* OBJ_LocalKeySet                  1 3 6 1 4 1 311 17 2 */
-390,	/* OBJ_dcObject                     1 3 6 1 4 1 1466 344 */
-91,	/* OBJ_bf_cbc                       1 3 6 1 4 1 3029 1 2 */
-315,	/* OBJ_id_regCtrl_regToken          1 3 6 1 5 5 7 5 1 1 */
-316,	/* OBJ_id_regCtrl_authenticator     1 3 6 1 5 5 7 5 1 2 */
-317,	/* OBJ_id_regCtrl_pkiPublicationInfo 1 3 6 1 5 5 7 5 1 3 */
-318,	/* OBJ_id_regCtrl_pkiArchiveOptions 1 3 6 1 5 5 7 5 1 4 */
-319,	/* OBJ_id_regCtrl_oldCertID         1 3 6 1 5 5 7 5 1 5 */
-320,	/* OBJ_id_regCtrl_protocolEncrKey   1 3 6 1 5 5 7 5 1 6 */
-321,	/* OBJ_id_regInfo_utf8Pairs         1 3 6 1 5 5 7 5 2 1 */
-322,	/* OBJ_id_regInfo_certReq           1 3 6 1 5 5 7 5 2 2 */
-365,	/* OBJ_id_pkix_OCSP_basic           1 3 6 1 5 5 7 48 1 1 */
-366,	/* OBJ_id_pkix_OCSP_Nonce           1 3 6 1 5 5 7 48 1 2 */
-367,	/* OBJ_id_pkix_OCSP_CrlID           1 3 6 1 5 5 7 48 1 3 */
-368,	/* OBJ_id_pkix_OCSP_acceptableResponses 1 3 6 1 5 5 7 48 1 4 */
-369,	/* OBJ_id_pkix_OCSP_noCheck         1 3 6 1 5 5 7 48 1 5 */
-370,	/* OBJ_id_pkix_OCSP_archiveCutoff   1 3 6 1 5 5 7 48 1 6 */
-371,	/* OBJ_id_pkix_OCSP_serviceLocator  1 3 6 1 5 5 7 48 1 7 */
-372,	/* OBJ_id_pkix_OCSP_extendedStatus  1 3 6 1 5 5 7 48 1 8 */
-373,	/* OBJ_id_pkix_OCSP_valid           1 3 6 1 5 5 7 48 1 9 */
-374,	/* OBJ_id_pkix_OCSP_path            1 3 6 1 5 5 7 48 1 10 */
-375,	/* OBJ_id_pkix_OCSP_trustRoot       1 3 6 1 5 5 7 48 1 11 */
-921,	/* OBJ_brainpoolP160r1              1 3 36 3 3 2 8 1 1 1 */
-922,	/* OBJ_brainpoolP160t1              1 3 36 3 3 2 8 1 1 2 */
-923,	/* OBJ_brainpoolP192r1              1 3 36 3 3 2 8 1 1 3 */
-924,	/* OBJ_brainpoolP192t1              1 3 36 3 3 2 8 1 1 4 */
-925,	/* OBJ_brainpoolP224r1              1 3 36 3 3 2 8 1 1 5 */
-926,	/* OBJ_brainpoolP224t1              1 3 36 3 3 2 8 1 1 6 */
-927,	/* OBJ_brainpoolP256r1              1 3 36 3 3 2 8 1 1 7 */
-928,	/* OBJ_brainpoolP256t1              1 3 36 3 3 2 8 1 1 8 */
-929,	/* OBJ_brainpoolP320r1              1 3 36 3 3 2 8 1 1 9 */
-930,	/* OBJ_brainpoolP320t1              1 3 36 3 3 2 8 1 1 10 */
-931,	/* OBJ_brainpoolP384r1              1 3 36 3 3 2 8 1 1 11 */
-932,	/* OBJ_brainpoolP384t1              1 3 36 3 3 2 8 1 1 12 */
-933,	/* OBJ_brainpoolP512r1              1 3 36 3 3 2 8 1 1 13 */
-934,	/* OBJ_brainpoolP512t1              1 3 36 3 3 2 8 1 1 14 */
-936,	/* OBJ_dhSinglePass_stdDH_sha1kdf_scheme 1 3 133 16 840 63 0 2 */
-941,	/* OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme 1 3 133 16 840 63 0 3 */
-418,	/* OBJ_aes_128_ecb                  2 16 840 1 101 3 4 1 1 */
-419,	/* OBJ_aes_128_cbc                  2 16 840 1 101 3 4 1 2 */
-420,	/* OBJ_aes_128_ofb128               2 16 840 1 101 3 4 1 3 */
-421,	/* OBJ_aes_128_cfb128               2 16 840 1 101 3 4 1 4 */
-788,	/* OBJ_id_aes128_wrap               2 16 840 1 101 3 4 1 5 */
-895,	/* OBJ_aes_128_gcm                  2 16 840 1 101 3 4 1 6 */
-896,	/* OBJ_aes_128_ccm                  2 16 840 1 101 3 4 1 7 */
-897,	/* OBJ_id_aes128_wrap_pad           2 16 840 1 101 3 4 1 8 */
-422,	/* OBJ_aes_192_ecb                  2 16 840 1 101 3 4 1 21 */
-423,	/* OBJ_aes_192_cbc                  2 16 840 1 101 3 4 1 22 */
-424,	/* OBJ_aes_192_ofb128               2 16 840 1 101 3 4 1 23 */
-425,	/* OBJ_aes_192_cfb128               2 16 840 1 101 3 4 1 24 */
-789,	/* OBJ_id_aes192_wrap               2 16 840 1 101 3 4 1 25 */
-898,	/* OBJ_aes_192_gcm                  2 16 840 1 101 3 4 1 26 */
-899,	/* OBJ_aes_192_ccm                  2 16 840 1 101 3 4 1 27 */
-900,	/* OBJ_id_aes192_wrap_pad           2 16 840 1 101 3 4 1 28 */
-426,	/* OBJ_aes_256_ecb                  2 16 840 1 101 3 4 1 41 */
-427,	/* OBJ_aes_256_cbc                  2 16 840 1 101 3 4 1 42 */
-428,	/* OBJ_aes_256_ofb128               2 16 840 1 101 3 4 1 43 */
-429,	/* OBJ_aes_256_cfb128               2 16 840 1 101 3 4 1 44 */
-790,	/* OBJ_id_aes256_wrap               2 16 840 1 101 3 4 1 45 */
-901,	/* OBJ_aes_256_gcm                  2 16 840 1 101 3 4 1 46 */
-902,	/* OBJ_aes_256_ccm                  2 16 840 1 101 3 4 1 47 */
-903,	/* OBJ_id_aes256_wrap_pad           2 16 840 1 101 3 4 1 48 */
-672,	/* OBJ_sha256                       2 16 840 1 101 3 4 2 1 */
-673,	/* OBJ_sha384                       2 16 840 1 101 3 4 2 2 */
-674,	/* OBJ_sha512                       2 16 840 1 101 3 4 2 3 */
-675,	/* OBJ_sha224                       2 16 840 1 101 3 4 2 4 */
-802,	/* OBJ_dsa_with_SHA224              2 16 840 1 101 3 4 3 1 */
-803,	/* OBJ_dsa_with_SHA256              2 16 840 1 101 3 4 3 2 */
-71,	/* OBJ_netscape_cert_type           2 16 840 1 113730 1 1 */
-72,	/* OBJ_netscape_base_url            2 16 840 1 113730 1 2 */
-73,	/* OBJ_netscape_revocation_url      2 16 840 1 113730 1 3 */
-74,	/* OBJ_netscape_ca_revocation_url   2 16 840 1 113730 1 4 */
-75,	/* OBJ_netscape_renewal_url         2 16 840 1 113730 1 7 */
-76,	/* OBJ_netscape_ca_policy_url       2 16 840 1 113730 1 8 */
-77,	/* OBJ_netscape_ssl_server_name     2 16 840 1 113730 1 12 */
-78,	/* OBJ_netscape_comment             2 16 840 1 113730 1 13 */
-79,	/* OBJ_netscape_cert_sequence       2 16 840 1 113730 2 5 */
-139,	/* OBJ_ns_sgc                       2 16 840 1 113730 4 1 */
-458,	/* OBJ_userId                       0 9 2342 19200300 100 1 1 */
-459,	/* OBJ_textEncodedORAddress         0 9 2342 19200300 100 1 2 */
-460,	/* OBJ_rfc822Mailbox                0 9 2342 19200300 100 1 3 */
-461,	/* OBJ_info                         0 9 2342 19200300 100 1 4 */
-462,	/* OBJ_favouriteDrink               0 9 2342 19200300 100 1 5 */
-463,	/* OBJ_roomNumber                   0 9 2342 19200300 100 1 6 */
-464,	/* OBJ_photo                        0 9 2342 19200300 100 1 7 */
-465,	/* OBJ_userClass                    0 9 2342 19200300 100 1 8 */
-466,	/* OBJ_host                         0 9 2342 19200300 100 1 9 */
-467,	/* OBJ_manager                      0 9 2342 19200300 100 1 10 */
-468,	/* OBJ_documentIdentifier           0 9 2342 19200300 100 1 11 */
-469,	/* OBJ_documentTitle                0 9 2342 19200300 100 1 12 */
-470,	/* OBJ_documentVersion              0 9 2342 19200300 100 1 13 */
-471,	/* OBJ_documentAuthor               0 9 2342 19200300 100 1 14 */
-472,	/* OBJ_documentLocation             0 9 2342 19200300 100 1 15 */
-473,	/* OBJ_homeTelephoneNumber          0 9 2342 19200300 100 1 20 */
-474,	/* OBJ_secretary                    0 9 2342 19200300 100 1 21 */
-475,	/* OBJ_otherMailbox                 0 9 2342 19200300 100 1 22 */
-476,	/* OBJ_lastModifiedTime             0 9 2342 19200300 100 1 23 */
-477,	/* OBJ_lastModifiedBy               0 9 2342 19200300 100 1 24 */
-391,	/* OBJ_domainComponent              0 9 2342 19200300 100 1 25 */
-478,	/* OBJ_aRecord                      0 9 2342 19200300 100 1 26 */
-479,	/* OBJ_pilotAttributeType27         0 9 2342 19200300 100 1 27 */
-480,	/* OBJ_mXRecord                     0 9 2342 19200300 100 1 28 */
-481,	/* OBJ_nSRecord                     0 9 2342 19200300 100 1 29 */
-482,	/* OBJ_sOARecord                    0 9 2342 19200300 100 1 30 */
-483,	/* OBJ_cNAMERecord                  0 9 2342 19200300 100 1 31 */
-484,	/* OBJ_associatedDomain             0 9 2342 19200300 100 1 37 */
-485,	/* OBJ_associatedName               0 9 2342 19200300 100 1 38 */
-486,	/* OBJ_homePostalAddress            0 9 2342 19200300 100 1 39 */
-487,	/* OBJ_personalTitle                0 9 2342 19200300 100 1 40 */
-488,	/* OBJ_mobileTelephoneNumber        0 9 2342 19200300 100 1 41 */
-489,	/* OBJ_pagerTelephoneNumber         0 9 2342 19200300 100 1 42 */
-490,	/* OBJ_friendlyCountryName          0 9 2342 19200300 100 1 43 */
-491,	/* OBJ_organizationalStatus         0 9 2342 19200300 100 1 45 */
-492,	/* OBJ_janetMailbox                 0 9 2342 19200300 100 1 46 */
-493,	/* OBJ_mailPreferenceOption         0 9 2342 19200300 100 1 47 */
-494,	/* OBJ_buildingName                 0 9 2342 19200300 100 1 48 */
-495,	/* OBJ_dSAQuality                   0 9 2342 19200300 100 1 49 */
-496,	/* OBJ_singleLevelQuality           0 9 2342 19200300 100 1 50 */
-497,	/* OBJ_subtreeMinimumQuality        0 9 2342 19200300 100 1 51 */
-498,	/* OBJ_subtreeMaximumQuality        0 9 2342 19200300 100 1 52 */
-499,	/* OBJ_personalSignature            0 9 2342 19200300 100 1 53 */
-500,	/* OBJ_dITRedirect                  0 9 2342 19200300 100 1 54 */
-501,	/* OBJ_audio                        0 9 2342 19200300 100 1 55 */
-502,	/* OBJ_documentPublisher            0 9 2342 19200300 100 1 56 */
-442,	/* OBJ_iA5StringSyntax              0 9 2342 19200300 100 3 4 */
-443,	/* OBJ_caseIgnoreIA5StringSyntax    0 9 2342 19200300 100 3 5 */
-444,	/* OBJ_pilotObject                  0 9 2342 19200300 100 4 3 */
-445,	/* OBJ_pilotPerson                  0 9 2342 19200300 100 4 4 */
-446,	/* OBJ_account                      0 9 2342 19200300 100 4 5 */
-447,	/* OBJ_document                     0 9 2342 19200300 100 4 6 */
-448,	/* OBJ_room                         0 9 2342 19200300 100 4 7 */
-449,	/* OBJ_documentSeries               0 9 2342 19200300 100 4 9 */
-392,	/* OBJ_Domain                       0 9 2342 19200300 100 4 13 */
-450,	/* OBJ_rFC822localPart              0 9 2342 19200300 100 4 14 */
-451,	/* OBJ_dNSDomain                    0 9 2342 19200300 100 4 15 */
-452,	/* OBJ_domainRelatedObject          0 9 2342 19200300 100 4 17 */
-453,	/* OBJ_friendlyCountry              0 9 2342 19200300 100 4 18 */
-454,	/* OBJ_simpleSecurityObject         0 9 2342 19200300 100 4 19 */
-455,	/* OBJ_pilotOrganization            0 9 2342 19200300 100 4 20 */
-456,	/* OBJ_pilotDSA                     0 9 2342 19200300 100 4 21 */
-457,	/* OBJ_qualityLabelledData          0 9 2342 19200300 100 4 22 */
-189,	/* OBJ_id_smime_mod                 1 2 840 113549 1 9 16 0 */
-190,	/* OBJ_id_smime_ct                  1 2 840 113549 1 9 16 1 */
-191,	/* OBJ_id_smime_aa                  1 2 840 113549 1 9 16 2 */
-192,	/* OBJ_id_smime_alg                 1 2 840 113549 1 9 16 3 */
-193,	/* OBJ_id_smime_cd                  1 2 840 113549 1 9 16 4 */
-194,	/* OBJ_id_smime_spq                 1 2 840 113549 1 9 16 5 */
-195,	/* OBJ_id_smime_cti                 1 2 840 113549 1 9 16 6 */
-158,	/* OBJ_x509Certificate              1 2 840 113549 1 9 22 1 */
-159,	/* OBJ_sdsiCertificate              1 2 840 113549 1 9 22 2 */
-160,	/* OBJ_x509Crl                      1 2 840 113549 1 9 23 1 */
-144,	/* OBJ_pbe_WithSHA1And128BitRC4     1 2 840 113549 1 12 1 1 */
-145,	/* OBJ_pbe_WithSHA1And40BitRC4      1 2 840 113549 1 12 1 2 */
-146,	/* OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC 1 2 840 113549 1 12 1 3 */
-147,	/* OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC 1 2 840 113549 1 12 1 4 */
-148,	/* OBJ_pbe_WithSHA1And128BitRC2_CBC 1 2 840 113549 1 12 1 5 */
-149,	/* OBJ_pbe_WithSHA1And40BitRC2_CBC  1 2 840 113549 1 12 1 6 */
-171,	/* OBJ_ms_ext_req                   1 3 6 1 4 1 311 2 1 14 */
-134,	/* OBJ_ms_code_ind                  1 3 6 1 4 1 311 2 1 21 */
-135,	/* OBJ_ms_code_com                  1 3 6 1 4 1 311 2 1 22 */
-136,	/* OBJ_ms_ctl_sign                  1 3 6 1 4 1 311 10 3 1 */
-137,	/* OBJ_ms_sgc                       1 3 6 1 4 1 311 10 3 3 */
-138,	/* OBJ_ms_efs                       1 3 6 1 4 1 311 10 3 4 */
-648,	/* OBJ_ms_smartcard_login           1 3 6 1 4 1 311 20 2 2 */
-649,	/* OBJ_ms_upn                       1 3 6 1 4 1 311 20 2 3 */
-951,	/* OBJ_ct_precert_scts              1 3 6 1 4 1 11129 2 4 2 */
-952,	/* OBJ_ct_precert_poison            1 3 6 1 4 1 11129 2 4 3 */
-953,	/* OBJ_ct_precert_signer            1 3 6 1 4 1 11129 2 4 4 */
-954,	/* OBJ_ct_cert_scts                 1 3 6 1 4 1 11129 2 4 5 */
-751,	/* OBJ_camellia_128_cbc             1 2 392 200011 61 1 1 1 2 */
-752,	/* OBJ_camellia_192_cbc             1 2 392 200011 61 1 1 1 3 */
-753,	/* OBJ_camellia_256_cbc             1 2 392 200011 61 1 1 1 4 */
-907,	/* OBJ_id_camellia128_wrap          1 2 392 200011 61 1 1 3 2 */
-908,	/* OBJ_id_camellia192_wrap          1 2 392 200011 61 1 1 3 3 */
-909,	/* OBJ_id_camellia256_wrap          1 2 392 200011 61 1 1 3 4 */
-196,	/* OBJ_id_smime_mod_cms             1 2 840 113549 1 9 16 0 1 */
-197,	/* OBJ_id_smime_mod_ess             1 2 840 113549 1 9 16 0 2 */
-198,	/* OBJ_id_smime_mod_oid             1 2 840 113549 1 9 16 0 3 */
-199,	/* OBJ_id_smime_mod_msg_v3          1 2 840 113549 1 9 16 0 4 */
-200,	/* OBJ_id_smime_mod_ets_eSignature_88 1 2 840 113549 1 9 16 0 5 */
-201,	/* OBJ_id_smime_mod_ets_eSignature_97 1 2 840 113549 1 9 16 0 6 */
-202,	/* OBJ_id_smime_mod_ets_eSigPolicy_88 1 2 840 113549 1 9 16 0 7 */
-203,	/* OBJ_id_smime_mod_ets_eSigPolicy_97 1 2 840 113549 1 9 16 0 8 */
-204,	/* OBJ_id_smime_ct_receipt          1 2 840 113549 1 9 16 1 1 */
-205,	/* OBJ_id_smime_ct_authData         1 2 840 113549 1 9 16 1 2 */
-206,	/* OBJ_id_smime_ct_publishCert      1 2 840 113549 1 9 16 1 3 */
-207,	/* OBJ_id_smime_ct_TSTInfo          1 2 840 113549 1 9 16 1 4 */
-208,	/* OBJ_id_smime_ct_TDTInfo          1 2 840 113549 1 9 16 1 5 */
-209,	/* OBJ_id_smime_ct_contentInfo      1 2 840 113549 1 9 16 1 6 */
-210,	/* OBJ_id_smime_ct_DVCSRequestData  1 2 840 113549 1 9 16 1 7 */
-211,	/* OBJ_id_smime_ct_DVCSResponseData 1 2 840 113549 1 9 16 1 8 */
-786,	/* OBJ_id_smime_ct_compressedData   1 2 840 113549 1 9 16 1 9 */
-787,	/* OBJ_id_ct_asciiTextWithCRLF      1 2 840 113549 1 9 16 1 27 */
-212,	/* OBJ_id_smime_aa_receiptRequest   1 2 840 113549 1 9 16 2 1 */
-213,	/* OBJ_id_smime_aa_securityLabel    1 2 840 113549 1 9 16 2 2 */
-214,	/* OBJ_id_smime_aa_mlExpandHistory  1 2 840 113549 1 9 16 2 3 */
-215,	/* OBJ_id_smime_aa_contentHint      1 2 840 113549 1 9 16 2 4 */
-216,	/* OBJ_id_smime_aa_msgSigDigest     1 2 840 113549 1 9 16 2 5 */
-217,	/* OBJ_id_smime_aa_encapContentType 1 2 840 113549 1 9 16 2 6 */
-218,	/* OBJ_id_smime_aa_contentIdentifier 1 2 840 113549 1 9 16 2 7 */
-219,	/* OBJ_id_smime_aa_macValue         1 2 840 113549 1 9 16 2 8 */
-220,	/* OBJ_id_smime_aa_equivalentLabels 1 2 840 113549 1 9 16 2 9 */
-221,	/* OBJ_id_smime_aa_contentReference 1 2 840 113549 1 9 16 2 10 */
-222,	/* OBJ_id_smime_aa_encrypKeyPref    1 2 840 113549 1 9 16 2 11 */
-223,	/* OBJ_id_smime_aa_signingCertificate 1 2 840 113549 1 9 16 2 12 */
-224,	/* OBJ_id_smime_aa_smimeEncryptCerts 1 2 840 113549 1 9 16 2 13 */
-225,	/* OBJ_id_smime_aa_timeStampToken   1 2 840 113549 1 9 16 2 14 */
-226,	/* OBJ_id_smime_aa_ets_sigPolicyId  1 2 840 113549 1 9 16 2 15 */
-227,	/* OBJ_id_smime_aa_ets_commitmentType 1 2 840 113549 1 9 16 2 16 */
-228,	/* OBJ_id_smime_aa_ets_signerLocation 1 2 840 113549 1 9 16 2 17 */
-229,	/* OBJ_id_smime_aa_ets_signerAttr   1 2 840 113549 1 9 16 2 18 */
-230,	/* OBJ_id_smime_aa_ets_otherSigCert 1 2 840 113549 1 9 16 2 19 */
-231,	/* OBJ_id_smime_aa_ets_contentTimestamp 1 2 840 113549 1 9 16 2 20 */
-232,	/* OBJ_id_smime_aa_ets_CertificateRefs 1 2 840 113549 1 9 16 2 21 */
-233,	/* OBJ_id_smime_aa_ets_RevocationRefs 1 2 840 113549 1 9 16 2 22 */
-234,	/* OBJ_id_smime_aa_ets_certValues   1 2 840 113549 1 9 16 2 23 */
-235,	/* OBJ_id_smime_aa_ets_revocationValues 1 2 840 113549 1 9 16 2 24 */
-236,	/* OBJ_id_smime_aa_ets_escTimeStamp 1 2 840 113549 1 9 16 2 25 */
-237,	/* OBJ_id_smime_aa_ets_certCRLTimestamp 1 2 840 113549 1 9 16 2 26 */
-238,	/* OBJ_id_smime_aa_ets_archiveTimeStamp 1 2 840 113549 1 9 16 2 27 */
-239,	/* OBJ_id_smime_aa_signatureType    1 2 840 113549 1 9 16 2 28 */
-240,	/* OBJ_id_smime_aa_dvcs_dvc         1 2 840 113549 1 9 16 2 29 */
-241,	/* OBJ_id_smime_alg_ESDHwith3DES    1 2 840 113549 1 9 16 3 1 */
-242,	/* OBJ_id_smime_alg_ESDHwithRC2     1 2 840 113549 1 9 16 3 2 */
-243,	/* OBJ_id_smime_alg_3DESwrap        1 2 840 113549 1 9 16 3 3 */
-244,	/* OBJ_id_smime_alg_RC2wrap         1 2 840 113549 1 9 16 3 4 */
-245,	/* OBJ_id_smime_alg_ESDH            1 2 840 113549 1 9 16 3 5 */
-246,	/* OBJ_id_smime_alg_CMS3DESwrap     1 2 840 113549 1 9 16 3 6 */
-247,	/* OBJ_id_smime_alg_CMSRC2wrap      1 2 840 113549 1 9 16 3 7 */
-125,	/* OBJ_zlib_compression             1 2 840 113549 1 9 16 3 8 */
-893,	/* OBJ_id_alg_PWRI_KEK              1 2 840 113549 1 9 16 3 9 */
-248,	/* OBJ_id_smime_cd_ldap             1 2 840 113549 1 9 16 4 1 */
-249,	/* OBJ_id_smime_spq_ets_sqt_uri     1 2 840 113549 1 9 16 5 1 */
-250,	/* OBJ_id_smime_spq_ets_sqt_unotice 1 2 840 113549 1 9 16 5 2 */
-251,	/* OBJ_id_smime_cti_ets_proofOfOrigin 1 2 840 113549 1 9 16 6 1 */
-252,	/* OBJ_id_smime_cti_ets_proofOfReceipt 1 2 840 113549 1 9 16 6 2 */
-253,	/* OBJ_id_smime_cti_ets_proofOfDelivery 1 2 840 113549 1 9 16 6 3 */
-254,	/* OBJ_id_smime_cti_ets_proofOfSender 1 2 840 113549 1 9 16 6 4 */
-255,	/* OBJ_id_smime_cti_ets_proofOfApproval 1 2 840 113549 1 9 16 6 5 */
-256,	/* OBJ_id_smime_cti_ets_proofOfCreation 1 2 840 113549 1 9 16 6 6 */
-150,	/* OBJ_keyBag                       1 2 840 113549 1 12 10 1 1 */
-151,	/* OBJ_pkcs8ShroudedKeyBag          1 2 840 113549 1 12 10 1 2 */
-152,	/* OBJ_certBag                      1 2 840 113549 1 12 10 1 3 */
-153,	/* OBJ_crlBag                       1 2 840 113549 1 12 10 1 4 */
-154,	/* OBJ_secretBag                    1 2 840 113549 1 12 10 1 5 */
-155,	/* OBJ_safeContentsBag              1 2 840 113549 1 12 10 1 6 */
-34,	/* OBJ_idea_cbc                     1 3 6 1 4 1 188 7 1 1 2 */
-955,	/* OBJ_jurisdictionLocalityName     1 3 6 1 4 1 311 60 2 1 1 */
-956,	/* OBJ_jurisdictionStateOrProvinceName 1 3 6 1 4 1 311 60 2 1 2 */
-957,	/* OBJ_jurisdictionCountryName      1 3 6 1 4 1 311 60 2 1 3 */
-};
-
diff --git a/thirdparty/openssl/crypto/objects/obj_err.c b/thirdparty/openssl/crypto/objects/obj_err.c
deleted file mode 100644
index 238aaa59f9..0000000000
--- a/thirdparty/openssl/crypto/objects/obj_err.c
+++ /dev/null
@@ -1,100 +0,0 @@
-/* crypto/objects/obj_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/objects.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_OBJ,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_OBJ,0,reason)
-
-static ERR_STRING_DATA OBJ_str_functs[] = {
-    {ERR_FUNC(OBJ_F_OBJ_ADD_OBJECT), "OBJ_add_object"},
-    {ERR_FUNC(OBJ_F_OBJ_CREATE), "OBJ_create"},
-    {ERR_FUNC(OBJ_F_OBJ_DUP), "OBJ_dup"},
-    {ERR_FUNC(OBJ_F_OBJ_NAME_NEW_INDEX), "OBJ_NAME_new_index"},
-    {ERR_FUNC(OBJ_F_OBJ_NID2LN), "OBJ_nid2ln"},
-    {ERR_FUNC(OBJ_F_OBJ_NID2OBJ), "OBJ_nid2obj"},
-    {ERR_FUNC(OBJ_F_OBJ_NID2SN), "OBJ_nid2sn"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA OBJ_str_reasons[] = {
-    {ERR_REASON(OBJ_R_MALLOC_FAILURE), "malloc failure"},
-    {ERR_REASON(OBJ_R_UNKNOWN_NID), "unknown nid"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_OBJ_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(OBJ_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, OBJ_str_functs);
-        ERR_load_strings(0, OBJ_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/objects/obj_lib.c b/thirdparty/openssl/crypto/objects/obj_lib.c
deleted file mode 100644
index 8851baffb2..0000000000
--- a/thirdparty/openssl/crypto/objects/obj_lib.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/* crypto/objects/obj_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/objects.h>
-#include <openssl/buffer.h>
-
-ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o)
-{
-    ASN1_OBJECT *r;
-    int i;
-    char *ln = NULL, *sn = NULL;
-    unsigned char *data = NULL;
-
-    if (o == NULL)
-        return (NULL);
-    if (!(o->flags & ASN1_OBJECT_FLAG_DYNAMIC))
-        return ((ASN1_OBJECT *)o); /* XXX: ugh! Why? What kind of duplication
-                                    * is this??? */
-
-    r = ASN1_OBJECT_new();
-    if (r == NULL) {
-        OBJerr(OBJ_F_OBJ_DUP, ERR_R_ASN1_LIB);
-        return (NULL);
-    }
-    data = OPENSSL_malloc(o->length);
-    if (data == NULL)
-        goto err;
-    if (o->data != NULL)
-        memcpy(data, o->data, o->length);
-    /* once data attached to object it remains const */
-    r->data = data;
-    r->length = o->length;
-    r->nid = o->nid;
-    r->ln = r->sn = NULL;
-    if (o->ln != NULL) {
-        i = strlen(o->ln) + 1;
-        ln = OPENSSL_malloc(i);
-        if (ln == NULL)
-            goto err;
-        memcpy(ln, o->ln, i);
-        r->ln = ln;
-    }
-
-    if (o->sn != NULL) {
-        i = strlen(o->sn) + 1;
-        sn = OPENSSL_malloc(i);
-        if (sn == NULL)
-            goto err;
-        memcpy(sn, o->sn, i);
-        r->sn = sn;
-    }
-    r->flags = o->flags | (ASN1_OBJECT_FLAG_DYNAMIC |
-                           ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
-                           ASN1_OBJECT_FLAG_DYNAMIC_DATA);
-    return (r);
- err:
-    OBJerr(OBJ_F_OBJ_DUP, ERR_R_MALLOC_FAILURE);
-    if (ln != NULL)
-        OPENSSL_free(ln);
-    if (sn != NULL)
-        OPENSSL_free(sn);
-    if (data != NULL)
-        OPENSSL_free(data);
-    if (r != NULL)
-        OPENSSL_free(r);
-    return (NULL);
-}
-
-int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b)
-{
-    int ret;
-
-    ret = (a->length - b->length);
-    if (ret)
-        return (ret);
-    return (memcmp(a->data, b->data, a->length));
-}
diff --git a/thirdparty/openssl/crypto/objects/obj_mac.num b/thirdparty/openssl/crypto/objects/obj_mac.num
deleted file mode 100644
index 8e5ea83363..0000000000
--- a/thirdparty/openssl/crypto/objects/obj_mac.num
+++ /dev/null
@@ -1,957 +0,0 @@
-undef		0
-rsadsi		1
-pkcs		2
-md2		3
-md5		4
-rc4		5
-rsaEncryption		6
-md2WithRSAEncryption		7
-md5WithRSAEncryption		8
-pbeWithMD2AndDES_CBC		9
-pbeWithMD5AndDES_CBC		10
-X500		11
-X509		12
-commonName		13
-countryName		14
-localityName		15
-stateOrProvinceName		16
-organizationName		17
-organizationalUnitName		18
-rsa		19
-pkcs7		20
-pkcs7_data		21
-pkcs7_signed		22
-pkcs7_enveloped		23
-pkcs7_signedAndEnveloped		24
-pkcs7_digest		25
-pkcs7_encrypted		26
-pkcs3		27
-dhKeyAgreement		28
-des_ecb		29
-des_cfb64		30
-des_cbc		31
-des_ede_ecb		32
-des_ede3_ecb		33
-idea_cbc		34
-idea_cfb64		35
-idea_ecb		36
-rc2_cbc		37
-rc2_ecb		38
-rc2_cfb64		39
-rc2_ofb64		40
-sha		41
-shaWithRSAEncryption		42
-des_ede_cbc		43
-des_ede3_cbc		44
-des_ofb64		45
-idea_ofb64		46
-pkcs9		47
-pkcs9_emailAddress		48
-pkcs9_unstructuredName		49
-pkcs9_contentType		50
-pkcs9_messageDigest		51
-pkcs9_signingTime		52
-pkcs9_countersignature		53
-pkcs9_challengePassword		54
-pkcs9_unstructuredAddress		55
-pkcs9_extCertAttributes		56
-netscape		57
-netscape_cert_extension		58
-netscape_data_type		59
-des_ede_cfb64		60
-des_ede3_cfb64		61
-des_ede_ofb64		62
-des_ede3_ofb64		63
-sha1		64
-sha1WithRSAEncryption		65
-dsaWithSHA		66
-dsa_2		67
-pbeWithSHA1AndRC2_CBC		68
-id_pbkdf2		69
-dsaWithSHA1_2		70
-netscape_cert_type		71
-netscape_base_url		72
-netscape_revocation_url		73
-netscape_ca_revocation_url		74
-netscape_renewal_url		75
-netscape_ca_policy_url		76
-netscape_ssl_server_name		77
-netscape_comment		78
-netscape_cert_sequence		79
-desx_cbc		80
-id_ce		81
-subject_key_identifier		82
-key_usage		83
-private_key_usage_period		84
-subject_alt_name		85
-issuer_alt_name		86
-basic_constraints		87
-crl_number		88
-certificate_policies		89
-authority_key_identifier		90
-bf_cbc		91
-bf_ecb		92
-bf_cfb64		93
-bf_ofb64		94
-mdc2		95
-mdc2WithRSA		96
-rc4_40		97
-rc2_40_cbc		98
-givenName		99
-surname		100
-initials		101
-uniqueIdentifier		102
-crl_distribution_points		103
-md5WithRSA		104
-serialNumber		105
-title		106
-description		107
-cast5_cbc		108
-cast5_ecb		109
-cast5_cfb64		110
-cast5_ofb64		111
-pbeWithMD5AndCast5_CBC		112
-dsaWithSHA1		113
-md5_sha1		114
-sha1WithRSA		115
-dsa		116
-ripemd160		117
-ripemd160WithRSA		119
-rc5_cbc		120
-rc5_ecb		121
-rc5_cfb64		122
-rc5_ofb64		123
-rle_compression		124
-zlib_compression		125
-ext_key_usage		126
-id_pkix		127
-id_kp		128
-server_auth		129
-client_auth		130
-code_sign		131
-email_protect		132
-time_stamp		133
-ms_code_ind		134
-ms_code_com		135
-ms_ctl_sign		136
-ms_sgc		137
-ms_efs		138
-ns_sgc		139
-delta_crl		140
-crl_reason		141
-invalidity_date		142
-sxnet		143
-pbe_WithSHA1And128BitRC4		144
-pbe_WithSHA1And40BitRC4		145
-pbe_WithSHA1And3_Key_TripleDES_CBC		146
-pbe_WithSHA1And2_Key_TripleDES_CBC		147
-pbe_WithSHA1And128BitRC2_CBC		148
-pbe_WithSHA1And40BitRC2_CBC		149
-keyBag		150
-pkcs8ShroudedKeyBag		151
-certBag		152
-crlBag		153
-secretBag		154
-safeContentsBag		155
-friendlyName		156
-localKeyID		157
-x509Certificate		158
-sdsiCertificate		159
-x509Crl		160
-pbes2		161
-pbmac1		162
-hmacWithSHA1		163
-id_qt_cps		164
-id_qt_unotice		165
-rc2_64_cbc		166
-SMIMECapabilities		167
-pbeWithMD2AndRC2_CBC		168
-pbeWithMD5AndRC2_CBC		169
-pbeWithSHA1AndDES_CBC		170
-ms_ext_req		171
-ext_req		172
-name		173
-dnQualifier		174
-id_pe		175
-id_ad		176
-info_access		177
-ad_OCSP		178
-ad_ca_issuers		179
-OCSP_sign		180
-iso		181
-member_body		182
-ISO_US		183
-X9_57		184
-X9cm		185
-pkcs1		186
-pkcs5		187
-SMIME		188
-id_smime_mod		189
-id_smime_ct		190
-id_smime_aa		191
-id_smime_alg		192
-id_smime_cd		193
-id_smime_spq		194
-id_smime_cti		195
-id_smime_mod_cms		196
-id_smime_mod_ess		197
-id_smime_mod_oid		198
-id_smime_mod_msg_v3		199
-id_smime_mod_ets_eSignature_88		200
-id_smime_mod_ets_eSignature_97		201
-id_smime_mod_ets_eSigPolicy_88		202
-id_smime_mod_ets_eSigPolicy_97		203
-id_smime_ct_receipt		204
-id_smime_ct_authData		205
-id_smime_ct_publishCert		206
-id_smime_ct_TSTInfo		207
-id_smime_ct_TDTInfo		208
-id_smime_ct_contentInfo		209
-id_smime_ct_DVCSRequestData		210
-id_smime_ct_DVCSResponseData		211
-id_smime_aa_receiptRequest		212
-id_smime_aa_securityLabel		213
-id_smime_aa_mlExpandHistory		214
-id_smime_aa_contentHint		215
-id_smime_aa_msgSigDigest		216
-id_smime_aa_encapContentType		217
-id_smime_aa_contentIdentifier		218
-id_smime_aa_macValue		219
-id_smime_aa_equivalentLabels		220
-id_smime_aa_contentReference		221
-id_smime_aa_encrypKeyPref		222
-id_smime_aa_signingCertificate		223
-id_smime_aa_smimeEncryptCerts		224
-id_smime_aa_timeStampToken		225
-id_smime_aa_ets_sigPolicyId		226
-id_smime_aa_ets_commitmentType		227
-id_smime_aa_ets_signerLocation		228
-id_smime_aa_ets_signerAttr		229
-id_smime_aa_ets_otherSigCert		230
-id_smime_aa_ets_contentTimestamp		231
-id_smime_aa_ets_CertificateRefs		232
-id_smime_aa_ets_RevocationRefs		233
-id_smime_aa_ets_certValues		234
-id_smime_aa_ets_revocationValues		235
-id_smime_aa_ets_escTimeStamp		236
-id_smime_aa_ets_certCRLTimestamp		237
-id_smime_aa_ets_archiveTimeStamp		238
-id_smime_aa_signatureType		239
-id_smime_aa_dvcs_dvc		240
-id_smime_alg_ESDHwith3DES		241
-id_smime_alg_ESDHwithRC2		242
-id_smime_alg_3DESwrap		243
-id_smime_alg_RC2wrap		244
-id_smime_alg_ESDH		245
-id_smime_alg_CMS3DESwrap		246
-id_smime_alg_CMSRC2wrap		247
-id_smime_cd_ldap		248
-id_smime_spq_ets_sqt_uri		249
-id_smime_spq_ets_sqt_unotice		250
-id_smime_cti_ets_proofOfOrigin		251
-id_smime_cti_ets_proofOfReceipt		252
-id_smime_cti_ets_proofOfDelivery		253
-id_smime_cti_ets_proofOfSender		254
-id_smime_cti_ets_proofOfApproval		255
-id_smime_cti_ets_proofOfCreation		256
-md4		257
-id_pkix_mod		258
-id_qt		259
-id_it		260
-id_pkip		261
-id_alg		262
-id_cmc		263
-id_on		264
-id_pda		265
-id_aca		266
-id_qcs		267
-id_cct		268
-id_pkix1_explicit_88		269
-id_pkix1_implicit_88		270
-id_pkix1_explicit_93		271
-id_pkix1_implicit_93		272
-id_mod_crmf		273
-id_mod_cmc		274
-id_mod_kea_profile_88		275
-id_mod_kea_profile_93		276
-id_mod_cmp		277
-id_mod_qualified_cert_88		278
-id_mod_qualified_cert_93		279
-id_mod_attribute_cert		280
-id_mod_timestamp_protocol		281
-id_mod_ocsp		282
-id_mod_dvcs		283
-id_mod_cmp2000		284
-biometricInfo		285
-qcStatements		286
-ac_auditEntity		287
-ac_targeting		288
-aaControls		289
-sbgp_ipAddrBlock		290
-sbgp_autonomousSysNum		291
-sbgp_routerIdentifier		292
-textNotice		293
-ipsecEndSystem		294
-ipsecTunnel		295
-ipsecUser		296
-dvcs		297
-id_it_caProtEncCert		298
-id_it_signKeyPairTypes		299
-id_it_encKeyPairTypes		300
-id_it_preferredSymmAlg		301
-id_it_caKeyUpdateInfo		302
-id_it_currentCRL		303
-id_it_unsupportedOIDs		304
-id_it_subscriptionRequest		305
-id_it_subscriptionResponse		306
-id_it_keyPairParamReq		307
-id_it_keyPairParamRep		308
-id_it_revPassphrase		309
-id_it_implicitConfirm		310
-id_it_confirmWaitTime		311
-id_it_origPKIMessage		312
-id_regCtrl		313
-id_regInfo		314
-id_regCtrl_regToken		315
-id_regCtrl_authenticator		316
-id_regCtrl_pkiPublicationInfo		317
-id_regCtrl_pkiArchiveOptions		318
-id_regCtrl_oldCertID		319
-id_regCtrl_protocolEncrKey		320
-id_regInfo_utf8Pairs		321
-id_regInfo_certReq		322
-id_alg_des40		323
-id_alg_noSignature		324
-id_alg_dh_sig_hmac_sha1		325
-id_alg_dh_pop		326
-id_cmc_statusInfo		327
-id_cmc_identification		328
-id_cmc_identityProof		329
-id_cmc_dataReturn		330
-id_cmc_transactionId		331
-id_cmc_senderNonce		332
-id_cmc_recipientNonce		333
-id_cmc_addExtensions		334
-id_cmc_encryptedPOP		335
-id_cmc_decryptedPOP		336
-id_cmc_lraPOPWitness		337
-id_cmc_getCert		338
-id_cmc_getCRL		339
-id_cmc_revokeRequest		340
-id_cmc_regInfo		341
-id_cmc_responseInfo		342
-id_cmc_queryPending		343
-id_cmc_popLinkRandom		344
-id_cmc_popLinkWitness		345
-id_cmc_confirmCertAcceptance		346
-id_on_personalData		347
-id_pda_dateOfBirth		348
-id_pda_placeOfBirth		349
-id_pda_pseudonym		350
-id_pda_gender		351
-id_pda_countryOfCitizenship		352
-id_pda_countryOfResidence		353
-id_aca_authenticationInfo		354
-id_aca_accessIdentity		355
-id_aca_chargingIdentity		356
-id_aca_group		357
-id_aca_role		358
-id_qcs_pkixQCSyntax_v1		359
-id_cct_crs		360
-id_cct_PKIData		361
-id_cct_PKIResponse		362
-ad_timeStamping		363
-ad_dvcs		364
-id_pkix_OCSP_basic		365
-id_pkix_OCSP_Nonce		366
-id_pkix_OCSP_CrlID		367
-id_pkix_OCSP_acceptableResponses		368
-id_pkix_OCSP_noCheck		369
-id_pkix_OCSP_archiveCutoff		370
-id_pkix_OCSP_serviceLocator		371
-id_pkix_OCSP_extendedStatus		372
-id_pkix_OCSP_valid		373
-id_pkix_OCSP_path		374
-id_pkix_OCSP_trustRoot		375
-algorithm		376
-rsaSignature		377
-X500algorithms		378
-org		379
-dod		380
-iana		381
-Directory		382
-Management		383
-Experimental		384
-Private		385
-Security		386
-SNMPv2		387
-Mail		388
-Enterprises		389
-dcObject		390
-domainComponent		391
-Domain		392
-joint_iso_ccitt		393
-selected_attribute_types		394
-clearance		395
-md4WithRSAEncryption		396
-ac_proxying		397
-sinfo_access		398
-id_aca_encAttrs		399
-role		400
-policy_constraints		401
-target_information		402
-no_rev_avail		403
-ccitt		404
-ansi_X9_62		405
-X9_62_prime_field		406
-X9_62_characteristic_two_field		407
-X9_62_id_ecPublicKey		408
-X9_62_prime192v1		409
-X9_62_prime192v2		410
-X9_62_prime192v3		411
-X9_62_prime239v1		412
-X9_62_prime239v2		413
-X9_62_prime239v3		414
-X9_62_prime256v1		415
-ecdsa_with_SHA1		416
-ms_csp_name		417
-aes_128_ecb		418
-aes_128_cbc		419
-aes_128_ofb128		420
-aes_128_cfb128		421
-aes_192_ecb		422
-aes_192_cbc		423
-aes_192_ofb128		424
-aes_192_cfb128		425
-aes_256_ecb		426
-aes_256_cbc		427
-aes_256_ofb128		428
-aes_256_cfb128		429
-hold_instruction_code		430
-hold_instruction_none		431
-hold_instruction_call_issuer		432
-hold_instruction_reject		433
-data		434
-pss		435
-ucl		436
-pilot		437
-pilotAttributeType		438
-pilotAttributeSyntax		439
-pilotObjectClass		440
-pilotGroups		441
-iA5StringSyntax		442
-caseIgnoreIA5StringSyntax		443
-pilotObject		444
-pilotPerson		445
-account		446
-document		447
-room		448
-documentSeries		449
-rFC822localPart		450
-dNSDomain		451
-domainRelatedObject		452
-friendlyCountry		453
-simpleSecurityObject		454
-pilotOrganization		455
-pilotDSA		456
-qualityLabelledData		457
-userId		458
-textEncodedORAddress		459
-rfc822Mailbox		460
-info		461
-favouriteDrink		462
-roomNumber		463
-photo		464
-userClass		465
-host		466
-manager		467
-documentIdentifier		468
-documentTitle		469
-documentVersion		470
-documentAuthor		471
-documentLocation		472
-homeTelephoneNumber		473
-secretary		474
-otherMailbox		475
-lastModifiedTime		476
-lastModifiedBy		477
-aRecord		478
-pilotAttributeType27		479
-mXRecord		480
-nSRecord		481
-sOARecord		482
-cNAMERecord		483
-associatedDomain		484
-associatedName		485
-homePostalAddress		486
-personalTitle		487
-mobileTelephoneNumber		488
-pagerTelephoneNumber		489
-friendlyCountryName		490
-organizationalStatus		491
-janetMailbox		492
-mailPreferenceOption		493
-buildingName		494
-dSAQuality		495
-singleLevelQuality		496
-subtreeMinimumQuality		497
-subtreeMaximumQuality		498
-personalSignature		499
-dITRedirect		500
-audio		501
-documentPublisher		502
-x500UniqueIdentifier		503
-mime_mhs		504
-mime_mhs_headings		505
-mime_mhs_bodies		506
-id_hex_partial_message		507
-id_hex_multipart_message		508
-generationQualifier		509
-pseudonym		510
-InternationalRA		511
-id_set		512
-set_ctype		513
-set_msgExt		514
-set_attr		515
-set_policy		516
-set_certExt		517
-set_brand		518
-setct_PANData		519
-setct_PANToken		520
-setct_PANOnly		521
-setct_OIData		522
-setct_PI		523
-setct_PIData		524
-setct_PIDataUnsigned		525
-setct_HODInput		526
-setct_AuthResBaggage		527
-setct_AuthRevReqBaggage		528
-setct_AuthRevResBaggage		529
-setct_CapTokenSeq		530
-setct_PInitResData		531
-setct_PI_TBS		532
-setct_PResData		533
-setct_AuthReqTBS		534
-setct_AuthResTBS		535
-setct_AuthResTBSX		536
-setct_AuthTokenTBS		537
-setct_CapTokenData		538
-setct_CapTokenTBS		539
-setct_AcqCardCodeMsg		540
-setct_AuthRevReqTBS		541
-setct_AuthRevResData		542
-setct_AuthRevResTBS		543
-setct_CapReqTBS		544
-setct_CapReqTBSX		545
-setct_CapResData		546
-setct_CapRevReqTBS		547
-setct_CapRevReqTBSX		548
-setct_CapRevResData		549
-setct_CredReqTBS		550
-setct_CredReqTBSX		551
-setct_CredResData		552
-setct_CredRevReqTBS		553
-setct_CredRevReqTBSX		554
-setct_CredRevResData		555
-setct_PCertReqData		556
-setct_PCertResTBS		557
-setct_BatchAdminReqData		558
-setct_BatchAdminResData		559
-setct_CardCInitResTBS		560
-setct_MeAqCInitResTBS		561
-setct_RegFormResTBS		562
-setct_CertReqData		563
-setct_CertReqTBS		564
-setct_CertResData		565
-setct_CertInqReqTBS		566
-setct_ErrorTBS		567
-setct_PIDualSignedTBE		568
-setct_PIUnsignedTBE		569
-setct_AuthReqTBE		570
-setct_AuthResTBE		571
-setct_AuthResTBEX		572
-setct_AuthTokenTBE		573
-setct_CapTokenTBE		574
-setct_CapTokenTBEX		575
-setct_AcqCardCodeMsgTBE		576
-setct_AuthRevReqTBE		577
-setct_AuthRevResTBE		578
-setct_AuthRevResTBEB		579
-setct_CapReqTBE		580
-setct_CapReqTBEX		581
-setct_CapResTBE		582
-setct_CapRevReqTBE		583
-setct_CapRevReqTBEX		584
-setct_CapRevResTBE		585
-setct_CredReqTBE		586
-setct_CredReqTBEX		587
-setct_CredResTBE		588
-setct_CredRevReqTBE		589
-setct_CredRevReqTBEX		590
-setct_CredRevResTBE		591
-setct_BatchAdminReqTBE		592
-setct_BatchAdminResTBE		593
-setct_RegFormReqTBE		594
-setct_CertReqTBE		595
-setct_CertReqTBEX		596
-setct_CertResTBE		597
-setct_CRLNotificationTBS		598
-setct_CRLNotificationResTBS		599
-setct_BCIDistributionTBS		600
-setext_genCrypt		601
-setext_miAuth		602
-setext_pinSecure		603
-setext_pinAny		604
-setext_track2		605
-setext_cv		606
-set_policy_root		607
-setCext_hashedRoot		608
-setCext_certType		609
-setCext_merchData		610
-setCext_cCertRequired		611
-setCext_tunneling		612
-setCext_setExt		613
-setCext_setQualf		614
-setCext_PGWYcapabilities		615
-setCext_TokenIdentifier		616
-setCext_Track2Data		617
-setCext_TokenType		618
-setCext_IssuerCapabilities		619
-setAttr_Cert		620
-setAttr_PGWYcap		621
-setAttr_TokenType		622
-setAttr_IssCap		623
-set_rootKeyThumb		624
-set_addPolicy		625
-setAttr_Token_EMV		626
-setAttr_Token_B0Prime		627
-setAttr_IssCap_CVM		628
-setAttr_IssCap_T2		629
-setAttr_IssCap_Sig		630
-setAttr_GenCryptgrm		631
-setAttr_T2Enc		632
-setAttr_T2cleartxt		633
-setAttr_TokICCsig		634
-setAttr_SecDevSig		635
-set_brand_IATA_ATA		636
-set_brand_Diners		637
-set_brand_AmericanExpress		638
-set_brand_JCB		639
-set_brand_Visa		640
-set_brand_MasterCard		641
-set_brand_Novus		642
-des_cdmf		643
-rsaOAEPEncryptionSET		644
-itu_t		645
-joint_iso_itu_t		646
-international_organizations		647
-ms_smartcard_login		648
-ms_upn		649
-aes_128_cfb1		650
-aes_192_cfb1		651
-aes_256_cfb1		652
-aes_128_cfb8		653
-aes_192_cfb8		654
-aes_256_cfb8		655
-des_cfb1		656
-des_cfb8		657
-des_ede3_cfb1		658
-des_ede3_cfb8		659
-streetAddress		660
-postalCode		661
-id_ppl		662
-proxyCertInfo		663
-id_ppl_anyLanguage		664
-id_ppl_inheritAll		665
-name_constraints		666
-Independent		667
-sha256WithRSAEncryption		668
-sha384WithRSAEncryption		669
-sha512WithRSAEncryption		670
-sha224WithRSAEncryption		671
-sha256		672
-sha384		673
-sha512		674
-sha224		675
-identified_organization		676
-certicom_arc		677
-wap		678
-wap_wsg		679
-X9_62_id_characteristic_two_basis		680
-X9_62_onBasis		681
-X9_62_tpBasis		682
-X9_62_ppBasis		683
-X9_62_c2pnb163v1		684
-X9_62_c2pnb163v2		685
-X9_62_c2pnb163v3		686
-X9_62_c2pnb176v1		687
-X9_62_c2tnb191v1		688
-X9_62_c2tnb191v2		689
-X9_62_c2tnb191v3		690
-X9_62_c2onb191v4		691
-X9_62_c2onb191v5		692
-X9_62_c2pnb208w1		693
-X9_62_c2tnb239v1		694
-X9_62_c2tnb239v2		695
-X9_62_c2tnb239v3		696
-X9_62_c2onb239v4		697
-X9_62_c2onb239v5		698
-X9_62_c2pnb272w1		699
-X9_62_c2pnb304w1		700
-X9_62_c2tnb359v1		701
-X9_62_c2pnb368w1		702
-X9_62_c2tnb431r1		703
-secp112r1		704
-secp112r2		705
-secp128r1		706
-secp128r2		707
-secp160k1		708
-secp160r1		709
-secp160r2		710
-secp192k1		711
-secp224k1		712
-secp224r1		713
-secp256k1		714
-secp384r1		715
-secp521r1		716
-sect113r1		717
-sect113r2		718
-sect131r1		719
-sect131r2		720
-sect163k1		721
-sect163r1		722
-sect163r2		723
-sect193r1		724
-sect193r2		725
-sect233k1		726
-sect233r1		727
-sect239k1		728
-sect283k1		729
-sect283r1		730
-sect409k1		731
-sect409r1		732
-sect571k1		733
-sect571r1		734
-wap_wsg_idm_ecid_wtls1		735
-wap_wsg_idm_ecid_wtls3		736
-wap_wsg_idm_ecid_wtls4		737
-wap_wsg_idm_ecid_wtls5		738
-wap_wsg_idm_ecid_wtls6		739
-wap_wsg_idm_ecid_wtls7		740
-wap_wsg_idm_ecid_wtls8		741
-wap_wsg_idm_ecid_wtls9		742
-wap_wsg_idm_ecid_wtls10		743
-wap_wsg_idm_ecid_wtls11		744
-wap_wsg_idm_ecid_wtls12		745
-any_policy		746
-policy_mappings		747
-inhibit_any_policy		748
-ipsec3		749
-ipsec4		750
-camellia_128_cbc		751
-camellia_192_cbc		752
-camellia_256_cbc		753
-camellia_128_ecb		754
-camellia_192_ecb		755
-camellia_256_ecb		756
-camellia_128_cfb128		757
-camellia_192_cfb128		758
-camellia_256_cfb128		759
-camellia_128_cfb1		760
-camellia_192_cfb1		761
-camellia_256_cfb1		762
-camellia_128_cfb8		763
-camellia_192_cfb8		764
-camellia_256_cfb8		765
-camellia_128_ofb128		766
-camellia_192_ofb128		767
-camellia_256_ofb128		768
-subject_directory_attributes		769
-issuing_distribution_point		770
-certificate_issuer		771
-korea		772
-kisa		773
-kftc		774
-npki_alg		775
-seed_ecb		776
-seed_cbc		777
-seed_ofb128		778
-seed_cfb128		779
-hmac_md5		780
-hmac_sha1		781
-id_PasswordBasedMAC		782
-id_DHBasedMac		783
-id_it_suppLangTags		784
-caRepository		785
-id_smime_ct_compressedData		786
-id_ct_asciiTextWithCRLF		787
-id_aes128_wrap		788
-id_aes192_wrap		789
-id_aes256_wrap		790
-ecdsa_with_Recommended		791
-ecdsa_with_Specified		792
-ecdsa_with_SHA224		793
-ecdsa_with_SHA256		794
-ecdsa_with_SHA384		795
-ecdsa_with_SHA512		796
-hmacWithMD5		797
-hmacWithSHA224		798
-hmacWithSHA256		799
-hmacWithSHA384		800
-hmacWithSHA512		801
-dsa_with_SHA224		802
-dsa_with_SHA256		803
-whirlpool		804
-cryptopro		805
-cryptocom		806
-id_GostR3411_94_with_GostR3410_2001		807
-id_GostR3411_94_with_GostR3410_94		808
-id_GostR3411_94		809
-id_HMACGostR3411_94		810
-id_GostR3410_2001		811
-id_GostR3410_94		812
-id_Gost28147_89		813
-gost89_cnt		814
-id_Gost28147_89_MAC		815
-id_GostR3411_94_prf		816
-id_GostR3410_2001DH		817
-id_GostR3410_94DH		818
-id_Gost28147_89_CryptoPro_KeyMeshing		819
-id_Gost28147_89_None_KeyMeshing		820
-id_GostR3411_94_TestParamSet		821
-id_GostR3411_94_CryptoProParamSet		822
-id_Gost28147_89_TestParamSet		823
-id_Gost28147_89_CryptoPro_A_ParamSet		824
-id_Gost28147_89_CryptoPro_B_ParamSet		825
-id_Gost28147_89_CryptoPro_C_ParamSet		826
-id_Gost28147_89_CryptoPro_D_ParamSet		827
-id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet		828
-id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet		829
-id_Gost28147_89_CryptoPro_RIC_1_ParamSet		830
-id_GostR3410_94_TestParamSet		831
-id_GostR3410_94_CryptoPro_A_ParamSet		832
-id_GostR3410_94_CryptoPro_B_ParamSet		833
-id_GostR3410_94_CryptoPro_C_ParamSet		834
-id_GostR3410_94_CryptoPro_D_ParamSet		835
-id_GostR3410_94_CryptoPro_XchA_ParamSet		836
-id_GostR3410_94_CryptoPro_XchB_ParamSet		837
-id_GostR3410_94_CryptoPro_XchC_ParamSet		838
-id_GostR3410_2001_TestParamSet		839
-id_GostR3410_2001_CryptoPro_A_ParamSet		840
-id_GostR3410_2001_CryptoPro_B_ParamSet		841
-id_GostR3410_2001_CryptoPro_C_ParamSet		842
-id_GostR3410_2001_CryptoPro_XchA_ParamSet		843
-id_GostR3410_2001_CryptoPro_XchB_ParamSet		844
-id_GostR3410_94_a		845
-id_GostR3410_94_aBis		846
-id_GostR3410_94_b		847
-id_GostR3410_94_bBis		848
-id_Gost28147_89_cc		849
-id_GostR3410_94_cc		850
-id_GostR3410_2001_cc		851
-id_GostR3411_94_with_GostR3410_94_cc		852
-id_GostR3411_94_with_GostR3410_2001_cc		853
-id_GostR3410_2001_ParamSet_cc		854
-hmac		855
-LocalKeySet		856
-freshest_crl		857
-id_on_permanentIdentifier		858
-searchGuide		859
-businessCategory		860
-postalAddress		861
-postOfficeBox		862
-physicalDeliveryOfficeName		863
-telephoneNumber		864
-telexNumber		865
-teletexTerminalIdentifier		866
-facsimileTelephoneNumber		867
-x121Address		868
-internationaliSDNNumber		869
-registeredAddress		870
-destinationIndicator		871
-preferredDeliveryMethod		872
-presentationAddress		873
-supportedApplicationContext		874
-member		875
-owner		876
-roleOccupant		877
-seeAlso		878
-userPassword		879
-userCertificate		880
-cACertificate		881
-authorityRevocationList		882
-certificateRevocationList		883
-crossCertificatePair		884
-enhancedSearchGuide		885
-protocolInformation		886
-distinguishedName		887
-uniqueMember		888
-houseIdentifier		889
-supportedAlgorithms		890
-deltaRevocationList		891
-dmdName		892
-id_alg_PWRI_KEK		893
-cmac		894
-aes_128_gcm		895
-aes_128_ccm		896
-id_aes128_wrap_pad		897
-aes_192_gcm		898
-aes_192_ccm		899
-id_aes192_wrap_pad		900
-aes_256_gcm		901
-aes_256_ccm		902
-id_aes256_wrap_pad		903
-aes_128_ctr		904
-aes_192_ctr		905
-aes_256_ctr		906
-id_camellia128_wrap		907
-id_camellia192_wrap		908
-id_camellia256_wrap		909
-anyExtendedKeyUsage		910
-mgf1		911
-rsassaPss		912
-aes_128_xts		913
-aes_256_xts		914
-rc4_hmac_md5		915
-aes_128_cbc_hmac_sha1		916
-aes_192_cbc_hmac_sha1		917
-aes_256_cbc_hmac_sha1		918
-rsaesOaep		919
-dhpublicnumber		920
-brainpoolP160r1		921
-brainpoolP160t1		922
-brainpoolP192r1		923
-brainpoolP192t1		924
-brainpoolP224r1		925
-brainpoolP224t1		926
-brainpoolP256r1		927
-brainpoolP256t1		928
-brainpoolP320r1		929
-brainpoolP320t1		930
-brainpoolP384r1		931
-brainpoolP384t1		932
-brainpoolP512r1		933
-brainpoolP512t1		934
-pSpecified		935
-dhSinglePass_stdDH_sha1kdf_scheme		936
-dhSinglePass_stdDH_sha224kdf_scheme		937
-dhSinglePass_stdDH_sha256kdf_scheme		938
-dhSinglePass_stdDH_sha384kdf_scheme		939
-dhSinglePass_stdDH_sha512kdf_scheme		940
-dhSinglePass_cofactorDH_sha1kdf_scheme		941
-dhSinglePass_cofactorDH_sha224kdf_scheme		942
-dhSinglePass_cofactorDH_sha256kdf_scheme		943
-dhSinglePass_cofactorDH_sha384kdf_scheme		944
-dhSinglePass_cofactorDH_sha512kdf_scheme		945
-dh_std_kdf		946
-dh_cofactor_kdf		947
-aes_128_cbc_hmac_sha256		948
-aes_192_cbc_hmac_sha256		949
-aes_256_cbc_hmac_sha256		950
-ct_precert_scts		951
-ct_precert_poison		952
-ct_precert_signer		953
-ct_cert_scts		954
-jurisdictionLocalityName		955
-jurisdictionStateOrProvinceName		956
-jurisdictionCountryName		957
diff --git a/thirdparty/openssl/crypto/objects/obj_xref.c b/thirdparty/openssl/crypto/objects/obj_xref.c
deleted file mode 100644
index 97b305d213..0000000000
--- a/thirdparty/openssl/crypto/objects/obj_xref.c
+++ /dev/null
@@ -1,222 +0,0 @@
-/* crypto/objects/obj_xref.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/objects.h>
-#include "obj_xref.h"
-
-DECLARE_STACK_OF(nid_triple)
-STACK_OF(nid_triple) *sig_app, *sigx_app;
-
-static int sig_cmp(const nid_triple *a, const nid_triple *b)
-{
-    return a->sign_id - b->sign_id;
-}
-
-DECLARE_OBJ_BSEARCH_CMP_FN(nid_triple, nid_triple, sig);
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(nid_triple, nid_triple, sig);
-
-static int sig_sk_cmp(const nid_triple *const *a, const nid_triple *const *b)
-{
-    return (*a)->sign_id - (*b)->sign_id;
-}
-
-DECLARE_OBJ_BSEARCH_CMP_FN(const nid_triple *, const nid_triple *, sigx);
-
-static int sigx_cmp(const nid_triple *const *a, const nid_triple *const *b)
-{
-    int ret;
-    ret = (*a)->hash_id - (*b)->hash_id;
-    if (ret)
-        return ret;
-    return (*a)->pkey_id - (*b)->pkey_id;
-}
-
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(const nid_triple *, const nid_triple *, sigx);
-
-int OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid)
-{
-    nid_triple tmp;
-    const nid_triple *rv = NULL;
-    tmp.sign_id = signid;
-
-    if (sig_app) {
-        int idx = sk_nid_triple_find(sig_app, &tmp);
-        if (idx >= 0)
-            rv = sk_nid_triple_value(sig_app, idx);
-    }
-#ifndef OBJ_XREF_TEST2
-    if (rv == NULL) {
-        rv = OBJ_bsearch_sig(&tmp, sigoid_srt,
-                             sizeof(sigoid_srt) / sizeof(nid_triple));
-    }
-#endif
-    if (rv == NULL)
-        return 0;
-    if (pdig_nid)
-        *pdig_nid = rv->hash_id;
-    if (ppkey_nid)
-        *ppkey_nid = rv->pkey_id;
-    return 1;
-}
-
-int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid)
-{
-    nid_triple tmp;
-    const nid_triple *t = &tmp;
-    const nid_triple **rv = NULL;
-
-    tmp.hash_id = dig_nid;
-    tmp.pkey_id = pkey_nid;
-
-    if (sigx_app) {
-        int idx = sk_nid_triple_find(sigx_app, &tmp);
-        if (idx >= 0) {
-            t = sk_nid_triple_value(sigx_app, idx);
-            rv = &t;
-        }
-    }
-#ifndef OBJ_XREF_TEST2
-    if (rv == NULL) {
-        rv = OBJ_bsearch_sigx(&t, sigoid_srt_xref,
-                              sizeof(sigoid_srt_xref) / sizeof(nid_triple *)
-            );
-    }
-#endif
-    if (rv == NULL)
-        return 0;
-    if (psignid)
-        *psignid = (*rv)->sign_id;
-    return 1;
-}
-
-int OBJ_add_sigid(int signid, int dig_id, int pkey_id)
-{
-    nid_triple *ntr;
-    if (!sig_app)
-        sig_app = sk_nid_triple_new(sig_sk_cmp);
-    if (!sig_app)
-        return 0;
-    if (!sigx_app)
-        sigx_app = sk_nid_triple_new(sigx_cmp);
-    if (!sigx_app)
-        return 0;
-    ntr = OPENSSL_malloc(sizeof(int) * 3);
-    if (!ntr)
-        return 0;
-    ntr->sign_id = signid;
-    ntr->hash_id = dig_id;
-    ntr->pkey_id = pkey_id;
-
-    if (!sk_nid_triple_push(sig_app, ntr)) {
-        OPENSSL_free(ntr);
-        return 0;
-    }
-
-    if (!sk_nid_triple_push(sigx_app, ntr))
-        return 0;
-
-    sk_nid_triple_sort(sig_app);
-    sk_nid_triple_sort(sigx_app);
-
-    return 1;
-}
-
-static void sid_free(nid_triple *tt)
-{
-    OPENSSL_free(tt);
-}
-
-void OBJ_sigid_free(void)
-{
-    if (sig_app) {
-        sk_nid_triple_pop_free(sig_app, sid_free);
-        sig_app = NULL;
-    }
-    if (sigx_app) {
-        sk_nid_triple_free(sigx_app);
-        sigx_app = NULL;
-    }
-}
-
-#ifdef OBJ_XREF_TEST
-
-main()
-{
-    int n1, n2, n3;
-
-    int i, rv;
-# ifdef OBJ_XREF_TEST2
-    for (i = 0; i < sizeof(sigoid_srt) / sizeof(nid_triple); i++) {
-        OBJ_add_sigid(sigoid_srt[i][0], sigoid_srt[i][1], sigoid_srt[i][2]);
-    }
-# endif
-
-    for (i = 0; i < sizeof(sigoid_srt) / sizeof(nid_triple); i++) {
-        n1 = sigoid_srt[i][0];
-        rv = OBJ_find_sigid_algs(n1, &n2, &n3);
-        printf("Forward: %d, %s %s %s\n", rv,
-               OBJ_nid2ln(n1), OBJ_nid2ln(n2), OBJ_nid2ln(n3));
-        n1 = 0;
-        rv = OBJ_find_sigid_by_algs(&n1, n2, n3);
-        printf("Reverse: %d, %s %s %s\n", rv,
-               OBJ_nid2ln(n1), OBJ_nid2ln(n2), OBJ_nid2ln(n3));
-    }
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/objects/obj_xref.h b/thirdparty/openssl/crypto/objects/obj_xref.h
deleted file mode 100644
index e453e99f83..0000000000
--- a/thirdparty/openssl/crypto/objects/obj_xref.h
+++ /dev/null
@@ -1,99 +0,0 @@
-/* AUTOGENERATED BY objxref.pl, DO NOT EDIT */
-
-typedef struct {
-    int sign_id;
-    int hash_id;
-    int pkey_id;
-} nid_triple;
-
-static const nid_triple sigoid_srt[] = {
-    {NID_md2WithRSAEncryption, NID_md2, NID_rsaEncryption},
-    {NID_md5WithRSAEncryption, NID_md5, NID_rsaEncryption},
-    {NID_shaWithRSAEncryption, NID_sha, NID_rsaEncryption},
-    {NID_sha1WithRSAEncryption, NID_sha1, NID_rsaEncryption},
-    {NID_dsaWithSHA, NID_sha, NID_dsa},
-    {NID_dsaWithSHA1_2, NID_sha1, NID_dsa_2},
-    {NID_mdc2WithRSA, NID_mdc2, NID_rsaEncryption},
-    {NID_md5WithRSA, NID_md5, NID_rsa},
-    {NID_dsaWithSHA1, NID_sha1, NID_dsa},
-    {NID_sha1WithRSA, NID_sha1, NID_rsa},
-    {NID_ripemd160WithRSA, NID_ripemd160, NID_rsaEncryption},
-    {NID_md4WithRSAEncryption, NID_md4, NID_rsaEncryption},
-    {NID_ecdsa_with_SHA1, NID_sha1, NID_X9_62_id_ecPublicKey},
-    {NID_sha256WithRSAEncryption, NID_sha256, NID_rsaEncryption},
-    {NID_sha384WithRSAEncryption, NID_sha384, NID_rsaEncryption},
-    {NID_sha512WithRSAEncryption, NID_sha512, NID_rsaEncryption},
-    {NID_sha224WithRSAEncryption, NID_sha224, NID_rsaEncryption},
-    {NID_ecdsa_with_Recommended, NID_undef, NID_X9_62_id_ecPublicKey},
-    {NID_ecdsa_with_Specified, NID_undef, NID_X9_62_id_ecPublicKey},
-    {NID_ecdsa_with_SHA224, NID_sha224, NID_X9_62_id_ecPublicKey},
-    {NID_ecdsa_with_SHA256, NID_sha256, NID_X9_62_id_ecPublicKey},
-    {NID_ecdsa_with_SHA384, NID_sha384, NID_X9_62_id_ecPublicKey},
-    {NID_ecdsa_with_SHA512, NID_sha512, NID_X9_62_id_ecPublicKey},
-    {NID_dsa_with_SHA224, NID_sha224, NID_dsa},
-    {NID_dsa_with_SHA256, NID_sha256, NID_dsa},
-    {NID_id_GostR3411_94_with_GostR3410_2001, NID_id_GostR3411_94,
-     NID_id_GostR3410_2001},
-    {NID_id_GostR3411_94_with_GostR3410_94, NID_id_GostR3411_94,
-     NID_id_GostR3410_94},
-    {NID_id_GostR3411_94_with_GostR3410_94_cc, NID_id_GostR3411_94,
-     NID_id_GostR3410_94_cc},
-    {NID_id_GostR3411_94_with_GostR3410_2001_cc, NID_id_GostR3411_94,
-     NID_id_GostR3410_2001_cc},
-    {NID_rsassaPss, NID_undef, NID_rsaEncryption},
-    {NID_dhSinglePass_stdDH_sha1kdf_scheme, NID_sha1, NID_dh_std_kdf},
-    {NID_dhSinglePass_stdDH_sha224kdf_scheme, NID_sha224, NID_dh_std_kdf},
-    {NID_dhSinglePass_stdDH_sha256kdf_scheme, NID_sha256, NID_dh_std_kdf},
-    {NID_dhSinglePass_stdDH_sha384kdf_scheme, NID_sha384, NID_dh_std_kdf},
-    {NID_dhSinglePass_stdDH_sha512kdf_scheme, NID_sha512, NID_dh_std_kdf},
-    {NID_dhSinglePass_cofactorDH_sha1kdf_scheme, NID_sha1,
-     NID_dh_cofactor_kdf},
-    {NID_dhSinglePass_cofactorDH_sha224kdf_scheme, NID_sha224,
-     NID_dh_cofactor_kdf},
-    {NID_dhSinglePass_cofactorDH_sha256kdf_scheme, NID_sha256,
-     NID_dh_cofactor_kdf},
-    {NID_dhSinglePass_cofactorDH_sha384kdf_scheme, NID_sha384,
-     NID_dh_cofactor_kdf},
-    {NID_dhSinglePass_cofactorDH_sha512kdf_scheme, NID_sha512,
-     NID_dh_cofactor_kdf},
-};
-
-static const nid_triple *const sigoid_srt_xref[] = {
-    &sigoid_srt[0],
-    &sigoid_srt[1],
-    &sigoid_srt[7],
-    &sigoid_srt[2],
-    &sigoid_srt[4],
-    &sigoid_srt[3],
-    &sigoid_srt[9],
-    &sigoid_srt[5],
-    &sigoid_srt[8],
-    &sigoid_srt[12],
-    &sigoid_srt[30],
-    &sigoid_srt[35],
-    &sigoid_srt[6],
-    &sigoid_srt[10],
-    &sigoid_srt[11],
-    &sigoid_srt[13],
-    &sigoid_srt[24],
-    &sigoid_srt[20],
-    &sigoid_srt[32],
-    &sigoid_srt[37],
-    &sigoid_srt[14],
-    &sigoid_srt[21],
-    &sigoid_srt[33],
-    &sigoid_srt[38],
-    &sigoid_srt[15],
-    &sigoid_srt[22],
-    &sigoid_srt[34],
-    &sigoid_srt[39],
-    &sigoid_srt[16],
-    &sigoid_srt[23],
-    &sigoid_srt[19],
-    &sigoid_srt[31],
-    &sigoid_srt[36],
-    &sigoid_srt[25],
-    &sigoid_srt[26],
-    &sigoid_srt[27],
-    &sigoid_srt[28],
-};
diff --git a/thirdparty/openssl/crypto/objects/obj_xref.txt b/thirdparty/openssl/crypto/objects/obj_xref.txt
deleted file mode 100644
index 19c94226b2..0000000000
--- a/thirdparty/openssl/crypto/objects/obj_xref.txt
+++ /dev/null
@@ -1,58 +0,0 @@
-# OID cross reference table.
-# Links signatures OIDs to their corresponding public key algorithms
-# and digests.
-
-md2WithRSAEncryption	md2	rsaEncryption
-md5WithRSAEncryption	md5	rsaEncryption
-shaWithRSAEncryption	sha	rsaEncryption
-sha1WithRSAEncryption	sha1	rsaEncryption
-md4WithRSAEncryption	md4	rsaEncryption
-sha256WithRSAEncryption sha256	rsaEncryption
-sha384WithRSAEncryption	sha384	rsaEncryption
-sha512WithRSAEncryption	sha512	rsaEncryption
-sha224WithRSAEncryption	sha224	rsaEncryption
-mdc2WithRSA		mdc2	rsaEncryption
-ripemd160WithRSA	ripemd160 rsaEncryption
-# For PSS the digest algorithm can vary and depends on the included
-# AlgorithmIdentifier. The digest "undef" indicates the public key
-# method should handle this explicitly.
-rsassaPss		undef	rsaEncryption
-
-# Alternative deprecated OIDs. By using the older "rsa" OID this
-# type will be recognized by not normally used.
-
-md5WithRSA		md5	rsa
-sha1WithRSA		sha1	rsa
-
-dsaWithSHA		sha	dsa
-dsaWithSHA1		sha1	dsa
-
-dsaWithSHA1_2		sha1	dsa_2
-
-ecdsa_with_SHA1		sha1	X9_62_id_ecPublicKey
-ecdsa_with_SHA224	sha224	X9_62_id_ecPublicKey
-ecdsa_with_SHA256	sha256	X9_62_id_ecPublicKey
-ecdsa_with_SHA384	sha384	X9_62_id_ecPublicKey
-ecdsa_with_SHA512	sha512	X9_62_id_ecPublicKey
-ecdsa_with_Recommended	undef	X9_62_id_ecPublicKey
-ecdsa_with_Specified	undef	X9_62_id_ecPublicKey
-
-dsa_with_SHA224		sha224	dsa
-dsa_with_SHA256		sha256	dsa
-
-id_GostR3411_94_with_GostR3410_2001	id_GostR3411_94 id_GostR3410_2001
-id_GostR3411_94_with_GostR3410_94	id_GostR3411_94 id_GostR3410_94
-id_GostR3411_94_with_GostR3410_94_cc	id_GostR3411_94 id_GostR3410_94_cc
-id_GostR3411_94_with_GostR3410_2001_cc	id_GostR3411_94 id_GostR3410_2001_cc
-# ECDH KDFs and their corresponding message digests and schemes
-dhSinglePass_stdDH_sha1kdf_scheme		sha1	dh_std_kdf
-dhSinglePass_stdDH_sha224kdf_scheme		sha224	dh_std_kdf
-dhSinglePass_stdDH_sha256kdf_scheme		sha256	dh_std_kdf
-dhSinglePass_stdDH_sha384kdf_scheme		sha384	dh_std_kdf
-dhSinglePass_stdDH_sha512kdf_scheme		sha512	dh_std_kdf
-
-dhSinglePass_cofactorDH_sha1kdf_scheme		sha1	dh_cofactor_kdf
-dhSinglePass_cofactorDH_sha224kdf_scheme	sha224	dh_cofactor_kdf
-dhSinglePass_cofactorDH_sha256kdf_scheme	sha256	dh_cofactor_kdf
-dhSinglePass_cofactorDH_sha384kdf_scheme	sha384	dh_cofactor_kdf
-dhSinglePass_cofactorDH_sha512kdf_scheme	sha512	dh_cofactor_kdf
diff --git a/thirdparty/openssl/crypto/objects/objects.README b/thirdparty/openssl/crypto/objects/objects.README
deleted file mode 100644
index cb1d216ce8..0000000000
--- a/thirdparty/openssl/crypto/objects/objects.README
+++ /dev/null
@@ -1,44 +0,0 @@
-objects.txt syntax
-------------------
-
-To cover all the naming hacks that were previously in objects.h needed some
-kind of hacks in objects.txt.
-
-The basic syntax for adding an object is as follows:
-
-	1 2 3 4		: shortName	: Long Name
-
-		If Long Name contains only word characters and hyphen-minus
-		(0x2D) or full stop (0x2E) then Long Name is used as basis
-		for the base name in C. Otherwise, the shortName is used.
-
-		The base name (let's call it 'base') will then be used to
-		create the C macros SN_base, LN_base, NID_base and OBJ_base.
-
-		Note that if the base name contains spaces, dashes or periods,
-		those will be converte to underscore.
-
-Then there are some extra commands:
-
-	!Alias foo 1 2 3 4
-
-		This just makes a name foo for an OID.  The C macro
-		OBJ_foo will be created as a result.
-
-	!Cname foo
-
-		This makes sure that the name foo will be used as base name
-		in C.
-
-	!module foo
-	1 2 3 4		: shortName	: Long Name
-	!global
-
-		The !module command was meant to define a kind of modularity.
-		What it does is to make sure the module name is prepended
-		to the base name.  !global turns this off.  This construction
-		is not recursive.
-
-Lines starting with # are treated as comments, as well as any line starting
-with ! and not matching the commands above.
-
diff --git a/thirdparty/openssl/crypto/objects/objects.txt b/thirdparty/openssl/crypto/objects/objects.txt
deleted file mode 100644
index b57aabb226..0000000000
--- a/thirdparty/openssl/crypto/objects/objects.txt
+++ /dev/null
@@ -1,1350 +0,0 @@
-# CCITT was renamed to ITU-T quite some time ago
-0			: ITU-T			: itu-t
-!Alias ccitt itu-t
-
-1			: ISO			: iso
-
-2			: JOINT-ISO-ITU-T	: joint-iso-itu-t
-!Alias joint-iso-ccitt joint-iso-itu-t
-
-iso 2			: member-body		: ISO Member Body
-
-iso 3			: identified-organization
-
-# HMAC OIDs
-identified-organization 6 1 5 5 8 1 1	: HMAC-MD5	: hmac-md5
-identified-organization 6 1 5 5 8 1 2	: HMAC-SHA1	: hmac-sha1
-
-identified-organization 132	: certicom-arc
-
-joint-iso-itu-t 23	: international-organizations	: International Organizations
-
-international-organizations 43	: wap
-wap 1			: wap-wsg
-
-joint-iso-itu-t 5 1 5	: selected-attribute-types	: Selected Attribute Types
-
-selected-attribute-types 55	: clearance
-
-member-body 840		: ISO-US		: ISO US Member Body
-ISO-US 10040		: X9-57			: X9.57
-X9-57 4			: X9cm			: X9.57 CM ?
-
-!Cname dsa
-X9cm 1			: DSA			: dsaEncryption
-X9cm 3			: DSA-SHA1		: dsaWithSHA1
-
-
-ISO-US 10045		: ansi-X9-62		: ANSI X9.62
-!module X9-62
-!Alias id-fieldType ansi-X9-62 1
-X9-62_id-fieldType 1		: prime-field
-X9-62_id-fieldType 2		: characteristic-two-field
-X9-62_characteristic-two-field 3 : id-characteristic-two-basis
-X9-62_id-characteristic-two-basis 1 : onBasis
-X9-62_id-characteristic-two-basis 2 : tpBasis
-X9-62_id-characteristic-two-basis 3 : ppBasis
-!Alias id-publicKeyType ansi-X9-62 2
-X9-62_id-publicKeyType 1	: id-ecPublicKey
-!Alias ellipticCurve ansi-X9-62 3
-!Alias c-TwoCurve X9-62_ellipticCurve 0
-X9-62_c-TwoCurve 1		: c2pnb163v1
-X9-62_c-TwoCurve 2		: c2pnb163v2
-X9-62_c-TwoCurve 3		: c2pnb163v3
-X9-62_c-TwoCurve 4		: c2pnb176v1
-X9-62_c-TwoCurve 5		: c2tnb191v1
-X9-62_c-TwoCurve 6		: c2tnb191v2
-X9-62_c-TwoCurve 7		: c2tnb191v3
-X9-62_c-TwoCurve 8		: c2onb191v4
-X9-62_c-TwoCurve 9		: c2onb191v5
-X9-62_c-TwoCurve 10		: c2pnb208w1
-X9-62_c-TwoCurve 11		: c2tnb239v1
-X9-62_c-TwoCurve 12		: c2tnb239v2
-X9-62_c-TwoCurve 13		: c2tnb239v3
-X9-62_c-TwoCurve 14		: c2onb239v4
-X9-62_c-TwoCurve 15		: c2onb239v5
-X9-62_c-TwoCurve 16		: c2pnb272w1
-X9-62_c-TwoCurve 17		: c2pnb304w1
-X9-62_c-TwoCurve 18		: c2tnb359v1
-X9-62_c-TwoCurve 19		: c2pnb368w1
-X9-62_c-TwoCurve 20		: c2tnb431r1
-!Alias primeCurve X9-62_ellipticCurve 1
-X9-62_primeCurve 1	 	: prime192v1
-X9-62_primeCurve 2	 	: prime192v2
-X9-62_primeCurve 3	 	: prime192v3
-X9-62_primeCurve 4	 	: prime239v1
-X9-62_primeCurve 5	 	: prime239v2
-X9-62_primeCurve 6	 	: prime239v3
-X9-62_primeCurve 7	 	: prime256v1
-!Alias id-ecSigType ansi-X9-62 4
-!global
-X9-62_id-ecSigType 1		: ecdsa-with-SHA1
-X9-62_id-ecSigType 2		: ecdsa-with-Recommended
-X9-62_id-ecSigType 3		: ecdsa-with-Specified
-ecdsa-with-Specified 1		: ecdsa-with-SHA224
-ecdsa-with-Specified 2		: ecdsa-with-SHA256
-ecdsa-with-Specified 3		: ecdsa-with-SHA384
-ecdsa-with-Specified 4		: ecdsa-with-SHA512
-
-# SECG curve OIDs from "SEC 2: Recommended Elliptic Curve Domain Parameters"
-# (http://www.secg.org/)
-!Alias secg_ellipticCurve certicom-arc 0
-# SECG prime curves OIDs
-secg-ellipticCurve 6		: secp112r1
-secg-ellipticCurve 7		: secp112r2
-secg-ellipticCurve 28		: secp128r1
-secg-ellipticCurve 29		: secp128r2
-secg-ellipticCurve 9		: secp160k1
-secg-ellipticCurve 8		: secp160r1
-secg-ellipticCurve 30		: secp160r2
-secg-ellipticCurve 31		: secp192k1
-# NOTE: the curve secp192r1 is the same as prime192v1 defined above
-#       and is therefore omitted
-secg-ellipticCurve 32		: secp224k1
-secg-ellipticCurve 33		: secp224r1
-secg-ellipticCurve 10		: secp256k1
-# NOTE: the curve secp256r1 is the same as prime256v1 defined above
-#       and is therefore omitted
-secg-ellipticCurve 34		: secp384r1
-secg-ellipticCurve 35		: secp521r1
-# SECG characteristic two curves OIDs
-secg-ellipticCurve 4		: sect113r1
-secg-ellipticCurve 5		: sect113r2
-secg-ellipticCurve 22		: sect131r1
-secg-ellipticCurve 23		: sect131r2
-secg-ellipticCurve 1		: sect163k1
-secg-ellipticCurve 2		: sect163r1
-secg-ellipticCurve 15		: sect163r2
-secg-ellipticCurve 24		: sect193r1
-secg-ellipticCurve 25		: sect193r2
-secg-ellipticCurve 26		: sect233k1
-secg-ellipticCurve 27		: sect233r1
-secg-ellipticCurve 3		: sect239k1
-secg-ellipticCurve 16		: sect283k1
-secg-ellipticCurve 17		: sect283r1
-secg-ellipticCurve 36		: sect409k1
-secg-ellipticCurve 37		: sect409r1
-secg-ellipticCurve 38		: sect571k1
-secg-ellipticCurve 39		: sect571r1
-
-# WAP/TLS curve OIDs (http://www.wapforum.org/)
-!Alias wap-wsg-idm-ecid wap-wsg 4
-wap-wsg-idm-ecid 1	: wap-wsg-idm-ecid-wtls1
-wap-wsg-idm-ecid 3	: wap-wsg-idm-ecid-wtls3
-wap-wsg-idm-ecid 4	: wap-wsg-idm-ecid-wtls4
-wap-wsg-idm-ecid 5	: wap-wsg-idm-ecid-wtls5
-wap-wsg-idm-ecid 6	: wap-wsg-idm-ecid-wtls6
-wap-wsg-idm-ecid 7	: wap-wsg-idm-ecid-wtls7
-wap-wsg-idm-ecid 8	: wap-wsg-idm-ecid-wtls8
-wap-wsg-idm-ecid 9	: wap-wsg-idm-ecid-wtls9
-wap-wsg-idm-ecid 10	: wap-wsg-idm-ecid-wtls10
-wap-wsg-idm-ecid 11	: wap-wsg-idm-ecid-wtls11
-wap-wsg-idm-ecid 12	: wap-wsg-idm-ecid-wtls12
-
-
-ISO-US 113533 7 66 10	: CAST5-CBC		: cast5-cbc
-			: CAST5-ECB		: cast5-ecb
-!Cname cast5-cfb64
-			: CAST5-CFB		: cast5-cfb
-!Cname cast5-ofb64
-			: CAST5-OFB		: cast5-ofb
-!Cname pbeWithMD5AndCast5-CBC
-ISO-US 113533 7 66 12	:			: pbeWithMD5AndCast5CBC
-
-# Macs for CMP and CRMF
-ISO-US 113533 7 66 13	: id-PasswordBasedMAC	: password based MAC
-ISO-US 113533 7 66 30	: id-DHBasedMac		: Diffie-Hellman based MAC
-
-ISO-US 113549		: rsadsi		: RSA Data Security, Inc.
-
-rsadsi 1		: pkcs			: RSA Data Security, Inc. PKCS
-
-pkcs 1			: pkcs1
-pkcs1 1			:			: rsaEncryption
-pkcs1 2			: RSA-MD2		: md2WithRSAEncryption
-pkcs1 3			: RSA-MD4		: md4WithRSAEncryption
-pkcs1 4			: RSA-MD5		: md5WithRSAEncryption
-pkcs1 5			: RSA-SHA1		: sha1WithRSAEncryption
-# According to PKCS #1 version 2.1
-pkcs1 7			: RSAES-OAEP		: rsaesOaep
-pkcs1 8			: MGF1			: mgf1
-pkcs1 9			: PSPECIFIED		: pSpecified
-pkcs1 10		: RSASSA-PSS		: rsassaPss
-
-pkcs1 11		: RSA-SHA256		: sha256WithRSAEncryption
-pkcs1 12		: RSA-SHA384		: sha384WithRSAEncryption
-pkcs1 13		: RSA-SHA512		: sha512WithRSAEncryption
-pkcs1 14		: RSA-SHA224		: sha224WithRSAEncryption
-
-pkcs 3			: pkcs3
-pkcs3 1			:			: dhKeyAgreement
-
-pkcs 5			: pkcs5
-pkcs5 1			: PBE-MD2-DES		: pbeWithMD2AndDES-CBC
-pkcs5 3			: PBE-MD5-DES		: pbeWithMD5AndDES-CBC
-pkcs5 4			: PBE-MD2-RC2-64	: pbeWithMD2AndRC2-CBC
-pkcs5 6			: PBE-MD5-RC2-64	: pbeWithMD5AndRC2-CBC
-pkcs5 10		: PBE-SHA1-DES		: pbeWithSHA1AndDES-CBC
-pkcs5 11		: PBE-SHA1-RC2-64	: pbeWithSHA1AndRC2-CBC
-!Cname id_pbkdf2
-pkcs5 12		:			: PBKDF2
-!Cname pbes2
-pkcs5 13		:			: PBES2
-!Cname pbmac1
-pkcs5 14		:			: PBMAC1
-
-pkcs 7			: pkcs7
-pkcs7 1			:			: pkcs7-data
-!Cname pkcs7-signed
-pkcs7 2			:			: pkcs7-signedData
-!Cname pkcs7-enveloped
-pkcs7 3			:			: pkcs7-envelopedData
-!Cname pkcs7-signedAndEnveloped
-pkcs7 4			:			: pkcs7-signedAndEnvelopedData
-!Cname pkcs7-digest
-pkcs7 5			:			: pkcs7-digestData
-!Cname pkcs7-encrypted
-pkcs7 6			:			: pkcs7-encryptedData
-
-pkcs 9			: pkcs9
-!module pkcs9
-pkcs9 1			: 			: emailAddress
-pkcs9 2			:			: unstructuredName
-pkcs9 3			:			: contentType
-pkcs9 4			:			: messageDigest
-pkcs9 5			:			: signingTime
-pkcs9 6			:			: countersignature
-pkcs9 7			:			: challengePassword
-pkcs9 8			:			: unstructuredAddress
-!Cname extCertAttributes
-pkcs9 9			:			: extendedCertificateAttributes
-!global
-
-!Cname ext-req
-pkcs9 14		: extReq		: Extension Request
-
-!Cname SMIMECapabilities
-pkcs9 15		: SMIME-CAPS		: S/MIME Capabilities
-
-# S/MIME
-!Cname SMIME
-pkcs9 16		: SMIME			: S/MIME
-SMIME 0			: id-smime-mod
-SMIME 1			: id-smime-ct
-SMIME 2			: id-smime-aa
-SMIME 3			: id-smime-alg
-SMIME 4			: id-smime-cd
-SMIME 5			: id-smime-spq
-SMIME 6			: id-smime-cti
-
-# S/MIME Modules
-id-smime-mod 1		: id-smime-mod-cms
-id-smime-mod 2		: id-smime-mod-ess
-id-smime-mod 3		: id-smime-mod-oid
-id-smime-mod 4		: id-smime-mod-msg-v3
-id-smime-mod 5		: id-smime-mod-ets-eSignature-88
-id-smime-mod 6		: id-smime-mod-ets-eSignature-97
-id-smime-mod 7		: id-smime-mod-ets-eSigPolicy-88
-id-smime-mod 8		: id-smime-mod-ets-eSigPolicy-97
-
-# S/MIME Content Types
-id-smime-ct 1		: id-smime-ct-receipt
-id-smime-ct 2		: id-smime-ct-authData
-id-smime-ct 3		: id-smime-ct-publishCert
-id-smime-ct 4		: id-smime-ct-TSTInfo
-id-smime-ct 5		: id-smime-ct-TDTInfo
-id-smime-ct 6		: id-smime-ct-contentInfo
-id-smime-ct 7		: id-smime-ct-DVCSRequestData
-id-smime-ct 8		: id-smime-ct-DVCSResponseData
-id-smime-ct 9		: id-smime-ct-compressedData
-id-smime-ct 27		: id-ct-asciiTextWithCRLF
-
-# S/MIME Attributes
-id-smime-aa 1		: id-smime-aa-receiptRequest
-id-smime-aa 2		: id-smime-aa-securityLabel
-id-smime-aa 3		: id-smime-aa-mlExpandHistory
-id-smime-aa 4		: id-smime-aa-contentHint
-id-smime-aa 5		: id-smime-aa-msgSigDigest
-# obsolete
-id-smime-aa 6		: id-smime-aa-encapContentType
-id-smime-aa 7		: id-smime-aa-contentIdentifier
-# obsolete
-id-smime-aa 8		: id-smime-aa-macValue
-id-smime-aa 9		: id-smime-aa-equivalentLabels
-id-smime-aa 10		: id-smime-aa-contentReference
-id-smime-aa 11		: id-smime-aa-encrypKeyPref
-id-smime-aa 12		: id-smime-aa-signingCertificate
-id-smime-aa 13		: id-smime-aa-smimeEncryptCerts
-id-smime-aa 14		: id-smime-aa-timeStampToken
-id-smime-aa 15		: id-smime-aa-ets-sigPolicyId
-id-smime-aa 16		: id-smime-aa-ets-commitmentType
-id-smime-aa 17		: id-smime-aa-ets-signerLocation
-id-smime-aa 18		: id-smime-aa-ets-signerAttr
-id-smime-aa 19		: id-smime-aa-ets-otherSigCert
-id-smime-aa 20		: id-smime-aa-ets-contentTimestamp
-id-smime-aa 21		: id-smime-aa-ets-CertificateRefs
-id-smime-aa 22		: id-smime-aa-ets-RevocationRefs
-id-smime-aa 23		: id-smime-aa-ets-certValues
-id-smime-aa 24		: id-smime-aa-ets-revocationValues
-id-smime-aa 25		: id-smime-aa-ets-escTimeStamp
-id-smime-aa 26		: id-smime-aa-ets-certCRLTimestamp
-id-smime-aa 27		: id-smime-aa-ets-archiveTimeStamp
-id-smime-aa 28		: id-smime-aa-signatureType
-id-smime-aa 29		: id-smime-aa-dvcs-dvc
-
-# S/MIME Algorithm Identifiers
-# obsolete
-id-smime-alg 1		: id-smime-alg-ESDHwith3DES
-# obsolete
-id-smime-alg 2		: id-smime-alg-ESDHwithRC2
-# obsolete
-id-smime-alg 3		: id-smime-alg-3DESwrap
-# obsolete
-id-smime-alg 4		: id-smime-alg-RC2wrap
-id-smime-alg 5		: id-smime-alg-ESDH
-id-smime-alg 6		: id-smime-alg-CMS3DESwrap
-id-smime-alg 7		: id-smime-alg-CMSRC2wrap
-id-smime-alg 9		: id-alg-PWRI-KEK
-
-# S/MIME Certificate Distribution
-id-smime-cd 1		: id-smime-cd-ldap
-
-# S/MIME Signature Policy Qualifier
-id-smime-spq 1		: id-smime-spq-ets-sqt-uri
-id-smime-spq 2		: id-smime-spq-ets-sqt-unotice
-
-# S/MIME Commitment Type Identifier
-id-smime-cti 1		: id-smime-cti-ets-proofOfOrigin
-id-smime-cti 2		: id-smime-cti-ets-proofOfReceipt
-id-smime-cti 3		: id-smime-cti-ets-proofOfDelivery
-id-smime-cti 4		: id-smime-cti-ets-proofOfSender
-id-smime-cti 5		: id-smime-cti-ets-proofOfApproval
-id-smime-cti 6		: id-smime-cti-ets-proofOfCreation
-
-pkcs9 20		:			: friendlyName
-pkcs9 21		:			: localKeyID
-!Cname ms-csp-name
-1 3 6 1 4 1 311 17 1	: CSPName		: Microsoft CSP Name
-1 3 6 1 4 1 311 17 2	: LocalKeySet		: Microsoft Local Key set
-!Alias certTypes pkcs9 22
-certTypes 1		:			: x509Certificate
-certTypes 2		:			: sdsiCertificate
-!Alias crlTypes pkcs9 23
-crlTypes 1		:			: x509Crl
-
-!Alias pkcs12 pkcs 12
-!Alias pkcs12-pbeids pkcs12 1
-
-!Cname pbe-WithSHA1And128BitRC4
-pkcs12-pbeids 1		: PBE-SHA1-RC4-128	: pbeWithSHA1And128BitRC4
-!Cname pbe-WithSHA1And40BitRC4
-pkcs12-pbeids 2		: PBE-SHA1-RC4-40	: pbeWithSHA1And40BitRC4
-!Cname pbe-WithSHA1And3_Key_TripleDES-CBC
-pkcs12-pbeids 3		: PBE-SHA1-3DES		: pbeWithSHA1And3-KeyTripleDES-CBC
-!Cname pbe-WithSHA1And2_Key_TripleDES-CBC
-pkcs12-pbeids 4		: PBE-SHA1-2DES		: pbeWithSHA1And2-KeyTripleDES-CBC
-!Cname pbe-WithSHA1And128BitRC2-CBC
-pkcs12-pbeids 5		: PBE-SHA1-RC2-128	: pbeWithSHA1And128BitRC2-CBC
-!Cname pbe-WithSHA1And40BitRC2-CBC
-pkcs12-pbeids 6		: PBE-SHA1-RC2-40	: pbeWithSHA1And40BitRC2-CBC
-
-!Alias pkcs12-Version1 pkcs12 10
-!Alias pkcs12-BagIds pkcs12-Version1 1
-pkcs12-BagIds 1		:			: keyBag
-pkcs12-BagIds 2		:			: pkcs8ShroudedKeyBag
-pkcs12-BagIds 3		:			: certBag
-pkcs12-BagIds 4		:			: crlBag
-pkcs12-BagIds 5		:			: secretBag
-pkcs12-BagIds 6		:			: safeContentsBag
-
-rsadsi 2 2		: MD2			: md2
-rsadsi 2 4		: MD4			: md4
-rsadsi 2 5		: MD5			: md5
-			: MD5-SHA1		: md5-sha1
-rsadsi 2 6		:			: hmacWithMD5
-rsadsi 2 7		:			: hmacWithSHA1
-
-# From RFC4231
-rsadsi 2 8		:			: hmacWithSHA224
-rsadsi 2 9		:			: hmacWithSHA256
-rsadsi 2 10		:			: hmacWithSHA384
-rsadsi 2 11		:			: hmacWithSHA512
-
-rsadsi 3 2		: RC2-CBC		: rc2-cbc
-			: RC2-ECB		: rc2-ecb
-!Cname rc2-cfb64
-			: RC2-CFB		: rc2-cfb
-!Cname rc2-ofb64
-			: RC2-OFB		: rc2-ofb
-			: RC2-40-CBC		: rc2-40-cbc
-			: RC2-64-CBC		: rc2-64-cbc
-rsadsi 3 4		: RC4			: rc4
-			: RC4-40		: rc4-40
-rsadsi 3 7		: DES-EDE3-CBC		: des-ede3-cbc
-rsadsi 3 8		: RC5-CBC		: rc5-cbc
-			: RC5-ECB		: rc5-ecb
-!Cname rc5-cfb64
-			: RC5-CFB		: rc5-cfb
-!Cname rc5-ofb64
-			: RC5-OFB		: rc5-ofb
-
-!Cname ms-ext-req
-1 3 6 1 4 1 311 2 1 14	: msExtReq		: Microsoft Extension Request
-!Cname ms-code-ind
-1 3 6 1 4 1 311 2 1 21	: msCodeInd		: Microsoft Individual Code Signing
-!Cname ms-code-com
-1 3 6 1 4 1 311 2 1 22	: msCodeCom		: Microsoft Commercial Code Signing
-!Cname ms-ctl-sign
-1 3 6 1 4 1 311 10 3 1	: msCTLSign		: Microsoft Trust List Signing
-!Cname ms-sgc
-1 3 6 1 4 1 311 10 3 3	: msSGC			: Microsoft Server Gated Crypto
-!Cname ms-efs
-1 3 6 1 4 1 311 10 3 4	: msEFS			: Microsoft Encrypted File System
-!Cname ms-smartcard-login
-1 3 6 1 4 1 311 20 2 2	: msSmartcardLogin	: Microsoft Smartcardlogin
-!Cname ms-upn
-1 3 6 1 4 1 311 20 2 3	: msUPN			: Microsoft Universal Principal Name
-
-1 3 6 1 4 1 188 7 1 1 2	: IDEA-CBC		: idea-cbc
-			: IDEA-ECB		: idea-ecb
-!Cname idea-cfb64
-			: IDEA-CFB		: idea-cfb
-!Cname idea-ofb64
-			: IDEA-OFB		: idea-ofb
-
-1 3 6 1 4 1 3029 1 2	: BF-CBC		: bf-cbc
-			: BF-ECB		: bf-ecb
-!Cname bf-cfb64
-			: BF-CFB		: bf-cfb
-!Cname bf-ofb64
-			: BF-OFB		: bf-ofb
-
-!Cname id-pkix
-1 3 6 1 5 5 7		: PKIX
-
-# PKIX Arcs
-id-pkix 0		: id-pkix-mod
-id-pkix 1		: id-pe
-id-pkix 2		: id-qt
-id-pkix 3		: id-kp
-id-pkix 4		: id-it
-id-pkix 5		: id-pkip
-id-pkix 6		: id-alg
-id-pkix 7		: id-cmc
-id-pkix 8		: id-on
-id-pkix 9		: id-pda
-id-pkix 10		: id-aca
-id-pkix 11		: id-qcs
-id-pkix 12		: id-cct
-id-pkix 21		: id-ppl
-id-pkix 48		: id-ad
-
-# PKIX Modules
-id-pkix-mod 1		: id-pkix1-explicit-88
-id-pkix-mod 2		: id-pkix1-implicit-88
-id-pkix-mod 3		: id-pkix1-explicit-93
-id-pkix-mod 4		: id-pkix1-implicit-93
-id-pkix-mod 5		: id-mod-crmf
-id-pkix-mod 6		: id-mod-cmc
-id-pkix-mod 7		: id-mod-kea-profile-88
-id-pkix-mod 8		: id-mod-kea-profile-93
-id-pkix-mod 9		: id-mod-cmp
-id-pkix-mod 10		: id-mod-qualified-cert-88
-id-pkix-mod 11		: id-mod-qualified-cert-93
-id-pkix-mod 12		: id-mod-attribute-cert
-id-pkix-mod 13		: id-mod-timestamp-protocol
-id-pkix-mod 14		: id-mod-ocsp
-id-pkix-mod 15		: id-mod-dvcs
-id-pkix-mod 16		: id-mod-cmp2000
-
-# PKIX Private Extensions
-!Cname info-access
-id-pe 1			: authorityInfoAccess	: Authority Information Access
-id-pe 2			: biometricInfo		: Biometric Info
-id-pe 3			: qcStatements
-id-pe 4			: ac-auditEntity
-id-pe 5			: ac-targeting
-id-pe 6			: aaControls
-id-pe 7			: sbgp-ipAddrBlock
-id-pe 8			: sbgp-autonomousSysNum
-id-pe 9			: sbgp-routerIdentifier
-id-pe 10		: ac-proxying
-!Cname sinfo-access
-id-pe 11		: subjectInfoAccess	: Subject Information Access
-id-pe 14		: proxyCertInfo		: Proxy Certificate Information
-
-# PKIX policyQualifiers for Internet policy qualifiers
-id-qt 1			: id-qt-cps		: Policy Qualifier CPS
-id-qt 2			: id-qt-unotice		: Policy Qualifier User Notice
-id-qt 3			: textNotice
-
-# PKIX key purpose identifiers
-!Cname server-auth
-id-kp 1			: serverAuth		: TLS Web Server Authentication
-!Cname client-auth
-id-kp 2			: clientAuth		: TLS Web Client Authentication
-!Cname code-sign
-id-kp 3			: codeSigning		: Code Signing
-!Cname email-protect
-id-kp 4			: emailProtection	: E-mail Protection
-id-kp 5			: ipsecEndSystem	: IPSec End System
-id-kp 6			: ipsecTunnel		: IPSec Tunnel
-id-kp 7			: ipsecUser		: IPSec User
-!Cname time-stamp
-id-kp 8			: timeStamping		: Time Stamping
-# From OCSP spec RFC2560
-!Cname OCSP-sign
-id-kp 9			: OCSPSigning		: OCSP Signing
-id-kp 10		: DVCS			: dvcs
-
-# CMP information types
-id-it 1			: id-it-caProtEncCert
-id-it 2			: id-it-signKeyPairTypes
-id-it 3			: id-it-encKeyPairTypes
-id-it 4			: id-it-preferredSymmAlg
-id-it 5			: id-it-caKeyUpdateInfo
-id-it 6			: id-it-currentCRL
-id-it 7			: id-it-unsupportedOIDs
-# obsolete
-id-it 8			: id-it-subscriptionRequest
-# obsolete
-id-it 9			: id-it-subscriptionResponse
-id-it 10		: id-it-keyPairParamReq
-id-it 11		: id-it-keyPairParamRep
-id-it 12		: id-it-revPassphrase
-id-it 13		: id-it-implicitConfirm
-id-it 14		: id-it-confirmWaitTime
-id-it 15		: id-it-origPKIMessage
-id-it 16		: id-it-suppLangTags
-
-# CRMF registration
-id-pkip 1		: id-regCtrl
-id-pkip 2		: id-regInfo
-
-# CRMF registration controls
-id-regCtrl 1		: id-regCtrl-regToken
-id-regCtrl 2		: id-regCtrl-authenticator
-id-regCtrl 3		: id-regCtrl-pkiPublicationInfo
-id-regCtrl 4		: id-regCtrl-pkiArchiveOptions
-id-regCtrl 5		: id-regCtrl-oldCertID
-id-regCtrl 6		: id-regCtrl-protocolEncrKey
-
-# CRMF registration information
-id-regInfo 1		: id-regInfo-utf8Pairs
-id-regInfo 2		: id-regInfo-certReq
-
-# algorithms
-id-alg 1		: id-alg-des40
-id-alg 2		: id-alg-noSignature
-id-alg 3		: id-alg-dh-sig-hmac-sha1
-id-alg 4		: id-alg-dh-pop
-
-# CMC controls
-id-cmc 1		: id-cmc-statusInfo
-id-cmc 2		: id-cmc-identification
-id-cmc 3		: id-cmc-identityProof
-id-cmc 4		: id-cmc-dataReturn
-id-cmc 5		: id-cmc-transactionId
-id-cmc 6		: id-cmc-senderNonce
-id-cmc 7		: id-cmc-recipientNonce
-id-cmc 8		: id-cmc-addExtensions
-id-cmc 9		: id-cmc-encryptedPOP
-id-cmc 10		: id-cmc-decryptedPOP
-id-cmc 11		: id-cmc-lraPOPWitness
-id-cmc 15		: id-cmc-getCert
-id-cmc 16		: id-cmc-getCRL
-id-cmc 17		: id-cmc-revokeRequest
-id-cmc 18		: id-cmc-regInfo
-id-cmc 19		: id-cmc-responseInfo
-id-cmc 21		: id-cmc-queryPending
-id-cmc 22		: id-cmc-popLinkRandom
-id-cmc 23		: id-cmc-popLinkWitness
-id-cmc 24		: id-cmc-confirmCertAcceptance 
-
-# other names
-id-on 1			: id-on-personalData
-id-on 3			: id-on-permanentIdentifier : Permanent Identifier
-
-# personal data attributes
-id-pda 1		: id-pda-dateOfBirth
-id-pda 2		: id-pda-placeOfBirth
-id-pda 3		: id-pda-gender
-id-pda 4		: id-pda-countryOfCitizenship
-id-pda 5		: id-pda-countryOfResidence
-
-# attribute certificate attributes
-id-aca 1		: id-aca-authenticationInfo
-id-aca 2		: id-aca-accessIdentity
-id-aca 3		: id-aca-chargingIdentity
-id-aca 4		: id-aca-group
-# attention : the following seems to be obsolete, replace by 'role'
-id-aca 5		: id-aca-role
-id-aca 6		: id-aca-encAttrs
-
-# qualified certificate statements
-id-qcs 1		: id-qcs-pkixQCSyntax-v1
-
-# CMC content types
-id-cct 1		: id-cct-crs
-id-cct 2		: id-cct-PKIData
-id-cct 3		: id-cct-PKIResponse
-
-# Predefined Proxy Certificate policy languages
-id-ppl 0		: id-ppl-anyLanguage	: Any language
-id-ppl 1		: id-ppl-inheritAll	: Inherit all
-id-ppl 2		: id-ppl-independent	: Independent
-
-# access descriptors for authority info access extension
-!Cname ad-OCSP
-id-ad 1			: OCSP			: OCSP
-!Cname ad-ca-issuers
-id-ad 2			: caIssuers		: CA Issuers
-!Cname ad-timeStamping
-id-ad 3			: ad_timestamping	: AD Time Stamping
-!Cname ad-dvcs
-id-ad 4			: AD_DVCS		: ad dvcs
-id-ad 5			: caRepository		: CA Repository
-
-
-!Alias id-pkix-OCSP ad-OCSP
-!module id-pkix-OCSP
-!Cname basic
-id-pkix-OCSP 1		: basicOCSPResponse	: Basic OCSP Response
-id-pkix-OCSP 2		: Nonce			: OCSP Nonce
-id-pkix-OCSP 3		: CrlID			: OCSP CRL ID
-id-pkix-OCSP 4		: acceptableResponses	: Acceptable OCSP Responses
-id-pkix-OCSP 5		: noCheck		: OCSP No Check
-id-pkix-OCSP 6		: archiveCutoff		: OCSP Archive Cutoff
-id-pkix-OCSP 7		: serviceLocator	: OCSP Service Locator
-id-pkix-OCSP 8		: extendedStatus	: Extended OCSP Status
-id-pkix-OCSP 9		: valid
-id-pkix-OCSP 10		: path
-id-pkix-OCSP 11		: trustRoot		: Trust Root
-!global
-
-1 3 14 3 2		: algorithm		: algorithm
-algorithm 3		: RSA-NP-MD5		: md5WithRSA
-algorithm 6		: DES-ECB		: des-ecb
-algorithm 7		: DES-CBC		: des-cbc
-!Cname des-ofb64
-algorithm 8		: DES-OFB		: des-ofb
-!Cname des-cfb64
-algorithm 9		: DES-CFB		: des-cfb
-algorithm 11		: rsaSignature
-!Cname dsa-2
-algorithm 12		: DSA-old		: dsaEncryption-old
-algorithm 13		: DSA-SHA		: dsaWithSHA
-algorithm 15		: RSA-SHA		: shaWithRSAEncryption
-!Cname des-ede-ecb
-algorithm 17		: DES-EDE		: des-ede
-!Cname des-ede3-ecb
-			: DES-EDE3		: des-ede3
-			: DES-EDE-CBC		: des-ede-cbc
-!Cname des-ede-cfb64
-			: DES-EDE-CFB		: des-ede-cfb
-!Cname des-ede3-cfb64
-			: DES-EDE3-CFB		: des-ede3-cfb
-!Cname des-ede-ofb64
-			: DES-EDE-OFB		: des-ede-ofb
-!Cname des-ede3-ofb64
-			: DES-EDE3-OFB		: des-ede3-ofb
-			: DESX-CBC		: desx-cbc
-algorithm 18		: SHA			: sha
-algorithm 26		: SHA1			: sha1
-!Cname dsaWithSHA1-2
-algorithm 27		: DSA-SHA1-old		: dsaWithSHA1-old
-algorithm 29		: RSA-SHA1-2		: sha1WithRSA
-
-1 3 36 3 2 1		: RIPEMD160		: ripemd160
-1 3 36 3 3 1 2		: RSA-RIPEMD160		: ripemd160WithRSA
-
-!Cname sxnet
-1 3 101 1 4 1		: SXNetID		: Strong Extranet ID
-
-2 5			: X500			: directory services (X.500)
-
-X500 4			: X509
-X509 3			: CN			: commonName
-X509 4			: SN			: surname
-X509 5			: 			: serialNumber
-X509 6			: C			: countryName
-X509 7			: L			: localityName
-X509 8			: ST			: stateOrProvinceName
-X509 9			: street		: streetAddress
-X509 10			: O			: organizationName
-X509 11			: OU			: organizationalUnitName
-X509 12			: title			: title
-X509 13			: 			: description
-X509 14			: 			: searchGuide
-X509 15			: 			: businessCategory
-X509 16			: 			: postalAddress
-X509 17			: 			: postalCode
-X509 18			: 			: postOfficeBox
-X509 19			: 			: physicalDeliveryOfficeName
-X509 20			: 			: telephoneNumber
-X509 21			: 			: telexNumber
-X509 22			: 			: teletexTerminalIdentifier
-X509 23			: 			: facsimileTelephoneNumber
-X509 24			: 			: x121Address
-X509 25			: 			: internationaliSDNNumber
-X509 26			: 			: registeredAddress
-X509 27			: 			: destinationIndicator
-X509 28			: 			: preferredDeliveryMethod
-X509 29			: 			: presentationAddress
-X509 30			: 			: supportedApplicationContext
-X509 31			: member		:
-X509 32			: owner			:
-X509 33			: 			: roleOccupant
-X509 34			: seeAlso		:
-X509 35			: 			: userPassword
-X509 36			: 			: userCertificate
-X509 37			: 			: cACertificate
-X509 38			: 			: authorityRevocationList
-X509 39			: 			: certificateRevocationList
-X509 40			: 			: crossCertificatePair
-X509 41			: name			: name
-X509 42			: GN			: givenName
-X509 43			: initials		: initials
-X509 44			: 			: generationQualifier
-X509 45			: 			: x500UniqueIdentifier
-X509 46			: dnQualifier		: dnQualifier
-X509 47			: 			: enhancedSearchGuide
-X509 48			: 			: protocolInformation
-X509 49			: 			: distinguishedName
-X509 50			: 			: uniqueMember
-X509 51			: 			: houseIdentifier
-X509 52			: 			: supportedAlgorithms
-X509 53			: 			: deltaRevocationList
-X509 54			: dmdName		:
-X509 65			:			: pseudonym
-X509 72			: role			: role
-
-X500 8			: X500algorithms	: directory services - algorithms
-X500algorithms 1 1	: RSA			: rsa
-X500algorithms 3 100	: RSA-MDC2		: mdc2WithRSA
-X500algorithms 3 101	: MDC2			: mdc2
-
-X500 29			: id-ce
-!Cname subject-directory-attributes
-id-ce 9			: subjectDirectoryAttributes : X509v3 Subject Directory Attributes
-!Cname subject-key-identifier
-id-ce 14		: subjectKeyIdentifier	: X509v3 Subject Key Identifier
-!Cname key-usage
-id-ce 15		: keyUsage		: X509v3 Key Usage
-!Cname private-key-usage-period
-id-ce 16		: privateKeyUsagePeriod	: X509v3 Private Key Usage Period
-!Cname subject-alt-name
-id-ce 17		: subjectAltName	: X509v3 Subject Alternative Name
-!Cname issuer-alt-name
-id-ce 18		: issuerAltName		: X509v3 Issuer Alternative Name
-!Cname basic-constraints
-id-ce 19		: basicConstraints	: X509v3 Basic Constraints
-!Cname crl-number
-id-ce 20		: crlNumber		: X509v3 CRL Number
-!Cname crl-reason
-id-ce 21		: CRLReason		: X509v3 CRL Reason Code
-!Cname invalidity-date
-id-ce 24		: invalidityDate	: Invalidity Date
-!Cname delta-crl
-id-ce 27		: deltaCRL		: X509v3 Delta CRL Indicator
-!Cname issuing-distribution-point
-id-ce 28		: issuingDistributionPoint : X509v3 Issuing Distrubution Point
-!Cname certificate-issuer
-id-ce 29		: certificateIssuer	: X509v3 Certificate Issuer
-!Cname name-constraints
-id-ce 30		: nameConstraints	: X509v3 Name Constraints
-!Cname crl-distribution-points
-id-ce 31		: crlDistributionPoints	: X509v3 CRL Distribution Points
-!Cname certificate-policies
-id-ce 32		: certificatePolicies	: X509v3 Certificate Policies
-!Cname any-policy
-certificate-policies 0	: anyPolicy		: X509v3 Any Policy
-!Cname policy-mappings
-id-ce 33		: policyMappings	: X509v3 Policy Mappings
-!Cname authority-key-identifier
-id-ce 35		: authorityKeyIdentifier : X509v3 Authority Key Identifier
-!Cname policy-constraints
-id-ce 36		: policyConstraints	: X509v3 Policy Constraints
-!Cname ext-key-usage
-id-ce 37		: extendedKeyUsage	: X509v3 Extended Key Usage
-!Cname freshest-crl
-id-ce 46		: freshestCRL		: X509v3 Freshest CRL
-!Cname inhibit-any-policy
-id-ce 54		: inhibitAnyPolicy	: X509v3 Inhibit Any Policy
-!Cname target-information
-id-ce 55		: targetInformation	: X509v3 AC Targeting
-!Cname no-rev-avail
-id-ce 56		: noRevAvail		: X509v3 No Revocation Available
-
-# From RFC5280
-ext-key-usage 0		: anyExtendedKeyUsage	: Any Extended Key Usage
-
-
-!Cname netscape
-2 16 840 1 113730	: Netscape		: Netscape Communications Corp.
-!Cname netscape-cert-extension
-netscape 1		: nsCertExt		: Netscape Certificate Extension
-!Cname netscape-data-type
-netscape 2		: nsDataType		: Netscape Data Type
-!Cname netscape-cert-type
-netscape-cert-extension 1 : nsCertType		: Netscape Cert Type
-!Cname netscape-base-url
-netscape-cert-extension 2 : nsBaseUrl		: Netscape Base Url
-!Cname netscape-revocation-url
-netscape-cert-extension 3 : nsRevocationUrl	: Netscape Revocation Url
-!Cname netscape-ca-revocation-url
-netscape-cert-extension 4 : nsCaRevocationUrl	: Netscape CA Revocation Url
-!Cname netscape-renewal-url
-netscape-cert-extension 7 : nsRenewalUrl	: Netscape Renewal Url
-!Cname netscape-ca-policy-url
-netscape-cert-extension 8 : nsCaPolicyUrl	: Netscape CA Policy Url
-!Cname netscape-ssl-server-name
-netscape-cert-extension 12 : nsSslServerName	: Netscape SSL Server Name
-!Cname netscape-comment
-netscape-cert-extension 13 : nsComment		: Netscape Comment
-!Cname netscape-cert-sequence
-netscape-data-type 5	: nsCertSequence	: Netscape Certificate Sequence
-!Cname ns-sgc
-netscape 4 1		: nsSGC			: Netscape Server Gated Crypto
-
-# iso(1)
-iso 3			: ORG			: org
-org 6			: DOD			: dod
-dod 1			: IANA			: iana
-!Alias internet iana
-
-internet 1		: directory		: Directory
-internet 2		: mgmt			: Management
-internet 3		: experimental		: Experimental
-internet 4		: private		: Private
-internet 5		: security		: Security
-internet 6		: snmpv2		: SNMPv2
-# Documents refer to "internet 7" as "mail". This however leads to ambiguities
-# with RFC2798, Section 9.1.3, where "mail" is defined as the short name for
-# rfc822Mailbox. The short name is therefore here left out for a reason.
-# Subclasses of "mail", e.g. "MIME MHS" don't consitute a problem, as
-# references are realized via long name "Mail" (with capital M).
-internet 7		:			: Mail
-
-Private 1		: enterprises		: Enterprises
-
-# RFC 2247
-Enterprises 1466 344	: dcobject		: dcObject
-
-# RFC 1495
-Mail 1			: mime-mhs		: MIME MHS
-mime-mhs 1		: mime-mhs-headings	: mime-mhs-headings
-mime-mhs 2		: mime-mhs-bodies	: mime-mhs-bodies
-mime-mhs-headings 1	: id-hex-partial-message : id-hex-partial-message
-mime-mhs-headings 2	: id-hex-multipart-message : id-hex-multipart-message
-
-# What the hell are these OIDs, really?
-!Cname rle-compression
-1 1 1 1 666 1		: RLE			: run length compression
-!Cname zlib-compression
-id-smime-alg 8		: ZLIB			: zlib compression
-
-# AES aka Rijndael
-
-!Alias csor 2 16 840 1 101 3
-!Alias nistAlgorithms csor 4
-!Alias aes nistAlgorithms 1
-
-aes 1			: AES-128-ECB		: aes-128-ecb
-aes 2			: AES-128-CBC		: aes-128-cbc
-!Cname aes-128-ofb128
-aes 3			: AES-128-OFB		: aes-128-ofb
-!Cname aes-128-cfb128
-aes 4			: AES-128-CFB		: aes-128-cfb
-aes 5			: id-aes128-wrap
-aes 6			: id-aes128-GCM		: aes-128-gcm
-aes 7			: id-aes128-CCM		: aes-128-ccm
-aes 8			: id-aes128-wrap-pad
-
-aes 21			: AES-192-ECB		: aes-192-ecb
-aes 22			: AES-192-CBC		: aes-192-cbc
-!Cname aes-192-ofb128
-aes 23			: AES-192-OFB		: aes-192-ofb
-!Cname aes-192-cfb128
-aes 24			: AES-192-CFB		: aes-192-cfb
-aes 25			: id-aes192-wrap
-aes 26			: id-aes192-GCM		: aes-192-gcm
-aes 27			: id-aes192-CCM		: aes-192-ccm
-aes 28			: id-aes192-wrap-pad
-
-aes 41			: AES-256-ECB		: aes-256-ecb
-aes 42			: AES-256-CBC		: aes-256-cbc
-!Cname aes-256-ofb128
-aes 43			: AES-256-OFB		: aes-256-ofb
-!Cname aes-256-cfb128
-aes 44			: AES-256-CFB		: aes-256-cfb
-aes 45			: id-aes256-wrap
-aes 46			: id-aes256-GCM		: aes-256-gcm
-aes 47			: id-aes256-CCM		: aes-256-ccm
-aes 48			: id-aes256-wrap-pad
-
-# There are no OIDs for these modes...
-
-			: AES-128-CFB1		: aes-128-cfb1
-			: AES-192-CFB1		: aes-192-cfb1
-			: AES-256-CFB1		: aes-256-cfb1
-			: AES-128-CFB8		: aes-128-cfb8
-			: AES-192-CFB8		: aes-192-cfb8
-			: AES-256-CFB8		: aes-256-cfb8
-			: AES-128-CTR		: aes-128-ctr
-			: AES-192-CTR		: aes-192-ctr
-			: AES-256-CTR		: aes-256-ctr
-			: AES-128-XTS		: aes-128-xts
-			: AES-256-XTS		: aes-256-xts
-			: DES-CFB1		: des-cfb1
-			: DES-CFB8		: des-cfb8
-			: DES-EDE3-CFB1		: des-ede3-cfb1
-			: DES-EDE3-CFB8		: des-ede3-cfb8
-
-# OIDs for SHA224, SHA256, SHA385 and SHA512, according to x9.84.
-!Alias nist_hashalgs nistAlgorithms 2
-nist_hashalgs 1		: SHA256		: sha256
-nist_hashalgs 2		: SHA384		: sha384
-nist_hashalgs 3		: SHA512		: sha512
-nist_hashalgs 4		: SHA224		: sha224
-
-# OIDs for dsa-with-sha224 and dsa-with-sha256
-!Alias dsa_with_sha2 nistAlgorithms 3
-dsa_with_sha2 1		: dsa_with_SHA224
-dsa_with_sha2 2		: dsa_with_SHA256
-
-# Hold instruction CRL entry extension
-!Cname hold-instruction-code
-id-ce 23		: holdInstructionCode	: Hold Instruction Code
-!Alias holdInstruction	X9-57 2
-!Cname hold-instruction-none
-holdInstruction 1	: holdInstructionNone	: Hold Instruction None
-!Cname hold-instruction-call-issuer
-holdInstruction 2	: holdInstructionCallIssuer : Hold Instruction Call Issuer
-!Cname hold-instruction-reject
-holdInstruction 3	: holdInstructionReject	: Hold Instruction Reject
-
-# OID's from ITU-T.  Most of this is defined in RFC 1274.  A couple of
-# them are also mentioned in RFC 2247
-itu-t 9			: data
-data 2342		: pss
-pss 19200300		: ucl
-ucl 100			: pilot
-pilot 1			:			: pilotAttributeType
-pilot 3			:			: pilotAttributeSyntax
-pilot 4			:			: pilotObjectClass
-pilot 10		:			: pilotGroups
-pilotAttributeSyntax 4	:			: iA5StringSyntax
-pilotAttributeSyntax 5	:			: caseIgnoreIA5StringSyntax
-pilotObjectClass 3	:			: pilotObject
-pilotObjectClass 4	:			: pilotPerson
-pilotObjectClass 5	: account
-pilotObjectClass 6	: document
-pilotObjectClass 7	: room
-pilotObjectClass 9	:			: documentSeries
-pilotObjectClass 13	: domain		: Domain
-pilotObjectClass 14	:			: rFC822localPart
-pilotObjectClass 15	:			: dNSDomain
-pilotObjectClass 17	:			: domainRelatedObject
-pilotObjectClass 18	:			: friendlyCountry
-pilotObjectClass 19	:			: simpleSecurityObject
-pilotObjectClass 20	:			: pilotOrganization
-pilotObjectClass 21	:			: pilotDSA
-pilotObjectClass 22	:			: qualityLabelledData
-pilotAttributeType 1	: UID			: userId
-pilotAttributeType 2	:			: textEncodedORAddress
-pilotAttributeType 3	: mail			: rfc822Mailbox
-pilotAttributeType 4	: info
-pilotAttributeType 5	:			: favouriteDrink
-pilotAttributeType 6	:			: roomNumber
-pilotAttributeType 7	: photo
-pilotAttributeType 8	:			: userClass
-pilotAttributeType 9	: host
-pilotAttributeType 10	: manager
-pilotAttributeType 11	:			: documentIdentifier
-pilotAttributeType 12	:			: documentTitle
-pilotAttributeType 13	:			: documentVersion
-pilotAttributeType 14	:			: documentAuthor
-pilotAttributeType 15	:			: documentLocation
-pilotAttributeType 20	:			: homeTelephoneNumber
-pilotAttributeType 21	: secretary
-pilotAttributeType 22	:			: otherMailbox
-pilotAttributeType 23	:			: lastModifiedTime
-pilotAttributeType 24	:			: lastModifiedBy
-pilotAttributeType 25	: DC			: domainComponent
-pilotAttributeType 26	:			: aRecord
-pilotAttributeType 27	:			: pilotAttributeType27
-pilotAttributeType 28	:			: mXRecord
-pilotAttributeType 29	:			: nSRecord
-pilotAttributeType 30	:			: sOARecord
-pilotAttributeType 31	:			: cNAMERecord
-pilotAttributeType 37	:			: associatedDomain
-pilotAttributeType 38	:			: associatedName
-pilotAttributeType 39	:			: homePostalAddress
-pilotAttributeType 40	:			: personalTitle
-pilotAttributeType 41	:			: mobileTelephoneNumber
-pilotAttributeType 42	:			: pagerTelephoneNumber
-pilotAttributeType 43	:			: friendlyCountryName
-# The following clashes with 2.5.4.45, so commented away
-#pilotAttributeType 44	: uid			: uniqueIdentifier
-pilotAttributeType 45	:			: organizationalStatus
-pilotAttributeType 46	:			: janetMailbox
-pilotAttributeType 47	:			: mailPreferenceOption
-pilotAttributeType 48	:			: buildingName
-pilotAttributeType 49	:			: dSAQuality
-pilotAttributeType 50	:			: singleLevelQuality
-pilotAttributeType 51	:			: subtreeMinimumQuality
-pilotAttributeType 52	:			: subtreeMaximumQuality
-pilotAttributeType 53	:			: personalSignature
-pilotAttributeType 54	:			: dITRedirect
-pilotAttributeType 55	: audio
-pilotAttributeType 56	:			: documentPublisher
-
-international-organizations 42	: id-set	: Secure Electronic Transactions
-
-id-set 0		: set-ctype		: content types
-id-set 1		: set-msgExt		: message extensions
-id-set 3		: set-attr
-id-set 5		: set-policy
-id-set 7		: set-certExt		: certificate extensions
-id-set 8		: set-brand
-
-set-ctype 0		: setct-PANData
-set-ctype 1		: setct-PANToken
-set-ctype 2		: setct-PANOnly
-set-ctype 3		: setct-OIData
-set-ctype 4		: setct-PI
-set-ctype 5		: setct-PIData
-set-ctype 6		: setct-PIDataUnsigned
-set-ctype 7		: setct-HODInput
-set-ctype 8		: setct-AuthResBaggage
-set-ctype 9		: setct-AuthRevReqBaggage
-set-ctype 10		: setct-AuthRevResBaggage
-set-ctype 11		: setct-CapTokenSeq
-set-ctype 12		: setct-PInitResData
-set-ctype 13		: setct-PI-TBS
-set-ctype 14		: setct-PResData
-set-ctype 16		: setct-AuthReqTBS
-set-ctype 17		: setct-AuthResTBS
-set-ctype 18		: setct-AuthResTBSX
-set-ctype 19		: setct-AuthTokenTBS
-set-ctype 20		: setct-CapTokenData
-set-ctype 21		: setct-CapTokenTBS
-set-ctype 22		: setct-AcqCardCodeMsg
-set-ctype 23		: setct-AuthRevReqTBS
-set-ctype 24		: setct-AuthRevResData
-set-ctype 25		: setct-AuthRevResTBS
-set-ctype 26		: setct-CapReqTBS
-set-ctype 27		: setct-CapReqTBSX
-set-ctype 28		: setct-CapResData
-set-ctype 29		: setct-CapRevReqTBS
-set-ctype 30		: setct-CapRevReqTBSX
-set-ctype 31		: setct-CapRevResData
-set-ctype 32		: setct-CredReqTBS
-set-ctype 33		: setct-CredReqTBSX
-set-ctype 34		: setct-CredResData
-set-ctype 35		: setct-CredRevReqTBS
-set-ctype 36		: setct-CredRevReqTBSX
-set-ctype 37		: setct-CredRevResData
-set-ctype 38		: setct-PCertReqData
-set-ctype 39		: setct-PCertResTBS
-set-ctype 40		: setct-BatchAdminReqData
-set-ctype 41		: setct-BatchAdminResData
-set-ctype 42		: setct-CardCInitResTBS
-set-ctype 43		: setct-MeAqCInitResTBS
-set-ctype 44		: setct-RegFormResTBS
-set-ctype 45		: setct-CertReqData
-set-ctype 46		: setct-CertReqTBS
-set-ctype 47		: setct-CertResData
-set-ctype 48		: setct-CertInqReqTBS
-set-ctype 49		: setct-ErrorTBS
-set-ctype 50		: setct-PIDualSignedTBE
-set-ctype 51		: setct-PIUnsignedTBE
-set-ctype 52		: setct-AuthReqTBE
-set-ctype 53		: setct-AuthResTBE
-set-ctype 54		: setct-AuthResTBEX
-set-ctype 55		: setct-AuthTokenTBE
-set-ctype 56		: setct-CapTokenTBE
-set-ctype 57		: setct-CapTokenTBEX
-set-ctype 58		: setct-AcqCardCodeMsgTBE
-set-ctype 59		: setct-AuthRevReqTBE
-set-ctype 60		: setct-AuthRevResTBE
-set-ctype 61		: setct-AuthRevResTBEB
-set-ctype 62		: setct-CapReqTBE
-set-ctype 63		: setct-CapReqTBEX
-set-ctype 64		: setct-CapResTBE
-set-ctype 65		: setct-CapRevReqTBE
-set-ctype 66		: setct-CapRevReqTBEX
-set-ctype 67		: setct-CapRevResTBE
-set-ctype 68		: setct-CredReqTBE
-set-ctype 69		: setct-CredReqTBEX
-set-ctype 70		: setct-CredResTBE
-set-ctype 71		: setct-CredRevReqTBE
-set-ctype 72		: setct-CredRevReqTBEX
-set-ctype 73		: setct-CredRevResTBE
-set-ctype 74		: setct-BatchAdminReqTBE
-set-ctype 75		: setct-BatchAdminResTBE
-set-ctype 76		: setct-RegFormReqTBE
-set-ctype 77		: setct-CertReqTBE
-set-ctype 78		: setct-CertReqTBEX
-set-ctype 79		: setct-CertResTBE
-set-ctype 80		: setct-CRLNotificationTBS
-set-ctype 81		: setct-CRLNotificationResTBS
-set-ctype 82		: setct-BCIDistributionTBS
-
-set-msgExt 1		: setext-genCrypt	: generic cryptogram
-set-msgExt 3		: setext-miAuth		: merchant initiated auth
-set-msgExt 4		: setext-pinSecure
-set-msgExt 5		: setext-pinAny
-set-msgExt 7		: setext-track2
-set-msgExt 8		: setext-cv		: additional verification
-
-set-policy 0		: set-policy-root
-
-set-certExt 0		: setCext-hashedRoot
-set-certExt 1		: setCext-certType
-set-certExt 2		: setCext-merchData
-set-certExt 3		: setCext-cCertRequired
-set-certExt 4		: setCext-tunneling
-set-certExt 5		: setCext-setExt
-set-certExt 6		: setCext-setQualf
-set-certExt 7		: setCext-PGWYcapabilities
-set-certExt 8		: setCext-TokenIdentifier
-set-certExt 9		: setCext-Track2Data
-set-certExt 10		: setCext-TokenType
-set-certExt 11		: setCext-IssuerCapabilities
-
-set-attr 0		: setAttr-Cert
-set-attr 1		: setAttr-PGWYcap	: payment gateway capabilities
-set-attr 2		: setAttr-TokenType
-set-attr 3		: setAttr-IssCap	: issuer capabilities
-
-setAttr-Cert 0		: set-rootKeyThumb
-setAttr-Cert 1		: set-addPolicy
-
-setAttr-TokenType 1	: setAttr-Token-EMV
-setAttr-TokenType 2	: setAttr-Token-B0Prime
-
-setAttr-IssCap 3	: setAttr-IssCap-CVM
-setAttr-IssCap 4	: setAttr-IssCap-T2
-setAttr-IssCap 5	: setAttr-IssCap-Sig
-
-setAttr-IssCap-CVM 1	: setAttr-GenCryptgrm	: generate cryptogram
-setAttr-IssCap-T2 1	: setAttr-T2Enc		: encrypted track 2
-setAttr-IssCap-T2 2	: setAttr-T2cleartxt	: cleartext track 2
-
-setAttr-IssCap-Sig 1	: setAttr-TokICCsig	: ICC or token signature
-setAttr-IssCap-Sig 2	: setAttr-SecDevSig	: secure device signature
-
-set-brand 1		: set-brand-IATA-ATA
-set-brand 30		: set-brand-Diners
-set-brand 34		: set-brand-AmericanExpress
-set-brand 35		: set-brand-JCB
-set-brand 4		: set-brand-Visa
-set-brand 5		: set-brand-MasterCard
-set-brand 6011		: set-brand-Novus
-
-rsadsi 3 10		: DES-CDMF		: des-cdmf
-rsadsi 1 1 6		: rsaOAEPEncryptionSET
-
-			: Oakley-EC2N-3		: ipsec3
-			: Oakley-EC2N-4		: ipsec4
-
-iso 0 10118 3 0 55	: whirlpool
-
-# GOST OIDs
-
-member-body 643 2 2	: cryptopro
-member-body 643 2 9	: cryptocom
-
-cryptopro 3		: id-GostR3411-94-with-GostR3410-2001 : GOST R 34.11-94 with GOST R 34.10-2001
-cryptopro 4		: id-GostR3411-94-with-GostR3410-94 : GOST R 34.11-94 with GOST R 34.10-94
-!Cname id-GostR3411-94
-cryptopro 9		: md_gost94		: GOST R 34.11-94
-cryptopro 10		: id-HMACGostR3411-94	: HMAC GOST 34.11-94
-!Cname id-GostR3410-2001
-cryptopro 19		: gost2001	: GOST R 34.10-2001
-!Cname id-GostR3410-94
-cryptopro 20		: gost94	: GOST R 34.10-94
-!Cname id-Gost28147-89
-cryptopro 21		: gost89 		: GOST 28147-89
-			: gost89-cnt
-!Cname id-Gost28147-89-MAC
-cryptopro 22		: gost-mac	: GOST 28147-89 MAC
-!Cname id-GostR3411-94-prf
-cryptopro 23		: prf-gostr3411-94	: GOST R 34.11-94 PRF
-cryptopro 98		: id-GostR3410-2001DH	: GOST R 34.10-2001 DH
-cryptopro 99		: id-GostR3410-94DH	: GOST R 34.10-94 DH
-
-cryptopro 14 1		: id-Gost28147-89-CryptoPro-KeyMeshing
-cryptopro 14 0		: id-Gost28147-89-None-KeyMeshing
-
-# GOST parameter set OIDs
-
-cryptopro 30 0		: id-GostR3411-94-TestParamSet
-cryptopro 30 1		: id-GostR3411-94-CryptoProParamSet
-
-cryptopro 31 0		: id-Gost28147-89-TestParamSet
-cryptopro 31 1		: id-Gost28147-89-CryptoPro-A-ParamSet
-cryptopro 31 2		: id-Gost28147-89-CryptoPro-B-ParamSet
-cryptopro 31 3		: id-Gost28147-89-CryptoPro-C-ParamSet
-cryptopro 31 4		: id-Gost28147-89-CryptoPro-D-ParamSet
-cryptopro 31 5		: id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet
-cryptopro 31 6		: id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet
-cryptopro 31 7		: id-Gost28147-89-CryptoPro-RIC-1-ParamSet
-
-cryptopro 32 0		: id-GostR3410-94-TestParamSet
-cryptopro 32 2		: id-GostR3410-94-CryptoPro-A-ParamSet
-cryptopro 32 3		: id-GostR3410-94-CryptoPro-B-ParamSet
-cryptopro 32 4		: id-GostR3410-94-CryptoPro-C-ParamSet
-cryptopro 32 5		: id-GostR3410-94-CryptoPro-D-ParamSet
-
-cryptopro 33 1		: id-GostR3410-94-CryptoPro-XchA-ParamSet
-cryptopro 33 2		: id-GostR3410-94-CryptoPro-XchB-ParamSet
-cryptopro 33 3		: id-GostR3410-94-CryptoPro-XchC-ParamSet
-
-cryptopro 35 0		: id-GostR3410-2001-TestParamSet
-cryptopro 35 1		: id-GostR3410-2001-CryptoPro-A-ParamSet
-cryptopro 35 2		: id-GostR3410-2001-CryptoPro-B-ParamSet
-cryptopro 35 3		: id-GostR3410-2001-CryptoPro-C-ParamSet
-
-cryptopro 36 0		: id-GostR3410-2001-CryptoPro-XchA-ParamSet
-cryptopro 36 1		: id-GostR3410-2001-CryptoPro-XchB-ParamSet
-
-id-GostR3410-94 1	: id-GostR3410-94-a
-id-GostR3410-94 2	: id-GostR3410-94-aBis
-id-GostR3410-94 3	: id-GostR3410-94-b
-id-GostR3410-94 4	: id-GostR3410-94-bBis
-
-# Cryptocom LTD GOST OIDs
-
-cryptocom 1 6 1		: id-Gost28147-89-cc	: GOST 28147-89 Cryptocom ParamSet
-!Cname id-GostR3410-94-cc
-cryptocom 1 5 3		: gost94cc	: GOST 34.10-94 Cryptocom
-!Cname id-GostR3410-2001-cc
-cryptocom 1 5 4		: gost2001cc	: GOST 34.10-2001 Cryptocom
-
-cryptocom 1 3 3		: id-GostR3411-94-with-GostR3410-94-cc : GOST R 34.11-94 with GOST R 34.10-94 Cryptocom
-cryptocom 1 3 4		: id-GostR3411-94-with-GostR3410-2001-cc : GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom
-
-cryptocom 1 8 1		: id-GostR3410-2001-ParamSet-cc : GOST R 3410-2001 Parameter Set Cryptocom
-
-# Definitions for Camellia cipher - CBC MODE
-
-1 2 392 200011 61 1 1 1 2 : CAMELLIA-128-CBC		: camellia-128-cbc
-1 2 392 200011 61 1 1 1 3 : CAMELLIA-192-CBC		: camellia-192-cbc
-1 2 392 200011 61 1 1 1 4 : CAMELLIA-256-CBC		: camellia-256-cbc
-1 2 392 200011 61 1 1 3 2 : id-camellia128-wrap
-1 2 392 200011 61 1 1 3 3 : id-camellia192-wrap
-1 2 392 200011 61 1 1 3 4 : id-camellia256-wrap
-
-# Definitions for Camellia cipher - ECB, CFB, OFB MODE
-
-!Alias ntt-ds 0 3 4401 5
-!Alias camellia ntt-ds 3 1 9 
-
-camellia 1		: CAMELLIA-128-ECB		: camellia-128-ecb
-!Cname camellia-128-ofb128
-camellia 3		: CAMELLIA-128-OFB		: camellia-128-ofb
-!Cname camellia-128-cfb128
-camellia 4		: CAMELLIA-128-CFB		: camellia-128-cfb
-
-camellia 21		: CAMELLIA-192-ECB		: camellia-192-ecb
-!Cname camellia-192-ofb128
-camellia 23		: CAMELLIA-192-OFB		: camellia-192-ofb
-!Cname camellia-192-cfb128
-camellia 24		: CAMELLIA-192-CFB		: camellia-192-cfb
-
-camellia 41		: CAMELLIA-256-ECB		: camellia-256-ecb
-!Cname camellia-256-ofb128
-camellia 43		: CAMELLIA-256-OFB		: camellia-256-ofb
-!Cname camellia-256-cfb128
-camellia 44		: CAMELLIA-256-CFB		: camellia-256-cfb
-
-# There are no OIDs for these modes...
-
-			: CAMELLIA-128-CFB1		: camellia-128-cfb1
-			: CAMELLIA-192-CFB1		: camellia-192-cfb1
-			: CAMELLIA-256-CFB1		: camellia-256-cfb1
-			: CAMELLIA-128-CFB8		: camellia-128-cfb8
-			: CAMELLIA-192-CFB8		: camellia-192-cfb8
-			: CAMELLIA-256-CFB8		: camellia-256-cfb8
-
-# Definitions for SEED cipher - ECB, CBC, OFB mode
-
-member-body 410 200004  : KISA          : kisa
-kisa 1 3                : SEED-ECB      : seed-ecb
-kisa 1 4                : SEED-CBC      : seed-cbc
-!Cname seed-cfb128
-kisa 1 5                : SEED-CFB      : seed-cfb
-!Cname seed-ofb128
-kisa 1 6                : SEED-OFB      : seed-ofb
-
-# There is no OID that just denotes "HMAC" oddly enough...
-
-			: HMAC				: hmac
-# Nor CMAC either
-			: CMAC				: cmac
-
-# Synthetic composite ciphersuites
-			: RC4-HMAC-MD5			: rc4-hmac-md5
-			: AES-128-CBC-HMAC-SHA1		: aes-128-cbc-hmac-sha1
-			: AES-192-CBC-HMAC-SHA1		: aes-192-cbc-hmac-sha1
-			: AES-256-CBC-HMAC-SHA1		: aes-256-cbc-hmac-sha1
-			: AES-128-CBC-HMAC-SHA256	: aes-128-cbc-hmac-sha256
-			: AES-192-CBC-HMAC-SHA256	: aes-192-cbc-hmac-sha256
-			: AES-256-CBC-HMAC-SHA256	: aes-256-cbc-hmac-sha256
-
-ISO-US 10046 2 1	: dhpublicnumber		: X9.42 DH
-
-# RFC 5639 curve OIDs (see http://www.ietf.org/rfc/rfc5639.txt)
-# versionOne OBJECT IDENTIFIER ::= {
-# iso(1) identifified-organization(3) teletrust(36) algorithm(3)
-# signature-algorithm(3) ecSign(2) ecStdCurvesAndGeneration(8)
-# ellipticCurve(1) 1 }
-1 3 36 3 3 2 8 1 1 1 : brainpoolP160r1
-1 3 36 3 3 2 8 1 1 2 : brainpoolP160t1
-1 3 36 3 3 2 8 1 1 3 : brainpoolP192r1
-1 3 36 3 3 2 8 1 1 4 : brainpoolP192t1
-1 3 36 3 3 2 8 1 1 5 : brainpoolP224r1
-1 3 36 3 3 2 8 1 1 6 : brainpoolP224t1
-1 3 36 3 3 2 8 1 1 7 : brainpoolP256r1
-1 3 36 3 3 2 8 1 1 8 : brainpoolP256t1
-1 3 36 3 3 2 8 1 1 9 : brainpoolP320r1
-1 3 36 3 3 2 8 1 1 10 : brainpoolP320t1
-1 3 36 3 3 2 8 1 1 11 : brainpoolP384r1
-1 3 36 3 3 2 8 1 1 12 : brainpoolP384t1
-1 3 36 3 3 2 8 1 1 13 : brainpoolP512r1
-1 3 36 3 3 2 8 1 1 14 : brainpoolP512t1            
-
-# ECDH schemes from RFC5753
-!Alias x9-63-scheme 1 3 133 16 840 63 0
-!Alias secg-scheme certicom-arc 1
-
-x9-63-scheme 2   : dhSinglePass-stdDH-sha1kdf-scheme
-secg-scheme 11 0 : dhSinglePass-stdDH-sha224kdf-scheme
-secg-scheme 11 1 : dhSinglePass-stdDH-sha256kdf-scheme
-secg-scheme 11 2 : dhSinglePass-stdDH-sha384kdf-scheme
-secg-scheme 11 3 : dhSinglePass-stdDH-sha512kdf-scheme
-
-x9-63-scheme 3   : dhSinglePass-cofactorDH-sha1kdf-scheme
-secg-scheme 14 0 : dhSinglePass-cofactorDH-sha224kdf-scheme
-secg-scheme 14 1 : dhSinglePass-cofactorDH-sha256kdf-scheme
-secg-scheme 14 2 : dhSinglePass-cofactorDH-sha384kdf-scheme
-secg-scheme 14 3 : dhSinglePass-cofactorDH-sha512kdf-scheme
-# NIDs for use with lookup tables.
-                 : dh-std-kdf
-                 : dh-cofactor-kdf
-
-# RFC 6962 Extension OIDs (see http://www.ietf.org/rfc/rfc6962.txt)
-1 3 6 1 4 1 11129 2 4 2	: ct_precert_scts		: CT Precertificate SCTs
-1 3 6 1 4 1 11129 2 4 3	: ct_precert_poison		: CT Precertificate Poison
-1 3 6 1 4 1 11129 2 4 4	: ct_precert_signer		: CT Precertificate Signer
-1 3 6 1 4 1 11129 2 4 5	: ct_cert_scts			: CT Certificate SCTs
-
-# CABForum EV SSL Certificate Guidelines
-# (see https://cabforum.org/extended-validation/)
-# OIDs for Subject Jurisdiction of Incorporation or Registration
-1 3 6 1 4 1 311 60 2 1 1	: jurisdictionL		: jurisdictionLocalityName
-1 3 6 1 4 1 311 60 2 1 2	: jurisdictionST	: jurisdictionStateOrProvinceName
-1 3 6 1 4 1 311 60 2 1 3	: jurisdictionC		: jurisdictionCountryName
diff --git a/thirdparty/openssl/crypto/ocsp/ocsp_asn.c b/thirdparty/openssl/crypto/ocsp/ocsp_asn.c
deleted file mode 100644
index e2e52e77af..0000000000
--- a/thirdparty/openssl/crypto/ocsp/ocsp_asn.c
+++ /dev/null
@@ -1,183 +0,0 @@
-/* ocsp_asn.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/ocsp.h>
-
-ASN1_SEQUENCE(OCSP_SIGNATURE) = {
-        ASN1_SIMPLE(OCSP_SIGNATURE, signatureAlgorithm, X509_ALGOR),
-        ASN1_SIMPLE(OCSP_SIGNATURE, signature, ASN1_BIT_STRING),
-        ASN1_EXP_SEQUENCE_OF_OPT(OCSP_SIGNATURE, certs, X509, 0)
-} ASN1_SEQUENCE_END(OCSP_SIGNATURE)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_SIGNATURE)
-
-ASN1_SEQUENCE(OCSP_CERTID) = {
-        ASN1_SIMPLE(OCSP_CERTID, hashAlgorithm, X509_ALGOR),
-        ASN1_SIMPLE(OCSP_CERTID, issuerNameHash, ASN1_OCTET_STRING),
-        ASN1_SIMPLE(OCSP_CERTID, issuerKeyHash, ASN1_OCTET_STRING),
-        ASN1_SIMPLE(OCSP_CERTID, serialNumber, ASN1_INTEGER)
-} ASN1_SEQUENCE_END(OCSP_CERTID)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_CERTID)
-
-ASN1_SEQUENCE(OCSP_ONEREQ) = {
-        ASN1_SIMPLE(OCSP_ONEREQ, reqCert, OCSP_CERTID),
-        ASN1_EXP_SEQUENCE_OF_OPT(OCSP_ONEREQ, singleRequestExtensions, X509_EXTENSION, 0)
-} ASN1_SEQUENCE_END(OCSP_ONEREQ)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_ONEREQ)
-
-ASN1_SEQUENCE(OCSP_REQINFO) = {
-        ASN1_EXP_OPT(OCSP_REQINFO, version, ASN1_INTEGER, 0),
-        ASN1_EXP_OPT(OCSP_REQINFO, requestorName, GENERAL_NAME, 1),
-        ASN1_SEQUENCE_OF(OCSP_REQINFO, requestList, OCSP_ONEREQ),
-        ASN1_EXP_SEQUENCE_OF_OPT(OCSP_REQINFO, requestExtensions, X509_EXTENSION, 2)
-} ASN1_SEQUENCE_END(OCSP_REQINFO)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_REQINFO)
-
-ASN1_SEQUENCE(OCSP_REQUEST) = {
-        ASN1_SIMPLE(OCSP_REQUEST, tbsRequest, OCSP_REQINFO),
-        ASN1_EXP_OPT(OCSP_REQUEST, optionalSignature, OCSP_SIGNATURE, 0)
-} ASN1_SEQUENCE_END(OCSP_REQUEST)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_REQUEST)
-
-/* OCSP_RESPONSE templates */
-
-ASN1_SEQUENCE(OCSP_RESPBYTES) = {
-            ASN1_SIMPLE(OCSP_RESPBYTES, responseType, ASN1_OBJECT),
-            ASN1_SIMPLE(OCSP_RESPBYTES, response, ASN1_OCTET_STRING)
-} ASN1_SEQUENCE_END(OCSP_RESPBYTES)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPBYTES)
-
-ASN1_SEQUENCE(OCSP_RESPONSE) = {
-        ASN1_SIMPLE(OCSP_RESPONSE, responseStatus, ASN1_ENUMERATED),
-        ASN1_EXP_OPT(OCSP_RESPONSE, responseBytes, OCSP_RESPBYTES, 0)
-} ASN1_SEQUENCE_END(OCSP_RESPONSE)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPONSE)
-
-ASN1_CHOICE(OCSP_RESPID) = {
-           ASN1_EXP(OCSP_RESPID, value.byName, X509_NAME, 1),
-           ASN1_EXP(OCSP_RESPID, value.byKey, ASN1_OCTET_STRING, 2)
-} ASN1_CHOICE_END(OCSP_RESPID)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPID)
-
-ASN1_SEQUENCE(OCSP_REVOKEDINFO) = {
-        ASN1_SIMPLE(OCSP_REVOKEDINFO, revocationTime, ASN1_GENERALIZEDTIME),
-        ASN1_EXP_OPT(OCSP_REVOKEDINFO, revocationReason, ASN1_ENUMERATED, 0)
-} ASN1_SEQUENCE_END(OCSP_REVOKEDINFO)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_REVOKEDINFO)
-
-ASN1_CHOICE(OCSP_CERTSTATUS) = {
-        ASN1_IMP(OCSP_CERTSTATUS, value.good, ASN1_NULL, 0),
-        ASN1_IMP(OCSP_CERTSTATUS, value.revoked, OCSP_REVOKEDINFO, 1),
-        ASN1_IMP(OCSP_CERTSTATUS, value.unknown, ASN1_NULL, 2)
-} ASN1_CHOICE_END(OCSP_CERTSTATUS)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_CERTSTATUS)
-
-ASN1_SEQUENCE(OCSP_SINGLERESP) = {
-           ASN1_SIMPLE(OCSP_SINGLERESP, certId, OCSP_CERTID),
-           ASN1_SIMPLE(OCSP_SINGLERESP, certStatus, OCSP_CERTSTATUS),
-           ASN1_SIMPLE(OCSP_SINGLERESP, thisUpdate, ASN1_GENERALIZEDTIME),
-           ASN1_EXP_OPT(OCSP_SINGLERESP, nextUpdate, ASN1_GENERALIZEDTIME, 0),
-           ASN1_EXP_SEQUENCE_OF_OPT(OCSP_SINGLERESP, singleExtensions, X509_EXTENSION, 1)
-} ASN1_SEQUENCE_END(OCSP_SINGLERESP)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_SINGLERESP)
-
-ASN1_SEQUENCE(OCSP_RESPDATA) = {
-           ASN1_EXP_OPT(OCSP_RESPDATA, version, ASN1_INTEGER, 0),
-           ASN1_SIMPLE(OCSP_RESPDATA, responderId, OCSP_RESPID),
-           ASN1_SIMPLE(OCSP_RESPDATA, producedAt, ASN1_GENERALIZEDTIME),
-           ASN1_SEQUENCE_OF(OCSP_RESPDATA, responses, OCSP_SINGLERESP),
-           ASN1_EXP_SEQUENCE_OF_OPT(OCSP_RESPDATA, responseExtensions, X509_EXTENSION, 1)
-} ASN1_SEQUENCE_END(OCSP_RESPDATA)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPDATA)
-
-ASN1_SEQUENCE(OCSP_BASICRESP) = {
-           ASN1_SIMPLE(OCSP_BASICRESP, tbsResponseData, OCSP_RESPDATA),
-           ASN1_SIMPLE(OCSP_BASICRESP, signatureAlgorithm, X509_ALGOR),
-           ASN1_SIMPLE(OCSP_BASICRESP, signature, ASN1_BIT_STRING),
-           ASN1_EXP_SEQUENCE_OF_OPT(OCSP_BASICRESP, certs, X509, 0)
-} ASN1_SEQUENCE_END(OCSP_BASICRESP)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_BASICRESP)
-
-ASN1_SEQUENCE(OCSP_CRLID) = {
-           ASN1_EXP_OPT(OCSP_CRLID, crlUrl, ASN1_IA5STRING, 0),
-           ASN1_EXP_OPT(OCSP_CRLID, crlNum, ASN1_INTEGER, 1),
-           ASN1_EXP_OPT(OCSP_CRLID, crlTime, ASN1_GENERALIZEDTIME, 2)
-} ASN1_SEQUENCE_END(OCSP_CRLID)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_CRLID)
-
-ASN1_SEQUENCE(OCSP_SERVICELOC) = {
-        ASN1_SIMPLE(OCSP_SERVICELOC, issuer, X509_NAME),
-        ASN1_SEQUENCE_OF_OPT(OCSP_SERVICELOC, locator, ACCESS_DESCRIPTION)
-} ASN1_SEQUENCE_END(OCSP_SERVICELOC)
-
-IMPLEMENT_ASN1_FUNCTIONS(OCSP_SERVICELOC)
diff --git a/thirdparty/openssl/crypto/ocsp/ocsp_cl.c b/thirdparty/openssl/crypto/ocsp/ocsp_cl.c
deleted file mode 100644
index fca7db0b71..0000000000
--- a/thirdparty/openssl/crypto/ocsp/ocsp_cl.c
+++ /dev/null
@@ -1,385 +0,0 @@
-/* ocsp_cl.c */
-/*
- * Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
- * project.
- */
-
-/*
- * History: This file was transfered to Richard Levitte from CertCo by Kathy
- * Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
- * patch kit.
- */
-
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <time.h>
-#include <cryptlib.h>
-#include <openssl/objects.h>
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-#include <openssl/ocsp.h>
-
-/*
- * Utility functions related to sending OCSP requests and extracting relevant
- * information from the response.
- */
-
-/*
- * Add an OCSP_CERTID to an OCSP request. Return new OCSP_ONEREQ pointer:
- * useful if we want to add extensions.
- */
-
-OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid)
-{
-    OCSP_ONEREQ *one = NULL;
-
-    if (!(one = OCSP_ONEREQ_new()))
-        goto err;
-    if (one->reqCert)
-        OCSP_CERTID_free(one->reqCert);
-    one->reqCert = cid;
-    if (req && !sk_OCSP_ONEREQ_push(req->tbsRequest->requestList, one)) {
-        one->reqCert = NULL; /* do not free on error */
-        goto err;
-    }
-    return one;
- err:
-    OCSP_ONEREQ_free(one);
-    return NULL;
-}
-
-/* Set requestorName from an X509_NAME structure */
-
-int OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm)
-{
-    GENERAL_NAME *gen;
-    gen = GENERAL_NAME_new();
-    if (gen == NULL)
-        return 0;
-    if (!X509_NAME_set(&gen->d.directoryName, nm)) {
-        GENERAL_NAME_free(gen);
-        return 0;
-    }
-    gen->type = GEN_DIRNAME;
-    if (req->tbsRequest->requestorName)
-        GENERAL_NAME_free(req->tbsRequest->requestorName);
-    req->tbsRequest->requestorName = gen;
-    return 1;
-}
-
-/* Add a certificate to an OCSP request */
-
-int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert)
-{
-    OCSP_SIGNATURE *sig;
-    if (!req->optionalSignature)
-        req->optionalSignature = OCSP_SIGNATURE_new();
-    sig = req->optionalSignature;
-    if (!sig)
-        return 0;
-    if (!cert)
-        return 1;
-    if (!sig->certs && !(sig->certs = sk_X509_new_null()))
-        return 0;
-
-    if (!sk_X509_push(sig->certs, cert))
-        return 0;
-    CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
-    return 1;
-}
-
-/*
- * Sign an OCSP request set the requestorName to the subjec name of an
- * optional signers certificate and include one or more optional certificates
- * in the request. Behaves like PKCS7_sign().
- */
-
-int OCSP_request_sign(OCSP_REQUEST *req,
-                      X509 *signer,
-                      EVP_PKEY *key,
-                      const EVP_MD *dgst,
-                      STACK_OF(X509) *certs, unsigned long flags)
-{
-    int i;
-    OCSP_SIGNATURE *sig;
-    X509 *x;
-
-    if (!OCSP_request_set1_name(req, X509_get_subject_name(signer)))
-        goto err;
-
-    if (!(req->optionalSignature = sig = OCSP_SIGNATURE_new()))
-        goto err;
-    if (key) {
-        if (!X509_check_private_key(signer, key)) {
-            OCSPerr(OCSP_F_OCSP_REQUEST_SIGN,
-                    OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
-            goto err;
-        }
-        if (!OCSP_REQUEST_sign(req, key, dgst))
-            goto err;
-    }
-
-    if (!(flags & OCSP_NOCERTS)) {
-        if (!OCSP_request_add1_cert(req, signer))
-            goto err;
-        for (i = 0; i < sk_X509_num(certs); i++) {
-            x = sk_X509_value(certs, i);
-            if (!OCSP_request_add1_cert(req, x))
-                goto err;
-        }
-    }
-
-    return 1;
- err:
-    OCSP_SIGNATURE_free(req->optionalSignature);
-    req->optionalSignature = NULL;
-    return 0;
-}
-
-/* Get response status */
-
-int OCSP_response_status(OCSP_RESPONSE *resp)
-{
-    return ASN1_ENUMERATED_get(resp->responseStatus);
-}
-
-/*
- * Extract basic response from OCSP_RESPONSE or NULL if no basic response
- * present.
- */
-
-OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp)
-{
-    OCSP_RESPBYTES *rb;
-    rb = resp->responseBytes;
-    if (!rb) {
-        OCSPerr(OCSP_F_OCSP_RESPONSE_GET1_BASIC, OCSP_R_NO_RESPONSE_DATA);
-        return NULL;
-    }
-    if (OBJ_obj2nid(rb->responseType) != NID_id_pkix_OCSP_basic) {
-        OCSPerr(OCSP_F_OCSP_RESPONSE_GET1_BASIC, OCSP_R_NOT_BASIC_RESPONSE);
-        return NULL;
-    }
-
-    return ASN1_item_unpack(rb->response, ASN1_ITEM_rptr(OCSP_BASICRESP));
-}
-
-/*
- * Return number of OCSP_SINGLERESP reponses present in a basic response.
- */
-
-int OCSP_resp_count(OCSP_BASICRESP *bs)
-{
-    if (!bs)
-        return -1;
-    return sk_OCSP_SINGLERESP_num(bs->tbsResponseData->responses);
-}
-
-/* Extract an OCSP_SINGLERESP response with a given index */
-
-OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx)
-{
-    if (!bs)
-        return NULL;
-    return sk_OCSP_SINGLERESP_value(bs->tbsResponseData->responses, idx);
-}
-
-/* Look single response matching a given certificate ID */
-
-int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last)
-{
-    int i;
-    STACK_OF(OCSP_SINGLERESP) *sresp;
-    OCSP_SINGLERESP *single;
-    if (!bs)
-        return -1;
-    if (last < 0)
-        last = 0;
-    else
-        last++;
-    sresp = bs->tbsResponseData->responses;
-    for (i = last; i < sk_OCSP_SINGLERESP_num(sresp); i++) {
-        single = sk_OCSP_SINGLERESP_value(sresp, i);
-        if (!OCSP_id_cmp(id, single->certId))
-            return i;
-    }
-    return -1;
-}
-
-/*
- * Extract status information from an OCSP_SINGLERESP structure. Note: the
- * revtime and reason values are only set if the certificate status is
- * revoked. Returns numerical value of status.
- */
-
-int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
-                            ASN1_GENERALIZEDTIME **revtime,
-                            ASN1_GENERALIZEDTIME **thisupd,
-                            ASN1_GENERALIZEDTIME **nextupd)
-{
-    int ret;
-    OCSP_CERTSTATUS *cst;
-    if (!single)
-        return -1;
-    cst = single->certStatus;
-    ret = cst->type;
-    if (ret == V_OCSP_CERTSTATUS_REVOKED) {
-        OCSP_REVOKEDINFO *rev = cst->value.revoked;
-        if (revtime)
-            *revtime = rev->revocationTime;
-        if (reason) {
-            if (rev->revocationReason)
-                *reason = ASN1_ENUMERATED_get(rev->revocationReason);
-            else
-                *reason = -1;
-        }
-    }
-    if (thisupd)
-        *thisupd = single->thisUpdate;
-    if (nextupd)
-        *nextupd = single->nextUpdate;
-    return ret;
-}
-
-/*
- * This function combines the previous ones: look up a certificate ID and if
- * found extract status information. Return 0 is successful.
- */
-
-int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
-                          int *reason,
-                          ASN1_GENERALIZEDTIME **revtime,
-                          ASN1_GENERALIZEDTIME **thisupd,
-                          ASN1_GENERALIZEDTIME **nextupd)
-{
-    int i;
-    OCSP_SINGLERESP *single;
-    i = OCSP_resp_find(bs, id, -1);
-    /* Maybe check for multiple responses and give an error? */
-    if (i < 0)
-        return 0;
-    single = OCSP_resp_get0(bs, i);
-    i = OCSP_single_get0_status(single, reason, revtime, thisupd, nextupd);
-    if (status)
-        *status = i;
-    return 1;
-}
-
-/*
- * Check validity of thisUpdate and nextUpdate fields. It is possible that
- * the request will take a few seconds to process and/or the time wont be
- * totally accurate. Therefore to avoid rejecting otherwise valid time we
- * allow the times to be within 'nsec' of the current time. Also to avoid
- * accepting very old responses without a nextUpdate field an optional maxage
- * parameter specifies the maximum age the thisUpdate field can be.
- */
-
-int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
-                        ASN1_GENERALIZEDTIME *nextupd, long nsec, long maxsec)
-{
-    int ret = 1;
-    time_t t_now, t_tmp;
-    time(&t_now);
-    /* Check thisUpdate is valid and not more than nsec in the future */
-    if (!ASN1_GENERALIZEDTIME_check(thisupd)) {
-        OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY, OCSP_R_ERROR_IN_THISUPDATE_FIELD);
-        ret = 0;
-    } else {
-        t_tmp = t_now + nsec;
-        if (X509_cmp_time(thisupd, &t_tmp) > 0) {
-            OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY, OCSP_R_STATUS_NOT_YET_VALID);
-            ret = 0;
-        }
-
-        /*
-         * If maxsec specified check thisUpdate is not more than maxsec in
-         * the past
-         */
-        if (maxsec >= 0) {
-            t_tmp = t_now - maxsec;
-            if (X509_cmp_time(thisupd, &t_tmp) < 0) {
-                OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY, OCSP_R_STATUS_TOO_OLD);
-                ret = 0;
-            }
-        }
-    }
-
-    if (!nextupd)
-        return ret;
-
-    /* Check nextUpdate is valid and not more than nsec in the past */
-    if (!ASN1_GENERALIZEDTIME_check(nextupd)) {
-        OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY, OCSP_R_ERROR_IN_NEXTUPDATE_FIELD);
-        ret = 0;
-    } else {
-        t_tmp = t_now - nsec;
-        if (X509_cmp_time(nextupd, &t_tmp) < 0) {
-            OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY, OCSP_R_STATUS_EXPIRED);
-            ret = 0;
-        }
-    }
-
-    /* Also don't allow nextUpdate to precede thisUpdate */
-    if (ASN1_STRING_cmp(nextupd, thisupd) < 0) {
-        OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY,
-                OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE);
-        ret = 0;
-    }
-
-    return ret;
-}
diff --git a/thirdparty/openssl/crypto/ocsp/ocsp_err.c b/thirdparty/openssl/crypto/ocsp/ocsp_err.c
deleted file mode 100644
index 722043c0f2..0000000000
--- a/thirdparty/openssl/crypto/ocsp/ocsp_err.c
+++ /dev/null
@@ -1,149 +0,0 @@
-/* crypto/ocsp/ocsp_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/ocsp.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_OCSP,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_OCSP,0,reason)
-
-static ERR_STRING_DATA OCSP_str_functs[] = {
-    {ERR_FUNC(OCSP_F_ASN1_STRING_ENCODE), "ASN1_STRING_encode"},
-    {ERR_FUNC(OCSP_F_D2I_OCSP_NONCE), "D2I_OCSP_NONCE"},
-    {ERR_FUNC(OCSP_F_OCSP_BASIC_ADD1_STATUS), "OCSP_basic_add1_status"},
-    {ERR_FUNC(OCSP_F_OCSP_BASIC_SIGN), "OCSP_basic_sign"},
-    {ERR_FUNC(OCSP_F_OCSP_BASIC_VERIFY), "OCSP_basic_verify"},
-    {ERR_FUNC(OCSP_F_OCSP_CERT_ID_NEW), "OCSP_cert_id_new"},
-    {ERR_FUNC(OCSP_F_OCSP_CHECK_DELEGATED), "OCSP_CHECK_DELEGATED"},
-    {ERR_FUNC(OCSP_F_OCSP_CHECK_IDS), "OCSP_CHECK_IDS"},
-    {ERR_FUNC(OCSP_F_OCSP_CHECK_ISSUER), "OCSP_CHECK_ISSUER"},
-    {ERR_FUNC(OCSP_F_OCSP_CHECK_VALIDITY), "OCSP_check_validity"},
-    {ERR_FUNC(OCSP_F_OCSP_MATCH_ISSUERID), "OCSP_MATCH_ISSUERID"},
-    {ERR_FUNC(OCSP_F_OCSP_PARSE_URL), "OCSP_parse_url"},
-    {ERR_FUNC(OCSP_F_OCSP_REQUEST_SIGN), "OCSP_request_sign"},
-    {ERR_FUNC(OCSP_F_OCSP_REQUEST_VERIFY), "OCSP_request_verify"},
-    {ERR_FUNC(OCSP_F_OCSP_RESPONSE_GET1_BASIC), "OCSP_response_get1_basic"},
-    {ERR_FUNC(OCSP_F_OCSP_SENDREQ_BIO), "OCSP_sendreq_bio"},
-    {ERR_FUNC(OCSP_F_OCSP_SENDREQ_NBIO), "OCSP_sendreq_nbio"},
-    {ERR_FUNC(OCSP_F_PARSE_HTTP_LINE1), "PARSE_HTTP_LINE1"},
-    {ERR_FUNC(OCSP_F_REQUEST_VERIFY), "REQUEST_VERIFY"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA OCSP_str_reasons[] = {
-    {ERR_REASON(OCSP_R_BAD_DATA), "bad data"},
-    {ERR_REASON(OCSP_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"},
-    {ERR_REASON(OCSP_R_DIGEST_ERR), "digest err"},
-    {ERR_REASON(OCSP_R_ERROR_IN_NEXTUPDATE_FIELD),
-     "error in nextupdate field"},
-    {ERR_REASON(OCSP_R_ERROR_IN_THISUPDATE_FIELD),
-     "error in thisupdate field"},
-    {ERR_REASON(OCSP_R_ERROR_PARSING_URL), "error parsing url"},
-    {ERR_REASON(OCSP_R_MISSING_OCSPSIGNING_USAGE),
-     "missing ocspsigning usage"},
-    {ERR_REASON(OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE),
-     "nextupdate before thisupdate"},
-    {ERR_REASON(OCSP_R_NOT_BASIC_RESPONSE), "not basic response"},
-    {ERR_REASON(OCSP_R_NO_CERTIFICATES_IN_CHAIN), "no certificates in chain"},
-    {ERR_REASON(OCSP_R_NO_CONTENT), "no content"},
-    {ERR_REASON(OCSP_R_NO_PUBLIC_KEY), "no public key"},
-    {ERR_REASON(OCSP_R_NO_RESPONSE_DATA), "no response data"},
-    {ERR_REASON(OCSP_R_NO_REVOKED_TIME), "no revoked time"},
-    {ERR_REASON(OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),
-     "private key does not match certificate"},
-    {ERR_REASON(OCSP_R_REQUEST_NOT_SIGNED), "request not signed"},
-    {ERR_REASON(OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA),
-     "response contains no revocation data"},
-    {ERR_REASON(OCSP_R_ROOT_CA_NOT_TRUSTED), "root ca not trusted"},
-    {ERR_REASON(OCSP_R_SERVER_READ_ERROR), "server read error"},
-    {ERR_REASON(OCSP_R_SERVER_RESPONSE_ERROR), "server response error"},
-    {ERR_REASON(OCSP_R_SERVER_RESPONSE_PARSE_ERROR),
-     "server response parse error"},
-    {ERR_REASON(OCSP_R_SERVER_WRITE_ERROR), "server write error"},
-    {ERR_REASON(OCSP_R_SIGNATURE_FAILURE), "signature failure"},
-    {ERR_REASON(OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND),
-     "signer certificate not found"},
-    {ERR_REASON(OCSP_R_STATUS_EXPIRED), "status expired"},
-    {ERR_REASON(OCSP_R_STATUS_NOT_YET_VALID), "status not yet valid"},
-    {ERR_REASON(OCSP_R_STATUS_TOO_OLD), "status too old"},
-    {ERR_REASON(OCSP_R_UNKNOWN_MESSAGE_DIGEST), "unknown message digest"},
-    {ERR_REASON(OCSP_R_UNKNOWN_NID), "unknown nid"},
-    {ERR_REASON(OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE),
-     "unsupported requestorname type"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_OCSP_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(OCSP_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, OCSP_str_functs);
-        ERR_load_strings(0, OCSP_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/ocsp/ocsp_ext.c b/thirdparty/openssl/crypto/ocsp/ocsp_ext.c
deleted file mode 100644
index 55af31b573..0000000000
--- a/thirdparty/openssl/crypto/ocsp/ocsp_ext.c
+++ /dev/null
@@ -1,566 +0,0 @@
-/* ocsp_ext.c */
-/*
- * Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
- * project.
- */
-
-/*
- * History: This file was transfered to Richard Levitte from CertCo by Kathy
- * Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
- * patch kit.
- */
-
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <cryptlib.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/ocsp.h>
-#include <openssl/rand.h>
-#include <openssl/x509v3.h>
-
-/* Standard wrapper functions for extensions */
-
-/* OCSP request extensions */
-
-int OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x)
-{
-    return (X509v3_get_ext_count(x->tbsRequest->requestExtensions));
-}
-
-int OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos)
-{
-    return (X509v3_get_ext_by_NID
-            (x->tbsRequest->requestExtensions, nid, lastpos));
-}
-
-int OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, ASN1_OBJECT *obj,
-                                int lastpos)
-{
-    return (X509v3_get_ext_by_OBJ
-            (x->tbsRequest->requestExtensions, obj, lastpos));
-}
-
-int OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST *x, int crit, int lastpos)
-{
-    return (X509v3_get_ext_by_critical
-            (x->tbsRequest->requestExtensions, crit, lastpos));
-}
-
-X509_EXTENSION *OCSP_REQUEST_get_ext(OCSP_REQUEST *x, int loc)
-{
-    return (X509v3_get_ext(x->tbsRequest->requestExtensions, loc));
-}
-
-X509_EXTENSION *OCSP_REQUEST_delete_ext(OCSP_REQUEST *x, int loc)
-{
-    return (X509v3_delete_ext(x->tbsRequest->requestExtensions, loc));
-}
-
-void *OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit, int *idx)
-{
-    return X509V3_get_d2i(x->tbsRequest->requestExtensions, nid, crit, idx);
-}
-
-int OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST *x, int nid, void *value, int crit,
-                              unsigned long flags)
-{
-    return X509V3_add1_i2d(&x->tbsRequest->requestExtensions, nid, value,
-                           crit, flags);
-}
-
-int OCSP_REQUEST_add_ext(OCSP_REQUEST *x, X509_EXTENSION *ex, int loc)
-{
-    return (X509v3_add_ext(&(x->tbsRequest->requestExtensions), ex, loc) !=
-            NULL);
-}
-
-/* Single extensions */
-
-int OCSP_ONEREQ_get_ext_count(OCSP_ONEREQ *x)
-{
-    return (X509v3_get_ext_count(x->singleRequestExtensions));
-}
-
-int OCSP_ONEREQ_get_ext_by_NID(OCSP_ONEREQ *x, int nid, int lastpos)
-{
-    return (X509v3_get_ext_by_NID(x->singleRequestExtensions, nid, lastpos));
-}
-
-int OCSP_ONEREQ_get_ext_by_OBJ(OCSP_ONEREQ *x, ASN1_OBJECT *obj, int lastpos)
-{
-    return (X509v3_get_ext_by_OBJ(x->singleRequestExtensions, obj, lastpos));
-}
-
-int OCSP_ONEREQ_get_ext_by_critical(OCSP_ONEREQ *x, int crit, int lastpos)
-{
-    return (X509v3_get_ext_by_critical
-            (x->singleRequestExtensions, crit, lastpos));
-}
-
-X509_EXTENSION *OCSP_ONEREQ_get_ext(OCSP_ONEREQ *x, int loc)
-{
-    return (X509v3_get_ext(x->singleRequestExtensions, loc));
-}
-
-X509_EXTENSION *OCSP_ONEREQ_delete_ext(OCSP_ONEREQ *x, int loc)
-{
-    return (X509v3_delete_ext(x->singleRequestExtensions, loc));
-}
-
-void *OCSP_ONEREQ_get1_ext_d2i(OCSP_ONEREQ *x, int nid, int *crit, int *idx)
-{
-    return X509V3_get_d2i(x->singleRequestExtensions, nid, crit, idx);
-}
-
-int OCSP_ONEREQ_add1_ext_i2d(OCSP_ONEREQ *x, int nid, void *value, int crit,
-                             unsigned long flags)
-{
-    return X509V3_add1_i2d(&x->singleRequestExtensions, nid, value, crit,
-                           flags);
-}
-
-int OCSP_ONEREQ_add_ext(OCSP_ONEREQ *x, X509_EXTENSION *ex, int loc)
-{
-    return (X509v3_add_ext(&(x->singleRequestExtensions), ex, loc) != NULL);
-}
-
-/* OCSP Basic response */
-
-int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *x)
-{
-    return (X509v3_get_ext_count(x->tbsResponseData->responseExtensions));
-}
-
-int OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP *x, int nid, int lastpos)
-{
-    return (X509v3_get_ext_by_NID
-            (x->tbsResponseData->responseExtensions, nid, lastpos));
-}
-
-int OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, ASN1_OBJECT *obj,
-                                  int lastpos)
-{
-    return (X509v3_get_ext_by_OBJ
-            (x->tbsResponseData->responseExtensions, obj, lastpos));
-}
-
-int OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit,
-                                       int lastpos)
-{
-    return (X509v3_get_ext_by_critical
-            (x->tbsResponseData->responseExtensions, crit, lastpos));
-}
-
-X509_EXTENSION *OCSP_BASICRESP_get_ext(OCSP_BASICRESP *x, int loc)
-{
-    return (X509v3_get_ext(x->tbsResponseData->responseExtensions, loc));
-}
-
-X509_EXTENSION *OCSP_BASICRESP_delete_ext(OCSP_BASICRESP *x, int loc)
-{
-    return (X509v3_delete_ext(x->tbsResponseData->responseExtensions, loc));
-}
-
-void *OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit,
-                                  int *idx)
-{
-    return X509V3_get_d2i(x->tbsResponseData->responseExtensions, nid, crit,
-                          idx);
-}
-
-int OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value,
-                                int crit, unsigned long flags)
-{
-    return X509V3_add1_i2d(&x->tbsResponseData->responseExtensions, nid,
-                           value, crit, flags);
-}
-
-int OCSP_BASICRESP_add_ext(OCSP_BASICRESP *x, X509_EXTENSION *ex, int loc)
-{
-    return (X509v3_add_ext(&(x->tbsResponseData->responseExtensions), ex, loc)
-            != NULL);
-}
-
-/* OCSP single response extensions */
-
-int OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *x)
-{
-    return (X509v3_get_ext_count(x->singleExtensions));
-}
-
-int OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP *x, int nid, int lastpos)
-{
-    return (X509v3_get_ext_by_NID(x->singleExtensions, nid, lastpos));
-}
-
-int OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, ASN1_OBJECT *obj,
-                                   int lastpos)
-{
-    return (X509v3_get_ext_by_OBJ(x->singleExtensions, obj, lastpos));
-}
-
-int OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit,
-                                        int lastpos)
-{
-    return (X509v3_get_ext_by_critical(x->singleExtensions, crit, lastpos));
-}
-
-X509_EXTENSION *OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *x, int loc)
-{
-    return (X509v3_get_ext(x->singleExtensions, loc));
-}
-
-X509_EXTENSION *OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP *x, int loc)
-{
-    return (X509v3_delete_ext(x->singleExtensions, loc));
-}
-
-void *OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit,
-                                   int *idx)
-{
-    return X509V3_get_d2i(x->singleExtensions, nid, crit, idx);
-}
-
-int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value,
-                                 int crit, unsigned long flags)
-{
-    return X509V3_add1_i2d(&x->singleExtensions, nid, value, crit, flags);
-}
-
-int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc)
-{
-    return (X509v3_add_ext(&(x->singleExtensions), ex, loc) != NULL);
-}
-
-/* also CRL Entry Extensions */
-#if 0
-ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d,
-                                void *data, STACK_OF(ASN1_OBJECT) *sk)
-{
-    int i;
-    unsigned char *p, *b = NULL;
-
-    if (data) {
-        if ((i = i2d(data, NULL)) <= 0)
-            goto err;
-        if (!(b = p = OPENSSL_malloc((unsigned int)i)))
-            goto err;
-        if (i2d(data, &p) <= 0)
-            goto err;
-    } else if (sk) {
-        if ((i = i2d_ASN1_SET_OF_ASN1_OBJECT(sk, NULL,
-                                             (I2D_OF(ASN1_OBJECT)) i2d,
-                                             V_ASN1_SEQUENCE,
-                                             V_ASN1_UNIVERSAL,
-                                             IS_SEQUENCE)) <= 0)
-             goto err;
-        if (!(b = p = OPENSSL_malloc((unsigned int)i)))
-            goto err;
-        if (i2d_ASN1_SET_OF_ASN1_OBJECT(sk, &p, (I2D_OF(ASN1_OBJECT)) i2d,
-                                        V_ASN1_SEQUENCE,
-                                        V_ASN1_UNIVERSAL, IS_SEQUENCE) <= 0)
-             goto err;
-    } else {
-        OCSPerr(OCSP_F_ASN1_STRING_ENCODE, OCSP_R_BAD_DATA);
-        goto err;
-    }
-    if (!s && !(s = ASN1_STRING_new()))
-        goto err;
-    if (!(ASN1_STRING_set(s, b, i)))
-        goto err;
-    OPENSSL_free(b);
-    return s;
- err:
-    if (b)
-        OPENSSL_free(b);
-    return NULL;
-}
-#endif
-
-/* Nonce handling functions */
-
-/*
- * Add a nonce to an extension stack. A nonce can be specificed or if NULL a
- * random nonce will be generated. Note: OpenSSL 0.9.7d and later create an
- * OCTET STRING containing the nonce, previous versions used the raw nonce.
- */
-
-static int ocsp_add1_nonce(STACK_OF(X509_EXTENSION) **exts,
-                           unsigned char *val, int len)
-{
-    unsigned char *tmpval;
-    ASN1_OCTET_STRING os;
-    int ret = 0;
-    if (len <= 0)
-        len = OCSP_DEFAULT_NONCE_LENGTH;
-    /*
-     * Create the OCTET STRING manually by writing out the header and
-     * appending the content octets. This avoids an extra memory allocation
-     * operation in some cases. Applications should *NOT* do this because it
-     * relies on library internals.
-     */
-    os.length = ASN1_object_size(0, len, V_ASN1_OCTET_STRING);
-    os.data = OPENSSL_malloc(os.length);
-    if (os.data == NULL)
-        goto err;
-    tmpval = os.data;
-    ASN1_put_object(&tmpval, 0, len, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL);
-    if (val)
-        memcpy(tmpval, val, len);
-    else if (RAND_bytes(tmpval, len) <= 0)
-        goto err;
-    if (!X509V3_add1_i2d(exts, NID_id_pkix_OCSP_Nonce,
-                         &os, 0, X509V3_ADD_REPLACE))
-        goto err;
-    ret = 1;
- err:
-    if (os.data)
-        OPENSSL_free(os.data);
-    return ret;
-}
-
-/* Add nonce to an OCSP request */
-
-int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len)
-{
-    return ocsp_add1_nonce(&req->tbsRequest->requestExtensions, val, len);
-}
-
-/* Same as above but for a response */
-
-int OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len)
-{
-    return ocsp_add1_nonce(&resp->tbsResponseData->responseExtensions, val,
-                           len);
-}
-
-/*-
- * Check nonce validity in a request and response.
- * Return value reflects result:
- *  1: nonces present and equal.
- *  2: nonces both absent.
- *  3: nonce present in response only.
- *  0: nonces both present and not equal.
- * -1: nonce in request only.
- *
- *  For most responders clients can check return > 0.
- *  If responder doesn't handle nonces return != 0 may be
- *  necessary. return == 0 is always an error.
- */
-
-int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs)
-{
-    /*
-     * Since we are only interested in the presence or absence of
-     * the nonce and comparing its value there is no need to use
-     * the X509V3 routines: this way we can avoid them allocating an
-     * ASN1_OCTET_STRING structure for the value which would be
-     * freed immediately anyway.
-     */
-
-    int req_idx, resp_idx;
-    X509_EXTENSION *req_ext, *resp_ext;
-    req_idx = OCSP_REQUEST_get_ext_by_NID(req, NID_id_pkix_OCSP_Nonce, -1);
-    resp_idx = OCSP_BASICRESP_get_ext_by_NID(bs, NID_id_pkix_OCSP_Nonce, -1);
-    /* Check both absent */
-    if ((req_idx < 0) && (resp_idx < 0))
-        return 2;
-    /* Check in request only */
-    if ((req_idx >= 0) && (resp_idx < 0))
-        return -1;
-    /* Check in response but not request */
-    if ((req_idx < 0) && (resp_idx >= 0))
-        return 3;
-    /*
-     * Otherwise nonce in request and response so retrieve the extensions
-     */
-    req_ext = OCSP_REQUEST_get_ext(req, req_idx);
-    resp_ext = OCSP_BASICRESP_get_ext(bs, resp_idx);
-    if (ASN1_OCTET_STRING_cmp(req_ext->value, resp_ext->value))
-        return 0;
-    return 1;
-}
-
-/*
- * Copy the nonce value (if any) from an OCSP request to a response.
- */
-
-int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req)
-{
-    X509_EXTENSION *req_ext;
-    int req_idx;
-    /* Check for nonce in request */
-    req_idx = OCSP_REQUEST_get_ext_by_NID(req, NID_id_pkix_OCSP_Nonce, -1);
-    /* If no nonce that's OK */
-    if (req_idx < 0)
-        return 2;
-    req_ext = OCSP_REQUEST_get_ext(req, req_idx);
-    return OCSP_BASICRESP_add_ext(resp, req_ext, -1);
-}
-
-X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim)
-{
-    X509_EXTENSION *x = NULL;
-    OCSP_CRLID *cid = NULL;
-
-    if (!(cid = OCSP_CRLID_new()))
-        goto err;
-    if (url) {
-        if (!(cid->crlUrl = ASN1_IA5STRING_new()))
-            goto err;
-        if (!(ASN1_STRING_set(cid->crlUrl, url, -1)))
-            goto err;
-    }
-    if (n) {
-        if (!(cid->crlNum = ASN1_INTEGER_new()))
-            goto err;
-        if (!(ASN1_INTEGER_set(cid->crlNum, *n)))
-            goto err;
-    }
-    if (tim) {
-        if (!(cid->crlTime = ASN1_GENERALIZEDTIME_new()))
-            goto err;
-        if (!(ASN1_GENERALIZEDTIME_set_string(cid->crlTime, tim)))
-            goto err;
-    }
-    x = X509V3_EXT_i2d(NID_id_pkix_OCSP_CrlID, 0, cid);
- err:
-    if (cid)
-        OCSP_CRLID_free(cid);
-    return x;
-}
-
-/*   AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER */
-X509_EXTENSION *OCSP_accept_responses_new(char **oids)
-{
-    int nid;
-    STACK_OF(ASN1_OBJECT) *sk = NULL;
-    ASN1_OBJECT *o = NULL;
-    X509_EXTENSION *x = NULL;
-
-    if (!(sk = sk_ASN1_OBJECT_new_null()))
-        goto err;
-    while (oids && *oids) {
-        if ((nid = OBJ_txt2nid(*oids)) != NID_undef && (o = OBJ_nid2obj(nid)))
-            sk_ASN1_OBJECT_push(sk, o);
-        oids++;
-    }
-    x = X509V3_EXT_i2d(NID_id_pkix_OCSP_acceptableResponses, 0, sk);
- err:
-    if (sk)
-        sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free);
-    return x;
-}
-
-/*  ArchiveCutoff ::= GeneralizedTime */
-X509_EXTENSION *OCSP_archive_cutoff_new(char *tim)
-{
-    X509_EXTENSION *x = NULL;
-    ASN1_GENERALIZEDTIME *gt = NULL;
-
-    if (!(gt = ASN1_GENERALIZEDTIME_new()))
-        goto err;
-    if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim)))
-        goto err;
-    x = X509V3_EXT_i2d(NID_id_pkix_OCSP_archiveCutoff, 0, gt);
- err:
-    if (gt)
-        ASN1_GENERALIZEDTIME_free(gt);
-    return x;
-}
-
-/*
- * per ACCESS_DESCRIPTION parameter are oids, of which there are currently
- * two--NID_ad_ocsp, NID_id_ad_caIssuers--and GeneralName value.  This method
- * forces NID_ad_ocsp and uniformResourceLocator [6] IA5String.
- */
-X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME *issuer, char **urls)
-{
-    X509_EXTENSION *x = NULL;
-    ASN1_IA5STRING *ia5 = NULL;
-    OCSP_SERVICELOC *sloc = NULL;
-    ACCESS_DESCRIPTION *ad = NULL;
-
-    if (!(sloc = OCSP_SERVICELOC_new()))
-        goto err;
-    if (!(sloc->issuer = X509_NAME_dup(issuer)))
-        goto err;
-    if (urls && *urls && !(sloc->locator = sk_ACCESS_DESCRIPTION_new_null()))
-        goto err;
-    while (urls && *urls) {
-        if (!(ad = ACCESS_DESCRIPTION_new()))
-            goto err;
-        if (!(ad->method = OBJ_nid2obj(NID_ad_OCSP)))
-            goto err;
-        if (!(ad->location = GENERAL_NAME_new()))
-            goto err;
-        if (!(ia5 = ASN1_IA5STRING_new()))
-            goto err;
-        if (!ASN1_STRING_set((ASN1_STRING *)ia5, *urls, -1))
-            goto err;
-        ad->location->type = GEN_URI;
-        ad->location->d.ia5 = ia5;
-        if (!sk_ACCESS_DESCRIPTION_push(sloc->locator, ad))
-            goto err;
-        urls++;
-    }
-    x = X509V3_EXT_i2d(NID_id_pkix_OCSP_serviceLocator, 0, sloc);
- err:
-    if (sloc)
-        OCSP_SERVICELOC_free(sloc);
-    return x;
-}
diff --git a/thirdparty/openssl/crypto/ocsp/ocsp_ht.c b/thirdparty/openssl/crypto/ocsp/ocsp_ht.c
deleted file mode 100644
index 88b26b38e8..0000000000
--- a/thirdparty/openssl/crypto/ocsp/ocsp_ht.c
+++ /dev/null
@@ -1,555 +0,0 @@
-/* ocsp_ht.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <ctype.h>
-#include <string.h>
-#include "e_os.h"
-#include <openssl/asn1.h>
-#include <openssl/ocsp.h>
-#include <openssl/err.h>
-#include <openssl/buffer.h>
-#ifdef OPENSSL_SYS_SUNOS
-# define strtoul (unsigned long)strtol
-#endif                          /* OPENSSL_SYS_SUNOS */
-
-/* Stateful OCSP request code, supporting non-blocking I/O */
-
-/* Opaque OCSP request status structure */
-
-struct ocsp_req_ctx_st {
-    int state;                  /* Current I/O state */
-    unsigned char *iobuf;       /* Line buffer */
-    int iobuflen;               /* Line buffer length */
-    BIO *io;                    /* BIO to perform I/O with */
-    BIO *mem;                   /* Memory BIO response is built into */
-    unsigned long asn1_len;     /* ASN1 length of response */
-    unsigned long max_resp_len; /* Maximum length of response */
-};
-
-#define OCSP_MAX_RESP_LENGTH    (100 * 1024)
-#define OCSP_MAX_LINE_LEN       4096;
-
-/* OCSP states */
-
-/* If set no reading should be performed */
-#define OHS_NOREAD              0x1000
-/* Error condition */
-#define OHS_ERROR               (0 | OHS_NOREAD)
-/* First line being read */
-#define OHS_FIRSTLINE           1
-/* MIME headers being read */
-#define OHS_HEADERS             2
-/* OCSP initial header (tag + length) being read */
-#define OHS_ASN1_HEADER         3
-/* OCSP content octets being read */
-#define OHS_ASN1_CONTENT        4
-/* First call: ready to start I/O */
-#define OHS_ASN1_WRITE_INIT     (5 | OHS_NOREAD)
-/* Request being sent */
-#define OHS_ASN1_WRITE          (6 | OHS_NOREAD)
-/* Request being flushed */
-#define OHS_ASN1_FLUSH          (7 | OHS_NOREAD)
-/* Completed */
-#define OHS_DONE                (8 | OHS_NOREAD)
-/* Headers set, no final \r\n included */
-#define OHS_HTTP_HEADER         (9 | OHS_NOREAD)
-
-static int parse_http_line1(char *line);
-
-OCSP_REQ_CTX *OCSP_REQ_CTX_new(BIO *io, int maxline)
-{
-    OCSP_REQ_CTX *rctx;
-    rctx = OPENSSL_malloc(sizeof(OCSP_REQ_CTX));
-    if (!rctx)
-        return NULL;
-    rctx->state = OHS_ERROR;
-    rctx->max_resp_len = OCSP_MAX_RESP_LENGTH;
-    rctx->mem = BIO_new(BIO_s_mem());
-    rctx->io = io;
-    rctx->asn1_len = 0;
-    if (maxline > 0)
-        rctx->iobuflen = maxline;
-    else
-        rctx->iobuflen = OCSP_MAX_LINE_LEN;
-    rctx->iobuf = OPENSSL_malloc(rctx->iobuflen);
-    if (!rctx->iobuf || !rctx->mem) {
-        OCSP_REQ_CTX_free(rctx);
-        return NULL;
-    }
-    return rctx;
-}
-
-void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx)
-{
-    if (rctx->mem)
-        BIO_free(rctx->mem);
-    if (rctx->iobuf)
-        OPENSSL_free(rctx->iobuf);
-    OPENSSL_free(rctx);
-}
-
-BIO *OCSP_REQ_CTX_get0_mem_bio(OCSP_REQ_CTX *rctx)
-{
-    return rctx->mem;
-}
-
-void OCSP_set_max_response_length(OCSP_REQ_CTX *rctx, unsigned long len)
-{
-    if (len == 0)
-        rctx->max_resp_len = OCSP_MAX_RESP_LENGTH;
-    else
-        rctx->max_resp_len = len;
-}
-
-int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const ASN1_ITEM *it, ASN1_VALUE *val)
-{
-    static const char req_hdr[] =
-        "Content-Type: application/ocsp-request\r\n"
-        "Content-Length: %d\r\n\r\n";
-    int reqlen = ASN1_item_i2d(val, NULL, it);
-    if (BIO_printf(rctx->mem, req_hdr, reqlen) <= 0)
-        return 0;
-    if (ASN1_item_i2d_bio(it, rctx->mem, val) <= 0)
-        return 0;
-    rctx->state = OHS_ASN1_WRITE_INIT;
-    return 1;
-}
-
-int OCSP_REQ_CTX_nbio_d2i(OCSP_REQ_CTX *rctx,
-                          ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-    int rv, len;
-    const unsigned char *p;
-
-    rv = OCSP_REQ_CTX_nbio(rctx);
-    if (rv != 1)
-        return rv;
-
-    len = BIO_get_mem_data(rctx->mem, &p);
-    *pval = ASN1_item_d2i(NULL, &p, len, it);
-    if (*pval == NULL) {
-        rctx->state = OHS_ERROR;
-        return 0;
-    }
-    return 1;
-}
-
-int OCSP_REQ_CTX_http(OCSP_REQ_CTX *rctx, const char *op, const char *path)
-{
-    static const char http_hdr[] = "%s %s HTTP/1.0\r\n";
-
-    if (!path)
-        path = "/";
-
-    if (BIO_printf(rctx->mem, http_hdr, op, path) <= 0)
-        return 0;
-    rctx->state = OHS_HTTP_HEADER;
-    return 1;
-}
-
-int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req)
-{
-    return OCSP_REQ_CTX_i2d(rctx, ASN1_ITEM_rptr(OCSP_REQUEST),
-                            (ASN1_VALUE *)req);
-}
-
-int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
-                             const char *name, const char *value)
-{
-    if (!name)
-        return 0;
-    if (BIO_puts(rctx->mem, name) <= 0)
-        return 0;
-    if (value) {
-        if (BIO_write(rctx->mem, ": ", 2) != 2)
-            return 0;
-        if (BIO_puts(rctx->mem, value) <= 0)
-            return 0;
-    }
-    if (BIO_write(rctx->mem, "\r\n", 2) != 2)
-        return 0;
-    rctx->state = OHS_HTTP_HEADER;
-    return 1;
-}
-
-OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req,
-                               int maxline)
-{
-
-    OCSP_REQ_CTX *rctx = NULL;
-    rctx = OCSP_REQ_CTX_new(io, maxline);
-    if (!rctx)
-        return NULL;
-
-    if (!OCSP_REQ_CTX_http(rctx, "POST", path))
-        goto err;
-
-    if (req && !OCSP_REQ_CTX_set1_req(rctx, req))
-        goto err;
-
-    return rctx;
-
- err:
-    OCSP_REQ_CTX_free(rctx);
-    return NULL;
-}
-
-/*
- * Parse the HTTP response. This will look like this: "HTTP/1.0 200 OK". We
- * need to obtain the numeric code and (optional) informational message.
- */
-
-static int parse_http_line1(char *line)
-{
-    int retcode;
-    char *p, *q, *r;
-    /* Skip to first white space (passed protocol info) */
-
-    for (p = line; *p && !isspace((unsigned char)*p); p++)
-        continue;
-    if (!*p) {
-        OCSPerr(OCSP_F_PARSE_HTTP_LINE1, OCSP_R_SERVER_RESPONSE_PARSE_ERROR);
-        return 0;
-    }
-
-    /* Skip past white space to start of response code */
-    while (*p && isspace((unsigned char)*p))
-        p++;
-
-    if (!*p) {
-        OCSPerr(OCSP_F_PARSE_HTTP_LINE1, OCSP_R_SERVER_RESPONSE_PARSE_ERROR);
-        return 0;
-    }
-
-    /* Find end of response code: first whitespace after start of code */
-    for (q = p; *q && !isspace((unsigned char)*q); q++)
-        continue;
-
-    if (!*q) {
-        OCSPerr(OCSP_F_PARSE_HTTP_LINE1, OCSP_R_SERVER_RESPONSE_PARSE_ERROR);
-        return 0;
-    }
-
-    /* Set end of response code and start of message */
-    *q++ = 0;
-
-    /* Attempt to parse numeric code */
-    retcode = strtoul(p, &r, 10);
-
-    if (*r)
-        return 0;
-
-    /* Skip over any leading white space in message */
-    while (*q && isspace((unsigned char)*q))
-        q++;
-
-    if (*q) {
-        /*
-         * Finally zap any trailing white space in message (include CRLF)
-         */
-
-        /* We know q has a non white space character so this is OK */
-        for (r = q + strlen(q) - 1; isspace((unsigned char)*r); r--)
-            *r = 0;
-    }
-    if (retcode != 200) {
-        OCSPerr(OCSP_F_PARSE_HTTP_LINE1, OCSP_R_SERVER_RESPONSE_ERROR);
-        if (!*q)
-            ERR_add_error_data(2, "Code=", p);
-        else
-            ERR_add_error_data(4, "Code=", p, ",Reason=", q);
-        return 0;
-    }
-
-    return 1;
-
-}
-
-int OCSP_REQ_CTX_nbio(OCSP_REQ_CTX *rctx)
-{
-    int i, n;
-    const unsigned char *p;
- next_io:
-    if (!(rctx->state & OHS_NOREAD)) {
-        n = BIO_read(rctx->io, rctx->iobuf, rctx->iobuflen);
-
-        if (n <= 0) {
-            if (BIO_should_retry(rctx->io))
-                return -1;
-            return 0;
-        }
-
-        /* Write data to memory BIO */
-
-        if (BIO_write(rctx->mem, rctx->iobuf, n) != n)
-            return 0;
-    }
-
-    switch (rctx->state) {
-    case OHS_HTTP_HEADER:
-        /* Last operation was adding headers: need a final \r\n */
-        if (BIO_write(rctx->mem, "\r\n", 2) != 2) {
-            rctx->state = OHS_ERROR;
-            return 0;
-        }
-        rctx->state = OHS_ASN1_WRITE_INIT;
-
-    case OHS_ASN1_WRITE_INIT:
-        rctx->asn1_len = BIO_get_mem_data(rctx->mem, NULL);
-        rctx->state = OHS_ASN1_WRITE;
-
-    case OHS_ASN1_WRITE:
-        n = BIO_get_mem_data(rctx->mem, &p);
-
-        i = BIO_write(rctx->io, p + (n - rctx->asn1_len), rctx->asn1_len);
-
-        if (i <= 0) {
-            if (BIO_should_retry(rctx->io))
-                return -1;
-            rctx->state = OHS_ERROR;
-            return 0;
-        }
-
-        rctx->asn1_len -= i;
-
-        if (rctx->asn1_len > 0)
-            goto next_io;
-
-        rctx->state = OHS_ASN1_FLUSH;
-
-        (void)BIO_reset(rctx->mem);
-
-    case OHS_ASN1_FLUSH:
-
-        i = BIO_flush(rctx->io);
-
-        if (i > 0) {
-            rctx->state = OHS_FIRSTLINE;
-            goto next_io;
-        }
-
-        if (BIO_should_retry(rctx->io))
-            return -1;
-
-        rctx->state = OHS_ERROR;
-        return 0;
-
-    case OHS_ERROR:
-        return 0;
-
-    case OHS_FIRSTLINE:
-    case OHS_HEADERS:
-
-        /* Attempt to read a line in */
-
- next_line:
-        /*
-         * Due to &%^*$" memory BIO behaviour with BIO_gets we have to check
-         * there's a complete line in there before calling BIO_gets or we'll
-         * just get a partial read.
-         */
-        n = BIO_get_mem_data(rctx->mem, &p);
-        if ((n <= 0) || !memchr(p, '\n', n)) {
-            if (n >= rctx->iobuflen) {
-                rctx->state = OHS_ERROR;
-                return 0;
-            }
-            goto next_io;
-        }
-        n = BIO_gets(rctx->mem, (char *)rctx->iobuf, rctx->iobuflen);
-
-        if (n <= 0) {
-            if (BIO_should_retry(rctx->mem))
-                goto next_io;
-            rctx->state = OHS_ERROR;
-            return 0;
-        }
-
-        /* Don't allow excessive lines */
-        if (n == rctx->iobuflen) {
-            rctx->state = OHS_ERROR;
-            return 0;
-        }
-
-        /* First line */
-        if (rctx->state == OHS_FIRSTLINE) {
-            if (parse_http_line1((char *)rctx->iobuf)) {
-                rctx->state = OHS_HEADERS;
-                goto next_line;
-            } else {
-                rctx->state = OHS_ERROR;
-                return 0;
-            }
-        } else {
-            /* Look for blank line: end of headers */
-            for (p = rctx->iobuf; *p; p++) {
-                if ((*p != '\r') && (*p != '\n'))
-                    break;
-            }
-            if (*p)
-                goto next_line;
-
-            rctx->state = OHS_ASN1_HEADER;
-
-        }
-
-        /* Fall thru */
-
-    case OHS_ASN1_HEADER:
-        /*
-         * Now reading ASN1 header: can read at least 2 bytes which is enough
-         * for ASN1 SEQUENCE header and either length field or at least the
-         * length of the length field.
-         */
-        n = BIO_get_mem_data(rctx->mem, &p);
-        if (n < 2)
-            goto next_io;
-
-        /* Check it is an ASN1 SEQUENCE */
-        if (*p++ != (V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED)) {
-            rctx->state = OHS_ERROR;
-            return 0;
-        }
-
-        /* Check out length field */
-        if (*p & 0x80) {
-            /*
-             * If MSB set on initial length octet we can now always read 6
-             * octets: make sure we have them.
-             */
-            if (n < 6)
-                goto next_io;
-            n = *p & 0x7F;
-            /* Not NDEF or excessive length */
-            if (!n || (n > 4)) {
-                rctx->state = OHS_ERROR;
-                return 0;
-            }
-            p++;
-            rctx->asn1_len = 0;
-            for (i = 0; i < n; i++) {
-                rctx->asn1_len <<= 8;
-                rctx->asn1_len |= *p++;
-            }
-
-            if (rctx->asn1_len > rctx->max_resp_len) {
-                rctx->state = OHS_ERROR;
-                return 0;
-            }
-
-            rctx->asn1_len += n + 2;
-        } else
-            rctx->asn1_len = *p + 2;
-
-        rctx->state = OHS_ASN1_CONTENT;
-
-        /* Fall thru */
-
-    case OHS_ASN1_CONTENT:
-        n = BIO_get_mem_data(rctx->mem, NULL);
-        if (n < (int)rctx->asn1_len)
-            goto next_io;
-
-        rctx->state = OHS_DONE;
-        return 1;
-
-        break;
-
-    case OHS_DONE:
-        return 1;
-
-    }
-
-    return 0;
-
-}
-
-int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx)
-{
-    return OCSP_REQ_CTX_nbio_d2i(rctx,
-                                 (ASN1_VALUE **)presp,
-                                 ASN1_ITEM_rptr(OCSP_RESPONSE));
-}
-
-/* Blocking OCSP request handler: now a special case of non-blocking I/O */
-
-OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, const char *path, OCSP_REQUEST *req)
-{
-    OCSP_RESPONSE *resp = NULL;
-    OCSP_REQ_CTX *ctx;
-    int rv;
-
-    ctx = OCSP_sendreq_new(b, path, req, -1);
-
-    if (!ctx)
-        return NULL;
-
-    do {
-        rv = OCSP_sendreq_nbio(&resp, ctx);
-    } while ((rv == -1) && BIO_should_retry(b));
-
-    OCSP_REQ_CTX_free(ctx);
-
-    if (rv)
-        return resp;
-
-    return NULL;
-}
diff --git a/thirdparty/openssl/crypto/ocsp/ocsp_lib.c b/thirdparty/openssl/crypto/ocsp/ocsp_lib.c
deleted file mode 100644
index ff781e56e7..0000000000
--- a/thirdparty/openssl/crypto/ocsp/ocsp_lib.c
+++ /dev/null
@@ -1,290 +0,0 @@
-/* ocsp_lib.c */
-/*
- * Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
- * project.
- */
-
-/*
- * History: This file was transfered to Richard Levitte from CertCo by Kathy
- * Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
- * patch kit.
- */
-
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <cryptlib.h>
-#include <openssl/objects.h>
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-#include <openssl/ocsp.h>
-#include <openssl/asn1t.h>
-
-/* Convert a certificate and its issuer to an OCSP_CERTID */
-
-OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer)
-{
-    X509_NAME *iname;
-    ASN1_INTEGER *serial;
-    ASN1_BIT_STRING *ikey;
-#ifndef OPENSSL_NO_SHA1
-    if (!dgst)
-        dgst = EVP_sha1();
-#endif
-    if (subject) {
-        iname = X509_get_issuer_name(subject);
-        serial = X509_get_serialNumber(subject);
-    } else {
-        iname = X509_get_subject_name(issuer);
-        serial = NULL;
-    }
-    ikey = X509_get0_pubkey_bitstr(issuer);
-    return OCSP_cert_id_new(dgst, iname, ikey, serial);
-}
-
-OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
-                              X509_NAME *issuerName,
-                              ASN1_BIT_STRING *issuerKey,
-                              ASN1_INTEGER *serialNumber)
-{
-    int nid;
-    unsigned int i;
-    X509_ALGOR *alg;
-    OCSP_CERTID *cid = NULL;
-    unsigned char md[EVP_MAX_MD_SIZE];
-
-    if (!(cid = OCSP_CERTID_new()))
-        goto err;
-
-    alg = cid->hashAlgorithm;
-    if (alg->algorithm != NULL)
-        ASN1_OBJECT_free(alg->algorithm);
-    if ((nid = EVP_MD_type(dgst)) == NID_undef) {
-        OCSPerr(OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_UNKNOWN_NID);
-        goto err;
-    }
-    if (!(alg->algorithm = OBJ_nid2obj(nid)))
-        goto err;
-    if ((alg->parameter = ASN1_TYPE_new()) == NULL)
-        goto err;
-    alg->parameter->type = V_ASN1_NULL;
-
-    if (!X509_NAME_digest(issuerName, dgst, md, &i))
-        goto digerr;
-    if (!(ASN1_OCTET_STRING_set(cid->issuerNameHash, md, i)))
-        goto err;
-
-    /* Calculate the issuerKey hash, excluding tag and length */
-    if (!EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst, NULL))
-        goto err;
-
-    if (!(ASN1_OCTET_STRING_set(cid->issuerKeyHash, md, i)))
-        goto err;
-
-    if (serialNumber) {
-        ASN1_INTEGER_free(cid->serialNumber);
-        if (!(cid->serialNumber = ASN1_INTEGER_dup(serialNumber)))
-            goto err;
-    }
-    return cid;
- digerr:
-    OCSPerr(OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_DIGEST_ERR);
- err:
-    if (cid)
-        OCSP_CERTID_free(cid);
-    return NULL;
-}
-
-int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b)
-{
-    int ret;
-    ret = OBJ_cmp(a->hashAlgorithm->algorithm, b->hashAlgorithm->algorithm);
-    if (ret)
-        return ret;
-    ret = ASN1_OCTET_STRING_cmp(a->issuerNameHash, b->issuerNameHash);
-    if (ret)
-        return ret;
-    return ASN1_OCTET_STRING_cmp(a->issuerKeyHash, b->issuerKeyHash);
-}
-
-int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b)
-{
-    int ret;
-    ret = OCSP_id_issuer_cmp(a, b);
-    if (ret)
-        return ret;
-    return ASN1_INTEGER_cmp(a->serialNumber, b->serialNumber);
-}
-
-/*
- * Parse a URL and split it up into host, port and path components and
- * whether it is SSL.
- */
-
-int OCSP_parse_url(const char *url, char **phost, char **pport, char **ppath,
-                   int *pssl)
-{
-    char *p, *buf;
-
-    char *host, *port;
-
-    *phost = NULL;
-    *pport = NULL;
-    *ppath = NULL;
-
-    /* dup the buffer since we are going to mess with it */
-    buf = BUF_strdup(url);
-    if (!buf)
-        goto mem_err;
-
-    /* Check for initial colon */
-    p = strchr(buf, ':');
-
-    if (!p)
-        goto parse_err;
-
-    *(p++) = '\0';
-
-    if (!strcmp(buf, "http")) {
-        *pssl = 0;
-        port = "80";
-    } else if (!strcmp(buf, "https")) {
-        *pssl = 1;
-        port = "443";
-    } else
-        goto parse_err;
-
-    /* Check for double slash */
-    if ((p[0] != '/') || (p[1] != '/'))
-        goto parse_err;
-
-    p += 2;
-
-    host = p;
-
-    /* Check for trailing part of path */
-
-    p = strchr(p, '/');
-
-    if (!p)
-        *ppath = BUF_strdup("/");
-    else {
-        *ppath = BUF_strdup(p);
-        /* Set start of path to 0 so hostname is valid */
-        *p = '\0';
-    }
-
-    if (!*ppath)
-        goto mem_err;
-
-    p = host;
-    if (host[0] == '[') {
-        /* ipv6 literal */
-        host++;
-        p = strchr(host, ']');
-        if (!p)
-            goto parse_err;
-        *p = '\0';
-        p++;
-    }
-
-    /* Look for optional ':' for port number */
-    if ((p = strchr(p, ':'))) {
-        *p = 0;
-        port = p + 1;
-    }
-
-    *pport = BUF_strdup(port);
-    if (!*pport)
-        goto mem_err;
-
-    *phost = BUF_strdup(host);
-
-    if (!*phost)
-        goto mem_err;
-
-    OPENSSL_free(buf);
-
-    return 1;
-
- mem_err:
-    OCSPerr(OCSP_F_OCSP_PARSE_URL, ERR_R_MALLOC_FAILURE);
-    goto err;
-
- parse_err:
-    OCSPerr(OCSP_F_OCSP_PARSE_URL, OCSP_R_ERROR_PARSING_URL);
-
- err:
-    if (buf)
-        OPENSSL_free(buf);
-    if (*ppath) {
-        OPENSSL_free(*ppath);
-        *ppath = NULL;
-    }
-    if (*pport) {
-        OPENSSL_free(*pport);
-        *pport = NULL;
-    }
-    if (*phost) {
-        OPENSSL_free(*phost);
-        *phost = NULL;
-    }
-    return 0;
-
-}
-
-IMPLEMENT_ASN1_DUP_FUNCTION(OCSP_CERTID)
diff --git a/thirdparty/openssl/crypto/ocsp/ocsp_prn.c b/thirdparty/openssl/crypto/ocsp/ocsp_prn.c
deleted file mode 100644
index 47d5f83ef9..0000000000
--- a/thirdparty/openssl/crypto/ocsp/ocsp_prn.c
+++ /dev/null
@@ -1,299 +0,0 @@
-/* ocsp_prn.c */
-/*
- * Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
- * project.
- */
-
-/*
- * History: This file was originally part of ocsp.c and was transfered to
- * Richard Levitte from CertCo by Kathy Weinhold in mid-spring 2000 to be
- * included in OpenSSL or released as a patch kit.
- */
-
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/ocsp.h>
-#include <openssl/pem.h>
-
-static int ocsp_certid_print(BIO *bp, OCSP_CERTID *a, int indent)
-{
-    BIO_printf(bp, "%*sCertificate ID:\n", indent, "");
-    indent += 2;
-    BIO_printf(bp, "%*sHash Algorithm: ", indent, "");
-    i2a_ASN1_OBJECT(bp, a->hashAlgorithm->algorithm);
-    BIO_printf(bp, "\n%*sIssuer Name Hash: ", indent, "");
-    i2a_ASN1_STRING(bp, a->issuerNameHash, V_ASN1_OCTET_STRING);
-    BIO_printf(bp, "\n%*sIssuer Key Hash: ", indent, "");
-    i2a_ASN1_STRING(bp, a->issuerKeyHash, V_ASN1_OCTET_STRING);
-    BIO_printf(bp, "\n%*sSerial Number: ", indent, "");
-    i2a_ASN1_INTEGER(bp, a->serialNumber);
-    BIO_printf(bp, "\n");
-    return 1;
-}
-
-typedef struct {
-    long t;
-    const char *m;
-} OCSP_TBLSTR;
-
-static const char *table2string(long s, const OCSP_TBLSTR *ts, int len)
-{
-    const OCSP_TBLSTR *p;
-    for (p = ts; p < ts + len; p++)
-        if (p->t == s)
-            return p->m;
-    return "(UNKNOWN)";
-}
-
-const char *OCSP_response_status_str(long s)
-{
-    static const OCSP_TBLSTR rstat_tbl[] = {
-        {OCSP_RESPONSE_STATUS_SUCCESSFUL, "successful"},
-        {OCSP_RESPONSE_STATUS_MALFORMEDREQUEST, "malformedrequest"},
-        {OCSP_RESPONSE_STATUS_INTERNALERROR, "internalerror"},
-        {OCSP_RESPONSE_STATUS_TRYLATER, "trylater"},
-        {OCSP_RESPONSE_STATUS_SIGREQUIRED, "sigrequired"},
-        {OCSP_RESPONSE_STATUS_UNAUTHORIZED, "unauthorized"}
-    };
-    return table2string(s, rstat_tbl, 6);
-}
-
-const char *OCSP_cert_status_str(long s)
-{
-    static const OCSP_TBLSTR cstat_tbl[] = {
-        {V_OCSP_CERTSTATUS_GOOD, "good"},
-        {V_OCSP_CERTSTATUS_REVOKED, "revoked"},
-        {V_OCSP_CERTSTATUS_UNKNOWN, "unknown"}
-    };
-    return table2string(s, cstat_tbl, 3);
-}
-
-const char *OCSP_crl_reason_str(long s)
-{
-    static const OCSP_TBLSTR reason_tbl[] = {
-        {OCSP_REVOKED_STATUS_UNSPECIFIED, "unspecified"},
-        {OCSP_REVOKED_STATUS_KEYCOMPROMISE, "keyCompromise"},
-        {OCSP_REVOKED_STATUS_CACOMPROMISE, "cACompromise"},
-        {OCSP_REVOKED_STATUS_AFFILIATIONCHANGED, "affiliationChanged"},
-        {OCSP_REVOKED_STATUS_SUPERSEDED, "superseded"},
-        {OCSP_REVOKED_STATUS_CESSATIONOFOPERATION, "cessationOfOperation"},
-        {OCSP_REVOKED_STATUS_CERTIFICATEHOLD, "certificateHold"},
-        {OCSP_REVOKED_STATUS_REMOVEFROMCRL, "removeFromCRL"}
-    };
-    return table2string(s, reason_tbl, 8);
-}
-
-int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST *o, unsigned long flags)
-{
-    int i;
-    long l;
-    OCSP_CERTID *cid = NULL;
-    OCSP_ONEREQ *one = NULL;
-    OCSP_REQINFO *inf = o->tbsRequest;
-    OCSP_SIGNATURE *sig = o->optionalSignature;
-
-    if (BIO_write(bp, "OCSP Request Data:\n", 19) <= 0)
-        goto err;
-    l = ASN1_INTEGER_get(inf->version);
-    if (BIO_printf(bp, "    Version: %lu (0x%lx)", l + 1, l) <= 0)
-        goto err;
-    if (inf->requestorName != NULL) {
-        if (BIO_write(bp, "\n    Requestor Name: ", 21) <= 0)
-            goto err;
-        GENERAL_NAME_print(bp, inf->requestorName);
-    }
-    if (BIO_write(bp, "\n    Requestor List:\n", 21) <= 0)
-        goto err;
-    for (i = 0; i < sk_OCSP_ONEREQ_num(inf->requestList); i++) {
-        one = sk_OCSP_ONEREQ_value(inf->requestList, i);
-        cid = one->reqCert;
-        ocsp_certid_print(bp, cid, 8);
-        if (!X509V3_extensions_print(bp,
-                                     "Request Single Extensions",
-                                     one->singleRequestExtensions, flags, 8))
-            goto err;
-    }
-    if (!X509V3_extensions_print(bp, "Request Extensions",
-                                 inf->requestExtensions, flags, 4))
-        goto err;
-    if (sig) {
-        X509_signature_print(bp, sig->signatureAlgorithm, sig->signature);
-        for (i = 0; i < sk_X509_num(sig->certs); i++) {
-            X509_print(bp, sk_X509_value(sig->certs, i));
-            PEM_write_bio_X509(bp, sk_X509_value(sig->certs, i));
-        }
-    }
-    return 1;
- err:
-    return 0;
-}
-
-int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE *o, unsigned long flags)
-{
-    int i, ret = 0;
-    long l;
-    OCSP_CERTID *cid = NULL;
-    OCSP_BASICRESP *br = NULL;
-    OCSP_RESPID *rid = NULL;
-    OCSP_RESPDATA *rd = NULL;
-    OCSP_CERTSTATUS *cst = NULL;
-    OCSP_REVOKEDINFO *rev = NULL;
-    OCSP_SINGLERESP *single = NULL;
-    OCSP_RESPBYTES *rb = o->responseBytes;
-
-    if (BIO_puts(bp, "OCSP Response Data:\n") <= 0)
-        goto err;
-    l = ASN1_ENUMERATED_get(o->responseStatus);
-    if (BIO_printf(bp, "    OCSP Response Status: %s (0x%lx)\n",
-                   OCSP_response_status_str(l), l) <= 0)
-        goto err;
-    if (rb == NULL)
-        return 1;
-    if (BIO_puts(bp, "    Response Type: ") <= 0)
-        goto err;
-    if (i2a_ASN1_OBJECT(bp, rb->responseType) <= 0)
-        goto err;
-    if (OBJ_obj2nid(rb->responseType) != NID_id_pkix_OCSP_basic) {
-        BIO_puts(bp, " (unknown response type)\n");
-        return 1;
-    }
-
-    if ((br = OCSP_response_get1_basic(o)) == NULL)
-        goto err;
-    rd = br->tbsResponseData;
-    l = ASN1_INTEGER_get(rd->version);
-    if (BIO_printf(bp, "\n    Version: %lu (0x%lx)\n", l + 1, l) <= 0)
-        goto err;
-    if (BIO_puts(bp, "    Responder Id: ") <= 0)
-        goto err;
-
-    rid = rd->responderId;
-    switch (rid->type) {
-    case V_OCSP_RESPID_NAME:
-        X509_NAME_print_ex(bp, rid->value.byName, 0, XN_FLAG_ONELINE);
-        break;
-    case V_OCSP_RESPID_KEY:
-        i2a_ASN1_STRING(bp, rid->value.byKey, V_ASN1_OCTET_STRING);
-        break;
-    }
-
-    if (BIO_printf(bp, "\n    Produced At: ") <= 0)
-        goto err;
-    if (!ASN1_GENERALIZEDTIME_print(bp, rd->producedAt))
-        goto err;
-    if (BIO_printf(bp, "\n    Responses:\n") <= 0)
-        goto err;
-    for (i = 0; i < sk_OCSP_SINGLERESP_num(rd->responses); i++) {
-        if (!sk_OCSP_SINGLERESP_value(rd->responses, i))
-            continue;
-        single = sk_OCSP_SINGLERESP_value(rd->responses, i);
-        cid = single->certId;
-        if (ocsp_certid_print(bp, cid, 4) <= 0)
-            goto err;
-        cst = single->certStatus;
-        if (BIO_printf(bp, "    Cert Status: %s",
-                       OCSP_cert_status_str(cst->type)) <= 0)
-            goto err;
-        if (cst->type == V_OCSP_CERTSTATUS_REVOKED) {
-            rev = cst->value.revoked;
-            if (BIO_printf(bp, "\n    Revocation Time: ") <= 0)
-                goto err;
-            if (!ASN1_GENERALIZEDTIME_print(bp, rev->revocationTime))
-                goto err;
-            if (rev->revocationReason) {
-                l = ASN1_ENUMERATED_get(rev->revocationReason);
-                if (BIO_printf(bp,
-                               "\n    Revocation Reason: %s (0x%lx)",
-                               OCSP_crl_reason_str(l), l) <= 0)
-                    goto err;
-            }
-        }
-        if (BIO_printf(bp, "\n    This Update: ") <= 0)
-            goto err;
-        if (!ASN1_GENERALIZEDTIME_print(bp, single->thisUpdate))
-            goto err;
-        if (single->nextUpdate) {
-            if (BIO_printf(bp, "\n    Next Update: ") <= 0)
-                goto err;
-            if (!ASN1_GENERALIZEDTIME_print(bp, single->nextUpdate))
-                goto err;
-        }
-        if (BIO_write(bp, "\n", 1) <= 0)
-            goto err;
-        if (!X509V3_extensions_print(bp,
-                                     "Response Single Extensions",
-                                     single->singleExtensions, flags, 8))
-            goto err;
-        if (BIO_write(bp, "\n", 1) <= 0)
-            goto err;
-    }
-    if (!X509V3_extensions_print(bp, "Response Extensions",
-                                 rd->responseExtensions, flags, 4))
-        goto err;
-    if (X509_signature_print(bp, br->signatureAlgorithm, br->signature) <= 0)
-        goto err;
-
-    for (i = 0; i < sk_X509_num(br->certs); i++) {
-        X509_print(bp, sk_X509_value(br->certs, i));
-        PEM_write_bio_X509(bp, sk_X509_value(br->certs, i));
-    }
-
-    ret = 1;
- err:
-    OCSP_BASICRESP_free(br);
-    return ret;
-}
diff --git a/thirdparty/openssl/crypto/ocsp/ocsp_srv.c b/thirdparty/openssl/crypto/ocsp/ocsp_srv.c
deleted file mode 100644
index 2ec2c63618..0000000000
--- a/thirdparty/openssl/crypto/ocsp/ocsp_srv.c
+++ /dev/null
@@ -1,271 +0,0 @@
-/* ocsp_srv.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <cryptlib.h>
-#include <openssl/objects.h>
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-#include <openssl/ocsp.h>
-
-/*
- * Utility functions related to sending OCSP responses and extracting
- * relevant information from the request.
- */
-
-int OCSP_request_onereq_count(OCSP_REQUEST *req)
-{
-    return sk_OCSP_ONEREQ_num(req->tbsRequest->requestList);
-}
-
-OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i)
-{
-    return sk_OCSP_ONEREQ_value(req->tbsRequest->requestList, i);
-}
-
-OCSP_CERTID *OCSP_onereq_get0_id(OCSP_ONEREQ *one)
-{
-    return one->reqCert;
-}
-
-int OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd,
-                      ASN1_OCTET_STRING **pikeyHash,
-                      ASN1_INTEGER **pserial, OCSP_CERTID *cid)
-{
-    if (!cid)
-        return 0;
-    if (pmd)
-        *pmd = cid->hashAlgorithm->algorithm;
-    if (piNameHash)
-        *piNameHash = cid->issuerNameHash;
-    if (pikeyHash)
-        *pikeyHash = cid->issuerKeyHash;
-    if (pserial)
-        *pserial = cid->serialNumber;
-    return 1;
-}
-
-int OCSP_request_is_signed(OCSP_REQUEST *req)
-{
-    if (req->optionalSignature)
-        return 1;
-    return 0;
-}
-
-/* Create an OCSP response and encode an optional basic response */
-OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs)
-{
-    OCSP_RESPONSE *rsp = NULL;
-
-    if (!(rsp = OCSP_RESPONSE_new()))
-        goto err;
-    if (!(ASN1_ENUMERATED_set(rsp->responseStatus, status)))
-        goto err;
-    if (!bs)
-        return rsp;
-    if (!(rsp->responseBytes = OCSP_RESPBYTES_new()))
-        goto err;
-    rsp->responseBytes->responseType = OBJ_nid2obj(NID_id_pkix_OCSP_basic);
-    if (!ASN1_item_pack
-        (bs, ASN1_ITEM_rptr(OCSP_BASICRESP), &rsp->responseBytes->response))
-         goto err;
-    return rsp;
- err:
-    if (rsp)
-        OCSP_RESPONSE_free(rsp);
-    return NULL;
-}
-
-OCSP_SINGLERESP *OCSP_basic_add1_status(OCSP_BASICRESP *rsp,
-                                        OCSP_CERTID *cid,
-                                        int status, int reason,
-                                        ASN1_TIME *revtime,
-                                        ASN1_TIME *thisupd,
-                                        ASN1_TIME *nextupd)
-{
-    OCSP_SINGLERESP *single = NULL;
-    OCSP_CERTSTATUS *cs;
-    OCSP_REVOKEDINFO *ri;
-
-    if (!rsp->tbsResponseData->responses &&
-        !(rsp->tbsResponseData->responses = sk_OCSP_SINGLERESP_new_null()))
-        goto err;
-
-    if (!(single = OCSP_SINGLERESP_new()))
-        goto err;
-
-    if (!ASN1_TIME_to_generalizedtime(thisupd, &single->thisUpdate))
-        goto err;
-    if (nextupd &&
-        !ASN1_TIME_to_generalizedtime(nextupd, &single->nextUpdate))
-        goto err;
-
-    OCSP_CERTID_free(single->certId);
-
-    if (!(single->certId = OCSP_CERTID_dup(cid)))
-        goto err;
-
-    cs = single->certStatus;
-    switch (cs->type = status) {
-    case V_OCSP_CERTSTATUS_REVOKED:
-        if (!revtime) {
-            OCSPerr(OCSP_F_OCSP_BASIC_ADD1_STATUS, OCSP_R_NO_REVOKED_TIME);
-            goto err;
-        }
-        if (!(cs->value.revoked = ri = OCSP_REVOKEDINFO_new()))
-            goto err;
-        if (!ASN1_TIME_to_generalizedtime(revtime, &ri->revocationTime))
-            goto err;
-        if (reason != OCSP_REVOKED_STATUS_NOSTATUS) {
-            if (!(ri->revocationReason = ASN1_ENUMERATED_new()))
-                goto err;
-            if (!(ASN1_ENUMERATED_set(ri->revocationReason, reason)))
-                goto err;
-        }
-        break;
-
-    case V_OCSP_CERTSTATUS_GOOD:
-        cs->value.good = ASN1_NULL_new();
-        break;
-
-    case V_OCSP_CERTSTATUS_UNKNOWN:
-        cs->value.unknown = ASN1_NULL_new();
-        break;
-
-    default:
-        goto err;
-
-    }
-    if (!(sk_OCSP_SINGLERESP_push(rsp->tbsResponseData->responses, single)))
-        goto err;
-    return single;
- err:
-    OCSP_SINGLERESP_free(single);
-    return NULL;
-}
-
-/* Add a certificate to an OCSP request */
-
-int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert)
-{
-    if (!resp->certs && !(resp->certs = sk_X509_new_null()))
-        return 0;
-
-    if (!sk_X509_push(resp->certs, cert))
-        return 0;
-    CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
-    return 1;
-}
-
-int OCSP_basic_sign(OCSP_BASICRESP *brsp,
-                    X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
-                    STACK_OF(X509) *certs, unsigned long flags)
-{
-    int i;
-    OCSP_RESPID *rid;
-
-    if (!X509_check_private_key(signer, key)) {
-        OCSPerr(OCSP_F_OCSP_BASIC_SIGN,
-                OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
-        goto err;
-    }
-
-    if (!(flags & OCSP_NOCERTS)) {
-        if (!OCSP_basic_add1_cert(brsp, signer))
-            goto err;
-        for (i = 0; i < sk_X509_num(certs); i++) {
-            X509 *tmpcert = sk_X509_value(certs, i);
-            if (!OCSP_basic_add1_cert(brsp, tmpcert))
-                goto err;
-        }
-    }
-
-    rid = brsp->tbsResponseData->responderId;
-    if (flags & OCSP_RESPID_KEY) {
-        unsigned char md[SHA_DIGEST_LENGTH];
-        X509_pubkey_digest(signer, EVP_sha1(), md, NULL);
-        if (!(rid->value.byKey = ASN1_OCTET_STRING_new()))
-            goto err;
-        if (!(ASN1_OCTET_STRING_set(rid->value.byKey, md, SHA_DIGEST_LENGTH)))
-            goto err;
-        rid->type = V_OCSP_RESPID_KEY;
-    } else {
-        if (!X509_NAME_set(&rid->value.byName, X509_get_subject_name(signer)))
-            goto err;
-        rid->type = V_OCSP_RESPID_NAME;
-    }
-
-    if (!(flags & OCSP_NOTIME) &&
-        !X509_gmtime_adj(brsp->tbsResponseData->producedAt, 0))
-        goto err;
-
-    /*
-     * Right now, I think that not doing double hashing is the right thing.
-     * -- Richard Levitte
-     */
-
-    if (!OCSP_BASICRESP_sign(brsp, key, dgst, 0))
-        goto err;
-
-    return 1;
- err:
-    return 0;
-}
diff --git a/thirdparty/openssl/crypto/ocsp/ocsp_vfy.c b/thirdparty/openssl/crypto/ocsp/ocsp_vfy.c
deleted file mode 100644
index d4a257c33b..0000000000
--- a/thirdparty/openssl/crypto/ocsp/ocsp_vfy.c
+++ /dev/null
@@ -1,454 +0,0 @@
-/* ocsp_vfy.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/ocsp.h>
-#include <openssl/err.h>
-#include <string.h>
-
-static int ocsp_find_signer(X509 **psigner, OCSP_BASICRESP *bs,
-                            STACK_OF(X509) *certs, X509_STORE *st,
-                            unsigned long flags);
-static X509 *ocsp_find_signer_sk(STACK_OF(X509) *certs, OCSP_RESPID *id);
-static int ocsp_check_issuer(OCSP_BASICRESP *bs, STACK_OF(X509) *chain,
-                             unsigned long flags);
-static int ocsp_check_ids(STACK_OF(OCSP_SINGLERESP) *sresp,
-                          OCSP_CERTID **ret);
-static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,
-                               STACK_OF(OCSP_SINGLERESP) *sresp);
-static int ocsp_check_delegated(X509 *x, int flags);
-static int ocsp_req_find_signer(X509 **psigner, OCSP_REQUEST *req,
-                                X509_NAME *nm, STACK_OF(X509) *certs,
-                                X509_STORE *st, unsigned long flags);
-
-/* Verify a basic response message */
-
-int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
-                      X509_STORE *st, unsigned long flags)
-{
-    X509 *signer, *x;
-    STACK_OF(X509) *chain = NULL;
-    STACK_OF(X509) *untrusted = NULL;
-    X509_STORE_CTX ctx;
-    int i, ret = 0;
-    ret = ocsp_find_signer(&signer, bs, certs, st, flags);
-    if (!ret) {
-        OCSPerr(OCSP_F_OCSP_BASIC_VERIFY,
-                OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND);
-        goto end;
-    }
-    if ((ret == 2) && (flags & OCSP_TRUSTOTHER))
-        flags |= OCSP_NOVERIFY;
-    if (!(flags & OCSP_NOSIGS)) {
-        EVP_PKEY *skey;
-        skey = X509_get_pubkey(signer);
-        if (skey) {
-            ret = OCSP_BASICRESP_verify(bs, skey, 0);
-            EVP_PKEY_free(skey);
-        }
-        if (!skey || ret <= 0) {
-            OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, OCSP_R_SIGNATURE_FAILURE);
-            goto end;
-        }
-    }
-    if (!(flags & OCSP_NOVERIFY)) {
-        int init_res;
-        if (flags & OCSP_NOCHAIN) {
-            untrusted = NULL;
-        } else if (bs->certs && certs) {
-            untrusted = sk_X509_dup(bs->certs);
-            for (i = 0; i < sk_X509_num(certs); i++) {
-                if (!sk_X509_push(untrusted, sk_X509_value(certs, i))) {
-                    OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, ERR_R_MALLOC_FAILURE);
-                    goto end;
-                }
-            }
-        } else {
-            untrusted = bs->certs;
-        }
-        init_res = X509_STORE_CTX_init(&ctx, st, signer, untrusted);
-        if (!init_res) {
-            ret = -1;
-            OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, ERR_R_X509_LIB);
-            goto end;
-        }
-
-        X509_STORE_CTX_set_purpose(&ctx, X509_PURPOSE_OCSP_HELPER);
-        ret = X509_verify_cert(&ctx);
-        chain = X509_STORE_CTX_get1_chain(&ctx);
-        X509_STORE_CTX_cleanup(&ctx);
-        if (ret <= 0) {
-            i = X509_STORE_CTX_get_error(&ctx);
-            OCSPerr(OCSP_F_OCSP_BASIC_VERIFY,
-                    OCSP_R_CERTIFICATE_VERIFY_ERROR);
-            ERR_add_error_data(2, "Verify error:",
-                               X509_verify_cert_error_string(i));
-            goto end;
-        }
-        if (flags & OCSP_NOCHECKS) {
-            ret = 1;
-            goto end;
-        }
-        /*
-         * At this point we have a valid certificate chain need to verify it
-         * against the OCSP issuer criteria.
-         */
-        ret = ocsp_check_issuer(bs, chain, flags);
-
-        /* If fatal error or valid match then finish */
-        if (ret != 0)
-            goto end;
-
-        /*
-         * Easy case: explicitly trusted. Get root CA and check for explicit
-         * trust
-         */
-        if (flags & OCSP_NOEXPLICIT)
-            goto end;
-
-        x = sk_X509_value(chain, sk_X509_num(chain) - 1);
-        if (X509_check_trust(x, NID_OCSP_sign, 0) != X509_TRUST_TRUSTED) {
-            OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, OCSP_R_ROOT_CA_NOT_TRUSTED);
-            goto end;
-        }
-        ret = 1;
-    }
-
- end:
-    if (chain)
-        sk_X509_pop_free(chain, X509_free);
-    if (bs->certs && certs)
-        sk_X509_free(untrusted);
-    return ret;
-}
-
-static int ocsp_find_signer(X509 **psigner, OCSP_BASICRESP *bs,
-                            STACK_OF(X509) *certs, X509_STORE *st,
-                            unsigned long flags)
-{
-    X509 *signer;
-    OCSP_RESPID *rid = bs->tbsResponseData->responderId;
-    if ((signer = ocsp_find_signer_sk(certs, rid))) {
-        *psigner = signer;
-        return 2;
-    }
-    if (!(flags & OCSP_NOINTERN) &&
-        (signer = ocsp_find_signer_sk(bs->certs, rid))) {
-        *psigner = signer;
-        return 1;
-    }
-    /* Maybe lookup from store if by subject name */
-
-    *psigner = NULL;
-    return 0;
-}
-
-static X509 *ocsp_find_signer_sk(STACK_OF(X509) *certs, OCSP_RESPID *id)
-{
-    int i;
-    unsigned char tmphash[SHA_DIGEST_LENGTH], *keyhash;
-    X509 *x;
-
-    /* Easy if lookup by name */
-    if (id->type == V_OCSP_RESPID_NAME)
-        return X509_find_by_subject(certs, id->value.byName);
-
-    /* Lookup by key hash */
-
-    /* If key hash isn't SHA1 length then forget it */
-    if (id->value.byKey->length != SHA_DIGEST_LENGTH)
-        return NULL;
-    keyhash = id->value.byKey->data;
-    /* Calculate hash of each key and compare */
-    for (i = 0; i < sk_X509_num(certs); i++) {
-        x = sk_X509_value(certs, i);
-        X509_pubkey_digest(x, EVP_sha1(), tmphash, NULL);
-        if (!memcmp(keyhash, tmphash, SHA_DIGEST_LENGTH))
-            return x;
-    }
-    return NULL;
-}
-
-static int ocsp_check_issuer(OCSP_BASICRESP *bs, STACK_OF(X509) *chain,
-                             unsigned long flags)
-{
-    STACK_OF(OCSP_SINGLERESP) *sresp;
-    X509 *signer, *sca;
-    OCSP_CERTID *caid = NULL;
-    int i;
-    sresp = bs->tbsResponseData->responses;
-
-    if (sk_X509_num(chain) <= 0) {
-        OCSPerr(OCSP_F_OCSP_CHECK_ISSUER, OCSP_R_NO_CERTIFICATES_IN_CHAIN);
-        return -1;
-    }
-
-    /* See if the issuer IDs match. */
-    i = ocsp_check_ids(sresp, &caid);
-
-    /* If ID mismatch or other error then return */
-    if (i <= 0)
-        return i;
-
-    signer = sk_X509_value(chain, 0);
-    /* Check to see if OCSP responder CA matches request CA */
-    if (sk_X509_num(chain) > 1) {
-        sca = sk_X509_value(chain, 1);
-        i = ocsp_match_issuerid(sca, caid, sresp);
-        if (i < 0)
-            return i;
-        if (i) {
-            /* We have a match, if extensions OK then success */
-            if (ocsp_check_delegated(signer, flags))
-                return 1;
-            return 0;
-        }
-    }
-
-    /* Otherwise check if OCSP request signed directly by request CA */
-    return ocsp_match_issuerid(signer, caid, sresp);
-}
-
-/*
- * Check the issuer certificate IDs for equality. If there is a mismatch with
- * the same algorithm then there's no point trying to match any certificates
- * against the issuer. If the issuer IDs all match then we just need to check
- * equality against one of them.
- */
-
-static int ocsp_check_ids(STACK_OF(OCSP_SINGLERESP) *sresp, OCSP_CERTID **ret)
-{
-    OCSP_CERTID *tmpid, *cid;
-    int i, idcount;
-
-    idcount = sk_OCSP_SINGLERESP_num(sresp);
-    if (idcount <= 0) {
-        OCSPerr(OCSP_F_OCSP_CHECK_IDS,
-                OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA);
-        return -1;
-    }
-
-    cid = sk_OCSP_SINGLERESP_value(sresp, 0)->certId;
-
-    *ret = NULL;
-
-    for (i = 1; i < idcount; i++) {
-        tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId;
-        /* Check to see if IDs match */
-        if (OCSP_id_issuer_cmp(cid, tmpid)) {
-            /* If algoritm mismatch let caller deal with it */
-            if (OBJ_cmp(tmpid->hashAlgorithm->algorithm,
-                        cid->hashAlgorithm->algorithm))
-                return 2;
-            /* Else mismatch */
-            return 0;
-        }
-    }
-
-    /* All IDs match: only need to check one ID */
-    *ret = cid;
-    return 1;
-}
-
-static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,
-                               STACK_OF(OCSP_SINGLERESP) *sresp)
-{
-    /* If only one ID to match then do it */
-    if (cid) {
-        const EVP_MD *dgst;
-        X509_NAME *iname;
-        int mdlen;
-        unsigned char md[EVP_MAX_MD_SIZE];
-        if (!(dgst = EVP_get_digestbyobj(cid->hashAlgorithm->algorithm))) {
-            OCSPerr(OCSP_F_OCSP_MATCH_ISSUERID,
-                    OCSP_R_UNKNOWN_MESSAGE_DIGEST);
-            return -1;
-        }
-
-        mdlen = EVP_MD_size(dgst);
-        if (mdlen < 0)
-            return -1;
-        if ((cid->issuerNameHash->length != mdlen) ||
-            (cid->issuerKeyHash->length != mdlen))
-            return 0;
-        iname = X509_get_subject_name(cert);
-        if (!X509_NAME_digest(iname, dgst, md, NULL))
-            return -1;
-        if (memcmp(md, cid->issuerNameHash->data, mdlen))
-            return 0;
-        X509_pubkey_digest(cert, dgst, md, NULL);
-        if (memcmp(md, cid->issuerKeyHash->data, mdlen))
-            return 0;
-
-        return 1;
-
-    } else {
-        /* We have to match the whole lot */
-        int i, ret;
-        OCSP_CERTID *tmpid;
-        for (i = 0; i < sk_OCSP_SINGLERESP_num(sresp); i++) {
-            tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId;
-            ret = ocsp_match_issuerid(cert, tmpid, NULL);
-            if (ret <= 0)
-                return ret;
-        }
-        return 1;
-    }
-
-}
-
-static int ocsp_check_delegated(X509 *x, int flags)
-{
-    X509_check_purpose(x, -1, 0);
-    if ((x->ex_flags & EXFLAG_XKUSAGE) && (x->ex_xkusage & XKU_OCSP_SIGN))
-        return 1;
-    OCSPerr(OCSP_F_OCSP_CHECK_DELEGATED, OCSP_R_MISSING_OCSPSIGNING_USAGE);
-    return 0;
-}
-
-/*
- * Verify an OCSP request. This is fortunately much easier than OCSP response
- * verify. Just find the signers certificate and verify it against a given
- * trust value.
- */
-
-int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs,
-                        X509_STORE *store, unsigned long flags)
-{
-    X509 *signer;
-    X509_NAME *nm;
-    GENERAL_NAME *gen;
-    int ret;
-    X509_STORE_CTX ctx;
-    if (!req->optionalSignature) {
-        OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY, OCSP_R_REQUEST_NOT_SIGNED);
-        return 0;
-    }
-    gen = req->tbsRequest->requestorName;
-    if (!gen || gen->type != GEN_DIRNAME) {
-        OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY,
-                OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE);
-        return 0;
-    }
-    nm = gen->d.directoryName;
-    ret = ocsp_req_find_signer(&signer, req, nm, certs, store, flags);
-    if (ret <= 0) {
-        OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY,
-                OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND);
-        return 0;
-    }
-    if ((ret == 2) && (flags & OCSP_TRUSTOTHER))
-        flags |= OCSP_NOVERIFY;
-    if (!(flags & OCSP_NOSIGS)) {
-        EVP_PKEY *skey;
-        skey = X509_get_pubkey(signer);
-        ret = OCSP_REQUEST_verify(req, skey);
-        EVP_PKEY_free(skey);
-        if (ret <= 0) {
-            OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY, OCSP_R_SIGNATURE_FAILURE);
-            return 0;
-        }
-    }
-    if (!(flags & OCSP_NOVERIFY)) {
-        int init_res;
-        if (flags & OCSP_NOCHAIN)
-            init_res = X509_STORE_CTX_init(&ctx, store, signer, NULL);
-        else
-            init_res = X509_STORE_CTX_init(&ctx, store, signer,
-                                           req->optionalSignature->certs);
-        if (!init_res) {
-            OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY, ERR_R_X509_LIB);
-            return 0;
-        }
-
-        X509_STORE_CTX_set_purpose(&ctx, X509_PURPOSE_OCSP_HELPER);
-        X509_STORE_CTX_set_trust(&ctx, X509_TRUST_OCSP_REQUEST);
-        ret = X509_verify_cert(&ctx);
-        X509_STORE_CTX_cleanup(&ctx);
-        if (ret <= 0) {
-            ret = X509_STORE_CTX_get_error(&ctx);
-            OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY,
-                    OCSP_R_CERTIFICATE_VERIFY_ERROR);
-            ERR_add_error_data(2, "Verify error:",
-                               X509_verify_cert_error_string(ret));
-            return 0;
-        }
-    }
-    return 1;
-}
-
-static int ocsp_req_find_signer(X509 **psigner, OCSP_REQUEST *req,
-                                X509_NAME *nm, STACK_OF(X509) *certs,
-                                X509_STORE *st, unsigned long flags)
-{
-    X509 *signer;
-    if (!(flags & OCSP_NOINTERN)) {
-        signer = X509_find_by_subject(req->optionalSignature->certs, nm);
-        if (signer) {
-            *psigner = signer;
-            return 1;
-        }
-    }
-
-    signer = X509_find_by_subject(certs, nm);
-    if (signer) {
-        *psigner = signer;
-        return 2;
-    }
-    return 0;
-}
diff --git a/thirdparty/openssl/crypto/pem/message b/thirdparty/openssl/crypto/pem/message
deleted file mode 100644
index e8bf9d7592..0000000000
--- a/thirdparty/openssl/crypto/pem/message
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN PRIVACY-ENHANCED MESSAGE-----
-Proc-Type: 4,ENCRYPTED
-Proc-Type: 4,MIC-ONLY
-Proc-Type: 4,MIC-CLEAR
-Content-Domain: RFC822
-DEK-Info: DES-CBC,0123456789abcdef
-Originator-Certificate
- xxxx
-Issuer-Certificate
- xxxx
-MIC-Info: RSA-MD5,RSA,
- xxxx
-
-
------END PRIVACY-ENHANCED MESSAGE-----
-
diff --git a/thirdparty/openssl/crypto/pem/pem_all.c b/thirdparty/openssl/crypto/pem/pem_all.c
deleted file mode 100644
index 0e5be63ef0..0000000000
--- a/thirdparty/openssl/crypto/pem/pem_all.c
+++ /dev/null
@@ -1,427 +0,0 @@
-/* crypto/pem/pem_all.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pkcs7.h>
-#include <openssl/pem.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-
-#ifndef OPENSSL_NO_RSA
-static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa);
-#endif
-#ifndef OPENSSL_NO_DSA
-static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa);
-#endif
-
-#ifndef OPENSSL_NO_EC
-static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey);
-#endif
-
-IMPLEMENT_PEM_rw(X509_REQ, X509_REQ, PEM_STRING_X509_REQ, X509_REQ)
-
-IMPLEMENT_PEM_write(X509_REQ_NEW, X509_REQ, PEM_STRING_X509_REQ_OLD, X509_REQ)
-IMPLEMENT_PEM_rw(X509_CRL, X509_CRL, PEM_STRING_X509_CRL, X509_CRL)
-IMPLEMENT_PEM_rw(PKCS7, PKCS7, PEM_STRING_PKCS7, PKCS7)
-
-IMPLEMENT_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE,
-                 PEM_STRING_X509, NETSCAPE_CERT_SEQUENCE)
-#ifndef OPENSSL_NO_RSA
-/*
- * We treat RSA or DSA private keys as a special case. For private keys we
- * read in an EVP_PKEY structure with PEM_read_bio_PrivateKey() and extract
- * the relevant private key: this means can handle "traditional" and PKCS#8
- * formats transparently.
- */
-static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa)
-{
-    RSA *rtmp;
-    if (!key)
-        return NULL;
-    rtmp = EVP_PKEY_get1_RSA(key);
-    EVP_PKEY_free(key);
-    if (!rtmp)
-        return NULL;
-    if (rsa) {
-        RSA_free(*rsa);
-        *rsa = rtmp;
-    }
-    return rtmp;
-}
-
-RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **rsa, pem_password_cb *cb,
-                                void *u)
-{
-    EVP_PKEY *pktmp;
-    pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
-    return pkey_get_rsa(pktmp, rsa);
-}
-
-# ifndef OPENSSL_NO_FP_API
-
-RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, void *u)
-{
-    EVP_PKEY *pktmp;
-    pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
-    return pkey_get_rsa(pktmp, rsa);
-}
-
-# endif
-
-# ifdef OPENSSL_FIPS
-
-int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
-                                unsigned char *kstr, int klen,
-                                pem_password_cb *cb, void *u)
-{
-    if (FIPS_mode()) {
-        EVP_PKEY *k;
-        int ret;
-        k = EVP_PKEY_new();
-        if (!k)
-            return 0;
-        EVP_PKEY_set1_RSA(k, x);
-
-        ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
-        EVP_PKEY_free(k);
-        return ret;
-    } else
-        return PEM_ASN1_write_bio((i2d_of_void *)i2d_RSAPrivateKey,
-                                  PEM_STRING_RSA, bp, x, enc, kstr, klen, cb,
-                                  u);
-}
-
-#  ifndef OPENSSL_NO_FP_API
-int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
-                            unsigned char *kstr, int klen,
-                            pem_password_cb *cb, void *u)
-{
-    if (FIPS_mode()) {
-        EVP_PKEY *k;
-        int ret;
-        k = EVP_PKEY_new();
-        if (!k)
-            return 0;
-
-        EVP_PKEY_set1_RSA(k, x);
-
-        ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
-        EVP_PKEY_free(k);
-        return ret;
-    } else
-        return PEM_ASN1_write((i2d_of_void *)i2d_RSAPrivateKey,
-                              PEM_STRING_RSA, fp, x, enc, kstr, klen, cb, u);
-}
-#  endif
-
-# else
-
-IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA,
-                             RSAPrivateKey)
-# endif
-IMPLEMENT_PEM_rw_const(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC,
-                       RSAPublicKey) IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA,
-                                                      PEM_STRING_PUBLIC,
-                                                      RSA_PUBKEY)
-#endif
-#ifndef OPENSSL_NO_DSA
-static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa)
-{
-    DSA *dtmp;
-    if (!key)
-        return NULL;
-    dtmp = EVP_PKEY_get1_DSA(key);
-    EVP_PKEY_free(key);
-    if (!dtmp)
-        return NULL;
-    if (dsa) {
-        DSA_free(*dsa);
-        *dsa = dtmp;
-    }
-    return dtmp;
-}
-
-DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb,
-                                void *u)
-{
-    EVP_PKEY *pktmp;
-    pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
-    return pkey_get_dsa(pktmp, dsa); /* will free pktmp */
-}
-
-# ifdef OPENSSL_FIPS
-
-int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
-                                unsigned char *kstr, int klen,
-                                pem_password_cb *cb, void *u)
-{
-    if (FIPS_mode()) {
-        EVP_PKEY *k;
-        int ret;
-        k = EVP_PKEY_new();
-        if (!k)
-            return 0;
-        EVP_PKEY_set1_DSA(k, x);
-
-        ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
-        EVP_PKEY_free(k);
-        return ret;
-    } else
-        return PEM_ASN1_write_bio((i2d_of_void *)i2d_DSAPrivateKey,
-                                  PEM_STRING_DSA, bp, x, enc, kstr, klen, cb,
-                                  u);
-}
-
-#  ifndef OPENSSL_NO_FP_API
-int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
-                            unsigned char *kstr, int klen,
-                            pem_password_cb *cb, void *u)
-{
-    if (FIPS_mode()) {
-        EVP_PKEY *k;
-        int ret;
-        k = EVP_PKEY_new();
-        if (!k)
-            return 0;
-        EVP_PKEY_set1_DSA(k, x);
-        ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
-        EVP_PKEY_free(k);
-        return ret;
-    } else
-        return PEM_ASN1_write((i2d_of_void *)i2d_DSAPrivateKey,
-                              PEM_STRING_DSA, fp, x, enc, kstr, klen, cb, u);
-}
-#  endif
-
-# else
-
-IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA,
-                             DSAPrivateKey)
-# endif
-    IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY)
-# ifndef OPENSSL_NO_FP_API
-DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb, void *u)
-{
-    EVP_PKEY *pktmp;
-    pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
-    return pkey_get_dsa(pktmp, dsa); /* will free pktmp */
-}
-
-# endif
-
-IMPLEMENT_PEM_rw_const(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams)
-#endif
-#ifndef OPENSSL_NO_EC
-static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey)
-{
-    EC_KEY *dtmp;
-    if (!key)
-        return NULL;
-    dtmp = EVP_PKEY_get1_EC_KEY(key);
-    EVP_PKEY_free(key);
-    if (!dtmp)
-        return NULL;
-    if (eckey) {
-        EC_KEY_free(*eckey);
-        *eckey = dtmp;
-    }
-    return dtmp;
-}
-
-EC_KEY *PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb,
-                                  void *u)
-{
-    EVP_PKEY *pktmp;
-    pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
-    return pkey_get_eckey(pktmp, key); /* will free pktmp */
-}
-
-IMPLEMENT_PEM_rw_const(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS,
-                       ECPKParameters)
-# ifdef OPENSSL_FIPS
-int PEM_write_bio_ECPrivateKey(BIO *bp, EC_KEY *x, const EVP_CIPHER *enc,
-                               unsigned char *kstr, int klen,
-                               pem_password_cb *cb, void *u)
-{
-    if (FIPS_mode()) {
-        EVP_PKEY *k;
-        int ret;
-        k = EVP_PKEY_new();
-        if (!k)
-            return 0;
-        EVP_PKEY_set1_EC_KEY(k, x);
-
-        ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
-        EVP_PKEY_free(k);
-        return ret;
-    } else
-        return PEM_ASN1_write_bio((i2d_of_void *)i2d_ECPrivateKey,
-                                  PEM_STRING_ECPRIVATEKEY,
-                                  bp, x, enc, kstr, klen, cb, u);
-}
-
-#  ifndef OPENSSL_NO_FP_API
-int PEM_write_ECPrivateKey(FILE *fp, EC_KEY *x, const EVP_CIPHER *enc,
-                           unsigned char *kstr, int klen,
-                           pem_password_cb *cb, void *u)
-{
-    if (FIPS_mode()) {
-        EVP_PKEY *k;
-        int ret;
-        k = EVP_PKEY_new();
-        if (!k)
-            return 0;
-        EVP_PKEY_set1_EC_KEY(k, x);
-        ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
-        EVP_PKEY_free(k);
-        return ret;
-    } else
-        return PEM_ASN1_write((i2d_of_void *)i2d_ECPrivateKey,
-                              PEM_STRING_ECPRIVATEKEY,
-                              fp, x, enc, kstr, klen, cb, u);
-}
-#  endif
-
-# else
-    IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY,
-                       ECPrivateKey)
-# endif
-IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY)
-# ifndef OPENSSL_NO_FP_API
-EC_KEY *PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb,
-                              void *u)
-{
-    EVP_PKEY *pktmp;
-    pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
-    return pkey_get_eckey(pktmp, eckey); /* will free pktmp */
-}
-
-# endif
-
-#endif
-
-#ifndef OPENSSL_NO_DH
-
-IMPLEMENT_PEM_write_const(DHparams, DH, PEM_STRING_DHPARAMS, DHparams)
-    IMPLEMENT_PEM_write_const(DHxparams, DH, PEM_STRING_DHXPARAMS, DHxparams)
-#endif
-IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY)
diff --git a/thirdparty/openssl/crypto/pem/pem_err.c b/thirdparty/openssl/crypto/pem/pem_err.c
deleted file mode 100644
index 4e5f8e936c..0000000000
--- a/thirdparty/openssl/crypto/pem/pem_err.c
+++ /dev/null
@@ -1,169 +0,0 @@
-/* crypto/pem/pem_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2016 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_PEM,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_PEM,0,reason)
-
-static ERR_STRING_DATA PEM_str_functs[] = {
-    {ERR_FUNC(PEM_F_B2I_DSS), "B2I_DSS"},
-    {ERR_FUNC(PEM_F_B2I_PVK_BIO), "b2i_PVK_bio"},
-    {ERR_FUNC(PEM_F_B2I_RSA), "B2I_RSA"},
-    {ERR_FUNC(PEM_F_CHECK_BITLEN_DSA), "CHECK_BITLEN_DSA"},
-    {ERR_FUNC(PEM_F_CHECK_BITLEN_RSA), "CHECK_BITLEN_RSA"},
-    {ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_BIO), "d2i_PKCS8PrivateKey_bio"},
-    {ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_FP), "d2i_PKCS8PrivateKey_fp"},
-    {ERR_FUNC(PEM_F_DO_B2I), "DO_B2I"},
-    {ERR_FUNC(PEM_F_DO_B2I_BIO), "DO_B2I_BIO"},
-    {ERR_FUNC(PEM_F_DO_BLOB_HEADER), "DO_BLOB_HEADER"},
-    {ERR_FUNC(PEM_F_DO_PK8PKEY), "DO_PK8PKEY"},
-    {ERR_FUNC(PEM_F_DO_PK8PKEY_FP), "DO_PK8PKEY_FP"},
-    {ERR_FUNC(PEM_F_DO_PVK_BODY), "DO_PVK_BODY"},
-    {ERR_FUNC(PEM_F_DO_PVK_HEADER), "DO_PVK_HEADER"},
-    {ERR_FUNC(PEM_F_I2B_PVK), "I2B_PVK"},
-    {ERR_FUNC(PEM_F_I2B_PVK_BIO), "i2b_PVK_bio"},
-    {ERR_FUNC(PEM_F_LOAD_IV), "LOAD_IV"},
-    {ERR_FUNC(PEM_F_PEM_ASN1_READ), "PEM_ASN1_read"},
-    {ERR_FUNC(PEM_F_PEM_ASN1_READ_BIO), "PEM_ASN1_read_bio"},
-    {ERR_FUNC(PEM_F_PEM_ASN1_WRITE), "PEM_ASN1_write"},
-    {ERR_FUNC(PEM_F_PEM_ASN1_WRITE_BIO), "PEM_ASN1_write_bio"},
-    {ERR_FUNC(PEM_F_PEM_DEF_CALLBACK), "PEM_def_callback"},
-    {ERR_FUNC(PEM_F_PEM_DO_HEADER), "PEM_do_header"},
-    {ERR_FUNC(PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY),
-     "PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"},
-    {ERR_FUNC(PEM_F_PEM_GET_EVP_CIPHER_INFO), "PEM_get_EVP_CIPHER_INFO"},
-    {ERR_FUNC(PEM_F_PEM_PK8PKEY), "PEM_PK8PKEY"},
-    {ERR_FUNC(PEM_F_PEM_READ), "PEM_read"},
-    {ERR_FUNC(PEM_F_PEM_READ_BIO), "PEM_read_bio"},
-    {ERR_FUNC(PEM_F_PEM_READ_BIO_DHPARAMS), "PEM_READ_BIO_DHPARAMS"},
-    {ERR_FUNC(PEM_F_PEM_READ_BIO_PARAMETERS), "PEM_read_bio_Parameters"},
-    {ERR_FUNC(PEM_F_PEM_READ_BIO_PRIVATEKEY), "PEM_READ_BIO_PRIVATEKEY"},
-    {ERR_FUNC(PEM_F_PEM_READ_DHPARAMS), "PEM_READ_DHPARAMS"},
-    {ERR_FUNC(PEM_F_PEM_READ_PRIVATEKEY), "PEM_READ_PRIVATEKEY"},
-    {ERR_FUNC(PEM_F_PEM_SEALFINAL), "PEM_SealFinal"},
-    {ERR_FUNC(PEM_F_PEM_SEALINIT), "PEM_SealInit"},
-    {ERR_FUNC(PEM_F_PEM_SIGNFINAL), "PEM_SignFinal"},
-    {ERR_FUNC(PEM_F_PEM_WRITE), "PEM_write"},
-    {ERR_FUNC(PEM_F_PEM_WRITE_BIO), "PEM_write_bio"},
-    {ERR_FUNC(PEM_F_PEM_WRITE_PRIVATEKEY), "PEM_WRITE_PRIVATEKEY"},
-    {ERR_FUNC(PEM_F_PEM_X509_INFO_READ), "PEM_X509_INFO_read"},
-    {ERR_FUNC(PEM_F_PEM_X509_INFO_READ_BIO), "PEM_X509_INFO_read_bio"},
-    {ERR_FUNC(PEM_F_PEM_X509_INFO_WRITE_BIO), "PEM_X509_INFO_write_bio"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA PEM_str_reasons[] = {
-    {ERR_REASON(PEM_R_BAD_BASE64_DECODE), "bad base64 decode"},
-    {ERR_REASON(PEM_R_BAD_DECRYPT), "bad decrypt"},
-    {ERR_REASON(PEM_R_BAD_END_LINE), "bad end line"},
-    {ERR_REASON(PEM_R_BAD_IV_CHARS), "bad iv chars"},
-    {ERR_REASON(PEM_R_BAD_MAGIC_NUMBER), "bad magic number"},
-    {ERR_REASON(PEM_R_BAD_PASSWORD_READ), "bad password read"},
-    {ERR_REASON(PEM_R_BAD_VERSION_NUMBER), "bad version number"},
-    {ERR_REASON(PEM_R_BIO_WRITE_FAILURE), "bio write failure"},
-    {ERR_REASON(PEM_R_CIPHER_IS_NULL), "cipher is null"},
-    {ERR_REASON(PEM_R_ERROR_CONVERTING_PRIVATE_KEY),
-     "error converting private key"},
-    {ERR_REASON(PEM_R_EXPECTING_PRIVATE_KEY_BLOB),
-     "expecting private key blob"},
-    {ERR_REASON(PEM_R_EXPECTING_PUBLIC_KEY_BLOB),
-     "expecting public key blob"},
-    {ERR_REASON(PEM_R_HEADER_TOO_LONG), "header too long"},
-    {ERR_REASON(PEM_R_INCONSISTENT_HEADER), "inconsistent header"},
-    {ERR_REASON(PEM_R_KEYBLOB_HEADER_PARSE_ERROR),
-     "keyblob header parse error"},
-    {ERR_REASON(PEM_R_KEYBLOB_TOO_SHORT), "keyblob too short"},
-    {ERR_REASON(PEM_R_NOT_DEK_INFO), "not dek info"},
-    {ERR_REASON(PEM_R_NOT_ENCRYPTED), "not encrypted"},
-    {ERR_REASON(PEM_R_NOT_PROC_TYPE), "not proc type"},
-    {ERR_REASON(PEM_R_NO_START_LINE), "no start line"},
-    {ERR_REASON(PEM_R_PROBLEMS_GETTING_PASSWORD),
-     "problems getting password"},
-    {ERR_REASON(PEM_R_PUBLIC_KEY_NO_RSA), "public key no rsa"},
-    {ERR_REASON(PEM_R_PVK_DATA_TOO_SHORT), "pvk data too short"},
-    {ERR_REASON(PEM_R_PVK_TOO_SHORT), "pvk too short"},
-    {ERR_REASON(PEM_R_READ_KEY), "read key"},
-    {ERR_REASON(PEM_R_SHORT_HEADER), "short header"},
-    {ERR_REASON(PEM_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
-    {ERR_REASON(PEM_R_UNSUPPORTED_ENCRYPTION), "unsupported encryption"},
-    {ERR_REASON(PEM_R_UNSUPPORTED_KEY_COMPONENTS),
-     "unsupported key components"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_PEM_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(PEM_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, PEM_str_functs);
-        ERR_load_strings(0, PEM_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/pem/pem_info.c b/thirdparty/openssl/crypto/pem/pem_info.c
deleted file mode 100644
index 4d736a1d07..0000000000
--- a/thirdparty/openssl/crypto/pem/pem_info.c
+++ /dev/null
@@ -1,394 +0,0 @@
-/* crypto/pem/pem_info.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-
-#ifndef OPENSSL_NO_FP_API
-STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
-                                        pem_password_cb *cb, void *u)
-{
-    BIO *b;
-    STACK_OF(X509_INFO) *ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        PEMerr(PEM_F_PEM_X509_INFO_READ, ERR_R_BUF_LIB);
-        return (0);
-    }
-    BIO_set_fp(b, fp, BIO_NOCLOSE);
-    ret = PEM_X509_INFO_read_bio(b, sk, cb, u);
-    BIO_free(b);
-    return (ret);
-}
-#endif
-
-STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk,
-                                            pem_password_cb *cb, void *u)
-{
-    X509_INFO *xi = NULL;
-    char *name = NULL, *header = NULL;
-    void *pp;
-    unsigned char *data = NULL;
-    const unsigned char *p;
-    long len, error = 0;
-    int ok = 0;
-    STACK_OF(X509_INFO) *ret = NULL;
-    unsigned int i, raw, ptype;
-    d2i_of_void *d2i = 0;
-
-    if (sk == NULL) {
-        if ((ret = sk_X509_INFO_new_null()) == NULL) {
-            PEMerr(PEM_F_PEM_X509_INFO_READ_BIO, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-    } else
-        ret = sk;
-
-    if ((xi = X509_INFO_new()) == NULL)
-        goto err;
-    for (;;) {
-        raw = 0;
-        ptype = 0;
-        i = PEM_read_bio(bp, &name, &header, &data, &len);
-        if (i == 0) {
-            error = ERR_GET_REASON(ERR_peek_last_error());
-            if (error == PEM_R_NO_START_LINE) {
-                ERR_clear_error();
-                break;
-            }
-            goto err;
-        }
- start:
-        if ((strcmp(name, PEM_STRING_X509) == 0) ||
-            (strcmp(name, PEM_STRING_X509_OLD) == 0)) {
-            d2i = (D2I_OF(void)) d2i_X509;
-            if (xi->x509 != NULL) {
-                if (!sk_X509_INFO_push(ret, xi))
-                    goto err;
-                if ((xi = X509_INFO_new()) == NULL)
-                    goto err;
-                goto start;
-            }
-            pp = &(xi->x509);
-        } else if ((strcmp(name, PEM_STRING_X509_TRUSTED) == 0)) {
-            d2i = (D2I_OF(void)) d2i_X509_AUX;
-            if (xi->x509 != NULL) {
-                if (!sk_X509_INFO_push(ret, xi))
-                    goto err;
-                if ((xi = X509_INFO_new()) == NULL)
-                    goto err;
-                goto start;
-            }
-            pp = &(xi->x509);
-        } else if (strcmp(name, PEM_STRING_X509_CRL) == 0) {
-            d2i = (D2I_OF(void)) d2i_X509_CRL;
-            if (xi->crl != NULL) {
-                if (!sk_X509_INFO_push(ret, xi))
-                    goto err;
-                if ((xi = X509_INFO_new()) == NULL)
-                    goto err;
-                goto start;
-            }
-            pp = &(xi->crl);
-        } else
-#ifndef OPENSSL_NO_RSA
-        if (strcmp(name, PEM_STRING_RSA) == 0) {
-            d2i = (D2I_OF(void)) d2i_RSAPrivateKey;
-            if (xi->x_pkey != NULL) {
-                if (!sk_X509_INFO_push(ret, xi))
-                    goto err;
-                if ((xi = X509_INFO_new()) == NULL)
-                    goto err;
-                goto start;
-            }
-
-            xi->enc_data = NULL;
-            xi->enc_len = 0;
-
-            xi->x_pkey = X509_PKEY_new();
-            if (xi->x_pkey == NULL)
-                goto err;
-            ptype = EVP_PKEY_RSA;
-            pp = &xi->x_pkey->dec_pkey;
-            if ((int)strlen(header) > 10) /* assume encrypted */
-                raw = 1;
-        } else
-#endif
-#ifndef OPENSSL_NO_DSA
-        if (strcmp(name, PEM_STRING_DSA) == 0) {
-            d2i = (D2I_OF(void)) d2i_DSAPrivateKey;
-            if (xi->x_pkey != NULL) {
-                if (!sk_X509_INFO_push(ret, xi))
-                    goto err;
-                if ((xi = X509_INFO_new()) == NULL)
-                    goto err;
-                goto start;
-            }
-
-            xi->enc_data = NULL;
-            xi->enc_len = 0;
-
-            xi->x_pkey = X509_PKEY_new();
-            if (xi->x_pkey == NULL)
-                goto err;
-            ptype = EVP_PKEY_DSA;
-            pp = &xi->x_pkey->dec_pkey;
-            if ((int)strlen(header) > 10) /* assume encrypted */
-                raw = 1;
-        } else
-#endif
-#ifndef OPENSSL_NO_EC
-        if (strcmp(name, PEM_STRING_ECPRIVATEKEY) == 0) {
-            d2i = (D2I_OF(void)) d2i_ECPrivateKey;
-            if (xi->x_pkey != NULL) {
-                if (!sk_X509_INFO_push(ret, xi))
-                    goto err;
-                if ((xi = X509_INFO_new()) == NULL)
-                    goto err;
-                goto start;
-            }
-
-            xi->enc_data = NULL;
-            xi->enc_len = 0;
-
-            xi->x_pkey = X509_PKEY_new();
-            if (xi->x_pkey == NULL)
-                goto err;
-            ptype = EVP_PKEY_EC;
-            pp = &xi->x_pkey->dec_pkey;
-            if ((int)strlen(header) > 10) /* assume encrypted */
-                raw = 1;
-        } else
-#endif
-        {
-            d2i = NULL;
-            pp = NULL;
-        }
-
-        if (d2i != NULL) {
-            if (!raw) {
-                EVP_CIPHER_INFO cipher;
-
-                if (!PEM_get_EVP_CIPHER_INFO(header, &cipher))
-                    goto err;
-                if (!PEM_do_header(&cipher, data, &len, cb, u))
-                    goto err;
-                p = data;
-                if (ptype) {
-                    if (!d2i_PrivateKey(ptype, pp, &p, len)) {
-                        PEMerr(PEM_F_PEM_X509_INFO_READ_BIO, ERR_R_ASN1_LIB);
-                        goto err;
-                    }
-                } else if (d2i(pp, &p, len) == NULL) {
-                    PEMerr(PEM_F_PEM_X509_INFO_READ_BIO, ERR_R_ASN1_LIB);
-                    goto err;
-                }
-            } else {            /* encrypted RSA data */
-                if (!PEM_get_EVP_CIPHER_INFO(header, &xi->enc_cipher))
-                    goto err;
-                xi->enc_data = (char *)data;
-                xi->enc_len = (int)len;
-                data = NULL;
-            }
-        } else {
-            /* unknown */
-        }
-        if (name != NULL)
-            OPENSSL_free(name);
-        if (header != NULL)
-            OPENSSL_free(header);
-        if (data != NULL)
-            OPENSSL_free(data);
-        name = NULL;
-        header = NULL;
-        data = NULL;
-    }
-
-    /*
-     * if the last one hasn't been pushed yet and there is anything in it
-     * then add it to the stack ...
-     */
-    if ((xi->x509 != NULL) || (xi->crl != NULL) ||
-        (xi->x_pkey != NULL) || (xi->enc_data != NULL)) {
-        if (!sk_X509_INFO_push(ret, xi))
-            goto err;
-        xi = NULL;
-    }
-    ok = 1;
- err:
-    if (xi != NULL)
-        X509_INFO_free(xi);
-    if (!ok) {
-        for (i = 0; ((int)i) < sk_X509_INFO_num(ret); i++) {
-            xi = sk_X509_INFO_value(ret, i);
-            X509_INFO_free(xi);
-        }
-        if (ret != sk)
-            sk_X509_INFO_free(ret);
-        ret = NULL;
-    }
-
-    if (name != NULL)
-        OPENSSL_free(name);
-    if (header != NULL)
-        OPENSSL_free(header);
-    if (data != NULL)
-        OPENSSL_free(data);
-    return (ret);
-}
-
-/* A TJH addition */
-int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
-                            unsigned char *kstr, int klen,
-                            pem_password_cb *cb, void *u)
-{
-    EVP_CIPHER_CTX ctx;
-    int i, ret = 0;
-    unsigned char *data = NULL;
-    const char *objstr = NULL;
-    char buf[PEM_BUFSIZE];
-    unsigned char *iv = NULL;
-
-    if (enc != NULL) {
-        objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc));
-        if (objstr == NULL) {
-            PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO, PEM_R_UNSUPPORTED_CIPHER);
-            goto err;
-        }
-    }
-
-    /*
-     * now for the fun part ... if we have a private key then we have to be
-     * able to handle a not-yet-decrypted key being written out correctly ...
-     * if it is decrypted or it is non-encrypted then we use the base code
-     */
-    if (xi->x_pkey != NULL) {
-        if ((xi->enc_data != NULL) && (xi->enc_len > 0)) {
-            if (enc == NULL) {
-                PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO, PEM_R_CIPHER_IS_NULL);
-                goto err;
-            }
-
-            /* copy from weirdo names into more normal things */
-            iv = xi->enc_cipher.iv;
-            data = (unsigned char *)xi->enc_data;
-            i = xi->enc_len;
-
-            /*
-             * we take the encryption data from the internal stuff rather
-             * than what the user has passed us ... as we have to match
-             * exactly for some strange reason
-             */
-            objstr = OBJ_nid2sn(EVP_CIPHER_nid(xi->enc_cipher.cipher));
-            if (objstr == NULL) {
-                PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,
-                       PEM_R_UNSUPPORTED_CIPHER);
-                goto err;
-            }
-
-            /* create the right magic header stuff */
-            OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <=
-                           sizeof buf);
-            buf[0] = '\0';
-            PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
-            PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv);
-
-            /* use the normal code to write things out */
-            i = PEM_write_bio(bp, PEM_STRING_RSA, buf, data, i);
-            if (i <= 0)
-                goto err;
-        } else {
-            /* Add DSA/DH */
-#ifndef OPENSSL_NO_RSA
-            /* normal optionally encrypted stuff */
-            if (PEM_write_bio_RSAPrivateKey(bp,
-                                            xi->x_pkey->dec_pkey->pkey.rsa,
-                                            enc, kstr, klen, cb, u) <= 0)
-                goto err;
-#endif
-        }
-    }
-
-    /* if we have a certificate then write it out now */
-    if ((xi->x509 != NULL) && (PEM_write_bio_X509(bp, xi->x509) <= 0))
-        goto err;
-
-    /*
-     * we are ignoring anything else that is loaded into the X509_INFO
-     * structure for the moment ... as I don't need it so I'm not coding it
-     * here and Eric can do it when this makes it into the base library --tjh
-     */
-
-    ret = 1;
-
- err:
-    OPENSSL_cleanse((char *)&ctx, sizeof(ctx));
-    OPENSSL_cleanse(buf, PEM_BUFSIZE);
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/pem/pem_lib.c b/thirdparty/openssl/crypto/pem/pem_lib.c
deleted file mode 100644
index c82b3c0ae2..0000000000
--- a/thirdparty/openssl/crypto/pem/pem_lib.c
+++ /dev/null
@@ -1,871 +0,0 @@
-/* crypto/pem/pem_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/pkcs12.h>
-#include "asn1_locl.h"
-#ifndef OPENSSL_NO_DES
-# include <openssl/des.h>
-#endif
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-
-const char PEM_version[] = "PEM" OPENSSL_VERSION_PTEXT;
-
-#define MIN_LENGTH      4
-
-static int load_iv(char **fromp, unsigned char *to, int num);
-static int check_pem(const char *nm, const char *name);
-int pem_check_suffix(const char *pem_str, const char *suffix);
-
-int PEM_def_callback(char *buf, int num, int w, void *key)
-{
-#ifdef OPENSSL_NO_FP_API
-    /*
-     * We should not ever call the default callback routine from windows.
-     */
-    PEMerr(PEM_F_PEM_DEF_CALLBACK, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-    return (-1);
-#else
-    int i, j;
-    const char *prompt;
-    if (key) {
-        i = strlen(key);
-        i = (i > num) ? num : i;
-        memcpy(buf, key, i);
-        return (i);
-    }
-
-    prompt = EVP_get_pw_prompt();
-    if (prompt == NULL)
-        prompt = "Enter PEM pass phrase:";
-
-    for (;;) {
-        /*
-         * We assume that w == 0 means decryption,
-         * while w == 1 means encryption
-         */
-        int min_len = w ? MIN_LENGTH : 0;
-
-        i = EVP_read_pw_string_min(buf, min_len, num, prompt, w);
-        if (i != 0) {
-            PEMerr(PEM_F_PEM_DEF_CALLBACK, PEM_R_PROBLEMS_GETTING_PASSWORD);
-            memset(buf, 0, (unsigned int)num);
-            return (-1);
-        }
-        j = strlen(buf);
-        if (min_len && j < min_len) {
-            fprintf(stderr,
-                    "phrase is too short, needs to be at least %d chars\n",
-                    min_len);
-        } else
-            break;
-    }
-    return (j);
-#endif
-}
-
-void PEM_proc_type(char *buf, int type)
-{
-    const char *str;
-
-    if (type == PEM_TYPE_ENCRYPTED)
-        str = "ENCRYPTED";
-    else if (type == PEM_TYPE_MIC_CLEAR)
-        str = "MIC-CLEAR";
-    else if (type == PEM_TYPE_MIC_ONLY)
-        str = "MIC-ONLY";
-    else
-        str = "BAD-TYPE";
-
-    BUF_strlcat(buf, "Proc-Type: 4,", PEM_BUFSIZE);
-    BUF_strlcat(buf, str, PEM_BUFSIZE);
-    BUF_strlcat(buf, "\n", PEM_BUFSIZE);
-}
-
-void PEM_dek_info(char *buf, const char *type, int len, char *str)
-{
-    static const unsigned char map[17] = "0123456789ABCDEF";
-    long i;
-    int j;
-
-    BUF_strlcat(buf, "DEK-Info: ", PEM_BUFSIZE);
-    BUF_strlcat(buf, type, PEM_BUFSIZE);
-    BUF_strlcat(buf, ",", PEM_BUFSIZE);
-    j = strlen(buf);
-    if (j + (len * 2) + 1 > PEM_BUFSIZE)
-        return;
-    for (i = 0; i < len; i++) {
-        buf[j + i * 2] = map[(str[i] >> 4) & 0x0f];
-        buf[j + i * 2 + 1] = map[(str[i]) & 0x0f];
-    }
-    buf[j + i * 2] = '\n';
-    buf[j + i * 2 + 1] = '\0';
-}
-
-#ifndef OPENSSL_NO_FP_API
-void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
-                    pem_password_cb *cb, void *u)
-{
-    BIO *b;
-    void *ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        PEMerr(PEM_F_PEM_ASN1_READ, ERR_R_BUF_LIB);
-        return (0);
-    }
-    BIO_set_fp(b, fp, BIO_NOCLOSE);
-    ret = PEM_ASN1_read_bio(d2i, name, b, x, cb, u);
-    BIO_free(b);
-    return (ret);
-}
-#endif
-
-static int check_pem(const char *nm, const char *name)
-{
-    /* Normal matching nm and name */
-    if (!strcmp(nm, name))
-        return 1;
-
-    /* Make PEM_STRING_EVP_PKEY match any private key */
-
-    if (!strcmp(name, PEM_STRING_EVP_PKEY)) {
-        int slen;
-        const EVP_PKEY_ASN1_METHOD *ameth;
-        if (!strcmp(nm, PEM_STRING_PKCS8))
-            return 1;
-        if (!strcmp(nm, PEM_STRING_PKCS8INF))
-            return 1;
-        slen = pem_check_suffix(nm, "PRIVATE KEY");
-        if (slen > 0) {
-            /*
-             * NB: ENGINE implementations wont contain a deprecated old
-             * private key decode function so don't look for them.
-             */
-            ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen);
-            if (ameth && ameth->old_priv_decode)
-                return 1;
-        }
-        return 0;
-    }
-
-    if (!strcmp(name, PEM_STRING_PARAMETERS)) {
-        int slen;
-        const EVP_PKEY_ASN1_METHOD *ameth;
-        slen = pem_check_suffix(nm, "PARAMETERS");
-        if (slen > 0) {
-            ENGINE *e;
-            ameth = EVP_PKEY_asn1_find_str(&e, nm, slen);
-            if (ameth) {
-                int r;
-                if (ameth->param_decode)
-                    r = 1;
-                else
-                    r = 0;
-#ifndef OPENSSL_NO_ENGINE
-                if (e)
-                    ENGINE_finish(e);
-#endif
-                return r;
-            }
-        }
-        return 0;
-    }
-    /* If reading DH parameters handle X9.42 DH format too */
-    if (!strcmp(nm, PEM_STRING_DHXPARAMS) &&
-        !strcmp(name, PEM_STRING_DHPARAMS))
-        return 1;
-
-    /* Permit older strings */
-
-    if (!strcmp(nm, PEM_STRING_X509_OLD) && !strcmp(name, PEM_STRING_X509))
-        return 1;
-
-    if (!strcmp(nm, PEM_STRING_X509_REQ_OLD) &&
-        !strcmp(name, PEM_STRING_X509_REQ))
-        return 1;
-
-    /* Allow normal certs to be read as trusted certs */
-    if (!strcmp(nm, PEM_STRING_X509) &&
-        !strcmp(name, PEM_STRING_X509_TRUSTED))
-        return 1;
-
-    if (!strcmp(nm, PEM_STRING_X509_OLD) &&
-        !strcmp(name, PEM_STRING_X509_TRUSTED))
-        return 1;
-
-    /* Some CAs use PKCS#7 with CERTIFICATE headers */
-    if (!strcmp(nm, PEM_STRING_X509) && !strcmp(name, PEM_STRING_PKCS7))
-        return 1;
-
-    if (!strcmp(nm, PEM_STRING_PKCS7_SIGNED) &&
-        !strcmp(name, PEM_STRING_PKCS7))
-        return 1;
-
-#ifndef OPENSSL_NO_CMS
-    if (!strcmp(nm, PEM_STRING_X509) && !strcmp(name, PEM_STRING_CMS))
-        return 1;
-    /* Allow CMS to be read from PKCS#7 headers */
-    if (!strcmp(nm, PEM_STRING_PKCS7) && !strcmp(name, PEM_STRING_CMS))
-        return 1;
-#endif
-
-    return 0;
-}
-
-int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm,
-                       const char *name, BIO *bp, pem_password_cb *cb,
-                       void *u)
-{
-    EVP_CIPHER_INFO cipher;
-    char *nm = NULL, *header = NULL;
-    unsigned char *data = NULL;
-    long len;
-    int ret = 0;
-
-    for (;;) {
-        if (!PEM_read_bio(bp, &nm, &header, &data, &len)) {
-            if (ERR_GET_REASON(ERR_peek_error()) == PEM_R_NO_START_LINE)
-                ERR_add_error_data(2, "Expecting: ", name);
-            return 0;
-        }
-        if (check_pem(nm, name))
-            break;
-        OPENSSL_free(nm);
-        OPENSSL_free(header);
-        OPENSSL_free(data);
-    }
-    if (!PEM_get_EVP_CIPHER_INFO(header, &cipher))
-        goto err;
-    if (!PEM_do_header(&cipher, data, &len, cb, u))
-        goto err;
-
-    *pdata = data;
-    *plen = len;
-
-    if (pnm)
-        *pnm = nm;
-
-    ret = 1;
-
- err:
-    if (!ret || !pnm)
-        OPENSSL_free(nm);
-    OPENSSL_free(header);
-    if (!ret)
-        OPENSSL_free(data);
-    return ret;
-}
-
-#ifndef OPENSSL_NO_FP_API
-int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
-                   void *x, const EVP_CIPHER *enc, unsigned char *kstr,
-                   int klen, pem_password_cb *callback, void *u)
-{
-    BIO *b;
-    int ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        PEMerr(PEM_F_PEM_ASN1_WRITE, ERR_R_BUF_LIB);
-        return (0);
-    }
-    BIO_set_fp(b, fp, BIO_NOCLOSE);
-    ret = PEM_ASN1_write_bio(i2d, name, b, x, enc, kstr, klen, callback, u);
-    BIO_free(b);
-    return (ret);
-}
-#endif
-
-int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
-                       void *x, const EVP_CIPHER *enc, unsigned char *kstr,
-                       int klen, pem_password_cb *callback, void *u)
-{
-    EVP_CIPHER_CTX ctx;
-    int dsize = 0, i, j, ret = 0;
-    unsigned char *p, *data = NULL;
-    const char *objstr = NULL;
-    char buf[PEM_BUFSIZE];
-    unsigned char key[EVP_MAX_KEY_LENGTH];
-    unsigned char iv[EVP_MAX_IV_LENGTH];
-
-    if (enc != NULL) {
-        objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc));
-        if (objstr == NULL || EVP_CIPHER_iv_length(enc) == 0) {
-            PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, PEM_R_UNSUPPORTED_CIPHER);
-            goto err;
-        }
-    }
-
-    if ((dsize = i2d(x, NULL)) < 0) {
-        PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, ERR_R_ASN1_LIB);
-        dsize = 0;
-        goto err;
-    }
-    /* dzise + 8 bytes are needed */
-    /* actually it needs the cipher block size extra... */
-    data = (unsigned char *)OPENSSL_malloc((unsigned int)dsize + 20);
-    if (data == NULL) {
-        PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    p = data;
-    i = i2d(x, &p);
-
-    if (enc != NULL) {
-        if (kstr == NULL) {
-            if (callback == NULL)
-                klen = PEM_def_callback(buf, PEM_BUFSIZE, 1, u);
-            else
-                klen = (*callback) (buf, PEM_BUFSIZE, 1, u);
-            if (klen <= 0) {
-                PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, PEM_R_READ_KEY);
-                goto err;
-            }
-#ifdef CHARSET_EBCDIC
-            /* Convert the pass phrase from EBCDIC */
-            ebcdic2ascii(buf, buf, klen);
-#endif
-            kstr = (unsigned char *)buf;
-        }
-        RAND_add(data, i, 0);   /* put in the RSA key. */
-        OPENSSL_assert(enc->iv_len <= (int)sizeof(iv));
-        if (RAND_bytes(iv, enc->iv_len) <= 0) /* Generate a salt */
-            goto err;
-        /*
-         * The 'iv' is used as the iv and as a salt.  It is NOT taken from
-         * the BytesToKey function
-         */
-        if (!EVP_BytesToKey(enc, EVP_md5(), iv, kstr, klen, 1, key, NULL))
-            goto err;
-
-        if (kstr == (unsigned char *)buf)
-            OPENSSL_cleanse(buf, PEM_BUFSIZE);
-
-        OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <=
-                       sizeof buf);
-
-        buf[0] = '\0';
-        PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
-        PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv);
-        /* k=strlen(buf); */
-
-        EVP_CIPHER_CTX_init(&ctx);
-        ret = 1;
-        if (!EVP_EncryptInit_ex(&ctx, enc, NULL, key, iv)
-            || !EVP_EncryptUpdate(&ctx, data, &j, data, i)
-            || !EVP_EncryptFinal_ex(&ctx, &(data[j]), &i))
-            ret = 0;
-        EVP_CIPHER_CTX_cleanup(&ctx);
-        if (ret == 0)
-            goto err;
-        i += j;
-    } else {
-        ret = 1;
-        buf[0] = '\0';
-    }
-    i = PEM_write_bio(bp, name, buf, data, i);
-    if (i <= 0)
-        ret = 0;
- err:
-    OPENSSL_cleanse(key, sizeof(key));
-    OPENSSL_cleanse(iv, sizeof(iv));
-    OPENSSL_cleanse((char *)&ctx, sizeof(ctx));
-    OPENSSL_cleanse(buf, PEM_BUFSIZE);
-    if (data != NULL) {
-        OPENSSL_cleanse(data, (unsigned int)dsize);
-        OPENSSL_free(data);
-    }
-    return (ret);
-}
-
-int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
-                  pem_password_cb *callback, void *u)
-{
-    int i = 0, j, o, klen;
-    long len;
-    EVP_CIPHER_CTX ctx;
-    unsigned char key[EVP_MAX_KEY_LENGTH];
-    char buf[PEM_BUFSIZE];
-
-    len = *plen;
-
-    if (cipher->cipher == NULL)
-        return (1);
-    if (callback == NULL)
-        klen = PEM_def_callback(buf, PEM_BUFSIZE, 0, u);
-    else
-        klen = callback(buf, PEM_BUFSIZE, 0, u);
-    if (klen <= 0) {
-        PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_PASSWORD_READ);
-        return (0);
-    }
-#ifdef CHARSET_EBCDIC
-    /* Convert the pass phrase from EBCDIC */
-    ebcdic2ascii(buf, buf, klen);
-#endif
-
-    if (!EVP_BytesToKey(cipher->cipher, EVP_md5(), &(cipher->iv[0]),
-                        (unsigned char *)buf, klen, 1, key, NULL))
-        return 0;
-
-    j = (int)len;
-    EVP_CIPHER_CTX_init(&ctx);
-    o = EVP_DecryptInit_ex(&ctx, cipher->cipher, NULL, key, &(cipher->iv[0]));
-    if (o)
-        o = EVP_DecryptUpdate(&ctx, data, &i, data, j);
-    if (o)
-        o = EVP_DecryptFinal_ex(&ctx, &(data[i]), &j);
-    EVP_CIPHER_CTX_cleanup(&ctx);
-    OPENSSL_cleanse((char *)buf, sizeof(buf));
-    OPENSSL_cleanse((char *)key, sizeof(key));
-    if (o)
-        j += i;
-    else {
-        PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_DECRYPT);
-        return (0);
-    }
-    *plen = j;
-    return (1);
-}
-
-int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
-{
-    const EVP_CIPHER *enc = NULL;
-    char *p, c;
-    char **header_pp = &header;
-
-    cipher->cipher = NULL;
-    if ((header == NULL) || (*header == '\0') || (*header == '\n'))
-        return (1);
-    if (strncmp(header, "Proc-Type: ", 11) != 0) {
-        PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_PROC_TYPE);
-        return (0);
-    }
-    header += 11;
-    if (*header != '4')
-        return (0);
-    header++;
-    if (*header != ',')
-        return (0);
-    header++;
-    if (strncmp(header, "ENCRYPTED", 9) != 0) {
-        PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_ENCRYPTED);
-        return (0);
-    }
-    for (; (*header != '\n') && (*header != '\0'); header++) ;
-    if (*header == '\0') {
-        PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_SHORT_HEADER);
-        return (0);
-    }
-    header++;
-    if (strncmp(header, "DEK-Info: ", 10) != 0) {
-        PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_DEK_INFO);
-        return (0);
-    }
-    header += 10;
-
-    p = header;
-    for (;;) {
-        c = *header;
-#ifndef CHARSET_EBCDIC
-        if (!(((c >= 'A') && (c <= 'Z')) || (c == '-') ||
-              ((c >= '0') && (c <= '9'))))
-            break;
-#else
-        if (!(isupper(c) || (c == '-') || isdigit(c)))
-            break;
-#endif
-        header++;
-    }
-    *header = '\0';
-    cipher->cipher = enc = EVP_get_cipherbyname(p);
-    *header = c;
-    header++;
-
-    if (enc == NULL) {
-        PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_UNSUPPORTED_ENCRYPTION);
-        return (0);
-    }
-    if (!load_iv(header_pp, &(cipher->iv[0]), enc->iv_len))
-        return (0);
-
-    return (1);
-}
-
-static int load_iv(char **fromp, unsigned char *to, int num)
-{
-    int v, i;
-    char *from;
-
-    from = *fromp;
-    for (i = 0; i < num; i++)
-        to[i] = 0;
-    num *= 2;
-    for (i = 0; i < num; i++) {
-        if ((*from >= '0') && (*from <= '9'))
-            v = *from - '0';
-        else if ((*from >= 'A') && (*from <= 'F'))
-            v = *from - 'A' + 10;
-        else if ((*from >= 'a') && (*from <= 'f'))
-            v = *from - 'a' + 10;
-        else {
-            PEMerr(PEM_F_LOAD_IV, PEM_R_BAD_IV_CHARS);
-            return (0);
-        }
-        from++;
-        to[i / 2] |= v << (long)((!(i & 1)) * 4);
-    }
-
-    *fromp = from;
-    return (1);
-}
-
-#ifndef OPENSSL_NO_FP_API
-int PEM_write(FILE *fp, const char *name, const char *header,
-              const unsigned char *data, long len)
-{
-    BIO *b;
-    int ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        PEMerr(PEM_F_PEM_WRITE, ERR_R_BUF_LIB);
-        return (0);
-    }
-    BIO_set_fp(b, fp, BIO_NOCLOSE);
-    ret = PEM_write_bio(b, name, header, data, len);
-    BIO_free(b);
-    return (ret);
-}
-#endif
-
-int PEM_write_bio(BIO *bp, const char *name, const char *header,
-                  const unsigned char *data, long len)
-{
-    int nlen, n, i, j, outl;
-    unsigned char *buf = NULL;
-    EVP_ENCODE_CTX ctx;
-    int reason = ERR_R_BUF_LIB;
-
-    EVP_EncodeInit(&ctx);
-    nlen = strlen(name);
-
-    if ((BIO_write(bp, "-----BEGIN ", 11) != 11) ||
-        (BIO_write(bp, name, nlen) != nlen) ||
-        (BIO_write(bp, "-----\n", 6) != 6))
-        goto err;
-
-    i = strlen(header);
-    if (i > 0) {
-        if ((BIO_write(bp, header, i) != i) || (BIO_write(bp, "\n", 1) != 1))
-            goto err;
-    }
-
-    buf = OPENSSL_malloc(PEM_BUFSIZE * 8);
-    if (buf == NULL) {
-        reason = ERR_R_MALLOC_FAILURE;
-        goto err;
-    }
-
-    i = j = 0;
-    while (len > 0) {
-        n = (int)((len > (PEM_BUFSIZE * 5)) ? (PEM_BUFSIZE * 5) : len);
-        EVP_EncodeUpdate(&ctx, buf, &outl, &(data[j]), n);
-        if ((outl) && (BIO_write(bp, (char *)buf, outl) != outl))
-            goto err;
-        i += outl;
-        len -= n;
-        j += n;
-    }
-    EVP_EncodeFinal(&ctx, buf, &outl);
-    if ((outl > 0) && (BIO_write(bp, (char *)buf, outl) != outl))
-        goto err;
-    OPENSSL_cleanse(buf, PEM_BUFSIZE * 8);
-    OPENSSL_free(buf);
-    buf = NULL;
-    if ((BIO_write(bp, "-----END ", 9) != 9) ||
-        (BIO_write(bp, name, nlen) != nlen) ||
-        (BIO_write(bp, "-----\n", 6) != 6))
-        goto err;
-    return (i + outl);
- err:
-    if (buf) {
-        OPENSSL_cleanse(buf, PEM_BUFSIZE * 8);
-        OPENSSL_free(buf);
-    }
-    PEMerr(PEM_F_PEM_WRITE_BIO, reason);
-    return (0);
-}
-
-#ifndef OPENSSL_NO_FP_API
-int PEM_read(FILE *fp, char **name, char **header, unsigned char **data,
-             long *len)
-{
-    BIO *b;
-    int ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        PEMerr(PEM_F_PEM_READ, ERR_R_BUF_LIB);
-        return (0);
-    }
-    BIO_set_fp(b, fp, BIO_NOCLOSE);
-    ret = PEM_read_bio(b, name, header, data, len);
-    BIO_free(b);
-    return (ret);
-}
-#endif
-
-int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
-                 long *len)
-{
-    EVP_ENCODE_CTX ctx;
-    int end = 0, i, k, bl = 0, hl = 0, nohead = 0;
-    char buf[256];
-    BUF_MEM *nameB;
-    BUF_MEM *headerB;
-    BUF_MEM *dataB, *tmpB;
-
-    nameB = BUF_MEM_new();
-    headerB = BUF_MEM_new();
-    dataB = BUF_MEM_new();
-    if ((nameB == NULL) || (headerB == NULL) || (dataB == NULL)) {
-        BUF_MEM_free(nameB);
-        BUF_MEM_free(headerB);
-        BUF_MEM_free(dataB);
-        PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-
-    buf[254] = '\0';
-    for (;;) {
-        i = BIO_gets(bp, buf, 254);
-
-        if (i <= 0) {
-            PEMerr(PEM_F_PEM_READ_BIO, PEM_R_NO_START_LINE);
-            goto err;
-        }
-
-        while ((i >= 0) && (buf[i] <= ' '))
-            i--;
-        buf[++i] = '\n';
-        buf[++i] = '\0';
-
-        if (strncmp(buf, "-----BEGIN ", 11) == 0) {
-            i = strlen(&(buf[11]));
-
-            if (strncmp(&(buf[11 + i - 6]), "-----\n", 6) != 0)
-                continue;
-            if (!BUF_MEM_grow(nameB, i + 9)) {
-                PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            memcpy(nameB->data, &(buf[11]), i - 6);
-            nameB->data[i - 6] = '\0';
-            break;
-        }
-    }
-    hl = 0;
-    if (!BUF_MEM_grow(headerB, 256)) {
-        PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    headerB->data[0] = '\0';
-    for (;;) {
-        i = BIO_gets(bp, buf, 254);
-        if (i <= 0)
-            break;
-
-        while ((i >= 0) && (buf[i] <= ' '))
-            i--;
-        buf[++i] = '\n';
-        buf[++i] = '\0';
-
-        if (buf[0] == '\n')
-            break;
-        if (!BUF_MEM_grow(headerB, hl + i + 9)) {
-            PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        if (strncmp(buf, "-----END ", 9) == 0) {
-            nohead = 1;
-            break;
-        }
-        memcpy(&(headerB->data[hl]), buf, i);
-        headerB->data[hl + i] = '\0';
-        hl += i;
-    }
-
-    bl = 0;
-    if (!BUF_MEM_grow(dataB, 1024)) {
-        PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    dataB->data[0] = '\0';
-    if (!nohead) {
-        for (;;) {
-            i = BIO_gets(bp, buf, 254);
-            if (i <= 0)
-                break;
-
-            while ((i >= 0) && (buf[i] <= ' '))
-                i--;
-            buf[++i] = '\n';
-            buf[++i] = '\0';
-
-            if (i != 65)
-                end = 1;
-            if (strncmp(buf, "-----END ", 9) == 0)
-                break;
-            if (i > 65)
-                break;
-            if (!BUF_MEM_grow_clean(dataB, i + bl + 9)) {
-                PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            memcpy(&(dataB->data[bl]), buf, i);
-            dataB->data[bl + i] = '\0';
-            bl += i;
-            if (end) {
-                buf[0] = '\0';
-                i = BIO_gets(bp, buf, 254);
-                if (i <= 0)
-                    break;
-
-                while ((i >= 0) && (buf[i] <= ' '))
-                    i--;
-                buf[++i] = '\n';
-                buf[++i] = '\0';
-
-                break;
-            }
-        }
-    } else {
-        tmpB = headerB;
-        headerB = dataB;
-        dataB = tmpB;
-        bl = hl;
-    }
-    i = strlen(nameB->data);
-    if ((strncmp(buf, "-----END ", 9) != 0) ||
-        (strncmp(nameB->data, &(buf[9]), i) != 0) ||
-        (strncmp(&(buf[9 + i]), "-----\n", 6) != 0)) {
-        PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_END_LINE);
-        goto err;
-    }
-
-    EVP_DecodeInit(&ctx);
-    i = EVP_DecodeUpdate(&ctx,
-                         (unsigned char *)dataB->data, &bl,
-                         (unsigned char *)dataB->data, bl);
-    if (i < 0) {
-        PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_BASE64_DECODE);
-        goto err;
-    }
-    i = EVP_DecodeFinal(&ctx, (unsigned char *)&(dataB->data[bl]), &k);
-    if (i < 0) {
-        PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_BASE64_DECODE);
-        goto err;
-    }
-    bl += k;
-
-    if (bl == 0)
-        goto err;
-    *name = nameB->data;
-    *header = headerB->data;
-    *data = (unsigned char *)dataB->data;
-    *len = bl;
-    OPENSSL_free(nameB);
-    OPENSSL_free(headerB);
-    OPENSSL_free(dataB);
-    return (1);
- err:
-    BUF_MEM_free(nameB);
-    BUF_MEM_free(headerB);
-    BUF_MEM_free(dataB);
-    return (0);
-}
-
-/*
- * Check pem string and return prefix length. If for example the pem_str ==
- * "RSA PRIVATE KEY" and suffix = "PRIVATE KEY" the return value is 3 for the
- * string "RSA".
- */
-
-int pem_check_suffix(const char *pem_str, const char *suffix)
-{
-    int pem_len = strlen(pem_str);
-    int suffix_len = strlen(suffix);
-    const char *p;
-    if (suffix_len + 1 >= pem_len)
-        return 0;
-    p = pem_str + pem_len - suffix_len;
-    if (strcmp(p, suffix))
-        return 0;
-    p--;
-    if (*p != ' ')
-        return 0;
-    return p - pem_str;
-}
diff --git a/thirdparty/openssl/crypto/pem/pem_oth.c b/thirdparty/openssl/crypto/pem/pem_oth.c
deleted file mode 100644
index 1dd3bd7a1b..0000000000
--- a/thirdparty/openssl/crypto/pem/pem_oth.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/* crypto/pem/pem_oth.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-/* Handle 'other' PEMs: not private keys */
-
-void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x,
-                        pem_password_cb *cb, void *u)
-{
-    const unsigned char *p = NULL;
-    unsigned char *data = NULL;
-    long len;
-    char *ret = NULL;
-
-    if (!PEM_bytes_read_bio(&data, &len, NULL, name, bp, cb, u))
-        return NULL;
-    p = data;
-    ret = d2i(x, &p, len);
-    if (ret == NULL)
-        PEMerr(PEM_F_PEM_ASN1_READ_BIO, ERR_R_ASN1_LIB);
-    OPENSSL_free(data);
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/pem/pem_pk8.c b/thirdparty/openssl/crypto/pem/pem_pk8.c
deleted file mode 100644
index 5747c7366e..0000000000
--- a/thirdparty/openssl/crypto/pem/pem_pk8.c
+++ /dev/null
@@ -1,259 +0,0 @@
-/* crypto/pem/pem_pkey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-#include <openssl/pkcs12.h>
-#include <openssl/pem.h>
-
-static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder,
-                      int nid, const EVP_CIPHER *enc,
-                      char *kstr, int klen, pem_password_cb *cb, void *u);
-static int do_pk8pkey_fp(FILE *bp, EVP_PKEY *x, int isder,
-                         int nid, const EVP_CIPHER *enc,
-                         char *kstr, int klen, pem_password_cb *cb, void *u);
-
-/*
- * These functions write a private key in PKCS#8 format: it is a "drop in"
- * replacement for PEM_write_bio_PrivateKey() and friends. As usual if 'enc'
- * is NULL then it uses the unencrypted private key form. The 'nid' versions
- * uses PKCS#5 v1.5 PBE algorithms whereas the others use PKCS#5 v2.0.
- */
-
-int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
-                                      char *kstr, int klen,
-                                      pem_password_cb *cb, void *u)
-{
-    return do_pk8pkey(bp, x, 0, nid, NULL, kstr, klen, cb, u);
-}
-
-int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
-                                  char *kstr, int klen,
-                                  pem_password_cb *cb, void *u)
-{
-    return do_pk8pkey(bp, x, 0, -1, enc, kstr, klen, cb, u);
-}
-
-int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
-                            char *kstr, int klen,
-                            pem_password_cb *cb, void *u)
-{
-    return do_pk8pkey(bp, x, 1, -1, enc, kstr, klen, cb, u);
-}
-
-int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
-                                char *kstr, int klen,
-                                pem_password_cb *cb, void *u)
-{
-    return do_pk8pkey(bp, x, 1, nid, NULL, kstr, klen, cb, u);
-}
-
-static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid,
-                      const EVP_CIPHER *enc, char *kstr, int klen,
-                      pem_password_cb *cb, void *u)
-{
-    X509_SIG *p8;
-    PKCS8_PRIV_KEY_INFO *p8inf;
-    char buf[PEM_BUFSIZE];
-    int ret;
-    if (!(p8inf = EVP_PKEY2PKCS8(x))) {
-        PEMerr(PEM_F_DO_PK8PKEY, PEM_R_ERROR_CONVERTING_PRIVATE_KEY);
-        return 0;
-    }
-    if (enc || (nid != -1)) {
-        if (!kstr) {
-            if (!cb)
-                klen = PEM_def_callback(buf, PEM_BUFSIZE, 1, u);
-            else
-                klen = cb(buf, PEM_BUFSIZE, 1, u);
-            if (klen <= 0) {
-                PEMerr(PEM_F_DO_PK8PKEY, PEM_R_READ_KEY);
-                PKCS8_PRIV_KEY_INFO_free(p8inf);
-                return 0;
-            }
-
-            kstr = buf;
-        }
-        p8 = PKCS8_encrypt(nid, enc, kstr, klen, NULL, 0, 0, p8inf);
-        if (kstr == buf)
-            OPENSSL_cleanse(buf, klen);
-        PKCS8_PRIV_KEY_INFO_free(p8inf);
-        if (p8 == NULL)
-            return 0;
-        if (isder)
-            ret = i2d_PKCS8_bio(bp, p8);
-        else
-            ret = PEM_write_bio_PKCS8(bp, p8);
-        X509_SIG_free(p8);
-        return ret;
-    } else {
-        if (isder)
-            ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
-        else
-            ret = PEM_write_bio_PKCS8_PRIV_KEY_INFO(bp, p8inf);
-        PKCS8_PRIV_KEY_INFO_free(p8inf);
-        return ret;
-    }
-}
-
-EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
-                                  void *u)
-{
-    PKCS8_PRIV_KEY_INFO *p8inf = NULL;
-    X509_SIG *p8 = NULL;
-    int klen;
-    EVP_PKEY *ret;
-    char psbuf[PEM_BUFSIZE];
-    p8 = d2i_PKCS8_bio(bp, NULL);
-    if (!p8)
-        return NULL;
-    if (cb)
-        klen = cb(psbuf, PEM_BUFSIZE, 0, u);
-    else
-        klen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u);
-    if (klen <= 0) {
-        PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_BIO, PEM_R_BAD_PASSWORD_READ);
-        X509_SIG_free(p8);
-        return NULL;
-    }
-    p8inf = PKCS8_decrypt(p8, psbuf, klen);
-    X509_SIG_free(p8);
-    if (!p8inf)
-        return NULL;
-    ret = EVP_PKCS82PKEY(p8inf);
-    PKCS8_PRIV_KEY_INFO_free(p8inf);
-    if (!ret)
-        return NULL;
-    if (x) {
-        if (*x)
-            EVP_PKEY_free(*x);
-        *x = ret;
-    }
-    return ret;
-}
-
-#ifndef OPENSSL_NO_FP_API
-
-int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
-                           char *kstr, int klen, pem_password_cb *cb, void *u)
-{
-    return do_pk8pkey_fp(fp, x, 1, -1, enc, kstr, klen, cb, u);
-}
-
-int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
-                               char *kstr, int klen,
-                               pem_password_cb *cb, void *u)
-{
-    return do_pk8pkey_fp(fp, x, 1, nid, NULL, kstr, klen, cb, u);
-}
-
-int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
-                                  char *kstr, int klen,
-                                  pem_password_cb *cb, void *u)
-{
-    return do_pk8pkey_fp(fp, x, 0, nid, NULL, kstr, klen, cb, u);
-}
-
-int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
-                              char *kstr, int klen, pem_password_cb *cb,
-                              void *u)
-{
-    return do_pk8pkey_fp(fp, x, 0, -1, enc, kstr, klen, cb, u);
-}
-
-static int do_pk8pkey_fp(FILE *fp, EVP_PKEY *x, int isder, int nid,
-                         const EVP_CIPHER *enc, char *kstr, int klen,
-                         pem_password_cb *cb, void *u)
-{
-    BIO *bp;
-    int ret;
-    if (!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) {
-        PEMerr(PEM_F_DO_PK8PKEY_FP, ERR_R_BUF_LIB);
-        return (0);
-    }
-    ret = do_pk8pkey(bp, x, isder, nid, enc, kstr, klen, cb, u);
-    BIO_free(bp);
-    return ret;
-}
-
-EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
-                                 void *u)
-{
-    BIO *bp;
-    EVP_PKEY *ret;
-    if (!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) {
-        PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_FP, ERR_R_BUF_LIB);
-        return NULL;
-    }
-    ret = d2i_PKCS8PrivateKey_bio(bp, x, cb, u);
-    BIO_free(bp);
-    return ret;
-}
-
-#endif
-
-IMPLEMENT_PEM_rw(PKCS8, X509_SIG, PEM_STRING_PKCS8, X509_SIG)
-
-
-IMPLEMENT_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO, PEM_STRING_PKCS8INF,
-             PKCS8_PRIV_KEY_INFO)
diff --git a/thirdparty/openssl/crypto/pem/pem_pkey.c b/thirdparty/openssl/crypto/pem/pem_pkey.c
deleted file mode 100644
index 04d6319a22..0000000000
--- a/thirdparty/openssl/crypto/pem/pem_pkey.c
+++ /dev/null
@@ -1,293 +0,0 @@
-/* crypto/pem/pem_pkey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-#include <openssl/pkcs12.h>
-#include <openssl/pem.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#include "asn1_locl.h"
-
-int pem_check_suffix(const char *pem_str, const char *suffix);
-
-EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
-                                  void *u)
-{
-    char *nm = NULL;
-    const unsigned char *p = NULL;
-    unsigned char *data = NULL;
-    long len;
-    int slen;
-    EVP_PKEY *ret = NULL;
-
-    if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_EVP_PKEY, bp, cb, u))
-        return NULL;
-    p = data;
-
-    if (strcmp(nm, PEM_STRING_PKCS8INF) == 0) {
-        PKCS8_PRIV_KEY_INFO *p8inf;
-        p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len);
-        if (!p8inf)
-            goto p8err;
-        ret = EVP_PKCS82PKEY(p8inf);
-        if (x) {
-            if (*x)
-                EVP_PKEY_free((EVP_PKEY *)*x);
-            *x = ret;
-        }
-        PKCS8_PRIV_KEY_INFO_free(p8inf);
-    } else if (strcmp(nm, PEM_STRING_PKCS8) == 0) {
-        PKCS8_PRIV_KEY_INFO *p8inf;
-        X509_SIG *p8;
-        int klen;
-        char psbuf[PEM_BUFSIZE];
-        p8 = d2i_X509_SIG(NULL, &p, len);
-        if (!p8)
-            goto p8err;
-        if (cb)
-            klen = cb(psbuf, PEM_BUFSIZE, 0, u);
-        else
-            klen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u);
-        if (klen <= 0) {
-            PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY, PEM_R_BAD_PASSWORD_READ);
-            X509_SIG_free(p8);
-            goto err;
-        }
-        p8inf = PKCS8_decrypt(p8, psbuf, klen);
-        X509_SIG_free(p8);
-        if (!p8inf)
-            goto p8err;
-        ret = EVP_PKCS82PKEY(p8inf);
-        if (x) {
-            if (*x)
-                EVP_PKEY_free((EVP_PKEY *)*x);
-            *x = ret;
-        }
-        PKCS8_PRIV_KEY_INFO_free(p8inf);
-    } else if ((slen = pem_check_suffix(nm, "PRIVATE KEY")) > 0) {
-        const EVP_PKEY_ASN1_METHOD *ameth;
-        ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen);
-        if (!ameth || !ameth->old_priv_decode)
-            goto p8err;
-        ret = d2i_PrivateKey(ameth->pkey_id, x, &p, len);
-    }
- p8err:
-    if (ret == NULL)
-        PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY, ERR_R_ASN1_LIB);
- err:
-    OPENSSL_free(nm);
-    OPENSSL_cleanse(data, len);
-    OPENSSL_free(data);
-    return (ret);
-}
-
-int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
-                             unsigned char *kstr, int klen,
-                             pem_password_cb *cb, void *u)
-{
-    char pem_str[80];
-    if (!x->ameth || x->ameth->priv_encode)
-        return PEM_write_bio_PKCS8PrivateKey(bp, x, enc,
-                                             (char *)kstr, klen, cb, u);
-
-    BIO_snprintf(pem_str, 80, "%s PRIVATE KEY", x->ameth->pem_str);
-    return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey,
-                              pem_str, bp, x, enc, kstr, klen, cb, u);
-}
-
-EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x)
-{
-    char *nm = NULL;
-    const unsigned char *p = NULL;
-    unsigned char *data = NULL;
-    long len;
-    int slen;
-    EVP_PKEY *ret = NULL;
-
-    if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_PARAMETERS,
-                            bp, 0, NULL))
-        return NULL;
-    p = data;
-
-    if ((slen = pem_check_suffix(nm, "PARAMETERS")) > 0) {
-        ret = EVP_PKEY_new();
-        if (!ret)
-            goto err;
-        if (!EVP_PKEY_set_type_str(ret, nm, slen)
-            || !ret->ameth->param_decode
-            || !ret->ameth->param_decode(ret, &p, len)) {
-            EVP_PKEY_free(ret);
-            ret = NULL;
-            goto err;
-        }
-        if (x) {
-            if (*x)
-                EVP_PKEY_free((EVP_PKEY *)*x);
-            *x = ret;
-        }
-    }
- err:
-    if (ret == NULL)
-        PEMerr(PEM_F_PEM_READ_BIO_PARAMETERS, ERR_R_ASN1_LIB);
-    OPENSSL_free(nm);
-    OPENSSL_free(data);
-    return (ret);
-}
-
-int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x)
-{
-    char pem_str[80];
-    if (!x->ameth || !x->ameth->param_encode)
-        return 0;
-
-    BIO_snprintf(pem_str, 80, "%s PARAMETERS", x->ameth->pem_str);
-    return PEM_ASN1_write_bio((i2d_of_void *)x->ameth->param_encode,
-                              pem_str, bp, x, NULL, NULL, 0, 0, NULL);
-}
-
-#ifndef OPENSSL_NO_FP_API
-EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
-                              void *u)
-{
-    BIO *b;
-    EVP_PKEY *ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        PEMerr(PEM_F_PEM_READ_PRIVATEKEY, ERR_R_BUF_LIB);
-        return (0);
-    }
-    BIO_set_fp(b, fp, BIO_NOCLOSE);
-    ret = PEM_read_bio_PrivateKey(b, x, cb, u);
-    BIO_free(b);
-    return (ret);
-}
-
-int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
-                         unsigned char *kstr, int klen,
-                         pem_password_cb *cb, void *u)
-{
-    BIO *b;
-    int ret;
-
-    if ((b = BIO_new_fp(fp, BIO_NOCLOSE)) == NULL) {
-        PEMerr(PEM_F_PEM_WRITE_PRIVATEKEY, ERR_R_BUF_LIB);
-        return 0;
-    }
-    ret = PEM_write_bio_PrivateKey(b, x, enc, kstr, klen, cb, u);
-    BIO_free(b);
-    return ret;
-}
-
-#endif
-
-#ifndef OPENSSL_NO_DH
-
-/* Transparently read in PKCS#3 or X9.42 DH parameters */
-
-DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u)
-{
-    char *nm = NULL;
-    const unsigned char *p = NULL;
-    unsigned char *data = NULL;
-    long len;
-    DH *ret = NULL;
-
-    if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_DHPARAMS, bp, cb, u))
-        return NULL;
-    p = data;
-
-    if (!strcmp(nm, PEM_STRING_DHXPARAMS))
-        ret = d2i_DHxparams(x, &p, len);
-    else
-        ret = d2i_DHparams(x, &p, len);
-
-    if (ret == NULL)
-        PEMerr(PEM_F_PEM_READ_BIO_DHPARAMS, ERR_R_ASN1_LIB);
-    OPENSSL_free(nm);
-    OPENSSL_free(data);
-    return ret;
-}
-
-# ifndef OPENSSL_NO_FP_API
-DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u)
-{
-    BIO *b;
-    DH *ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        PEMerr(PEM_F_PEM_READ_DHPARAMS, ERR_R_BUF_LIB);
-        return (0);
-    }
-    BIO_set_fp(b, fp, BIO_NOCLOSE);
-    ret = PEM_read_bio_DHparams(b, x, cb, u);
-    BIO_free(b);
-    return (ret);
-}
-# endif
-
-#endif
diff --git a/thirdparty/openssl/crypto/pem/pem_seal.c b/thirdparty/openssl/crypto/pem/pem_seal.c
deleted file mode 100644
index a5c1812575..0000000000
--- a/thirdparty/openssl/crypto/pem/pem_seal.c
+++ /dev/null
@@ -1,191 +0,0 @@
-/* crypto/pem/pem_seal.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/opensslconf.h> /* for OPENSSL_NO_RSA */
-#ifndef OPENSSL_NO_RSA
-# include <stdio.h>
-# include "cryptlib.h"
-# include <openssl/evp.h>
-# include <openssl/rand.h>
-# include <openssl/objects.h>
-# include <openssl/x509.h>
-# include <openssl/pem.h>
-# include <openssl/rsa.h>
-
-int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
-                 unsigned char **ek, int *ekl, unsigned char *iv,
-                 EVP_PKEY **pubk, int npubk)
-{
-    unsigned char key[EVP_MAX_KEY_LENGTH];
-    int ret = -1;
-    int i, j, max = 0;
-    char *s = NULL;
-
-    for (i = 0; i < npubk; i++) {
-        if (pubk[i]->type != EVP_PKEY_RSA) {
-            PEMerr(PEM_F_PEM_SEALINIT, PEM_R_PUBLIC_KEY_NO_RSA);
-            goto err;
-        }
-        j = RSA_size(pubk[i]->pkey.rsa);
-        if (j > max)
-            max = j;
-    }
-    s = (char *)OPENSSL_malloc(max * 2);
-    if (s == NULL) {
-        PEMerr(PEM_F_PEM_SEALINIT, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    EVP_EncodeInit(&ctx->encode);
-
-    EVP_MD_CTX_init(&ctx->md);
-    if (!EVP_SignInit(&ctx->md, md_type))
-        goto err;
-
-    EVP_CIPHER_CTX_init(&ctx->cipher);
-    ret = EVP_SealInit(&ctx->cipher, type, ek, ekl, iv, pubk, npubk);
-    if (ret <= 0)
-        goto err;
-
-    /* base64 encode the keys */
-    for (i = 0; i < npubk; i++) {
-        j = EVP_EncodeBlock((unsigned char *)s, ek[i],
-                            RSA_size(pubk[i]->pkey.rsa));
-        ekl[i] = j;
-        memcpy(ek[i], s, j + 1);
-    }
-
-    ret = npubk;
- err:
-    if (s != NULL)
-        OPENSSL_free(s);
-    OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
-    return (ret);
-}
-
-void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
-                    unsigned char *in, int inl)
-{
-    unsigned char buffer[1600];
-    int i, j;
-
-    *outl = 0;
-    EVP_SignUpdate(&ctx->md, in, inl);
-    for (;;) {
-        if (inl <= 0)
-            break;
-        if (inl > 1200)
-            i = 1200;
-        else
-            i = inl;
-        EVP_EncryptUpdate(&ctx->cipher, buffer, &j, in, i);
-        EVP_EncodeUpdate(&ctx->encode, out, &j, buffer, j);
-        *outl += j;
-        out += j;
-        in += i;
-        inl -= i;
-    }
-}
-
-int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
-                  unsigned char *out, int *outl, EVP_PKEY *priv)
-{
-    unsigned char *s = NULL;
-    int ret = 0, j;
-    unsigned int i;
-
-    if (priv->type != EVP_PKEY_RSA) {
-        PEMerr(PEM_F_PEM_SEALFINAL, PEM_R_PUBLIC_KEY_NO_RSA);
-        goto err;
-    }
-    i = RSA_size(priv->pkey.rsa);
-    if (i < 100)
-        i = 100;
-    s = (unsigned char *)OPENSSL_malloc(i * 2);
-    if (s == NULL) {
-        PEMerr(PEM_F_PEM_SEALFINAL, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (!EVP_EncryptFinal_ex(&ctx->cipher, s, (int *)&i))
-        goto err;
-    EVP_EncodeUpdate(&ctx->encode, out, &j, s, i);
-    *outl = j;
-    out += j;
-    EVP_EncodeFinal(&ctx->encode, out, &j);
-    *outl += j;
-
-    if (!EVP_SignFinal(&ctx->md, s, &i, priv))
-        goto err;
-    *sigl = EVP_EncodeBlock(sig, s, i);
-
-    ret = 1;
- err:
-    EVP_MD_CTX_cleanup(&ctx->md);
-    EVP_CIPHER_CTX_cleanup(&ctx->cipher);
-    if (s != NULL)
-        OPENSSL_free(s);
-    return (ret);
-}
-#else                           /* !OPENSSL_NO_RSA */
-
-# if PEDANTIC
-static void *dummy = &dummy;
-# endif
-
-#endif
diff --git a/thirdparty/openssl/crypto/pem/pem_sign.c b/thirdparty/openssl/crypto/pem/pem_sign.c
deleted file mode 100644
index b5e5c29b0e..0000000000
--- a/thirdparty/openssl/crypto/pem/pem_sign.c
+++ /dev/null
@@ -1,101 +0,0 @@
-/* crypto/pem/pem_sign.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
-{
-    EVP_DigestInit_ex(ctx, type, NULL);
-}
-
-void PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data, unsigned int count)
-{
-    EVP_DigestUpdate(ctx, data, count);
-}
-
-int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
-                  unsigned int *siglen, EVP_PKEY *pkey)
-{
-    unsigned char *m;
-    int i, ret = 0;
-    unsigned int m_len;
-
-    m = (unsigned char *)OPENSSL_malloc(EVP_PKEY_size(pkey) + 2);
-    if (m == NULL) {
-        PEMerr(PEM_F_PEM_SIGNFINAL, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (EVP_SignFinal(ctx, m, &m_len, pkey) <= 0)
-        goto err;
-
-    i = EVP_EncodeBlock(sigret, m, m_len);
-    *siglen = i;
-    ret = 1;
- err:
-    /* ctx has been zeroed by EVP_SignFinal() */
-    if (m != NULL)
-        OPENSSL_free(m);
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/pem/pem_x509.c b/thirdparty/openssl/crypto/pem/pem_x509.c
deleted file mode 100644
index 3c20ff28ad..0000000000
--- a/thirdparty/openssl/crypto/pem/pem_x509.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/* pem_x509.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pkcs7.h>
-#include <openssl/pem.h>
-
-IMPLEMENT_PEM_rw(X509, X509, PEM_STRING_X509, X509)
diff --git a/thirdparty/openssl/crypto/pem/pem_xaux.c b/thirdparty/openssl/crypto/pem/pem_xaux.c
deleted file mode 100644
index c523430189..0000000000
--- a/thirdparty/openssl/crypto/pem/pem_xaux.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/* pem_xaux.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pkcs7.h>
-#include <openssl/pem.h>
-
-IMPLEMENT_PEM_rw(X509_AUX, X509, PEM_STRING_X509_TRUSTED, X509_AUX)
-IMPLEMENT_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR, PEM_STRING_X509_PAIR,
-                 X509_CERT_PAIR)
diff --git a/thirdparty/openssl/crypto/pem/pkcs7.lis b/thirdparty/openssl/crypto/pem/pkcs7.lis
deleted file mode 100644
index be90c5d87f..0000000000
--- a/thirdparty/openssl/crypto/pem/pkcs7.lis
+++ /dev/null
@@ -1,22 +0,0 @@
-21     0:d=0 hl=2 l=  0 cons: univ: SEQUENCE          
- 00     2:d=0 hl=2 l=  9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-signedData
- 21    13:d=0 hl=2 l=  0 cons: cont: 00			# explicit tag
-  21    15:d=0 hl=2 l=  0 cons: univ: SEQUENCE          
-   00    17:d=0 hl=2 l=  1 prim: univ: INTEGER          # version 
-   20    20:d=0 hl=2 l=  0 cons: univ: SET               
-   21    22:d=0 hl=2 l=  0 cons: univ: SEQUENCE          
-    00    24:d=0 hl=2 l=  9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-data
-    00    35:d=0 hl=2 l=  0 prim: univ: EOC               
-   21    37:d=0 hl=2 l=  0 cons: cont: 00               # cert tag
-    20    39:d=0 hl=4 l=545 cons: univ: SEQUENCE          
-    20   588:d=0 hl=4 l=524 cons: univ: SEQUENCE          
-    00  1116:d=0 hl=2 l=  0 prim: univ: EOC               
-   21  1118:d=0 hl=2 l=  0 cons: cont: 01		# crl tag
-    20  1120:d=0 hl=4 l=653 cons: univ: SEQUENCE          
-    20  1777:d=0 hl=4 l=285 cons: univ: SEQUENCE          
-    00  2066:d=0 hl=2 l=  0 prim: univ: EOC               
-   21  2068:d=0 hl=2 l=  0 cons: univ: SET              # signers 
-    00  2070:d=0 hl=2 l=  0 prim: univ: EOC               
-  00  2072:d=0 hl=2 l=  0 prim: univ: EOC               
- 00  2074:d=0 hl=2 l=  0 prim: univ: EOC               
-00  2076:d=0 hl=2 l=  0 prim: univ: EOC               
diff --git a/thirdparty/openssl/crypto/pem/pvkfmt.c b/thirdparty/openssl/crypto/pem/pvkfmt.c
deleted file mode 100644
index 1ce5a1e319..0000000000
--- a/thirdparty/openssl/crypto/pem/pvkfmt.c
+++ /dev/null
@@ -1,895 +0,0 @@
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2005.
- */
-/* ====================================================================
- * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * Support for PVK format keys and related structures (such a PUBLICKEYBLOB
- * and PRIVATEKEYBLOB).
- */
-
-#include "cryptlib.h"
-#include <openssl/pem.h>
-#include <openssl/rand.h>
-#include <openssl/bn.h>
-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
-# include <openssl/dsa.h>
-# include <openssl/rsa.h>
-
-/*
- * Utility function: read a DWORD (4 byte unsigned integer) in little endian
- * format
- */
-
-static unsigned int read_ledword(const unsigned char **in)
-{
-    const unsigned char *p = *in;
-    unsigned int ret;
-    ret = *p++;
-    ret |= (*p++ << 8);
-    ret |= (*p++ << 16);
-    ret |= (*p++ << 24);
-    *in = p;
-    return ret;
-}
-
-/*
- * Read a BIGNUM in little endian format. The docs say that this should take
- * up bitlen/8 bytes.
- */
-
-static int read_lebn(const unsigned char **in, unsigned int nbyte, BIGNUM **r)
-{
-    const unsigned char *p;
-    unsigned char *tmpbuf, *q;
-    unsigned int i;
-    p = *in + nbyte - 1;
-    tmpbuf = OPENSSL_malloc(nbyte);
-    if (!tmpbuf)
-        return 0;
-    q = tmpbuf;
-    for (i = 0; i < nbyte; i++)
-        *q++ = *p--;
-    *r = BN_bin2bn(tmpbuf, nbyte, NULL);
-    OPENSSL_free(tmpbuf);
-    if (*r) {
-        *in += nbyte;
-        return 1;
-    } else
-        return 0;
-}
-
-/* Convert private key blob to EVP_PKEY: RSA and DSA keys supported */
-
-# define MS_PUBLICKEYBLOB        0x6
-# define MS_PRIVATEKEYBLOB       0x7
-# define MS_RSA1MAGIC            0x31415352L
-# define MS_RSA2MAGIC            0x32415352L
-# define MS_DSS1MAGIC            0x31535344L
-# define MS_DSS2MAGIC            0x32535344L
-
-# define MS_KEYALG_RSA_KEYX      0xa400
-# define MS_KEYALG_DSS_SIGN      0x2200
-
-# define MS_KEYTYPE_KEYX         0x1
-# define MS_KEYTYPE_SIGN         0x2
-
-/* Maximum length of a blob after header */
-# define BLOB_MAX_LENGTH          102400
-
-/* The PVK file magic number: seems to spell out "bobsfile", who is Bob? */
-# define MS_PVKMAGIC             0xb0b5f11eL
-/* Salt length for PVK files */
-# define PVK_SALTLEN             0x10
-/* Maximum length in PVK header */
-# define PVK_MAX_KEYLEN          102400
-/* Maximum salt length */
-# define PVK_MAX_SALTLEN         10240
-
-static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int length,
-                         unsigned int bitlen, int ispub);
-static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length,
-                         unsigned int bitlen, int ispub);
-
-static int do_blob_header(const unsigned char **in, unsigned int length,
-                          unsigned int *pmagic, unsigned int *pbitlen,
-                          int *pisdss, int *pispub)
-{
-    const unsigned char *p = *in;
-    if (length < 16)
-        return 0;
-    /* bType */
-    if (*p == MS_PUBLICKEYBLOB) {
-        if (*pispub == 0) {
-            PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PRIVATE_KEY_BLOB);
-            return 0;
-        }
-        *pispub = 1;
-    } else if (*p == MS_PRIVATEKEYBLOB) {
-        if (*pispub == 1) {
-            PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PUBLIC_KEY_BLOB);
-            return 0;
-        }
-        *pispub = 0;
-    } else
-        return 0;
-    p++;
-    /* Version */
-    if (*p++ != 0x2) {
-        PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_BAD_VERSION_NUMBER);
-        return 0;
-    }
-    /* Ignore reserved, aiKeyAlg */
-    p += 6;
-    *pmagic = read_ledword(&p);
-    *pbitlen = read_ledword(&p);
-    *pisdss = 0;
-    switch (*pmagic) {
-
-    case MS_DSS1MAGIC:
-        *pisdss = 1;
-    case MS_RSA1MAGIC:
-        if (*pispub == 0) {
-            PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PRIVATE_KEY_BLOB);
-            return 0;
-        }
-        break;
-
-    case MS_DSS2MAGIC:
-        *pisdss = 1;
-    case MS_RSA2MAGIC:
-        if (*pispub == 1) {
-            PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PUBLIC_KEY_BLOB);
-            return 0;
-        }
-        break;
-
-    default:
-        PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_BAD_MAGIC_NUMBER);
-        return -1;
-    }
-    *in = p;
-    return 1;
-}
-
-static unsigned int blob_length(unsigned bitlen, int isdss, int ispub)
-{
-    unsigned int nbyte, hnbyte;
-    nbyte = (bitlen + 7) >> 3;
-    hnbyte = (bitlen + 15) >> 4;
-    if (isdss) {
-
-        /*
-         * Expected length: 20 for q + 3 components bitlen each + 24 for seed
-         * structure.
-         */
-        if (ispub)
-            return 44 + 3 * nbyte;
-        /*
-         * Expected length: 20 for q, priv, 2 bitlen components + 24 for seed
-         * structure.
-         */
-        else
-            return 64 + 2 * nbyte;
-    } else {
-        /* Expected length: 4 for 'e' + 'n' */
-        if (ispub)
-            return 4 + nbyte;
-        else
-            /*
-             * Expected length: 4 for 'e' and 7 other components. 2
-             * components are bitlen size, 5 are bitlen/2
-             */
-            return 4 + 2 * nbyte + 5 * hnbyte;
-    }
-
-}
-
-static EVP_PKEY *do_b2i(const unsigned char **in, unsigned int length,
-                        int ispub)
-{
-    const unsigned char *p = *in;
-    unsigned int bitlen, magic;
-    int isdss;
-    if (do_blob_header(&p, length, &magic, &bitlen, &isdss, &ispub) <= 0) {
-        PEMerr(PEM_F_DO_B2I, PEM_R_KEYBLOB_HEADER_PARSE_ERROR);
-        return NULL;
-    }
-    length -= 16;
-    if (length < blob_length(bitlen, isdss, ispub)) {
-        PEMerr(PEM_F_DO_B2I, PEM_R_KEYBLOB_TOO_SHORT);
-        return NULL;
-    }
-    if (isdss)
-        return b2i_dss(&p, length, bitlen, ispub);
-    else
-        return b2i_rsa(&p, length, bitlen, ispub);
-}
-
-static EVP_PKEY *do_b2i_bio(BIO *in, int ispub)
-{
-    const unsigned char *p;
-    unsigned char hdr_buf[16], *buf = NULL;
-    unsigned int bitlen, magic, length;
-    int isdss;
-    EVP_PKEY *ret = NULL;
-    if (BIO_read(in, hdr_buf, 16) != 16) {
-        PEMerr(PEM_F_DO_B2I_BIO, PEM_R_KEYBLOB_TOO_SHORT);
-        return NULL;
-    }
-    p = hdr_buf;
-    if (do_blob_header(&p, 16, &magic, &bitlen, &isdss, &ispub) <= 0)
-        return NULL;
-
-    length = blob_length(bitlen, isdss, ispub);
-    if (length > BLOB_MAX_LENGTH) {
-        PEMerr(PEM_F_DO_B2I_BIO, PEM_R_HEADER_TOO_LONG);
-        return NULL;
-    }
-    buf = OPENSSL_malloc(length);
-    if (!buf) {
-        PEMerr(PEM_F_DO_B2I_BIO, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    p = buf;
-    if (BIO_read(in, buf, length) != (int)length) {
-        PEMerr(PEM_F_DO_B2I_BIO, PEM_R_KEYBLOB_TOO_SHORT);
-        goto err;
-    }
-
-    if (isdss)
-        ret = b2i_dss(&p, length, bitlen, ispub);
-    else
-        ret = b2i_rsa(&p, length, bitlen, ispub);
-
- err:
-    if (buf)
-        OPENSSL_free(buf);
-    return ret;
-}
-
-static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length,
-                         unsigned int bitlen, int ispub)
-{
-    const unsigned char *p = *in;
-    EVP_PKEY *ret = NULL;
-    DSA *dsa = NULL;
-    BN_CTX *ctx = NULL;
-    unsigned int nbyte;
-    nbyte = (bitlen + 7) >> 3;
-
-    dsa = DSA_new();
-    ret = EVP_PKEY_new();
-    if (!dsa || !ret)
-        goto memerr;
-    if (!read_lebn(&p, nbyte, &dsa->p))
-        goto memerr;
-    if (!read_lebn(&p, 20, &dsa->q))
-        goto memerr;
-    if (!read_lebn(&p, nbyte, &dsa->g))
-        goto memerr;
-    if (ispub) {
-        if (!read_lebn(&p, nbyte, &dsa->pub_key))
-            goto memerr;
-    } else {
-        if (!read_lebn(&p, 20, &dsa->priv_key))
-            goto memerr;
-        /* Calculate public key */
-        if (!(dsa->pub_key = BN_new()))
-            goto memerr;
-        if (!(ctx = BN_CTX_new()))
-            goto memerr;
-
-        if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx))
-
-            goto memerr;
-        BN_CTX_free(ctx);
-    }
-
-    EVP_PKEY_set1_DSA(ret, dsa);
-    DSA_free(dsa);
-    *in = p;
-    return ret;
-
- memerr:
-    PEMerr(PEM_F_B2I_DSS, ERR_R_MALLOC_FAILURE);
-    if (dsa)
-        DSA_free(dsa);
-    if (ret)
-        EVP_PKEY_free(ret);
-    if (ctx)
-        BN_CTX_free(ctx);
-    return NULL;
-}
-
-static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int length,
-                         unsigned int bitlen, int ispub)
-{
-    const unsigned char *p = *in;
-    EVP_PKEY *ret = NULL;
-    RSA *rsa = NULL;
-    unsigned int nbyte, hnbyte;
-    nbyte = (bitlen + 7) >> 3;
-    hnbyte = (bitlen + 15) >> 4;
-    rsa = RSA_new();
-    ret = EVP_PKEY_new();
-    if (!rsa || !ret)
-        goto memerr;
-    rsa->e = BN_new();
-    if (!rsa->e)
-        goto memerr;
-    if (!BN_set_word(rsa->e, read_ledword(&p)))
-        goto memerr;
-    if (!read_lebn(&p, nbyte, &rsa->n))
-        goto memerr;
-    if (!ispub) {
-        if (!read_lebn(&p, hnbyte, &rsa->p))
-            goto memerr;
-        if (!read_lebn(&p, hnbyte, &rsa->q))
-            goto memerr;
-        if (!read_lebn(&p, hnbyte, &rsa->dmp1))
-            goto memerr;
-        if (!read_lebn(&p, hnbyte, &rsa->dmq1))
-            goto memerr;
-        if (!read_lebn(&p, hnbyte, &rsa->iqmp))
-            goto memerr;
-        if (!read_lebn(&p, nbyte, &rsa->d))
-            goto memerr;
-    }
-
-    EVP_PKEY_set1_RSA(ret, rsa);
-    RSA_free(rsa);
-    *in = p;
-    return ret;
- memerr:
-    PEMerr(PEM_F_B2I_RSA, ERR_R_MALLOC_FAILURE);
-    if (rsa)
-        RSA_free(rsa);
-    if (ret)
-        EVP_PKEY_free(ret);
-    return NULL;
-}
-
-EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length)
-{
-    return do_b2i(in, length, 0);
-}
-
-EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length)
-{
-    return do_b2i(in, length, 1);
-}
-
-EVP_PKEY *b2i_PrivateKey_bio(BIO *in)
-{
-    return do_b2i_bio(in, 0);
-}
-
-EVP_PKEY *b2i_PublicKey_bio(BIO *in)
-{
-    return do_b2i_bio(in, 1);
-}
-
-static void write_ledword(unsigned char **out, unsigned int dw)
-{
-    unsigned char *p = *out;
-    *p++ = dw & 0xff;
-    *p++ = (dw >> 8) & 0xff;
-    *p++ = (dw >> 16) & 0xff;
-    *p++ = (dw >> 24) & 0xff;
-    *out = p;
-}
-
-static void write_lebn(unsigned char **out, const BIGNUM *bn, int len)
-{
-    int nb, i;
-    unsigned char *p = *out, *q, c;
-    nb = BN_num_bytes(bn);
-    BN_bn2bin(bn, p);
-    q = p + nb - 1;
-    /* In place byte order reversal */
-    for (i = 0; i < nb / 2; i++) {
-        c = *p;
-        *p++ = *q;
-        *q-- = c;
-    }
-    *out += nb;
-    /* Pad with zeroes if we have to */
-    if (len > 0) {
-        len -= nb;
-        if (len > 0) {
-            memset(*out, 0, len);
-            *out += len;
-        }
-    }
-}
-
-static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *magic);
-static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *magic);
-
-static void write_rsa(unsigned char **out, RSA *rsa, int ispub);
-static void write_dsa(unsigned char **out, DSA *dsa, int ispub);
-
-static int do_i2b(unsigned char **out, EVP_PKEY *pk, int ispub)
-{
-    unsigned char *p;
-    unsigned int bitlen, magic = 0, keyalg;
-    int outlen, noinc = 0;
-    if (pk->type == EVP_PKEY_DSA) {
-        bitlen = check_bitlen_dsa(pk->pkey.dsa, ispub, &magic);
-        keyalg = MS_KEYALG_DSS_SIGN;
-    } else if (pk->type == EVP_PKEY_RSA) {
-        bitlen = check_bitlen_rsa(pk->pkey.rsa, ispub, &magic);
-        keyalg = MS_KEYALG_RSA_KEYX;
-    } else
-        return -1;
-    if (bitlen == 0)
-        return -1;
-    outlen = 16 + blob_length(bitlen,
-                              keyalg == MS_KEYALG_DSS_SIGN ? 1 : 0, ispub);
-    if (out == NULL)
-        return outlen;
-    if (*out)
-        p = *out;
-    else {
-        p = OPENSSL_malloc(outlen);
-        if (!p)
-            return -1;
-        *out = p;
-        noinc = 1;
-    }
-    if (ispub)
-        *p++ = MS_PUBLICKEYBLOB;
-    else
-        *p++ = MS_PRIVATEKEYBLOB;
-    *p++ = 0x2;
-    *p++ = 0;
-    *p++ = 0;
-    write_ledword(&p, keyalg);
-    write_ledword(&p, magic);
-    write_ledword(&p, bitlen);
-    if (keyalg == MS_KEYALG_DSS_SIGN)
-        write_dsa(&p, pk->pkey.dsa, ispub);
-    else
-        write_rsa(&p, pk->pkey.rsa, ispub);
-    if (!noinc)
-        *out += outlen;
-    return outlen;
-}
-
-static int do_i2b_bio(BIO *out, EVP_PKEY *pk, int ispub)
-{
-    unsigned char *tmp = NULL;
-    int outlen, wrlen;
-    outlen = do_i2b(&tmp, pk, ispub);
-    if (outlen < 0)
-        return -1;
-    wrlen = BIO_write(out, tmp, outlen);
-    OPENSSL_free(tmp);
-    if (wrlen == outlen)
-        return outlen;
-    return -1;
-}
-
-static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *pmagic)
-{
-    int bitlen;
-    bitlen = BN_num_bits(dsa->p);
-    if ((bitlen & 7) || (BN_num_bits(dsa->q) != 160)
-        || (BN_num_bits(dsa->g) > bitlen))
-        goto badkey;
-    if (ispub) {
-        if (BN_num_bits(dsa->pub_key) > bitlen)
-            goto badkey;
-        *pmagic = MS_DSS1MAGIC;
-    } else {
-        if (BN_num_bits(dsa->priv_key) > 160)
-            goto badkey;
-        *pmagic = MS_DSS2MAGIC;
-    }
-
-    return bitlen;
- badkey:
-    PEMerr(PEM_F_CHECK_BITLEN_DSA, PEM_R_UNSUPPORTED_KEY_COMPONENTS);
-    return 0;
-}
-
-static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic)
-{
-    int nbyte, hnbyte, bitlen;
-    if (BN_num_bits(rsa->e) > 32)
-        goto badkey;
-    bitlen = BN_num_bits(rsa->n);
-    nbyte = BN_num_bytes(rsa->n);
-    hnbyte = (BN_num_bits(rsa->n) + 15) >> 4;
-    if (ispub) {
-        *pmagic = MS_RSA1MAGIC;
-        return bitlen;
-    } else {
-        *pmagic = MS_RSA2MAGIC;
-        /*
-         * For private key each component must fit within nbyte or hnbyte.
-         */
-        if (BN_num_bytes(rsa->d) > nbyte)
-            goto badkey;
-        if ((BN_num_bytes(rsa->iqmp) > hnbyte)
-            || (BN_num_bytes(rsa->p) > hnbyte)
-            || (BN_num_bytes(rsa->q) > hnbyte)
-            || (BN_num_bytes(rsa->dmp1) > hnbyte)
-            || (BN_num_bytes(rsa->dmq1) > hnbyte))
-            goto badkey;
-    }
-    return bitlen;
- badkey:
-    PEMerr(PEM_F_CHECK_BITLEN_RSA, PEM_R_UNSUPPORTED_KEY_COMPONENTS);
-    return 0;
-}
-
-static void write_rsa(unsigned char **out, RSA *rsa, int ispub)
-{
-    int nbyte, hnbyte;
-    nbyte = BN_num_bytes(rsa->n);
-    hnbyte = (BN_num_bits(rsa->n) + 15) >> 4;
-    write_lebn(out, rsa->e, 4);
-    write_lebn(out, rsa->n, -1);
-    if (ispub)
-        return;
-    write_lebn(out, rsa->p, hnbyte);
-    write_lebn(out, rsa->q, hnbyte);
-    write_lebn(out, rsa->dmp1, hnbyte);
-    write_lebn(out, rsa->dmq1, hnbyte);
-    write_lebn(out, rsa->iqmp, hnbyte);
-    write_lebn(out, rsa->d, nbyte);
-}
-
-static void write_dsa(unsigned char **out, DSA *dsa, int ispub)
-{
-    int nbyte;
-    nbyte = BN_num_bytes(dsa->p);
-    write_lebn(out, dsa->p, nbyte);
-    write_lebn(out, dsa->q, 20);
-    write_lebn(out, dsa->g, nbyte);
-    if (ispub)
-        write_lebn(out, dsa->pub_key, nbyte);
-    else
-        write_lebn(out, dsa->priv_key, 20);
-    /* Set "invalid" for seed structure values */
-    memset(*out, 0xff, 24);
-    *out += 24;
-    return;
-}
-
-int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk)
-{
-    return do_i2b_bio(out, pk, 0);
-}
-
-int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk)
-{
-    return do_i2b_bio(out, pk, 1);
-}
-
-# ifndef OPENSSL_NO_RC4
-
-static int do_PVK_header(const unsigned char **in, unsigned int length,
-                         int skip_magic,
-                         unsigned int *psaltlen, unsigned int *pkeylen)
-{
-    const unsigned char *p = *in;
-    unsigned int pvk_magic, is_encrypted;
-    if (skip_magic) {
-        if (length < 20) {
-            PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_PVK_TOO_SHORT);
-            return 0;
-        }
-    } else {
-        if (length < 24) {
-            PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_PVK_TOO_SHORT);
-            return 0;
-        }
-        pvk_magic = read_ledword(&p);
-        if (pvk_magic != MS_PVKMAGIC) {
-            PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_BAD_MAGIC_NUMBER);
-            return 0;
-        }
-    }
-    /* Skip reserved */
-    p += 4;
-    /*
-     * keytype =
-     */ read_ledword(&p);
-    is_encrypted = read_ledword(&p);
-    *psaltlen = read_ledword(&p);
-    *pkeylen = read_ledword(&p);
-
-    if (*pkeylen > PVK_MAX_KEYLEN || *psaltlen > PVK_MAX_SALTLEN)
-        return 0;
-
-    if (is_encrypted && !*psaltlen) {
-        PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_INCONSISTENT_HEADER);
-        return 0;
-    }
-
-    *in = p;
-    return 1;
-}
-
-static int derive_pvk_key(unsigned char *key,
-                          const unsigned char *salt, unsigned int saltlen,
-                          const unsigned char *pass, int passlen)
-{
-    EVP_MD_CTX mctx;
-    int rv = 1;
-    EVP_MD_CTX_init(&mctx);
-    if (!EVP_DigestInit_ex(&mctx, EVP_sha1(), NULL)
-        || !EVP_DigestUpdate(&mctx, salt, saltlen)
-        || !EVP_DigestUpdate(&mctx, pass, passlen)
-        || !EVP_DigestFinal_ex(&mctx, key, NULL))
-        rv = 0;
-
-    EVP_MD_CTX_cleanup(&mctx);
-    return rv;
-}
-
-static EVP_PKEY *do_PVK_body(const unsigned char **in,
-                             unsigned int saltlen, unsigned int keylen,
-                             pem_password_cb *cb, void *u)
-{
-    EVP_PKEY *ret = NULL;
-    const unsigned char *p = *in;
-    unsigned int magic;
-    unsigned char *enctmp = NULL, *q;
-    EVP_CIPHER_CTX cctx;
-    EVP_CIPHER_CTX_init(&cctx);
-    if (saltlen) {
-        char psbuf[PEM_BUFSIZE];
-        unsigned char keybuf[20];
-        int enctmplen, inlen;
-        if (cb)
-            inlen = cb(psbuf, PEM_BUFSIZE, 0, u);
-        else
-            inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u);
-        if (inlen <= 0) {
-            PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_PASSWORD_READ);
-            goto err;
-        }
-        enctmp = OPENSSL_malloc(keylen + 8);
-        if (!enctmp) {
-            PEMerr(PEM_F_DO_PVK_BODY, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        if (!derive_pvk_key(keybuf, p, saltlen,
-                            (unsigned char *)psbuf, inlen))
-            goto err;
-        p += saltlen;
-        /* Copy BLOBHEADER across, decrypt rest */
-        memcpy(enctmp, p, 8);
-        p += 8;
-        if (keylen < 8) {
-            PEMerr(PEM_F_DO_PVK_BODY, PEM_R_PVK_TOO_SHORT);
-            goto err;
-        }
-        inlen = keylen - 8;
-        q = enctmp + 8;
-        if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
-            goto err;
-        if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen))
-            goto err;
-        if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen))
-            goto err;
-        magic = read_ledword((const unsigned char **)&q);
-        if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) {
-            q = enctmp + 8;
-            memset(keybuf + 5, 0, 11);
-            if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
-                goto err;
-            OPENSSL_cleanse(keybuf, 20);
-            if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen))
-                goto err;
-            if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen))
-                goto err;
-            magic = read_ledword((const unsigned char **)&q);
-            if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) {
-                PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_DECRYPT);
-                goto err;
-            }
-        } else
-            OPENSSL_cleanse(keybuf, 20);
-        p = enctmp;
-    }
-
-    ret = b2i_PrivateKey(&p, keylen);
- err:
-    EVP_CIPHER_CTX_cleanup(&cctx);
-    if (enctmp && saltlen)
-        OPENSSL_free(enctmp);
-    return ret;
-}
-
-EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u)
-{
-    unsigned char pvk_hdr[24], *buf = NULL;
-    const unsigned char *p;
-    int buflen;
-    EVP_PKEY *ret = NULL;
-    unsigned int saltlen, keylen;
-    if (BIO_read(in, pvk_hdr, 24) != 24) {
-        PEMerr(PEM_F_B2I_PVK_BIO, PEM_R_PVK_DATA_TOO_SHORT);
-        return NULL;
-    }
-    p = pvk_hdr;
-
-    if (!do_PVK_header(&p, 24, 0, &saltlen, &keylen))
-        return 0;
-    buflen = (int)keylen + saltlen;
-    buf = OPENSSL_malloc(buflen);
-    if (!buf) {
-        PEMerr(PEM_F_B2I_PVK_BIO, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    p = buf;
-    if (BIO_read(in, buf, buflen) != buflen) {
-        PEMerr(PEM_F_B2I_PVK_BIO, PEM_R_PVK_DATA_TOO_SHORT);
-        goto err;
-    }
-    ret = do_PVK_body(&p, saltlen, keylen, cb, u);
-
- err:
-    if (buf) {
-        OPENSSL_cleanse(buf, buflen);
-        OPENSSL_free(buf);
-    }
-    return ret;
-}
-
-static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,
-                   pem_password_cb *cb, void *u)
-{
-    int outlen = 24, pklen;
-    unsigned char *p, *salt = NULL;
-    EVP_CIPHER_CTX cctx;
-    EVP_CIPHER_CTX_init(&cctx);
-    if (enclevel)
-        outlen += PVK_SALTLEN;
-    pklen = do_i2b(NULL, pk, 0);
-    if (pklen < 0)
-        return -1;
-    outlen += pklen;
-    if (!out)
-        return outlen;
-    if (*out)
-        p = *out;
-    else {
-        p = OPENSSL_malloc(outlen);
-        if (!p) {
-            PEMerr(PEM_F_I2B_PVK, ERR_R_MALLOC_FAILURE);
-            return -1;
-        }
-        *out = p;
-    }
-
-    write_ledword(&p, MS_PVKMAGIC);
-    write_ledword(&p, 0);
-    if (pk->type == EVP_PKEY_DSA)
-        write_ledword(&p, MS_KEYTYPE_SIGN);
-    else
-        write_ledword(&p, MS_KEYTYPE_KEYX);
-    write_ledword(&p, enclevel ? 1 : 0);
-    write_ledword(&p, enclevel ? PVK_SALTLEN : 0);
-    write_ledword(&p, pklen);
-    if (enclevel) {
-        if (RAND_bytes(p, PVK_SALTLEN) <= 0)
-            goto error;
-        salt = p;
-        p += PVK_SALTLEN;
-    }
-    do_i2b(&p, pk, 0);
-    if (enclevel == 0)
-        return outlen;
-    else {
-        char psbuf[PEM_BUFSIZE];
-        unsigned char keybuf[20];
-        int enctmplen, inlen;
-        if (cb)
-            inlen = cb(psbuf, PEM_BUFSIZE, 1, u);
-        else
-            inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 1, u);
-        if (inlen <= 0) {
-            PEMerr(PEM_F_I2B_PVK, PEM_R_BAD_PASSWORD_READ);
-            goto error;
-        }
-        if (!derive_pvk_key(keybuf, salt, PVK_SALTLEN,
-                            (unsigned char *)psbuf, inlen))
-            goto error;
-        if (enclevel == 1)
-            memset(keybuf + 5, 0, 11);
-        p = salt + PVK_SALTLEN + 8;
-        if (!EVP_EncryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
-            goto error;
-        OPENSSL_cleanse(keybuf, 20);
-        if (!EVP_DecryptUpdate(&cctx, p, &enctmplen, p, pklen - 8))
-            goto error;
-        if (!EVP_DecryptFinal_ex(&cctx, p + enctmplen, &enctmplen))
-            goto error;
-    }
-    EVP_CIPHER_CTX_cleanup(&cctx);
-    return outlen;
-
- error:
-    EVP_CIPHER_CTX_cleanup(&cctx);
-    return -1;
-}
-
-int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
-                pem_password_cb *cb, void *u)
-{
-    unsigned char *tmp = NULL;
-    int outlen, wrlen;
-    outlen = i2b_PVK(&tmp, pk, enclevel, cb, u);
-    if (outlen < 0)
-        return -1;
-    wrlen = BIO_write(out, tmp, outlen);
-    OPENSSL_free(tmp);
-    if (wrlen == outlen) {
-        PEMerr(PEM_F_I2B_PVK_BIO, PEM_R_BIO_WRITE_FAILURE);
-        return outlen;
-    }
-    return -1;
-}
-
-# endif
-
-#endif
diff --git a/thirdparty/openssl/crypto/perlasm/readme b/thirdparty/openssl/crypto/perlasm/readme
deleted file mode 100644
index f02bbee75a..0000000000
--- a/thirdparty/openssl/crypto/perlasm/readme
+++ /dev/null
@@ -1,124 +0,0 @@
-The perl scripts in this directory are my 'hack' to generate
-multiple different assembler formats via the one origional script.
-
-The way to use this library is to start with adding the path to this directory
-and then include it.
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-The first thing we do is setup the file and type of assember
-
-&asm_init($ARGV[0],$0);
-
-The first argument is the 'type'.  Currently
-'cpp', 'sol', 'a.out', 'elf' or 'win32'.
-Argument 2 is the file name.
-
-The reciprocal function is
-&asm_finish() which should be called at the end.
-
-There are 2 main 'packages'. x86ms.pl, which is the microsoft assembler,
-and x86unix.pl which is the unix (gas) version.
-
-Functions of interest are:
-&external_label("des_SPtrans");	declare and external variable
-&LB(reg);			Low byte for a register
-&HB(reg);			High byte for a register
-&BP(off,base,index,scale)	Byte pointer addressing
-&DWP(off,base,index,scale)	Word pointer addressing
-&stack_push(num)		Basically a 'sub esp, num*4' with extra
-&stack_pop(num)			inverse of stack_push
-&function_begin(name,extra)	Start a function with pushing of
-				edi, esi, ebx and ebp.  extra is extra win32
-				external info that may be required.
-&function_begin_B(name,extra)	Same as norma function_begin but no pushing.
-&function_end(name)		Call at end of function.
-&function_end_A(name)		Standard pop and ret, for use inside functions
-&function_end_B(name)		Call at end but with poping or 'ret'.
-&swtmp(num)			Address on stack temp word.
-&wparam(num)			Parameter number num, that was push
-				in C convention.  This all works over pushes
-				and pops.
-&comment("hello there")		Put in a comment.
-&label("loop")			Refer to a label, normally a jmp target.
-&set_label("loop")		Set a label at this point.
-&data_word(word)		Put in a word of data.
-
-So how does this all hold together?  Given
-
-int calc(int len, int *data)
-	{
-	int i,j=0;
-
-	for (i=0; i<len; i++)
-		{
-		j+=other(data[i]);
-		}
-	}
-
-So a very simple version of this function could be coded as
-
-	push(@INC,"perlasm","../../perlasm");
-	require "x86asm.pl";
-	
-	&asm_init($ARGV[0],"cacl.pl");
-
-	&external_label("other");
-
-	$tmp1=	"eax";
-	$j=	"edi";
-	$data=	"esi";
-	$i=	"ebp";
-
-	&comment("a simple function");
-	&function_begin("calc");
-	&mov(	$data,		&wparam(1)); # data
-	&xor(	$j,		$j);
-	&xor(	$i,		$i);
-
-	&set_label("loop");
-	&cmp(	$i,		&wparam(0));
-	&jge(	&label("end"));
-
-	&mov(	$tmp1,		&DWP(0,$data,$i,4));
-	&push(	$tmp1);
-	&call(	"other");
-	&add(	$j,		"eax");
-	&pop(	$tmp1);
-	&inc(	$i);
-	&jmp(	&label("loop"));
-
-	&set_label("end");
-	&mov(	"eax",		$j);
-
-	&function_end("calc");
-
-	&asm_finish();
-
-The above example is very very unoptimised but gives an idea of how
-things work.
-
-There is also a cbc mode function generator in cbc.pl
-
-&cbc(	$name,
-	$encrypt_function_name,
-	$decrypt_function_name,
-	$true_if_byte_swap_needed,
-	$parameter_number_for_iv,
-	$parameter_number_for_encrypt_flag,
-	$first_parameter_to_pass,
-	$second_parameter_to_pass,
-	$third_parameter_to_pass);
-
-So for example, given
-void BF_encrypt(BF_LONG *data,BF_KEY *key);
-void BF_decrypt(BF_LONG *data,BF_KEY *key);
-void BF_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
-        BF_KEY *ks, unsigned char *iv, int enc);
-
-&cbc("BF_cbc_encrypt","BF_encrypt","BF_encrypt",1,4,5,3,-1,-1);
-
-&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",0,4,5,3,5,-1);
-&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",0,6,7,3,4,5);
-
diff --git a/thirdparty/openssl/crypto/pkcs12/p12_add.c b/thirdparty/openssl/crypto/pkcs12/p12_add.c
deleted file mode 100644
index d9f03a39fd..0000000000
--- a/thirdparty/openssl/crypto/pkcs12/p12_add.c
+++ /dev/null
@@ -1,258 +0,0 @@
-/* p12_add.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-/* Pack an object into an OCTET STRING and turn into a safebag */
-
-PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it,
-                                         int nid1, int nid2)
-{
-    PKCS12_BAGS *bag;
-    PKCS12_SAFEBAG *safebag;
-    if (!(bag = PKCS12_BAGS_new())) {
-        PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    bag->type = OBJ_nid2obj(nid1);
-    if (!ASN1_item_pack(obj, it, &bag->value.octet)) {
-        PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    if (!(safebag = PKCS12_SAFEBAG_new())) {
-        PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    safebag->value.bag = bag;
-    safebag->type = OBJ_nid2obj(nid2);
-    return safebag;
-
- err:
-    PKCS12_BAGS_free(bag);
-    return NULL;
-}
-
-/* Turn PKCS8 object into a keybag */
-
-PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8)
-{
-    PKCS12_SAFEBAG *bag;
-    if (!(bag = PKCS12_SAFEBAG_new())) {
-        PKCS12err(PKCS12_F_PKCS12_MAKE_KEYBAG, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    bag->type = OBJ_nid2obj(NID_keyBag);
-    bag->value.keybag = p8;
-    return bag;
-}
-
-/* Turn PKCS8 object into a shrouded keybag */
-
-PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
-                                     int passlen, unsigned char *salt,
-                                     int saltlen, int iter,
-                                     PKCS8_PRIV_KEY_INFO *p8)
-{
-    PKCS12_SAFEBAG *bag;
-    const EVP_CIPHER *pbe_ciph;
-
-    /* Set up the safe bag */
-    if (!(bag = PKCS12_SAFEBAG_new())) {
-        PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    bag->type = OBJ_nid2obj(NID_pkcs8ShroudedKeyBag);
-
-    pbe_ciph = EVP_get_cipherbynid(pbe_nid);
-
-    if (pbe_ciph)
-        pbe_nid = -1;
-
-    if (!(bag->value.shkeybag =
-          PKCS8_encrypt(pbe_nid, pbe_ciph, pass, passlen, salt, saltlen, iter,
-                        p8))) {
-        PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
-        PKCS12_SAFEBAG_free(bag);
-        return NULL;
-    }
-
-    return bag;
-}
-
-/* Turn a stack of SAFEBAGS into a PKCS#7 data Contentinfo */
-PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk)
-{
-    PKCS7 *p7;
-    if (!(p7 = PKCS7_new())) {
-        PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    p7->type = OBJ_nid2obj(NID_pkcs7_data);
-    if (!(p7->d.data = M_ASN1_OCTET_STRING_new())) {
-        PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (!ASN1_item_pack(sk, ASN1_ITEM_rptr(PKCS12_SAFEBAGS), &p7->d.data)) {
-        PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, PKCS12_R_CANT_PACK_STRUCTURE);
-        goto err;
-    }
-    return p7;
-
- err:
-    PKCS7_free(p7);
-    return NULL;
-}
-
-/* Unpack SAFEBAGS from PKCS#7 data ContentInfo */
-STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7)
-{
-    if (!PKCS7_type_is_data(p7)) {
-        PKCS12err(PKCS12_F_PKCS12_UNPACK_P7DATA,
-                  PKCS12_R_CONTENT_TYPE_NOT_DATA);
-        return NULL;
-    }
-    return ASN1_item_unpack(p7->d.data, ASN1_ITEM_rptr(PKCS12_SAFEBAGS));
-}
-
-/* Turn a stack of SAFEBAGS into a PKCS#7 encrypted data ContentInfo */
-
-PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
-                             unsigned char *salt, int saltlen, int iter,
-                             STACK_OF(PKCS12_SAFEBAG) *bags)
-{
-    PKCS7 *p7;
-    X509_ALGOR *pbe;
-    const EVP_CIPHER *pbe_ciph;
-    if (!(p7 = PKCS7_new())) {
-        PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    if (!PKCS7_set_type(p7, NID_pkcs7_encrypted)) {
-        PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA,
-                  PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE);
-        goto err;
-    }
-
-    pbe_ciph = EVP_get_cipherbynid(pbe_nid);
-
-    if (pbe_ciph)
-        pbe = PKCS5_pbe2_set(pbe_ciph, iter, salt, saltlen);
-    else
-        pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen);
-
-    if (!pbe) {
-        PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    X509_ALGOR_free(p7->d.encrypted->enc_data->algorithm);
-    p7->d.encrypted->enc_data->algorithm = pbe;
-    M_ASN1_OCTET_STRING_free(p7->d.encrypted->enc_data->enc_data);
-    if (!(p7->d.encrypted->enc_data->enc_data =
-          PKCS12_item_i2d_encrypt(pbe, ASN1_ITEM_rptr(PKCS12_SAFEBAGS), pass,
-                                  passlen, bags, 1))) {
-        PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, PKCS12_R_ENCRYPT_ERROR);
-        goto err;
-    }
-
-    return p7;
-
- err:
-    PKCS7_free(p7);
-    return NULL;
-}
-
-STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass,
-                                                  int passlen)
-{
-    if (!PKCS7_type_is_encrypted(p7))
-        return NULL;
-    return PKCS12_item_decrypt_d2i(p7->d.encrypted->enc_data->algorithm,
-                                   ASN1_ITEM_rptr(PKCS12_SAFEBAGS),
-                                   pass, passlen,
-                                   p7->d.encrypted->enc_data->enc_data, 1);
-}
-
-PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(PKCS12_SAFEBAG *bag,
-                                         const char *pass, int passlen)
-{
-    return PKCS8_decrypt(bag->value.shkeybag, pass, passlen);
-}
-
-int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes)
-{
-    if (ASN1_item_pack(safes, ASN1_ITEM_rptr(PKCS12_AUTHSAFES),
-                       &p12->authsafes->d.data))
-        return 1;
-    return 0;
-}
-
-STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12)
-{
-    if (!PKCS7_type_is_data(p12->authsafes)) {
-        PKCS12err(PKCS12_F_PKCS12_UNPACK_AUTHSAFES,
-                  PKCS12_R_CONTENT_TYPE_NOT_DATA);
-        return NULL;
-    }
-    return ASN1_item_unpack(p12->authsafes->d.data,
-                            ASN1_ITEM_rptr(PKCS12_AUTHSAFES));
-}
diff --git a/thirdparty/openssl/crypto/pkcs12/p12_asn.c b/thirdparty/openssl/crypto/pkcs12/p12_asn.c
deleted file mode 100644
index 370ddbd6e7..0000000000
--- a/thirdparty/openssl/crypto/pkcs12/p12_asn.c
+++ /dev/null
@@ -1,125 +0,0 @@
-/* p12_asn.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/pkcs12.h>
-
-/* PKCS#12 ASN1 module */
-
-ASN1_SEQUENCE(PKCS12) = {
-        ASN1_SIMPLE(PKCS12, version, ASN1_INTEGER),
-        ASN1_SIMPLE(PKCS12, authsafes, PKCS7),
-        ASN1_OPT(PKCS12, mac, PKCS12_MAC_DATA)
-} ASN1_SEQUENCE_END(PKCS12)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS12)
-
-ASN1_SEQUENCE(PKCS12_MAC_DATA) = {
-        ASN1_SIMPLE(PKCS12_MAC_DATA, dinfo, X509_SIG),
-        ASN1_SIMPLE(PKCS12_MAC_DATA, salt, ASN1_OCTET_STRING),
-        ASN1_OPT(PKCS12_MAC_DATA, iter, ASN1_INTEGER)
-} ASN1_SEQUENCE_END(PKCS12_MAC_DATA)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
-
-ASN1_ADB_TEMPLATE(bag_default) = ASN1_EXP(PKCS12_BAGS, value.other, ASN1_ANY, 0);
-
-ASN1_ADB(PKCS12_BAGS) = {
-        ADB_ENTRY(NID_x509Certificate, ASN1_EXP(PKCS12_BAGS, value.x509cert, ASN1_OCTET_STRING, 0)),
-        ADB_ENTRY(NID_x509Crl, ASN1_EXP(PKCS12_BAGS, value.x509crl, ASN1_OCTET_STRING, 0)),
-        ADB_ENTRY(NID_sdsiCertificate, ASN1_EXP(PKCS12_BAGS, value.sdsicert, ASN1_IA5STRING, 0)),
-} ASN1_ADB_END(PKCS12_BAGS, 0, type, 0, &bag_default_tt, NULL);
-
-ASN1_SEQUENCE(PKCS12_BAGS) = {
-        ASN1_SIMPLE(PKCS12_BAGS, type, ASN1_OBJECT),
-        ASN1_ADB_OBJECT(PKCS12_BAGS),
-} ASN1_SEQUENCE_END(PKCS12_BAGS)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS12_BAGS)
-
-ASN1_ADB_TEMPLATE(safebag_default) = ASN1_EXP(PKCS12_SAFEBAG, value.other, ASN1_ANY, 0);
-
-ASN1_ADB(PKCS12_SAFEBAG) = {
-        ADB_ENTRY(NID_keyBag, ASN1_EXP(PKCS12_SAFEBAG, value.keybag, PKCS8_PRIV_KEY_INFO, 0)),
-        ADB_ENTRY(NID_pkcs8ShroudedKeyBag, ASN1_EXP(PKCS12_SAFEBAG, value.shkeybag, X509_SIG, 0)),
-        ADB_ENTRY(NID_safeContentsBag, ASN1_EXP_SET_OF(PKCS12_SAFEBAG, value.safes, PKCS12_SAFEBAG, 0)),
-        ADB_ENTRY(NID_certBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag, PKCS12_BAGS, 0)),
-        ADB_ENTRY(NID_crlBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag, PKCS12_BAGS, 0)),
-        ADB_ENTRY(NID_secretBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag, PKCS12_BAGS, 0))
-} ASN1_ADB_END(PKCS12_SAFEBAG, 0, type, 0, &safebag_default_tt, NULL);
-
-ASN1_SEQUENCE(PKCS12_SAFEBAG) = {
-        ASN1_SIMPLE(PKCS12_SAFEBAG, type, ASN1_OBJECT),
-        ASN1_ADB_OBJECT(PKCS12_SAFEBAG),
-        ASN1_SET_OF_OPT(PKCS12_SAFEBAG, attrib, X509_ATTRIBUTE)
-} ASN1_SEQUENCE_END(PKCS12_SAFEBAG)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
-
-/* SEQUENCE OF SafeBag */
-ASN1_ITEM_TEMPLATE(PKCS12_SAFEBAGS) =
-        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, PKCS12_SAFEBAGS, PKCS12_SAFEBAG)
-ASN1_ITEM_TEMPLATE_END(PKCS12_SAFEBAGS)
-
-/* Authsafes: SEQUENCE OF PKCS7 */
-ASN1_ITEM_TEMPLATE(PKCS12_AUTHSAFES) =
-        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, PKCS12_AUTHSAFES, PKCS7)
-ASN1_ITEM_TEMPLATE_END(PKCS12_AUTHSAFES)
diff --git a/thirdparty/openssl/crypto/pkcs12/p12_attr.c b/thirdparty/openssl/crypto/pkcs12/p12_attr.c
deleted file mode 100644
index fff3ba1ece..0000000000
--- a/thirdparty/openssl/crypto/pkcs12/p12_attr.c
+++ /dev/null
@@ -1,147 +0,0 @@
-/* p12_attr.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-/* Add a local keyid to a safebag */
-
-int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name,
-                          int namelen)
-{
-    if (X509at_add1_attr_by_NID(&bag->attrib, NID_localKeyID,
-                                V_ASN1_OCTET_STRING, name, namelen))
-        return 1;
-    else
-        return 0;
-}
-
-/* Add key usage to PKCS#8 structure */
-
-int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage)
-{
-    unsigned char us_val;
-    us_val = (unsigned char)usage;
-    if (X509at_add1_attr_by_NID(&p8->attributes, NID_key_usage,
-                                V_ASN1_BIT_STRING, &us_val, 1))
-        return 1;
-    else
-        return 0;
-}
-
-/* Add a friendlyname to a safebag */
-
-int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
-                                int namelen)
-{
-    if (X509at_add1_attr_by_NID(&bag->attrib, NID_friendlyName,
-                                MBSTRING_ASC, (unsigned char *)name, namelen))
-        return 1;
-    else
-        return 0;
-}
-
-int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag,
-                                const unsigned char *name, int namelen)
-{
-    if (X509at_add1_attr_by_NID(&bag->attrib, NID_friendlyName,
-                                MBSTRING_BMP, name, namelen))
-        return 1;
-    else
-        return 0;
-}
-
-int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name, int namelen)
-{
-    if (X509at_add1_attr_by_NID(&bag->attrib, NID_ms_csp_name,
-                                MBSTRING_ASC, (unsigned char *)name, namelen))
-        return 1;
-    else
-        return 0;
-}
-
-ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid)
-{
-    X509_ATTRIBUTE *attrib;
-    int i;
-    if (!attrs)
-        return NULL;
-    for (i = 0; i < sk_X509_ATTRIBUTE_num(attrs); i++) {
-        attrib = sk_X509_ATTRIBUTE_value(attrs, i);
-        if (OBJ_obj2nid(attrib->object) == attr_nid) {
-            if (sk_ASN1_TYPE_num(attrib->value.set))
-                return sk_ASN1_TYPE_value(attrib->value.set, 0);
-            else
-                return NULL;
-        }
-    }
-    return NULL;
-}
-
-char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag)
-{
-    ASN1_TYPE *atype;
-    if (!(atype = PKCS12_get_attr(bag, NID_friendlyName)))
-        return NULL;
-    if (atype->type != V_ASN1_BMPSTRING)
-        return NULL;
-    return OPENSSL_uni2asc(atype->value.bmpstring->data,
-                           atype->value.bmpstring->length);
-}
diff --git a/thirdparty/openssl/crypto/pkcs12/p12_crpt.c b/thirdparty/openssl/crypto/pkcs12/p12_crpt.c
deleted file mode 100644
index 9c2dcab024..0000000000
--- a/thirdparty/openssl/crypto/pkcs12/p12_crpt.c
+++ /dev/null
@@ -1,119 +0,0 @@
-/* p12_crpt.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-/* PKCS#12 PBE algorithms now in static table */
-
-void PKCS12_PBE_add(void)
-{
-}
-
-int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-                        ASN1_TYPE *param, const EVP_CIPHER *cipher,
-                        const EVP_MD *md, int en_de)
-{
-    PBEPARAM *pbe;
-    int saltlen, iter, ret;
-    unsigned char *salt;
-    const unsigned char *pbuf;
-    unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
-
-    if (cipher == NULL)
-        return 0;
-
-    /* Extract useful info from parameter */
-    if (param == NULL || param->type != V_ASN1_SEQUENCE ||
-        param->value.sequence == NULL) {
-        PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN, PKCS12_R_DECODE_ERROR);
-        return 0;
-    }
-
-    pbuf = param->value.sequence->data;
-    if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) {
-        PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN, PKCS12_R_DECODE_ERROR);
-        return 0;
-    }
-
-    if (!pbe->iter)
-        iter = 1;
-    else
-        iter = ASN1_INTEGER_get(pbe->iter);
-    salt = pbe->salt->data;
-    saltlen = pbe->salt->length;
-    if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_KEY_ID,
-                        iter, EVP_CIPHER_key_length(cipher), key, md)) {
-        PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN, PKCS12_R_KEY_GEN_ERROR);
-        PBEPARAM_free(pbe);
-        return 0;
-    }
-    if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_IV_ID,
-                        iter, EVP_CIPHER_iv_length(cipher), iv, md)) {
-        PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN, PKCS12_R_IV_GEN_ERROR);
-        PBEPARAM_free(pbe);
-        return 0;
-    }
-    PBEPARAM_free(pbe);
-    ret = EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, en_de);
-    OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
-    OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
-    return ret;
-}
diff --git a/thirdparty/openssl/crypto/pkcs12/p12_crt.c b/thirdparty/openssl/crypto/pkcs12/p12_crt.c
deleted file mode 100644
index 7d2aeefac3..0000000000
--- a/thirdparty/openssl/crypto/pkcs12/p12_crt.c
+++ /dev/null
@@ -1,358 +0,0 @@
-/* p12_crt.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags,
-                          PKCS12_SAFEBAG *bag);
-
-static int copy_bag_attr(PKCS12_SAFEBAG *bag, EVP_PKEY *pkey, int nid)
-{
-    int idx;
-    X509_ATTRIBUTE *attr;
-    idx = EVP_PKEY_get_attr_by_NID(pkey, nid, -1);
-    if (idx < 0)
-        return 1;
-    attr = EVP_PKEY_get_attr(pkey, idx);
-    if (!X509at_add1_attr(&bag->attrib, attr))
-        return 0;
-    return 1;
-}
-
-PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
-                      STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter,
-                      int mac_iter, int keytype)
-{
-    PKCS12 *p12 = NULL;
-    STACK_OF(PKCS7) *safes = NULL;
-    STACK_OF(PKCS12_SAFEBAG) *bags = NULL;
-    PKCS12_SAFEBAG *bag = NULL;
-    int i;
-    unsigned char keyid[EVP_MAX_MD_SIZE];
-    unsigned int keyidlen = 0;
-
-    /* Set defaults */
-    if (!nid_cert) {
-#ifdef OPENSSL_FIPS
-        if (FIPS_mode())
-            nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
-        else
-#endif
-#ifdef OPENSSL_NO_RC2
-            nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
-#else
-            nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC;
-#endif
-    }
-    if (!nid_key)
-        nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
-    if (!iter)
-        iter = PKCS12_DEFAULT_ITER;
-    if (!mac_iter)
-        mac_iter = 1;
-
-    if (!pkey && !cert && !ca) {
-        PKCS12err(PKCS12_F_PKCS12_CREATE, PKCS12_R_INVALID_NULL_ARGUMENT);
-        return NULL;
-    }
-
-    if (pkey && cert) {
-        if (!X509_check_private_key(cert, pkey))
-            return NULL;
-        X509_digest(cert, EVP_sha1(), keyid, &keyidlen);
-    }
-
-    if (cert) {
-        bag = PKCS12_add_cert(&bags, cert);
-        if (name && !PKCS12_add_friendlyname(bag, name, -1))
-            goto err;
-        if (keyidlen && !PKCS12_add_localkeyid(bag, keyid, keyidlen))
-            goto err;
-    }
-
-    /* Add all other certificates */
-    for (i = 0; i < sk_X509_num(ca); i++) {
-        if (!PKCS12_add_cert(&bags, sk_X509_value(ca, i)))
-            goto err;
-    }
-
-    if (bags && !PKCS12_add_safe(&safes, bags, nid_cert, iter, pass))
-        goto err;
-
-    sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-    bags = NULL;
-
-    if (pkey) {
-        bag = PKCS12_add_key(&bags, pkey, keytype, iter, nid_key, pass);
-
-        if (!bag)
-            goto err;
-
-        if (!copy_bag_attr(bag, pkey, NID_ms_csp_name))
-            goto err;
-        if (!copy_bag_attr(bag, pkey, NID_LocalKeySet))
-            goto err;
-
-        if (name && !PKCS12_add_friendlyname(bag, name, -1))
-            goto err;
-        if (keyidlen && !PKCS12_add_localkeyid(bag, keyid, keyidlen))
-            goto err;
-    }
-
-    if (bags && !PKCS12_add_safe(&safes, bags, -1, 0, NULL))
-        goto err;
-
-    sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-    bags = NULL;
-
-    p12 = PKCS12_add_safes(safes, 0);
-
-    if (!p12)
-        goto err;
-
-    sk_PKCS7_pop_free(safes, PKCS7_free);
-
-    safes = NULL;
-
-    if ((mac_iter != -1) &&
-        !PKCS12_set_mac(p12, pass, -1, NULL, 0, mac_iter, NULL))
-        goto err;
-
-    return p12;
-
- err:
-
-    if (p12)
-        PKCS12_free(p12);
-    if (safes)
-        sk_PKCS7_pop_free(safes, PKCS7_free);
-    if (bags)
-        sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-    return NULL;
-
-}
-
-PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert)
-{
-    PKCS12_SAFEBAG *bag = NULL;
-    char *name;
-    int namelen = -1;
-    unsigned char *keyid;
-    int keyidlen = -1;
-
-    /* Add user certificate */
-    if (!(bag = PKCS12_x5092certbag(cert)))
-        goto err;
-
-    /*
-     * Use friendlyName and localKeyID in certificate. (if present)
-     */
-
-    name = (char *)X509_alias_get0(cert, &namelen);
-
-    if (name && !PKCS12_add_friendlyname(bag, name, namelen))
-        goto err;
-
-    keyid = X509_keyid_get0(cert, &keyidlen);
-
-    if (keyid && !PKCS12_add_localkeyid(bag, keyid, keyidlen))
-        goto err;
-
-    if (!pkcs12_add_bag(pbags, bag))
-        goto err;
-
-    return bag;
-
- err:
-
-    if (bag)
-        PKCS12_SAFEBAG_free(bag);
-
-    return NULL;
-
-}
-
-PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags,
-                               EVP_PKEY *key, int key_usage, int iter,
-                               int nid_key, char *pass)
-{
-
-    PKCS12_SAFEBAG *bag = NULL;
-    PKCS8_PRIV_KEY_INFO *p8 = NULL;
-
-    /* Make a PKCS#8 structure */
-    if (!(p8 = EVP_PKEY2PKCS8(key)))
-        goto err;
-    if (key_usage && !PKCS8_add_keyusage(p8, key_usage))
-        goto err;
-    if (nid_key != -1) {
-        bag = PKCS12_MAKE_SHKEYBAG(nid_key, pass, -1, NULL, 0, iter, p8);
-        PKCS8_PRIV_KEY_INFO_free(p8);
-    } else
-        bag = PKCS12_MAKE_KEYBAG(p8);
-
-    if (!bag)
-        goto err;
-
-    if (!pkcs12_add_bag(pbags, bag))
-        goto err;
-
-    return bag;
-
- err:
-
-    if (bag)
-        PKCS12_SAFEBAG_free(bag);
-
-    return NULL;
-
-}
-
-int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,
-                    int nid_safe, int iter, char *pass)
-{
-    PKCS7 *p7 = NULL;
-    int free_safes = 0;
-
-    if (!*psafes) {
-        *psafes = sk_PKCS7_new_null();
-        if (!*psafes)
-            return 0;
-        free_safes = 1;
-    } else
-        free_safes = 0;
-
-    if (nid_safe == 0)
-#ifdef OPENSSL_NO_RC2
-        nid_safe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
-#else
-        nid_safe = NID_pbe_WithSHA1And40BitRC2_CBC;
-#endif
-
-    if (nid_safe == -1)
-        p7 = PKCS12_pack_p7data(bags);
-    else
-        p7 = PKCS12_pack_p7encdata(nid_safe, pass, -1, NULL, 0, iter, bags);
-    if (!p7)
-        goto err;
-
-    if (!sk_PKCS7_push(*psafes, p7))
-        goto err;
-
-    return 1;
-
- err:
-    if (free_safes) {
-        sk_PKCS7_free(*psafes);
-        *psafes = NULL;
-    }
-
-    if (p7)
-        PKCS7_free(p7);
-
-    return 0;
-
-}
-
-static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags,
-                          PKCS12_SAFEBAG *bag)
-{
-    int free_bags;
-    if (!pbags)
-        return 1;
-    if (!*pbags) {
-        *pbags = sk_PKCS12_SAFEBAG_new_null();
-        if (!*pbags)
-            return 0;
-        free_bags = 1;
-    } else
-        free_bags = 0;
-
-    if (!sk_PKCS12_SAFEBAG_push(*pbags, bag)) {
-        if (free_bags) {
-            sk_PKCS12_SAFEBAG_free(*pbags);
-            *pbags = NULL;
-        }
-        return 0;
-    }
-
-    return 1;
-
-}
-
-PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int nid_p7)
-{
-    PKCS12 *p12;
-    if (nid_p7 <= 0)
-        nid_p7 = NID_pkcs7_data;
-    p12 = PKCS12_init(nid_p7);
-
-    if (!p12)
-        return NULL;
-
-    if (!PKCS12_pack_authsafes(p12, safes)) {
-        PKCS12_free(p12);
-        return NULL;
-    }
-
-    return p12;
-
-}
diff --git a/thirdparty/openssl/crypto/pkcs12/p12_decr.c b/thirdparty/openssl/crypto/pkcs12/p12_decr.c
deleted file mode 100644
index b40ea10ccb..0000000000
--- a/thirdparty/openssl/crypto/pkcs12/p12_decr.c
+++ /dev/null
@@ -1,202 +0,0 @@
-/* p12_decr.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-/* Define this to dump decrypted output to files called DERnnn */
-/*
- * #define DEBUG_DECRYPT
- */
-
-/*
- * Encrypt/Decrypt a buffer based on password and algor, result in a
- * OPENSSL_malloc'ed buffer
- */
-
-unsigned char *PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
-                                int passlen, unsigned char *in, int inlen,
-                                unsigned char **data, int *datalen, int en_de)
-{
-    unsigned char *out;
-    int outlen, i;
-    EVP_CIPHER_CTX ctx;
-
-    EVP_CIPHER_CTX_init(&ctx);
-    /* Decrypt data */
-    if (!EVP_PBE_CipherInit(algor->algorithm, pass, passlen,
-                            algor->parameter, &ctx, en_de)) {
-        PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,
-                  PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR);
-        return NULL;
-    }
-
-    if (!(out = OPENSSL_malloc(inlen + EVP_CIPHER_CTX_block_size(&ctx)))) {
-        PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (!EVP_CipherUpdate(&ctx, out, &i, in, inlen)) {
-        OPENSSL_free(out);
-        out = NULL;
-        PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, ERR_R_EVP_LIB);
-        goto err;
-    }
-
-    outlen = i;
-    if (!EVP_CipherFinal_ex(&ctx, out + i, &i)) {
-        OPENSSL_free(out);
-        out = NULL;
-        PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,
-                  PKCS12_R_PKCS12_CIPHERFINAL_ERROR);
-        goto err;
-    }
-    outlen += i;
-    if (datalen)
-        *datalen = outlen;
-    if (data)
-        *data = out;
- err:
-    EVP_CIPHER_CTX_cleanup(&ctx);
-    return out;
-
-}
-
-/*
- * Decrypt an OCTET STRING and decode ASN1 structure if zbuf set zero buffer
- * after use.
- */
-
-void *PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it,
-                              const char *pass, int passlen,
-                              ASN1_OCTET_STRING *oct, int zbuf)
-{
-    unsigned char *out;
-    const unsigned char *p;
-    void *ret;
-    int outlen;
-
-    if (!PKCS12_pbe_crypt(algor, pass, passlen, oct->data, oct->length,
-                          &out, &outlen, 0)) {
-        PKCS12err(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I,
-                  PKCS12_R_PKCS12_PBE_CRYPT_ERROR);
-        return NULL;
-    }
-    p = out;
-#ifdef DEBUG_DECRYPT
-    {
-        FILE *op;
-
-        char fname[30];
-        static int fnm = 1;
-        sprintf(fname, "DER%d", fnm++);
-        op = fopen(fname, "wb");
-        fwrite(p, 1, outlen, op);
-        fclose(op);
-    }
-#endif
-    ret = ASN1_item_d2i(NULL, &p, outlen, it);
-    if (zbuf)
-        OPENSSL_cleanse(out, outlen);
-    if (!ret)
-        PKCS12err(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I, PKCS12_R_DECODE_ERROR);
-    OPENSSL_free(out);
-    return ret;
-}
-
-/*
- * Encode ASN1 structure and encrypt, return OCTET STRING if zbuf set zero
- * encoding.
- */
-
-ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor,
-                                           const ASN1_ITEM *it,
-                                           const char *pass, int passlen,
-                                           void *obj, int zbuf)
-{
-    ASN1_OCTET_STRING *oct = NULL;
-    unsigned char *in = NULL;
-    int inlen;
-    if (!(oct = M_ASN1_OCTET_STRING_new())) {
-        PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    inlen = ASN1_item_i2d(obj, &in, it);
-    if (!in) {
-        PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT, PKCS12_R_ENCODE_ERROR);
-        goto err;
-    }
-    if (!PKCS12_pbe_crypt(algor, pass, passlen, in, inlen, &oct->data,
-                          &oct->length, 1)) {
-        PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT, PKCS12_R_ENCRYPT_ERROR);
-        OPENSSL_free(in);
-        goto err;
-    }
-    if (zbuf)
-        OPENSSL_cleanse(in, inlen);
-    OPENSSL_free(in);
-    return oct;
- err:
-    if (oct)
-        ASN1_OCTET_STRING_free(oct);
-    return NULL;
-}
-
-IMPLEMENT_PKCS12_STACK_OF(PKCS7)
diff --git a/thirdparty/openssl/crypto/pkcs12/p12_init.c b/thirdparty/openssl/crypto/pkcs12/p12_init.c
deleted file mode 100644
index 0322df944a..0000000000
--- a/thirdparty/openssl/crypto/pkcs12/p12_init.c
+++ /dev/null
@@ -1,92 +0,0 @@
-/* p12_init.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-/* Initialise a PKCS12 structure to take data */
-
-PKCS12 *PKCS12_init(int mode)
-{
-    PKCS12 *pkcs12;
-    if (!(pkcs12 = PKCS12_new())) {
-        PKCS12err(PKCS12_F_PKCS12_INIT, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    ASN1_INTEGER_set(pkcs12->version, 3);
-    pkcs12->authsafes->type = OBJ_nid2obj(mode);
-    switch (mode) {
-    case NID_pkcs7_data:
-        if (!(pkcs12->authsafes->d.data = M_ASN1_OCTET_STRING_new())) {
-            PKCS12err(PKCS12_F_PKCS12_INIT, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        break;
-    default:
-        PKCS12err(PKCS12_F_PKCS12_INIT, PKCS12_R_UNSUPPORTED_PKCS12_MODE);
-        goto err;
-    }
-
-    return pkcs12;
- err:
-    if (pkcs12 != NULL)
-        PKCS12_free(pkcs12);
-    return NULL;
-}
diff --git a/thirdparty/openssl/crypto/pkcs12/p12_key.c b/thirdparty/openssl/crypto/pkcs12/p12_key.c
deleted file mode 100644
index 99b8260c96..0000000000
--- a/thirdparty/openssl/crypto/pkcs12/p12_key.c
+++ /dev/null
@@ -1,238 +0,0 @@
-/* p12_key.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-#include <openssl/bn.h>
-
-/* Uncomment out this line to get debugging info about key generation */
-/*
- * #define DEBUG_KEYGEN
- */
-#ifdef DEBUG_KEYGEN
-# include <openssl/bio.h>
-extern BIO *bio_err;
-void h__dump(unsigned char *p, int len);
-#endif
-
-/* PKCS12 compatible key/IV generation */
-#ifndef min
-# define min(a,b) ((a) < (b) ? (a) : (b))
-#endif
-
-int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
-                       int saltlen, int id, int iter, int n,
-                       unsigned char *out, const EVP_MD *md_type)
-{
-    int ret;
-    unsigned char *unipass;
-    int uniplen;
-
-    if (!pass) {
-        unipass = NULL;
-        uniplen = 0;
-    } else if (!OPENSSL_asc2uni(pass, passlen, &unipass, &uniplen)) {
-        PKCS12err(PKCS12_F_PKCS12_KEY_GEN_ASC, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen,
-                             id, iter, n, out, md_type);
-    if (ret <= 0)
-        return 0;
-    if (unipass) {
-        OPENSSL_cleanse(unipass, uniplen); /* Clear password from memory */
-        OPENSSL_free(unipass);
-    }
-    return ret;
-}
-
-int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
-                       int saltlen, int id, int iter, int n,
-                       unsigned char *out, const EVP_MD *md_type)
-{
-    unsigned char *B, *D, *I, *p, *Ai;
-    int Slen, Plen, Ilen, Ijlen;
-    int i, j, u, v;
-    int ret = 0;
-    BIGNUM *Ij, *Bpl1;          /* These hold Ij and B + 1 */
-    EVP_MD_CTX ctx;
-#ifdef  DEBUG_KEYGEN
-    unsigned char *tmpout = out;
-    int tmpn = n;
-#endif
-
-#if 0
-    if (!pass) {
-        PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-#endif
-
-    EVP_MD_CTX_init(&ctx);
-#ifdef  DEBUG_KEYGEN
-    fprintf(stderr, "KEYGEN DEBUG\n");
-    fprintf(stderr, "ID %d, ITER %d\n", id, iter);
-    fprintf(stderr, "Password (length %d):\n", passlen);
-    h__dump(pass, passlen);
-    fprintf(stderr, "Salt (length %d):\n", saltlen);
-    h__dump(salt, saltlen);
-#endif
-    v = EVP_MD_block_size(md_type);
-    u = EVP_MD_size(md_type);
-    if (u < 0)
-        return 0;
-    D = OPENSSL_malloc(v);
-    Ai = OPENSSL_malloc(u);
-    B = OPENSSL_malloc(v + 1);
-    Slen = v * ((saltlen + v - 1) / v);
-    if (passlen)
-        Plen = v * ((passlen + v - 1) / v);
-    else
-        Plen = 0;
-    Ilen = Slen + Plen;
-    I = OPENSSL_malloc(Ilen);
-    Ij = BN_new();
-    Bpl1 = BN_new();
-    if (!D || !Ai || !B || !I || !Ij || !Bpl1)
-        goto err;
-    for (i = 0; i < v; i++)
-        D[i] = id;
-    p = I;
-    for (i = 0; i < Slen; i++)
-        *p++ = salt[i % saltlen];
-    for (i = 0; i < Plen; i++)
-        *p++ = pass[i % passlen];
-    for (;;) {
-        if (!EVP_DigestInit_ex(&ctx, md_type, NULL)
-            || !EVP_DigestUpdate(&ctx, D, v)
-            || !EVP_DigestUpdate(&ctx, I, Ilen)
-            || !EVP_DigestFinal_ex(&ctx, Ai, NULL))
-            goto err;
-        for (j = 1; j < iter; j++) {
-            if (!EVP_DigestInit_ex(&ctx, md_type, NULL)
-                || !EVP_DigestUpdate(&ctx, Ai, u)
-                || !EVP_DigestFinal_ex(&ctx, Ai, NULL))
-                goto err;
-        }
-        memcpy(out, Ai, min(n, u));
-        if (u >= n) {
-#ifdef DEBUG_KEYGEN
-            fprintf(stderr, "Output KEY (length %d)\n", tmpn);
-            h__dump(tmpout, tmpn);
-#endif
-            ret = 1;
-            goto end;
-        }
-        n -= u;
-        out += u;
-        for (j = 0; j < v; j++)
-            B[j] = Ai[j % u];
-        /* Work out B + 1 first then can use B as tmp space */
-        if (!BN_bin2bn(B, v, Bpl1))
-            goto err;
-        if (!BN_add_word(Bpl1, 1))
-            goto err;
-        for (j = 0; j < Ilen; j += v) {
-            if (!BN_bin2bn(I + j, v, Ij))
-                goto err;
-            if (!BN_add(Ij, Ij, Bpl1))
-                goto err;
-            if (!BN_bn2bin(Ij, B))
-                goto err;
-            Ijlen = BN_num_bytes(Ij);
-            /* If more than 2^(v*8) - 1 cut off MSB */
-            if (Ijlen > v) {
-                if (!BN_bn2bin(Ij, B))
-                    goto err;
-                memcpy(I + j, B + 1, v);
-#ifndef PKCS12_BROKEN_KEYGEN
-                /* If less than v bytes pad with zeroes */
-            } else if (Ijlen < v) {
-                memset(I + j, 0, v - Ijlen);
-                if (!BN_bn2bin(Ij, I + j + v - Ijlen))
-                    goto err;
-#endif
-            } else if (!BN_bn2bin(Ij, I + j))
-                goto err;
-        }
-    }
-
- err:
-    PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI, ERR_R_MALLOC_FAILURE);
-
- end:
-    OPENSSL_free(Ai);
-    OPENSSL_free(B);
-    OPENSSL_free(D);
-    OPENSSL_free(I);
-    BN_free(Ij);
-    BN_free(Bpl1);
-    EVP_MD_CTX_cleanup(&ctx);
-    return ret;
-}
-
-#ifdef DEBUG_KEYGEN
-void h__dump(unsigned char *p, int len)
-{
-    for (; len--; p++)
-        fprintf(stderr, "%02X", *p);
-    fprintf(stderr, "\n");
-}
-#endif
diff --git a/thirdparty/openssl/crypto/pkcs12/p12_kiss.c b/thirdparty/openssl/crypto/pkcs12/p12_kiss.c
deleted file mode 100644
index 9aa3c90c4e..0000000000
--- a/thirdparty/openssl/crypto/pkcs12/p12_kiss.c
+++ /dev/null
@@ -1,299 +0,0 @@
-/* p12_kiss.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-/* Simplified PKCS#12 routines */
-
-static int parse_pk12(PKCS12 *p12, const char *pass, int passlen,
-                      EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
-
-static int parse_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
-                      int passlen, EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
-
-static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
-                     EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
-
-/*
- * Parse and decrypt a PKCS#12 structure returning user key, user cert and
- * other (CA) certs. Note either ca should be NULL, *ca should be NULL, or it
- * should point to a valid STACK structure. pkey and cert can be passed
- * unitialised.
- */
-
-int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
-                 STACK_OF(X509) **ca)
-{
-    STACK_OF(X509) *ocerts = NULL;
-    X509 *x = NULL;
-    /* Check for NULL PKCS12 structure */
-
-    if (!p12) {
-        PKCS12err(PKCS12_F_PKCS12_PARSE,
-                  PKCS12_R_INVALID_NULL_PKCS12_POINTER);
-        return 0;
-    }
-
-    if (pkey)
-        *pkey = NULL;
-    if (cert)
-        *cert = NULL;
-
-    /* Check the mac */
-
-    /*
-     * If password is zero length or NULL then try verifying both cases to
-     * determine which password is correct. The reason for this is that under
-     * PKCS#12 password based encryption no password and a zero length
-     * password are two different things...
-     */
-
-    if (!pass || !*pass) {
-        if (PKCS12_verify_mac(p12, NULL, 0))
-            pass = NULL;
-        else if (PKCS12_verify_mac(p12, "", 0))
-            pass = "";
-        else {
-            PKCS12err(PKCS12_F_PKCS12_PARSE, PKCS12_R_MAC_VERIFY_FAILURE);
-            goto err;
-        }
-    } else if (!PKCS12_verify_mac(p12, pass, -1)) {
-        PKCS12err(PKCS12_F_PKCS12_PARSE, PKCS12_R_MAC_VERIFY_FAILURE);
-        goto err;
-    }
-
-    /* Allocate stack for other certificates */
-    ocerts = sk_X509_new_null();
-
-    if (!ocerts) {
-        PKCS12err(PKCS12_F_PKCS12_PARSE, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-
-    if (!parse_pk12(p12, pass, -1, pkey, ocerts)) {
-        PKCS12err(PKCS12_F_PKCS12_PARSE, PKCS12_R_PARSE_ERROR);
-        goto err;
-    }
-
-    while ((x = sk_X509_pop(ocerts))) {
-        if (pkey && *pkey && cert && !*cert) {
-            ERR_set_mark();
-            if (X509_check_private_key(x, *pkey)) {
-                *cert = x;
-                x = NULL;
-            }
-            ERR_pop_to_mark();
-        }
-
-        if (ca && x) {
-            if (!*ca)
-                *ca = sk_X509_new_null();
-            if (!*ca)
-                goto err;
-            if (!sk_X509_push(*ca, x))
-                goto err;
-            x = NULL;
-        }
-        if (x)
-            X509_free(x);
-    }
-
-    if (ocerts)
-        sk_X509_pop_free(ocerts, X509_free);
-
-    return 1;
-
- err:
-
-    if (pkey && *pkey)
-        EVP_PKEY_free(*pkey);
-    if (cert && *cert)
-        X509_free(*cert);
-    if (x)
-        X509_free(x);
-    if (ocerts)
-        sk_X509_pop_free(ocerts, X509_free);
-    return 0;
-
-}
-
-/* Parse the outer PKCS#12 structure */
-
-static int parse_pk12(PKCS12 *p12, const char *pass, int passlen,
-                      EVP_PKEY **pkey, STACK_OF(X509) *ocerts)
-{
-    STACK_OF(PKCS7) *asafes;
-    STACK_OF(PKCS12_SAFEBAG) *bags;
-    int i, bagnid;
-    PKCS7 *p7;
-
-    if (!(asafes = PKCS12_unpack_authsafes(p12)))
-        return 0;
-    for (i = 0; i < sk_PKCS7_num(asafes); i++) {
-        p7 = sk_PKCS7_value(asafes, i);
-        bagnid = OBJ_obj2nid(p7->type);
-        if (bagnid == NID_pkcs7_data) {
-            bags = PKCS12_unpack_p7data(p7);
-        } else if (bagnid == NID_pkcs7_encrypted) {
-            bags = PKCS12_unpack_p7encdata(p7, pass, passlen);
-        } else
-            continue;
-        if (!bags) {
-            sk_PKCS7_pop_free(asafes, PKCS7_free);
-            return 0;
-        }
-        if (!parse_bags(bags, pass, passlen, pkey, ocerts)) {
-            sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-            sk_PKCS7_pop_free(asafes, PKCS7_free);
-            return 0;
-        }
-        sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-    }
-    sk_PKCS7_pop_free(asafes, PKCS7_free);
-    return 1;
-}
-
-static int parse_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
-                      int passlen, EVP_PKEY **pkey, STACK_OF(X509) *ocerts)
-{
-    int i;
-    for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
-        if (!parse_bag(sk_PKCS12_SAFEBAG_value(bags, i),
-                       pass, passlen, pkey, ocerts))
-            return 0;
-    }
-    return 1;
-}
-
-static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
-                     EVP_PKEY **pkey, STACK_OF(X509) *ocerts)
-{
-    PKCS8_PRIV_KEY_INFO *p8;
-    X509 *x509;
-    ASN1_TYPE *attrib;
-    ASN1_BMPSTRING *fname = NULL;
-    ASN1_OCTET_STRING *lkid = NULL;
-
-    if ((attrib = PKCS12_get_attr(bag, NID_friendlyName)))
-        fname = attrib->value.bmpstring;
-
-    if ((attrib = PKCS12_get_attr(bag, NID_localKeyID)))
-        lkid = attrib->value.octet_string;
-
-    switch (M_PKCS12_bag_type(bag)) {
-    case NID_keyBag:
-        if (!pkey || *pkey)
-            return 1;
-        if (!(*pkey = EVP_PKCS82PKEY(bag->value.keybag)))
-            return 0;
-        break;
-
-    case NID_pkcs8ShroudedKeyBag:
-        if (!pkey || *pkey)
-            return 1;
-        if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen)))
-            return 0;
-        *pkey = EVP_PKCS82PKEY(p8);
-        PKCS8_PRIV_KEY_INFO_free(p8);
-        if (!(*pkey))
-            return 0;
-        break;
-
-    case NID_certBag:
-        if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate)
-            return 1;
-        if (!(x509 = PKCS12_certbag2x509(bag)))
-            return 0;
-        if (lkid && !X509_keyid_set1(x509, lkid->data, lkid->length)) {
-            X509_free(x509);
-            return 0;
-        }
-        if (fname) {
-            int len, r;
-            unsigned char *data;
-            len = ASN1_STRING_to_UTF8(&data, fname);
-            if (len >= 0) {
-                r = X509_alias_set1(x509, data, len);
-                OPENSSL_free(data);
-                if (!r) {
-                    X509_free(x509);
-                    return 0;
-                }
-            }
-        }
-
-        if (!sk_X509_push(ocerts, x509)) {
-            X509_free(x509);
-            return 0;
-        }
-
-        break;
-
-    case NID_safeContentsBag:
-        return parse_bags(bag->value.safes, pass, passlen, pkey, ocerts);
-        break;
-
-    default:
-        return 1;
-        break;
-    }
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/pkcs12/p12_mutl.c b/thirdparty/openssl/crypto/pkcs12/p12_mutl.c
deleted file mode 100644
index b1f7381a6f..0000000000
--- a/thirdparty/openssl/crypto/pkcs12/p12_mutl.c
+++ /dev/null
@@ -1,198 +0,0 @@
-/* p12_mutl.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef OPENSSL_NO_HMAC
-# include <stdio.h>
-# include "cryptlib.h"
-# include <openssl/crypto.h>
-# include <openssl/hmac.h>
-# include <openssl/rand.h>
-# include <openssl/pkcs12.h>
-
-/* Generate a MAC */
-int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
-                   unsigned char *mac, unsigned int *maclen)
-{
-    const EVP_MD *md_type;
-    HMAC_CTX hmac;
-    unsigned char key[EVP_MAX_MD_SIZE], *salt;
-    int saltlen, iter;
-    int md_size;
-
-    if (!PKCS7_type_is_data(p12->authsafes)) {
-        PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_CONTENT_TYPE_NOT_DATA);
-        return 0;
-    }
-
-    salt = p12->mac->salt->data;
-    saltlen = p12->mac->salt->length;
-    if (!p12->mac->iter)
-        iter = 1;
-    else
-        iter = ASN1_INTEGER_get(p12->mac->iter);
-    if (!(md_type = EVP_get_digestbyobj(p12->mac->dinfo->algor->algorithm))) {
-        PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_UNKNOWN_DIGEST_ALGORITHM);
-        return 0;
-    }
-    md_size = EVP_MD_size(md_type);
-    if (md_size < 0)
-        return 0;
-    if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter,
-                        md_size, key, md_type)) {
-        PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_KEY_GEN_ERROR);
-        return 0;
-    }
-    HMAC_CTX_init(&hmac);
-    if (!HMAC_Init_ex(&hmac, key, md_size, md_type, NULL)
-        || !HMAC_Update(&hmac, p12->authsafes->d.data->data,
-                        p12->authsafes->d.data->length)
-        || !HMAC_Final(&hmac, mac, maclen)) {
-        HMAC_CTX_cleanup(&hmac);
-        return 0;
-    }
-    HMAC_CTX_cleanup(&hmac);
-    return 1;
-}
-
-/* Verify the mac */
-int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen)
-{
-    unsigned char mac[EVP_MAX_MD_SIZE];
-    unsigned int maclen;
-    if (p12->mac == NULL) {
-        PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC, PKCS12_R_MAC_ABSENT);
-        return 0;
-    }
-    if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) {
-        PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC, PKCS12_R_MAC_GENERATION_ERROR);
-        return 0;
-    }
-    if ((maclen != (unsigned int)p12->mac->dinfo->digest->length)
-        || CRYPTO_memcmp(mac, p12->mac->dinfo->digest->data, maclen))
-        return 0;
-    return 1;
-}
-
-/* Set a mac */
-
-int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
-                   unsigned char *salt, int saltlen, int iter,
-                   const EVP_MD *md_type)
-{
-    unsigned char mac[EVP_MAX_MD_SIZE];
-    unsigned int maclen;
-
-    if (!md_type)
-        md_type = EVP_sha1();
-    if (PKCS12_setup_mac(p12, iter, salt, saltlen, md_type) == PKCS12_ERROR) {
-        PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_SETUP_ERROR);
-        return 0;
-    }
-    if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) {
-        PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_GENERATION_ERROR);
-        return 0;
-    }
-    if (!(M_ASN1_OCTET_STRING_set(p12->mac->dinfo->digest, mac, maclen))) {
-        PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_STRING_SET_ERROR);
-        return 0;
-    }
-    return 1;
-}
-
-/* Set up a mac structure */
-int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
-                     const EVP_MD *md_type)
-{
-    PKCS12_MAC_DATA_free(p12->mac);
-    p12->mac = NULL;
-
-    if ((p12->mac = PKCS12_MAC_DATA_new()) == NULL)
-        return PKCS12_ERROR;
-    if (iter > 1) {
-        if (!(p12->mac->iter = M_ASN1_INTEGER_new())) {
-            PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-        if (!ASN1_INTEGER_set(p12->mac->iter, iter)) {
-            PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-    }
-    if (!saltlen)
-        saltlen = PKCS12_SALT_LEN;
-    if ((p12->mac->salt->data = OPENSSL_malloc(saltlen)) == NULL) {
-        PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    p12->mac->salt->length = saltlen;
-    if (!salt) {
-        if (RAND_bytes(p12->mac->salt->data, saltlen) <= 0)
-            return 0;
-    } else
-        memcpy(p12->mac->salt->data, salt, saltlen);
-    p12->mac->dinfo->algor->algorithm = OBJ_nid2obj(EVP_MD_type(md_type));
-    if (!(p12->mac->dinfo->algor->parameter = ASN1_TYPE_new())) {
-        PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    p12->mac->dinfo->algor->parameter->type = V_ASN1_NULL;
-
-    return 1;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/pkcs12/p12_npas.c b/thirdparty/openssl/crypto/pkcs12/p12_npas.c
deleted file mode 100644
index 9e8ebb2a78..0000000000
--- a/thirdparty/openssl/crypto/pkcs12/p12_npas.c
+++ /dev/null
@@ -1,230 +0,0 @@
-/* p12_npas.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/pem.h>
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-
-/* PKCS#12 password change routine */
-
-static int newpass_p12(PKCS12 *p12, const char *oldpass, const char *newpass);
-static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *oldpass,
-                        const char *newpass);
-static int newpass_bag(PKCS12_SAFEBAG *bag, const char *oldpass,
-                        const char *newpass);
-static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen);
-
-/*
- * Change the password on a PKCS#12 structure.
- */
-
-int PKCS12_newpass(PKCS12 *p12, const char *oldpass, const char *newpass)
-{
-    /* Check for NULL PKCS12 structure */
-
-    if (!p12) {
-        PKCS12err(PKCS12_F_PKCS12_NEWPASS,
-                  PKCS12_R_INVALID_NULL_PKCS12_POINTER);
-        return 0;
-    }
-
-    /* Check the mac */
-
-    if (!PKCS12_verify_mac(p12, oldpass, -1)) {
-        PKCS12err(PKCS12_F_PKCS12_NEWPASS, PKCS12_R_MAC_VERIFY_FAILURE);
-        return 0;
-    }
-
-    if (!newpass_p12(p12, oldpass, newpass)) {
-        PKCS12err(PKCS12_F_PKCS12_NEWPASS, PKCS12_R_PARSE_ERROR);
-        return 0;
-    }
-
-    return 1;
-}
-
-/* Parse the outer PKCS#12 structure */
-
-static int newpass_p12(PKCS12 *p12, const char *oldpass, const char *newpass)
-{
-    STACK_OF(PKCS7) *asafes = NULL, *newsafes = NULL;
-    STACK_OF(PKCS12_SAFEBAG) *bags = NULL;
-    int i, bagnid, pbe_nid = 0, pbe_iter = 0, pbe_saltlen = 0;
-    PKCS7 *p7, *p7new;
-    ASN1_OCTET_STRING *p12_data_tmp = NULL;
-    unsigned char mac[EVP_MAX_MD_SIZE];
-    unsigned int maclen;
-    int rv = 0;
-
-    if ((asafes = PKCS12_unpack_authsafes(p12)) == NULL)
-        goto err;
-    if ((newsafes = sk_PKCS7_new_null()) == NULL)
-        goto err;
-    for (i = 0; i < sk_PKCS7_num(asafes); i++) {
-        p7 = sk_PKCS7_value(asafes, i);
-        bagnid = OBJ_obj2nid(p7->type);
-        if (bagnid == NID_pkcs7_data) {
-            bags = PKCS12_unpack_p7data(p7);
-        } else if (bagnid == NID_pkcs7_encrypted) {
-            bags = PKCS12_unpack_p7encdata(p7, oldpass, -1);
-            if (!alg_get(p7->d.encrypted->enc_data->algorithm,
-                         &pbe_nid, &pbe_iter, &pbe_saltlen))
-                goto err;
-        } else {
-            continue;
-        }
-        if (bags == NULL)
-            goto err;
-        if (!newpass_bags(bags, oldpass, newpass))
-            goto err;
-        /* Repack bag in same form with new password */
-        if (bagnid == NID_pkcs7_data)
-            p7new = PKCS12_pack_p7data(bags);
-        else
-            p7new = PKCS12_pack_p7encdata(pbe_nid, newpass, -1, NULL,
-                                          pbe_saltlen, pbe_iter, bags);
-        if (!p7new || !sk_PKCS7_push(newsafes, p7new))
-            goto err;
-        sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-        bags = NULL;
-    }
-
-    /* Repack safe: save old safe in case of error */
-
-    p12_data_tmp = p12->authsafes->d.data;
-    if ((p12->authsafes->d.data = ASN1_OCTET_STRING_new()) == NULL)
-        goto err;
-    if (!PKCS12_pack_authsafes(p12, newsafes))
-        goto err;
-    if (!PKCS12_gen_mac(p12, newpass, -1, mac, &maclen))
-        goto err;
-    if (!ASN1_OCTET_STRING_set(p12->mac->dinfo->digest, mac, maclen))
-        goto err;
-
-    rv = 1;
-
-err:
-    /* Restore old safe if necessary */
-    if (rv == 1) {
-        ASN1_OCTET_STRING_free(p12_data_tmp);
-    } else if (p12_data_tmp != NULL) {
-        ASN1_OCTET_STRING_free(p12->authsafes->d.data);
-        p12->authsafes->d.data = p12_data_tmp;
-    }
-    sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-    sk_PKCS7_pop_free(asafes, PKCS7_free);
-    sk_PKCS7_pop_free(newsafes, PKCS7_free);
-    return rv;
-}
-
-static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *oldpass,
-                        const char *newpass)
-{
-    int i;
-    for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
-        if (!newpass_bag(sk_PKCS12_SAFEBAG_value(bags, i), oldpass, newpass))
-            return 0;
-    }
-    return 1;
-}
-
-/* Change password of safebag: only needs handle shrouded keybags */
-
-static int newpass_bag(PKCS12_SAFEBAG *bag, const char *oldpass,
-                       const char *newpass)
-{
-    PKCS8_PRIV_KEY_INFO *p8;
-    X509_SIG *p8new;
-    int p8_nid, p8_saltlen, p8_iter;
-
-    if (M_PKCS12_bag_type(bag) != NID_pkcs8ShroudedKeyBag)
-        return 1;
-
-    if (!(p8 = PKCS8_decrypt(bag->value.shkeybag, oldpass, -1)))
-        return 0;
-    if (!alg_get(bag->value.shkeybag->algor, &p8_nid, &p8_iter, &p8_saltlen))
-        return 0;
-    p8new = PKCS8_encrypt(p8_nid, NULL, newpass, -1, NULL, p8_saltlen,
-                          p8_iter, p8);
-    PKCS8_PRIV_KEY_INFO_free(p8);
-    if (p8new == NULL)
-        return 0;
-    X509_SIG_free(bag->value.shkeybag);
-    bag->value.shkeybag = p8new;
-    return 1;
-}
-
-static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen)
-{
-    PBEPARAM *pbe;
-    const unsigned char *p;
-
-    p = alg->parameter->value.sequence->data;
-    pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length);
-    if (!pbe)
-        return 0;
-    *pnid = OBJ_obj2nid(alg->algorithm);
-    *piter = ASN1_INTEGER_get(pbe->iter);
-    *psaltlen = pbe->salt->length;
-    PBEPARAM_free(pbe);
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/pkcs12/p12_p8d.c b/thirdparty/openssl/crypto/pkcs12/p12_p8d.c
deleted file mode 100644
index 3cc7a9f40e..0000000000
--- a/thirdparty/openssl/crypto/pkcs12/p12_p8d.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/* p12_p8d.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *p8, const char *pass,
-                                   int passlen)
-{
-    return PKCS12_item_decrypt_d2i(p8->algor,
-                                   ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO), pass,
-                                   passlen, p8->digest, 1);
-}
diff --git a/thirdparty/openssl/crypto/pkcs12/p12_p8e.c b/thirdparty/openssl/crypto/pkcs12/p12_p8e.c
deleted file mode 100644
index 861a087f80..0000000000
--- a/thirdparty/openssl/crypto/pkcs12/p12_p8e.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/* p12_p8e.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
-                        const char *pass, int passlen,
-                        unsigned char *salt, int saltlen, int iter,
-                        PKCS8_PRIV_KEY_INFO *p8inf)
-{
-    X509_SIG *p8 = NULL;
-    X509_ALGOR *pbe;
-
-    if (!(p8 = X509_SIG_new())) {
-        PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (pbe_nid == -1)
-        pbe = PKCS5_pbe2_set(cipher, iter, salt, saltlen);
-    else if (EVP_PBE_find(EVP_PBE_TYPE_PRF, pbe_nid, NULL, NULL, 0))
-        pbe = PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, pbe_nid);
-    else {
-        ERR_clear_error();
-        pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen);
-    }
-    if (!pbe) {
-        PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_ASN1_LIB);
-        goto err;
-    }
-    X509_ALGOR_free(p8->algor);
-    p8->algor = pbe;
-    M_ASN1_OCTET_STRING_free(p8->digest);
-    p8->digest =
-        PKCS12_item_i2d_encrypt(pbe, ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO),
-                                pass, passlen, p8inf, 1);
-    if (!p8->digest) {
-        PKCS12err(PKCS12_F_PKCS8_ENCRYPT, PKCS12_R_ENCRYPT_ERROR);
-        goto err;
-    }
-
-    return p8;
-
- err:
-    X509_SIG_free(p8);
-    return NULL;
-}
diff --git a/thirdparty/openssl/crypto/pkcs12/p12_utl.c b/thirdparty/openssl/crypto/pkcs12/p12_utl.c
deleted file mode 100644
index e466f762ff..0000000000
--- a/thirdparty/openssl/crypto/pkcs12/p12_utl.c
+++ /dev/null
@@ -1,165 +0,0 @@
-/* p12_utl.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/pkcs12.h>
-
-/* Cheap and nasty Unicode stuff */
-
-unsigned char *OPENSSL_asc2uni(const char *asc, int asclen,
-                               unsigned char **uni, int *unilen)
-{
-    int ulen, i;
-    unsigned char *unitmp;
-    if (asclen == -1)
-        asclen = strlen(asc);
-    ulen = asclen * 2 + 2;
-    if (!(unitmp = OPENSSL_malloc(ulen)))
-        return NULL;
-    for (i = 0; i < ulen - 2; i += 2) {
-        unitmp[i] = 0;
-        unitmp[i + 1] = asc[i >> 1];
-    }
-    /* Make result double null terminated */
-    unitmp[ulen - 2] = 0;
-    unitmp[ulen - 1] = 0;
-    if (unilen)
-        *unilen = ulen;
-    if (uni)
-        *uni = unitmp;
-    return unitmp;
-}
-
-char *OPENSSL_uni2asc(unsigned char *uni, int unilen)
-{
-    int asclen, i;
-    char *asctmp;
-
-    /* string must contain an even number of bytes */
-    if (unilen & 1)
-        return NULL;
-    asclen = unilen / 2;
-    /* If no terminating zero allow for one */
-    if (!unilen || uni[unilen - 1])
-        asclen++;
-    uni++;
-    if (!(asctmp = OPENSSL_malloc(asclen)))
-        return NULL;
-    for (i = 0; i < unilen; i += 2)
-        asctmp[i >> 1] = uni[i];
-    asctmp[asclen - 1] = 0;
-    return asctmp;
-}
-
-int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12)
-{
-    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS12), bp, p12);
-}
-
-#ifndef OPENSSL_NO_FP_API
-int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12)
-{
-    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS12), fp, p12);
-}
-#endif
-
-PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12)
-{
-    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS12), bp, p12);
-}
-
-#ifndef OPENSSL_NO_FP_API
-PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12)
-{
-    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS12), fp, p12);
-}
-#endif
-
-PKCS12_SAFEBAG *PKCS12_x5092certbag(X509 *x509)
-{
-    return PKCS12_item_pack_safebag(x509, ASN1_ITEM_rptr(X509),
-                                    NID_x509Certificate, NID_certBag);
-}
-
-PKCS12_SAFEBAG *PKCS12_x509crl2certbag(X509_CRL *crl)
-{
-    return PKCS12_item_pack_safebag(crl, ASN1_ITEM_rptr(X509_CRL),
-                                    NID_x509Crl, NID_crlBag);
-}
-
-X509 *PKCS12_certbag2x509(PKCS12_SAFEBAG *bag)
-{
-    if (M_PKCS12_bag_type(bag) != NID_certBag)
-        return NULL;
-    if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate)
-        return NULL;
-    return ASN1_item_unpack(bag->value.bag->value.octet,
-                            ASN1_ITEM_rptr(X509));
-}
-
-X509_CRL *PKCS12_certbag2x509crl(PKCS12_SAFEBAG *bag)
-{
-    if (M_PKCS12_bag_type(bag) != NID_crlBag)
-        return NULL;
-    if (M_PKCS12_cert_bag_type(bag) != NID_x509Crl)
-        return NULL;
-    return ASN1_item_unpack(bag->value.bag->value.octet,
-                            ASN1_ITEM_rptr(X509_CRL));
-}
diff --git a/thirdparty/openssl/crypto/pkcs12/pk12err.c b/thirdparty/openssl/crypto/pkcs12/pk12err.c
deleted file mode 100644
index e58710b253..0000000000
--- a/thirdparty/openssl/crypto/pkcs12/pk12err.c
+++ /dev/null
@@ -1,149 +0,0 @@
-/* crypto/pkcs12/pk12err.c */
-/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_PKCS12,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_PKCS12,0,reason)
-
-static ERR_STRING_DATA PKCS12_str_functs[] = {
-    {ERR_FUNC(PKCS12_F_PARSE_BAG), "PARSE_BAG"},
-    {ERR_FUNC(PKCS12_F_PARSE_BAGS), "PARSE_BAGS"},
-    {ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME), "PKCS12_ADD_FRIENDLYNAME"},
-    {ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC),
-     "PKCS12_add_friendlyname_asc"},
-    {ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI),
-     "PKCS12_add_friendlyname_uni"},
-    {ERR_FUNC(PKCS12_F_PKCS12_ADD_LOCALKEYID), "PKCS12_add_localkeyid"},
-    {ERR_FUNC(PKCS12_F_PKCS12_CREATE), "PKCS12_create"},
-    {ERR_FUNC(PKCS12_F_PKCS12_GEN_MAC), "PKCS12_gen_mac"},
-    {ERR_FUNC(PKCS12_F_PKCS12_INIT), "PKCS12_init"},
-    {ERR_FUNC(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I), "PKCS12_item_decrypt_d2i"},
-    {ERR_FUNC(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT), "PKCS12_item_i2d_encrypt"},
-    {ERR_FUNC(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG), "PKCS12_item_pack_safebag"},
-    {ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_ASC), "PKCS12_key_gen_asc"},
-    {ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_UNI), "PKCS12_key_gen_uni"},
-    {ERR_FUNC(PKCS12_F_PKCS12_MAKE_KEYBAG), "PKCS12_MAKE_KEYBAG"},
-    {ERR_FUNC(PKCS12_F_PKCS12_MAKE_SHKEYBAG), "PKCS12_MAKE_SHKEYBAG"},
-    {ERR_FUNC(PKCS12_F_PKCS12_NEWPASS), "PKCS12_newpass"},
-    {ERR_FUNC(PKCS12_F_PKCS12_PACK_P7DATA), "PKCS12_pack_p7data"},
-    {ERR_FUNC(PKCS12_F_PKCS12_PACK_P7ENCDATA), "PKCS12_pack_p7encdata"},
-    {ERR_FUNC(PKCS12_F_PKCS12_PARSE), "PKCS12_parse"},
-    {ERR_FUNC(PKCS12_F_PKCS12_PBE_CRYPT), "PKCS12_pbe_crypt"},
-    {ERR_FUNC(PKCS12_F_PKCS12_PBE_KEYIVGEN), "PKCS12_PBE_keyivgen"},
-    {ERR_FUNC(PKCS12_F_PKCS12_SETUP_MAC), "PKCS12_setup_mac"},
-    {ERR_FUNC(PKCS12_F_PKCS12_SET_MAC), "PKCS12_set_mac"},
-    {ERR_FUNC(PKCS12_F_PKCS12_UNPACK_AUTHSAFES), "PKCS12_unpack_authsafes"},
-    {ERR_FUNC(PKCS12_F_PKCS12_UNPACK_P7DATA), "PKCS12_unpack_p7data"},
-    {ERR_FUNC(PKCS12_F_PKCS12_VERIFY_MAC), "PKCS12_verify_mac"},
-    {ERR_FUNC(PKCS12_F_PKCS8_ADD_KEYUSAGE), "PKCS8_add_keyusage"},
-    {ERR_FUNC(PKCS12_F_PKCS8_ENCRYPT), "PKCS8_encrypt"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA PKCS12_str_reasons[] = {
-    {ERR_REASON(PKCS12_R_CANT_PACK_STRUCTURE), "cant pack structure"},
-    {ERR_REASON(PKCS12_R_CONTENT_TYPE_NOT_DATA), "content type not data"},
-    {ERR_REASON(PKCS12_R_DECODE_ERROR), "decode error"},
-    {ERR_REASON(PKCS12_R_ENCODE_ERROR), "encode error"},
-    {ERR_REASON(PKCS12_R_ENCRYPT_ERROR), "encrypt error"},
-    {ERR_REASON(PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE),
-     "error setting encrypted data type"},
-    {ERR_REASON(PKCS12_R_INVALID_NULL_ARGUMENT), "invalid null argument"},
-    {ERR_REASON(PKCS12_R_INVALID_NULL_PKCS12_POINTER),
-     "invalid null pkcs12 pointer"},
-    {ERR_REASON(PKCS12_R_IV_GEN_ERROR), "iv gen error"},
-    {ERR_REASON(PKCS12_R_KEY_GEN_ERROR), "key gen error"},
-    {ERR_REASON(PKCS12_R_MAC_ABSENT), "mac absent"},
-    {ERR_REASON(PKCS12_R_MAC_GENERATION_ERROR), "mac generation error"},
-    {ERR_REASON(PKCS12_R_MAC_SETUP_ERROR), "mac setup error"},
-    {ERR_REASON(PKCS12_R_MAC_STRING_SET_ERROR), "mac string set error"},
-    {ERR_REASON(PKCS12_R_MAC_VERIFY_ERROR), "mac verify error"},
-    {ERR_REASON(PKCS12_R_MAC_VERIFY_FAILURE), "mac verify failure"},
-    {ERR_REASON(PKCS12_R_PARSE_ERROR), "parse error"},
-    {ERR_REASON(PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR),
-     "pkcs12 algor cipherinit error"},
-    {ERR_REASON(PKCS12_R_PKCS12_CIPHERFINAL_ERROR),
-     "pkcs12 cipherfinal error"},
-    {ERR_REASON(PKCS12_R_PKCS12_PBE_CRYPT_ERROR), "pkcs12 pbe crypt error"},
-    {ERR_REASON(PKCS12_R_UNKNOWN_DIGEST_ALGORITHM),
-     "unknown digest algorithm"},
-    {ERR_REASON(PKCS12_R_UNSUPPORTED_PKCS12_MODE), "unsupported pkcs12 mode"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_PKCS12_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(PKCS12_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, PKCS12_str_functs);
-        ERR_load_strings(0, PKCS12_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/pkcs7/bio_pk7.c b/thirdparty/openssl/crypto/pkcs7/bio_pk7.c
deleted file mode 100644
index fae1c564c4..0000000000
--- a/thirdparty/openssl/crypto/pkcs7/bio_pk7.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/* bio_pk7.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/asn1.h>
-#include <openssl/pkcs7.h>
-#include <openssl/bio.h>
-
-#if !defined(OPENSSL_SYSNAME_NETWARE) && !defined(OPENSSL_SYSNAME_VXWORKS)
-# include <memory.h>
-#endif
-#include <stdio.h>
-
-/* Streaming encode support for PKCS#7 */
-
-BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7)
-{
-    return BIO_new_NDEF(out, (ASN1_VALUE *)p7, ASN1_ITEM_rptr(PKCS7));
-}
diff --git a/thirdparty/openssl/crypto/pkcs7/pk7_asn1.c b/thirdparty/openssl/crypto/pkcs7/pk7_asn1.c
deleted file mode 100644
index 9c0a43981e..0000000000
--- a/thirdparty/openssl/crypto/pkcs7/pk7_asn1.c
+++ /dev/null
@@ -1,251 +0,0 @@
-/* pk7_asn.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/pkcs7.h>
-#include <openssl/x509.h>
-
-/* PKCS#7 ASN1 module */
-
-/* This is the ANY DEFINED BY table for the top level PKCS#7 structure */
-
-ASN1_ADB_TEMPLATE(p7default) = ASN1_EXP_OPT(PKCS7, d.other, ASN1_ANY, 0);
-
-ASN1_ADB(PKCS7) = {
-        ADB_ENTRY(NID_pkcs7_data, ASN1_NDEF_EXP_OPT(PKCS7, d.data, ASN1_OCTET_STRING_NDEF, 0)),
-        ADB_ENTRY(NID_pkcs7_signed, ASN1_NDEF_EXP_OPT(PKCS7, d.sign, PKCS7_SIGNED, 0)),
-        ADB_ENTRY(NID_pkcs7_enveloped, ASN1_NDEF_EXP_OPT(PKCS7, d.enveloped, PKCS7_ENVELOPE, 0)),
-        ADB_ENTRY(NID_pkcs7_signedAndEnveloped, ASN1_NDEF_EXP_OPT(PKCS7, d.signed_and_enveloped, PKCS7_SIGN_ENVELOPE, 0)),
-        ADB_ENTRY(NID_pkcs7_digest, ASN1_NDEF_EXP_OPT(PKCS7, d.digest, PKCS7_DIGEST, 0)),
-        ADB_ENTRY(NID_pkcs7_encrypted, ASN1_NDEF_EXP_OPT(PKCS7, d.encrypted, PKCS7_ENCRYPT, 0))
-} ASN1_ADB_END(PKCS7, 0, type, 0, &p7default_tt, NULL);
-
-/* PKCS#7 streaming support */
-static int pk7_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                  void *exarg)
-{
-    ASN1_STREAM_ARG *sarg = exarg;
-    PKCS7 **pp7 = (PKCS7 **)pval;
-
-    switch (operation) {
-
-    case ASN1_OP_STREAM_PRE:
-        if (PKCS7_stream(&sarg->boundary, *pp7) <= 0)
-            return 0;
-    case ASN1_OP_DETACHED_PRE:
-        sarg->ndef_bio = PKCS7_dataInit(*pp7, sarg->out);
-        if (!sarg->ndef_bio)
-            return 0;
-        break;
-
-    case ASN1_OP_STREAM_POST:
-    case ASN1_OP_DETACHED_POST:
-        if (PKCS7_dataFinal(*pp7, sarg->ndef_bio) <= 0)
-            return 0;
-        break;
-
-    }
-    return 1;
-}
-
-ASN1_NDEF_SEQUENCE_cb(PKCS7, pk7_cb) = {
-        ASN1_SIMPLE(PKCS7, type, ASN1_OBJECT),
-        ASN1_ADB_OBJECT(PKCS7)
-}ASN1_NDEF_SEQUENCE_END_cb(PKCS7, PKCS7)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS7)
-
-IMPLEMENT_ASN1_NDEF_FUNCTION(PKCS7)
-
-IMPLEMENT_ASN1_DUP_FUNCTION(PKCS7)
-
-ASN1_NDEF_SEQUENCE(PKCS7_SIGNED) = {
-        ASN1_SIMPLE(PKCS7_SIGNED, version, ASN1_INTEGER),
-        ASN1_SET_OF(PKCS7_SIGNED, md_algs, X509_ALGOR),
-        ASN1_SIMPLE(PKCS7_SIGNED, contents, PKCS7),
-        ASN1_IMP_SEQUENCE_OF_OPT(PKCS7_SIGNED, cert, X509, 0),
-        ASN1_IMP_SET_OF_OPT(PKCS7_SIGNED, crl, X509_CRL, 1),
-        ASN1_SET_OF(PKCS7_SIGNED, signer_info, PKCS7_SIGNER_INFO)
-} ASN1_NDEF_SEQUENCE_END(PKCS7_SIGNED)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGNED)
-
-/* Minor tweak to operation: free up EVP_PKEY */
-static int si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                 void *exarg)
-{
-    if (operation == ASN1_OP_FREE_POST) {
-        PKCS7_SIGNER_INFO *si = (PKCS7_SIGNER_INFO *)*pval;
-        EVP_PKEY_free(si->pkey);
-    }
-    return 1;
-}
-
-ASN1_SEQUENCE_cb(PKCS7_SIGNER_INFO, si_cb) = {
-        ASN1_SIMPLE(PKCS7_SIGNER_INFO, version, ASN1_INTEGER),
-        ASN1_SIMPLE(PKCS7_SIGNER_INFO, issuer_and_serial, PKCS7_ISSUER_AND_SERIAL),
-        ASN1_SIMPLE(PKCS7_SIGNER_INFO, digest_alg, X509_ALGOR),
-        /* NB this should be a SET OF but we use a SEQUENCE OF so the
-         * original order * is retained when the structure is reencoded.
-         * Since the attributes are implicitly tagged this will not affect
-         * the encoding.
-         */
-        ASN1_IMP_SEQUENCE_OF_OPT(PKCS7_SIGNER_INFO, auth_attr, X509_ATTRIBUTE, 0),
-        ASN1_SIMPLE(PKCS7_SIGNER_INFO, digest_enc_alg, X509_ALGOR),
-        ASN1_SIMPLE(PKCS7_SIGNER_INFO, enc_digest, ASN1_OCTET_STRING),
-        ASN1_IMP_SET_OF_OPT(PKCS7_SIGNER_INFO, unauth_attr, X509_ATTRIBUTE, 1)
-} ASN1_SEQUENCE_END_cb(PKCS7_SIGNER_INFO, PKCS7_SIGNER_INFO)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO)
-
-ASN1_SEQUENCE(PKCS7_ISSUER_AND_SERIAL) = {
-        ASN1_SIMPLE(PKCS7_ISSUER_AND_SERIAL, issuer, X509_NAME),
-        ASN1_SIMPLE(PKCS7_ISSUER_AND_SERIAL, serial, ASN1_INTEGER)
-} ASN1_SEQUENCE_END(PKCS7_ISSUER_AND_SERIAL)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
-
-ASN1_NDEF_SEQUENCE(PKCS7_ENVELOPE) = {
-        ASN1_SIMPLE(PKCS7_ENVELOPE, version, ASN1_INTEGER),
-        ASN1_SET_OF(PKCS7_ENVELOPE, recipientinfo, PKCS7_RECIP_INFO),
-        ASN1_SIMPLE(PKCS7_ENVELOPE, enc_data, PKCS7_ENC_CONTENT)
-} ASN1_NDEF_SEQUENCE_END(PKCS7_ENVELOPE)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENVELOPE)
-
-/* Minor tweak to operation: free up X509 */
-static int ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                 void *exarg)
-{
-    if (operation == ASN1_OP_FREE_POST) {
-        PKCS7_RECIP_INFO *ri = (PKCS7_RECIP_INFO *)*pval;
-        X509_free(ri->cert);
-    }
-    return 1;
-}
-
-ASN1_SEQUENCE_cb(PKCS7_RECIP_INFO, ri_cb) = {
-        ASN1_SIMPLE(PKCS7_RECIP_INFO, version, ASN1_INTEGER),
-        ASN1_SIMPLE(PKCS7_RECIP_INFO, issuer_and_serial, PKCS7_ISSUER_AND_SERIAL),
-        ASN1_SIMPLE(PKCS7_RECIP_INFO, key_enc_algor, X509_ALGOR),
-        ASN1_SIMPLE(PKCS7_RECIP_INFO, enc_key, ASN1_OCTET_STRING)
-} ASN1_SEQUENCE_END_cb(PKCS7_RECIP_INFO, PKCS7_RECIP_INFO)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
-
-ASN1_NDEF_SEQUENCE(PKCS7_ENC_CONTENT) = {
-        ASN1_SIMPLE(PKCS7_ENC_CONTENT, content_type, ASN1_OBJECT),
-        ASN1_SIMPLE(PKCS7_ENC_CONTENT, algorithm, X509_ALGOR),
-        ASN1_IMP_OPT(PKCS7_ENC_CONTENT, enc_data, ASN1_OCTET_STRING_NDEF, 0)
-} ASN1_NDEF_SEQUENCE_END(PKCS7_ENC_CONTENT)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT)
-
-ASN1_NDEF_SEQUENCE(PKCS7_SIGN_ENVELOPE) = {
-        ASN1_SIMPLE(PKCS7_SIGN_ENVELOPE, version, ASN1_INTEGER),
-        ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, recipientinfo, PKCS7_RECIP_INFO),
-        ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, md_algs, X509_ALGOR),
-        ASN1_SIMPLE(PKCS7_SIGN_ENVELOPE, enc_data, PKCS7_ENC_CONTENT),
-        ASN1_IMP_SET_OF_OPT(PKCS7_SIGN_ENVELOPE, cert, X509, 0),
-        ASN1_IMP_SET_OF_OPT(PKCS7_SIGN_ENVELOPE, crl, X509_CRL, 1),
-        ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, signer_info, PKCS7_SIGNER_INFO)
-} ASN1_NDEF_SEQUENCE_END(PKCS7_SIGN_ENVELOPE)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE)
-
-ASN1_NDEF_SEQUENCE(PKCS7_ENCRYPT) = {
-        ASN1_SIMPLE(PKCS7_ENCRYPT, version, ASN1_INTEGER),
-        ASN1_SIMPLE(PKCS7_ENCRYPT, enc_data, PKCS7_ENC_CONTENT)
-} ASN1_NDEF_SEQUENCE_END(PKCS7_ENCRYPT)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENCRYPT)
-
-ASN1_NDEF_SEQUENCE(PKCS7_DIGEST) = {
-        ASN1_SIMPLE(PKCS7_DIGEST, version, ASN1_INTEGER),
-        ASN1_SIMPLE(PKCS7_DIGEST, md, X509_ALGOR),
-        ASN1_SIMPLE(PKCS7_DIGEST, contents, PKCS7),
-        ASN1_SIMPLE(PKCS7_DIGEST, digest, ASN1_OCTET_STRING)
-} ASN1_NDEF_SEQUENCE_END(PKCS7_DIGEST)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKCS7_DIGEST)
-
-/* Specials for authenticated attributes */
-
-/*
- * When signing attributes we want to reorder them to match the sorted
- * encoding.
- */
-
-ASN1_ITEM_TEMPLATE(PKCS7_ATTR_SIGN) =
-        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_ORDER, 0, PKCS7_ATTRIBUTES, X509_ATTRIBUTE)
-ASN1_ITEM_TEMPLATE_END(PKCS7_ATTR_SIGN)
-
-/*
- * When verifying attributes we need to use the received order. So we use
- * SEQUENCE OF and tag it to SET OF
- */
-
-ASN1_ITEM_TEMPLATE(PKCS7_ATTR_VERIFY) =
-        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_IMPTAG | ASN1_TFLG_UNIVERSAL,
-                                V_ASN1_SET, PKCS7_ATTRIBUTES, X509_ATTRIBUTE)
-ASN1_ITEM_TEMPLATE_END(PKCS7_ATTR_VERIFY)
-
-IMPLEMENT_ASN1_PRINT_FUNCTION(PKCS7)
diff --git a/thirdparty/openssl/crypto/pkcs7/pk7_attr.c b/thirdparty/openssl/crypto/pkcs7/pk7_attr.c
deleted file mode 100644
index 88922efe27..0000000000
--- a/thirdparty/openssl/crypto/pkcs7/pk7_attr.c
+++ /dev/null
@@ -1,165 +0,0 @@
-/* pk7_attr.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/bio.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/pem.h>
-#include <openssl/pkcs7.h>
-#include <openssl/x509.h>
-#include <openssl/err.h>
-
-int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si,
-                              STACK_OF(X509_ALGOR) *cap)
-{
-    ASN1_STRING *seq;
-    if (!(seq = ASN1_STRING_new())) {
-        PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    seq->length = ASN1_item_i2d((ASN1_VALUE *)cap, &seq->data,
-                                ASN1_ITEM_rptr(X509_ALGORS));
-    return PKCS7_add_signed_attribute(si, NID_SMIMECapabilities,
-                                      V_ASN1_SEQUENCE, seq);
-}
-
-STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si)
-{
-    ASN1_TYPE *cap;
-    const unsigned char *p;
-
-    cap = PKCS7_get_signed_attribute(si, NID_SMIMECapabilities);
-    if (!cap || (cap->type != V_ASN1_SEQUENCE))
-        return NULL;
-    p = cap->value.sequence->data;
-    return (STACK_OF(X509_ALGOR) *)
-        ASN1_item_d2i(NULL, &p, cap->value.sequence->length,
-                      ASN1_ITEM_rptr(X509_ALGORS));
-}
-
-/* Basic smime-capabilities OID and optional integer arg */
-int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
-{
-    X509_ALGOR *alg;
-
-    if (!(alg = X509_ALGOR_new())) {
-        PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    ASN1_OBJECT_free(alg->algorithm);
-    alg->algorithm = OBJ_nid2obj(nid);
-    if (arg > 0) {
-        ASN1_INTEGER *nbit;
-        if (!(alg->parameter = ASN1_TYPE_new())) {
-            PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-        if (!(nbit = ASN1_INTEGER_new())) {
-            PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-        if (!ASN1_INTEGER_set(nbit, arg)) {
-            PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-        alg->parameter->value.integer = nbit;
-        alg->parameter->type = V_ASN1_INTEGER;
-    }
-    sk_X509_ALGOR_push(sk, alg);
-    return 1;
-}
-
-int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid)
-{
-    if (PKCS7_get_signed_attribute(si, NID_pkcs9_contentType))
-        return 0;
-    if (!coid)
-        coid = OBJ_nid2obj(NID_pkcs7_data);
-    return PKCS7_add_signed_attribute(si, NID_pkcs9_contentType,
-                                      V_ASN1_OBJECT, coid);
-}
-
-int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t)
-{
-    if (!t && !(t = X509_gmtime_adj(NULL, 0))) {
-        PKCS7err(PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME,
-                 ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    return PKCS7_add_signed_attribute(si, NID_pkcs9_signingTime,
-                                      V_ASN1_UTCTIME, t);
-}
-
-int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si,
-                             const unsigned char *md, int mdlen)
-{
-    ASN1_OCTET_STRING *os;
-    os = ASN1_OCTET_STRING_new();
-    if (!os)
-        return 0;
-    if (!ASN1_STRING_set(os, md, mdlen)
-        || !PKCS7_add_signed_attribute(si, NID_pkcs9_messageDigest,
-                                       V_ASN1_OCTET_STRING, os)) {
-        ASN1_OCTET_STRING_free(os);
-        return 0;
-    }
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/pkcs7/pk7_dgst.c b/thirdparty/openssl/crypto/pkcs7/pk7_dgst.c
deleted file mode 100644
index 6b57f97aba..0000000000
--- a/thirdparty/openssl/crypto/pkcs7/pk7_dgst.c
+++ /dev/null
@@ -1,65 +0,0 @@
-/* crypto/pkcs7/pk7_dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/pkcs7.h>
diff --git a/thirdparty/openssl/crypto/pkcs7/pk7_doit.c b/thirdparty/openssl/crypto/pkcs7/pk7_doit.c
deleted file mode 100644
index 6cf8253bc2..0000000000
--- a/thirdparty/openssl/crypto/pkcs7/pk7_doit.c
+++ /dev/null
@@ -1,1297 +0,0 @@
-/* crypto/pkcs7/pk7_doit.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/err.h>
-
-static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
-                         void *value);
-static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid);
-
-static int PKCS7_type_is_other(PKCS7 *p7)
-{
-    int isOther = 1;
-
-    int nid = OBJ_obj2nid(p7->type);
-
-    switch (nid) {
-    case NID_pkcs7_data:
-    case NID_pkcs7_signed:
-    case NID_pkcs7_enveloped:
-    case NID_pkcs7_signedAndEnveloped:
-    case NID_pkcs7_digest:
-    case NID_pkcs7_encrypted:
-        isOther = 0;
-        break;
-    default:
-        isOther = 1;
-    }
-
-    return isOther;
-
-}
-
-static ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7)
-{
-    if (PKCS7_type_is_data(p7))
-        return p7->d.data;
-    if (PKCS7_type_is_other(p7) && p7->d.other
-        && (p7->d.other->type == V_ASN1_OCTET_STRING))
-        return p7->d.other->value.octet_string;
-    return NULL;
-}
-
-static int PKCS7_bio_add_digest(BIO **pbio, X509_ALGOR *alg)
-{
-    BIO *btmp;
-    const EVP_MD *md;
-    if ((btmp = BIO_new(BIO_f_md())) == NULL) {
-        PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST, ERR_R_BIO_LIB);
-        goto err;
-    }
-
-    md = EVP_get_digestbyobj(alg->algorithm);
-    if (md == NULL) {
-        PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST, PKCS7_R_UNKNOWN_DIGEST_TYPE);
-        goto err;
-    }
-
-    BIO_set_md(btmp, md);
-    if (*pbio == NULL)
-        *pbio = btmp;
-    else if (!BIO_push(*pbio, btmp)) {
-        PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST, ERR_R_BIO_LIB);
-        goto err;
-    }
-    btmp = NULL;
-
-    return 1;
-
- err:
-    if (btmp)
-        BIO_free(btmp);
-    return 0;
-
-}
-
-static int pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri,
-                              unsigned char *key, int keylen)
-{
-    EVP_PKEY_CTX *pctx = NULL;
-    EVP_PKEY *pkey = NULL;
-    unsigned char *ek = NULL;
-    int ret = 0;
-    size_t eklen;
-
-    pkey = X509_get_pubkey(ri->cert);
-
-    if (!pkey)
-        return 0;
-
-    pctx = EVP_PKEY_CTX_new(pkey, NULL);
-    if (!pctx)
-        return 0;
-
-    if (EVP_PKEY_encrypt_init(pctx) <= 0)
-        goto err;
-
-    if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT,
-                          EVP_PKEY_CTRL_PKCS7_ENCRYPT, 0, ri) <= 0) {
-        PKCS7err(PKCS7_F_PKCS7_ENCODE_RINFO, PKCS7_R_CTRL_ERROR);
-        goto err;
-    }
-
-    if (EVP_PKEY_encrypt(pctx, NULL, &eklen, key, keylen) <= 0)
-        goto err;
-
-    ek = OPENSSL_malloc(eklen);
-
-    if (ek == NULL) {
-        PKCS7err(PKCS7_F_PKCS7_ENCODE_RINFO, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (EVP_PKEY_encrypt(pctx, ek, &eklen, key, keylen) <= 0)
-        goto err;
-
-    ASN1_STRING_set0(ri->enc_key, ek, eklen);
-    ek = NULL;
-
-    ret = 1;
-
- err:
-    if (pkey)
-        EVP_PKEY_free(pkey);
-    if (pctx)
-        EVP_PKEY_CTX_free(pctx);
-    if (ek)
-        OPENSSL_free(ek);
-    return ret;
-
-}
-
-static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen,
-                               PKCS7_RECIP_INFO *ri, EVP_PKEY *pkey)
-{
-    EVP_PKEY_CTX *pctx = NULL;
-    unsigned char *ek = NULL;
-    size_t eklen;
-
-    int ret = -1;
-
-    pctx = EVP_PKEY_CTX_new(pkey, NULL);
-    if (!pctx)
-        return -1;
-
-    if (EVP_PKEY_decrypt_init(pctx) <= 0)
-        goto err;
-
-    if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DECRYPT,
-                          EVP_PKEY_CTRL_PKCS7_DECRYPT, 0, ri) <= 0) {
-        PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, PKCS7_R_CTRL_ERROR);
-        goto err;
-    }
-
-    if (EVP_PKEY_decrypt(pctx, NULL, &eklen,
-                         ri->enc_key->data, ri->enc_key->length) <= 0)
-        goto err;
-
-    ek = OPENSSL_malloc(eklen);
-
-    if (ek == NULL) {
-        PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (EVP_PKEY_decrypt(pctx, ek, &eklen,
-                         ri->enc_key->data, ri->enc_key->length) <= 0) {
-        ret = 0;
-        PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_EVP_LIB);
-        goto err;
-    }
-
-    ret = 1;
-
-    if (*pek) {
-        OPENSSL_cleanse(*pek, *peklen);
-        OPENSSL_free(*pek);
-    }
-
-    *pek = ek;
-    *peklen = eklen;
-
- err:
-    if (pctx)
-        EVP_PKEY_CTX_free(pctx);
-    if (!ret && ek)
-        OPENSSL_free(ek);
-
-    return ret;
-}
-
-BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
-{
-    int i;
-    BIO *out = NULL, *btmp = NULL;
-    X509_ALGOR *xa = NULL;
-    const EVP_CIPHER *evp_cipher = NULL;
-    STACK_OF(X509_ALGOR) *md_sk = NULL;
-    STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL;
-    X509_ALGOR *xalg = NULL;
-    PKCS7_RECIP_INFO *ri = NULL;
-    ASN1_OCTET_STRING *os = NULL;
-
-    if (p7 == NULL) {
-        PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_INVALID_NULL_POINTER);
-        return NULL;
-    }
-    /*
-     * The content field in the PKCS7 ContentInfo is optional, but that really
-     * only applies to inner content (precisely, detached signatures).
-     *
-     * When reading content, missing outer content is therefore treated as an
-     * error.
-     *
-     * When creating content, PKCS7_content_new() must be called before
-     * calling this method, so a NULL p7->d is always an error.
-     */
-    if (p7->d.ptr == NULL) {
-        PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_NO_CONTENT);
-        return NULL;
-    }
-
-    i = OBJ_obj2nid(p7->type);
-    p7->state = PKCS7_S_HEADER;
-
-    switch (i) {
-    case NID_pkcs7_signed:
-        md_sk = p7->d.sign->md_algs;
-        os = PKCS7_get_octet_string(p7->d.sign->contents);
-        break;
-    case NID_pkcs7_signedAndEnveloped:
-        rsk = p7->d.signed_and_enveloped->recipientinfo;
-        md_sk = p7->d.signed_and_enveloped->md_algs;
-        xalg = p7->d.signed_and_enveloped->enc_data->algorithm;
-        evp_cipher = p7->d.signed_and_enveloped->enc_data->cipher;
-        if (evp_cipher == NULL) {
-            PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_CIPHER_NOT_INITIALIZED);
-            goto err;
-        }
-        break;
-    case NID_pkcs7_enveloped:
-        rsk = p7->d.enveloped->recipientinfo;
-        xalg = p7->d.enveloped->enc_data->algorithm;
-        evp_cipher = p7->d.enveloped->enc_data->cipher;
-        if (evp_cipher == NULL) {
-            PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_CIPHER_NOT_INITIALIZED);
-            goto err;
-        }
-        break;
-    case NID_pkcs7_digest:
-        xa = p7->d.digest->md;
-        os = PKCS7_get_octet_string(p7->d.digest->contents);
-        break;
-    case NID_pkcs7_data:
-        break;
-    default:
-        PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
-        goto err;
-    }
-
-    for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++)
-        if (!PKCS7_bio_add_digest(&out, sk_X509_ALGOR_value(md_sk, i)))
-            goto err;
-
-    if (xa && !PKCS7_bio_add_digest(&out, xa))
-        goto err;
-
-    if (evp_cipher != NULL) {
-        unsigned char key[EVP_MAX_KEY_LENGTH];
-        unsigned char iv[EVP_MAX_IV_LENGTH];
-        int keylen, ivlen;
-        EVP_CIPHER_CTX *ctx;
-
-        if ((btmp = BIO_new(BIO_f_cipher())) == NULL) {
-            PKCS7err(PKCS7_F_PKCS7_DATAINIT, ERR_R_BIO_LIB);
-            goto err;
-        }
-        BIO_get_cipher_ctx(btmp, &ctx);
-        keylen = EVP_CIPHER_key_length(evp_cipher);
-        ivlen = EVP_CIPHER_iv_length(evp_cipher);
-        xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher));
-        if (ivlen > 0)
-            if (RAND_bytes(iv, ivlen) <= 0)
-                goto err;
-        if (EVP_CipherInit_ex(ctx, evp_cipher, NULL, NULL, NULL, 1) <= 0)
-            goto err;
-        if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
-            goto err;
-        if (EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, 1) <= 0)
-            goto err;
-
-        if (ivlen > 0) {
-            if (xalg->parameter == NULL) {
-                xalg->parameter = ASN1_TYPE_new();
-                if (xalg->parameter == NULL)
-                    goto err;
-            }
-            if (EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) < 0)
-                goto err;
-        }
-
-        /* Lets do the pub key stuff :-) */
-        for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
-            ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
-            if (pkcs7_encode_rinfo(ri, key, keylen) <= 0)
-                goto err;
-        }
-        OPENSSL_cleanse(key, keylen);
-
-        if (out == NULL)
-            out = btmp;
-        else
-            BIO_push(out, btmp);
-        btmp = NULL;
-    }
-
-    if (bio == NULL) {
-        if (PKCS7_is_detached(p7))
-            bio = BIO_new(BIO_s_null());
-        else if (os && os->length > 0)
-            bio = BIO_new_mem_buf(os->data, os->length);
-        if (bio == NULL) {
-            bio = BIO_new(BIO_s_mem());
-            if (bio == NULL)
-                goto err;
-            BIO_set_mem_eof_return(bio, 0);
-        }
-    }
-    if (out)
-        BIO_push(out, bio);
-    else
-        out = bio;
-    bio = NULL;
-    if (0) {
- err:
-        if (out != NULL)
-            BIO_free_all(out);
-        if (btmp != NULL)
-            BIO_free_all(btmp);
-        out = NULL;
-    }
-    return (out);
-}
-
-static int pkcs7_cmp_ri(PKCS7_RECIP_INFO *ri, X509 *pcert)
-{
-    int ret;
-    ret = X509_NAME_cmp(ri->issuer_and_serial->issuer,
-                        pcert->cert_info->issuer);
-    if (ret)
-        return ret;
-    return M_ASN1_INTEGER_cmp(pcert->cert_info->serialNumber,
-                              ri->issuer_and_serial->serial);
-}
-
-/* int */
-BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
-{
-    int i, j;
-    BIO *out = NULL, *btmp = NULL, *etmp = NULL, *bio = NULL;
-    X509_ALGOR *xa;
-    ASN1_OCTET_STRING *data_body = NULL;
-    const EVP_MD *evp_md;
-    const EVP_CIPHER *evp_cipher = NULL;
-    EVP_CIPHER_CTX *evp_ctx = NULL;
-    X509_ALGOR *enc_alg = NULL;
-    STACK_OF(X509_ALGOR) *md_sk = NULL;
-    STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL;
-    PKCS7_RECIP_INFO *ri = NULL;
-    unsigned char *ek = NULL, *tkey = NULL;
-    int eklen = 0, tkeylen = 0;
-
-    if (p7 == NULL) {
-        PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_INVALID_NULL_POINTER);
-        return NULL;
-    }
-
-    if (p7->d.ptr == NULL) {
-        PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT);
-        return NULL;
-    }
-
-    i = OBJ_obj2nid(p7->type);
-    p7->state = PKCS7_S_HEADER;
-
-    switch (i) {
-    case NID_pkcs7_signed:
-        /*
-         * p7->d.sign->contents is a PKCS7 structure consisting of a contentType
-         * field and optional content.
-         * data_body is NULL if that structure has no (=detached) content
-         * or if the contentType is wrong (i.e., not "data").
-         */
-        data_body = PKCS7_get_octet_string(p7->d.sign->contents);
-        if (!PKCS7_is_detached(p7) && data_body == NULL) {
-            PKCS7err(PKCS7_F_PKCS7_DATADECODE,
-                     PKCS7_R_INVALID_SIGNED_DATA_TYPE);
-            goto err;
-        }
-        md_sk = p7->d.sign->md_algs;
-        break;
-    case NID_pkcs7_signedAndEnveloped:
-        rsk = p7->d.signed_and_enveloped->recipientinfo;
-        md_sk = p7->d.signed_and_enveloped->md_algs;
-        /* data_body is NULL if the optional EncryptedContent is missing. */
-        data_body = p7->d.signed_and_enveloped->enc_data->enc_data;
-        enc_alg = p7->d.signed_and_enveloped->enc_data->algorithm;
-        evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm);
-        if (evp_cipher == NULL) {
-            PKCS7err(PKCS7_F_PKCS7_DATADECODE,
-                     PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
-            goto err;
-        }
-        break;
-    case NID_pkcs7_enveloped:
-        rsk = p7->d.enveloped->recipientinfo;
-        enc_alg = p7->d.enveloped->enc_data->algorithm;
-        /* data_body is NULL if the optional EncryptedContent is missing. */
-        data_body = p7->d.enveloped->enc_data->enc_data;
-        evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm);
-        if (evp_cipher == NULL) {
-            PKCS7err(PKCS7_F_PKCS7_DATADECODE,
-                     PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
-            goto err;
-        }
-        break;
-    default:
-        PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
-        goto err;
-    }
-
-    /* Detached content must be supplied via in_bio instead. */
-    if (data_body == NULL && in_bio == NULL) {
-        PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT);
-        goto err;
-    }
-
-    /* We will be checking the signature */
-    if (md_sk != NULL) {
-        for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++) {
-            xa = sk_X509_ALGOR_value(md_sk, i);
-            if ((btmp = BIO_new(BIO_f_md())) == NULL) {
-                PKCS7err(PKCS7_F_PKCS7_DATADECODE, ERR_R_BIO_LIB);
-                goto err;
-            }
-
-            j = OBJ_obj2nid(xa->algorithm);
-            evp_md = EVP_get_digestbynid(j);
-            if (evp_md == NULL) {
-                PKCS7err(PKCS7_F_PKCS7_DATADECODE,
-                         PKCS7_R_UNKNOWN_DIGEST_TYPE);
-                goto err;
-            }
-
-            BIO_set_md(btmp, evp_md);
-            if (out == NULL)
-                out = btmp;
-            else
-                BIO_push(out, btmp);
-            btmp = NULL;
-        }
-    }
-
-    if (evp_cipher != NULL) {
-#if 0
-        unsigned char key[EVP_MAX_KEY_LENGTH];
-        unsigned char iv[EVP_MAX_IV_LENGTH];
-        unsigned char *p;
-        int keylen, ivlen;
-        int max;
-        X509_OBJECT ret;
-#endif
-
-        if ((etmp = BIO_new(BIO_f_cipher())) == NULL) {
-            PKCS7err(PKCS7_F_PKCS7_DATADECODE, ERR_R_BIO_LIB);
-            goto err;
-        }
-
-        /*
-         * It was encrypted, we need to decrypt the secret key with the
-         * private key
-         */
-
-        /*
-         * Find the recipientInfo which matches the passed certificate (if
-         * any)
-         */
-
-        if (pcert) {
-            for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
-                ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
-                if (!pkcs7_cmp_ri(ri, pcert))
-                    break;
-                ri = NULL;
-            }
-            if (ri == NULL) {
-                PKCS7err(PKCS7_F_PKCS7_DATADECODE,
-                         PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE);
-                goto err;
-            }
-        }
-
-        /* If we haven't got a certificate try each ri in turn */
-        if (pcert == NULL) {
-            /*
-             * Always attempt to decrypt all rinfo even after sucess as a
-             * defence against MMA timing attacks.
-             */
-            for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
-                ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
-
-                if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) < 0)
-                    goto err;
-                ERR_clear_error();
-            }
-        } else {
-            /* Only exit on fatal errors, not decrypt failure */
-            if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) < 0)
-                goto err;
-            ERR_clear_error();
-        }
-
-        evp_ctx = NULL;
-        BIO_get_cipher_ctx(etmp, &evp_ctx);
-        if (EVP_CipherInit_ex(evp_ctx, evp_cipher, NULL, NULL, NULL, 0) <= 0)
-            goto err;
-        if (EVP_CIPHER_asn1_to_param(evp_ctx, enc_alg->parameter) < 0)
-            goto err;
-        /* Generate random key as MMA defence */
-        tkeylen = EVP_CIPHER_CTX_key_length(evp_ctx);
-        tkey = OPENSSL_malloc(tkeylen);
-        if (!tkey)
-            goto err;
-        if (EVP_CIPHER_CTX_rand_key(evp_ctx, tkey) <= 0)
-            goto err;
-        if (ek == NULL) {
-            ek = tkey;
-            eklen = tkeylen;
-            tkey = NULL;
-        }
-
-        if (eklen != EVP_CIPHER_CTX_key_length(evp_ctx)) {
-            /*
-             * Some S/MIME clients don't use the same key and effective key
-             * length. The key length is determined by the size of the
-             * decrypted RSA key.
-             */
-            if (!EVP_CIPHER_CTX_set_key_length(evp_ctx, eklen)) {
-                /* Use random key as MMA defence */
-                OPENSSL_cleanse(ek, eklen);
-                OPENSSL_free(ek);
-                ek = tkey;
-                eklen = tkeylen;
-                tkey = NULL;
-            }
-        }
-        /* Clear errors so we don't leak information useful in MMA */
-        ERR_clear_error();
-        if (EVP_CipherInit_ex(evp_ctx, NULL, NULL, ek, NULL, 0) <= 0)
-            goto err;
-
-        if (ek) {
-            OPENSSL_cleanse(ek, eklen);
-            OPENSSL_free(ek);
-            ek = NULL;
-        }
-        if (tkey) {
-            OPENSSL_cleanse(tkey, tkeylen);
-            OPENSSL_free(tkey);
-            tkey = NULL;
-        }
-
-        if (out == NULL)
-            out = etmp;
-        else
-            BIO_push(out, etmp);
-        etmp = NULL;
-    }
-#if 1
-    if (in_bio != NULL) {
-        bio = in_bio;
-    } else {
-# if 0
-        bio = BIO_new(BIO_s_mem());
-        if (bio == NULL)
-            goto err;
-        /*
-         * We need to set this so that when we have read all the data, the
-         * encrypt BIO, if present, will read EOF and encode the last few
-         * bytes
-         */
-        BIO_set_mem_eof_return(bio, 0);
-
-        if (data_body->length > 0)
-            BIO_write(bio, (char *)data_body->data, data_body->length);
-# else
-        if (data_body->length > 0)
-            bio = BIO_new_mem_buf(data_body->data, data_body->length);
-        else {
-            bio = BIO_new(BIO_s_mem());
-            if (bio == NULL)
-                goto err;
-            BIO_set_mem_eof_return(bio, 0);
-        }
-        if (bio == NULL)
-            goto err;
-# endif
-    }
-    BIO_push(out, bio);
-    bio = NULL;
-#endif
-    if (0) {
- err:
-        if (ek) {
-            OPENSSL_cleanse(ek, eklen);
-            OPENSSL_free(ek);
-        }
-        if (tkey) {
-            OPENSSL_cleanse(tkey, tkeylen);
-            OPENSSL_free(tkey);
-        }
-        if (out != NULL)
-            BIO_free_all(out);
-        if (btmp != NULL)
-            BIO_free_all(btmp);
-        if (etmp != NULL)
-            BIO_free_all(etmp);
-        if (bio != NULL)
-            BIO_free_all(bio);
-        out = NULL;
-    }
-    return (out);
-}
-
-static BIO *PKCS7_find_digest(EVP_MD_CTX **pmd, BIO *bio, int nid)
-{
-    for (;;) {
-        bio = BIO_find_type(bio, BIO_TYPE_MD);
-        if (bio == NULL) {
-            PKCS7err(PKCS7_F_PKCS7_FIND_DIGEST,
-                     PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
-            return NULL;
-        }
-        BIO_get_md_ctx(bio, pmd);
-        if (*pmd == NULL) {
-            PKCS7err(PKCS7_F_PKCS7_FIND_DIGEST, ERR_R_INTERNAL_ERROR);
-            return NULL;
-        }
-        if (EVP_MD_CTX_type(*pmd) == nid)
-            return bio;
-        bio = BIO_next(bio);
-    }
-    return NULL;
-}
-
-static int do_pkcs7_signed_attrib(PKCS7_SIGNER_INFO *si, EVP_MD_CTX *mctx)
-{
-    unsigned char md_data[EVP_MAX_MD_SIZE];
-    unsigned int md_len;
-
-    /* Add signing time if not already present */
-    if (!PKCS7_get_signed_attribute(si, NID_pkcs9_signingTime)) {
-        if (!PKCS7_add0_attrib_signing_time(si, NULL)) {
-            PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-    }
-
-    /* Add digest */
-    if (!EVP_DigestFinal_ex(mctx, md_data, &md_len)) {
-        PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_EVP_LIB);
-        return 0;
-    }
-    if (!PKCS7_add1_attrib_digest(si, md_data, md_len)) {
-        PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-
-    /* Now sign the attributes */
-    if (!PKCS7_SIGNER_INFO_sign(si))
-        return 0;
-
-    return 1;
-}
-
-int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
-{
-    int ret = 0;
-    int i, j;
-    BIO *btmp;
-    PKCS7_SIGNER_INFO *si;
-    EVP_MD_CTX *mdc, ctx_tmp;
-    STACK_OF(X509_ATTRIBUTE) *sk;
-    STACK_OF(PKCS7_SIGNER_INFO) *si_sk = NULL;
-    ASN1_OCTET_STRING *os = NULL;
-
-    if (p7 == NULL) {
-        PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_INVALID_NULL_POINTER);
-        return 0;
-    }
-
-    if (p7->d.ptr == NULL) {
-        PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_NO_CONTENT);
-        return 0;
-    }
-
-    EVP_MD_CTX_init(&ctx_tmp);
-    i = OBJ_obj2nid(p7->type);
-    p7->state = PKCS7_S_HEADER;
-
-    switch (i) {
-    case NID_pkcs7_data:
-        os = p7->d.data;
-        break;
-    case NID_pkcs7_signedAndEnveloped:
-        /* XXXXXXXXXXXXXXXX */
-        si_sk = p7->d.signed_and_enveloped->signer_info;
-        os = p7->d.signed_and_enveloped->enc_data->enc_data;
-        if (!os) {
-            os = M_ASN1_OCTET_STRING_new();
-            if (!os) {
-                PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            p7->d.signed_and_enveloped->enc_data->enc_data = os;
-        }
-        break;
-    case NID_pkcs7_enveloped:
-        /* XXXXXXXXXXXXXXXX */
-        os = p7->d.enveloped->enc_data->enc_data;
-        if (!os) {
-            os = M_ASN1_OCTET_STRING_new();
-            if (!os) {
-                PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            p7->d.enveloped->enc_data->enc_data = os;
-        }
-        break;
-    case NID_pkcs7_signed:
-        si_sk = p7->d.sign->signer_info;
-        os = PKCS7_get_octet_string(p7->d.sign->contents);
-        /* If detached data then the content is excluded */
-        if (PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) {
-            M_ASN1_OCTET_STRING_free(os);
-            os = NULL;
-            p7->d.sign->contents->d.data = NULL;
-        }
-        break;
-
-    case NID_pkcs7_digest:
-        os = PKCS7_get_octet_string(p7->d.digest->contents);
-        /* If detached data then the content is excluded */
-        if (PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) {
-            M_ASN1_OCTET_STRING_free(os);
-            os = NULL;
-            p7->d.digest->contents->d.data = NULL;
-        }
-        break;
-
-    default:
-        PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
-        goto err;
-    }
-
-    if (si_sk != NULL) {
-        for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(si_sk); i++) {
-            si = sk_PKCS7_SIGNER_INFO_value(si_sk, i);
-            if (si->pkey == NULL)
-                continue;
-
-            j = OBJ_obj2nid(si->digest_alg->algorithm);
-
-            btmp = bio;
-
-            btmp = PKCS7_find_digest(&mdc, btmp, j);
-
-            if (btmp == NULL)
-                goto err;
-
-            /*
-             * We now have the EVP_MD_CTX, lets do the signing.
-             */
-            if (!EVP_MD_CTX_copy_ex(&ctx_tmp, mdc))
-                goto err;
-
-            sk = si->auth_attr;
-
-            /*
-             * If there are attributes, we add the digest attribute and only
-             * sign the attributes
-             */
-            if (sk_X509_ATTRIBUTE_num(sk) > 0) {
-                if (!do_pkcs7_signed_attrib(si, &ctx_tmp))
-                    goto err;
-            } else {
-                unsigned char *abuf = NULL;
-                unsigned int abuflen;
-                abuflen = EVP_PKEY_size(si->pkey);
-                abuf = OPENSSL_malloc(abuflen);
-                if (!abuf)
-                    goto err;
-
-                if (!EVP_SignFinal(&ctx_tmp, abuf, &abuflen, si->pkey)) {
-                    PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_EVP_LIB);
-                    goto err;
-                }
-                ASN1_STRING_set0(si->enc_digest, abuf, abuflen);
-            }
-        }
-    } else if (i == NID_pkcs7_digest) {
-        unsigned char md_data[EVP_MAX_MD_SIZE];
-        unsigned int md_len;
-        if (!PKCS7_find_digest(&mdc, bio,
-                               OBJ_obj2nid(p7->d.digest->md->algorithm)))
-            goto err;
-        if (!EVP_DigestFinal_ex(mdc, md_data, &md_len))
-            goto err;
-        M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len);
-    }
-
-    if (!PKCS7_is_detached(p7)) {
-        /*
-         * NOTE(emilia): I think we only reach os == NULL here because detached
-         * digested data support is broken.
-         */
-        if (os == NULL)
-            goto err;
-        if (!(os->flags & ASN1_STRING_FLAG_NDEF)) {
-            char *cont;
-            long contlen;
-            btmp = BIO_find_type(bio, BIO_TYPE_MEM);
-            if (btmp == NULL) {
-                PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
-                goto err;
-            }
-            contlen = BIO_get_mem_data(btmp, &cont);
-            /*
-             * Mark the BIO read only then we can use its copy of the data
-             * instead of making an extra copy.
-             */
-            BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY);
-            BIO_set_mem_eof_return(btmp, 0);
-            ASN1_STRING_set0(os, (unsigned char *)cont, contlen);
-        }
-    }
-    ret = 1;
- err:
-    EVP_MD_CTX_cleanup(&ctx_tmp);
-    return (ret);
-}
-
-int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)
-{
-    EVP_MD_CTX mctx;
-    EVP_PKEY_CTX *pctx;
-    unsigned char *abuf = NULL;
-    int alen;
-    size_t siglen;
-    const EVP_MD *md = NULL;
-
-    md = EVP_get_digestbyobj(si->digest_alg->algorithm);
-    if (md == NULL)
-        return 0;
-
-    EVP_MD_CTX_init(&mctx);
-    if (EVP_DigestSignInit(&mctx, &pctx, md, NULL, si->pkey) <= 0)
-        goto err;
-
-    if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
-                          EVP_PKEY_CTRL_PKCS7_SIGN, 0, si) <= 0) {
-        PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, PKCS7_R_CTRL_ERROR);
-        goto err;
-    }
-
-    alen = ASN1_item_i2d((ASN1_VALUE *)si->auth_attr, &abuf,
-                         ASN1_ITEM_rptr(PKCS7_ATTR_SIGN));
-    if (!abuf)
-        goto err;
-    if (EVP_DigestSignUpdate(&mctx, abuf, alen) <= 0)
-        goto err;
-    OPENSSL_free(abuf);
-    abuf = NULL;
-    if (EVP_DigestSignFinal(&mctx, NULL, &siglen) <= 0)
-        goto err;
-    abuf = OPENSSL_malloc(siglen);
-    if (!abuf)
-        goto err;
-    if (EVP_DigestSignFinal(&mctx, abuf, &siglen) <= 0)
-        goto err;
-
-    if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
-                          EVP_PKEY_CTRL_PKCS7_SIGN, 1, si) <= 0) {
-        PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, PKCS7_R_CTRL_ERROR);
-        goto err;
-    }
-
-    EVP_MD_CTX_cleanup(&mctx);
-
-    ASN1_STRING_set0(si->enc_digest, abuf, siglen);
-
-    return 1;
-
- err:
-    if (abuf)
-        OPENSSL_free(abuf);
-    EVP_MD_CTX_cleanup(&mctx);
-    return 0;
-
-}
-
-int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio,
-                     PKCS7 *p7, PKCS7_SIGNER_INFO *si)
-{
-    PKCS7_ISSUER_AND_SERIAL *ias;
-    int ret = 0, i;
-    STACK_OF(X509) *cert;
-    X509 *x509;
-
-    if (p7 == NULL) {
-        PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_INVALID_NULL_POINTER);
-        return 0;
-    }
-
-    if (p7->d.ptr == NULL) {
-        PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_NO_CONTENT);
-        return 0;
-    }
-
-    if (PKCS7_type_is_signed(p7)) {
-        cert = p7->d.sign->cert;
-    } else if (PKCS7_type_is_signedAndEnveloped(p7)) {
-        cert = p7->d.signed_and_enveloped->cert;
-    } else {
-        PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_WRONG_PKCS7_TYPE);
-        goto err;
-    }
-    /* XXXXXXXXXXXXXXXXXXXXXXX */
-    ias = si->issuer_and_serial;
-
-    x509 = X509_find_by_issuer_and_serial(cert, ias->issuer, ias->serial);
-
-    /* were we able to find the cert in passed to us */
-    if (x509 == NULL) {
-        PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,
-                 PKCS7_R_UNABLE_TO_FIND_CERTIFICATE);
-        goto err;
-    }
-
-    /* Lets verify */
-    if (!X509_STORE_CTX_init(ctx, cert_store, x509, cert)) {
-        PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, ERR_R_X509_LIB);
-        goto err;
-    }
-    X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_SMIME_SIGN);
-    i = X509_verify_cert(ctx);
-    if (i <= 0) {
-        PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, ERR_R_X509_LIB);
-        X509_STORE_CTX_cleanup(ctx);
-        goto err;
-    }
-    X509_STORE_CTX_cleanup(ctx);
-
-    return PKCS7_signatureVerify(bio, p7, si, x509);
- err:
-    return ret;
-}
-
-int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
-                          X509 *x509)
-{
-    ASN1_OCTET_STRING *os;
-    EVP_MD_CTX mdc_tmp, *mdc;
-    int ret = 0, i;
-    int md_type;
-    STACK_OF(X509_ATTRIBUTE) *sk;
-    BIO *btmp;
-    EVP_PKEY *pkey;
-
-    EVP_MD_CTX_init(&mdc_tmp);
-
-    if (!PKCS7_type_is_signed(p7) && !PKCS7_type_is_signedAndEnveloped(p7)) {
-        PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_WRONG_PKCS7_TYPE);
-        goto err;
-    }
-
-    md_type = OBJ_obj2nid(si->digest_alg->algorithm);
-
-    btmp = bio;
-    for (;;) {
-        if ((btmp == NULL) ||
-            ((btmp = BIO_find_type(btmp, BIO_TYPE_MD)) == NULL)) {
-            PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
-                     PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
-            goto err;
-        }
-        BIO_get_md_ctx(btmp, &mdc);
-        if (mdc == NULL) {
-            PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, ERR_R_INTERNAL_ERROR);
-            goto err;
-        }
-        if (EVP_MD_CTX_type(mdc) == md_type)
-            break;
-        /*
-         * Workaround for some broken clients that put the signature OID
-         * instead of the digest OID in digest_alg->algorithm
-         */
-        if (EVP_MD_pkey_type(EVP_MD_CTX_md(mdc)) == md_type)
-            break;
-        btmp = BIO_next(btmp);
-    }
-
-    /*
-     * mdc is the digest ctx that we want, unless there are attributes, in
-     * which case the digest is the signed attributes
-     */
-    if (!EVP_MD_CTX_copy_ex(&mdc_tmp, mdc))
-        goto err;
-
-    sk = si->auth_attr;
-    if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0)) {
-        unsigned char md_dat[EVP_MAX_MD_SIZE], *abuf = NULL;
-        unsigned int md_len;
-        int alen;
-        ASN1_OCTET_STRING *message_digest;
-
-        if (!EVP_DigestFinal_ex(&mdc_tmp, md_dat, &md_len))
-            goto err;
-        message_digest = PKCS7_digest_from_attributes(sk);
-        if (!message_digest) {
-            PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
-                     PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
-            goto err;
-        }
-        if ((message_digest->length != (int)md_len) ||
-            (memcmp(message_digest->data, md_dat, md_len))) {
-#if 0
-            {
-                int ii;
-                for (ii = 0; ii < message_digest->length; ii++)
-                    printf("%02X", message_digest->data[ii]);
-                printf(" sent\n");
-                for (ii = 0; ii < md_len; ii++)
-                    printf("%02X", md_dat[ii]);
-                printf(" calc\n");
-            }
-#endif
-            PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_DIGEST_FAILURE);
-            ret = -1;
-            goto err;
-        }
-
-        if (!EVP_VerifyInit_ex(&mdc_tmp, EVP_get_digestbynid(md_type), NULL))
-            goto err;
-
-        alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf,
-                             ASN1_ITEM_rptr(PKCS7_ATTR_VERIFY));
-        if (alen <= 0) {
-            PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, ERR_R_ASN1_LIB);
-            ret = -1;
-            goto err;
-        }
-        if (!EVP_VerifyUpdate(&mdc_tmp, abuf, alen))
-            goto err;
-
-        OPENSSL_free(abuf);
-    }
-
-    os = si->enc_digest;
-    pkey = X509_get_pubkey(x509);
-    if (!pkey) {
-        ret = -1;
-        goto err;
-    }
-
-    i = EVP_VerifyFinal(&mdc_tmp, os->data, os->length, pkey);
-    EVP_PKEY_free(pkey);
-    if (i <= 0) {
-        PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_SIGNATURE_FAILURE);
-        ret = -1;
-        goto err;
-    } else
-        ret = 1;
- err:
-    EVP_MD_CTX_cleanup(&mdc_tmp);
-    return (ret);
-}
-
-PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx)
-{
-    STACK_OF(PKCS7_RECIP_INFO) *rsk;
-    PKCS7_RECIP_INFO *ri;
-    int i;
-
-    i = OBJ_obj2nid(p7->type);
-    if (i != NID_pkcs7_signedAndEnveloped)
-        return NULL;
-    if (p7->d.signed_and_enveloped == NULL)
-        return NULL;
-    rsk = p7->d.signed_and_enveloped->recipientinfo;
-    if (rsk == NULL)
-        return NULL;
-    if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx)
-        return (NULL);
-    ri = sk_PKCS7_RECIP_INFO_value(rsk, idx);
-    return (ri->issuer_and_serial);
-}
-
-ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid)
-{
-    return (get_attribute(si->auth_attr, nid));
-}
-
-ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid)
-{
-    return (get_attribute(si->unauth_attr, nid));
-}
-
-static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid)
-{
-    int i;
-    X509_ATTRIBUTE *xa;
-    ASN1_OBJECT *o;
-
-    o = OBJ_nid2obj(nid);
-    if (!o || !sk)
-        return (NULL);
-    for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
-        xa = sk_X509_ATTRIBUTE_value(sk, i);
-        if (OBJ_cmp(xa->object, o) == 0) {
-            if (!xa->single && sk_ASN1_TYPE_num(xa->value.set))
-                return (sk_ASN1_TYPE_value(xa->value.set, 0));
-            else
-                return (NULL);
-        }
-    }
-    return (NULL);
-}
-
-ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk)
-{
-    ASN1_TYPE *astype;
-    if (!(astype = get_attribute(sk, NID_pkcs9_messageDigest)))
-        return NULL;
-    return astype->value.octet_string;
-}
-
-int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
-                                STACK_OF(X509_ATTRIBUTE) *sk)
-{
-    int i;
-
-    if (p7si->auth_attr != NULL)
-        sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr, X509_ATTRIBUTE_free);
-    p7si->auth_attr = sk_X509_ATTRIBUTE_dup(sk);
-    if (p7si->auth_attr == NULL)
-        return 0;
-    for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
-        if ((sk_X509_ATTRIBUTE_set(p7si->auth_attr, i,
-                                   X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value
-                                                      (sk, i))))
-            == NULL)
-            return (0);
-    }
-    return (1);
-}
-
-int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,
-                         STACK_OF(X509_ATTRIBUTE) *sk)
-{
-    int i;
-
-    if (p7si->unauth_attr != NULL)
-        sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr, X509_ATTRIBUTE_free);
-    p7si->unauth_attr = sk_X509_ATTRIBUTE_dup(sk);
-    if (p7si->unauth_attr == NULL)
-        return 0;
-    for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
-        if ((sk_X509_ATTRIBUTE_set(p7si->unauth_attr, i,
-                                   X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value
-                                                      (sk, i))))
-            == NULL)
-            return (0);
-    }
-    return (1);
-}
-
-int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
-                               void *value)
-{
-    return (add_attribute(&(p7si->auth_attr), nid, atrtype, value));
-}
-
-int PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
-                        void *value)
-{
-    return (add_attribute(&(p7si->unauth_attr), nid, atrtype, value));
-}
-
-static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
-                         void *value)
-{
-    X509_ATTRIBUTE *attr = NULL;
-
-    if (*sk == NULL) {
-        *sk = sk_X509_ATTRIBUTE_new_null();
-        if (*sk == NULL)
-            return 0;
- new_attrib:
-        if (!(attr = X509_ATTRIBUTE_create(nid, atrtype, value)))
-            return 0;
-        if (!sk_X509_ATTRIBUTE_push(*sk, attr)) {
-            X509_ATTRIBUTE_free(attr);
-            return 0;
-        }
-    } else {
-        int i;
-
-        for (i = 0; i < sk_X509_ATTRIBUTE_num(*sk); i++) {
-            attr = sk_X509_ATTRIBUTE_value(*sk, i);
-            if (OBJ_obj2nid(attr->object) == nid) {
-                X509_ATTRIBUTE_free(attr);
-                attr = X509_ATTRIBUTE_create(nid, atrtype, value);
-                if (attr == NULL)
-                    return 0;
-                if (!sk_X509_ATTRIBUTE_set(*sk, i, attr)) {
-                    X509_ATTRIBUTE_free(attr);
-                    return 0;
-                }
-                goto end;
-            }
-        }
-        goto new_attrib;
-    }
- end:
-    return (1);
-}
diff --git a/thirdparty/openssl/crypto/pkcs7/pk7_enc.c b/thirdparty/openssl/crypto/pkcs7/pk7_enc.c
deleted file mode 100644
index 6983e014cd..0000000000
--- a/thirdparty/openssl/crypto/pkcs7/pk7_enc.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/* crypto/pkcs7/pk7_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/pkcs7.h>
-
-PKCS7_in_bio(PKCS7 *p7, BIO *in);
-PKCS7_out_bio(PKCS7 *p7, BIO *out);
-
-PKCS7_add_signer(PKCS7 *p7, X509 *cert, EVP_PKEY *key);
-PKCS7_cipher(PKCS7 *p7, EVP_CIPHER *cipher);
-
-PKCS7_Init(PKCS7 *p7);
-PKCS7_Update(PKCS7 *p7);
-PKCS7_Finish(PKCS7 *p7);
diff --git a/thirdparty/openssl/crypto/pkcs7/pk7_lib.c b/thirdparty/openssl/crypto/pkcs7/pk7_lib.c
deleted file mode 100644
index 0c5fcaa6aa..0000000000
--- a/thirdparty/openssl/crypto/pkcs7/pk7_lib.c
+++ /dev/null
@@ -1,646 +0,0 @@
-/* crypto/pkcs7/pk7_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include "asn1_locl.h"
-
-long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg)
-{
-    int nid;
-    long ret;
-
-    nid = OBJ_obj2nid(p7->type);
-
-    switch (cmd) {
-    /* NOTE(emilia): does not support detached digested data. */
-    case PKCS7_OP_SET_DETACHED_SIGNATURE:
-        if (nid == NID_pkcs7_signed) {
-            ret = p7->detached = (int)larg;
-            if (ret && PKCS7_type_is_data(p7->d.sign->contents)) {
-                ASN1_OCTET_STRING *os;
-                os = p7->d.sign->contents->d.data;
-                ASN1_OCTET_STRING_free(os);
-                p7->d.sign->contents->d.data = NULL;
-            }
-        } else {
-            PKCS7err(PKCS7_F_PKCS7_CTRL,
-                     PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
-            ret = 0;
-        }
-        break;
-    case PKCS7_OP_GET_DETACHED_SIGNATURE:
-        if (nid == NID_pkcs7_signed) {
-            if (!p7->d.sign || !p7->d.sign->contents->d.ptr)
-                ret = 1;
-            else
-                ret = 0;
-
-            p7->detached = ret;
-        } else {
-            PKCS7err(PKCS7_F_PKCS7_CTRL,
-                     PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
-            ret = 0;
-        }
-
-        break;
-    default:
-        PKCS7err(PKCS7_F_PKCS7_CTRL, PKCS7_R_UNKNOWN_OPERATION);
-        ret = 0;
-    }
-    return (ret);
-}
-
-int PKCS7_content_new(PKCS7 *p7, int type)
-{
-    PKCS7 *ret = NULL;
-
-    if ((ret = PKCS7_new()) == NULL)
-        goto err;
-    if (!PKCS7_set_type(ret, type))
-        goto err;
-    if (!PKCS7_set_content(p7, ret))
-        goto err;
-
-    return (1);
- err:
-    if (ret != NULL)
-        PKCS7_free(ret);
-    return (0);
-}
-
-int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data)
-{
-    int i;
-
-    i = OBJ_obj2nid(p7->type);
-    switch (i) {
-    case NID_pkcs7_signed:
-        if (p7->d.sign->contents != NULL)
-            PKCS7_free(p7->d.sign->contents);
-        p7->d.sign->contents = p7_data;
-        break;
-    case NID_pkcs7_digest:
-        if (p7->d.digest->contents != NULL)
-            PKCS7_free(p7->d.digest->contents);
-        p7->d.digest->contents = p7_data;
-        break;
-    case NID_pkcs7_data:
-    case NID_pkcs7_enveloped:
-    case NID_pkcs7_signedAndEnveloped:
-    case NID_pkcs7_encrypted:
-    default:
-        PKCS7err(PKCS7_F_PKCS7_SET_CONTENT, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
-        goto err;
-    }
-    return (1);
- err:
-    return (0);
-}
-
-int PKCS7_set_type(PKCS7 *p7, int type)
-{
-    ASN1_OBJECT *obj;
-
-    /*
-     * PKCS7_content_free(p7);
-     */
-    obj = OBJ_nid2obj(type);    /* will not fail */
-
-    switch (type) {
-    case NID_pkcs7_signed:
-        p7->type = obj;
-        if ((p7->d.sign = PKCS7_SIGNED_new()) == NULL)
-            goto err;
-        if (!ASN1_INTEGER_set(p7->d.sign->version, 1)) {
-            PKCS7_SIGNED_free(p7->d.sign);
-            p7->d.sign = NULL;
-            goto err;
-        }
-        break;
-    case NID_pkcs7_data:
-        p7->type = obj;
-        if ((p7->d.data = M_ASN1_OCTET_STRING_new()) == NULL)
-            goto err;
-        break;
-    case NID_pkcs7_signedAndEnveloped:
-        p7->type = obj;
-        if ((p7->d.signed_and_enveloped = PKCS7_SIGN_ENVELOPE_new())
-            == NULL)
-            goto err;
-        ASN1_INTEGER_set(p7->d.signed_and_enveloped->version, 1);
-        if (!ASN1_INTEGER_set(p7->d.signed_and_enveloped->version, 1))
-            goto err;
-        p7->d.signed_and_enveloped->enc_data->content_type
-            = OBJ_nid2obj(NID_pkcs7_data);
-        break;
-    case NID_pkcs7_enveloped:
-        p7->type = obj;
-        if ((p7->d.enveloped = PKCS7_ENVELOPE_new())
-            == NULL)
-            goto err;
-        if (!ASN1_INTEGER_set(p7->d.enveloped->version, 0))
-            goto err;
-        p7->d.enveloped->enc_data->content_type = OBJ_nid2obj(NID_pkcs7_data);
-        break;
-    case NID_pkcs7_encrypted:
-        p7->type = obj;
-        if ((p7->d.encrypted = PKCS7_ENCRYPT_new())
-            == NULL)
-            goto err;
-        if (!ASN1_INTEGER_set(p7->d.encrypted->version, 0))
-            goto err;
-        p7->d.encrypted->enc_data->content_type = OBJ_nid2obj(NID_pkcs7_data);
-        break;
-
-    case NID_pkcs7_digest:
-        p7->type = obj;
-        if ((p7->d.digest = PKCS7_DIGEST_new())
-            == NULL)
-            goto err;
-        if (!ASN1_INTEGER_set(p7->d.digest->version, 0))
-            goto err;
-        break;
-    default:
-        PKCS7err(PKCS7_F_PKCS7_SET_TYPE, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
-        goto err;
-    }
-    return (1);
- err:
-    return (0);
-}
-
-int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other)
-{
-    p7->type = OBJ_nid2obj(type);
-    p7->d.other = other;
-    return 1;
-}
-
-int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi)
-{
-    int i, j, nid;
-    X509_ALGOR *alg;
-    STACK_OF(PKCS7_SIGNER_INFO) *signer_sk;
-    STACK_OF(X509_ALGOR) *md_sk;
-
-    i = OBJ_obj2nid(p7->type);
-    switch (i) {
-    case NID_pkcs7_signed:
-        signer_sk = p7->d.sign->signer_info;
-        md_sk = p7->d.sign->md_algs;
-        break;
-    case NID_pkcs7_signedAndEnveloped:
-        signer_sk = p7->d.signed_and_enveloped->signer_info;
-        md_sk = p7->d.signed_and_enveloped->md_algs;
-        break;
-    default:
-        PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER, PKCS7_R_WRONG_CONTENT_TYPE);
-        return (0);
-    }
-
-    nid = OBJ_obj2nid(psi->digest_alg->algorithm);
-
-    /* If the digest is not currently listed, add it */
-    j = 0;
-    for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++) {
-        alg = sk_X509_ALGOR_value(md_sk, i);
-        if (OBJ_obj2nid(alg->algorithm) == nid) {
-            j = 1;
-            break;
-        }
-    }
-    if (!j) {                   /* we need to add another algorithm */
-        if (!(alg = X509_ALGOR_new())
-            || !(alg->parameter = ASN1_TYPE_new())) {
-            X509_ALGOR_free(alg);
-            PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER, ERR_R_MALLOC_FAILURE);
-            return (0);
-        }
-        alg->algorithm = OBJ_nid2obj(nid);
-        alg->parameter->type = V_ASN1_NULL;
-        if (!sk_X509_ALGOR_push(md_sk, alg)) {
-            X509_ALGOR_free(alg);
-            return 0;
-        }
-    }
-
-    if (!sk_PKCS7_SIGNER_INFO_push(signer_sk, psi))
-        return 0;
-    return (1);
-}
-
-int PKCS7_add_certificate(PKCS7 *p7, X509 *x509)
-{
-    int i;
-    STACK_OF(X509) **sk;
-
-    i = OBJ_obj2nid(p7->type);
-    switch (i) {
-    case NID_pkcs7_signed:
-        sk = &(p7->d.sign->cert);
-        break;
-    case NID_pkcs7_signedAndEnveloped:
-        sk = &(p7->d.signed_and_enveloped->cert);
-        break;
-    default:
-        PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE, PKCS7_R_WRONG_CONTENT_TYPE);
-        return (0);
-    }
-
-    if (*sk == NULL)
-        *sk = sk_X509_new_null();
-    if (*sk == NULL) {
-        PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509);
-    if (!sk_X509_push(*sk, x509)) {
-        X509_free(x509);
-        return 0;
-    }
-    return (1);
-}
-
-int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl)
-{
-    int i;
-    STACK_OF(X509_CRL) **sk;
-
-    i = OBJ_obj2nid(p7->type);
-    switch (i) {
-    case NID_pkcs7_signed:
-        sk = &(p7->d.sign->crl);
-        break;
-    case NID_pkcs7_signedAndEnveloped:
-        sk = &(p7->d.signed_and_enveloped->crl);
-        break;
-    default:
-        PKCS7err(PKCS7_F_PKCS7_ADD_CRL, PKCS7_R_WRONG_CONTENT_TYPE);
-        return (0);
-    }
-
-    if (*sk == NULL)
-        *sk = sk_X509_CRL_new_null();
-    if (*sk == NULL) {
-        PKCS7err(PKCS7_F_PKCS7_ADD_CRL, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-
-    CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509_CRL);
-    if (!sk_X509_CRL_push(*sk, crl)) {
-        X509_CRL_free(crl);
-        return 0;
-    }
-    return (1);
-}
-
-int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
-                          const EVP_MD *dgst)
-{
-    int ret;
-
-    /* We now need to add another PKCS7_SIGNER_INFO entry */
-    if (!ASN1_INTEGER_set(p7i->version, 1))
-        goto err;
-    if (!X509_NAME_set(&p7i->issuer_and_serial->issuer,
-                       X509_get_issuer_name(x509)))
-        goto err;
-
-    /*
-     * because ASN1_INTEGER_set is used to set a 'long' we will do things the
-     * ugly way.
-     */
-    M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
-    if (!(p7i->issuer_and_serial->serial =
-          M_ASN1_INTEGER_dup(X509_get_serialNumber(x509))))
-        goto err;
-
-    /* lets keep the pkey around for a while */
-    CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
-    p7i->pkey = pkey;
-
-    /* Set the algorithms */
-
-    X509_ALGOR_set0(p7i->digest_alg, OBJ_nid2obj(EVP_MD_type(dgst)),
-                    V_ASN1_NULL, NULL);
-
-    if (pkey->ameth && pkey->ameth->pkey_ctrl) {
-        ret = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_PKCS7_SIGN, 0, p7i);
-        if (ret > 0)
-            return 1;
-        if (ret != -2) {
-            PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SET,
-                     PKCS7_R_SIGNING_CTRL_FAILURE);
-            return 0;
-        }
-    }
-    PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SET,
-             PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
- err:
-    return 0;
-}
-
-PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey,
-                                       const EVP_MD *dgst)
-{
-    PKCS7_SIGNER_INFO *si = NULL;
-
-    if (dgst == NULL) {
-        int def_nid;
-        if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) <= 0)
-            goto err;
-        dgst = EVP_get_digestbynid(def_nid);
-        if (dgst == NULL) {
-            PKCS7err(PKCS7_F_PKCS7_ADD_SIGNATURE, PKCS7_R_NO_DEFAULT_DIGEST);
-            goto err;
-        }
-    }
-
-    if ((si = PKCS7_SIGNER_INFO_new()) == NULL)
-        goto err;
-    if (!PKCS7_SIGNER_INFO_set(si, x509, pkey, dgst))
-        goto err;
-    if (!PKCS7_add_signer(p7, si))
-        goto err;
-    return (si);
- err:
-    if (si)
-        PKCS7_SIGNER_INFO_free(si);
-    return (NULL);
-}
-
-int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md)
-{
-    if (PKCS7_type_is_digest(p7)) {
-        if (!(p7->d.digest->md->parameter = ASN1_TYPE_new())) {
-            PKCS7err(PKCS7_F_PKCS7_SET_DIGEST, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-        p7->d.digest->md->parameter->type = V_ASN1_NULL;
-        p7->d.digest->md->algorithm = OBJ_nid2obj(EVP_MD_nid(md));
-        return 1;
-    }
-
-    PKCS7err(PKCS7_F_PKCS7_SET_DIGEST, PKCS7_R_WRONG_CONTENT_TYPE);
-    return 1;
-}
-
-STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7)
-{
-    if (p7 == NULL || p7->d.ptr == NULL)
-        return NULL;
-    if (PKCS7_type_is_signed(p7)) {
-        return (p7->d.sign->signer_info);
-    } else if (PKCS7_type_is_signedAndEnveloped(p7)) {
-        return (p7->d.signed_and_enveloped->signer_info);
-    } else
-        return (NULL);
-}
-
-void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk,
-                                 X509_ALGOR **pdig, X509_ALGOR **psig)
-{
-    if (pk)
-        *pk = si->pkey;
-    if (pdig)
-        *pdig = si->digest_alg;
-    if (psig)
-        *psig = si->digest_enc_alg;
-}
-
-void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc)
-{
-    if (penc)
-        *penc = ri->key_enc_algor;
-}
-
-PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509)
-{
-    PKCS7_RECIP_INFO *ri;
-
-    if ((ri = PKCS7_RECIP_INFO_new()) == NULL)
-        goto err;
-    if (!PKCS7_RECIP_INFO_set(ri, x509))
-        goto err;
-    if (!PKCS7_add_recipient_info(p7, ri))
-        goto err;
-    return ri;
- err:
-    if (ri)
-        PKCS7_RECIP_INFO_free(ri);
-    return NULL;
-}
-
-int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri)
-{
-    int i;
-    STACK_OF(PKCS7_RECIP_INFO) *sk;
-
-    i = OBJ_obj2nid(p7->type);
-    switch (i) {
-    case NID_pkcs7_signedAndEnveloped:
-        sk = p7->d.signed_and_enveloped->recipientinfo;
-        break;
-    case NID_pkcs7_enveloped:
-        sk = p7->d.enveloped->recipientinfo;
-        break;
-    default:
-        PKCS7err(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,
-                 PKCS7_R_WRONG_CONTENT_TYPE);
-        return (0);
-    }
-
-    if (!sk_PKCS7_RECIP_INFO_push(sk, ri))
-        return 0;
-    return (1);
-}
-
-int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509)
-{
-    int ret;
-    EVP_PKEY *pkey = NULL;
-    if (!ASN1_INTEGER_set(p7i->version, 0))
-        return 0;
-    if (!X509_NAME_set(&p7i->issuer_and_serial->issuer,
-                       X509_get_issuer_name(x509)))
-        return 0;
-
-    M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
-    if (!(p7i->issuer_and_serial->serial =
-          M_ASN1_INTEGER_dup(X509_get_serialNumber(x509))))
-        return 0;
-
-    pkey = X509_get_pubkey(x509);
-
-    if (!pkey || !pkey->ameth || !pkey->ameth->pkey_ctrl) {
-        PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET,
-                 PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
-        goto err;
-    }
-
-    ret = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_PKCS7_ENCRYPT, 0, p7i);
-    if (ret == -2) {
-        PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET,
-                 PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
-        goto err;
-    }
-    if (ret <= 0) {
-        PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET,
-                 PKCS7_R_ENCRYPTION_CTRL_FAILURE);
-        goto err;
-    }
-
-    EVP_PKEY_free(pkey);
-
-    CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509);
-    p7i->cert = x509;
-
-    return 1;
-
- err:
-    if (pkey)
-        EVP_PKEY_free(pkey);
-    return 0;
-}
-
-X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si)
-{
-    if (PKCS7_type_is_signed(p7))
-        return (X509_find_by_issuer_and_serial(p7->d.sign->cert,
-                                               si->issuer_and_serial->issuer,
-                                               si->
-                                               issuer_and_serial->serial));
-    else
-        return (NULL);
-}
-
-int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
-{
-    int i;
-    PKCS7_ENC_CONTENT *ec;
-
-    i = OBJ_obj2nid(p7->type);
-    switch (i) {
-    case NID_pkcs7_signedAndEnveloped:
-        ec = p7->d.signed_and_enveloped->enc_data;
-        break;
-    case NID_pkcs7_enveloped:
-        ec = p7->d.enveloped->enc_data;
-        break;
-    default:
-        PKCS7err(PKCS7_F_PKCS7_SET_CIPHER, PKCS7_R_WRONG_CONTENT_TYPE);
-        return (0);
-    }
-
-    /* Check cipher OID exists and has data in it */
-    i = EVP_CIPHER_type(cipher);
-    if (i == NID_undef) {
-        PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,
-                 PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
-        return (0);
-    }
-
-    ec->cipher = cipher;
-    return 1;
-}
-
-int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7)
-{
-    ASN1_OCTET_STRING *os = NULL;
-
-    switch (OBJ_obj2nid(p7->type)) {
-    case NID_pkcs7_data:
-        os = p7->d.data;
-        break;
-
-    case NID_pkcs7_signedAndEnveloped:
-        os = p7->d.signed_and_enveloped->enc_data->enc_data;
-        if (os == NULL) {
-            os = M_ASN1_OCTET_STRING_new();
-            p7->d.signed_and_enveloped->enc_data->enc_data = os;
-        }
-        break;
-
-    case NID_pkcs7_enveloped:
-        os = p7->d.enveloped->enc_data->enc_data;
-        if (os == NULL) {
-            os = M_ASN1_OCTET_STRING_new();
-            p7->d.enveloped->enc_data->enc_data = os;
-        }
-        break;
-
-    case NID_pkcs7_signed:
-        os = p7->d.sign->contents->d.data;
-        break;
-
-    default:
-        os = NULL;
-        break;
-    }
-
-    if (os == NULL)
-        return 0;
-
-    os->flags |= ASN1_STRING_FLAG_NDEF;
-    *boundary = &os->data;
-
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/pkcs7/pk7_mime.c b/thirdparty/openssl/crypto/pkcs7/pk7_mime.c
deleted file mode 100644
index 62fb2997ee..0000000000
--- a/thirdparty/openssl/crypto/pkcs7/pk7_mime.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/* pk7_mime.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-
-/* PKCS#7 wrappers round generalised stream and MIME routines */
-
-int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags)
-{
-    return i2d_ASN1_bio_stream(out, (ASN1_VALUE *)p7, in, flags,
-                               ASN1_ITEM_rptr(PKCS7));
-}
-
-int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags)
-{
-    return PEM_write_bio_ASN1_stream(out, (ASN1_VALUE *)p7, in, flags,
-                                     "PKCS7", ASN1_ITEM_rptr(PKCS7));
-}
-
-int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)
-{
-    STACK_OF(X509_ALGOR) *mdalgs;
-    int ctype_nid = OBJ_obj2nid(p7->type);
-    if (ctype_nid == NID_pkcs7_signed)
-        mdalgs = p7->d.sign->md_algs;
-    else
-        mdalgs = NULL;
-
-    flags ^= SMIME_OLDMIME;
-
-    return SMIME_write_ASN1(bio, (ASN1_VALUE *)p7, data, flags,
-                            ctype_nid, NID_undef, mdalgs,
-                            ASN1_ITEM_rptr(PKCS7));
-}
-
-PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont)
-{
-    return (PKCS7 *)SMIME_read_ASN1(bio, bcont, ASN1_ITEM_rptr(PKCS7));
-}
diff --git a/thirdparty/openssl/crypto/pkcs7/pk7_smime.c b/thirdparty/openssl/crypto/pkcs7/pk7_smime.c
deleted file mode 100644
index dc9b484078..0000000000
--- a/thirdparty/openssl/crypto/pkcs7/pk7_smime.c
+++ /dev/null
@@ -1,590 +0,0 @@
-/* pk7_smime.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* Simple PKCS#7 processing functions */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-static int pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
-
-PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
-                  BIO *data, int flags)
-{
-    PKCS7 *p7;
-    int i;
-
-    if (!(p7 = PKCS7_new())) {
-        PKCS7err(PKCS7_F_PKCS7_SIGN, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    if (!PKCS7_set_type(p7, NID_pkcs7_signed))
-        goto err;
-
-    if (!PKCS7_content_new(p7, NID_pkcs7_data))
-        goto err;
-
-    if (pkey && !PKCS7_sign_add_signer(p7, signcert, pkey, NULL, flags)) {
-        PKCS7err(PKCS7_F_PKCS7_SIGN, PKCS7_R_PKCS7_ADD_SIGNER_ERROR);
-        goto err;
-    }
-
-    if (!(flags & PKCS7_NOCERTS)) {
-        for (i = 0; i < sk_X509_num(certs); i++) {
-            if (!PKCS7_add_certificate(p7, sk_X509_value(certs, i)))
-                goto err;
-        }
-    }
-
-    if (flags & PKCS7_DETACHED)
-        PKCS7_set_detached(p7, 1);
-
-    if (flags & (PKCS7_STREAM | PKCS7_PARTIAL))
-        return p7;
-
-    if (PKCS7_final(p7, data, flags))
-        return p7;
-
- err:
-    PKCS7_free(p7);
-    return NULL;
-}
-
-int PKCS7_final(PKCS7 *p7, BIO *data, int flags)
-{
-    BIO *p7bio;
-    int ret = 0;
-    if (!(p7bio = PKCS7_dataInit(p7, NULL))) {
-        PKCS7err(PKCS7_F_PKCS7_FINAL, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-
-    SMIME_crlf_copy(data, p7bio, flags);
-
-    (void)BIO_flush(p7bio);
-
-    if (!PKCS7_dataFinal(p7, p7bio)) {
-        PKCS7err(PKCS7_F_PKCS7_FINAL, PKCS7_R_PKCS7_DATASIGN);
-        goto err;
-    }
-
-    ret = 1;
-
- err:
-    BIO_free_all(p7bio);
-
-    return ret;
-
-}
-
-/* Check to see if a cipher exists and if so add S/MIME capabilities */
-
-static int add_cipher_smcap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
-{
-    if (EVP_get_cipherbynid(nid))
-        return PKCS7_simple_smimecap(sk, nid, arg);
-    return 1;
-}
-
-static int add_digest_smcap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
-{
-    if (EVP_get_digestbynid(nid))
-        return PKCS7_simple_smimecap(sk, nid, arg);
-    return 1;
-}
-
-PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert,
-                                         EVP_PKEY *pkey, const EVP_MD *md,
-                                         int flags)
-{
-    PKCS7_SIGNER_INFO *si = NULL;
-    STACK_OF(X509_ALGOR) *smcap = NULL;
-    if (!X509_check_private_key(signcert, pkey)) {
-        PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER,
-                 PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
-        return NULL;
-    }
-
-    if (!(si = PKCS7_add_signature(p7, signcert, pkey, md))) {
-        PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER,
-                 PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);
-        return NULL;
-    }
-
-    if (!(flags & PKCS7_NOCERTS)) {
-        if (!PKCS7_add_certificate(p7, signcert))
-            goto err;
-    }
-
-    if (!(flags & PKCS7_NOATTR)) {
-        if (!PKCS7_add_attrib_content_type(si, NULL))
-            goto err;
-        /* Add SMIMECapabilities */
-        if (!(flags & PKCS7_NOSMIMECAP)) {
-            if (!(smcap = sk_X509_ALGOR_new_null())) {
-                PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            if (!add_cipher_smcap(smcap, NID_aes_256_cbc, -1)
-                || !add_digest_smcap(smcap, NID_id_GostR3411_94, -1)
-                || !add_cipher_smcap(smcap, NID_id_Gost28147_89, -1)
-                || !add_cipher_smcap(smcap, NID_aes_192_cbc, -1)
-                || !add_cipher_smcap(smcap, NID_aes_128_cbc, -1)
-                || !add_cipher_smcap(smcap, NID_des_ede3_cbc, -1)
-                || !add_cipher_smcap(smcap, NID_rc2_cbc, 128)
-                || !add_cipher_smcap(smcap, NID_rc2_cbc, 64)
-                || !add_cipher_smcap(smcap, NID_des_cbc, -1)
-                || !add_cipher_smcap(smcap, NID_rc2_cbc, 40)
-                || !PKCS7_add_attrib_smimecap(si, smcap))
-                goto err;
-            sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
-            smcap = NULL;
-        }
-        if (flags & PKCS7_REUSE_DIGEST) {
-            if (!pkcs7_copy_existing_digest(p7, si))
-                goto err;
-            if (!(flags & PKCS7_PARTIAL) && !PKCS7_SIGNER_INFO_sign(si))
-                goto err;
-        }
-    }
-    return si;
- err:
-    if (smcap)
-        sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
-    return NULL;
-}
-
-/*
- * Search for a digest matching SignerInfo digest type and if found copy
- * across.
- */
-
-static int pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si)
-{
-    int i;
-    STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
-    PKCS7_SIGNER_INFO *sitmp;
-    ASN1_OCTET_STRING *osdig = NULL;
-    sinfos = PKCS7_get_signer_info(p7);
-    for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) {
-        sitmp = sk_PKCS7_SIGNER_INFO_value(sinfos, i);
-        if (si == sitmp)
-            break;
-        if (sk_X509_ATTRIBUTE_num(sitmp->auth_attr) <= 0)
-            continue;
-        if (!OBJ_cmp(si->digest_alg->algorithm, sitmp->digest_alg->algorithm)) {
-            osdig = PKCS7_digest_from_attributes(sitmp->auth_attr);
-            break;
-        }
-
-    }
-
-    if (osdig)
-        return PKCS7_add1_attrib_digest(si, osdig->data, osdig->length);
-
-    PKCS7err(PKCS7_F_PKCS7_COPY_EXISTING_DIGEST,
-             PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND);
-    return 0;
-}
-
-int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
-                 BIO *indata, BIO *out, int flags)
-{
-    STACK_OF(X509) *signers;
-    X509 *signer;
-    STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
-    PKCS7_SIGNER_INFO *si;
-    X509_STORE_CTX cert_ctx;
-    char buf[4096];
-    int i, j = 0, k, ret = 0;
-    BIO *p7bio = NULL;
-    BIO *tmpin = NULL, *tmpout = NULL;
-
-    if (!p7) {
-        PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_INVALID_NULL_POINTER);
-        return 0;
-    }
-
-    if (!PKCS7_type_is_signed(p7)) {
-        PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_WRONG_CONTENT_TYPE);
-        return 0;
-    }
-
-    /* Check for no data and no content: no data to verify signature */
-    if (PKCS7_get_detached(p7) && !indata) {
-        PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_NO_CONTENT);
-        return 0;
-    }
-#if 0
-    /*
-     * NB: this test commented out because some versions of Netscape
-     * illegally include zero length content when signing data. Also
-     * Microsoft Authenticode includes a SpcIndirectDataContent data
-     * structure which describes the content to be protected by the
-     * signature, rather than directly embedding that content. So
-     * Authenticode implementations are also expected to use
-     * PKCS7_verify() with explicit external data, on non-detached
-     * PKCS#7 signatures.
-     *
-     * In OpenSSL 1.1 a new flag PKCS7_NO_DUAL_CONTENT has been
-     * introduced to disable this sanity check. For the 1.0.2 branch
-     * this change is not acceptable, so the check remains completely
-     * commented out (as it has been for a long time).
-     */
-
-    /* Check for data and content: two sets of data */
-    if (!PKCS7_get_detached(p7) && indata) {
-        PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_CONTENT_AND_DATA_PRESENT);
-        return 0;
-    }
-#endif
-
-    sinfos = PKCS7_get_signer_info(p7);
-
-    if (!sinfos || !sk_PKCS7_SIGNER_INFO_num(sinfos)) {
-        PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_NO_SIGNATURES_ON_DATA);
-        return 0;
-    }
-
-    signers = PKCS7_get0_signers(p7, certs, flags);
-    if (!signers)
-        return 0;
-
-    /* Now verify the certificates */
-
-    if (!(flags & PKCS7_NOVERIFY))
-        for (k = 0; k < sk_X509_num(signers); k++) {
-            signer = sk_X509_value(signers, k);
-            if (!(flags & PKCS7_NOCHAIN)) {
-                if (!X509_STORE_CTX_init(&cert_ctx, store, signer,
-                                         p7->d.sign->cert)) {
-                    PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_X509_LIB);
-                    goto err;
-                }
-                X509_STORE_CTX_set_default(&cert_ctx, "smime_sign");
-            } else if (!X509_STORE_CTX_init(&cert_ctx, store, signer, NULL)) {
-                PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_X509_LIB);
-                goto err;
-            }
-            if (!(flags & PKCS7_NOCRL))
-                X509_STORE_CTX_set0_crls(&cert_ctx, p7->d.sign->crl);
-            i = X509_verify_cert(&cert_ctx);
-            if (i <= 0)
-                j = X509_STORE_CTX_get_error(&cert_ctx);
-            X509_STORE_CTX_cleanup(&cert_ctx);
-            if (i <= 0) {
-                PKCS7err(PKCS7_F_PKCS7_VERIFY,
-                         PKCS7_R_CERTIFICATE_VERIFY_ERROR);
-                ERR_add_error_data(2, "Verify error:",
-                                   X509_verify_cert_error_string(j));
-                goto err;
-            }
-            /* Check for revocation status here */
-        }
-
-    /*
-     * Performance optimization: if the content is a memory BIO then store
-     * its contents in a temporary read only memory BIO. This avoids
-     * potentially large numbers of slow copies of data which will occur when
-     * reading from a read write memory BIO when signatures are calculated.
-     */
-
-    if (indata && (BIO_method_type(indata) == BIO_TYPE_MEM)) {
-        char *ptr;
-        long len;
-        len = BIO_get_mem_data(indata, &ptr);
-        tmpin = BIO_new_mem_buf(ptr, len);
-        if (tmpin == NULL) {
-            PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-    } else
-        tmpin = indata;
-
-    if (!(p7bio = PKCS7_dataInit(p7, tmpin)))
-        goto err;
-
-    if (flags & PKCS7_TEXT) {
-        if (!(tmpout = BIO_new(BIO_s_mem()))) {
-            PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        BIO_set_mem_eof_return(tmpout, 0);
-    } else
-        tmpout = out;
-
-    /* We now have to 'read' from p7bio to calculate digests etc. */
-    for (;;) {
-        i = BIO_read(p7bio, buf, sizeof(buf));
-        if (i <= 0)
-            break;
-        if (tmpout)
-            BIO_write(tmpout, buf, i);
-    }
-
-    if (flags & PKCS7_TEXT) {
-        if (!SMIME_text(tmpout, out)) {
-            PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_SMIME_TEXT_ERROR);
-            BIO_free(tmpout);
-            goto err;
-        }
-        BIO_free(tmpout);
-    }
-
-    /* Now Verify All Signatures */
-    if (!(flags & PKCS7_NOSIGS))
-        for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) {
-            si = sk_PKCS7_SIGNER_INFO_value(sinfos, i);
-            signer = sk_X509_value(signers, i);
-            j = PKCS7_signatureVerify(p7bio, p7, si, signer);
-            if (j <= 0) {
-                PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_SIGNATURE_FAILURE);
-                goto err;
-            }
-        }
-
-    ret = 1;
-
- err:
-    if (tmpin == indata) {
-        if (indata)
-            BIO_pop(p7bio);
-    }
-    BIO_free_all(p7bio);
-    sk_X509_free(signers);
-    return ret;
-}
-
-STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs,
-                                   int flags)
-{
-    STACK_OF(X509) *signers;
-    STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
-    PKCS7_SIGNER_INFO *si;
-    PKCS7_ISSUER_AND_SERIAL *ias;
-    X509 *signer;
-    int i;
-
-    if (!p7) {
-        PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, PKCS7_R_INVALID_NULL_POINTER);
-        return NULL;
-    }
-
-    if (!PKCS7_type_is_signed(p7)) {
-        PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, PKCS7_R_WRONG_CONTENT_TYPE);
-        return NULL;
-    }
-
-    /* Collect all the signers together */
-
-    sinfos = PKCS7_get_signer_info(p7);
-
-    if (sk_PKCS7_SIGNER_INFO_num(sinfos) <= 0) {
-        PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, PKCS7_R_NO_SIGNERS);
-        return 0;
-    }
-
-    if (!(signers = sk_X509_new_null())) {
-        PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) {
-        si = sk_PKCS7_SIGNER_INFO_value(sinfos, i);
-        ias = si->issuer_and_serial;
-        signer = NULL;
-        /* If any certificates passed they take priority */
-        if (certs)
-            signer = X509_find_by_issuer_and_serial(certs,
-                                                    ias->issuer, ias->serial);
-        if (!signer && !(flags & PKCS7_NOINTERN)
-            && p7->d.sign->cert)
-            signer =
-                X509_find_by_issuer_and_serial(p7->d.sign->cert,
-                                               ias->issuer, ias->serial);
-        if (!signer) {
-            PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,
-                     PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND);
-            sk_X509_free(signers);
-            return 0;
-        }
-
-        if (!sk_X509_push(signers, signer)) {
-            sk_X509_free(signers);
-            return NULL;
-        }
-    }
-    return signers;
-}
-
-/* Build a complete PKCS#7 enveloped data */
-
-PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
-                     int flags)
-{
-    PKCS7 *p7;
-    BIO *p7bio = NULL;
-    int i;
-    X509 *x509;
-    if (!(p7 = PKCS7_new())) {
-        PKCS7err(PKCS7_F_PKCS7_ENCRYPT, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    if (!PKCS7_set_type(p7, NID_pkcs7_enveloped))
-        goto err;
-    if (!PKCS7_set_cipher(p7, cipher)) {
-        PKCS7err(PKCS7_F_PKCS7_ENCRYPT, PKCS7_R_ERROR_SETTING_CIPHER);
-        goto err;
-    }
-
-    for (i = 0; i < sk_X509_num(certs); i++) {
-        x509 = sk_X509_value(certs, i);
-        if (!PKCS7_add_recipient(p7, x509)) {
-            PKCS7err(PKCS7_F_PKCS7_ENCRYPT, PKCS7_R_ERROR_ADDING_RECIPIENT);
-            goto err;
-        }
-    }
-
-    if (flags & PKCS7_STREAM)
-        return p7;
-
-    if (PKCS7_final(p7, in, flags))
-        return p7;
-
- err:
-
-    BIO_free_all(p7bio);
-    PKCS7_free(p7);
-    return NULL;
-
-}
-
-int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags)
-{
-    BIO *tmpmem;
-    int ret, i;
-    char buf[4096];
-
-    if (!p7) {
-        PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_INVALID_NULL_POINTER);
-        return 0;
-    }
-
-    if (!PKCS7_type_is_enveloped(p7)) {
-        PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_WRONG_CONTENT_TYPE);
-        return 0;
-    }
-
-    if (cert && !X509_check_private_key(cert, pkey)) {
-        PKCS7err(PKCS7_F_PKCS7_DECRYPT,
-                 PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
-        return 0;
-    }
-
-    if (!(tmpmem = PKCS7_dataDecode(p7, pkey, NULL, cert))) {
-        PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_DECRYPT_ERROR);
-        return 0;
-    }
-
-    if (flags & PKCS7_TEXT) {
-        BIO *tmpbuf, *bread;
-        /* Encrypt BIOs can't do BIO_gets() so add a buffer BIO */
-        if (!(tmpbuf = BIO_new(BIO_f_buffer()))) {
-            PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE);
-            BIO_free_all(tmpmem);
-            return 0;
-        }
-        if (!(bread = BIO_push(tmpbuf, tmpmem))) {
-            PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE);
-            BIO_free_all(tmpbuf);
-            BIO_free_all(tmpmem);
-            return 0;
-        }
-        ret = SMIME_text(bread, data);
-        if (ret > 0 && BIO_method_type(tmpmem) == BIO_TYPE_CIPHER) {
-            if (!BIO_get_cipher_status(tmpmem))
-                ret = 0;
-        }
-        BIO_free_all(bread);
-        return ret;
-    } else {
-        for (;;) {
-            i = BIO_read(tmpmem, buf, sizeof(buf));
-            if (i <= 0) {
-                ret = 1;
-                if (BIO_method_type(tmpmem) == BIO_TYPE_CIPHER) {
-                    if (!BIO_get_cipher_status(tmpmem))
-                        ret = 0;
-                }
-
-                break;
-            }
-            if (BIO_write(data, buf, i) != i) {
-                ret = 0;
-                break;
-            }
-        }
-        BIO_free_all(tmpmem);
-        return ret;
-    }
-}
diff --git a/thirdparty/openssl/crypto/pkcs7/pkcs7err.c b/thirdparty/openssl/crypto/pkcs7/pkcs7err.c
deleted file mode 100644
index 323513fe8e..0000000000
--- a/thirdparty/openssl/crypto/pkcs7/pkcs7err.c
+++ /dev/null
@@ -1,207 +0,0 @@
-/* crypto/pkcs7/pkcs7err.c */
-/* ====================================================================
- * Copyright (c) 1999-2014 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/pkcs7.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_PKCS7,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_PKCS7,0,reason)
-
-static ERR_STRING_DATA PKCS7_str_functs[] = {
-    {ERR_FUNC(PKCS7_F_B64_READ_PKCS7), "B64_READ_PKCS7"},
-    {ERR_FUNC(PKCS7_F_B64_WRITE_PKCS7), "B64_WRITE_PKCS7"},
-    {ERR_FUNC(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB), "DO_PKCS7_SIGNED_ATTRIB"},
-    {ERR_FUNC(PKCS7_F_I2D_PKCS7_BIO_STREAM), "i2d_PKCS7_bio_stream"},
-    {ERR_FUNC(PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME),
-     "PKCS7_add0_attrib_signing_time"},
-    {ERR_FUNC(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP),
-     "PKCS7_add_attrib_smimecap"},
-    {ERR_FUNC(PKCS7_F_PKCS7_ADD_CERTIFICATE), "PKCS7_add_certificate"},
-    {ERR_FUNC(PKCS7_F_PKCS7_ADD_CRL), "PKCS7_add_crl"},
-    {ERR_FUNC(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO), "PKCS7_add_recipient_info"},
-    {ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNATURE), "PKCS7_add_signature"},
-    {ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNER), "PKCS7_add_signer"},
-    {ERR_FUNC(PKCS7_F_PKCS7_BIO_ADD_DIGEST), "PKCS7_BIO_ADD_DIGEST"},
-    {ERR_FUNC(PKCS7_F_PKCS7_COPY_EXISTING_DIGEST),
-     "PKCS7_COPY_EXISTING_DIGEST"},
-    {ERR_FUNC(PKCS7_F_PKCS7_CTRL), "PKCS7_ctrl"},
-    {ERR_FUNC(PKCS7_F_PKCS7_DATADECODE), "PKCS7_dataDecode"},
-    {ERR_FUNC(PKCS7_F_PKCS7_DATAFINAL), "PKCS7_dataFinal"},
-    {ERR_FUNC(PKCS7_F_PKCS7_DATAINIT), "PKCS7_dataInit"},
-    {ERR_FUNC(PKCS7_F_PKCS7_DATASIGN), "PKCS7_DATASIGN"},
-    {ERR_FUNC(PKCS7_F_PKCS7_DATAVERIFY), "PKCS7_dataVerify"},
-    {ERR_FUNC(PKCS7_F_PKCS7_DECRYPT), "PKCS7_decrypt"},
-    {ERR_FUNC(PKCS7_F_PKCS7_DECRYPT_RINFO), "PKCS7_DECRYPT_RINFO"},
-    {ERR_FUNC(PKCS7_F_PKCS7_ENCODE_RINFO), "PKCS7_ENCODE_RINFO"},
-    {ERR_FUNC(PKCS7_F_PKCS7_ENCRYPT), "PKCS7_encrypt"},
-    {ERR_FUNC(PKCS7_F_PKCS7_FINAL), "PKCS7_final"},
-    {ERR_FUNC(PKCS7_F_PKCS7_FIND_DIGEST), "PKCS7_FIND_DIGEST"},
-    {ERR_FUNC(PKCS7_F_PKCS7_GET0_SIGNERS), "PKCS7_get0_signers"},
-    {ERR_FUNC(PKCS7_F_PKCS7_RECIP_INFO_SET), "PKCS7_RECIP_INFO_set"},
-    {ERR_FUNC(PKCS7_F_PKCS7_SET_CIPHER), "PKCS7_set_cipher"},
-    {ERR_FUNC(PKCS7_F_PKCS7_SET_CONTENT), "PKCS7_set_content"},
-    {ERR_FUNC(PKCS7_F_PKCS7_SET_DIGEST), "PKCS7_set_digest"},
-    {ERR_FUNC(PKCS7_F_PKCS7_SET_TYPE), "PKCS7_set_type"},
-    {ERR_FUNC(PKCS7_F_PKCS7_SIGN), "PKCS7_sign"},
-    {ERR_FUNC(PKCS7_F_PKCS7_SIGNATUREVERIFY), "PKCS7_signatureVerify"},
-    {ERR_FUNC(PKCS7_F_PKCS7_SIGNER_INFO_SET), "PKCS7_SIGNER_INFO_set"},
-    {ERR_FUNC(PKCS7_F_PKCS7_SIGNER_INFO_SIGN), "PKCS7_SIGNER_INFO_sign"},
-    {ERR_FUNC(PKCS7_F_PKCS7_SIGN_ADD_SIGNER), "PKCS7_sign_add_signer"},
-    {ERR_FUNC(PKCS7_F_PKCS7_SIMPLE_SMIMECAP), "PKCS7_simple_smimecap"},
-    {ERR_FUNC(PKCS7_F_PKCS7_VERIFY), "PKCS7_verify"},
-    {ERR_FUNC(PKCS7_F_SMIME_READ_PKCS7), "SMIME_read_PKCS7"},
-    {ERR_FUNC(PKCS7_F_SMIME_TEXT), "SMIME_text"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA PKCS7_str_reasons[] = {
-    {ERR_REASON(PKCS7_R_CERTIFICATE_VERIFY_ERROR),
-     "certificate verify error"},
-    {ERR_REASON(PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER),
-     "cipher has no object identifier"},
-    {ERR_REASON(PKCS7_R_CIPHER_NOT_INITIALIZED), "cipher not initialized"},
-    {ERR_REASON(PKCS7_R_CONTENT_AND_DATA_PRESENT),
-     "content and data present"},
-    {ERR_REASON(PKCS7_R_CTRL_ERROR), "ctrl error"},
-    {ERR_REASON(PKCS7_R_DECODE_ERROR), "decode error"},
-    {ERR_REASON(PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH),
-     "decrypted key is wrong length"},
-    {ERR_REASON(PKCS7_R_DECRYPT_ERROR), "decrypt error"},
-    {ERR_REASON(PKCS7_R_DIGEST_FAILURE), "digest failure"},
-    {ERR_REASON(PKCS7_R_ENCRYPTION_CTRL_FAILURE), "encryption ctrl failure"},
-    {ERR_REASON(PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),
-     "encryption not supported for this key type"},
-    {ERR_REASON(PKCS7_R_ERROR_ADDING_RECIPIENT), "error adding recipient"},
-    {ERR_REASON(PKCS7_R_ERROR_SETTING_CIPHER), "error setting cipher"},
-    {ERR_REASON(PKCS7_R_INVALID_MIME_TYPE), "invalid mime type"},
-    {ERR_REASON(PKCS7_R_INVALID_NULL_POINTER), "invalid null pointer"},
-    {ERR_REASON(PKCS7_R_INVALID_SIGNED_DATA_TYPE),
-     "invalid signed data type"},
-    {ERR_REASON(PKCS7_R_MIME_NO_CONTENT_TYPE), "mime no content type"},
-    {ERR_REASON(PKCS7_R_MIME_PARSE_ERROR), "mime parse error"},
-    {ERR_REASON(PKCS7_R_MIME_SIG_PARSE_ERROR), "mime sig parse error"},
-    {ERR_REASON(PKCS7_R_MISSING_CERIPEND_INFO), "missing ceripend info"},
-    {ERR_REASON(PKCS7_R_NO_CONTENT), "no content"},
-    {ERR_REASON(PKCS7_R_NO_CONTENT_TYPE), "no content type"},
-    {ERR_REASON(PKCS7_R_NO_DEFAULT_DIGEST), "no default digest"},
-    {ERR_REASON(PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND),
-     "no matching digest type found"},
-    {ERR_REASON(PKCS7_R_NO_MULTIPART_BODY_FAILURE),
-     "no multipart body failure"},
-    {ERR_REASON(PKCS7_R_NO_MULTIPART_BOUNDARY), "no multipart boundary"},
-    {ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE),
-     "no recipient matches certificate"},
-    {ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_KEY),
-     "no recipient matches key"},
-    {ERR_REASON(PKCS7_R_NO_SIGNATURES_ON_DATA), "no signatures on data"},
-    {ERR_REASON(PKCS7_R_NO_SIGNERS), "no signers"},
-    {ERR_REASON(PKCS7_R_NO_SIG_CONTENT_TYPE), "no sig content type"},
-    {ERR_REASON(PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE),
-     "operation not supported on this type"},
-    {ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR),
-     "pkcs7 add signature error"},
-    {ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNER_ERROR), "pkcs7 add signer error"},
-    {ERR_REASON(PKCS7_R_PKCS7_DATAFINAL), "pkcs7 datafinal"},
-    {ERR_REASON(PKCS7_R_PKCS7_DATAFINAL_ERROR), "pkcs7 datafinal error"},
-    {ERR_REASON(PKCS7_R_PKCS7_DATASIGN), "pkcs7 datasign"},
-    {ERR_REASON(PKCS7_R_PKCS7_PARSE_ERROR), "pkcs7 parse error"},
-    {ERR_REASON(PKCS7_R_PKCS7_SIG_PARSE_ERROR), "pkcs7 sig parse error"},
-    {ERR_REASON(PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),
-     "private key does not match certificate"},
-    {ERR_REASON(PKCS7_R_SIGNATURE_FAILURE), "signature failure"},
-    {ERR_REASON(PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND),
-     "signer certificate not found"},
-    {ERR_REASON(PKCS7_R_SIGNING_CTRL_FAILURE), "signing ctrl failure"},
-    {ERR_REASON(PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),
-     "signing not supported for this key type"},
-    {ERR_REASON(PKCS7_R_SIG_INVALID_MIME_TYPE), "sig invalid mime type"},
-    {ERR_REASON(PKCS7_R_SMIME_TEXT_ERROR), "smime text error"},
-    {ERR_REASON(PKCS7_R_UNABLE_TO_FIND_CERTIFICATE),
-     "unable to find certificate"},
-    {ERR_REASON(PKCS7_R_UNABLE_TO_FIND_MEM_BIO), "unable to find mem bio"},
-    {ERR_REASON(PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST),
-     "unable to find message digest"},
-    {ERR_REASON(PKCS7_R_UNKNOWN_DIGEST_TYPE), "unknown digest type"},
-    {ERR_REASON(PKCS7_R_UNKNOWN_OPERATION), "unknown operation"},
-    {ERR_REASON(PKCS7_R_UNSUPPORTED_CIPHER_TYPE), "unsupported cipher type"},
-    {ERR_REASON(PKCS7_R_UNSUPPORTED_CONTENT_TYPE),
-     "unsupported content type"},
-    {ERR_REASON(PKCS7_R_WRONG_CONTENT_TYPE), "wrong content type"},
-    {ERR_REASON(PKCS7_R_WRONG_PKCS7_TYPE), "wrong pkcs7 type"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_PKCS7_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(PKCS7_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, PKCS7_str_functs);
-        ERR_load_strings(0, PKCS7_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/ppc_arch.h b/thirdparty/openssl/crypto/ppc_arch.h
deleted file mode 100644
index b50ec996a5..0000000000
--- a/thirdparty/openssl/crypto/ppc_arch.h
+++ /dev/null
@@ -1,10 +0,0 @@
-#ifndef __PPC_ARCH_H__
-# define __PPC_ARCH_H__
-
-extern unsigned int OPENSSL_ppccap_P;
-
-# define PPC_FPU64       (1<<0)
-# define PPC_ALTIVEC     (1<<1)
-# define PPC_CRYPTO207   (1<<2)
-
-#endif
diff --git a/thirdparty/openssl/crypto/ppccap.c b/thirdparty/openssl/crypto/ppccap.c
deleted file mode 100644
index 60566b1a5f..0000000000
--- a/thirdparty/openssl/crypto/ppccap.c
+++ /dev/null
@@ -1,183 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <setjmp.h>
-#include <signal.h>
-#include <unistd.h>
-#if defined(__linux) || defined(_AIX)
-# include <sys/utsname.h>
-#endif
-#if defined(__APPLE__) && defined(__MACH__)
-# include <sys/types.h>
-# include <sys/sysctl.h>
-#endif
-#include <openssl/crypto.h>
-#include <openssl/bn.h>
-
-#include "ppc_arch.h"
-
-unsigned int OPENSSL_ppccap_P = 0;
-
-static sigset_t all_masked;
-
-#ifdef OPENSSL_BN_ASM_MONT
-int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
-                const BN_ULONG *np, const BN_ULONG *n0, int num)
-{
-    int bn_mul_mont_fpu64(BN_ULONG *rp, const BN_ULONG *ap,
-                          const BN_ULONG *bp, const BN_ULONG *np,
-                          const BN_ULONG *n0, int num);
-    int bn_mul_mont_int(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
-                        const BN_ULONG *np, const BN_ULONG *n0, int num);
-
-    if (sizeof(size_t) == 4) {
-# if 1 || (defined(__APPLE__) && defined(__MACH__))
-        if (num >= 8 && (num & 3) == 0 && (OPENSSL_ppccap_P & PPC_FPU64))
-            return bn_mul_mont_fpu64(rp, ap, bp, np, n0, num);
-# else
-        /*
-         * boundary of 32 was experimentally determined on Linux 2.6.22,
-         * might have to be adjusted on AIX...
-         */
-        if (num >= 32 && (num & 3) == 0 && (OPENSSL_ppccap_P & PPC_FPU64)) {
-            sigset_t oset;
-            int ret;
-
-            sigprocmask(SIG_SETMASK, &all_masked, &oset);
-            ret = bn_mul_mont_fpu64(rp, ap, bp, np, n0, num);
-            sigprocmask(SIG_SETMASK, &oset, NULL);
-
-            return ret;
-        }
-# endif
-    } else if ((OPENSSL_ppccap_P & PPC_FPU64))
-        /*
-         * this is a "must" on POWER6, but run-time detection is not
-         * implemented yet...
-         */
-        return bn_mul_mont_fpu64(rp, ap, bp, np, n0, num);
-
-    return bn_mul_mont_int(rp, ap, bp, np, n0, num);
-}
-#endif
-
-void sha256_block_p8(void *ctx, const void *inp, size_t len);
-void sha256_block_ppc(void *ctx, const void *inp, size_t len);
-void sha256_block_data_order(void *ctx, const void *inp, size_t len)
-{
-    OPENSSL_ppccap_P & PPC_CRYPTO207 ? sha256_block_p8(ctx, inp, len) :
-        sha256_block_ppc(ctx, inp, len);
-}
-
-void sha512_block_p8(void *ctx, const void *inp, size_t len);
-void sha512_block_ppc(void *ctx, const void *inp, size_t len);
-void sha512_block_data_order(void *ctx, const void *inp, size_t len)
-{
-    OPENSSL_ppccap_P & PPC_CRYPTO207 ? sha512_block_p8(ctx, inp, len) :
-        sha512_block_ppc(ctx, inp, len);
-}
-
-static sigjmp_buf ill_jmp;
-static void ill_handler(int sig)
-{
-    siglongjmp(ill_jmp, sig);
-}
-
-void OPENSSL_ppc64_probe(void);
-void OPENSSL_altivec_probe(void);
-void OPENSSL_crypto207_probe(void);
-
-void OPENSSL_cpuid_setup(void)
-{
-    char *e;
-    struct sigaction ill_oact, ill_act;
-    sigset_t oset;
-    static int trigger = 0;
-
-    if (trigger)
-        return;
-    trigger = 1;
-
-    sigfillset(&all_masked);
-    sigdelset(&all_masked, SIGILL);
-    sigdelset(&all_masked, SIGTRAP);
-#ifdef SIGEMT
-    sigdelset(&all_masked, SIGEMT);
-#endif
-    sigdelset(&all_masked, SIGFPE);
-    sigdelset(&all_masked, SIGBUS);
-    sigdelset(&all_masked, SIGSEGV);
-
-    if ((e = getenv("OPENSSL_ppccap"))) {
-        OPENSSL_ppccap_P = strtoul(e, NULL, 0);
-        return;
-    }
-
-    OPENSSL_ppccap_P = 0;
-
-#if defined(_AIX)
-    if (sizeof(size_t) == 4) {
-        struct utsname uts;
-# if defined(_SC_AIX_KERNEL_BITMODE)
-        if (sysconf(_SC_AIX_KERNEL_BITMODE) != 64)
-            return;
-# endif
-        if (uname(&uts) != 0 || atoi(uts.version) < 6)
-            return;
-    }
-#endif
-
-#if defined(__APPLE__) && defined(__MACH__)
-    {
-        int val;
-        size_t len = sizeof(val);
-
-        if (sysctlbyname("hw.optional.64bitops", &val, &len, NULL, 0) == 0) {
-            if (val)
-                OPENSSL_ppccap_P |= PPC_FPU64;
-        }
-
-        len = sizeof(val);
-        if (sysctlbyname("hw.optional.altivec", &val, &len, NULL, 0) == 0) {
-            if (val)
-                OPENSSL_ppccap_P |= PPC_ALTIVEC;
-        }
-
-        return;
-    }
-#endif
-
-    memset(&ill_act, 0, sizeof(ill_act));
-    ill_act.sa_handler = ill_handler;
-    ill_act.sa_mask = all_masked;
-
-    sigprocmask(SIG_SETMASK, &ill_act.sa_mask, &oset);
-    sigaction(SIGILL, &ill_act, &ill_oact);
-
-    if (sizeof(size_t) == 4) {
-#ifdef __linux
-        struct utsname uts;
-        if (uname(&uts) == 0 && strcmp(uts.machine, "ppc64") == 0)
-#endif
-            if (sigsetjmp(ill_jmp, 1) == 0) {
-                OPENSSL_ppc64_probe();
-                OPENSSL_ppccap_P |= PPC_FPU64;
-            }
-    } else {
-        /*
-         * Wanted code detecting POWER6 CPU and setting PPC_FPU64
-         */
-    }
-
-    if (sigsetjmp(ill_jmp, 1) == 0) {
-        OPENSSL_altivec_probe();
-        OPENSSL_ppccap_P |= PPC_ALTIVEC;
-        if (sigsetjmp(ill_jmp, 1) == 0) {
-            OPENSSL_crypto207_probe();
-            OPENSSL_ppccap_P |= PPC_CRYPTO207;
-        }
-    }
-
-    sigaction(SIGILL, &ill_oact, NULL);
-    sigprocmask(SIG_SETMASK, &oset, NULL);
-}
diff --git a/thirdparty/openssl/crypto/pqueue/pqueue.c b/thirdparty/openssl/crypto/pqueue/pqueue.c
deleted file mode 100644
index 75f9734931..0000000000
--- a/thirdparty/openssl/crypto/pqueue/pqueue.c
+++ /dev/null
@@ -1,235 +0,0 @@
-/* crypto/pqueue/pqueue.c */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include "pqueue.h"
-
-typedef struct _pqueue {
-    pitem *items;
-    int count;
-} pqueue_s;
-
-pitem *pitem_new(unsigned char *prio64be, void *data)
-{
-    pitem *item = (pitem *)OPENSSL_malloc(sizeof(pitem));
-    if (item == NULL)
-        return NULL;
-
-    memcpy(item->priority, prio64be, sizeof(item->priority));
-
-    item->data = data;
-    item->next = NULL;
-
-    return item;
-}
-
-void pitem_free(pitem *item)
-{
-    if (item == NULL)
-        return;
-
-    OPENSSL_free(item);
-}
-
-pqueue_s *pqueue_new()
-{
-    pqueue_s *pq = (pqueue_s *)OPENSSL_malloc(sizeof(pqueue_s));
-    if (pq == NULL)
-        return NULL;
-
-    memset(pq, 0x00, sizeof(pqueue_s));
-    return pq;
-}
-
-void pqueue_free(pqueue_s *pq)
-{
-    if (pq == NULL)
-        return;
-
-    OPENSSL_free(pq);
-}
-
-pitem *pqueue_insert(pqueue_s *pq, pitem *item)
-{
-    pitem *curr, *next;
-
-    if (pq->items == NULL) {
-        pq->items = item;
-        return item;
-    }
-
-    for (curr = NULL, next = pq->items;
-         next != NULL; curr = next, next = next->next) {
-        /*
-         * we can compare 64-bit value in big-endian encoding with memcmp:-)
-         */
-        int cmp = memcmp(next->priority, item->priority, 8);
-        if (cmp > 0) {          /* next > item */
-            item->next = next;
-
-            if (curr == NULL)
-                pq->items = item;
-            else
-                curr->next = item;
-
-            return item;
-        }
-
-        else if (cmp == 0)      /* duplicates not allowed */
-            return NULL;
-    }
-
-    item->next = NULL;
-    curr->next = item;
-
-    return item;
-}
-
-pitem *pqueue_peek(pqueue_s *pq)
-{
-    return pq->items;
-}
-
-pitem *pqueue_pop(pqueue_s *pq)
-{
-    pitem *item = pq->items;
-
-    if (pq->items != NULL)
-        pq->items = pq->items->next;
-
-    return item;
-}
-
-pitem *pqueue_find(pqueue_s *pq, unsigned char *prio64be)
-{
-    pitem *next;
-    pitem *found = NULL;
-
-    if (pq->items == NULL)
-        return NULL;
-
-    for (next = pq->items; next->next != NULL; next = next->next) {
-        if (memcmp(next->priority, prio64be, 8) == 0) {
-            found = next;
-            break;
-        }
-    }
-
-    /* check the one last node */
-    if (memcmp(next->priority, prio64be, 8) == 0)
-        found = next;
-
-    if (!found)
-        return NULL;
-
-#if 0                           /* find works in peek mode */
-    if (prev == NULL)
-        pq->items = next->next;
-    else
-        prev->next = next->next;
-#endif
-
-    return found;
-}
-
-void pqueue_print(pqueue_s *pq)
-{
-    pitem *item = pq->items;
-
-    while (item != NULL) {
-        printf("item\t%02x%02x%02x%02x%02x%02x%02x%02x\n",
-               item->priority[0], item->priority[1],
-               item->priority[2], item->priority[3],
-               item->priority[4], item->priority[5],
-               item->priority[6], item->priority[7]);
-        item = item->next;
-    }
-}
-
-pitem *pqueue_iterator(pqueue_s *pq)
-{
-    return pqueue_peek(pq);
-}
-
-pitem *pqueue_next(pitem **item)
-{
-    pitem *ret;
-
-    if (item == NULL || *item == NULL)
-        return NULL;
-
-    /* *item != NULL */
-    ret = *item;
-    *item = (*item)->next;
-
-    return ret;
-}
-
-int pqueue_size(pqueue_s *pq)
-{
-    pitem *item = pq->items;
-    int count = 0;
-
-    while (item != NULL) {
-        count++;
-        item = item->next;
-    }
-    return count;
-}
diff --git a/thirdparty/openssl/crypto/rand/md_rand.c b/thirdparty/openssl/crypto/rand/md_rand.c
deleted file mode 100644
index 29e465b075..0000000000
--- a/thirdparty/openssl/crypto/rand/md_rand.c
+++ /dev/null
@@ -1,616 +0,0 @@
-/* crypto/rand/md_rand.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#define OPENSSL_FIPSEVP
-
-#ifdef MD_RAND_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-
-#include <assert.h>
-#include <stdio.h>
-#include <string.h>
-
-#include "e_os.h"
-
-#include <openssl/crypto.h>
-#include <openssl/rand.h>
-#include "rand_lcl.h"
-
-#include <openssl/err.h>
-
-#ifdef BN_DEBUG
-# define PREDICT
-#endif
-
-/* #define PREDICT      1 */
-
-#define STATE_SIZE      1023
-static size_t state_num = 0, state_index = 0;
-static unsigned char state[STATE_SIZE + MD_DIGEST_LENGTH];
-static unsigned char md[MD_DIGEST_LENGTH];
-static long md_count[2] = { 0, 0 };
-
-static double entropy = 0;
-static int initialized = 0;
-
-static unsigned int crypto_lock_rand = 0; /* may be set only when a thread
-                                           * holds CRYPTO_LOCK_RAND (to
-                                           * prevent double locking) */
-/* access to lockin_thread is synchronized by CRYPTO_LOCK_RAND2 */
-/* valid iff crypto_lock_rand is set */
-static CRYPTO_THREADID locking_threadid;
-
-#ifdef PREDICT
-int rand_predictable = 0;
-#endif
-
-const char RAND_version[] = "RAND" OPENSSL_VERSION_PTEXT;
-
-static void ssleay_rand_cleanup(void);
-static void ssleay_rand_seed(const void *buf, int num);
-static void ssleay_rand_add(const void *buf, int num, double add_entropy);
-static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num);
-static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num);
-static int ssleay_rand_status(void);
-
-RAND_METHOD rand_ssleay_meth = {
-    ssleay_rand_seed,
-    ssleay_rand_nopseudo_bytes,
-    ssleay_rand_cleanup,
-    ssleay_rand_add,
-    ssleay_rand_pseudo_bytes,
-    ssleay_rand_status
-};
-
-RAND_METHOD *RAND_SSLeay(void)
-{
-    return (&rand_ssleay_meth);
-}
-
-static void ssleay_rand_cleanup(void)
-{
-    OPENSSL_cleanse(state, sizeof(state));
-    state_num = 0;
-    state_index = 0;
-    OPENSSL_cleanse(md, MD_DIGEST_LENGTH);
-    md_count[0] = 0;
-    md_count[1] = 0;
-    entropy = 0;
-    initialized = 0;
-}
-
-static void ssleay_rand_add(const void *buf, int num, double add)
-{
-    int i, j, k, st_idx;
-    long md_c[2];
-    unsigned char local_md[MD_DIGEST_LENGTH];
-    EVP_MD_CTX m;
-    int do_not_lock;
-
-    if (!num)
-        return;
-
-    /*
-     * (Based on the rand(3) manpage)
-     *
-     * The input is chopped up into units of 20 bytes (or less for
-     * the last block).  Each of these blocks is run through the hash
-     * function as follows:  The data passed to the hash function
-     * is the current 'md', the same number of bytes from the 'state'
-     * (the location determined by in incremented looping index) as
-     * the current 'block', the new key data 'block', and 'count'
-     * (which is incremented after each use).
-     * The result of this is kept in 'md' and also xored into the
-     * 'state' at the same locations that were used as input into the
-     * hash function.
-     */
-
-    /* check if we already have the lock */
-    if (crypto_lock_rand) {
-        CRYPTO_THREADID cur;
-        CRYPTO_THREADID_current(&cur);
-        CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
-        do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur);
-        CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
-    } else
-        do_not_lock = 0;
-
-    if (!do_not_lock)
-        CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-    st_idx = state_index;
-
-    /*
-     * use our own copies of the counters so that even if a concurrent thread
-     * seeds with exactly the same data and uses the same subarray there's
-     * _some_ difference
-     */
-    md_c[0] = md_count[0];
-    md_c[1] = md_count[1];
-
-    memcpy(local_md, md, sizeof md);
-
-    /* state_index <= state_num <= STATE_SIZE */
-    state_index += num;
-    if (state_index >= STATE_SIZE) {
-        state_index %= STATE_SIZE;
-        state_num = STATE_SIZE;
-    } else if (state_num < STATE_SIZE) {
-        if (state_index > state_num)
-            state_num = state_index;
-    }
-    /* state_index <= state_num <= STATE_SIZE */
-
-    /*
-     * state[st_idx], ..., state[(st_idx + num - 1) % STATE_SIZE] are what we
-     * will use now, but other threads may use them as well
-     */
-
-    md_count[1] += (num / MD_DIGEST_LENGTH) + (num % MD_DIGEST_LENGTH > 0);
-
-    if (!do_not_lock)
-        CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-
-    EVP_MD_CTX_init(&m);
-    for (i = 0; i < num; i += MD_DIGEST_LENGTH) {
-        j = (num - i);
-        j = (j > MD_DIGEST_LENGTH) ? MD_DIGEST_LENGTH : j;
-
-        if (!MD_Init(&m) ||
-            !MD_Update(&m, local_md, MD_DIGEST_LENGTH))
-            goto err;
-        k = (st_idx + j) - STATE_SIZE;
-        if (k > 0) {
-            if (!MD_Update(&m, &(state[st_idx]), j - k) ||
-                !MD_Update(&m, &(state[0]), k))
-                goto err;
-        } else
-            if (!MD_Update(&m, &(state[st_idx]), j))
-                goto err;
-
-        /* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
-        if (!MD_Update(&m, buf, j))
-            goto err;
-        /*
-         * We know that line may cause programs such as purify and valgrind
-         * to complain about use of uninitialized data.  The problem is not,
-         * it's with the caller.  Removing that line will make sure you get
-         * really bad randomness and thereby other problems such as very
-         * insecure keys.
-         */
-
-        if (!MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c)) ||
-            !MD_Final(&m, local_md))
-            goto err;
-        md_c[1]++;
-
-        buf = (const char *)buf + j;
-
-        for (k = 0; k < j; k++) {
-            /*
-             * Parallel threads may interfere with this, but always each byte
-             * of the new state is the XOR of some previous value of its and
-             * local_md (itermediate values may be lost). Alway using locking
-             * could hurt performance more than necessary given that
-             * conflicts occur only when the total seeding is longer than the
-             * random state.
-             */
-            state[st_idx++] ^= local_md[k];
-            if (st_idx >= STATE_SIZE)
-                st_idx = 0;
-        }
-    }
-
-    if (!do_not_lock)
-        CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-    /*
-     * Don't just copy back local_md into md -- this could mean that other
-     * thread's seeding remains without effect (except for the incremented
-     * counter).  By XORing it we keep at least as much entropy as fits into
-     * md.
-     */
-    for (k = 0; k < (int)sizeof(md); k++) {
-        md[k] ^= local_md[k];
-    }
-    if (entropy < ENTROPY_NEEDED) /* stop counting when we have enough */
-        entropy += add;
-    if (!do_not_lock)
-        CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-
-#if !defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32)
-    assert(md_c[1] == md_count[1]);
-#endif
-
- err:
-    EVP_MD_CTX_cleanup(&m);
-}
-
-static void ssleay_rand_seed(const void *buf, int num)
-{
-    ssleay_rand_add(buf, num, (double)num);
-}
-
-int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock)
-{
-    static volatile int stirred_pool = 0;
-    int i, j, k;
-    size_t num_ceil, st_idx, st_num;
-    int ok;
-    long md_c[2];
-    unsigned char local_md[MD_DIGEST_LENGTH];
-    EVP_MD_CTX m;
-#ifndef GETPID_IS_MEANINGLESS
-    pid_t curr_pid = getpid();
-#endif
-    int do_stir_pool = 0;
-
-#ifdef PREDICT
-    if (rand_predictable) {
-        static unsigned char val = 0;
-
-        for (i = 0; i < num; i++)
-            buf[i] = val++;
-        return (1);
-    }
-#endif
-
-    if (num <= 0)
-        return 1;
-
-    EVP_MD_CTX_init(&m);
-    /* round upwards to multiple of MD_DIGEST_LENGTH/2 */
-    num_ceil =
-        (1 + (num - 1) / (MD_DIGEST_LENGTH / 2)) * (MD_DIGEST_LENGTH / 2);
-
-    /*
-     * (Based on the rand(3) manpage:)
-     *
-     * For each group of 10 bytes (or less), we do the following:
-     *
-     * Input into the hash function the local 'md' (which is initialized from
-     * the global 'md' before any bytes are generated), the bytes that are to
-     * be overwritten by the random bytes, and bytes from the 'state'
-     * (incrementing looping index). From this digest output (which is kept
-     * in 'md'), the top (up to) 10 bytes are returned to the caller and the
-     * bottom 10 bytes are xored into the 'state'.
-     *
-     * Finally, after we have finished 'num' random bytes for the
-     * caller, 'count' (which is incremented) and the local and global 'md'
-     * are fed into the hash function and the results are kept in the
-     * global 'md'.
-     */
-    if (lock)
-        CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-
-    /* prevent ssleay_rand_bytes() from trying to obtain the lock again */
-    CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
-    CRYPTO_THREADID_current(&locking_threadid);
-    CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
-    crypto_lock_rand = 1;
-
-    if (!initialized) {
-        RAND_poll();
-        initialized = 1;
-    }
-
-    if (!stirred_pool)
-        do_stir_pool = 1;
-
-    ok = (entropy >= ENTROPY_NEEDED);
-    if (!ok) {
-        /*
-         * If the PRNG state is not yet unpredictable, then seeing the PRNG
-         * output may help attackers to determine the new state; thus we have
-         * to decrease the entropy estimate. Once we've had enough initial
-         * seeding we don't bother to adjust the entropy count, though,
-         * because we're not ambitious to provide *information-theoretic*
-         * randomness. NOTE: This approach fails if the program forks before
-         * we have enough entropy. Entropy should be collected in a separate
-         * input pool and be transferred to the output pool only when the
-         * entropy limit has been reached.
-         */
-        entropy -= num;
-        if (entropy < 0)
-            entropy = 0;
-    }
-
-    if (do_stir_pool) {
-        /*
-         * In the output function only half of 'md' remains secret, so we
-         * better make sure that the required entropy gets 'evenly
-         * distributed' through 'state', our randomness pool. The input
-         * function (ssleay_rand_add) chains all of 'md', which makes it more
-         * suitable for this purpose.
-         */
-
-        int n = STATE_SIZE;     /* so that the complete pool gets accessed */
-        while (n > 0) {
-#if MD_DIGEST_LENGTH > 20
-# error "Please adjust DUMMY_SEED."
-#endif
-#define DUMMY_SEED "...................." /* at least MD_DIGEST_LENGTH */
-            /*
-             * Note that the seed does not matter, it's just that
-             * ssleay_rand_add expects to have something to hash.
-             */
-            ssleay_rand_add(DUMMY_SEED, MD_DIGEST_LENGTH, 0.0);
-            n -= MD_DIGEST_LENGTH;
-        }
-        if (ok)
-            stirred_pool = 1;
-    }
-
-    st_idx = state_index;
-    st_num = state_num;
-    md_c[0] = md_count[0];
-    md_c[1] = md_count[1];
-    memcpy(local_md, md, sizeof md);
-
-    state_index += num_ceil;
-    if (state_index > state_num)
-        state_index %= state_num;
-
-    /*
-     * state[st_idx], ..., state[(st_idx + num_ceil - 1) % st_num] are now
-     * ours (but other threads may use them too)
-     */
-
-    md_count[0] += 1;
-
-    /* before unlocking, we must clear 'crypto_lock_rand' */
-    crypto_lock_rand = 0;
-    if (lock)
-        CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-
-    while (num > 0) {
-        /* num_ceil -= MD_DIGEST_LENGTH/2 */
-        j = (num >= MD_DIGEST_LENGTH / 2) ? MD_DIGEST_LENGTH / 2 : num;
-        num -= j;
-        if (!MD_Init(&m))
-           goto err;
-#ifndef GETPID_IS_MEANINGLESS
-        if (curr_pid) {         /* just in the first iteration to save time */
-            if (!MD_Update(&m, (unsigned char *)&curr_pid, sizeof curr_pid))
-                goto err;
-            curr_pid = 0;
-        }
-#endif
-        if (!MD_Update(&m, local_md, MD_DIGEST_LENGTH) ||
-            !MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c)))
-            goto err;
-
-#ifndef PURIFY                  /* purify complains */
-        /*
-         * The following line uses the supplied buffer as a small source of
-         * entropy: since this buffer is often uninitialised it may cause
-         * programs such as purify or valgrind to complain. So for those
-         * builds it is not used: the removal of such a small source of
-         * entropy has negligible impact on security.
-         */
-        if (!MD_Update(&m, buf, j))
-            goto err;
-#endif
-
-        k = (st_idx + MD_DIGEST_LENGTH / 2) - st_num;
-        if (k > 0) {
-            if (!MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2 - k) ||
-                !MD_Update(&m, &(state[0]), k))
-                goto err;
-        } else {
-            if (!MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2))
-                goto err;
-        }
-        if (!MD_Final(&m, local_md))
-            goto err;
-
-        for (i = 0; i < MD_DIGEST_LENGTH / 2; i++) {
-            /* may compete with other threads */
-            state[st_idx++] ^= local_md[i];
-            if (st_idx >= st_num)
-                st_idx = 0;
-            if (i < j)
-                *(buf++) = local_md[i + MD_DIGEST_LENGTH / 2];
-        }
-    }
-
-    if (!MD_Init(&m) ||
-        !MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c)) ||
-        !MD_Update(&m, local_md, MD_DIGEST_LENGTH))
-        goto err;
-    if (lock)
-        CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-    if (!MD_Update(&m, md, MD_DIGEST_LENGTH) ||
-        !MD_Final(&m, md)) {
-        if (lock)
-            CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-        goto err;
-    }
-    if (lock)
-        CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-
-    EVP_MD_CTX_cleanup(&m);
-    if (ok)
-        return (1);
-    else if (pseudo)
-        return 0;
-    else {
-        RANDerr(RAND_F_SSLEAY_RAND_BYTES, RAND_R_PRNG_NOT_SEEDED);
-        ERR_add_error_data(1, "You need to read the OpenSSL FAQ, "
-                           "http://www.openssl.org/support/faq.html");
-        return (0);
-    }
-
- err:
-    EVP_MD_CTX_cleanup(&m);
-    return (0);
-}
-
-static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num)
-{
-    return ssleay_rand_bytes(buf, num, 0, 1);
-}
-
-/*
- * pseudo-random bytes that are guaranteed to be unique but not unpredictable
- */
-static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num)
-{
-    return ssleay_rand_bytes(buf, num, 1, 1);
-}
-
-static int ssleay_rand_status(void)
-{
-    CRYPTO_THREADID cur;
-    int ret;
-    int do_not_lock;
-
-    CRYPTO_THREADID_current(&cur);
-    /*
-     * check if we already have the lock (could happen if a RAND_poll()
-     * implementation calls RAND_status())
-     */
-    if (crypto_lock_rand) {
-        CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
-        do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur);
-        CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
-    } else
-        do_not_lock = 0;
-
-    if (!do_not_lock) {
-        CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-
-        /*
-         * prevent ssleay_rand_bytes() from trying to obtain the lock again
-         */
-        CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
-        CRYPTO_THREADID_cpy(&locking_threadid, &cur);
-        CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
-        crypto_lock_rand = 1;
-    }
-
-    if (!initialized) {
-        RAND_poll();
-        initialized = 1;
-    }
-
-    ret = entropy >= ENTROPY_NEEDED;
-
-    if (!do_not_lock) {
-        /* before unlocking, we must clear 'crypto_lock_rand' */
-        crypto_lock_rand = 0;
-
-        CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-    }
-
-    return ret;
-}
diff --git a/thirdparty/openssl/crypto/rand/rand_egd.c b/thirdparty/openssl/crypto/rand/rand_egd.c
deleted file mode 100644
index 737aebfa22..0000000000
--- a/thirdparty/openssl/crypto/rand/rand_egd.c
+++ /dev/null
@@ -1,292 +0,0 @@
-/* crypto/rand/rand_egd.c */
-/* Written by Ulf Moeller and Lutz Jaenicke for the OpenSSL project. */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/e_os2.h>
-#include <openssl/rand.h>
-#include <openssl/buffer.h>
-
-/*-
- * Query the EGD <URL: http://www.lothar.com/tech/crypto/>.
- *
- * This module supplies three routines:
- *
- * RAND_query_egd_bytes(path, buf, bytes)
- *   will actually query "bytes" bytes of entropy form the egd-socket located
- *   at path and will write them to buf (if supplied) or will directly feed
- *   it to RAND_seed() if buf==NULL.
- *   The number of bytes is not limited by the maximum chunk size of EGD,
- *   which is 255 bytes. If more than 255 bytes are wanted, several chunks
- *   of entropy bytes are requested. The connection is left open until the
- *   query is competed.
- *   RAND_query_egd_bytes() returns with
- *     -1  if an error occured during connection or communication.
- *     num the number of bytes read from the EGD socket. This number is either
- *         the number of bytes requested or smaller, if the EGD pool is
- *         drained and the daemon signals that the pool is empty.
- *   This routine does not touch any RAND_status(). This is necessary, since
- *   PRNG functions may call it during initialization.
- *
- * RAND_egd_bytes(path, bytes) will query "bytes" bytes and have them
- *   used to seed the PRNG.
- *   RAND_egd_bytes() is a wrapper for RAND_query_egd_bytes() with buf=NULL.
- *   Unlike RAND_query_egd_bytes(), RAND_status() is used to test the
- *   seed status so that the return value can reflect the seed state:
- *     -1  if an error occured during connection or communication _or_
- *         if the PRNG has still not received the required seeding.
- *     num the number of bytes read from the EGD socket. This number is either
- *         the number of bytes requested or smaller, if the EGD pool is
- *         drained and the daemon signals that the pool is empty.
- *
- * RAND_egd(path) will query 255 bytes and use the bytes retreived to seed
- *   the PRNG.
- *   RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.
- */
-
-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_BEOS)
-int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
-{
-    return (-1);
-}
-
-int RAND_egd(const char *path)
-{
-    return (-1);
-}
-
-int RAND_egd_bytes(const char *path, int bytes)
-{
-    return (-1);
-}
-#else
-# include <openssl/opensslconf.h>
-# include OPENSSL_UNISTD
-# include <stddef.h>
-# include <sys/types.h>
-# include <sys/socket.h>
-# ifndef NO_SYS_UN_H
-#  ifdef OPENSSL_SYS_VXWORKS
-#   include <streams/un.h>
-#  else
-#   include <sys/un.h>
-#  endif
-# else
-struct sockaddr_un {
-    short sun_family;           /* AF_UNIX */
-    char sun_path[108];         /* path name (gag) */
-};
-# endif                         /* NO_SYS_UN_H */
-# include <string.h>
-# include <errno.h>
-
-# ifndef offsetof
-#  define offsetof(TYPE, MEMBER) ((size_t) &((TYPE *)0)->MEMBER)
-# endif
-
-int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
-{
-    int ret = 0;
-    struct sockaddr_un addr;
-    int len, num, numbytes;
-    int fd = -1;
-    int success;
-    unsigned char egdbuf[2], tempbuf[255], *retrievebuf;
-
-    memset(&addr, 0, sizeof(addr));
-    addr.sun_family = AF_UNIX;
-    if (strlen(path) >= sizeof(addr.sun_path))
-        return (-1);
-    BUF_strlcpy(addr.sun_path, path, sizeof addr.sun_path);
-    len = offsetof(struct sockaddr_un, sun_path) + strlen(path);
-    fd = socket(AF_UNIX, SOCK_STREAM, 0);
-    if (fd == -1)
-        return (-1);
-    success = 0;
-    while (!success) {
-        if (connect(fd, (struct sockaddr *)&addr, len) == 0)
-            success = 1;
-        else {
-            switch (errno) {
-# ifdef EINTR
-            case EINTR:
-# endif
-# ifdef EAGAIN
-            case EAGAIN:
-# endif
-# ifdef EINPROGRESS
-            case EINPROGRESS:
-# endif
-# ifdef EALREADY
-            case EALREADY:
-# endif
-                /* No error, try again */
-                break;
-# ifdef EISCONN
-            case EISCONN:
-                success = 1;
-                break;
-# endif
-            default:
-                goto err;       /* failure */
-            }
-        }
-    }
-
-    while (bytes > 0) {
-        egdbuf[0] = 1;
-        egdbuf[1] = bytes < 255 ? bytes : 255;
-        numbytes = 0;
-        while (numbytes != 2) {
-            num = write(fd, egdbuf + numbytes, 2 - numbytes);
-            if (num >= 0)
-                numbytes += num;
-            else {
-                switch (errno) {
-# ifdef EINTR
-                case EINTR:
-# endif
-# ifdef EAGAIN
-                case EAGAIN:
-# endif
-                    /* No error, try again */
-                    break;
-                default:
-                    ret = -1;
-                    goto err;   /* failure */
-                }
-            }
-        }
-        numbytes = 0;
-        while (numbytes != 1) {
-            num = read(fd, egdbuf, 1);
-            if (num == 0)
-                goto err;       /* descriptor closed */
-            else if (num > 0)
-                numbytes += num;
-            else {
-                switch (errno) {
-# ifdef EINTR
-                case EINTR:
-# endif
-# ifdef EAGAIN
-                case EAGAIN:
-# endif
-                    /* No error, try again */
-                    break;
-                default:
-                    ret = -1;
-                    goto err;   /* failure */
-                }
-            }
-        }
-        if (egdbuf[0] == 0)
-            goto err;
-        if (buf)
-            retrievebuf = buf + ret;
-        else
-            retrievebuf = tempbuf;
-        numbytes = 0;
-        while (numbytes != egdbuf[0]) {
-            num = read(fd, retrievebuf + numbytes, egdbuf[0] - numbytes);
-            if (num == 0)
-                goto err;       /* descriptor closed */
-            else if (num > 0)
-                numbytes += num;
-            else {
-                switch (errno) {
-# ifdef EINTR
-                case EINTR:
-# endif
-# ifdef EAGAIN
-                case EAGAIN:
-# endif
-                    /* No error, try again */
-                    break;
-                default:
-                    ret = -1;
-                    goto err;   /* failure */
-                }
-            }
-        }
-        ret += egdbuf[0];
-        bytes -= egdbuf[0];
-        if (!buf)
-            RAND_seed(tempbuf, egdbuf[0]);
-    }
- err:
-    if (fd != -1)
-        close(fd);
-    return (ret);
-}
-
-int RAND_egd_bytes(const char *path, int bytes)
-{
-    int num, ret = 0;
-
-    num = RAND_query_egd_bytes(path, NULL, bytes);
-    if (num < 1)
-        goto err;
-    if (RAND_status() == 1)
-        ret = num;
- err:
-    return (ret);
-}
-
-int RAND_egd(const char *path)
-{
-    return (RAND_egd_bytes(path, 255));
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/rand/rand_err.c b/thirdparty/openssl/crypto/rand/rand_err.c
deleted file mode 100644
index 55d86ea8a3..0000000000
--- a/thirdparty/openssl/crypto/rand/rand_err.c
+++ /dev/null
@@ -1,100 +0,0 @@
-/* crypto/rand/rand_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/rand.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_RAND,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_RAND,0,reason)
-
-static ERR_STRING_DATA RAND_str_functs[] = {
-    {ERR_FUNC(RAND_F_RAND_GET_RAND_METHOD), "RAND_get_rand_method"},
-    {ERR_FUNC(RAND_F_RAND_INIT_FIPS), "RAND_init_fips"},
-    {ERR_FUNC(RAND_F_SSLEAY_RAND_BYTES), "SSLEAY_RAND_BYTES"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA RAND_str_reasons[] = {
-    {ERR_REASON(RAND_R_DUAL_EC_DRBG_DISABLED), "dual ec drbg disabled"},
-    {ERR_REASON(RAND_R_ERROR_INITIALISING_DRBG), "error initialising drbg"},
-    {ERR_REASON(RAND_R_ERROR_INSTANTIATING_DRBG), "error instantiating drbg"},
-    {ERR_REASON(RAND_R_NO_FIPS_RANDOM_METHOD_SET),
-     "no fips random method set"},
-    {ERR_REASON(RAND_R_PRNG_NOT_SEEDED), "PRNG not seeded"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_RAND_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(RAND_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, RAND_str_functs);
-        ERR_load_strings(0, RAND_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/rand/rand_lcl.h b/thirdparty/openssl/crypto/rand/rand_lcl.h
deleted file mode 100644
index f9fda3eb89..0000000000
--- a/thirdparty/openssl/crypto/rand/rand_lcl.h
+++ /dev/null
@@ -1,158 +0,0 @@
-/* crypto/rand/rand_lcl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_RAND_LCL_H
-# define HEADER_RAND_LCL_H
-
-# define ENTROPY_NEEDED 32      /* require 256 bits = 32 bytes of randomness */
-
-# if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
-#  if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
-#   define USE_SHA1_RAND
-#  elif !defined(OPENSSL_NO_MD5)
-#   define USE_MD5_RAND
-#  elif !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES)
-#   define USE_MDC2_RAND
-#  elif !defined(OPENSSL_NO_MD2)
-#   define USE_MD2_RAND
-#  else
-#   error No message digest algorithm available
-#  endif
-# endif
-
-# include <openssl/evp.h>
-# define MD_Update(a,b,c)        EVP_DigestUpdate(a,b,c)
-# define MD_Final(a,b)           EVP_DigestFinal_ex(a,b,NULL)
-# if defined(USE_MD5_RAND)
-#  include <openssl/md5.h>
-#  define MD_DIGEST_LENGTH        MD5_DIGEST_LENGTH
-#  define MD_Init(a)              EVP_DigestInit_ex(a,EVP_md5(), NULL)
-#  define MD(a,b,c)               EVP_Digest(a,b,c,NULL,EVP_md5(), NULL)
-# elif defined(USE_SHA1_RAND)
-#  include <openssl/sha.h>
-#  define MD_DIGEST_LENGTH        SHA_DIGEST_LENGTH
-#  define MD_Init(a)              EVP_DigestInit_ex(a,EVP_sha1(), NULL)
-#  define MD(a,b,c)               EVP_Digest(a,b,c,NULL,EVP_sha1(), NULL)
-# elif defined(USE_MDC2_RAND)
-#  include <openssl/mdc2.h>
-#  define MD_DIGEST_LENGTH        MDC2_DIGEST_LENGTH
-#  define MD_Init(a)              EVP_DigestInit_ex(a,EVP_mdc2(), NULL)
-#  define MD(a,b,c)               EVP_Digest(a,b,c,NULL,EVP_mdc2(), NULL)
-# elif defined(USE_MD2_RAND)
-#  include <openssl/md2.h>
-#  define MD_DIGEST_LENGTH        MD2_DIGEST_LENGTH
-#  define MD_Init(a)              EVP_DigestInit_ex(a,EVP_md2(), NULL)
-#  define MD(a,b,c)               EVP_Digest(a,b,c,NULL,EVP_md2(), NULL)
-# endif
-
-int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock);
-
-#endif
diff --git a/thirdparty/openssl/crypto/rand/rand_lib.c b/thirdparty/openssl/crypto/rand/rand_lib.c
deleted file mode 100644
index 88a78d3506..0000000000
--- a/thirdparty/openssl/crypto/rand/rand_lib.c
+++ /dev/null
@@ -1,300 +0,0 @@
-/* crypto/rand/rand_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include <openssl/rand.h>
-
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-# include <openssl/fips_rand.h>
-# include "rand_lcl.h"
-#endif
-
-#ifndef OPENSSL_NO_ENGINE
-/* non-NULL if default_RAND_meth is ENGINE-provided */
-static ENGINE *funct_ref = NULL;
-#endif
-static const RAND_METHOD *default_RAND_meth = NULL;
-
-int RAND_set_rand_method(const RAND_METHOD *meth)
-{
-#ifndef OPENSSL_NO_ENGINE
-    if (funct_ref) {
-        ENGINE_finish(funct_ref);
-        funct_ref = NULL;
-    }
-#endif
-    default_RAND_meth = meth;
-    return 1;
-}
-
-const RAND_METHOD *RAND_get_rand_method(void)
-{
-    if (!default_RAND_meth) {
-#ifndef OPENSSL_NO_ENGINE
-        ENGINE *e = ENGINE_get_default_RAND();
-        if (e) {
-            default_RAND_meth = ENGINE_get_RAND(e);
-            if (!default_RAND_meth) {
-                ENGINE_finish(e);
-                e = NULL;
-            }
-        }
-        if (e)
-            funct_ref = e;
-        else
-#endif
-            default_RAND_meth = RAND_SSLeay();
-    }
-    return default_RAND_meth;
-}
-
-#ifndef OPENSSL_NO_ENGINE
-int RAND_set_rand_engine(ENGINE *engine)
-{
-    const RAND_METHOD *tmp_meth = NULL;
-    if (engine) {
-        if (!ENGINE_init(engine))
-            return 0;
-        tmp_meth = ENGINE_get_RAND(engine);
-        if (!tmp_meth) {
-            ENGINE_finish(engine);
-            return 0;
-        }
-    }
-    /* This function releases any prior ENGINE so call it first */
-    RAND_set_rand_method(tmp_meth);
-    funct_ref = engine;
-    return 1;
-}
-#endif
-
-void RAND_cleanup(void)
-{
-    const RAND_METHOD *meth = RAND_get_rand_method();
-    if (meth && meth->cleanup)
-        meth->cleanup();
-    RAND_set_rand_method(NULL);
-}
-
-void RAND_seed(const void *buf, int num)
-{
-    const RAND_METHOD *meth = RAND_get_rand_method();
-    if (meth && meth->seed)
-        meth->seed(buf, num);
-}
-
-void RAND_add(const void *buf, int num, double entropy)
-{
-    const RAND_METHOD *meth = RAND_get_rand_method();
-    if (meth && meth->add)
-        meth->add(buf, num, entropy);
-}
-
-int RAND_bytes(unsigned char *buf, int num)
-{
-    const RAND_METHOD *meth = RAND_get_rand_method();
-    if (meth && meth->bytes)
-        return meth->bytes(buf, num);
-    return (-1);
-}
-
-int RAND_pseudo_bytes(unsigned char *buf, int num)
-{
-    const RAND_METHOD *meth = RAND_get_rand_method();
-    if (meth && meth->pseudorand)
-        return meth->pseudorand(buf, num);
-    return (-1);
-}
-
-int RAND_status(void)
-{
-    const RAND_METHOD *meth = RAND_get_rand_method();
-    if (meth && meth->status)
-        return meth->status();
-    return 0;
-}
-
-#ifdef OPENSSL_FIPS
-
-/*
- * FIPS DRBG initialisation code. This sets up the DRBG for use by the rest
- * of OpenSSL.
- */
-
-/*
- * Entropy gatherer: use standard OpenSSL PRNG to seed (this will gather
- * entropy internally through RAND_poll().
- */
-
-static size_t drbg_get_entropy(DRBG_CTX *ctx, unsigned char **pout,
-                               int entropy, size_t min_len, size_t max_len)
-{
-    /* Round up request to multiple of block size */
-    min_len = ((min_len + 19) / 20) * 20;
-    *pout = OPENSSL_malloc(min_len);
-    if (!*pout)
-        return 0;
-    if (ssleay_rand_bytes(*pout, min_len, 0, 0) <= 0) {
-        OPENSSL_free(*pout);
-        *pout = NULL;
-        return 0;
-    }
-    return min_len;
-}
-
-static void drbg_free_entropy(DRBG_CTX *ctx, unsigned char *out, size_t olen)
-{
-    if (out) {
-        OPENSSL_cleanse(out, olen);
-        OPENSSL_free(out);
-    }
-}
-
-/*
- * Set "additional input" when generating random data. This uses the current
- * PID, a time value and a counter.
- */
-
-static size_t drbg_get_adin(DRBG_CTX *ctx, unsigned char **pout)
-{
-    /* Use of static variables is OK as this happens under a lock */
-    static unsigned char buf[16];
-    static unsigned long counter;
-    FIPS_get_timevec(buf, &counter);
-    *pout = buf;
-    return sizeof(buf);
-}
-
-/*
- * RAND_add() and RAND_seed() pass through to OpenSSL PRNG so it is
- * correctly seeded by RAND_poll().
- */
-
-static int drbg_rand_add(DRBG_CTX *ctx, const void *in, int inlen,
-                         double entropy)
-{
-    RAND_SSLeay()->add(in, inlen, entropy);
-    return 1;
-}
-
-static int drbg_rand_seed(DRBG_CTX *ctx, const void *in, int inlen)
-{
-    RAND_SSLeay()->seed(in, inlen);
-    return 1;
-}
-
-# ifndef OPENSSL_DRBG_DEFAULT_TYPE
-#  define OPENSSL_DRBG_DEFAULT_TYPE       NID_aes_256_ctr
-# endif
-# ifndef OPENSSL_DRBG_DEFAULT_FLAGS
-#  define OPENSSL_DRBG_DEFAULT_FLAGS      DRBG_FLAG_CTR_USE_DF
-# endif
-
-static int fips_drbg_type = OPENSSL_DRBG_DEFAULT_TYPE;
-static int fips_drbg_flags = OPENSSL_DRBG_DEFAULT_FLAGS;
-
-void RAND_set_fips_drbg_type(int type, int flags)
-{
-    fips_drbg_type = type;
-    fips_drbg_flags = flags;
-}
-
-int RAND_init_fips(void)
-{
-    DRBG_CTX *dctx;
-    size_t plen;
-    unsigned char pers[32], *p;
-# ifndef OPENSSL_ALLOW_DUAL_EC_DRBG
-    if (fips_drbg_type >> 16) {
-        RANDerr(RAND_F_RAND_INIT_FIPS, RAND_R_DUAL_EC_DRBG_DISABLED);
-        return 0;
-    }
-# endif
-
-    dctx = FIPS_get_default_drbg();
-    if (FIPS_drbg_init(dctx, fips_drbg_type, fips_drbg_flags) <= 0) {
-        RANDerr(RAND_F_RAND_INIT_FIPS, RAND_R_ERROR_INITIALISING_DRBG);
-        return 0;
-    }
-
-    FIPS_drbg_set_callbacks(dctx,
-                            drbg_get_entropy, drbg_free_entropy, 20,
-                            drbg_get_entropy, drbg_free_entropy);
-    FIPS_drbg_set_rand_callbacks(dctx, drbg_get_adin, 0,
-                                 drbg_rand_seed, drbg_rand_add);
-    /* Personalisation string: a string followed by date time vector */
-    strcpy((char *)pers, "OpenSSL DRBG2.0");
-    plen = drbg_get_adin(dctx, &p);
-    memcpy(pers + 16, p, plen);
-
-    if (FIPS_drbg_instantiate(dctx, pers, sizeof(pers)) <= 0) {
-        RANDerr(RAND_F_RAND_INIT_FIPS, RAND_R_ERROR_INSTANTIATING_DRBG);
-        return 0;
-    }
-    FIPS_rand_set_method(FIPS_drbg_method());
-    return 1;
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/rand/rand_nw.c b/thirdparty/openssl/crypto/rand/rand_nw.c
deleted file mode 100644
index 55ffe9ad51..0000000000
--- a/thirdparty/openssl/crypto/rand/rand_nw.c
+++ /dev/null
@@ -1,179 +0,0 @@
-/* crypto/rand/rand_nw.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include "rand_lcl.h"
-
-#if defined (OPENSSL_SYS_NETWARE)
-
-# if defined(NETWARE_LIBC)
-#  include <nks/thread.h>
-# else
-#  include <nwthread.h>
-# endif
-
-extern int GetProcessSwitchCount(void);
-# if !defined(NETWARE_LIBC) || (CURRENT_NDK_THRESHOLD < 509220000)
-extern void *RunningProcess;    /* declare here same as found in newer NDKs */
-extern unsigned long GetSuperHighResolutionTimer(void);
-# endif
-
-   /*
-    * the FAQ indicates we need to provide at least 20 bytes (160 bits) of
-    * seed
-    */
-int RAND_poll(void)
-{
-    unsigned long l;
-    unsigned long tsc;
-    int i;
-
-    /*
-     * There are several options to gather miscellaneous data but for now we
-     * will loop checking the time stamp counter (rdtsc) and the
-     * SuperHighResolutionTimer.  Each iteration will collect 8 bytes of data
-     * but it is treated as only 1 byte of entropy.  The call to
-     * ThreadSwitchWithDelay() will introduce additional variability into the
-     * data returned by rdtsc. Applications can agument the seed material by
-     * adding additional stuff with RAND_add() and should probably do so.
-     */
-    l = GetProcessSwitchCount();
-    RAND_add(&l, sizeof(l), 1);
-
-    /* need to cast the void* to unsigned long here */
-    l = (unsigned long)RunningProcess;
-    RAND_add(&l, sizeof(l), 1);
-
-    for (i = 2; i < ENTROPY_NEEDED; i++) {
-# ifdef __MWERKS__
-        asm {
-        rdtsc mov tsc, eax}
-# elif defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-        asm volatile ("rdtsc":"=a" (tsc)::"edx");
-# endif
-
-        RAND_add(&tsc, sizeof(tsc), 1);
-
-        l = GetSuperHighResolutionTimer();
-        RAND_add(&l, sizeof(l), 0);
-
-# if defined(NETWARE_LIBC)
-        NXThreadYield();
-# else                          /* NETWARE_CLIB */
-        ThreadSwitchWithDelay();
-# endif
-    }
-
-    return 1;
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/rand/rand_os2.c b/thirdparty/openssl/crypto/rand/rand_os2.c
deleted file mode 100644
index 706ab1e817..0000000000
--- a/thirdparty/openssl/crypto/rand/rand_os2.c
+++ /dev/null
@@ -1,170 +0,0 @@
-/* crypto/rand/rand_os2.c */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include "rand_lcl.h"
-
-#ifdef OPENSSL_SYS_OS2
-
-# define INCL_DOSPROCESS
-# define INCL_DOSPROFILE
-# define INCL_DOSMISC
-# define INCL_DOSMODULEMGR
-# include <os2.h>
-
-# define   CMD_KI_RDCNT    (0x63)
-
-typedef struct _CPUUTIL {
-    ULONG ulTimeLow;            /* Low 32 bits of time stamp */
-    ULONG ulTimeHigh;           /* High 32 bits of time stamp */
-    ULONG ulIdleLow;            /* Low 32 bits of idle time */
-    ULONG ulIdleHigh;           /* High 32 bits of idle time */
-    ULONG ulBusyLow;            /* Low 32 bits of busy time */
-    ULONG ulBusyHigh;           /* High 32 bits of busy time */
-    ULONG ulIntrLow;            /* Low 32 bits of interrupt time */
-    ULONG ulIntrHigh;           /* High 32 bits of interrupt time */
-} CPUUTIL;
-
-# ifndef __KLIBC__
-APIRET APIENTRY(*DosPerfSysCall) (ULONG ulCommand, ULONG ulParm1,
-                                  ULONG ulParm2, ULONG ulParm3) = NULL;
-APIRET APIENTRY(*DosQuerySysState) (ULONG func, ULONG arg1, ULONG pid,
-                                    ULONG _res_, PVOID buf, ULONG bufsz) =
-    NULL;
-# endif
-HMODULE hDoscalls = 0;
-
-int RAND_poll(void)
-{
-    char failed_module[20];
-    QWORD qwTime;
-    ULONG SysVars[QSV_FOREGROUND_PROCESS];
-
-    if (hDoscalls == 0) {
-        ULONG rc =
-            DosLoadModule(failed_module, sizeof(failed_module), "DOSCALLS",
-                          &hDoscalls);
-
-# ifndef __KLIBC__
-        if (rc == 0) {
-            rc = DosQueryProcAddr(hDoscalls, 976, NULL,
-                                  (PFN *) & DosPerfSysCall);
-
-            if (rc)
-                DosPerfSysCall = NULL;
-
-            rc = DosQueryProcAddr(hDoscalls, 368, NULL,
-                                  (PFN *) & DosQuerySysState);
-
-            if (rc)
-                DosQuerySysState = NULL;
-        }
-# endif
-    }
-
-    /* Sample the hi-res timer, runs at around 1.1 MHz */
-    DosTmrQueryTime(&qwTime);
-    RAND_add(&qwTime, sizeof(qwTime), 2);
-
-    /*
-     * Sample a bunch of system variables, includes various process & memory
-     * statistics
-     */
-    DosQuerySysInfo(1, QSV_FOREGROUND_PROCESS, SysVars, sizeof(SysVars));
-    RAND_add(SysVars, sizeof(SysVars), 4);
-
-    /*
-     * If available, sample CPU registers that count at CPU MHz Only fairly
-     * new CPUs (PPro & K6 onwards) & OS/2 versions support this
-     */
-    if (DosPerfSysCall) {
-        CPUUTIL util;
-
-        if (DosPerfSysCall(CMD_KI_RDCNT, (ULONG) & util, 0, 0) == 0) {
-            RAND_add(&util, sizeof(util), 10);
-        } else {
-# ifndef __KLIBC__
-            DosPerfSysCall = NULL;
-# endif
-        }
-    }
-
-    /*
-     * DosQuerySysState() gives us a huge quantity of process, thread, memory
-     * & handle stats
-     */
-    if (DosQuerySysState) {
-        char *buffer = OPENSSL_malloc(256 * 1024);
-
-        if (!buffer)
-            return 0;
-
-        if (DosQuerySysState(0x1F, 0, 0, 0, buffer, 256 * 1024) == 0) {
-            /*
-             * First 4 bytes in buffer is a pointer to the thread count there
-             * should be at least 1 byte of entropy per thread
-             */
-            RAND_add(buffer, 256 * 1024, **(ULONG **) buffer);
-        }
-
-        OPENSSL_free(buffer);
-        return 1;
-    }
-
-    return 0;
-}
-
-#endif                          /* OPENSSL_SYS_OS2 */
diff --git a/thirdparty/openssl/crypto/rand/rand_unix.c b/thirdparty/openssl/crypto/rand/rand_unix.c
deleted file mode 100644
index 6c5b65da00..0000000000
--- a/thirdparty/openssl/crypto/rand/rand_unix.c
+++ /dev/null
@@ -1,447 +0,0 @@
-/* crypto/rand/rand_unix.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <stdio.h>
-
-#define USE_SOCKETS
-#include "e_os.h"
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include "rand_lcl.h"
-
-#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE))
-
-# include <sys/types.h>
-# include <sys/time.h>
-# include <sys/times.h>
-# include <sys/stat.h>
-# include <fcntl.h>
-# include <unistd.h>
-# include <time.h>
-# if defined(OPENSSL_SYS_LINUX) /* should actually be available virtually
-                                 * everywhere */
-#  include <poll.h>
-# endif
-# include <limits.h>
-# ifndef FD_SETSIZE
-#  define FD_SETSIZE (8*sizeof(fd_set))
-# endif
-
-# if defined(OPENSSL_SYS_VOS)
-
-/*
- * The following algorithm repeatedly samples the real-time clock (RTC) to
- * generate a sequence of unpredictable data.  The algorithm relies upon the
- * uneven execution speed of the code (due to factors such as cache misses,
- * interrupts, bus activity, and scheduling) and upon the rather large
- * relative difference between the speed of the clock and the rate at which
- * it can be read.
- *
- * If this code is ported to an environment where execution speed is more
- * constant or where the RTC ticks at a much slower rate, or the clock can be
- * read with fewer instructions, it is likely that the results would be far
- * more predictable.
- *
- * As a precaution, we generate 4 times the minimum required amount of seed
- * data.
- */
-
-int RAND_poll(void)
-{
-    short int code;
-    gid_t curr_gid;
-    pid_t curr_pid;
-    uid_t curr_uid;
-    int i, k;
-    struct timespec ts;
-    unsigned char v;
-
-#  ifdef OPENSSL_SYS_VOS_HPPA
-    long duration;
-    extern void s$sleep(long *_duration, short int *_code);
-#  else
-#   ifdef OPENSSL_SYS_VOS_IA32
-    long long duration;
-    extern void s$sleep2(long long *_duration, short int *_code);
-#   else
-#    error "Unsupported Platform."
-#   endif                       /* OPENSSL_SYS_VOS_IA32 */
-#  endif                        /* OPENSSL_SYS_VOS_HPPA */
-
-    /*
-     * Seed with the gid, pid, and uid, to ensure *some* variation between
-     * different processes.
-     */
-
-    curr_gid = getgid();
-    RAND_add(&curr_gid, sizeof curr_gid, 1);
-    curr_gid = 0;
-
-    curr_pid = getpid();
-    RAND_add(&curr_pid, sizeof curr_pid, 1);
-    curr_pid = 0;
-
-    curr_uid = getuid();
-    RAND_add(&curr_uid, sizeof curr_uid, 1);
-    curr_uid = 0;
-
-    for (i = 0; i < (ENTROPY_NEEDED * 4); i++) {
-        /*
-         * burn some cpu; hope for interrupts, cache collisions, bus
-         * interference, etc.
-         */
-        for (k = 0; k < 99; k++)
-            ts.tv_nsec = random();
-
-#  ifdef OPENSSL_SYS_VOS_HPPA
-        /* sleep for 1/1024 of a second (976 us).  */
-        duration = 1;
-        s$sleep(&duration, &code);
-#  else
-#   ifdef OPENSSL_SYS_VOS_IA32
-        /* sleep for 1/65536 of a second (15 us).  */
-        duration = 1;
-        s$sleep2(&duration, &code);
-#   endif                       /* OPENSSL_SYS_VOS_IA32 */
-#  endif                        /* OPENSSL_SYS_VOS_HPPA */
-
-        /* get wall clock time.  */
-        clock_gettime(CLOCK_REALTIME, &ts);
-
-        /* take 8 bits */
-        v = (unsigned char)(ts.tv_nsec % 256);
-        RAND_add(&v, sizeof v, 1);
-        v = 0;
-    }
-    return 1;
-}
-# elif defined __OpenBSD__
-int RAND_poll(void)
-{
-    u_int32_t rnd = 0, i;
-    unsigned char buf[ENTROPY_NEEDED];
-
-    for (i = 0; i < sizeof(buf); i++) {
-        if (i % 4 == 0)
-            rnd = arc4random();
-        buf[i] = rnd;
-        rnd >>= 8;
-    }
-    RAND_add(buf, sizeof(buf), ENTROPY_NEEDED);
-    OPENSSL_cleanse(buf, sizeof(buf));
-
-    return 1;
-}
-# else                          /* !defined(__OpenBSD__) */
-int RAND_poll(void)
-{
-    unsigned long l;
-    pid_t curr_pid = getpid();
-#  if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
-    unsigned char tmpbuf[ENTROPY_NEEDED];
-    int n = 0;
-#  endif
-#  ifdef DEVRANDOM
-    static const char *randomfiles[] = { DEVRANDOM };
-    struct stat randomstats[sizeof(randomfiles) / sizeof(randomfiles[0])];
-    int fd;
-    unsigned int i;
-#  endif
-#  ifdef DEVRANDOM_EGD
-    static const char *egdsockets[] = { DEVRANDOM_EGD, NULL };
-    const char **egdsocket = NULL;
-#  endif
-
-#  ifdef DEVRANDOM
-    memset(randomstats, 0, sizeof(randomstats));
-    /*
-     * Use a random entropy pool device. Linux, FreeBSD and OpenBSD have
-     * this. Use /dev/urandom if you can as /dev/random may block if it runs
-     * out of random entries.
-     */
-
-    for (i = 0; (i < sizeof(randomfiles) / sizeof(randomfiles[0])) &&
-         (n < ENTROPY_NEEDED); i++) {
-        if ((fd = open(randomfiles[i], O_RDONLY
-#   ifdef O_NONBLOCK
-                       | O_NONBLOCK
-#   endif
-#   ifdef O_BINARY
-                       | O_BINARY
-#   endif
-#   ifdef O_NOCTTY              /* If it happens to be a TTY (god forbid), do
-                                 * not make it our controlling tty */
-                       | O_NOCTTY
-#   endif
-             )) >= 0) {
-            int usec = 10 * 1000; /* spend 10ms on each file */
-            int r;
-            unsigned int j;
-            struct stat *st = &randomstats[i];
-
-            /*
-             * Avoid using same input... Used to be O_NOFOLLOW above, but
-             * it's not universally appropriate...
-             */
-            if (fstat(fd, st) != 0) {
-                close(fd);
-                continue;
-            }
-            for (j = 0; j < i; j++) {
-                if (randomstats[j].st_ino == st->st_ino &&
-                    randomstats[j].st_dev == st->st_dev)
-                    break;
-            }
-            if (j < i) {
-                close(fd);
-                continue;
-            }
-
-            do {
-                int try_read = 0;
-
-#   if defined(OPENSSL_SYS_BEOS_R5)
-                /*
-                 * select() is broken in BeOS R5, so we simply try to read
-                 * something and snooze if we couldn't
-                 */
-                try_read = 1;
-
-#   elif defined(OPENSSL_SYS_LINUX)
-                /* use poll() */
-                struct pollfd pset;
-
-                pset.fd = fd;
-                pset.events = POLLIN;
-                pset.revents = 0;
-
-                if (poll(&pset, 1, usec / 1000) < 0)
-                    usec = 0;
-                else
-                    try_read = (pset.revents & POLLIN) != 0;
-
-#   else
-                /* use select() */
-                fd_set fset;
-                struct timeval t;
-
-                t.tv_sec = 0;
-                t.tv_usec = usec;
-
-                if (FD_SETSIZE > 0 && (unsigned)fd >= FD_SETSIZE) {
-                    /*
-                     * can't use select, so just try to read once anyway
-                     */
-                    try_read = 1;
-                } else {
-                    FD_ZERO(&fset);
-                    FD_SET(fd, &fset);
-
-                    if (select(fd + 1, &fset, NULL, NULL, &t) >= 0) {
-                        usec = t.tv_usec;
-                        if (FD_ISSET(fd, &fset))
-                            try_read = 1;
-                    } else
-                        usec = 0;
-                }
-#   endif
-
-                if (try_read) {
-                    r = read(fd, (unsigned char *)tmpbuf + n,
-                             ENTROPY_NEEDED - n);
-                    if (r > 0)
-                        n += r;
-#   if defined(OPENSSL_SYS_BEOS_R5)
-                    if (r == 0)
-                        snooze(t.tv_usec);
-#   endif
-                } else
-                    r = -1;
-
-                /*
-                 * Some Unixen will update t in select(), some won't.  For
-                 * those who won't, or if we didn't use select() in the first
-                 * place, give up here, otherwise, we will do this once again
-                 * for the remaining time.
-                 */
-                if (usec == 10 * 1000)
-                    usec = 0;
-            }
-            while ((r > 0 ||
-                    (errno == EINTR || errno == EAGAIN)) && usec != 0
-                   && n < ENTROPY_NEEDED);
-
-            close(fd);
-        }
-    }
-#  endif                        /* defined(DEVRANDOM) */
-
-#  ifdef DEVRANDOM_EGD
-    /*
-     * Use an EGD socket to read entropy from an EGD or PRNGD entropy
-     * collecting daemon.
-     */
-
-    for (egdsocket = egdsockets; *egdsocket && n < ENTROPY_NEEDED;
-         egdsocket++) {
-        int r;
-
-        r = RAND_query_egd_bytes(*egdsocket, (unsigned char *)tmpbuf + n,
-                                 ENTROPY_NEEDED - n);
-        if (r > 0)
-            n += r;
-    }
-#  endif                        /* defined(DEVRANDOM_EGD) */
-
-#  if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
-    if (n > 0) {
-        RAND_add(tmpbuf, sizeof tmpbuf, (double)n);
-        OPENSSL_cleanse(tmpbuf, n);
-    }
-#  endif
-
-    /* put in some default random data, we need more than just this */
-    l = curr_pid;
-    RAND_add(&l, sizeof(l), 0.0);
-    l = getuid();
-    RAND_add(&l, sizeof(l), 0.0);
-
-    l = time(NULL);
-    RAND_add(&l, sizeof(l), 0.0);
-
-#  if defined(OPENSSL_SYS_BEOS)
-    {
-        system_info sysInfo;
-        get_system_info(&sysInfo);
-        RAND_add(&sysInfo, sizeof(sysInfo), 0);
-    }
-#  endif
-
-#  if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
-    return 1;
-#  else
-    return 0;
-#  endif
-}
-
-# endif                         /* defined(__OpenBSD__) */
-#endif                          /* !(defined(OPENSSL_SYS_WINDOWS) ||
-                                 * defined(OPENSSL_SYS_WIN32) ||
-                                 * defined(OPENSSL_SYS_VMS) ||
-                                 * defined(OPENSSL_SYS_OS2) ||
-                                 * defined(OPENSSL_SYS_VXWORKS) ||
-                                 * defined(OPENSSL_SYS_NETWARE)) */
-
-#if defined(OPENSSL_SYS_VXWORKS)
-int RAND_poll(void)
-{
-    return 0;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/rand/rand_vms.c b/thirdparty/openssl/crypto/rand/rand_vms.c
deleted file mode 100755
index be4ff4cc87..0000000000
--- a/thirdparty/openssl/crypto/rand/rand_vms.c
+++ /dev/null
@@ -1,180 +0,0 @@
-/* crypto/rand/rand_vms.c */
-/*
- * Written by Richard Levitte <richard@levitte.org> for the OpenSSL project
- * 2000.
- */
-/*
- * Modified by VMS Software, Inc (2016)
- *    Eliminate looping through all processes (performance)
- *    Add additional randomizations using rand() function
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/rand.h>
-#include "rand_lcl.h"
-
-#if defined(OPENSSL_SYS_VMS)
-# include <descrip.h>
-# include <jpidef.h>
-# include <ssdef.h>
-# include <starlet.h>
-# include <efndef>
-# ifdef __DECC
-#  pragma message disable DOLLARID
-# endif
-
-/*
- * Use 32-bit pointers almost everywhere.  Define the type to which to cast a
- * pointer passed to an external function.
- */
-# if __INITIAL_POINTER_SIZE == 64
-#  define PTR_T __void_ptr64
-#  pragma pointer_size save
-#  pragma pointer_size 32
-# else                          /* __INITIAL_POINTER_SIZE == 64 */
-#  define PTR_T void *
-# endif                         /* __INITIAL_POINTER_SIZE == 64 [else] */
-
-static struct items_data_st {
-    short length, code;         /* length is number of bytes */
-} items_data[] = {
-    {4, JPI$_BUFIO},
-    {4, JPI$_CPUTIM},
-    {4, JPI$_DIRIO},
-    {4, JPI$_IMAGECOUNT},
-    {8, JPI$_LAST_LOGIN_I},
-    {8, JPI$_LOGINTIM},
-    {4, JPI$_PAGEFLTS},
-    {4, JPI$_PID},
-    {4, JPI$_PPGCNT},
-    {4, JPI$_WSPEAK},
-    {4, JPI$_FINALEXC},
-    {0, 0}                      /* zero terminated */
-};
-
-int RAND_poll(void)
-{
-
-    /* determine the number of items in the JPI array */
-
-    struct items_data_st item_entry;
-    int item_entry_count = sizeof(items_data)/sizeof(item_entry);
-
-    /* Create the JPI itemlist array to hold item_data content */
-
-    struct {
-        short length, code;
-        int *buffer;
-        int *retlen;
-    } item[item_entry_count], *pitem; /* number of entries in items_data */
-
-    struct items_data_st *pitems_data;
-    pitems_data = items_data;
-    pitem = item;
-    int data_buffer[(item_entry_count*2)+4]; /* 8 bytes per entry max */
-    int iosb[2];
-    int sys_time[2];
-    int *ptr;
-    int i, j ;
-    int tmp_length   = 0;
-    int total_length = 0;
-
-    /* Setup itemlist for GETJPI */
-
-    while (pitems_data->length) {
-        pitem->length = pitems_data->length;
-        pitem->code   = pitems_data->code;
-        pitem->buffer = &data_buffer[total_length];
-        pitem->retlen = 0;
-        /* total_length is in longwords */
-        total_length += pitems_data->length/4;
-        pitems_data++;
-        pitem ++;
-    }
-    pitem->length = pitem->code = 0;
-
-    /* Fill data_buffer with various info bits from this process */
-    /* and twist that data to seed the SSL random number init    */
-
-    if (sys$getjpiw(EFN$C_ENF, NULL, NULL, item, &iosb, 0, 0) == SS$_NORMAL) {
-        for (i = 0; i < total_length; i++) {
-            sys$gettim((struct _generic_64 *)&sys_time[0]);
-            srand(sys_time[0] * data_buffer[0] * data_buffer[1] + i);
-
-            if (i == (total_length - 1)) { /* for JPI$_FINALEXC */
-                ptr = &data_buffer[i];
-                for (j = 0; j < 4; j++) {
-                    data_buffer[i + j] = ptr[j];
-                    /* OK to use rand() just to scramble the seed */
-                    data_buffer[i + j] ^= (sys_time[0] ^ rand());
-                    tmp_length++;
-                }
-            } else {
-                /* OK to use rand() just to scramble the seed */
-                data_buffer[i] ^= (sys_time[0] ^ rand());
-            }
-        }
-
-        total_length += (tmp_length - 1);
-
-        /* size of seed is total_length*4 bytes (64bytes) */
-        RAND_add((PTR_T) data_buffer, total_length*4, total_length * 2);
-    } else {
-        return 0;
-    }
-
-    return 1;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/rand/rand_win.c b/thirdparty/openssl/crypto/rand/rand_win.c
deleted file mode 100644
index cb4093128d..0000000000
--- a/thirdparty/openssl/crypto/rand/rand_win.c
+++ /dev/null
@@ -1,757 +0,0 @@
-/* crypto/rand/rand_win.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include <openssl/rand.h>
-#include "rand_lcl.h"
-
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
-# include <windows.h>
-# ifndef _WIN32_WINNT
-#  define _WIN32_WINNT 0x0400
-# endif
-#ifndef UWP_ENABLED // -- GODOT --
-# include <wincrypt.h>
-# include <tlhelp32.h>
-#endif // -- GODOT --
-
-/*
- * Limit the time spent walking through the heap, processes, threads and
- * modules to a maximum of 1000 miliseconds each, unless CryptoGenRandom
- * failed
- */
-# define MAXDELAY 1000
-
-/*
- * Intel hardware RNG CSP -- available from
- * http://developer.intel.com/design/security/rng/redist_license.htm
- */
-# define PROV_INTEL_SEC 22
-# define INTEL_DEF_PROV L"Intel Hardware Cryptographic Service Provider"
-
-static void readtimer(void);
-static void readscreen(void);
-
-/*
- * It appears like CURSORINFO, PCURSORINFO and LPCURSORINFO are only defined
- * when WINVER is 0x0500 and up, which currently only happens on Win2000.
- * Unfortunately, those are typedefs, so they're a little bit difficult to
- * detect properly.  On the other hand, the macro CURSOR_SHOWING is defined
- * within the same conditional, so it can be use to detect the absence of
- * said typedefs.
- */
-
-# ifndef CURSOR_SHOWING
-/*
- * Information about the global cursor.
- */
-typedef struct tagCURSORINFO {
-    DWORD cbSize;
-    DWORD flags;
-    HCURSOR hCursor;
-    POINT ptScreenPos;
-} CURSORINFO, *PCURSORINFO, *LPCURSORINFO;
-
-#  define CURSOR_SHOWING     0x00000001
-# endif                         /* CURSOR_SHOWING */
-
-# if !defined(OPENSSL_SYS_WINCE) && !defined(UWP_ENABLED) // -- GODOT --
-typedef BOOL(WINAPI *CRYPTACQUIRECONTEXTW) (HCRYPTPROV *, LPCWSTR, LPCWSTR,
-                                            DWORD, DWORD);
-typedef BOOL(WINAPI *CRYPTGENRANDOM) (HCRYPTPROV, DWORD, BYTE *);
-typedef BOOL(WINAPI *CRYPTRELEASECONTEXT) (HCRYPTPROV, DWORD);
-
-typedef HWND(WINAPI *GETFOREGROUNDWINDOW) (VOID);
-typedef BOOL(WINAPI *GETCURSORINFO) (PCURSORINFO);
-typedef DWORD(WINAPI *GETQUEUESTATUS) (UINT);
-
-typedef HANDLE(WINAPI *CREATETOOLHELP32SNAPSHOT) (DWORD, DWORD);
-typedef BOOL(WINAPI *CLOSETOOLHELP32SNAPSHOT) (HANDLE);
-typedef BOOL(WINAPI *HEAP32FIRST) (LPHEAPENTRY32, DWORD, size_t);
-typedef BOOL(WINAPI *HEAP32NEXT) (LPHEAPENTRY32);
-typedef BOOL(WINAPI *HEAP32LIST) (HANDLE, LPHEAPLIST32);
-typedef BOOL(WINAPI *PROCESS32) (HANDLE, LPPROCESSENTRY32);
-typedef BOOL(WINAPI *THREAD32) (HANDLE, LPTHREADENTRY32);
-typedef BOOL(WINAPI *MODULE32) (HANDLE, LPMODULEENTRY32);
-
-#  include <lmcons.h>
-#  include <lmstats.h>
-#  if 1
-/*
- * The NET API is Unicode only.  It requires the use of the UNICODE macro.
- * When UNICODE is defined LPTSTR becomes LPWSTR.  LMSTR was was added to the
- * Platform SDK to allow the NET API to be used in non-Unicode applications
- * provided that Unicode strings were still used for input.  LMSTR is defined
- * as LPWSTR.
- */
-typedef NET_API_STATUS(NET_API_FUNCTION *NETSTATGET)
- (LPWSTR, LPWSTR, DWORD, DWORD, LPBYTE *);
-typedef NET_API_STATUS(NET_API_FUNCTION *NETFREE) (LPBYTE);
-#  endif                        /* 1 */
-# endif                         /* !OPENSSL_SYS_WINCE */
-
-#if !defined(UWP_ENABLED) // -- GODOT --
-int RAND_poll(void)
-{
-    MEMORYSTATUS m;
-    HCRYPTPROV hProvider = 0;
-    DWORD w;
-    int good = 0;
-
-# if defined(OPENSSL_SYS_WINCE)
-#  if defined(_WIN32_WCE) && _WIN32_WCE>=300
-    /*
-     * Even though MSDN says _WIN32_WCE>=210, it doesn't seem to be available
-     * in commonly available implementations prior 300...
-     */
-    {
-        BYTE buf[64];
-        /* poll the CryptoAPI PRNG */
-        /* The CryptoAPI returns sizeof(buf) bytes of randomness */
-        if (CryptAcquireContextW(&hProvider, NULL, NULL, PROV_RSA_FULL,
-                                 CRYPT_VERIFYCONTEXT)) {
-            if (CryptGenRandom(hProvider, sizeof(buf), buf))
-                RAND_add(buf, sizeof(buf), sizeof(buf));
-            CryptReleaseContext(hProvider, 0);
-        }
-    }
-#  endif
-# else                          /* OPENSSL_SYS_WINCE */
-    /*
-     * None of below libraries are present on Windows CE, which is
-     * why we #ifndef the whole section. This also excuses us from
-     * handling the GetProcAddress issue. The trouble is that in
-     * real Win32 API GetProcAddress is available in ANSI flavor
-     * only. In WinCE on the other hand GetProcAddress is a macro
-     * most commonly defined as GetProcAddressW, which accepts
-     * Unicode argument. If we were to call GetProcAddress under
-     * WinCE, I'd recommend to either redefine GetProcAddress as
-     * GetProcAddressA (there seem to be one in common CE spec) or
-     * implement own shim routine, which would accept ANSI argument
-     * and expand it to Unicode.
-     */
-    {
-        /* load functions dynamically - not available on all systems */
-        HMODULE advapi = LoadLibrary(TEXT("ADVAPI32.DLL"));
-        HMODULE kernel = LoadLibrary(TEXT("KERNEL32.DLL"));
-        HMODULE user = NULL;
-        HMODULE netapi = LoadLibrary(TEXT("NETAPI32.DLL"));
-        CRYPTACQUIRECONTEXTW acquire = NULL;
-        CRYPTGENRANDOM gen = NULL;
-        CRYPTRELEASECONTEXT release = NULL;
-        NETSTATGET netstatget = NULL;
-        NETFREE netfree = NULL;
-        BYTE buf[64];
-
-        if (netapi) {
-            netstatget =
-                (NETSTATGET) GetProcAddress(netapi, "NetStatisticsGet");
-            netfree = (NETFREE) GetProcAddress(netapi, "NetApiBufferFree");
-        }
-
-        if (netstatget && netfree) {
-            LPBYTE outbuf;
-            /*
-             * NetStatisticsGet() is a Unicode only function
-             * STAT_WORKSTATION_0 contains 45 fields and STAT_SERVER_0
-             * contains 17 fields.  We treat each field as a source of one
-             * byte of entropy.
-             */
-
-            if (netstatget(NULL, L"LanmanWorkstation", 0, 0, &outbuf) == 0) {
-                RAND_add(outbuf, sizeof(STAT_WORKSTATION_0), 45);
-                netfree(outbuf);
-            }
-            if (netstatget(NULL, L"LanmanServer", 0, 0, &outbuf) == 0) {
-                RAND_add(outbuf, sizeof(STAT_SERVER_0), 17);
-                netfree(outbuf);
-            }
-        }
-
-        if (netapi)
-            FreeLibrary(netapi);
-
-        /*
-         * It appears like this can cause an exception deep within
-         * ADVAPI32.DLL at random times on Windows 2000.  Reported by Jeffrey
-         * Altman. Only use it on NT.
-         */
-
-        if (advapi) {
-            /*
-             * If it's available, then it's available in both ANSI
-             * and UNICODE flavors even in Win9x, documentation says.
-             * We favor Unicode...
-             */
-            acquire = (CRYPTACQUIRECONTEXTW) GetProcAddress(advapi,
-                                                            "CryptAcquireContextW");
-            gen = (CRYPTGENRANDOM) GetProcAddress(advapi, "CryptGenRandom");
-            release = (CRYPTRELEASECONTEXT) GetProcAddress(advapi,
-                                                           "CryptReleaseContext");
-        }
-
-        if (acquire && gen && release) {
-            /* poll the CryptoAPI PRNG */
-            /* The CryptoAPI returns sizeof(buf) bytes of randomness */
-            if (acquire(&hProvider, NULL, NULL, PROV_RSA_FULL,
-                        CRYPT_VERIFYCONTEXT)) {
-                if (gen(hProvider, sizeof(buf), buf) != 0) {
-                    RAND_add(buf, sizeof(buf), 0);
-                    good = 1;
-#  if 0
-                    printf("randomness from PROV_RSA_FULL\n");
-#  endif
-                }
-                release(hProvider, 0);
-            }
-
-            /* poll the Pentium PRG with CryptoAPI */
-            if (acquire(&hProvider, 0, INTEL_DEF_PROV, PROV_INTEL_SEC, 0)) {
-                if (gen(hProvider, sizeof(buf), buf) != 0) {
-                    RAND_add(buf, sizeof(buf), sizeof(buf));
-                    good = 1;
-#  if 0
-                    printf("randomness from PROV_INTEL_SEC\n");
-#  endif
-                }
-                release(hProvider, 0);
-            }
-        }
-
-        if (advapi)
-            FreeLibrary(advapi);
-
-        if ((!check_winnt() ||
-             !OPENSSL_isservice()) &&
-            (user = LoadLibrary(TEXT("USER32.DLL")))) {
-            GETCURSORINFO cursor;
-            GETFOREGROUNDWINDOW win;
-            GETQUEUESTATUS queue;
-
-            win =
-                (GETFOREGROUNDWINDOW) GetProcAddress(user,
-                                                     "GetForegroundWindow");
-            cursor = (GETCURSORINFO) GetProcAddress(user, "GetCursorInfo");
-            queue = (GETQUEUESTATUS) GetProcAddress(user, "GetQueueStatus");
-
-            if (win) {
-                /* window handle */
-                HWND h = win();
-                RAND_add(&h, sizeof(h), 0);
-            }
-            if (cursor) {
-                /*
-                 * unfortunately, its not safe to call GetCursorInfo() on NT4
-                 * even though it exists in SP3 (or SP6) and higher.
-                 */
-                if (check_winnt() && !check_win_minplat(5))
-                    cursor = 0;
-            }
-            if (cursor) {
-                /* cursor position */
-                /* assume 2 bytes of entropy */
-                CURSORINFO ci;
-                ci.cbSize = sizeof(CURSORINFO);
-                if (cursor(&ci))
-                    RAND_add(&ci, ci.cbSize, 2);
-            }
-
-            if (queue) {
-                /* message queue status */
-                /* assume 1 byte of entropy */
-                w = queue(QS_ALLEVENTS);
-                RAND_add(&w, sizeof(w), 1);
-            }
-
-            FreeLibrary(user);
-        }
-
-        /*-
-         * Toolhelp32 snapshot: enumerate processes, threads, modules and heap
-         * http://msdn.microsoft.com/library/psdk/winbase/toolhelp_5pfd.htm
-         * (Win 9x and 2000 only, not available on NT)
-         *
-         * This seeding method was proposed in Peter Gutmann, Software
-         * Generation of Practically Strong Random Numbers,
-         * http://www.usenix.org/publications/library/proceedings/sec98/gutmann.html
-         * revised version at http://www.cryptoengines.com/~peter/06_random.pdf
-         * (The assignment of entropy estimates below is arbitrary, but based
-         * on Peter's analysis the full poll appears to be safe. Additional
-         * interactive seeding is encouraged.)
-         */
-
-        if (kernel) {
-            CREATETOOLHELP32SNAPSHOT snap;
-            CLOSETOOLHELP32SNAPSHOT close_snap;
-            HANDLE handle;
-
-            HEAP32FIRST heap_first;
-            HEAP32NEXT heap_next;
-            HEAP32LIST heaplist_first, heaplist_next;
-            PROCESS32 process_first, process_next;
-            THREAD32 thread_first, thread_next;
-            MODULE32 module_first, module_next;
-
-            HEAPLIST32 hlist;
-            HEAPENTRY32 hentry;
-            PROCESSENTRY32 p;
-            THREADENTRY32 t;
-            MODULEENTRY32 m;
-            DWORD starttime = 0;
-
-            snap = (CREATETOOLHELP32SNAPSHOT)
-                GetProcAddress(kernel, "CreateToolhelp32Snapshot");
-            close_snap = (CLOSETOOLHELP32SNAPSHOT)
-                GetProcAddress(kernel, "CloseToolhelp32Snapshot");
-            heap_first = (HEAP32FIRST) GetProcAddress(kernel, "Heap32First");
-            heap_next = (HEAP32NEXT) GetProcAddress(kernel, "Heap32Next");
-            heaplist_first =
-                (HEAP32LIST) GetProcAddress(kernel, "Heap32ListFirst");
-            heaplist_next =
-                (HEAP32LIST) GetProcAddress(kernel, "Heap32ListNext");
-            process_first =
-                (PROCESS32) GetProcAddress(kernel, "Process32First");
-            process_next =
-                (PROCESS32) GetProcAddress(kernel, "Process32Next");
-            thread_first = (THREAD32) GetProcAddress(kernel, "Thread32First");
-            thread_next = (THREAD32) GetProcAddress(kernel, "Thread32Next");
-            module_first = (MODULE32) GetProcAddress(kernel, "Module32First");
-            module_next = (MODULE32) GetProcAddress(kernel, "Module32Next");
-
-            if (snap && heap_first && heap_next && heaplist_first &&
-                heaplist_next && process_first && process_next &&
-                thread_first && thread_next && module_first &&
-                module_next && (handle = snap(TH32CS_SNAPALL, 0))
-                != INVALID_HANDLE_VALUE) {
-                /* heap list and heap walking */
-                /*
-                 * HEAPLIST32 contains 3 fields that will change with each
-                 * entry.  Consider each field a source of 1 byte of entropy.
-                 * HEAPENTRY32 contains 5 fields that will change with each
-                 * entry.  Consider each field a source of 1 byte of entropy.
-                 */
-                ZeroMemory(&hlist, sizeof(HEAPLIST32));
-                hlist.dwSize = sizeof(HEAPLIST32);
-                if (good)
-                    starttime = GetTickCount();
-#  ifdef _MSC_VER
-                if (heaplist_first(handle, &hlist)) {
-                    /*
-                     * following discussion on dev ML, exception on WinCE (or
-                     * other Win platform) is theoretically of unknown
-                     * origin; prevent infinite loop here when this
-                     * theoretical case occurs; otherwise cope with the
-                     * expected (MSDN documented) exception-throwing
-                     * behaviour of Heap32Next() on WinCE.
-                     *
-                     * based on patch in original message by Tanguy Fautré
-                     * (2009/03/02) Subject: RAND_poll() and
-                     * CreateToolhelp32Snapshot() stability
-                     */
-                    int ex_cnt_limit = 42;
-                    do {
-                        RAND_add(&hlist, hlist.dwSize, 3);
-                        __try {
-                            ZeroMemory(&hentry, sizeof(HEAPENTRY32));
-                            hentry.dwSize = sizeof(HEAPENTRY32);
-                            if (heap_first(&hentry,
-                                           hlist.th32ProcessID,
-                                           hlist.th32HeapID)) {
-                                int entrycnt = 80;
-                                do
-                                    RAND_add(&hentry, hentry.dwSize, 5);
-                                while (heap_next(&hentry)
-                                       && (!good
-                                           || (GetTickCount() - starttime) <
-                                           MAXDELAY)
-                                       && --entrycnt > 0);
-                            }
-                        }
-                        __except(EXCEPTION_EXECUTE_HANDLER) {
-                            /*
-                             * ignore access violations when walking the heap
-                             * list
-                             */
-                            ex_cnt_limit--;
-                        }
-                    } while (heaplist_next(handle, &hlist)
-                             && (!good
-                                 || (GetTickCount() - starttime) < MAXDELAY)
-                             && ex_cnt_limit > 0);
-                }
-#  else
-                if (heaplist_first(handle, &hlist)) {
-                    do {
-                        RAND_add(&hlist, hlist.dwSize, 3);
-                        hentry.dwSize = sizeof(HEAPENTRY32);
-                        if (heap_first(&hentry,
-                                       hlist.th32ProcessID,
-                                       hlist.th32HeapID)) {
-                            int entrycnt = 80;
-                            do
-                                RAND_add(&hentry, hentry.dwSize, 5);
-                            while (heap_next(&hentry)
-                                   && --entrycnt > 0);
-                        }
-                    } while (heaplist_next(handle, &hlist)
-                             && (!good
-                                 || (GetTickCount() - starttime) < MAXDELAY));
-                }
-#  endif
-
-                /* process walking */
-                /*
-                 * PROCESSENTRY32 contains 9 fields that will change with
-                 * each entry.  Consider each field a source of 1 byte of
-                 * entropy.
-                 */
-                p.dwSize = sizeof(PROCESSENTRY32);
-
-                if (good)
-                    starttime = GetTickCount();
-                if (process_first(handle, &p))
-                    do
-                        RAND_add(&p, p.dwSize, 9);
-                    while (process_next(handle, &p)
-                           && (!good
-                               || (GetTickCount() - starttime) < MAXDELAY));
-
-                /* thread walking */
-                /*
-                 * THREADENTRY32 contains 6 fields that will change with each
-                 * entry.  Consider each field a source of 1 byte of entropy.
-                 */
-                t.dwSize = sizeof(THREADENTRY32);
-                if (good)
-                    starttime = GetTickCount();
-                if (thread_first(handle, &t))
-                    do
-                        RAND_add(&t, t.dwSize, 6);
-                    while (thread_next(handle, &t)
-                           && (!good
-                               || (GetTickCount() - starttime) < MAXDELAY));
-
-                /* module walking */
-                /*
-                 * MODULEENTRY32 contains 9 fields that will change with each
-                 * entry.  Consider each field a source of 1 byte of entropy.
-                 */
-                m.dwSize = sizeof(MODULEENTRY32);
-                if (good)
-                    starttime = GetTickCount();
-                if (module_first(handle, &m))
-                    do
-                        RAND_add(&m, m.dwSize, 9);
-                    while (module_next(handle, &m)
-                           && (!good
-                               || (GetTickCount() - starttime) < MAXDELAY));
-                if (close_snap)
-                    close_snap(handle);
-                else
-                    CloseHandle(handle);
-
-            }
-
-            FreeLibrary(kernel);
-        }
-    }
-# endif                         /* !OPENSSL_SYS_WINCE */
-
-    /* timer data */
-    readtimer();
-
-    /* memory usage statistics */
-    GlobalMemoryStatus(&m);
-    RAND_add(&m, sizeof(m), 1);
-
-    /* process ID */
-    w = GetCurrentProcessId();
-    RAND_add(&w, sizeof(w), 1);
-
-# if 0
-    printf("Exiting RAND_poll\n");
-# endif
-
-    return (1);
-}
-
-#endif // UWP_ENABLED // -- GODOT --
-
-int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam)
-{
-    double add_entropy = 0;
-
-    switch (iMsg) {
-    case WM_KEYDOWN:
-        {
-            static WPARAM key;
-            if (key != wParam)
-                add_entropy = 0.05;
-            key = wParam;
-        }
-        break;
-    case WM_MOUSEMOVE:
-        {
-            static int lastx, lasty, lastdx, lastdy;
-            int x, y, dx, dy;
-
-            x = LOWORD(lParam);
-            y = HIWORD(lParam);
-            dx = lastx - x;
-            dy = lasty - y;
-            if (dx != 0 && dy != 0 && dx - lastdx != 0 && dy - lastdy != 0)
-                add_entropy = .2;
-            lastx = x, lasty = y;
-            lastdx = dx, lastdy = dy;
-        }
-        break;
-    }
-
-    readtimer();
-    RAND_add(&iMsg, sizeof(iMsg), add_entropy);
-    RAND_add(&wParam, sizeof(wParam), 0);
-    RAND_add(&lParam, sizeof(lParam), 0);
-
-    return (RAND_status());
-}
-
-void RAND_screen(void)
-{                               /* function available for backward
-                                 * compatibility */
-    RAND_poll();
-    readscreen();
-}
-
-/* feed timing information to the PRNG */
-static void readtimer(void)
-{
-    DWORD w;
-    LARGE_INTEGER l;
-    static int have_perfc = 1;
-# if defined(_MSC_VER) && defined(_M_X86)
-    static int have_tsc = 1;
-    DWORD cyclecount;
-
-    if (have_tsc) {
-        __try {
-            __asm {
-            _emit 0x0f _emit 0x31 mov cyclecount, eax}
-            RAND_add(&cyclecount, sizeof(cyclecount), 1);
-        }
-        __except(EXCEPTION_EXECUTE_HANDLER) {
-            have_tsc = 0;
-        }
-    }
-# else
-#  define have_tsc 0
-# endif
-
-    if (have_perfc) {
-        if (QueryPerformanceCounter(&l) == 0)
-            have_perfc = 0;
-        else
-            RAND_add(&l, sizeof(l), 0);
-    }
-
-    if (!have_tsc && !have_perfc) {
-        w = GetTickCount();
-        RAND_add(&w, sizeof(w), 0);
-    }
-}
-
-/* feed screen contents to PRNG */
-/*****************************************************************************
- *
- * Created 960901 by Gertjan van Oosten, gertjan@West.NL, West Consulting B.V.
- *
- * Code adapted from
- * <URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];97193>;
- * the original copyright message is:
- *
- *   (C) Copyright Microsoft Corp. 1993.  All rights reserved.
- *
- *   You have a royalty-free right to use, modify, reproduce and
- *   distribute the Sample Files (and/or any modified version) in
- *   any way you find useful, provided that you agree that
- *   Microsoft has no warranty obligations or liability for any
- *   Sample Application Files which are modified.
- */
-
-static void readscreen(void)
-{
-# if !defined(OPENSSL_SYS_WINCE) && !defined(OPENSSL_SYS_WIN32_CYGWIN) && !defined(UWP_ENABLED) // -- GODOT --
-    HDC hScrDC;                 /* screen DC */
-    HBITMAP hBitmap;            /* handle for our bitmap */
-    BITMAP bm;                  /* bitmap properties */
-    unsigned int size;          /* size of bitmap */
-    char *bmbits;               /* contents of bitmap */
-    int w;                      /* screen width */
-    int h;                      /* screen height */
-    int y;                      /* y-coordinate of screen lines to grab */
-    int n = 16;                 /* number of screen lines to grab at a time */
-    BITMAPINFOHEADER bi;        /* info about the bitmap */
-
-    if (check_winnt() && OPENSSL_isservice() > 0)
-        return;
-
-    /* Get a reference to the screen DC */
-    hScrDC = GetDC(NULL);
-
-    /* Get screen resolution */
-    w = GetDeviceCaps(hScrDC, HORZRES);
-    h = GetDeviceCaps(hScrDC, VERTRES);
-
-    /* Create a bitmap compatible with the screen DC */
-    hBitmap = CreateCompatibleBitmap(hScrDC, w, n);
-
-    /* Get bitmap properties */
-    GetObject(hBitmap, sizeof(BITMAP), (LPSTR) & bm);
-    size = (unsigned int)bm.bmWidthBytes * bm.bmHeight * bm.bmPlanes;
-
-    bi.biSize = sizeof(BITMAPINFOHEADER);
-    bi.biWidth = bm.bmWidth;
-    bi.biHeight = bm.bmHeight;
-    bi.biPlanes = bm.bmPlanes;
-    bi.biBitCount = bm.bmBitsPixel;
-    bi.biCompression = BI_RGB;
-    bi.biSizeImage = 0;
-    bi.biXPelsPerMeter = 0;
-    bi.biYPelsPerMeter = 0;
-    bi.biClrUsed = 0;
-    bi.biClrImportant = 0;
-
-    bmbits = OPENSSL_malloc(size);
-    if (bmbits) {
-        /* Now go through the whole screen, repeatedly grabbing n lines */
-        for (y = 0; y < h - n; y += n) {
-            unsigned char md[MD_DIGEST_LENGTH];
-
-            /* Copy the bits of the current line range into the buffer */
-            GetDIBits(hScrDC, hBitmap, y, n,
-                      bmbits, (BITMAPINFO *) & bi, DIB_RGB_COLORS);
-
-            /* Get the hash of the bitmap */
-            MD(bmbits, size, md);
-
-            /* Seed the random generator with the hash value */
-            RAND_add(md, MD_DIGEST_LENGTH, 0);
-        }
-
-        OPENSSL_free(bmbits);
-    }
-
-    /* Clean up */
-    DeleteObject(hBitmap);
-    ReleaseDC(NULL, hScrDC);
-# endif                         /* !OPENSSL_SYS_WINCE */
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/rand/randfile.c b/thirdparty/openssl/crypto/rand/randfile.c
deleted file mode 100644
index 728fd0a721..0000000000
--- a/thirdparty/openssl/crypto/rand/randfile.c
+++ /dev/null
@@ -1,372 +0,0 @@
-/* crypto/rand/randfile.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "e_os.h"
-#include <openssl/crypto.h>
-#include <openssl/rand.h>
-#include <openssl/buffer.h>
-
-#ifdef OPENSSL_SYS_VMS
-# include <unixio.h>
-#endif
-#ifndef NO_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#ifndef OPENSSL_NO_POSIX_IO
-# include <sys/stat.h>
-# include <fcntl.h>
-/*
- * Following should not be needed, and we could have been stricter
- * and demand S_IS*. But some systems just don't comply... Formally
- * below macros are "anatomically incorrect", because normally they
- * would look like ((m) & MASK == TYPE), but since MASK availability
- * is as questionable, we settle for this poor-man fallback...
- */
-# if !defined(S_ISBLK)
-#  if defined(_S_IFBLK)
-#   define S_ISBLK(m) ((m) & _S_IFBLK)
-#  elif defined(S_IFBLK)
-#   define S_ISBLK(m) ((m) & S_IFBLK)
-#  elif defined(_WIN32)
-#   define S_ISBLK(m) 0 /* no concept of block devices on Windows */
-#  endif
-# endif
-# if !defined(S_ISCHR)
-#  if defined(_S_IFCHR)
-#   define S_ISCHR(m) ((m) & _S_IFCHR)
-#  elif defined(S_IFCHR)
-#   define S_ISCHR(m) ((m) & S_IFCHR)
-#  endif
-# endif
-#endif
-
-#ifdef _WIN32
-# define stat    _stat
-# define chmod   _chmod
-# define open    _open
-# define fdopen  _fdopen
-#endif
-
-#undef BUFSIZE
-#define BUFSIZE 1024
-#define RAND_DATA 1024
-
-#if (defined(OPENSSL_SYS_VMS) && (defined(__alpha) || defined(__ia64)))
-/*
- * This declaration is a nasty hack to get around vms' extension to fopen for
- * passing in sharing options being disabled by our /STANDARD=ANSI89
- */
-static FILE *(*const vms_fopen)(const char *, const char *, ...) =
-    (FILE *(*)(const char *, const char *, ...))fopen;
-# define VMS_OPEN_ATTRS "shr=get,put,upd,del","ctx=bin,stm","rfm=stm","rat=none","mrs=0"
-#endif
-
-/* #define RFILE ".rnd" - defined in ../../e_os.h */
-
-/*
- * Note that these functions are intended for seed files only. Entropy
- * devices and EGD sockets are handled in rand_unix.c
- */
-
-int RAND_load_file(const char *file, long bytes)
-{
-    /*-
-     * If bytes >= 0, read up to 'bytes' bytes.
-     * if bytes == -1, read complete file.
-     */
-
-    MS_STATIC unsigned char buf[BUFSIZE];
-#ifndef OPENSSL_NO_POSIX_IO
-    struct stat sb;
-#endif
-    int i, ret = 0, n;
-/*
- * If setvbuf() is to be called, then the FILE pointer
- * to it must be 32 bit.
-*/
-
-#if !defined OPENSSL_NO_SETVBUF_IONBF && defined(OPENSSL_SYS_VMS) && defined(__VMS_VER) && (__VMS_VER >= 70000000)
-    /* For 64-bit-->32 bit API Support*/
-#if __INITIAL_POINTER_SIZE == 64
-#pragma __required_pointer_size __save
-#pragma __required_pointer_size 32
-#endif
-    FILE *in; /* setvbuf() requires 32-bit pointers */
-#if __INITIAL_POINTER_SIZE == 64
-#pragma __required_pointer_size __restore
-#endif
-#else
-    FILE *in;
-#endif /* OPENSSL_SYS_VMS */
-
-    if (file == NULL)
-        return (0);
-
-#ifndef OPENSSL_NO_POSIX_IO
-# ifdef PURIFY
-    /*
-     * struct stat can have padding and unused fields that may not be
-     * initialized in the call to stat(). We need to clear the entire
-     * structure before calling RAND_add() to avoid complaints from
-     * applications such as Valgrind.
-     */
-    memset(&sb, 0, sizeof(sb));
-# endif
-    if (stat(file, &sb) < 0)
-        return (0);
-    RAND_add(&sb, sizeof(sb), 0.0);
-#endif
-    if (bytes == 0)
-        return (ret);
-
-#ifdef OPENSSL_SYS_VMS
-    in = vms_fopen(file, "rb", VMS_OPEN_ATTRS);
-#else
-    in = fopen(file, "rb");
-#endif
-    if (in == NULL)
-        goto err;
-#if defined(S_ISBLK) && defined(S_ISCHR) && !defined(OPENSSL_NO_POSIX_IO)
-    if (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode)) {
-        /*
-         * this file is a device. we don't want read an infinite number of
-         * bytes from a random device, nor do we want to use buffered I/O
-         * because we will waste system entropy.
-         */
-        bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */
-# ifndef OPENSSL_NO_SETVBUF_IONBF
-        setvbuf(in, NULL, _IONBF, 0); /* don't do buffered reads */
-# endif                         /* ndef OPENSSL_NO_SETVBUF_IONBF */
-    }
-#endif
-    for (;;) {
-        if (bytes > 0)
-            n = (bytes < BUFSIZE) ? (int)bytes : BUFSIZE;
-        else
-            n = BUFSIZE;
-        i = fread(buf, 1, n, in);
-        if (i <= 0)
-            break;
-#ifdef PURIFY
-        RAND_add(buf, i, (double)i);
-#else
-        /* even if n != i, use the full array */
-        RAND_add(buf, n, (double)i);
-#endif
-        ret += i;
-        if (bytes > 0) {
-            bytes -= n;
-            if (bytes <= 0)
-                break;
-        }
-    }
-    fclose(in);
-    OPENSSL_cleanse(buf, BUFSIZE);
- err:
-    return (ret);
-}
-
-int RAND_write_file(const char *file)
-{
-    unsigned char buf[BUFSIZE];
-    int i, ret = 0, rand_err = 0;
-    FILE *out = NULL;
-    int n;
-#ifndef OPENSSL_NO_POSIX_IO
-    struct stat sb;
-
-    i = stat(file, &sb);
-    if (i != -1) {
-# if defined(S_ISBLK) && defined(S_ISCHR)
-        if (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode)) {
-            /*
-             * this file is a device. we don't write back to it. we
-             * "succeed" on the assumption this is some sort of random
-             * device. Otherwise attempting to write to and chmod the device
-             * causes problems.
-             */
-            return (1);
-        }
-# endif
-    }
-#endif
-
-#if defined(O_CREAT) && !defined(OPENSSL_NO_POSIX_IO) && !defined(OPENSSL_SYS_VMS)
-    {
-# ifndef O_BINARY
-#  define O_BINARY 0
-# endif
-        /*
-         * chmod(..., 0600) is too late to protect the file, permissions
-         * should be restrictive from the start
-         */
-        int fd = open(file, O_WRONLY | O_CREAT | O_BINARY, 0600);
-        if (fd != -1)
-            out = fdopen(fd, "wb");
-    }
-#endif
-
-#if (defined(OPENSSL_SYS_VMS) && (defined(__alpha) || defined(__ia64)))
-    /*
-     * VMS NOTE: Prior versions of this routine created a _new_ version of
-     * the rand file for each call into this routine, then deleted all
-     * existing versions named ;-1, and finally renamed the current version
-     * as ';1'. Under concurrent usage, this resulted in an RMS race
-     * condition in rename() which could orphan files (see vms message help
-     * for RMS$_REENT). With the fopen() calls below, openssl/VMS now shares
-     * the top-level version of the rand file. Note that there may still be
-     * conditions where the top-level rand file is locked. If so, this code
-     * will then create a new version of the rand file. Without the delete
-     * and rename code, this can result in ascending file versions that stop
-     * at version 32767, and this routine will then return an error. The
-     * remedy for this is to recode the calling application to avoid
-     * concurrent use of the rand file, or synchronize usage at the
-     * application level. Also consider whether or not you NEED a persistent
-     * rand file in a concurrent use situation.
-     */
-
-    out = vms_fopen(file, "rb+", VMS_OPEN_ATTRS);
-    if (out == NULL)
-        out = vms_fopen(file, "wb", VMS_OPEN_ATTRS);
-#else
-    if (out == NULL)
-        out = fopen(file, "wb");
-#endif
-    if (out == NULL)
-        goto err;
-
-#ifndef NO_CHMOD
-    chmod(file, 0600);
-#endif
-    n = RAND_DATA;
-    for (;;) {
-        i = (n > BUFSIZE) ? BUFSIZE : n;
-        n -= BUFSIZE;
-        if (RAND_bytes(buf, i) <= 0)
-            rand_err = 1;
-        i = fwrite(buf, 1, i, out);
-        if (i <= 0) {
-            ret = 0;
-            break;
-        }
-        ret += i;
-        if (n <= 0)
-            break;
-    }
-
-    fclose(out);
-    OPENSSL_cleanse(buf, BUFSIZE);
- err:
-    return (rand_err ? -1 : ret);
-}
-
-const char *RAND_file_name(char *buf, size_t size)
-{
-    char *s = NULL;
-#ifdef __OpenBSD__
-    struct stat sb;
-#endif
-
-    if (OPENSSL_issetugid() == 0)
-        s = getenv("RANDFILE");
-    if (s != NULL && *s && strlen(s) + 1 < size) {
-        if (BUF_strlcpy(buf, s, size) >= size)
-            return NULL;
-    } else {
-        if (OPENSSL_issetugid() == 0)
-            s = getenv("HOME");
-#ifdef DEFAULT_HOME
-        if (s == NULL) {
-            s = DEFAULT_HOME;
-        }
-#endif
-        if (s && *s && strlen(s) + strlen(RFILE) + 2 < size) {
-            BUF_strlcpy(buf, s, size);
-#ifndef OPENSSL_SYS_VMS
-            BUF_strlcat(buf, "/", size);
-#endif
-            BUF_strlcat(buf, RFILE, size);
-        } else
-            buf[0] = '\0';      /* no file name */
-    }
-
-#ifdef __OpenBSD__
-    /*
-     * given that all random loads just fail if the file can't be seen on a
-     * stat, we stat the file we're returning, if it fails, use /dev/arandom
-     * instead. this allows the user to use their own source for good random
-     * data, but defaults to something hopefully decent if that isn't
-     * available.
-     */
-
-    if (!buf[0])
-        if (BUF_strlcpy(buf, "/dev/arandom", size) >= size) {
-            return (NULL);
-        }
-    if (stat(buf, &sb) == -1)
-        if (BUF_strlcpy(buf, "/dev/arandom", size) >= size) {
-            return (NULL);
-        }
-#endif
-    return (buf);
-}
diff --git a/thirdparty/openssl/crypto/rc2/rc2_cbc.c b/thirdparty/openssl/crypto/rc2/rc2_cbc.c
deleted file mode 100644
index 5eaf01d2e0..0000000000
--- a/thirdparty/openssl/crypto/rc2/rc2_cbc.c
+++ /dev/null
@@ -1,228 +0,0 @@
-/* crypto/rc2/rc2_cbc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc2.h>
-#include "rc2_locl.h"
-
-void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-                     RC2_KEY *ks, unsigned char *iv, int encrypt)
-{
-    register unsigned long tin0, tin1;
-    register unsigned long tout0, tout1, xor0, xor1;
-    register long l = length;
-    unsigned long tin[2];
-
-    if (encrypt) {
-        c2l(iv, tout0);
-        c2l(iv, tout1);
-        iv -= 8;
-        for (l -= 8; l >= 0; l -= 8) {
-            c2l(in, tin0);
-            c2l(in, tin1);
-            tin0 ^= tout0;
-            tin1 ^= tout1;
-            tin[0] = tin0;
-            tin[1] = tin1;
-            RC2_encrypt(tin, ks);
-            tout0 = tin[0];
-            l2c(tout0, out);
-            tout1 = tin[1];
-            l2c(tout1, out);
-        }
-        if (l != -8) {
-            c2ln(in, tin0, tin1, l + 8);
-            tin0 ^= tout0;
-            tin1 ^= tout1;
-            tin[0] = tin0;
-            tin[1] = tin1;
-            RC2_encrypt(tin, ks);
-            tout0 = tin[0];
-            l2c(tout0, out);
-            tout1 = tin[1];
-            l2c(tout1, out);
-        }
-        l2c(tout0, iv);
-        l2c(tout1, iv);
-    } else {
-        c2l(iv, xor0);
-        c2l(iv, xor1);
-        iv -= 8;
-        for (l -= 8; l >= 0; l -= 8) {
-            c2l(in, tin0);
-            tin[0] = tin0;
-            c2l(in, tin1);
-            tin[1] = tin1;
-            RC2_decrypt(tin, ks);
-            tout0 = tin[0] ^ xor0;
-            tout1 = tin[1] ^ xor1;
-            l2c(tout0, out);
-            l2c(tout1, out);
-            xor0 = tin0;
-            xor1 = tin1;
-        }
-        if (l != -8) {
-            c2l(in, tin0);
-            tin[0] = tin0;
-            c2l(in, tin1);
-            tin[1] = tin1;
-            RC2_decrypt(tin, ks);
-            tout0 = tin[0] ^ xor0;
-            tout1 = tin[1] ^ xor1;
-            l2cn(tout0, tout1, out, l + 8);
-            xor0 = tin0;
-            xor1 = tin1;
-        }
-        l2c(xor0, iv);
-        l2c(xor1, iv);
-    }
-    tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
-    tin[0] = tin[1] = 0;
-}
-
-void RC2_encrypt(unsigned long *d, RC2_KEY *key)
-{
-    int i, n;
-    register RC2_INT *p0, *p1;
-    register RC2_INT x0, x1, x2, x3, t;
-    unsigned long l;
-
-    l = d[0];
-    x0 = (RC2_INT) l & 0xffff;
-    x1 = (RC2_INT) (l >> 16L);
-    l = d[1];
-    x2 = (RC2_INT) l & 0xffff;
-    x3 = (RC2_INT) (l >> 16L);
-
-    n = 3;
-    i = 5;
-
-    p0 = p1 = &(key->data[0]);
-    for (;;) {
-        t = (x0 + (x1 & ~x3) + (x2 & x3) + *(p0++)) & 0xffff;
-        x0 = (t << 1) | (t >> 15);
-        t = (x1 + (x2 & ~x0) + (x3 & x0) + *(p0++)) & 0xffff;
-        x1 = (t << 2) | (t >> 14);
-        t = (x2 + (x3 & ~x1) + (x0 & x1) + *(p0++)) & 0xffff;
-        x2 = (t << 3) | (t >> 13);
-        t = (x3 + (x0 & ~x2) + (x1 & x2) + *(p0++)) & 0xffff;
-        x3 = (t << 5) | (t >> 11);
-
-        if (--i == 0) {
-            if (--n == 0)
-                break;
-            i = (n == 2) ? 6 : 5;
-
-            x0 += p1[x3 & 0x3f];
-            x1 += p1[x0 & 0x3f];
-            x2 += p1[x1 & 0x3f];
-            x3 += p1[x2 & 0x3f];
-        }
-    }
-
-    d[0] =
-        (unsigned long)(x0 & 0xffff) | ((unsigned long)(x1 & 0xffff) << 16L);
-    d[1] =
-        (unsigned long)(x2 & 0xffff) | ((unsigned long)(x3 & 0xffff) << 16L);
-}
-
-void RC2_decrypt(unsigned long *d, RC2_KEY *key)
-{
-    int i, n;
-    register RC2_INT *p0, *p1;
-    register RC2_INT x0, x1, x2, x3, t;
-    unsigned long l;
-
-    l = d[0];
-    x0 = (RC2_INT) l & 0xffff;
-    x1 = (RC2_INT) (l >> 16L);
-    l = d[1];
-    x2 = (RC2_INT) l & 0xffff;
-    x3 = (RC2_INT) (l >> 16L);
-
-    n = 3;
-    i = 5;
-
-    p0 = &(key->data[63]);
-    p1 = &(key->data[0]);
-    for (;;) {
-        t = ((x3 << 11) | (x3 >> 5)) & 0xffff;
-        x3 = (t - (x0 & ~x2) - (x1 & x2) - *(p0--)) & 0xffff;
-        t = ((x2 << 13) | (x2 >> 3)) & 0xffff;
-        x2 = (t - (x3 & ~x1) - (x0 & x1) - *(p0--)) & 0xffff;
-        t = ((x1 << 14) | (x1 >> 2)) & 0xffff;
-        x1 = (t - (x2 & ~x0) - (x3 & x0) - *(p0--)) & 0xffff;
-        t = ((x0 << 15) | (x0 >> 1)) & 0xffff;
-        x0 = (t - (x1 & ~x3) - (x2 & x3) - *(p0--)) & 0xffff;
-
-        if (--i == 0) {
-            if (--n == 0)
-                break;
-            i = (n == 2) ? 6 : 5;
-
-            x3 = (x3 - p1[x2 & 0x3f]) & 0xffff;
-            x2 = (x2 - p1[x1 & 0x3f]) & 0xffff;
-            x1 = (x1 - p1[x0 & 0x3f]) & 0xffff;
-            x0 = (x0 - p1[x3 & 0x3f]) & 0xffff;
-        }
-    }
-
-    d[0] =
-        (unsigned long)(x0 & 0xffff) | ((unsigned long)(x1 & 0xffff) << 16L);
-    d[1] =
-        (unsigned long)(x2 & 0xffff) | ((unsigned long)(x3 & 0xffff) << 16L);
-}
diff --git a/thirdparty/openssl/crypto/rc2/rc2_ecb.c b/thirdparty/openssl/crypto/rc2/rc2_ecb.c
deleted file mode 100644
index 48442a3f39..0000000000
--- a/thirdparty/openssl/crypto/rc2/rc2_ecb.c
+++ /dev/null
@@ -1,92 +0,0 @@
-/* crypto/rc2/rc2_ecb.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc2.h>
-#include "rc2_locl.h"
-#include <openssl/opensslv.h>
-
-const char RC2_version[] = "RC2" OPENSSL_VERSION_PTEXT;
-
-/*-
- * RC2 as implemented frm a posting from
- * Newsgroups: sci.crypt
- * Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann)
- * Subject: Specification for Ron Rivests Cipher No.2
- * Message-ID: <4fk39f$f70@net.auckland.ac.nz>
- * Date: 11 Feb 1996 06:45:03 GMT
- */
-
-void RC2_ecb_encrypt(const unsigned char *in, unsigned char *out, RC2_KEY *ks,
-                     int encrypt)
-{
-    unsigned long l, d[2];
-
-    c2l(in, l);
-    d[0] = l;
-    c2l(in, l);
-    d[1] = l;
-    if (encrypt)
-        RC2_encrypt(d, ks);
-    else
-        RC2_decrypt(d, ks);
-    l = d[0];
-    l2c(l, out);
-    l = d[1];
-    l2c(l, out);
-    l = d[0] = d[1] = 0;
-}
diff --git a/thirdparty/openssl/crypto/rc2/rc2_locl.h b/thirdparty/openssl/crypto/rc2/rc2_locl.h
deleted file mode 100644
index e72a20c0ca..0000000000
--- a/thirdparty/openssl/crypto/rc2/rc2_locl.h
+++ /dev/null
@@ -1,155 +0,0 @@
-/* crypto/rc2/rc2_locl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#undef c2l
-#define c2l(c,l)        (l =((unsigned long)(*((c)++)))    , \
-                         l|=((unsigned long)(*((c)++)))<< 8L, \
-                         l|=((unsigned long)(*((c)++)))<<16L, \
-                         l|=((unsigned long)(*((c)++)))<<24L)
-
-/* NOTE - c is not incremented as per c2l */
-#undef c2ln
-#define c2ln(c,l1,l2,n) { \
-                        c+=n; \
-                        l1=l2=0; \
-                        switch (n) { \
-                        case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
-                        case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
-                        case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
-                        case 5: l2|=((unsigned long)(*(--(c))));     \
-                        case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
-                        case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
-                        case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
-                        case 1: l1|=((unsigned long)(*(--(c))));     \
-                                } \
-                        }
-
-#undef l2c
-#define l2c(l,c)        (*((c)++)=(unsigned char)(((l)     )&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#undef l2cn
-#define l2cn(l1,l2,c,n) { \
-                        c+=n; \
-                        switch (n) { \
-                        case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
-                        case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
-                        case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
-                        case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
-                        case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
-                        case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
-                        case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
-                        case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
-                                } \
-                        }
-
-/* NOTE - c is not incremented as per n2l */
-#define n2ln(c,l1,l2,n) { \
-                        c+=n; \
-                        l1=l2=0; \
-                        switch (n) { \
-                        case 8: l2 =((unsigned long)(*(--(c))))    ; \
-                        case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
-                        case 6: l2|=((unsigned long)(*(--(c))))<<16; \
-                        case 5: l2|=((unsigned long)(*(--(c))))<<24; \
-                        case 4: l1 =((unsigned long)(*(--(c))))    ; \
-                        case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
-                        case 2: l1|=((unsigned long)(*(--(c))))<<16; \
-                        case 1: l1|=((unsigned long)(*(--(c))))<<24; \
-                                } \
-                        }
-
-/* NOTE - c is not incremented as per l2n */
-#define l2nn(l1,l2,c,n) { \
-                        c+=n; \
-                        switch (n) { \
-                        case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
-                        case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
-                        case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
-                        case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
-                        case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
-                        case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
-                        case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
-                        case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
-                                } \
-                        }
-
-#undef n2l
-#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
-                         l|=((unsigned long)(*((c)++)))<<16L, \
-                         l|=((unsigned long)(*((c)++)))<< 8L, \
-                         l|=((unsigned long)(*((c)++))))
-
-#undef l2n
-#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)     )&0xff))
-
-#define C_RC2(n) \
-        t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff; \
-        x0=(t<<1)|(t>>15); \
-        t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff; \
-        x1=(t<<2)|(t>>14); \
-        t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff; \
-        x2=(t<<3)|(t>>13); \
-        t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff; \
-        x3=(t<<5)|(t>>11);
diff --git a/thirdparty/openssl/crypto/rc2/rc2_skey.c b/thirdparty/openssl/crypto/rc2/rc2_skey.c
deleted file mode 100644
index bcec0a85d2..0000000000
--- a/thirdparty/openssl/crypto/rc2/rc2_skey.c
+++ /dev/null
@@ -1,157 +0,0 @@
-/* crypto/rc2/rc2_skey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/crypto.h>
-#include <openssl/rc2.h>
-#include "rc2_locl.h"
-
-static const unsigned char key_table[256] = {
-    0xd9, 0x78, 0xf9, 0xc4, 0x19, 0xdd, 0xb5, 0xed, 0x28, 0xe9, 0xfd, 0x79,
-    0x4a, 0xa0, 0xd8, 0x9d, 0xc6, 0x7e, 0x37, 0x83, 0x2b, 0x76, 0x53, 0x8e,
-    0x62, 0x4c, 0x64, 0x88, 0x44, 0x8b, 0xfb, 0xa2, 0x17, 0x9a, 0x59, 0xf5,
-    0x87, 0xb3, 0x4f, 0x13, 0x61, 0x45, 0x6d, 0x8d, 0x09, 0x81, 0x7d, 0x32,
-    0xbd, 0x8f, 0x40, 0xeb, 0x86, 0xb7, 0x7b, 0x0b, 0xf0, 0x95, 0x21, 0x22,
-    0x5c, 0x6b, 0x4e, 0x82, 0x54, 0xd6, 0x65, 0x93, 0xce, 0x60, 0xb2, 0x1c,
-    0x73, 0x56, 0xc0, 0x14, 0xa7, 0x8c, 0xf1, 0xdc, 0x12, 0x75, 0xca, 0x1f,
-    0x3b, 0xbe, 0xe4, 0xd1, 0x42, 0x3d, 0xd4, 0x30, 0xa3, 0x3c, 0xb6, 0x26,
-    0x6f, 0xbf, 0x0e, 0xda, 0x46, 0x69, 0x07, 0x57, 0x27, 0xf2, 0x1d, 0x9b,
-    0xbc, 0x94, 0x43, 0x03, 0xf8, 0x11, 0xc7, 0xf6, 0x90, 0xef, 0x3e, 0xe7,
-    0x06, 0xc3, 0xd5, 0x2f, 0xc8, 0x66, 0x1e, 0xd7, 0x08, 0xe8, 0xea, 0xde,
-    0x80, 0x52, 0xee, 0xf7, 0x84, 0xaa, 0x72, 0xac, 0x35, 0x4d, 0x6a, 0x2a,
-    0x96, 0x1a, 0xd2, 0x71, 0x5a, 0x15, 0x49, 0x74, 0x4b, 0x9f, 0xd0, 0x5e,
-    0x04, 0x18, 0xa4, 0xec, 0xc2, 0xe0, 0x41, 0x6e, 0x0f, 0x51, 0xcb, 0xcc,
-    0x24, 0x91, 0xaf, 0x50, 0xa1, 0xf4, 0x70, 0x39, 0x99, 0x7c, 0x3a, 0x85,
-    0x23, 0xb8, 0xb4, 0x7a, 0xfc, 0x02, 0x36, 0x5b, 0x25, 0x55, 0x97, 0x31,
-    0x2d, 0x5d, 0xfa, 0x98, 0xe3, 0x8a, 0x92, 0xae, 0x05, 0xdf, 0x29, 0x10,
-    0x67, 0x6c, 0xba, 0xc9, 0xd3, 0x00, 0xe6, 0xcf, 0xe1, 0x9e, 0xa8, 0x2c,
-    0x63, 0x16, 0x01, 0x3f, 0x58, 0xe2, 0x89, 0xa9, 0x0d, 0x38, 0x34, 0x1b,
-    0xab, 0x33, 0xff, 0xb0, 0xbb, 0x48, 0x0c, 0x5f, 0xb9, 0xb1, 0xcd, 0x2e,
-    0xc5, 0xf3, 0xdb, 0x47, 0xe5, 0xa5, 0x9c, 0x77, 0x0a, 0xa6, 0x20, 0x68,
-    0xfe, 0x7f, 0xc1, 0xad,
-};
-
-#if defined(_MSC_VER) && defined(_ARM_)
-# pragma optimize("g",off)
-#endif
-
-/*
- * It has come to my attention that there are 2 versions of the RC2 key
- * schedule.  One which is normal, and anther which has a hook to use a
- * reduced key length. BSAFE uses the 'retarded' version.  What I previously
- * shipped is the same as specifying 1024 for the 'bits' parameter.  Bsafe
- * uses a version where the bits parameter is the same as len*8
- */
-void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits)
-#ifdef OPENSSL_FIPS
-{
-    fips_cipher_abort(RC2);
-    private_RC2_set_key(key, len, data, bits);
-}
-
-void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,
-                         int bits)
-#endif
-{
-    int i, j;
-    unsigned char *k;
-    RC2_INT *ki;
-    unsigned int c, d;
-
-    k = (unsigned char *)&(key->data[0]);
-    *k = 0;                     /* for if there is a zero length key */
-
-    if (len > 128)
-        len = 128;
-    if (bits <= 0)
-        bits = 1024;
-    if (bits > 1024)
-        bits = 1024;
-
-    for (i = 0; i < len; i++)
-        k[i] = data[i];
-
-    /* expand table */
-    d = k[len - 1];
-    j = 0;
-    for (i = len; i < 128; i++, j++) {
-        d = key_table[(k[j] + d) & 0xff];
-        k[i] = d;
-    }
-
-    /* hmm.... key reduction to 'bits' bits */
-
-    j = (bits + 7) >> 3;
-    i = 128 - j;
-    c = (0xff >> (-bits & 0x07));
-
-    d = key_table[k[i] & c];
-    k[i] = d;
-    while (i--) {
-        d = key_table[k[i + j] ^ d];
-        k[i] = d;
-    }
-
-    /* copy from bytes into RC2_INT's */
-    ki = &(key->data[63]);
-    for (i = 127; i >= 0; i -= 2)
-        *(ki--) = ((k[i] << 8) | k[i - 1]) & 0xffff;
-}
-
-#if defined(_MSC_VER)
-# pragma optimize("",on)
-#endif
diff --git a/thirdparty/openssl/crypto/rc2/rc2cfb64.c b/thirdparty/openssl/crypto/rc2/rc2cfb64.c
deleted file mode 100644
index 8b5929fde3..0000000000
--- a/thirdparty/openssl/crypto/rc2/rc2cfb64.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/* crypto/rc2/rc2cfb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc2.h>
-#include "rc2_locl.h"
-
-/*
- * The input and output encrypted as though 64bit cfb mode is being used.
- * The extra state information to record how much of the 64bit block we have
- * used is contained in *num;
- */
-
-void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-                       long length, RC2_KEY *schedule, unsigned char *ivec,
-                       int *num, int encrypt)
-{
-    register unsigned long v0, v1, t;
-    register int n = *num;
-    register long l = length;
-    unsigned long ti[2];
-    unsigned char *iv, c, cc;
-
-    iv = (unsigned char *)ivec;
-    if (encrypt) {
-        while (l--) {
-            if (n == 0) {
-                c2l(iv, v0);
-                ti[0] = v0;
-                c2l(iv, v1);
-                ti[1] = v1;
-                RC2_encrypt((unsigned long *)ti, schedule);
-                iv = (unsigned char *)ivec;
-                t = ti[0];
-                l2c(t, iv);
-                t = ti[1];
-                l2c(t, iv);
-                iv = (unsigned char *)ivec;
-            }
-            c = *(in++) ^ iv[n];
-            *(out++) = c;
-            iv[n] = c;
-            n = (n + 1) & 0x07;
-        }
-    } else {
-        while (l--) {
-            if (n == 0) {
-                c2l(iv, v0);
-                ti[0] = v0;
-                c2l(iv, v1);
-                ti[1] = v1;
-                RC2_encrypt((unsigned long *)ti, schedule);
-                iv = (unsigned char *)ivec;
-                t = ti[0];
-                l2c(t, iv);
-                t = ti[1];
-                l2c(t, iv);
-                iv = (unsigned char *)ivec;
-            }
-            cc = *(in++);
-            c = iv[n];
-            iv[n] = cc;
-            *(out++) = c ^ cc;
-            n = (n + 1) & 0x07;
-        }
-    }
-    v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
-    *num = n;
-}
diff --git a/thirdparty/openssl/crypto/rc2/rc2ofb64.c b/thirdparty/openssl/crypto/rc2/rc2ofb64.c
deleted file mode 100644
index b9f4d8c35b..0000000000
--- a/thirdparty/openssl/crypto/rc2/rc2ofb64.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* crypto/rc2/rc2ofb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc2.h>
-#include "rc2_locl.h"
-
-/*
- * The input and output encrypted as though 64bit ofb mode is being used.
- * The extra state information to record how much of the 64bit block we have
- * used is contained in *num;
- */
-void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-                       long length, RC2_KEY *schedule, unsigned char *ivec,
-                       int *num)
-{
-    register unsigned long v0, v1, t;
-    register int n = *num;
-    register long l = length;
-    unsigned char d[8];
-    register char *dp;
-    unsigned long ti[2];
-    unsigned char *iv;
-    int save = 0;
-
-    iv = (unsigned char *)ivec;
-    c2l(iv, v0);
-    c2l(iv, v1);
-    ti[0] = v0;
-    ti[1] = v1;
-    dp = (char *)d;
-    l2c(v0, dp);
-    l2c(v1, dp);
-    while (l--) {
-        if (n == 0) {
-            RC2_encrypt((unsigned long *)ti, schedule);
-            dp = (char *)d;
-            t = ti[0];
-            l2c(t, dp);
-            t = ti[1];
-            l2c(t, dp);
-            save++;
-        }
-        *(out++) = *(in++) ^ d[n];
-        n = (n + 1) & 0x07;
-    }
-    if (save) {
-        v0 = ti[0];
-        v1 = ti[1];
-        iv = (unsigned char *)ivec;
-        l2c(v0, iv);
-        l2c(v1, iv);
-    }
-    t = v0 = v1 = ti[0] = ti[1] = 0;
-    *num = n;
-}
diff --git a/thirdparty/openssl/crypto/rc2/rc2speed.c b/thirdparty/openssl/crypto/rc2/rc2speed.c
deleted file mode 100644
index 3e45eb0841..0000000000
--- a/thirdparty/openssl/crypto/rc2/rc2speed.c
+++ /dev/null
@@ -1,262 +0,0 @@
-/* crypto/rc2/rc2speed.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
-/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-# define TIMES
-#endif
-
-#include <stdio.h>
-
-#include <openssl/e_os2.h>
-#include OPENSSL_UNISTD_IO
-OPENSSL_DECLARE_EXIT
-#ifndef OPENSSL_SYS_NETWARE
-# include <signal.h>
-#endif
-#ifndef _IRIX
-# include <time.h>
-#endif
-#ifdef TIMES
-# include <sys/types.h>
-# include <sys/times.h>
-#endif
-    /*
-     * Depending on the VMS version, the tms structure is perhaps defined.
-     * The __TMS macro will show if it was.  If it wasn't defined, we should
-     * undefine TIMES, since that tells the rest of the program how things
-     * should be handled.  -- Richard Levitte
-     */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-# undef TIMES
-#endif
-#ifndef TIMES
-# include <sys/timeb.h>
-#endif
-#if defined(sun) || defined(__ultrix)
-# define _POSIX_SOURCE
-# include <limits.h>
-# include <sys/param.h>
-#endif
-#include <openssl/rc2.h>
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-# ifndef CLK_TCK
-#  define HZ      100.0
-# else                          /* CLK_TCK */
-#  define HZ ((double)CLK_TCK)
-# endif                         /* CLK_TCK */
-#endif                          /* HZ */
-#define BUFSIZE ((long)1024)
-long run = 0;
-
-double Time_F(int s);
-#ifdef SIGALRM
-# if defined(__STDC__) || defined(sgi) || defined(_AIX)
-#  define SIGRETTYPE void
-# else
-#  define SIGRETTYPE int
-# endif
-
-SIGRETTYPE sig_done(int sig);
-SIGRETTYPE sig_done(int sig)
-{
-    signal(SIGALRM, sig_done);
-    run = 0;
-# ifdef LINT
-    sig = sig;
-# endif
-}
-#endif
-
-#define START   0
-#define STOP    1
-
-double Time_F(int s)
-{
-    double ret;
-#ifdef TIMES
-    static struct tms tstart, tend;
-
-    if (s == START) {
-        times(&tstart);
-        return (0);
-    } else {
-        times(&tend);
-        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
-        return ((ret == 0.0) ? 1e-6 : ret);
-    }
-#else                           /* !times() */
-    static struct timeb tstart, tend;
-    long i;
-
-    if (s == START) {
-        ftime(&tstart);
-        return (0);
-    } else {
-        ftime(&tend);
-        i = (long)tend.millitm - (long)tstart.millitm;
-        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1e3;
-        return ((ret == 0.0) ? 1e-6 : ret);
-    }
-#endif
-}
-
-int main(int argc, char **argv)
-{
-    long count;
-    static unsigned char buf[BUFSIZE];
-    static unsigned char key[] = {
-        0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
-        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
-    };
-    RC2_KEY sch;
-    double a, b, c, d;
-#ifndef SIGALRM
-    long ca, cb, cc;
-#endif
-
-#ifndef TIMES
-    printf("To get the most accurate results, try to run this\n");
-    printf("program when this computer is idle.\n");
-#endif
-
-#ifndef SIGALRM
-    printf("First we calculate the approximate speed ...\n");
-    RC2_set_key(&sch, 16, key, 128);
-    count = 10;
-    do {
-        long i;
-        unsigned long data[2];
-
-        count *= 2;
-        Time_F(START);
-        for (i = count; i; i--)
-            RC2_encrypt(data, &sch);
-        d = Time_F(STOP);
-    } while (d < 3.0);
-    ca = count / 512;
-    cb = count;
-    cc = count * 8 / BUFSIZE + 1;
-    printf("Doing RC2_set_key %ld times\n", ca);
-# define COND(d) (count != (d))
-# define COUNT(d) (d)
-#else
-# define COND(c) (run)
-# define COUNT(d) (count)
-    signal(SIGALRM, sig_done);
-    printf("Doing RC2_set_key for 10 seconds\n");
-    alarm(10);
-#endif
-
-    Time_F(START);
-    for (count = 0, run = 1; COND(ca); count += 4) {
-        RC2_set_key(&sch, 16, key, 128);
-        RC2_set_key(&sch, 16, key, 128);
-        RC2_set_key(&sch, 16, key, 128);
-        RC2_set_key(&sch, 16, key, 128);
-    }
-    d = Time_F(STOP);
-    printf("%ld RC2_set_key's in %.2f seconds\n", count, d);
-    a = ((double)COUNT(ca)) / d;
-
-#ifdef SIGALRM
-    printf("Doing RC2_encrypt's for 10 seconds\n");
-    alarm(10);
-#else
-    printf("Doing RC2_encrypt %ld times\n", cb);
-#endif
-    Time_F(START);
-    for (count = 0, run = 1; COND(cb); count += 4) {
-        unsigned long data[2];
-
-        RC2_encrypt(data, &sch);
-        RC2_encrypt(data, &sch);
-        RC2_encrypt(data, &sch);
-        RC2_encrypt(data, &sch);
-    }
-    d = Time_F(STOP);
-    printf("%ld RC2_encrypt's in %.2f second\n", count, d);
-    b = ((double)COUNT(cb) * 8) / d;
-
-#ifdef SIGALRM
-    printf("Doing RC2_cbc_encrypt on %ld byte blocks for 10 seconds\n",
-           BUFSIZE);
-    alarm(10);
-#else
-    printf("Doing RC2_cbc_encrypt %ld times on %ld byte blocks\n", cc,
-           BUFSIZE);
-#endif
-    Time_F(START);
-    for (count = 0, run = 1; COND(cc); count++)
-        RC2_cbc_encrypt(buf, buf, BUFSIZE, &sch, &(key[0]), RC2_ENCRYPT);
-    d = Time_F(STOP);
-    printf("%ld RC2_cbc_encrypt's of %ld byte blocks in %.2f second\n",
-           count, BUFSIZE, d);
-    c = ((double)COUNT(cc) * BUFSIZE) / d;
-
-    printf("RC2 set_key       per sec = %12.2f (%9.3fuS)\n", a, 1.0e6 / a);
-    printf("RC2 raw ecb bytes per sec = %12.2f (%9.3fuS)\n", b, 8.0e6 / b);
-    printf("RC2 cbc     bytes per sec = %12.2f (%9.3fuS)\n", c, 8.0e6 / c);
-    exit(0);
-#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
-    return (0);
-#endif
-}
diff --git a/thirdparty/openssl/crypto/rc2/rrc2.doc b/thirdparty/openssl/crypto/rc2/rrc2.doc
deleted file mode 100644
index f93ee003d2..0000000000
--- a/thirdparty/openssl/crypto/rc2/rrc2.doc
+++ /dev/null
@@ -1,219 +0,0 @@
->From cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news Mon Feb 12 18:48:17 EST 1996
-Article 23601 of sci.crypt:
-Path: cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news
->From: pgut01@cs.auckland.ac.nz (Peter Gutmann)
-Newsgroups: sci.crypt
-Subject: Specification for Ron Rivests Cipher No.2
-Date: 11 Feb 1996 06:45:03 GMT
-Organization: University of Auckland
-Lines: 203
-Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann)
-Message-ID: <4fk39f$f70@net.auckland.ac.nz>
-NNTP-Posting-Host: cs26.cs.auckland.ac.nz
-X-Newsreader: NN version 6.5.0 #3 (NOV)
-
-
-
-
-                           Ron Rivest's Cipher No.2
-                           ------------------------
- 
-Ron Rivest's Cipher No.2 (hereafter referred to as RRC.2, other people may
-refer to it by other names) is word oriented, operating on a block of 64 bits
-divided into four 16-bit words, with a key table of 64 words.  All data units
-are little-endian.  This functional description of the algorithm is based in
-the paper "The RC5 Encryption Algorithm" (RC5 is a trademark of RSADSI), using
-the same general layout, terminology, and pseudocode style.
- 
- 
-Notation and RRC.2 Primitive Operations
- 
-RRC.2 uses the following primitive operations:
- 
-1. Two's-complement addition of words, denoted by "+".  The inverse operation,
-   subtraction, is denoted by "-".
-2. Bitwise exclusive OR, denoted by "^".
-3. Bitwise AND, denoted by "&".
-4. Bitwise NOT, denoted by "~".
-5. A left-rotation of words; the rotation of word x left by y is denoted
-   x <<< y.  The inverse operation, right-rotation, is denoted x >>> y.
- 
-These operations are directly and efficiently supported by most processors.
- 
- 
-The RRC.2 Algorithm
- 
-RRC.2 consists of three components, a *key expansion* algorithm, an
-*encryption* algorithm, and a *decryption* algorithm.
- 
- 
-Key Expansion
- 
-The purpose of the key-expansion routine is to expand the user's key K to fill
-the expanded key array S, so S resembles an array of random binary words
-determined by the user's secret key K.
- 
-Initialising the S-box
- 
-RRC.2 uses a single 256-byte S-box derived from the ciphertext contents of
-Beale Cipher No.1 XOR'd with a one-time pad.  The Beale Ciphers predate modern
-cryptography by enough time that there should be no concerns about trapdoors
-hidden in the data.  They have been published widely, and the S-box can be
-easily recreated from the one-time pad values and the Beale Cipher data taken
-from a standard source.  To initialise the S-box:
- 
-  for i = 0 to 255 do
-    sBox[ i ] = ( beale[ i ] mod 256 ) ^ pad[ i ]
- 
-The contents of Beale Cipher No.1 and the necessary one-time pad are given as
-an appendix at the end of this document.  For efficiency, implementors may wish
-to skip the Beale Cipher expansion and store the sBox table directly.
- 
-Expanding the Secret Key to 128 Bytes
- 
-The secret key is first expanded to fill 128 bytes (64 words).  The expansion
-consists of taking the sum of the first and last bytes in the user key, looking
-up the sum (modulo 256) in the S-box, and appending the result to the key.  The
-operation is repeated with the second byte and new last byte of the key until
-all 128 bytes have been generated.  Note that the following pseudocode treats
-the S array as an array of 128 bytes rather than 64 words.
- 
-  for j = 0 to length-1 do
-    S[ j ] = K[ j ]
-  for j = length to 127 do
-    s[ j ] = sBox[ ( S[ j-length ] + S[ j-1 ] ) mod 256 ];
- 
-At this point it is possible to perform a truncation of the effective key
-length to ease the creation of espionage-enabled software products.  However
-since the author cannot conceive why anyone would want to do this, it will not
-be considered further.
- 
-The final phase of the key expansion involves replacing the first byte of S
-with the entry selected from the S-box:
- 
-  S[ 0 ] = sBox[ S[ 0 ] ]
- 
- 
-Encryption
- 
-The cipher has 16 full rounds, each divided into 4 subrounds.  Two of the full
-rounds perform an additional transformation on the data.  Note that the
-following pseudocode treats the S array as an array of 64 words rather than 128
-bytes.
- 
-  for i = 0 to 15 do
-    j = i * 4;
-    word0 = ( word0 + ( word1 & ~word3 ) + ( word2 & word3 ) + S[ j+0 ] ) <<< 1
-    word1 = ( word1 + ( word2 & ~word0 ) + ( word3 & word0 ) + S[ j+1 ] ) <<< 2
-    word2 = ( word2 + ( word3 & ~word1 ) + ( word0 & word1 ) + S[ j+2 ] ) <<< 3
-    word3 = ( word3 + ( word0 & ~word2 ) + ( word1 & word2 ) + S[ j+3 ] ) <<< 5
- 
-In addition the fifth and eleventh rounds add the contents of the S-box indexed
-by one of the data words to another of the data words following the four
-subrounds as follows:
- 
-    word0 = word0 + S[ word3 & 63 ];
-    word1 = word1 + S[ word0 & 63 ];
-    word2 = word2 + S[ word1 & 63 ];
-    word3 = word3 + S[ word2 & 63 ];
- 
- 
-Decryption
- 
-The decryption operation is simply the inverse of the encryption operation.
-Note that the following pseudocode treats the S array as an array of 64 words
-rather than 128 bytes.
- 
-  for i = 15 downto 0 do
-    j = i * 4;
-    word3 = ( word3 >>> 5 ) - ( word0 & ~word2 ) - ( word1 & word2 ) - S[ j+3 ]
-    word2 = ( word2 >>> 3 ) - ( word3 & ~word1 ) - ( word0 & word1 ) - S[ j+2 ]
-    word1 = ( word1 >>> 2 ) - ( word2 & ~word0 ) - ( word3 & word0 ) - S[ j+1 ]
-    word0 = ( word0 >>> 1 ) - ( word1 & ~word3 ) - ( word2 & word3 ) - S[ j+0 ]
- 
-In addition the fifth and eleventh rounds subtract the contents of the S-box
-indexed by one of the data words from another one of the data words following
-the four subrounds as follows:
- 
-    word3 = word3 - S[ word2 & 63 ]
-    word2 = word2 - S[ word1 & 63 ]
-    word1 = word1 - S[ word0 & 63 ]
-    word0 = word0 - S[ word3 & 63 ]
- 
- 
-Test Vectors
- 
-The following test vectors may be used to test the correctness of an RRC.2
-implementation:
- 
-  Key:      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-  Plain:    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-  Cipher:   0x1C, 0x19, 0x8A, 0x83, 0x8D, 0xF0, 0x28, 0xB7
- 
-  Key:      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
-  Plain:    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-  Cipher:   0x21, 0x82, 0x9C, 0x78, 0xA9, 0xF9, 0xC0, 0x74
- 
-  Key:      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-  Plain:    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
-  Cipher:   0x13, 0xDB, 0x35, 0x17, 0xD3, 0x21, 0x86, 0x9E
- 
-  Key:      0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-            0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
-  Plain:    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-  Cipher:   0x50, 0xDC, 0x01, 0x62, 0xBD, 0x75, 0x7F, 0x31
- 
- 
-Appendix: Beale Cipher No.1, "The Locality of the Vault", and One-time Pad for
-          Creating the S-Box
- 
-Beale Cipher No.1.
- 
-  71, 194,  38,1701,  89,  76,  11,  83,1629,  48,  94,  63, 132,  16, 111,  95,
-  84, 341, 975,  14,  40,  64,  27,  81, 139, 213,  63,  90,1120,   8,  15,   3,
- 126,2018,  40,  74, 758, 485, 604, 230, 436, 664, 582, 150, 251, 284, 308, 231,
- 124, 211, 486, 225, 401, 370,  11, 101, 305, 139, 189,  17,  33,  88, 208, 193,
- 145,   1,  94,  73, 416, 918, 263,  28, 500, 538, 356, 117, 136, 219,  27, 176,
- 130,  10, 460,  25, 485,  18, 436,  65,  84, 200, 283, 118, 320, 138,  36, 416,
- 280,  15,  71, 224, 961,  44,  16, 401,  39,  88,  61, 304,  12,  21,  24, 283,
- 134,  92,  63, 246, 486, 682,   7, 219, 184, 360, 780,  18,  64, 463, 474, 131,
- 160,  79,  73, 440,  95,  18,  64, 581,  34,  69, 128, 367, 460,  17,  81,  12,
- 103, 820,  62, 110,  97, 103, 862,  70,  60,1317, 471, 540, 208, 121, 890, 346,
-  36, 150,  59, 568, 614,  13, 120,  63, 219, 812,2160,1780,  99,  35,  18,  21,
- 136, 872,  15,  28, 170,  88,   4,  30,  44, 112,  18, 147, 436, 195, 320,  37,
- 122, 113,   6, 140,   8, 120, 305,  42,  58, 461,  44, 106, 301,  13, 408, 680,
-  93,  86, 116, 530,  82, 568,   9, 102,  38, 416,  89,  71, 216, 728, 965, 818,
-   2,  38, 121, 195,  14, 326, 148, 234,  18,  55, 131, 234, 361, 824,   5,  81,
- 623,  48, 961,  19,  26,  33,  10,1101, 365,  92,  88, 181, 275, 346, 201, 206
- 
-One-time Pad.
- 
- 158, 186, 223,  97,  64, 145, 190, 190, 117, 217, 163,  70, 206, 176, 183, 194,
- 146,  43, 248, 141,   3,  54,  72, 223, 233, 153,  91, 210,  36, 131, 244, 161,
- 105, 120, 113, 191, 113,  86,  19, 245, 213, 221,  43,  27, 242, 157,  73, 213,
- 193,  92, 166,  10,  23, 197, 112, 110, 193,  30, 156,  51, 125,  51, 158,  67,
- 197, 215,  59, 218, 110, 246, 181,   0, 135,  76, 164,  97,  47,  87, 234, 108,
- 144, 127,   6,   6, 222, 172,  80, 144,  22, 245, 207,  70, 227, 182, 146, 134,
- 119, 176,  73,  58, 135,  69,  23, 198,   0, 170,  32, 171, 176, 129,  91,  24,
- 126,  77, 248,   0, 118,  69,  57,  60, 190, 171, 217,  61, 136, 169, 196,  84,
- 168, 167, 163, 102, 223,  64, 174, 178, 166, 239, 242, 195, 249,  92,  59,  38,
- 241,  46, 236,  31,  59, 114,  23,  50, 119, 186,   7,  66, 212,  97, 222, 182,
- 230, 118, 122,  86, 105,  92, 179, 243, 255, 189, 223, 164, 194, 215,  98,  44,
-  17,  20,  53, 153, 137, 224, 176, 100, 208, 114,  36, 200, 145, 150, 215,  20,
-  87,  44, 252,  20, 235, 242, 163, 132,  63,  18,   5, 122,  74,  97,  34,  97,
- 142,  86, 146, 221, 179, 166, 161,  74,  69, 182,  88, 120, 128,  58,  76, 155,
-  15,  30,  77, 216, 165, 117, 107,  90, 169, 127, 143, 181, 208, 137, 200, 127,
- 170, 195,  26,  84, 255, 132, 150,  58, 103, 250, 120, 221, 237,  37,   8,  99
- 
- 
-Implementation
- 
-A non-US based programmer who has never seen any encryption code before will
-shortly be implementing RRC.2 based solely on this specification and not on
-knowledge of any other encryption algorithms.  Stand by.
-
-
-
diff --git a/thirdparty/openssl/crypto/rc2/tab.c b/thirdparty/openssl/crypto/rc2/tab.c
deleted file mode 100644
index 0534e37506..0000000000
--- a/thirdparty/openssl/crypto/rc2/tab.c
+++ /dev/null
@@ -1,84 +0,0 @@
-#include <stdio.h>
-
-unsigned char ebits_to_num[256] = {
-    0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a,
-    0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0,
-    0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b,
-    0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a,
-    0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda,
-    0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36,
-    0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8,
-    0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c,
-    0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17,
-    0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60,
-    0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72,
-    0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa,
-    0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd,
-    0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e,
-    0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b,
-    0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf,
-    0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77,
-    0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6,
-    0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3,
-    0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3,
-    0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e,
-    0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c,
-    0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d,
-    0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2,
-    0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46,
-    0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5,
-    0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97,
-    0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5,
-    0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef,
-    0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f,
-    0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf,
-    0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab,
-};
-
-unsigned char num_to_ebits[256] = {
-    0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d,
-    0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5,
-    0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47,
-    0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5,
-    0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c,
-    0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef,
-    0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89,
-    0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d,
-    0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8,
-    0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb,
-    0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab,
-    0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d,
-    0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46,
-    0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3,
-    0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87,
-    0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61,
-    0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6,
-    0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1,
-    0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7,
-    0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21,
-    0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0,
-    0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42,
-    0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a,
-    0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f,
-    0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5,
-    0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7,
-    0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90,
-    0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15,
-    0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b,
-    0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7,
-    0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18,
-    0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd,
-};
-
-main()
-{
-    int i, j;
-
-    for (i = 0; i < 256; i++) {
-        for (j = 0; j < 256; j++)
-            if (ebits_to_num[j] == i) {
-                printf("0x%02x,", j);
-                break;
-            }
-    }
-}
diff --git a/thirdparty/openssl/crypto/rc2/version b/thirdparty/openssl/crypto/rc2/version
deleted file mode 100644
index 6f89d595f1..0000000000
--- a/thirdparty/openssl/crypto/rc2/version
+++ /dev/null
@@ -1,22 +0,0 @@
-1.1 23/08/96 - eay
-	Changed RC2_set_key() so it now takes another argument.  Many
-	thanks to Peter Gutmann <pgut01@cs.auckland.ac.nz> for the
-	clarification and origional specification of RC2.  BSAFE uses
-	this last parameter, 'bits'.  It the key is 128 bits, BSAFE
-	also sets this parameter to 128.  The old behaviour can be
-	duplicated by setting this parameter to 1024.
-
-1.0 08/04/96 - eay
-	First version of SSLeay with rc2.  This has been written from the spec
-	posted sci.crypt.  It is in this directory under rrc2.doc
-	I have no test values for any mode other than ecb, my wrappers for the
-	other modes should be ok since they are basically the same as
-	the ones taken from idea and des :-).  I have implemented them as
-	little-endian operators.
-	While rc2 is included because it is used with SSL, I don't know how
-	far I trust it.  It is about the same speed as IDEA and DES.
-	So if you are paranoid, used Tripple DES, else IDEA.  If RC2
-	does get used more, perhaps more people will look for weaknesses in
-	it.
-	
-
diff --git a/thirdparty/openssl/crypto/rc4/rc4.c b/thirdparty/openssl/crypto/rc4/rc4.c
deleted file mode 100644
index 99082e8919..0000000000
--- a/thirdparty/openssl/crypto/rc4/rc4.c
+++ /dev/null
@@ -1,179 +0,0 @@
-/* crypto/rc4/rc4.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/rc4.h>
-#include <openssl/evp.h>
-
-char *usage[] = {
-    "usage: rc4 args\n",
-    "\n",
-    " -in arg         - input file - default stdin\n",
-    " -out arg        - output file - default stdout\n",
-    " -key key        - password\n",
-    NULL
-};
-
-int main(int argc, char *argv[])
-{
-    FILE *in = NULL, *out = NULL;
-    char *infile = NULL, *outfile = NULL, *keystr = NULL;
-    RC4_KEY key;
-    char buf[BUFSIZ];
-    int badops = 0, i;
-    char **pp;
-    unsigned char md[MD5_DIGEST_LENGTH];
-
-    argc--;
-    argv++;
-    while (argc >= 1) {
-        if (strcmp(*argv, "-in") == 0) {
-            if (--argc < 1)
-                goto bad;
-            infile = *(++argv);
-        } else if (strcmp(*argv, "-out") == 0) {
-            if (--argc < 1)
-                goto bad;
-            outfile = *(++argv);
-        } else if (strcmp(*argv, "-key") == 0) {
-            if (--argc < 1)
-                goto bad;
-            keystr = *(++argv);
-        } else {
-            fprintf(stderr, "unknown option %s\n", *argv);
-            badops = 1;
-            break;
-        }
-        argc--;
-        argv++;
-    }
-
-    if (badops) {
- bad:
-        for (pp = usage; (*pp != NULL); pp++)
-            fprintf(stderr, "%s", *pp);
-        exit(1);
-    }
-
-    if (infile == NULL)
-        in = stdin;
-    else {
-        in = fopen(infile, "r");
-        if (in == NULL) {
-            perror("open");
-            exit(1);
-        }
-
-    }
-    if (outfile == NULL)
-        out = stdout;
-    else {
-        out = fopen(outfile, "w");
-        if (out == NULL) {
-            perror("open");
-            exit(1);
-        }
-    }
-
-#ifdef OPENSSL_SYS_MSDOS
-    /* This should set the file to binary mode. */
-    {
-# include <fcntl.h>
-        setmode(fileno(in), O_BINARY);
-        setmode(fileno(out), O_BINARY);
-    }
-#endif
-
-    if (keystr == NULL) {       /* get key */
-        i = EVP_read_pw_string(buf, BUFSIZ, "Enter RC4 password:", 0);
-        if (i != 0) {
-            OPENSSL_cleanse(buf, BUFSIZ);
-            fprintf(stderr, "bad password read\n");
-            exit(1);
-        }
-        keystr = buf;
-    }
-
-    EVP_Digest((unsigned char *)keystr, strlen(keystr), md, NULL, EVP_md5(),
-               NULL);
-    OPENSSL_cleanse(keystr, strlen(keystr));
-    RC4_set_key(&key, MD5_DIGEST_LENGTH, md);
-
-    for (;;) {
-        i = fread(buf, 1, BUFSIZ, in);
-        if (i == 0)
-            break;
-        if (i < 0) {
-            perror("read");
-            exit(1);
-        }
-        RC4(&key, (unsigned int)i, (unsigned char *)buf,
-            (unsigned char *)buf);
-        i = fwrite(buf, (unsigned int)i, 1, out);
-        if (i != 1) {
-            perror("write");
-            exit(1);
-        }
-    }
-    fclose(out);
-    fclose(in);
-    exit(0);
-    return (1);
-}
diff --git a/thirdparty/openssl/crypto/rc4/rc4_enc.c b/thirdparty/openssl/crypto/rc4/rc4_enc.c
deleted file mode 100644
index 0f0a2487a7..0000000000
--- a/thirdparty/openssl/crypto/rc4/rc4_enc.c
+++ /dev/null
@@ -1,334 +0,0 @@
-/* crypto/rc4/rc4_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc4.h>
-#include "rc4_locl.h"
-
-/*-
- * RC4 as implemented from a posting from
- * Newsgroups: sci.crypt
- * From: sterndark@netcom.com (David Sterndark)
- * Subject: RC4 Algorithm revealed.
- * Message-ID: <sternCvKL4B.Hyy@netcom.com>
- * Date: Wed, 14 Sep 1994 06:35:31 GMT
- */
-
-void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
-         unsigned char *outdata)
-{
-    register RC4_INT *d;
-    register RC4_INT x, y, tx, ty;
-    size_t i;
-
-    x = key->x;
-    y = key->y;
-    d = key->data;
-
-#if defined(RC4_CHUNK) && !defined(PEDANTIC)
-    /*-
-     * The original reason for implementing this(*) was the fact that
-     * pre-21164a Alpha CPUs don't have byte load/store instructions
-     * and e.g. a byte store has to be done with 64-bit load, shift,
-     * and, or and finally 64-bit store. Peaking data and operating
-     * at natural word size made it possible to reduce amount of
-     * instructions as well as to perform early read-ahead without
-     * suffering from RAW (read-after-write) hazard. This resulted
-     * in ~40%(**) performance improvement on 21064 box with gcc.
-     * But it's not only Alpha users who win here:-) Thanks to the
-     * early-n-wide read-ahead this implementation also exhibits
-     * >40% speed-up on SPARC and 20-30% on 64-bit MIPS (depending
-     * on sizeof(RC4_INT)).
-     *
-     * (*)  "this" means code which recognizes the case when input
-     *      and output pointers appear to be aligned at natural CPU
-     *      word boundary
-     * (**) i.e. according to 'apps/openssl speed rc4' benchmark,
-     *      crypto/rc4/rc4speed.c exhibits almost 70% speed-up...
-     *
-     * Cavets.
-     *
-     * - RC4_CHUNK="unsigned long long" should be a #1 choice for
-     *   UltraSPARC. Unfortunately gcc generates very slow code
-     *   (2.5-3 times slower than one generated by Sun's WorkShop
-     *   C) and therefore gcc (at least 2.95 and earlier) should
-     *   always be told that RC4_CHUNK="unsigned long".
-     *
-     *                                      <appro@fy.chalmers.se>
-     */
-
-# define RC4_STEP       ( \
-                        x=(x+1) &0xff,  \
-                        tx=d[x],        \
-                        y=(tx+y)&0xff,  \
-                        ty=d[y],        \
-                        d[y]=tx,        \
-                        d[x]=ty,        \
-                        (RC4_CHUNK)d[(tx+ty)&0xff]\
-                        )
-
-    if ((((size_t)indata & (sizeof(RC4_CHUNK) - 1)) |
-         ((size_t)outdata & (sizeof(RC4_CHUNK) - 1))) == 0) {
-        RC4_CHUNK ichunk, otp;
-        const union {
-            long one;
-            char little;
-        } is_endian = {
-            1
-        };
-
-        /*-
-         * I reckon we can afford to implement both endian
-         * cases and to decide which way to take at run-time
-         * because the machine code appears to be very compact
-         * and redundant 1-2KB is perfectly tolerable (i.e.
-         * in case the compiler fails to eliminate it:-). By
-         * suggestion from Terrel Larson <terr@terralogic.net>
-         * who also stands for the is_endian union:-)
-         *
-         * Special notes.
-         *
-         * - is_endian is declared automatic as doing otherwise
-         *   (declaring static) prevents gcc from eliminating
-         *   the redundant code;
-         * - compilers (those I've tried) don't seem to have
-         *   problems eliminating either the operators guarded
-         *   by "if (sizeof(RC4_CHUNK)==8)" or the condition
-         *   expressions themselves so I've got 'em to replace
-         *   corresponding #ifdefs from the previous version;
-         * - I chose to let the redundant switch cases when
-         *   sizeof(RC4_CHUNK)!=8 be (were also #ifdefed
-         *   before);
-         * - in case you wonder "&(sizeof(RC4_CHUNK)*8-1)" in
-         *   [LB]ESHFT guards against "shift is out of range"
-         *   warnings when sizeof(RC4_CHUNK)!=8
-         *
-         *                      <appro@fy.chalmers.se>
-         */
-        if (!is_endian.little) { /* BIG-ENDIAN CASE */
-# define BESHFT(c)      (((sizeof(RC4_CHUNK)-(c)-1)*8)&(sizeof(RC4_CHUNK)*8-1))
-            for (; len & (0 - sizeof(RC4_CHUNK)); len -= sizeof(RC4_CHUNK)) {
-                ichunk = *(RC4_CHUNK *) indata;
-                otp = RC4_STEP << BESHFT(0);
-                otp |= RC4_STEP << BESHFT(1);
-                otp |= RC4_STEP << BESHFT(2);
-                otp |= RC4_STEP << BESHFT(3);
-                if (sizeof(RC4_CHUNK) == 8) {
-                    otp |= RC4_STEP << BESHFT(4);
-                    otp |= RC4_STEP << BESHFT(5);
-                    otp |= RC4_STEP << BESHFT(6);
-                    otp |= RC4_STEP << BESHFT(7);
-                }
-                *(RC4_CHUNK *) outdata = otp ^ ichunk;
-                indata += sizeof(RC4_CHUNK);
-                outdata += sizeof(RC4_CHUNK);
-            }
-            if (len) {
-                RC4_CHUNK mask = (RC4_CHUNK) - 1, ochunk;
-
-                ichunk = *(RC4_CHUNK *) indata;
-                ochunk = *(RC4_CHUNK *) outdata;
-                otp = 0;
-                i = BESHFT(0);
-                mask <<= (sizeof(RC4_CHUNK) - len) << 3;
-                switch (len & (sizeof(RC4_CHUNK) - 1)) {
-                case 7:
-                    otp = RC4_STEP << i, i -= 8;
-                case 6:
-                    otp |= RC4_STEP << i, i -= 8;
-                case 5:
-                    otp |= RC4_STEP << i, i -= 8;
-                case 4:
-                    otp |= RC4_STEP << i, i -= 8;
-                case 3:
-                    otp |= RC4_STEP << i, i -= 8;
-                case 2:
-                    otp |= RC4_STEP << i, i -= 8;
-                case 1:
-                    otp |= RC4_STEP << i, i -= 8;
-                case 0:;       /*
-                                 * it's never the case,
-                                 * but it has to be here
-                                 * for ultrix?
-                                 */
-                }
-                ochunk &= ~mask;
-                ochunk |= (otp ^ ichunk) & mask;
-                *(RC4_CHUNK *) outdata = ochunk;
-            }
-            key->x = x;
-            key->y = y;
-            return;
-        } else {                /* LITTLE-ENDIAN CASE */
-# define LESHFT(c)      (((c)*8)&(sizeof(RC4_CHUNK)*8-1))
-            for (; len & (0 - sizeof(RC4_CHUNK)); len -= sizeof(RC4_CHUNK)) {
-                ichunk = *(RC4_CHUNK *) indata;
-                otp = RC4_STEP;
-                otp |= RC4_STEP << 8;
-                otp |= RC4_STEP << 16;
-                otp |= RC4_STEP << 24;
-                if (sizeof(RC4_CHUNK) == 8) {
-                    otp |= RC4_STEP << LESHFT(4);
-                    otp |= RC4_STEP << LESHFT(5);
-                    otp |= RC4_STEP << LESHFT(6);
-                    otp |= RC4_STEP << LESHFT(7);
-                }
-                *(RC4_CHUNK *) outdata = otp ^ ichunk;
-                indata += sizeof(RC4_CHUNK);
-                outdata += sizeof(RC4_CHUNK);
-            }
-            if (len) {
-                RC4_CHUNK mask = (RC4_CHUNK) - 1, ochunk;
-
-                ichunk = *(RC4_CHUNK *) indata;
-                ochunk = *(RC4_CHUNK *) outdata;
-                otp = 0;
-                i = 0;
-                mask >>= (sizeof(RC4_CHUNK) - len) << 3;
-                switch (len & (sizeof(RC4_CHUNK) - 1)) {
-                case 7:
-                    otp = RC4_STEP, i += 8;
-                case 6:
-                    otp |= RC4_STEP << i, i += 8;
-                case 5:
-                    otp |= RC4_STEP << i, i += 8;
-                case 4:
-                    otp |= RC4_STEP << i, i += 8;
-                case 3:
-                    otp |= RC4_STEP << i, i += 8;
-                case 2:
-                    otp |= RC4_STEP << i, i += 8;
-                case 1:
-                    otp |= RC4_STEP << i, i += 8;
-                case 0:;       /*
-                                 * it's never the case,
-                                 * but it has to be here
-                                 * for ultrix?
-                                 */
-                }
-                ochunk &= ~mask;
-                ochunk |= (otp ^ ichunk) & mask;
-                *(RC4_CHUNK *) outdata = ochunk;
-            }
-            key->x = x;
-            key->y = y;
-            return;
-        }
-    }
-#endif
-#define LOOP(in,out) \
-                x=((x+1)&0xff); \
-                tx=d[x]; \
-                y=(tx+y)&0xff; \
-                d[x]=ty=d[y]; \
-                d[y]=tx; \
-                (out) = d[(tx+ty)&0xff]^ (in);
-
-#ifndef RC4_INDEX
-# define RC4_LOOP(a,b,i) LOOP(*((a)++),*((b)++))
-#else
-# define RC4_LOOP(a,b,i) LOOP(a[i],b[i])
-#endif
-
-    i = len >> 3;
-    if (i) {
-        for (;;) {
-            RC4_LOOP(indata, outdata, 0);
-            RC4_LOOP(indata, outdata, 1);
-            RC4_LOOP(indata, outdata, 2);
-            RC4_LOOP(indata, outdata, 3);
-            RC4_LOOP(indata, outdata, 4);
-            RC4_LOOP(indata, outdata, 5);
-            RC4_LOOP(indata, outdata, 6);
-            RC4_LOOP(indata, outdata, 7);
-#ifdef RC4_INDEX
-            indata += 8;
-            outdata += 8;
-#endif
-            if (--i == 0)
-                break;
-        }
-    }
-    i = len & 0x07;
-    if (i) {
-        for (;;) {
-            RC4_LOOP(indata, outdata, 0);
-            if (--i == 0)
-                break;
-            RC4_LOOP(indata, outdata, 1);
-            if (--i == 0)
-                break;
-            RC4_LOOP(indata, outdata, 2);
-            if (--i == 0)
-                break;
-            RC4_LOOP(indata, outdata, 3);
-            if (--i == 0)
-                break;
-            RC4_LOOP(indata, outdata, 4);
-            if (--i == 0)
-                break;
-            RC4_LOOP(indata, outdata, 5);
-            if (--i == 0)
-                break;
-            RC4_LOOP(indata, outdata, 6);
-            if (--i == 0)
-                break;
-        }
-    }
-    key->x = x;
-    key->y = y;
-}
diff --git a/thirdparty/openssl/crypto/rc4/rc4_locl.h b/thirdparty/openssl/crypto/rc4/rc4_locl.h
deleted file mode 100644
index faf8742f01..0000000000
--- a/thirdparty/openssl/crypto/rc4/rc4_locl.h
+++ /dev/null
@@ -1,5 +0,0 @@
-#ifndef HEADER_RC4_LOCL_H
-# define HEADER_RC4_LOCL_H
-# include <openssl/opensslconf.h>
-# include <cryptlib.h>
-#endif
diff --git a/thirdparty/openssl/crypto/rc4/rc4_skey.c b/thirdparty/openssl/crypto/rc4/rc4_skey.c
deleted file mode 100644
index 06890d16ae..0000000000
--- a/thirdparty/openssl/crypto/rc4/rc4_skey.c
+++ /dev/null
@@ -1,116 +0,0 @@
-/* crypto/rc4/rc4_skey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc4.h>
-#include "rc4_locl.h"
-#include <openssl/opensslv.h>
-
-const char RC4_version[] = "RC4" OPENSSL_VERSION_PTEXT;
-
-const char *RC4_options(void)
-{
-#ifdef RC4_INDEX
-    if (sizeof(RC4_INT) == 1)
-        return ("rc4(idx,char)");
-    else
-        return ("rc4(idx,int)");
-#else
-    if (sizeof(RC4_INT) == 1)
-        return ("rc4(ptr,char)");
-    else
-        return ("rc4(ptr,int)");
-#endif
-}
-
-/*-
- * RC4 as implemented from a posting from
- * Newsgroups: sci.crypt
- * From: sterndark@netcom.com (David Sterndark)
- * Subject: RC4 Algorithm revealed.
- * Message-ID: <sternCvKL4B.Hyy@netcom.com>
- * Date: Wed, 14 Sep 1994 06:35:31 GMT
- */
-
-void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
-{
-    register RC4_INT tmp;
-    register int id1, id2;
-    register RC4_INT *d;
-    unsigned int i;
-
-    d = &(key->data[0]);
-    key->x = 0;
-    key->y = 0;
-    id1 = id2 = 0;
-
-#define SK_LOOP(d,n) { \
-                tmp=d[(n)]; \
-                id2 = (data[id1] + tmp + id2) & 0xff; \
-                if (++id1 == len) id1=0; \
-                d[(n)]=d[id2]; \
-                d[id2]=tmp; }
-
-    for (i = 0; i < 256; i++)
-        d[i] = i;
-    for (i = 0; i < 256; i += 4) {
-        SK_LOOP(d, i + 0);
-        SK_LOOP(d, i + 1);
-        SK_LOOP(d, i + 2);
-        SK_LOOP(d, i + 3);
-    }
-}
diff --git a/thirdparty/openssl/crypto/rc4/rc4_utl.c b/thirdparty/openssl/crypto/rc4/rc4_utl.c
deleted file mode 100644
index cbd4a24e4b..0000000000
--- a/thirdparty/openssl/crypto/rc4/rc4_utl.c
+++ /dev/null
@@ -1,62 +0,0 @@
-/* crypto/rc4/rc4_utl.c */
-/* ====================================================================
- * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/opensslv.h>
-#include <openssl/crypto.h>
-#include <openssl/rc4.h>
-
-void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
-{
-#ifdef OPENSSL_FIPS
-    fips_cipher_abort(RC4);
-#endif
-    private_RC4_set_key(key, len, data);
-}
diff --git a/thirdparty/openssl/crypto/rc4/rc4s.cpp b/thirdparty/openssl/crypto/rc4/rc4s.cpp
deleted file mode 100644
index 3814fde997..0000000000
--- a/thirdparty/openssl/crypto/rc4/rc4s.cpp
+++ /dev/null
@@ -1,73 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/rc4.h>
-
-void main(int argc,char *argv[])
-	{
-	unsigned char buffer[1024];
-	RC4_KEY ctx;
-	unsigned long s1,s2,e1,e2;
-	unsigned char k[16];
-	unsigned long data[2];
-	unsigned char iv[8];
-	int i,num=64,numm;
-	int j=0;
-
-	if (argc >= 2)
-		num=atoi(argv[1]);
-
-	if (num == 0) num=256;
-	if (num > 1024-16) num=1024-16;
-	numm=num+8;
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<10; i++) /**/
-			{
-			RC4(&ctx,numm,buffer,buffer);
-			GetTSC(s1);
-			RC4(&ctx,numm,buffer,buffer);
-			GetTSC(e1);
-			GetTSC(s2);
-			RC4(&ctx,num,buffer,buffer);
-			GetTSC(e2);
-			RC4(&ctx,num,buffer,buffer);
-			}
-
-		printf("RC4 (%d bytes) %d %d (%d) - 8 bytes\n",num,
-			e1-s1,e2-s2,(e1-s1)-(e2-s2));
-		}
-	}
-
diff --git a/thirdparty/openssl/crypto/rc4/rc4speed.c b/thirdparty/openssl/crypto/rc4/rc4speed.c
deleted file mode 100644
index 3f13a2b2bc..0000000000
--- a/thirdparty/openssl/crypto/rc4/rc4speed.c
+++ /dev/null
@@ -1,239 +0,0 @@
-/* crypto/rc4/rc4speed.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
-/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-# define TIMES
-#endif
-
-#include <stdio.h>
-
-#include <openssl/e_os2.h>
-#include OPENSSL_UNISTD_IO
-OPENSSL_DECLARE_EXIT
-#ifndef OPENSSL_SYS_NETWARE
-# include <signal.h>
-#endif
-#ifndef _IRIX
-# include <time.h>
-#endif
-#ifdef TIMES
-# include <sys/types.h>
-# include <sys/times.h>
-#endif
-    /*
-     * Depending on the VMS version, the tms structure is perhaps defined.
-     * The __TMS macro will show if it was.  If it wasn't defined, we should
-     * undefine TIMES, since that tells the rest of the program how things
-     * should be handled.  -- Richard Levitte
-     */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-# undef TIMES
-#endif
-#ifndef TIMES
-# include <sys/timeb.h>
-#endif
-#if defined(sun) || defined(__ultrix)
-# define _POSIX_SOURCE
-# include <limits.h>
-# include <sys/param.h>
-#endif
-#include <openssl/rc4.h>
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-# ifndef CLK_TCK
-#  define HZ      100.0
-# else                          /* CLK_TCK */
-#  define HZ ((double)CLK_TCK)
-# endif
-#endif
-#define BUFSIZE ((long)1024)
-long run = 0;
-
-double Time_F(int s);
-#ifdef SIGALRM
-# if defined(__STDC__) || defined(sgi) || defined(_AIX)
-#  define SIGRETTYPE void
-# else
-#  define SIGRETTYPE int
-# endif
-
-SIGRETTYPE sig_done(int sig);
-SIGRETTYPE sig_done(int sig)
-{
-    signal(SIGALRM, sig_done);
-    run = 0;
-# ifdef LINT
-    sig = sig;
-# endif
-}
-#endif
-
-#define START   0
-#define STOP    1
-
-double Time_F(int s)
-{
-    double ret;
-#ifdef TIMES
-    static struct tms tstart, tend;
-
-    if (s == START) {
-        times(&tstart);
-        return (0);
-    } else {
-        times(&tend);
-        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
-        return ((ret == 0.0) ? 1e-6 : ret);
-    }
-#else                           /* !times() */
-    static struct timeb tstart, tend;
-    long i;
-
-    if (s == START) {
-        ftime(&tstart);
-        return (0);
-    } else {
-        ftime(&tend);
-        i = (long)tend.millitm - (long)tstart.millitm;
-        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1e3;
-        return ((ret == 0.0) ? 1e-6 : ret);
-    }
-#endif
-}
-
-int main(int argc, char **argv)
-{
-    long count;
-    static unsigned char buf[BUFSIZE];
-    static unsigned char key[] = {
-        0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
-        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
-    };
-    RC4_KEY sch;
-    double a, b, c, d;
-#ifndef SIGALRM
-    long ca, cb, cc;
-#endif
-
-#ifndef TIMES
-    printf("To get the most accurate results, try to run this\n");
-    printf("program when this computer is idle.\n");
-#endif
-
-#ifndef SIGALRM
-    printf("First we calculate the approximate speed ...\n");
-    RC4_set_key(&sch, 16, key);
-    count = 10;
-    do {
-        long i;
-        unsigned long data[2];
-
-        count *= 2;
-        Time_F(START);
-        for (i = count; i; i--)
-            RC4(&sch, 8, buf, buf);
-        d = Time_F(STOP);
-    } while (d < 3.0);
-    ca = count / 512;
-    cc = count * 8 / BUFSIZE + 1;
-    printf("Doing RC4_set_key %ld times\n", ca);
-# define COND(d) (count != (d))
-# define COUNT(d) (d)
-#else
-# define COND(c) (run)
-# define COUNT(d) (count)
-    signal(SIGALRM, sig_done);
-    printf("Doing RC4_set_key for 10 seconds\n");
-    alarm(10);
-#endif
-
-    Time_F(START);
-    for (count = 0, run = 1; COND(ca); count += 4) {
-        RC4_set_key(&sch, 16, key);
-        RC4_set_key(&sch, 16, key);
-        RC4_set_key(&sch, 16, key);
-        RC4_set_key(&sch, 16, key);
-    }
-    d = Time_F(STOP);
-    printf("%ld RC4_set_key's in %.2f seconds\n", count, d);
-    a = ((double)COUNT(ca)) / d;
-
-#ifdef SIGALRM
-    printf("Doing RC4 on %ld byte blocks for 10 seconds\n", BUFSIZE);
-    alarm(10);
-#else
-    printf("Doing RC4 %ld times on %ld byte blocks\n", cc, BUFSIZE);
-#endif
-    Time_F(START);
-    for (count = 0, run = 1; COND(cc); count++)
-        RC4(&sch, BUFSIZE, buf, buf);
-    d = Time_F(STOP);
-    printf("%ld RC4's of %ld byte blocks in %.2f second\n",
-           count, BUFSIZE, d);
-    c = ((double)COUNT(cc) * BUFSIZE) / d;
-
-    printf("RC4 set_key per sec = %12.2f (%9.3fuS)\n", a, 1.0e6 / a);
-    printf("RC4   bytes per sec = %12.2f (%9.3fuS)\n", c, 8.0e6 / c);
-    exit(0);
-#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
-    return (0);
-#endif
-}
diff --git a/thirdparty/openssl/crypto/rc4/rrc4.doc b/thirdparty/openssl/crypto/rc4/rrc4.doc
deleted file mode 100644
index 2f9a953c12..0000000000
--- a/thirdparty/openssl/crypto/rc4/rrc4.doc
+++ /dev/null
@@ -1,278 +0,0 @@
-Newsgroups: sci.crypt,alt.security,comp.security.misc,alt.privacy
-Path: ghost.dsi.unimi.it!univ-lyon1.fr!jussieu.fr!zaphod.crihan.fr!warwick!clyde.open.ac.uk!strath-cs!bnr.co.uk!bt!pipex!howland.reston.ans.net!europa.eng.gtefsd.com!MathWorks.Com!yeshua.marcam.com!charnel.ecst.csuchico.edu!csusac!csus.edu!netcom.com!sterndark
-From: sterndark@netcom.com (David Sterndark)
-Subject: RC4 Algorithm revealed.
-Message-ID: <sternCvKL4B.Hyy@netcom.com>
-Sender: sterndark@netcom.com 
-Organization: NETCOM On-line Communication Services (408 261-4700 guest)
-X-Newsreader: TIN [version 1.2 PL1]
-Date: Wed, 14 Sep 1994 06:35:31 GMT
-Lines: 263
-Xref: ghost.dsi.unimi.it sci.crypt:27332 alt.security:14732 comp.security.misc:11701 alt.privacy:16026
-
-I am shocked,  shocked, I tell you,  shocked, to discover
-that the cypherpunks have illegaly and criminally revealed
-a crucial RSA trade secret and harmed the security of
-America by reverse engineering the RC4 algorithm and
-publishing it to the world.
- 
-On Saturday morning an anonymous cypherpunk wrote:
- 
- 
-   SUBJECT:  RC4 Source Code
- 
- 
-   I've tested this.  It is compatible with the RC4 object module
-   that comes in the various RSA toolkits.  
- 
-   /* rc4.h */
-   typedef struct rc4_key
-   {      
-        unsigned char state[256];       
-        unsigned char x;        
-        unsigned char y;
-   } rc4_key;
-   void prepare_key(unsigned char *key_data_ptr,int key_data_len,
-   rc4_key *key);
-   void rc4(unsigned char *buffer_ptr,int buffer_len,rc4_key * key);
-   
-   
-   /*rc4.c */
-   #include "rc4.h"
-   static void swap_byte(unsigned char *a, unsigned char *b);
-   void prepare_key(unsigned char *key_data_ptr, int key_data_len,
-   rc4_key *key)
-   {
-        unsigned char swapByte;
-        unsigned char index1;
-        unsigned char index2;
-        unsigned char* state;
-        short counter;     
-        
-        state = &key->state[0];         
-        for(counter = 0; counter < 256; counter++)              
-        state[counter] = counter;               
-        key->x = 0;     
-        key->y = 0;     
-        index1 = 0;     
-        index2 = 0;             
-        for(counter = 0; counter < 256; counter++)      
-        {               
-             index2 = (key_data_ptr[index1] + state[counter] +
-                index2) % 256;                
-             swap_byte(&state[counter], &state[index2]);            
-   
-             index1 = (index1 + 1) % key_data_len;  
-        }       
-    }
-    
-    void rc4(unsigned char *buffer_ptr, int buffer_len, rc4_key *key)
-    { 
-        unsigned char x;
-        unsigned char y;
-        unsigned char* state;
-        unsigned char xorIndex;
-        short counter;              
-        
-        x = key->x;     
-        y = key->y;     
-        
-        state = &key->state[0];         
-        for(counter = 0; counter < buffer_len; counter ++)      
-        {               
-             x = (x + 1) % 256;                      
-             y = (state[x] + y) % 256;               
-             swap_byte(&state[x], &state[y]);                        
-                  
-             xorIndex = (state[x] + state[y]) % 256;                 
-                  
-             buffer_ptr[counter] ^= state[xorIndex];         
-         }               
-         key->x = x;     
-         key->y = y;
-    }
-    
-    static void swap_byte(unsigned char *a, unsigned char *b)
-    {
-        unsigned char swapByte; 
-        
-        swapByte = *a; 
-        *a = *b;      
-        *b = swapByte;
-    }
- 
- 
- 
-Another cypherpunk, this one not anonymous, tested the
-output from this algorithm against the output from
-official RC4 object code
- 
- 
-   Date: Tue, 13 Sep 94 18:37:56 PDT
-   From: ekr@eit.COM (Eric Rescorla)
-   Message-Id: <9409140137.AA17743@eitech.eit.com>
-   Subject: RC4 compatibility testing
-   Cc: cypherpunks@toad.com
-   
-   One data point:
-   
-   I can't say anything about the internals of RC4 versus the
-   algorithm that Bill Sommerfeld is rightly calling 'Alleged RC4',
-   since I don't know anything about RC4's internals. 
-   
-   However, I do have a (legitimately acquired) copy of BSAFE2 and
-   so I'm able to compare the output of this algorithm to the output
-   of genuine RC4 as found in BSAFE. I chose a set of test vectors
-   and ran them through both algorithms. The algorithms appear to
-   give identical results, at least with these key/plaintext pairs.
-   
-   I note that this is the algorithm _without_ Hal Finney's
-   proposed modification
-   
-   (see <199409130605.XAA24133@jobe.shell.portal.com>).
-   
-   The vectors I used (together with the ciphertext they produce)
-   follow at the end of this message.
-   
-   -Ekr
-   
-   Disclaimer: This posting does not reflect the opinions of EIT.
-   
-   --------------------results follow--------------
-   Test vector 0
-   Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef 
-   Input: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef 
-   0 Output: 0x75 0xb7 0x87 0x80 0x99 0xe0 0xc5 0x96 
-   
-   Test vector 1
-   Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef 
-   Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
-   0 Output: 0x74 0x94 0xc2 0xe7 0x10 0x4b 0x08 0x79 
-   
-   Test vector 2
-   Key: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
-   Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
-   0 Output: 0xde 0x18 0x89 0x41 0xa3 0x37 0x5d 0x3a 
-   
-   Test vector 3
-   Key: 0xef 0x01 0x23 0x45 
-   Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
-   0 Output: 0xd6 0xa1 0x41 0xa7 0xec 0x3c 0x38 0xdf 0xbd 0x61 
-   
-   Test vector 4
-   Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef 
-   Input: 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
-   0x01 
-   0 Output: 0x75 0x95 0xc3 0xe6 0x11 0x4a 0x09 0x78 0x0c 0x4a 0xd4 
-   0x52 0x33 0x8e 0x1f 0xfd 0x9a 0x1b 0xe9 0x49 0x8f 
-   0x81 0x3d 0x76 0x53 0x34 0x49 0xb6 0x77 0x8d 0xca 
-   0xd8 0xc7 0x8a 0x8d 0x2b 0xa9 0xac 0x66 0x08 0x5d 
-   0x0e 0x53 0xd5 0x9c 0x26 0xc2 0xd1 0xc4 0x90 0xc1 
-   0xeb 0xbe 0x0c 0xe6 0x6d 0x1b 0x6b 0x1b 0x13 0xb6 
-   0xb9 0x19 0xb8 0x47 0xc2 0x5a 0x91 0x44 0x7a 0x95 
-   0xe7 0x5e 0x4e 0xf1 0x67 0x79 0xcd 0xe8 0xbf 0x0a 
-   0x95 0x85 0x0e 0x32 0xaf 0x96 0x89 0x44 0x4f 0xd3 
-   0x77 0x10 0x8f 0x98 0xfd 0xcb 0xd4 0xe7 0x26 0x56 
-   0x75 0x00 0x99 0x0b 0xcc 0x7e 0x0c 0xa3 0xc4 0xaa 
-   0xa3 0x04 0xa3 0x87 0xd2 0x0f 0x3b 0x8f 0xbb 0xcd 
-   0x42 0xa1 0xbd 0x31 0x1d 0x7a 0x43 0x03 0xdd 0xa5 
-   0xab 0x07 0x88 0x96 0xae 0x80 0xc1 0x8b 0x0a 0xf6 
-   0x6d 0xff 0x31 0x96 0x16 0xeb 0x78 0x4e 0x49 0x5a 
-   0xd2 0xce 0x90 0xd7 0xf7 0x72 0xa8 0x17 0x47 0xb6 
-   0x5f 0x62 0x09 0x3b 0x1e 0x0d 0xb9 0xe5 0xba 0x53 
-   0x2f 0xaf 0xec 0x47 0x50 0x83 0x23 0xe6 0x71 0x32 
-   0x7d 0xf9 0x44 0x44 0x32 0xcb 0x73 0x67 0xce 0xc8 
-   0x2f 0x5d 0x44 0xc0 0xd0 0x0b 0x67 0xd6 0x50 0xa0 
-   0x75 0xcd 0x4b 0x70 0xde 0xdd 0x77 0xeb 0x9b 0x10 
-   0x23 0x1b 0x6b 0x5b 0x74 0x13 0x47 0x39 0x6d 0x62 
-   0x89 0x74 0x21 0xd4 0x3d 0xf9 0xb4 0x2e 0x44 0x6e 
-   0x35 0x8e 0x9c 0x11 0xa9 0xb2 0x18 0x4e 0xcb 0xef 
-   0x0c 0xd8 0xe7 0xa8 0x77 0xef 0x96 0x8f 0x13 0x90 
-   0xec 0x9b 0x3d 0x35 0xa5 0x58 0x5c 0xb0 0x09 0x29 
-   0x0e 0x2f 0xcd 0xe7 0xb5 0xec 0x66 0xd9 0x08 0x4b 
-   0xe4 0x40 0x55 0xa6 0x19 0xd9 0xdd 0x7f 0xc3 0x16 
-   0x6f 0x94 0x87 0xf7 0xcb 0x27 0x29 0x12 0x42 0x64 
-   0x45 0x99 0x85 0x14 0xc1 0x5d 0x53 0xa1 0x8c 0x86 
-   0x4c 0xe3 0xa2 0xb7 0x55 0x57 0x93 0x98 0x81 0x26 
-   0x52 0x0e 0xac 0xf2 0xe3 0x06 0x6e 0x23 0x0c 0x91 
-   0xbe 0xe4 0xdd 0x53 0x04 0xf5 0xfd 0x04 0x05 0xb3 
-   0x5b 0xd9 0x9c 0x73 0x13 0x5d 0x3d 0x9b 0xc3 0x35 
-   0xee 0x04 0x9e 0xf6 0x9b 0x38 0x67 0xbf 0x2d 0x7b 
-   0xd1 0xea 0xa5 0x95 0xd8 0xbf 0xc0 0x06 0x6f 0xf8 
-   0xd3 0x15 0x09 0xeb 0x0c 0x6c 0xaa 0x00 0x6c 0x80 
-   0x7a 0x62 0x3e 0xf8 0x4c 0x3d 0x33 0xc1 0x95 0xd2 
-   0x3e 0xe3 0x20 0xc4 0x0d 0xe0 0x55 0x81 0x57 0xc8 
-   0x22 0xd4 0xb8 0xc5 0x69 0xd8 0x49 0xae 0xd5 0x9d 
-   0x4e 0x0f 0xd7 0xf3 0x79 0x58 0x6b 0x4b 0x7f 0xf6 
-   0x84 0xed 0x6a 0x18 0x9f 0x74 0x86 0xd4 0x9b 0x9c 
-   0x4b 0xad 0x9b 0xa2 0x4b 0x96 0xab 0xf9 0x24 0x37 
-   0x2c 0x8a 0x8f 0xff 0xb1 0x0d 0x55 0x35 0x49 0x00 
-   0xa7 0x7a 0x3d 0xb5 0xf2 0x05 0xe1 0xb9 0x9f 0xcd 
-   0x86 0x60 0x86 0x3a 0x15 0x9a 0xd4 0xab 0xe4 0x0f 
-   0xa4 0x89 0x34 0x16 0x3d 0xdd 0xe5 0x42 0xa6 0x58 
-   0x55 0x40 0xfd 0x68 0x3c 0xbf 0xd8 0xc0 0x0f 0x12 
-   0x12 0x9a 0x28 0x4d 0xea 0xcc 0x4c 0xde 0xfe 0x58 
-   0xbe 0x71 0x37 0x54 0x1c 0x04 0x71 0x26 0xc8 0xd4 
-   0x9e 0x27 0x55 0xab 0x18 0x1a 0xb7 0xe9 0x40 0xb0 
-   0xc0 
-   
-
-
--- 
- ---------------------------------------------------------------------
-We have the right to defend ourselves and our
-property, because of the kind of animals that we              James A. Donald
-are.  True law derives from this right, not from
-the arbitrary power of the omnipotent state.                jamesd@netcom.com
-
-
diff --git a/thirdparty/openssl/crypto/rc5/rc5.h b/thirdparty/openssl/crypto/rc5/rc5.h
deleted file mode 100644
index fba613713d..0000000000
--- a/thirdparty/openssl/crypto/rc5/rc5.h
+++ /dev/null
@@ -1,115 +0,0 @@
-/* crypto/rc5/rc5.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RC5_H
-# define HEADER_RC5_H
-
-# include <openssl/opensslconf.h>/* OPENSSL_NO_RC5 */
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# ifdef OPENSSL_NO_RC5
-#  error RC5 is disabled.
-# endif
-
-# define RC5_ENCRYPT     1
-# define RC5_DECRYPT     0
-
-/* 32 bit.  For Alpha, things may get weird */
-# define RC5_32_INT unsigned long
-
-# define RC5_32_BLOCK            8
-# define RC5_32_KEY_LENGTH       16/* This is a default, max is 255 */
-
-/*
- * This are the only values supported.  Tweak the code if you want more The
- * most supported modes will be RC5-32/12/16 RC5-32/16/8
- */
-# define RC5_8_ROUNDS    8
-# define RC5_12_ROUNDS   12
-# define RC5_16_ROUNDS   16
-
-typedef struct rc5_key_st {
-    /* Number of rounds */
-    int rounds;
-    RC5_32_INT data[2 * (RC5_16_ROUNDS + 1)];
-} RC5_32_KEY;
-
-void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data,
-                    int rounds);
-void RC5_32_ecb_encrypt(const unsigned char *in, unsigned char *out,
-                        RC5_32_KEY *key, int enc);
-void RC5_32_encrypt(unsigned long *data, RC5_32_KEY *key);
-void RC5_32_decrypt(unsigned long *data, RC5_32_KEY *key);
-void RC5_32_cbc_encrypt(const unsigned char *in, unsigned char *out,
-                        long length, RC5_32_KEY *ks, unsigned char *iv,
-                        int enc);
-void RC5_32_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-                          long length, RC5_32_KEY *schedule,
-                          unsigned char *ivec, int *num, int enc);
-void RC5_32_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-                          long length, RC5_32_KEY *schedule,
-                          unsigned char *ivec, int *num);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/crypto/rc5/rc5_ecb.c b/thirdparty/openssl/crypto/rc5/rc5_ecb.c
deleted file mode 100644
index e657a93b9a..0000000000
--- a/thirdparty/openssl/crypto/rc5/rc5_ecb.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* crypto/rc5/rc5_ecb.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc5.h>
-#include "rc5_locl.h"
-#include <openssl/opensslv.h>
-
-const char RC5_version[] = "RC5" OPENSSL_VERSION_PTEXT;
-
-void RC5_32_ecb_encrypt(const unsigned char *in, unsigned char *out,
-                        RC5_32_KEY *ks, int encrypt)
-{
-    unsigned long l, d[2];
-
-    c2l(in, l);
-    d[0] = l;
-    c2l(in, l);
-    d[1] = l;
-    if (encrypt)
-        RC5_32_encrypt(d, ks);
-    else
-        RC5_32_decrypt(d, ks);
-    l = d[0];
-    l2c(l, out);
-    l = d[1];
-    l2c(l, out);
-    l = d[0] = d[1] = 0;
-}
diff --git a/thirdparty/openssl/crypto/rc5/rc5_enc.c b/thirdparty/openssl/crypto/rc5/rc5_enc.c
deleted file mode 100644
index 06b89d83a1..0000000000
--- a/thirdparty/openssl/crypto/rc5/rc5_enc.c
+++ /dev/null
@@ -1,209 +0,0 @@
-/* crypto/rc5/rc5_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/rc5.h>
-#include "rc5_locl.h"
-
-void RC5_32_cbc_encrypt(const unsigned char *in, unsigned char *out,
-                        long length, RC5_32_KEY *ks, unsigned char *iv,
-                        int encrypt)
-{
-    register unsigned long tin0, tin1;
-    register unsigned long tout0, tout1, xor0, xor1;
-    register long l = length;
-    unsigned long tin[2];
-
-    if (encrypt) {
-        c2l(iv, tout0);
-        c2l(iv, tout1);
-        iv -= 8;
-        for (l -= 8; l >= 0; l -= 8) {
-            c2l(in, tin0);
-            c2l(in, tin1);
-            tin0 ^= tout0;
-            tin1 ^= tout1;
-            tin[0] = tin0;
-            tin[1] = tin1;
-            RC5_32_encrypt(tin, ks);
-            tout0 = tin[0];
-            l2c(tout0, out);
-            tout1 = tin[1];
-            l2c(tout1, out);
-        }
-        if (l != -8) {
-            c2ln(in, tin0, tin1, l + 8);
-            tin0 ^= tout0;
-            tin1 ^= tout1;
-            tin[0] = tin0;
-            tin[1] = tin1;
-            RC5_32_encrypt(tin, ks);
-            tout0 = tin[0];
-            l2c(tout0, out);
-            tout1 = tin[1];
-            l2c(tout1, out);
-        }
-        l2c(tout0, iv);
-        l2c(tout1, iv);
-    } else {
-        c2l(iv, xor0);
-        c2l(iv, xor1);
-        iv -= 8;
-        for (l -= 8; l >= 0; l -= 8) {
-            c2l(in, tin0);
-            tin[0] = tin0;
-            c2l(in, tin1);
-            tin[1] = tin1;
-            RC5_32_decrypt(tin, ks);
-            tout0 = tin[0] ^ xor0;
-            tout1 = tin[1] ^ xor1;
-            l2c(tout0, out);
-            l2c(tout1, out);
-            xor0 = tin0;
-            xor1 = tin1;
-        }
-        if (l != -8) {
-            c2l(in, tin0);
-            tin[0] = tin0;
-            c2l(in, tin1);
-            tin[1] = tin1;
-            RC5_32_decrypt(tin, ks);
-            tout0 = tin[0] ^ xor0;
-            tout1 = tin[1] ^ xor1;
-            l2cn(tout0, tout1, out, l + 8);
-            xor0 = tin0;
-            xor1 = tin1;
-        }
-        l2c(xor0, iv);
-        l2c(xor1, iv);
-    }
-    tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
-    tin[0] = tin[1] = 0;
-}
-
-void RC5_32_encrypt(unsigned long *d, RC5_32_KEY *key)
-{
-    RC5_32_INT a, b, *s;
-
-    s = key->data;
-
-    a = d[0] + s[0];
-    b = d[1] + s[1];
-    E_RC5_32(a, b, s, 2);
-    E_RC5_32(a, b, s, 4);
-    E_RC5_32(a, b, s, 6);
-    E_RC5_32(a, b, s, 8);
-    E_RC5_32(a, b, s, 10);
-    E_RC5_32(a, b, s, 12);
-    E_RC5_32(a, b, s, 14);
-    E_RC5_32(a, b, s, 16);
-    if (key->rounds == 12) {
-        E_RC5_32(a, b, s, 18);
-        E_RC5_32(a, b, s, 20);
-        E_RC5_32(a, b, s, 22);
-        E_RC5_32(a, b, s, 24);
-    } else if (key->rounds == 16) {
-        /* Do a full expansion to avoid a jump */
-        E_RC5_32(a, b, s, 18);
-        E_RC5_32(a, b, s, 20);
-        E_RC5_32(a, b, s, 22);
-        E_RC5_32(a, b, s, 24);
-        E_RC5_32(a, b, s, 26);
-        E_RC5_32(a, b, s, 28);
-        E_RC5_32(a, b, s, 30);
-        E_RC5_32(a, b, s, 32);
-    }
-    d[0] = a;
-    d[1] = b;
-}
-
-void RC5_32_decrypt(unsigned long *d, RC5_32_KEY *key)
-{
-    RC5_32_INT a, b, *s;
-
-    s = key->data;
-
-    a = d[0];
-    b = d[1];
-    if (key->rounds == 16) {
-        D_RC5_32(a, b, s, 32);
-        D_RC5_32(a, b, s, 30);
-        D_RC5_32(a, b, s, 28);
-        D_RC5_32(a, b, s, 26);
-        /* Do a full expansion to avoid a jump */
-        D_RC5_32(a, b, s, 24);
-        D_RC5_32(a, b, s, 22);
-        D_RC5_32(a, b, s, 20);
-        D_RC5_32(a, b, s, 18);
-    } else if (key->rounds == 12) {
-        D_RC5_32(a, b, s, 24);
-        D_RC5_32(a, b, s, 22);
-        D_RC5_32(a, b, s, 20);
-        D_RC5_32(a, b, s, 18);
-    }
-    D_RC5_32(a, b, s, 16);
-    D_RC5_32(a, b, s, 14);
-    D_RC5_32(a, b, s, 12);
-    D_RC5_32(a, b, s, 10);
-    D_RC5_32(a, b, s, 8);
-    D_RC5_32(a, b, s, 6);
-    D_RC5_32(a, b, s, 4);
-    D_RC5_32(a, b, s, 2);
-    d[0] = a - s[0];
-    d[1] = b - s[1];
-}
diff --git a/thirdparty/openssl/crypto/rc5/rc5_locl.h b/thirdparty/openssl/crypto/rc5/rc5_locl.h
deleted file mode 100644
index ee757e6477..0000000000
--- a/thirdparty/openssl/crypto/rc5/rc5_locl.h
+++ /dev/null
@@ -1,207 +0,0 @@
-/* crypto/rc5/rc5_locl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-
-#undef c2l
-#define c2l(c,l)        (l =((unsigned long)(*((c)++)))    , \
-                         l|=((unsigned long)(*((c)++)))<< 8L, \
-                         l|=((unsigned long)(*((c)++)))<<16L, \
-                         l|=((unsigned long)(*((c)++)))<<24L)
-
-/* NOTE - c is not incremented as per c2l */
-#undef c2ln
-#define c2ln(c,l1,l2,n) { \
-                        c+=n; \
-                        l1=l2=0; \
-                        switch (n) { \
-                        case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
-                        case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
-                        case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
-                        case 5: l2|=((unsigned long)(*(--(c))));     \
-                        case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
-                        case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
-                        case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
-                        case 1: l1|=((unsigned long)(*(--(c))));     \
-                                } \
-                        }
-
-#undef l2c
-#define l2c(l,c)        (*((c)++)=(unsigned char)(((l)     )&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#undef l2cn
-#define l2cn(l1,l2,c,n) { \
-                        c+=n; \
-                        switch (n) { \
-                        case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
-                        case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
-                        case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
-                        case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
-                        case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
-                        case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
-                        case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
-                        case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
-                                } \
-                        }
-
-/* NOTE - c is not incremented as per n2l */
-#define n2ln(c,l1,l2,n) { \
-                        c+=n; \
-                        l1=l2=0; \
-                        switch (n) { \
-                        case 8: l2 =((unsigned long)(*(--(c))))    ; \
-                        case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
-                        case 6: l2|=((unsigned long)(*(--(c))))<<16; \
-                        case 5: l2|=((unsigned long)(*(--(c))))<<24; \
-                        case 4: l1 =((unsigned long)(*(--(c))))    ; \
-                        case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
-                        case 2: l1|=((unsigned long)(*(--(c))))<<16; \
-                        case 1: l1|=((unsigned long)(*(--(c))))<<24; \
-                                } \
-                        }
-
-/* NOTE - c is not incremented as per l2n */
-#define l2nn(l1,l2,c,n) { \
-                        c+=n; \
-                        switch (n) { \
-                        case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
-                        case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
-                        case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
-                        case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
-                        case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
-                        case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
-                        case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
-                        case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
-                                } \
-                        }
-
-#undef n2l
-#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
-                         l|=((unsigned long)(*((c)++)))<<16L, \
-                         l|=((unsigned long)(*((c)++)))<< 8L, \
-                         l|=((unsigned long)(*((c)++))))
-
-#undef l2n
-#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)     )&0xff))
-
-#if (defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER))
-# define ROTATE_l32(a,n)     _lrotl(a,n)
-# define ROTATE_r32(a,n)     _lrotr(a,n)
-#elif defined(__ICC)
-# define ROTATE_l32(a,n)     _rotl(a,n)
-# define ROTATE_r32(a,n)     _rotr(a,n)
-#elif defined(__GNUC__) && __GNUC__>=2 && !defined(__STRICT_ANSI__) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC)
-# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
-#  define ROTATE_l32(a,n)       ({ register unsigned int ret;   \
-                                        asm ("roll %%cl,%0"     \
-                                                : "=r"(ret)     \
-                                                : "c"(n),"0"((unsigned int)(a)) \
-                                                : "cc");        \
-                                        ret;                    \
-                                })
-#  define ROTATE_r32(a,n)       ({ register unsigned int ret;   \
-                                        asm ("rorl %%cl,%0"     \
-                                                : "=r"(ret)     \
-                                                : "c"(n),"0"((unsigned int)(a)) \
-                                                : "cc");        \
-                                        ret;                    \
-                                })
-# endif
-#endif
-#ifndef ROTATE_l32
-# define ROTATE_l32(a,n)     (((a)<<(n&0x1f))|(((a)&0xffffffff)>>(32-(n&0x1f))))
-#endif
-#ifndef ROTATE_r32
-# define ROTATE_r32(a,n)     (((a)<<(32-(n&0x1f)))|(((a)&0xffffffff)>>(n&0x1f)))
-#endif
-
-#define RC5_32_MASK     0xffffffffL
-
-#define RC5_16_P        0xB7E1
-#define RC5_16_Q        0x9E37
-#define RC5_32_P        0xB7E15163L
-#define RC5_32_Q        0x9E3779B9L
-#define RC5_64_P        0xB7E151628AED2A6BLL
-#define RC5_64_Q        0x9E3779B97F4A7C15LL
-
-#define E_RC5_32(a,b,s,n) \
-        a^=b; \
-        a=ROTATE_l32(a,b); \
-        a+=s[n]; \
-        a&=RC5_32_MASK; \
-        b^=a; \
-        b=ROTATE_l32(b,a); \
-        b+=s[n+1]; \
-        b&=RC5_32_MASK;
-
-#define D_RC5_32(a,b,s,n) \
-        b-=s[n+1]; \
-        b&=RC5_32_MASK; \
-        b=ROTATE_r32(b,a); \
-        b^=a; \
-        a-=s[n]; \
-        a&=RC5_32_MASK; \
-        a=ROTATE_r32(a,b); \
-        a^=b;
diff --git a/thirdparty/openssl/crypto/rc5/rc5_skey.c b/thirdparty/openssl/crypto/rc5/rc5_skey.c
deleted file mode 100644
index 5dd4a52743..0000000000
--- a/thirdparty/openssl/crypto/rc5/rc5_skey.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* crypto/rc5/rc5_skey.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc5.h>
-#include "rc5_locl.h"
-
-void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data,
-                    int rounds)
-{
-    RC5_32_INT L[64], l, ll, A, B, *S, k;
-    int i, j, m, c, t, ii, jj;
-
-    if ((rounds != RC5_16_ROUNDS) &&
-        (rounds != RC5_12_ROUNDS) && (rounds != RC5_8_ROUNDS))
-        rounds = RC5_16_ROUNDS;
-
-    key->rounds = rounds;
-    S = &(key->data[0]);
-    j = 0;
-    for (i = 0; i <= (len - 8); i += 8) {
-        c2l(data, l);
-        L[j++] = l;
-        c2l(data, l);
-        L[j++] = l;
-    }
-    ii = len - i;
-    if (ii) {
-        k = len & 0x07;
-        c2ln(data, l, ll, k);
-        L[j + 0] = l;
-        L[j + 1] = ll;
-    }
-
-    c = (len + 3) / 4;
-    t = (rounds + 1) * 2;
-    S[0] = RC5_32_P;
-    for (i = 1; i < t; i++)
-        S[i] = (S[i - 1] + RC5_32_Q) & RC5_32_MASK;
-
-    j = (t > c) ? t : c;
-    j *= 3;
-    ii = jj = 0;
-    A = B = 0;
-    for (i = 0; i < j; i++) {
-        k = (S[ii] + A + B) & RC5_32_MASK;
-        A = S[ii] = ROTATE_l32(k, 3);
-        m = (int)(A + B);
-        k = (L[jj] + A + B) & RC5_32_MASK;
-        B = L[jj] = ROTATE_l32(k, m);
-        if (++ii >= t)
-            ii = 0;
-        if (++jj >= c)
-            jj = 0;
-    }
-}
diff --git a/thirdparty/openssl/crypto/rc5/rc5cfb64.c b/thirdparty/openssl/crypto/rc5/rc5cfb64.c
deleted file mode 100644
index a3813e030b..0000000000
--- a/thirdparty/openssl/crypto/rc5/rc5cfb64.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/* crypto/rc5/rc5cfb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc5.h>
-#include "rc5_locl.h"
-
-/*
- * The input and output encrypted as though 64bit cfb mode is being used.
- * The extra state information to record how much of the 64bit block we have
- * used is contained in *num;
- */
-
-void RC5_32_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-                          long length, RC5_32_KEY *schedule,
-                          unsigned char *ivec, int *num, int encrypt)
-{
-    register unsigned long v0, v1, t;
-    register int n = *num;
-    register long l = length;
-    unsigned long ti[2];
-    unsigned char *iv, c, cc;
-
-    iv = (unsigned char *)ivec;
-    if (encrypt) {
-        while (l--) {
-            if (n == 0) {
-                c2l(iv, v0);
-                ti[0] = v0;
-                c2l(iv, v1);
-                ti[1] = v1;
-                RC5_32_encrypt((unsigned long *)ti, schedule);
-                iv = (unsigned char *)ivec;
-                t = ti[0];
-                l2c(t, iv);
-                t = ti[1];
-                l2c(t, iv);
-                iv = (unsigned char *)ivec;
-            }
-            c = *(in++) ^ iv[n];
-            *(out++) = c;
-            iv[n] = c;
-            n = (n + 1) & 0x07;
-        }
-    } else {
-        while (l--) {
-            if (n == 0) {
-                c2l(iv, v0);
-                ti[0] = v0;
-                c2l(iv, v1);
-                ti[1] = v1;
-                RC5_32_encrypt((unsigned long *)ti, schedule);
-                iv = (unsigned char *)ivec;
-                t = ti[0];
-                l2c(t, iv);
-                t = ti[1];
-                l2c(t, iv);
-                iv = (unsigned char *)ivec;
-            }
-            cc = *(in++);
-            c = iv[n];
-            iv[n] = cc;
-            *(out++) = c ^ cc;
-            n = (n + 1) & 0x07;
-        }
-    }
-    v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
-    *num = n;
-}
diff --git a/thirdparty/openssl/crypto/rc5/rc5ofb64.c b/thirdparty/openssl/crypto/rc5/rc5ofb64.c
deleted file mode 100644
index d3c63067b7..0000000000
--- a/thirdparty/openssl/crypto/rc5/rc5ofb64.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* crypto/rc5/rc5ofb64.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc5.h>
-#include "rc5_locl.h"
-
-/*
- * The input and output encrypted as though 64bit ofb mode is being used.
- * The extra state information to record how much of the 64bit block we have
- * used is contained in *num;
- */
-void RC5_32_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-                          long length, RC5_32_KEY *schedule,
-                          unsigned char *ivec, int *num)
-{
-    register unsigned long v0, v1, t;
-    register int n = *num;
-    register long l = length;
-    unsigned char d[8];
-    register char *dp;
-    unsigned long ti[2];
-    unsigned char *iv;
-    int save = 0;
-
-    iv = (unsigned char *)ivec;
-    c2l(iv, v0);
-    c2l(iv, v1);
-    ti[0] = v0;
-    ti[1] = v1;
-    dp = (char *)d;
-    l2c(v0, dp);
-    l2c(v1, dp);
-    while (l--) {
-        if (n == 0) {
-            RC5_32_encrypt((unsigned long *)ti, schedule);
-            dp = (char *)d;
-            t = ti[0];
-            l2c(t, dp);
-            t = ti[1];
-            l2c(t, dp);
-            save++;
-        }
-        *(out++) = *(in++) ^ d[n];
-        n = (n + 1) & 0x07;
-    }
-    if (save) {
-        v0 = ti[0];
-        v1 = ti[1];
-        iv = (unsigned char *)ivec;
-        l2c(v0, iv);
-        l2c(v1, iv);
-    }
-    t = v0 = v1 = ti[0] = ti[1] = 0;
-    *num = n;
-}
diff --git a/thirdparty/openssl/crypto/rc5/rc5s.cpp b/thirdparty/openssl/crypto/rc5/rc5s.cpp
deleted file mode 100644
index 1c5518bc80..0000000000
--- a/thirdparty/openssl/crypto/rc5/rc5s.cpp
+++ /dev/null
@@ -1,70 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/rc5.h>
-
-void main(int argc,char *argv[])
-	{
-	RC5_32_KEY key;
-	unsigned long s1,s2,e1,e2;
-	unsigned long data[2];
-	int i,j;
-	static unsigned char d[16]={0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF};
-
-	RC5_32_set_key(&key, 16,d,12);
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<1000; i++) /**/
-			{
-			RC5_32_encrypt(&data[0],&key);
-			GetTSC(s1);
-			RC5_32_encrypt(&data[0],&key);
-			RC5_32_encrypt(&data[0],&key);
-			RC5_32_encrypt(&data[0],&key);
-			GetTSC(e1);
-			GetTSC(s2);
-			RC5_32_encrypt(&data[0],&key);
-			RC5_32_encrypt(&data[0],&key);
-			RC5_32_encrypt(&data[0],&key);
-			RC5_32_encrypt(&data[0],&key);
-			GetTSC(e2);
-			RC5_32_encrypt(&data[0],&key);
-			}
-
-		printf("cast %d %d (%d)\n",
-			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
-		}
-	}
-
diff --git a/thirdparty/openssl/crypto/rc5/rc5speed.c b/thirdparty/openssl/crypto/rc5/rc5speed.c
deleted file mode 100644
index 3f595704a9..0000000000
--- a/thirdparty/openssl/crypto/rc5/rc5speed.c
+++ /dev/null
@@ -1,265 +0,0 @@
-/* crypto/rc5/rc5speed.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
-/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
-
-#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
-# define TIMES
-#endif
-
-#include <stdio.h>
-
-#include <openssl/e_os2.h>
-#include OPENSSL_UNISTD_IO
-OPENSSL_DECLARE_EXIT
-#ifndef OPENSSL_SYS_NETWARE
-# include <signal.h>
-#endif
-#ifndef _IRIX
-# include <time.h>
-#endif
-#ifdef TIMES
-# include <sys/types.h>
-# include <sys/times.h>
-#endif
-    /*
-     * Depending on the VMS version, the tms structure is perhaps defined.
-     * The __TMS macro will show if it was.  If it wasn't defined, we should
-     * undefine TIMES, since that tells the rest of the program how things
-     * should be handled.  -- Richard Levitte
-     */
-#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
-# undef TIMES
-#endif
-#ifndef TIMES
-# include <sys/timeb.h>
-#endif
-#if defined(sun) || defined(__ultrix)
-# define _POSIX_SOURCE
-# include <limits.h>
-# include <sys/param.h>
-#endif
-#include <openssl/rc5.h>
-/* The following if from times(3) man page.  It may need to be changed */
-#ifndef HZ
-# ifndef CLK_TCK
-#  define HZ      100.0
-# else                          /* CLK_TCK */
-#  define HZ ((double)CLK_TCK)
-# endif
-#endif
-#define BUFSIZE ((long)1024)
-long run = 0;
-
-double Time_F(int s);
-#ifdef SIGALRM
-# if defined(__STDC__) || defined(sgi) || defined(_AIX)
-#  define SIGRETTYPE void
-# else
-#  define SIGRETTYPE int
-# endif
-
-SIGRETTYPE sig_done(int sig);
-SIGRETTYPE sig_done(int sig)
-{
-    signal(SIGALRM, sig_done);
-    run = 0;
-# ifdef LINT
-    sig = sig;
-# endif
-}
-#endif
-
-#define START   0
-#define STOP    1
-
-double Time_F(int s)
-{
-    double ret;
-#ifdef TIMES
-    static struct tms tstart, tend;
-
-    if (s == START) {
-        times(&tstart);
-        return (0);
-    } else {
-        times(&tend);
-        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
-        return ((ret == 0.0) ? 1e-6 : ret);
-    }
-#else                           /* !times() */
-    static struct timeb tstart, tend;
-    long i;
-
-    if (s == START) {
-        ftime(&tstart);
-        return (0);
-    } else {
-        ftime(&tend);
-        i = (long)tend.millitm - (long)tstart.millitm;
-        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1e3;
-        return ((ret == 0.0) ? 1e-6 : ret);
-    }
-#endif
-}
-
-int main(int argc, char **argv)
-{
-    long count;
-    static unsigned char buf[BUFSIZE];
-    static unsigned char key[] = {
-        0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
-        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
-    };
-    RC5_32_KEY sch;
-    double a, b, c, d;
-#ifndef SIGALRM
-    long ca, cb, cc;
-#endif
-
-#ifndef TIMES
-    printf("To get the most accurate results, try to run this\n");
-    printf("program when this computer is idle.\n");
-#endif
-
-#ifndef SIGALRM
-    printf("First we calculate the approximate speed ...\n");
-    RC5_32_set_key(&sch, 16, key, 12);
-    count = 10;
-    do {
-        long i;
-        unsigned long data[2];
-
-        count *= 2;
-        Time_F(START);
-        for (i = count; i; i--)
-            RC5_32_encrypt(data, &sch);
-        d = Time_F(STOP);
-    } while (d < 3.0);
-    ca = count / 512;
-    cb = count;
-    cc = count * 8 / BUFSIZE + 1;
-    printf("Doing RC5_32_set_key %ld times\n", ca);
-# define COND(d) (count != (d))
-# define COUNT(d) (d)
-#else
-# define COND(c) (run)
-# define COUNT(d) (count)
-    signal(SIGALRM, sig_done);
-    printf("Doing RC5_32_set_key for 10 seconds\n");
-    alarm(10);
-#endif
-
-    Time_F(START);
-    for (count = 0, run = 1; COND(ca); count += 4) {
-        RC5_32_set_key(&sch, 16, key, 12);
-        RC5_32_set_key(&sch, 16, key, 12);
-        RC5_32_set_key(&sch, 16, key, 12);
-        RC5_32_set_key(&sch, 16, key, 12);
-    }
-    d = Time_F(STOP);
-    printf("%ld RC5_32_set_key's in %.2f seconds\n", count, d);
-    a = ((double)COUNT(ca)) / d;
-
-#ifdef SIGALRM
-    printf("Doing RC5_32_encrypt's for 10 seconds\n");
-    alarm(10);
-#else
-    printf("Doing RC5_32_encrypt %ld times\n", cb);
-#endif
-    Time_F(START);
-    for (count = 0, run = 1; COND(cb); count += 4) {
-        unsigned long data[2];
-
-        RC5_32_encrypt(data, &sch);
-        RC5_32_encrypt(data, &sch);
-        RC5_32_encrypt(data, &sch);
-        RC5_32_encrypt(data, &sch);
-    }
-    d = Time_F(STOP);
-    printf("%ld RC5_32_encrypt's in %.2f second\n", count, d);
-    b = ((double)COUNT(cb) * 8) / d;
-
-#ifdef SIGALRM
-    printf("Doing RC5_32_cbc_encrypt on %ld byte blocks for 10 seconds\n",
-           BUFSIZE);
-    alarm(10);
-#else
-    printf("Doing RC5_32_cbc_encrypt %ld times on %ld byte blocks\n", cc,
-           BUFSIZE);
-#endif
-    Time_F(START);
-    for (count = 0, run = 1; COND(cc); count++)
-        RC5_32_cbc_encrypt(buf, buf, BUFSIZE, &sch, &(key[0]), RC5_ENCRYPT);
-    d = Time_F(STOP);
-    printf("%ld RC5_32_cbc_encrypt's of %ld byte blocks in %.2f second\n",
-           count, BUFSIZE, d);
-    c = ((double)COUNT(cc) * BUFSIZE) / d;
-
-    printf("RC5_32/12/16 set_key       per sec = %12.2f (%9.3fuS)\n", a,
-           1.0e6 / a);
-    printf("RC5_32/12/16 raw ecb bytes per sec = %12.2f (%9.3fuS)\n", b,
-           8.0e6 / b);
-    printf("RC5_32/12/16 cbc     bytes per sec = %12.2f (%9.3fuS)\n", c,
-           8.0e6 / c);
-    exit(0);
-#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
-    return (0);
-#endif
-}
diff --git a/thirdparty/openssl/crypto/ripemd/README b/thirdparty/openssl/crypto/ripemd/README
deleted file mode 100644
index f1ffc8b134..0000000000
--- a/thirdparty/openssl/crypto/ripemd/README
+++ /dev/null
@@ -1,15 +0,0 @@
-RIPEMD-160
-http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
-
-This is my implementation of RIPEMD-160.  The pentium assember is a little
-off the pace since I only get 1050 cycles, while the best is 1013.
-I have a few ideas for how to get another 20 or so cycles, but at
-this point I will not bother right now.  I believe the trick will be
-to remove my 'copy X array onto stack' until inside the RIP1() finctions the
-first time round.  To do this I need another register and will only have one
-temporary one.  A bit tricky....  I can also cleanup the saving of the 5 words
-after the first half of the calculation.  I should read the origional
-value, add then write.  Currently I just save the new and read the origioal.
-I then read both at the end.  Bad.
-
-eric (20-Jan-1998)
diff --git a/thirdparty/openssl/crypto/ripemd/asm/rips.cpp b/thirdparty/openssl/crypto/ripemd/asm/rips.cpp
deleted file mode 100644
index f7a13677a9..0000000000
--- a/thirdparty/openssl/crypto/ripemd/asm/rips.cpp
+++ /dev/null
@@ -1,82 +0,0 @@
-//
-// gettsc.inl
-//
-// gives access to the Pentium's (secret) cycle counter
-//
-// This software was written by Leonard Janke (janke@unixg.ubc.ca)
-// in 1996-7 and is entered, by him, into the public domain.
-
-#if defined(__WATCOMC__)
-void GetTSC(unsigned long&);
-#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
-#elif defined(__GNUC__)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  asm volatile(".byte 15, 49\n\t"
-	       : "=eax" (tsc)
-	       :
-	       : "%edx", "%eax");
-}
-#elif defined(_MSC_VER)
-inline
-void GetTSC(unsigned long& tsc)
-{
-  unsigned long a;
-  __asm _emit 0fh
-  __asm _emit 31h
-  __asm mov a, eax;
-  tsc=a;
-}
-#endif      
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/ripemd.h>
-
-#define ripemd160_block_x86 ripemd160_block_asm_host_order
-
-extern "C" {
-void ripemd160_block_x86(RIPEMD160_CTX *ctx, unsigned char *buffer,int num);
-}
-
-void main(int argc,char *argv[])
-	{
-	unsigned char buffer[64*256];
-	RIPEMD160_CTX ctx;
-	unsigned long s1,s2,e1,e2;
-	unsigned char k[16];
-	unsigned long data[2];
-	unsigned char iv[8];
-	int i,num=0,numm;
-	int j=0;
-
-	if (argc >= 2)
-		num=atoi(argv[1]);
-
-	if (num == 0) num=16;
-	if (num > 250) num=16;
-	numm=num+2;
-#if 0
-	num*=64;
-	numm*=64;
-#endif
-
-	for (j=0; j<6; j++)
-		{
-		for (i=0; i<10; i++) /**/
-			{
-			ripemd160_block_x86(&ctx,buffer,numm);
-			GetTSC(s1);
-			ripemd160_block_x86(&ctx,buffer,numm);
-			GetTSC(e1);
-			GetTSC(s2);
-			ripemd160_block_x86(&ctx,buffer,num);
-			GetTSC(e2);
-			ripemd160_block_x86(&ctx,buffer,num);
-			}
-		printf("ripemd160 (%d bytes) %d %d (%.2f)\n",num*64,
-			e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
-		}
-	}
-
diff --git a/thirdparty/openssl/crypto/ripemd/rmd160.c b/thirdparty/openssl/crypto/ripemd/rmd160.c
deleted file mode 100644
index a4f8007040..0000000000
--- a/thirdparty/openssl/crypto/ripemd/rmd160.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* crypto/ripemd/rmd160.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/ripemd.h>
-
-#define BUFSIZE 1024*16
-
-void do_fp(FILE *f);
-void pt(unsigned char *md);
-#if !defined(_OSD_POSIX) && !defined(__DJGPP__)
-int read(int, void *, unsigned int);
-#endif
-
-int main(int argc, char **argv)
-{
-    int i, err = 0;
-    FILE *IN;
-
-    if (argc == 1) {
-        do_fp(stdin);
-    } else {
-        for (i = 1; i < argc; i++) {
-            IN = fopen(argv[i], "r");
-            if (IN == NULL) {
-                perror(argv[i]);
-                err++;
-                continue;
-            }
-            printf("RIPEMD160(%s)= ", argv[i]);
-            do_fp(IN);
-            fclose(IN);
-        }
-    }
-    exit(err);
-}
-
-void do_fp(FILE *f)
-{
-    RIPEMD160_CTX c;
-    unsigned char md[RIPEMD160_DIGEST_LENGTH];
-    int fd;
-    int i;
-    static unsigned char buf[BUFSIZE];
-
-    fd = fileno(f);
-    RIPEMD160_Init(&c);
-    for (;;) {
-        i = read(fd, buf, BUFSIZE);
-        if (i <= 0)
-            break;
-        RIPEMD160_Update(&c, buf, (unsigned long)i);
-    }
-    RIPEMD160_Final(&(md[0]), &c);
-    pt(md);
-}
-
-void pt(unsigned char *md)
-{
-    int i;
-
-    for (i = 0; i < RIPEMD160_DIGEST_LENGTH; i++)
-        printf("%02x", md[i]);
-    printf("\n");
-}
diff --git a/thirdparty/openssl/crypto/ripemd/rmd_dgst.c b/thirdparty/openssl/crypto/ripemd/rmd_dgst.c
deleted file mode 100644
index 4ddd939fcf..0000000000
--- a/thirdparty/openssl/crypto/ripemd/rmd_dgst.c
+++ /dev/null
@@ -1,334 +0,0 @@
-/* crypto/ripemd/rmd_dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "rmd_locl.h"
-#include <openssl/opensslv.h>
-#include <openssl/crypto.h>
-
-const char RMD160_version[] = "RIPE-MD160" OPENSSL_VERSION_PTEXT;
-
-#ifdef RMD160_ASM
-void ripemd160_block_x86(RIPEMD160_CTX *c, unsigned long *p, size_t num);
-# define ripemd160_block ripemd160_block_x86
-#else
-void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p, size_t num);
-#endif
-
-fips_md_init(RIPEMD160)
-{
-    memset(c, 0, sizeof(*c));
-    c->A = RIPEMD160_A;
-    c->B = RIPEMD160_B;
-    c->C = RIPEMD160_C;
-    c->D = RIPEMD160_D;
-    c->E = RIPEMD160_E;
-    return 1;
-}
-
-#ifndef ripemd160_block_data_order
-# ifdef X
-#  undef X
-# endif
-void ripemd160_block_data_order(RIPEMD160_CTX *ctx, const void *p, size_t num)
-{
-    const unsigned char *data = p;
-    register unsigned MD32_REG_T A, B, C, D, E;
-    unsigned MD32_REG_T a, b, c, d, e, l;
-# ifndef MD32_XARRAY
-    /* See comment in crypto/sha/sha_locl.h for details. */
-    unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
-        XX8, XX9, XX10, XX11, XX12, XX13, XX14, XX15;
-#  define X(i)   XX##i
-# else
-    RIPEMD160_LONG XX[16];
-#  define X(i)   XX[i]
-# endif
-
-    for (; num--;) {
-
-        A = ctx->A;
-        B = ctx->B;
-        C = ctx->C;
-        D = ctx->D;
-        E = ctx->E;
-
-        (void)HOST_c2l(data, l);
-        X(0) = l;
-        (void)HOST_c2l(data, l);
-        X(1) = l;
-        RIP1(A, B, C, D, E, WL00, SL00);
-        (void)HOST_c2l(data, l);
-        X(2) = l;
-        RIP1(E, A, B, C, D, WL01, SL01);
-        (void)HOST_c2l(data, l);
-        X(3) = l;
-        RIP1(D, E, A, B, C, WL02, SL02);
-        (void)HOST_c2l(data, l);
-        X(4) = l;
-        RIP1(C, D, E, A, B, WL03, SL03);
-        (void)HOST_c2l(data, l);
-        X(5) = l;
-        RIP1(B, C, D, E, A, WL04, SL04);
-        (void)HOST_c2l(data, l);
-        X(6) = l;
-        RIP1(A, B, C, D, E, WL05, SL05);
-        (void)HOST_c2l(data, l);
-        X(7) = l;
-        RIP1(E, A, B, C, D, WL06, SL06);
-        (void)HOST_c2l(data, l);
-        X(8) = l;
-        RIP1(D, E, A, B, C, WL07, SL07);
-        (void)HOST_c2l(data, l);
-        X(9) = l;
-        RIP1(C, D, E, A, B, WL08, SL08);
-        (void)HOST_c2l(data, l);
-        X(10) = l;
-        RIP1(B, C, D, E, A, WL09, SL09);
-        (void)HOST_c2l(data, l);
-        X(11) = l;
-        RIP1(A, B, C, D, E, WL10, SL10);
-        (void)HOST_c2l(data, l);
-        X(12) = l;
-        RIP1(E, A, B, C, D, WL11, SL11);
-        (void)HOST_c2l(data, l);
-        X(13) = l;
-        RIP1(D, E, A, B, C, WL12, SL12);
-        (void)HOST_c2l(data, l);
-        X(14) = l;
-        RIP1(C, D, E, A, B, WL13, SL13);
-        (void)HOST_c2l(data, l);
-        X(15) = l;
-        RIP1(B, C, D, E, A, WL14, SL14);
-        RIP1(A, B, C, D, E, WL15, SL15);
-
-        RIP2(E, A, B, C, D, WL16, SL16, KL1);
-        RIP2(D, E, A, B, C, WL17, SL17, KL1);
-        RIP2(C, D, E, A, B, WL18, SL18, KL1);
-        RIP2(B, C, D, E, A, WL19, SL19, KL1);
-        RIP2(A, B, C, D, E, WL20, SL20, KL1);
-        RIP2(E, A, B, C, D, WL21, SL21, KL1);
-        RIP2(D, E, A, B, C, WL22, SL22, KL1);
-        RIP2(C, D, E, A, B, WL23, SL23, KL1);
-        RIP2(B, C, D, E, A, WL24, SL24, KL1);
-        RIP2(A, B, C, D, E, WL25, SL25, KL1);
-        RIP2(E, A, B, C, D, WL26, SL26, KL1);
-        RIP2(D, E, A, B, C, WL27, SL27, KL1);
-        RIP2(C, D, E, A, B, WL28, SL28, KL1);
-        RIP2(B, C, D, E, A, WL29, SL29, KL1);
-        RIP2(A, B, C, D, E, WL30, SL30, KL1);
-        RIP2(E, A, B, C, D, WL31, SL31, KL1);
-
-        RIP3(D, E, A, B, C, WL32, SL32, KL2);
-        RIP3(C, D, E, A, B, WL33, SL33, KL2);
-        RIP3(B, C, D, E, A, WL34, SL34, KL2);
-        RIP3(A, B, C, D, E, WL35, SL35, KL2);
-        RIP3(E, A, B, C, D, WL36, SL36, KL2);
-        RIP3(D, E, A, B, C, WL37, SL37, KL2);
-        RIP3(C, D, E, A, B, WL38, SL38, KL2);
-        RIP3(B, C, D, E, A, WL39, SL39, KL2);
-        RIP3(A, B, C, D, E, WL40, SL40, KL2);
-        RIP3(E, A, B, C, D, WL41, SL41, KL2);
-        RIP3(D, E, A, B, C, WL42, SL42, KL2);
-        RIP3(C, D, E, A, B, WL43, SL43, KL2);
-        RIP3(B, C, D, E, A, WL44, SL44, KL2);
-        RIP3(A, B, C, D, E, WL45, SL45, KL2);
-        RIP3(E, A, B, C, D, WL46, SL46, KL2);
-        RIP3(D, E, A, B, C, WL47, SL47, KL2);
-
-        RIP4(C, D, E, A, B, WL48, SL48, KL3);
-        RIP4(B, C, D, E, A, WL49, SL49, KL3);
-        RIP4(A, B, C, D, E, WL50, SL50, KL3);
-        RIP4(E, A, B, C, D, WL51, SL51, KL3);
-        RIP4(D, E, A, B, C, WL52, SL52, KL3);
-        RIP4(C, D, E, A, B, WL53, SL53, KL3);
-        RIP4(B, C, D, E, A, WL54, SL54, KL3);
-        RIP4(A, B, C, D, E, WL55, SL55, KL3);
-        RIP4(E, A, B, C, D, WL56, SL56, KL3);
-        RIP4(D, E, A, B, C, WL57, SL57, KL3);
-        RIP4(C, D, E, A, B, WL58, SL58, KL3);
-        RIP4(B, C, D, E, A, WL59, SL59, KL3);
-        RIP4(A, B, C, D, E, WL60, SL60, KL3);
-        RIP4(E, A, B, C, D, WL61, SL61, KL3);
-        RIP4(D, E, A, B, C, WL62, SL62, KL3);
-        RIP4(C, D, E, A, B, WL63, SL63, KL3);
-
-        RIP5(B, C, D, E, A, WL64, SL64, KL4);
-        RIP5(A, B, C, D, E, WL65, SL65, KL4);
-        RIP5(E, A, B, C, D, WL66, SL66, KL4);
-        RIP5(D, E, A, B, C, WL67, SL67, KL4);
-        RIP5(C, D, E, A, B, WL68, SL68, KL4);
-        RIP5(B, C, D, E, A, WL69, SL69, KL4);
-        RIP5(A, B, C, D, E, WL70, SL70, KL4);
-        RIP5(E, A, B, C, D, WL71, SL71, KL4);
-        RIP5(D, E, A, B, C, WL72, SL72, KL4);
-        RIP5(C, D, E, A, B, WL73, SL73, KL4);
-        RIP5(B, C, D, E, A, WL74, SL74, KL4);
-        RIP5(A, B, C, D, E, WL75, SL75, KL4);
-        RIP5(E, A, B, C, D, WL76, SL76, KL4);
-        RIP5(D, E, A, B, C, WL77, SL77, KL4);
-        RIP5(C, D, E, A, B, WL78, SL78, KL4);
-        RIP5(B, C, D, E, A, WL79, SL79, KL4);
-
-        a = A;
-        b = B;
-        c = C;
-        d = D;
-        e = E;
-        /* Do other half */
-        A = ctx->A;
-        B = ctx->B;
-        C = ctx->C;
-        D = ctx->D;
-        E = ctx->E;
-
-        RIP5(A, B, C, D, E, WR00, SR00, KR0);
-        RIP5(E, A, B, C, D, WR01, SR01, KR0);
-        RIP5(D, E, A, B, C, WR02, SR02, KR0);
-        RIP5(C, D, E, A, B, WR03, SR03, KR0);
-        RIP5(B, C, D, E, A, WR04, SR04, KR0);
-        RIP5(A, B, C, D, E, WR05, SR05, KR0);
-        RIP5(E, A, B, C, D, WR06, SR06, KR0);
-        RIP5(D, E, A, B, C, WR07, SR07, KR0);
-        RIP5(C, D, E, A, B, WR08, SR08, KR0);
-        RIP5(B, C, D, E, A, WR09, SR09, KR0);
-        RIP5(A, B, C, D, E, WR10, SR10, KR0);
-        RIP5(E, A, B, C, D, WR11, SR11, KR0);
-        RIP5(D, E, A, B, C, WR12, SR12, KR0);
-        RIP5(C, D, E, A, B, WR13, SR13, KR0);
-        RIP5(B, C, D, E, A, WR14, SR14, KR0);
-        RIP5(A, B, C, D, E, WR15, SR15, KR0);
-
-        RIP4(E, A, B, C, D, WR16, SR16, KR1);
-        RIP4(D, E, A, B, C, WR17, SR17, KR1);
-        RIP4(C, D, E, A, B, WR18, SR18, KR1);
-        RIP4(B, C, D, E, A, WR19, SR19, KR1);
-        RIP4(A, B, C, D, E, WR20, SR20, KR1);
-        RIP4(E, A, B, C, D, WR21, SR21, KR1);
-        RIP4(D, E, A, B, C, WR22, SR22, KR1);
-        RIP4(C, D, E, A, B, WR23, SR23, KR1);
-        RIP4(B, C, D, E, A, WR24, SR24, KR1);
-        RIP4(A, B, C, D, E, WR25, SR25, KR1);
-        RIP4(E, A, B, C, D, WR26, SR26, KR1);
-        RIP4(D, E, A, B, C, WR27, SR27, KR1);
-        RIP4(C, D, E, A, B, WR28, SR28, KR1);
-        RIP4(B, C, D, E, A, WR29, SR29, KR1);
-        RIP4(A, B, C, D, E, WR30, SR30, KR1);
-        RIP4(E, A, B, C, D, WR31, SR31, KR1);
-
-        RIP3(D, E, A, B, C, WR32, SR32, KR2);
-        RIP3(C, D, E, A, B, WR33, SR33, KR2);
-        RIP3(B, C, D, E, A, WR34, SR34, KR2);
-        RIP3(A, B, C, D, E, WR35, SR35, KR2);
-        RIP3(E, A, B, C, D, WR36, SR36, KR2);
-        RIP3(D, E, A, B, C, WR37, SR37, KR2);
-        RIP3(C, D, E, A, B, WR38, SR38, KR2);
-        RIP3(B, C, D, E, A, WR39, SR39, KR2);
-        RIP3(A, B, C, D, E, WR40, SR40, KR2);
-        RIP3(E, A, B, C, D, WR41, SR41, KR2);
-        RIP3(D, E, A, B, C, WR42, SR42, KR2);
-        RIP3(C, D, E, A, B, WR43, SR43, KR2);
-        RIP3(B, C, D, E, A, WR44, SR44, KR2);
-        RIP3(A, B, C, D, E, WR45, SR45, KR2);
-        RIP3(E, A, B, C, D, WR46, SR46, KR2);
-        RIP3(D, E, A, B, C, WR47, SR47, KR2);
-
-        RIP2(C, D, E, A, B, WR48, SR48, KR3);
-        RIP2(B, C, D, E, A, WR49, SR49, KR3);
-        RIP2(A, B, C, D, E, WR50, SR50, KR3);
-        RIP2(E, A, B, C, D, WR51, SR51, KR3);
-        RIP2(D, E, A, B, C, WR52, SR52, KR3);
-        RIP2(C, D, E, A, B, WR53, SR53, KR3);
-        RIP2(B, C, D, E, A, WR54, SR54, KR3);
-        RIP2(A, B, C, D, E, WR55, SR55, KR3);
-        RIP2(E, A, B, C, D, WR56, SR56, KR3);
-        RIP2(D, E, A, B, C, WR57, SR57, KR3);
-        RIP2(C, D, E, A, B, WR58, SR58, KR3);
-        RIP2(B, C, D, E, A, WR59, SR59, KR3);
-        RIP2(A, B, C, D, E, WR60, SR60, KR3);
-        RIP2(E, A, B, C, D, WR61, SR61, KR3);
-        RIP2(D, E, A, B, C, WR62, SR62, KR3);
-        RIP2(C, D, E, A, B, WR63, SR63, KR3);
-
-        RIP1(B, C, D, E, A, WR64, SR64);
-        RIP1(A, B, C, D, E, WR65, SR65);
-        RIP1(E, A, B, C, D, WR66, SR66);
-        RIP1(D, E, A, B, C, WR67, SR67);
-        RIP1(C, D, E, A, B, WR68, SR68);
-        RIP1(B, C, D, E, A, WR69, SR69);
-        RIP1(A, B, C, D, E, WR70, SR70);
-        RIP1(E, A, B, C, D, WR71, SR71);
-        RIP1(D, E, A, B, C, WR72, SR72);
-        RIP1(C, D, E, A, B, WR73, SR73);
-        RIP1(B, C, D, E, A, WR74, SR74);
-        RIP1(A, B, C, D, E, WR75, SR75);
-        RIP1(E, A, B, C, D, WR76, SR76);
-        RIP1(D, E, A, B, C, WR77, SR77);
-        RIP1(C, D, E, A, B, WR78, SR78);
-        RIP1(B, C, D, E, A, WR79, SR79);
-
-        D = ctx->B + c + D;
-        ctx->B = ctx->C + d + E;
-        ctx->C = ctx->D + e + A;
-        ctx->D = ctx->E + a + B;
-        ctx->E = ctx->A + b + C;
-        ctx->A = D;
-
-    }
-}
-#endif
diff --git a/thirdparty/openssl/crypto/ripemd/rmd_locl.h b/thirdparty/openssl/crypto/ripemd/rmd_locl.h
deleted file mode 100644
index 26e0256333..0000000000
--- a/thirdparty/openssl/crypto/ripemd/rmd_locl.h
+++ /dev/null
@@ -1,149 +0,0 @@
-/* crypto/ripemd/rmd_locl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/opensslconf.h>
-#include <openssl/ripemd.h>
-
-#ifndef RIPEMD160_LONG_LOG2
-# define RIPEMD160_LONG_LOG2 2  /* default to 32 bits */
-#endif
-
-/*
- * DO EXAMINE COMMENTS IN crypto/md5/md5_locl.h & crypto/md5/md5_dgst.c
- * FOR EXPLANATIONS ON FOLLOWING "CODE."
- *                                      <appro@fy.chalmers.se>
- */
-#ifdef RMD160_ASM
-# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__)
-#  define ripemd160_block_data_order ripemd160_block_asm_data_order
-# endif
-#endif
-
-void ripemd160_block_data_order(RIPEMD160_CTX *c, const void *p, size_t num);
-
-#define DATA_ORDER_IS_LITTLE_ENDIAN
-
-#define HASH_LONG               RIPEMD160_LONG
-#define HASH_CTX                RIPEMD160_CTX
-#define HASH_CBLOCK             RIPEMD160_CBLOCK
-#define HASH_UPDATE             RIPEMD160_Update
-#define HASH_TRANSFORM          RIPEMD160_Transform
-#define HASH_FINAL              RIPEMD160_Final
-#define HASH_MAKE_STRING(c,s)   do {    \
-        unsigned long ll;               \
-        ll=(c)->A; (void)HOST_l2c(ll,(s));      \
-        ll=(c)->B; (void)HOST_l2c(ll,(s));      \
-        ll=(c)->C; (void)HOST_l2c(ll,(s));      \
-        ll=(c)->D; (void)HOST_l2c(ll,(s));      \
-        ll=(c)->E; (void)HOST_l2c(ll,(s));      \
-        } while (0)
-#define HASH_BLOCK_DATA_ORDER   ripemd160_block_data_order
-
-#include "md32_common.h"
-
-#if 0
-# define F1(x,y,z)        ((x)^(y)^(z))
-# define F2(x,y,z)       (((x)&(y))|((~x)&z))
-# define F3(x,y,z)       (((x)|(~y))^(z))
-# define F4(x,y,z)       (((x)&(z))|((y)&(~(z))))
-# define F5(x,y,z)        ((x)^((y)|(~(z))))
-#else
-/*
- * Transformed F2 and F4 are courtesy of Wei Dai <weidai@eskimo.com>
- */
-# define F1(x,y,z)       ((x) ^ (y) ^ (z))
-# define F2(x,y,z)       ((((y) ^ (z)) & (x)) ^ (z))
-# define F3(x,y,z)       (((~(y)) | (x)) ^ (z))
-# define F4(x,y,z)       ((((x) ^ (y)) & (z)) ^ (y))
-# define F5(x,y,z)       (((~(z)) | (y)) ^ (x))
-#endif
-
-#define RIPEMD160_A     0x67452301L
-#define RIPEMD160_B     0xEFCDAB89L
-#define RIPEMD160_C     0x98BADCFEL
-#define RIPEMD160_D     0x10325476L
-#define RIPEMD160_E     0xC3D2E1F0L
-
-#include "rmdconst.h"
-
-#define RIP1(a,b,c,d,e,w,s) { \
-        a+=F1(b,c,d)+X(w); \
-        a=ROTATE(a,s)+e; \
-        c=ROTATE(c,10); }
-
-#define RIP2(a,b,c,d,e,w,s,K) { \
-        a+=F2(b,c,d)+X(w)+K; \
-        a=ROTATE(a,s)+e; \
-        c=ROTATE(c,10); }
-
-#define RIP3(a,b,c,d,e,w,s,K) { \
-        a+=F3(b,c,d)+X(w)+K; \
-        a=ROTATE(a,s)+e; \
-        c=ROTATE(c,10); }
-
-#define RIP4(a,b,c,d,e,w,s,K) { \
-        a+=F4(b,c,d)+X(w)+K; \
-        a=ROTATE(a,s)+e; \
-        c=ROTATE(c,10); }
-
-#define RIP5(a,b,c,d,e,w,s,K) { \
-        a+=F5(b,c,d)+X(w)+K; \
-        a=ROTATE(a,s)+e; \
-        c=ROTATE(c,10); }
diff --git a/thirdparty/openssl/crypto/ripemd/rmd_one.c b/thirdparty/openssl/crypto/ripemd/rmd_one.c
deleted file mode 100644
index 666e01a41b..0000000000
--- a/thirdparty/openssl/crypto/ripemd/rmd_one.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/* crypto/ripemd/rmd_one.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/ripemd.h>
-#include <openssl/crypto.h>
-
-unsigned char *RIPEMD160(const unsigned char *d, size_t n, unsigned char *md)
-{
-    RIPEMD160_CTX c;
-    static unsigned char m[RIPEMD160_DIGEST_LENGTH];
-
-    if (md == NULL)
-        md = m;
-    if (!RIPEMD160_Init(&c))
-        return NULL;
-    RIPEMD160_Update(&c, d, n);
-    RIPEMD160_Final(md, &c);
-    OPENSSL_cleanse(&c, sizeof(c)); /* security consideration */
-    return (md);
-}
diff --git a/thirdparty/openssl/crypto/ripemd/rmdconst.h b/thirdparty/openssl/crypto/ripemd/rmdconst.h
deleted file mode 100644
index 8fe33de14e..0000000000
--- a/thirdparty/openssl/crypto/ripemd/rmdconst.h
+++ /dev/null
@@ -1,398 +0,0 @@
-/* crypto/ripemd/rmdconst.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#define KL0 0x00000000L
-#define KL1 0x5A827999L
-#define KL2 0x6ED9EBA1L
-#define KL3 0x8F1BBCDCL
-#define KL4 0xA953FD4EL
-
-#define KR0 0x50A28BE6L
-#define KR1 0x5C4DD124L
-#define KR2 0x6D703EF3L
-#define KR3 0x7A6D76E9L
-#define KR4 0x00000000L
-
-#define WL00  0
-#define SL00 11
-#define WL01  1
-#define SL01 14
-#define WL02  2
-#define SL02 15
-#define WL03  3
-#define SL03 12
-#define WL04  4
-#define SL04  5
-#define WL05  5
-#define SL05  8
-#define WL06  6
-#define SL06  7
-#define WL07  7
-#define SL07  9
-#define WL08  8
-#define SL08 11
-#define WL09  9
-#define SL09 13
-#define WL10 10
-#define SL10 14
-#define WL11 11
-#define SL11 15
-#define WL12 12
-#define SL12  6
-#define WL13 13
-#define SL13  7
-#define WL14 14
-#define SL14  9
-#define WL15 15
-#define SL15  8
-
-#define WL16  7
-#define SL16  7
-#define WL17  4
-#define SL17  6
-#define WL18 13
-#define SL18  8
-#define WL19  1
-#define SL19 13
-#define WL20 10
-#define SL20 11
-#define WL21  6
-#define SL21  9
-#define WL22 15
-#define SL22  7
-#define WL23  3
-#define SL23 15
-#define WL24 12
-#define SL24  7
-#define WL25  0
-#define SL25 12
-#define WL26  9
-#define SL26 15
-#define WL27  5
-#define SL27  9
-#define WL28  2
-#define SL28 11
-#define WL29 14
-#define SL29  7
-#define WL30 11
-#define SL30 13
-#define WL31  8
-#define SL31 12
-
-#define WL32  3
-#define SL32 11
-#define WL33 10
-#define SL33 13
-#define WL34 14
-#define SL34  6
-#define WL35  4
-#define SL35  7
-#define WL36  9
-#define SL36 14
-#define WL37 15
-#define SL37  9
-#define WL38  8
-#define SL38 13
-#define WL39  1
-#define SL39 15
-#define WL40  2
-#define SL40 14
-#define WL41  7
-#define SL41  8
-#define WL42  0
-#define SL42 13
-#define WL43  6
-#define SL43  6
-#define WL44 13
-#define SL44  5
-#define WL45 11
-#define SL45 12
-#define WL46  5
-#define SL46  7
-#define WL47 12
-#define SL47  5
-
-#define WL48  1
-#define SL48 11
-#define WL49  9
-#define SL49 12
-#define WL50 11
-#define SL50 14
-#define WL51 10
-#define SL51 15
-#define WL52  0
-#define SL52 14
-#define WL53  8
-#define SL53 15
-#define WL54 12
-#define SL54  9
-#define WL55  4
-#define SL55  8
-#define WL56 13
-#define SL56  9
-#define WL57  3
-#define SL57 14
-#define WL58  7
-#define SL58  5
-#define WL59 15
-#define SL59  6
-#define WL60 14
-#define SL60  8
-#define WL61  5
-#define SL61  6
-#define WL62  6
-#define SL62  5
-#define WL63  2
-#define SL63 12
-
-#define WL64  4
-#define SL64  9
-#define WL65  0
-#define SL65 15
-#define WL66  5
-#define SL66  5
-#define WL67  9
-#define SL67 11
-#define WL68  7
-#define SL68  6
-#define WL69 12
-#define SL69  8
-#define WL70  2
-#define SL70 13
-#define WL71 10
-#define SL71 12
-#define WL72 14
-#define SL72  5
-#define WL73  1
-#define SL73 12
-#define WL74  3
-#define SL74 13
-#define WL75  8
-#define SL75 14
-#define WL76 11
-#define SL76 11
-#define WL77  6
-#define SL77  8
-#define WL78 15
-#define SL78  5
-#define WL79 13
-#define SL79  6
-
-#define WR00  5
-#define SR00  8
-#define WR01 14
-#define SR01  9
-#define WR02  7
-#define SR02  9
-#define WR03  0
-#define SR03 11
-#define WR04  9
-#define SR04 13
-#define WR05  2
-#define SR05 15
-#define WR06 11
-#define SR06 15
-#define WR07  4
-#define SR07  5
-#define WR08 13
-#define SR08  7
-#define WR09  6
-#define SR09  7
-#define WR10 15
-#define SR10  8
-#define WR11  8
-#define SR11 11
-#define WR12  1
-#define SR12 14
-#define WR13 10
-#define SR13 14
-#define WR14  3
-#define SR14 12
-#define WR15 12
-#define SR15  6
-
-#define WR16  6
-#define SR16  9
-#define WR17 11
-#define SR17 13
-#define WR18  3
-#define SR18 15
-#define WR19  7
-#define SR19  7
-#define WR20  0
-#define SR20 12
-#define WR21 13
-#define SR21  8
-#define WR22  5
-#define SR22  9
-#define WR23 10
-#define SR23 11
-#define WR24 14
-#define SR24  7
-#define WR25 15
-#define SR25  7
-#define WR26  8
-#define SR26 12
-#define WR27 12
-#define SR27  7
-#define WR28  4
-#define SR28  6
-#define WR29  9
-#define SR29 15
-#define WR30  1
-#define SR30 13
-#define WR31  2
-#define SR31 11
-
-#define WR32 15
-#define SR32  9
-#define WR33  5
-#define SR33  7
-#define WR34  1
-#define SR34 15
-#define WR35  3
-#define SR35 11
-#define WR36  7
-#define SR36  8
-#define WR37 14
-#define SR37  6
-#define WR38  6
-#define SR38  6
-#define WR39  9
-#define SR39 14
-#define WR40 11
-#define SR40 12
-#define WR41  8
-#define SR41 13
-#define WR42 12
-#define SR42  5
-#define WR43  2
-#define SR43 14
-#define WR44 10
-#define SR44 13
-#define WR45  0
-#define SR45 13
-#define WR46  4
-#define SR46  7
-#define WR47 13
-#define SR47  5
-
-#define WR48  8
-#define SR48 15
-#define WR49  6
-#define SR49  5
-#define WR50  4
-#define SR50  8
-#define WR51  1
-#define SR51 11
-#define WR52  3
-#define SR52 14
-#define WR53 11
-#define SR53 14
-#define WR54 15
-#define SR54  6
-#define WR55  0
-#define SR55 14
-#define WR56  5
-#define SR56  6
-#define WR57 12
-#define SR57  9
-#define WR58  2
-#define SR58 12
-#define WR59 13
-#define SR59  9
-#define WR60  9
-#define SR60 12
-#define WR61  7
-#define SR61  5
-#define WR62 10
-#define SR62 15
-#define WR63 14
-#define SR63  8
-
-#define WR64 12
-#define SR64  8
-#define WR65 15
-#define SR65  5
-#define WR66 10
-#define SR66 12
-#define WR67  4
-#define SR67  9
-#define WR68  1
-#define SR68 12
-#define WR69  5
-#define SR69  5
-#define WR70  8
-#define SR70 14
-#define WR71  7
-#define SR71  6
-#define WR72  6
-#define SR72  8
-#define WR73  2
-#define SR73 13
-#define WR74 13
-#define SR74  6
-#define WR75 14
-#define SR75  5
-#define WR76  0
-#define SR76 15
-#define WR77  3
-#define SR77 13
-#define WR78  9
-#define SR78 11
-#define WR79 11
-#define SR79 11
diff --git a/thirdparty/openssl/crypto/rsa/rsa_ameth.c b/thirdparty/openssl/crypto/rsa/rsa_ameth.c
deleted file mode 100644
index 951e1d5ca3..0000000000
--- a/thirdparty/openssl/crypto/rsa/rsa_ameth.c
+++ /dev/null
@@ -1,967 +0,0 @@
-/* crypto/rsa/rsa_ameth.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/rsa.h>
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_CMS
-# include <openssl/cms.h>
-#endif
-#include "asn1_locl.h"
-
-#ifndef OPENSSL_NO_CMS
-static int rsa_cms_sign(CMS_SignerInfo *si);
-static int rsa_cms_verify(CMS_SignerInfo *si);
-static int rsa_cms_decrypt(CMS_RecipientInfo *ri);
-static int rsa_cms_encrypt(CMS_RecipientInfo *ri);
-#endif
-
-static int rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
-{
-    unsigned char *penc = NULL;
-    int penclen;
-    penclen = i2d_RSAPublicKey(pkey->pkey.rsa, &penc);
-    if (penclen <= 0)
-        return 0;
-    if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_RSA),
-                               V_ASN1_NULL, NULL, penc, penclen))
-        return 1;
-
-    OPENSSL_free(penc);
-    return 0;
-}
-
-static int rsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
-{
-    const unsigned char *p;
-    int pklen;
-    RSA *rsa = NULL;
-    if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, NULL, pubkey))
-        return 0;
-    if (!(rsa = d2i_RSAPublicKey(NULL, &p, pklen))) {
-        RSAerr(RSA_F_RSA_PUB_DECODE, ERR_R_RSA_LIB);
-        return 0;
-    }
-    EVP_PKEY_assign_RSA(pkey, rsa);
-    return 1;
-}
-
-static int rsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
-{
-    if (BN_cmp(b->pkey.rsa->n, a->pkey.rsa->n) != 0
-        || BN_cmp(b->pkey.rsa->e, a->pkey.rsa->e) != 0)
-        return 0;
-    return 1;
-}
-
-static int old_rsa_priv_decode(EVP_PKEY *pkey,
-                               const unsigned char **pder, int derlen)
-{
-    RSA *rsa;
-    if (!(rsa = d2i_RSAPrivateKey(NULL, pder, derlen))) {
-        RSAerr(RSA_F_OLD_RSA_PRIV_DECODE, ERR_R_RSA_LIB);
-        return 0;
-    }
-    EVP_PKEY_assign_RSA(pkey, rsa);
-    return 1;
-}
-
-static int old_rsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
-{
-    return i2d_RSAPrivateKey(pkey->pkey.rsa, pder);
-}
-
-static int rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
-{
-    unsigned char *rk = NULL;
-    int rklen;
-    rklen = i2d_RSAPrivateKey(pkey->pkey.rsa, &rk);
-
-    if (rklen <= 0) {
-        RSAerr(RSA_F_RSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-
-    if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_rsaEncryption), 0,
-                         V_ASN1_NULL, NULL, rk, rklen)) {
-        RSAerr(RSA_F_RSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-
-    return 1;
-}
-
-static int rsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
-{
-    const unsigned char *p;
-    int pklen;
-    if (!PKCS8_pkey_get0(NULL, &p, &pklen, NULL, p8))
-        return 0;
-    return old_rsa_priv_decode(pkey, &p, pklen);
-}
-
-static int int_rsa_size(const EVP_PKEY *pkey)
-{
-    return RSA_size(pkey->pkey.rsa);
-}
-
-static int rsa_bits(const EVP_PKEY *pkey)
-{
-    return BN_num_bits(pkey->pkey.rsa->n);
-}
-
-static void int_rsa_free(EVP_PKEY *pkey)
-{
-    RSA_free(pkey->pkey.rsa);
-}
-
-static void update_buflen(const BIGNUM *b, size_t *pbuflen)
-{
-    size_t i;
-    if (!b)
-        return;
-    if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
-        *pbuflen = i;
-}
-
-static int do_rsa_print(BIO *bp, const RSA *x, int off, int priv)
-{
-    char *str;
-    const char *s;
-    unsigned char *m = NULL;
-    int ret = 0, mod_len = 0;
-    size_t buf_len = 0;
-
-    update_buflen(x->n, &buf_len);
-    update_buflen(x->e, &buf_len);
-
-    if (priv) {
-        update_buflen(x->d, &buf_len);
-        update_buflen(x->p, &buf_len);
-        update_buflen(x->q, &buf_len);
-        update_buflen(x->dmp1, &buf_len);
-        update_buflen(x->dmq1, &buf_len);
-        update_buflen(x->iqmp, &buf_len);
-    }
-
-    m = (unsigned char *)OPENSSL_malloc(buf_len + 10);
-    if (m == NULL) {
-        RSAerr(RSA_F_DO_RSA_PRINT, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (x->n != NULL)
-        mod_len = BN_num_bits(x->n);
-
-    if (!BIO_indent(bp, off, 128))
-        goto err;
-
-    if (priv && x->d) {
-        if (BIO_printf(bp, "Private-Key: (%d bit)\n", mod_len)
-            <= 0)
-            goto err;
-        str = "modulus:";
-        s = "publicExponent:";
-    } else {
-        if (BIO_printf(bp, "Public-Key: (%d bit)\n", mod_len)
-            <= 0)
-            goto err;
-        str = "Modulus:";
-        s = "Exponent:";
-    }
-    if (!ASN1_bn_print(bp, str, x->n, m, off))
-        goto err;
-    if (!ASN1_bn_print(bp, s, x->e, m, off))
-        goto err;
-    if (priv) {
-        if (!ASN1_bn_print(bp, "privateExponent:", x->d, m, off))
-            goto err;
-        if (!ASN1_bn_print(bp, "prime1:", x->p, m, off))
-            goto err;
-        if (!ASN1_bn_print(bp, "prime2:", x->q, m, off))
-            goto err;
-        if (!ASN1_bn_print(bp, "exponent1:", x->dmp1, m, off))
-            goto err;
-        if (!ASN1_bn_print(bp, "exponent2:", x->dmq1, m, off))
-            goto err;
-        if (!ASN1_bn_print(bp, "coefficient:", x->iqmp, m, off))
-            goto err;
-    }
-    ret = 1;
- err:
-    if (m != NULL)
-        OPENSSL_free(m);
-    return (ret);
-}
-
-static int rsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
-                         ASN1_PCTX *ctx)
-{
-    return do_rsa_print(bp, pkey->pkey.rsa, indent, 0);
-}
-
-static int rsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
-                          ASN1_PCTX *ctx)
-{
-    return do_rsa_print(bp, pkey->pkey.rsa, indent, 1);
-}
-
-/* Given an MGF1 Algorithm ID decode to an Algorithm Identifier */
-static X509_ALGOR *rsa_mgf1_decode(X509_ALGOR *alg)
-{
-    const unsigned char *p;
-    int plen;
-    if (alg == NULL || alg->parameter == NULL)
-        return NULL;
-    if (OBJ_obj2nid(alg->algorithm) != NID_mgf1)
-        return NULL;
-    if (alg->parameter->type != V_ASN1_SEQUENCE)
-        return NULL;
-
-    p = alg->parameter->value.sequence->data;
-    plen = alg->parameter->value.sequence->length;
-    return d2i_X509_ALGOR(NULL, &p, plen);
-}
-
-static RSA_PSS_PARAMS *rsa_pss_decode(const X509_ALGOR *alg,
-                                      X509_ALGOR **pmaskHash)
-{
-    const unsigned char *p;
-    int plen;
-    RSA_PSS_PARAMS *pss;
-
-    *pmaskHash = NULL;
-
-    if (!alg->parameter || alg->parameter->type != V_ASN1_SEQUENCE)
-        return NULL;
-    p = alg->parameter->value.sequence->data;
-    plen = alg->parameter->value.sequence->length;
-    pss = d2i_RSA_PSS_PARAMS(NULL, &p, plen);
-
-    if (!pss)
-        return NULL;
-
-    *pmaskHash = rsa_mgf1_decode(pss->maskGenAlgorithm);
-
-    return pss;
-}
-
-static int rsa_pss_param_print(BIO *bp, RSA_PSS_PARAMS *pss,
-                               X509_ALGOR *maskHash, int indent)
-{
-    int rv = 0;
-    if (!pss) {
-        if (BIO_puts(bp, " (INVALID PSS PARAMETERS)\n") <= 0)
-            return 0;
-        return 1;
-    }
-    if (BIO_puts(bp, "\n") <= 0)
-        goto err;
-    if (!BIO_indent(bp, indent, 128))
-        goto err;
-    if (BIO_puts(bp, "Hash Algorithm: ") <= 0)
-        goto err;
-
-    if (pss->hashAlgorithm) {
-        if (i2a_ASN1_OBJECT(bp, pss->hashAlgorithm->algorithm) <= 0)
-            goto err;
-    } else if (BIO_puts(bp, "sha1 (default)") <= 0)
-        goto err;
-
-    if (BIO_puts(bp, "\n") <= 0)
-        goto err;
-
-    if (!BIO_indent(bp, indent, 128))
-        goto err;
-
-    if (BIO_puts(bp, "Mask Algorithm: ") <= 0)
-        goto err;
-    if (pss->maskGenAlgorithm) {
-        if (i2a_ASN1_OBJECT(bp, pss->maskGenAlgorithm->algorithm) <= 0)
-            goto err;
-        if (BIO_puts(bp, " with ") <= 0)
-            goto err;
-        if (maskHash) {
-            if (i2a_ASN1_OBJECT(bp, maskHash->algorithm) <= 0)
-                goto err;
-        } else if (BIO_puts(bp, "INVALID") <= 0)
-            goto err;
-    } else if (BIO_puts(bp, "mgf1 with sha1 (default)") <= 0)
-        goto err;
-    BIO_puts(bp, "\n");
-
-    if (!BIO_indent(bp, indent, 128))
-        goto err;
-    if (BIO_puts(bp, "Salt Length: 0x") <= 0)
-        goto err;
-    if (pss->saltLength) {
-        if (i2a_ASN1_INTEGER(bp, pss->saltLength) <= 0)
-            goto err;
-    } else if (BIO_puts(bp, "14 (default)") <= 0)
-        goto err;
-    BIO_puts(bp, "\n");
-
-    if (!BIO_indent(bp, indent, 128))
-        goto err;
-    if (BIO_puts(bp, "Trailer Field: 0x") <= 0)
-        goto err;
-    if (pss->trailerField) {
-        if (i2a_ASN1_INTEGER(bp, pss->trailerField) <= 0)
-            goto err;
-    } else if (BIO_puts(bp, "BC (default)") <= 0)
-        goto err;
-    BIO_puts(bp, "\n");
-
-    rv = 1;
-
- err:
-    return rv;
-
-}
-
-static int rsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
-                         const ASN1_STRING *sig, int indent, ASN1_PCTX *pctx)
-{
-    if (OBJ_obj2nid(sigalg->algorithm) == NID_rsassaPss) {
-        int rv;
-        RSA_PSS_PARAMS *pss;
-        X509_ALGOR *maskHash;
-        pss = rsa_pss_decode(sigalg, &maskHash);
-        rv = rsa_pss_param_print(bp, pss, maskHash, indent);
-        if (pss)
-            RSA_PSS_PARAMS_free(pss);
-        if (maskHash)
-            X509_ALGOR_free(maskHash);
-        if (!rv)
-            return 0;
-    } else if (!sig && BIO_puts(bp, "\n") <= 0)
-        return 0;
-    if (sig)
-        return X509_signature_dump(bp, sig, indent);
-    return 1;
-}
-
-static int rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
-{
-    X509_ALGOR *alg = NULL;
-    switch (op) {
-
-    case ASN1_PKEY_CTRL_PKCS7_SIGN:
-        if (arg1 == 0)
-            PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, NULL, &alg);
-        break;
-
-    case ASN1_PKEY_CTRL_PKCS7_ENCRYPT:
-        if (arg1 == 0)
-            PKCS7_RECIP_INFO_get0_alg(arg2, &alg);
-        break;
-#ifndef OPENSSL_NO_CMS
-    case ASN1_PKEY_CTRL_CMS_SIGN:
-        if (arg1 == 0)
-            return rsa_cms_sign(arg2);
-        else if (arg1 == 1)
-            return rsa_cms_verify(arg2);
-        break;
-
-    case ASN1_PKEY_CTRL_CMS_ENVELOPE:
-        if (arg1 == 0)
-            return rsa_cms_encrypt(arg2);
-        else if (arg1 == 1)
-            return rsa_cms_decrypt(arg2);
-        break;
-
-    case ASN1_PKEY_CTRL_CMS_RI_TYPE:
-        *(int *)arg2 = CMS_RECIPINFO_TRANS;
-        return 1;
-#endif
-
-    case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
-        *(int *)arg2 = NID_sha256;
-        return 1;
-
-    default:
-        return -2;
-
-    }
-
-    if (alg)
-        X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption), V_ASN1_NULL, 0);
-
-    return 1;
-
-}
-
-/* allocate and set algorithm ID from EVP_MD, default SHA1 */
-static int rsa_md_to_algor(X509_ALGOR **palg, const EVP_MD *md)
-{
-    if (EVP_MD_type(md) == NID_sha1)
-        return 1;
-    *palg = X509_ALGOR_new();
-    if (!*palg)
-        return 0;
-    X509_ALGOR_set_md(*palg, md);
-    return 1;
-}
-
-/* Allocate and set MGF1 algorithm ID from EVP_MD */
-static int rsa_md_to_mgf1(X509_ALGOR **palg, const EVP_MD *mgf1md)
-{
-    X509_ALGOR *algtmp = NULL;
-    ASN1_STRING *stmp = NULL;
-    *palg = NULL;
-    if (EVP_MD_type(mgf1md) == NID_sha1)
-        return 1;
-    /* need to embed algorithm ID inside another */
-    if (!rsa_md_to_algor(&algtmp, mgf1md))
-        goto err;
-    if (!ASN1_item_pack(algtmp, ASN1_ITEM_rptr(X509_ALGOR), &stmp))
-         goto err;
-    *palg = X509_ALGOR_new();
-    if (!*palg)
-        goto err;
-    X509_ALGOR_set0(*palg, OBJ_nid2obj(NID_mgf1), V_ASN1_SEQUENCE, stmp);
-    stmp = NULL;
- err:
-    if (stmp)
-        ASN1_STRING_free(stmp);
-    if (algtmp)
-        X509_ALGOR_free(algtmp);
-    if (*palg)
-        return 1;
-    return 0;
-}
-
-/* convert algorithm ID to EVP_MD, default SHA1 */
-static const EVP_MD *rsa_algor_to_md(X509_ALGOR *alg)
-{
-    const EVP_MD *md;
-    if (!alg)
-        return EVP_sha1();
-    md = EVP_get_digestbyobj(alg->algorithm);
-    if (md == NULL)
-        RSAerr(RSA_F_RSA_ALGOR_TO_MD, RSA_R_UNKNOWN_DIGEST);
-    return md;
-}
-
-/* convert MGF1 algorithm ID to EVP_MD, default SHA1 */
-static const EVP_MD *rsa_mgf1_to_md(X509_ALGOR *alg, X509_ALGOR *maskHash)
-{
-    const EVP_MD *md;
-    if (!alg)
-        return EVP_sha1();
-    /* Check mask and lookup mask hash algorithm */
-    if (OBJ_obj2nid(alg->algorithm) != NID_mgf1) {
-        RSAerr(RSA_F_RSA_MGF1_TO_MD, RSA_R_UNSUPPORTED_MASK_ALGORITHM);
-        return NULL;
-    }
-    if (!maskHash) {
-        RSAerr(RSA_F_RSA_MGF1_TO_MD, RSA_R_UNSUPPORTED_MASK_PARAMETER);
-        return NULL;
-    }
-    md = EVP_get_digestbyobj(maskHash->algorithm);
-    if (md == NULL) {
-        RSAerr(RSA_F_RSA_MGF1_TO_MD, RSA_R_UNKNOWN_MASK_DIGEST);
-        return NULL;
-    }
-    return md;
-}
-
-/*
- * Convert EVP_PKEY_CTX is PSS mode into corresponding algorithm parameter,
- * suitable for setting an AlgorithmIdentifier.
- */
-
-static ASN1_STRING *rsa_ctx_to_pss(EVP_PKEY_CTX *pkctx)
-{
-    const EVP_MD *sigmd, *mgf1md;
-    RSA_PSS_PARAMS *pss = NULL;
-    ASN1_STRING *os = NULL;
-    EVP_PKEY *pk = EVP_PKEY_CTX_get0_pkey(pkctx);
-    int saltlen, rv = 0;
-    if (EVP_PKEY_CTX_get_signature_md(pkctx, &sigmd) <= 0)
-        goto err;
-    if (EVP_PKEY_CTX_get_rsa_mgf1_md(pkctx, &mgf1md) <= 0)
-        goto err;
-    if (!EVP_PKEY_CTX_get_rsa_pss_saltlen(pkctx, &saltlen))
-        goto err;
-    if (saltlen == -1)
-        saltlen = EVP_MD_size(sigmd);
-    else if (saltlen == -2) {
-        saltlen = EVP_PKEY_size(pk) - EVP_MD_size(sigmd) - 2;
-        if (((EVP_PKEY_bits(pk) - 1) & 0x7) == 0)
-            saltlen--;
-    }
-    pss = RSA_PSS_PARAMS_new();
-    if (!pss)
-        goto err;
-    if (saltlen != 20) {
-        pss->saltLength = ASN1_INTEGER_new();
-        if (!pss->saltLength)
-            goto err;
-        if (!ASN1_INTEGER_set(pss->saltLength, saltlen))
-            goto err;
-    }
-    if (!rsa_md_to_algor(&pss->hashAlgorithm, sigmd))
-        goto err;
-    if (!rsa_md_to_mgf1(&pss->maskGenAlgorithm, mgf1md))
-        goto err;
-    /* Finally create string with pss parameter encoding. */
-    if (!ASN1_item_pack(pss, ASN1_ITEM_rptr(RSA_PSS_PARAMS), &os))
-         goto err;
-    rv = 1;
- err:
-    if (pss)
-        RSA_PSS_PARAMS_free(pss);
-    if (rv)
-        return os;
-    if (os)
-        ASN1_STRING_free(os);
-    return NULL;
-}
-
-/*
- * From PSS AlgorithmIdentifier set public key parameters. If pkey isn't NULL
- * then the EVP_MD_CTX is setup and initalised. If it is NULL parameters are
- * passed to pkctx instead.
- */
-
-static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx,
-                          X509_ALGOR *sigalg, EVP_PKEY *pkey)
-{
-    int rv = -1;
-    int saltlen;
-    const EVP_MD *mgf1md = NULL, *md = NULL;
-    RSA_PSS_PARAMS *pss;
-    X509_ALGOR *maskHash;
-    /* Sanity check: make sure it is PSS */
-    if (OBJ_obj2nid(sigalg->algorithm) != NID_rsassaPss) {
-        RSAerr(RSA_F_RSA_PSS_TO_CTX, RSA_R_UNSUPPORTED_SIGNATURE_TYPE);
-        return -1;
-    }
-    /* Decode PSS parameters */
-    pss = rsa_pss_decode(sigalg, &maskHash);
-
-    if (pss == NULL) {
-        RSAerr(RSA_F_RSA_PSS_TO_CTX, RSA_R_INVALID_PSS_PARAMETERS);
-        goto err;
-    }
-    mgf1md = rsa_mgf1_to_md(pss->maskGenAlgorithm, maskHash);
-    if (!mgf1md)
-        goto err;
-    md = rsa_algor_to_md(pss->hashAlgorithm);
-    if (!md)
-        goto err;
-
-    if (pss->saltLength) {
-        saltlen = ASN1_INTEGER_get(pss->saltLength);
-
-        /*
-         * Could perform more salt length sanity checks but the main RSA
-         * routines will trap other invalid values anyway.
-         */
-        if (saltlen < 0) {
-            RSAerr(RSA_F_RSA_PSS_TO_CTX, RSA_R_INVALID_SALT_LENGTH);
-            goto err;
-        }
-    } else
-        saltlen = 20;
-
-    /*
-     * low-level routines support only trailer field 0xbc (value 1) and
-     * PKCS#1 says we should reject any other value anyway.
-     */
-    if (pss->trailerField && ASN1_INTEGER_get(pss->trailerField) != 1) {
-        RSAerr(RSA_F_RSA_PSS_TO_CTX, RSA_R_INVALID_TRAILER);
-        goto err;
-    }
-
-    /* We have all parameters now set up context */
-
-    if (pkey) {
-        if (!EVP_DigestVerifyInit(ctx, &pkctx, md, NULL, pkey))
-            goto err;
-    } else {
-        const EVP_MD *checkmd;
-        if (EVP_PKEY_CTX_get_signature_md(pkctx, &checkmd) <= 0)
-            goto err;
-        if (EVP_MD_type(md) != EVP_MD_type(checkmd)) {
-            RSAerr(RSA_F_RSA_PSS_TO_CTX, RSA_R_DIGEST_DOES_NOT_MATCH);
-            goto err;
-        }
-    }
-
-    if (EVP_PKEY_CTX_set_rsa_padding(pkctx, RSA_PKCS1_PSS_PADDING) <= 0)
-        goto err;
-
-    if (EVP_PKEY_CTX_set_rsa_pss_saltlen(pkctx, saltlen) <= 0)
-        goto err;
-
-    if (EVP_PKEY_CTX_set_rsa_mgf1_md(pkctx, mgf1md) <= 0)
-        goto err;
-    /* Carry on */
-    rv = 1;
-
- err:
-    RSA_PSS_PARAMS_free(pss);
-    if (maskHash)
-        X509_ALGOR_free(maskHash);
-    return rv;
-}
-
-#ifndef OPENSSL_NO_CMS
-static int rsa_cms_verify(CMS_SignerInfo *si)
-{
-    int nid, nid2;
-    X509_ALGOR *alg;
-    EVP_PKEY_CTX *pkctx = CMS_SignerInfo_get0_pkey_ctx(si);
-    CMS_SignerInfo_get0_algs(si, NULL, NULL, NULL, &alg);
-    nid = OBJ_obj2nid(alg->algorithm);
-    if (nid == NID_rsaEncryption)
-        return 1;
-    if (nid == NID_rsassaPss)
-        return rsa_pss_to_ctx(NULL, pkctx, alg, NULL);
-    /* Workaround for some implementation that use a signature OID */
-    if (OBJ_find_sigid_algs(nid, NULL, &nid2)) {
-        if (nid2 == NID_rsaEncryption)
-            return 1;
-    }
-    return 0;
-}
-#endif
-
-/*
- * Customised RSA item verification routine. This is called when a signature
- * is encountered requiring special handling. We currently only handle PSS.
- */
-
-static int rsa_item_verify(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
-                           X509_ALGOR *sigalg, ASN1_BIT_STRING *sig,
-                           EVP_PKEY *pkey)
-{
-    /* Sanity check: make sure it is PSS */
-    if (OBJ_obj2nid(sigalg->algorithm) != NID_rsassaPss) {
-        RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNSUPPORTED_SIGNATURE_TYPE);
-        return -1;
-    }
-    if (rsa_pss_to_ctx(ctx, NULL, sigalg, pkey) > 0) {
-        /* Carry on */
-        return 2;
-    }
-    return -1;
-}
-
-#ifndef OPENSSL_NO_CMS
-static int rsa_cms_sign(CMS_SignerInfo *si)
-{
-    int pad_mode = RSA_PKCS1_PADDING;
-    X509_ALGOR *alg;
-    EVP_PKEY_CTX *pkctx = CMS_SignerInfo_get0_pkey_ctx(si);
-    ASN1_STRING *os = NULL;
-    CMS_SignerInfo_get0_algs(si, NULL, NULL, NULL, &alg);
-    if (pkctx) {
-        if (EVP_PKEY_CTX_get_rsa_padding(pkctx, &pad_mode) <= 0)
-            return 0;
-    }
-    if (pad_mode == RSA_PKCS1_PADDING) {
-        X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption), V_ASN1_NULL, 0);
-        return 1;
-    }
-    /* We don't support it */
-    if (pad_mode != RSA_PKCS1_PSS_PADDING)
-        return 0;
-    os = rsa_ctx_to_pss(pkctx);
-    if (!os)
-        return 0;
-    X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsassaPss), V_ASN1_SEQUENCE, os);
-    return 1;
-}
-#endif
-
-static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
-                         X509_ALGOR *alg1, X509_ALGOR *alg2,
-                         ASN1_BIT_STRING *sig)
-{
-    int pad_mode;
-    EVP_PKEY_CTX *pkctx = ctx->pctx;
-    if (EVP_PKEY_CTX_get_rsa_padding(pkctx, &pad_mode) <= 0)
-        return 0;
-    if (pad_mode == RSA_PKCS1_PADDING)
-        return 2;
-    if (pad_mode == RSA_PKCS1_PSS_PADDING) {
-        ASN1_STRING *os1 = NULL;
-        os1 = rsa_ctx_to_pss(pkctx);
-        if (!os1)
-            return 0;
-        /* Duplicate parameters if we have to */
-        if (alg2) {
-            ASN1_STRING *os2 = ASN1_STRING_dup(os1);
-            if (!os2) {
-                ASN1_STRING_free(os1);
-                return 0;
-            }
-            X509_ALGOR_set0(alg2, OBJ_nid2obj(NID_rsassaPss),
-                            V_ASN1_SEQUENCE, os2);
-        }
-        X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_rsassaPss),
-                        V_ASN1_SEQUENCE, os1);
-        return 3;
-    }
-    return 2;
-}
-
-static RSA_OAEP_PARAMS *rsa_oaep_decode(const X509_ALGOR *alg,
-                                        X509_ALGOR **pmaskHash)
-{
-    const unsigned char *p;
-    int plen;
-    RSA_OAEP_PARAMS *pss;
-
-    *pmaskHash = NULL;
-
-    if (!alg->parameter || alg->parameter->type != V_ASN1_SEQUENCE)
-        return NULL;
-    p = alg->parameter->value.sequence->data;
-    plen = alg->parameter->value.sequence->length;
-    pss = d2i_RSA_OAEP_PARAMS(NULL, &p, plen);
-
-    if (!pss)
-        return NULL;
-
-    *pmaskHash = rsa_mgf1_decode(pss->maskGenFunc);
-
-    return pss;
-}
-
-#ifndef OPENSSL_NO_CMS
-static int rsa_cms_decrypt(CMS_RecipientInfo *ri)
-{
-    EVP_PKEY_CTX *pkctx;
-    X509_ALGOR *cmsalg;
-    int nid;
-    int rv = -1;
-    unsigned char *label = NULL;
-    int labellen = 0;
-    const EVP_MD *mgf1md = NULL, *md = NULL;
-    RSA_OAEP_PARAMS *oaep;
-    X509_ALGOR *maskHash;
-    pkctx = CMS_RecipientInfo_get0_pkey_ctx(ri);
-    if (!pkctx)
-        return 0;
-    if (!CMS_RecipientInfo_ktri_get0_algs(ri, NULL, NULL, &cmsalg))
-        return -1;
-    nid = OBJ_obj2nid(cmsalg->algorithm);
-    if (nid == NID_rsaEncryption)
-        return 1;
-    if (nid != NID_rsaesOaep) {
-        RSAerr(RSA_F_RSA_CMS_DECRYPT, RSA_R_UNSUPPORTED_ENCRYPTION_TYPE);
-        return -1;
-    }
-    /* Decode OAEP parameters */
-    oaep = rsa_oaep_decode(cmsalg, &maskHash);
-
-    if (oaep == NULL) {
-        RSAerr(RSA_F_RSA_CMS_DECRYPT, RSA_R_INVALID_OAEP_PARAMETERS);
-        goto err;
-    }
-
-    mgf1md = rsa_mgf1_to_md(oaep->maskGenFunc, maskHash);
-    if (!mgf1md)
-        goto err;
-    md = rsa_algor_to_md(oaep->hashFunc);
-    if (!md)
-        goto err;
-
-    if (oaep->pSourceFunc) {
-        X509_ALGOR *plab = oaep->pSourceFunc;
-        if (OBJ_obj2nid(plab->algorithm) != NID_pSpecified) {
-            RSAerr(RSA_F_RSA_CMS_DECRYPT, RSA_R_UNSUPPORTED_LABEL_SOURCE);
-            goto err;
-        }
-        if (plab->parameter->type != V_ASN1_OCTET_STRING) {
-            RSAerr(RSA_F_RSA_CMS_DECRYPT, RSA_R_INVALID_LABEL);
-            goto err;
-        }
-
-        label = plab->parameter->value.octet_string->data;
-        /* Stop label being freed when OAEP parameters are freed */
-        plab->parameter->value.octet_string->data = NULL;
-        labellen = plab->parameter->value.octet_string->length;
-    }
-
-    if (EVP_PKEY_CTX_set_rsa_padding(pkctx, RSA_PKCS1_OAEP_PADDING) <= 0)
-        goto err;
-    if (EVP_PKEY_CTX_set_rsa_oaep_md(pkctx, md) <= 0)
-        goto err;
-    if (EVP_PKEY_CTX_set_rsa_mgf1_md(pkctx, mgf1md) <= 0)
-        goto err;
-    if (EVP_PKEY_CTX_set0_rsa_oaep_label(pkctx, label, labellen) <= 0)
-        goto err;
-    /* Carry on */
-    rv = 1;
-
- err:
-    RSA_OAEP_PARAMS_free(oaep);
-    if (maskHash)
-        X509_ALGOR_free(maskHash);
-    return rv;
-}
-
-static int rsa_cms_encrypt(CMS_RecipientInfo *ri)
-{
-    const EVP_MD *md, *mgf1md;
-    RSA_OAEP_PARAMS *oaep = NULL;
-    ASN1_STRING *os = NULL;
-    X509_ALGOR *alg;
-    EVP_PKEY_CTX *pkctx = CMS_RecipientInfo_get0_pkey_ctx(ri);
-    int pad_mode = RSA_PKCS1_PADDING, rv = 0, labellen;
-    unsigned char *label;
-    CMS_RecipientInfo_ktri_get0_algs(ri, NULL, NULL, &alg);
-    if (pkctx) {
-        if (EVP_PKEY_CTX_get_rsa_padding(pkctx, &pad_mode) <= 0)
-            return 0;
-    }
-    if (pad_mode == RSA_PKCS1_PADDING) {
-        X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption), V_ASN1_NULL, 0);
-        return 1;
-    }
-    /* Not supported */
-    if (pad_mode != RSA_PKCS1_OAEP_PADDING)
-        return 0;
-    if (EVP_PKEY_CTX_get_rsa_oaep_md(pkctx, &md) <= 0)
-        goto err;
-    if (EVP_PKEY_CTX_get_rsa_mgf1_md(pkctx, &mgf1md) <= 0)
-        goto err;
-    labellen = EVP_PKEY_CTX_get0_rsa_oaep_label(pkctx, &label);
-    if (labellen < 0)
-        goto err;
-    oaep = RSA_OAEP_PARAMS_new();
-    if (!oaep)
-        goto err;
-    if (!rsa_md_to_algor(&oaep->hashFunc, md))
-        goto err;
-    if (!rsa_md_to_mgf1(&oaep->maskGenFunc, mgf1md))
-        goto err;
-    if (labellen > 0) {
-        ASN1_OCTET_STRING *los = ASN1_OCTET_STRING_new();
-        oaep->pSourceFunc = X509_ALGOR_new();
-        if (!oaep->pSourceFunc)
-            goto err;
-        if (!los)
-            goto err;
-        if (!ASN1_OCTET_STRING_set(los, label, labellen)) {
-            ASN1_OCTET_STRING_free(los);
-            goto err;
-        }
-        X509_ALGOR_set0(oaep->pSourceFunc, OBJ_nid2obj(NID_pSpecified),
-                        V_ASN1_OCTET_STRING, los);
-    }
-    /* create string with pss parameter encoding. */
-    if (!ASN1_item_pack(oaep, ASN1_ITEM_rptr(RSA_OAEP_PARAMS), &os))
-         goto err;
-    X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaesOaep), V_ASN1_SEQUENCE, os);
-    os = NULL;
-    rv = 1;
- err:
-    if (oaep)
-        RSA_OAEP_PARAMS_free(oaep);
-    if (os)
-        ASN1_STRING_free(os);
-    return rv;
-}
-#endif
-
-const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[] = {
-    {
-     EVP_PKEY_RSA,
-     EVP_PKEY_RSA,
-     ASN1_PKEY_SIGPARAM_NULL,
-
-     "RSA",
-     "OpenSSL RSA method",
-
-     rsa_pub_decode,
-     rsa_pub_encode,
-     rsa_pub_cmp,
-     rsa_pub_print,
-
-     rsa_priv_decode,
-     rsa_priv_encode,
-     rsa_priv_print,
-
-     int_rsa_size,
-     rsa_bits,
-
-     0, 0, 0, 0, 0, 0,
-
-     rsa_sig_print,
-     int_rsa_free,
-     rsa_pkey_ctrl,
-     old_rsa_priv_decode,
-     old_rsa_priv_encode,
-     rsa_item_verify,
-     rsa_item_sign},
-
-    {
-     EVP_PKEY_RSA2,
-     EVP_PKEY_RSA,
-     ASN1_PKEY_ALIAS}
-};
diff --git a/thirdparty/openssl/crypto/rsa/rsa_asn1.c b/thirdparty/openssl/crypto/rsa/rsa_asn1.c
deleted file mode 100644
index aff8b583fa..0000000000
--- a/thirdparty/openssl/crypto/rsa/rsa_asn1.c
+++ /dev/null
@@ -1,131 +0,0 @@
-/* rsa_asn1.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/x509.h>
-#include <openssl/asn1t.h>
-
-/* Override the default free and new methods */
-static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                  void *exarg)
-{
-    if (operation == ASN1_OP_NEW_PRE) {
-        *pval = (ASN1_VALUE *)RSA_new();
-        if (*pval)
-            return 2;
-        return 0;
-    } else if (operation == ASN1_OP_FREE_PRE) {
-        RSA_free((RSA *)*pval);
-        *pval = NULL;
-        return 2;
-    }
-    return 1;
-}
-
-ASN1_SEQUENCE_cb(RSAPrivateKey, rsa_cb) = {
-        ASN1_SIMPLE(RSA, version, LONG),
-        ASN1_SIMPLE(RSA, n, BIGNUM),
-        ASN1_SIMPLE(RSA, e, BIGNUM),
-        ASN1_SIMPLE(RSA, d, BIGNUM),
-        ASN1_SIMPLE(RSA, p, BIGNUM),
-        ASN1_SIMPLE(RSA, q, BIGNUM),
-        ASN1_SIMPLE(RSA, dmp1, BIGNUM),
-        ASN1_SIMPLE(RSA, dmq1, BIGNUM),
-        ASN1_SIMPLE(RSA, iqmp, BIGNUM)
-} ASN1_SEQUENCE_END_cb(RSA, RSAPrivateKey)
-
-
-ASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = {
-        ASN1_SIMPLE(RSA, n, BIGNUM),
-        ASN1_SIMPLE(RSA, e, BIGNUM),
-} ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey)
-
-ASN1_SEQUENCE(RSA_PSS_PARAMS) = {
-        ASN1_EXP_OPT(RSA_PSS_PARAMS, hashAlgorithm, X509_ALGOR,0),
-        ASN1_EXP_OPT(RSA_PSS_PARAMS, maskGenAlgorithm, X509_ALGOR,1),
-        ASN1_EXP_OPT(RSA_PSS_PARAMS, saltLength, ASN1_INTEGER,2),
-        ASN1_EXP_OPT(RSA_PSS_PARAMS, trailerField, ASN1_INTEGER,3)
-} ASN1_SEQUENCE_END(RSA_PSS_PARAMS)
-
-IMPLEMENT_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
-
-ASN1_SEQUENCE(RSA_OAEP_PARAMS) = {
-        ASN1_EXP_OPT(RSA_OAEP_PARAMS, hashFunc, X509_ALGOR, 0),
-        ASN1_EXP_OPT(RSA_OAEP_PARAMS, maskGenFunc, X509_ALGOR, 1),
-        ASN1_EXP_OPT(RSA_OAEP_PARAMS, pSourceFunc, X509_ALGOR, 2),
-} ASN1_SEQUENCE_END(RSA_OAEP_PARAMS)
-
-IMPLEMENT_ASN1_FUNCTIONS(RSA_OAEP_PARAMS)
-
-IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPrivateKey, RSAPrivateKey)
-
-IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPublicKey, RSAPublicKey)
-
-RSA *RSAPublicKey_dup(RSA *rsa)
-{
-    return ASN1_item_dup(ASN1_ITEM_rptr(RSAPublicKey), rsa);
-}
-
-RSA *RSAPrivateKey_dup(RSA *rsa)
-{
-    return ASN1_item_dup(ASN1_ITEM_rptr(RSAPrivateKey), rsa);
-}
diff --git a/thirdparty/openssl/crypto/rsa/rsa_chk.c b/thirdparty/openssl/crypto/rsa/rsa_chk.c
deleted file mode 100644
index 475dfc5628..0000000000
--- a/thirdparty/openssl/crypto/rsa/rsa_chk.c
+++ /dev/null
@@ -1,191 +0,0 @@
-/* crypto/rsa/rsa_chk.c  */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/rsa.h>
-
-int RSA_check_key(const RSA *key)
-{
-    BIGNUM *i, *j, *k, *l, *m;
-    BN_CTX *ctx;
-    int ret = 1;
-
-    if (!key->p || !key->q || !key->n || !key->e || !key->d) {
-        RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_VALUE_MISSING);
-        return 0;
-    }
-
-    i = BN_new();
-    j = BN_new();
-    k = BN_new();
-    l = BN_new();
-    m = BN_new();
-    ctx = BN_CTX_new();
-    if (i == NULL || j == NULL || k == NULL || l == NULL
-            || m == NULL || ctx == NULL) {
-        ret = -1;
-        RSAerr(RSA_F_RSA_CHECK_KEY, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (BN_is_one(key->e)) {
-        ret = 0;
-        RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_BAD_E_VALUE);
-    }
-    if (!BN_is_odd(key->e)) {
-        ret = 0;
-        RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_BAD_E_VALUE);
-    }
-
-    /* p prime? */
-    if (BN_is_prime_ex(key->p, BN_prime_checks, NULL, NULL) != 1) {
-        ret = 0;
-        RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_P_NOT_PRIME);
-    }
-
-    /* q prime? */
-    if (BN_is_prime_ex(key->q, BN_prime_checks, NULL, NULL) != 1) {
-        ret = 0;
-        RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_Q_NOT_PRIME);
-    }
-
-    /* n = p*q? */
-    if (!BN_mul(i, key->p, key->q, ctx)) {
-        ret = -1;
-        goto err;
-    }
-    if (BN_cmp(i, key->n) != 0) {
-        ret = 0;
-        RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_N_DOES_NOT_EQUAL_P_Q);
-    }
-
-    /* d*e = 1  mod lcm(p-1,q-1)? */
-    if (!BN_sub(i, key->p, BN_value_one())) {
-        ret = -1;
-        goto err;
-    }
-    if (!BN_sub(j, key->q, BN_value_one())) {
-        ret = -1;
-        goto err;
-    }
-
-    /* now compute k = lcm(i,j) */
-    if (!BN_mul(l, i, j, ctx)) {
-        ret = -1;
-        goto err;
-    }
-    if (!BN_gcd(m, i, j, ctx)) {
-        ret = -1;
-        goto err;
-    }
-    if (!BN_div(k, NULL, l, m, ctx)) { /* remainder is 0 */
-        ret = -1;
-        goto err;
-    }
-    if (!BN_mod_mul(i, key->d, key->e, k, ctx)) {
-        ret = -1;
-        goto err;
-    }
-
-    if (!BN_is_one(i)) {
-        ret = 0;
-        RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_D_E_NOT_CONGRUENT_TO_1);
-    }
-
-    if (key->dmp1 != NULL && key->dmq1 != NULL && key->iqmp != NULL) {
-        /* dmp1 = d mod (p-1)? */
-        if (!BN_sub(i, key->p, BN_value_one())) {
-            ret = -1;
-            goto err;
-        }
-        if (!BN_mod(j, key->d, i, ctx)) {
-            ret = -1;
-            goto err;
-        }
-        if (BN_cmp(j, key->dmp1) != 0) {
-            ret = 0;
-            RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_DMP1_NOT_CONGRUENT_TO_D);
-        }
-
-        /* dmq1 = d mod (q-1)? */
-        if (!BN_sub(i, key->q, BN_value_one())) {
-            ret = -1;
-            goto err;
-        }
-        if (!BN_mod(j, key->d, i, ctx)) {
-            ret = -1;
-            goto err;
-        }
-        if (BN_cmp(j, key->dmq1) != 0) {
-            ret = 0;
-            RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_DMQ1_NOT_CONGRUENT_TO_D);
-        }
-
-        /* iqmp = q^-1 mod p? */
-        if (!BN_mod_inverse(i, key->q, key->p, ctx)) {
-            ret = -1;
-            goto err;
-        }
-        if (BN_cmp(i, key->iqmp) != 0) {
-            ret = 0;
-            RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_IQMP_NOT_INVERSE_OF_Q);
-        }
-    }
-
- err:
-    BN_free(i);
-    BN_free(j);
-    BN_free(k);
-    BN_free(l);
-    BN_free(m);
-    BN_CTX_free(ctx);
-    return ret;
-}
diff --git a/thirdparty/openssl/crypto/rsa/rsa_crpt.c b/thirdparty/openssl/crypto/rsa/rsa_crpt.c
deleted file mode 100644
index 5c416b53fa..0000000000
--- a/thirdparty/openssl/crypto/rsa/rsa_crpt.c
+++ /dev/null
@@ -1,247 +0,0 @@
-/* crypto/rsa/rsa_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/rand.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-
-int RSA_size(const RSA *r)
-{
-    return (BN_num_bytes(r->n));
-}
-
-int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
-                       RSA *rsa, int padding)
-{
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
-        && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
-        RSAerr(RSA_F_RSA_PUBLIC_ENCRYPT, RSA_R_NON_FIPS_RSA_METHOD);
-        return -1;
-    }
-#endif
-    return (rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding));
-}
-
-int RSA_private_encrypt(int flen, const unsigned char *from,
-                        unsigned char *to, RSA *rsa, int padding)
-{
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
-        && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
-        RSAerr(RSA_F_RSA_PRIVATE_ENCRYPT, RSA_R_NON_FIPS_RSA_METHOD);
-        return -1;
-    }
-#endif
-    return (rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding));
-}
-
-int RSA_private_decrypt(int flen, const unsigned char *from,
-                        unsigned char *to, RSA *rsa, int padding)
-{
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
-        && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
-        RSAerr(RSA_F_RSA_PRIVATE_DECRYPT, RSA_R_NON_FIPS_RSA_METHOD);
-        return -1;
-    }
-#endif
-    return (rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding));
-}
-
-int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to,
-                       RSA *rsa, int padding)
-{
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
-        && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
-        RSAerr(RSA_F_RSA_PUBLIC_DECRYPT, RSA_R_NON_FIPS_RSA_METHOD);
-        return -1;
-    }
-#endif
-    return (rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding));
-}
-
-int RSA_flags(const RSA *r)
-{
-    return ((r == NULL) ? 0 : r->meth->flags);
-}
-
-void RSA_blinding_off(RSA *rsa)
-{
-    if (rsa->blinding != NULL) {
-        BN_BLINDING_free(rsa->blinding);
-        rsa->blinding = NULL;
-    }
-    rsa->flags &= ~RSA_FLAG_BLINDING;
-    rsa->flags |= RSA_FLAG_NO_BLINDING;
-}
-
-int RSA_blinding_on(RSA *rsa, BN_CTX *ctx)
-{
-    int ret = 0;
-
-    if (rsa->blinding != NULL)
-        RSA_blinding_off(rsa);
-
-    rsa->blinding = RSA_setup_blinding(rsa, ctx);
-    if (rsa->blinding == NULL)
-        goto err;
-
-    rsa->flags |= RSA_FLAG_BLINDING;
-    rsa->flags &= ~RSA_FLAG_NO_BLINDING;
-    ret = 1;
- err:
-    return (ret);
-}
-
-static BIGNUM *rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p,
-                                  const BIGNUM *q, BN_CTX *ctx)
-{
-    BIGNUM *ret = NULL, *r0, *r1, *r2;
-
-    if (d == NULL || p == NULL || q == NULL)
-        return NULL;
-
-    BN_CTX_start(ctx);
-    r0 = BN_CTX_get(ctx);
-    r1 = BN_CTX_get(ctx);
-    r2 = BN_CTX_get(ctx);
-    if (r2 == NULL)
-        goto err;
-
-    if (!BN_sub(r1, p, BN_value_one()))
-        goto err;
-    if (!BN_sub(r2, q, BN_value_one()))
-        goto err;
-    if (!BN_mul(r0, r1, r2, ctx))
-        goto err;
-
-    ret = BN_mod_inverse(NULL, d, r0, ctx);
- err:
-    BN_CTX_end(ctx);
-    return ret;
-}
-
-BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
-{
-    BIGNUM local_n;
-    BIGNUM *e, *n;
-    BN_CTX *ctx;
-    BN_BLINDING *ret = NULL;
-
-    if (in_ctx == NULL) {
-        if ((ctx = BN_CTX_new()) == NULL)
-            return 0;
-    } else
-        ctx = in_ctx;
-
-    BN_CTX_start(ctx);
-    e = BN_CTX_get(ctx);
-    if (e == NULL) {
-        RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (rsa->e == NULL) {
-        e = rsa_get_public_exp(rsa->d, rsa->p, rsa->q, ctx);
-        if (e == NULL) {
-            RSAerr(RSA_F_RSA_SETUP_BLINDING, RSA_R_NO_PUBLIC_EXPONENT);
-            goto err;
-        }
-    } else
-        e = rsa->e;
-
-    if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL) {
-        /*
-         * if PRNG is not properly seeded, resort to secret exponent as
-         * unpredictable seed
-         */
-        RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0.0);
-    }
-
-    if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
-        /* Set BN_FLG_CONSTTIME flag */
-        n = &local_n;
-        BN_with_flags(n, rsa->n, BN_FLG_CONSTTIME);
-    } else
-        n = rsa->n;
-
-    ret = BN_BLINDING_create_param(NULL, e, n, ctx,
-                                   rsa->meth->bn_mod_exp, rsa->_method_mod_n);
-    if (ret == NULL) {
-        RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_BN_LIB);
-        goto err;
-    }
-    CRYPTO_THREADID_current(BN_BLINDING_thread_id(ret));
- err:
-    BN_CTX_end(ctx);
-    if (in_ctx == NULL)
-        BN_CTX_free(ctx);
-    if (rsa->e == NULL)
-        BN_free(e);
-
-    return ret;
-}
diff --git a/thirdparty/openssl/crypto/rsa/rsa_depr.c b/thirdparty/openssl/crypto/rsa/rsa_depr.c
deleted file mode 100644
index 32f0c8887f..0000000000
--- a/thirdparty/openssl/crypto/rsa/rsa_depr.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/* crypto/rsa/rsa_depr.c */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NB: This file contains deprecated functions (compatibility wrappers to the
- * "new" versions).
- */
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-
-#ifdef OPENSSL_NO_DEPRECATED
-
-static void *dummy = &dummy;
-
-#else
-
-RSA *RSA_generate_key(int bits, unsigned long e_value,
-                      void (*callback) (int, int, void *), void *cb_arg)
-{
-    BN_GENCB cb;
-    int i;
-    RSA *rsa = RSA_new();
-    BIGNUM *e = BN_new();
-
-    if (!rsa || !e)
-        goto err;
-
-    /*
-     * The problem is when building with 8, 16, or 32 BN_ULONG, unsigned long
-     * can be larger
-     */
-    for (i = 0; i < (int)sizeof(unsigned long) * 8; i++) {
-        if (e_value & (1UL << i))
-            if (BN_set_bit(e, i) == 0)
-                goto err;
-    }
-
-    BN_GENCB_set_old(&cb, callback, cb_arg);
-
-    if (RSA_generate_key_ex(rsa, bits, e, &cb)) {
-        BN_free(e);
-        return rsa;
-    }
- err:
-    if (e)
-        BN_free(e);
-    if (rsa)
-        RSA_free(rsa);
-    return 0;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/rsa/rsa_eay.c b/thirdparty/openssl/crypto/rsa/rsa_eay.c
deleted file mode 100644
index b147fff8bd..0000000000
--- a/thirdparty/openssl/crypto/rsa/rsa_eay.c
+++ /dev/null
@@ -1,904 +0,0 @@
-/* crypto/rsa/rsa_eay.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/rand.h>
-
-#ifndef RSA_NULL
-
-static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
-                                  unsigned char *to, RSA *rsa, int padding);
-static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
-                                   unsigned char *to, RSA *rsa, int padding);
-static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
-                                  unsigned char *to, RSA *rsa, int padding);
-static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
-                                   unsigned char *to, RSA *rsa, int padding);
-static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
-                           BN_CTX *ctx);
-static int RSA_eay_init(RSA *rsa);
-static int RSA_eay_finish(RSA *rsa);
-static RSA_METHOD rsa_pkcs1_eay_meth = {
-    "Eric Young's PKCS#1 RSA",
-    RSA_eay_public_encrypt,
-    RSA_eay_public_decrypt,     /* signature verification */
-    RSA_eay_private_encrypt,    /* signing */
-    RSA_eay_private_decrypt,
-    RSA_eay_mod_exp,
-    BN_mod_exp_mont,            /* XXX probably we should not use Montgomery
-                                 * if e == 3 */
-    RSA_eay_init,
-    RSA_eay_finish,
-    0,                          /* flags */
-    NULL,
-    0,                          /* rsa_sign */
-    0,                          /* rsa_verify */
-    NULL                        /* rsa_keygen */
-};
-
-const RSA_METHOD *RSA_PKCS1_SSLeay(void)
-{
-    return (&rsa_pkcs1_eay_meth);
-}
-
-static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
-                                  unsigned char *to, RSA *rsa, int padding)
-{
-    BIGNUM *f, *ret;
-    int i, j, k, num = 0, r = -1;
-    unsigned char *buf = NULL;
-    BN_CTX *ctx = NULL;
-
-    if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) {
-        RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE);
-        return -1;
-    }
-
-    if (BN_ucmp(rsa->n, rsa->e) <= 0) {
-        RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE);
-        return -1;
-    }
-
-    /* for large moduli, enforce exponent limit */
-    if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS) {
-        if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) {
-            RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE);
-            return -1;
-        }
-    }
-
-    if ((ctx = BN_CTX_new()) == NULL)
-        goto err;
-    BN_CTX_start(ctx);
-    f = BN_CTX_get(ctx);
-    ret = BN_CTX_get(ctx);
-    num = BN_num_bytes(rsa->n);
-    buf = OPENSSL_malloc(num);
-    if (!f || !ret || !buf) {
-        RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    switch (padding) {
-    case RSA_PKCS1_PADDING:
-        i = RSA_padding_add_PKCS1_type_2(buf, num, from, flen);
-        break;
-# ifndef OPENSSL_NO_SHA
-    case RSA_PKCS1_OAEP_PADDING:
-        i = RSA_padding_add_PKCS1_OAEP(buf, num, from, flen, NULL, 0);
-        break;
-# endif
-    case RSA_SSLV23_PADDING:
-        i = RSA_padding_add_SSLv23(buf, num, from, flen);
-        break;
-    case RSA_NO_PADDING:
-        i = RSA_padding_add_none(buf, num, from, flen);
-        break;
-    default:
-        RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
-        goto err;
-    }
-    if (i <= 0)
-        goto err;
-
-    if (BN_bin2bn(buf, num, f) == NULL)
-        goto err;
-
-    if (BN_ucmp(f, rsa->n) >= 0) {
-        /* usually the padding functions would catch this */
-        RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,
-               RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
-        goto err;
-    }
-
-    if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
-        if (!BN_MONT_CTX_set_locked
-            (&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
-            goto err;
-
-    if (!rsa->meth->bn_mod_exp(ret, f, rsa->e, rsa->n, ctx,
-                               rsa->_method_mod_n))
-        goto err;
-
-    /*
-     * put in leading 0 bytes if the number is less than the length of the
-     * modulus
-     */
-    j = BN_num_bytes(ret);
-    i = BN_bn2bin(ret, &(to[num - j]));
-    for (k = 0; k < (num - i); k++)
-        to[k] = 0;
-
-    r = num;
- err:
-    if (ctx != NULL) {
-        BN_CTX_end(ctx);
-        BN_CTX_free(ctx);
-    }
-    if (buf != NULL) {
-        OPENSSL_cleanse(buf, num);
-        OPENSSL_free(buf);
-    }
-    return (r);
-}
-
-static BN_BLINDING *rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx)
-{
-    BN_BLINDING *ret;
-    int got_write_lock = 0;
-    CRYPTO_THREADID cur;
-
-    CRYPTO_r_lock(CRYPTO_LOCK_RSA);
-
-    if (rsa->blinding == NULL) {
-        CRYPTO_r_unlock(CRYPTO_LOCK_RSA);
-        CRYPTO_w_lock(CRYPTO_LOCK_RSA);
-        got_write_lock = 1;
-
-        if (rsa->blinding == NULL)
-            rsa->blinding = RSA_setup_blinding(rsa, ctx);
-    }
-
-    ret = rsa->blinding;
-    if (ret == NULL)
-        goto err;
-
-    CRYPTO_THREADID_current(&cur);
-    if (!CRYPTO_THREADID_cmp(&cur, BN_BLINDING_thread_id(ret))) {
-        /* rsa->blinding is ours! */
-
-        *local = 1;
-    } else {
-        /* resort to rsa->mt_blinding instead */
-
-        /*
-         * instructs rsa_blinding_convert(), rsa_blinding_invert() that the
-         * BN_BLINDING is shared, meaning that accesses require locks, and
-         * that the blinding factor must be stored outside the BN_BLINDING
-         */
-        *local = 0;
-
-        if (rsa->mt_blinding == NULL) {
-            if (!got_write_lock) {
-                CRYPTO_r_unlock(CRYPTO_LOCK_RSA);
-                CRYPTO_w_lock(CRYPTO_LOCK_RSA);
-                got_write_lock = 1;
-            }
-
-            if (rsa->mt_blinding == NULL)
-                rsa->mt_blinding = RSA_setup_blinding(rsa, ctx);
-        }
-        ret = rsa->mt_blinding;
-    }
-
- err:
-    if (got_write_lock)
-        CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
-    else
-        CRYPTO_r_unlock(CRYPTO_LOCK_RSA);
-    return ret;
-}
-
-static int rsa_blinding_convert(BN_BLINDING *b, BIGNUM *f, BIGNUM *unblind,
-                                BN_CTX *ctx)
-{
-    if (unblind == NULL)
-        /*
-         * Local blinding: store the unblinding factor in BN_BLINDING.
-         */
-        return BN_BLINDING_convert_ex(f, NULL, b, ctx);
-    else {
-        /*
-         * Shared blinding: store the unblinding factor outside BN_BLINDING.
-         */
-        int ret;
-        CRYPTO_w_lock(CRYPTO_LOCK_RSA_BLINDING);
-        ret = BN_BLINDING_convert_ex(f, unblind, b, ctx);
-        CRYPTO_w_unlock(CRYPTO_LOCK_RSA_BLINDING);
-        return ret;
-    }
-}
-
-static int rsa_blinding_invert(BN_BLINDING *b, BIGNUM *f, BIGNUM *unblind,
-                               BN_CTX *ctx)
-{
-    /*
-     * For local blinding, unblind is set to NULL, and BN_BLINDING_invert_ex
-     * will use the unblinding factor stored in BN_BLINDING. If BN_BLINDING
-     * is shared between threads, unblind must be non-null:
-     * BN_BLINDING_invert_ex will then use the local unblinding factor, and
-     * will only read the modulus from BN_BLINDING. In both cases it's safe
-     * to access the blinding without a lock.
-     */
-    return BN_BLINDING_invert_ex(f, unblind, b, ctx);
-}
-
-/* signing */
-static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
-                                   unsigned char *to, RSA *rsa, int padding)
-{
-    BIGNUM *f, *ret, *res;
-    int i, j, k, num = 0, r = -1;
-    unsigned char *buf = NULL;
-    BN_CTX *ctx = NULL;
-    int local_blinding = 0;
-    /*
-     * Used only if the blinding structure is shared. A non-NULL unblind
-     * instructs rsa_blinding_convert() and rsa_blinding_invert() to store
-     * the unblinding factor outside the blinding structure.
-     */
-    BIGNUM *unblind = NULL;
-    BN_BLINDING *blinding = NULL;
-
-    if ((ctx = BN_CTX_new()) == NULL)
-        goto err;
-    BN_CTX_start(ctx);
-    f = BN_CTX_get(ctx);
-    ret = BN_CTX_get(ctx);
-    num = BN_num_bytes(rsa->n);
-    buf = OPENSSL_malloc(num);
-    if (!f || !ret || !buf) {
-        RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    switch (padding) {
-    case RSA_PKCS1_PADDING:
-        i = RSA_padding_add_PKCS1_type_1(buf, num, from, flen);
-        break;
-    case RSA_X931_PADDING:
-        i = RSA_padding_add_X931(buf, num, from, flen);
-        break;
-    case RSA_NO_PADDING:
-        i = RSA_padding_add_none(buf, num, from, flen);
-        break;
-    case RSA_SSLV23_PADDING:
-    default:
-        RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
-        goto err;
-    }
-    if (i <= 0)
-        goto err;
-
-    if (BN_bin2bn(buf, num, f) == NULL)
-        goto err;
-
-    if (BN_ucmp(f, rsa->n) >= 0) {
-        /* usually the padding functions would catch this */
-        RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,
-               RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
-        goto err;
-    }
-
-    if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) {
-        blinding = rsa_get_blinding(rsa, &local_blinding, ctx);
-        if (blinding == NULL) {
-            RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_INTERNAL_ERROR);
-            goto err;
-        }
-    }
-
-    if (blinding != NULL) {
-        if (!local_blinding && ((unblind = BN_CTX_get(ctx)) == NULL)) {
-            RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        if (!rsa_blinding_convert(blinding, f, unblind, ctx))
-            goto err;
-    }
-
-    if ((rsa->flags & RSA_FLAG_EXT_PKEY) ||
-        ((rsa->p != NULL) &&
-         (rsa->q != NULL) &&
-         (rsa->dmp1 != NULL) && (rsa->dmq1 != NULL) && (rsa->iqmp != NULL))) {
-        if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx))
-            goto err;
-    } else {
-        BIGNUM local_d;
-        BIGNUM *d = NULL;
-
-        if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
-            BN_init(&local_d);
-            d = &local_d;
-            BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
-        } else
-            d = rsa->d;
-
-        if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
-            if (!BN_MONT_CTX_set_locked
-                (&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
-                goto err;
-
-        if (!rsa->meth->bn_mod_exp(ret, f, d, rsa->n, ctx,
-                                   rsa->_method_mod_n))
-            goto err;
-    }
-
-    if (blinding)
-        if (!rsa_blinding_invert(blinding, ret, unblind, ctx))
-            goto err;
-
-    if (padding == RSA_X931_PADDING) {
-        BN_sub(f, rsa->n, ret);
-        if (BN_cmp(ret, f) > 0)
-            res = f;
-        else
-            res = ret;
-    } else
-        res = ret;
-
-    /*
-     * put in leading 0 bytes if the number is less than the length of the
-     * modulus
-     */
-    j = BN_num_bytes(res);
-    i = BN_bn2bin(res, &(to[num - j]));
-    for (k = 0; k < (num - i); k++)
-        to[k] = 0;
-
-    r = num;
- err:
-    if (ctx != NULL) {
-        BN_CTX_end(ctx);
-        BN_CTX_free(ctx);
-    }
-    if (buf != NULL) {
-        OPENSSL_cleanse(buf, num);
-        OPENSSL_free(buf);
-    }
-    return (r);
-}
-
-static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
-                                   unsigned char *to, RSA *rsa, int padding)
-{
-    BIGNUM *f, *ret;
-    int j, num = 0, r = -1;
-    unsigned char *p;
-    unsigned char *buf = NULL;
-    BN_CTX *ctx = NULL;
-    int local_blinding = 0;
-    /*
-     * Used only if the blinding structure is shared. A non-NULL unblind
-     * instructs rsa_blinding_convert() and rsa_blinding_invert() to store
-     * the unblinding factor outside the blinding structure.
-     */
-    BIGNUM *unblind = NULL;
-    BN_BLINDING *blinding = NULL;
-
-    if ((ctx = BN_CTX_new()) == NULL)
-        goto err;
-    BN_CTX_start(ctx);
-    f = BN_CTX_get(ctx);
-    ret = BN_CTX_get(ctx);
-    num = BN_num_bytes(rsa->n);
-    buf = OPENSSL_malloc(num);
-    if (!f || !ret || !buf) {
-        RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    /*
-     * This check was for equality but PGP does evil things and chops off the
-     * top '0' bytes
-     */
-    if (flen > num) {
-        RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,
-               RSA_R_DATA_GREATER_THAN_MOD_LEN);
-        goto err;
-    }
-
-    /* make data into a big number */
-    if (BN_bin2bn(from, (int)flen, f) == NULL)
-        goto err;
-
-    if (BN_ucmp(f, rsa->n) >= 0) {
-        RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,
-               RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
-        goto err;
-    }
-
-    if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) {
-        blinding = rsa_get_blinding(rsa, &local_blinding, ctx);
-        if (blinding == NULL) {
-            RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_INTERNAL_ERROR);
-            goto err;
-        }
-    }
-
-    if (blinding != NULL) {
-        if (!local_blinding && ((unblind = BN_CTX_get(ctx)) == NULL)) {
-            RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        if (!rsa_blinding_convert(blinding, f, unblind, ctx))
-            goto err;
-    }
-
-    /* do the decrypt */
-    if ((rsa->flags & RSA_FLAG_EXT_PKEY) ||
-        ((rsa->p != NULL) &&
-         (rsa->q != NULL) &&
-         (rsa->dmp1 != NULL) && (rsa->dmq1 != NULL) && (rsa->iqmp != NULL))) {
-        if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx))
-            goto err;
-    } else {
-        BIGNUM local_d;
-        BIGNUM *d = NULL;
-
-        if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
-            d = &local_d;
-            BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
-        } else
-            d = rsa->d;
-
-        if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
-            if (!BN_MONT_CTX_set_locked
-                (&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
-                goto err;
-        if (!rsa->meth->bn_mod_exp(ret, f, d, rsa->n, ctx,
-                                   rsa->_method_mod_n))
-            goto err;
-    }
-
-    if (blinding)
-        if (!rsa_blinding_invert(blinding, ret, unblind, ctx))
-            goto err;
-
-    p = buf;
-    j = BN_bn2bin(ret, p);      /* j is only used with no-padding mode */
-
-    switch (padding) {
-    case RSA_PKCS1_PADDING:
-        r = RSA_padding_check_PKCS1_type_2(to, num, buf, j, num);
-        break;
-# ifndef OPENSSL_NO_SHA
-    case RSA_PKCS1_OAEP_PADDING:
-        r = RSA_padding_check_PKCS1_OAEP(to, num, buf, j, num, NULL, 0);
-        break;
-# endif
-    case RSA_SSLV23_PADDING:
-        r = RSA_padding_check_SSLv23(to, num, buf, j, num);
-        break;
-    case RSA_NO_PADDING:
-        r = RSA_padding_check_none(to, num, buf, j, num);
-        break;
-    default:
-        RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
-        goto err;
-    }
-    if (r < 0)
-        RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, RSA_R_PADDING_CHECK_FAILED);
-
- err:
-    if (ctx != NULL) {
-        BN_CTX_end(ctx);
-        BN_CTX_free(ctx);
-    }
-    if (buf != NULL) {
-        OPENSSL_cleanse(buf, num);
-        OPENSSL_free(buf);
-    }
-    return (r);
-}
-
-/* signature verification */
-static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
-                                  unsigned char *to, RSA *rsa, int padding)
-{
-    BIGNUM *f, *ret;
-    int i, num = 0, r = -1;
-    unsigned char *p;
-    unsigned char *buf = NULL;
-    BN_CTX *ctx = NULL;
-
-    if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) {
-        RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE);
-        return -1;
-    }
-
-    if (BN_ucmp(rsa->n, rsa->e) <= 0) {
-        RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE);
-        return -1;
-    }
-
-    /* for large moduli, enforce exponent limit */
-    if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS) {
-        if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) {
-            RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE);
-            return -1;
-        }
-    }
-
-    if ((ctx = BN_CTX_new()) == NULL)
-        goto err;
-    BN_CTX_start(ctx);
-    f = BN_CTX_get(ctx);
-    ret = BN_CTX_get(ctx);
-    num = BN_num_bytes(rsa->n);
-    buf = OPENSSL_malloc(num);
-    if (!f || !ret || !buf) {
-        RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    /*
-     * This check was for equality but PGP does evil things and chops off the
-     * top '0' bytes
-     */
-    if (flen > num) {
-        RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_DATA_GREATER_THAN_MOD_LEN);
-        goto err;
-    }
-
-    if (BN_bin2bn(from, flen, f) == NULL)
-        goto err;
-
-    if (BN_ucmp(f, rsa->n) >= 0) {
-        RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,
-               RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
-        goto err;
-    }
-
-    if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
-        if (!BN_MONT_CTX_set_locked
-            (&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
-            goto err;
-
-    if (!rsa->meth->bn_mod_exp(ret, f, rsa->e, rsa->n, ctx,
-                               rsa->_method_mod_n))
-        goto err;
-
-    if ((padding == RSA_X931_PADDING) && ((ret->d[0] & 0xf) != 12))
-        if (!BN_sub(ret, rsa->n, ret))
-            goto err;
-
-    p = buf;
-    i = BN_bn2bin(ret, p);
-
-    switch (padding) {
-    case RSA_PKCS1_PADDING:
-        r = RSA_padding_check_PKCS1_type_1(to, num, buf, i, num);
-        break;
-    case RSA_X931_PADDING:
-        r = RSA_padding_check_X931(to, num, buf, i, num);
-        break;
-    case RSA_NO_PADDING:
-        r = RSA_padding_check_none(to, num, buf, i, num);
-        break;
-    default:
-        RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
-        goto err;
-    }
-    if (r < 0)
-        RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_PADDING_CHECK_FAILED);
-
- err:
-    if (ctx != NULL) {
-        BN_CTX_end(ctx);
-        BN_CTX_free(ctx);
-    }
-    if (buf != NULL) {
-        OPENSSL_cleanse(buf, num);
-        OPENSSL_free(buf);
-    }
-    return (r);
-}
-
-static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
-{
-    BIGNUM *r1, *m1, *vrfy;
-    BIGNUM local_dmp1, local_dmq1, local_c, local_r1;
-    BIGNUM *dmp1, *dmq1, *c, *pr1;
-    int ret = 0;
-
-    BN_CTX_start(ctx);
-    r1 = BN_CTX_get(ctx);
-    m1 = BN_CTX_get(ctx);
-    vrfy = BN_CTX_get(ctx);
-
-    {
-        BIGNUM local_p, local_q;
-        BIGNUM *p = NULL, *q = NULL;
-
-        /*
-         * Make sure BN_mod_inverse in Montgomery intialization uses the
-         * BN_FLG_CONSTTIME flag (unless RSA_FLAG_NO_CONSTTIME is set)
-         */
-        if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
-            BN_init(&local_p);
-            p = &local_p;
-            BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME);
-
-            BN_init(&local_q);
-            q = &local_q;
-            BN_with_flags(q, rsa->q, BN_FLG_CONSTTIME);
-        } else {
-            p = rsa->p;
-            q = rsa->q;
-        }
-
-        if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) {
-            if (!BN_MONT_CTX_set_locked
-                (&rsa->_method_mod_p, CRYPTO_LOCK_RSA, p, ctx))
-                goto err;
-            if (!BN_MONT_CTX_set_locked
-                (&rsa->_method_mod_q, CRYPTO_LOCK_RSA, q, ctx))
-                goto err;
-        }
-    }
-
-    if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
-        if (!BN_MONT_CTX_set_locked
-            (&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
-            goto err;
-
-    /* compute I mod q */
-    if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
-        c = &local_c;
-        BN_with_flags(c, I, BN_FLG_CONSTTIME);
-        if (!BN_mod(r1, c, rsa->q, ctx))
-            goto err;
-    } else {
-        if (!BN_mod(r1, I, rsa->q, ctx))
-            goto err;
-    }
-
-    /* compute r1^dmq1 mod q */
-    if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
-        dmq1 = &local_dmq1;
-        BN_with_flags(dmq1, rsa->dmq1, BN_FLG_CONSTTIME);
-    } else
-        dmq1 = rsa->dmq1;
-    if (!rsa->meth->bn_mod_exp(m1, r1, dmq1, rsa->q, ctx, rsa->_method_mod_q))
-        goto err;
-
-    /* compute I mod p */
-    if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
-        c = &local_c;
-        BN_with_flags(c, I, BN_FLG_CONSTTIME);
-        if (!BN_mod(r1, c, rsa->p, ctx))
-            goto err;
-    } else {
-        if (!BN_mod(r1, I, rsa->p, ctx))
-            goto err;
-    }
-
-    /* compute r1^dmp1 mod p */
-    if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
-        dmp1 = &local_dmp1;
-        BN_with_flags(dmp1, rsa->dmp1, BN_FLG_CONSTTIME);
-    } else
-        dmp1 = rsa->dmp1;
-    if (!rsa->meth->bn_mod_exp(r0, r1, dmp1, rsa->p, ctx, rsa->_method_mod_p))
-        goto err;
-
-    if (!BN_sub(r0, r0, m1))
-        goto err;
-    /*
-     * This will help stop the size of r0 increasing, which does affect the
-     * multiply if it optimised for a power of 2 size
-     */
-    if (BN_is_negative(r0))
-        if (!BN_add(r0, r0, rsa->p))
-            goto err;
-
-    if (!BN_mul(r1, r0, rsa->iqmp, ctx))
-        goto err;
-
-    /* Turn BN_FLG_CONSTTIME flag on before division operation */
-    if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
-        pr1 = &local_r1;
-        BN_with_flags(pr1, r1, BN_FLG_CONSTTIME);
-    } else
-        pr1 = r1;
-    if (!BN_mod(r0, pr1, rsa->p, ctx))
-        goto err;
-
-    /*
-     * If p < q it is occasionally possible for the correction of adding 'p'
-     * if r0 is negative above to leave the result still negative. This can
-     * break the private key operations: the following second correction
-     * should *always* correct this rare occurrence. This will *never* happen
-     * with OpenSSL generated keys because they ensure p > q [steve]
-     */
-    if (BN_is_negative(r0))
-        if (!BN_add(r0, r0, rsa->p))
-            goto err;
-    if (!BN_mul(r1, r0, rsa->q, ctx))
-        goto err;
-    if (!BN_add(r0, r1, m1))
-        goto err;
-
-    if (rsa->e && rsa->n) {
-        if (!rsa->meth->bn_mod_exp(vrfy, r0, rsa->e, rsa->n, ctx,
-                                   rsa->_method_mod_n))
-            goto err;
-        /*
-         * If 'I' was greater than (or equal to) rsa->n, the operation will
-         * be equivalent to using 'I mod n'. However, the result of the
-         * verify will *always* be less than 'n' so we don't check for
-         * absolute equality, just congruency.
-         */
-        if (!BN_sub(vrfy, vrfy, I))
-            goto err;
-        if (!BN_mod(vrfy, vrfy, rsa->n, ctx))
-            goto err;
-        if (BN_is_negative(vrfy))
-            if (!BN_add(vrfy, vrfy, rsa->n))
-                goto err;
-        if (!BN_is_zero(vrfy)) {
-            /*
-             * 'I' and 'vrfy' aren't congruent mod n. Don't leak
-             * miscalculated CRT output, just do a raw (slower) mod_exp and
-             * return that instead.
-             */
-
-            BIGNUM local_d;
-            BIGNUM *d = NULL;
-
-            if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
-                d = &local_d;
-                BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
-            } else
-                d = rsa->d;
-            if (!rsa->meth->bn_mod_exp(r0, I, d, rsa->n, ctx,
-                                       rsa->_method_mod_n))
-                goto err;
-        }
-    }
-    ret = 1;
- err:
-    BN_CTX_end(ctx);
-    return (ret);
-}
-
-static int RSA_eay_init(RSA *rsa)
-{
-    rsa->flags |= RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE;
-    return (1);
-}
-
-static int RSA_eay_finish(RSA *rsa)
-{
-    if (rsa->_method_mod_n != NULL)
-        BN_MONT_CTX_free(rsa->_method_mod_n);
-    if (rsa->_method_mod_p != NULL)
-        BN_MONT_CTX_free(rsa->_method_mod_p);
-    if (rsa->_method_mod_q != NULL)
-        BN_MONT_CTX_free(rsa->_method_mod_q);
-    return (1);
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/rsa/rsa_err.c b/thirdparty/openssl/crypto/rsa/rsa_err.c
deleted file mode 100644
index 0bab05efcf..0000000000
--- a/thirdparty/openssl/crypto/rsa/rsa_err.c
+++ /dev/null
@@ -1,247 +0,0 @@
-/* crypto/rsa/rsa_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2014 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/rsa.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_RSA,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_RSA,0,reason)
-
-static ERR_STRING_DATA RSA_str_functs[] = {
-    {ERR_FUNC(RSA_F_CHECK_PADDING_MD), "CHECK_PADDING_MD"},
-    {ERR_FUNC(RSA_F_DO_RSA_PRINT), "DO_RSA_PRINT"},
-    {ERR_FUNC(RSA_F_INT_RSA_VERIFY), "INT_RSA_VERIFY"},
-    {ERR_FUNC(RSA_F_MEMORY_LOCK), "MEMORY_LOCK"},
-    {ERR_FUNC(RSA_F_OLD_RSA_PRIV_DECODE), "OLD_RSA_PRIV_DECODE"},
-    {ERR_FUNC(RSA_F_PKEY_RSA_CTRL), "PKEY_RSA_CTRL"},
-    {ERR_FUNC(RSA_F_PKEY_RSA_CTRL_STR), "PKEY_RSA_CTRL_STR"},
-    {ERR_FUNC(RSA_F_PKEY_RSA_SIGN), "PKEY_RSA_SIGN"},
-    {ERR_FUNC(RSA_F_PKEY_RSA_VERIFY), "PKEY_RSA_VERIFY"},
-    {ERR_FUNC(RSA_F_PKEY_RSA_VERIFYRECOVER), "PKEY_RSA_VERIFYRECOVER"},
-    {ERR_FUNC(RSA_F_RSA_ALGOR_TO_MD), "RSA_ALGOR_TO_MD"},
-    {ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"},
-    {ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"},
-    {ERR_FUNC(RSA_F_RSA_CMS_DECRYPT), "RSA_CMS_DECRYPT"},
-    {ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"},
-    {ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"},
-    {ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"},
-    {ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"},
-    {ERR_FUNC(RSA_F_RSA_GENERATE_KEY), "RSA_generate_key"},
-    {ERR_FUNC(RSA_F_RSA_GENERATE_KEY_EX), "RSA_generate_key_ex"},
-    {ERR_FUNC(RSA_F_RSA_ITEM_VERIFY), "RSA_ITEM_VERIFY"},
-    {ERR_FUNC(RSA_F_RSA_MEMORY_LOCK), "RSA_memory_lock"},
-    {ERR_FUNC(RSA_F_RSA_MGF1_TO_MD), "RSA_MGF1_TO_MD"},
-    {ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"},
-    {ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"},
-    {ERR_FUNC(RSA_F_RSA_NULL_MOD_EXP), "RSA_NULL_MOD_EXP"},
-    {ERR_FUNC(RSA_F_RSA_NULL_PRIVATE_DECRYPT), "RSA_NULL_PRIVATE_DECRYPT"},
-    {ERR_FUNC(RSA_F_RSA_NULL_PRIVATE_ENCRYPT), "RSA_NULL_PRIVATE_ENCRYPT"},
-    {ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_DECRYPT), "RSA_NULL_PUBLIC_DECRYPT"},
-    {ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_ENCRYPT), "RSA_NULL_PUBLIC_ENCRYPT"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE), "RSA_padding_add_none"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP),
-     "RSA_padding_add_PKCS1_OAEP"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1),
-     "RSA_padding_add_PKCS1_OAEP_mgf1"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS), "RSA_padding_add_PKCS1_PSS"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1),
-     "RSA_padding_add_PKCS1_PSS_mgf1"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1),
-     "RSA_padding_add_PKCS1_type_1"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2),
-     "RSA_padding_add_PKCS1_type_2"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_SSLV23), "RSA_padding_add_SSLv23"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_X931), "RSA_padding_add_X931"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_NONE), "RSA_padding_check_none"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP),
-     "RSA_padding_check_PKCS1_OAEP"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1),
-     "RSA_padding_check_PKCS1_OAEP_mgf1"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1),
-     "RSA_padding_check_PKCS1_type_1"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2),
-     "RSA_padding_check_PKCS1_type_2"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_SSLV23), "RSA_padding_check_SSLv23"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"},
-    {ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"},
-    {ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"},
-    {ERR_FUNC(RSA_F_RSA_PRIVATE_DECRYPT), "RSA_private_decrypt"},
-    {ERR_FUNC(RSA_F_RSA_PRIVATE_ENCRYPT), "RSA_private_encrypt"},
-    {ERR_FUNC(RSA_F_RSA_PRIV_DECODE), "RSA_PRIV_DECODE"},
-    {ERR_FUNC(RSA_F_RSA_PRIV_ENCODE), "RSA_PRIV_ENCODE"},
-    {ERR_FUNC(RSA_F_RSA_PSS_TO_CTX), "RSA_PSS_TO_CTX"},
-    {ERR_FUNC(RSA_F_RSA_PUBLIC_DECRYPT), "RSA_public_decrypt"},
-    {ERR_FUNC(RSA_F_RSA_PUBLIC_ENCRYPT), "RSA_public_encrypt"},
-    {ERR_FUNC(RSA_F_RSA_PUB_DECODE), "RSA_PUB_DECODE"},
-    {ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"},
-    {ERR_FUNC(RSA_F_RSA_SIGN), "RSA_sign"},
-    {ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING),
-     "RSA_sign_ASN1_OCTET_STRING"},
-    {ERR_FUNC(RSA_F_RSA_VERIFY), "RSA_verify"},
-    {ERR_FUNC(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING),
-     "RSA_verify_ASN1_OCTET_STRING"},
-    {ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS), "RSA_verify_PKCS1_PSS"},
-    {ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1), "RSA_verify_PKCS1_PSS_mgf1"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA RSA_str_reasons[] = {
-    {ERR_REASON(RSA_R_ALGORITHM_MISMATCH), "algorithm mismatch"},
-    {ERR_REASON(RSA_R_BAD_E_VALUE), "bad e value"},
-    {ERR_REASON(RSA_R_BAD_FIXED_HEADER_DECRYPT), "bad fixed header decrypt"},
-    {ERR_REASON(RSA_R_BAD_PAD_BYTE_COUNT), "bad pad byte count"},
-    {ERR_REASON(RSA_R_BAD_SIGNATURE), "bad signature"},
-    {ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_01), "block type is not 01"},
-    {ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_02), "block type is not 02"},
-    {ERR_REASON(RSA_R_DATA_GREATER_THAN_MOD_LEN),
-     "data greater than mod len"},
-    {ERR_REASON(RSA_R_DATA_TOO_LARGE), "data too large"},
-    {ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),
-     "data too large for key size"},
-    {ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_MODULUS),
-     "data too large for modulus"},
-    {ERR_REASON(RSA_R_DATA_TOO_SMALL), "data too small"},
-    {ERR_REASON(RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE),
-     "data too small for key size"},
-    {ERR_REASON(RSA_R_DIGEST_DOES_NOT_MATCH), "digest does not match"},
-    {ERR_REASON(RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY),
-     "digest too big for rsa key"},
-    {ERR_REASON(RSA_R_DMP1_NOT_CONGRUENT_TO_D), "dmp1 not congruent to d"},
-    {ERR_REASON(RSA_R_DMQ1_NOT_CONGRUENT_TO_D), "dmq1 not congruent to d"},
-    {ERR_REASON(RSA_R_D_E_NOT_CONGRUENT_TO_1), "d e not congruent to 1"},
-    {ERR_REASON(RSA_R_FIRST_OCTET_INVALID), "first octet invalid"},
-    {ERR_REASON(RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE),
-     "illegal or unsupported padding mode"},
-    {ERR_REASON(RSA_R_INVALID_DIGEST), "invalid digest"},
-    {ERR_REASON(RSA_R_INVALID_DIGEST_LENGTH), "invalid digest length"},
-    {ERR_REASON(RSA_R_INVALID_HEADER), "invalid header"},
-    {ERR_REASON(RSA_R_INVALID_KEYBITS), "invalid keybits"},
-    {ERR_REASON(RSA_R_INVALID_LABEL), "invalid label"},
-    {ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH), "invalid message length"},
-    {ERR_REASON(RSA_R_INVALID_MGF1_MD), "invalid mgf1 md"},
-    {ERR_REASON(RSA_R_INVALID_OAEP_PARAMETERS), "invalid oaep parameters"},
-    {ERR_REASON(RSA_R_INVALID_PADDING), "invalid padding"},
-    {ERR_REASON(RSA_R_INVALID_PADDING_MODE), "invalid padding mode"},
-    {ERR_REASON(RSA_R_INVALID_PSS_PARAMETERS), "invalid pss parameters"},
-    {ERR_REASON(RSA_R_INVALID_PSS_SALTLEN), "invalid pss saltlen"},
-    {ERR_REASON(RSA_R_INVALID_SALT_LENGTH), "invalid salt length"},
-    {ERR_REASON(RSA_R_INVALID_TRAILER), "invalid trailer"},
-    {ERR_REASON(RSA_R_INVALID_X931_DIGEST), "invalid x931 digest"},
-    {ERR_REASON(RSA_R_IQMP_NOT_INVERSE_OF_Q), "iqmp not inverse of q"},
-    {ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL), "key size too small"},
-    {ERR_REASON(RSA_R_LAST_OCTET_INVALID), "last octet invalid"},
-    {ERR_REASON(RSA_R_MODULUS_TOO_LARGE), "modulus too large"},
-    {ERR_REASON(RSA_R_NON_FIPS_RSA_METHOD), "non fips rsa method"},
-    {ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT), "no public exponent"},
-    {ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),
-     "null before block missing"},
-    {ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q), "n does not equal p q"},
-    {ERR_REASON(RSA_R_OAEP_DECODING_ERROR), "oaep decoding error"},
-    {ERR_REASON(RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE),
-     "operation not allowed in fips mode"},
-    {ERR_REASON(RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
-     "operation not supported for this keytype"},
-    {ERR_REASON(RSA_R_PADDING_CHECK_FAILED), "padding check failed"},
-    {ERR_REASON(RSA_R_PKCS_DECODING_ERROR), "pkcs decoding error"},
-    {ERR_REASON(RSA_R_P_NOT_PRIME), "p not prime"},
-    {ERR_REASON(RSA_R_Q_NOT_PRIME), "q not prime"},
-    {ERR_REASON(RSA_R_RSA_OPERATIONS_NOT_SUPPORTED),
-     "rsa operations not supported"},
-    {ERR_REASON(RSA_R_SLEN_CHECK_FAILED), "salt length check failed"},
-    {ERR_REASON(RSA_R_SLEN_RECOVERY_FAILED), "salt length recovery failed"},
-    {ERR_REASON(RSA_R_SSLV3_ROLLBACK_ATTACK), "sslv3 rollback attack"},
-    {ERR_REASON(RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),
-     "the asn1 object identifier is not known for this md"},
-    {ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE), "unknown algorithm type"},
-    {ERR_REASON(RSA_R_UNKNOWN_DIGEST), "unknown digest"},
-    {ERR_REASON(RSA_R_UNKNOWN_MASK_DIGEST), "unknown mask digest"},
-    {ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE), "unknown padding type"},
-    {ERR_REASON(RSA_R_UNKNOWN_PSS_DIGEST), "unknown pss digest"},
-    {ERR_REASON(RSA_R_UNSUPPORTED_ENCRYPTION_TYPE),
-     "unsupported encryption type"},
-    {ERR_REASON(RSA_R_UNSUPPORTED_LABEL_SOURCE), "unsupported label source"},
-    {ERR_REASON(RSA_R_UNSUPPORTED_MASK_ALGORITHM),
-     "unsupported mask algorithm"},
-    {ERR_REASON(RSA_R_UNSUPPORTED_MASK_PARAMETER),
-     "unsupported mask parameter"},
-    {ERR_REASON(RSA_R_UNSUPPORTED_SIGNATURE_TYPE),
-     "unsupported signature type"},
-    {ERR_REASON(RSA_R_VALUE_MISSING), "value missing"},
-    {ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH), "wrong signature length"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_RSA_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(RSA_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, RSA_str_functs);
-        ERR_load_strings(0, RSA_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/rsa/rsa_gen.c b/thirdparty/openssl/crypto/rsa/rsa_gen.c
deleted file mode 100644
index 082c8da2ef..0000000000
--- a/thirdparty/openssl/crypto/rsa/rsa_gen.c
+++ /dev/null
@@ -1,251 +0,0 @@
-/* crypto/rsa/rsa_gen.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * NB: these functions have been "upgraded", the deprecated versions (which
- * are compatibility wrappers using these functions) are in rsa_depr.c. -
- * Geoff
- */
-
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-extern int FIPS_rsa_x931_generate_key_ex(RSA *rsa, int bits, BIGNUM *e,
-                                         BN_GENCB *cb);
-#endif
-
-static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value,
-                              BN_GENCB *cb);
-
-/*
- * NB: this wrapper would normally be placed in rsa_lib.c and the static
- * implementation would probably be in rsa_eay.c. Nonetheless, is kept here
- * so that we don't introduce a new linker dependency. Eg. any application
- * that wasn't previously linking object code related to key-generation won't
- * have to now just because key-generation is part of RSA_METHOD.
- */
-int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
-{
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
-        && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
-        RSAerr(RSA_F_RSA_GENERATE_KEY_EX, RSA_R_NON_FIPS_RSA_METHOD);
-        return 0;
-    }
-#endif
-    if (rsa->meth->rsa_keygen)
-        return rsa->meth->rsa_keygen(rsa, bits, e_value, cb);
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode())
-        return FIPS_rsa_x931_generate_key_ex(rsa, bits, e_value, cb);
-#endif
-    return rsa_builtin_keygen(rsa, bits, e_value, cb);
-}
-
-static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value,
-                              BN_GENCB *cb)
-{
-    BIGNUM *r0 = NULL, *r1 = NULL, *r2 = NULL, *r3 = NULL, *tmp;
-    BIGNUM local_r0, local_d, local_p;
-    BIGNUM *pr0, *d, *p;
-    int bitsp, bitsq, ok = -1, n = 0;
-    BN_CTX *ctx = NULL;
-
-    ctx = BN_CTX_new();
-    if (ctx == NULL)
-        goto err;
-    BN_CTX_start(ctx);
-    r0 = BN_CTX_get(ctx);
-    r1 = BN_CTX_get(ctx);
-    r2 = BN_CTX_get(ctx);
-    r3 = BN_CTX_get(ctx);
-    if (r3 == NULL)
-        goto err;
-
-    bitsp = (bits + 1) / 2;
-    bitsq = bits - bitsp;
-
-    /* We need the RSA components non-NULL */
-    if (!rsa->n && ((rsa->n = BN_new()) == NULL))
-        goto err;
-    if (!rsa->d && ((rsa->d = BN_new()) == NULL))
-        goto err;
-    if (!rsa->e && ((rsa->e = BN_new()) == NULL))
-        goto err;
-    if (!rsa->p && ((rsa->p = BN_new()) == NULL))
-        goto err;
-    if (!rsa->q && ((rsa->q = BN_new()) == NULL))
-        goto err;
-    if (!rsa->dmp1 && ((rsa->dmp1 = BN_new()) == NULL))
-        goto err;
-    if (!rsa->dmq1 && ((rsa->dmq1 = BN_new()) == NULL))
-        goto err;
-    if (!rsa->iqmp && ((rsa->iqmp = BN_new()) == NULL))
-        goto err;
-
-    if (BN_copy(rsa->e, e_value) == NULL)
-        goto err;
-
-    /* generate p and q */
-    for (;;) {
-        if (!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb))
-            goto err;
-        if (!BN_sub(r2, rsa->p, BN_value_one()))
-            goto err;
-        if (!BN_gcd(r1, r2, rsa->e, ctx))
-            goto err;
-        if (BN_is_one(r1))
-            break;
-        if (!BN_GENCB_call(cb, 2, n++))
-            goto err;
-    }
-    if (!BN_GENCB_call(cb, 3, 0))
-        goto err;
-    for (;;) {
-        /*
-         * When generating ridiculously small keys, we can get stuck
-         * continually regenerating the same prime values. Check for this and
-         * bail if it happens 3 times.
-         */
-        unsigned int degenerate = 0;
-        do {
-            if (!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb))
-                goto err;
-        } while ((BN_cmp(rsa->p, rsa->q) == 0) && (++degenerate < 3));
-        if (degenerate == 3) {
-            ok = 0;             /* we set our own err */
-            RSAerr(RSA_F_RSA_BUILTIN_KEYGEN, RSA_R_KEY_SIZE_TOO_SMALL);
-            goto err;
-        }
-        if (!BN_sub(r2, rsa->q, BN_value_one()))
-            goto err;
-        if (!BN_gcd(r1, r2, rsa->e, ctx))
-            goto err;
-        if (BN_is_one(r1))
-            break;
-        if (!BN_GENCB_call(cb, 2, n++))
-            goto err;
-    }
-    if (!BN_GENCB_call(cb, 3, 1))
-        goto err;
-    if (BN_cmp(rsa->p, rsa->q) < 0) {
-        tmp = rsa->p;
-        rsa->p = rsa->q;
-        rsa->q = tmp;
-    }
-
-    /* calculate n */
-    if (!BN_mul(rsa->n, rsa->p, rsa->q, ctx))
-        goto err;
-
-    /* calculate d */
-    if (!BN_sub(r1, rsa->p, BN_value_one()))
-        goto err;               /* p-1 */
-    if (!BN_sub(r2, rsa->q, BN_value_one()))
-        goto err;               /* q-1 */
-    if (!BN_mul(r0, r1, r2, ctx))
-        goto err;               /* (p-1)(q-1) */
-    if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
-        pr0 = &local_r0;
-        BN_with_flags(pr0, r0, BN_FLG_CONSTTIME);
-    } else
-        pr0 = r0;
-    if (!BN_mod_inverse(rsa->d, rsa->e, pr0, ctx))
-        goto err;               /* d */
-
-    /* set up d for correct BN_FLG_CONSTTIME flag */
-    if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
-        d = &local_d;
-        BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
-    } else
-        d = rsa->d;
-
-    /* calculate d mod (p-1) */
-    if (!BN_mod(rsa->dmp1, d, r1, ctx))
-        goto err;
-
-    /* calculate d mod (q-1) */
-    if (!BN_mod(rsa->dmq1, d, r2, ctx))
-        goto err;
-
-    /* calculate inverse of q mod p */
-    if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
-        p = &local_p;
-        BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME);
-    } else
-        p = rsa->p;
-    if (!BN_mod_inverse(rsa->iqmp, rsa->q, p, ctx))
-        goto err;
-
-    ok = 1;
- err:
-    if (ok == -1) {
-        RSAerr(RSA_F_RSA_BUILTIN_KEYGEN, ERR_LIB_BN);
-        ok = 0;
-    }
-    if (ctx != NULL) {
-        BN_CTX_end(ctx);
-        BN_CTX_free(ctx);
-    }
-
-    return ok;
-}
diff --git a/thirdparty/openssl/crypto/rsa/rsa_lib.c b/thirdparty/openssl/crypto/rsa/rsa_lib.c
deleted file mode 100644
index 6ea6b40dc6..0000000000
--- a/thirdparty/openssl/crypto/rsa/rsa_lib.c
+++ /dev/null
@@ -1,337 +0,0 @@
-/* crypto/rsa/rsa_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/rand.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
-const char RSA_version[] = "RSA" OPENSSL_VERSION_PTEXT;
-
-static const RSA_METHOD *default_RSA_meth = NULL;
-
-RSA *RSA_new(void)
-{
-    RSA *r = RSA_new_method(NULL);
-
-    return r;
-}
-
-void RSA_set_default_method(const RSA_METHOD *meth)
-{
-    default_RSA_meth = meth;
-}
-
-const RSA_METHOD *RSA_get_default_method(void)
-{
-    if (default_RSA_meth == NULL) {
-#ifdef OPENSSL_FIPS
-        if (FIPS_mode())
-            return FIPS_rsa_pkcs1_ssleay();
-        else
-            return RSA_PKCS1_SSLeay();
-#else
-# ifdef RSA_NULL
-        default_RSA_meth = RSA_null_method();
-# else
-        default_RSA_meth = RSA_PKCS1_SSLeay();
-# endif
-#endif
-    }
-
-    return default_RSA_meth;
-}
-
-const RSA_METHOD *RSA_get_method(const RSA *rsa)
-{
-    return rsa->meth;
-}
-
-int RSA_set_method(RSA *rsa, const RSA_METHOD *meth)
-{
-    /*
-     * NB: The caller is specifically setting a method, so it's not up to us
-     * to deal with which ENGINE it comes from.
-     */
-    const RSA_METHOD *mtmp;
-    mtmp = rsa->meth;
-    if (mtmp->finish)
-        mtmp->finish(rsa);
-#ifndef OPENSSL_NO_ENGINE
-    if (rsa->engine) {
-        ENGINE_finish(rsa->engine);
-        rsa->engine = NULL;
-    }
-#endif
-    rsa->meth = meth;
-    if (meth->init)
-        meth->init(rsa);
-    return 1;
-}
-
-RSA *RSA_new_method(ENGINE *engine)
-{
-    RSA *ret;
-
-    ret = (RSA *)OPENSSL_malloc(sizeof(RSA));
-    if (ret == NULL) {
-        RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    memset(ret,0,sizeof(RSA));
-
-    ret->meth = RSA_get_default_method();
-#ifndef OPENSSL_NO_ENGINE
-    if (engine) {
-        if (!ENGINE_init(engine)) {
-            RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);
-            OPENSSL_free(ret);
-            return NULL;
-        }
-        ret->engine = engine;
-    } else
-        ret->engine = ENGINE_get_default_RSA();
-    if (ret->engine) {
-        ret->meth = ENGINE_get_RSA(ret->engine);
-        if (!ret->meth) {
-            RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);
-            ENGINE_finish(ret->engine);
-            OPENSSL_free(ret);
-            return NULL;
-        }
-    }
-#endif
-
-    ret->pad = 0;
-    ret->version = 0;
-    ret->n = NULL;
-    ret->e = NULL;
-    ret->d = NULL;
-    ret->p = NULL;
-    ret->q = NULL;
-    ret->dmp1 = NULL;
-    ret->dmq1 = NULL;
-    ret->iqmp = NULL;
-    ret->references = 1;
-    ret->_method_mod_n = NULL;
-    ret->_method_mod_p = NULL;
-    ret->_method_mod_q = NULL;
-    ret->blinding = NULL;
-    ret->mt_blinding = NULL;
-    ret->bignum_data = NULL;
-    ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW;
-    if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) {
-#ifndef OPENSSL_NO_ENGINE
-        if (ret->engine)
-            ENGINE_finish(ret->engine);
-#endif
-        OPENSSL_free(ret);
-        return (NULL);
-    }
-
-    if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
-#ifndef OPENSSL_NO_ENGINE
-        if (ret->engine)
-            ENGINE_finish(ret->engine);
-#endif
-        CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
-        OPENSSL_free(ret);
-        ret = NULL;
-    }
-    return (ret);
-}
-
-void RSA_free(RSA *r)
-{
-    int i;
-
-    if (r == NULL)
-        return;
-
-    i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_RSA);
-#ifdef REF_PRINT
-    REF_PRINT("RSA", r);
-#endif
-    if (i > 0)
-        return;
-#ifdef REF_CHECK
-    if (i < 0) {
-        fprintf(stderr, "RSA_free, bad reference count\n");
-        abort();
-    }
-#endif
-
-    if (r->meth->finish)
-        r->meth->finish(r);
-#ifndef OPENSSL_NO_ENGINE
-    if (r->engine)
-        ENGINE_finish(r->engine);
-#endif
-
-    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data);
-
-    if (r->n != NULL)
-        BN_clear_free(r->n);
-    if (r->e != NULL)
-        BN_clear_free(r->e);
-    if (r->d != NULL)
-        BN_clear_free(r->d);
-    if (r->p != NULL)
-        BN_clear_free(r->p);
-    if (r->q != NULL)
-        BN_clear_free(r->q);
-    if (r->dmp1 != NULL)
-        BN_clear_free(r->dmp1);
-    if (r->dmq1 != NULL)
-        BN_clear_free(r->dmq1);
-    if (r->iqmp != NULL)
-        BN_clear_free(r->iqmp);
-    if (r->blinding != NULL)
-        BN_BLINDING_free(r->blinding);
-    if (r->mt_blinding != NULL)
-        BN_BLINDING_free(r->mt_blinding);
-    if (r->bignum_data != NULL)
-        OPENSSL_free_locked(r->bignum_data);
-    OPENSSL_free(r);
-}
-
-int RSA_up_ref(RSA *r)
-{
-    int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_RSA);
-#ifdef REF_PRINT
-    REF_PRINT("RSA", r);
-#endif
-#ifdef REF_CHECK
-    if (i < 2) {
-        fprintf(stderr, "RSA_up_ref, bad reference count\n");
-        abort();
-    }
-#endif
-    return ((i > 1) ? 1 : 0);
-}
-
-int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-                         CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, argl, argp,
-                                   new_func, dup_func, free_func);
-}
-
-int RSA_set_ex_data(RSA *r, int idx, void *arg)
-{
-    return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
-}
-
-void *RSA_get_ex_data(const RSA *r, int idx)
-{
-    return (CRYPTO_get_ex_data(&r->ex_data, idx));
-}
-
-int RSA_memory_lock(RSA *r)
-{
-    int i, j, k, off;
-    char *p;
-    BIGNUM *bn, **t[6], *b;
-    BN_ULONG *ul;
-
-    if (r->d == NULL)
-        return (1);
-    t[0] = &r->d;
-    t[1] = &r->p;
-    t[2] = &r->q;
-    t[3] = &r->dmp1;
-    t[4] = &r->dmq1;
-    t[5] = &r->iqmp;
-    k = sizeof(BIGNUM) * 6;
-    off = k / sizeof(BN_ULONG) + 1;
-    j = 1;
-    for (i = 0; i < 6; i++)
-        j += (*t[i])->top;
-    if ((p = OPENSSL_malloc_locked((off + j) * sizeof(BN_ULONG))) == NULL) {
-        RSAerr(RSA_F_RSA_MEMORY_LOCK, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-    bn = (BIGNUM *)p;
-    ul = (BN_ULONG *)&(p[off]);
-    for (i = 0; i < 6; i++) {
-        b = *(t[i]);
-        *(t[i]) = &(bn[i]);
-        memcpy((char *)&(bn[i]), (char *)b, sizeof(BIGNUM));
-        bn[i].flags = BN_FLG_STATIC_DATA;
-        bn[i].d = ul;
-        memcpy((char *)ul, b->d, sizeof(BN_ULONG) * b->top);
-        ul += b->top;
-        BN_clear_free(b);
-    }
-
-    /* I should fix this so it can still be done */
-    r->flags &= ~(RSA_FLAG_CACHE_PRIVATE | RSA_FLAG_CACHE_PUBLIC);
-
-    r->bignum_data = p;
-    return (1);
-}
diff --git a/thirdparty/openssl/crypto/rsa/rsa_locl.h b/thirdparty/openssl/crypto/rsa/rsa_locl.h
deleted file mode 100644
index 3e88187d9b..0000000000
--- a/thirdparty/openssl/crypto/rsa/rsa_locl.h
+++ /dev/null
@@ -1,4 +0,0 @@
-extern int int_rsa_verify(int dtype, const unsigned char *m,
-                          unsigned int m_len, unsigned char *rm,
-                          size_t *prm_len, const unsigned char *sigbuf,
-                          size_t siglen, RSA *rsa);
diff --git a/thirdparty/openssl/crypto/rsa/rsa_none.c b/thirdparty/openssl/crypto/rsa/rsa_none.c
deleted file mode 100644
index 982b31f28c..0000000000
--- a/thirdparty/openssl/crypto/rsa/rsa_none.c
+++ /dev/null
@@ -1,94 +0,0 @@
-/* crypto/rsa/rsa_none.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/rand.h>
-
-int RSA_padding_add_none(unsigned char *to, int tlen,
-                         const unsigned char *from, int flen)
-{
-    if (flen > tlen) {
-        RSAerr(RSA_F_RSA_PADDING_ADD_NONE, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
-        return (0);
-    }
-
-    if (flen < tlen) {
-        RSAerr(RSA_F_RSA_PADDING_ADD_NONE, RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE);
-        return (0);
-    }
-
-    memcpy(to, from, (unsigned int)flen);
-    return (1);
-}
-
-int RSA_padding_check_none(unsigned char *to, int tlen,
-                           const unsigned char *from, int flen, int num)
-{
-
-    if (flen > tlen) {
-        RSAerr(RSA_F_RSA_PADDING_CHECK_NONE, RSA_R_DATA_TOO_LARGE);
-        return (-1);
-    }
-
-    memset(to, 0, tlen - flen);
-    memcpy(to + tlen - flen, from, flen);
-    return (tlen);
-}
diff --git a/thirdparty/openssl/crypto/rsa/rsa_null.c b/thirdparty/openssl/crypto/rsa/rsa_null.c
deleted file mode 100644
index 241b431ad5..0000000000
--- a/thirdparty/openssl/crypto/rsa/rsa_null.c
+++ /dev/null
@@ -1,155 +0,0 @@
-/* rsa_null.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/rand.h>
-
-/*
- * This is a dummy RSA implementation that just returns errors when called.
- * It is designed to allow some RSA functions to work while stopping those
- * covered by the RSA patent. That is RSA, encryption, decryption, signing
- * and verify is not allowed but RSA key generation, key checking and other
- * operations (like storing RSA keys) are permitted.
- */
-
-static int RSA_null_public_encrypt(int flen, const unsigned char *from,
-                                   unsigned char *to, RSA *rsa, int padding);
-static int RSA_null_private_encrypt(int flen, const unsigned char *from,
-                                    unsigned char *to, RSA *rsa, int padding);
-static int RSA_null_public_decrypt(int flen, const unsigned char *from,
-                                   unsigned char *to, RSA *rsa, int padding);
-static int RSA_null_private_decrypt(int flen, const unsigned char *from,
-                                    unsigned char *to, RSA *rsa, int padding);
-#if 0                           /* not currently used */
-static int RSA_null_mod_exp(const BIGNUM *r0, const BIGNUM *i, RSA *rsa);
-#endif
-static int RSA_null_init(RSA *rsa);
-static int RSA_null_finish(RSA *rsa);
-static RSA_METHOD rsa_null_meth = {
-    "Null RSA",
-    RSA_null_public_encrypt,
-    RSA_null_public_decrypt,
-    RSA_null_private_encrypt,
-    RSA_null_private_decrypt,
-    NULL,
-    NULL,
-    RSA_null_init,
-    RSA_null_finish,
-    0,
-    NULL,
-    NULL,
-    NULL,
-    NULL
-};
-
-const RSA_METHOD *RSA_null_method(void)
-{
-    return (&rsa_null_meth);
-}
-
-static int RSA_null_public_encrypt(int flen, const unsigned char *from,
-                                   unsigned char *to, RSA *rsa, int padding)
-{
-    RSAerr(RSA_F_RSA_NULL_PUBLIC_ENCRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
-    return -1;
-}
-
-static int RSA_null_private_encrypt(int flen, const unsigned char *from,
-                                    unsigned char *to, RSA *rsa, int padding)
-{
-    RSAerr(RSA_F_RSA_NULL_PRIVATE_ENCRYPT,
-           RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
-    return -1;
-}
-
-static int RSA_null_private_decrypt(int flen, const unsigned char *from,
-                                    unsigned char *to, RSA *rsa, int padding)
-{
-    RSAerr(RSA_F_RSA_NULL_PRIVATE_DECRYPT,
-           RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
-    return -1;
-}
-
-static int RSA_null_public_decrypt(int flen, const unsigned char *from,
-                                   unsigned char *to, RSA *rsa, int padding)
-{
-    RSAerr(RSA_F_RSA_NULL_PUBLIC_DECRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
-    return -1;
-}
-
-#if 0                           /* not currently used */
-static int RSA_null_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
-{
-    ... err(RSA_F_RSA_NULL_MOD_EXP, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
-    return -1;
-}
-#endif
-
-static int RSA_null_init(RSA *rsa)
-{
-    return (1);
-}
-
-static int RSA_null_finish(RSA *rsa)
-{
-    return (1);
-}
diff --git a/thirdparty/openssl/crypto/rsa/rsa_oaep.c b/thirdparty/openssl/crypto/rsa/rsa_oaep.c
deleted file mode 100644
index 19d28c6f0e..0000000000
--- a/thirdparty/openssl/crypto/rsa/rsa_oaep.c
+++ /dev/null
@@ -1,287 +0,0 @@
-/* crypto/rsa/rsa_oaep.c */
-/*
- * Written by Ulf Moeller. This software is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied.
- */
-
-/* EME-OAEP as defined in RFC 2437 (PKCS #1 v2.0) */
-
-/*
- * See Victor Shoup, "OAEP reconsidered," Nov. 2000, <URL:
- * http://www.shoup.net/papers/oaep.ps.Z> for problems with the security
- * proof for the original OAEP scheme, which EME-OAEP is based on. A new
- * proof can be found in E. Fujisaki, T. Okamoto, D. Pointcheval, J. Stern,
- * "RSA-OEAP is Still Alive!", Dec. 2000, <URL:
- * http://eprint.iacr.org/2000/061/>. The new proof has stronger requirements
- * for the underlying permutation: "partial-one-wayness" instead of
- * one-wayness.  For the RSA function, this is an equivalent notion.
- */
-
-#include "constant_time_locl.h"
-
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
-# include <stdio.h>
-# include "cryptlib.h"
-# include <openssl/bn.h>
-# include <openssl/rsa.h>
-# include <openssl/evp.h>
-# include <openssl/rand.h>
-# include <openssl/sha.h>
-
-int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
-                               const unsigned char *from, int flen,
-                               const unsigned char *param, int plen)
-{
-    return RSA_padding_add_PKCS1_OAEP_mgf1(to, tlen, from, flen,
-                                           param, plen, NULL, NULL);
-}
-
-int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
-                                    const unsigned char *from, int flen,
-                                    const unsigned char *param, int plen,
-                                    const EVP_MD *md, const EVP_MD *mgf1md)
-{
-    int i, emlen = tlen - 1;
-    unsigned char *db, *seed;
-    unsigned char *dbmask, seedmask[EVP_MAX_MD_SIZE];
-    int mdlen;
-
-    if (md == NULL)
-        md = EVP_sha1();
-    if (mgf1md == NULL)
-        mgf1md = md;
-
-    mdlen = EVP_MD_size(md);
-
-    if (flen > emlen - 2 * mdlen - 1) {
-        RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1,
-               RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
-        return 0;
-    }
-
-    if (emlen < 2 * mdlen + 1) {
-        RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1,
-               RSA_R_KEY_SIZE_TOO_SMALL);
-        return 0;
-    }
-
-    to[0] = 0;
-    seed = to + 1;
-    db = to + mdlen + 1;
-
-    if (!EVP_Digest((void *)param, plen, db, NULL, md, NULL))
-        return 0;
-    memset(db + mdlen, 0, emlen - flen - 2 * mdlen - 1);
-    db[emlen - flen - mdlen - 1] = 0x01;
-    memcpy(db + emlen - flen - mdlen, from, (unsigned int)flen);
-    if (RAND_bytes(seed, mdlen) <= 0)
-        return 0;
-# ifdef PKCS_TESTVECT
-    memcpy(seed,
-           "\xaa\xfd\x12\xf6\x59\xca\xe6\x34\x89\xb4\x79\xe5\x07\x6d\xde\xc2\xf0\x6c\xb5\x8f",
-           20);
-# endif
-
-    dbmask = OPENSSL_malloc(emlen - mdlen);
-    if (dbmask == NULL) {
-        RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-
-    if (PKCS1_MGF1(dbmask, emlen - mdlen, seed, mdlen, mgf1md) < 0)
-        goto err;
-    for (i = 0; i < emlen - mdlen; i++)
-        db[i] ^= dbmask[i];
-
-    if (PKCS1_MGF1(seedmask, mdlen, db, emlen - mdlen, mgf1md) < 0)
-        goto err;
-    for (i = 0; i < mdlen; i++)
-        seed[i] ^= seedmask[i];
-
-    OPENSSL_free(dbmask);
-    return 1;
-
- err:
-    OPENSSL_free(dbmask);
-    return 0;
-}
-
-int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
-                                 const unsigned char *from, int flen, int num,
-                                 const unsigned char *param, int plen)
-{
-    return RSA_padding_check_PKCS1_OAEP_mgf1(to, tlen, from, flen, num,
-                                             param, plen, NULL, NULL);
-}
-
-int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
-                                      const unsigned char *from, int flen,
-                                      int num, const unsigned char *param,
-                                      int plen, const EVP_MD *md,
-                                      const EVP_MD *mgf1md)
-{
-    int i, dblen, mlen = -1, one_index = 0, msg_index;
-    unsigned int good, found_one_byte;
-    const unsigned char *maskedseed, *maskeddb;
-    /*
-     * |em| is the encoded message, zero-padded to exactly |num| bytes: em =
-     * Y || maskedSeed || maskedDB
-     */
-    unsigned char *db = NULL, *em = NULL, seed[EVP_MAX_MD_SIZE],
-        phash[EVP_MAX_MD_SIZE];
-    int mdlen;
-
-    if (md == NULL)
-        md = EVP_sha1();
-    if (mgf1md == NULL)
-        mgf1md = md;
-
-    mdlen = EVP_MD_size(md);
-
-    if (tlen <= 0 || flen <= 0)
-        return -1;
-    /*
-     * |num| is the length of the modulus; |flen| is the length of the
-     * encoded message. Therefore, for any |from| that was obtained by
-     * decrypting a ciphertext, we must have |flen| <= |num|. Similarly,
-     * num < 2 * mdlen + 2 must hold for the modulus irrespective of
-     * the ciphertext, see PKCS #1 v2.2, section 7.1.2.
-     * This does not leak any side-channel information.
-     */
-    if (num < flen || num < 2 * mdlen + 2)
-        goto decoding_err;
-
-    dblen = num - mdlen - 1;
-    db = OPENSSL_malloc(dblen);
-    em = OPENSSL_malloc(num);
-    if (db == NULL || em == NULL) {
-        RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1, ERR_R_MALLOC_FAILURE);
-        goto cleanup;
-    }
-
-    /*
-     * Always do this zero-padding copy (even when num == flen) to avoid
-     * leaking that information. The copy still leaks some side-channel
-     * information, but it's impossible to have a fixed  memory access
-     * pattern since we can't read out of the bounds of |from|.
-     *
-     * TODO(emilia): Consider porting BN_bn2bin_padded from BoringSSL.
-     */
-    memset(em, 0, num);
-    memcpy(em + num - flen, from, flen);
-
-    /*
-     * The first byte must be zero, however we must not leak if this is
-     * true. See James H. Manger, "A Chosen Ciphertext  Attack on RSA
-     * Optimal Asymmetric Encryption Padding (OAEP) [...]", CRYPTO 2001).
-     */
-    good = constant_time_is_zero(em[0]);
-
-    maskedseed = em + 1;
-    maskeddb = em + 1 + mdlen;
-
-    if (PKCS1_MGF1(seed, mdlen, maskeddb, dblen, mgf1md))
-        goto cleanup;
-    for (i = 0; i < mdlen; i++)
-        seed[i] ^= maskedseed[i];
-
-    if (PKCS1_MGF1(db, dblen, seed, mdlen, mgf1md))
-        goto cleanup;
-    for (i = 0; i < dblen; i++)
-        db[i] ^= maskeddb[i];
-
-    if (!EVP_Digest((void *)param, plen, phash, NULL, md, NULL))
-        goto cleanup;
-
-    good &= constant_time_is_zero(CRYPTO_memcmp(db, phash, mdlen));
-
-    found_one_byte = 0;
-    for (i = mdlen; i < dblen; i++) {
-        /*
-         * Padding consists of a number of 0-bytes, followed by a 1.
-         */
-        unsigned int equals1 = constant_time_eq(db[i], 1);
-        unsigned int equals0 = constant_time_is_zero(db[i]);
-        one_index = constant_time_select_int(~found_one_byte & equals1,
-                                             i, one_index);
-        found_one_byte |= equals1;
-        good &= (found_one_byte | equals0);
-    }
-
-    good &= found_one_byte;
-
-    /*
-     * At this point |good| is zero unless the plaintext was valid,
-     * so plaintext-awareness ensures timing side-channels are no longer a
-     * concern.
-     */
-    if (!good)
-        goto decoding_err;
-
-    msg_index = one_index + 1;
-    mlen = dblen - msg_index;
-
-    if (tlen < mlen) {
-        RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1, RSA_R_DATA_TOO_LARGE);
-        mlen = -1;
-    } else {
-        memcpy(to, db + msg_index, mlen);
-        goto cleanup;
-    }
-
- decoding_err:
-    /*
-     * To avoid chosen ciphertext attacks, the error message should not
-     * reveal which kind of decoding error happened.
-     */
-    RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1,
-           RSA_R_OAEP_DECODING_ERROR);
- cleanup:
-    if (db != NULL)
-        OPENSSL_free(db);
-    if (em != NULL)
-        OPENSSL_free(em);
-    return mlen;
-}
-
-int PKCS1_MGF1(unsigned char *mask, long len,
-               const unsigned char *seed, long seedlen, const EVP_MD *dgst)
-{
-    long i, outlen = 0;
-    unsigned char cnt[4];
-    EVP_MD_CTX c;
-    unsigned char md[EVP_MAX_MD_SIZE];
-    int mdlen;
-    int rv = -1;
-
-    EVP_MD_CTX_init(&c);
-    mdlen = EVP_MD_size(dgst);
-    if (mdlen < 0)
-        goto err;
-    for (i = 0; outlen < len; i++) {
-        cnt[0] = (unsigned char)((i >> 24) & 255);
-        cnt[1] = (unsigned char)((i >> 16) & 255);
-        cnt[2] = (unsigned char)((i >> 8)) & 255;
-        cnt[3] = (unsigned char)(i & 255);
-        if (!EVP_DigestInit_ex(&c, dgst, NULL)
-            || !EVP_DigestUpdate(&c, seed, seedlen)
-            || !EVP_DigestUpdate(&c, cnt, 4))
-            goto err;
-        if (outlen + mdlen <= len) {
-            if (!EVP_DigestFinal_ex(&c, mask + outlen, NULL))
-                goto err;
-            outlen += mdlen;
-        } else {
-            if (!EVP_DigestFinal_ex(&c, md, NULL))
-                goto err;
-            memcpy(mask + outlen, md, len - outlen);
-            outlen = len;
-        }
-    }
-    rv = 0;
- err:
-    EVP_MD_CTX_cleanup(&c);
-    return rv;
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/rsa/rsa_pk1.c b/thirdparty/openssl/crypto/rsa/rsa_pk1.c
deleted file mode 100644
index efa1fd3e99..0000000000
--- a/thirdparty/openssl/crypto/rsa/rsa_pk1.c
+++ /dev/null
@@ -1,275 +0,0 @@
-/* crypto/rsa/rsa_pk1.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "constant_time_locl.h"
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/rand.h>
-
-int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
-                                 const unsigned char *from, int flen)
-{
-    int j;
-    unsigned char *p;
-
-    if (flen > (tlen - RSA_PKCS1_PADDING_SIZE)) {
-        RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,
-               RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
-        return (0);
-    }
-
-    p = (unsigned char *)to;
-
-    *(p++) = 0;
-    *(p++) = 1;                 /* Private Key BT (Block Type) */
-
-    /* pad out with 0xff data */
-    j = tlen - 3 - flen;
-    memset(p, 0xff, j);
-    p += j;
-    *(p++) = '\0';
-    memcpy(p, from, (unsigned int)flen);
-    return (1);
-}
-
-int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
-                                   const unsigned char *from, int flen,
-                                   int num)
-{
-    int i, j;
-    const unsigned char *p;
-
-    p = from;
-    if ((num != (flen + 1)) || (*(p++) != 01)) {
-        RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,
-               RSA_R_BLOCK_TYPE_IS_NOT_01);
-        return (-1);
-    }
-
-    /* scan over padding data */
-    j = flen - 1;               /* one for type. */
-    for (i = 0; i < j; i++) {
-        if (*p != 0xff) {       /* should decrypt to 0xff */
-            if (*p == 0) {
-                p++;
-                break;
-            } else {
-                RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,
-                       RSA_R_BAD_FIXED_HEADER_DECRYPT);
-                return (-1);
-            }
-        }
-        p++;
-    }
-
-    if (i == j) {
-        RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,
-               RSA_R_NULL_BEFORE_BLOCK_MISSING);
-        return (-1);
-    }
-
-    if (i < 8) {
-        RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,
-               RSA_R_BAD_PAD_BYTE_COUNT);
-        return (-1);
-    }
-    i++;                        /* Skip over the '\0' */
-    j -= i;
-    if (j > tlen) {
-        RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1, RSA_R_DATA_TOO_LARGE);
-        return (-1);
-    }
-    memcpy(to, p, (unsigned int)j);
-
-    return (j);
-}
-
-int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
-                                 const unsigned char *from, int flen)
-{
-    int i, j;
-    unsigned char *p;
-
-    if (flen > (tlen - 11)) {
-        RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,
-               RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
-        return (0);
-    }
-
-    p = (unsigned char *)to;
-
-    *(p++) = 0;
-    *(p++) = 2;                 /* Public Key BT (Block Type) */
-
-    /* pad out with non-zero random data */
-    j = tlen - 3 - flen;
-
-    if (RAND_bytes(p, j) <= 0)
-        return (0);
-    for (i = 0; i < j; i++) {
-        if (*p == '\0')
-            do {
-                if (RAND_bytes(p, 1) <= 0)
-                    return (0);
-            } while (*p == '\0');
-        p++;
-    }
-
-    *(p++) = '\0';
-
-    memcpy(p, from, (unsigned int)flen);
-    return (1);
-}
-
-int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
-                                   const unsigned char *from, int flen,
-                                   int num)
-{
-    int i;
-    /* |em| is the encoded message, zero-padded to exactly |num| bytes */
-    unsigned char *em = NULL;
-    unsigned int good, found_zero_byte;
-    int zero_index = 0, msg_index, mlen = -1;
-
-    if (tlen < 0 || flen < 0)
-        return -1;
-
-    /*
-     * PKCS#1 v1.5 decryption. See "PKCS #1 v2.2: RSA Cryptography Standard",
-     * section 7.2.2.
-     */
-
-    if (flen > num)
-        goto err;
-
-    if (num < 11)
-        goto err;
-
-    em = OPENSSL_malloc(num);
-    if (em == NULL) {
-        RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2, ERR_R_MALLOC_FAILURE);
-        return -1;
-    }
-    memset(em, 0, num);
-    /*
-     * Always do this zero-padding copy (even when num == flen) to avoid
-     * leaking that information. The copy still leaks some side-channel
-     * information, but it's impossible to have a fixed  memory access
-     * pattern since we can't read out of the bounds of |from|.
-     *
-     * TODO(emilia): Consider porting BN_bn2bin_padded from BoringSSL.
-     */
-    memcpy(em + num - flen, from, flen);
-
-    good = constant_time_is_zero(em[0]);
-    good &= constant_time_eq(em[1], 2);
-
-    found_zero_byte = 0;
-    for (i = 2; i < num; i++) {
-        unsigned int equals0 = constant_time_is_zero(em[i]);
-        zero_index =
-            constant_time_select_int(~found_zero_byte & equals0, i,
-                                     zero_index);
-        found_zero_byte |= equals0;
-    }
-
-    /*
-     * PS must be at least 8 bytes long, and it starts two bytes into |em|.
-     * If we never found a 0-byte, then |zero_index| is 0 and the check
-     * also fails.
-     */
-    good &= constant_time_ge((unsigned int)(zero_index), 2 + 8);
-
-    /*
-     * Skip the zero byte. This is incorrect if we never found a zero-byte
-     * but in this case we also do not copy the message out.
-     */
-    msg_index = zero_index + 1;
-    mlen = num - msg_index;
-
-    /*
-     * For good measure, do this check in constant time as well; it could
-     * leak something if |tlen| was assuming valid padding.
-     */
-    good &= constant_time_ge((unsigned int)(tlen), (unsigned int)(mlen));
-
-    /*
-     * We can't continue in constant-time because we need to copy the result
-     * and we cannot fake its length. This unavoidably leaks timing
-     * information at the API boundary.
-     * TODO(emilia): this could be addressed at the call site,
-     * see BoringSSL commit 0aa0767340baf925bda4804882aab0cb974b2d26.
-     */
-    if (!good) {
-        mlen = -1;
-        goto err;
-    }
-
-    memcpy(to, em + msg_index, mlen);
-
- err:
-    if (em != NULL)
-        OPENSSL_free(em);
-    if (mlen == -1)
-        RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,
-               RSA_R_PKCS_DECODING_ERROR);
-    return mlen;
-}
diff --git a/thirdparty/openssl/crypto/rsa/rsa_pmeth.c b/thirdparty/openssl/crypto/rsa/rsa_pmeth.c
deleted file mode 100644
index 8896e2e977..0000000000
--- a/thirdparty/openssl/crypto/rsa/rsa_pmeth.c
+++ /dev/null
@@ -1,785 +0,0 @@
-/* crypto/rsa/rsa_pmeth.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/rsa.h>
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/x509v3.h>
-#ifndef OPENSSL_NO_CMS
-# include <openssl/cms.h>
-#endif
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-#include "evp_locl.h"
-#include "rsa_locl.h"
-
-/* RSA pkey context structure */
-
-typedef struct {
-    /* Key gen parameters */
-    int nbits;
-    BIGNUM *pub_exp;
-    /* Keygen callback info */
-    int gentmp[2];
-    /* RSA padding mode */
-    int pad_mode;
-    /* message digest */
-    const EVP_MD *md;
-    /* message digest for MGF1 */
-    const EVP_MD *mgf1md;
-    /* PSS salt length */
-    int saltlen;
-    /* Temp buffer */
-    unsigned char *tbuf;
-    /* OAEP label */
-    unsigned char *oaep_label;
-    size_t oaep_labellen;
-} RSA_PKEY_CTX;
-
-static int pkey_rsa_init(EVP_PKEY_CTX *ctx)
-{
-    RSA_PKEY_CTX *rctx;
-    rctx = OPENSSL_malloc(sizeof(RSA_PKEY_CTX));
-    if (!rctx)
-        return 0;
-    rctx->nbits = 1024;
-    rctx->pub_exp = NULL;
-    rctx->pad_mode = RSA_PKCS1_PADDING;
-    rctx->md = NULL;
-    rctx->mgf1md = NULL;
-    rctx->tbuf = NULL;
-
-    rctx->saltlen = -2;
-
-    rctx->oaep_label = NULL;
-    rctx->oaep_labellen = 0;
-
-    ctx->data = rctx;
-    ctx->keygen_info = rctx->gentmp;
-    ctx->keygen_info_count = 2;
-
-    return 1;
-}
-
-static int pkey_rsa_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
-{
-    RSA_PKEY_CTX *dctx, *sctx;
-    if (!pkey_rsa_init(dst))
-        return 0;
-    sctx = src->data;
-    dctx = dst->data;
-    dctx->nbits = sctx->nbits;
-    if (sctx->pub_exp) {
-        dctx->pub_exp = BN_dup(sctx->pub_exp);
-        if (!dctx->pub_exp)
-            return 0;
-    }
-    dctx->pad_mode = sctx->pad_mode;
-    dctx->md = sctx->md;
-    dctx->mgf1md = sctx->mgf1md;
-    if (sctx->oaep_label) {
-        if (dctx->oaep_label)
-            OPENSSL_free(dctx->oaep_label);
-        dctx->oaep_label = BUF_memdup(sctx->oaep_label, sctx->oaep_labellen);
-        if (!dctx->oaep_label)
-            return 0;
-        dctx->oaep_labellen = sctx->oaep_labellen;
-    }
-    return 1;
-}
-
-static int setup_tbuf(RSA_PKEY_CTX *ctx, EVP_PKEY_CTX *pk)
-{
-    if (ctx->tbuf)
-        return 1;
-    ctx->tbuf = OPENSSL_malloc(EVP_PKEY_size(pk->pkey));
-    if (!ctx->tbuf)
-        return 0;
-    return 1;
-}
-
-static void pkey_rsa_cleanup(EVP_PKEY_CTX *ctx)
-{
-    RSA_PKEY_CTX *rctx = ctx->data;
-    if (rctx) {
-        if (rctx->pub_exp)
-            BN_free(rctx->pub_exp);
-        if (rctx->tbuf)
-            OPENSSL_free(rctx->tbuf);
-        if (rctx->oaep_label)
-            OPENSSL_free(rctx->oaep_label);
-        OPENSSL_free(rctx);
-    }
-}
-
-#ifdef OPENSSL_FIPS
-/*
- * FIP checker. Return value indicates status of context parameters: 1 :
- * redirect to FIPS. 0 : don't redirect to FIPS. -1 : illegal operation in
- * FIPS mode.
- */
-
-static int pkey_fips_check_ctx(EVP_PKEY_CTX *ctx)
-{
-    RSA_PKEY_CTX *rctx = ctx->data;
-    RSA *rsa = ctx->pkey->pkey.rsa;
-    int rv = -1;
-    if (!FIPS_mode())
-        return 0;
-    if (rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)
-        rv = 0;
-    if (!(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) && rv)
-        return -1;
-    if (rctx->md) {
-        const EVP_MD *fmd;
-        fmd = FIPS_get_digestbynid(EVP_MD_type(rctx->md));
-        if (!fmd || !(fmd->flags & EVP_MD_FLAG_FIPS))
-            return rv;
-    }
-    if (rctx->mgf1md && !(rctx->mgf1md->flags & EVP_MD_FLAG_FIPS)) {
-        const EVP_MD *fmd;
-        fmd = FIPS_get_digestbynid(EVP_MD_type(rctx->mgf1md));
-        if (!fmd || !(fmd->flags & EVP_MD_FLAG_FIPS))
-            return rv;
-    }
-    return 1;
-}
-#endif
-
-static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
-                         size_t *siglen, const unsigned char *tbs,
-                         size_t tbslen)
-{
-    int ret;
-    RSA_PKEY_CTX *rctx = ctx->data;
-    RSA *rsa = ctx->pkey->pkey.rsa;
-
-#ifdef OPENSSL_FIPS
-    ret = pkey_fips_check_ctx(ctx);
-    if (ret < 0) {
-        RSAerr(RSA_F_PKEY_RSA_SIGN, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
-        return -1;
-    }
-#endif
-
-    if (rctx->md) {
-        if (tbslen != (size_t)EVP_MD_size(rctx->md)) {
-            RSAerr(RSA_F_PKEY_RSA_SIGN, RSA_R_INVALID_DIGEST_LENGTH);
-            return -1;
-        }
-#ifdef OPENSSL_FIPS
-        if (ret > 0) {
-            unsigned int slen;
-            ret = FIPS_rsa_sign_digest(rsa, tbs, tbslen, rctx->md,
-                                       rctx->pad_mode,
-                                       rctx->saltlen,
-                                       rctx->mgf1md, sig, &slen);
-            if (ret > 0)
-                *siglen = slen;
-            else
-                *siglen = 0;
-            return ret;
-        }
-#endif
-
-        if (EVP_MD_type(rctx->md) == NID_mdc2) {
-            unsigned int sltmp;
-            if (rctx->pad_mode != RSA_PKCS1_PADDING)
-                return -1;
-            ret = RSA_sign_ASN1_OCTET_STRING(NID_mdc2,
-                                             tbs, tbslen, sig, &sltmp, rsa);
-
-            if (ret <= 0)
-                return ret;
-            ret = sltmp;
-        } else if (rctx->pad_mode == RSA_X931_PADDING) {
-            if ((size_t)EVP_PKEY_size(ctx->pkey) < tbslen + 1) {
-                RSAerr(RSA_F_PKEY_RSA_SIGN, RSA_R_KEY_SIZE_TOO_SMALL);
-                return -1;
-            }
-            if (!setup_tbuf(rctx, ctx)) {
-                RSAerr(RSA_F_PKEY_RSA_SIGN, ERR_R_MALLOC_FAILURE);
-                return -1;
-            }
-            memcpy(rctx->tbuf, tbs, tbslen);
-            rctx->tbuf[tbslen] = RSA_X931_hash_id(EVP_MD_type(rctx->md));
-            ret = RSA_private_encrypt(tbslen + 1, rctx->tbuf,
-                                      sig, rsa, RSA_X931_PADDING);
-        } else if (rctx->pad_mode == RSA_PKCS1_PADDING) {
-            unsigned int sltmp;
-            ret = RSA_sign(EVP_MD_type(rctx->md),
-                           tbs, tbslen, sig, &sltmp, rsa);
-            if (ret <= 0)
-                return ret;
-            ret = sltmp;
-        } else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) {
-            if (!setup_tbuf(rctx, ctx))
-                return -1;
-            if (!RSA_padding_add_PKCS1_PSS_mgf1(rsa,
-                                                rctx->tbuf, tbs,
-                                                rctx->md, rctx->mgf1md,
-                                                rctx->saltlen))
-                return -1;
-            ret = RSA_private_encrypt(RSA_size(rsa), rctx->tbuf,
-                                      sig, rsa, RSA_NO_PADDING);
-        } else
-            return -1;
-    } else
-        ret = RSA_private_encrypt(tbslen, tbs, sig, ctx->pkey->pkey.rsa,
-                                  rctx->pad_mode);
-    if (ret < 0)
-        return ret;
-    *siglen = ret;
-    return 1;
-}
-
-static int pkey_rsa_verifyrecover(EVP_PKEY_CTX *ctx,
-                                  unsigned char *rout, size_t *routlen,
-                                  const unsigned char *sig, size_t siglen)
-{
-    int ret;
-    RSA_PKEY_CTX *rctx = ctx->data;
-
-    if (rctx->md) {
-        if (rctx->pad_mode == RSA_X931_PADDING) {
-            if (!setup_tbuf(rctx, ctx))
-                return -1;
-            ret = RSA_public_decrypt(siglen, sig,
-                                     rctx->tbuf, ctx->pkey->pkey.rsa,
-                                     RSA_X931_PADDING);
-            if (ret < 1)
-                return 0;
-            ret--;
-            if (rctx->tbuf[ret] != RSA_X931_hash_id(EVP_MD_type(rctx->md))) {
-                RSAerr(RSA_F_PKEY_RSA_VERIFYRECOVER,
-                       RSA_R_ALGORITHM_MISMATCH);
-                return 0;
-            }
-            if (ret != EVP_MD_size(rctx->md)) {
-                RSAerr(RSA_F_PKEY_RSA_VERIFYRECOVER,
-                       RSA_R_INVALID_DIGEST_LENGTH);
-                return 0;
-            }
-            if (rout)
-                memcpy(rout, rctx->tbuf, ret);
-        } else if (rctx->pad_mode == RSA_PKCS1_PADDING) {
-            size_t sltmp;
-            ret = int_rsa_verify(EVP_MD_type(rctx->md),
-                                 NULL, 0, rout, &sltmp,
-                                 sig, siglen, ctx->pkey->pkey.rsa);
-            if (ret <= 0)
-                return 0;
-            ret = sltmp;
-        } else
-            return -1;
-    } else
-        ret = RSA_public_decrypt(siglen, sig, rout, ctx->pkey->pkey.rsa,
-                                 rctx->pad_mode);
-    if (ret < 0)
-        return ret;
-    *routlen = ret;
-    return 1;
-}
-
-static int pkey_rsa_verify(EVP_PKEY_CTX *ctx,
-                           const unsigned char *sig, size_t siglen,
-                           const unsigned char *tbs, size_t tbslen)
-{
-    RSA_PKEY_CTX *rctx = ctx->data;
-    RSA *rsa = ctx->pkey->pkey.rsa;
-    size_t rslen;
-#ifdef OPENSSL_FIPS
-    int rv;
-    rv = pkey_fips_check_ctx(ctx);
-    if (rv < 0) {
-        RSAerr(RSA_F_PKEY_RSA_VERIFY,
-               RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
-        return -1;
-    }
-#endif
-    if (rctx->md) {
-#ifdef OPENSSL_FIPS
-        if (rv > 0) {
-            return FIPS_rsa_verify_digest(rsa,
-                                          tbs, tbslen,
-                                          rctx->md,
-                                          rctx->pad_mode,
-                                          rctx->saltlen,
-                                          rctx->mgf1md, sig, siglen);
-
-        }
-#endif
-        if (rctx->pad_mode == RSA_PKCS1_PADDING)
-            return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen,
-                              sig, siglen, rsa);
-        if (tbslen != (size_t)EVP_MD_size(rctx->md)) {
-            RSAerr(RSA_F_PKEY_RSA_VERIFY, RSA_R_INVALID_DIGEST_LENGTH);
-            return -1;
-        }
-        if (rctx->pad_mode == RSA_X931_PADDING) {
-            if (pkey_rsa_verifyrecover(ctx, NULL, &rslen, sig, siglen) <= 0)
-                return 0;
-        } else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) {
-            int ret;
-            if (!setup_tbuf(rctx, ctx))
-                return -1;
-            ret = RSA_public_decrypt(siglen, sig, rctx->tbuf,
-                                     rsa, RSA_NO_PADDING);
-            if (ret <= 0)
-                return 0;
-            ret = RSA_verify_PKCS1_PSS_mgf1(rsa, tbs,
-                                            rctx->md, rctx->mgf1md,
-                                            rctx->tbuf, rctx->saltlen);
-            if (ret <= 0)
-                return 0;
-            return 1;
-        } else
-            return -1;
-    } else {
-        if (!setup_tbuf(rctx, ctx))
-            return -1;
-        rslen = RSA_public_decrypt(siglen, sig, rctx->tbuf,
-                                   rsa, rctx->pad_mode);
-        if (rslen == 0)
-            return 0;
-    }
-
-    if ((rslen != tbslen) || memcmp(tbs, rctx->tbuf, rslen))
-        return 0;
-
-    return 1;
-
-}
-
-static int pkey_rsa_encrypt(EVP_PKEY_CTX *ctx,
-                            unsigned char *out, size_t *outlen,
-                            const unsigned char *in, size_t inlen)
-{
-    int ret;
-    RSA_PKEY_CTX *rctx = ctx->data;
-    if (rctx->pad_mode == RSA_PKCS1_OAEP_PADDING) {
-        int klen = RSA_size(ctx->pkey->pkey.rsa);
-        if (!setup_tbuf(rctx, ctx))
-            return -1;
-        if (!RSA_padding_add_PKCS1_OAEP_mgf1(rctx->tbuf, klen,
-                                             in, inlen,
-                                             rctx->oaep_label,
-                                             rctx->oaep_labellen,
-                                             rctx->md, rctx->mgf1md))
-            return -1;
-        ret = RSA_public_encrypt(klen, rctx->tbuf, out,
-                                 ctx->pkey->pkey.rsa, RSA_NO_PADDING);
-    } else
-        ret = RSA_public_encrypt(inlen, in, out, ctx->pkey->pkey.rsa,
-                                 rctx->pad_mode);
-    if (ret < 0)
-        return ret;
-    *outlen = ret;
-    return 1;
-}
-
-static int pkey_rsa_decrypt(EVP_PKEY_CTX *ctx,
-                            unsigned char *out, size_t *outlen,
-                            const unsigned char *in, size_t inlen)
-{
-    int ret;
-    RSA_PKEY_CTX *rctx = ctx->data;
-    if (rctx->pad_mode == RSA_PKCS1_OAEP_PADDING) {
-        if (!setup_tbuf(rctx, ctx))
-            return -1;
-        ret = RSA_private_decrypt(inlen, in, rctx->tbuf,
-                                  ctx->pkey->pkey.rsa, RSA_NO_PADDING);
-        if (ret <= 0)
-            return ret;
-        ret = RSA_padding_check_PKCS1_OAEP_mgf1(out, ret, rctx->tbuf,
-                                                ret, ret,
-                                                rctx->oaep_label,
-                                                rctx->oaep_labellen,
-                                                rctx->md, rctx->mgf1md);
-    } else
-        ret = RSA_private_decrypt(inlen, in, out, ctx->pkey->pkey.rsa,
-                                  rctx->pad_mode);
-    if (ret < 0)
-        return ret;
-    *outlen = ret;
-    return 1;
-}
-
-static int check_padding_md(const EVP_MD *md, int padding)
-{
-    if (!md)
-        return 1;
-
-    if (padding == RSA_NO_PADDING) {
-        RSAerr(RSA_F_CHECK_PADDING_MD, RSA_R_INVALID_PADDING_MODE);
-        return 0;
-    }
-
-    if (padding == RSA_X931_PADDING) {
-        if (RSA_X931_hash_id(EVP_MD_type(md)) == -1) {
-            RSAerr(RSA_F_CHECK_PADDING_MD, RSA_R_INVALID_X931_DIGEST);
-            return 0;
-        }
-        return 1;
-    }
-
-    return 1;
-}
-
-static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
-{
-    RSA_PKEY_CTX *rctx = ctx->data;
-    switch (type) {
-    case EVP_PKEY_CTRL_RSA_PADDING:
-        if ((p1 >= RSA_PKCS1_PADDING) && (p1 <= RSA_PKCS1_PSS_PADDING)) {
-            if (!check_padding_md(rctx->md, p1))
-                return 0;
-            if (p1 == RSA_PKCS1_PSS_PADDING) {
-                if (!(ctx->operation &
-                      (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY)))
-                    goto bad_pad;
-                if (!rctx->md)
-                    rctx->md = EVP_sha1();
-            }
-            if (p1 == RSA_PKCS1_OAEP_PADDING) {
-                if (!(ctx->operation & EVP_PKEY_OP_TYPE_CRYPT))
-                    goto bad_pad;
-                if (!rctx->md)
-                    rctx->md = EVP_sha1();
-            }
-            rctx->pad_mode = p1;
-            return 1;
-        }
- bad_pad:
-        RSAerr(RSA_F_PKEY_RSA_CTRL,
-               RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE);
-        return -2;
-
-    case EVP_PKEY_CTRL_GET_RSA_PADDING:
-        *(int *)p2 = rctx->pad_mode;
-        return 1;
-
-    case EVP_PKEY_CTRL_RSA_PSS_SALTLEN:
-    case EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN:
-        if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING) {
-            RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_PSS_SALTLEN);
-            return -2;
-        }
-        if (type == EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN)
-            *(int *)p2 = rctx->saltlen;
-        else {
-            if (p1 < -2)
-                return -2;
-            rctx->saltlen = p1;
-        }
-        return 1;
-
-    case EVP_PKEY_CTRL_RSA_KEYGEN_BITS:
-        if (p1 < 256) {
-            RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_KEYBITS);
-            return -2;
-        }
-        rctx->nbits = p1;
-        return 1;
-
-    case EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP:
-        if (p2 == NULL || !BN_is_odd((BIGNUM *)p2) || BN_is_one((BIGNUM *)p2)) {
-            RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_BAD_E_VALUE);
-            return -2;
-        }
-        BN_free(rctx->pub_exp);
-        rctx->pub_exp = p2;
-        return 1;
-
-    case EVP_PKEY_CTRL_RSA_OAEP_MD:
-    case EVP_PKEY_CTRL_GET_RSA_OAEP_MD:
-        if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) {
-            RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_PADDING_MODE);
-            return -2;
-        }
-        if (type == EVP_PKEY_CTRL_GET_RSA_OAEP_MD)
-            *(const EVP_MD **)p2 = rctx->md;
-        else
-            rctx->md = p2;
-        return 1;
-
-    case EVP_PKEY_CTRL_MD:
-        if (!check_padding_md(p2, rctx->pad_mode))
-            return 0;
-        rctx->md = p2;
-        return 1;
-
-    case EVP_PKEY_CTRL_GET_MD:
-        *(const EVP_MD **)p2 = rctx->md;
-        return 1;
-
-    case EVP_PKEY_CTRL_RSA_MGF1_MD:
-    case EVP_PKEY_CTRL_GET_RSA_MGF1_MD:
-        if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING
-            && rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) {
-            RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_MGF1_MD);
-            return -2;
-        }
-        if (type == EVP_PKEY_CTRL_GET_RSA_MGF1_MD) {
-            if (rctx->mgf1md)
-                *(const EVP_MD **)p2 = rctx->mgf1md;
-            else
-                *(const EVP_MD **)p2 = rctx->md;
-        } else
-            rctx->mgf1md = p2;
-        return 1;
-
-    case EVP_PKEY_CTRL_RSA_OAEP_LABEL:
-        if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) {
-            RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_PADDING_MODE);
-            return -2;
-        }
-        if (rctx->oaep_label)
-            OPENSSL_free(rctx->oaep_label);
-        if (p2 && p1 > 0) {
-            rctx->oaep_label = p2;
-            rctx->oaep_labellen = p1;
-        } else {
-            rctx->oaep_label = NULL;
-            rctx->oaep_labellen = 0;
-        }
-        return 1;
-
-    case EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL:
-        if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) {
-            RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_PADDING_MODE);
-            return -2;
-        }
-        *(unsigned char **)p2 = rctx->oaep_label;
-        return rctx->oaep_labellen;
-
-    case EVP_PKEY_CTRL_DIGESTINIT:
-    case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
-    case EVP_PKEY_CTRL_PKCS7_DECRYPT:
-    case EVP_PKEY_CTRL_PKCS7_SIGN:
-        return 1;
-#ifndef OPENSSL_NO_CMS
-    case EVP_PKEY_CTRL_CMS_DECRYPT:
-    case EVP_PKEY_CTRL_CMS_ENCRYPT:
-    case EVP_PKEY_CTRL_CMS_SIGN:
-        return 1;
-#endif
-    case EVP_PKEY_CTRL_PEER_KEY:
-        RSAerr(RSA_F_PKEY_RSA_CTRL,
-               RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-        return -2;
-
-    default:
-        return -2;
-
-    }
-}
-
-static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx,
-                             const char *type, const char *value)
-{
-    if (!value) {
-        RSAerr(RSA_F_PKEY_RSA_CTRL_STR, RSA_R_VALUE_MISSING);
-        return 0;
-    }
-    if (!strcmp(type, "rsa_padding_mode")) {
-        int pm;
-        if (!strcmp(value, "pkcs1"))
-            pm = RSA_PKCS1_PADDING;
-        else if (!strcmp(value, "sslv23"))
-            pm = RSA_SSLV23_PADDING;
-        else if (!strcmp(value, "none"))
-            pm = RSA_NO_PADDING;
-        else if (!strcmp(value, "oeap"))
-            pm = RSA_PKCS1_OAEP_PADDING;
-        else if (!strcmp(value, "oaep"))
-            pm = RSA_PKCS1_OAEP_PADDING;
-        else if (!strcmp(value, "x931"))
-            pm = RSA_X931_PADDING;
-        else if (!strcmp(value, "pss"))
-            pm = RSA_PKCS1_PSS_PADDING;
-        else {
-            RSAerr(RSA_F_PKEY_RSA_CTRL_STR, RSA_R_UNKNOWN_PADDING_TYPE);
-            return -2;
-        }
-        return EVP_PKEY_CTX_set_rsa_padding(ctx, pm);
-    }
-
-    if (!strcmp(type, "rsa_pss_saltlen")) {
-        int saltlen;
-        saltlen = atoi(value);
-        return EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, saltlen);
-    }
-
-    if (!strcmp(type, "rsa_keygen_bits")) {
-        int nbits;
-        nbits = atoi(value);
-        return EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, nbits);
-    }
-
-    if (!strcmp(type, "rsa_keygen_pubexp")) {
-        int ret;
-        BIGNUM *pubexp = NULL;
-        if (!BN_asc2bn(&pubexp, value))
-            return 0;
-        ret = EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp);
-        if (ret <= 0)
-            BN_free(pubexp);
-        return ret;
-    }
-
-    if (!strcmp(type, "rsa_mgf1_md")) {
-        const EVP_MD *md;
-        if (!(md = EVP_get_digestbyname(value))) {
-            RSAerr(RSA_F_PKEY_RSA_CTRL_STR, RSA_R_INVALID_DIGEST);
-            return 0;
-        }
-        return EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md);
-    }
-
-    if (!strcmp(type, "rsa_oaep_md")) {
-        const EVP_MD *md;
-        if (!(md = EVP_get_digestbyname(value))) {
-            RSAerr(RSA_F_PKEY_RSA_CTRL_STR, RSA_R_INVALID_DIGEST);
-            return 0;
-        }
-        return EVP_PKEY_CTX_set_rsa_oaep_md(ctx, md);
-    }
-    if (!strcmp(type, "rsa_oaep_label")) {
-        unsigned char *lab;
-        long lablen;
-        int ret;
-        lab = string_to_hex(value, &lablen);
-        if (!lab)
-            return 0;
-        ret = EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, lab, lablen);
-        if (ret <= 0)
-            OPENSSL_free(lab);
-        return ret;
-    }
-
-    return -2;
-}
-
-static int pkey_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
-    RSA *rsa = NULL;
-    RSA_PKEY_CTX *rctx = ctx->data;
-    BN_GENCB *pcb, cb;
-    int ret;
-    if (!rctx->pub_exp) {
-        rctx->pub_exp = BN_new();
-        if (!rctx->pub_exp || !BN_set_word(rctx->pub_exp, RSA_F4))
-            return 0;
-    }
-    rsa = RSA_new();
-    if (!rsa)
-        return 0;
-    if (ctx->pkey_gencb) {
-        pcb = &cb;
-        evp_pkey_set_cb_translate(pcb, ctx);
-    } else
-        pcb = NULL;
-    ret = RSA_generate_key_ex(rsa, rctx->nbits, rctx->pub_exp, pcb);
-    if (ret > 0)
-        EVP_PKEY_assign_RSA(pkey, rsa);
-    else
-        RSA_free(rsa);
-    return ret;
-}
-
-const EVP_PKEY_METHOD rsa_pkey_meth = {
-    EVP_PKEY_RSA,
-    EVP_PKEY_FLAG_AUTOARGLEN,
-    pkey_rsa_init,
-    pkey_rsa_copy,
-    pkey_rsa_cleanup,
-
-    0, 0,
-
-    0,
-    pkey_rsa_keygen,
-
-    0,
-    pkey_rsa_sign,
-
-    0,
-    pkey_rsa_verify,
-
-    0,
-    pkey_rsa_verifyrecover,
-
-    0, 0, 0, 0,
-
-    0,
-    pkey_rsa_encrypt,
-
-    0,
-    pkey_rsa_decrypt,
-
-    0, 0,
-
-    pkey_rsa_ctrl,
-    pkey_rsa_ctrl_str
-};
diff --git a/thirdparty/openssl/crypto/rsa/rsa_prn.c b/thirdparty/openssl/crypto/rsa/rsa_prn.c
deleted file mode 100644
index 076f871b31..0000000000
--- a/thirdparty/openssl/crypto/rsa/rsa_prn.c
+++ /dev/null
@@ -1,92 +0,0 @@
-/* crypto/rsa/rsa_prn.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/rsa.h>
-#include <openssl/evp.h>
-
-#ifndef OPENSSL_NO_FP_API
-int RSA_print_fp(FILE *fp, const RSA *x, int off)
-{
-    BIO *b;
-    int ret;
-
-    if ((b = BIO_new(BIO_s_file())) == NULL) {
-        RSAerr(RSA_F_RSA_PRINT_FP, ERR_R_BUF_LIB);
-        return (0);
-    }
-    BIO_set_fp(b, fp, BIO_NOCLOSE);
-    ret = RSA_print(b, x, off);
-    BIO_free(b);
-    return (ret);
-}
-#endif
-
-int RSA_print(BIO *bp, const RSA *x, int off)
-{
-    EVP_PKEY *pk;
-    int ret;
-    pk = EVP_PKEY_new();
-    if (!pk || !EVP_PKEY_set1_RSA(pk, (RSA *)x))
-        return 0;
-    ret = EVP_PKEY_print_private(bp, pk, off, NULL);
-    EVP_PKEY_free(pk);
-    return ret;
-}
diff --git a/thirdparty/openssl/crypto/rsa/rsa_pss.c b/thirdparty/openssl/crypto/rsa/rsa_pss.c
deleted file mode 100644
index 2c3fd73b09..0000000000
--- a/thirdparty/openssl/crypto/rsa/rsa_pss.c
+++ /dev/null
@@ -1,299 +0,0 @@
-/* rsa_pss.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2005.
- */
-/* ====================================================================
- * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <openssl/sha.h>
-
-static const unsigned char zeroes[] = { 0, 0, 0, 0, 0, 0, 0, 0 };
-
-#if defined(_MSC_VER) && defined(_ARM_)
-# pragma optimize("g", off)
-#endif
-
-int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
-                         const EVP_MD *Hash, const unsigned char *EM,
-                         int sLen)
-{
-    return RSA_verify_PKCS1_PSS_mgf1(rsa, mHash, Hash, NULL, EM, sLen);
-}
-
-int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
-                              const EVP_MD *Hash, const EVP_MD *mgf1Hash,
-                              const unsigned char *EM, int sLen)
-{
-    int i;
-    int ret = 0;
-    int hLen, maskedDBLen, MSBits, emLen;
-    const unsigned char *H;
-    unsigned char *DB = NULL;
-    EVP_MD_CTX ctx;
-    unsigned char H_[EVP_MAX_MD_SIZE];
-    EVP_MD_CTX_init(&ctx);
-
-    if (mgf1Hash == NULL)
-        mgf1Hash = Hash;
-
-    hLen = EVP_MD_size(Hash);
-    if (hLen < 0)
-        goto err;
-    /*-
-     * Negative sLen has special meanings:
-     *      -1      sLen == hLen
-     *      -2      salt length is autorecovered from signature
-     *      -N      reserved
-     */
-    if (sLen == -1)
-        sLen = hLen;
-    else if (sLen == -2)
-        sLen = -2;
-    else if (sLen < -2) {
-        RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_SLEN_CHECK_FAILED);
-        goto err;
-    }
-
-    MSBits = (BN_num_bits(rsa->n) - 1) & 0x7;
-    emLen = RSA_size(rsa);
-    if (EM[0] & (0xFF << MSBits)) {
-        RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_FIRST_OCTET_INVALID);
-        goto err;
-    }
-    if (MSBits == 0) {
-        EM++;
-        emLen--;
-    }
-    if (emLen < hLen + 2) {
-        RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_DATA_TOO_LARGE);
-        goto err;
-    }
-    if (sLen > emLen - hLen - 2) { /* sLen can be small negative */
-        RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_DATA_TOO_LARGE);
-        goto err;
-    }
-    if (EM[emLen - 1] != 0xbc) {
-        RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_LAST_OCTET_INVALID);
-        goto err;
-    }
-    maskedDBLen = emLen - hLen - 1;
-    H = EM + maskedDBLen;
-    DB = OPENSSL_malloc(maskedDBLen);
-    if (!DB) {
-        RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    if (PKCS1_MGF1(DB, maskedDBLen, H, hLen, mgf1Hash) < 0)
-        goto err;
-    for (i = 0; i < maskedDBLen; i++)
-        DB[i] ^= EM[i];
-    if (MSBits)
-        DB[0] &= 0xFF >> (8 - MSBits);
-    for (i = 0; DB[i] == 0 && i < (maskedDBLen - 1); i++) ;
-    if (DB[i++] != 0x1) {
-        RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_SLEN_RECOVERY_FAILED);
-        goto err;
-    }
-    if (sLen >= 0 && (maskedDBLen - i) != sLen) {
-        RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_SLEN_CHECK_FAILED);
-        goto err;
-    }
-    if (!EVP_DigestInit_ex(&ctx, Hash, NULL)
-        || !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes)
-        || !EVP_DigestUpdate(&ctx, mHash, hLen))
-        goto err;
-    if (maskedDBLen - i) {
-        if (!EVP_DigestUpdate(&ctx, DB + i, maskedDBLen - i))
-            goto err;
-    }
-    if (!EVP_DigestFinal_ex(&ctx, H_, NULL))
-        goto err;
-    if (memcmp(H_, H, hLen)) {
-        RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_BAD_SIGNATURE);
-        ret = 0;
-    } else
-        ret = 1;
-
- err:
-    if (DB)
-        OPENSSL_free(DB);
-    EVP_MD_CTX_cleanup(&ctx);
-
-    return ret;
-
-}
-
-int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
-                              const unsigned char *mHash,
-                              const EVP_MD *Hash, int sLen)
-{
-    return RSA_padding_add_PKCS1_PSS_mgf1(rsa, EM, mHash, Hash, NULL, sLen);
-}
-
-int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
-                                   const unsigned char *mHash,
-                                   const EVP_MD *Hash, const EVP_MD *mgf1Hash,
-                                   int sLen)
-{
-    int i;
-    int ret = 0;
-    int hLen, maskedDBLen, MSBits, emLen;
-    unsigned char *H, *salt = NULL, *p;
-    EVP_MD_CTX ctx;
-
-    if (mgf1Hash == NULL)
-        mgf1Hash = Hash;
-
-    hLen = EVP_MD_size(Hash);
-    if (hLen < 0)
-        goto err;
-    /*-
-     * Negative sLen has special meanings:
-     *      -1      sLen == hLen
-     *      -2      salt length is maximized
-     *      -N      reserved
-     */
-    if (sLen == -1)
-        sLen = hLen;
-    else if (sLen == -2)
-        sLen = -2;
-    else if (sLen < -2) {
-        RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1, RSA_R_SLEN_CHECK_FAILED);
-        goto err;
-    }
-
-    MSBits = (BN_num_bits(rsa->n) - 1) & 0x7;
-    emLen = RSA_size(rsa);
-    if (MSBits == 0) {
-        *EM++ = 0;
-        emLen--;
-    }
-    if (emLen < hLen + 2) {
-        RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1,
-               RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
-        goto err;
-    }
-    if (sLen == -2) {
-        sLen = emLen - hLen - 2;
-    } else if (sLen > emLen - hLen - 2) {
-        RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1,
-               RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
-        goto err;
-    }
-    if (sLen > 0) {
-        salt = OPENSSL_malloc(sLen);
-        if (!salt) {
-            RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1,
-                   ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        if (RAND_bytes(salt, sLen) <= 0)
-            goto err;
-    }
-    maskedDBLen = emLen - hLen - 1;
-    H = EM + maskedDBLen;
-    EVP_MD_CTX_init(&ctx);
-    if (!EVP_DigestInit_ex(&ctx, Hash, NULL)
-        || !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes)
-        || !EVP_DigestUpdate(&ctx, mHash, hLen))
-        goto err;
-    if (sLen && !EVP_DigestUpdate(&ctx, salt, sLen))
-        goto err;
-    if (!EVP_DigestFinal_ex(&ctx, H, NULL))
-        goto err;
-    EVP_MD_CTX_cleanup(&ctx);
-
-    /* Generate dbMask in place then perform XOR on it */
-    if (PKCS1_MGF1(EM, maskedDBLen, H, hLen, mgf1Hash))
-        goto err;
-
-    p = EM;
-
-    /*
-     * Initial PS XORs with all zeroes which is a NOP so just update pointer.
-     * Note from a test above this value is guaranteed to be non-negative.
-     */
-    p += emLen - sLen - hLen - 2;
-    *p++ ^= 0x1;
-    if (sLen > 0) {
-        for (i = 0; i < sLen; i++)
-            *p++ ^= salt[i];
-    }
-    if (MSBits)
-        EM[0] &= 0xFF >> (8 - MSBits);
-
-    /* H is already in place so just set final 0xbc */
-
-    EM[emLen - 1] = 0xbc;
-
-    ret = 1;
-
- err:
-    if (salt)
-        OPENSSL_free(salt);
-
-    return ret;
-
-}
-
-#if defined(_MSC_VER)
-# pragma optimize("",on)
-#endif
diff --git a/thirdparty/openssl/crypto/rsa/rsa_saos.c b/thirdparty/openssl/crypto/rsa/rsa_saos.c
deleted file mode 100644
index e400236057..0000000000
--- a/thirdparty/openssl/crypto/rsa/rsa_saos.c
+++ /dev/null
@@ -1,148 +0,0 @@
-/* crypto/rsa/rsa_saos.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int RSA_sign_ASN1_OCTET_STRING(int type,
-                               const unsigned char *m, unsigned int m_len,
-                               unsigned char *sigret, unsigned int *siglen,
-                               RSA *rsa)
-{
-    ASN1_OCTET_STRING sig;
-    int i, j, ret = 1;
-    unsigned char *p, *s;
-
-    sig.type = V_ASN1_OCTET_STRING;
-    sig.length = m_len;
-    sig.data = (unsigned char *)m;
-
-    i = i2d_ASN1_OCTET_STRING(&sig, NULL);
-    j = RSA_size(rsa);
-    if (i > (j - RSA_PKCS1_PADDING_SIZE)) {
-        RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,
-               RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
-        return (0);
-    }
-    s = (unsigned char *)OPENSSL_malloc((unsigned int)j + 1);
-    if (s == NULL) {
-        RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-    p = s;
-    i2d_ASN1_OCTET_STRING(&sig, &p);
-    i = RSA_private_encrypt(i, s, sigret, rsa, RSA_PKCS1_PADDING);
-    if (i <= 0)
-        ret = 0;
-    else
-        *siglen = i;
-
-    OPENSSL_cleanse(s, (unsigned int)j + 1);
-    OPENSSL_free(s);
-    return (ret);
-}
-
-int RSA_verify_ASN1_OCTET_STRING(int dtype,
-                                 const unsigned char *m,
-                                 unsigned int m_len, unsigned char *sigbuf,
-                                 unsigned int siglen, RSA *rsa)
-{
-    int i, ret = 0;
-    unsigned char *s;
-    const unsigned char *p;
-    ASN1_OCTET_STRING *sig = NULL;
-
-    if (siglen != (unsigned int)RSA_size(rsa)) {
-        RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,
-               RSA_R_WRONG_SIGNATURE_LENGTH);
-        return (0);
-    }
-
-    s = (unsigned char *)OPENSSL_malloc((unsigned int)siglen);
-    if (s == NULL) {
-        RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    i = RSA_public_decrypt((int)siglen, sigbuf, s, rsa, RSA_PKCS1_PADDING);
-
-    if (i <= 0)
-        goto err;
-
-    p = s;
-    sig = d2i_ASN1_OCTET_STRING(NULL, &p, (long)i);
-    if (sig == NULL)
-        goto err;
-
-    if (((unsigned int)sig->length != m_len) ||
-        (memcmp(m, sig->data, m_len) != 0)) {
-        RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING, RSA_R_BAD_SIGNATURE);
-    } else
-        ret = 1;
- err:
-    if (sig != NULL)
-        M_ASN1_OCTET_STRING_free(sig);
-    if (s != NULL) {
-        OPENSSL_cleanse(s, (unsigned int)siglen);
-        OPENSSL_free(s);
-    }
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/rsa/rsa_sign.c b/thirdparty/openssl/crypto/rsa/rsa_sign.c
deleted file mode 100644
index 82ca8324df..0000000000
--- a/thirdparty/openssl/crypto/rsa/rsa_sign.c
+++ /dev/null
@@ -1,301 +0,0 @@
-/* crypto/rsa/rsa_sign.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include "rsa_locl.h"
-
-/* Size of an SSL signature: MD5+SHA1 */
-#define SSL_SIG_LENGTH  36
-
-int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
-             unsigned char *sigret, unsigned int *siglen, RSA *rsa)
-{
-    X509_SIG sig;
-    ASN1_TYPE parameter;
-    int i, j, ret = 1;
-    unsigned char *p, *tmps = NULL;
-    const unsigned char *s = NULL;
-    X509_ALGOR algor;
-    ASN1_OCTET_STRING digest;
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
-        && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
-        RSAerr(RSA_F_RSA_SIGN, RSA_R_NON_FIPS_RSA_METHOD);
-        return 0;
-    }
-#endif
-    if ((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_sign) {
-        return rsa->meth->rsa_sign(type, m, m_len, sigret, siglen, rsa);
-    }
-    /* Special case: SSL signature, just check the length */
-    if (type == NID_md5_sha1) {
-        if (m_len != SSL_SIG_LENGTH) {
-            RSAerr(RSA_F_RSA_SIGN, RSA_R_INVALID_MESSAGE_LENGTH);
-            return (0);
-        }
-        i = SSL_SIG_LENGTH;
-        s = m;
-    } else {
-        sig.algor = &algor;
-        sig.algor->algorithm = OBJ_nid2obj(type);
-        if (sig.algor->algorithm == NULL) {
-            RSAerr(RSA_F_RSA_SIGN, RSA_R_UNKNOWN_ALGORITHM_TYPE);
-            return (0);
-        }
-        if (sig.algor->algorithm->length == 0) {
-            RSAerr(RSA_F_RSA_SIGN,
-                   RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
-            return (0);
-        }
-        parameter.type = V_ASN1_NULL;
-        parameter.value.ptr = NULL;
-        sig.algor->parameter = &parameter;
-
-        sig.digest = &digest;
-        sig.digest->data = (unsigned char *)m; /* TMP UGLY CAST */
-        sig.digest->length = m_len;
-
-        i = i2d_X509_SIG(&sig, NULL);
-    }
-    j = RSA_size(rsa);
-    if (i > (j - RSA_PKCS1_PADDING_SIZE)) {
-        RSAerr(RSA_F_RSA_SIGN, RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
-        return (0);
-    }
-    if (type != NID_md5_sha1) {
-        tmps = (unsigned char *)OPENSSL_malloc((unsigned int)j + 1);
-        if (tmps == NULL) {
-            RSAerr(RSA_F_RSA_SIGN, ERR_R_MALLOC_FAILURE);
-            return (0);
-        }
-        p = tmps;
-        i2d_X509_SIG(&sig, &p);
-        s = tmps;
-    }
-    i = RSA_private_encrypt(i, s, sigret, rsa, RSA_PKCS1_PADDING);
-    if (i <= 0)
-        ret = 0;
-    else
-        *siglen = i;
-
-    if (type != NID_md5_sha1) {
-        OPENSSL_cleanse(tmps, (unsigned int)j + 1);
-        OPENSSL_free(tmps);
-    }
-    return (ret);
-}
-
-/*
- * Check DigestInfo structure does not contain extraneous data by reencoding
- * using DER and checking encoding against original.
- */
-static int rsa_check_digestinfo(X509_SIG *sig, const unsigned char *dinfo,
-                                int dinfolen)
-{
-    unsigned char *der = NULL;
-    int derlen;
-    int ret = 0;
-    derlen = i2d_X509_SIG(sig, &der);
-    if (derlen <= 0)
-        return 0;
-    if (derlen == dinfolen && !memcmp(dinfo, der, derlen))
-        ret = 1;
-    OPENSSL_cleanse(der, derlen);
-    OPENSSL_free(der);
-    return ret;
-}
-
-int int_rsa_verify(int dtype, const unsigned char *m,
-                   unsigned int m_len,
-                   unsigned char *rm, size_t *prm_len,
-                   const unsigned char *sigbuf, size_t siglen, RSA *rsa)
-{
-    int i, ret = 0, sigtype;
-    unsigned char *s;
-    X509_SIG *sig = NULL;
-
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
-        && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
-        RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_NON_FIPS_RSA_METHOD);
-        return 0;
-    }
-#endif
-
-    if (siglen != (unsigned int)RSA_size(rsa)) {
-        RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_WRONG_SIGNATURE_LENGTH);
-        return (0);
-    }
-
-    if ((dtype == NID_md5_sha1) && rm) {
-        i = RSA_public_decrypt((int)siglen,
-                               sigbuf, rm, rsa, RSA_PKCS1_PADDING);
-        if (i <= 0)
-            return 0;
-        *prm_len = i;
-        return 1;
-    }
-
-    s = (unsigned char *)OPENSSL_malloc((unsigned int)siglen);
-    if (s == NULL) {
-        RSAerr(RSA_F_INT_RSA_VERIFY, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    if ((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH)) {
-        RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_INVALID_MESSAGE_LENGTH);
-        goto err;
-    }
-    i = RSA_public_decrypt((int)siglen, sigbuf, s, rsa, RSA_PKCS1_PADDING);
-
-    if (i <= 0)
-        goto err;
-    /*
-     * Oddball MDC2 case: signature can be OCTET STRING. check for correct
-     * tag and length octets.
-     */
-    if (dtype == NID_mdc2 && i == 18 && s[0] == 0x04 && s[1] == 0x10) {
-        if (rm) {
-            memcpy(rm, s + 2, 16);
-            *prm_len = 16;
-            ret = 1;
-        } else if (memcmp(m, s + 2, 16)) {
-            RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
-        } else {
-            ret = 1;
-        }
-    } else if (dtype == NID_md5_sha1) {
-        /* Special case: SSL signature */
-        if ((i != SSL_SIG_LENGTH) || memcmp(s, m, SSL_SIG_LENGTH))
-            RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
-        else
-            ret = 1;
-    } else {
-        const unsigned char *p = s;
-        sig = d2i_X509_SIG(NULL, &p, (long)i);
-
-        if (sig == NULL)
-            goto err;
-
-        /* Excess data can be used to create forgeries */
-        if (p != s + i || !rsa_check_digestinfo(sig, s, i)) {
-            RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
-            goto err;
-        }
-
-        /*
-         * Parameters to the signature algorithm can also be used to create
-         * forgeries
-         */
-        if (sig->algor->parameter
-            && ASN1_TYPE_get(sig->algor->parameter) != V_ASN1_NULL) {
-            RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
-            goto err;
-        }
-
-        sigtype = OBJ_obj2nid(sig->algor->algorithm);
-
-#ifdef RSA_DEBUG
-        /* put a backward compatibility flag in EAY */
-        fprintf(stderr, "in(%s) expect(%s)\n", OBJ_nid2ln(sigtype),
-                OBJ_nid2ln(dtype));
-#endif
-        if (sigtype != dtype) {
-            RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_ALGORITHM_MISMATCH);
-            goto err;
-        }
-        if (rm) {
-            const EVP_MD *md;
-            md = EVP_get_digestbynid(dtype);
-            if (md && (EVP_MD_size(md) != sig->digest->length))
-                RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_INVALID_DIGEST_LENGTH);
-            else {
-                memcpy(rm, sig->digest->data, sig->digest->length);
-                *prm_len = sig->digest->length;
-                ret = 1;
-            }
-        } else if (((unsigned int)sig->digest->length != m_len) ||
-                   (memcmp(m, sig->digest->data, m_len) != 0)) {
-            RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
-        } else
-            ret = 1;
-    }
- err:
-    if (sig != NULL)
-        X509_SIG_free(sig);
-    if (s != NULL) {
-        OPENSSL_cleanse(s, (unsigned int)siglen);
-        OPENSSL_free(s);
-    }
-    return (ret);
-}
-
-int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
-               const unsigned char *sigbuf, unsigned int siglen, RSA *rsa)
-{
-
-    if ((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_verify) {
-        return rsa->meth->rsa_verify(dtype, m, m_len, sigbuf, siglen, rsa);
-    }
-
-    return int_rsa_verify(dtype, m, m_len, NULL, NULL, sigbuf, siglen, rsa);
-}
diff --git a/thirdparty/openssl/crypto/rsa/rsa_ssl.c b/thirdparty/openssl/crypto/rsa/rsa_ssl.c
deleted file mode 100644
index 746e01f64a..0000000000
--- a/thirdparty/openssl/crypto/rsa/rsa_ssl.c
+++ /dev/null
@@ -1,149 +0,0 @@
-/* crypto/rsa/rsa_ssl.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/rand.h>
-
-int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
-                           const unsigned char *from, int flen)
-{
-    int i, j;
-    unsigned char *p;
-
-    if (flen > (tlen - 11)) {
-        RSAerr(RSA_F_RSA_PADDING_ADD_SSLV23,
-               RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
-        return (0);
-    }
-
-    p = (unsigned char *)to;
-
-    *(p++) = 0;
-    *(p++) = 2;                 /* Public Key BT (Block Type) */
-
-    /* pad out with non-zero random data */
-    j = tlen - 3 - 8 - flen;
-
-    if (RAND_bytes(p, j) <= 0)
-        return (0);
-    for (i = 0; i < j; i++) {
-        if (*p == '\0')
-            do {
-                if (RAND_bytes(p, 1) <= 0)
-                    return (0);
-            } while (*p == '\0');
-        p++;
-    }
-
-    memset(p, 3, 8);
-    p += 8;
-    *(p++) = '\0';
-
-    memcpy(p, from, (unsigned int)flen);
-    return (1);
-}
-
-int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
-                             const unsigned char *from, int flen, int num)
-{
-    int i, j, k;
-    const unsigned char *p;
-
-    p = from;
-    if (flen < 10) {
-        RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23, RSA_R_DATA_TOO_SMALL);
-        return (-1);
-    }
-    if ((num != (flen + 1)) || (*(p++) != 02)) {
-        RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23, RSA_R_BLOCK_TYPE_IS_NOT_02);
-        return (-1);
-    }
-
-    /* scan over padding data */
-    j = flen - 1;               /* one for type */
-    for (i = 0; i < j; i++)
-        if (*(p++) == 0)
-            break;
-
-    if ((i == j) || (i < 8)) {
-        RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,
-               RSA_R_NULL_BEFORE_BLOCK_MISSING);
-        return (-1);
-    }
-    for (k = -9; k < -1; k++) {
-        if (p[k] != 0x03)
-            break;
-    }
-    if (k == -1) {
-        RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23, RSA_R_SSLV3_ROLLBACK_ATTACK);
-        return (-1);
-    }
-
-    i++;                        /* Skip over the '\0' */
-    j -= i;
-    if (j > tlen) {
-        RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23, RSA_R_DATA_TOO_LARGE);
-        return (-1);
-    }
-    memcpy(to, p, (unsigned int)j);
-
-    return (j);
-}
diff --git a/thirdparty/openssl/crypto/rsa/rsa_x931.c b/thirdparty/openssl/crypto/rsa/rsa_x931.c
deleted file mode 100644
index 725ead049c..0000000000
--- a/thirdparty/openssl/crypto/rsa/rsa_x931.c
+++ /dev/null
@@ -1,167 +0,0 @@
-/* rsa_x931.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2005.
- */
-/* ====================================================================
- * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-
-int RSA_padding_add_X931(unsigned char *to, int tlen,
-                         const unsigned char *from, int flen)
-{
-    int j;
-    unsigned char *p;
-
-    /*
-     * Absolute minimum amount of padding is 1 header nibble, 1 padding
-     * nibble and 2 trailer bytes: but 1 hash if is already in 'from'.
-     */
-
-    j = tlen - flen - 2;
-
-    if (j < 0) {
-        RSAerr(RSA_F_RSA_PADDING_ADD_X931, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
-        return -1;
-    }
-
-    p = (unsigned char *)to;
-
-    /* If no padding start and end nibbles are in one byte */
-    if (j == 0)
-        *p++ = 0x6A;
-    else {
-        *p++ = 0x6B;
-        if (j > 1) {
-            memset(p, 0xBB, j - 1);
-            p += j - 1;
-        }
-        *p++ = 0xBA;
-    }
-    memcpy(p, from, (unsigned int)flen);
-    p += flen;
-    *p = 0xCC;
-    return (1);
-}
-
-int RSA_padding_check_X931(unsigned char *to, int tlen,
-                           const unsigned char *from, int flen, int num)
-{
-    int i = 0, j;
-    const unsigned char *p;
-
-    p = from;
-    if ((num != flen) || ((*p != 0x6A) && (*p != 0x6B))) {
-        RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_HEADER);
-        return -1;
-    }
-
-    if (*p++ == 0x6B) {
-        j = flen - 3;
-        for (i = 0; i < j; i++) {
-            unsigned char c = *p++;
-            if (c == 0xBA)
-                break;
-            if (c != 0xBB) {
-                RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_PADDING);
-                return -1;
-            }
-        }
-
-        j -= i;
-
-        if (i == 0) {
-            RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_PADDING);
-            return -1;
-        }
-
-    } else
-        j = flen - 2;
-
-    if (p[j] != 0xCC) {
-        RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_TRAILER);
-        return -1;
-    }
-
-    memcpy(to, p, (unsigned int)j);
-
-    return (j);
-}
-
-/* Translate between X931 hash ids and NIDs */
-
-int RSA_X931_hash_id(int nid)
-{
-    switch (nid) {
-    case NID_sha1:
-        return 0x33;
-
-    case NID_sha256:
-        return 0x34;
-
-    case NID_sha384:
-        return 0x36;
-
-    case NID_sha512:
-        return 0x35;
-
-    }
-    return -1;
-}
diff --git a/thirdparty/openssl/crypto/s390xcap.c b/thirdparty/openssl/crypto/s390xcap.c
deleted file mode 100644
index cf8c372c05..0000000000
--- a/thirdparty/openssl/crypto/s390xcap.c
+++ /dev/null
@@ -1,42 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <setjmp.h>
-#include <signal.h>
-#include "cryptlib.h"
-
-extern unsigned long OPENSSL_s390xcap_P[];
-
-static sigjmp_buf ill_jmp;
-static void ill_handler(int sig)
-{
-    siglongjmp(ill_jmp, sig);
-}
-
-unsigned long OPENSSL_s390x_facilities(void);
-
-void OPENSSL_cpuid_setup(void)
-{
-    sigset_t oset;
-    struct sigaction ill_act, oact;
-
-    if (OPENSSL_s390xcap_P[0])
-        return;
-
-    OPENSSL_s390xcap_P[0] = 1UL << (8 * sizeof(unsigned long) - 1);
-
-    memset(&ill_act, 0, sizeof(ill_act));
-    ill_act.sa_handler = ill_handler;
-    sigfillset(&ill_act.sa_mask);
-    sigdelset(&ill_act.sa_mask, SIGILL);
-    sigdelset(&ill_act.sa_mask, SIGTRAP);
-    sigprocmask(SIG_SETMASK, &ill_act.sa_mask, &oset);
-    sigaction(SIGILL, &ill_act, &oact);
-
-    /* protection against missing store-facility-list-extended */
-    if (sigsetjmp(ill_jmp, 1) == 0)
-        OPENSSL_s390x_facilities();
-
-    sigaction(SIGILL, &oact, NULL);
-    sigprocmask(SIG_SETMASK, &oset, NULL);
-}
diff --git a/thirdparty/openssl/crypto/seed/seed.c b/thirdparty/openssl/crypto/seed/seed.c
deleted file mode 100644
index a90587227e..0000000000
--- a/thirdparty/openssl/crypto/seed/seed.c
+++ /dev/null
@@ -1,711 +0,0 @@
-/*
- * Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Neither the name of author nor the names of its contributors may
- *    be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- */
-#ifndef OPENSSL_NO_SEED
-
-# include <stdio.h>
-# include <stdlib.h>
-# include <string.h>
-# ifdef WIN32
-#  include <memory.h>
-# endif
-
-# include <openssl/crypto.h>
-# include <openssl/seed.h>
-# include "seed_locl.h"
-
-# ifdef SS                      /* can get defined on Solaris by inclusion of
-                                 * <stdlib.h> */
-#  undef SS
-# endif
-
-static const seed_word SS[4][256] = { {
-                                       0x2989a1a8, 0x05858184, 0x16c6d2d4,
-                                       0x13c3d3d0, 0x14445054, 0x1d0d111c,
-                                       0x2c8ca0ac, 0x25052124,
-                                       0x1d4d515c, 0x03434340, 0x18081018,
-                                       0x1e0e121c, 0x11415150, 0x3cccf0fc,
-                                       0x0acac2c8, 0x23436360,
-                                       0x28082028, 0x04444044, 0x20002020,
-                                       0x1d8d919c, 0x20c0e0e0, 0x22c2e2e0,
-                                       0x08c8c0c8, 0x17071314,
-                                       0x2585a1a4, 0x0f8f838c, 0x03030300,
-                                       0x3b4b7378, 0x3b8bb3b8, 0x13031310,
-                                       0x12c2d2d0, 0x2ecee2ec,
-                                       0x30407070, 0x0c8c808c, 0x3f0f333c,
-                                       0x2888a0a8, 0x32023230, 0x1dcdd1dc,
-                                       0x36c6f2f4, 0x34447074,
-                                       0x2ccce0ec, 0x15859194, 0x0b0b0308,
-                                       0x17475354, 0x1c4c505c, 0x1b4b5358,
-                                       0x3d8db1bc, 0x01010100,
-                                       0x24042024, 0x1c0c101c, 0x33437370,
-                                       0x18889098, 0x10001010, 0x0cccc0cc,
-                                       0x32c2f2f0, 0x19c9d1d8,
-                                       0x2c0c202c, 0x27c7e3e4, 0x32427270,
-                                       0x03838380, 0x1b8b9398, 0x11c1d1d0,
-                                       0x06868284, 0x09c9c1c8,
-                                       0x20406060, 0x10405050, 0x2383a3a0,
-                                       0x2bcbe3e8, 0x0d0d010c, 0x3686b2b4,
-                                       0x1e8e929c, 0x0f4f434c,
-                                       0x3787b3b4, 0x1a4a5258, 0x06c6c2c4,
-                                       0x38487078, 0x2686a2a4, 0x12021210,
-                                       0x2f8fa3ac, 0x15c5d1d4,
-                                       0x21416160, 0x03c3c3c0, 0x3484b0b4,
-                                       0x01414140, 0x12425250, 0x3d4d717c,
-                                       0x0d8d818c, 0x08080008,
-                                       0x1f0f131c, 0x19899198, 0x00000000,
-                                       0x19091118, 0x04040004, 0x13435350,
-                                       0x37c7f3f4, 0x21c1e1e0,
-                                       0x3dcdf1fc, 0x36467274, 0x2f0f232c,
-                                       0x27072324, 0x3080b0b0, 0x0b8b8388,
-                                       0x0e0e020c, 0x2b8ba3a8,
-                                       0x2282a2a0, 0x2e4e626c, 0x13839390,
-                                       0x0d4d414c, 0x29496168, 0x3c4c707c,
-                                       0x09090108, 0x0a0a0208,
-                                       0x3f8fb3bc, 0x2fcfe3ec, 0x33c3f3f0,
-                                       0x05c5c1c4, 0x07878384, 0x14041014,
-                                       0x3ecef2fc, 0x24446064,
-                                       0x1eced2dc, 0x2e0e222c, 0x0b4b4348,
-                                       0x1a0a1218, 0x06060204, 0x21012120,
-                                       0x2b4b6368, 0x26466264,
-                                       0x02020200, 0x35c5f1f4, 0x12829290,
-                                       0x0a8a8288, 0x0c0c000c, 0x3383b3b0,
-                                       0x3e4e727c, 0x10c0d0d0,
-                                       0x3a4a7278, 0x07474344, 0x16869294,
-                                       0x25c5e1e4, 0x26062224, 0x00808080,
-                                       0x2d8da1ac, 0x1fcfd3dc,
-                                       0x2181a1a0, 0x30003030, 0x37073334,
-                                       0x2e8ea2ac, 0x36063234, 0x15051114,
-                                       0x22022220, 0x38083038,
-                                       0x34c4f0f4, 0x2787a3a4, 0x05454144,
-                                       0x0c4c404c, 0x01818180, 0x29c9e1e8,
-                                       0x04848084, 0x17879394,
-                                       0x35053134, 0x0bcbc3c8, 0x0ecec2cc,
-                                       0x3c0c303c, 0x31417170, 0x11011110,
-                                       0x07c7c3c4, 0x09898188,
-                                       0x35457174, 0x3bcbf3f8, 0x1acad2d8,
-                                       0x38c8f0f8, 0x14849094, 0x19495158,
-                                       0x02828280, 0x04c4c0c4,
-                                       0x3fcff3fc, 0x09494148, 0x39093138,
-                                       0x27476364, 0x00c0c0c0, 0x0fcfc3cc,
-                                       0x17c7d3d4, 0x3888b0b8,
-                                       0x0f0f030c, 0x0e8e828c, 0x02424240,
-                                       0x23032320, 0x11819190, 0x2c4c606c,
-                                       0x1bcbd3d8, 0x2484a0a4,
-                                       0x34043034, 0x31c1f1f0, 0x08484048,
-                                       0x02c2c2c0, 0x2f4f636c, 0x3d0d313c,
-                                       0x2d0d212c, 0x00404040,
-                                       0x3e8eb2bc, 0x3e0e323c, 0x3c8cb0bc,
-                                       0x01c1c1c0, 0x2a8aa2a8, 0x3a8ab2b8,
-                                       0x0e4e424c, 0x15455154,
-                                       0x3b0b3338, 0x1cccd0dc, 0x28486068,
-                                       0x3f4f737c, 0x1c8c909c, 0x18c8d0d8,
-                                       0x0a4a4248, 0x16465254,
-                                       0x37477374, 0x2080a0a0, 0x2dcde1ec,
-                                       0x06464244, 0x3585b1b4, 0x2b0b2328,
-                                       0x25456164, 0x3acaf2f8,
-                                       0x23c3e3e0, 0x3989b1b8, 0x3181b1b0,
-                                       0x1f8f939c, 0x1e4e525c, 0x39c9f1f8,
-                                       0x26c6e2e4, 0x3282b2b0,
-                                       0x31013130, 0x2acae2e8, 0x2d4d616c,
-                                       0x1f4f535c, 0x24c4e0e4, 0x30c0f0f0,
-                                       0x0dcdc1cc, 0x08888088,
-                                       0x16061214, 0x3a0a3238, 0x18485058,
-                                       0x14c4d0d4, 0x22426260, 0x29092128,
-                                       0x07070304, 0x33033330,
-                                       0x28c8e0e8, 0x1b0b1318, 0x05050104,
-                                       0x39497178, 0x10809090, 0x2a4a6268,
-                                       0x2a0a2228, 0x1a8a9298}, {
-                                                                 0x38380830,
-                                                                 0xe828c8e0,
-                                                                 0x2c2d0d21,
-                                                                 0xa42686a2,
-                                                                 0xcc0fcfc3,
-                                                                 0xdc1eced2,
-                                                                 0xb03383b3,
-                                                                 0xb83888b0,
-                                                                 0xac2f8fa3,
-                                                                 0x60204060,
-                                                                 0x54154551,
-                                                                 0xc407c7c3,
-                                                                 0x44044440,
-                                                                 0x6c2f4f63,
-                                                                 0x682b4b63,
-                                                                 0x581b4b53,
-                                                                 0xc003c3c3,
-                                                                 0x60224262,
-                                                                 0x30330333,
-                                                                 0xb43585b1,
-                                                                 0x28290921,
-                                                                 0xa02080a0,
-                                                                 0xe022c2e2,
-                                                                 0xa42787a3,
-                                                                 0xd013c3d3,
-                                                                 0x90118191,
-                                                                 0x10110111,
-                                                                 0x04060602,
-                                                                 0x1c1c0c10,
-                                                                 0xbc3c8cb0,
-                                                                 0x34360632,
-                                                                 0x480b4b43,
-                                                                 0xec2fcfe3,
-                                                                 0x88088880,
-                                                                 0x6c2c4c60,
-                                                                 0xa82888a0,
-                                                                 0x14170713,
-                                                                 0xc404c4c0,
-                                                                 0x14160612,
-                                                                 0xf434c4f0,
-                                                                 0xc002c2c2,
-                                                                 0x44054541,
-                                                                 0xe021c1e1,
-                                                                 0xd416c6d2,
-                                                                 0x3c3f0f33,
-                                                                 0x3c3d0d31,
-                                                                 0x8c0e8e82,
-                                                                 0x98188890,
-                                                                 0x28280820,
-                                                                 0x4c0e4e42,
-                                                                 0xf436c6f2,
-                                                                 0x3c3e0e32,
-                                                                 0xa42585a1,
-                                                                 0xf839c9f1,
-                                                                 0x0c0d0d01,
-                                                                 0xdc1fcfd3,
-                                                                 0xd818c8d0,
-                                                                 0x282b0b23,
-                                                                 0x64264662,
-                                                                 0x783a4a72,
-                                                                 0x24270723,
-                                                                 0x2c2f0f23,
-                                                                 0xf031c1f1,
-                                                                 0x70324272,
-                                                                 0x40024242,
-                                                                 0xd414c4d0,
-                                                                 0x40014141,
-                                                                 0xc000c0c0,
-                                                                 0x70334373,
-                                                                 0x64274763,
-                                                                 0xac2c8ca0,
-                                                                 0x880b8b83,
-                                                                 0xf437c7f3,
-                                                                 0xac2d8da1,
-                                                                 0x80008080,
-                                                                 0x1c1f0f13,
-                                                                 0xc80acac2,
-                                                                 0x2c2c0c20,
-                                                                 0xa82a8aa2,
-                                                                 0x34340430,
-                                                                 0xd012c2d2,
-                                                                 0x080b0b03,
-                                                                 0xec2ecee2,
-                                                                 0xe829c9e1,
-                                                                 0x5c1d4d51,
-                                                                 0x94148490,
-                                                                 0x18180810,
-                                                                 0xf838c8f0,
-                                                                 0x54174753,
-                                                                 0xac2e8ea2,
-                                                                 0x08080800,
-                                                                 0xc405c5c1,
-                                                                 0x10130313,
-                                                                 0xcc0dcdc1,
-                                                                 0x84068682,
-                                                                 0xb83989b1,
-                                                                 0xfc3fcff3,
-                                                                 0x7c3d4d71,
-                                                                 0xc001c1c1,
-                                                                 0x30310131,
-                                                                 0xf435c5f1,
-                                                                 0x880a8a82,
-                                                                 0x682a4a62,
-                                                                 0xb03181b1,
-                                                                 0xd011c1d1,
-                                                                 0x20200020,
-                                                                 0xd417c7d3,
-                                                                 0x00020202,
-                                                                 0x20220222,
-                                                                 0x04040400,
-                                                                 0x68284860,
-                                                                 0x70314171,
-                                                                 0x04070703,
-                                                                 0xd81bcbd3,
-                                                                 0x9c1d8d91,
-                                                                 0x98198991,
-                                                                 0x60214161,
-                                                                 0xbc3e8eb2,
-                                                                 0xe426c6e2,
-                                                                 0x58194951,
-                                                                 0xdc1dcdd1,
-                                                                 0x50114151,
-                                                                 0x90108090,
-                                                                 0xdc1cccd0,
-                                                                 0x981a8a92,
-                                                                 0xa02383a3,
-                                                                 0xa82b8ba3,
-                                                                 0xd010c0d0,
-                                                                 0x80018181,
-                                                                 0x0c0f0f03,
-                                                                 0x44074743,
-                                                                 0x181a0a12,
-                                                                 0xe023c3e3,
-                                                                 0xec2ccce0,
-                                                                 0x8c0d8d81,
-                                                                 0xbc3f8fb3,
-                                                                 0x94168692,
-                                                                 0x783b4b73,
-                                                                 0x5c1c4c50,
-                                                                 0xa02282a2,
-                                                                 0xa02181a1,
-                                                                 0x60234363,
-                                                                 0x20230323,
-                                                                 0x4c0d4d41,
-                                                                 0xc808c8c0,
-                                                                 0x9c1e8e92,
-                                                                 0x9c1c8c90,
-                                                                 0x383a0a32,
-                                                                 0x0c0c0c00,
-                                                                 0x2c2e0e22,
-                                                                 0xb83a8ab2,
-                                                                 0x6c2e4e62,
-                                                                 0x9c1f8f93,
-                                                                 0x581a4a52,
-                                                                 0xf032c2f2,
-                                                                 0x90128292,
-                                                                 0xf033c3f3,
-                                                                 0x48094941,
-                                                                 0x78384870,
-                                                                 0xcc0cccc0,
-                                                                 0x14150511,
-                                                                 0xf83bcbf3,
-                                                                 0x70304070,
-                                                                 0x74354571,
-                                                                 0x7c3f4f73,
-                                                                 0x34350531,
-                                                                 0x10100010,
-                                                                 0x00030303,
-                                                                 0x64244460,
-                                                                 0x6c2d4d61,
-                                                                 0xc406c6c2,
-                                                                 0x74344470,
-                                                                 0xd415c5d1,
-                                                                 0xb43484b0,
-                                                                 0xe82acae2,
-                                                                 0x08090901,
-                                                                 0x74364672,
-                                                                 0x18190911,
-                                                                 0xfc3ecef2,
-                                                                 0x40004040,
-                                                                 0x10120212,
-                                                                 0xe020c0e0,
-                                                                 0xbc3d8db1,
-                                                                 0x04050501,
-                                                                 0xf83acaf2,
-                                                                 0x00010101,
-                                                                 0xf030c0f0,
-                                                                 0x282a0a22,
-                                                                 0x5c1e4e52,
-                                                                 0xa82989a1,
-                                                                 0x54164652,
-                                                                 0x40034343,
-                                                                 0x84058581,
-                                                                 0x14140410,
-                                                                 0x88098981,
-                                                                 0x981b8b93,
-                                                                 0xb03080b0,
-                                                                 0xe425c5e1,
-                                                                 0x48084840,
-                                                                 0x78394971,
-                                                                 0x94178793,
-                                                                 0xfc3cccf0,
-                                                                 0x1c1e0e12,
-                                                                 0x80028282,
-                                                                 0x20210121,
-                                                                 0x8c0c8c80,
-                                                                 0x181b0b13,
-                                                                 0x5c1f4f53,
-                                                                 0x74374773,
-                                                                 0x54144450,
-                                                                 0xb03282b2,
-                                                                 0x1c1d0d11,
-                                                                 0x24250521,
-                                                                 0x4c0f4f43,
-                                                                 0x00000000,
-                                                                 0x44064642,
-                                                                 0xec2dcde1,
-                                                                 0x58184850,
-                                                                 0x50124252,
-                                                                 0xe82bcbe3,
-                                                                 0x7c3e4e72,
-                                                                 0xd81acad2,
-                                                                 0xc809c9c1,
-                                                                 0xfc3dcdf1,
-                                                                 0x30300030,
-                                                                 0x94158591,
-                                                                 0x64254561,
-                                                                 0x3c3c0c30,
-                                                                 0xb43686b2,
-                                                                 0xe424c4e0,
-                                                                 0xb83b8bb3,
-                                                                 0x7c3c4c70,
-                                                                 0x0c0e0e02,
-                                                                 0x50104050,
-                                                                 0x38390931,
-                                                                 0x24260622,
-                                                                 0x30320232,
-                                                                 0x84048480,
-                                                                 0x68294961,
-                                                                 0x90138393,
-                                                                 0x34370733,
-                                                                 0xe427c7e3,
-                                                                 0x24240420,
-                                                                 0xa42484a0,
-                                                                 0xc80bcbc3,
-                                                                 0x50134353,
-                                                                 0x080a0a02,
-                                                                 0x84078783,
-                                                                 0xd819c9d1,
-                                                                 0x4c0c4c40,
-                                                                 0x80038383,
-                                                                 0x8c0f8f83,
-                                                                 0xcc0ecec2,
-                                                                 0x383b0b33,
-                                                                 0x480a4a42,
-                                                                 0xb43787b3},
-{
- 0xa1a82989, 0x81840585, 0xd2d416c6, 0xd3d013c3, 0x50541444, 0x111c1d0d,
- 0xa0ac2c8c, 0x21242505,
- 0x515c1d4d, 0x43400343, 0x10181808, 0x121c1e0e, 0x51501141, 0xf0fc3ccc,
- 0xc2c80aca, 0x63602343,
- 0x20282808, 0x40440444, 0x20202000, 0x919c1d8d, 0xe0e020c0, 0xe2e022c2,
- 0xc0c808c8, 0x13141707,
- 0xa1a42585, 0x838c0f8f, 0x03000303, 0x73783b4b, 0xb3b83b8b, 0x13101303,
- 0xd2d012c2, 0xe2ec2ece,
- 0x70703040, 0x808c0c8c, 0x333c3f0f, 0xa0a82888, 0x32303202, 0xd1dc1dcd,
- 0xf2f436c6, 0x70743444,
- 0xe0ec2ccc, 0x91941585, 0x03080b0b, 0x53541747, 0x505c1c4c, 0x53581b4b,
- 0xb1bc3d8d, 0x01000101,
- 0x20242404, 0x101c1c0c, 0x73703343, 0x90981888, 0x10101000, 0xc0cc0ccc,
- 0xf2f032c2, 0xd1d819c9,
- 0x202c2c0c, 0xe3e427c7, 0x72703242, 0x83800383, 0x93981b8b, 0xd1d011c1,
- 0x82840686, 0xc1c809c9,
- 0x60602040, 0x50501040, 0xa3a02383, 0xe3e82bcb, 0x010c0d0d, 0xb2b43686,
- 0x929c1e8e, 0x434c0f4f,
- 0xb3b43787, 0x52581a4a, 0xc2c406c6, 0x70783848, 0xa2a42686, 0x12101202,
- 0xa3ac2f8f, 0xd1d415c5,
- 0x61602141, 0xc3c003c3, 0xb0b43484, 0x41400141, 0x52501242, 0x717c3d4d,
- 0x818c0d8d, 0x00080808,
- 0x131c1f0f, 0x91981989, 0x00000000, 0x11181909, 0x00040404, 0x53501343,
- 0xf3f437c7, 0xe1e021c1,
- 0xf1fc3dcd, 0x72743646, 0x232c2f0f, 0x23242707, 0xb0b03080, 0x83880b8b,
- 0x020c0e0e, 0xa3a82b8b,
- 0xa2a02282, 0x626c2e4e, 0x93901383, 0x414c0d4d, 0x61682949, 0x707c3c4c,
- 0x01080909, 0x02080a0a,
- 0xb3bc3f8f, 0xe3ec2fcf, 0xf3f033c3, 0xc1c405c5, 0x83840787, 0x10141404,
- 0xf2fc3ece, 0x60642444,
- 0xd2dc1ece, 0x222c2e0e, 0x43480b4b, 0x12181a0a, 0x02040606, 0x21202101,
- 0x63682b4b, 0x62642646,
- 0x02000202, 0xf1f435c5, 0x92901282, 0x82880a8a, 0x000c0c0c, 0xb3b03383,
- 0x727c3e4e, 0xd0d010c0,
- 0x72783a4a, 0x43440747, 0x92941686, 0xe1e425c5, 0x22242606, 0x80800080,
- 0xa1ac2d8d, 0xd3dc1fcf,
- 0xa1a02181, 0x30303000, 0x33343707, 0xa2ac2e8e, 0x32343606, 0x11141505,
- 0x22202202, 0x30383808,
- 0xf0f434c4, 0xa3a42787, 0x41440545, 0x404c0c4c, 0x81800181, 0xe1e829c9,
- 0x80840484, 0x93941787,
- 0x31343505, 0xc3c80bcb, 0xc2cc0ece, 0x303c3c0c, 0x71703141, 0x11101101,
- 0xc3c407c7, 0x81880989,
- 0x71743545, 0xf3f83bcb, 0xd2d81aca, 0xf0f838c8, 0x90941484, 0x51581949,
- 0x82800282, 0xc0c404c4,
- 0xf3fc3fcf, 0x41480949, 0x31383909, 0x63642747, 0xc0c000c0, 0xc3cc0fcf,
- 0xd3d417c7, 0xb0b83888,
- 0x030c0f0f, 0x828c0e8e, 0x42400242, 0x23202303, 0x91901181, 0x606c2c4c,
- 0xd3d81bcb, 0xa0a42484,
- 0x30343404, 0xf1f031c1, 0x40480848, 0xc2c002c2, 0x636c2f4f, 0x313c3d0d,
- 0x212c2d0d, 0x40400040,
- 0xb2bc3e8e, 0x323c3e0e, 0xb0bc3c8c, 0xc1c001c1, 0xa2a82a8a, 0xb2b83a8a,
- 0x424c0e4e, 0x51541545,
- 0x33383b0b, 0xd0dc1ccc, 0x60682848, 0x737c3f4f, 0x909c1c8c, 0xd0d818c8,
- 0x42480a4a, 0x52541646,
- 0x73743747, 0xa0a02080, 0xe1ec2dcd, 0x42440646, 0xb1b43585, 0x23282b0b,
- 0x61642545, 0xf2f83aca,
- 0xe3e023c3, 0xb1b83989, 0xb1b03181, 0x939c1f8f, 0x525c1e4e, 0xf1f839c9,
- 0xe2e426c6, 0xb2b03282,
- 0x31303101, 0xe2e82aca, 0x616c2d4d, 0x535c1f4f, 0xe0e424c4, 0xf0f030c0,
- 0xc1cc0dcd, 0x80880888,
- 0x12141606, 0x32383a0a, 0x50581848, 0xd0d414c4, 0x62602242, 0x21282909,
- 0x03040707, 0x33303303,
- 0xe0e828c8, 0x13181b0b, 0x01040505, 0x71783949, 0x90901080, 0x62682a4a,
- 0x22282a0a, 0x92981a8a}, {
-                           0x08303838, 0xc8e0e828, 0x0d212c2d, 0x86a2a426,
-                           0xcfc3cc0f, 0xced2dc1e, 0x83b3b033, 0x88b0b838,
-                           0x8fa3ac2f, 0x40606020, 0x45515415, 0xc7c3c407,
-                           0x44404404, 0x4f636c2f, 0x4b63682b, 0x4b53581b,
-                           0xc3c3c003, 0x42626022, 0x03333033, 0x85b1b435,
-                           0x09212829, 0x80a0a020, 0xc2e2e022, 0x87a3a427,
-                           0xc3d3d013, 0x81919011, 0x01111011, 0x06020406,
-                           0x0c101c1c, 0x8cb0bc3c, 0x06323436, 0x4b43480b,
-                           0xcfe3ec2f, 0x88808808, 0x4c606c2c, 0x88a0a828,
-                           0x07131417, 0xc4c0c404, 0x06121416, 0xc4f0f434,
-                           0xc2c2c002, 0x45414405, 0xc1e1e021, 0xc6d2d416,
-                           0x0f333c3f, 0x0d313c3d, 0x8e828c0e, 0x88909818,
-                           0x08202828, 0x4e424c0e, 0xc6f2f436, 0x0e323c3e,
-                           0x85a1a425, 0xc9f1f839, 0x0d010c0d, 0xcfd3dc1f,
-                           0xc8d0d818, 0x0b23282b, 0x46626426, 0x4a72783a,
-                           0x07232427, 0x0f232c2f, 0xc1f1f031, 0x42727032,
-                           0x42424002, 0xc4d0d414, 0x41414001, 0xc0c0c000,
-                           0x43737033, 0x47636427, 0x8ca0ac2c, 0x8b83880b,
-                           0xc7f3f437, 0x8da1ac2d, 0x80808000, 0x0f131c1f,
-                           0xcac2c80a, 0x0c202c2c, 0x8aa2a82a, 0x04303434,
-                           0xc2d2d012, 0x0b03080b, 0xcee2ec2e, 0xc9e1e829,
-                           0x4d515c1d, 0x84909414, 0x08101818, 0xc8f0f838,
-                           0x47535417, 0x8ea2ac2e, 0x08000808, 0xc5c1c405,
-                           0x03131013, 0xcdc1cc0d, 0x86828406, 0x89b1b839,
-                           0xcff3fc3f, 0x4d717c3d, 0xc1c1c001, 0x01313031,
-                           0xc5f1f435, 0x8a82880a, 0x4a62682a, 0x81b1b031,
-                           0xc1d1d011, 0x00202020, 0xc7d3d417, 0x02020002,
-                           0x02222022, 0x04000404, 0x48606828, 0x41717031,
-                           0x07030407, 0xcbd3d81b, 0x8d919c1d, 0x89919819,
-                           0x41616021, 0x8eb2bc3e, 0xc6e2e426, 0x49515819,
-                           0xcdd1dc1d, 0x41515011, 0x80909010, 0xccd0dc1c,
-                           0x8a92981a, 0x83a3a023, 0x8ba3a82b, 0xc0d0d010,
-                           0x81818001, 0x0f030c0f, 0x47434407, 0x0a12181a,
-                           0xc3e3e023, 0xcce0ec2c, 0x8d818c0d, 0x8fb3bc3f,
-                           0x86929416, 0x4b73783b, 0x4c505c1c, 0x82a2a022,
-                           0x81a1a021, 0x43636023, 0x03232023, 0x4d414c0d,
-                           0xc8c0c808, 0x8e929c1e, 0x8c909c1c, 0x0a32383a,
-                           0x0c000c0c, 0x0e222c2e, 0x8ab2b83a, 0x4e626c2e,
-                           0x8f939c1f, 0x4a52581a, 0xc2f2f032, 0x82929012,
-                           0xc3f3f033, 0x49414809, 0x48707838, 0xccc0cc0c,
-                           0x05111415, 0xcbf3f83b, 0x40707030, 0x45717435,
-                           0x4f737c3f, 0x05313435, 0x00101010, 0x03030003,
-                           0x44606424, 0x4d616c2d, 0xc6c2c406, 0x44707434,
-                           0xc5d1d415, 0x84b0b434, 0xcae2e82a, 0x09010809,
-                           0x46727436, 0x09111819, 0xcef2fc3e, 0x40404000,
-                           0x02121012, 0xc0e0e020, 0x8db1bc3d, 0x05010405,
-                           0xcaf2f83a, 0x01010001, 0xc0f0f030, 0x0a22282a,
-                           0x4e525c1e, 0x89a1a829, 0x46525416, 0x43434003,
-                           0x85818405, 0x04101414, 0x89818809, 0x8b93981b,
-                           0x80b0b030, 0xc5e1e425, 0x48404808, 0x49717839,
-                           0x87939417, 0xccf0fc3c, 0x0e121c1e, 0x82828002,
-                           0x01212021, 0x8c808c0c, 0x0b13181b, 0x4f535c1f,
-                           0x47737437, 0x44505414, 0x82b2b032, 0x0d111c1d,
-                           0x05212425, 0x4f434c0f, 0x00000000, 0x46424406,
-                           0xcde1ec2d, 0x48505818, 0x42525012, 0xcbe3e82b,
-                           0x4e727c3e, 0xcad2d81a, 0xc9c1c809, 0xcdf1fc3d,
-                           0x00303030, 0x85919415, 0x45616425, 0x0c303c3c,
-                           0x86b2b436, 0xc4e0e424, 0x8bb3b83b, 0x4c707c3c,
-                           0x0e020c0e, 0x40505010, 0x09313839, 0x06222426,
-                           0x02323032, 0x84808404, 0x49616829, 0x83939013,
-                           0x07333437, 0xc7e3e427, 0x04202424, 0x84a0a424,
-                           0xcbc3c80b, 0x43535013, 0x0a02080a, 0x87838407,
-                           0xc9d1d819, 0x4c404c0c, 0x83838003, 0x8f838c0f,
-                           0xcec2cc0e, 0x0b33383b, 0x4a42480a, 0x87b3b437}
-};
-
-/* key schedule constants - golden ratio */
-# define KC0     0x9e3779b9
-# define KC1     0x3c6ef373
-# define KC2     0x78dde6e6
-# define KC3     0xf1bbcdcc
-# define KC4     0xe3779b99
-# define KC5     0xc6ef3733
-# define KC6     0x8dde6e67
-# define KC7     0x1bbcdccf
-# define KC8     0x3779b99e
-# define KC9     0x6ef3733c
-# define KC10    0xdde6e678
-# define KC11    0xbbcdccf1
-# define KC12    0x779b99e3
-# define KC13    0xef3733c6
-# define KC14    0xde6e678d
-# define KC15    0xbcdccf1b
-
-# if defined(OPENSSL_SMALL_FOOTPRINT)
-static const seed_word KC[] = {
-    KC0, KC1, KC2, KC3, KC4, KC5, KC6, KC7,
-    KC8, KC9, KC10, KC11, KC12, KC13, KC14, KC15
-};
-# endif
-void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
-                  SEED_KEY_SCHEDULE *ks)
-# ifdef OPENSSL_FIPS
-{
-    fips_cipher_abort(SEED);
-    private_SEED_set_key(rawkey, ks);
-}
-
-void private_SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
-                          SEED_KEY_SCHEDULE *ks)
-# endif
-{
-    seed_word x1, x2, x3, x4;
-    seed_word t0, t1;
-
-    char2word(rawkey, x1);
-    char2word(rawkey + 4, x2);
-    char2word(rawkey + 8, x3);
-    char2word(rawkey + 12, x4);
-
-    t0 = (x1 + x3 - KC0) & 0xffffffff;
-    t1 = (x2 - x4 + KC0) & 0xffffffff;
-    KEYUPDATE_TEMP(t0, t1, &ks->data[0]);
-    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC1);
-    KEYUPDATE_TEMP(t0, t1, &ks->data[2]);
-
-# if !defined(OPENSSL_SMALL_FOOTPRINT)
-    KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC2);
-    KEYUPDATE_TEMP(t0, t1, &ks->data[4]);
-    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC3);
-    KEYUPDATE_TEMP(t0, t1, &ks->data[6]);
-    KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC4);
-    KEYUPDATE_TEMP(t0, t1, &ks->data[8]);
-    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC5);
-    KEYUPDATE_TEMP(t0, t1, &ks->data[10]);
-    KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC6);
-    KEYUPDATE_TEMP(t0, t1, &ks->data[12]);
-    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC7);
-    KEYUPDATE_TEMP(t0, t1, &ks->data[14]);
-    KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC8);
-    KEYUPDATE_TEMP(t0, t1, &ks->data[16]);
-    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC9);
-    KEYUPDATE_TEMP(t0, t1, &ks->data[18]);
-    KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC10);
-    KEYUPDATE_TEMP(t0, t1, &ks->data[20]);
-    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC11);
-    KEYUPDATE_TEMP(t0, t1, &ks->data[22]);
-    KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC12);
-    KEYUPDATE_TEMP(t0, t1, &ks->data[24]);
-    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC13);
-    KEYUPDATE_TEMP(t0, t1, &ks->data[26]);
-    KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC14);
-    KEYUPDATE_TEMP(t0, t1, &ks->data[28]);
-    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC15);
-    KEYUPDATE_TEMP(t0, t1, &ks->data[30]);
-# else
-    {
-        int i;
-        for (i = 2; i < 16; i += 2) {
-            KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC[i]);
-            KEYUPDATE_TEMP(t0, t1, &ks->data[i * 2]);
-            KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC[i + 1]);
-            KEYUPDATE_TEMP(t0, t1, &ks->data[i * 2 + 2]);
-        }
-    }
-# endif
-}
-
-void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE],
-                  unsigned char d[SEED_BLOCK_SIZE],
-                  const SEED_KEY_SCHEDULE *ks)
-{
-    seed_word x1, x2, x3, x4;
-    seed_word t0, t1;
-
-    char2word(s, x1);
-    char2word(s + 4, x2);
-    char2word(s + 8, x3);
-    char2word(s + 12, x4);
-
-# if !defined(OPENSSL_SMALL_FOOTPRINT)
-    E_SEED(t0, t1, x1, x2, x3, x4, 0);
-    E_SEED(t0, t1, x3, x4, x1, x2, 2);
-    E_SEED(t0, t1, x1, x2, x3, x4, 4);
-    E_SEED(t0, t1, x3, x4, x1, x2, 6);
-    E_SEED(t0, t1, x1, x2, x3, x4, 8);
-    E_SEED(t0, t1, x3, x4, x1, x2, 10);
-    E_SEED(t0, t1, x1, x2, x3, x4, 12);
-    E_SEED(t0, t1, x3, x4, x1, x2, 14);
-    E_SEED(t0, t1, x1, x2, x3, x4, 16);
-    E_SEED(t0, t1, x3, x4, x1, x2, 18);
-    E_SEED(t0, t1, x1, x2, x3, x4, 20);
-    E_SEED(t0, t1, x3, x4, x1, x2, 22);
-    E_SEED(t0, t1, x1, x2, x3, x4, 24);
-    E_SEED(t0, t1, x3, x4, x1, x2, 26);
-    E_SEED(t0, t1, x1, x2, x3, x4, 28);
-    E_SEED(t0, t1, x3, x4, x1, x2, 30);
-# else
-    {
-        int i;
-        for (i = 0; i < 30; i += 4) {
-            E_SEED(t0, t1, x1, x2, x3, x4, i);
-            E_SEED(t0, t1, x3, x4, x1, x2, i + 2);
-        }
-    }
-# endif
-
-    word2char(x3, d);
-    word2char(x4, d + 4);
-    word2char(x1, d + 8);
-    word2char(x2, d + 12);
-}
-
-void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE],
-                  unsigned char d[SEED_BLOCK_SIZE],
-                  const SEED_KEY_SCHEDULE *ks)
-{
-    seed_word x1, x2, x3, x4;
-    seed_word t0, t1;
-
-    char2word(s, x1);
-    char2word(s + 4, x2);
-    char2word(s + 8, x3);
-    char2word(s + 12, x4);
-
-# if !defined(OPENSSL_SMALL_FOOTPRINT)
-    E_SEED(t0, t1, x1, x2, x3, x4, 30);
-    E_SEED(t0, t1, x3, x4, x1, x2, 28);
-    E_SEED(t0, t1, x1, x2, x3, x4, 26);
-    E_SEED(t0, t1, x3, x4, x1, x2, 24);
-    E_SEED(t0, t1, x1, x2, x3, x4, 22);
-    E_SEED(t0, t1, x3, x4, x1, x2, 20);
-    E_SEED(t0, t1, x1, x2, x3, x4, 18);
-    E_SEED(t0, t1, x3, x4, x1, x2, 16);
-    E_SEED(t0, t1, x1, x2, x3, x4, 14);
-    E_SEED(t0, t1, x3, x4, x1, x2, 12);
-    E_SEED(t0, t1, x1, x2, x3, x4, 10);
-    E_SEED(t0, t1, x3, x4, x1, x2, 8);
-    E_SEED(t0, t1, x1, x2, x3, x4, 6);
-    E_SEED(t0, t1, x3, x4, x1, x2, 4);
-    E_SEED(t0, t1, x1, x2, x3, x4, 2);
-    E_SEED(t0, t1, x3, x4, x1, x2, 0);
-# else
-    {
-        int i;
-        for (i = 30; i > 0; i -= 4) {
-            E_SEED(t0, t1, x1, x2, x3, x4, i);
-            E_SEED(t0, t1, x3, x4, x1, x2, i - 2);
-
-        }
-    }
-# endif
-
-    word2char(x3, d);
-    word2char(x4, d + 4);
-    word2char(x1, d + 8);
-    word2char(x2, d + 12);
-}
-
-#endif                          /* OPENSSL_NO_SEED */
diff --git a/thirdparty/openssl/crypto/seed/seed_cbc.c b/thirdparty/openssl/crypto/seed/seed_cbc.c
deleted file mode 100644
index ee1115b4c1..0000000000
--- a/thirdparty/openssl/crypto/seed/seed_cbc.c
+++ /dev/null
@@ -1,65 +0,0 @@
-/* crypto/seed/seed_cbc.c */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/seed.h>
-#include <openssl/modes.h>
-
-void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out,
-                      size_t len, const SEED_KEY_SCHEDULE *ks,
-                      unsigned char ivec[SEED_BLOCK_SIZE], int enc)
-{
-    if (enc)
-        CRYPTO_cbc128_encrypt(in, out, len, ks, ivec,
-                              (block128_f) SEED_encrypt);
-    else
-        CRYPTO_cbc128_decrypt(in, out, len, ks, ivec,
-                              (block128_f) SEED_decrypt);
-}
diff --git a/thirdparty/openssl/crypto/seed/seed_cfb.c b/thirdparty/openssl/crypto/seed/seed_cfb.c
deleted file mode 100644
index b6a5648b35..0000000000
--- a/thirdparty/openssl/crypto/seed/seed_cfb.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* crypto/seed/seed_cfb.c */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/seed.h>
-#include <openssl/modes.h>
-
-void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
-                         size_t len, const SEED_KEY_SCHEDULE *ks,
-                         unsigned char ivec[SEED_BLOCK_SIZE], int *num,
-                         int enc)
-{
-    CRYPTO_cfb128_encrypt(in, out, len, ks, ivec, num, enc,
-                          (block128_f) SEED_encrypt);
-}
diff --git a/thirdparty/openssl/crypto/seed/seed_ecb.c b/thirdparty/openssl/crypto/seed/seed_ecb.c
deleted file mode 100644
index 9363d55080..0000000000
--- a/thirdparty/openssl/crypto/seed/seed_ecb.c
+++ /dev/null
@@ -1,61 +0,0 @@
-/* crypto/seed/seed_ecb.c */
-/* ====================================================================
- * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/seed.h>
-
-void SEED_ecb_encrypt(const unsigned char *in, unsigned char *out,
-                      const SEED_KEY_SCHEDULE *ks, int enc)
-{
-    if (enc)
-        SEED_encrypt(in, out, ks);
-    else
-        SEED_decrypt(in, out, ks);
-}
diff --git a/thirdparty/openssl/crypto/seed/seed_locl.h b/thirdparty/openssl/crypto/seed/seed_locl.h
deleted file mode 100644
index 96ec43022d..0000000000
--- a/thirdparty/openssl/crypto/seed/seed_locl.h
+++ /dev/null
@@ -1,115 +0,0 @@
-/*
- * Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Neither the name of author nor the names of its contributors may
- *    be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- */
-#ifndef HEADER_SEED_LOCL_H
-# define HEADER_SEED_LOCL_H
-
-# include "openssl/e_os2.h"
-# include <openssl/seed.h>
-
-# ifdef SEED_LONG               /* need 32-bit type */
-typedef unsigned long seed_word;
-# else
-typedef unsigned int seed_word;
-# endif
-
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# define G_FUNC(v)       \
-        SS[0][(unsigned char)      (v) & 0xff] ^ SS[1][(unsigned char) ((v)>>8) & 0xff] ^ \
-        SS[2][(unsigned char)((v)>>16) & 0xff] ^ SS[3][(unsigned char)((v)>>24) & 0xff]
-
-# define char2word(c, i)  \
-        (i) = ((((seed_word)(c)[0]) << 24) | (((seed_word)(c)[1]) << 16) | (((seed_word)(c)[2]) << 8) | ((seed_word)(c)[3]))
-
-# define word2char(l, c)  \
-        *((c)+0) = (unsigned char)((l)>>24) & 0xff; \
-        *((c)+1) = (unsigned char)((l)>>16) & 0xff; \
-        *((c)+2) = (unsigned char)((l)>> 8) & 0xff; \
-        *((c)+3) = (unsigned char)((l))     & 0xff
-
-# define KEYSCHEDULE_UPDATE0(T0, T1, X1, X2, X3, X4, KC)  \
-        (T0) = (X3);                                     \
-        (X3) = (((X3)<<8) ^ ((X4)>>24)) & 0xffffffff;    \
-        (X4) = (((X4)<<8) ^ ((T0)>>24)) & 0xffffffff;    \
-        (T0) = ((X1) + (X3) - (KC))     & 0xffffffff;    \
-        (T1) = ((X2) + (KC) - (X4))     & 0xffffffff
-
-# define KEYSCHEDULE_UPDATE1(T0, T1, X1, X2, X3, X4, KC)  \
-        (T0) = (X1);                                     \
-        (X1) = (((X1)>>8) ^ ((X2)<<24)) & 0xffffffff;    \
-        (X2) = (((X2)>>8) ^ ((T0)<<24)) & 0xffffffff;    \
-        (T0) = ((X1) + (X3) - (KC))     & 0xffffffff;     \
-        (T1) = ((X2) + (KC) - (X4))     & 0xffffffff
-
-# define KEYUPDATE_TEMP(T0, T1, K)   \
-        (K)[0] = G_FUNC((T0));      \
-        (K)[1] = G_FUNC((T1))
-
-# define XOR_SEEDBLOCK(DST, SRC)      \
-        ((DST))[0] ^= ((SRC))[0];    \
-        ((DST))[1] ^= ((SRC))[1];    \
-        ((DST))[2] ^= ((SRC))[2];    \
-        ((DST))[3] ^= ((SRC))[3]
-
-# define MOV_SEEDBLOCK(DST, SRC)      \
-        ((DST))[0] = ((SRC))[0];     \
-        ((DST))[1] = ((SRC))[1];     \
-        ((DST))[2] = ((SRC))[2];     \
-        ((DST))[3] = ((SRC))[3]
-
-# define CHAR2WORD(C, I)              \
-        char2word((C),    (I)[0]);    \
-        char2word((C+4),  (I)[1]);    \
-        char2word((C+8),  (I)[2]);    \
-        char2word((C+12), (I)[3])
-
-# define WORD2CHAR(I, C)              \
-        word2char((I)[0], (C));       \
-        word2char((I)[1], (C+4));     \
-        word2char((I)[2], (C+8));     \
-        word2char((I)[3], (C+12))
-
-# define E_SEED(T0, T1, X1, X2, X3, X4, rbase)   \
-        (T0) = (X3) ^ (ks->data)[(rbase)];       \
-        (T1) = (X4) ^ (ks->data)[(rbase)+1];     \
-        (T1) ^= (T0);                            \
-        (T1) = G_FUNC((T1));                     \
-        (T0) = ((T0) + (T1)) & 0xffffffff;       \
-        (T0) = G_FUNC((T0));                     \
-        (T1) = ((T1) + (T0)) & 0xffffffff;       \
-        (T1) = G_FUNC((T1));                     \
-        (T0) = ((T0) + (T1)) & 0xffffffff;       \
-        (X1) ^= (T0);                            \
-        (X2) ^= (T1)
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif                          /* HEADER_SEED_LOCL_H */
diff --git a/thirdparty/openssl/crypto/seed/seed_ofb.c b/thirdparty/openssl/crypto/seed/seed_ofb.c
deleted file mode 100644
index 48b71224c5..0000000000
--- a/thirdparty/openssl/crypto/seed/seed_ofb.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* crypto/seed/seed_ofb.c */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/seed.h>
-#include <openssl/modes.h>
-
-void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
-                         size_t len, const SEED_KEY_SCHEDULE *ks,
-                         unsigned char ivec[SEED_BLOCK_SIZE], int *num)
-{
-    CRYPTO_ofb128_encrypt(in, out, len, ks, ivec, num,
-                          (block128_f) SEED_encrypt);
-}
diff --git a/thirdparty/openssl/crypto/sha/asm/README b/thirdparty/openssl/crypto/sha/asm/README
deleted file mode 100644
index b7e755765f..0000000000
--- a/thirdparty/openssl/crypto/sha/asm/README
+++ /dev/null
@@ -1 +0,0 @@
-C2.pl works
diff --git a/thirdparty/openssl/crypto/sha/sha.c b/thirdparty/openssl/crypto/sha/sha.c
deleted file mode 100644
index cfc12f3edc..0000000000
--- a/thirdparty/openssl/crypto/sha/sha.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* crypto/sha/sha.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/sha.h>
-
-#define BUFSIZE 1024*16
-
-void do_fp(FILE *f);
-void pt(unsigned char *md);
-int read(int, void *, unsigned int);
-int main(int argc, char **argv)
-{
-    int i, err = 0;
-    FILE *IN;
-
-    if (argc == 1) {
-        do_fp(stdin);
-    } else {
-        for (i = 1; i < argc; i++) {
-            IN = fopen(argv[i], "r");
-            if (IN == NULL) {
-                perror(argv[i]);
-                err++;
-                continue;
-            }
-            printf("SHA(%s)= ", argv[i]);
-            do_fp(IN);
-            fclose(IN);
-        }
-    }
-    exit(err);
-}
-
-void do_fp(FILE *f)
-{
-    SHA_CTX c;
-    unsigned char md[SHA_DIGEST_LENGTH];
-    int fd;
-    int i;
-    unsigned char buf[BUFSIZE];
-
-    fd = fileno(f);
-    SHA_Init(&c);
-    for (;;) {
-        i = read(fd, buf, BUFSIZE);
-        if (i <= 0)
-            break;
-        SHA_Update(&c, buf, (unsigned long)i);
-    }
-    SHA_Final(&(md[0]), &c);
-    pt(md);
-}
-
-void pt(unsigned char *md)
-{
-    int i;
-
-    for (i = 0; i < SHA_DIGEST_LENGTH; i++)
-        printf("%02x", md[i]);
-    printf("\n");
-}
diff --git a/thirdparty/openssl/crypto/sha/sha1.c b/thirdparty/openssl/crypto/sha/sha1.c
deleted file mode 100644
index 8dd19431b4..0000000000
--- a/thirdparty/openssl/crypto/sha/sha1.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* crypto/sha/sha1.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/sha.h>
-
-#define BUFSIZE 1024*16
-
-void do_fp(FILE *f);
-void pt(unsigned char *md);
-#ifndef _OSD_POSIX
-int read(int, void *, unsigned int);
-#endif
-
-int main(int argc, char **argv)
-{
-    int i, err = 0;
-    FILE *IN;
-
-    if (argc == 1) {
-        do_fp(stdin);
-    } else {
-        for (i = 1; i < argc; i++) {
-            IN = fopen(argv[i], "r");
-            if (IN == NULL) {
-                perror(argv[i]);
-                err++;
-                continue;
-            }
-            printf("SHA1(%s)= ", argv[i]);
-            do_fp(IN);
-            fclose(IN);
-        }
-    }
-    exit(err);
-}
-
-void do_fp(FILE *f)
-{
-    SHA_CTX c;
-    unsigned char md[SHA_DIGEST_LENGTH];
-    int fd;
-    int i;
-    unsigned char buf[BUFSIZE];
-
-    fd = fileno(f);
-    SHA1_Init(&c);
-    for (;;) {
-        i = read(fd, buf, BUFSIZE);
-        if (i <= 0)
-            break;
-        SHA1_Update(&c, buf, (unsigned long)i);
-    }
-    SHA1_Final(&(md[0]), &c);
-    pt(md);
-}
-
-void pt(unsigned char *md)
-{
-    int i;
-
-    for (i = 0; i < SHA_DIGEST_LENGTH; i++)
-        printf("%02x", md[i]);
-    printf("\n");
-}
diff --git a/thirdparty/openssl/crypto/sha/sha1_one.c b/thirdparty/openssl/crypto/sha/sha1_one.c
deleted file mode 100644
index a6dd760a1e..0000000000
--- a/thirdparty/openssl/crypto/sha/sha1_one.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* crypto/sha/sha1_one.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/sha.h>
-
-#ifndef OPENSSL_NO_SHA1
-unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md)
-{
-    SHA_CTX c;
-    static unsigned char m[SHA_DIGEST_LENGTH];
-
-    if (md == NULL)
-        md = m;
-    if (!SHA1_Init(&c))
-        return NULL;
-    SHA1_Update(&c, d, n);
-    SHA1_Final(md, &c);
-    OPENSSL_cleanse(&c, sizeof(c));
-    return (md);
-}
-#endif
diff --git a/thirdparty/openssl/crypto/sha/sha1dgst.c b/thirdparty/openssl/crypto/sha/sha1dgst.c
deleted file mode 100644
index a67f1fe364..0000000000
--- a/thirdparty/openssl/crypto/sha/sha1dgst.c
+++ /dev/null
@@ -1,74 +0,0 @@
-/* crypto/sha/sha1dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/crypto.h>
-#include <openssl/opensslconf.h>
-#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA)
-
-# undef  SHA_0
-# define SHA_1
-
-# include <openssl/opensslv.h>
-
-const char SHA1_version[] = "SHA1" OPENSSL_VERSION_PTEXT;
-
-/* The implementation is in ../md32_common.h */
-
-# include "sha_locl.h"
-
-#endif
diff --git a/thirdparty/openssl/crypto/sha/sha256.c b/thirdparty/openssl/crypto/sha/sha256.c
deleted file mode 100644
index 72a1159369..0000000000
--- a/thirdparty/openssl/crypto/sha/sha256.c
+++ /dev/null
@@ -1,387 +0,0 @@
-/* crypto/sha/sha256.c */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved
- * according to the OpenSSL license [found in ../../LICENSE].
- * ====================================================================
- */
-#include <openssl/opensslconf.h>
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256)
-
-# include <stdlib.h>
-# include <string.h>
-
-# include <openssl/crypto.h>
-# include <openssl/sha.h>
-# include <openssl/opensslv.h>
-
-const char SHA256_version[] = "SHA-256" OPENSSL_VERSION_PTEXT;
-
-fips_md_init_ctx(SHA224, SHA256)
-{
-    memset(c, 0, sizeof(*c));
-    c->h[0] = 0xc1059ed8UL;
-    c->h[1] = 0x367cd507UL;
-    c->h[2] = 0x3070dd17UL;
-    c->h[3] = 0xf70e5939UL;
-    c->h[4] = 0xffc00b31UL;
-    c->h[5] = 0x68581511UL;
-    c->h[6] = 0x64f98fa7UL;
-    c->h[7] = 0xbefa4fa4UL;
-    c->md_len = SHA224_DIGEST_LENGTH;
-    return 1;
-}
-
-fips_md_init(SHA256)
-{
-    memset(c, 0, sizeof(*c));
-    c->h[0] = 0x6a09e667UL;
-    c->h[1] = 0xbb67ae85UL;
-    c->h[2] = 0x3c6ef372UL;
-    c->h[3] = 0xa54ff53aUL;
-    c->h[4] = 0x510e527fUL;
-    c->h[5] = 0x9b05688cUL;
-    c->h[6] = 0x1f83d9abUL;
-    c->h[7] = 0x5be0cd19UL;
-    c->md_len = SHA256_DIGEST_LENGTH;
-    return 1;
-}
-
-unsigned char *SHA224(const unsigned char *d, size_t n, unsigned char *md)
-{
-    SHA256_CTX c;
-    static unsigned char m[SHA224_DIGEST_LENGTH];
-
-    if (md == NULL)
-        md = m;
-    SHA224_Init(&c);
-    SHA256_Update(&c, d, n);
-    SHA256_Final(md, &c);
-    OPENSSL_cleanse(&c, sizeof(c));
-    return (md);
-}
-
-unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md)
-{
-    SHA256_CTX c;
-    static unsigned char m[SHA256_DIGEST_LENGTH];
-
-    if (md == NULL)
-        md = m;
-    SHA256_Init(&c);
-    SHA256_Update(&c, d, n);
-    SHA256_Final(md, &c);
-    OPENSSL_cleanse(&c, sizeof(c));
-    return (md);
-}
-
-int SHA224_Update(SHA256_CTX *c, const void *data, size_t len)
-{
-    return SHA256_Update(c, data, len);
-}
-
-int SHA224_Final(unsigned char *md, SHA256_CTX *c)
-{
-    return SHA256_Final(md, c);
-}
-
-# define DATA_ORDER_IS_BIG_ENDIAN
-
-# define HASH_LONG               SHA_LONG
-# define HASH_CTX                SHA256_CTX
-# define HASH_CBLOCK             SHA_CBLOCK
-/*
- * Note that FIPS180-2 discusses "Truncation of the Hash Function Output."
- * default: case below covers for it. It's not clear however if it's
- * permitted to truncate to amount of bytes not divisible by 4. I bet not,
- * but if it is, then default: case shall be extended. For reference.
- * Idea behind separate cases for pre-defined lenghts is to let the
- * compiler decide if it's appropriate to unroll small loops.
- */
-# define HASH_MAKE_STRING(c,s)   do {    \
-        unsigned long ll;               \
-        unsigned int  nn;               \
-        switch ((c)->md_len)            \
-        {   case SHA224_DIGEST_LENGTH:  \
-                for (nn=0;nn<SHA224_DIGEST_LENGTH/4;nn++)       \
-                {   ll=(c)->h[nn]; (void)HOST_l2c(ll,(s));   }  \
-                break;                  \
-            case SHA256_DIGEST_LENGTH:  \
-                for (nn=0;nn<SHA256_DIGEST_LENGTH/4;nn++)       \
-                {   ll=(c)->h[nn]; (void)HOST_l2c(ll,(s));   }  \
-                break;                  \
-            default:                    \
-                if ((c)->md_len > SHA256_DIGEST_LENGTH) \
-                    return 0;                           \
-                for (nn=0;nn<(c)->md_len/4;nn++)                \
-                {   ll=(c)->h[nn]; (void)HOST_l2c(ll,(s));   }  \
-                break;                  \
-        }                               \
-        } while (0)
-
-# define HASH_UPDATE             SHA256_Update
-# define HASH_TRANSFORM          SHA256_Transform
-# define HASH_FINAL              SHA256_Final
-# define HASH_BLOCK_DATA_ORDER   sha256_block_data_order
-# ifndef SHA256_ASM
-static
-# endif
-void sha256_block_data_order(SHA256_CTX *ctx, const void *in, size_t num);
-
-# include "md32_common.h"
-
-# ifndef SHA256_ASM
-static const SHA_LONG K256[64] = {
-    0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL,
-    0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL,
-    0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL,
-    0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, 0xc19bf174UL,
-    0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL,
-    0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL,
-    0x983e5152UL, 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL,
-    0xc6e00bf3UL, 0xd5a79147UL, 0x06ca6351UL, 0x14292967UL,
-    0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, 0x53380d13UL,
-    0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL,
-    0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL,
-    0xd192e819UL, 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL,
-    0x19a4c116UL, 0x1e376c08UL, 0x2748774cUL, 0x34b0bcb5UL,
-    0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, 0x682e6ff3UL,
-    0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL,
-    0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL
-};
-
-/*
- * FIPS specification refers to right rotations, while our ROTATE macro
- * is left one. This is why you might notice that rotation coefficients
- * differ from those observed in FIPS document by 32-N...
- */
-#  define Sigma0(x)       (ROTATE((x),30) ^ ROTATE((x),19) ^ ROTATE((x),10))
-#  define Sigma1(x)       (ROTATE((x),26) ^ ROTATE((x),21) ^ ROTATE((x),7))
-#  define sigma0(x)       (ROTATE((x),25) ^ ROTATE((x),14) ^ ((x)>>3))
-#  define sigma1(x)       (ROTATE((x),15) ^ ROTATE((x),13) ^ ((x)>>10))
-
-#  define Ch(x,y,z)       (((x) & (y)) ^ ((~(x)) & (z)))
-#  define Maj(x,y,z)      (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
-
-#  ifdef OPENSSL_SMALL_FOOTPRINT
-
-static void sha256_block_data_order(SHA256_CTX *ctx, const void *in,
-                                    size_t num)
-{
-    unsigned MD32_REG_T a, b, c, d, e, f, g, h, s0, s1, T1, T2;
-    SHA_LONG X[16], l;
-    int i;
-    const unsigned char *data = in;
-
-    while (num--) {
-
-        a = ctx->h[0];
-        b = ctx->h[1];
-        c = ctx->h[2];
-        d = ctx->h[3];
-        e = ctx->h[4];
-        f = ctx->h[5];
-        g = ctx->h[6];
-        h = ctx->h[7];
-
-        for (i = 0; i < 16; i++) {
-            HOST_c2l(data, l);
-            T1 = X[i] = l;
-            T1 += h + Sigma1(e) + Ch(e, f, g) + K256[i];
-            T2 = Sigma0(a) + Maj(a, b, c);
-            h = g;
-            g = f;
-            f = e;
-            e = d + T1;
-            d = c;
-            c = b;
-            b = a;
-            a = T1 + T2;
-        }
-
-        for (; i < 64; i++) {
-            s0 = X[(i + 1) & 0x0f];
-            s0 = sigma0(s0);
-            s1 = X[(i + 14) & 0x0f];
-            s1 = sigma1(s1);
-
-            T1 = X[i & 0xf] += s0 + s1 + X[(i + 9) & 0xf];
-            T1 += h + Sigma1(e) + Ch(e, f, g) + K256[i];
-            T2 = Sigma0(a) + Maj(a, b, c);
-            h = g;
-            g = f;
-            f = e;
-            e = d + T1;
-            d = c;
-            c = b;
-            b = a;
-            a = T1 + T2;
-        }
-
-        ctx->h[0] += a;
-        ctx->h[1] += b;
-        ctx->h[2] += c;
-        ctx->h[3] += d;
-        ctx->h[4] += e;
-        ctx->h[5] += f;
-        ctx->h[6] += g;
-        ctx->h[7] += h;
-
-    }
-}
-
-#  else
-
-#   define ROUND_00_15(i,a,b,c,d,e,f,g,h)          do {    \
-        T1 += h + Sigma1(e) + Ch(e,f,g) + K256[i];      \
-        h = Sigma0(a) + Maj(a,b,c);                     \
-        d += T1;        h += T1;                } while (0)
-
-#   define ROUND_16_63(i,a,b,c,d,e,f,g,h,X)        do {    \
-        s0 = X[(i+1)&0x0f];     s0 = sigma0(s0);        \
-        s1 = X[(i+14)&0x0f];    s1 = sigma1(s1);        \
-        T1 = X[(i)&0x0f] += s0 + s1 + X[(i+9)&0x0f];    \
-        ROUND_00_15(i,a,b,c,d,e,f,g,h);         } while (0)
-
-static void sha256_block_data_order(SHA256_CTX *ctx, const void *in,
-                                    size_t num)
-{
-    unsigned MD32_REG_T a, b, c, d, e, f, g, h, s0, s1, T1;
-    SHA_LONG X[16];
-    int i;
-    const unsigned char *data = in;
-    const union {
-        long one;
-        char little;
-    } is_endian = {
-        1
-    };
-
-    while (num--) {
-
-        a = ctx->h[0];
-        b = ctx->h[1];
-        c = ctx->h[2];
-        d = ctx->h[3];
-        e = ctx->h[4];
-        f = ctx->h[5];
-        g = ctx->h[6];
-        h = ctx->h[7];
-
-        if (!is_endian.little && sizeof(SHA_LONG) == 4
-            && ((size_t)in % 4) == 0) {
-            const SHA_LONG *W = (const SHA_LONG *)data;
-
-            T1 = X[0] = W[0];
-            ROUND_00_15(0, a, b, c, d, e, f, g, h);
-            T1 = X[1] = W[1];
-            ROUND_00_15(1, h, a, b, c, d, e, f, g);
-            T1 = X[2] = W[2];
-            ROUND_00_15(2, g, h, a, b, c, d, e, f);
-            T1 = X[3] = W[3];
-            ROUND_00_15(3, f, g, h, a, b, c, d, e);
-            T1 = X[4] = W[4];
-            ROUND_00_15(4, e, f, g, h, a, b, c, d);
-            T1 = X[5] = W[5];
-            ROUND_00_15(5, d, e, f, g, h, a, b, c);
-            T1 = X[6] = W[6];
-            ROUND_00_15(6, c, d, e, f, g, h, a, b);
-            T1 = X[7] = W[7];
-            ROUND_00_15(7, b, c, d, e, f, g, h, a);
-            T1 = X[8] = W[8];
-            ROUND_00_15(8, a, b, c, d, e, f, g, h);
-            T1 = X[9] = W[9];
-            ROUND_00_15(9, h, a, b, c, d, e, f, g);
-            T1 = X[10] = W[10];
-            ROUND_00_15(10, g, h, a, b, c, d, e, f);
-            T1 = X[11] = W[11];
-            ROUND_00_15(11, f, g, h, a, b, c, d, e);
-            T1 = X[12] = W[12];
-            ROUND_00_15(12, e, f, g, h, a, b, c, d);
-            T1 = X[13] = W[13];
-            ROUND_00_15(13, d, e, f, g, h, a, b, c);
-            T1 = X[14] = W[14];
-            ROUND_00_15(14, c, d, e, f, g, h, a, b);
-            T1 = X[15] = W[15];
-            ROUND_00_15(15, b, c, d, e, f, g, h, a);
-
-            data += SHA256_CBLOCK;
-        } else {
-            SHA_LONG l;
-
-            HOST_c2l(data, l);
-            T1 = X[0] = l;
-            ROUND_00_15(0, a, b, c, d, e, f, g, h);
-            HOST_c2l(data, l);
-            T1 = X[1] = l;
-            ROUND_00_15(1, h, a, b, c, d, e, f, g);
-            HOST_c2l(data, l);
-            T1 = X[2] = l;
-            ROUND_00_15(2, g, h, a, b, c, d, e, f);
-            HOST_c2l(data, l);
-            T1 = X[3] = l;
-            ROUND_00_15(3, f, g, h, a, b, c, d, e);
-            HOST_c2l(data, l);
-            T1 = X[4] = l;
-            ROUND_00_15(4, e, f, g, h, a, b, c, d);
-            HOST_c2l(data, l);
-            T1 = X[5] = l;
-            ROUND_00_15(5, d, e, f, g, h, a, b, c);
-            HOST_c2l(data, l);
-            T1 = X[6] = l;
-            ROUND_00_15(6, c, d, e, f, g, h, a, b);
-            HOST_c2l(data, l);
-            T1 = X[7] = l;
-            ROUND_00_15(7, b, c, d, e, f, g, h, a);
-            HOST_c2l(data, l);
-            T1 = X[8] = l;
-            ROUND_00_15(8, a, b, c, d, e, f, g, h);
-            HOST_c2l(data, l);
-            T1 = X[9] = l;
-            ROUND_00_15(9, h, a, b, c, d, e, f, g);
-            HOST_c2l(data, l);
-            T1 = X[10] = l;
-            ROUND_00_15(10, g, h, a, b, c, d, e, f);
-            HOST_c2l(data, l);
-            T1 = X[11] = l;
-            ROUND_00_15(11, f, g, h, a, b, c, d, e);
-            HOST_c2l(data, l);
-            T1 = X[12] = l;
-            ROUND_00_15(12, e, f, g, h, a, b, c, d);
-            HOST_c2l(data, l);
-            T1 = X[13] = l;
-            ROUND_00_15(13, d, e, f, g, h, a, b, c);
-            HOST_c2l(data, l);
-            T1 = X[14] = l;
-            ROUND_00_15(14, c, d, e, f, g, h, a, b);
-            HOST_c2l(data, l);
-            T1 = X[15] = l;
-            ROUND_00_15(15, b, c, d, e, f, g, h, a);
-        }
-
-        for (i = 16; i < 64; i += 8) {
-            ROUND_16_63(i + 0, a, b, c, d, e, f, g, h, X);
-            ROUND_16_63(i + 1, h, a, b, c, d, e, f, g, X);
-            ROUND_16_63(i + 2, g, h, a, b, c, d, e, f, X);
-            ROUND_16_63(i + 3, f, g, h, a, b, c, d, e, X);
-            ROUND_16_63(i + 4, e, f, g, h, a, b, c, d, X);
-            ROUND_16_63(i + 5, d, e, f, g, h, a, b, c, X);
-            ROUND_16_63(i + 6, c, d, e, f, g, h, a, b, X);
-            ROUND_16_63(i + 7, b, c, d, e, f, g, h, a, X);
-        }
-
-        ctx->h[0] += a;
-        ctx->h[1] += b;
-        ctx->h[2] += c;
-        ctx->h[3] += d;
-        ctx->h[4] += e;
-        ctx->h[5] += f;
-        ctx->h[6] += g;
-        ctx->h[7] += h;
-
-    }
-}
-
-#  endif
-# endif                         /* SHA256_ASM */
-
-#endif                          /* OPENSSL_NO_SHA256 */
diff --git a/thirdparty/openssl/crypto/sha/sha256t.c b/thirdparty/openssl/crypto/sha/sha256t.c
deleted file mode 100644
index 35dbbc2a96..0000000000
--- a/thirdparty/openssl/crypto/sha/sha256t.c
+++ /dev/null
@@ -1,158 +0,0 @@
-/* crypto/sha/sha256t.c */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- * ====================================================================
- */
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include <openssl/sha.h>
-#include <openssl/evp.h>
-
-#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA256)
-int main(int argc, char *argv[])
-{
-    printf("No SHA256 support\n");
-    return (0);
-}
-#else
-
-unsigned char app_b1[SHA256_DIGEST_LENGTH] = {
-    0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
-    0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
-    0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
-    0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
-};
-
-unsigned char app_b2[SHA256_DIGEST_LENGTH] = {
-    0x24, 0x8d, 0x6a, 0x61, 0xd2, 0x06, 0x38, 0xb8,
-    0xe5, 0xc0, 0x26, 0x93, 0x0c, 0x3e, 0x60, 0x39,
-    0xa3, 0x3c, 0xe4, 0x59, 0x64, 0xff, 0x21, 0x67,
-    0xf6, 0xec, 0xed, 0xd4, 0x19, 0xdb, 0x06, 0xc1
-};
-
-unsigned char app_b3[SHA256_DIGEST_LENGTH] = {
-    0xcd, 0xc7, 0x6e, 0x5c, 0x99, 0x14, 0xfb, 0x92,
-    0x81, 0xa1, 0xc7, 0xe2, 0x84, 0xd7, 0x3e, 0x67,
-    0xf1, 0x80, 0x9a, 0x48, 0xa4, 0x97, 0x20, 0x0e,
-    0x04, 0x6d, 0x39, 0xcc, 0xc7, 0x11, 0x2c, 0xd0
-};
-
-unsigned char addenum_1[SHA224_DIGEST_LENGTH] = {
-    0x23, 0x09, 0x7d, 0x22, 0x34, 0x05, 0xd8, 0x22,
-    0x86, 0x42, 0xa4, 0x77, 0xbd, 0xa2, 0x55, 0xb3,
-    0x2a, 0xad, 0xbc, 0xe4, 0xbd, 0xa0, 0xb3, 0xf7,
-    0xe3, 0x6c, 0x9d, 0xa7
-};
-
-unsigned char addenum_2[SHA224_DIGEST_LENGTH] = {
-    0x75, 0x38, 0x8b, 0x16, 0x51, 0x27, 0x76, 0xcc,
-    0x5d, 0xba, 0x5d, 0xa1, 0xfd, 0x89, 0x01, 0x50,
-    0xb0, 0xc6, 0x45, 0x5c, 0xb4, 0xf5, 0x8b, 0x19,
-    0x52, 0x52, 0x25, 0x25
-};
-
-unsigned char addenum_3[SHA224_DIGEST_LENGTH] = {
-    0x20, 0x79, 0x46, 0x55, 0x98, 0x0c, 0x91, 0xd8,
-    0xbb, 0xb4, 0xc1, 0xea, 0x97, 0x61, 0x8a, 0x4b,
-    0xf0, 0x3f, 0x42, 0x58, 0x19, 0x48, 0xb2, 0xee,
-    0x4e, 0xe7, 0xad, 0x67
-};
-
-int main(int argc, char **argv)
-{
-    unsigned char md[SHA256_DIGEST_LENGTH];
-    int i;
-    EVP_MD_CTX evp;
-
-    fprintf(stdout, "Testing SHA-256 ");
-
-    EVP_Digest("abc", 3, md, NULL, EVP_sha256(), NULL);
-    if (memcmp(md, app_b1, sizeof(app_b1))) {
-        fflush(stdout);
-        fprintf(stderr, "\nTEST 1 of 3 failed.\n");
-        return 1;
-    } else
-        fprintf(stdout, ".");
-    fflush(stdout);
-
-    EVP_Digest("abcdbcde" "cdefdefg" "efghfghi" "ghijhijk"
-               "ijkljklm" "klmnlmno" "mnopnopq", 56, md, NULL, EVP_sha256(),
-               NULL);
-    if (memcmp(md, app_b2, sizeof(app_b2))) {
-        fflush(stdout);
-        fprintf(stderr, "\nTEST 2 of 3 failed.\n");
-        return 1;
-    } else
-        fprintf(stdout, ".");
-    fflush(stdout);
-
-    EVP_MD_CTX_init(&evp);
-    EVP_DigestInit_ex(&evp, EVP_sha256(), NULL);
-    for (i = 0; i < 1000000; i += 160)
-        EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
-                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
-                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
-                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
-                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
-                         (1000000 - i) < 160 ? 1000000 - i : 160);
-    EVP_DigestFinal_ex(&evp, md, NULL);
-    EVP_MD_CTX_cleanup(&evp);
-
-    if (memcmp(md, app_b3, sizeof(app_b3))) {
-        fflush(stdout);
-        fprintf(stderr, "\nTEST 3 of 3 failed.\n");
-        return 1;
-    } else
-        fprintf(stdout, ".");
-    fflush(stdout);
-
-    fprintf(stdout, " passed.\n");
-    fflush(stdout);
-
-    fprintf(stdout, "Testing SHA-224 ");
-
-    EVP_Digest("abc", 3, md, NULL, EVP_sha224(), NULL);
-    if (memcmp(md, addenum_1, sizeof(addenum_1))) {
-        fflush(stdout);
-        fprintf(stderr, "\nTEST 1 of 3 failed.\n");
-        return 1;
-    } else
-        fprintf(stdout, ".");
-    fflush(stdout);
-
-    EVP_Digest("abcdbcde" "cdefdefg" "efghfghi" "ghijhijk"
-               "ijkljklm" "klmnlmno" "mnopnopq", 56, md, NULL, EVP_sha224(),
-               NULL);
-    if (memcmp(md, addenum_2, sizeof(addenum_2))) {
-        fflush(stdout);
-        fprintf(stderr, "\nTEST 2 of 3 failed.\n");
-        return 1;
-    } else
-        fprintf(stdout, ".");
-    fflush(stdout);
-
-    EVP_MD_CTX_init(&evp);
-    EVP_DigestInit_ex(&evp, EVP_sha224(), NULL);
-    for (i = 0; i < 1000000; i += 64)
-        EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
-                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
-                         (1000000 - i) < 64 ? 1000000 - i : 64);
-    EVP_DigestFinal_ex(&evp, md, NULL);
-    EVP_MD_CTX_cleanup(&evp);
-
-    if (memcmp(md, addenum_3, sizeof(addenum_3))) {
-        fflush(stdout);
-        fprintf(stderr, "\nTEST 3 of 3 failed.\n");
-        return 1;
-    } else
-        fprintf(stdout, ".");
-    fflush(stdout);
-
-    fprintf(stdout, " passed.\n");
-    fflush(stdout);
-
-    return 0;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/sha/sha512.c b/thirdparty/openssl/crypto/sha/sha512.c
deleted file mode 100644
index 3bf66ae198..0000000000
--- a/thirdparty/openssl/crypto/sha/sha512.c
+++ /dev/null
@@ -1,684 +0,0 @@
-/* crypto/sha/sha512.c */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved
- * according to the OpenSSL license [found in ../../LICENSE].
- * ====================================================================
- */
-#include <openssl/opensslconf.h>
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA512)
-/*-
- * IMPLEMENTATION NOTES.
- *
- * As you might have noticed 32-bit hash algorithms:
- *
- * - permit SHA_LONG to be wider than 32-bit (case on CRAY);
- * - optimized versions implement two transform functions: one operating
- *   on [aligned] data in host byte order and one - on data in input
- *   stream byte order;
- * - share common byte-order neutral collector and padding function
- *   implementations, ../md32_common.h;
- *
- * Neither of the above applies to this SHA-512 implementations. Reasons
- * [in reverse order] are:
- *
- * - it's the only 64-bit hash algorithm for the moment of this writing,
- *   there is no need for common collector/padding implementation [yet];
- * - by supporting only one transform function [which operates on
- *   *aligned* data in input stream byte order, big-endian in this case]
- *   we minimize burden of maintenance in two ways: a) collector/padding
- *   function is simpler; b) only one transform function to stare at;
- * - SHA_LONG64 is required to be exactly 64-bit in order to be able to
- *   apply a number of optimizations to mitigate potential performance
- *   penalties caused by previous design decision;
- *
- * Caveat lector.
- *
- * Implementation relies on the fact that "long long" is 64-bit on
- * both 32- and 64-bit platforms. If some compiler vendor comes up
- * with 128-bit long long, adjustment to sha.h would be required.
- * As this implementation relies on 64-bit integer type, it's totally
- * inappropriate for platforms which don't support it, most notably
- * 16-bit platforms.
- *                                      <appro@fy.chalmers.se>
- */
-# include <stdlib.h>
-# include <string.h>
-
-# include <openssl/crypto.h>
-# include <openssl/sha.h>
-# include <openssl/opensslv.h>
-
-# include "cryptlib.h"
-
-const char SHA512_version[] = "SHA-512" OPENSSL_VERSION_PTEXT;
-
-# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \
-    defined(__x86_64) || defined(_M_AMD64) || defined(_M_X64) || \
-    defined(__s390__) || defined(__s390x__) || \
-    defined(__aarch64__) || \
-    defined(SHA512_ASM)
-#  define SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
-# endif
-
-fips_md_init_ctx(SHA384, SHA512)
-{
-    c->h[0] = U64(0xcbbb9d5dc1059ed8);
-    c->h[1] = U64(0x629a292a367cd507);
-    c->h[2] = U64(0x9159015a3070dd17);
-    c->h[3] = U64(0x152fecd8f70e5939);
-    c->h[4] = U64(0x67332667ffc00b31);
-    c->h[5] = U64(0x8eb44a8768581511);
-    c->h[6] = U64(0xdb0c2e0d64f98fa7);
-    c->h[7] = U64(0x47b5481dbefa4fa4);
-
-    c->Nl = 0;
-    c->Nh = 0;
-    c->num = 0;
-    c->md_len = SHA384_DIGEST_LENGTH;
-    return 1;
-}
-
-fips_md_init(SHA512)
-{
-    c->h[0] = U64(0x6a09e667f3bcc908);
-    c->h[1] = U64(0xbb67ae8584caa73b);
-    c->h[2] = U64(0x3c6ef372fe94f82b);
-    c->h[3] = U64(0xa54ff53a5f1d36f1);
-    c->h[4] = U64(0x510e527fade682d1);
-    c->h[5] = U64(0x9b05688c2b3e6c1f);
-    c->h[6] = U64(0x1f83d9abfb41bd6b);
-    c->h[7] = U64(0x5be0cd19137e2179);
-
-    c->Nl = 0;
-    c->Nh = 0;
-    c->num = 0;
-    c->md_len = SHA512_DIGEST_LENGTH;
-    return 1;
-}
-
-# ifndef SHA512_ASM
-static
-# endif
-void sha512_block_data_order(SHA512_CTX *ctx, const void *in, size_t num);
-
-int SHA512_Final(unsigned char *md, SHA512_CTX *c)
-{
-    unsigned char *p = (unsigned char *)c->u.p;
-    size_t n = c->num;
-
-    p[n] = 0x80;                /* There always is a room for one */
-    n++;
-    if (n > (sizeof(c->u) - 16))
-        memset(p + n, 0, sizeof(c->u) - n), n = 0,
-            sha512_block_data_order(c, p, 1);
-
-    memset(p + n, 0, sizeof(c->u) - 16 - n);
-# ifdef  B_ENDIAN
-    c->u.d[SHA_LBLOCK - 2] = c->Nh;
-    c->u.d[SHA_LBLOCK - 1] = c->Nl;
-# else
-    p[sizeof(c->u) - 1] = (unsigned char)(c->Nl);
-    p[sizeof(c->u) - 2] = (unsigned char)(c->Nl >> 8);
-    p[sizeof(c->u) - 3] = (unsigned char)(c->Nl >> 16);
-    p[sizeof(c->u) - 4] = (unsigned char)(c->Nl >> 24);
-    p[sizeof(c->u) - 5] = (unsigned char)(c->Nl >> 32);
-    p[sizeof(c->u) - 6] = (unsigned char)(c->Nl >> 40);
-    p[sizeof(c->u) - 7] = (unsigned char)(c->Nl >> 48);
-    p[sizeof(c->u) - 8] = (unsigned char)(c->Nl >> 56);
-    p[sizeof(c->u) - 9] = (unsigned char)(c->Nh);
-    p[sizeof(c->u) - 10] = (unsigned char)(c->Nh >> 8);
-    p[sizeof(c->u) - 11] = (unsigned char)(c->Nh >> 16);
-    p[sizeof(c->u) - 12] = (unsigned char)(c->Nh >> 24);
-    p[sizeof(c->u) - 13] = (unsigned char)(c->Nh >> 32);
-    p[sizeof(c->u) - 14] = (unsigned char)(c->Nh >> 40);
-    p[sizeof(c->u) - 15] = (unsigned char)(c->Nh >> 48);
-    p[sizeof(c->u) - 16] = (unsigned char)(c->Nh >> 56);
-# endif
-
-    sha512_block_data_order(c, p, 1);
-
-    if (md == 0)
-        return 0;
-
-    switch (c->md_len) {
-        /* Let compiler decide if it's appropriate to unroll... */
-    case SHA384_DIGEST_LENGTH:
-        for (n = 0; n < SHA384_DIGEST_LENGTH / 8; n++) {
-            SHA_LONG64 t = c->h[n];
-
-            *(md++) = (unsigned char)(t >> 56);
-            *(md++) = (unsigned char)(t >> 48);
-            *(md++) = (unsigned char)(t >> 40);
-            *(md++) = (unsigned char)(t >> 32);
-            *(md++) = (unsigned char)(t >> 24);
-            *(md++) = (unsigned char)(t >> 16);
-            *(md++) = (unsigned char)(t >> 8);
-            *(md++) = (unsigned char)(t);
-        }
-        break;
-    case SHA512_DIGEST_LENGTH:
-        for (n = 0; n < SHA512_DIGEST_LENGTH / 8; n++) {
-            SHA_LONG64 t = c->h[n];
-
-            *(md++) = (unsigned char)(t >> 56);
-            *(md++) = (unsigned char)(t >> 48);
-            *(md++) = (unsigned char)(t >> 40);
-            *(md++) = (unsigned char)(t >> 32);
-            *(md++) = (unsigned char)(t >> 24);
-            *(md++) = (unsigned char)(t >> 16);
-            *(md++) = (unsigned char)(t >> 8);
-            *(md++) = (unsigned char)(t);
-        }
-        break;
-        /* ... as well as make sure md_len is not abused. */
-    default:
-        return 0;
-    }
-
-    return 1;
-}
-
-int SHA384_Final(unsigned char *md, SHA512_CTX *c)
-{
-    return SHA512_Final(md, c);
-}
-
-int SHA512_Update(SHA512_CTX *c, const void *_data, size_t len)
-{
-    SHA_LONG64 l;
-    unsigned char *p = c->u.p;
-    const unsigned char *data = (const unsigned char *)_data;
-
-    if (len == 0)
-        return 1;
-
-    l = (c->Nl + (((SHA_LONG64) len) << 3)) & U64(0xffffffffffffffff);
-    if (l < c->Nl)
-        c->Nh++;
-    if (sizeof(len) >= 8)
-        c->Nh += (((SHA_LONG64) len) >> 61);
-    c->Nl = l;
-
-    if (c->num != 0) {
-        size_t n = sizeof(c->u) - c->num;
-
-        if (len < n) {
-            memcpy(p + c->num, data, len), c->num += (unsigned int)len;
-            return 1;
-        } else {
-            memcpy(p + c->num, data, n), c->num = 0;
-            len -= n, data += n;
-            sha512_block_data_order(c, p, 1);
-        }
-    }
-
-    if (len >= sizeof(c->u)) {
-# ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
-        if ((size_t)data % sizeof(c->u.d[0]) != 0)
-            while (len >= sizeof(c->u))
-                memcpy(p, data, sizeof(c->u)),
-                    sha512_block_data_order(c, p, 1),
-                    len -= sizeof(c->u), data += sizeof(c->u);
-        else
-# endif
-            sha512_block_data_order(c, data, len / sizeof(c->u)),
-                data += len, len %= sizeof(c->u), data -= len;
-    }
-
-    if (len != 0)
-        memcpy(p, data, len), c->num = (int)len;
-
-    return 1;
-}
-
-int SHA384_Update(SHA512_CTX *c, const void *data, size_t len)
-{
-    return SHA512_Update(c, data, len);
-}
-
-void SHA512_Transform(SHA512_CTX *c, const unsigned char *data)
-{
-# ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
-    if ((size_t)data % sizeof(c->u.d[0]) != 0)
-        memcpy(c->u.p, data, sizeof(c->u.p)), data = c->u.p;
-# endif
-    sha512_block_data_order(c, data, 1);
-}
-
-unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md)
-{
-    SHA512_CTX c;
-    static unsigned char m[SHA384_DIGEST_LENGTH];
-
-    if (md == NULL)
-        md = m;
-    SHA384_Init(&c);
-    SHA512_Update(&c, d, n);
-    SHA512_Final(md, &c);
-    OPENSSL_cleanse(&c, sizeof(c));
-    return (md);
-}
-
-unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md)
-{
-    SHA512_CTX c;
-    static unsigned char m[SHA512_DIGEST_LENGTH];
-
-    if (md == NULL)
-        md = m;
-    SHA512_Init(&c);
-    SHA512_Update(&c, d, n);
-    SHA512_Final(md, &c);
-    OPENSSL_cleanse(&c, sizeof(c));
-    return (md);
-}
-
-# ifndef SHA512_ASM
-static const SHA_LONG64 K512[80] = {
-    U64(0x428a2f98d728ae22), U64(0x7137449123ef65cd),
-    U64(0xb5c0fbcfec4d3b2f), U64(0xe9b5dba58189dbbc),
-    U64(0x3956c25bf348b538), U64(0x59f111f1b605d019),
-    U64(0x923f82a4af194f9b), U64(0xab1c5ed5da6d8118),
-    U64(0xd807aa98a3030242), U64(0x12835b0145706fbe),
-    U64(0x243185be4ee4b28c), U64(0x550c7dc3d5ffb4e2),
-    U64(0x72be5d74f27b896f), U64(0x80deb1fe3b1696b1),
-    U64(0x9bdc06a725c71235), U64(0xc19bf174cf692694),
-    U64(0xe49b69c19ef14ad2), U64(0xefbe4786384f25e3),
-    U64(0x0fc19dc68b8cd5b5), U64(0x240ca1cc77ac9c65),
-    U64(0x2de92c6f592b0275), U64(0x4a7484aa6ea6e483),
-    U64(0x5cb0a9dcbd41fbd4), U64(0x76f988da831153b5),
-    U64(0x983e5152ee66dfab), U64(0xa831c66d2db43210),
-    U64(0xb00327c898fb213f), U64(0xbf597fc7beef0ee4),
-    U64(0xc6e00bf33da88fc2), U64(0xd5a79147930aa725),
-    U64(0x06ca6351e003826f), U64(0x142929670a0e6e70),
-    U64(0x27b70a8546d22ffc), U64(0x2e1b21385c26c926),
-    U64(0x4d2c6dfc5ac42aed), U64(0x53380d139d95b3df),
-    U64(0x650a73548baf63de), U64(0x766a0abb3c77b2a8),
-    U64(0x81c2c92e47edaee6), U64(0x92722c851482353b),
-    U64(0xa2bfe8a14cf10364), U64(0xa81a664bbc423001),
-    U64(0xc24b8b70d0f89791), U64(0xc76c51a30654be30),
-    U64(0xd192e819d6ef5218), U64(0xd69906245565a910),
-    U64(0xf40e35855771202a), U64(0x106aa07032bbd1b8),
-    U64(0x19a4c116b8d2d0c8), U64(0x1e376c085141ab53),
-    U64(0x2748774cdf8eeb99), U64(0x34b0bcb5e19b48a8),
-    U64(0x391c0cb3c5c95a63), U64(0x4ed8aa4ae3418acb),
-    U64(0x5b9cca4f7763e373), U64(0x682e6ff3d6b2b8a3),
-    U64(0x748f82ee5defb2fc), U64(0x78a5636f43172f60),
-    U64(0x84c87814a1f0ab72), U64(0x8cc702081a6439ec),
-    U64(0x90befffa23631e28), U64(0xa4506cebde82bde9),
-    U64(0xbef9a3f7b2c67915), U64(0xc67178f2e372532b),
-    U64(0xca273eceea26619c), U64(0xd186b8c721c0c207),
-    U64(0xeada7dd6cde0eb1e), U64(0xf57d4f7fee6ed178),
-    U64(0x06f067aa72176fba), U64(0x0a637dc5a2c898a6),
-    U64(0x113f9804bef90dae), U64(0x1b710b35131c471b),
-    U64(0x28db77f523047d84), U64(0x32caab7b40c72493),
-    U64(0x3c9ebe0a15c9bebc), U64(0x431d67c49c100d4c),
-    U64(0x4cc5d4becb3e42b6), U64(0x597f299cfc657e2a),
-    U64(0x5fcb6fab3ad6faec), U64(0x6c44198c4a475817)
-};
-
-#  ifndef PEDANTIC
-#   if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-#    if defined(__x86_64) || defined(__x86_64__)
-#     define ROTR(a,n)    ({ SHA_LONG64 ret;              \
-                                asm ("rorq %1,%0"       \
-                                : "=r"(ret)             \
-                                : "J"(n),"0"(a)         \
-                                : "cc"); ret;           })
-#     if !defined(B_ENDIAN)
-#      define PULL64(x) ({ SHA_LONG64 ret=*((const SHA_LONG64 *)(&(x)));  \
-                                asm ("bswapq    %0"             \
-                                : "=r"(ret)                     \
-                                : "0"(ret)); ret;               })
-#     endif
-#    elif (defined(__i386) || defined(__i386__)) && !defined(B_ENDIAN)
-#     if defined(I386_ONLY)
-#      define PULL64(x) ({ const unsigned int *p=(const unsigned int *)(&(x));\
-                         unsigned int hi=p[0],lo=p[1];          \
-                                asm("xchgb %%ah,%%al;xchgb %%dh,%%dl;"\
-                                    "roll $16,%%eax; roll $16,%%edx; "\
-                                    "xchgb %%ah,%%al;xchgb %%dh,%%dl;" \
-                                : "=a"(lo),"=d"(hi)             \
-                                : "0"(lo),"1"(hi) : "cc");      \
-                                ((SHA_LONG64)hi)<<32|lo;        })
-#     else
-#      define PULL64(x) ({ const unsigned int *p=(const unsigned int *)(&(x));\
-                         unsigned int hi=p[0],lo=p[1];          \
-                                asm ("bswapl %0; bswapl %1;"    \
-                                : "=r"(lo),"=r"(hi)             \
-                                : "0"(lo),"1"(hi));             \
-                                ((SHA_LONG64)hi)<<32|lo;        })
-#     endif
-#    elif (defined(_ARCH_PPC) && defined(__64BIT__)) || defined(_ARCH_PPC64)
-#     define ROTR(a,n)    ({ SHA_LONG64 ret;              \
-                                asm ("rotrdi %0,%1,%2"  \
-                                : "=r"(ret)             \
-                                : "r"(a),"K"(n)); ret;  })
-#    elif defined(__aarch64__)
-#     define ROTR(a,n)    ({ SHA_LONG64 ret;              \
-                                asm ("ror %0,%1,%2"     \
-                                : "=r"(ret)             \
-                                : "r"(a),"I"(n)); ret;  })
-#     if  defined(__BYTE_ORDER__) && defined(__ORDER_LITTLE_ENDIAN__) && \
-        __BYTE_ORDER__==__ORDER_LITTLE_ENDIAN__
-#      define PULL64(x)   ({ SHA_LONG64 ret;                      \
-                                asm ("rev       %0,%1"          \
-                                : "=r"(ret)                     \
-                                : "r"(*((const SHA_LONG64 *)(&(x))))); ret;             })
-#     endif
-#    endif
-#   elif defined(_MSC_VER)
-#    if defined(_WIN64)         /* applies to both IA-64 and AMD64 */
-#     pragma intrinsic(_rotr64)
-#     define ROTR(a,n)    _rotr64((a),n)
-#    endif
-#    if defined(_M_IX86) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-#     if defined(I386_ONLY)
-static SHA_LONG64 __fastcall __pull64be(const void *x)
-{
-    _asm mov edx,[ecx + 0]
-    _asm mov eax,[ecx + 4]
-_asm xchg dh, dl
-        _asm xchg ah, al
-        _asm rol edx, 16 _asm rol eax, 16 _asm xchg dh, dl _asm xchg ah, al}
-#     else
-static SHA_LONG64 __fastcall __pull64be(const void *x)
-{
-    _asm mov edx,[ecx + 0]
-    _asm mov eax,[ecx + 4]
-_asm bswap edx _asm bswap eax}
-#     endif
-#     define PULL64(x) __pull64be(&(x))
-#     if _MSC_VER<=1200
-#      pragma inline_depth(0)
-#     endif
-#    endif
-#   endif
-#  endif
-#  ifndef PULL64
-#   define B(x,j)    (((SHA_LONG64)(*(((const unsigned char *)(&x))+j)))<<((7-j)*8))
-#   define PULL64(x) (B(x,0)|B(x,1)|B(x,2)|B(x,3)|B(x,4)|B(x,5)|B(x,6)|B(x,7))
-#  endif
-#  ifndef ROTR
-#   define ROTR(x,s)       (((x)>>s) | (x)<<(64-s))
-#  endif
-#  define Sigma0(x)       (ROTR((x),28) ^ ROTR((x),34) ^ ROTR((x),39))
-#  define Sigma1(x)       (ROTR((x),14) ^ ROTR((x),18) ^ ROTR((x),41))
-#  define sigma0(x)       (ROTR((x),1)  ^ ROTR((x),8)  ^ ((x)>>7))
-#  define sigma1(x)       (ROTR((x),19) ^ ROTR((x),61) ^ ((x)>>6))
-#  define Ch(x,y,z)       (((x) & (y)) ^ ((~(x)) & (z)))
-#  define Maj(x,y,z)      (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
-#  if defined(__i386) || defined(__i386__) || defined(_M_IX86)
-/*
- * This code should give better results on 32-bit CPU with less than
- * ~24 registers, both size and performance wise...
- */ static void sha512_block_data_order(SHA512_CTX *ctx, const void *in,
-                                        size_t num)
-{
-    const SHA_LONG64 *W = in;
-    SHA_LONG64 A, E, T;
-    SHA_LONG64 X[9 + 80], *F;
-    int i;
-
-    while (num--) {
-
-        F = X + 80;
-        A = ctx->h[0];
-        F[1] = ctx->h[1];
-        F[2] = ctx->h[2];
-        F[3] = ctx->h[3];
-        E = ctx->h[4];
-        F[5] = ctx->h[5];
-        F[6] = ctx->h[6];
-        F[7] = ctx->h[7];
-
-        for (i = 0; i < 16; i++, F--) {
-#   ifdef B_ENDIAN
-            T = W[i];
-#   else
-            T = PULL64(W[i]);
-#   endif
-            F[0] = A;
-            F[4] = E;
-            F[8] = T;
-            T += F[7] + Sigma1(E) + Ch(E, F[5], F[6]) + K512[i];
-            E = F[3] + T;
-            A = T + Sigma0(A) + Maj(A, F[1], F[2]);
-        }
-
-        for (; i < 80; i++, F--) {
-            T = sigma0(F[8 + 16 - 1]);
-            T += sigma1(F[8 + 16 - 14]);
-            T += F[8 + 16] + F[8 + 16 - 9];
-
-            F[0] = A;
-            F[4] = E;
-            F[8] = T;
-            T += F[7] + Sigma1(E) + Ch(E, F[5], F[6]) + K512[i];
-            E = F[3] + T;
-            A = T + Sigma0(A) + Maj(A, F[1], F[2]);
-        }
-
-        ctx->h[0] += A;
-        ctx->h[1] += F[1];
-        ctx->h[2] += F[2];
-        ctx->h[3] += F[3];
-        ctx->h[4] += E;
-        ctx->h[5] += F[5];
-        ctx->h[6] += F[6];
-        ctx->h[7] += F[7];
-
-        W += SHA_LBLOCK;
-    }
-}
-
-#  elif defined(OPENSSL_SMALL_FOOTPRINT)
-static void sha512_block_data_order(SHA512_CTX *ctx, const void *in,
-                                    size_t num)
-{
-    const SHA_LONG64 *W = in;
-    SHA_LONG64 a, b, c, d, e, f, g, h, s0, s1, T1, T2;
-    SHA_LONG64 X[16];
-    int i;
-
-    while (num--) {
-
-        a = ctx->h[0];
-        b = ctx->h[1];
-        c = ctx->h[2];
-        d = ctx->h[3];
-        e = ctx->h[4];
-        f = ctx->h[5];
-        g = ctx->h[6];
-        h = ctx->h[7];
-
-        for (i = 0; i < 16; i++) {
-#   ifdef B_ENDIAN
-            T1 = X[i] = W[i];
-#   else
-            T1 = X[i] = PULL64(W[i]);
-#   endif
-            T1 += h + Sigma1(e) + Ch(e, f, g) + K512[i];
-            T2 = Sigma0(a) + Maj(a, b, c);
-            h = g;
-            g = f;
-            f = e;
-            e = d + T1;
-            d = c;
-            c = b;
-            b = a;
-            a = T1 + T2;
-        }
-
-        for (; i < 80; i++) {
-            s0 = X[(i + 1) & 0x0f];
-            s0 = sigma0(s0);
-            s1 = X[(i + 14) & 0x0f];
-            s1 = sigma1(s1);
-
-            T1 = X[i & 0xf] += s0 + s1 + X[(i + 9) & 0xf];
-            T1 += h + Sigma1(e) + Ch(e, f, g) + K512[i];
-            T2 = Sigma0(a) + Maj(a, b, c);
-            h = g;
-            g = f;
-            f = e;
-            e = d + T1;
-            d = c;
-            c = b;
-            b = a;
-            a = T1 + T2;
-        }
-
-        ctx->h[0] += a;
-        ctx->h[1] += b;
-        ctx->h[2] += c;
-        ctx->h[3] += d;
-        ctx->h[4] += e;
-        ctx->h[5] += f;
-        ctx->h[6] += g;
-        ctx->h[7] += h;
-
-        W += SHA_LBLOCK;
-    }
-}
-
-#  else
-#   define ROUND_00_15(i,a,b,c,d,e,f,g,h)          do {    \
-        T1 += h + Sigma1(e) + Ch(e,f,g) + K512[i];      \
-        h = Sigma0(a) + Maj(a,b,c);                     \
-        d += T1;        h += T1;                } while (0)
-#   define ROUND_16_80(i,j,a,b,c,d,e,f,g,h,X)      do {    \
-        s0 = X[(j+1)&0x0f];     s0 = sigma0(s0);        \
-        s1 = X[(j+14)&0x0f];    s1 = sigma1(s1);        \
-        T1 = X[(j)&0x0f] += s0 + s1 + X[(j+9)&0x0f];    \
-        ROUND_00_15(i+j,a,b,c,d,e,f,g,h);               } while (0)
-static void sha512_block_data_order(SHA512_CTX *ctx, const void *in,
-                                    size_t num)
-{
-    const SHA_LONG64 *W = in;
-    SHA_LONG64 a, b, c, d, e, f, g, h, s0, s1, T1;
-    SHA_LONG64 X[16];
-    int i;
-
-    while (num--) {
-
-        a = ctx->h[0];
-        b = ctx->h[1];
-        c = ctx->h[2];
-        d = ctx->h[3];
-        e = ctx->h[4];
-        f = ctx->h[5];
-        g = ctx->h[6];
-        h = ctx->h[7];
-
-#   ifdef B_ENDIAN
-        T1 = X[0] = W[0];
-        ROUND_00_15(0, a, b, c, d, e, f, g, h);
-        T1 = X[1] = W[1];
-        ROUND_00_15(1, h, a, b, c, d, e, f, g);
-        T1 = X[2] = W[2];
-        ROUND_00_15(2, g, h, a, b, c, d, e, f);
-        T1 = X[3] = W[3];
-        ROUND_00_15(3, f, g, h, a, b, c, d, e);
-        T1 = X[4] = W[4];
-        ROUND_00_15(4, e, f, g, h, a, b, c, d);
-        T1 = X[5] = W[5];
-        ROUND_00_15(5, d, e, f, g, h, a, b, c);
-        T1 = X[6] = W[6];
-        ROUND_00_15(6, c, d, e, f, g, h, a, b);
-        T1 = X[7] = W[7];
-        ROUND_00_15(7, b, c, d, e, f, g, h, a);
-        T1 = X[8] = W[8];
-        ROUND_00_15(8, a, b, c, d, e, f, g, h);
-        T1 = X[9] = W[9];
-        ROUND_00_15(9, h, a, b, c, d, e, f, g);
-        T1 = X[10] = W[10];
-        ROUND_00_15(10, g, h, a, b, c, d, e, f);
-        T1 = X[11] = W[11];
-        ROUND_00_15(11, f, g, h, a, b, c, d, e);
-        T1 = X[12] = W[12];
-        ROUND_00_15(12, e, f, g, h, a, b, c, d);
-        T1 = X[13] = W[13];
-        ROUND_00_15(13, d, e, f, g, h, a, b, c);
-        T1 = X[14] = W[14];
-        ROUND_00_15(14, c, d, e, f, g, h, a, b);
-        T1 = X[15] = W[15];
-        ROUND_00_15(15, b, c, d, e, f, g, h, a);
-#   else
-        T1 = X[0] = PULL64(W[0]);
-        ROUND_00_15(0, a, b, c, d, e, f, g, h);
-        T1 = X[1] = PULL64(W[1]);
-        ROUND_00_15(1, h, a, b, c, d, e, f, g);
-        T1 = X[2] = PULL64(W[2]);
-        ROUND_00_15(2, g, h, a, b, c, d, e, f);
-        T1 = X[3] = PULL64(W[3]);
-        ROUND_00_15(3, f, g, h, a, b, c, d, e);
-        T1 = X[4] = PULL64(W[4]);
-        ROUND_00_15(4, e, f, g, h, a, b, c, d);
-        T1 = X[5] = PULL64(W[5]);
-        ROUND_00_15(5, d, e, f, g, h, a, b, c);
-        T1 = X[6] = PULL64(W[6]);
-        ROUND_00_15(6, c, d, e, f, g, h, a, b);
-        T1 = X[7] = PULL64(W[7]);
-        ROUND_00_15(7, b, c, d, e, f, g, h, a);
-        T1 = X[8] = PULL64(W[8]);
-        ROUND_00_15(8, a, b, c, d, e, f, g, h);
-        T1 = X[9] = PULL64(W[9]);
-        ROUND_00_15(9, h, a, b, c, d, e, f, g);
-        T1 = X[10] = PULL64(W[10]);
-        ROUND_00_15(10, g, h, a, b, c, d, e, f);
-        T1 = X[11] = PULL64(W[11]);
-        ROUND_00_15(11, f, g, h, a, b, c, d, e);
-        T1 = X[12] = PULL64(W[12]);
-        ROUND_00_15(12, e, f, g, h, a, b, c, d);
-        T1 = X[13] = PULL64(W[13]);
-        ROUND_00_15(13, d, e, f, g, h, a, b, c);
-        T1 = X[14] = PULL64(W[14]);
-        ROUND_00_15(14, c, d, e, f, g, h, a, b);
-        T1 = X[15] = PULL64(W[15]);
-        ROUND_00_15(15, b, c, d, e, f, g, h, a);
-#   endif
-
-        for (i = 16; i < 80; i += 16) {
-            ROUND_16_80(i, 0, a, b, c, d, e, f, g, h, X);
-            ROUND_16_80(i, 1, h, a, b, c, d, e, f, g, X);
-            ROUND_16_80(i, 2, g, h, a, b, c, d, e, f, X);
-            ROUND_16_80(i, 3, f, g, h, a, b, c, d, e, X);
-            ROUND_16_80(i, 4, e, f, g, h, a, b, c, d, X);
-            ROUND_16_80(i, 5, d, e, f, g, h, a, b, c, X);
-            ROUND_16_80(i, 6, c, d, e, f, g, h, a, b, X);
-            ROUND_16_80(i, 7, b, c, d, e, f, g, h, a, X);
-            ROUND_16_80(i, 8, a, b, c, d, e, f, g, h, X);
-            ROUND_16_80(i, 9, h, a, b, c, d, e, f, g, X);
-            ROUND_16_80(i, 10, g, h, a, b, c, d, e, f, X);
-            ROUND_16_80(i, 11, f, g, h, a, b, c, d, e, X);
-            ROUND_16_80(i, 12, e, f, g, h, a, b, c, d, X);
-            ROUND_16_80(i, 13, d, e, f, g, h, a, b, c, X);
-            ROUND_16_80(i, 14, c, d, e, f, g, h, a, b, X);
-            ROUND_16_80(i, 15, b, c, d, e, f, g, h, a, X);
-        }
-
-        ctx->h[0] += a;
-        ctx->h[1] += b;
-        ctx->h[2] += c;
-        ctx->h[3] += d;
-        ctx->h[4] += e;
-        ctx->h[5] += f;
-        ctx->h[6] += g;
-        ctx->h[7] += h;
-
-        W += SHA_LBLOCK;
-    }
-}
-
-#  endif
-
-# endif                         /* SHA512_ASM */
-
-#else                           /* !OPENSSL_NO_SHA512 */
-
-# if defined(PEDANTIC) || defined(__DECC) || defined(OPENSSL_SYS_MACOSX)
-static void *dummy = &dummy;
-# endif
-
-#endif                          /* !OPENSSL_NO_SHA512 */
diff --git a/thirdparty/openssl/crypto/sha/sha512t.c b/thirdparty/openssl/crypto/sha/sha512t.c
deleted file mode 100644
index 178882fc76..0000000000
--- a/thirdparty/openssl/crypto/sha/sha512t.c
+++ /dev/null
@@ -1,196 +0,0 @@
-/* crypto/sha/sha512t.c */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- * ====================================================================
- */
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include <openssl/sha.h>
-#include <openssl/evp.h>
-#include <openssl/crypto.h>
-
-#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA512)
-int main(int argc, char *argv[])
-{
-    printf("No SHA512 support\n");
-    return (0);
-}
-#else
-
-unsigned char app_c1[SHA512_DIGEST_LENGTH] = {
-    0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba,
-    0xcc, 0x41, 0x73, 0x49, 0xae, 0x20, 0x41, 0x31,
-    0x12, 0xe6, 0xfa, 0x4e, 0x89, 0xa9, 0x7e, 0xa2,
-    0x0a, 0x9e, 0xee, 0xe6, 0x4b, 0x55, 0xd3, 0x9a,
-    0x21, 0x92, 0x99, 0x2a, 0x27, 0x4f, 0xc1, 0xa8,
-    0x36, 0xba, 0x3c, 0x23, 0xa3, 0xfe, 0xeb, 0xbd,
-    0x45, 0x4d, 0x44, 0x23, 0x64, 0x3c, 0xe8, 0x0e,
-    0x2a, 0x9a, 0xc9, 0x4f, 0xa5, 0x4c, 0xa4, 0x9f
-};
-
-unsigned char app_c2[SHA512_DIGEST_LENGTH] = {
-    0x8e, 0x95, 0x9b, 0x75, 0xda, 0xe3, 0x13, 0xda,
-    0x8c, 0xf4, 0xf7, 0x28, 0x14, 0xfc, 0x14, 0x3f,
-    0x8f, 0x77, 0x79, 0xc6, 0xeb, 0x9f, 0x7f, 0xa1,
-    0x72, 0x99, 0xae, 0xad, 0xb6, 0x88, 0x90, 0x18,
-    0x50, 0x1d, 0x28, 0x9e, 0x49, 0x00, 0xf7, 0xe4,
-    0x33, 0x1b, 0x99, 0xde, 0xc4, 0xb5, 0x43, 0x3a,
-    0xc7, 0xd3, 0x29, 0xee, 0xb6, 0xdd, 0x26, 0x54,
-    0x5e, 0x96, 0xe5, 0x5b, 0x87, 0x4b, 0xe9, 0x09
-};
-
-unsigned char app_c3[SHA512_DIGEST_LENGTH] = {
-    0xe7, 0x18, 0x48, 0x3d, 0x0c, 0xe7, 0x69, 0x64,
-    0x4e, 0x2e, 0x42, 0xc7, 0xbc, 0x15, 0xb4, 0x63,
-    0x8e, 0x1f, 0x98, 0xb1, 0x3b, 0x20, 0x44, 0x28,
-    0x56, 0x32, 0xa8, 0x03, 0xaf, 0xa9, 0x73, 0xeb,
-    0xde, 0x0f, 0xf2, 0x44, 0x87, 0x7e, 0xa6, 0x0a,
-    0x4c, 0xb0, 0x43, 0x2c, 0xe5, 0x77, 0xc3, 0x1b,
-    0xeb, 0x00, 0x9c, 0x5c, 0x2c, 0x49, 0xaa, 0x2e,
-    0x4e, 0xad, 0xb2, 0x17, 0xad, 0x8c, 0xc0, 0x9b
-};
-
-unsigned char app_d1[SHA384_DIGEST_LENGTH] = {
-    0xcb, 0x00, 0x75, 0x3f, 0x45, 0xa3, 0x5e, 0x8b,
-    0xb5, 0xa0, 0x3d, 0x69, 0x9a, 0xc6, 0x50, 0x07,
-    0x27, 0x2c, 0x32, 0xab, 0x0e, 0xde, 0xd1, 0x63,
-    0x1a, 0x8b, 0x60, 0x5a, 0x43, 0xff, 0x5b, 0xed,
-    0x80, 0x86, 0x07, 0x2b, 0xa1, 0xe7, 0xcc, 0x23,
-    0x58, 0xba, 0xec, 0xa1, 0x34, 0xc8, 0x25, 0xa7
-};
-
-unsigned char app_d2[SHA384_DIGEST_LENGTH] = {
-    0x09, 0x33, 0x0c, 0x33, 0xf7, 0x11, 0x47, 0xe8,
-    0x3d, 0x19, 0x2f, 0xc7, 0x82, 0xcd, 0x1b, 0x47,
-    0x53, 0x11, 0x1b, 0x17, 0x3b, 0x3b, 0x05, 0xd2,
-    0x2f, 0xa0, 0x80, 0x86, 0xe3, 0xb0, 0xf7, 0x12,
-    0xfc, 0xc7, 0xc7, 0x1a, 0x55, 0x7e, 0x2d, 0xb9,
-    0x66, 0xc3, 0xe9, 0xfa, 0x91, 0x74, 0x60, 0x39
-};
-
-unsigned char app_d3[SHA384_DIGEST_LENGTH] = {
-    0x9d, 0x0e, 0x18, 0x09, 0x71, 0x64, 0x74, 0xcb,
-    0x08, 0x6e, 0x83, 0x4e, 0x31, 0x0a, 0x4a, 0x1c,
-    0xed, 0x14, 0x9e, 0x9c, 0x00, 0xf2, 0x48, 0x52,
-    0x79, 0x72, 0xce, 0xc5, 0x70, 0x4c, 0x2a, 0x5b,
-    0x07, 0xb8, 0xb3, 0xdc, 0x38, 0xec, 0xc4, 0xeb,
-    0xae, 0x97, 0xdd, 0xd8, 0x7f, 0x3d, 0x89, 0x85
-};
-
-int main(int argc, char **argv)
-{
-    unsigned char md[SHA512_DIGEST_LENGTH];
-    int i;
-    EVP_MD_CTX evp;
-
-# ifdef OPENSSL_IA32_SSE2
-    /*
-     * Alternative to this is to call OpenSSL_add_all_algorithms... The below
-     * code is retained exclusively for debugging purposes.
-     */
-    {
-        char *env;
-
-        if ((env = getenv("OPENSSL_ia32cap")))
-            OPENSSL_ia32cap = strtoul(env, NULL, 0);
-    }
-# endif
-
-    fprintf(stdout, "Testing SHA-512 ");
-
-    EVP_Digest("abc", 3, md, NULL, EVP_sha512(), NULL);
-    if (memcmp(md, app_c1, sizeof(app_c1))) {
-        fflush(stdout);
-        fprintf(stderr, "\nTEST 1 of 3 failed.\n");
-        return 1;
-    } else
-        fprintf(stdout, ".");
-    fflush(stdout);
-
-    EVP_Digest("abcdefgh" "bcdefghi" "cdefghij" "defghijk"
-               "efghijkl" "fghijklm" "ghijklmn" "hijklmno"
-               "ijklmnop" "jklmnopq" "klmnopqr" "lmnopqrs"
-               "mnopqrst" "nopqrstu", 112, md, NULL, EVP_sha512(), NULL);
-    if (memcmp(md, app_c2, sizeof(app_c2))) {
-        fflush(stdout);
-        fprintf(stderr, "\nTEST 2 of 3 failed.\n");
-        return 1;
-    } else
-        fprintf(stdout, ".");
-    fflush(stdout);
-
-    EVP_MD_CTX_init(&evp);
-    EVP_DigestInit_ex(&evp, EVP_sha512(), NULL);
-    for (i = 0; i < 1000000; i += 288)
-        EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
-                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
-                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
-                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
-                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
-                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
-                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
-                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
-                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
-                         (1000000 - i) < 288 ? 1000000 - i : 288);
-    EVP_DigestFinal_ex(&evp, md, NULL);
-    EVP_MD_CTX_cleanup(&evp);
-
-    if (memcmp(md, app_c3, sizeof(app_c3))) {
-        fflush(stdout);
-        fprintf(stderr, "\nTEST 3 of 3 failed.\n");
-        return 1;
-    } else
-        fprintf(stdout, ".");
-    fflush(stdout);
-
-    fprintf(stdout, " passed.\n");
-    fflush(stdout);
-
-    fprintf(stdout, "Testing SHA-384 ");
-
-    EVP_Digest("abc", 3, md, NULL, EVP_sha384(), NULL);
-    if (memcmp(md, app_d1, sizeof(app_d1))) {
-        fflush(stdout);
-        fprintf(stderr, "\nTEST 1 of 3 failed.\n");
-        return 1;
-    } else
-        fprintf(stdout, ".");
-    fflush(stdout);
-
-    EVP_Digest("abcdefgh" "bcdefghi" "cdefghij" "defghijk"
-               "efghijkl" "fghijklm" "ghijklmn" "hijklmno"
-               "ijklmnop" "jklmnopq" "klmnopqr" "lmnopqrs"
-               "mnopqrst" "nopqrstu", 112, md, NULL, EVP_sha384(), NULL);
-    if (memcmp(md, app_d2, sizeof(app_d2))) {
-        fflush(stdout);
-        fprintf(stderr, "\nTEST 2 of 3 failed.\n");
-        return 1;
-    } else
-        fprintf(stdout, ".");
-    fflush(stdout);
-
-    EVP_MD_CTX_init(&evp);
-    EVP_DigestInit_ex(&evp, EVP_sha384(), NULL);
-    for (i = 0; i < 1000000; i += 64)
-        EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
-                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
-                         (1000000 - i) < 64 ? 1000000 - i : 64);
-    EVP_DigestFinal_ex(&evp, md, NULL);
-    EVP_MD_CTX_cleanup(&evp);
-
-    if (memcmp(md, app_d3, sizeof(app_d3))) {
-        fflush(stdout);
-        fprintf(stderr, "\nTEST 3 of 3 failed.\n");
-        return 1;
-    } else
-        fprintf(stdout, ".");
-    fflush(stdout);
-
-    fprintf(stdout, " passed.\n");
-    fflush(stdout);
-
-    return 0;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/sha/sha_dgst.c b/thirdparty/openssl/crypto/sha/sha_dgst.c
deleted file mode 100644
index f77cf5e38d..0000000000
--- a/thirdparty/openssl/crypto/sha/sha_dgst.c
+++ /dev/null
@@ -1,74 +0,0 @@
-/* crypto/sha/sha1dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/crypto.h>
-#include <openssl/opensslconf.h>
-#if !defined(OPENSSL_NO_SHA0) && !defined(OPENSSL_NO_SHA)
-
-# undef  SHA_1
-# define SHA_0
-
-# include <openssl/opensslv.h>
-
-const char SHA_version[] = "SHA" OPENSSL_VERSION_PTEXT;
-
-/* The implementation is in ../md32_common.h */
-
-# include "sha_locl.h"
-
-#endif
diff --git a/thirdparty/openssl/crypto/sha/sha_locl.h b/thirdparty/openssl/crypto/sha/sha_locl.h
deleted file mode 100644
index 03bd411ede..0000000000
--- a/thirdparty/openssl/crypto/sha/sha_locl.h
+++ /dev/null
@@ -1,500 +0,0 @@
-/* crypto/sha/sha_locl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-#include <openssl/sha.h>
-
-#define DATA_ORDER_IS_BIG_ENDIAN
-
-#define HASH_LONG               SHA_LONG
-#define HASH_CTX                SHA_CTX
-#define HASH_CBLOCK             SHA_CBLOCK
-#define HASH_MAKE_STRING(c,s)   do {    \
-        unsigned long ll;               \
-        ll=(c)->h0; (void)HOST_l2c(ll,(s));     \
-        ll=(c)->h1; (void)HOST_l2c(ll,(s));     \
-        ll=(c)->h2; (void)HOST_l2c(ll,(s));     \
-        ll=(c)->h3; (void)HOST_l2c(ll,(s));     \
-        ll=(c)->h4; (void)HOST_l2c(ll,(s));     \
-        } while (0)
-
-#if defined(SHA_0)
-
-# define HASH_UPDATE                    SHA_Update
-# define HASH_TRANSFORM                 SHA_Transform
-# define HASH_FINAL                     SHA_Final
-# define HASH_INIT                      SHA_Init
-# define HASH_BLOCK_DATA_ORDER          sha_block_data_order
-# define Xupdate(a,ix,ia,ib,ic,id)      (ix=(a)=(ia^ib^ic^id))
-
-static void sha_block_data_order(SHA_CTX *c, const void *p, size_t num);
-
-#elif defined(SHA_1)
-
-# define HASH_UPDATE                    SHA1_Update
-# define HASH_TRANSFORM                 SHA1_Transform
-# define HASH_FINAL                     SHA1_Final
-# define HASH_INIT                      SHA1_Init
-# define HASH_BLOCK_DATA_ORDER          sha1_block_data_order
-# if defined(__MWERKS__) && defined(__MC68K__)
-   /* Metrowerks for Motorola fails otherwise:-( <appro@fy.chalmers.se> */
-#  define Xupdate(a,ix,ia,ib,ic,id)     do { (a)=(ia^ib^ic^id);         \
-                                             ix=(a)=ROTATE((a),1);      \
-                                        } while (0)
-# else
-#  define Xupdate(a,ix,ia,ib,ic,id)     ( (a)=(ia^ib^ic^id),    \
-                                          ix=(a)=ROTATE((a),1)  \
-                                        )
-# endif
-
-# ifndef SHA1_ASM
-static
-# endif
-void sha1_block_data_order(SHA_CTX *c, const void *p, size_t num);
-
-#else
-# error "Either SHA_0 or SHA_1 must be defined."
-#endif
-
-#include "md32_common.h"
-
-#define INIT_DATA_h0 0x67452301UL
-#define INIT_DATA_h1 0xefcdab89UL
-#define INIT_DATA_h2 0x98badcfeUL
-#define INIT_DATA_h3 0x10325476UL
-#define INIT_DATA_h4 0xc3d2e1f0UL
-
-#ifdef SHA_0
-fips_md_init(SHA)
-#else
-fips_md_init_ctx(SHA1, SHA)
-#endif
-{
-    memset(c, 0, sizeof(*c));
-    c->h0 = INIT_DATA_h0;
-    c->h1 = INIT_DATA_h1;
-    c->h2 = INIT_DATA_h2;
-    c->h3 = INIT_DATA_h3;
-    c->h4 = INIT_DATA_h4;
-    return 1;
-}
-
-#define K_00_19 0x5a827999UL
-#define K_20_39 0x6ed9eba1UL
-#define K_40_59 0x8f1bbcdcUL
-#define K_60_79 0xca62c1d6UL
-
-/*
- * As pointed out by Wei Dai <weidai@eskimo.com>, F() below can be simplified
- * to the code in F_00_19.  Wei attributes these optimisations to Peter
- * Gutmann's SHS code, and he attributes it to Rich Schroeppel. #define
- * F(x,y,z) (((x) & (y)) | ((~(x)) & (z))) I've just become aware of another
- * tweak to be made, again from Wei Dai, in F_40_59, (x&a)|(y&a) -> (x|y)&a
- */
-#define F_00_19(b,c,d)  ((((c) ^ (d)) & (b)) ^ (d))
-#define F_20_39(b,c,d)  ((b) ^ (c) ^ (d))
-#define F_40_59(b,c,d)  (((b) & (c)) | (((b)|(c)) & (d)))
-#define F_60_79(b,c,d)  F_20_39(b,c,d)
-
-#ifndef OPENSSL_SMALL_FOOTPRINT
-
-# define BODY_00_15(i,a,b,c,d,e,f,xi) \
-        (f)=xi+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
-        (b)=ROTATE((b),30);
-
-# define BODY_16_19(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
-        Xupdate(f,xi,xa,xb,xc,xd); \
-        (f)+=(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
-        (b)=ROTATE((b),30);
-
-# define BODY_20_31(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
-        Xupdate(f,xi,xa,xb,xc,xd); \
-        (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
-        (b)=ROTATE((b),30);
-
-# define BODY_32_39(i,a,b,c,d,e,f,xa,xb,xc,xd) \
-        Xupdate(f,xa,xa,xb,xc,xd); \
-        (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
-        (b)=ROTATE((b),30);
-
-# define BODY_40_59(i,a,b,c,d,e,f,xa,xb,xc,xd) \
-        Xupdate(f,xa,xa,xb,xc,xd); \
-        (f)+=(e)+K_40_59+ROTATE((a),5)+F_40_59((b),(c),(d)); \
-        (b)=ROTATE((b),30);
-
-# define BODY_60_79(i,a,b,c,d,e,f,xa,xb,xc,xd) \
-        Xupdate(f,xa,xa,xb,xc,xd); \
-        (f)=xa+(e)+K_60_79+ROTATE((a),5)+F_60_79((b),(c),(d)); \
-        (b)=ROTATE((b),30);
-
-# ifdef X
-#  undef X
-# endif
-# ifndef MD32_XARRAY
-  /*
-   * Originally X was an array. As it's automatic it's natural
-   * to expect RISC compiler to accomodate at least part of it in
-   * the register bank, isn't it? Unfortunately not all compilers
-   * "find" this expectation reasonable:-( On order to make such
-   * compilers generate better code I replace X[] with a bunch of
-   * X0, X1, etc. See the function body below...
-   *                                    <appro@fy.chalmers.se>
-   */
-#  define X(i)   XX##i
-# else
-  /*
-   * However! Some compilers (most notably HP C) get overwhelmed by
-   * that many local variables so that we have to have the way to
-   * fall down to the original behavior.
-   */
-#  define X(i)   XX[i]
-# endif
-
-# if !defined(SHA_1) || !defined(SHA1_ASM)
-static void HASH_BLOCK_DATA_ORDER(SHA_CTX *c, const void *p, size_t num)
-{
-    const unsigned char *data = p;
-    register unsigned MD32_REG_T A, B, C, D, E, T, l;
-#  ifndef MD32_XARRAY
-    unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
-        XX8, XX9, XX10, XX11, XX12, XX13, XX14, XX15;
-#  else
-    SHA_LONG XX[16];
-#  endif
-
-    A = c->h0;
-    B = c->h1;
-    C = c->h2;
-    D = c->h3;
-    E = c->h4;
-
-    for (;;) {
-        const union {
-            long one;
-            char little;
-        } is_endian = {
-            1
-        };
-
-        if (!is_endian.little && sizeof(SHA_LONG) == 4
-            && ((size_t)p % 4) == 0) {
-            const SHA_LONG *W = (const SHA_LONG *)data;
-
-            X(0) = W[0];
-            X(1) = W[1];
-            BODY_00_15(0, A, B, C, D, E, T, X(0));
-            X(2) = W[2];
-            BODY_00_15(1, T, A, B, C, D, E, X(1));
-            X(3) = W[3];
-            BODY_00_15(2, E, T, A, B, C, D, X(2));
-            X(4) = W[4];
-            BODY_00_15(3, D, E, T, A, B, C, X(3));
-            X(5) = W[5];
-            BODY_00_15(4, C, D, E, T, A, B, X(4));
-            X(6) = W[6];
-            BODY_00_15(5, B, C, D, E, T, A, X(5));
-            X(7) = W[7];
-            BODY_00_15(6, A, B, C, D, E, T, X(6));
-            X(8) = W[8];
-            BODY_00_15(7, T, A, B, C, D, E, X(7));
-            X(9) = W[9];
-            BODY_00_15(8, E, T, A, B, C, D, X(8));
-            X(10) = W[10];
-            BODY_00_15(9, D, E, T, A, B, C, X(9));
-            X(11) = W[11];
-            BODY_00_15(10, C, D, E, T, A, B, X(10));
-            X(12) = W[12];
-            BODY_00_15(11, B, C, D, E, T, A, X(11));
-            X(13) = W[13];
-            BODY_00_15(12, A, B, C, D, E, T, X(12));
-            X(14) = W[14];
-            BODY_00_15(13, T, A, B, C, D, E, X(13));
-            X(15) = W[15];
-            BODY_00_15(14, E, T, A, B, C, D, X(14));
-            BODY_00_15(15, D, E, T, A, B, C, X(15));
-
-            data += SHA_CBLOCK;
-        } else {
-            (void)HOST_c2l(data, l);
-            X(0) = l;
-            (void)HOST_c2l(data, l);
-            X(1) = l;
-            BODY_00_15(0, A, B, C, D, E, T, X(0));
-            (void)HOST_c2l(data, l);
-            X(2) = l;
-            BODY_00_15(1, T, A, B, C, D, E, X(1));
-            (void)HOST_c2l(data, l);
-            X(3) = l;
-            BODY_00_15(2, E, T, A, B, C, D, X(2));
-            (void)HOST_c2l(data, l);
-            X(4) = l;
-            BODY_00_15(3, D, E, T, A, B, C, X(3));
-            (void)HOST_c2l(data, l);
-            X(5) = l;
-            BODY_00_15(4, C, D, E, T, A, B, X(4));
-            (void)HOST_c2l(data, l);
-            X(6) = l;
-            BODY_00_15(5, B, C, D, E, T, A, X(5));
-            (void)HOST_c2l(data, l);
-            X(7) = l;
-            BODY_00_15(6, A, B, C, D, E, T, X(6));
-            (void)HOST_c2l(data, l);
-            X(8) = l;
-            BODY_00_15(7, T, A, B, C, D, E, X(7));
-            (void)HOST_c2l(data, l);
-            X(9) = l;
-            BODY_00_15(8, E, T, A, B, C, D, X(8));
-            (void)HOST_c2l(data, l);
-            X(10) = l;
-            BODY_00_15(9, D, E, T, A, B, C, X(9));
-            (void)HOST_c2l(data, l);
-            X(11) = l;
-            BODY_00_15(10, C, D, E, T, A, B, X(10));
-            (void)HOST_c2l(data, l);
-            X(12) = l;
-            BODY_00_15(11, B, C, D, E, T, A, X(11));
-            (void)HOST_c2l(data, l);
-            X(13) = l;
-            BODY_00_15(12, A, B, C, D, E, T, X(12));
-            (void)HOST_c2l(data, l);
-            X(14) = l;
-            BODY_00_15(13, T, A, B, C, D, E, X(13));
-            (void)HOST_c2l(data, l);
-            X(15) = l;
-            BODY_00_15(14, E, T, A, B, C, D, X(14));
-            BODY_00_15(15, D, E, T, A, B, C, X(15));
-        }
-
-        BODY_16_19(16, C, D, E, T, A, B, X(0), X(0), X(2), X(8), X(13));
-        BODY_16_19(17, B, C, D, E, T, A, X(1), X(1), X(3), X(9), X(14));
-        BODY_16_19(18, A, B, C, D, E, T, X(2), X(2), X(4), X(10), X(15));
-        BODY_16_19(19, T, A, B, C, D, E, X(3), X(3), X(5), X(11), X(0));
-
-        BODY_20_31(20, E, T, A, B, C, D, X(4), X(4), X(6), X(12), X(1));
-        BODY_20_31(21, D, E, T, A, B, C, X(5), X(5), X(7), X(13), X(2));
-        BODY_20_31(22, C, D, E, T, A, B, X(6), X(6), X(8), X(14), X(3));
-        BODY_20_31(23, B, C, D, E, T, A, X(7), X(7), X(9), X(15), X(4));
-        BODY_20_31(24, A, B, C, D, E, T, X(8), X(8), X(10), X(0), X(5));
-        BODY_20_31(25, T, A, B, C, D, E, X(9), X(9), X(11), X(1), X(6));
-        BODY_20_31(26, E, T, A, B, C, D, X(10), X(10), X(12), X(2), X(7));
-        BODY_20_31(27, D, E, T, A, B, C, X(11), X(11), X(13), X(3), X(8));
-        BODY_20_31(28, C, D, E, T, A, B, X(12), X(12), X(14), X(4), X(9));
-        BODY_20_31(29, B, C, D, E, T, A, X(13), X(13), X(15), X(5), X(10));
-        BODY_20_31(30, A, B, C, D, E, T, X(14), X(14), X(0), X(6), X(11));
-        BODY_20_31(31, T, A, B, C, D, E, X(15), X(15), X(1), X(7), X(12));
-
-        BODY_32_39(32, E, T, A, B, C, D, X(0), X(2), X(8), X(13));
-        BODY_32_39(33, D, E, T, A, B, C, X(1), X(3), X(9), X(14));
-        BODY_32_39(34, C, D, E, T, A, B, X(2), X(4), X(10), X(15));
-        BODY_32_39(35, B, C, D, E, T, A, X(3), X(5), X(11), X(0));
-        BODY_32_39(36, A, B, C, D, E, T, X(4), X(6), X(12), X(1));
-        BODY_32_39(37, T, A, B, C, D, E, X(5), X(7), X(13), X(2));
-        BODY_32_39(38, E, T, A, B, C, D, X(6), X(8), X(14), X(3));
-        BODY_32_39(39, D, E, T, A, B, C, X(7), X(9), X(15), X(4));
-
-        BODY_40_59(40, C, D, E, T, A, B, X(8), X(10), X(0), X(5));
-        BODY_40_59(41, B, C, D, E, T, A, X(9), X(11), X(1), X(6));
-        BODY_40_59(42, A, B, C, D, E, T, X(10), X(12), X(2), X(7));
-        BODY_40_59(43, T, A, B, C, D, E, X(11), X(13), X(3), X(8));
-        BODY_40_59(44, E, T, A, B, C, D, X(12), X(14), X(4), X(9));
-        BODY_40_59(45, D, E, T, A, B, C, X(13), X(15), X(5), X(10));
-        BODY_40_59(46, C, D, E, T, A, B, X(14), X(0), X(6), X(11));
-        BODY_40_59(47, B, C, D, E, T, A, X(15), X(1), X(7), X(12));
-        BODY_40_59(48, A, B, C, D, E, T, X(0), X(2), X(8), X(13));
-        BODY_40_59(49, T, A, B, C, D, E, X(1), X(3), X(9), X(14));
-        BODY_40_59(50, E, T, A, B, C, D, X(2), X(4), X(10), X(15));
-        BODY_40_59(51, D, E, T, A, B, C, X(3), X(5), X(11), X(0));
-        BODY_40_59(52, C, D, E, T, A, B, X(4), X(6), X(12), X(1));
-        BODY_40_59(53, B, C, D, E, T, A, X(5), X(7), X(13), X(2));
-        BODY_40_59(54, A, B, C, D, E, T, X(6), X(8), X(14), X(3));
-        BODY_40_59(55, T, A, B, C, D, E, X(7), X(9), X(15), X(4));
-        BODY_40_59(56, E, T, A, B, C, D, X(8), X(10), X(0), X(5));
-        BODY_40_59(57, D, E, T, A, B, C, X(9), X(11), X(1), X(6));
-        BODY_40_59(58, C, D, E, T, A, B, X(10), X(12), X(2), X(7));
-        BODY_40_59(59, B, C, D, E, T, A, X(11), X(13), X(3), X(8));
-
-        BODY_60_79(60, A, B, C, D, E, T, X(12), X(14), X(4), X(9));
-        BODY_60_79(61, T, A, B, C, D, E, X(13), X(15), X(5), X(10));
-        BODY_60_79(62, E, T, A, B, C, D, X(14), X(0), X(6), X(11));
-        BODY_60_79(63, D, E, T, A, B, C, X(15), X(1), X(7), X(12));
-        BODY_60_79(64, C, D, E, T, A, B, X(0), X(2), X(8), X(13));
-        BODY_60_79(65, B, C, D, E, T, A, X(1), X(3), X(9), X(14));
-        BODY_60_79(66, A, B, C, D, E, T, X(2), X(4), X(10), X(15));
-        BODY_60_79(67, T, A, B, C, D, E, X(3), X(5), X(11), X(0));
-        BODY_60_79(68, E, T, A, B, C, D, X(4), X(6), X(12), X(1));
-        BODY_60_79(69, D, E, T, A, B, C, X(5), X(7), X(13), X(2));
-        BODY_60_79(70, C, D, E, T, A, B, X(6), X(8), X(14), X(3));
-        BODY_60_79(71, B, C, D, E, T, A, X(7), X(9), X(15), X(4));
-        BODY_60_79(72, A, B, C, D, E, T, X(8), X(10), X(0), X(5));
-        BODY_60_79(73, T, A, B, C, D, E, X(9), X(11), X(1), X(6));
-        BODY_60_79(74, E, T, A, B, C, D, X(10), X(12), X(2), X(7));
-        BODY_60_79(75, D, E, T, A, B, C, X(11), X(13), X(3), X(8));
-        BODY_60_79(76, C, D, E, T, A, B, X(12), X(14), X(4), X(9));
-        BODY_60_79(77, B, C, D, E, T, A, X(13), X(15), X(5), X(10));
-        BODY_60_79(78, A, B, C, D, E, T, X(14), X(0), X(6), X(11));
-        BODY_60_79(79, T, A, B, C, D, E, X(15), X(1), X(7), X(12));
-
-        c->h0 = (c->h0 + E) & 0xffffffffL;
-        c->h1 = (c->h1 + T) & 0xffffffffL;
-        c->h2 = (c->h2 + A) & 0xffffffffL;
-        c->h3 = (c->h3 + B) & 0xffffffffL;
-        c->h4 = (c->h4 + C) & 0xffffffffL;
-
-        if (--num == 0)
-            break;
-
-        A = c->h0;
-        B = c->h1;
-        C = c->h2;
-        D = c->h3;
-        E = c->h4;
-
-    }
-}
-# endif
-
-#else                           /* OPENSSL_SMALL_FOOTPRINT */
-
-# define BODY_00_15(xi)           do {   \
-        T=E+K_00_19+F_00_19(B,C,D);     \
-        E=D, D=C, C=ROTATE(B,30), B=A;  \
-        A=ROTATE(A,5)+T+xi;         } while(0)
-
-# define BODY_16_19(xa,xb,xc,xd)  do {   \
-        Xupdate(T,xa,xa,xb,xc,xd);      \
-        T+=E+K_00_19+F_00_19(B,C,D);    \
-        E=D, D=C, C=ROTATE(B,30), B=A;  \
-        A=ROTATE(A,5)+T;            } while(0)
-
-# define BODY_20_39(xa,xb,xc,xd)  do {   \
-        Xupdate(T,xa,xa,xb,xc,xd);      \
-        T+=E+K_20_39+F_20_39(B,C,D);    \
-        E=D, D=C, C=ROTATE(B,30), B=A;  \
-        A=ROTATE(A,5)+T;            } while(0)
-
-# define BODY_40_59(xa,xb,xc,xd)  do {   \
-        Xupdate(T,xa,xa,xb,xc,xd);      \
-        T+=E+K_40_59+F_40_59(B,C,D);    \
-        E=D, D=C, C=ROTATE(B,30), B=A;  \
-        A=ROTATE(A,5)+T;            } while(0)
-
-# define BODY_60_79(xa,xb,xc,xd)  do {   \
-        Xupdate(T,xa,xa,xb,xc,xd);      \
-        T=E+K_60_79+F_60_79(B,C,D);     \
-        E=D, D=C, C=ROTATE(B,30), B=A;  \
-        A=ROTATE(A,5)+T+xa;         } while(0)
-
-# if !defined(SHA_1) || !defined(SHA1_ASM)
-static void HASH_BLOCK_DATA_ORDER(SHA_CTX *c, const void *p, size_t num)
-{
-    const unsigned char *data = p;
-    register unsigned MD32_REG_T A, B, C, D, E, T, l;
-    int i;
-    SHA_LONG X[16];
-
-    A = c->h0;
-    B = c->h1;
-    C = c->h2;
-    D = c->h3;
-    E = c->h4;
-
-    for (;;) {
-        for (i = 0; i < 16; i++) {
-            HOST_c2l(data, l);
-            X[i] = l;
-            BODY_00_15(X[i]);
-        }
-        for (i = 0; i < 4; i++) {
-            BODY_16_19(X[i], X[i + 2], X[i + 8], X[(i + 13) & 15]);
-        }
-        for (; i < 24; i++) {
-            BODY_20_39(X[i & 15], X[(i + 2) & 15], X[(i + 8) & 15],
-                       X[(i + 13) & 15]);
-        }
-        for (i = 0; i < 20; i++) {
-            BODY_40_59(X[(i + 8) & 15], X[(i + 10) & 15], X[i & 15],
-                       X[(i + 5) & 15]);
-        }
-        for (i = 4; i < 24; i++) {
-            BODY_60_79(X[(i + 8) & 15], X[(i + 10) & 15], X[i & 15],
-                       X[(i + 5) & 15]);
-        }
-
-        c->h0 = (c->h0 + A) & 0xffffffffL;
-        c->h1 = (c->h1 + B) & 0xffffffffL;
-        c->h2 = (c->h2 + C) & 0xffffffffL;
-        c->h3 = (c->h3 + D) & 0xffffffffL;
-        c->h4 = (c->h4 + E) & 0xffffffffL;
-
-        if (--num == 0)
-            break;
-
-        A = c->h0;
-        B = c->h1;
-        C = c->h2;
-        D = c->h3;
-        E = c->h4;
-
-    }
-}
-# endif
-
-#endif
diff --git a/thirdparty/openssl/crypto/sha/sha_one.c b/thirdparty/openssl/crypto/sha/sha_one.c
deleted file mode 100644
index 0930b98a66..0000000000
--- a/thirdparty/openssl/crypto/sha/sha_one.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* crypto/sha/sha_one.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/sha.h>
-#include <openssl/crypto.h>
-
-#ifndef OPENSSL_NO_SHA0
-unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md)
-{
-    SHA_CTX c;
-    static unsigned char m[SHA_DIGEST_LENGTH];
-
-    if (md == NULL)
-        md = m;
-    if (!SHA_Init(&c))
-        return NULL;
-    SHA_Update(&c, d, n);
-    SHA_Final(md, &c);
-    OPENSSL_cleanse(&c, sizeof(c));
-    return (md);
-}
-#endif
diff --git a/thirdparty/openssl/crypto/sparc_arch.h b/thirdparty/openssl/crypto/sparc_arch.h
deleted file mode 100644
index e30d322a4a..0000000000
--- a/thirdparty/openssl/crypto/sparc_arch.h
+++ /dev/null
@@ -1,101 +0,0 @@
-#ifndef __SPARC_ARCH_H__
-# define __SPARC_ARCH_H__
-
-# define SPARCV9_TICK_PRIVILEGED (1<<0)
-# define SPARCV9_PREFER_FPU      (1<<1)
-# define SPARCV9_VIS1            (1<<2)
-# define SPARCV9_VIS2            (1<<3)/* reserved */
-# define SPARCV9_FMADD           (1<<4)/* reserved for SPARC64 V */
-# define SPARCV9_BLK             (1<<5)/* VIS1 block copy */
-# define SPARCV9_VIS3            (1<<6)
-# define SPARCV9_RANDOM          (1<<7)
-# define SPARCV9_64BIT_STACK     (1<<8)
-
-/*
- * OPENSSL_sparcv9cap_P[1] is copy of Compatibility Feature Register,
- * %asr26, SPARC-T4 and later. There is no SPARCV9_CFR bit in
- * OPENSSL_sparcv9cap_P[0], as %cfr copy is sufficient...
- */
-# define CFR_AES         0x00000001/* Supports AES opcodes */
-# define CFR_DES         0x00000002/* Supports DES opcodes */
-# define CFR_KASUMI      0x00000004/* Supports KASUMI opcodes */
-# define CFR_CAMELLIA    0x00000008/* Supports CAMELLIA opcodes */
-# define CFR_MD5         0x00000010/* Supports MD5 opcodes */
-# define CFR_SHA1        0x00000020/* Supports SHA1 opcodes */
-# define CFR_SHA256      0x00000040/* Supports SHA256 opcodes */
-# define CFR_SHA512      0x00000080/* Supports SHA512 opcodes */
-# define CFR_MPMUL       0x00000100/* Supports MPMUL opcodes */
-# define CFR_MONTMUL     0x00000200/* Supports MONTMUL opcodes */
-# define CFR_MONTSQR     0x00000400/* Supports MONTSQR opcodes */
-# define CFR_CRC32C      0x00000800/* Supports CRC32C opcodes */
-
-# if defined(OPENSSL_PIC) && !defined(__PIC__)
-#  define __PIC__
-# endif
-
-# if defined(__SUNPRO_C) && defined(__sparcv9) && !defined(__arch64__)
-#  define __arch64__
-# endif
-
-# define SPARC_PIC_THUNK(reg)    \
-        .align  32;             \
-.Lpic_thunk:                    \
-        jmp     %o7 + 8;        \
-         add    %o7, reg, reg;
-
-# define SPARC_PIC_THUNK_CALL(reg)                       \
-        sethi   %hi(_GLOBAL_OFFSET_TABLE_-4), reg;      \
-        call    .Lpic_thunk;                            \
-         or     reg, %lo(_GLOBAL_OFFSET_TABLE_+4), reg;
-
-# if 1
-#  define SPARC_SETUP_GOT_REG(reg)       SPARC_PIC_THUNK_CALL(reg)
-# else
-#  define SPARC_SETUP_GOT_REG(reg)       \
-        sethi   %hi(_GLOBAL_OFFSET_TABLE_-4), reg;      \
-        call    .+8;                                    \
-        or      reg,%lo(_GLOBAL_OFFSET_TABLE_+4), reg;  \
-        add     %o7, reg, reg
-# endif
-
-# if defined(__arch64__)
-
-#  define SPARC_LOAD_ADDRESS(SYM, reg)   \
-        setx    SYM, %o7, reg;
-#  define LDPTR          ldx
-#  define SIZE_T_CC      %xcc
-#  define STACK_FRAME    192
-#  define STACK_BIAS     2047
-#  define STACK_7thARG   (STACK_BIAS+176)
-
-# else
-
-#  define SPARC_LOAD_ADDRESS(SYM, reg)   \
-        set     SYM, reg;
-#  define LDPTR          ld
-#  define SIZE_T_CC      %icc
-#  define STACK_FRAME    112
-#  define STACK_BIAS     0
-#  define STACK_7thARG   92
-#  define SPARC_LOAD_ADDRESS_LEAF(SYM,reg,tmp) SPARC_LOAD_ADDRESS(SYM,reg)
-
-# endif
-
-# ifdef __PIC__
-#  undef SPARC_LOAD_ADDRESS
-#  undef SPARC_LOAD_ADDRESS_LEAF
-#  define SPARC_LOAD_ADDRESS(SYM, reg)   \
-        SPARC_SETUP_GOT_REG(reg);       \
-        sethi   %hi(SYM), %o7;          \
-        or      %o7, %lo(SYM), %o7;     \
-        LDPTR   [reg + %o7], reg;
-# endif
-
-# ifndef SPARC_LOAD_ADDRESS_LEAF
-#  define SPARC_LOAD_ADDRESS_LEAF(SYM, reg, tmp) \
-        mov     %o7, tmp;                       \
-        SPARC_LOAD_ADDRESS(SYM, reg)            \
-        mov     tmp, %o7;
-# endif
-
-#endif                          /* __SPARC_ARCH_H__ */
diff --git a/thirdparty/openssl/crypto/sparcv9cap.c b/thirdparty/openssl/crypto/sparcv9cap.c
deleted file mode 100644
index a36e461792..0000000000
--- a/thirdparty/openssl/crypto/sparcv9cap.c
+++ /dev/null
@@ -1,393 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <setjmp.h>
-#include <signal.h>
-#include <sys/time.h>
-#include <unistd.h>
-#include <openssl/bn.h>
-
-#include "sparc_arch.h"
-
-#if defined(__GNUC__) && defined(__linux)
-__attribute__ ((visibility("hidden")))
-#endif
-unsigned int OPENSSL_sparcv9cap_P[2] = { SPARCV9_TICK_PRIVILEGED, 0 };
-
-int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
-                const BN_ULONG *np, const BN_ULONG *n0, int num)
-{
-    int bn_mul_mont_vis3(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
-                         const BN_ULONG *np, const BN_ULONG *n0, int num);
-    int bn_mul_mont_fpu(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
-                        const BN_ULONG *np, const BN_ULONG *n0, int num);
-    int bn_mul_mont_int(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
-                        const BN_ULONG *np, const BN_ULONG *n0, int num);
-
-    if (!(num & 1) && num >= 6) {
-        if ((num & 15) == 0 && num <= 64 &&
-            (OPENSSL_sparcv9cap_P[1] & (CFR_MONTMUL | CFR_MONTSQR)) ==
-            (CFR_MONTMUL | CFR_MONTSQR)) {
-            typedef int (*bn_mul_mont_f) (BN_ULONG *rp, const BN_ULONG *ap,
-                                          const BN_ULONG *bp,
-                                          const BN_ULONG *np,
-                                          const BN_ULONG *n0);
-            int bn_mul_mont_t4_8(BN_ULONG *rp, const BN_ULONG *ap,
-                                 const BN_ULONG *bp, const BN_ULONG *np,
-                                 const BN_ULONG *n0);
-            int bn_mul_mont_t4_16(BN_ULONG *rp, const BN_ULONG *ap,
-                                  const BN_ULONG *bp, const BN_ULONG *np,
-                                  const BN_ULONG *n0);
-            int bn_mul_mont_t4_24(BN_ULONG *rp, const BN_ULONG *ap,
-                                  const BN_ULONG *bp, const BN_ULONG *np,
-                                  const BN_ULONG *n0);
-            int bn_mul_mont_t4_32(BN_ULONG *rp, const BN_ULONG *ap,
-                                  const BN_ULONG *bp, const BN_ULONG *np,
-                                  const BN_ULONG *n0);
-            static const bn_mul_mont_f funcs[4] = {
-                bn_mul_mont_t4_8, bn_mul_mont_t4_16,
-                bn_mul_mont_t4_24, bn_mul_mont_t4_32
-            };
-            bn_mul_mont_f worker = funcs[num / 16 - 1];
-
-            if ((*worker) (rp, ap, bp, np, n0))
-                return 1;
-            /* retry once and fall back */
-            if ((*worker) (rp, ap, bp, np, n0))
-                return 1;
-            return bn_mul_mont_vis3(rp, ap, bp, np, n0, num);
-        }
-        if ((OPENSSL_sparcv9cap_P[0] & SPARCV9_VIS3))
-            return bn_mul_mont_vis3(rp, ap, bp, np, n0, num);
-        else if (num >= 8 &&
-                 (OPENSSL_sparcv9cap_P[0] &
-                  (SPARCV9_PREFER_FPU | SPARCV9_VIS1)) ==
-                 (SPARCV9_PREFER_FPU | SPARCV9_VIS1))
-            return bn_mul_mont_fpu(rp, ap, bp, np, n0, num);
-    }
-    return bn_mul_mont_int(rp, ap, bp, np, n0, num);
-}
-
-unsigned long _sparcv9_rdtick(void);
-void _sparcv9_vis1_probe(void);
-unsigned long _sparcv9_vis1_instrument(void);
-void _sparcv9_vis2_probe(void);
-void _sparcv9_fmadd_probe(void);
-unsigned long _sparcv9_rdcfr(void);
-void _sparcv9_vis3_probe(void);
-unsigned long _sparcv9_random(void);
-size_t _sparcv9_vis1_instrument_bus(unsigned int *, size_t);
-size_t _sparcv9_vis1_instrument_bus2(unsigned int *, size_t, size_t);
-
-unsigned long OPENSSL_rdtsc(void)
-{
-    if (OPENSSL_sparcv9cap_P[0] & SPARCV9_TICK_PRIVILEGED)
-#if defined(__sun) && defined(__SVR4)
-        return gethrtime();
-#else
-        return 0;
-#endif
-    else
-        return _sparcv9_rdtick();
-}
-
-size_t OPENSSL_instrument_bus(unsigned int *out, size_t cnt)
-{
-    if ((OPENSSL_sparcv9cap_P[0] & (SPARCV9_TICK_PRIVILEGED | SPARCV9_BLK)) ==
-        SPARCV9_BLK)
-        return _sparcv9_vis1_instrument_bus(out, cnt);
-    else
-        return 0;
-}
-
-size_t OPENSSL_instrument_bus2(unsigned int *out, size_t cnt, size_t max)
-{
-    if ((OPENSSL_sparcv9cap_P[0] & (SPARCV9_TICK_PRIVILEGED | SPARCV9_BLK)) ==
-        SPARCV9_BLK)
-        return _sparcv9_vis1_instrument_bus2(out, cnt, max);
-    else
-        return 0;
-}
-
-#if 0 && defined(__sun) && defined(__SVR4)
-/*
- * This code path is disabled, because of incompatibility of libdevinfo.so.1
- * and libmalloc.so.1 (see below for details)
- */
-# include <malloc.h>
-# include <dlfcn.h>
-# include <libdevinfo.h>
-# include <sys/systeminfo.h>
-
-typedef di_node_t(*di_init_t) (const char *, uint_t);
-typedef void (*di_fini_t) (di_node_t);
-typedef char *(*di_node_name_t) (di_node_t);
-typedef int (*di_walk_node_t) (di_node_t, uint_t, di_node_name_t,
-                               int (*)(di_node_t, di_node_name_t));
-
-# define DLLINK(h,name) (name=(name##_t)dlsym((h),#name))
-
-static int walk_nodename(di_node_t node, di_node_name_t di_node_name)
-{
-    char *name = (*di_node_name) (node);
-
-    /* This is expected to catch all UltraSPARC flavors prior T1 */
-    if (!strcmp(name, "SUNW,UltraSPARC") ||
-        /* covers II,III,IV */
-        !strncmp(name, "SUNW,UltraSPARC-I", 17)) {
-        OPENSSL_sparcv9cap_P[0] |= SPARCV9_PREFER_FPU | SPARCV9_VIS1;
-
-        /* %tick is privileged only on UltraSPARC-I/II, but not IIe */
-        if (name[14] != '\0' && name[17] != '\0' && name[18] != '\0')
-            OPENSSL_sparcv9cap_P[0] &= ~SPARCV9_TICK_PRIVILEGED;
-
-        return DI_WALK_TERMINATE;
-    }
-    /* This is expected to catch remaining UltraSPARCs, such as T1 */
-    else if (!strncmp(name, "SUNW,UltraSPARC", 15)) {
-        OPENSSL_sparcv9cap_P[0] &= ~SPARCV9_TICK_PRIVILEGED;
-
-        return DI_WALK_TERMINATE;
-    }
-
-    return DI_WALK_CONTINUE;
-}
-
-void OPENSSL_cpuid_setup(void)
-{
-    void *h;
-    char *e, si[256];
-    static int trigger = 0;
-
-    if (trigger)
-        return;
-    trigger = 1;
-
-    if ((e = getenv("OPENSSL_sparcv9cap"))) {
-        OPENSSL_sparcv9cap_P[0] = strtoul(e, NULL, 0);
-        return;
-    }
-
-    if (sysinfo(SI_MACHINE, si, sizeof(si)) > 0) {
-        if (strcmp(si, "sun4v"))
-            /* FPU is preferred for all CPUs, but US-T1/2 */
-            OPENSSL_sparcv9cap_P[0] |= SPARCV9_PREFER_FPU;
-    }
-
-    if (sysinfo(SI_ISALIST, si, sizeof(si)) > 0) {
-        if (strstr(si, "+vis"))
-            OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS1 | SPARCV9_BLK;
-        if (strstr(si, "+vis2")) {
-            OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS2;
-            OPENSSL_sparcv9cap_P[0] &= ~SPARCV9_TICK_PRIVILEGED;
-            return;
-        }
-    }
-# ifdef M_KEEP
-    /*
-     * Solaris libdevinfo.so.1 is effectively incomatible with
-     * libmalloc.so.1. Specifically, if application is linked with
-     * -lmalloc, it crashes upon startup with SIGSEGV in
-     * free(3LIBMALLOC) called by di_fini. Prior call to
-     * mallopt(M_KEEP,0) somehow helps... But not always...
-     */
-    if ((h = dlopen(NULL, RTLD_LAZY))) {
-        union {
-            void *p;
-            int (*f) (int, int);
-        } sym;
-        if ((sym.p = dlsym(h, "mallopt")))
-            (*sym.f) (M_KEEP, 0);
-        dlclose(h);
-    }
-# endif
-    if ((h = dlopen("libdevinfo.so.1", RTLD_LAZY)))
-        do {
-            di_init_t di_init;
-            di_fini_t di_fini;
-            di_walk_node_t di_walk_node;
-            di_node_name_t di_node_name;
-            di_node_t root_node;
-
-            if (!DLLINK(h, di_init))
-                break;
-            if (!DLLINK(h, di_fini))
-                break;
-            if (!DLLINK(h, di_walk_node))
-                break;
-            if (!DLLINK(h, di_node_name))
-                break;
-
-            if ((root_node = (*di_init) ("/", DINFOSUBTREE)) != DI_NODE_NIL) {
-                (*di_walk_node) (root_node, DI_WALK_SIBFIRST,
-                                 di_node_name, walk_nodename);
-                (*di_fini) (root_node);
-            }
-        } while (0);
-
-    if (h)
-        dlclose(h);
-}
-
-#else
-
-static sigjmp_buf common_jmp;
-static void common_handler(int sig)
-{
-    siglongjmp(common_jmp, sig);
-}
-
-#if defined(__sun) && defined(__SVR4)
-# if defined(__GNUC__) && __GNUC__>=2
-extern unsigned int getisax(unsigned int vec[], unsigned int sz) __attribute__ ((weak));
-# elif defined(__SUNPRO_C)
-#pragma weak getisax
-extern unsigned int getisax(unsigned int vec[], unsigned int sz);
-# else
-static unsigned int (*getisax) (unsigned int vec[], unsigned int sz) = NULL;
-# endif
-#endif
-
-void OPENSSL_cpuid_setup(void)
-{
-    char *e;
-    struct sigaction common_act, ill_oact, bus_oact;
-    sigset_t all_masked, oset;
-    static int trigger = 0;
-
-    if (trigger)
-        return;
-    trigger = 1;
-
-    if ((e = getenv("OPENSSL_sparcv9cap"))) {
-        OPENSSL_sparcv9cap_P[0] = strtoul(e, NULL, 0);
-        if ((e = strchr(e, ':')))
-            OPENSSL_sparcv9cap_P[1] = strtoul(e + 1, NULL, 0);
-        return;
-    }
-
-#if defined(__sun) && defined(__SVR4)
-    if (getisax != NULL) {
-        unsigned int vec[1];
-
-        if (getisax (vec,1)) {
-            if (vec[0]&0x0020) OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS1;
-            if (vec[0]&0x0040) OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS2;
-            if (vec[0]&0x0080) OPENSSL_sparcv9cap_P[0] |= SPARCV9_BLK;
-            if (vec[0]&0x0100) OPENSSL_sparcv9cap_P[0] |= SPARCV9_FMADD;
-            if (vec[0]&0x0400) OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS3;
-
-            /* reconstruct %cfr copy */
-            OPENSSL_sparcv9cap_P[1] = (vec[0]>>17)&0x3ff;
-            OPENSSL_sparcv9cap_P[1] |= (OPENSSL_sparcv9cap_P[1]&CFR_MONTMUL)<<1;
-            if (vec[0]&0x20000000) OPENSSL_sparcv9cap_P[1] |= CFR_CRC32C;
-
-            /* Some heuristics */
-            /* all known VIS2-capable CPUs have unprivileged tick counter */
-            if (OPENSSL_sparcv9cap_P[0]&SPARCV9_VIS2)
-                OPENSSL_sparcv9cap_P[0] &= ~SPARCV9_TICK_PRIVILEGED;
-
-            OPENSSL_sparcv9cap_P[0] |= SPARCV9_PREFER_FPU;
-
-            /* detect UltraSPARC-Tx, see sparccpud.S for details... */
-            if ((OPENSSL_sparcv9cap_P[0]&SPARCV9_VIS1) &&
-                _sparcv9_vis1_instrument() >= 12)
-                OPENSSL_sparcv9cap_P[0] &= ~(SPARCV9_VIS1 | SPARCV9_PREFER_FPU);
-        }
-
-        if (sizeof(size_t) == 8)
-            OPENSSL_sparcv9cap_P[0] |= SPARCV9_64BIT_STACK;
-
-        return;
-    }
-#endif
-
-    /* Initial value, fits UltraSPARC-I&II... */
-    OPENSSL_sparcv9cap_P[0] = SPARCV9_PREFER_FPU | SPARCV9_TICK_PRIVILEGED;
-
-    sigfillset(&all_masked);
-    sigdelset(&all_masked, SIGILL);
-    sigdelset(&all_masked, SIGTRAP);
-# ifdef SIGEMT
-    sigdelset(&all_masked, SIGEMT);
-# endif
-    sigdelset(&all_masked, SIGFPE);
-    sigdelset(&all_masked, SIGBUS);
-    sigdelset(&all_masked, SIGSEGV);
-    sigprocmask(SIG_SETMASK, &all_masked, &oset);
-
-    memset(&common_act, 0, sizeof(common_act));
-    common_act.sa_handler = common_handler;
-    common_act.sa_mask = all_masked;
-
-    sigaction(SIGILL, &common_act, &ill_oact);
-    sigaction(SIGBUS, &common_act, &bus_oact); /* T1 fails 16-bit ldda [on
-                                                * Linux] */
-
-    if (sigsetjmp(common_jmp, 1) == 0) {
-        _sparcv9_rdtick();
-        OPENSSL_sparcv9cap_P[0] &= ~SPARCV9_TICK_PRIVILEGED;
-    }
-
-    if (sigsetjmp(common_jmp, 1) == 0) {
-        _sparcv9_vis1_probe();
-        OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS1 | SPARCV9_BLK;
-        /* detect UltraSPARC-Tx, see sparccpud.S for details... */
-        if (_sparcv9_vis1_instrument() >= 12)
-            OPENSSL_sparcv9cap_P[0] &= ~(SPARCV9_VIS1 | SPARCV9_PREFER_FPU);
-        else {
-            _sparcv9_vis2_probe();
-            OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS2;
-        }
-    }
-
-    if (sigsetjmp(common_jmp, 1) == 0) {
-        _sparcv9_fmadd_probe();
-        OPENSSL_sparcv9cap_P[0] |= SPARCV9_FMADD;
-    }
-
-    /*
-     * VIS3 flag is tested independently from VIS1, unlike VIS2 that is,
-     * because VIS3 defines even integer instructions.
-     */
-    if (sigsetjmp(common_jmp, 1) == 0) {
-        _sparcv9_vis3_probe();
-        OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS3;
-    }
-# if 0                          /* was planned at some point but never
-                                 * implemented in hardware */
-    if (sigsetjmp(common_jmp, 1) == 0) {
-        (void)_sparcv9_random();
-        OPENSSL_sparcv9cap_P[0] |= SPARCV9_RANDOM;
-    }
-# endif
-
-    /*
-     * In wait for better solution _sparcv9_rdcfr is masked by
-     * VIS3 flag, because it goes to uninterruptable endless
-     * loop on UltraSPARC II running Solaris. Things might be
-     * different on Linux...
-     */
-    if ((OPENSSL_sparcv9cap_P[0] & SPARCV9_VIS3) &&
-        sigsetjmp(common_jmp, 1) == 0) {
-        OPENSSL_sparcv9cap_P[1] = (unsigned int)_sparcv9_rdcfr();
-    }
-
-    sigaction(SIGBUS, &bus_oact, NULL);
-    sigaction(SIGILL, &ill_oact, NULL);
-
-    sigprocmask(SIG_SETMASK, &oset, NULL);
-
-    if (sizeof(size_t) == 8)
-        OPENSSL_sparcv9cap_P[0] |= SPARCV9_64BIT_STACK;
-# ifdef __linux
-    else {
-        int ret = syscall(340);
-
-        if (ret >= 0 && ret & 1)
-            OPENSSL_sparcv9cap_P[0] |= SPARCV9_64BIT_STACK;
-    }
-# endif
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/srp/srp_grps.h b/thirdparty/openssl/crypto/srp/srp_grps.h
deleted file mode 100644
index 31312de15c..0000000000
--- a/thirdparty/openssl/crypto/srp/srp_grps.h
+++ /dev/null
@@ -1,528 +0,0 @@
-/* start of generated data */
-
-static BN_ULONG bn_group_1024_value[] = {
-    bn_pack4(0x9FC6, 0x1D2F, 0xC0EB, 0x06E3),
-    bn_pack4(0xFD51, 0x38FE, 0x8376, 0x435B),
-    bn_pack4(0x2FD4, 0xCBF4, 0x976E, 0xAA9A),
-    bn_pack4(0x68ED, 0xBC3C, 0x0572, 0x6CC0),
-    bn_pack4(0xC529, 0xF566, 0x660E, 0x57EC),
-    bn_pack4(0x8255, 0x9B29, 0x7BCF, 0x1885),
-    bn_pack4(0xCE8E, 0xF4AD, 0x69B1, 0x5D49),
-    bn_pack4(0x5DC7, 0xD7B4, 0x6154, 0xD6B6),
-    bn_pack4(0x8E49, 0x5C1D, 0x6089, 0xDAD1),
-    bn_pack4(0xE0D5, 0xD8E2, 0x50B9, 0x8BE4),
-    bn_pack4(0x383B, 0x4813, 0xD692, 0xC6E0),
-    bn_pack4(0xD674, 0xDF74, 0x96EA, 0x81D3),
-    bn_pack4(0x9EA2, 0x314C, 0x9C25, 0x6576),
-    bn_pack4(0x6072, 0x6187, 0x75FF, 0x3C0B),
-    bn_pack4(0x9C33, 0xF80A, 0xFA8F, 0xC5E8),
-    bn_pack4(0xEEAF, 0x0AB9, 0xADB3, 0x8DD6)
-};
-
-static BIGNUM bn_group_1024 = {
-    bn_group_1024_value,
-    (sizeof bn_group_1024_value) / sizeof(BN_ULONG),
-    (sizeof bn_group_1024_value) / sizeof(BN_ULONG),
-    0,
-    BN_FLG_STATIC_DATA
-};
-
-static BN_ULONG bn_group_1536_value[] = {
-    bn_pack4(0xCF76, 0xE3FE, 0xD135, 0xF9BB),
-    bn_pack4(0x1518, 0x0F93, 0x499A, 0x234D),
-    bn_pack4(0x8CE7, 0xA28C, 0x2442, 0xC6F3),
-    bn_pack4(0x5A02, 0x1FFF, 0x5E91, 0x479E),
-    bn_pack4(0x7F8A, 0x2FE9, 0xB8B5, 0x292E),
-    bn_pack4(0x837C, 0x264A, 0xE3A9, 0xBEB8),
-    bn_pack4(0xE442, 0x734A, 0xF7CC, 0xB7AE),
-    bn_pack4(0x6577, 0x2E43, 0x7D6C, 0x7F8C),
-    bn_pack4(0xDB2F, 0xD53D, 0x24B7, 0xC486),
-    bn_pack4(0x6EDF, 0x0195, 0x3934, 0x9627),
-    bn_pack4(0x158B, 0xFD3E, 0x2B9C, 0x8CF5),
-    bn_pack4(0x764E, 0x3F4B, 0x53DD, 0x9DA1),
-    bn_pack4(0x4754, 0x8381, 0xDBC5, 0xB1FC),
-    bn_pack4(0x9B60, 0x9E0B, 0xE3BA, 0xB63D),
-    bn_pack4(0x8134, 0xB1C8, 0xB979, 0x8914),
-    bn_pack4(0xDF02, 0x8A7C, 0xEC67, 0xF0D0),
-    bn_pack4(0x80B6, 0x55BB, 0x9A22, 0xE8DC),
-    bn_pack4(0x1558, 0x903B, 0xA0D0, 0xF843),
-    bn_pack4(0x51C6, 0xA94B, 0xE460, 0x7A29),
-    bn_pack4(0x5F4F, 0x5F55, 0x6E27, 0xCBDE),
-    bn_pack4(0xBEEE, 0xA961, 0x4B19, 0xCC4D),
-    bn_pack4(0xDBA5, 0x1DF4, 0x99AC, 0x4C80),
-    bn_pack4(0xB1F1, 0x2A86, 0x17A4, 0x7BBB),
-    bn_pack4(0x9DEF, 0x3CAF, 0xB939, 0x277A)
-};
-
-static BIGNUM bn_group_1536 = {
-    bn_group_1536_value,
-    (sizeof bn_group_1536_value) / sizeof(BN_ULONG),
-    (sizeof bn_group_1536_value) / sizeof(BN_ULONG),
-    0,
-    BN_FLG_STATIC_DATA
-};
-
-static BN_ULONG bn_group_2048_value[] = {
-    bn_pack4(0x0FA7, 0x111F, 0x9E4A, 0xFF73),
-    bn_pack4(0x9B65, 0xE372, 0xFCD6, 0x8EF2),
-    bn_pack4(0x35DE, 0x236D, 0x525F, 0x5475),
-    bn_pack4(0x94B5, 0xC803, 0xD89F, 0x7AE4),
-    bn_pack4(0x71AE, 0x35F8, 0xE9DB, 0xFBB6),
-    bn_pack4(0x2A56, 0x98F3, 0xA8D0, 0xC382),
-    bn_pack4(0x9CCC, 0x041C, 0x7BC3, 0x08D8),
-    bn_pack4(0xAF87, 0x4E73, 0x03CE, 0x5329),
-    bn_pack4(0x6160, 0x2790, 0x04E5, 0x7AE6),
-    bn_pack4(0x032C, 0xFBDB, 0xF52F, 0xB378),
-    bn_pack4(0x5EA7, 0x7A27, 0x75D2, 0xECFA),
-    bn_pack4(0x5445, 0x23B5, 0x24B0, 0xD57D),
-    bn_pack4(0x5B9D, 0x32E6, 0x88F8, 0x7748),
-    bn_pack4(0xF1D2, 0xB907, 0x8717, 0x461A),
-    bn_pack4(0x76BD, 0x207A, 0x436C, 0x6481),
-    bn_pack4(0xCA97, 0xB43A, 0x23FB, 0x8016),
-    bn_pack4(0x1D28, 0x1E44, 0x6B14, 0x773B),
-    bn_pack4(0x7359, 0xD041, 0xD5C3, 0x3EA7),
-    bn_pack4(0xA80D, 0x740A, 0xDBF4, 0xFF74),
-    bn_pack4(0x55F9, 0x7993, 0xEC97, 0x5EEA),
-    bn_pack4(0x2918, 0xA996, 0x2F0B, 0x93B8),
-    bn_pack4(0x661A, 0x05FB, 0xD5FA, 0xAAE8),
-    bn_pack4(0xCF60, 0x9517, 0x9A16, 0x3AB3),
-    bn_pack4(0xE808, 0x3969, 0xEDB7, 0x67B0),
-    bn_pack4(0xCD7F, 0x48A9, 0xDA04, 0xFD50),
-    bn_pack4(0xD523, 0x12AB, 0x4B03, 0x310D),
-    bn_pack4(0x8193, 0xE075, 0x7767, 0xA13D),
-    bn_pack4(0xA373, 0x29CB, 0xB4A0, 0x99ED),
-    bn_pack4(0xFC31, 0x9294, 0x3DB5, 0x6050),
-    bn_pack4(0xAF72, 0xB665, 0x1987, 0xEE07),
-    bn_pack4(0xF166, 0xDE5E, 0x1389, 0x582F),
-    bn_pack4(0xAC6B, 0xDB41, 0x324A, 0x9A9B)
-};
-
-static BIGNUM bn_group_2048 = {
-    bn_group_2048_value,
-    (sizeof bn_group_2048_value) / sizeof(BN_ULONG),
-    (sizeof bn_group_2048_value) / sizeof(BN_ULONG),
-    0,
-    BN_FLG_STATIC_DATA
-};
-
-static BN_ULONG bn_group_3072_value[] = {
-    bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF),
-    bn_pack4(0x4B82, 0xD120, 0xA93A, 0xD2CA),
-    bn_pack4(0x43DB, 0x5BFC, 0xE0FD, 0x108E),
-    bn_pack4(0x08E2, 0x4FA0, 0x74E5, 0xAB31),
-    bn_pack4(0x7709, 0x88C0, 0xBAD9, 0x46E2),
-    bn_pack4(0xBBE1, 0x1757, 0x7A61, 0x5D6C),
-    bn_pack4(0x521F, 0x2B18, 0x177B, 0x200C),
-    bn_pack4(0xD876, 0x0273, 0x3EC8, 0x6A64),
-    bn_pack4(0xF12F, 0xFA06, 0xD98A, 0x0864),
-    bn_pack4(0xCEE3, 0xD226, 0x1AD2, 0xEE6B),
-    bn_pack4(0x1E8C, 0x94E0, 0x4A25, 0x619D),
-    bn_pack4(0xABF5, 0xAE8C, 0xDB09, 0x33D7),
-    bn_pack4(0xB397, 0x0F85, 0xA6E1, 0xE4C7),
-    bn_pack4(0x8AEA, 0x7157, 0x5D06, 0x0C7D),
-    bn_pack4(0xECFB, 0x8504, 0x58DB, 0xEF0A),
-    bn_pack4(0xA855, 0x21AB, 0xDF1C, 0xBA64),
-    bn_pack4(0xAD33, 0x170D, 0x0450, 0x7A33),
-    bn_pack4(0x1572, 0x8E5A, 0x8AAA, 0xC42D),
-    bn_pack4(0x15D2, 0x2618, 0x98FA, 0x0510),
-    bn_pack4(0x3995, 0x497C, 0xEA95, 0x6AE5),
-    bn_pack4(0xDE2B, 0xCBF6, 0x9558, 0x1718),
-    bn_pack4(0xB5C5, 0x5DF0, 0x6F4C, 0x52C9),
-    bn_pack4(0x9B27, 0x83A2, 0xEC07, 0xA28F),
-    bn_pack4(0xE39E, 0x772C, 0x180E, 0x8603),
-    bn_pack4(0x3290, 0x5E46, 0x2E36, 0xCE3B),
-    bn_pack4(0xF174, 0x6C08, 0xCA18, 0x217C),
-    bn_pack4(0x670C, 0x354E, 0x4ABC, 0x9804),
-    bn_pack4(0x9ED5, 0x2907, 0x7096, 0x966D),
-    bn_pack4(0x1C62, 0xF356, 0x2085, 0x52BB),
-    bn_pack4(0x8365, 0x5D23, 0xDCA3, 0xAD96),
-    bn_pack4(0x6916, 0x3FA8, 0xFD24, 0xCF5F),
-    bn_pack4(0x98DA, 0x4836, 0x1C55, 0xD39A),
-    bn_pack4(0xC200, 0x7CB8, 0xA163, 0xBF05),
-    bn_pack4(0x4928, 0x6651, 0xECE4, 0x5B3D),
-    bn_pack4(0xAE9F, 0x2411, 0x7C4B, 0x1FE6),
-    bn_pack4(0xEE38, 0x6BFB, 0x5A89, 0x9FA5),
-    bn_pack4(0x0BFF, 0x5CB6, 0xF406, 0xB7ED),
-    bn_pack4(0xF44C, 0x42E9, 0xA637, 0xED6B),
-    bn_pack4(0xE485, 0xB576, 0x625E, 0x7EC6),
-    bn_pack4(0x4FE1, 0x356D, 0x6D51, 0xC245),
-    bn_pack4(0x302B, 0x0A6D, 0xF25F, 0x1437),
-    bn_pack4(0xEF95, 0x19B3, 0xCD3A, 0x431B),
-    bn_pack4(0x514A, 0x0879, 0x8E34, 0x04DD),
-    bn_pack4(0x020B, 0xBEA6, 0x3B13, 0x9B22),
-    bn_pack4(0x2902, 0x4E08, 0x8A67, 0xCC74),
-    bn_pack4(0xC4C6, 0x628B, 0x80DC, 0x1CD1),
-    bn_pack4(0xC90F, 0xDAA2, 0x2168, 0xC234),
-    bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF)
-};
-
-static BIGNUM bn_group_3072 = {
-    bn_group_3072_value,
-    (sizeof bn_group_3072_value) / sizeof(BN_ULONG),
-    (sizeof bn_group_3072_value) / sizeof(BN_ULONG),
-    0,
-    BN_FLG_STATIC_DATA
-};
-
-static BN_ULONG bn_group_4096_value[] = {
-    bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF),
-    bn_pack4(0x4DF4, 0x35C9, 0x3406, 0x3199),
-    bn_pack4(0x86FF, 0xB7DC, 0x90A6, 0xC08F),
-    bn_pack4(0x93B4, 0xEA98, 0x8D8F, 0xDDC1),
-    bn_pack4(0xD006, 0x9127, 0xD5B0, 0x5AA9),
-    bn_pack4(0xB81B, 0xDD76, 0x2170, 0x481C),
-    bn_pack4(0x1F61, 0x2970, 0xCEE2, 0xD7AF),
-    bn_pack4(0x233B, 0xA186, 0x515B, 0xE7ED),
-    bn_pack4(0x99B2, 0x964F, 0xA090, 0xC3A2),
-    bn_pack4(0x287C, 0x5947, 0x4E6B, 0xC05D),
-    bn_pack4(0x2E8E, 0xFC14, 0x1FBE, 0xCAA6),
-    bn_pack4(0xDBBB, 0xC2DB, 0x04DE, 0x8EF9),
-    bn_pack4(0x2583, 0xE9CA, 0x2AD4, 0x4CE8),
-    bn_pack4(0x1A94, 0x6834, 0xB615, 0x0BDA),
-    bn_pack4(0x99C3, 0x2718, 0x6AF4, 0xE23C),
-    bn_pack4(0x8871, 0x9A10, 0xBDBA, 0x5B26),
-    bn_pack4(0x1A72, 0x3C12, 0xA787, 0xE6D7),
-    bn_pack4(0x4B82, 0xD120, 0xA921, 0x0801),
-    bn_pack4(0x43DB, 0x5BFC, 0xE0FD, 0x108E),
-    bn_pack4(0x08E2, 0x4FA0, 0x74E5, 0xAB31),
-    bn_pack4(0x7709, 0x88C0, 0xBAD9, 0x46E2),
-    bn_pack4(0xBBE1, 0x1757, 0x7A61, 0x5D6C),
-    bn_pack4(0x521F, 0x2B18, 0x177B, 0x200C),
-    bn_pack4(0xD876, 0x0273, 0x3EC8, 0x6A64),
-    bn_pack4(0xF12F, 0xFA06, 0xD98A, 0x0864),
-    bn_pack4(0xCEE3, 0xD226, 0x1AD2, 0xEE6B),
-    bn_pack4(0x1E8C, 0x94E0, 0x4A25, 0x619D),
-    bn_pack4(0xABF5, 0xAE8C, 0xDB09, 0x33D7),
-    bn_pack4(0xB397, 0x0F85, 0xA6E1, 0xE4C7),
-    bn_pack4(0x8AEA, 0x7157, 0x5D06, 0x0C7D),
-    bn_pack4(0xECFB, 0x8504, 0x58DB, 0xEF0A),
-    bn_pack4(0xA855, 0x21AB, 0xDF1C, 0xBA64),
-    bn_pack4(0xAD33, 0x170D, 0x0450, 0x7A33),
-    bn_pack4(0x1572, 0x8E5A, 0x8AAA, 0xC42D),
-    bn_pack4(0x15D2, 0x2618, 0x98FA, 0x0510),
-    bn_pack4(0x3995, 0x497C, 0xEA95, 0x6AE5),
-    bn_pack4(0xDE2B, 0xCBF6, 0x9558, 0x1718),
-    bn_pack4(0xB5C5, 0x5DF0, 0x6F4C, 0x52C9),
-    bn_pack4(0x9B27, 0x83A2, 0xEC07, 0xA28F),
-    bn_pack4(0xE39E, 0x772C, 0x180E, 0x8603),
-    bn_pack4(0x3290, 0x5E46, 0x2E36, 0xCE3B),
-    bn_pack4(0xF174, 0x6C08, 0xCA18, 0x217C),
-    bn_pack4(0x670C, 0x354E, 0x4ABC, 0x9804),
-    bn_pack4(0x9ED5, 0x2907, 0x7096, 0x966D),
-    bn_pack4(0x1C62, 0xF356, 0x2085, 0x52BB),
-    bn_pack4(0x8365, 0x5D23, 0xDCA3, 0xAD96),
-    bn_pack4(0x6916, 0x3FA8, 0xFD24, 0xCF5F),
-    bn_pack4(0x98DA, 0x4836, 0x1C55, 0xD39A),
-    bn_pack4(0xC200, 0x7CB8, 0xA163, 0xBF05),
-    bn_pack4(0x4928, 0x6651, 0xECE4, 0x5B3D),
-    bn_pack4(0xAE9F, 0x2411, 0x7C4B, 0x1FE6),
-    bn_pack4(0xEE38, 0x6BFB, 0x5A89, 0x9FA5),
-    bn_pack4(0x0BFF, 0x5CB6, 0xF406, 0xB7ED),
-    bn_pack4(0xF44C, 0x42E9, 0xA637, 0xED6B),
-    bn_pack4(0xE485, 0xB576, 0x625E, 0x7EC6),
-    bn_pack4(0x4FE1, 0x356D, 0x6D51, 0xC245),
-    bn_pack4(0x302B, 0x0A6D, 0xF25F, 0x1437),
-    bn_pack4(0xEF95, 0x19B3, 0xCD3A, 0x431B),
-    bn_pack4(0x514A, 0x0879, 0x8E34, 0x04DD),
-    bn_pack4(0x020B, 0xBEA6, 0x3B13, 0x9B22),
-    bn_pack4(0x2902, 0x4E08, 0x8A67, 0xCC74),
-    bn_pack4(0xC4C6, 0x628B, 0x80DC, 0x1CD1),
-    bn_pack4(0xC90F, 0xDAA2, 0x2168, 0xC234),
-    bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF)
-};
-
-static BIGNUM bn_group_4096 = {
-    bn_group_4096_value,
-    (sizeof bn_group_4096_value) / sizeof(BN_ULONG),
-    (sizeof bn_group_4096_value) / sizeof(BN_ULONG),
-    0,
-    BN_FLG_STATIC_DATA
-};
-
-static BN_ULONG bn_group_6144_value[] = {
-    bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF),
-    bn_pack4(0xE694, 0xF91E, 0x6DCC, 0x4024),
-    bn_pack4(0x12BF, 0x2D5B, 0x0B74, 0x74D6),
-    bn_pack4(0x043E, 0x8F66, 0x3F48, 0x60EE),
-    bn_pack4(0x387F, 0xE8D7, 0x6E3C, 0x0468),
-    bn_pack4(0xDA56, 0xC9EC, 0x2EF2, 0x9632),
-    bn_pack4(0xEB19, 0xCCB1, 0xA313, 0xD55C),
-    bn_pack4(0xF550, 0xAA3D, 0x8A1F, 0xBFF0),
-    bn_pack4(0x06A1, 0xD58B, 0xB7C5, 0xDA76),
-    bn_pack4(0xA797, 0x15EE, 0xF29B, 0xE328),
-    bn_pack4(0x14CC, 0x5ED2, 0x0F80, 0x37E0),
-    bn_pack4(0xCC8F, 0x6D7E, 0xBF48, 0xE1D8),
-    bn_pack4(0x4BD4, 0x07B2, 0x2B41, 0x54AA),
-    bn_pack4(0x0F1D, 0x45B7, 0xFF58, 0x5AC5),
-    bn_pack4(0x23A9, 0x7A7E, 0x36CC, 0x88BE),
-    bn_pack4(0x59E7, 0xC97F, 0xBEC7, 0xE8F3),
-    bn_pack4(0xB5A8, 0x4031, 0x900B, 0x1C9E),
-    bn_pack4(0xD55E, 0x702F, 0x4698, 0x0C82),
-    bn_pack4(0xF482, 0xD7CE, 0x6E74, 0xFEF6),
-    bn_pack4(0xF032, 0xEA15, 0xD172, 0x1D03),
-    bn_pack4(0x5983, 0xCA01, 0xC64B, 0x92EC),
-    bn_pack4(0x6FB8, 0xF401, 0x378C, 0xD2BF),
-    bn_pack4(0x3320, 0x5151, 0x2BD7, 0xAF42),
-    bn_pack4(0xDB7F, 0x1447, 0xE6CC, 0x254B),
-    bn_pack4(0x44CE, 0x6CBA, 0xCED4, 0xBB1B),
-    bn_pack4(0xDA3E, 0xDBEB, 0xCF9B, 0x14ED),
-    bn_pack4(0x1797, 0x27B0, 0x865A, 0x8918),
-    bn_pack4(0xB06A, 0x53ED, 0x9027, 0xD831),
-    bn_pack4(0xE5DB, 0x382F, 0x4130, 0x01AE),
-    bn_pack4(0xF8FF, 0x9406, 0xAD9E, 0x530E),
-    bn_pack4(0xC975, 0x1E76, 0x3DBA, 0x37BD),
-    bn_pack4(0xC1D4, 0xDCB2, 0x6026, 0x46DE),
-    bn_pack4(0x36C3, 0xFAB4, 0xD27C, 0x7026),
-    bn_pack4(0x4DF4, 0x35C9, 0x3402, 0x8492),
-    bn_pack4(0x86FF, 0xB7DC, 0x90A6, 0xC08F),
-    bn_pack4(0x93B4, 0xEA98, 0x8D8F, 0xDDC1),
-    bn_pack4(0xD006, 0x9127, 0xD5B0, 0x5AA9),
-    bn_pack4(0xB81B, 0xDD76, 0x2170, 0x481C),
-    bn_pack4(0x1F61, 0x2970, 0xCEE2, 0xD7AF),
-    bn_pack4(0x233B, 0xA186, 0x515B, 0xE7ED),
-    bn_pack4(0x99B2, 0x964F, 0xA090, 0xC3A2),
-    bn_pack4(0x287C, 0x5947, 0x4E6B, 0xC05D),
-    bn_pack4(0x2E8E, 0xFC14, 0x1FBE, 0xCAA6),
-    bn_pack4(0xDBBB, 0xC2DB, 0x04DE, 0x8EF9),
-    bn_pack4(0x2583, 0xE9CA, 0x2AD4, 0x4CE8),
-    bn_pack4(0x1A94, 0x6834, 0xB615, 0x0BDA),
-    bn_pack4(0x99C3, 0x2718, 0x6AF4, 0xE23C),
-    bn_pack4(0x8871, 0x9A10, 0xBDBA, 0x5B26),
-    bn_pack4(0x1A72, 0x3C12, 0xA787, 0xE6D7),
-    bn_pack4(0x4B82, 0xD120, 0xA921, 0x0801),
-    bn_pack4(0x43DB, 0x5BFC, 0xE0FD, 0x108E),
-    bn_pack4(0x08E2, 0x4FA0, 0x74E5, 0xAB31),
-    bn_pack4(0x7709, 0x88C0, 0xBAD9, 0x46E2),
-    bn_pack4(0xBBE1, 0x1757, 0x7A61, 0x5D6C),
-    bn_pack4(0x521F, 0x2B18, 0x177B, 0x200C),
-    bn_pack4(0xD876, 0x0273, 0x3EC8, 0x6A64),
-    bn_pack4(0xF12F, 0xFA06, 0xD98A, 0x0864),
-    bn_pack4(0xCEE3, 0xD226, 0x1AD2, 0xEE6B),
-    bn_pack4(0x1E8C, 0x94E0, 0x4A25, 0x619D),
-    bn_pack4(0xABF5, 0xAE8C, 0xDB09, 0x33D7),
-    bn_pack4(0xB397, 0x0F85, 0xA6E1, 0xE4C7),
-    bn_pack4(0x8AEA, 0x7157, 0x5D06, 0x0C7D),
-    bn_pack4(0xECFB, 0x8504, 0x58DB, 0xEF0A),
-    bn_pack4(0xA855, 0x21AB, 0xDF1C, 0xBA64),
-    bn_pack4(0xAD33, 0x170D, 0x0450, 0x7A33),
-    bn_pack4(0x1572, 0x8E5A, 0x8AAA, 0xC42D),
-    bn_pack4(0x15D2, 0x2618, 0x98FA, 0x0510),
-    bn_pack4(0x3995, 0x497C, 0xEA95, 0x6AE5),
-    bn_pack4(0xDE2B, 0xCBF6, 0x9558, 0x1718),
-    bn_pack4(0xB5C5, 0x5DF0, 0x6F4C, 0x52C9),
-    bn_pack4(0x9B27, 0x83A2, 0xEC07, 0xA28F),
-    bn_pack4(0xE39E, 0x772C, 0x180E, 0x8603),
-    bn_pack4(0x3290, 0x5E46, 0x2E36, 0xCE3B),
-    bn_pack4(0xF174, 0x6C08, 0xCA18, 0x217C),
-    bn_pack4(0x670C, 0x354E, 0x4ABC, 0x9804),
-    bn_pack4(0x9ED5, 0x2907, 0x7096, 0x966D),
-    bn_pack4(0x1C62, 0xF356, 0x2085, 0x52BB),
-    bn_pack4(0x8365, 0x5D23, 0xDCA3, 0xAD96),
-    bn_pack4(0x6916, 0x3FA8, 0xFD24, 0xCF5F),
-    bn_pack4(0x98DA, 0x4836, 0x1C55, 0xD39A),
-    bn_pack4(0xC200, 0x7CB8, 0xA163, 0xBF05),
-    bn_pack4(0x4928, 0x6651, 0xECE4, 0x5B3D),
-    bn_pack4(0xAE9F, 0x2411, 0x7C4B, 0x1FE6),
-    bn_pack4(0xEE38, 0x6BFB, 0x5A89, 0x9FA5),
-    bn_pack4(0x0BFF, 0x5CB6, 0xF406, 0xB7ED),
-    bn_pack4(0xF44C, 0x42E9, 0xA637, 0xED6B),
-    bn_pack4(0xE485, 0xB576, 0x625E, 0x7EC6),
-    bn_pack4(0x4FE1, 0x356D, 0x6D51, 0xC245),
-    bn_pack4(0x302B, 0x0A6D, 0xF25F, 0x1437),
-    bn_pack4(0xEF95, 0x19B3, 0xCD3A, 0x431B),
-    bn_pack4(0x514A, 0x0879, 0x8E34, 0x04DD),
-    bn_pack4(0x020B, 0xBEA6, 0x3B13, 0x9B22),
-    bn_pack4(0x2902, 0x4E08, 0x8A67, 0xCC74),
-    bn_pack4(0xC4C6, 0x628B, 0x80DC, 0x1CD1),
-    bn_pack4(0xC90F, 0xDAA2, 0x2168, 0xC234),
-    bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF)
-};
-
-static BIGNUM bn_group_6144 = {
-    bn_group_6144_value,
-    (sizeof bn_group_6144_value) / sizeof(BN_ULONG),
-    (sizeof bn_group_6144_value) / sizeof(BN_ULONG),
-    0,
-    BN_FLG_STATIC_DATA
-};
-
-static BN_ULONG bn_group_8192_value[] = {
-    bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF),
-    bn_pack4(0x60C9, 0x80DD, 0x98ED, 0xD3DF),
-    bn_pack4(0xC81F, 0x56E8, 0x80B9, 0x6E71),
-    bn_pack4(0x9E30, 0x50E2, 0x7656, 0x94DF),
-    bn_pack4(0x9558, 0xE447, 0x5677, 0xE9AA),
-    bn_pack4(0xC919, 0x0DA6, 0xFC02, 0x6E47),
-    bn_pack4(0x889A, 0x002E, 0xD5EE, 0x382B),
-    bn_pack4(0x4009, 0x438B, 0x481C, 0x6CD7),
-    bn_pack4(0x3590, 0x46F4, 0xEB87, 0x9F92),
-    bn_pack4(0xFAF3, 0x6BC3, 0x1ECF, 0xA268),
-    bn_pack4(0xB1D5, 0x10BD, 0x7EE7, 0x4D73),
-    bn_pack4(0xF9AB, 0x4819, 0x5DED, 0x7EA1),
-    bn_pack4(0x64F3, 0x1CC5, 0x0846, 0x851D),
-    bn_pack4(0x4597, 0xE899, 0xA025, 0x5DC1),
-    bn_pack4(0xDF31, 0x0EE0, 0x74AB, 0x6A36),
-    bn_pack4(0x6D2A, 0x13F8, 0x3F44, 0xF82D),
-    bn_pack4(0x062B, 0x3CF5, 0xB3A2, 0x78A6),
-    bn_pack4(0x7968, 0x3303, 0xED5B, 0xDD3A),
-    bn_pack4(0xFA9D, 0x4B7F, 0xA2C0, 0x87E8),
-    bn_pack4(0x4BCB, 0xC886, 0x2F83, 0x85DD),
-    bn_pack4(0x3473, 0xFC64, 0x6CEA, 0x306B),
-    bn_pack4(0x13EB, 0x57A8, 0x1A23, 0xF0C7),
-    bn_pack4(0x2222, 0x2E04, 0xA403, 0x7C07),
-    bn_pack4(0xE3FD, 0xB8BE, 0xFC84, 0x8AD9),
-    bn_pack4(0x238F, 0x16CB, 0xE39D, 0x652D),
-    bn_pack4(0x3423, 0xB474, 0x2BF1, 0xC978),
-    bn_pack4(0x3AAB, 0x639C, 0x5AE4, 0xF568),
-    bn_pack4(0x2576, 0xF693, 0x6BA4, 0x2466),
-    bn_pack4(0x741F, 0xA7BF, 0x8AFC, 0x47ED),
-    bn_pack4(0x3BC8, 0x32B6, 0x8D9D, 0xD300),
-    bn_pack4(0xD8BE, 0xC4D0, 0x73B9, 0x31BA),
-    bn_pack4(0x3877, 0x7CB6, 0xA932, 0xDF8C),
-    bn_pack4(0x74A3, 0x926F, 0x12FE, 0xE5E4),
-    bn_pack4(0xE694, 0xF91E, 0x6DBE, 0x1159),
-    bn_pack4(0x12BF, 0x2D5B, 0x0B74, 0x74D6),
-    bn_pack4(0x043E, 0x8F66, 0x3F48, 0x60EE),
-    bn_pack4(0x387F, 0xE8D7, 0x6E3C, 0x0468),
-    bn_pack4(0xDA56, 0xC9EC, 0x2EF2, 0x9632),
-    bn_pack4(0xEB19, 0xCCB1, 0xA313, 0xD55C),
-    bn_pack4(0xF550, 0xAA3D, 0x8A1F, 0xBFF0),
-    bn_pack4(0x06A1, 0xD58B, 0xB7C5, 0xDA76),
-    bn_pack4(0xA797, 0x15EE, 0xF29B, 0xE328),
-    bn_pack4(0x14CC, 0x5ED2, 0x0F80, 0x37E0),
-    bn_pack4(0xCC8F, 0x6D7E, 0xBF48, 0xE1D8),
-    bn_pack4(0x4BD4, 0x07B2, 0x2B41, 0x54AA),
-    bn_pack4(0x0F1D, 0x45B7, 0xFF58, 0x5AC5),
-    bn_pack4(0x23A9, 0x7A7E, 0x36CC, 0x88BE),
-    bn_pack4(0x59E7, 0xC97F, 0xBEC7, 0xE8F3),
-    bn_pack4(0xB5A8, 0x4031, 0x900B, 0x1C9E),
-    bn_pack4(0xD55E, 0x702F, 0x4698, 0x0C82),
-    bn_pack4(0xF482, 0xD7CE, 0x6E74, 0xFEF6),
-    bn_pack4(0xF032, 0xEA15, 0xD172, 0x1D03),
-    bn_pack4(0x5983, 0xCA01, 0xC64B, 0x92EC),
-    bn_pack4(0x6FB8, 0xF401, 0x378C, 0xD2BF),
-    bn_pack4(0x3320, 0x5151, 0x2BD7, 0xAF42),
-    bn_pack4(0xDB7F, 0x1447, 0xE6CC, 0x254B),
-    bn_pack4(0x44CE, 0x6CBA, 0xCED4, 0xBB1B),
-    bn_pack4(0xDA3E, 0xDBEB, 0xCF9B, 0x14ED),
-    bn_pack4(0x1797, 0x27B0, 0x865A, 0x8918),
-    bn_pack4(0xB06A, 0x53ED, 0x9027, 0xD831),
-    bn_pack4(0xE5DB, 0x382F, 0x4130, 0x01AE),
-    bn_pack4(0xF8FF, 0x9406, 0xAD9E, 0x530E),
-    bn_pack4(0xC975, 0x1E76, 0x3DBA, 0x37BD),
-    bn_pack4(0xC1D4, 0xDCB2, 0x6026, 0x46DE),
-    bn_pack4(0x36C3, 0xFAB4, 0xD27C, 0x7026),
-    bn_pack4(0x4DF4, 0x35C9, 0x3402, 0x8492),
-    bn_pack4(0x86FF, 0xB7DC, 0x90A6, 0xC08F),
-    bn_pack4(0x93B4, 0xEA98, 0x8D8F, 0xDDC1),
-    bn_pack4(0xD006, 0x9127, 0xD5B0, 0x5AA9),
-    bn_pack4(0xB81B, 0xDD76, 0x2170, 0x481C),
-    bn_pack4(0x1F61, 0x2970, 0xCEE2, 0xD7AF),
-    bn_pack4(0x233B, 0xA186, 0x515B, 0xE7ED),
-    bn_pack4(0x99B2, 0x964F, 0xA090, 0xC3A2),
-    bn_pack4(0x287C, 0x5947, 0x4E6B, 0xC05D),
-    bn_pack4(0x2E8E, 0xFC14, 0x1FBE, 0xCAA6),
-    bn_pack4(0xDBBB, 0xC2DB, 0x04DE, 0x8EF9),
-    bn_pack4(0x2583, 0xE9CA, 0x2AD4, 0x4CE8),
-    bn_pack4(0x1A94, 0x6834, 0xB615, 0x0BDA),
-    bn_pack4(0x99C3, 0x2718, 0x6AF4, 0xE23C),
-    bn_pack4(0x8871, 0x9A10, 0xBDBA, 0x5B26),
-    bn_pack4(0x1A72, 0x3C12, 0xA787, 0xE6D7),
-    bn_pack4(0x4B82, 0xD120, 0xA921, 0x0801),
-    bn_pack4(0x43DB, 0x5BFC, 0xE0FD, 0x108E),
-    bn_pack4(0x08E2, 0x4FA0, 0x74E5, 0xAB31),
-    bn_pack4(0x7709, 0x88C0, 0xBAD9, 0x46E2),
-    bn_pack4(0xBBE1, 0x1757, 0x7A61, 0x5D6C),
-    bn_pack4(0x521F, 0x2B18, 0x177B, 0x200C),
-    bn_pack4(0xD876, 0x0273, 0x3EC8, 0x6A64),
-    bn_pack4(0xF12F, 0xFA06, 0xD98A, 0x0864),
-    bn_pack4(0xCEE3, 0xD226, 0x1AD2, 0xEE6B),
-    bn_pack4(0x1E8C, 0x94E0, 0x4A25, 0x619D),
-    bn_pack4(0xABF5, 0xAE8C, 0xDB09, 0x33D7),
-    bn_pack4(0xB397, 0x0F85, 0xA6E1, 0xE4C7),
-    bn_pack4(0x8AEA, 0x7157, 0x5D06, 0x0C7D),
-    bn_pack4(0xECFB, 0x8504, 0x58DB, 0xEF0A),
-    bn_pack4(0xA855, 0x21AB, 0xDF1C, 0xBA64),
-    bn_pack4(0xAD33, 0x170D, 0x0450, 0x7A33),
-    bn_pack4(0x1572, 0x8E5A, 0x8AAA, 0xC42D),
-    bn_pack4(0x15D2, 0x2618, 0x98FA, 0x0510),
-    bn_pack4(0x3995, 0x497C, 0xEA95, 0x6AE5),
-    bn_pack4(0xDE2B, 0xCBF6, 0x9558, 0x1718),
-    bn_pack4(0xB5C5, 0x5DF0, 0x6F4C, 0x52C9),
-    bn_pack4(0x9B27, 0x83A2, 0xEC07, 0xA28F),
-    bn_pack4(0xE39E, 0x772C, 0x180E, 0x8603),
-    bn_pack4(0x3290, 0x5E46, 0x2E36, 0xCE3B),
-    bn_pack4(0xF174, 0x6C08, 0xCA18, 0x217C),
-    bn_pack4(0x670C, 0x354E, 0x4ABC, 0x9804),
-    bn_pack4(0x9ED5, 0x2907, 0x7096, 0x966D),
-    bn_pack4(0x1C62, 0xF356, 0x2085, 0x52BB),
-    bn_pack4(0x8365, 0x5D23, 0xDCA3, 0xAD96),
-    bn_pack4(0x6916, 0x3FA8, 0xFD24, 0xCF5F),
-    bn_pack4(0x98DA, 0x4836, 0x1C55, 0xD39A),
-    bn_pack4(0xC200, 0x7CB8, 0xA163, 0xBF05),
-    bn_pack4(0x4928, 0x6651, 0xECE4, 0x5B3D),
-    bn_pack4(0xAE9F, 0x2411, 0x7C4B, 0x1FE6),
-    bn_pack4(0xEE38, 0x6BFB, 0x5A89, 0x9FA5),
-    bn_pack4(0x0BFF, 0x5CB6, 0xF406, 0xB7ED),
-    bn_pack4(0xF44C, 0x42E9, 0xA637, 0xED6B),
-    bn_pack4(0xE485, 0xB576, 0x625E, 0x7EC6),
-    bn_pack4(0x4FE1, 0x356D, 0x6D51, 0xC245),
-    bn_pack4(0x302B, 0x0A6D, 0xF25F, 0x1437),
-    bn_pack4(0xEF95, 0x19B3, 0xCD3A, 0x431B),
-    bn_pack4(0x514A, 0x0879, 0x8E34, 0x04DD),
-    bn_pack4(0x020B, 0xBEA6, 0x3B13, 0x9B22),
-    bn_pack4(0x2902, 0x4E08, 0x8A67, 0xCC74),
-    bn_pack4(0xC4C6, 0x628B, 0x80DC, 0x1CD1),
-    bn_pack4(0xC90F, 0xDAA2, 0x2168, 0xC234),
-    bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF)
-};
-
-static BIGNUM bn_group_8192 = {
-    bn_group_8192_value,
-    (sizeof bn_group_8192_value) / sizeof(BN_ULONG),
-    (sizeof bn_group_8192_value) / sizeof(BN_ULONG),
-    0,
-    BN_FLG_STATIC_DATA
-};
-
-static BN_ULONG bn_generator_19_value[] = { 19 };
-
-static BIGNUM bn_generator_19 = {
-    bn_generator_19_value,
-    1,
-    1,
-    0,
-    BN_FLG_STATIC_DATA
-};
-static BN_ULONG bn_generator_5_value[] = { 5 };
-
-static BIGNUM bn_generator_5 = {
-    bn_generator_5_value,
-    1,
-    1,
-    0,
-    BN_FLG_STATIC_DATA
-};
-static BN_ULONG bn_generator_2_value[] = { 2 };
-
-static BIGNUM bn_generator_2 = {
-    bn_generator_2_value,
-    1,
-    1,
-    0,
-    BN_FLG_STATIC_DATA
-};
-
-static SRP_gN knowngN[] = {
-    {"8192", &bn_generator_19, &bn_group_8192},
-    {"6144", &bn_generator_5, &bn_group_6144},
-    {"4096", &bn_generator_5, &bn_group_4096},
-    {"3072", &bn_generator_5, &bn_group_3072},
-    {"2048", &bn_generator_2, &bn_group_2048},
-    {"1536", &bn_generator_2, &bn_group_1536},
-    {"1024", &bn_generator_2, &bn_group_1024},
-};
-
-#define KNOWN_GN_NUMBER sizeof(knowngN) / sizeof(SRP_gN)
-
-/* end of generated data */
diff --git a/thirdparty/openssl/crypto/srp/srp_lcl.h b/thirdparty/openssl/crypto/srp/srp_lcl.h
deleted file mode 100644
index 9a7fce1b4c..0000000000
--- a/thirdparty/openssl/crypto/srp/srp_lcl.h
+++ /dev/null
@@ -1,84 +0,0 @@
-/* crypto/srp/srp_lcl.h */
-/*
- * Written by Peter Sylvester (peter.sylvester@edelweb.fr) for the EdelKey
- * project and contributed to the OpenSSL project 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef HEADER_SRP_LCL_H
-# define HEADER_SRP_LCL_H
-
-# include <openssl/srp.h>
-# include <openssl/sha.h>
-
-# if 0
-#  define srp_bn_print(a) {fprintf(stderr, #a "="); BN_print_fp(stderr,a); \
-   fprintf(stderr,"\n");}
-# else
-#  define   srp_bn_print(a)
-# endif
-
-
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/crypto/srp/srp_lib.c b/thirdparty/openssl/crypto/srp/srp_lib.c
deleted file mode 100644
index 6df3b1cee7..0000000000
--- a/thirdparty/openssl/crypto/srp/srp_lib.c
+++ /dev/null
@@ -1,363 +0,0 @@
-/* crypto/srp/srp_lib.c */
-/*
- * Written by Christophe Renou (christophe.renou@edelweb.fr) with the
- * precious help of Peter Sylvester (peter.sylvester@edelweb.fr) for the
- * EdelKey project and contributed to the OpenSSL project 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef OPENSSL_NO_SRP
-# include "cryptlib.h"
-# include "srp_lcl.h"
-# include <openssl/srp.h>
-# include <openssl/evp.h>
-
-# if (BN_BYTES == 8)
-#  if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
-#   define bn_pack4(a1,a2,a3,a4) ((a1##UI64<<48)|(a2##UI64<<32)|(a3##UI64<<16)|a4##UI64)
-#  elif defined(__arch64__)
-#   define bn_pack4(a1,a2,a3,a4) ((a1##UL<<48)|(a2##UL<<32)|(a3##UL<<16)|a4##UL)
-#  else
-#   define bn_pack4(a1,a2,a3,a4) ((a1##ULL<<48)|(a2##ULL<<32)|(a3##ULL<<16)|a4##ULL)
-#  endif
-# elif (BN_BYTES == 4)
-#  define bn_pack4(a1,a2,a3,a4)  ((a3##UL<<16)|a4##UL), ((a1##UL<<16)|a2##UL)
-# else
-#  error "unsupported BN_BYTES"
-# endif
-
-# include "srp_grps.h"
-
-static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g)
-{
-    /* k = SHA1(N | PAD(g)) -- tls-srp draft 8 */
-
-    unsigned char digest[SHA_DIGEST_LENGTH];
-    unsigned char *tmp;
-    EVP_MD_CTX ctxt;
-    int longg;
-    int longN = BN_num_bytes(N);
-
-    if (BN_ucmp(g, N) >= 0)
-        return NULL;
-
-    if ((tmp = OPENSSL_malloc(longN)) == NULL)
-        return NULL;
-    BN_bn2bin(N, tmp);
-
-    EVP_MD_CTX_init(&ctxt);
-    EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
-    EVP_DigestUpdate(&ctxt, tmp, longN);
-
-    memset(tmp, 0, longN);
-    longg = BN_bn2bin(g, tmp);
-    /* use the zeros behind to pad on left */
-    EVP_DigestUpdate(&ctxt, tmp + longg, longN - longg);
-    EVP_DigestUpdate(&ctxt, tmp, longg);
-    OPENSSL_free(tmp);
-
-    EVP_DigestFinal_ex(&ctxt, digest, NULL);
-    EVP_MD_CTX_cleanup(&ctxt);
-    return BN_bin2bn(digest, sizeof(digest), NULL);
-}
-
-BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N)
-{
-    /* k = SHA1(PAD(A) || PAD(B) ) -- tls-srp draft 8 */
-
-    BIGNUM *u;
-    unsigned char cu[SHA_DIGEST_LENGTH];
-    unsigned char *cAB;
-    EVP_MD_CTX ctxt;
-    int longN;
-    if ((A == NULL) || (B == NULL) || (N == NULL))
-        return NULL;
-
-    if (BN_ucmp(A, N) >= 0 || BN_ucmp(B, N) >= 0)
-        return NULL;
-
-    longN = BN_num_bytes(N);
-
-    if ((cAB = OPENSSL_malloc(2 * longN)) == NULL)
-        return NULL;
-
-    memset(cAB, 0, longN);
-
-    EVP_MD_CTX_init(&ctxt);
-    EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
-    EVP_DigestUpdate(&ctxt, cAB + BN_bn2bin(A, cAB + longN), longN);
-    EVP_DigestUpdate(&ctxt, cAB + BN_bn2bin(B, cAB + longN), longN);
-    OPENSSL_free(cAB);
-    EVP_DigestFinal_ex(&ctxt, cu, NULL);
-    EVP_MD_CTX_cleanup(&ctxt);
-
-    if (!(u = BN_bin2bn(cu, sizeof(cu), NULL)))
-        return NULL;
-    if (!BN_is_zero(u))
-        return u;
-    BN_free(u);
-    return NULL;
-}
-
-BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b,
-                            BIGNUM *N)
-{
-    BIGNUM *tmp = NULL, *S = NULL;
-    BN_CTX *bn_ctx;
-
-    if (u == NULL || A == NULL || v == NULL || b == NULL || N == NULL)
-        return NULL;
-
-    if ((bn_ctx = BN_CTX_new()) == NULL || (tmp = BN_new()) == NULL)
-        goto err;
-
-    /* S = (A*v**u) ** b */
-
-    if (!BN_mod_exp(tmp, v, u, N, bn_ctx))
-        goto err;
-    if (!BN_mod_mul(tmp, A, tmp, N, bn_ctx))
-        goto err;
-
-    S = BN_new();
-    if (S != NULL && !BN_mod_exp(S, tmp, b, N, bn_ctx)) {
-        BN_free(S);
-        S = NULL;
-    }
- err:
-    BN_CTX_free(bn_ctx);
-    BN_clear_free(tmp);
-    return S;
-}
-
-BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v)
-{
-    BIGNUM *kv = NULL, *gb = NULL;
-    BIGNUM *B = NULL, *k = NULL;
-    BN_CTX *bn_ctx;
-
-    if (b == NULL || N == NULL || g == NULL || v == NULL ||
-        (bn_ctx = BN_CTX_new()) == NULL)
-        return NULL;
-
-    if ((kv = BN_new()) == NULL ||
-        (gb = BN_new()) == NULL || (B = BN_new()) == NULL)
-        goto err;
-
-    /* B = g**b + k*v */
-
-    if (!BN_mod_exp(gb, g, b, N, bn_ctx) ||
-        !(k = srp_Calc_k(N, g)) ||
-        !BN_mod_mul(kv, v, k, N, bn_ctx) ||
-        !BN_mod_add(B, gb, kv, N, bn_ctx)) {
-        BN_free(B);
-        B = NULL;
-    }
- err:
-    BN_CTX_free(bn_ctx);
-    BN_clear_free(kv);
-    BN_clear_free(gb);
-    BN_free(k);
-    return B;
-}
-
-BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass)
-{
-    unsigned char dig[SHA_DIGEST_LENGTH];
-    EVP_MD_CTX ctxt;
-    unsigned char *cs;
-
-    if ((s == NULL) || (user == NULL) || (pass == NULL))
-        return NULL;
-
-    if ((cs = OPENSSL_malloc(BN_num_bytes(s))) == NULL)
-        return NULL;
-
-    EVP_MD_CTX_init(&ctxt);
-    EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
-    EVP_DigestUpdate(&ctxt, user, strlen(user));
-    EVP_DigestUpdate(&ctxt, ":", 1);
-    EVP_DigestUpdate(&ctxt, pass, strlen(pass));
-    EVP_DigestFinal_ex(&ctxt, dig, NULL);
-
-    EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
-    BN_bn2bin(s, cs);
-    EVP_DigestUpdate(&ctxt, cs, BN_num_bytes(s));
-    OPENSSL_free(cs);
-    EVP_DigestUpdate(&ctxt, dig, sizeof(dig));
-    EVP_DigestFinal_ex(&ctxt, dig, NULL);
-    EVP_MD_CTX_cleanup(&ctxt);
-
-    return BN_bin2bn(dig, sizeof(dig), NULL);
-}
-
-BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g)
-{
-    BN_CTX *bn_ctx;
-    BIGNUM *A = NULL;
-
-    if (a == NULL || N == NULL || g == NULL ||
-        (bn_ctx = BN_CTX_new()) == NULL)
-        return NULL;
-
-    if ((A = BN_new()) != NULL && !BN_mod_exp(A, g, a, N, bn_ctx)) {
-        BN_free(A);
-        A = NULL;
-    }
-    BN_CTX_free(bn_ctx);
-    return A;
-}
-
-BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x,
-                            BIGNUM *a, BIGNUM *u)
-{
-    BIGNUM *tmp = NULL, *tmp2 = NULL, *tmp3 = NULL, *k = NULL, *K = NULL;
-    BN_CTX *bn_ctx;
-
-    if (u == NULL || B == NULL || N == NULL || g == NULL || x == NULL
-        || a == NULL || (bn_ctx = BN_CTX_new()) == NULL)
-        return NULL;
-
-    if ((tmp = BN_new()) == NULL ||
-        (tmp2 = BN_new()) == NULL ||
-        (tmp3 = BN_new()) == NULL)
-        goto err;
-
-    if (!BN_mod_exp(tmp, g, x, N, bn_ctx))
-        goto err;
-    if (!(k = srp_Calc_k(N, g)))
-        goto err;
-    if (!BN_mod_mul(tmp2, tmp, k, N, bn_ctx))
-        goto err;
-    if (!BN_mod_sub(tmp, B, tmp2, N, bn_ctx))
-        goto err;
-
-    if (!BN_mul(tmp3, u, x, bn_ctx))
-        goto err;
-    if (!BN_add(tmp2, a, tmp3))
-        goto err;
-    K = BN_new();
-    if (K != NULL && !BN_mod_exp(K, tmp, tmp2, N, bn_ctx)) {
-        BN_free(K);
-        K = NULL;
-    }
-
- err:
-    BN_CTX_free(bn_ctx);
-    BN_clear_free(tmp);
-    BN_clear_free(tmp2);
-    BN_clear_free(tmp3);
-    BN_free(k);
-    return K;
-}
-
-int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N)
-{
-    BIGNUM *r;
-    BN_CTX *bn_ctx;
-    int ret = 0;
-
-    if (B == NULL || N == NULL || (bn_ctx = BN_CTX_new()) == NULL)
-        return 0;
-
-    if ((r = BN_new()) == NULL)
-        goto err;
-    /* Checks if B % N == 0 */
-    if (!BN_nnmod(r, B, N, bn_ctx))
-        goto err;
-    ret = !BN_is_zero(r);
- err:
-    BN_CTX_free(bn_ctx);
-    BN_free(r);
-    return ret;
-}
-
-int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N)
-{
-    /* Checks if A % N == 0 */
-    return SRP_Verify_B_mod_N(A, N);
-}
-
-/*
- * Check if G and N are kwown parameters. The values have been generated
- * from the ietf-tls-srp draft version 8
- */
-char *SRP_check_known_gN_param(BIGNUM *g, BIGNUM *N)
-{
-    size_t i;
-    if ((g == NULL) || (N == NULL))
-        return 0;
-
-    srp_bn_print(g);
-    srp_bn_print(N);
-
-    for (i = 0; i < KNOWN_GN_NUMBER; i++) {
-        if (BN_cmp(knowngN[i].g, g) == 0 && BN_cmp(knowngN[i].N, N) == 0)
-            return knowngN[i].id;
-    }
-    return NULL;
-}
-
-SRP_gN *SRP_get_default_gN(const char *id)
-{
-    size_t i;
-
-    if (id == NULL)
-        return knowngN;
-    for (i = 0; i < KNOWN_GN_NUMBER; i++) {
-        if (strcmp(knowngN[i].id, id) == 0)
-            return knowngN + i;
-    }
-    return NULL;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/srp/srp_vfy.c b/thirdparty/openssl/crypto/srp/srp_vfy.c
deleted file mode 100644
index c8bc7a94b2..0000000000
--- a/thirdparty/openssl/crypto/srp/srp_vfy.c
+++ /dev/null
@@ -1,727 +0,0 @@
-/* crypto/srp/srp_vfy.c */
-/*
- * Written by Christophe Renou (christophe.renou@edelweb.fr) with the
- * precious help of Peter Sylvester (peter.sylvester@edelweb.fr) for the
- * EdelKey project and contributed to the OpenSSL project 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef OPENSSL_NO_SRP
-# include "cryptlib.h"
-# include "srp_lcl.h"
-# include <openssl/srp.h>
-# include <openssl/evp.h>
-# include <openssl/buffer.h>
-# include <openssl/rand.h>
-# include <openssl/txt_db.h>
-
-# define SRP_RANDOM_SALT_LEN 20
-# define MAX_LEN 2500
-
-static char b64table[] =
-    "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz./";
-
-/*
- * the following two conversion routines have been inspired by code from
- * Stanford
- */
-
-/*
- * Convert a base64 string into raw byte array representation.
- */
-static int t_fromb64(unsigned char *a, size_t alen, const char *src)
-{
-    char *loc;
-    int i, j;
-    int size;
-
-    if (alen == 0 || alen > INT_MAX)
-        return -1;
-
-    while (*src && (*src == ' ' || *src == '\t' || *src == '\n'))
-        ++src;
-    size = strlen(src);
-    if (size < 0 || size >= (int)alen)
-        return -1;
-
-    i = 0;
-    while (i < size) {
-        loc = strchr(b64table, src[i]);
-        if (loc == (char *)0)
-            break;
-        else
-            a[i] = loc - b64table;
-        ++i;
-    }
-    /* if nothing valid to process we have a zero length response */
-    if (i == 0)
-        return 0;
-    size = i;
-    i = size - 1;
-    j = size;
-    while (1) {
-        a[j] = a[i];
-        if (--i < 0)
-            break;
-        a[j] |= (a[i] & 3) << 6;
-        --j;
-        a[j] = (unsigned char)((a[i] & 0x3c) >> 2);
-        if (--i < 0)
-            break;
-        a[j] |= (a[i] & 0xf) << 4;
-        --j;
-        a[j] = (unsigned char)((a[i] & 0x30) >> 4);
-        if (--i < 0)
-            break;
-        a[j] |= (a[i] << 2);
-
-        a[--j] = 0;
-        if (--i < 0)
-            break;
-    }
-    while (j <= size && a[j] == 0)
-        ++j;
-    i = 0;
-    while (j <= size)
-        a[i++] = a[j++];
-    return i;
-}
-
-/*
- * Convert a raw byte string into a null-terminated base64 ASCII string.
- */
-static char *t_tob64(char *dst, const unsigned char *src, int size)
-{
-    int c, pos = size % 3;
-    unsigned char b0 = 0, b1 = 0, b2 = 0, notleading = 0;
-    char *olddst = dst;
-
-    switch (pos) {
-    case 1:
-        b2 = src[0];
-        break;
-    case 2:
-        b1 = src[0];
-        b2 = src[1];
-        break;
-    }
-
-    while (1) {
-        c = (b0 & 0xfc) >> 2;
-        if (notleading || c != 0) {
-            *dst++ = b64table[c];
-            notleading = 1;
-        }
-        c = ((b0 & 3) << 4) | ((b1 & 0xf0) >> 4);
-        if (notleading || c != 0) {
-            *dst++ = b64table[c];
-            notleading = 1;
-        }
-        c = ((b1 & 0xf) << 2) | ((b2 & 0xc0) >> 6);
-        if (notleading || c != 0) {
-            *dst++ = b64table[c];
-            notleading = 1;
-        }
-        c = b2 & 0x3f;
-        if (notleading || c != 0) {
-            *dst++ = b64table[c];
-            notleading = 1;
-        }
-        if (pos >= size)
-            break;
-        else {
-            b0 = src[pos++];
-            b1 = src[pos++];
-            b2 = src[pos++];
-        }
-    }
-
-    *dst++ = '\0';
-    return olddst;
-}
-
-void SRP_user_pwd_free(SRP_user_pwd *user_pwd)
-{
-    if (user_pwd == NULL)
-        return;
-    BN_free(user_pwd->s);
-    BN_clear_free(user_pwd->v);
-    OPENSSL_free(user_pwd->id);
-    OPENSSL_free(user_pwd->info);
-    OPENSSL_free(user_pwd);
-}
-
-static SRP_user_pwd *SRP_user_pwd_new()
-{
-    SRP_user_pwd *ret = OPENSSL_malloc(sizeof(SRP_user_pwd));
-    if (ret == NULL)
-        return NULL;
-    ret->N = NULL;
-    ret->g = NULL;
-    ret->s = NULL;
-    ret->v = NULL;
-    ret->id = NULL;
-    ret->info = NULL;
-    return ret;
-}
-
-static void SRP_user_pwd_set_gN(SRP_user_pwd *vinfo, const BIGNUM *g,
-                                const BIGNUM *N)
-{
-    vinfo->N = N;
-    vinfo->g = g;
-}
-
-static int SRP_user_pwd_set_ids(SRP_user_pwd *vinfo, const char *id,
-                                const char *info)
-{
-    if (id != NULL && NULL == (vinfo->id = BUF_strdup(id)))
-        return 0;
-    return (info == NULL || NULL != (vinfo->info = BUF_strdup(info)));
-}
-
-static int SRP_user_pwd_set_sv(SRP_user_pwd *vinfo, const char *s,
-                               const char *v)
-{
-    unsigned char tmp[MAX_LEN];
-    int len;
-
-    vinfo->v = NULL;
-    vinfo->s = NULL;
-
-    len = t_fromb64(tmp, sizeof(tmp), v);
-    if (len < 0)
-        return 0;
-    if (NULL == (vinfo->v = BN_bin2bn(tmp, len, NULL)))
-        return 0;
-    len = t_fromb64(tmp, sizeof(tmp), s);
-    if (len < 0)
-        goto err;
-    vinfo->s = BN_bin2bn(tmp, len, NULL);
-    if (vinfo->s == NULL)
-        goto err;
-    return 1;
- err:
-    BN_free(vinfo->v);
-    vinfo->v = NULL;
-    return 0;
-}
-
-static int SRP_user_pwd_set_sv_BN(SRP_user_pwd *vinfo, BIGNUM *s, BIGNUM *v)
-{
-    vinfo->v = v;
-    vinfo->s = s;
-    return (vinfo->s != NULL && vinfo->v != NULL);
-}
-
-static SRP_user_pwd *srp_user_pwd_dup(SRP_user_pwd *src)
-{
-    SRP_user_pwd *ret;
-
-    if (src == NULL)
-        return NULL;
-    if ((ret = SRP_user_pwd_new()) == NULL)
-        return NULL;
-
-    SRP_user_pwd_set_gN(ret, src->g, src->N);
-    if (!SRP_user_pwd_set_ids(ret, src->id, src->info)
-        || !SRP_user_pwd_set_sv_BN(ret, BN_dup(src->s), BN_dup(src->v))) {
-            SRP_user_pwd_free(ret);
-            return NULL;
-    }
-    return ret;
-}
-
-SRP_VBASE *SRP_VBASE_new(char *seed_key)
-{
-    SRP_VBASE *vb = (SRP_VBASE *)OPENSSL_malloc(sizeof(SRP_VBASE));
-
-    if (vb == NULL)
-        return NULL;
-    if (!(vb->users_pwd = sk_SRP_user_pwd_new_null()) ||
-        !(vb->gN_cache = sk_SRP_gN_cache_new_null())) {
-        OPENSSL_free(vb);
-        return NULL;
-    }
-    vb->default_g = NULL;
-    vb->default_N = NULL;
-    vb->seed_key = NULL;
-    if ((seed_key != NULL) && (vb->seed_key = BUF_strdup(seed_key)) == NULL) {
-        sk_SRP_user_pwd_free(vb->users_pwd);
-        sk_SRP_gN_cache_free(vb->gN_cache);
-        OPENSSL_free(vb);
-        return NULL;
-    }
-    return vb;
-}
-
-int SRP_VBASE_free(SRP_VBASE *vb)
-{
-    sk_SRP_user_pwd_pop_free(vb->users_pwd, SRP_user_pwd_free);
-    sk_SRP_gN_cache_free(vb->gN_cache);
-    OPENSSL_free(vb->seed_key);
-    OPENSSL_free(vb);
-    return 0;
-}
-
-static SRP_gN_cache *SRP_gN_new_init(const char *ch)
-{
-    unsigned char tmp[MAX_LEN];
-    int len;
-
-    SRP_gN_cache *newgN =
-        (SRP_gN_cache *)OPENSSL_malloc(sizeof(SRP_gN_cache));
-    if (newgN == NULL)
-        return NULL;
-
-    len = t_fromb64(tmp, sizeof(tmp), ch);
-    if (len < 0)
-        goto err;
-
-    if ((newgN->b64_bn = BUF_strdup(ch)) == NULL)
-        goto err;
-
-    if ((newgN->bn = BN_bin2bn(tmp, len, NULL)))
-        return newgN;
-
-    OPENSSL_free(newgN->b64_bn);
- err:
-    OPENSSL_free(newgN);
-    return NULL;
-}
-
-static void SRP_gN_free(SRP_gN_cache *gN_cache)
-{
-    if (gN_cache == NULL)
-        return;
-    OPENSSL_free(gN_cache->b64_bn);
-    BN_free(gN_cache->bn);
-    OPENSSL_free(gN_cache);
-}
-
-static SRP_gN *SRP_get_gN_by_id(const char *id, STACK_OF(SRP_gN) *gN_tab)
-{
-    int i;
-
-    SRP_gN *gN;
-    if (gN_tab != NULL)
-        for (i = 0; i < sk_SRP_gN_num(gN_tab); i++) {
-            gN = sk_SRP_gN_value(gN_tab, i);
-            if (gN && (id == NULL || strcmp(gN->id, id) == 0))
-                return gN;
-        }
-
-    return SRP_get_default_gN(id);
-}
-
-static BIGNUM *SRP_gN_place_bn(STACK_OF(SRP_gN_cache) *gN_cache, char *ch)
-{
-    int i;
-    if (gN_cache == NULL)
-        return NULL;
-
-    /* search if we have already one... */
-    for (i = 0; i < sk_SRP_gN_cache_num(gN_cache); i++) {
-        SRP_gN_cache *cache = sk_SRP_gN_cache_value(gN_cache, i);
-        if (strcmp(cache->b64_bn, ch) == 0)
-            return cache->bn;
-    }
-    {                           /* it is the first time that we find it */
-        SRP_gN_cache *newgN = SRP_gN_new_init(ch);
-        if (newgN) {
-            if (sk_SRP_gN_cache_insert(gN_cache, newgN, 0) > 0)
-                return newgN->bn;
-            SRP_gN_free(newgN);
-        }
-    }
-    return NULL;
-}
-
-/*
- * this function parses verifier file. Format is:
- * string(index):base64(N):base64(g):0
- * string(username):base64(v):base64(salt):int(index)
- */
-
-int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file)
-{
-    int error_code;
-    STACK_OF(SRP_gN) *SRP_gN_tab = sk_SRP_gN_new_null();
-    char *last_index = NULL;
-    int i;
-    char **pp;
-
-    SRP_gN *gN = NULL;
-    SRP_user_pwd *user_pwd = NULL;
-
-    TXT_DB *tmpdb = NULL;
-    BIO *in = BIO_new(BIO_s_file());
-
-    error_code = SRP_ERR_OPEN_FILE;
-
-    if (in == NULL || BIO_read_filename(in, verifier_file) <= 0)
-        goto err;
-
-    error_code = SRP_ERR_VBASE_INCOMPLETE_FILE;
-
-    if ((tmpdb = TXT_DB_read(in, DB_NUMBER)) == NULL)
-        goto err;
-
-    error_code = SRP_ERR_MEMORY;
-
-    if (vb->seed_key) {
-        last_index = SRP_get_default_gN(NULL)->id;
-    }
-    for (i = 0; i < sk_OPENSSL_PSTRING_num(tmpdb->data); i++) {
-        pp = sk_OPENSSL_PSTRING_value(tmpdb->data, i);
-        if (pp[DB_srptype][0] == DB_SRP_INDEX) {
-            /*
-             * we add this couple in the internal Stack
-             */
-
-            if ((gN = (SRP_gN *) OPENSSL_malloc(sizeof(SRP_gN))) == NULL)
-                goto err;
-
-            if (!(gN->id = BUF_strdup(pp[DB_srpid]))
-                || !(gN->N =
-                     SRP_gN_place_bn(vb->gN_cache, pp[DB_srpverifier]))
-                || !(gN->g = SRP_gN_place_bn(vb->gN_cache, pp[DB_srpsalt]))
-                || sk_SRP_gN_insert(SRP_gN_tab, gN, 0) == 0)
-                goto err;
-
-            gN = NULL;
-
-            if (vb->seed_key != NULL) {
-                last_index = pp[DB_srpid];
-            }
-        } else if (pp[DB_srptype][0] == DB_SRP_VALID) {
-            /* it is a user .... */
-            SRP_gN *lgN;
-            if ((lgN = SRP_get_gN_by_id(pp[DB_srpgN], SRP_gN_tab)) != NULL) {
-                error_code = SRP_ERR_MEMORY;
-                if ((user_pwd = SRP_user_pwd_new()) == NULL)
-                    goto err;
-
-                SRP_user_pwd_set_gN(user_pwd, lgN->g, lgN->N);
-                if (!SRP_user_pwd_set_ids
-                    (user_pwd, pp[DB_srpid], pp[DB_srpinfo]))
-                    goto err;
-
-                error_code = SRP_ERR_VBASE_BN_LIB;
-                if (!SRP_user_pwd_set_sv
-                    (user_pwd, pp[DB_srpsalt], pp[DB_srpverifier]))
-                    goto err;
-
-                if (sk_SRP_user_pwd_insert(vb->users_pwd, user_pwd, 0) == 0)
-                    goto err;
-                user_pwd = NULL; /* abandon responsability */
-            }
-        }
-    }
-
-    if (last_index != NULL) {
-        /* this means that we want to simulate a default user */
-
-        if (((gN = SRP_get_gN_by_id(last_index, SRP_gN_tab)) == NULL)) {
-            error_code = SRP_ERR_VBASE_BN_LIB;
-            goto err;
-        }
-        vb->default_g = gN->g;
-        vb->default_N = gN->N;
-        gN = NULL;
-    }
-    error_code = SRP_NO_ERROR;
-
- err:
-    /*
-     * there may be still some leaks to fix, if this fails, the application
-     * terminates most likely
-     */
-
-    if (gN != NULL) {
-        OPENSSL_free(gN->id);
-        OPENSSL_free(gN);
-    }
-
-    SRP_user_pwd_free(user_pwd);
-
-    if (tmpdb)
-        TXT_DB_free(tmpdb);
-    if (in)
-        BIO_free_all(in);
-
-    sk_SRP_gN_free(SRP_gN_tab);
-
-    return error_code;
-
-}
-
-static SRP_user_pwd *find_user(SRP_VBASE *vb, char *username)
-{
-    int i;
-    SRP_user_pwd *user;
-
-    if (vb == NULL)
-        return NULL;
-
-    for (i = 0; i < sk_SRP_user_pwd_num(vb->users_pwd); i++) {
-        user = sk_SRP_user_pwd_value(vb->users_pwd, i);
-        if (strcmp(user->id, username) == 0)
-            return user;
-    }
-
-    return NULL;
-}
-
-/*
- * This method ignores the configured seed and fails for an unknown user.
- * Ownership of the returned pointer is not released to the caller.
- * In other words, caller must not free the result.
- */
-SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username)
-{
-    return find_user(vb, username);
-}
-
-/*
- * Ownership of the returned pointer is released to the caller.
- * In other words, caller must free the result once done.
- */
-SRP_user_pwd *SRP_VBASE_get1_by_user(SRP_VBASE *vb, char *username)
-{
-    SRP_user_pwd *user;
-    unsigned char digv[SHA_DIGEST_LENGTH];
-    unsigned char digs[SHA_DIGEST_LENGTH];
-    EVP_MD_CTX ctxt;
-
-    if (vb == NULL)
-        return NULL;
-
-    if ((user = find_user(vb, username)) != NULL)
-        return srp_user_pwd_dup(user);
-
-    if ((vb->seed_key == NULL) ||
-        (vb->default_g == NULL) || (vb->default_N == NULL))
-        return NULL;
-
-/* if the user is unknown we set parameters as well if we have a seed_key */
-
-    if ((user = SRP_user_pwd_new()) == NULL)
-        return NULL;
-
-    SRP_user_pwd_set_gN(user, vb->default_g, vb->default_N);
-
-    if (!SRP_user_pwd_set_ids(user, username, NULL))
-        goto err;
-
-    if (RAND_bytes(digv, SHA_DIGEST_LENGTH) <= 0)
-        goto err;
-    EVP_MD_CTX_init(&ctxt);
-    EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
-    EVP_DigestUpdate(&ctxt, vb->seed_key, strlen(vb->seed_key));
-    EVP_DigestUpdate(&ctxt, username, strlen(username));
-    EVP_DigestFinal_ex(&ctxt, digs, NULL);
-    EVP_MD_CTX_cleanup(&ctxt);
-    if (SRP_user_pwd_set_sv_BN
-        (user, BN_bin2bn(digs, SHA_DIGEST_LENGTH, NULL),
-         BN_bin2bn(digv, SHA_DIGEST_LENGTH, NULL)))
-        return user;
-
- err:SRP_user_pwd_free(user);
-    return NULL;
-}
-
-/*
- * create a verifier (*salt,*verifier,g and N are in base64)
- */
-char *SRP_create_verifier(const char *user, const char *pass, char **salt,
-                          char **verifier, const char *N, const char *g)
-{
-    int len;
-    char *result = NULL, *vf = NULL;
-    BIGNUM *N_bn = NULL, *g_bn = NULL, *s = NULL, *v = NULL;
-    unsigned char tmp[MAX_LEN];
-    unsigned char tmp2[MAX_LEN];
-    char *defgNid = NULL;
-    int vfsize = 0;
-
-    if ((user == NULL) ||
-        (pass == NULL) || (salt == NULL) || (verifier == NULL))
-        goto err;
-
-    if (N) {
-        if (!(len = t_fromb64(tmp, sizeof(tmp), N)))
-            goto err;
-        N_bn = BN_bin2bn(tmp, len, NULL);
-        if (!(len = t_fromb64(tmp, sizeof(tmp), g)))
-            goto err;
-        g_bn = BN_bin2bn(tmp, len, NULL);
-        defgNid = "*";
-    } else {
-        SRP_gN *gN = SRP_get_gN_by_id(g, NULL);
-        if (gN == NULL)
-            goto err;
-        N_bn = gN->N;
-        g_bn = gN->g;
-        defgNid = gN->id;
-    }
-
-    if (*salt == NULL) {
-        if (RAND_bytes(tmp2, SRP_RANDOM_SALT_LEN) <= 0)
-            goto err;
-
-        s = BN_bin2bn(tmp2, SRP_RANDOM_SALT_LEN, NULL);
-    } else {
-        if (!(len = t_fromb64(tmp2, sizeof(tmp2), *salt)))
-            goto err;
-        s = BN_bin2bn(tmp2, len, NULL);
-    }
-
-    if (!SRP_create_verifier_BN(user, pass, &s, &v, N_bn, g_bn))
-        goto err;
-
-    BN_bn2bin(v, tmp);
-    vfsize = BN_num_bytes(v) * 2;
-    if (((vf = OPENSSL_malloc(vfsize)) == NULL))
-        goto err;
-    t_tob64(vf, tmp, BN_num_bytes(v));
-
-    if (*salt == NULL) {
-        char *tmp_salt;
-
-        if ((tmp_salt = OPENSSL_malloc(SRP_RANDOM_SALT_LEN * 2)) == NULL) {
-            goto err;
-        }
-        t_tob64(tmp_salt, tmp2, SRP_RANDOM_SALT_LEN);
-        *salt = tmp_salt;
-    }
-
-    *verifier = vf;
-    vf = NULL;
-    result = defgNid;
-
- err:
-    if (N) {
-        BN_free(N_bn);
-        BN_free(g_bn);
-    }
-    if (vf != NULL)
-        OPENSSL_cleanse(vf, vfsize);
-    OPENSSL_free(vf);
-    BN_clear_free(s);
-    BN_clear_free(v);
-    return result;
-}
-
-/*
- * create a verifier (*salt,*verifier,g and N are BIGNUMs). If *salt != NULL
- * then the provided salt will be used. On successful exit *verifier will point
- * to a newly allocated BIGNUM containing the verifier and (if a salt was not
- * provided) *salt will be populated with a newly allocated BIGNUM containing a
- * random salt.
- * The caller is responsible for freeing the allocated *salt and *verifier
- * BIGNUMS.
- */
-int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
-                           BIGNUM **verifier, BIGNUM *N, BIGNUM *g)
-{
-    int result = 0;
-    BIGNUM *x = NULL;
-    BN_CTX *bn_ctx = BN_CTX_new();
-    unsigned char tmp2[MAX_LEN];
-    BIGNUM *salttmp = NULL;
-
-    if ((user == NULL) ||
-        (pass == NULL) ||
-        (salt == NULL) ||
-        (verifier == NULL) || (N == NULL) || (g == NULL) || (bn_ctx == NULL))
-        goto err;
-
-    srp_bn_print(N);
-    srp_bn_print(g);
-
-    if (*salt == NULL) {
-        if (RAND_bytes(tmp2, SRP_RANDOM_SALT_LEN) <= 0)
-            goto err;
-
-        salttmp = BN_bin2bn(tmp2, SRP_RANDOM_SALT_LEN, NULL);
-    } else {
-        salttmp = *salt;
-    }
-
-    x = SRP_Calc_x(salttmp, user, pass);
-
-    *verifier = BN_new();
-    if (*verifier == NULL)
-        goto err;
-
-    if (!BN_mod_exp(*verifier, g, x, N, bn_ctx)) {
-        BN_clear_free(*verifier);
-        goto err;
-    }
-
-    srp_bn_print(*verifier);
-
-    result = 1;
-    *salt = salttmp;
-
- err:
-    if (*salt != salttmp)
-        BN_clear_free(salttmp);
-    BN_clear_free(x);
-    BN_CTX_free(bn_ctx);
-    return result;
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/stack/stack.c b/thirdparty/openssl/crypto/stack/stack.c
deleted file mode 100644
index fa50083e22..0000000000
--- a/thirdparty/openssl/crypto/stack/stack.c
+++ /dev/null
@@ -1,384 +0,0 @@
-/* crypto/stack/stack.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*-
- * Code for stacks
- * Author - Eric Young v 1.0
- * 1.2 eay 12-Mar-97 -  Modified sk_find so that it _DOES_ return the
- *                      lowest index for the searched item.
- *
- * 1.1 eay - Take from netdb and added to SSLeay
- *
- * 1.0 eay - First version 29/07/92
- */
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/stack.h>
-#include <openssl/objects.h>
-
-#undef MIN_NODES
-#define MIN_NODES       4
-
-const char STACK_version[] = "Stack" OPENSSL_VERSION_PTEXT;
-
-#include <errno.h>
-
-int (*sk_set_cmp_func(_STACK *sk, int (*c) (const void *, const void *)))
- (const void *, const void *) {
-    int (*old) (const void *, const void *) = sk->comp;
-
-    if (sk->comp != c)
-        sk->sorted = 0;
-    sk->comp = c;
-
-    return old;
-}
-
-_STACK *sk_dup(_STACK *sk)
-{
-    _STACK *ret;
-    char **s;
-
-    if ((ret = sk_new(sk->comp)) == NULL)
-        goto err;
-    s = (char **)OPENSSL_realloc((char *)ret->data,
-                                 (unsigned int)sizeof(char *) *
-                                 sk->num_alloc);
-    if (s == NULL)
-        goto err;
-    ret->data = s;
-
-    ret->num = sk->num;
-    memcpy(ret->data, sk->data, sizeof(char *) * sk->num);
-    ret->sorted = sk->sorted;
-    ret->num_alloc = sk->num_alloc;
-    ret->comp = sk->comp;
-    return (ret);
- err:
-    if (ret)
-        sk_free(ret);
-    return (NULL);
-}
-
-_STACK *sk_deep_copy(_STACK *sk, void *(*copy_func) (void *),
-                     void (*free_func) (void *))
-{
-    _STACK *ret;
-    int i;
-
-    if ((ret = OPENSSL_malloc(sizeof(_STACK))) == NULL)
-        return ret;
-    ret->comp = sk->comp;
-    ret->sorted = sk->sorted;
-    ret->num = sk->num;
-    ret->num_alloc = sk->num > MIN_NODES ? sk->num : MIN_NODES;
-    ret->data = OPENSSL_malloc(sizeof(char *) * ret->num_alloc);
-    if (ret->data == NULL) {
-        OPENSSL_free(ret);
-        return NULL;
-    }
-    for (i = 0; i < ret->num_alloc; i++)
-        ret->data[i] = NULL;
-
-    for (i = 0; i < ret->num; ++i) {
-        if (sk->data[i] == NULL)
-            continue;
-        if ((ret->data[i] = copy_func(sk->data[i])) == NULL) {
-            while (--i >= 0)
-                if (ret->data[i] != NULL)
-                    free_func(ret->data[i]);
-            sk_free(ret);
-            return NULL;
-        }
-    }
-    return ret;
-}
-
-_STACK *sk_new_null(void)
-{
-    return sk_new((int (*)(const void *, const void *))0);
-}
-
-_STACK *sk_new(int (*c) (const void *, const void *))
-{
-    _STACK *ret;
-    int i;
-
-    if ((ret = OPENSSL_malloc(sizeof(_STACK))) == NULL)
-        goto err;
-    if ((ret->data = OPENSSL_malloc(sizeof(char *) * MIN_NODES)) == NULL)
-        goto err;
-    for (i = 0; i < MIN_NODES; i++)
-        ret->data[i] = NULL;
-    ret->comp = c;
-    ret->num_alloc = MIN_NODES;
-    ret->num = 0;
-    ret->sorted = 0;
-    return (ret);
- err:
-    if (ret)
-        OPENSSL_free(ret);
-    return (NULL);
-}
-
-int sk_insert(_STACK *st, void *data, int loc)
-{
-    char **s;
-
-    if (st == NULL)
-        return 0;
-    if (st->num_alloc <= st->num + 1) {
-        s = OPENSSL_realloc((char *)st->data,
-                            (unsigned int)sizeof(char *) * st->num_alloc * 2);
-        if (s == NULL)
-            return (0);
-        st->data = s;
-        st->num_alloc *= 2;
-    }
-    if ((loc >= (int)st->num) || (loc < 0))
-        st->data[st->num] = data;
-    else {
-        int i;
-        char **f, **t;
-
-        f = st->data;
-        t = &(st->data[1]);
-        for (i = st->num; i >= loc; i--)
-            t[i] = f[i];
-
-#ifdef undef                    /* no memmove on sunos :-( */
-        memmove(&(st->data[loc + 1]),
-                &(st->data[loc]), sizeof(char *) * (st->num - loc));
-#endif
-        st->data[loc] = data;
-    }
-    st->num++;
-    st->sorted = 0;
-    return (st->num);
-}
-
-void *sk_delete_ptr(_STACK *st, void *p)
-{
-    int i;
-
-    for (i = 0; i < st->num; i++)
-        if (st->data[i] == p)
-            return (sk_delete(st, i));
-    return (NULL);
-}
-
-void *sk_delete(_STACK *st, int loc)
-{
-    char *ret;
-    int i, j;
-
-    if (!st || (loc < 0) || (loc >= st->num))
-        return NULL;
-
-    ret = st->data[loc];
-    if (loc != st->num - 1) {
-        j = st->num - 1;
-        for (i = loc; i < j; i++)
-            st->data[i] = st->data[i + 1];
-        /*
-         * In theory memcpy is not safe for this memcpy( &(st->data[loc]),
-         * &(st->data[loc+1]), sizeof(char *)*(st->num-loc-1));
-         */
-    }
-    st->num--;
-    return (ret);
-}
-
-static int internal_find(_STACK *st, void *data, int ret_val_options)
-{
-    const void *const *r;
-    int i;
-
-    if (st == NULL)
-        return -1;
-
-    if (st->comp == NULL) {
-        for (i = 0; i < st->num; i++)
-            if (st->data[i] == data)
-                return (i);
-        return (-1);
-    }
-    sk_sort(st);
-    if (data == NULL)
-        return (-1);
-    r = OBJ_bsearch_ex_(&data, st->data, st->num, sizeof(void *), st->comp,
-                        ret_val_options);
-    if (r == NULL)
-        return (-1);
-    return (int)((char **)r - st->data);
-}
-
-int sk_find(_STACK *st, void *data)
-{
-    return internal_find(st, data, OBJ_BSEARCH_FIRST_VALUE_ON_MATCH);
-}
-
-int sk_find_ex(_STACK *st, void *data)
-{
-    return internal_find(st, data, OBJ_BSEARCH_VALUE_ON_NOMATCH);
-}
-
-int sk_push(_STACK *st, void *data)
-{
-    return (sk_insert(st, data, st->num));
-}
-
-int sk_unshift(_STACK *st, void *data)
-{
-    return (sk_insert(st, data, 0));
-}
-
-void *sk_shift(_STACK *st)
-{
-    if (st == NULL)
-        return (NULL);
-    if (st->num <= 0)
-        return (NULL);
-    return (sk_delete(st, 0));
-}
-
-void *sk_pop(_STACK *st)
-{
-    if (st == NULL)
-        return (NULL);
-    if (st->num <= 0)
-        return (NULL);
-    return (sk_delete(st, st->num - 1));
-}
-
-void sk_zero(_STACK *st)
-{
-    if (st == NULL)
-        return;
-    if (st->num <= 0)
-        return;
-    memset((char *)st->data, 0, sizeof(*st->data) * st->num);
-    st->num = 0;
-}
-
-void sk_pop_free(_STACK *st, void (*func) (void *))
-{
-    int i;
-
-    if (st == NULL)
-        return;
-    for (i = 0; i < st->num; i++)
-        if (st->data[i] != NULL)
-            func(st->data[i]);
-    sk_free(st);
-}
-
-void sk_free(_STACK *st)
-{
-    if (st == NULL)
-        return;
-    if (st->data != NULL)
-        OPENSSL_free(st->data);
-    OPENSSL_free(st);
-}
-
-int sk_num(const _STACK *st)
-{
-    if (st == NULL)
-        return -1;
-    return st->num;
-}
-
-void *sk_value(const _STACK *st, int i)
-{
-    if (!st || (i < 0) || (i >= st->num))
-        return NULL;
-    return st->data[i];
-}
-
-void *sk_set(_STACK *st, int i, void *value)
-{
-    if (!st || (i < 0) || (i >= st->num))
-        return NULL;
-    return (st->data[i] = value);
-}
-
-void sk_sort(_STACK *st)
-{
-    if (st && !st->sorted && st->comp != NULL) {
-        int (*comp_func) (const void *, const void *);
-
-        /*
-         * same comment as in sk_find ... previously st->comp was declared as
-         * a (void*,void*) callback type, but this made the population of the
-         * callback pointer illogical - our callbacks compare type** with
-         * type**, so we leave the casting until absolutely necessary (ie.
-         * "now").
-         */
-        comp_func = (int (*)(const void *, const void *))(st->comp);
-        qsort(st->data, st->num, sizeof(char *), comp_func);
-        st->sorted = 1;
-    }
-}
-
-int sk_is_sorted(const _STACK *st)
-{
-    if (!st)
-        return 1;
-    return st->sorted;
-}
diff --git a/thirdparty/openssl/crypto/store/README b/thirdparty/openssl/crypto/store/README
deleted file mode 100644
index 966168f6a5..0000000000
--- a/thirdparty/openssl/crypto/store/README
+++ /dev/null
@@ -1,95 +0,0 @@
-The STORE type
-==============
-
-A STORE, as defined in this code section, is really a rather simple
-thing which stores objects and per-object associations to a number
-of attributes.  What attributes are supported entirely depends on
-the particular implementation of a STORE.  It has some support for
-generation of certain objects (for example, keys and CRLs).
-
-
-Supported object types
-----------------------
-
-For now, the objects that are supported are the following:
-
-X.509 certificate
-X.509 CRL
-private key
-public key
-number
-arbitrary (application) data
-
-The intention is that a STORE should be able to store everything
-needed by an application that wants a cert/key store, as well as
-the data a CA might need to store (this includes the serial number
-counter, which explains the support for numbers).
-
-
-Supported attribute types
--------------------------
-
-For now, the following attributes are supported:
-
-Friendly Name		- the value is a normal C string
-Key ID			- the value is a 160 bit SHA1 hash
-Issuer Key ID		- the value is a 160 bit SHA1 hash
-Subject Key ID		- the value is a 160 bit SHA1 hash
-Issuer/Serial Hash	- the value is a 160 bit SHA1 hash
-Issuer			- the value is a X509_NAME
-Serial			- the value is a BIGNUM
-Subject			- the value is a X509_NAME
-Certificate Hash	- the value is a 160 bit SHA1 hash
-Email			- the value is a normal C string
-Filename		- the value is a normal C string
-
-It is expected that these attributes should be enough to support
-the need from most, if not all, current applications.  Applications
-that need to do certificate verification would typically use Subject
-Key ID, Issuer/Serial Hash or Subject to look up issuer certificates.
-S/MIME applications would typically use Email to look up recipient
-and signer certificates.
-
-There's added support for combined sets of attributes to search for,
-with the special OR attribute.
-
-
-Supported basic functionality
------------------------------
-
-The functions that are supported through the STORE type are these:
-
-generate_object		- for example to generate keys and CRLs
-get_object		- to look up one object
-			  NOTE: this function is really rather
-			  redundant and probably of lesser usage
-			  than the list functions
-store_object		- store an object and the attributes
-			  associated with it
-modify_object		- modify the attributes associated with
-			  a specific object
-revoke_object		- revoke an object
-			  NOTE: this only marks an object as
-			  invalid, it doesn't remove the object
-			  from the database
-delete_object		- remove an object from the database
-list_object		- list objects associated with a given
-			  set of attributes
-			  NOTE: this is really four functions:
-			  list_start, list_next, list_end and
-			  list_endp
-update_store		- update the internal data of the store
-lock_store		- lock the store
-unlock_store		- unlock the store
-
-The list functions need some extra explanation: list_start is
-used to set up a lookup.  That's where the attributes to use in
-the search are set up.  It returns a search context.  list_next
-returns the next object searched for.  list_end closes the search.
-list_endp is used to check if we have reached the end.
-
-A few words on the store functions as well: update_store is
-typically used by a CA application to update the internal
-structure of a database.  This may for example involve automatic
-removal of expired certificates.  lock_store and unlock_store
-are used for locking a store to allow exclusive writes.
diff --git a/thirdparty/openssl/crypto/store/store.h b/thirdparty/openssl/crypto/store/store.h
deleted file mode 100644
index ce3709d9f0..0000000000
--- a/thirdparty/openssl/crypto/store/store.h
+++ /dev/null
@@ -1,658 +0,0 @@
-/* crypto/store/store.h */
-/*
- * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
- * 2003.
- */
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_STORE_H
-# define HEADER_STORE_H
-
-# include <openssl/opensslconf.h>
-
-# ifdef OPENSSL_NO_STORE
-#  error STORE is disabled.
-# endif
-
-# include <openssl/ossl_typ.h>
-# ifndef OPENSSL_NO_DEPRECATED
-#  include <openssl/evp.h>
-#  include <openssl/bn.h>
-#  include <openssl/x509.h>
-# endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Already defined in ossl_typ.h */
-/* typedef struct store_st STORE; */
-/* typedef struct store_method_st STORE_METHOD; */
-
-/*
- * All the following functions return 0, a negative number or NULL on error.
- * When everything is fine, they return a positive value or a non-NULL
- * pointer, all depending on their purpose.
- */
-
-/* Creators and destructor.   */
-STORE *STORE_new_method(const STORE_METHOD *method);
-STORE *STORE_new_engine(ENGINE *engine);
-void STORE_free(STORE *ui);
-
-/*
- * Give a user interface parametrised control commands.  This can be used to
- * send down an integer, a data pointer or a function pointer, as well as be
- * used to get information from a STORE.
- */
-int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f) (void));
-
-/*
- * A control to set the directory with keys and certificates.  Used by the
- * built-in directory level method.
- */
-# define STORE_CTRL_SET_DIRECTORY        0x0001
-/*
- * A control to set a file to load.  Used by the built-in file level method.
- */
-# define STORE_CTRL_SET_FILE             0x0002
-/*
- * A control to set a configuration file to load.  Can be used by any method
- * that wishes to load a configuration file.
- */
-# define STORE_CTRL_SET_CONF_FILE        0x0003
-/*
- * A control to set a the section of the loaded configuration file.  Can be
- * used by any method that wishes to load a configuration file.
- */
-# define STORE_CTRL_SET_CONF_SECTION     0x0004
-
-/* Some methods may use extra data */
-# define STORE_set_app_data(s,arg)       STORE_set_ex_data(s,0,arg)
-# define STORE_get_app_data(s)           STORE_get_ex_data(s,0)
-int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-                           CRYPTO_EX_dup *dup_func,
-                           CRYPTO_EX_free *free_func);
-int STORE_set_ex_data(STORE *r, int idx, void *arg);
-void *STORE_get_ex_data(STORE *r, int idx);
-
-/* Use specific methods instead of the built-in one */
-const STORE_METHOD *STORE_get_method(STORE *store);
-const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth);
-
-/* The standard OpenSSL methods. */
-/*
- * This is the in-memory method.  It does everything except revoking and
- * updating, and is of course volatile.  It's used by other methods that have
- * an in-memory cache.
- */
-const STORE_METHOD *STORE_Memory(void);
-# if 0                          /* Not yet implemented */
-/*
- * This is the directory store.  It does everything except revoking and
- * updating, and uses STORE_Memory() to cache things in memory.
- */
-const STORE_METHOD *STORE_Directory(void);
-/*
- * This is the file store.  It does everything except revoking and updating,
- * and uses STORE_Memory() to cache things in memory.  Certificates are added
- * to it with the store operation, and it will only get cached certificates.
- */
-const STORE_METHOD *STORE_File(void);
-# endif
-
-/*
- * Store functions take a type code for the type of data they should store or
- * fetch
- */
-typedef enum STORE_object_types {
-    STORE_OBJECT_TYPE_X509_CERTIFICATE = 0x01, /* X509 * */
-    STORE_OBJECT_TYPE_X509_CRL = 0x02, /* X509_CRL * */
-    STORE_OBJECT_TYPE_PRIVATE_KEY = 0x03, /* EVP_PKEY * */
-    STORE_OBJECT_TYPE_PUBLIC_KEY = 0x04, /* EVP_PKEY * */
-    STORE_OBJECT_TYPE_NUMBER = 0x05, /* BIGNUM * */
-    STORE_OBJECT_TYPE_ARBITRARY = 0x06, /* BUF_MEM * */
-    STORE_OBJECT_TYPE_NUM = 0x06 /* The amount of known object types */
-} STORE_OBJECT_TYPES;
-/* List of text strings corresponding to the object types. */
-extern const char *const STORE_object_type_string[STORE_OBJECT_TYPE_NUM + 1];
-
-/*
- * Some store functions take a parameter list.  Those parameters come with
- * one of the following codes. The comments following the codes below
- * indicate what type the value should be a pointer to.
- */
-typedef enum STORE_params {
-    STORE_PARAM_EVP_TYPE = 0x01, /* int */
-    STORE_PARAM_BITS = 0x02,    /* size_t */
-    STORE_PARAM_KEY_PARAMETERS = 0x03, /* ??? */
-    STORE_PARAM_KEY_NO_PARAMETERS = 0x04, /* N/A */
-    STORE_PARAM_AUTH_PASSPHRASE = 0x05, /* char * */
-    STORE_PARAM_AUTH_KRB5_TICKET = 0x06, /* void * */
-    STORE_PARAM_TYPE_NUM = 0x06 /* The amount of known parameter types */
-} STORE_PARAM_TYPES;
-/*
- * Parameter value sizes.  -1 means unknown, anything else is the required
- * size.
- */
-extern const int STORE_param_sizes[STORE_PARAM_TYPE_NUM + 1];
-
-/*
- * Store functions take attribute lists.  Those attributes come with codes.
- * The comments following the codes below indicate what type the value should
- * be a pointer to.
- */
-typedef enum STORE_attribs {
-    STORE_ATTR_END = 0x00,
-    STORE_ATTR_FRIENDLYNAME = 0x01, /* C string */
-    STORE_ATTR_KEYID = 0x02,    /* 160 bit string (SHA1) */
-    STORE_ATTR_ISSUERKEYID = 0x03, /* 160 bit string (SHA1) */
-    STORE_ATTR_SUBJECTKEYID = 0x04, /* 160 bit string (SHA1) */
-    STORE_ATTR_ISSUERSERIALHASH = 0x05, /* 160 bit string (SHA1) */
-    STORE_ATTR_ISSUER = 0x06,   /* X509_NAME * */
-    STORE_ATTR_SERIAL = 0x07,   /* BIGNUM * */
-    STORE_ATTR_SUBJECT = 0x08,  /* X509_NAME * */
-    STORE_ATTR_CERTHASH = 0x09, /* 160 bit string (SHA1) */
-    STORE_ATTR_EMAIL = 0x0a,    /* C string */
-    STORE_ATTR_FILENAME = 0x0b, /* C string */
-    STORE_ATTR_TYPE_NUM = 0x0b, /* The amount of known attribute types */
-    STORE_ATTR_OR = 0xff        /* This is a special separator, which
-                                 * expresses the OR operation.  */
-} STORE_ATTR_TYPES;
-/*
- * Attribute value sizes.  -1 means unknown, anything else is the required
- * size.
- */
-extern const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM + 1];
-
-typedef enum STORE_certificate_status {
-    STORE_X509_VALID = 0x00,
-    STORE_X509_EXPIRED = 0x01,
-    STORE_X509_SUSPENDED = 0x02,
-    STORE_X509_REVOKED = 0x03
-} STORE_CERTIFICATE_STATUS;
-
-/*
- * Engine store functions will return a structure that contains all the
- * necessary information, including revokation status for certificates.  This
- * is really not needed for application authors, as the ENGINE framework
- * functions will extract the OpenSSL-specific information when at all
- * possible.  However, for engine authors, it's crucial to know this
- * structure.
- */
-typedef struct STORE_OBJECT_st {
-    STORE_OBJECT_TYPES type;
-    union {
-        struct {
-            STORE_CERTIFICATE_STATUS status;
-            X509 *certificate;
-        } x509;
-        X509_CRL *crl;
-        EVP_PKEY *key;
-        BIGNUM *number;
-        BUF_MEM *arbitrary;
-    } data;
-} STORE_OBJECT;
-DECLARE_STACK_OF(STORE_OBJECT)
-STORE_OBJECT *STORE_OBJECT_new(void);
-void STORE_OBJECT_free(STORE_OBJECT *data);
-
-/*
- * The following functions handle the storage. They return 0, a negative
- * number or NULL on error, anything else on success.
- */
-X509 *STORE_get_certificate(STORE *e, OPENSSL_ITEM attributes[],
-                            OPENSSL_ITEM parameters[]);
-int STORE_store_certificate(STORE *e, X509 *data, OPENSSL_ITEM attributes[],
-                            OPENSSL_ITEM parameters[]);
-int STORE_modify_certificate(STORE *e, OPENSSL_ITEM search_attributes[],
-                             OPENSSL_ITEM add_attributes[],
-                             OPENSSL_ITEM modify_attributes[],
-                             OPENSSL_ITEM delete_attributes[],
-                             OPENSSL_ITEM parameters[]);
-int STORE_revoke_certificate(STORE *e, OPENSSL_ITEM attributes[],
-                             OPENSSL_ITEM parameters[]);
-int STORE_delete_certificate(STORE *e, OPENSSL_ITEM attributes[],
-                             OPENSSL_ITEM parameters[]);
-void *STORE_list_certificate_start(STORE *e, OPENSSL_ITEM attributes[],
-                                   OPENSSL_ITEM parameters[]);
-X509 *STORE_list_certificate_next(STORE *e, void *handle);
-int STORE_list_certificate_end(STORE *e, void *handle);
-int STORE_list_certificate_endp(STORE *e, void *handle);
-EVP_PKEY *STORE_generate_key(STORE *e, OPENSSL_ITEM attributes[],
-                             OPENSSL_ITEM parameters[]);
-EVP_PKEY *STORE_get_private_key(STORE *e, OPENSSL_ITEM attributes[],
-                                OPENSSL_ITEM parameters[]);
-int STORE_store_private_key(STORE *e, EVP_PKEY *data,
-                            OPENSSL_ITEM attributes[],
-                            OPENSSL_ITEM parameters[]);
-int STORE_modify_private_key(STORE *e, OPENSSL_ITEM search_attributes[],
-                             OPENSSL_ITEM add_sttributes[],
-                             OPENSSL_ITEM modify_attributes[],
-                             OPENSSL_ITEM delete_attributes[],
-                             OPENSSL_ITEM parameters[]);
-int STORE_revoke_private_key(STORE *e, OPENSSL_ITEM attributes[],
-                             OPENSSL_ITEM parameters[]);
-int STORE_delete_private_key(STORE *e, OPENSSL_ITEM attributes[],
-                             OPENSSL_ITEM parameters[]);
-void *STORE_list_private_key_start(STORE *e, OPENSSL_ITEM attributes[],
-                                   OPENSSL_ITEM parameters[]);
-EVP_PKEY *STORE_list_private_key_next(STORE *e, void *handle);
-int STORE_list_private_key_end(STORE *e, void *handle);
-int STORE_list_private_key_endp(STORE *e, void *handle);
-EVP_PKEY *STORE_get_public_key(STORE *e, OPENSSL_ITEM attributes[],
-                               OPENSSL_ITEM parameters[]);
-int STORE_store_public_key(STORE *e, EVP_PKEY *data,
-                           OPENSSL_ITEM attributes[],
-                           OPENSSL_ITEM parameters[]);
-int STORE_modify_public_key(STORE *e, OPENSSL_ITEM search_attributes[],
-                            OPENSSL_ITEM add_sttributes[],
-                            OPENSSL_ITEM modify_attributes[],
-                            OPENSSL_ITEM delete_attributes[],
-                            OPENSSL_ITEM parameters[]);
-int STORE_revoke_public_key(STORE *e, OPENSSL_ITEM attributes[],
-                            OPENSSL_ITEM parameters[]);
-int STORE_delete_public_key(STORE *e, OPENSSL_ITEM attributes[],
-                            OPENSSL_ITEM parameters[]);
-void *STORE_list_public_key_start(STORE *e, OPENSSL_ITEM attributes[],
-                                  OPENSSL_ITEM parameters[]);
-EVP_PKEY *STORE_list_public_key_next(STORE *e, void *handle);
-int STORE_list_public_key_end(STORE *e, void *handle);
-int STORE_list_public_key_endp(STORE *e, void *handle);
-X509_CRL *STORE_generate_crl(STORE *e, OPENSSL_ITEM attributes[],
-                             OPENSSL_ITEM parameters[]);
-X509_CRL *STORE_get_crl(STORE *e, OPENSSL_ITEM attributes[],
-                        OPENSSL_ITEM parameters[]);
-int STORE_store_crl(STORE *e, X509_CRL *data, OPENSSL_ITEM attributes[],
-                    OPENSSL_ITEM parameters[]);
-int STORE_modify_crl(STORE *e, OPENSSL_ITEM search_attributes[],
-                     OPENSSL_ITEM add_sttributes[],
-                     OPENSSL_ITEM modify_attributes[],
-                     OPENSSL_ITEM delete_attributes[],
-                     OPENSSL_ITEM parameters[]);
-int STORE_delete_crl(STORE *e, OPENSSL_ITEM attributes[],
-                     OPENSSL_ITEM parameters[]);
-void *STORE_list_crl_start(STORE *e, OPENSSL_ITEM attributes[],
-                           OPENSSL_ITEM parameters[]);
-X509_CRL *STORE_list_crl_next(STORE *e, void *handle);
-int STORE_list_crl_end(STORE *e, void *handle);
-int STORE_list_crl_endp(STORE *e, void *handle);
-int STORE_store_number(STORE *e, BIGNUM *data, OPENSSL_ITEM attributes[],
-                       OPENSSL_ITEM parameters[]);
-int STORE_modify_number(STORE *e, OPENSSL_ITEM search_attributes[],
-                        OPENSSL_ITEM add_sttributes[],
-                        OPENSSL_ITEM modify_attributes[],
-                        OPENSSL_ITEM delete_attributes[],
-                        OPENSSL_ITEM parameters[]);
-BIGNUM *STORE_get_number(STORE *e, OPENSSL_ITEM attributes[],
-                         OPENSSL_ITEM parameters[]);
-int STORE_delete_number(STORE *e, OPENSSL_ITEM attributes[],
-                        OPENSSL_ITEM parameters[]);
-int STORE_store_arbitrary(STORE *e, BUF_MEM *data, OPENSSL_ITEM attributes[],
-                          OPENSSL_ITEM parameters[]);
-int STORE_modify_arbitrary(STORE *e, OPENSSL_ITEM search_attributes[],
-                           OPENSSL_ITEM add_sttributes[],
-                           OPENSSL_ITEM modify_attributes[],
-                           OPENSSL_ITEM delete_attributes[],
-                           OPENSSL_ITEM parameters[]);
-BUF_MEM *STORE_get_arbitrary(STORE *e, OPENSSL_ITEM attributes[],
-                             OPENSSL_ITEM parameters[]);
-int STORE_delete_arbitrary(STORE *e, OPENSSL_ITEM attributes[],
-                           OPENSSL_ITEM parameters[]);
-
-/* Create and manipulate methods */
-STORE_METHOD *STORE_create_method(char *name);
-void STORE_destroy_method(STORE_METHOD *store_method);
-
-/* These callback types are use for store handlers */
-typedef int (*STORE_INITIALISE_FUNC_PTR) (STORE *);
-typedef void (*STORE_CLEANUP_FUNC_PTR) (STORE *);
-typedef STORE_OBJECT *(*STORE_GENERATE_OBJECT_FUNC_PTR)(STORE *,
-                                                        STORE_OBJECT_TYPES
-                                                        type,
-                                                        OPENSSL_ITEM
-                                                        attributes[],
-                                                        OPENSSL_ITEM
-                                                        parameters[]);
-typedef STORE_OBJECT *(*STORE_GET_OBJECT_FUNC_PTR)(STORE *,
-                                                   STORE_OBJECT_TYPES type,
-                                                   OPENSSL_ITEM attributes[],
-                                                   OPENSSL_ITEM parameters[]);
-typedef void *(*STORE_START_OBJECT_FUNC_PTR)(STORE *, STORE_OBJECT_TYPES type,
-                                             OPENSSL_ITEM attributes[],
-                                             OPENSSL_ITEM parameters[]);
-typedef STORE_OBJECT *(*STORE_NEXT_OBJECT_FUNC_PTR)(STORE *, void *handle);
-typedef int (*STORE_END_OBJECT_FUNC_PTR) (STORE *, void *handle);
-typedef int (*STORE_HANDLE_OBJECT_FUNC_PTR) (STORE *, STORE_OBJECT_TYPES type,
-                                             OPENSSL_ITEM attributes[],
-                                             OPENSSL_ITEM parameters[]);
-typedef int (*STORE_STORE_OBJECT_FUNC_PTR) (STORE *, STORE_OBJECT_TYPES type,
-                                            STORE_OBJECT *data,
-                                            OPENSSL_ITEM attributes[],
-                                            OPENSSL_ITEM parameters[]);
-typedef int (*STORE_MODIFY_OBJECT_FUNC_PTR) (STORE *, STORE_OBJECT_TYPES type,
-                                             OPENSSL_ITEM search_attributes[],
-                                             OPENSSL_ITEM add_attributes[],
-                                             OPENSSL_ITEM modify_attributes[],
-                                             OPENSSL_ITEM delete_attributes[],
-                                             OPENSSL_ITEM parameters[]);
-typedef int (*STORE_GENERIC_FUNC_PTR) (STORE *, OPENSSL_ITEM attributes[],
-                                       OPENSSL_ITEM parameters[]);
-typedef int (*STORE_CTRL_FUNC_PTR) (STORE *, int cmd, long l, void *p,
-                                    void (*f) (void));
-
-int STORE_method_set_initialise_function(STORE_METHOD *sm,
-                                         STORE_INITIALISE_FUNC_PTR init_f);
-int STORE_method_set_cleanup_function(STORE_METHOD *sm,
-                                      STORE_CLEANUP_FUNC_PTR clean_f);
-int STORE_method_set_generate_function(STORE_METHOD *sm,
-                                       STORE_GENERATE_OBJECT_FUNC_PTR
-                                       generate_f);
-int STORE_method_set_get_function(STORE_METHOD *sm,
-                                  STORE_GET_OBJECT_FUNC_PTR get_f);
-int STORE_method_set_store_function(STORE_METHOD *sm,
-                                    STORE_STORE_OBJECT_FUNC_PTR store_f);
-int STORE_method_set_modify_function(STORE_METHOD *sm,
-                                     STORE_MODIFY_OBJECT_FUNC_PTR store_f);
-int STORE_method_set_revoke_function(STORE_METHOD *sm,
-                                     STORE_HANDLE_OBJECT_FUNC_PTR revoke_f);
-int STORE_method_set_delete_function(STORE_METHOD *sm,
-                                     STORE_HANDLE_OBJECT_FUNC_PTR delete_f);
-int STORE_method_set_list_start_function(STORE_METHOD *sm,
-                                         STORE_START_OBJECT_FUNC_PTR
-                                         list_start_f);
-int STORE_method_set_list_next_function(STORE_METHOD *sm,
-                                        STORE_NEXT_OBJECT_FUNC_PTR
-                                        list_next_f);
-int STORE_method_set_list_end_function(STORE_METHOD *sm,
-                                       STORE_END_OBJECT_FUNC_PTR list_end_f);
-int STORE_method_set_update_store_function(STORE_METHOD *sm,
-                                           STORE_GENERIC_FUNC_PTR);
-int STORE_method_set_lock_store_function(STORE_METHOD *sm,
-                                         STORE_GENERIC_FUNC_PTR);
-int STORE_method_set_unlock_store_function(STORE_METHOD *sm,
-                                           STORE_GENERIC_FUNC_PTR);
-int STORE_method_set_ctrl_function(STORE_METHOD *sm,
-                                   STORE_CTRL_FUNC_PTR ctrl_f);
-
-STORE_INITIALISE_FUNC_PTR STORE_method_get_initialise_function(STORE_METHOD
-                                                               *sm);
-STORE_CLEANUP_FUNC_PTR STORE_method_get_cleanup_function(STORE_METHOD *sm);
-STORE_GENERATE_OBJECT_FUNC_PTR STORE_method_get_generate_function(STORE_METHOD
-                                                                  *sm);
-STORE_GET_OBJECT_FUNC_PTR STORE_method_get_get_function(STORE_METHOD *sm);
-STORE_STORE_OBJECT_FUNC_PTR STORE_method_get_store_function(STORE_METHOD *sm);
-STORE_MODIFY_OBJECT_FUNC_PTR STORE_method_get_modify_function(STORE_METHOD
-                                                              *sm);
-STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_revoke_function(STORE_METHOD
-                                                              *sm);
-STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_delete_function(STORE_METHOD
-                                                              *sm);
-STORE_START_OBJECT_FUNC_PTR STORE_method_get_list_start_function(STORE_METHOD
-                                                                 *sm);
-STORE_NEXT_OBJECT_FUNC_PTR STORE_method_get_list_next_function(STORE_METHOD
-                                                               *sm);
-STORE_END_OBJECT_FUNC_PTR STORE_method_get_list_end_function(STORE_METHOD
-                                                             *sm);
-STORE_GENERIC_FUNC_PTR STORE_method_get_update_store_function(STORE_METHOD
-                                                              *sm);
-STORE_GENERIC_FUNC_PTR STORE_method_get_lock_store_function(STORE_METHOD *sm);
-STORE_GENERIC_FUNC_PTR STORE_method_get_unlock_store_function(STORE_METHOD
-                                                              *sm);
-STORE_CTRL_FUNC_PTR STORE_method_get_ctrl_function(STORE_METHOD *sm);
-
-/* Method helper structures and functions. */
-
-/*
- * This structure is the result of parsing through the information in a list
- * of OPENSSL_ITEMs.  It stores all the necessary information in a structured
- * way.
- */
-typedef struct STORE_attr_info_st STORE_ATTR_INFO;
-
-/*
- * Parse a list of OPENSSL_ITEMs and return a pointer to a STORE_ATTR_INFO.
- * Note that we do this in the list form, since the list of OPENSSL_ITEMs can
- * come in blocks separated with STORE_ATTR_OR.  Note that the value returned
- * by STORE_parse_attrs_next() must be freed with STORE_ATTR_INFO_free().
- */
-void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes);
-STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle);
-int STORE_parse_attrs_end(void *handle);
-int STORE_parse_attrs_endp(void *handle);
-
-/* Creator and destructor */
-STORE_ATTR_INFO *STORE_ATTR_INFO_new(void);
-int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs);
-
-/* Manipulators */
-char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs,
-                                STORE_ATTR_TYPES code);
-unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
-                                            STORE_ATTR_TYPES code);
-X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs,
-                                   STORE_ATTR_TYPES code);
-BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs,
-                                    STORE_ATTR_TYPES code);
-int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
-                             char *cstr, size_t cstr_size);
-int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
-                                unsigned char *sha1str, size_t sha1str_size);
-int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
-                           X509_NAME *dn);
-int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
-                               BIGNUM *number);
-int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
-                                char *cstr, size_t cstr_size);
-int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs,
-                                   STORE_ATTR_TYPES code,
-                                   unsigned char *sha1str,
-                                   size_t sha1str_size);
-int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
-                              X509_NAME *dn);
-int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs,
-                                  STORE_ATTR_TYPES code, BIGNUM *number);
-
-/*
- * Compare on basis of a bit pattern formed by the STORE_ATTR_TYPES values in
- * each contained attribute.
- */
-int STORE_ATTR_INFO_compare(const STORE_ATTR_INFO *const *a,
-                            const STORE_ATTR_INFO *const *b);
-/*
- * Check if the set of attributes in a is within the range of attributes set
- * in b.
- */
-int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
-/* Check if the set of attributes in a are also set in b. */
-int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
-/* Same as STORE_ATTR_INFO_in(), but also checks the attribute values. */
-int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_STORE_strings(void);
-
-/* Error codes for the STORE functions. */
-
-/* Function codes. */
-# define STORE_F_MEM_DELETE                               134
-# define STORE_F_MEM_GENERATE                             135
-# define STORE_F_MEM_LIST_END                             168
-# define STORE_F_MEM_LIST_NEXT                            136
-# define STORE_F_MEM_LIST_START                           137
-# define STORE_F_MEM_MODIFY                               169
-# define STORE_F_MEM_STORE                                138
-# define STORE_F_STORE_ATTR_INFO_GET0_CSTR                139
-# define STORE_F_STORE_ATTR_INFO_GET0_DN                  140
-# define STORE_F_STORE_ATTR_INFO_GET0_NUMBER              141
-# define STORE_F_STORE_ATTR_INFO_GET0_SHA1STR             142
-# define STORE_F_STORE_ATTR_INFO_MODIFY_CSTR              143
-# define STORE_F_STORE_ATTR_INFO_MODIFY_DN                144
-# define STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER            145
-# define STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR           146
-# define STORE_F_STORE_ATTR_INFO_SET_CSTR                 147
-# define STORE_F_STORE_ATTR_INFO_SET_DN                   148
-# define STORE_F_STORE_ATTR_INFO_SET_NUMBER               149
-# define STORE_F_STORE_ATTR_INFO_SET_SHA1STR              150
-# define STORE_F_STORE_CERTIFICATE                        170
-# define STORE_F_STORE_CTRL                               161
-# define STORE_F_STORE_DELETE_ARBITRARY                   158
-# define STORE_F_STORE_DELETE_CERTIFICATE                 102
-# define STORE_F_STORE_DELETE_CRL                         103
-# define STORE_F_STORE_DELETE_NUMBER                      104
-# define STORE_F_STORE_DELETE_PRIVATE_KEY                 105
-# define STORE_F_STORE_DELETE_PUBLIC_KEY                  106
-# define STORE_F_STORE_GENERATE_CRL                       107
-# define STORE_F_STORE_GENERATE_KEY                       108
-# define STORE_F_STORE_GET_ARBITRARY                      159
-# define STORE_F_STORE_GET_CERTIFICATE                    109
-# define STORE_F_STORE_GET_CRL                            110
-# define STORE_F_STORE_GET_NUMBER                         111
-# define STORE_F_STORE_GET_PRIVATE_KEY                    112
-# define STORE_F_STORE_GET_PUBLIC_KEY                     113
-# define STORE_F_STORE_LIST_CERTIFICATE_END               114
-# define STORE_F_STORE_LIST_CERTIFICATE_ENDP              153
-# define STORE_F_STORE_LIST_CERTIFICATE_NEXT              115
-# define STORE_F_STORE_LIST_CERTIFICATE_START             116
-# define STORE_F_STORE_LIST_CRL_END                       117
-# define STORE_F_STORE_LIST_CRL_ENDP                      154
-# define STORE_F_STORE_LIST_CRL_NEXT                      118
-# define STORE_F_STORE_LIST_CRL_START                     119
-# define STORE_F_STORE_LIST_PRIVATE_KEY_END               120
-# define STORE_F_STORE_LIST_PRIVATE_KEY_ENDP              155
-# define STORE_F_STORE_LIST_PRIVATE_KEY_NEXT              121
-# define STORE_F_STORE_LIST_PRIVATE_KEY_START             122
-# define STORE_F_STORE_LIST_PUBLIC_KEY_END                123
-# define STORE_F_STORE_LIST_PUBLIC_KEY_ENDP               156
-# define STORE_F_STORE_LIST_PUBLIC_KEY_NEXT               124
-# define STORE_F_STORE_LIST_PUBLIC_KEY_START              125
-# define STORE_F_STORE_MODIFY_ARBITRARY                   162
-# define STORE_F_STORE_MODIFY_CERTIFICATE                 163
-# define STORE_F_STORE_MODIFY_CRL                         164
-# define STORE_F_STORE_MODIFY_NUMBER                      165
-# define STORE_F_STORE_MODIFY_PRIVATE_KEY                 166
-# define STORE_F_STORE_MODIFY_PUBLIC_KEY                  167
-# define STORE_F_STORE_NEW_ENGINE                         133
-# define STORE_F_STORE_NEW_METHOD                         132
-# define STORE_F_STORE_PARSE_ATTRS_END                    151
-# define STORE_F_STORE_PARSE_ATTRS_ENDP                   172
-# define STORE_F_STORE_PARSE_ATTRS_NEXT                   152
-# define STORE_F_STORE_PARSE_ATTRS_START                  171
-# define STORE_F_STORE_REVOKE_CERTIFICATE                 129
-# define STORE_F_STORE_REVOKE_PRIVATE_KEY                 130
-# define STORE_F_STORE_REVOKE_PUBLIC_KEY                  131
-# define STORE_F_STORE_STORE_ARBITRARY                    157
-# define STORE_F_STORE_STORE_CERTIFICATE                  100
-# define STORE_F_STORE_STORE_CRL                          101
-# define STORE_F_STORE_STORE_NUMBER                       126
-# define STORE_F_STORE_STORE_PRIVATE_KEY                  127
-# define STORE_F_STORE_STORE_PUBLIC_KEY                   128
-
-/* Reason codes. */
-# define STORE_R_ALREADY_HAS_A_VALUE                      127
-# define STORE_R_FAILED_DELETING_ARBITRARY                132
-# define STORE_R_FAILED_DELETING_CERTIFICATE              100
-# define STORE_R_FAILED_DELETING_KEY                      101
-# define STORE_R_FAILED_DELETING_NUMBER                   102
-# define STORE_R_FAILED_GENERATING_CRL                    103
-# define STORE_R_FAILED_GENERATING_KEY                    104
-# define STORE_R_FAILED_GETTING_ARBITRARY                 133
-# define STORE_R_FAILED_GETTING_CERTIFICATE               105
-# define STORE_R_FAILED_GETTING_KEY                       106
-# define STORE_R_FAILED_GETTING_NUMBER                    107
-# define STORE_R_FAILED_LISTING_CERTIFICATES              108
-# define STORE_R_FAILED_LISTING_KEYS                      109
-# define STORE_R_FAILED_MODIFYING_ARBITRARY               138
-# define STORE_R_FAILED_MODIFYING_CERTIFICATE             139
-# define STORE_R_FAILED_MODIFYING_CRL                     140
-# define STORE_R_FAILED_MODIFYING_NUMBER                  141
-# define STORE_R_FAILED_MODIFYING_PRIVATE_KEY             142
-# define STORE_R_FAILED_MODIFYING_PUBLIC_KEY              143
-# define STORE_R_FAILED_REVOKING_CERTIFICATE              110
-# define STORE_R_FAILED_REVOKING_KEY                      111
-# define STORE_R_FAILED_STORING_ARBITRARY                 134
-# define STORE_R_FAILED_STORING_CERTIFICATE               112
-# define STORE_R_FAILED_STORING_KEY                       113
-# define STORE_R_FAILED_STORING_NUMBER                    114
-# define STORE_R_NOT_IMPLEMENTED                          128
-# define STORE_R_NO_CONTROL_FUNCTION                      144
-# define STORE_R_NO_DELETE_ARBITRARY_FUNCTION             135
-# define STORE_R_NO_DELETE_NUMBER_FUNCTION                115
-# define STORE_R_NO_DELETE_OBJECT_FUNCTION                116
-# define STORE_R_NO_GENERATE_CRL_FUNCTION                 117
-# define STORE_R_NO_GENERATE_OBJECT_FUNCTION              118
-# define STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION         136
-# define STORE_R_NO_GET_OBJECT_FUNCTION                   119
-# define STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION            120
-# define STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION             131
-# define STORE_R_NO_LIST_OBJECT_END_FUNCTION              121
-# define STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION             122
-# define STORE_R_NO_LIST_OBJECT_START_FUNCTION            123
-# define STORE_R_NO_MODIFY_OBJECT_FUNCTION                145
-# define STORE_R_NO_REVOKE_OBJECT_FUNCTION                124
-# define STORE_R_NO_STORE                                 129
-# define STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION       137
-# define STORE_R_NO_STORE_OBJECT_FUNCTION                 125
-# define STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION          126
-# define STORE_R_NO_VALUE                                 130
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/crypto/store/str_err.c b/thirdparty/openssl/crypto/store/str_err.c
deleted file mode 100644
index 9858e606ea..0000000000
--- a/thirdparty/openssl/crypto/store/str_err.c
+++ /dev/null
@@ -1,258 +0,0 @@
-/* crypto/store/str_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/store.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_STORE,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_STORE,0,reason)
-
-static ERR_STRING_DATA STORE_str_functs[] = {
-    {ERR_FUNC(STORE_F_MEM_DELETE), "MEM_DELETE"},
-    {ERR_FUNC(STORE_F_MEM_GENERATE), "MEM_GENERATE"},
-    {ERR_FUNC(STORE_F_MEM_LIST_END), "MEM_LIST_END"},
-    {ERR_FUNC(STORE_F_MEM_LIST_NEXT), "MEM_LIST_NEXT"},
-    {ERR_FUNC(STORE_F_MEM_LIST_START), "MEM_LIST_START"},
-    {ERR_FUNC(STORE_F_MEM_MODIFY), "MEM_MODIFY"},
-    {ERR_FUNC(STORE_F_MEM_STORE), "MEM_STORE"},
-    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_GET0_CSTR),
-     "STORE_ATTR_INFO_get0_cstr"},
-    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_GET0_DN), "STORE_ATTR_INFO_get0_dn"},
-    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_GET0_NUMBER),
-     "STORE_ATTR_INFO_get0_number"},
-    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR),
-     "STORE_ATTR_INFO_get0_sha1str"},
-    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR),
-     "STORE_ATTR_INFO_modify_cstr"},
-    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_MODIFY_DN),
-     "STORE_ATTR_INFO_modify_dn"},
-    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER),
-     "STORE_ATTR_INFO_modify_number"},
-    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR),
-     "STORE_ATTR_INFO_modify_sha1str"},
-    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_SET_CSTR), "STORE_ATTR_INFO_set_cstr"},
-    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_SET_DN), "STORE_ATTR_INFO_set_dn"},
-    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_SET_NUMBER),
-     "STORE_ATTR_INFO_set_number"},
-    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_SET_SHA1STR),
-     "STORE_ATTR_INFO_set_sha1str"},
-    {ERR_FUNC(STORE_F_STORE_CERTIFICATE), "STORE_CERTIFICATE"},
-    {ERR_FUNC(STORE_F_STORE_CTRL), "STORE_ctrl"},
-    {ERR_FUNC(STORE_F_STORE_DELETE_ARBITRARY), "STORE_delete_arbitrary"},
-    {ERR_FUNC(STORE_F_STORE_DELETE_CERTIFICATE), "STORE_delete_certificate"},
-    {ERR_FUNC(STORE_F_STORE_DELETE_CRL), "STORE_delete_crl"},
-    {ERR_FUNC(STORE_F_STORE_DELETE_NUMBER), "STORE_delete_number"},
-    {ERR_FUNC(STORE_F_STORE_DELETE_PRIVATE_KEY), "STORE_delete_private_key"},
-    {ERR_FUNC(STORE_F_STORE_DELETE_PUBLIC_KEY), "STORE_delete_public_key"},
-    {ERR_FUNC(STORE_F_STORE_GENERATE_CRL), "STORE_generate_crl"},
-    {ERR_FUNC(STORE_F_STORE_GENERATE_KEY), "STORE_generate_key"},
-    {ERR_FUNC(STORE_F_STORE_GET_ARBITRARY), "STORE_get_arbitrary"},
-    {ERR_FUNC(STORE_F_STORE_GET_CERTIFICATE), "STORE_get_certificate"},
-    {ERR_FUNC(STORE_F_STORE_GET_CRL), "STORE_get_crl"},
-    {ERR_FUNC(STORE_F_STORE_GET_NUMBER), "STORE_get_number"},
-    {ERR_FUNC(STORE_F_STORE_GET_PRIVATE_KEY), "STORE_get_private_key"},
-    {ERR_FUNC(STORE_F_STORE_GET_PUBLIC_KEY), "STORE_get_public_key"},
-    {ERR_FUNC(STORE_F_STORE_LIST_CERTIFICATE_END),
-     "STORE_list_certificate_end"},
-    {ERR_FUNC(STORE_F_STORE_LIST_CERTIFICATE_ENDP),
-     "STORE_list_certificate_endp"},
-    {ERR_FUNC(STORE_F_STORE_LIST_CERTIFICATE_NEXT),
-     "STORE_list_certificate_next"},
-    {ERR_FUNC(STORE_F_STORE_LIST_CERTIFICATE_START),
-     "STORE_list_certificate_start"},
-    {ERR_FUNC(STORE_F_STORE_LIST_CRL_END), "STORE_list_crl_end"},
-    {ERR_FUNC(STORE_F_STORE_LIST_CRL_ENDP), "STORE_list_crl_endp"},
-    {ERR_FUNC(STORE_F_STORE_LIST_CRL_NEXT), "STORE_list_crl_next"},
-    {ERR_FUNC(STORE_F_STORE_LIST_CRL_START), "STORE_list_crl_start"},
-    {ERR_FUNC(STORE_F_STORE_LIST_PRIVATE_KEY_END),
-     "STORE_list_private_key_end"},
-    {ERR_FUNC(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP),
-     "STORE_list_private_key_endp"},
-    {ERR_FUNC(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT),
-     "STORE_list_private_key_next"},
-    {ERR_FUNC(STORE_F_STORE_LIST_PRIVATE_KEY_START),
-     "STORE_list_private_key_start"},
-    {ERR_FUNC(STORE_F_STORE_LIST_PUBLIC_KEY_END),
-     "STORE_list_public_key_end"},
-    {ERR_FUNC(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP),
-     "STORE_list_public_key_endp"},
-    {ERR_FUNC(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT),
-     "STORE_list_public_key_next"},
-    {ERR_FUNC(STORE_F_STORE_LIST_PUBLIC_KEY_START),
-     "STORE_list_public_key_start"},
-    {ERR_FUNC(STORE_F_STORE_MODIFY_ARBITRARY), "STORE_modify_arbitrary"},
-    {ERR_FUNC(STORE_F_STORE_MODIFY_CERTIFICATE), "STORE_modify_certificate"},
-    {ERR_FUNC(STORE_F_STORE_MODIFY_CRL), "STORE_modify_crl"},
-    {ERR_FUNC(STORE_F_STORE_MODIFY_NUMBER), "STORE_modify_number"},
-    {ERR_FUNC(STORE_F_STORE_MODIFY_PRIVATE_KEY), "STORE_modify_private_key"},
-    {ERR_FUNC(STORE_F_STORE_MODIFY_PUBLIC_KEY), "STORE_modify_public_key"},
-    {ERR_FUNC(STORE_F_STORE_NEW_ENGINE), "STORE_new_engine"},
-    {ERR_FUNC(STORE_F_STORE_NEW_METHOD), "STORE_new_method"},
-    {ERR_FUNC(STORE_F_STORE_PARSE_ATTRS_END), "STORE_parse_attrs_end"},
-    {ERR_FUNC(STORE_F_STORE_PARSE_ATTRS_ENDP), "STORE_parse_attrs_endp"},
-    {ERR_FUNC(STORE_F_STORE_PARSE_ATTRS_NEXT), "STORE_parse_attrs_next"},
-    {ERR_FUNC(STORE_F_STORE_PARSE_ATTRS_START), "STORE_parse_attrs_start"},
-    {ERR_FUNC(STORE_F_STORE_REVOKE_CERTIFICATE), "STORE_revoke_certificate"},
-    {ERR_FUNC(STORE_F_STORE_REVOKE_PRIVATE_KEY), "STORE_revoke_private_key"},
-    {ERR_FUNC(STORE_F_STORE_REVOKE_PUBLIC_KEY), "STORE_revoke_public_key"},
-    {ERR_FUNC(STORE_F_STORE_STORE_ARBITRARY), "STORE_store_arbitrary"},
-    {ERR_FUNC(STORE_F_STORE_STORE_CERTIFICATE), "STORE_store_certificate"},
-    {ERR_FUNC(STORE_F_STORE_STORE_CRL), "STORE_store_crl"},
-    {ERR_FUNC(STORE_F_STORE_STORE_NUMBER), "STORE_store_number"},
-    {ERR_FUNC(STORE_F_STORE_STORE_PRIVATE_KEY), "STORE_store_private_key"},
-    {ERR_FUNC(STORE_F_STORE_STORE_PUBLIC_KEY), "STORE_store_public_key"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA STORE_str_reasons[] = {
-    {ERR_REASON(STORE_R_ALREADY_HAS_A_VALUE), "already has a value"},
-    {ERR_REASON(STORE_R_FAILED_DELETING_ARBITRARY),
-     "failed deleting arbitrary"},
-    {ERR_REASON(STORE_R_FAILED_DELETING_CERTIFICATE),
-     "failed deleting certificate"},
-    {ERR_REASON(STORE_R_FAILED_DELETING_KEY), "failed deleting key"},
-    {ERR_REASON(STORE_R_FAILED_DELETING_NUMBER), "failed deleting number"},
-    {ERR_REASON(STORE_R_FAILED_GENERATING_CRL), "failed generating crl"},
-    {ERR_REASON(STORE_R_FAILED_GENERATING_KEY), "failed generating key"},
-    {ERR_REASON(STORE_R_FAILED_GETTING_ARBITRARY),
-     "failed getting arbitrary"},
-    {ERR_REASON(STORE_R_FAILED_GETTING_CERTIFICATE),
-     "failed getting certificate"},
-    {ERR_REASON(STORE_R_FAILED_GETTING_KEY), "failed getting key"},
-    {ERR_REASON(STORE_R_FAILED_GETTING_NUMBER), "failed getting number"},
-    {ERR_REASON(STORE_R_FAILED_LISTING_CERTIFICATES),
-     "failed listing certificates"},
-    {ERR_REASON(STORE_R_FAILED_LISTING_KEYS), "failed listing keys"},
-    {ERR_REASON(STORE_R_FAILED_MODIFYING_ARBITRARY),
-     "failed modifying arbitrary"},
-    {ERR_REASON(STORE_R_FAILED_MODIFYING_CERTIFICATE),
-     "failed modifying certificate"},
-    {ERR_REASON(STORE_R_FAILED_MODIFYING_CRL), "failed modifying crl"},
-    {ERR_REASON(STORE_R_FAILED_MODIFYING_NUMBER), "failed modifying number"},
-    {ERR_REASON(STORE_R_FAILED_MODIFYING_PRIVATE_KEY),
-     "failed modifying private key"},
-    {ERR_REASON(STORE_R_FAILED_MODIFYING_PUBLIC_KEY),
-     "failed modifying public key"},
-    {ERR_REASON(STORE_R_FAILED_REVOKING_CERTIFICATE),
-     "failed revoking certificate"},
-    {ERR_REASON(STORE_R_FAILED_REVOKING_KEY), "failed revoking key"},
-    {ERR_REASON(STORE_R_FAILED_STORING_ARBITRARY),
-     "failed storing arbitrary"},
-    {ERR_REASON(STORE_R_FAILED_STORING_CERTIFICATE),
-     "failed storing certificate"},
-    {ERR_REASON(STORE_R_FAILED_STORING_KEY), "failed storing key"},
-    {ERR_REASON(STORE_R_FAILED_STORING_NUMBER), "failed storing number"},
-    {ERR_REASON(STORE_R_NOT_IMPLEMENTED), "not implemented"},
-    {ERR_REASON(STORE_R_NO_CONTROL_FUNCTION), "no control function"},
-    {ERR_REASON(STORE_R_NO_DELETE_ARBITRARY_FUNCTION),
-     "no delete arbitrary function"},
-    {ERR_REASON(STORE_R_NO_DELETE_NUMBER_FUNCTION),
-     "no delete number function"},
-    {ERR_REASON(STORE_R_NO_DELETE_OBJECT_FUNCTION),
-     "no delete object function"},
-    {ERR_REASON(STORE_R_NO_GENERATE_CRL_FUNCTION),
-     "no generate crl function"},
-    {ERR_REASON(STORE_R_NO_GENERATE_OBJECT_FUNCTION),
-     "no generate object function"},
-    {ERR_REASON(STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION),
-     "no get object arbitrary function"},
-    {ERR_REASON(STORE_R_NO_GET_OBJECT_FUNCTION), "no get object function"},
-    {ERR_REASON(STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION),
-     "no get object number function"},
-    {ERR_REASON(STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION),
-     "no list object endp function"},
-    {ERR_REASON(STORE_R_NO_LIST_OBJECT_END_FUNCTION),
-     "no list object end function"},
-    {ERR_REASON(STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION),
-     "no list object next function"},
-    {ERR_REASON(STORE_R_NO_LIST_OBJECT_START_FUNCTION),
-     "no list object start function"},
-    {ERR_REASON(STORE_R_NO_MODIFY_OBJECT_FUNCTION),
-     "no modify object function"},
-    {ERR_REASON(STORE_R_NO_REVOKE_OBJECT_FUNCTION),
-     "no revoke object function"},
-    {ERR_REASON(STORE_R_NO_STORE), "no store"},
-    {ERR_REASON(STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION),
-     "no store object arbitrary function"},
-    {ERR_REASON(STORE_R_NO_STORE_OBJECT_FUNCTION),
-     "no store object function"},
-    {ERR_REASON(STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION),
-     "no store object number function"},
-    {ERR_REASON(STORE_R_NO_VALUE), "no value"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_STORE_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(STORE_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, STORE_str_functs);
-        ERR_load_strings(0, STORE_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/store/str_lib.c b/thirdparty/openssl/crypto/store/str_lib.c
deleted file mode 100644
index e3d5da9388..0000000000
--- a/thirdparty/openssl/crypto/store/str_lib.c
+++ /dev/null
@@ -1,1772 +0,0 @@
-/* crypto/store/str_lib.c */
-/*
- * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
- * 2003.
- */
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-#include <openssl/sha.h>
-#include <openssl/x509.h>
-#include "str_locl.h"
-
-const char *const STORE_object_type_string[STORE_OBJECT_TYPE_NUM + 1] = {
-    0,
-    "X.509 Certificate",
-    "X.509 CRL",
-    "Private Key",
-    "Public Key",
-    "Number",
-    "Arbitrary Data"
-};
-
-const int STORE_param_sizes[STORE_PARAM_TYPE_NUM + 1] = {
-    0,
-    sizeof(int),                /* EVP_TYPE */
-    sizeof(size_t),             /* BITS */
-    -1,                         /* KEY_PARAMETERS */
-    0                           /* KEY_NO_PARAMETERS */
-};
-
-const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM + 1] = {
-    0,
-    -1,                         /* FRIENDLYNAME: C string */
-    SHA_DIGEST_LENGTH,          /* KEYID: SHA1 digest, 160 bits */
-    SHA_DIGEST_LENGTH,          /* ISSUERKEYID: SHA1 digest, 160 bits */
-    SHA_DIGEST_LENGTH,          /* SUBJECTKEYID: SHA1 digest, 160 bits */
-    SHA_DIGEST_LENGTH,          /* ISSUERSERIALHASH: SHA1 digest, 160 bits */
-    sizeof(X509_NAME *),        /* ISSUER: X509_NAME * */
-    sizeof(BIGNUM *),           /* SERIAL: BIGNUM * */
-    sizeof(X509_NAME *),        /* SUBJECT: X509_NAME * */
-    SHA_DIGEST_LENGTH,          /* CERTHASH: SHA1 digest, 160 bits */
-    -1,                         /* EMAIL: C string */
-    -1,                         /* FILENAME: C string */
-};
-
-STORE *STORE_new_method(const STORE_METHOD *method)
-{
-    STORE *ret;
-
-    if (method == NULL) {
-        STOREerr(STORE_F_STORE_NEW_METHOD, ERR_R_PASSED_NULL_PARAMETER);
-        return NULL;
-    }
-
-    ret = (STORE *)OPENSSL_malloc(sizeof(STORE));
-    if (ret == NULL) {
-        STOREerr(STORE_F_STORE_NEW_METHOD, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    ret->meth = method;
-
-    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_STORE, ret, &ret->ex_data);
-    if (ret->meth->init && !ret->meth->init(ret)) {
-        STORE_free(ret);
-        ret = NULL;
-    }
-    return ret;
-}
-
-STORE *STORE_new_engine(ENGINE *engine)
-{
-    STORE *ret = NULL;
-    ENGINE *e = engine;
-    const STORE_METHOD *meth = 0;
-
-#ifdef OPENSSL_NO_ENGINE
-    e = NULL;
-#else
-    if (engine) {
-        if (!ENGINE_init(engine)) {
-            STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
-            return NULL;
-        }
-        e = engine;
-    } else {
-        STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_PASSED_NULL_PARAMETER);
-        return NULL;
-    }
-    if (e) {
-        meth = ENGINE_get_STORE(e);
-        if (!meth) {
-            STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
-            ENGINE_finish(e);
-            return NULL;
-        }
-    }
-#endif
-
-    ret = STORE_new_method(meth);
-    if (ret == NULL) {
-        STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_STORE_LIB);
-        return NULL;
-    }
-
-    ret->engine = e;
-
-    return (ret);
-}
-
-void STORE_free(STORE *store)
-{
-    if (store == NULL)
-        return;
-    if (store->meth->clean)
-        store->meth->clean(store);
-    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_STORE, store, &store->ex_data);
-    OPENSSL_free(store);
-}
-
-int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f) (void))
-{
-    if (store == NULL) {
-        STOREerr(STORE_F_STORE_CTRL, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    if (store->meth->ctrl)
-        return store->meth->ctrl(store, cmd, i, p, f);
-    STOREerr(STORE_F_STORE_CTRL, STORE_R_NO_CONTROL_FUNCTION);
-    return 0;
-}
-
-int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-                           CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE, argl, argp,
-                                   new_func, dup_func, free_func);
-}
-
-int STORE_set_ex_data(STORE *r, int idx, void *arg)
-{
-    return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
-}
-
-void *STORE_get_ex_data(STORE *r, int idx)
-{
-    return (CRYPTO_get_ex_data(&r->ex_data, idx));
-}
-
-const STORE_METHOD *STORE_get_method(STORE *store)
-{
-    return store->meth;
-}
-
-const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth)
-{
-    store->meth = meth;
-    return store->meth;
-}
-
-/* API helpers */
-
-#define check_store(s,fncode,fnname,fnerrcode) \
-        do \
-                { \
-                if ((s) == NULL || (s)->meth == NULL) \
-                        { \
-                        STOREerr((fncode), ERR_R_PASSED_NULL_PARAMETER); \
-                        return 0; \
-                        } \
-                if ((s)->meth->fnname == NULL) \
-                        { \
-                        STOREerr((fncode), (fnerrcode)); \
-                        return 0; \
-                        } \
-                } \
-        while(0)
-
-/* API functions */
-
-X509 *STORE_get_certificate(STORE *s, OPENSSL_ITEM attributes[],
-                            OPENSSL_ITEM parameters[])
-{
-    STORE_OBJECT *object;
-    X509 *x;
-
-    check_store(s, STORE_F_STORE_GET_CERTIFICATE,
-                get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
-
-    object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
-                                 attributes, parameters);
-    if (!object || !object->data.x509.certificate) {
-        STOREerr(STORE_F_STORE_GET_CERTIFICATE,
-                 STORE_R_FAILED_GETTING_CERTIFICATE);
-        return 0;
-    }
-    CRYPTO_add(&object->data.x509.certificate->references, 1,
-               CRYPTO_LOCK_X509);
-#ifdef REF_PRINT
-    REF_PRINT("X509", data);
-#endif
-    x = object->data.x509.certificate;
-    STORE_OBJECT_free(object);
-    return x;
-}
-
-int STORE_store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[],
-                            OPENSSL_ITEM parameters[])
-{
-    STORE_OBJECT *object;
-    int i;
-
-    check_store(s, STORE_F_STORE_CERTIFICATE,
-                store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
-
-    object = STORE_OBJECT_new();
-    if (!object) {
-        STOREerr(STORE_F_STORE_STORE_CERTIFICATE, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-
-    CRYPTO_add(&data->references, 1, CRYPTO_LOCK_X509);
-#ifdef REF_PRINT
-    REF_PRINT("X509", data);
-#endif
-    object->data.x509.certificate = data;
-
-    i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
-                              object, attributes, parameters);
-
-    STORE_OBJECT_free(object);
-
-    if (!i) {
-        STOREerr(STORE_F_STORE_STORE_CERTIFICATE,
-                 STORE_R_FAILED_STORING_CERTIFICATE);
-        return 0;
-    }
-    return 1;
-}
-
-int STORE_modify_certificate(STORE *s, OPENSSL_ITEM search_attributes[],
-                             OPENSSL_ITEM add_attributes[],
-                             OPENSSL_ITEM modify_attributes[],
-                             OPENSSL_ITEM delete_attributes[],
-                             OPENSSL_ITEM parameters[])
-{
-    check_store(s, STORE_F_STORE_MODIFY_CERTIFICATE,
-                modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
-
-    if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
-                                search_attributes, add_attributes,
-                                modify_attributes, delete_attributes,
-                                parameters)) {
-        STOREerr(STORE_F_STORE_MODIFY_CERTIFICATE,
-                 STORE_R_FAILED_MODIFYING_CERTIFICATE);
-        return 0;
-    }
-    return 1;
-}
-
-int STORE_revoke_certificate(STORE *s, OPENSSL_ITEM attributes[],
-                             OPENSSL_ITEM parameters[])
-{
-    check_store(s, STORE_F_STORE_REVOKE_CERTIFICATE,
-                revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
-
-    if (!s->meth->revoke_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
-                                attributes, parameters)) {
-        STOREerr(STORE_F_STORE_REVOKE_CERTIFICATE,
-                 STORE_R_FAILED_REVOKING_CERTIFICATE);
-        return 0;
-    }
-    return 1;
-}
-
-int STORE_delete_certificate(STORE *s, OPENSSL_ITEM attributes[],
-                             OPENSSL_ITEM parameters[])
-{
-    check_store(s, STORE_F_STORE_DELETE_CERTIFICATE,
-                delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
-
-    if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
-                                attributes, parameters)) {
-        STOREerr(STORE_F_STORE_DELETE_CERTIFICATE,
-                 STORE_R_FAILED_DELETING_CERTIFICATE);
-        return 0;
-    }
-    return 1;
-}
-
-void *STORE_list_certificate_start(STORE *s, OPENSSL_ITEM attributes[],
-                                   OPENSSL_ITEM parameters[])
-{
-    void *handle;
-
-    check_store(s, STORE_F_STORE_LIST_CERTIFICATE_START,
-                list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
-
-    handle = s->meth->list_object_start(s,
-                                        STORE_OBJECT_TYPE_X509_CERTIFICATE,
-                                        attributes, parameters);
-    if (!handle) {
-        STOREerr(STORE_F_STORE_LIST_CERTIFICATE_START,
-                 STORE_R_FAILED_LISTING_CERTIFICATES);
-        return 0;
-    }
-    return handle;
-}
-
-X509 *STORE_list_certificate_next(STORE *s, void *handle)
-{
-    STORE_OBJECT *object;
-    X509 *x;
-
-    check_store(s, STORE_F_STORE_LIST_CERTIFICATE_NEXT,
-                list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
-
-    object = s->meth->list_object_next(s, handle);
-    if (!object || !object->data.x509.certificate) {
-        STOREerr(STORE_F_STORE_LIST_CERTIFICATE_NEXT,
-                 STORE_R_FAILED_LISTING_CERTIFICATES);
-        return 0;
-    }
-    CRYPTO_add(&object->data.x509.certificate->references, 1,
-               CRYPTO_LOCK_X509);
-#ifdef REF_PRINT
-    REF_PRINT("X509", data);
-#endif
-    x = object->data.x509.certificate;
-    STORE_OBJECT_free(object);
-    return x;
-}
-
-int STORE_list_certificate_end(STORE *s, void *handle)
-{
-    check_store(s, STORE_F_STORE_LIST_CERTIFICATE_END,
-                list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
-
-    if (!s->meth->list_object_end(s, handle)) {
-        STOREerr(STORE_F_STORE_LIST_CERTIFICATE_END,
-                 STORE_R_FAILED_LISTING_CERTIFICATES);
-        return 0;
-    }
-    return 1;
-}
-
-int STORE_list_certificate_endp(STORE *s, void *handle)
-{
-    check_store(s, STORE_F_STORE_LIST_CERTIFICATE_ENDP,
-                list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
-
-    if (!s->meth->list_object_endp(s, handle)) {
-        STOREerr(STORE_F_STORE_LIST_CERTIFICATE_ENDP,
-                 STORE_R_FAILED_LISTING_CERTIFICATES);
-        return 0;
-    }
-    return 1;
-}
-
-EVP_PKEY *STORE_generate_key(STORE *s, OPENSSL_ITEM attributes[],
-                             OPENSSL_ITEM parameters[])
-{
-    STORE_OBJECT *object;
-    EVP_PKEY *pkey;
-
-    check_store(s, STORE_F_STORE_GENERATE_KEY,
-                generate_object, STORE_R_NO_GENERATE_OBJECT_FUNCTION);
-
-    object = s->meth->generate_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
-                                      attributes, parameters);
-    if (!object || !object->data.key) {
-        STOREerr(STORE_F_STORE_GENERATE_KEY, STORE_R_FAILED_GENERATING_KEY);
-        return 0;
-    }
-    CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
-#ifdef REF_PRINT
-    REF_PRINT("EVP_PKEY", data);
-#endif
-    pkey = object->data.key;
-    STORE_OBJECT_free(object);
-    return pkey;
-}
-
-EVP_PKEY *STORE_get_private_key(STORE *s, OPENSSL_ITEM attributes[],
-                                OPENSSL_ITEM parameters[])
-{
-    STORE_OBJECT *object;
-    EVP_PKEY *pkey;
-
-    check_store(s, STORE_F_STORE_GET_PRIVATE_KEY,
-                get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
-
-    object = s->meth->get_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
-                                 attributes, parameters);
-    if (!object || !object->data.key || !object->data.key) {
-        STOREerr(STORE_F_STORE_GET_PRIVATE_KEY, STORE_R_FAILED_GETTING_KEY);
-        return 0;
-    }
-    CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
-#ifdef REF_PRINT
-    REF_PRINT("EVP_PKEY", data);
-#endif
-    pkey = object->data.key;
-    STORE_OBJECT_free(object);
-    return pkey;
-}
-
-int STORE_store_private_key(STORE *s, EVP_PKEY *data,
-                            OPENSSL_ITEM attributes[],
-                            OPENSSL_ITEM parameters[])
-{
-    STORE_OBJECT *object;
-    int i;
-
-    check_store(s, STORE_F_STORE_STORE_PRIVATE_KEY,
-                store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
-
-    object = STORE_OBJECT_new();
-    if (!object) {
-        STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    object->data.key = EVP_PKEY_new();
-    if (!object->data.key) {
-        STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-
-    CRYPTO_add(&data->references, 1, CRYPTO_LOCK_EVP_PKEY);
-#ifdef REF_PRINT
-    REF_PRINT("EVP_PKEY", data);
-#endif
-    object->data.key = data;
-
-    i = s->meth->store_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, object,
-                              attributes, parameters);
-
-    STORE_OBJECT_free(object);
-
-    if (!i) {
-        STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, STORE_R_FAILED_STORING_KEY);
-        return 0;
-    }
-    return i;
-}
-
-int STORE_modify_private_key(STORE *s, OPENSSL_ITEM search_attributes[],
-                             OPENSSL_ITEM add_attributes[],
-                             OPENSSL_ITEM modify_attributes[],
-                             OPENSSL_ITEM delete_attributes[],
-                             OPENSSL_ITEM parameters[])
-{
-    check_store(s, STORE_F_STORE_MODIFY_PRIVATE_KEY,
-                modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
-
-    if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
-                                search_attributes, add_attributes,
-                                modify_attributes, delete_attributes,
-                                parameters)) {
-        STOREerr(STORE_F_STORE_MODIFY_PRIVATE_KEY,
-                 STORE_R_FAILED_MODIFYING_PRIVATE_KEY);
-        return 0;
-    }
-    return 1;
-}
-
-int STORE_revoke_private_key(STORE *s, OPENSSL_ITEM attributes[],
-                             OPENSSL_ITEM parameters[])
-{
-    int i;
-
-    check_store(s, STORE_F_STORE_REVOKE_PRIVATE_KEY,
-                revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
-
-    i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
-                               attributes, parameters);
-
-    if (!i) {
-        STOREerr(STORE_F_STORE_REVOKE_PRIVATE_KEY,
-                 STORE_R_FAILED_REVOKING_KEY);
-        return 0;
-    }
-    return i;
-}
-
-int STORE_delete_private_key(STORE *s, OPENSSL_ITEM attributes[],
-                             OPENSSL_ITEM parameters[])
-{
-    check_store(s, STORE_F_STORE_DELETE_PRIVATE_KEY,
-                delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
-
-    if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
-                                attributes, parameters)) {
-        STOREerr(STORE_F_STORE_DELETE_PRIVATE_KEY,
-                 STORE_R_FAILED_DELETING_KEY);
-        return 0;
-    }
-    return 1;
-}
-
-void *STORE_list_private_key_start(STORE *s, OPENSSL_ITEM attributes[],
-                                   OPENSSL_ITEM parameters[])
-{
-    void *handle;
-
-    check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_START,
-                list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
-
-    handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
-                                        attributes, parameters);
-    if (!handle) {
-        STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_START,
-                 STORE_R_FAILED_LISTING_KEYS);
-        return 0;
-    }
-    return handle;
-}
-
-EVP_PKEY *STORE_list_private_key_next(STORE *s, void *handle)
-{
-    STORE_OBJECT *object;
-    EVP_PKEY *pkey;
-
-    check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
-                list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
-
-    object = s->meth->list_object_next(s, handle);
-    if (!object || !object->data.key || !object->data.key) {
-        STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
-                 STORE_R_FAILED_LISTING_KEYS);
-        return 0;
-    }
-    CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
-#ifdef REF_PRINT
-    REF_PRINT("EVP_PKEY", data);
-#endif
-    pkey = object->data.key;
-    STORE_OBJECT_free(object);
-    return pkey;
-}
-
-int STORE_list_private_key_end(STORE *s, void *handle)
-{
-    check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_END,
-                list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
-
-    if (!s->meth->list_object_end(s, handle)) {
-        STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_END,
-                 STORE_R_FAILED_LISTING_KEYS);
-        return 0;
-    }
-    return 1;
-}
-
-int STORE_list_private_key_endp(STORE *s, void *handle)
-{
-    check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
-                list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
-
-    if (!s->meth->list_object_endp(s, handle)) {
-        STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
-                 STORE_R_FAILED_LISTING_KEYS);
-        return 0;
-    }
-    return 1;
-}
-
-EVP_PKEY *STORE_get_public_key(STORE *s, OPENSSL_ITEM attributes[],
-                               OPENSSL_ITEM parameters[])
-{
-    STORE_OBJECT *object;
-    EVP_PKEY *pkey;
-
-    check_store(s, STORE_F_STORE_GET_PUBLIC_KEY,
-                get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
-
-    object = s->meth->get_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
-                                 attributes, parameters);
-    if (!object || !object->data.key || !object->data.key) {
-        STOREerr(STORE_F_STORE_GET_PUBLIC_KEY, STORE_R_FAILED_GETTING_KEY);
-        return 0;
-    }
-    CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
-#ifdef REF_PRINT
-    REF_PRINT("EVP_PKEY", data);
-#endif
-    pkey = object->data.key;
-    STORE_OBJECT_free(object);
-    return pkey;
-}
-
-int STORE_store_public_key(STORE *s, EVP_PKEY *data,
-                           OPENSSL_ITEM attributes[],
-                           OPENSSL_ITEM parameters[])
-{
-    STORE_OBJECT *object;
-    int i;
-
-    check_store(s, STORE_F_STORE_STORE_PUBLIC_KEY,
-                store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
-
-    object = STORE_OBJECT_new();
-    if (!object) {
-        STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    object->data.key = EVP_PKEY_new();
-    if (!object->data.key) {
-        STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-
-    CRYPTO_add(&data->references, 1, CRYPTO_LOCK_EVP_PKEY);
-#ifdef REF_PRINT
-    REF_PRINT("EVP_PKEY", data);
-#endif
-    object->data.key = data;
-
-    i = s->meth->store_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, object,
-                              attributes, parameters);
-
-    STORE_OBJECT_free(object);
-
-    if (!i) {
-        STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, STORE_R_FAILED_STORING_KEY);
-        return 0;
-    }
-    return i;
-}
-
-int STORE_modify_public_key(STORE *s, OPENSSL_ITEM search_attributes[],
-                            OPENSSL_ITEM add_attributes[],
-                            OPENSSL_ITEM modify_attributes[],
-                            OPENSSL_ITEM delete_attributes[],
-                            OPENSSL_ITEM parameters[])
-{
-    check_store(s, STORE_F_STORE_MODIFY_PUBLIC_KEY,
-                modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
-
-    if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
-                                search_attributes, add_attributes,
-                                modify_attributes, delete_attributes,
-                                parameters)) {
-        STOREerr(STORE_F_STORE_MODIFY_PUBLIC_KEY,
-                 STORE_R_FAILED_MODIFYING_PUBLIC_KEY);
-        return 0;
-    }
-    return 1;
-}
-
-int STORE_revoke_public_key(STORE *s, OPENSSL_ITEM attributes[],
-                            OPENSSL_ITEM parameters[])
-{
-    int i;
-
-    check_store(s, STORE_F_STORE_REVOKE_PUBLIC_KEY,
-                revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
-
-    i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
-                               attributes, parameters);
-
-    if (!i) {
-        STOREerr(STORE_F_STORE_REVOKE_PUBLIC_KEY,
-                 STORE_R_FAILED_REVOKING_KEY);
-        return 0;
-    }
-    return i;
-}
-
-int STORE_delete_public_key(STORE *s, OPENSSL_ITEM attributes[],
-                            OPENSSL_ITEM parameters[])
-{
-    check_store(s, STORE_F_STORE_DELETE_PUBLIC_KEY,
-                delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
-
-    if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
-                                attributes, parameters)) {
-        STOREerr(STORE_F_STORE_DELETE_PUBLIC_KEY,
-                 STORE_R_FAILED_DELETING_KEY);
-        return 0;
-    }
-    return 1;
-}
-
-void *STORE_list_public_key_start(STORE *s, OPENSSL_ITEM attributes[],
-                                  OPENSSL_ITEM parameters[])
-{
-    void *handle;
-
-    check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_START,
-                list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
-
-    handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
-                                        attributes, parameters);
-    if (!handle) {
-        STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_START,
-                 STORE_R_FAILED_LISTING_KEYS);
-        return 0;
-    }
-    return handle;
-}
-
-EVP_PKEY *STORE_list_public_key_next(STORE *s, void *handle)
-{
-    STORE_OBJECT *object;
-    EVP_PKEY *pkey;
-
-    check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
-                list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
-
-    object = s->meth->list_object_next(s, handle);
-    if (!object || !object->data.key || !object->data.key) {
-        STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
-                 STORE_R_FAILED_LISTING_KEYS);
-        return 0;
-    }
-    CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
-#ifdef REF_PRINT
-    REF_PRINT("EVP_PKEY", data);
-#endif
-    pkey = object->data.key;
-    STORE_OBJECT_free(object);
-    return pkey;
-}
-
-int STORE_list_public_key_end(STORE *s, void *handle)
-{
-    check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_END,
-                list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
-
-    if (!s->meth->list_object_end(s, handle)) {
-        STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_END,
-                 STORE_R_FAILED_LISTING_KEYS);
-        return 0;
-    }
-    return 1;
-}
-
-int STORE_list_public_key_endp(STORE *s, void *handle)
-{
-    check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
-                list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
-
-    if (!s->meth->list_object_endp(s, handle)) {
-        STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
-                 STORE_R_FAILED_LISTING_KEYS);
-        return 0;
-    }
-    return 1;
-}
-
-X509_CRL *STORE_generate_crl(STORE *s, OPENSSL_ITEM attributes[],
-                             OPENSSL_ITEM parameters[])
-{
-    STORE_OBJECT *object;
-    X509_CRL *crl;
-
-    check_store(s, STORE_F_STORE_GENERATE_CRL,
-                generate_object, STORE_R_NO_GENERATE_CRL_FUNCTION);
-
-    object = s->meth->generate_object(s, STORE_OBJECT_TYPE_X509_CRL,
-                                      attributes, parameters);
-    if (!object || !object->data.crl) {
-        STOREerr(STORE_F_STORE_GENERATE_CRL, STORE_R_FAILED_GENERATING_CRL);
-        return 0;
-    }
-    CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
-#ifdef REF_PRINT
-    REF_PRINT("X509_CRL", data);
-#endif
-    crl = object->data.crl;
-    STORE_OBJECT_free(object);
-    return crl;
-}
-
-X509_CRL *STORE_get_crl(STORE *s, OPENSSL_ITEM attributes[],
-                        OPENSSL_ITEM parameters[])
-{
-    STORE_OBJECT *object;
-    X509_CRL *crl;
-
-    check_store(s, STORE_F_STORE_GET_CRL,
-                get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
-
-    object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CRL,
-                                 attributes, parameters);
-    if (!object || !object->data.crl) {
-        STOREerr(STORE_F_STORE_GET_CRL, STORE_R_FAILED_GETTING_KEY);
-        return 0;
-    }
-    CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
-#ifdef REF_PRINT
-    REF_PRINT("X509_CRL", data);
-#endif
-    crl = object->data.crl;
-    STORE_OBJECT_free(object);
-    return crl;
-}
-
-int STORE_store_crl(STORE *s, X509_CRL *data, OPENSSL_ITEM attributes[],
-                    OPENSSL_ITEM parameters[])
-{
-    STORE_OBJECT *object;
-    int i;
-
-    check_store(s, STORE_F_STORE_STORE_CRL,
-                store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
-
-    object = STORE_OBJECT_new();
-    if (!object) {
-        STOREerr(STORE_F_STORE_STORE_CRL, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-
-    CRYPTO_add(&data->references, 1, CRYPTO_LOCK_X509_CRL);
-#ifdef REF_PRINT
-    REF_PRINT("X509_CRL", data);
-#endif
-    object->data.crl = data;
-
-    i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CRL, object,
-                              attributes, parameters);
-
-    STORE_OBJECT_free(object);
-
-    if (!i) {
-        STOREerr(STORE_F_STORE_STORE_CRL, STORE_R_FAILED_STORING_KEY);
-        return 0;
-    }
-    return i;
-}
-
-int STORE_modify_crl(STORE *s, OPENSSL_ITEM search_attributes[],
-                     OPENSSL_ITEM add_attributes[],
-                     OPENSSL_ITEM modify_attributes[],
-                     OPENSSL_ITEM delete_attributes[],
-                     OPENSSL_ITEM parameters[])
-{
-    check_store(s, STORE_F_STORE_MODIFY_CRL,
-                modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
-
-    if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CRL,
-                                search_attributes, add_attributes,
-                                modify_attributes, delete_attributes,
-                                parameters)) {
-        STOREerr(STORE_F_STORE_MODIFY_CRL, STORE_R_FAILED_MODIFYING_CRL);
-        return 0;
-    }
-    return 1;
-}
-
-int STORE_delete_crl(STORE *s, OPENSSL_ITEM attributes[],
-                     OPENSSL_ITEM parameters[])
-{
-    check_store(s, STORE_F_STORE_DELETE_CRL,
-                delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
-
-    if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CRL,
-                                attributes, parameters)) {
-        STOREerr(STORE_F_STORE_DELETE_CRL, STORE_R_FAILED_DELETING_KEY);
-        return 0;
-    }
-    return 1;
-}
-
-void *STORE_list_crl_start(STORE *s, OPENSSL_ITEM attributes[],
-                           OPENSSL_ITEM parameters[])
-{
-    void *handle;
-
-    check_store(s, STORE_F_STORE_LIST_CRL_START,
-                list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
-
-    handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_X509_CRL,
-                                        attributes, parameters);
-    if (!handle) {
-        STOREerr(STORE_F_STORE_LIST_CRL_START, STORE_R_FAILED_LISTING_KEYS);
-        return 0;
-    }
-    return handle;
-}
-
-X509_CRL *STORE_list_crl_next(STORE *s, void *handle)
-{
-    STORE_OBJECT *object;
-    X509_CRL *crl;
-
-    check_store(s, STORE_F_STORE_LIST_CRL_NEXT,
-                list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
-
-    object = s->meth->list_object_next(s, handle);
-    if (!object || !object->data.crl) {
-        STOREerr(STORE_F_STORE_LIST_CRL_NEXT, STORE_R_FAILED_LISTING_KEYS);
-        return 0;
-    }
-    CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
-#ifdef REF_PRINT
-    REF_PRINT("X509_CRL", data);
-#endif
-    crl = object->data.crl;
-    STORE_OBJECT_free(object);
-    return crl;
-}
-
-int STORE_list_crl_end(STORE *s, void *handle)
-{
-    check_store(s, STORE_F_STORE_LIST_CRL_END,
-                list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
-
-    if (!s->meth->list_object_end(s, handle)) {
-        STOREerr(STORE_F_STORE_LIST_CRL_END, STORE_R_FAILED_LISTING_KEYS);
-        return 0;
-    }
-    return 1;
-}
-
-int STORE_list_crl_endp(STORE *s, void *handle)
-{
-    check_store(s, STORE_F_STORE_LIST_CRL_ENDP,
-                list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
-
-    if (!s->meth->list_object_endp(s, handle)) {
-        STOREerr(STORE_F_STORE_LIST_CRL_ENDP, STORE_R_FAILED_LISTING_KEYS);
-        return 0;
-    }
-    return 1;
-}
-
-int STORE_store_number(STORE *s, BIGNUM *data, OPENSSL_ITEM attributes[],
-                       OPENSSL_ITEM parameters[])
-{
-    STORE_OBJECT *object;
-    int i;
-
-    check_store(s, STORE_F_STORE_STORE_NUMBER,
-                store_object, STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION);
-
-    object = STORE_OBJECT_new();
-    if (!object) {
-        STOREerr(STORE_F_STORE_STORE_NUMBER, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-
-    object->data.number = data;
-
-    i = s->meth->store_object(s, STORE_OBJECT_TYPE_NUMBER, object,
-                              attributes, parameters);
-
-    STORE_OBJECT_free(object);
-
-    if (!i) {
-        STOREerr(STORE_F_STORE_STORE_NUMBER, STORE_R_FAILED_STORING_NUMBER);
-        return 0;
-    }
-    return 1;
-}
-
-int STORE_modify_number(STORE *s, OPENSSL_ITEM search_attributes[],
-                        OPENSSL_ITEM add_attributes[],
-                        OPENSSL_ITEM modify_attributes[],
-                        OPENSSL_ITEM delete_attributes[],
-                        OPENSSL_ITEM parameters[])
-{
-    check_store(s, STORE_F_STORE_MODIFY_NUMBER,
-                modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
-
-    if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_NUMBER,
-                                search_attributes, add_attributes,
-                                modify_attributes, delete_attributes,
-                                parameters)) {
-        STOREerr(STORE_F_STORE_MODIFY_NUMBER,
-                 STORE_R_FAILED_MODIFYING_NUMBER);
-        return 0;
-    }
-    return 1;
-}
-
-BIGNUM *STORE_get_number(STORE *s, OPENSSL_ITEM attributes[],
-                         OPENSSL_ITEM parameters[])
-{
-    STORE_OBJECT *object;
-    BIGNUM *n;
-
-    check_store(s, STORE_F_STORE_GET_NUMBER,
-                get_object, STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION);
-
-    object = s->meth->get_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
-                                 parameters);
-    if (!object || !object->data.number) {
-        STOREerr(STORE_F_STORE_GET_NUMBER, STORE_R_FAILED_GETTING_NUMBER);
-        return 0;
-    }
-    n = object->data.number;
-    object->data.number = NULL;
-    STORE_OBJECT_free(object);
-    return n;
-}
-
-int STORE_delete_number(STORE *s, OPENSSL_ITEM attributes[],
-                        OPENSSL_ITEM parameters[])
-{
-    check_store(s, STORE_F_STORE_DELETE_NUMBER,
-                delete_object, STORE_R_NO_DELETE_NUMBER_FUNCTION);
-
-    if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
-                                parameters)) {
-        STOREerr(STORE_F_STORE_DELETE_NUMBER, STORE_R_FAILED_DELETING_NUMBER);
-        return 0;
-    }
-    return 1;
-}
-
-int STORE_store_arbitrary(STORE *s, BUF_MEM *data, OPENSSL_ITEM attributes[],
-                          OPENSSL_ITEM parameters[])
-{
-    STORE_OBJECT *object;
-    int i;
-
-    check_store(s, STORE_F_STORE_STORE_ARBITRARY,
-                store_object, STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION);
-
-    object = STORE_OBJECT_new();
-    if (!object) {
-        STOREerr(STORE_F_STORE_STORE_ARBITRARY, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-
-    object->data.arbitrary = data;
-
-    i = s->meth->store_object(s, STORE_OBJECT_TYPE_ARBITRARY, object,
-                              attributes, parameters);
-
-    STORE_OBJECT_free(object);
-
-    if (!i) {
-        STOREerr(STORE_F_STORE_STORE_ARBITRARY,
-                 STORE_R_FAILED_STORING_ARBITRARY);
-        return 0;
-    }
-    return 1;
-}
-
-int STORE_modify_arbitrary(STORE *s, OPENSSL_ITEM search_attributes[],
-                           OPENSSL_ITEM add_attributes[],
-                           OPENSSL_ITEM modify_attributes[],
-                           OPENSSL_ITEM delete_attributes[],
-                           OPENSSL_ITEM parameters[])
-{
-    check_store(s, STORE_F_STORE_MODIFY_ARBITRARY,
-                modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
-
-    if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_ARBITRARY,
-                                search_attributes, add_attributes,
-                                modify_attributes, delete_attributes,
-                                parameters)) {
-        STOREerr(STORE_F_STORE_MODIFY_ARBITRARY,
-                 STORE_R_FAILED_MODIFYING_ARBITRARY);
-        return 0;
-    }
-    return 1;
-}
-
-BUF_MEM *STORE_get_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
-                             OPENSSL_ITEM parameters[])
-{
-    STORE_OBJECT *object;
-    BUF_MEM *b;
-
-    check_store(s, STORE_F_STORE_GET_ARBITRARY,
-                get_object, STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION);
-
-    object = s->meth->get_object(s, STORE_OBJECT_TYPE_ARBITRARY,
-                                 attributes, parameters);
-    if (!object || !object->data.arbitrary) {
-        STOREerr(STORE_F_STORE_GET_ARBITRARY,
-                 STORE_R_FAILED_GETTING_ARBITRARY);
-        return 0;
-    }
-    b = object->data.arbitrary;
-    object->data.arbitrary = NULL;
-    STORE_OBJECT_free(object);
-    return b;
-}
-
-int STORE_delete_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
-                           OPENSSL_ITEM parameters[])
-{
-    check_store(s, STORE_F_STORE_DELETE_ARBITRARY,
-                delete_object, STORE_R_NO_DELETE_ARBITRARY_FUNCTION);
-
-    if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_ARBITRARY, attributes,
-                                parameters)) {
-        STOREerr(STORE_F_STORE_DELETE_ARBITRARY,
-                 STORE_R_FAILED_DELETING_ARBITRARY);
-        return 0;
-    }
-    return 1;
-}
-
-STORE_OBJECT *STORE_OBJECT_new(void)
-{
-    STORE_OBJECT *object = OPENSSL_malloc(sizeof(STORE_OBJECT));
-    if (object)
-        memset(object, 0, sizeof(STORE_OBJECT));
-    return object;
-}
-
-void STORE_OBJECT_free(STORE_OBJECT *data)
-{
-    if (!data)
-        return;
-    switch (data->type) {
-    case STORE_OBJECT_TYPE_X509_CERTIFICATE:
-        X509_free(data->data.x509.certificate);
-        break;
-    case STORE_OBJECT_TYPE_X509_CRL:
-        X509_CRL_free(data->data.crl);
-        break;
-    case STORE_OBJECT_TYPE_PRIVATE_KEY:
-    case STORE_OBJECT_TYPE_PUBLIC_KEY:
-        EVP_PKEY_free(data->data.key);
-        break;
-    case STORE_OBJECT_TYPE_NUMBER:
-        BN_free(data->data.number);
-        break;
-    case STORE_OBJECT_TYPE_ARBITRARY:
-        BUF_MEM_free(data->data.arbitrary);
-        break;
-    }
-    OPENSSL_free(data);
-}
-
-IMPLEMENT_STACK_OF(STORE_OBJECT*)
-
-struct STORE_attr_info_st {
-    unsigned char set[(STORE_ATTR_TYPE_NUM + 8) / 8];
-    union {
-        char *cstring;
-        unsigned char *sha1string;
-        X509_NAME *dn;
-        BIGNUM *number;
-        void *any;
-    } values[STORE_ATTR_TYPE_NUM + 1];
-    size_t value_sizes[STORE_ATTR_TYPE_NUM + 1];
-};
-
-#define ATTR_IS_SET(a,i)        ((i) > 0 && (i) < STORE_ATTR_TYPE_NUM \
-                                && ((a)->set[(i) / 8] & (1 << ((i) % 8))))
-#define SET_ATTRBIT(a,i)        ((a)->set[(i) / 8] |= (1 << ((i) % 8)))
-#define CLEAR_ATTRBIT(a,i)      ((a)->set[(i) / 8] &= ~(1 << ((i) % 8)))
-
-STORE_ATTR_INFO *STORE_ATTR_INFO_new(void)
-{
-    return (STORE_ATTR_INFO *)OPENSSL_malloc(sizeof(STORE_ATTR_INFO));
-}
-
-static void STORE_ATTR_INFO_attr_free(STORE_ATTR_INFO *attrs,
-                                      STORE_ATTR_TYPES code)
-{
-    if (ATTR_IS_SET(attrs, code)) {
-        switch (code) {
-        case STORE_ATTR_FRIENDLYNAME:
-        case STORE_ATTR_EMAIL:
-        case STORE_ATTR_FILENAME:
-            STORE_ATTR_INFO_modify_cstr(attrs, code, NULL, 0);
-            break;
-        case STORE_ATTR_KEYID:
-        case STORE_ATTR_ISSUERKEYID:
-        case STORE_ATTR_SUBJECTKEYID:
-        case STORE_ATTR_ISSUERSERIALHASH:
-        case STORE_ATTR_CERTHASH:
-            STORE_ATTR_INFO_modify_sha1str(attrs, code, NULL, 0);
-            break;
-        case STORE_ATTR_ISSUER:
-        case STORE_ATTR_SUBJECT:
-            STORE_ATTR_INFO_modify_dn(attrs, code, NULL);
-            break;
-        case STORE_ATTR_SERIAL:
-            STORE_ATTR_INFO_modify_number(attrs, code, NULL);
-            break;
-        default:
-            break;
-        }
-    }
-}
-
-int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs)
-{
-    if (attrs) {
-        STORE_ATTR_TYPES i;
-        for (i = 0; i++ < STORE_ATTR_TYPE_NUM;)
-            STORE_ATTR_INFO_attr_free(attrs, i);
-        OPENSSL_free(attrs);
-    }
-    return 1;
-}
-
-char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
-{
-    if (!attrs) {
-        STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
-                 ERR_R_PASSED_NULL_PARAMETER);
-        return NULL;
-    }
-    if (ATTR_IS_SET(attrs, code))
-        return attrs->values[code].cstring;
-    STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR, STORE_R_NO_VALUE);
-    return NULL;
-}
-
-unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
-                                            STORE_ATTR_TYPES code)
-{
-    if (!attrs) {
-        STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
-                 ERR_R_PASSED_NULL_PARAMETER);
-        return NULL;
-    }
-    if (ATTR_IS_SET(attrs, code))
-        return attrs->values[code].sha1string;
-    STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR, STORE_R_NO_VALUE);
-    return NULL;
-}
-
-X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs,
-                                   STORE_ATTR_TYPES code)
-{
-    if (!attrs) {
-        STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
-                 ERR_R_PASSED_NULL_PARAMETER);
-        return NULL;
-    }
-    if (ATTR_IS_SET(attrs, code))
-        return attrs->values[code].dn;
-    STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN, STORE_R_NO_VALUE);
-    return NULL;
-}
-
-BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs,
-                                    STORE_ATTR_TYPES code)
-{
-    if (!attrs) {
-        STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
-                 ERR_R_PASSED_NULL_PARAMETER);
-        return NULL;
-    }
-    if (ATTR_IS_SET(attrs, code))
-        return attrs->values[code].number;
-    STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER, STORE_R_NO_VALUE);
-    return NULL;
-}
-
-int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
-                             char *cstr, size_t cstr_size)
-{
-    if (!attrs) {
-        STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
-                 ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    if (!ATTR_IS_SET(attrs, code)) {
-        if ((attrs->values[code].cstring = BUF_strndup(cstr, cstr_size)))
-            return 1;
-        STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, STORE_R_ALREADY_HAS_A_VALUE);
-    return 0;
-}
-
-int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
-                                unsigned char *sha1str, size_t sha1str_size)
-{
-    if (!attrs) {
-        STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
-                 ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    if (!ATTR_IS_SET(attrs, code)) {
-        if ((attrs->values[code].sha1string =
-             (unsigned char *)BUF_memdup(sha1str, sha1str_size)))
-            return 1;
-        STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
-             STORE_R_ALREADY_HAS_A_VALUE);
-    return 0;
-}
-
-int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
-                           X509_NAME *dn)
-{
-    if (!attrs) {
-        STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    if (!ATTR_IS_SET(attrs, code)) {
-        if ((attrs->values[code].dn = X509_NAME_dup(dn)))
-            return 1;
-        STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, STORE_R_ALREADY_HAS_A_VALUE);
-    return 0;
-}
-
-int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
-                               BIGNUM *number)
-{
-    if (!attrs) {
-        STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER,
-                 ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    if (!ATTR_IS_SET(attrs, code)) {
-        if ((attrs->values[code].number = BN_dup(number)))
-            return 1;
-        STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, STORE_R_ALREADY_HAS_A_VALUE);
-    return 0;
-}
-
-int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
-                                char *cstr, size_t cstr_size)
-{
-    if (!attrs) {
-        STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR,
-                 ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    if (ATTR_IS_SET(attrs, code)) {
-        OPENSSL_free(attrs->values[code].cstring);
-        attrs->values[code].cstring = NULL;
-        CLEAR_ATTRBIT(attrs, code);
-    }
-    return STORE_ATTR_INFO_set_cstr(attrs, code, cstr, cstr_size);
-}
-
-int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs,
-                                   STORE_ATTR_TYPES code,
-                                   unsigned char *sha1str,
-                                   size_t sha1str_size)
-{
-    if (!attrs) {
-        STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR,
-                 ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    if (ATTR_IS_SET(attrs, code)) {
-        OPENSSL_free(attrs->values[code].sha1string);
-        attrs->values[code].sha1string = NULL;
-        CLEAR_ATTRBIT(attrs, code);
-    }
-    return STORE_ATTR_INFO_set_sha1str(attrs, code, sha1str, sha1str_size);
-}
-
-int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
-                              X509_NAME *dn)
-{
-    if (!attrs) {
-        STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_DN,
-                 ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    if (ATTR_IS_SET(attrs, code)) {
-        OPENSSL_free(attrs->values[code].dn);
-        attrs->values[code].dn = NULL;
-        CLEAR_ATTRBIT(attrs, code);
-    }
-    return STORE_ATTR_INFO_set_dn(attrs, code, dn);
-}
-
-int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs,
-                                  STORE_ATTR_TYPES code, BIGNUM *number)
-{
-    if (!attrs) {
-        STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER,
-                 ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    if (ATTR_IS_SET(attrs, code)) {
-        OPENSSL_free(attrs->values[code].number);
-        attrs->values[code].number = NULL;
-        CLEAR_ATTRBIT(attrs, code);
-    }
-    return STORE_ATTR_INFO_set_number(attrs, code, number);
-}
-
-struct attr_list_ctx_st {
-    OPENSSL_ITEM *attributes;
-};
-void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes)
-{
-    if (attributes) {
-        struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)
-            OPENSSL_malloc(sizeof(struct attr_list_ctx_st));
-        if (context)
-            context->attributes = attributes;
-        else
-            STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_MALLOC_FAILURE);
-        return context;
-    }
-    STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_PASSED_NULL_PARAMETER);
-    return 0;
-}
-
-STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle)
-{
-    struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
-
-    if (context && context->attributes) {
-        STORE_ATTR_INFO *attrs = NULL;
-
-        while (context->attributes
-               && context->attributes->code != STORE_ATTR_OR
-               && context->attributes->code != STORE_ATTR_END) {
-            switch (context->attributes->code) {
-            case STORE_ATTR_FRIENDLYNAME:
-            case STORE_ATTR_EMAIL:
-            case STORE_ATTR_FILENAME:
-                if (!attrs)
-                    attrs = STORE_ATTR_INFO_new();
-                if (attrs == NULL) {
-                    STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
-                             ERR_R_MALLOC_FAILURE);
-                    goto err;
-                }
-                STORE_ATTR_INFO_set_cstr(attrs,
-                                         context->attributes->code,
-                                         context->attributes->value,
-                                         context->attributes->value_size);
-                break;
-            case STORE_ATTR_KEYID:
-            case STORE_ATTR_ISSUERKEYID:
-            case STORE_ATTR_SUBJECTKEYID:
-            case STORE_ATTR_ISSUERSERIALHASH:
-            case STORE_ATTR_CERTHASH:
-                if (!attrs)
-                    attrs = STORE_ATTR_INFO_new();
-                if (attrs == NULL) {
-                    STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
-                             ERR_R_MALLOC_FAILURE);
-                    goto err;
-                }
-                STORE_ATTR_INFO_set_sha1str(attrs,
-                                            context->attributes->code,
-                                            context->attributes->value,
-                                            context->attributes->value_size);
-                break;
-            case STORE_ATTR_ISSUER:
-            case STORE_ATTR_SUBJECT:
-                if (!attrs)
-                    attrs = STORE_ATTR_INFO_new();
-                if (attrs == NULL) {
-                    STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
-                             ERR_R_MALLOC_FAILURE);
-                    goto err;
-                }
-                STORE_ATTR_INFO_modify_dn(attrs,
-                                          context->attributes->code,
-                                          context->attributes->value);
-                break;
-            case STORE_ATTR_SERIAL:
-                if (!attrs)
-                    attrs = STORE_ATTR_INFO_new();
-                if (attrs == NULL) {
-                    STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
-                             ERR_R_MALLOC_FAILURE);
-                    goto err;
-                }
-                STORE_ATTR_INFO_modify_number(attrs,
-                                              context->attributes->code,
-                                              context->attributes->value);
-                break;
-            }
-            context->attributes++;
-        }
-        if (context->attributes->code == STORE_ATTR_OR)
-            context->attributes++;
-        return attrs;
- err:
-        while (context->attributes
-               && context->attributes->code != STORE_ATTR_OR
-               && context->attributes->code != STORE_ATTR_END)
-            context->attributes++;
-        if (context->attributes->code == STORE_ATTR_OR)
-            context->attributes++;
-        return NULL;
-    }
-    STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT, ERR_R_PASSED_NULL_PARAMETER);
-    return NULL;
-}
-
-int STORE_parse_attrs_end(void *handle)
-{
-    struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
-
-    if (context && context->attributes) {
-#if 0
-        OPENSSL_ITEM *attributes = context->attributes;
-#endif
-        OPENSSL_free(context);
-        return 1;
-    }
-    STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
-    return 0;
-}
-
-int STORE_parse_attrs_endp(void *handle)
-{
-    struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
-
-    if (context && context->attributes) {
-        return context->attributes->code == STORE_ATTR_END;
-    }
-    STOREerr(STORE_F_STORE_PARSE_ATTRS_ENDP, ERR_R_PASSED_NULL_PARAMETER);
-    return 0;
-}
-
-static int attr_info_compare_compute_range(const unsigned char *abits,
-                                           const unsigned char *bbits,
-                                           unsigned int *alowp,
-                                           unsigned int *ahighp,
-                                           unsigned int *blowp,
-                                           unsigned int *bhighp)
-{
-    unsigned int alow = (unsigned int)-1, ahigh = 0;
-    unsigned int blow = (unsigned int)-1, bhigh = 0;
-    int i, res = 0;
-
-    for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++) {
-        if (res == 0) {
-            if (*abits < *bbits)
-                res = -1;
-            if (*abits > *bbits)
-                res = 1;
-        }
-        if (*abits) {
-            if (alow == (unsigned int)-1) {
-                alow = i * 8;
-                if (!(*abits & 0x01))
-                    alow++;
-                if (!(*abits & 0x02))
-                    alow++;
-                if (!(*abits & 0x04))
-                    alow++;
-                if (!(*abits & 0x08))
-                    alow++;
-                if (!(*abits & 0x10))
-                    alow++;
-                if (!(*abits & 0x20))
-                    alow++;
-                if (!(*abits & 0x40))
-                    alow++;
-            }
-            ahigh = i * 8 + 7;
-            if (!(*abits & 0x80))
-                ahigh++;
-            if (!(*abits & 0x40))
-                ahigh++;
-            if (!(*abits & 0x20))
-                ahigh++;
-            if (!(*abits & 0x10))
-                ahigh++;
-            if (!(*abits & 0x08))
-                ahigh++;
-            if (!(*abits & 0x04))
-                ahigh++;
-            if (!(*abits & 0x02))
-                ahigh++;
-        }
-        if (*bbits) {
-            if (blow == (unsigned int)-1) {
-                blow = i * 8;
-                if (!(*bbits & 0x01))
-                    blow++;
-                if (!(*bbits & 0x02))
-                    blow++;
-                if (!(*bbits & 0x04))
-                    blow++;
-                if (!(*bbits & 0x08))
-                    blow++;
-                if (!(*bbits & 0x10))
-                    blow++;
-                if (!(*bbits & 0x20))
-                    blow++;
-                if (!(*bbits & 0x40))
-                    blow++;
-            }
-            bhigh = i * 8 + 7;
-            if (!(*bbits & 0x80))
-                bhigh++;
-            if (!(*bbits & 0x40))
-                bhigh++;
-            if (!(*bbits & 0x20))
-                bhigh++;
-            if (!(*bbits & 0x10))
-                bhigh++;
-            if (!(*bbits & 0x08))
-                bhigh++;
-            if (!(*bbits & 0x04))
-                bhigh++;
-            if (!(*bbits & 0x02))
-                bhigh++;
-        }
-    }
-    if (ahigh + alow < bhigh + blow)
-        res = -1;
-    if (ahigh + alow > bhigh + blow)
-        res = 1;
-    if (alowp)
-        *alowp = alow;
-    if (ahighp)
-        *ahighp = ahigh;
-    if (blowp)
-        *blowp = blow;
-    if (bhighp)
-        *bhighp = bhigh;
-    return res;
-}
-
-int STORE_ATTR_INFO_compare(const STORE_ATTR_INFO *const *a,
-                            const STORE_ATTR_INFO *const *b)
-{
-    if (a == b)
-        return 0;
-    if (!a)
-        return -1;
-    if (!b)
-        return 1;
-    return attr_info_compare_compute_range((*a)->set, (*b)->set, 0, 0, 0, 0);
-}
-
-int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
-{
-    unsigned int alow, ahigh, blow, bhigh;
-
-    if (a == b)
-        return 1;
-    if (!a)
-        return 0;
-    if (!b)
-        return 0;
-    attr_info_compare_compute_range(a->set, b->set,
-                                    &alow, &ahigh, &blow, &bhigh);
-    if (alow >= blow && ahigh <= bhigh)
-        return 1;
-    return 0;
-}
-
-int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
-{
-    unsigned char *abits, *bbits;
-    int i;
-
-    if (a == b)
-        return 1;
-    if (!a)
-        return 0;
-    if (!b)
-        return 0;
-    abits = a->set;
-    bbits = b->set;
-    for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++) {
-        if (*abits && (*bbits & *abits) != *abits)
-            return 0;
-    }
-    return 1;
-}
-
-int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
-{
-    STORE_ATTR_TYPES i;
-
-    if (a == b)
-        return 1;
-    if (!STORE_ATTR_INFO_in(a, b))
-        return 0;
-    for (i = 1; i < STORE_ATTR_TYPE_NUM; i++)
-        if (ATTR_IS_SET(a, i)) {
-            switch (i) {
-            case STORE_ATTR_FRIENDLYNAME:
-            case STORE_ATTR_EMAIL:
-            case STORE_ATTR_FILENAME:
-                if (strcmp(a->values[i].cstring, b->values[i].cstring))
-                    return 0;
-                break;
-            case STORE_ATTR_KEYID:
-            case STORE_ATTR_ISSUERKEYID:
-            case STORE_ATTR_SUBJECTKEYID:
-            case STORE_ATTR_ISSUERSERIALHASH:
-            case STORE_ATTR_CERTHASH:
-                if (memcmp(a->values[i].sha1string,
-                           b->values[i].sha1string, a->value_sizes[i]))
-                    return 0;
-                break;
-            case STORE_ATTR_ISSUER:
-            case STORE_ATTR_SUBJECT:
-                if (X509_NAME_cmp(a->values[i].dn, b->values[i].dn))
-                    return 0;
-                break;
-            case STORE_ATTR_SERIAL:
-                if (BN_cmp(a->values[i].number, b->values[i].number))
-                    return 0;
-                break;
-            default:
-                break;
-            }
-        }
-
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/store/str_locl.h b/thirdparty/openssl/crypto/store/str_locl.h
deleted file mode 100644
index c0b40f0db6..0000000000
--- a/thirdparty/openssl/crypto/store/str_locl.h
+++ /dev/null
@@ -1,125 +0,0 @@
-/* crypto/store/str_locl.h */
-/*
- * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
- * 2003.
- */
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_STORE_LOCL_H
-# define HEADER_STORE_LOCL_H
-
-# include <openssl/crypto.h>
-# include <openssl/store.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-struct store_method_st {
-    char *name;
-    /*
-     * All the functions return a positive integer or non-NULL for success
-     * and 0, a negative integer or NULL for failure
-     */
-    /* Initialise the STORE with private data */
-    STORE_INITIALISE_FUNC_PTR init;
-    /* Initialise the STORE with private data */
-    STORE_CLEANUP_FUNC_PTR clean;
-    /* Generate an object of a given type */
-    STORE_GENERATE_OBJECT_FUNC_PTR generate_object;
-    /*
-     * Get an object of a given type.  This function isn't really very useful
-     * since the listing functions (below) can be used for the same purpose
-     * and are much more general.
-     */
-    STORE_GET_OBJECT_FUNC_PTR get_object;
-    /* Store an object of a given type. */
-    STORE_STORE_OBJECT_FUNC_PTR store_object;
-    /* Modify the attributes bound to an object of a given type. */
-    STORE_MODIFY_OBJECT_FUNC_PTR modify_object;
-    /* Revoke an object of a given type. */
-    STORE_HANDLE_OBJECT_FUNC_PTR revoke_object;
-    /* Delete an object of a given type. */
-    STORE_HANDLE_OBJECT_FUNC_PTR delete_object;
-    /*
-     * List a bunch of objects of a given type and with the associated
-     * attributes.
-     */
-    STORE_START_OBJECT_FUNC_PTR list_object_start;
-    STORE_NEXT_OBJECT_FUNC_PTR list_object_next;
-    STORE_END_OBJECT_FUNC_PTR list_object_end;
-    STORE_END_OBJECT_FUNC_PTR list_object_endp;
-    /* Store-level function to make any necessary update operations. */
-    STORE_GENERIC_FUNC_PTR update_store;
-    /* Store-level function to get exclusive access to the store. */
-    STORE_GENERIC_FUNC_PTR lock_store;
-    /* Store-level function to release exclusive access to the store. */
-    STORE_GENERIC_FUNC_PTR unlock_store;
-    /* Generic control function */
-    STORE_CTRL_FUNC_PTR ctrl;
-};
-
-struct store_st {
-    const STORE_METHOD *meth;
-    /* functional reference if 'meth' is ENGINE-provided */
-    ENGINE *engine;
-    CRYPTO_EX_DATA ex_data;
-    int references;
-};
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/crypto/store/str_mem.c b/thirdparty/openssl/crypto/store/str_mem.c
deleted file mode 100644
index 6eee5bba29..0000000000
--- a/thirdparty/openssl/crypto/store/str_mem.c
+++ /dev/null
@@ -1,383 +0,0 @@
-/* crypto/store/str_mem.c */
-/*
- * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
- * 2003.
- */
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-#include <openssl/err.h>
-#include "str_locl.h"
-
-/*
- * The memory store is currently highly experimental.  It's meant to become a
- * base store used by other stores for internal caching (for full caching
- * support, aging needs to be added).
- *
- * The database use is meant to support as much attribute association as
- * possible, while providing for as small search ranges as possible. This is
- * currently provided for by sorting the entries by numbers that are composed
- * of bits set at the positions indicated by attribute type codes.  This
- * provides for ranges determined by the highest attribute type code value.
- * A better idea might be to sort by values computed from the range of
- * attributes associated with the object (basically, the difference between
- * the highest and lowest attribute type code) and it's distance from a base
- * (basically, the lowest associated attribute type code).
- */
-
-typedef struct mem_object_data_st {
-    STORE_OBJECT *object;
-    STORE_ATTR_INFO *attr_info;
-    int references;
-} MEM_OBJECT_DATA;
-
-DECLARE_STACK_OF(MEM_OBJECT_DATA)
-struct mem_data_st {
-    /*
-     * sorted with
-     * STORE_ATTR_INFO_compare().
-     */
-    STACK_OF(MEM_OBJECT_DATA) *data;
-    /*
-     * Currently unused, but can
-     * be used to add attributes
-     * from parts of the data.
-     */
-    unsigned int compute_components:1;
-};
-
-DECLARE_STACK_OF(STORE_ATTR_INFO)
-struct mem_ctx_st {
-    /* The type we're searching for */
-    int type;
-    /*
-     * Sets of
-     * attributes to search for.  Each
-     * element is a STORE_ATTR_INFO.
-     */
-    STACK_OF(STORE_ATTR_INFO) *search_attributes;
-    /*
-     * which of the search attributes we
-     * found a match for, -1 when we still
-     * haven't found any
-     */
-    int search_index;
-    /* -1 as long as we're searching for the first */
-    int index;
-};
-
-static int mem_init(STORE *s);
-static void mem_clean(STORE *s);
-static STORE_OBJECT *mem_generate(STORE *s, STORE_OBJECT_TYPES type,
-                                  OPENSSL_ITEM attributes[],
-                                  OPENSSL_ITEM parameters[]);
-static STORE_OBJECT *mem_get(STORE *s, STORE_OBJECT_TYPES type,
-                             OPENSSL_ITEM attributes[],
-                             OPENSSL_ITEM parameters[]);
-static int mem_store(STORE *s, STORE_OBJECT_TYPES type, STORE_OBJECT *data,
-                     OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
-static int mem_modify(STORE *s, STORE_OBJECT_TYPES type,
-                      OPENSSL_ITEM search_attributes[],
-                      OPENSSL_ITEM add_attributes[],
-                      OPENSSL_ITEM modify_attributes[],
-                      OPENSSL_ITEM delete_attributes[],
-                      OPENSSL_ITEM parameters[]);
-static int mem_delete(STORE *s, STORE_OBJECT_TYPES type,
-                      OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
-static void *mem_list_start(STORE *s, STORE_OBJECT_TYPES type,
-                            OPENSSL_ITEM attributes[],
-                            OPENSSL_ITEM parameters[]);
-static STORE_OBJECT *mem_list_next(STORE *s, void *handle);
-static int mem_list_end(STORE *s, void *handle);
-static int mem_list_endp(STORE *s, void *handle);
-static int mem_lock(STORE *s, OPENSSL_ITEM attributes[],
-                    OPENSSL_ITEM parameters[]);
-static int mem_unlock(STORE *s, OPENSSL_ITEM attributes[],
-                      OPENSSL_ITEM parameters[]);
-static int mem_ctrl(STORE *s, int cmd, long l, void *p, void (*f) (void));
-
-static STORE_METHOD store_memory = {
-    "OpenSSL memory store interface",
-    mem_init,
-    mem_clean,
-    mem_generate,
-    mem_get,
-    mem_store,
-    mem_modify,
-    NULL,                       /* revoke */
-    mem_delete,
-    mem_list_start,
-    mem_list_next,
-    mem_list_end,
-    mem_list_endp,
-    NULL,                       /* update */
-    mem_lock,
-    mem_unlock,
-    mem_ctrl
-};
-
-const STORE_METHOD *STORE_Memory(void)
-{
-    return &store_memory;
-}
-
-static int mem_init(STORE *s)
-{
-    return 1;
-}
-
-static void mem_clean(STORE *s)
-{
-    return;
-}
-
-static STORE_OBJECT *mem_generate(STORE *s, STORE_OBJECT_TYPES type,
-                                  OPENSSL_ITEM attributes[],
-                                  OPENSSL_ITEM parameters[])
-{
-    STOREerr(STORE_F_MEM_GENERATE, STORE_R_NOT_IMPLEMENTED);
-    return 0;
-}
-
-static STORE_OBJECT *mem_get(STORE *s, STORE_OBJECT_TYPES type,
-                             OPENSSL_ITEM attributes[],
-                             OPENSSL_ITEM parameters[])
-{
-    void *context = mem_list_start(s, type, attributes, parameters);
-
-    if (context) {
-        STORE_OBJECT *object = mem_list_next(s, context);
-
-        if (mem_list_end(s, context))
-            return object;
-    }
-    return NULL;
-}
-
-static int mem_store(STORE *s, STORE_OBJECT_TYPES type,
-                     STORE_OBJECT *data, OPENSSL_ITEM attributes[],
-                     OPENSSL_ITEM parameters[])
-{
-    STOREerr(STORE_F_MEM_STORE, STORE_R_NOT_IMPLEMENTED);
-    return 0;
-}
-
-static int mem_modify(STORE *s, STORE_OBJECT_TYPES type,
-                      OPENSSL_ITEM search_attributes[],
-                      OPENSSL_ITEM add_attributes[],
-                      OPENSSL_ITEM modify_attributes[],
-                      OPENSSL_ITEM delete_attributes[],
-                      OPENSSL_ITEM parameters[])
-{
-    STOREerr(STORE_F_MEM_MODIFY, STORE_R_NOT_IMPLEMENTED);
-    return 0;
-}
-
-static int mem_delete(STORE *s, STORE_OBJECT_TYPES type,
-                      OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[])
-{
-    STOREerr(STORE_F_MEM_DELETE, STORE_R_NOT_IMPLEMENTED);
-    return 0;
-}
-
-/*
- * The list functions may be the hardest to understand.  Basically,
- * mem_list_start compiles a stack of attribute info elements, and puts that
- * stack into the context to be returned.  mem_list_next will then find the
- * first matching element in the store, and then walk all the way to the end
- * of the store (since any combination of attribute bits above the starting
- * point may match the searched for bit pattern...).
- */
-static void *mem_list_start(STORE *s, STORE_OBJECT_TYPES type,
-                            OPENSSL_ITEM attributes[],
-                            OPENSSL_ITEM parameters[])
-{
-    struct mem_ctx_st *context =
-        (struct mem_ctx_st *)OPENSSL_malloc(sizeof(struct mem_ctx_st));
-    void *attribute_context = NULL;
-    STORE_ATTR_INFO *attrs = NULL;
-
-    if (!context) {
-        STOREerr(STORE_F_MEM_LIST_START, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    memset(context, 0, sizeof(struct mem_ctx_st));
-
-    attribute_context = STORE_parse_attrs_start(attributes);
-    if (!attribute_context) {
-        STOREerr(STORE_F_MEM_LIST_START, ERR_R_STORE_LIB);
-        goto err;
-    }
-
-    while ((attrs = STORE_parse_attrs_next(attribute_context))) {
-        if (context->search_attributes == NULL) {
-            context->search_attributes =
-                sk_STORE_ATTR_INFO_new(STORE_ATTR_INFO_compare);
-            if (!context->search_attributes) {
-                STOREerr(STORE_F_MEM_LIST_START, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-        }
-        sk_STORE_ATTR_INFO_push(context->search_attributes, attrs);
-    }
-    if (!STORE_parse_attrs_endp(attribute_context))
-        goto err;
-    STORE_parse_attrs_end(attribute_context);
-    context->search_index = -1;
-    context->index = -1;
-    return context;
- err:
-    if (attribute_context)
-        STORE_parse_attrs_end(attribute_context);
-    mem_list_end(s, context);
-    return NULL;
-}
-
-static STORE_OBJECT *mem_list_next(STORE *s, void *handle)
-{
-    int i;
-    struct mem_ctx_st *context = (struct mem_ctx_st *)handle;
-    struct mem_object_data_st key = { 0, 0, 1 };
-    struct mem_data_st *store = (struct mem_data_st *)STORE_get_ex_data(s, 1);
-    int srch;
-    int cres = 0;
-
-    if (!context) {
-        STOREerr(STORE_F_MEM_LIST_NEXT, ERR_R_PASSED_NULL_PARAMETER);
-        return NULL;
-    }
-    if (!store) {
-        STOREerr(STORE_F_MEM_LIST_NEXT, STORE_R_NO_STORE);
-        return NULL;
-    }
-
-    if (context->search_index == -1) {
-        for (i = 0;
-             i < sk_STORE_ATTR_INFO_num(context->search_attributes); i++) {
-            key.attr_info
-                = sk_STORE_ATTR_INFO_value(context->search_attributes, i);
-            srch = sk_MEM_OBJECT_DATA_find_ex(store->data, &key);
-
-            if (srch >= 0) {
-                context->search_index = srch;
-                break;
-            }
-        }
-    }
-    if (context->search_index < 0)
-        return NULL;
-
-    key.attr_info =
-        sk_STORE_ATTR_INFO_value(context->search_attributes,
-                                 context->search_index);
-    for (srch = context->search_index;
-         srch < sk_MEM_OBJECT_DATA_num(store->data)
-         && STORE_ATTR_INFO_in_range(key.attr_info,
-                                     sk_MEM_OBJECT_DATA_value(store->data,
-                                                              srch)->attr_info)
-         && !(cres =
-              STORE_ATTR_INFO_in_ex(key.attr_info,
-                                    sk_MEM_OBJECT_DATA_value(store->data,
-                                                             srch)->attr_info));
-         srch++) ;
-
-    context->search_index = srch;
-    if (cres)
-        return (sk_MEM_OBJECT_DATA_value(store->data, srch))->object;
-    return NULL;
-}
-
-static int mem_list_end(STORE *s, void *handle)
-{
-    struct mem_ctx_st *context = (struct mem_ctx_st *)handle;
-
-    if (!context) {
-        STOREerr(STORE_F_MEM_LIST_END, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    if (context && context->search_attributes)
-        sk_STORE_ATTR_INFO_free(context->search_attributes);
-    if (context)
-        OPENSSL_free(context);
-    return 1;
-}
-
-static int mem_list_endp(STORE *s, void *handle)
-{
-    struct mem_ctx_st *context = (struct mem_ctx_st *)handle;
-
-    if (!context
-        || context->search_index
-        == sk_STORE_ATTR_INFO_num(context->search_attributes))
-        return 1;
-    return 0;
-}
-
-static int mem_lock(STORE *s, OPENSSL_ITEM attributes[],
-                    OPENSSL_ITEM parameters[])
-{
-    return 1;
-}
-
-static int mem_unlock(STORE *s, OPENSSL_ITEM attributes[],
-                      OPENSSL_ITEM parameters[])
-{
-    return 1;
-}
-
-static int mem_ctrl(STORE *s, int cmd, long l, void *p, void (*f) (void))
-{
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/store/str_meth.c b/thirdparty/openssl/crypto/store/str_meth.c
deleted file mode 100644
index c83fbc565a..0000000000
--- a/thirdparty/openssl/crypto/store/str_meth.c
+++ /dev/null
@@ -1,280 +0,0 @@
-/* crypto/store/str_meth.c */
-/*
- * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
- * 2003.
- */
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-#include <openssl/buffer.h>
-#include "str_locl.h"
-
-STORE_METHOD *STORE_create_method(char *name)
-{
-    STORE_METHOD *store_method =
-        (STORE_METHOD *)OPENSSL_malloc(sizeof(STORE_METHOD));
-
-    if (store_method) {
-        memset(store_method, 0, sizeof(*store_method));
-        store_method->name = BUF_strdup(name);
-    }
-    return store_method;
-}
-
-/*
- * BIG FSCKING WARNING!!!! If you use this on a statically allocated method
- * (that is, it hasn't been allocated using STORE_create_method(), you
- * deserve anything Murphy can throw at you and more! You have been warned.
- */
-void STORE_destroy_method(STORE_METHOD *store_method)
-{
-    if (!store_method)
-        return;
-    OPENSSL_free(store_method->name);
-    store_method->name = NULL;
-    OPENSSL_free(store_method);
-}
-
-int STORE_method_set_initialise_function(STORE_METHOD *sm,
-                                         STORE_INITIALISE_FUNC_PTR init_f)
-{
-    sm->init = init_f;
-    return 1;
-}
-
-int STORE_method_set_cleanup_function(STORE_METHOD *sm,
-                                      STORE_CLEANUP_FUNC_PTR clean_f)
-{
-    sm->clean = clean_f;
-    return 1;
-}
-
-int STORE_method_set_generate_function(STORE_METHOD *sm,
-                                       STORE_GENERATE_OBJECT_FUNC_PTR
-                                       generate_f)
-{
-    sm->generate_object = generate_f;
-    return 1;
-}
-
-int STORE_method_set_get_function(STORE_METHOD *sm,
-                                  STORE_GET_OBJECT_FUNC_PTR get_f)
-{
-    sm->get_object = get_f;
-    return 1;
-}
-
-int STORE_method_set_store_function(STORE_METHOD *sm,
-                                    STORE_STORE_OBJECT_FUNC_PTR store_f)
-{
-    sm->store_object = store_f;
-    return 1;
-}
-
-int STORE_method_set_modify_function(STORE_METHOD *sm,
-                                     STORE_MODIFY_OBJECT_FUNC_PTR modify_f)
-{
-    sm->modify_object = modify_f;
-    return 1;
-}
-
-int STORE_method_set_revoke_function(STORE_METHOD *sm,
-                                     STORE_HANDLE_OBJECT_FUNC_PTR revoke_f)
-{
-    sm->revoke_object = revoke_f;
-    return 1;
-}
-
-int STORE_method_set_delete_function(STORE_METHOD *sm,
-                                     STORE_HANDLE_OBJECT_FUNC_PTR delete_f)
-{
-    sm->delete_object = delete_f;
-    return 1;
-}
-
-int STORE_method_set_list_start_function(STORE_METHOD *sm,
-                                         STORE_START_OBJECT_FUNC_PTR
-                                         list_start_f)
-{
-    sm->list_object_start = list_start_f;
-    return 1;
-}
-
-int STORE_method_set_list_next_function(STORE_METHOD *sm,
-                                        STORE_NEXT_OBJECT_FUNC_PTR
-                                        list_next_f)
-{
-    sm->list_object_next = list_next_f;
-    return 1;
-}
-
-int STORE_method_set_list_end_function(STORE_METHOD *sm,
-                                       STORE_END_OBJECT_FUNC_PTR list_end_f)
-{
-    sm->list_object_end = list_end_f;
-    return 1;
-}
-
-int STORE_method_set_update_store_function(STORE_METHOD *sm,
-                                           STORE_GENERIC_FUNC_PTR update_f)
-{
-    sm->update_store = update_f;
-    return 1;
-}
-
-int STORE_method_set_lock_store_function(STORE_METHOD *sm,
-                                         STORE_GENERIC_FUNC_PTR lock_f)
-{
-    sm->lock_store = lock_f;
-    return 1;
-}
-
-int STORE_method_set_unlock_store_function(STORE_METHOD *sm,
-                                           STORE_GENERIC_FUNC_PTR unlock_f)
-{
-    sm->unlock_store = unlock_f;
-    return 1;
-}
-
-int STORE_method_set_ctrl_function(STORE_METHOD *sm,
-                                   STORE_CTRL_FUNC_PTR ctrl_f)
-{
-    sm->ctrl = ctrl_f;
-    return 1;
-}
-
-STORE_INITIALISE_FUNC_PTR STORE_method_get_initialise_function(STORE_METHOD
-                                                               *sm)
-{
-    return sm->init;
-}
-
-STORE_CLEANUP_FUNC_PTR STORE_method_get_cleanup_function(STORE_METHOD *sm)
-{
-    return sm->clean;
-}
-
-STORE_GENERATE_OBJECT_FUNC_PTR STORE_method_get_generate_function(STORE_METHOD
-                                                                  *sm)
-{
-    return sm->generate_object;
-}
-
-STORE_GET_OBJECT_FUNC_PTR STORE_method_get_get_function(STORE_METHOD *sm)
-{
-    return sm->get_object;
-}
-
-STORE_STORE_OBJECT_FUNC_PTR STORE_method_get_store_function(STORE_METHOD *sm)
-{
-    return sm->store_object;
-}
-
-STORE_MODIFY_OBJECT_FUNC_PTR STORE_method_get_modify_function(STORE_METHOD
-                                                              *sm)
-{
-    return sm->modify_object;
-}
-
-STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_revoke_function(STORE_METHOD
-                                                              *sm)
-{
-    return sm->revoke_object;
-}
-
-STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_delete_function(STORE_METHOD
-                                                              *sm)
-{
-    return sm->delete_object;
-}
-
-STORE_START_OBJECT_FUNC_PTR STORE_method_get_list_start_function(STORE_METHOD
-                                                                 *sm)
-{
-    return sm->list_object_start;
-}
-
-STORE_NEXT_OBJECT_FUNC_PTR STORE_method_get_list_next_function(STORE_METHOD
-                                                               *sm)
-{
-    return sm->list_object_next;
-}
-
-STORE_END_OBJECT_FUNC_PTR STORE_method_get_list_end_function(STORE_METHOD *sm)
-{
-    return sm->list_object_end;
-}
-
-STORE_GENERIC_FUNC_PTR STORE_method_get_update_store_function(STORE_METHOD
-                                                              *sm)
-{
-    return sm->update_store;
-}
-
-STORE_GENERIC_FUNC_PTR STORE_method_get_lock_store_function(STORE_METHOD *sm)
-{
-    return sm->lock_store;
-}
-
-STORE_GENERIC_FUNC_PTR STORE_method_get_unlock_store_function(STORE_METHOD
-                                                              *sm)
-{
-    return sm->unlock_store;
-}
-
-STORE_CTRL_FUNC_PTR STORE_method_get_ctrl_function(STORE_METHOD *sm)
-{
-    return sm->ctrl;
-}
diff --git a/thirdparty/openssl/crypto/threads/README b/thirdparty/openssl/crypto/threads/README
deleted file mode 100644
index df6b26e146..0000000000
--- a/thirdparty/openssl/crypto/threads/README
+++ /dev/null
@@ -1,14 +0,0 @@
-Mutithreading testing area.
-
-Since this stuff is very very platorm specific, this is not part of the
-normal build.  Have a read of doc/threads.doc.
-
-mttest will do some testing and will currently build under Windows NT/95,
-Solaris and Linux.  The IRIX stuff is not finished.
-
-I have tested this program on a 12 CPU ultra sparc box (solaris 2.5.1)
-and things seem to work ok.
-
-The Linux pthreads package can be retrieved from 
-http://www.mit.edu:8001/people/proven/pthreads.html
-
diff --git a/thirdparty/openssl/crypto/threads/th-lock.c b/thirdparty/openssl/crypto/threads/th-lock.c
deleted file mode 100644
index cc8cf2581d..0000000000
--- a/thirdparty/openssl/crypto/threads/th-lock.c
+++ /dev/null
@@ -1,389 +0,0 @@
-/* crypto/threads/th-lock.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#ifdef LINUX
-# include <typedefs.h>
-#endif
-#ifdef OPENSSL_SYS_WIN32
-# include <windows.h>
-#endif
-#ifdef SOLARIS
-# include <synch.h>
-# include <thread.h>
-#endif
-#ifdef IRIX
-# include <ulocks.h>
-# include <sys/prctl.h>
-#endif
-#ifdef PTHREADS
-# include <pthread.h>
-#endif
-#include <openssl/lhash.h>
-#include <openssl/crypto.h>
-#include <openssl/buffer.h>
-#include "../../e_os.h"
-#include <openssl/x509.h>
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-
-void CRYPTO_thread_setup(void);
-void CRYPTO_thread_cleanup(void);
-
-static void irix_locking_callback(int mode, int type, char *file, int line);
-static void solaris_locking_callback(int mode, int type, char *file,
-                                     int line);
-static void win32_locking_callback(int mode, int type, char *file, int line);
-static void pthreads_locking_callback(int mode, int type, char *file,
-                                      int line);
-
-static unsigned long irix_thread_id(void);
-static unsigned long solaris_thread_id(void);
-static unsigned long pthreads_thread_id(void);
-
-/*-
- * usage:
- * CRYPTO_thread_setup();
- * application code
- * CRYPTO_thread_cleanup();
- */
-
-#define THREAD_STACK_SIZE (16*1024)
-
-#ifdef OPENSSL_SYS_WIN32
-
-static HANDLE *lock_cs;
-
-void CRYPTO_thread_setup(void)
-{
-    int i;
-
-    lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(HANDLE));
-    if (!lock_cs) {
-        /* Nothing we can do about this...void function! */
-        return;
-    }
-    for (i = 0; i < CRYPTO_num_locks(); i++) {
-        lock_cs[i] = CreateMutex(NULL, FALSE, NULL);
-    }
-
-    CRYPTO_set_locking_callback((void (*)(int, int, char *, int))
-                                win32_locking_callback);
-    /* id callback defined */
-    return (1);
-}
-
-static void CRYPTO_thread_cleanup(void)
-{
-    int i;
-
-    CRYPTO_set_locking_callback(NULL);
-    for (i = 0; i < CRYPTO_num_locks(); i++)
-        CloseHandle(lock_cs[i]);
-    OPENSSL_free(lock_cs);
-}
-
-void win32_locking_callback(int mode, int type, char *file, int line)
-{
-    if (mode & CRYPTO_LOCK) {
-        WaitForSingleObject(lock_cs[type], INFINITE);
-    } else {
-        ReleaseMutex(lock_cs[type]);
-    }
-}
-
-#endif                          /* OPENSSL_SYS_WIN32 */
-
-#ifdef SOLARIS
-
-# define USE_MUTEX
-
-# ifdef USE_MUTEX
-static mutex_t *lock_cs;
-# else
-static rwlock_t *lock_cs;
-# endif
-static long *lock_count;
-
-void CRYPTO_thread_setup(void)
-{
-    int i;
-
-# ifdef USE_MUTEX
-    lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(mutex_t));
-# else
-    lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(rwlock_t));
-# endif
-    if (!lock_cs) {
-        /* Nothing we can do about this...void function! */
-        return;
-    }
-    lock_count = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long));
-    for (i = 0; i < CRYPTO_num_locks(); i++) {
-        lock_count[i] = 0;
-# ifdef USE_MUTEX
-        mutex_init(&(lock_cs[i]), USYNC_THREAD, NULL);
-# else
-        rwlock_init(&(lock_cs[i]), USYNC_THREAD, NULL);
-# endif
-    }
-
-    CRYPTO_set_id_callback((unsigned long (*)())solaris_thread_id);
-    CRYPTO_set_locking_callback((void (*)())solaris_locking_callback);
-}
-
-void CRYPTO_thread_cleanup(void)
-{
-    int i;
-
-    CRYPTO_set_locking_callback(NULL);
-    for (i = 0; i < CRYPTO_num_locks(); i++) {
-# ifdef USE_MUTEX
-        mutex_destroy(&(lock_cs[i]));
-# else
-        rwlock_destroy(&(lock_cs[i]));
-# endif
-    }
-    OPENSSL_free(lock_cs);
-    OPENSSL_free(lock_count);
-}
-
-void solaris_locking_callback(int mode, int type, char *file, int line)
-{
-# if 0
-    fprintf(stderr, "thread=%4d mode=%s lock=%s %s:%d\n",
-            CRYPTO_thread_id(),
-            (mode & CRYPTO_LOCK) ? "l" : "u",
-            (type & CRYPTO_READ) ? "r" : "w", file, line);
-# endif
-
-# if 0
-    if (CRYPTO_LOCK_SSL_CERT == type)
-        fprintf(stderr, "(t,m,f,l) %ld %d %s %d\n",
-                CRYPTO_thread_id(), mode, file, line);
-# endif
-    if (mode & CRYPTO_LOCK) {
-# ifdef USE_MUTEX
-        mutex_lock(&(lock_cs[type]));
-# else
-        if (mode & CRYPTO_READ)
-            rw_rdlock(&(lock_cs[type]));
-        else
-            rw_wrlock(&(lock_cs[type]));
-# endif
-        lock_count[type]++;
-    } else {
-# ifdef USE_MUTEX
-        mutex_unlock(&(lock_cs[type]));
-# else
-        rw_unlock(&(lock_cs[type]));
-# endif
-    }
-}
-
-unsigned long solaris_thread_id(void)
-{
-    unsigned long ret;
-
-    ret = (unsigned long)thr_self();
-    return (ret);
-}
-#endif                          /* SOLARIS */
-
-#ifdef IRIX
-/* I don't think this works..... */
-
-static usptr_t *arena;
-static usema_t **lock_cs;
-
-void CRYPTO_thread_setup(void)
-{
-    int i;
-    char filename[20];
-
-    lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(usema_t *));
-    if (!lock_cs) {
-        /* Nothing we can do about this...void function! */
-        return;
-    }
-
-    strcpy(filename, "/tmp/mttest.XXXXXX");
-    mktemp(filename);
-
-    usconfig(CONF_STHREADIOOFF);
-    usconfig(CONF_STHREADMALLOCOFF);
-    usconfig(CONF_INITUSERS, 100);
-    usconfig(CONF_LOCKTYPE, US_DEBUGPLUS);
-    arena = usinit(filename);
-    unlink(filename);
-
-    for (i = 0; i < CRYPTO_num_locks(); i++) {
-        lock_cs[i] = usnewsema(arena, 1);
-    }
-
-    CRYPTO_set_id_callback((unsigned long (*)())irix_thread_id);
-    CRYPTO_set_locking_callback((void (*)())irix_locking_callback);
-}
-
-void CRYPTO_thread_cleanup(void)
-{
-    int i;
-
-    CRYPTO_set_locking_callback(NULL);
-    for (i = 0; i < CRYPTO_num_locks(); i++) {
-        char buf[10];
-
-        sprintf(buf, "%2d:", i);
-        usdumpsema(lock_cs[i], stdout, buf);
-        usfreesema(lock_cs[i], arena);
-    }
-    OPENSSL_free(lock_cs);
-}
-
-void irix_locking_callback(int mode, int type, char *file, int line)
-{
-    if (mode & CRYPTO_LOCK) {
-        uspsema(lock_cs[type]);
-    } else {
-        usvsema(lock_cs[type]);
-    }
-}
-
-unsigned long irix_thread_id(void)
-{
-    unsigned long ret;
-
-    ret = (unsigned long)getpid();
-    return (ret);
-}
-#endif                          /* IRIX */
-
-/* Linux and a few others */
-#ifdef PTHREADS
-
-static pthread_mutex_t *lock_cs;
-static long *lock_count;
-
-void CRYPTO_thread_setup(void)
-{
-    int i;
-
-    lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t));
-    lock_count = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long));
-    if (!lock_cs || !lock_count) {
-        /* Nothing we can do about this...void function! */
-        if (lock_cs)
-            OPENSSL_free(lock_cs);
-        if (lock_count)
-            OPENSSL_free(lock_count);
-        return;
-    }
-    for (i = 0; i < CRYPTO_num_locks(); i++) {
-        lock_count[i] = 0;
-        pthread_mutex_init(&(lock_cs[i]), NULL);
-    }
-
-    CRYPTO_set_id_callback((unsigned long (*)())pthreads_thread_id);
-    CRYPTO_set_locking_callback((void (*)())pthreads_locking_callback);
-}
-
-void thread_cleanup(void)
-{
-    int i;
-
-    CRYPTO_set_locking_callback(NULL);
-    for (i = 0; i < CRYPTO_num_locks(); i++) {
-        pthread_mutex_destroy(&(lock_cs[i]));
-    }
-    OPENSSL_free(lock_cs);
-    OPENSSL_free(lock_count);
-}
-
-void pthreads_locking_callback(int mode, int type, char *file, int line)
-{
-# if 0
-    fprintf(stderr, "thread=%4d mode=%s lock=%s %s:%d\n",
-            CRYPTO_thread_id(),
-            (mode & CRYPTO_LOCK) ? "l" : "u",
-            (type & CRYPTO_READ) ? "r" : "w", file, line);
-# endif
-# if 0
-    if (CRYPTO_LOCK_SSL_CERT == type)
-        fprintf(stderr, "(t,m,f,l) %ld %d %s %d\n",
-                CRYPTO_thread_id(), mode, file, line);
-# endif
-    if (mode & CRYPTO_LOCK) {
-        pthread_mutex_lock(&(lock_cs[type]));
-        lock_count[type]++;
-    } else {
-        pthread_mutex_unlock(&(lock_cs[type]));
-    }
-}
-
-unsigned long pthreads_thread_id(void)
-{
-    unsigned long ret;
-
-    ret = (unsigned long)pthread_self();
-    return (ret);
-}
-
-#endif                          /* PTHREADS */
diff --git a/thirdparty/openssl/crypto/ts/ts_asn1.c b/thirdparty/openssl/crypto/ts/ts_asn1.c
deleted file mode 100644
index 657dc4ca4d..0000000000
--- a/thirdparty/openssl/crypto/ts/ts_asn1.c
+++ /dev/null
@@ -1,326 +0,0 @@
-/* crypto/ts/ts_asn1.c */
-/*
- * Written by Nils Larsch for the OpenSSL project 2004.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/ts.h>
-#include <openssl/err.h>
-#include <openssl/asn1t.h>
-
-ASN1_SEQUENCE(TS_MSG_IMPRINT) = {
-        ASN1_SIMPLE(TS_MSG_IMPRINT, hash_algo, X509_ALGOR),
-        ASN1_SIMPLE(TS_MSG_IMPRINT, hashed_msg, ASN1_OCTET_STRING)
-} ASN1_SEQUENCE_END(TS_MSG_IMPRINT)
-
-IMPLEMENT_ASN1_FUNCTIONS_const(TS_MSG_IMPRINT)
-IMPLEMENT_ASN1_DUP_FUNCTION(TS_MSG_IMPRINT)
-#ifndef OPENSSL_NO_BIO
-TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_bio(BIO *bp, TS_MSG_IMPRINT **a)
-{
-    return ASN1_d2i_bio_of(TS_MSG_IMPRINT, TS_MSG_IMPRINT_new,
-                           d2i_TS_MSG_IMPRINT, bp, a);
-}
-
-int i2d_TS_MSG_IMPRINT_bio(BIO *bp, TS_MSG_IMPRINT *a)
-{
-    return ASN1_i2d_bio_of_const(TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT, bp, a);
-}
-#endif
-#ifndef OPENSSL_NO_FP_API
-TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a)
-{
-    return ASN1_d2i_fp_of(TS_MSG_IMPRINT, TS_MSG_IMPRINT_new,
-                          d2i_TS_MSG_IMPRINT, fp, a);
-}
-
-int i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a)
-{
-    return ASN1_i2d_fp_of_const(TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT, fp, a);
-}
-#endif
-
-ASN1_SEQUENCE(TS_REQ) = {
-        ASN1_SIMPLE(TS_REQ, version, ASN1_INTEGER),
-        ASN1_SIMPLE(TS_REQ, msg_imprint, TS_MSG_IMPRINT),
-        ASN1_OPT(TS_REQ, policy_id, ASN1_OBJECT),
-        ASN1_OPT(TS_REQ, nonce, ASN1_INTEGER),
-        ASN1_OPT(TS_REQ, cert_req, ASN1_FBOOLEAN),
-        ASN1_IMP_SEQUENCE_OF_OPT(TS_REQ, extensions, X509_EXTENSION, 0)
-} ASN1_SEQUENCE_END(TS_REQ)
-
-IMPLEMENT_ASN1_FUNCTIONS_const(TS_REQ)
-IMPLEMENT_ASN1_DUP_FUNCTION(TS_REQ)
-#ifndef OPENSSL_NO_BIO
-TS_REQ *d2i_TS_REQ_bio(BIO *bp, TS_REQ **a)
-{
-    return ASN1_d2i_bio_of(TS_REQ, TS_REQ_new, d2i_TS_REQ, bp, a);
-}
-
-int i2d_TS_REQ_bio(BIO *bp, TS_REQ *a)
-{
-    return ASN1_i2d_bio_of_const(TS_REQ, i2d_TS_REQ, bp, a);
-}
-#endif
-#ifndef OPENSSL_NO_FP_API
-TS_REQ *d2i_TS_REQ_fp(FILE *fp, TS_REQ **a)
-{
-    return ASN1_d2i_fp_of(TS_REQ, TS_REQ_new, d2i_TS_REQ, fp, a);
-}
-
-int i2d_TS_REQ_fp(FILE *fp, TS_REQ *a)
-{
-    return ASN1_i2d_fp_of_const(TS_REQ, i2d_TS_REQ, fp, a);
-}
-#endif
-
-ASN1_SEQUENCE(TS_ACCURACY) = {
-        ASN1_OPT(TS_ACCURACY, seconds, ASN1_INTEGER),
-        ASN1_IMP_OPT(TS_ACCURACY, millis, ASN1_INTEGER, 0),
-        ASN1_IMP_OPT(TS_ACCURACY, micros, ASN1_INTEGER, 1)
-} ASN1_SEQUENCE_END(TS_ACCURACY)
-
-IMPLEMENT_ASN1_FUNCTIONS_const(TS_ACCURACY)
-IMPLEMENT_ASN1_DUP_FUNCTION(TS_ACCURACY)
-
-ASN1_SEQUENCE(TS_TST_INFO) = {
-        ASN1_SIMPLE(TS_TST_INFO, version, ASN1_INTEGER),
-        ASN1_SIMPLE(TS_TST_INFO, policy_id, ASN1_OBJECT),
-        ASN1_SIMPLE(TS_TST_INFO, msg_imprint, TS_MSG_IMPRINT),
-        ASN1_SIMPLE(TS_TST_INFO, serial, ASN1_INTEGER),
-        ASN1_SIMPLE(TS_TST_INFO, time, ASN1_GENERALIZEDTIME),
-        ASN1_OPT(TS_TST_INFO, accuracy, TS_ACCURACY),
-        ASN1_OPT(TS_TST_INFO, ordering, ASN1_FBOOLEAN),
-        ASN1_OPT(TS_TST_INFO, nonce, ASN1_INTEGER),
-        ASN1_EXP_OPT(TS_TST_INFO, tsa, GENERAL_NAME, 0),
-        ASN1_IMP_SEQUENCE_OF_OPT(TS_TST_INFO, extensions, X509_EXTENSION, 1)
-} ASN1_SEQUENCE_END(TS_TST_INFO)
-
-IMPLEMENT_ASN1_FUNCTIONS_const(TS_TST_INFO)
-IMPLEMENT_ASN1_DUP_FUNCTION(TS_TST_INFO)
-#ifndef OPENSSL_NO_BIO
-TS_TST_INFO *d2i_TS_TST_INFO_bio(BIO *bp, TS_TST_INFO **a)
-{
-    return ASN1_d2i_bio_of(TS_TST_INFO, TS_TST_INFO_new, d2i_TS_TST_INFO, bp,
-                           a);
-}
-
-int i2d_TS_TST_INFO_bio(BIO *bp, TS_TST_INFO *a)
-{
-    return ASN1_i2d_bio_of_const(TS_TST_INFO, i2d_TS_TST_INFO, bp, a);
-}
-#endif
-#ifndef OPENSSL_NO_FP_API
-TS_TST_INFO *d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a)
-{
-    return ASN1_d2i_fp_of(TS_TST_INFO, TS_TST_INFO_new, d2i_TS_TST_INFO, fp,
-                          a);
-}
-
-int i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a)
-{
-    return ASN1_i2d_fp_of_const(TS_TST_INFO, i2d_TS_TST_INFO, fp, a);
-}
-#endif
-
-ASN1_SEQUENCE(TS_STATUS_INFO) = {
-        ASN1_SIMPLE(TS_STATUS_INFO, status, ASN1_INTEGER),
-        ASN1_SEQUENCE_OF_OPT(TS_STATUS_INFO, text, ASN1_UTF8STRING),
-        ASN1_OPT(TS_STATUS_INFO, failure_info, ASN1_BIT_STRING)
-} ASN1_SEQUENCE_END(TS_STATUS_INFO)
-
-IMPLEMENT_ASN1_FUNCTIONS_const(TS_STATUS_INFO)
-IMPLEMENT_ASN1_DUP_FUNCTION(TS_STATUS_INFO)
-
-static int ts_resp_set_tst_info(TS_RESP *a)
-{
-    long status;
-
-    status = ASN1_INTEGER_get(a->status_info->status);
-
-    if (a->token) {
-        if (status != 0 && status != 1) {
-            TSerr(TS_F_TS_RESP_SET_TST_INFO, TS_R_TOKEN_PRESENT);
-            return 0;
-        }
-        if (a->tst_info != NULL)
-            TS_TST_INFO_free(a->tst_info);
-        a->tst_info = PKCS7_to_TS_TST_INFO(a->token);
-        if (!a->tst_info) {
-            TSerr(TS_F_TS_RESP_SET_TST_INFO,
-                  TS_R_PKCS7_TO_TS_TST_INFO_FAILED);
-            return 0;
-        }
-    } else if (status == 0 || status == 1) {
-        TSerr(TS_F_TS_RESP_SET_TST_INFO, TS_R_TOKEN_NOT_PRESENT);
-        return 0;
-    }
-
-    return 1;
-}
-
-static int ts_resp_cb(int op, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                      void *exarg)
-{
-    TS_RESP *ts_resp = (TS_RESP *)*pval;
-    if (op == ASN1_OP_NEW_POST) {
-        ts_resp->tst_info = NULL;
-    } else if (op == ASN1_OP_FREE_POST) {
-        if (ts_resp->tst_info != NULL)
-            TS_TST_INFO_free(ts_resp->tst_info);
-    } else if (op == ASN1_OP_D2I_POST) {
-        if (ts_resp_set_tst_info(ts_resp) == 0)
-            return 0;
-    }
-    return 1;
-}
-
-ASN1_SEQUENCE_cb(TS_RESP, ts_resp_cb) = {
-        ASN1_SIMPLE(TS_RESP, status_info, TS_STATUS_INFO),
-        ASN1_OPT(TS_RESP, token, PKCS7),
-} ASN1_SEQUENCE_END_cb(TS_RESP, TS_RESP)
-
-IMPLEMENT_ASN1_FUNCTIONS_const(TS_RESP)
-
-IMPLEMENT_ASN1_DUP_FUNCTION(TS_RESP)
-
-#ifndef OPENSSL_NO_BIO
-TS_RESP *d2i_TS_RESP_bio(BIO *bp, TS_RESP **a)
-{
-    return ASN1_d2i_bio_of(TS_RESP, TS_RESP_new, d2i_TS_RESP, bp, a);
-}
-
-int i2d_TS_RESP_bio(BIO *bp, TS_RESP *a)
-{
-    return ASN1_i2d_bio_of_const(TS_RESP, i2d_TS_RESP, bp, a);
-}
-#endif
-#ifndef OPENSSL_NO_FP_API
-TS_RESP *d2i_TS_RESP_fp(FILE *fp, TS_RESP **a)
-{
-    return ASN1_d2i_fp_of(TS_RESP, TS_RESP_new, d2i_TS_RESP, fp, a);
-}
-
-int i2d_TS_RESP_fp(FILE *fp, TS_RESP *a)
-{
-    return ASN1_i2d_fp_of_const(TS_RESP, i2d_TS_RESP, fp, a);
-}
-#endif
-
-ASN1_SEQUENCE(ESS_ISSUER_SERIAL) = {
-        ASN1_SEQUENCE_OF(ESS_ISSUER_SERIAL, issuer, GENERAL_NAME),
-        ASN1_SIMPLE(ESS_ISSUER_SERIAL, serial, ASN1_INTEGER)
-} ASN1_SEQUENCE_END(ESS_ISSUER_SERIAL)
-
-IMPLEMENT_ASN1_FUNCTIONS_const(ESS_ISSUER_SERIAL)
-IMPLEMENT_ASN1_DUP_FUNCTION(ESS_ISSUER_SERIAL)
-
-ASN1_SEQUENCE(ESS_CERT_ID) = {
-        ASN1_SIMPLE(ESS_CERT_ID, hash, ASN1_OCTET_STRING),
-        ASN1_OPT(ESS_CERT_ID, issuer_serial, ESS_ISSUER_SERIAL)
-} ASN1_SEQUENCE_END(ESS_CERT_ID)
-
-IMPLEMENT_ASN1_FUNCTIONS_const(ESS_CERT_ID)
-IMPLEMENT_ASN1_DUP_FUNCTION(ESS_CERT_ID)
-
-ASN1_SEQUENCE(ESS_SIGNING_CERT) = {
-        ASN1_SEQUENCE_OF(ESS_SIGNING_CERT, cert_ids, ESS_CERT_ID),
-        ASN1_SEQUENCE_OF_OPT(ESS_SIGNING_CERT, policy_info, POLICYINFO)
-} ASN1_SEQUENCE_END(ESS_SIGNING_CERT)
-
-IMPLEMENT_ASN1_FUNCTIONS_const(ESS_SIGNING_CERT)
-IMPLEMENT_ASN1_DUP_FUNCTION(ESS_SIGNING_CERT)
-
-/* Getting encapsulated TS_TST_INFO object from PKCS7. */
-TS_TST_INFO *PKCS7_to_TS_TST_INFO(PKCS7 *token)
-{
-    PKCS7_SIGNED *pkcs7_signed;
-    PKCS7 *enveloped;
-    ASN1_TYPE *tst_info_wrapper;
-    ASN1_OCTET_STRING *tst_info_der;
-    const unsigned char *p;
-
-    if (!PKCS7_type_is_signed(token)) {
-        TSerr(TS_F_PKCS7_TO_TS_TST_INFO, TS_R_BAD_PKCS7_TYPE);
-        return NULL;
-    }
-
-    /* Content must be present. */
-    if (PKCS7_get_detached(token)) {
-        TSerr(TS_F_PKCS7_TO_TS_TST_INFO, TS_R_DETACHED_CONTENT);
-        return NULL;
-    }
-
-    /* We have a signed data with content. */
-    pkcs7_signed = token->d.sign;
-    enveloped = pkcs7_signed->contents;
-    if (OBJ_obj2nid(enveloped->type) != NID_id_smime_ct_TSTInfo) {
-        TSerr(TS_F_PKCS7_TO_TS_TST_INFO, TS_R_BAD_PKCS7_TYPE);
-        return NULL;
-    }
-
-    /* We have a DER encoded TST_INFO as the signed data. */
-    tst_info_wrapper = enveloped->d.other;
-    if (tst_info_wrapper->type != V_ASN1_OCTET_STRING) {
-        TSerr(TS_F_PKCS7_TO_TS_TST_INFO, TS_R_BAD_TYPE);
-        return NULL;
-    }
-
-    /* We have the correct ASN1_OCTET_STRING type. */
-    tst_info_der = tst_info_wrapper->value.octet_string;
-    /* At last, decode the TST_INFO. */
-    p = tst_info_der->data;
-    return d2i_TS_TST_INFO(NULL, &p, tst_info_der->length);
-}
diff --git a/thirdparty/openssl/crypto/ts/ts_conf.c b/thirdparty/openssl/crypto/ts/ts_conf.c
deleted file mode 100644
index 4716b2336d..0000000000
--- a/thirdparty/openssl/crypto/ts/ts_conf.c
+++ /dev/null
@@ -1,491 +0,0 @@
-/* crypto/ts/ts_conf.c */
-/*
- * Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
- * 2002.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/pem.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-#include <openssl/ts.h>
-
-/* Macro definitions for the configuration file. */
-
-#define BASE_SECTION                    "tsa"
-#define ENV_DEFAULT_TSA                 "default_tsa"
-#define ENV_SERIAL                      "serial"
-#define ENV_CRYPTO_DEVICE               "crypto_device"
-#define ENV_SIGNER_CERT                 "signer_cert"
-#define ENV_CERTS                       "certs"
-#define ENV_SIGNER_KEY                  "signer_key"
-#define ENV_DEFAULT_POLICY              "default_policy"
-#define ENV_OTHER_POLICIES              "other_policies"
-#define ENV_DIGESTS                     "digests"
-#define ENV_ACCURACY                    "accuracy"
-#define ENV_ORDERING                    "ordering"
-#define ENV_TSA_NAME                    "tsa_name"
-#define ENV_ESS_CERT_ID_CHAIN           "ess_cert_id_chain"
-#define ENV_VALUE_SECS                  "secs"
-#define ENV_VALUE_MILLISECS             "millisecs"
-#define ENV_VALUE_MICROSECS             "microsecs"
-#define ENV_CLOCK_PRECISION_DIGITS      "clock_precision_digits"
-#define ENV_VALUE_YES                   "yes"
-#define ENV_VALUE_NO                    "no"
-
-/* Function definitions for certificate and key loading. */
-
-X509 *TS_CONF_load_cert(const char *file)
-{
-    BIO *cert = NULL;
-    X509 *x = NULL;
-
-    if ((cert = BIO_new_file(file, "r")) == NULL)
-        goto end;
-    x = PEM_read_bio_X509_AUX(cert, NULL, NULL, NULL);
- end:
-    if (x == NULL)
-        fprintf(stderr, "unable to load certificate: %s\n", file);
-    BIO_free(cert);
-    return x;
-}
-
-STACK_OF(X509) *TS_CONF_load_certs(const char *file)
-{
-    BIO *certs = NULL;
-    STACK_OF(X509) *othercerts = NULL;
-    STACK_OF(X509_INFO) *allcerts = NULL;
-    int i;
-
-    if (!(certs = BIO_new_file(file, "r")))
-        goto end;
-
-    if (!(othercerts = sk_X509_new_null()))
-        goto end;
-    allcerts = PEM_X509_INFO_read_bio(certs, NULL, NULL, NULL);
-    for (i = 0; i < sk_X509_INFO_num(allcerts); i++) {
-        X509_INFO *xi = sk_X509_INFO_value(allcerts, i);
-        if (xi->x509) {
-            sk_X509_push(othercerts, xi->x509);
-            xi->x509 = NULL;
-        }
-    }
- end:
-    if (othercerts == NULL)
-        fprintf(stderr, "unable to load certificates: %s\n", file);
-    sk_X509_INFO_pop_free(allcerts, X509_INFO_free);
-    BIO_free(certs);
-    return othercerts;
-}
-
-EVP_PKEY *TS_CONF_load_key(const char *file, const char *pass)
-{
-    BIO *key = NULL;
-    EVP_PKEY *pkey = NULL;
-
-    if (!(key = BIO_new_file(file, "r")))
-        goto end;
-    pkey = PEM_read_bio_PrivateKey(key, NULL, NULL, (char *)pass);
- end:
-    if (pkey == NULL)
-        fprintf(stderr, "unable to load private key: %s\n", file);
-    BIO_free(key);
-    return pkey;
-}
-
-/* Function definitions for handling configuration options. */
-
-static void TS_CONF_lookup_fail(const char *name, const char *tag)
-{
-    fprintf(stderr, "variable lookup failed for %s::%s\n", name, tag);
-}
-
-static void TS_CONF_invalid(const char *name, const char *tag)
-{
-    fprintf(stderr, "invalid variable value for %s::%s\n", name, tag);
-}
-
-const char *TS_CONF_get_tsa_section(CONF *conf, const char *section)
-{
-    if (!section) {
-        section = NCONF_get_string(conf, BASE_SECTION, ENV_DEFAULT_TSA);
-        if (!section)
-            TS_CONF_lookup_fail(BASE_SECTION, ENV_DEFAULT_TSA);
-    }
-    return section;
-}
-
-int TS_CONF_set_serial(CONF *conf, const char *section, TS_serial_cb cb,
-                       TS_RESP_CTX *ctx)
-{
-    int ret = 0;
-    char *serial = NCONF_get_string(conf, section, ENV_SERIAL);
-    if (!serial) {
-        TS_CONF_lookup_fail(section, ENV_SERIAL);
-        goto err;
-    }
-    TS_RESP_CTX_set_serial_cb(ctx, cb, serial);
-
-    ret = 1;
- err:
-    return ret;
-}
-
-#ifndef OPENSSL_NO_ENGINE
-
-int TS_CONF_set_crypto_device(CONF *conf, const char *section,
-                              const char *device)
-{
-    int ret = 0;
-
-    if (!device)
-        device = NCONF_get_string(conf, section, ENV_CRYPTO_DEVICE);
-
-    if (device && !TS_CONF_set_default_engine(device)) {
-        TS_CONF_invalid(section, ENV_CRYPTO_DEVICE);
-        goto err;
-    }
-    ret = 1;
- err:
-    return ret;
-}
-
-int TS_CONF_set_default_engine(const char *name)
-{
-    ENGINE *e = NULL;
-    int ret = 0;
-
-    /* Leave the default if builtin specified. */
-    if (strcmp(name, "builtin") == 0)
-        return 1;
-
-    if (!(e = ENGINE_by_id(name)))
-        goto err;
-    /* Enable the use of the NCipher HSM for forked children. */
-    if (strcmp(name, "chil") == 0)
-        ENGINE_ctrl(e, ENGINE_CTRL_CHIL_SET_FORKCHECK, 1, 0, 0);
-    /* All the operations are going to be carried out by the engine. */
-    if (!ENGINE_set_default(e, ENGINE_METHOD_ALL))
-        goto err;
-    ret = 1;
- err:
-    if (!ret) {
-        TSerr(TS_F_TS_CONF_SET_DEFAULT_ENGINE, TS_R_COULD_NOT_SET_ENGINE);
-        ERR_add_error_data(2, "engine:", name);
-    }
-    if (e)
-        ENGINE_free(e);
-    return ret;
-}
-
-#endif
-
-int TS_CONF_set_signer_cert(CONF *conf, const char *section,
-                            const char *cert, TS_RESP_CTX *ctx)
-{
-    int ret = 0;
-    X509 *cert_obj = NULL;
-    if (!cert)
-        cert = NCONF_get_string(conf, section, ENV_SIGNER_CERT);
-    if (!cert) {
-        TS_CONF_lookup_fail(section, ENV_SIGNER_CERT);
-        goto err;
-    }
-    if (!(cert_obj = TS_CONF_load_cert(cert)))
-        goto err;
-    if (!TS_RESP_CTX_set_signer_cert(ctx, cert_obj))
-        goto err;
-
-    ret = 1;
- err:
-    X509_free(cert_obj);
-    return ret;
-}
-
-int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs,
-                      TS_RESP_CTX *ctx)
-{
-    int ret = 0;
-    STACK_OF(X509) *certs_obj = NULL;
-    if (!certs)
-        certs = NCONF_get_string(conf, section, ENV_CERTS);
-    /* Certificate chain is optional. */
-    if (!certs)
-        goto end;
-    if (!(certs_obj = TS_CONF_load_certs(certs)))
-        goto err;
-    if (!TS_RESP_CTX_set_certs(ctx, certs_obj))
-        goto err;
- end:
-    ret = 1;
- err:
-    sk_X509_pop_free(certs_obj, X509_free);
-    return ret;
-}
-
-int TS_CONF_set_signer_key(CONF *conf, const char *section,
-                           const char *key, const char *pass,
-                           TS_RESP_CTX *ctx)
-{
-    int ret = 0;
-    EVP_PKEY *key_obj = NULL;
-    if (!key)
-        key = NCONF_get_string(conf, section, ENV_SIGNER_KEY);
-    if (!key) {
-        TS_CONF_lookup_fail(section, ENV_SIGNER_KEY);
-        goto err;
-    }
-    if (!(key_obj = TS_CONF_load_key(key, pass)))
-        goto err;
-    if (!TS_RESP_CTX_set_signer_key(ctx, key_obj))
-        goto err;
-
-    ret = 1;
- err:
-    EVP_PKEY_free(key_obj);
-    return ret;
-}
-
-int TS_CONF_set_def_policy(CONF *conf, const char *section,
-                           const char *policy, TS_RESP_CTX *ctx)
-{
-    int ret = 0;
-    ASN1_OBJECT *policy_obj = NULL;
-    if (!policy)
-        policy = NCONF_get_string(conf, section, ENV_DEFAULT_POLICY);
-    if (!policy) {
-        TS_CONF_lookup_fail(section, ENV_DEFAULT_POLICY);
-        goto err;
-    }
-    if (!(policy_obj = OBJ_txt2obj(policy, 0))) {
-        TS_CONF_invalid(section, ENV_DEFAULT_POLICY);
-        goto err;
-    }
-    if (!TS_RESP_CTX_set_def_policy(ctx, policy_obj))
-        goto err;
-
-    ret = 1;
- err:
-    ASN1_OBJECT_free(policy_obj);
-    return ret;
-}
-
-int TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx)
-{
-    int ret = 0;
-    int i;
-    STACK_OF(CONF_VALUE) *list = NULL;
-    char *policies = NCONF_get_string(conf, section,
-                                      ENV_OTHER_POLICIES);
-    /* If no other policy is specified, that's fine. */
-    if (policies && !(list = X509V3_parse_list(policies))) {
-        TS_CONF_invalid(section, ENV_OTHER_POLICIES);
-        goto err;
-    }
-    for (i = 0; i < sk_CONF_VALUE_num(list); ++i) {
-        CONF_VALUE *val = sk_CONF_VALUE_value(list, i);
-        const char *extval = val->value ? val->value : val->name;
-        ASN1_OBJECT *objtmp;
-        if (!(objtmp = OBJ_txt2obj(extval, 0))) {
-            TS_CONF_invalid(section, ENV_OTHER_POLICIES);
-            goto err;
-        }
-        if (!TS_RESP_CTX_add_policy(ctx, objtmp))
-            goto err;
-        ASN1_OBJECT_free(objtmp);
-    }
-
-    ret = 1;
- err:
-    sk_CONF_VALUE_pop_free(list, X509V3_conf_free);
-    return ret;
-}
-
-int TS_CONF_set_digests(CONF *conf, const char *section, TS_RESP_CTX *ctx)
-{
-    int ret = 0;
-    int i;
-    STACK_OF(CONF_VALUE) *list = NULL;
-    char *digests = NCONF_get_string(conf, section, ENV_DIGESTS);
-    if (!digests) {
-        TS_CONF_lookup_fail(section, ENV_DIGESTS);
-        goto err;
-    }
-    if (!(list = X509V3_parse_list(digests))) {
-        TS_CONF_invalid(section, ENV_DIGESTS);
-        goto err;
-    }
-    if (sk_CONF_VALUE_num(list) == 0) {
-        TS_CONF_invalid(section, ENV_DIGESTS);
-        goto err;
-    }
-    for (i = 0; i < sk_CONF_VALUE_num(list); ++i) {
-        CONF_VALUE *val = sk_CONF_VALUE_value(list, i);
-        const char *extval = val->value ? val->value : val->name;
-        const EVP_MD *md;
-        if (!(md = EVP_get_digestbyname(extval))) {
-            TS_CONF_invalid(section, ENV_DIGESTS);
-            goto err;
-        }
-        if (!TS_RESP_CTX_add_md(ctx, md))
-            goto err;
-    }
-
-    ret = 1;
- err:
-    sk_CONF_VALUE_pop_free(list, X509V3_conf_free);
-    return ret;
-}
-
-int TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx)
-{
-    int ret = 0;
-    int i;
-    int secs = 0, millis = 0, micros = 0;
-    STACK_OF(CONF_VALUE) *list = NULL;
-    char *accuracy = NCONF_get_string(conf, section, ENV_ACCURACY);
-
-    if (accuracy && !(list = X509V3_parse_list(accuracy))) {
-        TS_CONF_invalid(section, ENV_ACCURACY);
-        goto err;
-    }
-    for (i = 0; i < sk_CONF_VALUE_num(list); ++i) {
-        CONF_VALUE *val = sk_CONF_VALUE_value(list, i);
-        if (strcmp(val->name, ENV_VALUE_SECS) == 0) {
-            if (val->value)
-                secs = atoi(val->value);
-        } else if (strcmp(val->name, ENV_VALUE_MILLISECS) == 0) {
-            if (val->value)
-                millis = atoi(val->value);
-        } else if (strcmp(val->name, ENV_VALUE_MICROSECS) == 0) {
-            if (val->value)
-                micros = atoi(val->value);
-        } else {
-            TS_CONF_invalid(section, ENV_ACCURACY);
-            goto err;
-        }
-    }
-    if (!TS_RESP_CTX_set_accuracy(ctx, secs, millis, micros))
-        goto err;
-
-    ret = 1;
- err:
-    sk_CONF_VALUE_pop_free(list, X509V3_conf_free);
-    return ret;
-}
-
-int TS_CONF_set_clock_precision_digits(CONF *conf, const char *section,
-                                       TS_RESP_CTX *ctx)
-{
-    int ret = 0;
-    long digits = 0;
-
-    /*
-     * If not specified, set the default value to 0, i.e. sec precision
-     */
-    if (!NCONF_get_number_e(conf, section, ENV_CLOCK_PRECISION_DIGITS,
-                            &digits))
-        digits = 0;
-    if (digits < 0 || digits > TS_MAX_CLOCK_PRECISION_DIGITS) {
-        TS_CONF_invalid(section, ENV_CLOCK_PRECISION_DIGITS);
-        goto err;
-    }
-
-    if (!TS_RESP_CTX_set_clock_precision_digits(ctx, digits))
-        goto err;
-
-    return 1;
- err:
-    return ret;
-}
-
-static int TS_CONF_add_flag(CONF *conf, const char *section,
-                            const char *field, int flag, TS_RESP_CTX *ctx)
-{
-    /* Default is false. */
-    const char *value = NCONF_get_string(conf, section, field);
-    if (value) {
-        if (strcmp(value, ENV_VALUE_YES) == 0)
-            TS_RESP_CTX_add_flags(ctx, flag);
-        else if (strcmp(value, ENV_VALUE_NO) != 0) {
-            TS_CONF_invalid(section, field);
-            return 0;
-        }
-    }
-
-    return 1;
-}
-
-int TS_CONF_set_ordering(CONF *conf, const char *section, TS_RESP_CTX *ctx)
-{
-    return TS_CONF_add_flag(conf, section, ENV_ORDERING, TS_ORDERING, ctx);
-}
-
-int TS_CONF_set_tsa_name(CONF *conf, const char *section, TS_RESP_CTX *ctx)
-{
-    return TS_CONF_add_flag(conf, section, ENV_TSA_NAME, TS_TSA_NAME, ctx);
-}
-
-int TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section,
-                                  TS_RESP_CTX *ctx)
-{
-    return TS_CONF_add_flag(conf, section, ENV_ESS_CERT_ID_CHAIN,
-                            TS_ESS_CERT_ID_CHAIN, ctx);
-}
diff --git a/thirdparty/openssl/crypto/ts/ts_err.c b/thirdparty/openssl/crypto/ts/ts_err.c
deleted file mode 100644
index ff1abf4533..0000000000
--- a/thirdparty/openssl/crypto/ts/ts_err.c
+++ /dev/null
@@ -1,188 +0,0 @@
-/* crypto/ts/ts_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/ts.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_TS,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_TS,0,reason)
-
-static ERR_STRING_DATA TS_str_functs[] = {
-    {ERR_FUNC(TS_F_D2I_TS_RESP), "d2i_TS_RESP"},
-    {ERR_FUNC(TS_F_DEF_SERIAL_CB), "DEF_SERIAL_CB"},
-    {ERR_FUNC(TS_F_DEF_TIME_CB), "DEF_TIME_CB"},
-    {ERR_FUNC(TS_F_ESS_ADD_SIGNING_CERT), "ESS_ADD_SIGNING_CERT"},
-    {ERR_FUNC(TS_F_ESS_CERT_ID_NEW_INIT), "ESS_CERT_ID_NEW_INIT"},
-    {ERR_FUNC(TS_F_ESS_SIGNING_CERT_NEW_INIT), "ESS_SIGNING_CERT_NEW_INIT"},
-    {ERR_FUNC(TS_F_INT_TS_RESP_VERIFY_TOKEN), "INT_TS_RESP_VERIFY_TOKEN"},
-    {ERR_FUNC(TS_F_PKCS7_TO_TS_TST_INFO), "PKCS7_to_TS_TST_INFO"},
-    {ERR_FUNC(TS_F_TS_ACCURACY_SET_MICROS), "TS_ACCURACY_set_micros"},
-    {ERR_FUNC(TS_F_TS_ACCURACY_SET_MILLIS), "TS_ACCURACY_set_millis"},
-    {ERR_FUNC(TS_F_TS_ACCURACY_SET_SECONDS), "TS_ACCURACY_set_seconds"},
-    {ERR_FUNC(TS_F_TS_CHECK_IMPRINTS), "TS_CHECK_IMPRINTS"},
-    {ERR_FUNC(TS_F_TS_CHECK_NONCES), "TS_CHECK_NONCES"},
-    {ERR_FUNC(TS_F_TS_CHECK_POLICY), "TS_CHECK_POLICY"},
-    {ERR_FUNC(TS_F_TS_CHECK_SIGNING_CERTS), "TS_CHECK_SIGNING_CERTS"},
-    {ERR_FUNC(TS_F_TS_CHECK_STATUS_INFO), "TS_CHECK_STATUS_INFO"},
-    {ERR_FUNC(TS_F_TS_COMPUTE_IMPRINT), "TS_COMPUTE_IMPRINT"},
-    {ERR_FUNC(TS_F_TS_CONF_SET_DEFAULT_ENGINE), "TS_CONF_set_default_engine"},
-    {ERR_FUNC(TS_F_TS_GET_STATUS_TEXT), "TS_GET_STATUS_TEXT"},
-    {ERR_FUNC(TS_F_TS_MSG_IMPRINT_SET_ALGO), "TS_MSG_IMPRINT_set_algo"},
-    {ERR_FUNC(TS_F_TS_REQ_SET_MSG_IMPRINT), "TS_REQ_set_msg_imprint"},
-    {ERR_FUNC(TS_F_TS_REQ_SET_NONCE), "TS_REQ_set_nonce"},
-    {ERR_FUNC(TS_F_TS_REQ_SET_POLICY_ID), "TS_REQ_set_policy_id"},
-    {ERR_FUNC(TS_F_TS_RESP_CREATE_RESPONSE), "TS_RESP_create_response"},
-    {ERR_FUNC(TS_F_TS_RESP_CREATE_TST_INFO), "TS_RESP_CREATE_TST_INFO"},
-    {ERR_FUNC(TS_F_TS_RESP_CTX_ADD_FAILURE_INFO),
-     "TS_RESP_CTX_add_failure_info"},
-    {ERR_FUNC(TS_F_TS_RESP_CTX_ADD_MD), "TS_RESP_CTX_add_md"},
-    {ERR_FUNC(TS_F_TS_RESP_CTX_ADD_POLICY), "TS_RESP_CTX_add_policy"},
-    {ERR_FUNC(TS_F_TS_RESP_CTX_NEW), "TS_RESP_CTX_new"},
-    {ERR_FUNC(TS_F_TS_RESP_CTX_SET_ACCURACY), "TS_RESP_CTX_set_accuracy"},
-    {ERR_FUNC(TS_F_TS_RESP_CTX_SET_CERTS), "TS_RESP_CTX_set_certs"},
-    {ERR_FUNC(TS_F_TS_RESP_CTX_SET_DEF_POLICY), "TS_RESP_CTX_set_def_policy"},
-    {ERR_FUNC(TS_F_TS_RESP_CTX_SET_SIGNER_CERT),
-     "TS_RESP_CTX_set_signer_cert"},
-    {ERR_FUNC(TS_F_TS_RESP_CTX_SET_STATUS_INFO),
-     "TS_RESP_CTX_set_status_info"},
-    {ERR_FUNC(TS_F_TS_RESP_GET_POLICY), "TS_RESP_GET_POLICY"},
-    {ERR_FUNC(TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION),
-     "TS_RESP_SET_GENTIME_WITH_PRECISION"},
-    {ERR_FUNC(TS_F_TS_RESP_SET_STATUS_INFO), "TS_RESP_set_status_info"},
-    {ERR_FUNC(TS_F_TS_RESP_SET_TST_INFO), "TS_RESP_set_tst_info"},
-    {ERR_FUNC(TS_F_TS_RESP_SIGN), "TS_RESP_SIGN"},
-    {ERR_FUNC(TS_F_TS_RESP_VERIFY_SIGNATURE), "TS_RESP_verify_signature"},
-    {ERR_FUNC(TS_F_TS_RESP_VERIFY_TOKEN), "TS_RESP_verify_token"},
-    {ERR_FUNC(TS_F_TS_TST_INFO_SET_ACCURACY), "TS_TST_INFO_set_accuracy"},
-    {ERR_FUNC(TS_F_TS_TST_INFO_SET_MSG_IMPRINT),
-     "TS_TST_INFO_set_msg_imprint"},
-    {ERR_FUNC(TS_F_TS_TST_INFO_SET_NONCE), "TS_TST_INFO_set_nonce"},
-    {ERR_FUNC(TS_F_TS_TST_INFO_SET_POLICY_ID), "TS_TST_INFO_set_policy_id"},
-    {ERR_FUNC(TS_F_TS_TST_INFO_SET_SERIAL), "TS_TST_INFO_set_serial"},
-    {ERR_FUNC(TS_F_TS_TST_INFO_SET_TIME), "TS_TST_INFO_set_time"},
-    {ERR_FUNC(TS_F_TS_TST_INFO_SET_TSA), "TS_TST_INFO_set_tsa"},
-    {ERR_FUNC(TS_F_TS_VERIFY), "TS_VERIFY"},
-    {ERR_FUNC(TS_F_TS_VERIFY_CERT), "TS_VERIFY_CERT"},
-    {ERR_FUNC(TS_F_TS_VERIFY_CTX_NEW), "TS_VERIFY_CTX_new"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA TS_str_reasons[] = {
-    {ERR_REASON(TS_R_BAD_PKCS7_TYPE), "bad pkcs7 type"},
-    {ERR_REASON(TS_R_BAD_TYPE), "bad type"},
-    {ERR_REASON(TS_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"},
-    {ERR_REASON(TS_R_COULD_NOT_SET_ENGINE), "could not set engine"},
-    {ERR_REASON(TS_R_COULD_NOT_SET_TIME), "could not set time"},
-    {ERR_REASON(TS_R_D2I_TS_RESP_INT_FAILED), "d2i ts resp int failed"},
-    {ERR_REASON(TS_R_DETACHED_CONTENT), "detached content"},
-    {ERR_REASON(TS_R_ESS_ADD_SIGNING_CERT_ERROR),
-     "ess add signing cert error"},
-    {ERR_REASON(TS_R_ESS_SIGNING_CERTIFICATE_ERROR),
-     "ess signing certificate error"},
-    {ERR_REASON(TS_R_INVALID_NULL_POINTER), "invalid null pointer"},
-    {ERR_REASON(TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE),
-     "invalid signer certificate purpose"},
-    {ERR_REASON(TS_R_MESSAGE_IMPRINT_MISMATCH), "message imprint mismatch"},
-    {ERR_REASON(TS_R_NONCE_MISMATCH), "nonce mismatch"},
-    {ERR_REASON(TS_R_NONCE_NOT_RETURNED), "nonce not returned"},
-    {ERR_REASON(TS_R_NO_CONTENT), "no content"},
-    {ERR_REASON(TS_R_NO_TIME_STAMP_TOKEN), "no time stamp token"},
-    {ERR_REASON(TS_R_PKCS7_ADD_SIGNATURE_ERROR), "pkcs7 add signature error"},
-    {ERR_REASON(TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR),
-     "pkcs7 add signed attr error"},
-    {ERR_REASON(TS_R_PKCS7_TO_TS_TST_INFO_FAILED),
-     "pkcs7 to ts tst info failed"},
-    {ERR_REASON(TS_R_POLICY_MISMATCH), "policy mismatch"},
-    {ERR_REASON(TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),
-     "private key does not match certificate"},
-    {ERR_REASON(TS_R_RESPONSE_SETUP_ERROR), "response setup error"},
-    {ERR_REASON(TS_R_SIGNATURE_FAILURE), "signature failure"},
-    {ERR_REASON(TS_R_THERE_MUST_BE_ONE_SIGNER), "there must be one signer"},
-    {ERR_REASON(TS_R_TIME_SYSCALL_ERROR), "time syscall error"},
-    {ERR_REASON(TS_R_TOKEN_NOT_PRESENT), "token not present"},
-    {ERR_REASON(TS_R_TOKEN_PRESENT), "token present"},
-    {ERR_REASON(TS_R_TSA_NAME_MISMATCH), "tsa name mismatch"},
-    {ERR_REASON(TS_R_TSA_UNTRUSTED), "tsa untrusted"},
-    {ERR_REASON(TS_R_TST_INFO_SETUP_ERROR), "tst info setup error"},
-    {ERR_REASON(TS_R_TS_DATASIGN), "ts datasign"},
-    {ERR_REASON(TS_R_UNACCEPTABLE_POLICY), "unacceptable policy"},
-    {ERR_REASON(TS_R_UNSUPPORTED_MD_ALGORITHM), "unsupported md algorithm"},
-    {ERR_REASON(TS_R_UNSUPPORTED_VERSION), "unsupported version"},
-    {ERR_REASON(TS_R_WRONG_CONTENT_TYPE), "wrong content type"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_TS_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(TS_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, TS_str_functs);
-        ERR_load_strings(0, TS_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/ts/ts_lib.c b/thirdparty/openssl/crypto/ts/ts_lib.c
deleted file mode 100644
index e0f1063537..0000000000
--- a/thirdparty/openssl/crypto/ts/ts_lib.c
+++ /dev/null
@@ -1,142 +0,0 @@
-/* crypto/ts/ts_lib.c */
-/*
- * Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
- * 2002.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/bn.h>
-#include <openssl/x509v3.h>
-#include "ts.h"
-
-/* Local function declarations. */
-
-/* Function definitions. */
-
-int TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num)
-{
-    BIGNUM num_bn;
-    int result = 0;
-    char *hex;
-
-    BN_init(&num_bn);
-    ASN1_INTEGER_to_BN(num, &num_bn);
-    if ((hex = BN_bn2hex(&num_bn))) {
-        result = BIO_write(bio, "0x", 2) > 0;
-        result = result && BIO_write(bio, hex, strlen(hex)) > 0;
-        OPENSSL_free(hex);
-    }
-    BN_free(&num_bn);
-
-    return result;
-}
-
-int TS_OBJ_print_bio(BIO *bio, const ASN1_OBJECT *obj)
-{
-    char obj_txt[128];
-
-    OBJ_obj2txt(obj_txt, sizeof(obj_txt), obj, 0);
-    BIO_printf(bio, "%s\n", obj_txt);
-
-    return 1;
-}
-
-int TS_ext_print_bio(BIO *bio, const STACK_OF(X509_EXTENSION) *extensions)
-{
-    int i, critical, n;
-    X509_EXTENSION *ex;
-    ASN1_OBJECT *obj;
-
-    BIO_printf(bio, "Extensions:\n");
-    n = X509v3_get_ext_count(extensions);
-    for (i = 0; i < n; i++) {
-        ex = X509v3_get_ext(extensions, i);
-        obj = X509_EXTENSION_get_object(ex);
-        i2a_ASN1_OBJECT(bio, obj);
-        critical = X509_EXTENSION_get_critical(ex);
-        BIO_printf(bio, ": %s\n", critical ? "critical" : "");
-        if (!X509V3_EXT_print(bio, ex, 0, 4)) {
-            BIO_printf(bio, "%4s", "");
-            M_ASN1_OCTET_STRING_print(bio, ex->value);
-        }
-        BIO_write(bio, "\n", 1);
-    }
-
-    return 1;
-}
-
-int TS_X509_ALGOR_print_bio(BIO *bio, const X509_ALGOR *alg)
-{
-    int i = OBJ_obj2nid(alg->algorithm);
-    return BIO_printf(bio, "Hash Algorithm: %s\n",
-                      (i == NID_undef) ? "UNKNOWN" : OBJ_nid2ln(i));
-}
-
-int TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *a)
-{
-    const ASN1_OCTET_STRING *msg;
-
-    TS_X509_ALGOR_print_bio(bio, TS_MSG_IMPRINT_get_algo(a));
-
-    BIO_printf(bio, "Message data:\n");
-    msg = TS_MSG_IMPRINT_get_msg(a);
-    BIO_dump_indent(bio, (const char *)M_ASN1_STRING_data(msg),
-                    M_ASN1_STRING_length(msg), 4);
-
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/ts/ts_req_print.c b/thirdparty/openssl/crypto/ts/ts_req_print.c
deleted file mode 100644
index 31940eef50..0000000000
--- a/thirdparty/openssl/crypto/ts/ts_req_print.c
+++ /dev/null
@@ -1,104 +0,0 @@
-/* crypto/ts/ts_req_print.c */
-/*
- * Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
- * 2002.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/bn.h>
-#include <openssl/x509v3.h>
-#include <openssl/ts.h>
-
-/* Function definitions. */
-
-int TS_REQ_print_bio(BIO *bio, TS_REQ *a)
-{
-    int v;
-    ASN1_OBJECT *policy_id;
-    const ASN1_INTEGER *nonce;
-
-    if (a == NULL)
-        return 0;
-
-    v = TS_REQ_get_version(a);
-    BIO_printf(bio, "Version: %d\n", v);
-
-    TS_MSG_IMPRINT_print_bio(bio, TS_REQ_get_msg_imprint(a));
-
-    BIO_printf(bio, "Policy OID: ");
-    policy_id = TS_REQ_get_policy_id(a);
-    if (policy_id == NULL)
-        BIO_printf(bio, "unspecified\n");
-    else
-        TS_OBJ_print_bio(bio, policy_id);
-
-    BIO_printf(bio, "Nonce: ");
-    nonce = TS_REQ_get_nonce(a);
-    if (nonce == NULL)
-        BIO_printf(bio, "unspecified");
-    else
-        TS_ASN1_INTEGER_print_bio(bio, nonce);
-    BIO_write(bio, "\n", 1);
-
-    BIO_printf(bio, "Certificate required: %s\n",
-               TS_REQ_get_cert_req(a) ? "yes" : "no");
-
-    TS_ext_print_bio(bio, TS_REQ_get_exts(a));
-
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/ts/ts_req_utils.c b/thirdparty/openssl/crypto/ts/ts_req_utils.c
deleted file mode 100644
index 362e5e589a..0000000000
--- a/thirdparty/openssl/crypto/ts/ts_req_utils.c
+++ /dev/null
@@ -1,232 +0,0 @@
-/* crypto/ts/ts_req_utils.c */
-/*
- * Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
- * 2002.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/x509v3.h>
-#include <openssl/ts.h>
-
-int TS_REQ_set_version(TS_REQ *a, long version)
-{
-    return ASN1_INTEGER_set(a->version, version);
-}
-
-long TS_REQ_get_version(const TS_REQ *a)
-{
-    return ASN1_INTEGER_get(a->version);
-}
-
-int TS_REQ_set_msg_imprint(TS_REQ *a, TS_MSG_IMPRINT *msg_imprint)
-{
-    TS_MSG_IMPRINT *new_msg_imprint;
-
-    if (a->msg_imprint == msg_imprint)
-        return 1;
-    new_msg_imprint = TS_MSG_IMPRINT_dup(msg_imprint);
-    if (new_msg_imprint == NULL) {
-        TSerr(TS_F_TS_REQ_SET_MSG_IMPRINT, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    TS_MSG_IMPRINT_free(a->msg_imprint);
-    a->msg_imprint = new_msg_imprint;
-    return 1;
-}
-
-TS_MSG_IMPRINT *TS_REQ_get_msg_imprint(TS_REQ *a)
-{
-    return a->msg_imprint;
-}
-
-int TS_MSG_IMPRINT_set_algo(TS_MSG_IMPRINT *a, X509_ALGOR *alg)
-{
-    X509_ALGOR *new_alg;
-
-    if (a->hash_algo == alg)
-        return 1;
-    new_alg = X509_ALGOR_dup(alg);
-    if (new_alg == NULL) {
-        TSerr(TS_F_TS_MSG_IMPRINT_SET_ALGO, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    X509_ALGOR_free(a->hash_algo);
-    a->hash_algo = new_alg;
-    return 1;
-}
-
-X509_ALGOR *TS_MSG_IMPRINT_get_algo(TS_MSG_IMPRINT *a)
-{
-    return a->hash_algo;
-}
-
-int TS_MSG_IMPRINT_set_msg(TS_MSG_IMPRINT *a, unsigned char *d, int len)
-{
-    return ASN1_OCTET_STRING_set(a->hashed_msg, d, len);
-}
-
-ASN1_OCTET_STRING *TS_MSG_IMPRINT_get_msg(TS_MSG_IMPRINT *a)
-{
-    return a->hashed_msg;
-}
-
-int TS_REQ_set_policy_id(TS_REQ *a, ASN1_OBJECT *policy)
-{
-    ASN1_OBJECT *new_policy;
-
-    if (a->policy_id == policy)
-        return 1;
-    new_policy = OBJ_dup(policy);
-    if (new_policy == NULL) {
-        TSerr(TS_F_TS_REQ_SET_POLICY_ID, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    ASN1_OBJECT_free(a->policy_id);
-    a->policy_id = new_policy;
-    return 1;
-}
-
-ASN1_OBJECT *TS_REQ_get_policy_id(TS_REQ *a)
-{
-    return a->policy_id;
-}
-
-int TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce)
-{
-    ASN1_INTEGER *new_nonce;
-
-    if (a->nonce == nonce)
-        return 1;
-    new_nonce = ASN1_INTEGER_dup(nonce);
-    if (new_nonce == NULL) {
-        TSerr(TS_F_TS_REQ_SET_NONCE, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    ASN1_INTEGER_free(a->nonce);
-    a->nonce = new_nonce;
-    return 1;
-}
-
-const ASN1_INTEGER *TS_REQ_get_nonce(const TS_REQ *a)
-{
-    return a->nonce;
-}
-
-int TS_REQ_set_cert_req(TS_REQ *a, int cert_req)
-{
-    a->cert_req = cert_req ? 0xFF : 0x00;
-    return 1;
-}
-
-int TS_REQ_get_cert_req(const TS_REQ *a)
-{
-    return a->cert_req ? 1 : 0;
-}
-
-STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a)
-{
-    return a->extensions;
-}
-
-void TS_REQ_ext_free(TS_REQ *a)
-{
-    if (!a)
-        return;
-    sk_X509_EXTENSION_pop_free(a->extensions, X509_EXTENSION_free);
-    a->extensions = NULL;
-}
-
-int TS_REQ_get_ext_count(TS_REQ *a)
-{
-    return X509v3_get_ext_count(a->extensions);
-}
-
-int TS_REQ_get_ext_by_NID(TS_REQ *a, int nid, int lastpos)
-{
-    return X509v3_get_ext_by_NID(a->extensions, nid, lastpos);
-}
-
-int TS_REQ_get_ext_by_OBJ(TS_REQ *a, ASN1_OBJECT *obj, int lastpos)
-{
-    return X509v3_get_ext_by_OBJ(a->extensions, obj, lastpos);
-}
-
-int TS_REQ_get_ext_by_critical(TS_REQ *a, int crit, int lastpos)
-{
-    return X509v3_get_ext_by_critical(a->extensions, crit, lastpos);
-}
-
-X509_EXTENSION *TS_REQ_get_ext(TS_REQ *a, int loc)
-{
-    return X509v3_get_ext(a->extensions, loc);
-}
-
-X509_EXTENSION *TS_REQ_delete_ext(TS_REQ *a, int loc)
-{
-    return X509v3_delete_ext(a->extensions, loc);
-}
-
-int TS_REQ_add_ext(TS_REQ *a, X509_EXTENSION *ex, int loc)
-{
-    return X509v3_add_ext(&a->extensions, ex, loc) != NULL;
-}
-
-void *TS_REQ_get_ext_d2i(TS_REQ *a, int nid, int *crit, int *idx)
-{
-    return X509V3_get_d2i(a->extensions, nid, crit, idx);
-}
diff --git a/thirdparty/openssl/crypto/ts/ts_rsp_print.c b/thirdparty/openssl/crypto/ts/ts_rsp_print.c
deleted file mode 100644
index e706a5687a..0000000000
--- a/thirdparty/openssl/crypto/ts/ts_rsp_print.c
+++ /dev/null
@@ -1,281 +0,0 @@
-/* crypto/ts/ts_resp_print.c */
-/*
- * Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
- * 2002.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/bn.h>
-#include <openssl/x509v3.h>
-#include "ts.h"
-
-struct status_map_st {
-    int bit;
-    const char *text;
-};
-
-/* Local function declarations. */
-
-static int TS_status_map_print(BIO *bio, struct status_map_st *a,
-                               ASN1_BIT_STRING *v);
-static int TS_ACCURACY_print_bio(BIO *bio, const TS_ACCURACY *accuracy);
-
-/* Function definitions. */
-
-int TS_RESP_print_bio(BIO *bio, TS_RESP *a)
-{
-    TS_TST_INFO *tst_info;
-
-    BIO_printf(bio, "Status info:\n");
-    TS_STATUS_INFO_print_bio(bio, TS_RESP_get_status_info(a));
-
-    BIO_printf(bio, "\nTST info:\n");
-    tst_info = TS_RESP_get_tst_info(a);
-    if (tst_info != NULL)
-        TS_TST_INFO_print_bio(bio, TS_RESP_get_tst_info(a));
-    else
-        BIO_printf(bio, "Not included.\n");
-
-    return 1;
-}
-
-int TS_STATUS_INFO_print_bio(BIO *bio, TS_STATUS_INFO *a)
-{
-    static const char *status_map[] = {
-        "Granted.",
-        "Granted with modifications.",
-        "Rejected.",
-        "Waiting.",
-        "Revocation warning.",
-        "Revoked."
-    };
-    static struct status_map_st failure_map[] = {
-        {TS_INFO_BAD_ALG,
-         "unrecognized or unsupported algorithm identifier"},
-        {TS_INFO_BAD_REQUEST,
-         "transaction not permitted or supported"},
-        {TS_INFO_BAD_DATA_FORMAT,
-         "the data submitted has the wrong format"},
-        {TS_INFO_TIME_NOT_AVAILABLE,
-         "the TSA's time source is not available"},
-        {TS_INFO_UNACCEPTED_POLICY,
-         "the requested TSA policy is not supported by the TSA"},
-        {TS_INFO_UNACCEPTED_EXTENSION,
-         "the requested extension is not supported by the TSA"},
-        {TS_INFO_ADD_INFO_NOT_AVAILABLE,
-         "the additional information requested could not be understood "
-         "or is not available"},
-        {TS_INFO_SYSTEM_FAILURE,
-         "the request cannot be handled due to system failure"},
-        {-1, NULL}
-    };
-    long status;
-    int i, lines = 0;
-
-    /* Printing status code. */
-    BIO_printf(bio, "Status: ");
-    status = ASN1_INTEGER_get(a->status);
-    if (0 <= status
-        && status < (long)(sizeof(status_map) / sizeof(status_map[0])))
-        BIO_printf(bio, "%s\n", status_map[status]);
-    else
-        BIO_printf(bio, "out of bounds\n");
-
-    /* Printing status description. */
-    BIO_printf(bio, "Status description: ");
-    for (i = 0; i < sk_ASN1_UTF8STRING_num(a->text); ++i) {
-        if (i > 0)
-            BIO_puts(bio, "\t");
-        ASN1_STRING_print_ex(bio, sk_ASN1_UTF8STRING_value(a->text, i), 0);
-        BIO_puts(bio, "\n");
-    }
-    if (i == 0)
-        BIO_printf(bio, "unspecified\n");
-
-    /* Printing failure information. */
-    BIO_printf(bio, "Failure info: ");
-    if (a->failure_info != NULL)
-        lines = TS_status_map_print(bio, failure_map, a->failure_info);
-    if (lines == 0)
-        BIO_printf(bio, "unspecified");
-    BIO_printf(bio, "\n");
-
-    return 1;
-}
-
-static int TS_status_map_print(BIO *bio, struct status_map_st *a,
-                               ASN1_BIT_STRING *v)
-{
-    int lines = 0;
-
-    for (; a->bit >= 0; ++a) {
-        if (ASN1_BIT_STRING_get_bit(v, a->bit)) {
-            if (++lines > 1)
-                BIO_printf(bio, ", ");
-            BIO_printf(bio, "%s", a->text);
-        }
-    }
-
-    return lines;
-}
-
-int TS_TST_INFO_print_bio(BIO *bio, TS_TST_INFO *a)
-{
-    int v;
-    ASN1_OBJECT *policy_id;
-    const ASN1_INTEGER *serial;
-    const ASN1_GENERALIZEDTIME *gtime;
-    TS_ACCURACY *accuracy;
-    const ASN1_INTEGER *nonce;
-    GENERAL_NAME *tsa_name;
-
-    if (a == NULL)
-        return 0;
-
-    /* Print version. */
-    v = TS_TST_INFO_get_version(a);
-    BIO_printf(bio, "Version: %d\n", v);
-
-    /* Print policy id. */
-    BIO_printf(bio, "Policy OID: ");
-    policy_id = TS_TST_INFO_get_policy_id(a);
-    TS_OBJ_print_bio(bio, policy_id);
-
-    /* Print message imprint. */
-    TS_MSG_IMPRINT_print_bio(bio, TS_TST_INFO_get_msg_imprint(a));
-
-    /* Print serial number. */
-    BIO_printf(bio, "Serial number: ");
-    serial = TS_TST_INFO_get_serial(a);
-    if (serial == NULL)
-        BIO_printf(bio, "unspecified");
-    else
-        TS_ASN1_INTEGER_print_bio(bio, serial);
-    BIO_write(bio, "\n", 1);
-
-    /* Print time stamp. */
-    BIO_printf(bio, "Time stamp: ");
-    gtime = TS_TST_INFO_get_time(a);
-    ASN1_GENERALIZEDTIME_print(bio, gtime);
-    BIO_write(bio, "\n", 1);
-
-    /* Print accuracy. */
-    BIO_printf(bio, "Accuracy: ");
-    accuracy = TS_TST_INFO_get_accuracy(a);
-    if (accuracy == NULL)
-        BIO_printf(bio, "unspecified");
-    else
-        TS_ACCURACY_print_bio(bio, accuracy);
-    BIO_write(bio, "\n", 1);
-
-    /* Print ordering. */
-    BIO_printf(bio, "Ordering: %s\n",
-               TS_TST_INFO_get_ordering(a) ? "yes" : "no");
-
-    /* Print nonce. */
-    BIO_printf(bio, "Nonce: ");
-    nonce = TS_TST_INFO_get_nonce(a);
-    if (nonce == NULL)
-        BIO_printf(bio, "unspecified");
-    else
-        TS_ASN1_INTEGER_print_bio(bio, nonce);
-    BIO_write(bio, "\n", 1);
-
-    /* Print TSA name. */
-    BIO_printf(bio, "TSA: ");
-    tsa_name = TS_TST_INFO_get_tsa(a);
-    if (tsa_name == NULL)
-        BIO_printf(bio, "unspecified");
-    else {
-        STACK_OF(CONF_VALUE) *nval;
-        if ((nval = i2v_GENERAL_NAME(NULL, tsa_name, NULL)))
-            X509V3_EXT_val_prn(bio, nval, 0, 0);
-        sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
-    }
-    BIO_write(bio, "\n", 1);
-
-    /* Print extensions. */
-    TS_ext_print_bio(bio, TS_TST_INFO_get_exts(a));
-
-    return 1;
-}
-
-static int TS_ACCURACY_print_bio(BIO *bio, const TS_ACCURACY *accuracy)
-{
-    const ASN1_INTEGER *seconds = TS_ACCURACY_get_seconds(accuracy);
-    const ASN1_INTEGER *millis = TS_ACCURACY_get_millis(accuracy);
-    const ASN1_INTEGER *micros = TS_ACCURACY_get_micros(accuracy);
-
-    if (seconds != NULL)
-        TS_ASN1_INTEGER_print_bio(bio, seconds);
-    else
-        BIO_printf(bio, "unspecified");
-    BIO_printf(bio, " seconds, ");
-    if (millis != NULL)
-        TS_ASN1_INTEGER_print_bio(bio, millis);
-    else
-        BIO_printf(bio, "unspecified");
-    BIO_printf(bio, " millis, ");
-    if (micros != NULL)
-        TS_ASN1_INTEGER_print_bio(bio, micros);
-    else
-        BIO_printf(bio, "unspecified");
-    BIO_printf(bio, " micros");
-
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/ts/ts_rsp_sign.c b/thirdparty/openssl/crypto/ts/ts_rsp_sign.c
deleted file mode 100644
index db6ce3241f..0000000000
--- a/thirdparty/openssl/crypto/ts/ts_rsp_sign.c
+++ /dev/null
@@ -1,1020 +0,0 @@
-/* crypto/ts/ts_resp_sign.c */
-/*
- * Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
- * 2002.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-
-#if defined(OPENSSL_SYS_UNIX)
-# include <sys/time.h>
-#endif
-
-#include <openssl/objects.h>
-#include <openssl/ts.h>
-#include <openssl/pkcs7.h>
-
-/* Private function declarations. */
-
-static ASN1_INTEGER *def_serial_cb(struct TS_resp_ctx *, void *);
-static int def_time_cb(struct TS_resp_ctx *, void *, long *sec, long *usec);
-static int def_extension_cb(struct TS_resp_ctx *, X509_EXTENSION *, void *);
-
-static void TS_RESP_CTX_init(TS_RESP_CTX *ctx);
-static void TS_RESP_CTX_cleanup(TS_RESP_CTX *ctx);
-static int TS_RESP_check_request(TS_RESP_CTX *ctx);
-static ASN1_OBJECT *TS_RESP_get_policy(TS_RESP_CTX *ctx);
-static TS_TST_INFO *TS_RESP_create_tst_info(TS_RESP_CTX *ctx,
-                                            ASN1_OBJECT *policy);
-static int TS_RESP_process_extensions(TS_RESP_CTX *ctx);
-static int TS_RESP_sign(TS_RESP_CTX *ctx);
-
-static ESS_SIGNING_CERT *ESS_SIGNING_CERT_new_init(X509 *signcert,
-                                                   STACK_OF(X509) *certs);
-static ESS_CERT_ID *ESS_CERT_ID_new_init(X509 *cert, int issuer_needed);
-static int TS_TST_INFO_content_new(PKCS7 *p7);
-static int ESS_add_signing_cert(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc);
-
-static ASN1_GENERALIZEDTIME
-*TS_RESP_set_genTime_with_precision(ASN1_GENERALIZEDTIME *, long, long,
-                                    unsigned);
-
-/* Default callbacks for response generation. */
-
-static ASN1_INTEGER *def_serial_cb(struct TS_resp_ctx *ctx, void *data)
-{
-    ASN1_INTEGER *serial = ASN1_INTEGER_new();
-    if (!serial)
-        goto err;
-    if (!ASN1_INTEGER_set(serial, 1))
-        goto err;
-    return serial;
- err:
-    TSerr(TS_F_DEF_SERIAL_CB, ERR_R_MALLOC_FAILURE);
-    TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
-                                "Error during serial number generation.");
-    return NULL;
-}
-
-#if defined(OPENSSL_SYS_UNIX)
-
-/* Use the gettimeofday function call. */
-static int def_time_cb(struct TS_resp_ctx *ctx, void *data,
-                       long *sec, long *usec)
-{
-    struct timeval tv;
-    if (gettimeofday(&tv, NULL) != 0) {
-        TSerr(TS_F_DEF_TIME_CB, TS_R_TIME_SYSCALL_ERROR);
-        TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
-                                    "Time is not available.");
-        TS_RESP_CTX_add_failure_info(ctx, TS_INFO_TIME_NOT_AVAILABLE);
-        return 0;
-    }
-    /* Return time to caller. */
-    *sec = tv.tv_sec;
-    *usec = tv.tv_usec;
-
-    return 1;
-}
-
-#else
-
-/* Use the time function call that provides only seconds precision. */
-static int def_time_cb(struct TS_resp_ctx *ctx, void *data,
-                       long *sec, long *usec)
-{
-    time_t t;
-    if (time(&t) == (time_t)-1) {
-        TSerr(TS_F_DEF_TIME_CB, TS_R_TIME_SYSCALL_ERROR);
-        TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
-                                    "Time is not available.");
-        TS_RESP_CTX_add_failure_info(ctx, TS_INFO_TIME_NOT_AVAILABLE);
-        return 0;
-    }
-    /* Return time to caller, only second precision. */
-    *sec = (long)t;
-    *usec = 0;
-
-    return 1;
-}
-
-#endif
-
-static int def_extension_cb(struct TS_resp_ctx *ctx, X509_EXTENSION *ext,
-                            void *data)
-{
-    /* No extensions are processed here. */
-    TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
-                                "Unsupported extension.");
-    TS_RESP_CTX_add_failure_info(ctx, TS_INFO_UNACCEPTED_EXTENSION);
-    return 0;
-}
-
-/* TS_RESP_CTX management functions. */
-
-TS_RESP_CTX *TS_RESP_CTX_new()
-{
-    TS_RESP_CTX *ctx;
-
-    if (!(ctx = (TS_RESP_CTX *)OPENSSL_malloc(sizeof(TS_RESP_CTX)))) {
-        TSerr(TS_F_TS_RESP_CTX_NEW, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    memset(ctx, 0, sizeof(TS_RESP_CTX));
-
-    /* Setting default callbacks. */
-    ctx->serial_cb = def_serial_cb;
-    ctx->time_cb = def_time_cb;
-    ctx->extension_cb = def_extension_cb;
-
-    return ctx;
-}
-
-void TS_RESP_CTX_free(TS_RESP_CTX *ctx)
-{
-    if (!ctx)
-        return;
-
-    X509_free(ctx->signer_cert);
-    EVP_PKEY_free(ctx->signer_key);
-    sk_X509_pop_free(ctx->certs, X509_free);
-    sk_ASN1_OBJECT_pop_free(ctx->policies, ASN1_OBJECT_free);
-    ASN1_OBJECT_free(ctx->default_policy);
-    sk_EVP_MD_free(ctx->mds);   /* No EVP_MD_free method exists. */
-    ASN1_INTEGER_free(ctx->seconds);
-    ASN1_INTEGER_free(ctx->millis);
-    ASN1_INTEGER_free(ctx->micros);
-    OPENSSL_free(ctx);
-}
-
-int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer)
-{
-    if (X509_check_purpose(signer, X509_PURPOSE_TIMESTAMP_SIGN, 0) != 1) {
-        TSerr(TS_F_TS_RESP_CTX_SET_SIGNER_CERT,
-              TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE);
-        return 0;
-    }
-    if (ctx->signer_cert)
-        X509_free(ctx->signer_cert);
-    ctx->signer_cert = signer;
-    CRYPTO_add(&ctx->signer_cert->references, +1, CRYPTO_LOCK_X509);
-    return 1;
-}
-
-int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key)
-{
-    if (ctx->signer_key)
-        EVP_PKEY_free(ctx->signer_key);
-    ctx->signer_key = key;
-    CRYPTO_add(&ctx->signer_key->references, +1, CRYPTO_LOCK_EVP_PKEY);
-
-    return 1;
-}
-
-int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy)
-{
-    if (ctx->default_policy)
-        ASN1_OBJECT_free(ctx->default_policy);
-    if (!(ctx->default_policy = OBJ_dup(def_policy)))
-        goto err;
-    return 1;
- err:
-    TSerr(TS_F_TS_RESP_CTX_SET_DEF_POLICY, ERR_R_MALLOC_FAILURE);
-    return 0;
-}
-
-int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs)
-{
-
-    if (ctx->certs) {
-        sk_X509_pop_free(ctx->certs, X509_free);
-        ctx->certs = NULL;
-    }
-    if (!certs)
-        return 1;
-    if (!(ctx->certs = X509_chain_up_ref(certs))) {
-        TSerr(TS_F_TS_RESP_CTX_SET_CERTS, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-
-    return 1;
-}
-
-int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *policy)
-{
-    ASN1_OBJECT *copy = NULL;
-
-    /* Create new policy stack if necessary. */
-    if (!ctx->policies && !(ctx->policies = sk_ASN1_OBJECT_new_null()))
-        goto err;
-    if (!(copy = OBJ_dup(policy)))
-        goto err;
-    if (!sk_ASN1_OBJECT_push(ctx->policies, copy))
-        goto err;
-
-    return 1;
- err:
-    TSerr(TS_F_TS_RESP_CTX_ADD_POLICY, ERR_R_MALLOC_FAILURE);
-    ASN1_OBJECT_free(copy);
-    return 0;
-}
-
-int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md)
-{
-    /* Create new md stack if necessary. */
-    if (!ctx->mds && !(ctx->mds = sk_EVP_MD_new_null()))
-        goto err;
-    /* Add the shared md, no copy needed. */
-    if (!sk_EVP_MD_push(ctx->mds, (EVP_MD *)md))
-        goto err;
-
-    return 1;
- err:
-    TSerr(TS_F_TS_RESP_CTX_ADD_MD, ERR_R_MALLOC_FAILURE);
-    return 0;
-}
-
-#define TS_RESP_CTX_accuracy_free(ctx)          \
-        ASN1_INTEGER_free(ctx->seconds);        \
-        ctx->seconds = NULL;                    \
-        ASN1_INTEGER_free(ctx->millis);         \
-        ctx->millis = NULL;                     \
-        ASN1_INTEGER_free(ctx->micros);         \
-        ctx->micros = NULL;
-
-int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx,
-                             int secs, int millis, int micros)
-{
-
-    TS_RESP_CTX_accuracy_free(ctx);
-    if (secs && (!(ctx->seconds = ASN1_INTEGER_new())
-                 || !ASN1_INTEGER_set(ctx->seconds, secs)))
-        goto err;
-    if (millis && (!(ctx->millis = ASN1_INTEGER_new())
-                   || !ASN1_INTEGER_set(ctx->millis, millis)))
-        goto err;
-    if (micros && (!(ctx->micros = ASN1_INTEGER_new())
-                   || !ASN1_INTEGER_set(ctx->micros, micros)))
-        goto err;
-
-    return 1;
- err:
-    TS_RESP_CTX_accuracy_free(ctx);
-    TSerr(TS_F_TS_RESP_CTX_SET_ACCURACY, ERR_R_MALLOC_FAILURE);
-    return 0;
-}
-
-void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags)
-{
-    ctx->flags |= flags;
-}
-
-void TS_RESP_CTX_set_serial_cb(TS_RESP_CTX *ctx, TS_serial_cb cb, void *data)
-{
-    ctx->serial_cb = cb;
-    ctx->serial_cb_data = data;
-}
-
-void TS_RESP_CTX_set_time_cb(TS_RESP_CTX *ctx, TS_time_cb cb, void *data)
-{
-    ctx->time_cb = cb;
-    ctx->time_cb_data = data;
-}
-
-void TS_RESP_CTX_set_extension_cb(TS_RESP_CTX *ctx,
-                                  TS_extension_cb cb, void *data)
-{
-    ctx->extension_cb = cb;
-    ctx->extension_cb_data = data;
-}
-
-int TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx,
-                                int status, const char *text)
-{
-    TS_STATUS_INFO *si = NULL;
-    ASN1_UTF8STRING *utf8_text = NULL;
-    int ret = 0;
-
-    if (!(si = TS_STATUS_INFO_new()))
-        goto err;
-    if (!ASN1_INTEGER_set(si->status, status))
-        goto err;
-    if (text) {
-        if (!(utf8_text = ASN1_UTF8STRING_new())
-            || !ASN1_STRING_set(utf8_text, text, strlen(text)))
-            goto err;
-        if (!si->text && !(si->text = sk_ASN1_UTF8STRING_new_null()))
-            goto err;
-        if (!sk_ASN1_UTF8STRING_push(si->text, utf8_text))
-            goto err;
-        utf8_text = NULL;       /* Ownership is lost. */
-    }
-    if (!TS_RESP_set_status_info(ctx->response, si))
-        goto err;
-    ret = 1;
- err:
-    if (!ret)
-        TSerr(TS_F_TS_RESP_CTX_SET_STATUS_INFO, ERR_R_MALLOC_FAILURE);
-    TS_STATUS_INFO_free(si);
-    ASN1_UTF8STRING_free(utf8_text);
-    return ret;
-}
-
-int TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX *ctx,
-                                     int status, const char *text)
-{
-    int ret = 1;
-    TS_STATUS_INFO *si = TS_RESP_get_status_info(ctx->response);
-
-    if (ASN1_INTEGER_get(si->status) == TS_STATUS_GRANTED) {
-        /* Status has not been set, set it now. */
-        ret = TS_RESP_CTX_set_status_info(ctx, status, text);
-    }
-    return ret;
-}
-
-int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure)
-{
-    TS_STATUS_INFO *si = TS_RESP_get_status_info(ctx->response);
-    if (!si->failure_info && !(si->failure_info = ASN1_BIT_STRING_new()))
-        goto err;
-    if (!ASN1_BIT_STRING_set_bit(si->failure_info, failure, 1))
-        goto err;
-    return 1;
- err:
-    TSerr(TS_F_TS_RESP_CTX_ADD_FAILURE_INFO, ERR_R_MALLOC_FAILURE);
-    return 0;
-}
-
-TS_REQ *TS_RESP_CTX_get_request(TS_RESP_CTX *ctx)
-{
-    return ctx->request;
-}
-
-TS_TST_INFO *TS_RESP_CTX_get_tst_info(TS_RESP_CTX *ctx)
-{
-    return ctx->tst_info;
-}
-
-int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx,
-                                           unsigned precision)
-{
-    if (precision > TS_MAX_CLOCK_PRECISION_DIGITS)
-        return 0;
-    ctx->clock_precision_digits = precision;
-    return 1;
-}
-
-/* Main entry method of the response generation. */
-TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio)
-{
-    ASN1_OBJECT *policy;
-    TS_RESP *response;
-    int result = 0;
-
-    TS_RESP_CTX_init(ctx);
-
-    /* Creating the response object. */
-    if (!(ctx->response = TS_RESP_new())) {
-        TSerr(TS_F_TS_RESP_CREATE_RESPONSE, ERR_R_MALLOC_FAILURE);
-        goto end;
-    }
-
-    /* Parsing DER request. */
-    if (!(ctx->request = d2i_TS_REQ_bio(req_bio, NULL))) {
-        TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
-                                    "Bad request format or " "system error.");
-        TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_DATA_FORMAT);
-        goto end;
-    }
-
-    /* Setting default status info. */
-    if (!TS_RESP_CTX_set_status_info(ctx, TS_STATUS_GRANTED, NULL))
-        goto end;
-
-    /* Checking the request format. */
-    if (!TS_RESP_check_request(ctx))
-        goto end;
-
-    /* Checking acceptable policies. */
-    if (!(policy = TS_RESP_get_policy(ctx)))
-        goto end;
-
-    /* Creating the TS_TST_INFO object. */
-    if (!(ctx->tst_info = TS_RESP_create_tst_info(ctx, policy)))
-        goto end;
-
-    /* Processing extensions. */
-    if (!TS_RESP_process_extensions(ctx))
-        goto end;
-
-    /* Generating the signature. */
-    if (!TS_RESP_sign(ctx))
-        goto end;
-
-    /* Everything was successful. */
-    result = 1;
- end:
-    if (!result) {
-        TSerr(TS_F_TS_RESP_CREATE_RESPONSE, TS_R_RESPONSE_SETUP_ERROR);
-        if (ctx->response != NULL) {
-            if (TS_RESP_CTX_set_status_info_cond(ctx,
-                                                 TS_STATUS_REJECTION,
-                                                 "Error during response "
-                                                 "generation.") == 0) {
-                TS_RESP_free(ctx->response);
-                ctx->response = NULL;
-            }
-        }
-    }
-    response = ctx->response;
-    ctx->response = NULL;       /* Ownership will be returned to caller. */
-    TS_RESP_CTX_cleanup(ctx);
-    return response;
-}
-
-/* Initializes the variable part of the context. */
-static void TS_RESP_CTX_init(TS_RESP_CTX *ctx)
-{
-    ctx->request = NULL;
-    ctx->response = NULL;
-    ctx->tst_info = NULL;
-}
-
-/* Cleans up the variable part of the context. */
-static void TS_RESP_CTX_cleanup(TS_RESP_CTX *ctx)
-{
-    TS_REQ_free(ctx->request);
-    ctx->request = NULL;
-    TS_RESP_free(ctx->response);
-    ctx->response = NULL;
-    TS_TST_INFO_free(ctx->tst_info);
-    ctx->tst_info = NULL;
-}
-
-/* Checks the format and content of the request. */
-static int TS_RESP_check_request(TS_RESP_CTX *ctx)
-{
-    TS_REQ *request = ctx->request;
-    TS_MSG_IMPRINT *msg_imprint;
-    X509_ALGOR *md_alg;
-    int md_alg_id;
-    const ASN1_OCTET_STRING *digest;
-    EVP_MD *md = NULL;
-    int i;
-
-    /* Checking request version. */
-    if (TS_REQ_get_version(request) != 1) {
-        TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
-                                    "Bad request version.");
-        TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_REQUEST);
-        return 0;
-    }
-
-    /* Checking message digest algorithm. */
-    msg_imprint = TS_REQ_get_msg_imprint(request);
-    md_alg = TS_MSG_IMPRINT_get_algo(msg_imprint);
-    md_alg_id = OBJ_obj2nid(md_alg->algorithm);
-    for (i = 0; !md && i < sk_EVP_MD_num(ctx->mds); ++i) {
-        EVP_MD *current_md = sk_EVP_MD_value(ctx->mds, i);
-        if (md_alg_id == EVP_MD_type(current_md))
-            md = current_md;
-    }
-    if (!md) {
-        TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
-                                    "Message digest algorithm is "
-                                    "not supported.");
-        TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_ALG);
-        return 0;
-    }
-
-    /* No message digest takes parameter. */
-    if (md_alg->parameter && ASN1_TYPE_get(md_alg->parameter) != V_ASN1_NULL) {
-        TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
-                                    "Superfluous message digest "
-                                    "parameter.");
-        TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_ALG);
-        return 0;
-    }
-    /* Checking message digest size. */
-    digest = TS_MSG_IMPRINT_get_msg(msg_imprint);
-    if (digest->length != EVP_MD_size(md)) {
-        TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
-                                    "Bad message digest.");
-        TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_DATA_FORMAT);
-        return 0;
-    }
-
-    return 1;
-}
-
-/* Returns the TSA policy based on the requested and acceptable policies. */
-static ASN1_OBJECT *TS_RESP_get_policy(TS_RESP_CTX *ctx)
-{
-    ASN1_OBJECT *requested = TS_REQ_get_policy_id(ctx->request);
-    ASN1_OBJECT *policy = NULL;
-    int i;
-
-    if (ctx->default_policy == NULL) {
-        TSerr(TS_F_TS_RESP_GET_POLICY, TS_R_INVALID_NULL_POINTER);
-        return NULL;
-    }
-    /*
-     * Return the default policy if none is requested or the default is
-     * requested.
-     */
-    if (!requested || !OBJ_cmp(requested, ctx->default_policy))
-        policy = ctx->default_policy;
-
-    /* Check if the policy is acceptable. */
-    for (i = 0; !policy && i < sk_ASN1_OBJECT_num(ctx->policies); ++i) {
-        ASN1_OBJECT *current = sk_ASN1_OBJECT_value(ctx->policies, i);
-        if (!OBJ_cmp(requested, current))
-            policy = current;
-    }
-    if (!policy) {
-        TSerr(TS_F_TS_RESP_GET_POLICY, TS_R_UNACCEPTABLE_POLICY);
-        TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
-                                    "Requested policy is not " "supported.");
-        TS_RESP_CTX_add_failure_info(ctx, TS_INFO_UNACCEPTED_POLICY);
-    }
-    return policy;
-}
-
-/* Creates the TS_TST_INFO object based on the settings of the context. */
-static TS_TST_INFO *TS_RESP_create_tst_info(TS_RESP_CTX *ctx,
-                                            ASN1_OBJECT *policy)
-{
-    int result = 0;
-    TS_TST_INFO *tst_info = NULL;
-    ASN1_INTEGER *serial = NULL;
-    ASN1_GENERALIZEDTIME *asn1_time = NULL;
-    long sec, usec;
-    TS_ACCURACY *accuracy = NULL;
-    const ASN1_INTEGER *nonce;
-    GENERAL_NAME *tsa_name = NULL;
-
-    if (!(tst_info = TS_TST_INFO_new()))
-        goto end;
-    if (!TS_TST_INFO_set_version(tst_info, 1))
-        goto end;
-    if (!TS_TST_INFO_set_policy_id(tst_info, policy))
-        goto end;
-    if (!TS_TST_INFO_set_msg_imprint(tst_info, ctx->request->msg_imprint))
-        goto end;
-    if (!(serial = (*ctx->serial_cb) (ctx, ctx->serial_cb_data))
-        || !TS_TST_INFO_set_serial(tst_info, serial))
-        goto end;
-    if (!(*ctx->time_cb) (ctx, ctx->time_cb_data, &sec, &usec)
-        || !(asn1_time = TS_RESP_set_genTime_with_precision(NULL,
-                                                            sec, usec,
-                                                            ctx->clock_precision_digits))
-        || !TS_TST_INFO_set_time(tst_info, asn1_time))
-        goto end;
-
-    /* Setting accuracy if needed. */
-    if ((ctx->seconds || ctx->millis || ctx->micros)
-        && !(accuracy = TS_ACCURACY_new()))
-        goto end;
-
-    if (ctx->seconds && !TS_ACCURACY_set_seconds(accuracy, ctx->seconds))
-        goto end;
-    if (ctx->millis && !TS_ACCURACY_set_millis(accuracy, ctx->millis))
-        goto end;
-    if (ctx->micros && !TS_ACCURACY_set_micros(accuracy, ctx->micros))
-        goto end;
-    if (accuracy && !TS_TST_INFO_set_accuracy(tst_info, accuracy))
-        goto end;
-
-    /* Setting ordering. */
-    if ((ctx->flags & TS_ORDERING)
-        && !TS_TST_INFO_set_ordering(tst_info, 1))
-        goto end;
-
-    /* Setting nonce if needed. */
-    if ((nonce = TS_REQ_get_nonce(ctx->request)) != NULL
-        && !TS_TST_INFO_set_nonce(tst_info, nonce))
-        goto end;
-
-    /* Setting TSA name to subject of signer certificate. */
-    if (ctx->flags & TS_TSA_NAME) {
-        if (!(tsa_name = GENERAL_NAME_new()))
-            goto end;
-        tsa_name->type = GEN_DIRNAME;
-        tsa_name->d.dirn =
-            X509_NAME_dup(ctx->signer_cert->cert_info->subject);
-        if (!tsa_name->d.dirn)
-            goto end;
-        if (!TS_TST_INFO_set_tsa(tst_info, tsa_name))
-            goto end;
-    }
-
-    result = 1;
- end:
-    if (!result) {
-        TS_TST_INFO_free(tst_info);
-        tst_info = NULL;
-        TSerr(TS_F_TS_RESP_CREATE_TST_INFO, TS_R_TST_INFO_SETUP_ERROR);
-        TS_RESP_CTX_set_status_info_cond(ctx, TS_STATUS_REJECTION,
-                                         "Error during TSTInfo "
-                                         "generation.");
-    }
-    GENERAL_NAME_free(tsa_name);
-    TS_ACCURACY_free(accuracy);
-    ASN1_GENERALIZEDTIME_free(asn1_time);
-    ASN1_INTEGER_free(serial);
-
-    return tst_info;
-}
-
-/* Processing the extensions of the request. */
-static int TS_RESP_process_extensions(TS_RESP_CTX *ctx)
-{
-    STACK_OF(X509_EXTENSION) *exts = TS_REQ_get_exts(ctx->request);
-    int i;
-    int ok = 1;
-
-    for (i = 0; ok && i < sk_X509_EXTENSION_num(exts); ++i) {
-        X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i);
-        /*
-         * XXXXX The last argument was previously (void *)ctx->extension_cb,
-         * but ISO C doesn't permit converting a function pointer to void *.
-         * For lack of better information, I'm placing a NULL there instead.
-         * The callback can pick its own address out from the ctx anyway...
-         */
-        ok = (*ctx->extension_cb) (ctx, ext, NULL);
-    }
-
-    return ok;
-}
-
-/* Functions for signing the TS_TST_INFO structure of the context. */
-static int TS_RESP_sign(TS_RESP_CTX *ctx)
-{
-    int ret = 0;
-    PKCS7 *p7 = NULL;
-    PKCS7_SIGNER_INFO *si;
-    STACK_OF(X509) *certs;      /* Certificates to include in sc. */
-    ESS_SIGNING_CERT *sc = NULL;
-    ASN1_OBJECT *oid;
-    BIO *p7bio = NULL;
-    int i;
-
-    /* Check if signcert and pkey match. */
-    if (!X509_check_private_key(ctx->signer_cert, ctx->signer_key)) {
-        TSerr(TS_F_TS_RESP_SIGN, TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
-        goto err;
-    }
-
-    /* Create a new PKCS7 signed object. */
-    if (!(p7 = PKCS7_new())) {
-        TSerr(TS_F_TS_RESP_SIGN, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    if (!PKCS7_set_type(p7, NID_pkcs7_signed))
-        goto err;
-
-    /* Force SignedData version to be 3 instead of the default 1. */
-    if (!ASN1_INTEGER_set(p7->d.sign->version, 3))
-        goto err;
-
-    /* Add signer certificate and optional certificate chain. */
-    if (TS_REQ_get_cert_req(ctx->request)) {
-        PKCS7_add_certificate(p7, ctx->signer_cert);
-        if (ctx->certs) {
-            for (i = 0; i < sk_X509_num(ctx->certs); ++i) {
-                X509 *cert = sk_X509_value(ctx->certs, i);
-                PKCS7_add_certificate(p7, cert);
-            }
-        }
-    }
-
-    /* Add a new signer info. */
-    if (!(si = PKCS7_add_signature(p7, ctx->signer_cert,
-                                   ctx->signer_key, EVP_sha1()))) {
-        TSerr(TS_F_TS_RESP_SIGN, TS_R_PKCS7_ADD_SIGNATURE_ERROR);
-        goto err;
-    }
-
-    /* Add content type signed attribute to the signer info. */
-    oid = OBJ_nid2obj(NID_id_smime_ct_TSTInfo);
-    if (!PKCS7_add_signed_attribute(si, NID_pkcs9_contentType,
-                                    V_ASN1_OBJECT, oid)) {
-        TSerr(TS_F_TS_RESP_SIGN, TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR);
-        goto err;
-    }
-
-    /*
-     * Create the ESS SigningCertificate attribute which contains the signer
-     * certificate id and optionally the certificate chain.
-     */
-    certs = ctx->flags & TS_ESS_CERT_ID_CHAIN ? ctx->certs : NULL;
-    if (!(sc = ESS_SIGNING_CERT_new_init(ctx->signer_cert, certs)))
-        goto err;
-
-    /* Add SigningCertificate signed attribute to the signer info. */
-    if (!ESS_add_signing_cert(si, sc)) {
-        TSerr(TS_F_TS_RESP_SIGN, TS_R_ESS_ADD_SIGNING_CERT_ERROR);
-        goto err;
-    }
-
-    /* Add a new empty NID_id_smime_ct_TSTInfo encapsulated content. */
-    if (!TS_TST_INFO_content_new(p7))
-        goto err;
-
-    /* Add the DER encoded tst_info to the PKCS7 structure. */
-    if (!(p7bio = PKCS7_dataInit(p7, NULL))) {
-        TSerr(TS_F_TS_RESP_SIGN, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    /* Convert tst_info to DER. */
-    if (!i2d_TS_TST_INFO_bio(p7bio, ctx->tst_info)) {
-        TSerr(TS_F_TS_RESP_SIGN, TS_R_TS_DATASIGN);
-        goto err;
-    }
-
-    /* Create the signature and add it to the signer info. */
-    if (!PKCS7_dataFinal(p7, p7bio)) {
-        TSerr(TS_F_TS_RESP_SIGN, TS_R_TS_DATASIGN);
-        goto err;
-    }
-
-    /* Set new PKCS7 and TST_INFO objects. */
-    TS_RESP_set_tst_info(ctx->response, p7, ctx->tst_info);
-    p7 = NULL;                  /* Ownership is lost. */
-    ctx->tst_info = NULL;       /* Ownership is lost. */
-
-    ret = 1;
- err:
-    if (!ret)
-        TS_RESP_CTX_set_status_info_cond(ctx, TS_STATUS_REJECTION,
-                                         "Error during signature "
-                                         "generation.");
-    BIO_free_all(p7bio);
-    ESS_SIGNING_CERT_free(sc);
-    PKCS7_free(p7);
-    return ret;
-}
-
-static ESS_SIGNING_CERT *ESS_SIGNING_CERT_new_init(X509 *signcert,
-                                                   STACK_OF(X509) *certs)
-{
-    ESS_CERT_ID *cid;
-    ESS_SIGNING_CERT *sc = NULL;
-    int i;
-
-    /* Creating the ESS_CERT_ID stack. */
-    if (!(sc = ESS_SIGNING_CERT_new()))
-        goto err;
-    if (!sc->cert_ids && !(sc->cert_ids = sk_ESS_CERT_ID_new_null()))
-        goto err;
-
-    /* Adding the signing certificate id. */
-    if (!(cid = ESS_CERT_ID_new_init(signcert, 0))
-        || !sk_ESS_CERT_ID_push(sc->cert_ids, cid))
-        goto err;
-    /* Adding the certificate chain ids. */
-    for (i = 0; i < sk_X509_num(certs); ++i) {
-        X509 *cert = sk_X509_value(certs, i);
-        if (!(cid = ESS_CERT_ID_new_init(cert, 1))
-            || !sk_ESS_CERT_ID_push(sc->cert_ids, cid))
-            goto err;
-    }
-
-    return sc;
- err:
-    ESS_SIGNING_CERT_free(sc);
-    TSerr(TS_F_ESS_SIGNING_CERT_NEW_INIT, ERR_R_MALLOC_FAILURE);
-    return NULL;
-}
-
-static ESS_CERT_ID *ESS_CERT_ID_new_init(X509 *cert, int issuer_needed)
-{
-    ESS_CERT_ID *cid = NULL;
-    GENERAL_NAME *name = NULL;
-
-    /* Recompute SHA1 hash of certificate if necessary (side effect). */
-    X509_check_purpose(cert, -1, 0);
-
-    if (!(cid = ESS_CERT_ID_new()))
-        goto err;
-    if (!ASN1_OCTET_STRING_set(cid->hash, cert->sha1_hash,
-                               sizeof(cert->sha1_hash)))
-        goto err;
-
-    /* Setting the issuer/serial if requested. */
-    if (issuer_needed) {
-        /* Creating issuer/serial structure. */
-        if (!cid->issuer_serial
-            && !(cid->issuer_serial = ESS_ISSUER_SERIAL_new()))
-            goto err;
-        /* Creating general name from the certificate issuer. */
-        if (!(name = GENERAL_NAME_new()))
-            goto err;
-        name->type = GEN_DIRNAME;
-        if (!(name->d.dirn = X509_NAME_dup(cert->cert_info->issuer)))
-            goto err;
-        if (!sk_GENERAL_NAME_push(cid->issuer_serial->issuer, name))
-            goto err;
-        name = NULL;            /* Ownership is lost. */
-        /* Setting the serial number. */
-        ASN1_INTEGER_free(cid->issuer_serial->serial);
-        if (!(cid->issuer_serial->serial =
-              ASN1_INTEGER_dup(cert->cert_info->serialNumber)))
-            goto err;
-    }
-
-    return cid;
- err:
-    GENERAL_NAME_free(name);
-    ESS_CERT_ID_free(cid);
-    TSerr(TS_F_ESS_CERT_ID_NEW_INIT, ERR_R_MALLOC_FAILURE);
-    return NULL;
-}
-
-static int TS_TST_INFO_content_new(PKCS7 *p7)
-{
-    PKCS7 *ret = NULL;
-    ASN1_OCTET_STRING *octet_string = NULL;
-
-    /* Create new encapsulated NID_id_smime_ct_TSTInfo content. */
-    if (!(ret = PKCS7_new()))
-        goto err;
-    if (!(ret->d.other = ASN1_TYPE_new()))
-        goto err;
-    ret->type = OBJ_nid2obj(NID_id_smime_ct_TSTInfo);
-    if (!(octet_string = ASN1_OCTET_STRING_new()))
-        goto err;
-    ASN1_TYPE_set(ret->d.other, V_ASN1_OCTET_STRING, octet_string);
-    octet_string = NULL;
-
-    /* Add encapsulated content to signed PKCS7 structure. */
-    if (!PKCS7_set_content(p7, ret))
-        goto err;
-
-    return 1;
- err:
-    ASN1_OCTET_STRING_free(octet_string);
-    PKCS7_free(ret);
-    return 0;
-}
-
-static int ESS_add_signing_cert(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc)
-{
-    ASN1_STRING *seq = NULL;
-    unsigned char *p, *pp = NULL;
-    int len;
-
-    len = i2d_ESS_SIGNING_CERT(sc, NULL);
-    if (!(pp = (unsigned char *)OPENSSL_malloc(len))) {
-        TSerr(TS_F_ESS_ADD_SIGNING_CERT, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    p = pp;
-    i2d_ESS_SIGNING_CERT(sc, &p);
-    if (!(seq = ASN1_STRING_new()) || !ASN1_STRING_set(seq, pp, len)) {
-        TSerr(TS_F_ESS_ADD_SIGNING_CERT, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    OPENSSL_free(pp);
-    pp = NULL;
-    return PKCS7_add_signed_attribute(si,
-                                      NID_id_smime_aa_signingCertificate,
-                                      V_ASN1_SEQUENCE, seq);
- err:
-    ASN1_STRING_free(seq);
-    OPENSSL_free(pp);
-
-    return 0;
-}
-
-static ASN1_GENERALIZEDTIME
-*TS_RESP_set_genTime_with_precision(ASN1_GENERALIZEDTIME *asn1_time,
-                                    long sec, long usec, unsigned precision)
-{
-    time_t time_sec = (time_t)sec;
-    struct tm *tm = NULL;
-    char genTime_str[17 + TS_MAX_CLOCK_PRECISION_DIGITS];
-    char *p = genTime_str;
-    char *p_end = genTime_str + sizeof(genTime_str);
-
-    if (precision > TS_MAX_CLOCK_PRECISION_DIGITS)
-        goto err;
-
-    if (!(tm = gmtime(&time_sec)))
-        goto err;
-
-    /*
-     * Put "genTime_str" in GeneralizedTime format.  We work around the
-     * restrictions imposed by rfc3280 (i.e. "GeneralizedTime values MUST
-     * NOT include fractional seconds") and OpenSSL related functions to
-     * meet the rfc3161 requirement: "GeneralizedTime syntax can include
-     * fraction-of-second details".
-     */
-    p += BIO_snprintf(p, p_end - p,
-                      "%04d%02d%02d%02d%02d%02d",
-                      tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday,
-                      tm->tm_hour, tm->tm_min, tm->tm_sec);
-    if (precision > 0) {
-        /* Add fraction of seconds (leave space for dot and null). */
-        BIO_snprintf(p, 2 + precision, ".%06ld", usec);
-        /*
-         * We cannot use the snprintf return value, because it might have
-         * been truncated.
-         */
-        p += strlen(p);
-
-        /*
-         * To make things a bit harder, X.690 | ISO/IEC 8825-1 provides the
-         * following restrictions for a DER-encoding, which OpenSSL
-         * (specifically ASN1_GENERALIZEDTIME_check() function) doesn't
-         * support: "The encoding MUST terminate with a "Z" (which means
-         * "Zulu" time). The decimal point element, if present, MUST be the
-         * point option ".". The fractional-seconds elements, if present,
-         * MUST omit all trailing 0's; if the elements correspond to 0, they
-         * MUST be wholly omitted, and the decimal point element also MUST be
-         * omitted."
-         */
-        /*
-         * Remove trailing zeros. The dot guarantees the exit condition of
-         * this loop even if all the digits are zero.
-         */
-        while (*--p == '0')
-            /*
-             * empty
-             */ ;
-        /* p points to either the dot or the last non-zero digit. */
-        if (*p != '.')
-            ++p;
-    }
-    /* Add the trailing Z and the terminating null. */
-    *p++ = 'Z';
-    *p++ = '\0';
-
-    /* Now call OpenSSL to check and set our genTime value */
-    if (!asn1_time && !(asn1_time = M_ASN1_GENERALIZEDTIME_new()))
-        goto err;
-    if (!ASN1_GENERALIZEDTIME_set_string(asn1_time, genTime_str)) {
-        ASN1_GENERALIZEDTIME_free(asn1_time);
-        goto err;
-    }
-
-    return asn1_time;
- err:
-    TSerr(TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION, TS_R_COULD_NOT_SET_TIME);
-    return NULL;
-}
diff --git a/thirdparty/openssl/crypto/ts/ts_rsp_utils.c b/thirdparty/openssl/crypto/ts/ts_rsp_utils.c
deleted file mode 100644
index f6f63329a0..0000000000
--- a/thirdparty/openssl/crypto/ts/ts_rsp_utils.c
+++ /dev/null
@@ -1,396 +0,0 @@
-/* crypto/ts/ts_resp_utils.c */
-/*
- * Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
- * 2002.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/ts.h>
-#include <openssl/pkcs7.h>
-
-/* Function definitions. */
-
-int TS_RESP_set_status_info(TS_RESP *a, TS_STATUS_INFO *status_info)
-{
-    TS_STATUS_INFO *new_status_info;
-
-    if (a->status_info == status_info)
-        return 1;
-    new_status_info = TS_STATUS_INFO_dup(status_info);
-    if (new_status_info == NULL) {
-        TSerr(TS_F_TS_RESP_SET_STATUS_INFO, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    TS_STATUS_INFO_free(a->status_info);
-    a->status_info = new_status_info;
-
-    return 1;
-}
-
-TS_STATUS_INFO *TS_RESP_get_status_info(TS_RESP *a)
-{
-    return a->status_info;
-}
-
-/* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */
-void TS_RESP_set_tst_info(TS_RESP *a, PKCS7 *p7, TS_TST_INFO *tst_info)
-{
-    /* Set new PKCS7 and TST_INFO objects. */
-    PKCS7_free(a->token);
-    a->token = p7;
-    TS_TST_INFO_free(a->tst_info);
-    a->tst_info = tst_info;
-}
-
-PKCS7 *TS_RESP_get_token(TS_RESP *a)
-{
-    return a->token;
-}
-
-TS_TST_INFO *TS_RESP_get_tst_info(TS_RESP *a)
-{
-    return a->tst_info;
-}
-
-int TS_TST_INFO_set_version(TS_TST_INFO *a, long version)
-{
-    return ASN1_INTEGER_set(a->version, version);
-}
-
-long TS_TST_INFO_get_version(const TS_TST_INFO *a)
-{
-    return ASN1_INTEGER_get(a->version);
-}
-
-int TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy)
-{
-    ASN1_OBJECT *new_policy;
-
-    if (a->policy_id == policy)
-        return 1;
-    new_policy = OBJ_dup(policy);
-    if (new_policy == NULL) {
-        TSerr(TS_F_TS_TST_INFO_SET_POLICY_ID, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    ASN1_OBJECT_free(a->policy_id);
-    a->policy_id = new_policy;
-    return 1;
-}
-
-ASN1_OBJECT *TS_TST_INFO_get_policy_id(TS_TST_INFO *a)
-{
-    return a->policy_id;
-}
-
-int TS_TST_INFO_set_msg_imprint(TS_TST_INFO *a, TS_MSG_IMPRINT *msg_imprint)
-{
-    TS_MSG_IMPRINT *new_msg_imprint;
-
-    if (a->msg_imprint == msg_imprint)
-        return 1;
-    new_msg_imprint = TS_MSG_IMPRINT_dup(msg_imprint);
-    if (new_msg_imprint == NULL) {
-        TSerr(TS_F_TS_TST_INFO_SET_MSG_IMPRINT, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    TS_MSG_IMPRINT_free(a->msg_imprint);
-    a->msg_imprint = new_msg_imprint;
-    return 1;
-}
-
-TS_MSG_IMPRINT *TS_TST_INFO_get_msg_imprint(TS_TST_INFO *a)
-{
-    return a->msg_imprint;
-}
-
-int TS_TST_INFO_set_serial(TS_TST_INFO *a, const ASN1_INTEGER *serial)
-{
-    ASN1_INTEGER *new_serial;
-
-    if (a->serial == serial)
-        return 1;
-    new_serial = ASN1_INTEGER_dup(serial);
-    if (new_serial == NULL) {
-        TSerr(TS_F_TS_TST_INFO_SET_SERIAL, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    ASN1_INTEGER_free(a->serial);
-    a->serial = new_serial;
-    return 1;
-}
-
-const ASN1_INTEGER *TS_TST_INFO_get_serial(const TS_TST_INFO *a)
-{
-    return a->serial;
-}
-
-int TS_TST_INFO_set_time(TS_TST_INFO *a, const ASN1_GENERALIZEDTIME *gtime)
-{
-    ASN1_GENERALIZEDTIME *new_time;
-
-    if (a->time == gtime)
-        return 1;
-    new_time = M_ASN1_GENERALIZEDTIME_dup(gtime);
-    if (new_time == NULL) {
-        TSerr(TS_F_TS_TST_INFO_SET_TIME, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    ASN1_GENERALIZEDTIME_free(a->time);
-    a->time = new_time;
-    return 1;
-}
-
-const ASN1_GENERALIZEDTIME *TS_TST_INFO_get_time(const TS_TST_INFO *a)
-{
-    return a->time;
-}
-
-int TS_TST_INFO_set_accuracy(TS_TST_INFO *a, TS_ACCURACY *accuracy)
-{
-    TS_ACCURACY *new_accuracy;
-
-    if (a->accuracy == accuracy)
-        return 1;
-    new_accuracy = TS_ACCURACY_dup(accuracy);
-    if (new_accuracy == NULL) {
-        TSerr(TS_F_TS_TST_INFO_SET_ACCURACY, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    TS_ACCURACY_free(a->accuracy);
-    a->accuracy = new_accuracy;
-    return 1;
-}
-
-TS_ACCURACY *TS_TST_INFO_get_accuracy(TS_TST_INFO *a)
-{
-    return a->accuracy;
-}
-
-int TS_ACCURACY_set_seconds(TS_ACCURACY *a, const ASN1_INTEGER *seconds)
-{
-    ASN1_INTEGER *new_seconds;
-
-    if (a->seconds == seconds)
-        return 1;
-    new_seconds = ASN1_INTEGER_dup(seconds);
-    if (new_seconds == NULL) {
-        TSerr(TS_F_TS_ACCURACY_SET_SECONDS, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    ASN1_INTEGER_free(a->seconds);
-    a->seconds = new_seconds;
-    return 1;
-}
-
-const ASN1_INTEGER *TS_ACCURACY_get_seconds(const TS_ACCURACY *a)
-{
-    return a->seconds;
-}
-
-int TS_ACCURACY_set_millis(TS_ACCURACY *a, const ASN1_INTEGER *millis)
-{
-    ASN1_INTEGER *new_millis = NULL;
-
-    if (a->millis == millis)
-        return 1;
-    if (millis != NULL) {
-        new_millis = ASN1_INTEGER_dup(millis);
-        if (new_millis == NULL) {
-            TSerr(TS_F_TS_ACCURACY_SET_MILLIS, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-    }
-    ASN1_INTEGER_free(a->millis);
-    a->millis = new_millis;
-    return 1;
-}
-
-const ASN1_INTEGER *TS_ACCURACY_get_millis(const TS_ACCURACY *a)
-{
-    return a->millis;
-}
-
-int TS_ACCURACY_set_micros(TS_ACCURACY *a, const ASN1_INTEGER *micros)
-{
-    ASN1_INTEGER *new_micros = NULL;
-
-    if (a->micros == micros)
-        return 1;
-    if (micros != NULL) {
-        new_micros = ASN1_INTEGER_dup(micros);
-        if (new_micros == NULL) {
-            TSerr(TS_F_TS_ACCURACY_SET_MICROS, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-    }
-    ASN1_INTEGER_free(a->micros);
-    a->micros = new_micros;
-    return 1;
-}
-
-const ASN1_INTEGER *TS_ACCURACY_get_micros(const TS_ACCURACY *a)
-{
-    return a->micros;
-}
-
-int TS_TST_INFO_set_ordering(TS_TST_INFO *a, int ordering)
-{
-    a->ordering = ordering ? 0xFF : 0x00;
-    return 1;
-}
-
-int TS_TST_INFO_get_ordering(const TS_TST_INFO *a)
-{
-    return a->ordering ? 1 : 0;
-}
-
-int TS_TST_INFO_set_nonce(TS_TST_INFO *a, const ASN1_INTEGER *nonce)
-{
-    ASN1_INTEGER *new_nonce;
-
-    if (a->nonce == nonce)
-        return 1;
-    new_nonce = ASN1_INTEGER_dup(nonce);
-    if (new_nonce == NULL) {
-        TSerr(TS_F_TS_TST_INFO_SET_NONCE, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    ASN1_INTEGER_free(a->nonce);
-    a->nonce = new_nonce;
-    return 1;
-}
-
-const ASN1_INTEGER *TS_TST_INFO_get_nonce(const TS_TST_INFO *a)
-{
-    return a->nonce;
-}
-
-int TS_TST_INFO_set_tsa(TS_TST_INFO *a, GENERAL_NAME *tsa)
-{
-    GENERAL_NAME *new_tsa;
-
-    if (a->tsa == tsa)
-        return 1;
-    new_tsa = GENERAL_NAME_dup(tsa);
-    if (new_tsa == NULL) {
-        TSerr(TS_F_TS_TST_INFO_SET_TSA, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    GENERAL_NAME_free(a->tsa);
-    a->tsa = new_tsa;
-    return 1;
-}
-
-GENERAL_NAME *TS_TST_INFO_get_tsa(TS_TST_INFO *a)
-{
-    return a->tsa;
-}
-
-STACK_OF(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO *a)
-{
-    return a->extensions;
-}
-
-void TS_TST_INFO_ext_free(TS_TST_INFO *a)
-{
-    if (!a)
-        return;
-    sk_X509_EXTENSION_pop_free(a->extensions, X509_EXTENSION_free);
-    a->extensions = NULL;
-}
-
-int TS_TST_INFO_get_ext_count(TS_TST_INFO *a)
-{
-    return X509v3_get_ext_count(a->extensions);
-}
-
-int TS_TST_INFO_get_ext_by_NID(TS_TST_INFO *a, int nid, int lastpos)
-{
-    return X509v3_get_ext_by_NID(a->extensions, nid, lastpos);
-}
-
-int TS_TST_INFO_get_ext_by_OBJ(TS_TST_INFO *a, ASN1_OBJECT *obj, int lastpos)
-{
-    return X509v3_get_ext_by_OBJ(a->extensions, obj, lastpos);
-}
-
-int TS_TST_INFO_get_ext_by_critical(TS_TST_INFO *a, int crit, int lastpos)
-{
-    return X509v3_get_ext_by_critical(a->extensions, crit, lastpos);
-}
-
-X509_EXTENSION *TS_TST_INFO_get_ext(TS_TST_INFO *a, int loc)
-{
-    return X509v3_get_ext(a->extensions, loc);
-}
-
-X509_EXTENSION *TS_TST_INFO_delete_ext(TS_TST_INFO *a, int loc)
-{
-    return X509v3_delete_ext(a->extensions, loc);
-}
-
-int TS_TST_INFO_add_ext(TS_TST_INFO *a, X509_EXTENSION *ex, int loc)
-{
-    return X509v3_add_ext(&a->extensions, ex, loc) != NULL;
-}
-
-void *TS_TST_INFO_get_ext_d2i(TS_TST_INFO *a, int nid, int *crit, int *idx)
-{
-    return X509V3_get_d2i(a->extensions, nid, crit, idx);
-}
diff --git a/thirdparty/openssl/crypto/ts/ts_rsp_verify.c b/thirdparty/openssl/crypto/ts/ts_rsp_verify.c
deleted file mode 100644
index 7918236287..0000000000
--- a/thirdparty/openssl/crypto/ts/ts_rsp_verify.c
+++ /dev/null
@@ -1,746 +0,0 @@
-/* crypto/ts/ts_resp_verify.c */
-/*
- * Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
- * 2002.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/ts.h>
-#include <openssl/pkcs7.h>
-
-/* Private function declarations. */
-
-static int TS_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted,
-                          X509 *signer, STACK_OF(X509) **chain);
-static int TS_check_signing_certs(PKCS7_SIGNER_INFO *si,
-                                  STACK_OF(X509) *chain);
-static ESS_SIGNING_CERT *ESS_get_signing_cert(PKCS7_SIGNER_INFO *si);
-static int TS_find_cert(STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert);
-static int TS_issuer_serial_cmp(ESS_ISSUER_SERIAL *is, X509_CINF *cinfo);
-static int int_TS_RESP_verify_token(TS_VERIFY_CTX *ctx,
-                                    PKCS7 *token, TS_TST_INFO *tst_info);
-static int TS_check_status_info(TS_RESP *response);
-static char *TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text);
-static int TS_check_policy(ASN1_OBJECT *req_oid, TS_TST_INFO *tst_info);
-static int TS_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
-                              X509_ALGOR **md_alg,
-                              unsigned char **imprint, unsigned *imprint_len);
-static int TS_check_imprints(X509_ALGOR *algor_a,
-                             unsigned char *imprint_a, unsigned len_a,
-                             TS_TST_INFO *tst_info);
-static int TS_check_nonces(const ASN1_INTEGER *a, TS_TST_INFO *tst_info);
-static int TS_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer);
-static int TS_find_name(STACK_OF(GENERAL_NAME) *gen_names,
-                        GENERAL_NAME *name);
-
-/*
- * Local mapping between response codes and descriptions.
- * Don't forget to change TS_STATUS_BUF_SIZE when modifying
- * the elements of this array.
- */
-static const char *TS_status_text[] = { "granted",
-    "grantedWithMods",
-    "rejection",
-    "waiting",
-    "revocationWarning",
-    "revocationNotification"
-};
-
-#define TS_STATUS_TEXT_SIZE     (sizeof(TS_status_text)/sizeof(*TS_status_text))
-
-/*
- * This must be greater or equal to the sum of the strings in TS_status_text
- * plus the number of its elements.
- */
-#define TS_STATUS_BUF_SIZE      256
-
-static struct {
-    int code;
-    const char *text;
-} TS_failure_info[] = {
-    {
-        TS_INFO_BAD_ALG, "badAlg"
-    },
-    {
-        TS_INFO_BAD_REQUEST, "badRequest"
-    },
-    {
-        TS_INFO_BAD_DATA_FORMAT, "badDataFormat"
-    },
-    {
-        TS_INFO_TIME_NOT_AVAILABLE, "timeNotAvailable"
-    },
-    {
-        TS_INFO_UNACCEPTED_POLICY, "unacceptedPolicy"
-    },
-    {
-        TS_INFO_UNACCEPTED_EXTENSION, "unacceptedExtension"
-    },
-    {
-        TS_INFO_ADD_INFO_NOT_AVAILABLE, "addInfoNotAvailable"
-    },
-    {
-        TS_INFO_SYSTEM_FAILURE, "systemFailure"
-    }
-};
-
-#define TS_FAILURE_INFO_SIZE    (sizeof(TS_failure_info) / \
-                                sizeof(*TS_failure_info))
-
-/* Functions for verifying a signed TS_TST_INFO structure. */
-
-/*-
- * This function carries out the following tasks:
- *      - Checks if there is one and only one signer.
- *      - Search for the signing certificate in 'certs' and in the response.
- *      - Check the extended key usage and key usage fields of the signer
- *      certificate (done by the path validation).
- *      - Build and validate the certificate path.
- *      - Check if the certificate path meets the requirements of the
- *      SigningCertificate ESS signed attribute.
- *      - Verify the signature value.
- *      - Returns the signer certificate in 'signer', if 'signer' is not NULL.
- */
-int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
-                             X509_STORE *store, X509 **signer_out)
-{
-    STACK_OF(PKCS7_SIGNER_INFO) *sinfos = NULL;
-    PKCS7_SIGNER_INFO *si;
-    STACK_OF(X509) *signers = NULL;
-    X509 *signer;
-    STACK_OF(X509) *chain = NULL;
-    char buf[4096];
-    int i, j = 0, ret = 0;
-    BIO *p7bio = NULL;
-
-    /* Some sanity checks first. */
-    if (!token) {
-        TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_INVALID_NULL_POINTER);
-        goto err;
-    }
-
-    /* Check for the correct content type */
-    if (!PKCS7_type_is_signed(token)) {
-        TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_WRONG_CONTENT_TYPE);
-        goto err;
-    }
-
-    /* Check if there is one and only one signer. */
-    sinfos = PKCS7_get_signer_info(token);
-    if (!sinfos || sk_PKCS7_SIGNER_INFO_num(sinfos) != 1) {
-        TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_THERE_MUST_BE_ONE_SIGNER);
-        goto err;
-    }
-    si = sk_PKCS7_SIGNER_INFO_value(sinfos, 0);
-
-    /* Check for no content: no data to verify signature. */
-    if (PKCS7_get_detached(token)) {
-        TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_NO_CONTENT);
-        goto err;
-    }
-
-    /*
-     * Get hold of the signer certificate, search only internal certificates
-     * if it was requested.
-     */
-    signers = PKCS7_get0_signers(token, certs, 0);
-    if (!signers || sk_X509_num(signers) != 1)
-        goto err;
-    signer = sk_X509_value(signers, 0);
-
-    /* Now verify the certificate. */
-    if (!TS_verify_cert(store, certs, signer, &chain))
-        goto err;
-
-    /*
-     * Check if the signer certificate is consistent with the ESS extension.
-     */
-    if (!TS_check_signing_certs(si, chain))
-        goto err;
-
-    /* Creating the message digest. */
-    p7bio = PKCS7_dataInit(token, NULL);
-
-    /* We now have to 'read' from p7bio to calculate digests etc. */
-    while ((i = BIO_read(p7bio, buf, sizeof(buf))) > 0) ;
-
-    /* Verifying the signature. */
-    j = PKCS7_signatureVerify(p7bio, token, si, signer);
-    if (j <= 0) {
-        TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_SIGNATURE_FAILURE);
-        goto err;
-    }
-
-    /* Return the signer certificate if needed. */
-    if (signer_out) {
-        *signer_out = signer;
-        CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509);
-    }
-
-    ret = 1;
-
- err:
-    BIO_free_all(p7bio);
-    sk_X509_pop_free(chain, X509_free);
-    sk_X509_free(signers);
-
-    return ret;
-}
-
-/*
- * The certificate chain is returned in chain. Caller is responsible for
- * freeing the vector.
- */
-static int TS_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted,
-                          X509 *signer, STACK_OF(X509) **chain)
-{
-    X509_STORE_CTX cert_ctx;
-    int i;
-    int ret = 1;
-
-    /* chain is an out argument. */
-    *chain = NULL;
-    if (!X509_STORE_CTX_init(&cert_ctx, store, signer, untrusted))
-        return 0;
-    X509_STORE_CTX_set_purpose(&cert_ctx, X509_PURPOSE_TIMESTAMP_SIGN);
-    i = X509_verify_cert(&cert_ctx);
-    if (i <= 0) {
-        int j = X509_STORE_CTX_get_error(&cert_ctx);
-        TSerr(TS_F_TS_VERIFY_CERT, TS_R_CERTIFICATE_VERIFY_ERROR);
-        ERR_add_error_data(2, "Verify error:",
-                           X509_verify_cert_error_string(j));
-        ret = 0;
-    } else {
-        /* Get a copy of the certificate chain. */
-        *chain = X509_STORE_CTX_get1_chain(&cert_ctx);
-    }
-
-    X509_STORE_CTX_cleanup(&cert_ctx);
-
-    return ret;
-}
-
-static int TS_check_signing_certs(PKCS7_SIGNER_INFO *si,
-                                  STACK_OF(X509) *chain)
-{
-    ESS_SIGNING_CERT *ss = ESS_get_signing_cert(si);
-    STACK_OF(ESS_CERT_ID) *cert_ids = NULL;
-    X509 *cert;
-    int i = 0;
-    int ret = 0;
-
-    if (!ss)
-        goto err;
-    cert_ids = ss->cert_ids;
-    /* The signer certificate must be the first in cert_ids. */
-    cert = sk_X509_value(chain, 0);
-    if (TS_find_cert(cert_ids, cert) != 0)
-        goto err;
-
-    /*
-     * Check the other certificates of the chain if there are more than one
-     * certificate ids in cert_ids.
-     */
-    if (sk_ESS_CERT_ID_num(cert_ids) > 1) {
-        /* All the certificates of the chain must be in cert_ids. */
-        for (i = 1; i < sk_X509_num(chain); ++i) {
-            cert = sk_X509_value(chain, i);
-            if (TS_find_cert(cert_ids, cert) < 0)
-                goto err;
-        }
-    }
-    ret = 1;
- err:
-    if (!ret)
-        TSerr(TS_F_TS_CHECK_SIGNING_CERTS,
-              TS_R_ESS_SIGNING_CERTIFICATE_ERROR);
-    ESS_SIGNING_CERT_free(ss);
-    return ret;
-}
-
-static ESS_SIGNING_CERT *ESS_get_signing_cert(PKCS7_SIGNER_INFO *si)
-{
-    ASN1_TYPE *attr;
-    const unsigned char *p;
-    attr = PKCS7_get_signed_attribute(si, NID_id_smime_aa_signingCertificate);
-    if (!attr)
-        return NULL;
-    p = attr->value.sequence->data;
-    return d2i_ESS_SIGNING_CERT(NULL, &p, attr->value.sequence->length);
-}
-
-/* Returns < 0 if certificate is not found, certificate index otherwise. */
-static int TS_find_cert(STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert)
-{
-    int i;
-
-    if (!cert_ids || !cert)
-        return -1;
-
-    /* Recompute SHA1 hash of certificate if necessary (side effect). */
-    X509_check_purpose(cert, -1, 0);
-
-    /* Look for cert in the cert_ids vector. */
-    for (i = 0; i < sk_ESS_CERT_ID_num(cert_ids); ++i) {
-        ESS_CERT_ID *cid = sk_ESS_CERT_ID_value(cert_ids, i);
-
-        /* Check the SHA-1 hash first. */
-        if (cid->hash->length == sizeof(cert->sha1_hash)
-            && !memcmp(cid->hash->data, cert->sha1_hash,
-                       sizeof(cert->sha1_hash))) {
-            /* Check the issuer/serial as well if specified. */
-            ESS_ISSUER_SERIAL *is = cid->issuer_serial;
-            if (!is || !TS_issuer_serial_cmp(is, cert->cert_info))
-                return i;
-        }
-    }
-
-    return -1;
-}
-
-static int TS_issuer_serial_cmp(ESS_ISSUER_SERIAL *is, X509_CINF *cinfo)
-{
-    GENERAL_NAME *issuer;
-
-    if (!is || !cinfo || sk_GENERAL_NAME_num(is->issuer) != 1)
-        return -1;
-
-    /* Check the issuer first. It must be a directory name. */
-    issuer = sk_GENERAL_NAME_value(is->issuer, 0);
-    if (issuer->type != GEN_DIRNAME
-        || X509_NAME_cmp(issuer->d.dirn, cinfo->issuer))
-        return -1;
-
-    /* Check the serial number, too. */
-    if (ASN1_INTEGER_cmp(is->serial, cinfo->serialNumber))
-        return -1;
-
-    return 0;
-}
-
-/*-
- * Verifies whether 'response' contains a valid response with regards
- * to the settings of the context:
- *      - Gives an error message if the TS_TST_INFO is not present.
- *      - Calls _TS_RESP_verify_token to verify the token content.
- */
-int TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response)
-{
-    PKCS7 *token = TS_RESP_get_token(response);
-    TS_TST_INFO *tst_info = TS_RESP_get_tst_info(response);
-    int ret = 0;
-
-    /* Check if we have a successful TS_TST_INFO object in place. */
-    if (!TS_check_status_info(response))
-        goto err;
-
-    /* Check the contents of the time stamp token. */
-    if (!int_TS_RESP_verify_token(ctx, token, tst_info))
-        goto err;
-
-    ret = 1;
- err:
-    return ret;
-}
-
-/*
- * Tries to extract a TS_TST_INFO structure from the PKCS7 token and
- * calls the internal int_TS_RESP_verify_token function for verifying it.
- */
-int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token)
-{
-    TS_TST_INFO *tst_info = PKCS7_to_TS_TST_INFO(token);
-    int ret = 0;
-    if (tst_info) {
-        ret = int_TS_RESP_verify_token(ctx, token, tst_info);
-        TS_TST_INFO_free(tst_info);
-    }
-    return ret;
-}
-
-/*-
- * Verifies whether the 'token' contains a valid time stamp token
- * with regards to the settings of the context. Only those checks are
- * carried out that are specified in the context:
- *      - Verifies the signature of the TS_TST_INFO.
- *      - Checks the version number of the response.
- *      - Check if the requested and returned policies math.
- *      - Check if the message imprints are the same.
- *      - Check if the nonces are the same.
- *      - Check if the TSA name matches the signer.
- *      - Check if the TSA name is the expected TSA.
- */
-static int int_TS_RESP_verify_token(TS_VERIFY_CTX *ctx,
-                                    PKCS7 *token, TS_TST_INFO *tst_info)
-{
-    X509 *signer = NULL;
-    GENERAL_NAME *tsa_name = TS_TST_INFO_get_tsa(tst_info);
-    X509_ALGOR *md_alg = NULL;
-    unsigned char *imprint = NULL;
-    unsigned imprint_len = 0;
-    int ret = 0;
-    int flags = ctx->flags;
-
-    /* Some options require us to also check the signature */
-    if (((flags & TS_VFY_SIGNER) && tsa_name != NULL)
-            || (flags & TS_VFY_TSA_NAME)) {
-        flags |= TS_VFY_SIGNATURE;
-    }
-
-    /* Verify the signature. */
-    if ((flags & TS_VFY_SIGNATURE)
-        && !TS_RESP_verify_signature(token, ctx->certs, ctx->store, &signer))
-        goto err;
-
-    /* Check version number of response. */
-    if ((flags & TS_VFY_VERSION)
-        && TS_TST_INFO_get_version(tst_info) != 1) {
-        TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_UNSUPPORTED_VERSION);
-        goto err;
-    }
-
-    /* Check policies. */
-    if ((flags & TS_VFY_POLICY)
-        && !TS_check_policy(ctx->policy, tst_info))
-        goto err;
-
-    /* Check message imprints. */
-    if ((flags & TS_VFY_IMPRINT)
-        && !TS_check_imprints(ctx->md_alg, ctx->imprint, ctx->imprint_len,
-                              tst_info))
-        goto err;
-
-    /* Compute and check message imprints. */
-    if ((flags & TS_VFY_DATA)
-        && (!TS_compute_imprint(ctx->data, tst_info,
-                                &md_alg, &imprint, &imprint_len)
-            || !TS_check_imprints(md_alg, imprint, imprint_len, tst_info)))
-        goto err;
-
-    /* Check nonces. */
-    if ((flags & TS_VFY_NONCE)
-        && !TS_check_nonces(ctx->nonce, tst_info))
-        goto err;
-
-    /* Check whether TSA name and signer certificate match. */
-    if ((flags & TS_VFY_SIGNER)
-        && tsa_name && !TS_check_signer_name(tsa_name, signer)) {
-        TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_TSA_NAME_MISMATCH);
-        goto err;
-    }
-
-    /* Check whether the TSA is the expected one. */
-    if ((flags & TS_VFY_TSA_NAME)
-        && !TS_check_signer_name(ctx->tsa_name, signer)) {
-        TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_TSA_UNTRUSTED);
-        goto err;
-    }
-
-    ret = 1;
- err:
-    X509_free(signer);
-    X509_ALGOR_free(md_alg);
-    OPENSSL_free(imprint);
-    return ret;
-}
-
-static int TS_check_status_info(TS_RESP *response)
-{
-    TS_STATUS_INFO *info = TS_RESP_get_status_info(response);
-    long status = ASN1_INTEGER_get(info->status);
-    const char *status_text = NULL;
-    char *embedded_status_text = NULL;
-    char failure_text[TS_STATUS_BUF_SIZE] = "";
-
-    /* Check if everything went fine. */
-    if (status == 0 || status == 1)
-        return 1;
-
-    /* There was an error, get the description in status_text. */
-    if (0 <= status && status < (long)TS_STATUS_TEXT_SIZE)
-        status_text = TS_status_text[status];
-    else
-        status_text = "unknown code";
-
-    /* Set the embedded_status_text to the returned description. */
-    if (sk_ASN1_UTF8STRING_num(info->text) > 0
-        && !(embedded_status_text = TS_get_status_text(info->text)))
-        return 0;
-
-    /* Filling in failure_text with the failure information. */
-    if (info->failure_info) {
-        int i;
-        int first = 1;
-        for (i = 0; i < (int)TS_FAILURE_INFO_SIZE; ++i) {
-            if (ASN1_BIT_STRING_get_bit(info->failure_info,
-                                        TS_failure_info[i].code)) {
-                if (!first)
-                    strcat(failure_text, ",");
-                else
-                    first = 0;
-                strcat(failure_text, TS_failure_info[i].text);
-            }
-        }
-    }
-    if (failure_text[0] == '\0')
-        strcpy(failure_text, "unspecified");
-
-    /* Making up the error string. */
-    TSerr(TS_F_TS_CHECK_STATUS_INFO, TS_R_NO_TIME_STAMP_TOKEN);
-    ERR_add_error_data(6,
-                       "status code: ", status_text,
-                       ", status text: ", embedded_status_text ?
-                       embedded_status_text : "unspecified",
-                       ", failure codes: ", failure_text);
-    OPENSSL_free(embedded_status_text);
-
-    return 0;
-}
-
-static char *TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text)
-{
-    int i;
-    int length = 0;
-    char *result = NULL;
-    char *p;
-
-    /* Determine length first. */
-    for (i = 0; i < sk_ASN1_UTF8STRING_num(text); ++i) {
-        ASN1_UTF8STRING *current = sk_ASN1_UTF8STRING_value(text, i);
-        if (ASN1_STRING_length(current) > TS_MAX_STATUS_LENGTH - length - 1)
-            return NULL;
-        length += ASN1_STRING_length(current);
-        length += 1;            /* separator character */
-    }
-    /* Allocate memory (closing '\0' included). */
-    if (!(result = OPENSSL_malloc(length))) {
-        TSerr(TS_F_TS_GET_STATUS_TEXT, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    /* Concatenate the descriptions. */
-    for (i = 0, p = result; i < sk_ASN1_UTF8STRING_num(text); ++i) {
-        ASN1_UTF8STRING *current = sk_ASN1_UTF8STRING_value(text, i);
-        length = ASN1_STRING_length(current);
-        if (i > 0)
-            *p++ = '/';
-        strncpy(p, (const char *)ASN1_STRING_data(current), length);
-        p += length;
-    }
-    /* We do have space for this, too. */
-    *p = '\0';
-
-    return result;
-}
-
-static int TS_check_policy(ASN1_OBJECT *req_oid, TS_TST_INFO *tst_info)
-{
-    ASN1_OBJECT *resp_oid = TS_TST_INFO_get_policy_id(tst_info);
-
-    if (OBJ_cmp(req_oid, resp_oid) != 0) {
-        TSerr(TS_F_TS_CHECK_POLICY, TS_R_POLICY_MISMATCH);
-        return 0;
-    }
-
-    return 1;
-}
-
-static int TS_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
-                              X509_ALGOR **md_alg,
-                              unsigned char **imprint, unsigned *imprint_len)
-{
-    TS_MSG_IMPRINT *msg_imprint = TS_TST_INFO_get_msg_imprint(tst_info);
-    X509_ALGOR *md_alg_resp = TS_MSG_IMPRINT_get_algo(msg_imprint);
-    const EVP_MD *md;
-    EVP_MD_CTX md_ctx;
-    unsigned char buffer[4096];
-    int length;
-
-    *md_alg = NULL;
-    *imprint = NULL;
-
-    /* Return the MD algorithm of the response. */
-    if (!(*md_alg = X509_ALGOR_dup(md_alg_resp)))
-        goto err;
-
-    /* Getting the MD object. */
-    if (!(md = EVP_get_digestbyobj((*md_alg)->algorithm))) {
-        TSerr(TS_F_TS_COMPUTE_IMPRINT, TS_R_UNSUPPORTED_MD_ALGORITHM);
-        goto err;
-    }
-
-    /* Compute message digest. */
-    length = EVP_MD_size(md);
-    if (length < 0)
-        goto err;
-    *imprint_len = length;
-    if (!(*imprint = OPENSSL_malloc(*imprint_len))) {
-        TSerr(TS_F_TS_COMPUTE_IMPRINT, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (!EVP_DigestInit(&md_ctx, md))
-        goto err;
-    while ((length = BIO_read(data, buffer, sizeof(buffer))) > 0) {
-        if (!EVP_DigestUpdate(&md_ctx, buffer, length))
-            goto err;
-    }
-    if (!EVP_DigestFinal(&md_ctx, *imprint, NULL))
-        goto err;
-
-    return 1;
- err:
-    X509_ALGOR_free(*md_alg);
-    OPENSSL_free(*imprint);
-    *imprint_len = 0;
-    *imprint = 0;
-    return 0;
-}
-
-static int TS_check_imprints(X509_ALGOR *algor_a,
-                             unsigned char *imprint_a, unsigned len_a,
-                             TS_TST_INFO *tst_info)
-{
-    TS_MSG_IMPRINT *b = TS_TST_INFO_get_msg_imprint(tst_info);
-    X509_ALGOR *algor_b = TS_MSG_IMPRINT_get_algo(b);
-    int ret = 0;
-
-    /* algor_a is optional. */
-    if (algor_a) {
-        /* Compare algorithm OIDs. */
-        if (OBJ_cmp(algor_a->algorithm, algor_b->algorithm))
-            goto err;
-
-        /* The parameter must be NULL in both. */
-        if ((algor_a->parameter
-             && ASN1_TYPE_get(algor_a->parameter) != V_ASN1_NULL)
-            || (algor_b->parameter
-                && ASN1_TYPE_get(algor_b->parameter) != V_ASN1_NULL))
-            goto err;
-    }
-
-    /* Compare octet strings. */
-    ret = len_a == (unsigned)ASN1_STRING_length(b->hashed_msg) &&
-        memcmp(imprint_a, ASN1_STRING_data(b->hashed_msg), len_a) == 0;
- err:
-    if (!ret)
-        TSerr(TS_F_TS_CHECK_IMPRINTS, TS_R_MESSAGE_IMPRINT_MISMATCH);
-    return ret;
-}
-
-static int TS_check_nonces(const ASN1_INTEGER *a, TS_TST_INFO *tst_info)
-{
-    const ASN1_INTEGER *b = TS_TST_INFO_get_nonce(tst_info);
-
-    /* Error if nonce is missing. */
-    if (!b) {
-        TSerr(TS_F_TS_CHECK_NONCES, TS_R_NONCE_NOT_RETURNED);
-        return 0;
-    }
-
-    /* No error if a nonce is returned without being requested. */
-    if (ASN1_INTEGER_cmp(a, b) != 0) {
-        TSerr(TS_F_TS_CHECK_NONCES, TS_R_NONCE_MISMATCH);
-        return 0;
-    }
-
-    return 1;
-}
-
-/*
- * Check if the specified TSA name matches either the subject or one of the
- * subject alternative names of the TSA certificate.
- */
-static int TS_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer)
-{
-    STACK_OF(GENERAL_NAME) *gen_names = NULL;
-    int idx = -1;
-    int found = 0;
-
-    /* Check the subject name first. */
-    if (tsa_name->type == GEN_DIRNAME
-        && X509_name_cmp(tsa_name->d.dirn, signer->cert_info->subject) == 0)
-        return 1;
-
-    /* Check all the alternative names. */
-    gen_names = X509_get_ext_d2i(signer, NID_subject_alt_name, NULL, &idx);
-    while (gen_names != NULL
-           && !(found = TS_find_name(gen_names, tsa_name) >= 0)) {
-        /*
-         * Get the next subject alternative name, although there should be no
-         * more than one.
-         */
-        GENERAL_NAMES_free(gen_names);
-        gen_names = X509_get_ext_d2i(signer, NID_subject_alt_name,
-                                     NULL, &idx);
-    }
-    if (gen_names)
-        GENERAL_NAMES_free(gen_names);
-
-    return found;
-}
-
-/* Returns 1 if name is in gen_names, 0 otherwise. */
-static int TS_find_name(STACK_OF(GENERAL_NAME) *gen_names, GENERAL_NAME *name)
-{
-    int i, found;
-    for (i = 0, found = 0; !found && i < sk_GENERAL_NAME_num(gen_names); ++i) {
-        GENERAL_NAME *current = sk_GENERAL_NAME_value(gen_names, i);
-        found = GENERAL_NAME_cmp(current, name) == 0;
-    }
-    return found ? i - 1 : -1;
-}
diff --git a/thirdparty/openssl/crypto/ts/ts_verify_ctx.c b/thirdparty/openssl/crypto/ts/ts_verify_ctx.c
deleted file mode 100644
index 3e6fcb57be..0000000000
--- a/thirdparty/openssl/crypto/ts/ts_verify_ctx.c
+++ /dev/null
@@ -1,162 +0,0 @@
-/* crypto/ts/ts_verify_ctx.c */
-/*
- * Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
- * 2003.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/ts.h>
-
-TS_VERIFY_CTX *TS_VERIFY_CTX_new(void)
-{
-    TS_VERIFY_CTX *ctx =
-        (TS_VERIFY_CTX *)OPENSSL_malloc(sizeof(TS_VERIFY_CTX));
-    if (ctx)
-        memset(ctx, 0, sizeof(TS_VERIFY_CTX));
-    else
-        TSerr(TS_F_TS_VERIFY_CTX_NEW, ERR_R_MALLOC_FAILURE);
-    return ctx;
-}
-
-void TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx)
-{
-    OPENSSL_assert(ctx != NULL);
-    memset(ctx, 0, sizeof(TS_VERIFY_CTX));
-}
-
-void TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx)
-{
-    if (!ctx)
-        return;
-
-    TS_VERIFY_CTX_cleanup(ctx);
-    OPENSSL_free(ctx);
-}
-
-void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx)
-{
-    if (!ctx)
-        return;
-
-    X509_STORE_free(ctx->store);
-    sk_X509_pop_free(ctx->certs, X509_free);
-
-    ASN1_OBJECT_free(ctx->policy);
-
-    X509_ALGOR_free(ctx->md_alg);
-    OPENSSL_free(ctx->imprint);
-
-    BIO_free_all(ctx->data);
-
-    ASN1_INTEGER_free(ctx->nonce);
-
-    GENERAL_NAME_free(ctx->tsa_name);
-
-    TS_VERIFY_CTX_init(ctx);
-}
-
-TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx)
-{
-    TS_VERIFY_CTX *ret = ctx;
-    ASN1_OBJECT *policy;
-    TS_MSG_IMPRINT *imprint;
-    X509_ALGOR *md_alg;
-    ASN1_OCTET_STRING *msg;
-    const ASN1_INTEGER *nonce;
-
-    OPENSSL_assert(req != NULL);
-    if (ret)
-        TS_VERIFY_CTX_cleanup(ret);
-    else if (!(ret = TS_VERIFY_CTX_new()))
-        return NULL;
-
-    /* Setting flags. */
-    ret->flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE);
-
-    /* Setting policy. */
-    if ((policy = TS_REQ_get_policy_id(req)) != NULL) {
-        if (!(ret->policy = OBJ_dup(policy)))
-            goto err;
-    } else
-        ret->flags &= ~TS_VFY_POLICY;
-
-    /* Setting md_alg, imprint and imprint_len. */
-    imprint = TS_REQ_get_msg_imprint(req);
-    md_alg = TS_MSG_IMPRINT_get_algo(imprint);
-    if (!(ret->md_alg = X509_ALGOR_dup(md_alg)))
-        goto err;
-    msg = TS_MSG_IMPRINT_get_msg(imprint);
-    ret->imprint_len = ASN1_STRING_length(msg);
-    if (!(ret->imprint = OPENSSL_malloc(ret->imprint_len)))
-        goto err;
-    memcpy(ret->imprint, ASN1_STRING_data(msg), ret->imprint_len);
-
-    /* Setting nonce. */
-    if ((nonce = TS_REQ_get_nonce(req)) != NULL) {
-        if (!(ret->nonce = ASN1_INTEGER_dup(nonce)))
-            goto err;
-    } else
-        ret->flags &= ~TS_VFY_NONCE;
-
-    return ret;
- err:
-    if (ctx)
-        TS_VERIFY_CTX_cleanup(ctx);
-    else
-        TS_VERIFY_CTX_free(ret);
-    return NULL;
-}
diff --git a/thirdparty/openssl/crypto/txt_db/txt_db.c b/thirdparty/openssl/crypto/txt_db/txt_db.c
deleted file mode 100644
index ed02efc261..0000000000
--- a/thirdparty/openssl/crypto/txt_db/txt_db.c
+++ /dev/null
@@ -1,397 +0,0 @@
-/* crypto/txt_db/txt_db.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/txt_db.h>
-
-#undef BUFSIZE
-#define BUFSIZE 512
-
-const char TXT_DB_version[] = "TXT_DB" OPENSSL_VERSION_PTEXT;
-
-TXT_DB *TXT_DB_read(BIO *in, int num)
-{
-    TXT_DB *ret = NULL;
-    int er = 1;
-    int esc = 0;
-    long ln = 0;
-    int i, add, n;
-    int size = BUFSIZE;
-    int offset = 0;
-    char *p, *f;
-    OPENSSL_STRING *pp;
-    BUF_MEM *buf = NULL;
-
-    if ((buf = BUF_MEM_new()) == NULL)
-        goto err;
-    if (!BUF_MEM_grow(buf, size))
-        goto err;
-
-    if ((ret = OPENSSL_malloc(sizeof(TXT_DB))) == NULL)
-        goto err;
-    ret->num_fields = num;
-    ret->index = NULL;
-    ret->qual = NULL;
-    if ((ret->data = sk_OPENSSL_PSTRING_new_null()) == NULL)
-        goto err;
-    if ((ret->index = OPENSSL_malloc(sizeof(*ret->index) * num)) == NULL)
-        goto err;
-    if ((ret->qual = OPENSSL_malloc(sizeof(*(ret->qual)) * num)) == NULL)
-        goto err;
-    for (i = 0; i < num; i++) {
-        ret->index[i] = NULL;
-        ret->qual[i] = NULL;
-    }
-
-    add = (num + 1) * sizeof(char *);
-    buf->data[size - 1] = '\0';
-    offset = 0;
-    for (;;) {
-        if (offset != 0) {
-            size += BUFSIZE;
-            if (!BUF_MEM_grow_clean(buf, size))
-                goto err;
-        }
-        buf->data[offset] = '\0';
-        BIO_gets(in, &(buf->data[offset]), size - offset);
-        ln++;
-        if (buf->data[offset] == '\0')
-            break;
-        if ((offset == 0) && (buf->data[0] == '#'))
-            continue;
-        i = strlen(&(buf->data[offset]));
-        offset += i;
-        if (buf->data[offset - 1] != '\n')
-            continue;
-        else {
-            buf->data[offset - 1] = '\0'; /* blat the '\n' */
-            if (!(p = OPENSSL_malloc(add + offset)))
-                goto err;
-            offset = 0;
-        }
-        pp = (char **)p;
-        p += add;
-        n = 0;
-        pp[n++] = p;
-        i = 0;
-        f = buf->data;
-
-        esc = 0;
-        for (;;) {
-            if (*f == '\0')
-                break;
-            if (*f == '\t') {
-                if (esc)
-                    p--;
-                else {
-                    *(p++) = '\0';
-                    f++;
-                    if (n >= num)
-                        break;
-                    pp[n++] = p;
-                    continue;
-                }
-            }
-            esc = (*f == '\\');
-            *(p++) = *(f++);
-        }
-        *(p++) = '\0';
-        if ((n != num) || (*f != '\0')) {
-#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16) /* temporary
-                                                               * fix :-( */
-            fprintf(stderr,
-                    "wrong number of fields on line %ld (looking for field %d, got %d, '%s' left)\n",
-                    ln, num, n, f);
-#endif
-            OPENSSL_free(pp);
-            er = 2;
-            goto err;
-        }
-        pp[n] = p;
-        if (!sk_OPENSSL_PSTRING_push(ret->data, pp)) {
-#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16) /* temporary
-                                                               * fix :-( */
-            fprintf(stderr, "failure in sk_push\n");
-#endif
-            OPENSSL_free(pp);
-            er = 2;
-            goto err;
-        }
-    }
-    er = 0;
- err:
-    BUF_MEM_free(buf);
-    if (er) {
-#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16)
-        if (er == 1)
-            fprintf(stderr, "OPENSSL_malloc failure\n");
-#endif
-        if (ret != NULL) {
-            if (ret->data != NULL)
-                sk_OPENSSL_PSTRING_free(ret->data);
-            if (ret->index != NULL)
-                OPENSSL_free(ret->index);
-            if (ret->qual != NULL)
-                OPENSSL_free(ret->qual);
-            if (ret != NULL)
-                OPENSSL_free(ret);
-        }
-        return (NULL);
-    } else
-        return (ret);
-}
-
-OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx,
-                                    OPENSSL_STRING *value)
-{
-    OPENSSL_STRING *ret;
-    LHASH_OF(OPENSSL_STRING) *lh;
-
-    if (idx >= db->num_fields) {
-        db->error = DB_ERROR_INDEX_OUT_OF_RANGE;
-        return (NULL);
-    }
-    lh = db->index[idx];
-    if (lh == NULL) {
-        db->error = DB_ERROR_NO_INDEX;
-        return (NULL);
-    }
-    ret = lh_OPENSSL_STRING_retrieve(lh, value);
-    db->error = DB_ERROR_OK;
-    return (ret);
-}
-
-int TXT_DB_create_index(TXT_DB *db, int field, int (*qual) (OPENSSL_STRING *),
-                        LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp)
-{
-    LHASH_OF(OPENSSL_STRING) *idx;
-    OPENSSL_STRING *r, *k;
-    int i, n;
-
-    if (field >= db->num_fields) {
-        db->error = DB_ERROR_INDEX_OUT_OF_RANGE;
-        return (0);
-    }
-    /* FIXME: we lose type checking at this point */
-    if ((idx = (LHASH_OF(OPENSSL_STRING) *)lh_new(hash, cmp)) == NULL) {
-        db->error = DB_ERROR_MALLOC;
-        return (0);
-    }
-    n = sk_OPENSSL_PSTRING_num(db->data);
-    for (i = 0; i < n; i++) {
-        r = sk_OPENSSL_PSTRING_value(db->data, i);
-        if ((qual != NULL) && (qual(r) == 0))
-            continue;
-        if ((k = lh_OPENSSL_STRING_insert(idx, r)) != NULL) {
-            db->error = DB_ERROR_INDEX_CLASH;
-            db->arg1 = sk_OPENSSL_PSTRING_find(db->data, k);
-            db->arg2 = i;
-            lh_OPENSSL_STRING_free(idx);
-            return (0);
-        }
-        if (lh_OPENSSL_STRING_retrieve(idx, r) == NULL) {
-            db->error = DB_ERROR_MALLOC;
-            lh_OPENSSL_STRING_free(idx);
-            return (0);
-        }
-    }
-    if (db->index[field] != NULL)
-        lh_OPENSSL_STRING_free(db->index[field]);
-    db->index[field] = idx;
-    db->qual[field] = qual;
-    return (1);
-}
-
-long TXT_DB_write(BIO *out, TXT_DB *db)
-{
-    long i, j, n, nn, l, tot = 0;
-    char *p, **pp, *f;
-    BUF_MEM *buf = NULL;
-    long ret = -1;
-
-    if ((buf = BUF_MEM_new()) == NULL)
-        goto err;
-    n = sk_OPENSSL_PSTRING_num(db->data);
-    nn = db->num_fields;
-    for (i = 0; i < n; i++) {
-        pp = sk_OPENSSL_PSTRING_value(db->data, i);
-
-        l = 0;
-        for (j = 0; j < nn; j++) {
-            if (pp[j] != NULL)
-                l += strlen(pp[j]);
-        }
-        if (!BUF_MEM_grow_clean(buf, (int)(l * 2 + nn)))
-            goto err;
-
-        p = buf->data;
-        for (j = 0; j < nn; j++) {
-            f = pp[j];
-            if (f != NULL)
-                for (;;) {
-                    if (*f == '\0')
-                        break;
-                    if (*f == '\t')
-                        *(p++) = '\\';
-                    *(p++) = *(f++);
-                }
-            *(p++) = '\t';
-        }
-        p[-1] = '\n';
-        j = p - buf->data;
-        if (BIO_write(out, buf->data, (int)j) != j)
-            goto err;
-        tot += j;
-    }
-    ret = tot;
- err:
-    if (buf != NULL)
-        BUF_MEM_free(buf);
-    return (ret);
-}
-
-int TXT_DB_insert(TXT_DB *db, OPENSSL_STRING *row)
-{
-    int i;
-    OPENSSL_STRING *r;
-
-    for (i = 0; i < db->num_fields; i++) {
-        if (db->index[i] != NULL) {
-            if ((db->qual[i] != NULL) && (db->qual[i] (row) == 0))
-                continue;
-            r = lh_OPENSSL_STRING_retrieve(db->index[i], row);
-            if (r != NULL) {
-                db->error = DB_ERROR_INDEX_CLASH;
-                db->arg1 = i;
-                db->arg_row = r;
-                goto err;
-            }
-        }
-    }
-
-    for (i = 0; i < db->num_fields; i++) {
-        if (db->index[i] != NULL) {
-            if ((db->qual[i] != NULL) && (db->qual[i] (row) == 0))
-                continue;
-            (void)lh_OPENSSL_STRING_insert(db->index[i], row);
-            if (lh_OPENSSL_STRING_retrieve(db->index[i], row) == NULL)
-                goto err1;
-        }
-    }
-    if (!sk_OPENSSL_PSTRING_push(db->data, row))
-        goto err1;
-    return (1);
-
- err1:
-    db->error = DB_ERROR_MALLOC;
-    while (i-- > 0) {
-        if (db->index[i] != NULL) {
-            if ((db->qual[i] != NULL) && (db->qual[i] (row) == 0))
-                continue;
-            (void)lh_OPENSSL_STRING_delete(db->index[i], row);
-        }
-    }
- err:
-    return (0);
-}
-
-void TXT_DB_free(TXT_DB *db)
-{
-    int i, n;
-    char **p, *max;
-
-    if (db == NULL)
-        return;
-
-    if (db->index != NULL) {
-        for (i = db->num_fields - 1; i >= 0; i--)
-            if (db->index[i] != NULL)
-                lh_OPENSSL_STRING_free(db->index[i]);
-        OPENSSL_free(db->index);
-    }
-    if (db->qual != NULL)
-        OPENSSL_free(db->qual);
-    if (db->data != NULL) {
-        for (i = sk_OPENSSL_PSTRING_num(db->data) - 1; i >= 0; i--) {
-            /*
-             * check if any 'fields' have been allocated from outside of the
-             * initial block
-             */
-            p = sk_OPENSSL_PSTRING_value(db->data, i);
-            max = p[db->num_fields]; /* last address */
-            if (max == NULL) {  /* new row */
-                for (n = 0; n < db->num_fields; n++)
-                    if (p[n] != NULL)
-                        OPENSSL_free(p[n]);
-            } else {
-                for (n = 0; n < db->num_fields; n++) {
-                    if (((p[n] < (char *)p) || (p[n] > max))
-                        && (p[n] != NULL))
-                        OPENSSL_free(p[n]);
-                }
-            }
-            OPENSSL_free(sk_OPENSSL_PSTRING_value(db->data, i));
-        }
-        sk_OPENSSL_PSTRING_free(db->data);
-    }
-    OPENSSL_free(db);
-}
diff --git a/thirdparty/openssl/crypto/ui/ui_compat.c b/thirdparty/openssl/crypto/ui/ui_compat.c
deleted file mode 100644
index e79d54eea6..0000000000
--- a/thirdparty/openssl/crypto/ui/ui_compat.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/* crypto/ui/ui_compat.c */
-/* ====================================================================
- * Copyright (c) 2001-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-#include <openssl/ui_compat.h>
-
-int _ossl_old_des_read_pw_string(char *buf, int length, const char *prompt,
-                                 int verify)
-{
-    return UI_UTIL_read_pw_string(buf, length, prompt, verify);
-}
-
-int _ossl_old_des_read_pw(char *buf, char *buff, int size, const char *prompt,
-                          int verify)
-{
-    return UI_UTIL_read_pw(buf, buff, size, prompt, verify);
-}
diff --git a/thirdparty/openssl/crypto/ui/ui_err.c b/thirdparty/openssl/crypto/ui/ui_err.c
deleted file mode 100644
index 8097da836a..0000000000
--- a/thirdparty/openssl/crypto/ui/ui_err.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/ui/ui_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/ui.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_UI,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_UI,0,reason)
-
-static ERR_STRING_DATA UI_str_functs[] = {
-    {ERR_FUNC(UI_F_GENERAL_ALLOCATE_BOOLEAN), "GENERAL_ALLOCATE_BOOLEAN"},
-    {ERR_FUNC(UI_F_GENERAL_ALLOCATE_PROMPT), "GENERAL_ALLOCATE_PROMPT"},
-    {ERR_FUNC(UI_F_GENERAL_ALLOCATE_STRING), "GENERAL_ALLOCATE_STRING"},
-    {ERR_FUNC(UI_F_UI_CTRL), "UI_ctrl"},
-    {ERR_FUNC(UI_F_UI_DUP_ERROR_STRING), "UI_dup_error_string"},
-    {ERR_FUNC(UI_F_UI_DUP_INFO_STRING), "UI_dup_info_string"},
-    {ERR_FUNC(UI_F_UI_DUP_INPUT_BOOLEAN), "UI_dup_input_boolean"},
-    {ERR_FUNC(UI_F_UI_DUP_INPUT_STRING), "UI_dup_input_string"},
-    {ERR_FUNC(UI_F_UI_DUP_VERIFY_STRING), "UI_dup_verify_string"},
-    {ERR_FUNC(UI_F_UI_GET0_RESULT), "UI_get0_result"},
-    {ERR_FUNC(UI_F_UI_NEW_METHOD), "UI_new_method"},
-    {ERR_FUNC(UI_F_UI_SET_RESULT), "UI_set_result"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA UI_str_reasons[] = {
-    {ERR_REASON(UI_R_COMMON_OK_AND_CANCEL_CHARACTERS),
-     "common ok and cancel characters"},
-    {ERR_REASON(UI_R_INDEX_TOO_LARGE), "index too large"},
-    {ERR_REASON(UI_R_INDEX_TOO_SMALL), "index too small"},
-    {ERR_REASON(UI_R_NO_RESULT_BUFFER), "no result buffer"},
-    {ERR_REASON(UI_R_RESULT_TOO_LARGE), "result too large"},
-    {ERR_REASON(UI_R_RESULT_TOO_SMALL), "result too small"},
-    {ERR_REASON(UI_R_UNKNOWN_CONTROL_COMMAND), "unknown control command"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_UI_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(UI_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, UI_str_functs);
-        ERR_load_strings(0, UI_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/ui/ui_lib.c b/thirdparty/openssl/crypto/ui/ui_lib.c
deleted file mode 100644
index 643ae59343..0000000000
--- a/thirdparty/openssl/crypto/ui/ui_lib.c
+++ /dev/null
@@ -1,877 +0,0 @@
-/* crypto/ui/ui_lib.c */
-/*
- * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-#include "cryptlib.h"
-#include <openssl/e_os2.h>
-#include <openssl/buffer.h>
-#include <openssl/ui.h>
-#include <openssl/err.h>
-#include "ui_locl.h"
-
-IMPLEMENT_STACK_OF(UI_STRING_ST)
-
-static const UI_METHOD *default_UI_meth = NULL;
-
-UI *UI_new(void)
-{
-    return (UI_new_method(NULL));
-}
-
-UI *UI_new_method(const UI_METHOD *method)
-{
-    UI *ret;
-
-    ret = (UI *)OPENSSL_malloc(sizeof(UI));
-    if (ret == NULL) {
-        UIerr(UI_F_UI_NEW_METHOD, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    if (method == NULL)
-        ret->meth = UI_get_default_method();
-    else
-        ret->meth = method;
-
-    ret->strings = NULL;
-    ret->user_data = NULL;
-    ret->flags = 0;
-    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_UI, ret, &ret->ex_data);
-    return ret;
-}
-
-static void free_string(UI_STRING *uis)
-{
-    if (uis->flags & OUT_STRING_FREEABLE) {
-        OPENSSL_free((char *)uis->out_string);
-        switch (uis->type) {
-        case UIT_BOOLEAN:
-            OPENSSL_free((char *)uis->_.boolean_data.action_desc);
-            OPENSSL_free((char *)uis->_.boolean_data.ok_chars);
-            OPENSSL_free((char *)uis->_.boolean_data.cancel_chars);
-            break;
-        default:
-            break;
-        }
-    }
-    OPENSSL_free(uis);
-}
-
-void UI_free(UI *ui)
-{
-    if (ui == NULL)
-        return;
-    sk_UI_STRING_pop_free(ui->strings, free_string);
-    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_UI, ui, &ui->ex_data);
-    OPENSSL_free(ui);
-}
-
-static int allocate_string_stack(UI *ui)
-{
-    if (ui->strings == NULL) {
-        ui->strings = sk_UI_STRING_new_null();
-        if (ui->strings == NULL) {
-            return -1;
-        }
-    }
-    return 0;
-}
-
-static UI_STRING *general_allocate_prompt(UI *ui, const char *prompt,
-                                          int prompt_freeable,
-                                          enum UI_string_types type,
-                                          int input_flags, char *result_buf)
-{
-    UI_STRING *ret = NULL;
-
-    if (prompt == NULL) {
-        UIerr(UI_F_GENERAL_ALLOCATE_PROMPT, ERR_R_PASSED_NULL_PARAMETER);
-    } else if ((type == UIT_PROMPT || type == UIT_VERIFY
-                || type == UIT_BOOLEAN) && result_buf == NULL) {
-        UIerr(UI_F_GENERAL_ALLOCATE_PROMPT, UI_R_NO_RESULT_BUFFER);
-    } else if ((ret = (UI_STRING *)OPENSSL_malloc(sizeof(UI_STRING)))) {
-        ret->out_string = prompt;
-        ret->flags = prompt_freeable ? OUT_STRING_FREEABLE : 0;
-        ret->input_flags = input_flags;
-        ret->type = type;
-        ret->result_buf = result_buf;
-    }
-    return ret;
-}
-
-static int general_allocate_string(UI *ui, const char *prompt,
-                                   int prompt_freeable,
-                                   enum UI_string_types type, int input_flags,
-                                   char *result_buf, int minsize, int maxsize,
-                                   const char *test_buf)
-{
-    int ret = -1;
-    UI_STRING *s = general_allocate_prompt(ui, prompt, prompt_freeable,
-                                           type, input_flags, result_buf);
-
-    if (s != NULL) {
-        if (allocate_string_stack(ui) >= 0) {
-            s->_.string_data.result_minsize = minsize;
-            s->_.string_data.result_maxsize = maxsize;
-            s->_.string_data.test_buf = test_buf;
-            ret = sk_UI_STRING_push(ui->strings, s);
-            /* sk_push() returns 0 on error.  Let's addapt that */
-            if (ret <= 0)
-                ret--;
-        } else
-            free_string(s);
-    }
-    return ret;
-}
-
-static int general_allocate_boolean(UI *ui,
-                                    const char *prompt,
-                                    const char *action_desc,
-                                    const char *ok_chars,
-                                    const char *cancel_chars,
-                                    int prompt_freeable,
-                                    enum UI_string_types type,
-                                    int input_flags, char *result_buf)
-{
-    int ret = -1;
-    UI_STRING *s;
-    const char *p;
-
-    if (ok_chars == NULL) {
-        UIerr(UI_F_GENERAL_ALLOCATE_BOOLEAN, ERR_R_PASSED_NULL_PARAMETER);
-    } else if (cancel_chars == NULL) {
-        UIerr(UI_F_GENERAL_ALLOCATE_BOOLEAN, ERR_R_PASSED_NULL_PARAMETER);
-    } else {
-        for (p = ok_chars; *p != '\0'; p++) {
-            if (strchr(cancel_chars, *p) != NULL) {
-                UIerr(UI_F_GENERAL_ALLOCATE_BOOLEAN,
-                      UI_R_COMMON_OK_AND_CANCEL_CHARACTERS);
-            }
-        }
-
-        s = general_allocate_prompt(ui, prompt, prompt_freeable,
-                                    type, input_flags, result_buf);
-
-        if (s != NULL) {
-            if (allocate_string_stack(ui) >= 0) {
-                s->_.boolean_data.action_desc = action_desc;
-                s->_.boolean_data.ok_chars = ok_chars;
-                s->_.boolean_data.cancel_chars = cancel_chars;
-                ret = sk_UI_STRING_push(ui->strings, s);
-                /*
-                 * sk_push() returns 0 on error. Let's addapt that
-                 */
-                if (ret <= 0)
-                    ret--;
-            } else
-                free_string(s);
-        }
-    }
-    return ret;
-}
-
-/*
- * Returns the index to the place in the stack or -1 for error.  Uses a
- * direct reference to the prompt.
- */
-int UI_add_input_string(UI *ui, const char *prompt, int flags,
-                        char *result_buf, int minsize, int maxsize)
-{
-    return general_allocate_string(ui, prompt, 0,
-                                   UIT_PROMPT, flags, result_buf, minsize,
-                                   maxsize, NULL);
-}
-
-/* Same as UI_add_input_string(), excepts it takes a copy of the prompt */
-int UI_dup_input_string(UI *ui, const char *prompt, int flags,
-                        char *result_buf, int minsize, int maxsize)
-{
-    char *prompt_copy = NULL;
-
-    if (prompt != NULL) {
-        prompt_copy = BUF_strdup(prompt);
-        if (prompt_copy == NULL) {
-            UIerr(UI_F_UI_DUP_INPUT_STRING, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-    }
-
-    return general_allocate_string(ui, prompt_copy, 1,
-                                   UIT_PROMPT, flags, result_buf, minsize,
-                                   maxsize, NULL);
-}
-
-int UI_add_verify_string(UI *ui, const char *prompt, int flags,
-                         char *result_buf, int minsize, int maxsize,
-                         const char *test_buf)
-{
-    return general_allocate_string(ui, prompt, 0,
-                                   UIT_VERIFY, flags, result_buf, minsize,
-                                   maxsize, test_buf);
-}
-
-int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
-                         char *result_buf, int minsize, int maxsize,
-                         const char *test_buf)
-{
-    char *prompt_copy = NULL;
-
-    if (prompt != NULL) {
-        prompt_copy = BUF_strdup(prompt);
-        if (prompt_copy == NULL) {
-            UIerr(UI_F_UI_DUP_VERIFY_STRING, ERR_R_MALLOC_FAILURE);
-            return -1;
-        }
-    }
-
-    return general_allocate_string(ui, prompt_copy, 1,
-                                   UIT_VERIFY, flags, result_buf, minsize,
-                                   maxsize, test_buf);
-}
-
-int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
-                         const char *ok_chars, const char *cancel_chars,
-                         int flags, char *result_buf)
-{
-    return general_allocate_boolean(ui, prompt, action_desc,
-                                    ok_chars, cancel_chars, 0, UIT_BOOLEAN,
-                                    flags, result_buf);
-}
-
-int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
-                         const char *ok_chars, const char *cancel_chars,
-                         int flags, char *result_buf)
-{
-    char *prompt_copy = NULL;
-    char *action_desc_copy = NULL;
-    char *ok_chars_copy = NULL;
-    char *cancel_chars_copy = NULL;
-
-    if (prompt != NULL) {
-        prompt_copy = BUF_strdup(prompt);
-        if (prompt_copy == NULL) {
-            UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-    }
-
-    if (action_desc != NULL) {
-        action_desc_copy = BUF_strdup(action_desc);
-        if (action_desc_copy == NULL) {
-            UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-    }
-
-    if (ok_chars != NULL) {
-        ok_chars_copy = BUF_strdup(ok_chars);
-        if (ok_chars_copy == NULL) {
-            UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-    }
-
-    if (cancel_chars != NULL) {
-        cancel_chars_copy = BUF_strdup(cancel_chars);
-        if (cancel_chars_copy == NULL) {
-            UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-    }
-
-    return general_allocate_boolean(ui, prompt_copy, action_desc_copy,
-                                    ok_chars_copy, cancel_chars_copy, 1,
-                                    UIT_BOOLEAN, flags, result_buf);
- err:
-    if (prompt_copy)
-        OPENSSL_free(prompt_copy);
-    if (action_desc_copy)
-        OPENSSL_free(action_desc_copy);
-    if (ok_chars_copy)
-        OPENSSL_free(ok_chars_copy);
-    if (cancel_chars_copy)
-        OPENSSL_free(cancel_chars_copy);
-    return -1;
-}
-
-int UI_add_info_string(UI *ui, const char *text)
-{
-    return general_allocate_string(ui, text, 0, UIT_INFO, 0, NULL, 0, 0,
-                                   NULL);
-}
-
-int UI_dup_info_string(UI *ui, const char *text)
-{
-    char *text_copy = NULL;
-
-    if (text != NULL) {
-        text_copy = BUF_strdup(text);
-        if (text_copy == NULL) {
-            UIerr(UI_F_UI_DUP_INFO_STRING, ERR_R_MALLOC_FAILURE);
-            return -1;
-        }
-    }
-
-    return general_allocate_string(ui, text_copy, 1, UIT_INFO, 0, NULL,
-                                   0, 0, NULL);
-}
-
-int UI_add_error_string(UI *ui, const char *text)
-{
-    return general_allocate_string(ui, text, 0, UIT_ERROR, 0, NULL, 0, 0,
-                                   NULL);
-}
-
-int UI_dup_error_string(UI *ui, const char *text)
-{
-    char *text_copy = NULL;
-
-    if (text != NULL) {
-        text_copy = BUF_strdup(text);
-        if (text_copy == NULL) {
-            UIerr(UI_F_UI_DUP_ERROR_STRING, ERR_R_MALLOC_FAILURE);
-            return -1;
-        }
-    }
-    return general_allocate_string(ui, text_copy, 1, UIT_ERROR, 0, NULL,
-                                   0, 0, NULL);
-}
-
-char *UI_construct_prompt(UI *ui, const char *object_desc,
-                          const char *object_name)
-{
-    char *prompt = NULL;
-
-    if (ui->meth->ui_construct_prompt != NULL)
-        prompt = ui->meth->ui_construct_prompt(ui, object_desc, object_name);
-    else {
-        char prompt1[] = "Enter ";
-        char prompt2[] = " for ";
-        char prompt3[] = ":";
-        int len = 0;
-
-        if (object_desc == NULL)
-            return NULL;
-        len = sizeof(prompt1) - 1 + strlen(object_desc);
-        if (object_name != NULL)
-            len += sizeof(prompt2) - 1 + strlen(object_name);
-        len += sizeof(prompt3) - 1;
-
-        prompt = (char *)OPENSSL_malloc(len + 1);
-        if (prompt == NULL)
-            return NULL;
-        BUF_strlcpy(prompt, prompt1, len + 1);
-        BUF_strlcat(prompt, object_desc, len + 1);
-        if (object_name != NULL) {
-            BUF_strlcat(prompt, prompt2, len + 1);
-            BUF_strlcat(prompt, object_name, len + 1);
-        }
-        BUF_strlcat(prompt, prompt3, len + 1);
-    }
-    return prompt;
-}
-
-void *UI_add_user_data(UI *ui, void *user_data)
-{
-    void *old_data = ui->user_data;
-    ui->user_data = user_data;
-    return old_data;
-}
-
-void *UI_get0_user_data(UI *ui)
-{
-    return ui->user_data;
-}
-
-const char *UI_get0_result(UI *ui, int i)
-{
-    if (i < 0) {
-        UIerr(UI_F_UI_GET0_RESULT, UI_R_INDEX_TOO_SMALL);
-        return NULL;
-    }
-    if (i >= sk_UI_STRING_num(ui->strings)) {
-        UIerr(UI_F_UI_GET0_RESULT, UI_R_INDEX_TOO_LARGE);
-        return NULL;
-    }
-    return UI_get0_result_string(sk_UI_STRING_value(ui->strings, i));
-}
-
-static int print_error(const char *str, size_t len, UI *ui)
-{
-    UI_STRING uis;
-
-    memset(&uis, 0, sizeof(uis));
-    uis.type = UIT_ERROR;
-    uis.out_string = str;
-
-    if (ui->meth->ui_write_string != NULL
-        && ui->meth->ui_write_string(ui, &uis) <= 0)
-        return -1;
-    return 0;
-}
-
-int UI_process(UI *ui)
-{
-    int i, ok = 0;
-
-    if (ui->meth->ui_open_session != NULL
-        && ui->meth->ui_open_session(ui) <= 0) {
-        ok = -1;
-        goto err;
-    }
-
-    if (ui->flags & UI_FLAG_PRINT_ERRORS)
-        ERR_print_errors_cb((int (*)(const char *, size_t, void *))
-                            print_error, (void *)ui);
-
-    for (i = 0; i < sk_UI_STRING_num(ui->strings); i++) {
-        if (ui->meth->ui_write_string != NULL
-            && (ui->meth->ui_write_string(ui,
-                                          sk_UI_STRING_value(ui->strings, i))
-                <= 0))
-        {
-            ok = -1;
-            goto err;
-        }
-    }
-
-    if (ui->meth->ui_flush != NULL)
-        switch (ui->meth->ui_flush(ui)) {
-        case -1:               /* Interrupt/Cancel/something... */
-            ok = -2;
-            goto err;
-        case 0:                /* Errors */
-            ok = -1;
-            goto err;
-        default:               /* Success */
-            ok = 0;
-            break;
-        }
-
-    for (i = 0; i < sk_UI_STRING_num(ui->strings); i++) {
-        if (ui->meth->ui_read_string != NULL) {
-            switch (ui->meth->ui_read_string(ui,
-                                             sk_UI_STRING_value(ui->strings,
-                                                                i))) {
-            case -1:           /* Interrupt/Cancel/something... */
-                ok = -2;
-                goto err;
-            case 0:            /* Errors */
-                ok = -1;
-                goto err;
-            default:           /* Success */
-                ok = 0;
-                break;
-            }
-        }
-    }
- err:
-    if (ui->meth->ui_close_session != NULL
-        && ui->meth->ui_close_session(ui) <= 0)
-        return -1;
-    return ok;
-}
-
-int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void))
-{
-    if (ui == NULL) {
-        UIerr(UI_F_UI_CTRL, ERR_R_PASSED_NULL_PARAMETER);
-        return -1;
-    }
-    switch (cmd) {
-    case UI_CTRL_PRINT_ERRORS:
-        {
-            int save_flag = ! !(ui->flags & UI_FLAG_PRINT_ERRORS);
-            if (i)
-                ui->flags |= UI_FLAG_PRINT_ERRORS;
-            else
-                ui->flags &= ~UI_FLAG_PRINT_ERRORS;
-            return save_flag;
-        }
-    case UI_CTRL_IS_REDOABLE:
-        return ! !(ui->flags & UI_FLAG_REDOABLE);
-    default:
-        break;
-    }
-    UIerr(UI_F_UI_CTRL, UI_R_UNKNOWN_CONTROL_COMMAND);
-    return -1;
-}
-
-int UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-                        CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI, argl, argp,
-                                   new_func, dup_func, free_func);
-}
-
-int UI_set_ex_data(UI *r, int idx, void *arg)
-{
-    return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
-}
-
-void *UI_get_ex_data(UI *r, int idx)
-{
-    return (CRYPTO_get_ex_data(&r->ex_data, idx));
-}
-
-void UI_set_default_method(const UI_METHOD *meth)
-{
-    default_UI_meth = meth;
-}
-
-const UI_METHOD *UI_get_default_method(void)
-{
-    if (default_UI_meth == NULL) {
-        default_UI_meth = UI_OpenSSL();
-    }
-    return default_UI_meth;
-}
-
-const UI_METHOD *UI_get_method(UI *ui)
-{
-    return ui->meth;
-}
-
-const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth)
-{
-    ui->meth = meth;
-    return ui->meth;
-}
-
-UI_METHOD *UI_create_method(char *name)
-{
-    UI_METHOD *ui_method = (UI_METHOD *)OPENSSL_malloc(sizeof(UI_METHOD));
-
-    if (ui_method) {
-        memset(ui_method, 0, sizeof(*ui_method));
-        ui_method->name = BUF_strdup(name);
-    }
-    return ui_method;
-}
-
-/*
- * BIG FSCKING WARNING!!!! If you use this on a statically allocated method
- * (that is, it hasn't been allocated using UI_create_method(), you deserve
- * anything Murphy can throw at you and more! You have been warned.
- */
-void UI_destroy_method(UI_METHOD *ui_method)
-{
-    OPENSSL_free(ui_method->name);
-    ui_method->name = NULL;
-    OPENSSL_free(ui_method);
-}
-
-int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui))
-{
-    if (method != NULL) {
-        method->ui_open_session = opener;
-        return 0;
-    }
-    return -1;
-}
-
-int UI_method_set_writer(UI_METHOD *method,
-                         int (*writer) (UI *ui, UI_STRING *uis))
-{
-    if (method != NULL) {
-        method->ui_write_string = writer;
-        return 0;
-    }
-    return -1;
-}
-
-int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui))
-{
-    if (method != NULL) {
-        method->ui_flush = flusher;
-        return 0;
-    }
-    return -1;
-}
-
-int UI_method_set_reader(UI_METHOD *method,
-                         int (*reader) (UI *ui, UI_STRING *uis))
-{
-    if (method != NULL) {
-        method->ui_read_string = reader;
-        return 0;
-    }
-    return -1;
-}
-
-int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui))
-{
-    if (method != NULL) {
-        method->ui_close_session = closer;
-        return 0;
-    }
-    return -1;
-}
-
-int UI_method_set_prompt_constructor(UI_METHOD *method,
-                                     char *(*prompt_constructor) (UI *ui,
-                                                                  const char
-                                                                  *object_desc,
-                                                                  const char
-                                                                  *object_name))
-{
-    if (method != NULL) {
-        method->ui_construct_prompt = prompt_constructor;
-        return 0;
-    }
-    return -1;
-}
-
-int (*UI_method_get_opener(UI_METHOD *method)) (UI *)
-{
-    if (method != NULL)
-        return method->ui_open_session;
-    return NULL;
-}
-
-int (*UI_method_get_writer(UI_METHOD *method)) (UI *, UI_STRING *)
-{
-    if (method != NULL)
-        return method->ui_write_string;
-    return NULL;
-}
-
-int (*UI_method_get_flusher(UI_METHOD *method)) (UI *)
-{
-    if (method != NULL)
-        return method->ui_flush;
-    return NULL;
-}
-
-int (*UI_method_get_reader(UI_METHOD *method)) (UI *, UI_STRING *)
-{
-    if (method != NULL)
-        return method->ui_read_string;
-    return NULL;
-}
-
-int (*UI_method_get_closer(UI_METHOD *method)) (UI *)
-{
-    if (method != NULL)
-        return method->ui_close_session;
-    return NULL;
-}
-
-char *(*UI_method_get_prompt_constructor(UI_METHOD *method)) (UI *,
-                                                              const char *,
-                                                              const char *)
-{
-    if (method != NULL)
-        return method->ui_construct_prompt;
-    return NULL;
-}
-
-enum UI_string_types UI_get_string_type(UI_STRING *uis)
-{
-    if (!uis)
-        return UIT_NONE;
-    return uis->type;
-}
-
-int UI_get_input_flags(UI_STRING *uis)
-{
-    if (!uis)
-        return 0;
-    return uis->input_flags;
-}
-
-const char *UI_get0_output_string(UI_STRING *uis)
-{
-    if (!uis)
-        return NULL;
-    return uis->out_string;
-}
-
-const char *UI_get0_action_string(UI_STRING *uis)
-{
-    if (!uis)
-        return NULL;
-    switch (uis->type) {
-    case UIT_BOOLEAN:
-        return uis->_.boolean_data.action_desc;
-    default:
-        return NULL;
-    }
-}
-
-const char *UI_get0_result_string(UI_STRING *uis)
-{
-    if (!uis)
-        return NULL;
-    switch (uis->type) {
-    case UIT_PROMPT:
-    case UIT_VERIFY:
-        return uis->result_buf;
-    default:
-        return NULL;
-    }
-}
-
-const char *UI_get0_test_string(UI_STRING *uis)
-{
-    if (!uis)
-        return NULL;
-    switch (uis->type) {
-    case UIT_VERIFY:
-        return uis->_.string_data.test_buf;
-    default:
-        return NULL;
-    }
-}
-
-int UI_get_result_minsize(UI_STRING *uis)
-{
-    if (!uis)
-        return -1;
-    switch (uis->type) {
-    case UIT_PROMPT:
-    case UIT_VERIFY:
-        return uis->_.string_data.result_minsize;
-    default:
-        return -1;
-    }
-}
-
-int UI_get_result_maxsize(UI_STRING *uis)
-{
-    if (!uis)
-        return -1;
-    switch (uis->type) {
-    case UIT_PROMPT:
-    case UIT_VERIFY:
-        return uis->_.string_data.result_maxsize;
-    default:
-        return -1;
-    }
-}
-
-int UI_set_result(UI *ui, UI_STRING *uis, const char *result)
-{
-    int l = strlen(result);
-
-    ui->flags &= ~UI_FLAG_REDOABLE;
-
-    if (!uis)
-        return -1;
-    switch (uis->type) {
-    case UIT_PROMPT:
-    case UIT_VERIFY:
-        {
-            char number1[DECIMAL_SIZE(uis->_.string_data.result_minsize) + 1];
-            char number2[DECIMAL_SIZE(uis->_.string_data.result_maxsize) + 1];
-
-            BIO_snprintf(number1, sizeof(number1), "%d",
-                         uis->_.string_data.result_minsize);
-            BIO_snprintf(number2, sizeof(number2), "%d",
-                         uis->_.string_data.result_maxsize);
-
-            if (l < uis->_.string_data.result_minsize) {
-                ui->flags |= UI_FLAG_REDOABLE;
-                UIerr(UI_F_UI_SET_RESULT, UI_R_RESULT_TOO_SMALL);
-                ERR_add_error_data(5, "You must type in ",
-                                   number1, " to ", number2, " characters");
-                return -1;
-            }
-            if (l > uis->_.string_data.result_maxsize) {
-                ui->flags |= UI_FLAG_REDOABLE;
-                UIerr(UI_F_UI_SET_RESULT, UI_R_RESULT_TOO_LARGE);
-                ERR_add_error_data(5, "You must type in ",
-                                   number1, " to ", number2, " characters");
-                return -1;
-            }
-        }
-
-        if (!uis->result_buf) {
-            UIerr(UI_F_UI_SET_RESULT, UI_R_NO_RESULT_BUFFER);
-            return -1;
-        }
-
-        BUF_strlcpy(uis->result_buf, result,
-                    uis->_.string_data.result_maxsize + 1);
-        break;
-    case UIT_BOOLEAN:
-        {
-            const char *p;
-
-            if (!uis->result_buf) {
-                UIerr(UI_F_UI_SET_RESULT, UI_R_NO_RESULT_BUFFER);
-                return -1;
-            }
-
-            uis->result_buf[0] = '\0';
-            for (p = result; *p; p++) {
-                if (strchr(uis->_.boolean_data.ok_chars, *p)) {
-                    uis->result_buf[0] = uis->_.boolean_data.ok_chars[0];
-                    break;
-                }
-                if (strchr(uis->_.boolean_data.cancel_chars, *p)) {
-                    uis->result_buf[0] = uis->_.boolean_data.cancel_chars[0];
-                    break;
-                }
-            }
-        }
-    default:
-        break;
-    }
-    return 0;
-}
diff --git a/thirdparty/openssl/crypto/ui/ui_locl.h b/thirdparty/openssl/crypto/ui/ui_locl.h
deleted file mode 100644
index bebc13abfc..0000000000
--- a/thirdparty/openssl/crypto/ui/ui_locl.h
+++ /dev/null
@@ -1,145 +0,0 @@
-/* crypto/ui/ui.h */
-/*
- * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_UI_LOCL_H
-# define HEADER_UI_LOCL_H
-
-# include <openssl/ui.h>
-# include <openssl/crypto.h>
-
-# ifdef _
-#  undef _
-# endif
-
-struct ui_method_st {
-    char *name;
-    /*
-     * All the functions return 1 or non-NULL for success and 0 or NULL for
-     * failure
-     */
-    /*
-     * Open whatever channel for this, be it the console, an X window or
-     * whatever. This function should use the ex_data structure to save
-     * intermediate data.
-     */
-    int (*ui_open_session) (UI *ui);
-    int (*ui_write_string) (UI *ui, UI_STRING *uis);
-    /*
-     * Flush the output.  If a GUI dialog box is used, this function can be
-     * used to actually display it.
-     */
-    int (*ui_flush) (UI *ui);
-    int (*ui_read_string) (UI *ui, UI_STRING *uis);
-    int (*ui_close_session) (UI *ui);
-    /*
-     * Construct a prompt in a user-defined manner.  object_desc is a textual
-     * short description of the object, for example "pass phrase", and
-     * object_name is the name of the object (might be a card name or a file
-     * name. The returned string shall always be allocated on the heap with
-     * OPENSSL_malloc(), and need to be free'd with OPENSSL_free().
-     */
-    char *(*ui_construct_prompt) (UI *ui, const char *object_desc,
-                                  const char *object_name);
-};
-
-struct ui_string_st {
-    enum UI_string_types type;  /* Input */
-    const char *out_string;     /* Input */
-    int input_flags;            /* Flags from the user */
-    /*
-     * The following parameters are completely irrelevant for UIT_INFO, and
-     * can therefore be set to 0 or NULL
-     */
-    char *result_buf;           /* Input and Output: If not NULL,
-                                 * user-defined with size in result_maxsize.
-                                 * Otherwise, it may be allocated by the UI
-                                 * routine, meaning result_minsize is going
-                                 * to be overwritten. */
-    union {
-        struct {
-            int result_minsize; /* Input: minimum required size of the
-                                 * result. */
-            int result_maxsize; /* Input: maximum permitted size of the
-                                 * result */
-            const char *test_buf; /* Input: test string to verify against */
-        } string_data;
-        struct {
-            const char *action_desc; /* Input */
-            const char *ok_chars; /* Input */
-            const char *cancel_chars; /* Input */
-        } boolean_data;
-    } _;
-
-# define OUT_STRING_FREEABLE 0x01
-    int flags;                  /* flags for internal use */
-};
-
-struct ui_st {
-    const UI_METHOD *meth;
-    STACK_OF(UI_STRING) *strings; /* We might want to prompt for more than
-                                   * one thing at a time, and with different
-                                   * echoing status.  */
-    void *user_data;
-    CRYPTO_EX_DATA ex_data;
-# define UI_FLAG_REDOABLE        0x0001
-# define UI_FLAG_PRINT_ERRORS    0x0100
-    int flags;
-};
-
-#endif
diff --git a/thirdparty/openssl/crypto/ui/ui_openssl.c b/thirdparty/openssl/crypto/ui/ui_openssl.c
deleted file mode 100644
index 17d14f5842..0000000000
--- a/thirdparty/openssl/crypto/ui/ui_openssl.c
+++ /dev/null
@@ -1,734 +0,0 @@
-/* crypto/ui/ui_openssl.c */
-/*
- * Written by Richard Levitte (richard@levitte.org) and others for the
- * OpenSSL project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*-
- * The lowest level part of this file was previously in crypto/des/read_pwd.c,
- * Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/e_os2.h>
-
-/*
- * need for #define _POSIX_C_SOURCE arises whenever you pass -ansi to gcc
- * [maybe others?], because it masks interfaces not discussed in standard,
- * sigaction and fileno included. -pedantic would be more appropriate for the
- * intended purposes, but we can't prevent users from adding -ansi.
- */
-#if defined(OPENSSL_SYSNAME_VXWORKS)
-# include <sys/types.h>
-#endif
-
-#if !defined(_POSIX_C_SOURCE) && defined(OPENSSL_SYS_VMS)
-# ifndef _POSIX_C_SOURCE
-#  define _POSIX_C_SOURCE 2
-# endif
-#endif
-#include <signal.h>
-#include <stdio.h>
-#include <string.h>
-#include <errno.h>
-
-#if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS)
-# ifdef OPENSSL_UNISTD
-#  include OPENSSL_UNISTD
-# else
-#  include <unistd.h>
-# endif
-/*
- * If unistd.h defines _POSIX_VERSION, we conclude that we are on a POSIX
- * system and have sigaction and termios.
- */
-# if defined(_POSIX_VERSION)
-
-#  define SIGACTION
-#  if !defined(TERMIOS) && !defined(TERMIO) && !defined(SGTTY)
-#   define TERMIOS
-#  endif
-
-# endif
-#endif
-
-#ifdef WIN16TTY
-# undef OPENSSL_SYS_WIN16
-# undef WIN16
-# undef _WINDOWS
-# include <graph.h>
-#endif
-
-/* 06-Apr-92 Luke Brennan    Support for VMS */
-#include "ui_locl.h"
-#include "cryptlib.h"
-
-#ifdef OPENSSL_SYS_VMS          /* prototypes for sys$whatever */
-# include <starlet.h>
-# ifdef __DECC
-#  pragma message disable DOLLARID
-# endif
-#endif
-
-#ifdef WIN_CONSOLE_BUG
-# include <windows.h>
-# ifndef OPENSSL_SYS_WINCE
-#  include <wincon.h>
-# endif
-#endif
-
-/*
- * There are 5 types of terminal interface supported, TERMIO, TERMIOS, VMS,
- * MSDOS and SGTTY.
- *
- * If someone defines one of the macros TERMIO, TERMIOS or SGTTY, it will
- * remain respected.  Otherwise, we default to TERMIOS except for a few
- * systems that require something different.
- *
- * Note: we do not use SGTTY unless it's defined by the configuration.  We
- * may eventually opt to remove it's use entirely.
- */
-
-#if !defined(TERMIOS) && !defined(TERMIO) && !defined(SGTTY)
-
-# if defined(_LIBC)
-#  undef  TERMIOS
-#  define TERMIO
-#  undef  SGTTY
-/*
- * We know that VMS, MSDOS, VXWORKS, NETWARE use entirely other mechanisms.
- * MAC_OS_GUSI_SOURCE should probably go away, but that needs to be confirmed.
- */
-# elif !defined(OPENSSL_SYS_VMS) \
-	&& !defined(OPENSSL_SYS_MSDOS) \
-	&& !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) \
-	&& !defined(MAC_OS_GUSI_SOURCE)	\
-	&& !defined(OPENSSL_SYS_VXWORKS) \
-	&& !defined(OPENSSL_SYS_NETWARE)
-#  define TERMIOS
-#  undef  TERMIO
-#  undef  SGTTY
-# endif
-
-#endif
-
-#ifdef TERMIOS
-# include <termios.h>
-# define TTY_STRUCT             struct termios
-# define TTY_FLAGS              c_lflag
-# define TTY_get(tty,data)      tcgetattr(tty,data)
-# define TTY_set(tty,data)      tcsetattr(tty,TCSANOW,data)
-#endif
-
-#ifdef TERMIO
-# include <termio.h>
-# define TTY_STRUCT             struct termio
-# define TTY_FLAGS              c_lflag
-# define TTY_get(tty,data)      ioctl(tty,TCGETA,data)
-# define TTY_set(tty,data)      ioctl(tty,TCSETA,data)
-#endif
-
-#ifdef SGTTY
-# include <sgtty.h>
-# define TTY_STRUCT             struct sgttyb
-# define TTY_FLAGS              sg_flags
-# define TTY_get(tty,data)      ioctl(tty,TIOCGETP,data)
-# define TTY_set(tty,data)      ioctl(tty,TIOCSETP,data)
-#endif
-
-#if !defined(_LIBC) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && !defined(OPENSSL_SYS_SUNOS)
-# include <sys/ioctl.h>
-#endif
-
-#ifdef OPENSSL_SYS_MSDOS
-# include <conio.h>
-#endif
-
-#ifdef OPENSSL_SYS_VMS
-# include <ssdef.h>
-# include <iodef.h>
-# include <ttdef.h>
-# include <descrip.h>
-struct IOSB {
-    short iosb$w_value;
-    short iosb$w_count;
-    long iosb$l_info;
-};
-#endif
-
-#ifdef OPENSSL_SYS_SUNOS
-typedef int sig_atomic_t;
-#endif
-
-#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(MAC_OS_GUSI_SOURCE) || defined(OPENSSL_SYS_NETWARE)
-/*
- * This one needs work. As a matter of fact the code is unoperational
- * and this is only a trick to get it compiled.
- *                                      <appro@fy.chalmers.se>
- */
-# define TTY_STRUCT int
-#endif
-
-#ifndef NX509_SIG
-# define NX509_SIG 32
-#endif
-
-/* Define globals.  They are protected by a lock */
-#ifdef SIGACTION
-static struct sigaction savsig[NX509_SIG];
-#else
-static void (*savsig[NX509_SIG]) (int);
-#endif
-
-#ifdef OPENSSL_SYS_VMS
-static struct IOSB iosb;
-static $DESCRIPTOR(terminal, "TT");
-static long tty_orig[3], tty_new[3]; /* XXX Is there any guarantee that this
-                                      * will always suffice for the actual
-                                      * structures? */
-static long status;
-static unsigned short channel = 0;
-#else
-# if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__)
-static TTY_STRUCT tty_orig, tty_new;
-# endif
-#endif
-static FILE *tty_in, *tty_out;
-static int is_a_tty;
-
-/* Declare static functions */
-#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
-static int read_till_nl(FILE *);
-static void recsig(int);
-static void pushsig(void);
-static void popsig(void);
-#endif
-#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16)
-static int noecho_fgets(char *buf, int size, FILE *tty);
-#endif
-static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl);
-
-static int read_string(UI *ui, UI_STRING *uis);
-static int write_string(UI *ui, UI_STRING *uis);
-
-static int open_console(UI *ui);
-static int echo_console(UI *ui);
-static int noecho_console(UI *ui);
-static int close_console(UI *ui);
-
-static UI_METHOD ui_openssl = {
-    "OpenSSL default user interface",
-    open_console,
-    write_string,
-    NULL,                       /* No flusher is needed for command lines */
-    read_string,
-    close_console,
-    NULL
-};
-
-/* The method with all the built-in thingies */
-UI_METHOD *UI_OpenSSL(void)
-{
-    return &ui_openssl;
-}
-
-/*
- * The following function makes sure that info and error strings are printed
- * before any prompt.
- */
-static int write_string(UI *ui, UI_STRING *uis)
-{
-    switch (UI_get_string_type(uis)) {
-    case UIT_ERROR:
-    case UIT_INFO:
-        fputs(UI_get0_output_string(uis), tty_out);
-        fflush(tty_out);
-        break;
-    default:
-        break;
-    }
-    return 1;
-}
-
-static int read_string(UI *ui, UI_STRING *uis)
-{
-    int ok = 0;
-
-    switch (UI_get_string_type(uis)) {
-    case UIT_BOOLEAN:
-        fputs(UI_get0_output_string(uis), tty_out);
-        fputs(UI_get0_action_string(uis), tty_out);
-        fflush(tty_out);
-        return read_string_inner(ui, uis,
-                                 UI_get_input_flags(uis) & UI_INPUT_FLAG_ECHO,
-                                 0);
-    case UIT_PROMPT:
-        fputs(UI_get0_output_string(uis), tty_out);
-        fflush(tty_out);
-        return read_string_inner(ui, uis,
-                                 UI_get_input_flags(uis) & UI_INPUT_FLAG_ECHO,
-                                 1);
-    case UIT_VERIFY:
-        fprintf(tty_out, "Verifying - %s", UI_get0_output_string(uis));
-        fflush(tty_out);
-        if ((ok = read_string_inner(ui, uis,
-                                    UI_get_input_flags(uis) &
-                                    UI_INPUT_FLAG_ECHO, 1)) <= 0)
-            return ok;
-        if (strcmp(UI_get0_result_string(uis), UI_get0_test_string(uis)) != 0) {
-            fprintf(tty_out, "Verify failure\n");
-            fflush(tty_out);
-            return 0;
-        }
-        break;
-    default:
-        break;
-    }
-    return 1;
-}
-
-#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
-/* Internal functions to read a string without echoing */
-static int read_till_nl(FILE *in)
-{
-# define SIZE 4
-    char buf[SIZE + 1];
-
-    do {
-        if (!fgets(buf, SIZE, in))
-            return 0;
-    } while (strchr(buf, '\n') == NULL);
-    return 1;
-}
-
-static volatile sig_atomic_t intr_signal;
-#endif
-
-static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
-{
-    static int ps;
-    int ok;
-    char result[BUFSIZ];
-    int maxsize = BUFSIZ - 1;
-#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
-    char *p;
-
-    intr_signal = 0;
-    ok = 0;
-    ps = 0;
-
-    pushsig();
-    ps = 1;
-
-    if (!echo && !noecho_console(ui))
-        goto error;
-    ps = 2;
-
-    result[0] = '\0';
-# ifdef OPENSSL_SYS_MSDOS
-    if (!echo) {
-        noecho_fgets(result, maxsize, tty_in);
-        p = result;             /* FIXME: noecho_fgets doesn't return errors */
-    } else
-        p = fgets(result, maxsize, tty_in);
-# else
-    p = fgets(result, maxsize, tty_in);
-# endif
-    if (p == NULL)
-        goto error;
-    if (feof(tty_in))
-        goto error;
-    if (ferror(tty_in))
-        goto error;
-    if ((p = (char *)strchr(result, '\n')) != NULL) {
-        if (strip_nl)
-            *p = '\0';
-    } else if (!read_till_nl(tty_in))
-        goto error;
-    if (UI_set_result(ui, uis, result) >= 0)
-        ok = 1;
-
- error:
-    if (intr_signal == SIGINT)
-        ok = -1;
-    if (!echo)
-        fprintf(tty_out, "\n");
-    if (ps >= 2 && !echo && !echo_console(ui))
-        ok = 0;
-
-    if (ps >= 1)
-        popsig();
-#else
-    ok = 1;
-#endif
-
-    OPENSSL_cleanse(result, BUFSIZ);
-    return ok;
-}
-
-/* Internal functions to open, handle and close a channel to the console.  */
-static int open_console(UI *ui)
-{
-    CRYPTO_w_lock(CRYPTO_LOCK_UI);
-    is_a_tty = 1;
-
-#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS)
-    tty_in = stdin;
-    tty_out = stderr;
-#else
-# ifdef OPENSSL_SYS_MSDOS
-#  define DEV_TTY "con"
-# else
-#  define DEV_TTY "/dev/tty"
-# endif
-    if ((tty_in = fopen(DEV_TTY, "r")) == NULL)
-        tty_in = stdin;
-    if ((tty_out = fopen(DEV_TTY, "w")) == NULL)
-        tty_out = stderr;
-#endif
-
-#if defined(TTY_get) && !defined(OPENSSL_SYS_VMS)
-    if (TTY_get(fileno(tty_in), &tty_orig) == -1) {
-# ifdef ENOTTY
-        if (errno == ENOTTY)
-            is_a_tty = 0;
-        else
-# endif
-# ifdef EINVAL
-            /*
-             * Ariel Glenn ariel@columbia.edu reports that solaris can return
-             * EINVAL instead.  This should be ok
-             */
-        if (errno == EINVAL)
-            is_a_tty = 0;
-        else
-# endif
-# ifdef ENODEV
-            /*
-             * MacOS X returns ENODEV (Operation not supported by device),
-             * which seems appropriate.
-             */
-        if (errno == ENODEV)
-            is_a_tty = 0;
-        else
-# endif
-            return 0;
-    }
-#endif
-#ifdef OPENSSL_SYS_VMS
-    status = sys$assign(&terminal, &channel, 0, 0);
-
-    /* if there isn't a TT device, something is very wrong */
-    if (status != SS$_NORMAL)
-        return 0;
-
-    status = sys$qiow(0, channel, IO$_SENSEMODE, &iosb, 0, 0, tty_orig, 12,
-                      0, 0, 0, 0);
-
-    /* If IO$_SENSEMODE doesn't work, this is not a terminal device */
-    if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
-        is_a_tty = 0;
-#endif
-    return 1;
-}
-
-static int noecho_console(UI *ui)
-{
-#ifdef TTY_FLAGS
-    memcpy(&(tty_new), &(tty_orig), sizeof(tty_orig));
-    tty_new.TTY_FLAGS &= ~ECHO;
-#endif
-
-#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
-    if (is_a_tty && (TTY_set(fileno(tty_in), &tty_new) == -1))
-        return 0;
-#endif
-#ifdef OPENSSL_SYS_VMS
-    if (is_a_tty) {
-        tty_new[0] = tty_orig[0];
-        tty_new[1] = tty_orig[1] | TT$M_NOECHO;
-        tty_new[2] = tty_orig[2];
-        status = sys$qiow(0, channel, IO$_SETMODE, &iosb, 0, 0, tty_new, 12,
-                          0, 0, 0, 0);
-        if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
-            return 0;
-    }
-#endif
-    return 1;
-}
-
-static int echo_console(UI *ui)
-{
-#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
-    memcpy(&(tty_new), &(tty_orig), sizeof(tty_orig));
-    tty_new.TTY_FLAGS |= ECHO;
-#endif
-
-#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
-    if (is_a_tty && (TTY_set(fileno(tty_in), &tty_new) == -1))
-        return 0;
-#endif
-#ifdef OPENSSL_SYS_VMS
-    if (is_a_tty) {
-        tty_new[0] = tty_orig[0];
-        tty_new[1] = tty_orig[1] & ~TT$M_NOECHO;
-        tty_new[2] = tty_orig[2];
-        status = sys$qiow(0, channel, IO$_SETMODE, &iosb, 0, 0, tty_new, 12,
-                          0, 0, 0, 0);
-        if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
-            return 0;
-    }
-#endif
-    return 1;
-}
-
-static int close_console(UI *ui)
-{
-    if (tty_in != stdin)
-        fclose(tty_in);
-    if (tty_out != stderr)
-        fclose(tty_out);
-#ifdef OPENSSL_SYS_VMS
-    status = sys$dassgn(channel);
-    if (status != SS$_NORMAL)
-        return 0;
-#endif
-    CRYPTO_w_unlock(CRYPTO_LOCK_UI);
-
-    return 1;
-}
-
-#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
-/* Internal functions to handle signals and act on them */
-static void pushsig(void)
-{
-# ifndef OPENSSL_SYS_WIN32
-    int i;
-# endif
-# ifdef SIGACTION
-    struct sigaction sa;
-
-    memset(&sa, 0, sizeof sa);
-    sa.sa_handler = recsig;
-# endif
-
-# ifdef OPENSSL_SYS_WIN32
-    savsig[SIGABRT] = signal(SIGABRT, recsig);
-    savsig[SIGFPE] = signal(SIGFPE, recsig);
-    savsig[SIGILL] = signal(SIGILL, recsig);
-    savsig[SIGINT] = signal(SIGINT, recsig);
-    savsig[SIGSEGV] = signal(SIGSEGV, recsig);
-    savsig[SIGTERM] = signal(SIGTERM, recsig);
-# else
-    for (i = 1; i < NX509_SIG; i++) {
-#  ifdef SIGUSR1
-        if (i == SIGUSR1)
-            continue;
-#  endif
-#  ifdef SIGUSR2
-        if (i == SIGUSR2)
-            continue;
-#  endif
-#  ifdef SIGKILL
-        if (i == SIGKILL)       /* We can't make any action on that. */
-            continue;
-#  endif
-#  ifdef SIGACTION
-        sigaction(i, &sa, &savsig[i]);
-#  else
-        savsig[i] = signal(i, recsig);
-#  endif
-    }
-# endif
-
-# ifdef SIGWINCH
-    signal(SIGWINCH, SIG_DFL);
-# endif
-}
-
-static void popsig(void)
-{
-# ifdef OPENSSL_SYS_WIN32
-    signal(SIGABRT, savsig[SIGABRT]);
-    signal(SIGFPE, savsig[SIGFPE]);
-    signal(SIGILL, savsig[SIGILL]);
-    signal(SIGINT, savsig[SIGINT]);
-    signal(SIGSEGV, savsig[SIGSEGV]);
-    signal(SIGTERM, savsig[SIGTERM]);
-# else
-    int i;
-    for (i = 1; i < NX509_SIG; i++) {
-#  ifdef SIGUSR1
-        if (i == SIGUSR1)
-            continue;
-#  endif
-#  ifdef SIGUSR2
-        if (i == SIGUSR2)
-            continue;
-#  endif
-#  ifdef SIGACTION
-        sigaction(i, &savsig[i], NULL);
-#  else
-        signal(i, savsig[i]);
-#  endif
-    }
-# endif
-}
-
-static void recsig(int i)
-{
-    intr_signal = i;
-}
-#endif
-
-/* Internal functions specific for Windows */
-#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
-static int noecho_fgets(char *buf, int size, FILE *tty)
-{
-    int i;
-    char *p;
-
-    p = buf;
-    for (;;) {
-        if (size == 0) {
-            *p = '\0';
-            break;
-        }
-        size--;
-# ifdef WIN16TTY
-        i = _inchar();
-# elif defined(_WIN32)
-        i = _getch();
-# else
-        i = getch();
-# endif
-        if (i == '\r')
-            i = '\n';
-        *(p++) = i;
-        if (i == '\n') {
-            *p = '\0';
-            break;
-        }
-    }
-# ifdef WIN_CONSOLE_BUG
-    /*
-     * Win95 has several evil console bugs: one of these is that the last
-     * character read using getch() is passed to the next read: this is
-     * usually a CR so this can be trouble. No STDIO fix seems to work but
-     * flushing the console appears to do the trick.
-     */
-    {
-        HANDLE inh;
-        inh = GetStdHandle(STD_INPUT_HANDLE);
-        FlushConsoleInputBuffer(inh);
-    }
-# endif
-    return (strlen(buf));
-}
-#endif
diff --git a/thirdparty/openssl/crypto/ui/ui_util.c b/thirdparty/openssl/crypto/ui/ui_util.c
deleted file mode 100644
index 0f290115d0..0000000000
--- a/thirdparty/openssl/crypto/ui/ui_util.c
+++ /dev/null
@@ -1,93 +0,0 @@
-/* crypto/ui/ui_util.c */
-/* ====================================================================
- * Copyright (c) 2001-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-#include "ui_locl.h"
-
-int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt,
-                           int verify)
-{
-    char buff[BUFSIZ];
-    int ret;
-
-    ret =
-        UI_UTIL_read_pw(buf, buff, (length > BUFSIZ) ? BUFSIZ : length,
-                        prompt, verify);
-    OPENSSL_cleanse(buff, BUFSIZ);
-    return (ret);
-}
-
-int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt,
-                    int verify)
-{
-    int ok = 0;
-    UI *ui;
-
-    if (size < 1)
-        return -1;
-
-    ui = UI_new();
-    if (ui) {
-        ok = UI_add_input_string(ui, prompt, 0, buf, 0, size - 1);
-        if (ok >= 0 && verify)
-            ok = UI_add_verify_string(ui, prompt, 0, buff, 0, size - 1, buf);
-        if (ok >= 0)
-            ok = UI_process(ui);
-        UI_free(ui);
-    }
-    if (ok > 0)
-        ok = 0;
-    return (ok);
-}
diff --git a/thirdparty/openssl/crypto/uid.c b/thirdparty/openssl/crypto/uid.c
deleted file mode 100644
index 90694c6725..0000000000
--- a/thirdparty/openssl/crypto/uid.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/* crypto/uid.c */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/crypto.h>
-#include <openssl/opensslconf.h>
-
-#if defined(__OpenBSD__) || (defined(__FreeBSD__) && __FreeBSD__ > 2)
-
-# include OPENSSL_UNISTD
-
-int OPENSSL_issetugid(void)
-{
-    return issetugid();
-}
-
-#elif defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)
-
-int OPENSSL_issetugid(void)
-{
-    return 0;
-}
-
-#else
-
-# include OPENSSL_UNISTD
-# include <sys/types.h>
-
-int OPENSSL_issetugid(void)
-{
-    if (getuid() != geteuid())
-        return 1;
-    if (getgid() != getegid())
-        return 1;
-    return 0;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/vms_rms.h b/thirdparty/openssl/crypto/vms_rms.h
deleted file mode 100644
index 09c280e87b..0000000000
--- a/thirdparty/openssl/crypto/vms_rms.h
+++ /dev/null
@@ -1,50 +0,0 @@
-
-#ifdef NAML$C_MAXRSS
-
-# define CC_RMS_NAMX cc$rms_naml
-# define FAB_NAMX fab$l_naml
-# define FAB_OR_NAML( fab, naml) naml
-# define FAB_OR_NAML_DNA naml$l_long_defname
-# define FAB_OR_NAML_DNS naml$l_long_defname_size
-# define FAB_OR_NAML_FNA naml$l_long_filename
-# define FAB_OR_NAML_FNS naml$l_long_filename_size
-# define NAMX_ESA naml$l_long_expand
-# define NAMX_ESL naml$l_long_expand_size
-# define NAMX_ESS naml$l_long_expand_alloc
-# define NAMX_NOP naml$b_nop
-# define SET_NAMX_NO_SHORT_UPCASE( nam) nam.naml$v_no_short_upcase = 1
-
-# if __INITIAL_POINTER_SIZE == 64
-#  define NAMX_DNA_FNA_SET(fab) fab.fab$l_dna = (__char_ptr32) -1; \
-   fab.fab$l_fna = (__char_ptr32) -1;
-# else                          /* __INITIAL_POINTER_SIZE == 64 */
-#  define NAMX_DNA_FNA_SET(fab) fab.fab$l_dna = (char *) -1; \
-   fab.fab$l_fna = (char *) -1;
-# endif                         /* __INITIAL_POINTER_SIZE == 64 [else] */
-
-# define NAMX_MAXRSS NAML$C_MAXRSS
-# define NAMX_STRUCT NAML
-
-#else                           /* def NAML$C_MAXRSS */
-
-# define CC_RMS_NAMX cc$rms_nam
-# define FAB_NAMX fab$l_nam
-# define FAB_OR_NAML( fab, naml) fab
-# define FAB_OR_NAML_DNA fab$l_dna
-# define FAB_OR_NAML_DNS fab$b_dns
-# define FAB_OR_NAML_FNA fab$l_fna
-# define FAB_OR_NAML_FNS fab$b_fns
-# define NAMX_ESA nam$l_esa
-# define NAMX_ESL nam$b_esl
-# define NAMX_ESS nam$b_ess
-# define NAMX_NOP nam$b_nop
-# define NAMX_DNA_FNA_SET(fab)
-# define NAMX_MAXRSS NAM$C_MAXRSS
-# define NAMX_STRUCT NAM
-# ifdef NAM$M_NO_SHORT_UPCASE
-#  define SET_NAMX_NO_SHORT_UPCASE( nam) naml.naml$v_no_short_upcase = 1
-# else                          /* def NAM$M_NO_SHORT_UPCASE */
-#  define SET_NAMX_NO_SHORT_UPCASE( nam)
-# endif                         /* def NAM$M_NO_SHORT_UPCASE [else] */
-
-#endif                          /* def NAML$C_MAXRSS [else] */
diff --git a/thirdparty/openssl/crypto/whrlpool/wp_block.c b/thirdparty/openssl/crypto/whrlpool/wp_block.c
deleted file mode 100644
index 920430bd6c..0000000000
--- a/thirdparty/openssl/crypto/whrlpool/wp_block.c
+++ /dev/null
@@ -1,780 +0,0 @@
-/**
- * The Whirlpool hashing function.
- *
- * <P>
- * <b>References</b>
- *
- * <P>
- * The Whirlpool algorithm was developed by
- * <a href="mailto:pbarreto@scopus.com.br">Paulo S. L. M. Barreto</a> and
- * <a href="mailto:vincent.rijmen@cryptomathic.com">Vincent Rijmen</a>.
- *
- * See
- *      P.S.L.M. Barreto, V. Rijmen,
- *      ``The Whirlpool hashing function,''
- *      NESSIE submission, 2000 (tweaked version, 2001),
- *      <https://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/whirlpool.zip>
- *
- * Based on "@version 3.0 (2003.03.12)" by Paulo S.L.M. Barreto and
- * Vincent Rijmen. Lookup "reference implementations" on
- * <http://planeta.terra.com.br/informatica/paulobarreto/>
- *
- * =============================================================================
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
- * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
- * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
- * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
- * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include "wp_locl.h"
-#include <string.h>
-
-typedef unsigned char u8;
-#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32)
-typedef unsigned __int64 u64;
-#elif defined(__arch64__)
-typedef unsigned long u64;
-#else
-typedef unsigned long long u64;
-#endif
-
-#define ROUNDS  10
-
-#define STRICT_ALIGNMENT
-#if defined(__i386) || defined(__i386__) || \
-    defined(__x86_64) || defined(__x86_64__) || \
-    defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64)
-/*
- * Well, formally there're couple of other architectures, which permit
- * unaligned loads, specifically those not crossing cache lines, IA-64 and
- * PowerPC...
- */
-# undef STRICT_ALIGNMENT
-#endif
-
-#undef SMALL_REGISTER_BANK
-#if defined(__i386) || defined(__i386__) || defined(_M_IX86)
-# define SMALL_REGISTER_BANK
-# if defined(WHIRLPOOL_ASM)
-#  ifndef OPENSSL_SMALL_FOOTPRINT
-/*
- * it appears that for elder non-MMX
- * CPUs this is actually faster!
- */
-#   define OPENSSL_SMALL_FOOTPRINT
-#  endif
-#  define GO_FOR_MMX(ctx,inp,num)     do {                    \
-        extern unsigned int OPENSSL_ia32cap_P[];                \
-        void whirlpool_block_mmx(void *,const void *,size_t);   \
-        if (!(OPENSSL_ia32cap_P[0] & (1<<23)))  break;          \
-        whirlpool_block_mmx(ctx->H.c,inp,num);  return;         \
-                                        } while (0)
-# endif
-#endif
-
-#undef ROTATE
-#if defined(_MSC_VER)
-# if defined(_WIN64)            /* applies to both IA-64 and AMD64 */
-#  pragma intrinsic(_rotl64)
-#  define ROTATE(a,n) _rotl64((a),n)
-# endif
-#elif defined(__GNUC__) && __GNUC__>=2
-# if defined(__x86_64) || defined(__x86_64__)
-#  if defined(L_ENDIAN)
-#   define ROTATE(a,n)       ({ u64 ret; asm ("rolq %1,%0"   \
-                                   : "=r"(ret) : "J"(n),"0"(a) : "cc"); ret; })
-#  elif defined(B_ENDIAN)
-       /*
-        * Most will argue that x86_64 is always little-endian. Well, yes, but
-        * then we have stratus.com who has modified gcc to "emulate"
-        * big-endian on x86. Is there evidence that they [or somebody else]
-        * won't do same for x86_64? Naturally no. And this line is waiting
-        * ready for that brave soul:-)
-        */
-#   define ROTATE(a,n)       ({ u64 ret; asm ("rorq %1,%0"   \
-                                   : "=r"(ret) : "J"(n),"0"(a) : "cc"); ret; })
-#  endif
-# elif defined(__ia64) || defined(__ia64__)
-#  if defined(L_ENDIAN)
-#   define ROTATE(a,n)       ({ u64 ret; asm ("shrp %0=%1,%1,%2"     \
-                                   : "=r"(ret) : "r"(a),"M"(64-(n))); ret; })
-#  elif defined(B_ENDIAN)
-#   define ROTATE(a,n)       ({ u64 ret; asm ("shrp %0=%1,%1,%2"     \
-                                   : "=r"(ret) : "r"(a),"M"(n)); ret; })
-#  endif
-# endif
-#endif
-
-#if defined(OPENSSL_SMALL_FOOTPRINT)
-# if !defined(ROTATE)
-#  if defined(L_ENDIAN)         /* little-endians have to rotate left */
-#   define ROTATE(i,n)       ((i)<<(n) ^ (i)>>(64-n))
-#  elif defined(B_ENDIAN)       /* big-endians have to rotate right */
-#   define ROTATE(i,n)       ((i)>>(n) ^ (i)<<(64-n))
-#  endif
-# endif
-# if defined(ROTATE) && !defined(STRICT_ALIGNMENT)
-#  define STRICT_ALIGNMENT      /* ensure smallest table size */
-# endif
-#endif
-
-/*
- * Table size depends on STRICT_ALIGNMENT and whether or not endian-
- * specific ROTATE macro is defined. If STRICT_ALIGNMENT is not
- * defined, which is normally the case on x86[_64] CPUs, the table is
- * 4KB large unconditionally. Otherwise if ROTATE is defined, the
- * table is 2KB large, and otherwise - 16KB. 2KB table requires a
- * whole bunch of additional rotations, but I'm willing to "trade,"
- * because 16KB table certainly trashes L1 cache. I wish all CPUs
- * could handle unaligned load as 4KB table doesn't trash the cache,
- * nor does it require additional rotations.
- */
-/*
- * Note that every Cn macro expands as two loads: one byte load and
- * one quadword load. One can argue that that many single-byte loads
- * is too excessive, as one could load a quadword and "milk" it for
- * eight 8-bit values instead. Well, yes, but in order to do so *and*
- * avoid excessive loads you have to accomodate a handful of 64-bit
- * values in the register bank and issue a bunch of shifts and mask.
- * It's a tradeoff: loads vs. shift and mask in big register bank[!].
- * On most CPUs eight single-byte loads are faster and I let other
- * ones to depend on smart compiler to fold byte loads if beneficial.
- * Hand-coded assembler would be another alternative:-)
- */
-#ifdef STRICT_ALIGNMENT
-# if defined(ROTATE)
-#  define N   1
-#  define LL(c0,c1,c2,c3,c4,c5,c6,c7) c0,c1,c2,c3,c4,c5,c6,c7
-#  define C0(K,i)     (Cx.q[K.c[(i)*8+0]])
-#  define C1(K,i)     ROTATE(Cx.q[K.c[(i)*8+1]],8)
-#  define C2(K,i)     ROTATE(Cx.q[K.c[(i)*8+2]],16)
-#  define C3(K,i)     ROTATE(Cx.q[K.c[(i)*8+3]],24)
-#  define C4(K,i)     ROTATE(Cx.q[K.c[(i)*8+4]],32)
-#  define C5(K,i)     ROTATE(Cx.q[K.c[(i)*8+5]],40)
-#  define C6(K,i)     ROTATE(Cx.q[K.c[(i)*8+6]],48)
-#  define C7(K,i)     ROTATE(Cx.q[K.c[(i)*8+7]],56)
-# else
-#  define N   8
-#  define LL(c0,c1,c2,c3,c4,c5,c6,c7) c0,c1,c2,c3,c4,c5,c6,c7, \
-                                        c7,c0,c1,c2,c3,c4,c5,c6, \
-                                        c6,c7,c0,c1,c2,c3,c4,c5, \
-                                        c5,c6,c7,c0,c1,c2,c3,c4, \
-                                        c4,c5,c6,c7,c0,c1,c2,c3, \
-                                        c3,c4,c5,c6,c7,c0,c1,c2, \
-                                        c2,c3,c4,c5,c6,c7,c0,c1, \
-                                        c1,c2,c3,c4,c5,c6,c7,c0
-#  define C0(K,i)     (Cx.q[0+8*K.c[(i)*8+0]])
-#  define C1(K,i)     (Cx.q[1+8*K.c[(i)*8+1]])
-#  define C2(K,i)     (Cx.q[2+8*K.c[(i)*8+2]])
-#  define C3(K,i)     (Cx.q[3+8*K.c[(i)*8+3]])
-#  define C4(K,i)     (Cx.q[4+8*K.c[(i)*8+4]])
-#  define C5(K,i)     (Cx.q[5+8*K.c[(i)*8+5]])
-#  define C6(K,i)     (Cx.q[6+8*K.c[(i)*8+6]])
-#  define C7(K,i)     (Cx.q[7+8*K.c[(i)*8+7]])
-# endif
-#else
-# define N     2
-# define LL(c0,c1,c2,c3,c4,c5,c6,c7)   c0,c1,c2,c3,c4,c5,c6,c7, \
-                                        c0,c1,c2,c3,c4,c5,c6,c7
-# define C0(K,i)       (((u64*)(Cx.c+0))[2*K.c[(i)*8+0]])
-# define C1(K,i)       (((u64*)(Cx.c+7))[2*K.c[(i)*8+1]])
-# define C2(K,i)       (((u64*)(Cx.c+6))[2*K.c[(i)*8+2]])
-# define C3(K,i)       (((u64*)(Cx.c+5))[2*K.c[(i)*8+3]])
-# define C4(K,i)       (((u64*)(Cx.c+4))[2*K.c[(i)*8+4]])
-# define C5(K,i)       (((u64*)(Cx.c+3))[2*K.c[(i)*8+5]])
-# define C6(K,i)       (((u64*)(Cx.c+2))[2*K.c[(i)*8+6]])
-# define C7(K,i)       (((u64*)(Cx.c+1))[2*K.c[(i)*8+7]])
-#endif
-
-static const
-    union {
-    u8 c[(256 * N + ROUNDS) * sizeof(u64)];
-    u64 q[(256 * N + ROUNDS)];
-} Cx = {
-        {
-            /* Note endian-neutral representation:-) */
-            LL(0x18, 0x18, 0x60, 0x18, 0xc0, 0x78, 0x30, 0xd8),
-            LL(0x23, 0x23, 0x8c, 0x23, 0x05, 0xaf, 0x46, 0x26),
-            LL(0xc6, 0xc6, 0x3f, 0xc6, 0x7e, 0xf9, 0x91, 0xb8),
-            LL(0xe8, 0xe8, 0x87, 0xe8, 0x13, 0x6f, 0xcd, 0xfb),
-            LL(0x87, 0x87, 0x26, 0x87, 0x4c, 0xa1, 0x13, 0xcb),
-            LL(0xb8, 0xb8, 0xda, 0xb8, 0xa9, 0x62, 0x6d, 0x11),
-            LL(0x01, 0x01, 0x04, 0x01, 0x08, 0x05, 0x02, 0x09),
-            LL(0x4f, 0x4f, 0x21, 0x4f, 0x42, 0x6e, 0x9e, 0x0d),
-            LL(0x36, 0x36, 0xd8, 0x36, 0xad, 0xee, 0x6c, 0x9b),
-            LL(0xa6, 0xa6, 0xa2, 0xa6, 0x59, 0x04, 0x51, 0xff),
-            LL(0xd2, 0xd2, 0x6f, 0xd2, 0xde, 0xbd, 0xb9, 0x0c),
-            LL(0xf5, 0xf5, 0xf3, 0xf5, 0xfb, 0x06, 0xf7, 0x0e),
-            LL(0x79, 0x79, 0xf9, 0x79, 0xef, 0x80, 0xf2, 0x96),
-            LL(0x6f, 0x6f, 0xa1, 0x6f, 0x5f, 0xce, 0xde, 0x30),
-            LL(0x91, 0x91, 0x7e, 0x91, 0xfc, 0xef, 0x3f, 0x6d),
-            LL(0x52, 0x52, 0x55, 0x52, 0xaa, 0x07, 0xa4, 0xf8),
-            LL(0x60, 0x60, 0x9d, 0x60, 0x27, 0xfd, 0xc0, 0x47),
-            LL(0xbc, 0xbc, 0xca, 0xbc, 0x89, 0x76, 0x65, 0x35),
-            LL(0x9b, 0x9b, 0x56, 0x9b, 0xac, 0xcd, 0x2b, 0x37),
-            LL(0x8e, 0x8e, 0x02, 0x8e, 0x04, 0x8c, 0x01, 0x8a),
-            LL(0xa3, 0xa3, 0xb6, 0xa3, 0x71, 0x15, 0x5b, 0xd2),
-            LL(0x0c, 0x0c, 0x30, 0x0c, 0x60, 0x3c, 0x18, 0x6c),
-            LL(0x7b, 0x7b, 0xf1, 0x7b, 0xff, 0x8a, 0xf6, 0x84),
-            LL(0x35, 0x35, 0xd4, 0x35, 0xb5, 0xe1, 0x6a, 0x80),
-            LL(0x1d, 0x1d, 0x74, 0x1d, 0xe8, 0x69, 0x3a, 0xf5),
-            LL(0xe0, 0xe0, 0xa7, 0xe0, 0x53, 0x47, 0xdd, 0xb3),
-            LL(0xd7, 0xd7, 0x7b, 0xd7, 0xf6, 0xac, 0xb3, 0x21),
-            LL(0xc2, 0xc2, 0x2f, 0xc2, 0x5e, 0xed, 0x99, 0x9c),
-            LL(0x2e, 0x2e, 0xb8, 0x2e, 0x6d, 0x96, 0x5c, 0x43),
-            LL(0x4b, 0x4b, 0x31, 0x4b, 0x62, 0x7a, 0x96, 0x29),
-            LL(0xfe, 0xfe, 0xdf, 0xfe, 0xa3, 0x21, 0xe1, 0x5d),
-            LL(0x57, 0x57, 0x41, 0x57, 0x82, 0x16, 0xae, 0xd5),
-            LL(0x15, 0x15, 0x54, 0x15, 0xa8, 0x41, 0x2a, 0xbd),
-            LL(0x77, 0x77, 0xc1, 0x77, 0x9f, 0xb6, 0xee, 0xe8),
-            LL(0x37, 0x37, 0xdc, 0x37, 0xa5, 0xeb, 0x6e, 0x92),
-            LL(0xe5, 0xe5, 0xb3, 0xe5, 0x7b, 0x56, 0xd7, 0x9e),
-            LL(0x9f, 0x9f, 0x46, 0x9f, 0x8c, 0xd9, 0x23, 0x13),
-            LL(0xf0, 0xf0, 0xe7, 0xf0, 0xd3, 0x17, 0xfd, 0x23),
-            LL(0x4a, 0x4a, 0x35, 0x4a, 0x6a, 0x7f, 0x94, 0x20),
-            LL(0xda, 0xda, 0x4f, 0xda, 0x9e, 0x95, 0xa9, 0x44),
-            LL(0x58, 0x58, 0x7d, 0x58, 0xfa, 0x25, 0xb0, 0xa2),
-            LL(0xc9, 0xc9, 0x03, 0xc9, 0x06, 0xca, 0x8f, 0xcf),
-            LL(0x29, 0x29, 0xa4, 0x29, 0x55, 0x8d, 0x52, 0x7c),
-            LL(0x0a, 0x0a, 0x28, 0x0a, 0x50, 0x22, 0x14, 0x5a),
-            LL(0xb1, 0xb1, 0xfe, 0xb1, 0xe1, 0x4f, 0x7f, 0x50),
-            LL(0xa0, 0xa0, 0xba, 0xa0, 0x69, 0x1a, 0x5d, 0xc9),
-            LL(0x6b, 0x6b, 0xb1, 0x6b, 0x7f, 0xda, 0xd6, 0x14),
-            LL(0x85, 0x85, 0x2e, 0x85, 0x5c, 0xab, 0x17, 0xd9),
-            LL(0xbd, 0xbd, 0xce, 0xbd, 0x81, 0x73, 0x67, 0x3c),
-            LL(0x5d, 0x5d, 0x69, 0x5d, 0xd2, 0x34, 0xba, 0x8f),
-            LL(0x10, 0x10, 0x40, 0x10, 0x80, 0x50, 0x20, 0x90),
-            LL(0xf4, 0xf4, 0xf7, 0xf4, 0xf3, 0x03, 0xf5, 0x07),
-            LL(0xcb, 0xcb, 0x0b, 0xcb, 0x16, 0xc0, 0x8b, 0xdd),
-            LL(0x3e, 0x3e, 0xf8, 0x3e, 0xed, 0xc6, 0x7c, 0xd3),
-            LL(0x05, 0x05, 0x14, 0x05, 0x28, 0x11, 0x0a, 0x2d),
-            LL(0x67, 0x67, 0x81, 0x67, 0x1f, 0xe6, 0xce, 0x78),
-            LL(0xe4, 0xe4, 0xb7, 0xe4, 0x73, 0x53, 0xd5, 0x97),
-            LL(0x27, 0x27, 0x9c, 0x27, 0x25, 0xbb, 0x4e, 0x02),
-            LL(0x41, 0x41, 0x19, 0x41, 0x32, 0x58, 0x82, 0x73),
-            LL(0x8b, 0x8b, 0x16, 0x8b, 0x2c, 0x9d, 0x0b, 0xa7),
-            LL(0xa7, 0xa7, 0xa6, 0xa7, 0x51, 0x01, 0x53, 0xf6),
-            LL(0x7d, 0x7d, 0xe9, 0x7d, 0xcf, 0x94, 0xfa, 0xb2),
-            LL(0x95, 0x95, 0x6e, 0x95, 0xdc, 0xfb, 0x37, 0x49),
-            LL(0xd8, 0xd8, 0x47, 0xd8, 0x8e, 0x9f, 0xad, 0x56),
-            LL(0xfb, 0xfb, 0xcb, 0xfb, 0x8b, 0x30, 0xeb, 0x70),
-            LL(0xee, 0xee, 0x9f, 0xee, 0x23, 0x71, 0xc1, 0xcd),
-            LL(0x7c, 0x7c, 0xed, 0x7c, 0xc7, 0x91, 0xf8, 0xbb),
-            LL(0x66, 0x66, 0x85, 0x66, 0x17, 0xe3, 0xcc, 0x71),
-            LL(0xdd, 0xdd, 0x53, 0xdd, 0xa6, 0x8e, 0xa7, 0x7b),
-            LL(0x17, 0x17, 0x5c, 0x17, 0xb8, 0x4b, 0x2e, 0xaf),
-            LL(0x47, 0x47, 0x01, 0x47, 0x02, 0x46, 0x8e, 0x45),
-            LL(0x9e, 0x9e, 0x42, 0x9e, 0x84, 0xdc, 0x21, 0x1a),
-            LL(0xca, 0xca, 0x0f, 0xca, 0x1e, 0xc5, 0x89, 0xd4),
-            LL(0x2d, 0x2d, 0xb4, 0x2d, 0x75, 0x99, 0x5a, 0x58),
-            LL(0xbf, 0xbf, 0xc6, 0xbf, 0x91, 0x79, 0x63, 0x2e),
-            LL(0x07, 0x07, 0x1c, 0x07, 0x38, 0x1b, 0x0e, 0x3f),
-            LL(0xad, 0xad, 0x8e, 0xad, 0x01, 0x23, 0x47, 0xac),
-            LL(0x5a, 0x5a, 0x75, 0x5a, 0xea, 0x2f, 0xb4, 0xb0),
-            LL(0x83, 0x83, 0x36, 0x83, 0x6c, 0xb5, 0x1b, 0xef),
-            LL(0x33, 0x33, 0xcc, 0x33, 0x85, 0xff, 0x66, 0xb6),
-            LL(0x63, 0x63, 0x91, 0x63, 0x3f, 0xf2, 0xc6, 0x5c),
-            LL(0x02, 0x02, 0x08, 0x02, 0x10, 0x0a, 0x04, 0x12),
-            LL(0xaa, 0xaa, 0x92, 0xaa, 0x39, 0x38, 0x49, 0x93),
-            LL(0x71, 0x71, 0xd9, 0x71, 0xaf, 0xa8, 0xe2, 0xde),
-            LL(0xc8, 0xc8, 0x07, 0xc8, 0x0e, 0xcf, 0x8d, 0xc6),
-            LL(0x19, 0x19, 0x64, 0x19, 0xc8, 0x7d, 0x32, 0xd1),
-            LL(0x49, 0x49, 0x39, 0x49, 0x72, 0x70, 0x92, 0x3b),
-            LL(0xd9, 0xd9, 0x43, 0xd9, 0x86, 0x9a, 0xaf, 0x5f),
-            LL(0xf2, 0xf2, 0xef, 0xf2, 0xc3, 0x1d, 0xf9, 0x31),
-            LL(0xe3, 0xe3, 0xab, 0xe3, 0x4b, 0x48, 0xdb, 0xa8),
-            LL(0x5b, 0x5b, 0x71, 0x5b, 0xe2, 0x2a, 0xb6, 0xb9),
-            LL(0x88, 0x88, 0x1a, 0x88, 0x34, 0x92, 0x0d, 0xbc),
-            LL(0x9a, 0x9a, 0x52, 0x9a, 0xa4, 0xc8, 0x29, 0x3e),
-            LL(0x26, 0x26, 0x98, 0x26, 0x2d, 0xbe, 0x4c, 0x0b),
-            LL(0x32, 0x32, 0xc8, 0x32, 0x8d, 0xfa, 0x64, 0xbf),
-            LL(0xb0, 0xb0, 0xfa, 0xb0, 0xe9, 0x4a, 0x7d, 0x59),
-            LL(0xe9, 0xe9, 0x83, 0xe9, 0x1b, 0x6a, 0xcf, 0xf2),
-            LL(0x0f, 0x0f, 0x3c, 0x0f, 0x78, 0x33, 0x1e, 0x77),
-            LL(0xd5, 0xd5, 0x73, 0xd5, 0xe6, 0xa6, 0xb7, 0x33),
-            LL(0x80, 0x80, 0x3a, 0x80, 0x74, 0xba, 0x1d, 0xf4),
-            LL(0xbe, 0xbe, 0xc2, 0xbe, 0x99, 0x7c, 0x61, 0x27),
-            LL(0xcd, 0xcd, 0x13, 0xcd, 0x26, 0xde, 0x87, 0xeb),
-            LL(0x34, 0x34, 0xd0, 0x34, 0xbd, 0xe4, 0x68, 0x89),
-            LL(0x48, 0x48, 0x3d, 0x48, 0x7a, 0x75, 0x90, 0x32),
-            LL(0xff, 0xff, 0xdb, 0xff, 0xab, 0x24, 0xe3, 0x54),
-            LL(0x7a, 0x7a, 0xf5, 0x7a, 0xf7, 0x8f, 0xf4, 0x8d),
-            LL(0x90, 0x90, 0x7a, 0x90, 0xf4, 0xea, 0x3d, 0x64),
-            LL(0x5f, 0x5f, 0x61, 0x5f, 0xc2, 0x3e, 0xbe, 0x9d),
-            LL(0x20, 0x20, 0x80, 0x20, 0x1d, 0xa0, 0x40, 0x3d),
-            LL(0x68, 0x68, 0xbd, 0x68, 0x67, 0xd5, 0xd0, 0x0f),
-            LL(0x1a, 0x1a, 0x68, 0x1a, 0xd0, 0x72, 0x34, 0xca),
-            LL(0xae, 0xae, 0x82, 0xae, 0x19, 0x2c, 0x41, 0xb7),
-            LL(0xb4, 0xb4, 0xea, 0xb4, 0xc9, 0x5e, 0x75, 0x7d),
-            LL(0x54, 0x54, 0x4d, 0x54, 0x9a, 0x19, 0xa8, 0xce),
-            LL(0x93, 0x93, 0x76, 0x93, 0xec, 0xe5, 0x3b, 0x7f),
-            LL(0x22, 0x22, 0x88, 0x22, 0x0d, 0xaa, 0x44, 0x2f),
-            LL(0x64, 0x64, 0x8d, 0x64, 0x07, 0xe9, 0xc8, 0x63),
-            LL(0xf1, 0xf1, 0xe3, 0xf1, 0xdb, 0x12, 0xff, 0x2a),
-            LL(0x73, 0x73, 0xd1, 0x73, 0xbf, 0xa2, 0xe6, 0xcc),
-            LL(0x12, 0x12, 0x48, 0x12, 0x90, 0x5a, 0x24, 0x82),
-            LL(0x40, 0x40, 0x1d, 0x40, 0x3a, 0x5d, 0x80, 0x7a),
-            LL(0x08, 0x08, 0x20, 0x08, 0x40, 0x28, 0x10, 0x48),
-            LL(0xc3, 0xc3, 0x2b, 0xc3, 0x56, 0xe8, 0x9b, 0x95),
-            LL(0xec, 0xec, 0x97, 0xec, 0x33, 0x7b, 0xc5, 0xdf),
-            LL(0xdb, 0xdb, 0x4b, 0xdb, 0x96, 0x90, 0xab, 0x4d),
-            LL(0xa1, 0xa1, 0xbe, 0xa1, 0x61, 0x1f, 0x5f, 0xc0),
-            LL(0x8d, 0x8d, 0x0e, 0x8d, 0x1c, 0x83, 0x07, 0x91),
-            LL(0x3d, 0x3d, 0xf4, 0x3d, 0xf5, 0xc9, 0x7a, 0xc8),
-            LL(0x97, 0x97, 0x66, 0x97, 0xcc, 0xf1, 0x33, 0x5b),
-            LL(0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00),
-            LL(0xcf, 0xcf, 0x1b, 0xcf, 0x36, 0xd4, 0x83, 0xf9),
-            LL(0x2b, 0x2b, 0xac, 0x2b, 0x45, 0x87, 0x56, 0x6e),
-            LL(0x76, 0x76, 0xc5, 0x76, 0x97, 0xb3, 0xec, 0xe1),
-            LL(0x82, 0x82, 0x32, 0x82, 0x64, 0xb0, 0x19, 0xe6),
-            LL(0xd6, 0xd6, 0x7f, 0xd6, 0xfe, 0xa9, 0xb1, 0x28),
-            LL(0x1b, 0x1b, 0x6c, 0x1b, 0xd8, 0x77, 0x36, 0xc3),
-            LL(0xb5, 0xb5, 0xee, 0xb5, 0xc1, 0x5b, 0x77, 0x74),
-            LL(0xaf, 0xaf, 0x86, 0xaf, 0x11, 0x29, 0x43, 0xbe),
-            LL(0x6a, 0x6a, 0xb5, 0x6a, 0x77, 0xdf, 0xd4, 0x1d),
-            LL(0x50, 0x50, 0x5d, 0x50, 0xba, 0x0d, 0xa0, 0xea),
-            LL(0x45, 0x45, 0x09, 0x45, 0x12, 0x4c, 0x8a, 0x57),
-            LL(0xf3, 0xf3, 0xeb, 0xf3, 0xcb, 0x18, 0xfb, 0x38),
-            LL(0x30, 0x30, 0xc0, 0x30, 0x9d, 0xf0, 0x60, 0xad),
-            LL(0xef, 0xef, 0x9b, 0xef, 0x2b, 0x74, 0xc3, 0xc4),
-            LL(0x3f, 0x3f, 0xfc, 0x3f, 0xe5, 0xc3, 0x7e, 0xda),
-            LL(0x55, 0x55, 0x49, 0x55, 0x92, 0x1c, 0xaa, 0xc7),
-            LL(0xa2, 0xa2, 0xb2, 0xa2, 0x79, 0x10, 0x59, 0xdb),
-            LL(0xea, 0xea, 0x8f, 0xea, 0x03, 0x65, 0xc9, 0xe9),
-            LL(0x65, 0x65, 0x89, 0x65, 0x0f, 0xec, 0xca, 0x6a),
-            LL(0xba, 0xba, 0xd2, 0xba, 0xb9, 0x68, 0x69, 0x03),
-            LL(0x2f, 0x2f, 0xbc, 0x2f, 0x65, 0x93, 0x5e, 0x4a),
-            LL(0xc0, 0xc0, 0x27, 0xc0, 0x4e, 0xe7, 0x9d, 0x8e),
-            LL(0xde, 0xde, 0x5f, 0xde, 0xbe, 0x81, 0xa1, 0x60),
-            LL(0x1c, 0x1c, 0x70, 0x1c, 0xe0, 0x6c, 0x38, 0xfc),
-            LL(0xfd, 0xfd, 0xd3, 0xfd, 0xbb, 0x2e, 0xe7, 0x46),
-            LL(0x4d, 0x4d, 0x29, 0x4d, 0x52, 0x64, 0x9a, 0x1f),
-            LL(0x92, 0x92, 0x72, 0x92, 0xe4, 0xe0, 0x39, 0x76),
-            LL(0x75, 0x75, 0xc9, 0x75, 0x8f, 0xbc, 0xea, 0xfa),
-            LL(0x06, 0x06, 0x18, 0x06, 0x30, 0x1e, 0x0c, 0x36),
-            LL(0x8a, 0x8a, 0x12, 0x8a, 0x24, 0x98, 0x09, 0xae),
-            LL(0xb2, 0xb2, 0xf2, 0xb2, 0xf9, 0x40, 0x79, 0x4b),
-            LL(0xe6, 0xe6, 0xbf, 0xe6, 0x63, 0x59, 0xd1, 0x85),
-            LL(0x0e, 0x0e, 0x38, 0x0e, 0x70, 0x36, 0x1c, 0x7e),
-            LL(0x1f, 0x1f, 0x7c, 0x1f, 0xf8, 0x63, 0x3e, 0xe7),
-            LL(0x62, 0x62, 0x95, 0x62, 0x37, 0xf7, 0xc4, 0x55),
-            LL(0xd4, 0xd4, 0x77, 0xd4, 0xee, 0xa3, 0xb5, 0x3a),
-            LL(0xa8, 0xa8, 0x9a, 0xa8, 0x29, 0x32, 0x4d, 0x81),
-            LL(0x96, 0x96, 0x62, 0x96, 0xc4, 0xf4, 0x31, 0x52),
-            LL(0xf9, 0xf9, 0xc3, 0xf9, 0x9b, 0x3a, 0xef, 0x62),
-            LL(0xc5, 0xc5, 0x33, 0xc5, 0x66, 0xf6, 0x97, 0xa3),
-            LL(0x25, 0x25, 0x94, 0x25, 0x35, 0xb1, 0x4a, 0x10),
-            LL(0x59, 0x59, 0x79, 0x59, 0xf2, 0x20, 0xb2, 0xab),
-            LL(0x84, 0x84, 0x2a, 0x84, 0x54, 0xae, 0x15, 0xd0),
-            LL(0x72, 0x72, 0xd5, 0x72, 0xb7, 0xa7, 0xe4, 0xc5),
-            LL(0x39, 0x39, 0xe4, 0x39, 0xd5, 0xdd, 0x72, 0xec),
-            LL(0x4c, 0x4c, 0x2d, 0x4c, 0x5a, 0x61, 0x98, 0x16),
-            LL(0x5e, 0x5e, 0x65, 0x5e, 0xca, 0x3b, 0xbc, 0x94),
-            LL(0x78, 0x78, 0xfd, 0x78, 0xe7, 0x85, 0xf0, 0x9f),
-            LL(0x38, 0x38, 0xe0, 0x38, 0xdd, 0xd8, 0x70, 0xe5),
-            LL(0x8c, 0x8c, 0x0a, 0x8c, 0x14, 0x86, 0x05, 0x98),
-            LL(0xd1, 0xd1, 0x63, 0xd1, 0xc6, 0xb2, 0xbf, 0x17),
-            LL(0xa5, 0xa5, 0xae, 0xa5, 0x41, 0x0b, 0x57, 0xe4),
-            LL(0xe2, 0xe2, 0xaf, 0xe2, 0x43, 0x4d, 0xd9, 0xa1),
-            LL(0x61, 0x61, 0x99, 0x61, 0x2f, 0xf8, 0xc2, 0x4e),
-            LL(0xb3, 0xb3, 0xf6, 0xb3, 0xf1, 0x45, 0x7b, 0x42),
-            LL(0x21, 0x21, 0x84, 0x21, 0x15, 0xa5, 0x42, 0x34),
-            LL(0x9c, 0x9c, 0x4a, 0x9c, 0x94, 0xd6, 0x25, 0x08),
-            LL(0x1e, 0x1e, 0x78, 0x1e, 0xf0, 0x66, 0x3c, 0xee),
-            LL(0x43, 0x43, 0x11, 0x43, 0x22, 0x52, 0x86, 0x61),
-            LL(0xc7, 0xc7, 0x3b, 0xc7, 0x76, 0xfc, 0x93, 0xb1),
-            LL(0xfc, 0xfc, 0xd7, 0xfc, 0xb3, 0x2b, 0xe5, 0x4f),
-            LL(0x04, 0x04, 0x10, 0x04, 0x20, 0x14, 0x08, 0x24),
-            LL(0x51, 0x51, 0x59, 0x51, 0xb2, 0x08, 0xa2, 0xe3),
-            LL(0x99, 0x99, 0x5e, 0x99, 0xbc, 0xc7, 0x2f, 0x25),
-            LL(0x6d, 0x6d, 0xa9, 0x6d, 0x4f, 0xc4, 0xda, 0x22),
-            LL(0x0d, 0x0d, 0x34, 0x0d, 0x68, 0x39, 0x1a, 0x65),
-            LL(0xfa, 0xfa, 0xcf, 0xfa, 0x83, 0x35, 0xe9, 0x79),
-            LL(0xdf, 0xdf, 0x5b, 0xdf, 0xb6, 0x84, 0xa3, 0x69),
-            LL(0x7e, 0x7e, 0xe5, 0x7e, 0xd7, 0x9b, 0xfc, 0xa9),
-            LL(0x24, 0x24, 0x90, 0x24, 0x3d, 0xb4, 0x48, 0x19),
-            LL(0x3b, 0x3b, 0xec, 0x3b, 0xc5, 0xd7, 0x76, 0xfe),
-            LL(0xab, 0xab, 0x96, 0xab, 0x31, 0x3d, 0x4b, 0x9a),
-            LL(0xce, 0xce, 0x1f, 0xce, 0x3e, 0xd1, 0x81, 0xf0),
-            LL(0x11, 0x11, 0x44, 0x11, 0x88, 0x55, 0x22, 0x99),
-            LL(0x8f, 0x8f, 0x06, 0x8f, 0x0c, 0x89, 0x03, 0x83),
-            LL(0x4e, 0x4e, 0x25, 0x4e, 0x4a, 0x6b, 0x9c, 0x04),
-            LL(0xb7, 0xb7, 0xe6, 0xb7, 0xd1, 0x51, 0x73, 0x66),
-            LL(0xeb, 0xeb, 0x8b, 0xeb, 0x0b, 0x60, 0xcb, 0xe0),
-            LL(0x3c, 0x3c, 0xf0, 0x3c, 0xfd, 0xcc, 0x78, 0xc1),
-            LL(0x81, 0x81, 0x3e, 0x81, 0x7c, 0xbf, 0x1f, 0xfd),
-            LL(0x94, 0x94, 0x6a, 0x94, 0xd4, 0xfe, 0x35, 0x40),
-            LL(0xf7, 0xf7, 0xfb, 0xf7, 0xeb, 0x0c, 0xf3, 0x1c),
-            LL(0xb9, 0xb9, 0xde, 0xb9, 0xa1, 0x67, 0x6f, 0x18),
-            LL(0x13, 0x13, 0x4c, 0x13, 0x98, 0x5f, 0x26, 0x8b),
-            LL(0x2c, 0x2c, 0xb0, 0x2c, 0x7d, 0x9c, 0x58, 0x51),
-            LL(0xd3, 0xd3, 0x6b, 0xd3, 0xd6, 0xb8, 0xbb, 0x05),
-            LL(0xe7, 0xe7, 0xbb, 0xe7, 0x6b, 0x5c, 0xd3, 0x8c),
-            LL(0x6e, 0x6e, 0xa5, 0x6e, 0x57, 0xcb, 0xdc, 0x39),
-            LL(0xc4, 0xc4, 0x37, 0xc4, 0x6e, 0xf3, 0x95, 0xaa),
-            LL(0x03, 0x03, 0x0c, 0x03, 0x18, 0x0f, 0x06, 0x1b),
-            LL(0x56, 0x56, 0x45, 0x56, 0x8a, 0x13, 0xac, 0xdc),
-            LL(0x44, 0x44, 0x0d, 0x44, 0x1a, 0x49, 0x88, 0x5e),
-            LL(0x7f, 0x7f, 0xe1, 0x7f, 0xdf, 0x9e, 0xfe, 0xa0),
-            LL(0xa9, 0xa9, 0x9e, 0xa9, 0x21, 0x37, 0x4f, 0x88),
-            LL(0x2a, 0x2a, 0xa8, 0x2a, 0x4d, 0x82, 0x54, 0x67),
-            LL(0xbb, 0xbb, 0xd6, 0xbb, 0xb1, 0x6d, 0x6b, 0x0a),
-            LL(0xc1, 0xc1, 0x23, 0xc1, 0x46, 0xe2, 0x9f, 0x87),
-            LL(0x53, 0x53, 0x51, 0x53, 0xa2, 0x02, 0xa6, 0xf1),
-            LL(0xdc, 0xdc, 0x57, 0xdc, 0xae, 0x8b, 0xa5, 0x72),
-            LL(0x0b, 0x0b, 0x2c, 0x0b, 0x58, 0x27, 0x16, 0x53),
-            LL(0x9d, 0x9d, 0x4e, 0x9d, 0x9c, 0xd3, 0x27, 0x01),
-            LL(0x6c, 0x6c, 0xad, 0x6c, 0x47, 0xc1, 0xd8, 0x2b),
-            LL(0x31, 0x31, 0xc4, 0x31, 0x95, 0xf5, 0x62, 0xa4),
-            LL(0x74, 0x74, 0xcd, 0x74, 0x87, 0xb9, 0xe8, 0xf3),
-            LL(0xf6, 0xf6, 0xff, 0xf6, 0xe3, 0x09, 0xf1, 0x15),
-            LL(0x46, 0x46, 0x05, 0x46, 0x0a, 0x43, 0x8c, 0x4c),
-            LL(0xac, 0xac, 0x8a, 0xac, 0x09, 0x26, 0x45, 0xa5),
-            LL(0x89, 0x89, 0x1e, 0x89, 0x3c, 0x97, 0x0f, 0xb5),
-            LL(0x14, 0x14, 0x50, 0x14, 0xa0, 0x44, 0x28, 0xb4),
-            LL(0xe1, 0xe1, 0xa3, 0xe1, 0x5b, 0x42, 0xdf, 0xba),
-            LL(0x16, 0x16, 0x58, 0x16, 0xb0, 0x4e, 0x2c, 0xa6),
-            LL(0x3a, 0x3a, 0xe8, 0x3a, 0xcd, 0xd2, 0x74, 0xf7),
-            LL(0x69, 0x69, 0xb9, 0x69, 0x6f, 0xd0, 0xd2, 0x06),
-            LL(0x09, 0x09, 0x24, 0x09, 0x48, 0x2d, 0x12, 0x41),
-            LL(0x70, 0x70, 0xdd, 0x70, 0xa7, 0xad, 0xe0, 0xd7),
-            LL(0xb6, 0xb6, 0xe2, 0xb6, 0xd9, 0x54, 0x71, 0x6f),
-            LL(0xd0, 0xd0, 0x67, 0xd0, 0xce, 0xb7, 0xbd, 0x1e),
-            LL(0xed, 0xed, 0x93, 0xed, 0x3b, 0x7e, 0xc7, 0xd6),
-            LL(0xcc, 0xcc, 0x17, 0xcc, 0x2e, 0xdb, 0x85, 0xe2),
-            LL(0x42, 0x42, 0x15, 0x42, 0x2a, 0x57, 0x84, 0x68),
-            LL(0x98, 0x98, 0x5a, 0x98, 0xb4, 0xc2, 0x2d, 0x2c),
-            LL(0xa4, 0xa4, 0xaa, 0xa4, 0x49, 0x0e, 0x55, 0xed),
-            LL(0x28, 0x28, 0xa0, 0x28, 0x5d, 0x88, 0x50, 0x75),
-            LL(0x5c, 0x5c, 0x6d, 0x5c, 0xda, 0x31, 0xb8, 0x86),
-            LL(0xf8, 0xf8, 0xc7, 0xf8, 0x93, 0x3f, 0xed, 0x6b),
-            LL(0x86, 0x86, 0x22, 0x86, 0x44, 0xa4, 0x11, 0xc2),
-#define RC      (&(Cx.q[256*N]))
-            0x18, 0x23, 0xc6, 0xe8, 0x87, 0xb8, 0x01, 0x4f,
-            /* rc[ROUNDS] */
-            0x36, 0xa6, 0xd2, 0xf5, 0x79, 0x6f, 0x91, 0x52, 0x60, 0xbc, 0x9b,
-            0x8e, 0xa3, 0x0c, 0x7b, 0x35, 0x1d, 0xe0, 0xd7, 0xc2, 0x2e, 0x4b,
-            0xfe, 0x57, 0x15, 0x77, 0x37, 0xe5, 0x9f, 0xf0, 0x4a, 0xda, 0x58,
-            0xc9, 0x29, 0x0a, 0xb1, 0xa0, 0x6b, 0x85, 0xbd, 0x5d, 0x10, 0xf4,
-            0xcb, 0x3e, 0x05, 0x67, 0xe4, 0x27, 0x41, 0x8b, 0xa7, 0x7d, 0x95,
-            0xd8, 0xfb, 0xee, 0x7c, 0x66, 0xdd, 0x17, 0x47, 0x9e, 0xca, 0x2d,
-            0xbf, 0x07, 0xad, 0x5a, 0x83, 0x33
-        }
-    };
-
-void whirlpool_block(WHIRLPOOL_CTX *ctx, const void *inp, size_t n)
-{
-    int r;
-    const u8 *p = inp;
-    union {
-        u64 q[8];
-        u8 c[64];
-    } S, K, *H = (void *)ctx->H.q;
-
-#ifdef GO_FOR_MMX
-    GO_FOR_MMX(ctx, inp, n);
-#endif
-    do {
-#ifdef OPENSSL_SMALL_FOOTPRINT
-        u64 L[8];
-        int i;
-
-        for (i = 0; i < 64; i++)
-            S.c[i] = (K.c[i] = H->c[i]) ^ p[i];
-        for (r = 0; r < ROUNDS; r++) {
-            for (i = 0; i < 8; i++) {
-                L[i] = i ? 0 : RC[r];
-                L[i] ^= C0(K, i) ^ C1(K, (i - 1) & 7) ^
-                    C2(K, (i - 2) & 7) ^ C3(K, (i - 3) & 7) ^
-                    C4(K, (i - 4) & 7) ^ C5(K, (i - 5) & 7) ^
-                    C6(K, (i - 6) & 7) ^ C7(K, (i - 7) & 7);
-            }
-            memcpy(K.q, L, 64);
-            for (i = 0; i < 8; i++) {
-                L[i] ^= C0(S, i) ^ C1(S, (i - 1) & 7) ^
-                    C2(S, (i - 2) & 7) ^ C3(S, (i - 3) & 7) ^
-                    C4(S, (i - 4) & 7) ^ C5(S, (i - 5) & 7) ^
-                    C6(S, (i - 6) & 7) ^ C7(S, (i - 7) & 7);
-            }
-            memcpy(S.q, L, 64);
-        }
-        for (i = 0; i < 64; i++)
-            H->c[i] ^= S.c[i] ^ p[i];
-#else
-        u64 L0, L1, L2, L3, L4, L5, L6, L7;
-
-# ifdef STRICT_ALIGNMENT
-        if ((size_t)p & 7) {
-            memcpy(S.c, p, 64);
-            S.q[0] ^= (K.q[0] = H->q[0]);
-            S.q[1] ^= (K.q[1] = H->q[1]);
-            S.q[2] ^= (K.q[2] = H->q[2]);
-            S.q[3] ^= (K.q[3] = H->q[3]);
-            S.q[4] ^= (K.q[4] = H->q[4]);
-            S.q[5] ^= (K.q[5] = H->q[5]);
-            S.q[6] ^= (K.q[6] = H->q[6]);
-            S.q[7] ^= (K.q[7] = H->q[7]);
-        } else
-# endif
-        {
-            const u64 *pa = (const u64 *)p;
-            S.q[0] = (K.q[0] = H->q[0]) ^ pa[0];
-            S.q[1] = (K.q[1] = H->q[1]) ^ pa[1];
-            S.q[2] = (K.q[2] = H->q[2]) ^ pa[2];
-            S.q[3] = (K.q[3] = H->q[3]) ^ pa[3];
-            S.q[4] = (K.q[4] = H->q[4]) ^ pa[4];
-            S.q[5] = (K.q[5] = H->q[5]) ^ pa[5];
-            S.q[6] = (K.q[6] = H->q[6]) ^ pa[6];
-            S.q[7] = (K.q[7] = H->q[7]) ^ pa[7];
-        }
-
-        for (r = 0; r < ROUNDS; r++) {
-# ifdef SMALL_REGISTER_BANK
-            L0 = C0(K, 0) ^ C1(K, 7) ^ C2(K, 6) ^ C3(K, 5) ^
-                C4(K, 4) ^ C5(K, 3) ^ C6(K, 2) ^ C7(K, 1) ^ RC[r];
-            L1 = C0(K, 1) ^ C1(K, 0) ^ C2(K, 7) ^ C3(K, 6) ^
-                C4(K, 5) ^ C5(K, 4) ^ C6(K, 3) ^ C7(K, 2);
-            L2 = C0(K, 2) ^ C1(K, 1) ^ C2(K, 0) ^ C3(K, 7) ^
-                C4(K, 6) ^ C5(K, 5) ^ C6(K, 4) ^ C7(K, 3);
-            L3 = C0(K, 3) ^ C1(K, 2) ^ C2(K, 1) ^ C3(K, 0) ^
-                C4(K, 7) ^ C5(K, 6) ^ C6(K, 5) ^ C7(K, 4);
-            L4 = C0(K, 4) ^ C1(K, 3) ^ C2(K, 2) ^ C3(K, 1) ^
-                C4(K, 0) ^ C5(K, 7) ^ C6(K, 6) ^ C7(K, 5);
-            L5 = C0(K, 5) ^ C1(K, 4) ^ C2(K, 3) ^ C3(K, 2) ^
-                C4(K, 1) ^ C5(K, 0) ^ C6(K, 7) ^ C7(K, 6);
-            L6 = C0(K, 6) ^ C1(K, 5) ^ C2(K, 4) ^ C3(K, 3) ^
-                C4(K, 2) ^ C5(K, 1) ^ C6(K, 0) ^ C7(K, 7);
-            L7 = C0(K, 7) ^ C1(K, 6) ^ C2(K, 5) ^ C3(K, 4) ^
-                C4(K, 3) ^ C5(K, 2) ^ C6(K, 1) ^ C7(K, 0);
-
-            K.q[0] = L0;
-            K.q[1] = L1;
-            K.q[2] = L2;
-            K.q[3] = L3;
-            K.q[4] = L4;
-            K.q[5] = L5;
-            K.q[6] = L6;
-            K.q[7] = L7;
-
-            L0 ^= C0(S, 0) ^ C1(S, 7) ^ C2(S, 6) ^ C3(S, 5) ^
-                C4(S, 4) ^ C5(S, 3) ^ C6(S, 2) ^ C7(S, 1);
-            L1 ^= C0(S, 1) ^ C1(S, 0) ^ C2(S, 7) ^ C3(S, 6) ^
-                C4(S, 5) ^ C5(S, 4) ^ C6(S, 3) ^ C7(S, 2);
-            L2 ^= C0(S, 2) ^ C1(S, 1) ^ C2(S, 0) ^ C3(S, 7) ^
-                C4(S, 6) ^ C5(S, 5) ^ C6(S, 4) ^ C7(S, 3);
-            L3 ^= C0(S, 3) ^ C1(S, 2) ^ C2(S, 1) ^ C3(S, 0) ^
-                C4(S, 7) ^ C5(S, 6) ^ C6(S, 5) ^ C7(S, 4);
-            L4 ^= C0(S, 4) ^ C1(S, 3) ^ C2(S, 2) ^ C3(S, 1) ^
-                C4(S, 0) ^ C5(S, 7) ^ C6(S, 6) ^ C7(S, 5);
-            L5 ^= C0(S, 5) ^ C1(S, 4) ^ C2(S, 3) ^ C3(S, 2) ^
-                C4(S, 1) ^ C5(S, 0) ^ C6(S, 7) ^ C7(S, 6);
-            L6 ^= C0(S, 6) ^ C1(S, 5) ^ C2(S, 4) ^ C3(S, 3) ^
-                C4(S, 2) ^ C5(S, 1) ^ C6(S, 0) ^ C7(S, 7);
-            L7 ^= C0(S, 7) ^ C1(S, 6) ^ C2(S, 5) ^ C3(S, 4) ^
-                C4(S, 3) ^ C5(S, 2) ^ C6(S, 1) ^ C7(S, 0);
-
-            S.q[0] = L0;
-            S.q[1] = L1;
-            S.q[2] = L2;
-            S.q[3] = L3;
-            S.q[4] = L4;
-            S.q[5] = L5;
-            S.q[6] = L6;
-            S.q[7] = L7;
-# else
-            L0 = C0(K, 0);
-            L1 = C1(K, 0);
-            L2 = C2(K, 0);
-            L3 = C3(K, 0);
-            L4 = C4(K, 0);
-            L5 = C5(K, 0);
-            L6 = C6(K, 0);
-            L7 = C7(K, 0);
-            L0 ^= RC[r];
-
-            L1 ^= C0(K, 1);
-            L2 ^= C1(K, 1);
-            L3 ^= C2(K, 1);
-            L4 ^= C3(K, 1);
-            L5 ^= C4(K, 1);
-            L6 ^= C5(K, 1);
-            L7 ^= C6(K, 1);
-            L0 ^= C7(K, 1);
-
-            L2 ^= C0(K, 2);
-            L3 ^= C1(K, 2);
-            L4 ^= C2(K, 2);
-            L5 ^= C3(K, 2);
-            L6 ^= C4(K, 2);
-            L7 ^= C5(K, 2);
-            L0 ^= C6(K, 2);
-            L1 ^= C7(K, 2);
-
-            L3 ^= C0(K, 3);
-            L4 ^= C1(K, 3);
-            L5 ^= C2(K, 3);
-            L6 ^= C3(K, 3);
-            L7 ^= C4(K, 3);
-            L0 ^= C5(K, 3);
-            L1 ^= C6(K, 3);
-            L2 ^= C7(K, 3);
-
-            L4 ^= C0(K, 4);
-            L5 ^= C1(K, 4);
-            L6 ^= C2(K, 4);
-            L7 ^= C3(K, 4);
-            L0 ^= C4(K, 4);
-            L1 ^= C5(K, 4);
-            L2 ^= C6(K, 4);
-            L3 ^= C7(K, 4);
-
-            L5 ^= C0(K, 5);
-            L6 ^= C1(K, 5);
-            L7 ^= C2(K, 5);
-            L0 ^= C3(K, 5);
-            L1 ^= C4(K, 5);
-            L2 ^= C5(K, 5);
-            L3 ^= C6(K, 5);
-            L4 ^= C7(K, 5);
-
-            L6 ^= C0(K, 6);
-            L7 ^= C1(K, 6);
-            L0 ^= C2(K, 6);
-            L1 ^= C3(K, 6);
-            L2 ^= C4(K, 6);
-            L3 ^= C5(K, 6);
-            L4 ^= C6(K, 6);
-            L5 ^= C7(K, 6);
-
-            L7 ^= C0(K, 7);
-            L0 ^= C1(K, 7);
-            L1 ^= C2(K, 7);
-            L2 ^= C3(K, 7);
-            L3 ^= C4(K, 7);
-            L4 ^= C5(K, 7);
-            L5 ^= C6(K, 7);
-            L6 ^= C7(K, 7);
-
-            K.q[0] = L0;
-            K.q[1] = L1;
-            K.q[2] = L2;
-            K.q[3] = L3;
-            K.q[4] = L4;
-            K.q[5] = L5;
-            K.q[6] = L6;
-            K.q[7] = L7;
-
-            L0 ^= C0(S, 0);
-            L1 ^= C1(S, 0);
-            L2 ^= C2(S, 0);
-            L3 ^= C3(S, 0);
-            L4 ^= C4(S, 0);
-            L5 ^= C5(S, 0);
-            L6 ^= C6(S, 0);
-            L7 ^= C7(S, 0);
-
-            L1 ^= C0(S, 1);
-            L2 ^= C1(S, 1);
-            L3 ^= C2(S, 1);
-            L4 ^= C3(S, 1);
-            L5 ^= C4(S, 1);
-            L6 ^= C5(S, 1);
-            L7 ^= C6(S, 1);
-            L0 ^= C7(S, 1);
-
-            L2 ^= C0(S, 2);
-            L3 ^= C1(S, 2);
-            L4 ^= C2(S, 2);
-            L5 ^= C3(S, 2);
-            L6 ^= C4(S, 2);
-            L7 ^= C5(S, 2);
-            L0 ^= C6(S, 2);
-            L1 ^= C7(S, 2);
-
-            L3 ^= C0(S, 3);
-            L4 ^= C1(S, 3);
-            L5 ^= C2(S, 3);
-            L6 ^= C3(S, 3);
-            L7 ^= C4(S, 3);
-            L0 ^= C5(S, 3);
-            L1 ^= C6(S, 3);
-            L2 ^= C7(S, 3);
-
-            L4 ^= C0(S, 4);
-            L5 ^= C1(S, 4);
-            L6 ^= C2(S, 4);
-            L7 ^= C3(S, 4);
-            L0 ^= C4(S, 4);
-            L1 ^= C5(S, 4);
-            L2 ^= C6(S, 4);
-            L3 ^= C7(S, 4);
-
-            L5 ^= C0(S, 5);
-            L6 ^= C1(S, 5);
-            L7 ^= C2(S, 5);
-            L0 ^= C3(S, 5);
-            L1 ^= C4(S, 5);
-            L2 ^= C5(S, 5);
-            L3 ^= C6(S, 5);
-            L4 ^= C7(S, 5);
-
-            L6 ^= C0(S, 6);
-            L7 ^= C1(S, 6);
-            L0 ^= C2(S, 6);
-            L1 ^= C3(S, 6);
-            L2 ^= C4(S, 6);
-            L3 ^= C5(S, 6);
-            L4 ^= C6(S, 6);
-            L5 ^= C7(S, 6);
-
-            L7 ^= C0(S, 7);
-            L0 ^= C1(S, 7);
-            L1 ^= C2(S, 7);
-            L2 ^= C3(S, 7);
-            L3 ^= C4(S, 7);
-            L4 ^= C5(S, 7);
-            L5 ^= C6(S, 7);
-            L6 ^= C7(S, 7);
-
-            S.q[0] = L0;
-            S.q[1] = L1;
-            S.q[2] = L2;
-            S.q[3] = L3;
-            S.q[4] = L4;
-            S.q[5] = L5;
-            S.q[6] = L6;
-            S.q[7] = L7;
-# endif
-        }
-
-# ifdef STRICT_ALIGNMENT
-        if ((size_t)p & 7) {
-            int i;
-            for (i = 0; i < 64; i++)
-                H->c[i] ^= S.c[i] ^ p[i];
-        } else
-# endif
-        {
-            const u64 *pa = (const u64 *)p;
-            H->q[0] ^= S.q[0] ^ pa[0];
-            H->q[1] ^= S.q[1] ^ pa[1];
-            H->q[2] ^= S.q[2] ^ pa[2];
-            H->q[3] ^= S.q[3] ^ pa[3];
-            H->q[4] ^= S.q[4] ^ pa[4];
-            H->q[5] ^= S.q[5] ^ pa[5];
-            H->q[6] ^= S.q[6] ^ pa[6];
-            H->q[7] ^= S.q[7] ^ pa[7];
-        }
-#endif
-        p += 64;
-    } while (--n);
-}
diff --git a/thirdparty/openssl/crypto/whrlpool/wp_dgst.c b/thirdparty/openssl/crypto/whrlpool/wp_dgst.c
deleted file mode 100644
index 807d1c49b2..0000000000
--- a/thirdparty/openssl/crypto/whrlpool/wp_dgst.c
+++ /dev/null
@@ -1,258 +0,0 @@
-/**
- * The Whirlpool hashing function.
- *
- * <P>
- * <b>References</b>
- *
- * <P>
- * The Whirlpool algorithm was developed by
- * <a href="mailto:pbarreto@scopus.com.br">Paulo S. L. M. Barreto</a> and
- * <a href="mailto:vincent.rijmen@cryptomathic.com">Vincent Rijmen</a>.
- *
- * See
- *      P.S.L.M. Barreto, V. Rijmen,
- *      ``The Whirlpool hashing function,''
- *      NESSIE submission, 2000 (tweaked version, 2001),
- *      <https://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/whirlpool.zip>
- *
- * Based on "@version 3.0 (2003.03.12)" by Paulo S.L.M. Barreto and
- * Vincent Rijmen. Lookup "reference implementations" on
- * <http://planeta.terra.com.br/informatica/paulobarreto/>
- *
- * =============================================================================
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
- * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
- * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
- * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
- * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-/*
- * OpenSSL-specific implementation notes.
- *
- * WHIRLPOOL_Update as well as one-stroke WHIRLPOOL both expect
- * number of *bytes* as input length argument. Bit-oriented routine
- * as specified by authors is called WHIRLPOOL_BitUpdate[!] and
- * does not have one-stroke counterpart.
- *
- * WHIRLPOOL_BitUpdate implements byte-oriented loop, essentially
- * to serve WHIRLPOOL_Update. This is done for performance.
- *
- * Unlike authors' reference implementation, block processing
- * routine whirlpool_block is designed to operate on multi-block
- * input. This is done for perfomance.
- */
-
-#include <openssl/crypto.h>
-#include "wp_locl.h"
-#include <openssl/crypto.h>
-#include <string.h>
-
-fips_md_init(WHIRLPOOL)
-{
-    memset(c, 0, sizeof(*c));
-    return (1);
-}
-
-int WHIRLPOOL_Update(WHIRLPOOL_CTX *c, const void *_inp, size_t bytes)
-{
-    /*
-     * Well, largest suitable chunk size actually is
-     * (1<<(sizeof(size_t)*8-3))-64, but below number is large enough for not
-     * to care about excessive calls to WHIRLPOOL_BitUpdate...
-     */
-    size_t chunk = ((size_t)1) << (sizeof(size_t) * 8 - 4);
-    const unsigned char *inp = _inp;
-
-    while (bytes >= chunk) {
-        WHIRLPOOL_BitUpdate(c, inp, chunk * 8);
-        bytes -= chunk;
-        inp += chunk;
-    }
-    if (bytes)
-        WHIRLPOOL_BitUpdate(c, inp, bytes * 8);
-
-    return (1);
-}
-
-void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c, const void *_inp, size_t bits)
-{
-    size_t n;
-    unsigned int bitoff = c->bitoff,
-        bitrem = bitoff % 8, inpgap = (8 - (unsigned int)bits % 8) & 7;
-    const unsigned char *inp = _inp;
-
-    /*
-     * This 256-bit increment procedure relies on the size_t being natural
-     * size of CPU register, so that we don't have to mask the value in order
-     * to detect overflows.
-     */
-    c->bitlen[0] += bits;
-    if (c->bitlen[0] < bits) {  /* overflow */
-        n = 1;
-        do {
-            c->bitlen[n]++;
-        } while (c->bitlen[n] == 0
-                 && ++n < (WHIRLPOOL_COUNTER / sizeof(size_t)));
-    }
-#ifndef OPENSSL_SMALL_FOOTPRINT
- reconsider:
-    if (inpgap == 0 && bitrem == 0) { /* byte-oriented loop */
-        while (bits) {
-            if (bitoff == 0 && (n = bits / WHIRLPOOL_BBLOCK)) {
-                whirlpool_block(c, inp, n);
-                inp += n * WHIRLPOOL_BBLOCK / 8;
-                bits %= WHIRLPOOL_BBLOCK;
-            } else {
-                unsigned int byteoff = bitoff / 8;
-
-                bitrem = WHIRLPOOL_BBLOCK - bitoff; /* re-use bitrem */
-                if (bits >= bitrem) {
-                    bits -= bitrem;
-                    bitrem /= 8;
-                    memcpy(c->data + byteoff, inp, bitrem);
-                    inp += bitrem;
-                    whirlpool_block(c, c->data, 1);
-                    bitoff = 0;
-                } else {
-                    memcpy(c->data + byteoff, inp, bits / 8);
-                    bitoff += (unsigned int)bits;
-                    bits = 0;
-                }
-                c->bitoff = bitoff;
-            }
-        }
-    } else                      /* bit-oriented loop */
-#endif
-    {
-        /*-
-                   inp
-                   |
-                   +-------+-------+-------
-                      |||||||||||||||||||||
-                   +-------+-------+-------
-        +-------+-------+-------+-------+-------
-        ||||||||||||||                          c->data
-        +-------+-------+-------+-------+-------
-                |
-                c->bitoff/8
-        */
-        while (bits) {
-            unsigned int byteoff = bitoff / 8;
-            unsigned char b;
-
-#ifndef OPENSSL_SMALL_FOOTPRINT
-            if (bitrem == inpgap) {
-                c->data[byteoff++] |= inp[0] & (0xff >> inpgap);
-                inpgap = 8 - inpgap;
-                bitoff += inpgap;
-                bitrem = 0;     /* bitoff%8 */
-                bits -= inpgap;
-                inpgap = 0;     /* bits%8 */
-                inp++;
-                if (bitoff == WHIRLPOOL_BBLOCK) {
-                    whirlpool_block(c, c->data, 1);
-                    bitoff = 0;
-                }
-                c->bitoff = bitoff;
-                goto reconsider;
-            } else
-#endif
-            if (bits >= 8) {
-                b = ((inp[0] << inpgap) | (inp[1] >> (8 - inpgap)));
-                b &= 0xff;
-                if (bitrem)
-                    c->data[byteoff++] |= b >> bitrem;
-                else
-                    c->data[byteoff++] = b;
-                bitoff += 8;
-                bits -= 8;
-                inp++;
-                if (bitoff >= WHIRLPOOL_BBLOCK) {
-                    whirlpool_block(c, c->data, 1);
-                    byteoff = 0;
-                    bitoff %= WHIRLPOOL_BBLOCK;
-                }
-                if (bitrem)
-                    c->data[byteoff] = b << (8 - bitrem);
-            } else {            /* remaining less than 8 bits */
-
-                b = (inp[0] << inpgap) & 0xff;
-                if (bitrem)
-                    c->data[byteoff++] |= b >> bitrem;
-                else
-                    c->data[byteoff++] = b;
-                bitoff += (unsigned int)bits;
-                if (bitoff == WHIRLPOOL_BBLOCK) {
-                    whirlpool_block(c, c->data, 1);
-                    byteoff = 0;
-                    bitoff %= WHIRLPOOL_BBLOCK;
-                }
-                if (bitrem)
-                    c->data[byteoff] = b << (8 - bitrem);
-                bits = 0;
-            }
-            c->bitoff = bitoff;
-        }
-    }
-}
-
-int WHIRLPOOL_Final(unsigned char *md, WHIRLPOOL_CTX *c)
-{
-    unsigned int bitoff = c->bitoff, byteoff = bitoff / 8;
-    size_t i, j, v;
-    unsigned char *p;
-
-    bitoff %= 8;
-    if (bitoff)
-        c->data[byteoff] |= 0x80 >> bitoff;
-    else
-        c->data[byteoff] = 0x80;
-    byteoff++;
-
-    /* pad with zeros */
-    if (byteoff > (WHIRLPOOL_BBLOCK / 8 - WHIRLPOOL_COUNTER)) {
-        if (byteoff < WHIRLPOOL_BBLOCK / 8)
-            memset(&c->data[byteoff], 0, WHIRLPOOL_BBLOCK / 8 - byteoff);
-        whirlpool_block(c, c->data, 1);
-        byteoff = 0;
-    }
-    if (byteoff < (WHIRLPOOL_BBLOCK / 8 - WHIRLPOOL_COUNTER))
-        memset(&c->data[byteoff], 0,
-               (WHIRLPOOL_BBLOCK / 8 - WHIRLPOOL_COUNTER) - byteoff);
-    /* smash 256-bit c->bitlen in big-endian order */
-    p = &c->data[WHIRLPOOL_BBLOCK / 8 - 1]; /* last byte in c->data */
-    for (i = 0; i < WHIRLPOOL_COUNTER / sizeof(size_t); i++)
-        for (v = c->bitlen[i], j = 0; j < sizeof(size_t); j++, v >>= 8)
-            *p-- = (unsigned char)(v & 0xff);
-
-    whirlpool_block(c, c->data, 1);
-
-    if (md) {
-        memcpy(md, c->H.c, WHIRLPOOL_DIGEST_LENGTH);
-        OPENSSL_cleanse(c, sizeof(*c));
-        return (1);
-    }
-    return (0);
-}
-
-unsigned char *WHIRLPOOL(const void *inp, size_t bytes, unsigned char *md)
-{
-    WHIRLPOOL_CTX ctx;
-    static unsigned char m[WHIRLPOOL_DIGEST_LENGTH];
-
-    if (md == NULL)
-        md = m;
-    WHIRLPOOL_Init(&ctx);
-    WHIRLPOOL_Update(&ctx, inp, bytes);
-    WHIRLPOOL_Final(md, &ctx);
-    return (md);
-}
diff --git a/thirdparty/openssl/crypto/whrlpool/wp_locl.h b/thirdparty/openssl/crypto/whrlpool/wp_locl.h
deleted file mode 100644
index 6e7b549e1e..0000000000
--- a/thirdparty/openssl/crypto/whrlpool/wp_locl.h
+++ /dev/null
@@ -1,3 +0,0 @@
-#include <openssl/whrlpool.h>
-
-void whirlpool_block(WHIRLPOOL_CTX *, const void *, size_t);
diff --git a/thirdparty/openssl/crypto/x509/by_dir.c b/thirdparty/openssl/crypto/x509/by_dir.c
deleted file mode 100644
index bbc3189381..0000000000
--- a/thirdparty/openssl/crypto/x509/by_dir.c
+++ /dev/null
@@ -1,440 +0,0 @@
-/* crypto/x509/by_dir.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-#include <errno.h>
-
-#include "cryptlib.h"
-
-#ifndef NO_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#ifndef OPENSSL_NO_POSIX_IO
-# include <sys/stat.h>
-#endif
-
-#include <openssl/lhash.h>
-#include <openssl/x509.h>
-
-typedef struct lookup_dir_hashes_st {
-    unsigned long hash;
-    int suffix;
-} BY_DIR_HASH;
-
-typedef struct lookup_dir_entry_st {
-    char *dir;
-    int dir_type;
-    STACK_OF(BY_DIR_HASH) *hashes;
-} BY_DIR_ENTRY;
-
-typedef struct lookup_dir_st {
-    BUF_MEM *buffer;
-    STACK_OF(BY_DIR_ENTRY) *dirs;
-} BY_DIR;
-
-DECLARE_STACK_OF(BY_DIR_HASH)
-DECLARE_STACK_OF(BY_DIR_ENTRY)
-
-static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
-                    char **ret);
-static int new_dir(X509_LOOKUP *lu);
-static void free_dir(X509_LOOKUP *lu);
-static int add_cert_dir(BY_DIR *ctx, const char *dir, int type);
-static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
-                               X509_OBJECT *ret);
-X509_LOOKUP_METHOD x509_dir_lookup = {
-    "Load certs from files in a directory",
-    new_dir,                    /* new */
-    free_dir,                   /* free */
-    NULL,                       /* init */
-    NULL,                       /* shutdown */
-    dir_ctrl,                   /* ctrl */
-    get_cert_by_subject,        /* get_by_subject */
-    NULL,                       /* get_by_issuer_serial */
-    NULL,                       /* get_by_fingerprint */
-    NULL,                       /* get_by_alias */
-};
-
-X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void)
-{
-    return (&x509_dir_lookup);
-}
-
-static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
-                    char **retp)
-{
-    int ret = 0;
-    BY_DIR *ld;
-    char *dir = NULL;
-
-    ld = (BY_DIR *)ctx->method_data;
-
-    switch (cmd) {
-    case X509_L_ADD_DIR:
-        if (argl == X509_FILETYPE_DEFAULT) {
-            dir = (char *)getenv(X509_get_default_cert_dir_env());
-            if (dir)
-                ret = add_cert_dir(ld, dir, X509_FILETYPE_PEM);
-            else
-                ret = add_cert_dir(ld, X509_get_default_cert_dir(),
-                                   X509_FILETYPE_PEM);
-            if (!ret) {
-                X509err(X509_F_DIR_CTRL, X509_R_LOADING_CERT_DIR);
-            }
-        } else
-            ret = add_cert_dir(ld, argp, (int)argl);
-        break;
-    }
-    return (ret);
-}
-
-static int new_dir(X509_LOOKUP *lu)
-{
-    BY_DIR *a;
-
-    if ((a = (BY_DIR *)OPENSSL_malloc(sizeof(BY_DIR))) == NULL)
-        return (0);
-    if ((a->buffer = BUF_MEM_new()) == NULL) {
-        OPENSSL_free(a);
-        return (0);
-    }
-    a->dirs = NULL;
-    lu->method_data = (char *)a;
-    return (1);
-}
-
-static void by_dir_hash_free(BY_DIR_HASH *hash)
-{
-    OPENSSL_free(hash);
-}
-
-static int by_dir_hash_cmp(const BY_DIR_HASH *const *a,
-                           const BY_DIR_HASH *const *b)
-{
-    if ((*a)->hash > (*b)->hash)
-        return 1;
-    if ((*a)->hash < (*b)->hash)
-        return -1;
-    return 0;
-}
-
-static void by_dir_entry_free(BY_DIR_ENTRY *ent)
-{
-    if (ent->dir)
-        OPENSSL_free(ent->dir);
-    if (ent->hashes)
-        sk_BY_DIR_HASH_pop_free(ent->hashes, by_dir_hash_free);
-    OPENSSL_free(ent);
-}
-
-static void free_dir(X509_LOOKUP *lu)
-{
-    BY_DIR *a;
-
-    a = (BY_DIR *)lu->method_data;
-    if (a->dirs != NULL)
-        sk_BY_DIR_ENTRY_pop_free(a->dirs, by_dir_entry_free);
-    if (a->buffer != NULL)
-        BUF_MEM_free(a->buffer);
-    OPENSSL_free(a);
-}
-
-static int add_cert_dir(BY_DIR *ctx, const char *dir, int type)
-{
-    int j, len;
-    const char *s, *ss, *p;
-
-    if (dir == NULL || !*dir) {
-        X509err(X509_F_ADD_CERT_DIR, X509_R_INVALID_DIRECTORY);
-        return 0;
-    }
-
-    s = dir;
-    p = s;
-    do {
-        if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0')) {
-            BY_DIR_ENTRY *ent;
-            ss = s;
-            s = p + 1;
-            len = (int)(p - ss);
-            if (len == 0)
-                continue;
-            for (j = 0; j < sk_BY_DIR_ENTRY_num(ctx->dirs); j++) {
-                ent = sk_BY_DIR_ENTRY_value(ctx->dirs, j);
-                if (strlen(ent->dir) == (size_t)len &&
-                    strncmp(ent->dir, ss, (unsigned int)len) == 0)
-                    break;
-            }
-            if (j < sk_BY_DIR_ENTRY_num(ctx->dirs))
-                continue;
-            if (ctx->dirs == NULL) {
-                ctx->dirs = sk_BY_DIR_ENTRY_new_null();
-                if (!ctx->dirs) {
-                    X509err(X509_F_ADD_CERT_DIR, ERR_R_MALLOC_FAILURE);
-                    return 0;
-                }
-            }
-            ent = OPENSSL_malloc(sizeof(BY_DIR_ENTRY));
-            if (!ent)
-                return 0;
-            ent->dir_type = type;
-            ent->hashes = sk_BY_DIR_HASH_new(by_dir_hash_cmp);
-            ent->dir = OPENSSL_malloc((unsigned int)len + 1);
-            if (!ent->dir || !ent->hashes) {
-                by_dir_entry_free(ent);
-                return 0;
-            }
-            strncpy(ent->dir, ss, (unsigned int)len);
-            ent->dir[len] = '\0';
-            if (!sk_BY_DIR_ENTRY_push(ctx->dirs, ent)) {
-                by_dir_entry_free(ent);
-                return 0;
-            }
-        }
-    } while (*p++ != '\0');
-    return 1;
-}
-
-static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
-                               X509_OBJECT *ret)
-{
-    BY_DIR *ctx;
-    union {
-        struct {
-            X509 st_x509;
-            X509_CINF st_x509_cinf;
-        } x509;
-        struct {
-            X509_CRL st_crl;
-            X509_CRL_INFO st_crl_info;
-        } crl;
-    } data;
-    int ok = 0;
-    int i, j, k;
-    unsigned long h;
-    BUF_MEM *b = NULL;
-    X509_OBJECT stmp, *tmp;
-    const char *postfix = "";
-
-    if (name == NULL)
-        return (0);
-
-    stmp.type = type;
-    if (type == X509_LU_X509) {
-        data.x509.st_x509.cert_info = &data.x509.st_x509_cinf;
-        data.x509.st_x509_cinf.subject = name;
-        stmp.data.x509 = &data.x509.st_x509;
-        postfix = "";
-    } else if (type == X509_LU_CRL) {
-        data.crl.st_crl.crl = &data.crl.st_crl_info;
-        data.crl.st_crl_info.issuer = name;
-        stmp.data.crl = &data.crl.st_crl;
-        postfix = "r";
-    } else {
-        X509err(X509_F_GET_CERT_BY_SUBJECT, X509_R_WRONG_LOOKUP_TYPE);
-        goto finish;
-    }
-
-    if ((b = BUF_MEM_new()) == NULL) {
-        X509err(X509_F_GET_CERT_BY_SUBJECT, ERR_R_BUF_LIB);
-        goto finish;
-    }
-
-    ctx = (BY_DIR *)xl->method_data;
-
-    h = X509_NAME_hash(name);
-    for (i = 0; i < sk_BY_DIR_ENTRY_num(ctx->dirs); i++) {
-        BY_DIR_ENTRY *ent;
-        int idx;
-        BY_DIR_HASH htmp, *hent;
-        ent = sk_BY_DIR_ENTRY_value(ctx->dirs, i);
-        j = strlen(ent->dir) + 1 + 8 + 6 + 1 + 1;
-        if (!BUF_MEM_grow(b, j)) {
-            X509err(X509_F_GET_CERT_BY_SUBJECT, ERR_R_MALLOC_FAILURE);
-            goto finish;
-        }
-        if (type == X509_LU_CRL && ent->hashes) {
-            htmp.hash = h;
-            CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE);
-            idx = sk_BY_DIR_HASH_find(ent->hashes, &htmp);
-            if (idx >= 0) {
-                hent = sk_BY_DIR_HASH_value(ent->hashes, idx);
-                k = hent->suffix;
-            } else {
-                hent = NULL;
-                k = 0;
-            }
-            CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
-        } else {
-            k = 0;
-            hent = NULL;
-        }
-        for (;;) {
-            char c = '/';
-#ifdef OPENSSL_SYS_VMS
-            c = ent->dir[strlen(ent->dir) - 1];
-            if (c != ':' && c != '>' && c != ']') {
-                /*
-                 * If no separator is present, we assume the directory
-                 * specifier is a logical name, and add a colon.  We really
-                 * should use better VMS routines for merging things like
-                 * this, but this will do for now... -- Richard Levitte
-                 */
-                c = ':';
-            } else {
-                c = '\0';
-            }
-#endif
-            if (c == '\0') {
-                /*
-                 * This is special.  When c == '\0', no directory separator
-                 * should be added.
-                 */
-                BIO_snprintf(b->data, b->max,
-                             "%s%08lx.%s%d", ent->dir, h, postfix, k);
-            } else {
-                BIO_snprintf(b->data, b->max,
-                             "%s%c%08lx.%s%d", ent->dir, c, h, postfix, k);
-            }
-#ifndef OPENSSL_NO_POSIX_IO
-# ifdef _WIN32
-#  define stat _stat
-# endif
-            {
-                struct stat st;
-                if (stat(b->data, &st) < 0)
-                    break;
-            }
-#endif
-            /* found one. */
-            if (type == X509_LU_X509) {
-                if ((X509_load_cert_file(xl, b->data, ent->dir_type)) == 0)
-                    break;
-            } else if (type == X509_LU_CRL) {
-                if ((X509_load_crl_file(xl, b->data, ent->dir_type)) == 0)
-                    break;
-            }
-            /* else case will caught higher up */
-            k++;
-        }
-
-        /*
-         * we have added it to the cache so now pull it out again
-         */
-        CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-        j = sk_X509_OBJECT_find(xl->store_ctx->objs, &stmp);
-        if (j != -1)
-            tmp = sk_X509_OBJECT_value(xl->store_ctx->objs, j);
-        else
-            tmp = NULL;
-        CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-
-        /* If a CRL, update the last file suffix added for this */
-
-        if (type == X509_LU_CRL) {
-            CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-            /*
-             * Look for entry again in case another thread added an entry
-             * first.
-             */
-            if (!hent) {
-                htmp.hash = h;
-                idx = sk_BY_DIR_HASH_find(ent->hashes, &htmp);
-                if (idx >= 0)
-                    hent = sk_BY_DIR_HASH_value(ent->hashes, idx);
-            }
-            if (!hent) {
-                hent = OPENSSL_malloc(sizeof(BY_DIR_HASH));
-                if (hent == NULL) {
-                    X509err(X509_F_GET_CERT_BY_SUBJECT, ERR_R_MALLOC_FAILURE);
-                    goto finish;
-                }
-                hent->hash = h;
-                hent->suffix = k;
-                if (!sk_BY_DIR_HASH_push(ent->hashes, hent)) {
-                    CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-                    OPENSSL_free(hent);
-                    ok = 0;
-                    goto finish;
-                }
-            } else if (hent->suffix < k)
-                hent->suffix = k;
-
-            CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-
-        }
-
-        if (tmp != NULL) {
-            ok = 1;
-            ret->type = tmp->type;
-            memcpy(&ret->data, &tmp->data, sizeof(ret->data));
-            /*
-             * If we were going to up the reference count, we would need to
-             * do it on a perl 'type' basis
-             */
-        /*- CRYPTO_add(&tmp->data.x509->references,1,
-                    CRYPTO_LOCK_X509);*/
-            goto finish;
-        }
-    }
- finish:
-    if (b != NULL)
-        BUF_MEM_free(b);
-    return (ok);
-}
diff --git a/thirdparty/openssl/crypto/x509/by_file.c b/thirdparty/openssl/crypto/x509/by_file.c
deleted file mode 100644
index 43a073003d..0000000000
--- a/thirdparty/openssl/crypto/x509/by_file.c
+++ /dev/null
@@ -1,277 +0,0 @@
-/* crypto/x509/by_file.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-#include <errno.h>
-
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/buffer.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-#ifndef OPENSSL_NO_STDIO
-
-static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
-                        long argl, char **ret);
-X509_LOOKUP_METHOD x509_file_lookup = {
-    "Load file into cache",
-    NULL,                       /* new */
-    NULL,                       /* free */
-    NULL,                       /* init */
-    NULL,                       /* shutdown */
-    by_file_ctrl,               /* ctrl */
-    NULL,                       /* get_by_subject */
-    NULL,                       /* get_by_issuer_serial */
-    NULL,                       /* get_by_fingerprint */
-    NULL,                       /* get_by_alias */
-};
-
-X509_LOOKUP_METHOD *X509_LOOKUP_file(void)
-{
-    return (&x509_file_lookup);
-}
-
-static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp,
-                        long argl, char **ret)
-{
-    int ok = 0;
-    char *file;
-
-    switch (cmd) {
-    case X509_L_FILE_LOAD:
-        if (argl == X509_FILETYPE_DEFAULT) {
-            file = (char *)getenv(X509_get_default_cert_file_env());
-            if (file)
-                ok = (X509_load_cert_crl_file(ctx, file,
-                                              X509_FILETYPE_PEM) != 0);
-
-            else
-                ok = (X509_load_cert_crl_file
-                      (ctx, X509_get_default_cert_file(),
-                       X509_FILETYPE_PEM) != 0);
-
-            if (!ok) {
-                X509err(X509_F_BY_FILE_CTRL, X509_R_LOADING_DEFAULTS);
-            }
-        } else {
-            if (argl == X509_FILETYPE_PEM)
-                ok = (X509_load_cert_crl_file(ctx, argp,
-                                              X509_FILETYPE_PEM) != 0);
-            else
-                ok = (X509_load_cert_file(ctx, argp, (int)argl) != 0);
-        }
-        break;
-    }
-    return (ok);
-}
-
-int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type)
-{
-    int ret = 0;
-    BIO *in = NULL;
-    int i, count = 0;
-    X509 *x = NULL;
-
-    if (file == NULL)
-        return (1);
-    in = BIO_new(BIO_s_file_internal());
-
-    if ((in == NULL) || (BIO_read_filename(in, file) <= 0)) {
-        X509err(X509_F_X509_LOAD_CERT_FILE, ERR_R_SYS_LIB);
-        goto err;
-    }
-
-    if (type == X509_FILETYPE_PEM) {
-        for (;;) {
-            x = PEM_read_bio_X509_AUX(in, NULL, NULL, NULL);
-            if (x == NULL) {
-                if ((ERR_GET_REASON(ERR_peek_last_error()) ==
-                     PEM_R_NO_START_LINE) && (count > 0)) {
-                    ERR_clear_error();
-                    break;
-                } else {
-                    X509err(X509_F_X509_LOAD_CERT_FILE, ERR_R_PEM_LIB);
-                    goto err;
-                }
-            }
-            i = X509_STORE_add_cert(ctx->store_ctx, x);
-            if (!i)
-                goto err;
-            count++;
-            X509_free(x);
-            x = NULL;
-        }
-        ret = count;
-    } else if (type == X509_FILETYPE_ASN1) {
-        x = d2i_X509_bio(in, NULL);
-        if (x == NULL) {
-            X509err(X509_F_X509_LOAD_CERT_FILE, ERR_R_ASN1_LIB);
-            goto err;
-        }
-        i = X509_STORE_add_cert(ctx->store_ctx, x);
-        if (!i)
-            goto err;
-        ret = i;
-    } else {
-        X509err(X509_F_X509_LOAD_CERT_FILE, X509_R_BAD_X509_FILETYPE);
-        goto err;
-    }
- err:
-    if (x != NULL)
-        X509_free(x);
-    if (in != NULL)
-        BIO_free(in);
-    return (ret);
-}
-
-int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type)
-{
-    int ret = 0;
-    BIO *in = NULL;
-    int i, count = 0;
-    X509_CRL *x = NULL;
-
-    if (file == NULL)
-        return (1);
-    in = BIO_new(BIO_s_file_internal());
-
-    if ((in == NULL) || (BIO_read_filename(in, file) <= 0)) {
-        X509err(X509_F_X509_LOAD_CRL_FILE, ERR_R_SYS_LIB);
-        goto err;
-    }
-
-    if (type == X509_FILETYPE_PEM) {
-        for (;;) {
-            x = PEM_read_bio_X509_CRL(in, NULL, NULL, NULL);
-            if (x == NULL) {
-                if ((ERR_GET_REASON(ERR_peek_last_error()) ==
-                     PEM_R_NO_START_LINE) && (count > 0)) {
-                    ERR_clear_error();
-                    break;
-                } else {
-                    X509err(X509_F_X509_LOAD_CRL_FILE, ERR_R_PEM_LIB);
-                    goto err;
-                }
-            }
-            i = X509_STORE_add_crl(ctx->store_ctx, x);
-            if (!i)
-                goto err;
-            count++;
-            X509_CRL_free(x);
-            x = NULL;
-        }
-        ret = count;
-    } else if (type == X509_FILETYPE_ASN1) {
-        x = d2i_X509_CRL_bio(in, NULL);
-        if (x == NULL) {
-            X509err(X509_F_X509_LOAD_CRL_FILE, ERR_R_ASN1_LIB);
-            goto err;
-        }
-        i = X509_STORE_add_crl(ctx->store_ctx, x);
-        if (!i)
-            goto err;
-        ret = i;
-    } else {
-        X509err(X509_F_X509_LOAD_CRL_FILE, X509_R_BAD_X509_FILETYPE);
-        goto err;
-    }
- err:
-    if (x != NULL)
-        X509_CRL_free(x);
-    if (in != NULL)
-        BIO_free(in);
-    return (ret);
-}
-
-int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type)
-{
-    STACK_OF(X509_INFO) *inf;
-    X509_INFO *itmp;
-    BIO *in;
-    int i, count = 0;
-    if (type != X509_FILETYPE_PEM)
-        return X509_load_cert_file(ctx, file, type);
-    in = BIO_new_file(file, "r");
-    if (!in) {
-        X509err(X509_F_X509_LOAD_CERT_CRL_FILE, ERR_R_SYS_LIB);
-        return 0;
-    }
-    inf = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL);
-    BIO_free(in);
-    if (!inf) {
-        X509err(X509_F_X509_LOAD_CERT_CRL_FILE, ERR_R_PEM_LIB);
-        return 0;
-    }
-    for (i = 0; i < sk_X509_INFO_num(inf); i++) {
-        itmp = sk_X509_INFO_value(inf, i);
-        if (itmp->x509) {
-            X509_STORE_add_cert(ctx->store_ctx, itmp->x509);
-            count++;
-        }
-        if (itmp->crl) {
-            X509_STORE_add_crl(ctx->store_ctx, itmp->crl);
-            count++;
-        }
-    }
-    sk_X509_INFO_pop_free(inf, X509_INFO_free);
-    return count;
-}
-
-#endif                          /* OPENSSL_NO_STDIO */
diff --git a/thirdparty/openssl/crypto/x509/vpm_int.h b/thirdparty/openssl/crypto/x509/vpm_int.h
deleted file mode 100644
index 9c55defc51..0000000000
--- a/thirdparty/openssl/crypto/x509/vpm_int.h
+++ /dev/null
@@ -1,70 +0,0 @@
-/* vpm_int.h */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2013.
- */
-/* ====================================================================
- * Copyright (c) 2013 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* internal only structure to hold additional X509_VERIFY_PARAM data */
-
-struct X509_VERIFY_PARAM_ID_st {
-    STACK_OF(OPENSSL_STRING) *hosts; /* Set of acceptable names */
-    unsigned int hostflags;     /* Flags to control matching features */
-    char *peername;             /* Matching hostname in peer certificate */
-    char *email;                /* If not NULL email address to match */
-    size_t emaillen;
-    unsigned char *ip;          /* If not NULL IP address to match */
-    size_t iplen;               /* Length of IP address */
-};
diff --git a/thirdparty/openssl/crypto/x509/x509_att.c b/thirdparty/openssl/crypto/x509/x509_att.c
deleted file mode 100644
index 2501075307..0000000000
--- a/thirdparty/openssl/crypto/x509/x509_att.c
+++ /dev/null
@@ -1,390 +0,0 @@
-/* crypto/x509/x509_att.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/stack.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x)
-{
-    return sk_X509_ATTRIBUTE_num(x);
-}
-
-int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
-                           int lastpos)
-{
-    ASN1_OBJECT *obj;
-
-    obj = OBJ_nid2obj(nid);
-    if (obj == NULL)
-        return (-2);
-    return (X509at_get_attr_by_OBJ(x, obj, lastpos));
-}
-
-int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
-                           ASN1_OBJECT *obj, int lastpos)
-{
-    int n;
-    X509_ATTRIBUTE *ex;
-
-    if (sk == NULL)
-        return (-1);
-    lastpos++;
-    if (lastpos < 0)
-        lastpos = 0;
-    n = sk_X509_ATTRIBUTE_num(sk);
-    for (; lastpos < n; lastpos++) {
-        ex = sk_X509_ATTRIBUTE_value(sk, lastpos);
-        if (OBJ_cmp(ex->object, obj) == 0)
-            return (lastpos);
-    }
-    return (-1);
-}
-
-X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc)
-{
-    if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0)
-        return NULL;
-    else
-        return sk_X509_ATTRIBUTE_value(x, loc);
-}
-
-X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc)
-{
-    X509_ATTRIBUTE *ret;
-
-    if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0)
-        return (NULL);
-    ret = sk_X509_ATTRIBUTE_delete(x, loc);
-    return (ret);
-}
-
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
-                                           X509_ATTRIBUTE *attr)
-{
-    X509_ATTRIBUTE *new_attr = NULL;
-    STACK_OF(X509_ATTRIBUTE) *sk = NULL;
-
-    if (x == NULL) {
-        X509err(X509_F_X509AT_ADD1_ATTR, ERR_R_PASSED_NULL_PARAMETER);
-        goto err2;
-    }
-
-    if (*x == NULL) {
-        if ((sk = sk_X509_ATTRIBUTE_new_null()) == NULL)
-            goto err;
-    } else
-        sk = *x;
-
-    if ((new_attr = X509_ATTRIBUTE_dup(attr)) == NULL)
-        goto err2;
-    if (!sk_X509_ATTRIBUTE_push(sk, new_attr))
-        goto err;
-    if (*x == NULL)
-        *x = sk;
-    return (sk);
- err:
-    X509err(X509_F_X509AT_ADD1_ATTR, ERR_R_MALLOC_FAILURE);
- err2:
-    if (new_attr != NULL)
-        X509_ATTRIBUTE_free(new_attr);
-    if (sk != NULL)
-        sk_X509_ATTRIBUTE_free(sk);
-    return (NULL);
-}
-
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE)
-                                                  **x, const ASN1_OBJECT *obj,
-                                                  int type,
-                                                  const unsigned char *bytes,
-                                                  int len)
-{
-    X509_ATTRIBUTE *attr;
-    STACK_OF(X509_ATTRIBUTE) *ret;
-    attr = X509_ATTRIBUTE_create_by_OBJ(NULL, obj, type, bytes, len);
-    if (!attr)
-        return 0;
-    ret = X509at_add1_attr(x, attr);
-    X509_ATTRIBUTE_free(attr);
-    return ret;
-}
-
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE)
-                                                  **x, int nid, int type,
-                                                  const unsigned char *bytes,
-                                                  int len)
-{
-    X509_ATTRIBUTE *attr;
-    STACK_OF(X509_ATTRIBUTE) *ret;
-    attr = X509_ATTRIBUTE_create_by_NID(NULL, nid, type, bytes, len);
-    if (!attr)
-        return 0;
-    ret = X509at_add1_attr(x, attr);
-    X509_ATTRIBUTE_free(attr);
-    return ret;
-}
-
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE)
-                                                  **x, const char *attrname,
-                                                  int type,
-                                                  const unsigned char *bytes,
-                                                  int len)
-{
-    X509_ATTRIBUTE *attr;
-    STACK_OF(X509_ATTRIBUTE) *ret;
-    attr = X509_ATTRIBUTE_create_by_txt(NULL, attrname, type, bytes, len);
-    if (!attr)
-        return 0;
-    ret = X509at_add1_attr(x, attr);
-    X509_ATTRIBUTE_free(attr);
-    return ret;
-}
-
-void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
-                              ASN1_OBJECT *obj, int lastpos, int type)
-{
-    int i;
-    X509_ATTRIBUTE *at;
-    i = X509at_get_attr_by_OBJ(x, obj, lastpos);
-    if (i == -1)
-        return NULL;
-    if ((lastpos <= -2) && (X509at_get_attr_by_OBJ(x, obj, i) != -1))
-        return NULL;
-    at = X509at_get_attr(x, i);
-    if (lastpos <= -3 && (X509_ATTRIBUTE_count(at) != 1))
-        return NULL;
-    return X509_ATTRIBUTE_get0_data(at, 0, type, NULL);
-}
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
-                                             int atrtype, const void *data,
-                                             int len)
-{
-    ASN1_OBJECT *obj;
-    X509_ATTRIBUTE *ret;
-
-    obj = OBJ_nid2obj(nid);
-    if (obj == NULL) {
-        X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_NID, X509_R_UNKNOWN_NID);
-        return (NULL);
-    }
-    ret = X509_ATTRIBUTE_create_by_OBJ(attr, obj, atrtype, data, len);
-    if (ret == NULL)
-        ASN1_OBJECT_free(obj);
-    return (ret);
-}
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
-                                             const ASN1_OBJECT *obj,
-                                             int atrtype, const void *data,
-                                             int len)
-{
-    X509_ATTRIBUTE *ret;
-
-    if ((attr == NULL) || (*attr == NULL)) {
-        if ((ret = X509_ATTRIBUTE_new()) == NULL) {
-            X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,
-                    ERR_R_MALLOC_FAILURE);
-            return (NULL);
-        }
-    } else
-        ret = *attr;
-
-    if (!X509_ATTRIBUTE_set1_object(ret, obj))
-        goto err;
-    if (!X509_ATTRIBUTE_set1_data(ret, atrtype, data, len))
-        goto err;
-
-    if ((attr != NULL) && (*attr == NULL))
-        *attr = ret;
-    return (ret);
- err:
-    if ((attr == NULL) || (ret != *attr))
-        X509_ATTRIBUTE_free(ret);
-    return (NULL);
-}
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
-                                             const char *atrname, int type,
-                                             const unsigned char *bytes,
-                                             int len)
-{
-    ASN1_OBJECT *obj;
-    X509_ATTRIBUTE *nattr;
-
-    obj = OBJ_txt2obj(atrname, 0);
-    if (obj == NULL) {
-        X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT,
-                X509_R_INVALID_FIELD_NAME);
-        ERR_add_error_data(2, "name=", atrname);
-        return (NULL);
-    }
-    nattr = X509_ATTRIBUTE_create_by_OBJ(attr, obj, type, bytes, len);
-    ASN1_OBJECT_free(obj);
-    return nattr;
-}
-
-int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj)
-{
-    if ((attr == NULL) || (obj == NULL))
-        return (0);
-    ASN1_OBJECT_free(attr->object);
-    attr->object = OBJ_dup(obj);
-    return (1);
-}
-
-int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype,
-                             const void *data, int len)
-{
-    ASN1_TYPE *ttmp = NULL;
-    ASN1_STRING *stmp = NULL;
-    int atype = 0;
-    if (!attr)
-        return 0;
-    if (attrtype & MBSTRING_FLAG) {
-        stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype,
-                                      OBJ_obj2nid(attr->object));
-        if (!stmp) {
-            X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_ASN1_LIB);
-            return 0;
-        }
-        atype = stmp->type;
-    } else if (len != -1) {
-        if (!(stmp = ASN1_STRING_type_new(attrtype)))
-            goto err;
-        if (!ASN1_STRING_set(stmp, data, len))
-            goto err;
-        atype = attrtype;
-    }
-    if (!(attr->value.set = sk_ASN1_TYPE_new_null()))
-        goto err;
-    attr->single = 0;
-    /*
-     * This is a bit naughty because the attribute should really have at
-     * least one value but some types use and zero length SET and require
-     * this.
-     */
-    if (attrtype == 0) {
-        ASN1_STRING_free(stmp);
-        return 1;
-    }
-    if (!(ttmp = ASN1_TYPE_new()))
-        goto err;
-    if ((len == -1) && !(attrtype & MBSTRING_FLAG)) {
-        if (!ASN1_TYPE_set1(ttmp, attrtype, data))
-            goto err;
-    } else {
-        ASN1_TYPE_set(ttmp, atype, stmp);
-        stmp = NULL;
-    }
-    if (!sk_ASN1_TYPE_push(attr->value.set, ttmp))
-        goto err;
-    return 1;
- err:
-    X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_MALLOC_FAILURE);
-    ASN1_TYPE_free(ttmp);
-    ASN1_STRING_free(stmp);
-    return 0;
-}
-
-int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr)
-{
-    if (!attr->single)
-        return sk_ASN1_TYPE_num(attr->value.set);
-    if (attr->value.single)
-        return 1;
-    return 0;
-}
-
-ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr)
-{
-    if (attr == NULL)
-        return (NULL);
-    return (attr->object);
-}
-
-void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx,
-                               int atrtype, void *data)
-{
-    ASN1_TYPE *ttmp;
-    ttmp = X509_ATTRIBUTE_get0_type(attr, idx);
-    if (!ttmp)
-        return NULL;
-    if (atrtype != ASN1_TYPE_get(ttmp)) {
-        X509err(X509_F_X509_ATTRIBUTE_GET0_DATA, X509_R_WRONG_TYPE);
-        return NULL;
-    }
-    return ttmp->value.ptr;
-}
-
-ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx)
-{
-    if (attr == NULL)
-        return (NULL);
-    if (idx >= X509_ATTRIBUTE_count(attr))
-        return NULL;
-    if (!attr->single)
-        return sk_ASN1_TYPE_value(attr->value.set, idx);
-    else
-        return attr->value.single;
-}
diff --git a/thirdparty/openssl/crypto/x509/x509_cmp.c b/thirdparty/openssl/crypto/x509/x509_cmp.c
deleted file mode 100644
index 49c71b9128..0000000000
--- a/thirdparty/openssl/crypto/x509/x509_cmp.c
+++ /dev/null
@@ -1,498 +0,0 @@
-/* crypto/x509/x509_cmp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b)
-{
-    int i;
-    X509_CINF *ai, *bi;
-
-    ai = a->cert_info;
-    bi = b->cert_info;
-    i = M_ASN1_INTEGER_cmp(ai->serialNumber, bi->serialNumber);
-    if (i)
-        return (i);
-    return (X509_NAME_cmp(ai->issuer, bi->issuer));
-}
-
-#ifndef OPENSSL_NO_MD5
-unsigned long X509_issuer_and_serial_hash(X509 *a)
-{
-    unsigned long ret = 0;
-    EVP_MD_CTX ctx;
-    unsigned char md[16];
-    char *f;
-
-    EVP_MD_CTX_init(&ctx);
-    f = X509_NAME_oneline(a->cert_info->issuer, NULL, 0);
-    if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL))
-        goto err;
-    if (!EVP_DigestUpdate(&ctx, (unsigned char *)f, strlen(f)))
-        goto err;
-    OPENSSL_free(f);
-    if (!EVP_DigestUpdate
-        (&ctx, (unsigned char *)a->cert_info->serialNumber->data,
-         (unsigned long)a->cert_info->serialNumber->length))
-        goto err;
-    if (!EVP_DigestFinal_ex(&ctx, &(md[0]), NULL))
-        goto err;
-    ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) |
-           ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)
-        ) & 0xffffffffL;
- err:
-    EVP_MD_CTX_cleanup(&ctx);
-    return (ret);
-}
-#endif
-
-int X509_issuer_name_cmp(const X509 *a, const X509 *b)
-{
-    return (X509_NAME_cmp(a->cert_info->issuer, b->cert_info->issuer));
-}
-
-int X509_subject_name_cmp(const X509 *a, const X509 *b)
-{
-    return (X509_NAME_cmp(a->cert_info->subject, b->cert_info->subject));
-}
-
-int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b)
-{
-    return (X509_NAME_cmp(a->crl->issuer, b->crl->issuer));
-}
-
-#ifndef OPENSSL_NO_SHA
-int X509_CRL_match(const X509_CRL *a, const X509_CRL *b)
-{
-    return memcmp(a->sha1_hash, b->sha1_hash, 20);
-}
-#endif
-
-X509_NAME *X509_get_issuer_name(X509 *a)
-{
-    return (a->cert_info->issuer);
-}
-
-unsigned long X509_issuer_name_hash(X509 *x)
-{
-    return (X509_NAME_hash(x->cert_info->issuer));
-}
-
-#ifndef OPENSSL_NO_MD5
-unsigned long X509_issuer_name_hash_old(X509 *x)
-{
-    return (X509_NAME_hash_old(x->cert_info->issuer));
-}
-#endif
-
-X509_NAME *X509_get_subject_name(X509 *a)
-{
-    return (a->cert_info->subject);
-}
-
-ASN1_INTEGER *X509_get_serialNumber(X509 *a)
-{
-    return (a->cert_info->serialNumber);
-}
-
-unsigned long X509_subject_name_hash(X509 *x)
-{
-    return (X509_NAME_hash(x->cert_info->subject));
-}
-
-#ifndef OPENSSL_NO_MD5
-unsigned long X509_subject_name_hash_old(X509 *x)
-{
-    return (X509_NAME_hash_old(x->cert_info->subject));
-}
-#endif
-
-#ifndef OPENSSL_NO_SHA
-/*
- * Compare two certificates: they must be identical for this to work. NB:
- * Although "cmp" operations are generally prototyped to take "const"
- * arguments (eg. for use in STACKs), the way X509 handling is - these
- * operations may involve ensuring the hashes are up-to-date and ensuring
- * certain cert information is cached. So this is the point where the
- * "depth-first" constification tree has to halt with an evil cast.
- */
-int X509_cmp(const X509 *a, const X509 *b)
-{
-    int rv;
-    /* ensure hash is valid */
-    X509_check_purpose((X509 *)a, -1, 0);
-    X509_check_purpose((X509 *)b, -1, 0);
-
-    rv = memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH);
-    if (rv)
-        return rv;
-    /* Check for match against stored encoding too */
-    if (!a->cert_info->enc.modified && !b->cert_info->enc.modified) {
-        rv = (int)(a->cert_info->enc.len - b->cert_info->enc.len);
-        if (rv)
-            return rv;
-        return memcmp(a->cert_info->enc.enc, b->cert_info->enc.enc,
-                      a->cert_info->enc.len);
-    }
-    return rv;
-}
-#endif
-
-int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b)
-{
-    int ret;
-
-    /* Ensure canonical encoding is present and up to date */
-
-    if (!a->canon_enc || a->modified) {
-        ret = i2d_X509_NAME((X509_NAME *)a, NULL);
-        if (ret < 0)
-            return -2;
-    }
-
-    if (!b->canon_enc || b->modified) {
-        ret = i2d_X509_NAME((X509_NAME *)b, NULL);
-        if (ret < 0)
-            return -2;
-    }
-
-    ret = a->canon_enclen - b->canon_enclen;
-
-    if (ret)
-        return ret;
-
-    return memcmp(a->canon_enc, b->canon_enc, a->canon_enclen);
-
-}
-
-unsigned long X509_NAME_hash(X509_NAME *x)
-{
-    unsigned long ret = 0;
-    unsigned char md[SHA_DIGEST_LENGTH];
-
-    /* Make sure X509_NAME structure contains valid cached encoding */
-    i2d_X509_NAME(x, NULL);
-    if (!EVP_Digest(x->canon_enc, x->canon_enclen, md, NULL, EVP_sha1(),
-                    NULL))
-        return 0;
-
-    ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) |
-           ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)
-        ) & 0xffffffffL;
-    return (ret);
-}
-
-#ifndef OPENSSL_NO_MD5
-/*
- * I now DER encode the name and hash it.  Since I cache the DER encoding,
- * this is reasonably efficient.
- */
-
-unsigned long X509_NAME_hash_old(X509_NAME *x)
-{
-    EVP_MD_CTX md_ctx;
-    unsigned long ret = 0;
-    unsigned char md[16];
-
-    /* Make sure X509_NAME structure contains valid cached encoding */
-    i2d_X509_NAME(x, NULL);
-    EVP_MD_CTX_init(&md_ctx);
-    EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
-    if (EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL)
-        && EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length)
-        && EVP_DigestFinal_ex(&md_ctx, md, NULL))
-        ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) |
-               ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)
-            ) & 0xffffffffL;
-    EVP_MD_CTX_cleanup(&md_ctx);
-
-    return (ret);
-}
-#endif
-
-/* Search a stack of X509 for a match */
-X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name,
-                                     ASN1_INTEGER *serial)
-{
-    int i;
-    X509_CINF cinf;
-    X509 x, *x509 = NULL;
-
-    if (!sk)
-        return NULL;
-
-    x.cert_info = &cinf;
-    cinf.serialNumber = serial;
-    cinf.issuer = name;
-
-    for (i = 0; i < sk_X509_num(sk); i++) {
-        x509 = sk_X509_value(sk, i);
-        if (X509_issuer_and_serial_cmp(x509, &x) == 0)
-            return (x509);
-    }
-    return (NULL);
-}
-
-X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name)
-{
-    X509 *x509;
-    int i;
-
-    for (i = 0; i < sk_X509_num(sk); i++) {
-        x509 = sk_X509_value(sk, i);
-        if (X509_NAME_cmp(X509_get_subject_name(x509), name) == 0)
-            return (x509);
-    }
-    return (NULL);
-}
-
-EVP_PKEY *X509_get_pubkey(X509 *x)
-{
-    if ((x == NULL) || (x->cert_info == NULL))
-        return (NULL);
-    return (X509_PUBKEY_get(x->cert_info->key));
-}
-
-ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x)
-{
-    if (!x)
-        return NULL;
-    return x->cert_info->key->public_key;
-}
-
-int X509_check_private_key(X509 *x, EVP_PKEY *k)
-{
-    EVP_PKEY *xk;
-    int ret;
-
-    xk = X509_get_pubkey(x);
-
-    if (xk)
-        ret = EVP_PKEY_cmp(xk, k);
-    else
-        ret = -2;
-
-    switch (ret) {
-    case 1:
-        break;
-    case 0:
-        X509err(X509_F_X509_CHECK_PRIVATE_KEY, X509_R_KEY_VALUES_MISMATCH);
-        break;
-    case -1:
-        X509err(X509_F_X509_CHECK_PRIVATE_KEY, X509_R_KEY_TYPE_MISMATCH);
-        break;
-    case -2:
-        X509err(X509_F_X509_CHECK_PRIVATE_KEY, X509_R_UNKNOWN_KEY_TYPE);
-    }
-    if (xk)
-        EVP_PKEY_free(xk);
-    if (ret > 0)
-        return 1;
-    return 0;
-}
-
-/*
- * Check a suite B algorithm is permitted: pass in a public key and the NID
- * of its signature (or 0 if no signature). The pflags is a pointer to a
- * flags field which must contain the suite B verification flags.
- */
-
-#ifndef OPENSSL_NO_EC
-
-static int check_suite_b(EVP_PKEY *pkey, int sign_nid, unsigned long *pflags)
-{
-    const EC_GROUP *grp = NULL;
-    int curve_nid;
-    if (pkey && pkey->type == EVP_PKEY_EC)
-        grp = EC_KEY_get0_group(pkey->pkey.ec);
-    if (!grp)
-        return X509_V_ERR_SUITE_B_INVALID_ALGORITHM;
-    curve_nid = EC_GROUP_get_curve_name(grp);
-    /* Check curve is consistent with LOS */
-    if (curve_nid == NID_secp384r1) { /* P-384 */
-        /*
-         * Check signature algorithm is consistent with curve.
-         */
-        if (sign_nid != -1 && sign_nid != NID_ecdsa_with_SHA384)
-            return X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM;
-        if (!(*pflags & X509_V_FLAG_SUITEB_192_LOS))
-            return X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED;
-        /* If we encounter P-384 we cannot use P-256 later */
-        *pflags &= ~X509_V_FLAG_SUITEB_128_LOS_ONLY;
-    } else if (curve_nid == NID_X9_62_prime256v1) { /* P-256 */
-        if (sign_nid != -1 && sign_nid != NID_ecdsa_with_SHA256)
-            return X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM;
-        if (!(*pflags & X509_V_FLAG_SUITEB_128_LOS_ONLY))
-            return X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED;
-    } else
-        return X509_V_ERR_SUITE_B_INVALID_CURVE;
-
-    return X509_V_OK;
-}
-
-int X509_chain_check_suiteb(int *perror_depth, X509 *x, STACK_OF(X509) *chain,
-                            unsigned long flags)
-{
-    int rv, i, sign_nid;
-    EVP_PKEY *pk = NULL;
-    unsigned long tflags;
-    if (!(flags & X509_V_FLAG_SUITEB_128_LOS))
-        return X509_V_OK;
-    tflags = flags;
-    /* If no EE certificate passed in must be first in chain */
-    if (x == NULL) {
-        x = sk_X509_value(chain, 0);
-        i = 1;
-    } else
-        i = 0;
-
-    if (X509_get_version(x) != 2) {
-        rv = X509_V_ERR_SUITE_B_INVALID_VERSION;
-        /* Correct error depth */
-        i = 0;
-        goto end;
-    }
-
-    pk = X509_get_pubkey(x);
-    /* Check EE key only */
-    rv = check_suite_b(pk, -1, &tflags);
-    if (rv != X509_V_OK) {
-        /* Correct error depth */
-        i = 0;
-        goto end;
-    }
-    for (; i < sk_X509_num(chain); i++) {
-        sign_nid = X509_get_signature_nid(x);
-        x = sk_X509_value(chain, i);
-        if (X509_get_version(x) != 2) {
-            rv = X509_V_ERR_SUITE_B_INVALID_VERSION;
-            goto end;
-        }
-        EVP_PKEY_free(pk);
-        pk = X509_get_pubkey(x);
-        rv = check_suite_b(pk, sign_nid, &tflags);
-        if (rv != X509_V_OK)
-            goto end;
-    }
-
-    /* Final check: root CA signature */
-    rv = check_suite_b(pk, X509_get_signature_nid(x), &tflags);
- end:
-    if (pk)
-        EVP_PKEY_free(pk);
-    if (rv != X509_V_OK) {
-        /* Invalid signature or LOS errors are for previous cert */
-        if ((rv == X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM
-             || rv == X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED) && i)
-            i--;
-        /*
-         * If we have LOS error and flags changed then we are signing P-384
-         * with P-256. Use more meaninggul error.
-         */
-        if (rv == X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED && flags != tflags)
-            rv = X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256;
-        if (perror_depth)
-            *perror_depth = i;
-    }
-    return rv;
-}
-
-int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk, unsigned long flags)
-{
-    int sign_nid;
-    if (!(flags & X509_V_FLAG_SUITEB_128_LOS))
-        return X509_V_OK;
-    sign_nid = OBJ_obj2nid(crl->crl->sig_alg->algorithm);
-    return check_suite_b(pk, sign_nid, &flags);
-}
-
-#else
-int X509_chain_check_suiteb(int *perror_depth, X509 *x, STACK_OF(X509) *chain,
-                            unsigned long flags)
-{
-    return 0;
-}
-
-int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk, unsigned long flags)
-{
-    return 0;
-}
-
-#endif
-/*
- * Not strictly speaking an "up_ref" as a STACK doesn't have a reference
- * count but it has the same effect by duping the STACK and upping the ref of
- * each X509 structure.
- */
-STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain)
-{
-    STACK_OF(X509) *ret;
-    int i;
-    ret = sk_X509_dup(chain);
-    for (i = 0; i < sk_X509_num(ret); i++) {
-        X509 *x = sk_X509_value(ret, i);
-        CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
-    }
-    return ret;
-}
diff --git a/thirdparty/openssl/crypto/x509/x509_d2.c b/thirdparty/openssl/crypto/x509/x509_d2.c
deleted file mode 100644
index 50ca2a6d18..0000000000
--- a/thirdparty/openssl/crypto/x509/x509_d2.c
+++ /dev/null
@@ -1,109 +0,0 @@
-/* crypto/x509/x509_d2.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_STDIO
-int X509_STORE_set_default_paths(X509_STORE *ctx)
-{
-    X509_LOOKUP *lookup;
-
-    lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_file());
-    if (lookup == NULL)
-        return (0);
-    X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT);
-
-    lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_hash_dir());
-    if (lookup == NULL)
-        return (0);
-    X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT);
-
-    /* clear any errors */
-    ERR_clear_error();
-
-    return (1);
-}
-
-int X509_STORE_load_locations(X509_STORE *ctx, const char *file,
-                              const char *path)
-{
-    X509_LOOKUP *lookup;
-
-    if (file != NULL) {
-        lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_file());
-        if (lookup == NULL)
-            return (0);
-        if (X509_LOOKUP_load_file(lookup, file, X509_FILETYPE_PEM) != 1)
-            return (0);
-    }
-    if (path != NULL) {
-        lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_hash_dir());
-        if (lookup == NULL)
-            return (0);
-        if (X509_LOOKUP_add_dir(lookup, path, X509_FILETYPE_PEM) != 1)
-            return (0);
-    }
-    if ((path == NULL) && (file == NULL))
-        return (0);
-    return (1);
-}
-
-#endif
diff --git a/thirdparty/openssl/crypto/x509/x509_def.c b/thirdparty/openssl/crypto/x509/x509_def.c
deleted file mode 100644
index 25c5537556..0000000000
--- a/thirdparty/openssl/crypto/x509/x509_def.c
+++ /dev/null
@@ -1,92 +0,0 @@
-/* crypto/x509/x509_def.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-
-const char *X509_get_default_private_dir(void)
-{
-    return (X509_PRIVATE_DIR);
-}
-
-const char *X509_get_default_cert_area(void)
-{
-    return (X509_CERT_AREA);
-}
-
-const char *X509_get_default_cert_dir(void)
-{
-    return (X509_CERT_DIR);
-}
-
-const char *X509_get_default_cert_file(void)
-{
-    return (X509_CERT_FILE);
-}
-
-const char *X509_get_default_cert_dir_env(void)
-{
-    return (X509_CERT_DIR_EVP);
-}
-
-const char *X509_get_default_cert_file_env(void)
-{
-    return (X509_CERT_FILE_EVP);
-}
diff --git a/thirdparty/openssl/crypto/x509/x509_err.c b/thirdparty/openssl/crypto/x509/x509_err.c
deleted file mode 100644
index a2a8e1b08b..0000000000
--- a/thirdparty/openssl/crypto/x509/x509_err.c
+++ /dev/null
@@ -1,188 +0,0 @@
-/* crypto/x509/x509_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2016 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509,0,reason)
-
-static ERR_STRING_DATA X509_str_functs[] = {
-    {ERR_FUNC(X509_F_ADD_CERT_DIR), "ADD_CERT_DIR"},
-    {ERR_FUNC(X509_F_BY_FILE_CTRL), "BY_FILE_CTRL"},
-    {ERR_FUNC(X509_F_CHECK_NAME_CONSTRAINTS), "CHECK_NAME_CONSTRAINTS"},
-    {ERR_FUNC(X509_F_CHECK_POLICY), "CHECK_POLICY"},
-    {ERR_FUNC(X509_F_DIR_CTRL), "DIR_CTRL"},
-    {ERR_FUNC(X509_F_GET_CERT_BY_SUBJECT), "GET_CERT_BY_SUBJECT"},
-    {ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_DECODE), "NETSCAPE_SPKI_b64_decode"},
-    {ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_ENCODE), "NETSCAPE_SPKI_b64_encode"},
-    {ERR_FUNC(X509_F_X509AT_ADD1_ATTR), "X509at_add1_attr"},
-    {ERR_FUNC(X509_F_X509V3_ADD_EXT), "X509v3_add_ext"},
-    {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_NID),
-     "X509_ATTRIBUTE_create_by_NID"},
-    {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ),
-     "X509_ATTRIBUTE_create_by_OBJ"},
-    {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT),
-     "X509_ATTRIBUTE_create_by_txt"},
-    {ERR_FUNC(X509_F_X509_ATTRIBUTE_GET0_DATA), "X509_ATTRIBUTE_get0_data"},
-    {ERR_FUNC(X509_F_X509_ATTRIBUTE_SET1_DATA), "X509_ATTRIBUTE_set1_data"},
-    {ERR_FUNC(X509_F_X509_CHECK_PRIVATE_KEY), "X509_check_private_key"},
-    {ERR_FUNC(X509_F_X509_CRL_DIFF), "X509_CRL_diff"},
-    {ERR_FUNC(X509_F_X509_CRL_PRINT_FP), "X509_CRL_print_fp"},
-    {ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_NID),
-     "X509_EXTENSION_create_by_NID"},
-    {ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_OBJ),
-     "X509_EXTENSION_create_by_OBJ"},
-    {ERR_FUNC(X509_F_X509_GET_PUBKEY_PARAMETERS),
-     "X509_get_pubkey_parameters"},
-    {ERR_FUNC(X509_F_X509_LOAD_CERT_CRL_FILE), "X509_load_cert_crl_file"},
-    {ERR_FUNC(X509_F_X509_LOAD_CERT_FILE), "X509_load_cert_file"},
-    {ERR_FUNC(X509_F_X509_LOAD_CRL_FILE), "X509_load_crl_file"},
-    {ERR_FUNC(X509_F_X509_NAME_ADD_ENTRY), "X509_NAME_add_entry"},
-    {ERR_FUNC(X509_F_X509_NAME_ENTRY_CREATE_BY_NID),
-     "X509_NAME_ENTRY_create_by_NID"},
-    {ERR_FUNC(X509_F_X509_NAME_ENTRY_CREATE_BY_TXT),
-     "X509_NAME_ENTRY_create_by_txt"},
-    {ERR_FUNC(X509_F_X509_NAME_ENTRY_SET_OBJECT),
-     "X509_NAME_ENTRY_set_object"},
-    {ERR_FUNC(X509_F_X509_NAME_ONELINE), "X509_NAME_oneline"},
-    {ERR_FUNC(X509_F_X509_NAME_PRINT), "X509_NAME_print"},
-    {ERR_FUNC(X509_F_X509_PRINT_EX_FP), "X509_print_ex_fp"},
-    {ERR_FUNC(X509_F_X509_PUBKEY_GET), "X509_PUBKEY_get"},
-    {ERR_FUNC(X509_F_X509_PUBKEY_SET), "X509_PUBKEY_set"},
-    {ERR_FUNC(X509_F_X509_REQ_CHECK_PRIVATE_KEY),
-     "X509_REQ_check_private_key"},
-    {ERR_FUNC(X509_F_X509_REQ_PRINT_EX), "X509_REQ_print_ex"},
-    {ERR_FUNC(X509_F_X509_REQ_PRINT_FP), "X509_REQ_print_fp"},
-    {ERR_FUNC(X509_F_X509_REQ_TO_X509), "X509_REQ_to_X509"},
-    {ERR_FUNC(X509_F_X509_STORE_ADD_CERT), "X509_STORE_add_cert"},
-    {ERR_FUNC(X509_F_X509_STORE_ADD_CRL), "X509_STORE_add_crl"},
-    {ERR_FUNC(X509_F_X509_STORE_CTX_GET1_ISSUER),
-     "X509_STORE_CTX_get1_issuer"},
-    {ERR_FUNC(X509_F_X509_STORE_CTX_INIT), "X509_STORE_CTX_init"},
-    {ERR_FUNC(X509_F_X509_STORE_CTX_NEW), "X509_STORE_CTX_new"},
-    {ERR_FUNC(X509_F_X509_STORE_CTX_PURPOSE_INHERIT),
-     "X509_STORE_CTX_purpose_inherit"},
-    {ERR_FUNC(X509_F_X509_TO_X509_REQ), "X509_to_X509_REQ"},
-    {ERR_FUNC(X509_F_X509_TRUST_ADD), "X509_TRUST_add"},
-    {ERR_FUNC(X509_F_X509_TRUST_SET), "X509_TRUST_set"},
-    {ERR_FUNC(X509_F_X509_VERIFY_CERT), "X509_verify_cert"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA X509_str_reasons[] = {
-    {ERR_REASON(X509_R_AKID_MISMATCH), "akid mismatch"},
-    {ERR_REASON(X509_R_BAD_X509_FILETYPE), "bad x509 filetype"},
-    {ERR_REASON(X509_R_BASE64_DECODE_ERROR), "base64 decode error"},
-    {ERR_REASON(X509_R_CANT_CHECK_DH_KEY), "cant check dh key"},
-    {ERR_REASON(X509_R_CERT_ALREADY_IN_HASH_TABLE),
-     "cert already in hash table"},
-    {ERR_REASON(X509_R_CRL_ALREADY_DELTA), "crl already delta"},
-    {ERR_REASON(X509_R_CRL_VERIFY_FAILURE), "crl verify failure"},
-    {ERR_REASON(X509_R_ERR_ASN1_LIB), "err asn1 lib"},
-    {ERR_REASON(X509_R_IDP_MISMATCH), "idp mismatch"},
-    {ERR_REASON(X509_R_INVALID_DIRECTORY), "invalid directory"},
-    {ERR_REASON(X509_R_INVALID_FIELD_NAME), "invalid field name"},
-    {ERR_REASON(X509_R_INVALID_TRUST), "invalid trust"},
-    {ERR_REASON(X509_R_ISSUER_MISMATCH), "issuer mismatch"},
-    {ERR_REASON(X509_R_KEY_TYPE_MISMATCH), "key type mismatch"},
-    {ERR_REASON(X509_R_KEY_VALUES_MISMATCH), "key values mismatch"},
-    {ERR_REASON(X509_R_LOADING_CERT_DIR), "loading cert dir"},
-    {ERR_REASON(X509_R_LOADING_DEFAULTS), "loading defaults"},
-    {ERR_REASON(X509_R_METHOD_NOT_SUPPORTED), "method not supported"},
-    {ERR_REASON(X509_R_NAME_TOO_LONG), "name too long"},
-    {ERR_REASON(X509_R_NEWER_CRL_NOT_NEWER), "newer crl not newer"},
-    {ERR_REASON(X509_R_NO_CERT_SET_FOR_US_TO_VERIFY),
-     "no cert set for us to verify"},
-    {ERR_REASON(X509_R_NO_CRL_NUMBER), "no crl number"},
-    {ERR_REASON(X509_R_PUBLIC_KEY_DECODE_ERROR), "public key decode error"},
-    {ERR_REASON(X509_R_PUBLIC_KEY_ENCODE_ERROR), "public key encode error"},
-    {ERR_REASON(X509_R_SHOULD_RETRY), "should retry"},
-    {ERR_REASON(X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN),
-     "unable to find parameters in chain"},
-    {ERR_REASON(X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY),
-     "unable to get certs public key"},
-    {ERR_REASON(X509_R_UNKNOWN_KEY_TYPE), "unknown key type"},
-    {ERR_REASON(X509_R_UNKNOWN_NID), "unknown nid"},
-    {ERR_REASON(X509_R_UNKNOWN_PURPOSE_ID), "unknown purpose id"},
-    {ERR_REASON(X509_R_UNKNOWN_TRUST_ID), "unknown trust id"},
-    {ERR_REASON(X509_R_UNSUPPORTED_ALGORITHM), "unsupported algorithm"},
-    {ERR_REASON(X509_R_WRONG_LOOKUP_TYPE), "wrong lookup type"},
-    {ERR_REASON(X509_R_WRONG_TYPE), "wrong type"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_X509_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(X509_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, X509_str_functs);
-        ERR_load_strings(0, X509_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/x509/x509_ext.c b/thirdparty/openssl/crypto/x509/x509_ext.c
deleted file mode 100644
index fb4e311d71..0000000000
--- a/thirdparty/openssl/crypto/x509/x509_ext.c
+++ /dev/null
@@ -1,211 +0,0 @@
-/* crypto/x509/x509_ext.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/stack.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-int X509_CRL_get_ext_count(X509_CRL *x)
-{
-    return (X509v3_get_ext_count(x->crl->extensions));
-}
-
-int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos)
-{
-    return (X509v3_get_ext_by_NID(x->crl->extensions, nid, lastpos));
-}
-
-int X509_CRL_get_ext_by_OBJ(X509_CRL *x, ASN1_OBJECT *obj, int lastpos)
-{
-    return (X509v3_get_ext_by_OBJ(x->crl->extensions, obj, lastpos));
-}
-
-int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos)
-{
-    return (X509v3_get_ext_by_critical(x->crl->extensions, crit, lastpos));
-}
-
-X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc)
-{
-    return (X509v3_get_ext(x->crl->extensions, loc));
-}
-
-X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc)
-{
-    return (X509v3_delete_ext(x->crl->extensions, loc));
-}
-
-void *X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx)
-{
-    return X509V3_get_d2i(x->crl->extensions, nid, crit, idx);
-}
-
-int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit,
-                          unsigned long flags)
-{
-    return X509V3_add1_i2d(&x->crl->extensions, nid, value, crit, flags);
-}
-
-int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc)
-{
-    return (X509v3_add_ext(&(x->crl->extensions), ex, loc) != NULL);
-}
-
-int X509_get_ext_count(X509 *x)
-{
-    return (X509v3_get_ext_count(x->cert_info->extensions));
-}
-
-int X509_get_ext_by_NID(X509 *x, int nid, int lastpos)
-{
-    return (X509v3_get_ext_by_NID(x->cert_info->extensions, nid, lastpos));
-}
-
-int X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj, int lastpos)
-{
-    return (X509v3_get_ext_by_OBJ(x->cert_info->extensions, obj, lastpos));
-}
-
-int X509_get_ext_by_critical(X509 *x, int crit, int lastpos)
-{
-    return (X509v3_get_ext_by_critical
-            (x->cert_info->extensions, crit, lastpos));
-}
-
-X509_EXTENSION *X509_get_ext(X509 *x, int loc)
-{
-    return (X509v3_get_ext(x->cert_info->extensions, loc));
-}
-
-X509_EXTENSION *X509_delete_ext(X509 *x, int loc)
-{
-    return (X509v3_delete_ext(x->cert_info->extensions, loc));
-}
-
-int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc)
-{
-    return (X509v3_add_ext(&(x->cert_info->extensions), ex, loc) != NULL);
-}
-
-void *X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx)
-{
-    return X509V3_get_d2i(x->cert_info->extensions, nid, crit, idx);
-}
-
-int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
-                      unsigned long flags)
-{
-    return X509V3_add1_i2d(&x->cert_info->extensions, nid, value, crit,
-                           flags);
-}
-
-int X509_REVOKED_get_ext_count(X509_REVOKED *x)
-{
-    return (X509v3_get_ext_count(x->extensions));
-}
-
-int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos)
-{
-    return (X509v3_get_ext_by_NID(x->extensions, nid, lastpos));
-}
-
-int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x, ASN1_OBJECT *obj,
-                                int lastpos)
-{
-    return (X509v3_get_ext_by_OBJ(x->extensions, obj, lastpos));
-}
-
-int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos)
-{
-    return (X509v3_get_ext_by_critical(x->extensions, crit, lastpos));
-}
-
-X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc)
-{
-    return (X509v3_get_ext(x->extensions, loc));
-}
-
-X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc)
-{
-    return (X509v3_delete_ext(x->extensions, loc));
-}
-
-int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc)
-{
-    return (X509v3_add_ext(&(x->extensions), ex, loc) != NULL);
-}
-
-void *X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx)
-{
-    return X509V3_get_d2i(x->extensions, nid, crit, idx);
-}
-
-int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit,
-                              unsigned long flags)
-{
-    return X509V3_add1_i2d(&x->extensions, nid, value, crit, flags);
-}
-
-IMPLEMENT_STACK_OF(X509_EXTENSION)
-
-IMPLEMENT_ASN1_SET_OF(X509_EXTENSION)
diff --git a/thirdparty/openssl/crypto/x509/x509_lu.c b/thirdparty/openssl/crypto/x509/x509_lu.c
deleted file mode 100644
index b7424809fd..0000000000
--- a/thirdparty/openssl/crypto/x509/x509_lu.c
+++ /dev/null
@@ -1,727 +0,0 @@
-/* crypto/x509/x509_lu.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method)
-{
-    X509_LOOKUP *ret;
-
-    ret = (X509_LOOKUP *)OPENSSL_malloc(sizeof(X509_LOOKUP));
-    if (ret == NULL)
-        return NULL;
-
-    ret->init = 0;
-    ret->skip = 0;
-    ret->method = method;
-    ret->method_data = NULL;
-    ret->store_ctx = NULL;
-    if ((method->new_item != NULL) && !method->new_item(ret)) {
-        OPENSSL_free(ret);
-        return NULL;
-    }
-    return ret;
-}
-
-void X509_LOOKUP_free(X509_LOOKUP *ctx)
-{
-    if (ctx == NULL)
-        return;
-    if ((ctx->method != NULL) && (ctx->method->free != NULL))
-        (*ctx->method->free) (ctx);
-    OPENSSL_free(ctx);
-}
-
-int X509_LOOKUP_init(X509_LOOKUP *ctx)
-{
-    if (ctx->method == NULL)
-        return 0;
-    if (ctx->method->init != NULL)
-        return ctx->method->init(ctx);
-    else
-        return 1;
-}
-
-int X509_LOOKUP_shutdown(X509_LOOKUP *ctx)
-{
-    if (ctx->method == NULL)
-        return 0;
-    if (ctx->method->shutdown != NULL)
-        return ctx->method->shutdown(ctx);
-    else
-        return 1;
-}
-
-int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
-                     char **ret)
-{
-    if (ctx->method == NULL)
-        return -1;
-    if (ctx->method->ctrl != NULL)
-        return ctx->method->ctrl(ctx, cmd, argc, argl, ret);
-    else
-        return 1;
-}
-
-int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
-                           X509_OBJECT *ret)
-{
-    if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL))
-        return X509_LU_FAIL;
-    if (ctx->skip)
-        return 0;
-    return ctx->method->get_by_subject(ctx, type, name, ret);
-}
-
-int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
-                                 ASN1_INTEGER *serial, X509_OBJECT *ret)
-{
-    if ((ctx->method == NULL) || (ctx->method->get_by_issuer_serial == NULL))
-        return X509_LU_FAIL;
-    return ctx->method->get_by_issuer_serial(ctx, type, name, serial, ret);
-}
-
-int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
-                               unsigned char *bytes, int len,
-                               X509_OBJECT *ret)
-{
-    if ((ctx->method == NULL) || (ctx->method->get_by_fingerprint == NULL))
-        return X509_LU_FAIL;
-    return ctx->method->get_by_fingerprint(ctx, type, bytes, len, ret);
-}
-
-int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, int len,
-                         X509_OBJECT *ret)
-{
-    if ((ctx->method == NULL) || (ctx->method->get_by_alias == NULL))
-        return X509_LU_FAIL;
-    return ctx->method->get_by_alias(ctx, type, str, len, ret);
-}
-
-static int x509_object_cmp(const X509_OBJECT *const *a,
-                           const X509_OBJECT *const *b)
-{
-    int ret;
-
-    ret = ((*a)->type - (*b)->type);
-    if (ret)
-        return ret;
-    switch ((*a)->type) {
-    case X509_LU_X509:
-        ret = X509_subject_name_cmp((*a)->data.x509, (*b)->data.x509);
-        break;
-    case X509_LU_CRL:
-        ret = X509_CRL_cmp((*a)->data.crl, (*b)->data.crl);
-        break;
-    default:
-        /* abort(); */
-        return 0;
-    }
-    return ret;
-}
-
-X509_STORE *X509_STORE_new(void)
-{
-    X509_STORE *ret;
-
-    if ((ret = (X509_STORE *)OPENSSL_malloc(sizeof(X509_STORE))) == NULL)
-        return NULL;
-    if ((ret->objs = sk_X509_OBJECT_new(x509_object_cmp)) == NULL)
-        goto err0;
-    ret->cache = 1;
-    if ((ret->get_cert_methods = sk_X509_LOOKUP_new_null()) == NULL)
-        goto err1;
-    ret->verify = 0;
-    ret->verify_cb = 0;
-
-    if ((ret->param = X509_VERIFY_PARAM_new()) == NULL)
-        goto err2;
-
-    ret->get_issuer = 0;
-    ret->check_issued = 0;
-    ret->check_revocation = 0;
-    ret->get_crl = 0;
-    ret->check_crl = 0;
-    ret->cert_crl = 0;
-    ret->lookup_certs = 0;
-    ret->lookup_crls = 0;
-    ret->cleanup = 0;
-
-    if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data))
-       goto err3;
-
-    ret->references = 1;
-    return ret;
-
- err3:
-    X509_VERIFY_PARAM_free(ret->param);
- err2:
-    sk_X509_LOOKUP_free(ret->get_cert_methods);
- err1:
-    sk_X509_OBJECT_free(ret->objs);
- err0:
-    OPENSSL_free(ret);
-    return NULL;
-}
-
-static void cleanup(X509_OBJECT *a)
-{
-    if (!a)
-        return;
-    if (a->type == X509_LU_X509) {
-        X509_free(a->data.x509);
-    } else if (a->type == X509_LU_CRL) {
-        X509_CRL_free(a->data.crl);
-    } else {
-        /* abort(); */
-    }
-
-    OPENSSL_free(a);
-}
-
-void X509_STORE_free(X509_STORE *vfy)
-{
-    int i;
-    STACK_OF(X509_LOOKUP) *sk;
-    X509_LOOKUP *lu;
-
-    if (vfy == NULL)
-        return;
-
-    i = CRYPTO_add(&vfy->references, -1, CRYPTO_LOCK_X509_STORE);
-#ifdef REF_PRINT
-    REF_PRINT("X509_STORE", vfy);
-#endif
-    if (i > 0)
-        return;
-#ifdef REF_CHECK
-    if (i < 0) {
-        fprintf(stderr, "X509_STORE_free, bad reference count\n");
-        abort();                /* ok */
-    }
-#endif
-
-    sk = vfy->get_cert_methods;
-    for (i = 0; i < sk_X509_LOOKUP_num(sk); i++) {
-        lu = sk_X509_LOOKUP_value(sk, i);
-        X509_LOOKUP_shutdown(lu);
-        X509_LOOKUP_free(lu);
-    }
-    sk_X509_LOOKUP_free(sk);
-    sk_X509_OBJECT_pop_free(vfy->objs, cleanup);
-
-    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE, vfy, &vfy->ex_data);
-    if (vfy->param)
-        X509_VERIFY_PARAM_free(vfy->param);
-    OPENSSL_free(vfy);
-}
-
-X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m)
-{
-    int i;
-    STACK_OF(X509_LOOKUP) *sk;
-    X509_LOOKUP *lu;
-
-    sk = v->get_cert_methods;
-    for (i = 0; i < sk_X509_LOOKUP_num(sk); i++) {
-        lu = sk_X509_LOOKUP_value(sk, i);
-        if (m == lu->method) {
-            return lu;
-        }
-    }
-    /* a new one */
-    lu = X509_LOOKUP_new(m);
-    if (lu == NULL)
-        return NULL;
-    else {
-        lu->store_ctx = v;
-        if (sk_X509_LOOKUP_push(v->get_cert_methods, lu))
-            return lu;
-        else {
-            X509_LOOKUP_free(lu);
-            return NULL;
-        }
-    }
-}
-
-int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
-                              X509_OBJECT *ret)
-{
-    X509_STORE *ctx = vs->ctx;
-    X509_LOOKUP *lu;
-    X509_OBJECT stmp, *tmp;
-    int i, j;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-    tmp = X509_OBJECT_retrieve_by_subject(ctx->objs, type, name);
-    CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-
-    if (tmp == NULL || type == X509_LU_CRL) {
-        for (i = vs->current_method;
-             i < sk_X509_LOOKUP_num(ctx->get_cert_methods); i++) {
-            lu = sk_X509_LOOKUP_value(ctx->get_cert_methods, i);
-            j = X509_LOOKUP_by_subject(lu, type, name, &stmp);
-            if (j < 0) {
-                vs->current_method = j;
-                return j;
-            } else if (j) {
-                tmp = &stmp;
-                break;
-            }
-        }
-        vs->current_method = 0;
-        if (tmp == NULL)
-            return 0;
-    }
-
-/*- if (ret->data.ptr != NULL)
-            X509_OBJECT_free_contents(ret); */
-
-    ret->type = tmp->type;
-    ret->data.ptr = tmp->data.ptr;
-
-    X509_OBJECT_up_ref_count(ret);
-
-    return 1;
-}
-
-int X509_STORE_add_cert(X509_STORE *ctx, X509 *x)
-{
-    X509_OBJECT *obj;
-    int ret = 1;
-
-    if (x == NULL)
-        return 0;
-    obj = (X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT));
-    if (obj == NULL) {
-        X509err(X509_F_X509_STORE_ADD_CERT, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    obj->type = X509_LU_X509;
-    obj->data.x509 = x;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-
-    X509_OBJECT_up_ref_count(obj);
-
-    if (X509_OBJECT_retrieve_match(ctx->objs, obj)) {
-        X509_OBJECT_free_contents(obj);
-        OPENSSL_free(obj);
-        X509err(X509_F_X509_STORE_ADD_CERT,
-                X509_R_CERT_ALREADY_IN_HASH_TABLE);
-        ret = 0;
-    } else if (!sk_X509_OBJECT_push(ctx->objs, obj)) {
-        X509_OBJECT_free_contents(obj);
-        OPENSSL_free(obj);
-        X509err(X509_F_X509_STORE_ADD_CERT, ERR_R_MALLOC_FAILURE);
-        ret = 0;
-    }
-
-    CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-
-    return ret;
-}
-
-int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x)
-{
-    X509_OBJECT *obj;
-    int ret = 1;
-
-    if (x == NULL)
-        return 0;
-    obj = (X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT));
-    if (obj == NULL) {
-        X509err(X509_F_X509_STORE_ADD_CRL, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    obj->type = X509_LU_CRL;
-    obj->data.crl = x;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-
-    X509_OBJECT_up_ref_count(obj);
-
-    if (X509_OBJECT_retrieve_match(ctx->objs, obj)) {
-        X509_OBJECT_free_contents(obj);
-        OPENSSL_free(obj);
-        X509err(X509_F_X509_STORE_ADD_CRL, X509_R_CERT_ALREADY_IN_HASH_TABLE);
-        ret = 0;
-    } else if (!sk_X509_OBJECT_push(ctx->objs, obj)) {
-        X509_OBJECT_free_contents(obj);
-        OPENSSL_free(obj);
-        X509err(X509_F_X509_STORE_ADD_CRL, ERR_R_MALLOC_FAILURE);
-        ret = 0;
-    }
-
-    CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-
-    return ret;
-}
-
-void X509_OBJECT_up_ref_count(X509_OBJECT *a)
-{
-    switch (a->type) {
-    case X509_LU_X509:
-        CRYPTO_add(&a->data.x509->references, 1, CRYPTO_LOCK_X509);
-        break;
-    case X509_LU_CRL:
-        CRYPTO_add(&a->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
-        break;
-    }
-}
-
-void X509_OBJECT_free_contents(X509_OBJECT *a)
-{
-    switch (a->type) {
-    case X509_LU_X509:
-        X509_free(a->data.x509);
-        break;
-    case X509_LU_CRL:
-        X509_CRL_free(a->data.crl);
-        break;
-    }
-}
-
-static int x509_object_idx_cnt(STACK_OF(X509_OBJECT) *h, int type,
-                               X509_NAME *name, int *pnmatch)
-{
-    X509_OBJECT stmp;
-    X509 x509_s;
-    X509_CINF cinf_s;
-    X509_CRL crl_s;
-    X509_CRL_INFO crl_info_s;
-    int idx;
-
-    stmp.type = type;
-    switch (type) {
-    case X509_LU_X509:
-        stmp.data.x509 = &x509_s;
-        x509_s.cert_info = &cinf_s;
-        cinf_s.subject = name;
-        break;
-    case X509_LU_CRL:
-        stmp.data.crl = &crl_s;
-        crl_s.crl = &crl_info_s;
-        crl_info_s.issuer = name;
-        break;
-    default:
-        /* abort(); */
-        return -1;
-    }
-
-    idx = sk_X509_OBJECT_find(h, &stmp);
-    if (idx >= 0 && pnmatch) {
-        int tidx;
-        const X509_OBJECT *tobj, *pstmp;
-        *pnmatch = 1;
-        pstmp = &stmp;
-        for (tidx = idx + 1; tidx < sk_X509_OBJECT_num(h); tidx++) {
-            tobj = sk_X509_OBJECT_value(h, tidx);
-            if (x509_object_cmp(&tobj, &pstmp))
-                break;
-            (*pnmatch)++;
-        }
-    }
-    return idx;
-}
-
-int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
-                               X509_NAME *name)
-{
-    return x509_object_idx_cnt(h, type, name, NULL);
-}
-
-X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,
-                                             int type, X509_NAME *name)
-{
-    int idx;
-    idx = X509_OBJECT_idx_by_subject(h, type, name);
-    if (idx == -1)
-        return NULL;
-    return sk_X509_OBJECT_value(h, idx);
-}
-
-STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm)
-{
-    int i, idx, cnt;
-    STACK_OF(X509) *sk;
-    X509 *x;
-    X509_OBJECT *obj;
-    sk = sk_X509_new_null();
-    CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-    idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
-    if (idx < 0) {
-        /*
-         * Nothing found in cache: do lookup to possibly add new objects to
-         * cache
-         */
-        X509_OBJECT xobj;
-        CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-        if (!X509_STORE_get_by_subject(ctx, X509_LU_X509, nm, &xobj)) {
-            sk_X509_free(sk);
-            return NULL;
-        }
-        X509_OBJECT_free_contents(&xobj);
-        CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-        idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
-        if (idx < 0) {
-            CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-            sk_X509_free(sk);
-            return NULL;
-        }
-    }
-    for (i = 0; i < cnt; i++, idx++) {
-        obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
-        x = obj->data.x509;
-        CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
-        if (!sk_X509_push(sk, x)) {
-            CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-            X509_free(x);
-            sk_X509_pop_free(sk, X509_free);
-            return NULL;
-        }
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-    return sk;
-
-}
-
-STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm)
-{
-    int i, idx, cnt;
-    STACK_OF(X509_CRL) *sk;
-    X509_CRL *x;
-    X509_OBJECT *obj, xobj;
-    sk = sk_X509_CRL_new_null();
-    CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-
-    /*
-     * Always do lookup to possibly add new CRLs to cache
-     */
-    CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-    if (!X509_STORE_get_by_subject(ctx, X509_LU_CRL, nm, &xobj)) {
-        sk_X509_CRL_free(sk);
-        return NULL;
-    }
-    X509_OBJECT_free_contents(&xobj);
-    CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-    idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_CRL, nm, &cnt);
-    if (idx < 0) {
-        CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-        sk_X509_CRL_free(sk);
-        return NULL;
-    }
-
-    for (i = 0; i < cnt; i++, idx++) {
-        obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
-        x = obj->data.crl;
-        CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509_CRL);
-        if (!sk_X509_CRL_push(sk, x)) {
-            CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-            X509_CRL_free(x);
-            sk_X509_CRL_pop_free(sk, X509_CRL_free);
-            return NULL;
-        }
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-    return sk;
-}
-
-X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
-                                        X509_OBJECT *x)
-{
-    int idx, i;
-    X509_OBJECT *obj;
-    idx = sk_X509_OBJECT_find(h, x);
-    if (idx == -1)
-        return NULL;
-    if ((x->type != X509_LU_X509) && (x->type != X509_LU_CRL))
-        return sk_X509_OBJECT_value(h, idx);
-    for (i = idx; i < sk_X509_OBJECT_num(h); i++) {
-        obj = sk_X509_OBJECT_value(h, i);
-        if (x509_object_cmp
-            ((const X509_OBJECT **)&obj, (const X509_OBJECT **)&x))
-            return NULL;
-        if (x->type == X509_LU_X509) {
-            if (!X509_cmp(obj->data.x509, x->data.x509))
-                return obj;
-        } else if (x->type == X509_LU_CRL) {
-            if (!X509_CRL_match(obj->data.crl, x->data.crl))
-                return obj;
-        } else
-            return obj;
-    }
-    return NULL;
-}
-
-/*-
- * Try to get issuer certificate from store. Due to limitations
- * of the API this can only retrieve a single certificate matching
- * a given subject name. However it will fill the cache with all
- * matching certificates, so we can examine the cache for all
- * matches.
- *
- * Return values are:
- *  1 lookup successful.
- *  0 certificate not found.
- * -1 some other error.
- */
-int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
-{
-    X509_NAME *xn;
-    X509_OBJECT obj, *pobj;
-    int i, ok, idx, ret;
-    xn = X509_get_issuer_name(x);
-    ok = X509_STORE_get_by_subject(ctx, X509_LU_X509, xn, &obj);
-    if (ok != X509_LU_X509) {
-        if (ok == X509_LU_RETRY) {
-            X509_OBJECT_free_contents(&obj);
-            X509err(X509_F_X509_STORE_CTX_GET1_ISSUER, X509_R_SHOULD_RETRY);
-            return -1;
-        } else if (ok != X509_LU_FAIL) {
-            X509_OBJECT_free_contents(&obj);
-            /* not good :-(, break anyway */
-            return -1;
-        }
-        return 0;
-    }
-    /* If certificate matches all OK */
-    if (ctx->check_issued(ctx, x, obj.data.x509)) {
-        *issuer = obj.data.x509;
-        return 1;
-    }
-    X509_OBJECT_free_contents(&obj);
-
-    /* Else find index of first cert accepted by 'check_issued' */
-    ret = 0;
-    CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-    idx = X509_OBJECT_idx_by_subject(ctx->ctx->objs, X509_LU_X509, xn);
-    if (idx != -1) {            /* should be true as we've had at least one
-                                 * match */
-        /* Look through all matching certs for suitable issuer */
-        for (i = idx; i < sk_X509_OBJECT_num(ctx->ctx->objs); i++) {
-            pobj = sk_X509_OBJECT_value(ctx->ctx->objs, i);
-            /* See if we've run past the matches */
-            if (pobj->type != X509_LU_X509)
-                break;
-            if (X509_NAME_cmp(xn, X509_get_subject_name(pobj->data.x509)))
-                break;
-            if (ctx->check_issued(ctx, x, pobj->data.x509)) {
-                *issuer = pobj->data.x509;
-                X509_OBJECT_up_ref_count(pobj);
-                ret = 1;
-                break;
-            }
-        }
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-    return ret;
-}
-
-int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags)
-{
-    return X509_VERIFY_PARAM_set_flags(ctx->param, flags);
-}
-
-int X509_STORE_set_depth(X509_STORE *ctx, int depth)
-{
-    X509_VERIFY_PARAM_set_depth(ctx->param, depth);
-    return 1;
-}
-
-int X509_STORE_set_purpose(X509_STORE *ctx, int purpose)
-{
-    return X509_VERIFY_PARAM_set_purpose(ctx->param, purpose);
-}
-
-int X509_STORE_set_trust(X509_STORE *ctx, int trust)
-{
-    return X509_VERIFY_PARAM_set_trust(ctx->param, trust);
-}
-
-int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *param)
-{
-    return X509_VERIFY_PARAM_set1(ctx->param, param);
-}
-
-void X509_STORE_set_verify_cb(X509_STORE *ctx,
-                              int (*verify_cb) (int, X509_STORE_CTX *))
-{
-    ctx->verify_cb = verify_cb;
-}
-
-void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
-                                   STACK_OF(X509_CRL) *(*cb) (X509_STORE_CTX
-                                                              *ctx,
-                                                              X509_NAME *nm))
-{
-    ctx->lookup_crls = cb;
-}
-
-X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *ctx)
-{
-    return ctx->ctx;
-}
-
-IMPLEMENT_STACK_OF(X509_LOOKUP)
-
-IMPLEMENT_STACK_OF(X509_OBJECT)
diff --git a/thirdparty/openssl/crypto/x509/x509_obj.c b/thirdparty/openssl/crypto/x509/x509_obj.c
deleted file mode 100644
index 0a839f3e54..0000000000
--- a/thirdparty/openssl/crypto/x509/x509_obj.c
+++ /dev/null
@@ -1,230 +0,0 @@
-/* crypto/x509/x509_obj.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/buffer.h>
-
-/*
- * Limit to ensure we don't overflow: much greater than
- * anything enountered in practice.
- */
-
-#define NAME_ONELINE_MAX    (1024 * 1024)
-
-char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
-{
-    X509_NAME_ENTRY *ne;
-    int i;
-    int n, lold, l, l1, l2, num, j, type;
-    const char *s;
-    char *p;
-    unsigned char *q;
-    BUF_MEM *b = NULL;
-    static const char hex[17] = "0123456789ABCDEF";
-    int gs_doit[4];
-    char tmp_buf[80];
-#ifdef CHARSET_EBCDIC
-    char ebcdic_buf[1024];
-#endif
-
-    if (buf == NULL) {
-        if ((b = BUF_MEM_new()) == NULL)
-            goto err;
-        if (!BUF_MEM_grow(b, 200))
-            goto err;
-        b->data[0] = '\0';
-        len = 200;
-    } else if (len == 0) {
-        return NULL;
-    }
-    if (a == NULL) {
-        if (b) {
-            buf = b->data;
-            OPENSSL_free(b);
-        }
-        strncpy(buf, "NO X509_NAME", len);
-        buf[len - 1] = '\0';
-        return buf;
-    }
-
-    len--;                      /* space for '\0' */
-    l = 0;
-    for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
-        ne = sk_X509_NAME_ENTRY_value(a->entries, i);
-        n = OBJ_obj2nid(ne->object);
-        if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
-            i2t_ASN1_OBJECT(tmp_buf, sizeof(tmp_buf), ne->object);
-            s = tmp_buf;
-        }
-        l1 = strlen(s);
-
-        type = ne->value->type;
-        num = ne->value->length;
-        if (num > NAME_ONELINE_MAX) {
-            X509err(X509_F_X509_NAME_ONELINE, X509_R_NAME_TOO_LONG);
-            goto end;
-        }
-        q = ne->value->data;
-#ifdef CHARSET_EBCDIC
-        if (type == V_ASN1_GENERALSTRING ||
-            type == V_ASN1_VISIBLESTRING ||
-            type == V_ASN1_PRINTABLESTRING ||
-            type == V_ASN1_TELETEXSTRING ||
-            type == V_ASN1_IA5STRING) {
-            if (num > (int)sizeof(ebcdic_buf))
-                num = sizeof(ebcdic_buf);
-            ascii2ebcdic(ebcdic_buf, q, num);
-            q = ebcdic_buf;
-        }
-#endif
-
-        if ((type == V_ASN1_GENERALSTRING) && ((num % 4) == 0)) {
-            gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 0;
-            for (j = 0; j < num; j++)
-                if (q[j] != 0)
-                    gs_doit[j & 3] = 1;
-
-            if (gs_doit[0] | gs_doit[1] | gs_doit[2])
-                gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;
-            else {
-                gs_doit[0] = gs_doit[1] = gs_doit[2] = 0;
-                gs_doit[3] = 1;
-            }
-        } else
-            gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;
-
-        for (l2 = j = 0; j < num; j++) {
-            if (!gs_doit[j & 3])
-                continue;
-            l2++;
-#ifndef CHARSET_EBCDIC
-            if ((q[j] < ' ') || (q[j] > '~'))
-                l2 += 3;
-#else
-            if ((os_toascii[q[j]] < os_toascii[' ']) ||
-                (os_toascii[q[j]] > os_toascii['~']))
-                l2 += 3;
-#endif
-        }
-
-        lold = l;
-        l += 1 + l1 + 1 + l2;
-        if (l > NAME_ONELINE_MAX) {
-            X509err(X509_F_X509_NAME_ONELINE, X509_R_NAME_TOO_LONG);
-            goto end;
-        }
-        if (b != NULL) {
-            if (!BUF_MEM_grow(b, l + 1))
-                goto err;
-            p = &(b->data[lold]);
-        } else if (l > len) {
-            break;
-        } else
-            p = &(buf[lold]);
-        *(p++) = '/';
-        memcpy(p, s, (unsigned int)l1);
-        p += l1;
-        *(p++) = '=';
-
-#ifndef CHARSET_EBCDIC          /* q was assigned above already. */
-        q = ne->value->data;
-#endif
-
-        for (j = 0; j < num; j++) {
-            if (!gs_doit[j & 3])
-                continue;
-#ifndef CHARSET_EBCDIC
-            n = q[j];
-            if ((n < ' ') || (n > '~')) {
-                *(p++) = '\\';
-                *(p++) = 'x';
-                *(p++) = hex[(n >> 4) & 0x0f];
-                *(p++) = hex[n & 0x0f];
-            } else
-                *(p++) = n;
-#else
-            n = os_toascii[q[j]];
-            if ((n < os_toascii[' ']) || (n > os_toascii['~'])) {
-                *(p++) = '\\';
-                *(p++) = 'x';
-                *(p++) = hex[(n >> 4) & 0x0f];
-                *(p++) = hex[n & 0x0f];
-            } else
-                *(p++) = q[j];
-#endif
-        }
-        *p = '\0';
-    }
-    if (b != NULL) {
-        p = b->data;
-        OPENSSL_free(b);
-    } else
-        p = buf;
-    if (i == 0)
-        *p = '\0';
-    return (p);
- err:
-    X509err(X509_F_X509_NAME_ONELINE, ERR_R_MALLOC_FAILURE);
- end:
-    BUF_MEM_free(b);
-    return (NULL);
-}
diff --git a/thirdparty/openssl/crypto/x509/x509_r2x.c b/thirdparty/openssl/crypto/x509/x509_r2x.c
deleted file mode 100644
index 2879569ead..0000000000
--- a/thirdparty/openssl/crypto/x509/x509_r2x.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* crypto/x509/x509_r2x.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/asn1.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-#include <openssl/buffer.h>
-
-X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
-{
-    X509 *ret = NULL;
-    X509_CINF *xi = NULL;
-    X509_NAME *xn;
-    EVP_PKEY *pubkey = NULL;
-    int res;
-
-    if ((ret = X509_new()) == NULL) {
-        X509err(X509_F_X509_REQ_TO_X509, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    /* duplicate the request */
-    xi = ret->cert_info;
-
-    if (sk_X509_ATTRIBUTE_num(r->req_info->attributes) != 0) {
-        if ((xi->version = M_ASN1_INTEGER_new()) == NULL)
-            goto err;
-        if (!ASN1_INTEGER_set(xi->version, 2))
-            goto err;
-/*-     xi->extensions=ri->attributes; <- bad, should not ever be done
-        ri->attributes=NULL; */
-    }
-
-    xn = X509_REQ_get_subject_name(r);
-    if (X509_set_subject_name(ret, xn) == 0)
-        goto err;
-    if (X509_set_issuer_name(ret, xn) == 0)
-        goto err;
-
-    if (X509_gmtime_adj(xi->validity->notBefore, 0) == NULL)
-        goto err;
-    if (X509_gmtime_adj(xi->validity->notAfter, (long)60 * 60 * 24 * days) ==
-        NULL)
-        goto err;
-
-    pubkey = X509_REQ_get_pubkey(r);
-    res = X509_set_pubkey(ret, pubkey);
-    EVP_PKEY_free(pubkey);
-
-    if (!res || !X509_sign(ret, pkey, EVP_md5()))
-        goto err;
-    if (0) {
- err:
-        X509_free(ret);
-        ret = NULL;
-    }
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/x509/x509_req.c b/thirdparty/openssl/crypto/x509/x509_req.c
deleted file mode 100644
index 01795f4b3f..0000000000
--- a/thirdparty/openssl/crypto/x509/x509_req.c
+++ /dev/null
@@ -1,328 +0,0 @@
-/* crypto/x509/x509_req.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-#include <openssl/buffer.h>
-#include <openssl/pem.h>
-
-X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
-{
-    X509_REQ *ret;
-    X509_REQ_INFO *ri;
-    int i;
-    EVP_PKEY *pktmp;
-
-    ret = X509_REQ_new();
-    if (ret == NULL) {
-        X509err(X509_F_X509_TO_X509_REQ, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    ri = ret->req_info;
-
-    ri->version->length = 1;
-    ri->version->data = (unsigned char *)OPENSSL_malloc(1);
-    if (ri->version->data == NULL)
-        goto err;
-    ri->version->data[0] = 0;   /* version == 0 */
-
-    if (!X509_REQ_set_subject_name(ret, X509_get_subject_name(x)))
-        goto err;
-
-    pktmp = X509_get_pubkey(x);
-    if (pktmp == NULL)
-        goto err;
-    i = X509_REQ_set_pubkey(ret, pktmp);
-    EVP_PKEY_free(pktmp);
-    if (!i)
-        goto err;
-
-    if (pkey != NULL) {
-        if (!X509_REQ_sign(ret, pkey, md))
-            goto err;
-    }
-    return (ret);
- err:
-    X509_REQ_free(ret);
-    return (NULL);
-}
-
-EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req)
-{
-    if ((req == NULL) || (req->req_info == NULL))
-        return (NULL);
-    return (X509_PUBKEY_get(req->req_info->pubkey));
-}
-
-int X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k)
-{
-    EVP_PKEY *xk = NULL;
-    int ok = 0;
-
-    xk = X509_REQ_get_pubkey(x);
-    switch (EVP_PKEY_cmp(xk, k)) {
-    case 1:
-        ok = 1;
-        break;
-    case 0:
-        X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,
-                X509_R_KEY_VALUES_MISMATCH);
-        break;
-    case -1:
-        X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, X509_R_KEY_TYPE_MISMATCH);
-        break;
-    case -2:
-#ifndef OPENSSL_NO_EC
-        if (k->type == EVP_PKEY_EC) {
-            X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, ERR_R_EC_LIB);
-            break;
-        }
-#endif
-#ifndef OPENSSL_NO_DH
-        if (k->type == EVP_PKEY_DH) {
-            /* No idea */
-            X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,
-                    X509_R_CANT_CHECK_DH_KEY);
-            break;
-        }
-#endif
-        X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, X509_R_UNKNOWN_KEY_TYPE);
-    }
-
-    EVP_PKEY_free(xk);
-    return (ok);
-}
-
-/*
- * It seems several organisations had the same idea of including a list of
- * extensions in a certificate request. There are at least two OIDs that are
- * used and there may be more: so the list is configurable.
- */
-
-static int ext_nid_list[] = { NID_ext_req, NID_ms_ext_req, NID_undef };
-
-static int *ext_nids = ext_nid_list;
-
-int X509_REQ_extension_nid(int req_nid)
-{
-    int i, nid;
-    for (i = 0;; i++) {
-        nid = ext_nids[i];
-        if (nid == NID_undef)
-            return 0;
-        else if (req_nid == nid)
-            return 1;
-    }
-}
-
-int *X509_REQ_get_extension_nids(void)
-{
-    return ext_nids;
-}
-
-void X509_REQ_set_extension_nids(int *nids)
-{
-    ext_nids = nids;
-}
-
-STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req)
-{
-    X509_ATTRIBUTE *attr;
-    ASN1_TYPE *ext = NULL;
-    int idx, *pnid;
-    const unsigned char *p;
-
-    if ((req == NULL) || (req->req_info == NULL) || !ext_nids)
-        return (NULL);
-    for (pnid = ext_nids; *pnid != NID_undef; pnid++) {
-        idx = X509_REQ_get_attr_by_NID(req, *pnid, -1);
-        if (idx == -1)
-            continue;
-        attr = X509_REQ_get_attr(req, idx);
-        if (attr->single)
-            ext = attr->value.single;
-        else if (sk_ASN1_TYPE_num(attr->value.set))
-            ext = sk_ASN1_TYPE_value(attr->value.set, 0);
-        break;
-    }
-    if (!ext || (ext->type != V_ASN1_SEQUENCE))
-        return NULL;
-    p = ext->value.sequence->data;
-    return (STACK_OF(X509_EXTENSION) *)
-        ASN1_item_d2i(NULL, &p, ext->value.sequence->length,
-                      ASN1_ITEM_rptr(X509_EXTENSIONS));
-}
-
-/*
- * Add a STACK_OF extensions to a certificate request: allow alternative OIDs
- * in case we want to create a non standard one.
- */
-
-int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
-                                int nid)
-{
-    ASN1_TYPE *at = NULL;
-    X509_ATTRIBUTE *attr = NULL;
-    if (!(at = ASN1_TYPE_new()) || !(at->value.sequence = ASN1_STRING_new()))
-        goto err;
-
-    at->type = V_ASN1_SEQUENCE;
-    /* Generate encoding of extensions */
-    at->value.sequence->length =
-        ASN1_item_i2d((ASN1_VALUE *)exts,
-                      &at->value.sequence->data,
-                      ASN1_ITEM_rptr(X509_EXTENSIONS));
-    if (!(attr = X509_ATTRIBUTE_new()))
-        goto err;
-    if (!(attr->value.set = sk_ASN1_TYPE_new_null()))
-        goto err;
-    if (!sk_ASN1_TYPE_push(attr->value.set, at))
-        goto err;
-    at = NULL;
-    attr->single = 0;
-    attr->object = OBJ_nid2obj(nid);
-    if (!req->req_info->attributes) {
-        if (!(req->req_info->attributes = sk_X509_ATTRIBUTE_new_null()))
-            goto err;
-    }
-    if (!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr))
-        goto err;
-    return 1;
- err:
-    X509_ATTRIBUTE_free(attr);
-    ASN1_TYPE_free(at);
-    return 0;
-}
-
-/* This is the normal usage: use the "official" OID */
-int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts)
-{
-    return X509_REQ_add_extensions_nid(req, exts, NID_ext_req);
-}
-
-/* Request attribute functions */
-
-int X509_REQ_get_attr_count(const X509_REQ *req)
-{
-    return X509at_get_attr_count(req->req_info->attributes);
-}
-
-int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, int lastpos)
-{
-    return X509at_get_attr_by_NID(req->req_info->attributes, nid, lastpos);
-}
-
-int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj,
-                             int lastpos)
-{
-    return X509at_get_attr_by_OBJ(req->req_info->attributes, obj, lastpos);
-}
-
-X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc)
-{
-    return X509at_get_attr(req->req_info->attributes, loc);
-}
-
-X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc)
-{
-    return X509at_delete_attr(req->req_info->attributes, loc);
-}
-
-int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr)
-{
-    if (X509at_add1_attr(&req->req_info->attributes, attr))
-        return 1;
-    return 0;
-}
-
-int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
-                              const ASN1_OBJECT *obj, int type,
-                              const unsigned char *bytes, int len)
-{
-    if (X509at_add1_attr_by_OBJ(&req->req_info->attributes, obj,
-                                type, bytes, len))
-        return 1;
-    return 0;
-}
-
-int X509_REQ_add1_attr_by_NID(X509_REQ *req,
-                              int nid, int type,
-                              const unsigned char *bytes, int len)
-{
-    if (X509at_add1_attr_by_NID(&req->req_info->attributes, nid,
-                                type, bytes, len))
-        return 1;
-    return 0;
-}
-
-int X509_REQ_add1_attr_by_txt(X509_REQ *req,
-                              const char *attrname, int type,
-                              const unsigned char *bytes, int len)
-{
-    if (X509at_add1_attr_by_txt(&req->req_info->attributes, attrname,
-                                type, bytes, len))
-        return 1;
-    return 0;
-}
diff --git a/thirdparty/openssl/crypto/x509/x509_set.c b/thirdparty/openssl/crypto/x509/x509_set.c
deleted file mode 100644
index 5b802bd6c7..0000000000
--- a/thirdparty/openssl/crypto/x509/x509_set.c
+++ /dev/null
@@ -1,152 +0,0 @@
-/* crypto/x509/x509_set.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-int X509_set_version(X509 *x, long version)
-{
-    if (x == NULL)
-        return (0);
-    if (version == 0) {
-        M_ASN1_INTEGER_free(x->cert_info->version);
-        x->cert_info->version = NULL;
-        return (1);
-    }
-    if (x->cert_info->version == NULL) {
-        if ((x->cert_info->version = M_ASN1_INTEGER_new()) == NULL)
-            return (0);
-    }
-    return (ASN1_INTEGER_set(x->cert_info->version, version));
-}
-
-int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial)
-{
-    ASN1_INTEGER *in;
-
-    if (x == NULL)
-        return (0);
-    in = x->cert_info->serialNumber;
-    if (in != serial) {
-        in = M_ASN1_INTEGER_dup(serial);
-        if (in != NULL) {
-            M_ASN1_INTEGER_free(x->cert_info->serialNumber);
-            x->cert_info->serialNumber = in;
-        }
-    }
-    return (in != NULL);
-}
-
-int X509_set_issuer_name(X509 *x, X509_NAME *name)
-{
-    if ((x == NULL) || (x->cert_info == NULL))
-        return (0);
-    return (X509_NAME_set(&x->cert_info->issuer, name));
-}
-
-int X509_set_subject_name(X509 *x, X509_NAME *name)
-{
-    if ((x == NULL) || (x->cert_info == NULL))
-        return (0);
-    return (X509_NAME_set(&x->cert_info->subject, name));
-}
-
-int X509_set_notBefore(X509 *x, const ASN1_TIME *tm)
-{
-    ASN1_TIME *in;
-
-    if ((x == NULL) || (x->cert_info->validity == NULL))
-        return (0);
-    in = x->cert_info->validity->notBefore;
-    if (in != tm) {
-        in = M_ASN1_TIME_dup(tm);
-        if (in != NULL) {
-            M_ASN1_TIME_free(x->cert_info->validity->notBefore);
-            x->cert_info->validity->notBefore = in;
-        }
-    }
-    return (in != NULL);
-}
-
-int X509_set_notAfter(X509 *x, const ASN1_TIME *tm)
-{
-    ASN1_TIME *in;
-
-    if ((x == NULL) || (x->cert_info->validity == NULL))
-        return (0);
-    in = x->cert_info->validity->notAfter;
-    if (in != tm) {
-        in = M_ASN1_TIME_dup(tm);
-        if (in != NULL) {
-            M_ASN1_TIME_free(x->cert_info->validity->notAfter);
-            x->cert_info->validity->notAfter = in;
-        }
-    }
-    return (in != NULL);
-}
-
-int X509_set_pubkey(X509 *x, EVP_PKEY *pkey)
-{
-    if ((x == NULL) || (x->cert_info == NULL))
-        return (0);
-    return (X509_PUBKEY_set(&(x->cert_info->key), pkey));
-}
diff --git a/thirdparty/openssl/crypto/x509/x509_trs.c b/thirdparty/openssl/crypto/x509/x509_trs.c
deleted file mode 100644
index 11e0763403..0000000000
--- a/thirdparty/openssl/crypto/x509/x509_trs.c
+++ /dev/null
@@ -1,318 +0,0 @@
-/* x509_trs.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509v3.h>
-
-static int tr_cmp(const X509_TRUST *const *a, const X509_TRUST *const *b);
-static void trtable_free(X509_TRUST *p);
-
-static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags);
-static int trust_1oid(X509_TRUST *trust, X509 *x, int flags);
-static int trust_compat(X509_TRUST *trust, X509 *x, int flags);
-
-static int obj_trust(int id, X509 *x, int flags);
-static int (*default_trust) (int id, X509 *x, int flags) = obj_trust;
-
-/*
- * WARNING: the following table should be kept in order of trust and without
- * any gaps so we can just subtract the minimum trust value to get an index
- * into the table
- */
-
-static X509_TRUST trstandard[] = {
-    {X509_TRUST_COMPAT, 0, trust_compat, "compatible", 0, NULL},
-    {X509_TRUST_SSL_CLIENT, 0, trust_1oidany, "SSL Client", NID_client_auth,
-     NULL},
-    {X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Server", NID_server_auth,
-     NULL},
-    {X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect,
-     NULL},
-    {X509_TRUST_OBJECT_SIGN, 0, trust_1oidany, "Object Signer", NID_code_sign,
-     NULL},
-    {X509_TRUST_OCSP_SIGN, 0, trust_1oid, "OCSP responder", NID_OCSP_sign,
-     NULL},
-    {X509_TRUST_OCSP_REQUEST, 0, trust_1oid, "OCSP request", NID_ad_OCSP,
-     NULL},
-    {X509_TRUST_TSA, 0, trust_1oidany, "TSA server", NID_time_stamp, NULL}
-};
-
-#define X509_TRUST_COUNT        (sizeof(trstandard)/sizeof(X509_TRUST))
-
-IMPLEMENT_STACK_OF(X509_TRUST)
-
-static STACK_OF(X509_TRUST) *trtable = NULL;
-
-static int tr_cmp(const X509_TRUST *const *a, const X509_TRUST *const *b)
-{
-    return (*a)->trust - (*b)->trust;
-}
-
-int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *,
-                                                                int) {
-    int (*oldtrust) (int, X509 *, int);
-    oldtrust = default_trust;
-    default_trust = trust;
-    return oldtrust;
-}
-
-int X509_check_trust(X509 *x, int id, int flags)
-{
-    X509_TRUST *pt;
-    int idx;
-    if (id == -1)
-        return 1;
-    /* We get this as a default value */
-    if (id == 0) {
-        int rv;
-        rv = obj_trust(NID_anyExtendedKeyUsage, x, 0);
-        if (rv != X509_TRUST_UNTRUSTED)
-            return rv;
-        return trust_compat(NULL, x, 0);
-    }
-    idx = X509_TRUST_get_by_id(id);
-    if (idx == -1)
-        return default_trust(id, x, flags);
-    pt = X509_TRUST_get0(idx);
-    return pt->check_trust(pt, x, flags);
-}
-
-int X509_TRUST_get_count(void)
-{
-    if (!trtable)
-        return X509_TRUST_COUNT;
-    return sk_X509_TRUST_num(trtable) + X509_TRUST_COUNT;
-}
-
-X509_TRUST *X509_TRUST_get0(int idx)
-{
-    if (idx < 0)
-        return NULL;
-    if (idx < (int)X509_TRUST_COUNT)
-        return trstandard + idx;
-    return sk_X509_TRUST_value(trtable, idx - X509_TRUST_COUNT);
-}
-
-int X509_TRUST_get_by_id(int id)
-{
-    X509_TRUST tmp;
-    int idx;
-    if ((id >= X509_TRUST_MIN) && (id <= X509_TRUST_MAX))
-        return id - X509_TRUST_MIN;
-    tmp.trust = id;
-    if (!trtable)
-        return -1;
-    idx = sk_X509_TRUST_find(trtable, &tmp);
-    if (idx == -1)
-        return -1;
-    return idx + X509_TRUST_COUNT;
-}
-
-int X509_TRUST_set(int *t, int trust)
-{
-    if (X509_TRUST_get_by_id(trust) == -1) {
-        X509err(X509_F_X509_TRUST_SET, X509_R_INVALID_TRUST);
-        return 0;
-    }
-    *t = trust;
-    return 1;
-}
-
-int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int),
-                   char *name, int arg1, void *arg2)
-{
-    int idx;
-    X509_TRUST *trtmp;
-    /*
-     * This is set according to what we change: application can't set it
-     */
-    flags &= ~X509_TRUST_DYNAMIC;
-    /* This will always be set for application modified trust entries */
-    flags |= X509_TRUST_DYNAMIC_NAME;
-    /* Get existing entry if any */
-    idx = X509_TRUST_get_by_id(id);
-    /* Need a new entry */
-    if (idx == -1) {
-        if (!(trtmp = OPENSSL_malloc(sizeof(X509_TRUST)))) {
-            X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-        trtmp->flags = X509_TRUST_DYNAMIC;
-    } else
-        trtmp = X509_TRUST_get0(idx);
-
-    /* OPENSSL_free existing name if dynamic */
-    if (trtmp->flags & X509_TRUST_DYNAMIC_NAME)
-        OPENSSL_free(trtmp->name);
-    /* dup supplied name */
-    if (!(trtmp->name = BUF_strdup(name))) {
-        X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    /* Keep the dynamic flag of existing entry */
-    trtmp->flags &= X509_TRUST_DYNAMIC;
-    /* Set all other flags */
-    trtmp->flags |= flags;
-
-    trtmp->trust = id;
-    trtmp->check_trust = ck;
-    trtmp->arg1 = arg1;
-    trtmp->arg2 = arg2;
-
-    /* If its a new entry manage the dynamic table */
-    if (idx == -1) {
-        if (!trtable && !(trtable = sk_X509_TRUST_new(tr_cmp))) {
-            X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-        if (!sk_X509_TRUST_push(trtable, trtmp)) {
-            X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-    }
-    return 1;
-}
-
-static void trtable_free(X509_TRUST *p)
-{
-    if (!p)
-        return;
-    if (p->flags & X509_TRUST_DYNAMIC) {
-        if (p->flags & X509_TRUST_DYNAMIC_NAME)
-            OPENSSL_free(p->name);
-        OPENSSL_free(p);
-    }
-}
-
-void X509_TRUST_cleanup(void)
-{
-    unsigned int i;
-    for (i = 0; i < X509_TRUST_COUNT; i++)
-        trtable_free(trstandard + i);
-    sk_X509_TRUST_pop_free(trtable, trtable_free);
-    trtable = NULL;
-}
-
-int X509_TRUST_get_flags(X509_TRUST *xp)
-{
-    return xp->flags;
-}
-
-char *X509_TRUST_get0_name(X509_TRUST *xp)
-{
-    return xp->name;
-}
-
-int X509_TRUST_get_trust(X509_TRUST *xp)
-{
-    return xp->trust;
-}
-
-static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags)
-{
-    if (x->aux && (x->aux->trust || x->aux->reject))
-        return obj_trust(trust->arg1, x, flags);
-    /*
-     * we don't have any trust settings: for compatibility we return trusted
-     * if it is self signed
-     */
-    return trust_compat(trust, x, flags);
-}
-
-static int trust_1oid(X509_TRUST *trust, X509 *x, int flags)
-{
-    if (x->aux)
-        return obj_trust(trust->arg1, x, flags);
-    return X509_TRUST_UNTRUSTED;
-}
-
-static int trust_compat(X509_TRUST *trust, X509 *x, int flags)
-{
-    X509_check_purpose(x, -1, 0);
-    if (x->ex_flags & EXFLAG_SS)
-        return X509_TRUST_TRUSTED;
-    else
-        return X509_TRUST_UNTRUSTED;
-}
-
-static int obj_trust(int id, X509 *x, int flags)
-{
-    ASN1_OBJECT *obj;
-    int i;
-    X509_CERT_AUX *ax;
-    ax = x->aux;
-    if (!ax)
-        return X509_TRUST_UNTRUSTED;
-    if (ax->reject) {
-        for (i = 0; i < sk_ASN1_OBJECT_num(ax->reject); i++) {
-            obj = sk_ASN1_OBJECT_value(ax->reject, i);
-            if (OBJ_obj2nid(obj) == id)
-                return X509_TRUST_REJECTED;
-        }
-    }
-    if (ax->trust) {
-        for (i = 0; i < sk_ASN1_OBJECT_num(ax->trust); i++) {
-            obj = sk_ASN1_OBJECT_value(ax->trust, i);
-            if (OBJ_obj2nid(obj) == id)
-                return X509_TRUST_TRUSTED;
-        }
-    }
-    return X509_TRUST_UNTRUSTED;
-}
diff --git a/thirdparty/openssl/crypto/x509/x509_txt.c b/thirdparty/openssl/crypto/x509/x509_txt.c
deleted file mode 100644
index 35db095591..0000000000
--- a/thirdparty/openssl/crypto/x509/x509_txt.c
+++ /dev/null
@@ -1,218 +0,0 @@
-/* crypto/x509/x509_txt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-#include <errno.h>
-
-#include "cryptlib.h"
-#include <openssl/lhash.h>
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-#include <openssl/asn1.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-
-const char *X509_verify_cert_error_string(long n)
-{
-    static char buf[100];
-
-    switch ((int)n) {
-    case X509_V_OK:
-        return ("ok");
-    case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
-        return ("unable to get issuer certificate");
-    case X509_V_ERR_UNABLE_TO_GET_CRL:
-        return ("unable to get certificate CRL");
-    case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
-        return ("unable to decrypt certificate's signature");
-    case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
-        return ("unable to decrypt CRL's signature");
-    case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
-        return ("unable to decode issuer public key");
-    case X509_V_ERR_CERT_SIGNATURE_FAILURE:
-        return ("certificate signature failure");
-    case X509_V_ERR_CRL_SIGNATURE_FAILURE:
-        return ("CRL signature failure");
-    case X509_V_ERR_CERT_NOT_YET_VALID:
-        return ("certificate is not yet valid");
-    case X509_V_ERR_CRL_NOT_YET_VALID:
-        return ("CRL is not yet valid");
-    case X509_V_ERR_CERT_HAS_EXPIRED:
-        return ("certificate has expired");
-    case X509_V_ERR_CRL_HAS_EXPIRED:
-        return ("CRL has expired");
-    case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
-        return ("format error in certificate's notBefore field");
-    case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
-        return ("format error in certificate's notAfter field");
-    case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
-        return ("format error in CRL's lastUpdate field");
-    case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
-        return ("format error in CRL's nextUpdate field");
-    case X509_V_ERR_OUT_OF_MEM:
-        return ("out of memory");
-    case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
-        return ("self signed certificate");
-    case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
-        return ("self signed certificate in certificate chain");
-    case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
-        return ("unable to get local issuer certificate");
-    case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
-        return ("unable to verify the first certificate");
-    case X509_V_ERR_CERT_CHAIN_TOO_LONG:
-        return ("certificate chain too long");
-    case X509_V_ERR_CERT_REVOKED:
-        return ("certificate revoked");
-    case X509_V_ERR_INVALID_CA:
-        return ("invalid CA certificate");
-    case X509_V_ERR_INVALID_NON_CA:
-        return ("invalid non-CA certificate (has CA markings)");
-    case X509_V_ERR_PATH_LENGTH_EXCEEDED:
-        return ("path length constraint exceeded");
-    case X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED:
-        return ("proxy path length constraint exceeded");
-    case X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED:
-        return
-            ("proxy certificates not allowed, please set the appropriate flag");
-    case X509_V_ERR_INVALID_PURPOSE:
-        return ("unsupported certificate purpose");
-    case X509_V_ERR_CERT_UNTRUSTED:
-        return ("certificate not trusted");
-    case X509_V_ERR_CERT_REJECTED:
-        return ("certificate rejected");
-    case X509_V_ERR_APPLICATION_VERIFICATION:
-        return ("application verification failure");
-    case X509_V_ERR_SUBJECT_ISSUER_MISMATCH:
-        return ("subject issuer mismatch");
-    case X509_V_ERR_AKID_SKID_MISMATCH:
-        return ("authority and subject key identifier mismatch");
-    case X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH:
-        return ("authority and issuer serial number mismatch");
-    case X509_V_ERR_KEYUSAGE_NO_CERTSIGN:
-        return ("key usage does not include certificate signing");
-    case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER:
-        return ("unable to get CRL issuer certificate");
-    case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION:
-        return ("unhandled critical extension");
-    case X509_V_ERR_KEYUSAGE_NO_CRL_SIGN:
-        return ("key usage does not include CRL signing");
-    case X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE:
-        return ("key usage does not include digital signature");
-    case X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION:
-        return ("unhandled critical CRL extension");
-    case X509_V_ERR_INVALID_EXTENSION:
-        return ("invalid or inconsistent certificate extension");
-    case X509_V_ERR_INVALID_POLICY_EXTENSION:
-        return ("invalid or inconsistent certificate policy extension");
-    case X509_V_ERR_NO_EXPLICIT_POLICY:
-        return ("no explicit policy");
-    case X509_V_ERR_DIFFERENT_CRL_SCOPE:
-        return ("Different CRL scope");
-    case X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE:
-        return ("Unsupported extension feature");
-    case X509_V_ERR_UNNESTED_RESOURCE:
-        return ("RFC 3779 resource not subset of parent's resources");
-
-    case X509_V_ERR_PERMITTED_VIOLATION:
-        return ("permitted subtree violation");
-    case X509_V_ERR_EXCLUDED_VIOLATION:
-        return ("excluded subtree violation");
-    case X509_V_ERR_SUBTREE_MINMAX:
-        return ("name constraints minimum and maximum not supported");
-    case X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE:
-        return ("unsupported name constraint type");
-    case X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX:
-        return ("unsupported or invalid name constraint syntax");
-    case X509_V_ERR_UNSUPPORTED_NAME_SYNTAX:
-        return ("unsupported or invalid name syntax");
-    case X509_V_ERR_CRL_PATH_VALIDATION_ERROR:
-        return ("CRL path validation error");
-
-    case X509_V_ERR_SUITE_B_INVALID_VERSION:
-        return ("Suite B: certificate version invalid");
-    case X509_V_ERR_SUITE_B_INVALID_ALGORITHM:
-        return ("Suite B: invalid public key algorithm");
-    case X509_V_ERR_SUITE_B_INVALID_CURVE:
-        return ("Suite B: invalid ECC curve");
-    case X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM:
-        return ("Suite B: invalid signature algorithm");
-    case X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED:
-        return ("Suite B: curve not allowed for this LOS");
-    case X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256:
-        return ("Suite B: cannot sign P-384 with P-256");
-
-    case X509_V_ERR_HOSTNAME_MISMATCH:
-        return ("Hostname mismatch");
-    case X509_V_ERR_EMAIL_MISMATCH:
-        return ("Email address mismatch");
-    case X509_V_ERR_IP_ADDRESS_MISMATCH:
-        return ("IP address mismatch");
-
-    case X509_V_ERR_INVALID_CALL:
-        return ("Invalid certificate verification context");
-    case X509_V_ERR_STORE_LOOKUP:
-        return ("Issuer certificate lookup error");
-    case X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION:
-        return ("proxy subject name violation");
-
-    default:
-        BIO_snprintf(buf, sizeof buf, "error number %ld", n);
-        return (buf);
-    }
-}
diff --git a/thirdparty/openssl/crypto/x509/x509_v3.c b/thirdparty/openssl/crypto/x509/x509_v3.c
deleted file mode 100644
index 4a03445a64..0000000000
--- a/thirdparty/openssl/crypto/x509/x509_v3.c
+++ /dev/null
@@ -1,284 +0,0 @@
-/* crypto/x509/x509_v3.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/stack.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x)
-{
-    if (x == NULL)
-        return (0);
-    return (sk_X509_EXTENSION_num(x));
-}
-
-int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, int nid,
-                          int lastpos)
-{
-    ASN1_OBJECT *obj;
-
-    obj = OBJ_nid2obj(nid);
-    if (obj == NULL)
-        return (-2);
-    return (X509v3_get_ext_by_OBJ(x, obj, lastpos));
-}
-
-int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *sk,
-                          ASN1_OBJECT *obj, int lastpos)
-{
-    int n;
-    X509_EXTENSION *ex;
-
-    if (sk == NULL)
-        return (-1);
-    lastpos++;
-    if (lastpos < 0)
-        lastpos = 0;
-    n = sk_X509_EXTENSION_num(sk);
-    for (; lastpos < n; lastpos++) {
-        ex = sk_X509_EXTENSION_value(sk, lastpos);
-        if (OBJ_cmp(ex->object, obj) == 0)
-            return (lastpos);
-    }
-    return (-1);
-}
-
-int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *sk, int crit,
-                               int lastpos)
-{
-    int n;
-    X509_EXTENSION *ex;
-
-    if (sk == NULL)
-        return (-1);
-    lastpos++;
-    if (lastpos < 0)
-        lastpos = 0;
-    n = sk_X509_EXTENSION_num(sk);
-    for (; lastpos < n; lastpos++) {
-        ex = sk_X509_EXTENSION_value(sk, lastpos);
-        if (((ex->critical > 0) && crit) || ((ex->critical <= 0) && !crit))
-            return (lastpos);
-    }
-    return (-1);
-}
-
-X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc)
-{
-    if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0)
-        return NULL;
-    else
-        return sk_X509_EXTENSION_value(x, loc);
-}
-
-X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc)
-{
-    X509_EXTENSION *ret;
-
-    if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0)
-        return (NULL);
-    ret = sk_X509_EXTENSION_delete(x, loc);
-    return (ret);
-}
-
-STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
-                                         X509_EXTENSION *ex, int loc)
-{
-    X509_EXTENSION *new_ex = NULL;
-    int n;
-    STACK_OF(X509_EXTENSION) *sk = NULL;
-
-    if (x == NULL) {
-        X509err(X509_F_X509V3_ADD_EXT, ERR_R_PASSED_NULL_PARAMETER);
-        goto err2;
-    }
-
-    if (*x == NULL) {
-        if ((sk = sk_X509_EXTENSION_new_null()) == NULL)
-            goto err;
-    } else
-        sk = *x;
-
-    n = sk_X509_EXTENSION_num(sk);
-    if (loc > n)
-        loc = n;
-    else if (loc < 0)
-        loc = n;
-
-    if ((new_ex = X509_EXTENSION_dup(ex)) == NULL)
-        goto err2;
-    if (!sk_X509_EXTENSION_insert(sk, new_ex, loc))
-        goto err;
-    if (*x == NULL)
-        *x = sk;
-    return (sk);
- err:
-    X509err(X509_F_X509V3_ADD_EXT, ERR_R_MALLOC_FAILURE);
- err2:
-    if (new_ex != NULL)
-        X509_EXTENSION_free(new_ex);
-    if (sk != NULL)
-        sk_X509_EXTENSION_free(sk);
-    return (NULL);
-}
-
-X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, int nid,
-                                             int crit,
-                                             ASN1_OCTET_STRING *data)
-{
-    ASN1_OBJECT *obj;
-    X509_EXTENSION *ret;
-
-    obj = OBJ_nid2obj(nid);
-    if (obj == NULL) {
-        X509err(X509_F_X509_EXTENSION_CREATE_BY_NID, X509_R_UNKNOWN_NID);
-        return (NULL);
-    }
-    ret = X509_EXTENSION_create_by_OBJ(ex, obj, crit, data);
-    if (ret == NULL)
-        ASN1_OBJECT_free(obj);
-    return (ret);
-}
-
-X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
-                                             ASN1_OBJECT *obj, int crit,
-                                             ASN1_OCTET_STRING *data)
-{
-    X509_EXTENSION *ret;
-
-    if ((ex == NULL) || (*ex == NULL)) {
-        if ((ret = X509_EXTENSION_new()) == NULL) {
-            X509err(X509_F_X509_EXTENSION_CREATE_BY_OBJ,
-                    ERR_R_MALLOC_FAILURE);
-            return (NULL);
-        }
-    } else
-        ret = *ex;
-
-    if (!X509_EXTENSION_set_object(ret, obj))
-        goto err;
-    if (!X509_EXTENSION_set_critical(ret, crit))
-        goto err;
-    if (!X509_EXTENSION_set_data(ret, data))
-        goto err;
-
-    if ((ex != NULL) && (*ex == NULL))
-        *ex = ret;
-    return (ret);
- err:
-    if ((ex == NULL) || (ret != *ex))
-        X509_EXTENSION_free(ret);
-    return (NULL);
-}
-
-int X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj)
-{
-    if ((ex == NULL) || (obj == NULL))
-        return (0);
-    ASN1_OBJECT_free(ex->object);
-    ex->object = OBJ_dup(obj);
-    return (1);
-}
-
-int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit)
-{
-    if (ex == NULL)
-        return (0);
-    ex->critical = (crit) ? 0xFF : -1;
-    return (1);
-}
-
-int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data)
-{
-    int i;
-
-    if (ex == NULL)
-        return (0);
-    i = M_ASN1_OCTET_STRING_set(ex->value, data->data, data->length);
-    if (!i)
-        return (0);
-    return (1);
-}
-
-ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex)
-{
-    if (ex == NULL)
-        return (NULL);
-    return (ex->object);
-}
-
-ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ex)
-{
-    if (ex == NULL)
-        return (NULL);
-    return (ex->value);
-}
-
-int X509_EXTENSION_get_critical(X509_EXTENSION *ex)
-{
-    if (ex == NULL)
-        return (0);
-    if (ex->critical > 0)
-        return 1;
-    return 0;
-}
diff --git a/thirdparty/openssl/crypto/x509/x509_vfy.c b/thirdparty/openssl/crypto/x509/x509_vfy.c
deleted file mode 100644
index b1472018ba..0000000000
--- a/thirdparty/openssl/crypto/x509/x509_vfy.c
+++ /dev/null
@@ -1,2629 +0,0 @@
-/* crypto/x509/x509_vfy.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-#include <errno.h>
-
-#include "cryptlib.h"
-#include <openssl/crypto.h>
-#include <openssl/lhash.h>
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-#include <openssl/asn1.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/objects.h>
-#include "vpm_int.h"
-
-/* CRL score values */
-
-/* No unhandled critical extensions */
-
-#define CRL_SCORE_NOCRITICAL    0x100
-
-/* certificate is within CRL scope */
-
-#define CRL_SCORE_SCOPE         0x080
-
-/* CRL times valid */
-
-#define CRL_SCORE_TIME          0x040
-
-/* Issuer name matches certificate */
-
-#define CRL_SCORE_ISSUER_NAME   0x020
-
-/* If this score or above CRL is probably valid */
-
-#define CRL_SCORE_VALID (CRL_SCORE_NOCRITICAL|CRL_SCORE_TIME|CRL_SCORE_SCOPE)
-
-/* CRL issuer is certificate issuer */
-
-#define CRL_SCORE_ISSUER_CERT   0x018
-
-/* CRL issuer is on certificate path */
-
-#define CRL_SCORE_SAME_PATH     0x008
-
-/* CRL issuer matches CRL AKID */
-
-#define CRL_SCORE_AKID          0x004
-
-/* Have a delta CRL with valid times */
-
-#define CRL_SCORE_TIME_DELTA    0x002
-
-static int null_callback(int ok, X509_STORE_CTX *e);
-static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
-static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x);
-static int check_chain_extensions(X509_STORE_CTX *ctx);
-static int check_name_constraints(X509_STORE_CTX *ctx);
-static int check_id(X509_STORE_CTX *ctx);
-static int check_trust(X509_STORE_CTX *ctx);
-static int check_revocation(X509_STORE_CTX *ctx);
-static int check_cert(X509_STORE_CTX *ctx);
-static int check_policy(X509_STORE_CTX *ctx);
-
-static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
-                         unsigned int *preasons, X509_CRL *crl, X509 *x);
-static int get_crl_delta(X509_STORE_CTX *ctx,
-                         X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x);
-static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl,
-                         int *pcrl_score, X509_CRL *base,
-                         STACK_OF(X509_CRL) *crls);
-static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl, X509 **pissuer,
-                           int *pcrl_score);
-static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score,
-                           unsigned int *preasons);
-static int check_crl_path(X509_STORE_CTX *ctx, X509 *x);
-static int check_crl_chain(X509_STORE_CTX *ctx,
-                           STACK_OF(X509) *cert_path,
-                           STACK_OF(X509) *crl_path);
-
-static int internal_verify(X509_STORE_CTX *ctx);
-const char X509_version[] = "X.509" OPENSSL_VERSION_PTEXT;
-
-static int null_callback(int ok, X509_STORE_CTX *e)
-{
-    return ok;
-}
-
-#if 0
-static int x509_subject_cmp(X509 **a, X509 **b)
-{
-    return X509_subject_name_cmp(*a, *b);
-}
-#endif
-/* Return 1 is a certificate is self signed */
-static int cert_self_signed(X509 *x)
-{
-    X509_check_purpose(x, -1, 0);
-    if (x->ex_flags & EXFLAG_SS)
-        return 1;
-    else
-        return 0;
-}
-
-/* Given a certificate try and find an exact match in the store */
-
-static X509 *lookup_cert_match(X509_STORE_CTX *ctx, X509 *x)
-{
-    STACK_OF(X509) *certs;
-    X509 *xtmp = NULL;
-    int i;
-    /* Lookup all certs with matching subject name */
-    certs = ctx->lookup_certs(ctx, X509_get_subject_name(x));
-    if (certs == NULL)
-        return NULL;
-    /* Look for exact match */
-    for (i = 0; i < sk_X509_num(certs); i++) {
-        xtmp = sk_X509_value(certs, i);
-        if (!X509_cmp(xtmp, x))
-            break;
-    }
-    if (i < sk_X509_num(certs))
-        CRYPTO_add(&xtmp->references, 1, CRYPTO_LOCK_X509);
-    else
-        xtmp = NULL;
-    sk_X509_pop_free(certs, X509_free);
-    return xtmp;
-}
-
-int X509_verify_cert(X509_STORE_CTX *ctx)
-{
-    X509 *x, *xtmp, *xtmp2, *chain_ss = NULL;
-    int bad_chain = 0;
-    X509_VERIFY_PARAM *param = ctx->param;
-    int depth, i, ok = 0;
-    int num, j, retry;
-    int (*cb) (int xok, X509_STORE_CTX *xctx);
-    STACK_OF(X509) *sktmp = NULL;
-    int trust = X509_TRUST_UNTRUSTED;
-    int err;
-
-    if (ctx->cert == NULL) {
-        X509err(X509_F_X509_VERIFY_CERT, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
-        ctx->error = X509_V_ERR_INVALID_CALL;
-        return -1;
-    }
-    if (ctx->chain != NULL) {
-        /*
-         * This X509_STORE_CTX has already been used to verify a cert. We
-         * cannot do another one.
-         */
-        X509err(X509_F_X509_VERIFY_CERT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-        ctx->error = X509_V_ERR_INVALID_CALL;
-        return -1;
-    }
-
-    cb = ctx->verify_cb;
-
-    /*
-     * first we make sure the chain we are going to build is present and that
-     * the first entry is in place
-     */
-    if (((ctx->chain = sk_X509_new_null()) == NULL) ||
-        (!sk_X509_push(ctx->chain, ctx->cert))) {
-        X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
-        ctx->error = X509_V_ERR_OUT_OF_MEM;
-        ok = -1;
-        goto err;
-    }
-    CRYPTO_add(&ctx->cert->references, 1, CRYPTO_LOCK_X509);
-    ctx->last_untrusted = 1;
-
-    /* We use a temporary STACK so we can chop and hack at it */
-    if (ctx->untrusted != NULL
-        && (sktmp = sk_X509_dup(ctx->untrusted)) == NULL) {
-        X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
-        ctx->error = X509_V_ERR_OUT_OF_MEM;
-        ok = -1;
-        goto err;
-    }
-
-    num = sk_X509_num(ctx->chain);
-    x = sk_X509_value(ctx->chain, num - 1);
-    depth = param->depth;
-
-    for (;;) {
-        /* If we have enough, we break */
-        if (depth < num)
-            break;              /* FIXME: If this happens, we should take
-                                 * note of it and, if appropriate, use the
-                                 * X509_V_ERR_CERT_CHAIN_TOO_LONG error code
-                                 * later. */
-
-        /* If we are self signed, we break */
-        if (cert_self_signed(x))
-            break;
-        /*
-         * If asked see if we can find issuer in trusted store first
-         */
-        if (ctx->param->flags & X509_V_FLAG_TRUSTED_FIRST) {
-            ok = ctx->get_issuer(&xtmp, ctx, x);
-            if (ok < 0) {
-                ctx->error = X509_V_ERR_STORE_LOOKUP;
-                goto err;
-            }
-            /*
-             * If successful for now free up cert so it will be picked up
-             * again later.
-             */
-            if (ok > 0) {
-                X509_free(xtmp);
-                break;
-            }
-        }
-
-        /* If we were passed a cert chain, use it first */
-        if (ctx->untrusted != NULL) {
-            xtmp = find_issuer(ctx, sktmp, x);
-            if (xtmp != NULL) {
-                if (!sk_X509_push(ctx->chain, xtmp)) {
-                    X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
-                    ctx->error = X509_V_ERR_OUT_OF_MEM;
-                    ok = -1;
-                    goto err;
-                }
-                CRYPTO_add(&xtmp->references, 1, CRYPTO_LOCK_X509);
-                (void)sk_X509_delete_ptr(sktmp, xtmp);
-                ctx->last_untrusted++;
-                x = xtmp;
-                num++;
-                /*
-                 * reparse the full chain for the next one
-                 */
-                continue;
-            }
-        }
-        break;
-    }
-
-    /* Remember how many untrusted certs we have */
-    j = num;
-    /*
-     * at this point, chain should contain a list of untrusted certificates.
-     * We now need to add at least one trusted one, if possible, otherwise we
-     * complain.
-     */
-
-    do {
-        /*
-         * Examine last certificate in chain and see if it is self signed.
-         */
-        i = sk_X509_num(ctx->chain);
-        x = sk_X509_value(ctx->chain, i - 1);
-        if (cert_self_signed(x)) {
-            /* we have a self signed certificate */
-            if (sk_X509_num(ctx->chain) == 1) {
-                /*
-                 * We have a single self signed certificate: see if we can
-                 * find it in the store. We must have an exact match to avoid
-                 * possible impersonation.
-                 */
-                ok = ctx->get_issuer(&xtmp, ctx, x);
-                if ((ok <= 0) || X509_cmp(x, xtmp)) {
-                    ctx->error = X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT;
-                    ctx->current_cert = x;
-                    ctx->error_depth = i - 1;
-                    if (ok == 1)
-                        X509_free(xtmp);
-                    bad_chain = 1;
-                    ok = cb(0, ctx);
-                    if (!ok)
-                        goto err;
-                } else {
-                    /*
-                     * We have a match: replace certificate with store
-                     * version so we get any trust settings.
-                     */
-                    X509_free(x);
-                    x = xtmp;
-                    (void)sk_X509_set(ctx->chain, i - 1, x);
-                    ctx->last_untrusted = 0;
-                }
-            } else {
-                /*
-                 * extract and save self signed certificate for later use
-                 */
-                chain_ss = sk_X509_pop(ctx->chain);
-                ctx->last_untrusted--;
-                num--;
-                j--;
-                x = sk_X509_value(ctx->chain, num - 1);
-            }
-        }
-        /* We now lookup certs from the certificate store */
-        for (;;) {
-            /* If we have enough, we break */
-            if (depth < num)
-                break;
-            /* If we are self signed, we break */
-            if (cert_self_signed(x))
-                break;
-            ok = ctx->get_issuer(&xtmp, ctx, x);
-
-            if (ok < 0) {
-                ctx->error = X509_V_ERR_STORE_LOOKUP;
-                goto err;
-            }
-            if (ok == 0)
-                break;
-            x = xtmp;
-            if (!sk_X509_push(ctx->chain, x)) {
-                X509_free(xtmp);
-                X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
-                ctx->error = X509_V_ERR_OUT_OF_MEM;
-                ok = -1;
-                goto err;
-            }
-            num++;
-        }
-
-        /* we now have our chain, lets check it... */
-        if ((trust = check_trust(ctx)) == X509_TRUST_REJECTED) {
-            /* Callback already issued */
-            ok = 0;
-            goto err;
-        }
-
-        /*
-         * If it's not explicitly trusted then check if there is an alternative
-         * chain that could be used. We only do this if we haven't already
-         * checked via TRUSTED_FIRST and the user hasn't switched off alternate
-         * chain checking
-         */
-        retry = 0;
-        if (trust != X509_TRUST_TRUSTED
-            && !(ctx->param->flags & X509_V_FLAG_TRUSTED_FIRST)
-            && !(ctx->param->flags & X509_V_FLAG_NO_ALT_CHAINS)) {
-            while (j-- > 1) {
-                xtmp2 = sk_X509_value(ctx->chain, j - 1);
-                ok = ctx->get_issuer(&xtmp, ctx, xtmp2);
-                if (ok < 0) {
-                    ctx->error = X509_V_ERR_STORE_LOOKUP;
-                    goto err;
-                }
-                /* Check if we found an alternate chain */
-                if (ok > 0) {
-                    /*
-                     * Free up the found cert we'll add it again later
-                     */
-                    X509_free(xtmp);
-
-                    /*
-                     * Dump all the certs above this point - we've found an
-                     * alternate chain
-                     */
-                    while (num > j) {
-                        xtmp = sk_X509_pop(ctx->chain);
-                        X509_free(xtmp);
-                        num--;
-                    }
-                    ctx->last_untrusted = sk_X509_num(ctx->chain);
-                    retry = 1;
-                    break;
-                }
-            }
-        }
-    } while (retry);
-
-    /*
-     * If not explicitly trusted then indicate error unless it's a single
-     * self signed certificate in which case we've indicated an error already
-     * and set bad_chain == 1
-     */
-    if (trust != X509_TRUST_TRUSTED && !bad_chain) {
-        if ((chain_ss == NULL) || !ctx->check_issued(ctx, x, chain_ss)) {
-            if (ctx->last_untrusted >= num)
-                ctx->error = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY;
-            else
-                ctx->error = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT;
-            ctx->current_cert = x;
-        } else {
-
-            sk_X509_push(ctx->chain, chain_ss);
-            num++;
-            ctx->last_untrusted = num;
-            ctx->current_cert = chain_ss;
-            ctx->error = X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN;
-            chain_ss = NULL;
-        }
-
-        ctx->error_depth = num - 1;
-        bad_chain = 1;
-        ok = cb(0, ctx);
-        if (!ok)
-            goto err;
-    }
-
-    /* We have the chain complete: now we need to check its purpose */
-    ok = check_chain_extensions(ctx);
-
-    if (!ok)
-        goto err;
-
-    /* Check name constraints */
-
-    ok = check_name_constraints(ctx);
-
-    if (!ok)
-        goto err;
-
-    ok = check_id(ctx);
-
-    if (!ok)
-        goto err;
-
-    /* We may as well copy down any DSA parameters that are required */
-    X509_get_pubkey_parameters(NULL, ctx->chain);
-
-    /*
-     * Check revocation status: we do this after copying parameters because
-     * they may be needed for CRL signature verification.
-     */
-
-    ok = ctx->check_revocation(ctx);
-    if (!ok)
-        goto err;
-
-    err = X509_chain_check_suiteb(&ctx->error_depth, NULL, ctx->chain,
-                                  ctx->param->flags);
-    if (err != X509_V_OK) {
-        ctx->error = err;
-        ctx->current_cert = sk_X509_value(ctx->chain, ctx->error_depth);
-        ok = cb(0, ctx);
-        if (!ok)
-            goto err;
-    }
-
-    /* At this point, we have a chain and need to verify it */
-    if (ctx->verify != NULL)
-        ok = ctx->verify(ctx);
-    else
-        ok = internal_verify(ctx);
-    if (!ok)
-        goto err;
-
-#ifndef OPENSSL_NO_RFC3779
-    /* RFC 3779 path validation, now that CRL check has been done */
-    ok = v3_asid_validate_path(ctx);
-    if (!ok)
-        goto err;
-    ok = v3_addr_validate_path(ctx);
-    if (!ok)
-        goto err;
-#endif
-
-    /* If we get this far evaluate policies */
-    if (!bad_chain && (ctx->param->flags & X509_V_FLAG_POLICY_CHECK))
-        ok = ctx->check_policy(ctx);
-    if (!ok)
-        goto err;
-    if (0) {
- err:
-        /* Ensure we return an error */
-        if (ok > 0)
-            ok = 0;
-        X509_get_pubkey_parameters(NULL, ctx->chain);
-    }
-    if (sktmp != NULL)
-        sk_X509_free(sktmp);
-    if (chain_ss != NULL)
-        X509_free(chain_ss);
-
-    /* Safety net, error returns must set ctx->error */
-    if (ok <= 0 && ctx->error == X509_V_OK)
-        ctx->error = X509_V_ERR_UNSPECIFIED;
-    return ok;
-}
-
-/*
- * Given a STACK_OF(X509) find the issuer of cert (if any)
- */
-
-static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x)
-{
-    int i;
-    X509 *issuer;
-    for (i = 0; i < sk_X509_num(sk); i++) {
-        issuer = sk_X509_value(sk, i);
-        if (ctx->check_issued(ctx, x, issuer))
-            return issuer;
-    }
-    return NULL;
-}
-
-/* Given a possible certificate and issuer check them */
-
-static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer)
-{
-    int ret;
-    ret = X509_check_issued(issuer, x);
-    if (ret == X509_V_OK)
-        return 1;
-    /* If we haven't asked for issuer errors don't set ctx */
-    if (!(ctx->param->flags & X509_V_FLAG_CB_ISSUER_CHECK))
-        return 0;
-
-    ctx->error = ret;
-    ctx->current_cert = x;
-    ctx->current_issuer = issuer;
-    return ctx->verify_cb(0, ctx);
-}
-
-/* Alternative lookup method: look from a STACK stored in other_ctx */
-
-static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
-{
-    *issuer = find_issuer(ctx, ctx->other_ctx, x);
-    if (*issuer) {
-        CRYPTO_add(&(*issuer)->references, 1, CRYPTO_LOCK_X509);
-        return 1;
-    } else
-        return 0;
-}
-
-/*
- * Check a certificate chains extensions for consistency with the supplied
- * purpose
- */
-
-static int check_chain_extensions(X509_STORE_CTX *ctx)
-{
-#ifdef OPENSSL_NO_CHAIN_VERIFY
-    return 1;
-#else
-    int i, ok = 0, must_be_ca, plen = 0;
-    X509 *x;
-    int (*cb) (int xok, X509_STORE_CTX *xctx);
-    int proxy_path_length = 0;
-    int purpose;
-    int allow_proxy_certs;
-    cb = ctx->verify_cb;
-
-    /*-
-     *  must_be_ca can have 1 of 3 values:
-     * -1: we accept both CA and non-CA certificates, to allow direct
-     *     use of self-signed certificates (which are marked as CA).
-     * 0:  we only accept non-CA certificates.  This is currently not
-     *     used, but the possibility is present for future extensions.
-     * 1:  we only accept CA certificates.  This is currently used for
-     *     all certificates in the chain except the leaf certificate.
-     */
-    must_be_ca = -1;
-
-    /* CRL path validation */
-    if (ctx->parent) {
-        allow_proxy_certs = 0;
-        purpose = X509_PURPOSE_CRL_SIGN;
-    } else {
-        allow_proxy_certs =
-            ! !(ctx->param->flags & X509_V_FLAG_ALLOW_PROXY_CERTS);
-        /*
-         * A hack to keep people who don't want to modify their software
-         * happy
-         */
-        if (getenv("OPENSSL_ALLOW_PROXY_CERTS"))
-            allow_proxy_certs = 1;
-        purpose = ctx->param->purpose;
-    }
-
-    /* Check all untrusted certificates */
-    for (i = 0; i < ctx->last_untrusted; i++) {
-        int ret;
-        x = sk_X509_value(ctx->chain, i);
-        if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL)
-            && (x->ex_flags & EXFLAG_CRITICAL)) {
-            ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION;
-            ctx->error_depth = i;
-            ctx->current_cert = x;
-            ok = cb(0, ctx);
-            if (!ok)
-                goto end;
-        }
-        if (!allow_proxy_certs && (x->ex_flags & EXFLAG_PROXY)) {
-            ctx->error = X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED;
-            ctx->error_depth = i;
-            ctx->current_cert = x;
-            ok = cb(0, ctx);
-            if (!ok)
-                goto end;
-        }
-        ret = X509_check_ca(x);
-        switch (must_be_ca) {
-        case -1:
-            if ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
-                && (ret != 1) && (ret != 0)) {
-                ret = 0;
-                ctx->error = X509_V_ERR_INVALID_CA;
-            } else
-                ret = 1;
-            break;
-        case 0:
-            if (ret != 0) {
-                ret = 0;
-                ctx->error = X509_V_ERR_INVALID_NON_CA;
-            } else
-                ret = 1;
-            break;
-        default:
-            if ((ret == 0)
-                || ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
-                    && (ret != 1))) {
-                ret = 0;
-                ctx->error = X509_V_ERR_INVALID_CA;
-            } else
-                ret = 1;
-            break;
-        }
-        if (ret == 0) {
-            ctx->error_depth = i;
-            ctx->current_cert = x;
-            ok = cb(0, ctx);
-            if (!ok)
-                goto end;
-        }
-        if (ctx->param->purpose > 0) {
-            ret = X509_check_purpose(x, purpose, must_be_ca > 0);
-            if ((ret == 0)
-                || ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
-                    && (ret != 1))) {
-                ctx->error = X509_V_ERR_INVALID_PURPOSE;
-                ctx->error_depth = i;
-                ctx->current_cert = x;
-                ok = cb(0, ctx);
-                if (!ok)
-                    goto end;
-            }
-        }
-        /* Check pathlen if not self issued */
-        if ((i > 1) && !(x->ex_flags & EXFLAG_SI)
-            && (x->ex_pathlen != -1)
-            && (plen > (x->ex_pathlen + proxy_path_length + 1))) {
-            ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED;
-            ctx->error_depth = i;
-            ctx->current_cert = x;
-            ok = cb(0, ctx);
-            if (!ok)
-                goto end;
-        }
-        /* Increment path length if not self issued */
-        if (!(x->ex_flags & EXFLAG_SI))
-            plen++;
-        /*
-         * If this certificate is a proxy certificate, the next certificate
-         * must be another proxy certificate or a EE certificate.  If not,
-         * the next certificate must be a CA certificate.
-         */
-        if (x->ex_flags & EXFLAG_PROXY) {
-            /*
-             * RFC3820, 4.1.3 (b)(1) stipulates that if pCPathLengthConstraint
-             * is less than max_path_length, the former should be copied to
-             * the latter, and 4.1.4 (a) stipulates that max_path_length
-             * should be verified to be larger than zero and decrement it.
-             *
-             * Because we're checking the certs in the reverse order, we start
-             * with verifying that proxy_path_length isn't larger than pcPLC,
-             * and copy the latter to the former if it is, and finally,
-             * increment proxy_path_length.
-             */
-            if (x->ex_pcpathlen != -1) {
-                if (proxy_path_length > x->ex_pcpathlen) {
-                    ctx->error = X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED;
-                    ctx->error_depth = i;
-                    ctx->current_cert = x;
-                    ok = cb(0, ctx);
-                    if (!ok)
-                        goto end;
-                }
-                proxy_path_length = x->ex_pcpathlen;
-            }
-            proxy_path_length++;
-            must_be_ca = 0;
-        } else
-            must_be_ca = 1;
-    }
-    ok = 1;
- end:
-    return ok;
-#endif
-}
-
-static int check_name_constraints(X509_STORE_CTX *ctx)
-{
-    X509 *x;
-    int i, j, rv;
-    /* Check name constraints for all certificates */
-    for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--) {
-        x = sk_X509_value(ctx->chain, i);
-        /* Ignore self issued certs unless last in chain */
-        if (i && (x->ex_flags & EXFLAG_SI))
-            continue;
-
-        /*
-         * Proxy certificates policy has an extra constraint, where the
-         * certificate subject MUST be the issuer with a single CN entry
-         * added.
-         * (RFC 3820: 3.4, 4.1.3 (a)(4))
-         */
-        if (x->ex_flags & EXFLAG_PROXY) {
-            X509_NAME *tmpsubject = X509_get_subject_name(x);
-            X509_NAME *tmpissuer = X509_get_issuer_name(x);
-            X509_NAME_ENTRY *tmpentry = NULL;
-            int last_object_nid = 0;
-            int err = X509_V_OK;
-            int last_object_loc = X509_NAME_entry_count(tmpsubject) - 1;
-
-            /* Check that there are at least two RDNs */
-            if (last_object_loc < 1) {
-                err = X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION;
-                goto proxy_name_done;
-            }
-
-            /*
-             * Check that there is exactly one more RDN in subject as
-             * there is in issuer.
-             */
-            if (X509_NAME_entry_count(tmpsubject)
-                != X509_NAME_entry_count(tmpissuer) + 1) {
-                err = X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION;
-                goto proxy_name_done;
-            }
-
-            /*
-             * Check that the last subject component isn't part of a
-             * multivalued RDN
-             */
-            if (X509_NAME_get_entry(tmpsubject, last_object_loc)->set
-                == X509_NAME_get_entry(tmpsubject, last_object_loc - 1)->set) {
-                err = X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION;
-                goto proxy_name_done;
-            }
-
-            /*
-             * Check that the last subject RDN is a commonName, and that
-             * all the previous RDNs match the issuer exactly
-             */
-            tmpsubject = X509_NAME_dup(tmpsubject);
-            if (tmpsubject == NULL) {
-                X509err(X509_F_CHECK_NAME_CONSTRAINTS, ERR_R_MALLOC_FAILURE);
-                ctx->error = X509_V_ERR_OUT_OF_MEM;
-                return 0;
-            }
-
-            tmpentry =
-                X509_NAME_delete_entry(tmpsubject, last_object_loc);
-            last_object_nid =
-                OBJ_obj2nid(X509_NAME_ENTRY_get_object(tmpentry));
-
-            if (last_object_nid != NID_commonName
-                || X509_NAME_cmp(tmpsubject, tmpissuer) != 0) {
-                err = X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION;
-            }
-
-            X509_NAME_ENTRY_free(tmpentry);
-            X509_NAME_free(tmpsubject);
-
-         proxy_name_done:
-            if (err != X509_V_OK) {
-                ctx->error = err;
-                ctx->error_depth = i;
-                ctx->current_cert = x;
-                if (!ctx->verify_cb(0, ctx))
-                    return 0;
-            }
-        }
-
-        /*
-         * Check against constraints for all certificates higher in chain
-         * including trust anchor. Trust anchor not strictly speaking needed
-         * but if it includes constraints it is to be assumed it expects them
-         * to be obeyed.
-         */
-        for (j = sk_X509_num(ctx->chain) - 1; j > i; j--) {
-            NAME_CONSTRAINTS *nc = sk_X509_value(ctx->chain, j)->nc;
-            if (nc) {
-                rv = NAME_CONSTRAINTS_check(x, nc);
-                switch (rv) {
-                case X509_V_OK:
-                    continue;
-                case X509_V_ERR_OUT_OF_MEM:
-                    ctx->error = rv;
-                    return 0;
-                default:
-                    ctx->error = rv;
-                    ctx->error_depth = i;
-                    ctx->current_cert = x;
-                    if (!ctx->verify_cb(0, ctx))
-                        return 0;
-                    break;
-                }
-            }
-        }
-    }
-    return 1;
-}
-
-static int check_id_error(X509_STORE_CTX *ctx, int errcode)
-{
-    ctx->error = errcode;
-    ctx->current_cert = ctx->cert;
-    ctx->error_depth = 0;
-    return ctx->verify_cb(0, ctx);
-}
-
-static int check_hosts(X509 *x, X509_VERIFY_PARAM_ID *id)
-{
-    int i;
-    int n = sk_OPENSSL_STRING_num(id->hosts);
-    char *name;
-
-    if (id->peername != NULL) {
-        OPENSSL_free(id->peername);
-        id->peername = NULL;
-    }
-    for (i = 0; i < n; ++i) {
-        name = sk_OPENSSL_STRING_value(id->hosts, i);
-        if (X509_check_host(x, name, 0, id->hostflags, &id->peername) > 0)
-            return 1;
-    }
-    return n == 0;
-}
-
-static int check_id(X509_STORE_CTX *ctx)
-{
-    X509_VERIFY_PARAM *vpm = ctx->param;
-    X509_VERIFY_PARAM_ID *id = vpm->id;
-    X509 *x = ctx->cert;
-    if (id->hosts && check_hosts(x, id) <= 0) {
-        if (!check_id_error(ctx, X509_V_ERR_HOSTNAME_MISMATCH))
-            return 0;
-    }
-    if (id->email && X509_check_email(x, id->email, id->emaillen, 0) <= 0) {
-        if (!check_id_error(ctx, X509_V_ERR_EMAIL_MISMATCH))
-            return 0;
-    }
-    if (id->ip && X509_check_ip(x, id->ip, id->iplen, 0) <= 0) {
-        if (!check_id_error(ctx, X509_V_ERR_IP_ADDRESS_MISMATCH))
-            return 0;
-    }
-    return 1;
-}
-
-static int check_trust(X509_STORE_CTX *ctx)
-{
-    int i, ok;
-    X509 *x = NULL;
-    int (*cb) (int xok, X509_STORE_CTX *xctx);
-    cb = ctx->verify_cb;
-    /* Check all trusted certificates in chain */
-    for (i = ctx->last_untrusted; i < sk_X509_num(ctx->chain); i++) {
-        x = sk_X509_value(ctx->chain, i);
-        ok = X509_check_trust(x, ctx->param->trust, 0);
-        /* If explicitly trusted return trusted */
-        if (ok == X509_TRUST_TRUSTED)
-            return X509_TRUST_TRUSTED;
-        /*
-         * If explicitly rejected notify callback and reject if not
-         * overridden.
-         */
-        if (ok == X509_TRUST_REJECTED) {
-            ctx->error_depth = i;
-            ctx->current_cert = x;
-            ctx->error = X509_V_ERR_CERT_REJECTED;
-            ok = cb(0, ctx);
-            if (!ok)
-                return X509_TRUST_REJECTED;
-        }
-    }
-    /*
-     * If we accept partial chains and have at least one trusted certificate
-     * return success.
-     */
-    if (ctx->param->flags & X509_V_FLAG_PARTIAL_CHAIN) {
-        X509 *mx;
-        if (ctx->last_untrusted < sk_X509_num(ctx->chain))
-            return X509_TRUST_TRUSTED;
-        x = sk_X509_value(ctx->chain, 0);
-        mx = lookup_cert_match(ctx, x);
-        if (mx) {
-            (void)sk_X509_set(ctx->chain, 0, mx);
-            X509_free(x);
-            ctx->last_untrusted = 0;
-            return X509_TRUST_TRUSTED;
-        }
-    }
-
-    /*
-     * If no trusted certs in chain at all return untrusted and allow
-     * standard (no issuer cert) etc errors to be indicated.
-     */
-    return X509_TRUST_UNTRUSTED;
-}
-
-static int check_revocation(X509_STORE_CTX *ctx)
-{
-    int i, last, ok;
-    if (!(ctx->param->flags & X509_V_FLAG_CRL_CHECK))
-        return 1;
-    if (ctx->param->flags & X509_V_FLAG_CRL_CHECK_ALL)
-        last = sk_X509_num(ctx->chain) - 1;
-    else {
-        /* If checking CRL paths this isn't the EE certificate */
-        if (ctx->parent)
-            return 1;
-        last = 0;
-    }
-    for (i = 0; i <= last; i++) {
-        ctx->error_depth = i;
-        ok = check_cert(ctx);
-        if (!ok)
-            return ok;
-    }
-    return 1;
-}
-
-static int check_cert(X509_STORE_CTX *ctx)
-{
-    X509_CRL *crl = NULL, *dcrl = NULL;
-    X509 *x;
-    int ok, cnum;
-    unsigned int last_reasons;
-    cnum = ctx->error_depth;
-    x = sk_X509_value(ctx->chain, cnum);
-    ctx->current_cert = x;
-    ctx->current_issuer = NULL;
-    ctx->current_crl_score = 0;
-    ctx->current_reasons = 0;
-    if (x->ex_flags & EXFLAG_PROXY)
-        return 1;
-    while (ctx->current_reasons != CRLDP_ALL_REASONS) {
-        last_reasons = ctx->current_reasons;
-        /* Try to retrieve relevant CRL */
-        if (ctx->get_crl)
-            ok = ctx->get_crl(ctx, &crl, x);
-        else
-            ok = get_crl_delta(ctx, &crl, &dcrl, x);
-        /*
-         * If error looking up CRL, nothing we can do except notify callback
-         */
-        if (!ok) {
-            ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
-            ok = ctx->verify_cb(0, ctx);
-            goto err;
-        }
-        ctx->current_crl = crl;
-        ok = ctx->check_crl(ctx, crl);
-        if (!ok)
-            goto err;
-
-        if (dcrl) {
-            ok = ctx->check_crl(ctx, dcrl);
-            if (!ok)
-                goto err;
-            ok = ctx->cert_crl(ctx, dcrl, x);
-            if (!ok)
-                goto err;
-        } else
-            ok = 1;
-
-        /* Don't look in full CRL if delta reason is removefromCRL */
-        if (ok != 2) {
-            ok = ctx->cert_crl(ctx, crl, x);
-            if (!ok)
-                goto err;
-        }
-
-        X509_CRL_free(crl);
-        X509_CRL_free(dcrl);
-        crl = NULL;
-        dcrl = NULL;
-        /*
-         * If reasons not updated we wont get anywhere by another iteration,
-         * so exit loop.
-         */
-        if (last_reasons == ctx->current_reasons) {
-            ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
-            ok = ctx->verify_cb(0, ctx);
-            goto err;
-        }
-    }
- err:
-    X509_CRL_free(crl);
-    X509_CRL_free(dcrl);
-
-    ctx->current_crl = NULL;
-    return ok;
-
-}
-
-/* Check CRL times against values in X509_STORE_CTX */
-
-static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify)
-{
-    time_t *ptime;
-    int i;
-    if (notify)
-        ctx->current_crl = crl;
-    if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
-        ptime = &ctx->param->check_time;
-    else
-        ptime = NULL;
-
-    i = X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime);
-    if (i == 0) {
-        if (!notify)
-            return 0;
-        ctx->error = X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD;
-        if (!ctx->verify_cb(0, ctx))
-            return 0;
-    }
-
-    if (i > 0) {
-        if (!notify)
-            return 0;
-        ctx->error = X509_V_ERR_CRL_NOT_YET_VALID;
-        if (!ctx->verify_cb(0, ctx))
-            return 0;
-    }
-
-    if (X509_CRL_get_nextUpdate(crl)) {
-        i = X509_cmp_time(X509_CRL_get_nextUpdate(crl), ptime);
-
-        if (i == 0) {
-            if (!notify)
-                return 0;
-            ctx->error = X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD;
-            if (!ctx->verify_cb(0, ctx))
-                return 0;
-        }
-        /* Ignore expiry of base CRL is delta is valid */
-        if ((i < 0) && !(ctx->current_crl_score & CRL_SCORE_TIME_DELTA)) {
-            if (!notify)
-                return 0;
-            ctx->error = X509_V_ERR_CRL_HAS_EXPIRED;
-            if (!ctx->verify_cb(0, ctx))
-                return 0;
-        }
-    }
-
-    if (notify)
-        ctx->current_crl = NULL;
-
-    return 1;
-}
-
-static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl,
-                      X509 **pissuer, int *pscore, unsigned int *preasons,
-                      STACK_OF(X509_CRL) *crls)
-{
-    int i, crl_score, best_score = *pscore;
-    unsigned int reasons, best_reasons = 0;
-    X509 *x = ctx->current_cert;
-    X509_CRL *crl, *best_crl = NULL;
-    X509 *crl_issuer = NULL, *best_crl_issuer = NULL;
-
-    for (i = 0; i < sk_X509_CRL_num(crls); i++) {
-        crl = sk_X509_CRL_value(crls, i);
-        reasons = *preasons;
-        crl_score = get_crl_score(ctx, &crl_issuer, &reasons, crl, x);
-        if (crl_score < best_score || crl_score == 0)
-            continue;
-        /* If current CRL is equivalent use it if it is newer */
-        if (crl_score == best_score && best_crl != NULL) {
-            int day, sec;
-            if (ASN1_TIME_diff(&day, &sec, X509_CRL_get_lastUpdate(best_crl),
-                               X509_CRL_get_lastUpdate(crl)) == 0)
-                continue;
-            /*
-             * ASN1_TIME_diff never returns inconsistent signs for |day|
-             * and |sec|.
-             */
-            if (day <= 0 && sec <= 0)
-                continue;
-        }
-        best_crl = crl;
-        best_crl_issuer = crl_issuer;
-        best_score = crl_score;
-        best_reasons = reasons;
-    }
-
-    if (best_crl) {
-        if (*pcrl)
-            X509_CRL_free(*pcrl);
-        *pcrl = best_crl;
-        *pissuer = best_crl_issuer;
-        *pscore = best_score;
-        *preasons = best_reasons;
-        CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509_CRL);
-        if (*pdcrl) {
-            X509_CRL_free(*pdcrl);
-            *pdcrl = NULL;
-        }
-        get_delta_sk(ctx, pdcrl, pscore, best_crl, crls);
-    }
-
-    if (best_score >= CRL_SCORE_VALID)
-        return 1;
-
-    return 0;
-}
-
-/*
- * Compare two CRL extensions for delta checking purposes. They should be
- * both present or both absent. If both present all fields must be identical.
- */
-
-static int crl_extension_match(X509_CRL *a, X509_CRL *b, int nid)
-{
-    ASN1_OCTET_STRING *exta, *extb;
-    int i;
-    i = X509_CRL_get_ext_by_NID(a, nid, -1);
-    if (i >= 0) {
-        /* Can't have multiple occurrences */
-        if (X509_CRL_get_ext_by_NID(a, nid, i) != -1)
-            return 0;
-        exta = X509_EXTENSION_get_data(X509_CRL_get_ext(a, i));
-    } else
-        exta = NULL;
-
-    i = X509_CRL_get_ext_by_NID(b, nid, -1);
-
-    if (i >= 0) {
-
-        if (X509_CRL_get_ext_by_NID(b, nid, i) != -1)
-            return 0;
-        extb = X509_EXTENSION_get_data(X509_CRL_get_ext(b, i));
-    } else
-        extb = NULL;
-
-    if (!exta && !extb)
-        return 1;
-
-    if (!exta || !extb)
-        return 0;
-
-    if (ASN1_OCTET_STRING_cmp(exta, extb))
-        return 0;
-
-    return 1;
-}
-
-/* See if a base and delta are compatible */
-
-static int check_delta_base(X509_CRL *delta, X509_CRL *base)
-{
-    /* Delta CRL must be a delta */
-    if (!delta->base_crl_number)
-        return 0;
-    /* Base must have a CRL number */
-    if (!base->crl_number)
-        return 0;
-    /* Issuer names must match */
-    if (X509_NAME_cmp(X509_CRL_get_issuer(base), X509_CRL_get_issuer(delta)))
-        return 0;
-    /* AKID and IDP must match */
-    if (!crl_extension_match(delta, base, NID_authority_key_identifier))
-        return 0;
-    if (!crl_extension_match(delta, base, NID_issuing_distribution_point))
-        return 0;
-    /* Delta CRL base number must not exceed Full CRL number. */
-    if (ASN1_INTEGER_cmp(delta->base_crl_number, base->crl_number) > 0)
-        return 0;
-    /* Delta CRL number must exceed full CRL number */
-    if (ASN1_INTEGER_cmp(delta->crl_number, base->crl_number) > 0)
-        return 1;
-    return 0;
-}
-
-/*
- * For a given base CRL find a delta... maybe extend to delta scoring or
- * retrieve a chain of deltas...
- */
-
-static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pscore,
-                         X509_CRL *base, STACK_OF(X509_CRL) *crls)
-{
-    X509_CRL *delta;
-    int i;
-    if (!(ctx->param->flags & X509_V_FLAG_USE_DELTAS))
-        return;
-    if (!((ctx->current_cert->ex_flags | base->flags) & EXFLAG_FRESHEST))
-        return;
-    for (i = 0; i < sk_X509_CRL_num(crls); i++) {
-        delta = sk_X509_CRL_value(crls, i);
-        if (check_delta_base(delta, base)) {
-            if (check_crl_time(ctx, delta, 0))
-                *pscore |= CRL_SCORE_TIME_DELTA;
-            CRYPTO_add(&delta->references, 1, CRYPTO_LOCK_X509_CRL);
-            *dcrl = delta;
-            return;
-        }
-    }
-    *dcrl = NULL;
-}
-
-/*
- * For a given CRL return how suitable it is for the supplied certificate
- * 'x'. The return value is a mask of several criteria. If the issuer is not
- * the certificate issuer this is returned in *pissuer. The reasons mask is
- * also used to determine if the CRL is suitable: if no new reasons the CRL
- * is rejected, otherwise reasons is updated.
- */
-
-static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
-                         unsigned int *preasons, X509_CRL *crl, X509 *x)
-{
-
-    int crl_score = 0;
-    unsigned int tmp_reasons = *preasons, crl_reasons;
-
-    /* First see if we can reject CRL straight away */
-
-    /* Invalid IDP cannot be processed */
-    if (crl->idp_flags & IDP_INVALID)
-        return 0;
-    /* Reason codes or indirect CRLs need extended CRL support */
-    if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT)) {
-        if (crl->idp_flags & (IDP_INDIRECT | IDP_REASONS))
-            return 0;
-    } else if (crl->idp_flags & IDP_REASONS) {
-        /* If no new reasons reject */
-        if (!(crl->idp_reasons & ~tmp_reasons))
-            return 0;
-    }
-    /* Don't process deltas at this stage */
-    else if (crl->base_crl_number)
-        return 0;
-    /* If issuer name doesn't match certificate need indirect CRL */
-    if (X509_NAME_cmp(X509_get_issuer_name(x), X509_CRL_get_issuer(crl))) {
-        if (!(crl->idp_flags & IDP_INDIRECT))
-            return 0;
-    } else
-        crl_score |= CRL_SCORE_ISSUER_NAME;
-
-    if (!(crl->flags & EXFLAG_CRITICAL))
-        crl_score |= CRL_SCORE_NOCRITICAL;
-
-    /* Check expiry */
-    if (check_crl_time(ctx, crl, 0))
-        crl_score |= CRL_SCORE_TIME;
-
-    /* Check authority key ID and locate certificate issuer */
-    crl_akid_check(ctx, crl, pissuer, &crl_score);
-
-    /* If we can't locate certificate issuer at this point forget it */
-
-    if (!(crl_score & CRL_SCORE_AKID))
-        return 0;
-
-    /* Check cert for matching CRL distribution points */
-
-    if (crl_crldp_check(x, crl, crl_score, &crl_reasons)) {
-        /* If no new reasons reject */
-        if (!(crl_reasons & ~tmp_reasons))
-            return 0;
-        tmp_reasons |= crl_reasons;
-        crl_score |= CRL_SCORE_SCOPE;
-    }
-
-    *preasons = tmp_reasons;
-
-    return crl_score;
-
-}
-
-static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl,
-                           X509 **pissuer, int *pcrl_score)
-{
-    X509 *crl_issuer = NULL;
-    X509_NAME *cnm = X509_CRL_get_issuer(crl);
-    int cidx = ctx->error_depth;
-    int i;
-
-    if (cidx != sk_X509_num(ctx->chain) - 1)
-        cidx++;
-
-    crl_issuer = sk_X509_value(ctx->chain, cidx);
-
-    if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) {
-        if (*pcrl_score & CRL_SCORE_ISSUER_NAME) {
-            *pcrl_score |= CRL_SCORE_AKID | CRL_SCORE_ISSUER_CERT;
-            *pissuer = crl_issuer;
-            return;
-        }
-    }
-
-    for (cidx++; cidx < sk_X509_num(ctx->chain); cidx++) {
-        crl_issuer = sk_X509_value(ctx->chain, cidx);
-        if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm))
-            continue;
-        if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) {
-            *pcrl_score |= CRL_SCORE_AKID | CRL_SCORE_SAME_PATH;
-            *pissuer = crl_issuer;
-            return;
-        }
-    }
-
-    /* Anything else needs extended CRL support */
-
-    if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT))
-        return;
-
-    /*
-     * Otherwise the CRL issuer is not on the path. Look for it in the set of
-     * untrusted certificates.
-     */
-    for (i = 0; i < sk_X509_num(ctx->untrusted); i++) {
-        crl_issuer = sk_X509_value(ctx->untrusted, i);
-        if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm))
-            continue;
-        if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) {
-            *pissuer = crl_issuer;
-            *pcrl_score |= CRL_SCORE_AKID;
-            return;
-        }
-    }
-}
-
-/*
- * Check the path of a CRL issuer certificate. This creates a new
- * X509_STORE_CTX and populates it with most of the parameters from the
- * parent. This could be optimised somewhat since a lot of path checking will
- * be duplicated by the parent, but this will rarely be used in practice.
- */
-
-static int check_crl_path(X509_STORE_CTX *ctx, X509 *x)
-{
-    X509_STORE_CTX crl_ctx;
-    int ret;
-    /* Don't allow recursive CRL path validation */
-    if (ctx->parent)
-        return 0;
-    if (!X509_STORE_CTX_init(&crl_ctx, ctx->ctx, x, ctx->untrusted))
-        return -1;
-
-    crl_ctx.crls = ctx->crls;
-    /* Copy verify params across */
-    X509_STORE_CTX_set0_param(&crl_ctx, ctx->param);
-
-    crl_ctx.parent = ctx;
-    crl_ctx.verify_cb = ctx->verify_cb;
-
-    /* Verify CRL issuer */
-    ret = X509_verify_cert(&crl_ctx);
-
-    if (ret <= 0)
-        goto err;
-
-    /* Check chain is acceptable */
-
-    ret = check_crl_chain(ctx, ctx->chain, crl_ctx.chain);
- err:
-    X509_STORE_CTX_cleanup(&crl_ctx);
-    return ret;
-}
-
-/*
- * RFC3280 says nothing about the relationship between CRL path and
- * certificate path, which could lead to situations where a certificate could
- * be revoked or validated by a CA not authorised to do so. RFC5280 is more
- * strict and states that the two paths must end in the same trust anchor,
- * though some discussions remain... until this is resolved we use the
- * RFC5280 version
- */
-
-static int check_crl_chain(X509_STORE_CTX *ctx,
-                           STACK_OF(X509) *cert_path,
-                           STACK_OF(X509) *crl_path)
-{
-    X509 *cert_ta, *crl_ta;
-    cert_ta = sk_X509_value(cert_path, sk_X509_num(cert_path) - 1);
-    crl_ta = sk_X509_value(crl_path, sk_X509_num(crl_path) - 1);
-    if (!X509_cmp(cert_ta, crl_ta))
-        return 1;
-    return 0;
-}
-
-/*-
- * Check for match between two dist point names: three separate cases.
- * 1. Both are relative names and compare X509_NAME types.
- * 2. One full, one relative. Compare X509_NAME to GENERAL_NAMES.
- * 3. Both are full names and compare two GENERAL_NAMES.
- * 4. One is NULL: automatic match.
- */
-
-static int idp_check_dp(DIST_POINT_NAME *a, DIST_POINT_NAME *b)
-{
-    X509_NAME *nm = NULL;
-    GENERAL_NAMES *gens = NULL;
-    GENERAL_NAME *gena, *genb;
-    int i, j;
-    if (!a || !b)
-        return 1;
-    if (a->type == 1) {
-        if (!a->dpname)
-            return 0;
-        /* Case 1: two X509_NAME */
-        if (b->type == 1) {
-            if (!b->dpname)
-                return 0;
-            if (!X509_NAME_cmp(a->dpname, b->dpname))
-                return 1;
-            else
-                return 0;
-        }
-        /* Case 2: set name and GENERAL_NAMES appropriately */
-        nm = a->dpname;
-        gens = b->name.fullname;
-    } else if (b->type == 1) {
-        if (!b->dpname)
-            return 0;
-        /* Case 2: set name and GENERAL_NAMES appropriately */
-        gens = a->name.fullname;
-        nm = b->dpname;
-    }
-
-    /* Handle case 2 with one GENERAL_NAMES and one X509_NAME */
-    if (nm) {
-        for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
-            gena = sk_GENERAL_NAME_value(gens, i);
-            if (gena->type != GEN_DIRNAME)
-                continue;
-            if (!X509_NAME_cmp(nm, gena->d.directoryName))
-                return 1;
-        }
-        return 0;
-    }
-
-    /* Else case 3: two GENERAL_NAMES */
-
-    for (i = 0; i < sk_GENERAL_NAME_num(a->name.fullname); i++) {
-        gena = sk_GENERAL_NAME_value(a->name.fullname, i);
-        for (j = 0; j < sk_GENERAL_NAME_num(b->name.fullname); j++) {
-            genb = sk_GENERAL_NAME_value(b->name.fullname, j);
-            if (!GENERAL_NAME_cmp(gena, genb))
-                return 1;
-        }
-    }
-
-    return 0;
-
-}
-
-static int crldp_check_crlissuer(DIST_POINT *dp, X509_CRL *crl, int crl_score)
-{
-    int i;
-    X509_NAME *nm = X509_CRL_get_issuer(crl);
-    /* If no CRLissuer return is successful iff don't need a match */
-    if (!dp->CRLissuer)
-        return ! !(crl_score & CRL_SCORE_ISSUER_NAME);
-    for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++) {
-        GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i);
-        if (gen->type != GEN_DIRNAME)
-            continue;
-        if (!X509_NAME_cmp(gen->d.directoryName, nm))
-            return 1;
-    }
-    return 0;
-}
-
-/* Check CRLDP and IDP */
-
-static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score,
-                           unsigned int *preasons)
-{
-    int i;
-    if (crl->idp_flags & IDP_ONLYATTR)
-        return 0;
-    if (x->ex_flags & EXFLAG_CA) {
-        if (crl->idp_flags & IDP_ONLYUSER)
-            return 0;
-    } else {
-        if (crl->idp_flags & IDP_ONLYCA)
-            return 0;
-    }
-    *preasons = crl->idp_reasons;
-    for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++) {
-        DIST_POINT *dp = sk_DIST_POINT_value(x->crldp, i);
-        if (crldp_check_crlissuer(dp, crl, crl_score)) {
-            if (!crl->idp || idp_check_dp(dp->distpoint, crl->idp->distpoint)) {
-                *preasons &= dp->dp_reasons;
-                return 1;
-            }
-        }
-    }
-    if ((!crl->idp || !crl->idp->distpoint)
-        && (crl_score & CRL_SCORE_ISSUER_NAME))
-        return 1;
-    return 0;
-}
-
-/*
- * Retrieve CRL corresponding to current certificate. If deltas enabled try
- * to find a delta CRL too
- */
-
-static int get_crl_delta(X509_STORE_CTX *ctx,
-                         X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x)
-{
-    int ok;
-    X509 *issuer = NULL;
-    int crl_score = 0;
-    unsigned int reasons;
-    X509_CRL *crl = NULL, *dcrl = NULL;
-    STACK_OF(X509_CRL) *skcrl;
-    X509_NAME *nm = X509_get_issuer_name(x);
-    reasons = ctx->current_reasons;
-    ok = get_crl_sk(ctx, &crl, &dcrl,
-                    &issuer, &crl_score, &reasons, ctx->crls);
-
-    if (ok)
-        goto done;
-
-    /* Lookup CRLs from store */
-
-    skcrl = ctx->lookup_crls(ctx, nm);
-
-    /* If no CRLs found and a near match from get_crl_sk use that */
-    if (!skcrl && crl)
-        goto done;
-
-    get_crl_sk(ctx, &crl, &dcrl, &issuer, &crl_score, &reasons, skcrl);
-
-    sk_X509_CRL_pop_free(skcrl, X509_CRL_free);
-
- done:
-
-    /* If we got any kind of CRL use it and return success */
-    if (crl) {
-        ctx->current_issuer = issuer;
-        ctx->current_crl_score = crl_score;
-        ctx->current_reasons = reasons;
-        *pcrl = crl;
-        *pdcrl = dcrl;
-        return 1;
-    }
-
-    return 0;
-}
-
-/* Check CRL validity */
-static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl)
-{
-    X509 *issuer = NULL;
-    EVP_PKEY *ikey = NULL;
-    int ok = 0, chnum, cnum;
-    cnum = ctx->error_depth;
-    chnum = sk_X509_num(ctx->chain) - 1;
-    /* if we have an alternative CRL issuer cert use that */
-    if (ctx->current_issuer)
-        issuer = ctx->current_issuer;
-
-    /*
-     * Else find CRL issuer: if not last certificate then issuer is next
-     * certificate in chain.
-     */
-    else if (cnum < chnum)
-        issuer = sk_X509_value(ctx->chain, cnum + 1);
-    else {
-        issuer = sk_X509_value(ctx->chain, chnum);
-        /* If not self signed, can't check signature */
-        if (!ctx->check_issued(ctx, issuer, issuer)) {
-            ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER;
-            ok = ctx->verify_cb(0, ctx);
-            if (!ok)
-                goto err;
-        }
-    }
-
-    if (issuer) {
-        /*
-         * Skip most tests for deltas because they have already been done
-         */
-        if (!crl->base_crl_number) {
-            /* Check for cRLSign bit if keyUsage present */
-            if ((issuer->ex_flags & EXFLAG_KUSAGE) &&
-                !(issuer->ex_kusage & KU_CRL_SIGN)) {
-                ctx->error = X509_V_ERR_KEYUSAGE_NO_CRL_SIGN;
-                ok = ctx->verify_cb(0, ctx);
-                if (!ok)
-                    goto err;
-            }
-
-            if (!(ctx->current_crl_score & CRL_SCORE_SCOPE)) {
-                ctx->error = X509_V_ERR_DIFFERENT_CRL_SCOPE;
-                ok = ctx->verify_cb(0, ctx);
-                if (!ok)
-                    goto err;
-            }
-
-            if (!(ctx->current_crl_score & CRL_SCORE_SAME_PATH)) {
-                if (check_crl_path(ctx, ctx->current_issuer) <= 0) {
-                    ctx->error = X509_V_ERR_CRL_PATH_VALIDATION_ERROR;
-                    ok = ctx->verify_cb(0, ctx);
-                    if (!ok)
-                        goto err;
-                }
-            }
-
-            if (crl->idp_flags & IDP_INVALID) {
-                ctx->error = X509_V_ERR_INVALID_EXTENSION;
-                ok = ctx->verify_cb(0, ctx);
-                if (!ok)
-                    goto err;
-            }
-
-        }
-
-        if (!(ctx->current_crl_score & CRL_SCORE_TIME)) {
-            ok = check_crl_time(ctx, crl, 1);
-            if (!ok)
-                goto err;
-        }
-
-        /* Attempt to get issuer certificate public key */
-        ikey = X509_get_pubkey(issuer);
-
-        if (!ikey) {
-            ctx->error = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
-            ok = ctx->verify_cb(0, ctx);
-            if (!ok)
-                goto err;
-        } else {
-            int rv;
-            rv = X509_CRL_check_suiteb(crl, ikey, ctx->param->flags);
-            if (rv != X509_V_OK) {
-                ctx->error = rv;
-                ok = ctx->verify_cb(0, ctx);
-                if (!ok)
-                    goto err;
-            }
-            /* Verify CRL signature */
-            if (X509_CRL_verify(crl, ikey) <= 0) {
-                ctx->error = X509_V_ERR_CRL_SIGNATURE_FAILURE;
-                ok = ctx->verify_cb(0, ctx);
-                if (!ok)
-                    goto err;
-            }
-        }
-    }
-
-    ok = 1;
-
- err:
-    EVP_PKEY_free(ikey);
-    return ok;
-}
-
-/* Check certificate against CRL */
-static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x)
-{
-    int ok;
-    X509_REVOKED *rev;
-    /*
-     * The rules changed for this... previously if a CRL contained unhandled
-     * critical extensions it could still be used to indicate a certificate
-     * was revoked. This has since been changed since critical extension can
-     * change the meaning of CRL entries.
-     */
-    if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL)
-        && (crl->flags & EXFLAG_CRITICAL)) {
-        ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION;
-        ok = ctx->verify_cb(0, ctx);
-        if (!ok)
-            return 0;
-    }
-    /*
-     * Look for serial number of certificate in CRL If found make sure reason
-     * is not removeFromCRL.
-     */
-    if (X509_CRL_get0_by_cert(crl, &rev, x)) {
-        if (rev->reason == CRL_REASON_REMOVE_FROM_CRL)
-            return 2;
-        ctx->error = X509_V_ERR_CERT_REVOKED;
-        ok = ctx->verify_cb(0, ctx);
-        if (!ok)
-            return 0;
-    }
-
-    return 1;
-}
-
-static int check_policy(X509_STORE_CTX *ctx)
-{
-    int ret;
-    if (ctx->parent)
-        return 1;
-    ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain,
-                            ctx->param->policies, ctx->param->flags);
-    if (ret == 0) {
-        X509err(X509_F_CHECK_POLICY, ERR_R_MALLOC_FAILURE);
-        ctx->error = X509_V_ERR_OUT_OF_MEM;
-        return 0;
-    }
-    /* Invalid or inconsistent extensions */
-    if (ret == -1) {
-        /*
-         * Locate certificates with bad extensions and notify callback.
-         */
-        X509 *x;
-        int i;
-        for (i = 1; i < sk_X509_num(ctx->chain); i++) {
-            x = sk_X509_value(ctx->chain, i);
-            if (!(x->ex_flags & EXFLAG_INVALID_POLICY))
-                continue;
-            ctx->current_cert = x;
-            ctx->error = X509_V_ERR_INVALID_POLICY_EXTENSION;
-            if (!ctx->verify_cb(0, ctx))
-                return 0;
-        }
-        return 1;
-    }
-    if (ret == -2) {
-        ctx->current_cert = NULL;
-        ctx->error = X509_V_ERR_NO_EXPLICIT_POLICY;
-        return ctx->verify_cb(0, ctx);
-    }
-
-    if (ctx->param->flags & X509_V_FLAG_NOTIFY_POLICY) {
-        ctx->current_cert = NULL;
-        /*
-         * Verification errors need to be "sticky", a callback may have allowed
-         * an SSL handshake to continue despite an error, and we must then
-         * remain in an error state.  Therefore, we MUST NOT clear earlier
-         * verification errors by setting the error to X509_V_OK.
-         */
-        if (!ctx->verify_cb(2, ctx))
-            return 0;
-    }
-
-    return 1;
-}
-
-static int check_cert_time(X509_STORE_CTX *ctx, X509 *x)
-{
-    time_t *ptime;
-    int i;
-
-    if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
-        ptime = &ctx->param->check_time;
-    else
-        ptime = NULL;
-
-    i = X509_cmp_time(X509_get_notBefore(x), ptime);
-    if (i == 0) {
-        ctx->error = X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD;
-        ctx->current_cert = x;
-        if (!ctx->verify_cb(0, ctx))
-            return 0;
-    }
-
-    if (i > 0) {
-        ctx->error = X509_V_ERR_CERT_NOT_YET_VALID;
-        ctx->current_cert = x;
-        if (!ctx->verify_cb(0, ctx))
-            return 0;
-    }
-
-    i = X509_cmp_time(X509_get_notAfter(x), ptime);
-    if (i == 0) {
-        ctx->error = X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD;
-        ctx->current_cert = x;
-        if (!ctx->verify_cb(0, ctx))
-            return 0;
-    }
-
-    if (i < 0) {
-        ctx->error = X509_V_ERR_CERT_HAS_EXPIRED;
-        ctx->current_cert = x;
-        if (!ctx->verify_cb(0, ctx))
-            return 0;
-    }
-
-    return 1;
-}
-
-static int internal_verify(X509_STORE_CTX *ctx)
-{
-    int ok = 0, n;
-    X509 *xs, *xi;
-    EVP_PKEY *pkey = NULL;
-    int (*cb) (int xok, X509_STORE_CTX *xctx);
-
-    cb = ctx->verify_cb;
-
-    n = sk_X509_num(ctx->chain);
-    ctx->error_depth = n - 1;
-    n--;
-    xi = sk_X509_value(ctx->chain, n);
-
-    if (ctx->check_issued(ctx, xi, xi))
-        xs = xi;
-    else {
-        if (ctx->param->flags & X509_V_FLAG_PARTIAL_CHAIN) {
-            xs = xi;
-            goto check_cert;
-        }
-        if (n <= 0) {
-            ctx->error = X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE;
-            ctx->current_cert = xi;
-            ok = cb(0, ctx);
-            goto end;
-        } else {
-            n--;
-            ctx->error_depth = n;
-            xs = sk_X509_value(ctx->chain, n);
-        }
-    }
-
-/*      ctx->error=0;  not needed */
-    while (n >= 0) {
-        ctx->error_depth = n;
-
-        /*
-         * Skip signature check for self signed certificates unless
-         * explicitly asked for. It doesn't add any security and just wastes
-         * time.
-         */
-        if (!xs->valid
-            && (xs != xi
-                || (ctx->param->flags & X509_V_FLAG_CHECK_SS_SIGNATURE))) {
-            if ((pkey = X509_get_pubkey(xi)) == NULL) {
-                ctx->error = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
-                ctx->current_cert = xi;
-                ok = (*cb) (0, ctx);
-                if (!ok)
-                    goto end;
-            } else if (X509_verify(xs, pkey) <= 0) {
-                ctx->error = X509_V_ERR_CERT_SIGNATURE_FAILURE;
-                ctx->current_cert = xs;
-                ok = (*cb) (0, ctx);
-                if (!ok) {
-                    EVP_PKEY_free(pkey);
-                    goto end;
-                }
-            }
-            EVP_PKEY_free(pkey);
-            pkey = NULL;
-        }
-
-        xs->valid = 1;
-
- check_cert:
-        ok = check_cert_time(ctx, xs);
-        if (!ok)
-            goto end;
-
-        /* The last error (if any) is still in the error value */
-        ctx->current_issuer = xi;
-        ctx->current_cert = xs;
-        ok = (*cb) (1, ctx);
-        if (!ok)
-            goto end;
-
-        n--;
-        if (n >= 0) {
-            xi = xs;
-            xs = sk_X509_value(ctx->chain, n);
-        }
-    }
-    ok = 1;
- end:
-    return ok;
-}
-
-int X509_cmp_current_time(const ASN1_TIME *ctm)
-{
-    return X509_cmp_time(ctm, NULL);
-}
-
-int X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time)
-{
-    char *str;
-    ASN1_TIME atm;
-    long offset;
-    char buff1[24], buff2[24], *p;
-    int i, j, remaining;
-
-    p = buff1;
-    remaining = ctm->length;
-    str = (char *)ctm->data;
-    /*
-     * Note that the following (historical) code allows much more slack in the
-     * time format than RFC5280. In RFC5280, the representation is fixed:
-     * UTCTime: YYMMDDHHMMSSZ
-     * GeneralizedTime: YYYYMMDDHHMMSSZ
-     */
-    if (ctm->type == V_ASN1_UTCTIME) {
-        /* YYMMDDHHMM[SS]Z or YYMMDDHHMM[SS](+-)hhmm */
-        int min_length = sizeof("YYMMDDHHMMZ") - 1;
-        int max_length = sizeof("YYMMDDHHMMSS+hhmm") - 1;
-        if (remaining < min_length || remaining > max_length)
-            return 0;
-        memcpy(p, str, 10);
-        p += 10;
-        str += 10;
-        remaining -= 10;
-    } else {
-        /* YYYYMMDDHHMM[SS[.fff]]Z or YYYYMMDDHHMM[SS[.f[f[f]]]](+-)hhmm */
-        int min_length = sizeof("YYYYMMDDHHMMZ") - 1;
-        int max_length = sizeof("YYYYMMDDHHMMSS.fff+hhmm") - 1;
-        if (remaining < min_length || remaining > max_length)
-            return 0;
-        memcpy(p, str, 12);
-        p += 12;
-        str += 12;
-        remaining -= 12;
-    }
-
-    if ((*str == 'Z') || (*str == '-') || (*str == '+')) {
-        *(p++) = '0';
-        *(p++) = '0';
-    } else {
-        /* SS (seconds) */
-        if (remaining < 2)
-            return 0;
-        *(p++) = *(str++);
-        *(p++) = *(str++);
-        remaining -= 2;
-        /*
-         * Skip any (up to three) fractional seconds...
-         * TODO(emilia): in RFC5280, fractional seconds are forbidden.
-         * Can we just kill them altogether?
-         */
-        if (remaining && *str == '.') {
-            str++;
-            remaining--;
-            for (i = 0; i < 3 && remaining; i++, str++, remaining--) {
-                if (*str < '0' || *str > '9')
-                    break;
-            }
-        }
-
-    }
-    *(p++) = 'Z';
-    *(p++) = '\0';
-
-    /* We now need either a terminating 'Z' or an offset. */
-    if (!remaining)
-        return 0;
-    if (*str == 'Z') {
-        if (remaining != 1)
-            return 0;
-        offset = 0;
-    } else {
-        /* (+-)HHMM */
-        if ((*str != '+') && (*str != '-'))
-            return 0;
-        /* Historical behaviour: the (+-)hhmm offset is forbidden in RFC5280. */
-        if (remaining != 5)
-            return 0;
-        if (str[1] < '0' || str[1] > '9' || str[2] < '0' || str[2] > '9' ||
-            str[3] < '0' || str[3] > '9' || str[4] < '0' || str[4] > '9')
-            return 0;
-        offset = ((str[1] - '0') * 10 + (str[2] - '0')) * 60;
-        offset += (str[3] - '0') * 10 + (str[4] - '0');
-        if (*str == '-')
-            offset = -offset;
-    }
-    atm.type = ctm->type;
-    atm.flags = 0;
-    atm.length = sizeof(buff2);
-    atm.data = (unsigned char *)buff2;
-
-    if (X509_time_adj(&atm, offset * 60, cmp_time) == NULL)
-        return 0;
-
-    if (ctm->type == V_ASN1_UTCTIME) {
-        i = (buff1[0] - '0') * 10 + (buff1[1] - '0');
-        if (i < 50)
-            i += 100;           /* cf. RFC 2459 */
-        j = (buff2[0] - '0') * 10 + (buff2[1] - '0');
-        if (j < 50)
-            j += 100;
-
-        if (i < j)
-            return -1;
-        if (i > j)
-            return 1;
-    }
-    i = strcmp(buff1, buff2);
-    if (i == 0)                 /* wait a second then return younger :-) */
-        return -1;
-    else
-        return i;
-}
-
-ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj)
-{
-    return X509_time_adj(s, adj, NULL);
-}
-
-ASN1_TIME *X509_time_adj(ASN1_TIME *s, long offset_sec, time_t *in_tm)
-{
-    return X509_time_adj_ex(s, 0, offset_sec, in_tm);
-}
-
-ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s,
-                            int offset_day, long offset_sec, time_t *in_tm)
-{
-    time_t t;
-
-    if (in_tm)
-        t = *in_tm;
-    else
-        time(&t);
-
-    if (s && !(s->flags & ASN1_STRING_FLAG_MSTRING)) {
-        if (s->type == V_ASN1_UTCTIME)
-            return ASN1_UTCTIME_adj(s, t, offset_day, offset_sec);
-        if (s->type == V_ASN1_GENERALIZEDTIME)
-            return ASN1_GENERALIZEDTIME_adj(s, t, offset_day, offset_sec);
-    }
-    return ASN1_TIME_adj(s, t, offset_day, offset_sec);
-}
-
-int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
-{
-    EVP_PKEY *ktmp = NULL, *ktmp2;
-    int i, j;
-
-    if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey))
-        return 1;
-
-    for (i = 0; i < sk_X509_num(chain); i++) {
-        ktmp = X509_get_pubkey(sk_X509_value(chain, i));
-        if (ktmp == NULL) {
-            X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,
-                    X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY);
-            return 0;
-        }
-        if (!EVP_PKEY_missing_parameters(ktmp))
-            break;
-        else {
-            EVP_PKEY_free(ktmp);
-            ktmp = NULL;
-        }
-    }
-    if (ktmp == NULL) {
-        X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,
-                X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN);
-        return 0;
-    }
-
-    /* first, populate the other certs */
-    for (j = i - 1; j >= 0; j--) {
-        ktmp2 = X509_get_pubkey(sk_X509_value(chain, j));
-        EVP_PKEY_copy_parameters(ktmp2, ktmp);
-        EVP_PKEY_free(ktmp2);
-    }
-
-    if (pkey != NULL)
-        EVP_PKEY_copy_parameters(pkey, ktmp);
-    EVP_PKEY_free(ktmp);
-    return 1;
-}
-
-/* Make a delta CRL as the diff between two full CRLs */
-
-X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
-                        EVP_PKEY *skey, const EVP_MD *md, unsigned int flags)
-{
-    X509_CRL *crl = NULL;
-    int i;
-    STACK_OF(X509_REVOKED) *revs = NULL;
-    /* CRLs can't be delta already */
-    if (base->base_crl_number || newer->base_crl_number) {
-        X509err(X509_F_X509_CRL_DIFF, X509_R_CRL_ALREADY_DELTA);
-        return NULL;
-    }
-    /* Base and new CRL must have a CRL number */
-    if (!base->crl_number || !newer->crl_number) {
-        X509err(X509_F_X509_CRL_DIFF, X509_R_NO_CRL_NUMBER);
-        return NULL;
-    }
-    /* Issuer names must match */
-    if (X509_NAME_cmp(X509_CRL_get_issuer(base), X509_CRL_get_issuer(newer))) {
-        X509err(X509_F_X509_CRL_DIFF, X509_R_ISSUER_MISMATCH);
-        return NULL;
-    }
-    /* AKID and IDP must match */
-    if (!crl_extension_match(base, newer, NID_authority_key_identifier)) {
-        X509err(X509_F_X509_CRL_DIFF, X509_R_AKID_MISMATCH);
-        return NULL;
-    }
-    if (!crl_extension_match(base, newer, NID_issuing_distribution_point)) {
-        X509err(X509_F_X509_CRL_DIFF, X509_R_IDP_MISMATCH);
-        return NULL;
-    }
-    /* Newer CRL number must exceed full CRL number */
-    if (ASN1_INTEGER_cmp(newer->crl_number, base->crl_number) <= 0) {
-        X509err(X509_F_X509_CRL_DIFF, X509_R_NEWER_CRL_NOT_NEWER);
-        return NULL;
-    }
-    /* CRLs must verify */
-    if (skey && (X509_CRL_verify(base, skey) <= 0 ||
-                 X509_CRL_verify(newer, skey) <= 0)) {
-        X509err(X509_F_X509_CRL_DIFF, X509_R_CRL_VERIFY_FAILURE);
-        return NULL;
-    }
-    /* Create new CRL */
-    crl = X509_CRL_new();
-    if (!crl || !X509_CRL_set_version(crl, 1))
-        goto memerr;
-    /* Set issuer name */
-    if (!X509_CRL_set_issuer_name(crl, X509_CRL_get_issuer(newer)))
-        goto memerr;
-
-    if (!X509_CRL_set_lastUpdate(crl, X509_CRL_get_lastUpdate(newer)))
-        goto memerr;
-    if (!X509_CRL_set_nextUpdate(crl, X509_CRL_get_nextUpdate(newer)))
-        goto memerr;
-
-    /* Set base CRL number: must be critical */
-
-    if (!X509_CRL_add1_ext_i2d(crl, NID_delta_crl, base->crl_number, 1, 0))
-        goto memerr;
-
-    /*
-     * Copy extensions across from newest CRL to delta: this will set CRL
-     * number to correct value too.
-     */
-
-    for (i = 0; i < X509_CRL_get_ext_count(newer); i++) {
-        X509_EXTENSION *ext;
-        ext = X509_CRL_get_ext(newer, i);
-        if (!X509_CRL_add_ext(crl, ext, -1))
-            goto memerr;
-    }
-
-    /* Go through revoked entries, copying as needed */
-
-    revs = X509_CRL_get_REVOKED(newer);
-
-    for (i = 0; i < sk_X509_REVOKED_num(revs); i++) {
-        X509_REVOKED *rvn, *rvtmp;
-        rvn = sk_X509_REVOKED_value(revs, i);
-        /*
-         * Add only if not also in base. TODO: need something cleverer here
-         * for some more complex CRLs covering multiple CAs.
-         */
-        if (!X509_CRL_get0_by_serial(base, &rvtmp, rvn->serialNumber)) {
-            rvtmp = X509_REVOKED_dup(rvn);
-            if (!rvtmp)
-                goto memerr;
-            if (!X509_CRL_add0_revoked(crl, rvtmp)) {
-                X509_REVOKED_free(rvtmp);
-                goto memerr;
-            }
-        }
-    }
-    /* TODO: optionally prune deleted entries */
-
-    if (skey && md && !X509_CRL_sign(crl, skey, md))
-        goto memerr;
-
-    return crl;
-
- memerr:
-    X509err(X509_F_X509_CRL_DIFF, ERR_R_MALLOC_FAILURE);
-    if (crl)
-        X509_CRL_free(crl);
-    return NULL;
-}
-
-int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
-                                    CRYPTO_EX_new *new_func,
-                                    CRYPTO_EX_dup *dup_func,
-                                    CRYPTO_EX_free *free_func)
-{
-    /*
-     * This function is (usually) called only once, by
-     * SSL_get_ex_data_X509_STORE_CTX_idx (ssl/ssl_cert.c).
-     */
-    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, argl, argp,
-                                   new_func, dup_func, free_func);
-}
-
-int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data)
-{
-    return CRYPTO_set_ex_data(&ctx->ex_data, idx, data);
-}
-
-void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx)
-{
-    return CRYPTO_get_ex_data(&ctx->ex_data, idx);
-}
-
-int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx)
-{
-    return ctx->error;
-}
-
-void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err)
-{
-    ctx->error = err;
-}
-
-int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx)
-{
-    return ctx->error_depth;
-}
-
-X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx)
-{
-    return ctx->current_cert;
-}
-
-STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx)
-{
-    return ctx->chain;
-}
-
-STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx)
-{
-    if (!ctx->chain)
-        return NULL;
-    return X509_chain_up_ref(ctx->chain);
-}
-
-X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx)
-{
-    return ctx->current_issuer;
-}
-
-X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx)
-{
-    return ctx->current_crl;
-}
-
-X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx)
-{
-    return ctx->parent;
-}
-
-void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x)
-{
-    ctx->cert = x;
-}
-
-void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
-{
-    ctx->untrusted = sk;
-}
-
-void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk)
-{
-    ctx->crls = sk;
-}
-
-int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose)
-{
-    return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0);
-}
-
-int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust)
-{
-    return X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust);
-}
-
-/*
- * This function is used to set the X509_STORE_CTX purpose and trust values.
- * This is intended to be used when another structure has its own trust and
- * purpose values which (if set) will be inherited by the ctx. If they aren't
- * set then we will usually have a default purpose in mind which should then
- * be used to set the trust value. An example of this is SSL use: an SSL
- * structure will have its own purpose and trust settings which the
- * application can set: if they aren't set then we use the default of SSL
- * client/server.
- */
-
-int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
-                                   int purpose, int trust)
-{
-    int idx;
-    /* If purpose not set use default */
-    if (!purpose)
-        purpose = def_purpose;
-    /* If we have a purpose then check it is valid */
-    if (purpose) {
-        X509_PURPOSE *ptmp;
-        idx = X509_PURPOSE_get_by_id(purpose);
-        if (idx == -1) {
-            X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
-                    X509_R_UNKNOWN_PURPOSE_ID);
-            return 0;
-        }
-        ptmp = X509_PURPOSE_get0(idx);
-        if (ptmp->trust == X509_TRUST_DEFAULT) {
-            idx = X509_PURPOSE_get_by_id(def_purpose);
-            if (idx == -1) {
-                X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
-                        X509_R_UNKNOWN_PURPOSE_ID);
-                return 0;
-            }
-            ptmp = X509_PURPOSE_get0(idx);
-        }
-        /* If trust not set then get from purpose default */
-        if (!trust)
-            trust = ptmp->trust;
-    }
-    if (trust) {
-        idx = X509_TRUST_get_by_id(trust);
-        if (idx == -1) {
-            X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
-                    X509_R_UNKNOWN_TRUST_ID);
-            return 0;
-        }
-    }
-
-    if (purpose && !ctx->param->purpose)
-        ctx->param->purpose = purpose;
-    if (trust && !ctx->param->trust)
-        ctx->param->trust = trust;
-    return 1;
-}
-
-X509_STORE_CTX *X509_STORE_CTX_new(void)
-{
-    X509_STORE_CTX *ctx;
-    ctx = (X509_STORE_CTX *)OPENSSL_malloc(sizeof(X509_STORE_CTX));
-    if (!ctx) {
-        X509err(X509_F_X509_STORE_CTX_NEW, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    memset(ctx, 0, sizeof(X509_STORE_CTX));
-    return ctx;
-}
-
-void X509_STORE_CTX_free(X509_STORE_CTX *ctx)
-{
-    if (!ctx)
-        return;
-    X509_STORE_CTX_cleanup(ctx);
-    OPENSSL_free(ctx);
-}
-
-int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
-                        STACK_OF(X509) *chain)
-{
-    int ret = 1;
-    ctx->ctx = store;
-    ctx->current_method = 0;
-    ctx->cert = x509;
-    ctx->untrusted = chain;
-    ctx->crls = NULL;
-    ctx->last_untrusted = 0;
-    ctx->other_ctx = NULL;
-    ctx->valid = 0;
-    ctx->chain = NULL;
-    ctx->error = 0;
-    ctx->explicit_policy = 0;
-    ctx->error_depth = 0;
-    ctx->current_cert = NULL;
-    ctx->current_issuer = NULL;
-    ctx->current_crl = NULL;
-    ctx->current_crl_score = 0;
-    ctx->current_reasons = 0;
-    ctx->tree = NULL;
-    ctx->parent = NULL;
-    /* Zero ex_data to make sure we're cleanup-safe */
-    memset(&ctx->ex_data, 0, sizeof(ctx->ex_data));
-
-    ctx->param = X509_VERIFY_PARAM_new();
-    if (!ctx->param) {
-        X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-
-    /*
-     * Inherit callbacks and flags from X509_STORE if not set use defaults.
-     */
-    if (store)
-        ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param);
-    else
-        ctx->param->inh_flags |= X509_VP_FLAG_DEFAULT | X509_VP_FLAG_ONCE;
-
-    if (store) {
-        ctx->verify_cb = store->verify_cb;
-        /* Seems to always be 0 in OpenSSL, else must be idempotent */
-        ctx->cleanup = store->cleanup;
-    } else
-        ctx->cleanup = 0;
-
-    if (ret)
-        ret = X509_VERIFY_PARAM_inherit(ctx->param,
-                                        X509_VERIFY_PARAM_lookup("default"));
-
-    if (ret == 0) {
-        X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (store && store->check_issued)
-        ctx->check_issued = store->check_issued;
-    else
-        ctx->check_issued = check_issued;
-
-    if (store && store->get_issuer)
-        ctx->get_issuer = store->get_issuer;
-    else
-        ctx->get_issuer = X509_STORE_CTX_get1_issuer;
-
-    if (store && store->verify_cb)
-        ctx->verify_cb = store->verify_cb;
-    else
-        ctx->verify_cb = null_callback;
-
-    if (store && store->verify)
-        ctx->verify = store->verify;
-    else
-        ctx->verify = internal_verify;
-
-    if (store && store->check_revocation)
-        ctx->check_revocation = store->check_revocation;
-    else
-        ctx->check_revocation = check_revocation;
-
-    if (store && store->get_crl)
-        ctx->get_crl = store->get_crl;
-    else
-        ctx->get_crl = NULL;
-
-    if (store && store->check_crl)
-        ctx->check_crl = store->check_crl;
-    else
-        ctx->check_crl = check_crl;
-
-    if (store && store->cert_crl)
-        ctx->cert_crl = store->cert_crl;
-    else
-        ctx->cert_crl = cert_crl;
-
-    if (store && store->lookup_certs)
-        ctx->lookup_certs = store->lookup_certs;
-    else
-        ctx->lookup_certs = X509_STORE_get1_certs;
-
-    if (store && store->lookup_crls)
-        ctx->lookup_crls = store->lookup_crls;
-    else
-        ctx->lookup_crls = X509_STORE_get1_crls;
-
-    ctx->check_policy = check_policy;
-
-    if (CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx,
-                           &ctx->ex_data))
-        return 1;
-    X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE);
-
- err:
-    /*
-     * On error clean up allocated storage, if the store context was not
-     * allocated with X509_STORE_CTX_new() this is our last chance to do so.
-     */
-    X509_STORE_CTX_cleanup(ctx);
-    return 0;
-}
-
-/*
- * Set alternative lookup method: just a STACK of trusted certificates. This
- * avoids X509_STORE nastiness where it isn't needed.
- */
-
-void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
-{
-    ctx->other_ctx = sk;
-    ctx->get_issuer = get_issuer_sk;
-}
-
-void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
-{
-    /*
-     * We need to be idempotent because, unfortunately, free() also calls
-     * cleanup(), so the natural call sequence new(), init(), cleanup(), free()
-     * calls cleanup() for the same object twice!  Thus we must zero the
-     * pointers below after they're freed!
-     */
-    /* Seems to always be 0 in OpenSSL, do this at most once. */
-    if (ctx->cleanup != NULL) {
-        ctx->cleanup(ctx);
-        ctx->cleanup = NULL;
-    }
-    if (ctx->param != NULL) {
-        if (ctx->parent == NULL)
-            X509_VERIFY_PARAM_free(ctx->param);
-        ctx->param = NULL;
-    }
-    if (ctx->tree != NULL) {
-        X509_policy_tree_free(ctx->tree);
-        ctx->tree = NULL;
-    }
-    if (ctx->chain != NULL) {
-        sk_X509_pop_free(ctx->chain, X509_free);
-        ctx->chain = NULL;
-    }
-    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, &(ctx->ex_data));
-    memset(&ctx->ex_data, 0, sizeof(CRYPTO_EX_DATA));
-}
-
-void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth)
-{
-    X509_VERIFY_PARAM_set_depth(ctx->param, depth);
-}
-
-void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags)
-{
-    X509_VERIFY_PARAM_set_flags(ctx->param, flags);
-}
-
-void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags,
-                             time_t t)
-{
-    X509_VERIFY_PARAM_set_time(ctx->param, t);
-}
-
-void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
-                                  int (*verify_cb) (int, X509_STORE_CTX *))
-{
-    ctx->verify_cb = verify_cb;
-}
-
-X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx)
-{
-    return ctx->tree;
-}
-
-int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx)
-{
-    return ctx->explicit_policy;
-}
-
-int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name)
-{
-    const X509_VERIFY_PARAM *param;
-    param = X509_VERIFY_PARAM_lookup(name);
-    if (!param)
-        return 0;
-    return X509_VERIFY_PARAM_inherit(ctx->param, param);
-}
-
-X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx)
-{
-    return ctx->param;
-}
-
-void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param)
-{
-    if (ctx->param)
-        X509_VERIFY_PARAM_free(ctx->param);
-    ctx->param = param;
-}
-
-IMPLEMENT_STACK_OF(X509)
-
-IMPLEMENT_ASN1_SET_OF(X509)
-
-IMPLEMENT_STACK_OF(X509_NAME)
-
-IMPLEMENT_STACK_OF(X509_ATTRIBUTE)
-
-IMPLEMENT_ASN1_SET_OF(X509_ATTRIBUTE)
diff --git a/thirdparty/openssl/crypto/x509/x509_vpm.c b/thirdparty/openssl/crypto/x509/x509_vpm.c
deleted file mode 100644
index 1ac15a881a..0000000000
--- a/thirdparty/openssl/crypto/x509/x509_vpm.c
+++ /dev/null
@@ -1,662 +0,0 @@
-/* x509_vpm.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include "cryptlib.h"
-#include <openssl/crypto.h>
-#include <openssl/lhash.h>
-#include <openssl/buffer.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#include "vpm_int.h"
-
-/* X509_VERIFY_PARAM functions */
-
-#define SET_HOST 0
-#define ADD_HOST 1
-
-static char *str_copy(const char *s)
-{
-    return OPENSSL_strdup(s);
-}
-
-static void str_free(char *s)
-{
-    OPENSSL_free(s);
-}
-
-#define string_stack_free(sk) sk_OPENSSL_STRING_pop_free(sk, str_free)
-
-static int int_x509_param_set_hosts(X509_VERIFY_PARAM_ID *id, int mode,
-                                    const char *name, size_t namelen)
-{
-    char *copy;
-
-    /*
-     * Refuse names with embedded NUL bytes, except perhaps as final byte.
-     * XXX: Do we need to push an error onto the error stack?
-     */
-    if (namelen == 0 || name == NULL)
-        namelen = name ? strlen(name) : 0;
-    else if (name && memchr(name, '\0', namelen > 1 ? namelen - 1 : namelen))
-        return 0;
-    if (namelen > 0 && name[namelen - 1] == '\0')
-        --namelen;
-
-    if (mode == SET_HOST && id->hosts) {
-        string_stack_free(id->hosts);
-        id->hosts = NULL;
-    }
-    if (name == NULL || namelen == 0)
-        return 1;
-
-    copy = BUF_strndup(name, namelen);
-    if (copy == NULL)
-        return 0;
-
-    if (id->hosts == NULL &&
-        (id->hosts = sk_OPENSSL_STRING_new_null()) == NULL) {
-        OPENSSL_free(copy);
-        return 0;
-    }
-
-    if (!sk_OPENSSL_STRING_push(id->hosts, copy)) {
-        OPENSSL_free(copy);
-        if (sk_OPENSSL_STRING_num(id->hosts) == 0) {
-            sk_OPENSSL_STRING_free(id->hosts);
-            id->hosts = NULL;
-        }
-        return 0;
-    }
-
-    return 1;
-}
-
-static void x509_verify_param_zero(X509_VERIFY_PARAM *param)
-{
-    X509_VERIFY_PARAM_ID *paramid;
-    if (!param)
-        return;
-    param->name = NULL;
-    param->purpose = 0;
-    param->trust = 0;
-    /*
-     * param->inh_flags = X509_VP_FLAG_DEFAULT;
-     */
-    param->inh_flags = 0;
-    param->flags = 0;
-    param->depth = -1;
-    if (param->policies) {
-        sk_ASN1_OBJECT_pop_free(param->policies, ASN1_OBJECT_free);
-        param->policies = NULL;
-    }
-    paramid = param->id;
-    if (paramid->hosts) {
-        string_stack_free(paramid->hosts);
-        paramid->hosts = NULL;
-    }
-    if (paramid->peername)
-        OPENSSL_free(paramid->peername);
-    paramid->peername = NULL;
-    if (paramid->email) {
-        OPENSSL_free(paramid->email);
-        paramid->email = NULL;
-        paramid->emaillen = 0;
-    }
-    if (paramid->ip) {
-        OPENSSL_free(paramid->ip);
-        paramid->ip = NULL;
-        paramid->iplen = 0;
-    }
-}
-
-X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void)
-{
-    X509_VERIFY_PARAM *param;
-    X509_VERIFY_PARAM_ID *paramid;
-
-    param = OPENSSL_malloc(sizeof *param);
-    if (!param)
-        return NULL;
-    memset(param, 0, sizeof(*param));
-
-    paramid = OPENSSL_malloc(sizeof(*paramid));
-    if (!paramid) {
-        OPENSSL_free(param);
-        return NULL;
-    }
-    memset(paramid, 0, sizeof(*paramid));
-    /* Exotic platforms may have non-zero bit representation of NULL */
-    paramid->hosts = NULL;
-    paramid->peername = NULL;
-    paramid->email = NULL;
-    paramid->ip = NULL;
-
-    param->id = paramid;
-    x509_verify_param_zero(param);
-    return param;
-}
-
-void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param)
-{
-    if (param == NULL)
-        return;
-    x509_verify_param_zero(param);
-    OPENSSL_free(param->id);
-    OPENSSL_free(param);
-}
-
-/*-
- * This function determines how parameters are "inherited" from one structure
- * to another. There are several different ways this can happen.
- *
- * 1. If a child structure needs to have its values initialized from a parent
- *    they are simply copied across. For example SSL_CTX copied to SSL.
- * 2. If the structure should take on values only if they are currently unset.
- *    For example the values in an SSL structure will take appropriate value
- *    for SSL servers or clients but only if the application has not set new
- *    ones.
- *
- * The "inh_flags" field determines how this function behaves.
- *
- * Normally any values which are set in the default are not copied from the
- * destination and verify flags are ORed together.
- *
- * If X509_VP_FLAG_DEFAULT is set then anything set in the source is copied
- * to the destination. Effectively the values in "to" become default values
- * which will be used only if nothing new is set in "from".
- *
- * If X509_VP_FLAG_OVERWRITE is set then all value are copied across whether
- * they are set or not. Flags is still Ored though.
- *
- * If X509_VP_FLAG_RESET_FLAGS is set then the flags value is copied instead
- * of ORed.
- *
- * If X509_VP_FLAG_LOCKED is set then no values are copied.
- *
- * If X509_VP_FLAG_ONCE is set then the current inh_flags setting is zeroed
- * after the next call.
- */
-
-/* Macro to test if a field should be copied from src to dest */
-
-#define test_x509_verify_param_copy(field, def) \
-        (to_overwrite || \
-                ((src->field != def) && (to_default || (dest->field == def))))
-
-/* As above but for ID fields */
-
-#define test_x509_verify_param_copy_id(idf, def) \
-        test_x509_verify_param_copy(id->idf, def)
-
-/* Macro to test and copy a field if necessary */
-
-#define x509_verify_param_copy(field, def) \
-        if (test_x509_verify_param_copy(field, def)) \
-                dest->field = src->field
-
-int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *dest,
-                              const X509_VERIFY_PARAM *src)
-{
-    unsigned long inh_flags;
-    int to_default, to_overwrite;
-    X509_VERIFY_PARAM_ID *id;
-    if (!src)
-        return 1;
-    id = src->id;
-    inh_flags = dest->inh_flags | src->inh_flags;
-
-    if (inh_flags & X509_VP_FLAG_ONCE)
-        dest->inh_flags = 0;
-
-    if (inh_flags & X509_VP_FLAG_LOCKED)
-        return 1;
-
-    if (inh_flags & X509_VP_FLAG_DEFAULT)
-        to_default = 1;
-    else
-        to_default = 0;
-
-    if (inh_flags & X509_VP_FLAG_OVERWRITE)
-        to_overwrite = 1;
-    else
-        to_overwrite = 0;
-
-    x509_verify_param_copy(purpose, 0);
-    x509_verify_param_copy(trust, 0);
-    x509_verify_param_copy(depth, -1);
-
-    /* If overwrite or check time not set, copy across */
-
-    if (to_overwrite || !(dest->flags & X509_V_FLAG_USE_CHECK_TIME)) {
-        dest->check_time = src->check_time;
-        dest->flags &= ~X509_V_FLAG_USE_CHECK_TIME;
-        /* Don't need to copy flag: that is done below */
-    }
-
-    if (inh_flags & X509_VP_FLAG_RESET_FLAGS)
-        dest->flags = 0;
-
-    dest->flags |= src->flags;
-
-    if (test_x509_verify_param_copy(policies, NULL)) {
-        if (!X509_VERIFY_PARAM_set1_policies(dest, src->policies))
-            return 0;
-    }
-
-    /* Copy the host flags if and only if we're copying the host list */
-    if (test_x509_verify_param_copy_id(hosts, NULL)) {
-        if (dest->id->hosts) {
-            string_stack_free(dest->id->hosts);
-            dest->id->hosts = NULL;
-        }
-        if (id->hosts) {
-            dest->id->hosts =
-                sk_OPENSSL_STRING_deep_copy(id->hosts, str_copy, str_free);
-            if (dest->id->hosts == NULL)
-                return 0;
-            dest->id->hostflags = id->hostflags;
-        }
-    }
-
-    if (test_x509_verify_param_copy_id(email, NULL)) {
-        if (!X509_VERIFY_PARAM_set1_email(dest, id->email, id->emaillen))
-            return 0;
-    }
-
-    if (test_x509_verify_param_copy_id(ip, NULL)) {
-        if (!X509_VERIFY_PARAM_set1_ip(dest, id->ip, id->iplen))
-            return 0;
-    }
-
-    return 1;
-}
-
-int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to,
-                           const X509_VERIFY_PARAM *from)
-{
-    unsigned long save_flags = to->inh_flags;
-    int ret;
-    to->inh_flags |= X509_VP_FLAG_DEFAULT;
-    ret = X509_VERIFY_PARAM_inherit(to, from);
-    to->inh_flags = save_flags;
-    return ret;
-}
-
-static int int_x509_param_set1(char **pdest, size_t *pdestlen,
-                               const char *src, size_t srclen)
-{
-    void *tmp;
-    if (src) {
-        if (srclen == 0) {
-            tmp = BUF_strdup(src);
-            srclen = strlen(src);
-        } else
-            tmp = BUF_memdup(src, srclen);
-        if (!tmp)
-            return 0;
-    } else {
-        tmp = NULL;
-        srclen = 0;
-    }
-    if (*pdest)
-        OPENSSL_free(*pdest);
-    *pdest = tmp;
-    if (pdestlen)
-        *pdestlen = srclen;
-    return 1;
-}
-
-int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name)
-{
-    if (param->name)
-        OPENSSL_free(param->name);
-    param->name = BUF_strdup(name);
-    if (param->name)
-        return 1;
-    return 0;
-}
-
-int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags)
-{
-    param->flags |= flags;
-    if (flags & X509_V_FLAG_POLICY_MASK)
-        param->flags |= X509_V_FLAG_POLICY_CHECK;
-    return 1;
-}
-
-int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
-                                  unsigned long flags)
-{
-    param->flags &= ~flags;
-    return 1;
-}
-
-unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param)
-{
-    return param->flags;
-}
-
-int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose)
-{
-    return X509_PURPOSE_set(&param->purpose, purpose);
-}
-
-int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust)
-{
-    return X509_TRUST_set(&param->trust, trust);
-}
-
-void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth)
-{
-    param->depth = depth;
-}
-
-void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t)
-{
-    param->check_time = t;
-    param->flags |= X509_V_FLAG_USE_CHECK_TIME;
-}
-
-int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
-                                  ASN1_OBJECT *policy)
-{
-    if (!param->policies) {
-        param->policies = sk_ASN1_OBJECT_new_null();
-        if (!param->policies)
-            return 0;
-    }
-    if (!sk_ASN1_OBJECT_push(param->policies, policy))
-        return 0;
-    return 1;
-}
-
-int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
-                                    STACK_OF(ASN1_OBJECT) *policies)
-{
-    int i;
-    ASN1_OBJECT *oid, *doid;
-    if (!param)
-        return 0;
-    if (param->policies)
-        sk_ASN1_OBJECT_pop_free(param->policies, ASN1_OBJECT_free);
-
-    if (!policies) {
-        param->policies = NULL;
-        return 1;
-    }
-
-    param->policies = sk_ASN1_OBJECT_new_null();
-    if (!param->policies)
-        return 0;
-
-    for (i = 0; i < sk_ASN1_OBJECT_num(policies); i++) {
-        oid = sk_ASN1_OBJECT_value(policies, i);
-        doid = OBJ_dup(oid);
-        if (!doid)
-            return 0;
-        if (!sk_ASN1_OBJECT_push(param->policies, doid)) {
-            ASN1_OBJECT_free(doid);
-            return 0;
-        }
-    }
-    param->flags |= X509_V_FLAG_POLICY_CHECK;
-    return 1;
-}
-
-int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
-                                const char *name, size_t namelen)
-{
-    return int_x509_param_set_hosts(param->id, SET_HOST, name, namelen);
-}
-
-int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
-                                const char *name, size_t namelen)
-{
-    return int_x509_param_set_hosts(param->id, ADD_HOST, name, namelen);
-}
-
-void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
-                                     unsigned int flags)
-{
-    param->id->hostflags = flags;
-}
-
-char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param)
-{
-    return param->id->peername;
-}
-
-int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
-                                 const char *email, size_t emaillen)
-{
-    return int_x509_param_set1(&param->id->email, &param->id->emaillen,
-                               email, emaillen);
-}
-
-int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
-                              const unsigned char *ip, size_t iplen)
-{
-    if (iplen != 0 && iplen != 4 && iplen != 16)
-        return 0;
-    return int_x509_param_set1((char **)&param->id->ip, &param->id->iplen,
-                               (char *)ip, iplen);
-}
-
-int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc)
-{
-    unsigned char ipout[16];
-    size_t iplen;
-
-    iplen = (size_t)a2i_ipadd(ipout, ipasc);
-    if (iplen == 0)
-        return 0;
-    return X509_VERIFY_PARAM_set1_ip(param, ipout, iplen);
-}
-
-int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param)
-{
-    return param->depth;
-}
-
-const char *X509_VERIFY_PARAM_get0_name(const X509_VERIFY_PARAM *param)
-{
-    return param->name;
-}
-
-static X509_VERIFY_PARAM_ID _empty_id = { NULL, 0U, NULL, NULL, 0, NULL, 0 };
-
-#define vpm_empty_id (X509_VERIFY_PARAM_ID *)&_empty_id
-
-/*
- * Default verify parameters: these are used for various applications and can
- * be overridden by the user specified table. NB: the 'name' field *must* be
- * in alphabetical order because it will be searched using OBJ_search.
- */
-
-static const X509_VERIFY_PARAM default_table[] = {
-    {
-     "default",                 /* X509 default parameters */
-     0,                         /* Check time */
-     0,                         /* internal flags */
-     0,                         /* flags */
-     0,                         /* purpose */
-     0,                         /* trust */
-     100,                       /* depth */
-     NULL,                      /* policies */
-     vpm_empty_id},
-    {
-     "pkcs7",                   /* S/MIME sign parameters */
-     0,                         /* Check time */
-     0,                         /* internal flags */
-     0,                         /* flags */
-     X509_PURPOSE_SMIME_SIGN,   /* purpose */
-     X509_TRUST_EMAIL,          /* trust */
-     -1,                        /* depth */
-     NULL,                      /* policies */
-     vpm_empty_id},
-    {
-     "smime_sign",              /* S/MIME sign parameters */
-     0,                         /* Check time */
-     0,                         /* internal flags */
-     0,                         /* flags */
-     X509_PURPOSE_SMIME_SIGN,   /* purpose */
-     X509_TRUST_EMAIL,          /* trust */
-     -1,                        /* depth */
-     NULL,                      /* policies */
-     vpm_empty_id},
-    {
-     "ssl_client",              /* SSL/TLS client parameters */
-     0,                         /* Check time */
-     0,                         /* internal flags */
-     0,                         /* flags */
-     X509_PURPOSE_SSL_CLIENT,   /* purpose */
-     X509_TRUST_SSL_CLIENT,     /* trust */
-     -1,                        /* depth */
-     NULL,                      /* policies */
-     vpm_empty_id},
-    {
-     "ssl_server",              /* SSL/TLS server parameters */
-     0,                         /* Check time */
-     0,                         /* internal flags */
-     0,                         /* flags */
-     X509_PURPOSE_SSL_SERVER,   /* purpose */
-     X509_TRUST_SSL_SERVER,     /* trust */
-     -1,                        /* depth */
-     NULL,                      /* policies */
-     vpm_empty_id}
-};
-
-static STACK_OF(X509_VERIFY_PARAM) *param_table = NULL;
-
-static int table_cmp(const X509_VERIFY_PARAM *a, const X509_VERIFY_PARAM *b)
-{
-    return strcmp(a->name, b->name);
-}
-
-DECLARE_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM, table);
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM, table);
-
-static int param_cmp(const X509_VERIFY_PARAM *const *a,
-                     const X509_VERIFY_PARAM *const *b)
-{
-    return strcmp((*a)->name, (*b)->name);
-}
-
-int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param)
-{
-    int idx;
-    X509_VERIFY_PARAM *ptmp;
-    if (!param_table) {
-        param_table = sk_X509_VERIFY_PARAM_new(param_cmp);
-        if (!param_table)
-            return 0;
-    } else {
-        idx = sk_X509_VERIFY_PARAM_find(param_table, param);
-        if (idx != -1) {
-            ptmp = sk_X509_VERIFY_PARAM_value(param_table, idx);
-            X509_VERIFY_PARAM_free(ptmp);
-            (void)sk_X509_VERIFY_PARAM_delete(param_table, idx);
-        }
-    }
-    if (!sk_X509_VERIFY_PARAM_push(param_table, param))
-        return 0;
-    return 1;
-}
-
-int X509_VERIFY_PARAM_get_count(void)
-{
-    int num = sizeof(default_table) / sizeof(X509_VERIFY_PARAM);
-    if (param_table)
-        num += sk_X509_VERIFY_PARAM_num(param_table);
-    return num;
-}
-
-const X509_VERIFY_PARAM *X509_VERIFY_PARAM_get0(int id)
-{
-    int num = sizeof(default_table) / sizeof(X509_VERIFY_PARAM);
-    if (id < num)
-        return default_table + id;
-    return sk_X509_VERIFY_PARAM_value(param_table, id - num);
-}
-
-const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name)
-{
-    int idx;
-    X509_VERIFY_PARAM pm;
-
-    pm.name = (char *)name;
-    if (param_table) {
-        idx = sk_X509_VERIFY_PARAM_find(param_table, &pm);
-        if (idx != -1)
-            return sk_X509_VERIFY_PARAM_value(param_table, idx);
-    }
-    return OBJ_bsearch_table(&pm, default_table,
-                             sizeof(default_table) /
-                             sizeof(X509_VERIFY_PARAM));
-}
-
-void X509_VERIFY_PARAM_table_cleanup(void)
-{
-    if (param_table)
-        sk_X509_VERIFY_PARAM_pop_free(param_table, X509_VERIFY_PARAM_free);
-    param_table = NULL;
-}
diff --git a/thirdparty/openssl/crypto/x509/x509cset.c b/thirdparty/openssl/crypto/x509/x509cset.c
deleted file mode 100644
index 24ca35b58b..0000000000
--- a/thirdparty/openssl/crypto/x509/x509cset.c
+++ /dev/null
@@ -1,167 +0,0 @@
-/* crypto/x509/x509cset.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-int X509_CRL_set_version(X509_CRL *x, long version)
-{
-    if (x == NULL)
-        return (0);
-    if (x->crl->version == NULL) {
-        if ((x->crl->version = M_ASN1_INTEGER_new()) == NULL)
-            return (0);
-    }
-    return (ASN1_INTEGER_set(x->crl->version, version));
-}
-
-int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name)
-{
-    if ((x == NULL) || (x->crl == NULL))
-        return (0);
-    return (X509_NAME_set(&x->crl->issuer, name));
-}
-
-int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm)
-{
-    ASN1_TIME *in;
-
-    if (x == NULL)
-        return (0);
-    in = x->crl->lastUpdate;
-    if (in != tm) {
-        in = M_ASN1_TIME_dup(tm);
-        if (in != NULL) {
-            M_ASN1_TIME_free(x->crl->lastUpdate);
-            x->crl->lastUpdate = in;
-        }
-    }
-    return (in != NULL);
-}
-
-int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm)
-{
-    ASN1_TIME *in;
-
-    if (x == NULL)
-        return (0);
-    in = x->crl->nextUpdate;
-    if (in != tm) {
-        in = M_ASN1_TIME_dup(tm);
-        if (in != NULL) {
-            M_ASN1_TIME_free(x->crl->nextUpdate);
-            x->crl->nextUpdate = in;
-        }
-    }
-    return (in != NULL);
-}
-
-int X509_CRL_sort(X509_CRL *c)
-{
-    int i;
-    X509_REVOKED *r;
-    /*
-     * sort the data so it will be written in serial number order
-     */
-    sk_X509_REVOKED_sort(c->crl->revoked);
-    for (i = 0; i < sk_X509_REVOKED_num(c->crl->revoked); i++) {
-        r = sk_X509_REVOKED_value(c->crl->revoked, i);
-        r->sequence = i;
-    }
-    c->crl->enc.modified = 1;
-    return 1;
-}
-
-int X509_REVOKED_set_revocationDate(X509_REVOKED *x, ASN1_TIME *tm)
-{
-    ASN1_TIME *in;
-
-    if (x == NULL)
-        return (0);
-    in = x->revocationDate;
-    if (in != tm) {
-        in = M_ASN1_TIME_dup(tm);
-        if (in != NULL) {
-            M_ASN1_TIME_free(x->revocationDate);
-            x->revocationDate = in;
-        }
-    }
-    return (in != NULL);
-}
-
-int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial)
-{
-    ASN1_INTEGER *in;
-
-    if (x == NULL)
-        return (0);
-    in = x->serialNumber;
-    if (in != serial) {
-        in = M_ASN1_INTEGER_dup(serial);
-        if (in != NULL) {
-            M_ASN1_INTEGER_free(x->serialNumber);
-            x->serialNumber = in;
-        }
-    }
-    return (in != NULL);
-}
diff --git a/thirdparty/openssl/crypto/x509/x509name.c b/thirdparty/openssl/crypto/x509/x509name.c
deleted file mode 100644
index 6ea601f962..0000000000
--- a/thirdparty/openssl/crypto/x509/x509name.c
+++ /dev/null
@@ -1,397 +0,0 @@
-/* crypto/x509/x509name.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/stack.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len)
-{
-    ASN1_OBJECT *obj;
-
-    obj = OBJ_nid2obj(nid);
-    if (obj == NULL)
-        return (-1);
-    return (X509_NAME_get_text_by_OBJ(name, obj, buf, len));
-}
-
-int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf,
-                              int len)
-{
-    int i;
-    ASN1_STRING *data;
-
-    i = X509_NAME_get_index_by_OBJ(name, obj, -1);
-    if (i < 0)
-        return (-1);
-    data = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name, i));
-    i = (data->length > (len - 1)) ? (len - 1) : data->length;
-    if (buf == NULL)
-        return (data->length);
-    memcpy(buf, data->data, i);
-    buf[i] = '\0';
-    return (i);
-}
-
-int X509_NAME_entry_count(X509_NAME *name)
-{
-    if (name == NULL)
-        return (0);
-    return (sk_X509_NAME_ENTRY_num(name->entries));
-}
-
-int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos)
-{
-    ASN1_OBJECT *obj;
-
-    obj = OBJ_nid2obj(nid);
-    if (obj == NULL)
-        return (-2);
-    return (X509_NAME_get_index_by_OBJ(name, obj, lastpos));
-}
-
-/* NOTE: you should be passsing -1, not 0 as lastpos */
-int X509_NAME_get_index_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int lastpos)
-{
-    int n;
-    X509_NAME_ENTRY *ne;
-    STACK_OF(X509_NAME_ENTRY) *sk;
-
-    if (name == NULL)
-        return (-1);
-    if (lastpos < 0)
-        lastpos = -1;
-    sk = name->entries;
-    n = sk_X509_NAME_ENTRY_num(sk);
-    for (lastpos++; lastpos < n; lastpos++) {
-        ne = sk_X509_NAME_ENTRY_value(sk, lastpos);
-        if (OBJ_cmp(ne->object, obj) == 0)
-            return (lastpos);
-    }
-    return (-1);
-}
-
-X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc)
-{
-    if (name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc
-        || loc < 0)
-        return (NULL);
-    else
-        return (sk_X509_NAME_ENTRY_value(name->entries, loc));
-}
-
-X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc)
-{
-    X509_NAME_ENTRY *ret;
-    int i, n, set_prev, set_next;
-    STACK_OF(X509_NAME_ENTRY) *sk;
-
-    if (name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc
-        || loc < 0)
-        return (NULL);
-    sk = name->entries;
-    ret = sk_X509_NAME_ENTRY_delete(sk, loc);
-    n = sk_X509_NAME_ENTRY_num(sk);
-    name->modified = 1;
-    if (loc == n)
-        return (ret);
-
-    /* else we need to fixup the set field */
-    if (loc != 0)
-        set_prev = (sk_X509_NAME_ENTRY_value(sk, loc - 1))->set;
-    else
-        set_prev = ret->set - 1;
-    set_next = sk_X509_NAME_ENTRY_value(sk, loc)->set;
-
-    /*-
-     * set_prev is the previous set
-     * set is the current set
-     * set_next is the following
-     * prev  1 1    1 1     1 1     1 1
-     * set   1      1       2       2
-     * next  1 1    2 2     2 2     3 2
-     * so basically only if prev and next differ by 2, then
-     * re-number down by 1
-     */
-    if (set_prev + 1 < set_next)
-        for (i = loc; i < n; i++)
-            sk_X509_NAME_ENTRY_value(sk, i)->set--;
-    return (ret);
-}
-
-int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,
-                               unsigned char *bytes, int len, int loc,
-                               int set)
-{
-    X509_NAME_ENTRY *ne;
-    int ret;
-    ne = X509_NAME_ENTRY_create_by_OBJ(NULL, obj, type, bytes, len);
-    if (!ne)
-        return 0;
-    ret = X509_NAME_add_entry(name, ne, loc, set);
-    X509_NAME_ENTRY_free(ne);
-    return ret;
-}
-
-int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
-                               unsigned char *bytes, int len, int loc,
-                               int set)
-{
-    X509_NAME_ENTRY *ne;
-    int ret;
-    ne = X509_NAME_ENTRY_create_by_NID(NULL, nid, type, bytes, len);
-    if (!ne)
-        return 0;
-    ret = X509_NAME_add_entry(name, ne, loc, set);
-    X509_NAME_ENTRY_free(ne);
-    return ret;
-}
-
-int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
-                               const unsigned char *bytes, int len, int loc,
-                               int set)
-{
-    X509_NAME_ENTRY *ne;
-    int ret;
-    ne = X509_NAME_ENTRY_create_by_txt(NULL, field, type, bytes, len);
-    if (!ne)
-        return 0;
-    ret = X509_NAME_add_entry(name, ne, loc, set);
-    X509_NAME_ENTRY_free(ne);
-    return ret;
-}
-
-/*
- * if set is -1, append to previous set, 0 'a new one', and 1, prepend to the
- * guy we are about to stomp on.
- */
-int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne, int loc,
-                        int set)
-{
-    X509_NAME_ENTRY *new_name = NULL;
-    int n, i, inc;
-    STACK_OF(X509_NAME_ENTRY) *sk;
-
-    if (name == NULL)
-        return (0);
-    sk = name->entries;
-    n = sk_X509_NAME_ENTRY_num(sk);
-    if (loc > n)
-        loc = n;
-    else if (loc < 0)
-        loc = n;
-
-    name->modified = 1;
-
-    if (set == -1) {
-        if (loc == 0) {
-            set = 0;
-            inc = 1;
-        } else {
-            set = sk_X509_NAME_ENTRY_value(sk, loc - 1)->set;
-            inc = 0;
-        }
-    } else {                    /* if (set >= 0) */
-
-        if (loc >= n) {
-            if (loc != 0)
-                set = sk_X509_NAME_ENTRY_value(sk, loc - 1)->set + 1;
-            else
-                set = 0;
-        } else
-            set = sk_X509_NAME_ENTRY_value(sk, loc)->set;
-        inc = (set == 0) ? 1 : 0;
-    }
-
-    if ((new_name = X509_NAME_ENTRY_dup(ne)) == NULL)
-        goto err;
-    new_name->set = set;
-    if (!sk_X509_NAME_ENTRY_insert(sk, new_name, loc)) {
-        X509err(X509_F_X509_NAME_ADD_ENTRY, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    if (inc) {
-        n = sk_X509_NAME_ENTRY_num(sk);
-        for (i = loc + 1; i < n; i++)
-            sk_X509_NAME_ENTRY_value(sk, i - 1)->set += 1;
-    }
-    return (1);
- err:
-    if (new_name != NULL)
-        X509_NAME_ENTRY_free(new_name);
-    return (0);
-}
-
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
-                                               const char *field, int type,
-                                               const unsigned char *bytes,
-                                               int len)
-{
-    ASN1_OBJECT *obj;
-    X509_NAME_ENTRY *nentry;
-
-    obj = OBJ_txt2obj(field, 0);
-    if (obj == NULL) {
-        X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_TXT,
-                X509_R_INVALID_FIELD_NAME);
-        ERR_add_error_data(2, "name=", field);
-        return (NULL);
-    }
-    nentry = X509_NAME_ENTRY_create_by_OBJ(ne, obj, type, bytes, len);
-    ASN1_OBJECT_free(obj);
-    return nentry;
-}
-
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
-                                               int type, unsigned char *bytes,
-                                               int len)
-{
-    ASN1_OBJECT *obj;
-    X509_NAME_ENTRY *nentry;
-
-    obj = OBJ_nid2obj(nid);
-    if (obj == NULL) {
-        X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID, X509_R_UNKNOWN_NID);
-        return (NULL);
-    }
-    nentry = X509_NAME_ENTRY_create_by_OBJ(ne, obj, type, bytes, len);
-    ASN1_OBJECT_free(obj);
-    return nentry;
-}
-
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
-                                               ASN1_OBJECT *obj, int type,
-                                               const unsigned char *bytes,
-                                               int len)
-{
-    X509_NAME_ENTRY *ret;
-
-    if ((ne == NULL) || (*ne == NULL)) {
-        if ((ret = X509_NAME_ENTRY_new()) == NULL)
-            return (NULL);
-    } else
-        ret = *ne;
-
-    if (!X509_NAME_ENTRY_set_object(ret, obj))
-        goto err;
-    if (!X509_NAME_ENTRY_set_data(ret, type, bytes, len))
-        goto err;
-
-    if ((ne != NULL) && (*ne == NULL))
-        *ne = ret;
-    return (ret);
- err:
-    if ((ne == NULL) || (ret != *ne))
-        X509_NAME_ENTRY_free(ret);
-    return (NULL);
-}
-
-int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj)
-{
-    if ((ne == NULL) || (obj == NULL)) {
-        X509err(X509_F_X509_NAME_ENTRY_SET_OBJECT,
-                ERR_R_PASSED_NULL_PARAMETER);
-        return (0);
-    }
-    ASN1_OBJECT_free(ne->object);
-    ne->object = OBJ_dup(obj);
-    return ((ne->object == NULL) ? 0 : 1);
-}
-
-int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
-                             const unsigned char *bytes, int len)
-{
-    int i;
-
-    if ((ne == NULL) || ((bytes == NULL) && (len != 0)))
-        return (0);
-    if ((type > 0) && (type & MBSTRING_FLAG))
-        return ASN1_STRING_set_by_NID(&ne->value, bytes,
-                                      len, type,
-                                      OBJ_obj2nid(ne->object)) ? 1 : 0;
-    if (len < 0)
-        len = strlen((const char *)bytes);
-    i = ASN1_STRING_set(ne->value, bytes, len);
-    if (!i)
-        return (0);
-    if (type != V_ASN1_UNDEF) {
-        if (type == V_ASN1_APP_CHOOSE)
-            ne->value->type = ASN1_PRINTABLE_type(bytes, len);
-        else
-            ne->value->type = type;
-    }
-    return (1);
-}
-
-ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne)
-{
-    if (ne == NULL)
-        return (NULL);
-    return (ne->object);
-}
-
-ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne)
-{
-    if (ne == NULL)
-        return (NULL);
-    return (ne->value);
-}
diff --git a/thirdparty/openssl/crypto/x509/x509rset.c b/thirdparty/openssl/crypto/x509/x509rset.c
deleted file mode 100644
index 80e273e642..0000000000
--- a/thirdparty/openssl/crypto/x509/x509rset.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* crypto/x509/x509rset.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-int X509_REQ_set_version(X509_REQ *x, long version)
-{
-    if (x == NULL)
-        return (0);
-    return (ASN1_INTEGER_set(x->req_info->version, version));
-}
-
-int X509_REQ_set_subject_name(X509_REQ *x, X509_NAME *name)
-{
-    if ((x == NULL) || (x->req_info == NULL))
-        return (0);
-    return (X509_NAME_set(&x->req_info->subject, name));
-}
-
-int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey)
-{
-    if ((x == NULL) || (x->req_info == NULL))
-        return (0);
-    return (X509_PUBKEY_set(&x->req_info->pubkey, pkey));
-}
diff --git a/thirdparty/openssl/crypto/x509/x509spki.c b/thirdparty/openssl/crypto/x509/x509spki.c
deleted file mode 100644
index 5ae5d30a35..0000000000
--- a/thirdparty/openssl/crypto/x509/x509spki.c
+++ /dev/null
@@ -1,125 +0,0 @@
-/* x509spki.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509.h>
-
-int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey)
-{
-    if ((x == NULL) || (x->spkac == NULL))
-        return (0);
-    return (X509_PUBKEY_set(&(x->spkac->pubkey), pkey));
-}
-
-EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x)
-{
-    if ((x == NULL) || (x->spkac == NULL))
-        return (NULL);
-    return (X509_PUBKEY_get(x->spkac->pubkey));
-}
-
-/* Load a Netscape SPKI from a base64 encoded string */
-
-NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str, int len)
-{
-    unsigned char *spki_der;
-    const unsigned char *p;
-    int spki_len;
-    NETSCAPE_SPKI *spki;
-    if (len <= 0)
-        len = strlen(str);
-    if (!(spki_der = OPENSSL_malloc(len + 1))) {
-        X509err(X509_F_NETSCAPE_SPKI_B64_DECODE, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    spki_len = EVP_DecodeBlock(spki_der, (const unsigned char *)str, len);
-    if (spki_len < 0) {
-        X509err(X509_F_NETSCAPE_SPKI_B64_DECODE, X509_R_BASE64_DECODE_ERROR);
-        OPENSSL_free(spki_der);
-        return NULL;
-    }
-    p = spki_der;
-    spki = d2i_NETSCAPE_SPKI(NULL, &p, spki_len);
-    OPENSSL_free(spki_der);
-    return spki;
-}
-
-/* Generate a base64 encoded string from an SPKI */
-
-char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki)
-{
-    unsigned char *der_spki, *p;
-    char *b64_str;
-    int der_len;
-    der_len = i2d_NETSCAPE_SPKI(spki, NULL);
-    der_spki = OPENSSL_malloc(der_len);
-    b64_str = OPENSSL_malloc(der_len * 2);
-    if (!der_spki || !b64_str) {
-        OPENSSL_free(der_spki);
-        OPENSSL_free(b64_str);
-        X509err(X509_F_NETSCAPE_SPKI_B64_ENCODE, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    p = der_spki;
-    i2d_NETSCAPE_SPKI(spki, &p);
-    EVP_EncodeBlock((unsigned char *)b64_str, der_spki, der_len);
-    OPENSSL_free(der_spki);
-    return b64_str;
-}
diff --git a/thirdparty/openssl/crypto/x509/x509type.c b/thirdparty/openssl/crypto/x509/x509type.c
deleted file mode 100644
index 9219f753bf..0000000000
--- a/thirdparty/openssl/crypto/x509/x509type.c
+++ /dev/null
@@ -1,127 +0,0 @@
-/* crypto/x509/x509type.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int X509_certificate_type(X509 *x, EVP_PKEY *pkey)
-{
-    EVP_PKEY *pk;
-    int ret = 0, i;
-
-    if (x == NULL)
-        return (0);
-
-    if (pkey == NULL)
-        pk = X509_get_pubkey(x);
-    else
-        pk = pkey;
-
-    if (pk == NULL)
-        return (0);
-
-    switch (pk->type) {
-    case EVP_PKEY_RSA:
-        ret = EVP_PK_RSA | EVP_PKT_SIGN;
-/*              if (!sign only extension) */
-        ret |= EVP_PKT_ENC;
-        break;
-    case EVP_PKEY_DSA:
-        ret = EVP_PK_DSA | EVP_PKT_SIGN;
-        break;
-    case EVP_PKEY_EC:
-        ret = EVP_PK_EC | EVP_PKT_SIGN | EVP_PKT_EXCH;
-        break;
-    case EVP_PKEY_DH:
-        ret = EVP_PK_DH | EVP_PKT_EXCH;
-        break;
-    case NID_id_GostR3410_94:
-    case NID_id_GostR3410_2001:
-        ret = EVP_PKT_EXCH | EVP_PKT_SIGN;
-        break;
-    default:
-        break;
-    }
-
-    i = OBJ_obj2nid(x->sig_alg->algorithm);
-    if (i && OBJ_find_sigid_algs(i, NULL, &i)) {
-
-        switch (i) {
-        case NID_rsaEncryption:
-        case NID_rsa:
-            ret |= EVP_PKS_RSA;
-            break;
-        case NID_dsa:
-        case NID_dsa_2:
-            ret |= EVP_PKS_DSA;
-            break;
-        case NID_X9_62_id_ecPublicKey:
-            ret |= EVP_PKS_EC;
-            break;
-        default:
-            break;
-        }
-    }
-
-    if (pkey == NULL)
-        EVP_PKEY_free(pk);
-    return (ret);
-}
diff --git a/thirdparty/openssl/crypto/x509/x_all.c b/thirdparty/openssl/crypto/x509/x_all.c
deleted file mode 100644
index 0f26c546d8..0000000000
--- a/thirdparty/openssl/crypto/x509/x_all.c
+++ /dev/null
@@ -1,558 +0,0 @@
-/* crypto/x509/x_all.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/stack.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include <openssl/asn1.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/ocsp.h>
-#ifndef OPENSSL_NO_RSA
-# include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-#endif
-
-int X509_verify(X509 *a, EVP_PKEY *r)
-{
-    if (X509_ALGOR_cmp(a->sig_alg, a->cert_info->signature))
-        return 0;
-    return (ASN1_item_verify(ASN1_ITEM_rptr(X509_CINF), a->sig_alg,
-                             a->signature, a->cert_info, r));
-}
-
-int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r)
-{
-    return (ASN1_item_verify(ASN1_ITEM_rptr(X509_REQ_INFO),
-                             a->sig_alg, a->signature, a->req_info, r));
-}
-
-int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r)
-{
-    return (ASN1_item_verify(ASN1_ITEM_rptr(NETSCAPE_SPKAC),
-                             a->sig_algor, a->signature, a->spkac, r));
-}
-
-int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
-{
-    x->cert_info->enc.modified = 1;
-    return (ASN1_item_sign(ASN1_ITEM_rptr(X509_CINF), x->cert_info->signature,
-                           x->sig_alg, x->signature, x->cert_info, pkey, md));
-}
-
-int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx)
-{
-    x->cert_info->enc.modified = 1;
-    return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CINF),
-                              x->cert_info->signature,
-                              x->sig_alg, x->signature, x->cert_info, ctx);
-}
-
-int X509_http_nbio(OCSP_REQ_CTX *rctx, X509 **pcert)
-{
-    return OCSP_REQ_CTX_nbio_d2i(rctx,
-                                 (ASN1_VALUE **)pcert, ASN1_ITEM_rptr(X509));
-}
-
-int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
-{
-    return (ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO), x->sig_alg, NULL,
-                           x->signature, x->req_info, pkey, md));
-}
-
-int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx)
-{
-    return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_REQ_INFO),
-                              x->sig_alg, NULL, x->signature, x->req_info,
-                              ctx);
-}
-
-int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md)
-{
-    x->crl->enc.modified = 1;
-    return (ASN1_item_sign(ASN1_ITEM_rptr(X509_CRL_INFO), x->crl->sig_alg,
-                           x->sig_alg, x->signature, x->crl, pkey, md));
-}
-
-int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx)
-{
-    x->crl->enc.modified = 1;
-    return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CRL_INFO),
-                              x->crl->sig_alg, x->sig_alg, x->signature,
-                              x->crl, ctx);
-}
-
-int X509_CRL_http_nbio(OCSP_REQ_CTX *rctx, X509_CRL **pcrl)
-{
-    return OCSP_REQ_CTX_nbio_d2i(rctx,
-                                 (ASN1_VALUE **)pcrl,
-                                 ASN1_ITEM_rptr(X509_CRL));
-}
-
-int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md)
-{
-    return (ASN1_item_sign(ASN1_ITEM_rptr(NETSCAPE_SPKAC), x->sig_algor, NULL,
-                           x->signature, x->spkac, pkey, md));
-}
-
-#ifndef OPENSSL_NO_FP_API
-X509 *d2i_X509_fp(FILE *fp, X509 **x509)
-{
-    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509), fp, x509);
-}
-
-int i2d_X509_fp(FILE *fp, X509 *x509)
-{
-    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509), fp, x509);
-}
-#endif
-
-X509 *d2i_X509_bio(BIO *bp, X509 **x509)
-{
-    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509), bp, x509);
-}
-
-int i2d_X509_bio(BIO *bp, X509 *x509)
-{
-    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509), bp, x509);
-}
-
-#ifndef OPENSSL_NO_FP_API
-X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl)
-{
-    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
-}
-
-int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl)
-{
-    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
-}
-#endif
-
-X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl)
-{
-    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
-}
-
-int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl)
-{
-    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
-}
-
-#ifndef OPENSSL_NO_FP_API
-PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7)
-{
-    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
-}
-
-int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7)
-{
-    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
-}
-#endif
-
-PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7)
-{
-    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
-}
-
-int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7)
-{
-    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
-}
-
-#ifndef OPENSSL_NO_FP_API
-X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req)
-{
-    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
-}
-
-int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req)
-{
-    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
-}
-#endif
-
-X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req)
-{
-    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
-}
-
-int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req)
-{
-    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
-}
-
-#ifndef OPENSSL_NO_RSA
-
-# ifndef OPENSSL_NO_FP_API
-RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa)
-{
-    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
-}
-
-int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa)
-{
-    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
-}
-
-RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa)
-{
-    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
-}
-
-RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa)
-{
-    return ASN1_d2i_fp((void *(*)(void))
-                       RSA_new, (D2I_OF(void)) d2i_RSA_PUBKEY, fp,
-                       (void **)rsa);
-}
-
-int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa)
-{
-    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
-}
-
-int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa)
-{
-    return ASN1_i2d_fp((I2D_OF(void))i2d_RSA_PUBKEY, fp, rsa);
-}
-# endif
-
-RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa)
-{
-    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
-}
-
-int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa)
-{
-    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
-}
-
-RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa)
-{
-    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
-}
-
-RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa)
-{
-    return ASN1_d2i_bio_of(RSA, RSA_new, d2i_RSA_PUBKEY, bp, rsa);
-}
-
-int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa)
-{
-    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
-}
-
-int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa)
-{
-    return ASN1_i2d_bio_of(RSA, i2d_RSA_PUBKEY, bp, rsa);
-}
-#endif
-
-#ifndef OPENSSL_NO_DSA
-# ifndef OPENSSL_NO_FP_API
-DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa)
-{
-    return ASN1_d2i_fp_of(DSA, DSA_new, d2i_DSAPrivateKey, fp, dsa);
-}
-
-int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa)
-{
-    return ASN1_i2d_fp_of_const(DSA, i2d_DSAPrivateKey, fp, dsa);
-}
-
-DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa)
-{
-    return ASN1_d2i_fp_of(DSA, DSA_new, d2i_DSA_PUBKEY, fp, dsa);
-}
-
-int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa)
-{
-    return ASN1_i2d_fp_of(DSA, i2d_DSA_PUBKEY, fp, dsa);
-}
-# endif
-
-DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa)
-{
-    return ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSAPrivateKey, bp, dsa);
-}
-
-int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa)
-{
-    return ASN1_i2d_bio_of_const(DSA, i2d_DSAPrivateKey, bp, dsa);
-}
-
-DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa)
-{
-    return ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSA_PUBKEY, bp, dsa);
-}
-
-int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa)
-{
-    return ASN1_i2d_bio_of(DSA, i2d_DSA_PUBKEY, bp, dsa);
-}
-
-#endif
-
-#ifndef OPENSSL_NO_EC
-# ifndef OPENSSL_NO_FP_API
-EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey)
-{
-    return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, fp, eckey);
-}
-
-int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey)
-{
-    return ASN1_i2d_fp_of(EC_KEY, i2d_EC_PUBKEY, fp, eckey);
-}
-
-EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey)
-{
-    return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, fp, eckey);
-}
-
-int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey)
-{
-    return ASN1_i2d_fp_of(EC_KEY, i2d_ECPrivateKey, fp, eckey);
-}
-# endif
-EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey)
-{
-    return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, bp, eckey);
-}
-
-int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *ecdsa)
-{
-    return ASN1_i2d_bio_of(EC_KEY, i2d_EC_PUBKEY, bp, ecdsa);
-}
-
-EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey)
-{
-    return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, bp, eckey);
-}
-
-int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey)
-{
-    return ASN1_i2d_bio_of(EC_KEY, i2d_ECPrivateKey, bp, eckey);
-}
-#endif
-
-int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
-                       unsigned char *md, unsigned int *len)
-{
-    ASN1_BIT_STRING *key;
-    key = X509_get0_pubkey_bitstr(data);
-    if (!key)
-        return 0;
-    return EVP_Digest(key->data, key->length, md, len, type, NULL);
-}
-
-int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
-                unsigned int *len)
-{
-    return (ASN1_item_digest
-            (ASN1_ITEM_rptr(X509), type, (char *)data, md, len));
-}
-
-int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type,
-                    unsigned char *md, unsigned int *len)
-{
-    return (ASN1_item_digest
-            (ASN1_ITEM_rptr(X509_CRL), type, (char *)data, md, len));
-}
-
-int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
-                    unsigned char *md, unsigned int *len)
-{
-    return (ASN1_item_digest
-            (ASN1_ITEM_rptr(X509_REQ), type, (char *)data, md, len));
-}
-
-int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
-                     unsigned char *md, unsigned int *len)
-{
-    return (ASN1_item_digest
-            (ASN1_ITEM_rptr(X509_NAME), type, (char *)data, md, len));
-}
-
-int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
-                                   const EVP_MD *type, unsigned char *md,
-                                   unsigned int *len)
-{
-    return (ASN1_item_digest(ASN1_ITEM_rptr(PKCS7_ISSUER_AND_SERIAL), type,
-                             (char *)data, md, len));
-}
-
-#ifndef OPENSSL_NO_FP_API
-X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8)
-{
-    return ASN1_d2i_fp_of(X509_SIG, X509_SIG_new, d2i_X509_SIG, fp, p8);
-}
-
-int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8)
-{
-    return ASN1_i2d_fp_of(X509_SIG, i2d_X509_SIG, fp, p8);
-}
-#endif
-
-X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8)
-{
-    return ASN1_d2i_bio_of(X509_SIG, X509_SIG_new, d2i_X509_SIG, bp, p8);
-}
-
-int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8)
-{
-    return ASN1_i2d_bio_of(X509_SIG, i2d_X509_SIG, bp, p8);
-}
-
-#ifndef OPENSSL_NO_FP_API
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
-                                                PKCS8_PRIV_KEY_INFO **p8inf)
-{
-    return ASN1_d2i_fp_of(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_new,
-                          d2i_PKCS8_PRIV_KEY_INFO, fp, p8inf);
-}
-
-int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf)
-{
-    return ASN1_i2d_fp_of(PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO, fp,
-                          p8inf);
-}
-
-int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key)
-{
-    PKCS8_PRIV_KEY_INFO *p8inf;
-    int ret;
-    p8inf = EVP_PKEY2PKCS8(key);
-    if (!p8inf)
-        return 0;
-    ret = i2d_PKCS8_PRIV_KEY_INFO_fp(fp, p8inf);
-    PKCS8_PRIV_KEY_INFO_free(p8inf);
-    return ret;
-}
-
-int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey)
-{
-    return ASN1_i2d_fp_of(EVP_PKEY, i2d_PrivateKey, fp, pkey);
-}
-
-EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a)
-{
-    return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, fp, a);
-}
-
-int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey)
-{
-    return ASN1_i2d_fp_of(EVP_PKEY, i2d_PUBKEY, fp, pkey);
-}
-
-EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a)
-{
-    return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_PUBKEY, fp, a);
-}
-
-#endif
-
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
-                                                 PKCS8_PRIV_KEY_INFO **p8inf)
-{
-    return ASN1_d2i_bio_of(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_new,
-                           d2i_PKCS8_PRIV_KEY_INFO, bp, p8inf);
-}
-
-int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf)
-{
-    return ASN1_i2d_bio_of(PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO, bp,
-                           p8inf);
-}
-
-int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key)
-{
-    PKCS8_PRIV_KEY_INFO *p8inf;
-    int ret;
-    p8inf = EVP_PKEY2PKCS8(key);
-    if (!p8inf)
-        return 0;
-    ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
-    PKCS8_PRIV_KEY_INFO_free(p8inf);
-    return ret;
-}
-
-int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey)
-{
-    return ASN1_i2d_bio_of(EVP_PKEY, i2d_PrivateKey, bp, pkey);
-}
-
-EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a)
-{
-    return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, bp, a);
-}
-
-int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey)
-{
-    return ASN1_i2d_bio_of(EVP_PKEY, i2d_PUBKEY, bp, pkey);
-}
-
-EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a)
-{
-    return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_PUBKEY, bp, a);
-}
diff --git a/thirdparty/openssl/crypto/x509v3/ext_dat.h b/thirdparty/openssl/crypto/x509v3/ext_dat.h
deleted file mode 100644
index c3a6fce752..0000000000
--- a/thirdparty/openssl/crypto/x509v3/ext_dat.h
+++ /dev/null
@@ -1,136 +0,0 @@
-/* ext_dat.h */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* This file contains a table of "standard" extensions */
-
-extern X509V3_EXT_METHOD v3_bcons, v3_nscert, v3_key_usage, v3_ext_ku;
-extern X509V3_EXT_METHOD v3_pkey_usage_period, v3_sxnet, v3_info, v3_sinfo;
-extern X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id;
-extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason, v3_crl_invdate;
-extern X509V3_EXT_METHOD v3_delta_crl, v3_cpols, v3_crld, v3_freshest_crl;
-extern X509V3_EXT_METHOD v3_ocsp_nonce, v3_ocsp_accresp, v3_ocsp_acutoff;
-extern X509V3_EXT_METHOD v3_ocsp_crlid, v3_ocsp_nocheck, v3_ocsp_serviceloc;
-extern X509V3_EXT_METHOD v3_crl_hold, v3_pci;
-extern X509V3_EXT_METHOD v3_policy_mappings, v3_policy_constraints;
-extern X509V3_EXT_METHOD v3_name_constraints, v3_inhibit_anyp, v3_idp;
-extern X509V3_EXT_METHOD v3_addr, v3_asid;
-extern X509V3_EXT_METHOD v3_ct_scts[];
-
-/*
- * This table will be searched using OBJ_bsearch so it *must* kept in order
- * of the ext_nid values.
- */
-
-static const X509V3_EXT_METHOD *standard_exts[] = {
-    &v3_nscert,
-    &v3_ns_ia5_list[0],
-    &v3_ns_ia5_list[1],
-    &v3_ns_ia5_list[2],
-    &v3_ns_ia5_list[3],
-    &v3_ns_ia5_list[4],
-    &v3_ns_ia5_list[5],
-    &v3_ns_ia5_list[6],
-    &v3_skey_id,
-    &v3_key_usage,
-    &v3_pkey_usage_period,
-    &v3_alt[0],
-    &v3_alt[1],
-    &v3_bcons,
-    &v3_crl_num,
-    &v3_cpols,
-    &v3_akey_id,
-    &v3_crld,
-    &v3_ext_ku,
-    &v3_delta_crl,
-    &v3_crl_reason,
-#ifndef OPENSSL_NO_OCSP
-    &v3_crl_invdate,
-#endif
-    &v3_sxnet,
-    &v3_info,
-#ifndef OPENSSL_NO_RFC3779
-    &v3_addr,
-    &v3_asid,
-#endif
-#ifndef OPENSSL_NO_OCSP
-    &v3_ocsp_nonce,
-    &v3_ocsp_crlid,
-    &v3_ocsp_accresp,
-    &v3_ocsp_nocheck,
-    &v3_ocsp_acutoff,
-    &v3_ocsp_serviceloc,
-#endif
-    &v3_sinfo,
-    &v3_policy_constraints,
-#ifndef OPENSSL_NO_OCSP
-    &v3_crl_hold,
-#endif
-    &v3_pci,
-    &v3_name_constraints,
-    &v3_policy_mappings,
-    &v3_inhibit_anyp,
-    &v3_idp,
-    &v3_alt[2],
-    &v3_freshest_crl,
-    &v3_ct_scts[0],
-    &v3_ct_scts[1],
-};
-
-/* Number of standard extensions */
-
-#define STANDARD_EXTENSION_COUNT (sizeof(standard_exts)/sizeof(X509V3_EXT_METHOD *))
diff --git a/thirdparty/openssl/crypto/x509v3/pcy_cache.c b/thirdparty/openssl/crypto/x509v3/pcy_cache.c
deleted file mode 100644
index c8f41f24bc..0000000000
--- a/thirdparty/openssl/crypto/x509v3/pcy_cache.c
+++ /dev/null
@@ -1,269 +0,0 @@
-/* pcy_cache.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#include "pcy_int.h"
-
-static int policy_data_cmp(const X509_POLICY_DATA *const *a,
-                           const X509_POLICY_DATA *const *b);
-static int policy_cache_set_int(long *out, ASN1_INTEGER *value);
-
-/*
- * Set cache entry according to CertificatePolicies extension. Note: this
- * destroys the passed CERTIFICATEPOLICIES structure.
- */
-
-static int policy_cache_create(X509 *x,
-                               CERTIFICATEPOLICIES *policies, int crit)
-{
-    int i;
-    int ret = 0;
-    X509_POLICY_CACHE *cache = x->policy_cache;
-    X509_POLICY_DATA *data = NULL;
-    POLICYINFO *policy;
-    if (sk_POLICYINFO_num(policies) == 0)
-        goto bad_policy;
-    cache->data = sk_X509_POLICY_DATA_new(policy_data_cmp);
-    if (!cache->data)
-        goto bad_policy;
-    for (i = 0; i < sk_POLICYINFO_num(policies); i++) {
-        policy = sk_POLICYINFO_value(policies, i);
-        data = policy_data_new(policy, NULL, crit);
-        if (!data)
-            goto bad_policy;
-        /*
-         * Duplicate policy OIDs are illegal: reject if matches found.
-         */
-        if (OBJ_obj2nid(data->valid_policy) == NID_any_policy) {
-            if (cache->anyPolicy) {
-                ret = -1;
-                goto bad_policy;
-            }
-            cache->anyPolicy = data;
-        } else if (sk_X509_POLICY_DATA_find(cache->data, data) != -1) {
-            ret = -1;
-            goto bad_policy;
-        } else if (!sk_X509_POLICY_DATA_push(cache->data, data))
-            goto bad_policy;
-        data = NULL;
-    }
-    ret = 1;
- bad_policy:
-    if (ret == -1)
-        x->ex_flags |= EXFLAG_INVALID_POLICY;
-    if (data)
-        policy_data_free(data);
-    sk_POLICYINFO_pop_free(policies, POLICYINFO_free);
-    if (ret <= 0) {
-        sk_X509_POLICY_DATA_pop_free(cache->data, policy_data_free);
-        cache->data = NULL;
-    }
-    return ret;
-}
-
-static int policy_cache_new(X509 *x)
-{
-    X509_POLICY_CACHE *cache;
-    ASN1_INTEGER *ext_any = NULL;
-    POLICY_CONSTRAINTS *ext_pcons = NULL;
-    CERTIFICATEPOLICIES *ext_cpols = NULL;
-    POLICY_MAPPINGS *ext_pmaps = NULL;
-    int i;
-    cache = OPENSSL_malloc(sizeof(X509_POLICY_CACHE));
-    if (!cache)
-        return 0;
-    cache->anyPolicy = NULL;
-    cache->data = NULL;
-    cache->any_skip = -1;
-    cache->explicit_skip = -1;
-    cache->map_skip = -1;
-
-    x->policy_cache = cache;
-
-    /*
-     * Handle requireExplicitPolicy *first*. Need to process this even if we
-     * don't have any policies.
-     */
-    ext_pcons = X509_get_ext_d2i(x, NID_policy_constraints, &i, NULL);
-
-    if (!ext_pcons) {
-        if (i != -1)
-            goto bad_cache;
-    } else {
-        if (!ext_pcons->requireExplicitPolicy
-            && !ext_pcons->inhibitPolicyMapping)
-            goto bad_cache;
-        if (!policy_cache_set_int(&cache->explicit_skip,
-                                  ext_pcons->requireExplicitPolicy))
-            goto bad_cache;
-        if (!policy_cache_set_int(&cache->map_skip,
-                                  ext_pcons->inhibitPolicyMapping))
-            goto bad_cache;
-    }
-
-    /* Process CertificatePolicies */
-
-    ext_cpols = X509_get_ext_d2i(x, NID_certificate_policies, &i, NULL);
-    /*
-     * If no CertificatePolicies extension or problem decoding then there is
-     * no point continuing because the valid policies will be NULL.
-     */
-    if (!ext_cpols) {
-        /* If not absent some problem with extension */
-        if (i != -1)
-            goto bad_cache;
-        return 1;
-    }
-
-    i = policy_cache_create(x, ext_cpols, i);
-
-    /* NB: ext_cpols freed by policy_cache_set_policies */
-
-    if (i <= 0)
-        return i;
-
-    ext_pmaps = X509_get_ext_d2i(x, NID_policy_mappings, &i, NULL);
-
-    if (!ext_pmaps) {
-        /* If not absent some problem with extension */
-        if (i != -1)
-            goto bad_cache;
-    } else {
-        i = policy_cache_set_mapping(x, ext_pmaps);
-        if (i <= 0)
-            goto bad_cache;
-    }
-
-    ext_any = X509_get_ext_d2i(x, NID_inhibit_any_policy, &i, NULL);
-
-    if (!ext_any) {
-        if (i != -1)
-            goto bad_cache;
-    } else if (!policy_cache_set_int(&cache->any_skip, ext_any))
-        goto bad_cache;
-
-    if (0) {
- bad_cache:
-        x->ex_flags |= EXFLAG_INVALID_POLICY;
-    }
-
-    if (ext_pcons)
-        POLICY_CONSTRAINTS_free(ext_pcons);
-
-    if (ext_any)
-        ASN1_INTEGER_free(ext_any);
-
-    return 1;
-
-}
-
-void policy_cache_free(X509_POLICY_CACHE *cache)
-{
-    if (!cache)
-        return;
-    if (cache->anyPolicy)
-        policy_data_free(cache->anyPolicy);
-    if (cache->data)
-        sk_X509_POLICY_DATA_pop_free(cache->data, policy_data_free);
-    OPENSSL_free(cache);
-}
-
-const X509_POLICY_CACHE *policy_cache_set(X509 *x)
-{
-
-    if (x->policy_cache == NULL) {
-        CRYPTO_w_lock(CRYPTO_LOCK_X509);
-        policy_cache_new(x);
-        CRYPTO_w_unlock(CRYPTO_LOCK_X509);
-    }
-
-    return x->policy_cache;
-
-}
-
-X509_POLICY_DATA *policy_cache_find_data(const X509_POLICY_CACHE *cache,
-                                         const ASN1_OBJECT *id)
-{
-    int idx;
-    X509_POLICY_DATA tmp;
-    tmp.valid_policy = (ASN1_OBJECT *)id;
-    idx = sk_X509_POLICY_DATA_find(cache->data, &tmp);
-    if (idx == -1)
-        return NULL;
-    return sk_X509_POLICY_DATA_value(cache->data, idx);
-}
-
-static int policy_data_cmp(const X509_POLICY_DATA *const *a,
-                           const X509_POLICY_DATA *const *b)
-{
-    return OBJ_cmp((*a)->valid_policy, (*b)->valid_policy);
-}
-
-static int policy_cache_set_int(long *out, ASN1_INTEGER *value)
-{
-    if (value == NULL)
-        return 1;
-    if (value->type == V_ASN1_NEG_INTEGER)
-        return 0;
-    *out = ASN1_INTEGER_get(value);
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/x509v3/pcy_data.c b/thirdparty/openssl/crypto/x509v3/pcy_data.c
deleted file mode 100644
index 90e9970e46..0000000000
--- a/thirdparty/openssl/crypto/x509v3/pcy_data.c
+++ /dev/null
@@ -1,129 +0,0 @@
-/* pcy_data.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#include "pcy_int.h"
-
-/* Policy Node routines */
-
-void policy_data_free(X509_POLICY_DATA *data)
-{
-    ASN1_OBJECT_free(data->valid_policy);
-    /* Don't free qualifiers if shared */
-    if (!(data->flags & POLICY_DATA_FLAG_SHARED_QUALIFIERS))
-        sk_POLICYQUALINFO_pop_free(data->qualifier_set, POLICYQUALINFO_free);
-    sk_ASN1_OBJECT_pop_free(data->expected_policy_set, ASN1_OBJECT_free);
-    OPENSSL_free(data);
-}
-
-/*
- * Create a data based on an existing policy. If 'id' is NULL use the oid in
- * the policy, otherwise use 'id'. This behaviour covers the two types of
- * data in RFC3280: data with from a CertificatePolcies extension and
- * additional data with just the qualifiers of anyPolicy and ID from another
- * source.
- */
-
-X509_POLICY_DATA *policy_data_new(POLICYINFO *policy,
-                                  const ASN1_OBJECT *cid, int crit)
-{
-    X509_POLICY_DATA *ret;
-    ASN1_OBJECT *id;
-    if (!policy && !cid)
-        return NULL;
-    if (cid) {
-        id = OBJ_dup(cid);
-        if (!id)
-            return NULL;
-    } else
-        id = NULL;
-    ret = OPENSSL_malloc(sizeof(X509_POLICY_DATA));
-    if (!ret)
-        return NULL;
-    ret->expected_policy_set = sk_ASN1_OBJECT_new_null();
-    if (!ret->expected_policy_set) {
-        OPENSSL_free(ret);
-        if (id)
-            ASN1_OBJECT_free(id);
-        return NULL;
-    }
-
-    if (crit)
-        ret->flags = POLICY_DATA_FLAG_CRITICAL;
-    else
-        ret->flags = 0;
-
-    if (id)
-        ret->valid_policy = id;
-    else {
-        ret->valid_policy = policy->policyid;
-        policy->policyid = NULL;
-    }
-
-    if (policy) {
-        ret->qualifier_set = policy->qualifiers;
-        policy->qualifiers = NULL;
-    } else
-        ret->qualifier_set = NULL;
-
-    return ret;
-}
diff --git a/thirdparty/openssl/crypto/x509v3/pcy_int.h b/thirdparty/openssl/crypto/x509v3/pcy_int.h
deleted file mode 100644
index b5075f9edb..0000000000
--- a/thirdparty/openssl/crypto/x509v3/pcy_int.h
+++ /dev/null
@@ -1,217 +0,0 @@
-/* pcy_int.h */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-typedef struct X509_POLICY_DATA_st X509_POLICY_DATA;
-
-DECLARE_STACK_OF(X509_POLICY_DATA)
-
-/* Internal structures */
-
-/*
- * This structure and the field names correspond to the Policy 'node' of
- * RFC3280. NB this structure contains no pointers to parent or child data:
- * X509_POLICY_NODE contains that. This means that the main policy data can
- * be kept static and cached with the certificate.
- */
-
-struct X509_POLICY_DATA_st {
-    unsigned int flags;
-    /* Policy OID and qualifiers for this data */
-    ASN1_OBJECT *valid_policy;
-    STACK_OF(POLICYQUALINFO) *qualifier_set;
-    STACK_OF(ASN1_OBJECT) *expected_policy_set;
-};
-
-/* X509_POLICY_DATA flags values */
-
-/*
- * This flag indicates the structure has been mapped using a policy mapping
- * extension. If policy mapping is not active its references get deleted.
- */
-
-#define POLICY_DATA_FLAG_MAPPED                 0x1
-
-/*
- * This flag indicates the data doesn't correspond to a policy in Certificate
- * Policies: it has been mapped to any policy.
- */
-
-#define POLICY_DATA_FLAG_MAPPED_ANY             0x2
-
-/* AND with flags to see if any mapping has occurred */
-
-#define POLICY_DATA_FLAG_MAP_MASK               0x3
-
-/* qualifiers are shared and shouldn't be freed */
-
-#define POLICY_DATA_FLAG_SHARED_QUALIFIERS      0x4
-
-/* Parent node is an extra node and should be freed */
-
-#define POLICY_DATA_FLAG_EXTRA_NODE             0x8
-
-/* Corresponding CertificatePolicies is critical */
-
-#define POLICY_DATA_FLAG_CRITICAL               0x10
-
-/* This structure is cached with a certificate */
-
-struct X509_POLICY_CACHE_st {
-    /* anyPolicy data or NULL if no anyPolicy */
-    X509_POLICY_DATA *anyPolicy;
-    /* other policy data */
-    STACK_OF(X509_POLICY_DATA) *data;
-    /* If InhibitAnyPolicy present this is its value or -1 if absent. */
-    long any_skip;
-    /*
-     * If policyConstraints and requireExplicitPolicy present this is its
-     * value or -1 if absent.
-     */
-    long explicit_skip;
-    /*
-     * If policyConstraints and policyMapping present this is its value or -1
-     * if absent.
-     */
-    long map_skip;
-};
-
-/*
- * #define POLICY_CACHE_FLAG_CRITICAL POLICY_DATA_FLAG_CRITICAL
- */
-
-/* This structure represents the relationship between nodes */
-
-struct X509_POLICY_NODE_st {
-    /* node data this refers to */
-    const X509_POLICY_DATA *data;
-    /* Parent node */
-    X509_POLICY_NODE *parent;
-    /* Number of child nodes */
-    int nchild;
-};
-
-struct X509_POLICY_LEVEL_st {
-    /* Cert for this level */
-    X509 *cert;
-    /* nodes at this level */
-    STACK_OF(X509_POLICY_NODE) *nodes;
-    /* anyPolicy node */
-    X509_POLICY_NODE *anyPolicy;
-    /* Extra data */
-    /*
-     * STACK_OF(X509_POLICY_DATA) *extra_data;
-     */
-    unsigned int flags;
-};
-
-struct X509_POLICY_TREE_st {
-    /* This is the tree 'level' data */
-    X509_POLICY_LEVEL *levels;
-    int nlevel;
-    /*
-     * Extra policy data when additional nodes (not from the certificate) are
-     * required.
-     */
-    STACK_OF(X509_POLICY_DATA) *extra_data;
-    /* This is the authority constained policy set */
-    STACK_OF(X509_POLICY_NODE) *auth_policies;
-    STACK_OF(X509_POLICY_NODE) *user_policies;
-    unsigned int flags;
-};
-
-/* Set if anyPolicy present in user policies */
-#define POLICY_FLAG_ANY_POLICY          0x2
-
-/* Useful macros */
-
-#define node_data_critical(data) (data->flags & POLICY_DATA_FLAG_CRITICAL)
-#define node_critical(node) node_data_critical(node->data)
-
-/* Internal functions */
-
-X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, const ASN1_OBJECT *id,
-                                  int crit);
-void policy_data_free(X509_POLICY_DATA *data);
-
-X509_POLICY_DATA *policy_cache_find_data(const X509_POLICY_CACHE *cache,
-                                         const ASN1_OBJECT *id);
-int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps);
-
-STACK_OF(X509_POLICY_NODE) *policy_node_cmp_new(void);
-
-void policy_cache_init(void);
-
-void policy_cache_free(X509_POLICY_CACHE *cache);
-
-X509_POLICY_NODE *level_find_node(const X509_POLICY_LEVEL *level,
-                                  const X509_POLICY_NODE *parent,
-                                  const ASN1_OBJECT *id);
-
-X509_POLICY_NODE *tree_find_sk(STACK_OF(X509_POLICY_NODE) *sk,
-                               const ASN1_OBJECT *id);
-
-X509_POLICY_NODE *level_add_node(X509_POLICY_LEVEL *level,
-                                 const X509_POLICY_DATA *data,
-                                 X509_POLICY_NODE *parent,
-                                 X509_POLICY_TREE *tree);
-void policy_node_free(X509_POLICY_NODE *node);
-int policy_node_match(const X509_POLICY_LEVEL *lvl,
-                      const X509_POLICY_NODE *node, const ASN1_OBJECT *oid);
-
-const X509_POLICY_CACHE *policy_cache_set(X509 *x);
diff --git a/thirdparty/openssl/crypto/x509v3/pcy_lib.c b/thirdparty/openssl/crypto/x509v3/pcy_lib.c
deleted file mode 100644
index dbb29835fa..0000000000
--- a/thirdparty/openssl/crypto/x509v3/pcy_lib.c
+++ /dev/null
@@ -1,167 +0,0 @@
-/* pcy_lib.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#include "pcy_int.h"
-
-/* accessor functions */
-
-/* X509_POLICY_TREE stuff */
-
-int X509_policy_tree_level_count(const X509_POLICY_TREE *tree)
-{
-    if (!tree)
-        return 0;
-    return tree->nlevel;
-}
-
-X509_POLICY_LEVEL *X509_policy_tree_get0_level(const X509_POLICY_TREE *tree,
-                                               int i)
-{
-    if (!tree || (i < 0) || (i >= tree->nlevel))
-        return NULL;
-    return tree->levels + i;
-}
-
-STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_policies(const
-                                                           X509_POLICY_TREE
-                                                           *tree)
-{
-    if (!tree)
-        return NULL;
-    return tree->auth_policies;
-}
-
-STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_user_policies(const
-                                                                X509_POLICY_TREE
-                                                                *tree)
-{
-    if (!tree)
-        return NULL;
-    if (tree->flags & POLICY_FLAG_ANY_POLICY)
-        return tree->auth_policies;
-    else
-        return tree->user_policies;
-}
-
-/* X509_POLICY_LEVEL stuff */
-
-int X509_policy_level_node_count(X509_POLICY_LEVEL *level)
-{
-    int n;
-    if (!level)
-        return 0;
-    if (level->anyPolicy)
-        n = 1;
-    else
-        n = 0;
-    if (level->nodes)
-        n += sk_X509_POLICY_NODE_num(level->nodes);
-    return n;
-}
-
-X509_POLICY_NODE *X509_policy_level_get0_node(X509_POLICY_LEVEL *level, int i)
-{
-    if (!level)
-        return NULL;
-    if (level->anyPolicy) {
-        if (i == 0)
-            return level->anyPolicy;
-        i--;
-    }
-    return sk_X509_POLICY_NODE_value(level->nodes, i);
-}
-
-/* X509_POLICY_NODE stuff */
-
-const ASN1_OBJECT *X509_policy_node_get0_policy(const X509_POLICY_NODE *node)
-{
-    if (!node)
-        return NULL;
-    return node->data->valid_policy;
-}
-
-#if 0
-int X509_policy_node_get_critical(const X509_POLICY_NODE *node)
-{
-    if (node_critical(node))
-        return 1;
-    return 0;
-}
-#endif
-
-STACK_OF(POLICYQUALINFO) *X509_policy_node_get0_qualifiers(const
-                                                           X509_POLICY_NODE
-                                                           *node)
-{
-    if (!node)
-        return NULL;
-    return node->data->qualifier_set;
-}
-
-const X509_POLICY_NODE *X509_policy_node_get0_parent(const X509_POLICY_NODE
-                                                     *node)
-{
-    if (!node)
-        return NULL;
-    return node->parent;
-}
diff --git a/thirdparty/openssl/crypto/x509v3/pcy_map.c b/thirdparty/openssl/crypto/x509v3/pcy_map.c
deleted file mode 100644
index b99eb91cf7..0000000000
--- a/thirdparty/openssl/crypto/x509v3/pcy_map.c
+++ /dev/null
@@ -1,130 +0,0 @@
-/* pcy_map.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#include "pcy_int.h"
-
-/*
- * Set policy mapping entries in cache. Note: this modifies the passed
- * POLICY_MAPPINGS structure
- */
-
-int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)
-{
-    POLICY_MAPPING *map;
-    X509_POLICY_DATA *data;
-    X509_POLICY_CACHE *cache = x->policy_cache;
-    int i;
-    int ret = 0;
-    if (sk_POLICY_MAPPING_num(maps) == 0) {
-        ret = -1;
-        goto bad_mapping;
-    }
-    for (i = 0; i < sk_POLICY_MAPPING_num(maps); i++) {
-        map = sk_POLICY_MAPPING_value(maps, i);
-        /* Reject if map to or from anyPolicy */
-        if ((OBJ_obj2nid(map->subjectDomainPolicy) == NID_any_policy)
-            || (OBJ_obj2nid(map->issuerDomainPolicy) == NID_any_policy)) {
-            ret = -1;
-            goto bad_mapping;
-        }
-
-        /* Attempt to find matching policy data */
-        data = policy_cache_find_data(cache, map->issuerDomainPolicy);
-        /* If we don't have anyPolicy can't map */
-        if (!data && !cache->anyPolicy)
-            continue;
-
-        /* Create a NODE from anyPolicy */
-        if (!data) {
-            data = policy_data_new(NULL, map->issuerDomainPolicy,
-                                   cache->anyPolicy->flags
-                                   & POLICY_DATA_FLAG_CRITICAL);
-            if (!data)
-                goto bad_mapping;
-            data->qualifier_set = cache->anyPolicy->qualifier_set;
-            /*
-             * map->issuerDomainPolicy = NULL;
-             */
-            data->flags |= POLICY_DATA_FLAG_MAPPED_ANY;
-            data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS;
-            if (!sk_X509_POLICY_DATA_push(cache->data, data)) {
-                policy_data_free(data);
-                goto bad_mapping;
-            }
-        } else
-            data->flags |= POLICY_DATA_FLAG_MAPPED;
-        if (!sk_ASN1_OBJECT_push(data->expected_policy_set,
-                                 map->subjectDomainPolicy))
-            goto bad_mapping;
-        map->subjectDomainPolicy = NULL;
-
-    }
-
-    ret = 1;
- bad_mapping:
-    if (ret == -1)
-        x->ex_flags |= EXFLAG_INVALID_POLICY;
-    sk_POLICY_MAPPING_pop_free(maps, POLICY_MAPPING_free);
-    return ret;
-
-}
diff --git a/thirdparty/openssl/crypto/x509v3/pcy_node.c b/thirdparty/openssl/crypto/x509v3/pcy_node.c
deleted file mode 100644
index d6c917650a..0000000000
--- a/thirdparty/openssl/crypto/x509v3/pcy_node.c
+++ /dev/null
@@ -1,190 +0,0 @@
-/* pcy_node.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/asn1.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#include "pcy_int.h"
-
-static int node_cmp(const X509_POLICY_NODE *const *a,
-                    const X509_POLICY_NODE *const *b)
-{
-    return OBJ_cmp((*a)->data->valid_policy, (*b)->data->valid_policy);
-}
-
-STACK_OF(X509_POLICY_NODE) *policy_node_cmp_new(void)
-{
-    return sk_X509_POLICY_NODE_new(node_cmp);
-}
-
-X509_POLICY_NODE *tree_find_sk(STACK_OF(X509_POLICY_NODE) *nodes,
-                               const ASN1_OBJECT *id)
-{
-    X509_POLICY_DATA n;
-    X509_POLICY_NODE l;
-    int idx;
-
-    n.valid_policy = (ASN1_OBJECT *)id;
-    l.data = &n;
-
-    idx = sk_X509_POLICY_NODE_find(nodes, &l);
-    if (idx == -1)
-        return NULL;
-
-    return sk_X509_POLICY_NODE_value(nodes, idx);
-
-}
-
-X509_POLICY_NODE *level_find_node(const X509_POLICY_LEVEL *level,
-                                  const X509_POLICY_NODE *parent,
-                                  const ASN1_OBJECT *id)
-{
-    X509_POLICY_NODE *node;
-    int i;
-    for (i = 0; i < sk_X509_POLICY_NODE_num(level->nodes); i++) {
-        node = sk_X509_POLICY_NODE_value(level->nodes, i);
-        if (node->parent == parent) {
-            if (!OBJ_cmp(node->data->valid_policy, id))
-                return node;
-        }
-    }
-    return NULL;
-}
-
-X509_POLICY_NODE *level_add_node(X509_POLICY_LEVEL *level,
-                                 const X509_POLICY_DATA *data,
-                                 X509_POLICY_NODE *parent,
-                                 X509_POLICY_TREE *tree)
-{
-    X509_POLICY_NODE *node;
-    node = OPENSSL_malloc(sizeof(X509_POLICY_NODE));
-    if (!node)
-        return NULL;
-    node->data = data;
-    node->parent = parent;
-    node->nchild = 0;
-    if (level) {
-        if (OBJ_obj2nid(data->valid_policy) == NID_any_policy) {
-            if (level->anyPolicy)
-                goto node_error;
-            level->anyPolicy = node;
-        } else {
-
-            if (!level->nodes)
-                level->nodes = policy_node_cmp_new();
-            if (!level->nodes)
-                goto node_error;
-            if (!sk_X509_POLICY_NODE_push(level->nodes, node))
-                goto node_error;
-        }
-    }
-
-    if (tree) {
-        if (!tree->extra_data)
-            tree->extra_data = sk_X509_POLICY_DATA_new_null();
-        if (!tree->extra_data)
-            goto node_error;
-        if (!sk_X509_POLICY_DATA_push(tree->extra_data, data))
-            goto node_error;
-    }
-
-    if (parent)
-        parent->nchild++;
-
-    return node;
-
- node_error:
-    policy_node_free(node);
-    return 0;
-
-}
-
-void policy_node_free(X509_POLICY_NODE *node)
-{
-    OPENSSL_free(node);
-}
-
-/*
- * See if a policy node matches a policy OID. If mapping enabled look through
- * expected policy set otherwise just valid policy.
- */
-
-int policy_node_match(const X509_POLICY_LEVEL *lvl,
-                      const X509_POLICY_NODE *node, const ASN1_OBJECT *oid)
-{
-    int i;
-    ASN1_OBJECT *policy_oid;
-    const X509_POLICY_DATA *x = node->data;
-
-    if ((lvl->flags & X509_V_FLAG_INHIBIT_MAP)
-        || !(x->flags & POLICY_DATA_FLAG_MAP_MASK)) {
-        if (!OBJ_cmp(x->valid_policy, oid))
-            return 1;
-        return 0;
-    }
-
-    for (i = 0; i < sk_ASN1_OBJECT_num(x->expected_policy_set); i++) {
-        policy_oid = sk_ASN1_OBJECT_value(x->expected_policy_set, i);
-        if (!OBJ_cmp(policy_oid, oid))
-            return 1;
-    }
-    return 0;
-
-}
diff --git a/thirdparty/openssl/crypto/x509v3/pcy_tree.c b/thirdparty/openssl/crypto/x509v3/pcy_tree.c
deleted file mode 100644
index 09b8691c86..0000000000
--- a/thirdparty/openssl/crypto/x509v3/pcy_tree.c
+++ /dev/null
@@ -1,831 +0,0 @@
-/* pcy_tree.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "cryptlib.h"
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#include "pcy_int.h"
-
-/*
- * Enable this to print out the complete policy tree at various point during
- * evaluation.
- */
-
-/*
- * #define OPENSSL_POLICY_DEBUG
- */
-
-#ifdef OPENSSL_POLICY_DEBUG
-
-static void expected_print(BIO *err, X509_POLICY_LEVEL *lev,
-                           X509_POLICY_NODE *node, int indent)
-{
-    if ((lev->flags & X509_V_FLAG_INHIBIT_MAP)
-        || !(node->data->flags & POLICY_DATA_FLAG_MAP_MASK))
-        BIO_puts(err, "  Not Mapped\n");
-    else {
-        int i;
-        STACK_OF(ASN1_OBJECT) *pset = node->data->expected_policy_set;
-        ASN1_OBJECT *oid;
-        BIO_puts(err, "  Expected: ");
-        for (i = 0; i < sk_ASN1_OBJECT_num(pset); i++) {
-            oid = sk_ASN1_OBJECT_value(pset, i);
-            if (i)
-                BIO_puts(err, ", ");
-            i2a_ASN1_OBJECT(err, oid);
-        }
-        BIO_puts(err, "\n");
-    }
-}
-
-static void tree_print(char *str, X509_POLICY_TREE *tree,
-                       X509_POLICY_LEVEL *curr)
-{
-    X509_POLICY_LEVEL *plev;
-    X509_POLICY_NODE *node;
-    int i;
-    BIO *err;
-    err = BIO_new_fp(stderr, BIO_NOCLOSE);
-    if (!curr)
-        curr = tree->levels + tree->nlevel;
-    else
-        curr++;
-    BIO_printf(err, "Level print after %s\n", str);
-    BIO_printf(err, "Printing Up to Level %ld\n", curr - tree->levels);
-    for (plev = tree->levels; plev != curr; plev++) {
-        BIO_printf(err, "Level %ld, flags = %x\n",
-                   plev - tree->levels, plev->flags);
-        for (i = 0; i < sk_X509_POLICY_NODE_num(plev->nodes); i++) {
-            node = sk_X509_POLICY_NODE_value(plev->nodes, i);
-            X509_POLICY_NODE_print(err, node, 2);
-            expected_print(err, plev, node, 2);
-            BIO_printf(err, "  Flags: %x\n", node->data->flags);
-        }
-        if (plev->anyPolicy)
-            X509_POLICY_NODE_print(err, plev->anyPolicy, 2);
-    }
-
-    BIO_free(err);
-
-}
-#else
-
-# define tree_print(a,b,c)      /* */
-
-#endif
-
-/*-
- * Initialize policy tree. Return values:
- *  0 Some internal error occurred.
- * -1 Inconsistent or invalid extensions in certificates.
- *  1 Tree initialized OK.
- *  2 Policy tree is empty.
- *  5 Tree OK and requireExplicitPolicy true.
- *  6 Tree empty and requireExplicitPolicy true.
- */
-
-static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs,
-                     unsigned int flags)
-{
-    X509_POLICY_TREE *tree;
-    X509_POLICY_LEVEL *level;
-    const X509_POLICY_CACHE *cache;
-    X509_POLICY_DATA *data = NULL;
-    X509 *x;
-    int ret = 1;
-    int i, n;
-    int explicit_policy;
-    int any_skip;
-    int map_skip;
-    *ptree = NULL;
-    n = sk_X509_num(certs);
-
-#if 0
-    /* Disable policy mapping for now... */
-    flags |= X509_V_FLAG_INHIBIT_MAP;
-#endif
-
-    if (flags & X509_V_FLAG_EXPLICIT_POLICY)
-        explicit_policy = 0;
-    else
-        explicit_policy = n + 1;
-
-    if (flags & X509_V_FLAG_INHIBIT_ANY)
-        any_skip = 0;
-    else
-        any_skip = n + 1;
-
-    if (flags & X509_V_FLAG_INHIBIT_MAP)
-        map_skip = 0;
-    else
-        map_skip = n + 1;
-
-    /* Can't do anything with just a trust anchor */
-    if (n == 1)
-        return 1;
-    /*
-     * First setup policy cache in all certificates apart from the trust
-     * anchor. Note any bad cache results on the way. Also can calculate
-     * explicit_policy value at this point.
-     */
-    for (i = n - 2; i >= 0; i--) {
-        x = sk_X509_value(certs, i);
-        X509_check_purpose(x, -1, -1);
-        cache = policy_cache_set(x);
-        /* If cache NULL something bad happened: return immediately */
-        if (cache == NULL)
-            return 0;
-        /*
-         * If inconsistent extensions keep a note of it but continue
-         */
-        if (x->ex_flags & EXFLAG_INVALID_POLICY)
-            ret = -1;
-        /*
-         * Otherwise if we have no data (hence no CertificatePolicies) and
-         * haven't already set an inconsistent code note it.
-         */
-        else if ((ret == 1) && !cache->data)
-            ret = 2;
-        if (explicit_policy > 0) {
-            if (!(x->ex_flags & EXFLAG_SI))
-                explicit_policy--;
-            if ((cache->explicit_skip != -1)
-                && (cache->explicit_skip < explicit_policy))
-                explicit_policy = cache->explicit_skip;
-        }
-    }
-
-    if (ret != 1) {
-        if (ret == 2 && !explicit_policy)
-            return 6;
-        return ret;
-    }
-
-    /* If we get this far initialize the tree */
-
-    tree = OPENSSL_malloc(sizeof(X509_POLICY_TREE));
-
-    if (!tree)
-        return 0;
-
-    tree->flags = 0;
-    tree->levels = OPENSSL_malloc(sizeof(X509_POLICY_LEVEL) * n);
-    tree->nlevel = 0;
-    tree->extra_data = NULL;
-    tree->auth_policies = NULL;
-    tree->user_policies = NULL;
-
-    if (!tree->levels) {
-        OPENSSL_free(tree);
-        return 0;
-    }
-
-    memset(tree->levels, 0, n * sizeof(X509_POLICY_LEVEL));
-
-    tree->nlevel = n;
-
-    level = tree->levels;
-
-    /* Root data: initialize to anyPolicy */
-
-    data = policy_data_new(NULL, OBJ_nid2obj(NID_any_policy), 0);
-
-    if (!data || !level_add_node(level, data, NULL, tree))
-        goto bad_tree;
-
-    for (i = n - 2; i >= 0; i--) {
-        level++;
-        x = sk_X509_value(certs, i);
-        cache = policy_cache_set(x);
-        CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
-        level->cert = x;
-
-        if (!cache->anyPolicy)
-            level->flags |= X509_V_FLAG_INHIBIT_ANY;
-
-        /* Determine inhibit any and inhibit map flags */
-        if (any_skip == 0) {
-            /*
-             * Any matching allowed if certificate is self issued and not the
-             * last in the chain.
-             */
-            if (!(x->ex_flags & EXFLAG_SI) || (i == 0))
-                level->flags |= X509_V_FLAG_INHIBIT_ANY;
-        } else {
-            if (!(x->ex_flags & EXFLAG_SI))
-                any_skip--;
-            if ((cache->any_skip >= 0)
-                && (cache->any_skip < any_skip))
-                any_skip = cache->any_skip;
-        }
-
-        if (map_skip == 0)
-            level->flags |= X509_V_FLAG_INHIBIT_MAP;
-        else {
-            if (!(x->ex_flags & EXFLAG_SI))
-                map_skip--;
-            if ((cache->map_skip >= 0)
-                && (cache->map_skip < map_skip))
-                map_skip = cache->map_skip;
-        }
-
-    }
-
-    *ptree = tree;
-
-    if (explicit_policy)
-        return 1;
-    else
-        return 5;
-
- bad_tree:
-
-    X509_policy_tree_free(tree);
-
-    return 0;
-
-}
-
-static int tree_link_matching_nodes(X509_POLICY_LEVEL *curr,
-                                    const X509_POLICY_DATA *data)
-{
-    X509_POLICY_LEVEL *last = curr - 1;
-    X509_POLICY_NODE *node;
-    int i, matched = 0;
-    /* Iterate through all in nodes linking matches */
-    for (i = 0; i < sk_X509_POLICY_NODE_num(last->nodes); i++) {
-        node = sk_X509_POLICY_NODE_value(last->nodes, i);
-        if (policy_node_match(last, node, data->valid_policy)) {
-            if (!level_add_node(curr, data, node, NULL))
-                return 0;
-            matched = 1;
-        }
-    }
-    if (!matched && last->anyPolicy) {
-        if (!level_add_node(curr, data, last->anyPolicy, NULL))
-            return 0;
-    }
-    return 1;
-}
-
-/*
- * This corresponds to RFC3280 6.1.3(d)(1): link any data from
- * CertificatePolicies onto matching parent or anyPolicy if no match.
- */
-
-static int tree_link_nodes(X509_POLICY_LEVEL *curr,
-                           const X509_POLICY_CACHE *cache)
-{
-    int i;
-    X509_POLICY_DATA *data;
-
-    for (i = 0; i < sk_X509_POLICY_DATA_num(cache->data); i++) {
-        data = sk_X509_POLICY_DATA_value(cache->data, i);
-        /*
-         * If a node is mapped any it doesn't have a corresponding
-         * CertificatePolicies entry. However such an identical node would
-         * be created if anyPolicy matching is enabled because there would be
-         * no match with the parent valid_policy_set. So we create link
-         * because then it will have the mapping flags right and we can prune
-         * it later.
-         */
-#if 0
-        if ((data->flags & POLICY_DATA_FLAG_MAPPED_ANY)
-            && !(curr->flags & X509_V_FLAG_INHIBIT_ANY))
-            continue;
-#endif
-        /* Look for matching nodes in previous level */
-        if (!tree_link_matching_nodes(curr, data))
-            return 0;
-    }
-    return 1;
-}
-
-/*
- * This corresponds to RFC3280 6.1.3(d)(2): Create new data for any unmatched
- * policies in the parent and link to anyPolicy.
- */
-
-static int tree_add_unmatched(X509_POLICY_LEVEL *curr,
-                              const X509_POLICY_CACHE *cache,
-                              const ASN1_OBJECT *id,
-                              X509_POLICY_NODE *node, X509_POLICY_TREE *tree)
-{
-    X509_POLICY_DATA *data;
-    if (id == NULL)
-        id = node->data->valid_policy;
-    /*
-     * Create a new node with qualifiers from anyPolicy and id from unmatched
-     * node.
-     */
-    data = policy_data_new(NULL, id, node_critical(node));
-
-    if (data == NULL)
-        return 0;
-    /* Curr may not have anyPolicy */
-    data->qualifier_set = cache->anyPolicy->qualifier_set;
-    data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS;
-    if (!level_add_node(curr, data, node, tree)) {
-        policy_data_free(data);
-        return 0;
-    }
-
-    return 1;
-}
-
-static int tree_link_unmatched(X509_POLICY_LEVEL *curr,
-                               const X509_POLICY_CACHE *cache,
-                               X509_POLICY_NODE *node, X509_POLICY_TREE *tree)
-{
-    const X509_POLICY_LEVEL *last = curr - 1;
-    int i;
-
-    if ((last->flags & X509_V_FLAG_INHIBIT_MAP)
-        || !(node->data->flags & POLICY_DATA_FLAG_MAPPED)) {
-        /* If no policy mapping: matched if one child present */
-        if (node->nchild)
-            return 1;
-        if (!tree_add_unmatched(curr, cache, NULL, node, tree))
-            return 0;
-        /* Add it */
-    } else {
-        /* If mapping: matched if one child per expected policy set */
-        STACK_OF(ASN1_OBJECT) *expset = node->data->expected_policy_set;
-        if (node->nchild == sk_ASN1_OBJECT_num(expset))
-            return 1;
-        /* Locate unmatched nodes */
-        for (i = 0; i < sk_ASN1_OBJECT_num(expset); i++) {
-            ASN1_OBJECT *oid = sk_ASN1_OBJECT_value(expset, i);
-            if (level_find_node(curr, node, oid))
-                continue;
-            if (!tree_add_unmatched(curr, cache, oid, node, tree))
-                return 0;
-        }
-
-    }
-
-    return 1;
-
-}
-
-static int tree_link_any(X509_POLICY_LEVEL *curr,
-                         const X509_POLICY_CACHE *cache,
-                         X509_POLICY_TREE *tree)
-{
-    int i;
-    /*
-     * X509_POLICY_DATA *data;
-     */
-    X509_POLICY_NODE *node;
-    X509_POLICY_LEVEL *last = curr - 1;
-
-    for (i = 0; i < sk_X509_POLICY_NODE_num(last->nodes); i++) {
-        node = sk_X509_POLICY_NODE_value(last->nodes, i);
-
-        if (!tree_link_unmatched(curr, cache, node, tree))
-            return 0;
-
-#if 0
-
-        /*
-         * Skip any node with any children: we only want unmathced nodes.
-         * Note: need something better for policy mapping because each node
-         * may have multiple children
-         */
-        if (node->nchild)
-            continue;
-
-        /*
-         * Create a new node with qualifiers from anyPolicy and id from
-         * unmatched node.
-         */
-        data = policy_data_new(NULL, node->data->valid_policy,
-                               node_critical(node));
-
-        if (data == NULL)
-            return 0;
-        /* Curr may not have anyPolicy */
-        data->qualifier_set = cache->anyPolicy->qualifier_set;
-        data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS;
-        if (!level_add_node(curr, data, node, tree)) {
-            policy_data_free(data);
-            return 0;
-        }
-#endif
-
-    }
-    /* Finally add link to anyPolicy */
-    if (last->anyPolicy) {
-        if (!level_add_node(curr, cache->anyPolicy, last->anyPolicy, NULL))
-            return 0;
-    }
-    return 1;
-}
-
-/*
- * Prune the tree: delete any child mapped child data on the current level
- * then proceed up the tree deleting any data with no children. If we ever
- * have no data on a level we can halt because the tree will be empty.
- */
-
-static int tree_prune(X509_POLICY_TREE *tree, X509_POLICY_LEVEL *curr)
-{
-    STACK_OF(X509_POLICY_NODE) *nodes;
-    X509_POLICY_NODE *node;
-    int i;
-    nodes = curr->nodes;
-    if (curr->flags & X509_V_FLAG_INHIBIT_MAP) {
-        for (i = sk_X509_POLICY_NODE_num(nodes) - 1; i >= 0; i--) {
-            node = sk_X509_POLICY_NODE_value(nodes, i);
-            /* Delete any mapped data: see RFC3280 XXXX */
-            if (node->data->flags & POLICY_DATA_FLAG_MAP_MASK) {
-                node->parent->nchild--;
-                OPENSSL_free(node);
-                (void)sk_X509_POLICY_NODE_delete(nodes, i);
-            }
-        }
-    }
-
-    for (;;) {
-        --curr;
-        nodes = curr->nodes;
-        for (i = sk_X509_POLICY_NODE_num(nodes) - 1; i >= 0; i--) {
-            node = sk_X509_POLICY_NODE_value(nodes, i);
-            if (node->nchild == 0) {
-                node->parent->nchild--;
-                OPENSSL_free(node);
-                (void)sk_X509_POLICY_NODE_delete(nodes, i);
-            }
-        }
-        if (curr->anyPolicy && !curr->anyPolicy->nchild) {
-            if (curr->anyPolicy->parent)
-                curr->anyPolicy->parent->nchild--;
-            OPENSSL_free(curr->anyPolicy);
-            curr->anyPolicy = NULL;
-        }
-        if (curr == tree->levels) {
-            /* If we zapped anyPolicy at top then tree is empty */
-            if (!curr->anyPolicy)
-                return 2;
-            return 1;
-        }
-    }
-
-    return 1;
-
-}
-
-static int tree_add_auth_node(STACK_OF(X509_POLICY_NODE) **pnodes,
-                              X509_POLICY_NODE *pcy)
-{
-    if (!*pnodes) {
-        *pnodes = policy_node_cmp_new();
-        if (!*pnodes)
-            return 0;
-    } else if (sk_X509_POLICY_NODE_find(*pnodes, pcy) != -1)
-        return 1;
-
-    if (!sk_X509_POLICY_NODE_push(*pnodes, pcy))
-        return 0;
-
-    return 1;
-
-}
-
-/*
- * Calculate the authority set based on policy tree. The 'pnodes' parameter
- * is used as a store for the set of policy nodes used to calculate the user
- * set. If the authority set is not anyPolicy then pnodes will just point to
- * the authority set. If however the authority set is anyPolicy then the set
- * of valid policies (other than anyPolicy) is store in pnodes. The return
- * value of '2' is used in this case to indicate that pnodes should be freed.
- */
-
-static int tree_calculate_authority_set(X509_POLICY_TREE *tree,
-                                        STACK_OF(X509_POLICY_NODE) **pnodes)
-{
-    X509_POLICY_LEVEL *curr;
-    X509_POLICY_NODE *node, *anyptr;
-    STACK_OF(X509_POLICY_NODE) **addnodes;
-    int i, j;
-    curr = tree->levels + tree->nlevel - 1;
-
-    /* If last level contains anyPolicy set is anyPolicy */
-    if (curr->anyPolicy) {
-        if (!tree_add_auth_node(&tree->auth_policies, curr->anyPolicy))
-            return 0;
-        addnodes = pnodes;
-    } else
-        /* Add policies to authority set */
-        addnodes = &tree->auth_policies;
-
-    curr = tree->levels;
-    for (i = 1; i < tree->nlevel; i++) {
-        /*
-         * If no anyPolicy node on this this level it can't appear on lower
-         * levels so end search.
-         */
-        if (!(anyptr = curr->anyPolicy))
-            break;
-        curr++;
-        for (j = 0; j < sk_X509_POLICY_NODE_num(curr->nodes); j++) {
-            node = sk_X509_POLICY_NODE_value(curr->nodes, j);
-            if ((node->parent == anyptr)
-                && !tree_add_auth_node(addnodes, node))
-                return 0;
-        }
-    }
-
-    if (addnodes == pnodes)
-        return 2;
-
-    *pnodes = tree->auth_policies;
-
-    return 1;
-}
-
-static int tree_calculate_user_set(X509_POLICY_TREE *tree,
-                                   STACK_OF(ASN1_OBJECT) *policy_oids,
-                                   STACK_OF(X509_POLICY_NODE) *auth_nodes)
-{
-    int i;
-    X509_POLICY_NODE *node;
-    ASN1_OBJECT *oid;
-
-    X509_POLICY_NODE *anyPolicy;
-    X509_POLICY_DATA *extra;
-
-    /*
-     * Check if anyPolicy present in authority constrained policy set: this
-     * will happen if it is a leaf node.
-     */
-
-    if (sk_ASN1_OBJECT_num(policy_oids) <= 0)
-        return 1;
-
-    anyPolicy = tree->levels[tree->nlevel - 1].anyPolicy;
-
-    for (i = 0; i < sk_ASN1_OBJECT_num(policy_oids); i++) {
-        oid = sk_ASN1_OBJECT_value(policy_oids, i);
-        if (OBJ_obj2nid(oid) == NID_any_policy) {
-            tree->flags |= POLICY_FLAG_ANY_POLICY;
-            return 1;
-        }
-    }
-
-    for (i = 0; i < sk_ASN1_OBJECT_num(policy_oids); i++) {
-        oid = sk_ASN1_OBJECT_value(policy_oids, i);
-        node = tree_find_sk(auth_nodes, oid);
-        if (!node) {
-            if (!anyPolicy)
-                continue;
-            /*
-             * Create a new node with policy ID from user set and qualifiers
-             * from anyPolicy.
-             */
-            extra = policy_data_new(NULL, oid, node_critical(anyPolicy));
-            if (!extra)
-                return 0;
-            extra->qualifier_set = anyPolicy->data->qualifier_set;
-            extra->flags = POLICY_DATA_FLAG_SHARED_QUALIFIERS
-                | POLICY_DATA_FLAG_EXTRA_NODE;
-            node = level_add_node(NULL, extra, anyPolicy->parent, tree);
-        }
-        if (!tree->user_policies) {
-            tree->user_policies = sk_X509_POLICY_NODE_new_null();
-            if (!tree->user_policies)
-                return 1;
-        }
-        if (!sk_X509_POLICY_NODE_push(tree->user_policies, node))
-            return 0;
-    }
-    return 1;
-
-}
-
-static int tree_evaluate(X509_POLICY_TREE *tree)
-{
-    int ret, i;
-    X509_POLICY_LEVEL *curr = tree->levels + 1;
-    const X509_POLICY_CACHE *cache;
-
-    for (i = 1; i < tree->nlevel; i++, curr++) {
-        cache = policy_cache_set(curr->cert);
-        if (!tree_link_nodes(curr, cache))
-            return 0;
-
-        if (!(curr->flags & X509_V_FLAG_INHIBIT_ANY)
-            && !tree_link_any(curr, cache, tree))
-            return 0;
-        tree_print("before tree_prune()", tree, curr);
-        ret = tree_prune(tree, curr);
-        if (ret != 1)
-            return ret;
-    }
-
-    return 1;
-
-}
-
-static void exnode_free(X509_POLICY_NODE *node)
-{
-    if (node->data && (node->data->flags & POLICY_DATA_FLAG_EXTRA_NODE))
-        OPENSSL_free(node);
-}
-
-void X509_policy_tree_free(X509_POLICY_TREE *tree)
-{
-    X509_POLICY_LEVEL *curr;
-    int i;
-
-    if (!tree)
-        return;
-
-    sk_X509_POLICY_NODE_free(tree->auth_policies);
-    sk_X509_POLICY_NODE_pop_free(tree->user_policies, exnode_free);
-
-    for (i = 0, curr = tree->levels; i < tree->nlevel; i++, curr++) {
-        if (curr->cert)
-            X509_free(curr->cert);
-        if (curr->nodes)
-            sk_X509_POLICY_NODE_pop_free(curr->nodes, policy_node_free);
-        if (curr->anyPolicy)
-            policy_node_free(curr->anyPolicy);
-    }
-
-    if (tree->extra_data)
-        sk_X509_POLICY_DATA_pop_free(tree->extra_data, policy_data_free);
-
-    OPENSSL_free(tree->levels);
-    OPENSSL_free(tree);
-
-}
-
-/*-
- * Application policy checking function.
- * Return codes:
- *  0   Internal Error.
- *  1   Successful.
- * -1   One or more certificates contain invalid or inconsistent extensions
- * -2   User constrained policy set empty and requireExplicit true.
- */
-
-int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
-                      STACK_OF(X509) *certs,
-                      STACK_OF(ASN1_OBJECT) *policy_oids, unsigned int flags)
-{
-    int ret;
-    X509_POLICY_TREE *tree = NULL;
-    STACK_OF(X509_POLICY_NODE) *nodes, *auth_nodes = NULL;
-    *ptree = NULL;
-
-    *pexplicit_policy = 0;
-    ret = tree_init(&tree, certs, flags);
-
-    switch (ret) {
-
-        /* Tree empty requireExplicit False: OK */
-    case 2:
-        return 1;
-
-        /* Some internal error */
-    case -1:
-        return -1;
-
-        /* Some internal error */
-    case 0:
-        return 0;
-
-        /* Tree empty requireExplicit True: Error */
-
-    case 6:
-        *pexplicit_policy = 1;
-        return -2;
-
-        /* Tree OK requireExplicit True: OK and continue */
-    case 5:
-        *pexplicit_policy = 1;
-        break;
-
-        /* Tree OK: continue */
-
-    case 1:
-        if (!tree)
-            /*
-             * tree_init() returns success and a null tree
-             * if it's just looking at a trust anchor.
-             * I'm not sure that returning success here is
-             * correct, but I'm sure that reporting this
-             * as an internal error which our caller
-             * interprets as a malloc failure is wrong.
-             */
-            return 1;
-        break;
-    }
-
-    if (!tree)
-        goto error;
-    ret = tree_evaluate(tree);
-
-    tree_print("tree_evaluate()", tree, NULL);
-
-    if (ret <= 0)
-        goto error;
-
-    /* Return value 2 means tree empty */
-    if (ret == 2) {
-        X509_policy_tree_free(tree);
-        if (*pexplicit_policy)
-            return -2;
-        else
-            return 1;
-    }
-
-    /* Tree is not empty: continue */
-
-    ret = tree_calculate_authority_set(tree, &auth_nodes);
-
-    if (!ret)
-        goto error;
-
-    if (!tree_calculate_user_set(tree, policy_oids, auth_nodes))
-        goto error;
-
-    if (ret == 2)
-        sk_X509_POLICY_NODE_free(auth_nodes);
-
-    if (tree)
-        *ptree = tree;
-
-    if (*pexplicit_policy) {
-        nodes = X509_policy_tree_get0_user_policies(tree);
-        if (sk_X509_POLICY_NODE_num(nodes) <= 0)
-            return -2;
-    }
-
-    return 1;
-
- error:
-
-    X509_policy_tree_free(tree);
-
-    return 0;
-
-}
diff --git a/thirdparty/openssl/crypto/x509v3/v3_addr.c b/thirdparty/openssl/crypto/x509v3/v3_addr.c
deleted file mode 100644
index 1290dec9bb..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_addr.c
+++ /dev/null
@@ -1,1350 +0,0 @@
-/*
- * Contributed to the OpenSSL Project by the American Registry for
- * Internet Numbers ("ARIN").
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- */
-
-/*
- * Implementation of RFC 3779 section 2.2.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/buffer.h>
-#include <openssl/x509v3.h>
-
-#ifndef OPENSSL_NO_RFC3779
-
-/*
- * OpenSSL ASN.1 template translation of RFC 3779 2.2.3.
- */
-
-ASN1_SEQUENCE(IPAddressRange) = {
-  ASN1_SIMPLE(IPAddressRange, min, ASN1_BIT_STRING),
-  ASN1_SIMPLE(IPAddressRange, max, ASN1_BIT_STRING)
-} ASN1_SEQUENCE_END(IPAddressRange)
-
-ASN1_CHOICE(IPAddressOrRange) = {
-  ASN1_SIMPLE(IPAddressOrRange, u.addressPrefix, ASN1_BIT_STRING),
-  ASN1_SIMPLE(IPAddressOrRange, u.addressRange,  IPAddressRange)
-} ASN1_CHOICE_END(IPAddressOrRange)
-
-ASN1_CHOICE(IPAddressChoice) = {
-  ASN1_SIMPLE(IPAddressChoice,      u.inherit,           ASN1_NULL),
-  ASN1_SEQUENCE_OF(IPAddressChoice, u.addressesOrRanges, IPAddressOrRange)
-} ASN1_CHOICE_END(IPAddressChoice)
-
-ASN1_SEQUENCE(IPAddressFamily) = {
-  ASN1_SIMPLE(IPAddressFamily, addressFamily,   ASN1_OCTET_STRING),
-  ASN1_SIMPLE(IPAddressFamily, ipAddressChoice, IPAddressChoice)
-} ASN1_SEQUENCE_END(IPAddressFamily)
-
-ASN1_ITEM_TEMPLATE(IPAddrBlocks) =
-  ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0,
-                        IPAddrBlocks, IPAddressFamily)
-ASN1_ITEM_TEMPLATE_END(IPAddrBlocks)
-
-IMPLEMENT_ASN1_FUNCTIONS(IPAddressRange)
-IMPLEMENT_ASN1_FUNCTIONS(IPAddressOrRange)
-IMPLEMENT_ASN1_FUNCTIONS(IPAddressChoice)
-IMPLEMENT_ASN1_FUNCTIONS(IPAddressFamily)
-
-/*
- * How much buffer space do we need for a raw address?
- */
-# define ADDR_RAW_BUF_LEN        16
-
-/*
- * What's the address length associated with this AFI?
- */
-static int length_from_afi(const unsigned afi)
-{
-    switch (afi) {
-    case IANA_AFI_IPV4:
-        return 4;
-    case IANA_AFI_IPV6:
-        return 16;
-    default:
-        return 0;
-    }
-}
-
-/*
- * Extract the AFI from an IPAddressFamily.
- */
-unsigned int v3_addr_get_afi(const IPAddressFamily *f)
-{
-    return ((f != NULL &&
-             f->addressFamily != NULL && f->addressFamily->data != NULL)
-            ? ((f->addressFamily->data[0] << 8) | (f->addressFamily->data[1]))
-            : 0);
-}
-
-/*
- * Expand the bitstring form of an address into a raw byte array.
- * At the moment this is coded for simplicity, not speed.
- */
-static int addr_expand(unsigned char *addr,
-                       const ASN1_BIT_STRING *bs,
-                       const int length, const unsigned char fill)
-{
-    if (bs->length < 0 || bs->length > length)
-        return 0;
-    if (bs->length > 0) {
-        memcpy(addr, bs->data, bs->length);
-        if ((bs->flags & 7) != 0) {
-            unsigned char mask = 0xFF >> (8 - (bs->flags & 7));
-            if (fill == 0)
-                addr[bs->length - 1] &= ~mask;
-            else
-                addr[bs->length - 1] |= mask;
-        }
-    }
-    memset(addr + bs->length, fill, length - bs->length);
-    return 1;
-}
-
-/*
- * Extract the prefix length from a bitstring.
- */
-# define addr_prefixlen(bs) ((int) ((bs)->length * 8 - ((bs)->flags & 7)))
-
-/*
- * i2r handler for one address bitstring.
- */
-static int i2r_address(BIO *out,
-                       const unsigned afi,
-                       const unsigned char fill, const ASN1_BIT_STRING *bs)
-{
-    unsigned char addr[ADDR_RAW_BUF_LEN];
-    int i, n;
-
-    if (bs->length < 0)
-        return 0;
-    switch (afi) {
-    case IANA_AFI_IPV4:
-        if (!addr_expand(addr, bs, 4, fill))
-            return 0;
-        BIO_printf(out, "%d.%d.%d.%d", addr[0], addr[1], addr[2], addr[3]);
-        break;
-    case IANA_AFI_IPV6:
-        if (!addr_expand(addr, bs, 16, fill))
-            return 0;
-        for (n = 16; n > 1 && addr[n - 1] == 0x00 && addr[n - 2] == 0x00;
-             n -= 2) ;
-        for (i = 0; i < n; i += 2)
-            BIO_printf(out, "%x%s", (addr[i] << 8) | addr[i + 1],
-                       (i < 14 ? ":" : ""));
-        if (i < 16)
-            BIO_puts(out, ":");
-        if (i == 0)
-            BIO_puts(out, ":");
-        break;
-    default:
-        for (i = 0; i < bs->length; i++)
-            BIO_printf(out, "%s%02x", (i > 0 ? ":" : ""), bs->data[i]);
-        BIO_printf(out, "[%d]", (int)(bs->flags & 7));
-        break;
-    }
-    return 1;
-}
-
-/*
- * i2r handler for a sequence of addresses and ranges.
- */
-static int i2r_IPAddressOrRanges(BIO *out,
-                                 const int indent,
-                                 const IPAddressOrRanges *aors,
-                                 const unsigned afi)
-{
-    int i;
-    for (i = 0; i < sk_IPAddressOrRange_num(aors); i++) {
-        const IPAddressOrRange *aor = sk_IPAddressOrRange_value(aors, i);
-        BIO_printf(out, "%*s", indent, "");
-        switch (aor->type) {
-        case IPAddressOrRange_addressPrefix:
-            if (!i2r_address(out, afi, 0x00, aor->u.addressPrefix))
-                return 0;
-            BIO_printf(out, "/%d\n", addr_prefixlen(aor->u.addressPrefix));
-            continue;
-        case IPAddressOrRange_addressRange:
-            if (!i2r_address(out, afi, 0x00, aor->u.addressRange->min))
-                return 0;
-            BIO_puts(out, "-");
-            if (!i2r_address(out, afi, 0xFF, aor->u.addressRange->max))
-                return 0;
-            BIO_puts(out, "\n");
-            continue;
-        }
-    }
-    return 1;
-}
-
-/*
- * i2r handler for an IPAddrBlocks extension.
- */
-static int i2r_IPAddrBlocks(const X509V3_EXT_METHOD *method,
-                            void *ext, BIO *out, int indent)
-{
-    const IPAddrBlocks *addr = ext;
-    int i;
-    for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
-        IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
-        const unsigned int afi = v3_addr_get_afi(f);
-        switch (afi) {
-        case IANA_AFI_IPV4:
-            BIO_printf(out, "%*sIPv4", indent, "");
-            break;
-        case IANA_AFI_IPV6:
-            BIO_printf(out, "%*sIPv6", indent, "");
-            break;
-        default:
-            BIO_printf(out, "%*sUnknown AFI %u", indent, "", afi);
-            break;
-        }
-        if (f->addressFamily->length > 2) {
-            switch (f->addressFamily->data[2]) {
-            case 1:
-                BIO_puts(out, " (Unicast)");
-                break;
-            case 2:
-                BIO_puts(out, " (Multicast)");
-                break;
-            case 3:
-                BIO_puts(out, " (Unicast/Multicast)");
-                break;
-            case 4:
-                BIO_puts(out, " (MPLS)");
-                break;
-            case 64:
-                BIO_puts(out, " (Tunnel)");
-                break;
-            case 65:
-                BIO_puts(out, " (VPLS)");
-                break;
-            case 66:
-                BIO_puts(out, " (BGP MDT)");
-                break;
-            case 128:
-                BIO_puts(out, " (MPLS-labeled VPN)");
-                break;
-            default:
-                BIO_printf(out, " (Unknown SAFI %u)",
-                           (unsigned)f->addressFamily->data[2]);
-                break;
-            }
-        }
-        switch (f->ipAddressChoice->type) {
-        case IPAddressChoice_inherit:
-            BIO_puts(out, ": inherit\n");
-            break;
-        case IPAddressChoice_addressesOrRanges:
-            BIO_puts(out, ":\n");
-            if (!i2r_IPAddressOrRanges(out,
-                                       indent + 2,
-                                       f->ipAddressChoice->
-                                       u.addressesOrRanges, afi))
-                return 0;
-            break;
-        }
-    }
-    return 1;
-}
-
-/*
- * Sort comparison function for a sequence of IPAddressOrRange
- * elements.
- *
- * There's no sane answer we can give if addr_expand() fails, and an
- * assertion failure on externally supplied data is seriously uncool,
- * so we just arbitrarily declare that if given invalid inputs this
- * function returns -1.  If this messes up your preferred sort order
- * for garbage input, tough noogies.
- */
-static int IPAddressOrRange_cmp(const IPAddressOrRange *a,
-                                const IPAddressOrRange *b, const int length)
-{
-    unsigned char addr_a[ADDR_RAW_BUF_LEN], addr_b[ADDR_RAW_BUF_LEN];
-    int prefixlen_a = 0, prefixlen_b = 0;
-    int r;
-
-    switch (a->type) {
-    case IPAddressOrRange_addressPrefix:
-        if (!addr_expand(addr_a, a->u.addressPrefix, length, 0x00))
-            return -1;
-        prefixlen_a = addr_prefixlen(a->u.addressPrefix);
-        break;
-    case IPAddressOrRange_addressRange:
-        if (!addr_expand(addr_a, a->u.addressRange->min, length, 0x00))
-            return -1;
-        prefixlen_a = length * 8;
-        break;
-    }
-
-    switch (b->type) {
-    case IPAddressOrRange_addressPrefix:
-        if (!addr_expand(addr_b, b->u.addressPrefix, length, 0x00))
-            return -1;
-        prefixlen_b = addr_prefixlen(b->u.addressPrefix);
-        break;
-    case IPAddressOrRange_addressRange:
-        if (!addr_expand(addr_b, b->u.addressRange->min, length, 0x00))
-            return -1;
-        prefixlen_b = length * 8;
-        break;
-    }
-
-    if ((r = memcmp(addr_a, addr_b, length)) != 0)
-        return r;
-    else
-        return prefixlen_a - prefixlen_b;
-}
-
-/*
- * IPv4-specific closure over IPAddressOrRange_cmp, since sk_sort()
- * comparision routines are only allowed two arguments.
- */
-static int v4IPAddressOrRange_cmp(const IPAddressOrRange *const *a,
-                                  const IPAddressOrRange *const *b)
-{
-    return IPAddressOrRange_cmp(*a, *b, 4);
-}
-
-/*
- * IPv6-specific closure over IPAddressOrRange_cmp, since sk_sort()
- * comparision routines are only allowed two arguments.
- */
-static int v6IPAddressOrRange_cmp(const IPAddressOrRange *const *a,
-                                  const IPAddressOrRange *const *b)
-{
-    return IPAddressOrRange_cmp(*a, *b, 16);
-}
-
-/*
- * Calculate whether a range collapses to a prefix.
- * See last paragraph of RFC 3779 2.2.3.7.
- */
-static int range_should_be_prefix(const unsigned char *min,
-                                  const unsigned char *max, const int length)
-{
-    unsigned char mask;
-    int i, j;
-
-    OPENSSL_assert(memcmp(min, max, length) <= 0);
-    for (i = 0; i < length && min[i] == max[i]; i++) ;
-    for (j = length - 1; j >= 0 && min[j] == 0x00 && max[j] == 0xFF; j--) ;
-    if (i < j)
-        return -1;
-    if (i > j)
-        return i * 8;
-    mask = min[i] ^ max[i];
-    switch (mask) {
-    case 0x01:
-        j = 7;
-        break;
-    case 0x03:
-        j = 6;
-        break;
-    case 0x07:
-        j = 5;
-        break;
-    case 0x0F:
-        j = 4;
-        break;
-    case 0x1F:
-        j = 3;
-        break;
-    case 0x3F:
-        j = 2;
-        break;
-    case 0x7F:
-        j = 1;
-        break;
-    default:
-        return -1;
-    }
-    if ((min[i] & mask) != 0 || (max[i] & mask) != mask)
-        return -1;
-    else
-        return i * 8 + j;
-}
-
-/*
- * Construct a prefix.
- */
-static int make_addressPrefix(IPAddressOrRange **result,
-                              unsigned char *addr, const int prefixlen)
-{
-    int bytelen = (prefixlen + 7) / 8, bitlen = prefixlen % 8;
-    IPAddressOrRange *aor = IPAddressOrRange_new();
-
-    if (aor == NULL)
-        return 0;
-    aor->type = IPAddressOrRange_addressPrefix;
-    if (aor->u.addressPrefix == NULL &&
-        (aor->u.addressPrefix = ASN1_BIT_STRING_new()) == NULL)
-        goto err;
-    if (!ASN1_BIT_STRING_set(aor->u.addressPrefix, addr, bytelen))
-        goto err;
-    aor->u.addressPrefix->flags &= ~7;
-    aor->u.addressPrefix->flags |= ASN1_STRING_FLAG_BITS_LEFT;
-    if (bitlen > 0) {
-        aor->u.addressPrefix->data[bytelen - 1] &= ~(0xFF >> bitlen);
-        aor->u.addressPrefix->flags |= 8 - bitlen;
-    }
-
-    *result = aor;
-    return 1;
-
- err:
-    IPAddressOrRange_free(aor);
-    return 0;
-}
-
-/*
- * Construct a range.  If it can be expressed as a prefix,
- * return a prefix instead.  Doing this here simplifies
- * the rest of the code considerably.
- */
-static int make_addressRange(IPAddressOrRange **result,
-                             unsigned char *min,
-                             unsigned char *max, const int length)
-{
-    IPAddressOrRange *aor;
-    int i, prefixlen;
-
-    if ((prefixlen = range_should_be_prefix(min, max, length)) >= 0)
-        return make_addressPrefix(result, min, prefixlen);
-
-    if ((aor = IPAddressOrRange_new()) == NULL)
-        return 0;
-    aor->type = IPAddressOrRange_addressRange;
-    OPENSSL_assert(aor->u.addressRange == NULL);
-    if ((aor->u.addressRange = IPAddressRange_new()) == NULL)
-        goto err;
-    if (aor->u.addressRange->min == NULL &&
-        (aor->u.addressRange->min = ASN1_BIT_STRING_new()) == NULL)
-        goto err;
-    if (aor->u.addressRange->max == NULL &&
-        (aor->u.addressRange->max = ASN1_BIT_STRING_new()) == NULL)
-        goto err;
-
-    for (i = length; i > 0 && min[i - 1] == 0x00; --i) ;
-    if (!ASN1_BIT_STRING_set(aor->u.addressRange->min, min, i))
-        goto err;
-    aor->u.addressRange->min->flags &= ~7;
-    aor->u.addressRange->min->flags |= ASN1_STRING_FLAG_BITS_LEFT;
-    if (i > 0) {
-        unsigned char b = min[i - 1];
-        int j = 1;
-        while ((b & (0xFFU >> j)) != 0)
-            ++j;
-        aor->u.addressRange->min->flags |= 8 - j;
-    }
-
-    for (i = length; i > 0 && max[i - 1] == 0xFF; --i) ;
-    if (!ASN1_BIT_STRING_set(aor->u.addressRange->max, max, i))
-        goto err;
-    aor->u.addressRange->max->flags &= ~7;
-    aor->u.addressRange->max->flags |= ASN1_STRING_FLAG_BITS_LEFT;
-    if (i > 0) {
-        unsigned char b = max[i - 1];
-        int j = 1;
-        while ((b & (0xFFU >> j)) != (0xFFU >> j))
-            ++j;
-        aor->u.addressRange->max->flags |= 8 - j;
-    }
-
-    *result = aor;
-    return 1;
-
- err:
-    IPAddressOrRange_free(aor);
-    return 0;
-}
-
-/*
- * Construct a new address family or find an existing one.
- */
-static IPAddressFamily *make_IPAddressFamily(IPAddrBlocks *addr,
-                                             const unsigned afi,
-                                             const unsigned *safi)
-{
-    IPAddressFamily *f;
-    unsigned char key[3];
-    unsigned keylen;
-    int i;
-
-    key[0] = (afi >> 8) & 0xFF;
-    key[1] = afi & 0xFF;
-    if (safi != NULL) {
-        key[2] = *safi & 0xFF;
-        keylen = 3;
-    } else {
-        keylen = 2;
-    }
-
-    for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
-        f = sk_IPAddressFamily_value(addr, i);
-        OPENSSL_assert(f->addressFamily->data != NULL);
-        if (f->addressFamily->length == keylen &&
-            !memcmp(f->addressFamily->data, key, keylen))
-            return f;
-    }
-
-    if ((f = IPAddressFamily_new()) == NULL)
-        goto err;
-    if (f->ipAddressChoice == NULL &&
-        (f->ipAddressChoice = IPAddressChoice_new()) == NULL)
-        goto err;
-    if (f->addressFamily == NULL &&
-        (f->addressFamily = ASN1_OCTET_STRING_new()) == NULL)
-        goto err;
-    if (!ASN1_OCTET_STRING_set(f->addressFamily, key, keylen))
-        goto err;
-    if (!sk_IPAddressFamily_push(addr, f))
-        goto err;
-
-    return f;
-
- err:
-    IPAddressFamily_free(f);
-    return NULL;
-}
-
-/*
- * Add an inheritance element.
- */
-int v3_addr_add_inherit(IPAddrBlocks *addr,
-                        const unsigned afi, const unsigned *safi)
-{
-    IPAddressFamily *f = make_IPAddressFamily(addr, afi, safi);
-    if (f == NULL ||
-        f->ipAddressChoice == NULL ||
-        (f->ipAddressChoice->type == IPAddressChoice_addressesOrRanges &&
-         f->ipAddressChoice->u.addressesOrRanges != NULL))
-        return 0;
-    if (f->ipAddressChoice->type == IPAddressChoice_inherit &&
-        f->ipAddressChoice->u.inherit != NULL)
-        return 1;
-    if (f->ipAddressChoice->u.inherit == NULL &&
-        (f->ipAddressChoice->u.inherit = ASN1_NULL_new()) == NULL)
-        return 0;
-    f->ipAddressChoice->type = IPAddressChoice_inherit;
-    return 1;
-}
-
-/*
- * Construct an IPAddressOrRange sequence, or return an existing one.
- */
-static IPAddressOrRanges *make_prefix_or_range(IPAddrBlocks *addr,
-                                               const unsigned afi,
-                                               const unsigned *safi)
-{
-    IPAddressFamily *f = make_IPAddressFamily(addr, afi, safi);
-    IPAddressOrRanges *aors = NULL;
-
-    if (f == NULL ||
-        f->ipAddressChoice == NULL ||
-        (f->ipAddressChoice->type == IPAddressChoice_inherit &&
-         f->ipAddressChoice->u.inherit != NULL))
-        return NULL;
-    if (f->ipAddressChoice->type == IPAddressChoice_addressesOrRanges)
-        aors = f->ipAddressChoice->u.addressesOrRanges;
-    if (aors != NULL)
-        return aors;
-    if ((aors = sk_IPAddressOrRange_new_null()) == NULL)
-        return NULL;
-    switch (afi) {
-    case IANA_AFI_IPV4:
-        (void)sk_IPAddressOrRange_set_cmp_func(aors, v4IPAddressOrRange_cmp);
-        break;
-    case IANA_AFI_IPV6:
-        (void)sk_IPAddressOrRange_set_cmp_func(aors, v6IPAddressOrRange_cmp);
-        break;
-    }
-    f->ipAddressChoice->type = IPAddressChoice_addressesOrRanges;
-    f->ipAddressChoice->u.addressesOrRanges = aors;
-    return aors;
-}
-
-/*
- * Add a prefix.
- */
-int v3_addr_add_prefix(IPAddrBlocks *addr,
-                       const unsigned afi,
-                       const unsigned *safi,
-                       unsigned char *a, const int prefixlen)
-{
-    IPAddressOrRanges *aors = make_prefix_or_range(addr, afi, safi);
-    IPAddressOrRange *aor;
-    if (aors == NULL || !make_addressPrefix(&aor, a, prefixlen))
-        return 0;
-    if (sk_IPAddressOrRange_push(aors, aor))
-        return 1;
-    IPAddressOrRange_free(aor);
-    return 0;
-}
-
-/*
- * Add a range.
- */
-int v3_addr_add_range(IPAddrBlocks *addr,
-                      const unsigned afi,
-                      const unsigned *safi,
-                      unsigned char *min, unsigned char *max)
-{
-    IPAddressOrRanges *aors = make_prefix_or_range(addr, afi, safi);
-    IPAddressOrRange *aor;
-    int length = length_from_afi(afi);
-    if (aors == NULL)
-        return 0;
-    if (!make_addressRange(&aor, min, max, length))
-        return 0;
-    if (sk_IPAddressOrRange_push(aors, aor))
-        return 1;
-    IPAddressOrRange_free(aor);
-    return 0;
-}
-
-/*
- * Extract min and max values from an IPAddressOrRange.
- */
-static int extract_min_max(IPAddressOrRange *aor,
-                           unsigned char *min, unsigned char *max, int length)
-{
-    if (aor == NULL || min == NULL || max == NULL)
-        return 0;
-    switch (aor->type) {
-    case IPAddressOrRange_addressPrefix:
-        return (addr_expand(min, aor->u.addressPrefix, length, 0x00) &&
-                addr_expand(max, aor->u.addressPrefix, length, 0xFF));
-    case IPAddressOrRange_addressRange:
-        return (addr_expand(min, aor->u.addressRange->min, length, 0x00) &&
-                addr_expand(max, aor->u.addressRange->max, length, 0xFF));
-    }
-    return 0;
-}
-
-/*
- * Public wrapper for extract_min_max().
- */
-int v3_addr_get_range(IPAddressOrRange *aor,
-                      const unsigned afi,
-                      unsigned char *min,
-                      unsigned char *max, const int length)
-{
-    int afi_length = length_from_afi(afi);
-    if (aor == NULL || min == NULL || max == NULL ||
-        afi_length == 0 || length < afi_length ||
-        (aor->type != IPAddressOrRange_addressPrefix &&
-         aor->type != IPAddressOrRange_addressRange) ||
-        !extract_min_max(aor, min, max, afi_length))
-        return 0;
-
-    return afi_length;
-}
-
-/*
- * Sort comparision function for a sequence of IPAddressFamily.
- *
- * The last paragraph of RFC 3779 2.2.3.3 is slightly ambiguous about
- * the ordering: I can read it as meaning that IPv6 without a SAFI
- * comes before IPv4 with a SAFI, which seems pretty weird.  The
- * examples in appendix B suggest that the author intended the
- * null-SAFI rule to apply only within a single AFI, which is what I
- * would have expected and is what the following code implements.
- */
-static int IPAddressFamily_cmp(const IPAddressFamily *const *a_,
-                               const IPAddressFamily *const *b_)
-{
-    const ASN1_OCTET_STRING *a = (*a_)->addressFamily;
-    const ASN1_OCTET_STRING *b = (*b_)->addressFamily;
-    int len = ((a->length <= b->length) ? a->length : b->length);
-    int cmp = memcmp(a->data, b->data, len);
-    return cmp ? cmp : a->length - b->length;
-}
-
-/*
- * Check whether an IPAddrBLocks is in canonical form.
- */
-int v3_addr_is_canonical(IPAddrBlocks *addr)
-{
-    unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN];
-    unsigned char b_min[ADDR_RAW_BUF_LEN], b_max[ADDR_RAW_BUF_LEN];
-    IPAddressOrRanges *aors;
-    int i, j, k;
-
-    /*
-     * Empty extension is cannonical.
-     */
-    if (addr == NULL)
-        return 1;
-
-    /*
-     * Check whether the top-level list is in order.
-     */
-    for (i = 0; i < sk_IPAddressFamily_num(addr) - 1; i++) {
-        const IPAddressFamily *a = sk_IPAddressFamily_value(addr, i);
-        const IPAddressFamily *b = sk_IPAddressFamily_value(addr, i + 1);
-        if (IPAddressFamily_cmp(&a, &b) >= 0)
-            return 0;
-    }
-
-    /*
-     * Top level's ok, now check each address family.
-     */
-    for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
-        IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
-        int length = length_from_afi(v3_addr_get_afi(f));
-
-        /*
-         * Inheritance is canonical.  Anything other than inheritance or
-         * a SEQUENCE OF IPAddressOrRange is an ASN.1 error or something.
-         */
-        if (f == NULL || f->ipAddressChoice == NULL)
-            return 0;
-        switch (f->ipAddressChoice->type) {
-        case IPAddressChoice_inherit:
-            continue;
-        case IPAddressChoice_addressesOrRanges:
-            break;
-        default:
-            return 0;
-        }
-
-        /*
-         * It's an IPAddressOrRanges sequence, check it.
-         */
-        aors = f->ipAddressChoice->u.addressesOrRanges;
-        if (sk_IPAddressOrRange_num(aors) == 0)
-            return 0;
-        for (j = 0; j < sk_IPAddressOrRange_num(aors) - 1; j++) {
-            IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, j);
-            IPAddressOrRange *b = sk_IPAddressOrRange_value(aors, j + 1);
-
-            if (!extract_min_max(a, a_min, a_max, length) ||
-                !extract_min_max(b, b_min, b_max, length))
-                return 0;
-
-            /*
-             * Punt misordered list, overlapping start, or inverted range.
-             */
-            if (memcmp(a_min, b_min, length) >= 0 ||
-                memcmp(a_min, a_max, length) > 0 ||
-                memcmp(b_min, b_max, length) > 0)
-                return 0;
-
-            /*
-             * Punt if adjacent or overlapping.  Check for adjacency by
-             * subtracting one from b_min first.
-             */
-            for (k = length - 1; k >= 0 && b_min[k]-- == 0x00; k--) ;
-            if (memcmp(a_max, b_min, length) >= 0)
-                return 0;
-
-            /*
-             * Check for range that should be expressed as a prefix.
-             */
-            if (a->type == IPAddressOrRange_addressRange &&
-                range_should_be_prefix(a_min, a_max, length) >= 0)
-                return 0;
-        }
-
-        /*
-         * Check range to see if it's inverted or should be a
-         * prefix.
-         */
-        j = sk_IPAddressOrRange_num(aors) - 1;
-        {
-            IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, j);
-            if (a != NULL && a->type == IPAddressOrRange_addressRange) {
-                if (!extract_min_max(a, a_min, a_max, length))
-                    return 0;
-                if (memcmp(a_min, a_max, length) > 0 ||
-                    range_should_be_prefix(a_min, a_max, length) >= 0)
-                    return 0;
-            }
-        }
-    }
-
-    /*
-     * If we made it through all that, we're happy.
-     */
-    return 1;
-}
-
-/*
- * Whack an IPAddressOrRanges into canonical form.
- */
-static int IPAddressOrRanges_canonize(IPAddressOrRanges *aors,
-                                      const unsigned afi)
-{
-    int i, j, length = length_from_afi(afi);
-
-    /*
-     * Sort the IPAddressOrRanges sequence.
-     */
-    sk_IPAddressOrRange_sort(aors);
-
-    /*
-     * Clean up representation issues, punt on duplicates or overlaps.
-     */
-    for (i = 0; i < sk_IPAddressOrRange_num(aors) - 1; i++) {
-        IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, i);
-        IPAddressOrRange *b = sk_IPAddressOrRange_value(aors, i + 1);
-        unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN];
-        unsigned char b_min[ADDR_RAW_BUF_LEN], b_max[ADDR_RAW_BUF_LEN];
-
-        if (!extract_min_max(a, a_min, a_max, length) ||
-            !extract_min_max(b, b_min, b_max, length))
-            return 0;
-
-        /*
-         * Punt inverted ranges.
-         */
-        if (memcmp(a_min, a_max, length) > 0 ||
-            memcmp(b_min, b_max, length) > 0)
-            return 0;
-
-        /*
-         * Punt overlaps.
-         */
-        if (memcmp(a_max, b_min, length) >= 0)
-            return 0;
-
-        /*
-         * Merge if a and b are adjacent.  We check for
-         * adjacency by subtracting one from b_min first.
-         */
-        for (j = length - 1; j >= 0 && b_min[j]-- == 0x00; j--) ;
-        if (memcmp(a_max, b_min, length) == 0) {
-            IPAddressOrRange *merged;
-            if (!make_addressRange(&merged, a_min, b_max, length))
-                return 0;
-            (void)sk_IPAddressOrRange_set(aors, i, merged);
-            (void)sk_IPAddressOrRange_delete(aors, i + 1);
-            IPAddressOrRange_free(a);
-            IPAddressOrRange_free(b);
-            --i;
-            continue;
-        }
-    }
-
-    /*
-     * Check for inverted final range.
-     */
-    j = sk_IPAddressOrRange_num(aors) - 1;
-    {
-        IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, j);
-        if (a != NULL && a->type == IPAddressOrRange_addressRange) {
-            unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN];
-            extract_min_max(a, a_min, a_max, length);
-            if (memcmp(a_min, a_max, length) > 0)
-                return 0;
-        }
-    }
-
-    return 1;
-}
-
-/*
- * Whack an IPAddrBlocks extension into canonical form.
- */
-int v3_addr_canonize(IPAddrBlocks *addr)
-{
-    int i;
-    for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
-        IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
-        if (f->ipAddressChoice->type == IPAddressChoice_addressesOrRanges &&
-            !IPAddressOrRanges_canonize(f->ipAddressChoice->
-                                        u.addressesOrRanges,
-                                        v3_addr_get_afi(f)))
-            return 0;
-    }
-    (void)sk_IPAddressFamily_set_cmp_func(addr, IPAddressFamily_cmp);
-    sk_IPAddressFamily_sort(addr);
-    OPENSSL_assert(v3_addr_is_canonical(addr));
-    return 1;
-}
-
-/*
- * v2i handler for the IPAddrBlocks extension.
- */
-static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
-                              struct v3_ext_ctx *ctx,
-                              STACK_OF(CONF_VALUE) *values)
-{
-    static const char v4addr_chars[] = "0123456789.";
-    static const char v6addr_chars[] = "0123456789.:abcdefABCDEF";
-    IPAddrBlocks *addr = NULL;
-    char *s = NULL, *t;
-    int i;
-
-    if ((addr = sk_IPAddressFamily_new(IPAddressFamily_cmp)) == NULL) {
-        X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
-        CONF_VALUE *val = sk_CONF_VALUE_value(values, i);
-        unsigned char min[ADDR_RAW_BUF_LEN], max[ADDR_RAW_BUF_LEN];
-        unsigned afi, *safi = NULL, safi_;
-        const char *addr_chars;
-        int prefixlen, i1, i2, delim, length;
-
-        if (!name_cmp(val->name, "IPv4")) {
-            afi = IANA_AFI_IPV4;
-        } else if (!name_cmp(val->name, "IPv6")) {
-            afi = IANA_AFI_IPV6;
-        } else if (!name_cmp(val->name, "IPv4-SAFI")) {
-            afi = IANA_AFI_IPV4;
-            safi = &safi_;
-        } else if (!name_cmp(val->name, "IPv6-SAFI")) {
-            afi = IANA_AFI_IPV6;
-            safi = &safi_;
-        } else {
-            X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
-                      X509V3_R_EXTENSION_NAME_ERROR);
-            X509V3_conf_err(val);
-            goto err;
-        }
-
-        switch (afi) {
-        case IANA_AFI_IPV4:
-            addr_chars = v4addr_chars;
-            break;
-        case IANA_AFI_IPV6:
-            addr_chars = v6addr_chars;
-            break;
-        }
-
-        length = length_from_afi(afi);
-
-        /*
-         * Handle SAFI, if any, and BUF_strdup() so we can null-terminate
-         * the other input values.
-         */
-        if (safi != NULL) {
-            *safi = strtoul(val->value, &t, 0);
-            t += strspn(t, " \t");
-            if (*safi > 0xFF || *t++ != ':') {
-                X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_INVALID_SAFI);
-                X509V3_conf_err(val);
-                goto err;
-            }
-            t += strspn(t, " \t");
-            s = BUF_strdup(t);
-        } else {
-            s = BUF_strdup(val->value);
-        }
-        if (s == NULL) {
-            X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-
-        /*
-         * Check for inheritance.  Not worth additional complexity to
-         * optimize this (seldom-used) case.
-         */
-        if (!strcmp(s, "inherit")) {
-            if (!v3_addr_add_inherit(addr, afi, safi)) {
-                X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
-                          X509V3_R_INVALID_INHERITANCE);
-                X509V3_conf_err(val);
-                goto err;
-            }
-            OPENSSL_free(s);
-            s = NULL;
-            continue;
-        }
-
-        i1 = strspn(s, addr_chars);
-        i2 = i1 + strspn(s + i1, " \t");
-        delim = s[i2++];
-        s[i1] = '\0';
-
-        if (a2i_ipadd(min, s) != length) {
-            X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_INVALID_IPADDRESS);
-            X509V3_conf_err(val);
-            goto err;
-        }
-
-        switch (delim) {
-        case '/':
-            prefixlen = (int)strtoul(s + i2, &t, 10);
-            if (t == s + i2 || *t != '\0') {
-                X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
-                          X509V3_R_EXTENSION_VALUE_ERROR);
-                X509V3_conf_err(val);
-                goto err;
-            }
-            if (!v3_addr_add_prefix(addr, afi, safi, min, prefixlen)) {
-                X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            break;
-        case '-':
-            i1 = i2 + strspn(s + i2, " \t");
-            i2 = i1 + strspn(s + i1, addr_chars);
-            if (i1 == i2 || s[i2] != '\0') {
-                X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
-                          X509V3_R_EXTENSION_VALUE_ERROR);
-                X509V3_conf_err(val);
-                goto err;
-            }
-            if (a2i_ipadd(max, s + i1) != length) {
-                X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
-                          X509V3_R_INVALID_IPADDRESS);
-                X509V3_conf_err(val);
-                goto err;
-            }
-            if (memcmp(min, max, length_from_afi(afi)) > 0) {
-                X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
-                          X509V3_R_EXTENSION_VALUE_ERROR);
-                X509V3_conf_err(val);
-                goto err;
-            }
-            if (!v3_addr_add_range(addr, afi, safi, min, max)) {
-                X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            break;
-        case '\0':
-            if (!v3_addr_add_prefix(addr, afi, safi, min, length * 8)) {
-                X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            break;
-        default:
-            X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
-                      X509V3_R_EXTENSION_VALUE_ERROR);
-            X509V3_conf_err(val);
-            goto err;
-        }
-
-        OPENSSL_free(s);
-        s = NULL;
-    }
-
-    /*
-     * Canonize the result, then we're done.
-     */
-    if (!v3_addr_canonize(addr))
-        goto err;
-    return addr;
-
- err:
-    OPENSSL_free(s);
-    sk_IPAddressFamily_pop_free(addr, IPAddressFamily_free);
-    return NULL;
-}
-
-/*
- * OpenSSL dispatch
- */
-const X509V3_EXT_METHOD v3_addr = {
-    NID_sbgp_ipAddrBlock,       /* nid */
-    0,                          /* flags */
-    ASN1_ITEM_ref(IPAddrBlocks), /* template */
-    0, 0, 0, 0,                 /* old functions, ignored */
-    0,                          /* i2s */
-    0,                          /* s2i */
-    0,                          /* i2v */
-    v2i_IPAddrBlocks,           /* v2i */
-    i2r_IPAddrBlocks,           /* i2r */
-    0,                          /* r2i */
-    NULL                        /* extension-specific data */
-};
-
-/*
- * Figure out whether extension sues inheritance.
- */
-int v3_addr_inherits(IPAddrBlocks *addr)
-{
-    int i;
-    if (addr == NULL)
-        return 0;
-    for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
-        IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
-        if (f->ipAddressChoice->type == IPAddressChoice_inherit)
-            return 1;
-    }
-    return 0;
-}
-
-/*
- * Figure out whether parent contains child.
- */
-static int addr_contains(IPAddressOrRanges *parent,
-                         IPAddressOrRanges *child, int length)
-{
-    unsigned char p_min[ADDR_RAW_BUF_LEN], p_max[ADDR_RAW_BUF_LEN];
-    unsigned char c_min[ADDR_RAW_BUF_LEN], c_max[ADDR_RAW_BUF_LEN];
-    int p, c;
-
-    if (child == NULL || parent == child)
-        return 1;
-    if (parent == NULL)
-        return 0;
-
-    p = 0;
-    for (c = 0; c < sk_IPAddressOrRange_num(child); c++) {
-        if (!extract_min_max(sk_IPAddressOrRange_value(child, c),
-                             c_min, c_max, length))
-            return -1;
-        for (;; p++) {
-            if (p >= sk_IPAddressOrRange_num(parent))
-                return 0;
-            if (!extract_min_max(sk_IPAddressOrRange_value(parent, p),
-                                 p_min, p_max, length))
-                return 0;
-            if (memcmp(p_max, c_max, length) < 0)
-                continue;
-            if (memcmp(p_min, c_min, length) > 0)
-                return 0;
-            break;
-        }
-    }
-
-    return 1;
-}
-
-/*
- * Test whether a is a subset of b.
- */
-int v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b)
-{
-    int i;
-    if (a == NULL || a == b)
-        return 1;
-    if (b == NULL || v3_addr_inherits(a) || v3_addr_inherits(b))
-        return 0;
-    (void)sk_IPAddressFamily_set_cmp_func(b, IPAddressFamily_cmp);
-    for (i = 0; i < sk_IPAddressFamily_num(a); i++) {
-        IPAddressFamily *fa = sk_IPAddressFamily_value(a, i);
-        int j = sk_IPAddressFamily_find(b, fa);
-        IPAddressFamily *fb;
-        fb = sk_IPAddressFamily_value(b, j);
-        if (fb == NULL)
-            return 0;
-        if (!addr_contains(fb->ipAddressChoice->u.addressesOrRanges,
-                           fa->ipAddressChoice->u.addressesOrRanges,
-                           length_from_afi(v3_addr_get_afi(fb))))
-            return 0;
-    }
-    return 1;
-}
-
-/*
- * Validation error handling via callback.
- */
-# define validation_err(_err_)           \
-  do {                                  \
-    if (ctx != NULL) {                  \
-      ctx->error = _err_;               \
-      ctx->error_depth = i;             \
-      ctx->current_cert = x;            \
-      ret = ctx->verify_cb(0, ctx);     \
-    } else {                            \
-      ret = 0;                          \
-    }                                   \
-    if (!ret)                           \
-      goto done;                        \
-  } while (0)
-
-/*
- * Core code for RFC 3779 2.3 path validation.
- *
- * Returns 1 for success, 0 on error.
- *
- * When returning 0, ctx->error MUST be set to an appropriate value other than
- * X509_V_OK.
- */
-static int v3_addr_validate_path_internal(X509_STORE_CTX *ctx,
-                                          STACK_OF(X509) *chain,
-                                          IPAddrBlocks *ext)
-{
-    IPAddrBlocks *child = NULL;
-    int i, j, ret = 1;
-    X509 *x;
-
-    OPENSSL_assert(chain != NULL && sk_X509_num(chain) > 0);
-    OPENSSL_assert(ctx != NULL || ext != NULL);
-    OPENSSL_assert(ctx == NULL || ctx->verify_cb != NULL);
-
-    /*
-     * Figure out where to start.  If we don't have an extension to
-     * check, we're done.  Otherwise, check canonical form and
-     * set up for walking up the chain.
-     */
-    if (ext != NULL) {
-        i = -1;
-        x = NULL;
-    } else {
-        i = 0;
-        x = sk_X509_value(chain, i);
-        OPENSSL_assert(x != NULL);
-        if ((ext = x->rfc3779_addr) == NULL)
-            goto done;
-    }
-    if (!v3_addr_is_canonical(ext))
-        validation_err(X509_V_ERR_INVALID_EXTENSION);
-    (void)sk_IPAddressFamily_set_cmp_func(ext, IPAddressFamily_cmp);
-    if ((child = sk_IPAddressFamily_dup(ext)) == NULL) {
-        X509V3err(X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL,
-                  ERR_R_MALLOC_FAILURE);
-        ctx->error = X509_V_ERR_OUT_OF_MEM;
-        ret = 0;
-        goto done;
-    }
-
-    /*
-     * Now walk up the chain.  No cert may list resources that its
-     * parent doesn't list.
-     */
-    for (i++; i < sk_X509_num(chain); i++) {
-        x = sk_X509_value(chain, i);
-        OPENSSL_assert(x != NULL);
-        if (!v3_addr_is_canonical(x->rfc3779_addr))
-            validation_err(X509_V_ERR_INVALID_EXTENSION);
-        if (x->rfc3779_addr == NULL) {
-            for (j = 0; j < sk_IPAddressFamily_num(child); j++) {
-                IPAddressFamily *fc = sk_IPAddressFamily_value(child, j);
-                if (fc->ipAddressChoice->type != IPAddressChoice_inherit) {
-                    validation_err(X509_V_ERR_UNNESTED_RESOURCE);
-                    break;
-                }
-            }
-            continue;
-        }
-        (void)sk_IPAddressFamily_set_cmp_func(x->rfc3779_addr,
-                                              IPAddressFamily_cmp);
-        for (j = 0; j < sk_IPAddressFamily_num(child); j++) {
-            IPAddressFamily *fc = sk_IPAddressFamily_value(child, j);
-            int k = sk_IPAddressFamily_find(x->rfc3779_addr, fc);
-            IPAddressFamily *fp =
-                sk_IPAddressFamily_value(x->rfc3779_addr, k);
-            if (fp == NULL) {
-                if (fc->ipAddressChoice->type ==
-                    IPAddressChoice_addressesOrRanges) {
-                    validation_err(X509_V_ERR_UNNESTED_RESOURCE);
-                    break;
-                }
-                continue;
-            }
-            if (fp->ipAddressChoice->type ==
-                IPAddressChoice_addressesOrRanges) {
-                if (fc->ipAddressChoice->type == IPAddressChoice_inherit
-                    || addr_contains(fp->ipAddressChoice->u.addressesOrRanges,
-                                     fc->ipAddressChoice->u.addressesOrRanges,
-                                     length_from_afi(v3_addr_get_afi(fc))))
-                    sk_IPAddressFamily_set(child, j, fp);
-                else
-                    validation_err(X509_V_ERR_UNNESTED_RESOURCE);
-            }
-        }
-    }
-
-    /*
-     * Trust anchor can't inherit.
-     */
-    OPENSSL_assert(x != NULL);
-    if (x->rfc3779_addr != NULL) {
-        for (j = 0; j < sk_IPAddressFamily_num(x->rfc3779_addr); j++) {
-            IPAddressFamily *fp =
-                sk_IPAddressFamily_value(x->rfc3779_addr, j);
-            if (fp->ipAddressChoice->type == IPAddressChoice_inherit
-                && sk_IPAddressFamily_find(child, fp) >= 0)
-                validation_err(X509_V_ERR_UNNESTED_RESOURCE);
-        }
-    }
-
- done:
-    sk_IPAddressFamily_free(child);
-    return ret;
-}
-
-# undef validation_err
-
-/*
- * RFC 3779 2.3 path validation -- called from X509_verify_cert().
- */
-int v3_addr_validate_path(X509_STORE_CTX *ctx)
-{
-    return v3_addr_validate_path_internal(ctx, ctx->chain, NULL);
-}
-
-/*
- * RFC 3779 2.3 path validation of an extension.
- * Test whether chain covers extension.
- */
-int v3_addr_validate_resource_set(STACK_OF(X509) *chain,
-                                  IPAddrBlocks *ext, int allow_inheritance)
-{
-    if (ext == NULL)
-        return 1;
-    if (chain == NULL || sk_X509_num(chain) == 0)
-        return 0;
-    if (!allow_inheritance && v3_addr_inherits(ext))
-        return 0;
-    return v3_addr_validate_path_internal(NULL, chain, ext);
-}
-
-#endif                          /* OPENSSL_NO_RFC3779 */
diff --git a/thirdparty/openssl/crypto/x509v3/v3_akey.c b/thirdparty/openssl/crypto/x509v3/v3_akey.c
deleted file mode 100644
index e920270e16..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_akey.c
+++ /dev/null
@@ -1,205 +0,0 @@
-/* v3_akey.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509v3.h>
-
-static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
-                                                 AUTHORITY_KEYID *akeyid,
-                                                 STACK_OF(CONF_VALUE)
-                                                 *extlist);
-static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
-                                            X509V3_CTX *ctx,
-                                            STACK_OF(CONF_VALUE) *values);
-
-const X509V3_EXT_METHOD v3_akey_id = {
-    NID_authority_key_identifier,
-    X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_KEYID),
-    0, 0, 0, 0,
-    0, 0,
-    (X509V3_EXT_I2V) i2v_AUTHORITY_KEYID,
-    (X509V3_EXT_V2I)v2i_AUTHORITY_KEYID,
-    0, 0,
-    NULL
-};
-
-static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
-                                                 AUTHORITY_KEYID *akeyid,
-                                                 STACK_OF(CONF_VALUE)
-                                                 *extlist)
-{
-    char *tmp;
-    if (akeyid->keyid) {
-        tmp = hex_to_string(akeyid->keyid->data, akeyid->keyid->length);
-        X509V3_add_value("keyid", tmp, &extlist);
-        OPENSSL_free(tmp);
-    }
-    if (akeyid->issuer)
-        extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist);
-    if (akeyid->serial) {
-        tmp = hex_to_string(akeyid->serial->data, akeyid->serial->length);
-        X509V3_add_value("serial", tmp, &extlist);
-        OPENSSL_free(tmp);
-    }
-    return extlist;
-}
-
-/*-
- * Currently two options:
- * keyid: use the issuers subject keyid, the value 'always' means its is
- * an error if the issuer certificate doesn't have a key id.
- * issuer: use the issuers cert issuer and serial number. The default is
- * to only use this if keyid is not present. With the option 'always'
- * this is always included.
- */
-
-static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
-                                            X509V3_CTX *ctx,
-                                            STACK_OF(CONF_VALUE) *values)
-{
-    char keyid = 0, issuer = 0;
-    int i;
-    CONF_VALUE *cnf;
-    ASN1_OCTET_STRING *ikeyid = NULL;
-    X509_NAME *isname = NULL;
-    GENERAL_NAMES *gens = NULL;
-    GENERAL_NAME *gen = NULL;
-    ASN1_INTEGER *serial = NULL;
-    X509_EXTENSION *ext;
-    X509 *cert;
-    AUTHORITY_KEYID *akeyid;
-
-    for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
-        cnf = sk_CONF_VALUE_value(values, i);
-        if (!strcmp(cnf->name, "keyid")) {
-            keyid = 1;
-            if (cnf->value && !strcmp(cnf->value, "always"))
-                keyid = 2;
-        } else if (!strcmp(cnf->name, "issuer")) {
-            issuer = 1;
-            if (cnf->value && !strcmp(cnf->value, "always"))
-                issuer = 2;
-        } else {
-            X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, X509V3_R_UNKNOWN_OPTION);
-            ERR_add_error_data(2, "name=", cnf->name);
-            return NULL;
-        }
-    }
-
-    if (!ctx || !ctx->issuer_cert) {
-        if (ctx && (ctx->flags == CTX_TEST))
-            return AUTHORITY_KEYID_new();
-        X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,
-                  X509V3_R_NO_ISSUER_CERTIFICATE);
-        return NULL;
-    }
-
-    cert = ctx->issuer_cert;
-
-    if (keyid) {
-        i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
-        if ((i >= 0) && (ext = X509_get_ext(cert, i)))
-            ikeyid = X509V3_EXT_d2i(ext);
-        if (keyid == 2 && !ikeyid) {
-            X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,
-                      X509V3_R_UNABLE_TO_GET_ISSUER_KEYID);
-            return NULL;
-        }
-    }
-
-    if ((issuer && !ikeyid) || (issuer == 2)) {
-        isname = X509_NAME_dup(X509_get_issuer_name(cert));
-        serial = M_ASN1_INTEGER_dup(X509_get_serialNumber(cert));
-        if (!isname || !serial) {
-            X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,
-                      X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS);
-            goto err;
-        }
-    }
-
-    if (!(akeyid = AUTHORITY_KEYID_new()))
-        goto err;
-
-    if (isname) {
-        if (!(gens = sk_GENERAL_NAME_new_null())
-            || !(gen = GENERAL_NAME_new())
-            || !sk_GENERAL_NAME_push(gens, gen)) {
-            X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        gen->type = GEN_DIRNAME;
-        gen->d.dirn = isname;
-    }
-
-    akeyid->issuer = gens;
-    akeyid->serial = serial;
-    akeyid->keyid = ikeyid;
-
-    return akeyid;
-
- err:
-    X509_NAME_free(isname);
-    M_ASN1_INTEGER_free(serial);
-    M_ASN1_OCTET_STRING_free(ikeyid);
-    return NULL;
-}
diff --git a/thirdparty/openssl/crypto/x509v3/v3_akeya.c b/thirdparty/openssl/crypto/x509v3/v3_akeya.c
deleted file mode 100644
index 2cc85b7623..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_akeya.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/* v3_akey_asn1.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509v3.h>
-
-ASN1_SEQUENCE(AUTHORITY_KEYID) = {
-        ASN1_IMP_OPT(AUTHORITY_KEYID, keyid, ASN1_OCTET_STRING, 0),
-        ASN1_IMP_SEQUENCE_OF_OPT(AUTHORITY_KEYID, issuer, GENERAL_NAME, 1),
-        ASN1_IMP_OPT(AUTHORITY_KEYID, serial, ASN1_INTEGER, 2)
-} ASN1_SEQUENCE_END(AUTHORITY_KEYID)
-
-IMPLEMENT_ASN1_FUNCTIONS(AUTHORITY_KEYID)
diff --git a/thirdparty/openssl/crypto/x509v3/v3_alt.c b/thirdparty/openssl/crypto/x509v3/v3_alt.c
deleted file mode 100644
index a0351faf11..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_alt.c
+++ /dev/null
@@ -1,621 +0,0 @@
-/* v3_alt.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method,
-                                      X509V3_CTX *ctx,
-                                      STACK_OF(CONF_VALUE) *nval);
-static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method,
-                                     X509V3_CTX *ctx,
-                                     STACK_OF(CONF_VALUE) *nval);
-static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p);
-static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens);
-static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx);
-static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx);
-
-const X509V3_EXT_METHOD v3_alt[] = {
-    {NID_subject_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES),
-     0, 0, 0, 0,
-     0, 0,
-     (X509V3_EXT_I2V) i2v_GENERAL_NAMES,
-     (X509V3_EXT_V2I)v2i_subject_alt,
-     NULL, NULL, NULL},
-
-    {NID_issuer_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES),
-     0, 0, 0, 0,
-     0, 0,
-     (X509V3_EXT_I2V) i2v_GENERAL_NAMES,
-     (X509V3_EXT_V2I)v2i_issuer_alt,
-     NULL, NULL, NULL},
-
-    {NID_certificate_issuer, 0, ASN1_ITEM_ref(GENERAL_NAMES),
-     0, 0, 0, 0,
-     0, 0,
-     (X509V3_EXT_I2V) i2v_GENERAL_NAMES,
-     NULL, NULL, NULL, NULL},
-};
-
-STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
-                                        GENERAL_NAMES *gens,
-                                        STACK_OF(CONF_VALUE) *ret)
-{
-    int i;
-    GENERAL_NAME *gen;
-    for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
-        gen = sk_GENERAL_NAME_value(gens, i);
-        ret = i2v_GENERAL_NAME(method, gen, ret);
-    }
-    if (!ret)
-        return sk_CONF_VALUE_new_null();
-    return ret;
-}
-
-STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
-                                       GENERAL_NAME *gen,
-                                       STACK_OF(CONF_VALUE) *ret)
-{
-    unsigned char *p;
-    char oline[256], htmp[5];
-    int i;
-    switch (gen->type) {
-    case GEN_OTHERNAME:
-        if (!X509V3_add_value("othername", "<unsupported>", &ret))
-            return NULL;
-        break;
-
-    case GEN_X400:
-        if (!X509V3_add_value("X400Name", "<unsupported>", &ret))
-            return NULL;
-        break;
-
-    case GEN_EDIPARTY:
-        if (!X509V3_add_value("EdiPartyName", "<unsupported>", &ret))
-            return NULL;
-        break;
-
-    case GEN_EMAIL:
-        if (!X509V3_add_value_uchar("email", gen->d.ia5->data, &ret))
-            return NULL;
-        break;
-
-    case GEN_DNS:
-        if (!X509V3_add_value_uchar("DNS", gen->d.ia5->data, &ret))
-            return NULL;
-        break;
-
-    case GEN_URI:
-        if (!X509V3_add_value_uchar("URI", gen->d.ia5->data, &ret))
-            return NULL;
-        break;
-
-    case GEN_DIRNAME:
-        if (X509_NAME_oneline(gen->d.dirn, oline, 256) == NULL
-                || !X509V3_add_value("DirName", oline, &ret))
-            return NULL;
-        break;
-
-    case GEN_IPADD:
-        p = gen->d.ip->data;
-        if (gen->d.ip->length == 4)
-            BIO_snprintf(oline, sizeof oline,
-                         "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
-        else if (gen->d.ip->length == 16) {
-            oline[0] = 0;
-            for (i = 0; i < 8; i++) {
-                BIO_snprintf(htmp, sizeof htmp, "%X", p[0] << 8 | p[1]);
-                p += 2;
-                strcat(oline, htmp);
-                if (i != 7)
-                    strcat(oline, ":");
-            }
-        } else {
-            if (!X509V3_add_value("IP Address", "<invalid>", &ret))
-                return NULL;
-            break;
-        }
-        if (!X509V3_add_value("IP Address", oline, &ret))
-            return NULL;
-        break;
-
-    case GEN_RID:
-        i2t_ASN1_OBJECT(oline, 256, gen->d.rid);
-        if (!X509V3_add_value("Registered ID", oline, &ret))
-            return NULL;
-        break;
-    }
-    return ret;
-}
-
-int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen)
-{
-    unsigned char *p;
-    int i;
-    switch (gen->type) {
-    case GEN_OTHERNAME:
-        BIO_printf(out, "othername:<unsupported>");
-        break;
-
-    case GEN_X400:
-        BIO_printf(out, "X400Name:<unsupported>");
-        break;
-
-    case GEN_EDIPARTY:
-        /* Maybe fix this: it is supported now */
-        BIO_printf(out, "EdiPartyName:<unsupported>");
-        break;
-
-    case GEN_EMAIL:
-        BIO_printf(out, "email:%s", gen->d.ia5->data);
-        break;
-
-    case GEN_DNS:
-        BIO_printf(out, "DNS:%s", gen->d.ia5->data);
-        break;
-
-    case GEN_URI:
-        BIO_printf(out, "URI:%s", gen->d.ia5->data);
-        break;
-
-    case GEN_DIRNAME:
-        BIO_printf(out, "DirName: ");
-        X509_NAME_print_ex(out, gen->d.dirn, 0, XN_FLAG_ONELINE);
-        break;
-
-    case GEN_IPADD:
-        p = gen->d.ip->data;
-        if (gen->d.ip->length == 4)
-            BIO_printf(out, "IP Address:%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
-        else if (gen->d.ip->length == 16) {
-            BIO_printf(out, "IP Address");
-            for (i = 0; i < 8; i++) {
-                BIO_printf(out, ":%X", p[0] << 8 | p[1]);
-                p += 2;
-            }
-            BIO_puts(out, "\n");
-        } else {
-            BIO_printf(out, "IP Address:<invalid>");
-            break;
-        }
-        break;
-
-    case GEN_RID:
-        BIO_printf(out, "Registered ID");
-        i2a_ASN1_OBJECT(out, gen->d.rid);
-        break;
-    }
-    return 1;
-}
-
-static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method,
-                                     X509V3_CTX *ctx,
-                                     STACK_OF(CONF_VALUE) *nval)
-{
-    GENERAL_NAMES *gens = NULL;
-    CONF_VALUE *cnf;
-    int i;
-    if (!(gens = sk_GENERAL_NAME_new_null())) {
-        X509V3err(X509V3_F_V2I_ISSUER_ALT, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-        cnf = sk_CONF_VALUE_value(nval, i);
-        if (!name_cmp(cnf->name, "issuer") && cnf->value &&
-            !strcmp(cnf->value, "copy")) {
-            if (!copy_issuer(ctx, gens))
-                goto err;
-        } else {
-            GENERAL_NAME *gen;
-            if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
-                goto err;
-            sk_GENERAL_NAME_push(gens, gen);
-        }
-    }
-    return gens;
- err:
-    sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
-    return NULL;
-}
-
-/* Append subject altname of issuer to issuer alt name of subject */
-
-static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens)
-{
-    GENERAL_NAMES *ialt;
-    GENERAL_NAME *gen;
-    X509_EXTENSION *ext;
-    int i;
-    if (ctx && (ctx->flags == CTX_TEST))
-        return 1;
-    if (!ctx || !ctx->issuer_cert) {
-        X509V3err(X509V3_F_COPY_ISSUER, X509V3_R_NO_ISSUER_DETAILS);
-        goto err;
-    }
-    i = X509_get_ext_by_NID(ctx->issuer_cert, NID_subject_alt_name, -1);
-    if (i < 0)
-        return 1;
-    if (!(ext = X509_get_ext(ctx->issuer_cert, i)) ||
-        !(ialt = X509V3_EXT_d2i(ext))) {
-        X509V3err(X509V3_F_COPY_ISSUER, X509V3_R_ISSUER_DECODE_ERROR);
-        goto err;
-    }
-
-    for (i = 0; i < sk_GENERAL_NAME_num(ialt); i++) {
-        gen = sk_GENERAL_NAME_value(ialt, i);
-        if (!sk_GENERAL_NAME_push(gens, gen)) {
-            X509V3err(X509V3_F_COPY_ISSUER, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-    }
-    sk_GENERAL_NAME_free(ialt);
-
-    return 1;
-
- err:
-    return 0;
-
-}
-
-static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method,
-                                      X509V3_CTX *ctx,
-                                      STACK_OF(CONF_VALUE) *nval)
-{
-    GENERAL_NAMES *gens = NULL;
-    CONF_VALUE *cnf;
-    int i;
-    if (!(gens = sk_GENERAL_NAME_new_null())) {
-        X509V3err(X509V3_F_V2I_SUBJECT_ALT, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-        cnf = sk_CONF_VALUE_value(nval, i);
-        if (!name_cmp(cnf->name, "email") && cnf->value &&
-            !strcmp(cnf->value, "copy")) {
-            if (!copy_email(ctx, gens, 0))
-                goto err;
-        } else if (!name_cmp(cnf->name, "email") && cnf->value &&
-                   !strcmp(cnf->value, "move")) {
-            if (!copy_email(ctx, gens, 1))
-                goto err;
-        } else {
-            GENERAL_NAME *gen;
-            if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
-                goto err;
-            sk_GENERAL_NAME_push(gens, gen);
-        }
-    }
-    return gens;
- err:
-    sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
-    return NULL;
-}
-
-/*
- * Copy any email addresses in a certificate or request to GENERAL_NAMES
- */
-
-static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p)
-{
-    X509_NAME *nm;
-    ASN1_IA5STRING *email = NULL;
-    X509_NAME_ENTRY *ne;
-    GENERAL_NAME *gen = NULL;
-    int i;
-    if (ctx != NULL && ctx->flags == CTX_TEST)
-        return 1;
-    if (!ctx || (!ctx->subject_cert && !ctx->subject_req)) {
-        X509V3err(X509V3_F_COPY_EMAIL, X509V3_R_NO_SUBJECT_DETAILS);
-        goto err;
-    }
-    /* Find the subject name */
-    if (ctx->subject_cert)
-        nm = X509_get_subject_name(ctx->subject_cert);
-    else
-        nm = X509_REQ_get_subject_name(ctx->subject_req);
-
-    /* Now add any email address(es) to STACK */
-    i = -1;
-    while ((i = X509_NAME_get_index_by_NID(nm,
-                                           NID_pkcs9_emailAddress, i)) >= 0) {
-        ne = X509_NAME_get_entry(nm, i);
-        email = M_ASN1_IA5STRING_dup(X509_NAME_ENTRY_get_data(ne));
-        if (move_p) {
-            X509_NAME_delete_entry(nm, i);
-            X509_NAME_ENTRY_free(ne);
-            i--;
-        }
-        if (!email || !(gen = GENERAL_NAME_new())) {
-            X509V3err(X509V3_F_COPY_EMAIL, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        gen->d.ia5 = email;
-        email = NULL;
-        gen->type = GEN_EMAIL;
-        if (!sk_GENERAL_NAME_push(gens, gen)) {
-            X509V3err(X509V3_F_COPY_EMAIL, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        gen = NULL;
-    }
-
-    return 1;
-
- err:
-    GENERAL_NAME_free(gen);
-    M_ASN1_IA5STRING_free(email);
-    return 0;
-
-}
-
-GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method,
-                                 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
-{
-    GENERAL_NAME *gen;
-    GENERAL_NAMES *gens = NULL;
-    CONF_VALUE *cnf;
-    int i;
-    if (!(gens = sk_GENERAL_NAME_new_null())) {
-        X509V3err(X509V3_F_V2I_GENERAL_NAMES, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-        cnf = sk_CONF_VALUE_value(nval, i);
-        if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
-            goto err;
-        sk_GENERAL_NAME_push(gens, gen);
-    }
-    return gens;
- err:
-    sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
-    return NULL;
-}
-
-GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method,
-                               X509V3_CTX *ctx, CONF_VALUE *cnf)
-{
-    return v2i_GENERAL_NAME_ex(NULL, method, ctx, cnf, 0);
-}
-
-GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
-                               const X509V3_EXT_METHOD *method,
-                               X509V3_CTX *ctx, int gen_type, char *value,
-                               int is_nc)
-{
-    char is_string = 0;
-    GENERAL_NAME *gen = NULL;
-
-    if (!value) {
-        X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_MISSING_VALUE);
-        return NULL;
-    }
-
-    if (out)
-        gen = out;
-    else {
-        gen = GENERAL_NAME_new();
-        if (gen == NULL) {
-            X509V3err(X509V3_F_A2I_GENERAL_NAME, ERR_R_MALLOC_FAILURE);
-            return NULL;
-        }
-    }
-
-    switch (gen_type) {
-    case GEN_URI:
-    case GEN_EMAIL:
-    case GEN_DNS:
-        is_string = 1;
-        break;
-
-    case GEN_RID:
-        {
-            ASN1_OBJECT *obj;
-            if (!(obj = OBJ_txt2obj(value, 0))) {
-                X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_BAD_OBJECT);
-                ERR_add_error_data(2, "value=", value);
-                goto err;
-            }
-            gen->d.rid = obj;
-        }
-        break;
-
-    case GEN_IPADD:
-        if (is_nc)
-            gen->d.ip = a2i_IPADDRESS_NC(value);
-        else
-            gen->d.ip = a2i_IPADDRESS(value);
-        if (gen->d.ip == NULL) {
-            X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_BAD_IP_ADDRESS);
-            ERR_add_error_data(2, "value=", value);
-            goto err;
-        }
-        break;
-
-    case GEN_DIRNAME:
-        if (!do_dirname(gen, value, ctx)) {
-            X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_DIRNAME_ERROR);
-            goto err;
-        }
-        break;
-
-    case GEN_OTHERNAME:
-        if (!do_othername(gen, value, ctx)) {
-            X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_OTHERNAME_ERROR);
-            goto err;
-        }
-        break;
-    default:
-        X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_UNSUPPORTED_TYPE);
-        goto err;
-    }
-
-    if (is_string) {
-        if (!(gen->d.ia5 = M_ASN1_IA5STRING_new()) ||
-            !ASN1_STRING_set(gen->d.ia5, (unsigned char *)value,
-                             strlen(value))) {
-            X509V3err(X509V3_F_A2I_GENERAL_NAME, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-    }
-
-    gen->type = gen_type;
-
-    return gen;
-
- err:
-    if (!out)
-        GENERAL_NAME_free(gen);
-    return NULL;
-}
-
-GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
-                                  const X509V3_EXT_METHOD *method,
-                                  X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc)
-{
-    int type;
-
-    char *name, *value;
-
-    name = cnf->name;
-    value = cnf->value;
-
-    if (!value) {
-        X509V3err(X509V3_F_V2I_GENERAL_NAME_EX, X509V3_R_MISSING_VALUE);
-        return NULL;
-    }
-
-    if (!name_cmp(name, "email"))
-        type = GEN_EMAIL;
-    else if (!name_cmp(name, "URI"))
-        type = GEN_URI;
-    else if (!name_cmp(name, "DNS"))
-        type = GEN_DNS;
-    else if (!name_cmp(name, "RID"))
-        type = GEN_RID;
-    else if (!name_cmp(name, "IP"))
-        type = GEN_IPADD;
-    else if (!name_cmp(name, "dirName"))
-        type = GEN_DIRNAME;
-    else if (!name_cmp(name, "otherName"))
-        type = GEN_OTHERNAME;
-    else {
-        X509V3err(X509V3_F_V2I_GENERAL_NAME_EX, X509V3_R_UNSUPPORTED_OPTION);
-        ERR_add_error_data(2, "name=", name);
-        return NULL;
-    }
-
-    return a2i_GENERAL_NAME(out, method, ctx, type, value, is_nc);
-
-}
-
-static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
-{
-    char *objtmp = NULL, *p;
-    int objlen;
-    if (!(p = strchr(value, ';')))
-        return 0;
-    if (!(gen->d.otherName = OTHERNAME_new()))
-        return 0;
-    /*
-     * Free this up because we will overwrite it. no need to free type_id
-     * because it is static
-     */
-    ASN1_TYPE_free(gen->d.otherName->value);
-    if (!(gen->d.otherName->value = ASN1_generate_v3(p + 1, ctx)))
-        return 0;
-    objlen = p - value;
-    objtmp = OPENSSL_malloc(objlen + 1);
-    if (objtmp == NULL)
-        return 0;
-    strncpy(objtmp, value, objlen);
-    objtmp[objlen] = 0;
-    gen->d.otherName->type_id = OBJ_txt2obj(objtmp, 0);
-    OPENSSL_free(objtmp);
-    if (!gen->d.otherName->type_id)
-        return 0;
-    return 1;
-}
-
-static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
-{
-    int ret = 0;
-    STACK_OF(CONF_VALUE) *sk = NULL;
-    X509_NAME *nm = NULL;
-    if (!(nm = X509_NAME_new()))
-        goto err;
-    sk = X509V3_get_section(ctx, value);
-    if (!sk) {
-        X509V3err(X509V3_F_DO_DIRNAME, X509V3_R_SECTION_NOT_FOUND);
-        ERR_add_error_data(2, "section=", value);
-        goto err;
-    }
-    /* FIXME: should allow other character types... */
-    ret = X509V3_NAME_from_section(nm, sk, MBSTRING_ASC);
-    if (!ret)
-        goto err;
-    gen->d.dirn = nm;
-
-err:
-    if (ret == 0)
-        X509_NAME_free(nm);
-    X509V3_section_free(ctx, sk);
-    return ret;
-}
diff --git a/thirdparty/openssl/crypto/x509v3/v3_asid.c b/thirdparty/openssl/crypto/x509v3/v3_asid.c
deleted file mode 100644
index 2a32c9d0c9..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_asid.c
+++ /dev/null
@@ -1,896 +0,0 @@
-/*
- * Contributed to the OpenSSL Project by the American Registry for
- * Internet Numbers ("ARIN").
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- */
-
-/*
- * Implementation of RFC 3779 section 3.2.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509v3.h>
-#include <openssl/x509.h>
-#include <openssl/bn.h>
-
-#ifndef OPENSSL_NO_RFC3779
-
-/*
- * OpenSSL ASN.1 template translation of RFC 3779 3.2.3.
- */
-
-ASN1_SEQUENCE(ASRange) = {
-  ASN1_SIMPLE(ASRange, min, ASN1_INTEGER),
-  ASN1_SIMPLE(ASRange, max, ASN1_INTEGER)
-} ASN1_SEQUENCE_END(ASRange)
-
-ASN1_CHOICE(ASIdOrRange) = {
-  ASN1_SIMPLE(ASIdOrRange, u.id,    ASN1_INTEGER),
-  ASN1_SIMPLE(ASIdOrRange, u.range, ASRange)
-} ASN1_CHOICE_END(ASIdOrRange)
-
-ASN1_CHOICE(ASIdentifierChoice) = {
-  ASN1_SIMPLE(ASIdentifierChoice,      u.inherit,       ASN1_NULL),
-  ASN1_SEQUENCE_OF(ASIdentifierChoice, u.asIdsOrRanges, ASIdOrRange)
-} ASN1_CHOICE_END(ASIdentifierChoice)
-
-ASN1_SEQUENCE(ASIdentifiers) = {
-  ASN1_EXP_OPT(ASIdentifiers, asnum, ASIdentifierChoice, 0),
-  ASN1_EXP_OPT(ASIdentifiers, rdi,   ASIdentifierChoice, 1)
-} ASN1_SEQUENCE_END(ASIdentifiers)
-
-IMPLEMENT_ASN1_FUNCTIONS(ASRange)
-IMPLEMENT_ASN1_FUNCTIONS(ASIdOrRange)
-IMPLEMENT_ASN1_FUNCTIONS(ASIdentifierChoice)
-IMPLEMENT_ASN1_FUNCTIONS(ASIdentifiers)
-
-/*
- * i2r method for an ASIdentifierChoice.
- */
-static int i2r_ASIdentifierChoice(BIO *out,
-                                  ASIdentifierChoice *choice,
-                                  int indent, const char *msg)
-{
-    int i;
-    char *s;
-    if (choice == NULL)
-        return 1;
-    BIO_printf(out, "%*s%s:\n", indent, "", msg);
-    switch (choice->type) {
-    case ASIdentifierChoice_inherit:
-        BIO_printf(out, "%*sinherit\n", indent + 2, "");
-        break;
-    case ASIdentifierChoice_asIdsOrRanges:
-        for (i = 0; i < sk_ASIdOrRange_num(choice->u.asIdsOrRanges); i++) {
-            ASIdOrRange *aor =
-                sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i);
-            switch (aor->type) {
-            case ASIdOrRange_id:
-                if ((s = i2s_ASN1_INTEGER(NULL, aor->u.id)) == NULL)
-                    return 0;
-                BIO_printf(out, "%*s%s\n", indent + 2, "", s);
-                OPENSSL_free(s);
-                break;
-            case ASIdOrRange_range:
-                if ((s = i2s_ASN1_INTEGER(NULL, aor->u.range->min)) == NULL)
-                    return 0;
-                BIO_printf(out, "%*s%s-", indent + 2, "", s);
-                OPENSSL_free(s);
-                if ((s = i2s_ASN1_INTEGER(NULL, aor->u.range->max)) == NULL)
-                    return 0;
-                BIO_printf(out, "%s\n", s);
-                OPENSSL_free(s);
-                break;
-            default:
-                return 0;
-            }
-        }
-        break;
-    default:
-        return 0;
-    }
-    return 1;
-}
-
-/*
- * i2r method for an ASIdentifier extension.
- */
-static int i2r_ASIdentifiers(const X509V3_EXT_METHOD *method,
-                             void *ext, BIO *out, int indent)
-{
-    ASIdentifiers *asid = ext;
-    return (i2r_ASIdentifierChoice(out, asid->asnum, indent,
-                                   "Autonomous System Numbers") &&
-            i2r_ASIdentifierChoice(out, asid->rdi, indent,
-                                   "Routing Domain Identifiers"));
-}
-
-/*
- * Sort comparision function for a sequence of ASIdOrRange elements.
- */
-static int ASIdOrRange_cmp(const ASIdOrRange *const *a_,
-                           const ASIdOrRange *const *b_)
-{
-    const ASIdOrRange *a = *a_, *b = *b_;
-
-    OPENSSL_assert((a->type == ASIdOrRange_id && a->u.id != NULL) ||
-                   (a->type == ASIdOrRange_range && a->u.range != NULL &&
-                    a->u.range->min != NULL && a->u.range->max != NULL));
-
-    OPENSSL_assert((b->type == ASIdOrRange_id && b->u.id != NULL) ||
-                   (b->type == ASIdOrRange_range && b->u.range != NULL &&
-                    b->u.range->min != NULL && b->u.range->max != NULL));
-
-    if (a->type == ASIdOrRange_id && b->type == ASIdOrRange_id)
-        return ASN1_INTEGER_cmp(a->u.id, b->u.id);
-
-    if (a->type == ASIdOrRange_range && b->type == ASIdOrRange_range) {
-        int r = ASN1_INTEGER_cmp(a->u.range->min, b->u.range->min);
-        return r != 0 ? r : ASN1_INTEGER_cmp(a->u.range->max,
-                                             b->u.range->max);
-    }
-
-    if (a->type == ASIdOrRange_id)
-        return ASN1_INTEGER_cmp(a->u.id, b->u.range->min);
-    else
-        return ASN1_INTEGER_cmp(a->u.range->min, b->u.id);
-}
-
-/*
- * Add an inherit element.
- */
-int v3_asid_add_inherit(ASIdentifiers *asid, int which)
-{
-    ASIdentifierChoice **choice;
-    if (asid == NULL)
-        return 0;
-    switch (which) {
-    case V3_ASID_ASNUM:
-        choice = &asid->asnum;
-        break;
-    case V3_ASID_RDI:
-        choice = &asid->rdi;
-        break;
-    default:
-        return 0;
-    }
-    if (*choice == NULL) {
-        if ((*choice = ASIdentifierChoice_new()) == NULL)
-            return 0;
-        OPENSSL_assert((*choice)->u.inherit == NULL);
-        if (((*choice)->u.inherit = ASN1_NULL_new()) == NULL)
-            return 0;
-        (*choice)->type = ASIdentifierChoice_inherit;
-    }
-    return (*choice)->type == ASIdentifierChoice_inherit;
-}
-
-/*
- * Add an ID or range to an ASIdentifierChoice.
- */
-int v3_asid_add_id_or_range(ASIdentifiers *asid,
-                            int which, ASN1_INTEGER *min, ASN1_INTEGER *max)
-{
-    ASIdentifierChoice **choice;
-    ASIdOrRange *aor;
-    if (asid == NULL)
-        return 0;
-    switch (which) {
-    case V3_ASID_ASNUM:
-        choice = &asid->asnum;
-        break;
-    case V3_ASID_RDI:
-        choice = &asid->rdi;
-        break;
-    default:
-        return 0;
-    }
-    if (*choice != NULL && (*choice)->type == ASIdentifierChoice_inherit)
-        return 0;
-    if (*choice == NULL) {
-        if ((*choice = ASIdentifierChoice_new()) == NULL)
-            return 0;
-        OPENSSL_assert((*choice)->u.asIdsOrRanges == NULL);
-        (*choice)->u.asIdsOrRanges = sk_ASIdOrRange_new(ASIdOrRange_cmp);
-        if ((*choice)->u.asIdsOrRanges == NULL)
-            return 0;
-        (*choice)->type = ASIdentifierChoice_asIdsOrRanges;
-    }
-    if ((aor = ASIdOrRange_new()) == NULL)
-        return 0;
-    if (max == NULL) {
-        aor->type = ASIdOrRange_id;
-        aor->u.id = min;
-    } else {
-        aor->type = ASIdOrRange_range;
-        if ((aor->u.range = ASRange_new()) == NULL)
-            goto err;
-        ASN1_INTEGER_free(aor->u.range->min);
-        aor->u.range->min = min;
-        ASN1_INTEGER_free(aor->u.range->max);
-        aor->u.range->max = max;
-    }
-    if (!(sk_ASIdOrRange_push((*choice)->u.asIdsOrRanges, aor)))
-        goto err;
-    return 1;
-
- err:
-    ASIdOrRange_free(aor);
-    return 0;
-}
-
-/*
- * Extract min and max values from an ASIdOrRange.
- */
-static void extract_min_max(ASIdOrRange *aor,
-                            ASN1_INTEGER **min, ASN1_INTEGER **max)
-{
-    OPENSSL_assert(aor != NULL && min != NULL && max != NULL);
-    switch (aor->type) {
-    case ASIdOrRange_id:
-        *min = aor->u.id;
-        *max = aor->u.id;
-        return;
-    case ASIdOrRange_range:
-        *min = aor->u.range->min;
-        *max = aor->u.range->max;
-        return;
-    }
-}
-
-/*
- * Check whether an ASIdentifierChoice is in canonical form.
- */
-static int ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice)
-{
-    ASN1_INTEGER *a_max_plus_one = NULL;
-    BIGNUM *bn = NULL;
-    int i, ret = 0;
-
-    /*
-     * Empty element or inheritance is canonical.
-     */
-    if (choice == NULL || choice->type == ASIdentifierChoice_inherit)
-        return 1;
-
-    /*
-     * If not a list, or if empty list, it's broken.
-     */
-    if (choice->type != ASIdentifierChoice_asIdsOrRanges ||
-        sk_ASIdOrRange_num(choice->u.asIdsOrRanges) == 0)
-        return 0;
-
-    /*
-     * It's a list, check it.
-     */
-    for (i = 0; i < sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1; i++) {
-        ASIdOrRange *a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i);
-        ASIdOrRange *b = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i + 1);
-        ASN1_INTEGER *a_min, *a_max, *b_min, *b_max;
-
-        extract_min_max(a, &a_min, &a_max);
-        extract_min_max(b, &b_min, &b_max);
-
-        /*
-         * Punt misordered list, overlapping start, or inverted range.
-         */
-        if (ASN1_INTEGER_cmp(a_min, b_min) >= 0 ||
-            ASN1_INTEGER_cmp(a_min, a_max) > 0 ||
-            ASN1_INTEGER_cmp(b_min, b_max) > 0)
-            goto done;
-
-        /*
-         * Calculate a_max + 1 to check for adjacency.
-         */
-        if ((bn == NULL && (bn = BN_new()) == NULL) ||
-            ASN1_INTEGER_to_BN(a_max, bn) == NULL ||
-            !BN_add_word(bn, 1) ||
-            (a_max_plus_one =
-             BN_to_ASN1_INTEGER(bn, a_max_plus_one)) == NULL) {
-            X509V3err(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL,
-                      ERR_R_MALLOC_FAILURE);
-            goto done;
-        }
-
-        /*
-         * Punt if adjacent or overlapping.
-         */
-        if (ASN1_INTEGER_cmp(a_max_plus_one, b_min) >= 0)
-            goto done;
-    }
-
-    /*
-     * Check for inverted range.
-     */
-    i = sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1;
-    {
-        ASIdOrRange *a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i);
-        ASN1_INTEGER *a_min, *a_max;
-        if (a != NULL && a->type == ASIdOrRange_range) {
-            extract_min_max(a, &a_min, &a_max);
-            if (ASN1_INTEGER_cmp(a_min, a_max) > 0)
-                goto done;
-        }
-    }
-
-    ret = 1;
-
- done:
-    ASN1_INTEGER_free(a_max_plus_one);
-    BN_free(bn);
-    return ret;
-}
-
-/*
- * Check whether an ASIdentifier extension is in canonical form.
- */
-int v3_asid_is_canonical(ASIdentifiers *asid)
-{
-    return (asid == NULL ||
-            (ASIdentifierChoice_is_canonical(asid->asnum) &&
-             ASIdentifierChoice_is_canonical(asid->rdi)));
-}
-
-/*
- * Whack an ASIdentifierChoice into canonical form.
- */
-static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice)
-{
-    ASN1_INTEGER *a_max_plus_one = NULL;
-    BIGNUM *bn = NULL;
-    int i, ret = 0;
-
-    /*
-     * Nothing to do for empty element or inheritance.
-     */
-    if (choice == NULL || choice->type == ASIdentifierChoice_inherit)
-        return 1;
-
-    /*
-     * If not a list, or if empty list, it's broken.
-     */
-    if (choice->type != ASIdentifierChoice_asIdsOrRanges ||
-        sk_ASIdOrRange_num(choice->u.asIdsOrRanges) == 0) {
-        X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE,
-                  X509V3_R_EXTENSION_VALUE_ERROR);
-        return 0;
-    }
-
-    /*
-     * We have a non-empty list.  Sort it.
-     */
-    sk_ASIdOrRange_sort(choice->u.asIdsOrRanges);
-
-    /*
-     * Now check for errors and suboptimal encoding, rejecting the
-     * former and fixing the latter.
-     */
-    for (i = 0; i < sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1; i++) {
-        ASIdOrRange *a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i);
-        ASIdOrRange *b = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i + 1);
-        ASN1_INTEGER *a_min, *a_max, *b_min, *b_max;
-
-        extract_min_max(a, &a_min, &a_max);
-        extract_min_max(b, &b_min, &b_max);
-
-        /*
-         * Make sure we're properly sorted (paranoia).
-         */
-        OPENSSL_assert(ASN1_INTEGER_cmp(a_min, b_min) <= 0);
-
-        /*
-         * Punt inverted ranges.
-         */
-        if (ASN1_INTEGER_cmp(a_min, a_max) > 0 ||
-            ASN1_INTEGER_cmp(b_min, b_max) > 0)
-            goto done;
-
-        /*
-         * Check for overlaps.
-         */
-        if (ASN1_INTEGER_cmp(a_max, b_min) >= 0) {
-            X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE,
-                      X509V3_R_EXTENSION_VALUE_ERROR);
-            goto done;
-        }
-
-        /*
-         * Calculate a_max + 1 to check for adjacency.
-         */
-        if ((bn == NULL && (bn = BN_new()) == NULL) ||
-            ASN1_INTEGER_to_BN(a_max, bn) == NULL ||
-            !BN_add_word(bn, 1) ||
-            (a_max_plus_one =
-             BN_to_ASN1_INTEGER(bn, a_max_plus_one)) == NULL) {
-            X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE,
-                      ERR_R_MALLOC_FAILURE);
-            goto done;
-        }
-
-        /*
-         * If a and b are adjacent, merge them.
-         */
-        if (ASN1_INTEGER_cmp(a_max_plus_one, b_min) == 0) {
-            ASRange *r;
-            switch (a->type) {
-            case ASIdOrRange_id:
-                if ((r = OPENSSL_malloc(sizeof(ASRange))) == NULL) {
-                    X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE,
-                              ERR_R_MALLOC_FAILURE);
-                    goto done;
-                }
-                r->min = a_min;
-                r->max = b_max;
-                a->type = ASIdOrRange_range;
-                a->u.range = r;
-                break;
-            case ASIdOrRange_range:
-                ASN1_INTEGER_free(a->u.range->max);
-                a->u.range->max = b_max;
-                break;
-            }
-            switch (b->type) {
-            case ASIdOrRange_id:
-                b->u.id = NULL;
-                break;
-            case ASIdOrRange_range:
-                b->u.range->max = NULL;
-                break;
-            }
-            ASIdOrRange_free(b);
-            (void)sk_ASIdOrRange_delete(choice->u.asIdsOrRanges, i + 1);
-            i--;
-            continue;
-        }
-    }
-
-    /*
-     * Check for final inverted range.
-     */
-    i = sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1;
-    {
-        ASIdOrRange *a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i);
-        ASN1_INTEGER *a_min, *a_max;
-        if (a != NULL && a->type == ASIdOrRange_range) {
-            extract_min_max(a, &a_min, &a_max);
-            if (ASN1_INTEGER_cmp(a_min, a_max) > 0)
-                goto done;
-        }
-    }
-
-    OPENSSL_assert(ASIdentifierChoice_is_canonical(choice)); /* Paranoia */
-
-    ret = 1;
-
- done:
-    ASN1_INTEGER_free(a_max_plus_one);
-    BN_free(bn);
-    return ret;
-}
-
-/*
- * Whack an ASIdentifier extension into canonical form.
- */
-int v3_asid_canonize(ASIdentifiers *asid)
-{
-    return (asid == NULL ||
-            (ASIdentifierChoice_canonize(asid->asnum) &&
-             ASIdentifierChoice_canonize(asid->rdi)));
-}
-
-/*
- * v2i method for an ASIdentifier extension.
- */
-static void *v2i_ASIdentifiers(const struct v3_ext_method *method,
-                               struct v3_ext_ctx *ctx,
-                               STACK_OF(CONF_VALUE) *values)
-{
-    ASN1_INTEGER *min = NULL, *max = NULL;
-    ASIdentifiers *asid = NULL;
-    int i;
-
-    if ((asid = ASIdentifiers_new()) == NULL) {
-        X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
-        CONF_VALUE *val = sk_CONF_VALUE_value(values, i);
-        int i1, i2, i3, is_range, which;
-
-        /*
-         * Figure out whether this is an AS or an RDI.
-         */
-        if (!name_cmp(val->name, "AS")) {
-            which = V3_ASID_ASNUM;
-        } else if (!name_cmp(val->name, "RDI")) {
-            which = V3_ASID_RDI;
-        } else {
-            X509V3err(X509V3_F_V2I_ASIDENTIFIERS,
-                      X509V3_R_EXTENSION_NAME_ERROR);
-            X509V3_conf_err(val);
-            goto err;
-        }
-
-        /*
-         * Handle inheritance.
-         */
-        if (!strcmp(val->value, "inherit")) {
-            if (v3_asid_add_inherit(asid, which))
-                continue;
-            X509V3err(X509V3_F_V2I_ASIDENTIFIERS,
-                      X509V3_R_INVALID_INHERITANCE);
-            X509V3_conf_err(val);
-            goto err;
-        }
-
-        /*
-         * Number, range, or mistake, pick it apart and figure out which.
-         */
-        i1 = strspn(val->value, "0123456789");
-        if (val->value[i1] == '\0') {
-            is_range = 0;
-        } else {
-            is_range = 1;
-            i2 = i1 + strspn(val->value + i1, " \t");
-            if (val->value[i2] != '-') {
-                X509V3err(X509V3_F_V2I_ASIDENTIFIERS,
-                          X509V3_R_INVALID_ASNUMBER);
-                X509V3_conf_err(val);
-                goto err;
-            }
-            i2++;
-            i2 = i2 + strspn(val->value + i2, " \t");
-            i3 = i2 + strspn(val->value + i2, "0123456789");
-            if (val->value[i3] != '\0') {
-                X509V3err(X509V3_F_V2I_ASIDENTIFIERS,
-                          X509V3_R_INVALID_ASRANGE);
-                X509V3_conf_err(val);
-                goto err;
-            }
-        }
-
-        /*
-         * Syntax is ok, read and add it.
-         */
-        if (!is_range) {
-            if (!X509V3_get_value_int(val, &min)) {
-                X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-        } else {
-            char *s = BUF_strdup(val->value);
-            if (s == NULL) {
-                X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            s[i1] = '\0';
-            min = s2i_ASN1_INTEGER(NULL, s);
-            max = s2i_ASN1_INTEGER(NULL, s + i2);
-            OPENSSL_free(s);
-            if (min == NULL || max == NULL) {
-                X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            if (ASN1_INTEGER_cmp(min, max) > 0) {
-                X509V3err(X509V3_F_V2I_ASIDENTIFIERS,
-                          X509V3_R_EXTENSION_VALUE_ERROR);
-                goto err;
-            }
-        }
-        if (!v3_asid_add_id_or_range(asid, which, min, max)) {
-            X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        min = max = NULL;
-    }
-
-    /*
-     * Canonize the result, then we're done.
-     */
-    if (!v3_asid_canonize(asid))
-        goto err;
-    return asid;
-
- err:
-    ASIdentifiers_free(asid);
-    ASN1_INTEGER_free(min);
-    ASN1_INTEGER_free(max);
-    return NULL;
-}
-
-/*
- * OpenSSL dispatch.
- */
-const X509V3_EXT_METHOD v3_asid = {
-    NID_sbgp_autonomousSysNum,  /* nid */
-    0,                          /* flags */
-    ASN1_ITEM_ref(ASIdentifiers), /* template */
-    0, 0, 0, 0,                 /* old functions, ignored */
-    0,                          /* i2s */
-    0,                          /* s2i */
-    0,                          /* i2v */
-    v2i_ASIdentifiers,          /* v2i */
-    i2r_ASIdentifiers,          /* i2r */
-    0,                          /* r2i */
-    NULL                        /* extension-specific data */
-};
-
-/*
- * Figure out whether extension uses inheritance.
- */
-int v3_asid_inherits(ASIdentifiers *asid)
-{
-    return (asid != NULL &&
-            ((asid->asnum != NULL &&
-              asid->asnum->type == ASIdentifierChoice_inherit) ||
-             (asid->rdi != NULL &&
-              asid->rdi->type == ASIdentifierChoice_inherit)));
-}
-
-/*
- * Figure out whether parent contains child.
- */
-static int asid_contains(ASIdOrRanges *parent, ASIdOrRanges *child)
-{
-    ASN1_INTEGER *p_min, *p_max, *c_min, *c_max;
-    int p, c;
-
-    if (child == NULL || parent == child)
-        return 1;
-    if (parent == NULL)
-        return 0;
-
-    p = 0;
-    for (c = 0; c < sk_ASIdOrRange_num(child); c++) {
-        extract_min_max(sk_ASIdOrRange_value(child, c), &c_min, &c_max);
-        for (;; p++) {
-            if (p >= sk_ASIdOrRange_num(parent))
-                return 0;
-            extract_min_max(sk_ASIdOrRange_value(parent, p), &p_min, &p_max);
-            if (ASN1_INTEGER_cmp(p_max, c_max) < 0)
-                continue;
-            if (ASN1_INTEGER_cmp(p_min, c_min) > 0)
-                return 0;
-            break;
-        }
-    }
-
-    return 1;
-}
-
-/*
- * Test whether a is a subet of b.
- */
-int v3_asid_subset(ASIdentifiers *a, ASIdentifiers *b)
-{
-    return (a == NULL ||
-            a == b ||
-            (b != NULL &&
-             !v3_asid_inherits(a) &&
-             !v3_asid_inherits(b) &&
-             asid_contains(b->asnum->u.asIdsOrRanges,
-                           a->asnum->u.asIdsOrRanges) &&
-             asid_contains(b->rdi->u.asIdsOrRanges,
-                           a->rdi->u.asIdsOrRanges)));
-}
-
-/*
- * Validation error handling via callback.
- */
-# define validation_err(_err_)           \
-  do {                                  \
-    if (ctx != NULL) {                  \
-      ctx->error = _err_;               \
-      ctx->error_depth = i;             \
-      ctx->current_cert = x;            \
-      ret = ctx->verify_cb(0, ctx);     \
-    } else {                            \
-      ret = 0;                          \
-    }                                   \
-    if (!ret)                           \
-      goto done;                        \
-  } while (0)
-
-/*
- * Core code for RFC 3779 3.3 path validation.
- */
-static int v3_asid_validate_path_internal(X509_STORE_CTX *ctx,
-                                          STACK_OF(X509) *chain,
-                                          ASIdentifiers *ext)
-{
-    ASIdOrRanges *child_as = NULL, *child_rdi = NULL;
-    int i, ret = 1, inherit_as = 0, inherit_rdi = 0;
-    X509 *x;
-
-    OPENSSL_assert(chain != NULL && sk_X509_num(chain) > 0);
-    OPENSSL_assert(ctx != NULL || ext != NULL);
-    OPENSSL_assert(ctx == NULL || ctx->verify_cb != NULL);
-
-    /*
-     * Figure out where to start.  If we don't have an extension to
-     * check, we're done.  Otherwise, check canonical form and
-     * set up for walking up the chain.
-     */
-    if (ext != NULL) {
-        i = -1;
-        x = NULL;
-    } else {
-        i = 0;
-        x = sk_X509_value(chain, i);
-        OPENSSL_assert(x != NULL);
-        if ((ext = x->rfc3779_asid) == NULL)
-            goto done;
-    }
-    if (!v3_asid_is_canonical(ext))
-        validation_err(X509_V_ERR_INVALID_EXTENSION);
-    if (ext->asnum != NULL) {
-        switch (ext->asnum->type) {
-        case ASIdentifierChoice_inherit:
-            inherit_as = 1;
-            break;
-        case ASIdentifierChoice_asIdsOrRanges:
-            child_as = ext->asnum->u.asIdsOrRanges;
-            break;
-        }
-    }
-    if (ext->rdi != NULL) {
-        switch (ext->rdi->type) {
-        case ASIdentifierChoice_inherit:
-            inherit_rdi = 1;
-            break;
-        case ASIdentifierChoice_asIdsOrRanges:
-            child_rdi = ext->rdi->u.asIdsOrRanges;
-            break;
-        }
-    }
-
-    /*
-     * Now walk up the chain.  Extensions must be in canonical form, no
-     * cert may list resources that its parent doesn't list.
-     */
-    for (i++; i < sk_X509_num(chain); i++) {
-        x = sk_X509_value(chain, i);
-        OPENSSL_assert(x != NULL);
-        if (x->rfc3779_asid == NULL) {
-            if (child_as != NULL || child_rdi != NULL)
-                validation_err(X509_V_ERR_UNNESTED_RESOURCE);
-            continue;
-        }
-        if (!v3_asid_is_canonical(x->rfc3779_asid))
-            validation_err(X509_V_ERR_INVALID_EXTENSION);
-        if (x->rfc3779_asid->asnum == NULL && child_as != NULL) {
-            validation_err(X509_V_ERR_UNNESTED_RESOURCE);
-            child_as = NULL;
-            inherit_as = 0;
-        }
-        if (x->rfc3779_asid->asnum != NULL &&
-            x->rfc3779_asid->asnum->type ==
-            ASIdentifierChoice_asIdsOrRanges) {
-            if (inherit_as
-                || asid_contains(x->rfc3779_asid->asnum->u.asIdsOrRanges,
-                                 child_as)) {
-                child_as = x->rfc3779_asid->asnum->u.asIdsOrRanges;
-                inherit_as = 0;
-            } else {
-                validation_err(X509_V_ERR_UNNESTED_RESOURCE);
-            }
-        }
-        if (x->rfc3779_asid->rdi == NULL && child_rdi != NULL) {
-            validation_err(X509_V_ERR_UNNESTED_RESOURCE);
-            child_rdi = NULL;
-            inherit_rdi = 0;
-        }
-        if (x->rfc3779_asid->rdi != NULL &&
-            x->rfc3779_asid->rdi->type == ASIdentifierChoice_asIdsOrRanges) {
-            if (inherit_rdi ||
-                asid_contains(x->rfc3779_asid->rdi->u.asIdsOrRanges,
-                              child_rdi)) {
-                child_rdi = x->rfc3779_asid->rdi->u.asIdsOrRanges;
-                inherit_rdi = 0;
-            } else {
-                validation_err(X509_V_ERR_UNNESTED_RESOURCE);
-            }
-        }
-    }
-
-    /*
-     * Trust anchor can't inherit.
-     */
-    OPENSSL_assert(x != NULL);
-    if (x->rfc3779_asid != NULL) {
-        if (x->rfc3779_asid->asnum != NULL &&
-            x->rfc3779_asid->asnum->type == ASIdentifierChoice_inherit)
-            validation_err(X509_V_ERR_UNNESTED_RESOURCE);
-        if (x->rfc3779_asid->rdi != NULL &&
-            x->rfc3779_asid->rdi->type == ASIdentifierChoice_inherit)
-            validation_err(X509_V_ERR_UNNESTED_RESOURCE);
-    }
-
- done:
-    return ret;
-}
-
-# undef validation_err
-
-/*
- * RFC 3779 3.3 path validation -- called from X509_verify_cert().
- */
-int v3_asid_validate_path(X509_STORE_CTX *ctx)
-{
-    return v3_asid_validate_path_internal(ctx, ctx->chain, NULL);
-}
-
-/*
- * RFC 3779 3.3 path validation of an extension.
- * Test whether chain covers extension.
- */
-int v3_asid_validate_resource_set(STACK_OF(X509) *chain,
-                                  ASIdentifiers *ext, int allow_inheritance)
-{
-    if (ext == NULL)
-        return 1;
-    if (chain == NULL || sk_X509_num(chain) == 0)
-        return 0;
-    if (!allow_inheritance && v3_asid_inherits(ext))
-        return 0;
-    return v3_asid_validate_path_internal(NULL, chain, ext);
-}
-
-#endif                          /* OPENSSL_NO_RFC3779 */
diff --git a/thirdparty/openssl/crypto/x509v3/v3_bcons.c b/thirdparty/openssl/crypto/x509v3/v3_bcons.c
deleted file mode 100644
index dc00b9cb05..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_bcons.c
+++ /dev/null
@@ -1,132 +0,0 @@
-/* v3_bcons.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
-                                                   BASIC_CONSTRAINTS *bcons,
-                                                   STACK_OF(CONF_VALUE)
-                                                   *extlist);
-static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
-                                                X509V3_CTX *ctx,
-                                                STACK_OF(CONF_VALUE) *values);
-
-const X509V3_EXT_METHOD v3_bcons = {
-    NID_basic_constraints, 0,
-    ASN1_ITEM_ref(BASIC_CONSTRAINTS),
-    0, 0, 0, 0,
-    0, 0,
-    (X509V3_EXT_I2V) i2v_BASIC_CONSTRAINTS,
-    (X509V3_EXT_V2I)v2i_BASIC_CONSTRAINTS,
-    NULL, NULL,
-    NULL
-};
-
-ASN1_SEQUENCE(BASIC_CONSTRAINTS) = {
-        ASN1_OPT(BASIC_CONSTRAINTS, ca, ASN1_FBOOLEAN),
-        ASN1_OPT(BASIC_CONSTRAINTS, pathlen, ASN1_INTEGER)
-} ASN1_SEQUENCE_END(BASIC_CONSTRAINTS)
-
-IMPLEMENT_ASN1_FUNCTIONS(BASIC_CONSTRAINTS)
-
-static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
-                                                   BASIC_CONSTRAINTS *bcons,
-                                                   STACK_OF(CONF_VALUE)
-                                                   *extlist)
-{
-    X509V3_add_value_bool("CA", bcons->ca, &extlist);
-    X509V3_add_value_int("pathlen", bcons->pathlen, &extlist);
-    return extlist;
-}
-
-static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
-                                                X509V3_CTX *ctx,
-                                                STACK_OF(CONF_VALUE) *values)
-{
-    BASIC_CONSTRAINTS *bcons = NULL;
-    CONF_VALUE *val;
-    int i;
-    if (!(bcons = BASIC_CONSTRAINTS_new())) {
-        X509V3err(X509V3_F_V2I_BASIC_CONSTRAINTS, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
-        val = sk_CONF_VALUE_value(values, i);
-        if (!strcmp(val->name, "CA")) {
-            if (!X509V3_get_value_bool(val, &bcons->ca))
-                goto err;
-        } else if (!strcmp(val->name, "pathlen")) {
-            if (!X509V3_get_value_int(val, &bcons->pathlen))
-                goto err;
-        } else {
-            X509V3err(X509V3_F_V2I_BASIC_CONSTRAINTS, X509V3_R_INVALID_NAME);
-            X509V3_conf_err(val);
-            goto err;
-        }
-    }
-    return bcons;
- err:
-    BASIC_CONSTRAINTS_free(bcons);
-    return NULL;
-}
diff --git a/thirdparty/openssl/crypto/x509v3/v3_bitst.c b/thirdparty/openssl/crypto/x509v3/v3_bitst.c
deleted file mode 100644
index b7bb3b556f..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_bitst.c
+++ /dev/null
@@ -1,142 +0,0 @@
-/* v3_bitst.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static BIT_STRING_BITNAME ns_cert_type_table[] = {
-    {0, "SSL Client", "client"},
-    {1, "SSL Server", "server"},
-    {2, "S/MIME", "email"},
-    {3, "Object Signing", "objsign"},
-    {4, "Unused", "reserved"},
-    {5, "SSL CA", "sslCA"},
-    {6, "S/MIME CA", "emailCA"},
-    {7, "Object Signing CA", "objCA"},
-    {-1, NULL, NULL}
-};
-
-static BIT_STRING_BITNAME key_usage_type_table[] = {
-    {0, "Digital Signature", "digitalSignature"},
-    {1, "Non Repudiation", "nonRepudiation"},
-    {2, "Key Encipherment", "keyEncipherment"},
-    {3, "Data Encipherment", "dataEncipherment"},
-    {4, "Key Agreement", "keyAgreement"},
-    {5, "Certificate Sign", "keyCertSign"},
-    {6, "CRL Sign", "cRLSign"},
-    {7, "Encipher Only", "encipherOnly"},
-    {8, "Decipher Only", "decipherOnly"},
-    {-1, NULL, NULL}
-};
-
-const X509V3_EXT_METHOD v3_nscert =
-EXT_BITSTRING(NID_netscape_cert_type, ns_cert_type_table);
-const X509V3_EXT_METHOD v3_key_usage =
-EXT_BITSTRING(NID_key_usage, key_usage_type_table);
-
-STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
-                                          ASN1_BIT_STRING *bits,
-                                          STACK_OF(CONF_VALUE) *ret)
-{
-    BIT_STRING_BITNAME *bnam;
-    for (bnam = method->usr_data; bnam->lname; bnam++) {
-        if (ASN1_BIT_STRING_get_bit(bits, bnam->bitnum))
-            X509V3_add_value(bnam->lname, NULL, &ret);
-    }
-    return ret;
-}
-
-ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
-                                     X509V3_CTX *ctx,
-                                     STACK_OF(CONF_VALUE) *nval)
-{
-    CONF_VALUE *val;
-    ASN1_BIT_STRING *bs;
-    int i;
-    BIT_STRING_BITNAME *bnam;
-    if (!(bs = M_ASN1_BIT_STRING_new())) {
-        X509V3err(X509V3_F_V2I_ASN1_BIT_STRING, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-        val = sk_CONF_VALUE_value(nval, i);
-        for (bnam = method->usr_data; bnam->lname; bnam++) {
-            if (!strcmp(bnam->sname, val->name) ||
-                !strcmp(bnam->lname, val->name)) {
-                if (!ASN1_BIT_STRING_set_bit(bs, bnam->bitnum, 1)) {
-                    X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,
-                              ERR_R_MALLOC_FAILURE);
-                    M_ASN1_BIT_STRING_free(bs);
-                    return NULL;
-                }
-                break;
-            }
-        }
-        if (!bnam->lname) {
-            X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,
-                      X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT);
-            X509V3_conf_err(val);
-            M_ASN1_BIT_STRING_free(bs);
-            return NULL;
-        }
-    }
-    return bs;
-}
diff --git a/thirdparty/openssl/crypto/x509v3/v3_conf.c b/thirdparty/openssl/crypto/x509v3/v3_conf.c
deleted file mode 100644
index c1b4c1a89f..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_conf.c
+++ /dev/null
@@ -1,534 +0,0 @@
-/* v3_conf.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* extension creation utilities */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-static int v3_check_critical(char **value);
-static int v3_check_generic(char **value);
-static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid,
-                                    int crit, char *value);
-static X509_EXTENSION *v3_generic_extension(const char *ext, char *value,
-                                            int crit, int type,
-                                            X509V3_CTX *ctx);
-static char *conf_lhash_get_string(void *db, char *section, char *value);
-static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section);
-static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method,
-                                  int ext_nid, int crit, void *ext_struc);
-static unsigned char *generic_asn1(char *value, X509V3_CTX *ctx,
-                                   long *ext_len);
-/* CONF *conf:  Config file    */
-/* char *name:  Name    */
-/* char *value:  Value    */
-X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name,
-                                 char *value)
-{
-    int crit;
-    int ext_type;
-    X509_EXTENSION *ret;
-    crit = v3_check_critical(&value);
-    if ((ext_type = v3_check_generic(&value)))
-        return v3_generic_extension(name, value, crit, ext_type, ctx);
-    ret = do_ext_nconf(conf, ctx, OBJ_sn2nid(name), crit, value);
-    if (!ret) {
-        X509V3err(X509V3_F_X509V3_EXT_NCONF, X509V3_R_ERROR_IN_EXTENSION);
-        ERR_add_error_data(4, "name=", name, ", value=", value);
-    }
-    return ret;
-}
-
-/* CONF *conf:  Config file    */
-/* char *value:  Value    */
-X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid,
-                                     char *value)
-{
-    int crit;
-    int ext_type;
-    crit = v3_check_critical(&value);
-    if ((ext_type = v3_check_generic(&value)))
-        return v3_generic_extension(OBJ_nid2sn(ext_nid),
-                                    value, crit, ext_type, ctx);
-    return do_ext_nconf(conf, ctx, ext_nid, crit, value);
-}
-
-/* CONF *conf:  Config file    */
-/* char *value:  Value    */
-static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid,
-                                    int crit, char *value)
-{
-    const X509V3_EXT_METHOD *method;
-    X509_EXTENSION *ext;
-    STACK_OF(CONF_VALUE) *nval;
-    void *ext_struc;
-    if (ext_nid == NID_undef) {
-        X509V3err(X509V3_F_DO_EXT_NCONF, X509V3_R_UNKNOWN_EXTENSION_NAME);
-        return NULL;
-    }
-    if (!(method = X509V3_EXT_get_nid(ext_nid))) {
-        X509V3err(X509V3_F_DO_EXT_NCONF, X509V3_R_UNKNOWN_EXTENSION);
-        return NULL;
-    }
-    /* Now get internal extension representation based on type */
-    if (method->v2i) {
-        if (*value == '@')
-            nval = NCONF_get_section(conf, value + 1);
-        else
-            nval = X509V3_parse_list(value);
-        if (nval == NULL || sk_CONF_VALUE_num(nval) <= 0) {
-            X509V3err(X509V3_F_DO_EXT_NCONF,
-                      X509V3_R_INVALID_EXTENSION_STRING);
-            ERR_add_error_data(4, "name=", OBJ_nid2sn(ext_nid), ",section=",
-                               value);
-            if (*value != '@')
-                sk_CONF_VALUE_free(nval);
-            return NULL;
-        }
-        ext_struc = method->v2i(method, ctx, nval);
-        if (*value != '@')
-            sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
-        if (!ext_struc)
-            return NULL;
-    } else if (method->s2i) {
-        if (!(ext_struc = method->s2i(method, ctx, value)))
-            return NULL;
-    } else if (method->r2i) {
-        if (!ctx->db || !ctx->db_meth) {
-            X509V3err(X509V3_F_DO_EXT_NCONF, X509V3_R_NO_CONFIG_DATABASE);
-            return NULL;
-        }
-        if (!(ext_struc = method->r2i(method, ctx, value)))
-            return NULL;
-    } else {
-        X509V3err(X509V3_F_DO_EXT_NCONF,
-                  X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED);
-        ERR_add_error_data(2, "name=", OBJ_nid2sn(ext_nid));
-        return NULL;
-    }
-
-    ext = do_ext_i2d(method, ext_nid, crit, ext_struc);
-    if (method->it)
-        ASN1_item_free(ext_struc, ASN1_ITEM_ptr(method->it));
-    else
-        method->ext_free(ext_struc);
-    return ext;
-
-}
-
-static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method,
-                                  int ext_nid, int crit, void *ext_struc)
-{
-    unsigned char *ext_der;
-    int ext_len;
-    ASN1_OCTET_STRING *ext_oct;
-    X509_EXTENSION *ext;
-    /* Convert internal representation to DER */
-    if (method->it) {
-        ext_der = NULL;
-        ext_len =
-            ASN1_item_i2d(ext_struc, &ext_der, ASN1_ITEM_ptr(method->it));
-        if (ext_len < 0)
-            goto merr;
-    } else {
-        unsigned char *p;
-        ext_len = method->i2d(ext_struc, NULL);
-        if (!(ext_der = OPENSSL_malloc(ext_len)))
-            goto merr;
-        p = ext_der;
-        method->i2d(ext_struc, &p);
-    }
-    if (!(ext_oct = M_ASN1_OCTET_STRING_new()))
-        goto merr;
-    ext_oct->data = ext_der;
-    ext_oct->length = ext_len;
-
-    ext = X509_EXTENSION_create_by_NID(NULL, ext_nid, crit, ext_oct);
-    if (!ext)
-        goto merr;
-    M_ASN1_OCTET_STRING_free(ext_oct);
-
-    return ext;
-
- merr:
-    X509V3err(X509V3_F_DO_EXT_I2D, ERR_R_MALLOC_FAILURE);
-    return NULL;
-
-}
-
-/* Given an internal structure, nid and critical flag create an extension */
-
-X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc)
-{
-    const X509V3_EXT_METHOD *method;
-    if (!(method = X509V3_EXT_get_nid(ext_nid))) {
-        X509V3err(X509V3_F_X509V3_EXT_I2D, X509V3_R_UNKNOWN_EXTENSION);
-        return NULL;
-    }
-    return do_ext_i2d(method, ext_nid, crit, ext_struc);
-}
-
-/* Check the extension string for critical flag */
-static int v3_check_critical(char **value)
-{
-    char *p = *value;
-    if ((strlen(p) < 9) || strncmp(p, "critical,", 9))
-        return 0;
-    p += 9;
-    while (isspace((unsigned char)*p))
-        p++;
-    *value = p;
-    return 1;
-}
-
-/* Check extension string for generic extension and return the type */
-static int v3_check_generic(char **value)
-{
-    int gen_type = 0;
-    char *p = *value;
-    if ((strlen(p) >= 4) && !strncmp(p, "DER:", 4)) {
-        p += 4;
-        gen_type = 1;
-    } else if ((strlen(p) >= 5) && !strncmp(p, "ASN1:", 5)) {
-        p += 5;
-        gen_type = 2;
-    } else
-        return 0;
-
-    while (isspace((unsigned char)*p))
-        p++;
-    *value = p;
-    return gen_type;
-}
-
-/* Create a generic extension: for now just handle DER type */
-static X509_EXTENSION *v3_generic_extension(const char *ext, char *value,
-                                            int crit, int gen_type,
-                                            X509V3_CTX *ctx)
-{
-    unsigned char *ext_der = NULL;
-    long ext_len;
-    ASN1_OBJECT *obj = NULL;
-    ASN1_OCTET_STRING *oct = NULL;
-    X509_EXTENSION *extension = NULL;
-    if (!(obj = OBJ_txt2obj(ext, 0))) {
-        X509V3err(X509V3_F_V3_GENERIC_EXTENSION,
-                  X509V3_R_EXTENSION_NAME_ERROR);
-        ERR_add_error_data(2, "name=", ext);
-        goto err;
-    }
-
-    if (gen_type == 1)
-        ext_der = string_to_hex(value, &ext_len);
-    else if (gen_type == 2)
-        ext_der = generic_asn1(value, ctx, &ext_len);
-
-    if (ext_der == NULL) {
-        X509V3err(X509V3_F_V3_GENERIC_EXTENSION,
-                  X509V3_R_EXTENSION_VALUE_ERROR);
-        ERR_add_error_data(2, "value=", value);
-        goto err;
-    }
-
-    if (!(oct = M_ASN1_OCTET_STRING_new())) {
-        X509V3err(X509V3_F_V3_GENERIC_EXTENSION, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    oct->data = ext_der;
-    oct->length = ext_len;
-    ext_der = NULL;
-
-    extension = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct);
-
- err:
-    ASN1_OBJECT_free(obj);
-    M_ASN1_OCTET_STRING_free(oct);
-    if (ext_der)
-        OPENSSL_free(ext_der);
-    return extension;
-
-}
-
-static unsigned char *generic_asn1(char *value, X509V3_CTX *ctx,
-                                   long *ext_len)
-{
-    ASN1_TYPE *typ;
-    unsigned char *ext_der = NULL;
-    typ = ASN1_generate_v3(value, ctx);
-    if (typ == NULL)
-        return NULL;
-    *ext_len = i2d_ASN1_TYPE(typ, &ext_der);
-    ASN1_TYPE_free(typ);
-    return ext_der;
-}
-
-/*
- * This is the main function: add a bunch of extensions based on a config
- * file section to an extension STACK.
- */
-
-int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section,
-                            STACK_OF(X509_EXTENSION) **sk)
-{
-    X509_EXTENSION *ext;
-    STACK_OF(CONF_VALUE) *nval;
-    CONF_VALUE *val;
-    int i;
-    if (!(nval = NCONF_get_section(conf, section)))
-        return 0;
-    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-        val = sk_CONF_VALUE_value(nval, i);
-        if (!(ext = X509V3_EXT_nconf(conf, ctx, val->name, val->value)))
-            return 0;
-        if (sk)
-            X509v3_add_ext(sk, ext, -1);
-        X509_EXTENSION_free(ext);
-    }
-    return 1;
-}
-
-/*
- * Convenience functions to add extensions to a certificate, CRL and request
- */
-
-int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
-                         X509 *cert)
-{
-    STACK_OF(X509_EXTENSION) **sk = NULL;
-    if (cert)
-        sk = &cert->cert_info->extensions;
-    return X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);
-}
-
-/* Same as above but for a CRL */
-
-int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
-                             X509_CRL *crl)
-{
-    STACK_OF(X509_EXTENSION) **sk = NULL;
-    if (crl)
-        sk = &crl->crl->extensions;
-    return X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);
-}
-
-/* Add extensions to certificate request */
-
-int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
-                             X509_REQ *req)
-{
-    STACK_OF(X509_EXTENSION) *extlist = NULL, **sk = NULL;
-    int i;
-    if (req)
-        sk = &extlist;
-    i = X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);
-    if (!i || !sk)
-        return i;
-    i = X509_REQ_add_extensions(req, extlist);
-    sk_X509_EXTENSION_pop_free(extlist, X509_EXTENSION_free);
-    return i;
-}
-
-/* Config database functions */
-
-char *X509V3_get_string(X509V3_CTX *ctx, char *name, char *section)
-{
-    if (!ctx->db || !ctx->db_meth || !ctx->db_meth->get_string) {
-        X509V3err(X509V3_F_X509V3_GET_STRING, X509V3_R_OPERATION_NOT_DEFINED);
-        return NULL;
-    }
-    if (ctx->db_meth->get_string)
-        return ctx->db_meth->get_string(ctx->db, name, section);
-    return NULL;
-}
-
-STACK_OF(CONF_VALUE) *X509V3_get_section(X509V3_CTX *ctx, char *section)
-{
-    if (!ctx->db || !ctx->db_meth || !ctx->db_meth->get_section) {
-        X509V3err(X509V3_F_X509V3_GET_SECTION,
-                  X509V3_R_OPERATION_NOT_DEFINED);
-        return NULL;
-    }
-    if (ctx->db_meth->get_section)
-        return ctx->db_meth->get_section(ctx->db, section);
-    return NULL;
-}
-
-void X509V3_string_free(X509V3_CTX *ctx, char *str)
-{
-    if (!str)
-        return;
-    if (ctx->db_meth->free_string)
-        ctx->db_meth->free_string(ctx->db, str);
-}
-
-void X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section)
-{
-    if (!section)
-        return;
-    if (ctx->db_meth->free_section)
-        ctx->db_meth->free_section(ctx->db, section);
-}
-
-static char *nconf_get_string(void *db, char *section, char *value)
-{
-    return NCONF_get_string(db, section, value);
-}
-
-static STACK_OF(CONF_VALUE) *nconf_get_section(void *db, char *section)
-{
-    return NCONF_get_section(db, section);
-}
-
-static X509V3_CONF_METHOD nconf_method = {
-    nconf_get_string,
-    nconf_get_section,
-    NULL,
-    NULL
-};
-
-void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf)
-{
-    ctx->db_meth = &nconf_method;
-    ctx->db = conf;
-}
-
-void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subj, X509_REQ *req,
-                    X509_CRL *crl, int flags)
-{
-    ctx->issuer_cert = issuer;
-    ctx->subject_cert = subj;
-    ctx->crl = crl;
-    ctx->subject_req = req;
-    ctx->flags = flags;
-}
-
-/* Old conf compatibility functions */
-
-X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-                                char *name, char *value)
-{
-    CONF ctmp;
-    CONF_set_nconf(&ctmp, conf);
-    return X509V3_EXT_nconf(&ctmp, ctx, name, value);
-}
-
-/* LHASH *conf:  Config file    */
-/* char *value:  Value    */
-X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf,
-                                    X509V3_CTX *ctx, int ext_nid, char *value)
-{
-    CONF ctmp;
-    CONF_set_nconf(&ctmp, conf);
-    return X509V3_EXT_nconf_nid(&ctmp, ctx, ext_nid, value);
-}
-
-static char *conf_lhash_get_string(void *db, char *section, char *value)
-{
-    return CONF_get_string(db, section, value);
-}
-
-static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section)
-{
-    return CONF_get_section(db, section);
-}
-
-static X509V3_CONF_METHOD conf_lhash_method = {
-    conf_lhash_get_string,
-    conf_lhash_get_section,
-    NULL,
-    NULL
-};
-
-void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash)
-{
-    ctx->db_meth = &conf_lhash_method;
-    ctx->db = lhash;
-}
-
-int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-                        char *section, X509 *cert)
-{
-    CONF ctmp;
-    CONF_set_nconf(&ctmp, conf);
-    return X509V3_EXT_add_nconf(&ctmp, ctx, section, cert);
-}
-
-/* Same as above but for a CRL */
-
-int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-                            char *section, X509_CRL *crl)
-{
-    CONF ctmp;
-    CONF_set_nconf(&ctmp, conf);
-    return X509V3_EXT_CRL_add_nconf(&ctmp, ctx, section, crl);
-}
-
-/* Add extensions to certificate request */
-
-int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-                            char *section, X509_REQ *req)
-{
-    CONF ctmp;
-    CONF_set_nconf(&ctmp, conf);
-    return X509V3_EXT_REQ_add_nconf(&ctmp, ctx, section, req);
-}
diff --git a/thirdparty/openssl/crypto/x509v3/v3_cpols.c b/thirdparty/openssl/crypto/x509v3/v3_cpols.c
deleted file mode 100644
index b99269e7f8..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_cpols.c
+++ /dev/null
@@ -1,497 +0,0 @@
-/* v3_cpols.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509v3.h>
-
-#include "pcy_int.h"
-
-/* Certificate policies extension support: this one is a bit complex... */
-
-static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol,
-                       BIO *out, int indent);
-static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
-                                         X509V3_CTX *ctx, char *value);
-static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals,
-                             int indent);
-static void print_notice(BIO *out, USERNOTICE *notice, int indent);
-static POLICYINFO *policy_section(X509V3_CTX *ctx,
-                                  STACK_OF(CONF_VALUE) *polstrs, int ia5org);
-static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
-                                      STACK_OF(CONF_VALUE) *unot, int ia5org);
-static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos);
-
-const X509V3_EXT_METHOD v3_cpols = {
-    NID_certificate_policies, 0, ASN1_ITEM_ref(CERTIFICATEPOLICIES),
-    0, 0, 0, 0,
-    0, 0,
-    0, 0,
-    (X509V3_EXT_I2R)i2r_certpol,
-    (X509V3_EXT_R2I)r2i_certpol,
-    NULL
-};
-
-ASN1_ITEM_TEMPLATE(CERTIFICATEPOLICIES) =
-        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, CERTIFICATEPOLICIES, POLICYINFO)
-ASN1_ITEM_TEMPLATE_END(CERTIFICATEPOLICIES)
-
-IMPLEMENT_ASN1_FUNCTIONS(CERTIFICATEPOLICIES)
-
-ASN1_SEQUENCE(POLICYINFO) = {
-        ASN1_SIMPLE(POLICYINFO, policyid, ASN1_OBJECT),
-        ASN1_SEQUENCE_OF_OPT(POLICYINFO, qualifiers, POLICYQUALINFO)
-} ASN1_SEQUENCE_END(POLICYINFO)
-
-IMPLEMENT_ASN1_FUNCTIONS(POLICYINFO)
-
-ASN1_ADB_TEMPLATE(policydefault) = ASN1_SIMPLE(POLICYQUALINFO, d.other, ASN1_ANY);
-
-ASN1_ADB(POLICYQUALINFO) = {
-        ADB_ENTRY(NID_id_qt_cps, ASN1_SIMPLE(POLICYQUALINFO, d.cpsuri, ASN1_IA5STRING)),
-        ADB_ENTRY(NID_id_qt_unotice, ASN1_SIMPLE(POLICYQUALINFO, d.usernotice, USERNOTICE))
-} ASN1_ADB_END(POLICYQUALINFO, 0, pqualid, 0, &policydefault_tt, NULL);
-
-ASN1_SEQUENCE(POLICYQUALINFO) = {
-        ASN1_SIMPLE(POLICYQUALINFO, pqualid, ASN1_OBJECT),
-        ASN1_ADB_OBJECT(POLICYQUALINFO)
-} ASN1_SEQUENCE_END(POLICYQUALINFO)
-
-IMPLEMENT_ASN1_FUNCTIONS(POLICYQUALINFO)
-
-ASN1_SEQUENCE(USERNOTICE) = {
-        ASN1_OPT(USERNOTICE, noticeref, NOTICEREF),
-        ASN1_OPT(USERNOTICE, exptext, DISPLAYTEXT)
-} ASN1_SEQUENCE_END(USERNOTICE)
-
-IMPLEMENT_ASN1_FUNCTIONS(USERNOTICE)
-
-ASN1_SEQUENCE(NOTICEREF) = {
-        ASN1_SIMPLE(NOTICEREF, organization, DISPLAYTEXT),
-        ASN1_SEQUENCE_OF(NOTICEREF, noticenos, ASN1_INTEGER)
-} ASN1_SEQUENCE_END(NOTICEREF)
-
-IMPLEMENT_ASN1_FUNCTIONS(NOTICEREF)
-
-static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
-                                         X509V3_CTX *ctx, char *value)
-{
-    STACK_OF(POLICYINFO) *pols = NULL;
-    char *pstr;
-    POLICYINFO *pol;
-    ASN1_OBJECT *pobj;
-    STACK_OF(CONF_VALUE) *vals;
-    CONF_VALUE *cnf;
-    int i, ia5org;
-    pols = sk_POLICYINFO_new_null();
-    if (pols == NULL) {
-        X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    vals = X509V3_parse_list(value);
-    if (vals == NULL) {
-        X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_X509V3_LIB);
-        goto err;
-    }
-    ia5org = 0;
-    for (i = 0; i < sk_CONF_VALUE_num(vals); i++) {
-        cnf = sk_CONF_VALUE_value(vals, i);
-        if (cnf->value || !cnf->name) {
-            X509V3err(X509V3_F_R2I_CERTPOL,
-                      X509V3_R_INVALID_POLICY_IDENTIFIER);
-            X509V3_conf_err(cnf);
-            goto err;
-        }
-        pstr = cnf->name;
-        if (!strcmp(pstr, "ia5org")) {
-            ia5org = 1;
-            continue;
-        } else if (*pstr == '@') {
-            STACK_OF(CONF_VALUE) *polsect;
-            polsect = X509V3_get_section(ctx, pstr + 1);
-            if (!polsect) {
-                X509V3err(X509V3_F_R2I_CERTPOL, X509V3_R_INVALID_SECTION);
-
-                X509V3_conf_err(cnf);
-                goto err;
-            }
-            pol = policy_section(ctx, polsect, ia5org);
-            X509V3_section_free(ctx, polsect);
-            if (!pol)
-                goto err;
-        } else {
-            if (!(pobj = OBJ_txt2obj(cnf->name, 0))) {
-                X509V3err(X509V3_F_R2I_CERTPOL,
-                          X509V3_R_INVALID_OBJECT_IDENTIFIER);
-                X509V3_conf_err(cnf);
-                goto err;
-            }
-            pol = POLICYINFO_new();
-            if (pol == NULL) {
-                X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            pol->policyid = pobj;
-        }
-        if (!sk_POLICYINFO_push(pols, pol)) {
-            POLICYINFO_free(pol);
-            X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-    }
-    sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
-    return pols;
- err:
-    sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
-    sk_POLICYINFO_pop_free(pols, POLICYINFO_free);
-    return NULL;
-}
-
-static POLICYINFO *policy_section(X509V3_CTX *ctx,
-                                  STACK_OF(CONF_VALUE) *polstrs, int ia5org)
-{
-    int i;
-    CONF_VALUE *cnf;
-    POLICYINFO *pol;
-    POLICYQUALINFO *qual;
-    if (!(pol = POLICYINFO_new()))
-        goto merr;
-    for (i = 0; i < sk_CONF_VALUE_num(polstrs); i++) {
-        cnf = sk_CONF_VALUE_value(polstrs, i);
-        if (!strcmp(cnf->name, "policyIdentifier")) {
-            ASN1_OBJECT *pobj;
-            if (!(pobj = OBJ_txt2obj(cnf->value, 0))) {
-                X509V3err(X509V3_F_POLICY_SECTION,
-                          X509V3_R_INVALID_OBJECT_IDENTIFIER);
-                X509V3_conf_err(cnf);
-                goto err;
-            }
-            pol->policyid = pobj;
-
-        } else if (!name_cmp(cnf->name, "CPS")) {
-            if (!pol->qualifiers)
-                pol->qualifiers = sk_POLICYQUALINFO_new_null();
-            if (!(qual = POLICYQUALINFO_new()))
-                goto merr;
-            if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual))
-                goto merr;
-            if (!(qual->pqualid = OBJ_nid2obj(NID_id_qt_cps))) {
-                X509V3err(X509V3_F_POLICY_SECTION, ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-            if (!(qual->d.cpsuri = M_ASN1_IA5STRING_new()))
-                goto merr;
-            if (!ASN1_STRING_set(qual->d.cpsuri, cnf->value,
-                                 strlen(cnf->value)))
-                goto merr;
-        } else if (!name_cmp(cnf->name, "userNotice")) {
-            STACK_OF(CONF_VALUE) *unot;
-            if (*cnf->value != '@') {
-                X509V3err(X509V3_F_POLICY_SECTION,
-                          X509V3_R_EXPECTED_A_SECTION_NAME);
-                X509V3_conf_err(cnf);
-                goto err;
-            }
-            unot = X509V3_get_section(ctx, cnf->value + 1);
-            if (!unot) {
-                X509V3err(X509V3_F_POLICY_SECTION, X509V3_R_INVALID_SECTION);
-
-                X509V3_conf_err(cnf);
-                goto err;
-            }
-            qual = notice_section(ctx, unot, ia5org);
-            X509V3_section_free(ctx, unot);
-            if (!qual)
-                goto err;
-            if (!pol->qualifiers)
-                pol->qualifiers = sk_POLICYQUALINFO_new_null();
-            if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual))
-                goto merr;
-        } else {
-            X509V3err(X509V3_F_POLICY_SECTION, X509V3_R_INVALID_OPTION);
-
-            X509V3_conf_err(cnf);
-            goto err;
-        }
-    }
-    if (!pol->policyid) {
-        X509V3err(X509V3_F_POLICY_SECTION, X509V3_R_NO_POLICY_IDENTIFIER);
-        goto err;
-    }
-
-    return pol;
-
- merr:
-    X509V3err(X509V3_F_POLICY_SECTION, ERR_R_MALLOC_FAILURE);
-
- err:
-    POLICYINFO_free(pol);
-    return NULL;
-
-}
-
-static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
-                                      STACK_OF(CONF_VALUE) *unot, int ia5org)
-{
-    int i, ret;
-    CONF_VALUE *cnf;
-    USERNOTICE *not;
-    POLICYQUALINFO *qual;
-    if (!(qual = POLICYQUALINFO_new()))
-        goto merr;
-    if (!(qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice))) {
-        X509V3err(X509V3_F_NOTICE_SECTION, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-    if (!(not = USERNOTICE_new()))
-        goto merr;
-    qual->d.usernotice = not;
-    for (i = 0; i < sk_CONF_VALUE_num(unot); i++) {
-        cnf = sk_CONF_VALUE_value(unot, i);
-        if (!strcmp(cnf->name, "explicitText")) {
-            if (!(not->exptext = M_ASN1_VISIBLESTRING_new()))
-                goto merr;
-            if (!ASN1_STRING_set(not->exptext, cnf->value,
-                                 strlen(cnf->value)))
-                goto merr;
-        } else if (!strcmp(cnf->name, "organization")) {
-            NOTICEREF *nref;
-            if (!not->noticeref) {
-                if (!(nref = NOTICEREF_new()))
-                    goto merr;
-                not->noticeref = nref;
-            } else
-                nref = not->noticeref;
-            if (ia5org)
-                nref->organization->type = V_ASN1_IA5STRING;
-            else
-                nref->organization->type = V_ASN1_VISIBLESTRING;
-            if (!ASN1_STRING_set(nref->organization, cnf->value,
-                                 strlen(cnf->value)))
-                goto merr;
-        } else if (!strcmp(cnf->name, "noticeNumbers")) {
-            NOTICEREF *nref;
-            STACK_OF(CONF_VALUE) *nos;
-            if (!not->noticeref) {
-                if (!(nref = NOTICEREF_new()))
-                    goto merr;
-                not->noticeref = nref;
-            } else
-                nref = not->noticeref;
-            nos = X509V3_parse_list(cnf->value);
-            if (!nos || !sk_CONF_VALUE_num(nos)) {
-                X509V3err(X509V3_F_NOTICE_SECTION, X509V3_R_INVALID_NUMBERS);
-                X509V3_conf_err(cnf);
-                goto err;
-            }
-            ret = nref_nos(nref->noticenos, nos);
-            sk_CONF_VALUE_pop_free(nos, X509V3_conf_free);
-            if (!ret)
-                goto err;
-        } else {
-            X509V3err(X509V3_F_NOTICE_SECTION, X509V3_R_INVALID_OPTION);
-            X509V3_conf_err(cnf);
-            goto err;
-        }
-    }
-
-    if (not->noticeref &&
-        (!not->noticeref->noticenos || !not->noticeref->organization)) {
-        X509V3err(X509V3_F_NOTICE_SECTION,
-                  X509V3_R_NEED_ORGANIZATION_AND_NUMBERS);
-        goto err;
-    }
-
-    return qual;
-
- merr:
-    X509V3err(X509V3_F_NOTICE_SECTION, ERR_R_MALLOC_FAILURE);
-
- err:
-    POLICYQUALINFO_free(qual);
-    return NULL;
-}
-
-static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos)
-{
-    CONF_VALUE *cnf;
-    ASN1_INTEGER *aint;
-
-    int i;
-
-    for (i = 0; i < sk_CONF_VALUE_num(nos); i++) {
-        cnf = sk_CONF_VALUE_value(nos, i);
-        if (!(aint = s2i_ASN1_INTEGER(NULL, cnf->name))) {
-            X509V3err(X509V3_F_NREF_NOS, X509V3_R_INVALID_NUMBER);
-            goto err;
-        }
-        if (!sk_ASN1_INTEGER_push(nnums, aint))
-            goto merr;
-    }
-    return 1;
-
- merr:
-    ASN1_INTEGER_free(aint);
-    X509V3err(X509V3_F_NREF_NOS, ERR_R_MALLOC_FAILURE);
-
- err:
-    return 0;
-}
-
-static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol,
-                       BIO *out, int indent)
-{
-    int i;
-    POLICYINFO *pinfo;
-    /* First print out the policy OIDs */
-    for (i = 0; i < sk_POLICYINFO_num(pol); i++) {
-        pinfo = sk_POLICYINFO_value(pol, i);
-        BIO_printf(out, "%*sPolicy: ", indent, "");
-        i2a_ASN1_OBJECT(out, pinfo->policyid);
-        BIO_puts(out, "\n");
-        if (pinfo->qualifiers)
-            print_qualifiers(out, pinfo->qualifiers, indent + 2);
-    }
-    return 1;
-}
-
-static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals,
-                             int indent)
-{
-    POLICYQUALINFO *qualinfo;
-    int i;
-    for (i = 0; i < sk_POLICYQUALINFO_num(quals); i++) {
-        qualinfo = sk_POLICYQUALINFO_value(quals, i);
-        switch (OBJ_obj2nid(qualinfo->pqualid)) {
-        case NID_id_qt_cps:
-            BIO_printf(out, "%*sCPS: %s\n", indent, "",
-                       qualinfo->d.cpsuri->data);
-            break;
-
-        case NID_id_qt_unotice:
-            BIO_printf(out, "%*sUser Notice:\n", indent, "");
-            print_notice(out, qualinfo->d.usernotice, indent + 2);
-            break;
-
-        default:
-            BIO_printf(out, "%*sUnknown Qualifier: ", indent + 2, "");
-
-            i2a_ASN1_OBJECT(out, qualinfo->pqualid);
-            BIO_puts(out, "\n");
-            break;
-        }
-    }
-}
-
-static void print_notice(BIO *out, USERNOTICE *notice, int indent)
-{
-    int i;
-    if (notice->noticeref) {
-        NOTICEREF *ref;
-        ref = notice->noticeref;
-        BIO_printf(out, "%*sOrganization: %s\n", indent, "",
-                   ref->organization->data);
-        BIO_printf(out, "%*sNumber%s: ", indent, "",
-                   sk_ASN1_INTEGER_num(ref->noticenos) > 1 ? "s" : "");
-        for (i = 0; i < sk_ASN1_INTEGER_num(ref->noticenos); i++) {
-            ASN1_INTEGER *num;
-            char *tmp;
-            num = sk_ASN1_INTEGER_value(ref->noticenos, i);
-            if (i)
-                BIO_puts(out, ", ");
-            if (num == NULL)
-                BIO_puts(out, "(null)");
-            else {
-                tmp = i2s_ASN1_INTEGER(NULL, num);
-                if (tmp == NULL)
-                    return;
-                BIO_puts(out, tmp);
-                OPENSSL_free(tmp);
-            }
-        }
-        BIO_puts(out, "\n");
-    }
-    if (notice->exptext)
-        BIO_printf(out, "%*sExplicit Text: %s\n", indent, "",
-                   notice->exptext->data);
-}
-
-void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent)
-{
-    const X509_POLICY_DATA *dat = node->data;
-
-    BIO_printf(out, "%*sPolicy: ", indent, "");
-
-    i2a_ASN1_OBJECT(out, dat->valid_policy);
-    BIO_puts(out, "\n");
-    BIO_printf(out, "%*s%s\n", indent + 2, "",
-               node_data_critical(dat) ? "Critical" : "Non Critical");
-    if (dat->qualifier_set)
-        print_qualifiers(out, dat->qualifier_set, indent + 2);
-    else
-        BIO_printf(out, "%*sNo Qualifiers\n", indent + 2, "");
-}
-
-
-IMPLEMENT_STACK_OF(X509_POLICY_NODE)
-
-IMPLEMENT_STACK_OF(X509_POLICY_DATA)
diff --git a/thirdparty/openssl/crypto/x509v3/v3_crld.c b/thirdparty/openssl/crypto/x509v3/v3_crld.c
deleted file mode 100644
index d3e1d1b057..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_crld.c
+++ /dev/null
@@ -1,562 +0,0 @@
-/* v3_crld.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509v3.h>
-
-static void *v2i_crld(const X509V3_EXT_METHOD *method,
-                      X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static int i2r_crldp(const X509V3_EXT_METHOD *method, void *pcrldp, BIO *out,
-                     int indent);
-
-const X509V3_EXT_METHOD v3_crld = {
-    NID_crl_distribution_points, 0, ASN1_ITEM_ref(CRL_DIST_POINTS),
-    0, 0, 0, 0,
-    0, 0,
-    0,
-    v2i_crld,
-    i2r_crldp, 0,
-    NULL
-};
-
-const X509V3_EXT_METHOD v3_freshest_crl = {
-    NID_freshest_crl, 0, ASN1_ITEM_ref(CRL_DIST_POINTS),
-    0, 0, 0, 0,
-    0, 0,
-    0,
-    v2i_crld,
-    i2r_crldp, 0,
-    NULL
-};
-
-static STACK_OF(GENERAL_NAME) *gnames_from_sectname(X509V3_CTX *ctx,
-                                                    char *sect)
-{
-    STACK_OF(CONF_VALUE) *gnsect;
-    STACK_OF(GENERAL_NAME) *gens;
-    if (*sect == '@')
-        gnsect = X509V3_get_section(ctx, sect + 1);
-    else
-        gnsect = X509V3_parse_list(sect);
-    if (!gnsect) {
-        X509V3err(X509V3_F_GNAMES_FROM_SECTNAME, X509V3_R_SECTION_NOT_FOUND);
-        return NULL;
-    }
-    gens = v2i_GENERAL_NAMES(NULL, ctx, gnsect);
-    if (*sect == '@')
-        X509V3_section_free(ctx, gnsect);
-    else
-        sk_CONF_VALUE_pop_free(gnsect, X509V3_conf_free);
-    return gens;
-}
-
-static int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx,
-                               CONF_VALUE *cnf)
-{
-    STACK_OF(GENERAL_NAME) *fnm = NULL;
-    STACK_OF(X509_NAME_ENTRY) *rnm = NULL;
-    if (!strncmp(cnf->name, "fullname", 9)) {
-        fnm = gnames_from_sectname(ctx, cnf->value);
-        if (!fnm)
-            goto err;
-    } else if (!strcmp(cnf->name, "relativename")) {
-        int ret;
-        STACK_OF(CONF_VALUE) *dnsect;
-        X509_NAME *nm;
-        nm = X509_NAME_new();
-        if (!nm)
-            return -1;
-        dnsect = X509V3_get_section(ctx, cnf->value);
-        if (!dnsect) {
-            X509V3err(X509V3_F_SET_DIST_POINT_NAME,
-                      X509V3_R_SECTION_NOT_FOUND);
-            return -1;
-        }
-        ret = X509V3_NAME_from_section(nm, dnsect, MBSTRING_ASC);
-        X509V3_section_free(ctx, dnsect);
-        rnm = nm->entries;
-        nm->entries = NULL;
-        X509_NAME_free(nm);
-        if (!ret || sk_X509_NAME_ENTRY_num(rnm) <= 0)
-            goto err;
-        /*
-         * Since its a name fragment can't have more than one RDNSequence
-         */
-        if (sk_X509_NAME_ENTRY_value(rnm,
-                                     sk_X509_NAME_ENTRY_num(rnm) - 1)->set) {
-            X509V3err(X509V3_F_SET_DIST_POINT_NAME,
-                      X509V3_R_INVALID_MULTIPLE_RDNS);
-            goto err;
-        }
-    } else
-        return 0;
-
-    if (*pdp) {
-        X509V3err(X509V3_F_SET_DIST_POINT_NAME,
-                  X509V3_R_DISTPOINT_ALREADY_SET);
-        goto err;
-    }
-
-    *pdp = DIST_POINT_NAME_new();
-    if (!*pdp)
-        goto err;
-    if (fnm) {
-        (*pdp)->type = 0;
-        (*pdp)->name.fullname = fnm;
-    } else {
-        (*pdp)->type = 1;
-        (*pdp)->name.relativename = rnm;
-    }
-
-    return 1;
-
- err:
-    if (fnm)
-        sk_GENERAL_NAME_pop_free(fnm, GENERAL_NAME_free);
-    if (rnm)
-        sk_X509_NAME_ENTRY_pop_free(rnm, X509_NAME_ENTRY_free);
-    return -1;
-}
-
-static const BIT_STRING_BITNAME reason_flags[] = {
-    {0, "Unused", "unused"},
-    {1, "Key Compromise", "keyCompromise"},
-    {2, "CA Compromise", "CACompromise"},
-    {3, "Affiliation Changed", "affiliationChanged"},
-    {4, "Superseded", "superseded"},
-    {5, "Cessation Of Operation", "cessationOfOperation"},
-    {6, "Certificate Hold", "certificateHold"},
-    {7, "Privilege Withdrawn", "privilegeWithdrawn"},
-    {8, "AA Compromise", "AACompromise"},
-    {-1, NULL, NULL}
-};
-
-static int set_reasons(ASN1_BIT_STRING **preas, char *value)
-{
-    STACK_OF(CONF_VALUE) *rsk = NULL;
-    const BIT_STRING_BITNAME *pbn;
-    const char *bnam;
-    int i, ret = 0;
-    rsk = X509V3_parse_list(value);
-    if (!rsk)
-        return 0;
-    if (*preas)
-        return 0;
-    for (i = 0; i < sk_CONF_VALUE_num(rsk); i++) {
-        bnam = sk_CONF_VALUE_value(rsk, i)->name;
-        if (!*preas) {
-            *preas = ASN1_BIT_STRING_new();
-            if (!*preas)
-                goto err;
-        }
-        for (pbn = reason_flags; pbn->lname; pbn++) {
-            if (!strcmp(pbn->sname, bnam)) {
-                if (!ASN1_BIT_STRING_set_bit(*preas, pbn->bitnum, 1))
-                    goto err;
-                break;
-            }
-        }
-        if (!pbn->lname)
-            goto err;
-    }
-    ret = 1;
-
- err:
-    sk_CONF_VALUE_pop_free(rsk, X509V3_conf_free);
-    return ret;
-}
-
-static int print_reasons(BIO *out, const char *rname,
-                         ASN1_BIT_STRING *rflags, int indent)
-{
-    int first = 1;
-    const BIT_STRING_BITNAME *pbn;
-    BIO_printf(out, "%*s%s:\n%*s", indent, "", rname, indent + 2, "");
-    for (pbn = reason_flags; pbn->lname; pbn++) {
-        if (ASN1_BIT_STRING_get_bit(rflags, pbn->bitnum)) {
-            if (first)
-                first = 0;
-            else
-                BIO_puts(out, ", ");
-            BIO_puts(out, pbn->lname);
-        }
-    }
-    if (first)
-        BIO_puts(out, "<EMPTY>\n");
-    else
-        BIO_puts(out, "\n");
-    return 1;
-}
-
-static DIST_POINT *crldp_from_section(X509V3_CTX *ctx,
-                                      STACK_OF(CONF_VALUE) *nval)
-{
-    int i;
-    CONF_VALUE *cnf;
-    DIST_POINT *point = NULL;
-    point = DIST_POINT_new();
-    if (!point)
-        goto err;
-    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-        int ret;
-        cnf = sk_CONF_VALUE_value(nval, i);
-        ret = set_dist_point_name(&point->distpoint, ctx, cnf);
-        if (ret > 0)
-            continue;
-        if (ret < 0)
-            goto err;
-        if (!strcmp(cnf->name, "reasons")) {
-            if (!set_reasons(&point->reasons, cnf->value))
-                goto err;
-        } else if (!strcmp(cnf->name, "CRLissuer")) {
-            point->CRLissuer = gnames_from_sectname(ctx, cnf->value);
-            if (!point->CRLissuer)
-                goto err;
-        }
-    }
-
-    return point;
-
- err:
-    if (point)
-        DIST_POINT_free(point);
-    return NULL;
-}
-
-static void *v2i_crld(const X509V3_EXT_METHOD *method,
-                      X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
-{
-    STACK_OF(DIST_POINT) *crld = NULL;
-    GENERAL_NAMES *gens = NULL;
-    GENERAL_NAME *gen = NULL;
-    CONF_VALUE *cnf;
-    int i;
-    if (!(crld = sk_DIST_POINT_new_null()))
-        goto merr;
-    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-        DIST_POINT *point;
-        cnf = sk_CONF_VALUE_value(nval, i);
-        if (!cnf->value) {
-            STACK_OF(CONF_VALUE) *dpsect;
-            dpsect = X509V3_get_section(ctx, cnf->name);
-            if (!dpsect)
-                goto err;
-            point = crldp_from_section(ctx, dpsect);
-            X509V3_section_free(ctx, dpsect);
-            if (!point)
-                goto err;
-            if (!sk_DIST_POINT_push(crld, point)) {
-                DIST_POINT_free(point);
-                goto merr;
-            }
-        } else {
-            if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
-                goto err;
-            if (!(gens = GENERAL_NAMES_new()))
-                goto merr;
-            if (!sk_GENERAL_NAME_push(gens, gen))
-                goto merr;
-            gen = NULL;
-            if (!(point = DIST_POINT_new()))
-                goto merr;
-            if (!sk_DIST_POINT_push(crld, point)) {
-                DIST_POINT_free(point);
-                goto merr;
-            }
-            if (!(point->distpoint = DIST_POINT_NAME_new()))
-                goto merr;
-            point->distpoint->name.fullname = gens;
-            point->distpoint->type = 0;
-            gens = NULL;
-        }
-    }
-    return crld;
-
- merr:
-    X509V3err(X509V3_F_V2I_CRLD, ERR_R_MALLOC_FAILURE);
- err:
-    GENERAL_NAME_free(gen);
-    GENERAL_NAMES_free(gens);
-    sk_DIST_POINT_pop_free(crld, DIST_POINT_free);
-    return NULL;
-}
-
-IMPLEMENT_STACK_OF(DIST_POINT)
-
-IMPLEMENT_ASN1_SET_OF(DIST_POINT)
-
-static int dpn_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
-                  void *exarg)
-{
-    DIST_POINT_NAME *dpn = (DIST_POINT_NAME *)*pval;
-
-    switch (operation) {
-    case ASN1_OP_NEW_POST:
-        dpn->dpname = NULL;
-        break;
-
-    case ASN1_OP_FREE_POST:
-        if (dpn->dpname)
-            X509_NAME_free(dpn->dpname);
-        break;
-    }
-    return 1;
-}
-
-
-ASN1_CHOICE_cb(DIST_POINT_NAME, dpn_cb) = {
-        ASN1_IMP_SEQUENCE_OF(DIST_POINT_NAME, name.fullname, GENERAL_NAME, 0),
-        ASN1_IMP_SET_OF(DIST_POINT_NAME, name.relativename, X509_NAME_ENTRY, 1)
-} ASN1_CHOICE_END_cb(DIST_POINT_NAME, DIST_POINT_NAME, type)
-
-
-IMPLEMENT_ASN1_FUNCTIONS(DIST_POINT_NAME)
-
-ASN1_SEQUENCE(DIST_POINT) = {
-        ASN1_EXP_OPT(DIST_POINT, distpoint, DIST_POINT_NAME, 0),
-        ASN1_IMP_OPT(DIST_POINT, reasons, ASN1_BIT_STRING, 1),
-        ASN1_IMP_SEQUENCE_OF_OPT(DIST_POINT, CRLissuer, GENERAL_NAME, 2)
-} ASN1_SEQUENCE_END(DIST_POINT)
-
-IMPLEMENT_ASN1_FUNCTIONS(DIST_POINT)
-
-ASN1_ITEM_TEMPLATE(CRL_DIST_POINTS) =
-        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, CRLDistributionPoints, DIST_POINT)
-ASN1_ITEM_TEMPLATE_END(CRL_DIST_POINTS)
-
-IMPLEMENT_ASN1_FUNCTIONS(CRL_DIST_POINTS)
-
-ASN1_SEQUENCE(ISSUING_DIST_POINT) = {
-        ASN1_EXP_OPT(ISSUING_DIST_POINT, distpoint, DIST_POINT_NAME, 0),
-        ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyuser, ASN1_FBOOLEAN, 1),
-        ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyCA, ASN1_FBOOLEAN, 2),
-        ASN1_IMP_OPT(ISSUING_DIST_POINT, onlysomereasons, ASN1_BIT_STRING, 3),
-        ASN1_IMP_OPT(ISSUING_DIST_POINT, indirectCRL, ASN1_FBOOLEAN, 4),
-        ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyattr, ASN1_FBOOLEAN, 5)
-} ASN1_SEQUENCE_END(ISSUING_DIST_POINT)
-
-IMPLEMENT_ASN1_FUNCTIONS(ISSUING_DIST_POINT)
-
-static int i2r_idp(const X509V3_EXT_METHOD *method, void *pidp, BIO *out,
-                   int indent);
-static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-                     STACK_OF(CONF_VALUE) *nval);
-
-const X509V3_EXT_METHOD v3_idp = {
-    NID_issuing_distribution_point, X509V3_EXT_MULTILINE,
-    ASN1_ITEM_ref(ISSUING_DIST_POINT),
-    0, 0, 0, 0,
-    0, 0,
-    0,
-    v2i_idp,
-    i2r_idp, 0,
-    NULL
-};
-
-static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-                     STACK_OF(CONF_VALUE) *nval)
-{
-    ISSUING_DIST_POINT *idp = NULL;
-    CONF_VALUE *cnf;
-    char *name, *val;
-    int i, ret;
-    idp = ISSUING_DIST_POINT_new();
-    if (!idp)
-        goto merr;
-    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-        cnf = sk_CONF_VALUE_value(nval, i);
-        name = cnf->name;
-        val = cnf->value;
-        ret = set_dist_point_name(&idp->distpoint, ctx, cnf);
-        if (ret > 0)
-            continue;
-        if (ret < 0)
-            goto err;
-        if (!strcmp(name, "onlyuser")) {
-            if (!X509V3_get_value_bool(cnf, &idp->onlyuser))
-                goto err;
-        } else if (!strcmp(name, "onlyCA")) {
-            if (!X509V3_get_value_bool(cnf, &idp->onlyCA))
-                goto err;
-        } else if (!strcmp(name, "onlyAA")) {
-            if (!X509V3_get_value_bool(cnf, &idp->onlyattr))
-                goto err;
-        } else if (!strcmp(name, "indirectCRL")) {
-            if (!X509V3_get_value_bool(cnf, &idp->indirectCRL))
-                goto err;
-        } else if (!strcmp(name, "onlysomereasons")) {
-            if (!set_reasons(&idp->onlysomereasons, val))
-                goto err;
-        } else {
-            X509V3err(X509V3_F_V2I_IDP, X509V3_R_INVALID_NAME);
-            X509V3_conf_err(cnf);
-            goto err;
-        }
-    }
-    return idp;
-
- merr:
-    X509V3err(X509V3_F_V2I_IDP, ERR_R_MALLOC_FAILURE);
- err:
-    ISSUING_DIST_POINT_free(idp);
-    return NULL;
-}
-
-static int print_gens(BIO *out, STACK_OF(GENERAL_NAME) *gens, int indent)
-{
-    int i;
-    for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
-        BIO_printf(out, "%*s", indent + 2, "");
-        GENERAL_NAME_print(out, sk_GENERAL_NAME_value(gens, i));
-        BIO_puts(out, "\n");
-    }
-    return 1;
-}
-
-static int print_distpoint(BIO *out, DIST_POINT_NAME *dpn, int indent)
-{
-    if (dpn->type == 0) {
-        BIO_printf(out, "%*sFull Name:\n", indent, "");
-        print_gens(out, dpn->name.fullname, indent);
-    } else {
-        X509_NAME ntmp;
-        ntmp.entries = dpn->name.relativename;
-        BIO_printf(out, "%*sRelative Name:\n%*s", indent, "", indent + 2, "");
-        X509_NAME_print_ex(out, &ntmp, 0, XN_FLAG_ONELINE);
-        BIO_puts(out, "\n");
-    }
-    return 1;
-}
-
-static int i2r_idp(const X509V3_EXT_METHOD *method, void *pidp, BIO *out,
-                   int indent)
-{
-    ISSUING_DIST_POINT *idp = pidp;
-    if (idp->distpoint)
-        print_distpoint(out, idp->distpoint, indent);
-    if (idp->onlyuser > 0)
-        BIO_printf(out, "%*sOnly User Certificates\n", indent, "");
-    if (idp->onlyCA > 0)
-        BIO_printf(out, "%*sOnly CA Certificates\n", indent, "");
-    if (idp->indirectCRL > 0)
-        BIO_printf(out, "%*sIndirect CRL\n", indent, "");
-    if (idp->onlysomereasons)
-        print_reasons(out, "Only Some Reasons", idp->onlysomereasons, indent);
-    if (idp->onlyattr > 0)
-        BIO_printf(out, "%*sOnly Attribute Certificates\n", indent, "");
-    if (!idp->distpoint && (idp->onlyuser <= 0) && (idp->onlyCA <= 0)
-        && (idp->indirectCRL <= 0) && !idp->onlysomereasons
-        && (idp->onlyattr <= 0))
-        BIO_printf(out, "%*s<EMPTY>\n", indent, "");
-
-    return 1;
-}
-
-static int i2r_crldp(const X509V3_EXT_METHOD *method, void *pcrldp, BIO *out,
-                     int indent)
-{
-    STACK_OF(DIST_POINT) *crld = pcrldp;
-    DIST_POINT *point;
-    int i;
-    for (i = 0; i < sk_DIST_POINT_num(crld); i++) {
-        BIO_puts(out, "\n");
-        point = sk_DIST_POINT_value(crld, i);
-        if (point->distpoint)
-            print_distpoint(out, point->distpoint, indent);
-        if (point->reasons)
-            print_reasons(out, "Reasons", point->reasons, indent);
-        if (point->CRLissuer) {
-            BIO_printf(out, "%*sCRL Issuer:\n", indent, "");
-            print_gens(out, point->CRLissuer, indent);
-        }
-    }
-    return 1;
-}
-
-int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname)
-{
-    int i;
-    STACK_OF(X509_NAME_ENTRY) *frag;
-    X509_NAME_ENTRY *ne;
-    if (!dpn || (dpn->type != 1))
-        return 1;
-    frag = dpn->name.relativename;
-    dpn->dpname = X509_NAME_dup(iname);
-    if (!dpn->dpname)
-        return 0;
-    for (i = 0; i < sk_X509_NAME_ENTRY_num(frag); i++) {
-        ne = sk_X509_NAME_ENTRY_value(frag, i);
-        if (!X509_NAME_add_entry(dpn->dpname, ne, -1, i ? 0 : 1)) {
-            X509_NAME_free(dpn->dpname);
-            dpn->dpname = NULL;
-            return 0;
-        }
-    }
-    /* generate cached encoding of name */
-    if (i2d_X509_NAME(dpn->dpname, NULL) < 0) {
-        X509_NAME_free(dpn->dpname);
-        dpn->dpname = NULL;
-        return 0;
-    }
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/x509v3/v3_enum.c b/thirdparty/openssl/crypto/x509v3/v3_enum.c
deleted file mode 100644
index 7678664fc3..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_enum.c
+++ /dev/null
@@ -1,100 +0,0 @@
-/* v3_enum.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509v3.h>
-
-static ENUMERATED_NAMES crl_reasons[] = {
-    {CRL_REASON_UNSPECIFIED, "Unspecified", "unspecified"},
-    {CRL_REASON_KEY_COMPROMISE, "Key Compromise", "keyCompromise"},
-    {CRL_REASON_CA_COMPROMISE, "CA Compromise", "CACompromise"},
-    {CRL_REASON_AFFILIATION_CHANGED, "Affiliation Changed",
-     "affiliationChanged"},
-    {CRL_REASON_SUPERSEDED, "Superseded", "superseded"},
-    {CRL_REASON_CESSATION_OF_OPERATION,
-     "Cessation Of Operation", "cessationOfOperation"},
-    {CRL_REASON_CERTIFICATE_HOLD, "Certificate Hold", "certificateHold"},
-    {CRL_REASON_REMOVE_FROM_CRL, "Remove From CRL", "removeFromCRL"},
-    {CRL_REASON_PRIVILEGE_WITHDRAWN, "Privilege Withdrawn",
-     "privilegeWithdrawn"},
-    {CRL_REASON_AA_COMPROMISE, "AA Compromise", "AACompromise"},
-    {-1, NULL, NULL}
-};
-
-const X509V3_EXT_METHOD v3_crl_reason = {
-    NID_crl_reason, 0, ASN1_ITEM_ref(ASN1_ENUMERATED),
-    0, 0, 0, 0,
-    (X509V3_EXT_I2S)i2s_ASN1_ENUMERATED_TABLE,
-    0,
-    0, 0, 0, 0,
-    crl_reasons
-};
-
-char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *e)
-{
-    ENUMERATED_NAMES *enam;
-    long strval;
-    strval = ASN1_ENUMERATED_get(e);
-    for (enam = method->usr_data; enam->lname; enam++) {
-        if (strval == enam->bitnum)
-            return BUF_strdup(enam->lname);
-    }
-    return i2s_ASN1_ENUMERATED(method, e);
-}
diff --git a/thirdparty/openssl/crypto/x509v3/v3_extku.c b/thirdparty/openssl/crypto/x509v3/v3_extku.c
deleted file mode 100644
index 6092c2e4bd..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_extku.c
+++ /dev/null
@@ -1,149 +0,0 @@
-/* v3_extku.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method,
-                                    X509V3_CTX *ctx,
-                                    STACK_OF(CONF_VALUE) *nval);
-static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD
-                                                    *method, void *eku, STACK_OF(CONF_VALUE)
-                                                    *extlist);
-
-const X509V3_EXT_METHOD v3_ext_ku = {
-    NID_ext_key_usage, 0,
-    ASN1_ITEM_ref(EXTENDED_KEY_USAGE),
-    0, 0, 0, 0,
-    0, 0,
-    i2v_EXTENDED_KEY_USAGE,
-    v2i_EXTENDED_KEY_USAGE,
-    0, 0,
-    NULL
-};
-
-/* NB OCSP acceptable responses also is a SEQUENCE OF OBJECT */
-const X509V3_EXT_METHOD v3_ocsp_accresp = {
-    NID_id_pkix_OCSP_acceptableResponses, 0,
-    ASN1_ITEM_ref(EXTENDED_KEY_USAGE),
-    0, 0, 0, 0,
-    0, 0,
-    i2v_EXTENDED_KEY_USAGE,
-    v2i_EXTENDED_KEY_USAGE,
-    0, 0,
-    NULL
-};
-
-ASN1_ITEM_TEMPLATE(EXTENDED_KEY_USAGE) =
-        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, EXTENDED_KEY_USAGE, ASN1_OBJECT)
-ASN1_ITEM_TEMPLATE_END(EXTENDED_KEY_USAGE)
-
-IMPLEMENT_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
-
-static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD
-                                                    *method, void *a, STACK_OF(CONF_VALUE)
-                                                    *ext_list)
-{
-    EXTENDED_KEY_USAGE *eku = a;
-    int i;
-    ASN1_OBJECT *obj;
-    char obj_tmp[80];
-    for (i = 0; i < sk_ASN1_OBJECT_num(eku); i++) {
-        obj = sk_ASN1_OBJECT_value(eku, i);
-        i2t_ASN1_OBJECT(obj_tmp, 80, obj);
-        X509V3_add_value(NULL, obj_tmp, &ext_list);
-    }
-    return ext_list;
-}
-
-static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method,
-                                    X509V3_CTX *ctx,
-                                    STACK_OF(CONF_VALUE) *nval)
-{
-    EXTENDED_KEY_USAGE *extku;
-    char *extval;
-    ASN1_OBJECT *objtmp;
-    CONF_VALUE *val;
-    int i;
-
-    if (!(extku = sk_ASN1_OBJECT_new_null())) {
-        X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-        val = sk_CONF_VALUE_value(nval, i);
-        if (val->value)
-            extval = val->value;
-        else
-            extval = val->name;
-        if (!(objtmp = OBJ_txt2obj(extval, 0))) {
-            sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free);
-            X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE,
-                      X509V3_R_INVALID_OBJECT_IDENTIFIER);
-            X509V3_conf_err(val);
-            return NULL;
-        }
-        sk_ASN1_OBJECT_push(extku, objtmp);
-    }
-    return extku;
-}
diff --git a/thirdparty/openssl/crypto/x509v3/v3_genn.c b/thirdparty/openssl/crypto/x509v3/v3_genn.c
deleted file mode 100644
index 7f40bfabe0..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_genn.c
+++ /dev/null
@@ -1,250 +0,0 @@
-/* v3_genn.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-ASN1_SEQUENCE(OTHERNAME) = {
-        ASN1_SIMPLE(OTHERNAME, type_id, ASN1_OBJECT),
-        /* Maybe have a true ANY DEFINED BY later */
-        ASN1_EXP(OTHERNAME, value, ASN1_ANY, 0)
-} ASN1_SEQUENCE_END(OTHERNAME)
-
-IMPLEMENT_ASN1_FUNCTIONS(OTHERNAME)
-
-ASN1_SEQUENCE(EDIPARTYNAME) = {
-        ASN1_IMP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0),
-        ASN1_IMP_OPT(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1)
-} ASN1_SEQUENCE_END(EDIPARTYNAME)
-
-IMPLEMENT_ASN1_FUNCTIONS(EDIPARTYNAME)
-
-ASN1_CHOICE(GENERAL_NAME) = {
-        ASN1_IMP(GENERAL_NAME, d.otherName, OTHERNAME, GEN_OTHERNAME),
-        ASN1_IMP(GENERAL_NAME, d.rfc822Name, ASN1_IA5STRING, GEN_EMAIL),
-        ASN1_IMP(GENERAL_NAME, d.dNSName, ASN1_IA5STRING, GEN_DNS),
-        /* Don't decode this */
-        ASN1_IMP(GENERAL_NAME, d.x400Address, ASN1_SEQUENCE, GEN_X400),
-        /* X509_NAME is a CHOICE type so use EXPLICIT */
-        ASN1_EXP(GENERAL_NAME, d.directoryName, X509_NAME, GEN_DIRNAME),
-        ASN1_IMP(GENERAL_NAME, d.ediPartyName, EDIPARTYNAME, GEN_EDIPARTY),
-        ASN1_IMP(GENERAL_NAME, d.uniformResourceIdentifier, ASN1_IA5STRING, GEN_URI),
-        ASN1_IMP(GENERAL_NAME, d.iPAddress, ASN1_OCTET_STRING, GEN_IPADD),
-        ASN1_IMP(GENERAL_NAME, d.registeredID, ASN1_OBJECT, GEN_RID)
-} ASN1_CHOICE_END(GENERAL_NAME)
-
-IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAME)
-
-ASN1_ITEM_TEMPLATE(GENERAL_NAMES) =
-        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, GENERAL_NAME)
-ASN1_ITEM_TEMPLATE_END(GENERAL_NAMES)
-
-IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAMES)
-
-GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a)
-{
-    return (GENERAL_NAME *)ASN1_dup((i2d_of_void *)i2d_GENERAL_NAME,
-                                    (d2i_of_void *)d2i_GENERAL_NAME,
-                                    (char *)a);
-}
-
-/* Returns 0 if they are equal, != 0 otherwise. */
-int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b)
-{
-    int result = -1;
-
-    if (!a || !b || a->type != b->type)
-        return -1;
-    switch (a->type) {
-    case GEN_X400:
-    case GEN_EDIPARTY:
-        result = ASN1_TYPE_cmp(a->d.other, b->d.other);
-        break;
-
-    case GEN_OTHERNAME:
-        result = OTHERNAME_cmp(a->d.otherName, b->d.otherName);
-        break;
-
-    case GEN_EMAIL:
-    case GEN_DNS:
-    case GEN_URI:
-        result = ASN1_STRING_cmp(a->d.ia5, b->d.ia5);
-        break;
-
-    case GEN_DIRNAME:
-        result = X509_NAME_cmp(a->d.dirn, b->d.dirn);
-        break;
-
-    case GEN_IPADD:
-        result = ASN1_OCTET_STRING_cmp(a->d.ip, b->d.ip);
-        break;
-
-    case GEN_RID:
-        result = OBJ_cmp(a->d.rid, b->d.rid);
-        break;
-    }
-    return result;
-}
-
-/* Returns 0 if they are equal, != 0 otherwise. */
-int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b)
-{
-    int result = -1;
-
-    if (!a || !b)
-        return -1;
-    /* Check their type first. */
-    if ((result = OBJ_cmp(a->type_id, b->type_id)) != 0)
-        return result;
-    /* Check the value. */
-    result = ASN1_TYPE_cmp(a->value, b->value);
-    return result;
-}
-
-void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value)
-{
-    switch (type) {
-    case GEN_X400:
-    case GEN_EDIPARTY:
-        a->d.other = value;
-        break;
-
-    case GEN_OTHERNAME:
-        a->d.otherName = value;
-        break;
-
-    case GEN_EMAIL:
-    case GEN_DNS:
-    case GEN_URI:
-        a->d.ia5 = value;
-        break;
-
-    case GEN_DIRNAME:
-        a->d.dirn = value;
-        break;
-
-    case GEN_IPADD:
-        a->d.ip = value;
-        break;
-
-    case GEN_RID:
-        a->d.rid = value;
-        break;
-    }
-    a->type = type;
-}
-
-void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype)
-{
-    if (ptype)
-        *ptype = a->type;
-    switch (a->type) {
-    case GEN_X400:
-    case GEN_EDIPARTY:
-        return a->d.other;
-
-    case GEN_OTHERNAME:
-        return a->d.otherName;
-
-    case GEN_EMAIL:
-    case GEN_DNS:
-    case GEN_URI:
-        return a->d.ia5;
-
-    case GEN_DIRNAME:
-        return a->d.dirn;
-
-    case GEN_IPADD:
-        return a->d.ip;
-
-    case GEN_RID:
-        return a->d.rid;
-
-    default:
-        return NULL;
-    }
-}
-
-int GENERAL_NAME_set0_othername(GENERAL_NAME *gen,
-                                ASN1_OBJECT *oid, ASN1_TYPE *value)
-{
-    OTHERNAME *oth;
-    oth = OTHERNAME_new();
-    if (!oth)
-        return 0;
-    oth->type_id = oid;
-    oth->value = value;
-    GENERAL_NAME_set0_value(gen, GEN_OTHERNAME, oth);
-    return 1;
-}
-
-int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen,
-                                ASN1_OBJECT **poid, ASN1_TYPE **pvalue)
-{
-    if (gen->type != GEN_OTHERNAME)
-        return 0;
-    if (poid)
-        *poid = gen->d.otherName->type_id;
-    if (pvalue)
-        *pvalue = gen->d.otherName->value;
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/x509v3/v3_ia5.c b/thirdparty/openssl/crypto/x509v3/v3_ia5.c
deleted file mode 100644
index c170a55ff4..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_ia5.c
+++ /dev/null
@@ -1,119 +0,0 @@
-/* v3_ia5.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
-                                ASN1_IA5STRING *ia5);
-static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
-                                          X509V3_CTX *ctx, char *str);
-const X509V3_EXT_METHOD v3_ns_ia5_list[] = {
-    EXT_IA5STRING(NID_netscape_base_url),
-    EXT_IA5STRING(NID_netscape_revocation_url),
-    EXT_IA5STRING(NID_netscape_ca_revocation_url),
-    EXT_IA5STRING(NID_netscape_renewal_url),
-    EXT_IA5STRING(NID_netscape_ca_policy_url),
-    EXT_IA5STRING(NID_netscape_ssl_server_name),
-    EXT_IA5STRING(NID_netscape_comment),
-    EXT_END
-};
-
-static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
-                                ASN1_IA5STRING *ia5)
-{
-    char *tmp;
-    if (!ia5 || !ia5->length)
-        return NULL;
-    if (!(tmp = OPENSSL_malloc(ia5->length + 1))) {
-        X509V3err(X509V3_F_I2S_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    memcpy(tmp, ia5->data, ia5->length);
-    tmp[ia5->length] = 0;
-    return tmp;
-}
-
-static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
-                                          X509V3_CTX *ctx, char *str)
-{
-    ASN1_IA5STRING *ia5;
-    if (!str) {
-        X509V3err(X509V3_F_S2I_ASN1_IA5STRING,
-                  X509V3_R_INVALID_NULL_ARGUMENT);
-        return NULL;
-    }
-    if (!(ia5 = M_ASN1_IA5STRING_new()))
-        goto err;
-    if (!ASN1_STRING_set((ASN1_STRING *)ia5, (unsigned char *)str,
-                         strlen(str))) {
-        M_ASN1_IA5STRING_free(ia5);
-        goto err;
-    }
-#ifdef CHARSET_EBCDIC
-    ebcdic2ascii(ia5->data, ia5->data, ia5->length);
-#endif                          /* CHARSET_EBCDIC */
-    return ia5;
- err:
-    X509V3err(X509V3_F_S2I_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE);
-    return NULL;
-}
diff --git a/thirdparty/openssl/crypto/x509v3/v3_info.c b/thirdparty/openssl/crypto/x509v3/v3_info.c
deleted file mode 100644
index 7064c725d9..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_info.c
+++ /dev/null
@@ -1,217 +0,0 @@
-/* v3_info.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509v3.h>
-
-static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD
-                                                       *method, AUTHORITY_INFO_ACCESS
-                                                       *ainfo, STACK_OF(CONF_VALUE)
-                                                       *ret);
-static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD
-                                                        *method,
-                                                        X509V3_CTX *ctx,
-                                                        STACK_OF(CONF_VALUE)
-                                                        *nval);
-
-const X509V3_EXT_METHOD v3_info = { NID_info_access, X509V3_EXT_MULTILINE,
-    ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS),
-    0, 0, 0, 0,
-    0, 0,
-    (X509V3_EXT_I2V) i2v_AUTHORITY_INFO_ACCESS,
-    (X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
-    0, 0,
-    NULL
-};
-
-const X509V3_EXT_METHOD v3_sinfo = { NID_sinfo_access, X509V3_EXT_MULTILINE,
-    ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS),
-    0, 0, 0, 0,
-    0, 0,
-    (X509V3_EXT_I2V) i2v_AUTHORITY_INFO_ACCESS,
-    (X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
-    0, 0,
-    NULL
-};
-
-ASN1_SEQUENCE(ACCESS_DESCRIPTION) = {
-        ASN1_SIMPLE(ACCESS_DESCRIPTION, method, ASN1_OBJECT),
-        ASN1_SIMPLE(ACCESS_DESCRIPTION, location, GENERAL_NAME)
-} ASN1_SEQUENCE_END(ACCESS_DESCRIPTION)
-
-IMPLEMENT_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
-
-ASN1_ITEM_TEMPLATE(AUTHORITY_INFO_ACCESS) =
-        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, ACCESS_DESCRIPTION)
-ASN1_ITEM_TEMPLATE_END(AUTHORITY_INFO_ACCESS)
-
-IMPLEMENT_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
-
-static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(
-    X509V3_EXT_METHOD *method, AUTHORITY_INFO_ACCESS *ainfo,
-    STACK_OF(CONF_VALUE) *ret)
-{
-    ACCESS_DESCRIPTION *desc;
-    int i, nlen;
-    char objtmp[80], *ntmp;
-    CONF_VALUE *vtmp;
-    STACK_OF(CONF_VALUE) *tret = ret;
-
-    for (i = 0; i < sk_ACCESS_DESCRIPTION_num(ainfo); i++) {
-        STACK_OF(CONF_VALUE) *tmp;
-
-        desc = sk_ACCESS_DESCRIPTION_value(ainfo, i);
-        tmp = i2v_GENERAL_NAME(method, desc->location, tret);
-        if (tmp == NULL)
-            goto err;
-        tret = tmp;
-        vtmp = sk_CONF_VALUE_value(tret, i);
-        i2t_ASN1_OBJECT(objtmp, sizeof objtmp, desc->method);
-        nlen = strlen(objtmp) + strlen(vtmp->name) + 5;
-        ntmp = OPENSSL_malloc(nlen);
-        if (ntmp == NULL)
-            goto err;
-        BUF_strlcpy(ntmp, objtmp, nlen);
-        BUF_strlcat(ntmp, " - ", nlen);
-        BUF_strlcat(ntmp, vtmp->name, nlen);
-        OPENSSL_free(vtmp->name);
-        vtmp->name = ntmp;
-
-    }
-    if (ret == NULL && tret == NULL)
-        return sk_CONF_VALUE_new_null();
-
-    return tret;
- err:
-    X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE);
-    if (ret == NULL && tret != NULL)
-        sk_CONF_VALUE_pop_free(tret, X509V3_conf_free);
-    return NULL;
-}
-
-static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD
-                                                        *method,
-                                                        X509V3_CTX *ctx,
-                                                        STACK_OF(CONF_VALUE)
-                                                        *nval)
-{
-    AUTHORITY_INFO_ACCESS *ainfo = NULL;
-    CONF_VALUE *cnf, ctmp;
-    ACCESS_DESCRIPTION *acc;
-    int i, objlen;
-    char *objtmp, *ptmp;
-    if (!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) {
-        X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-        cnf = sk_CONF_VALUE_value(nval, i);
-        if (!(acc = ACCESS_DESCRIPTION_new())
-            || !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) {
-            X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
-                      ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        ptmp = strchr(cnf->name, ';');
-        if (!ptmp) {
-            X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
-                      X509V3_R_INVALID_SYNTAX);
-            goto err;
-        }
-        objlen = ptmp - cnf->name;
-        ctmp.name = ptmp + 1;
-        ctmp.value = cnf->value;
-        if (!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0))
-            goto err;
-        if (!(objtmp = OPENSSL_malloc(objlen + 1))) {
-            X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
-                      ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        strncpy(objtmp, cnf->name, objlen);
-        objtmp[objlen] = 0;
-        acc->method = OBJ_txt2obj(objtmp, 0);
-        if (!acc->method) {
-            X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
-                      X509V3_R_BAD_OBJECT);
-            ERR_add_error_data(2, "value=", objtmp);
-            OPENSSL_free(objtmp);
-            goto err;
-        }
-        OPENSSL_free(objtmp);
-
-    }
-    return ainfo;
- err:
-    sk_ACCESS_DESCRIPTION_pop_free(ainfo, ACCESS_DESCRIPTION_free);
-    return NULL;
-}
-
-int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION *a)
-{
-    i2a_ASN1_OBJECT(bp, a->method);
-#ifdef UNDEF
-    i2a_GENERAL_NAME(bp, a->location);
-#endif
-    return 2;
-}
diff --git a/thirdparty/openssl/crypto/x509v3/v3_int.c b/thirdparty/openssl/crypto/x509v3/v3_int.c
deleted file mode 100644
index 8bfdb37e7a..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_int.c
+++ /dev/null
@@ -1,92 +0,0 @@
-/* v3_int.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509v3.h>
-
-const X509V3_EXT_METHOD v3_crl_num = {
-    NID_crl_number, 0, ASN1_ITEM_ref(ASN1_INTEGER),
-    0, 0, 0, 0,
-    (X509V3_EXT_I2S)i2s_ASN1_INTEGER,
-    0,
-    0, 0, 0, 0, NULL
-};
-
-const X509V3_EXT_METHOD v3_delta_crl = {
-    NID_delta_crl, 0, ASN1_ITEM_ref(ASN1_INTEGER),
-    0, 0, 0, 0,
-    (X509V3_EXT_I2S)i2s_ASN1_INTEGER,
-    0,
-    0, 0, 0, 0, NULL
-};
-
-static void *s2i_asn1_int(X509V3_EXT_METHOD *meth, X509V3_CTX *ctx,
-                          char *value)
-{
-    return s2i_ASN1_INTEGER(meth, value);
-}
-
-const X509V3_EXT_METHOD v3_inhibit_anyp = {
-    NID_inhibit_any_policy, 0, ASN1_ITEM_ref(ASN1_INTEGER),
-    0, 0, 0, 0,
-    (X509V3_EXT_I2S)i2s_ASN1_INTEGER,
-    (X509V3_EXT_S2I)s2i_asn1_int,
-    0, 0, 0, 0, NULL
-};
diff --git a/thirdparty/openssl/crypto/x509v3/v3_lib.c b/thirdparty/openssl/crypto/x509v3/v3_lib.c
deleted file mode 100644
index 8350429aaf..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_lib.c
+++ /dev/null
@@ -1,363 +0,0 @@
-/* v3_lib.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* X509 v3 extension utilities */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-#include "ext_dat.h"
-
-static STACK_OF(X509V3_EXT_METHOD) *ext_list = NULL;
-
-static int ext_cmp(const X509V3_EXT_METHOD *const *a,
-                   const X509V3_EXT_METHOD *const *b);
-static void ext_list_free(X509V3_EXT_METHOD *ext);
-
-int X509V3_EXT_add(X509V3_EXT_METHOD *ext)
-{
-    if (!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp))) {
-        X509V3err(X509V3_F_X509V3_EXT_ADD, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    if (!sk_X509V3_EXT_METHOD_push(ext_list, ext)) {
-        X509V3err(X509V3_F_X509V3_EXT_ADD, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    return 1;
-}
-
-static int ext_cmp(const X509V3_EXT_METHOD *const *a,
-                   const X509V3_EXT_METHOD *const *b)
-{
-    return ((*a)->ext_nid - (*b)->ext_nid);
-}
-
-DECLARE_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *,
-                           const X509V3_EXT_METHOD *, ext);
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *,
-                             const X509V3_EXT_METHOD *, ext);
-
-const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid)
-{
-    X509V3_EXT_METHOD tmp;
-    const X509V3_EXT_METHOD *t = &tmp, *const *ret;
-    int idx;
-    if (nid < 0)
-        return NULL;
-    tmp.ext_nid = nid;
-    ret = OBJ_bsearch_ext(&t, standard_exts, STANDARD_EXTENSION_COUNT);
-    if (ret)
-        return *ret;
-    if (!ext_list)
-        return NULL;
-    idx = sk_X509V3_EXT_METHOD_find(ext_list, &tmp);
-    if (idx == -1)
-        return NULL;
-    return sk_X509V3_EXT_METHOD_value(ext_list, idx);
-}
-
-const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext)
-{
-    int nid;
-    if ((nid = OBJ_obj2nid(ext->object)) == NID_undef)
-        return NULL;
-    return X509V3_EXT_get_nid(nid);
-}
-
-int X509V3_EXT_free(int nid, void *ext_data)
-{
-    const X509V3_EXT_METHOD *ext_method = X509V3_EXT_get_nid(nid);
-    if (ext_method == NULL) {
-        X509V3err(X509V3_F_X509V3_EXT_FREE,
-                  X509V3_R_CANNOT_FIND_FREE_FUNCTION);
-        return 0;
-    }
-
-    if (ext_method->it != NULL)
-        ASN1_item_free(ext_data, ASN1_ITEM_ptr(ext_method->it));
-    else if (ext_method->ext_free != NULL)
-        ext_method->ext_free(ext_data);
-    else {
-        X509V3err(X509V3_F_X509V3_EXT_FREE,
-                  X509V3_R_CANNOT_FIND_FREE_FUNCTION);
-        return 0;
-    }
-
-    return 1;
-}
-
-int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist)
-{
-    for (; extlist->ext_nid != -1; extlist++)
-        if (!X509V3_EXT_add(extlist))
-            return 0;
-    return 1;
-}
-
-int X509V3_EXT_add_alias(int nid_to, int nid_from)
-{
-    const X509V3_EXT_METHOD *ext;
-    X509V3_EXT_METHOD *tmpext;
-
-    if (!(ext = X509V3_EXT_get_nid(nid_from))) {
-        X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,
-                  X509V3_R_EXTENSION_NOT_FOUND);
-        return 0;
-    }
-    if (!
-        (tmpext =
-         (X509V3_EXT_METHOD *)OPENSSL_malloc(sizeof(X509V3_EXT_METHOD)))) {
-        X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    *tmpext = *ext;
-    tmpext->ext_nid = nid_to;
-    tmpext->ext_flags |= X509V3_EXT_DYNAMIC;
-    return X509V3_EXT_add(tmpext);
-}
-
-void X509V3_EXT_cleanup(void)
-{
-    sk_X509V3_EXT_METHOD_pop_free(ext_list, ext_list_free);
-    ext_list = NULL;
-}
-
-static void ext_list_free(X509V3_EXT_METHOD *ext)
-{
-    if (ext->ext_flags & X509V3_EXT_DYNAMIC)
-        OPENSSL_free(ext);
-}
-
-/*
- * Legacy function: we don't need to add standard extensions any more because
- * they are now kept in ext_dat.h.
- */
-
-int X509V3_add_standard_extensions(void)
-{
-    return 1;
-}
-
-/* Return an extension internal structure */
-
-void *X509V3_EXT_d2i(X509_EXTENSION *ext)
-{
-    const X509V3_EXT_METHOD *method;
-    const unsigned char *p;
-
-    if (!(method = X509V3_EXT_get(ext)))
-        return NULL;
-    p = ext->value->data;
-    if (method->it)
-        return ASN1_item_d2i(NULL, &p, ext->value->length,
-                             ASN1_ITEM_ptr(method->it));
-    return method->d2i(NULL, &p, ext->value->length);
-}
-
-/*-
- * Get critical flag and decoded version of extension from a NID.
- * The "idx" variable returns the last found extension and can
- * be used to retrieve multiple extensions of the same NID.
- * However multiple extensions with the same NID is usually
- * due to a badly encoded certificate so if idx is NULL we
- * choke if multiple extensions exist.
- * The "crit" variable is set to the critical value.
- * The return value is the decoded extension or NULL on
- * error. The actual error can have several different causes,
- * the value of *crit reflects the cause:
- * >= 0, extension found but not decoded (reflects critical value).
- * -1 extension not found.
- * -2 extension occurs more than once.
- */
-
-void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
-                     int *idx)
-{
-    int lastpos, i;
-    X509_EXTENSION *ex, *found_ex = NULL;
-    if (!x) {
-        if (idx)
-            *idx = -1;
-        if (crit)
-            *crit = -1;
-        return NULL;
-    }
-    if (idx)
-        lastpos = *idx + 1;
-    else
-        lastpos = 0;
-    if (lastpos < 0)
-        lastpos = 0;
-    for (i = lastpos; i < sk_X509_EXTENSION_num(x); i++) {
-        ex = sk_X509_EXTENSION_value(x, i);
-        if (OBJ_obj2nid(ex->object) == nid) {
-            if (idx) {
-                *idx = i;
-                found_ex = ex;
-                break;
-            } else if (found_ex) {
-                /* Found more than one */
-                if (crit)
-                    *crit = -2;
-                return NULL;
-            }
-            found_ex = ex;
-        }
-    }
-    if (found_ex) {
-        /* Found it */
-        if (crit)
-            *crit = X509_EXTENSION_get_critical(found_ex);
-        return X509V3_EXT_d2i(found_ex);
-    }
-
-    /* Extension not found */
-    if (idx)
-        *idx = -1;
-    if (crit)
-        *crit = -1;
-    return NULL;
-}
-
-/*
- * This function is a general extension append, replace and delete utility.
- * The precise operation is governed by the 'flags' value. The 'crit' and
- * 'value' arguments (if relevant) are the extensions internal structure.
- */
-
-int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
-                    int crit, unsigned long flags)
-{
-    int extidx = -1;
-    int errcode;
-    X509_EXTENSION *ext, *extmp;
-    unsigned long ext_op = flags & X509V3_ADD_OP_MASK;
-
-    /*
-     * If appending we don't care if it exists, otherwise look for existing
-     * extension.
-     */
-    if (ext_op != X509V3_ADD_APPEND)
-        extidx = X509v3_get_ext_by_NID(*x, nid, -1);
-
-    /* See if extension exists */
-    if (extidx >= 0) {
-        /* If keep existing, nothing to do */
-        if (ext_op == X509V3_ADD_KEEP_EXISTING)
-            return 1;
-        /* If default then its an error */
-        if (ext_op == X509V3_ADD_DEFAULT) {
-            errcode = X509V3_R_EXTENSION_EXISTS;
-            goto err;
-        }
-        /* If delete, just delete it */
-        if (ext_op == X509V3_ADD_DELETE) {
-            if (!sk_X509_EXTENSION_delete(*x, extidx))
-                return -1;
-            return 1;
-        }
-    } else {
-        /*
-         * If replace existing or delete, error since extension must exist
-         */
-        if ((ext_op == X509V3_ADD_REPLACE_EXISTING) ||
-            (ext_op == X509V3_ADD_DELETE)) {
-            errcode = X509V3_R_EXTENSION_NOT_FOUND;
-            goto err;
-        }
-    }
-
-    /*
-     * If we get this far then we have to create an extension: could have
-     * some flags for alternative encoding schemes...
-     */
-
-    ext = X509V3_EXT_i2d(nid, crit, value);
-
-    if (!ext) {
-        X509V3err(X509V3_F_X509V3_ADD1_I2D,
-                  X509V3_R_ERROR_CREATING_EXTENSION);
-        return 0;
-    }
-
-    /* If extension exists replace it.. */
-    if (extidx >= 0) {
-        extmp = sk_X509_EXTENSION_value(*x, extidx);
-        X509_EXTENSION_free(extmp);
-        if (!sk_X509_EXTENSION_set(*x, extidx, ext))
-            return -1;
-        return 1;
-    }
-
-    if (!*x && !(*x = sk_X509_EXTENSION_new_null()))
-        return -1;
-    if (!sk_X509_EXTENSION_push(*x, ext))
-        return -1;
-
-    return 1;
-
- err:
-    if (!(flags & X509V3_ADD_SILENT))
-        X509V3err(X509V3_F_X509V3_ADD1_I2D, errcode);
-    return 0;
-}
-
-IMPLEMENT_STACK_OF(X509V3_EXT_METHOD)
diff --git a/thirdparty/openssl/crypto/x509v3/v3_ncons.c b/thirdparty/openssl/crypto/x509v3/v3_ncons.c
deleted file mode 100644
index 2855269668..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_ncons.c
+++ /dev/null
@@ -1,479 +0,0 @@
-/* v3_ncons.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method,
-                                  X509V3_CTX *ctx,
-                                  STACK_OF(CONF_VALUE) *nval);
-static int i2r_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, void *a,
-                                BIO *bp, int ind);
-static int do_i2r_name_constraints(const X509V3_EXT_METHOD *method,
-                                   STACK_OF(GENERAL_SUBTREE) *trees, BIO *bp,
-                                   int ind, char *name);
-static int print_nc_ipadd(BIO *bp, ASN1_OCTET_STRING *ip);
-
-static int nc_match(GENERAL_NAME *gen, NAME_CONSTRAINTS *nc);
-static int nc_match_single(GENERAL_NAME *sub, GENERAL_NAME *gen);
-static int nc_dn(X509_NAME *sub, X509_NAME *nm);
-static int nc_dns(ASN1_IA5STRING *sub, ASN1_IA5STRING *dns);
-static int nc_email(ASN1_IA5STRING *sub, ASN1_IA5STRING *eml);
-static int nc_uri(ASN1_IA5STRING *uri, ASN1_IA5STRING *base);
-
-const X509V3_EXT_METHOD v3_name_constraints = {
-    NID_name_constraints, 0,
-    ASN1_ITEM_ref(NAME_CONSTRAINTS),
-    0, 0, 0, 0,
-    0, 0,
-    0, v2i_NAME_CONSTRAINTS,
-    i2r_NAME_CONSTRAINTS, 0,
-    NULL
-};
-
-ASN1_SEQUENCE(GENERAL_SUBTREE) = {
-        ASN1_SIMPLE(GENERAL_SUBTREE, base, GENERAL_NAME),
-        ASN1_IMP_OPT(GENERAL_SUBTREE, minimum, ASN1_INTEGER, 0),
-        ASN1_IMP_OPT(GENERAL_SUBTREE, maximum, ASN1_INTEGER, 1)
-} ASN1_SEQUENCE_END(GENERAL_SUBTREE)
-
-ASN1_SEQUENCE(NAME_CONSTRAINTS) = {
-        ASN1_IMP_SEQUENCE_OF_OPT(NAME_CONSTRAINTS, permittedSubtrees,
-                                                        GENERAL_SUBTREE, 0),
-        ASN1_IMP_SEQUENCE_OF_OPT(NAME_CONSTRAINTS, excludedSubtrees,
-                                                        GENERAL_SUBTREE, 1),
-} ASN1_SEQUENCE_END(NAME_CONSTRAINTS)
-
-
-IMPLEMENT_ASN1_ALLOC_FUNCTIONS(GENERAL_SUBTREE)
-IMPLEMENT_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
-
-static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method,
-                                  X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
-{
-    int i;
-    CONF_VALUE tval, *val;
-    STACK_OF(GENERAL_SUBTREE) **ptree = NULL;
-    NAME_CONSTRAINTS *ncons = NULL;
-    GENERAL_SUBTREE *sub = NULL;
-    ncons = NAME_CONSTRAINTS_new();
-    if (!ncons)
-        goto memerr;
-    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-        val = sk_CONF_VALUE_value(nval, i);
-        if (!strncmp(val->name, "permitted", 9) && val->name[9]) {
-            ptree = &ncons->permittedSubtrees;
-            tval.name = val->name + 10;
-        } else if (!strncmp(val->name, "excluded", 8) && val->name[8]) {
-            ptree = &ncons->excludedSubtrees;
-            tval.name = val->name + 9;
-        } else {
-            X509V3err(X509V3_F_V2I_NAME_CONSTRAINTS, X509V3_R_INVALID_SYNTAX);
-            goto err;
-        }
-        tval.value = val->value;
-        sub = GENERAL_SUBTREE_new();
-        if (sub == NULL)
-            goto memerr;
-        if (!v2i_GENERAL_NAME_ex(sub->base, method, ctx, &tval, 1))
-            goto err;
-        if (!*ptree)
-            *ptree = sk_GENERAL_SUBTREE_new_null();
-        if (!*ptree || !sk_GENERAL_SUBTREE_push(*ptree, sub))
-            goto memerr;
-        sub = NULL;
-    }
-
-    return ncons;
-
- memerr:
-    X509V3err(X509V3_F_V2I_NAME_CONSTRAINTS, ERR_R_MALLOC_FAILURE);
- err:
-    if (ncons)
-        NAME_CONSTRAINTS_free(ncons);
-    if (sub)
-        GENERAL_SUBTREE_free(sub);
-
-    return NULL;
-}
-
-static int i2r_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, void *a,
-                                BIO *bp, int ind)
-{
-    NAME_CONSTRAINTS *ncons = a;
-    do_i2r_name_constraints(method, ncons->permittedSubtrees,
-                            bp, ind, "Permitted");
-    do_i2r_name_constraints(method, ncons->excludedSubtrees,
-                            bp, ind, "Excluded");
-    return 1;
-}
-
-static int do_i2r_name_constraints(const X509V3_EXT_METHOD *method,
-                                   STACK_OF(GENERAL_SUBTREE) *trees,
-                                   BIO *bp, int ind, char *name)
-{
-    GENERAL_SUBTREE *tree;
-    int i;
-    if (sk_GENERAL_SUBTREE_num(trees) > 0)
-        BIO_printf(bp, "%*s%s:\n", ind, "", name);
-    for (i = 0; i < sk_GENERAL_SUBTREE_num(trees); i++) {
-        tree = sk_GENERAL_SUBTREE_value(trees, i);
-        BIO_printf(bp, "%*s", ind + 2, "");
-        if (tree->base->type == GEN_IPADD)
-            print_nc_ipadd(bp, tree->base->d.ip);
-        else
-            GENERAL_NAME_print(bp, tree->base);
-        BIO_puts(bp, "\n");
-    }
-    return 1;
-}
-
-static int print_nc_ipadd(BIO *bp, ASN1_OCTET_STRING *ip)
-{
-    int i, len;
-    unsigned char *p;
-    p = ip->data;
-    len = ip->length;
-    BIO_puts(bp, "IP:");
-    if (len == 8) {
-        BIO_printf(bp, "%d.%d.%d.%d/%d.%d.%d.%d",
-                   p[0], p[1], p[2], p[3], p[4], p[5], p[6], p[7]);
-    } else if (len == 32) {
-        for (i = 0; i < 16; i++) {
-            BIO_printf(bp, "%X", p[0] << 8 | p[1]);
-            p += 2;
-            if (i == 7)
-                BIO_puts(bp, "/");
-            else if (i != 15)
-                BIO_puts(bp, ":");
-        }
-    } else
-        BIO_printf(bp, "IP Address:<invalid>");
-    return 1;
-}
-
-/*-
- * Check a certificate conforms to a specified set of constraints.
- * Return values:
- *  X509_V_OK: All constraints obeyed.
- *  X509_V_ERR_PERMITTED_VIOLATION: Permitted subtree violation.
- *  X509_V_ERR_EXCLUDED_VIOLATION: Excluded subtree violation.
- *  X509_V_ERR_SUBTREE_MINMAX: Min or max values present and matching type.
- *  X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE:  Unsupported constraint type.
- *  X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: bad unsupported constraint syntax.
- *  X509_V_ERR_UNSUPPORTED_NAME_SYNTAX: bad or unsupported syntax of name
- */
-
-int NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc)
-{
-    int r, i;
-    X509_NAME *nm;
-
-    nm = X509_get_subject_name(x);
-
-    if (X509_NAME_entry_count(nm) > 0) {
-        GENERAL_NAME gntmp;
-        gntmp.type = GEN_DIRNAME;
-        gntmp.d.directoryName = nm;
-
-        r = nc_match(&gntmp, nc);
-
-        if (r != X509_V_OK)
-            return r;
-
-        gntmp.type = GEN_EMAIL;
-
-        /* Process any email address attributes in subject name */
-
-        for (i = -1;;) {
-            X509_NAME_ENTRY *ne;
-            i = X509_NAME_get_index_by_NID(nm, NID_pkcs9_emailAddress, i);
-            if (i == -1)
-                break;
-            ne = X509_NAME_get_entry(nm, i);
-            gntmp.d.rfc822Name = X509_NAME_ENTRY_get_data(ne);
-            if (gntmp.d.rfc822Name->type != V_ASN1_IA5STRING)
-                return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
-
-            r = nc_match(&gntmp, nc);
-
-            if (r != X509_V_OK)
-                return r;
-        }
-
-    }
-
-    for (i = 0; i < sk_GENERAL_NAME_num(x->altname); i++) {
-        GENERAL_NAME *gen = sk_GENERAL_NAME_value(x->altname, i);
-        r = nc_match(gen, nc);
-        if (r != X509_V_OK)
-            return r;
-    }
-
-    return X509_V_OK;
-
-}
-
-static int nc_match(GENERAL_NAME *gen, NAME_CONSTRAINTS *nc)
-{
-    GENERAL_SUBTREE *sub;
-    int i, r, match = 0;
-
-    /*
-     * Permitted subtrees: if any subtrees exist of matching the type at
-     * least one subtree must match.
-     */
-
-    for (i = 0; i < sk_GENERAL_SUBTREE_num(nc->permittedSubtrees); i++) {
-        sub = sk_GENERAL_SUBTREE_value(nc->permittedSubtrees, i);
-        if (gen->type != sub->base->type)
-            continue;
-        if (sub->minimum || sub->maximum)
-            return X509_V_ERR_SUBTREE_MINMAX;
-        /* If we already have a match don't bother trying any more */
-        if (match == 2)
-            continue;
-        if (match == 0)
-            match = 1;
-        r = nc_match_single(gen, sub->base);
-        if (r == X509_V_OK)
-            match = 2;
-        else if (r != X509_V_ERR_PERMITTED_VIOLATION)
-            return r;
-    }
-
-    if (match == 1)
-        return X509_V_ERR_PERMITTED_VIOLATION;
-
-    /* Excluded subtrees: must not match any of these */
-
-    for (i = 0; i < sk_GENERAL_SUBTREE_num(nc->excludedSubtrees); i++) {
-        sub = sk_GENERAL_SUBTREE_value(nc->excludedSubtrees, i);
-        if (gen->type != sub->base->type)
-            continue;
-        if (sub->minimum || sub->maximum)
-            return X509_V_ERR_SUBTREE_MINMAX;
-
-        r = nc_match_single(gen, sub->base);
-        if (r == X509_V_OK)
-            return X509_V_ERR_EXCLUDED_VIOLATION;
-        else if (r != X509_V_ERR_PERMITTED_VIOLATION)
-            return r;
-
-    }
-
-    return X509_V_OK;
-
-}
-
-static int nc_match_single(GENERAL_NAME *gen, GENERAL_NAME *base)
-{
-    switch (base->type) {
-    case GEN_DIRNAME:
-        return nc_dn(gen->d.directoryName, base->d.directoryName);
-
-    case GEN_DNS:
-        return nc_dns(gen->d.dNSName, base->d.dNSName);
-
-    case GEN_EMAIL:
-        return nc_email(gen->d.rfc822Name, base->d.rfc822Name);
-
-    case GEN_URI:
-        return nc_uri(gen->d.uniformResourceIdentifier,
-                      base->d.uniformResourceIdentifier);
-
-    default:
-        return X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE;
-    }
-
-}
-
-/*
- * directoryName name constraint matching. The canonical encoding of
- * X509_NAME makes this comparison easy. It is matched if the subtree is a
- * subset of the name.
- */
-
-static int nc_dn(X509_NAME *nm, X509_NAME *base)
-{
-    /* Ensure canonical encodings are up to date.  */
-    if (nm->modified && i2d_X509_NAME(nm, NULL) < 0)
-        return X509_V_ERR_OUT_OF_MEM;
-    if (base->modified && i2d_X509_NAME(base, NULL) < 0)
-        return X509_V_ERR_OUT_OF_MEM;
-    if (base->canon_enclen > nm->canon_enclen)
-        return X509_V_ERR_PERMITTED_VIOLATION;
-    if (memcmp(base->canon_enc, nm->canon_enc, base->canon_enclen))
-        return X509_V_ERR_PERMITTED_VIOLATION;
-    return X509_V_OK;
-}
-
-static int nc_dns(ASN1_IA5STRING *dns, ASN1_IA5STRING *base)
-{
-    char *baseptr = (char *)base->data;
-    char *dnsptr = (char *)dns->data;
-    /* Empty matches everything */
-    if (!*baseptr)
-        return X509_V_OK;
-    /*
-     * Otherwise can add zero or more components on the left so compare RHS
-     * and if dns is longer and expect '.' as preceding character.
-     */
-    if (dns->length > base->length) {
-        dnsptr += dns->length - base->length;
-        if (*baseptr != '.' && dnsptr[-1] != '.')
-            return X509_V_ERR_PERMITTED_VIOLATION;
-    }
-
-    if (strcasecmp(baseptr, dnsptr))
-        return X509_V_ERR_PERMITTED_VIOLATION;
-
-    return X509_V_OK;
-
-}
-
-static int nc_email(ASN1_IA5STRING *eml, ASN1_IA5STRING *base)
-{
-    const char *baseptr = (char *)base->data;
-    const char *emlptr = (char *)eml->data;
-
-    const char *baseat = strchr(baseptr, '@');
-    const char *emlat = strchr(emlptr, '@');
-    if (!emlat)
-        return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
-    /* Special case: inital '.' is RHS match */
-    if (!baseat && (*baseptr == '.')) {
-        if (eml->length > base->length) {
-            emlptr += eml->length - base->length;
-            if (!strcasecmp(baseptr, emlptr))
-                return X509_V_OK;
-        }
-        return X509_V_ERR_PERMITTED_VIOLATION;
-    }
-
-    /* If we have anything before '@' match local part */
-
-    if (baseat) {
-        if (baseat != baseptr) {
-            if ((baseat - baseptr) != (emlat - emlptr))
-                return X509_V_ERR_PERMITTED_VIOLATION;
-            /* Case sensitive match of local part */
-            if (strncmp(baseptr, emlptr, emlat - emlptr))
-                return X509_V_ERR_PERMITTED_VIOLATION;
-        }
-        /* Position base after '@' */
-        baseptr = baseat + 1;
-    }
-    emlptr = emlat + 1;
-    /* Just have hostname left to match: case insensitive */
-    if (strcasecmp(baseptr, emlptr))
-        return X509_V_ERR_PERMITTED_VIOLATION;
-
-    return X509_V_OK;
-
-}
-
-static int nc_uri(ASN1_IA5STRING *uri, ASN1_IA5STRING *base)
-{
-    const char *baseptr = (char *)base->data;
-    const char *hostptr = (char *)uri->data;
-    const char *p = strchr(hostptr, ':');
-    int hostlen;
-    /* Check for foo:// and skip past it */
-    if (!p || (p[1] != '/') || (p[2] != '/'))
-        return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
-    hostptr = p + 3;
-
-    /* Determine length of hostname part of URI */
-
-    /* Look for a port indicator as end of hostname first */
-
-    p = strchr(hostptr, ':');
-    /* Otherwise look for trailing slash */
-    if (!p)
-        p = strchr(hostptr, '/');
-
-    if (!p)
-        hostlen = strlen(hostptr);
-    else
-        hostlen = p - hostptr;
-
-    if (hostlen == 0)
-        return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
-
-    /* Special case: inital '.' is RHS match */
-    if (*baseptr == '.') {
-        if (hostlen > base->length) {
-            p = hostptr + hostlen - base->length;
-            if (!strncasecmp(p, baseptr, base->length))
-                return X509_V_OK;
-        }
-        return X509_V_ERR_PERMITTED_VIOLATION;
-    }
-
-    if ((base->length != (int)hostlen)
-        || strncasecmp(hostptr, baseptr, hostlen))
-        return X509_V_ERR_PERMITTED_VIOLATION;
-
-    return X509_V_OK;
-
-}
diff --git a/thirdparty/openssl/crypto/x509v3/v3_ocsp.c b/thirdparty/openssl/crypto/x509v3/v3_ocsp.c
deleted file mode 100644
index b151eaccba..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_ocsp.c
+++ /dev/null
@@ -1,312 +0,0 @@
-/* v3_ocsp.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef OPENSSL_NO_OCSP
-
-# include <stdio.h>
-# include "cryptlib.h"
-# include <openssl/conf.h>
-# include <openssl/asn1.h>
-# include <openssl/ocsp.h>
-# include <openssl/x509v3.h>
-
-/*
- * OCSP extensions and a couple of CRL entry extensions
- */
-
-static int i2r_ocsp_crlid(const X509V3_EXT_METHOD *method, void *nonce,
-                          BIO *out, int indent);
-static int i2r_ocsp_acutoff(const X509V3_EXT_METHOD *method, void *nonce,
-                            BIO *out, int indent);
-static int i2r_object(const X509V3_EXT_METHOD *method, void *obj, BIO *out,
-                      int indent);
-
-static void *ocsp_nonce_new(void);
-static int i2d_ocsp_nonce(void *a, unsigned char **pp);
-static void *d2i_ocsp_nonce(void *a, const unsigned char **pp, long length);
-static void ocsp_nonce_free(void *a);
-static int i2r_ocsp_nonce(const X509V3_EXT_METHOD *method, void *nonce,
-                          BIO *out, int indent);
-
-static int i2r_ocsp_nocheck(const X509V3_EXT_METHOD *method,
-                            void *nocheck, BIO *out, int indent);
-static void *s2i_ocsp_nocheck(const X509V3_EXT_METHOD *method,
-                              X509V3_CTX *ctx, const char *str);
-static int i2r_ocsp_serviceloc(const X509V3_EXT_METHOD *method, void *in,
-                               BIO *bp, int ind);
-
-const X509V3_EXT_METHOD v3_ocsp_crlid = {
-    NID_id_pkix_OCSP_CrlID, 0, ASN1_ITEM_ref(OCSP_CRLID),
-    0, 0, 0, 0,
-    0, 0,
-    0, 0,
-    i2r_ocsp_crlid, 0,
-    NULL
-};
-
-const X509V3_EXT_METHOD v3_ocsp_acutoff = {
-    NID_id_pkix_OCSP_archiveCutoff, 0, ASN1_ITEM_ref(ASN1_GENERALIZEDTIME),
-    0, 0, 0, 0,
-    0, 0,
-    0, 0,
-    i2r_ocsp_acutoff, 0,
-    NULL
-};
-
-const X509V3_EXT_METHOD v3_crl_invdate = {
-    NID_invalidity_date, 0, ASN1_ITEM_ref(ASN1_GENERALIZEDTIME),
-    0, 0, 0, 0,
-    0, 0,
-    0, 0,
-    i2r_ocsp_acutoff, 0,
-    NULL
-};
-
-const X509V3_EXT_METHOD v3_crl_hold = {
-    NID_hold_instruction_code, 0, ASN1_ITEM_ref(ASN1_OBJECT),
-    0, 0, 0, 0,
-    0, 0,
-    0, 0,
-    i2r_object, 0,
-    NULL
-};
-
-const X509V3_EXT_METHOD v3_ocsp_nonce = {
-    NID_id_pkix_OCSP_Nonce, 0, NULL,
-    ocsp_nonce_new,
-    ocsp_nonce_free,
-    d2i_ocsp_nonce,
-    i2d_ocsp_nonce,
-    0, 0,
-    0, 0,
-    i2r_ocsp_nonce, 0,
-    NULL
-};
-
-const X509V3_EXT_METHOD v3_ocsp_nocheck = {
-    NID_id_pkix_OCSP_noCheck, 0, ASN1_ITEM_ref(ASN1_NULL),
-    0, 0, 0, 0,
-    0, s2i_ocsp_nocheck,
-    0, 0,
-    i2r_ocsp_nocheck, 0,
-    NULL
-};
-
-const X509V3_EXT_METHOD v3_ocsp_serviceloc = {
-    NID_id_pkix_OCSP_serviceLocator, 0, ASN1_ITEM_ref(OCSP_SERVICELOC),
-    0, 0, 0, 0,
-    0, 0,
-    0, 0,
-    i2r_ocsp_serviceloc, 0,
-    NULL
-};
-
-static int i2r_ocsp_crlid(const X509V3_EXT_METHOD *method, void *in, BIO *bp,
-                          int ind)
-{
-    OCSP_CRLID *a = in;
-    if (a->crlUrl) {
-        if (BIO_printf(bp, "%*scrlUrl: ", ind, "") <= 0)
-            goto err;
-        if (!ASN1_STRING_print(bp, (ASN1_STRING *)a->crlUrl))
-            goto err;
-        if (BIO_write(bp, "\n", 1) <= 0)
-            goto err;
-    }
-    if (a->crlNum) {
-        if (BIO_printf(bp, "%*scrlNum: ", ind, "") <= 0)
-            goto err;
-        if (i2a_ASN1_INTEGER(bp, a->crlNum) <= 0)
-            goto err;
-        if (BIO_write(bp, "\n", 1) <= 0)
-            goto err;
-    }
-    if (a->crlTime) {
-        if (BIO_printf(bp, "%*scrlTime: ", ind, "") <= 0)
-            goto err;
-        if (!ASN1_GENERALIZEDTIME_print(bp, a->crlTime))
-            goto err;
-        if (BIO_write(bp, "\n", 1) <= 0)
-            goto err;
-    }
-    return 1;
- err:
-    return 0;
-}
-
-static int i2r_ocsp_acutoff(const X509V3_EXT_METHOD *method, void *cutoff,
-                            BIO *bp, int ind)
-{
-    if (BIO_printf(bp, "%*s", ind, "") <= 0)
-        return 0;
-    if (!ASN1_GENERALIZEDTIME_print(bp, cutoff))
-        return 0;
-    return 1;
-}
-
-static int i2r_object(const X509V3_EXT_METHOD *method, void *oid, BIO *bp,
-                      int ind)
-{
-    if (BIO_printf(bp, "%*s", ind, "") <= 0)
-        return 0;
-    if (i2a_ASN1_OBJECT(bp, oid) <= 0)
-        return 0;
-    return 1;
-}
-
-/*
- * OCSP nonce. This is needs special treatment because it doesn't have an
- * ASN1 encoding at all: it just contains arbitrary data.
- */
-
-static void *ocsp_nonce_new(void)
-{
-    return ASN1_OCTET_STRING_new();
-}
-
-static int i2d_ocsp_nonce(void *a, unsigned char **pp)
-{
-    ASN1_OCTET_STRING *os = a;
-    if (pp) {
-        memcpy(*pp, os->data, os->length);
-        *pp += os->length;
-    }
-    return os->length;
-}
-
-static void *d2i_ocsp_nonce(void *a, const unsigned char **pp, long length)
-{
-    ASN1_OCTET_STRING *os, **pos;
-    pos = a;
-    if (!pos || !*pos)
-        os = ASN1_OCTET_STRING_new();
-    else
-        os = *pos;
-    if (!ASN1_OCTET_STRING_set(os, *pp, length))
-        goto err;
-
-    *pp += length;
-
-    if (pos)
-        *pos = os;
-    return os;
-
- err:
-    if (os && (!pos || (*pos != os)))
-        M_ASN1_OCTET_STRING_free(os);
-    OCSPerr(OCSP_F_D2I_OCSP_NONCE, ERR_R_MALLOC_FAILURE);
-    return NULL;
-}
-
-static void ocsp_nonce_free(void *a)
-{
-    M_ASN1_OCTET_STRING_free(a);
-}
-
-static int i2r_ocsp_nonce(const X509V3_EXT_METHOD *method, void *nonce,
-                          BIO *out, int indent)
-{
-    if (BIO_printf(out, "%*s", indent, "") <= 0)
-        return 0;
-    if (i2a_ASN1_STRING(out, nonce, V_ASN1_OCTET_STRING) <= 0)
-        return 0;
-    return 1;
-}
-
-/* Nocheck is just a single NULL. Don't print anything and always set it */
-
-static int i2r_ocsp_nocheck(const X509V3_EXT_METHOD *method, void *nocheck,
-                            BIO *out, int indent)
-{
-    return 1;
-}
-
-static void *s2i_ocsp_nocheck(const X509V3_EXT_METHOD *method,
-                              X509V3_CTX *ctx, const char *str)
-{
-    return ASN1_NULL_new();
-}
-
-static int i2r_ocsp_serviceloc(const X509V3_EXT_METHOD *method, void *in,
-                               BIO *bp, int ind)
-{
-    int i;
-    OCSP_SERVICELOC *a = in;
-    ACCESS_DESCRIPTION *ad;
-
-    if (BIO_printf(bp, "%*sIssuer: ", ind, "") <= 0)
-        goto err;
-    if (X509_NAME_print_ex(bp, a->issuer, 0, XN_FLAG_ONELINE) <= 0)
-        goto err;
-    for (i = 0; i < sk_ACCESS_DESCRIPTION_num(a->locator); i++) {
-        ad = sk_ACCESS_DESCRIPTION_value(a->locator, i);
-        if (BIO_printf(bp, "\n%*s", (2 * ind), "") <= 0)
-            goto err;
-        if (i2a_ASN1_OBJECT(bp, ad->method) <= 0)
-            goto err;
-        if (BIO_puts(bp, " - ") <= 0)
-            goto err;
-        if (GENERAL_NAME_print(bp, ad->location) <= 0)
-            goto err;
-    }
-    return 1;
- err:
-    return 0;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/x509v3/v3_pci.c b/thirdparty/openssl/crypto/x509v3/v3_pci.c
deleted file mode 100644
index 34cad53cb5..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_pci.c
+++ /dev/null
@@ -1,317 +0,0 @@
-/* v3_pci.c */
-/*
- * Contributed to the OpenSSL Project 2004 by Richard Levitte
- * (richard@levitte.org)
- */
-/* Copyright (c) 2004 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *ext,
-                   BIO *out, int indent);
-static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method,
-                                          X509V3_CTX *ctx, char *str);
-
-const X509V3_EXT_METHOD v3_pci =
-    { NID_proxyCertInfo, 0, ASN1_ITEM_ref(PROXY_CERT_INFO_EXTENSION),
-    0, 0, 0, 0,
-    0, 0,
-    NULL, NULL,
-    (X509V3_EXT_I2R)i2r_pci,
-    (X509V3_EXT_R2I)r2i_pci,
-    NULL,
-};
-
-static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *pci,
-                   BIO *out, int indent)
-{
-    BIO_printf(out, "%*sPath Length Constraint: ", indent, "");
-    if (pci->pcPathLengthConstraint)
-        i2a_ASN1_INTEGER(out, pci->pcPathLengthConstraint);
-    else
-        BIO_printf(out, "infinite");
-    BIO_puts(out, "\n");
-    BIO_printf(out, "%*sPolicy Language: ", indent, "");
-    i2a_ASN1_OBJECT(out, pci->proxyPolicy->policyLanguage);
-    BIO_puts(out, "\n");
-    if (pci->proxyPolicy->policy && pci->proxyPolicy->policy->data)
-        BIO_printf(out, "%*sPolicy Text: %s\n", indent, "",
-                   pci->proxyPolicy->policy->data);
-    return 1;
-}
-
-static int process_pci_value(CONF_VALUE *val,
-                             ASN1_OBJECT **language, ASN1_INTEGER **pathlen,
-                             ASN1_OCTET_STRING **policy)
-{
-    int free_policy = 0;
-
-    if (strcmp(val->name, "language") == 0) {
-        if (*language) {
-            X509V3err(X509V3_F_PROCESS_PCI_VALUE,
-                      X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED);
-            X509V3_conf_err(val);
-            return 0;
-        }
-        if (!(*language = OBJ_txt2obj(val->value, 0))) {
-            X509V3err(X509V3_F_PROCESS_PCI_VALUE,
-                      X509V3_R_INVALID_OBJECT_IDENTIFIER);
-            X509V3_conf_err(val);
-            return 0;
-        }
-    } else if (strcmp(val->name, "pathlen") == 0) {
-        if (*pathlen) {
-            X509V3err(X509V3_F_PROCESS_PCI_VALUE,
-                      X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED);
-            X509V3_conf_err(val);
-            return 0;
-        }
-        if (!X509V3_get_value_int(val, pathlen)) {
-            X509V3err(X509V3_F_PROCESS_PCI_VALUE,
-                      X509V3_R_POLICY_PATH_LENGTH);
-            X509V3_conf_err(val);
-            return 0;
-        }
-    } else if (strcmp(val->name, "policy") == 0) {
-        unsigned char *tmp_data = NULL;
-        long val_len;
-        if (!*policy) {
-            *policy = ASN1_OCTET_STRING_new();
-            if (!*policy) {
-                X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_MALLOC_FAILURE);
-                X509V3_conf_err(val);
-                return 0;
-            }
-            free_policy = 1;
-        }
-        if (strncmp(val->value, "hex:", 4) == 0) {
-            unsigned char *tmp_data2 =
-                string_to_hex(val->value + 4, &val_len);
-
-            if (!tmp_data2) {
-                X509V3err(X509V3_F_PROCESS_PCI_VALUE,
-                          X509V3_R_ILLEGAL_HEX_DIGIT);
-                X509V3_conf_err(val);
-                goto err;
-            }
-
-            tmp_data = OPENSSL_realloc((*policy)->data,
-                                       (*policy)->length + val_len + 1);
-            if (tmp_data) {
-                (*policy)->data = tmp_data;
-                memcpy(&(*policy)->data[(*policy)->length],
-                       tmp_data2, val_len);
-                (*policy)->length += val_len;
-                (*policy)->data[(*policy)->length] = '\0';
-            } else {
-                OPENSSL_free(tmp_data2);
-                /*
-                 * realloc failure implies the original data space is b0rked
-                 * too!
-                 */
-                (*policy)->data = NULL;
-                (*policy)->length = 0;
-                X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_MALLOC_FAILURE);
-                X509V3_conf_err(val);
-                goto err;
-            }
-            OPENSSL_free(tmp_data2);
-        } else if (strncmp(val->value, "file:", 5) == 0) {
-            unsigned char buf[2048];
-            int n;
-            BIO *b = BIO_new_file(val->value + 5, "r");
-            if (!b) {
-                X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_BIO_LIB);
-                X509V3_conf_err(val);
-                goto err;
-            }
-            while ((n = BIO_read(b, buf, sizeof(buf))) > 0
-                   || (n == 0 && BIO_should_retry(b))) {
-                if (!n)
-                    continue;
-
-                tmp_data = OPENSSL_realloc((*policy)->data,
-                                           (*policy)->length + n + 1);
-
-                if (!tmp_data)
-                    break;
-
-                (*policy)->data = tmp_data;
-                memcpy(&(*policy)->data[(*policy)->length], buf, n);
-                (*policy)->length += n;
-                (*policy)->data[(*policy)->length] = '\0';
-            }
-            BIO_free_all(b);
-
-            if (n < 0) {
-                X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_BIO_LIB);
-                X509V3_conf_err(val);
-                goto err;
-            }
-        } else if (strncmp(val->value, "text:", 5) == 0) {
-            val_len = strlen(val->value + 5);
-            tmp_data = OPENSSL_realloc((*policy)->data,
-                                       (*policy)->length + val_len + 1);
-            if (tmp_data) {
-                (*policy)->data = tmp_data;
-                memcpy(&(*policy)->data[(*policy)->length],
-                       val->value + 5, val_len);
-                (*policy)->length += val_len;
-                (*policy)->data[(*policy)->length] = '\0';
-            } else {
-                /*
-                 * realloc failure implies the original data space is b0rked
-                 * too!
-                 */
-                (*policy)->data = NULL;
-                (*policy)->length = 0;
-                X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_MALLOC_FAILURE);
-                X509V3_conf_err(val);
-                goto err;
-            }
-        } else {
-            X509V3err(X509V3_F_PROCESS_PCI_VALUE,
-                      X509V3_R_INCORRECT_POLICY_SYNTAX_TAG);
-            X509V3_conf_err(val);
-            goto err;
-        }
-        if (!tmp_data) {
-            X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_MALLOC_FAILURE);
-            X509V3_conf_err(val);
-            goto err;
-        }
-    }
-    return 1;
- err:
-    if (free_policy) {
-        ASN1_OCTET_STRING_free(*policy);
-        *policy = NULL;
-    }
-    return 0;
-}
-
-static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method,
-                                          X509V3_CTX *ctx, char *value)
-{
-    PROXY_CERT_INFO_EXTENSION *pci = NULL;
-    STACK_OF(CONF_VALUE) *vals;
-    ASN1_OBJECT *language = NULL;
-    ASN1_INTEGER *pathlen = NULL;
-    ASN1_OCTET_STRING *policy = NULL;
-    int i, j;
-
-    vals = X509V3_parse_list(value);
-    for (i = 0; i < sk_CONF_VALUE_num(vals); i++) {
-        CONF_VALUE *cnf = sk_CONF_VALUE_value(vals, i);
-        if (!cnf->name || (*cnf->name != '@' && !cnf->value)) {
-            X509V3err(X509V3_F_R2I_PCI,
-                      X509V3_R_INVALID_PROXY_POLICY_SETTING);
-            X509V3_conf_err(cnf);
-            goto err;
-        }
-        if (*cnf->name == '@') {
-            STACK_OF(CONF_VALUE) *sect;
-            int success_p = 1;
-
-            sect = X509V3_get_section(ctx, cnf->name + 1);
-            if (!sect) {
-                X509V3err(X509V3_F_R2I_PCI, X509V3_R_INVALID_SECTION);
-                X509V3_conf_err(cnf);
-                goto err;
-            }
-            for (j = 0; success_p && j < sk_CONF_VALUE_num(sect); j++) {
-                success_p =
-                    process_pci_value(sk_CONF_VALUE_value(sect, j),
-                                      &language, &pathlen, &policy);
-            }
-            X509V3_section_free(ctx, sect);
-            if (!success_p)
-                goto err;
-        } else {
-            if (!process_pci_value(cnf, &language, &pathlen, &policy)) {
-                X509V3_conf_err(cnf);
-                goto err;
-            }
-        }
-    }
-
-    /* Language is mandatory */
-    if (!language) {
-        X509V3err(X509V3_F_R2I_PCI,
-                  X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED);
-        goto err;
-    }
-    i = OBJ_obj2nid(language);
-    if ((i == NID_Independent || i == NID_id_ppl_inheritAll) && policy) {
-        X509V3err(X509V3_F_R2I_PCI,
-                  X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY);
-        goto err;
-    }
-
-    pci = PROXY_CERT_INFO_EXTENSION_new();
-    if (!pci) {
-        X509V3err(X509V3_F_R2I_PCI, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    pci->proxyPolicy->policyLanguage = language;
-    language = NULL;
-    pci->proxyPolicy->policy = policy;
-    policy = NULL;
-    pci->pcPathLengthConstraint = pathlen;
-    pathlen = NULL;
-    goto end;
- err:
-    if (language) {
-        ASN1_OBJECT_free(language);
-        language = NULL;
-    }
-    if (pathlen) {
-        ASN1_INTEGER_free(pathlen);
-        pathlen = NULL;
-    }
-    if (policy) {
-        ASN1_OCTET_STRING_free(policy);
-        policy = NULL;
-    }
-    if (pci) {
-        PROXY_CERT_INFO_EXTENSION_free(pci);
-        pci = NULL;
-    }
- end:
-    sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
-    return pci;
-}
diff --git a/thirdparty/openssl/crypto/x509v3/v3_pcia.c b/thirdparty/openssl/crypto/x509v3/v3_pcia.c
deleted file mode 100644
index e53c82e8dc..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_pcia.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/* v3_pcia.c */
-/*
- * Contributed to the OpenSSL Project 2004 by Richard Levitte
- * (richard@levitte.org)
- */
-/* Copyright (c) 2004 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509v3.h>
-
-ASN1_SEQUENCE(PROXY_POLICY) =
-        {
-        ASN1_SIMPLE(PROXY_POLICY,policyLanguage,ASN1_OBJECT),
-        ASN1_OPT(PROXY_POLICY,policy,ASN1_OCTET_STRING)
-} ASN1_SEQUENCE_END(PROXY_POLICY)
-
-IMPLEMENT_ASN1_FUNCTIONS(PROXY_POLICY)
-
-ASN1_SEQUENCE(PROXY_CERT_INFO_EXTENSION) =
-        {
-        ASN1_OPT(PROXY_CERT_INFO_EXTENSION,pcPathLengthConstraint,ASN1_INTEGER),
-        ASN1_SIMPLE(PROXY_CERT_INFO_EXTENSION,proxyPolicy,PROXY_POLICY)
-} ASN1_SEQUENCE_END(PROXY_CERT_INFO_EXTENSION)
-
-IMPLEMENT_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
diff --git a/thirdparty/openssl/crypto/x509v3/v3_pcons.c b/thirdparty/openssl/crypto/x509v3/v3_pcons.c
deleted file mode 100644
index cfccb97de6..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_pcons.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/* v3_pcons.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static STACK_OF(CONF_VALUE) *i2v_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD
-                                                    *method, void *bcons, STACK_OF(CONF_VALUE)
-                                                    *extlist);
-static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method,
-                                    X509V3_CTX *ctx,
-                                    STACK_OF(CONF_VALUE) *values);
-
-const X509V3_EXT_METHOD v3_policy_constraints = {
-    NID_policy_constraints, 0,
-    ASN1_ITEM_ref(POLICY_CONSTRAINTS),
-    0, 0, 0, 0,
-    0, 0,
-    i2v_POLICY_CONSTRAINTS,
-    v2i_POLICY_CONSTRAINTS,
-    NULL, NULL,
-    NULL
-};
-
-ASN1_SEQUENCE(POLICY_CONSTRAINTS) = {
-        ASN1_IMP_OPT(POLICY_CONSTRAINTS, requireExplicitPolicy, ASN1_INTEGER,0),
-        ASN1_IMP_OPT(POLICY_CONSTRAINTS, inhibitPolicyMapping, ASN1_INTEGER,1)
-} ASN1_SEQUENCE_END(POLICY_CONSTRAINTS)
-
-IMPLEMENT_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
-
-static STACK_OF(CONF_VALUE) *i2v_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD
-                                                    *method, void *a, STACK_OF(CONF_VALUE)
-                                                    *extlist)
-{
-    POLICY_CONSTRAINTS *pcons = a;
-    X509V3_add_value_int("Require Explicit Policy",
-                         pcons->requireExplicitPolicy, &extlist);
-    X509V3_add_value_int("Inhibit Policy Mapping",
-                         pcons->inhibitPolicyMapping, &extlist);
-    return extlist;
-}
-
-static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method,
-                                    X509V3_CTX *ctx,
-                                    STACK_OF(CONF_VALUE) *values)
-{
-    POLICY_CONSTRAINTS *pcons = NULL;
-    CONF_VALUE *val;
-    int i;
-    if (!(pcons = POLICY_CONSTRAINTS_new())) {
-        X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
-        val = sk_CONF_VALUE_value(values, i);
-        if (!strcmp(val->name, "requireExplicitPolicy")) {
-            if (!X509V3_get_value_int(val, &pcons->requireExplicitPolicy))
-                goto err;
-        } else if (!strcmp(val->name, "inhibitPolicyMapping")) {
-            if (!X509V3_get_value_int(val, &pcons->inhibitPolicyMapping))
-                goto err;
-        } else {
-            X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS, X509V3_R_INVALID_NAME);
-            X509V3_conf_err(val);
-            goto err;
-        }
-    }
-    if (!pcons->inhibitPolicyMapping && !pcons->requireExplicitPolicy) {
-        X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS,
-                  X509V3_R_ILLEGAL_EMPTY_EXTENSION);
-        goto err;
-    }
-
-    return pcons;
- err:
-    POLICY_CONSTRAINTS_free(pcons);
-    return NULL;
-}
diff --git a/thirdparty/openssl/crypto/x509v3/v3_pku.c b/thirdparty/openssl/crypto/x509v3/v3_pku.c
deleted file mode 100644
index dd01c44169..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_pku.c
+++ /dev/null
@@ -1,114 +0,0 @@
-/* v3_pku.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509v3.h>
-
-static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method,
-                                 PKEY_USAGE_PERIOD *usage, BIO *out,
-                                 int indent);
-/*
- * static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method,
- * X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
- */
-const X509V3_EXT_METHOD v3_pkey_usage_period = {
-    NID_private_key_usage_period, 0, ASN1_ITEM_ref(PKEY_USAGE_PERIOD),
-    0, 0, 0, 0,
-    0, 0, 0, 0,
-    (X509V3_EXT_I2R)i2r_PKEY_USAGE_PERIOD, NULL,
-    NULL
-};
-
-ASN1_SEQUENCE(PKEY_USAGE_PERIOD) = {
-        ASN1_IMP_OPT(PKEY_USAGE_PERIOD, notBefore, ASN1_GENERALIZEDTIME, 0),
-        ASN1_IMP_OPT(PKEY_USAGE_PERIOD, notAfter, ASN1_GENERALIZEDTIME, 1)
-} ASN1_SEQUENCE_END(PKEY_USAGE_PERIOD)
-
-IMPLEMENT_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD)
-
-static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method,
-                                 PKEY_USAGE_PERIOD *usage, BIO *out,
-                                 int indent)
-{
-    BIO_printf(out, "%*s", indent, "");
-    if (usage->notBefore) {
-        BIO_write(out, "Not Before: ", 12);
-        ASN1_GENERALIZEDTIME_print(out, usage->notBefore);
-        if (usage->notAfter)
-            BIO_write(out, ", ", 2);
-    }
-    if (usage->notAfter) {
-        BIO_write(out, "Not After: ", 11);
-        ASN1_GENERALIZEDTIME_print(out, usage->notAfter);
-    }
-    return 1;
-}
-
-/*-
-static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(method, ctx, values)
-X509V3_EXT_METHOD *method;
-X509V3_CTX *ctx;
-STACK_OF(CONF_VALUE) *values;
-{
-return NULL;
-}
-*/
diff --git a/thirdparty/openssl/crypto/x509v3/v3_pmaps.c b/thirdparty/openssl/crypto/x509v3/v3_pmaps.c
deleted file mode 100644
index a168343b82..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_pmaps.c
+++ /dev/null
@@ -1,156 +0,0 @@
-/* v3_pmaps.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method,
-                                 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static STACK_OF(CONF_VALUE) *i2v_POLICY_MAPPINGS(const X509V3_EXT_METHOD
-                                                 *method, void *pmps, STACK_OF(CONF_VALUE)
-                                                 *extlist);
-
-const X509V3_EXT_METHOD v3_policy_mappings = {
-    NID_policy_mappings, 0,
-    ASN1_ITEM_ref(POLICY_MAPPINGS),
-    0, 0, 0, 0,
-    0, 0,
-    i2v_POLICY_MAPPINGS,
-    v2i_POLICY_MAPPINGS,
-    0, 0,
-    NULL
-};
-
-ASN1_SEQUENCE(POLICY_MAPPING) = {
-        ASN1_SIMPLE(POLICY_MAPPING, issuerDomainPolicy, ASN1_OBJECT),
-        ASN1_SIMPLE(POLICY_MAPPING, subjectDomainPolicy, ASN1_OBJECT)
-} ASN1_SEQUENCE_END(POLICY_MAPPING)
-
-ASN1_ITEM_TEMPLATE(POLICY_MAPPINGS) =
-        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, POLICY_MAPPINGS,
-                                                                POLICY_MAPPING)
-ASN1_ITEM_TEMPLATE_END(POLICY_MAPPINGS)
-
-IMPLEMENT_ASN1_ALLOC_FUNCTIONS(POLICY_MAPPING)
-
-static STACK_OF(CONF_VALUE) *i2v_POLICY_MAPPINGS(const X509V3_EXT_METHOD
-                                                 *method, void *a, STACK_OF(CONF_VALUE)
-                                                 *ext_list)
-{
-    POLICY_MAPPINGS *pmaps = a;
-    POLICY_MAPPING *pmap;
-    int i;
-    char obj_tmp1[80];
-    char obj_tmp2[80];
-    for (i = 0; i < sk_POLICY_MAPPING_num(pmaps); i++) {
-        pmap = sk_POLICY_MAPPING_value(pmaps, i);
-        i2t_ASN1_OBJECT(obj_tmp1, 80, pmap->issuerDomainPolicy);
-        i2t_ASN1_OBJECT(obj_tmp2, 80, pmap->subjectDomainPolicy);
-        X509V3_add_value(obj_tmp1, obj_tmp2, &ext_list);
-    }
-    return ext_list;
-}
-
-static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method,
-                                 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
-{
-    POLICY_MAPPINGS *pmaps;
-    POLICY_MAPPING *pmap;
-    ASN1_OBJECT *obj1, *obj2;
-    CONF_VALUE *val;
-    int i;
-
-    if (!(pmaps = sk_POLICY_MAPPING_new_null())) {
-        X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-        val = sk_CONF_VALUE_value(nval, i);
-        if (!val->value || !val->name) {
-            sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free);
-            X509V3err(X509V3_F_V2I_POLICY_MAPPINGS,
-                      X509V3_R_INVALID_OBJECT_IDENTIFIER);
-            X509V3_conf_err(val);
-            return NULL;
-        }
-        obj1 = OBJ_txt2obj(val->name, 0);
-        obj2 = OBJ_txt2obj(val->value, 0);
-        if (!obj1 || !obj2) {
-            sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free);
-            X509V3err(X509V3_F_V2I_POLICY_MAPPINGS,
-                      X509V3_R_INVALID_OBJECT_IDENTIFIER);
-            X509V3_conf_err(val);
-            return NULL;
-        }
-        pmap = POLICY_MAPPING_new();
-        if (!pmap) {
-            sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free);
-            X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, ERR_R_MALLOC_FAILURE);
-            return NULL;
-        }
-        pmap->issuerDomainPolicy = obj1;
-        pmap->subjectDomainPolicy = obj2;
-        sk_POLICY_MAPPING_push(pmaps, pmap);
-    }
-    return pmaps;
-}
diff --git a/thirdparty/openssl/crypto/x509v3/v3_prn.c b/thirdparty/openssl/crypto/x509v3/v3_prn.c
deleted file mode 100644
index acc9c6d991..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_prn.c
+++ /dev/null
@@ -1,259 +0,0 @@
-/* v3_prn.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* X509 v3 extension utilities */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-/* Extension printing routines */
-
-static int unknown_ext_print(BIO *out, X509_EXTENSION *ext,
-                             unsigned long flag, int indent, int supported);
-
-/* Print out a name+value stack */
-
-void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent,
-                        int ml)
-{
-    int i;
-    CONF_VALUE *nval;
-    if (!val)
-        return;
-    if (!ml || !sk_CONF_VALUE_num(val)) {
-        BIO_printf(out, "%*s", indent, "");
-        if (!sk_CONF_VALUE_num(val))
-            BIO_puts(out, "<EMPTY>\n");
-    }
-    for (i = 0; i < sk_CONF_VALUE_num(val); i++) {
-        if (ml)
-            BIO_printf(out, "%*s", indent, "");
-        else if (i > 0)
-            BIO_printf(out, ", ");
-        nval = sk_CONF_VALUE_value(val, i);
-        if (!nval->name)
-            BIO_puts(out, nval->value);
-        else if (!nval->value)
-            BIO_puts(out, nval->name);
-#ifndef CHARSET_EBCDIC
-        else
-            BIO_printf(out, "%s:%s", nval->name, nval->value);
-#else
-        else {
-            int len;
-            char *tmp;
-            len = strlen(nval->value) + 1;
-            tmp = OPENSSL_malloc(len);
-            if (tmp) {
-                ascii2ebcdic(tmp, nval->value, len);
-                BIO_printf(out, "%s:%s", nval->name, tmp);
-                OPENSSL_free(tmp);
-            }
-        }
-#endif
-        if (ml)
-            BIO_puts(out, "\n");
-    }
-}
-
-/* Main routine: print out a general extension */
-
-int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag,
-                     int indent)
-{
-    void *ext_str = NULL;
-    char *value = NULL;
-    const unsigned char *p;
-    const X509V3_EXT_METHOD *method;
-    STACK_OF(CONF_VALUE) *nval = NULL;
-    int ok = 1;
-
-    if (!(method = X509V3_EXT_get(ext)))
-        return unknown_ext_print(out, ext, flag, indent, 0);
-    p = ext->value->data;
-    if (method->it)
-        ext_str =
-            ASN1_item_d2i(NULL, &p, ext->value->length,
-                          ASN1_ITEM_ptr(method->it));
-    else
-        ext_str = method->d2i(NULL, &p, ext->value->length);
-
-    if (!ext_str)
-        return unknown_ext_print(out, ext, flag, indent, 1);
-
-    if (method->i2s) {
-        if (!(value = method->i2s(method, ext_str))) {
-            ok = 0;
-            goto err;
-        }
-#ifndef CHARSET_EBCDIC
-        BIO_printf(out, "%*s%s", indent, "", value);
-#else
-        {
-            int len;
-            char *tmp;
-            len = strlen(value) + 1;
-            tmp = OPENSSL_malloc(len);
-            if (tmp) {
-                ascii2ebcdic(tmp, value, len);
-                BIO_printf(out, "%*s%s", indent, "", tmp);
-                OPENSSL_free(tmp);
-            }
-        }
-#endif
-    } else if (method->i2v) {
-        if (!(nval = method->i2v(method, ext_str, NULL))) {
-            ok = 0;
-            goto err;
-        }
-        X509V3_EXT_val_prn(out, nval, indent,
-                           method->ext_flags & X509V3_EXT_MULTILINE);
-    } else if (method->i2r) {
-        if (!method->i2r(method, ext_str, out, indent))
-            ok = 0;
-    } else
-        ok = 0;
-
- err:
-    sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
-    if (value)
-        OPENSSL_free(value);
-    if (method->it)
-        ASN1_item_free(ext_str, ASN1_ITEM_ptr(method->it));
-    else
-        method->ext_free(ext_str);
-    return ok;
-}
-
-int X509V3_extensions_print(BIO *bp, char *title,
-                            STACK_OF(X509_EXTENSION) *exts,
-                            unsigned long flag, int indent)
-{
-    int i, j;
-
-    if (sk_X509_EXTENSION_num(exts) <= 0)
-        return 1;
-
-    if (title) {
-        BIO_printf(bp, "%*s%s:\n", indent, "", title);
-        indent += 4;
-    }
-
-    for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
-        ASN1_OBJECT *obj;
-        X509_EXTENSION *ex;
-        ex = sk_X509_EXTENSION_value(exts, i);
-        if (indent && BIO_printf(bp, "%*s", indent, "") <= 0)
-            return 0;
-        obj = X509_EXTENSION_get_object(ex);
-        i2a_ASN1_OBJECT(bp, obj);
-        j = X509_EXTENSION_get_critical(ex);
-        if (BIO_printf(bp, ": %s\n", j ? "critical" : "") <= 0)
-            return 0;
-        if (!X509V3_EXT_print(bp, ex, flag, indent + 4)) {
-            BIO_printf(bp, "%*s", indent + 4, "");
-            M_ASN1_OCTET_STRING_print(bp, ex->value);
-        }
-        if (BIO_write(bp, "\n", 1) <= 0)
-            return 0;
-    }
-    return 1;
-}
-
-static int unknown_ext_print(BIO *out, X509_EXTENSION *ext,
-                             unsigned long flag, int indent, int supported)
-{
-    switch (flag & X509V3_EXT_UNKNOWN_MASK) {
-
-    case X509V3_EXT_DEFAULT:
-        return 0;
-
-    case X509V3_EXT_ERROR_UNKNOWN:
-        if (supported)
-            BIO_printf(out, "%*s<Parse Error>", indent, "");
-        else
-            BIO_printf(out, "%*s<Not Supported>", indent, "");
-        return 1;
-
-    case X509V3_EXT_PARSE_UNKNOWN:
-        return ASN1_parse_dump(out,
-                               ext->value->data, ext->value->length, indent,
-                               -1);
-    case X509V3_EXT_DUMP_UNKNOWN:
-        return BIO_dump_indent(out, (char *)ext->value->data,
-                               ext->value->length, indent);
-
-    default:
-        return 1;
-    }
-}
-
-#ifndef OPENSSL_NO_FP_API
-int X509V3_EXT_print_fp(FILE *fp, X509_EXTENSION *ext, int flag, int indent)
-{
-    BIO *bio_tmp;
-    int ret;
-    if (!(bio_tmp = BIO_new_fp(fp, BIO_NOCLOSE)))
-        return 0;
-    ret = X509V3_EXT_print(bio_tmp, ext, flag, indent);
-    BIO_free(bio_tmp);
-    return ret;
-}
-#endif
diff --git a/thirdparty/openssl/crypto/x509v3/v3_purp.c b/thirdparty/openssl/crypto/x509v3/v3_purp.c
deleted file mode 100644
index 96e629a930..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_purp.c
+++ /dev/null
@@ -1,853 +0,0 @@
-/* v3_purp.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509v3.h>
-#include <openssl/x509_vfy.h>
-
-static void x509v3_cache_extensions(X509 *x);
-
-static int check_ssl_ca(const X509 *x);
-static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x,
-                                    int ca);
-static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x,
-                                    int ca);
-static int check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x,
-                                       int ca);
-static int purpose_smime(const X509 *x, int ca);
-static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x,
-                                    int ca);
-static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x,
-                                       int ca);
-static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x,
-                                  int ca);
-static int check_purpose_timestamp_sign(const X509_PURPOSE *xp, const X509 *x,
-                                        int ca);
-static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca);
-static int ocsp_helper(const X509_PURPOSE *xp, const X509 *x, int ca);
-
-static int xp_cmp(const X509_PURPOSE *const *a, const X509_PURPOSE *const *b);
-static void xptable_free(X509_PURPOSE *p);
-
-static X509_PURPOSE xstandard[] = {
-    {X509_PURPOSE_SSL_CLIENT, X509_TRUST_SSL_CLIENT, 0,
-     check_purpose_ssl_client, "SSL client", "sslclient", NULL},
-    {X509_PURPOSE_SSL_SERVER, X509_TRUST_SSL_SERVER, 0,
-     check_purpose_ssl_server, "SSL server", "sslserver", NULL},
-    {X509_PURPOSE_NS_SSL_SERVER, X509_TRUST_SSL_SERVER, 0,
-     check_purpose_ns_ssl_server, "Netscape SSL server", "nssslserver", NULL},
-    {X509_PURPOSE_SMIME_SIGN, X509_TRUST_EMAIL, 0, check_purpose_smime_sign,
-     "S/MIME signing", "smimesign", NULL},
-    {X509_PURPOSE_SMIME_ENCRYPT, X509_TRUST_EMAIL, 0,
-     check_purpose_smime_encrypt, "S/MIME encryption", "smimeencrypt", NULL},
-    {X509_PURPOSE_CRL_SIGN, X509_TRUST_COMPAT, 0, check_purpose_crl_sign,
-     "CRL signing", "crlsign", NULL},
-    {X509_PURPOSE_ANY, X509_TRUST_DEFAULT, 0, no_check, "Any Purpose", "any",
-     NULL},
-    {X509_PURPOSE_OCSP_HELPER, X509_TRUST_COMPAT, 0, ocsp_helper,
-     "OCSP helper", "ocsphelper", NULL},
-    {X509_PURPOSE_TIMESTAMP_SIGN, X509_TRUST_TSA, 0,
-     check_purpose_timestamp_sign, "Time Stamp signing", "timestampsign",
-     NULL},
-};
-
-#define X509_PURPOSE_COUNT (sizeof(xstandard)/sizeof(X509_PURPOSE))
-
-IMPLEMENT_STACK_OF(X509_PURPOSE)
-
-static STACK_OF(X509_PURPOSE) *xptable = NULL;
-
-static int xp_cmp(const X509_PURPOSE *const *a, const X509_PURPOSE *const *b)
-{
-    return (*a)->purpose - (*b)->purpose;
-}
-
-/*
- * As much as I'd like to make X509_check_purpose use a "const" X509* I
- * really can't because it does recalculate hashes and do other non-const
- * things.
- */
-int X509_check_purpose(X509 *x, int id, int ca)
-{
-    int idx;
-    const X509_PURPOSE *pt;
-    if (!(x->ex_flags & EXFLAG_SET)) {
-        CRYPTO_w_lock(CRYPTO_LOCK_X509);
-        x509v3_cache_extensions(x);
-        CRYPTO_w_unlock(CRYPTO_LOCK_X509);
-    }
-    if (id == -1)
-        return 1;
-    idx = X509_PURPOSE_get_by_id(id);
-    if (idx == -1)
-        return -1;
-    pt = X509_PURPOSE_get0(idx);
-    return pt->check_purpose(pt, x, ca);
-}
-
-int X509_PURPOSE_set(int *p, int purpose)
-{
-    if (X509_PURPOSE_get_by_id(purpose) == -1) {
-        X509V3err(X509V3_F_X509_PURPOSE_SET, X509V3_R_INVALID_PURPOSE);
-        return 0;
-    }
-    *p = purpose;
-    return 1;
-}
-
-int X509_PURPOSE_get_count(void)
-{
-    if (!xptable)
-        return X509_PURPOSE_COUNT;
-    return sk_X509_PURPOSE_num(xptable) + X509_PURPOSE_COUNT;
-}
-
-X509_PURPOSE *X509_PURPOSE_get0(int idx)
-{
-    if (idx < 0)
-        return NULL;
-    if (idx < (int)X509_PURPOSE_COUNT)
-        return xstandard + idx;
-    return sk_X509_PURPOSE_value(xptable, idx - X509_PURPOSE_COUNT);
-}
-
-int X509_PURPOSE_get_by_sname(char *sname)
-{
-    int i;
-    X509_PURPOSE *xptmp;
-    for (i = 0; i < X509_PURPOSE_get_count(); i++) {
-        xptmp = X509_PURPOSE_get0(i);
-        if (!strcmp(xptmp->sname, sname))
-            return i;
-    }
-    return -1;
-}
-
-int X509_PURPOSE_get_by_id(int purpose)
-{
-    X509_PURPOSE tmp;
-    int idx;
-    if ((purpose >= X509_PURPOSE_MIN) && (purpose <= X509_PURPOSE_MAX))
-        return purpose - X509_PURPOSE_MIN;
-    tmp.purpose = purpose;
-    if (!xptable)
-        return -1;
-    idx = sk_X509_PURPOSE_find(xptable, &tmp);
-    if (idx == -1)
-        return -1;
-    return idx + X509_PURPOSE_COUNT;
-}
-
-int X509_PURPOSE_add(int id, int trust, int flags,
-                     int (*ck) (const X509_PURPOSE *, const X509 *, int),
-                     char *name, char *sname, void *arg)
-{
-    int idx;
-    X509_PURPOSE *ptmp;
-    /*
-     * This is set according to what we change: application can't set it
-     */
-    flags &= ~X509_PURPOSE_DYNAMIC;
-    /* This will always be set for application modified trust entries */
-    flags |= X509_PURPOSE_DYNAMIC_NAME;
-    /* Get existing entry if any */
-    idx = X509_PURPOSE_get_by_id(id);
-    /* Need a new entry */
-    if (idx == -1) {
-        if (!(ptmp = OPENSSL_malloc(sizeof(X509_PURPOSE)))) {
-            X509V3err(X509V3_F_X509_PURPOSE_ADD, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-        ptmp->flags = X509_PURPOSE_DYNAMIC;
-    } else
-        ptmp = X509_PURPOSE_get0(idx);
-
-    /* OPENSSL_free existing name if dynamic */
-    if (ptmp->flags & X509_PURPOSE_DYNAMIC_NAME) {
-        OPENSSL_free(ptmp->name);
-        OPENSSL_free(ptmp->sname);
-    }
-    /* dup supplied name */
-    ptmp->name = BUF_strdup(name);
-    ptmp->sname = BUF_strdup(sname);
-    if (!ptmp->name || !ptmp->sname) {
-        X509V3err(X509V3_F_X509_PURPOSE_ADD, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    /* Keep the dynamic flag of existing entry */
-    ptmp->flags &= X509_PURPOSE_DYNAMIC;
-    /* Set all other flags */
-    ptmp->flags |= flags;
-
-    ptmp->purpose = id;
-    ptmp->trust = trust;
-    ptmp->check_purpose = ck;
-    ptmp->usr_data = arg;
-
-    /* If its a new entry manage the dynamic table */
-    if (idx == -1) {
-        if (!xptable && !(xptable = sk_X509_PURPOSE_new(xp_cmp))) {
-            X509V3err(X509V3_F_X509_PURPOSE_ADD, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-        if (!sk_X509_PURPOSE_push(xptable, ptmp)) {
-            X509V3err(X509V3_F_X509_PURPOSE_ADD, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-    }
-    return 1;
-}
-
-static void xptable_free(X509_PURPOSE *p)
-{
-    if (!p)
-        return;
-    if (p->flags & X509_PURPOSE_DYNAMIC) {
-        if (p->flags & X509_PURPOSE_DYNAMIC_NAME) {
-            OPENSSL_free(p->name);
-            OPENSSL_free(p->sname);
-        }
-        OPENSSL_free(p);
-    }
-}
-
-void X509_PURPOSE_cleanup(void)
-{
-    unsigned int i;
-    sk_X509_PURPOSE_pop_free(xptable, xptable_free);
-    for (i = 0; i < X509_PURPOSE_COUNT; i++)
-        xptable_free(xstandard + i);
-    xptable = NULL;
-}
-
-int X509_PURPOSE_get_id(X509_PURPOSE *xp)
-{
-    return xp->purpose;
-}
-
-char *X509_PURPOSE_get0_name(X509_PURPOSE *xp)
-{
-    return xp->name;
-}
-
-char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp)
-{
-    return xp->sname;
-}
-
-int X509_PURPOSE_get_trust(X509_PURPOSE *xp)
-{
-    return xp->trust;
-}
-
-static int nid_cmp(const int *a, const int *b)
-{
-    return *a - *b;
-}
-
-DECLARE_OBJ_BSEARCH_CMP_FN(int, int, nid);
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(int, int, nid);
-
-int X509_supported_extension(X509_EXTENSION *ex)
-{
-    /*
-     * This table is a list of the NIDs of supported extensions: that is
-     * those which are used by the verify process. If an extension is
-     * critical and doesn't appear in this list then the verify process will
-     * normally reject the certificate. The list must be kept in numerical
-     * order because it will be searched using bsearch.
-     */
-
-    static const int supported_nids[] = {
-        NID_netscape_cert_type, /* 71 */
-        NID_key_usage,          /* 83 */
-        NID_subject_alt_name,   /* 85 */
-        NID_basic_constraints,  /* 87 */
-        NID_certificate_policies, /* 89 */
-        NID_crl_distribution_points, /* 103 */
-        NID_ext_key_usage,      /* 126 */
-#ifndef OPENSSL_NO_RFC3779
-        NID_sbgp_ipAddrBlock,   /* 290 */
-        NID_sbgp_autonomousSysNum, /* 291 */
-#endif
-        NID_policy_constraints, /* 401 */
-        NID_proxyCertInfo,      /* 663 */
-        NID_name_constraints,   /* 666 */
-        NID_policy_mappings,    /* 747 */
-        NID_inhibit_any_policy  /* 748 */
-    };
-
-    int ex_nid = OBJ_obj2nid(X509_EXTENSION_get_object(ex));
-
-    if (ex_nid == NID_undef)
-        return 0;
-
-    if (OBJ_bsearch_nid(&ex_nid, supported_nids,
-                        sizeof(supported_nids) / sizeof(int)))
-        return 1;
-    return 0;
-}
-
-static void setup_dp(X509 *x, DIST_POINT *dp)
-{
-    X509_NAME *iname = NULL;
-    int i;
-    if (dp->reasons) {
-        if (dp->reasons->length > 0)
-            dp->dp_reasons = dp->reasons->data[0];
-        if (dp->reasons->length > 1)
-            dp->dp_reasons |= (dp->reasons->data[1] << 8);
-        dp->dp_reasons &= CRLDP_ALL_REASONS;
-    } else
-        dp->dp_reasons = CRLDP_ALL_REASONS;
-    if (!dp->distpoint || (dp->distpoint->type != 1))
-        return;
-    for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++) {
-        GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i);
-        if (gen->type == GEN_DIRNAME) {
-            iname = gen->d.directoryName;
-            break;
-        }
-    }
-    if (!iname)
-        iname = X509_get_issuer_name(x);
-
-    DIST_POINT_set_dpname(dp->distpoint, iname);
-
-}
-
-static void setup_crldp(X509 *x)
-{
-    int i;
-    x->crldp = X509_get_ext_d2i(x, NID_crl_distribution_points, NULL, NULL);
-    for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++)
-        setup_dp(x, sk_DIST_POINT_value(x->crldp, i));
-}
-
-#define V1_ROOT (EXFLAG_V1|EXFLAG_SS)
-#define ku_reject(x, usage) \
-        (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
-#define xku_reject(x, usage) \
-        (((x)->ex_flags & EXFLAG_XKUSAGE) && !((x)->ex_xkusage & (usage)))
-#define ns_reject(x, usage) \
-        (((x)->ex_flags & EXFLAG_NSCERT) && !((x)->ex_nscert & (usage)))
-
-static void x509v3_cache_extensions(X509 *x)
-{
-    BASIC_CONSTRAINTS *bs;
-    PROXY_CERT_INFO_EXTENSION *pci;
-    ASN1_BIT_STRING *usage;
-    ASN1_BIT_STRING *ns;
-    EXTENDED_KEY_USAGE *extusage;
-    X509_EXTENSION *ex;
-
-    int i;
-    if (x->ex_flags & EXFLAG_SET)
-        return;
-#ifndef OPENSSL_NO_SHA
-    X509_digest(x, EVP_sha1(), x->sha1_hash, NULL);
-#endif
-    /* V1 should mean no extensions ... */
-    if (!X509_get_version(x))
-        x->ex_flags |= EXFLAG_V1;
-    /* Handle basic constraints */
-    if ((bs = X509_get_ext_d2i(x, NID_basic_constraints, NULL, NULL))) {
-        if (bs->ca)
-            x->ex_flags |= EXFLAG_CA;
-        if (bs->pathlen) {
-            if ((bs->pathlen->type == V_ASN1_NEG_INTEGER)
-                || !bs->ca) {
-                x->ex_flags |= EXFLAG_INVALID;
-                x->ex_pathlen = 0;
-            } else
-                x->ex_pathlen = ASN1_INTEGER_get(bs->pathlen);
-        } else
-            x->ex_pathlen = -1;
-        BASIC_CONSTRAINTS_free(bs);
-        x->ex_flags |= EXFLAG_BCONS;
-    }
-    /* Handle proxy certificates */
-    if ((pci = X509_get_ext_d2i(x, NID_proxyCertInfo, NULL, NULL))) {
-        if (x->ex_flags & EXFLAG_CA
-            || X509_get_ext_by_NID(x, NID_subject_alt_name, -1) >= 0
-            || X509_get_ext_by_NID(x, NID_issuer_alt_name, -1) >= 0) {
-            x->ex_flags |= EXFLAG_INVALID;
-        }
-        if (pci->pcPathLengthConstraint) {
-            x->ex_pcpathlen = ASN1_INTEGER_get(pci->pcPathLengthConstraint);
-        } else
-            x->ex_pcpathlen = -1;
-        PROXY_CERT_INFO_EXTENSION_free(pci);
-        x->ex_flags |= EXFLAG_PROXY;
-    }
-    /* Handle key usage */
-    if ((usage = X509_get_ext_d2i(x, NID_key_usage, NULL, NULL))) {
-        if (usage->length > 0) {
-            x->ex_kusage = usage->data[0];
-            if (usage->length > 1)
-                x->ex_kusage |= usage->data[1] << 8;
-        } else
-            x->ex_kusage = 0;
-        x->ex_flags |= EXFLAG_KUSAGE;
-        ASN1_BIT_STRING_free(usage);
-    }
-    x->ex_xkusage = 0;
-    if ((extusage = X509_get_ext_d2i(x, NID_ext_key_usage, NULL, NULL))) {
-        x->ex_flags |= EXFLAG_XKUSAGE;
-        for (i = 0; i < sk_ASN1_OBJECT_num(extusage); i++) {
-            switch (OBJ_obj2nid(sk_ASN1_OBJECT_value(extusage, i))) {
-            case NID_server_auth:
-                x->ex_xkusage |= XKU_SSL_SERVER;
-                break;
-
-            case NID_client_auth:
-                x->ex_xkusage |= XKU_SSL_CLIENT;
-                break;
-
-            case NID_email_protect:
-                x->ex_xkusage |= XKU_SMIME;
-                break;
-
-            case NID_code_sign:
-                x->ex_xkusage |= XKU_CODE_SIGN;
-                break;
-
-            case NID_ms_sgc:
-            case NID_ns_sgc:
-                x->ex_xkusage |= XKU_SGC;
-                break;
-
-            case NID_OCSP_sign:
-                x->ex_xkusage |= XKU_OCSP_SIGN;
-                break;
-
-            case NID_time_stamp:
-                x->ex_xkusage |= XKU_TIMESTAMP;
-                break;
-
-            case NID_dvcs:
-                x->ex_xkusage |= XKU_DVCS;
-                break;
-
-            case NID_anyExtendedKeyUsage:
-                x->ex_xkusage |= XKU_ANYEKU;
-                break;
-            }
-        }
-        sk_ASN1_OBJECT_pop_free(extusage, ASN1_OBJECT_free);
-    }
-
-    if ((ns = X509_get_ext_d2i(x, NID_netscape_cert_type, NULL, NULL))) {
-        if (ns->length > 0)
-            x->ex_nscert = ns->data[0];
-        else
-            x->ex_nscert = 0;
-        x->ex_flags |= EXFLAG_NSCERT;
-        ASN1_BIT_STRING_free(ns);
-    }
-    x->skid = X509_get_ext_d2i(x, NID_subject_key_identifier, NULL, NULL);
-    x->akid = X509_get_ext_d2i(x, NID_authority_key_identifier, NULL, NULL);
-    /* Does subject name match issuer ? */
-    if (!X509_NAME_cmp(X509_get_subject_name(x), X509_get_issuer_name(x))) {
-        x->ex_flags |= EXFLAG_SI;
-        /* If SKID matches AKID also indicate self signed */
-        if (X509_check_akid(x, x->akid) == X509_V_OK &&
-            !ku_reject(x, KU_KEY_CERT_SIGN))
-            x->ex_flags |= EXFLAG_SS;
-    }
-    x->altname = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
-    x->nc = X509_get_ext_d2i(x, NID_name_constraints, &i, NULL);
-    if (!x->nc && (i != -1))
-        x->ex_flags |= EXFLAG_INVALID;
-    setup_crldp(x);
-
-#ifndef OPENSSL_NO_RFC3779
-    x->rfc3779_addr = X509_get_ext_d2i(x, NID_sbgp_ipAddrBlock, NULL, NULL);
-    x->rfc3779_asid = X509_get_ext_d2i(x, NID_sbgp_autonomousSysNum,
-                                       NULL, NULL);
-#endif
-    for (i = 0; i < X509_get_ext_count(x); i++) {
-        ex = X509_get_ext(x, i);
-        if (OBJ_obj2nid(X509_EXTENSION_get_object(ex))
-            == NID_freshest_crl)
-            x->ex_flags |= EXFLAG_FRESHEST;
-        if (!X509_EXTENSION_get_critical(ex))
-            continue;
-        if (!X509_supported_extension(ex)) {
-            x->ex_flags |= EXFLAG_CRITICAL;
-            break;
-        }
-    }
-    x->ex_flags |= EXFLAG_SET;
-}
-
-/*-
- * CA checks common to all purposes
- * return codes:
- * 0 not a CA
- * 1 is a CA
- * 2 basicConstraints absent so "maybe" a CA
- * 3 basicConstraints absent but self signed V1.
- * 4 basicConstraints absent but keyUsage present and keyCertSign asserted.
- */
-
-static int check_ca(const X509 *x)
-{
-    /* keyUsage if present should allow cert signing */
-    if (ku_reject(x, KU_KEY_CERT_SIGN))
-        return 0;
-    if (x->ex_flags & EXFLAG_BCONS) {
-        if (x->ex_flags & EXFLAG_CA)
-            return 1;
-        /* If basicConstraints says not a CA then say so */
-        else
-            return 0;
-    } else {
-        /* we support V1 roots for...  uh, I don't really know why. */
-        if ((x->ex_flags & V1_ROOT) == V1_ROOT)
-            return 3;
-        /*
-         * If key usage present it must have certSign so tolerate it
-         */
-        else if (x->ex_flags & EXFLAG_KUSAGE)
-            return 4;
-        /* Older certificates could have Netscape-specific CA types */
-        else if (x->ex_flags & EXFLAG_NSCERT && x->ex_nscert & NS_ANY_CA)
-            return 5;
-        /* can this still be regarded a CA certificate?  I doubt it */
-        return 0;
-    }
-}
-
-int X509_check_ca(X509 *x)
-{
-    if (!(x->ex_flags & EXFLAG_SET)) {
-        CRYPTO_w_lock(CRYPTO_LOCK_X509);
-        x509v3_cache_extensions(x);
-        CRYPTO_w_unlock(CRYPTO_LOCK_X509);
-    }
-
-    return check_ca(x);
-}
-
-/* Check SSL CA: common checks for SSL client and server */
-static int check_ssl_ca(const X509 *x)
-{
-    int ca_ret;
-    ca_ret = check_ca(x);
-    if (!ca_ret)
-        return 0;
-    /* check nsCertType if present */
-    if (ca_ret != 5 || x->ex_nscert & NS_SSL_CA)
-        return ca_ret;
-    else
-        return 0;
-}
-
-static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x,
-                                    int ca)
-{
-    if (xku_reject(x, XKU_SSL_CLIENT))
-        return 0;
-    if (ca)
-        return check_ssl_ca(x);
-    /* We need to do digital signatures or key agreement */
-    if (ku_reject(x, KU_DIGITAL_SIGNATURE | KU_KEY_AGREEMENT))
-        return 0;
-    /* nsCertType if present should allow SSL client use */
-    if (ns_reject(x, NS_SSL_CLIENT))
-        return 0;
-    return 1;
-}
-
-/*
- * Key usage needed for TLS/SSL server: digital signature, encipherment or
- * key agreement. The ssl code can check this more thoroughly for individual
- * key types.
- */
-#define KU_TLS \
-        KU_DIGITAL_SIGNATURE|KU_KEY_ENCIPHERMENT|KU_KEY_AGREEMENT
-
-static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x,
-                                    int ca)
-{
-    if (xku_reject(x, XKU_SSL_SERVER | XKU_SGC))
-        return 0;
-    if (ca)
-        return check_ssl_ca(x);
-
-    if (ns_reject(x, NS_SSL_SERVER))
-        return 0;
-    if (ku_reject(x, KU_TLS))
-        return 0;
-
-    return 1;
-
-}
-
-static int check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x,
-                                       int ca)
-{
-    int ret;
-    ret = check_purpose_ssl_server(xp, x, ca);
-    if (!ret || ca)
-        return ret;
-    /* We need to encipher or Netscape complains */
-    if (ku_reject(x, KU_KEY_ENCIPHERMENT))
-        return 0;
-    return ret;
-}
-
-/* common S/MIME checks */
-static int purpose_smime(const X509 *x, int ca)
-{
-    if (xku_reject(x, XKU_SMIME))
-        return 0;
-    if (ca) {
-        int ca_ret;
-        ca_ret = check_ca(x);
-        if (!ca_ret)
-            return 0;
-        /* check nsCertType if present */
-        if (ca_ret != 5 || x->ex_nscert & NS_SMIME_CA)
-            return ca_ret;
-        else
-            return 0;
-    }
-    if (x->ex_flags & EXFLAG_NSCERT) {
-        if (x->ex_nscert & NS_SMIME)
-            return 1;
-        /* Workaround for some buggy certificates */
-        if (x->ex_nscert & NS_SSL_CLIENT)
-            return 2;
-        return 0;
-    }
-    return 1;
-}
-
-static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x,
-                                    int ca)
-{
-    int ret;
-    ret = purpose_smime(x, ca);
-    if (!ret || ca)
-        return ret;
-    if (ku_reject(x, KU_DIGITAL_SIGNATURE | KU_NON_REPUDIATION))
-        return 0;
-    return ret;
-}
-
-static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x,
-                                       int ca)
-{
-    int ret;
-    ret = purpose_smime(x, ca);
-    if (!ret || ca)
-        return ret;
-    if (ku_reject(x, KU_KEY_ENCIPHERMENT))
-        return 0;
-    return ret;
-}
-
-static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x,
-                                  int ca)
-{
-    if (ca) {
-        int ca_ret;
-        if ((ca_ret = check_ca(x)) != 2)
-            return ca_ret;
-        else
-            return 0;
-    }
-    if (ku_reject(x, KU_CRL_SIGN))
-        return 0;
-    return 1;
-}
-
-/*
- * OCSP helper: this is *not* a full OCSP check. It just checks that each CA
- * is valid. Additional checks must be made on the chain.
- */
-
-static int ocsp_helper(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
-    /*
-     * Must be a valid CA.  Should we really support the "I don't know" value
-     * (2)?
-     */
-    if (ca)
-        return check_ca(x);
-    /* leaf certificate is checked in OCSP_verify() */
-    return 1;
-}
-
-static int check_purpose_timestamp_sign(const X509_PURPOSE *xp, const X509 *x,
-                                        int ca)
-{
-    int i_ext;
-
-    /* If ca is true we must return if this is a valid CA certificate. */
-    if (ca)
-        return check_ca(x);
-
-    /*
-     * Check the optional key usage field:
-     * if Key Usage is present, it must be one of digitalSignature
-     * and/or nonRepudiation (other values are not consistent and shall
-     * be rejected).
-     */
-    if ((x->ex_flags & EXFLAG_KUSAGE)
-        && ((x->ex_kusage & ~(KU_NON_REPUDIATION | KU_DIGITAL_SIGNATURE)) ||
-            !(x->ex_kusage & (KU_NON_REPUDIATION | KU_DIGITAL_SIGNATURE))))
-        return 0;
-
-    /* Only time stamp key usage is permitted and it's required. */
-    if (!(x->ex_flags & EXFLAG_XKUSAGE) || x->ex_xkusage != XKU_TIMESTAMP)
-        return 0;
-
-    /* Extended Key Usage MUST be critical */
-    i_ext = X509_get_ext_by_NID((X509 *)x, NID_ext_key_usage, -1);
-    if (i_ext >= 0) {
-        X509_EXTENSION *ext = X509_get_ext((X509 *)x, i_ext);
-        if (!X509_EXTENSION_get_critical(ext))
-            return 0;
-    }
-
-    return 1;
-}
-
-static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
-    return 1;
-}
-
-/*-
- * Various checks to see if one certificate issued the second.
- * This can be used to prune a set of possible issuer certificates
- * which have been looked up using some simple method such as by
- * subject name.
- * These are:
- * 1. Check issuer_name(subject) == subject_name(issuer)
- * 2. If akid(subject) exists check it matches issuer
- * 3. If key_usage(issuer) exists check it supports certificate signing
- * returns 0 for OK, positive for reason for mismatch, reasons match
- * codes for X509_verify_cert()
- */
-
-int X509_check_issued(X509 *issuer, X509 *subject)
-{
-    if (X509_NAME_cmp(X509_get_subject_name(issuer),
-                      X509_get_issuer_name(subject)))
-        return X509_V_ERR_SUBJECT_ISSUER_MISMATCH;
-    x509v3_cache_extensions(issuer);
-    x509v3_cache_extensions(subject);
-
-    if (subject->akid) {
-        int ret = X509_check_akid(issuer, subject->akid);
-        if (ret != X509_V_OK)
-            return ret;
-    }
-
-    if (subject->ex_flags & EXFLAG_PROXY) {
-        if (ku_reject(issuer, KU_DIGITAL_SIGNATURE))
-            return X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE;
-    } else if (ku_reject(issuer, KU_KEY_CERT_SIGN))
-        return X509_V_ERR_KEYUSAGE_NO_CERTSIGN;
-    return X509_V_OK;
-}
-
-int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid)
-{
-
-    if (!akid)
-        return X509_V_OK;
-
-    /* Check key ids (if present) */
-    if (akid->keyid && issuer->skid &&
-        ASN1_OCTET_STRING_cmp(akid->keyid, issuer->skid))
-        return X509_V_ERR_AKID_SKID_MISMATCH;
-    /* Check serial number */
-    if (akid->serial &&
-        ASN1_INTEGER_cmp(X509_get_serialNumber(issuer), akid->serial))
-        return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
-    /* Check issuer name */
-    if (akid->issuer) {
-        /*
-         * Ugh, for some peculiar reason AKID includes SEQUENCE OF
-         * GeneralName. So look for a DirName. There may be more than one but
-         * we only take any notice of the first.
-         */
-        GENERAL_NAMES *gens;
-        GENERAL_NAME *gen;
-        X509_NAME *nm = NULL;
-        int i;
-        gens = akid->issuer;
-        for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
-            gen = sk_GENERAL_NAME_value(gens, i);
-            if (gen->type == GEN_DIRNAME) {
-                nm = gen->d.dirn;
-                break;
-            }
-        }
-        if (nm && X509_NAME_cmp(nm, X509_get_issuer_name(issuer)))
-            return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
-    }
-    return X509_V_OK;
-}
diff --git a/thirdparty/openssl/crypto/x509v3/v3_scts.c b/thirdparty/openssl/crypto/x509v3/v3_scts.c
deleted file mode 100644
index 0b7c68180e..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_scts.c
+++ /dev/null
@@ -1,334 +0,0 @@
-/* v3_scts.c */
-/*
- * Written by Rob Stradling (rob@comodo.com) for the OpenSSL project 2014.
- */
-/* ====================================================================
- * Copyright (c) 2014 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/x509v3.h>
-
-/* Signature and hash algorithms from RFC 5246 */
-#define TLSEXT_hash_sha256                              4
-
-#define TLSEXT_signature_rsa                            1
-#define TLSEXT_signature_ecdsa                          3
-
-
-#define n2s(c,s)        ((s=(((unsigned int)(c[0]))<< 8)| \
-                            (((unsigned int)(c[1]))    )),c+=2)
-
-#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
-# define SCT_TIMESTAMP unsigned __int64
-#elif defined(__arch64__)
-# define SCT_TIMESTAMP unsigned long
-#else
-# define SCT_TIMESTAMP unsigned long long
-#endif
-
-#define n2l8(c,l)       (l =((SCT_TIMESTAMP)(*((c)++)))<<56, \
-                         l|=((SCT_TIMESTAMP)(*((c)++)))<<48, \
-                         l|=((SCT_TIMESTAMP)(*((c)++)))<<40, \
-                         l|=((SCT_TIMESTAMP)(*((c)++)))<<32, \
-                         l|=((SCT_TIMESTAMP)(*((c)++)))<<24, \
-                         l|=((SCT_TIMESTAMP)(*((c)++)))<<16, \
-                         l|=((SCT_TIMESTAMP)(*((c)++)))<< 8, \
-                         l|=((SCT_TIMESTAMP)(*((c)++))))
-
-typedef struct SCT_st {
-    /* The encoded SCT */
-    unsigned char *sct;
-    unsigned short sctlen;
-    /*
-     * Components of the SCT.  "logid", "ext" and "sig" point to addresses
-     * inside "sct".
-     */
-    unsigned char version;
-    unsigned char *logid;
-    unsigned short logidlen;
-    SCT_TIMESTAMP timestamp;
-    unsigned char *ext;
-    unsigned short extlen;
-    unsigned char hash_alg;
-    unsigned char sig_alg;
-    unsigned char *sig;
-    unsigned short siglen;
-} SCT;
-
-DECLARE_STACK_OF(SCT)
-
-static void SCT_LIST_free(STACK_OF(SCT) *a);
-static STACK_OF(SCT) *d2i_SCT_LIST(STACK_OF(SCT) **a,
-                                   const unsigned char **pp, long length);
-static int i2r_SCT_LIST(X509V3_EXT_METHOD *method, STACK_OF(SCT) *sct_list,
-                        BIO *out, int indent);
-
-const X509V3_EXT_METHOD v3_ct_scts[] = {
-    {NID_ct_precert_scts, 0, NULL,
-     0, (X509V3_EXT_FREE)SCT_LIST_free,
-     (X509V3_EXT_D2I)d2i_SCT_LIST, 0,
-     0, 0, 0, 0,
-     (X509V3_EXT_I2R)i2r_SCT_LIST, 0,
-     NULL},
-
-    {NID_ct_cert_scts, 0, NULL,
-     0, (X509V3_EXT_FREE)SCT_LIST_free,
-     (X509V3_EXT_D2I)d2i_SCT_LIST, 0,
-     0, 0, 0, 0,
-     (X509V3_EXT_I2R)i2r_SCT_LIST, 0,
-     NULL},
-};
-
-static void tls12_signature_print(BIO *out, const unsigned char hash_alg,
-                                  const unsigned char sig_alg)
-{
-    int nid = NID_undef;
-    /* RFC6962 only permits two signature algorithms */
-    if (hash_alg == TLSEXT_hash_sha256) {
-        if (sig_alg == TLSEXT_signature_rsa)
-            nid = NID_sha256WithRSAEncryption;
-        else if (sig_alg == TLSEXT_signature_ecdsa)
-            nid = NID_ecdsa_with_SHA256;
-    }
-    if (nid == NID_undef)
-        BIO_printf(out, "%02X%02X", hash_alg, sig_alg);
-    else
-        BIO_printf(out, "%s", OBJ_nid2ln(nid));
-}
-
-static void timestamp_print(BIO *out, SCT_TIMESTAMP timestamp)
-{
-    ASN1_GENERALIZEDTIME *gen;
-    char genstr[20];
-    gen = ASN1_GENERALIZEDTIME_new();
-    ASN1_GENERALIZEDTIME_adj(gen, (time_t)0,
-                             (int)(timestamp / 86400000),
-                             (timestamp % 86400000) / 1000);
-    /*
-     * Note GeneralizedTime from ASN1_GENERALIZETIME_adj is always 15
-     * characters long with a final Z. Update it with fractional seconds.
-     */
-    BIO_snprintf(genstr, sizeof(genstr), "%.14s.%03dZ",
-                 ASN1_STRING_data(gen), (unsigned int)(timestamp % 1000));
-    ASN1_GENERALIZEDTIME_set_string(gen, genstr);
-    ASN1_GENERALIZEDTIME_print(out, gen);
-    ASN1_GENERALIZEDTIME_free(gen);
-}
-
-static void SCT_free(SCT *sct)
-{
-    if (sct) {
-        if (sct->sct)
-            OPENSSL_free(sct->sct);
-        OPENSSL_free(sct);
-    }
-}
-
-static void SCT_LIST_free(STACK_OF(SCT) *a)
-{
-    sk_SCT_pop_free(a, SCT_free);
-}
-
-static STACK_OF(SCT) *d2i_SCT_LIST(STACK_OF(SCT) **a,
-                                   const unsigned char **pp, long length)
-{
-    ASN1_OCTET_STRING *oct = NULL;
-    STACK_OF(SCT) *sk = NULL;
-    SCT *sct;
-    unsigned char *p, *p2;
-    unsigned short listlen, sctlen = 0, fieldlen;
-    const unsigned char *q = *pp;
-
-    if (d2i_ASN1_OCTET_STRING(&oct, &q, length) == NULL)
-        return NULL;
-    if (oct->length < 2)
-        goto done;
-    p = oct->data;
-    n2s(p, listlen);
-    if (listlen != oct->length - 2)
-        goto done;
-
-    if ((sk = sk_SCT_new_null()) == NULL)
-        goto done;
-
-    while (listlen > 0) {
-        if (listlen < 2)
-            goto err;
-        n2s(p, sctlen);
-        listlen -= 2;
-
-        if ((sctlen < 1) || (sctlen > listlen))
-            goto err;
-        listlen -= sctlen;
-
-        sct = OPENSSL_malloc(sizeof(SCT));
-        if (!sct)
-            goto err;
-        if (!sk_SCT_push(sk, sct)) {
-            OPENSSL_free(sct);
-            goto err;
-        }
-
-        sct->sct = OPENSSL_malloc(sctlen);
-        if (!sct->sct)
-            goto err;
-        memcpy(sct->sct, p, sctlen);
-        sct->sctlen = sctlen;
-        p += sctlen;
-        p2 = sct->sct;
-
-        sct->version = *p2++;
-        if (sct->version == 0) { /* SCT v1 */
-            /*-
-             * Fixed-length header:
-             *              struct {
-             * (1 byte)       Version sct_version;
-             * (32 bytes)     LogID id;
-             * (8 bytes)      uint64 timestamp;
-             * (2 bytes + ?)  CtExtensions extensions;
-             */
-            if (sctlen < 43)
-                goto err;
-            sctlen -= 43;
-
-            sct->logid = p2;
-            sct->logidlen = 32;
-            p2 += 32;
-
-            n2l8(p2, sct->timestamp);
-
-            n2s(p2, fieldlen);
-            if (sctlen < fieldlen)
-                goto err;
-            sct->ext = p2;
-            sct->extlen = fieldlen;
-            p2 += fieldlen;
-            sctlen -= fieldlen;
-
-            /*-
-             * digitally-signed struct header:
-             * (1 byte)       Hash algorithm
-             * (1 byte)       Signature algorithm
-             * (2 bytes + ?)  Signature
-             */
-            if (sctlen < 4)
-                goto err;
-            sctlen -= 4;
-
-            sct->hash_alg = *p2++;
-            sct->sig_alg = *p2++;
-            n2s(p2, fieldlen);
-            if (sctlen != fieldlen)
-                goto err;
-            sct->sig = p2;
-            sct->siglen = fieldlen;
-        }
-    }
-
- done:
-    ASN1_OCTET_STRING_free(oct);
-    *pp = q;
-    return sk;
-
- err:
-    SCT_LIST_free(sk);
-    sk = NULL;
-    goto done;
-}
-
-static int i2r_SCT_LIST(X509V3_EXT_METHOD *method, STACK_OF(SCT) *sct_list,
-                        BIO *out, int indent)
-{
-    SCT *sct;
-    int i;
-
-    for (i = 0; i < sk_SCT_num(sct_list);) {
-        sct = sk_SCT_value(sct_list, i);
-
-        BIO_printf(out, "%*sSigned Certificate Timestamp:", indent, "");
-        BIO_printf(out, "\n%*sVersion   : ", indent + 4, "");
-
-        if (sct->version == 0) { /* SCT v1 */
-            BIO_printf(out, "v1(0)");
-
-            BIO_printf(out, "\n%*sLog ID    : ", indent + 4, "");
-            BIO_hex_string(out, indent + 16, 16, sct->logid, sct->logidlen);
-
-            BIO_printf(out, "\n%*sTimestamp : ", indent + 4, "");
-            timestamp_print(out, sct->timestamp);
-
-            BIO_printf(out, "\n%*sExtensions: ", indent + 4, "");
-            if (sct->extlen == 0)
-                BIO_printf(out, "none");
-            else
-                BIO_hex_string(out, indent + 16, 16, sct->ext, sct->extlen);
-
-            BIO_printf(out, "\n%*sSignature : ", indent + 4, "");
-            tls12_signature_print(out, sct->hash_alg, sct->sig_alg);
-            BIO_printf(out, "\n%*s            ", indent + 4, "");
-            BIO_hex_string(out, indent + 16, 16, sct->sig, sct->siglen);
-        } else {                /* Unknown version */
-
-            BIO_printf(out, "unknown\n%*s", indent + 16, "");
-            BIO_hex_string(out, indent + 16, 16, sct->sct, sct->sctlen);
-        }
-
-        if (++i < sk_SCT_num(sct_list))
-            BIO_printf(out, "\n");
-    }
-
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/x509v3/v3_skey.c b/thirdparty/openssl/crypto/x509v3/v3_skey.c
deleted file mode 100644
index 1cede04727..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_skey.c
+++ /dev/null
@@ -1,150 +0,0 @@
-/* v3_skey.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/x509v3.h>
-
-static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
-                                      X509V3_CTX *ctx, char *str);
-const X509V3_EXT_METHOD v3_skey_id = {
-    NID_subject_key_identifier, 0, ASN1_ITEM_ref(ASN1_OCTET_STRING),
-    0, 0, 0, 0,
-    (X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING,
-    (X509V3_EXT_S2I)s2i_skey_id,
-    0, 0, 0, 0,
-    NULL
-};
-
-char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *oct)
-{
-    return hex_to_string(oct->data, oct->length);
-}
-
-ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
-                                         X509V3_CTX *ctx, char *str)
-{
-    ASN1_OCTET_STRING *oct;
-    long length;
-
-    if (!(oct = M_ASN1_OCTET_STRING_new())) {
-        X509V3err(X509V3_F_S2I_ASN1_OCTET_STRING, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    if (!(oct->data = string_to_hex(str, &length))) {
-        M_ASN1_OCTET_STRING_free(oct);
-        return NULL;
-    }
-
-    oct->length = length;
-
-    return oct;
-
-}
-
-static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
-                                      X509V3_CTX *ctx, char *str)
-{
-    ASN1_OCTET_STRING *oct;
-    ASN1_BIT_STRING *pk;
-    unsigned char pkey_dig[EVP_MAX_MD_SIZE];
-    unsigned int diglen;
-
-    if (strcmp(str, "hash"))
-        return s2i_ASN1_OCTET_STRING(method, ctx, str);
-
-    if (!(oct = M_ASN1_OCTET_STRING_new())) {
-        X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    if (ctx && (ctx->flags == CTX_TEST))
-        return oct;
-
-    if (!ctx || (!ctx->subject_req && !ctx->subject_cert)) {
-        X509V3err(X509V3_F_S2I_SKEY_ID, X509V3_R_NO_PUBLIC_KEY);
-        goto err;
-    }
-
-    if (ctx->subject_req)
-        pk = ctx->subject_req->req_info->pubkey->public_key;
-    else
-        pk = ctx->subject_cert->cert_info->key->public_key;
-
-    if (!pk) {
-        X509V3err(X509V3_F_S2I_SKEY_ID, X509V3_R_NO_PUBLIC_KEY);
-        goto err;
-    }
-
-    if (!EVP_Digest
-        (pk->data, pk->length, pkey_dig, &diglen, EVP_sha1(), NULL))
-        goto err;
-
-    if (!M_ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) {
-        X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    return oct;
-
- err:
-    M_ASN1_OCTET_STRING_free(oct);
-    return NULL;
-}
diff --git a/thirdparty/openssl/crypto/x509v3/v3_sxnet.c b/thirdparty/openssl/crypto/x509v3/v3_sxnet.c
deleted file mode 100644
index a4e6a93e0b..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_sxnet.c
+++ /dev/null
@@ -1,273 +0,0 @@
-/* v3_sxnet.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509v3.h>
-
-/* Support for Thawte strong extranet extension */
-
-#define SXNET_TEST
-
-static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out,
-                     int indent);
-#ifdef SXNET_TEST
-static SXNET *sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-                        STACK_OF(CONF_VALUE) *nval);
-#endif
-const X509V3_EXT_METHOD v3_sxnet = {
-    NID_sxnet, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(SXNET),
-    0, 0, 0, 0,
-    0, 0,
-    0,
-#ifdef SXNET_TEST
-    (X509V3_EXT_V2I)sxnet_v2i,
-#else
-    0,
-#endif
-    (X509V3_EXT_I2R)sxnet_i2r,
-    0,
-    NULL
-};
-
-ASN1_SEQUENCE(SXNETID) = {
-        ASN1_SIMPLE(SXNETID, zone, ASN1_INTEGER),
-        ASN1_SIMPLE(SXNETID, user, ASN1_OCTET_STRING)
-} ASN1_SEQUENCE_END(SXNETID)
-
-IMPLEMENT_ASN1_FUNCTIONS(SXNETID)
-
-ASN1_SEQUENCE(SXNET) = {
-        ASN1_SIMPLE(SXNET, version, ASN1_INTEGER),
-        ASN1_SEQUENCE_OF(SXNET, ids, SXNETID)
-} ASN1_SEQUENCE_END(SXNET)
-
-IMPLEMENT_ASN1_FUNCTIONS(SXNET)
-
-static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out,
-                     int indent)
-{
-    long v;
-    char *tmp;
-    SXNETID *id;
-    int i;
-    v = ASN1_INTEGER_get(sx->version);
-    BIO_printf(out, "%*sVersion: %ld (0x%lX)", indent, "", v + 1, v);
-    for (i = 0; i < sk_SXNETID_num(sx->ids); i++) {
-        id = sk_SXNETID_value(sx->ids, i);
-        tmp = i2s_ASN1_INTEGER(NULL, id->zone);
-        BIO_printf(out, "\n%*sZone: %s, User: ", indent, "", tmp);
-        OPENSSL_free(tmp);
-        M_ASN1_OCTET_STRING_print(out, id->user);
-    }
-    return 1;
-}
-
-#ifdef SXNET_TEST
-
-/*
- * NBB: this is used for testing only. It should *not* be used for anything
- * else because it will just take static IDs from the configuration file and
- * they should really be separate values for each user.
- */
-
-static SXNET *sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-                        STACK_OF(CONF_VALUE) *nval)
-{
-    CONF_VALUE *cnf;
-    SXNET *sx = NULL;
-    int i;
-    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-        cnf = sk_CONF_VALUE_value(nval, i);
-        if (!SXNET_add_id_asc(&sx, cnf->name, cnf->value, -1))
-            return NULL;
-    }
-    return sx;
-}
-
-#endif
-
-/* Strong Extranet utility functions */
-
-/* Add an id given the zone as an ASCII number */
-
-int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen)
-{
-    ASN1_INTEGER *izone = NULL;
-    if (!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
-        X509V3err(X509V3_F_SXNET_ADD_ID_ASC, X509V3_R_ERROR_CONVERTING_ZONE);
-        return 0;
-    }
-    return SXNET_add_id_INTEGER(psx, izone, user, userlen);
-}
-
-/* Add an id given the zone as an unsigned long */
-
-int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user,
-                       int userlen)
-{
-    ASN1_INTEGER *izone = NULL;
-    if (!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) {
-        X509V3err(X509V3_F_SXNET_ADD_ID_ULONG, ERR_R_MALLOC_FAILURE);
-        M_ASN1_INTEGER_free(izone);
-        return 0;
-    }
-    return SXNET_add_id_INTEGER(psx, izone, user, userlen);
-
-}
-
-/*
- * Add an id given the zone as an ASN1_INTEGER. Note this version uses the
- * passed integer and doesn't make a copy so don't free it up afterwards.
- */
-
-int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user,
-                         int userlen)
-{
-    SXNET *sx = NULL;
-    SXNETID *id = NULL;
-    if (!psx || !zone || !user) {
-        X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,
-                  X509V3_R_INVALID_NULL_ARGUMENT);
-        return 0;
-    }
-    if (userlen == -1)
-        userlen = strlen(user);
-    if (userlen > 64) {
-        X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER, X509V3_R_USER_TOO_LONG);
-        return 0;
-    }
-    if (!*psx) {
-        if (!(sx = SXNET_new()))
-            goto err;
-        if (!ASN1_INTEGER_set(sx->version, 0))
-            goto err;
-        *psx = sx;
-    } else
-        sx = *psx;
-    if (SXNET_get_id_INTEGER(sx, zone)) {
-        X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER, X509V3_R_DUPLICATE_ZONE_ID);
-        return 0;
-    }
-
-    if (!(id = SXNETID_new()))
-        goto err;
-    if (userlen == -1)
-        userlen = strlen(user);
-
-    if (!M_ASN1_OCTET_STRING_set(id->user, user, userlen))
-        goto err;
-    if (!sk_SXNETID_push(sx->ids, id))
-        goto err;
-    id->zone = zone;
-    return 1;
-
- err:
-    X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER, ERR_R_MALLOC_FAILURE);
-    SXNETID_free(id);
-    SXNET_free(sx);
-    *psx = NULL;
-    return 0;
-}
-
-ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone)
-{
-    ASN1_INTEGER *izone = NULL;
-    ASN1_OCTET_STRING *oct;
-    if (!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
-        X509V3err(X509V3_F_SXNET_GET_ID_ASC, X509V3_R_ERROR_CONVERTING_ZONE);
-        return NULL;
-    }
-    oct = SXNET_get_id_INTEGER(sx, izone);
-    M_ASN1_INTEGER_free(izone);
-    return oct;
-}
-
-ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone)
-{
-    ASN1_INTEGER *izone = NULL;
-    ASN1_OCTET_STRING *oct;
-    if (!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) {
-        X509V3err(X509V3_F_SXNET_GET_ID_ULONG, ERR_R_MALLOC_FAILURE);
-        M_ASN1_INTEGER_free(izone);
-        return NULL;
-    }
-    oct = SXNET_get_id_INTEGER(sx, izone);
-    M_ASN1_INTEGER_free(izone);
-    return oct;
-}
-
-ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone)
-{
-    SXNETID *id;
-    int i;
-    for (i = 0; i < sk_SXNETID_num(sx->ids); i++) {
-        id = sk_SXNETID_value(sx->ids, i);
-        if (!M_ASN1_INTEGER_cmp(id->zone, zone))
-            return id->user;
-    }
-    return NULL;
-}
-
-IMPLEMENT_STACK_OF(SXNETID)
-
-IMPLEMENT_ASN1_SET_OF(SXNETID)
diff --git a/thirdparty/openssl/crypto/x509v3/v3_utl.c b/thirdparty/openssl/crypto/x509v3/v3_utl.c
deleted file mode 100644
index 43b9cb9c58..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3_utl.c
+++ /dev/null
@@ -1,1351 +0,0 @@
-/* v3_utl.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* X509 v3 extension utilities */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-#include <openssl/bn.h>
-
-static char *strip_spaces(char *name);
-static int sk_strcmp(const char *const *a, const char *const *b);
-static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name,
-                                           GENERAL_NAMES *gens);
-static void str_free(OPENSSL_STRING str);
-static int append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email);
-
-static int ipv4_from_asc(unsigned char *v4, const char *in);
-static int ipv6_from_asc(unsigned char *v6, const char *in);
-static int ipv6_cb(const char *elem, int len, void *usr);
-static int ipv6_hex(unsigned char *out, const char *in, int inlen);
-
-/* Add a CONF_VALUE name value pair to stack */
-
-int X509V3_add_value(const char *name, const char *value,
-                     STACK_OF(CONF_VALUE) **extlist)
-{
-    CONF_VALUE *vtmp = NULL;
-    char *tname = NULL, *tvalue = NULL;
-    if (name && !(tname = BUF_strdup(name)))
-        goto err;
-    if (value && !(tvalue = BUF_strdup(value)))
-        goto err;
-    if (!(vtmp = (CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE))))
-        goto err;
-    if (!*extlist && !(*extlist = sk_CONF_VALUE_new_null()))
-        goto err;
-    vtmp->section = NULL;
-    vtmp->name = tname;
-    vtmp->value = tvalue;
-    if (!sk_CONF_VALUE_push(*extlist, vtmp))
-        goto err;
-    return 1;
- err:
-    X509V3err(X509V3_F_X509V3_ADD_VALUE, ERR_R_MALLOC_FAILURE);
-    if (vtmp)
-        OPENSSL_free(vtmp);
-    if (tname)
-        OPENSSL_free(tname);
-    if (tvalue)
-        OPENSSL_free(tvalue);
-    return 0;
-}
-
-int X509V3_add_value_uchar(const char *name, const unsigned char *value,
-                           STACK_OF(CONF_VALUE) **extlist)
-{
-    return X509V3_add_value(name, (const char *)value, extlist);
-}
-
-/* Free function for STACK_OF(CONF_VALUE) */
-
-void X509V3_conf_free(CONF_VALUE *conf)
-{
-    if (!conf)
-        return;
-    if (conf->name)
-        OPENSSL_free(conf->name);
-    if (conf->value)
-        OPENSSL_free(conf->value);
-    if (conf->section)
-        OPENSSL_free(conf->section);
-    OPENSSL_free(conf);
-}
-
-int X509V3_add_value_bool(const char *name, int asn1_bool,
-                          STACK_OF(CONF_VALUE) **extlist)
-{
-    if (asn1_bool)
-        return X509V3_add_value(name, "TRUE", extlist);
-    return X509V3_add_value(name, "FALSE", extlist);
-}
-
-int X509V3_add_value_bool_nf(char *name, int asn1_bool,
-                             STACK_OF(CONF_VALUE) **extlist)
-{
-    if (asn1_bool)
-        return X509V3_add_value(name, "TRUE", extlist);
-    return 1;
-}
-
-char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *a)
-{
-    BIGNUM *bntmp = NULL;
-    char *strtmp = NULL;
-    if (!a)
-        return NULL;
-    if (!(bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) ||
-        !(strtmp = BN_bn2dec(bntmp)))
-        X509V3err(X509V3_F_I2S_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE);
-    BN_free(bntmp);
-    return strtmp;
-}
-
-char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, ASN1_INTEGER *a)
-{
-    BIGNUM *bntmp = NULL;
-    char *strtmp = NULL;
-    if (!a)
-        return NULL;
-    if (!(bntmp = ASN1_INTEGER_to_BN(a, NULL)) ||
-        !(strtmp = BN_bn2dec(bntmp)))
-        X509V3err(X509V3_F_I2S_ASN1_INTEGER, ERR_R_MALLOC_FAILURE);
-    BN_free(bntmp);
-    return strtmp;
-}
-
-ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value)
-{
-    BIGNUM *bn = NULL;
-    ASN1_INTEGER *aint;
-    int isneg, ishex;
-    int ret;
-    if (!value) {
-        X509V3err(X509V3_F_S2I_ASN1_INTEGER, X509V3_R_INVALID_NULL_VALUE);
-        return 0;
-    }
-    bn = BN_new();
-    if (value[0] == '-') {
-        value++;
-        isneg = 1;
-    } else
-        isneg = 0;
-
-    if (value[0] == '0' && ((value[1] == 'x') || (value[1] == 'X'))) {
-        value += 2;
-        ishex = 1;
-    } else
-        ishex = 0;
-
-    if (ishex)
-        ret = BN_hex2bn(&bn, value);
-    else
-        ret = BN_dec2bn(&bn, value);
-
-    if (!ret || value[ret]) {
-        BN_free(bn);
-        X509V3err(X509V3_F_S2I_ASN1_INTEGER, X509V3_R_BN_DEC2BN_ERROR);
-        return 0;
-    }
-
-    if (isneg && BN_is_zero(bn))
-        isneg = 0;
-
-    aint = BN_to_ASN1_INTEGER(bn, NULL);
-    BN_free(bn);
-    if (!aint) {
-        X509V3err(X509V3_F_S2I_ASN1_INTEGER,
-                  X509V3_R_BN_TO_ASN1_INTEGER_ERROR);
-        return 0;
-    }
-    if (isneg)
-        aint->type |= V_ASN1_NEG;
-    return aint;
-}
-
-int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
-                         STACK_OF(CONF_VALUE) **extlist)
-{
-    char *strtmp;
-    int ret;
-    if (!aint)
-        return 1;
-    if (!(strtmp = i2s_ASN1_INTEGER(NULL, aint)))
-        return 0;
-    ret = X509V3_add_value(name, strtmp, extlist);
-    OPENSSL_free(strtmp);
-    return ret;
-}
-
-int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool)
-{
-    char *btmp;
-    if (!(btmp = value->value))
-        goto err;
-    if (!strcmp(btmp, "TRUE") || !strcmp(btmp, "true")
-        || !strcmp(btmp, "Y") || !strcmp(btmp, "y")
-        || !strcmp(btmp, "YES") || !strcmp(btmp, "yes")) {
-        *asn1_bool = 0xff;
-        return 1;
-    } else if (!strcmp(btmp, "FALSE") || !strcmp(btmp, "false")
-               || !strcmp(btmp, "N") || !strcmp(btmp, "n")
-               || !strcmp(btmp, "NO") || !strcmp(btmp, "no")) {
-        *asn1_bool = 0;
-        return 1;
-    }
- err:
-    X509V3err(X509V3_F_X509V3_GET_VALUE_BOOL,
-              X509V3_R_INVALID_BOOLEAN_STRING);
-    X509V3_conf_err(value);
-    return 0;
-}
-
-int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint)
-{
-    ASN1_INTEGER *itmp;
-    if (!(itmp = s2i_ASN1_INTEGER(NULL, value->value))) {
-        X509V3_conf_err(value);
-        return 0;
-    }
-    *aint = itmp;
-    return 1;
-}
-
-#define HDR_NAME        1
-#define HDR_VALUE       2
-
-/*
- * #define DEBUG
- */
-
-STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line)
-{
-    char *p, *q, c;
-    char *ntmp, *vtmp;
-    STACK_OF(CONF_VALUE) *values = NULL;
-    char *linebuf;
-    int state;
-    /* We are going to modify the line so copy it first */
-    linebuf = BUF_strdup(line);
-    if (linebuf == NULL) {
-        X509V3err(X509V3_F_X509V3_PARSE_LIST, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    state = HDR_NAME;
-    ntmp = NULL;
-    /* Go through all characters */
-    for (p = linebuf, q = linebuf; (c = *p) && (c != '\r') && (c != '\n');
-         p++) {
-
-        switch (state) {
-        case HDR_NAME:
-            if (c == ':') {
-                state = HDR_VALUE;
-                *p = 0;
-                ntmp = strip_spaces(q);
-                if (!ntmp) {
-                    X509V3err(X509V3_F_X509V3_PARSE_LIST,
-                              X509V3_R_INVALID_NULL_NAME);
-                    goto err;
-                }
-                q = p + 1;
-            } else if (c == ',') {
-                *p = 0;
-                ntmp = strip_spaces(q);
-                q = p + 1;
-#if 0
-                printf("%s\n", ntmp);
-#endif
-                if (!ntmp) {
-                    X509V3err(X509V3_F_X509V3_PARSE_LIST,
-                              X509V3_R_INVALID_NULL_NAME);
-                    goto err;
-                }
-                X509V3_add_value(ntmp, NULL, &values);
-            }
-            break;
-
-        case HDR_VALUE:
-            if (c == ',') {
-                state = HDR_NAME;
-                *p = 0;
-                vtmp = strip_spaces(q);
-#if 0
-                printf("%s\n", ntmp);
-#endif
-                if (!vtmp) {
-                    X509V3err(X509V3_F_X509V3_PARSE_LIST,
-                              X509V3_R_INVALID_NULL_VALUE);
-                    goto err;
-                }
-                X509V3_add_value(ntmp, vtmp, &values);
-                ntmp = NULL;
-                q = p + 1;
-            }
-
-        }
-    }
-
-    if (state == HDR_VALUE) {
-        vtmp = strip_spaces(q);
-#if 0
-        printf("%s=%s\n", ntmp, vtmp);
-#endif
-        if (!vtmp) {
-            X509V3err(X509V3_F_X509V3_PARSE_LIST,
-                      X509V3_R_INVALID_NULL_VALUE);
-            goto err;
-        }
-        X509V3_add_value(ntmp, vtmp, &values);
-    } else {
-        ntmp = strip_spaces(q);
-#if 0
-        printf("%s\n", ntmp);
-#endif
-        if (!ntmp) {
-            X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME);
-            goto err;
-        }
-        X509V3_add_value(ntmp, NULL, &values);
-    }
-    OPENSSL_free(linebuf);
-    return values;
-
- err:
-    OPENSSL_free(linebuf);
-    sk_CONF_VALUE_pop_free(values, X509V3_conf_free);
-    return NULL;
-
-}
-
-/* Delete leading and trailing spaces from a string */
-static char *strip_spaces(char *name)
-{
-    char *p, *q;
-    /* Skip over leading spaces */
-    p = name;
-    while (*p && isspace((unsigned char)*p))
-        p++;
-    if (!*p)
-        return NULL;
-    q = p + strlen(p) - 1;
-    while ((q != p) && isspace((unsigned char)*q))
-        q--;
-    if (p != q)
-        q[1] = 0;
-    if (!*p)
-        return NULL;
-    return p;
-}
-
-/* hex string utilities */
-
-/*
- * Given a buffer of length 'len' return a OPENSSL_malloc'ed string with its
- * hex representation @@@ (Contents of buffer are always kept in ASCII, also
- * on EBCDIC machines)
- */
-
-char *hex_to_string(const unsigned char *buffer, long len)
-{
-    char *tmp, *q;
-    const unsigned char *p;
-    int i;
-    const static char hexdig[] = "0123456789ABCDEF";
-    if (!buffer || !len)
-        return NULL;
-    if (!(tmp = OPENSSL_malloc(len * 3 + 1))) {
-        X509V3err(X509V3_F_HEX_TO_STRING, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-    q = tmp;
-    for (i = 0, p = buffer; i < len; i++, p++) {
-        *q++ = hexdig[(*p >> 4) & 0xf];
-        *q++ = hexdig[*p & 0xf];
-        *q++ = ':';
-    }
-    q[-1] = 0;
-#ifdef CHARSET_EBCDIC
-    ebcdic2ascii(tmp, tmp, q - tmp - 1);
-#endif
-
-    return tmp;
-}
-
-/*
- * Give a string of hex digits convert to a buffer
- */
-
-unsigned char *string_to_hex(const char *str, long *len)
-{
-    unsigned char *hexbuf, *q;
-    unsigned char ch, cl, *p;
-    if (!str) {
-        X509V3err(X509V3_F_STRING_TO_HEX, X509V3_R_INVALID_NULL_ARGUMENT);
-        return NULL;
-    }
-    if (!(hexbuf = OPENSSL_malloc(strlen(str) >> 1)))
-        goto err;
-    for (p = (unsigned char *)str, q = hexbuf; *p;) {
-        ch = *p++;
-#ifdef CHARSET_EBCDIC
-        ch = os_toebcdic[ch];
-#endif
-        if (ch == ':')
-            continue;
-        cl = *p++;
-#ifdef CHARSET_EBCDIC
-        cl = os_toebcdic[cl];
-#endif
-        if (!cl) {
-            X509V3err(X509V3_F_STRING_TO_HEX, X509V3_R_ODD_NUMBER_OF_DIGITS);
-            OPENSSL_free(hexbuf);
-            return NULL;
-        }
-        if (isupper(ch))
-            ch = tolower(ch);
-        if (isupper(cl))
-            cl = tolower(cl);
-
-        if ((ch >= '0') && (ch <= '9'))
-            ch -= '0';
-        else if ((ch >= 'a') && (ch <= 'f'))
-            ch -= 'a' - 10;
-        else
-            goto badhex;
-
-        if ((cl >= '0') && (cl <= '9'))
-            cl -= '0';
-        else if ((cl >= 'a') && (cl <= 'f'))
-            cl -= 'a' - 10;
-        else
-            goto badhex;
-
-        *q++ = (ch << 4) | cl;
-    }
-
-    if (len)
-        *len = q - hexbuf;
-
-    return hexbuf;
-
- err:
-    if (hexbuf)
-        OPENSSL_free(hexbuf);
-    X509V3err(X509V3_F_STRING_TO_HEX, ERR_R_MALLOC_FAILURE);
-    return NULL;
-
- badhex:
-    OPENSSL_free(hexbuf);
-    X509V3err(X509V3_F_STRING_TO_HEX, X509V3_R_ILLEGAL_HEX_DIGIT);
-    return NULL;
-
-}
-
-/*
- * V2I name comparison function: returns zero if 'name' matches cmp or cmp.*
- */
-
-int name_cmp(const char *name, const char *cmp)
-{
-    int len, ret;
-    char c;
-    len = strlen(cmp);
-    if ((ret = strncmp(name, cmp, len)))
-        return ret;
-    c = name[len];
-    if (!c || (c == '.'))
-        return 0;
-    return 1;
-}
-
-static int sk_strcmp(const char *const *a, const char *const *b)
-{
-    return strcmp(*a, *b);
-}
-
-STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x)
-{
-    GENERAL_NAMES *gens;
-    STACK_OF(OPENSSL_STRING) *ret;
-
-    gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
-    ret = get_email(X509_get_subject_name(x), gens);
-    sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
-    return ret;
-}
-
-STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x)
-{
-    AUTHORITY_INFO_ACCESS *info;
-    STACK_OF(OPENSSL_STRING) *ret = NULL;
-    int i;
-
-    info = X509_get_ext_d2i(x, NID_info_access, NULL, NULL);
-    if (!info)
-        return NULL;
-    for (i = 0; i < sk_ACCESS_DESCRIPTION_num(info); i++) {
-        ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(info, i);
-        if (OBJ_obj2nid(ad->method) == NID_ad_OCSP) {
-            if (ad->location->type == GEN_URI) {
-                if (!append_ia5
-                    (&ret, ad->location->d.uniformResourceIdentifier))
-                    break;
-            }
-        }
-    }
-    AUTHORITY_INFO_ACCESS_free(info);
-    return ret;
-}
-
-STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x)
-{
-    GENERAL_NAMES *gens;
-    STACK_OF(X509_EXTENSION) *exts;
-    STACK_OF(OPENSSL_STRING) *ret;
-
-    exts = X509_REQ_get_extensions(x);
-    gens = X509V3_get_d2i(exts, NID_subject_alt_name, NULL, NULL);
-    ret = get_email(X509_REQ_get_subject_name(x), gens);
-    sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
-    sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
-    return ret;
-}
-
-static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name,
-                                           GENERAL_NAMES *gens)
-{
-    STACK_OF(OPENSSL_STRING) *ret = NULL;
-    X509_NAME_ENTRY *ne;
-    ASN1_IA5STRING *email;
-    GENERAL_NAME *gen;
-    int i;
-    /* Now add any email address(es) to STACK */
-    i = -1;
-    /* First supplied X509_NAME */
-    while ((i = X509_NAME_get_index_by_NID(name,
-                                           NID_pkcs9_emailAddress, i)) >= 0) {
-        ne = X509_NAME_get_entry(name, i);
-        email = X509_NAME_ENTRY_get_data(ne);
-        if (!append_ia5(&ret, email))
-            return NULL;
-    }
-    for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
-        gen = sk_GENERAL_NAME_value(gens, i);
-        if (gen->type != GEN_EMAIL)
-            continue;
-        if (!append_ia5(&ret, gen->d.ia5))
-            return NULL;
-    }
-    return ret;
-}
-
-static void str_free(OPENSSL_STRING str)
-{
-    OPENSSL_free(str);
-}
-
-static int append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email)
-{
-    char *emtmp;
-    /* First some sanity checks */
-    if (email->type != V_ASN1_IA5STRING)
-        return 1;
-    if (!email->data || !email->length)
-        return 1;
-    if (!*sk)
-        *sk = sk_OPENSSL_STRING_new(sk_strcmp);
-    if (!*sk)
-        return 0;
-    /* Don't add duplicates */
-    if (sk_OPENSSL_STRING_find(*sk, (char *)email->data) != -1)
-        return 1;
-    emtmp = BUF_strdup((char *)email->data);
-    if (!emtmp || !sk_OPENSSL_STRING_push(*sk, emtmp)) {
-        X509_email_free(*sk);
-        *sk = NULL;
-        return 0;
-    }
-    return 1;
-}
-
-void X509_email_free(STACK_OF(OPENSSL_STRING) *sk)
-{
-    sk_OPENSSL_STRING_pop_free(sk, str_free);
-}
-
-typedef int (*equal_fn) (const unsigned char *pattern, size_t pattern_len,
-                         const unsigned char *subject, size_t subject_len,
-                         unsigned int flags);
-
-/* Skip pattern prefix to match "wildcard" subject */
-static void skip_prefix(const unsigned char **p, size_t *plen,
-                        const unsigned char *subject, size_t subject_len,
-                        unsigned int flags)
-{
-    const unsigned char *pattern = *p;
-    size_t pattern_len = *plen;
-
-    /*
-     * If subject starts with a leading '.' followed by more octets, and
-     * pattern is longer, compare just an equal-length suffix with the
-     * full subject (starting at the '.'), provided the prefix contains
-     * no NULs.
-     */
-    if ((flags & _X509_CHECK_FLAG_DOT_SUBDOMAINS) == 0)
-        return;
-
-    while (pattern_len > subject_len && *pattern) {
-        if ((flags & X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS) &&
-            *pattern == '.')
-            break;
-        ++pattern;
-        --pattern_len;
-    }
-
-    /* Skip if entire prefix acceptable */
-    if (pattern_len == subject_len) {
-        *p = pattern;
-        *plen = pattern_len;
-    }
-}
-
-/* Compare while ASCII ignoring case. */
-static int equal_nocase(const unsigned char *pattern, size_t pattern_len,
-                        const unsigned char *subject, size_t subject_len,
-                        unsigned int flags)
-{
-    skip_prefix(&pattern, &pattern_len, subject, subject_len, flags);
-    if (pattern_len != subject_len)
-        return 0;
-    while (pattern_len) {
-        unsigned char l = *pattern;
-        unsigned char r = *subject;
-        /* The pattern must not contain NUL characters. */
-        if (l == 0)
-            return 0;
-        if (l != r) {
-            if ('A' <= l && l <= 'Z')
-                l = (l - 'A') + 'a';
-            if ('A' <= r && r <= 'Z')
-                r = (r - 'A') + 'a';
-            if (l != r)
-                return 0;
-        }
-        ++pattern;
-        ++subject;
-        --pattern_len;
-    }
-    return 1;
-}
-
-/* Compare using memcmp. */
-static int equal_case(const unsigned char *pattern, size_t pattern_len,
-                      const unsigned char *subject, size_t subject_len,
-                      unsigned int flags)
-{
-    skip_prefix(&pattern, &pattern_len, subject, subject_len, flags);
-    if (pattern_len != subject_len)
-        return 0;
-    return !memcmp(pattern, subject, pattern_len);
-}
-
-/*
- * RFC 5280, section 7.5, requires that only the domain is compared in a
- * case-insensitive manner.
- */
-static int equal_email(const unsigned char *a, size_t a_len,
-                       const unsigned char *b, size_t b_len,
-                       unsigned int unused_flags)
-{
-    size_t i = a_len;
-    if (a_len != b_len)
-        return 0;
-    /*
-     * We search backwards for the '@' character, so that we do not have to
-     * deal with quoted local-parts.  The domain part is compared in a
-     * case-insensitive manner.
-     */
-    while (i > 0) {
-        --i;
-        if (a[i] == '@' || b[i] == '@') {
-            if (!equal_nocase(a + i, a_len - i, b + i, a_len - i, 0))
-                return 0;
-            break;
-        }
-    }
-    if (i == 0)
-        i = a_len;
-    return equal_case(a, i, b, i, 0);
-}
-
-/*
- * Compare the prefix and suffix with the subject, and check that the
- * characters in-between are valid.
- */
-static int wildcard_match(const unsigned char *prefix, size_t prefix_len,
-                          const unsigned char *suffix, size_t suffix_len,
-                          const unsigned char *subject, size_t subject_len,
-                          unsigned int flags)
-{
-    const unsigned char *wildcard_start;
-    const unsigned char *wildcard_end;
-    const unsigned char *p;
-    int allow_multi = 0;
-    int allow_idna = 0;
-
-    if (subject_len < prefix_len + suffix_len)
-        return 0;
-    if (!equal_nocase(prefix, prefix_len, subject, prefix_len, flags))
-        return 0;
-    wildcard_start = subject + prefix_len;
-    wildcard_end = subject + (subject_len - suffix_len);
-    if (!equal_nocase(wildcard_end, suffix_len, suffix, suffix_len, flags))
-        return 0;
-    /*
-     * If the wildcard makes up the entire first label, it must match at
-     * least one character.
-     */
-    if (prefix_len == 0 && *suffix == '.') {
-        if (wildcard_start == wildcard_end)
-            return 0;
-        allow_idna = 1;
-        if (flags & X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS)
-            allow_multi = 1;
-    }
-    /* IDNA labels cannot match partial wildcards */
-    if (!allow_idna &&
-        subject_len >= 4 && strncasecmp((char *)subject, "xn--", 4) == 0)
-        return 0;
-    /* The wildcard may match a literal '*' */
-    if (wildcard_end == wildcard_start + 1 && *wildcard_start == '*')
-        return 1;
-    /*
-     * Check that the part matched by the wildcard contains only
-     * permitted characters and only matches a single label unless
-     * allow_multi is set.
-     */
-    for (p = wildcard_start; p != wildcard_end; ++p)
-        if (!(('0' <= *p && *p <= '9') ||
-              ('A' <= *p && *p <= 'Z') ||
-              ('a' <= *p && *p <= 'z') ||
-              *p == '-' || (allow_multi && *p == '.')))
-            return 0;
-    return 1;
-}
-
-#define LABEL_START     (1 << 0)
-#define LABEL_END       (1 << 1)
-#define LABEL_HYPHEN    (1 << 2)
-#define LABEL_IDNA      (1 << 3)
-
-static const unsigned char *valid_star(const unsigned char *p, size_t len,
-                                       unsigned int flags)
-{
-    const unsigned char *star = 0;
-    size_t i;
-    int state = LABEL_START;
-    int dots = 0;
-    for (i = 0; i < len; ++i) {
-        /*
-         * Locate first and only legal wildcard, either at the start
-         * or end of a non-IDNA first and not final label.
-         */
-        if (p[i] == '*') {
-            int atstart = (state & LABEL_START);
-            int atend = (i == len - 1 || p[i + 1] == '.');
-            /*-
-             * At most one wildcard per pattern.
-             * No wildcards in IDNA labels.
-             * No wildcards after the first label.
-             */
-            if (star != NULL || (state & LABEL_IDNA) != 0 || dots)
-                return NULL;
-            /* Only full-label '*.example.com' wildcards? */
-            if ((flags & X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS)
-                && (!atstart || !atend))
-                return NULL;
-            /* No 'foo*bar' wildcards */
-            if (!atstart && !atend)
-                return NULL;
-            star = &p[i];
-            state &= ~LABEL_START;
-        } else if (('a' <= p[i] && p[i] <= 'z')
-                   || ('A' <= p[i] && p[i] <= 'Z')
-                   || ('0' <= p[i] && p[i] <= '9')) {
-            if ((state & LABEL_START) != 0
-                && len - i >= 4 && strncasecmp((char *)&p[i], "xn--", 4) == 0)
-                state |= LABEL_IDNA;
-            state &= ~(LABEL_HYPHEN | LABEL_START);
-        } else if (p[i] == '.') {
-            if ((state & (LABEL_HYPHEN | LABEL_START)) != 0)
-                return NULL;
-            state = LABEL_START;
-            ++dots;
-        } else if (p[i] == '-') {
-            /* no domain/subdomain starts with '-' */
-            if ((state & LABEL_START) != 0)
-                return NULL;
-            state |= LABEL_HYPHEN;
-        } else
-            return NULL;
-    }
-
-    /*
-     * The final label must not end in a hyphen or ".", and
-     * there must be at least two dots after the star.
-     */
-    if ((state & (LABEL_START | LABEL_HYPHEN)) != 0 || dots < 2)
-        return NULL;
-    return star;
-}
-
-/* Compare using wildcards. */
-static int equal_wildcard(const unsigned char *pattern, size_t pattern_len,
-                          const unsigned char *subject, size_t subject_len,
-                          unsigned int flags)
-{
-    const unsigned char *star = NULL;
-
-    /*
-     * Subject names starting with '.' can only match a wildcard pattern
-     * via a subject sub-domain pattern suffix match.
-     */
-    if (!(subject_len > 1 && subject[0] == '.'))
-        star = valid_star(pattern, pattern_len, flags);
-    if (star == NULL)
-        return equal_nocase(pattern, pattern_len,
-                            subject, subject_len, flags);
-    return wildcard_match(pattern, star - pattern,
-                          star + 1, (pattern + pattern_len) - star - 1,
-                          subject, subject_len, flags);
-}
-
-/*
- * Compare an ASN1_STRING to a supplied string. If they match return 1. If
- * cmp_type > 0 only compare if string matches the type, otherwise convert it
- * to UTF8.
- */
-
-static int do_check_string(ASN1_STRING *a, int cmp_type, equal_fn equal,
-                           unsigned int flags, const char *b, size_t blen,
-                           char **peername)
-{
-    int rv = 0;
-
-    if (!a->data || !a->length)
-        return 0;
-    if (cmp_type > 0) {
-        if (cmp_type != a->type)
-            return 0;
-        if (cmp_type == V_ASN1_IA5STRING)
-            rv = equal(a->data, a->length, (unsigned char *)b, blen, flags);
-        else if (a->length == (int)blen && !memcmp(a->data, b, blen))
-            rv = 1;
-        if (rv > 0 && peername)
-            *peername = BUF_strndup((char *)a->data, a->length);
-    } else {
-        int astrlen;
-        unsigned char *astr;
-        astrlen = ASN1_STRING_to_UTF8(&astr, a);
-        if (astrlen < 0) {
-            /*
-             * -1 could be an internal malloc failure or a decoding error from
-             * malformed input; we can't distinguish.
-             */
-            return -1;
-        }
-        rv = equal(astr, astrlen, (unsigned char *)b, blen, flags);
-        if (rv > 0 && peername)
-            *peername = BUF_strndup((char *)astr, astrlen);
-        OPENSSL_free(astr);
-    }
-    return rv;
-}
-
-static int do_x509_check(X509 *x, const char *chk, size_t chklen,
-                         unsigned int flags, int check_type, char **peername)
-{
-    GENERAL_NAMES *gens = NULL;
-    X509_NAME *name = NULL;
-    int i;
-    int cnid = NID_undef;
-    int alt_type;
-    int san_present = 0;
-    int rv = 0;
-    equal_fn equal;
-
-    /* See below, this flag is internal-only */
-    flags &= ~_X509_CHECK_FLAG_DOT_SUBDOMAINS;
-    if (check_type == GEN_EMAIL) {
-        cnid = NID_pkcs9_emailAddress;
-        alt_type = V_ASN1_IA5STRING;
-        equal = equal_email;
-    } else if (check_type == GEN_DNS) {
-        cnid = NID_commonName;
-        /* Implicit client-side DNS sub-domain pattern */
-        if (chklen > 1 && chk[0] == '.')
-            flags |= _X509_CHECK_FLAG_DOT_SUBDOMAINS;
-        alt_type = V_ASN1_IA5STRING;
-        if (flags & X509_CHECK_FLAG_NO_WILDCARDS)
-            equal = equal_nocase;
-        else
-            equal = equal_wildcard;
-    } else {
-        alt_type = V_ASN1_OCTET_STRING;
-        equal = equal_case;
-    }
-
-    if (chklen == 0)
-        chklen = strlen(chk);
-
-    gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
-    if (gens) {
-        for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
-            GENERAL_NAME *gen;
-            ASN1_STRING *cstr;
-            gen = sk_GENERAL_NAME_value(gens, i);
-            if (gen->type != check_type)
-                continue;
-            san_present = 1;
-            if (check_type == GEN_EMAIL)
-                cstr = gen->d.rfc822Name;
-            else if (check_type == GEN_DNS)
-                cstr = gen->d.dNSName;
-            else
-                cstr = gen->d.iPAddress;
-            /* Positive on success, negative on error! */
-            if ((rv = do_check_string(cstr, alt_type, equal, flags,
-                                      chk, chklen, peername)) != 0)
-                break;
-        }
-        GENERAL_NAMES_free(gens);
-        if (rv != 0)
-            return rv;
-        if (cnid == NID_undef
-            || (san_present
-                && !(flags & X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT)))
-            return 0;
-    }
-
-    /* We're done if CN-ID is not pertinent */
-    if (cnid == NID_undef)
-        return 0;
-
-    i = -1;
-    name = X509_get_subject_name(x);
-    while ((i = X509_NAME_get_index_by_NID(name, cnid, i)) >= 0) {
-        X509_NAME_ENTRY *ne;
-        ASN1_STRING *str;
-        ne = X509_NAME_get_entry(name, i);
-        str = X509_NAME_ENTRY_get_data(ne);
-        /* Positive on success, negative on error! */
-        if ((rv = do_check_string(str, -1, equal, flags,
-                                  chk, chklen, peername)) != 0)
-            return rv;
-    }
-    return 0;
-}
-
-int X509_check_host(X509 *x, const char *chk, size_t chklen,
-                    unsigned int flags, char **peername)
-{
-    if (chk == NULL)
-        return -2;
-    /*
-     * Embedded NULs are disallowed, except as the last character of a
-     * string of length 2 or more (tolerate caller including terminating
-     * NUL in string length).
-     */
-    if (chklen == 0)
-        chklen = strlen(chk);
-    else if (memchr(chk, '\0', chklen > 1 ? chklen - 1 : chklen))
-        return -2;
-    if (chklen > 1 && chk[chklen - 1] == '\0')
-        --chklen;
-    return do_x509_check(x, chk, chklen, flags, GEN_DNS, peername);
-}
-
-int X509_check_email(X509 *x, const char *chk, size_t chklen,
-                     unsigned int flags)
-{
-    if (chk == NULL)
-        return -2;
-    /*
-     * Embedded NULs are disallowed, except as the last character of a
-     * string of length 2 or more (tolerate caller including terminating
-     * NUL in string length).
-     */
-    if (chklen == 0)
-        chklen = strlen((char *)chk);
-    else if (memchr(chk, '\0', chklen > 1 ? chklen - 1 : chklen))
-        return -2;
-    if (chklen > 1 && chk[chklen - 1] == '\0')
-        --chklen;
-    return do_x509_check(x, chk, chklen, flags, GEN_EMAIL, NULL);
-}
-
-int X509_check_ip(X509 *x, const unsigned char *chk, size_t chklen,
-                  unsigned int flags)
-{
-    if (chk == NULL)
-        return -2;
-    return do_x509_check(x, (char *)chk, chklen, flags, GEN_IPADD, NULL);
-}
-
-int X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags)
-{
-    unsigned char ipout[16];
-    size_t iplen;
-
-    if (ipasc == NULL)
-        return -2;
-    iplen = (size_t)a2i_ipadd(ipout, ipasc);
-    if (iplen == 0)
-        return -2;
-    return do_x509_check(x, (char *)ipout, iplen, flags, GEN_IPADD, NULL);
-}
-
-/*
- * Convert IP addresses both IPv4 and IPv6 into an OCTET STRING compatible
- * with RFC3280.
- */
-
-ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc)
-{
-    unsigned char ipout[16];
-    ASN1_OCTET_STRING *ret;
-    int iplen;
-
-    /* If string contains a ':' assume IPv6 */
-
-    iplen = a2i_ipadd(ipout, ipasc);
-
-    if (!iplen)
-        return NULL;
-
-    ret = ASN1_OCTET_STRING_new();
-    if (!ret)
-        return NULL;
-    if (!ASN1_OCTET_STRING_set(ret, ipout, iplen)) {
-        ASN1_OCTET_STRING_free(ret);
-        return NULL;
-    }
-    return ret;
-}
-
-ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc)
-{
-    ASN1_OCTET_STRING *ret = NULL;
-    unsigned char ipout[32];
-    char *iptmp = NULL, *p;
-    int iplen1, iplen2;
-    p = strchr(ipasc, '/');
-    if (!p)
-        return NULL;
-    iptmp = BUF_strdup(ipasc);
-    if (!iptmp)
-        return NULL;
-    p = iptmp + (p - ipasc);
-    *p++ = 0;
-
-    iplen1 = a2i_ipadd(ipout, iptmp);
-
-    if (!iplen1)
-        goto err;
-
-    iplen2 = a2i_ipadd(ipout + iplen1, p);
-
-    OPENSSL_free(iptmp);
-    iptmp = NULL;
-
-    if (!iplen2 || (iplen1 != iplen2))
-        goto err;
-
-    ret = ASN1_OCTET_STRING_new();
-    if (!ret)
-        goto err;
-    if (!ASN1_OCTET_STRING_set(ret, ipout, iplen1 + iplen2))
-        goto err;
-
-    return ret;
-
- err:
-    if (iptmp)
-        OPENSSL_free(iptmp);
-    if (ret)
-        ASN1_OCTET_STRING_free(ret);
-    return NULL;
-}
-
-int a2i_ipadd(unsigned char *ipout, const char *ipasc)
-{
-    /* If string contains a ':' assume IPv6 */
-
-    if (strchr(ipasc, ':')) {
-        if (!ipv6_from_asc(ipout, ipasc))
-            return 0;
-        return 16;
-    } else {
-        if (!ipv4_from_asc(ipout, ipasc))
-            return 0;
-        return 4;
-    }
-}
-
-static int ipv4_from_asc(unsigned char *v4, const char *in)
-{
-    int a0, a1, a2, a3;
-    if (sscanf(in, "%d.%d.%d.%d", &a0, &a1, &a2, &a3) != 4)
-        return 0;
-    if ((a0 < 0) || (a0 > 255) || (a1 < 0) || (a1 > 255)
-        || (a2 < 0) || (a2 > 255) || (a3 < 0) || (a3 > 255))
-        return 0;
-    v4[0] = a0;
-    v4[1] = a1;
-    v4[2] = a2;
-    v4[3] = a3;
-    return 1;
-}
-
-typedef struct {
-    /* Temporary store for IPV6 output */
-    unsigned char tmp[16];
-    /* Total number of bytes in tmp */
-    int total;
-    /* The position of a zero (corresponding to '::') */
-    int zero_pos;
-    /* Number of zeroes */
-    int zero_cnt;
-} IPV6_STAT;
-
-static int ipv6_from_asc(unsigned char *v6, const char *in)
-{
-    IPV6_STAT v6stat;
-    v6stat.total = 0;
-    v6stat.zero_pos = -1;
-    v6stat.zero_cnt = 0;
-    /*
-     * Treat the IPv6 representation as a list of values separated by ':'.
-     * The presence of a '::' will parse as one, two or three zero length
-     * elements.
-     */
-    if (!CONF_parse_list(in, ':', 0, ipv6_cb, &v6stat))
-        return 0;
-
-    /* Now for some sanity checks */
-
-    if (v6stat.zero_pos == -1) {
-        /* If no '::' must have exactly 16 bytes */
-        if (v6stat.total != 16)
-            return 0;
-    } else {
-        /* If '::' must have less than 16 bytes */
-        if (v6stat.total == 16)
-            return 0;
-        /* More than three zeroes is an error */
-        if (v6stat.zero_cnt > 3)
-            return 0;
-        /* Can only have three zeroes if nothing else present */
-        else if (v6stat.zero_cnt == 3) {
-            if (v6stat.total > 0)
-                return 0;
-        }
-        /* Can only have two zeroes if at start or end */
-        else if (v6stat.zero_cnt == 2) {
-            if ((v6stat.zero_pos != 0)
-                && (v6stat.zero_pos != v6stat.total))
-                return 0;
-        } else
-            /* Can only have one zero if *not* start or end */
-        {
-            if ((v6stat.zero_pos == 0)
-                || (v6stat.zero_pos == v6stat.total))
-                return 0;
-        }
-    }
-
-    /* Format result */
-
-    if (v6stat.zero_pos >= 0) {
-        /* Copy initial part */
-        memcpy(v6, v6stat.tmp, v6stat.zero_pos);
-        /* Zero middle */
-        memset(v6 + v6stat.zero_pos, 0, 16 - v6stat.total);
-        /* Copy final part */
-        if (v6stat.total != v6stat.zero_pos)
-            memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total,
-                   v6stat.tmp + v6stat.zero_pos,
-                   v6stat.total - v6stat.zero_pos);
-    } else
-        memcpy(v6, v6stat.tmp, 16);
-
-    return 1;
-}
-
-static int ipv6_cb(const char *elem, int len, void *usr)
-{
-    IPV6_STAT *s = usr;
-    /* Error if 16 bytes written */
-    if (s->total == 16)
-        return 0;
-    if (len == 0) {
-        /* Zero length element, corresponds to '::' */
-        if (s->zero_pos == -1)
-            s->zero_pos = s->total;
-        /* If we've already got a :: its an error */
-        else if (s->zero_pos != s->total)
-            return 0;
-        s->zero_cnt++;
-    } else {
-        /* If more than 4 characters could be final a.b.c.d form */
-        if (len > 4) {
-            /* Need at least 4 bytes left */
-            if (s->total > 12)
-                return 0;
-            /* Must be end of string */
-            if (elem[len])
-                return 0;
-            if (!ipv4_from_asc(s->tmp + s->total, elem))
-                return 0;
-            s->total += 4;
-        } else {
-            if (!ipv6_hex(s->tmp + s->total, elem, len))
-                return 0;
-            s->total += 2;
-        }
-    }
-    return 1;
-}
-
-/*
- * Convert a string of up to 4 hex digits into the corresponding IPv6 form.
- */
-
-static int ipv6_hex(unsigned char *out, const char *in, int inlen)
-{
-    unsigned char c;
-    unsigned int num = 0;
-    if (inlen > 4)
-        return 0;
-    while (inlen--) {
-        c = *in++;
-        num <<= 4;
-        if ((c >= '0') && (c <= '9'))
-            num |= c - '0';
-        else if ((c >= 'A') && (c <= 'F'))
-            num |= c - 'A' + 10;
-        else if ((c >= 'a') && (c <= 'f'))
-            num |= c - 'a' + 10;
-        else
-            return 0;
-    }
-    out[0] = num >> 8;
-    out[1] = num & 0xff;
-    return 1;
-}
-
-int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE) *dn_sk,
-                             unsigned long chtype)
-{
-    CONF_VALUE *v;
-    int i, mval;
-    char *p, *type;
-    if (!nm)
-        return 0;
-
-    for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++) {
-        v = sk_CONF_VALUE_value(dn_sk, i);
-        type = v->name;
-        /*
-         * Skip past any leading X. X: X, etc to allow for multiple instances
-         */
-        for (p = type; *p; p++)
-#ifndef CHARSET_EBCDIC
-            if ((*p == ':') || (*p == ',') || (*p == '.'))
-#else
-            if ((*p == os_toascii[':']) || (*p == os_toascii[','])
-                || (*p == os_toascii['.']))
-#endif
-            {
-                p++;
-                if (*p)
-                    type = p;
-                break;
-            }
-#ifndef CHARSET_EBCDIC
-        if (*type == '+')
-#else
-        if (*type == os_toascii['+'])
-#endif
-        {
-            mval = -1;
-            type++;
-        } else
-            mval = 0;
-        if (!X509_NAME_add_entry_by_txt(nm, type, chtype,
-                                        (unsigned char *)v->value, -1, -1,
-                                        mval))
-            return 0;
-
-    }
-    return 1;
-}
diff --git a/thirdparty/openssl/crypto/x509v3/v3conf.c b/thirdparty/openssl/crypto/x509v3/v3conf.c
deleted file mode 100644
index 41aa266948..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3conf.c
+++ /dev/null
@@ -1,129 +0,0 @@
-/* v3conf.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/conf.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-/* Test application to add extensions from a config file */
-
-int main(int argc, char **argv)
-{
-    LHASH *conf;
-    X509 *cert;
-    FILE *inf;
-    char *conf_file;
-    int i;
-    int count;
-    X509_EXTENSION *ext;
-    X509V3_add_standard_extensions();
-    ERR_load_crypto_strings();
-    if (!argv[1]) {
-        fprintf(stderr, "Usage: v3conf cert.pem [file.cnf]\n");
-        exit(1);
-    }
-    conf_file = argv[2];
-    if (!conf_file)
-        conf_file = "test.cnf";
-    conf = CONF_load(NULL, "test.cnf", NULL);
-    if (!conf) {
-        fprintf(stderr, "Error opening Config file %s\n", conf_file);
-        ERR_print_errors_fp(stderr);
-        exit(1);
-    }
-
-    inf = fopen(argv[1], "r");
-    if (!inf) {
-        fprintf(stderr, "Can't open certificate file %s\n", argv[1]);
-        exit(1);
-    }
-    cert = PEM_read_X509(inf, NULL, NULL);
-    if (!cert) {
-        fprintf(stderr, "Error reading certificate file %s\n", argv[1]);
-        exit(1);
-    }
-    fclose(inf);
-
-    sk_pop_free(cert->cert_info->extensions, X509_EXTENSION_free);
-    cert->cert_info->extensions = NULL;
-
-    if (!X509V3_EXT_add_conf(conf, NULL, "test_section", cert)) {
-        fprintf(stderr, "Error adding extensions\n");
-        ERR_print_errors_fp(stderr);
-        exit(1);
-    }
-
-    count = X509_get_ext_count(cert);
-    printf("%d extensions\n", count);
-    for (i = 0; i < count; i++) {
-        ext = X509_get_ext(cert, i);
-        printf("%s", OBJ_nid2ln(OBJ_obj2nid(ext->object)));
-        if (ext->critical)
-            printf(",critical:\n");
-        else
-            printf(":\n");
-        X509V3_EXT_print_fp(stdout, ext, 0, 0);
-        printf("\n");
-
-    }
-    return 0;
-}
diff --git a/thirdparty/openssl/crypto/x509v3/v3err.c b/thirdparty/openssl/crypto/x509v3/v3err.c
deleted file mode 100644
index bcc1be722e..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3err.c
+++ /dev/null
@@ -1,249 +0,0 @@
-/* crypto/x509v3/v3err.c */
-/* ====================================================================
- * Copyright (c) 1999-2014 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509V3,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509V3,0,reason)
-
-static ERR_STRING_DATA X509V3_str_functs[] = {
-    {ERR_FUNC(X509V3_F_A2I_GENERAL_NAME), "a2i_GENERAL_NAME"},
-    {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE),
-     "ASIDENTIFIERCHOICE_CANONIZE"},
-    {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL),
-     "ASIDENTIFIERCHOICE_IS_CANONICAL"},
-    {ERR_FUNC(X509V3_F_COPY_EMAIL), "COPY_EMAIL"},
-    {ERR_FUNC(X509V3_F_COPY_ISSUER), "COPY_ISSUER"},
-    {ERR_FUNC(X509V3_F_DO_DIRNAME), "DO_DIRNAME"},
-    {ERR_FUNC(X509V3_F_DO_EXT_CONF), "DO_EXT_CONF"},
-    {ERR_FUNC(X509V3_F_DO_EXT_I2D), "DO_EXT_I2D"},
-    {ERR_FUNC(X509V3_F_DO_EXT_NCONF), "DO_EXT_NCONF"},
-    {ERR_FUNC(X509V3_F_DO_I2V_NAME_CONSTRAINTS), "DO_I2V_NAME_CONSTRAINTS"},
-    {ERR_FUNC(X509V3_F_GNAMES_FROM_SECTNAME), "GNAMES_FROM_SECTNAME"},
-    {ERR_FUNC(X509V3_F_HEX_TO_STRING), "hex_to_string"},
-    {ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED), "i2s_ASN1_ENUMERATED"},
-    {ERR_FUNC(X509V3_F_I2S_ASN1_IA5STRING), "I2S_ASN1_IA5STRING"},
-    {ERR_FUNC(X509V3_F_I2S_ASN1_INTEGER), "i2s_ASN1_INTEGER"},
-    {ERR_FUNC(X509V3_F_I2V_AUTHORITY_INFO_ACCESS),
-     "I2V_AUTHORITY_INFO_ACCESS"},
-    {ERR_FUNC(X509V3_F_NOTICE_SECTION), "NOTICE_SECTION"},
-    {ERR_FUNC(X509V3_F_NREF_NOS), "NREF_NOS"},
-    {ERR_FUNC(X509V3_F_POLICY_SECTION), "POLICY_SECTION"},
-    {ERR_FUNC(X509V3_F_PROCESS_PCI_VALUE), "PROCESS_PCI_VALUE"},
-    {ERR_FUNC(X509V3_F_R2I_CERTPOL), "R2I_CERTPOL"},
-    {ERR_FUNC(X509V3_F_R2I_PCI), "R2I_PCI"},
-    {ERR_FUNC(X509V3_F_S2I_ASN1_IA5STRING), "S2I_ASN1_IA5STRING"},
-    {ERR_FUNC(X509V3_F_S2I_ASN1_INTEGER), "s2i_ASN1_INTEGER"},
-    {ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING), "s2i_ASN1_OCTET_STRING"},
-    {ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID), "S2I_ASN1_SKEY_ID"},
-    {ERR_FUNC(X509V3_F_S2I_SKEY_ID), "S2I_SKEY_ID"},
-    {ERR_FUNC(X509V3_F_SET_DIST_POINT_NAME), "SET_DIST_POINT_NAME"},
-    {ERR_FUNC(X509V3_F_STRING_TO_HEX), "string_to_hex"},
-    {ERR_FUNC(X509V3_F_SXNET_ADD_ID_ASC), "SXNET_add_id_asc"},
-    {ERR_FUNC(X509V3_F_SXNET_ADD_ID_INTEGER), "SXNET_add_id_INTEGER"},
-    {ERR_FUNC(X509V3_F_SXNET_ADD_ID_ULONG), "SXNET_add_id_ulong"},
-    {ERR_FUNC(X509V3_F_SXNET_GET_ID_ASC), "SXNET_get_id_asc"},
-    {ERR_FUNC(X509V3_F_SXNET_GET_ID_ULONG), "SXNET_get_id_ulong"},
-    {ERR_FUNC(X509V3_F_V2I_ASIDENTIFIERS), "V2I_ASIDENTIFIERS"},
-    {ERR_FUNC(X509V3_F_V2I_ASN1_BIT_STRING), "v2i_ASN1_BIT_STRING"},
-    {ERR_FUNC(X509V3_F_V2I_AUTHORITY_INFO_ACCESS),
-     "V2I_AUTHORITY_INFO_ACCESS"},
-    {ERR_FUNC(X509V3_F_V2I_AUTHORITY_KEYID), "V2I_AUTHORITY_KEYID"},
-    {ERR_FUNC(X509V3_F_V2I_BASIC_CONSTRAINTS), "V2I_BASIC_CONSTRAINTS"},
-    {ERR_FUNC(X509V3_F_V2I_CRLD), "V2I_CRLD"},
-    {ERR_FUNC(X509V3_F_V2I_EXTENDED_KEY_USAGE), "V2I_EXTENDED_KEY_USAGE"},
-    {ERR_FUNC(X509V3_F_V2I_GENERAL_NAMES), "v2i_GENERAL_NAMES"},
-    {ERR_FUNC(X509V3_F_V2I_GENERAL_NAME_EX), "v2i_GENERAL_NAME_ex"},
-    {ERR_FUNC(X509V3_F_V2I_IDP), "V2I_IDP"},
-    {ERR_FUNC(X509V3_F_V2I_IPADDRBLOCKS), "V2I_IPADDRBLOCKS"},
-    {ERR_FUNC(X509V3_F_V2I_ISSUER_ALT), "V2I_ISSUER_ALT"},
-    {ERR_FUNC(X509V3_F_V2I_NAME_CONSTRAINTS), "V2I_NAME_CONSTRAINTS"},
-    {ERR_FUNC(X509V3_F_V2I_POLICY_CONSTRAINTS), "V2I_POLICY_CONSTRAINTS"},
-    {ERR_FUNC(X509V3_F_V2I_POLICY_MAPPINGS), "V2I_POLICY_MAPPINGS"},
-    {ERR_FUNC(X509V3_F_V2I_SUBJECT_ALT), "V2I_SUBJECT_ALT"},
-    {ERR_FUNC(X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL),
-     "V3_ADDR_VALIDATE_PATH_INTERNAL"},
-    {ERR_FUNC(X509V3_F_V3_GENERIC_EXTENSION), "V3_GENERIC_EXTENSION"},
-    {ERR_FUNC(X509V3_F_X509V3_ADD1_I2D), "X509V3_add1_i2d"},
-    {ERR_FUNC(X509V3_F_X509V3_ADD_VALUE), "X509V3_add_value"},
-    {ERR_FUNC(X509V3_F_X509V3_EXT_ADD), "X509V3_EXT_add"},
-    {ERR_FUNC(X509V3_F_X509V3_EXT_ADD_ALIAS), "X509V3_EXT_add_alias"},
-    {ERR_FUNC(X509V3_F_X509V3_EXT_CONF), "X509V3_EXT_conf"},
-    {ERR_FUNC(X509V3_F_X509V3_EXT_FREE), "X509V3_EXT_free"},
-    {ERR_FUNC(X509V3_F_X509V3_EXT_I2D), "X509V3_EXT_i2d"},
-    {ERR_FUNC(X509V3_F_X509V3_EXT_NCONF), "X509V3_EXT_nconf"},
-    {ERR_FUNC(X509V3_F_X509V3_GET_SECTION), "X509V3_get_section"},
-    {ERR_FUNC(X509V3_F_X509V3_GET_STRING), "X509V3_get_string"},
-    {ERR_FUNC(X509V3_F_X509V3_GET_VALUE_BOOL), "X509V3_get_value_bool"},
-    {ERR_FUNC(X509V3_F_X509V3_PARSE_LIST), "X509V3_parse_list"},
-    {ERR_FUNC(X509V3_F_X509_PURPOSE_ADD), "X509_PURPOSE_add"},
-    {ERR_FUNC(X509V3_F_X509_PURPOSE_SET), "X509_PURPOSE_set"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA X509V3_str_reasons[] = {
-    {ERR_REASON(X509V3_R_BAD_IP_ADDRESS), "bad ip address"},
-    {ERR_REASON(X509V3_R_BAD_OBJECT), "bad object"},
-    {ERR_REASON(X509V3_R_BN_DEC2BN_ERROR), "bn dec2bn error"},
-    {ERR_REASON(X509V3_R_BN_TO_ASN1_INTEGER_ERROR),
-     "bn to asn1 integer error"},
-    {ERR_REASON(X509V3_R_CANNOT_FIND_FREE_FUNCTION),
-     "cannot find free function"},
-    {ERR_REASON(X509V3_R_DIRNAME_ERROR), "dirname error"},
-    {ERR_REASON(X509V3_R_DISTPOINT_ALREADY_SET), "distpoint already set"},
-    {ERR_REASON(X509V3_R_DUPLICATE_ZONE_ID), "duplicate zone id"},
-    {ERR_REASON(X509V3_R_ERROR_CONVERTING_ZONE), "error converting zone"},
-    {ERR_REASON(X509V3_R_ERROR_CREATING_EXTENSION),
-     "error creating extension"},
-    {ERR_REASON(X509V3_R_ERROR_IN_EXTENSION), "error in extension"},
-    {ERR_REASON(X509V3_R_EXPECTED_A_SECTION_NAME), "expected a section name"},
-    {ERR_REASON(X509V3_R_EXTENSION_EXISTS), "extension exists"},
-    {ERR_REASON(X509V3_R_EXTENSION_NAME_ERROR), "extension name error"},
-    {ERR_REASON(X509V3_R_EXTENSION_NOT_FOUND), "extension not found"},
-    {ERR_REASON(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED),
-     "extension setting not supported"},
-    {ERR_REASON(X509V3_R_EXTENSION_VALUE_ERROR), "extension value error"},
-    {ERR_REASON(X509V3_R_ILLEGAL_EMPTY_EXTENSION), "illegal empty extension"},
-    {ERR_REASON(X509V3_R_ILLEGAL_HEX_DIGIT), "illegal hex digit"},
-    {ERR_REASON(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG),
-     "incorrect policy syntax tag"},
-    {ERR_REASON(X509V3_R_INVALID_ASNUMBER), "invalid asnumber"},
-    {ERR_REASON(X509V3_R_INVALID_ASRANGE), "invalid asrange"},
-    {ERR_REASON(X509V3_R_INVALID_BOOLEAN_STRING), "invalid boolean string"},
-    {ERR_REASON(X509V3_R_INVALID_EXTENSION_STRING),
-     "invalid extension string"},
-    {ERR_REASON(X509V3_R_INVALID_INHERITANCE), "invalid inheritance"},
-    {ERR_REASON(X509V3_R_INVALID_IPADDRESS), "invalid ipaddress"},
-    {ERR_REASON(X509V3_R_INVALID_MULTIPLE_RDNS), "invalid multiple rdns"},
-    {ERR_REASON(X509V3_R_INVALID_NAME), "invalid name"},
-    {ERR_REASON(X509V3_R_INVALID_NULL_ARGUMENT), "invalid null argument"},
-    {ERR_REASON(X509V3_R_INVALID_NULL_NAME), "invalid null name"},
-    {ERR_REASON(X509V3_R_INVALID_NULL_VALUE), "invalid null value"},
-    {ERR_REASON(X509V3_R_INVALID_NUMBER), "invalid number"},
-    {ERR_REASON(X509V3_R_INVALID_NUMBERS), "invalid numbers"},
-    {ERR_REASON(X509V3_R_INVALID_OBJECT_IDENTIFIER),
-     "invalid object identifier"},
-    {ERR_REASON(X509V3_R_INVALID_OPTION), "invalid option"},
-    {ERR_REASON(X509V3_R_INVALID_POLICY_IDENTIFIER),
-     "invalid policy identifier"},
-    {ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_SETTING),
-     "invalid proxy policy setting"},
-    {ERR_REASON(X509V3_R_INVALID_PURPOSE), "invalid purpose"},
-    {ERR_REASON(X509V3_R_INVALID_SAFI), "invalid safi"},
-    {ERR_REASON(X509V3_R_INVALID_SECTION), "invalid section"},
-    {ERR_REASON(X509V3_R_INVALID_SYNTAX), "invalid syntax"},
-    {ERR_REASON(X509V3_R_ISSUER_DECODE_ERROR), "issuer decode error"},
-    {ERR_REASON(X509V3_R_MISSING_VALUE), "missing value"},
-    {ERR_REASON(X509V3_R_NEED_ORGANIZATION_AND_NUMBERS),
-     "need organization and numbers"},
-    {ERR_REASON(X509V3_R_NO_CONFIG_DATABASE), "no config database"},
-    {ERR_REASON(X509V3_R_NO_ISSUER_CERTIFICATE), "no issuer certificate"},
-    {ERR_REASON(X509V3_R_NO_ISSUER_DETAILS), "no issuer details"},
-    {ERR_REASON(X509V3_R_NO_POLICY_IDENTIFIER), "no policy identifier"},
-    {ERR_REASON(X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED),
-     "no proxy cert policy language defined"},
-    {ERR_REASON(X509V3_R_NO_PUBLIC_KEY), "no public key"},
-    {ERR_REASON(X509V3_R_NO_SUBJECT_DETAILS), "no subject details"},
-    {ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS), "odd number of digits"},
-    {ERR_REASON(X509V3_R_OPERATION_NOT_DEFINED), "operation not defined"},
-    {ERR_REASON(X509V3_R_OTHERNAME_ERROR), "othername error"},
-    {ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED),
-     "policy language already defined"},
-    {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH), "policy path length"},
-    {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED),
-     "policy path length already defined"},
-    {ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED),
-     "policy syntax not currently supported"},
-    {ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY),
-     "policy when proxy language requires no policy"},
-    {ERR_REASON(X509V3_R_SECTION_NOT_FOUND), "section not found"},
-    {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS),
-     "unable to get issuer details"},
-    {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID),
-     "unable to get issuer keyid"},
-    {ERR_REASON(X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT),
-     "unknown bit string argument"},
-    {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION), "unknown extension"},
-    {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION_NAME), "unknown extension name"},
-    {ERR_REASON(X509V3_R_UNKNOWN_OPTION), "unknown option"},
-    {ERR_REASON(X509V3_R_UNSUPPORTED_OPTION), "unsupported option"},
-    {ERR_REASON(X509V3_R_UNSUPPORTED_TYPE), "unsupported type"},
-    {ERR_REASON(X509V3_R_USER_TOO_LONG), "user too long"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_X509V3_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(X509V3_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, X509V3_str_functs);
-        ERR_load_strings(0, X509V3_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/crypto/x509v3/v3prin.c b/thirdparty/openssl/crypto/x509v3/v3prin.c
deleted file mode 100644
index cbc357079d..0000000000
--- a/thirdparty/openssl/crypto/x509v3/v3prin.c
+++ /dev/null
@@ -1,99 +0,0 @@
-/* v3prin.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/asn1.h>
-#include <openssl/conf.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-int main(int argc, char **argv)
-{
-    X509 *cert;
-    FILE *inf;
-    int i, count;
-    X509_EXTENSION *ext;
-    X509V3_add_standard_extensions();
-    ERR_load_crypto_strings();
-    if (!argv[1]) {
-        fprintf(stderr, "Usage v3prin cert.pem\n");
-        exit(1);
-    }
-    if (!(inf = fopen(argv[1], "r"))) {
-        fprintf(stderr, "Can't open %s\n", argv[1]);
-        exit(1);
-    }
-    if (!(cert = PEM_read_X509(inf, NULL, NULL))) {
-        fprintf(stderr, "Can't read certificate %s\n", argv[1]);
-        ERR_print_errors_fp(stderr);
-        exit(1);
-    }
-    fclose(inf);
-    count = X509_get_ext_count(cert);
-    printf("%d extensions\n", count);
-    for (i = 0; i < count; i++) {
-        ext = X509_get_ext(cert, i);
-        printf("%s\n", OBJ_nid2ln(OBJ_obj2nid(ext->object)));
-        if (!X509V3_EXT_print_fp(stdout, ext, 0, 0))
-            ERR_print_errors_fp(stderr);
-        printf("\n");
-
-    }
-    return 0;
-}
diff --git a/thirdparty/openssl/e_os.h b/thirdparty/openssl/e_os.h
deleted file mode 100644
index 1fa36c1719..0000000000
--- a/thirdparty/openssl/e_os.h
+++ /dev/null
@@ -1,782 +0,0 @@
-/* e_os.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_E_OS_H
-# define HEADER_E_OS_H
-
-# include <openssl/opensslconf.h>
-
-# include <openssl/e_os2.h>
-/*
- * <openssl/e_os2.h> contains what we can justify to make visible to the
- * outside; this file e_os.h is not part of the exported interface.
- */
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Used to checking reference counts, most while doing perl5 stuff :-) */
-# ifdef REF_PRINT
-#  undef REF_PRINT
-#  define REF_PRINT(a,b)  fprintf(stderr,"%08X:%4d:%s\n",(int)b,b->references,a)
-# endif
-
-# ifndef DEVRANDOM
-/*
- * set this to a comma-separated list of 'random' device files to try out. My
- * default, we will try to read at least one of these files
- */
-#  define DEVRANDOM "/dev/urandom","/dev/random","/dev/srandom"
-# endif
-# ifndef DEVRANDOM_EGD
-/*
- * set this to a comma-seperated list of 'egd' sockets to try out. These
- * sockets will be tried in the order listed in case accessing the device
- * files listed in DEVRANDOM did not return enough entropy.
- */
-#  define DEVRANDOM_EGD "/var/run/egd-pool","/dev/egd-pool","/etc/egd-pool","/etc/entropy"
-# endif
-
-# if defined(OPENSSL_SYS_VXWORKS)
-#  define NO_SYS_PARAM_H
-#  define NO_CHMOD
-#  define NO_SYSLOG
-# endif
-
-# if defined(OPENSSL_SYS_MACINTOSH_CLASSIC)
-#  if macintosh==1
-#   ifndef MAC_OS_GUSI_SOURCE
-#    define MAC_OS_pre_X
-#    define NO_SYS_TYPES_H
-#   endif
-#   define NO_SYS_PARAM_H
-#   define NO_CHMOD
-#   define NO_SYSLOG
-#   undef  DEVRANDOM
-#   define GETPID_IS_MEANINGLESS
-#  endif
-# endif
-
-/********************************************************************
- The Microsoft section
- ********************************************************************/
-/*
- * The following is used because of the small stack in some Microsoft
- * operating systems
- */
-# if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYSNAME_WIN32)
-#  define MS_STATIC     static
-# else
-#  define MS_STATIC
-# endif
-
-# if defined(OPENSSL_SYS_WIN32) && !defined(WIN32)
-#  define WIN32
-# endif
-# if defined(OPENSSL_SYS_WINDOWS) && !defined(WINDOWS)
-#  define WINDOWS
-# endif
-# if defined(OPENSSL_SYS_MSDOS) && !defined(MSDOS)
-#  define MSDOS
-# endif
-
-# if defined(MSDOS) && !defined(GETPID_IS_MEANINGLESS)
-#  define GETPID_IS_MEANINGLESS
-# endif
-
-# ifdef WIN32
-#  define get_last_sys_error()    GetLastError()
-#  define clear_sys_error()       SetLastError(0)
-#  if !defined(WINNT)
-#   define WIN_CONSOLE_BUG
-#  endif
-# else
-#  define get_last_sys_error()    errno
-#  define clear_sys_error()       errno=0
-# endif
-
-# if defined(WINDOWS)
-#  define get_last_socket_error() WSAGetLastError()
-#  define clear_socket_error()    WSASetLastError(0)
-#  define readsocket(s,b,n)       recv((s),(b),(n),0)
-#  define writesocket(s,b,n)      send((s),(b),(n),0)
-# elif defined(__DJGPP__)
-#  define WATT32
-#  define get_last_socket_error() errno
-#  define clear_socket_error()    errno=0
-#  define closesocket(s)          close_s(s)
-#  define readsocket(s,b,n)       read_s(s,b,n)
-#  define writesocket(s,b,n)      send(s,b,n,0)
-# elif defined(MAC_OS_pre_X)
-#  define get_last_socket_error() errno
-#  define clear_socket_error()    errno=0
-#  define closesocket(s)          MacSocket_close(s)
-#  define readsocket(s,b,n)       MacSocket_recv((s),(b),(n),true)
-#  define writesocket(s,b,n)      MacSocket_send((s),(b),(n))
-# elif defined(OPENSSL_SYS_VMS)
-#  define get_last_socket_error() errno
-#  define clear_socket_error()    errno=0
-#  define ioctlsocket(a,b,c)      ioctl(a,b,c)
-#  define closesocket(s)          close(s)
-#  define readsocket(s,b,n)       recv((s),(b),(n),0)
-#  define writesocket(s,b,n)      send((s),(b),(n),0)
-# elif defined(OPENSSL_SYS_VXWORKS)
-#  define get_last_socket_error() errno
-#  define clear_socket_error()    errno=0
-#  define ioctlsocket(a,b,c)          ioctl((a),(b),(int)(c))
-#  define closesocket(s)              close(s)
-#  define readsocket(s,b,n)           read((s),(b),(n))
-#  define writesocket(s,b,n)          write((s),(char *)(b),(n))
-# elif defined(OPENSSL_SYS_BEOS_R5)
-#  define get_last_socket_error() errno
-#  define clear_socket_error()    errno=0
-#  define FIONBIO SO_NONBLOCK
-#  define ioctlsocket(a,b,c)                setsockopt((a),SOL_SOCKET,(b),(c),sizeof(*(c)))
-#  define readsocket(s,b,n)       recv((s),(b),(n),0)
-#  define writesocket(s,b,n)      send((s),(b),(n),0)
-# elif defined(OPENSSL_SYS_NETWARE)
-#  if defined(NETWARE_BSDSOCK)
-#   define get_last_socket_error() errno
-#   define clear_socket_error()    errno=0
-#   define closesocket(s)          close(s)
-#   define ioctlsocket(a,b,c)      ioctl(a,b,c)
-#   if defined(NETWARE_LIBC)
-#    define readsocket(s,b,n)       recv((s),(b),(n),0)
-#    define writesocket(s,b,n)      send((s),(b),(n),0)
-#   else
-#    define readsocket(s,b,n)       recv((s),(char*)(b),(n),0)
-#    define writesocket(s,b,n)      send((s),(char*)(b),(n),0)
-#   endif
-#  else
-#   define get_last_socket_error() WSAGetLastError()
-#   define clear_socket_error()    WSASetLastError(0)
-#   define readsocket(s,b,n)               recv((s),(b),(n),0)
-#   define writesocket(s,b,n)              send((s),(b),(n),0)
-#  endif
-# else
-#  define get_last_socket_error() errno
-#  define clear_socket_error()    errno=0
-#  define ioctlsocket(a,b,c)      ioctl(a,b,c)
-#  define closesocket(s)          close(s)
-#  define readsocket(s,b,n)       read((s),(b),(n))
-#  define writesocket(s,b,n)      write((s),(b),(n))
-# endif
-
-# ifdef WIN16                   /* never the case */
-#  define MS_CALLBACK   _far _loadds
-#  define MS_FAR        _far
-# else
-#  define MS_CALLBACK
-#  define MS_FAR
-# endif
-
-# ifdef OPENSSL_NO_STDIO
-#  undef OPENSSL_NO_FP_API
-#  define OPENSSL_NO_FP_API
-# endif
-
-# if (defined(WINDOWS) || defined(MSDOS))
-
-#  ifdef __DJGPP__
-#   include <unistd.h>
-#   include <sys/stat.h>
-#   include <sys/socket.h>
-#   include <tcp.h>
-#   include <netdb.h>
-#   define _setmode setmode
-#   define _O_TEXT O_TEXT
-#   define _O_BINARY O_BINARY
-#   undef DEVRANDOM
-#   define DEVRANDOM "/dev/urandom\x24"
-#  endif                        /* __DJGPP__ */
-
-#  ifndef S_IFDIR
-#   define S_IFDIR     _S_IFDIR
-#  endif
-
-#  ifndef S_IFMT
-#   define S_IFMT      _S_IFMT
-#  endif
-
-#  if !defined(WINNT) && !defined(__DJGPP__)
-#   define NO_SYSLOG
-#  endif
-#  define NO_DIRENT
-
-#  ifdef WINDOWS
-#   if !defined(_WIN32_WCE) && !defined(_WIN32_WINNT)
-       /*
-        * Defining _WIN32_WINNT here in e_os.h implies certain "discipline."
-        * Most notably we ought to check for availability of each specific
-        * routine with GetProcAddress() and/or guard NT-specific calls with
-        * GetVersion() < 0x80000000. One can argue that in latter "or" case
-        * we ought to /DELAYLOAD some .DLLs in order to protect ourselves
-        * against run-time link errors. This doesn't seem to be necessary,
-        * because it turned out that already Windows 95, first non-NT Win32
-        * implementation, is equipped with at least NT 3.51 stubs, dummy
-        * routines with same name, but which do nothing. Meaning that it's
-        * apparently sufficient to guard "vanilla" NT calls with GetVersion
-        * alone, while NT 4.0 and above interfaces ought to be linked with
-        * GetProcAddress at run-time.
-        */
-#    define _WIN32_WINNT 0x0400
-#   endif
-#   if !defined(OPENSSL_NO_SOCK) && (defined(_WIN32_WINNT) || defined(_WIN32_WCE))
-       /*
-        * Just like defining _WIN32_WINNT including winsock2.h implies
-        * certain "discipline" for maintaining [broad] binary compatibility.
-        * As long as structures are invariant among Winsock versions,
-        * it's sufficient to check for specific Winsock2 API availability
-        * at run-time [DSO_global_lookup is recommended]...
-        */
-#    include <winsock2.h>
-#    include <ws2tcpip.h>
-       /* yes, they have to be #included prior to <windows.h> */
-#   endif
-#   include <windows.h>
-#   include <stdio.h>
-#   include <stddef.h>
-#   include <errno.h>
-#   if defined(_WIN32_WCE) && !defined(EACCES)
-#    define EACCES   13
-#   endif
-#   include <string.h>
-#   ifdef _WIN64
-#    define strlen(s) _strlen31(s)
-/* cut strings to 2GB */
-static __inline unsigned int _strlen31(const char *str)
-{
-    unsigned int len = 0;
-    while (*str && len < 0x80000000U)
-        str++, len++;
-    return len & 0x7FFFFFFF;
-}
-#   endif
-#   include <malloc.h>
-#   if defined(_MSC_VER) && _MSC_VER<=1200 && defined(_MT) && defined(isspace)
-       /* compensate for bug in VC6 ctype.h */
-#    undef isspace
-#    undef isdigit
-#    undef isalnum
-#    undef isupper
-#    undef isxdigit
-#   endif
-#   if defined(_MSC_VER) && !defined(_WIN32_WCE) && !defined(_DLL) && defined(stdin)
-#    if _MSC_VER>=1300 && _MSC_VER<1600
-#     undef stdin
-#     undef stdout
-#     undef stderr
-FILE *__iob_func();
-#     define stdin  (&__iob_func()[0])
-#     define stdout (&__iob_func()[1])
-#     define stderr (&__iob_func()[2])
-#    elif _MSC_VER<1300 && defined(I_CAN_LIVE_WITH_LNK4049)
-#     undef stdin
-#     undef stdout
-#     undef stderr
-         /*
-          * pre-1300 has __p__iob(), but it's available only in msvcrt.lib,
-          * or in other words with /MD. Declaring implicit import, i.e. with
-          * _imp_ prefix, works correctly with all compiler options, but
-          * without /MD results in LINK warning LNK4049: 'locally defined
-          * symbol "__iob" imported'.
-          */
-extern FILE *_imp___iob;
-#     define stdin  (&_imp___iob[0])
-#     define stdout (&_imp___iob[1])
-#     define stderr (&_imp___iob[2])
-#    endif
-#   endif
-#  endif
-#  include <io.h>
-#  include <fcntl.h>
-
-#  ifdef OPENSSL_SYS_WINCE
-#   define OPENSSL_NO_POSIX_IO
-#  endif
-
-#  if defined (__BORLANDC__)
-#   define _setmode setmode
-#   define _O_TEXT O_TEXT
-#   define _O_BINARY O_BINARY
-#   define _int64 __int64
-#   define _kbhit kbhit
-#  endif
-
-#  define EXIT(n) exit(n)
-#  define LIST_SEPARATOR_CHAR ';'
-#  ifndef X_OK
-#   define X_OK        0
-#  endif
-#  ifndef W_OK
-#   define W_OK        2
-#  endif
-#  ifndef R_OK
-#   define R_OK        4
-#  endif
-#  define OPENSSL_CONF  "openssl.cnf"
-#  define SSLEAY_CONF   OPENSSL_CONF
-#  define NUL_DEV       "nul"
-#  define RFILE         ".rnd"
-#  ifdef OPENSSL_SYS_WINCE
-#   define DEFAULT_HOME  ""
-#  else
-#   define DEFAULT_HOME  "C:"
-#  endif
-
-/* Avoid Visual Studio 13 GetVersion deprecated problems */
-#  if defined(_MSC_VER) && _MSC_VER>=1800
-#   define check_winnt() (1)
-#   define check_win_minplat(x) (1)
-#  else
-#   define check_winnt() (GetVersion() < 0x80000000)
-#   define check_win_minplat(x) (LOBYTE(LOWORD(GetVersion())) >= (x))
-#  endif
-
-# else                          /* The non-microsoft world */
-
-#  ifdef OPENSSL_SYS_VMS
-#   define VMS 1
-  /*
-   * some programs don't include stdlib, so exit() and others give implicit
-   * function warnings
-   */
-#   include <stdlib.h>
-#   if defined(__DECC)
-#    include <unistd.h>
-#   else
-#    include <unixlib.h>
-#   endif
-#   define OPENSSL_CONF        "openssl.cnf"
-#   define SSLEAY_CONF         OPENSSL_CONF
-#   define RFILE               ".rnd"
-#   define LIST_SEPARATOR_CHAR ','
-#   define NUL_DEV             "NLA0:"
-  /* We don't have any well-defined random devices on VMS, yet... */
-#   undef DEVRANDOM
-  /*-
-     We need to do this since VMS has the following coding on status codes:
-
-     Bits 0-2: status type: 0 = warning, 1 = success, 2 = error, 3 = info ...
-               The important thing to know is that odd numbers are considered
-               good, while even ones are considered errors.
-     Bits 3-15: actual status number
-     Bits 16-27: facility number.  0 is considered "unknown"
-     Bits 28-31: control bits.  If bit 28 is set, the shell won't try to
-                 output the message (which, for random codes, just looks ugly)
-
-     So, what we do here is to change 0 to 1 to get the default success status,
-     and everything else is shifted up to fit into the status number field, and
-     the status is tagged as an error, which I believe is what is wanted here.
-     -- Richard Levitte
-  */
-#   define EXIT(n)             do { int __VMS_EXIT = n; \
-                                     if (__VMS_EXIT == 0) \
-                                       __VMS_EXIT = 1; \
-                                     else \
-                                       __VMS_EXIT = (n << 3) | 2; \
-                                     __VMS_EXIT |= 0x10000000; \
-                                     exit(__VMS_EXIT); } while(0)
-#   define NO_SYS_PARAM_H
-
-#  elif defined(OPENSSL_SYS_NETWARE)
-#   include <fcntl.h>
-#   include <unistd.h>
-#   define NO_SYS_TYPES_H
-#   undef  DEVRANDOM
-#   ifdef NETWARE_CLIB
-#    define getpid GetThreadID
-extern int GetThreadID(void);
-/* #      include <conio.h> */
-extern int kbhit(void);
-#   else
-#    include <screen.h>
-#   endif
-#   define NO_SYSLOG
-#   define _setmode setmode
-#   define _kbhit kbhit
-#   define _O_TEXT O_TEXT
-#   define _O_BINARY O_BINARY
-#   define OPENSSL_CONF   "openssl.cnf"
-#   define SSLEAY_CONF    OPENSSL_CONF
-#   define RFILE    ".rnd"
-#   define LIST_SEPARATOR_CHAR ';'
-#   define EXIT(n)  { if (n) printf("ERROR: %d\n", (int)n); exit(n); }
-
-#  else
-     /* !defined VMS */
-#   ifdef OPENSSL_SYS_MPE
-#    define NO_SYS_PARAM_H
-#   endif
-#   ifdef OPENSSL_UNISTD
-#    include OPENSSL_UNISTD
-#   else
-#    include <unistd.h>
-#   endif
-#   ifndef NO_SYS_TYPES_H
-#    include <sys/types.h>
-#   endif
-#   if defined(NeXT) || defined(OPENSSL_SYS_NEWS4)
-#    define pid_t int           /* pid_t is missing on NEXTSTEP/OPENSTEP
-                                 * (unless when compiling with
-                                 * -D_POSIX_SOURCE, which doesn't work for
-                                 * us) */
-#   endif
-#   ifdef OPENSSL_SYS_NEWS4     /* setvbuf is missing on mips-sony-bsd */
-#    define setvbuf(a, b, c, d) setbuffer((a), (b), (d))
-typedef unsigned long clock_t;
-#   endif
-#   ifdef OPENSSL_SYS_WIN32_CYGWIN
-#    include <io.h>
-#    include <fcntl.h>
-#   endif
-
-#   define OPENSSL_CONF        "openssl.cnf"
-#   define SSLEAY_CONF         OPENSSL_CONF
-#   define RFILE               ".rnd"
-#   define LIST_SEPARATOR_CHAR ':'
-#   define NUL_DEV             "/dev/null"
-#   define EXIT(n)             exit(n)
-#  endif
-
-#  define SSLeay_getpid()       getpid()
-
-# endif
-
-/*************/
-
-# if defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_DGRAM)
-#  define OPENSSL_NO_DGRAM
-# endif
-
-# ifdef USE_SOCKETS
-#  if defined(WINDOWS) || defined(MSDOS)
-      /* windows world */
-
-#   ifdef OPENSSL_NO_SOCK
-#    define SSLeay_Write(a,b,c)       (-1)
-#    define SSLeay_Read(a,b,c)        (-1)
-#    define SHUTDOWN(fd)              close(fd)
-#    define SHUTDOWN2(fd)             close(fd)
-#   elif !defined(__DJGPP__)
-#    if defined(_WIN32_WCE) && _WIN32_WCE<410
-#     define getservbyname _masked_declaration_getservbyname
-#    endif
-#    if !defined(IPPROTO_IP)
-         /* winsock[2].h was included already? */
-#     include <winsock.h>
-#    endif
-#    ifdef getservbyname
-#     undef getservbyname
-         /* this is used to be wcecompat/include/winsock_extras.h */
-struct servent *PASCAL getservbyname(const char *, const char *);
-#    endif
-
-#    ifdef _WIN64
-/*
- * Even though sizeof(SOCKET) is 8, it's safe to cast it to int, because
- * the value constitutes an index in per-process table of limited size
- * and not a real pointer.
- */
-#     define socket(d,t,p)   ((int)socket(d,t,p))
-#     define accept(s,f,l)   ((int)accept(s,f,l))
-#    endif
-#    define SSLeay_Write(a,b,c)       send((a),(b),(c),0)
-#    define SSLeay_Read(a,b,c)        recv((a),(b),(c),0)
-#    define SHUTDOWN(fd)              { shutdown((fd),0); closesocket(fd); }
-#    define SHUTDOWN2(fd)             { shutdown((fd),2); closesocket(fd); }
-#   else
-#    define SSLeay_Write(a,b,c)       write_s(a,b,c,0)
-#    define SSLeay_Read(a,b,c)        read_s(a,b,c)
-#    define SHUTDOWN(fd)              close_s(fd)
-#    define SHUTDOWN2(fd)             close_s(fd)
-#   endif
-
-#  elif defined(MAC_OS_pre_X)
-
-#   include "MacSocket.h"
-#   define SSLeay_Write(a,b,c)         MacSocket_send((a),(b),(c))
-#   define SSLeay_Read(a,b,c)          MacSocket_recv((a),(b),(c),true)
-#   define SHUTDOWN(fd)                MacSocket_close(fd)
-#   define SHUTDOWN2(fd)               MacSocket_close(fd)
-
-#  elif defined(OPENSSL_SYS_NETWARE)
-         /*
-          * NetWare uses the WinSock2 interfaces by default, but can be
-          * configured for BSD
-          */
-#   if defined(NETWARE_BSDSOCK)
-#    include <sys/socket.h>
-#    include <netinet/in.h>
-#    include <sys/time.h>
-#    if defined(NETWARE_CLIB)
-#     include <sys/bsdskt.h>
-#    else
-#     include <sys/select.h>
-#    endif
-#    define INVALID_SOCKET (int)(~0)
-#   else
-#    include <novsock2.h>
-#   endif
-#   define SSLeay_Write(a,b,c)   send((a),(b),(c),0)
-#   define SSLeay_Read(a,b,c) recv((a),(b),(c),0)
-#   define SHUTDOWN(fd)    { shutdown((fd),0); closesocket(fd); }
-#   define SHUTDOWN2(fd)      { shutdown((fd),2); closesocket(fd); }
-
-#  else
-
-#   ifndef NO_SYS_PARAM_H
-#    include <sys/param.h>
-#   endif
-#   ifdef OPENSSL_SYS_VXWORKS
-#    include <time.h>
-#   elif !defined(OPENSSL_SYS_MPE)
-#    include <sys/time.h>       /* Needed under linux for FD_XXX */
-#   endif
-
-#   include <netdb.h>
-#   if defined(OPENSSL_SYS_VMS_NODECC)
-#    include <socket.h>
-#    include <in.h>
-#    include <inet.h>
-#   else
-#    include <sys/socket.h>
-#    ifdef FILIO_H
-#     include <sys/filio.h>     /* Added for FIONBIO under unixware */
-#    endif
-#    include <netinet/in.h>
-#    if !defined(OPENSSL_SYS_BEOS_R5)
-#     include <arpa/inet.h>
-#    endif
-#   endif
-
-#   if defined(NeXT) || defined(_NEXT_SOURCE)
-#    include <sys/fcntl.h>
-#    include <sys/types.h>
-#   endif
-
-#   ifdef OPENSSL_SYS_AIX
-#    include <sys/select.h>
-#   endif
-
-#   ifdef __QNX__
-#    include <sys/select.h>
-#   endif
-
-#   if defined(__sun) || defined(sun)
-#    include <sys/filio.h>
-#   else
-#    ifndef VMS
-#     include <sys/ioctl.h>
-#    else
-         /* ioctl is only in VMS > 7.0 and when socketshr is not used */
-#     if !defined(TCPIP_TYPE_SOCKETSHR) && defined(__VMS_VER) && (__VMS_VER > 70000000)
-#      include <sys/ioctl.h>
-#     endif
-#    endif
-#   endif
-
-#   ifdef VMS
-#    include <unixio.h>
-#    if defined(TCPIP_TYPE_SOCKETSHR)
-#     include <socketshr.h>
-#    endif
-#   endif
-
-#   define SSLeay_Read(a,b,c)     read((a),(b),(c))
-#   define SSLeay_Write(a,b,c)    write((a),(b),(c))
-#   define SHUTDOWN(fd)    { shutdown((fd),0); closesocket((fd)); }
-#   define SHUTDOWN2(fd)   { shutdown((fd),2); closesocket((fd)); }
-#   ifndef INVALID_SOCKET
-#    define INVALID_SOCKET      (-1)
-#   endif                       /* INVALID_SOCKET */
-#  endif
-
-/*
- * Some IPv6 implementations are broken, disable them in known bad versions.
- */
-#  if !defined(OPENSSL_USE_IPV6)
-#   if defined(AF_INET6) && !defined(OPENSSL_SYS_BEOS_BONE) && !defined(NETWARE_CLIB)
-#    define OPENSSL_USE_IPV6 1
-#   else
-#    define OPENSSL_USE_IPV6 0
-#   endif
-#  endif
-
-# endif
-
-# if (defined(__sun) || defined(sun)) && !defined(__svr4__) && !defined(__SVR4)
-  /* include headers first, so our defines don't break it */
-#  include <stdlib.h>
-#  include <string.h>
-  /* bcopy can handle overlapping moves according to SunOS 4.1.4 manpage */
-#  define memmove(s1,s2,n) bcopy((s2),(s1),(n))
-#  define strtoul(s,e,b) ((unsigned long int)strtol((s),(e),(b)))
-extern char *sys_errlist[];
-extern int sys_nerr;
-#  define strerror(errnum) \
-        (((errnum)<0 || (errnum)>=sys_nerr) ? NULL : sys_errlist[errnum])
-  /* Being signed SunOS 4.x memcpy breaks ASN1_OBJECT table lookup */
-#  include "crypto/o_str.h"
-#  define memcmp OPENSSL_memcmp
-# endif
-
-# ifndef OPENSSL_EXIT
-#  if defined(MONOLITH) && !defined(OPENSSL_C)
-#   define OPENSSL_EXIT(n) return(n)
-#  else
-#   define OPENSSL_EXIT(n) do { EXIT(n); return(n); } while(0)
-#  endif
-# endif
-
-/***********************************************/
-
-# define DG_GCC_BUG             /* gcc < 2.6.3 on DGUX */
-
-# ifdef sgi
-#  define IRIX_CC_BUG           /* all version of IRIX I've tested (4.* 5.*) */
-# endif
-# ifdef OPENSSL_SYS_SNI
-#  define IRIX_CC_BUG           /* CDS++ up to V2.0Bsomething suffered from
-                                 * the same bug. */
-# endif
-
-# if defined(OPENSSL_SYS_WINDOWS)
-#  define strcasecmp _stricmp
-#  define strncasecmp _strnicmp
-# elif defined(OPENSSL_SYS_VMS)
-/* VMS below version 7.0 doesn't have strcasecmp() */
-#  include "o_str.h"
-#  define strcasecmp OPENSSL_strcasecmp
-#  define strncasecmp OPENSSL_strncasecmp
-#  define OPENSSL_IMPLEMENTS_strncasecmp
-# elif defined(OPENSSL_SYS_OS2) && defined(__EMX__)
-#  define strcasecmp stricmp
-#  define strncasecmp strnicmp
-# elif defined(OPENSSL_SYS_NETWARE)
-#  include <string.h>
-#  if defined(NETWARE_CLIB)
-#   define strcasecmp stricmp
-#   define strncasecmp strnicmp
-#  endif                        /* NETWARE_CLIB */
-# endif
-
-# if defined(OPENSSL_SYS_OS2) && defined(__EMX__)
-#  include <io.h>
-#  include <fcntl.h>
-#  define NO_SYSLOG
-# endif
-
-/* vxworks */
-# if defined(OPENSSL_SYS_VXWORKS)
-#  include <ioLib.h>
-#  include <tickLib.h>
-#  include <sysLib.h>
-
-#  define TTY_STRUCT int
-
-#  define sleep(a) taskDelay((a) * sysClkRateGet())
-
-#  include <vxWorks.h>
-#  include <sockLib.h>
-#  include <taskLib.h>
-
-#  define getpid taskIdSelf
-
-/*
- * NOTE: these are implemented by helpers in database app! if the database is
- * not linked, we need to implement them elswhere
- */
-struct hostent *gethostbyname(const char *name);
-struct hostent *gethostbyaddr(const char *addr, int length, int type);
-struct servent *getservbyname(const char *name, const char *proto);
-
-# endif
-/* end vxworks */
-
-/* beos */
-# if defined(OPENSSL_SYS_BEOS_R5)
-#  define SO_ERROR 0
-#  define NO_SYS_UN
-#  define IPPROTO_IP 0
-#  include <OS.h>
-# endif
-
-# if !defined(inline) && !defined(__cplusplus)
-#  if defined(__STDC_VERSION__) && __STDC_VERSION__>=199901L
-   /* do nothing, inline works */
-#  elif defined(__GNUC__) && __GNUC__>=2
-#   define inline __inline__
-#  elif defined(_MSC_VER)
-  /*
-   * Visual Studio: inline is available in C++ only, however
-   * __inline is available for C, see
-   * http://msdn.microsoft.com/en-us/library/z8y1yy88.aspx
-   */
-#   define inline __inline
-#  else
-#   define inline
-#  endif
-# endif
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/openssl/aes.h b/thirdparty/openssl/openssl/aes.h
deleted file mode 100644
index faa66c4914..0000000000
--- a/thirdparty/openssl/openssl/aes.h
+++ /dev/null
@@ -1,149 +0,0 @@
-/* crypto/aes/aes.h */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef HEADER_AES_H
-# define HEADER_AES_H
-
-# include <openssl/opensslconf.h>
-
-# ifdef OPENSSL_NO_AES
-#  error AES is disabled.
-# endif
-
-# include <stddef.h>
-
-# define AES_ENCRYPT     1
-# define AES_DECRYPT     0
-
-/*
- * Because array size can't be a const in C, the following two are macros.
- * Both sizes are in bytes.
- */
-# define AES_MAXNR 14
-# define AES_BLOCK_SIZE 16
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* This should be a hidden type, but EVP requires that the size be known */
-struct aes_key_st {
-# ifdef AES_LONG
-    unsigned long rd_key[4 * (AES_MAXNR + 1)];
-# else
-    unsigned int rd_key[4 * (AES_MAXNR + 1)];
-# endif
-    int rounds;
-};
-typedef struct aes_key_st AES_KEY;
-
-const char *AES_options(void);
-
-int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
-                        AES_KEY *key);
-int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
-                        AES_KEY *key);
-
-int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
-                                AES_KEY *key);
-int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
-                                AES_KEY *key);
-
-void AES_encrypt(const unsigned char *in, unsigned char *out,
-                 const AES_KEY *key);
-void AES_decrypt(const unsigned char *in, unsigned char *out,
-                 const AES_KEY *key);
-
-void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
-                     const AES_KEY *key, const int enc);
-void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
-                     size_t length, const AES_KEY *key,
-                     unsigned char *ivec, const int enc);
-void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
-                        size_t length, const AES_KEY *key,
-                        unsigned char *ivec, int *num, const int enc);
-void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
-                      size_t length, const AES_KEY *key,
-                      unsigned char *ivec, int *num, const int enc);
-void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
-                      size_t length, const AES_KEY *key,
-                      unsigned char *ivec, int *num, const int enc);
-void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
-                        size_t length, const AES_KEY *key,
-                        unsigned char *ivec, int *num);
-void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
-                        size_t length, const AES_KEY *key,
-                        unsigned char ivec[AES_BLOCK_SIZE],
-                        unsigned char ecount_buf[AES_BLOCK_SIZE],
-                        unsigned int *num);
-/* NB: the IV is _two_ blocks long */
-void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
-                     size_t length, const AES_KEY *key,
-                     unsigned char *ivec, const int enc);
-/* NB: the IV is _four_ blocks long */
-void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
-                        size_t length, const AES_KEY *key,
-                        const AES_KEY *key2, const unsigned char *ivec,
-                        const int enc);
-
-int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
-                 unsigned char *out,
-                 const unsigned char *in, unsigned int inlen);
-int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
-                   unsigned char *out,
-                   const unsigned char *in, unsigned int inlen);
-
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif                          /* !HEADER_AES_H */
diff --git a/thirdparty/openssl/openssl/asn1.h b/thirdparty/openssl/openssl/asn1.h
deleted file mode 100644
index 68e791fcdb..0000000000
--- a/thirdparty/openssl/openssl/asn1.h
+++ /dev/null
@@ -1,1419 +0,0 @@
-/* crypto/asn1/asn1.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_ASN1_H
-# define HEADER_ASN1_H
-
-# include <time.h>
-# include <openssl/e_os2.h>
-# ifndef OPENSSL_NO_BIO
-#  include <openssl/bio.h>
-# endif
-# include <openssl/stack.h>
-# include <openssl/safestack.h>
-
-# include <openssl/symhacks.h>
-
-# include <openssl/ossl_typ.h>
-# ifndef OPENSSL_NO_DEPRECATED
-#  include <openssl/bn.h>
-# endif
-
-# ifdef OPENSSL_BUILD_SHLIBCRYPTO
-#  undef OPENSSL_EXTERN
-#  define OPENSSL_EXTERN OPENSSL_EXPORT
-# endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# define V_ASN1_UNIVERSAL                0x00
-# define V_ASN1_APPLICATION              0x40
-# define V_ASN1_CONTEXT_SPECIFIC         0x80
-# define V_ASN1_PRIVATE                  0xc0
-
-# define V_ASN1_CONSTRUCTED              0x20
-# define V_ASN1_PRIMITIVE_TAG            0x1f
-# define V_ASN1_PRIMATIVE_TAG            0x1f
-
-# define V_ASN1_APP_CHOOSE               -2/* let the recipient choose */
-# define V_ASN1_OTHER                    -3/* used in ASN1_TYPE */
-# define V_ASN1_ANY                      -4/* used in ASN1 template code */
-
-# define V_ASN1_NEG                      0x100/* negative flag */
-
-# define V_ASN1_UNDEF                    -1
-# define V_ASN1_EOC                      0
-# define V_ASN1_BOOLEAN                  1 /**/
-# define V_ASN1_INTEGER                  2
-# define V_ASN1_NEG_INTEGER              (2 | V_ASN1_NEG)
-# define V_ASN1_BIT_STRING               3
-# define V_ASN1_OCTET_STRING             4
-# define V_ASN1_NULL                     5
-# define V_ASN1_OBJECT                   6
-# define V_ASN1_OBJECT_DESCRIPTOR        7
-# define V_ASN1_EXTERNAL                 8
-# define V_ASN1_REAL                     9
-# define V_ASN1_ENUMERATED               10
-# define V_ASN1_NEG_ENUMERATED           (10 | V_ASN1_NEG)
-# define V_ASN1_UTF8STRING               12
-# define V_ASN1_SEQUENCE                 16
-# define V_ASN1_SET                      17
-# define V_ASN1_NUMERICSTRING            18 /**/
-# define V_ASN1_PRINTABLESTRING          19
-# define V_ASN1_T61STRING                20
-# define V_ASN1_TELETEXSTRING            20/* alias */
-# define V_ASN1_VIDEOTEXSTRING           21 /**/
-# define V_ASN1_IA5STRING                22
-# define V_ASN1_UTCTIME                  23
-# define V_ASN1_GENERALIZEDTIME          24 /**/
-# define V_ASN1_GRAPHICSTRING            25 /**/
-# define V_ASN1_ISO64STRING              26 /**/
-# define V_ASN1_VISIBLESTRING            26/* alias */
-# define V_ASN1_GENERALSTRING            27 /**/
-# define V_ASN1_UNIVERSALSTRING          28 /**/
-# define V_ASN1_BMPSTRING                30
-/* For use with d2i_ASN1_type_bytes() */
-# define B_ASN1_NUMERICSTRING    0x0001
-# define B_ASN1_PRINTABLESTRING  0x0002
-# define B_ASN1_T61STRING        0x0004
-# define B_ASN1_TELETEXSTRING    0x0004
-# define B_ASN1_VIDEOTEXSTRING   0x0008
-# define B_ASN1_IA5STRING        0x0010
-# define B_ASN1_GRAPHICSTRING    0x0020
-# define B_ASN1_ISO64STRING      0x0040
-# define B_ASN1_VISIBLESTRING    0x0040
-# define B_ASN1_GENERALSTRING    0x0080
-# define B_ASN1_UNIVERSALSTRING  0x0100
-# define B_ASN1_OCTET_STRING     0x0200
-# define B_ASN1_BIT_STRING       0x0400
-# define B_ASN1_BMPSTRING        0x0800
-# define B_ASN1_UNKNOWN          0x1000
-# define B_ASN1_UTF8STRING       0x2000
-# define B_ASN1_UTCTIME          0x4000
-# define B_ASN1_GENERALIZEDTIME  0x8000
-# define B_ASN1_SEQUENCE         0x10000
-/* For use with ASN1_mbstring_copy() */
-# define MBSTRING_FLAG           0x1000
-# define MBSTRING_UTF8           (MBSTRING_FLAG)
-# define MBSTRING_ASC            (MBSTRING_FLAG|1)
-# define MBSTRING_BMP            (MBSTRING_FLAG|2)
-# define MBSTRING_UNIV           (MBSTRING_FLAG|4)
-# define SMIME_OLDMIME           0x400
-# define SMIME_CRLFEOL           0x800
-# define SMIME_STREAM            0x1000
-    struct X509_algor_st;
-DECLARE_STACK_OF(X509_ALGOR)
-
-# define DECLARE_ASN1_SET_OF(type)/* filled in by mkstack.pl */
-# define IMPLEMENT_ASN1_SET_OF(type)/* nothing, no longer needed */
-
-/*
- * We MUST make sure that, except for constness, asn1_ctx_st and
- * asn1_const_ctx are exactly the same.  Fortunately, as soon as the old ASN1
- * parsing macros are gone, we can throw this away as well...
- */
-typedef struct asn1_ctx_st {
-    unsigned char *p;           /* work char pointer */
-    int eos;                    /* end of sequence read for indefinite
-                                 * encoding */
-    int error;                  /* error code to use when returning an error */
-    int inf;                    /* constructed if 0x20, indefinite is 0x21 */
-    int tag;                    /* tag from last 'get object' */
-    int xclass;                 /* class from last 'get object' */
-    long slen;                  /* length of last 'get object' */
-    unsigned char *max;         /* largest value of p allowed */
-    unsigned char *q;           /* temporary variable */
-    unsigned char **pp;         /* variable */
-    int line;                   /* used in error processing */
-} ASN1_CTX;
-
-typedef struct asn1_const_ctx_st {
-    const unsigned char *p;     /* work char pointer */
-    int eos;                    /* end of sequence read for indefinite
-                                 * encoding */
-    int error;                  /* error code to use when returning an error */
-    int inf;                    /* constructed if 0x20, indefinite is 0x21 */
-    int tag;                    /* tag from last 'get object' */
-    int xclass;                 /* class from last 'get object' */
-    long slen;                  /* length of last 'get object' */
-    const unsigned char *max;   /* largest value of p allowed */
-    const unsigned char *q;     /* temporary variable */
-    const unsigned char **pp;   /* variable */
-    int line;                   /* used in error processing */
-} ASN1_const_CTX;
-
-/*
- * These are used internally in the ASN1_OBJECT to keep track of whether the
- * names and data need to be free()ed
- */
-# define ASN1_OBJECT_FLAG_DYNAMIC         0x01/* internal use */
-# define ASN1_OBJECT_FLAG_CRITICAL        0x02/* critical x509v3 object id */
-# define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04/* internal use */
-# define ASN1_OBJECT_FLAG_DYNAMIC_DATA    0x08/* internal use */
-struct asn1_object_st {
-    const char *sn, *ln;
-    int nid;
-    int length;
-    const unsigned char *data;  /* data remains const after init */
-    int flags;                  /* Should we free this one */
-};
-
-# define ASN1_STRING_FLAG_BITS_LEFT 0x08/* Set if 0x07 has bits left value */
-/*
- * This indicates that the ASN1_STRING is not a real value but just a place
- * holder for the location where indefinite length constructed data should be
- * inserted in the memory buffer
- */
-# define ASN1_STRING_FLAG_NDEF 0x010
-
-/*
- * This flag is used by the CMS code to indicate that a string is not
- * complete and is a place holder for content when it had all been accessed.
- * The flag will be reset when content has been written to it.
- */
-
-# define ASN1_STRING_FLAG_CONT 0x020
-/*
- * This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING
- * type.
- */
-# define ASN1_STRING_FLAG_MSTRING 0x040
-/* This is the base type that holds just about everything :-) */
-struct asn1_string_st {
-    int length;
-    int type;
-    unsigned char *data;
-    /*
-     * The value of the following field depends on the type being held.  It
-     * is mostly being used for BIT_STRING so if the input data has a
-     * non-zero 'unused bits' value, it will be handled correctly
-     */
-    long flags;
-};
-
-/*
- * ASN1_ENCODING structure: this is used to save the received encoding of an
- * ASN1 type. This is useful to get round problems with invalid encodings
- * which can break signatures.
- */
-
-typedef struct ASN1_ENCODING_st {
-    unsigned char *enc;         /* DER encoding */
-    long len;                   /* Length of encoding */
-    int modified;               /* set to 1 if 'enc' is invalid */
-} ASN1_ENCODING;
-
-/* Used with ASN1 LONG type: if a long is set to this it is omitted */
-# define ASN1_LONG_UNDEF 0x7fffffffL
-
-# define STABLE_FLAGS_MALLOC     0x01
-# define STABLE_NO_MASK          0x02
-# define DIRSTRING_TYPE  \
- (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_BMPSTRING|B_ASN1_UTF8STRING)
-# define PKCS9STRING_TYPE (DIRSTRING_TYPE|B_ASN1_IA5STRING)
-
-typedef struct asn1_string_table_st {
-    int nid;
-    long minsize;
-    long maxsize;
-    unsigned long mask;
-    unsigned long flags;
-} ASN1_STRING_TABLE;
-
-DECLARE_STACK_OF(ASN1_STRING_TABLE)
-
-/* size limits: this stuff is taken straight from RFC2459 */
-
-# define ub_name                         32768
-# define ub_common_name                  64
-# define ub_locality_name                128
-# define ub_state_name                   128
-# define ub_organization_name            64
-# define ub_organization_unit_name       64
-# define ub_title                        64
-# define ub_email_address                128
-
-/*
- * Declarations for template structures: for full definitions see asn1t.h
- */
-typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE;
-typedef struct ASN1_TLC_st ASN1_TLC;
-/* This is just an opaque pointer */
-typedef struct ASN1_VALUE_st ASN1_VALUE;
-
-/* Declare ASN1 functions: the implement macro in in asn1t.h */
-
-# define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type)
-
-# define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \
-        DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, type)
-
-# define DECLARE_ASN1_FUNCTIONS_name(type, name) \
-        DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
-        DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name)
-
-# define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \
-        DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
-        DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name)
-
-# define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \
-        type *d2i_##name(type **a, const unsigned char **in, long len); \
-        int i2d_##name(type *a, unsigned char **out); \
-        DECLARE_ASN1_ITEM(itname)
-
-# define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \
-        type *d2i_##name(type **a, const unsigned char **in, long len); \
-        int i2d_##name(const type *a, unsigned char **out); \
-        DECLARE_ASN1_ITEM(name)
-
-# define DECLARE_ASN1_NDEF_FUNCTION(name) \
-        int i2d_##name##_NDEF(name *a, unsigned char **out);
-
-# define DECLARE_ASN1_FUNCTIONS_const(name) \
-        DECLARE_ASN1_ALLOC_FUNCTIONS(name) \
-        DECLARE_ASN1_ENCODE_FUNCTIONS_const(name, name)
-
-# define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
-        type *name##_new(void); \
-        void name##_free(type *a);
-
-# define DECLARE_ASN1_PRINT_FUNCTION(stname) \
-        DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname)
-
-# define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \
-        int fname##_print_ctx(BIO *out, stname *x, int indent, \
-                                         const ASN1_PCTX *pctx);
-
-# define D2I_OF(type) type *(*)(type **,const unsigned char **,long)
-# define I2D_OF(type) int (*)(type *,unsigned char **)
-# define I2D_OF_const(type) int (*)(const type *,unsigned char **)
-
-# define CHECKED_D2I_OF(type, d2i) \
-    ((d2i_of_void*) (1 ? d2i : ((D2I_OF(type))0)))
-# define CHECKED_I2D_OF(type, i2d) \
-    ((i2d_of_void*) (1 ? i2d : ((I2D_OF(type))0)))
-# define CHECKED_NEW_OF(type, xnew) \
-    ((void *(*)(void)) (1 ? xnew : ((type *(*)(void))0)))
-# define CHECKED_PTR_OF(type, p) \
-    ((void*) (1 ? p : (type*)0))
-# define CHECKED_PPTR_OF(type, p) \
-    ((void**) (1 ? p : (type**)0))
-
-# define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long)
-# define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **)
-# define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type)
-
-TYPEDEF_D2I2D_OF(void);
-
-/*-
- * The following macros and typedefs allow an ASN1_ITEM
- * to be embedded in a structure and referenced. Since
- * the ASN1_ITEM pointers need to be globally accessible
- * (possibly from shared libraries) they may exist in
- * different forms. On platforms that support it the
- * ASN1_ITEM structure itself will be globally exported.
- * Other platforms will export a function that returns
- * an ASN1_ITEM pointer.
- *
- * To handle both cases transparently the macros below
- * should be used instead of hard coding an ASN1_ITEM
- * pointer in a structure.
- *
- * The structure will look like this:
- *
- * typedef struct SOMETHING_st {
- *      ...
- *      ASN1_ITEM_EXP *iptr;
- *      ...
- * } SOMETHING;
- *
- * It would be initialised as e.g.:
- *
- * SOMETHING somevar = {...,ASN1_ITEM_ref(X509),...};
- *
- * and the actual pointer extracted with:
- *
- * const ASN1_ITEM *it = ASN1_ITEM_ptr(somevar.iptr);
- *
- * Finally an ASN1_ITEM pointer can be extracted from an
- * appropriate reference with: ASN1_ITEM_rptr(X509). This
- * would be used when a function takes an ASN1_ITEM * argument.
- *
- */
-
-# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
-
-/* ASN1_ITEM pointer exported type */
-typedef const ASN1_ITEM ASN1_ITEM_EXP;
-
-/* Macro to obtain ASN1_ITEM pointer from exported type */
-#  define ASN1_ITEM_ptr(iptr) (iptr)
-
-/* Macro to include ASN1_ITEM pointer from base type */
-#  define ASN1_ITEM_ref(iptr) (&(iptr##_it))
-
-#  define ASN1_ITEM_rptr(ref) (&(ref##_it))
-
-#  define DECLARE_ASN1_ITEM(name) \
-        OPENSSL_EXTERN const ASN1_ITEM name##_it;
-
-# else
-
-/*
- * Platforms that can't easily handle shared global variables are declared as
- * functions returning ASN1_ITEM pointers.
- */
-
-/* ASN1_ITEM pointer exported type */
-typedef const ASN1_ITEM *ASN1_ITEM_EXP (void);
-
-/* Macro to obtain ASN1_ITEM pointer from exported type */
-#  define ASN1_ITEM_ptr(iptr) (iptr())
-
-/* Macro to include ASN1_ITEM pointer from base type */
-#  define ASN1_ITEM_ref(iptr) (iptr##_it)
-
-#  define ASN1_ITEM_rptr(ref) (ref##_it())
-
-#  define DECLARE_ASN1_ITEM(name) \
-        const ASN1_ITEM * name##_it(void);
-
-# endif
-
-/* Parameters used by ASN1_STRING_print_ex() */
-
-/*
- * These determine which characters to escape: RFC2253 special characters,
- * control characters and MSB set characters
- */
-
-# define ASN1_STRFLGS_ESC_2253           1
-# define ASN1_STRFLGS_ESC_CTRL           2
-# define ASN1_STRFLGS_ESC_MSB            4
-
-/*
- * This flag determines how we do escaping: normally RC2253 backslash only,
- * set this to use backslash and quote.
- */
-
-# define ASN1_STRFLGS_ESC_QUOTE          8
-
-/* These three flags are internal use only. */
-
-/* Character is a valid PrintableString character */
-# define CHARTYPE_PRINTABLESTRING        0x10
-/* Character needs escaping if it is the first character */
-# define CHARTYPE_FIRST_ESC_2253         0x20
-/* Character needs escaping if it is the last character */
-# define CHARTYPE_LAST_ESC_2253          0x40
-
-/*
- * NB the internal flags are safely reused below by flags handled at the top
- * level.
- */
-
-/*
- * If this is set we convert all character strings to UTF8 first
- */
-
-# define ASN1_STRFLGS_UTF8_CONVERT       0x10
-
-/*
- * If this is set we don't attempt to interpret content: just assume all
- * strings are 1 byte per character. This will produce some pretty odd
- * looking output!
- */
-
-# define ASN1_STRFLGS_IGNORE_TYPE        0x20
-
-/* If this is set we include the string type in the output */
-# define ASN1_STRFLGS_SHOW_TYPE          0x40
-
-/*
- * This determines which strings to display and which to 'dump' (hex dump of
- * content octets or DER encoding). We can only dump non character strings or
- * everything. If we don't dump 'unknown' they are interpreted as character
- * strings with 1 octet per character and are subject to the usual escaping
- * options.
- */
-
-# define ASN1_STRFLGS_DUMP_ALL           0x80
-# define ASN1_STRFLGS_DUMP_UNKNOWN       0x100
-
-/*
- * These determine what 'dumping' does, we can dump the content octets or the
- * DER encoding: both use the RFC2253 #XXXXX notation.
- */
-
-# define ASN1_STRFLGS_DUMP_DER           0x200
-
-/*
- * All the string flags consistent with RFC2253, escaping control characters
- * isn't essential in RFC2253 but it is advisable anyway.
- */
-
-# define ASN1_STRFLGS_RFC2253    (ASN1_STRFLGS_ESC_2253 | \
-                                ASN1_STRFLGS_ESC_CTRL | \
-                                ASN1_STRFLGS_ESC_MSB | \
-                                ASN1_STRFLGS_UTF8_CONVERT | \
-                                ASN1_STRFLGS_DUMP_UNKNOWN | \
-                                ASN1_STRFLGS_DUMP_DER)
-
-DECLARE_STACK_OF(ASN1_INTEGER)
-DECLARE_ASN1_SET_OF(ASN1_INTEGER)
-
-DECLARE_STACK_OF(ASN1_GENERALSTRING)
-
-typedef struct asn1_type_st {
-    int type;
-    union {
-        char *ptr;
-        ASN1_BOOLEAN boolean;
-        ASN1_STRING *asn1_string;
-        ASN1_OBJECT *object;
-        ASN1_INTEGER *integer;
-        ASN1_ENUMERATED *enumerated;
-        ASN1_BIT_STRING *bit_string;
-        ASN1_OCTET_STRING *octet_string;
-        ASN1_PRINTABLESTRING *printablestring;
-        ASN1_T61STRING *t61string;
-        ASN1_IA5STRING *ia5string;
-        ASN1_GENERALSTRING *generalstring;
-        ASN1_BMPSTRING *bmpstring;
-        ASN1_UNIVERSALSTRING *universalstring;
-        ASN1_UTCTIME *utctime;
-        ASN1_GENERALIZEDTIME *generalizedtime;
-        ASN1_VISIBLESTRING *visiblestring;
-        ASN1_UTF8STRING *utf8string;
-        /*
-         * set and sequence are left complete and still contain the set or
-         * sequence bytes
-         */
-        ASN1_STRING *set;
-        ASN1_STRING *sequence;
-        ASN1_VALUE *asn1_value;
-    } value;
-} ASN1_TYPE;
-
-DECLARE_STACK_OF(ASN1_TYPE)
-DECLARE_ASN1_SET_OF(ASN1_TYPE)
-
-typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY;
-
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY)
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SET_ANY)
-
-typedef struct NETSCAPE_X509_st {
-    ASN1_OCTET_STRING *header;
-    X509 *cert;
-} NETSCAPE_X509;
-
-/* This is used to contain a list of bit names */
-typedef struct BIT_STRING_BITNAME_st {
-    int bitnum;
-    const char *lname;
-    const char *sname;
-} BIT_STRING_BITNAME;
-
-# define M_ASN1_STRING_length(x) ((x)->length)
-# define M_ASN1_STRING_length_set(x, n)  ((x)->length = (n))
-# define M_ASN1_STRING_type(x)   ((x)->type)
-# define M_ASN1_STRING_data(x)   ((x)->data)
-
-/* Macros for string operations */
-# define M_ASN1_BIT_STRING_new() (ASN1_BIT_STRING *)\
-                ASN1_STRING_type_new(V_ASN1_BIT_STRING)
-# define M_ASN1_BIT_STRING_free(a)       ASN1_STRING_free((ASN1_STRING *)a)
-# define M_ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\
-                ASN1_STRING_dup((const ASN1_STRING *)a)
-# define M_ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\
-                (const ASN1_STRING *)a,(const ASN1_STRING *)b)
-# define M_ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
-
-# define M_ASN1_INTEGER_new()    (ASN1_INTEGER *)\
-                ASN1_STRING_type_new(V_ASN1_INTEGER)
-# define M_ASN1_INTEGER_free(a)          ASN1_STRING_free((ASN1_STRING *)a)
-# define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)\
-                ASN1_STRING_dup((const ASN1_STRING *)a)
-# define M_ASN1_INTEGER_cmp(a,b) ASN1_STRING_cmp(\
-                (const ASN1_STRING *)a,(const ASN1_STRING *)b)
-
-# define M_ASN1_ENUMERATED_new() (ASN1_ENUMERATED *)\
-                ASN1_STRING_type_new(V_ASN1_ENUMERATED)
-# define M_ASN1_ENUMERATED_free(a)       ASN1_STRING_free((ASN1_STRING *)a)
-# define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)\
-                ASN1_STRING_dup((const ASN1_STRING *)a)
-# define M_ASN1_ENUMERATED_cmp(a,b)      ASN1_STRING_cmp(\
-                (const ASN1_STRING *)a,(const ASN1_STRING *)b)
-
-# define M_ASN1_OCTET_STRING_new()       (ASN1_OCTET_STRING *)\
-                ASN1_STRING_type_new(V_ASN1_OCTET_STRING)
-# define M_ASN1_OCTET_STRING_free(a)     ASN1_STRING_free((ASN1_STRING *)a)
-# define M_ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\
-                ASN1_STRING_dup((const ASN1_STRING *)a)
-# define M_ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\
-                (const ASN1_STRING *)a,(const ASN1_STRING *)b)
-# define M_ASN1_OCTET_STRING_set(a,b,c)  ASN1_STRING_set((ASN1_STRING *)a,b,c)
-# define M_ASN1_OCTET_STRING_print(a,b)  ASN1_STRING_print(a,(ASN1_STRING *)b)
-# define M_i2d_ASN1_OCTET_STRING(a,pp) \
-                i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_OCTET_STRING,\
-                V_ASN1_UNIVERSAL)
-
-# define B_ASN1_TIME \
-                        B_ASN1_UTCTIME | \
-                        B_ASN1_GENERALIZEDTIME
-
-# define B_ASN1_PRINTABLE \
-                        B_ASN1_NUMERICSTRING| \
-                        B_ASN1_PRINTABLESTRING| \
-                        B_ASN1_T61STRING| \
-                        B_ASN1_IA5STRING| \
-                        B_ASN1_BIT_STRING| \
-                        B_ASN1_UNIVERSALSTRING|\
-                        B_ASN1_BMPSTRING|\
-                        B_ASN1_UTF8STRING|\
-                        B_ASN1_SEQUENCE|\
-                        B_ASN1_UNKNOWN
-
-# define B_ASN1_DIRECTORYSTRING \
-                        B_ASN1_PRINTABLESTRING| \
-                        B_ASN1_TELETEXSTRING|\
-                        B_ASN1_BMPSTRING|\
-                        B_ASN1_UNIVERSALSTRING|\
-                        B_ASN1_UTF8STRING
-
-# define B_ASN1_DISPLAYTEXT \
-                        B_ASN1_IA5STRING| \
-                        B_ASN1_VISIBLESTRING| \
-                        B_ASN1_BMPSTRING|\
-                        B_ASN1_UTF8STRING
-
-# define M_ASN1_PRINTABLE_new()  ASN1_STRING_type_new(V_ASN1_T61STRING)
-# define M_ASN1_PRINTABLE_free(a)        ASN1_STRING_free((ASN1_STRING *)a)
-# define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
-                pp,a->type,V_ASN1_UNIVERSAL)
-# define M_d2i_ASN1_PRINTABLE(a,pp,l) \
-                d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
-                        B_ASN1_PRINTABLE)
-
-# define M_DIRECTORYSTRING_new() ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
-# define M_DIRECTORYSTRING_free(a)       ASN1_STRING_free((ASN1_STRING *)a)
-# define M_i2d_DIRECTORYSTRING(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
-                                                pp,a->type,V_ASN1_UNIVERSAL)
-# define M_d2i_DIRECTORYSTRING(a,pp,l) \
-                d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
-                        B_ASN1_DIRECTORYSTRING)
-
-# define M_DISPLAYTEXT_new() ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
-# define M_DISPLAYTEXT_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-# define M_i2d_DISPLAYTEXT(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
-                                                pp,a->type,V_ASN1_UNIVERSAL)
-# define M_d2i_DISPLAYTEXT(a,pp,l) \
-                d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
-                        B_ASN1_DISPLAYTEXT)
-
-# define M_ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING *)\
-                ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
-# define M_ASN1_PRINTABLESTRING_free(a)  ASN1_STRING_free((ASN1_STRING *)a)
-# define M_i2d_ASN1_PRINTABLESTRING(a,pp) \
-                i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_PRINTABLESTRING,\
-                V_ASN1_UNIVERSAL)
-# define M_d2i_ASN1_PRINTABLESTRING(a,pp,l) \
-                (ASN1_PRINTABLESTRING *)d2i_ASN1_type_bytes\
-                ((ASN1_STRING **)a,pp,l,B_ASN1_PRINTABLESTRING)
-
-# define M_ASN1_T61STRING_new()  (ASN1_T61STRING *)\
-                ASN1_STRING_type_new(V_ASN1_T61STRING)
-# define M_ASN1_T61STRING_free(a)        ASN1_STRING_free((ASN1_STRING *)a)
-# define M_i2d_ASN1_T61STRING(a,pp) \
-                i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_T61STRING,\
-                V_ASN1_UNIVERSAL)
-# define M_d2i_ASN1_T61STRING(a,pp,l) \
-                (ASN1_T61STRING *)d2i_ASN1_type_bytes\
-                ((ASN1_STRING **)a,pp,l,B_ASN1_T61STRING)
-
-# define M_ASN1_IA5STRING_new()  (ASN1_IA5STRING *)\
-                ASN1_STRING_type_new(V_ASN1_IA5STRING)
-# define M_ASN1_IA5STRING_free(a)        ASN1_STRING_free((ASN1_STRING *)a)
-# define M_ASN1_IA5STRING_dup(a) \
-                (ASN1_IA5STRING *)ASN1_STRING_dup((const ASN1_STRING *)a)
-# define M_i2d_ASN1_IA5STRING(a,pp) \
-                i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\
-                        V_ASN1_UNIVERSAL)
-# define M_d2i_ASN1_IA5STRING(a,pp,l) \
-                (ASN1_IA5STRING *)d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l,\
-                        B_ASN1_IA5STRING)
-
-# define M_ASN1_UTCTIME_new()    (ASN1_UTCTIME *)\
-                ASN1_STRING_type_new(V_ASN1_UTCTIME)
-# define M_ASN1_UTCTIME_free(a)  ASN1_STRING_free((ASN1_STRING *)a)
-# define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)\
-                ASN1_STRING_dup((const ASN1_STRING *)a)
-
-# define M_ASN1_GENERALIZEDTIME_new()    (ASN1_GENERALIZEDTIME *)\
-                ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME)
-# define M_ASN1_GENERALIZEDTIME_free(a)  ASN1_STRING_free((ASN1_STRING *)a)
-# define M_ASN1_GENERALIZEDTIME_dup(a) (ASN1_GENERALIZEDTIME *)ASN1_STRING_dup(\
-        (const ASN1_STRING *)a)
-
-# define M_ASN1_TIME_new()       (ASN1_TIME *)\
-                ASN1_STRING_type_new(V_ASN1_UTCTIME)
-# define M_ASN1_TIME_free(a)     ASN1_STRING_free((ASN1_STRING *)a)
-# define M_ASN1_TIME_dup(a) (ASN1_TIME *)\
-        ASN1_STRING_dup((const ASN1_STRING *)a)
-
-# define M_ASN1_GENERALSTRING_new()      (ASN1_GENERALSTRING *)\
-                ASN1_STRING_type_new(V_ASN1_GENERALSTRING)
-# define M_ASN1_GENERALSTRING_free(a)    ASN1_STRING_free((ASN1_STRING *)a)
-# define M_i2d_ASN1_GENERALSTRING(a,pp) \
-                i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_GENERALSTRING,\
-                        V_ASN1_UNIVERSAL)
-# define M_d2i_ASN1_GENERALSTRING(a,pp,l) \
-                (ASN1_GENERALSTRING *)d2i_ASN1_type_bytes\
-                ((ASN1_STRING **)a,pp,l,B_ASN1_GENERALSTRING)
-
-# define M_ASN1_UNIVERSALSTRING_new()    (ASN1_UNIVERSALSTRING *)\
-                ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING)
-# define M_ASN1_UNIVERSALSTRING_free(a)  ASN1_STRING_free((ASN1_STRING *)a)
-# define M_i2d_ASN1_UNIVERSALSTRING(a,pp) \
-                i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UNIVERSALSTRING,\
-                        V_ASN1_UNIVERSAL)
-# define M_d2i_ASN1_UNIVERSALSTRING(a,pp,l) \
-                (ASN1_UNIVERSALSTRING *)d2i_ASN1_type_bytes\
-                ((ASN1_STRING **)a,pp,l,B_ASN1_UNIVERSALSTRING)
-
-# define M_ASN1_BMPSTRING_new()  (ASN1_BMPSTRING *)\
-                ASN1_STRING_type_new(V_ASN1_BMPSTRING)
-# define M_ASN1_BMPSTRING_free(a)        ASN1_STRING_free((ASN1_STRING *)a)
-# define M_i2d_ASN1_BMPSTRING(a,pp) \
-                i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_BMPSTRING,\
-                        V_ASN1_UNIVERSAL)
-# define M_d2i_ASN1_BMPSTRING(a,pp,l) \
-                (ASN1_BMPSTRING *)d2i_ASN1_type_bytes\
-                ((ASN1_STRING **)a,pp,l,B_ASN1_BMPSTRING)
-
-# define M_ASN1_VISIBLESTRING_new()      (ASN1_VISIBLESTRING *)\
-                ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
-# define M_ASN1_VISIBLESTRING_free(a)    ASN1_STRING_free((ASN1_STRING *)a)
-# define M_i2d_ASN1_VISIBLESTRING(a,pp) \
-                i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_VISIBLESTRING,\
-                        V_ASN1_UNIVERSAL)
-# define M_d2i_ASN1_VISIBLESTRING(a,pp,l) \
-                (ASN1_VISIBLESTRING *)d2i_ASN1_type_bytes\
-                ((ASN1_STRING **)a,pp,l,B_ASN1_VISIBLESTRING)
-
-# define M_ASN1_UTF8STRING_new() (ASN1_UTF8STRING *)\
-                ASN1_STRING_type_new(V_ASN1_UTF8STRING)
-# define M_ASN1_UTF8STRING_free(a)       ASN1_STRING_free((ASN1_STRING *)a)
-# define M_i2d_ASN1_UTF8STRING(a,pp) \
-                i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UTF8STRING,\
-                        V_ASN1_UNIVERSAL)
-# define M_d2i_ASN1_UTF8STRING(a,pp,l) \
-                (ASN1_UTF8STRING *)d2i_ASN1_type_bytes\
-                ((ASN1_STRING **)a,pp,l,B_ASN1_UTF8STRING)
-
-  /* for the is_set parameter to i2d_ASN1_SET */
-# define IS_SEQUENCE     0
-# define IS_SET          1
-
-DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
-
-int ASN1_TYPE_get(ASN1_TYPE *a);
-void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
-int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
-int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
-
-ASN1_OBJECT *ASN1_OBJECT_new(void);
-void ASN1_OBJECT_free(ASN1_OBJECT *a);
-int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp);
-ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
-                             long length);
-ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
-                             long length);
-
-DECLARE_ASN1_ITEM(ASN1_OBJECT)
-
-DECLARE_STACK_OF(ASN1_OBJECT)
-DECLARE_ASN1_SET_OF(ASN1_OBJECT)
-
-ASN1_STRING *ASN1_STRING_new(void);
-void ASN1_STRING_free(ASN1_STRING *a);
-void ASN1_STRING_clear_free(ASN1_STRING *a);
-int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str);
-ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *a);
-ASN1_STRING *ASN1_STRING_type_new(int type);
-int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b);
-  /*
-   * Since this is used to store all sorts of things, via macros, for now,
-   * make its data void *
-   */
-int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
-void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len);
-int ASN1_STRING_length(const ASN1_STRING *x);
-void ASN1_STRING_length_set(ASN1_STRING *x, int n);
-int ASN1_STRING_type(ASN1_STRING *x);
-unsigned char *ASN1_STRING_data(ASN1_STRING *x);
-
-DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING)
-int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp);
-ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
-                                     const unsigned char **pp, long length);
-int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, int length);
-int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value);
-int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n);
-int ASN1_BIT_STRING_check(ASN1_BIT_STRING *a,
-                          unsigned char *flags, int flags_len);
-
-# ifndef OPENSSL_NO_BIO
-int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
-                               BIT_STRING_BITNAME *tbl, int indent);
-# endif
-int ASN1_BIT_STRING_num_asc(char *name, BIT_STRING_BITNAME *tbl);
-int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value,
-                            BIT_STRING_BITNAME *tbl);
-
-int i2d_ASN1_BOOLEAN(int a, unsigned char **pp);
-int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length);
-
-DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER)
-int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp);
-ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
-                               long length);
-ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
-                                long length);
-ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x);
-int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y);
-
-DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED)
-
-int ASN1_UTCTIME_check(const ASN1_UTCTIME *a);
-ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
-ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
-                               int offset_day, long offset_sec);
-int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
-int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
-# if 0
-time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s);
-# endif
-
-int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *a);
-ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
-                                               time_t t);
-ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
-                                               time_t t, int offset_day,
-                                               long offset_sec);
-int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str);
-int ASN1_TIME_diff(int *pday, int *psec,
-                   const ASN1_TIME *from, const ASN1_TIME *to);
-
-DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
-ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *a);
-int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a,
-                          const ASN1_OCTET_STRING *b);
-int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data,
-                          int len);
-
-DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_UTF8STRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_NULL)
-DECLARE_ASN1_FUNCTIONS(ASN1_BMPSTRING)
-
-int UTF8_getc(const unsigned char *str, int len, unsigned long *val);
-int UTF8_putc(unsigned char *str, int len, unsigned long value);
-
-DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE)
-
-DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING)
-DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT)
-DECLARE_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_T61STRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_IA5STRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_GENERALSTRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME)
-DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
-DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
-
-DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF)
-
-ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
-ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t,
-                         int offset_day, long offset_sec);
-int ASN1_TIME_check(ASN1_TIME *t);
-ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME
-                                                   **out);
-int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
-
-int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp,
-                 i2d_of_void *i2d, int ex_tag, int ex_class, int is_set);
-STACK_OF(OPENSSL_BLOCK) *d2i_ASN1_SET(STACK_OF(OPENSSL_BLOCK) **a,
-                                      const unsigned char **pp,
-                                      long length, d2i_of_void *d2i,
-                                      void (*free_func) (OPENSSL_BLOCK),
-                                      int ex_tag, int ex_class);
-
-# ifndef OPENSSL_NO_BIO
-int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
-int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size);
-int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a);
-int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size);
-int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a);
-int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size);
-int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type);
-# endif
-int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a);
-
-int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num);
-ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
-                                const char *sn, const char *ln);
-
-int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
-long ASN1_INTEGER_get(const ASN1_INTEGER *a);
-ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
-BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
-
-int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
-long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a);
-ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
-BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn);
-
-/* General */
-/* given a string, return the correct type, max is the maximum length */
-int ASN1_PRINTABLE_type(const unsigned char *s, int max);
-
-int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass);
-ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
-                            long length, int Ptag, int Pclass);
-unsigned long ASN1_tag2bit(int tag);
-/* type is one or more of the B_ASN1_ values. */
-ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp,
-                                 long length, int type);
-
-/* PARSING */
-int asn1_Finish(ASN1_CTX *c);
-int asn1_const_Finish(ASN1_const_CTX *c);
-
-/* SPECIALS */
-int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
-                    int *pclass, long omax);
-int ASN1_check_infinite_end(unsigned char **p, long len);
-int ASN1_const_check_infinite_end(const unsigned char **p, long len);
-void ASN1_put_object(unsigned char **pp, int constructed, int length,
-                     int tag, int xclass);
-int ASN1_put_eoc(unsigned char **pp);
-int ASN1_object_size(int constructed, int length, int tag);
-
-/* Used to implement other functions */
-void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x);
-
-# define ASN1_dup_of(type,i2d,d2i,x) \
-    ((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \
-                     CHECKED_D2I_OF(type, d2i), \
-                     CHECKED_PTR_OF(type, x)))
-
-# define ASN1_dup_of_const(type,i2d,d2i,x) \
-    ((type*)ASN1_dup(CHECKED_I2D_OF(const type, i2d), \
-                     CHECKED_D2I_OF(type, d2i), \
-                     CHECKED_PTR_OF(const type, x)))
-
-void *ASN1_item_dup(const ASN1_ITEM *it, void *x);
-
-/* ASN1 alloc/free macros for when a type is only used internally */
-
-# define M_ASN1_new_of(type) (type *)ASN1_item_new(ASN1_ITEM_rptr(type))
-# define M_ASN1_free_of(x, type) \
-                ASN1_item_free(CHECKED_PTR_OF(type, x), ASN1_ITEM_rptr(type))
-
-# ifndef OPENSSL_NO_FP_API
-void *ASN1_d2i_fp(void *(*xnew) (void), d2i_of_void *d2i, FILE *in, void **x);
-
-#  define ASN1_d2i_fp_of(type,xnew,d2i,in,x) \
-    ((type*)ASN1_d2i_fp(CHECKED_NEW_OF(type, xnew), \
-                        CHECKED_D2I_OF(type, d2i), \
-                        in, \
-                        CHECKED_PPTR_OF(type, x)))
-
-void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x);
-int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x);
-
-#  define ASN1_i2d_fp_of(type,i2d,out,x) \
-    (ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \
-                 out, \
-                 CHECKED_PTR_OF(type, x)))
-
-#  define ASN1_i2d_fp_of_const(type,i2d,out,x) \
-    (ASN1_i2d_fp(CHECKED_I2D_OF(const type, i2d), \
-                 out, \
-                 CHECKED_PTR_OF(const type, x)))
-
-int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x);
-int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags);
-# endif
-
-int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in);
-
-# ifndef OPENSSL_NO_BIO
-void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x);
-
-#  define ASN1_d2i_bio_of(type,xnew,d2i,in,x) \
-    ((type*)ASN1_d2i_bio( CHECKED_NEW_OF(type, xnew), \
-                          CHECKED_D2I_OF(type, d2i), \
-                          in, \
-                          CHECKED_PPTR_OF(type, x)))
-
-void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x);
-int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x);
-
-#  define ASN1_i2d_bio_of(type,i2d,out,x) \
-    (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \
-                  out, \
-                  CHECKED_PTR_OF(type, x)))
-
-#  define ASN1_i2d_bio_of_const(type,i2d,out,x) \
-    (ASN1_i2d_bio(CHECKED_I2D_OF(const type, i2d), \
-                  out, \
-                  CHECKED_PTR_OF(const type, x)))
-
-int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x);
-int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a);
-int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a);
-int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a);
-int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v);
-int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags);
-int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
-                  unsigned char *buf, int off);
-int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent);
-int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent,
-                    int dump);
-# endif
-const char *ASN1_tag2str(int tag);
-
-/* Used to load and write netscape format cert */
-
-DECLARE_ASN1_FUNCTIONS(NETSCAPE_X509)
-
-int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
-
-int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len);
-int ASN1_TYPE_get_octetstring(ASN1_TYPE *a, unsigned char *data, int max_len);
-int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num,
-                                  unsigned char *data, int len);
-int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num,
-                                  unsigned char *data, int max_len);
-
-STACK_OF(OPENSSL_BLOCK) *ASN1_seq_unpack(const unsigned char *buf, int len,
-                                         d2i_of_void *d2i,
-                                         void (*free_func) (OPENSSL_BLOCK));
-unsigned char *ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d,
-                             unsigned char **buf, int *len);
-void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i);
-void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it);
-ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d,
-                              ASN1_OCTET_STRING **oct);
-
-# define ASN1_pack_string_of(type,obj,i2d,oct) \
-    (ASN1_pack_string(CHECKED_PTR_OF(type, obj), \
-                      CHECKED_I2D_OF(type, i2d), \
-                      oct))
-
-ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it,
-                            ASN1_OCTET_STRING **oct);
-
-void ASN1_STRING_set_default_mask(unsigned long mask);
-int ASN1_STRING_set_default_mask_asc(const char *p);
-unsigned long ASN1_STRING_get_default_mask(void);
-int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
-                       int inform, unsigned long mask);
-int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
-                        int inform, unsigned long mask,
-                        long minsize, long maxsize);
-
-ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,
-                                    const unsigned char *in, int inlen,
-                                    int inform, int nid);
-ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid);
-int ASN1_STRING_TABLE_add(int, long, long, unsigned long, unsigned long);
-void ASN1_STRING_TABLE_cleanup(void);
-
-/* ASN1 template functions */
-
-/* Old API compatible functions */
-ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it);
-void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it);
-ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in,
-                          long len, const ASN1_ITEM *it);
-int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
-int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out,
-                       const ASN1_ITEM *it);
-
-void ASN1_add_oid_module(void);
-
-ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf);
-ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf);
-
-/* ASN1 Print flags */
-
-/* Indicate missing OPTIONAL fields */
-# define ASN1_PCTX_FLAGS_SHOW_ABSENT             0x001
-/* Mark start and end of SEQUENCE */
-# define ASN1_PCTX_FLAGS_SHOW_SEQUENCE           0x002
-/* Mark start and end of SEQUENCE/SET OF */
-# define ASN1_PCTX_FLAGS_SHOW_SSOF               0x004
-/* Show the ASN1 type of primitives */
-# define ASN1_PCTX_FLAGS_SHOW_TYPE               0x008
-/* Don't show ASN1 type of ANY */
-# define ASN1_PCTX_FLAGS_NO_ANY_TYPE             0x010
-/* Don't show ASN1 type of MSTRINGs */
-# define ASN1_PCTX_FLAGS_NO_MSTRING_TYPE         0x020
-/* Don't show field names in SEQUENCE */
-# define ASN1_PCTX_FLAGS_NO_FIELD_NAME           0x040
-/* Show structure names of each SEQUENCE field */
-# define ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME  0x080
-/* Don't show structure name even at top level */
-# define ASN1_PCTX_FLAGS_NO_STRUCT_NAME          0x100
-
-int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent,
-                    const ASN1_ITEM *it, const ASN1_PCTX *pctx);
-ASN1_PCTX *ASN1_PCTX_new(void);
-void ASN1_PCTX_free(ASN1_PCTX *p);
-unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p);
-void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags);
-unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p);
-void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags);
-unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p);
-void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags);
-unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p);
-void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags);
-unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p);
-void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags);
-
-BIO_METHOD *BIO_f_asn1(void);
-
-BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it);
-
-int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
-                        const ASN1_ITEM *it);
-int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
-                              const char *hdr, const ASN1_ITEM *it);
-int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
-                     int ctype_nid, int econt_nid,
-                     STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it);
-ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it);
-int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
-int SMIME_text(BIO *in, BIO *out);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_ASN1_strings(void);
-
-/* Error codes for the ASN1 functions. */
-
-/* Function codes. */
-# define ASN1_F_A2D_ASN1_OBJECT                           100
-# define ASN1_F_A2I_ASN1_ENUMERATED                       101
-# define ASN1_F_A2I_ASN1_INTEGER                          102
-# define ASN1_F_A2I_ASN1_STRING                           103
-# define ASN1_F_APPEND_EXP                                176
-# define ASN1_F_ASN1_BIT_STRING_SET_BIT                   183
-# define ASN1_F_ASN1_CB                                   177
-# define ASN1_F_ASN1_CHECK_TLEN                           104
-# define ASN1_F_ASN1_COLLATE_PRIMITIVE                    105
-# define ASN1_F_ASN1_COLLECT                              106
-# define ASN1_F_ASN1_D2I_EX_PRIMITIVE                     108
-# define ASN1_F_ASN1_D2I_FP                               109
-# define ASN1_F_ASN1_D2I_READ_BIO                         107
-# define ASN1_F_ASN1_DIGEST                               184
-# define ASN1_F_ASN1_DO_ADB                               110
-# define ASN1_F_ASN1_DUP                                  111
-# define ASN1_F_ASN1_ENUMERATED_SET                       112
-# define ASN1_F_ASN1_ENUMERATED_TO_BN                     113
-# define ASN1_F_ASN1_EX_C2I                               204
-# define ASN1_F_ASN1_FIND_END                             190
-# define ASN1_F_ASN1_GENERALIZEDTIME_ADJ                  216
-# define ASN1_F_ASN1_GENERALIZEDTIME_SET                  185
-# define ASN1_F_ASN1_GENERATE_V3                          178
-# define ASN1_F_ASN1_GET_OBJECT                           114
-# define ASN1_F_ASN1_HEADER_NEW                           115
-# define ASN1_F_ASN1_I2D_BIO                              116
-# define ASN1_F_ASN1_I2D_FP                               117
-# define ASN1_F_ASN1_INTEGER_SET                          118
-# define ASN1_F_ASN1_INTEGER_TO_BN                        119
-# define ASN1_F_ASN1_ITEM_D2I_FP                          206
-# define ASN1_F_ASN1_ITEM_DUP                             191
-# define ASN1_F_ASN1_ITEM_EX_COMBINE_NEW                  121
-# define ASN1_F_ASN1_ITEM_EX_D2I                          120
-# define ASN1_F_ASN1_ITEM_I2D_BIO                         192
-# define ASN1_F_ASN1_ITEM_I2D_FP                          193
-# define ASN1_F_ASN1_ITEM_PACK                            198
-# define ASN1_F_ASN1_ITEM_SIGN                            195
-# define ASN1_F_ASN1_ITEM_SIGN_CTX                        220
-# define ASN1_F_ASN1_ITEM_UNPACK                          199
-# define ASN1_F_ASN1_ITEM_VERIFY                          197
-# define ASN1_F_ASN1_MBSTRING_NCOPY                       122
-# define ASN1_F_ASN1_OBJECT_NEW                           123
-# define ASN1_F_ASN1_OUTPUT_DATA                          214
-# define ASN1_F_ASN1_PACK_STRING                          124
-# define ASN1_F_ASN1_PCTX_NEW                             205
-# define ASN1_F_ASN1_PKCS5_PBE_SET                        125
-# define ASN1_F_ASN1_SEQ_PACK                             126
-# define ASN1_F_ASN1_SEQ_UNPACK                           127
-# define ASN1_F_ASN1_SIGN                                 128
-# define ASN1_F_ASN1_STR2TYPE                             179
-# define ASN1_F_ASN1_STRING_SET                           186
-# define ASN1_F_ASN1_STRING_TABLE_ADD                     129
-# define ASN1_F_ASN1_STRING_TYPE_NEW                      130
-# define ASN1_F_ASN1_TEMPLATE_EX_D2I                      132
-# define ASN1_F_ASN1_TEMPLATE_NEW                         133
-# define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I                   131
-# define ASN1_F_ASN1_TIME_ADJ                             217
-# define ASN1_F_ASN1_TIME_SET                             175
-# define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING             134
-# define ASN1_F_ASN1_TYPE_GET_OCTETSTRING                 135
-# define ASN1_F_ASN1_UNPACK_STRING                        136
-# define ASN1_F_ASN1_UTCTIME_ADJ                          218
-# define ASN1_F_ASN1_UTCTIME_SET                          187
-# define ASN1_F_ASN1_VERIFY                               137
-# define ASN1_F_B64_READ_ASN1                             209
-# define ASN1_F_B64_WRITE_ASN1                            210
-# define ASN1_F_BIO_NEW_NDEF                              208
-# define ASN1_F_BITSTR_CB                                 180
-# define ASN1_F_BN_TO_ASN1_ENUMERATED                     138
-# define ASN1_F_BN_TO_ASN1_INTEGER                        139
-# define ASN1_F_C2I_ASN1_BIT_STRING                       189
-# define ASN1_F_C2I_ASN1_INTEGER                          194
-# define ASN1_F_C2I_ASN1_OBJECT                           196
-# define ASN1_F_COLLECT_DATA                              140
-# define ASN1_F_D2I_ASN1_BIT_STRING                       141
-# define ASN1_F_D2I_ASN1_BOOLEAN                          142
-# define ASN1_F_D2I_ASN1_BYTES                            143
-# define ASN1_F_D2I_ASN1_GENERALIZEDTIME                  144
-# define ASN1_F_D2I_ASN1_HEADER                           145
-# define ASN1_F_D2I_ASN1_INTEGER                          146
-# define ASN1_F_D2I_ASN1_OBJECT                           147
-# define ASN1_F_D2I_ASN1_SET                              148
-# define ASN1_F_D2I_ASN1_TYPE_BYTES                       149
-# define ASN1_F_D2I_ASN1_UINTEGER                         150
-# define ASN1_F_D2I_ASN1_UTCTIME                          151
-# define ASN1_F_D2I_AUTOPRIVATEKEY                        207
-# define ASN1_F_D2I_NETSCAPE_RSA                          152
-# define ASN1_F_D2I_NETSCAPE_RSA_2                        153
-# define ASN1_F_D2I_PRIVATEKEY                            154
-# define ASN1_F_D2I_PUBLICKEY                             155
-# define ASN1_F_D2I_RSA_NET                               200
-# define ASN1_F_D2I_RSA_NET_2                             201
-# define ASN1_F_D2I_X509                                  156
-# define ASN1_F_D2I_X509_CINF                             157
-# define ASN1_F_D2I_X509_PKEY                             159
-# define ASN1_F_I2D_ASN1_BIO_STREAM                       211
-# define ASN1_F_I2D_ASN1_SET                              188
-# define ASN1_F_I2D_ASN1_TIME                             160
-# define ASN1_F_I2D_DSA_PUBKEY                            161
-# define ASN1_F_I2D_EC_PUBKEY                             181
-# define ASN1_F_I2D_PRIVATEKEY                            163
-# define ASN1_F_I2D_PUBLICKEY                             164
-# define ASN1_F_I2D_RSA_NET                               162
-# define ASN1_F_I2D_RSA_PUBKEY                            165
-# define ASN1_F_LONG_C2I                                  166
-# define ASN1_F_OID_MODULE_INIT                           174
-# define ASN1_F_PARSE_TAGGING                             182
-# define ASN1_F_PKCS5_PBE2_SET_IV                         167
-# define ASN1_F_PKCS5_PBE_SET                             202
-# define ASN1_F_PKCS5_PBE_SET0_ALGOR                      215
-# define ASN1_F_PKCS5_PBKDF2_SET                          219
-# define ASN1_F_SMIME_READ_ASN1                           212
-# define ASN1_F_SMIME_TEXT                                213
-# define ASN1_F_X509_CINF_NEW                             168
-# define ASN1_F_X509_CRL_ADD0_REVOKED                     169
-# define ASN1_F_X509_INFO_NEW                             170
-# define ASN1_F_X509_NAME_ENCODE                          203
-# define ASN1_F_X509_NAME_EX_D2I                          158
-# define ASN1_F_X509_NAME_EX_NEW                          171
-# define ASN1_F_X509_NEW                                  172
-# define ASN1_F_X509_PKEY_NEW                             173
-
-/* Reason codes. */
-# define ASN1_R_ADDING_OBJECT                             171
-# define ASN1_R_ASN1_PARSE_ERROR                          203
-# define ASN1_R_ASN1_SIG_PARSE_ERROR                      204
-# define ASN1_R_AUX_ERROR                                 100
-# define ASN1_R_BAD_CLASS                                 101
-# define ASN1_R_BAD_OBJECT_HEADER                         102
-# define ASN1_R_BAD_PASSWORD_READ                         103
-# define ASN1_R_BAD_TAG                                   104
-# define ASN1_R_BMPSTRING_IS_WRONG_LENGTH                 214
-# define ASN1_R_BN_LIB                                    105
-# define ASN1_R_BOOLEAN_IS_WRONG_LENGTH                   106
-# define ASN1_R_BUFFER_TOO_SMALL                          107
-# define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER           108
-# define ASN1_R_CONTEXT_NOT_INITIALISED                   217
-# define ASN1_R_DATA_IS_WRONG                             109
-# define ASN1_R_DECODE_ERROR                              110
-# define ASN1_R_DECODING_ERROR                            111
-# define ASN1_R_DEPTH_EXCEEDED                            174
-# define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED         198
-# define ASN1_R_ENCODE_ERROR                              112
-# define ASN1_R_ERROR_GETTING_TIME                        173
-# define ASN1_R_ERROR_LOADING_SECTION                     172
-# define ASN1_R_ERROR_PARSING_SET_ELEMENT                 113
-# define ASN1_R_ERROR_SETTING_CIPHER_PARAMS               114
-# define ASN1_R_EXPECTING_AN_INTEGER                      115
-# define ASN1_R_EXPECTING_AN_OBJECT                       116
-# define ASN1_R_EXPECTING_A_BOOLEAN                       117
-# define ASN1_R_EXPECTING_A_TIME                          118
-# define ASN1_R_EXPLICIT_LENGTH_MISMATCH                  119
-# define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED              120
-# define ASN1_R_FIELD_MISSING                             121
-# define ASN1_R_FIRST_NUM_TOO_LARGE                       122
-# define ASN1_R_HEADER_TOO_LONG                           123
-# define ASN1_R_ILLEGAL_BITSTRING_FORMAT                  175
-# define ASN1_R_ILLEGAL_BOOLEAN                           176
-# define ASN1_R_ILLEGAL_CHARACTERS                        124
-# define ASN1_R_ILLEGAL_FORMAT                            177
-# define ASN1_R_ILLEGAL_HEX                               178
-# define ASN1_R_ILLEGAL_IMPLICIT_TAG                      179
-# define ASN1_R_ILLEGAL_INTEGER                           180
-# define ASN1_R_ILLEGAL_NESTED_TAGGING                    181
-# define ASN1_R_ILLEGAL_NULL                              125
-# define ASN1_R_ILLEGAL_NULL_VALUE                        182
-# define ASN1_R_ILLEGAL_OBJECT                            183
-# define ASN1_R_ILLEGAL_OPTIONAL_ANY                      126
-# define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE          170
-# define ASN1_R_ILLEGAL_TAGGED_ANY                        127
-# define ASN1_R_ILLEGAL_TIME_VALUE                        184
-# define ASN1_R_INTEGER_NOT_ASCII_FORMAT                  185
-# define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG                128
-# define ASN1_R_INVALID_BIT_STRING_BITS_LEFT              220
-# define ASN1_R_INVALID_BMPSTRING_LENGTH                  129
-# define ASN1_R_INVALID_DIGIT                             130
-# define ASN1_R_INVALID_MIME_TYPE                         205
-# define ASN1_R_INVALID_MODIFIER                          186
-# define ASN1_R_INVALID_NUMBER                            187
-# define ASN1_R_INVALID_OBJECT_ENCODING                   216
-# define ASN1_R_INVALID_SEPARATOR                         131
-# define ASN1_R_INVALID_TIME_FORMAT                       132
-# define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH            133
-# define ASN1_R_INVALID_UTF8STRING                        134
-# define ASN1_R_IV_TOO_LARGE                              135
-# define ASN1_R_LENGTH_ERROR                              136
-# define ASN1_R_LIST_ERROR                                188
-# define ASN1_R_MIME_NO_CONTENT_TYPE                      206
-# define ASN1_R_MIME_PARSE_ERROR                          207
-# define ASN1_R_MIME_SIG_PARSE_ERROR                      208
-# define ASN1_R_MISSING_EOC                               137
-# define ASN1_R_MISSING_SECOND_NUMBER                     138
-# define ASN1_R_MISSING_VALUE                             189
-# define ASN1_R_MSTRING_NOT_UNIVERSAL                     139
-# define ASN1_R_MSTRING_WRONG_TAG                         140
-# define ASN1_R_NESTED_ASN1_STRING                        197
-# define ASN1_R_NON_HEX_CHARACTERS                        141
-# define ASN1_R_NOT_ASCII_FORMAT                          190
-# define ASN1_R_NOT_ENOUGH_DATA                           142
-# define ASN1_R_NO_CONTENT_TYPE                           209
-# define ASN1_R_NO_DEFAULT_DIGEST                         201
-# define ASN1_R_NO_MATCHING_CHOICE_TYPE                   143
-# define ASN1_R_NO_MULTIPART_BODY_FAILURE                 210
-# define ASN1_R_NO_MULTIPART_BOUNDARY                     211
-# define ASN1_R_NO_SIG_CONTENT_TYPE                       212
-# define ASN1_R_NULL_IS_WRONG_LENGTH                      144
-# define ASN1_R_OBJECT_NOT_ASCII_FORMAT                   191
-# define ASN1_R_ODD_NUMBER_OF_CHARS                       145
-# define ASN1_R_PRIVATE_KEY_HEADER_MISSING                146
-# define ASN1_R_SECOND_NUMBER_TOO_LARGE                   147
-# define ASN1_R_SEQUENCE_LENGTH_MISMATCH                  148
-# define ASN1_R_SEQUENCE_NOT_CONSTRUCTED                  149
-# define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG              192
-# define ASN1_R_SHORT_LINE                                150
-# define ASN1_R_SIG_INVALID_MIME_TYPE                     213
-# define ASN1_R_STREAMING_NOT_SUPPORTED                   202
-# define ASN1_R_STRING_TOO_LONG                           151
-# define ASN1_R_STRING_TOO_SHORT                          152
-# define ASN1_R_TAG_VALUE_TOO_HIGH                        153
-# define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154
-# define ASN1_R_TIME_NOT_ASCII_FORMAT                     193
-# define ASN1_R_TOO_LONG                                  155
-# define ASN1_R_TYPE_NOT_CONSTRUCTED                      156
-# define ASN1_R_TYPE_NOT_PRIMITIVE                        218
-# define ASN1_R_UNABLE_TO_DECODE_RSA_KEY                  157
-# define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY          158
-# define ASN1_R_UNEXPECTED_EOC                            159
-# define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH           215
-# define ASN1_R_UNKNOWN_FORMAT                            160
-# define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM          161
-# define ASN1_R_UNKNOWN_OBJECT_TYPE                       162
-# define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE                   163
-# define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM               199
-# define ASN1_R_UNKNOWN_TAG                               194
-# define ASN1_R_UNKOWN_FORMAT                             195
-# define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE           164
-# define ASN1_R_UNSUPPORTED_CIPHER                        165
-# define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM          166
-# define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE               167
-# define ASN1_R_UNSUPPORTED_TYPE                          196
-# define ASN1_R_WRONG_PUBLIC_KEY_TYPE                     200
-# define ASN1_R_WRONG_TAG                                 168
-# define ASN1_R_WRONG_TYPE                                169
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/asn1_mac.h b/thirdparty/openssl/openssl/asn1_mac.h
deleted file mode 100644
index abc6dc35ca..0000000000
--- a/thirdparty/openssl/openssl/asn1_mac.h
+++ /dev/null
@@ -1,579 +0,0 @@
-/* crypto/asn1/asn1_mac.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_ASN1_MAC_H
-# define HEADER_ASN1_MAC_H
-
-# include <openssl/asn1.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# ifndef ASN1_MAC_ERR_LIB
-#  define ASN1_MAC_ERR_LIB        ERR_LIB_ASN1
-# endif
-
-# define ASN1_MAC_H_err(f,r,line) \
-        ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),__FILE__,(line))
-
-# define M_ASN1_D2I_vars(a,type,func) \
-        ASN1_const_CTX c; \
-        type ret=NULL; \
-        \
-        c.pp=(const unsigned char **)pp; \
-        c.q= *(const unsigned char **)pp; \
-        c.error=ERR_R_NESTED_ASN1_ERROR; \
-        if ((a == NULL) || ((*a) == NULL)) \
-                { if ((ret=(type)func()) == NULL) \
-                        { c.line=__LINE__; goto err; } } \
-        else    ret=(*a);
-
-# define M_ASN1_D2I_Init() \
-        c.p= *(const unsigned char **)pp; \
-        c.max=(length == 0)?0:(c.p+length);
-
-# define M_ASN1_D2I_Finish_2(a) \
-        if (!asn1_const_Finish(&c)) \
-                { c.line=__LINE__; goto err; } \
-        *(const unsigned char **)pp=c.p; \
-        if (a != NULL) (*a)=ret; \
-        return(ret);
-
-# define M_ASN1_D2I_Finish(a,func,e) \
-        M_ASN1_D2I_Finish_2(a); \
-err:\
-        ASN1_MAC_H_err((e),c.error,c.line); \
-        asn1_add_error(*(const unsigned char **)pp,(int)(c.q- *pp)); \
-        if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
-        return(NULL)
-
-# define M_ASN1_D2I_start_sequence() \
-        if (!asn1_GetSequence(&c,&length)) \
-                { c.line=__LINE__; goto err; }
-/* Begin reading ASN1 without a surrounding sequence */
-# define M_ASN1_D2I_begin() \
-        c.slen = length;
-
-/* End reading ASN1 with no check on length */
-# define M_ASN1_D2I_Finish_nolen(a, func, e) \
-        *pp=c.p; \
-        if (a != NULL) (*a)=ret; \
-        return(ret); \
-err:\
-        ASN1_MAC_H_err((e),c.error,c.line); \
-        asn1_add_error(*pp,(int)(c.q- *pp)); \
-        if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
-        return(NULL)
-
-# define M_ASN1_D2I_end_sequence() \
-        (((c.inf&1) == 0)?(c.slen <= 0): \
-                (c.eos=ASN1_const_check_infinite_end(&c.p,c.slen)))
-
-/* Don't use this with d2i_ASN1_BOOLEAN() */
-# define M_ASN1_D2I_get(b, func) \
-        c.q=c.p; \
-        if (func(&(b),&c.p,c.slen) == NULL) \
-                {c.line=__LINE__; goto err; } \
-        c.slen-=(c.p-c.q);
-
-/* Don't use this with d2i_ASN1_BOOLEAN() */
-# define M_ASN1_D2I_get_x(type,b,func) \
-        c.q=c.p; \
-        if (((D2I_OF(type))func)(&(b),&c.p,c.slen) == NULL) \
-                {c.line=__LINE__; goto err; } \
-        c.slen-=(c.p-c.q);
-
-/* use this instead () */
-# define M_ASN1_D2I_get_int(b,func) \
-        c.q=c.p; \
-        if (func(&(b),&c.p,c.slen) < 0) \
-                {c.line=__LINE__; goto err; } \
-        c.slen-=(c.p-c.q);
-
-# define M_ASN1_D2I_get_opt(b,func,type) \
-        if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
-                == (V_ASN1_UNIVERSAL|(type)))) \
-                { \
-                M_ASN1_D2I_get(b,func); \
-                }
-
-# define M_ASN1_D2I_get_int_opt(b,func,type) \
-        if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
-                == (V_ASN1_UNIVERSAL|(type)))) \
-                { \
-                M_ASN1_D2I_get_int(b,func); \
-                }
-
-# define M_ASN1_D2I_get_imp(b,func, type) \
-        M_ASN1_next=(_tmp& V_ASN1_CONSTRUCTED)|type; \
-        c.q=c.p; \
-        if (func(&(b),&c.p,c.slen) == NULL) \
-                {c.line=__LINE__; M_ASN1_next_prev = _tmp; goto err; } \
-        c.slen-=(c.p-c.q);\
-        M_ASN1_next_prev=_tmp;
-
-# define M_ASN1_D2I_get_IMP_opt(b,func,tag,type) \
-        if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == \
-                (V_ASN1_CONTEXT_SPECIFIC|(tag)))) \
-                { \
-                unsigned char _tmp = M_ASN1_next; \
-                M_ASN1_D2I_get_imp(b,func, type);\
-                }
-
-# define M_ASN1_D2I_get_set(r,func,free_func) \
-                M_ASN1_D2I_get_imp_set(r,func,free_func, \
-                        V_ASN1_SET,V_ASN1_UNIVERSAL);
-
-# define M_ASN1_D2I_get_set_type(type,r,func,free_func) \
-                M_ASN1_D2I_get_imp_set_type(type,r,func,free_func, \
-                        V_ASN1_SET,V_ASN1_UNIVERSAL);
-
-# define M_ASN1_D2I_get_set_opt(r,func,free_func) \
-        if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
-                V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
-                { M_ASN1_D2I_get_set(r,func,free_func); }
-
-# define M_ASN1_D2I_get_set_opt_type(type,r,func,free_func) \
-        if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
-                V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
-                { M_ASN1_D2I_get_set_type(type,r,func,free_func); }
-
-# define M_ASN1_I2D_len_SET_opt(a,f) \
-        if ((a != NULL) && (sk_num(a) != 0)) \
-                M_ASN1_I2D_len_SET(a,f);
-
-# define M_ASN1_I2D_put_SET_opt(a,f) \
-        if ((a != NULL) && (sk_num(a) != 0)) \
-                M_ASN1_I2D_put_SET(a,f);
-
-# define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
-        if ((a != NULL) && (sk_num(a) != 0)) \
-                M_ASN1_I2D_put_SEQUENCE(a,f);
-
-# define M_ASN1_I2D_put_SEQUENCE_opt_type(type,a,f) \
-        if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-                M_ASN1_I2D_put_SEQUENCE_type(type,a,f);
-
-# define M_ASN1_D2I_get_IMP_set_opt(b,func,free_func,tag) \
-        if ((c.slen != 0) && \
-                (M_ASN1_next == \
-                (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
-                { \
-                M_ASN1_D2I_get_imp_set(b,func,free_func,\
-                        tag,V_ASN1_CONTEXT_SPECIFIC); \
-                }
-
-# define M_ASN1_D2I_get_IMP_set_opt_type(type,b,func,free_func,tag) \
-        if ((c.slen != 0) && \
-                (M_ASN1_next == \
-                (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
-                { \
-                M_ASN1_D2I_get_imp_set_type(type,b,func,free_func,\
-                        tag,V_ASN1_CONTEXT_SPECIFIC); \
-                }
-
-# define M_ASN1_D2I_get_seq(r,func,free_func) \
-                M_ASN1_D2I_get_imp_set(r,func,free_func,\
-                        V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
-# define M_ASN1_D2I_get_seq_type(type,r,func,free_func) \
-                M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
-                                            V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
-
-# define M_ASN1_D2I_get_seq_opt(r,func,free_func) \
-        if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
-                V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
-                { M_ASN1_D2I_get_seq(r,func,free_func); }
-
-# define M_ASN1_D2I_get_seq_opt_type(type,r,func,free_func) \
-        if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
-                V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
-                { M_ASN1_D2I_get_seq_type(type,r,func,free_func); }
-
-# define M_ASN1_D2I_get_IMP_set(r,func,free_func,x) \
-                M_ASN1_D2I_get_imp_set(r,func,free_func,\
-                        x,V_ASN1_CONTEXT_SPECIFIC);
-
-# define M_ASN1_D2I_get_IMP_set_type(type,r,func,free_func,x) \
-                M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
-                        x,V_ASN1_CONTEXT_SPECIFIC);
-
-# define M_ASN1_D2I_get_imp_set(r,func,free_func,a,b) \
-        c.q=c.p; \
-        if (d2i_ASN1_SET(&(r),&c.p,c.slen,(char *(*)())func,\
-                (void (*)())free_func,a,b) == NULL) \
-                { c.line=__LINE__; goto err; } \
-        c.slen-=(c.p-c.q);
-
-# define M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,a,b) \
-        c.q=c.p; \
-        if (d2i_ASN1_SET_OF_##type(&(r),&c.p,c.slen,func,\
-                                   free_func,a,b) == NULL) \
-                { c.line=__LINE__; goto err; } \
-        c.slen-=(c.p-c.q);
-
-# define M_ASN1_D2I_get_set_strings(r,func,a,b) \
-        c.q=c.p; \
-        if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \
-                { c.line=__LINE__; goto err; } \
-        c.slen-=(c.p-c.q);
-
-# define M_ASN1_D2I_get_EXP_opt(r,func,tag) \
-        if ((c.slen != 0L) && (M_ASN1_next == \
-                (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
-                { \
-                int Tinf,Ttag,Tclass; \
-                long Tlen; \
-                \
-                c.q=c.p; \
-                Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
-                if (Tinf & 0x80) \
-                        { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
-                        c.line=__LINE__; goto err; } \
-                if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
-                                        Tlen = c.slen - (c.p - c.q) - 2; \
-                if (func(&(r),&c.p,Tlen) == NULL) \
-                        { c.line=__LINE__; goto err; } \
-                if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
-                        Tlen = c.slen - (c.p - c.q); \
-                        if(!ASN1_const_check_infinite_end(&c.p, Tlen)) \
-                                { c.error=ERR_R_MISSING_ASN1_EOS; \
-                                c.line=__LINE__; goto err; } \
-                }\
-                c.slen-=(c.p-c.q); \
-                }
-
-# define M_ASN1_D2I_get_EXP_set_opt(r,func,free_func,tag,b) \
-        if ((c.slen != 0) && (M_ASN1_next == \
-                (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
-                { \
-                int Tinf,Ttag,Tclass; \
-                long Tlen; \
-                \
-                c.q=c.p; \
-                Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
-                if (Tinf & 0x80) \
-                        { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
-                        c.line=__LINE__; goto err; } \
-                if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
-                                        Tlen = c.slen - (c.p - c.q) - 2; \
-                if (d2i_ASN1_SET(&(r),&c.p,Tlen,(char *(*)())func, \
-                        (void (*)())free_func, \
-                        b,V_ASN1_UNIVERSAL) == NULL) \
-                        { c.line=__LINE__; goto err; } \
-                if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
-                        Tlen = c.slen - (c.p - c.q); \
-                        if(!ASN1_check_infinite_end(&c.p, Tlen)) \
-                                { c.error=ERR_R_MISSING_ASN1_EOS; \
-                                c.line=__LINE__; goto err; } \
-                }\
-                c.slen-=(c.p-c.q); \
-                }
-
-# define M_ASN1_D2I_get_EXP_set_opt_type(type,r,func,free_func,tag,b) \
-        if ((c.slen != 0) && (M_ASN1_next == \
-                (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
-                { \
-                int Tinf,Ttag,Tclass; \
-                long Tlen; \
-                \
-                c.q=c.p; \
-                Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
-                if (Tinf & 0x80) \
-                        { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
-                        c.line=__LINE__; goto err; } \
-                if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
-                                        Tlen = c.slen - (c.p - c.q) - 2; \
-                if (d2i_ASN1_SET_OF_##type(&(r),&c.p,Tlen,func, \
-                        free_func,b,V_ASN1_UNIVERSAL) == NULL) \
-                        { c.line=__LINE__; goto err; } \
-                if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
-                        Tlen = c.slen - (c.p - c.q); \
-                        if(!ASN1_check_infinite_end(&c.p, Tlen)) \
-                                { c.error=ERR_R_MISSING_ASN1_EOS; \
-                                c.line=__LINE__; goto err; } \
-                }\
-                c.slen-=(c.p-c.q); \
-                }
-
-/* New macros */
-# define M_ASN1_New_Malloc(ret,type) \
-        if ((ret=(type *)OPENSSL_malloc(sizeof(type))) == NULL) \
-                { c.line=__LINE__; goto err2; }
-
-# define M_ASN1_New(arg,func) \
-        if (((arg)=func()) == NULL) return(NULL)
-
-# define M_ASN1_New_Error(a) \
-/*-     err:    ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \
-                return(NULL);*/ \
-        err2:   ASN1_MAC_H_err((a),ERR_R_MALLOC_FAILURE,c.line); \
-                return(NULL)
-
-/*
- * BIG UGLY WARNING! This is so damn ugly I wanna puke.  Unfortunately, some
- * macros that use ASN1_const_CTX still insist on writing in the input
- * stream.  ARGH! ARGH! ARGH! Let's get rid of this macro package. Please? --
- * Richard Levitte
- */
-# define M_ASN1_next             (*((unsigned char *)(c.p)))
-# define M_ASN1_next_prev        (*((unsigned char *)(c.q)))
-
-/*************************************************/
-
-# define M_ASN1_I2D_vars(a)      int r=0,ret=0; \
-                                unsigned char *p; \
-                                if (a == NULL) return(0)
-
-/* Length Macros */
-# define M_ASN1_I2D_len(a,f)     ret+=f(a,NULL)
-# define M_ASN1_I2D_len_IMP_opt(a,f)     if (a != NULL) M_ASN1_I2D_len(a,f)
-
-# define M_ASN1_I2D_len_SET(a,f) \
-                ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
-
-# define M_ASN1_I2D_len_SET_type(type,a,f) \
-                ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SET, \
-                                            V_ASN1_UNIVERSAL,IS_SET);
-
-# define M_ASN1_I2D_len_SEQUENCE(a,f) \
-                ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
-                                  IS_SEQUENCE);
-
-# define M_ASN1_I2D_len_SEQUENCE_type(type,a,f) \
-                ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SEQUENCE, \
-                                            V_ASN1_UNIVERSAL,IS_SEQUENCE)
-
-# define M_ASN1_I2D_len_SEQUENCE_opt(a,f) \
-                if ((a != NULL) && (sk_num(a) != 0)) \
-                        M_ASN1_I2D_len_SEQUENCE(a,f);
-
-# define M_ASN1_I2D_len_SEQUENCE_opt_type(type,a,f) \
-                if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-                        M_ASN1_I2D_len_SEQUENCE_type(type,a,f);
-
-# define M_ASN1_I2D_len_IMP_SET(a,f,x) \
-                ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET);
-
-# define M_ASN1_I2D_len_IMP_SET_type(type,a,f,x) \
-                ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
-                                            V_ASN1_CONTEXT_SPECIFIC,IS_SET);
-
-# define M_ASN1_I2D_len_IMP_SET_opt(a,f,x) \
-                if ((a != NULL) && (sk_num(a) != 0)) \
-                        ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
-                                          IS_SET);
-
-# define M_ASN1_I2D_len_IMP_SET_opt_type(type,a,f,x) \
-                if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-                        ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
-                                               V_ASN1_CONTEXT_SPECIFIC,IS_SET);
-
-# define M_ASN1_I2D_len_IMP_SEQUENCE(a,f,x) \
-                ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
-                                  IS_SEQUENCE);
-
-# define M_ASN1_I2D_len_IMP_SEQUENCE_opt(a,f,x) \
-                if ((a != NULL) && (sk_num(a) != 0)) \
-                        ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
-                                          IS_SEQUENCE);
-
-# define M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(type,a,f,x) \
-                if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-                        ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
-                                                    V_ASN1_CONTEXT_SPECIFIC, \
-                                                    IS_SEQUENCE);
-
-# define M_ASN1_I2D_len_EXP_opt(a,f,mtag,v) \
-                if (a != NULL)\
-                        { \
-                        v=f(a,NULL); \
-                        ret+=ASN1_object_size(1,v,mtag); \
-                        }
-
-# define M_ASN1_I2D_len_EXP_SET_opt(a,f,mtag,tag,v) \
-                if ((a != NULL) && (sk_num(a) != 0))\
-                        { \
-                        v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
-                        ret+=ASN1_object_size(1,v,mtag); \
-                        }
-
-# define M_ASN1_I2D_len_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
-                if ((a != NULL) && (sk_num(a) != 0))\
-                        { \
-                        v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL, \
-                                       IS_SEQUENCE); \
-                        ret+=ASN1_object_size(1,v,mtag); \
-                        }
-
-# define M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
-                if ((a != NULL) && (sk_##type##_num(a) != 0))\
-                        { \
-                        v=i2d_ASN1_SET_OF_##type(a,NULL,f,tag, \
-                                                 V_ASN1_UNIVERSAL, \
-                                                 IS_SEQUENCE); \
-                        ret+=ASN1_object_size(1,v,mtag); \
-                        }
-
-/* Put Macros */
-# define M_ASN1_I2D_put(a,f)     f(a,&p)
-
-# define M_ASN1_I2D_put_IMP_opt(a,f,t)   \
-                if (a != NULL) \
-                        { \
-                        unsigned char *q=p; \
-                        f(a,&p); \
-                        *q=(V_ASN1_CONTEXT_SPECIFIC|t|(*q&V_ASN1_CONSTRUCTED));\
-                        }
-
-# define M_ASN1_I2D_put_SET(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SET,\
-                        V_ASN1_UNIVERSAL,IS_SET)
-# define M_ASN1_I2D_put_SET_type(type,a,f) \
-     i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET)
-# define M_ASN1_I2D_put_IMP_SET(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
-                        V_ASN1_CONTEXT_SPECIFIC,IS_SET)
-# define M_ASN1_I2D_put_IMP_SET_type(type,a,f,x) \
-     i2d_ASN1_SET_OF_##type(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET)
-# define M_ASN1_I2D_put_IMP_SEQUENCE(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
-                        V_ASN1_CONTEXT_SPECIFIC,IS_SEQUENCE)
-
-# define M_ASN1_I2D_put_SEQUENCE(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SEQUENCE,\
-                                             V_ASN1_UNIVERSAL,IS_SEQUENCE)
-
-# define M_ASN1_I2D_put_SEQUENCE_type(type,a,f) \
-     i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
-                            IS_SEQUENCE)
-
-# define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
-                if ((a != NULL) && (sk_num(a) != 0)) \
-                        M_ASN1_I2D_put_SEQUENCE(a,f);
-
-# define M_ASN1_I2D_put_IMP_SET_opt(a,f,x) \
-                if ((a != NULL) && (sk_num(a) != 0)) \
-                        { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
-                                       IS_SET); }
-
-# define M_ASN1_I2D_put_IMP_SET_opt_type(type,a,f,x) \
-                if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-                        { i2d_ASN1_SET_OF_##type(a,&p,f,x, \
-                                                 V_ASN1_CONTEXT_SPECIFIC, \
-                                                 IS_SET); }
-
-# define M_ASN1_I2D_put_IMP_SEQUENCE_opt(a,f,x) \
-                if ((a != NULL) && (sk_num(a) != 0)) \
-                        { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
-                                       IS_SEQUENCE); }
-
-# define M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(type,a,f,x) \
-                if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-                        { i2d_ASN1_SET_OF_##type(a,&p,f,x, \
-                                                 V_ASN1_CONTEXT_SPECIFIC, \
-                                                 IS_SEQUENCE); }
-
-# define M_ASN1_I2D_put_EXP_opt(a,f,tag,v) \
-                if (a != NULL) \
-                        { \
-                        ASN1_put_object(&p,1,v,tag,V_ASN1_CONTEXT_SPECIFIC); \
-                        f(a,&p); \
-                        }
-
-# define M_ASN1_I2D_put_EXP_SET_opt(a,f,mtag,tag,v) \
-                if ((a != NULL) && (sk_num(a) != 0)) \
-                        { \
-                        ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
-                        i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
-                        }
-
-# define M_ASN1_I2D_put_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
-                if ((a != NULL) && (sk_num(a) != 0)) \
-                        { \
-                        ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
-                        i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SEQUENCE); \
-                        }
-
-# define M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
-                if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-                        { \
-                        ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
-                        i2d_ASN1_SET_OF_##type(a,&p,f,tag,V_ASN1_UNIVERSAL, \
-                                               IS_SEQUENCE); \
-                        }
-
-# define M_ASN1_I2D_seq_total() \
-                r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); \
-                if (pp == NULL) return(r); \
-                p= *pp; \
-                ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
-
-# define M_ASN1_I2D_INF_seq_start(tag,ctx) \
-                *(p++)=(V_ASN1_CONSTRUCTED|(tag)|(ctx)); \
-                *(p++)=0x80
-
-# define M_ASN1_I2D_INF_seq_end() *(p++)=0x00; *(p++)=0x00
-
-# define M_ASN1_I2D_finish()     *pp=p; \
-                                return(r);
-
-int asn1_GetSequence(ASN1_const_CTX *c, long *length);
-void asn1_add_error(const unsigned char *address, int offset);
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/openssl/asn1t.h b/thirdparty/openssl/openssl/asn1t.h
deleted file mode 100644
index 99bc0eecf3..0000000000
--- a/thirdparty/openssl/openssl/asn1t.h
+++ /dev/null
@@ -1,973 +0,0 @@
-/* asn1t.h */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef HEADER_ASN1T_H
-# define HEADER_ASN1T_H
-
-# include <stddef.h>
-# include <openssl/e_os2.h>
-# include <openssl/asn1.h>
-
-# ifdef OPENSSL_BUILD_SHLIBCRYPTO
-#  undef OPENSSL_EXTERN
-#  define OPENSSL_EXTERN OPENSSL_EXPORT
-# endif
-
-/* ASN1 template defines, structures and functions */
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
-
-/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
-#  define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr))
-
-/* Macros for start and end of ASN1_ITEM definition */
-
-#  define ASN1_ITEM_start(itname) \
-        OPENSSL_GLOBAL const ASN1_ITEM itname##_it = {
-
-#  define ASN1_ITEM_end(itname) \
-                };
-
-# else
-
-/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
-#  define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr()))
-
-/* Macros for start and end of ASN1_ITEM definition */
-
-#  define ASN1_ITEM_start(itname) \
-        const ASN1_ITEM * itname##_it(void) \
-        { \
-                static const ASN1_ITEM local_it = {
-
-#  define ASN1_ITEM_end(itname) \
-                }; \
-        return &local_it; \
-        }
-
-# endif
-
-/* Macros to aid ASN1 template writing */
-
-# define ASN1_ITEM_TEMPLATE(tname) \
-        static const ASN1_TEMPLATE tname##_item_tt
-
-# define ASN1_ITEM_TEMPLATE_END(tname) \
-        ;\
-        ASN1_ITEM_start(tname) \
-                ASN1_ITYPE_PRIMITIVE,\
-                -1,\
-                &tname##_item_tt,\
-                0,\
-                NULL,\
-                0,\
-                #tname \
-        ASN1_ITEM_end(tname)
-
-/* This is a ASN1 type which just embeds a template */
-
-/*-
- * This pair helps declare a SEQUENCE. We can do:
- *
- *      ASN1_SEQUENCE(stname) = {
- *              ... SEQUENCE components ...
- *      } ASN1_SEQUENCE_END(stname)
- *
- *      This will produce an ASN1_ITEM called stname_it
- *      for a structure called stname.
- *
- *      If you want the same structure but a different
- *      name then use:
- *
- *      ASN1_SEQUENCE(itname) = {
- *              ... SEQUENCE components ...
- *      } ASN1_SEQUENCE_END_name(stname, itname)
- *
- *      This will create an item called itname_it using
- *      a structure called stname.
- */
-
-# define ASN1_SEQUENCE(tname) \
-        static const ASN1_TEMPLATE tname##_seq_tt[]
-
-# define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname)
-
-# define ASN1_SEQUENCE_END_name(stname, tname) \
-        ;\
-        ASN1_ITEM_start(tname) \
-                ASN1_ITYPE_SEQUENCE,\
-                V_ASN1_SEQUENCE,\
-                tname##_seq_tt,\
-                sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
-                NULL,\
-                sizeof(stname),\
-                #stname \
-        ASN1_ITEM_end(tname)
-
-# define ASN1_NDEF_SEQUENCE(tname) \
-        ASN1_SEQUENCE(tname)
-
-# define ASN1_NDEF_SEQUENCE_cb(tname, cb) \
-        ASN1_SEQUENCE_cb(tname, cb)
-
-# define ASN1_SEQUENCE_cb(tname, cb) \
-        static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
-        ASN1_SEQUENCE(tname)
-
-# define ASN1_BROKEN_SEQUENCE(tname) \
-        static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \
-        ASN1_SEQUENCE(tname)
-
-# define ASN1_SEQUENCE_ref(tname, cb, lck) \
-        static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \
-        ASN1_SEQUENCE(tname)
-
-# define ASN1_SEQUENCE_enc(tname, enc, cb) \
-        static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \
-        ASN1_SEQUENCE(tname)
-
-# define ASN1_NDEF_SEQUENCE_END(tname) \
-        ;\
-        ASN1_ITEM_start(tname) \
-                ASN1_ITYPE_NDEF_SEQUENCE,\
-                V_ASN1_SEQUENCE,\
-                tname##_seq_tt,\
-                sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
-                NULL,\
-                sizeof(tname),\
-                #tname \
-        ASN1_ITEM_end(tname)
-
-# define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname)
-
-# define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
-
-# define ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
-
-# define ASN1_SEQUENCE_END_ref(stname, tname) \
-        ;\
-        ASN1_ITEM_start(tname) \
-                ASN1_ITYPE_SEQUENCE,\
-                V_ASN1_SEQUENCE,\
-                tname##_seq_tt,\
-                sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
-                &tname##_aux,\
-                sizeof(stname),\
-                #stname \
-        ASN1_ITEM_end(tname)
-
-# define ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \
-        ;\
-        ASN1_ITEM_start(tname) \
-                ASN1_ITYPE_NDEF_SEQUENCE,\
-                V_ASN1_SEQUENCE,\
-                tname##_seq_tt,\
-                sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
-                &tname##_aux,\
-                sizeof(stname),\
-                #stname \
-        ASN1_ITEM_end(tname)
-
-/*-
- * This pair helps declare a CHOICE type. We can do:
- *
- *      ASN1_CHOICE(chname) = {
- *              ... CHOICE options ...
- *      ASN1_CHOICE_END(chname)
- *
- *      This will produce an ASN1_ITEM called chname_it
- *      for a structure called chname. The structure
- *      definition must look like this:
- *      typedef struct {
- *              int type;
- *              union {
- *                      ASN1_SOMETHING *opt1;
- *                      ASN1_SOMEOTHER *opt2;
- *              } value;
- *      } chname;
- *
- *      the name of the selector must be 'type'.
- *      to use an alternative selector name use the
- *      ASN1_CHOICE_END_selector() version.
- */
-
-# define ASN1_CHOICE(tname) \
-        static const ASN1_TEMPLATE tname##_ch_tt[]
-
-# define ASN1_CHOICE_cb(tname, cb) \
-        static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
-        ASN1_CHOICE(tname)
-
-# define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname)
-
-# define ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type)
-
-# define ASN1_CHOICE_END_selector(stname, tname, selname) \
-        ;\
-        ASN1_ITEM_start(tname) \
-                ASN1_ITYPE_CHOICE,\
-                offsetof(stname,selname) ,\
-                tname##_ch_tt,\
-                sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
-                NULL,\
-                sizeof(stname),\
-                #stname \
-        ASN1_ITEM_end(tname)
-
-# define ASN1_CHOICE_END_cb(stname, tname, selname) \
-        ;\
-        ASN1_ITEM_start(tname) \
-                ASN1_ITYPE_CHOICE,\
-                offsetof(stname,selname) ,\
-                tname##_ch_tt,\
-                sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
-                &tname##_aux,\
-                sizeof(stname),\
-                #stname \
-        ASN1_ITEM_end(tname)
-
-/* This helps with the template wrapper form of ASN1_ITEM */
-
-# define ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \
-        (flags), (tag), 0,\
-        #name, ASN1_ITEM_ref(type) }
-
-/* These help with SEQUENCE or CHOICE components */
-
-/* used to declare other types */
-
-# define ASN1_EX_TYPE(flags, tag, stname, field, type) { \
-        (flags), (tag), offsetof(stname, field),\
-        #field, ASN1_ITEM_ref(type) }
-
-/* used when the structure is combined with the parent */
-
-# define ASN1_EX_COMBINE(flags, tag, type) { \
-        (flags)|ASN1_TFLG_COMBINE, (tag), 0, NULL, ASN1_ITEM_ref(type) }
-
-/* implicit and explicit helper macros */
-
-# define ASN1_IMP_EX(stname, field, type, tag, ex) \
-                ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | ex, tag, stname, field, type)
-
-# define ASN1_EXP_EX(stname, field, type, tag, ex) \
-                ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | ex, tag, stname, field, type)
-
-/* Any defined by macros: the field used is in the table itself */
-
-# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
-#  define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
-#  define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
-# else
-#  define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, tblname##_adb }
-#  define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, tblname##_adb }
-# endif
-/* Plain simple type */
-# define ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type)
-
-/* OPTIONAL simple type */
-# define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type)
-
-/* IMPLICIT tagged simple type */
-# define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0)
-
-/* IMPLICIT tagged OPTIONAL simple type */
-# define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
-
-/* Same as above but EXPLICIT */
-
-# define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0)
-# define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
-
-/* SEQUENCE OF type */
-# define ASN1_SEQUENCE_OF(stname, field, type) \
-                ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type)
-
-/* OPTIONAL SEQUENCE OF */
-# define ASN1_SEQUENCE_OF_OPT(stname, field, type) \
-                ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
-
-/* Same as above but for SET OF */
-
-# define ASN1_SET_OF(stname, field, type) \
-                ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type)
-
-# define ASN1_SET_OF_OPT(stname, field, type) \
-                ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
-
-/* Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL */
-
-# define ASN1_IMP_SET_OF(stname, field, type, tag) \
-                        ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
-
-# define ASN1_EXP_SET_OF(stname, field, type, tag) \
-                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
-
-# define ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \
-                        ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
-
-# define ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \
-                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
-
-# define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \
-                        ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
-
-# define ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \
-                        ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
-
-# define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \
-                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
-
-# define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \
-                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
-
-/* EXPLICIT using indefinite length constructed form */
-# define ASN1_NDEF_EXP(stname, field, type, tag) \
-                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF)
-
-/* EXPLICIT OPTIONAL using indefinite length constructed form */
-# define ASN1_NDEF_EXP_OPT(stname, field, type, tag) \
-                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF)
-
-/* Macros for the ASN1_ADB structure */
-
-# define ASN1_ADB(name) \
-        static const ASN1_ADB_TABLE name##_adbtbl[]
-
-# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
-
-#  define ASN1_ADB_END(name, flags, field, app_table, def, none) \
-        ;\
-        static const ASN1_ADB name##_adb = {\
-                flags,\
-                offsetof(name, field),\
-                app_table,\
-                name##_adbtbl,\
-                sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
-                def,\
-                none\
-        }
-
-# else
-
-#  define ASN1_ADB_END(name, flags, field, app_table, def, none) \
-        ;\
-        static const ASN1_ITEM *name##_adb(void) \
-        { \
-        static const ASN1_ADB internal_adb = \
-                {\
-                flags,\
-                offsetof(name, field),\
-                app_table,\
-                name##_adbtbl,\
-                sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
-                def,\
-                none\
-                }; \
-                return (const ASN1_ITEM *) &internal_adb; \
-        } \
-        void dummy_function(void)
-
-# endif
-
-# define ADB_ENTRY(val, template) {val, template}
-
-# define ASN1_ADB_TEMPLATE(name) \
-        static const ASN1_TEMPLATE name##_tt
-
-/*
- * This is the ASN1 template structure that defines a wrapper round the
- * actual type. It determines the actual position of the field in the value
- * structure, various flags such as OPTIONAL and the field name.
- */
-
-struct ASN1_TEMPLATE_st {
-    unsigned long flags;        /* Various flags */
-    long tag;                   /* tag, not used if no tagging */
-    unsigned long offset;       /* Offset of this field in structure */
-# ifndef NO_ASN1_FIELD_NAMES
-    const char *field_name;     /* Field name */
-# endif
-    ASN1_ITEM_EXP *item;        /* Relevant ASN1_ITEM or ASN1_ADB */
-};
-
-/* Macro to extract ASN1_ITEM and ASN1_ADB pointer from ASN1_TEMPLATE */
-
-# define ASN1_TEMPLATE_item(t) (t->item_ptr)
-# define ASN1_TEMPLATE_adb(t) (t->item_ptr)
-
-typedef struct ASN1_ADB_TABLE_st ASN1_ADB_TABLE;
-typedef struct ASN1_ADB_st ASN1_ADB;
-
-struct ASN1_ADB_st {
-    unsigned long flags;        /* Various flags */
-    unsigned long offset;       /* Offset of selector field */
-    STACK_OF(ASN1_ADB_TABLE) **app_items; /* Application defined items */
-    const ASN1_ADB_TABLE *tbl;  /* Table of possible types */
-    long tblcount;              /* Number of entries in tbl */
-    const ASN1_TEMPLATE *default_tt; /* Type to use if no match */
-    const ASN1_TEMPLATE *null_tt; /* Type to use if selector is NULL */
-};
-
-struct ASN1_ADB_TABLE_st {
-    long value;                 /* NID for an object or value for an int */
-    const ASN1_TEMPLATE tt;     /* item for this value */
-};
-
-/* template flags */
-
-/* Field is optional */
-# define ASN1_TFLG_OPTIONAL      (0x1)
-
-/* Field is a SET OF */
-# define ASN1_TFLG_SET_OF        (0x1 << 1)
-
-/* Field is a SEQUENCE OF */
-# define ASN1_TFLG_SEQUENCE_OF   (0x2 << 1)
-
-/*
- * Special case: this refers to a SET OF that will be sorted into DER order
- * when encoded *and* the corresponding STACK will be modified to match the
- * new order.
- */
-# define ASN1_TFLG_SET_ORDER     (0x3 << 1)
-
-/* Mask for SET OF or SEQUENCE OF */
-# define ASN1_TFLG_SK_MASK       (0x3 << 1)
-
-/*
- * These flags mean the tag should be taken from the tag field. If EXPLICIT
- * then the underlying type is used for the inner tag.
- */
-
-/* IMPLICIT tagging */
-# define ASN1_TFLG_IMPTAG        (0x1 << 3)
-
-/* EXPLICIT tagging, inner tag from underlying type */
-# define ASN1_TFLG_EXPTAG        (0x2 << 3)
-
-# define ASN1_TFLG_TAG_MASK      (0x3 << 3)
-
-/* context specific IMPLICIT */
-# define ASN1_TFLG_IMPLICIT      ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT
-
-/* context specific EXPLICIT */
-# define ASN1_TFLG_EXPLICIT      ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT
-
-/*
- * If tagging is in force these determine the type of tag to use. Otherwise
- * the tag is determined by the underlying type. These values reflect the
- * actual octet format.
- */
-
-/* Universal tag */
-# define ASN1_TFLG_UNIVERSAL     (0x0<<6)
-/* Application tag */
-# define ASN1_TFLG_APPLICATION   (0x1<<6)
-/* Context specific tag */
-# define ASN1_TFLG_CONTEXT       (0x2<<6)
-/* Private tag */
-# define ASN1_TFLG_PRIVATE       (0x3<<6)
-
-# define ASN1_TFLG_TAG_CLASS     (0x3<<6)
-
-/*
- * These are for ANY DEFINED BY type. In this case the 'item' field points to
- * an ASN1_ADB structure which contains a table of values to decode the
- * relevant type
- */
-
-# define ASN1_TFLG_ADB_MASK      (0x3<<8)
-
-# define ASN1_TFLG_ADB_OID       (0x1<<8)
-
-# define ASN1_TFLG_ADB_INT       (0x1<<9)
-
-/*
- * This flag means a parent structure is passed instead of the field: this is
- * useful is a SEQUENCE is being combined with a CHOICE for example. Since
- * this means the structure and item name will differ we need to use the
- * ASN1_CHOICE_END_name() macro for example.
- */
-
-# define ASN1_TFLG_COMBINE       (0x1<<10)
-
-/*
- * This flag when present in a SEQUENCE OF, SET OF or EXPLICIT causes
- * indefinite length constructed encoding to be used if required.
- */
-
-# define ASN1_TFLG_NDEF          (0x1<<11)
-
-/* This is the actual ASN1 item itself */
-
-struct ASN1_ITEM_st {
-    char itype;                 /* The item type, primitive, SEQUENCE, CHOICE
-                                 * or extern */
-    long utype;                 /* underlying type */
-    const ASN1_TEMPLATE *templates; /* If SEQUENCE or CHOICE this contains
-                                     * the contents */
-    long tcount;                /* Number of templates if SEQUENCE or CHOICE */
-    const void *funcs;          /* functions that handle this type */
-    long size;                  /* Structure size (usually) */
-# ifndef NO_ASN1_FIELD_NAMES
-    const char *sname;          /* Structure name */
-# endif
-};
-
-/*-
- * These are values for the itype field and
- * determine how the type is interpreted.
- *
- * For PRIMITIVE types the underlying type
- * determines the behaviour if items is NULL.
- *
- * Otherwise templates must contain a single
- * template and the type is treated in the
- * same way as the type specified in the template.
- *
- * For SEQUENCE types the templates field points
- * to the members, the size field is the
- * structure size.
- *
- * For CHOICE types the templates field points
- * to each possible member (typically a union)
- * and the 'size' field is the offset of the
- * selector.
- *
- * The 'funcs' field is used for application
- * specific functions.
- *
- * For COMPAT types the funcs field gives a
- * set of functions that handle this type, this
- * supports the old d2i, i2d convention.
- *
- * The EXTERN type uses a new style d2i/i2d.
- * The new style should be used where possible
- * because it avoids things like the d2i IMPLICIT
- * hack.
- *
- * MSTRING is a multiple string type, it is used
- * for a CHOICE of character strings where the
- * actual strings all occupy an ASN1_STRING
- * structure. In this case the 'utype' field
- * has a special meaning, it is used as a mask
- * of acceptable types using the B_ASN1 constants.
- *
- * NDEF_SEQUENCE is the same as SEQUENCE except
- * that it will use indefinite length constructed
- * encoding if requested.
- *
- */
-
-# define ASN1_ITYPE_PRIMITIVE            0x0
-
-# define ASN1_ITYPE_SEQUENCE             0x1
-
-# define ASN1_ITYPE_CHOICE               0x2
-
-# define ASN1_ITYPE_COMPAT               0x3
-
-# define ASN1_ITYPE_EXTERN               0x4
-
-# define ASN1_ITYPE_MSTRING              0x5
-
-# define ASN1_ITYPE_NDEF_SEQUENCE        0x6
-
-/*
- * Cache for ASN1 tag and length, so we don't keep re-reading it for things
- * like CHOICE
- */
-
-struct ASN1_TLC_st {
-    char valid;                 /* Values below are valid */
-    int ret;                    /* return value */
-    long plen;                  /* length */
-    int ptag;                   /* class value */
-    int pclass;                 /* class value */
-    int hdrlen;                 /* header length */
-};
-
-/* Typedefs for ASN1 function pointers */
-
-typedef ASN1_VALUE *ASN1_new_func(void);
-typedef void ASN1_free_func(ASN1_VALUE *a);
-typedef ASN1_VALUE *ASN1_d2i_func(ASN1_VALUE **a, const unsigned char **in,
-                                  long length);
-typedef int ASN1_i2d_func(ASN1_VALUE *a, unsigned char **in);
-
-typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
-                        const ASN1_ITEM *it, int tag, int aclass, char opt,
-                        ASN1_TLC *ctx);
-
-typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
-                        const ASN1_ITEM *it, int tag, int aclass);
-typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
-typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval,
-                               int indent, const char *fname,
-                               const ASN1_PCTX *pctx);
-
-typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont,
-                               int *putype, const ASN1_ITEM *it);
-typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont,
-                               int len, int utype, char *free_cont,
-                               const ASN1_ITEM *it);
-typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval,
-                                 const ASN1_ITEM *it, int indent,
-                                 const ASN1_PCTX *pctx);
-
-typedef struct ASN1_COMPAT_FUNCS_st {
-    ASN1_new_func *asn1_new;
-    ASN1_free_func *asn1_free;
-    ASN1_d2i_func *asn1_d2i;
-    ASN1_i2d_func *asn1_i2d;
-} ASN1_COMPAT_FUNCS;
-
-typedef struct ASN1_EXTERN_FUNCS_st {
-    void *app_data;
-    ASN1_ex_new_func *asn1_ex_new;
-    ASN1_ex_free_func *asn1_ex_free;
-    ASN1_ex_free_func *asn1_ex_clear;
-    ASN1_ex_d2i *asn1_ex_d2i;
-    ASN1_ex_i2d *asn1_ex_i2d;
-    ASN1_ex_print_func *asn1_ex_print;
-} ASN1_EXTERN_FUNCS;
-
-typedef struct ASN1_PRIMITIVE_FUNCS_st {
-    void *app_data;
-    unsigned long flags;
-    ASN1_ex_new_func *prim_new;
-    ASN1_ex_free_func *prim_free;
-    ASN1_ex_free_func *prim_clear;
-    ASN1_primitive_c2i *prim_c2i;
-    ASN1_primitive_i2c *prim_i2c;
-    ASN1_primitive_print *prim_print;
-} ASN1_PRIMITIVE_FUNCS;
-
-/*
- * This is the ASN1_AUX structure: it handles various miscellaneous
- * requirements. For example the use of reference counts and an informational
- * callback. The "informational callback" is called at various points during
- * the ASN1 encoding and decoding. It can be used to provide minor
- * customisation of the structures used. This is most useful where the
- * supplied routines *almost* do the right thing but need some extra help at
- * a few points. If the callback returns zero then it is assumed a fatal
- * error has occurred and the main operation should be abandoned. If major
- * changes in the default behaviour are required then an external type is
- * more appropriate.
- */
-
-typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it,
-                        void *exarg);
-
-typedef struct ASN1_AUX_st {
-    void *app_data;
-    int flags;
-    int ref_offset;             /* Offset of reference value */
-    int ref_lock;               /* Lock type to use */
-    ASN1_aux_cb *asn1_cb;
-    int enc_offset;             /* Offset of ASN1_ENCODING structure */
-} ASN1_AUX;
-
-/* For print related callbacks exarg points to this structure */
-typedef struct ASN1_PRINT_ARG_st {
-    BIO *out;
-    int indent;
-    const ASN1_PCTX *pctx;
-} ASN1_PRINT_ARG;
-
-/* For streaming related callbacks exarg points to this structure */
-typedef struct ASN1_STREAM_ARG_st {
-    /* BIO to stream through */
-    BIO *out;
-    /* BIO with filters appended */
-    BIO *ndef_bio;
-    /* Streaming I/O boundary */
-    unsigned char **boundary;
-} ASN1_STREAM_ARG;
-
-/* Flags in ASN1_AUX */
-
-/* Use a reference count */
-# define ASN1_AFLG_REFCOUNT      1
-/* Save the encoding of structure (useful for signatures) */
-# define ASN1_AFLG_ENCODING      2
-/* The Sequence length is invalid */
-# define ASN1_AFLG_BROKEN        4
-
-/* operation values for asn1_cb */
-
-# define ASN1_OP_NEW_PRE         0
-# define ASN1_OP_NEW_POST        1
-# define ASN1_OP_FREE_PRE        2
-# define ASN1_OP_FREE_POST       3
-# define ASN1_OP_D2I_PRE         4
-# define ASN1_OP_D2I_POST        5
-# define ASN1_OP_I2D_PRE         6
-# define ASN1_OP_I2D_POST        7
-# define ASN1_OP_PRINT_PRE       8
-# define ASN1_OP_PRINT_POST      9
-# define ASN1_OP_STREAM_PRE      10
-# define ASN1_OP_STREAM_POST     11
-# define ASN1_OP_DETACHED_PRE    12
-# define ASN1_OP_DETACHED_POST   13
-
-/* Macro to implement a primitive type */
-# define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
-# define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) \
-                                ASN1_ITEM_start(itname) \
-                                        ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname \
-                                ASN1_ITEM_end(itname)
-
-/* Macro to implement a multi string type */
-# define IMPLEMENT_ASN1_MSTRING(itname, mask) \
-                                ASN1_ITEM_start(itname) \
-                                        ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \
-                                ASN1_ITEM_end(itname)
-
-/* Macro to implement an ASN1_ITEM in terms of old style funcs */
-
-# define IMPLEMENT_COMPAT_ASN1(sname) IMPLEMENT_COMPAT_ASN1_type(sname, V_ASN1_SEQUENCE)
-
-# define IMPLEMENT_COMPAT_ASN1_type(sname, tag) \
-        static const ASN1_COMPAT_FUNCS sname##_ff = { \
-                (ASN1_new_func *)sname##_new, \
-                (ASN1_free_func *)sname##_free, \
-                (ASN1_d2i_func *)d2i_##sname, \
-                (ASN1_i2d_func *)i2d_##sname, \
-        }; \
-        ASN1_ITEM_start(sname) \
-                ASN1_ITYPE_COMPAT, \
-                tag, \
-                NULL, \
-                0, \
-                &sname##_ff, \
-                0, \
-                #sname \
-        ASN1_ITEM_end(sname)
-
-# define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \
-        ASN1_ITEM_start(sname) \
-                ASN1_ITYPE_EXTERN, \
-                tag, \
-                NULL, \
-                0, \
-                &fptrs, \
-                0, \
-                #sname \
-        ASN1_ITEM_end(sname)
-
-/* Macro to implement standard functions in terms of ASN1_ITEM structures */
-
-# define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname)
-
-# define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname)
-
-# define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
-                        IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
-
-# define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \
-                IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname)
-
-# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \
-                IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname)
-
-# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \
-        pre stname *fname##_new(void) \
-        { \
-                return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
-        } \
-        pre void fname##_free(stname *a) \
-        { \
-                ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
-        }
-
-# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
-        stname *fname##_new(void) \
-        { \
-                return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
-        } \
-        void fname##_free(stname *a) \
-        { \
-                ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
-        }
-
-# define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \
-        IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
-        IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
-
-# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
-        stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
-        { \
-                return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
-        } \
-        int i2d_##fname(stname *a, unsigned char **out) \
-        { \
-                return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
-        }
-
-# define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \
-        int i2d_##stname##_NDEF(stname *a, unsigned char **out) \
-        { \
-                return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\
-        }
-
-/*
- * This includes evil casts to remove const: they will go away when full ASN1
- * constification is done.
- */
-# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
-        stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
-        { \
-                return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
-        } \
-        int i2d_##fname(const stname *a, unsigned char **out) \
-        { \
-                return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
-        }
-
-# define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \
-        stname * stname##_dup(stname *x) \
-        { \
-        return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
-        }
-
-# define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \
-        IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname)
-
-# define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \
-        int fname##_print_ctx(BIO *out, stname *x, int indent, \
-                                                const ASN1_PCTX *pctx) \
-        { \
-                return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \
-                        ASN1_ITEM_rptr(itname), pctx); \
-        }
-
-# define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
-                IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)
-
-# define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \
-        IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
-        IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
-
-/* external definitions for primitive types */
-
-DECLARE_ASN1_ITEM(ASN1_BOOLEAN)
-DECLARE_ASN1_ITEM(ASN1_TBOOLEAN)
-DECLARE_ASN1_ITEM(ASN1_FBOOLEAN)
-DECLARE_ASN1_ITEM(ASN1_SEQUENCE)
-DECLARE_ASN1_ITEM(CBIGNUM)
-DECLARE_ASN1_ITEM(BIGNUM)
-DECLARE_ASN1_ITEM(LONG)
-DECLARE_ASN1_ITEM(ZLONG)
-
-DECLARE_STACK_OF(ASN1_VALUE)
-
-/* Functions used internally by the ASN1 code */
-
-int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
-void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
-int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
-int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
-                      const ASN1_TEMPLATE *tt);
-int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
-                     const ASN1_ITEM *it, int tag, int aclass, char opt,
-                     ASN1_TLC *ctx);
-
-int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
-                     const ASN1_ITEM *it, int tag, int aclass);
-int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out,
-                      const ASN1_TEMPLATE *tt);
-void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
-                const ASN1_ITEM *it);
-int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
-                int utype, char *free_cont, const ASN1_ITEM *it);
-
-int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it);
-int asn1_set_choice_selector(ASN1_VALUE **pval, int value,
-                             const ASN1_ITEM *it);
-
-ASN1_VALUE **asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
-
-const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt,
-                                 int nullerr);
-
-int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it);
-
-void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it);
-void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval,
-                     const ASN1_ITEM *it);
-int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen,
-                  const ASN1_ITEM *it);
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/bio.h b/thirdparty/openssl/openssl/bio.h
deleted file mode 100644
index 8f2438cdad..0000000000
--- a/thirdparty/openssl/openssl/bio.h
+++ /dev/null
@@ -1,883 +0,0 @@
-/* crypto/bio/bio.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BIO_H
-# define HEADER_BIO_H
-
-# include <openssl/e_os2.h>
-
-# ifndef OPENSSL_NO_FP_API
-#  include <stdio.h>
-# endif
-# include <stdarg.h>
-
-# include <openssl/crypto.h>
-
-# ifndef OPENSSL_NO_SCTP
-#  ifndef OPENSSL_SYS_VMS
-#   include <stdint.h>
-#  else
-#   include <inttypes.h>
-#  endif
-# endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* These are the 'types' of BIOs */
-# define BIO_TYPE_NONE           0
-# define BIO_TYPE_MEM            (1|0x0400)
-# define BIO_TYPE_FILE           (2|0x0400)
-
-# define BIO_TYPE_FD             (4|0x0400|0x0100)
-# define BIO_TYPE_SOCKET         (5|0x0400|0x0100)
-# define BIO_TYPE_NULL           (6|0x0400)
-# define BIO_TYPE_SSL            (7|0x0200)
-# define BIO_TYPE_MD             (8|0x0200)/* passive filter */
-# define BIO_TYPE_BUFFER         (9|0x0200)/* filter */
-# define BIO_TYPE_CIPHER         (10|0x0200)/* filter */
-# define BIO_TYPE_BASE64         (11|0x0200)/* filter */
-# define BIO_TYPE_CONNECT        (12|0x0400|0x0100)/* socket - connect */
-# define BIO_TYPE_ACCEPT         (13|0x0400|0x0100)/* socket for accept */
-# define BIO_TYPE_PROXY_CLIENT   (14|0x0200)/* client proxy BIO */
-# define BIO_TYPE_PROXY_SERVER   (15|0x0200)/* server proxy BIO */
-# define BIO_TYPE_NBIO_TEST      (16|0x0200)/* server proxy BIO */
-# define BIO_TYPE_NULL_FILTER    (17|0x0200)
-# define BIO_TYPE_BER            (18|0x0200)/* BER -> bin filter */
-# define BIO_TYPE_BIO            (19|0x0400)/* (half a) BIO pair */
-# define BIO_TYPE_LINEBUFFER     (20|0x0200)/* filter */
-# define BIO_TYPE_DGRAM          (21|0x0400|0x0100)
-# ifndef OPENSSL_NO_SCTP
-#  define BIO_TYPE_DGRAM_SCTP     (24|0x0400|0x0100)
-# endif
-# define BIO_TYPE_ASN1           (22|0x0200)/* filter */
-# define BIO_TYPE_COMP           (23|0x0200)/* filter */
-
-# define BIO_TYPE_DESCRIPTOR     0x0100/* socket, fd, connect or accept */
-# define BIO_TYPE_FILTER         0x0200
-# define BIO_TYPE_SOURCE_SINK    0x0400
-
-/*
- * BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
- * BIO_set_fp(in,stdin,BIO_NOCLOSE);
- */
-# define BIO_NOCLOSE             0x00
-# define BIO_CLOSE               0x01
-
-/*
- * These are used in the following macros and are passed to BIO_ctrl()
- */
-# define BIO_CTRL_RESET          1/* opt - rewind/zero etc */
-# define BIO_CTRL_EOF            2/* opt - are we at the eof */
-# define BIO_CTRL_INFO           3/* opt - extra tit-bits */
-# define BIO_CTRL_SET            4/* man - set the 'IO' type */
-# define BIO_CTRL_GET            5/* man - get the 'IO' type */
-# define BIO_CTRL_PUSH           6/* opt - internal, used to signify change */
-# define BIO_CTRL_POP            7/* opt - internal, used to signify change */
-# define BIO_CTRL_GET_CLOSE      8/* man - set the 'close' on free */
-# define BIO_CTRL_SET_CLOSE      9/* man - set the 'close' on free */
-# define BIO_CTRL_PENDING        10/* opt - is their more data buffered */
-# define BIO_CTRL_FLUSH          11/* opt - 'flush' buffered output */
-# define BIO_CTRL_DUP            12/* man - extra stuff for 'duped' BIO */
-# define BIO_CTRL_WPENDING       13/* opt - number of bytes still to write */
-/* callback is int cb(BIO *bio,state,ret); */
-# define BIO_CTRL_SET_CALLBACK   14/* opt - set callback function */
-# define BIO_CTRL_GET_CALLBACK   15/* opt - set callback function */
-
-# define BIO_CTRL_SET_FILENAME   30/* BIO_s_file special */
-
-/* dgram BIO stuff */
-# define BIO_CTRL_DGRAM_CONNECT       31/* BIO dgram special */
-# define BIO_CTRL_DGRAM_SET_CONNECTED 32/* allow for an externally connected
-                                         * socket to be passed in */
-# define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33/* setsockopt, essentially */
-# define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34/* getsockopt, essentially */
-# define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35/* setsockopt, essentially */
-# define BIO_CTRL_DGRAM_GET_SEND_TIMEOUT 36/* getsockopt, essentially */
-
-# define BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP 37/* flag whether the last */
-# define BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP 38/* I/O operation tiemd out */
-
-/* #ifdef IP_MTU_DISCOVER */
-# define BIO_CTRL_DGRAM_MTU_DISCOVER       39/* set DF bit on egress packets */
-/* #endif */
-
-# define BIO_CTRL_DGRAM_QUERY_MTU          40/* as kernel for current MTU */
-# define BIO_CTRL_DGRAM_GET_FALLBACK_MTU   47
-# define BIO_CTRL_DGRAM_GET_MTU            41/* get cached value for MTU */
-# define BIO_CTRL_DGRAM_SET_MTU            42/* set cached value for MTU.
-                                              * want to use this if asking
-                                              * the kernel fails */
-
-# define BIO_CTRL_DGRAM_MTU_EXCEEDED       43/* check whether the MTU was
-                                              * exceed in the previous write
-                                              * operation */
-
-# define BIO_CTRL_DGRAM_GET_PEER           46
-# define BIO_CTRL_DGRAM_SET_PEER           44/* Destination for the data */
-
-# define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT   45/* Next DTLS handshake timeout
-                                              * to adjust socket timeouts */
-# define BIO_CTRL_DGRAM_SET_DONT_FRAG      48
-
-# define BIO_CTRL_DGRAM_GET_MTU_OVERHEAD   49
-
-# ifndef OPENSSL_NO_SCTP
-/* SCTP stuff */
-#  define BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE    50
-#  define BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY                51
-#  define BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY               52
-#  define BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD               53
-#  define BIO_CTRL_DGRAM_SCTP_GET_SNDINFO         60
-#  define BIO_CTRL_DGRAM_SCTP_SET_SNDINFO         61
-#  define BIO_CTRL_DGRAM_SCTP_GET_RCVINFO         62
-#  define BIO_CTRL_DGRAM_SCTP_SET_RCVINFO         63
-#  define BIO_CTRL_DGRAM_SCTP_GET_PRINFO                  64
-#  define BIO_CTRL_DGRAM_SCTP_SET_PRINFO                  65
-#  define BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN               70
-# endif
-
-/* modifiers */
-# define BIO_FP_READ             0x02
-# define BIO_FP_WRITE            0x04
-# define BIO_FP_APPEND           0x08
-# define BIO_FP_TEXT             0x10
-
-# define BIO_FLAGS_READ          0x01
-# define BIO_FLAGS_WRITE         0x02
-# define BIO_FLAGS_IO_SPECIAL    0x04
-# define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
-# define BIO_FLAGS_SHOULD_RETRY  0x08
-# ifndef BIO_FLAGS_UPLINK
-/*
- * "UPLINK" flag denotes file descriptors provided by application. It
- * defaults to 0, as most platforms don't require UPLINK interface.
- */
-#  define BIO_FLAGS_UPLINK        0
-# endif
-
-/* Used in BIO_gethostbyname() */
-# define BIO_GHBN_CTRL_HITS              1
-# define BIO_GHBN_CTRL_MISSES            2
-# define BIO_GHBN_CTRL_CACHE_SIZE        3
-# define BIO_GHBN_CTRL_GET_ENTRY         4
-# define BIO_GHBN_CTRL_FLUSH             5
-
-/* Mostly used in the SSL BIO */
-/*-
- * Not used anymore
- * #define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10
- * #define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20
- * #define BIO_FLAGS_PROTOCOL_STARTUP   0x40
- */
-
-# define BIO_FLAGS_BASE64_NO_NL  0x100
-
-/*
- * This is used with memory BIOs: it means we shouldn't free up or change the
- * data in any way.
- */
-# define BIO_FLAGS_MEM_RDONLY    0x200
-
-typedef struct bio_st BIO;
-
-void BIO_set_flags(BIO *b, int flags);
-int BIO_test_flags(const BIO *b, int flags);
-void BIO_clear_flags(BIO *b, int flags);
-
-# define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
-# define BIO_set_retry_special(b) \
-                BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
-# define BIO_set_retry_read(b) \
-                BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
-# define BIO_set_retry_write(b) \
-                BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
-
-/* These are normally used internally in BIOs */
-# define BIO_clear_retry_flags(b) \
-                BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
-# define BIO_get_retry_flags(b) \
-                BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
-
-/* These should be used by the application to tell why we should retry */
-# define BIO_should_read(a)              BIO_test_flags(a, BIO_FLAGS_READ)
-# define BIO_should_write(a)             BIO_test_flags(a, BIO_FLAGS_WRITE)
-# define BIO_should_io_special(a)        BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
-# define BIO_retry_type(a)               BIO_test_flags(a, BIO_FLAGS_RWS)
-# define BIO_should_retry(a)             BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
-
-/*
- * The next three are used in conjunction with the BIO_should_io_special()
- * condition.  After this returns true, BIO *BIO_get_retry_BIO(BIO *bio, int
- * *reason); will walk the BIO stack and return the 'reason' for the special
- * and the offending BIO. Given a BIO, BIO_get_retry_reason(bio) will return
- * the code.
- */
-/*
- * Returned from the SSL bio when the certificate retrieval code had an error
- */
-# define BIO_RR_SSL_X509_LOOKUP          0x01
-/* Returned from the connect BIO when a connect would have blocked */
-# define BIO_RR_CONNECT                  0x02
-/* Returned from the accept BIO when an accept would have blocked */
-# define BIO_RR_ACCEPT                   0x03
-
-/* These are passed by the BIO callback */
-# define BIO_CB_FREE     0x01
-# define BIO_CB_READ     0x02
-# define BIO_CB_WRITE    0x03
-# define BIO_CB_PUTS     0x04
-# define BIO_CB_GETS     0x05
-# define BIO_CB_CTRL     0x06
-
-/*
- * The callback is called before and after the underling operation, The
- * BIO_CB_RETURN flag indicates if it is after the call
- */
-# define BIO_CB_RETURN   0x80
-# define BIO_CB_return(a) ((a)|BIO_CB_RETURN)
-# define BIO_cb_pre(a)   (!((a)&BIO_CB_RETURN))
-# define BIO_cb_post(a)  ((a)&BIO_CB_RETURN)
-
-long (*BIO_get_callback(const BIO *b)) (struct bio_st *, int, const char *,
-                                        int, long, long);
-void BIO_set_callback(BIO *b,
-                      long (*callback) (struct bio_st *, int, const char *,
-                                        int, long, long));
-char *BIO_get_callback_arg(const BIO *b);
-void BIO_set_callback_arg(BIO *b, char *arg);
-
-const char *BIO_method_name(const BIO *b);
-int BIO_method_type(const BIO *b);
-
-typedef void bio_info_cb (struct bio_st *, int, const char *, int, long,
-                          long);
-
-typedef struct bio_method_st {
-    int type;
-    const char *name;
-    int (*bwrite) (BIO *, const char *, int);
-    int (*bread) (BIO *, char *, int);
-    int (*bputs) (BIO *, const char *);
-    int (*bgets) (BIO *, char *, int);
-    long (*ctrl) (BIO *, int, long, void *);
-    int (*create) (BIO *);
-    int (*destroy) (BIO *);
-    long (*callback_ctrl) (BIO *, int, bio_info_cb *);
-} BIO_METHOD;
-
-struct bio_st {
-    BIO_METHOD *method;
-    /* bio, mode, argp, argi, argl, ret */
-    long (*callback) (struct bio_st *, int, const char *, int, long, long);
-    char *cb_arg;               /* first argument for the callback */
-    int init;
-    int shutdown;
-    int flags;                  /* extra storage */
-    int retry_reason;
-    int num;
-    void *ptr;
-    struct bio_st *next_bio;    /* used by filter BIOs */
-    struct bio_st *prev_bio;    /* used by filter BIOs */
-    int references;
-    unsigned long num_read;
-    unsigned long num_write;
-    CRYPTO_EX_DATA ex_data;
-};
-
-DECLARE_STACK_OF(BIO)
-
-typedef struct bio_f_buffer_ctx_struct {
-    /*-
-     * Buffers are setup like this:
-     *
-     * <---------------------- size ----------------------->
-     * +---------------------------------------------------+
-     * | consumed | remaining          | free space        |
-     * +---------------------------------------------------+
-     * <-- off --><------- len ------->
-     */
-    /*- BIO *bio; *//*
-     * this is now in the BIO struct
-     */
-    int ibuf_size;              /* how big is the input buffer */
-    int obuf_size;              /* how big is the output buffer */
-    char *ibuf;                 /* the char array */
-    int ibuf_len;               /* how many bytes are in it */
-    int ibuf_off;               /* write/read offset */
-    char *obuf;                 /* the char array */
-    int obuf_len;               /* how many bytes are in it */
-    int obuf_off;               /* write/read offset */
-} BIO_F_BUFFER_CTX;
-
-/* Prefix and suffix callback in ASN1 BIO */
-typedef int asn1_ps_func (BIO *b, unsigned char **pbuf, int *plen,
-                          void *parg);
-
-# ifndef OPENSSL_NO_SCTP
-/* SCTP parameter structs */
-struct bio_dgram_sctp_sndinfo {
-    uint16_t snd_sid;
-    uint16_t snd_flags;
-    uint32_t snd_ppid;
-    uint32_t snd_context;
-};
-
-struct bio_dgram_sctp_rcvinfo {
-    uint16_t rcv_sid;
-    uint16_t rcv_ssn;
-    uint16_t rcv_flags;
-    uint32_t rcv_ppid;
-    uint32_t rcv_tsn;
-    uint32_t rcv_cumtsn;
-    uint32_t rcv_context;
-};
-
-struct bio_dgram_sctp_prinfo {
-    uint16_t pr_policy;
-    uint32_t pr_value;
-};
-# endif
-
-/* connect BIO stuff */
-# define BIO_CONN_S_BEFORE               1
-# define BIO_CONN_S_GET_IP               2
-# define BIO_CONN_S_GET_PORT             3
-# define BIO_CONN_S_CREATE_SOCKET        4
-# define BIO_CONN_S_CONNECT              5
-# define BIO_CONN_S_OK                   6
-# define BIO_CONN_S_BLOCKED_CONNECT      7
-# define BIO_CONN_S_NBIO                 8
-/*
- * #define BIO_CONN_get_param_hostname BIO_ctrl
- */
-
-# define BIO_C_SET_CONNECT                       100
-# define BIO_C_DO_STATE_MACHINE                  101
-# define BIO_C_SET_NBIO                          102
-# define BIO_C_SET_PROXY_PARAM                   103
-# define BIO_C_SET_FD                            104
-# define BIO_C_GET_FD                            105
-# define BIO_C_SET_FILE_PTR                      106
-# define BIO_C_GET_FILE_PTR                      107
-# define BIO_C_SET_FILENAME                      108
-# define BIO_C_SET_SSL                           109
-# define BIO_C_GET_SSL                           110
-# define BIO_C_SET_MD                            111
-# define BIO_C_GET_MD                            112
-# define BIO_C_GET_CIPHER_STATUS                 113
-# define BIO_C_SET_BUF_MEM                       114
-# define BIO_C_GET_BUF_MEM_PTR                   115
-# define BIO_C_GET_BUFF_NUM_LINES                116
-# define BIO_C_SET_BUFF_SIZE                     117
-# define BIO_C_SET_ACCEPT                        118
-# define BIO_C_SSL_MODE                          119
-# define BIO_C_GET_MD_CTX                        120
-# define BIO_C_GET_PROXY_PARAM                   121
-# define BIO_C_SET_BUFF_READ_DATA                122/* data to read first */
-# define BIO_C_GET_CONNECT                       123
-# define BIO_C_GET_ACCEPT                        124
-# define BIO_C_SET_SSL_RENEGOTIATE_BYTES         125
-# define BIO_C_GET_SSL_NUM_RENEGOTIATES          126
-# define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT       127
-# define BIO_C_FILE_SEEK                         128
-# define BIO_C_GET_CIPHER_CTX                    129
-# define BIO_C_SET_BUF_MEM_EOF_RETURN            130/* return end of input
-                                                     * value */
-# define BIO_C_SET_BIND_MODE                     131
-# define BIO_C_GET_BIND_MODE                     132
-# define BIO_C_FILE_TELL                         133
-# define BIO_C_GET_SOCKS                         134
-# define BIO_C_SET_SOCKS                         135
-
-# define BIO_C_SET_WRITE_BUF_SIZE                136/* for BIO_s_bio */
-# define BIO_C_GET_WRITE_BUF_SIZE                137
-# define BIO_C_MAKE_BIO_PAIR                     138
-# define BIO_C_DESTROY_BIO_PAIR                  139
-# define BIO_C_GET_WRITE_GUARANTEE               140
-# define BIO_C_GET_READ_REQUEST                  141
-# define BIO_C_SHUTDOWN_WR                       142
-# define BIO_C_NREAD0                            143
-# define BIO_C_NREAD                             144
-# define BIO_C_NWRITE0                           145
-# define BIO_C_NWRITE                            146
-# define BIO_C_RESET_READ_REQUEST                147
-# define BIO_C_SET_MD_CTX                        148
-
-# define BIO_C_SET_PREFIX                        149
-# define BIO_C_GET_PREFIX                        150
-# define BIO_C_SET_SUFFIX                        151
-# define BIO_C_GET_SUFFIX                        152
-
-# define BIO_C_SET_EX_ARG                        153
-# define BIO_C_GET_EX_ARG                        154
-
-# define BIO_set_app_data(s,arg)         BIO_set_ex_data(s,0,arg)
-# define BIO_get_app_data(s)             BIO_get_ex_data(s,0)
-
-/* BIO_s_connect() and BIO_s_socks4a_connect() */
-# define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name)
-# define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port)
-# define BIO_set_conn_ip(b,ip)     BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)ip)
-# define BIO_set_conn_int_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,3,(char *)port)
-# define BIO_get_conn_hostname(b)  BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
-# define BIO_get_conn_port(b)      BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
-# define BIO_get_conn_ip(b)               BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2)
-# define BIO_get_conn_int_port(b) BIO_ctrl(b,BIO_C_GET_CONNECT,3,NULL)
-
-# define BIO_set_nbio(b,n)       BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
-
-/* BIO_s_accept() */
-# define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
-# define BIO_get_accept_port(b)  BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
-/* #define BIO_set_nbio(b,n)    BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
-# define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?(void *)"a":NULL)
-# define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio)
-
-# define BIO_BIND_NORMAL                 0
-# define BIO_BIND_REUSEADDR_IF_UNUSED    1
-# define BIO_BIND_REUSEADDR              2
-# define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
-# define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
-
-/* BIO_s_accept() and BIO_s_connect() */
-# define BIO_do_connect(b)       BIO_do_handshake(b)
-# define BIO_do_accept(b)        BIO_do_handshake(b)
-# define BIO_do_handshake(b)     BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
-
-/* BIO_s_proxy_client() */
-# define BIO_set_url(b,url)      BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,0,(char *)(url))
-# define BIO_set_proxies(b,p)    BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,1,(char *)(p))
-/* BIO_set_nbio(b,n) */
-# define BIO_set_filter_bio(b,s) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,2,(char *)(s))
-/* BIO *BIO_get_filter_bio(BIO *bio); */
-# define BIO_set_proxy_cb(b,cb) BIO_callback_ctrl(b,BIO_C_SET_PROXY_PARAM,3,(void *(*cb)()))
-# define BIO_set_proxy_header(b,sk) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,(char *)sk)
-# define BIO_set_no_connect_return(b,bool) BIO_int_ctrl(b,BIO_C_SET_PROXY_PARAM,5,bool)
-
-# define BIO_get_proxy_header(b,skp) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,(char *)skp)
-# define BIO_get_proxies(b,pxy_p) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(char *)(pxy_p))
-# define BIO_get_url(b,url)      BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url))
-# define BIO_get_no_connect_return(b)    BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL)
-
-/* BIO_s_datagram(), BIO_s_fd(), BIO_s_socket(), BIO_s_accept() and BIO_s_connect() */
-# define BIO_set_fd(b,fd,c)      BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
-# define BIO_get_fd(b,c)         BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
-
-/* BIO_s_file() */
-# define BIO_set_fp(b,fp,c)      BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp)
-# define BIO_get_fp(b,fpp)       BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp)
-
-/* BIO_s_fd() and BIO_s_file() */
-# define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)
-# define BIO_tell(b)     (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)
-
-/*
- * name is cast to lose const, but might be better to route through a
- * function so we can do it safely
- */
-# ifdef CONST_STRICT
-/*
- * If you are wondering why this isn't defined, its because CONST_STRICT is
- * purely a compile-time kludge to allow const to be checked.
- */
-int BIO_read_filename(BIO *b, const char *name);
-# else
-#  define BIO_read_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
-                BIO_CLOSE|BIO_FP_READ,(char *)name)
-# endif
-# define BIO_write_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
-                BIO_CLOSE|BIO_FP_WRITE,name)
-# define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
-                BIO_CLOSE|BIO_FP_APPEND,name)
-# define BIO_rw_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
-                BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name)
-
-/*
- * WARNING WARNING, this ups the reference count on the read bio of the SSL
- * structure.  This is because the ssl read BIO is now pointed to by the
- * next_bio field in the bio.  So when you free the BIO, make sure you are
- * doing a BIO_free_all() to catch the underlying BIO.
- */
-# define BIO_set_ssl(b,ssl,c)    BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
-# define BIO_get_ssl(b,sslp)     BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
-# define BIO_set_ssl_mode(b,client)      BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
-# define BIO_set_ssl_renegotiate_bytes(b,num) \
-        BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL)
-# define BIO_get_num_renegotiates(b) \
-        BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL)
-# define BIO_set_ssl_renegotiate_timeout(b,seconds) \
-        BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL)
-
-/* defined in evp.h */
-/* #define BIO_set_md(b,md)     BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */
-
-# define BIO_get_mem_data(b,pp)  BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp)
-# define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm)
-# define BIO_get_mem_ptr(b,pp)   BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp)
-# define BIO_set_mem_eof_return(b,v) \
-                                BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,NULL)
-
-/* For the BIO_f_buffer() type */
-# define BIO_get_buffer_num_lines(b)     BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
-# define BIO_set_buffer_size(b,size)     BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
-# define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)
-# define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)
-# define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)
-
-/* Don't use the next one unless you know what you are doing :-) */
-# define BIO_dup_state(b,ret)    BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)(ret))
-
-# define BIO_reset(b)            (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)
-# define BIO_eof(b)              (int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)
-# define BIO_set_close(b,c)      (int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL)
-# define BIO_get_close(b)        (int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL)
-# define BIO_pending(b)          (int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
-# define BIO_wpending(b)         (int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)
-/* ...pending macros have inappropriate return type */
-size_t BIO_ctrl_pending(BIO *b);
-size_t BIO_ctrl_wpending(BIO *b);
-# define BIO_flush(b)            (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)
-# define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0, \
-                                                   cbp)
-# define BIO_set_info_callback(b,cb) (int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,cb)
-
-/* For the BIO_f_buffer() type */
-# define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)
-
-/* For BIO_s_bio() */
-# define BIO_set_write_buf_size(b,size) (int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL)
-# define BIO_get_write_buf_size(b,size) (size_t)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL)
-# define BIO_make_bio_pair(b1,b2)   (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2)
-# define BIO_destroy_bio_pair(b)    (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL)
-# define BIO_shutdown_wr(b) (int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)
-/* macros with inappropriate type -- but ...pending macros use int too: */
-# define BIO_get_write_guarantee(b) (int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL)
-# define BIO_get_read_request(b)    (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL)
-size_t BIO_ctrl_get_write_guarantee(BIO *b);
-size_t BIO_ctrl_get_read_request(BIO *b);
-int BIO_ctrl_reset_read_request(BIO *b);
-
-/* ctrl macros for dgram */
-# define BIO_ctrl_dgram_connect(b,peer)  \
-                     (int)BIO_ctrl(b,BIO_CTRL_DGRAM_CONNECT,0, (char *)peer)
-# define BIO_ctrl_set_connected(b, state, peer) \
-         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_CONNECTED, state, (char *)peer)
-# define BIO_dgram_recv_timedout(b) \
-         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, NULL)
-# define BIO_dgram_send_timedout(b) \
-         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, NULL)
-# define BIO_dgram_get_peer(b,peer) \
-         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char *)peer)
-# define BIO_dgram_set_peer(b,peer) \
-         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)peer)
-# define BIO_dgram_get_mtu_overhead(b) \
-         (unsigned int)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_MTU_OVERHEAD, 0, NULL)
-
-/* These two aren't currently implemented */
-/* int BIO_get_ex_num(BIO *bio); */
-/* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */
-int BIO_set_ex_data(BIO *bio, int idx, void *data);
-void *BIO_get_ex_data(BIO *bio, int idx);
-int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-                         CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-unsigned long BIO_number_read(BIO *bio);
-unsigned long BIO_number_written(BIO *bio);
-
-/* For BIO_f_asn1() */
-int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix,
-                        asn1_ps_func *prefix_free);
-int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix,
-                        asn1_ps_func **pprefix_free);
-int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix,
-                        asn1_ps_func *suffix_free);
-int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,
-                        asn1_ps_func **psuffix_free);
-
-# ifndef OPENSSL_NO_FP_API
-BIO_METHOD *BIO_s_file(void);
-BIO *BIO_new_file(const char *filename, const char *mode);
-BIO *BIO_new_fp(FILE *stream, int close_flag);
-#  define BIO_s_file_internal    BIO_s_file
-# endif
-BIO *BIO_new(BIO_METHOD *type);
-int BIO_set(BIO *a, BIO_METHOD *type);
-int BIO_free(BIO *a);
-void BIO_vfree(BIO *a);
-int BIO_read(BIO *b, void *data, int len);
-int BIO_gets(BIO *bp, char *buf, int size);
-int BIO_write(BIO *b, const void *data, int len);
-int BIO_puts(BIO *bp, const char *buf);
-int BIO_indent(BIO *b, int indent, int max);
-long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
-long BIO_callback_ctrl(BIO *b, int cmd,
-                       void (*fp) (struct bio_st *, int, const char *, int,
-                                   long, long));
-char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
-long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
-BIO *BIO_push(BIO *b, BIO *append);
-BIO *BIO_pop(BIO *b);
-void BIO_free_all(BIO *a);
-BIO *BIO_find_type(BIO *b, int bio_type);
-BIO *BIO_next(BIO *b);
-BIO *BIO_get_retry_BIO(BIO *bio, int *reason);
-int BIO_get_retry_reason(BIO *bio);
-BIO *BIO_dup_chain(BIO *in);
-
-int BIO_nread0(BIO *bio, char **buf);
-int BIO_nread(BIO *bio, char **buf, int num);
-int BIO_nwrite0(BIO *bio, char **buf);
-int BIO_nwrite(BIO *bio, char **buf, int num);
-
-long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
-                        long argl, long ret);
-
-BIO_METHOD *BIO_s_mem(void);
-BIO *BIO_new_mem_buf(const void *buf, int len);
-BIO_METHOD *BIO_s_socket(void);
-BIO_METHOD *BIO_s_connect(void);
-BIO_METHOD *BIO_s_accept(void);
-BIO_METHOD *BIO_s_fd(void);
-# ifndef OPENSSL_SYS_OS2
-BIO_METHOD *BIO_s_log(void);
-# endif
-BIO_METHOD *BIO_s_bio(void);
-BIO_METHOD *BIO_s_null(void);
-BIO_METHOD *BIO_f_null(void);
-BIO_METHOD *BIO_f_buffer(void);
-# ifdef OPENSSL_SYS_VMS
-BIO_METHOD *BIO_f_linebuffer(void);
-# endif
-BIO_METHOD *BIO_f_nbio_test(void);
-# ifndef OPENSSL_NO_DGRAM
-BIO_METHOD *BIO_s_datagram(void);
-#  ifndef OPENSSL_NO_SCTP
-BIO_METHOD *BIO_s_datagram_sctp(void);
-#  endif
-# endif
-
-/* BIO_METHOD *BIO_f_ber(void); */
-
-int BIO_sock_should_retry(int i);
-int BIO_sock_non_fatal_error(int error);
-int BIO_dgram_non_fatal_error(int error);
-
-int BIO_fd_should_retry(int i);
-int BIO_fd_non_fatal_error(int error);
-int BIO_dump_cb(int (*cb) (const void *data, size_t len, void *u),
-                void *u, const char *s, int len);
-int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
-                       void *u, const char *s, int len, int indent);
-int BIO_dump(BIO *b, const char *bytes, int len);
-int BIO_dump_indent(BIO *b, const char *bytes, int len, int indent);
-# ifndef OPENSSL_NO_FP_API
-int BIO_dump_fp(FILE *fp, const char *s, int len);
-int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent);
-# endif
-int BIO_hex_string(BIO *out, int indent, int width, unsigned char *data,
-                   int datalen);
-
-struct hostent *BIO_gethostbyname(const char *name);
-/*-
- * We might want a thread-safe interface too:
- * struct hostent *BIO_gethostbyname_r(const char *name,
- *     struct hostent *result, void *buffer, size_t buflen);
- * or something similar (caller allocates a struct hostent,
- * pointed to by "result", and additional buffer space for the various
- * substructures; if the buffer does not suffice, NULL is returned
- * and an appropriate error code is set).
- */
-int BIO_sock_error(int sock);
-int BIO_socket_ioctl(int fd, long type, void *arg);
-int BIO_socket_nbio(int fd, int mode);
-int BIO_get_port(const char *str, unsigned short *port_ptr);
-int BIO_get_host_ip(const char *str, unsigned char *ip);
-int BIO_get_accept_socket(char *host_port, int mode);
-int BIO_accept(int sock, char **ip_port);
-int BIO_sock_init(void);
-void BIO_sock_cleanup(void);
-int BIO_set_tcp_ndelay(int sock, int turn_on);
-
-BIO *BIO_new_socket(int sock, int close_flag);
-BIO *BIO_new_dgram(int fd, int close_flag);
-# ifndef OPENSSL_NO_SCTP
-BIO *BIO_new_dgram_sctp(int fd, int close_flag);
-int BIO_dgram_is_sctp(BIO *bio);
-int BIO_dgram_sctp_notification_cb(BIO *b,
-                                   void (*handle_notifications) (BIO *bio,
-                                                                 void
-                                                                 *context,
-                                                                 void *buf),
-                                   void *context);
-int BIO_dgram_sctp_wait_for_dry(BIO *b);
-int BIO_dgram_sctp_msg_waiting(BIO *b);
-# endif
-BIO *BIO_new_fd(int fd, int close_flag);
-BIO *BIO_new_connect(const char *host_port);
-BIO *BIO_new_accept(const char *host_port);
-
-int BIO_new_bio_pair(BIO **bio1, size_t writebuf1,
-                     BIO **bio2, size_t writebuf2);
-/*
- * If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints.
- * Otherwise returns 0 and sets *bio1 and *bio2 to NULL. Size 0 uses default
- * value.
- */
-
-void BIO_copy_next_retry(BIO *b);
-
-/*
- * long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);
- */
-
-# ifdef __GNUC__
-#  define __bio_h__attr__ __attribute__
-# else
-#  define __bio_h__attr__(x)
-# endif
-int BIO_printf(BIO *bio, const char *format, ...)
-__bio_h__attr__((__format__(__printf__, 2, 3)));
-int BIO_vprintf(BIO *bio, const char *format, va_list args)
-__bio_h__attr__((__format__(__printf__, 2, 0)));
-int BIO_snprintf(char *buf, size_t n, const char *format, ...)
-__bio_h__attr__((__format__(__printf__, 3, 4)));
-int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
-__bio_h__attr__((__format__(__printf__, 3, 0)));
-# undef __bio_h__attr__
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_BIO_strings(void);
-
-/* Error codes for the BIO functions. */
-
-/* Function codes. */
-# define BIO_F_ACPT_STATE                                 100
-# define BIO_F_BIO_ACCEPT                                 101
-# define BIO_F_BIO_BER_GET_HEADER                         102
-# define BIO_F_BIO_CALLBACK_CTRL                          131
-# define BIO_F_BIO_CTRL                                   103
-# define BIO_F_BIO_GETHOSTBYNAME                          120
-# define BIO_F_BIO_GETS                                   104
-# define BIO_F_BIO_GET_ACCEPT_SOCKET                      105
-# define BIO_F_BIO_GET_HOST_IP                            106
-# define BIO_F_BIO_GET_PORT                               107
-# define BIO_F_BIO_MAKE_PAIR                              121
-# define BIO_F_BIO_NEW                                    108
-# define BIO_F_BIO_NEW_FILE                               109
-# define BIO_F_BIO_NEW_MEM_BUF                            126
-# define BIO_F_BIO_NREAD                                  123
-# define BIO_F_BIO_NREAD0                                 124
-# define BIO_F_BIO_NWRITE                                 125
-# define BIO_F_BIO_NWRITE0                                122
-# define BIO_F_BIO_PUTS                                   110
-# define BIO_F_BIO_READ                                   111
-# define BIO_F_BIO_SOCK_INIT                              112
-# define BIO_F_BIO_WRITE                                  113
-# define BIO_F_BUFFER_CTRL                                114
-# define BIO_F_CONN_CTRL                                  127
-# define BIO_F_CONN_STATE                                 115
-# define BIO_F_DGRAM_SCTP_READ                            132
-# define BIO_F_DGRAM_SCTP_WRITE                           133
-# define BIO_F_FILE_CTRL                                  116
-# define BIO_F_FILE_READ                                  130
-# define BIO_F_LINEBUFFER_CTRL                            129
-# define BIO_F_MEM_READ                                   128
-# define BIO_F_MEM_WRITE                                  117
-# define BIO_F_SSL_NEW                                    118
-# define BIO_F_WSASTARTUP                                 119
-
-/* Reason codes. */
-# define BIO_R_ACCEPT_ERROR                               100
-# define BIO_R_BAD_FOPEN_MODE                             101
-# define BIO_R_BAD_HOSTNAME_LOOKUP                        102
-# define BIO_R_BROKEN_PIPE                                124
-# define BIO_R_CONNECT_ERROR                              103
-# define BIO_R_EOF_ON_MEMORY_BIO                          127
-# define BIO_R_ERROR_SETTING_NBIO                         104
-# define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET      105
-# define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET        106
-# define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET          107
-# define BIO_R_INVALID_ARGUMENT                           125
-# define BIO_R_INVALID_IP_ADDRESS                         108
-# define BIO_R_IN_USE                                     123
-# define BIO_R_KEEPALIVE                                  109
-# define BIO_R_NBIO_CONNECT_ERROR                         110
-# define BIO_R_NO_ACCEPT_PORT_SPECIFIED                   111
-# define BIO_R_NO_HOSTNAME_SPECIFIED                      112
-# define BIO_R_NO_PORT_DEFINED                            113
-# define BIO_R_NO_PORT_SPECIFIED                          114
-# define BIO_R_NO_SUCH_FILE                               128
-# define BIO_R_NULL_PARAMETER                             115
-# define BIO_R_TAG_MISMATCH                               116
-# define BIO_R_UNABLE_TO_BIND_SOCKET                      117
-# define BIO_R_UNABLE_TO_CREATE_SOCKET                    118
-# define BIO_R_UNABLE_TO_LISTEN_SOCKET                    119
-# define BIO_R_UNINITIALIZED                              120
-# define BIO_R_UNSUPPORTED_METHOD                         121
-# define BIO_R_WRITE_TO_READ_ONLY_BIO                     126
-# define BIO_R_WSASTARTUP                                 122
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/blowfish.h b/thirdparty/openssl/openssl/blowfish.h
deleted file mode 100644
index 832930272c..0000000000
--- a/thirdparty/openssl/openssl/blowfish.h
+++ /dev/null
@@ -1,130 +0,0 @@
-/* crypto/bf/blowfish.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BLOWFISH_H
-# define HEADER_BLOWFISH_H
-
-# include <openssl/e_os2.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# ifdef OPENSSL_NO_BF
-#  error BF is disabled.
-# endif
-
-# define BF_ENCRYPT      1
-# define BF_DECRYPT      0
-
-/*-
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- * ! BF_LONG has to be at least 32 bits wide. If it's wider, then !
- * ! BF_LONG_LOG2 has to be defined along.                        !
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- */
-
-# if defined(__LP32__)
-#  define BF_LONG unsigned long
-# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
-#  define BF_LONG unsigned long
-#  define BF_LONG_LOG2 3
-/*
- * _CRAY note. I could declare short, but I have no idea what impact
- * does it have on performance on none-T3E machines. I could declare
- * int, but at least on C90 sizeof(int) can be chosen at compile time.
- * So I've chosen long...
- *                                      <appro@fy.chalmers.se>
- */
-# else
-#  define BF_LONG unsigned int
-# endif
-
-# define BF_ROUNDS       16
-# define BF_BLOCK        8
-
-typedef struct bf_key_st {
-    BF_LONG P[BF_ROUNDS + 2];
-    BF_LONG S[4 * 256];
-} BF_KEY;
-
-# ifdef OPENSSL_FIPS
-void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data);
-# endif
-void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
-
-void BF_encrypt(BF_LONG *data, const BF_KEY *key);
-void BF_decrypt(BF_LONG *data, const BF_KEY *key);
-
-void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
-                    const BF_KEY *key, int enc);
-void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-                    const BF_KEY *schedule, unsigned char *ivec, int enc);
-void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-                      long length, const BF_KEY *schedule,
-                      unsigned char *ivec, int *num, int enc);
-void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-                      long length, const BF_KEY *schedule,
-                      unsigned char *ivec, int *num);
-const char *BF_options(void);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/openssl/bn.h b/thirdparty/openssl/openssl/bn.h
deleted file mode 100644
index 633d1b1f60..0000000000
--- a/thirdparty/openssl/openssl/bn.h
+++ /dev/null
@@ -1,951 +0,0 @@
-/* crypto/bn/bn.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the Eric Young open source
- * license provided above.
- *
- * The binary polynomial arithmetic software is originally written by
- * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-#ifndef HEADER_BN_H
-# define HEADER_BN_H
-
-# include <limits.h>
-# include <openssl/e_os2.h>
-# ifndef OPENSSL_NO_FP_API
-#  include <stdio.h>            /* FILE */
-# endif
-# include <openssl/ossl_typ.h>
-# include <openssl/crypto.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/*
- * These preprocessor symbols control various aspects of the bignum headers
- * and library code. They're not defined by any "normal" configuration, as
- * they are intended for development and testing purposes. NB: defining all
- * three can be useful for debugging application code as well as openssl
- * itself. BN_DEBUG - turn on various debugging alterations to the bignum
- * code BN_DEBUG_RAND - uses random poisoning of unused words to trip up
- * mismanagement of bignum internals. You must also define BN_DEBUG.
- */
-/* #define BN_DEBUG */
-/* #define BN_DEBUG_RAND */
-
-# ifndef OPENSSL_SMALL_FOOTPRINT
-#  define BN_MUL_COMBA
-#  define BN_SQR_COMBA
-#  define BN_RECURSION
-# endif
-
-/*
- * This next option uses the C libraries (2 word)/(1 word) function. If it is
- * not defined, I use my C version (which is slower). The reason for this
- * flag is that when the particular C compiler library routine is used, and
- * the library is linked with a different compiler, the library is missing.
- * This mostly happens when the library is built with gcc and then linked
- * using normal cc.  This would be a common occurrence because gcc normally
- * produces code that is 2 times faster than system compilers for the big
- * number stuff. For machines with only one compiler (or shared libraries),
- * this should be on.  Again this in only really a problem on machines using
- * "long long's", are 32bit, and are not using my assembler code.
- */
-# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || \
-    defined(OPENSSL_SYS_WIN32) || defined(linux)
-#  ifndef BN_DIV2W
-#   define BN_DIV2W
-#  endif
-# endif
-
-/*
- * assuming long is 64bit - this is the DEC Alpha unsigned long long is only
- * 64 bits :-(, don't define BN_LLONG for the DEC Alpha
- */
-# ifdef SIXTY_FOUR_BIT_LONG
-#  define BN_ULLONG       unsigned long long
-#  define BN_ULONG        unsigned long
-#  define BN_LONG         long
-#  define BN_BITS         128
-#  define BN_BYTES        8
-#  define BN_BITS2        64
-#  define BN_BITS4        32
-#  define BN_MASK         (0xffffffffffffffffffffffffffffffffLL)
-#  define BN_MASK2        (0xffffffffffffffffL)
-#  define BN_MASK2l       (0xffffffffL)
-#  define BN_MASK2h       (0xffffffff00000000L)
-#  define BN_MASK2h1      (0xffffffff80000000L)
-#  define BN_TBIT         (0x8000000000000000L)
-#  define BN_DEC_CONV     (10000000000000000000UL)
-#  define BN_DEC_FMT1     "%lu"
-#  define BN_DEC_FMT2     "%019lu"
-#  define BN_DEC_NUM      19
-#  define BN_HEX_FMT1     "%lX"
-#  define BN_HEX_FMT2     "%016lX"
-# endif
-
-/*
- * This is where the long long data type is 64 bits, but long is 32. For
- * machines where there are 64bit registers, this is the mode to use. IRIX,
- * on R4000 and above should use this mode, along with the relevant assembler
- * code :-).  Do NOT define BN_LLONG.
- */
-# ifdef SIXTY_FOUR_BIT
-#  undef BN_LLONG
-#  undef BN_ULLONG
-#  define BN_ULONG        unsigned long long
-#  define BN_LONG         long long
-#  define BN_BITS         128
-#  define BN_BYTES        8
-#  define BN_BITS2        64
-#  define BN_BITS4        32
-#  define BN_MASK2        (0xffffffffffffffffLL)
-#  define BN_MASK2l       (0xffffffffL)
-#  define BN_MASK2h       (0xffffffff00000000LL)
-#  define BN_MASK2h1      (0xffffffff80000000LL)
-#  define BN_TBIT         (0x8000000000000000LL)
-#  define BN_DEC_CONV     (10000000000000000000ULL)
-#  define BN_DEC_FMT1     "%llu"
-#  define BN_DEC_FMT2     "%019llu"
-#  define BN_DEC_NUM      19
-#  define BN_HEX_FMT1     "%llX"
-#  define BN_HEX_FMT2     "%016llX"
-# endif
-
-# ifdef THIRTY_TWO_BIT
-#  ifdef BN_LLONG
-#   if defined(_WIN32) && !defined(__GNUC__)
-#    define BN_ULLONG     unsigned __int64
-#    define BN_MASK       (0xffffffffffffffffI64)
-#   else
-#    define BN_ULLONG     unsigned long long
-#    define BN_MASK       (0xffffffffffffffffLL)
-#   endif
-#  endif
-#  define BN_ULONG        unsigned int
-#  define BN_LONG         int
-#  define BN_BITS         64
-#  define BN_BYTES        4
-#  define BN_BITS2        32
-#  define BN_BITS4        16
-#  define BN_MASK2        (0xffffffffL)
-#  define BN_MASK2l       (0xffff)
-#  define BN_MASK2h1      (0xffff8000L)
-#  define BN_MASK2h       (0xffff0000L)
-#  define BN_TBIT         (0x80000000L)
-#  define BN_DEC_CONV     (1000000000L)
-#  define BN_DEC_FMT1     "%u"
-#  define BN_DEC_FMT2     "%09u"
-#  define BN_DEC_NUM      9
-#  define BN_HEX_FMT1     "%X"
-#  define BN_HEX_FMT2     "%08X"
-# endif
-
-# define BN_DEFAULT_BITS 1280
-
-# define BN_FLG_MALLOCED         0x01
-# define BN_FLG_STATIC_DATA      0x02
-
-/*
- * avoid leaking exponent information through timing,
- * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
- * BN_div() will call BN_div_no_branch,
- * BN_mod_inverse() will call BN_mod_inverse_no_branch.
- */
-# define BN_FLG_CONSTTIME        0x04
-
-# ifdef OPENSSL_NO_DEPRECATED
-/* deprecated name for the flag */
-#  define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME
-/*
- * avoid leaking exponent information through timings
- * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime)
- */
-# endif
-
-# ifndef OPENSSL_NO_DEPRECATED
-#  define BN_FLG_FREE             0x8000
-                                       /* used for debuging */
-# endif
-# define BN_set_flags(b,n)       ((b)->flags|=(n))
-# define BN_get_flags(b,n)       ((b)->flags&(n))
-
-/*
- * get a clone of a BIGNUM with changed flags, for *temporary* use only (the
- * two BIGNUMs cannot not be used in parallel!)
- */
-# define BN_with_flags(dest,b,n)  ((dest)->d=(b)->d, \
-                                  (dest)->top=(b)->top, \
-                                  (dest)->dmax=(b)->dmax, \
-                                  (dest)->neg=(b)->neg, \
-                                  (dest)->flags=(((dest)->flags & BN_FLG_MALLOCED) \
-                                                 |  ((b)->flags & ~BN_FLG_MALLOCED) \
-                                                 |  BN_FLG_STATIC_DATA \
-                                                 |  (n)))
-
-/* Already declared in ossl_typ.h */
-# if 0
-typedef struct bignum_st BIGNUM;
-/* Used for temp variables (declaration hidden in bn_lcl.h) */
-typedef struct bignum_ctx BN_CTX;
-typedef struct bn_blinding_st BN_BLINDING;
-typedef struct bn_mont_ctx_st BN_MONT_CTX;
-typedef struct bn_recp_ctx_st BN_RECP_CTX;
-typedef struct bn_gencb_st BN_GENCB;
-# endif
-
-struct bignum_st {
-    BN_ULONG *d;                /* Pointer to an array of 'BN_BITS2' bit
-                                 * chunks. */
-    int top;                    /* Index of last used d +1. */
-    /* The next are internal book keeping for bn_expand. */
-    int dmax;                   /* Size of the d array. */
-    int neg;                    /* one if the number is negative */
-    int flags;
-};
-
-/* Used for montgomery multiplication */
-struct bn_mont_ctx_st {
-    int ri;                     /* number of bits in R */
-    BIGNUM RR;                  /* used to convert to montgomery form */
-    BIGNUM N;                   /* The modulus */
-    BIGNUM Ni;                  /* R*(1/R mod N) - N*Ni = 1 (Ni is only
-                                 * stored for bignum algorithm) */
-    BN_ULONG n0[2];             /* least significant word(s) of Ni; (type
-                                 * changed with 0.9.9, was "BN_ULONG n0;"
-                                 * before) */
-    int flags;
-};
-
-/*
- * Used for reciprocal division/mod functions It cannot be shared between
- * threads
- */
-struct bn_recp_ctx_st {
-    BIGNUM N;                   /* the divisor */
-    BIGNUM Nr;                  /* the reciprocal */
-    int num_bits;
-    int shift;
-    int flags;
-};
-
-/* Used for slow "generation" functions. */
-struct bn_gencb_st {
-    unsigned int ver;           /* To handle binary (in)compatibility */
-    void *arg;                  /* callback-specific data */
-    union {
-        /* if(ver==1) - handles old style callbacks */
-        void (*cb_1) (int, int, void *);
-        /* if(ver==2) - new callback style */
-        int (*cb_2) (int, int, BN_GENCB *);
-    } cb;
-};
-/* Wrapper function to make using BN_GENCB easier,  */
-int BN_GENCB_call(BN_GENCB *cb, int a, int b);
-/* Macro to populate a BN_GENCB structure with an "old"-style callback */
-# define BN_GENCB_set_old(gencb, callback, cb_arg) { \
-                BN_GENCB *tmp_gencb = (gencb); \
-                tmp_gencb->ver = 1; \
-                tmp_gencb->arg = (cb_arg); \
-                tmp_gencb->cb.cb_1 = (callback); }
-/* Macro to populate a BN_GENCB structure with a "new"-style callback */
-# define BN_GENCB_set(gencb, callback, cb_arg) { \
-                BN_GENCB *tmp_gencb = (gencb); \
-                tmp_gencb->ver = 2; \
-                tmp_gencb->arg = (cb_arg); \
-                tmp_gencb->cb.cb_2 = (callback); }
-
-# define BN_prime_checks 0      /* default: select number of iterations based
-                                 * on the size of the number */
-
-/*
- * number of Miller-Rabin iterations for an error rate of less than 2^-80 for
- * random 'b'-bit input, b >= 100 (taken from table 4.4 in the Handbook of
- * Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996];
- * original paper: Damgaard, Landrock, Pomerance: Average case error
- * estimates for the strong probable prime test. -- Math. Comp. 61 (1993)
- * 177-194)
- */
-# define BN_prime_checks_for_size(b) ((b) >= 1300 ?  2 : \
-                                (b) >=  850 ?  3 : \
-                                (b) >=  650 ?  4 : \
-                                (b) >=  550 ?  5 : \
-                                (b) >=  450 ?  6 : \
-                                (b) >=  400 ?  7 : \
-                                (b) >=  350 ?  8 : \
-                                (b) >=  300 ?  9 : \
-                                (b) >=  250 ? 12 : \
-                                (b) >=  200 ? 15 : \
-                                (b) >=  150 ? 18 : \
-                                /* b >= 100 */ 27)
-
-# define BN_num_bytes(a) ((BN_num_bits(a)+7)/8)
-
-/* Note that BN_abs_is_word didn't work reliably for w == 0 until 0.9.8 */
-# define BN_abs_is_word(a,w) ((((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) || \
-                                (((w) == 0) && ((a)->top == 0)))
-# define BN_is_zero(a)       ((a)->top == 0)
-# define BN_is_one(a)        (BN_abs_is_word((a),1) && !(a)->neg)
-# define BN_is_word(a,w)     (BN_abs_is_word((a),(w)) && (!(w) || !(a)->neg))
-# define BN_is_odd(a)        (((a)->top > 0) && ((a)->d[0] & 1))
-
-# define BN_one(a)       (BN_set_word((a),1))
-# define BN_zero_ex(a) \
-        do { \
-                BIGNUM *_tmp_bn = (a); \
-                _tmp_bn->top = 0; \
-                _tmp_bn->neg = 0; \
-        } while(0)
-# ifdef OPENSSL_NO_DEPRECATED
-#  define BN_zero(a)      BN_zero_ex(a)
-# else
-#  define BN_zero(a)      (BN_set_word((a),0))
-# endif
-
-const BIGNUM *BN_value_one(void);
-char *BN_options(void);
-BN_CTX *BN_CTX_new(void);
-# ifndef OPENSSL_NO_DEPRECATED
-void BN_CTX_init(BN_CTX *c);
-# endif
-void BN_CTX_free(BN_CTX *c);
-void BN_CTX_start(BN_CTX *ctx);
-BIGNUM *BN_CTX_get(BN_CTX *ctx);
-void BN_CTX_end(BN_CTX *ctx);
-int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
-int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
-int BN_rand_range(BIGNUM *rnd, const BIGNUM *range);
-int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range);
-int BN_num_bits(const BIGNUM *a);
-int BN_num_bits_word(BN_ULONG);
-BIGNUM *BN_new(void);
-void BN_init(BIGNUM *);
-void BN_clear_free(BIGNUM *a);
-BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
-void BN_swap(BIGNUM *a, BIGNUM *b);
-BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
-int BN_bn2bin(const BIGNUM *a, unsigned char *to);
-BIGNUM *BN_mpi2bn(const unsigned char *s, int len, BIGNUM *ret);
-int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
-int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
-/** BN_set_negative sets sign of a BIGNUM
- * \param  b  pointer to the BIGNUM object
- * \param  n  0 if the BIGNUM b should be positive and a value != 0 otherwise
- */
-void BN_set_negative(BIGNUM *b, int n);
-/** BN_is_negative returns 1 if the BIGNUM is negative
- * \param  a  pointer to the BIGNUM object
- * \return 1 if a < 0 and 0 otherwise
- */
-# define BN_is_negative(a) ((a)->neg != 0)
-
-int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
-           BN_CTX *ctx);
-# define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx))
-int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx);
-int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
-               BN_CTX *ctx);
-int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-                     const BIGNUM *m);
-int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
-               BN_CTX *ctx);
-int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-                     const BIGNUM *m);
-int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
-               BN_CTX *ctx);
-int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
-int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
-int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m);
-int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m,
-                  BN_CTX *ctx);
-int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m);
-
-BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
-BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
-int BN_mul_word(BIGNUM *a, BN_ULONG w);
-int BN_add_word(BIGNUM *a, BN_ULONG w);
-int BN_sub_word(BIGNUM *a, BN_ULONG w);
-int BN_set_word(BIGNUM *a, BN_ULONG w);
-BN_ULONG BN_get_word(const BIGNUM *a);
-
-int BN_cmp(const BIGNUM *a, const BIGNUM *b);
-void BN_free(BIGNUM *a);
-int BN_is_bit_set(const BIGNUM *a, int n);
-int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
-int BN_lshift1(BIGNUM *r, const BIGNUM *a);
-int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-
-int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-               const BIGNUM *m, BN_CTX *ctx);
-int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
-                              const BIGNUM *m, BN_CTX *ctx,
-                              BN_MONT_CTX *in_mont);
-int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
-                         const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1,
-                     const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m,
-                     BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                      const BIGNUM *m, BN_CTX *ctx);
-
-int BN_mask_bits(BIGNUM *a, int n);
-# ifndef OPENSSL_NO_FP_API
-int BN_print_fp(FILE *fp, const BIGNUM *a);
-# endif
-# ifdef HEADER_BIO_H
-int BN_print(BIO *fp, const BIGNUM *a);
-# else
-int BN_print(void *fp, const BIGNUM *a);
-# endif
-int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx);
-int BN_rshift(BIGNUM *r, const BIGNUM *a, int n);
-int BN_rshift1(BIGNUM *r, const BIGNUM *a);
-void BN_clear(BIGNUM *a);
-BIGNUM *BN_dup(const BIGNUM *a);
-int BN_ucmp(const BIGNUM *a, const BIGNUM *b);
-int BN_set_bit(BIGNUM *a, int n);
-int BN_clear_bit(BIGNUM *a, int n);
-char *BN_bn2hex(const BIGNUM *a);
-char *BN_bn2dec(const BIGNUM *a);
-int BN_hex2bn(BIGNUM **a, const char *str);
-int BN_dec2bn(BIGNUM **a, const char *str);
-int BN_asc2bn(BIGNUM **a, const char *str);
-int BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); /* returns
-                                                                  * -2 for
-                                                                  * error */
-BIGNUM *BN_mod_inverse(BIGNUM *ret,
-                       const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
-BIGNUM *BN_mod_sqrt(BIGNUM *ret,
-                    const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
-
-void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords);
-
-/* Deprecated versions */
-# ifndef OPENSSL_NO_DEPRECATED
-BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
-                          const BIGNUM *add, const BIGNUM *rem,
-                          void (*callback) (int, int, void *), void *cb_arg);
-int BN_is_prime(const BIGNUM *p, int nchecks,
-                void (*callback) (int, int, void *),
-                BN_CTX *ctx, void *cb_arg);
-int BN_is_prime_fasttest(const BIGNUM *p, int nchecks,
-                         void (*callback) (int, int, void *), BN_CTX *ctx,
-                         void *cb_arg, int do_trial_division);
-# endif                         /* !defined(OPENSSL_NO_DEPRECATED) */
-
-/* Newer versions */
-int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
-                         const BIGNUM *rem, BN_GENCB *cb);
-int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
-int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
-                            int do_trial_division, BN_GENCB *cb);
-
-int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
-
-int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
-                            const BIGNUM *Xp, const BIGNUM *Xp1,
-                            const BIGNUM *Xp2, const BIGNUM *e, BN_CTX *ctx,
-                            BN_GENCB *cb);
-int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, BIGNUM *Xp1,
-                              BIGNUM *Xp2, const BIGNUM *Xp, const BIGNUM *e,
-                              BN_CTX *ctx, BN_GENCB *cb);
-
-BN_MONT_CTX *BN_MONT_CTX_new(void);
-void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
-int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-                          BN_MONT_CTX *mont, BN_CTX *ctx);
-# define BN_to_montgomery(r,a,mont,ctx)  BN_mod_mul_montgomery(\
-        (r),(a),&((mont)->RR),(mont),(ctx))
-int BN_from_montgomery(BIGNUM *r, const BIGNUM *a,
-                       BN_MONT_CTX *mont, BN_CTX *ctx);
-void BN_MONT_CTX_free(BN_MONT_CTX *mont);
-int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx);
-BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
-BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
-                                    const BIGNUM *mod, BN_CTX *ctx);
-
-/* BN_BLINDING flags */
-# define BN_BLINDING_NO_UPDATE   0x00000001
-# define BN_BLINDING_NO_RECREATE 0x00000002
-
-BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod);
-void BN_BLINDING_free(BN_BLINDING *b);
-int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
-int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
-int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
-int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
-int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
-                          BN_CTX *);
-# ifndef OPENSSL_NO_DEPRECATED
-unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
-void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
-# endif
-CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
-unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
-void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
-BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
-                                      const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
-                                      int (*bn_mod_exp) (BIGNUM *r,
-                                                         const BIGNUM *a,
-                                                         const BIGNUM *p,
-                                                         const BIGNUM *m,
-                                                         BN_CTX *ctx,
-                                                         BN_MONT_CTX *m_ctx),
-                                      BN_MONT_CTX *m_ctx);
-
-# ifndef OPENSSL_NO_DEPRECATED
-void BN_set_params(int mul, int high, int low, int mont);
-int BN_get_params(int which);   /* 0, mul, 1 high, 2 low, 3 mont */
-# endif
-
-void BN_RECP_CTX_init(BN_RECP_CTX *recp);
-BN_RECP_CTX *BN_RECP_CTX_new(void);
-void BN_RECP_CTX_free(BN_RECP_CTX *recp);
-int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *rdiv, BN_CTX *ctx);
-int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
-                          BN_RECP_CTX *recp, BN_CTX *ctx);
-int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                    const BIGNUM *m, BN_CTX *ctx);
-int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
-                BN_RECP_CTX *recp, BN_CTX *ctx);
-
-# ifndef OPENSSL_NO_EC2M
-
-/*
- * Functions for arithmetic over binary polynomials represented by BIGNUMs.
- * The BIGNUM::neg property of BIGNUMs representing binary polynomials is
- * ignored. Note that input arguments are not const so that their bit arrays
- * can be expanded to the appropriate size if needed.
- */
-
-/*
- * r = a + b
- */
-int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-#  define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b)
-/*
- * r=a mod p
- */
-int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p);
-/* r = (a * b) mod p */
-int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-                    const BIGNUM *p, BN_CTX *ctx);
-/* r = (a * a) mod p */
-int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-/* r = (1 / b) mod p */
-int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx);
-/* r = (a / b) mod p */
-int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-                    const BIGNUM *p, BN_CTX *ctx);
-/* r = (a ^ b) mod p */
-int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-                    const BIGNUM *p, BN_CTX *ctx);
-/* r = sqrt(a) mod p */
-int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                     BN_CTX *ctx);
-/* r^2 + r = a mod p */
-int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                           BN_CTX *ctx);
-#  define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))
-/*-
- * Some functions allow for representation of the irreducible polynomials
- * as an unsigned int[], say p.  The irreducible f(t) is then of the form:
- *     t^p[0] + t^p[1] + ... + t^p[k]
- * where m = p[0] > p[1] > ... > p[k] = 0.
- */
-/* r = a mod p */
-int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]);
-/* r = (a * b) mod p */
-int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-                        const int p[], BN_CTX *ctx);
-/* r = (a * a) mod p */
-int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[],
-                        BN_CTX *ctx);
-/* r = (1 / b) mod p */
-int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const int p[],
-                        BN_CTX *ctx);
-/* r = (a / b) mod p */
-int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-                        const int p[], BN_CTX *ctx);
-/* r = (a ^ b) mod p */
-int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-                        const int p[], BN_CTX *ctx);
-/* r = sqrt(a) mod p */
-int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a,
-                         const int p[], BN_CTX *ctx);
-/* r^2 + r = a mod p */
-int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a,
-                               const int p[], BN_CTX *ctx);
-int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max);
-int BN_GF2m_arr2poly(const int p[], BIGNUM *a);
-
-# endif
-
-/*
- * faster mod functions for the 'NIST primes' 0 <= a < p^2
- */
-int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-
-const BIGNUM *BN_get0_nist_prime_192(void);
-const BIGNUM *BN_get0_nist_prime_224(void);
-const BIGNUM *BN_get0_nist_prime_256(void);
-const BIGNUM *BN_get0_nist_prime_384(void);
-const BIGNUM *BN_get0_nist_prime_521(void);
-
-/* library internal functions */
-
-# define bn_expand(a,bits) \
-    ( \
-        bits > (INT_MAX - BN_BITS2 + 1) ? \
-            NULL \
-        : \
-            (((bits+BN_BITS2-1)/BN_BITS2) <= (a)->dmax) ? \
-                (a) \
-            : \
-                bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2) \
-    )
-
-# define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
-BIGNUM *bn_expand2(BIGNUM *a, int words);
-# ifndef OPENSSL_NO_DEPRECATED
-BIGNUM *bn_dup_expand(const BIGNUM *a, int words); /* unused */
-# endif
-
-/*-
- * Bignum consistency macros
- * There is one "API" macro, bn_fix_top(), for stripping leading zeroes from
- * bignum data after direct manipulations on the data. There is also an
- * "internal" macro, bn_check_top(), for verifying that there are no leading
- * zeroes. Unfortunately, some auditing is required due to the fact that
- * bn_fix_top() has become an overabused duct-tape because bignum data is
- * occasionally passed around in an inconsistent state. So the following
- * changes have been made to sort this out;
- * - bn_fix_top()s implementation has been moved to bn_correct_top()
- * - if BN_DEBUG isn't defined, bn_fix_top() maps to bn_correct_top(), and
- *   bn_check_top() is as before.
- * - if BN_DEBUG *is* defined;
- *   - bn_check_top() tries to pollute unused words even if the bignum 'top' is
- *     consistent. (ed: only if BN_DEBUG_RAND is defined)
- *   - bn_fix_top() maps to bn_check_top() rather than "fixing" anything.
- * The idea is to have debug builds flag up inconsistent bignums when they
- * occur. If that occurs in a bn_fix_top(), we examine the code in question; if
- * the use of bn_fix_top() was appropriate (ie. it follows directly after code
- * that manipulates the bignum) it is converted to bn_correct_top(), and if it
- * was not appropriate, we convert it permanently to bn_check_top() and track
- * down the cause of the bug. Eventually, no internal code should be using the
- * bn_fix_top() macro. External applications and libraries should try this with
- * their own code too, both in terms of building against the openssl headers
- * with BN_DEBUG defined *and* linking with a version of OpenSSL built with it
- * defined. This not only improves external code, it provides more test
- * coverage for openssl's own code.
- */
-
-# ifdef BN_DEBUG
-
-/* We only need assert() when debugging */
-#  include <assert.h>
-
-#  ifdef BN_DEBUG_RAND
-/* To avoid "make update" cvs wars due to BN_DEBUG, use some tricks */
-#   ifndef RAND_pseudo_bytes
-int RAND_pseudo_bytes(unsigned char *buf, int num);
-#    define BN_DEBUG_TRIX
-#   endif
-#   define bn_pollute(a) \
-        do { \
-                const BIGNUM *_bnum1 = (a); \
-                if(_bnum1->top < _bnum1->dmax) { \
-                        unsigned char _tmp_char; \
-                        /* We cast away const without the compiler knowing, any \
-                         * *genuinely* constant variables that aren't mutable \
-                         * wouldn't be constructed with top!=dmax. */ \
-                        BN_ULONG *_not_const; \
-                        memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \
-                        /* Debug only - safe to ignore error return */ \
-                        RAND_pseudo_bytes(&_tmp_char, 1); \
-                        memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \
-                                (_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \
-                } \
-        } while(0)
-#   ifdef BN_DEBUG_TRIX
-#    undef RAND_pseudo_bytes
-#   endif
-#  else
-#   define bn_pollute(a)
-#  endif
-#  define bn_check_top(a) \
-        do { \
-                const BIGNUM *_bnum2 = (a); \
-                if (_bnum2 != NULL) { \
-                        assert((_bnum2->top == 0) || \
-                                (_bnum2->d[_bnum2->top - 1] != 0)); \
-                        bn_pollute(_bnum2); \
-                } \
-        } while(0)
-
-#  define bn_fix_top(a)           bn_check_top(a)
-
-#  define bn_check_size(bn, bits) bn_wcheck_size(bn, ((bits+BN_BITS2-1))/BN_BITS2)
-#  define bn_wcheck_size(bn, words) \
-        do { \
-                const BIGNUM *_bnum2 = (bn); \
-                assert((words) <= (_bnum2)->dmax && (words) >= (_bnum2)->top); \
-                /* avoid unused variable warning with NDEBUG */ \
-                (void)(_bnum2); \
-        } while(0)
-
-# else                          /* !BN_DEBUG */
-
-#  define bn_pollute(a)
-#  define bn_check_top(a)
-#  define bn_fix_top(a)           bn_correct_top(a)
-#  define bn_check_size(bn, bits)
-#  define bn_wcheck_size(bn, words)
-
-# endif
-
-# define bn_correct_top(a) \
-        { \
-        BN_ULONG *ftl; \
-        int tmp_top = (a)->top; \
-        if (tmp_top > 0) \
-                { \
-                for (ftl= &((a)->d[tmp_top-1]); tmp_top > 0; tmp_top--) \
-                        if (*(ftl--)) break; \
-                (a)->top = tmp_top; \
-                } \
-        if ((a)->top == 0) \
-            (a)->neg = 0; \
-        bn_pollute(a); \
-        }
-
-BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num,
-                          BN_ULONG w);
-BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
-void bn_sqr_words(BN_ULONG *rp, const BN_ULONG *ap, int num);
-BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
-BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
-                      int num);
-BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
-                      int num);
-
-/* Primes from RFC 2409 */
-BIGNUM *get_rfc2409_prime_768(BIGNUM *bn);
-BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn);
-
-/* Primes from RFC 3526 */
-BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn);
-
-int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_BN_strings(void);
-
-/* Error codes for the BN functions. */
-
-/* Function codes. */
-# define BN_F_BNRAND                                      127
-# define BN_F_BN_BLINDING_CONVERT_EX                      100
-# define BN_F_BN_BLINDING_CREATE_PARAM                    128
-# define BN_F_BN_BLINDING_INVERT_EX                       101
-# define BN_F_BN_BLINDING_NEW                             102
-# define BN_F_BN_BLINDING_UPDATE                          103
-# define BN_F_BN_BN2DEC                                   104
-# define BN_F_BN_BN2HEX                                   105
-# define BN_F_BN_CTX_GET                                  116
-# define BN_F_BN_CTX_NEW                                  106
-# define BN_F_BN_CTX_START                                129
-# define BN_F_BN_DIV                                      107
-# define BN_F_BN_DIV_NO_BRANCH                            138
-# define BN_F_BN_DIV_RECP                                 130
-# define BN_F_BN_EXP                                      123
-# define BN_F_BN_EXPAND2                                  108
-# define BN_F_BN_EXPAND_INTERNAL                          120
-# define BN_F_BN_GF2M_MOD                                 131
-# define BN_F_BN_GF2M_MOD_EXP                             132
-# define BN_F_BN_GF2M_MOD_MUL                             133
-# define BN_F_BN_GF2M_MOD_SOLVE_QUAD                      134
-# define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR                  135
-# define BN_F_BN_GF2M_MOD_SQR                             136
-# define BN_F_BN_GF2M_MOD_SQRT                            137
-# define BN_F_BN_LSHIFT                                   145
-# define BN_F_BN_MOD_EXP2_MONT                            118
-# define BN_F_BN_MOD_EXP_MONT                             109
-# define BN_F_BN_MOD_EXP_MONT_CONSTTIME                   124
-# define BN_F_BN_MOD_EXP_MONT_WORD                        117
-# define BN_F_BN_MOD_EXP_RECP                             125
-# define BN_F_BN_MOD_EXP_SIMPLE                           126
-# define BN_F_BN_MOD_INVERSE                              110
-# define BN_F_BN_MOD_INVERSE_NO_BRANCH                    139
-# define BN_F_BN_MOD_LSHIFT_QUICK                         119
-# define BN_F_BN_MOD_MUL_RECIPROCAL                       111
-# define BN_F_BN_MOD_SQRT                                 121
-# define BN_F_BN_MPI2BN                                   112
-# define BN_F_BN_NEW                                      113
-# define BN_F_BN_RAND                                     114
-# define BN_F_BN_RAND_RANGE                               122
-# define BN_F_BN_RSHIFT                                   146
-# define BN_F_BN_USUB                                     115
-
-/* Reason codes. */
-# define BN_R_ARG2_LT_ARG3                                100
-# define BN_R_BAD_RECIPROCAL                              101
-# define BN_R_BIGNUM_TOO_LONG                             114
-# define BN_R_BITS_TOO_SMALL                              118
-# define BN_R_CALLED_WITH_EVEN_MODULUS                    102
-# define BN_R_DIV_BY_ZERO                                 103
-# define BN_R_ENCODING_ERROR                              104
-# define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA                105
-# define BN_R_INPUT_NOT_REDUCED                           110
-# define BN_R_INVALID_LENGTH                              106
-# define BN_R_INVALID_RANGE                               115
-# define BN_R_INVALID_SHIFT                               119
-# define BN_R_NOT_A_SQUARE                                111
-# define BN_R_NOT_INITIALIZED                             107
-# define BN_R_NO_INVERSE                                  108
-# define BN_R_NO_SOLUTION                                 116
-# define BN_R_P_IS_NOT_PRIME                              112
-# define BN_R_TOO_MANY_ITERATIONS                         113
-# define BN_R_TOO_MANY_TEMPORARY_VARIABLES                109
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/buffer.h b/thirdparty/openssl/openssl/buffer.h
deleted file mode 100644
index efd240a5f9..0000000000
--- a/thirdparty/openssl/openssl/buffer.h
+++ /dev/null
@@ -1,125 +0,0 @@
-/* crypto/buffer/buffer.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BUFFER_H
-# define HEADER_BUFFER_H
-
-# include <openssl/ossl_typ.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# include <stddef.h>
-
-# if !defined(NO_SYS_TYPES_H)
-#  include <sys/types.h>
-# endif
-
-/* Already declared in ossl_typ.h */
-/* typedef struct buf_mem_st BUF_MEM; */
-
-struct buf_mem_st {
-    size_t length;              /* current number of bytes */
-    char *data;
-    size_t max;                 /* size of buffer */
-};
-
-BUF_MEM *BUF_MEM_new(void);
-void BUF_MEM_free(BUF_MEM *a);
-int BUF_MEM_grow(BUF_MEM *str, size_t len);
-int BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
-size_t BUF_strnlen(const char *str, size_t maxlen);
-char *BUF_strdup(const char *str);
-
-/*
- * Like strndup, but in addition, explicitly guarantees to never read past the
- * first |siz| bytes of |str|.
- */
-char *BUF_strndup(const char *str, size_t siz);
-
-void *BUF_memdup(const void *data, size_t siz);
-void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz);
-
-/* safe string functions */
-size_t BUF_strlcpy(char *dst, const char *src, size_t siz);
-size_t BUF_strlcat(char *dst, const char *src, size_t siz);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_BUF_strings(void);
-
-/* Error codes for the BUF functions. */
-
-/* Function codes. */
-# define BUF_F_BUF_MEMDUP                                 103
-# define BUF_F_BUF_MEM_GROW                               100
-# define BUF_F_BUF_MEM_GROW_CLEAN                         105
-# define BUF_F_BUF_MEM_NEW                                101
-# define BUF_F_BUF_STRDUP                                 102
-# define BUF_F_BUF_STRNDUP                                104
-
-/* Reason codes. */
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/camellia.h b/thirdparty/openssl/openssl/camellia.h
deleted file mode 100644
index 45e8d25b1d..0000000000
--- a/thirdparty/openssl/openssl/camellia.h
+++ /dev/null
@@ -1,132 +0,0 @@
-/* crypto/camellia/camellia.h */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef HEADER_CAMELLIA_H
-# define HEADER_CAMELLIA_H
-
-# include <openssl/opensslconf.h>
-
-# ifdef OPENSSL_NO_CAMELLIA
-#  error CAMELLIA is disabled.
-# endif
-
-# include <stddef.h>
-
-# define CAMELLIA_ENCRYPT        1
-# define CAMELLIA_DECRYPT        0
-
-/*
- * Because array size can't be a const in C, the following two are macros.
- * Both sizes are in bytes.
- */
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* This should be a hidden type, but EVP requires that the size be known */
-
-# define CAMELLIA_BLOCK_SIZE 16
-# define CAMELLIA_TABLE_BYTE_LEN 272
-# define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4)
-
-typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; /* to match
-                                                               * with WORD */
-
-struct camellia_key_st {
-    union {
-        double d;               /* ensures 64-bit align */
-        KEY_TABLE_TYPE rd_key;
-    } u;
-    int grand_rounds;
-};
-typedef struct camellia_key_st CAMELLIA_KEY;
-
-# ifdef OPENSSL_FIPS
-int private_Camellia_set_key(const unsigned char *userKey, const int bits,
-                             CAMELLIA_KEY *key);
-# endif
-int Camellia_set_key(const unsigned char *userKey, const int bits,
-                     CAMELLIA_KEY *key);
-
-void Camellia_encrypt(const unsigned char *in, unsigned char *out,
-                      const CAMELLIA_KEY *key);
-void Camellia_decrypt(const unsigned char *in, unsigned char *out,
-                      const CAMELLIA_KEY *key);
-
-void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
-                          const CAMELLIA_KEY *key, const int enc);
-void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
-                          size_t length, const CAMELLIA_KEY *key,
-                          unsigned char *ivec, const int enc);
-void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
-                             size_t length, const CAMELLIA_KEY *key,
-                             unsigned char *ivec, int *num, const int enc);
-void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
-                           size_t length, const CAMELLIA_KEY *key,
-                           unsigned char *ivec, int *num, const int enc);
-void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
-                           size_t length, const CAMELLIA_KEY *key,
-                           unsigned char *ivec, int *num, const int enc);
-void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
-                             size_t length, const CAMELLIA_KEY *key,
-                             unsigned char *ivec, int *num);
-void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
-                             size_t length, const CAMELLIA_KEY *key,
-                             unsigned char ivec[CAMELLIA_BLOCK_SIZE],
-                             unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
-                             unsigned int *num);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif                          /* !HEADER_Camellia_H */
diff --git a/thirdparty/openssl/openssl/cast.h b/thirdparty/openssl/openssl/cast.h
deleted file mode 100644
index 0003ec9c7c..0000000000
--- a/thirdparty/openssl/openssl/cast.h
+++ /dev/null
@@ -1,107 +0,0 @@
-/* crypto/cast/cast.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_CAST_H
-# define HEADER_CAST_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# include <openssl/opensslconf.h>
-
-# ifdef OPENSSL_NO_CAST
-#  error CAST is disabled.
-# endif
-
-# define CAST_ENCRYPT    1
-# define CAST_DECRYPT    0
-
-# define CAST_LONG unsigned int
-
-# define CAST_BLOCK      8
-# define CAST_KEY_LENGTH 16
-
-typedef struct cast_key_st {
-    CAST_LONG data[32];
-    int short_key;              /* Use reduced rounds for short key */
-} CAST_KEY;
-
-# ifdef OPENSSL_FIPS
-void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
-# endif
-void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
-void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
-                      const CAST_KEY *key, int enc);
-void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key);
-void CAST_decrypt(CAST_LONG *data, const CAST_KEY *key);
-void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out,
-                      long length, const CAST_KEY *ks, unsigned char *iv,
-                      int enc);
-void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-                        long length, const CAST_KEY *schedule,
-                        unsigned char *ivec, int *num, int enc);
-void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-                        long length, const CAST_KEY *schedule,
-                        unsigned char *ivec, int *num);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/openssl/cmac.h b/thirdparty/openssl/openssl/cmac.h
deleted file mode 100644
index 175be8348a..0000000000
--- a/thirdparty/openssl/openssl/cmac.h
+++ /dev/null
@@ -1,82 +0,0 @@
-/* crypto/cmac/cmac.h */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2010 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#ifndef HEADER_CMAC_H
-# define HEADER_CMAC_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# include <openssl/evp.h>
-
-/* Opaque */
-typedef struct CMAC_CTX_st CMAC_CTX;
-
-CMAC_CTX *CMAC_CTX_new(void);
-void CMAC_CTX_cleanup(CMAC_CTX *ctx);
-void CMAC_CTX_free(CMAC_CTX *ctx);
-EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx);
-int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in);
-
-int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
-              const EVP_CIPHER *cipher, ENGINE *impl);
-int CMAC_Update(CMAC_CTX *ctx, const void *data, size_t dlen);
-int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen);
-int CMAC_resume(CMAC_CTX *ctx);
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/cms.h b/thirdparty/openssl/openssl/cms.h
deleted file mode 100644
index e6c7f964bf..0000000000
--- a/thirdparty/openssl/openssl/cms.h
+++ /dev/null
@@ -1,555 +0,0 @@
-/* crypto/cms/cms.h */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#ifndef HEADER_CMS_H
-# define HEADER_CMS_H
-
-# include <openssl/x509.h>
-
-# ifdef OPENSSL_NO_CMS
-#  error CMS is disabled.
-# endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct CMS_ContentInfo_st CMS_ContentInfo;
-typedef struct CMS_SignerInfo_st CMS_SignerInfo;
-typedef struct CMS_CertificateChoices CMS_CertificateChoices;
-typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice;
-typedef struct CMS_RecipientInfo_st CMS_RecipientInfo;
-typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest;
-typedef struct CMS_Receipt_st CMS_Receipt;
-typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey;
-typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute;
-
-DECLARE_STACK_OF(CMS_SignerInfo)
-DECLARE_STACK_OF(GENERAL_NAMES)
-DECLARE_STACK_OF(CMS_RecipientEncryptedKey)
-DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
-DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
-DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
-
-# define CMS_SIGNERINFO_ISSUER_SERIAL    0
-# define CMS_SIGNERINFO_KEYIDENTIFIER    1
-
-# define CMS_RECIPINFO_NONE              -1
-# define CMS_RECIPINFO_TRANS             0
-# define CMS_RECIPINFO_AGREE             1
-# define CMS_RECIPINFO_KEK               2
-# define CMS_RECIPINFO_PASS              3
-# define CMS_RECIPINFO_OTHER             4
-
-/* S/MIME related flags */
-
-# define CMS_TEXT                        0x1
-# define CMS_NOCERTS                     0x2
-# define CMS_NO_CONTENT_VERIFY           0x4
-# define CMS_NO_ATTR_VERIFY              0x8
-# define CMS_NOSIGS                      \
-                        (CMS_NO_CONTENT_VERIFY|CMS_NO_ATTR_VERIFY)
-# define CMS_NOINTERN                    0x10
-# define CMS_NO_SIGNER_CERT_VERIFY       0x20
-# define CMS_NOVERIFY                    0x20
-# define CMS_DETACHED                    0x40
-# define CMS_BINARY                      0x80
-# define CMS_NOATTR                      0x100
-# define CMS_NOSMIMECAP                  0x200
-# define CMS_NOOLDMIMETYPE               0x400
-# define CMS_CRLFEOL                     0x800
-# define CMS_STREAM                      0x1000
-# define CMS_NOCRL                       0x2000
-# define CMS_PARTIAL                     0x4000
-# define CMS_REUSE_DIGEST                0x8000
-# define CMS_USE_KEYID                   0x10000
-# define CMS_DEBUG_DECRYPT               0x20000
-# define CMS_KEY_PARAM                   0x40000
-
-const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms);
-
-BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont);
-int CMS_dataFinal(CMS_ContentInfo *cms, BIO *bio);
-
-ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms);
-int CMS_is_detached(CMS_ContentInfo *cms);
-int CMS_set_detached(CMS_ContentInfo *cms, int detached);
-
-# ifdef HEADER_PEM_H
-DECLARE_PEM_rw_const(CMS, CMS_ContentInfo)
-# endif
-int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms);
-CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms);
-int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms);
-
-BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);
-int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
-int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in,
-                             int flags);
-CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont);
-int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags);
-
-int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont,
-              unsigned int flags);
-
-CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
-                          STACK_OF(X509) *certs, BIO *data,
-                          unsigned int flags);
-
-CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
-                                  X509 *signcert, EVP_PKEY *pkey,
-                                  STACK_OF(X509) *certs, unsigned int flags);
-
-int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags);
-CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);
-
-int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
-                      unsigned int flags);
-CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
-                                   unsigned int flags);
-
-int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
-                              const unsigned char *key, size_t keylen,
-                              BIO *dcont, BIO *out, unsigned int flags);
-
-CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
-                                           const unsigned char *key,
-                                           size_t keylen, unsigned int flags);
-
-int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
-                               const unsigned char *key, size_t keylen);
-
-int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
-               X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags);
-
-int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
-                       STACK_OF(X509) *certs,
-                       X509_STORE *store, unsigned int flags);
-
-STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
-
-CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
-                             const EVP_CIPHER *cipher, unsigned int flags);
-
-int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert,
-                BIO *dcont, BIO *out, unsigned int flags);
-
-int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert);
-int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
-                         unsigned char *key, size_t keylen,
-                         unsigned char *id, size_t idlen);
-int CMS_decrypt_set1_password(CMS_ContentInfo *cms,
-                              unsigned char *pass, ossl_ssize_t passlen);
-
-STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
-int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
-EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri);
-CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
-CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
-                                           X509 *recip, unsigned int flags);
-int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
-int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
-int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri,
-                                     EVP_PKEY **pk, X509 **recip,
-                                     X509_ALGOR **palg);
-int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
-                                          ASN1_OCTET_STRING **keyid,
-                                          X509_NAME **issuer,
-                                          ASN1_INTEGER **sno);
-
-CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
-                                          unsigned char *key, size_t keylen,
-                                          unsigned char *id, size_t idlen,
-                                          ASN1_GENERALIZEDTIME *date,
-                                          ASN1_OBJECT *otherTypeId,
-                                          ASN1_TYPE *otherType);
-
-int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri,
-                                    X509_ALGOR **palg,
-                                    ASN1_OCTET_STRING **pid,
-                                    ASN1_GENERALIZEDTIME **pdate,
-                                    ASN1_OBJECT **potherid,
-                                    ASN1_TYPE **pothertype);
-
-int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
-                               unsigned char *key, size_t keylen);
-
-int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
-                                   const unsigned char *id, size_t idlen);
-
-int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
-                                    unsigned char *pass,
-                                    ossl_ssize_t passlen);
-
-CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
-                                               int iter, int wrap_nid,
-                                               int pbe_nid,
-                                               unsigned char *pass,
-                                               ossl_ssize_t passlen,
-                                               const EVP_CIPHER *kekciph);
-
-int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
-int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
-
-int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
-                   unsigned int flags);
-CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags);
-
-int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid);
-const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms);
-
-CMS_CertificateChoices *CMS_add0_CertificateChoices(CMS_ContentInfo *cms);
-int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
-int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
-STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
-
-CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms);
-int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
-int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
-STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
-
-int CMS_SignedData_init(CMS_ContentInfo *cms);
-CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
-                                X509 *signer, EVP_PKEY *pk, const EVP_MD *md,
-                                unsigned int flags);
-EVP_PKEY_CTX *CMS_SignerInfo_get0_pkey_ctx(CMS_SignerInfo *si);
-EVP_MD_CTX *CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo *si);
-STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
-
-void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
-int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si,
-                                  ASN1_OCTET_STRING **keyid,
-                                  X509_NAME **issuer, ASN1_INTEGER **sno);
-int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
-int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
-                           unsigned int flags);
-void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk,
-                              X509 **signer, X509_ALGOR **pdig,
-                              X509_ALGOR **psig);
-ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si);
-int CMS_SignerInfo_sign(CMS_SignerInfo *si);
-int CMS_SignerInfo_verify(CMS_SignerInfo *si);
-int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain);
-
-int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs);
-int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
-                            int algnid, int keysize);
-int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap);
-
-int CMS_signed_get_attr_count(const CMS_SignerInfo *si);
-int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
-                               int lastpos);
-int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
-                               int lastpos);
-X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc);
-X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc);
-int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
-int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si,
-                                const ASN1_OBJECT *obj, int type,
-                                const void *bytes, int len);
-int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si,
-                                int nid, int type,
-                                const void *bytes, int len);
-int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si,
-                                const char *attrname, int type,
-                                const void *bytes, int len);
-void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
-                                  int lastpos, int type);
-
-int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si);
-int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
-                                 int lastpos);
-int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
-                                 int lastpos);
-X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc);
-X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc);
-int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
-int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si,
-                                  const ASN1_OBJECT *obj, int type,
-                                  const void *bytes, int len);
-int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si,
-                                  int nid, int type,
-                                  const void *bytes, int len);
-int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si,
-                                  const char *attrname, int type,
-                                  const void *bytes, int len);
-void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
-                                    int lastpos, int type);
-
-# ifdef HEADER_X509V3_H
-
-int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
-CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
-                                               int allorfirst,
-                                               STACK_OF(GENERAL_NAMES)
-                                               *receiptList, STACK_OF(GENERAL_NAMES)
-                                               *receiptsTo);
-int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
-void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
-                                    ASN1_STRING **pcid,
-                                    int *pallorfirst,
-                                    STACK_OF(GENERAL_NAMES) **plist,
-                                    STACK_OF(GENERAL_NAMES) **prto);
-# endif
-int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri,
-                                    X509_ALGOR **palg,
-                                    ASN1_OCTET_STRING **pukm);
-STACK_OF(CMS_RecipientEncryptedKey)
-*CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri);
-
-int CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri,
-                                        X509_ALGOR **pubalg,
-                                        ASN1_BIT_STRING **pubkey,
-                                        ASN1_OCTET_STRING **keyid,
-                                        X509_NAME **issuer,
-                                        ASN1_INTEGER **sno);
-
-int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert);
-
-int CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek,
-                                      ASN1_OCTET_STRING **keyid,
-                                      ASN1_GENERALIZEDTIME **tm,
-                                      CMS_OtherKeyAttribute **other,
-                                      X509_NAME **issuer, ASN1_INTEGER **sno);
-int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek,
-                                       X509 *cert);
-int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk);
-EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri);
-int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms,
-                                   CMS_RecipientInfo *ri,
-                                   CMS_RecipientEncryptedKey *rek);
-
-int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg,
-                          ASN1_OCTET_STRING *ukm, int keylen);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_CMS_strings(void);
-
-/* Error codes for the CMS functions. */
-
-/* Function codes. */
-# define CMS_F_CHECK_CONTENT                              99
-# define CMS_F_CMS_ADD0_CERT                              164
-# define CMS_F_CMS_ADD0_RECIPIENT_KEY                     100
-# define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD                165
-# define CMS_F_CMS_ADD1_RECEIPTREQUEST                    158
-# define CMS_F_CMS_ADD1_RECIPIENT_CERT                    101
-# define CMS_F_CMS_ADD1_SIGNER                            102
-# define CMS_F_CMS_ADD1_SIGNINGTIME                       103
-# define CMS_F_CMS_COMPRESS                               104
-# define CMS_F_CMS_COMPRESSEDDATA_CREATE                  105
-# define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO                106
-# define CMS_F_CMS_COPY_CONTENT                           107
-# define CMS_F_CMS_COPY_MESSAGEDIGEST                     108
-# define CMS_F_CMS_DATA                                   109
-# define CMS_F_CMS_DATAFINAL                              110
-# define CMS_F_CMS_DATAINIT                               111
-# define CMS_F_CMS_DECRYPT                                112
-# define CMS_F_CMS_DECRYPT_SET1_KEY                       113
-# define CMS_F_CMS_DECRYPT_SET1_PASSWORD                  166
-# define CMS_F_CMS_DECRYPT_SET1_PKEY                      114
-# define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX               115
-# define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO               116
-# define CMS_F_CMS_DIGESTEDDATA_DO_FINAL                  117
-# define CMS_F_CMS_DIGEST_VERIFY                          118
-# define CMS_F_CMS_ENCODE_RECEIPT                         161
-# define CMS_F_CMS_ENCRYPT                                119
-# define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO              120
-# define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT                  121
-# define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT                  122
-# define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY                 123
-# define CMS_F_CMS_ENVELOPEDDATA_CREATE                   124
-# define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO                 125
-# define CMS_F_CMS_ENVELOPED_DATA_INIT                    126
-# define CMS_F_CMS_ENV_ASN1_CTRL                          171
-# define CMS_F_CMS_FINAL                                  127
-# define CMS_F_CMS_GET0_CERTIFICATE_CHOICES               128
-# define CMS_F_CMS_GET0_CONTENT                           129
-# define CMS_F_CMS_GET0_ECONTENT_TYPE                     130
-# define CMS_F_CMS_GET0_ENVELOPED                         131
-# define CMS_F_CMS_GET0_REVOCATION_CHOICES                132
-# define CMS_F_CMS_GET0_SIGNED                            133
-# define CMS_F_CMS_MSGSIGDIGEST_ADD1                      162
-# define CMS_F_CMS_RECEIPTREQUEST_CREATE0                 159
-# define CMS_F_CMS_RECEIPT_VERIFY                         160
-# define CMS_F_CMS_RECIPIENTINFO_DECRYPT                  134
-# define CMS_F_CMS_RECIPIENTINFO_ENCRYPT                  169
-# define CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT             178
-# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG            175
-# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID        173
-# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS           172
-# define CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP         174
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT            135
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT            136
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID            137
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP             138
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP            139
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT             140
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT             141
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS           142
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID      143
-# define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT               167
-# define CMS_F_CMS_RECIPIENTINFO_SET0_KEY                 144
-# define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD            168
-# define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY                145
-# define CMS_F_CMS_SD_ASN1_CTRL                           170
-# define CMS_F_CMS_SET1_IAS                               176
-# define CMS_F_CMS_SET1_KEYID                             177
-# define CMS_F_CMS_SET1_SIGNERIDENTIFIER                  146
-# define CMS_F_CMS_SET_DETACHED                           147
-# define CMS_F_CMS_SIGN                                   148
-# define CMS_F_CMS_SIGNED_DATA_INIT                       149
-# define CMS_F_CMS_SIGNERINFO_CONTENT_SIGN                150
-# define CMS_F_CMS_SIGNERINFO_SIGN                        151
-# define CMS_F_CMS_SIGNERINFO_VERIFY                      152
-# define CMS_F_CMS_SIGNERINFO_VERIFY_CERT                 153
-# define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT              154
-# define CMS_F_CMS_SIGN_RECEIPT                           163
-# define CMS_F_CMS_STREAM                                 155
-# define CMS_F_CMS_UNCOMPRESS                             156
-# define CMS_F_CMS_VERIFY                                 157
-
-/* Reason codes. */
-# define CMS_R_ADD_SIGNER_ERROR                           99
-# define CMS_R_CERTIFICATE_ALREADY_PRESENT                175
-# define CMS_R_CERTIFICATE_HAS_NO_KEYID                   160
-# define CMS_R_CERTIFICATE_VERIFY_ERROR                   100
-# define CMS_R_CIPHER_INITIALISATION_ERROR                101
-# define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR      102
-# define CMS_R_CMS_DATAFINAL_ERROR                        103
-# define CMS_R_CMS_LIB                                    104
-# define CMS_R_CONTENTIDENTIFIER_MISMATCH                 170
-# define CMS_R_CONTENT_NOT_FOUND                          105
-# define CMS_R_CONTENT_TYPE_MISMATCH                      171
-# define CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA           106
-# define CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA            107
-# define CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA               108
-# define CMS_R_CONTENT_VERIFY_ERROR                       109
-# define CMS_R_CTRL_ERROR                                 110
-# define CMS_R_CTRL_FAILURE                               111
-# define CMS_R_DECRYPT_ERROR                              112
-# define CMS_R_DIGEST_ERROR                               161
-# define CMS_R_ERROR_GETTING_PUBLIC_KEY                   113
-# define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE      114
-# define CMS_R_ERROR_SETTING_KEY                          115
-# define CMS_R_ERROR_SETTING_RECIPIENTINFO                116
-# define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH               117
-# define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER           176
-# define CMS_R_INVALID_KEY_LENGTH                         118
-# define CMS_R_MD_BIO_INIT_ERROR                          119
-# define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH       120
-# define CMS_R_MESSAGEDIGEST_WRONG_LENGTH                 121
-# define CMS_R_MSGSIGDIGEST_ERROR                         172
-# define CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE          162
-# define CMS_R_MSGSIGDIGEST_WRONG_LENGTH                  163
-# define CMS_R_NEED_ONE_SIGNER                            164
-# define CMS_R_NOT_A_SIGNED_RECEIPT                       165
-# define CMS_R_NOT_ENCRYPTED_DATA                         122
-# define CMS_R_NOT_KEK                                    123
-# define CMS_R_NOT_KEY_AGREEMENT                          181
-# define CMS_R_NOT_KEY_TRANSPORT                          124
-# define CMS_R_NOT_PWRI                                   177
-# define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE            125
-# define CMS_R_NO_CIPHER                                  126
-# define CMS_R_NO_CONTENT                                 127
-# define CMS_R_NO_CONTENT_TYPE                            173
-# define CMS_R_NO_DEFAULT_DIGEST                          128
-# define CMS_R_NO_DIGEST_SET                              129
-# define CMS_R_NO_KEY                                     130
-# define CMS_R_NO_KEY_OR_CERT                             174
-# define CMS_R_NO_MATCHING_DIGEST                         131
-# define CMS_R_NO_MATCHING_RECIPIENT                      132
-# define CMS_R_NO_MATCHING_SIGNATURE                      166
-# define CMS_R_NO_MSGSIGDIGEST                            167
-# define CMS_R_NO_PASSWORD                                178
-# define CMS_R_NO_PRIVATE_KEY                             133
-# define CMS_R_NO_PUBLIC_KEY                              134
-# define CMS_R_NO_RECEIPT_REQUEST                         168
-# define CMS_R_NO_SIGNERS                                 135
-# define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE     136
-# define CMS_R_RECEIPT_DECODE_ERROR                       169
-# define CMS_R_RECIPIENT_ERROR                            137
-# define CMS_R_SIGNER_CERTIFICATE_NOT_FOUND               138
-# define CMS_R_SIGNFINAL_ERROR                            139
-# define CMS_R_SMIME_TEXT_ERROR                           140
-# define CMS_R_STORE_INIT_ERROR                           141
-# define CMS_R_TYPE_NOT_COMPRESSED_DATA                   142
-# define CMS_R_TYPE_NOT_DATA                              143
-# define CMS_R_TYPE_NOT_DIGESTED_DATA                     144
-# define CMS_R_TYPE_NOT_ENCRYPTED_DATA                    145
-# define CMS_R_TYPE_NOT_ENVELOPED_DATA                    146
-# define CMS_R_UNABLE_TO_FINALIZE_CONTEXT                 147
-# define CMS_R_UNKNOWN_CIPHER                             148
-# define CMS_R_UNKNOWN_DIGEST_ALGORIHM                    149
-# define CMS_R_UNKNOWN_ID                                 150
-# define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM          151
-# define CMS_R_UNSUPPORTED_CONTENT_TYPE                   152
-# define CMS_R_UNSUPPORTED_KEK_ALGORITHM                  153
-# define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM       179
-# define CMS_R_UNSUPPORTED_RECIPIENT_TYPE                 154
-# define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE              155
-# define CMS_R_UNSUPPORTED_TYPE                           156
-# define CMS_R_UNWRAP_ERROR                               157
-# define CMS_R_UNWRAP_FAILURE                             180
-# define CMS_R_VERIFICATION_FAILURE                       158
-# define CMS_R_WRAP_ERROR                                 159
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/comp.h b/thirdparty/openssl/openssl/comp.h
deleted file mode 100644
index df599ba331..0000000000
--- a/thirdparty/openssl/openssl/comp.h
+++ /dev/null
@@ -1,83 +0,0 @@
-
-#ifndef HEADER_COMP_H
-# define HEADER_COMP_H
-
-# include <openssl/crypto.h>
-
-# ifdef OPENSSL_NO_COMP
-#  error COMP is disabled.
-# endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct comp_ctx_st COMP_CTX;
-
-struct comp_method_st {
-    int type;                   /* NID for compression library */
-    const char *name;           /* A text string to identify the library */
-    int (*init) (COMP_CTX *ctx);
-    void (*finish) (COMP_CTX *ctx);
-    int (*compress) (COMP_CTX *ctx,
-                     unsigned char *out, unsigned int olen,
-                     unsigned char *in, unsigned int ilen);
-    int (*expand) (COMP_CTX *ctx,
-                   unsigned char *out, unsigned int olen,
-                   unsigned char *in, unsigned int ilen);
-    /*
-     * The following two do NOTHING, but are kept for backward compatibility
-     */
-    long (*ctrl) (void);
-    long (*callback_ctrl) (void);
-};
-
-struct comp_ctx_st {
-    COMP_METHOD *meth;
-    unsigned long compress_in;
-    unsigned long compress_out;
-    unsigned long expand_in;
-    unsigned long expand_out;
-    CRYPTO_EX_DATA ex_data;
-};
-
-COMP_CTX *COMP_CTX_new(COMP_METHOD *meth);
-void COMP_CTX_free(COMP_CTX *ctx);
-int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
-                        unsigned char *in, int ilen);
-int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
-                      unsigned char *in, int ilen);
-COMP_METHOD *COMP_rle(void);
-COMP_METHOD *COMP_zlib(void);
-void COMP_zlib_cleanup(void);
-
-# ifdef HEADER_BIO_H
-#  ifdef ZLIB
-BIO_METHOD *BIO_f_zlib(void);
-#  endif
-# endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_COMP_strings(void);
-
-/* Error codes for the COMP functions. */
-
-/* Function codes. */
-# define COMP_F_BIO_ZLIB_FLUSH                            99
-# define COMP_F_BIO_ZLIB_NEW                              100
-# define COMP_F_BIO_ZLIB_READ                             101
-# define COMP_F_BIO_ZLIB_WRITE                            102
-
-/* Reason codes. */
-# define COMP_R_ZLIB_DEFLATE_ERROR                        99
-# define COMP_R_ZLIB_INFLATE_ERROR                        100
-# define COMP_R_ZLIB_NOT_SUPPORTED                        101
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/conf.h b/thirdparty/openssl/openssl/conf.h
deleted file mode 100644
index fe49113080..0000000000
--- a/thirdparty/openssl/openssl/conf.h
+++ /dev/null
@@ -1,268 +0,0 @@
-/* crypto/conf/conf.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef  HEADER_CONF_H
-# define HEADER_CONF_H
-
-# include <openssl/bio.h>
-# include <openssl/lhash.h>
-# include <openssl/stack.h>
-# include <openssl/safestack.h>
-# include <openssl/e_os2.h>
-
-# include <openssl/ossl_typ.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct {
-    char *section;
-    char *name;
-    char *value;
-} CONF_VALUE;
-
-DECLARE_STACK_OF(CONF_VALUE)
-DECLARE_LHASH_OF(CONF_VALUE);
-
-struct conf_st;
-struct conf_method_st;
-typedef struct conf_method_st CONF_METHOD;
-
-struct conf_method_st {
-    const char *name;
-    CONF *(*create) (CONF_METHOD *meth);
-    int (*init) (CONF *conf);
-    int (*destroy) (CONF *conf);
-    int (*destroy_data) (CONF *conf);
-    int (*load_bio) (CONF *conf, BIO *bp, long *eline);
-    int (*dump) (const CONF *conf, BIO *bp);
-    int (*is_number) (const CONF *conf, char c);
-    int (*to_int) (const CONF *conf, char c);
-    int (*load) (CONF *conf, const char *name, long *eline);
-};
-
-/* Module definitions */
-
-typedef struct conf_imodule_st CONF_IMODULE;
-typedef struct conf_module_st CONF_MODULE;
-
-DECLARE_STACK_OF(CONF_MODULE)
-DECLARE_STACK_OF(CONF_IMODULE)
-
-/* DSO module function typedefs */
-typedef int conf_init_func (CONF_IMODULE *md, const CONF *cnf);
-typedef void conf_finish_func (CONF_IMODULE *md);
-
-# define CONF_MFLAGS_IGNORE_ERRORS       0x1
-# define CONF_MFLAGS_IGNORE_RETURN_CODES 0x2
-# define CONF_MFLAGS_SILENT              0x4
-# define CONF_MFLAGS_NO_DSO              0x8
-# define CONF_MFLAGS_IGNORE_MISSING_FILE 0x10
-# define CONF_MFLAGS_DEFAULT_SECTION     0x20
-
-int CONF_set_default_method(CONF_METHOD *meth);
-void CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash);
-LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file,
-                                long *eline);
-# ifndef OPENSSL_NO_FP_API
-LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
-                                   long *eline);
-# endif
-LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,
-                                    long *eline);
-STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
-                                       const char *section);
-char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf, const char *group,
-                      const char *name);
-long CONF_get_number(LHASH_OF(CONF_VALUE) *conf, const char *group,
-                     const char *name);
-void CONF_free(LHASH_OF(CONF_VALUE) *conf);
-int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out);
-int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out);
-
-void OPENSSL_config(const char *config_name);
-void OPENSSL_no_config(void);
-
-/*
- * New conf code.  The semantics are different from the functions above. If
- * that wasn't the case, the above functions would have been replaced
- */
-
-struct conf_st {
-    CONF_METHOD *meth;
-    void *meth_data;
-    LHASH_OF(CONF_VALUE) *data;
-};
-
-CONF *NCONF_new(CONF_METHOD *meth);
-CONF_METHOD *NCONF_default(void);
-CONF_METHOD *NCONF_WIN32(void);
-# if 0                          /* Just to give you an idea of what I have in
-                                 * mind */
-CONF_METHOD *NCONF_XML(void);
-# endif
-void NCONF_free(CONF *conf);
-void NCONF_free_data(CONF *conf);
-
-int NCONF_load(CONF *conf, const char *file, long *eline);
-# ifndef OPENSSL_NO_FP_API
-int NCONF_load_fp(CONF *conf, FILE *fp, long *eline);
-# endif
-int NCONF_load_bio(CONF *conf, BIO *bp, long *eline);
-STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,
-                                        const char *section);
-char *NCONF_get_string(const CONF *conf, const char *group, const char *name);
-int NCONF_get_number_e(const CONF *conf, const char *group, const char *name,
-                       long *result);
-int NCONF_dump_fp(const CONF *conf, FILE *out);
-int NCONF_dump_bio(const CONF *conf, BIO *out);
-
-# if 0                          /* The following function has no error
-                                 * checking, and should therefore be avoided */
-long NCONF_get_number(CONF *conf, char *group, char *name);
-# else
-#  define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r)
-# endif
-
-/* Module functions */
-
-int CONF_modules_load(const CONF *cnf, const char *appname,
-                      unsigned long flags);
-int CONF_modules_load_file(const char *filename, const char *appname,
-                           unsigned long flags);
-void CONF_modules_unload(int all);
-void CONF_modules_finish(void);
-void CONF_modules_free(void);
-int CONF_module_add(const char *name, conf_init_func *ifunc,
-                    conf_finish_func *ffunc);
-
-const char *CONF_imodule_get_name(const CONF_IMODULE *md);
-const char *CONF_imodule_get_value(const CONF_IMODULE *md);
-void *CONF_imodule_get_usr_data(const CONF_IMODULE *md);
-void CONF_imodule_set_usr_data(CONF_IMODULE *md, void *usr_data);
-CONF_MODULE *CONF_imodule_get_module(const CONF_IMODULE *md);
-unsigned long CONF_imodule_get_flags(const CONF_IMODULE *md);
-void CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags);
-void *CONF_module_get_usr_data(CONF_MODULE *pmod);
-void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data);
-
-char *CONF_get1_default_config_file(void);
-
-int CONF_parse_list(const char *list, int sep, int nospc,
-                    int (*list_cb) (const char *elem, int len, void *usr),
-                    void *arg);
-
-void OPENSSL_load_builtin_modules(void);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_CONF_strings(void);
-
-/* Error codes for the CONF functions. */
-
-/* Function codes. */
-# define CONF_F_CONF_DUMP_FP                              104
-# define CONF_F_CONF_LOAD                                 100
-# define CONF_F_CONF_LOAD_BIO                             102
-# define CONF_F_CONF_LOAD_FP                              103
-# define CONF_F_CONF_MODULES_LOAD                         116
-# define CONF_F_CONF_PARSE_LIST                           119
-# define CONF_F_DEF_LOAD                                  120
-# define CONF_F_DEF_LOAD_BIO                              121
-# define CONF_F_MODULE_INIT                               115
-# define CONF_F_MODULE_LOAD_DSO                           117
-# define CONF_F_MODULE_RUN                                118
-# define CONF_F_NCONF_DUMP_BIO                            105
-# define CONF_F_NCONF_DUMP_FP                             106
-# define CONF_F_NCONF_GET_NUMBER                          107
-# define CONF_F_NCONF_GET_NUMBER_E                        112
-# define CONF_F_NCONF_GET_SECTION                         108
-# define CONF_F_NCONF_GET_STRING                          109
-# define CONF_F_NCONF_LOAD                                113
-# define CONF_F_NCONF_LOAD_BIO                            110
-# define CONF_F_NCONF_LOAD_FP                             114
-# define CONF_F_NCONF_NEW                                 111
-# define CONF_F_STR_COPY                                  101
-
-/* Reason codes. */
-# define CONF_R_ERROR_LOADING_DSO                         110
-# define CONF_R_LIST_CANNOT_BE_NULL                       115
-# define CONF_R_MISSING_CLOSE_SQUARE_BRACKET              100
-# define CONF_R_MISSING_EQUAL_SIGN                        101
-# define CONF_R_MISSING_FINISH_FUNCTION                   111
-# define CONF_R_MISSING_INIT_FUNCTION                     112
-# define CONF_R_MODULE_INITIALIZATION_ERROR               109
-# define CONF_R_NO_CLOSE_BRACE                            102
-# define CONF_R_NO_CONF                                   105
-# define CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE           106
-# define CONF_R_NO_SECTION                                107
-# define CONF_R_NO_SUCH_FILE                              114
-# define CONF_R_NO_VALUE                                  108
-# define CONF_R_UNABLE_TO_CREATE_NEW_SECTION              103
-# define CONF_R_UNKNOWN_MODULE_NAME                       113
-# define CONF_R_VARIABLE_EXPANSION_TOO_LONG               116
-# define CONF_R_VARIABLE_HAS_NO_VALUE                     104
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/conf_api.h b/thirdparty/openssl/openssl/conf_api.h
deleted file mode 100644
index e478f7df4b..0000000000
--- a/thirdparty/openssl/openssl/conf_api.h
+++ /dev/null
@@ -1,89 +0,0 @@
-/* conf_api.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef  HEADER_CONF_API_H
-# define HEADER_CONF_API_H
-
-# include <openssl/lhash.h>
-# include <openssl/conf.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Up until OpenSSL 0.9.5a, this was new_section */
-CONF_VALUE *_CONF_new_section(CONF *conf, const char *section);
-/* Up until OpenSSL 0.9.5a, this was get_section */
-CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section);
-/* Up until OpenSSL 0.9.5a, this was CONF_get_section */
-STACK_OF(CONF_VALUE) *_CONF_get_section_values(const CONF *conf,
-                                               const char *section);
-
-int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value);
-char *_CONF_get_string(const CONF *conf, const char *section,
-                       const char *name);
-long _CONF_get_number(const CONF *conf, const char *section,
-                      const char *name);
-
-int _CONF_new_data(CONF *conf);
-void _CONF_free_data(CONF *conf);
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/crypto.h b/thirdparty/openssl/openssl/crypto.h
deleted file mode 100644
index 6c644ce12a..0000000000
--- a/thirdparty/openssl/openssl/crypto.h
+++ /dev/null
@@ -1,661 +0,0 @@
-/* crypto/crypto.h */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#ifndef HEADER_CRYPTO_H
-# define HEADER_CRYPTO_H
-
-# include <stdlib.h>
-
-# include <openssl/e_os2.h>
-
-# ifndef OPENSSL_NO_FP_API
-#  include <stdio.h>
-# endif
-
-# include <openssl/stack.h>
-# include <openssl/safestack.h>
-# include <openssl/opensslv.h>
-# include <openssl/ossl_typ.h>
-
-# ifdef CHARSET_EBCDIC
-#  include <openssl/ebcdic.h>
-# endif
-
-/*
- * Resolve problems on some operating systems with symbol names that clash
- * one way or another
- */
-# include <openssl/symhacks.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Backward compatibility to SSLeay */
-/*
- * This is more to be used to check the correct DLL is being used in the MS
- * world.
- */
-# define SSLEAY_VERSION_NUMBER   OPENSSL_VERSION_NUMBER
-# define SSLEAY_VERSION          0
-/* #define SSLEAY_OPTIONS       1 no longer supported */
-# define SSLEAY_CFLAGS           2
-# define SSLEAY_BUILT_ON         3
-# define SSLEAY_PLATFORM         4
-# define SSLEAY_DIR              5
-
-/* Already declared in ossl_typ.h */
-# if 0
-typedef struct crypto_ex_data_st CRYPTO_EX_DATA;
-/* Called when a new object is created */
-typedef int CRYPTO_EX_new (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-                           int idx, long argl, void *argp);
-/* Called when an object is free()ed */
-typedef void CRYPTO_EX_free (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-                             int idx, long argl, void *argp);
-/* Called when we need to dup an object */
-typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from,
-                           void *from_d, int idx, long argl, void *argp);
-# endif
-
-/* A generic structure to pass assorted data in a expandable way */
-typedef struct openssl_item_st {
-    int code;
-    void *value;                /* Not used for flag attributes */
-    size_t value_size;          /* Max size of value for output, length for
-                                 * input */
-    size_t *value_length;       /* Returned length of value for output */
-} OPENSSL_ITEM;
-
-/*
- * When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock
- * names in cryptlib.c
- */
-
-# define CRYPTO_LOCK_ERR                 1
-# define CRYPTO_LOCK_EX_DATA             2
-# define CRYPTO_LOCK_X509                3
-# define CRYPTO_LOCK_X509_INFO           4
-# define CRYPTO_LOCK_X509_PKEY           5
-# define CRYPTO_LOCK_X509_CRL            6
-# define CRYPTO_LOCK_X509_REQ            7
-# define CRYPTO_LOCK_DSA                 8
-# define CRYPTO_LOCK_RSA                 9
-# define CRYPTO_LOCK_EVP_PKEY            10
-# define CRYPTO_LOCK_X509_STORE          11
-# define CRYPTO_LOCK_SSL_CTX             12
-# define CRYPTO_LOCK_SSL_CERT            13
-# define CRYPTO_LOCK_SSL_SESSION         14
-# define CRYPTO_LOCK_SSL_SESS_CERT       15
-# define CRYPTO_LOCK_SSL                 16
-# define CRYPTO_LOCK_SSL_METHOD          17
-# define CRYPTO_LOCK_RAND                18
-# define CRYPTO_LOCK_RAND2               19
-# define CRYPTO_LOCK_MALLOC              20
-# define CRYPTO_LOCK_BIO                 21
-# define CRYPTO_LOCK_GETHOSTBYNAME       22
-# define CRYPTO_LOCK_GETSERVBYNAME       23
-# define CRYPTO_LOCK_READDIR             24
-# define CRYPTO_LOCK_RSA_BLINDING        25
-# define CRYPTO_LOCK_DH                  26
-# define CRYPTO_LOCK_MALLOC2             27
-# define CRYPTO_LOCK_DSO                 28
-# define CRYPTO_LOCK_DYNLOCK             29
-# define CRYPTO_LOCK_ENGINE              30
-# define CRYPTO_LOCK_UI                  31
-# define CRYPTO_LOCK_ECDSA               32
-# define CRYPTO_LOCK_EC                  33
-# define CRYPTO_LOCK_ECDH                34
-# define CRYPTO_LOCK_BN                  35
-# define CRYPTO_LOCK_EC_PRE_COMP         36
-# define CRYPTO_LOCK_STORE               37
-# define CRYPTO_LOCK_COMP                38
-# define CRYPTO_LOCK_FIPS                39
-# define CRYPTO_LOCK_FIPS2               40
-# define CRYPTO_NUM_LOCKS                41
-
-# define CRYPTO_LOCK             1
-# define CRYPTO_UNLOCK           2
-# define CRYPTO_READ             4
-# define CRYPTO_WRITE            8
-
-# ifndef OPENSSL_NO_LOCKING
-#  ifndef CRYPTO_w_lock
-#   define CRYPTO_w_lock(type)     \
-        CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-#   define CRYPTO_w_unlock(type)   \
-        CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-#   define CRYPTO_r_lock(type)     \
-        CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-#   define CRYPTO_r_unlock(type)   \
-        CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-#   define CRYPTO_add(addr,amount,type)    \
-        CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
-#  endif
-# else
-#  define CRYPTO_w_lock(a)
-#  define CRYPTO_w_unlock(a)
-#  define CRYPTO_r_lock(a)
-#  define CRYPTO_r_unlock(a)
-#  define CRYPTO_add(a,b,c)       ((*(a))+=(b))
-# endif
-
-/*
- * Some applications as well as some parts of OpenSSL need to allocate and
- * deallocate locks in a dynamic fashion.  The following typedef makes this
- * possible in a type-safe manner.
- */
-/* struct CRYPTO_dynlock_value has to be defined by the application. */
-typedef struct {
-    int references;
-    struct CRYPTO_dynlock_value *data;
-} CRYPTO_dynlock;
-
-/*
- * The following can be used to detect memory leaks in the SSLeay library. It
- * used, it turns on malloc checking
- */
-
-# define CRYPTO_MEM_CHECK_OFF    0x0/* an enume */
-# define CRYPTO_MEM_CHECK_ON     0x1/* a bit */
-# define CRYPTO_MEM_CHECK_ENABLE 0x2/* a bit */
-# define CRYPTO_MEM_CHECK_DISABLE 0x3/* an enume */
-
-/*
- * The following are bit values to turn on or off options connected to the
- * malloc checking functionality
- */
-
-/* Adds time to the memory checking information */
-# define V_CRYPTO_MDEBUG_TIME    0x1/* a bit */
-/* Adds thread number to the memory checking information */
-# define V_CRYPTO_MDEBUG_THREAD  0x2/* a bit */
-
-# define V_CRYPTO_MDEBUG_ALL (V_CRYPTO_MDEBUG_TIME | V_CRYPTO_MDEBUG_THREAD)
-
-/* predec of the BIO type */
-typedef struct bio_st BIO_dummy;
-
-struct crypto_ex_data_st {
-    STACK_OF(void) *sk;
-    /* gcc is screwing up this data structure :-( */
-    int dummy;
-};
-DECLARE_STACK_OF(void)
-
-/*
- * This stuff is basically class callback functions The current classes are
- * SSL_CTX, SSL, SSL_SESSION, and a few more
- */
-
-typedef struct crypto_ex_data_func_st {
-    long argl;                  /* Arbitary long */
-    void *argp;                 /* Arbitary void * */
-    CRYPTO_EX_new *new_func;
-    CRYPTO_EX_free *free_func;
-    CRYPTO_EX_dup *dup_func;
-} CRYPTO_EX_DATA_FUNCS;
-
-DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
-
-/*
- * Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA
- * entry.
- */
-
-# define CRYPTO_EX_INDEX_BIO             0
-# define CRYPTO_EX_INDEX_SSL             1
-# define CRYPTO_EX_INDEX_SSL_CTX         2
-# define CRYPTO_EX_INDEX_SSL_SESSION     3
-# define CRYPTO_EX_INDEX_X509_STORE      4
-# define CRYPTO_EX_INDEX_X509_STORE_CTX  5
-# define CRYPTO_EX_INDEX_RSA             6
-# define CRYPTO_EX_INDEX_DSA             7
-# define CRYPTO_EX_INDEX_DH              8
-# define CRYPTO_EX_INDEX_ENGINE          9
-# define CRYPTO_EX_INDEX_X509            10
-# define CRYPTO_EX_INDEX_UI              11
-# define CRYPTO_EX_INDEX_ECDSA           12
-# define CRYPTO_EX_INDEX_ECDH            13
-# define CRYPTO_EX_INDEX_COMP            14
-# define CRYPTO_EX_INDEX_STORE           15
-
-/*
- * Dynamically assigned indexes start from this value (don't use directly,
- * use via CRYPTO_ex_data_new_class).
- */
-# define CRYPTO_EX_INDEX_USER            100
-
-/*
- * This is the default callbacks, but we can have others as well: this is
- * needed in Win32 where the application malloc and the library malloc may
- * not be the same.
- */
-# define CRYPTO_malloc_init()    CRYPTO_set_mem_functions(\
-        malloc, realloc, free)
-
-# if defined CRYPTO_MDEBUG_ALL || defined CRYPTO_MDEBUG_TIME || defined CRYPTO_MDEBUG_THREAD
-#  ifndef CRYPTO_MDEBUG         /* avoid duplicate #define */
-#   define CRYPTO_MDEBUG
-#  endif
-# endif
-
-/*
- * Set standard debugging functions (not done by default unless CRYPTO_MDEBUG
- * is defined)
- */
-# define CRYPTO_malloc_debug_init()      do {\
-        CRYPTO_set_mem_debug_functions(\
-                CRYPTO_dbg_malloc,\
-                CRYPTO_dbg_realloc,\
-                CRYPTO_dbg_free,\
-                CRYPTO_dbg_set_options,\
-                CRYPTO_dbg_get_options);\
-        } while(0)
-
-int CRYPTO_mem_ctrl(int mode);
-int CRYPTO_is_mem_check_on(void);
-
-/* for applications */
-# define MemCheck_start() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON)
-# define MemCheck_stop() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF)
-
-/* for library-internal use */
-# define MemCheck_on()   CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE)
-# define MemCheck_off()  CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE)
-# define is_MemCheck_on() CRYPTO_is_mem_check_on()
-
-# define OPENSSL_malloc(num)     CRYPTO_malloc((int)num,__FILE__,__LINE__)
-# define OPENSSL_strdup(str)     CRYPTO_strdup((str),__FILE__,__LINE__)
-# define OPENSSL_realloc(addr,num) \
-        CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__)
-# define OPENSSL_realloc_clean(addr,old_num,num) \
-        CRYPTO_realloc_clean(addr,old_num,num,__FILE__,__LINE__)
-# define OPENSSL_remalloc(addr,num) \
-        CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__)
-# define OPENSSL_freeFunc        CRYPTO_free
-# define OPENSSL_free(addr)      CRYPTO_free(addr)
-
-# define OPENSSL_malloc_locked(num) \
-        CRYPTO_malloc_locked((int)num,__FILE__,__LINE__)
-# define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr)
-
-const char *SSLeay_version(int type);
-unsigned long SSLeay(void);
-
-int OPENSSL_issetugid(void);
-
-/* An opaque type representing an implementation of "ex_data" support */
-typedef struct st_CRYPTO_EX_DATA_IMPL CRYPTO_EX_DATA_IMPL;
-/* Return an opaque pointer to the current "ex_data" implementation */
-const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void);
-/* Sets the "ex_data" implementation to be used (if it's not too late) */
-int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i);
-/* Get a new "ex_data" class, and return the corresponding "class_index" */
-int CRYPTO_ex_data_new_class(void);
-/* Within a given class, get/register a new index */
-int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
-                            CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
-                            CRYPTO_EX_free *free_func);
-/*
- * Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a
- * given class (invokes whatever per-class callbacks are applicable)
- */
-int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
-int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
-                       CRYPTO_EX_DATA *from);
-void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
-/*
- * Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular
- * index (relative to the class type involved)
- */
-int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val);
-void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx);
-/*
- * This function cleans up all "ex_data" state. It mustn't be called under
- * potential race-conditions.
- */
-void CRYPTO_cleanup_all_ex_data(void);
-
-int CRYPTO_get_new_lockid(char *name);
-
-int CRYPTO_num_locks(void);     /* return CRYPTO_NUM_LOCKS (shared libs!) */
-void CRYPTO_lock(int mode, int type, const char *file, int line);
-void CRYPTO_set_locking_callback(void (*func) (int mode, int type,
-                                               const char *file, int line));
-void (*CRYPTO_get_locking_callback(void)) (int mode, int type,
-                                           const char *file, int line);
-void CRYPTO_set_add_lock_callback(int (*func)
-                                   (int *num, int mount, int type,
-                                    const char *file, int line));
-int (*CRYPTO_get_add_lock_callback(void)) (int *num, int mount, int type,
-                                           const char *file, int line);
-
-/* Don't use this structure directly. */
-typedef struct crypto_threadid_st {
-    void *ptr;
-    unsigned long val;
-} CRYPTO_THREADID;
-/* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */
-void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val);
-void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr);
-int CRYPTO_THREADID_set_callback(void (*threadid_func) (CRYPTO_THREADID *));
-void (*CRYPTO_THREADID_get_callback(void)) (CRYPTO_THREADID *);
-void CRYPTO_THREADID_current(CRYPTO_THREADID *id);
-int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b);
-void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src);
-unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id);
-# ifndef OPENSSL_NO_DEPRECATED
-void CRYPTO_set_id_callback(unsigned long (*func) (void));
-unsigned long (*CRYPTO_get_id_callback(void)) (void);
-unsigned long CRYPTO_thread_id(void);
-# endif
-
-const char *CRYPTO_get_lock_name(int type);
-int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file,
-                    int line);
-
-int CRYPTO_get_new_dynlockid(void);
-void CRYPTO_destroy_dynlockid(int i);
-struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i);
-void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value
-                                        *(*dyn_create_function) (const char
-                                                                 *file,
-                                                                 int line));
-void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)
-                                       (int mode,
-                                        struct CRYPTO_dynlock_value *l,
-                                        const char *file, int line));
-void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)
-                                          (struct CRYPTO_dynlock_value *l,
-                                           const char *file, int line));
-struct CRYPTO_dynlock_value
-*(*CRYPTO_get_dynlock_create_callback(void)) (const char *file, int line);
-void (*CRYPTO_get_dynlock_lock_callback(void)) (int mode,
-                                                struct CRYPTO_dynlock_value
-                                                *l, const char *file,
-                                                int line);
-void (*CRYPTO_get_dynlock_destroy_callback(void)) (struct CRYPTO_dynlock_value
-                                                   *l, const char *file,
-                                                   int line);
-
-/*
- * CRYPTO_set_mem_functions includes CRYPTO_set_locked_mem_functions -- call
- * the latter last if you need different functions
- */
-int CRYPTO_set_mem_functions(void *(*m) (size_t), void *(*r) (void *, size_t),
-                             void (*f) (void *));
-int CRYPTO_set_locked_mem_functions(void *(*m) (size_t),
-                                    void (*free_func) (void *));
-int CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int),
-                                void *(*r) (void *, size_t, const char *,
-                                            int), void (*f) (void *));
-int CRYPTO_set_locked_mem_ex_functions(void *(*m) (size_t, const char *, int),
-                                       void (*free_func) (void *));
-int CRYPTO_set_mem_debug_functions(void (*m)
-                                    (void *, int, const char *, int, int),
-                                   void (*r) (void *, void *, int,
-                                              const char *, int, int),
-                                   void (*f) (void *, int), void (*so) (long),
-                                   long (*go) (void));
-void CRYPTO_get_mem_functions(void *(**m) (size_t),
-                              void *(**r) (void *, size_t),
-                              void (**f) (void *));
-void CRYPTO_get_locked_mem_functions(void *(**m) (size_t),
-                                     void (**f) (void *));
-void CRYPTO_get_mem_ex_functions(void *(**m) (size_t, const char *, int),
-                                 void *(**r) (void *, size_t, const char *,
-                                              int), void (**f) (void *));
-void CRYPTO_get_locked_mem_ex_functions(void
-                                        *(**m) (size_t, const char *, int),
-                                        void (**f) (void *));
-void CRYPTO_get_mem_debug_functions(void (**m)
-                                     (void *, int, const char *, int, int),
-                                    void (**r) (void *, void *, int,
-                                                const char *, int, int),
-                                    void (**f) (void *, int),
-                                    void (**so) (long), long (**go) (void));
-
-void *CRYPTO_malloc_locked(int num, const char *file, int line);
-void CRYPTO_free_locked(void *ptr);
-void *CRYPTO_malloc(int num, const char *file, int line);
-char *CRYPTO_strdup(const char *str, const char *file, int line);
-void CRYPTO_free(void *ptr);
-void *CRYPTO_realloc(void *addr, int num, const char *file, int line);
-void *CRYPTO_realloc_clean(void *addr, int old_num, int num, const char *file,
-                           int line);
-void *CRYPTO_remalloc(void *addr, int num, const char *file, int line);
-
-void OPENSSL_cleanse(void *ptr, size_t len);
-
-void CRYPTO_set_mem_debug_options(long bits);
-long CRYPTO_get_mem_debug_options(void);
-
-# define CRYPTO_push_info(info) \
-        CRYPTO_push_info_(info, __FILE__, __LINE__);
-int CRYPTO_push_info_(const char *info, const char *file, int line);
-int CRYPTO_pop_info(void);
-int CRYPTO_remove_all_info(void);
-
-/*
- * Default debugging functions (enabled by CRYPTO_malloc_debug_init() macro;
- * used as default in CRYPTO_MDEBUG compilations):
- */
-/*-
- * The last argument has the following significance:
- *
- * 0:   called before the actual memory allocation has taken place
- * 1:   called after the actual memory allocation has taken place
- */
-void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line,
-                       int before_p);
-void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num, const char *file,
-                        int line, int before_p);
-void CRYPTO_dbg_free(void *addr, int before_p);
-/*-
- * Tell the debugging code about options.  By default, the following values
- * apply:
- *
- * 0:                           Clear all options.
- * V_CRYPTO_MDEBUG_TIME (1):    Set the "Show Time" option.
- * V_CRYPTO_MDEBUG_THREAD (2):  Set the "Show Thread Number" option.
- * V_CRYPTO_MDEBUG_ALL (3):     1 + 2
- */
-void CRYPTO_dbg_set_options(long bits);
-long CRYPTO_dbg_get_options(void);
-
-# ifndef OPENSSL_NO_FP_API
-void CRYPTO_mem_leaks_fp(FILE *);
-# endif
-void CRYPTO_mem_leaks(struct bio_st *bio);
-/* unsigned long order, char *file, int line, int num_bytes, char *addr */
-typedef void *CRYPTO_MEM_LEAK_CB (unsigned long, const char *, int, int,
-                                  void *);
-void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb);
-
-/* die if we have to */
-void OpenSSLDie(const char *file, int line, const char *assertion);
-# define OPENSSL_assert(e)       (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1))
-
-unsigned long *OPENSSL_ia32cap_loc(void);
-# define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))
-int OPENSSL_isservice(void);
-
-int FIPS_mode(void);
-int FIPS_mode_set(int r);
-
-void OPENSSL_init(void);
-
-# define fips_md_init(alg) fips_md_init_ctx(alg, alg)
-
-# ifdef OPENSSL_FIPS
-#  define fips_md_init_ctx(alg, cx) \
-        int alg##_Init(cx##_CTX *c) \
-        { \
-        if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
-                "Low level API call to digest " #alg " forbidden in FIPS mode!"); \
-        return private_##alg##_Init(c); \
-        } \
-        int private_##alg##_Init(cx##_CTX *c)
-
-#  define fips_cipher_abort(alg) \
-        if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
-                "Low level API call to cipher " #alg " forbidden in FIPS mode!")
-
-# else
-#  define fips_md_init_ctx(alg, cx) \
-        int alg##_Init(cx##_CTX *c)
-#  define fips_cipher_abort(alg) while(0)
-# endif
-
-/*
- * CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal.
- * It takes an amount of time dependent on |len|, but independent of the
- * contents of |a| and |b|. Unlike memcmp, it cannot be used to put elements
- * into a defined order as the return value when a != b is undefined, other
- * than to be non-zero.
- */
-int CRYPTO_memcmp(const volatile void *a, const volatile void *b, size_t len);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_CRYPTO_strings(void);
-
-/* Error codes for the CRYPTO functions. */
-
-/* Function codes. */
-# define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX                 100
-# define CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID                103
-# define CRYPTO_F_CRYPTO_GET_NEW_LOCKID                   101
-# define CRYPTO_F_CRYPTO_SET_EX_DATA                      102
-# define CRYPTO_F_DEF_ADD_INDEX                           104
-# define CRYPTO_F_DEF_GET_CLASS                           105
-# define CRYPTO_F_FIPS_MODE_SET                           109
-# define CRYPTO_F_INT_DUP_EX_DATA                         106
-# define CRYPTO_F_INT_FREE_EX_DATA                        107
-# define CRYPTO_F_INT_NEW_EX_DATA                         108
-
-/* Reason codes. */
-# define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED                 101
-# define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK              100
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/des.h b/thirdparty/openssl/openssl/des.h
deleted file mode 100644
index 1b40144e1b..0000000000
--- a/thirdparty/openssl/openssl/des.h
+++ /dev/null
@@ -1,257 +0,0 @@
-/* crypto/des/des.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_NEW_DES_H
-# define HEADER_NEW_DES_H
-
-# include <openssl/e_os2.h>     /* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG
-                                 * (via openssl/opensslconf.h */
-
-# ifdef OPENSSL_NO_DES
-#  error DES is disabled.
-# endif
-
-# ifdef OPENSSL_BUILD_SHLIBCRYPTO
-#  undef OPENSSL_EXTERN
-#  define OPENSSL_EXTERN OPENSSL_EXPORT
-# endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef unsigned char DES_cblock[8];
-typedef /* const */ unsigned char const_DES_cblock[8];
-/*
- * With "const", gcc 2.8.1 on Solaris thinks that DES_cblock * and
- * const_DES_cblock * are incompatible pointer types.
- */
-
-typedef struct DES_ks {
-    union {
-        DES_cblock cblock;
-        /*
-         * make sure things are correct size on machines with 8 byte longs
-         */
-        DES_LONG deslong[2];
-    } ks[16];
-} DES_key_schedule;
-
-# ifndef OPENSSL_DISABLE_OLD_DES_SUPPORT
-#  ifndef OPENSSL_ENABLE_OLD_DES_SUPPORT
-#   define OPENSSL_ENABLE_OLD_DES_SUPPORT
-#  endif
-# endif
-
-# ifdef OPENSSL_ENABLE_OLD_DES_SUPPORT
-#  include <openssl/des_old.h>
-# endif
-
-# define DES_KEY_SZ      (sizeof(DES_cblock))
-# define DES_SCHEDULE_SZ (sizeof(DES_key_schedule))
-
-# define DES_ENCRYPT     1
-# define DES_DECRYPT     0
-
-# define DES_CBC_MODE    0
-# define DES_PCBC_MODE   1
-
-# define DES_ecb2_encrypt(i,o,k1,k2,e) \
-        DES_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
-
-# define DES_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
-        DES_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
-
-# define DES_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
-        DES_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
-
-# define DES_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
-        DES_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
-
-OPENSSL_DECLARE_GLOBAL(int, DES_check_key); /* defaults to false */
-# define DES_check_key OPENSSL_GLOBAL_REF(DES_check_key)
-OPENSSL_DECLARE_GLOBAL(int, DES_rw_mode); /* defaults to DES_PCBC_MODE */
-# define DES_rw_mode OPENSSL_GLOBAL_REF(DES_rw_mode)
-
-const char *DES_options(void);
-void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
-                      DES_key_schedule *ks1, DES_key_schedule *ks2,
-                      DES_key_schedule *ks3, int enc);
-DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
-                       long length, DES_key_schedule *schedule,
-                       const_DES_cblock *ivec);
-/* DES_cbc_encrypt does not update the IV!  Use DES_ncbc_encrypt instead. */
-void DES_cbc_encrypt(const unsigned char *input, unsigned char *output,
-                     long length, DES_key_schedule *schedule,
-                     DES_cblock *ivec, int enc);
-void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
-                      long length, DES_key_schedule *schedule,
-                      DES_cblock *ivec, int enc);
-void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
-                      long length, DES_key_schedule *schedule,
-                      DES_cblock *ivec, const_DES_cblock *inw,
-                      const_DES_cblock *outw, int enc);
-void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
-                     long length, DES_key_schedule *schedule,
-                     DES_cblock *ivec, int enc);
-void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
-                     DES_key_schedule *ks, int enc);
-
-/*
- * This is the DES encryption function that gets called by just about every
- * other DES routine in the library.  You should not use this function except
- * to implement 'modes' of DES.  I say this because the functions that call
- * this routine do the conversion from 'char *' to long, and this needs to be
- * done to make sure 'non-aligned' memory access do not occur.  The
- * characters are loaded 'little endian'. Data is a pointer to 2 unsigned
- * long's and ks is the DES_key_schedule to use.  enc, is non zero specifies
- * encryption, zero if decryption.
- */
-void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc);
-
-/*
- * This functions is the same as DES_encrypt1() except that the DES initial
- * permutation (IP) and final permutation (FP) have been left out.  As for
- * DES_encrypt1(), you should not use this function. It is used by the
- * routines in the library that implement triple DES. IP() DES_encrypt2()
- * DES_encrypt2() DES_encrypt2() FP() is the same as DES_encrypt1()
- * DES_encrypt1() DES_encrypt1() except faster :-).
- */
-void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc);
-
-void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
-                  DES_key_schedule *ks2, DES_key_schedule *ks3);
-void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
-                  DES_key_schedule *ks2, DES_key_schedule *ks3);
-void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
-                          long length,
-                          DES_key_schedule *ks1, DES_key_schedule *ks2,
-                          DES_key_schedule *ks3, DES_cblock *ivec, int enc);
-void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
-                           long length,
-                           DES_key_schedule *ks1, DES_key_schedule *ks2,
-                           DES_key_schedule *ks3,
-                           DES_cblock *ivec1, DES_cblock *ivec2, int enc);
-void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-                            long length, DES_key_schedule *ks1,
-                            DES_key_schedule *ks2, DES_key_schedule *ks3,
-                            DES_cblock *ivec, int *num, int enc);
-void DES_ede3_cfb_encrypt(const unsigned char *in, unsigned char *out,
-                          int numbits, long length, DES_key_schedule *ks1,
-                          DES_key_schedule *ks2, DES_key_schedule *ks3,
-                          DES_cblock *ivec, int enc);
-void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-                            long length, DES_key_schedule *ks1,
-                            DES_key_schedule *ks2, DES_key_schedule *ks3,
-                            DES_cblock *ivec, int *num);
-# if 0
-void DES_xwhite_in2out(const_DES_cblock *DES_key, const_DES_cblock *in_white,
-                       DES_cblock *out_white);
-# endif
-
-int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
-                 DES_cblock *iv);
-int DES_enc_write(int fd, const void *buf, int len, DES_key_schedule *sched,
-                  DES_cblock *iv);
-char *DES_fcrypt(const char *buf, const char *salt, char *ret);
-char *DES_crypt(const char *buf, const char *salt);
-void DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
-                     long length, DES_key_schedule *schedule,
-                     DES_cblock *ivec);
-void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
-                      long length, DES_key_schedule *schedule,
-                      DES_cblock *ivec, int enc);
-DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
-                        long length, int out_count, DES_cblock *seed);
-int DES_random_key(DES_cblock *ret);
-void DES_set_odd_parity(DES_cblock *key);
-int DES_check_key_parity(const_DES_cblock *key);
-int DES_is_weak_key(const_DES_cblock *key);
-/*
- * DES_set_key (= set_key = DES_key_sched = key_sched) calls
- * DES_set_key_checked if global variable DES_check_key is set,
- * DES_set_key_unchecked otherwise.
- */
-int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
-int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
-int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
-void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
-# ifdef OPENSSL_FIPS
-void private_DES_set_key_unchecked(const_DES_cblock *key,
-                                   DES_key_schedule *schedule);
-# endif
-void DES_string_to_key(const char *str, DES_cblock *key);
-void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
-void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-                       long length, DES_key_schedule *schedule,
-                       DES_cblock *ivec, int *num, int enc);
-void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-                       long length, DES_key_schedule *schedule,
-                       DES_cblock *ivec, int *num);
-
-int DES_read_password(DES_cblock *key, const char *prompt, int verify);
-int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2,
-                        const char *prompt, int verify);
-
-# define DES_fixup_key_parity DES_set_odd_parity
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/openssl/des_old.h b/thirdparty/openssl/openssl/des_old.h
deleted file mode 100644
index ee7607a241..0000000000
--- a/thirdparty/openssl/openssl/des_old.h
+++ /dev/null
@@ -1,497 +0,0 @@
-/* crypto/des/des_old.h */
-
-/*-
- * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- *
- * The function names in here are deprecated and are only present to
- * provide an interface compatible with openssl 0.9.6 and older as
- * well as libdes.  OpenSSL now provides functions where "des_" has
- * been replaced with "DES_" in the names, to make it possible to
- * make incompatible changes that are needed for C type security and
- * other stuff.
- *
- * This include files has two compatibility modes:
- *
- *   - If OPENSSL_DES_LIBDES_COMPATIBILITY is defined, you get an API
- *     that is compatible with libdes and SSLeay.
- *   - If OPENSSL_DES_LIBDES_COMPATIBILITY isn't defined, you get an
- *     API that is compatible with OpenSSL 0.9.5x to 0.9.6x.
- *
- * Note that these modes break earlier snapshots of OpenSSL, where
- * libdes compatibility was the only available mode or (later on) the
- * prefered compatibility mode.  However, after much consideration
- * (and more or less violent discussions with external parties), it
- * was concluded that OpenSSL should be compatible with earlier versions
- * of itself before anything else.  Also, in all honesty, libdes is
- * an old beast that shouldn't really be used any more.
- *
- * Please consider starting to use the DES_ functions rather than the
- * des_ ones.  The des_ functions will disappear completely before
- * OpenSSL 1.0!
- *
- * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
- */
-
-/*
- * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_DES_H
-# define HEADER_DES_H
-
-# include <openssl/e_os2.h>     /* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG */
-
-# ifdef OPENSSL_NO_DES
-#  error DES is disabled.
-# endif
-
-# ifndef HEADER_NEW_DES_H
-#  error You must include des.h, not des_old.h directly.
-# endif
-
-# ifdef _KERBEROS_DES_H
-#  error <openssl/des_old.h> replaces <kerberos/des.h>.
-# endif
-
-# include <openssl/symhacks.h>
-
-# ifdef OPENSSL_BUILD_SHLIBCRYPTO
-#  undef OPENSSL_EXTERN
-#  define OPENSSL_EXTERN OPENSSL_EXPORT
-# endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# ifdef _
-#  undef _
-# endif
-
-typedef unsigned char _ossl_old_des_cblock[8];
-typedef struct _ossl_old_des_ks_struct {
-    union {
-        _ossl_old_des_cblock _;
-        /*
-         * make sure things are correct size on machines with 8 byte longs
-         */
-        DES_LONG pad[2];
-    } ks;
-} _ossl_old_des_key_schedule[16];
-
-# ifndef OPENSSL_DES_LIBDES_COMPATIBILITY
-#  define des_cblock DES_cblock
-#  define const_des_cblock const_DES_cblock
-#  define des_key_schedule DES_key_schedule
-#  define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
-        DES_ecb3_encrypt((i),(o),&(k1),&(k2),&(k3),(e))
-#  define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
-        DES_ede3_cbc_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(e))
-#  define des_ede3_cbcm_encrypt(i,o,l,k1,k2,k3,iv1,iv2,e)\
-        DES_ede3_cbcm_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv1),(iv2),(e))
-#  define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
-        DES_ede3_cfb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n),(e))
-#  define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
-        DES_ede3_ofb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n))
-#  define des_options()\
-        DES_options()
-#  define des_cbc_cksum(i,o,l,k,iv)\
-        DES_cbc_cksum((i),(o),(l),&(k),(iv))
-#  define des_cbc_encrypt(i,o,l,k,iv,e)\
-        DES_cbc_encrypt((i),(o),(l),&(k),(iv),(e))
-#  define des_ncbc_encrypt(i,o,l,k,iv,e)\
-        DES_ncbc_encrypt((i),(o),(l),&(k),(iv),(e))
-#  define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
-        DES_xcbc_encrypt((i),(o),(l),&(k),(iv),(inw),(outw),(e))
-#  define des_cfb_encrypt(i,o,n,l,k,iv,e)\
-        DES_cfb_encrypt((i),(o),(n),(l),&(k),(iv),(e))
-#  define des_ecb_encrypt(i,o,k,e)\
-        DES_ecb_encrypt((i),(o),&(k),(e))
-#  define des_encrypt1(d,k,e)\
-        DES_encrypt1((d),&(k),(e))
-#  define des_encrypt2(d,k,e)\
-        DES_encrypt2((d),&(k),(e))
-#  define des_encrypt3(d,k1,k2,k3)\
-        DES_encrypt3((d),&(k1),&(k2),&(k3))
-#  define des_decrypt3(d,k1,k2,k3)\
-        DES_decrypt3((d),&(k1),&(k2),&(k3))
-#  define des_xwhite_in2out(k,i,o)\
-        DES_xwhite_in2out((k),(i),(o))
-#  define des_enc_read(f,b,l,k,iv)\
-        DES_enc_read((f),(b),(l),&(k),(iv))
-#  define des_enc_write(f,b,l,k,iv)\
-        DES_enc_write((f),(b),(l),&(k),(iv))
-#  define des_fcrypt(b,s,r)\
-        DES_fcrypt((b),(s),(r))
-#  if 0
-#   define des_crypt(b,s)\
-        DES_crypt((b),(s))
-#   if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__)
-#    define crypt(b,s)\
-        DES_crypt((b),(s))
-#   endif
-#  endif
-#  define des_ofb_encrypt(i,o,n,l,k,iv)\
-        DES_ofb_encrypt((i),(o),(n),(l),&(k),(iv))
-#  define des_pcbc_encrypt(i,o,l,k,iv,e)\
-        DES_pcbc_encrypt((i),(o),(l),&(k),(iv),(e))
-#  define des_quad_cksum(i,o,l,c,s)\
-        DES_quad_cksum((i),(o),(l),(c),(s))
-#  define des_random_seed(k)\
-        _ossl_096_des_random_seed((k))
-#  define des_random_key(r)\
-        DES_random_key((r))
-#  define des_read_password(k,p,v) \
-        DES_read_password((k),(p),(v))
-#  define des_read_2passwords(k1,k2,p,v) \
-        DES_read_2passwords((k1),(k2),(p),(v))
-#  define des_set_odd_parity(k)\
-        DES_set_odd_parity((k))
-#  define des_check_key_parity(k)\
-        DES_check_key_parity((k))
-#  define des_is_weak_key(k)\
-        DES_is_weak_key((k))
-#  define des_set_key(k,ks)\
-        DES_set_key((k),&(ks))
-#  define des_key_sched(k,ks)\
-        DES_key_sched((k),&(ks))
-#  define des_set_key_checked(k,ks)\
-        DES_set_key_checked((k),&(ks))
-#  define des_set_key_unchecked(k,ks)\
-        DES_set_key_unchecked((k),&(ks))
-#  define des_string_to_key(s,k)\
-        DES_string_to_key((s),(k))
-#  define des_string_to_2keys(s,k1,k2)\
-        DES_string_to_2keys((s),(k1),(k2))
-#  define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
-        DES_cfb64_encrypt((i),(o),(l),&(ks),(iv),(n),(e))
-#  define des_ofb64_encrypt(i,o,l,ks,iv,n)\
-        DES_ofb64_encrypt((i),(o),(l),&(ks),(iv),(n))
-
-#  define des_ecb2_encrypt(i,o,k1,k2,e) \
-        des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
-
-#  define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
-        des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
-
-#  define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
-        des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
-
-#  define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
-        des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
-
-#  define des_check_key DES_check_key
-#  define des_rw_mode DES_rw_mode
-# else                          /* libdes compatibility */
-/*
- * Map all symbol names to _ossl_old_des_* form, so we avoid all clashes with
- * libdes
- */
-#  define des_cblock _ossl_old_des_cblock
-#  define des_key_schedule _ossl_old_des_key_schedule
-#  define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
-        _ossl_old_des_ecb3_encrypt((i),(o),(k1),(k2),(k3),(e))
-#  define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
-        _ossl_old_des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(e))
-#  define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
-        _ossl_old_des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n),(e))
-#  define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
-        _ossl_old_des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n))
-#  define des_options()\
-        _ossl_old_des_options()
-#  define des_cbc_cksum(i,o,l,k,iv)\
-        _ossl_old_des_cbc_cksum((i),(o),(l),(k),(iv))
-#  define des_cbc_encrypt(i,o,l,k,iv,e)\
-        _ossl_old_des_cbc_encrypt((i),(o),(l),(k),(iv),(e))
-#  define des_ncbc_encrypt(i,o,l,k,iv,e)\
-        _ossl_old_des_ncbc_encrypt((i),(o),(l),(k),(iv),(e))
-#  define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
-        _ossl_old_des_xcbc_encrypt((i),(o),(l),(k),(iv),(inw),(outw),(e))
-#  define des_cfb_encrypt(i,o,n,l,k,iv,e)\
-        _ossl_old_des_cfb_encrypt((i),(o),(n),(l),(k),(iv),(e))
-#  define des_ecb_encrypt(i,o,k,e)\
-        _ossl_old_des_ecb_encrypt((i),(o),(k),(e))
-#  define des_encrypt(d,k,e)\
-        _ossl_old_des_encrypt((d),(k),(e))
-#  define des_encrypt2(d,k,e)\
-        _ossl_old_des_encrypt2((d),(k),(e))
-#  define des_encrypt3(d,k1,k2,k3)\
-        _ossl_old_des_encrypt3((d),(k1),(k2),(k3))
-#  define des_decrypt3(d,k1,k2,k3)\
-        _ossl_old_des_decrypt3((d),(k1),(k2),(k3))
-#  define des_xwhite_in2out(k,i,o)\
-        _ossl_old_des_xwhite_in2out((k),(i),(o))
-#  define des_enc_read(f,b,l,k,iv)\
-        _ossl_old_des_enc_read((f),(b),(l),(k),(iv))
-#  define des_enc_write(f,b,l,k,iv)\
-        _ossl_old_des_enc_write((f),(b),(l),(k),(iv))
-#  define des_fcrypt(b,s,r)\
-        _ossl_old_des_fcrypt((b),(s),(r))
-#  define des_crypt(b,s)\
-        _ossl_old_des_crypt((b),(s))
-#  if 0
-#   define crypt(b,s)\
-        _ossl_old_crypt((b),(s))
-#  endif
-#  define des_ofb_encrypt(i,o,n,l,k,iv)\
-        _ossl_old_des_ofb_encrypt((i),(o),(n),(l),(k),(iv))
-#  define des_pcbc_encrypt(i,o,l,k,iv,e)\
-        _ossl_old_des_pcbc_encrypt((i),(o),(l),(k),(iv),(e))
-#  define des_quad_cksum(i,o,l,c,s)\
-        _ossl_old_des_quad_cksum((i),(o),(l),(c),(s))
-#  define des_random_seed(k)\
-        _ossl_old_des_random_seed((k))
-#  define des_random_key(r)\
-        _ossl_old_des_random_key((r))
-#  define des_read_password(k,p,v) \
-        _ossl_old_des_read_password((k),(p),(v))
-#  define des_read_2passwords(k1,k2,p,v) \
-        _ossl_old_des_read_2passwords((k1),(k2),(p),(v))
-#  define des_set_odd_parity(k)\
-        _ossl_old_des_set_odd_parity((k))
-#  define des_is_weak_key(k)\
-        _ossl_old_des_is_weak_key((k))
-#  define des_set_key(k,ks)\
-        _ossl_old_des_set_key((k),(ks))
-#  define des_key_sched(k,ks)\
-        _ossl_old_des_key_sched((k),(ks))
-#  define des_string_to_key(s,k)\
-        _ossl_old_des_string_to_key((s),(k))
-#  define des_string_to_2keys(s,k1,k2)\
-        _ossl_old_des_string_to_2keys((s),(k1),(k2))
-#  define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
-        _ossl_old_des_cfb64_encrypt((i),(o),(l),(ks),(iv),(n),(e))
-#  define des_ofb64_encrypt(i,o,l,ks,iv,n)\
-        _ossl_old_des_ofb64_encrypt((i),(o),(l),(ks),(iv),(n))
-
-#  define des_ecb2_encrypt(i,o,k1,k2,e) \
-        des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
-
-#  define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
-        des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
-
-#  define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
-        des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
-
-#  define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
-        des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
-
-#  define des_check_key DES_check_key
-#  define des_rw_mode DES_rw_mode
-# endif
-
-const char *_ossl_old_des_options(void);
-void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,
-                                _ossl_old_des_cblock *output,
-                                _ossl_old_des_key_schedule ks1,
-                                _ossl_old_des_key_schedule ks2,
-                                _ossl_old_des_key_schedule ks3, int enc);
-DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,
-                                 _ossl_old_des_cblock *output, long length,
-                                 _ossl_old_des_key_schedule schedule,
-                                 _ossl_old_des_cblock *ivec);
-void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,
-                               _ossl_old_des_cblock *output, long length,
-                               _ossl_old_des_key_schedule schedule,
-                               _ossl_old_des_cblock *ivec, int enc);
-void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,
-                                _ossl_old_des_cblock *output, long length,
-                                _ossl_old_des_key_schedule schedule,
-                                _ossl_old_des_cblock *ivec, int enc);
-void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,
-                                _ossl_old_des_cblock *output, long length,
-                                _ossl_old_des_key_schedule schedule,
-                                _ossl_old_des_cblock *ivec,
-                                _ossl_old_des_cblock *inw,
-                                _ossl_old_des_cblock *outw, int enc);
-void _ossl_old_des_cfb_encrypt(unsigned char *in, unsigned char *out,
-                               int numbits, long length,
-                               _ossl_old_des_key_schedule schedule,
-                               _ossl_old_des_cblock *ivec, int enc);
-void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,
-                               _ossl_old_des_cblock *output,
-                               _ossl_old_des_key_schedule ks, int enc);
-void _ossl_old_des_encrypt(DES_LONG *data, _ossl_old_des_key_schedule ks,
-                           int enc);
-void _ossl_old_des_encrypt2(DES_LONG *data, _ossl_old_des_key_schedule ks,
-                            int enc);
-void _ossl_old_des_encrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
-                            _ossl_old_des_key_schedule ks2,
-                            _ossl_old_des_key_schedule ks3);
-void _ossl_old_des_decrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
-                            _ossl_old_des_key_schedule ks2,
-                            _ossl_old_des_key_schedule ks3);
-void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input,
-                                    _ossl_old_des_cblock *output, long length,
-                                    _ossl_old_des_key_schedule ks1,
-                                    _ossl_old_des_key_schedule ks2,
-                                    _ossl_old_des_key_schedule ks3,
-                                    _ossl_old_des_cblock *ivec, int enc);
-void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
-                                      long length,
-                                      _ossl_old_des_key_schedule ks1,
-                                      _ossl_old_des_key_schedule ks2,
-                                      _ossl_old_des_key_schedule ks3,
-                                      _ossl_old_des_cblock *ivec, int *num,
-                                      int enc);
-void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
-                                      long length,
-                                      _ossl_old_des_key_schedule ks1,
-                                      _ossl_old_des_key_schedule ks2,
-                                      _ossl_old_des_key_schedule ks3,
-                                      _ossl_old_des_cblock *ivec, int *num);
-# if 0
-void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key),
-                                 _ossl_old_des_cblock (*in_white),
-                                 _ossl_old_des_cblock (*out_white));
-# endif
-
-int _ossl_old_des_enc_read(int fd, char *buf, int len,
-                           _ossl_old_des_key_schedule sched,
-                           _ossl_old_des_cblock *iv);
-int _ossl_old_des_enc_write(int fd, char *buf, int len,
-                            _ossl_old_des_key_schedule sched,
-                            _ossl_old_des_cblock *iv);
-char *_ossl_old_des_fcrypt(const char *buf, const char *salt, char *ret);
-char *_ossl_old_des_crypt(const char *buf, const char *salt);
-# if !defined(PERL5) && !defined(NeXT)
-char *_ossl_old_crypt(const char *buf, const char *salt);
-# endif
-void _ossl_old_des_ofb_encrypt(unsigned char *in, unsigned char *out,
-                               int numbits, long length,
-                               _ossl_old_des_key_schedule schedule,
-                               _ossl_old_des_cblock *ivec);
-void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,
-                                _ossl_old_des_cblock *output, long length,
-                                _ossl_old_des_key_schedule schedule,
-                                _ossl_old_des_cblock *ivec, int enc);
-DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,
-                                  _ossl_old_des_cblock *output, long length,
-                                  int out_count, _ossl_old_des_cblock *seed);
-void _ossl_old_des_random_seed(_ossl_old_des_cblock key);
-void _ossl_old_des_random_key(_ossl_old_des_cblock ret);
-int _ossl_old_des_read_password(_ossl_old_des_cblock *key, const char *prompt,
-                                int verify);
-int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1,
-                                  _ossl_old_des_cblock *key2,
-                                  const char *prompt, int verify);
-void _ossl_old_des_set_odd_parity(_ossl_old_des_cblock *key);
-int _ossl_old_des_is_weak_key(_ossl_old_des_cblock *key);
-int _ossl_old_des_set_key(_ossl_old_des_cblock *key,
-                          _ossl_old_des_key_schedule schedule);
-int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,
-                            _ossl_old_des_key_schedule schedule);
-void _ossl_old_des_string_to_key(char *str, _ossl_old_des_cblock *key);
-void _ossl_old_des_string_to_2keys(char *str, _ossl_old_des_cblock *key1,
-                                   _ossl_old_des_cblock *key2);
-void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out,
-                                 long length,
-                                 _ossl_old_des_key_schedule schedule,
-                                 _ossl_old_des_cblock *ivec, int *num,
-                                 int enc);
-void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out,
-                                 long length,
-                                 _ossl_old_des_key_schedule schedule,
-                                 _ossl_old_des_cblock *ivec, int *num);
-
-void _ossl_096_des_random_seed(des_cblock *key);
-
-/*
- * The following definitions provide compatibility with the MIT Kerberos
- * library. The _ossl_old_des_key_schedule structure is not binary
- * compatible.
- */
-
-# define _KERBEROS_DES_H
-
-# define KRBDES_ENCRYPT DES_ENCRYPT
-# define KRBDES_DECRYPT DES_DECRYPT
-
-# ifdef KERBEROS
-#  define ENCRYPT DES_ENCRYPT
-#  define DECRYPT DES_DECRYPT
-# endif
-
-# ifndef NCOMPAT
-#  define C_Block des_cblock
-#  define Key_schedule des_key_schedule
-#  define KEY_SZ DES_KEY_SZ
-#  define string_to_key des_string_to_key
-#  define read_pw_string des_read_pw_string
-#  define random_key des_random_key
-#  define pcbc_encrypt des_pcbc_encrypt
-#  define set_key des_set_key
-#  define key_sched des_key_sched
-#  define ecb_encrypt des_ecb_encrypt
-#  define cbc_encrypt des_cbc_encrypt
-#  define ncbc_encrypt des_ncbc_encrypt
-#  define xcbc_encrypt des_xcbc_encrypt
-#  define cbc_cksum des_cbc_cksum
-#  define quad_cksum des_quad_cksum
-#  define check_parity des_check_key_parity
-# endif
-
-# define des_fixup_key_parity DES_fixup_key_parity
-
-#ifdef  __cplusplus
-}
-#endif
-
-/* for DES_read_pw_string et al */
-# include <openssl/ui_compat.h>
-
-#endif
diff --git a/thirdparty/openssl/openssl/dh.h b/thirdparty/openssl/openssl/dh.h
deleted file mode 100644
index a228c7a7a4..0000000000
--- a/thirdparty/openssl/openssl/dh.h
+++ /dev/null
@@ -1,410 +0,0 @@
-/* crypto/dh/dh.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_DH_H
-# define HEADER_DH_H
-
-# include <openssl/e_os2.h>
-
-# ifdef OPENSSL_NO_DH
-#  error DH is disabled.
-# endif
-
-# ifndef OPENSSL_NO_BIO
-#  include <openssl/bio.h>
-# endif
-# include <openssl/ossl_typ.h>
-# ifndef OPENSSL_NO_DEPRECATED
-#  include <openssl/bn.h>
-# endif
-
-# ifndef OPENSSL_DH_MAX_MODULUS_BITS
-#  define OPENSSL_DH_MAX_MODULUS_BITS    10000
-# endif
-
-# define DH_FLAG_CACHE_MONT_P     0x01
-
-/*
- * new with 0.9.7h; the built-in DH
- * implementation now uses constant time
- * modular exponentiation for secret exponents
- * by default. This flag causes the
- * faster variable sliding window method to
- * be used for all exponents.
- */
-# define DH_FLAG_NO_EXP_CONSTTIME 0x02
-
-/*
- * If this flag is set the DH method is FIPS compliant and can be used in
- * FIPS mode. This is set in the validated module method. If an application
- * sets this flag in its own methods it is its reposibility to ensure the
- * result is compliant.
- */
-
-# define DH_FLAG_FIPS_METHOD                     0x0400
-
-/*
- * If this flag is set the operations normally disabled in FIPS mode are
- * permitted it is then the applications responsibility to ensure that the
- * usage is compliant.
- */
-
-# define DH_FLAG_NON_FIPS_ALLOW                  0x0400
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Already defined in ossl_typ.h */
-/* typedef struct dh_st DH; */
-/* typedef struct dh_method DH_METHOD; */
-
-struct dh_method {
-    const char *name;
-    /* Methods here */
-    int (*generate_key) (DH *dh);
-    int (*compute_key) (unsigned char *key, const BIGNUM *pub_key, DH *dh);
-    /* Can be null */
-    int (*bn_mod_exp) (const DH *dh, BIGNUM *r, const BIGNUM *a,
-                       const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-                       BN_MONT_CTX *m_ctx);
-    int (*init) (DH *dh);
-    int (*finish) (DH *dh);
-    int flags;
-    char *app_data;
-    /* If this is non-NULL, it will be used to generate parameters */
-    int (*generate_params) (DH *dh, int prime_len, int generator,
-                            BN_GENCB *cb);
-};
-
-struct dh_st {
-    /*
-     * This first argument is used to pick up errors when a DH is passed
-     * instead of a EVP_PKEY
-     */
-    int pad;
-    int version;
-    BIGNUM *p;
-    BIGNUM *g;
-    long length;                /* optional */
-    BIGNUM *pub_key;            /* g^x % p */
-    BIGNUM *priv_key;           /* x */
-    int flags;
-    BN_MONT_CTX *method_mont_p;
-    /* Place holders if we want to do X9.42 DH */
-    BIGNUM *q;
-    BIGNUM *j;
-    unsigned char *seed;
-    int seedlen;
-    BIGNUM *counter;
-    int references;
-    CRYPTO_EX_DATA ex_data;
-    const DH_METHOD *meth;
-    ENGINE *engine;
-};
-
-# define DH_GENERATOR_2          2
-/* #define DH_GENERATOR_3       3 */
-# define DH_GENERATOR_5          5
-
-/* DH_check error codes */
-# define DH_CHECK_P_NOT_PRIME            0x01
-# define DH_CHECK_P_NOT_SAFE_PRIME       0x02
-# define DH_UNABLE_TO_CHECK_GENERATOR    0x04
-# define DH_NOT_SUITABLE_GENERATOR       0x08
-# define DH_CHECK_Q_NOT_PRIME            0x10
-# define DH_CHECK_INVALID_Q_VALUE        0x20
-# define DH_CHECK_INVALID_J_VALUE        0x40
-
-/* DH_check_pub_key error codes */
-# define DH_CHECK_PUBKEY_TOO_SMALL       0x01
-# define DH_CHECK_PUBKEY_TOO_LARGE       0x02
-# define DH_CHECK_PUBKEY_INVALID         0x04
-
-/*
- * primes p where (p-1)/2 is prime too are called "safe"; we define this for
- * backward compatibility:
- */
-# define DH_CHECK_P_NOT_STRONG_PRIME     DH_CHECK_P_NOT_SAFE_PRIME
-
-# define d2i_DHparams_fp(fp,x) \
-    (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
-                      (char *(*)())d2i_DHparams, \
-                      (fp), \
-                      (unsigned char **)(x))
-# define i2d_DHparams_fp(fp,x) \
-    ASN1_i2d_fp(i2d_DHparams,(fp), (unsigned char *)(x))
-# define d2i_DHparams_bio(bp,x) \
-    ASN1_d2i_bio_of(DH, DH_new, d2i_DHparams, bp, x)
-# define i2d_DHparams_bio(bp,x) \
-    ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
-
-# define d2i_DHxparams_fp(fp,x) \
-    (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
-                      (char *(*)())d2i_DHxparams, \
-                      (fp), \
-                      (unsigned char **)(x))
-# define i2d_DHxparams_fp(fp,x) \
-    ASN1_i2d_fp(i2d_DHxparams,(fp), (unsigned char *)(x))
-# define d2i_DHxparams_bio(bp,x) \
-    ASN1_d2i_bio_of(DH, DH_new, d2i_DHxparams, bp, x)
-# define i2d_DHxparams_bio(bp,x) \
-    ASN1_i2d_bio_of_const(DH, i2d_DHxparams, bp, x)
-
-DH *DHparams_dup(DH *);
-
-const DH_METHOD *DH_OpenSSL(void);
-
-void DH_set_default_method(const DH_METHOD *meth);
-const DH_METHOD *DH_get_default_method(void);
-int DH_set_method(DH *dh, const DH_METHOD *meth);
-DH *DH_new_method(ENGINE *engine);
-
-DH *DH_new(void);
-void DH_free(DH *dh);
-int DH_up_ref(DH *dh);
-int DH_size(const DH *dh);
-int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-                        CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int DH_set_ex_data(DH *d, int idx, void *arg);
-void *DH_get_ex_data(DH *d, int idx);
-
-/* Deprecated version */
-# ifndef OPENSSL_NO_DEPRECATED
-DH *DH_generate_parameters(int prime_len, int generator,
-                           void (*callback) (int, int, void *), void *cb_arg);
-# endif                         /* !defined(OPENSSL_NO_DEPRECATED) */
-
-/* New version */
-int DH_generate_parameters_ex(DH *dh, int prime_len, int generator,
-                              BN_GENCB *cb);
-
-int DH_check(const DH *dh, int *codes);
-int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *codes);
-int DH_generate_key(DH *dh);
-int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
-int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh);
-DH *d2i_DHparams(DH **a, const unsigned char **pp, long length);
-int i2d_DHparams(const DH *a, unsigned char **pp);
-DH *d2i_DHxparams(DH **a, const unsigned char **pp, long length);
-int i2d_DHxparams(const DH *a, unsigned char **pp);
-# ifndef OPENSSL_NO_FP_API
-int DHparams_print_fp(FILE *fp, const DH *x);
-# endif
-# ifndef OPENSSL_NO_BIO
-int DHparams_print(BIO *bp, const DH *x);
-# else
-int DHparams_print(char *bp, const DH *x);
-# endif
-
-/* RFC 5114 parameters */
-DH *DH_get_1024_160(void);
-DH *DH_get_2048_224(void);
-DH *DH_get_2048_256(void);
-
-/* RFC2631 KDF */
-int DH_KDF_X9_42(unsigned char *out, size_t outlen,
-                 const unsigned char *Z, size_t Zlen,
-                 ASN1_OBJECT *key_oid,
-                 const unsigned char *ukm, size_t ukmlen, const EVP_MD *md);
-
-# define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
-                        EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)
-
-# define EVP_PKEY_CTX_set_dh_paramgen_subprime_len(ctx, len) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
-                        EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN, len, NULL)
-
-# define EVP_PKEY_CTX_set_dh_paramgen_type(ctx, typ) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
-                        EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, typ, NULL)
-
-# define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
-                        EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL)
-
-# define EVP_PKEY_CTX_set_dh_rfc5114(ctx, gen) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
-                        EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
-
-# define EVP_PKEY_CTX_set_dhx_rfc5114(ctx, gen) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
-                        EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
-
-# define EVP_PKEY_CTX_set_dh_kdf_type(ctx, kdf) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
-                                EVP_PKEY_OP_DERIVE, \
-                                EVP_PKEY_CTRL_DH_KDF_TYPE, kdf, NULL)
-
-# define EVP_PKEY_CTX_get_dh_kdf_type(ctx) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
-                                EVP_PKEY_OP_DERIVE, \
-                                EVP_PKEY_CTRL_DH_KDF_TYPE, -2, NULL)
-
-# define EVP_PKEY_CTX_set0_dh_kdf_oid(ctx, oid) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
-                                EVP_PKEY_OP_DERIVE, \
-                                EVP_PKEY_CTRL_DH_KDF_OID, 0, (void *)oid)
-
-# define EVP_PKEY_CTX_get0_dh_kdf_oid(ctx, poid) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
-                                EVP_PKEY_OP_DERIVE, \
-                                EVP_PKEY_CTRL_GET_DH_KDF_OID, 0, (void *)poid)
-
-# define EVP_PKEY_CTX_set_dh_kdf_md(ctx, md) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
-                                EVP_PKEY_OP_DERIVE, \
-                                EVP_PKEY_CTRL_DH_KDF_MD, 0, (void *)md)
-
-# define EVP_PKEY_CTX_get_dh_kdf_md(ctx, pmd) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
-                                EVP_PKEY_OP_DERIVE, \
-                                EVP_PKEY_CTRL_GET_DH_KDF_MD, 0, (void *)pmd)
-
-# define EVP_PKEY_CTX_set_dh_kdf_outlen(ctx, len) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
-                                EVP_PKEY_OP_DERIVE, \
-                                EVP_PKEY_CTRL_DH_KDF_OUTLEN, len, NULL)
-
-# define EVP_PKEY_CTX_get_dh_kdf_outlen(ctx, plen) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
-                                EVP_PKEY_OP_DERIVE, \
-                        EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN, 0, (void *)plen)
-
-# define EVP_PKEY_CTX_set0_dh_kdf_ukm(ctx, p, plen) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
-                                EVP_PKEY_OP_DERIVE, \
-                                EVP_PKEY_CTRL_DH_KDF_UKM, plen, (void *)p)
-
-# define EVP_PKEY_CTX_get0_dh_kdf_ukm(ctx, p) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
-                                EVP_PKEY_OP_DERIVE, \
-                                EVP_PKEY_CTRL_GET_DH_KDF_UKM, 0, (void *)p)
-
-# define EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN     (EVP_PKEY_ALG_CTRL + 1)
-# define EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR     (EVP_PKEY_ALG_CTRL + 2)
-# define EVP_PKEY_CTRL_DH_RFC5114                (EVP_PKEY_ALG_CTRL + 3)
-# define EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN  (EVP_PKEY_ALG_CTRL + 4)
-# define EVP_PKEY_CTRL_DH_PARAMGEN_TYPE          (EVP_PKEY_ALG_CTRL + 5)
-# define EVP_PKEY_CTRL_DH_KDF_TYPE               (EVP_PKEY_ALG_CTRL + 6)
-# define EVP_PKEY_CTRL_DH_KDF_MD                 (EVP_PKEY_ALG_CTRL + 7)
-# define EVP_PKEY_CTRL_GET_DH_KDF_MD             (EVP_PKEY_ALG_CTRL + 8)
-# define EVP_PKEY_CTRL_DH_KDF_OUTLEN             (EVP_PKEY_ALG_CTRL + 9)
-# define EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN         (EVP_PKEY_ALG_CTRL + 10)
-# define EVP_PKEY_CTRL_DH_KDF_UKM                (EVP_PKEY_ALG_CTRL + 11)
-# define EVP_PKEY_CTRL_GET_DH_KDF_UKM            (EVP_PKEY_ALG_CTRL + 12)
-# define EVP_PKEY_CTRL_DH_KDF_OID                (EVP_PKEY_ALG_CTRL + 13)
-# define EVP_PKEY_CTRL_GET_DH_KDF_OID            (EVP_PKEY_ALG_CTRL + 14)
-
-/* KDF types */
-# define EVP_PKEY_DH_KDF_NONE                            1
-# define EVP_PKEY_DH_KDF_X9_42                           2
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_DH_strings(void);
-
-/* Error codes for the DH functions. */
-
-/* Function codes. */
-# define DH_F_COMPUTE_KEY                                 102
-# define DH_F_DHPARAMS_PRINT_FP                           101
-# define DH_F_DH_BUILTIN_GENPARAMS                        106
-# define DH_F_DH_CMS_DECRYPT                              117
-# define DH_F_DH_CMS_SET_PEERKEY                          118
-# define DH_F_DH_CMS_SET_SHARED_INFO                      119
-# define DH_F_DH_COMPUTE_KEY                              114
-# define DH_F_DH_GENERATE_KEY                             115
-# define DH_F_DH_GENERATE_PARAMETERS_EX                   116
-# define DH_F_DH_NEW_METHOD                               105
-# define DH_F_DH_PARAM_DECODE                             107
-# define DH_F_DH_PRIV_DECODE                              110
-# define DH_F_DH_PRIV_ENCODE                              111
-# define DH_F_DH_PUB_DECODE                               108
-# define DH_F_DH_PUB_ENCODE                               109
-# define DH_F_DO_DH_PRINT                                 100
-# define DH_F_GENERATE_KEY                                103
-# define DH_F_GENERATE_PARAMETERS                         104
-# define DH_F_PKEY_DH_DERIVE                              112
-# define DH_F_PKEY_DH_KEYGEN                              113
-
-/* Reason codes. */
-# define DH_R_BAD_GENERATOR                               101
-# define DH_R_BN_DECODE_ERROR                             109
-# define DH_R_BN_ERROR                                    106
-# define DH_R_DECODE_ERROR                                104
-# define DH_R_INVALID_PUBKEY                              102
-# define DH_R_KDF_PARAMETER_ERROR                         112
-# define DH_R_KEYS_NOT_SET                                108
-# define DH_R_KEY_SIZE_TOO_SMALL                          110
-# define DH_R_MODULUS_TOO_LARGE                           103
-# define DH_R_NON_FIPS_METHOD                             111
-# define DH_R_NO_PARAMETERS_SET                           107
-# define DH_R_NO_PRIVATE_VALUE                            100
-# define DH_R_PARAMETER_ENCODING_ERROR                    105
-# define DH_R_PEER_KEY_ERROR                              113
-# define DH_R_SHARED_INFO_ERROR                           114
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/dsa.h b/thirdparty/openssl/openssl/dsa.h
deleted file mode 100644
index 545358fd02..0000000000
--- a/thirdparty/openssl/openssl/dsa.h
+++ /dev/null
@@ -1,332 +0,0 @@
-/* crypto/dsa/dsa.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * The DSS routines are based on patches supplied by
- * Steven Schoch <schoch@sheba.arc.nasa.gov>.  He basically did the
- * work and I have just tweaked them a little to fit into my
- * stylistic vision for SSLeay :-) */
-
-#ifndef HEADER_DSA_H
-# define HEADER_DSA_H
-
-# include <openssl/e_os2.h>
-
-# ifdef OPENSSL_NO_DSA
-#  error DSA is disabled.
-# endif
-
-# ifndef OPENSSL_NO_BIO
-#  include <openssl/bio.h>
-# endif
-# include <openssl/crypto.h>
-# include <openssl/ossl_typ.h>
-
-# ifndef OPENSSL_NO_DEPRECATED
-#  include <openssl/bn.h>
-#  ifndef OPENSSL_NO_DH
-#   include <openssl/dh.h>
-#  endif
-# endif
-
-# ifndef OPENSSL_DSA_MAX_MODULUS_BITS
-#  define OPENSSL_DSA_MAX_MODULUS_BITS   10000
-# endif
-
-# define DSA_FLAG_CACHE_MONT_P   0x01
-/*
- * new with 0.9.7h; the built-in DSA implementation now uses constant time
- * modular exponentiation for secret exponents by default. This flag causes
- * the faster variable sliding window method to be used for all exponents.
- */
-# define DSA_FLAG_NO_EXP_CONSTTIME       0x02
-
-/*
- * If this flag is set the DSA method is FIPS compliant and can be used in
- * FIPS mode. This is set in the validated module method. If an application
- * sets this flag in its own methods it is its reposibility to ensure the
- * result is compliant.
- */
-
-# define DSA_FLAG_FIPS_METHOD                    0x0400
-
-/*
- * If this flag is set the operations normally disabled in FIPS mode are
- * permitted it is then the applications responsibility to ensure that the
- * usage is compliant.
- */
-
-# define DSA_FLAG_NON_FIPS_ALLOW                 0x0400
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Already defined in ossl_typ.h */
-/* typedef struct dsa_st DSA; */
-/* typedef struct dsa_method DSA_METHOD; */
-
-typedef struct DSA_SIG_st {
-    BIGNUM *r;
-    BIGNUM *s;
-} DSA_SIG;
-
-struct dsa_method {
-    const char *name;
-    DSA_SIG *(*dsa_do_sign) (const unsigned char *dgst, int dlen, DSA *dsa);
-    int (*dsa_sign_setup) (DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
-                           BIGNUM **rp);
-    int (*dsa_do_verify) (const unsigned char *dgst, int dgst_len,
-                          DSA_SIG *sig, DSA *dsa);
-    int (*dsa_mod_exp) (DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
-                        BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
-                        BN_MONT_CTX *in_mont);
-    /* Can be null */
-    int (*bn_mod_exp) (DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
-                       const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-    int (*init) (DSA *dsa);
-    int (*finish) (DSA *dsa);
-    int flags;
-    char *app_data;
-    /* If this is non-NULL, it is used to generate DSA parameters */
-    int (*dsa_paramgen) (DSA *dsa, int bits,
-                         const unsigned char *seed, int seed_len,
-                         int *counter_ret, unsigned long *h_ret,
-                         BN_GENCB *cb);
-    /* If this is non-NULL, it is used to generate DSA keys */
-    int (*dsa_keygen) (DSA *dsa);
-};
-
-struct dsa_st {
-    /*
-     * This first variable is used to pick up errors where a DSA is passed
-     * instead of of a EVP_PKEY
-     */
-    int pad;
-    long version;
-    int write_params;
-    BIGNUM *p;
-    BIGNUM *q;                  /* == 20 */
-    BIGNUM *g;
-    BIGNUM *pub_key;            /* y public key */
-    BIGNUM *priv_key;           /* x private key */
-    BIGNUM *kinv;               /* Signing pre-calc */
-    BIGNUM *r;                  /* Signing pre-calc */
-    int flags;
-    /* Normally used to cache montgomery values */
-    BN_MONT_CTX *method_mont_p;
-    int references;
-    CRYPTO_EX_DATA ex_data;
-    const DSA_METHOD *meth;
-    /* functional reference if 'meth' is ENGINE-provided */
-    ENGINE *engine;
-};
-
-# define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
-                (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
-# define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
-                (unsigned char *)(x))
-# define d2i_DSAparams_bio(bp,x) ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAparams,bp,x)
-# define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x)
-
-DSA *DSAparams_dup(DSA *x);
-DSA_SIG *DSA_SIG_new(void);
-void DSA_SIG_free(DSA_SIG *a);
-int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
-DSA_SIG *d2i_DSA_SIG(DSA_SIG **v, const unsigned char **pp, long length);
-
-DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
-int DSA_do_verify(const unsigned char *dgst, int dgst_len,
-                  DSA_SIG *sig, DSA *dsa);
-
-const DSA_METHOD *DSA_OpenSSL(void);
-
-void DSA_set_default_method(const DSA_METHOD *);
-const DSA_METHOD *DSA_get_default_method(void);
-int DSA_set_method(DSA *dsa, const DSA_METHOD *);
-
-DSA *DSA_new(void);
-DSA *DSA_new_method(ENGINE *engine);
-void DSA_free(DSA *r);
-/* "up" the DSA object's reference count */
-int DSA_up_ref(DSA *r);
-int DSA_size(const DSA *);
-        /* next 4 return -1 on error */
-int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
-int DSA_sign(int type, const unsigned char *dgst, int dlen,
-             unsigned char *sig, unsigned int *siglen, DSA *dsa);
-int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
-               const unsigned char *sigbuf, int siglen, DSA *dsa);
-int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-                         CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int DSA_set_ex_data(DSA *d, int idx, void *arg);
-void *DSA_get_ex_data(DSA *d, int idx);
-
-DSA *d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length);
-DSA *d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length);
-DSA *d2i_DSAparams(DSA **a, const unsigned char **pp, long length);
-
-/* Deprecated version */
-# ifndef OPENSSL_NO_DEPRECATED
-DSA *DSA_generate_parameters(int bits,
-                             unsigned char *seed, int seed_len,
-                             int *counter_ret, unsigned long *h_ret, void
-                              (*callback) (int, int, void *), void *cb_arg);
-# endif                         /* !defined(OPENSSL_NO_DEPRECATED) */
-
-/* New version */
-int DSA_generate_parameters_ex(DSA *dsa, int bits,
-                               const unsigned char *seed, int seed_len,
-                               int *counter_ret, unsigned long *h_ret,
-                               BN_GENCB *cb);
-
-int DSA_generate_key(DSA *a);
-int i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
-int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
-int i2d_DSAparams(const DSA *a, unsigned char **pp);
-
-# ifndef OPENSSL_NO_BIO
-int DSAparams_print(BIO *bp, const DSA *x);
-int DSA_print(BIO *bp, const DSA *x, int off);
-# endif
-# ifndef OPENSSL_NO_FP_API
-int DSAparams_print_fp(FILE *fp, const DSA *x);
-int DSA_print_fp(FILE *bp, const DSA *x, int off);
-# endif
-
-# define DSS_prime_checks 50
-/*
- * Primality test according to FIPS PUB 186[-1], Appendix 2.1: 50 rounds of
- * Rabin-Miller
- */
-# define DSA_is_prime(n, callback, cb_arg) \
-        BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
-
-# ifndef OPENSSL_NO_DH
-/*
- * Convert DSA structure (key or just parameters) into DH structure (be
- * careful to avoid small subgroup attacks when using this!)
- */
-DH *DSA_dup_DH(const DSA *r);
-# endif
-
-# define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
-                                EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL)
-
-# define EVP_PKEY_CTRL_DSA_PARAMGEN_BITS         (EVP_PKEY_ALG_CTRL + 1)
-# define EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS       (EVP_PKEY_ALG_CTRL + 2)
-# define EVP_PKEY_CTRL_DSA_PARAMGEN_MD           (EVP_PKEY_ALG_CTRL + 3)
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_DSA_strings(void);
-
-/* Error codes for the DSA functions. */
-
-/* Function codes. */
-# define DSA_F_D2I_DSA_SIG                                110
-# define DSA_F_DO_DSA_PRINT                               104
-# define DSA_F_DSAPARAMS_PRINT                            100
-# define DSA_F_DSAPARAMS_PRINT_FP                         101
-# define DSA_F_DSA_BUILTIN_PARAMGEN2                      126
-# define DSA_F_DSA_DO_SIGN                                112
-# define DSA_F_DSA_DO_VERIFY                              113
-# define DSA_F_DSA_GENERATE_KEY                           124
-# define DSA_F_DSA_GENERATE_PARAMETERS_EX                 123
-# define DSA_F_DSA_NEW_METHOD                             103
-# define DSA_F_DSA_PARAM_DECODE                           119
-# define DSA_F_DSA_PRINT_FP                               105
-# define DSA_F_DSA_PRIV_DECODE                            115
-# define DSA_F_DSA_PRIV_ENCODE                            116
-# define DSA_F_DSA_PUB_DECODE                             117
-# define DSA_F_DSA_PUB_ENCODE                             118
-# define DSA_F_DSA_SIGN                                   106
-# define DSA_F_DSA_SIGN_SETUP                             107
-# define DSA_F_DSA_SIG_NEW                                109
-# define DSA_F_DSA_SIG_PRINT                              125
-# define DSA_F_DSA_VERIFY                                 108
-# define DSA_F_I2D_DSA_SIG                                111
-# define DSA_F_OLD_DSA_PRIV_DECODE                        122
-# define DSA_F_PKEY_DSA_CTRL                              120
-# define DSA_F_PKEY_DSA_KEYGEN                            121
-# define DSA_F_SIG_CB                                     114
-
-/* Reason codes. */
-# define DSA_R_BAD_Q_VALUE                                102
-# define DSA_R_BN_DECODE_ERROR                            108
-# define DSA_R_BN_ERROR                                   109
-# define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE                100
-# define DSA_R_DECODE_ERROR                               104
-# define DSA_R_INVALID_DIGEST_TYPE                        106
-# define DSA_R_INVALID_PARAMETERS                         112
-# define DSA_R_MISSING_PARAMETERS                         101
-# define DSA_R_MODULUS_TOO_LARGE                          103
-# define DSA_R_NEED_NEW_SETUP_VALUES                      110
-# define DSA_R_NON_FIPS_DSA_METHOD                        111
-# define DSA_R_NO_PARAMETERS_SET                          107
-# define DSA_R_PARAMETER_ENCODING_ERROR                   105
-# define DSA_R_Q_NOT_PRIME                                113
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/dso.h b/thirdparty/openssl/openssl/dso.h
deleted file mode 100644
index c9013f5cea..0000000000
--- a/thirdparty/openssl/openssl/dso.h
+++ /dev/null
@@ -1,451 +0,0 @@
-/* dso.h */
-/*
- * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_DSO_H
-# define HEADER_DSO_H
-
-# include <openssl/crypto.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* These values are used as commands to DSO_ctrl() */
-# define DSO_CTRL_GET_FLAGS      1
-# define DSO_CTRL_SET_FLAGS      2
-# define DSO_CTRL_OR_FLAGS       3
-
-/*
- * By default, DSO_load() will translate the provided filename into a form
- * typical for the platform (more specifically the DSO_METHOD) using the
- * dso_name_converter function of the method. Eg. win32 will transform "blah"
- * into "blah.dll", and dlfcn will transform it into "libblah.so". The
- * behaviour can be overriden by setting the name_converter callback in the
- * DSO object (using DSO_set_name_converter()). This callback could even
- * utilise the DSO_METHOD's converter too if it only wants to override
- * behaviour for one or two possible DSO methods. However, the following flag
- * can be set in a DSO to prevent *any* native name-translation at all - eg.
- * if the caller has prompted the user for a path to a driver library so the
- * filename should be interpreted as-is.
- */
-# define DSO_FLAG_NO_NAME_TRANSLATION            0x01
-/*
- * An extra flag to give if only the extension should be added as
- * translation.  This is obviously only of importance on Unix and other
- * operating systems where the translation also may prefix the name with
- * something, like 'lib', and ignored everywhere else. This flag is also
- * ignored if DSO_FLAG_NO_NAME_TRANSLATION is used at the same time.
- */
-# define DSO_FLAG_NAME_TRANSLATION_EXT_ONLY      0x02
-
-/*
- * The following flag controls the translation of symbol names to upper case.
- * This is currently only being implemented for OpenVMS.
- */
-# define DSO_FLAG_UPCASE_SYMBOL                  0x10
-
-/*
- * This flag loads the library with public symbols. Meaning: The exported
- * symbols of this library are public to all libraries loaded after this
- * library. At the moment only implemented in unix.
- */
-# define DSO_FLAG_GLOBAL_SYMBOLS                 0x20
-
-typedef void (*DSO_FUNC_TYPE) (void);
-
-typedef struct dso_st DSO;
-
-/*
- * The function prototype used for method functions (or caller-provided
- * callbacks) that transform filenames. They are passed a DSO structure
- * pointer (or NULL if they are to be used independantly of a DSO object) and
- * a filename to transform. They should either return NULL (if there is an
- * error condition) or a newly allocated string containing the transformed
- * form that the caller will need to free with OPENSSL_free() when done.
- */
-typedef char *(*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *);
-/*
- * The function prototype used for method functions (or caller-provided
- * callbacks) that merge two file specifications. They are passed a DSO
- * structure pointer (or NULL if they are to be used independantly of a DSO
- * object) and two file specifications to merge. They should either return
- * NULL (if there is an error condition) or a newly allocated string
- * containing the result of merging that the caller will need to free with
- * OPENSSL_free() when done. Here, merging means that bits and pieces are
- * taken from each of the file specifications and added together in whatever
- * fashion that is sensible for the DSO method in question.  The only rule
- * that really applies is that if the two specification contain pieces of the
- * same type, the copy from the first string takes priority.  One could see
- * it as the first specification is the one given by the user and the second
- * being a bunch of defaults to add on if they're missing in the first.
- */
-typedef char *(*DSO_MERGER_FUNC)(DSO *, const char *, const char *);
-
-typedef struct dso_meth_st {
-    const char *name;
-    /*
-     * Loads a shared library, NB: new DSO_METHODs must ensure that a
-     * successful load populates the loaded_filename field, and likewise a
-     * successful unload OPENSSL_frees and NULLs it out.
-     */
-    int (*dso_load) (DSO *dso);
-    /* Unloads a shared library */
-    int (*dso_unload) (DSO *dso);
-    /* Binds a variable */
-    void *(*dso_bind_var) (DSO *dso, const char *symname);
-    /*
-     * Binds a function - assumes a return type of DSO_FUNC_TYPE. This should
-     * be cast to the real function prototype by the caller. Platforms that
-     * don't have compatible representations for different prototypes (this
-     * is possible within ANSI C) are highly unlikely to have shared
-     * libraries at all, let alone a DSO_METHOD implemented for them.
-     */
-    DSO_FUNC_TYPE (*dso_bind_func) (DSO *dso, const char *symname);
-/* I don't think this would actually be used in any circumstances. */
-# if 0
-    /* Unbinds a variable */
-    int (*dso_unbind_var) (DSO *dso, char *symname, void *symptr);
-    /* Unbinds a function */
-    int (*dso_unbind_func) (DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
-# endif
-    /*
-     * The generic (yuck) "ctrl()" function. NB: Negative return values
-     * (rather than zero) indicate errors.
-     */
-    long (*dso_ctrl) (DSO *dso, int cmd, long larg, void *parg);
-    /*
-     * The default DSO_METHOD-specific function for converting filenames to a
-     * canonical native form.
-     */
-    DSO_NAME_CONVERTER_FUNC dso_name_converter;
-    /*
-     * The default DSO_METHOD-specific function for converting filenames to a
-     * canonical native form.
-     */
-    DSO_MERGER_FUNC dso_merger;
-    /* [De]Initialisation handlers. */
-    int (*init) (DSO *dso);
-    int (*finish) (DSO *dso);
-    /* Return pathname of the module containing location */
-    int (*pathbyaddr) (void *addr, char *path, int sz);
-    /* Perform global symbol lookup, i.e. among *all* modules */
-    void *(*globallookup) (const char *symname);
-} DSO_METHOD;
-
-/**********************************************************************/
-/* The low-level handle type used to refer to a loaded shared library */
-
-struct dso_st {
-    DSO_METHOD *meth;
-    /*
-     * Standard dlopen uses a (void *). Win32 uses a HANDLE. VMS doesn't use
-     * anything but will need to cache the filename for use in the dso_bind
-     * handler. All in all, let each method control its own destiny.
-     * "Handles" and such go in a STACK.
-     */
-    STACK_OF(void) *meth_data;
-    int references;
-    int flags;
-    /*
-     * For use by applications etc ... use this for your bits'n'pieces, don't
-     * touch meth_data!
-     */
-    CRYPTO_EX_DATA ex_data;
-    /*
-     * If this callback function pointer is set to non-NULL, then it will be
-     * used in DSO_load() in place of meth->dso_name_converter. NB: This
-     * should normally set using DSO_set_name_converter().
-     */
-    DSO_NAME_CONVERTER_FUNC name_converter;
-    /*
-     * If this callback function pointer is set to non-NULL, then it will be
-     * used in DSO_load() in place of meth->dso_merger. NB: This should
-     * normally set using DSO_set_merger().
-     */
-    DSO_MERGER_FUNC merger;
-    /*
-     * This is populated with (a copy of) the platform-independant filename
-     * used for this DSO.
-     */
-    char *filename;
-    /*
-     * This is populated with (a copy of) the translated filename by which
-     * the DSO was actually loaded. It is NULL iff the DSO is not currently
-     * loaded. NB: This is here because the filename translation process may
-     * involve a callback being invoked more than once not only to convert to
-     * a platform-specific form, but also to try different filenames in the
-     * process of trying to perform a load. As such, this variable can be
-     * used to indicate (a) whether this DSO structure corresponds to a
-     * loaded library or not, and (b) the filename with which it was actually
-     * loaded.
-     */
-    char *loaded_filename;
-};
-
-DSO *DSO_new(void);
-DSO *DSO_new_method(DSO_METHOD *method);
-int DSO_free(DSO *dso);
-int DSO_flags(DSO *dso);
-int DSO_up_ref(DSO *dso);
-long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg);
-
-/*
- * This function sets the DSO's name_converter callback. If it is non-NULL,
- * then it will be used instead of the associated DSO_METHOD's function. If
- * oldcb is non-NULL then it is set to the function pointer value being
- * replaced. Return value is non-zero for success.
- */
-int DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
-                           DSO_NAME_CONVERTER_FUNC *oldcb);
-/*
- * These functions can be used to get/set the platform-independant filename
- * used for a DSO. NB: set will fail if the DSO is already loaded.
- */
-const char *DSO_get_filename(DSO *dso);
-int DSO_set_filename(DSO *dso, const char *filename);
-/*
- * This function will invoke the DSO's name_converter callback to translate a
- * filename, or if the callback isn't set it will instead use the DSO_METHOD's
- * converter. If "filename" is NULL, the "filename" in the DSO itself will be
- * used. If the DSO_FLAG_NO_NAME_TRANSLATION flag is set, then the filename is
- * simply duplicated. NB: This function is usually called from within a
- * DSO_METHOD during the processing of a DSO_load() call, and is exposed so
- * that caller-created DSO_METHODs can do the same thing. A non-NULL return
- * value will need to be OPENSSL_free()'d.
- */
-char *DSO_convert_filename(DSO *dso, const char *filename);
-/*
- * This function will invoke the DSO's merger callback to merge two file
- * specifications, or if the callback isn't set it will instead use the
- * DSO_METHOD's merger.  A non-NULL return value will need to be
- * OPENSSL_free()'d.
- */
-char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2);
-/*
- * If the DSO is currently loaded, this returns the filename that it was
- * loaded under, otherwise it returns NULL. So it is also useful as a test as
- * to whether the DSO is currently loaded. NB: This will not necessarily
- * return the same value as DSO_convert_filename(dso, dso->filename), because
- * the DSO_METHOD's load function may have tried a variety of filenames (with
- * and/or without the aid of the converters) before settling on the one it
- * actually loaded.
- */
-const char *DSO_get_loaded_filename(DSO *dso);
-
-void DSO_set_default_method(DSO_METHOD *meth);
-DSO_METHOD *DSO_get_default_method(void);
-DSO_METHOD *DSO_get_method(DSO *dso);
-DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth);
-
-/*
- * The all-singing all-dancing load function, you normally pass NULL for the
- * first and third parameters. Use DSO_up and DSO_free for subsequent
- * reference count handling. Any flags passed in will be set in the
- * constructed DSO after its init() function but before the load operation.
- * If 'dso' is non-NULL, 'flags' is ignored.
- */
-DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags);
-
-/* This function binds to a variable inside a shared library. */
-void *DSO_bind_var(DSO *dso, const char *symname);
-
-/* This function binds to a function inside a shared library. */
-DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname);
-
-/*
- * This method is the default, but will beg, borrow, or steal whatever method
- * should be the default on any particular platform (including
- * DSO_METH_null() if necessary).
- */
-DSO_METHOD *DSO_METHOD_openssl(void);
-
-/*
- * This method is defined for all platforms - if a platform has no DSO
- * support then this will be the only method!
- */
-DSO_METHOD *DSO_METHOD_null(void);
-
-/*
- * If DSO_DLFCN is defined, the standard dlfcn.h-style functions (dlopen,
- * dlclose, dlsym, etc) will be used and incorporated into this method. If
- * not, this method will return NULL.
- */
-DSO_METHOD *DSO_METHOD_dlfcn(void);
-
-/*
- * If DSO_DL is defined, the standard dl.h-style functions (shl_load,
- * shl_unload, shl_findsym, etc) will be used and incorporated into this
- * method. If not, this method will return NULL.
- */
-DSO_METHOD *DSO_METHOD_dl(void);
-
-/* If WIN32 is defined, use DLLs. If not, return NULL. */
-DSO_METHOD *DSO_METHOD_win32(void);
-
-/* If VMS is defined, use shared images. If not, return NULL. */
-DSO_METHOD *DSO_METHOD_vms(void);
-
-/*
- * This function writes null-terminated pathname of DSO module containing
- * 'addr' into 'sz' large caller-provided 'path' and returns the number of
- * characters [including trailing zero] written to it. If 'sz' is 0 or
- * negative, 'path' is ignored and required amount of charachers [including
- * trailing zero] to accomodate pathname is returned. If 'addr' is NULL, then
- * pathname of cryptolib itself is returned. Negative or zero return value
- * denotes error.
- */
-int DSO_pathbyaddr(void *addr, char *path, int sz);
-
-/*
- * This function should be used with caution! It looks up symbols in *all*
- * loaded modules and if module gets unloaded by somebody else attempt to
- * dereference the pointer is doomed to have fatal consequences. Primary
- * usage for this function is to probe *core* system functionality, e.g.
- * check if getnameinfo(3) is available at run-time without bothering about
- * OS-specific details such as libc.so.versioning or where does it actually
- * reside: in libc itself or libsocket.
- */
-void *DSO_global_lookup(const char *name);
-
-/* If BeOS is defined, use shared images. If not, return NULL. */
-DSO_METHOD *DSO_METHOD_beos(void);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_DSO_strings(void);
-
-/* Error codes for the DSO functions. */
-
-/* Function codes. */
-# define DSO_F_BEOS_BIND_FUNC                             144
-# define DSO_F_BEOS_BIND_VAR                              145
-# define DSO_F_BEOS_LOAD                                  146
-# define DSO_F_BEOS_NAME_CONVERTER                        147
-# define DSO_F_BEOS_UNLOAD                                148
-# define DSO_F_DLFCN_BIND_FUNC                            100
-# define DSO_F_DLFCN_BIND_VAR                             101
-# define DSO_F_DLFCN_LOAD                                 102
-# define DSO_F_DLFCN_MERGER                               130
-# define DSO_F_DLFCN_NAME_CONVERTER                       123
-# define DSO_F_DLFCN_UNLOAD                               103
-# define DSO_F_DL_BIND_FUNC                               104
-# define DSO_F_DL_BIND_VAR                                105
-# define DSO_F_DL_LOAD                                    106
-# define DSO_F_DL_MERGER                                  131
-# define DSO_F_DL_NAME_CONVERTER                          124
-# define DSO_F_DL_UNLOAD                                  107
-# define DSO_F_DSO_BIND_FUNC                              108
-# define DSO_F_DSO_BIND_VAR                               109
-# define DSO_F_DSO_CONVERT_FILENAME                       126
-# define DSO_F_DSO_CTRL                                   110
-# define DSO_F_DSO_FREE                                   111
-# define DSO_F_DSO_GET_FILENAME                           127
-# define DSO_F_DSO_GET_LOADED_FILENAME                    128
-# define DSO_F_DSO_GLOBAL_LOOKUP                          139
-# define DSO_F_DSO_LOAD                                   112
-# define DSO_F_DSO_MERGE                                  132
-# define DSO_F_DSO_NEW_METHOD                             113
-# define DSO_F_DSO_PATHBYADDR                             140
-# define DSO_F_DSO_SET_FILENAME                           129
-# define DSO_F_DSO_SET_NAME_CONVERTER                     122
-# define DSO_F_DSO_UP_REF                                 114
-# define DSO_F_GLOBAL_LOOKUP_FUNC                         138
-# define DSO_F_PATHBYADDR                                 137
-# define DSO_F_VMS_BIND_SYM                               115
-# define DSO_F_VMS_LOAD                                   116
-# define DSO_F_VMS_MERGER                                 133
-# define DSO_F_VMS_UNLOAD                                 117
-# define DSO_F_WIN32_BIND_FUNC                            118
-# define DSO_F_WIN32_BIND_VAR                             119
-# define DSO_F_WIN32_GLOBALLOOKUP                         142
-# define DSO_F_WIN32_GLOBALLOOKUP_FUNC                    143
-# define DSO_F_WIN32_JOINER                               135
-# define DSO_F_WIN32_LOAD                                 120
-# define DSO_F_WIN32_MERGER                               134
-# define DSO_F_WIN32_NAME_CONVERTER                       125
-# define DSO_F_WIN32_PATHBYADDR                           141
-# define DSO_F_WIN32_SPLITTER                             136
-# define DSO_F_WIN32_UNLOAD                               121
-
-/* Reason codes. */
-# define DSO_R_CTRL_FAILED                                100
-# define DSO_R_DSO_ALREADY_LOADED                         110
-# define DSO_R_EMPTY_FILE_STRUCTURE                       113
-# define DSO_R_FAILURE                                    114
-# define DSO_R_FILENAME_TOO_BIG                           101
-# define DSO_R_FINISH_FAILED                              102
-# define DSO_R_INCORRECT_FILE_SYNTAX                      115
-# define DSO_R_LOAD_FAILED                                103
-# define DSO_R_NAME_TRANSLATION_FAILED                    109
-# define DSO_R_NO_FILENAME                                111
-# define DSO_R_NO_FILE_SPECIFICATION                      116
-# define DSO_R_NULL_HANDLE                                104
-# define DSO_R_SET_FILENAME_FAILED                        112
-# define DSO_R_STACK_ERROR                                105
-# define DSO_R_SYM_FAILURE                                106
-# define DSO_R_UNLOAD_FAILED                              107
-# define DSO_R_UNSUPPORTED                                108
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/dtls1.h b/thirdparty/openssl/openssl/dtls1.h
deleted file mode 100644
index 81d28c29cd..0000000000
--- a/thirdparty/openssl/openssl/dtls1.h
+++ /dev/null
@@ -1,275 +0,0 @@
-/* ssl/dtls1.h */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_DTLS1_H
-# define HEADER_DTLS1_H
-
-# include <openssl/buffer.h>
-# include <openssl/pqueue.h>
-# ifdef OPENSSL_SYS_VMS
-#  include <resource.h>
-#  include <sys/timeb.h>
-# endif
-# ifdef OPENSSL_SYS_WIN32
-/* Needed for struct timeval */
-#  include <winsock.h>
-# elif defined(OPENSSL_SYS_NETWARE) && !defined(_WINSOCK2API_)
-#  include <sys/timeval.h>
-# else
-#  if defined(OPENSSL_SYS_VXWORKS)
-#   include <sys/times.h>
-#  else
-#   include <sys/time.h>
-#  endif
-# endif
-#ifdef UWP_ENABLED // -- GODOT start --
-#include <winsock2.h>
-#endif // -- GODOT end --
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# define DTLS1_VERSION                   0xFEFF
-# define DTLS1_2_VERSION                 0xFEFD
-# define DTLS_MAX_VERSION                DTLS1_2_VERSION
-# define DTLS1_VERSION_MAJOR             0xFE
-
-# define DTLS1_BAD_VER                   0x0100
-
-/* Special value for method supporting multiple versions */
-# define DTLS_ANY_VERSION                0x1FFFF
-
-# if 0
-/* this alert description is not specified anywhere... */
-#  define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE    110
-# endif
-
-/* lengths of messages */
-# define DTLS1_COOKIE_LENGTH                     256
-
-# define DTLS1_RT_HEADER_LENGTH                  13
-
-# define DTLS1_HM_HEADER_LENGTH                  12
-
-# define DTLS1_HM_BAD_FRAGMENT                   -2
-# define DTLS1_HM_FRAGMENT_RETRY                 -3
-
-# define DTLS1_CCS_HEADER_LENGTH                  1
-
-# ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
-#  define DTLS1_AL_HEADER_LENGTH                   7
-# else
-#  define DTLS1_AL_HEADER_LENGTH                   2
-# endif
-
-# ifndef OPENSSL_NO_SSL_INTERN
-
-#  ifndef OPENSSL_NO_SCTP
-#   define DTLS1_SCTP_AUTH_LABEL   "EXPORTER_DTLS_OVER_SCTP"
-#  endif
-
-/* Max MTU overhead we know about so far is 40 for IPv6 + 8 for UDP */
-#  define DTLS1_MAX_MTU_OVERHEAD                   48
-
-typedef struct dtls1_bitmap_st {
-    unsigned long map;          /* track 32 packets on 32-bit systems and 64
-                                 * - on 64-bit systems */
-    unsigned char max_seq_num[8]; /* max record number seen so far, 64-bit
-                                   * value in big-endian encoding */
-} DTLS1_BITMAP;
-
-struct dtls1_retransmit_state {
-    EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
-    EVP_MD_CTX *write_hash;     /* used for mac generation */
-#  ifndef OPENSSL_NO_COMP
-    COMP_CTX *compress;         /* compression */
-#  else
-    char *compress;
-#  endif
-    SSL_SESSION *session;
-    unsigned short epoch;
-};
-
-struct hm_header_st {
-    unsigned char type;
-    unsigned long msg_len;
-    unsigned short seq;
-    unsigned long frag_off;
-    unsigned long frag_len;
-    unsigned int is_ccs;
-    struct dtls1_retransmit_state saved_retransmit_state;
-};
-
-struct ccs_header_st {
-    unsigned char type;
-    unsigned short seq;
-};
-
-struct dtls1_timeout_st {
-    /* Number of read timeouts so far */
-    unsigned int read_timeouts;
-    /* Number of write timeouts so far */
-    unsigned int write_timeouts;
-    /* Number of alerts received so far */
-    unsigned int num_alerts;
-};
-
-typedef struct record_pqueue_st {
-    unsigned short epoch;
-    pqueue q;
-} record_pqueue;
-
-typedef struct hm_fragment_st {
-    struct hm_header_st msg_header;
-    unsigned char *fragment;
-    unsigned char *reassembly;
-} hm_fragment;
-
-typedef struct dtls1_state_st {
-    unsigned int send_cookie;
-    unsigned char cookie[DTLS1_COOKIE_LENGTH];
-    unsigned char rcvd_cookie[DTLS1_COOKIE_LENGTH];
-    unsigned int cookie_len;
-    /*
-     * The current data and handshake epoch.  This is initially
-     * undefined, and starts at zero once the initial handshake is
-     * completed
-     */
-    unsigned short r_epoch;
-    unsigned short w_epoch;
-    /* records being received in the current epoch */
-    DTLS1_BITMAP bitmap;
-    /* renegotiation starts a new set of sequence numbers */
-    DTLS1_BITMAP next_bitmap;
-    /* handshake message numbers */
-    unsigned short handshake_write_seq;
-    unsigned short next_handshake_write_seq;
-    unsigned short handshake_read_seq;
-    /* save last sequence number for retransmissions */
-    unsigned char last_write_sequence[8];
-    /* Received handshake records (processed and unprocessed) */
-    record_pqueue unprocessed_rcds;
-    record_pqueue processed_rcds;
-    /* Buffered handshake messages */
-    pqueue buffered_messages;
-    /* Buffered (sent) handshake records */
-    pqueue sent_messages;
-    /*
-     * Buffered application records. Only for records between CCS and
-     * Finished to prevent either protocol violation or unnecessary message
-     * loss.
-     */
-    record_pqueue buffered_app_data;
-    /* Is set when listening for new connections with dtls1_listen() */
-    unsigned int listen;
-    unsigned int link_mtu;      /* max on-the-wire DTLS packet size */
-    unsigned int mtu;           /* max DTLS packet size */
-    struct hm_header_st w_msg_hdr;
-    struct hm_header_st r_msg_hdr;
-    struct dtls1_timeout_st timeout;
-    /*
-     * Indicates when the last handshake msg or heartbeat sent will timeout
-     */
-    struct timeval next_timeout;
-    /* Timeout duration */
-    unsigned short timeout_duration;
-    /*
-     * storage for Alert/Handshake protocol data received but not yet
-     * processed by ssl3_read_bytes:
-     */
-    unsigned char alert_fragment[DTLS1_AL_HEADER_LENGTH];
-    unsigned int alert_fragment_len;
-    unsigned char handshake_fragment[DTLS1_HM_HEADER_LENGTH];
-    unsigned int handshake_fragment_len;
-    unsigned int retransmitting;
-    /*
-     * Set when the handshake is ready to process peer's ChangeCipherSpec message.
-     * Cleared after the message has been processed.
-     */
-    unsigned int change_cipher_spec_ok;
-#  ifndef OPENSSL_NO_SCTP
-    /* used when SSL_ST_XX_FLUSH is entered */
-    int next_state;
-    int shutdown_received;
-#  endif
-} DTLS1_STATE;
-
-typedef struct dtls1_record_data_st {
-    unsigned char *packet;
-    unsigned int packet_length;
-    SSL3_BUFFER rbuf;
-    SSL3_RECORD rrec;
-#  ifndef OPENSSL_NO_SCTP
-    struct bio_dgram_sctp_rcvinfo recordinfo;
-#  endif
-} DTLS1_RECORD_DATA;
-
-# endif
-
-/* Timeout multipliers (timeout slice is defined in apps/timeouts.h */
-# define DTLS1_TMO_READ_COUNT                      2
-# define DTLS1_TMO_WRITE_COUNT                     2
-
-# define DTLS1_TMO_ALERT_COUNT                     12
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/e_os2.h b/thirdparty/openssl/openssl/e_os2.h
deleted file mode 100644
index 7be9989ac3..0000000000
--- a/thirdparty/openssl/openssl/e_os2.h
+++ /dev/null
@@ -1,328 +0,0 @@
-/* e_os2.h */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/opensslconf.h>
-
-#ifndef HEADER_E_OS2_H
-# define HEADER_E_OS2_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/******************************************************************************
- * Detect operating systems.  This probably needs completing.
- * The result is that at least one OPENSSL_SYS_os macro should be defined.
- * However, if none is defined, Unix is assumed.
- **/
-
-# define OPENSSL_SYS_UNIX
-
-/* ---------------------- Macintosh, before MacOS X ----------------------- */
-# if defined(__MWERKS__) && defined(macintosh) || defined(OPENSSL_SYSNAME_MAC)
-#  undef OPENSSL_SYS_UNIX
-#  define OPENSSL_SYS_MACINTOSH_CLASSIC
-# endif
-
-/* ---------------------- NetWare ----------------------------------------- */
-# if defined(NETWARE) || defined(OPENSSL_SYSNAME_NETWARE)
-#  undef OPENSSL_SYS_UNIX
-#  define OPENSSL_SYS_NETWARE
-# endif
-
-/* --------------------- Microsoft operating systems ---------------------- */
-
-/*
- * Note that MSDOS actually denotes 32-bit environments running on top of
- * MS-DOS, such as DJGPP one.
- */
-# if defined(OPENSSL_SYSNAME_MSDOS)
-#  undef OPENSSL_SYS_UNIX
-#  define OPENSSL_SYS_MSDOS
-# endif
-
-/*
- * For 32 bit environment, there seems to be the CygWin environment and then
- * all the others that try to do the same thing Microsoft does...
- */
-# if defined(OPENSSL_SYSNAME_UWIN)
-#  undef OPENSSL_SYS_UNIX
-#  define OPENSSL_SYS_WIN32_UWIN
-# else
-#  if defined(__CYGWIN__) || defined(OPENSSL_SYSNAME_CYGWIN)
-#   undef OPENSSL_SYS_UNIX
-#   define OPENSSL_SYS_WIN32_CYGWIN
-#  else
-#   if defined(_WIN32) || defined(OPENSSL_SYSNAME_WIN32)
-#    undef OPENSSL_SYS_UNIX
-#    define OPENSSL_SYS_WIN32
-#   endif
-#   if defined(_WIN64) || defined(OPENSSL_SYSNAME_WIN64)
-#    undef OPENSSL_SYS_UNIX
-#    if !defined(OPENSSL_SYS_WIN64)
-#     define OPENSSL_SYS_WIN64
-#    endif
-#   endif
-#   if defined(OPENSSL_SYSNAME_WINNT)
-#    undef OPENSSL_SYS_UNIX
-#    define OPENSSL_SYS_WINNT
-#   endif
-#   if defined(OPENSSL_SYSNAME_WINCE)
-#    undef OPENSSL_SYS_UNIX
-#    define OPENSSL_SYS_WINCE
-#   endif
-#  endif
-# endif
-
-/* Anything that tries to look like Microsoft is "Windows" */
-# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN64) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE)
-#  undef OPENSSL_SYS_UNIX
-#  define OPENSSL_SYS_WINDOWS
-#  ifndef OPENSSL_SYS_MSDOS
-#   define OPENSSL_SYS_MSDOS
-#  endif
-# endif
-
-/*
- * DLL settings.  This part is a bit tough, because it's up to the
- * application implementor how he or she will link the application, so it
- * requires some macro to be used.
- */
-# ifdef OPENSSL_SYS_WINDOWS
-#  ifndef OPENSSL_OPT_WINDLL
-#   if defined(_WINDLL)         /* This is used when building OpenSSL to
-                                 * indicate that DLL linkage should be used */
-#    define OPENSSL_OPT_WINDLL
-#   endif
-#  endif
-# endif
-
-/* ------------------------------- OpenVMS -------------------------------- */
-# if defined(__VMS) || defined(VMS) || defined(OPENSSL_SYSNAME_VMS)
-#  undef OPENSSL_SYS_UNIX
-#  define OPENSSL_SYS_VMS
-#  if defined(__DECC)
-#   define OPENSSL_SYS_VMS_DECC
-#  elif defined(__DECCXX)
-#   define OPENSSL_SYS_VMS_DECC
-#   define OPENSSL_SYS_VMS_DECCXX
-#  else
-#   define OPENSSL_SYS_VMS_NODECC
-#  endif
-# endif
-
-/* -------------------------------- OS/2 ---------------------------------- */
-# if defined(__EMX__) || defined(__OS2__)
-#  undef OPENSSL_SYS_UNIX
-#  define OPENSSL_SYS_OS2
-# endif
-
-/* -------------------------------- Unix ---------------------------------- */
-# ifdef OPENSSL_SYS_UNIX
-#  if defined(linux) || defined(__linux__) || defined(OPENSSL_SYSNAME_LINUX)
-#   define OPENSSL_SYS_LINUX
-#  endif
-#  ifdef OPENSSL_SYSNAME_MPE
-#   define OPENSSL_SYS_MPE
-#  endif
-#  ifdef OPENSSL_SYSNAME_SNI
-#   define OPENSSL_SYS_SNI
-#  endif
-#  ifdef OPENSSL_SYSNAME_ULTRASPARC
-#   define OPENSSL_SYS_ULTRASPARC
-#  endif
-#  ifdef OPENSSL_SYSNAME_NEWS4
-#   define OPENSSL_SYS_NEWS4
-#  endif
-#  ifdef OPENSSL_SYSNAME_MACOSX
-#   define OPENSSL_SYS_MACOSX
-#  endif
-#  ifdef OPENSSL_SYSNAME_MACOSX_RHAPSODY
-#   define OPENSSL_SYS_MACOSX_RHAPSODY
-#   define OPENSSL_SYS_MACOSX
-#  endif
-#  ifdef OPENSSL_SYSNAME_SUNOS
-#   define OPENSSL_SYS_SUNOS
-#  endif
-#  if defined(_CRAY) || defined(OPENSSL_SYSNAME_CRAY)
-#   define OPENSSL_SYS_CRAY
-#  endif
-#  if defined(_AIX) || defined(OPENSSL_SYSNAME_AIX)
-#   define OPENSSL_SYS_AIX
-#  endif
-# endif
-
-/* -------------------------------- VOS ----------------------------------- */
-# if defined(__VOS__) || defined(OPENSSL_SYSNAME_VOS)
-#  define OPENSSL_SYS_VOS
-#  ifdef __HPPA__
-#   define OPENSSL_SYS_VOS_HPPA
-#  endif
-#  ifdef __IA32__
-#   define OPENSSL_SYS_VOS_IA32
-#  endif
-# endif
-
-/* ------------------------------ VxWorks --------------------------------- */
-# ifdef OPENSSL_SYSNAME_VXWORKS
-#  define OPENSSL_SYS_VXWORKS
-# endif
-
-/* -------------------------------- BeOS ---------------------------------- */
-# if defined(__BEOS__)
-#  define OPENSSL_SYS_BEOS
-#  include <sys/socket.h>
-#  if defined(BONE_VERSION)
-#   define OPENSSL_SYS_BEOS_BONE
-#  else
-#   define OPENSSL_SYS_BEOS_R5
-#  endif
-# endif
-
-/**
- * That's it for OS-specific stuff
- *****************************************************************************/
-
-/* Specials for I/O an exit */
-# ifdef OPENSSL_SYS_MSDOS
-#  define OPENSSL_UNISTD_IO <io.h>
-#  define OPENSSL_DECLARE_EXIT extern void exit(int);
-# else
-#  define OPENSSL_UNISTD_IO OPENSSL_UNISTD
-#  define OPENSSL_DECLARE_EXIT  /* declared in unistd.h */
-# endif
-
-/*-
- * Definitions of OPENSSL_GLOBAL and OPENSSL_EXTERN, to define and declare
- * certain global symbols that, with some compilers under VMS, have to be
- * defined and declared explicitely with globaldef and globalref.
- * Definitions of OPENSSL_EXPORT and OPENSSL_IMPORT, to define and declare
- * DLL exports and imports for compilers under Win32.  These are a little
- * more complicated to use.  Basically, for any library that exports some
- * global variables, the following code must be present in the header file
- * that declares them, before OPENSSL_EXTERN is used:
- *
- * #ifdef SOME_BUILD_FLAG_MACRO
- * # undef OPENSSL_EXTERN
- * # define OPENSSL_EXTERN OPENSSL_EXPORT
- * #endif
- *
- * The default is to have OPENSSL_EXPORT, OPENSSL_IMPORT and OPENSSL_GLOBAL
- * have some generally sensible values, and for OPENSSL_EXTERN to have the
- * value OPENSSL_IMPORT.
- */
-
-# if defined(OPENSSL_SYS_VMS_NODECC)
-#  define OPENSSL_EXPORT globalref
-#  define OPENSSL_IMPORT globalref
-#  define OPENSSL_GLOBAL globaldef
-# elif defined(OPENSSL_SYS_WINDOWS) && defined(OPENSSL_OPT_WINDLL)
-#  define OPENSSL_EXPORT extern __declspec(dllexport)
-#  define OPENSSL_IMPORT extern __declspec(dllimport)
-#  define OPENSSL_GLOBAL
-# else
-#  define OPENSSL_EXPORT extern
-#  define OPENSSL_IMPORT extern
-#  define OPENSSL_GLOBAL
-# endif
-# define OPENSSL_EXTERN OPENSSL_IMPORT
-
-/*-
- * Macros to allow global variables to be reached through function calls when
- * required (if a shared library version requires it, for example.
- * The way it's done allows definitions like this:
- *
- *      // in foobar.c
- *      OPENSSL_IMPLEMENT_GLOBAL(int,foobar,0)
- *      // in foobar.h
- *      OPENSSL_DECLARE_GLOBAL(int,foobar);
- *      #define foobar OPENSSL_GLOBAL_REF(foobar)
- */
-# ifdef OPENSSL_EXPORT_VAR_AS_FUNCTION
-#  define OPENSSL_IMPLEMENT_GLOBAL(type,name,value)                      \
-        type *_shadow_##name(void)                                      \
-        { static type _hide_##name=value; return &_hide_##name; }
-#  define OPENSSL_DECLARE_GLOBAL(type,name) type *_shadow_##name(void)
-#  define OPENSSL_GLOBAL_REF(name) (*(_shadow_##name()))
-# else
-#  define OPENSSL_IMPLEMENT_GLOBAL(type,name,value) OPENSSL_GLOBAL type _shadow_##name=value;
-#  define OPENSSL_DECLARE_GLOBAL(type,name) OPENSSL_EXPORT type _shadow_##name
-#  define OPENSSL_GLOBAL_REF(name) _shadow_##name
-# endif
-
-# if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && macintosh==1 && !defined(MAC_OS_GUSI_SOURCE)
-#  define ossl_ssize_t long
-# endif
-
-# ifdef OPENSSL_SYS_MSDOS
-#  define ossl_ssize_t long
-# endif
-
-# if defined(NeXT) || defined(OPENSSL_SYS_NEWS4) || defined(OPENSSL_SYS_SUNOS)
-#  define ssize_t int
-# endif
-
-# if defined(__ultrix) && !defined(ssize_t)
-#  define ossl_ssize_t int
-# endif
-
-# ifndef ossl_ssize_t
-#  define ossl_ssize_t ssize_t
-# endif
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/ebcdic.h b/thirdparty/openssl/openssl/ebcdic.h
deleted file mode 100644
index 4cbdfeb7ae..0000000000
--- a/thirdparty/openssl/openssl/ebcdic.h
+++ /dev/null
@@ -1,26 +0,0 @@
-/* crypto/ebcdic.h */
-
-#ifndef HEADER_EBCDIC_H
-# define HEADER_EBCDIC_H
-
-# include <sys/types.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Avoid name clashes with other applications */
-# define os_toascii   _openssl_os_toascii
-# define os_toebcdic  _openssl_os_toebcdic
-# define ebcdic2ascii _openssl_ebcdic2ascii
-# define ascii2ebcdic _openssl_ascii2ebcdic
-
-extern const unsigned char os_toascii[256];
-extern const unsigned char os_toebcdic[256];
-void *ebcdic2ascii(void *dest, const void *srce, size_t count);
-void *ascii2ebcdic(void *dest, const void *srce, size_t count);
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/ec.h b/thirdparty/openssl/openssl/ec.h
deleted file mode 100644
index 81e6faf6c5..0000000000
--- a/thirdparty/openssl/openssl/ec.h
+++ /dev/null
@@ -1,1282 +0,0 @@
-/* crypto/ec/ec.h */
-/*
- * Originally written by Bodo Moeller for the OpenSSL project.
- */
-/**
- * \file crypto/ec/ec.h Include file for the OpenSSL EC functions
- * \author Originally written by Bodo Moeller for the OpenSSL project
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * The elliptic curve binary polynomial software is originally written by
- * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-#ifndef HEADER_EC_H
-# define HEADER_EC_H
-
-# include <openssl/opensslconf.h>
-
-# ifdef OPENSSL_NO_EC
-#  error EC is disabled.
-# endif
-
-# include <openssl/asn1.h>
-# include <openssl/symhacks.h>
-# ifndef OPENSSL_NO_DEPRECATED
-#  include <openssl/bn.h>
-# endif
-
-# ifdef  __cplusplus
-extern "C" {
-# elif defined(__SUNPRO_C)
-#  if __SUNPRO_C >= 0x520
-#   pragma error_messages (off,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
-#  endif
-# endif
-
-# ifndef OPENSSL_ECC_MAX_FIELD_BITS
-#  define OPENSSL_ECC_MAX_FIELD_BITS 661
-# endif
-
-/** Enum for the point conversion form as defined in X9.62 (ECDSA)
- *  for the encoding of a elliptic curve point (x,y) */
-typedef enum {
-        /** the point is encoded as z||x, where the octet z specifies
-         *  which solution of the quadratic equation y is  */
-    POINT_CONVERSION_COMPRESSED = 2,
-        /** the point is encoded as z||x||y, where z is the octet 0x04  */
-    POINT_CONVERSION_UNCOMPRESSED = 4,
-        /** the point is encoded as z||x||y, where the octet z specifies
-         *  which solution of the quadratic equation y is  */
-    POINT_CONVERSION_HYBRID = 6
-} point_conversion_form_t;
-
-typedef struct ec_method_st EC_METHOD;
-
-typedef struct ec_group_st
-    /*-
-     EC_METHOD *meth;
-     -- field definition
-     -- curve coefficients
-     -- optional generator with associated information (order, cofactor)
-     -- optional extra data (precomputed table for fast computation of multiples of generator)
-     -- ASN1 stuff
-    */
-    EC_GROUP;
-
-typedef struct ec_point_st EC_POINT;
-
-/********************************************************************/
-/*               EC_METHODs for curves over GF(p)                   */
-/********************************************************************/
-
-/** Returns the basic GFp ec methods which provides the basis for the
- *  optimized methods.
- *  \return  EC_METHOD object
- */
-const EC_METHOD *EC_GFp_simple_method(void);
-
-/** Returns GFp methods using montgomery multiplication.
- *  \return  EC_METHOD object
- */
-const EC_METHOD *EC_GFp_mont_method(void);
-
-/** Returns GFp methods using optimized methods for NIST recommended curves
- *  \return  EC_METHOD object
- */
-const EC_METHOD *EC_GFp_nist_method(void);
-
-# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-/** Returns 64-bit optimized methods for nistp224
- *  \return  EC_METHOD object
- */
-const EC_METHOD *EC_GFp_nistp224_method(void);
-
-/** Returns 64-bit optimized methods for nistp256
- *  \return  EC_METHOD object
- */
-const EC_METHOD *EC_GFp_nistp256_method(void);
-
-/** Returns 64-bit optimized methods for nistp521
- *  \return  EC_METHOD object
- */
-const EC_METHOD *EC_GFp_nistp521_method(void);
-# endif
-
-# ifndef OPENSSL_NO_EC2M
-/********************************************************************/
-/*           EC_METHOD for curves over GF(2^m)                      */
-/********************************************************************/
-
-/** Returns the basic GF2m ec method
- *  \return  EC_METHOD object
- */
-const EC_METHOD *EC_GF2m_simple_method(void);
-
-# endif
-
-/********************************************************************/
-/*                   EC_GROUP functions                             */
-/********************************************************************/
-
-/** Creates a new EC_GROUP object
- *  \param   meth  EC_METHOD to use
- *  \return  newly created EC_GROUP object or NULL in case of an error.
- */
-EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
-
-/** Frees a EC_GROUP object
- *  \param  group  EC_GROUP object to be freed.
- */
-void EC_GROUP_free(EC_GROUP *group);
-
-/** Clears and frees a EC_GROUP object
- *  \param  group  EC_GROUP object to be cleared and freed.
- */
-void EC_GROUP_clear_free(EC_GROUP *group);
-
-/** Copies EC_GROUP objects. Note: both EC_GROUPs must use the same EC_METHOD.
- *  \param  dst  destination EC_GROUP object
- *  \param  src  source EC_GROUP object
- *  \return 1 on success and 0 if an error occurred.
- */
-int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
-
-/** Creates a new EC_GROUP object and copies the copies the content
- *  form src to the newly created EC_KEY object
- *  \param  src  source EC_GROUP object
- *  \return newly created EC_GROUP object or NULL in case of an error.
- */
-EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
-
-/** Returns the EC_METHOD of the EC_GROUP object.
- *  \param  group  EC_GROUP object
- *  \return EC_METHOD used in this EC_GROUP object.
- */
-const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
-
-/** Returns the field type of the EC_METHOD.
- *  \param  meth  EC_METHOD object
- *  \return NID of the underlying field type OID.
- */
-int EC_METHOD_get_field_type(const EC_METHOD *meth);
-
-/** Sets the generator and it's order/cofactor of a EC_GROUP object.
- *  \param  group      EC_GROUP object
- *  \param  generator  EC_POINT object with the generator.
- *  \param  order      the order of the group generated by the generator.
- *  \param  cofactor   the index of the sub-group generated by the generator
- *                     in the group of all points on the elliptic curve.
- *  \return 1 on success and 0 if an error occured
- */
-int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
-                           const BIGNUM *order, const BIGNUM *cofactor);
-
-/** Returns the generator of a EC_GROUP object.
- *  \param  group  EC_GROUP object
- *  \return the currently used generator (possibly NULL).
- */
-const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
-
-/** Returns the montgomery data for order(Generator)
- *  \param  group  EC_GROUP object
- *  \return the currently used generator (possibly NULL).
-*/
-BN_MONT_CTX *EC_GROUP_get_mont_data(const EC_GROUP *group);
-
-/** Gets the order of a EC_GROUP
- *  \param  group  EC_GROUP object
- *  \param  order  BIGNUM to which the order is copied
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
-
-/** Gets the cofactor of a EC_GROUP
- *  \param  group     EC_GROUP object
- *  \param  cofactor  BIGNUM to which the cofactor is copied
- *  \param  ctx       BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor,
-                          BN_CTX *ctx);
-
-/** Sets the name of a EC_GROUP object
- *  \param  group  EC_GROUP object
- *  \param  nid    NID of the curve name OID
- */
-void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
-
-/** Returns the curve name of a EC_GROUP object
- *  \param  group  EC_GROUP object
- *  \return NID of the curve name OID or 0 if not set.
- */
-int EC_GROUP_get_curve_name(const EC_GROUP *group);
-
-void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
-int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
-
-void EC_GROUP_set_point_conversion_form(EC_GROUP *group,
-                                        point_conversion_form_t form);
-point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
-
-unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
-size_t EC_GROUP_get_seed_len(const EC_GROUP *);
-size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
-
-/** Sets the parameter of a ec over GFp defined by y^2 = x^3 + a*x + b
- *  \param  group  EC_GROUP object
- *  \param  p      BIGNUM with the prime number
- *  \param  a      BIGNUM with parameter a of the equation
- *  \param  b      BIGNUM with parameter b of the equation
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
-                           const BIGNUM *b, BN_CTX *ctx);
-
-/** Gets the parameter of the ec over GFp defined by y^2 = x^3 + a*x + b
- *  \param  group  EC_GROUP object
- *  \param  p      BIGNUM for the prime number
- *  \param  a      BIGNUM for parameter a of the equation
- *  \param  b      BIGNUM for parameter b of the equation
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
-                           BIGNUM *b, BN_CTX *ctx);
-
-# ifndef OPENSSL_NO_EC2M
-/** Sets the parameter of a ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b
- *  \param  group  EC_GROUP object
- *  \param  p      BIGNUM with the polynomial defining the underlying field
- *  \param  a      BIGNUM with parameter a of the equation
- *  \param  b      BIGNUM with parameter b of the equation
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
-                            const BIGNUM *b, BN_CTX *ctx);
-
-/** Gets the parameter of the ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b
- *  \param  group  EC_GROUP object
- *  \param  p      BIGNUM for the polynomial defining the underlying field
- *  \param  a      BIGNUM for parameter a of the equation
- *  \param  b      BIGNUM for parameter b of the equation
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
-                            BIGNUM *b, BN_CTX *ctx);
-# endif
-/** Returns the number of bits needed to represent a field element
- *  \param  group  EC_GROUP object
- *  \return number of bits needed to represent a field element
- */
-int EC_GROUP_get_degree(const EC_GROUP *group);
-
-/** Checks whether the parameter in the EC_GROUP define a valid ec group
- *  \param  group  EC_GROUP object
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 if group is a valid ec group and 0 otherwise
- */
-int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
-
-/** Checks whether the discriminant of the elliptic curve is zero or not
- *  \param  group  EC_GROUP object
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 if the discriminant is not zero and 0 otherwise
- */
-int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
-
-/** Compares two EC_GROUP objects
- *  \param  a    first EC_GROUP object
- *  \param  b    second EC_GROUP object
- *  \param  ctx  BN_CTX object (optional)
- *  \return 0 if both groups are equal and 1 otherwise
- */
-int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
-
-/*
- * EC_GROUP_new_GF*() calls EC_GROUP_new() and EC_GROUP_set_GF*() after
- * choosing an appropriate EC_METHOD
- */
-
-/** Creates a new EC_GROUP object with the specified parameters defined
- *  over GFp (defined by the equation y^2 = x^3 + a*x + b)
- *  \param  p    BIGNUM with the prime number
- *  \param  a    BIGNUM with the parameter a of the equation
- *  \param  b    BIGNUM with the parameter b of the equation
- *  \param  ctx  BN_CTX object (optional)
- *  \return newly created EC_GROUP object with the specified parameters
- */
-EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
-                                 const BIGNUM *b, BN_CTX *ctx);
-# ifndef OPENSSL_NO_EC2M
-/** Creates a new EC_GROUP object with the specified parameters defined
- *  over GF2m (defined by the equation y^2 + x*y = x^3 + a*x^2 + b)
- *  \param  p    BIGNUM with the polynomial defining the underlying field
- *  \param  a    BIGNUM with the parameter a of the equation
- *  \param  b    BIGNUM with the parameter b of the equation
- *  \param  ctx  BN_CTX object (optional)
- *  \return newly created EC_GROUP object with the specified parameters
- */
-EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
-                                  const BIGNUM *b, BN_CTX *ctx);
-# endif
-/** Creates a EC_GROUP object with a curve specified by a NID
- *  \param  nid  NID of the OID of the curve name
- *  \return newly created EC_GROUP object with specified curve or NULL
- *          if an error occurred
- */
-EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
-
-/********************************************************************/
-/*               handling of internal curves                        */
-/********************************************************************/
-
-typedef struct {
-    int nid;
-    const char *comment;
-} EC_builtin_curve;
-
-/*
- * EC_builtin_curves(EC_builtin_curve *r, size_t size) returns number of all
- * available curves or zero if a error occurred. In case r ist not zero
- * nitems EC_builtin_curve structures are filled with the data of the first
- * nitems internal groups
- */
-size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);
-
-const char *EC_curve_nid2nist(int nid);
-int EC_curve_nist2nid(const char *name);
-
-/********************************************************************/
-/*                    EC_POINT functions                            */
-/********************************************************************/
-
-/** Creates a new EC_POINT object for the specified EC_GROUP
- *  \param  group  EC_GROUP the underlying EC_GROUP object
- *  \return newly created EC_POINT object or NULL if an error occurred
- */
-EC_POINT *EC_POINT_new(const EC_GROUP *group);
-
-/** Frees a EC_POINT object
- *  \param  point  EC_POINT object to be freed
- */
-void EC_POINT_free(EC_POINT *point);
-
-/** Clears and frees a EC_POINT object
- *  \param  point  EC_POINT object to be cleared and freed
- */
-void EC_POINT_clear_free(EC_POINT *point);
-
-/** Copies EC_POINT object
- *  \param  dst  destination EC_POINT object
- *  \param  src  source EC_POINT object
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
-
-/** Creates a new EC_POINT object and copies the content of the supplied
- *  EC_POINT
- *  \param  src    source EC_POINT object
- *  \param  group  underlying the EC_GROUP object
- *  \return newly created EC_POINT object or NULL if an error occurred
- */
-EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
-
-/** Returns the EC_METHOD used in EC_POINT object
- *  \param  point  EC_POINT object
- *  \return the EC_METHOD used
- */
-const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
-
-/** Sets a point to infinity (neutral element)
- *  \param  group  underlying EC_GROUP object
- *  \param  point  EC_POINT to set to infinity
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
-
-/** Sets the jacobian projective coordinates of a EC_POINT over GFp
- *  \param  group  underlying EC_GROUP object
- *  \param  p      EC_POINT object
- *  \param  x      BIGNUM with the x-coordinate
- *  \param  y      BIGNUM with the y-coordinate
- *  \param  z      BIGNUM with the z-coordinate
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
-                                             EC_POINT *p, const BIGNUM *x,
-                                             const BIGNUM *y, const BIGNUM *z,
-                                             BN_CTX *ctx);
-
-/** Gets the jacobian projective coordinates of a EC_POINT over GFp
- *  \param  group  underlying EC_GROUP object
- *  \param  p      EC_POINT object
- *  \param  x      BIGNUM for the x-coordinate
- *  \param  y      BIGNUM for the y-coordinate
- *  \param  z      BIGNUM for the z-coordinate
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
-                                             const EC_POINT *p, BIGNUM *x,
-                                             BIGNUM *y, BIGNUM *z,
-                                             BN_CTX *ctx);
-
-/** Sets the affine coordinates of a EC_POINT over GFp
- *  \param  group  underlying EC_GROUP object
- *  \param  p      EC_POINT object
- *  \param  x      BIGNUM with the x-coordinate
- *  \param  y      BIGNUM with the y-coordinate
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
-                                        const BIGNUM *x, const BIGNUM *y,
-                                        BN_CTX *ctx);
-
-/** Gets the affine coordinates of a EC_POINT over GFp
- *  \param  group  underlying EC_GROUP object
- *  \param  p      EC_POINT object
- *  \param  x      BIGNUM for the x-coordinate
- *  \param  y      BIGNUM for the y-coordinate
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
-                                        const EC_POINT *p, BIGNUM *x,
-                                        BIGNUM *y, BN_CTX *ctx);
-
-/** Sets the x9.62 compressed coordinates of a EC_POINT over GFp
- *  \param  group  underlying EC_GROUP object
- *  \param  p      EC_POINT object
- *  \param  x      BIGNUM with x-coordinate
- *  \param  y_bit  integer with the y-Bit (either 0 or 1)
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
-                                            EC_POINT *p, const BIGNUM *x,
-                                            int y_bit, BN_CTX *ctx);
-# ifndef OPENSSL_NO_EC2M
-/** Sets the affine coordinates of a EC_POINT over GF2m
- *  \param  group  underlying EC_GROUP object
- *  \param  p      EC_POINT object
- *  \param  x      BIGNUM with the x-coordinate
- *  \param  y      BIGNUM with the y-coordinate
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
-                                         const BIGNUM *x, const BIGNUM *y,
-                                         BN_CTX *ctx);
-
-/** Gets the affine coordinates of a EC_POINT over GF2m
- *  \param  group  underlying EC_GROUP object
- *  \param  p      EC_POINT object
- *  \param  x      BIGNUM for the x-coordinate
- *  \param  y      BIGNUM for the y-coordinate
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
-                                         const EC_POINT *p, BIGNUM *x,
-                                         BIGNUM *y, BN_CTX *ctx);
-
-/** Sets the x9.62 compressed coordinates of a EC_POINT over GF2m
- *  \param  group  underlying EC_GROUP object
- *  \param  p      EC_POINT object
- *  \param  x      BIGNUM with x-coordinate
- *  \param  y_bit  integer with the y-Bit (either 0 or 1)
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
-                                             EC_POINT *p, const BIGNUM *x,
-                                             int y_bit, BN_CTX *ctx);
-# endif
-/** Encodes a EC_POINT object to a octet string
- *  \param  group  underlying EC_GROUP object
- *  \param  p      EC_POINT object
- *  \param  form   point conversion form
- *  \param  buf    memory buffer for the result. If NULL the function returns
- *                 required buffer size.
- *  \param  len    length of the memory buffer
- *  \param  ctx    BN_CTX object (optional)
- *  \return the length of the encoded octet string or 0 if an error occurred
- */
-size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
-                          point_conversion_form_t form,
-                          unsigned char *buf, size_t len, BN_CTX *ctx);
-
-/** Decodes a EC_POINT from a octet string
- *  \param  group  underlying EC_GROUP object
- *  \param  p      EC_POINT object
- *  \param  buf    memory buffer with the encoded ec point
- *  \param  len    length of the encoded ec point
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
-                       const unsigned char *buf, size_t len, BN_CTX *ctx);
-
-/* other interfaces to point2oct/oct2point: */
-BIGNUM *EC_POINT_point2bn(const EC_GROUP *, const EC_POINT *,
-                          point_conversion_form_t form, BIGNUM *, BN_CTX *);
-EC_POINT *EC_POINT_bn2point(const EC_GROUP *, const BIGNUM *,
-                            EC_POINT *, BN_CTX *);
-char *EC_POINT_point2hex(const EC_GROUP *, const EC_POINT *,
-                         point_conversion_form_t form, BN_CTX *);
-EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *,
-                             EC_POINT *, BN_CTX *);
-
-/********************************************************************/
-/*         functions for doing EC_POINT arithmetic                  */
-/********************************************************************/
-
-/** Computes the sum of two EC_POINT
- *  \param  group  underlying EC_GROUP object
- *  \param  r      EC_POINT object for the result (r = a + b)
- *  \param  a      EC_POINT object with the first summand
- *  \param  b      EC_POINT object with the second summand
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
-                 const EC_POINT *b, BN_CTX *ctx);
-
-/** Computes the double of a EC_POINT
- *  \param  group  underlying EC_GROUP object
- *  \param  r      EC_POINT object for the result (r = 2 * a)
- *  \param  a      EC_POINT object
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
-                 BN_CTX *ctx);
-
-/** Computes the inverse of a EC_POINT
- *  \param  group  underlying EC_GROUP object
- *  \param  a      EC_POINT object to be inverted (it's used for the result as well)
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
-
-/** Checks whether the point is the neutral element of the group
- *  \param  group  the underlying EC_GROUP object
- *  \param  p      EC_POINT object
- *  \return 1 if the point is the neutral element and 0 otherwise
- */
-int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
-
-/** Checks whether the point is on the curve
- *  \param  group  underlying EC_GROUP object
- *  \param  point  EC_POINT object to check
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 if point if on the curve and 0 otherwise
- */
-int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
-                         BN_CTX *ctx);
-
-/** Compares two EC_POINTs
- *  \param  group  underlying EC_GROUP object
- *  \param  a      first EC_POINT object
- *  \param  b      second EC_POINT object
- *  \param  ctx    BN_CTX object (optional)
- *  \return 0 if both points are equal and a value != 0 otherwise
- */
-int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b,
-                 BN_CTX *ctx);
-
-int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
-int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
-                          EC_POINT *points[], BN_CTX *ctx);
-
-/** Computes r = generator * n sum_{i=0}^{num-1} p[i] * m[i]
- *  \param  group  underlying EC_GROUP object
- *  \param  r      EC_POINT object for the result
- *  \param  n      BIGNUM with the multiplier for the group generator (optional)
- *  \param  num    number futher summands
- *  \param  p      array of size num of EC_POINT objects
- *  \param  m      array of size num of BIGNUM objects
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
-                  size_t num, const EC_POINT *p[], const BIGNUM *m[],
-                  BN_CTX *ctx);
-
-/** Computes r = generator * n + q * m
- *  \param  group  underlying EC_GROUP object
- *  \param  r      EC_POINT object for the result
- *  \param  n      BIGNUM with the multiplier for the group generator (optional)
- *  \param  q      EC_POINT object with the first factor of the second summand
- *  \param  m      BIGNUM with the second factor of the second summand
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
-                 const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
-
-/** Stores multiples of generator for faster point multiplication
- *  \param  group  EC_GROUP object
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
-
-/** Reports whether a precomputation has been done
- *  \param  group  EC_GROUP object
- *  \return 1 if a pre-computation has been done and 0 otherwise
- */
-int EC_GROUP_have_precompute_mult(const EC_GROUP *group);
-
-/********************************************************************/
-/*                       ASN1 stuff                                 */
-/********************************************************************/
-
-/*
- * EC_GROUP_get_basis_type() returns the NID of the basis type used to
- * represent the field elements
- */
-int EC_GROUP_get_basis_type(const EC_GROUP *);
-# ifndef OPENSSL_NO_EC2M
-int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
-int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
-                                   unsigned int *k2, unsigned int *k3);
-# endif
-
-# define OPENSSL_EC_NAMED_CURVE  0x001
-
-typedef struct ecpk_parameters_st ECPKPARAMETERS;
-
-EC_GROUP *d2i_ECPKParameters(EC_GROUP **, const unsigned char **in, long len);
-int i2d_ECPKParameters(const EC_GROUP *, unsigned char **out);
-
-# define d2i_ECPKParameters_bio(bp,x) ASN1_d2i_bio_of(EC_GROUP,NULL,d2i_ECPKParameters,bp,x)
-# define i2d_ECPKParameters_bio(bp,x) ASN1_i2d_bio_of_const(EC_GROUP,i2d_ECPKParameters,bp,x)
-# define d2i_ECPKParameters_fp(fp,x) (EC_GROUP *)ASN1_d2i_fp(NULL, \
-                (char *(*)())d2i_ECPKParameters,(fp),(unsigned char **)(x))
-# define i2d_ECPKParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECPKParameters,(fp), \
-                (unsigned char *)(x))
-
-# ifndef OPENSSL_NO_BIO
-int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off);
-# endif
-# ifndef OPENSSL_NO_FP_API
-int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
-# endif
-
-/********************************************************************/
-/*                      EC_KEY functions                            */
-/********************************************************************/
-
-typedef struct ec_key_st EC_KEY;
-
-/* some values for the encoding_flag */
-# define EC_PKEY_NO_PARAMETERS   0x001
-# define EC_PKEY_NO_PUBKEY       0x002
-
-/* some values for the flags field */
-# define EC_FLAG_NON_FIPS_ALLOW  0x1
-# define EC_FLAG_FIPS_CHECKED    0x2
-
-/** Creates a new EC_KEY object.
- *  \return EC_KEY object or NULL if an error occurred.
- */
-EC_KEY *EC_KEY_new(void);
-
-int EC_KEY_get_flags(const EC_KEY *key);
-
-void EC_KEY_set_flags(EC_KEY *key, int flags);
-
-void EC_KEY_clear_flags(EC_KEY *key, int flags);
-
-/** Creates a new EC_KEY object using a named curve as underlying
- *  EC_GROUP object.
- *  \param  nid  NID of the named curve.
- *  \return EC_KEY object or NULL if an error occurred.
- */
-EC_KEY *EC_KEY_new_by_curve_name(int nid);
-
-/** Frees a EC_KEY object.
- *  \param  key  EC_KEY object to be freed.
- */
-void EC_KEY_free(EC_KEY *key);
-
-/** Copies a EC_KEY object.
- *  \param  dst  destination EC_KEY object
- *  \param  src  src EC_KEY object
- *  \return dst or NULL if an error occurred.
- */
-EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
-
-/** Creates a new EC_KEY object and copies the content from src to it.
- *  \param  src  the source EC_KEY object
- *  \return newly created EC_KEY object or NULL if an error occurred.
- */
-EC_KEY *EC_KEY_dup(const EC_KEY *src);
-
-/** Increases the internal reference count of a EC_KEY object.
- *  \param  key  EC_KEY object
- *  \return 1 on success and 0 if an error occurred.
- */
-int EC_KEY_up_ref(EC_KEY *key);
-
-/** Returns the EC_GROUP object of a EC_KEY object
- *  \param  key  EC_KEY object
- *  \return the EC_GROUP object (possibly NULL).
- */
-const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
-
-/** Sets the EC_GROUP of a EC_KEY object.
- *  \param  key    EC_KEY object
- *  \param  group  EC_GROUP to use in the EC_KEY object (note: the EC_KEY
- *                 object will use an own copy of the EC_GROUP).
- *  \return 1 on success and 0 if an error occurred.
- */
-int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
-
-/** Returns the private key of a EC_KEY object.
- *  \param  key  EC_KEY object
- *  \return a BIGNUM with the private key (possibly NULL).
- */
-const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
-
-/** Sets the private key of a EC_KEY object.
- *  \param  key  EC_KEY object
- *  \param  prv  BIGNUM with the private key (note: the EC_KEY object
- *               will use an own copy of the BIGNUM).
- *  \return 1 on success and 0 if an error occurred.
- */
-int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
-
-/** Returns the public key of a EC_KEY object.
- *  \param  key  the EC_KEY object
- *  \return a EC_POINT object with the public key (possibly NULL)
- */
-const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
-
-/** Sets the public key of a EC_KEY object.
- *  \param  key  EC_KEY object
- *  \param  pub  EC_POINT object with the public key (note: the EC_KEY object
- *               will use an own copy of the EC_POINT object).
- *  \return 1 on success and 0 if an error occurred.
- */
-int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
-
-unsigned EC_KEY_get_enc_flags(const EC_KEY *key);
-void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags);
-point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
-void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
-/* functions to set/get method specific data  */
-void *EC_KEY_get_key_method_data(EC_KEY *key,
-                                 void *(*dup_func) (void *),
-                                 void (*free_func) (void *),
-                                 void (*clear_free_func) (void *));
-/** Sets the key method data of an EC_KEY object, if none has yet been set.
- *  \param  key              EC_KEY object
- *  \param  data             opaque data to install.
- *  \param  dup_func         a function that duplicates |data|.
- *  \param  free_func        a function that frees |data|.
- *  \param  clear_free_func  a function that wipes and frees |data|.
- *  \return the previously set data pointer, or NULL if |data| was inserted.
- */
-void *EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
-                                    void *(*dup_func) (void *),
-                                    void (*free_func) (void *),
-                                    void (*clear_free_func) (void *));
-/* wrapper functions for the underlying EC_GROUP object */
-void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
-
-/** Creates a table of pre-computed multiples of the generator to
- *  accelerate further EC_KEY operations.
- *  \param  key  EC_KEY object
- *  \param  ctx  BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occurred.
- */
-int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
-
-/** Creates a new ec private (and optional a new public) key.
- *  \param  key  EC_KEY object
- *  \return 1 on success and 0 if an error occurred.
- */
-int EC_KEY_generate_key(EC_KEY *key);
-
-/** Verifies that a private and/or public key is valid.
- *  \param  key  the EC_KEY object
- *  \return 1 on success and 0 otherwise.
- */
-int EC_KEY_check_key(const EC_KEY *key);
-
-/** Sets a public key from affine coordindates performing
- *  neccessary NIST PKV tests.
- *  \param  key  the EC_KEY object
- *  \param  x    public key x coordinate
- *  \param  y    public key y coordinate
- *  \return 1 on success and 0 otherwise.
- */
-int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
-                                             BIGNUM *y);
-
-/********************************************************************/
-/*        de- and encoding functions for SEC1 ECPrivateKey          */
-/********************************************************************/
-
-/** Decodes a private key from a memory buffer.
- *  \param  key  a pointer to a EC_KEY object which should be used (or NULL)
- *  \param  in   pointer to memory with the DER encoded private key
- *  \param  len  length of the DER encoded private key
- *  \return the decoded private key or NULL if an error occurred.
- */
-EC_KEY *d2i_ECPrivateKey(EC_KEY **key, const unsigned char **in, long len);
-
-/** Encodes a private key object and stores the result in a buffer.
- *  \param  key  the EC_KEY object to encode
- *  \param  out  the buffer for the result (if NULL the function returns number
- *               of bytes needed).
- *  \return 1 on success and 0 if an error occurred.
- */
-int i2d_ECPrivateKey(EC_KEY *key, unsigned char **out);
-
-/********************************************************************/
-/*        de- and encoding functions for EC parameters              */
-/********************************************************************/
-
-/** Decodes ec parameter from a memory buffer.
- *  \param  key  a pointer to a EC_KEY object which should be used (or NULL)
- *  \param  in   pointer to memory with the DER encoded ec parameters
- *  \param  len  length of the DER encoded ec parameters
- *  \return a EC_KEY object with the decoded parameters or NULL if an error
- *          occurred.
- */
-EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len);
-
-/** Encodes ec parameter and stores the result in a buffer.
- *  \param  key  the EC_KEY object with ec paramters to encode
- *  \param  out  the buffer for the result (if NULL the function returns number
- *               of bytes needed).
- *  \return 1 on success and 0 if an error occurred.
- */
-int i2d_ECParameters(EC_KEY *key, unsigned char **out);
-
-/********************************************************************/
-/*         de- and encoding functions for EC public key             */
-/*         (octet string, not DER -- hence 'o2i' and 'i2o')         */
-/********************************************************************/
-
-/** Decodes a ec public key from a octet string.
- *  \param  key  a pointer to a EC_KEY object which should be used
- *  \param  in   memory buffer with the encoded public key
- *  \param  len  length of the encoded public key
- *  \return EC_KEY object with decoded public key or NULL if an error
- *          occurred.
- */
-EC_KEY *o2i_ECPublicKey(EC_KEY **key, const unsigned char **in, long len);
-
-/** Encodes a ec public key in an octet string.
- *  \param  key  the EC_KEY object with the public key
- *  \param  out  the buffer for the result (if NULL the function returns number
- *               of bytes needed).
- *  \return 1 on success and 0 if an error occurred
- */
-int i2o_ECPublicKey(EC_KEY *key, unsigned char **out);
-
-# ifndef OPENSSL_NO_BIO
-/** Prints out the ec parameters on human readable form.
- *  \param  bp   BIO object to which the information is printed
- *  \param  key  EC_KEY object
- *  \return 1 on success and 0 if an error occurred
- */
-int ECParameters_print(BIO *bp, const EC_KEY *key);
-
-/** Prints out the contents of a EC_KEY object
- *  \param  bp   BIO object to which the information is printed
- *  \param  key  EC_KEY object
- *  \param  off  line offset
- *  \return 1 on success and 0 if an error occurred
- */
-int EC_KEY_print(BIO *bp, const EC_KEY *key, int off);
-
-# endif
-# ifndef OPENSSL_NO_FP_API
-/** Prints out the ec parameters on human readable form.
- *  \param  fp   file descriptor to which the information is printed
- *  \param  key  EC_KEY object
- *  \return 1 on success and 0 if an error occurred
- */
-int ECParameters_print_fp(FILE *fp, const EC_KEY *key);
-
-/** Prints out the contents of a EC_KEY object
- *  \param  fp   file descriptor to which the information is printed
- *  \param  key  EC_KEY object
- *  \param  off  line offset
- *  \return 1 on success and 0 if an error occurred
- */
-int EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off);
-
-# endif
-
-# define ECParameters_dup(x) ASN1_dup_of(EC_KEY,i2d_ECParameters,d2i_ECParameters,x)
-
-# ifndef __cplusplus
-#  if defined(__SUNPRO_C)
-#   if __SUNPRO_C >= 0x520
-#    pragma error_messages (default,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
-#   endif
-#  endif
-# endif
-
-# define EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
-                                EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \
-                                EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, nid, NULL)
-
-# define EVP_PKEY_CTX_set_ec_param_enc(ctx, flag) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
-                                EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \
-                                EVP_PKEY_CTRL_EC_PARAM_ENC, flag, NULL)
-
-# define EVP_PKEY_CTX_set_ecdh_cofactor_mode(ctx, flag) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
-                                EVP_PKEY_OP_DERIVE, \
-                                EVP_PKEY_CTRL_EC_ECDH_COFACTOR, flag, NULL)
-
-# define EVP_PKEY_CTX_get_ecdh_cofactor_mode(ctx) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
-                                EVP_PKEY_OP_DERIVE, \
-                                EVP_PKEY_CTRL_EC_ECDH_COFACTOR, -2, NULL)
-
-# define EVP_PKEY_CTX_set_ecdh_kdf_type(ctx, kdf) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
-                                EVP_PKEY_OP_DERIVE, \
-                                EVP_PKEY_CTRL_EC_KDF_TYPE, kdf, NULL)
-
-# define EVP_PKEY_CTX_get_ecdh_kdf_type(ctx) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
-                                EVP_PKEY_OP_DERIVE, \
-                                EVP_PKEY_CTRL_EC_KDF_TYPE, -2, NULL)
-
-# define EVP_PKEY_CTX_set_ecdh_kdf_md(ctx, md) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
-                                EVP_PKEY_OP_DERIVE, \
-                                EVP_PKEY_CTRL_EC_KDF_MD, 0, (void *)md)
-
-# define EVP_PKEY_CTX_get_ecdh_kdf_md(ctx, pmd) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
-                                EVP_PKEY_OP_DERIVE, \
-                                EVP_PKEY_CTRL_GET_EC_KDF_MD, 0, (void *)pmd)
-
-# define EVP_PKEY_CTX_set_ecdh_kdf_outlen(ctx, len) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
-                                EVP_PKEY_OP_DERIVE, \
-                                EVP_PKEY_CTRL_EC_KDF_OUTLEN, len, NULL)
-
-# define EVP_PKEY_CTX_get_ecdh_kdf_outlen(ctx, plen) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
-                                EVP_PKEY_OP_DERIVE, \
-                        EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN, 0, (void *)plen)
-
-# define EVP_PKEY_CTX_set0_ecdh_kdf_ukm(ctx, p, plen) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
-                                EVP_PKEY_OP_DERIVE, \
-                                EVP_PKEY_CTRL_EC_KDF_UKM, plen, (void *)p)
-
-# define EVP_PKEY_CTX_get0_ecdh_kdf_ukm(ctx, p) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
-                                EVP_PKEY_OP_DERIVE, \
-                                EVP_PKEY_CTRL_GET_EC_KDF_UKM, 0, (void *)p)
-
-# define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID             (EVP_PKEY_ALG_CTRL + 1)
-# define EVP_PKEY_CTRL_EC_PARAM_ENC                      (EVP_PKEY_ALG_CTRL + 2)
-# define EVP_PKEY_CTRL_EC_ECDH_COFACTOR                  (EVP_PKEY_ALG_CTRL + 3)
-# define EVP_PKEY_CTRL_EC_KDF_TYPE                       (EVP_PKEY_ALG_CTRL + 4)
-# define EVP_PKEY_CTRL_EC_KDF_MD                         (EVP_PKEY_ALG_CTRL + 5)
-# define EVP_PKEY_CTRL_GET_EC_KDF_MD                     (EVP_PKEY_ALG_CTRL + 6)
-# define EVP_PKEY_CTRL_EC_KDF_OUTLEN                     (EVP_PKEY_ALG_CTRL + 7)
-# define EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN                 (EVP_PKEY_ALG_CTRL + 8)
-# define EVP_PKEY_CTRL_EC_KDF_UKM                        (EVP_PKEY_ALG_CTRL + 9)
-# define EVP_PKEY_CTRL_GET_EC_KDF_UKM                    (EVP_PKEY_ALG_CTRL + 10)
-/* KDF types */
-# define EVP_PKEY_ECDH_KDF_NONE                          1
-# define EVP_PKEY_ECDH_KDF_X9_62                         2
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_EC_strings(void);
-
-/* Error codes for the EC functions. */
-
-/* Function codes. */
-# define EC_F_BN_TO_FELEM                                 224
-# define EC_F_COMPUTE_WNAF                                143
-# define EC_F_D2I_ECPARAMETERS                            144
-# define EC_F_D2I_ECPKPARAMETERS                          145
-# define EC_F_D2I_ECPRIVATEKEY                            146
-# define EC_F_DO_EC_KEY_PRINT                             221
-# define EC_F_ECDH_CMS_DECRYPT                            238
-# define EC_F_ECDH_CMS_SET_SHARED_INFO                    239
-# define EC_F_ECKEY_PARAM2TYPE                            223
-# define EC_F_ECKEY_PARAM_DECODE                          212
-# define EC_F_ECKEY_PRIV_DECODE                           213
-# define EC_F_ECKEY_PRIV_ENCODE                           214
-# define EC_F_ECKEY_PUB_DECODE                            215
-# define EC_F_ECKEY_PUB_ENCODE                            216
-# define EC_F_ECKEY_TYPE2PARAM                            220
-# define EC_F_ECPARAMETERS_PRINT                          147
-# define EC_F_ECPARAMETERS_PRINT_FP                       148
-# define EC_F_ECPKPARAMETERS_PRINT                        149
-# define EC_F_ECPKPARAMETERS_PRINT_FP                     150
-# define EC_F_ECP_NISTZ256_GET_AFFINE                     240
-# define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE                243
-# define EC_F_ECP_NISTZ256_POINTS_MUL                     241
-# define EC_F_ECP_NISTZ256_PRE_COMP_NEW                   244
-# define EC_F_ECP_NISTZ256_SET_WORDS                      245
-# define EC_F_ECP_NISTZ256_WINDOWED_MUL                   242
-# define EC_F_ECP_NIST_MOD_192                            203
-# define EC_F_ECP_NIST_MOD_224                            204
-# define EC_F_ECP_NIST_MOD_256                            205
-# define EC_F_ECP_NIST_MOD_521                            206
-# define EC_F_EC_ASN1_GROUP2CURVE                         153
-# define EC_F_EC_ASN1_GROUP2FIELDID                       154
-# define EC_F_EC_ASN1_GROUP2PARAMETERS                    155
-# define EC_F_EC_ASN1_GROUP2PKPARAMETERS                  156
-# define EC_F_EC_ASN1_PARAMETERS2GROUP                    157
-# define EC_F_EC_ASN1_PKPARAMETERS2GROUP                  158
-# define EC_F_EC_EX_DATA_SET_DATA                         211
-# define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY           208
-# define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT     159
-# define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE              195
-# define EC_F_EC_GF2M_SIMPLE_OCT2POINT                    160
-# define EC_F_EC_GF2M_SIMPLE_POINT2OCT                    161
-# define EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES 162
-# define EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES 163
-# define EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES   164
-# define EC_F_EC_GFP_MONT_FIELD_DECODE                    133
-# define EC_F_EC_GFP_MONT_FIELD_ENCODE                    134
-# define EC_F_EC_GFP_MONT_FIELD_MUL                       131
-# define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE                209
-# define EC_F_EC_GFP_MONT_FIELD_SQR                       132
-# define EC_F_EC_GFP_MONT_GROUP_SET_CURVE                 189
-# define EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP             135
-# define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE             225
-# define EC_F_EC_GFP_NISTP224_POINTS_MUL                  228
-# define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 226
-# define EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE             230
-# define EC_F_EC_GFP_NISTP256_POINTS_MUL                  231
-# define EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES 232
-# define EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE             233
-# define EC_F_EC_GFP_NISTP521_POINTS_MUL                  234
-# define EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES 235
-# define EC_F_EC_GFP_NIST_FIELD_MUL                       200
-# define EC_F_EC_GFP_NIST_FIELD_SQR                       201
-# define EC_F_EC_GFP_NIST_GROUP_SET_CURVE                 202
-# define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT      165
-# define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE               166
-# define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP           100
-# define EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR           101
-# define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE                   102
-# define EC_F_EC_GFP_SIMPLE_OCT2POINT                     103
-# define EC_F_EC_GFP_SIMPLE_POINT2OCT                     104
-# define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE            137
-# define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES  167
-# define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP 105
-# define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES  168
-# define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP 128
-# define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES    169
-# define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP 129
-# define EC_F_EC_GROUP_CHECK                              170
-# define EC_F_EC_GROUP_CHECK_DISCRIMINANT                 171
-# define EC_F_EC_GROUP_COPY                               106
-# define EC_F_EC_GROUP_GET0_GENERATOR                     139
-# define EC_F_EC_GROUP_GET_COFACTOR                       140
-# define EC_F_EC_GROUP_GET_CURVE_GF2M                     172
-# define EC_F_EC_GROUP_GET_CURVE_GFP                      130
-# define EC_F_EC_GROUP_GET_DEGREE                         173
-# define EC_F_EC_GROUP_GET_ORDER                          141
-# define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS              193
-# define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS                194
-# define EC_F_EC_GROUP_NEW                                108
-# define EC_F_EC_GROUP_NEW_BY_CURVE_NAME                  174
-# define EC_F_EC_GROUP_NEW_FROM_DATA                      175
-# define EC_F_EC_GROUP_PRECOMPUTE_MULT                    142
-# define EC_F_EC_GROUP_SET_CURVE_GF2M                     176
-# define EC_F_EC_GROUP_SET_CURVE_GFP                      109
-# define EC_F_EC_GROUP_SET_EXTRA_DATA                     110
-# define EC_F_EC_GROUP_SET_GENERATOR                      111
-# define EC_F_EC_KEY_CHECK_KEY                            177
-# define EC_F_EC_KEY_COPY                                 178
-# define EC_F_EC_KEY_GENERATE_KEY                         179
-# define EC_F_EC_KEY_NEW                                  182
-# define EC_F_EC_KEY_PRINT                                180
-# define EC_F_EC_KEY_PRINT_FP                             181
-# define EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES    229
-# define EC_F_EC_POINTS_MAKE_AFFINE                       136
-# define EC_F_EC_POINT_ADD                                112
-# define EC_F_EC_POINT_CMP                                113
-# define EC_F_EC_POINT_COPY                               114
-# define EC_F_EC_POINT_DBL                                115
-# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M        183
-# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP         116
-# define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP    117
-# define EC_F_EC_POINT_INVERT                             210
-# define EC_F_EC_POINT_IS_AT_INFINITY                     118
-# define EC_F_EC_POINT_IS_ON_CURVE                        119
-# define EC_F_EC_POINT_MAKE_AFFINE                        120
-# define EC_F_EC_POINT_MUL                                184
-# define EC_F_EC_POINT_NEW                                121
-# define EC_F_EC_POINT_OCT2POINT                          122
-# define EC_F_EC_POINT_POINT2OCT                          123
-# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M        185
-# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP         124
-# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M    186
-# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP     125
-# define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP    126
-# define EC_F_EC_POINT_SET_TO_INFINITY                    127
-# define EC_F_EC_PRE_COMP_DUP                             207
-# define EC_F_EC_PRE_COMP_NEW                             196
-# define EC_F_EC_WNAF_MUL                                 187
-# define EC_F_EC_WNAF_PRECOMPUTE_MULT                     188
-# define EC_F_I2D_ECPARAMETERS                            190
-# define EC_F_I2D_ECPKPARAMETERS                          191
-# define EC_F_I2D_ECPRIVATEKEY                            192
-# define EC_F_I2O_ECPUBLICKEY                             151
-# define EC_F_NISTP224_PRE_COMP_NEW                       227
-# define EC_F_NISTP256_PRE_COMP_NEW                       236
-# define EC_F_NISTP521_PRE_COMP_NEW                       237
-# define EC_F_O2I_ECPUBLICKEY                             152
-# define EC_F_OLD_EC_PRIV_DECODE                          222
-# define EC_F_PKEY_EC_CTRL                                197
-# define EC_F_PKEY_EC_CTRL_STR                            198
-# define EC_F_PKEY_EC_DERIVE                              217
-# define EC_F_PKEY_EC_KEYGEN                              199
-# define EC_F_PKEY_EC_PARAMGEN                            219
-# define EC_F_PKEY_EC_SIGN                                218
-
-/* Reason codes. */
-# define EC_R_ASN1_ERROR                                  115
-# define EC_R_ASN1_UNKNOWN_FIELD                          116
-# define EC_R_BIGNUM_OUT_OF_RANGE                         144
-# define EC_R_BUFFER_TOO_SMALL                            100
-# define EC_R_COORDINATES_OUT_OF_RANGE                    146
-# define EC_R_D2I_ECPKPARAMETERS_FAILURE                  117
-# define EC_R_DECODE_ERROR                                142
-# define EC_R_DISCRIMINANT_IS_ZERO                        118
-# define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE                119
-# define EC_R_FIELD_TOO_LARGE                             143
-# define EC_R_GF2M_NOT_SUPPORTED                          147
-# define EC_R_GROUP2PKPARAMETERS_FAILURE                  120
-# define EC_R_I2D_ECPKPARAMETERS_FAILURE                  121
-# define EC_R_INCOMPATIBLE_OBJECTS                        101
-# define EC_R_INVALID_ARGUMENT                            112
-# define EC_R_INVALID_COMPRESSED_POINT                    110
-# define EC_R_INVALID_COMPRESSION_BIT                     109
-# define EC_R_INVALID_CURVE                               141
-# define EC_R_INVALID_DIGEST                              151
-# define EC_R_INVALID_DIGEST_TYPE                         138
-# define EC_R_INVALID_ENCODING                            102
-# define EC_R_INVALID_FIELD                               103
-# define EC_R_INVALID_FORM                                104
-# define EC_R_INVALID_GROUP_ORDER                         122
-# define EC_R_INVALID_PENTANOMIAL_BASIS                   132
-# define EC_R_INVALID_PRIVATE_KEY                         123
-# define EC_R_INVALID_TRINOMIAL_BASIS                     137
-# define EC_R_KDF_PARAMETER_ERROR                         148
-# define EC_R_KEYS_NOT_SET                                140
-# define EC_R_MISSING_PARAMETERS                          124
-# define EC_R_MISSING_PRIVATE_KEY                         125
-# define EC_R_NOT_A_NIST_PRIME                            135
-# define EC_R_NOT_A_SUPPORTED_NIST_PRIME                  136
-# define EC_R_NOT_IMPLEMENTED                             126
-# define EC_R_NOT_INITIALIZED                             111
-# define EC_R_NO_FIELD_MOD                                133
-# define EC_R_NO_PARAMETERS_SET                           139
-# define EC_R_PASSED_NULL_PARAMETER                       134
-# define EC_R_PEER_KEY_ERROR                              149
-# define EC_R_PKPARAMETERS2GROUP_FAILURE                  127
-# define EC_R_POINT_AT_INFINITY                           106
-# define EC_R_POINT_IS_NOT_ON_CURVE                       107
-# define EC_R_SHARED_INFO_ERROR                           150
-# define EC_R_SLOT_FULL                                   108
-# define EC_R_UNDEFINED_GENERATOR                         113
-# define EC_R_UNDEFINED_ORDER                             128
-# define EC_R_UNKNOWN_GROUP                               129
-# define EC_R_UNKNOWN_ORDER                               114
-# define EC_R_UNSUPPORTED_FIELD                           131
-# define EC_R_WRONG_CURVE_PARAMETERS                      145
-# define EC_R_WRONG_ORDER                                 130
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/ecdh.h b/thirdparty/openssl/openssl/ecdh.h
deleted file mode 100644
index 25348b30fe..0000000000
--- a/thirdparty/openssl/openssl/ecdh.h
+++ /dev/null
@@ -1,134 +0,0 @@
-/* crypto/ecdh/ecdh.h */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
- * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
- * to the OpenSSL project.
- *
- * The ECC Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- *
- * The ECDH software is originally written by Douglas Stebila of
- * Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef HEADER_ECDH_H
-# define HEADER_ECDH_H
-
-# include <openssl/opensslconf.h>
-
-# ifdef OPENSSL_NO_ECDH
-#  error ECDH is disabled.
-# endif
-
-# include <openssl/ec.h>
-# include <openssl/ossl_typ.h>
-# ifndef OPENSSL_NO_DEPRECATED
-#  include <openssl/bn.h>
-# endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# define EC_FLAG_COFACTOR_ECDH   0x1000
-
-const ECDH_METHOD *ECDH_OpenSSL(void);
-
-void ECDH_set_default_method(const ECDH_METHOD *);
-const ECDH_METHOD *ECDH_get_default_method(void);
-int ECDH_set_method(EC_KEY *, const ECDH_METHOD *);
-
-int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
-                     EC_KEY *ecdh, void *(*KDF) (const void *in, size_t inlen,
-                                                 void *out, size_t *outlen));
-
-int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
-                          *new_func, CRYPTO_EX_dup *dup_func,
-                          CRYPTO_EX_free *free_func);
-int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg);
-void *ECDH_get_ex_data(EC_KEY *d, int idx);
-
-int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
-                   const unsigned char *Z, size_t Zlen,
-                   const unsigned char *sinfo, size_t sinfolen,
-                   const EVP_MD *md);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_ECDH_strings(void);
-
-/* Error codes for the ECDH functions. */
-
-/* Function codes. */
-# define ECDH_F_ECDH_CHECK                                102
-# define ECDH_F_ECDH_COMPUTE_KEY                          100
-# define ECDH_F_ECDH_DATA_NEW_METHOD                      101
-
-/* Reason codes. */
-# define ECDH_R_KDF_FAILED                                102
-# define ECDH_R_NON_FIPS_METHOD                           103
-# define ECDH_R_NO_PRIVATE_VALUE                          100
-# define ECDH_R_POINT_ARITHMETIC_FAILURE                  101
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/ecdsa.h b/thirdparty/openssl/openssl/ecdsa.h
deleted file mode 100644
index a6f0930f82..0000000000
--- a/thirdparty/openssl/openssl/ecdsa.h
+++ /dev/null
@@ -1,335 +0,0 @@
-/* crypto/ecdsa/ecdsa.h */
-/**
- * \file   crypto/ecdsa/ecdsa.h Include file for the OpenSSL ECDSA functions
- * \author Written by Nils Larsch for the OpenSSL project
- */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef HEADER_ECDSA_H
-# define HEADER_ECDSA_H
-
-# include <openssl/opensslconf.h>
-
-# ifdef OPENSSL_NO_ECDSA
-#  error ECDSA is disabled.
-# endif
-
-# include <openssl/ec.h>
-# include <openssl/ossl_typ.h>
-# ifndef OPENSSL_NO_DEPRECATED
-#  include <openssl/bn.h>
-# endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct ECDSA_SIG_st {
-    BIGNUM *r;
-    BIGNUM *s;
-} ECDSA_SIG;
-
-/** Allocates and initialize a ECDSA_SIG structure
- *  \return pointer to a ECDSA_SIG structure or NULL if an error occurred
- */
-ECDSA_SIG *ECDSA_SIG_new(void);
-
-/** frees a ECDSA_SIG structure
- *  \param  sig  pointer to the ECDSA_SIG structure
- */
-void ECDSA_SIG_free(ECDSA_SIG *sig);
-
-/** DER encode content of ECDSA_SIG object (note: this function modifies *pp
- *  (*pp += length of the DER encoded signature)).
- *  \param  sig  pointer to the ECDSA_SIG object
- *  \param  pp   pointer to a unsigned char pointer for the output or NULL
- *  \return the length of the DER encoded ECDSA_SIG object or 0
- */
-int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
-
-/** Decodes a DER encoded ECDSA signature (note: this function changes *pp
- *  (*pp += len)).
- *  \param  sig  pointer to ECDSA_SIG pointer (may be NULL)
- *  \param  pp   memory buffer with the DER encoded signature
- *  \param  len  length of the buffer
- *  \return pointer to the decoded ECDSA_SIG structure (or NULL)
- */
-ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
-
-/** Computes the ECDSA signature of the given hash value using
- *  the supplied private key and returns the created signature.
- *  \param  dgst      pointer to the hash value
- *  \param  dgst_len  length of the hash value
- *  \param  eckey     EC_KEY object containing a private EC key
- *  \return pointer to a ECDSA_SIG structure or NULL if an error occurred
- */
-ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
-                         EC_KEY *eckey);
-
-/** Computes ECDSA signature of a given hash value using the supplied
- *  private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
- *  \param  dgst     pointer to the hash value to sign
- *  \param  dgstlen  length of the hash value
- *  \param  kinv     BIGNUM with a pre-computed inverse k (optional)
- *  \param  rp       BIGNUM with a pre-computed rp value (optioanl),
- *                   see ECDSA_sign_setup
- *  \param  eckey    EC_KEY object containing a private EC key
- *  \return pointer to a ECDSA_SIG structure or NULL if an error occurred
- */
-ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
-                            const BIGNUM *kinv, const BIGNUM *rp,
-                            EC_KEY *eckey);
-
-/** Verifies that the supplied signature is a valid ECDSA
- *  signature of the supplied hash value using the supplied public key.
- *  \param  dgst      pointer to the hash value
- *  \param  dgst_len  length of the hash value
- *  \param  sig       ECDSA_SIG structure
- *  \param  eckey     EC_KEY object containing a public EC key
- *  \return 1 if the signature is valid, 0 if the signature is invalid
- *          and -1 on error
- */
-int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
-                    const ECDSA_SIG *sig, EC_KEY *eckey);
-
-const ECDSA_METHOD *ECDSA_OpenSSL(void);
-
-/** Sets the default ECDSA method
- *  \param  meth  new default ECDSA_METHOD
- */
-void ECDSA_set_default_method(const ECDSA_METHOD *meth);
-
-/** Returns the default ECDSA method
- *  \return pointer to ECDSA_METHOD structure containing the default method
- */
-const ECDSA_METHOD *ECDSA_get_default_method(void);
-
-/** Sets method to be used for the ECDSA operations
- *  \param  eckey  EC_KEY object
- *  \param  meth   new method
- *  \return 1 on success and 0 otherwise
- */
-int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth);
-
-/** Returns the maximum length of the DER encoded signature
- *  \param  eckey  EC_KEY object
- *  \return numbers of bytes required for the DER encoded signature
- */
-int ECDSA_size(const EC_KEY *eckey);
-
-/** Precompute parts of the signing operation
- *  \param  eckey  EC_KEY object containing a private EC key
- *  \param  ctx    BN_CTX object (optional)
- *  \param  kinv   BIGNUM pointer for the inverse of k
- *  \param  rp     BIGNUM pointer for x coordinate of k * generator
- *  \return 1 on success and 0 otherwise
- */
-int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
-
-/** Computes ECDSA signature of a given hash value using the supplied
- *  private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
- *  \param  type     this parameter is ignored
- *  \param  dgst     pointer to the hash value to sign
- *  \param  dgstlen  length of the hash value
- *  \param  sig      memory for the DER encoded created signature
- *  \param  siglen   pointer to the length of the returned signature
- *  \param  eckey    EC_KEY object containing a private EC key
- *  \return 1 on success and 0 otherwise
- */
-int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
-               unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
-
-/** Computes ECDSA signature of a given hash value using the supplied
- *  private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
- *  \param  type     this parameter is ignored
- *  \param  dgst     pointer to the hash value to sign
- *  \param  dgstlen  length of the hash value
- *  \param  sig      buffer to hold the DER encoded signature
- *  \param  siglen   pointer to the length of the returned signature
- *  \param  kinv     BIGNUM with a pre-computed inverse k (optional)
- *  \param  rp       BIGNUM with a pre-computed rp value (optioanl),
- *                   see ECDSA_sign_setup
- *  \param  eckey    EC_KEY object containing a private EC key
- *  \return 1 on success and 0 otherwise
- */
-int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
-                  unsigned char *sig, unsigned int *siglen,
-                  const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
-
-/** Verifies that the given signature is valid ECDSA signature
- *  of the supplied hash value using the specified public key.
- *  \param  type     this parameter is ignored
- *  \param  dgst     pointer to the hash value
- *  \param  dgstlen  length of the hash value
- *  \param  sig      pointer to the DER encoded signature
- *  \param  siglen   length of the DER encoded signature
- *  \param  eckey    EC_KEY object containing a public EC key
- *  \return 1 if the signature is valid, 0 if the signature is invalid
- *          and -1 on error
- */
-int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
-                 const unsigned char *sig, int siglen, EC_KEY *eckey);
-
-/* the standard ex_data functions */
-int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
-                           *new_func, CRYPTO_EX_dup *dup_func,
-                           CRYPTO_EX_free *free_func);
-int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg);
-void *ECDSA_get_ex_data(EC_KEY *d, int idx);
-
-/** Allocates and initialize a ECDSA_METHOD structure
- *  \param ecdsa_method pointer to ECDSA_METHOD to copy.  (May be NULL)
- *  \return pointer to a ECDSA_METHOD structure or NULL if an error occurred
- */
-
-ECDSA_METHOD *ECDSA_METHOD_new(const ECDSA_METHOD *ecdsa_method);
-
-/** frees a ECDSA_METHOD structure
- *  \param  ecdsa_method  pointer to the ECDSA_METHOD structure
- */
-void ECDSA_METHOD_free(ECDSA_METHOD *ecdsa_method);
-
-/**  Sets application specific data in the ECDSA_METHOD
- *   \param  ecdsa_method pointer to existing ECDSA_METHOD
- *   \param  app application specific data to set
- */
-
-void ECDSA_METHOD_set_app_data(ECDSA_METHOD *ecdsa_method, void *app);
-
-/** Returns application specific data from a ECDSA_METHOD structure
- *  \param ecdsa_method pointer to ECDSA_METHOD structure
- *  \return pointer to application specific data.
- */
-
-void *ECDSA_METHOD_get_app_data(ECDSA_METHOD *ecdsa_method);
-
-/**  Set the ECDSA_do_sign function in the ECDSA_METHOD
- *   \param  ecdsa_method  pointer to existing ECDSA_METHOD
- *   \param  ecdsa_do_sign a funtion of type ECDSA_do_sign
- */
-
-void ECDSA_METHOD_set_sign(ECDSA_METHOD *ecdsa_method,
-                           ECDSA_SIG *(*ecdsa_do_sign) (const unsigned char
-                                                        *dgst, int dgst_len,
-                                                        const BIGNUM *inv,
-                                                        const BIGNUM *rp,
-                                                        EC_KEY *eckey));
-
-/**  Set the  ECDSA_sign_setup function in the ECDSA_METHOD
- *   \param  ecdsa_method  pointer to existing ECDSA_METHOD
- *   \param  ecdsa_sign_setup a funtion of type ECDSA_sign_setup
- */
-
-void ECDSA_METHOD_set_sign_setup(ECDSA_METHOD *ecdsa_method,
-                                 int (*ecdsa_sign_setup) (EC_KEY *eckey,
-                                                          BN_CTX *ctx,
-                                                          BIGNUM **kinv,
-                                                          BIGNUM **r));
-
-/**  Set the ECDSA_do_verify function in the ECDSA_METHOD
- *   \param  ecdsa_method  pointer to existing ECDSA_METHOD
- *   \param  ecdsa_do_verify a funtion of type ECDSA_do_verify
- */
-
-void ECDSA_METHOD_set_verify(ECDSA_METHOD *ecdsa_method,
-                             int (*ecdsa_do_verify) (const unsigned char
-                                                     *dgst, int dgst_len,
-                                                     const ECDSA_SIG *sig,
-                                                     EC_KEY *eckey));
-
-void ECDSA_METHOD_set_flags(ECDSA_METHOD *ecdsa_method, int flags);
-
-/**  Set the flags field in the ECDSA_METHOD
- *   \param  ecdsa_method  pointer to existing ECDSA_METHOD
- *   \param  flags flags value to set
- */
-
-void ECDSA_METHOD_set_name(ECDSA_METHOD *ecdsa_method, char *name);
-
-/**  Set the name field in the ECDSA_METHOD
- *   \param  ecdsa_method  pointer to existing ECDSA_METHOD
- *   \param  name name to set
- */
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_ECDSA_strings(void);
-
-/* Error codes for the ECDSA functions. */
-
-/* Function codes. */
-# define ECDSA_F_ECDSA_CHECK                              104
-# define ECDSA_F_ECDSA_DATA_NEW_METHOD                    100
-# define ECDSA_F_ECDSA_DO_SIGN                            101
-# define ECDSA_F_ECDSA_DO_VERIFY                          102
-# define ECDSA_F_ECDSA_METHOD_NEW                         105
-# define ECDSA_F_ECDSA_SIGN_SETUP                         103
-
-/* Reason codes. */
-# define ECDSA_R_BAD_SIGNATURE                            100
-# define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE              101
-# define ECDSA_R_ERR_EC_LIB                               102
-# define ECDSA_R_MISSING_PARAMETERS                       103
-# define ECDSA_R_NEED_NEW_SETUP_VALUES                    106
-# define ECDSA_R_NON_FIPS_METHOD                          107
-# define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED          104
-# define ECDSA_R_SIGNATURE_MALLOC_FAILED                  105
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/engine.h b/thirdparty/openssl/openssl/engine.h
deleted file mode 100644
index bd7b591447..0000000000
--- a/thirdparty/openssl/openssl/engine.h
+++ /dev/null
@@ -1,960 +0,0 @@
-/* openssl/engine.h */
-/*
- * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#ifndef HEADER_ENGINE_H
-# define HEADER_ENGINE_H
-
-# include <openssl/opensslconf.h>
-
-# ifdef OPENSSL_NO_ENGINE
-#  error ENGINE is disabled.
-# endif
-
-# ifndef OPENSSL_NO_DEPRECATED
-#  include <openssl/bn.h>
-#  ifndef OPENSSL_NO_RSA
-#   include <openssl/rsa.h>
-#  endif
-#  ifndef OPENSSL_NO_DSA
-#   include <openssl/dsa.h>
-#  endif
-#  ifndef OPENSSL_NO_DH
-#   include <openssl/dh.h>
-#  endif
-#  ifndef OPENSSL_NO_ECDH
-#   include <openssl/ecdh.h>
-#  endif
-#  ifndef OPENSSL_NO_ECDSA
-#   include <openssl/ecdsa.h>
-#  endif
-#  include <openssl/rand.h>
-#  include <openssl/ui.h>
-#  include <openssl/err.h>
-# endif
-
-# include <openssl/ossl_typ.h>
-# include <openssl/symhacks.h>
-
-# include <openssl/x509.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/*
- * These flags are used to control combinations of algorithm (methods) by
- * bitwise "OR"ing.
- */
-# define ENGINE_METHOD_RSA               (unsigned int)0x0001
-# define ENGINE_METHOD_DSA               (unsigned int)0x0002
-# define ENGINE_METHOD_DH                (unsigned int)0x0004
-# define ENGINE_METHOD_RAND              (unsigned int)0x0008
-# define ENGINE_METHOD_ECDH              (unsigned int)0x0010
-# define ENGINE_METHOD_ECDSA             (unsigned int)0x0020
-# define ENGINE_METHOD_CIPHERS           (unsigned int)0x0040
-# define ENGINE_METHOD_DIGESTS           (unsigned int)0x0080
-# define ENGINE_METHOD_STORE             (unsigned int)0x0100
-# define ENGINE_METHOD_PKEY_METHS        (unsigned int)0x0200
-# define ENGINE_METHOD_PKEY_ASN1_METHS   (unsigned int)0x0400
-/* Obvious all-or-nothing cases. */
-# define ENGINE_METHOD_ALL               (unsigned int)0xFFFF
-# define ENGINE_METHOD_NONE              (unsigned int)0x0000
-
-/*
- * This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used
- * internally to control registration of ENGINE implementations, and can be
- * set by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to
- * initialise registered ENGINEs if they are not already initialised.
- */
-# define ENGINE_TABLE_FLAG_NOINIT        (unsigned int)0x0001
-
-/* ENGINE flags that can be set by ENGINE_set_flags(). */
-/* Not used */
-/* #define ENGINE_FLAGS_MALLOCED        0x0001 */
-
-/*
- * This flag is for ENGINEs that wish to handle the various 'CMD'-related
- * control commands on their own. Without this flag, ENGINE_ctrl() handles
- * these control commands on behalf of the ENGINE using their "cmd_defns"
- * data.
- */
-# define ENGINE_FLAGS_MANUAL_CMD_CTRL    (int)0x0002
-
-/*
- * This flag is for ENGINEs who return new duplicate structures when found
- * via "ENGINE_by_id()". When an ENGINE must store state (eg. if
- * ENGINE_ctrl() commands are called in sequence as part of some stateful
- * process like key-generation setup and execution), it can set this flag -
- * then each attempt to obtain the ENGINE will result in it being copied into
- * a new structure. Normally, ENGINEs don't declare this flag so
- * ENGINE_by_id() just increments the existing ENGINE's structural reference
- * count.
- */
-# define ENGINE_FLAGS_BY_ID_COPY         (int)0x0004
-
-/*
- * This flag if for an ENGINE that does not want its methods registered as
- * part of ENGINE_register_all_complete() for example if the methods are not
- * usable as default methods.
- */
-
-# define ENGINE_FLAGS_NO_REGISTER_ALL    (int)0x0008
-
-/*
- * ENGINEs can support their own command types, and these flags are used in
- * ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input
- * each command expects. Currently only numeric and string input is
- * supported. If a control command supports none of the _NUMERIC, _STRING, or
- * _NO_INPUT options, then it is regarded as an "internal" control command -
- * and not for use in config setting situations. As such, they're not
- * available to the ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl()
- * access. Changes to this list of 'command types' should be reflected
- * carefully in ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string().
- */
-
-/* accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */
-# define ENGINE_CMD_FLAG_NUMERIC         (unsigned int)0x0001
-/*
- * accepts string input (cast from 'void*' to 'const char *', 4th parameter
- * to ENGINE_ctrl)
- */
-# define ENGINE_CMD_FLAG_STRING          (unsigned int)0x0002
-/*
- * Indicates that the control command takes *no* input. Ie. the control
- * command is unparameterised.
- */
-# define ENGINE_CMD_FLAG_NO_INPUT        (unsigned int)0x0004
-/*
- * Indicates that the control command is internal. This control command won't
- * be shown in any output, and is only usable through the ENGINE_ctrl_cmd()
- * function.
- */
-# define ENGINE_CMD_FLAG_INTERNAL        (unsigned int)0x0008
-
-/*
- * NB: These 3 control commands are deprecated and should not be used.
- * ENGINEs relying on these commands should compile conditional support for
- * compatibility (eg. if these symbols are defined) but should also migrate
- * the same functionality to their own ENGINE-specific control functions that
- * can be "discovered" by calling applications. The fact these control
- * commands wouldn't be "executable" (ie. usable by text-based config)
- * doesn't change the fact that application code can find and use them
- * without requiring per-ENGINE hacking.
- */
-
-/*
- * These flags are used to tell the ctrl function what should be done. All
- * command numbers are shared between all engines, even if some don't make
- * sense to some engines.  In such a case, they do nothing but return the
- * error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED.
- */
-# define ENGINE_CTRL_SET_LOGSTREAM               1
-# define ENGINE_CTRL_SET_PASSWORD_CALLBACK       2
-# define ENGINE_CTRL_HUP                         3/* Close and reinitialise
-                                                   * any handles/connections
-                                                   * etc. */
-# define ENGINE_CTRL_SET_USER_INTERFACE          4/* Alternative to callback */
-# define ENGINE_CTRL_SET_CALLBACK_DATA           5/* User-specific data, used
-                                                   * when calling the password
-                                                   * callback and the user
-                                                   * interface */
-# define ENGINE_CTRL_LOAD_CONFIGURATION          6/* Load a configuration,
-                                                   * given a string that
-                                                   * represents a file name
-                                                   * or so */
-# define ENGINE_CTRL_LOAD_SECTION                7/* Load data from a given
-                                                   * section in the already
-                                                   * loaded configuration */
-
-/*
- * These control commands allow an application to deal with an arbitrary
- * engine in a dynamic way. Warn: Negative return values indicate errors FOR
- * THESE COMMANDS because zero is used to indicate 'end-of-list'. Other
- * commands, including ENGINE-specific command types, return zero for an
- * error. An ENGINE can choose to implement these ctrl functions, and can
- * internally manage things however it chooses - it does so by setting the
- * ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise
- * the ENGINE_ctrl() code handles this on the ENGINE's behalf using the
- * cmd_defns data (set using ENGINE_set_cmd_defns()). This means an ENGINE's
- * ctrl() handler need only implement its own commands - the above "meta"
- * commands will be taken care of.
- */
-
-/*
- * Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not",
- * then all the remaining control commands will return failure, so it is
- * worth checking this first if the caller is trying to "discover" the
- * engine's capabilities and doesn't want errors generated unnecessarily.
- */
-# define ENGINE_CTRL_HAS_CTRL_FUNCTION           10
-/*
- * Returns a positive command number for the first command supported by the
- * engine. Returns zero if no ctrl commands are supported.
- */
-# define ENGINE_CTRL_GET_FIRST_CMD_TYPE          11
-/*
- * The 'long' argument specifies a command implemented by the engine, and the
- * return value is the next command supported, or zero if there are no more.
- */
-# define ENGINE_CTRL_GET_NEXT_CMD_TYPE           12
-/*
- * The 'void*' argument is a command name (cast from 'const char *'), and the
- * return value is the command that corresponds to it.
- */
-# define ENGINE_CTRL_GET_CMD_FROM_NAME           13
-/*
- * The next two allow a command to be converted into its corresponding string
- * form. In each case, the 'long' argument supplies the command. In the
- * NAME_LEN case, the return value is the length of the command name (not
- * counting a trailing EOL). In the NAME case, the 'void*' argument must be a
- * string buffer large enough, and it will be populated with the name of the
- * command (WITH a trailing EOL).
- */
-# define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD       14
-# define ENGINE_CTRL_GET_NAME_FROM_CMD           15
-/* The next two are similar but give a "short description" of a command. */
-# define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD       16
-# define ENGINE_CTRL_GET_DESC_FROM_CMD           17
-/*
- * With this command, the return value is the OR'd combination of
- * ENGINE_CMD_FLAG_*** values that indicate what kind of input a given
- * engine-specific ctrl command expects.
- */
-# define ENGINE_CTRL_GET_CMD_FLAGS               18
-
-/*
- * ENGINE implementations should start the numbering of their own control
- * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc).
- */
-# define ENGINE_CMD_BASE                         200
-
-/*
- * NB: These 2 nCipher "chil" control commands are deprecated, and their
- * functionality is now available through ENGINE-specific control commands
- * (exposed through the above-mentioned 'CMD'-handling). Code using these 2
- * commands should be migrated to the more general command handling before
- * these are removed.
- */
-
-/* Flags specific to the nCipher "chil" engine */
-# define ENGINE_CTRL_CHIL_SET_FORKCHECK          100
-        /*
-         * Depending on the value of the (long)i argument, this sets or
-         * unsets the SimpleForkCheck flag in the CHIL API to enable or
-         * disable checking and workarounds for applications that fork().
-         */
-# define ENGINE_CTRL_CHIL_NO_LOCKING             101
-        /*
-         * This prevents the initialisation function from providing mutex
-         * callbacks to the nCipher library.
-         */
-
-/*
- * If an ENGINE supports its own specific control commands and wishes the
- * framework to handle the above 'ENGINE_CMD_***'-manipulation commands on
- * its behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN
- * entries to ENGINE_set_cmd_defns(). It should also implement a ctrl()
- * handler that supports the stated commands (ie. the "cmd_num" entries as
- * described by the array). NB: The array must be ordered in increasing order
- * of cmd_num. "null-terminated" means that the last ENGINE_CMD_DEFN element
- * has cmd_num set to zero and/or cmd_name set to NULL.
- */
-typedef struct ENGINE_CMD_DEFN_st {
-    unsigned int cmd_num;       /* The command number */
-    const char *cmd_name;       /* The command name itself */
-    const char *cmd_desc;       /* A short description of the command */
-    unsigned int cmd_flags;     /* The input the command expects */
-} ENGINE_CMD_DEFN;
-
-/* Generic function pointer */
-typedef int (*ENGINE_GEN_FUNC_PTR) (void);
-/* Generic function pointer taking no arguments */
-typedef int (*ENGINE_GEN_INT_FUNC_PTR) (ENGINE *);
-/* Specific control function pointer */
-typedef int (*ENGINE_CTRL_FUNC_PTR) (ENGINE *, int, long, void *,
-                                     void (*f) (void));
-/* Generic load_key function pointer */
-typedef EVP_PKEY *(*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *,
-                                         UI_METHOD *ui_method,
-                                         void *callback_data);
-typedef int (*ENGINE_SSL_CLIENT_CERT_PTR) (ENGINE *, SSL *ssl,
-                                           STACK_OF(X509_NAME) *ca_dn,
-                                           X509 **pcert, EVP_PKEY **pkey,
-                                           STACK_OF(X509) **pother,
-                                           UI_METHOD *ui_method,
-                                           void *callback_data);
-/*-
- * These callback types are for an ENGINE's handler for cipher and digest logic.
- * These handlers have these prototypes;
- *   int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);
- *   int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid);
- * Looking at how to implement these handlers in the case of cipher support, if
- * the framework wants the EVP_CIPHER for 'nid', it will call;
- *   foo(e, &p_evp_cipher, NULL, nid);    (return zero for failure)
- * If the framework wants a list of supported 'nid's, it will call;
- *   foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error)
- */
-/*
- * Returns to a pointer to the array of supported cipher 'nid's. If the
- * second parameter is non-NULL it is set to the size of the returned array.
- */
-typedef int (*ENGINE_CIPHERS_PTR) (ENGINE *, const EVP_CIPHER **,
-                                   const int **, int);
-typedef int (*ENGINE_DIGESTS_PTR) (ENGINE *, const EVP_MD **, const int **,
-                                   int);
-typedef int (*ENGINE_PKEY_METHS_PTR) (ENGINE *, EVP_PKEY_METHOD **,
-                                      const int **, int);
-typedef int (*ENGINE_PKEY_ASN1_METHS_PTR) (ENGINE *, EVP_PKEY_ASN1_METHOD **,
-                                           const int **, int);
-/*
- * STRUCTURE functions ... all of these functions deal with pointers to
- * ENGINE structures where the pointers have a "structural reference". This
- * means that their reference is to allowed access to the structure but it
- * does not imply that the structure is functional. To simply increment or
- * decrement the structural reference count, use ENGINE_by_id and
- * ENGINE_free. NB: This is not required when iterating using ENGINE_get_next
- * as it will automatically decrement the structural reference count of the
- * "current" ENGINE and increment the structural reference count of the
- * ENGINE it returns (unless it is NULL).
- */
-
-/* Get the first/last "ENGINE" type available. */
-ENGINE *ENGINE_get_first(void);
-ENGINE *ENGINE_get_last(void);
-/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */
-ENGINE *ENGINE_get_next(ENGINE *e);
-ENGINE *ENGINE_get_prev(ENGINE *e);
-/* Add another "ENGINE" type into the array. */
-int ENGINE_add(ENGINE *e);
-/* Remove an existing "ENGINE" type from the array. */
-int ENGINE_remove(ENGINE *e);
-/* Retrieve an engine from the list by its unique "id" value. */
-ENGINE *ENGINE_by_id(const char *id);
-/* Add all the built-in engines. */
-void ENGINE_load_openssl(void);
-void ENGINE_load_dynamic(void);
-# ifndef OPENSSL_NO_STATIC_ENGINE
-void ENGINE_load_4758cca(void);
-void ENGINE_load_aep(void);
-void ENGINE_load_atalla(void);
-void ENGINE_load_chil(void);
-void ENGINE_load_cswift(void);
-void ENGINE_load_nuron(void);
-void ENGINE_load_sureware(void);
-void ENGINE_load_ubsec(void);
-void ENGINE_load_padlock(void);
-void ENGINE_load_capi(void);
-#  ifndef OPENSSL_NO_GMP
-void ENGINE_load_gmp(void);
-#  endif
-#  ifndef OPENSSL_NO_GOST
-void ENGINE_load_gost(void);
-#  endif
-# endif
-void ENGINE_load_cryptodev(void);
-void ENGINE_load_rdrand(void);
-void ENGINE_load_builtin_engines(void);
-
-/*
- * Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
- * "registry" handling.
- */
-unsigned int ENGINE_get_table_flags(void);
-void ENGINE_set_table_flags(unsigned int flags);
-
-/*- Manage registration of ENGINEs per "table". For each type, there are 3
- * functions;
- *   ENGINE_register_***(e) - registers the implementation from 'e' (if it has one)
- *   ENGINE_unregister_***(e) - unregister the implementation from 'e'
- *   ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list
- * Cleanup is automatically registered from each table when required, so
- * ENGINE_cleanup() will reverse any "register" operations.
- */
-
-int ENGINE_register_RSA(ENGINE *e);
-void ENGINE_unregister_RSA(ENGINE *e);
-void ENGINE_register_all_RSA(void);
-
-int ENGINE_register_DSA(ENGINE *e);
-void ENGINE_unregister_DSA(ENGINE *e);
-void ENGINE_register_all_DSA(void);
-
-int ENGINE_register_ECDH(ENGINE *e);
-void ENGINE_unregister_ECDH(ENGINE *e);
-void ENGINE_register_all_ECDH(void);
-
-int ENGINE_register_ECDSA(ENGINE *e);
-void ENGINE_unregister_ECDSA(ENGINE *e);
-void ENGINE_register_all_ECDSA(void);
-
-int ENGINE_register_DH(ENGINE *e);
-void ENGINE_unregister_DH(ENGINE *e);
-void ENGINE_register_all_DH(void);
-
-int ENGINE_register_RAND(ENGINE *e);
-void ENGINE_unregister_RAND(ENGINE *e);
-void ENGINE_register_all_RAND(void);
-
-int ENGINE_register_STORE(ENGINE *e);
-void ENGINE_unregister_STORE(ENGINE *e);
-void ENGINE_register_all_STORE(void);
-
-int ENGINE_register_ciphers(ENGINE *e);
-void ENGINE_unregister_ciphers(ENGINE *e);
-void ENGINE_register_all_ciphers(void);
-
-int ENGINE_register_digests(ENGINE *e);
-void ENGINE_unregister_digests(ENGINE *e);
-void ENGINE_register_all_digests(void);
-
-int ENGINE_register_pkey_meths(ENGINE *e);
-void ENGINE_unregister_pkey_meths(ENGINE *e);
-void ENGINE_register_all_pkey_meths(void);
-
-int ENGINE_register_pkey_asn1_meths(ENGINE *e);
-void ENGINE_unregister_pkey_asn1_meths(ENGINE *e);
-void ENGINE_register_all_pkey_asn1_meths(void);
-
-/*
- * These functions register all support from the above categories. Note, use
- * of these functions can result in static linkage of code your application
- * may not need. If you only need a subset of functionality, consider using
- * more selective initialisation.
- */
-int ENGINE_register_complete(ENGINE *e);
-int ENGINE_register_all_complete(void);
-
-/*
- * Send parametrised control commands to the engine. The possibilities to
- * send down an integer, a pointer to data or a function pointer are
- * provided. Any of the parameters may or may not be NULL, depending on the
- * command number. In actuality, this function only requires a structural
- * (rather than functional) reference to an engine, but many control commands
- * may require the engine be functional. The caller should be aware of trying
- * commands that require an operational ENGINE, and only use functional
- * references in such situations.
- */
-int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
-
-/*
- * This function tests if an ENGINE-specific command is usable as a
- * "setting". Eg. in an application's config file that gets processed through
- * ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to
- * ENGINE_ctrl_cmd_string(), only ENGINE_ctrl().
- */
-int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
-
-/*
- * This function works like ENGINE_ctrl() with the exception of taking a
- * command name instead of a command number, and can handle optional
- * commands. See the comment on ENGINE_ctrl_cmd_string() for an explanation
- * on how to use the cmd_name and cmd_optional.
- */
-int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
-                    long i, void *p, void (*f) (void), int cmd_optional);
-
-/*
- * This function passes a command-name and argument to an ENGINE. The
- * cmd_name is converted to a command number and the control command is
- * called using 'arg' as an argument (unless the ENGINE doesn't support such
- * a command, in which case no control command is called). The command is
- * checked for input flags, and if necessary the argument will be converted
- * to a numeric value. If cmd_optional is non-zero, then if the ENGINE
- * doesn't support the given cmd_name the return value will be success
- * anyway. This function is intended for applications to use so that users
- * (or config files) can supply engine-specific config data to the ENGINE at
- * run-time to control behaviour of specific engines. As such, it shouldn't
- * be used for calling ENGINE_ctrl() functions that return data, deal with
- * binary data, or that are otherwise supposed to be used directly through
- * ENGINE_ctrl() in application code. Any "return" data from an ENGINE_ctrl()
- * operation in this function will be lost - the return value is interpreted
- * as failure if the return value is zero, success otherwise, and this
- * function returns a boolean value as a result. In other words, vendors of
- * 'ENGINE'-enabled devices should write ENGINE implementations with
- * parameterisations that work in this scheme, so that compliant ENGINE-based
- * applications can work consistently with the same configuration for the
- * same ENGINE-enabled devices, across applications.
- */
-int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
-                           int cmd_optional);
-
-/*
- * These functions are useful for manufacturing new ENGINE structures. They
- * don't address reference counting at all - one uses them to populate an
- * ENGINE structure with personalised implementations of things prior to
- * using it directly or adding it to the builtin ENGINE list in OpenSSL.
- * These are also here so that the ENGINE structure doesn't have to be
- * exposed and break binary compatibility!
- */
-ENGINE *ENGINE_new(void);
-int ENGINE_free(ENGINE *e);
-int ENGINE_up_ref(ENGINE *e);
-int ENGINE_set_id(ENGINE *e, const char *id);
-int ENGINE_set_name(ENGINE *e, const char *name);
-int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
-int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
-int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth);
-int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth);
-int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
-int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
-int ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth);
-int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
-int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
-int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
-int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
-int ENGINE_set_load_privkey_function(ENGINE *e,
-                                     ENGINE_LOAD_KEY_PTR loadpriv_f);
-int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
-int ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
-                                             ENGINE_SSL_CLIENT_CERT_PTR
-                                             loadssl_f);
-int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
-int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
-int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f);
-int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f);
-int ENGINE_set_flags(ENGINE *e, int flags);
-int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
-/* These functions allow control over any per-structure ENGINE data. */
-int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-                            CRYPTO_EX_dup *dup_func,
-                            CRYPTO_EX_free *free_func);
-int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg);
-void *ENGINE_get_ex_data(const ENGINE *e, int idx);
-
-/*
- * This function cleans up anything that needs it. Eg. the ENGINE_add()
- * function automatically ensures the list cleanup function is registered to
- * be called from ENGINE_cleanup(). Similarly, all ENGINE_register_***
- * functions ensure ENGINE_cleanup() will clean up after them.
- */
-void ENGINE_cleanup(void);
-
-/*
- * These return values from within the ENGINE structure. These can be useful
- * with functional references as well as structural references - it depends
- * which you obtained. Using the result for functional purposes if you only
- * obtained a structural reference may be problematic!
- */
-const char *ENGINE_get_id(const ENGINE *e);
-const char *ENGINE_get_name(const ENGINE *e);
-const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
-const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
-const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e);
-const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e);
-const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
-const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
-const STORE_METHOD *ENGINE_get_STORE(const ENGINE *e);
-ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
-ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
-ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
-ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
-ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
-ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
-ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE
-                                                               *e);
-ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
-ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
-ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e);
-ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e);
-const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
-const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
-const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid);
-const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid);
-const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e,
-                                                          const char *str,
-                                                          int len);
-const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe,
-                                                      const char *str,
-                                                      int len);
-const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
-int ENGINE_get_flags(const ENGINE *e);
-
-/*
- * FUNCTIONAL functions. These functions deal with ENGINE structures that
- * have (or will) be initialised for use. Broadly speaking, the structural
- * functions are useful for iterating the list of available engine types,
- * creating new engine types, and other "list" operations. These functions
- * actually deal with ENGINEs that are to be used. As such these functions
- * can fail (if applicable) when particular engines are unavailable - eg. if
- * a hardware accelerator is not attached or not functioning correctly. Each
- * ENGINE has 2 reference counts; structural and functional. Every time a
- * functional reference is obtained or released, a corresponding structural
- * reference is automatically obtained or released too.
- */
-
-/*
- * Initialise a engine type for use (or up its reference count if it's
- * already in use). This will fail if the engine is not currently operational
- * and cannot initialise.
- */
-int ENGINE_init(ENGINE *e);
-/*
- * Free a functional reference to a engine type. This does not require a
- * corresponding call to ENGINE_free as it also releases a structural
- * reference.
- */
-int ENGINE_finish(ENGINE *e);
-
-/*
- * The following functions handle keys that are stored in some secondary
- * location, handled by the engine.  The storage may be on a card or
- * whatever.
- */
-EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
-                                  UI_METHOD *ui_method, void *callback_data);
-EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
-                                 UI_METHOD *ui_method, void *callback_data);
-int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s,
-                                STACK_OF(X509_NAME) *ca_dn, X509 **pcert,
-                                EVP_PKEY **ppkey, STACK_OF(X509) **pother,
-                                UI_METHOD *ui_method, void *callback_data);
-
-/*
- * This returns a pointer for the current ENGINE structure that is (by
- * default) performing any RSA operations. The value returned is an
- * incremented reference, so it should be free'd (ENGINE_finish) before it is
- * discarded.
- */
-ENGINE *ENGINE_get_default_RSA(void);
-/* Same for the other "methods" */
-ENGINE *ENGINE_get_default_DSA(void);
-ENGINE *ENGINE_get_default_ECDH(void);
-ENGINE *ENGINE_get_default_ECDSA(void);
-ENGINE *ENGINE_get_default_DH(void);
-ENGINE *ENGINE_get_default_RAND(void);
-/*
- * These functions can be used to get a functional reference to perform
- * ciphering or digesting corresponding to "nid".
- */
-ENGINE *ENGINE_get_cipher_engine(int nid);
-ENGINE *ENGINE_get_digest_engine(int nid);
-ENGINE *ENGINE_get_pkey_meth_engine(int nid);
-ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid);
-
-/*
- * This sets a new default ENGINE structure for performing RSA operations. If
- * the result is non-zero (success) then the ENGINE structure will have had
- * its reference count up'd so the caller should still free their own
- * reference 'e'.
- */
-int ENGINE_set_default_RSA(ENGINE *e);
-int ENGINE_set_default_string(ENGINE *e, const char *def_list);
-/* Same for the other "methods" */
-int ENGINE_set_default_DSA(ENGINE *e);
-int ENGINE_set_default_ECDH(ENGINE *e);
-int ENGINE_set_default_ECDSA(ENGINE *e);
-int ENGINE_set_default_DH(ENGINE *e);
-int ENGINE_set_default_RAND(ENGINE *e);
-int ENGINE_set_default_ciphers(ENGINE *e);
-int ENGINE_set_default_digests(ENGINE *e);
-int ENGINE_set_default_pkey_meths(ENGINE *e);
-int ENGINE_set_default_pkey_asn1_meths(ENGINE *e);
-
-/*
- * The combination "set" - the flags are bitwise "OR"d from the
- * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()"
- * function, this function can result in unnecessary static linkage. If your
- * application requires only specific functionality, consider using more
- * selective functions.
- */
-int ENGINE_set_default(ENGINE *e, unsigned int flags);
-
-void ENGINE_add_conf_module(void);
-
-/* Deprecated functions ... */
-/* int ENGINE_clear_defaults(void); */
-
-/**************************/
-/* DYNAMIC ENGINE SUPPORT */
-/**************************/
-
-/* Binary/behaviour compatibility levels */
-# define OSSL_DYNAMIC_VERSION            (unsigned long)0x00020000
-/*
- * Binary versions older than this are too old for us (whether we're a loader
- * or a loadee)
- */
-# define OSSL_DYNAMIC_OLDEST             (unsigned long)0x00020000
-
-/*
- * When compiling an ENGINE entirely as an external shared library, loadable
- * by the "dynamic" ENGINE, these types are needed. The 'dynamic_fns'
- * structure type provides the calling application's (or library's) error
- * functionality and memory management function pointers to the loaded
- * library. These should be used/set in the loaded library code so that the
- * loading application's 'state' will be used/changed in all operations. The
- * 'static_state' pointer allows the loaded library to know if it shares the
- * same static data as the calling application (or library), and thus whether
- * these callbacks need to be set or not.
- */
-typedef void *(*dyn_MEM_malloc_cb) (size_t);
-typedef void *(*dyn_MEM_realloc_cb) (void *, size_t);
-typedef void (*dyn_MEM_free_cb) (void *);
-typedef struct st_dynamic_MEM_fns {
-    dyn_MEM_malloc_cb malloc_cb;
-    dyn_MEM_realloc_cb realloc_cb;
-    dyn_MEM_free_cb free_cb;
-} dynamic_MEM_fns;
-/*
- * FIXME: Perhaps the memory and locking code (crypto.h) should declare and
- * use these types so we (and any other dependant code) can simplify a bit??
- */
-typedef void (*dyn_lock_locking_cb) (int, int, const char *, int);
-typedef int (*dyn_lock_add_lock_cb) (int *, int, int, const char *, int);
-typedef struct CRYPTO_dynlock_value *(*dyn_dynlock_create_cb) (const char *,
-                                                               int);
-typedef void (*dyn_dynlock_lock_cb) (int, struct CRYPTO_dynlock_value *,
-                                     const char *, int);
-typedef void (*dyn_dynlock_destroy_cb) (struct CRYPTO_dynlock_value *,
-                                        const char *, int);
-typedef struct st_dynamic_LOCK_fns {
-    dyn_lock_locking_cb lock_locking_cb;
-    dyn_lock_add_lock_cb lock_add_lock_cb;
-    dyn_dynlock_create_cb dynlock_create_cb;
-    dyn_dynlock_lock_cb dynlock_lock_cb;
-    dyn_dynlock_destroy_cb dynlock_destroy_cb;
-} dynamic_LOCK_fns;
-/* The top-level structure */
-typedef struct st_dynamic_fns {
-    void *static_state;
-    const ERR_FNS *err_fns;
-    const CRYPTO_EX_DATA_IMPL *ex_data_fns;
-    dynamic_MEM_fns mem_fns;
-    dynamic_LOCK_fns lock_fns;
-} dynamic_fns;
-
-/*
- * The version checking function should be of this prototype. NB: The
- * ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading
- * code. If this function returns zero, it indicates a (potential) version
- * incompatibility and the loaded library doesn't believe it can proceed.
- * Otherwise, the returned value is the (latest) version supported by the
- * loading library. The loader may still decide that the loaded code's
- * version is unsatisfactory and could veto the load. The function is
- * expected to be implemented with the symbol name "v_check", and a default
- * implementation can be fully instantiated with
- * IMPLEMENT_DYNAMIC_CHECK_FN().
- */
-typedef unsigned long (*dynamic_v_check_fn) (unsigned long ossl_version);
-# define IMPLEMENT_DYNAMIC_CHECK_FN() \
-        OPENSSL_EXPORT unsigned long v_check(unsigned long v); \
-        OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \
-                if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
-                return 0; }
-
-/*
- * This function is passed the ENGINE structure to initialise with its own
- * function and command settings. It should not adjust the structural or
- * functional reference counts. If this function returns zero, (a) the load
- * will be aborted, (b) the previous ENGINE state will be memcpy'd back onto
- * the structure, and (c) the shared library will be unloaded. So
- * implementations should do their own internal cleanup in failure
- * circumstances otherwise they could leak. The 'id' parameter, if non-NULL,
- * represents the ENGINE id that the loader is looking for. If this is NULL,
- * the shared library can choose to return failure or to initialise a
- * 'default' ENGINE. If non-NULL, the shared library must initialise only an
- * ENGINE matching the passed 'id'. The function is expected to be
- * implemented with the symbol name "bind_engine". A standard implementation
- * can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where the parameter
- * 'fn' is a callback function that populates the ENGINE structure and
- * returns an int value (zero for failure). 'fn' should have prototype;
- * [static] int fn(ENGINE *e, const char *id);
- */
-typedef int (*dynamic_bind_engine) (ENGINE *e, const char *id,
-                                    const dynamic_fns *fns);
-# define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
-        OPENSSL_EXPORT \
-        int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \
-        OPENSSL_EXPORT \
-        int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
-                if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \
-                if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \
-                        fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \
-                        return 0; \
-                CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \
-                CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \
-                CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \
-                CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \
-                CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \
-                if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \
-                        return 0; \
-                if(!ERR_set_implementation(fns->err_fns)) return 0; \
-        skip_cbs: \
-                if(!fn(e,id)) return 0; \
-                return 1; }
-
-/*
- * If the loading application (or library) and the loaded ENGINE library
- * share the same static data (eg. they're both dynamically linked to the
- * same libcrypto.so) we need a way to avoid trying to set system callbacks -
- * this would fail, and for the same reason that it's unnecessary to try. If
- * the loaded ENGINE has (or gets from through the loader) its own copy of
- * the libcrypto static data, we will need to set the callbacks. The easiest
- * way to detect this is to have a function that returns a pointer to some
- * static data and let the loading application and loaded ENGINE compare
- * their respective values.
- */
-void *ENGINE_get_static_state(void);
-
-# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
-void ENGINE_setup_bsd_cryptodev(void);
-# endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_ENGINE_strings(void);
-
-/* Error codes for the ENGINE functions. */
-
-/* Function codes. */
-# define ENGINE_F_DYNAMIC_CTRL                            180
-# define ENGINE_F_DYNAMIC_GET_DATA_CTX                    181
-# define ENGINE_F_DYNAMIC_LOAD                            182
-# define ENGINE_F_DYNAMIC_SET_DATA_CTX                    183
-# define ENGINE_F_ENGINE_ADD                              105
-# define ENGINE_F_ENGINE_BY_ID                            106
-# define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE                170
-# define ENGINE_F_ENGINE_CTRL                             142
-# define ENGINE_F_ENGINE_CTRL_CMD                         178
-# define ENGINE_F_ENGINE_CTRL_CMD_STRING                  171
-# define ENGINE_F_ENGINE_FINISH                           107
-# define ENGINE_F_ENGINE_FREE_UTIL                        108
-# define ENGINE_F_ENGINE_GET_CIPHER                       185
-# define ENGINE_F_ENGINE_GET_DEFAULT_TYPE                 177
-# define ENGINE_F_ENGINE_GET_DIGEST                       186
-# define ENGINE_F_ENGINE_GET_NEXT                         115
-# define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH               193
-# define ENGINE_F_ENGINE_GET_PKEY_METH                    192
-# define ENGINE_F_ENGINE_GET_PREV                         116
-# define ENGINE_F_ENGINE_INIT                             119
-# define ENGINE_F_ENGINE_LIST_ADD                         120
-# define ENGINE_F_ENGINE_LIST_REMOVE                      121
-# define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY                 150
-# define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY                  151
-# define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT             194
-# define ENGINE_F_ENGINE_NEW                              122
-# define ENGINE_F_ENGINE_REMOVE                           123
-# define ENGINE_F_ENGINE_SET_DEFAULT_STRING               189
-# define ENGINE_F_ENGINE_SET_DEFAULT_TYPE                 126
-# define ENGINE_F_ENGINE_SET_ID                           129
-# define ENGINE_F_ENGINE_SET_NAME                         130
-# define ENGINE_F_ENGINE_TABLE_REGISTER                   184
-# define ENGINE_F_ENGINE_UNLOAD_KEY                       152
-# define ENGINE_F_ENGINE_UNLOCKED_FINISH                  191
-# define ENGINE_F_ENGINE_UP_REF                           190
-# define ENGINE_F_INT_CTRL_HELPER                         172
-# define ENGINE_F_INT_ENGINE_CONFIGURE                    188
-# define ENGINE_F_INT_ENGINE_MODULE_INIT                  187
-# define ENGINE_F_LOG_MESSAGE                             141
-
-/* Reason codes. */
-# define ENGINE_R_ALREADY_LOADED                          100
-# define ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER                133
-# define ENGINE_R_CMD_NOT_EXECUTABLE                      134
-# define ENGINE_R_COMMAND_TAKES_INPUT                     135
-# define ENGINE_R_COMMAND_TAKES_NO_INPUT                  136
-# define ENGINE_R_CONFLICTING_ENGINE_ID                   103
-# define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED            119
-# define ENGINE_R_DH_NOT_IMPLEMENTED                      139
-# define ENGINE_R_DSA_NOT_IMPLEMENTED                     140
-# define ENGINE_R_DSO_FAILURE                             104
-# define ENGINE_R_DSO_NOT_FOUND                           132
-# define ENGINE_R_ENGINES_SECTION_ERROR                   148
-# define ENGINE_R_ENGINE_CONFIGURATION_ERROR              102
-# define ENGINE_R_ENGINE_IS_NOT_IN_LIST                   105
-# define ENGINE_R_ENGINE_SECTION_ERROR                    149
-# define ENGINE_R_FAILED_LOADING_PRIVATE_KEY              128
-# define ENGINE_R_FAILED_LOADING_PUBLIC_KEY               129
-# define ENGINE_R_FINISH_FAILED                           106
-# define ENGINE_R_GET_HANDLE_FAILED                       107
-# define ENGINE_R_ID_OR_NAME_MISSING                      108
-# define ENGINE_R_INIT_FAILED                             109
-# define ENGINE_R_INTERNAL_LIST_ERROR                     110
-# define ENGINE_R_INVALID_ARGUMENT                        143
-# define ENGINE_R_INVALID_CMD_NAME                        137
-# define ENGINE_R_INVALID_CMD_NUMBER                      138
-# define ENGINE_R_INVALID_INIT_VALUE                      151
-# define ENGINE_R_INVALID_STRING                          150
-# define ENGINE_R_NOT_INITIALISED                         117
-# define ENGINE_R_NOT_LOADED                              112
-# define ENGINE_R_NO_CONTROL_FUNCTION                     120
-# define ENGINE_R_NO_INDEX                                144
-# define ENGINE_R_NO_LOAD_FUNCTION                        125
-# define ENGINE_R_NO_REFERENCE                            130
-# define ENGINE_R_NO_SUCH_ENGINE                          116
-# define ENGINE_R_NO_UNLOAD_FUNCTION                      126
-# define ENGINE_R_PROVIDE_PARAMETERS                      113
-# define ENGINE_R_RSA_NOT_IMPLEMENTED                     141
-# define ENGINE_R_UNIMPLEMENTED_CIPHER                    146
-# define ENGINE_R_UNIMPLEMENTED_DIGEST                    147
-# define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD         101
-# define ENGINE_R_VERSION_INCOMPATIBILITY                 145
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/err.h b/thirdparty/openssl/openssl/err.h
deleted file mode 100644
index f42365620d..0000000000
--- a/thirdparty/openssl/openssl/err.h
+++ /dev/null
@@ -1,390 +0,0 @@
-/* crypto/err/err.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_ERR_H
-# define HEADER_ERR_H
-
-# include <openssl/e_os2.h>
-
-# ifndef OPENSSL_NO_FP_API
-#  include <stdio.h>
-#  include <stdlib.h>
-# endif
-
-# include <openssl/ossl_typ.h>
-# ifndef OPENSSL_NO_BIO
-#  include <openssl/bio.h>
-# endif
-# ifndef OPENSSL_NO_LHASH
-#  include <openssl/lhash.h>
-# endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# ifndef OPENSSL_NO_ERR
-#  define ERR_PUT_error(a,b,c,d,e)        ERR_put_error(a,b,c,d,e)
-# else
-#  define ERR_PUT_error(a,b,c,d,e)        ERR_put_error(a,b,c,NULL,0)
-# endif
-
-# include <errno.h>
-
-# define ERR_TXT_MALLOCED        0x01
-# define ERR_TXT_STRING          0x02
-
-# define ERR_FLAG_MARK           0x01
-
-# define ERR_NUM_ERRORS  16
-typedef struct err_state_st {
-    CRYPTO_THREADID tid;
-    int err_flags[ERR_NUM_ERRORS];
-    unsigned long err_buffer[ERR_NUM_ERRORS];
-    char *err_data[ERR_NUM_ERRORS];
-    int err_data_flags[ERR_NUM_ERRORS];
-    const char *err_file[ERR_NUM_ERRORS];
-    int err_line[ERR_NUM_ERRORS];
-    int top, bottom;
-} ERR_STATE;
-
-/* library */
-# define ERR_LIB_NONE            1
-# define ERR_LIB_SYS             2
-# define ERR_LIB_BN              3
-# define ERR_LIB_RSA             4
-# define ERR_LIB_DH              5
-# define ERR_LIB_EVP             6
-# define ERR_LIB_BUF             7
-# define ERR_LIB_OBJ             8
-# define ERR_LIB_PEM             9
-# define ERR_LIB_DSA             10
-# define ERR_LIB_X509            11
-/* #define ERR_LIB_METH         12 */
-# define ERR_LIB_ASN1            13
-# define ERR_LIB_CONF            14
-# define ERR_LIB_CRYPTO          15
-# define ERR_LIB_EC              16
-# define ERR_LIB_SSL             20
-/* #define ERR_LIB_SSL23        21 */
-/* #define ERR_LIB_SSL2         22 */
-/* #define ERR_LIB_SSL3         23 */
-/* #define ERR_LIB_RSAREF       30 */
-/* #define ERR_LIB_PROXY        31 */
-# define ERR_LIB_BIO             32
-# define ERR_LIB_PKCS7           33
-# define ERR_LIB_X509V3          34
-# define ERR_LIB_PKCS12          35
-# define ERR_LIB_RAND            36
-# define ERR_LIB_DSO             37
-# define ERR_LIB_ENGINE          38
-# define ERR_LIB_OCSP            39
-# define ERR_LIB_UI              40
-# define ERR_LIB_COMP            41
-# define ERR_LIB_ECDSA           42
-# define ERR_LIB_ECDH            43
-# define ERR_LIB_STORE           44
-# define ERR_LIB_FIPS            45
-# define ERR_LIB_CMS             46
-# define ERR_LIB_TS              47
-# define ERR_LIB_HMAC            48
-# define ERR_LIB_JPAKE           49
-
-# define ERR_LIB_USER            128
-
-# define SYSerr(f,r)  ERR_PUT_error(ERR_LIB_SYS,(f),(r),__FILE__,__LINE__)
-# define BNerr(f,r)   ERR_PUT_error(ERR_LIB_BN,(f),(r),__FILE__,__LINE__)
-# define RSAerr(f,r)  ERR_PUT_error(ERR_LIB_RSA,(f),(r),__FILE__,__LINE__)
-# define DHerr(f,r)   ERR_PUT_error(ERR_LIB_DH,(f),(r),__FILE__,__LINE__)
-# define EVPerr(f,r)  ERR_PUT_error(ERR_LIB_EVP,(f),(r),__FILE__,__LINE__)
-# define BUFerr(f,r)  ERR_PUT_error(ERR_LIB_BUF,(f),(r),__FILE__,__LINE__)
-# define OBJerr(f,r)  ERR_PUT_error(ERR_LIB_OBJ,(f),(r),__FILE__,__LINE__)
-# define PEMerr(f,r)  ERR_PUT_error(ERR_LIB_PEM,(f),(r),__FILE__,__LINE__)
-# define DSAerr(f,r)  ERR_PUT_error(ERR_LIB_DSA,(f),(r),__FILE__,__LINE__)
-# define X509err(f,r) ERR_PUT_error(ERR_LIB_X509,(f),(r),__FILE__,__LINE__)
-# define ASN1err(f,r) ERR_PUT_error(ERR_LIB_ASN1,(f),(r),__FILE__,__LINE__)
-# define CONFerr(f,r) ERR_PUT_error(ERR_LIB_CONF,(f),(r),__FILE__,__LINE__)
-# define CRYPTOerr(f,r) ERR_PUT_error(ERR_LIB_CRYPTO,(f),(r),__FILE__,__LINE__)
-# define ECerr(f,r)   ERR_PUT_error(ERR_LIB_EC,(f),(r),__FILE__,__LINE__)
-# define SSLerr(f,r)  ERR_PUT_error(ERR_LIB_SSL,(f),(r),__FILE__,__LINE__)
-# define BIOerr(f,r)  ERR_PUT_error(ERR_LIB_BIO,(f),(r),__FILE__,__LINE__)
-# define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),__FILE__,__LINE__)
-# define X509V3err(f,r) ERR_PUT_error(ERR_LIB_X509V3,(f),(r),__FILE__,__LINE__)
-# define PKCS12err(f,r) ERR_PUT_error(ERR_LIB_PKCS12,(f),(r),__FILE__,__LINE__)
-# define RANDerr(f,r) ERR_PUT_error(ERR_LIB_RAND,(f),(r),__FILE__,__LINE__)
-# define DSOerr(f,r) ERR_PUT_error(ERR_LIB_DSO,(f),(r),__FILE__,__LINE__)
-# define ENGINEerr(f,r) ERR_PUT_error(ERR_LIB_ENGINE,(f),(r),__FILE__,__LINE__)
-# define OCSPerr(f,r) ERR_PUT_error(ERR_LIB_OCSP,(f),(r),__FILE__,__LINE__)
-# define UIerr(f,r) ERR_PUT_error(ERR_LIB_UI,(f),(r),__FILE__,__LINE__)
-# define COMPerr(f,r) ERR_PUT_error(ERR_LIB_COMP,(f),(r),__FILE__,__LINE__)
-# define ECDSAerr(f,r)  ERR_PUT_error(ERR_LIB_ECDSA,(f),(r),__FILE__,__LINE__)
-# define ECDHerr(f,r)  ERR_PUT_error(ERR_LIB_ECDH,(f),(r),__FILE__,__LINE__)
-# define STOREerr(f,r) ERR_PUT_error(ERR_LIB_STORE,(f),(r),__FILE__,__LINE__)
-# define FIPSerr(f,r) ERR_PUT_error(ERR_LIB_FIPS,(f),(r),__FILE__,__LINE__)
-# define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),__FILE__,__LINE__)
-# define TSerr(f,r) ERR_PUT_error(ERR_LIB_TS,(f),(r),__FILE__,__LINE__)
-# define HMACerr(f,r) ERR_PUT_error(ERR_LIB_HMAC,(f),(r),__FILE__,__LINE__)
-# define JPAKEerr(f,r) ERR_PUT_error(ERR_LIB_JPAKE,(f),(r),__FILE__,__LINE__)
-
-/*
- * Borland C seems too stupid to be able to shift and do longs in the
- * pre-processor :-(
- */
-# define ERR_PACK(l,f,r)         (((((unsigned long)l)&0xffL)*0x1000000)| \
-                                ((((unsigned long)f)&0xfffL)*0x1000)| \
-                                ((((unsigned long)r)&0xfffL)))
-# define ERR_GET_LIB(l)          (int)((((unsigned long)l)>>24L)&0xffL)
-# define ERR_GET_FUNC(l)         (int)((((unsigned long)l)>>12L)&0xfffL)
-# define ERR_GET_REASON(l)       (int)((l)&0xfffL)
-# define ERR_FATAL_ERROR(l)      (int)((l)&ERR_R_FATAL)
-
-/* OS functions */
-# define SYS_F_FOPEN             1
-# define SYS_F_CONNECT           2
-# define SYS_F_GETSERVBYNAME     3
-# define SYS_F_SOCKET            4
-# define SYS_F_IOCTLSOCKET       5
-# define SYS_F_BIND              6
-# define SYS_F_LISTEN            7
-# define SYS_F_ACCEPT            8
-# define SYS_F_WSASTARTUP        9/* Winsock stuff */
-# define SYS_F_OPENDIR           10
-# define SYS_F_FREAD             11
-# define SYS_F_FFLUSH            18
-
-/* reasons */
-# define ERR_R_SYS_LIB   ERR_LIB_SYS/* 2 */
-# define ERR_R_BN_LIB    ERR_LIB_BN/* 3 */
-# define ERR_R_RSA_LIB   ERR_LIB_RSA/* 4 */
-# define ERR_R_DH_LIB    ERR_LIB_DH/* 5 */
-# define ERR_R_EVP_LIB   ERR_LIB_EVP/* 6 */
-# define ERR_R_BUF_LIB   ERR_LIB_BUF/* 7 */
-# define ERR_R_OBJ_LIB   ERR_LIB_OBJ/* 8 */
-# define ERR_R_PEM_LIB   ERR_LIB_PEM/* 9 */
-# define ERR_R_DSA_LIB   ERR_LIB_DSA/* 10 */
-# define ERR_R_X509_LIB  ERR_LIB_X509/* 11 */
-# define ERR_R_ASN1_LIB  ERR_LIB_ASN1/* 13 */
-# define ERR_R_CONF_LIB  ERR_LIB_CONF/* 14 */
-# define ERR_R_CRYPTO_LIB ERR_LIB_CRYPTO/* 15 */
-# define ERR_R_EC_LIB    ERR_LIB_EC/* 16 */
-# define ERR_R_SSL_LIB   ERR_LIB_SSL/* 20 */
-# define ERR_R_BIO_LIB   ERR_LIB_BIO/* 32 */
-# define ERR_R_PKCS7_LIB ERR_LIB_PKCS7/* 33 */
-# define ERR_R_X509V3_LIB ERR_LIB_X509V3/* 34 */
-# define ERR_R_PKCS12_LIB ERR_LIB_PKCS12/* 35 */
-# define ERR_R_RAND_LIB  ERR_LIB_RAND/* 36 */
-# define ERR_R_DSO_LIB   ERR_LIB_DSO/* 37 */
-# define ERR_R_ENGINE_LIB ERR_LIB_ENGINE/* 38 */
-# define ERR_R_OCSP_LIB  ERR_LIB_OCSP/* 39 */
-# define ERR_R_UI_LIB    ERR_LIB_UI/* 40 */
-# define ERR_R_COMP_LIB  ERR_LIB_COMP/* 41 */
-# define ERR_R_ECDSA_LIB ERR_LIB_ECDSA/* 42 */
-# define ERR_R_ECDH_LIB  ERR_LIB_ECDH/* 43 */
-# define ERR_R_STORE_LIB ERR_LIB_STORE/* 44 */
-# define ERR_R_TS_LIB    ERR_LIB_TS/* 45 */
-
-# define ERR_R_NESTED_ASN1_ERROR                 58
-# define ERR_R_BAD_ASN1_OBJECT_HEADER            59
-# define ERR_R_BAD_GET_ASN1_OBJECT_CALL          60
-# define ERR_R_EXPECTING_AN_ASN1_SEQUENCE        61
-# define ERR_R_ASN1_LENGTH_MISMATCH              62
-# define ERR_R_MISSING_ASN1_EOS                  63
-
-/* fatal error */
-# define ERR_R_FATAL                             64
-# define ERR_R_MALLOC_FAILURE                    (1|ERR_R_FATAL)
-# define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED       (2|ERR_R_FATAL)
-# define ERR_R_PASSED_NULL_PARAMETER             (3|ERR_R_FATAL)
-# define ERR_R_INTERNAL_ERROR                    (4|ERR_R_FATAL)
-# define ERR_R_DISABLED                          (5|ERR_R_FATAL)
-
-/*
- * 99 is the maximum possible ERR_R_... code, higher values are reserved for
- * the individual libraries
- */
-
-typedef struct ERR_string_data_st {
-    unsigned long error;
-    const char *string;
-} ERR_STRING_DATA;
-
-void ERR_put_error(int lib, int func, int reason, const char *file, int line);
-void ERR_set_error_data(char *data, int flags);
-
-unsigned long ERR_get_error(void);
-unsigned long ERR_get_error_line(const char **file, int *line);
-unsigned long ERR_get_error_line_data(const char **file, int *line,
-                                      const char **data, int *flags);
-unsigned long ERR_peek_error(void);
-unsigned long ERR_peek_error_line(const char **file, int *line);
-unsigned long ERR_peek_error_line_data(const char **file, int *line,
-                                       const char **data, int *flags);
-unsigned long ERR_peek_last_error(void);
-unsigned long ERR_peek_last_error_line(const char **file, int *line);
-unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
-                                            const char **data, int *flags);
-void ERR_clear_error(void);
-char *ERR_error_string(unsigned long e, char *buf);
-void ERR_error_string_n(unsigned long e, char *buf, size_t len);
-const char *ERR_lib_error_string(unsigned long e);
-const char *ERR_func_error_string(unsigned long e);
-const char *ERR_reason_error_string(unsigned long e);
-void ERR_print_errors_cb(int (*cb) (const char *str, size_t len, void *u),
-                         void *u);
-# ifndef OPENSSL_NO_FP_API
-void ERR_print_errors_fp(FILE *fp);
-# endif
-# ifndef OPENSSL_NO_BIO
-void ERR_print_errors(BIO *bp);
-# endif
-void ERR_add_error_data(int num, ...);
-void ERR_add_error_vdata(int num, va_list args);
-void ERR_load_strings(int lib, ERR_STRING_DATA str[]);
-void ERR_unload_strings(int lib, ERR_STRING_DATA str[]);
-void ERR_load_ERR_strings(void);
-void ERR_load_crypto_strings(void);
-void ERR_free_strings(void);
-
-void ERR_remove_thread_state(const CRYPTO_THREADID *tid);
-# ifndef OPENSSL_NO_DEPRECATED
-void ERR_remove_state(unsigned long pid); /* if zero we look it up */
-# endif
-ERR_STATE *ERR_get_state(void);
-
-# ifndef OPENSSL_NO_LHASH
-LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void);
-LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void);
-void ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash);
-# endif
-
-int ERR_get_next_error_library(void);
-
-int ERR_set_mark(void);
-int ERR_pop_to_mark(void);
-
-/* Already defined in ossl_typ.h */
-/* typedef struct st_ERR_FNS ERR_FNS; */
-/*
- * An application can use this function and provide the return value to
- * loaded modules that should use the application's ERR state/functionality
- */
-const ERR_FNS *ERR_get_implementation(void);
-/*
- * A loaded module should call this function prior to any ERR operations
- * using the application's "ERR_FNS".
- */
-int ERR_set_implementation(const ERR_FNS *fns);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/openssl/evp.h b/thirdparty/openssl/openssl/evp.h
deleted file mode 100644
index d258ef870a..0000000000
--- a/thirdparty/openssl/openssl/evp.h
+++ /dev/null
@@ -1,1536 +0,0 @@
-/* crypto/evp/evp.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_ENVELOPE_H
-# define HEADER_ENVELOPE_H
-
-# ifdef OPENSSL_ALGORITHM_DEFINES
-#  include <openssl/opensslconf.h>
-# else
-#  define OPENSSL_ALGORITHM_DEFINES
-#  include <openssl/opensslconf.h>
-#  undef OPENSSL_ALGORITHM_DEFINES
-# endif
-
-# include <openssl/ossl_typ.h>
-
-# include <openssl/symhacks.h>
-
-# ifndef OPENSSL_NO_BIO
-#  include <openssl/bio.h>
-# endif
-
-/*-
-#define EVP_RC2_KEY_SIZE                16
-#define EVP_RC4_KEY_SIZE                16
-#define EVP_BLOWFISH_KEY_SIZE           16
-#define EVP_CAST5_KEY_SIZE              16
-#define EVP_RC5_32_12_16_KEY_SIZE       16
-*/
-# define EVP_MAX_MD_SIZE                 64/* longest known is SHA512 */
-# define EVP_MAX_KEY_LENGTH              64
-# define EVP_MAX_IV_LENGTH               16
-# define EVP_MAX_BLOCK_LENGTH            32
-
-# define PKCS5_SALT_LEN                  8
-/* Default PKCS#5 iteration count */
-# define PKCS5_DEFAULT_ITER              2048
-
-# include <openssl/objects.h>
-
-# define EVP_PK_RSA      0x0001
-# define EVP_PK_DSA      0x0002
-# define EVP_PK_DH       0x0004
-# define EVP_PK_EC       0x0008
-# define EVP_PKT_SIGN    0x0010
-# define EVP_PKT_ENC     0x0020
-# define EVP_PKT_EXCH    0x0040
-# define EVP_PKS_RSA     0x0100
-# define EVP_PKS_DSA     0x0200
-# define EVP_PKS_EC      0x0400
-
-# define EVP_PKEY_NONE   NID_undef
-# define EVP_PKEY_RSA    NID_rsaEncryption
-# define EVP_PKEY_RSA2   NID_rsa
-# define EVP_PKEY_DSA    NID_dsa
-# define EVP_PKEY_DSA1   NID_dsa_2
-# define EVP_PKEY_DSA2   NID_dsaWithSHA
-# define EVP_PKEY_DSA3   NID_dsaWithSHA1
-# define EVP_PKEY_DSA4   NID_dsaWithSHA1_2
-# define EVP_PKEY_DH     NID_dhKeyAgreement
-# define EVP_PKEY_DHX    NID_dhpublicnumber
-# define EVP_PKEY_EC     NID_X9_62_id_ecPublicKey
-# define EVP_PKEY_HMAC   NID_hmac
-# define EVP_PKEY_CMAC   NID_cmac
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/*
- * Type needs to be a bit field Sub-type needs to be for variations on the
- * method, as in, can it do arbitrary encryption....
- */
-struct evp_pkey_st {
-    int type;
-    int save_type;
-    int references;
-    const EVP_PKEY_ASN1_METHOD *ameth;
-    ENGINE *engine;
-    union {
-        char *ptr;
-# ifndef OPENSSL_NO_RSA
-        struct rsa_st *rsa;     /* RSA */
-# endif
-# ifndef OPENSSL_NO_DSA
-        struct dsa_st *dsa;     /* DSA */
-# endif
-# ifndef OPENSSL_NO_DH
-        struct dh_st *dh;       /* DH */
-# endif
-# ifndef OPENSSL_NO_EC
-        struct ec_key_st *ec;   /* ECC */
-# endif
-    } pkey;
-    int save_parameters;
-    STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
-} /* EVP_PKEY */ ;
-
-# define EVP_PKEY_MO_SIGN        0x0001
-# define EVP_PKEY_MO_VERIFY      0x0002
-# define EVP_PKEY_MO_ENCRYPT     0x0004
-# define EVP_PKEY_MO_DECRYPT     0x0008
-
-# ifndef EVP_MD
-struct env_md_st {
-    int type;
-    int pkey_type;
-    int md_size;
-    unsigned long flags;
-    int (*init) (EVP_MD_CTX *ctx);
-    int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count);
-    int (*final) (EVP_MD_CTX *ctx, unsigned char *md);
-    int (*copy) (EVP_MD_CTX *to, const EVP_MD_CTX *from);
-    int (*cleanup) (EVP_MD_CTX *ctx);
-    /* FIXME: prototype these some day */
-    int (*sign) (int type, const unsigned char *m, unsigned int m_length,
-                 unsigned char *sigret, unsigned int *siglen, void *key);
-    int (*verify) (int type, const unsigned char *m, unsigned int m_length,
-                   const unsigned char *sigbuf, unsigned int siglen,
-                   void *key);
-    int required_pkey_type[5];  /* EVP_PKEY_xxx */
-    int block_size;
-    int ctx_size;               /* how big does the ctx->md_data need to be */
-    /* control function */
-    int (*md_ctrl) (EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
-} /* EVP_MD */ ;
-
-typedef int evp_sign_method(int type, const unsigned char *m,
-                            unsigned int m_length, unsigned char *sigret,
-                            unsigned int *siglen, void *key);
-typedef int evp_verify_method(int type, const unsigned char *m,
-                              unsigned int m_length,
-                              const unsigned char *sigbuf,
-                              unsigned int siglen, void *key);
-
-/* digest can only handle a single block */
-#  define EVP_MD_FLAG_ONESHOT     0x0001
-
-/*
- * digest is a "clone" digest used
- * which is a copy of an existing
- * one for a specific public key type.
- * EVP_dss1() etc
- */
-#  define EVP_MD_FLAG_PKEY_DIGEST 0x0002
-
-/* Digest uses EVP_PKEY_METHOD for signing instead of MD specific signing */
-
-#  define EVP_MD_FLAG_PKEY_METHOD_SIGNATURE       0x0004
-
-/* DigestAlgorithmIdentifier flags... */
-
-#  define EVP_MD_FLAG_DIGALGID_MASK               0x0018
-
-/* NULL or absent parameter accepted. Use NULL */
-
-#  define EVP_MD_FLAG_DIGALGID_NULL               0x0000
-
-/* NULL or absent parameter accepted. Use NULL for PKCS#1 otherwise absent */
-
-#  define EVP_MD_FLAG_DIGALGID_ABSENT             0x0008
-
-/* Custom handling via ctrl */
-
-#  define EVP_MD_FLAG_DIGALGID_CUSTOM             0x0018
-
-/* Note if suitable for use in FIPS mode */
-#  define EVP_MD_FLAG_FIPS        0x0400
-
-/* Digest ctrls */
-
-#  define EVP_MD_CTRL_DIGALGID                    0x1
-#  define EVP_MD_CTRL_MICALG                      0x2
-
-/* Minimum Algorithm specific ctrl value */
-
-#  define EVP_MD_CTRL_ALG_CTRL                    0x1000
-
-#  define EVP_PKEY_NULL_method    NULL,NULL,{0,0,0,0}
-
-#  ifndef OPENSSL_NO_DSA
-#   define EVP_PKEY_DSA_method     (evp_sign_method *)DSA_sign, \
-                                (evp_verify_method *)DSA_verify, \
-                                {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \
-                                        EVP_PKEY_DSA4,0}
-#  else
-#   define EVP_PKEY_DSA_method     EVP_PKEY_NULL_method
-#  endif
-
-#  ifndef OPENSSL_NO_ECDSA
-#   define EVP_PKEY_ECDSA_method   (evp_sign_method *)ECDSA_sign, \
-                                (evp_verify_method *)ECDSA_verify, \
-                                 {EVP_PKEY_EC,0,0,0}
-#  else
-#   define EVP_PKEY_ECDSA_method   EVP_PKEY_NULL_method
-#  endif
-
-#  ifndef OPENSSL_NO_RSA
-#   define EVP_PKEY_RSA_method     (evp_sign_method *)RSA_sign, \
-                                (evp_verify_method *)RSA_verify, \
-                                {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
-#   define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \
-                                (evp_sign_method *)RSA_sign_ASN1_OCTET_STRING, \
-                                (evp_verify_method *)RSA_verify_ASN1_OCTET_STRING, \
-                                {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
-#  else
-#   define EVP_PKEY_RSA_method     EVP_PKEY_NULL_method
-#   define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method
-#  endif
-
-# endif                         /* !EVP_MD */
-
-struct env_md_ctx_st {
-    const EVP_MD *digest;
-    ENGINE *engine;             /* functional reference if 'digest' is
-                                 * ENGINE-provided */
-    unsigned long flags;
-    void *md_data;
-    /* Public key context for sign/verify */
-    EVP_PKEY_CTX *pctx;
-    /* Update function: usually copied from EVP_MD */
-    int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count);
-} /* EVP_MD_CTX */ ;
-
-/* values for EVP_MD_CTX flags */
-
-# define EVP_MD_CTX_FLAG_ONESHOT         0x0001/* digest update will be
-                                                * called once only */
-# define EVP_MD_CTX_FLAG_CLEANED         0x0002/* context has already been
-                                                * cleaned */
-# define EVP_MD_CTX_FLAG_REUSE           0x0004/* Don't free up ctx->md_data
-                                                * in EVP_MD_CTX_cleanup */
-/*
- * FIPS and pad options are ignored in 1.0.0, definitions are here so we
- * don't accidentally reuse the values for other purposes.
- */
-
-# define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW  0x0008/* Allow use of non FIPS
-                                                * digest in FIPS mode */
-
-/*
- * The following PAD options are also currently ignored in 1.0.0, digest
- * parameters are handled through EVP_DigestSign*() and EVP_DigestVerify*()
- * instead.
- */
-# define EVP_MD_CTX_FLAG_PAD_MASK        0xF0/* RSA mode to use */
-# define EVP_MD_CTX_FLAG_PAD_PKCS1       0x00/* PKCS#1 v1.5 mode */
-# define EVP_MD_CTX_FLAG_PAD_X931        0x10/* X9.31 mode */
-# define EVP_MD_CTX_FLAG_PAD_PSS         0x20/* PSS mode */
-
-# define EVP_MD_CTX_FLAG_NO_INIT         0x0100/* Don't initialize md_data */
-
-struct evp_cipher_st {
-    int nid;
-    int block_size;
-    /* Default value for variable length ciphers */
-    int key_len;
-    int iv_len;
-    /* Various flags */
-    unsigned long flags;
-    /* init key */
-    int (*init) (EVP_CIPHER_CTX *ctx, const unsigned char *key,
-                 const unsigned char *iv, int enc);
-    /* encrypt/decrypt data */
-    int (*do_cipher) (EVP_CIPHER_CTX *ctx, unsigned char *out,
-                      const unsigned char *in, size_t inl);
-    /* cleanup ctx */
-    int (*cleanup) (EVP_CIPHER_CTX *);
-    /* how big ctx->cipher_data needs to be */
-    int ctx_size;
-    /* Populate a ASN1_TYPE with parameters */
-    int (*set_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
-    /* Get parameters from a ASN1_TYPE */
-    int (*get_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
-    /* Miscellaneous operations */
-    int (*ctrl) (EVP_CIPHER_CTX *, int type, int arg, void *ptr);
-    /* Application data */
-    void *app_data;
-} /* EVP_CIPHER */ ;
-
-/* Values for cipher flags */
-
-/* Modes for ciphers */
-
-# define         EVP_CIPH_STREAM_CIPHER          0x0
-# define         EVP_CIPH_ECB_MODE               0x1
-# define         EVP_CIPH_CBC_MODE               0x2
-# define         EVP_CIPH_CFB_MODE               0x3
-# define         EVP_CIPH_OFB_MODE               0x4
-# define         EVP_CIPH_CTR_MODE               0x5
-# define         EVP_CIPH_GCM_MODE               0x6
-# define         EVP_CIPH_CCM_MODE               0x7
-# define         EVP_CIPH_XTS_MODE               0x10001
-# define         EVP_CIPH_WRAP_MODE              0x10002
-# define         EVP_CIPH_MODE                   0xF0007
-/* Set if variable length cipher */
-# define         EVP_CIPH_VARIABLE_LENGTH        0x8
-/* Set if the iv handling should be done by the cipher itself */
-# define         EVP_CIPH_CUSTOM_IV              0x10
-/* Set if the cipher's init() function should be called if key is NULL */
-# define         EVP_CIPH_ALWAYS_CALL_INIT       0x20
-/* Call ctrl() to init cipher parameters */
-# define         EVP_CIPH_CTRL_INIT              0x40
-/* Don't use standard key length function */
-# define         EVP_CIPH_CUSTOM_KEY_LENGTH      0x80
-/* Don't use standard block padding */
-# define         EVP_CIPH_NO_PADDING             0x100
-/* cipher handles random key generation */
-# define         EVP_CIPH_RAND_KEY               0x200
-/* cipher has its own additional copying logic */
-# define         EVP_CIPH_CUSTOM_COPY            0x400
-/* Allow use default ASN1 get/set iv */
-# define         EVP_CIPH_FLAG_DEFAULT_ASN1      0x1000
-/* Buffer length in bits not bytes: CFB1 mode only */
-# define         EVP_CIPH_FLAG_LENGTH_BITS       0x2000
-/* Note if suitable for use in FIPS mode */
-# define         EVP_CIPH_FLAG_FIPS              0x4000
-/* Allow non FIPS cipher in FIPS mode */
-# define         EVP_CIPH_FLAG_NON_FIPS_ALLOW    0x8000
-/*
- * Cipher handles any and all padding logic as well as finalisation.
- */
-# define         EVP_CIPH_FLAG_CUSTOM_CIPHER     0x100000
-# define         EVP_CIPH_FLAG_AEAD_CIPHER       0x200000
-# define         EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0x400000
-
-/*
- * Cipher context flag to indicate we can handle wrap mode: if allowed in
- * older applications it could overflow buffers.
- */
-
-# define         EVP_CIPHER_CTX_FLAG_WRAP_ALLOW  0x1
-
-/* ctrl() values */
-
-# define         EVP_CTRL_INIT                   0x0
-# define         EVP_CTRL_SET_KEY_LENGTH         0x1
-# define         EVP_CTRL_GET_RC2_KEY_BITS       0x2
-# define         EVP_CTRL_SET_RC2_KEY_BITS       0x3
-# define         EVP_CTRL_GET_RC5_ROUNDS         0x4
-# define         EVP_CTRL_SET_RC5_ROUNDS         0x5
-# define         EVP_CTRL_RAND_KEY               0x6
-# define         EVP_CTRL_PBE_PRF_NID            0x7
-# define         EVP_CTRL_COPY                   0x8
-# define         EVP_CTRL_GCM_SET_IVLEN          0x9
-# define         EVP_CTRL_GCM_GET_TAG            0x10
-# define         EVP_CTRL_GCM_SET_TAG            0x11
-# define         EVP_CTRL_GCM_SET_IV_FIXED       0x12
-# define         EVP_CTRL_GCM_IV_GEN             0x13
-# define         EVP_CTRL_CCM_SET_IVLEN          EVP_CTRL_GCM_SET_IVLEN
-# define         EVP_CTRL_CCM_GET_TAG            EVP_CTRL_GCM_GET_TAG
-# define         EVP_CTRL_CCM_SET_TAG            EVP_CTRL_GCM_SET_TAG
-# define         EVP_CTRL_CCM_SET_L              0x14
-# define         EVP_CTRL_CCM_SET_MSGLEN         0x15
-/*
- * AEAD cipher deduces payload length and returns number of bytes required to
- * store MAC and eventual padding. Subsequent call to EVP_Cipher even
- * appends/verifies MAC.
- */
-# define         EVP_CTRL_AEAD_TLS1_AAD          0x16
-/* Used by composite AEAD ciphers, no-op in GCM, CCM... */
-# define         EVP_CTRL_AEAD_SET_MAC_KEY       0x17
-/* Set the GCM invocation field, decrypt only */
-# define         EVP_CTRL_GCM_SET_IV_INV         0x18
-
-# define         EVP_CTRL_TLS1_1_MULTIBLOCK_AAD  0x19
-# define         EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT      0x1a
-# define         EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT      0x1b
-# define         EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE  0x1c
-
-/* RFC 5246 defines additional data to be 13 bytes in length */
-# define         EVP_AEAD_TLS1_AAD_LEN           13
-
-typedef struct {
-    unsigned char *out;
-    const unsigned char *inp;
-    size_t len;
-    unsigned int interleave;
-} EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM;
-
-/* GCM TLS constants */
-/* Length of fixed part of IV derived from PRF */
-# define EVP_GCM_TLS_FIXED_IV_LEN                        4
-/* Length of explicit part of IV part of TLS records */
-# define EVP_GCM_TLS_EXPLICIT_IV_LEN                     8
-/* Length of tag for TLS */
-# define EVP_GCM_TLS_TAG_LEN                             16
-
-typedef struct evp_cipher_info_st {
-    const EVP_CIPHER *cipher;
-    unsigned char iv[EVP_MAX_IV_LENGTH];
-} EVP_CIPHER_INFO;
-
-struct evp_cipher_ctx_st {
-    const EVP_CIPHER *cipher;
-    ENGINE *engine;             /* functional reference if 'cipher' is
-                                 * ENGINE-provided */
-    int encrypt;                /* encrypt or decrypt */
-    int buf_len;                /* number we have left */
-    unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */
-    unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */
-    unsigned char buf[EVP_MAX_BLOCK_LENGTH]; /* saved partial block */
-    int num;                    /* used by cfb/ofb/ctr mode */
-    void *app_data;             /* application stuff */
-    int key_len;                /* May change for variable length cipher */
-    unsigned long flags;        /* Various flags */
-    void *cipher_data;          /* per EVP data */
-    int final_used;
-    int block_mask;
-    unsigned char final[EVP_MAX_BLOCK_LENGTH]; /* possible final block */
-} /* EVP_CIPHER_CTX */ ;
-
-typedef struct evp_Encode_Ctx_st {
-    /* number saved in a partial encode/decode */
-    int num;
-    /*
-     * The length is either the output line length (in input bytes) or the
-     * shortest input line length that is ok.  Once decoding begins, the
-     * length is adjusted up each time a longer line is decoded
-     */
-    int length;
-    /* data to encode */
-    unsigned char enc_data[80];
-    /* number read on current line */
-    int line_num;
-    int expect_nl;
-} EVP_ENCODE_CTX;
-
-/* Password based encryption function */
-typedef int (EVP_PBE_KEYGEN) (EVP_CIPHER_CTX *ctx, const char *pass,
-                              int passlen, ASN1_TYPE *param,
-                              const EVP_CIPHER *cipher, const EVP_MD *md,
-                              int en_de);
-
-# ifndef OPENSSL_NO_RSA
-#  define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
-                                        (char *)(rsa))
-# endif
-
-# ifndef OPENSSL_NO_DSA
-#  define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
-                                        (char *)(dsa))
-# endif
-
-# ifndef OPENSSL_NO_DH
-#  define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\
-                                        (char *)(dh))
-# endif
-
-# ifndef OPENSSL_NO_EC
-#  define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC,\
-                                        (char *)(eckey))
-# endif
-
-/* Add some extra combinations */
-# define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
-# define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
-# define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
-# define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
-
-int EVP_MD_type(const EVP_MD *md);
-# define EVP_MD_nid(e)                   EVP_MD_type(e)
-# define EVP_MD_name(e)                  OBJ_nid2sn(EVP_MD_nid(e))
-int EVP_MD_pkey_type(const EVP_MD *md);
-int EVP_MD_size(const EVP_MD *md);
-int EVP_MD_block_size(const EVP_MD *md);
-unsigned long EVP_MD_flags(const EVP_MD *md);
-
-const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
-# define EVP_MD_CTX_size(e)              EVP_MD_size(EVP_MD_CTX_md(e))
-# define EVP_MD_CTX_block_size(e)        EVP_MD_block_size(EVP_MD_CTX_md(e))
-# define EVP_MD_CTX_type(e)              EVP_MD_type(EVP_MD_CTX_md(e))
-
-int EVP_CIPHER_nid(const EVP_CIPHER *cipher);
-# define EVP_CIPHER_name(e)              OBJ_nid2sn(EVP_CIPHER_nid(e))
-int EVP_CIPHER_block_size(const EVP_CIPHER *cipher);
-int EVP_CIPHER_key_length(const EVP_CIPHER *cipher);
-int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher);
-unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher);
-# define EVP_CIPHER_mode(e)              (EVP_CIPHER_flags(e) & EVP_CIPH_MODE)
-
-const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
-int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
-int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
-int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
-int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
-int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in);
-void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
-void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data);
-# define EVP_CIPHER_CTX_type(c)         EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
-unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx);
-# define EVP_CIPHER_CTX_mode(e)          (EVP_CIPHER_CTX_flags(e) & EVP_CIPH_MODE)
-
-# define EVP_ENCODE_LENGTH(l)    (((l+2)/3*4)+(l/48+1)*2+80)
-# define EVP_DECODE_LENGTH(l)    ((l+3)/4*3+80)
-
-# define EVP_SignInit_ex(a,b,c)          EVP_DigestInit_ex(a,b,c)
-# define EVP_SignInit(a,b)               EVP_DigestInit(a,b)
-# define EVP_SignUpdate(a,b,c)           EVP_DigestUpdate(a,b,c)
-# define EVP_VerifyInit_ex(a,b,c)        EVP_DigestInit_ex(a,b,c)
-# define EVP_VerifyInit(a,b)             EVP_DigestInit(a,b)
-# define EVP_VerifyUpdate(a,b,c)         EVP_DigestUpdate(a,b,c)
-# define EVP_OpenUpdate(a,b,c,d,e)       EVP_DecryptUpdate(a,b,c,d,e)
-# define EVP_SealUpdate(a,b,c,d,e)       EVP_EncryptUpdate(a,b,c,d,e)
-# define EVP_DigestSignUpdate(a,b,c)     EVP_DigestUpdate(a,b,c)
-# define EVP_DigestVerifyUpdate(a,b,c)   EVP_DigestUpdate(a,b,c)
-
-# ifdef CONST_STRICT
-void BIO_set_md(BIO *, const EVP_MD *md);
-# else
-#  define BIO_set_md(b,md)               BIO_ctrl(b,BIO_C_SET_MD,0,(char *)md)
-# endif
-# define BIO_get_md(b,mdp)               BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp)
-# define BIO_get_md_ctx(b,mdcp)     BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp)
-# define BIO_set_md_ctx(b,mdcp)     BIO_ctrl(b,BIO_C_SET_MD_CTX,0,(char *)mdcp)
-# define BIO_get_cipher_status(b)        BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
-# define BIO_get_cipher_ctx(b,c_pp)      BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp)
-
-int EVP_Cipher(EVP_CIPHER_CTX *c,
-               unsigned char *out, const unsigned char *in, unsigned int inl);
-
-# define EVP_add_cipher_alias(n,alias) \
-        OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n))
-# define EVP_add_digest_alias(n,alias) \
-        OBJ_NAME_add((alias),OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,(n))
-# define EVP_delete_cipher_alias(alias) \
-        OBJ_NAME_remove(alias,OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS);
-# define EVP_delete_digest_alias(alias) \
-        OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS);
-
-void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
-int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
-EVP_MD_CTX *EVP_MD_CTX_create(void);
-void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
-int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
-void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
-void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
-int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
-int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
-int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
-int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
-int EVP_Digest(const void *data, size_t count,
-               unsigned char *md, unsigned int *size, const EVP_MD *type,
-               ENGINE *impl);
-
-int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in);
-int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
-int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
-
-int EVP_read_pw_string(char *buf, int length, const char *prompt, int verify);
-int EVP_read_pw_string_min(char *buf, int minlen, int maxlen,
-                           const char *prompt, int verify);
-void EVP_set_pw_prompt(const char *prompt);
-char *EVP_get_pw_prompt(void);
-
-int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
-                   const unsigned char *salt, const unsigned char *data,
-                   int datal, int count, unsigned char *key,
-                   unsigned char *iv);
-
-void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags);
-void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags);
-int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags);
-
-int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-                    const unsigned char *key, const unsigned char *iv);
-int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-                       ENGINE *impl, const unsigned char *key,
-                       const unsigned char *iv);
-int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
-                      const unsigned char *in, int inl);
-int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
-int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
-
-int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-                    const unsigned char *key, const unsigned char *iv);
-int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-                       ENGINE *impl, const unsigned char *key,
-                       const unsigned char *iv);
-int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
-                      const unsigned char *in, int inl);
-int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
-int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
-
-int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-                   const unsigned char *key, const unsigned char *iv,
-                   int enc);
-int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-                      ENGINE *impl, const unsigned char *key,
-                      const unsigned char *iv, int enc);
-int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
-                     const unsigned char *in, int inl);
-int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
-int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
-
-int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s,
-                  EVP_PKEY *pkey);
-
-int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
-                    unsigned int siglen, EVP_PKEY *pkey);
-
-int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
-                       const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
-int EVP_DigestSignFinal(EVP_MD_CTX *ctx,
-                        unsigned char *sigret, size_t *siglen);
-
-int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
-                         const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
-int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx,
-                          const unsigned char *sig, size_t siglen);
-
-int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-                 const unsigned char *ek, int ekl, const unsigned char *iv,
-                 EVP_PKEY *priv);
-int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
-
-int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-                 unsigned char **ek, int *ekl, unsigned char *iv,
-                 EVP_PKEY **pubk, int npubk);
-int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
-
-void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
-void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
-                      const unsigned char *in, int inl);
-void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
-int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
-
-void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
-int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
-                     const unsigned char *in, int inl);
-int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
-                    char *out, int *outl);
-int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
-
-void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
-int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
-EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
-void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *a);
-int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
-int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad);
-int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
-int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
-
-# ifndef OPENSSL_NO_BIO
-BIO_METHOD *BIO_f_md(void);
-BIO_METHOD *BIO_f_base64(void);
-BIO_METHOD *BIO_f_cipher(void);
-BIO_METHOD *BIO_f_reliable(void);
-void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k,
-                    const unsigned char *i, int enc);
-# endif
-
-const EVP_MD *EVP_md_null(void);
-# ifndef OPENSSL_NO_MD2
-const EVP_MD *EVP_md2(void);
-# endif
-# ifndef OPENSSL_NO_MD4
-const EVP_MD *EVP_md4(void);
-# endif
-# ifndef OPENSSL_NO_MD5
-const EVP_MD *EVP_md5(void);
-# endif
-# ifndef OPENSSL_NO_SHA
-const EVP_MD *EVP_sha(void);
-const EVP_MD *EVP_sha1(void);
-const EVP_MD *EVP_dss(void);
-const EVP_MD *EVP_dss1(void);
-const EVP_MD *EVP_ecdsa(void);
-# endif
-# ifndef OPENSSL_NO_SHA256
-const EVP_MD *EVP_sha224(void);
-const EVP_MD *EVP_sha256(void);
-# endif
-# ifndef OPENSSL_NO_SHA512
-const EVP_MD *EVP_sha384(void);
-const EVP_MD *EVP_sha512(void);
-# endif
-# ifndef OPENSSL_NO_MDC2
-const EVP_MD *EVP_mdc2(void);
-# endif
-# ifndef OPENSSL_NO_RIPEMD
-const EVP_MD *EVP_ripemd160(void);
-# endif
-# ifndef OPENSSL_NO_WHIRLPOOL
-const EVP_MD *EVP_whirlpool(void);
-# endif
-const EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */
-# ifndef OPENSSL_NO_DES
-const EVP_CIPHER *EVP_des_ecb(void);
-const EVP_CIPHER *EVP_des_ede(void);
-const EVP_CIPHER *EVP_des_ede3(void);
-const EVP_CIPHER *EVP_des_ede_ecb(void);
-const EVP_CIPHER *EVP_des_ede3_ecb(void);
-const EVP_CIPHER *EVP_des_cfb64(void);
-#  define EVP_des_cfb EVP_des_cfb64
-const EVP_CIPHER *EVP_des_cfb1(void);
-const EVP_CIPHER *EVP_des_cfb8(void);
-const EVP_CIPHER *EVP_des_ede_cfb64(void);
-#  define EVP_des_ede_cfb EVP_des_ede_cfb64
-#  if 0
-const EVP_CIPHER *EVP_des_ede_cfb1(void);
-const EVP_CIPHER *EVP_des_ede_cfb8(void);
-#  endif
-const EVP_CIPHER *EVP_des_ede3_cfb64(void);
-#  define EVP_des_ede3_cfb EVP_des_ede3_cfb64
-const EVP_CIPHER *EVP_des_ede3_cfb1(void);
-const EVP_CIPHER *EVP_des_ede3_cfb8(void);
-const EVP_CIPHER *EVP_des_ofb(void);
-const EVP_CIPHER *EVP_des_ede_ofb(void);
-const EVP_CIPHER *EVP_des_ede3_ofb(void);
-const EVP_CIPHER *EVP_des_cbc(void);
-const EVP_CIPHER *EVP_des_ede_cbc(void);
-const EVP_CIPHER *EVP_des_ede3_cbc(void);
-const EVP_CIPHER *EVP_desx_cbc(void);
-const EVP_CIPHER *EVP_des_ede3_wrap(void);
-/*
- * This should now be supported through the dev_crypto ENGINE. But also, why
- * are rc4 and md5 declarations made here inside a "NO_DES" precompiler
- * branch?
- */
-#  if 0
-#   ifdef OPENSSL_OPENBSD_DEV_CRYPTO
-const EVP_CIPHER *EVP_dev_crypto_des_ede3_cbc(void);
-const EVP_CIPHER *EVP_dev_crypto_rc4(void);
-const EVP_MD *EVP_dev_crypto_md5(void);
-#   endif
-#  endif
-# endif
-# ifndef OPENSSL_NO_RC4
-const EVP_CIPHER *EVP_rc4(void);
-const EVP_CIPHER *EVP_rc4_40(void);
-#  ifndef OPENSSL_NO_MD5
-const EVP_CIPHER *EVP_rc4_hmac_md5(void);
-#  endif
-# endif
-# ifndef OPENSSL_NO_IDEA
-const EVP_CIPHER *EVP_idea_ecb(void);
-const EVP_CIPHER *EVP_idea_cfb64(void);
-#  define EVP_idea_cfb EVP_idea_cfb64
-const EVP_CIPHER *EVP_idea_ofb(void);
-const EVP_CIPHER *EVP_idea_cbc(void);
-# endif
-# ifndef OPENSSL_NO_RC2
-const EVP_CIPHER *EVP_rc2_ecb(void);
-const EVP_CIPHER *EVP_rc2_cbc(void);
-const EVP_CIPHER *EVP_rc2_40_cbc(void);
-const EVP_CIPHER *EVP_rc2_64_cbc(void);
-const EVP_CIPHER *EVP_rc2_cfb64(void);
-#  define EVP_rc2_cfb EVP_rc2_cfb64
-const EVP_CIPHER *EVP_rc2_ofb(void);
-# endif
-# ifndef OPENSSL_NO_BF
-const EVP_CIPHER *EVP_bf_ecb(void);
-const EVP_CIPHER *EVP_bf_cbc(void);
-const EVP_CIPHER *EVP_bf_cfb64(void);
-#  define EVP_bf_cfb EVP_bf_cfb64
-const EVP_CIPHER *EVP_bf_ofb(void);
-# endif
-# ifndef OPENSSL_NO_CAST
-const EVP_CIPHER *EVP_cast5_ecb(void);
-const EVP_CIPHER *EVP_cast5_cbc(void);
-const EVP_CIPHER *EVP_cast5_cfb64(void);
-#  define EVP_cast5_cfb EVP_cast5_cfb64
-const EVP_CIPHER *EVP_cast5_ofb(void);
-# endif
-# ifndef OPENSSL_NO_RC5
-const EVP_CIPHER *EVP_rc5_32_12_16_cbc(void);
-const EVP_CIPHER *EVP_rc5_32_12_16_ecb(void);
-const EVP_CIPHER *EVP_rc5_32_12_16_cfb64(void);
-#  define EVP_rc5_32_12_16_cfb EVP_rc5_32_12_16_cfb64
-const EVP_CIPHER *EVP_rc5_32_12_16_ofb(void);
-# endif
-# ifndef OPENSSL_NO_AES
-const EVP_CIPHER *EVP_aes_128_ecb(void);
-const EVP_CIPHER *EVP_aes_128_cbc(void);
-const EVP_CIPHER *EVP_aes_128_cfb1(void);
-const EVP_CIPHER *EVP_aes_128_cfb8(void);
-const EVP_CIPHER *EVP_aes_128_cfb128(void);
-#  define EVP_aes_128_cfb EVP_aes_128_cfb128
-const EVP_CIPHER *EVP_aes_128_ofb(void);
-const EVP_CIPHER *EVP_aes_128_ctr(void);
-const EVP_CIPHER *EVP_aes_128_ccm(void);
-const EVP_CIPHER *EVP_aes_128_gcm(void);
-const EVP_CIPHER *EVP_aes_128_xts(void);
-const EVP_CIPHER *EVP_aes_128_wrap(void);
-const EVP_CIPHER *EVP_aes_192_ecb(void);
-const EVP_CIPHER *EVP_aes_192_cbc(void);
-const EVP_CIPHER *EVP_aes_192_cfb1(void);
-const EVP_CIPHER *EVP_aes_192_cfb8(void);
-const EVP_CIPHER *EVP_aes_192_cfb128(void);
-#  define EVP_aes_192_cfb EVP_aes_192_cfb128
-const EVP_CIPHER *EVP_aes_192_ofb(void);
-const EVP_CIPHER *EVP_aes_192_ctr(void);
-const EVP_CIPHER *EVP_aes_192_ccm(void);
-const EVP_CIPHER *EVP_aes_192_gcm(void);
-const EVP_CIPHER *EVP_aes_192_wrap(void);
-const EVP_CIPHER *EVP_aes_256_ecb(void);
-const EVP_CIPHER *EVP_aes_256_cbc(void);
-const EVP_CIPHER *EVP_aes_256_cfb1(void);
-const EVP_CIPHER *EVP_aes_256_cfb8(void);
-const EVP_CIPHER *EVP_aes_256_cfb128(void);
-#  define EVP_aes_256_cfb EVP_aes_256_cfb128
-const EVP_CIPHER *EVP_aes_256_ofb(void);
-const EVP_CIPHER *EVP_aes_256_ctr(void);
-const EVP_CIPHER *EVP_aes_256_ccm(void);
-const EVP_CIPHER *EVP_aes_256_gcm(void);
-const EVP_CIPHER *EVP_aes_256_xts(void);
-const EVP_CIPHER *EVP_aes_256_wrap(void);
-#  if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
-const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void);
-const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void);
-#  endif
-#  ifndef OPENSSL_NO_SHA256
-const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha256(void);
-const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha256(void);
-#  endif
-# endif
-# ifndef OPENSSL_NO_CAMELLIA
-const EVP_CIPHER *EVP_camellia_128_ecb(void);
-const EVP_CIPHER *EVP_camellia_128_cbc(void);
-const EVP_CIPHER *EVP_camellia_128_cfb1(void);
-const EVP_CIPHER *EVP_camellia_128_cfb8(void);
-const EVP_CIPHER *EVP_camellia_128_cfb128(void);
-#  define EVP_camellia_128_cfb EVP_camellia_128_cfb128
-const EVP_CIPHER *EVP_camellia_128_ofb(void);
-const EVP_CIPHER *EVP_camellia_192_ecb(void);
-const EVP_CIPHER *EVP_camellia_192_cbc(void);
-const EVP_CIPHER *EVP_camellia_192_cfb1(void);
-const EVP_CIPHER *EVP_camellia_192_cfb8(void);
-const EVP_CIPHER *EVP_camellia_192_cfb128(void);
-#  define EVP_camellia_192_cfb EVP_camellia_192_cfb128
-const EVP_CIPHER *EVP_camellia_192_ofb(void);
-const EVP_CIPHER *EVP_camellia_256_ecb(void);
-const EVP_CIPHER *EVP_camellia_256_cbc(void);
-const EVP_CIPHER *EVP_camellia_256_cfb1(void);
-const EVP_CIPHER *EVP_camellia_256_cfb8(void);
-const EVP_CIPHER *EVP_camellia_256_cfb128(void);
-#  define EVP_camellia_256_cfb EVP_camellia_256_cfb128
-const EVP_CIPHER *EVP_camellia_256_ofb(void);
-# endif
-
-# ifndef OPENSSL_NO_SEED
-const EVP_CIPHER *EVP_seed_ecb(void);
-const EVP_CIPHER *EVP_seed_cbc(void);
-const EVP_CIPHER *EVP_seed_cfb128(void);
-#  define EVP_seed_cfb EVP_seed_cfb128
-const EVP_CIPHER *EVP_seed_ofb(void);
-# endif
-
-void OPENSSL_add_all_algorithms_noconf(void);
-void OPENSSL_add_all_algorithms_conf(void);
-
-# ifdef OPENSSL_LOAD_CONF
-#  define OpenSSL_add_all_algorithms() \
-                OPENSSL_add_all_algorithms_conf()
-# else
-#  define OpenSSL_add_all_algorithms() \
-                OPENSSL_add_all_algorithms_noconf()
-# endif
-
-void OpenSSL_add_all_ciphers(void);
-void OpenSSL_add_all_digests(void);
-# define SSLeay_add_all_algorithms() OpenSSL_add_all_algorithms()
-# define SSLeay_add_all_ciphers() OpenSSL_add_all_ciphers()
-# define SSLeay_add_all_digests() OpenSSL_add_all_digests()
-
-int EVP_add_cipher(const EVP_CIPHER *cipher);
-int EVP_add_digest(const EVP_MD *digest);
-
-const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
-const EVP_MD *EVP_get_digestbyname(const char *name);
-void EVP_cleanup(void);
-
-void EVP_CIPHER_do_all(void (*fn) (const EVP_CIPHER *ciph,
-                                   const char *from, const char *to, void *x),
-                       void *arg);
-void EVP_CIPHER_do_all_sorted(void (*fn)
-                               (const EVP_CIPHER *ciph, const char *from,
-                                const char *to, void *x), void *arg);
-
-void EVP_MD_do_all(void (*fn) (const EVP_MD *ciph,
-                               const char *from, const char *to, void *x),
-                   void *arg);
-void EVP_MD_do_all_sorted(void (*fn)
-                           (const EVP_MD *ciph, const char *from,
-                            const char *to, void *x), void *arg);
-
-int EVP_PKEY_decrypt_old(unsigned char *dec_key,
-                         const unsigned char *enc_key, int enc_key_len,
-                         EVP_PKEY *private_key);
-int EVP_PKEY_encrypt_old(unsigned char *enc_key,
-                         const unsigned char *key, int key_len,
-                         EVP_PKEY *pub_key);
-int EVP_PKEY_type(int type);
-int EVP_PKEY_id(const EVP_PKEY *pkey);
-int EVP_PKEY_base_id(const EVP_PKEY *pkey);
-int EVP_PKEY_bits(EVP_PKEY *pkey);
-int EVP_PKEY_size(EVP_PKEY *pkey);
-int EVP_PKEY_set_type(EVP_PKEY *pkey, int type);
-int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len);
-int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key);
-void *EVP_PKEY_get0(EVP_PKEY *pkey);
-
-# ifndef OPENSSL_NO_RSA
-struct rsa_st;
-int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, struct rsa_st *key);
-struct rsa_st *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
-# endif
-# ifndef OPENSSL_NO_DSA
-struct dsa_st;
-int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, struct dsa_st *key);
-struct dsa_st *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
-# endif
-# ifndef OPENSSL_NO_DH
-struct dh_st;
-int EVP_PKEY_set1_DH(EVP_PKEY *pkey, struct dh_st *key);
-struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
-# endif
-# ifndef OPENSSL_NO_EC
-struct ec_key_st;
-int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, struct ec_key_st *key);
-struct ec_key_st *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
-# endif
-
-EVP_PKEY *EVP_PKEY_new(void);
-void EVP_PKEY_free(EVP_PKEY *pkey);
-
-EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
-                        long length);
-int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
-
-EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
-                         long length);
-EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
-                             long length);
-int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
-
-int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from);
-int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey);
-int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode);
-int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
-
-int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);
-
-int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
-                          int indent, ASN1_PCTX *pctx);
-int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
-                           int indent, ASN1_PCTX *pctx);
-int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
-                          int indent, ASN1_PCTX *pctx);
-
-int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
-
-int EVP_CIPHER_type(const EVP_CIPHER *ctx);
-
-/* calls methods */
-int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-
-/* These are used by EVP_CIPHER methods */
-int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-
-/* PKCS5 password based encryption */
-int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-                       ASN1_TYPE *param, const EVP_CIPHER *cipher,
-                       const EVP_MD *md, int en_de);
-int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
-                           const unsigned char *salt, int saltlen, int iter,
-                           int keylen, unsigned char *out);
-int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
-                      const unsigned char *salt, int saltlen, int iter,
-                      const EVP_MD *digest, int keylen, unsigned char *out);
-int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-                          ASN1_TYPE *param, const EVP_CIPHER *cipher,
-                          const EVP_MD *md, int en_de);
-
-void PKCS5_PBE_add(void);
-
-int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
-                       ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
-
-/* PBE type */
-
-/* Can appear as the outermost AlgorithmIdentifier */
-# define EVP_PBE_TYPE_OUTER      0x0
-/* Is an PRF type OID */
-# define EVP_PBE_TYPE_PRF        0x1
-
-int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid,
-                         int md_nid, EVP_PBE_KEYGEN *keygen);
-int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
-                    EVP_PBE_KEYGEN *keygen);
-int EVP_PBE_find(int type, int pbe_nid, int *pcnid, int *pmnid,
-                 EVP_PBE_KEYGEN **pkeygen);
-void EVP_PBE_cleanup(void);
-
-# define ASN1_PKEY_ALIAS         0x1
-# define ASN1_PKEY_DYNAMIC       0x2
-# define ASN1_PKEY_SIGPARAM_NULL 0x4
-
-# define ASN1_PKEY_CTRL_PKCS7_SIGN       0x1
-# define ASN1_PKEY_CTRL_PKCS7_ENCRYPT    0x2
-# define ASN1_PKEY_CTRL_DEFAULT_MD_NID   0x3
-# define ASN1_PKEY_CTRL_CMS_SIGN         0x5
-# define ASN1_PKEY_CTRL_CMS_ENVELOPE     0x7
-# define ASN1_PKEY_CTRL_CMS_RI_TYPE      0x8
-
-int EVP_PKEY_asn1_get_count(void);
-const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);
-const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type);
-const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
-                                                   const char *str, int len);
-int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
-int EVP_PKEY_asn1_add_alias(int to, int from);
-int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id,
-                            int *ppkey_flags, const char **pinfo,
-                            const char **ppem_str,
-                            const EVP_PKEY_ASN1_METHOD *ameth);
-
-const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(EVP_PKEY *pkey);
-EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
-                                        const char *pem_str,
-                                        const char *info);
-void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
-                        const EVP_PKEY_ASN1_METHOD *src);
-void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
-void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
-                              int (*pub_decode) (EVP_PKEY *pk,
-                                                 X509_PUBKEY *pub),
-                              int (*pub_encode) (X509_PUBKEY *pub,
-                                                 const EVP_PKEY *pk),
-                              int (*pub_cmp) (const EVP_PKEY *a,
-                                              const EVP_PKEY *b),
-                              int (*pub_print) (BIO *out,
-                                                const EVP_PKEY *pkey,
-                                                int indent, ASN1_PCTX *pctx),
-                              int (*pkey_size) (const EVP_PKEY *pk),
-                              int (*pkey_bits) (const EVP_PKEY *pk));
-void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
-                               int (*priv_decode) (EVP_PKEY *pk,
-                                                   PKCS8_PRIV_KEY_INFO
-                                                   *p8inf),
-                               int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
-                                                   const EVP_PKEY *pk),
-                               int (*priv_print) (BIO *out,
-                                                  const EVP_PKEY *pkey,
-                                                  int indent,
-                                                  ASN1_PCTX *pctx));
-void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
-                             int (*param_decode) (EVP_PKEY *pkey,
-                                                  const unsigned char **pder,
-                                                  int derlen),
-                             int (*param_encode) (const EVP_PKEY *pkey,
-                                                  unsigned char **pder),
-                             int (*param_missing) (const EVP_PKEY *pk),
-                             int (*param_copy) (EVP_PKEY *to,
-                                                const EVP_PKEY *from),
-                             int (*param_cmp) (const EVP_PKEY *a,
-                                               const EVP_PKEY *b),
-                             int (*param_print) (BIO *out,
-                                                 const EVP_PKEY *pkey,
-                                                 int indent,
-                                                 ASN1_PCTX *pctx));
-
-void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
-                            void (*pkey_free) (EVP_PKEY *pkey));
-void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
-                            int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
-                                              long arg1, void *arg2));
-void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
-                            int (*item_verify) (EVP_MD_CTX *ctx,
-                                                const ASN1_ITEM *it,
-                                                void *asn,
-                                                X509_ALGOR *a,
-                                                ASN1_BIT_STRING *sig,
-                                                EVP_PKEY *pkey),
-                            int (*item_sign) (EVP_MD_CTX *ctx,
-                                              const ASN1_ITEM *it,
-                                              void *asn,
-                                              X509_ALGOR *alg1,
-                                              X509_ALGOR *alg2,
-                                              ASN1_BIT_STRING *sig));
-
-# define EVP_PKEY_OP_UNDEFINED           0
-# define EVP_PKEY_OP_PARAMGEN            (1<<1)
-# define EVP_PKEY_OP_KEYGEN              (1<<2)
-# define EVP_PKEY_OP_SIGN                (1<<3)
-# define EVP_PKEY_OP_VERIFY              (1<<4)
-# define EVP_PKEY_OP_VERIFYRECOVER       (1<<5)
-# define EVP_PKEY_OP_SIGNCTX             (1<<6)
-# define EVP_PKEY_OP_VERIFYCTX           (1<<7)
-# define EVP_PKEY_OP_ENCRYPT             (1<<8)
-# define EVP_PKEY_OP_DECRYPT             (1<<9)
-# define EVP_PKEY_OP_DERIVE              (1<<10)
-
-# define EVP_PKEY_OP_TYPE_SIG    \
-        (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \
-                | EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX)
-
-# define EVP_PKEY_OP_TYPE_CRYPT \
-        (EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT)
-
-# define EVP_PKEY_OP_TYPE_NOGEN \
-        (EVP_PKEY_OP_SIG | EVP_PKEY_OP_CRYPT | EVP_PKEY_OP_DERIVE)
-
-# define EVP_PKEY_OP_TYPE_GEN \
-                (EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN)
-
-# define  EVP_PKEY_CTX_set_signature_md(ctx, md) \
-                EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG,  \
-                                        EVP_PKEY_CTRL_MD, 0, (void *)md)
-
-# define  EVP_PKEY_CTX_get_signature_md(ctx, pmd)        \
-                EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG,  \
-                                        EVP_PKEY_CTRL_GET_MD, 0, (void *)pmd)
-
-# define EVP_PKEY_CTRL_MD                1
-# define EVP_PKEY_CTRL_PEER_KEY          2
-
-# define EVP_PKEY_CTRL_PKCS7_ENCRYPT     3
-# define EVP_PKEY_CTRL_PKCS7_DECRYPT     4
-
-# define EVP_PKEY_CTRL_PKCS7_SIGN        5
-
-# define EVP_PKEY_CTRL_SET_MAC_KEY       6
-
-# define EVP_PKEY_CTRL_DIGESTINIT        7
-
-/* Used by GOST key encryption in TLS */
-# define EVP_PKEY_CTRL_SET_IV            8
-
-# define EVP_PKEY_CTRL_CMS_ENCRYPT       9
-# define EVP_PKEY_CTRL_CMS_DECRYPT       10
-# define EVP_PKEY_CTRL_CMS_SIGN          11
-
-# define EVP_PKEY_CTRL_CIPHER            12
-
-# define EVP_PKEY_CTRL_GET_MD            13
-
-# define EVP_PKEY_ALG_CTRL               0x1000
-
-# define EVP_PKEY_FLAG_AUTOARGLEN        2
-/*
- * Method handles all operations: don't assume any digest related defaults.
- */
-# define EVP_PKEY_FLAG_SIGCTX_CUSTOM     4
-
-const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
-EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
-void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
-                             const EVP_PKEY_METHOD *meth);
-void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
-void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
-int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
-
-EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
-EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
-EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx);
-void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
-
-int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
-                      int cmd, int p1, void *p2);
-int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
-                          const char *value);
-
-int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx);
-void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen);
-
-EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
-                               const unsigned char *key, int keylen);
-
-void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data);
-void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx);
-EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx);
-
-EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx);
-
-void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
-void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
-
-int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
-                  unsigned char *sig, size_t *siglen,
-                  const unsigned char *tbs, size_t tbslen);
-int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
-                    const unsigned char *sig, size_t siglen,
-                    const unsigned char *tbs, size_t tbslen);
-int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
-                            unsigned char *rout, size_t *routlen,
-                            const unsigned char *sig, size_t siglen);
-int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
-                     unsigned char *out, size_t *outlen,
-                     const unsigned char *in, size_t inlen);
-int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
-                     unsigned char *out, size_t *outlen,
-                     const unsigned char *in, size_t inlen);
-
-int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
-int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
-
-typedef int EVP_PKEY_gen_cb (EVP_PKEY_CTX *ctx);
-
-int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
-int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
-
-void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
-EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
-
-int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
-
-void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
-                            int (*init) (EVP_PKEY_CTX *ctx));
-
-void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
-                            int (*copy) (EVP_PKEY_CTX *dst,
-                                         EVP_PKEY_CTX *src));
-
-void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
-                               void (*cleanup) (EVP_PKEY_CTX *ctx));
-
-void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
-                                int (*paramgen_init) (EVP_PKEY_CTX *ctx),
-                                int (*paramgen) (EVP_PKEY_CTX *ctx,
-                                                 EVP_PKEY *pkey));
-
-void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
-                              int (*keygen_init) (EVP_PKEY_CTX *ctx),
-                              int (*keygen) (EVP_PKEY_CTX *ctx,
-                                             EVP_PKEY *pkey));
-
-void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
-                            int (*sign_init) (EVP_PKEY_CTX *ctx),
-                            int (*sign) (EVP_PKEY_CTX *ctx,
-                                         unsigned char *sig, size_t *siglen,
-                                         const unsigned char *tbs,
-                                         size_t tbslen));
-
-void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
-                              int (*verify_init) (EVP_PKEY_CTX *ctx),
-                              int (*verify) (EVP_PKEY_CTX *ctx,
-                                             const unsigned char *sig,
-                                             size_t siglen,
-                                             const unsigned char *tbs,
-                                             size_t tbslen));
-
-void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
-                                      int (*verify_recover_init) (EVP_PKEY_CTX
-                                                                  *ctx),
-                                      int (*verify_recover) (EVP_PKEY_CTX
-                                                             *ctx,
-                                                             unsigned char
-                                                             *sig,
-                                                             size_t *siglen,
-                                                             const unsigned
-                                                             char *tbs,
-                                                             size_t tbslen));
-
-void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
-                               int (*signctx_init) (EVP_PKEY_CTX *ctx,
-                                                    EVP_MD_CTX *mctx),
-                               int (*signctx) (EVP_PKEY_CTX *ctx,
-                                               unsigned char *sig,
-                                               size_t *siglen,
-                                               EVP_MD_CTX *mctx));
-
-void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
-                                 int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
-                                                        EVP_MD_CTX *mctx),
-                                 int (*verifyctx) (EVP_PKEY_CTX *ctx,
-                                                   const unsigned char *sig,
-                                                   int siglen,
-                                                   EVP_MD_CTX *mctx));
-
-void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
-                               int (*encrypt_init) (EVP_PKEY_CTX *ctx),
-                               int (*encryptfn) (EVP_PKEY_CTX *ctx,
-                                                 unsigned char *out,
-                                                 size_t *outlen,
-                                                 const unsigned char *in,
-                                                 size_t inlen));
-
-void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
-                               int (*decrypt_init) (EVP_PKEY_CTX *ctx),
-                               int (*decrypt) (EVP_PKEY_CTX *ctx,
-                                               unsigned char *out,
-                                               size_t *outlen,
-                                               const unsigned char *in,
-                                               size_t inlen));
-
-void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
-                              int (*derive_init) (EVP_PKEY_CTX *ctx),
-                              int (*derive) (EVP_PKEY_CTX *ctx,
-                                             unsigned char *key,
-                                             size_t *keylen));
-
-void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
-                            int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
-                                         void *p2),
-                            int (*ctrl_str) (EVP_PKEY_CTX *ctx,
-                                             const char *type,
-                                             const char *value));
-
-void EVP_add_alg_module(void);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-void ERR_load_EVP_strings(void);
-
-/* Error codes for the EVP functions. */
-
-/* Function codes. */
-# define EVP_F_AESNI_INIT_KEY                             165
-# define EVP_F_AESNI_XTS_CIPHER                           176
-# define EVP_F_AES_INIT_KEY                               133
-# define EVP_F_AES_T4_INIT_KEY                            178
-# define EVP_F_AES_XTS                                    172
-# define EVP_F_AES_XTS_CIPHER                             175
-# define EVP_F_ALG_MODULE_INIT                            177
-# define EVP_F_CAMELLIA_INIT_KEY                          159
-# define EVP_F_CMAC_INIT                                  173
-# define EVP_F_CMLL_T4_INIT_KEY                           179
-# define EVP_F_D2I_PKEY                                   100
-# define EVP_F_DO_SIGVER_INIT                             161
-# define EVP_F_DSAPKEY2PKCS8                              134
-# define EVP_F_DSA_PKEY2PKCS8                             135
-# define EVP_F_ECDSA_PKEY2PKCS8                           129
-# define EVP_F_ECKEY_PKEY2PKCS8                           132
-# define EVP_F_EVP_CIPHERINIT_EX                          123
-# define EVP_F_EVP_CIPHER_CTX_COPY                        163
-# define EVP_F_EVP_CIPHER_CTX_CTRL                        124
-# define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH              122
-# define EVP_F_EVP_DECRYPTFINAL_EX                        101
-# define EVP_F_EVP_DIGESTINIT_EX                          128
-# define EVP_F_EVP_ENCRYPTFINAL_EX                        127
-# define EVP_F_EVP_MD_CTX_COPY_EX                         110
-# define EVP_F_EVP_MD_SIZE                                162
-# define EVP_F_EVP_OPENINIT                               102
-# define EVP_F_EVP_PBE_ALG_ADD                            115
-# define EVP_F_EVP_PBE_ALG_ADD_TYPE                       160
-# define EVP_F_EVP_PBE_CIPHERINIT                         116
-# define EVP_F_EVP_PKCS82PKEY                             111
-# define EVP_F_EVP_PKCS82PKEY_BROKEN                      136
-# define EVP_F_EVP_PKEY2PKCS8_BROKEN                      113
-# define EVP_F_EVP_PKEY_COPY_PARAMETERS                   103
-# define EVP_F_EVP_PKEY_CTX_CTRL                          137
-# define EVP_F_EVP_PKEY_CTX_CTRL_STR                      150
-# define EVP_F_EVP_PKEY_CTX_DUP                           156
-# define EVP_F_EVP_PKEY_DECRYPT                           104
-# define EVP_F_EVP_PKEY_DECRYPT_INIT                      138
-# define EVP_F_EVP_PKEY_DECRYPT_OLD                       151
-# define EVP_F_EVP_PKEY_DERIVE                            153
-# define EVP_F_EVP_PKEY_DERIVE_INIT                       154
-# define EVP_F_EVP_PKEY_DERIVE_SET_PEER                   155
-# define EVP_F_EVP_PKEY_ENCRYPT                           105
-# define EVP_F_EVP_PKEY_ENCRYPT_INIT                      139
-# define EVP_F_EVP_PKEY_ENCRYPT_OLD                       152
-# define EVP_F_EVP_PKEY_GET1_DH                           119
-# define EVP_F_EVP_PKEY_GET1_DSA                          120
-# define EVP_F_EVP_PKEY_GET1_ECDSA                        130
-# define EVP_F_EVP_PKEY_GET1_EC_KEY                       131
-# define EVP_F_EVP_PKEY_GET1_RSA                          121
-# define EVP_F_EVP_PKEY_KEYGEN                            146
-# define EVP_F_EVP_PKEY_KEYGEN_INIT                       147
-# define EVP_F_EVP_PKEY_NEW                               106
-# define EVP_F_EVP_PKEY_PARAMGEN                          148
-# define EVP_F_EVP_PKEY_PARAMGEN_INIT                     149
-# define EVP_F_EVP_PKEY_SIGN                              140
-# define EVP_F_EVP_PKEY_SIGN_INIT                         141
-# define EVP_F_EVP_PKEY_VERIFY                            142
-# define EVP_F_EVP_PKEY_VERIFY_INIT                       143
-# define EVP_F_EVP_PKEY_VERIFY_RECOVER                    144
-# define EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT               145
-# define EVP_F_EVP_RIJNDAEL                               126
-# define EVP_F_EVP_SIGNFINAL                              107
-# define EVP_F_EVP_VERIFYFINAL                            108
-# define EVP_F_FIPS_CIPHERINIT                            166
-# define EVP_F_FIPS_CIPHER_CTX_COPY                       170
-# define EVP_F_FIPS_CIPHER_CTX_CTRL                       167
-# define EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH             171
-# define EVP_F_FIPS_DIGESTINIT                            168
-# define EVP_F_FIPS_MD_CTX_COPY                           169
-# define EVP_F_HMAC_INIT_EX                               174
-# define EVP_F_INT_CTX_NEW                                157
-# define EVP_F_PKCS5_PBE_KEYIVGEN                         117
-# define EVP_F_PKCS5_V2_PBE_KEYIVGEN                      118
-# define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN                   164
-# define EVP_F_PKCS8_SET_BROKEN                           112
-# define EVP_F_PKEY_SET_TYPE                              158
-# define EVP_F_RC2_MAGIC_TO_METH                          109
-# define EVP_F_RC5_CTRL                                   125
-
-/* Reason codes. */
-# define EVP_R_AES_IV_SETUP_FAILED                        162
-# define EVP_R_AES_KEY_SETUP_FAILED                       143
-# define EVP_R_ASN1_LIB                                   140
-# define EVP_R_BAD_BLOCK_LENGTH                           136
-# define EVP_R_BAD_DECRYPT                                100
-# define EVP_R_BAD_KEY_LENGTH                             137
-# define EVP_R_BN_DECODE_ERROR                            112
-# define EVP_R_BN_PUBKEY_ERROR                            113
-# define EVP_R_BUFFER_TOO_SMALL                           155
-# define EVP_R_CAMELLIA_KEY_SETUP_FAILED                  157
-# define EVP_R_CIPHER_PARAMETER_ERROR                     122
-# define EVP_R_COMMAND_NOT_SUPPORTED                      147
-# define EVP_R_CTRL_NOT_IMPLEMENTED                       132
-# define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED             133
-# define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH          138
-# define EVP_R_DECODE_ERROR                               114
-# define EVP_R_DIFFERENT_KEY_TYPES                        101
-# define EVP_R_DIFFERENT_PARAMETERS                       153
-# define EVP_R_DISABLED_FOR_FIPS                          163
-# define EVP_R_ENCODE_ERROR                               115
-# define EVP_R_ERROR_LOADING_SECTION                      165
-# define EVP_R_ERROR_SETTING_FIPS_MODE                    166
-# define EVP_R_EVP_PBE_CIPHERINIT_ERROR                   119
-# define EVP_R_EXPECTING_AN_RSA_KEY                       127
-# define EVP_R_EXPECTING_A_DH_KEY                         128
-# define EVP_R_EXPECTING_A_DSA_KEY                        129
-# define EVP_R_EXPECTING_A_ECDSA_KEY                      141
-# define EVP_R_EXPECTING_A_EC_KEY                         142
-# define EVP_R_FIPS_MODE_NOT_SUPPORTED                    167
-# define EVP_R_INITIALIZATION_ERROR                       134
-# define EVP_R_INPUT_NOT_INITIALIZED                      111
-# define EVP_R_INVALID_DIGEST                             152
-# define EVP_R_INVALID_FIPS_MODE                          168
-# define EVP_R_INVALID_KEY                                171
-# define EVP_R_INVALID_KEY_LENGTH                         130
-# define EVP_R_INVALID_OPERATION                          148
-# define EVP_R_IV_TOO_LARGE                               102
-# define EVP_R_KEYGEN_FAILURE                             120
-# define EVP_R_MESSAGE_DIGEST_IS_NULL                     159
-# define EVP_R_METHOD_NOT_SUPPORTED                       144
-# define EVP_R_MISSING_PARAMETERS                         103
-# define EVP_R_NO_CIPHER_SET                              131
-# define EVP_R_NO_DEFAULT_DIGEST                          158
-# define EVP_R_NO_DIGEST_SET                              139
-# define EVP_R_NO_DSA_PARAMETERS                          116
-# define EVP_R_NO_KEY_SET                                 154
-# define EVP_R_NO_OPERATION_SET                           149
-# define EVP_R_NO_SIGN_FUNCTION_CONFIGURED                104
-# define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED              105
-# define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE   150
-# define EVP_R_OPERATON_NOT_INITIALIZED                   151
-# define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE                  117
-# define EVP_R_PRIVATE_KEY_DECODE_ERROR                   145
-# define EVP_R_PRIVATE_KEY_ENCODE_ERROR                   146
-# define EVP_R_PUBLIC_KEY_NOT_RSA                         106
-# define EVP_R_TOO_LARGE                                  164
-# define EVP_R_UNKNOWN_CIPHER                             160
-# define EVP_R_UNKNOWN_DIGEST                             161
-# define EVP_R_UNKNOWN_OPTION                             169
-# define EVP_R_UNKNOWN_PBE_ALGORITHM                      121
-# define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS                135
-# define EVP_R_UNSUPPORTED_ALGORITHM                      156
-# define EVP_R_UNSUPPORTED_CIPHER                         107
-# define EVP_R_UNSUPPORTED_KEYLENGTH                      123
-# define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION        124
-# define EVP_R_UNSUPPORTED_KEY_SIZE                       108
-# define EVP_R_UNSUPPORTED_PRF                            125
-# define EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM          118
-# define EVP_R_UNSUPPORTED_SALT_TYPE                      126
-# define EVP_R_WRAP_MODE_NOT_ALLOWED                      170
-# define EVP_R_WRONG_FINAL_BLOCK_LENGTH                   109
-# define EVP_R_WRONG_PUBLIC_KEY_TYPE                      110
-
-# ifdef  __cplusplus
-}
-# endif
-#endif
diff --git a/thirdparty/openssl/openssl/hmac.h b/thirdparty/openssl/openssl/hmac.h
deleted file mode 100644
index b8b55cda7d..0000000000
--- a/thirdparty/openssl/openssl/hmac.h
+++ /dev/null
@@ -1,109 +0,0 @@
-/* crypto/hmac/hmac.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#ifndef HEADER_HMAC_H
-# define HEADER_HMAC_H
-
-# include <openssl/opensslconf.h>
-
-# ifdef OPENSSL_NO_HMAC
-#  error HMAC is disabled.
-# endif
-
-# include <openssl/evp.h>
-
-# define HMAC_MAX_MD_CBLOCK      128/* largest known is SHA512 */
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct hmac_ctx_st {
-    const EVP_MD *md;
-    EVP_MD_CTX md_ctx;
-    EVP_MD_CTX i_ctx;
-    EVP_MD_CTX o_ctx;
-    unsigned int key_length;
-    unsigned char key[HMAC_MAX_MD_CBLOCK];
-} HMAC_CTX;
-
-# define HMAC_size(e)    (EVP_MD_size((e)->md))
-
-void HMAC_CTX_init(HMAC_CTX *ctx);
-void HMAC_CTX_cleanup(HMAC_CTX *ctx);
-
-/* deprecated */
-# define HMAC_cleanup(ctx) HMAC_CTX_cleanup(ctx)
-
-/* deprecated */
-int HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md);
-int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
-                 const EVP_MD *md, ENGINE *impl);
-int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len);
-int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
-unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
-                    const unsigned char *d, size_t n, unsigned char *md,
-                    unsigned int *md_len);
-int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
-
-void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/openssl/idea.h b/thirdparty/openssl/openssl/idea.h
deleted file mode 100644
index 6075984039..0000000000
--- a/thirdparty/openssl/openssl/idea.h
+++ /dev/null
@@ -1,105 +0,0 @@
-/* crypto/idea/idea.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_IDEA_H
-# define HEADER_IDEA_H
-
-# include <openssl/opensslconf.h>/* IDEA_INT, OPENSSL_NO_IDEA */
-
-# ifdef OPENSSL_NO_IDEA
-#  error IDEA is disabled.
-# endif
-
-# define IDEA_ENCRYPT    1
-# define IDEA_DECRYPT    0
-
-# define IDEA_BLOCK      8
-# define IDEA_KEY_LENGTH 16
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct idea_key_st {
-    IDEA_INT data[9][6];
-} IDEA_KEY_SCHEDULE;
-
-const char *idea_options(void);
-void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
-                      IDEA_KEY_SCHEDULE *ks);
-# ifdef OPENSSL_FIPS
-void private_idea_set_encrypt_key(const unsigned char *key,
-                                  IDEA_KEY_SCHEDULE *ks);
-# endif
-void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
-void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
-void idea_cbc_encrypt(const unsigned char *in, unsigned char *out,
-                      long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
-                      int enc);
-void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-                        long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
-                        int *num, int enc);
-void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-                        long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
-                        int *num);
-void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks);
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/openssl/krb5_asn.h b/thirdparty/openssl/openssl/krb5_asn.h
deleted file mode 100644
index 9cf5a26dd8..0000000000
--- a/thirdparty/openssl/openssl/krb5_asn.h
+++ /dev/null
@@ -1,240 +0,0 @@
-/* krb5_asn.h */
-/*
- * Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project, **
- * using ocsp/{*.h,*asn*.c} as a starting point
- */
-
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_KRB5_ASN_H
-# define HEADER_KRB5_ASN_H
-
-/*
- * #include <krb5.h>
- */
-# include <openssl/safestack.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/*
- * ASN.1 from Kerberos RFC 1510
- */
-
-/*-     EncryptedData ::=   SEQUENCE {
- *              etype[0]                      INTEGER, -- EncryptionType
- *              kvno[1]                       INTEGER OPTIONAL,
- *              cipher[2]                     OCTET STRING -- ciphertext
- *      }
- */
-typedef struct krb5_encdata_st {
-    ASN1_INTEGER *etype;
-    ASN1_INTEGER *kvno;
-    ASN1_OCTET_STRING *cipher;
-} KRB5_ENCDATA;
-
-DECLARE_STACK_OF(KRB5_ENCDATA)
-
-/*-     PrincipalName ::=   SEQUENCE {
- *              name-type[0]                  INTEGER,
- *              name-string[1]                SEQUENCE OF GeneralString
- *      }
- */
-typedef struct krb5_princname_st {
-    ASN1_INTEGER *nametype;
-    STACK_OF(ASN1_GENERALSTRING) *namestring;
-} KRB5_PRINCNAME;
-
-DECLARE_STACK_OF(KRB5_PRINCNAME)
-
-/*-     Ticket ::=      [APPLICATION 1] SEQUENCE {
- *              tkt-vno[0]                    INTEGER,
- *              realm[1]                      Realm,
- *              sname[2]                      PrincipalName,
- *              enc-part[3]                   EncryptedData
- *      }
- */
-typedef struct krb5_tktbody_st {
-    ASN1_INTEGER *tktvno;
-    ASN1_GENERALSTRING *realm;
-    KRB5_PRINCNAME *sname;
-    KRB5_ENCDATA *encdata;
-} KRB5_TKTBODY;
-
-typedef STACK_OF(KRB5_TKTBODY) KRB5_TICKET;
-DECLARE_STACK_OF(KRB5_TKTBODY)
-
-/*-     AP-REQ ::=      [APPLICATION 14] SEQUENCE {
- *              pvno[0]                       INTEGER,
- *              msg-type[1]                   INTEGER,
- *              ap-options[2]                 APOptions,
- *              ticket[3]                     Ticket,
- *              authenticator[4]              EncryptedData
- *      }
- *
- *      APOptions ::=   BIT STRING {
- *              reserved(0), use-session-key(1), mutual-required(2) }
- */
-typedef struct krb5_ap_req_st {
-    ASN1_INTEGER *pvno;
-    ASN1_INTEGER *msgtype;
-    ASN1_BIT_STRING *apoptions;
-    KRB5_TICKET *ticket;
-    KRB5_ENCDATA *authenticator;
-} KRB5_APREQBODY;
-
-typedef STACK_OF(KRB5_APREQBODY) KRB5_APREQ;
-DECLARE_STACK_OF(KRB5_APREQBODY)
-
-/*      Authenticator Stuff     */
-
-/*-     Checksum ::=   SEQUENCE {
- *              cksumtype[0]                  INTEGER,
- *              checksum[1]                   OCTET STRING
- *      }
- */
-typedef struct krb5_checksum_st {
-    ASN1_INTEGER *ctype;
-    ASN1_OCTET_STRING *checksum;
-} KRB5_CHECKSUM;
-
-DECLARE_STACK_OF(KRB5_CHECKSUM)
-
-/*-     EncryptionKey ::=   SEQUENCE {
- *              keytype[0]                    INTEGER,
- *              keyvalue[1]                   OCTET STRING
- *      }
- */
-typedef struct krb5_encryptionkey_st {
-    ASN1_INTEGER *ktype;
-    ASN1_OCTET_STRING *keyvalue;
-} KRB5_ENCKEY;
-
-DECLARE_STACK_OF(KRB5_ENCKEY)
-
-/*-     AuthorizationData ::=   SEQUENCE OF SEQUENCE {
- *              ad-type[0]                    INTEGER,
- *              ad-data[1]                    OCTET STRING
- *      }
- */
-typedef struct krb5_authorization_st {
-    ASN1_INTEGER *adtype;
-    ASN1_OCTET_STRING *addata;
-} KRB5_AUTHDATA;
-
-DECLARE_STACK_OF(KRB5_AUTHDATA)
-
-/*-     -- Unencrypted authenticator
- *      Authenticator ::=    [APPLICATION 2] SEQUENCE    {
- *              authenticator-vno[0]          INTEGER,
- *              crealm[1]                     Realm,
- *              cname[2]                      PrincipalName,
- *              cksum[3]                      Checksum OPTIONAL,
- *              cusec[4]                      INTEGER,
- *              ctime[5]                      KerberosTime,
- *              subkey[6]                     EncryptionKey OPTIONAL,
- *              seq-number[7]                 INTEGER OPTIONAL,
- *              authorization-data[8]         AuthorizationData OPTIONAL
- *      }
- */
-typedef struct krb5_authenticator_st {
-    ASN1_INTEGER *avno;
-    ASN1_GENERALSTRING *crealm;
-    KRB5_PRINCNAME *cname;
-    KRB5_CHECKSUM *cksum;
-    ASN1_INTEGER *cusec;
-    ASN1_GENERALIZEDTIME *ctime;
-    KRB5_ENCKEY *subkey;
-    ASN1_INTEGER *seqnum;
-    KRB5_AUTHDATA *authorization;
-} KRB5_AUTHENTBODY;
-
-typedef STACK_OF(KRB5_AUTHENTBODY) KRB5_AUTHENT;
-DECLARE_STACK_OF(KRB5_AUTHENTBODY)
-
-/*-  DECLARE_ASN1_FUNCTIONS(type) = DECLARE_ASN1_FUNCTIONS_name(type, type) =
- *      type *name##_new(void);
- *      void name##_free(type *a);
- *      DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) =
- *       DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) =
- *        type *d2i_##name(type **a, const unsigned char **in, long len);
- *        int i2d_##name(type *a, unsigned char **out);
- *        DECLARE_ASN1_ITEM(itname) = OPENSSL_EXTERN const ASN1_ITEM itname##_it
- */
-
-DECLARE_ASN1_FUNCTIONS(KRB5_ENCDATA)
-DECLARE_ASN1_FUNCTIONS(KRB5_PRINCNAME)
-DECLARE_ASN1_FUNCTIONS(KRB5_TKTBODY)
-DECLARE_ASN1_FUNCTIONS(KRB5_APREQBODY)
-DECLARE_ASN1_FUNCTIONS(KRB5_TICKET)
-DECLARE_ASN1_FUNCTIONS(KRB5_APREQ)
-
-DECLARE_ASN1_FUNCTIONS(KRB5_CHECKSUM)
-DECLARE_ASN1_FUNCTIONS(KRB5_ENCKEY)
-DECLARE_ASN1_FUNCTIONS(KRB5_AUTHDATA)
-DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENTBODY)
-DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENT)
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/kssl.h b/thirdparty/openssl/openssl/kssl.h
deleted file mode 100644
index ae8a51f472..0000000000
--- a/thirdparty/openssl/openssl/kssl.h
+++ /dev/null
@@ -1,197 +0,0 @@
-/* ssl/kssl.h */
-/*
- * Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project
- * 2000. project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- **      19990701        VRS     Started.
- */
-
-#ifndef KSSL_H
-# define KSSL_H
-
-# include <openssl/opensslconf.h>
-
-# ifndef OPENSSL_NO_KRB5
-
-#  include <stdio.h>
-#  include <ctype.h>
-#  include <krb5.h>
-#  ifdef OPENSSL_SYS_WIN32
-/*
- * These can sometimes get redefined indirectly by krb5 header files after
- * they get undefed in ossl_typ.h
- */
-#   undef X509_NAME
-#   undef X509_EXTENSIONS
-#   undef OCSP_REQUEST
-#   undef OCSP_RESPONSE
-#  endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/*
- *      Depending on which KRB5 implementation used, some types from
- *      the other may be missing.  Resolve that here and now
- */
-#  ifdef KRB5_HEIMDAL
-typedef unsigned char krb5_octet;
-#   define FAR
-#  else
-
-#   ifndef FAR
-#    define FAR
-#   endif
-
-#  endif
-
-/*-
- *      Uncomment this to debug kssl problems or
- *      to trace usage of the Kerberos session key
- *
- *      #define         KSSL_DEBUG
- */
-
-#  ifndef KRB5SVC
-#   define KRB5SVC "host"
-#  endif
-
-#  ifndef KRB5KEYTAB
-#   define KRB5KEYTAB      "/etc/krb5.keytab"
-#  endif
-
-#  ifndef KRB5SENDAUTH
-#   define KRB5SENDAUTH    1
-#  endif
-
-#  ifndef KRB5CHECKAUTH
-#   define KRB5CHECKAUTH   1
-#  endif
-
-#  ifndef KSSL_CLOCKSKEW
-#   define KSSL_CLOCKSKEW  300;
-#  endif
-
-#  define KSSL_ERR_MAX    255
-typedef struct kssl_err_st {
-    int reason;
-    char text[KSSL_ERR_MAX + 1];
-} KSSL_ERR;
-
-/*-     Context for passing
- *              (1) Kerberos session key to SSL, and
- *              (2)     Config data between application and SSL lib
- */
-typedef struct kssl_ctx_st {
-    /*      used by:    disposition:            */
-    char *service_name;         /* C,S default ok (kssl) */
-    char *service_host;         /* C input, REQUIRED */
-    char *client_princ;         /* S output from krb5 ticket */
-    char *keytab_file;          /* S NULL (/etc/krb5.keytab) */
-    char *cred_cache;           /* C NULL (default) */
-    krb5_enctype enctype;
-    int length;
-    krb5_octet FAR *key;
-} KSSL_CTX;
-
-#  define KSSL_CLIENT     1
-#  define KSSL_SERVER     2
-#  define KSSL_SERVICE    3
-#  define KSSL_KEYTAB     4
-
-#  define KSSL_CTX_OK     0
-#  define KSSL_CTX_ERR    1
-#  define KSSL_NOMEM      2
-
-/* Public (for use by applications that use OpenSSL with Kerberos 5 support */
-krb5_error_code kssl_ctx_setstring(KSSL_CTX *kssl_ctx, int which, char *text);
-KSSL_CTX *kssl_ctx_new(void);
-KSSL_CTX *kssl_ctx_free(KSSL_CTX *kssl_ctx);
-void kssl_ctx_show(KSSL_CTX *kssl_ctx);
-krb5_error_code kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
-                                  krb5_data *realm, krb5_data *entity,
-                                  int nentities);
-krb5_error_code kssl_cget_tkt(KSSL_CTX *kssl_ctx, krb5_data **enc_tktp,
-                              krb5_data *authenp, KSSL_ERR *kssl_err);
-krb5_error_code kssl_sget_tkt(KSSL_CTX *kssl_ctx, krb5_data *indata,
-                              krb5_ticket_times *ttimes, KSSL_ERR *kssl_err);
-krb5_error_code kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session);
-void kssl_err_set(KSSL_ERR *kssl_err, int reason, char *text);
-void kssl_krb5_free_data_contents(krb5_context context, krb5_data *data);
-krb5_error_code kssl_build_principal_2(krb5_context context,
-                                       krb5_principal *princ, int rlen,
-                                       const char *realm, int slen,
-                                       const char *svc, int hlen,
-                                       const char *host);
-krb5_error_code kssl_validate_times(krb5_timestamp atime,
-                                    krb5_ticket_times *ttimes);
-krb5_error_code kssl_check_authent(KSSL_CTX *kssl_ctx, krb5_data *authentp,
-                                   krb5_timestamp *atimep,
-                                   KSSL_ERR *kssl_err);
-unsigned char *kssl_skip_confound(krb5_enctype enctype, unsigned char *authn);
-
-void SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx);
-KSSL_CTX *SSL_get0_kssl_ctx(SSL *s);
-char *kssl_ctx_get0_client_princ(KSSL_CTX *kctx);
-
-#ifdef  __cplusplus
-}
-#endif
-# endif                         /* OPENSSL_NO_KRB5 */
-#endif                          /* KSSL_H */
diff --git a/thirdparty/openssl/openssl/lhash.h b/thirdparty/openssl/openssl/lhash.h
deleted file mode 100644
index b6c328bffb..0000000000
--- a/thirdparty/openssl/openssl/lhash.h
+++ /dev/null
@@ -1,240 +0,0 @@
-/* crypto/lhash/lhash.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * Header for dynamic hash table routines Author - Eric Young
- */
-
-#ifndef HEADER_LHASH_H
-# define HEADER_LHASH_H
-
-# include <openssl/e_os2.h>
-# ifndef OPENSSL_NO_FP_API
-#  include <stdio.h>
-# endif
-
-# ifndef OPENSSL_NO_BIO
-#  include <openssl/bio.h>
-# endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct lhash_node_st {
-    void *data;
-    struct lhash_node_st *next;
-# ifndef OPENSSL_NO_HASH_COMP
-    unsigned long hash;
-# endif
-} LHASH_NODE;
-
-typedef int (*LHASH_COMP_FN_TYPE) (const void *, const void *);
-typedef unsigned long (*LHASH_HASH_FN_TYPE) (const void *);
-typedef void (*LHASH_DOALL_FN_TYPE) (void *);
-typedef void (*LHASH_DOALL_ARG_FN_TYPE) (void *, void *);
-
-/*
- * Macros for declaring and implementing type-safe wrappers for LHASH
- * callbacks. This way, callbacks can be provided to LHASH structures without
- * function pointer casting and the macro-defined callbacks provide
- * per-variable casting before deferring to the underlying type-specific
- * callbacks. NB: It is possible to place a "static" in front of both the
- * DECLARE and IMPLEMENT macros if the functions are strictly internal.
- */
-
-/* First: "hash" functions */
-# define DECLARE_LHASH_HASH_FN(name, o_type) \
-        unsigned long name##_LHASH_HASH(const void *);
-# define IMPLEMENT_LHASH_HASH_FN(name, o_type) \
-        unsigned long name##_LHASH_HASH(const void *arg) { \
-                const o_type *a = arg; \
-                return name##_hash(a); }
-# define LHASH_HASH_FN(name) name##_LHASH_HASH
-
-/* Second: "compare" functions */
-# define DECLARE_LHASH_COMP_FN(name, o_type) \
-        int name##_LHASH_COMP(const void *, const void *);
-# define IMPLEMENT_LHASH_COMP_FN(name, o_type) \
-        int name##_LHASH_COMP(const void *arg1, const void *arg2) { \
-                const o_type *a = arg1;             \
-                const o_type *b = arg2; \
-                return name##_cmp(a,b); }
-# define LHASH_COMP_FN(name) name##_LHASH_COMP
-
-/* Third: "doall" functions */
-# define DECLARE_LHASH_DOALL_FN(name, o_type) \
-        void name##_LHASH_DOALL(void *);
-# define IMPLEMENT_LHASH_DOALL_FN(name, o_type) \
-        void name##_LHASH_DOALL(void *arg) { \
-                o_type *a = arg; \
-                name##_doall(a); }
-# define LHASH_DOALL_FN(name) name##_LHASH_DOALL
-
-/* Fourth: "doall_arg" functions */
-# define DECLARE_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
-        void name##_LHASH_DOALL_ARG(void *, void *);
-# define IMPLEMENT_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
-        void name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \
-                o_type *a = arg1; \
-                a_type *b = arg2; \
-                name##_doall_arg(a, b); }
-# define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG
-
-typedef struct lhash_st {
-    LHASH_NODE **b;
-    LHASH_COMP_FN_TYPE comp;
-    LHASH_HASH_FN_TYPE hash;
-    unsigned int num_nodes;
-    unsigned int num_alloc_nodes;
-    unsigned int p;
-    unsigned int pmax;
-    unsigned long up_load;      /* load times 256 */
-    unsigned long down_load;    /* load times 256 */
-    unsigned long num_items;
-    unsigned long num_expands;
-    unsigned long num_expand_reallocs;
-    unsigned long num_contracts;
-    unsigned long num_contract_reallocs;
-    unsigned long num_hash_calls;
-    unsigned long num_comp_calls;
-    unsigned long num_insert;
-    unsigned long num_replace;
-    unsigned long num_delete;
-    unsigned long num_no_delete;
-    unsigned long num_retrieve;
-    unsigned long num_retrieve_miss;
-    unsigned long num_hash_comps;
-    int error;
-} _LHASH;                       /* Do not use _LHASH directly, use LHASH_OF
-                                 * and friends */
-
-# define LH_LOAD_MULT    256
-
-/*
- * Indicates a malloc() error in the last call, this is only bad in
- * lh_insert().
- */
-# define lh_error(lh)    ((lh)->error)
-
-_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c);
-void lh_free(_LHASH *lh);
-void *lh_insert(_LHASH *lh, void *data);
-void *lh_delete(_LHASH *lh, const void *data);
-void *lh_retrieve(_LHASH *lh, const void *data);
-void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func);
-void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg);
-unsigned long lh_strhash(const char *c);
-unsigned long lh_num_items(const _LHASH *lh);
-
-# ifndef OPENSSL_NO_FP_API
-void lh_stats(const _LHASH *lh, FILE *out);
-void lh_node_stats(const _LHASH *lh, FILE *out);
-void lh_node_usage_stats(const _LHASH *lh, FILE *out);
-# endif
-
-# ifndef OPENSSL_NO_BIO
-void lh_stats_bio(const _LHASH *lh, BIO *out);
-void lh_node_stats_bio(const _LHASH *lh, BIO *out);
-void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out);
-# endif
-
-/* Type checking... */
-
-# define LHASH_OF(type) struct lhash_st_##type
-
-# define DECLARE_LHASH_OF(type) LHASH_OF(type) { int dummy; }
-
-# define CHECKED_LHASH_OF(type,lh) \
-  ((_LHASH *)CHECKED_PTR_OF(LHASH_OF(type),lh))
-
-/* Define wrapper functions. */
-# define LHM_lh_new(type, name) \
-  ((LHASH_OF(type) *)lh_new(LHASH_HASH_FN(name), LHASH_COMP_FN(name)))
-# define LHM_lh_error(type, lh) \
-  lh_error(CHECKED_LHASH_OF(type,lh))
-# define LHM_lh_insert(type, lh, inst) \
-  ((type *)lh_insert(CHECKED_LHASH_OF(type, lh), \
-                     CHECKED_PTR_OF(type, inst)))
-# define LHM_lh_retrieve(type, lh, inst) \
-  ((type *)lh_retrieve(CHECKED_LHASH_OF(type, lh), \
-                       CHECKED_PTR_OF(type, inst)))
-# define LHM_lh_delete(type, lh, inst) \
-  ((type *)lh_delete(CHECKED_LHASH_OF(type, lh),                        \
-                     CHECKED_PTR_OF(type, inst)))
-# define LHM_lh_doall(type, lh,fn) lh_doall(CHECKED_LHASH_OF(type, lh), fn)
-# define LHM_lh_doall_arg(type, lh, fn, arg_type, arg) \
-  lh_doall_arg(CHECKED_LHASH_OF(type, lh), fn, CHECKED_PTR_OF(arg_type, arg))
-# define LHM_lh_num_items(type, lh) lh_num_items(CHECKED_LHASH_OF(type, lh))
-# define LHM_lh_down_load(type, lh) (CHECKED_LHASH_OF(type, lh)->down_load)
-# define LHM_lh_node_stats_bio(type, lh, out) \
-  lh_node_stats_bio(CHECKED_LHASH_OF(type, lh), out)
-# define LHM_lh_node_usage_stats_bio(type, lh, out) \
-  lh_node_usage_stats_bio(CHECKED_LHASH_OF(type, lh), out)
-# define LHM_lh_stats_bio(type, lh, out) \
-  lh_stats_bio(CHECKED_LHASH_OF(type, lh), out)
-# define LHM_lh_free(type, lh) lh_free(CHECKED_LHASH_OF(type, lh))
-
-DECLARE_LHASH_OF(OPENSSL_STRING);
-DECLARE_LHASH_OF(OPENSSL_CSTRING);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/openssl/md4.h b/thirdparty/openssl/openssl/md4.h
deleted file mode 100644
index 11fd71295b..0000000000
--- a/thirdparty/openssl/openssl/md4.h
+++ /dev/null
@@ -1,119 +0,0 @@
-/* crypto/md4/md4.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_MD4_H
-# define HEADER_MD4_H
-
-# include <openssl/e_os2.h>
-# include <stddef.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# ifdef OPENSSL_NO_MD4
-#  error MD4 is disabled.
-# endif
-
-/*-
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- * ! MD4_LONG has to be at least 32 bits wide. If it's wider, then !
- * ! MD4_LONG_LOG2 has to be defined along.                        !
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- */
-
-# if defined(__LP32__)
-#  define MD4_LONG unsigned long
-# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
-#  define MD4_LONG unsigned long
-#  define MD4_LONG_LOG2 3
-/*
- * _CRAY note. I could declare short, but I have no idea what impact
- * does it have on performance on none-T3E machines. I could declare
- * int, but at least on C90 sizeof(int) can be chosen at compile time.
- * So I've chosen long...
- *                                      <appro@fy.chalmers.se>
- */
-# else
-#  define MD4_LONG unsigned int
-# endif
-
-# define MD4_CBLOCK      64
-# define MD4_LBLOCK      (MD4_CBLOCK/4)
-# define MD4_DIGEST_LENGTH 16
-
-typedef struct MD4state_st {
-    MD4_LONG A, B, C, D;
-    MD4_LONG Nl, Nh;
-    MD4_LONG data[MD4_LBLOCK];
-    unsigned int num;
-} MD4_CTX;
-
-# ifdef OPENSSL_FIPS
-int private_MD4_Init(MD4_CTX *c);
-# endif
-int MD4_Init(MD4_CTX *c);
-int MD4_Update(MD4_CTX *c, const void *data, size_t len);
-int MD4_Final(unsigned char *md, MD4_CTX *c);
-unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md);
-void MD4_Transform(MD4_CTX *c, const unsigned char *b);
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/openssl/md5.h b/thirdparty/openssl/openssl/md5.h
deleted file mode 100644
index 2659038abd..0000000000
--- a/thirdparty/openssl/openssl/md5.h
+++ /dev/null
@@ -1,119 +0,0 @@
-/* crypto/md5/md5.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_MD5_H
-# define HEADER_MD5_H
-
-# include <openssl/e_os2.h>
-# include <stddef.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# ifdef OPENSSL_NO_MD5
-#  error MD5 is disabled.
-# endif
-
-/*
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- * ! MD5_LONG has to be at least 32 bits wide. If it's wider, then !
- * ! MD5_LONG_LOG2 has to be defined along.                        !
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- */
-
-# if defined(__LP32__)
-#  define MD5_LONG unsigned long
-# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
-#  define MD5_LONG unsigned long
-#  define MD5_LONG_LOG2 3
-/*
- * _CRAY note. I could declare short, but I have no idea what impact
- * does it have on performance on none-T3E machines. I could declare
- * int, but at least on C90 sizeof(int) can be chosen at compile time.
- * So I've chosen long...
- *                                      <appro@fy.chalmers.se>
- */
-# else
-#  define MD5_LONG unsigned int
-# endif
-
-# define MD5_CBLOCK      64
-# define MD5_LBLOCK      (MD5_CBLOCK/4)
-# define MD5_DIGEST_LENGTH 16
-
-typedef struct MD5state_st {
-    MD5_LONG A, B, C, D;
-    MD5_LONG Nl, Nh;
-    MD5_LONG data[MD5_LBLOCK];
-    unsigned int num;
-} MD5_CTX;
-
-# ifdef OPENSSL_FIPS
-int private_MD5_Init(MD5_CTX *c);
-# endif
-int MD5_Init(MD5_CTX *c);
-int MD5_Update(MD5_CTX *c, const void *data, size_t len);
-int MD5_Final(unsigned char *md, MD5_CTX *c);
-unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md);
-void MD5_Transform(MD5_CTX *c, const unsigned char *b);
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/openssl/mdc2.h b/thirdparty/openssl/openssl/mdc2.h
deleted file mode 100644
index 7efe53bc29..0000000000
--- a/thirdparty/openssl/openssl/mdc2.h
+++ /dev/null
@@ -1,94 +0,0 @@
-/* crypto/mdc2/mdc2.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_MDC2_H
-# define HEADER_MDC2_H
-
-# include <openssl/des.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# ifdef OPENSSL_NO_MDC2
-#  error MDC2 is disabled.
-# endif
-
-# define MDC2_BLOCK              8
-# define MDC2_DIGEST_LENGTH      16
-
-typedef struct mdc2_ctx_st {
-    unsigned int num;
-    unsigned char data[MDC2_BLOCK];
-    DES_cblock h, hh;
-    int pad_type;               /* either 1 or 2, default 1 */
-} MDC2_CTX;
-
-# ifdef OPENSSL_FIPS
-int private_MDC2_Init(MDC2_CTX *c);
-# endif
-int MDC2_Init(MDC2_CTX *c);
-int MDC2_Update(MDC2_CTX *c, const unsigned char *data, size_t len);
-int MDC2_Final(unsigned char *md, MDC2_CTX *c);
-unsigned char *MDC2(const unsigned char *d, size_t n, unsigned char *md);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/openssl/modes.h b/thirdparty/openssl/openssl/modes.h
deleted file mode 100644
index fd488499a0..0000000000
--- a/thirdparty/openssl/openssl/modes.h
+++ /dev/null
@@ -1,163 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Rights for redistribution and usage in source and binary
- * forms are granted according to the OpenSSL license.
- */
-
-#include <stddef.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-typedef void (*block128_f) (const unsigned char in[16],
-                            unsigned char out[16], const void *key);
-
-typedef void (*cbc128_f) (const unsigned char *in, unsigned char *out,
-                          size_t len, const void *key,
-                          unsigned char ivec[16], int enc);
-
-typedef void (*ctr128_f) (const unsigned char *in, unsigned char *out,
-                          size_t blocks, const void *key,
-                          const unsigned char ivec[16]);
-
-typedef void (*ccm128_f) (const unsigned char *in, unsigned char *out,
-                          size_t blocks, const void *key,
-                          const unsigned char ivec[16],
-                          unsigned char cmac[16]);
-
-void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
-                           size_t len, const void *key,
-                           unsigned char ivec[16], block128_f block);
-void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
-                           size_t len, const void *key,
-                           unsigned char ivec[16], block128_f block);
-
-void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
-                           size_t len, const void *key,
-                           unsigned char ivec[16],
-                           unsigned char ecount_buf[16], unsigned int *num,
-                           block128_f block);
-
-void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
-                                 size_t len, const void *key,
-                                 unsigned char ivec[16],
-                                 unsigned char ecount_buf[16],
-                                 unsigned int *num, ctr128_f ctr);
-
-void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
-                           size_t len, const void *key,
-                           unsigned char ivec[16], int *num,
-                           block128_f block);
-
-void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
-                           size_t len, const void *key,
-                           unsigned char ivec[16], int *num,
-                           int enc, block128_f block);
-void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out,
-                             size_t length, const void *key,
-                             unsigned char ivec[16], int *num,
-                             int enc, block128_f block);
-void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
-                             size_t bits, const void *key,
-                             unsigned char ivec[16], int *num,
-                             int enc, block128_f block);
-
-size_t CRYPTO_cts128_encrypt_block(const unsigned char *in,
-                                   unsigned char *out, size_t len,
-                                   const void *key, unsigned char ivec[16],
-                                   block128_f block);
-size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
-                             size_t len, const void *key,
-                             unsigned char ivec[16], cbc128_f cbc);
-size_t CRYPTO_cts128_decrypt_block(const unsigned char *in,
-                                   unsigned char *out, size_t len,
-                                   const void *key, unsigned char ivec[16],
-                                   block128_f block);
-size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
-                             size_t len, const void *key,
-                             unsigned char ivec[16], cbc128_f cbc);
-
-size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in,
-                                       unsigned char *out, size_t len,
-                                       const void *key,
-                                       unsigned char ivec[16],
-                                       block128_f block);
-size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
-                                 size_t len, const void *key,
-                                 unsigned char ivec[16], cbc128_f cbc);
-size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in,
-                                       unsigned char *out, size_t len,
-                                       const void *key,
-                                       unsigned char ivec[16],
-                                       block128_f block);
-size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
-                                 size_t len, const void *key,
-                                 unsigned char ivec[16], cbc128_f cbc);
-
-typedef struct gcm128_context GCM128_CONTEXT;
-
-GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block);
-void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block);
-void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const unsigned char *iv,
-                         size_t len);
-int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const unsigned char *aad,
-                      size_t len);
-int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
-                          const unsigned char *in, unsigned char *out,
-                          size_t len);
-int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
-                          const unsigned char *in, unsigned char *out,
-                          size_t len);
-int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx,
-                                const unsigned char *in, unsigned char *out,
-                                size_t len, ctr128_f stream);
-int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx,
-                                const unsigned char *in, unsigned char *out,
-                                size_t len, ctr128_f stream);
-int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx, const unsigned char *tag,
-                         size_t len);
-void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
-void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx);
-
-typedef struct ccm128_context CCM128_CONTEXT;
-
-void CRYPTO_ccm128_init(CCM128_CONTEXT *ctx,
-                        unsigned int M, unsigned int L, void *key,
-                        block128_f block);
-int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx, const unsigned char *nonce,
-                        size_t nlen, size_t mlen);
-void CRYPTO_ccm128_aad(CCM128_CONTEXT *ctx, const unsigned char *aad,
-                       size_t alen);
-int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx, const unsigned char *inp,
-                          unsigned char *out, size_t len);
-int CRYPTO_ccm128_decrypt(CCM128_CONTEXT *ctx, const unsigned char *inp,
-                          unsigned char *out, size_t len);
-int CRYPTO_ccm128_encrypt_ccm64(CCM128_CONTEXT *ctx, const unsigned char *inp,
-                                unsigned char *out, size_t len,
-                                ccm128_f stream);
-int CRYPTO_ccm128_decrypt_ccm64(CCM128_CONTEXT *ctx, const unsigned char *inp,
-                                unsigned char *out, size_t len,
-                                ccm128_f stream);
-size_t CRYPTO_ccm128_tag(CCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
-
-typedef struct xts128_context XTS128_CONTEXT;
-
-int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx,
-                          const unsigned char iv[16],
-                          const unsigned char *inp, unsigned char *out,
-                          size_t len, int enc);
-
-size_t CRYPTO_128_wrap(void *key, const unsigned char *iv,
-                       unsigned char *out,
-                       const unsigned char *in, size_t inlen,
-                       block128_f block);
-
-size_t CRYPTO_128_unwrap(void *key, const unsigned char *iv,
-                         unsigned char *out,
-                         const unsigned char *in, size_t inlen,
-                         block128_f block);
-
-#ifdef  __cplusplus
-}
-#endif
diff --git a/thirdparty/openssl/openssl/obj_mac.h b/thirdparty/openssl/openssl/obj_mac.h
deleted file mode 100644
index 779c309b86..0000000000
--- a/thirdparty/openssl/openssl/obj_mac.h
+++ /dev/null
@@ -1,4194 +0,0 @@
-/* crypto/objects/obj_mac.h */
-
-/*
- * THIS FILE IS GENERATED FROM objects.txt by objects.pl via the following
- * command: perl objects.pl objects.txt obj_mac.num obj_mac.h
- */
-
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#define SN_undef                        "UNDEF"
-#define LN_undef                        "undefined"
-#define NID_undef                       0
-#define OBJ_undef                       0L
-
-#define SN_itu_t                "ITU-T"
-#define LN_itu_t                "itu-t"
-#define NID_itu_t               645
-#define OBJ_itu_t               0L
-
-#define NID_ccitt               404
-#define OBJ_ccitt               OBJ_itu_t
-
-#define SN_iso          "ISO"
-#define LN_iso          "iso"
-#define NID_iso         181
-#define OBJ_iso         1L
-
-#define SN_joint_iso_itu_t              "JOINT-ISO-ITU-T"
-#define LN_joint_iso_itu_t              "joint-iso-itu-t"
-#define NID_joint_iso_itu_t             646
-#define OBJ_joint_iso_itu_t             2L
-
-#define NID_joint_iso_ccitt             393
-#define OBJ_joint_iso_ccitt             OBJ_joint_iso_itu_t
-
-#define SN_member_body          "member-body"
-#define LN_member_body          "ISO Member Body"
-#define NID_member_body         182
-#define OBJ_member_body         OBJ_iso,2L
-
-#define SN_identified_organization              "identified-organization"
-#define NID_identified_organization             676
-#define OBJ_identified_organization             OBJ_iso,3L
-
-#define SN_hmac_md5             "HMAC-MD5"
-#define LN_hmac_md5             "hmac-md5"
-#define NID_hmac_md5            780
-#define OBJ_hmac_md5            OBJ_identified_organization,6L,1L,5L,5L,8L,1L,1L
-
-#define SN_hmac_sha1            "HMAC-SHA1"
-#define LN_hmac_sha1            "hmac-sha1"
-#define NID_hmac_sha1           781
-#define OBJ_hmac_sha1           OBJ_identified_organization,6L,1L,5L,5L,8L,1L,2L
-
-#define SN_certicom_arc         "certicom-arc"
-#define NID_certicom_arc                677
-#define OBJ_certicom_arc                OBJ_identified_organization,132L
-
-#define SN_international_organizations          "international-organizations"
-#define LN_international_organizations          "International Organizations"
-#define NID_international_organizations         647
-#define OBJ_international_organizations         OBJ_joint_iso_itu_t,23L
-
-#define SN_wap          "wap"
-#define NID_wap         678
-#define OBJ_wap         OBJ_international_organizations,43L
-
-#define SN_wap_wsg              "wap-wsg"
-#define NID_wap_wsg             679
-#define OBJ_wap_wsg             OBJ_wap,1L
-
-#define SN_selected_attribute_types             "selected-attribute-types"
-#define LN_selected_attribute_types             "Selected Attribute Types"
-#define NID_selected_attribute_types            394
-#define OBJ_selected_attribute_types            OBJ_joint_iso_itu_t,5L,1L,5L
-
-#define SN_clearance            "clearance"
-#define NID_clearance           395
-#define OBJ_clearance           OBJ_selected_attribute_types,55L
-
-#define SN_ISO_US               "ISO-US"
-#define LN_ISO_US               "ISO US Member Body"
-#define NID_ISO_US              183
-#define OBJ_ISO_US              OBJ_member_body,840L
-
-#define SN_X9_57                "X9-57"
-#define LN_X9_57                "X9.57"
-#define NID_X9_57               184
-#define OBJ_X9_57               OBJ_ISO_US,10040L
-
-#define SN_X9cm         "X9cm"
-#define LN_X9cm         "X9.57 CM ?"
-#define NID_X9cm                185
-#define OBJ_X9cm                OBJ_X9_57,4L
-
-#define SN_dsa          "DSA"
-#define LN_dsa          "dsaEncryption"
-#define NID_dsa         116
-#define OBJ_dsa         OBJ_X9cm,1L
-
-#define SN_dsaWithSHA1          "DSA-SHA1"
-#define LN_dsaWithSHA1          "dsaWithSHA1"
-#define NID_dsaWithSHA1         113
-#define OBJ_dsaWithSHA1         OBJ_X9cm,3L
-
-#define SN_ansi_X9_62           "ansi-X9-62"
-#define LN_ansi_X9_62           "ANSI X9.62"
-#define NID_ansi_X9_62          405
-#define OBJ_ansi_X9_62          OBJ_ISO_US,10045L
-
-#define OBJ_X9_62_id_fieldType          OBJ_ansi_X9_62,1L
-
-#define SN_X9_62_prime_field            "prime-field"
-#define NID_X9_62_prime_field           406
-#define OBJ_X9_62_prime_field           OBJ_X9_62_id_fieldType,1L
-
-#define SN_X9_62_characteristic_two_field               "characteristic-two-field"
-#define NID_X9_62_characteristic_two_field              407
-#define OBJ_X9_62_characteristic_two_field              OBJ_X9_62_id_fieldType,2L
-
-#define SN_X9_62_id_characteristic_two_basis            "id-characteristic-two-basis"
-#define NID_X9_62_id_characteristic_two_basis           680
-#define OBJ_X9_62_id_characteristic_two_basis           OBJ_X9_62_characteristic_two_field,3L
-
-#define SN_X9_62_onBasis                "onBasis"
-#define NID_X9_62_onBasis               681
-#define OBJ_X9_62_onBasis               OBJ_X9_62_id_characteristic_two_basis,1L
-
-#define SN_X9_62_tpBasis                "tpBasis"
-#define NID_X9_62_tpBasis               682
-#define OBJ_X9_62_tpBasis               OBJ_X9_62_id_characteristic_two_basis,2L
-
-#define SN_X9_62_ppBasis                "ppBasis"
-#define NID_X9_62_ppBasis               683
-#define OBJ_X9_62_ppBasis               OBJ_X9_62_id_characteristic_two_basis,3L
-
-#define OBJ_X9_62_id_publicKeyType              OBJ_ansi_X9_62,2L
-
-#define SN_X9_62_id_ecPublicKey         "id-ecPublicKey"
-#define NID_X9_62_id_ecPublicKey                408
-#define OBJ_X9_62_id_ecPublicKey                OBJ_X9_62_id_publicKeyType,1L
-
-#define OBJ_X9_62_ellipticCurve         OBJ_ansi_X9_62,3L
-
-#define OBJ_X9_62_c_TwoCurve            OBJ_X9_62_ellipticCurve,0L
-
-#define SN_X9_62_c2pnb163v1             "c2pnb163v1"
-#define NID_X9_62_c2pnb163v1            684
-#define OBJ_X9_62_c2pnb163v1            OBJ_X9_62_c_TwoCurve,1L
-
-#define SN_X9_62_c2pnb163v2             "c2pnb163v2"
-#define NID_X9_62_c2pnb163v2            685
-#define OBJ_X9_62_c2pnb163v2            OBJ_X9_62_c_TwoCurve,2L
-
-#define SN_X9_62_c2pnb163v3             "c2pnb163v3"
-#define NID_X9_62_c2pnb163v3            686
-#define OBJ_X9_62_c2pnb163v3            OBJ_X9_62_c_TwoCurve,3L
-
-#define SN_X9_62_c2pnb176v1             "c2pnb176v1"
-#define NID_X9_62_c2pnb176v1            687
-#define OBJ_X9_62_c2pnb176v1            OBJ_X9_62_c_TwoCurve,4L
-
-#define SN_X9_62_c2tnb191v1             "c2tnb191v1"
-#define NID_X9_62_c2tnb191v1            688
-#define OBJ_X9_62_c2tnb191v1            OBJ_X9_62_c_TwoCurve,5L
-
-#define SN_X9_62_c2tnb191v2             "c2tnb191v2"
-#define NID_X9_62_c2tnb191v2            689
-#define OBJ_X9_62_c2tnb191v2            OBJ_X9_62_c_TwoCurve,6L
-
-#define SN_X9_62_c2tnb191v3             "c2tnb191v3"
-#define NID_X9_62_c2tnb191v3            690
-#define OBJ_X9_62_c2tnb191v3            OBJ_X9_62_c_TwoCurve,7L
-
-#define SN_X9_62_c2onb191v4             "c2onb191v4"
-#define NID_X9_62_c2onb191v4            691
-#define OBJ_X9_62_c2onb191v4            OBJ_X9_62_c_TwoCurve,8L
-
-#define SN_X9_62_c2onb191v5             "c2onb191v5"
-#define NID_X9_62_c2onb191v5            692
-#define OBJ_X9_62_c2onb191v5            OBJ_X9_62_c_TwoCurve,9L
-
-#define SN_X9_62_c2pnb208w1             "c2pnb208w1"
-#define NID_X9_62_c2pnb208w1            693
-#define OBJ_X9_62_c2pnb208w1            OBJ_X9_62_c_TwoCurve,10L
-
-#define SN_X9_62_c2tnb239v1             "c2tnb239v1"
-#define NID_X9_62_c2tnb239v1            694
-#define OBJ_X9_62_c2tnb239v1            OBJ_X9_62_c_TwoCurve,11L
-
-#define SN_X9_62_c2tnb239v2             "c2tnb239v2"
-#define NID_X9_62_c2tnb239v2            695
-#define OBJ_X9_62_c2tnb239v2            OBJ_X9_62_c_TwoCurve,12L
-
-#define SN_X9_62_c2tnb239v3             "c2tnb239v3"
-#define NID_X9_62_c2tnb239v3            696
-#define OBJ_X9_62_c2tnb239v3            OBJ_X9_62_c_TwoCurve,13L
-
-#define SN_X9_62_c2onb239v4             "c2onb239v4"
-#define NID_X9_62_c2onb239v4            697
-#define OBJ_X9_62_c2onb239v4            OBJ_X9_62_c_TwoCurve,14L
-
-#define SN_X9_62_c2onb239v5             "c2onb239v5"
-#define NID_X9_62_c2onb239v5            698
-#define OBJ_X9_62_c2onb239v5            OBJ_X9_62_c_TwoCurve,15L
-
-#define SN_X9_62_c2pnb272w1             "c2pnb272w1"
-#define NID_X9_62_c2pnb272w1            699
-#define OBJ_X9_62_c2pnb272w1            OBJ_X9_62_c_TwoCurve,16L
-
-#define SN_X9_62_c2pnb304w1             "c2pnb304w1"
-#define NID_X9_62_c2pnb304w1            700
-#define OBJ_X9_62_c2pnb304w1            OBJ_X9_62_c_TwoCurve,17L
-
-#define SN_X9_62_c2tnb359v1             "c2tnb359v1"
-#define NID_X9_62_c2tnb359v1            701
-#define OBJ_X9_62_c2tnb359v1            OBJ_X9_62_c_TwoCurve,18L
-
-#define SN_X9_62_c2pnb368w1             "c2pnb368w1"
-#define NID_X9_62_c2pnb368w1            702
-#define OBJ_X9_62_c2pnb368w1            OBJ_X9_62_c_TwoCurve,19L
-
-#define SN_X9_62_c2tnb431r1             "c2tnb431r1"
-#define NID_X9_62_c2tnb431r1            703
-#define OBJ_X9_62_c2tnb431r1            OBJ_X9_62_c_TwoCurve,20L
-
-#define OBJ_X9_62_primeCurve            OBJ_X9_62_ellipticCurve,1L
-
-#define SN_X9_62_prime192v1             "prime192v1"
-#define NID_X9_62_prime192v1            409
-#define OBJ_X9_62_prime192v1            OBJ_X9_62_primeCurve,1L
-
-#define SN_X9_62_prime192v2             "prime192v2"
-#define NID_X9_62_prime192v2            410
-#define OBJ_X9_62_prime192v2            OBJ_X9_62_primeCurve,2L
-
-#define SN_X9_62_prime192v3             "prime192v3"
-#define NID_X9_62_prime192v3            411
-#define OBJ_X9_62_prime192v3            OBJ_X9_62_primeCurve,3L
-
-#define SN_X9_62_prime239v1             "prime239v1"
-#define NID_X9_62_prime239v1            412
-#define OBJ_X9_62_prime239v1            OBJ_X9_62_primeCurve,4L
-
-#define SN_X9_62_prime239v2             "prime239v2"
-#define NID_X9_62_prime239v2            413
-#define OBJ_X9_62_prime239v2            OBJ_X9_62_primeCurve,5L
-
-#define SN_X9_62_prime239v3             "prime239v3"
-#define NID_X9_62_prime239v3            414
-#define OBJ_X9_62_prime239v3            OBJ_X9_62_primeCurve,6L
-
-#define SN_X9_62_prime256v1             "prime256v1"
-#define NID_X9_62_prime256v1            415
-#define OBJ_X9_62_prime256v1            OBJ_X9_62_primeCurve,7L
-
-#define OBJ_X9_62_id_ecSigType          OBJ_ansi_X9_62,4L
-
-#define SN_ecdsa_with_SHA1              "ecdsa-with-SHA1"
-#define NID_ecdsa_with_SHA1             416
-#define OBJ_ecdsa_with_SHA1             OBJ_X9_62_id_ecSigType,1L
-
-#define SN_ecdsa_with_Recommended               "ecdsa-with-Recommended"
-#define NID_ecdsa_with_Recommended              791
-#define OBJ_ecdsa_with_Recommended              OBJ_X9_62_id_ecSigType,2L
-
-#define SN_ecdsa_with_Specified         "ecdsa-with-Specified"
-#define NID_ecdsa_with_Specified                792
-#define OBJ_ecdsa_with_Specified                OBJ_X9_62_id_ecSigType,3L
-
-#define SN_ecdsa_with_SHA224            "ecdsa-with-SHA224"
-#define NID_ecdsa_with_SHA224           793
-#define OBJ_ecdsa_with_SHA224           OBJ_ecdsa_with_Specified,1L
-
-#define SN_ecdsa_with_SHA256            "ecdsa-with-SHA256"
-#define NID_ecdsa_with_SHA256           794
-#define OBJ_ecdsa_with_SHA256           OBJ_ecdsa_with_Specified,2L
-
-#define SN_ecdsa_with_SHA384            "ecdsa-with-SHA384"
-#define NID_ecdsa_with_SHA384           795
-#define OBJ_ecdsa_with_SHA384           OBJ_ecdsa_with_Specified,3L
-
-#define SN_ecdsa_with_SHA512            "ecdsa-with-SHA512"
-#define NID_ecdsa_with_SHA512           796
-#define OBJ_ecdsa_with_SHA512           OBJ_ecdsa_with_Specified,4L
-
-#define OBJ_secg_ellipticCurve          OBJ_certicom_arc,0L
-
-#define SN_secp112r1            "secp112r1"
-#define NID_secp112r1           704
-#define OBJ_secp112r1           OBJ_secg_ellipticCurve,6L
-
-#define SN_secp112r2            "secp112r2"
-#define NID_secp112r2           705
-#define OBJ_secp112r2           OBJ_secg_ellipticCurve,7L
-
-#define SN_secp128r1            "secp128r1"
-#define NID_secp128r1           706
-#define OBJ_secp128r1           OBJ_secg_ellipticCurve,28L
-
-#define SN_secp128r2            "secp128r2"
-#define NID_secp128r2           707
-#define OBJ_secp128r2           OBJ_secg_ellipticCurve,29L
-
-#define SN_secp160k1            "secp160k1"
-#define NID_secp160k1           708
-#define OBJ_secp160k1           OBJ_secg_ellipticCurve,9L
-
-#define SN_secp160r1            "secp160r1"
-#define NID_secp160r1           709
-#define OBJ_secp160r1           OBJ_secg_ellipticCurve,8L
-
-#define SN_secp160r2            "secp160r2"
-#define NID_secp160r2           710
-#define OBJ_secp160r2           OBJ_secg_ellipticCurve,30L
-
-#define SN_secp192k1            "secp192k1"
-#define NID_secp192k1           711
-#define OBJ_secp192k1           OBJ_secg_ellipticCurve,31L
-
-#define SN_secp224k1            "secp224k1"
-#define NID_secp224k1           712
-#define OBJ_secp224k1           OBJ_secg_ellipticCurve,32L
-
-#define SN_secp224r1            "secp224r1"
-#define NID_secp224r1           713
-#define OBJ_secp224r1           OBJ_secg_ellipticCurve,33L
-
-#define SN_secp256k1            "secp256k1"
-#define NID_secp256k1           714
-#define OBJ_secp256k1           OBJ_secg_ellipticCurve,10L
-
-#define SN_secp384r1            "secp384r1"
-#define NID_secp384r1           715
-#define OBJ_secp384r1           OBJ_secg_ellipticCurve,34L
-
-#define SN_secp521r1            "secp521r1"
-#define NID_secp521r1           716
-#define OBJ_secp521r1           OBJ_secg_ellipticCurve,35L
-
-#define SN_sect113r1            "sect113r1"
-#define NID_sect113r1           717
-#define OBJ_sect113r1           OBJ_secg_ellipticCurve,4L
-
-#define SN_sect113r2            "sect113r2"
-#define NID_sect113r2           718
-#define OBJ_sect113r2           OBJ_secg_ellipticCurve,5L
-
-#define SN_sect131r1            "sect131r1"
-#define NID_sect131r1           719
-#define OBJ_sect131r1           OBJ_secg_ellipticCurve,22L
-
-#define SN_sect131r2            "sect131r2"
-#define NID_sect131r2           720
-#define OBJ_sect131r2           OBJ_secg_ellipticCurve,23L
-
-#define SN_sect163k1            "sect163k1"
-#define NID_sect163k1           721
-#define OBJ_sect163k1           OBJ_secg_ellipticCurve,1L
-
-#define SN_sect163r1            "sect163r1"
-#define NID_sect163r1           722
-#define OBJ_sect163r1           OBJ_secg_ellipticCurve,2L
-
-#define SN_sect163r2            "sect163r2"
-#define NID_sect163r2           723
-#define OBJ_sect163r2           OBJ_secg_ellipticCurve,15L
-
-#define SN_sect193r1            "sect193r1"
-#define NID_sect193r1           724
-#define OBJ_sect193r1           OBJ_secg_ellipticCurve,24L
-
-#define SN_sect193r2            "sect193r2"
-#define NID_sect193r2           725
-#define OBJ_sect193r2           OBJ_secg_ellipticCurve,25L
-
-#define SN_sect233k1            "sect233k1"
-#define NID_sect233k1           726
-#define OBJ_sect233k1           OBJ_secg_ellipticCurve,26L
-
-#define SN_sect233r1            "sect233r1"
-#define NID_sect233r1           727
-#define OBJ_sect233r1           OBJ_secg_ellipticCurve,27L
-
-#define SN_sect239k1            "sect239k1"
-#define NID_sect239k1           728
-#define OBJ_sect239k1           OBJ_secg_ellipticCurve,3L
-
-#define SN_sect283k1            "sect283k1"
-#define NID_sect283k1           729
-#define OBJ_sect283k1           OBJ_secg_ellipticCurve,16L
-
-#define SN_sect283r1            "sect283r1"
-#define NID_sect283r1           730
-#define OBJ_sect283r1           OBJ_secg_ellipticCurve,17L
-
-#define SN_sect409k1            "sect409k1"
-#define NID_sect409k1           731
-#define OBJ_sect409k1           OBJ_secg_ellipticCurve,36L
-
-#define SN_sect409r1            "sect409r1"
-#define NID_sect409r1           732
-#define OBJ_sect409r1           OBJ_secg_ellipticCurve,37L
-
-#define SN_sect571k1            "sect571k1"
-#define NID_sect571k1           733
-#define OBJ_sect571k1           OBJ_secg_ellipticCurve,38L
-
-#define SN_sect571r1            "sect571r1"
-#define NID_sect571r1           734
-#define OBJ_sect571r1           OBJ_secg_ellipticCurve,39L
-
-#define OBJ_wap_wsg_idm_ecid            OBJ_wap_wsg,4L
-
-#define SN_wap_wsg_idm_ecid_wtls1               "wap-wsg-idm-ecid-wtls1"
-#define NID_wap_wsg_idm_ecid_wtls1              735
-#define OBJ_wap_wsg_idm_ecid_wtls1              OBJ_wap_wsg_idm_ecid,1L
-
-#define SN_wap_wsg_idm_ecid_wtls3               "wap-wsg-idm-ecid-wtls3"
-#define NID_wap_wsg_idm_ecid_wtls3              736
-#define OBJ_wap_wsg_idm_ecid_wtls3              OBJ_wap_wsg_idm_ecid,3L
-
-#define SN_wap_wsg_idm_ecid_wtls4               "wap-wsg-idm-ecid-wtls4"
-#define NID_wap_wsg_idm_ecid_wtls4              737
-#define OBJ_wap_wsg_idm_ecid_wtls4              OBJ_wap_wsg_idm_ecid,4L
-
-#define SN_wap_wsg_idm_ecid_wtls5               "wap-wsg-idm-ecid-wtls5"
-#define NID_wap_wsg_idm_ecid_wtls5              738
-#define OBJ_wap_wsg_idm_ecid_wtls5              OBJ_wap_wsg_idm_ecid,5L
-
-#define SN_wap_wsg_idm_ecid_wtls6               "wap-wsg-idm-ecid-wtls6"
-#define NID_wap_wsg_idm_ecid_wtls6              739
-#define OBJ_wap_wsg_idm_ecid_wtls6              OBJ_wap_wsg_idm_ecid,6L
-
-#define SN_wap_wsg_idm_ecid_wtls7               "wap-wsg-idm-ecid-wtls7"
-#define NID_wap_wsg_idm_ecid_wtls7              740
-#define OBJ_wap_wsg_idm_ecid_wtls7              OBJ_wap_wsg_idm_ecid,7L
-
-#define SN_wap_wsg_idm_ecid_wtls8               "wap-wsg-idm-ecid-wtls8"
-#define NID_wap_wsg_idm_ecid_wtls8              741
-#define OBJ_wap_wsg_idm_ecid_wtls8              OBJ_wap_wsg_idm_ecid,8L
-
-#define SN_wap_wsg_idm_ecid_wtls9               "wap-wsg-idm-ecid-wtls9"
-#define NID_wap_wsg_idm_ecid_wtls9              742
-#define OBJ_wap_wsg_idm_ecid_wtls9              OBJ_wap_wsg_idm_ecid,9L
-
-#define SN_wap_wsg_idm_ecid_wtls10              "wap-wsg-idm-ecid-wtls10"
-#define NID_wap_wsg_idm_ecid_wtls10             743
-#define OBJ_wap_wsg_idm_ecid_wtls10             OBJ_wap_wsg_idm_ecid,10L
-
-#define SN_wap_wsg_idm_ecid_wtls11              "wap-wsg-idm-ecid-wtls11"
-#define NID_wap_wsg_idm_ecid_wtls11             744
-#define OBJ_wap_wsg_idm_ecid_wtls11             OBJ_wap_wsg_idm_ecid,11L
-
-#define SN_wap_wsg_idm_ecid_wtls12              "wap-wsg-idm-ecid-wtls12"
-#define NID_wap_wsg_idm_ecid_wtls12             745
-#define OBJ_wap_wsg_idm_ecid_wtls12             OBJ_wap_wsg_idm_ecid,12L
-
-#define SN_cast5_cbc            "CAST5-CBC"
-#define LN_cast5_cbc            "cast5-cbc"
-#define NID_cast5_cbc           108
-#define OBJ_cast5_cbc           OBJ_ISO_US,113533L,7L,66L,10L
-
-#define SN_cast5_ecb            "CAST5-ECB"
-#define LN_cast5_ecb            "cast5-ecb"
-#define NID_cast5_ecb           109
-
-#define SN_cast5_cfb64          "CAST5-CFB"
-#define LN_cast5_cfb64          "cast5-cfb"
-#define NID_cast5_cfb64         110
-
-#define SN_cast5_ofb64          "CAST5-OFB"
-#define LN_cast5_ofb64          "cast5-ofb"
-#define NID_cast5_ofb64         111
-
-#define LN_pbeWithMD5AndCast5_CBC               "pbeWithMD5AndCast5CBC"
-#define NID_pbeWithMD5AndCast5_CBC              112
-#define OBJ_pbeWithMD5AndCast5_CBC              OBJ_ISO_US,113533L,7L,66L,12L
-
-#define SN_id_PasswordBasedMAC          "id-PasswordBasedMAC"
-#define LN_id_PasswordBasedMAC          "password based MAC"
-#define NID_id_PasswordBasedMAC         782
-#define OBJ_id_PasswordBasedMAC         OBJ_ISO_US,113533L,7L,66L,13L
-
-#define SN_id_DHBasedMac                "id-DHBasedMac"
-#define LN_id_DHBasedMac                "Diffie-Hellman based MAC"
-#define NID_id_DHBasedMac               783
-#define OBJ_id_DHBasedMac               OBJ_ISO_US,113533L,7L,66L,30L
-
-#define SN_rsadsi               "rsadsi"
-#define LN_rsadsi               "RSA Data Security, Inc."
-#define NID_rsadsi              1
-#define OBJ_rsadsi              OBJ_ISO_US,113549L
-
-#define SN_pkcs         "pkcs"
-#define LN_pkcs         "RSA Data Security, Inc. PKCS"
-#define NID_pkcs                2
-#define OBJ_pkcs                OBJ_rsadsi,1L
-
-#define SN_pkcs1                "pkcs1"
-#define NID_pkcs1               186
-#define OBJ_pkcs1               OBJ_pkcs,1L
-
-#define LN_rsaEncryption                "rsaEncryption"
-#define NID_rsaEncryption               6
-#define OBJ_rsaEncryption               OBJ_pkcs1,1L
-
-#define SN_md2WithRSAEncryption         "RSA-MD2"
-#define LN_md2WithRSAEncryption         "md2WithRSAEncryption"
-#define NID_md2WithRSAEncryption                7
-#define OBJ_md2WithRSAEncryption                OBJ_pkcs1,2L
-
-#define SN_md4WithRSAEncryption         "RSA-MD4"
-#define LN_md4WithRSAEncryption         "md4WithRSAEncryption"
-#define NID_md4WithRSAEncryption                396
-#define OBJ_md4WithRSAEncryption                OBJ_pkcs1,3L
-
-#define SN_md5WithRSAEncryption         "RSA-MD5"
-#define LN_md5WithRSAEncryption         "md5WithRSAEncryption"
-#define NID_md5WithRSAEncryption                8
-#define OBJ_md5WithRSAEncryption                OBJ_pkcs1,4L
-
-#define SN_sha1WithRSAEncryption                "RSA-SHA1"
-#define LN_sha1WithRSAEncryption                "sha1WithRSAEncryption"
-#define NID_sha1WithRSAEncryption               65
-#define OBJ_sha1WithRSAEncryption               OBJ_pkcs1,5L
-
-#define SN_rsaesOaep            "RSAES-OAEP"
-#define LN_rsaesOaep            "rsaesOaep"
-#define NID_rsaesOaep           919
-#define OBJ_rsaesOaep           OBJ_pkcs1,7L
-
-#define SN_mgf1         "MGF1"
-#define LN_mgf1         "mgf1"
-#define NID_mgf1                911
-#define OBJ_mgf1                OBJ_pkcs1,8L
-
-#define SN_pSpecified           "PSPECIFIED"
-#define LN_pSpecified           "pSpecified"
-#define NID_pSpecified          935
-#define OBJ_pSpecified          OBJ_pkcs1,9L
-
-#define SN_rsassaPss            "RSASSA-PSS"
-#define LN_rsassaPss            "rsassaPss"
-#define NID_rsassaPss           912
-#define OBJ_rsassaPss           OBJ_pkcs1,10L
-
-#define SN_sha256WithRSAEncryption              "RSA-SHA256"
-#define LN_sha256WithRSAEncryption              "sha256WithRSAEncryption"
-#define NID_sha256WithRSAEncryption             668
-#define OBJ_sha256WithRSAEncryption             OBJ_pkcs1,11L
-
-#define SN_sha384WithRSAEncryption              "RSA-SHA384"
-#define LN_sha384WithRSAEncryption              "sha384WithRSAEncryption"
-#define NID_sha384WithRSAEncryption             669
-#define OBJ_sha384WithRSAEncryption             OBJ_pkcs1,12L
-
-#define SN_sha512WithRSAEncryption              "RSA-SHA512"
-#define LN_sha512WithRSAEncryption              "sha512WithRSAEncryption"
-#define NID_sha512WithRSAEncryption             670
-#define OBJ_sha512WithRSAEncryption             OBJ_pkcs1,13L
-
-#define SN_sha224WithRSAEncryption              "RSA-SHA224"
-#define LN_sha224WithRSAEncryption              "sha224WithRSAEncryption"
-#define NID_sha224WithRSAEncryption             671
-#define OBJ_sha224WithRSAEncryption             OBJ_pkcs1,14L
-
-#define SN_pkcs3                "pkcs3"
-#define NID_pkcs3               27
-#define OBJ_pkcs3               OBJ_pkcs,3L
-
-#define LN_dhKeyAgreement               "dhKeyAgreement"
-#define NID_dhKeyAgreement              28
-#define OBJ_dhKeyAgreement              OBJ_pkcs3,1L
-
-#define SN_pkcs5                "pkcs5"
-#define NID_pkcs5               187
-#define OBJ_pkcs5               OBJ_pkcs,5L
-
-#define SN_pbeWithMD2AndDES_CBC         "PBE-MD2-DES"
-#define LN_pbeWithMD2AndDES_CBC         "pbeWithMD2AndDES-CBC"
-#define NID_pbeWithMD2AndDES_CBC                9
-#define OBJ_pbeWithMD2AndDES_CBC                OBJ_pkcs5,1L
-
-#define SN_pbeWithMD5AndDES_CBC         "PBE-MD5-DES"
-#define LN_pbeWithMD5AndDES_CBC         "pbeWithMD5AndDES-CBC"
-#define NID_pbeWithMD5AndDES_CBC                10
-#define OBJ_pbeWithMD5AndDES_CBC                OBJ_pkcs5,3L
-
-#define SN_pbeWithMD2AndRC2_CBC         "PBE-MD2-RC2-64"
-#define LN_pbeWithMD2AndRC2_CBC         "pbeWithMD2AndRC2-CBC"
-#define NID_pbeWithMD2AndRC2_CBC                168
-#define OBJ_pbeWithMD2AndRC2_CBC                OBJ_pkcs5,4L
-
-#define SN_pbeWithMD5AndRC2_CBC         "PBE-MD5-RC2-64"
-#define LN_pbeWithMD5AndRC2_CBC         "pbeWithMD5AndRC2-CBC"
-#define NID_pbeWithMD5AndRC2_CBC                169
-#define OBJ_pbeWithMD5AndRC2_CBC                OBJ_pkcs5,6L
-
-#define SN_pbeWithSHA1AndDES_CBC                "PBE-SHA1-DES"
-#define LN_pbeWithSHA1AndDES_CBC                "pbeWithSHA1AndDES-CBC"
-#define NID_pbeWithSHA1AndDES_CBC               170
-#define OBJ_pbeWithSHA1AndDES_CBC               OBJ_pkcs5,10L
-
-#define SN_pbeWithSHA1AndRC2_CBC                "PBE-SHA1-RC2-64"
-#define LN_pbeWithSHA1AndRC2_CBC                "pbeWithSHA1AndRC2-CBC"
-#define NID_pbeWithSHA1AndRC2_CBC               68
-#define OBJ_pbeWithSHA1AndRC2_CBC               OBJ_pkcs5,11L
-
-#define LN_id_pbkdf2            "PBKDF2"
-#define NID_id_pbkdf2           69
-#define OBJ_id_pbkdf2           OBJ_pkcs5,12L
-
-#define LN_pbes2                "PBES2"
-#define NID_pbes2               161
-#define OBJ_pbes2               OBJ_pkcs5,13L
-
-#define LN_pbmac1               "PBMAC1"
-#define NID_pbmac1              162
-#define OBJ_pbmac1              OBJ_pkcs5,14L
-
-#define SN_pkcs7                "pkcs7"
-#define NID_pkcs7               20
-#define OBJ_pkcs7               OBJ_pkcs,7L
-
-#define LN_pkcs7_data           "pkcs7-data"
-#define NID_pkcs7_data          21
-#define OBJ_pkcs7_data          OBJ_pkcs7,1L
-
-#define LN_pkcs7_signed         "pkcs7-signedData"
-#define NID_pkcs7_signed                22
-#define OBJ_pkcs7_signed                OBJ_pkcs7,2L
-
-#define LN_pkcs7_enveloped              "pkcs7-envelopedData"
-#define NID_pkcs7_enveloped             23
-#define OBJ_pkcs7_enveloped             OBJ_pkcs7,3L
-
-#define LN_pkcs7_signedAndEnveloped             "pkcs7-signedAndEnvelopedData"
-#define NID_pkcs7_signedAndEnveloped            24
-#define OBJ_pkcs7_signedAndEnveloped            OBJ_pkcs7,4L
-
-#define LN_pkcs7_digest         "pkcs7-digestData"
-#define NID_pkcs7_digest                25
-#define OBJ_pkcs7_digest                OBJ_pkcs7,5L
-
-#define LN_pkcs7_encrypted              "pkcs7-encryptedData"
-#define NID_pkcs7_encrypted             26
-#define OBJ_pkcs7_encrypted             OBJ_pkcs7,6L
-
-#define SN_pkcs9                "pkcs9"
-#define NID_pkcs9               47
-#define OBJ_pkcs9               OBJ_pkcs,9L
-
-#define LN_pkcs9_emailAddress           "emailAddress"
-#define NID_pkcs9_emailAddress          48
-#define OBJ_pkcs9_emailAddress          OBJ_pkcs9,1L
-
-#define LN_pkcs9_unstructuredName               "unstructuredName"
-#define NID_pkcs9_unstructuredName              49
-#define OBJ_pkcs9_unstructuredName              OBJ_pkcs9,2L
-
-#define LN_pkcs9_contentType            "contentType"
-#define NID_pkcs9_contentType           50
-#define OBJ_pkcs9_contentType           OBJ_pkcs9,3L
-
-#define LN_pkcs9_messageDigest          "messageDigest"
-#define NID_pkcs9_messageDigest         51
-#define OBJ_pkcs9_messageDigest         OBJ_pkcs9,4L
-
-#define LN_pkcs9_signingTime            "signingTime"
-#define NID_pkcs9_signingTime           52
-#define OBJ_pkcs9_signingTime           OBJ_pkcs9,5L
-
-#define LN_pkcs9_countersignature               "countersignature"
-#define NID_pkcs9_countersignature              53
-#define OBJ_pkcs9_countersignature              OBJ_pkcs9,6L
-
-#define LN_pkcs9_challengePassword              "challengePassword"
-#define NID_pkcs9_challengePassword             54
-#define OBJ_pkcs9_challengePassword             OBJ_pkcs9,7L
-
-#define LN_pkcs9_unstructuredAddress            "unstructuredAddress"
-#define NID_pkcs9_unstructuredAddress           55
-#define OBJ_pkcs9_unstructuredAddress           OBJ_pkcs9,8L
-
-#define LN_pkcs9_extCertAttributes              "extendedCertificateAttributes"
-#define NID_pkcs9_extCertAttributes             56
-#define OBJ_pkcs9_extCertAttributes             OBJ_pkcs9,9L
-
-#define SN_ext_req              "extReq"
-#define LN_ext_req              "Extension Request"
-#define NID_ext_req             172
-#define OBJ_ext_req             OBJ_pkcs9,14L
-
-#define SN_SMIMECapabilities            "SMIME-CAPS"
-#define LN_SMIMECapabilities            "S/MIME Capabilities"
-#define NID_SMIMECapabilities           167
-#define OBJ_SMIMECapabilities           OBJ_pkcs9,15L
-
-#define SN_SMIME                "SMIME"
-#define LN_SMIME                "S/MIME"
-#define NID_SMIME               188
-#define OBJ_SMIME               OBJ_pkcs9,16L
-
-#define SN_id_smime_mod         "id-smime-mod"
-#define NID_id_smime_mod                189
-#define OBJ_id_smime_mod                OBJ_SMIME,0L
-
-#define SN_id_smime_ct          "id-smime-ct"
-#define NID_id_smime_ct         190
-#define OBJ_id_smime_ct         OBJ_SMIME,1L
-
-#define SN_id_smime_aa          "id-smime-aa"
-#define NID_id_smime_aa         191
-#define OBJ_id_smime_aa         OBJ_SMIME,2L
-
-#define SN_id_smime_alg         "id-smime-alg"
-#define NID_id_smime_alg                192
-#define OBJ_id_smime_alg                OBJ_SMIME,3L
-
-#define SN_id_smime_cd          "id-smime-cd"
-#define NID_id_smime_cd         193
-#define OBJ_id_smime_cd         OBJ_SMIME,4L
-
-#define SN_id_smime_spq         "id-smime-spq"
-#define NID_id_smime_spq                194
-#define OBJ_id_smime_spq                OBJ_SMIME,5L
-
-#define SN_id_smime_cti         "id-smime-cti"
-#define NID_id_smime_cti                195
-#define OBJ_id_smime_cti                OBJ_SMIME,6L
-
-#define SN_id_smime_mod_cms             "id-smime-mod-cms"
-#define NID_id_smime_mod_cms            196
-#define OBJ_id_smime_mod_cms            OBJ_id_smime_mod,1L
-
-#define SN_id_smime_mod_ess             "id-smime-mod-ess"
-#define NID_id_smime_mod_ess            197
-#define OBJ_id_smime_mod_ess            OBJ_id_smime_mod,2L
-
-#define SN_id_smime_mod_oid             "id-smime-mod-oid"
-#define NID_id_smime_mod_oid            198
-#define OBJ_id_smime_mod_oid            OBJ_id_smime_mod,3L
-
-#define SN_id_smime_mod_msg_v3          "id-smime-mod-msg-v3"
-#define NID_id_smime_mod_msg_v3         199
-#define OBJ_id_smime_mod_msg_v3         OBJ_id_smime_mod,4L
-
-#define SN_id_smime_mod_ets_eSignature_88               "id-smime-mod-ets-eSignature-88"
-#define NID_id_smime_mod_ets_eSignature_88              200
-#define OBJ_id_smime_mod_ets_eSignature_88              OBJ_id_smime_mod,5L
-
-#define SN_id_smime_mod_ets_eSignature_97               "id-smime-mod-ets-eSignature-97"
-#define NID_id_smime_mod_ets_eSignature_97              201
-#define OBJ_id_smime_mod_ets_eSignature_97              OBJ_id_smime_mod,6L
-
-#define SN_id_smime_mod_ets_eSigPolicy_88               "id-smime-mod-ets-eSigPolicy-88"
-#define NID_id_smime_mod_ets_eSigPolicy_88              202
-#define OBJ_id_smime_mod_ets_eSigPolicy_88              OBJ_id_smime_mod,7L
-
-#define SN_id_smime_mod_ets_eSigPolicy_97               "id-smime-mod-ets-eSigPolicy-97"
-#define NID_id_smime_mod_ets_eSigPolicy_97              203
-#define OBJ_id_smime_mod_ets_eSigPolicy_97              OBJ_id_smime_mod,8L
-
-#define SN_id_smime_ct_receipt          "id-smime-ct-receipt"
-#define NID_id_smime_ct_receipt         204
-#define OBJ_id_smime_ct_receipt         OBJ_id_smime_ct,1L
-
-#define SN_id_smime_ct_authData         "id-smime-ct-authData"
-#define NID_id_smime_ct_authData                205
-#define OBJ_id_smime_ct_authData                OBJ_id_smime_ct,2L
-
-#define SN_id_smime_ct_publishCert              "id-smime-ct-publishCert"
-#define NID_id_smime_ct_publishCert             206
-#define OBJ_id_smime_ct_publishCert             OBJ_id_smime_ct,3L
-
-#define SN_id_smime_ct_TSTInfo          "id-smime-ct-TSTInfo"
-#define NID_id_smime_ct_TSTInfo         207
-#define OBJ_id_smime_ct_TSTInfo         OBJ_id_smime_ct,4L
-
-#define SN_id_smime_ct_TDTInfo          "id-smime-ct-TDTInfo"
-#define NID_id_smime_ct_TDTInfo         208
-#define OBJ_id_smime_ct_TDTInfo         OBJ_id_smime_ct,5L
-
-#define SN_id_smime_ct_contentInfo              "id-smime-ct-contentInfo"
-#define NID_id_smime_ct_contentInfo             209
-#define OBJ_id_smime_ct_contentInfo             OBJ_id_smime_ct,6L
-
-#define SN_id_smime_ct_DVCSRequestData          "id-smime-ct-DVCSRequestData"
-#define NID_id_smime_ct_DVCSRequestData         210
-#define OBJ_id_smime_ct_DVCSRequestData         OBJ_id_smime_ct,7L
-
-#define SN_id_smime_ct_DVCSResponseData         "id-smime-ct-DVCSResponseData"
-#define NID_id_smime_ct_DVCSResponseData                211
-#define OBJ_id_smime_ct_DVCSResponseData                OBJ_id_smime_ct,8L
-
-#define SN_id_smime_ct_compressedData           "id-smime-ct-compressedData"
-#define NID_id_smime_ct_compressedData          786
-#define OBJ_id_smime_ct_compressedData          OBJ_id_smime_ct,9L
-
-#define SN_id_ct_asciiTextWithCRLF              "id-ct-asciiTextWithCRLF"
-#define NID_id_ct_asciiTextWithCRLF             787
-#define OBJ_id_ct_asciiTextWithCRLF             OBJ_id_smime_ct,27L
-
-#define SN_id_smime_aa_receiptRequest           "id-smime-aa-receiptRequest"
-#define NID_id_smime_aa_receiptRequest          212
-#define OBJ_id_smime_aa_receiptRequest          OBJ_id_smime_aa,1L
-
-#define SN_id_smime_aa_securityLabel            "id-smime-aa-securityLabel"
-#define NID_id_smime_aa_securityLabel           213
-#define OBJ_id_smime_aa_securityLabel           OBJ_id_smime_aa,2L
-
-#define SN_id_smime_aa_mlExpandHistory          "id-smime-aa-mlExpandHistory"
-#define NID_id_smime_aa_mlExpandHistory         214
-#define OBJ_id_smime_aa_mlExpandHistory         OBJ_id_smime_aa,3L
-
-#define SN_id_smime_aa_contentHint              "id-smime-aa-contentHint"
-#define NID_id_smime_aa_contentHint             215
-#define OBJ_id_smime_aa_contentHint             OBJ_id_smime_aa,4L
-
-#define SN_id_smime_aa_msgSigDigest             "id-smime-aa-msgSigDigest"
-#define NID_id_smime_aa_msgSigDigest            216
-#define OBJ_id_smime_aa_msgSigDigest            OBJ_id_smime_aa,5L
-
-#define SN_id_smime_aa_encapContentType         "id-smime-aa-encapContentType"
-#define NID_id_smime_aa_encapContentType                217
-#define OBJ_id_smime_aa_encapContentType                OBJ_id_smime_aa,6L
-
-#define SN_id_smime_aa_contentIdentifier                "id-smime-aa-contentIdentifier"
-#define NID_id_smime_aa_contentIdentifier               218
-#define OBJ_id_smime_aa_contentIdentifier               OBJ_id_smime_aa,7L
-
-#define SN_id_smime_aa_macValue         "id-smime-aa-macValue"
-#define NID_id_smime_aa_macValue                219
-#define OBJ_id_smime_aa_macValue                OBJ_id_smime_aa,8L
-
-#define SN_id_smime_aa_equivalentLabels         "id-smime-aa-equivalentLabels"
-#define NID_id_smime_aa_equivalentLabels                220
-#define OBJ_id_smime_aa_equivalentLabels                OBJ_id_smime_aa,9L
-
-#define SN_id_smime_aa_contentReference         "id-smime-aa-contentReference"
-#define NID_id_smime_aa_contentReference                221
-#define OBJ_id_smime_aa_contentReference                OBJ_id_smime_aa,10L
-
-#define SN_id_smime_aa_encrypKeyPref            "id-smime-aa-encrypKeyPref"
-#define NID_id_smime_aa_encrypKeyPref           222
-#define OBJ_id_smime_aa_encrypKeyPref           OBJ_id_smime_aa,11L
-
-#define SN_id_smime_aa_signingCertificate               "id-smime-aa-signingCertificate"
-#define NID_id_smime_aa_signingCertificate              223
-#define OBJ_id_smime_aa_signingCertificate              OBJ_id_smime_aa,12L
-
-#define SN_id_smime_aa_smimeEncryptCerts                "id-smime-aa-smimeEncryptCerts"
-#define NID_id_smime_aa_smimeEncryptCerts               224
-#define OBJ_id_smime_aa_smimeEncryptCerts               OBJ_id_smime_aa,13L
-
-#define SN_id_smime_aa_timeStampToken           "id-smime-aa-timeStampToken"
-#define NID_id_smime_aa_timeStampToken          225
-#define OBJ_id_smime_aa_timeStampToken          OBJ_id_smime_aa,14L
-
-#define SN_id_smime_aa_ets_sigPolicyId          "id-smime-aa-ets-sigPolicyId"
-#define NID_id_smime_aa_ets_sigPolicyId         226
-#define OBJ_id_smime_aa_ets_sigPolicyId         OBJ_id_smime_aa,15L
-
-#define SN_id_smime_aa_ets_commitmentType               "id-smime-aa-ets-commitmentType"
-#define NID_id_smime_aa_ets_commitmentType              227
-#define OBJ_id_smime_aa_ets_commitmentType              OBJ_id_smime_aa,16L
-
-#define SN_id_smime_aa_ets_signerLocation               "id-smime-aa-ets-signerLocation"
-#define NID_id_smime_aa_ets_signerLocation              228
-#define OBJ_id_smime_aa_ets_signerLocation              OBJ_id_smime_aa,17L
-
-#define SN_id_smime_aa_ets_signerAttr           "id-smime-aa-ets-signerAttr"
-#define NID_id_smime_aa_ets_signerAttr          229
-#define OBJ_id_smime_aa_ets_signerAttr          OBJ_id_smime_aa,18L
-
-#define SN_id_smime_aa_ets_otherSigCert         "id-smime-aa-ets-otherSigCert"
-#define NID_id_smime_aa_ets_otherSigCert                230
-#define OBJ_id_smime_aa_ets_otherSigCert                OBJ_id_smime_aa,19L
-
-#define SN_id_smime_aa_ets_contentTimestamp             "id-smime-aa-ets-contentTimestamp"
-#define NID_id_smime_aa_ets_contentTimestamp            231
-#define OBJ_id_smime_aa_ets_contentTimestamp            OBJ_id_smime_aa,20L
-
-#define SN_id_smime_aa_ets_CertificateRefs              "id-smime-aa-ets-CertificateRefs"
-#define NID_id_smime_aa_ets_CertificateRefs             232
-#define OBJ_id_smime_aa_ets_CertificateRefs             OBJ_id_smime_aa,21L
-
-#define SN_id_smime_aa_ets_RevocationRefs               "id-smime-aa-ets-RevocationRefs"
-#define NID_id_smime_aa_ets_RevocationRefs              233
-#define OBJ_id_smime_aa_ets_RevocationRefs              OBJ_id_smime_aa,22L
-
-#define SN_id_smime_aa_ets_certValues           "id-smime-aa-ets-certValues"
-#define NID_id_smime_aa_ets_certValues          234
-#define OBJ_id_smime_aa_ets_certValues          OBJ_id_smime_aa,23L
-
-#define SN_id_smime_aa_ets_revocationValues             "id-smime-aa-ets-revocationValues"
-#define NID_id_smime_aa_ets_revocationValues            235
-#define OBJ_id_smime_aa_ets_revocationValues            OBJ_id_smime_aa,24L
-
-#define SN_id_smime_aa_ets_escTimeStamp         "id-smime-aa-ets-escTimeStamp"
-#define NID_id_smime_aa_ets_escTimeStamp                236
-#define OBJ_id_smime_aa_ets_escTimeStamp                OBJ_id_smime_aa,25L
-
-#define SN_id_smime_aa_ets_certCRLTimestamp             "id-smime-aa-ets-certCRLTimestamp"
-#define NID_id_smime_aa_ets_certCRLTimestamp            237
-#define OBJ_id_smime_aa_ets_certCRLTimestamp            OBJ_id_smime_aa,26L
-
-#define SN_id_smime_aa_ets_archiveTimeStamp             "id-smime-aa-ets-archiveTimeStamp"
-#define NID_id_smime_aa_ets_archiveTimeStamp            238
-#define OBJ_id_smime_aa_ets_archiveTimeStamp            OBJ_id_smime_aa,27L
-
-#define SN_id_smime_aa_signatureType            "id-smime-aa-signatureType"
-#define NID_id_smime_aa_signatureType           239
-#define OBJ_id_smime_aa_signatureType           OBJ_id_smime_aa,28L
-
-#define SN_id_smime_aa_dvcs_dvc         "id-smime-aa-dvcs-dvc"
-#define NID_id_smime_aa_dvcs_dvc                240
-#define OBJ_id_smime_aa_dvcs_dvc                OBJ_id_smime_aa,29L
-
-#define SN_id_smime_alg_ESDHwith3DES            "id-smime-alg-ESDHwith3DES"
-#define NID_id_smime_alg_ESDHwith3DES           241
-#define OBJ_id_smime_alg_ESDHwith3DES           OBJ_id_smime_alg,1L
-
-#define SN_id_smime_alg_ESDHwithRC2             "id-smime-alg-ESDHwithRC2"
-#define NID_id_smime_alg_ESDHwithRC2            242
-#define OBJ_id_smime_alg_ESDHwithRC2            OBJ_id_smime_alg,2L
-
-#define SN_id_smime_alg_3DESwrap                "id-smime-alg-3DESwrap"
-#define NID_id_smime_alg_3DESwrap               243
-#define OBJ_id_smime_alg_3DESwrap               OBJ_id_smime_alg,3L
-
-#define SN_id_smime_alg_RC2wrap         "id-smime-alg-RC2wrap"
-#define NID_id_smime_alg_RC2wrap                244
-#define OBJ_id_smime_alg_RC2wrap                OBJ_id_smime_alg,4L
-
-#define SN_id_smime_alg_ESDH            "id-smime-alg-ESDH"
-#define NID_id_smime_alg_ESDH           245
-#define OBJ_id_smime_alg_ESDH           OBJ_id_smime_alg,5L
-
-#define SN_id_smime_alg_CMS3DESwrap             "id-smime-alg-CMS3DESwrap"
-#define NID_id_smime_alg_CMS3DESwrap            246
-#define OBJ_id_smime_alg_CMS3DESwrap            OBJ_id_smime_alg,6L
-
-#define SN_id_smime_alg_CMSRC2wrap              "id-smime-alg-CMSRC2wrap"
-#define NID_id_smime_alg_CMSRC2wrap             247
-#define OBJ_id_smime_alg_CMSRC2wrap             OBJ_id_smime_alg,7L
-
-#define SN_id_alg_PWRI_KEK              "id-alg-PWRI-KEK"
-#define NID_id_alg_PWRI_KEK             893
-#define OBJ_id_alg_PWRI_KEK             OBJ_id_smime_alg,9L
-
-#define SN_id_smime_cd_ldap             "id-smime-cd-ldap"
-#define NID_id_smime_cd_ldap            248
-#define OBJ_id_smime_cd_ldap            OBJ_id_smime_cd,1L
-
-#define SN_id_smime_spq_ets_sqt_uri             "id-smime-spq-ets-sqt-uri"
-#define NID_id_smime_spq_ets_sqt_uri            249
-#define OBJ_id_smime_spq_ets_sqt_uri            OBJ_id_smime_spq,1L
-
-#define SN_id_smime_spq_ets_sqt_unotice         "id-smime-spq-ets-sqt-unotice"
-#define NID_id_smime_spq_ets_sqt_unotice                250
-#define OBJ_id_smime_spq_ets_sqt_unotice                OBJ_id_smime_spq,2L
-
-#define SN_id_smime_cti_ets_proofOfOrigin               "id-smime-cti-ets-proofOfOrigin"
-#define NID_id_smime_cti_ets_proofOfOrigin              251
-#define OBJ_id_smime_cti_ets_proofOfOrigin              OBJ_id_smime_cti,1L
-
-#define SN_id_smime_cti_ets_proofOfReceipt              "id-smime-cti-ets-proofOfReceipt"
-#define NID_id_smime_cti_ets_proofOfReceipt             252
-#define OBJ_id_smime_cti_ets_proofOfReceipt             OBJ_id_smime_cti,2L
-
-#define SN_id_smime_cti_ets_proofOfDelivery             "id-smime-cti-ets-proofOfDelivery"
-#define NID_id_smime_cti_ets_proofOfDelivery            253
-#define OBJ_id_smime_cti_ets_proofOfDelivery            OBJ_id_smime_cti,3L
-
-#define SN_id_smime_cti_ets_proofOfSender               "id-smime-cti-ets-proofOfSender"
-#define NID_id_smime_cti_ets_proofOfSender              254
-#define OBJ_id_smime_cti_ets_proofOfSender              OBJ_id_smime_cti,4L
-
-#define SN_id_smime_cti_ets_proofOfApproval             "id-smime-cti-ets-proofOfApproval"
-#define NID_id_smime_cti_ets_proofOfApproval            255
-#define OBJ_id_smime_cti_ets_proofOfApproval            OBJ_id_smime_cti,5L
-
-#define SN_id_smime_cti_ets_proofOfCreation             "id-smime-cti-ets-proofOfCreation"
-#define NID_id_smime_cti_ets_proofOfCreation            256
-#define OBJ_id_smime_cti_ets_proofOfCreation            OBJ_id_smime_cti,6L
-
-#define LN_friendlyName         "friendlyName"
-#define NID_friendlyName                156
-#define OBJ_friendlyName                OBJ_pkcs9,20L
-
-#define LN_localKeyID           "localKeyID"
-#define NID_localKeyID          157
-#define OBJ_localKeyID          OBJ_pkcs9,21L
-
-#define SN_ms_csp_name          "CSPName"
-#define LN_ms_csp_name          "Microsoft CSP Name"
-#define NID_ms_csp_name         417
-#define OBJ_ms_csp_name         1L,3L,6L,1L,4L,1L,311L,17L,1L
-
-#define SN_LocalKeySet          "LocalKeySet"
-#define LN_LocalKeySet          "Microsoft Local Key set"
-#define NID_LocalKeySet         856
-#define OBJ_LocalKeySet         1L,3L,6L,1L,4L,1L,311L,17L,2L
-
-#define OBJ_certTypes           OBJ_pkcs9,22L
-
-#define LN_x509Certificate              "x509Certificate"
-#define NID_x509Certificate             158
-#define OBJ_x509Certificate             OBJ_certTypes,1L
-
-#define LN_sdsiCertificate              "sdsiCertificate"
-#define NID_sdsiCertificate             159
-#define OBJ_sdsiCertificate             OBJ_certTypes,2L
-
-#define OBJ_crlTypes            OBJ_pkcs9,23L
-
-#define LN_x509Crl              "x509Crl"
-#define NID_x509Crl             160
-#define OBJ_x509Crl             OBJ_crlTypes,1L
-
-#define OBJ_pkcs12              OBJ_pkcs,12L
-
-#define OBJ_pkcs12_pbeids               OBJ_pkcs12,1L
-
-#define SN_pbe_WithSHA1And128BitRC4             "PBE-SHA1-RC4-128"
-#define LN_pbe_WithSHA1And128BitRC4             "pbeWithSHA1And128BitRC4"
-#define NID_pbe_WithSHA1And128BitRC4            144
-#define OBJ_pbe_WithSHA1And128BitRC4            OBJ_pkcs12_pbeids,1L
-
-#define SN_pbe_WithSHA1And40BitRC4              "PBE-SHA1-RC4-40"
-#define LN_pbe_WithSHA1And40BitRC4              "pbeWithSHA1And40BitRC4"
-#define NID_pbe_WithSHA1And40BitRC4             145
-#define OBJ_pbe_WithSHA1And40BitRC4             OBJ_pkcs12_pbeids,2L
-
-#define SN_pbe_WithSHA1And3_Key_TripleDES_CBC           "PBE-SHA1-3DES"
-#define LN_pbe_WithSHA1And3_Key_TripleDES_CBC           "pbeWithSHA1And3-KeyTripleDES-CBC"
-#define NID_pbe_WithSHA1And3_Key_TripleDES_CBC          146
-#define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC          OBJ_pkcs12_pbeids,3L
-
-#define SN_pbe_WithSHA1And2_Key_TripleDES_CBC           "PBE-SHA1-2DES"
-#define LN_pbe_WithSHA1And2_Key_TripleDES_CBC           "pbeWithSHA1And2-KeyTripleDES-CBC"
-#define NID_pbe_WithSHA1And2_Key_TripleDES_CBC          147
-#define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC          OBJ_pkcs12_pbeids,4L
-
-#define SN_pbe_WithSHA1And128BitRC2_CBC         "PBE-SHA1-RC2-128"
-#define LN_pbe_WithSHA1And128BitRC2_CBC         "pbeWithSHA1And128BitRC2-CBC"
-#define NID_pbe_WithSHA1And128BitRC2_CBC                148
-#define OBJ_pbe_WithSHA1And128BitRC2_CBC                OBJ_pkcs12_pbeids,5L
-
-#define SN_pbe_WithSHA1And40BitRC2_CBC          "PBE-SHA1-RC2-40"
-#define LN_pbe_WithSHA1And40BitRC2_CBC          "pbeWithSHA1And40BitRC2-CBC"
-#define NID_pbe_WithSHA1And40BitRC2_CBC         149
-#define OBJ_pbe_WithSHA1And40BitRC2_CBC         OBJ_pkcs12_pbeids,6L
-
-#define OBJ_pkcs12_Version1             OBJ_pkcs12,10L
-
-#define OBJ_pkcs12_BagIds               OBJ_pkcs12_Version1,1L
-
-#define LN_keyBag               "keyBag"
-#define NID_keyBag              150
-#define OBJ_keyBag              OBJ_pkcs12_BagIds,1L
-
-#define LN_pkcs8ShroudedKeyBag          "pkcs8ShroudedKeyBag"
-#define NID_pkcs8ShroudedKeyBag         151
-#define OBJ_pkcs8ShroudedKeyBag         OBJ_pkcs12_BagIds,2L
-
-#define LN_certBag              "certBag"
-#define NID_certBag             152
-#define OBJ_certBag             OBJ_pkcs12_BagIds,3L
-
-#define LN_crlBag               "crlBag"
-#define NID_crlBag              153
-#define OBJ_crlBag              OBJ_pkcs12_BagIds,4L
-
-#define LN_secretBag            "secretBag"
-#define NID_secretBag           154
-#define OBJ_secretBag           OBJ_pkcs12_BagIds,5L
-
-#define LN_safeContentsBag              "safeContentsBag"
-#define NID_safeContentsBag             155
-#define OBJ_safeContentsBag             OBJ_pkcs12_BagIds,6L
-
-#define SN_md2          "MD2"
-#define LN_md2          "md2"
-#define NID_md2         3
-#define OBJ_md2         OBJ_rsadsi,2L,2L
-
-#define SN_md4          "MD4"
-#define LN_md4          "md4"
-#define NID_md4         257
-#define OBJ_md4         OBJ_rsadsi,2L,4L
-
-#define SN_md5          "MD5"
-#define LN_md5          "md5"
-#define NID_md5         4
-#define OBJ_md5         OBJ_rsadsi,2L,5L
-
-#define SN_md5_sha1             "MD5-SHA1"
-#define LN_md5_sha1             "md5-sha1"
-#define NID_md5_sha1            114
-
-#define LN_hmacWithMD5          "hmacWithMD5"
-#define NID_hmacWithMD5         797
-#define OBJ_hmacWithMD5         OBJ_rsadsi,2L,6L
-
-#define LN_hmacWithSHA1         "hmacWithSHA1"
-#define NID_hmacWithSHA1                163
-#define OBJ_hmacWithSHA1                OBJ_rsadsi,2L,7L
-
-#define LN_hmacWithSHA224               "hmacWithSHA224"
-#define NID_hmacWithSHA224              798
-#define OBJ_hmacWithSHA224              OBJ_rsadsi,2L,8L
-
-#define LN_hmacWithSHA256               "hmacWithSHA256"
-#define NID_hmacWithSHA256              799
-#define OBJ_hmacWithSHA256              OBJ_rsadsi,2L,9L
-
-#define LN_hmacWithSHA384               "hmacWithSHA384"
-#define NID_hmacWithSHA384              800
-#define OBJ_hmacWithSHA384              OBJ_rsadsi,2L,10L
-
-#define LN_hmacWithSHA512               "hmacWithSHA512"
-#define NID_hmacWithSHA512              801
-#define OBJ_hmacWithSHA512              OBJ_rsadsi,2L,11L
-
-#define SN_rc2_cbc              "RC2-CBC"
-#define LN_rc2_cbc              "rc2-cbc"
-#define NID_rc2_cbc             37
-#define OBJ_rc2_cbc             OBJ_rsadsi,3L,2L
-
-#define SN_rc2_ecb              "RC2-ECB"
-#define LN_rc2_ecb              "rc2-ecb"
-#define NID_rc2_ecb             38
-
-#define SN_rc2_cfb64            "RC2-CFB"
-#define LN_rc2_cfb64            "rc2-cfb"
-#define NID_rc2_cfb64           39
-
-#define SN_rc2_ofb64            "RC2-OFB"
-#define LN_rc2_ofb64            "rc2-ofb"
-#define NID_rc2_ofb64           40
-
-#define SN_rc2_40_cbc           "RC2-40-CBC"
-#define LN_rc2_40_cbc           "rc2-40-cbc"
-#define NID_rc2_40_cbc          98
-
-#define SN_rc2_64_cbc           "RC2-64-CBC"
-#define LN_rc2_64_cbc           "rc2-64-cbc"
-#define NID_rc2_64_cbc          166
-
-#define SN_rc4          "RC4"
-#define LN_rc4          "rc4"
-#define NID_rc4         5
-#define OBJ_rc4         OBJ_rsadsi,3L,4L
-
-#define SN_rc4_40               "RC4-40"
-#define LN_rc4_40               "rc4-40"
-#define NID_rc4_40              97
-
-#define SN_des_ede3_cbc         "DES-EDE3-CBC"
-#define LN_des_ede3_cbc         "des-ede3-cbc"
-#define NID_des_ede3_cbc                44
-#define OBJ_des_ede3_cbc                OBJ_rsadsi,3L,7L
-
-#define SN_rc5_cbc              "RC5-CBC"
-#define LN_rc5_cbc              "rc5-cbc"
-#define NID_rc5_cbc             120
-#define OBJ_rc5_cbc             OBJ_rsadsi,3L,8L
-
-#define SN_rc5_ecb              "RC5-ECB"
-#define LN_rc5_ecb              "rc5-ecb"
-#define NID_rc5_ecb             121
-
-#define SN_rc5_cfb64            "RC5-CFB"
-#define LN_rc5_cfb64            "rc5-cfb"
-#define NID_rc5_cfb64           122
-
-#define SN_rc5_ofb64            "RC5-OFB"
-#define LN_rc5_ofb64            "rc5-ofb"
-#define NID_rc5_ofb64           123
-
-#define SN_ms_ext_req           "msExtReq"
-#define LN_ms_ext_req           "Microsoft Extension Request"
-#define NID_ms_ext_req          171
-#define OBJ_ms_ext_req          1L,3L,6L,1L,4L,1L,311L,2L,1L,14L
-
-#define SN_ms_code_ind          "msCodeInd"
-#define LN_ms_code_ind          "Microsoft Individual Code Signing"
-#define NID_ms_code_ind         134
-#define OBJ_ms_code_ind         1L,3L,6L,1L,4L,1L,311L,2L,1L,21L
-
-#define SN_ms_code_com          "msCodeCom"
-#define LN_ms_code_com          "Microsoft Commercial Code Signing"
-#define NID_ms_code_com         135
-#define OBJ_ms_code_com         1L,3L,6L,1L,4L,1L,311L,2L,1L,22L
-
-#define SN_ms_ctl_sign          "msCTLSign"
-#define LN_ms_ctl_sign          "Microsoft Trust List Signing"
-#define NID_ms_ctl_sign         136
-#define OBJ_ms_ctl_sign         1L,3L,6L,1L,4L,1L,311L,10L,3L,1L
-
-#define SN_ms_sgc               "msSGC"
-#define LN_ms_sgc               "Microsoft Server Gated Crypto"
-#define NID_ms_sgc              137
-#define OBJ_ms_sgc              1L,3L,6L,1L,4L,1L,311L,10L,3L,3L
-
-#define SN_ms_efs               "msEFS"
-#define LN_ms_efs               "Microsoft Encrypted File System"
-#define NID_ms_efs              138
-#define OBJ_ms_efs              1L,3L,6L,1L,4L,1L,311L,10L,3L,4L
-
-#define SN_ms_smartcard_login           "msSmartcardLogin"
-#define LN_ms_smartcard_login           "Microsoft Smartcardlogin"
-#define NID_ms_smartcard_login          648
-#define OBJ_ms_smartcard_login          1L,3L,6L,1L,4L,1L,311L,20L,2L,2L
-
-#define SN_ms_upn               "msUPN"
-#define LN_ms_upn               "Microsoft Universal Principal Name"
-#define NID_ms_upn              649
-#define OBJ_ms_upn              1L,3L,6L,1L,4L,1L,311L,20L,2L,3L
-
-#define SN_idea_cbc             "IDEA-CBC"
-#define LN_idea_cbc             "idea-cbc"
-#define NID_idea_cbc            34
-#define OBJ_idea_cbc            1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L
-
-#define SN_idea_ecb             "IDEA-ECB"
-#define LN_idea_ecb             "idea-ecb"
-#define NID_idea_ecb            36
-
-#define SN_idea_cfb64           "IDEA-CFB"
-#define LN_idea_cfb64           "idea-cfb"
-#define NID_idea_cfb64          35
-
-#define SN_idea_ofb64           "IDEA-OFB"
-#define LN_idea_ofb64           "idea-ofb"
-#define NID_idea_ofb64          46
-
-#define SN_bf_cbc               "BF-CBC"
-#define LN_bf_cbc               "bf-cbc"
-#define NID_bf_cbc              91
-#define OBJ_bf_cbc              1L,3L,6L,1L,4L,1L,3029L,1L,2L
-
-#define SN_bf_ecb               "BF-ECB"
-#define LN_bf_ecb               "bf-ecb"
-#define NID_bf_ecb              92
-
-#define SN_bf_cfb64             "BF-CFB"
-#define LN_bf_cfb64             "bf-cfb"
-#define NID_bf_cfb64            93
-
-#define SN_bf_ofb64             "BF-OFB"
-#define LN_bf_ofb64             "bf-ofb"
-#define NID_bf_ofb64            94
-
-#define SN_id_pkix              "PKIX"
-#define NID_id_pkix             127
-#define OBJ_id_pkix             1L,3L,6L,1L,5L,5L,7L
-
-#define SN_id_pkix_mod          "id-pkix-mod"
-#define NID_id_pkix_mod         258
-#define OBJ_id_pkix_mod         OBJ_id_pkix,0L
-
-#define SN_id_pe                "id-pe"
-#define NID_id_pe               175
-#define OBJ_id_pe               OBJ_id_pkix,1L
-
-#define SN_id_qt                "id-qt"
-#define NID_id_qt               259
-#define OBJ_id_qt               OBJ_id_pkix,2L
-
-#define SN_id_kp                "id-kp"
-#define NID_id_kp               128
-#define OBJ_id_kp               OBJ_id_pkix,3L
-
-#define SN_id_it                "id-it"
-#define NID_id_it               260
-#define OBJ_id_it               OBJ_id_pkix,4L
-
-#define SN_id_pkip              "id-pkip"
-#define NID_id_pkip             261
-#define OBJ_id_pkip             OBJ_id_pkix,5L
-
-#define SN_id_alg               "id-alg"
-#define NID_id_alg              262
-#define OBJ_id_alg              OBJ_id_pkix,6L
-
-#define SN_id_cmc               "id-cmc"
-#define NID_id_cmc              263
-#define OBJ_id_cmc              OBJ_id_pkix,7L
-
-#define SN_id_on                "id-on"
-#define NID_id_on               264
-#define OBJ_id_on               OBJ_id_pkix,8L
-
-#define SN_id_pda               "id-pda"
-#define NID_id_pda              265
-#define OBJ_id_pda              OBJ_id_pkix,9L
-
-#define SN_id_aca               "id-aca"
-#define NID_id_aca              266
-#define OBJ_id_aca              OBJ_id_pkix,10L
-
-#define SN_id_qcs               "id-qcs"
-#define NID_id_qcs              267
-#define OBJ_id_qcs              OBJ_id_pkix,11L
-
-#define SN_id_cct               "id-cct"
-#define NID_id_cct              268
-#define OBJ_id_cct              OBJ_id_pkix,12L
-
-#define SN_id_ppl               "id-ppl"
-#define NID_id_ppl              662
-#define OBJ_id_ppl              OBJ_id_pkix,21L
-
-#define SN_id_ad                "id-ad"
-#define NID_id_ad               176
-#define OBJ_id_ad               OBJ_id_pkix,48L
-
-#define SN_id_pkix1_explicit_88         "id-pkix1-explicit-88"
-#define NID_id_pkix1_explicit_88                269
-#define OBJ_id_pkix1_explicit_88                OBJ_id_pkix_mod,1L
-
-#define SN_id_pkix1_implicit_88         "id-pkix1-implicit-88"
-#define NID_id_pkix1_implicit_88                270
-#define OBJ_id_pkix1_implicit_88                OBJ_id_pkix_mod,2L
-
-#define SN_id_pkix1_explicit_93         "id-pkix1-explicit-93"
-#define NID_id_pkix1_explicit_93                271
-#define OBJ_id_pkix1_explicit_93                OBJ_id_pkix_mod,3L
-
-#define SN_id_pkix1_implicit_93         "id-pkix1-implicit-93"
-#define NID_id_pkix1_implicit_93                272
-#define OBJ_id_pkix1_implicit_93                OBJ_id_pkix_mod,4L
-
-#define SN_id_mod_crmf          "id-mod-crmf"
-#define NID_id_mod_crmf         273
-#define OBJ_id_mod_crmf         OBJ_id_pkix_mod,5L
-
-#define SN_id_mod_cmc           "id-mod-cmc"
-#define NID_id_mod_cmc          274
-#define OBJ_id_mod_cmc          OBJ_id_pkix_mod,6L
-
-#define SN_id_mod_kea_profile_88                "id-mod-kea-profile-88"
-#define NID_id_mod_kea_profile_88               275
-#define OBJ_id_mod_kea_profile_88               OBJ_id_pkix_mod,7L
-
-#define SN_id_mod_kea_profile_93                "id-mod-kea-profile-93"
-#define NID_id_mod_kea_profile_93               276
-#define OBJ_id_mod_kea_profile_93               OBJ_id_pkix_mod,8L
-
-#define SN_id_mod_cmp           "id-mod-cmp"
-#define NID_id_mod_cmp          277
-#define OBJ_id_mod_cmp          OBJ_id_pkix_mod,9L
-
-#define SN_id_mod_qualified_cert_88             "id-mod-qualified-cert-88"
-#define NID_id_mod_qualified_cert_88            278
-#define OBJ_id_mod_qualified_cert_88            OBJ_id_pkix_mod,10L
-
-#define SN_id_mod_qualified_cert_93             "id-mod-qualified-cert-93"
-#define NID_id_mod_qualified_cert_93            279
-#define OBJ_id_mod_qualified_cert_93            OBJ_id_pkix_mod,11L
-
-#define SN_id_mod_attribute_cert                "id-mod-attribute-cert"
-#define NID_id_mod_attribute_cert               280
-#define OBJ_id_mod_attribute_cert               OBJ_id_pkix_mod,12L
-
-#define SN_id_mod_timestamp_protocol            "id-mod-timestamp-protocol"
-#define NID_id_mod_timestamp_protocol           281
-#define OBJ_id_mod_timestamp_protocol           OBJ_id_pkix_mod,13L
-
-#define SN_id_mod_ocsp          "id-mod-ocsp"
-#define NID_id_mod_ocsp         282
-#define OBJ_id_mod_ocsp         OBJ_id_pkix_mod,14L
-
-#define SN_id_mod_dvcs          "id-mod-dvcs"
-#define NID_id_mod_dvcs         283
-#define OBJ_id_mod_dvcs         OBJ_id_pkix_mod,15L
-
-#define SN_id_mod_cmp2000               "id-mod-cmp2000"
-#define NID_id_mod_cmp2000              284
-#define OBJ_id_mod_cmp2000              OBJ_id_pkix_mod,16L
-
-#define SN_info_access          "authorityInfoAccess"
-#define LN_info_access          "Authority Information Access"
-#define NID_info_access         177
-#define OBJ_info_access         OBJ_id_pe,1L
-
-#define SN_biometricInfo                "biometricInfo"
-#define LN_biometricInfo                "Biometric Info"
-#define NID_biometricInfo               285
-#define OBJ_biometricInfo               OBJ_id_pe,2L
-
-#define SN_qcStatements         "qcStatements"
-#define NID_qcStatements                286
-#define OBJ_qcStatements                OBJ_id_pe,3L
-
-#define SN_ac_auditEntity               "ac-auditEntity"
-#define NID_ac_auditEntity              287
-#define OBJ_ac_auditEntity              OBJ_id_pe,4L
-
-#define SN_ac_targeting         "ac-targeting"
-#define NID_ac_targeting                288
-#define OBJ_ac_targeting                OBJ_id_pe,5L
-
-#define SN_aaControls           "aaControls"
-#define NID_aaControls          289
-#define OBJ_aaControls          OBJ_id_pe,6L
-
-#define SN_sbgp_ipAddrBlock             "sbgp-ipAddrBlock"
-#define NID_sbgp_ipAddrBlock            290
-#define OBJ_sbgp_ipAddrBlock            OBJ_id_pe,7L
-
-#define SN_sbgp_autonomousSysNum                "sbgp-autonomousSysNum"
-#define NID_sbgp_autonomousSysNum               291
-#define OBJ_sbgp_autonomousSysNum               OBJ_id_pe,8L
-
-#define SN_sbgp_routerIdentifier                "sbgp-routerIdentifier"
-#define NID_sbgp_routerIdentifier               292
-#define OBJ_sbgp_routerIdentifier               OBJ_id_pe,9L
-
-#define SN_ac_proxying          "ac-proxying"
-#define NID_ac_proxying         397
-#define OBJ_ac_proxying         OBJ_id_pe,10L
-
-#define SN_sinfo_access         "subjectInfoAccess"
-#define LN_sinfo_access         "Subject Information Access"
-#define NID_sinfo_access                398
-#define OBJ_sinfo_access                OBJ_id_pe,11L
-
-#define SN_proxyCertInfo                "proxyCertInfo"
-#define LN_proxyCertInfo                "Proxy Certificate Information"
-#define NID_proxyCertInfo               663
-#define OBJ_proxyCertInfo               OBJ_id_pe,14L
-
-#define SN_id_qt_cps            "id-qt-cps"
-#define LN_id_qt_cps            "Policy Qualifier CPS"
-#define NID_id_qt_cps           164
-#define OBJ_id_qt_cps           OBJ_id_qt,1L
-
-#define SN_id_qt_unotice                "id-qt-unotice"
-#define LN_id_qt_unotice                "Policy Qualifier User Notice"
-#define NID_id_qt_unotice               165
-#define OBJ_id_qt_unotice               OBJ_id_qt,2L
-
-#define SN_textNotice           "textNotice"
-#define NID_textNotice          293
-#define OBJ_textNotice          OBJ_id_qt,3L
-
-#define SN_server_auth          "serverAuth"
-#define LN_server_auth          "TLS Web Server Authentication"
-#define NID_server_auth         129
-#define OBJ_server_auth         OBJ_id_kp,1L
-
-#define SN_client_auth          "clientAuth"
-#define LN_client_auth          "TLS Web Client Authentication"
-#define NID_client_auth         130
-#define OBJ_client_auth         OBJ_id_kp,2L
-
-#define SN_code_sign            "codeSigning"
-#define LN_code_sign            "Code Signing"
-#define NID_code_sign           131
-#define OBJ_code_sign           OBJ_id_kp,3L
-
-#define SN_email_protect                "emailProtection"
-#define LN_email_protect                "E-mail Protection"
-#define NID_email_protect               132
-#define OBJ_email_protect               OBJ_id_kp,4L
-
-#define SN_ipsecEndSystem               "ipsecEndSystem"
-#define LN_ipsecEndSystem               "IPSec End System"
-#define NID_ipsecEndSystem              294
-#define OBJ_ipsecEndSystem              OBJ_id_kp,5L
-
-#define SN_ipsecTunnel          "ipsecTunnel"
-#define LN_ipsecTunnel          "IPSec Tunnel"
-#define NID_ipsecTunnel         295
-#define OBJ_ipsecTunnel         OBJ_id_kp,6L
-
-#define SN_ipsecUser            "ipsecUser"
-#define LN_ipsecUser            "IPSec User"
-#define NID_ipsecUser           296
-#define OBJ_ipsecUser           OBJ_id_kp,7L
-
-#define SN_time_stamp           "timeStamping"
-#define LN_time_stamp           "Time Stamping"
-#define NID_time_stamp          133
-#define OBJ_time_stamp          OBJ_id_kp,8L
-
-#define SN_OCSP_sign            "OCSPSigning"
-#define LN_OCSP_sign            "OCSP Signing"
-#define NID_OCSP_sign           180
-#define OBJ_OCSP_sign           OBJ_id_kp,9L
-
-#define SN_dvcs         "DVCS"
-#define LN_dvcs         "dvcs"
-#define NID_dvcs                297
-#define OBJ_dvcs                OBJ_id_kp,10L
-
-#define SN_id_it_caProtEncCert          "id-it-caProtEncCert"
-#define NID_id_it_caProtEncCert         298
-#define OBJ_id_it_caProtEncCert         OBJ_id_it,1L
-
-#define SN_id_it_signKeyPairTypes               "id-it-signKeyPairTypes"
-#define NID_id_it_signKeyPairTypes              299
-#define OBJ_id_it_signKeyPairTypes              OBJ_id_it,2L
-
-#define SN_id_it_encKeyPairTypes                "id-it-encKeyPairTypes"
-#define NID_id_it_encKeyPairTypes               300
-#define OBJ_id_it_encKeyPairTypes               OBJ_id_it,3L
-
-#define SN_id_it_preferredSymmAlg               "id-it-preferredSymmAlg"
-#define NID_id_it_preferredSymmAlg              301
-#define OBJ_id_it_preferredSymmAlg              OBJ_id_it,4L
-
-#define SN_id_it_caKeyUpdateInfo                "id-it-caKeyUpdateInfo"
-#define NID_id_it_caKeyUpdateInfo               302
-#define OBJ_id_it_caKeyUpdateInfo               OBJ_id_it,5L
-
-#define SN_id_it_currentCRL             "id-it-currentCRL"
-#define NID_id_it_currentCRL            303
-#define OBJ_id_it_currentCRL            OBJ_id_it,6L
-
-#define SN_id_it_unsupportedOIDs                "id-it-unsupportedOIDs"
-#define NID_id_it_unsupportedOIDs               304
-#define OBJ_id_it_unsupportedOIDs               OBJ_id_it,7L
-
-#define SN_id_it_subscriptionRequest            "id-it-subscriptionRequest"
-#define NID_id_it_subscriptionRequest           305
-#define OBJ_id_it_subscriptionRequest           OBJ_id_it,8L
-
-#define SN_id_it_subscriptionResponse           "id-it-subscriptionResponse"
-#define NID_id_it_subscriptionResponse          306
-#define OBJ_id_it_subscriptionResponse          OBJ_id_it,9L
-
-#define SN_id_it_keyPairParamReq                "id-it-keyPairParamReq"
-#define NID_id_it_keyPairParamReq               307
-#define OBJ_id_it_keyPairParamReq               OBJ_id_it,10L
-
-#define SN_id_it_keyPairParamRep                "id-it-keyPairParamRep"
-#define NID_id_it_keyPairParamRep               308
-#define OBJ_id_it_keyPairParamRep               OBJ_id_it,11L
-
-#define SN_id_it_revPassphrase          "id-it-revPassphrase"
-#define NID_id_it_revPassphrase         309
-#define OBJ_id_it_revPassphrase         OBJ_id_it,12L
-
-#define SN_id_it_implicitConfirm                "id-it-implicitConfirm"
-#define NID_id_it_implicitConfirm               310
-#define OBJ_id_it_implicitConfirm               OBJ_id_it,13L
-
-#define SN_id_it_confirmWaitTime                "id-it-confirmWaitTime"
-#define NID_id_it_confirmWaitTime               311
-#define OBJ_id_it_confirmWaitTime               OBJ_id_it,14L
-
-#define SN_id_it_origPKIMessage         "id-it-origPKIMessage"
-#define NID_id_it_origPKIMessage                312
-#define OBJ_id_it_origPKIMessage                OBJ_id_it,15L
-
-#define SN_id_it_suppLangTags           "id-it-suppLangTags"
-#define NID_id_it_suppLangTags          784
-#define OBJ_id_it_suppLangTags          OBJ_id_it,16L
-
-#define SN_id_regCtrl           "id-regCtrl"
-#define NID_id_regCtrl          313
-#define OBJ_id_regCtrl          OBJ_id_pkip,1L
-
-#define SN_id_regInfo           "id-regInfo"
-#define NID_id_regInfo          314
-#define OBJ_id_regInfo          OBJ_id_pkip,2L
-
-#define SN_id_regCtrl_regToken          "id-regCtrl-regToken"
-#define NID_id_regCtrl_regToken         315
-#define OBJ_id_regCtrl_regToken         OBJ_id_regCtrl,1L
-
-#define SN_id_regCtrl_authenticator             "id-regCtrl-authenticator"
-#define NID_id_regCtrl_authenticator            316
-#define OBJ_id_regCtrl_authenticator            OBJ_id_regCtrl,2L
-
-#define SN_id_regCtrl_pkiPublicationInfo                "id-regCtrl-pkiPublicationInfo"
-#define NID_id_regCtrl_pkiPublicationInfo               317
-#define OBJ_id_regCtrl_pkiPublicationInfo               OBJ_id_regCtrl,3L
-
-#define SN_id_regCtrl_pkiArchiveOptions         "id-regCtrl-pkiArchiveOptions"
-#define NID_id_regCtrl_pkiArchiveOptions                318
-#define OBJ_id_regCtrl_pkiArchiveOptions                OBJ_id_regCtrl,4L
-
-#define SN_id_regCtrl_oldCertID         "id-regCtrl-oldCertID"
-#define NID_id_regCtrl_oldCertID                319
-#define OBJ_id_regCtrl_oldCertID                OBJ_id_regCtrl,5L
-
-#define SN_id_regCtrl_protocolEncrKey           "id-regCtrl-protocolEncrKey"
-#define NID_id_regCtrl_protocolEncrKey          320
-#define OBJ_id_regCtrl_protocolEncrKey          OBJ_id_regCtrl,6L
-
-#define SN_id_regInfo_utf8Pairs         "id-regInfo-utf8Pairs"
-#define NID_id_regInfo_utf8Pairs                321
-#define OBJ_id_regInfo_utf8Pairs                OBJ_id_regInfo,1L
-
-#define SN_id_regInfo_certReq           "id-regInfo-certReq"
-#define NID_id_regInfo_certReq          322
-#define OBJ_id_regInfo_certReq          OBJ_id_regInfo,2L
-
-#define SN_id_alg_des40         "id-alg-des40"
-#define NID_id_alg_des40                323
-#define OBJ_id_alg_des40                OBJ_id_alg,1L
-
-#define SN_id_alg_noSignature           "id-alg-noSignature"
-#define NID_id_alg_noSignature          324
-#define OBJ_id_alg_noSignature          OBJ_id_alg,2L
-
-#define SN_id_alg_dh_sig_hmac_sha1              "id-alg-dh-sig-hmac-sha1"
-#define NID_id_alg_dh_sig_hmac_sha1             325
-#define OBJ_id_alg_dh_sig_hmac_sha1             OBJ_id_alg,3L
-
-#define SN_id_alg_dh_pop                "id-alg-dh-pop"
-#define NID_id_alg_dh_pop               326
-#define OBJ_id_alg_dh_pop               OBJ_id_alg,4L
-
-#define SN_id_cmc_statusInfo            "id-cmc-statusInfo"
-#define NID_id_cmc_statusInfo           327
-#define OBJ_id_cmc_statusInfo           OBJ_id_cmc,1L
-
-#define SN_id_cmc_identification                "id-cmc-identification"
-#define NID_id_cmc_identification               328
-#define OBJ_id_cmc_identification               OBJ_id_cmc,2L
-
-#define SN_id_cmc_identityProof         "id-cmc-identityProof"
-#define NID_id_cmc_identityProof                329
-#define OBJ_id_cmc_identityProof                OBJ_id_cmc,3L
-
-#define SN_id_cmc_dataReturn            "id-cmc-dataReturn"
-#define NID_id_cmc_dataReturn           330
-#define OBJ_id_cmc_dataReturn           OBJ_id_cmc,4L
-
-#define SN_id_cmc_transactionId         "id-cmc-transactionId"
-#define NID_id_cmc_transactionId                331
-#define OBJ_id_cmc_transactionId                OBJ_id_cmc,5L
-
-#define SN_id_cmc_senderNonce           "id-cmc-senderNonce"
-#define NID_id_cmc_senderNonce          332
-#define OBJ_id_cmc_senderNonce          OBJ_id_cmc,6L
-
-#define SN_id_cmc_recipientNonce                "id-cmc-recipientNonce"
-#define NID_id_cmc_recipientNonce               333
-#define OBJ_id_cmc_recipientNonce               OBJ_id_cmc,7L
-
-#define SN_id_cmc_addExtensions         "id-cmc-addExtensions"
-#define NID_id_cmc_addExtensions                334
-#define OBJ_id_cmc_addExtensions                OBJ_id_cmc,8L
-
-#define SN_id_cmc_encryptedPOP          "id-cmc-encryptedPOP"
-#define NID_id_cmc_encryptedPOP         335
-#define OBJ_id_cmc_encryptedPOP         OBJ_id_cmc,9L
-
-#define SN_id_cmc_decryptedPOP          "id-cmc-decryptedPOP"
-#define NID_id_cmc_decryptedPOP         336
-#define OBJ_id_cmc_decryptedPOP         OBJ_id_cmc,10L
-
-#define SN_id_cmc_lraPOPWitness         "id-cmc-lraPOPWitness"
-#define NID_id_cmc_lraPOPWitness                337
-#define OBJ_id_cmc_lraPOPWitness                OBJ_id_cmc,11L
-
-#define SN_id_cmc_getCert               "id-cmc-getCert"
-#define NID_id_cmc_getCert              338
-#define OBJ_id_cmc_getCert              OBJ_id_cmc,15L
-
-#define SN_id_cmc_getCRL                "id-cmc-getCRL"
-#define NID_id_cmc_getCRL               339
-#define OBJ_id_cmc_getCRL               OBJ_id_cmc,16L
-
-#define SN_id_cmc_revokeRequest         "id-cmc-revokeRequest"
-#define NID_id_cmc_revokeRequest                340
-#define OBJ_id_cmc_revokeRequest                OBJ_id_cmc,17L
-
-#define SN_id_cmc_regInfo               "id-cmc-regInfo"
-#define NID_id_cmc_regInfo              341
-#define OBJ_id_cmc_regInfo              OBJ_id_cmc,18L
-
-#define SN_id_cmc_responseInfo          "id-cmc-responseInfo"
-#define NID_id_cmc_responseInfo         342
-#define OBJ_id_cmc_responseInfo         OBJ_id_cmc,19L
-
-#define SN_id_cmc_queryPending          "id-cmc-queryPending"
-#define NID_id_cmc_queryPending         343
-#define OBJ_id_cmc_queryPending         OBJ_id_cmc,21L
-
-#define SN_id_cmc_popLinkRandom         "id-cmc-popLinkRandom"
-#define NID_id_cmc_popLinkRandom                344
-#define OBJ_id_cmc_popLinkRandom                OBJ_id_cmc,22L
-
-#define SN_id_cmc_popLinkWitness                "id-cmc-popLinkWitness"
-#define NID_id_cmc_popLinkWitness               345
-#define OBJ_id_cmc_popLinkWitness               OBJ_id_cmc,23L
-
-#define SN_id_cmc_confirmCertAcceptance         "id-cmc-confirmCertAcceptance"
-#define NID_id_cmc_confirmCertAcceptance                346
-#define OBJ_id_cmc_confirmCertAcceptance                OBJ_id_cmc,24L
-
-#define SN_id_on_personalData           "id-on-personalData"
-#define NID_id_on_personalData          347
-#define OBJ_id_on_personalData          OBJ_id_on,1L
-
-#define SN_id_on_permanentIdentifier            "id-on-permanentIdentifier"
-#define LN_id_on_permanentIdentifier            "Permanent Identifier"
-#define NID_id_on_permanentIdentifier           858
-#define OBJ_id_on_permanentIdentifier           OBJ_id_on,3L
-
-#define SN_id_pda_dateOfBirth           "id-pda-dateOfBirth"
-#define NID_id_pda_dateOfBirth          348
-#define OBJ_id_pda_dateOfBirth          OBJ_id_pda,1L
-
-#define SN_id_pda_placeOfBirth          "id-pda-placeOfBirth"
-#define NID_id_pda_placeOfBirth         349
-#define OBJ_id_pda_placeOfBirth         OBJ_id_pda,2L
-
-#define SN_id_pda_gender                "id-pda-gender"
-#define NID_id_pda_gender               351
-#define OBJ_id_pda_gender               OBJ_id_pda,3L
-
-#define SN_id_pda_countryOfCitizenship          "id-pda-countryOfCitizenship"
-#define NID_id_pda_countryOfCitizenship         352
-#define OBJ_id_pda_countryOfCitizenship         OBJ_id_pda,4L
-
-#define SN_id_pda_countryOfResidence            "id-pda-countryOfResidence"
-#define NID_id_pda_countryOfResidence           353
-#define OBJ_id_pda_countryOfResidence           OBJ_id_pda,5L
-
-#define SN_id_aca_authenticationInfo            "id-aca-authenticationInfo"
-#define NID_id_aca_authenticationInfo           354
-#define OBJ_id_aca_authenticationInfo           OBJ_id_aca,1L
-
-#define SN_id_aca_accessIdentity                "id-aca-accessIdentity"
-#define NID_id_aca_accessIdentity               355
-#define OBJ_id_aca_accessIdentity               OBJ_id_aca,2L
-
-#define SN_id_aca_chargingIdentity              "id-aca-chargingIdentity"
-#define NID_id_aca_chargingIdentity             356
-#define OBJ_id_aca_chargingIdentity             OBJ_id_aca,3L
-
-#define SN_id_aca_group         "id-aca-group"
-#define NID_id_aca_group                357
-#define OBJ_id_aca_group                OBJ_id_aca,4L
-
-#define SN_id_aca_role          "id-aca-role"
-#define NID_id_aca_role         358
-#define OBJ_id_aca_role         OBJ_id_aca,5L
-
-#define SN_id_aca_encAttrs              "id-aca-encAttrs"
-#define NID_id_aca_encAttrs             399
-#define OBJ_id_aca_encAttrs             OBJ_id_aca,6L
-
-#define SN_id_qcs_pkixQCSyntax_v1               "id-qcs-pkixQCSyntax-v1"
-#define NID_id_qcs_pkixQCSyntax_v1              359
-#define OBJ_id_qcs_pkixQCSyntax_v1              OBJ_id_qcs,1L
-
-#define SN_id_cct_crs           "id-cct-crs"
-#define NID_id_cct_crs          360
-#define OBJ_id_cct_crs          OBJ_id_cct,1L
-
-#define SN_id_cct_PKIData               "id-cct-PKIData"
-#define NID_id_cct_PKIData              361
-#define OBJ_id_cct_PKIData              OBJ_id_cct,2L
-
-#define SN_id_cct_PKIResponse           "id-cct-PKIResponse"
-#define NID_id_cct_PKIResponse          362
-#define OBJ_id_cct_PKIResponse          OBJ_id_cct,3L
-
-#define SN_id_ppl_anyLanguage           "id-ppl-anyLanguage"
-#define LN_id_ppl_anyLanguage           "Any language"
-#define NID_id_ppl_anyLanguage          664
-#define OBJ_id_ppl_anyLanguage          OBJ_id_ppl,0L
-
-#define SN_id_ppl_inheritAll            "id-ppl-inheritAll"
-#define LN_id_ppl_inheritAll            "Inherit all"
-#define NID_id_ppl_inheritAll           665
-#define OBJ_id_ppl_inheritAll           OBJ_id_ppl,1L
-
-#define SN_Independent          "id-ppl-independent"
-#define LN_Independent          "Independent"
-#define NID_Independent         667
-#define OBJ_Independent         OBJ_id_ppl,2L
-
-#define SN_ad_OCSP              "OCSP"
-#define LN_ad_OCSP              "OCSP"
-#define NID_ad_OCSP             178
-#define OBJ_ad_OCSP             OBJ_id_ad,1L
-
-#define SN_ad_ca_issuers                "caIssuers"
-#define LN_ad_ca_issuers                "CA Issuers"
-#define NID_ad_ca_issuers               179
-#define OBJ_ad_ca_issuers               OBJ_id_ad,2L
-
-#define SN_ad_timeStamping              "ad_timestamping"
-#define LN_ad_timeStamping              "AD Time Stamping"
-#define NID_ad_timeStamping             363
-#define OBJ_ad_timeStamping             OBJ_id_ad,3L
-
-#define SN_ad_dvcs              "AD_DVCS"
-#define LN_ad_dvcs              "ad dvcs"
-#define NID_ad_dvcs             364
-#define OBJ_ad_dvcs             OBJ_id_ad,4L
-
-#define SN_caRepository         "caRepository"
-#define LN_caRepository         "CA Repository"
-#define NID_caRepository                785
-#define OBJ_caRepository                OBJ_id_ad,5L
-
-#define OBJ_id_pkix_OCSP                OBJ_ad_OCSP
-
-#define SN_id_pkix_OCSP_basic           "basicOCSPResponse"
-#define LN_id_pkix_OCSP_basic           "Basic OCSP Response"
-#define NID_id_pkix_OCSP_basic          365
-#define OBJ_id_pkix_OCSP_basic          OBJ_id_pkix_OCSP,1L
-
-#define SN_id_pkix_OCSP_Nonce           "Nonce"
-#define LN_id_pkix_OCSP_Nonce           "OCSP Nonce"
-#define NID_id_pkix_OCSP_Nonce          366
-#define OBJ_id_pkix_OCSP_Nonce          OBJ_id_pkix_OCSP,2L
-
-#define SN_id_pkix_OCSP_CrlID           "CrlID"
-#define LN_id_pkix_OCSP_CrlID           "OCSP CRL ID"
-#define NID_id_pkix_OCSP_CrlID          367
-#define OBJ_id_pkix_OCSP_CrlID          OBJ_id_pkix_OCSP,3L
-
-#define SN_id_pkix_OCSP_acceptableResponses             "acceptableResponses"
-#define LN_id_pkix_OCSP_acceptableResponses             "Acceptable OCSP Responses"
-#define NID_id_pkix_OCSP_acceptableResponses            368
-#define OBJ_id_pkix_OCSP_acceptableResponses            OBJ_id_pkix_OCSP,4L
-
-#define SN_id_pkix_OCSP_noCheck         "noCheck"
-#define LN_id_pkix_OCSP_noCheck         "OCSP No Check"
-#define NID_id_pkix_OCSP_noCheck                369
-#define OBJ_id_pkix_OCSP_noCheck                OBJ_id_pkix_OCSP,5L
-
-#define SN_id_pkix_OCSP_archiveCutoff           "archiveCutoff"
-#define LN_id_pkix_OCSP_archiveCutoff           "OCSP Archive Cutoff"
-#define NID_id_pkix_OCSP_archiveCutoff          370
-#define OBJ_id_pkix_OCSP_archiveCutoff          OBJ_id_pkix_OCSP,6L
-
-#define SN_id_pkix_OCSP_serviceLocator          "serviceLocator"
-#define LN_id_pkix_OCSP_serviceLocator          "OCSP Service Locator"
-#define NID_id_pkix_OCSP_serviceLocator         371
-#define OBJ_id_pkix_OCSP_serviceLocator         OBJ_id_pkix_OCSP,7L
-
-#define SN_id_pkix_OCSP_extendedStatus          "extendedStatus"
-#define LN_id_pkix_OCSP_extendedStatus          "Extended OCSP Status"
-#define NID_id_pkix_OCSP_extendedStatus         372
-#define OBJ_id_pkix_OCSP_extendedStatus         OBJ_id_pkix_OCSP,8L
-
-#define SN_id_pkix_OCSP_valid           "valid"
-#define NID_id_pkix_OCSP_valid          373
-#define OBJ_id_pkix_OCSP_valid          OBJ_id_pkix_OCSP,9L
-
-#define SN_id_pkix_OCSP_path            "path"
-#define NID_id_pkix_OCSP_path           374
-#define OBJ_id_pkix_OCSP_path           OBJ_id_pkix_OCSP,10L
-
-#define SN_id_pkix_OCSP_trustRoot               "trustRoot"
-#define LN_id_pkix_OCSP_trustRoot               "Trust Root"
-#define NID_id_pkix_OCSP_trustRoot              375
-#define OBJ_id_pkix_OCSP_trustRoot              OBJ_id_pkix_OCSP,11L
-
-#define SN_algorithm            "algorithm"
-#define LN_algorithm            "algorithm"
-#define NID_algorithm           376
-#define OBJ_algorithm           1L,3L,14L,3L,2L
-
-#define SN_md5WithRSA           "RSA-NP-MD5"
-#define LN_md5WithRSA           "md5WithRSA"
-#define NID_md5WithRSA          104
-#define OBJ_md5WithRSA          OBJ_algorithm,3L
-
-#define SN_des_ecb              "DES-ECB"
-#define LN_des_ecb              "des-ecb"
-#define NID_des_ecb             29
-#define OBJ_des_ecb             OBJ_algorithm,6L
-
-#define SN_des_cbc              "DES-CBC"
-#define LN_des_cbc              "des-cbc"
-#define NID_des_cbc             31
-#define OBJ_des_cbc             OBJ_algorithm,7L
-
-#define SN_des_ofb64            "DES-OFB"
-#define LN_des_ofb64            "des-ofb"
-#define NID_des_ofb64           45
-#define OBJ_des_ofb64           OBJ_algorithm,8L
-
-#define SN_des_cfb64            "DES-CFB"
-#define LN_des_cfb64            "des-cfb"
-#define NID_des_cfb64           30
-#define OBJ_des_cfb64           OBJ_algorithm,9L
-
-#define SN_rsaSignature         "rsaSignature"
-#define NID_rsaSignature                377
-#define OBJ_rsaSignature                OBJ_algorithm,11L
-
-#define SN_dsa_2                "DSA-old"
-#define LN_dsa_2                "dsaEncryption-old"
-#define NID_dsa_2               67
-#define OBJ_dsa_2               OBJ_algorithm,12L
-
-#define SN_dsaWithSHA           "DSA-SHA"
-#define LN_dsaWithSHA           "dsaWithSHA"
-#define NID_dsaWithSHA          66
-#define OBJ_dsaWithSHA          OBJ_algorithm,13L
-
-#define SN_shaWithRSAEncryption         "RSA-SHA"
-#define LN_shaWithRSAEncryption         "shaWithRSAEncryption"
-#define NID_shaWithRSAEncryption                42
-#define OBJ_shaWithRSAEncryption                OBJ_algorithm,15L
-
-#define SN_des_ede_ecb          "DES-EDE"
-#define LN_des_ede_ecb          "des-ede"
-#define NID_des_ede_ecb         32
-#define OBJ_des_ede_ecb         OBJ_algorithm,17L
-
-#define SN_des_ede3_ecb         "DES-EDE3"
-#define LN_des_ede3_ecb         "des-ede3"
-#define NID_des_ede3_ecb                33
-
-#define SN_des_ede_cbc          "DES-EDE-CBC"
-#define LN_des_ede_cbc          "des-ede-cbc"
-#define NID_des_ede_cbc         43
-
-#define SN_des_ede_cfb64                "DES-EDE-CFB"
-#define LN_des_ede_cfb64                "des-ede-cfb"
-#define NID_des_ede_cfb64               60
-
-#define SN_des_ede3_cfb64               "DES-EDE3-CFB"
-#define LN_des_ede3_cfb64               "des-ede3-cfb"
-#define NID_des_ede3_cfb64              61
-
-#define SN_des_ede_ofb64                "DES-EDE-OFB"
-#define LN_des_ede_ofb64                "des-ede-ofb"
-#define NID_des_ede_ofb64               62
-
-#define SN_des_ede3_ofb64               "DES-EDE3-OFB"
-#define LN_des_ede3_ofb64               "des-ede3-ofb"
-#define NID_des_ede3_ofb64              63
-
-#define SN_desx_cbc             "DESX-CBC"
-#define LN_desx_cbc             "desx-cbc"
-#define NID_desx_cbc            80
-
-#define SN_sha          "SHA"
-#define LN_sha          "sha"
-#define NID_sha         41
-#define OBJ_sha         OBJ_algorithm,18L
-
-#define SN_sha1         "SHA1"
-#define LN_sha1         "sha1"
-#define NID_sha1                64
-#define OBJ_sha1                OBJ_algorithm,26L
-
-#define SN_dsaWithSHA1_2                "DSA-SHA1-old"
-#define LN_dsaWithSHA1_2                "dsaWithSHA1-old"
-#define NID_dsaWithSHA1_2               70
-#define OBJ_dsaWithSHA1_2               OBJ_algorithm,27L
-
-#define SN_sha1WithRSA          "RSA-SHA1-2"
-#define LN_sha1WithRSA          "sha1WithRSA"
-#define NID_sha1WithRSA         115
-#define OBJ_sha1WithRSA         OBJ_algorithm,29L
-
-#define SN_ripemd160            "RIPEMD160"
-#define LN_ripemd160            "ripemd160"
-#define NID_ripemd160           117
-#define OBJ_ripemd160           1L,3L,36L,3L,2L,1L
-
-#define SN_ripemd160WithRSA             "RSA-RIPEMD160"
-#define LN_ripemd160WithRSA             "ripemd160WithRSA"
-#define NID_ripemd160WithRSA            119
-#define OBJ_ripemd160WithRSA            1L,3L,36L,3L,3L,1L,2L
-
-#define SN_sxnet                "SXNetID"
-#define LN_sxnet                "Strong Extranet ID"
-#define NID_sxnet               143
-#define OBJ_sxnet               1L,3L,101L,1L,4L,1L
-
-#define SN_X500         "X500"
-#define LN_X500         "directory services (X.500)"
-#define NID_X500                11
-#define OBJ_X500                2L,5L
-
-#define SN_X509         "X509"
-#define NID_X509                12
-#define OBJ_X509                OBJ_X500,4L
-
-#define SN_commonName           "CN"
-#define LN_commonName           "commonName"
-#define NID_commonName          13
-#define OBJ_commonName          OBJ_X509,3L
-
-#define SN_surname              "SN"
-#define LN_surname              "surname"
-#define NID_surname             100
-#define OBJ_surname             OBJ_X509,4L
-
-#define LN_serialNumber         "serialNumber"
-#define NID_serialNumber                105
-#define OBJ_serialNumber                OBJ_X509,5L
-
-#define SN_countryName          "C"
-#define LN_countryName          "countryName"
-#define NID_countryName         14
-#define OBJ_countryName         OBJ_X509,6L
-
-#define SN_localityName         "L"
-#define LN_localityName         "localityName"
-#define NID_localityName                15
-#define OBJ_localityName                OBJ_X509,7L
-
-#define SN_stateOrProvinceName          "ST"
-#define LN_stateOrProvinceName          "stateOrProvinceName"
-#define NID_stateOrProvinceName         16
-#define OBJ_stateOrProvinceName         OBJ_X509,8L
-
-#define SN_streetAddress                "street"
-#define LN_streetAddress                "streetAddress"
-#define NID_streetAddress               660
-#define OBJ_streetAddress               OBJ_X509,9L
-
-#define SN_organizationName             "O"
-#define LN_organizationName             "organizationName"
-#define NID_organizationName            17
-#define OBJ_organizationName            OBJ_X509,10L
-
-#define SN_organizationalUnitName               "OU"
-#define LN_organizationalUnitName               "organizationalUnitName"
-#define NID_organizationalUnitName              18
-#define OBJ_organizationalUnitName              OBJ_X509,11L
-
-#define SN_title                "title"
-#define LN_title                "title"
-#define NID_title               106
-#define OBJ_title               OBJ_X509,12L
-
-#define LN_description          "description"
-#define NID_description         107
-#define OBJ_description         OBJ_X509,13L
-
-#define LN_searchGuide          "searchGuide"
-#define NID_searchGuide         859
-#define OBJ_searchGuide         OBJ_X509,14L
-
-#define LN_businessCategory             "businessCategory"
-#define NID_businessCategory            860
-#define OBJ_businessCategory            OBJ_X509,15L
-
-#define LN_postalAddress                "postalAddress"
-#define NID_postalAddress               861
-#define OBJ_postalAddress               OBJ_X509,16L
-
-#define LN_postalCode           "postalCode"
-#define NID_postalCode          661
-#define OBJ_postalCode          OBJ_X509,17L
-
-#define LN_postOfficeBox                "postOfficeBox"
-#define NID_postOfficeBox               862
-#define OBJ_postOfficeBox               OBJ_X509,18L
-
-#define LN_physicalDeliveryOfficeName           "physicalDeliveryOfficeName"
-#define NID_physicalDeliveryOfficeName          863
-#define OBJ_physicalDeliveryOfficeName          OBJ_X509,19L
-
-#define LN_telephoneNumber              "telephoneNumber"
-#define NID_telephoneNumber             864
-#define OBJ_telephoneNumber             OBJ_X509,20L
-
-#define LN_telexNumber          "telexNumber"
-#define NID_telexNumber         865
-#define OBJ_telexNumber         OBJ_X509,21L
-
-#define LN_teletexTerminalIdentifier            "teletexTerminalIdentifier"
-#define NID_teletexTerminalIdentifier           866
-#define OBJ_teletexTerminalIdentifier           OBJ_X509,22L
-
-#define LN_facsimileTelephoneNumber             "facsimileTelephoneNumber"
-#define NID_facsimileTelephoneNumber            867
-#define OBJ_facsimileTelephoneNumber            OBJ_X509,23L
-
-#define LN_x121Address          "x121Address"
-#define NID_x121Address         868
-#define OBJ_x121Address         OBJ_X509,24L
-
-#define LN_internationaliSDNNumber              "internationaliSDNNumber"
-#define NID_internationaliSDNNumber             869
-#define OBJ_internationaliSDNNumber             OBJ_X509,25L
-
-#define LN_registeredAddress            "registeredAddress"
-#define NID_registeredAddress           870
-#define OBJ_registeredAddress           OBJ_X509,26L
-
-#define LN_destinationIndicator         "destinationIndicator"
-#define NID_destinationIndicator                871
-#define OBJ_destinationIndicator                OBJ_X509,27L
-
-#define LN_preferredDeliveryMethod              "preferredDeliveryMethod"
-#define NID_preferredDeliveryMethod             872
-#define OBJ_preferredDeliveryMethod             OBJ_X509,28L
-
-#define LN_presentationAddress          "presentationAddress"
-#define NID_presentationAddress         873
-#define OBJ_presentationAddress         OBJ_X509,29L
-
-#define LN_supportedApplicationContext          "supportedApplicationContext"
-#define NID_supportedApplicationContext         874
-#define OBJ_supportedApplicationContext         OBJ_X509,30L
-
-#define SN_member               "member"
-#define NID_member              875
-#define OBJ_member              OBJ_X509,31L
-
-#define SN_owner                "owner"
-#define NID_owner               876
-#define OBJ_owner               OBJ_X509,32L
-
-#define LN_roleOccupant         "roleOccupant"
-#define NID_roleOccupant                877
-#define OBJ_roleOccupant                OBJ_X509,33L
-
-#define SN_seeAlso              "seeAlso"
-#define NID_seeAlso             878
-#define OBJ_seeAlso             OBJ_X509,34L
-
-#define LN_userPassword         "userPassword"
-#define NID_userPassword                879
-#define OBJ_userPassword                OBJ_X509,35L
-
-#define LN_userCertificate              "userCertificate"
-#define NID_userCertificate             880
-#define OBJ_userCertificate             OBJ_X509,36L
-
-#define LN_cACertificate                "cACertificate"
-#define NID_cACertificate               881
-#define OBJ_cACertificate               OBJ_X509,37L
-
-#define LN_authorityRevocationList              "authorityRevocationList"
-#define NID_authorityRevocationList             882
-#define OBJ_authorityRevocationList             OBJ_X509,38L
-
-#define LN_certificateRevocationList            "certificateRevocationList"
-#define NID_certificateRevocationList           883
-#define OBJ_certificateRevocationList           OBJ_X509,39L
-
-#define LN_crossCertificatePair         "crossCertificatePair"
-#define NID_crossCertificatePair                884
-#define OBJ_crossCertificatePair                OBJ_X509,40L
-
-#define SN_name         "name"
-#define LN_name         "name"
-#define NID_name                173
-#define OBJ_name                OBJ_X509,41L
-
-#define SN_givenName            "GN"
-#define LN_givenName            "givenName"
-#define NID_givenName           99
-#define OBJ_givenName           OBJ_X509,42L
-
-#define SN_initials             "initials"
-#define LN_initials             "initials"
-#define NID_initials            101
-#define OBJ_initials            OBJ_X509,43L
-
-#define LN_generationQualifier          "generationQualifier"
-#define NID_generationQualifier         509
-#define OBJ_generationQualifier         OBJ_X509,44L
-
-#define LN_x500UniqueIdentifier         "x500UniqueIdentifier"
-#define NID_x500UniqueIdentifier                503
-#define OBJ_x500UniqueIdentifier                OBJ_X509,45L
-
-#define SN_dnQualifier          "dnQualifier"
-#define LN_dnQualifier          "dnQualifier"
-#define NID_dnQualifier         174
-#define OBJ_dnQualifier         OBJ_X509,46L
-
-#define LN_enhancedSearchGuide          "enhancedSearchGuide"
-#define NID_enhancedSearchGuide         885
-#define OBJ_enhancedSearchGuide         OBJ_X509,47L
-
-#define LN_protocolInformation          "protocolInformation"
-#define NID_protocolInformation         886
-#define OBJ_protocolInformation         OBJ_X509,48L
-
-#define LN_distinguishedName            "distinguishedName"
-#define NID_distinguishedName           887
-#define OBJ_distinguishedName           OBJ_X509,49L
-
-#define LN_uniqueMember         "uniqueMember"
-#define NID_uniqueMember                888
-#define OBJ_uniqueMember                OBJ_X509,50L
-
-#define LN_houseIdentifier              "houseIdentifier"
-#define NID_houseIdentifier             889
-#define OBJ_houseIdentifier             OBJ_X509,51L
-
-#define LN_supportedAlgorithms          "supportedAlgorithms"
-#define NID_supportedAlgorithms         890
-#define OBJ_supportedAlgorithms         OBJ_X509,52L
-
-#define LN_deltaRevocationList          "deltaRevocationList"
-#define NID_deltaRevocationList         891
-#define OBJ_deltaRevocationList         OBJ_X509,53L
-
-#define SN_dmdName              "dmdName"
-#define NID_dmdName             892
-#define OBJ_dmdName             OBJ_X509,54L
-
-#define LN_pseudonym            "pseudonym"
-#define NID_pseudonym           510
-#define OBJ_pseudonym           OBJ_X509,65L
-
-#define SN_role         "role"
-#define LN_role         "role"
-#define NID_role                400
-#define OBJ_role                OBJ_X509,72L
-
-#define SN_X500algorithms               "X500algorithms"
-#define LN_X500algorithms               "directory services - algorithms"
-#define NID_X500algorithms              378
-#define OBJ_X500algorithms              OBJ_X500,8L
-
-#define SN_rsa          "RSA"
-#define LN_rsa          "rsa"
-#define NID_rsa         19
-#define OBJ_rsa         OBJ_X500algorithms,1L,1L
-
-#define SN_mdc2WithRSA          "RSA-MDC2"
-#define LN_mdc2WithRSA          "mdc2WithRSA"
-#define NID_mdc2WithRSA         96
-#define OBJ_mdc2WithRSA         OBJ_X500algorithms,3L,100L
-
-#define SN_mdc2         "MDC2"
-#define LN_mdc2         "mdc2"
-#define NID_mdc2                95
-#define OBJ_mdc2                OBJ_X500algorithms,3L,101L
-
-#define SN_id_ce                "id-ce"
-#define NID_id_ce               81
-#define OBJ_id_ce               OBJ_X500,29L
-
-#define SN_subject_directory_attributes         "subjectDirectoryAttributes"
-#define LN_subject_directory_attributes         "X509v3 Subject Directory Attributes"
-#define NID_subject_directory_attributes                769
-#define OBJ_subject_directory_attributes                OBJ_id_ce,9L
-
-#define SN_subject_key_identifier               "subjectKeyIdentifier"
-#define LN_subject_key_identifier               "X509v3 Subject Key Identifier"
-#define NID_subject_key_identifier              82
-#define OBJ_subject_key_identifier              OBJ_id_ce,14L
-
-#define SN_key_usage            "keyUsage"
-#define LN_key_usage            "X509v3 Key Usage"
-#define NID_key_usage           83
-#define OBJ_key_usage           OBJ_id_ce,15L
-
-#define SN_private_key_usage_period             "privateKeyUsagePeriod"
-#define LN_private_key_usage_period             "X509v3 Private Key Usage Period"
-#define NID_private_key_usage_period            84
-#define OBJ_private_key_usage_period            OBJ_id_ce,16L
-
-#define SN_subject_alt_name             "subjectAltName"
-#define LN_subject_alt_name             "X509v3 Subject Alternative Name"
-#define NID_subject_alt_name            85
-#define OBJ_subject_alt_name            OBJ_id_ce,17L
-
-#define SN_issuer_alt_name              "issuerAltName"
-#define LN_issuer_alt_name              "X509v3 Issuer Alternative Name"
-#define NID_issuer_alt_name             86
-#define OBJ_issuer_alt_name             OBJ_id_ce,18L
-
-#define SN_basic_constraints            "basicConstraints"
-#define LN_basic_constraints            "X509v3 Basic Constraints"
-#define NID_basic_constraints           87
-#define OBJ_basic_constraints           OBJ_id_ce,19L
-
-#define SN_crl_number           "crlNumber"
-#define LN_crl_number           "X509v3 CRL Number"
-#define NID_crl_number          88
-#define OBJ_crl_number          OBJ_id_ce,20L
-
-#define SN_crl_reason           "CRLReason"
-#define LN_crl_reason           "X509v3 CRL Reason Code"
-#define NID_crl_reason          141
-#define OBJ_crl_reason          OBJ_id_ce,21L
-
-#define SN_invalidity_date              "invalidityDate"
-#define LN_invalidity_date              "Invalidity Date"
-#define NID_invalidity_date             142
-#define OBJ_invalidity_date             OBJ_id_ce,24L
-
-#define SN_delta_crl            "deltaCRL"
-#define LN_delta_crl            "X509v3 Delta CRL Indicator"
-#define NID_delta_crl           140
-#define OBJ_delta_crl           OBJ_id_ce,27L
-
-#define SN_issuing_distribution_point           "issuingDistributionPoint"
-#define LN_issuing_distribution_point           "X509v3 Issuing Distrubution Point"
-#define NID_issuing_distribution_point          770
-#define OBJ_issuing_distribution_point          OBJ_id_ce,28L
-
-#define SN_certificate_issuer           "certificateIssuer"
-#define LN_certificate_issuer           "X509v3 Certificate Issuer"
-#define NID_certificate_issuer          771
-#define OBJ_certificate_issuer          OBJ_id_ce,29L
-
-#define SN_name_constraints             "nameConstraints"
-#define LN_name_constraints             "X509v3 Name Constraints"
-#define NID_name_constraints            666
-#define OBJ_name_constraints            OBJ_id_ce,30L
-
-#define SN_crl_distribution_points              "crlDistributionPoints"
-#define LN_crl_distribution_points              "X509v3 CRL Distribution Points"
-#define NID_crl_distribution_points             103
-#define OBJ_crl_distribution_points             OBJ_id_ce,31L
-
-#define SN_certificate_policies         "certificatePolicies"
-#define LN_certificate_policies         "X509v3 Certificate Policies"
-#define NID_certificate_policies                89
-#define OBJ_certificate_policies                OBJ_id_ce,32L
-
-#define SN_any_policy           "anyPolicy"
-#define LN_any_policy           "X509v3 Any Policy"
-#define NID_any_policy          746
-#define OBJ_any_policy          OBJ_certificate_policies,0L
-
-#define SN_policy_mappings              "policyMappings"
-#define LN_policy_mappings              "X509v3 Policy Mappings"
-#define NID_policy_mappings             747
-#define OBJ_policy_mappings             OBJ_id_ce,33L
-
-#define SN_authority_key_identifier             "authorityKeyIdentifier"
-#define LN_authority_key_identifier             "X509v3 Authority Key Identifier"
-#define NID_authority_key_identifier            90
-#define OBJ_authority_key_identifier            OBJ_id_ce,35L
-
-#define SN_policy_constraints           "policyConstraints"
-#define LN_policy_constraints           "X509v3 Policy Constraints"
-#define NID_policy_constraints          401
-#define OBJ_policy_constraints          OBJ_id_ce,36L
-
-#define SN_ext_key_usage                "extendedKeyUsage"
-#define LN_ext_key_usage                "X509v3 Extended Key Usage"
-#define NID_ext_key_usage               126
-#define OBJ_ext_key_usage               OBJ_id_ce,37L
-
-#define SN_freshest_crl         "freshestCRL"
-#define LN_freshest_crl         "X509v3 Freshest CRL"
-#define NID_freshest_crl                857
-#define OBJ_freshest_crl                OBJ_id_ce,46L
-
-#define SN_inhibit_any_policy           "inhibitAnyPolicy"
-#define LN_inhibit_any_policy           "X509v3 Inhibit Any Policy"
-#define NID_inhibit_any_policy          748
-#define OBJ_inhibit_any_policy          OBJ_id_ce,54L
-
-#define SN_target_information           "targetInformation"
-#define LN_target_information           "X509v3 AC Targeting"
-#define NID_target_information          402
-#define OBJ_target_information          OBJ_id_ce,55L
-
-#define SN_no_rev_avail         "noRevAvail"
-#define LN_no_rev_avail         "X509v3 No Revocation Available"
-#define NID_no_rev_avail                403
-#define OBJ_no_rev_avail                OBJ_id_ce,56L
-
-#define SN_anyExtendedKeyUsage          "anyExtendedKeyUsage"
-#define LN_anyExtendedKeyUsage          "Any Extended Key Usage"
-#define NID_anyExtendedKeyUsage         910
-#define OBJ_anyExtendedKeyUsage         OBJ_ext_key_usage,0L
-
-#define SN_netscape             "Netscape"
-#define LN_netscape             "Netscape Communications Corp."
-#define NID_netscape            57
-#define OBJ_netscape            2L,16L,840L,1L,113730L
-
-#define SN_netscape_cert_extension              "nsCertExt"
-#define LN_netscape_cert_extension              "Netscape Certificate Extension"
-#define NID_netscape_cert_extension             58
-#define OBJ_netscape_cert_extension             OBJ_netscape,1L
-
-#define SN_netscape_data_type           "nsDataType"
-#define LN_netscape_data_type           "Netscape Data Type"
-#define NID_netscape_data_type          59
-#define OBJ_netscape_data_type          OBJ_netscape,2L
-
-#define SN_netscape_cert_type           "nsCertType"
-#define LN_netscape_cert_type           "Netscape Cert Type"
-#define NID_netscape_cert_type          71
-#define OBJ_netscape_cert_type          OBJ_netscape_cert_extension,1L
-
-#define SN_netscape_base_url            "nsBaseUrl"
-#define LN_netscape_base_url            "Netscape Base Url"
-#define NID_netscape_base_url           72
-#define OBJ_netscape_base_url           OBJ_netscape_cert_extension,2L
-
-#define SN_netscape_revocation_url              "nsRevocationUrl"
-#define LN_netscape_revocation_url              "Netscape Revocation Url"
-#define NID_netscape_revocation_url             73
-#define OBJ_netscape_revocation_url             OBJ_netscape_cert_extension,3L
-
-#define SN_netscape_ca_revocation_url           "nsCaRevocationUrl"
-#define LN_netscape_ca_revocation_url           "Netscape CA Revocation Url"
-#define NID_netscape_ca_revocation_url          74
-#define OBJ_netscape_ca_revocation_url          OBJ_netscape_cert_extension,4L
-
-#define SN_netscape_renewal_url         "nsRenewalUrl"
-#define LN_netscape_renewal_url         "Netscape Renewal Url"
-#define NID_netscape_renewal_url                75
-#define OBJ_netscape_renewal_url                OBJ_netscape_cert_extension,7L
-
-#define SN_netscape_ca_policy_url               "nsCaPolicyUrl"
-#define LN_netscape_ca_policy_url               "Netscape CA Policy Url"
-#define NID_netscape_ca_policy_url              76
-#define OBJ_netscape_ca_policy_url              OBJ_netscape_cert_extension,8L
-
-#define SN_netscape_ssl_server_name             "nsSslServerName"
-#define LN_netscape_ssl_server_name             "Netscape SSL Server Name"
-#define NID_netscape_ssl_server_name            77
-#define OBJ_netscape_ssl_server_name            OBJ_netscape_cert_extension,12L
-
-#define SN_netscape_comment             "nsComment"
-#define LN_netscape_comment             "Netscape Comment"
-#define NID_netscape_comment            78
-#define OBJ_netscape_comment            OBJ_netscape_cert_extension,13L
-
-#define SN_netscape_cert_sequence               "nsCertSequence"
-#define LN_netscape_cert_sequence               "Netscape Certificate Sequence"
-#define NID_netscape_cert_sequence              79
-#define OBJ_netscape_cert_sequence              OBJ_netscape_data_type,5L
-
-#define SN_ns_sgc               "nsSGC"
-#define LN_ns_sgc               "Netscape Server Gated Crypto"
-#define NID_ns_sgc              139
-#define OBJ_ns_sgc              OBJ_netscape,4L,1L
-
-#define SN_org          "ORG"
-#define LN_org          "org"
-#define NID_org         379
-#define OBJ_org         OBJ_iso,3L
-
-#define SN_dod          "DOD"
-#define LN_dod          "dod"
-#define NID_dod         380
-#define OBJ_dod         OBJ_org,6L
-
-#define SN_iana         "IANA"
-#define LN_iana         "iana"
-#define NID_iana                381
-#define OBJ_iana                OBJ_dod,1L
-
-#define OBJ_internet            OBJ_iana
-
-#define SN_Directory            "directory"
-#define LN_Directory            "Directory"
-#define NID_Directory           382
-#define OBJ_Directory           OBJ_internet,1L
-
-#define SN_Management           "mgmt"
-#define LN_Management           "Management"
-#define NID_Management          383
-#define OBJ_Management          OBJ_internet,2L
-
-#define SN_Experimental         "experimental"
-#define LN_Experimental         "Experimental"
-#define NID_Experimental                384
-#define OBJ_Experimental                OBJ_internet,3L
-
-#define SN_Private              "private"
-#define LN_Private              "Private"
-#define NID_Private             385
-#define OBJ_Private             OBJ_internet,4L
-
-#define SN_Security             "security"
-#define LN_Security             "Security"
-#define NID_Security            386
-#define OBJ_Security            OBJ_internet,5L
-
-#define SN_SNMPv2               "snmpv2"
-#define LN_SNMPv2               "SNMPv2"
-#define NID_SNMPv2              387
-#define OBJ_SNMPv2              OBJ_internet,6L
-
-#define LN_Mail         "Mail"
-#define NID_Mail                388
-#define OBJ_Mail                OBJ_internet,7L
-
-#define SN_Enterprises          "enterprises"
-#define LN_Enterprises          "Enterprises"
-#define NID_Enterprises         389
-#define OBJ_Enterprises         OBJ_Private,1L
-
-#define SN_dcObject             "dcobject"
-#define LN_dcObject             "dcObject"
-#define NID_dcObject            390
-#define OBJ_dcObject            OBJ_Enterprises,1466L,344L
-
-#define SN_mime_mhs             "mime-mhs"
-#define LN_mime_mhs             "MIME MHS"
-#define NID_mime_mhs            504
-#define OBJ_mime_mhs            OBJ_Mail,1L
-
-#define SN_mime_mhs_headings            "mime-mhs-headings"
-#define LN_mime_mhs_headings            "mime-mhs-headings"
-#define NID_mime_mhs_headings           505
-#define OBJ_mime_mhs_headings           OBJ_mime_mhs,1L
-
-#define SN_mime_mhs_bodies              "mime-mhs-bodies"
-#define LN_mime_mhs_bodies              "mime-mhs-bodies"
-#define NID_mime_mhs_bodies             506
-#define OBJ_mime_mhs_bodies             OBJ_mime_mhs,2L
-
-#define SN_id_hex_partial_message               "id-hex-partial-message"
-#define LN_id_hex_partial_message               "id-hex-partial-message"
-#define NID_id_hex_partial_message              507
-#define OBJ_id_hex_partial_message              OBJ_mime_mhs_headings,1L
-
-#define SN_id_hex_multipart_message             "id-hex-multipart-message"
-#define LN_id_hex_multipart_message             "id-hex-multipart-message"
-#define NID_id_hex_multipart_message            508
-#define OBJ_id_hex_multipart_message            OBJ_mime_mhs_headings,2L
-
-#define SN_rle_compression              "RLE"
-#define LN_rle_compression              "run length compression"
-#define NID_rle_compression             124
-#define OBJ_rle_compression             1L,1L,1L,1L,666L,1L
-
-#define SN_zlib_compression             "ZLIB"
-#define LN_zlib_compression             "zlib compression"
-#define NID_zlib_compression            125
-#define OBJ_zlib_compression            OBJ_id_smime_alg,8L
-
-#define OBJ_csor                2L,16L,840L,1L,101L,3L
-
-#define OBJ_nistAlgorithms              OBJ_csor,4L
-
-#define OBJ_aes         OBJ_nistAlgorithms,1L
-
-#define SN_aes_128_ecb          "AES-128-ECB"
-#define LN_aes_128_ecb          "aes-128-ecb"
-#define NID_aes_128_ecb         418
-#define OBJ_aes_128_ecb         OBJ_aes,1L
-
-#define SN_aes_128_cbc          "AES-128-CBC"
-#define LN_aes_128_cbc          "aes-128-cbc"
-#define NID_aes_128_cbc         419
-#define OBJ_aes_128_cbc         OBJ_aes,2L
-
-#define SN_aes_128_ofb128               "AES-128-OFB"
-#define LN_aes_128_ofb128               "aes-128-ofb"
-#define NID_aes_128_ofb128              420
-#define OBJ_aes_128_ofb128              OBJ_aes,3L
-
-#define SN_aes_128_cfb128               "AES-128-CFB"
-#define LN_aes_128_cfb128               "aes-128-cfb"
-#define NID_aes_128_cfb128              421
-#define OBJ_aes_128_cfb128              OBJ_aes,4L
-
-#define SN_id_aes128_wrap               "id-aes128-wrap"
-#define NID_id_aes128_wrap              788
-#define OBJ_id_aes128_wrap              OBJ_aes,5L
-
-#define SN_aes_128_gcm          "id-aes128-GCM"
-#define LN_aes_128_gcm          "aes-128-gcm"
-#define NID_aes_128_gcm         895
-#define OBJ_aes_128_gcm         OBJ_aes,6L
-
-#define SN_aes_128_ccm          "id-aes128-CCM"
-#define LN_aes_128_ccm          "aes-128-ccm"
-#define NID_aes_128_ccm         896
-#define OBJ_aes_128_ccm         OBJ_aes,7L
-
-#define SN_id_aes128_wrap_pad           "id-aes128-wrap-pad"
-#define NID_id_aes128_wrap_pad          897
-#define OBJ_id_aes128_wrap_pad          OBJ_aes,8L
-
-#define SN_aes_192_ecb          "AES-192-ECB"
-#define LN_aes_192_ecb          "aes-192-ecb"
-#define NID_aes_192_ecb         422
-#define OBJ_aes_192_ecb         OBJ_aes,21L
-
-#define SN_aes_192_cbc          "AES-192-CBC"
-#define LN_aes_192_cbc          "aes-192-cbc"
-#define NID_aes_192_cbc         423
-#define OBJ_aes_192_cbc         OBJ_aes,22L
-
-#define SN_aes_192_ofb128               "AES-192-OFB"
-#define LN_aes_192_ofb128               "aes-192-ofb"
-#define NID_aes_192_ofb128              424
-#define OBJ_aes_192_ofb128              OBJ_aes,23L
-
-#define SN_aes_192_cfb128               "AES-192-CFB"
-#define LN_aes_192_cfb128               "aes-192-cfb"
-#define NID_aes_192_cfb128              425
-#define OBJ_aes_192_cfb128              OBJ_aes,24L
-
-#define SN_id_aes192_wrap               "id-aes192-wrap"
-#define NID_id_aes192_wrap              789
-#define OBJ_id_aes192_wrap              OBJ_aes,25L
-
-#define SN_aes_192_gcm          "id-aes192-GCM"
-#define LN_aes_192_gcm          "aes-192-gcm"
-#define NID_aes_192_gcm         898
-#define OBJ_aes_192_gcm         OBJ_aes,26L
-
-#define SN_aes_192_ccm          "id-aes192-CCM"
-#define LN_aes_192_ccm          "aes-192-ccm"
-#define NID_aes_192_ccm         899
-#define OBJ_aes_192_ccm         OBJ_aes,27L
-
-#define SN_id_aes192_wrap_pad           "id-aes192-wrap-pad"
-#define NID_id_aes192_wrap_pad          900
-#define OBJ_id_aes192_wrap_pad          OBJ_aes,28L
-
-#define SN_aes_256_ecb          "AES-256-ECB"
-#define LN_aes_256_ecb          "aes-256-ecb"
-#define NID_aes_256_ecb         426
-#define OBJ_aes_256_ecb         OBJ_aes,41L
-
-#define SN_aes_256_cbc          "AES-256-CBC"
-#define LN_aes_256_cbc          "aes-256-cbc"
-#define NID_aes_256_cbc         427
-#define OBJ_aes_256_cbc         OBJ_aes,42L
-
-#define SN_aes_256_ofb128               "AES-256-OFB"
-#define LN_aes_256_ofb128               "aes-256-ofb"
-#define NID_aes_256_ofb128              428
-#define OBJ_aes_256_ofb128              OBJ_aes,43L
-
-#define SN_aes_256_cfb128               "AES-256-CFB"
-#define LN_aes_256_cfb128               "aes-256-cfb"
-#define NID_aes_256_cfb128              429
-#define OBJ_aes_256_cfb128              OBJ_aes,44L
-
-#define SN_id_aes256_wrap               "id-aes256-wrap"
-#define NID_id_aes256_wrap              790
-#define OBJ_id_aes256_wrap              OBJ_aes,45L
-
-#define SN_aes_256_gcm          "id-aes256-GCM"
-#define LN_aes_256_gcm          "aes-256-gcm"
-#define NID_aes_256_gcm         901
-#define OBJ_aes_256_gcm         OBJ_aes,46L
-
-#define SN_aes_256_ccm          "id-aes256-CCM"
-#define LN_aes_256_ccm          "aes-256-ccm"
-#define NID_aes_256_ccm         902
-#define OBJ_aes_256_ccm         OBJ_aes,47L
-
-#define SN_id_aes256_wrap_pad           "id-aes256-wrap-pad"
-#define NID_id_aes256_wrap_pad          903
-#define OBJ_id_aes256_wrap_pad          OBJ_aes,48L
-
-#define SN_aes_128_cfb1         "AES-128-CFB1"
-#define LN_aes_128_cfb1         "aes-128-cfb1"
-#define NID_aes_128_cfb1                650
-
-#define SN_aes_192_cfb1         "AES-192-CFB1"
-#define LN_aes_192_cfb1         "aes-192-cfb1"
-#define NID_aes_192_cfb1                651
-
-#define SN_aes_256_cfb1         "AES-256-CFB1"
-#define LN_aes_256_cfb1         "aes-256-cfb1"
-#define NID_aes_256_cfb1                652
-
-#define SN_aes_128_cfb8         "AES-128-CFB8"
-#define LN_aes_128_cfb8         "aes-128-cfb8"
-#define NID_aes_128_cfb8                653
-
-#define SN_aes_192_cfb8         "AES-192-CFB8"
-#define LN_aes_192_cfb8         "aes-192-cfb8"
-#define NID_aes_192_cfb8                654
-
-#define SN_aes_256_cfb8         "AES-256-CFB8"
-#define LN_aes_256_cfb8         "aes-256-cfb8"
-#define NID_aes_256_cfb8                655
-
-#define SN_aes_128_ctr          "AES-128-CTR"
-#define LN_aes_128_ctr          "aes-128-ctr"
-#define NID_aes_128_ctr         904
-
-#define SN_aes_192_ctr          "AES-192-CTR"
-#define LN_aes_192_ctr          "aes-192-ctr"
-#define NID_aes_192_ctr         905
-
-#define SN_aes_256_ctr          "AES-256-CTR"
-#define LN_aes_256_ctr          "aes-256-ctr"
-#define NID_aes_256_ctr         906
-
-#define SN_aes_128_xts          "AES-128-XTS"
-#define LN_aes_128_xts          "aes-128-xts"
-#define NID_aes_128_xts         913
-
-#define SN_aes_256_xts          "AES-256-XTS"
-#define LN_aes_256_xts          "aes-256-xts"
-#define NID_aes_256_xts         914
-
-#define SN_des_cfb1             "DES-CFB1"
-#define LN_des_cfb1             "des-cfb1"
-#define NID_des_cfb1            656
-
-#define SN_des_cfb8             "DES-CFB8"
-#define LN_des_cfb8             "des-cfb8"
-#define NID_des_cfb8            657
-
-#define SN_des_ede3_cfb1                "DES-EDE3-CFB1"
-#define LN_des_ede3_cfb1                "des-ede3-cfb1"
-#define NID_des_ede3_cfb1               658
-
-#define SN_des_ede3_cfb8                "DES-EDE3-CFB8"
-#define LN_des_ede3_cfb8                "des-ede3-cfb8"
-#define NID_des_ede3_cfb8               659
-
-#define OBJ_nist_hashalgs               OBJ_nistAlgorithms,2L
-
-#define SN_sha256               "SHA256"
-#define LN_sha256               "sha256"
-#define NID_sha256              672
-#define OBJ_sha256              OBJ_nist_hashalgs,1L
-
-#define SN_sha384               "SHA384"
-#define LN_sha384               "sha384"
-#define NID_sha384              673
-#define OBJ_sha384              OBJ_nist_hashalgs,2L
-
-#define SN_sha512               "SHA512"
-#define LN_sha512               "sha512"
-#define NID_sha512              674
-#define OBJ_sha512              OBJ_nist_hashalgs,3L
-
-#define SN_sha224               "SHA224"
-#define LN_sha224               "sha224"
-#define NID_sha224              675
-#define OBJ_sha224              OBJ_nist_hashalgs,4L
-
-#define OBJ_dsa_with_sha2               OBJ_nistAlgorithms,3L
-
-#define SN_dsa_with_SHA224              "dsa_with_SHA224"
-#define NID_dsa_with_SHA224             802
-#define OBJ_dsa_with_SHA224             OBJ_dsa_with_sha2,1L
-
-#define SN_dsa_with_SHA256              "dsa_with_SHA256"
-#define NID_dsa_with_SHA256             803
-#define OBJ_dsa_with_SHA256             OBJ_dsa_with_sha2,2L
-
-#define SN_hold_instruction_code                "holdInstructionCode"
-#define LN_hold_instruction_code                "Hold Instruction Code"
-#define NID_hold_instruction_code               430
-#define OBJ_hold_instruction_code               OBJ_id_ce,23L
-
-#define OBJ_holdInstruction             OBJ_X9_57,2L
-
-#define SN_hold_instruction_none                "holdInstructionNone"
-#define LN_hold_instruction_none                "Hold Instruction None"
-#define NID_hold_instruction_none               431
-#define OBJ_hold_instruction_none               OBJ_holdInstruction,1L
-
-#define SN_hold_instruction_call_issuer         "holdInstructionCallIssuer"
-#define LN_hold_instruction_call_issuer         "Hold Instruction Call Issuer"
-#define NID_hold_instruction_call_issuer                432
-#define OBJ_hold_instruction_call_issuer                OBJ_holdInstruction,2L
-
-#define SN_hold_instruction_reject              "holdInstructionReject"
-#define LN_hold_instruction_reject              "Hold Instruction Reject"
-#define NID_hold_instruction_reject             433
-#define OBJ_hold_instruction_reject             OBJ_holdInstruction,3L
-
-#define SN_data         "data"
-#define NID_data                434
-#define OBJ_data                OBJ_itu_t,9L
-
-#define SN_pss          "pss"
-#define NID_pss         435
-#define OBJ_pss         OBJ_data,2342L
-
-#define SN_ucl          "ucl"
-#define NID_ucl         436
-#define OBJ_ucl         OBJ_pss,19200300L
-
-#define SN_pilot                "pilot"
-#define NID_pilot               437
-#define OBJ_pilot               OBJ_ucl,100L
-
-#define LN_pilotAttributeType           "pilotAttributeType"
-#define NID_pilotAttributeType          438
-#define OBJ_pilotAttributeType          OBJ_pilot,1L
-
-#define LN_pilotAttributeSyntax         "pilotAttributeSyntax"
-#define NID_pilotAttributeSyntax                439
-#define OBJ_pilotAttributeSyntax                OBJ_pilot,3L
-
-#define LN_pilotObjectClass             "pilotObjectClass"
-#define NID_pilotObjectClass            440
-#define OBJ_pilotObjectClass            OBJ_pilot,4L
-
-#define LN_pilotGroups          "pilotGroups"
-#define NID_pilotGroups         441
-#define OBJ_pilotGroups         OBJ_pilot,10L
-
-#define LN_iA5StringSyntax              "iA5StringSyntax"
-#define NID_iA5StringSyntax             442
-#define OBJ_iA5StringSyntax             OBJ_pilotAttributeSyntax,4L
-
-#define LN_caseIgnoreIA5StringSyntax            "caseIgnoreIA5StringSyntax"
-#define NID_caseIgnoreIA5StringSyntax           443
-#define OBJ_caseIgnoreIA5StringSyntax           OBJ_pilotAttributeSyntax,5L
-
-#define LN_pilotObject          "pilotObject"
-#define NID_pilotObject         444
-#define OBJ_pilotObject         OBJ_pilotObjectClass,3L
-
-#define LN_pilotPerson          "pilotPerson"
-#define NID_pilotPerson         445
-#define OBJ_pilotPerson         OBJ_pilotObjectClass,4L
-
-#define SN_account              "account"
-#define NID_account             446
-#define OBJ_account             OBJ_pilotObjectClass,5L
-
-#define SN_document             "document"
-#define NID_document            447
-#define OBJ_document            OBJ_pilotObjectClass,6L
-
-#define SN_room         "room"
-#define NID_room                448
-#define OBJ_room                OBJ_pilotObjectClass,7L
-
-#define LN_documentSeries               "documentSeries"
-#define NID_documentSeries              449
-#define OBJ_documentSeries              OBJ_pilotObjectClass,9L
-
-#define SN_Domain               "domain"
-#define LN_Domain               "Domain"
-#define NID_Domain              392
-#define OBJ_Domain              OBJ_pilotObjectClass,13L
-
-#define LN_rFC822localPart              "rFC822localPart"
-#define NID_rFC822localPart             450
-#define OBJ_rFC822localPart             OBJ_pilotObjectClass,14L
-
-#define LN_dNSDomain            "dNSDomain"
-#define NID_dNSDomain           451
-#define OBJ_dNSDomain           OBJ_pilotObjectClass,15L
-
-#define LN_domainRelatedObject          "domainRelatedObject"
-#define NID_domainRelatedObject         452
-#define OBJ_domainRelatedObject         OBJ_pilotObjectClass,17L
-
-#define LN_friendlyCountry              "friendlyCountry"
-#define NID_friendlyCountry             453
-#define OBJ_friendlyCountry             OBJ_pilotObjectClass,18L
-
-#define LN_simpleSecurityObject         "simpleSecurityObject"
-#define NID_simpleSecurityObject                454
-#define OBJ_simpleSecurityObject                OBJ_pilotObjectClass,19L
-
-#define LN_pilotOrganization            "pilotOrganization"
-#define NID_pilotOrganization           455
-#define OBJ_pilotOrganization           OBJ_pilotObjectClass,20L
-
-#define LN_pilotDSA             "pilotDSA"
-#define NID_pilotDSA            456
-#define OBJ_pilotDSA            OBJ_pilotObjectClass,21L
-
-#define LN_qualityLabelledData          "qualityLabelledData"
-#define NID_qualityLabelledData         457
-#define OBJ_qualityLabelledData         OBJ_pilotObjectClass,22L
-
-#define SN_userId               "UID"
-#define LN_userId               "userId"
-#define NID_userId              458
-#define OBJ_userId              OBJ_pilotAttributeType,1L
-
-#define LN_textEncodedORAddress         "textEncodedORAddress"
-#define NID_textEncodedORAddress                459
-#define OBJ_textEncodedORAddress                OBJ_pilotAttributeType,2L
-
-#define SN_rfc822Mailbox                "mail"
-#define LN_rfc822Mailbox                "rfc822Mailbox"
-#define NID_rfc822Mailbox               460
-#define OBJ_rfc822Mailbox               OBJ_pilotAttributeType,3L
-
-#define SN_info         "info"
-#define NID_info                461
-#define OBJ_info                OBJ_pilotAttributeType,4L
-
-#define LN_favouriteDrink               "favouriteDrink"
-#define NID_favouriteDrink              462
-#define OBJ_favouriteDrink              OBJ_pilotAttributeType,5L
-
-#define LN_roomNumber           "roomNumber"
-#define NID_roomNumber          463
-#define OBJ_roomNumber          OBJ_pilotAttributeType,6L
-
-#define SN_photo                "photo"
-#define NID_photo               464
-#define OBJ_photo               OBJ_pilotAttributeType,7L
-
-#define LN_userClass            "userClass"
-#define NID_userClass           465
-#define OBJ_userClass           OBJ_pilotAttributeType,8L
-
-#define SN_host         "host"
-#define NID_host                466
-#define OBJ_host                OBJ_pilotAttributeType,9L
-
-#define SN_manager              "manager"
-#define NID_manager             467
-#define OBJ_manager             OBJ_pilotAttributeType,10L
-
-#define LN_documentIdentifier           "documentIdentifier"
-#define NID_documentIdentifier          468
-#define OBJ_documentIdentifier          OBJ_pilotAttributeType,11L
-
-#define LN_documentTitle                "documentTitle"
-#define NID_documentTitle               469
-#define OBJ_documentTitle               OBJ_pilotAttributeType,12L
-
-#define LN_documentVersion              "documentVersion"
-#define NID_documentVersion             470
-#define OBJ_documentVersion             OBJ_pilotAttributeType,13L
-
-#define LN_documentAuthor               "documentAuthor"
-#define NID_documentAuthor              471
-#define OBJ_documentAuthor              OBJ_pilotAttributeType,14L
-
-#define LN_documentLocation             "documentLocation"
-#define NID_documentLocation            472
-#define OBJ_documentLocation            OBJ_pilotAttributeType,15L
-
-#define LN_homeTelephoneNumber          "homeTelephoneNumber"
-#define NID_homeTelephoneNumber         473
-#define OBJ_homeTelephoneNumber         OBJ_pilotAttributeType,20L
-
-#define SN_secretary            "secretary"
-#define NID_secretary           474
-#define OBJ_secretary           OBJ_pilotAttributeType,21L
-
-#define LN_otherMailbox         "otherMailbox"
-#define NID_otherMailbox                475
-#define OBJ_otherMailbox                OBJ_pilotAttributeType,22L
-
-#define LN_lastModifiedTime             "lastModifiedTime"
-#define NID_lastModifiedTime            476
-#define OBJ_lastModifiedTime            OBJ_pilotAttributeType,23L
-
-#define LN_lastModifiedBy               "lastModifiedBy"
-#define NID_lastModifiedBy              477
-#define OBJ_lastModifiedBy              OBJ_pilotAttributeType,24L
-
-#define SN_domainComponent              "DC"
-#define LN_domainComponent              "domainComponent"
-#define NID_domainComponent             391
-#define OBJ_domainComponent             OBJ_pilotAttributeType,25L
-
-#define LN_aRecord              "aRecord"
-#define NID_aRecord             478
-#define OBJ_aRecord             OBJ_pilotAttributeType,26L
-
-#define LN_pilotAttributeType27         "pilotAttributeType27"
-#define NID_pilotAttributeType27                479
-#define OBJ_pilotAttributeType27                OBJ_pilotAttributeType,27L
-
-#define LN_mXRecord             "mXRecord"
-#define NID_mXRecord            480
-#define OBJ_mXRecord            OBJ_pilotAttributeType,28L
-
-#define LN_nSRecord             "nSRecord"
-#define NID_nSRecord            481
-#define OBJ_nSRecord            OBJ_pilotAttributeType,29L
-
-#define LN_sOARecord            "sOARecord"
-#define NID_sOARecord           482
-#define OBJ_sOARecord           OBJ_pilotAttributeType,30L
-
-#define LN_cNAMERecord          "cNAMERecord"
-#define NID_cNAMERecord         483
-#define OBJ_cNAMERecord         OBJ_pilotAttributeType,31L
-
-#define LN_associatedDomain             "associatedDomain"
-#define NID_associatedDomain            484
-#define OBJ_associatedDomain            OBJ_pilotAttributeType,37L
-
-#define LN_associatedName               "associatedName"
-#define NID_associatedName              485
-#define OBJ_associatedName              OBJ_pilotAttributeType,38L
-
-#define LN_homePostalAddress            "homePostalAddress"
-#define NID_homePostalAddress           486
-#define OBJ_homePostalAddress           OBJ_pilotAttributeType,39L
-
-#define LN_personalTitle                "personalTitle"
-#define NID_personalTitle               487
-#define OBJ_personalTitle               OBJ_pilotAttributeType,40L
-
-#define LN_mobileTelephoneNumber                "mobileTelephoneNumber"
-#define NID_mobileTelephoneNumber               488
-#define OBJ_mobileTelephoneNumber               OBJ_pilotAttributeType,41L
-
-#define LN_pagerTelephoneNumber         "pagerTelephoneNumber"
-#define NID_pagerTelephoneNumber                489
-#define OBJ_pagerTelephoneNumber                OBJ_pilotAttributeType,42L
-
-#define LN_friendlyCountryName          "friendlyCountryName"
-#define NID_friendlyCountryName         490
-#define OBJ_friendlyCountryName         OBJ_pilotAttributeType,43L
-
-#define LN_organizationalStatus         "organizationalStatus"
-#define NID_organizationalStatus                491
-#define OBJ_organizationalStatus                OBJ_pilotAttributeType,45L
-
-#define LN_janetMailbox         "janetMailbox"
-#define NID_janetMailbox                492
-#define OBJ_janetMailbox                OBJ_pilotAttributeType,46L
-
-#define LN_mailPreferenceOption         "mailPreferenceOption"
-#define NID_mailPreferenceOption                493
-#define OBJ_mailPreferenceOption                OBJ_pilotAttributeType,47L
-
-#define LN_buildingName         "buildingName"
-#define NID_buildingName                494
-#define OBJ_buildingName                OBJ_pilotAttributeType,48L
-
-#define LN_dSAQuality           "dSAQuality"
-#define NID_dSAQuality          495
-#define OBJ_dSAQuality          OBJ_pilotAttributeType,49L
-
-#define LN_singleLevelQuality           "singleLevelQuality"
-#define NID_singleLevelQuality          496
-#define OBJ_singleLevelQuality          OBJ_pilotAttributeType,50L
-
-#define LN_subtreeMinimumQuality                "subtreeMinimumQuality"
-#define NID_subtreeMinimumQuality               497
-#define OBJ_subtreeMinimumQuality               OBJ_pilotAttributeType,51L
-
-#define LN_subtreeMaximumQuality                "subtreeMaximumQuality"
-#define NID_subtreeMaximumQuality               498
-#define OBJ_subtreeMaximumQuality               OBJ_pilotAttributeType,52L
-
-#define LN_personalSignature            "personalSignature"
-#define NID_personalSignature           499
-#define OBJ_personalSignature           OBJ_pilotAttributeType,53L
-
-#define LN_dITRedirect          "dITRedirect"
-#define NID_dITRedirect         500
-#define OBJ_dITRedirect         OBJ_pilotAttributeType,54L
-
-#define SN_audio                "audio"
-#define NID_audio               501
-#define OBJ_audio               OBJ_pilotAttributeType,55L
-
-#define LN_documentPublisher            "documentPublisher"
-#define NID_documentPublisher           502
-#define OBJ_documentPublisher           OBJ_pilotAttributeType,56L
-
-#define SN_id_set               "id-set"
-#define LN_id_set               "Secure Electronic Transactions"
-#define NID_id_set              512
-#define OBJ_id_set              OBJ_international_organizations,42L
-
-#define SN_set_ctype            "set-ctype"
-#define LN_set_ctype            "content types"
-#define NID_set_ctype           513
-#define OBJ_set_ctype           OBJ_id_set,0L
-
-#define SN_set_msgExt           "set-msgExt"
-#define LN_set_msgExt           "message extensions"
-#define NID_set_msgExt          514
-#define OBJ_set_msgExt          OBJ_id_set,1L
-
-#define SN_set_attr             "set-attr"
-#define NID_set_attr            515
-#define OBJ_set_attr            OBJ_id_set,3L
-
-#define SN_set_policy           "set-policy"
-#define NID_set_policy          516
-#define OBJ_set_policy          OBJ_id_set,5L
-
-#define SN_set_certExt          "set-certExt"
-#define LN_set_certExt          "certificate extensions"
-#define NID_set_certExt         517
-#define OBJ_set_certExt         OBJ_id_set,7L
-
-#define SN_set_brand            "set-brand"
-#define NID_set_brand           518
-#define OBJ_set_brand           OBJ_id_set,8L
-
-#define SN_setct_PANData                "setct-PANData"
-#define NID_setct_PANData               519
-#define OBJ_setct_PANData               OBJ_set_ctype,0L
-
-#define SN_setct_PANToken               "setct-PANToken"
-#define NID_setct_PANToken              520
-#define OBJ_setct_PANToken              OBJ_set_ctype,1L
-
-#define SN_setct_PANOnly                "setct-PANOnly"
-#define NID_setct_PANOnly               521
-#define OBJ_setct_PANOnly               OBJ_set_ctype,2L
-
-#define SN_setct_OIData         "setct-OIData"
-#define NID_setct_OIData                522
-#define OBJ_setct_OIData                OBJ_set_ctype,3L
-
-#define SN_setct_PI             "setct-PI"
-#define NID_setct_PI            523
-#define OBJ_setct_PI            OBJ_set_ctype,4L
-
-#define SN_setct_PIData         "setct-PIData"
-#define NID_setct_PIData                524
-#define OBJ_setct_PIData                OBJ_set_ctype,5L
-
-#define SN_setct_PIDataUnsigned         "setct-PIDataUnsigned"
-#define NID_setct_PIDataUnsigned                525
-#define OBJ_setct_PIDataUnsigned                OBJ_set_ctype,6L
-
-#define SN_setct_HODInput               "setct-HODInput"
-#define NID_setct_HODInput              526
-#define OBJ_setct_HODInput              OBJ_set_ctype,7L
-
-#define SN_setct_AuthResBaggage         "setct-AuthResBaggage"
-#define NID_setct_AuthResBaggage                527
-#define OBJ_setct_AuthResBaggage                OBJ_set_ctype,8L
-
-#define SN_setct_AuthRevReqBaggage              "setct-AuthRevReqBaggage"
-#define NID_setct_AuthRevReqBaggage             528
-#define OBJ_setct_AuthRevReqBaggage             OBJ_set_ctype,9L
-
-#define SN_setct_AuthRevResBaggage              "setct-AuthRevResBaggage"
-#define NID_setct_AuthRevResBaggage             529
-#define OBJ_setct_AuthRevResBaggage             OBJ_set_ctype,10L
-
-#define SN_setct_CapTokenSeq            "setct-CapTokenSeq"
-#define NID_setct_CapTokenSeq           530
-#define OBJ_setct_CapTokenSeq           OBJ_set_ctype,11L
-
-#define SN_setct_PInitResData           "setct-PInitResData"
-#define NID_setct_PInitResData          531
-#define OBJ_setct_PInitResData          OBJ_set_ctype,12L
-
-#define SN_setct_PI_TBS         "setct-PI-TBS"
-#define NID_setct_PI_TBS                532
-#define OBJ_setct_PI_TBS                OBJ_set_ctype,13L
-
-#define SN_setct_PResData               "setct-PResData"
-#define NID_setct_PResData              533
-#define OBJ_setct_PResData              OBJ_set_ctype,14L
-
-#define SN_setct_AuthReqTBS             "setct-AuthReqTBS"
-#define NID_setct_AuthReqTBS            534
-#define OBJ_setct_AuthReqTBS            OBJ_set_ctype,16L
-
-#define SN_setct_AuthResTBS             "setct-AuthResTBS"
-#define NID_setct_AuthResTBS            535
-#define OBJ_setct_AuthResTBS            OBJ_set_ctype,17L
-
-#define SN_setct_AuthResTBSX            "setct-AuthResTBSX"
-#define NID_setct_AuthResTBSX           536
-#define OBJ_setct_AuthResTBSX           OBJ_set_ctype,18L
-
-#define SN_setct_AuthTokenTBS           "setct-AuthTokenTBS"
-#define NID_setct_AuthTokenTBS          537
-#define OBJ_setct_AuthTokenTBS          OBJ_set_ctype,19L
-
-#define SN_setct_CapTokenData           "setct-CapTokenData"
-#define NID_setct_CapTokenData          538
-#define OBJ_setct_CapTokenData          OBJ_set_ctype,20L
-
-#define SN_setct_CapTokenTBS            "setct-CapTokenTBS"
-#define NID_setct_CapTokenTBS           539
-#define OBJ_setct_CapTokenTBS           OBJ_set_ctype,21L
-
-#define SN_setct_AcqCardCodeMsg         "setct-AcqCardCodeMsg"
-#define NID_setct_AcqCardCodeMsg                540
-#define OBJ_setct_AcqCardCodeMsg                OBJ_set_ctype,22L
-
-#define SN_setct_AuthRevReqTBS          "setct-AuthRevReqTBS"
-#define NID_setct_AuthRevReqTBS         541
-#define OBJ_setct_AuthRevReqTBS         OBJ_set_ctype,23L
-
-#define SN_setct_AuthRevResData         "setct-AuthRevResData"
-#define NID_setct_AuthRevResData                542
-#define OBJ_setct_AuthRevResData                OBJ_set_ctype,24L
-
-#define SN_setct_AuthRevResTBS          "setct-AuthRevResTBS"
-#define NID_setct_AuthRevResTBS         543
-#define OBJ_setct_AuthRevResTBS         OBJ_set_ctype,25L
-
-#define SN_setct_CapReqTBS              "setct-CapReqTBS"
-#define NID_setct_CapReqTBS             544
-#define OBJ_setct_CapReqTBS             OBJ_set_ctype,26L
-
-#define SN_setct_CapReqTBSX             "setct-CapReqTBSX"
-#define NID_setct_CapReqTBSX            545
-#define OBJ_setct_CapReqTBSX            OBJ_set_ctype,27L
-
-#define SN_setct_CapResData             "setct-CapResData"
-#define NID_setct_CapResData            546
-#define OBJ_setct_CapResData            OBJ_set_ctype,28L
-
-#define SN_setct_CapRevReqTBS           "setct-CapRevReqTBS"
-#define NID_setct_CapRevReqTBS          547
-#define OBJ_setct_CapRevReqTBS          OBJ_set_ctype,29L
-
-#define SN_setct_CapRevReqTBSX          "setct-CapRevReqTBSX"
-#define NID_setct_CapRevReqTBSX         548
-#define OBJ_setct_CapRevReqTBSX         OBJ_set_ctype,30L
-
-#define SN_setct_CapRevResData          "setct-CapRevResData"
-#define NID_setct_CapRevResData         549
-#define OBJ_setct_CapRevResData         OBJ_set_ctype,31L
-
-#define SN_setct_CredReqTBS             "setct-CredReqTBS"
-#define NID_setct_CredReqTBS            550
-#define OBJ_setct_CredReqTBS            OBJ_set_ctype,32L
-
-#define SN_setct_CredReqTBSX            "setct-CredReqTBSX"
-#define NID_setct_CredReqTBSX           551
-#define OBJ_setct_CredReqTBSX           OBJ_set_ctype,33L
-
-#define SN_setct_CredResData            "setct-CredResData"
-#define NID_setct_CredResData           552
-#define OBJ_setct_CredResData           OBJ_set_ctype,34L
-
-#define SN_setct_CredRevReqTBS          "setct-CredRevReqTBS"
-#define NID_setct_CredRevReqTBS         553
-#define OBJ_setct_CredRevReqTBS         OBJ_set_ctype,35L
-
-#define SN_setct_CredRevReqTBSX         "setct-CredRevReqTBSX"
-#define NID_setct_CredRevReqTBSX                554
-#define OBJ_setct_CredRevReqTBSX                OBJ_set_ctype,36L
-
-#define SN_setct_CredRevResData         "setct-CredRevResData"
-#define NID_setct_CredRevResData                555
-#define OBJ_setct_CredRevResData                OBJ_set_ctype,37L
-
-#define SN_setct_PCertReqData           "setct-PCertReqData"
-#define NID_setct_PCertReqData          556
-#define OBJ_setct_PCertReqData          OBJ_set_ctype,38L
-
-#define SN_setct_PCertResTBS            "setct-PCertResTBS"
-#define NID_setct_PCertResTBS           557
-#define OBJ_setct_PCertResTBS           OBJ_set_ctype,39L
-
-#define SN_setct_BatchAdminReqData              "setct-BatchAdminReqData"
-#define NID_setct_BatchAdminReqData             558
-#define OBJ_setct_BatchAdminReqData             OBJ_set_ctype,40L
-
-#define SN_setct_BatchAdminResData              "setct-BatchAdminResData"
-#define NID_setct_BatchAdminResData             559
-#define OBJ_setct_BatchAdminResData             OBJ_set_ctype,41L
-
-#define SN_setct_CardCInitResTBS                "setct-CardCInitResTBS"
-#define NID_setct_CardCInitResTBS               560
-#define OBJ_setct_CardCInitResTBS               OBJ_set_ctype,42L
-
-#define SN_setct_MeAqCInitResTBS                "setct-MeAqCInitResTBS"
-#define NID_setct_MeAqCInitResTBS               561
-#define OBJ_setct_MeAqCInitResTBS               OBJ_set_ctype,43L
-
-#define SN_setct_RegFormResTBS          "setct-RegFormResTBS"
-#define NID_setct_RegFormResTBS         562
-#define OBJ_setct_RegFormResTBS         OBJ_set_ctype,44L
-
-#define SN_setct_CertReqData            "setct-CertReqData"
-#define NID_setct_CertReqData           563
-#define OBJ_setct_CertReqData           OBJ_set_ctype,45L
-
-#define SN_setct_CertReqTBS             "setct-CertReqTBS"
-#define NID_setct_CertReqTBS            564
-#define OBJ_setct_CertReqTBS            OBJ_set_ctype,46L
-
-#define SN_setct_CertResData            "setct-CertResData"
-#define NID_setct_CertResData           565
-#define OBJ_setct_CertResData           OBJ_set_ctype,47L
-
-#define SN_setct_CertInqReqTBS          "setct-CertInqReqTBS"
-#define NID_setct_CertInqReqTBS         566
-#define OBJ_setct_CertInqReqTBS         OBJ_set_ctype,48L
-
-#define SN_setct_ErrorTBS               "setct-ErrorTBS"
-#define NID_setct_ErrorTBS              567
-#define OBJ_setct_ErrorTBS              OBJ_set_ctype,49L
-
-#define SN_setct_PIDualSignedTBE                "setct-PIDualSignedTBE"
-#define NID_setct_PIDualSignedTBE               568
-#define OBJ_setct_PIDualSignedTBE               OBJ_set_ctype,50L
-
-#define SN_setct_PIUnsignedTBE          "setct-PIUnsignedTBE"
-#define NID_setct_PIUnsignedTBE         569
-#define OBJ_setct_PIUnsignedTBE         OBJ_set_ctype,51L
-
-#define SN_setct_AuthReqTBE             "setct-AuthReqTBE"
-#define NID_setct_AuthReqTBE            570
-#define OBJ_setct_AuthReqTBE            OBJ_set_ctype,52L
-
-#define SN_setct_AuthResTBE             "setct-AuthResTBE"
-#define NID_setct_AuthResTBE            571
-#define OBJ_setct_AuthResTBE            OBJ_set_ctype,53L
-
-#define SN_setct_AuthResTBEX            "setct-AuthResTBEX"
-#define NID_setct_AuthResTBEX           572
-#define OBJ_setct_AuthResTBEX           OBJ_set_ctype,54L
-
-#define SN_setct_AuthTokenTBE           "setct-AuthTokenTBE"
-#define NID_setct_AuthTokenTBE          573
-#define OBJ_setct_AuthTokenTBE          OBJ_set_ctype,55L
-
-#define SN_setct_CapTokenTBE            "setct-CapTokenTBE"
-#define NID_setct_CapTokenTBE           574
-#define OBJ_setct_CapTokenTBE           OBJ_set_ctype,56L
-
-#define SN_setct_CapTokenTBEX           "setct-CapTokenTBEX"
-#define NID_setct_CapTokenTBEX          575
-#define OBJ_setct_CapTokenTBEX          OBJ_set_ctype,57L
-
-#define SN_setct_AcqCardCodeMsgTBE              "setct-AcqCardCodeMsgTBE"
-#define NID_setct_AcqCardCodeMsgTBE             576
-#define OBJ_setct_AcqCardCodeMsgTBE             OBJ_set_ctype,58L
-
-#define SN_setct_AuthRevReqTBE          "setct-AuthRevReqTBE"
-#define NID_setct_AuthRevReqTBE         577
-#define OBJ_setct_AuthRevReqTBE         OBJ_set_ctype,59L
-
-#define SN_setct_AuthRevResTBE          "setct-AuthRevResTBE"
-#define NID_setct_AuthRevResTBE         578
-#define OBJ_setct_AuthRevResTBE         OBJ_set_ctype,60L
-
-#define SN_setct_AuthRevResTBEB         "setct-AuthRevResTBEB"
-#define NID_setct_AuthRevResTBEB                579
-#define OBJ_setct_AuthRevResTBEB                OBJ_set_ctype,61L
-
-#define SN_setct_CapReqTBE              "setct-CapReqTBE"
-#define NID_setct_CapReqTBE             580
-#define OBJ_setct_CapReqTBE             OBJ_set_ctype,62L
-
-#define SN_setct_CapReqTBEX             "setct-CapReqTBEX"
-#define NID_setct_CapReqTBEX            581
-#define OBJ_setct_CapReqTBEX            OBJ_set_ctype,63L
-
-#define SN_setct_CapResTBE              "setct-CapResTBE"
-#define NID_setct_CapResTBE             582
-#define OBJ_setct_CapResTBE             OBJ_set_ctype,64L
-
-#define SN_setct_CapRevReqTBE           "setct-CapRevReqTBE"
-#define NID_setct_CapRevReqTBE          583
-#define OBJ_setct_CapRevReqTBE          OBJ_set_ctype,65L
-
-#define SN_setct_CapRevReqTBEX          "setct-CapRevReqTBEX"
-#define NID_setct_CapRevReqTBEX         584
-#define OBJ_setct_CapRevReqTBEX         OBJ_set_ctype,66L
-
-#define SN_setct_CapRevResTBE           "setct-CapRevResTBE"
-#define NID_setct_CapRevResTBE          585
-#define OBJ_setct_CapRevResTBE          OBJ_set_ctype,67L
-
-#define SN_setct_CredReqTBE             "setct-CredReqTBE"
-#define NID_setct_CredReqTBE            586
-#define OBJ_setct_CredReqTBE            OBJ_set_ctype,68L
-
-#define SN_setct_CredReqTBEX            "setct-CredReqTBEX"
-#define NID_setct_CredReqTBEX           587
-#define OBJ_setct_CredReqTBEX           OBJ_set_ctype,69L
-
-#define SN_setct_CredResTBE             "setct-CredResTBE"
-#define NID_setct_CredResTBE            588
-#define OBJ_setct_CredResTBE            OBJ_set_ctype,70L
-
-#define SN_setct_CredRevReqTBE          "setct-CredRevReqTBE"
-#define NID_setct_CredRevReqTBE         589
-#define OBJ_setct_CredRevReqTBE         OBJ_set_ctype,71L
-
-#define SN_setct_CredRevReqTBEX         "setct-CredRevReqTBEX"
-#define NID_setct_CredRevReqTBEX                590
-#define OBJ_setct_CredRevReqTBEX                OBJ_set_ctype,72L
-
-#define SN_setct_CredRevResTBE          "setct-CredRevResTBE"
-#define NID_setct_CredRevResTBE         591
-#define OBJ_setct_CredRevResTBE         OBJ_set_ctype,73L
-
-#define SN_setct_BatchAdminReqTBE               "setct-BatchAdminReqTBE"
-#define NID_setct_BatchAdminReqTBE              592
-#define OBJ_setct_BatchAdminReqTBE              OBJ_set_ctype,74L
-
-#define SN_setct_BatchAdminResTBE               "setct-BatchAdminResTBE"
-#define NID_setct_BatchAdminResTBE              593
-#define OBJ_setct_BatchAdminResTBE              OBJ_set_ctype,75L
-
-#define SN_setct_RegFormReqTBE          "setct-RegFormReqTBE"
-#define NID_setct_RegFormReqTBE         594
-#define OBJ_setct_RegFormReqTBE         OBJ_set_ctype,76L
-
-#define SN_setct_CertReqTBE             "setct-CertReqTBE"
-#define NID_setct_CertReqTBE            595
-#define OBJ_setct_CertReqTBE            OBJ_set_ctype,77L
-
-#define SN_setct_CertReqTBEX            "setct-CertReqTBEX"
-#define NID_setct_CertReqTBEX           596
-#define OBJ_setct_CertReqTBEX           OBJ_set_ctype,78L
-
-#define SN_setct_CertResTBE             "setct-CertResTBE"
-#define NID_setct_CertResTBE            597
-#define OBJ_setct_CertResTBE            OBJ_set_ctype,79L
-
-#define SN_setct_CRLNotificationTBS             "setct-CRLNotificationTBS"
-#define NID_setct_CRLNotificationTBS            598
-#define OBJ_setct_CRLNotificationTBS            OBJ_set_ctype,80L
-
-#define SN_setct_CRLNotificationResTBS          "setct-CRLNotificationResTBS"
-#define NID_setct_CRLNotificationResTBS         599
-#define OBJ_setct_CRLNotificationResTBS         OBJ_set_ctype,81L
-
-#define SN_setct_BCIDistributionTBS             "setct-BCIDistributionTBS"
-#define NID_setct_BCIDistributionTBS            600
-#define OBJ_setct_BCIDistributionTBS            OBJ_set_ctype,82L
-
-#define SN_setext_genCrypt              "setext-genCrypt"
-#define LN_setext_genCrypt              "generic cryptogram"
-#define NID_setext_genCrypt             601
-#define OBJ_setext_genCrypt             OBJ_set_msgExt,1L
-
-#define SN_setext_miAuth                "setext-miAuth"
-#define LN_setext_miAuth                "merchant initiated auth"
-#define NID_setext_miAuth               602
-#define OBJ_setext_miAuth               OBJ_set_msgExt,3L
-
-#define SN_setext_pinSecure             "setext-pinSecure"
-#define NID_setext_pinSecure            603
-#define OBJ_setext_pinSecure            OBJ_set_msgExt,4L
-
-#define SN_setext_pinAny                "setext-pinAny"
-#define NID_setext_pinAny               604
-#define OBJ_setext_pinAny               OBJ_set_msgExt,5L
-
-#define SN_setext_track2                "setext-track2"
-#define NID_setext_track2               605
-#define OBJ_setext_track2               OBJ_set_msgExt,7L
-
-#define SN_setext_cv            "setext-cv"
-#define LN_setext_cv            "additional verification"
-#define NID_setext_cv           606
-#define OBJ_setext_cv           OBJ_set_msgExt,8L
-
-#define SN_set_policy_root              "set-policy-root"
-#define NID_set_policy_root             607
-#define OBJ_set_policy_root             OBJ_set_policy,0L
-
-#define SN_setCext_hashedRoot           "setCext-hashedRoot"
-#define NID_setCext_hashedRoot          608
-#define OBJ_setCext_hashedRoot          OBJ_set_certExt,0L
-
-#define SN_setCext_certType             "setCext-certType"
-#define NID_setCext_certType            609
-#define OBJ_setCext_certType            OBJ_set_certExt,1L
-
-#define SN_setCext_merchData            "setCext-merchData"
-#define NID_setCext_merchData           610
-#define OBJ_setCext_merchData           OBJ_set_certExt,2L
-
-#define SN_setCext_cCertRequired                "setCext-cCertRequired"
-#define NID_setCext_cCertRequired               611
-#define OBJ_setCext_cCertRequired               OBJ_set_certExt,3L
-
-#define SN_setCext_tunneling            "setCext-tunneling"
-#define NID_setCext_tunneling           612
-#define OBJ_setCext_tunneling           OBJ_set_certExt,4L
-
-#define SN_setCext_setExt               "setCext-setExt"
-#define NID_setCext_setExt              613
-#define OBJ_setCext_setExt              OBJ_set_certExt,5L
-
-#define SN_setCext_setQualf             "setCext-setQualf"
-#define NID_setCext_setQualf            614
-#define OBJ_setCext_setQualf            OBJ_set_certExt,6L
-
-#define SN_setCext_PGWYcapabilities             "setCext-PGWYcapabilities"
-#define NID_setCext_PGWYcapabilities            615
-#define OBJ_setCext_PGWYcapabilities            OBJ_set_certExt,7L
-
-#define SN_setCext_TokenIdentifier              "setCext-TokenIdentifier"
-#define NID_setCext_TokenIdentifier             616
-#define OBJ_setCext_TokenIdentifier             OBJ_set_certExt,8L
-
-#define SN_setCext_Track2Data           "setCext-Track2Data"
-#define NID_setCext_Track2Data          617
-#define OBJ_setCext_Track2Data          OBJ_set_certExt,9L
-
-#define SN_setCext_TokenType            "setCext-TokenType"
-#define NID_setCext_TokenType           618
-#define OBJ_setCext_TokenType           OBJ_set_certExt,10L
-
-#define SN_setCext_IssuerCapabilities           "setCext-IssuerCapabilities"
-#define NID_setCext_IssuerCapabilities          619
-#define OBJ_setCext_IssuerCapabilities          OBJ_set_certExt,11L
-
-#define SN_setAttr_Cert         "setAttr-Cert"
-#define NID_setAttr_Cert                620
-#define OBJ_setAttr_Cert                OBJ_set_attr,0L
-
-#define SN_setAttr_PGWYcap              "setAttr-PGWYcap"
-#define LN_setAttr_PGWYcap              "payment gateway capabilities"
-#define NID_setAttr_PGWYcap             621
-#define OBJ_setAttr_PGWYcap             OBJ_set_attr,1L
-
-#define SN_setAttr_TokenType            "setAttr-TokenType"
-#define NID_setAttr_TokenType           622
-#define OBJ_setAttr_TokenType           OBJ_set_attr,2L
-
-#define SN_setAttr_IssCap               "setAttr-IssCap"
-#define LN_setAttr_IssCap               "issuer capabilities"
-#define NID_setAttr_IssCap              623
-#define OBJ_setAttr_IssCap              OBJ_set_attr,3L
-
-#define SN_set_rootKeyThumb             "set-rootKeyThumb"
-#define NID_set_rootKeyThumb            624
-#define OBJ_set_rootKeyThumb            OBJ_setAttr_Cert,0L
-
-#define SN_set_addPolicy                "set-addPolicy"
-#define NID_set_addPolicy               625
-#define OBJ_set_addPolicy               OBJ_setAttr_Cert,1L
-
-#define SN_setAttr_Token_EMV            "setAttr-Token-EMV"
-#define NID_setAttr_Token_EMV           626
-#define OBJ_setAttr_Token_EMV           OBJ_setAttr_TokenType,1L
-
-#define SN_setAttr_Token_B0Prime                "setAttr-Token-B0Prime"
-#define NID_setAttr_Token_B0Prime               627
-#define OBJ_setAttr_Token_B0Prime               OBJ_setAttr_TokenType,2L
-
-#define SN_setAttr_IssCap_CVM           "setAttr-IssCap-CVM"
-#define NID_setAttr_IssCap_CVM          628
-#define OBJ_setAttr_IssCap_CVM          OBJ_setAttr_IssCap,3L
-
-#define SN_setAttr_IssCap_T2            "setAttr-IssCap-T2"
-#define NID_setAttr_IssCap_T2           629
-#define OBJ_setAttr_IssCap_T2           OBJ_setAttr_IssCap,4L
-
-#define SN_setAttr_IssCap_Sig           "setAttr-IssCap-Sig"
-#define NID_setAttr_IssCap_Sig          630
-#define OBJ_setAttr_IssCap_Sig          OBJ_setAttr_IssCap,5L
-
-#define SN_setAttr_GenCryptgrm          "setAttr-GenCryptgrm"
-#define LN_setAttr_GenCryptgrm          "generate cryptogram"
-#define NID_setAttr_GenCryptgrm         631
-#define OBJ_setAttr_GenCryptgrm         OBJ_setAttr_IssCap_CVM,1L
-
-#define SN_setAttr_T2Enc                "setAttr-T2Enc"
-#define LN_setAttr_T2Enc                "encrypted track 2"
-#define NID_setAttr_T2Enc               632
-#define OBJ_setAttr_T2Enc               OBJ_setAttr_IssCap_T2,1L
-
-#define SN_setAttr_T2cleartxt           "setAttr-T2cleartxt"
-#define LN_setAttr_T2cleartxt           "cleartext track 2"
-#define NID_setAttr_T2cleartxt          633
-#define OBJ_setAttr_T2cleartxt          OBJ_setAttr_IssCap_T2,2L
-
-#define SN_setAttr_TokICCsig            "setAttr-TokICCsig"
-#define LN_setAttr_TokICCsig            "ICC or token signature"
-#define NID_setAttr_TokICCsig           634
-#define OBJ_setAttr_TokICCsig           OBJ_setAttr_IssCap_Sig,1L
-
-#define SN_setAttr_SecDevSig            "setAttr-SecDevSig"
-#define LN_setAttr_SecDevSig            "secure device signature"
-#define NID_setAttr_SecDevSig           635
-#define OBJ_setAttr_SecDevSig           OBJ_setAttr_IssCap_Sig,2L
-
-#define SN_set_brand_IATA_ATA           "set-brand-IATA-ATA"
-#define NID_set_brand_IATA_ATA          636
-#define OBJ_set_brand_IATA_ATA          OBJ_set_brand,1L
-
-#define SN_set_brand_Diners             "set-brand-Diners"
-#define NID_set_brand_Diners            637
-#define OBJ_set_brand_Diners            OBJ_set_brand,30L
-
-#define SN_set_brand_AmericanExpress            "set-brand-AmericanExpress"
-#define NID_set_brand_AmericanExpress           638
-#define OBJ_set_brand_AmericanExpress           OBJ_set_brand,34L
-
-#define SN_set_brand_JCB                "set-brand-JCB"
-#define NID_set_brand_JCB               639
-#define OBJ_set_brand_JCB               OBJ_set_brand,35L
-
-#define SN_set_brand_Visa               "set-brand-Visa"
-#define NID_set_brand_Visa              640
-#define OBJ_set_brand_Visa              OBJ_set_brand,4L
-
-#define SN_set_brand_MasterCard         "set-brand-MasterCard"
-#define NID_set_brand_MasterCard                641
-#define OBJ_set_brand_MasterCard                OBJ_set_brand,5L
-
-#define SN_set_brand_Novus              "set-brand-Novus"
-#define NID_set_brand_Novus             642
-#define OBJ_set_brand_Novus             OBJ_set_brand,6011L
-
-#define SN_des_cdmf             "DES-CDMF"
-#define LN_des_cdmf             "des-cdmf"
-#define NID_des_cdmf            643
-#define OBJ_des_cdmf            OBJ_rsadsi,3L,10L
-
-#define SN_rsaOAEPEncryptionSET         "rsaOAEPEncryptionSET"
-#define NID_rsaOAEPEncryptionSET                644
-#define OBJ_rsaOAEPEncryptionSET                OBJ_rsadsi,1L,1L,6L
-
-#define SN_ipsec3               "Oakley-EC2N-3"
-#define LN_ipsec3               "ipsec3"
-#define NID_ipsec3              749
-
-#define SN_ipsec4               "Oakley-EC2N-4"
-#define LN_ipsec4               "ipsec4"
-#define NID_ipsec4              750
-
-#define SN_whirlpool            "whirlpool"
-#define NID_whirlpool           804
-#define OBJ_whirlpool           OBJ_iso,0L,10118L,3L,0L,55L
-
-#define SN_cryptopro            "cryptopro"
-#define NID_cryptopro           805
-#define OBJ_cryptopro           OBJ_member_body,643L,2L,2L
-
-#define SN_cryptocom            "cryptocom"
-#define NID_cryptocom           806
-#define OBJ_cryptocom           OBJ_member_body,643L,2L,9L
-
-#define SN_id_GostR3411_94_with_GostR3410_2001          "id-GostR3411-94-with-GostR3410-2001"
-#define LN_id_GostR3411_94_with_GostR3410_2001          "GOST R 34.11-94 with GOST R 34.10-2001"
-#define NID_id_GostR3411_94_with_GostR3410_2001         807
-#define OBJ_id_GostR3411_94_with_GostR3410_2001         OBJ_cryptopro,3L
-
-#define SN_id_GostR3411_94_with_GostR3410_94            "id-GostR3411-94-with-GostR3410-94"
-#define LN_id_GostR3411_94_with_GostR3410_94            "GOST R 34.11-94 with GOST R 34.10-94"
-#define NID_id_GostR3411_94_with_GostR3410_94           808
-#define OBJ_id_GostR3411_94_with_GostR3410_94           OBJ_cryptopro,4L
-
-#define SN_id_GostR3411_94              "md_gost94"
-#define LN_id_GostR3411_94              "GOST R 34.11-94"
-#define NID_id_GostR3411_94             809
-#define OBJ_id_GostR3411_94             OBJ_cryptopro,9L
-
-#define SN_id_HMACGostR3411_94          "id-HMACGostR3411-94"
-#define LN_id_HMACGostR3411_94          "HMAC GOST 34.11-94"
-#define NID_id_HMACGostR3411_94         810
-#define OBJ_id_HMACGostR3411_94         OBJ_cryptopro,10L
-
-#define SN_id_GostR3410_2001            "gost2001"
-#define LN_id_GostR3410_2001            "GOST R 34.10-2001"
-#define NID_id_GostR3410_2001           811
-#define OBJ_id_GostR3410_2001           OBJ_cryptopro,19L
-
-#define SN_id_GostR3410_94              "gost94"
-#define LN_id_GostR3410_94              "GOST R 34.10-94"
-#define NID_id_GostR3410_94             812
-#define OBJ_id_GostR3410_94             OBJ_cryptopro,20L
-
-#define SN_id_Gost28147_89              "gost89"
-#define LN_id_Gost28147_89              "GOST 28147-89"
-#define NID_id_Gost28147_89             813
-#define OBJ_id_Gost28147_89             OBJ_cryptopro,21L
-
-#define SN_gost89_cnt           "gost89-cnt"
-#define NID_gost89_cnt          814
-
-#define SN_id_Gost28147_89_MAC          "gost-mac"
-#define LN_id_Gost28147_89_MAC          "GOST 28147-89 MAC"
-#define NID_id_Gost28147_89_MAC         815
-#define OBJ_id_Gost28147_89_MAC         OBJ_cryptopro,22L
-
-#define SN_id_GostR3411_94_prf          "prf-gostr3411-94"
-#define LN_id_GostR3411_94_prf          "GOST R 34.11-94 PRF"
-#define NID_id_GostR3411_94_prf         816
-#define OBJ_id_GostR3411_94_prf         OBJ_cryptopro,23L
-
-#define SN_id_GostR3410_2001DH          "id-GostR3410-2001DH"
-#define LN_id_GostR3410_2001DH          "GOST R 34.10-2001 DH"
-#define NID_id_GostR3410_2001DH         817
-#define OBJ_id_GostR3410_2001DH         OBJ_cryptopro,98L
-
-#define SN_id_GostR3410_94DH            "id-GostR3410-94DH"
-#define LN_id_GostR3410_94DH            "GOST R 34.10-94 DH"
-#define NID_id_GostR3410_94DH           818
-#define OBJ_id_GostR3410_94DH           OBJ_cryptopro,99L
-
-#define SN_id_Gost28147_89_CryptoPro_KeyMeshing         "id-Gost28147-89-CryptoPro-KeyMeshing"
-#define NID_id_Gost28147_89_CryptoPro_KeyMeshing                819
-#define OBJ_id_Gost28147_89_CryptoPro_KeyMeshing                OBJ_cryptopro,14L,1L
-
-#define SN_id_Gost28147_89_None_KeyMeshing              "id-Gost28147-89-None-KeyMeshing"
-#define NID_id_Gost28147_89_None_KeyMeshing             820
-#define OBJ_id_Gost28147_89_None_KeyMeshing             OBJ_cryptopro,14L,0L
-
-#define SN_id_GostR3411_94_TestParamSet         "id-GostR3411-94-TestParamSet"
-#define NID_id_GostR3411_94_TestParamSet                821
-#define OBJ_id_GostR3411_94_TestParamSet                OBJ_cryptopro,30L,0L
-
-#define SN_id_GostR3411_94_CryptoProParamSet            "id-GostR3411-94-CryptoProParamSet"
-#define NID_id_GostR3411_94_CryptoProParamSet           822
-#define OBJ_id_GostR3411_94_CryptoProParamSet           OBJ_cryptopro,30L,1L
-
-#define SN_id_Gost28147_89_TestParamSet         "id-Gost28147-89-TestParamSet"
-#define NID_id_Gost28147_89_TestParamSet                823
-#define OBJ_id_Gost28147_89_TestParamSet                OBJ_cryptopro,31L,0L
-
-#define SN_id_Gost28147_89_CryptoPro_A_ParamSet         "id-Gost28147-89-CryptoPro-A-ParamSet"
-#define NID_id_Gost28147_89_CryptoPro_A_ParamSet                824
-#define OBJ_id_Gost28147_89_CryptoPro_A_ParamSet                OBJ_cryptopro,31L,1L
-
-#define SN_id_Gost28147_89_CryptoPro_B_ParamSet         "id-Gost28147-89-CryptoPro-B-ParamSet"
-#define NID_id_Gost28147_89_CryptoPro_B_ParamSet                825
-#define OBJ_id_Gost28147_89_CryptoPro_B_ParamSet                OBJ_cryptopro,31L,2L
-
-#define SN_id_Gost28147_89_CryptoPro_C_ParamSet         "id-Gost28147-89-CryptoPro-C-ParamSet"
-#define NID_id_Gost28147_89_CryptoPro_C_ParamSet                826
-#define OBJ_id_Gost28147_89_CryptoPro_C_ParamSet                OBJ_cryptopro,31L,3L
-
-#define SN_id_Gost28147_89_CryptoPro_D_ParamSet         "id-Gost28147-89-CryptoPro-D-ParamSet"
-#define NID_id_Gost28147_89_CryptoPro_D_ParamSet                827
-#define OBJ_id_Gost28147_89_CryptoPro_D_ParamSet                OBJ_cryptopro,31L,4L
-
-#define SN_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet         "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet"
-#define NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet                828
-#define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet                OBJ_cryptopro,31L,5L
-
-#define SN_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet         "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet"
-#define NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet                829
-#define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet                OBJ_cryptopro,31L,6L
-
-#define SN_id_Gost28147_89_CryptoPro_RIC_1_ParamSet             "id-Gost28147-89-CryptoPro-RIC-1-ParamSet"
-#define NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet            830
-#define OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet            OBJ_cryptopro,31L,7L
-
-#define SN_id_GostR3410_94_TestParamSet         "id-GostR3410-94-TestParamSet"
-#define NID_id_GostR3410_94_TestParamSet                831
-#define OBJ_id_GostR3410_94_TestParamSet                OBJ_cryptopro,32L,0L
-
-#define SN_id_GostR3410_94_CryptoPro_A_ParamSet         "id-GostR3410-94-CryptoPro-A-ParamSet"
-#define NID_id_GostR3410_94_CryptoPro_A_ParamSet                832
-#define OBJ_id_GostR3410_94_CryptoPro_A_ParamSet                OBJ_cryptopro,32L,2L
-
-#define SN_id_GostR3410_94_CryptoPro_B_ParamSet         "id-GostR3410-94-CryptoPro-B-ParamSet"
-#define NID_id_GostR3410_94_CryptoPro_B_ParamSet                833
-#define OBJ_id_GostR3410_94_CryptoPro_B_ParamSet                OBJ_cryptopro,32L,3L
-
-#define SN_id_GostR3410_94_CryptoPro_C_ParamSet         "id-GostR3410-94-CryptoPro-C-ParamSet"
-#define NID_id_GostR3410_94_CryptoPro_C_ParamSet                834
-#define OBJ_id_GostR3410_94_CryptoPro_C_ParamSet                OBJ_cryptopro,32L,4L
-
-#define SN_id_GostR3410_94_CryptoPro_D_ParamSet         "id-GostR3410-94-CryptoPro-D-ParamSet"
-#define NID_id_GostR3410_94_CryptoPro_D_ParamSet                835
-#define OBJ_id_GostR3410_94_CryptoPro_D_ParamSet                OBJ_cryptopro,32L,5L
-
-#define SN_id_GostR3410_94_CryptoPro_XchA_ParamSet              "id-GostR3410-94-CryptoPro-XchA-ParamSet"
-#define NID_id_GostR3410_94_CryptoPro_XchA_ParamSet             836
-#define OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet             OBJ_cryptopro,33L,1L
-
-#define SN_id_GostR3410_94_CryptoPro_XchB_ParamSet              "id-GostR3410-94-CryptoPro-XchB-ParamSet"
-#define NID_id_GostR3410_94_CryptoPro_XchB_ParamSet             837
-#define OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet             OBJ_cryptopro,33L,2L
-
-#define SN_id_GostR3410_94_CryptoPro_XchC_ParamSet              "id-GostR3410-94-CryptoPro-XchC-ParamSet"
-#define NID_id_GostR3410_94_CryptoPro_XchC_ParamSet             838
-#define OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet             OBJ_cryptopro,33L,3L
-
-#define SN_id_GostR3410_2001_TestParamSet               "id-GostR3410-2001-TestParamSet"
-#define NID_id_GostR3410_2001_TestParamSet              839
-#define OBJ_id_GostR3410_2001_TestParamSet              OBJ_cryptopro,35L,0L
-
-#define SN_id_GostR3410_2001_CryptoPro_A_ParamSet               "id-GostR3410-2001-CryptoPro-A-ParamSet"
-#define NID_id_GostR3410_2001_CryptoPro_A_ParamSet              840
-#define OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet              OBJ_cryptopro,35L,1L
-
-#define SN_id_GostR3410_2001_CryptoPro_B_ParamSet               "id-GostR3410-2001-CryptoPro-B-ParamSet"
-#define NID_id_GostR3410_2001_CryptoPro_B_ParamSet              841
-#define OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet              OBJ_cryptopro,35L,2L
-
-#define SN_id_GostR3410_2001_CryptoPro_C_ParamSet               "id-GostR3410-2001-CryptoPro-C-ParamSet"
-#define NID_id_GostR3410_2001_CryptoPro_C_ParamSet              842
-#define OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet              OBJ_cryptopro,35L,3L
-
-#define SN_id_GostR3410_2001_CryptoPro_XchA_ParamSet            "id-GostR3410-2001-CryptoPro-XchA-ParamSet"
-#define NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet           843
-#define OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet           OBJ_cryptopro,36L,0L
-
-#define SN_id_GostR3410_2001_CryptoPro_XchB_ParamSet            "id-GostR3410-2001-CryptoPro-XchB-ParamSet"
-#define NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet           844
-#define OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet           OBJ_cryptopro,36L,1L
-
-#define SN_id_GostR3410_94_a            "id-GostR3410-94-a"
-#define NID_id_GostR3410_94_a           845
-#define OBJ_id_GostR3410_94_a           OBJ_id_GostR3410_94,1L
-
-#define SN_id_GostR3410_94_aBis         "id-GostR3410-94-aBis"
-#define NID_id_GostR3410_94_aBis                846
-#define OBJ_id_GostR3410_94_aBis                OBJ_id_GostR3410_94,2L
-
-#define SN_id_GostR3410_94_b            "id-GostR3410-94-b"
-#define NID_id_GostR3410_94_b           847
-#define OBJ_id_GostR3410_94_b           OBJ_id_GostR3410_94,3L
-
-#define SN_id_GostR3410_94_bBis         "id-GostR3410-94-bBis"
-#define NID_id_GostR3410_94_bBis                848
-#define OBJ_id_GostR3410_94_bBis                OBJ_id_GostR3410_94,4L
-
-#define SN_id_Gost28147_89_cc           "id-Gost28147-89-cc"
-#define LN_id_Gost28147_89_cc           "GOST 28147-89 Cryptocom ParamSet"
-#define NID_id_Gost28147_89_cc          849
-#define OBJ_id_Gost28147_89_cc          OBJ_cryptocom,1L,6L,1L
-
-#define SN_id_GostR3410_94_cc           "gost94cc"
-#define LN_id_GostR3410_94_cc           "GOST 34.10-94 Cryptocom"
-#define NID_id_GostR3410_94_cc          850
-#define OBJ_id_GostR3410_94_cc          OBJ_cryptocom,1L,5L,3L
-
-#define SN_id_GostR3410_2001_cc         "gost2001cc"
-#define LN_id_GostR3410_2001_cc         "GOST 34.10-2001 Cryptocom"
-#define NID_id_GostR3410_2001_cc                851
-#define OBJ_id_GostR3410_2001_cc                OBJ_cryptocom,1L,5L,4L
-
-#define SN_id_GostR3411_94_with_GostR3410_94_cc         "id-GostR3411-94-with-GostR3410-94-cc"
-#define LN_id_GostR3411_94_with_GostR3410_94_cc         "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom"
-#define NID_id_GostR3411_94_with_GostR3410_94_cc                852
-#define OBJ_id_GostR3411_94_with_GostR3410_94_cc                OBJ_cryptocom,1L,3L,3L
-
-#define SN_id_GostR3411_94_with_GostR3410_2001_cc               "id-GostR3411-94-with-GostR3410-2001-cc"
-#define LN_id_GostR3411_94_with_GostR3410_2001_cc               "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom"
-#define NID_id_GostR3411_94_with_GostR3410_2001_cc              853
-#define OBJ_id_GostR3411_94_with_GostR3410_2001_cc              OBJ_cryptocom,1L,3L,4L
-
-#define SN_id_GostR3410_2001_ParamSet_cc                "id-GostR3410-2001-ParamSet-cc"
-#define LN_id_GostR3410_2001_ParamSet_cc                "GOST R 3410-2001 Parameter Set Cryptocom"
-#define NID_id_GostR3410_2001_ParamSet_cc               854
-#define OBJ_id_GostR3410_2001_ParamSet_cc               OBJ_cryptocom,1L,8L,1L
-
-#define SN_camellia_128_cbc             "CAMELLIA-128-CBC"
-#define LN_camellia_128_cbc             "camellia-128-cbc"
-#define NID_camellia_128_cbc            751
-#define OBJ_camellia_128_cbc            1L,2L,392L,200011L,61L,1L,1L,1L,2L
-
-#define SN_camellia_192_cbc             "CAMELLIA-192-CBC"
-#define LN_camellia_192_cbc             "camellia-192-cbc"
-#define NID_camellia_192_cbc            752
-#define OBJ_camellia_192_cbc            1L,2L,392L,200011L,61L,1L,1L,1L,3L
-
-#define SN_camellia_256_cbc             "CAMELLIA-256-CBC"
-#define LN_camellia_256_cbc             "camellia-256-cbc"
-#define NID_camellia_256_cbc            753
-#define OBJ_camellia_256_cbc            1L,2L,392L,200011L,61L,1L,1L,1L,4L
-
-#define SN_id_camellia128_wrap          "id-camellia128-wrap"
-#define NID_id_camellia128_wrap         907
-#define OBJ_id_camellia128_wrap         1L,2L,392L,200011L,61L,1L,1L,3L,2L
-
-#define SN_id_camellia192_wrap          "id-camellia192-wrap"
-#define NID_id_camellia192_wrap         908
-#define OBJ_id_camellia192_wrap         1L,2L,392L,200011L,61L,1L,1L,3L,3L
-
-#define SN_id_camellia256_wrap          "id-camellia256-wrap"
-#define NID_id_camellia256_wrap         909
-#define OBJ_id_camellia256_wrap         1L,2L,392L,200011L,61L,1L,1L,3L,4L
-
-#define OBJ_ntt_ds              0L,3L,4401L,5L
-
-#define OBJ_camellia            OBJ_ntt_ds,3L,1L,9L
-
-#define SN_camellia_128_ecb             "CAMELLIA-128-ECB"
-#define LN_camellia_128_ecb             "camellia-128-ecb"
-#define NID_camellia_128_ecb            754
-#define OBJ_camellia_128_ecb            OBJ_camellia,1L
-
-#define SN_camellia_128_ofb128          "CAMELLIA-128-OFB"
-#define LN_camellia_128_ofb128          "camellia-128-ofb"
-#define NID_camellia_128_ofb128         766
-#define OBJ_camellia_128_ofb128         OBJ_camellia,3L
-
-#define SN_camellia_128_cfb128          "CAMELLIA-128-CFB"
-#define LN_camellia_128_cfb128          "camellia-128-cfb"
-#define NID_camellia_128_cfb128         757
-#define OBJ_camellia_128_cfb128         OBJ_camellia,4L
-
-#define SN_camellia_192_ecb             "CAMELLIA-192-ECB"
-#define LN_camellia_192_ecb             "camellia-192-ecb"
-#define NID_camellia_192_ecb            755
-#define OBJ_camellia_192_ecb            OBJ_camellia,21L
-
-#define SN_camellia_192_ofb128          "CAMELLIA-192-OFB"
-#define LN_camellia_192_ofb128          "camellia-192-ofb"
-#define NID_camellia_192_ofb128         767
-#define OBJ_camellia_192_ofb128         OBJ_camellia,23L
-
-#define SN_camellia_192_cfb128          "CAMELLIA-192-CFB"
-#define LN_camellia_192_cfb128          "camellia-192-cfb"
-#define NID_camellia_192_cfb128         758
-#define OBJ_camellia_192_cfb128         OBJ_camellia,24L
-
-#define SN_camellia_256_ecb             "CAMELLIA-256-ECB"
-#define LN_camellia_256_ecb             "camellia-256-ecb"
-#define NID_camellia_256_ecb            756
-#define OBJ_camellia_256_ecb            OBJ_camellia,41L
-
-#define SN_camellia_256_ofb128          "CAMELLIA-256-OFB"
-#define LN_camellia_256_ofb128          "camellia-256-ofb"
-#define NID_camellia_256_ofb128         768
-#define OBJ_camellia_256_ofb128         OBJ_camellia,43L
-
-#define SN_camellia_256_cfb128          "CAMELLIA-256-CFB"
-#define LN_camellia_256_cfb128          "camellia-256-cfb"
-#define NID_camellia_256_cfb128         759
-#define OBJ_camellia_256_cfb128         OBJ_camellia,44L
-
-#define SN_camellia_128_cfb1            "CAMELLIA-128-CFB1"
-#define LN_camellia_128_cfb1            "camellia-128-cfb1"
-#define NID_camellia_128_cfb1           760
-
-#define SN_camellia_192_cfb1            "CAMELLIA-192-CFB1"
-#define LN_camellia_192_cfb1            "camellia-192-cfb1"
-#define NID_camellia_192_cfb1           761
-
-#define SN_camellia_256_cfb1            "CAMELLIA-256-CFB1"
-#define LN_camellia_256_cfb1            "camellia-256-cfb1"
-#define NID_camellia_256_cfb1           762
-
-#define SN_camellia_128_cfb8            "CAMELLIA-128-CFB8"
-#define LN_camellia_128_cfb8            "camellia-128-cfb8"
-#define NID_camellia_128_cfb8           763
-
-#define SN_camellia_192_cfb8            "CAMELLIA-192-CFB8"
-#define LN_camellia_192_cfb8            "camellia-192-cfb8"
-#define NID_camellia_192_cfb8           764
-
-#define SN_camellia_256_cfb8            "CAMELLIA-256-CFB8"
-#define LN_camellia_256_cfb8            "camellia-256-cfb8"
-#define NID_camellia_256_cfb8           765
-
-#define SN_kisa         "KISA"
-#define LN_kisa         "kisa"
-#define NID_kisa                773
-#define OBJ_kisa                OBJ_member_body,410L,200004L
-
-#define SN_seed_ecb             "SEED-ECB"
-#define LN_seed_ecb             "seed-ecb"
-#define NID_seed_ecb            776
-#define OBJ_seed_ecb            OBJ_kisa,1L,3L
-
-#define SN_seed_cbc             "SEED-CBC"
-#define LN_seed_cbc             "seed-cbc"
-#define NID_seed_cbc            777
-#define OBJ_seed_cbc            OBJ_kisa,1L,4L
-
-#define SN_seed_cfb128          "SEED-CFB"
-#define LN_seed_cfb128          "seed-cfb"
-#define NID_seed_cfb128         779
-#define OBJ_seed_cfb128         OBJ_kisa,1L,5L
-
-#define SN_seed_ofb128          "SEED-OFB"
-#define LN_seed_ofb128          "seed-ofb"
-#define NID_seed_ofb128         778
-#define OBJ_seed_ofb128         OBJ_kisa,1L,6L
-
-#define SN_hmac         "HMAC"
-#define LN_hmac         "hmac"
-#define NID_hmac                855
-
-#define SN_cmac         "CMAC"
-#define LN_cmac         "cmac"
-#define NID_cmac                894
-
-#define SN_rc4_hmac_md5         "RC4-HMAC-MD5"
-#define LN_rc4_hmac_md5         "rc4-hmac-md5"
-#define NID_rc4_hmac_md5                915
-
-#define SN_aes_128_cbc_hmac_sha1                "AES-128-CBC-HMAC-SHA1"
-#define LN_aes_128_cbc_hmac_sha1                "aes-128-cbc-hmac-sha1"
-#define NID_aes_128_cbc_hmac_sha1               916
-
-#define SN_aes_192_cbc_hmac_sha1                "AES-192-CBC-HMAC-SHA1"
-#define LN_aes_192_cbc_hmac_sha1                "aes-192-cbc-hmac-sha1"
-#define NID_aes_192_cbc_hmac_sha1               917
-
-#define SN_aes_256_cbc_hmac_sha1                "AES-256-CBC-HMAC-SHA1"
-#define LN_aes_256_cbc_hmac_sha1                "aes-256-cbc-hmac-sha1"
-#define NID_aes_256_cbc_hmac_sha1               918
-
-#define SN_aes_128_cbc_hmac_sha256              "AES-128-CBC-HMAC-SHA256"
-#define LN_aes_128_cbc_hmac_sha256              "aes-128-cbc-hmac-sha256"
-#define NID_aes_128_cbc_hmac_sha256             948
-
-#define SN_aes_192_cbc_hmac_sha256              "AES-192-CBC-HMAC-SHA256"
-#define LN_aes_192_cbc_hmac_sha256              "aes-192-cbc-hmac-sha256"
-#define NID_aes_192_cbc_hmac_sha256             949
-
-#define SN_aes_256_cbc_hmac_sha256              "AES-256-CBC-HMAC-SHA256"
-#define LN_aes_256_cbc_hmac_sha256              "aes-256-cbc-hmac-sha256"
-#define NID_aes_256_cbc_hmac_sha256             950
-
-#define SN_dhpublicnumber               "dhpublicnumber"
-#define LN_dhpublicnumber               "X9.42 DH"
-#define NID_dhpublicnumber              920
-#define OBJ_dhpublicnumber              OBJ_ISO_US,10046L,2L,1L
-
-#define SN_brainpoolP160r1              "brainpoolP160r1"
-#define NID_brainpoolP160r1             921
-#define OBJ_brainpoolP160r1             1L,3L,36L,3L,3L,2L,8L,1L,1L,1L
-
-#define SN_brainpoolP160t1              "brainpoolP160t1"
-#define NID_brainpoolP160t1             922
-#define OBJ_brainpoolP160t1             1L,3L,36L,3L,3L,2L,8L,1L,1L,2L
-
-#define SN_brainpoolP192r1              "brainpoolP192r1"
-#define NID_brainpoolP192r1             923
-#define OBJ_brainpoolP192r1             1L,3L,36L,3L,3L,2L,8L,1L,1L,3L
-
-#define SN_brainpoolP192t1              "brainpoolP192t1"
-#define NID_brainpoolP192t1             924
-#define OBJ_brainpoolP192t1             1L,3L,36L,3L,3L,2L,8L,1L,1L,4L
-
-#define SN_brainpoolP224r1              "brainpoolP224r1"
-#define NID_brainpoolP224r1             925
-#define OBJ_brainpoolP224r1             1L,3L,36L,3L,3L,2L,8L,1L,1L,5L
-
-#define SN_brainpoolP224t1              "brainpoolP224t1"
-#define NID_brainpoolP224t1             926
-#define OBJ_brainpoolP224t1             1L,3L,36L,3L,3L,2L,8L,1L,1L,6L
-
-#define SN_brainpoolP256r1              "brainpoolP256r1"
-#define NID_brainpoolP256r1             927
-#define OBJ_brainpoolP256r1             1L,3L,36L,3L,3L,2L,8L,1L,1L,7L
-
-#define SN_brainpoolP256t1              "brainpoolP256t1"
-#define NID_brainpoolP256t1             928
-#define OBJ_brainpoolP256t1             1L,3L,36L,3L,3L,2L,8L,1L,1L,8L
-
-#define SN_brainpoolP320r1              "brainpoolP320r1"
-#define NID_brainpoolP320r1             929
-#define OBJ_brainpoolP320r1             1L,3L,36L,3L,3L,2L,8L,1L,1L,9L
-
-#define SN_brainpoolP320t1              "brainpoolP320t1"
-#define NID_brainpoolP320t1             930
-#define OBJ_brainpoolP320t1             1L,3L,36L,3L,3L,2L,8L,1L,1L,10L
-
-#define SN_brainpoolP384r1              "brainpoolP384r1"
-#define NID_brainpoolP384r1             931
-#define OBJ_brainpoolP384r1             1L,3L,36L,3L,3L,2L,8L,1L,1L,11L
-
-#define SN_brainpoolP384t1              "brainpoolP384t1"
-#define NID_brainpoolP384t1             932
-#define OBJ_brainpoolP384t1             1L,3L,36L,3L,3L,2L,8L,1L,1L,12L
-
-#define SN_brainpoolP512r1              "brainpoolP512r1"
-#define NID_brainpoolP512r1             933
-#define OBJ_brainpoolP512r1             1L,3L,36L,3L,3L,2L,8L,1L,1L,13L
-
-#define SN_brainpoolP512t1              "brainpoolP512t1"
-#define NID_brainpoolP512t1             934
-#define OBJ_brainpoolP512t1             1L,3L,36L,3L,3L,2L,8L,1L,1L,14L
-
-#define OBJ_x9_63_scheme                1L,3L,133L,16L,840L,63L,0L
-
-#define OBJ_secg_scheme         OBJ_certicom_arc,1L
-
-#define SN_dhSinglePass_stdDH_sha1kdf_scheme            "dhSinglePass-stdDH-sha1kdf-scheme"
-#define NID_dhSinglePass_stdDH_sha1kdf_scheme           936
-#define OBJ_dhSinglePass_stdDH_sha1kdf_scheme           OBJ_x9_63_scheme,2L
-
-#define SN_dhSinglePass_stdDH_sha224kdf_scheme          "dhSinglePass-stdDH-sha224kdf-scheme"
-#define NID_dhSinglePass_stdDH_sha224kdf_scheme         937
-#define OBJ_dhSinglePass_stdDH_sha224kdf_scheme         OBJ_secg_scheme,11L,0L
-
-#define SN_dhSinglePass_stdDH_sha256kdf_scheme          "dhSinglePass-stdDH-sha256kdf-scheme"
-#define NID_dhSinglePass_stdDH_sha256kdf_scheme         938
-#define OBJ_dhSinglePass_stdDH_sha256kdf_scheme         OBJ_secg_scheme,11L,1L
-
-#define SN_dhSinglePass_stdDH_sha384kdf_scheme          "dhSinglePass-stdDH-sha384kdf-scheme"
-#define NID_dhSinglePass_stdDH_sha384kdf_scheme         939
-#define OBJ_dhSinglePass_stdDH_sha384kdf_scheme         OBJ_secg_scheme,11L,2L
-
-#define SN_dhSinglePass_stdDH_sha512kdf_scheme          "dhSinglePass-stdDH-sha512kdf-scheme"
-#define NID_dhSinglePass_stdDH_sha512kdf_scheme         940
-#define OBJ_dhSinglePass_stdDH_sha512kdf_scheme         OBJ_secg_scheme,11L,3L
-
-#define SN_dhSinglePass_cofactorDH_sha1kdf_scheme               "dhSinglePass-cofactorDH-sha1kdf-scheme"
-#define NID_dhSinglePass_cofactorDH_sha1kdf_scheme              941
-#define OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme              OBJ_x9_63_scheme,3L
-
-#define SN_dhSinglePass_cofactorDH_sha224kdf_scheme             "dhSinglePass-cofactorDH-sha224kdf-scheme"
-#define NID_dhSinglePass_cofactorDH_sha224kdf_scheme            942
-#define OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme            OBJ_secg_scheme,14L,0L
-
-#define SN_dhSinglePass_cofactorDH_sha256kdf_scheme             "dhSinglePass-cofactorDH-sha256kdf-scheme"
-#define NID_dhSinglePass_cofactorDH_sha256kdf_scheme            943
-#define OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme            OBJ_secg_scheme,14L,1L
-
-#define SN_dhSinglePass_cofactorDH_sha384kdf_scheme             "dhSinglePass-cofactorDH-sha384kdf-scheme"
-#define NID_dhSinglePass_cofactorDH_sha384kdf_scheme            944
-#define OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme            OBJ_secg_scheme,14L,2L
-
-#define SN_dhSinglePass_cofactorDH_sha512kdf_scheme             "dhSinglePass-cofactorDH-sha512kdf-scheme"
-#define NID_dhSinglePass_cofactorDH_sha512kdf_scheme            945
-#define OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme            OBJ_secg_scheme,14L,3L
-
-#define SN_dh_std_kdf           "dh-std-kdf"
-#define NID_dh_std_kdf          946
-
-#define SN_dh_cofactor_kdf              "dh-cofactor-kdf"
-#define NID_dh_cofactor_kdf             947
-
-#define SN_ct_precert_scts              "ct_precert_scts"
-#define LN_ct_precert_scts              "CT Precertificate SCTs"
-#define NID_ct_precert_scts             951
-#define OBJ_ct_precert_scts             1L,3L,6L,1L,4L,1L,11129L,2L,4L,2L
-
-#define SN_ct_precert_poison            "ct_precert_poison"
-#define LN_ct_precert_poison            "CT Precertificate Poison"
-#define NID_ct_precert_poison           952
-#define OBJ_ct_precert_poison           1L,3L,6L,1L,4L,1L,11129L,2L,4L,3L
-
-#define SN_ct_precert_signer            "ct_precert_signer"
-#define LN_ct_precert_signer            "CT Precertificate Signer"
-#define NID_ct_precert_signer           953
-#define OBJ_ct_precert_signer           1L,3L,6L,1L,4L,1L,11129L,2L,4L,4L
-
-#define SN_ct_cert_scts         "ct_cert_scts"
-#define LN_ct_cert_scts         "CT Certificate SCTs"
-#define NID_ct_cert_scts                954
-#define OBJ_ct_cert_scts                1L,3L,6L,1L,4L,1L,11129L,2L,4L,5L
-
-#define SN_jurisdictionLocalityName             "jurisdictionL"
-#define LN_jurisdictionLocalityName             "jurisdictionLocalityName"
-#define NID_jurisdictionLocalityName            955
-#define OBJ_jurisdictionLocalityName            1L,3L,6L,1L,4L,1L,311L,60L,2L,1L,1L
-
-#define SN_jurisdictionStateOrProvinceName              "jurisdictionST"
-#define LN_jurisdictionStateOrProvinceName              "jurisdictionStateOrProvinceName"
-#define NID_jurisdictionStateOrProvinceName             956
-#define OBJ_jurisdictionStateOrProvinceName             1L,3L,6L,1L,4L,1L,311L,60L,2L,1L,2L
-
-#define SN_jurisdictionCountryName              "jurisdictionC"
-#define LN_jurisdictionCountryName              "jurisdictionCountryName"
-#define NID_jurisdictionCountryName             957
-#define OBJ_jurisdictionCountryName             1L,3L,6L,1L,4L,1L,311L,60L,2L,1L,3L
diff --git a/thirdparty/openssl/openssl/objects.h b/thirdparty/openssl/openssl/objects.h
deleted file mode 100644
index b8dafa89ce..0000000000
--- a/thirdparty/openssl/openssl/objects.h
+++ /dev/null
@@ -1,1143 +0,0 @@
-/* crypto/objects/objects.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_OBJECTS_H
-# define HEADER_OBJECTS_H
-
-# define USE_OBJ_MAC
-
-# ifdef USE_OBJ_MAC
-#  include <openssl/obj_mac.h>
-# else
-#  define SN_undef                        "UNDEF"
-#  define LN_undef                        "undefined"
-#  define NID_undef                       0
-#  define OBJ_undef                       0L
-
-#  define SN_Algorithm                    "Algorithm"
-#  define LN_algorithm                    "algorithm"
-#  define NID_algorithm                   38
-#  define OBJ_algorithm                   1L,3L,14L,3L,2L
-
-#  define LN_rsadsi                       "rsadsi"
-#  define NID_rsadsi                      1
-#  define OBJ_rsadsi                      1L,2L,840L,113549L
-
-#  define LN_pkcs                         "pkcs"
-#  define NID_pkcs                        2
-#  define OBJ_pkcs                        OBJ_rsadsi,1L
-
-#  define SN_md2                          "MD2"
-#  define LN_md2                          "md2"
-#  define NID_md2                         3
-#  define OBJ_md2                         OBJ_rsadsi,2L,2L
-
-#  define SN_md5                          "MD5"
-#  define LN_md5                          "md5"
-#  define NID_md5                         4
-#  define OBJ_md5                         OBJ_rsadsi,2L,5L
-
-#  define SN_rc4                          "RC4"
-#  define LN_rc4                          "rc4"
-#  define NID_rc4                         5
-#  define OBJ_rc4                         OBJ_rsadsi,3L,4L
-
-#  define LN_rsaEncryption                "rsaEncryption"
-#  define NID_rsaEncryption               6
-#  define OBJ_rsaEncryption               OBJ_pkcs,1L,1L
-
-#  define SN_md2WithRSAEncryption         "RSA-MD2"
-#  define LN_md2WithRSAEncryption         "md2WithRSAEncryption"
-#  define NID_md2WithRSAEncryption        7
-#  define OBJ_md2WithRSAEncryption        OBJ_pkcs,1L,2L
-
-#  define SN_md5WithRSAEncryption         "RSA-MD5"
-#  define LN_md5WithRSAEncryption         "md5WithRSAEncryption"
-#  define NID_md5WithRSAEncryption        8
-#  define OBJ_md5WithRSAEncryption        OBJ_pkcs,1L,4L
-
-#  define SN_pbeWithMD2AndDES_CBC         "PBE-MD2-DES"
-#  define LN_pbeWithMD2AndDES_CBC         "pbeWithMD2AndDES-CBC"
-#  define NID_pbeWithMD2AndDES_CBC        9
-#  define OBJ_pbeWithMD2AndDES_CBC        OBJ_pkcs,5L,1L
-
-#  define SN_pbeWithMD5AndDES_CBC         "PBE-MD5-DES"
-#  define LN_pbeWithMD5AndDES_CBC         "pbeWithMD5AndDES-CBC"
-#  define NID_pbeWithMD5AndDES_CBC        10
-#  define OBJ_pbeWithMD5AndDES_CBC        OBJ_pkcs,5L,3L
-
-#  define LN_X500                         "X500"
-#  define NID_X500                        11
-#  define OBJ_X500                        2L,5L
-
-#  define LN_X509                         "X509"
-#  define NID_X509                        12
-#  define OBJ_X509                        OBJ_X500,4L
-
-#  define SN_commonName                   "CN"
-#  define LN_commonName                   "commonName"
-#  define NID_commonName                  13
-#  define OBJ_commonName                  OBJ_X509,3L
-
-#  define SN_countryName                  "C"
-#  define LN_countryName                  "countryName"
-#  define NID_countryName                 14
-#  define OBJ_countryName                 OBJ_X509,6L
-
-#  define SN_localityName                 "L"
-#  define LN_localityName                 "localityName"
-#  define NID_localityName                15
-#  define OBJ_localityName                OBJ_X509,7L
-
-/* Postal Address? PA */
-
-/* should be "ST" (rfc1327) but MS uses 'S' */
-#  define SN_stateOrProvinceName          "ST"
-#  define LN_stateOrProvinceName          "stateOrProvinceName"
-#  define NID_stateOrProvinceName         16
-#  define OBJ_stateOrProvinceName         OBJ_X509,8L
-
-#  define SN_organizationName             "O"
-#  define LN_organizationName             "organizationName"
-#  define NID_organizationName            17
-#  define OBJ_organizationName            OBJ_X509,10L
-
-#  define SN_organizationalUnitName       "OU"
-#  define LN_organizationalUnitName       "organizationalUnitName"
-#  define NID_organizationalUnitName      18
-#  define OBJ_organizationalUnitName      OBJ_X509,11L
-
-#  define SN_rsa                          "RSA"
-#  define LN_rsa                          "rsa"
-#  define NID_rsa                         19
-#  define OBJ_rsa                         OBJ_X500,8L,1L,1L
-
-#  define LN_pkcs7                        "pkcs7"
-#  define NID_pkcs7                       20
-#  define OBJ_pkcs7                       OBJ_pkcs,7L
-
-#  define LN_pkcs7_data                   "pkcs7-data"
-#  define NID_pkcs7_data                  21
-#  define OBJ_pkcs7_data                  OBJ_pkcs7,1L
-
-#  define LN_pkcs7_signed                 "pkcs7-signedData"
-#  define NID_pkcs7_signed                22
-#  define OBJ_pkcs7_signed                OBJ_pkcs7,2L
-
-#  define LN_pkcs7_enveloped              "pkcs7-envelopedData"
-#  define NID_pkcs7_enveloped             23
-#  define OBJ_pkcs7_enveloped             OBJ_pkcs7,3L
-
-#  define LN_pkcs7_signedAndEnveloped     "pkcs7-signedAndEnvelopedData"
-#  define NID_pkcs7_signedAndEnveloped    24
-#  define OBJ_pkcs7_signedAndEnveloped    OBJ_pkcs7,4L
-
-#  define LN_pkcs7_digest                 "pkcs7-digestData"
-#  define NID_pkcs7_digest                25
-#  define OBJ_pkcs7_digest                OBJ_pkcs7,5L
-
-#  define LN_pkcs7_encrypted              "pkcs7-encryptedData"
-#  define NID_pkcs7_encrypted             26
-#  define OBJ_pkcs7_encrypted             OBJ_pkcs7,6L
-
-#  define LN_pkcs3                        "pkcs3"
-#  define NID_pkcs3                       27
-#  define OBJ_pkcs3                       OBJ_pkcs,3L
-
-#  define LN_dhKeyAgreement               "dhKeyAgreement"
-#  define NID_dhKeyAgreement              28
-#  define OBJ_dhKeyAgreement              OBJ_pkcs3,1L
-
-#  define SN_des_ecb                      "DES-ECB"
-#  define LN_des_ecb                      "des-ecb"
-#  define NID_des_ecb                     29
-#  define OBJ_des_ecb                     OBJ_algorithm,6L
-
-#  define SN_des_cfb64                    "DES-CFB"
-#  define LN_des_cfb64                    "des-cfb"
-#  define NID_des_cfb64                   30
-/* IV + num */
-#  define OBJ_des_cfb64                   OBJ_algorithm,9L
-
-#  define SN_des_cbc                      "DES-CBC"
-#  define LN_des_cbc                      "des-cbc"
-#  define NID_des_cbc                     31
-/* IV */
-#  define OBJ_des_cbc                     OBJ_algorithm,7L
-
-#  define SN_des_ede                      "DES-EDE"
-#  define LN_des_ede                      "des-ede"
-#  define NID_des_ede                     32
-/* ?? */
-#  define OBJ_des_ede                     OBJ_algorithm,17L
-
-#  define SN_des_ede3                     "DES-EDE3"
-#  define LN_des_ede3                     "des-ede3"
-#  define NID_des_ede3                    33
-
-#  define SN_idea_cbc                     "IDEA-CBC"
-#  define LN_idea_cbc                     "idea-cbc"
-#  define NID_idea_cbc                    34
-#  define OBJ_idea_cbc                    1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L
-
-#  define SN_idea_cfb64                   "IDEA-CFB"
-#  define LN_idea_cfb64                   "idea-cfb"
-#  define NID_idea_cfb64                  35
-
-#  define SN_idea_ecb                     "IDEA-ECB"
-#  define LN_idea_ecb                     "idea-ecb"
-#  define NID_idea_ecb                    36
-
-#  define SN_rc2_cbc                      "RC2-CBC"
-#  define LN_rc2_cbc                      "rc2-cbc"
-#  define NID_rc2_cbc                     37
-#  define OBJ_rc2_cbc                     OBJ_rsadsi,3L,2L
-
-#  define SN_rc2_ecb                      "RC2-ECB"
-#  define LN_rc2_ecb                      "rc2-ecb"
-#  define NID_rc2_ecb                     38
-
-#  define SN_rc2_cfb64                    "RC2-CFB"
-#  define LN_rc2_cfb64                    "rc2-cfb"
-#  define NID_rc2_cfb64                   39
-
-#  define SN_rc2_ofb64                    "RC2-OFB"
-#  define LN_rc2_ofb64                    "rc2-ofb"
-#  define NID_rc2_ofb64                   40
-
-#  define SN_sha                          "SHA"
-#  define LN_sha                          "sha"
-#  define NID_sha                         41
-#  define OBJ_sha                         OBJ_algorithm,18L
-
-#  define SN_shaWithRSAEncryption         "RSA-SHA"
-#  define LN_shaWithRSAEncryption         "shaWithRSAEncryption"
-#  define NID_shaWithRSAEncryption        42
-#  define OBJ_shaWithRSAEncryption        OBJ_algorithm,15L
-
-#  define SN_des_ede_cbc                  "DES-EDE-CBC"
-#  define LN_des_ede_cbc                  "des-ede-cbc"
-#  define NID_des_ede_cbc                 43
-
-#  define SN_des_ede3_cbc                 "DES-EDE3-CBC"
-#  define LN_des_ede3_cbc                 "des-ede3-cbc"
-#  define NID_des_ede3_cbc                44
-#  define OBJ_des_ede3_cbc                OBJ_rsadsi,3L,7L
-
-#  define SN_des_ofb64                    "DES-OFB"
-#  define LN_des_ofb64                    "des-ofb"
-#  define NID_des_ofb64                   45
-#  define OBJ_des_ofb64                   OBJ_algorithm,8L
-
-#  define SN_idea_ofb64                   "IDEA-OFB"
-#  define LN_idea_ofb64                   "idea-ofb"
-#  define NID_idea_ofb64                  46
-
-#  define LN_pkcs9                        "pkcs9"
-#  define NID_pkcs9                       47
-#  define OBJ_pkcs9                       OBJ_pkcs,9L
-
-#  define SN_pkcs9_emailAddress           "Email"
-#  define LN_pkcs9_emailAddress           "emailAddress"
-#  define NID_pkcs9_emailAddress          48
-#  define OBJ_pkcs9_emailAddress          OBJ_pkcs9,1L
-
-#  define LN_pkcs9_unstructuredName       "unstructuredName"
-#  define NID_pkcs9_unstructuredName      49
-#  define OBJ_pkcs9_unstructuredName      OBJ_pkcs9,2L
-
-#  define LN_pkcs9_contentType            "contentType"
-#  define NID_pkcs9_contentType           50
-#  define OBJ_pkcs9_contentType           OBJ_pkcs9,3L
-
-#  define LN_pkcs9_messageDigest          "messageDigest"
-#  define NID_pkcs9_messageDigest         51
-#  define OBJ_pkcs9_messageDigest         OBJ_pkcs9,4L
-
-#  define LN_pkcs9_signingTime            "signingTime"
-#  define NID_pkcs9_signingTime           52
-#  define OBJ_pkcs9_signingTime           OBJ_pkcs9,5L
-
-#  define LN_pkcs9_countersignature       "countersignature"
-#  define NID_pkcs9_countersignature      53
-#  define OBJ_pkcs9_countersignature      OBJ_pkcs9,6L
-
-#  define LN_pkcs9_challengePassword      "challengePassword"
-#  define NID_pkcs9_challengePassword     54
-#  define OBJ_pkcs9_challengePassword     OBJ_pkcs9,7L
-
-#  define LN_pkcs9_unstructuredAddress    "unstructuredAddress"
-#  define NID_pkcs9_unstructuredAddress   55
-#  define OBJ_pkcs9_unstructuredAddress   OBJ_pkcs9,8L
-
-#  define LN_pkcs9_extCertAttributes      "extendedCertificateAttributes"
-#  define NID_pkcs9_extCertAttributes     56
-#  define OBJ_pkcs9_extCertAttributes     OBJ_pkcs9,9L
-
-#  define SN_netscape                     "Netscape"
-#  define LN_netscape                     "Netscape Communications Corp."
-#  define NID_netscape                    57
-#  define OBJ_netscape                    2L,16L,840L,1L,113730L
-
-#  define SN_netscape_cert_extension      "nsCertExt"
-#  define LN_netscape_cert_extension      "Netscape Certificate Extension"
-#  define NID_netscape_cert_extension     58
-#  define OBJ_netscape_cert_extension     OBJ_netscape,1L
-
-#  define SN_netscape_data_type           "nsDataType"
-#  define LN_netscape_data_type           "Netscape Data Type"
-#  define NID_netscape_data_type          59
-#  define OBJ_netscape_data_type          OBJ_netscape,2L
-
-#  define SN_des_ede_cfb64                "DES-EDE-CFB"
-#  define LN_des_ede_cfb64                "des-ede-cfb"
-#  define NID_des_ede_cfb64               60
-
-#  define SN_des_ede3_cfb64               "DES-EDE3-CFB"
-#  define LN_des_ede3_cfb64               "des-ede3-cfb"
-#  define NID_des_ede3_cfb64              61
-
-#  define SN_des_ede_ofb64                "DES-EDE-OFB"
-#  define LN_des_ede_ofb64                "des-ede-ofb"
-#  define NID_des_ede_ofb64               62
-
-#  define SN_des_ede3_ofb64               "DES-EDE3-OFB"
-#  define LN_des_ede3_ofb64               "des-ede3-ofb"
-#  define NID_des_ede3_ofb64              63
-
-/* I'm not sure about the object ID */
-#  define SN_sha1                         "SHA1"
-#  define LN_sha1                         "sha1"
-#  define NID_sha1                        64
-#  define OBJ_sha1                        OBJ_algorithm,26L
-/* 28 Jun 1996 - eay */
-/* #define OBJ_sha1                     1L,3L,14L,2L,26L,05L <- wrong */
-
-#  define SN_sha1WithRSAEncryption        "RSA-SHA1"
-#  define LN_sha1WithRSAEncryption        "sha1WithRSAEncryption"
-#  define NID_sha1WithRSAEncryption       65
-#  define OBJ_sha1WithRSAEncryption       OBJ_pkcs,1L,5L
-
-#  define SN_dsaWithSHA                   "DSA-SHA"
-#  define LN_dsaWithSHA                   "dsaWithSHA"
-#  define NID_dsaWithSHA                  66
-#  define OBJ_dsaWithSHA                  OBJ_algorithm,13L
-
-#  define SN_dsa_2                        "DSA-old"
-#  define LN_dsa_2                        "dsaEncryption-old"
-#  define NID_dsa_2                       67
-#  define OBJ_dsa_2                       OBJ_algorithm,12L
-
-/* proposed by microsoft to RSA */
-#  define SN_pbeWithSHA1AndRC2_CBC        "PBE-SHA1-RC2-64"
-#  define LN_pbeWithSHA1AndRC2_CBC        "pbeWithSHA1AndRC2-CBC"
-#  define NID_pbeWithSHA1AndRC2_CBC       68
-#  define OBJ_pbeWithSHA1AndRC2_CBC       OBJ_pkcs,5L,11L
-
-/*
- * proposed by microsoft to RSA as pbeWithSHA1AndRC4: it is now defined
- * explicitly in PKCS#5 v2.0 as id-PBKDF2 which is something completely
- * different.
- */
-#  define LN_id_pbkdf2                    "PBKDF2"
-#  define NID_id_pbkdf2                   69
-#  define OBJ_id_pbkdf2                   OBJ_pkcs,5L,12L
-
-#  define SN_dsaWithSHA1_2                "DSA-SHA1-old"
-#  define LN_dsaWithSHA1_2                "dsaWithSHA1-old"
-#  define NID_dsaWithSHA1_2               70
-/* Got this one from 'sdn706r20.pdf' which is actually an NSA document :-) */
-#  define OBJ_dsaWithSHA1_2               OBJ_algorithm,27L
-
-#  define SN_netscape_cert_type           "nsCertType"
-#  define LN_netscape_cert_type           "Netscape Cert Type"
-#  define NID_netscape_cert_type          71
-#  define OBJ_netscape_cert_type          OBJ_netscape_cert_extension,1L
-
-#  define SN_netscape_base_url            "nsBaseUrl"
-#  define LN_netscape_base_url            "Netscape Base Url"
-#  define NID_netscape_base_url           72
-#  define OBJ_netscape_base_url           OBJ_netscape_cert_extension,2L
-
-#  define SN_netscape_revocation_url      "nsRevocationUrl"
-#  define LN_netscape_revocation_url      "Netscape Revocation Url"
-#  define NID_netscape_revocation_url     73
-#  define OBJ_netscape_revocation_url     OBJ_netscape_cert_extension,3L
-
-#  define SN_netscape_ca_revocation_url   "nsCaRevocationUrl"
-#  define LN_netscape_ca_revocation_url   "Netscape CA Revocation Url"
-#  define NID_netscape_ca_revocation_url  74
-#  define OBJ_netscape_ca_revocation_url  OBJ_netscape_cert_extension,4L
-
-#  define SN_netscape_renewal_url         "nsRenewalUrl"
-#  define LN_netscape_renewal_url         "Netscape Renewal Url"
-#  define NID_netscape_renewal_url        75
-#  define OBJ_netscape_renewal_url        OBJ_netscape_cert_extension,7L
-
-#  define SN_netscape_ca_policy_url       "nsCaPolicyUrl"
-#  define LN_netscape_ca_policy_url       "Netscape CA Policy Url"
-#  define NID_netscape_ca_policy_url      76
-#  define OBJ_netscape_ca_policy_url      OBJ_netscape_cert_extension,8L
-
-#  define SN_netscape_ssl_server_name     "nsSslServerName"
-#  define LN_netscape_ssl_server_name     "Netscape SSL Server Name"
-#  define NID_netscape_ssl_server_name    77
-#  define OBJ_netscape_ssl_server_name    OBJ_netscape_cert_extension,12L
-
-#  define SN_netscape_comment             "nsComment"
-#  define LN_netscape_comment             "Netscape Comment"
-#  define NID_netscape_comment            78
-#  define OBJ_netscape_comment            OBJ_netscape_cert_extension,13L
-
-#  define SN_netscape_cert_sequence       "nsCertSequence"
-#  define LN_netscape_cert_sequence       "Netscape Certificate Sequence"
-#  define NID_netscape_cert_sequence      79
-#  define OBJ_netscape_cert_sequence      OBJ_netscape_data_type,5L
-
-#  define SN_desx_cbc                     "DESX-CBC"
-#  define LN_desx_cbc                     "desx-cbc"
-#  define NID_desx_cbc                    80
-
-#  define SN_id_ce                        "id-ce"
-#  define NID_id_ce                       81
-#  define OBJ_id_ce                       2L,5L,29L
-
-#  define SN_subject_key_identifier       "subjectKeyIdentifier"
-#  define LN_subject_key_identifier       "X509v3 Subject Key Identifier"
-#  define NID_subject_key_identifier      82
-#  define OBJ_subject_key_identifier      OBJ_id_ce,14L
-
-#  define SN_key_usage                    "keyUsage"
-#  define LN_key_usage                    "X509v3 Key Usage"
-#  define NID_key_usage                   83
-#  define OBJ_key_usage                   OBJ_id_ce,15L
-
-#  define SN_private_key_usage_period     "privateKeyUsagePeriod"
-#  define LN_private_key_usage_period     "X509v3 Private Key Usage Period"
-#  define NID_private_key_usage_period    84
-#  define OBJ_private_key_usage_period    OBJ_id_ce,16L
-
-#  define SN_subject_alt_name             "subjectAltName"
-#  define LN_subject_alt_name             "X509v3 Subject Alternative Name"
-#  define NID_subject_alt_name            85
-#  define OBJ_subject_alt_name            OBJ_id_ce,17L
-
-#  define SN_issuer_alt_name              "issuerAltName"
-#  define LN_issuer_alt_name              "X509v3 Issuer Alternative Name"
-#  define NID_issuer_alt_name             86
-#  define OBJ_issuer_alt_name             OBJ_id_ce,18L
-
-#  define SN_basic_constraints            "basicConstraints"
-#  define LN_basic_constraints            "X509v3 Basic Constraints"
-#  define NID_basic_constraints           87
-#  define OBJ_basic_constraints           OBJ_id_ce,19L
-
-#  define SN_crl_number                   "crlNumber"
-#  define LN_crl_number                   "X509v3 CRL Number"
-#  define NID_crl_number                  88
-#  define OBJ_crl_number                  OBJ_id_ce,20L
-
-#  define SN_certificate_policies         "certificatePolicies"
-#  define LN_certificate_policies         "X509v3 Certificate Policies"
-#  define NID_certificate_policies        89
-#  define OBJ_certificate_policies        OBJ_id_ce,32L
-
-#  define SN_authority_key_identifier     "authorityKeyIdentifier"
-#  define LN_authority_key_identifier     "X509v3 Authority Key Identifier"
-#  define NID_authority_key_identifier    90
-#  define OBJ_authority_key_identifier    OBJ_id_ce,35L
-
-#  define SN_bf_cbc                       "BF-CBC"
-#  define LN_bf_cbc                       "bf-cbc"
-#  define NID_bf_cbc                      91
-#  define OBJ_bf_cbc                      1L,3L,6L,1L,4L,1L,3029L,1L,2L
-
-#  define SN_bf_ecb                       "BF-ECB"
-#  define LN_bf_ecb                       "bf-ecb"
-#  define NID_bf_ecb                      92
-
-#  define SN_bf_cfb64                     "BF-CFB"
-#  define LN_bf_cfb64                     "bf-cfb"
-#  define NID_bf_cfb64                    93
-
-#  define SN_bf_ofb64                     "BF-OFB"
-#  define LN_bf_ofb64                     "bf-ofb"
-#  define NID_bf_ofb64                    94
-
-#  define SN_mdc2                         "MDC2"
-#  define LN_mdc2                         "mdc2"
-#  define NID_mdc2                        95
-#  define OBJ_mdc2                        2L,5L,8L,3L,101L
-/* An alternative?                      1L,3L,14L,3L,2L,19L */
-
-#  define SN_mdc2WithRSA                  "RSA-MDC2"
-#  define LN_mdc2WithRSA                  "mdc2withRSA"
-#  define NID_mdc2WithRSA                 96
-#  define OBJ_mdc2WithRSA                 2L,5L,8L,3L,100L
-
-#  define SN_rc4_40                       "RC4-40"
-#  define LN_rc4_40                       "rc4-40"
-#  define NID_rc4_40                      97
-
-#  define SN_rc2_40_cbc                   "RC2-40-CBC"
-#  define LN_rc2_40_cbc                   "rc2-40-cbc"
-#  define NID_rc2_40_cbc                  98
-
-#  define SN_givenName                    "G"
-#  define LN_givenName                    "givenName"
-#  define NID_givenName                   99
-#  define OBJ_givenName                   OBJ_X509,42L
-
-#  define SN_surname                      "S"
-#  define LN_surname                      "surname"
-#  define NID_surname                     100
-#  define OBJ_surname                     OBJ_X509,4L
-
-#  define SN_initials                     "I"
-#  define LN_initials                     "initials"
-#  define NID_initials                    101
-#  define OBJ_initials                    OBJ_X509,43L
-
-#  define SN_uniqueIdentifier             "UID"
-#  define LN_uniqueIdentifier             "uniqueIdentifier"
-#  define NID_uniqueIdentifier            102
-#  define OBJ_uniqueIdentifier            OBJ_X509,45L
-
-#  define SN_crl_distribution_points      "crlDistributionPoints"
-#  define LN_crl_distribution_points      "X509v3 CRL Distribution Points"
-#  define NID_crl_distribution_points     103
-#  define OBJ_crl_distribution_points     OBJ_id_ce,31L
-
-#  define SN_md5WithRSA                   "RSA-NP-MD5"
-#  define LN_md5WithRSA                   "md5WithRSA"
-#  define NID_md5WithRSA                  104
-#  define OBJ_md5WithRSA                  OBJ_algorithm,3L
-
-#  define SN_serialNumber                 "SN"
-#  define LN_serialNumber                 "serialNumber"
-#  define NID_serialNumber                105
-#  define OBJ_serialNumber                OBJ_X509,5L
-
-#  define SN_title                        "T"
-#  define LN_title                        "title"
-#  define NID_title                       106
-#  define OBJ_title                       OBJ_X509,12L
-
-#  define SN_description                  "D"
-#  define LN_description                  "description"
-#  define NID_description                 107
-#  define OBJ_description                 OBJ_X509,13L
-
-/* CAST5 is CAST-128, I'm just sticking with the documentation */
-#  define SN_cast5_cbc                    "CAST5-CBC"
-#  define LN_cast5_cbc                    "cast5-cbc"
-#  define NID_cast5_cbc                   108
-#  define OBJ_cast5_cbc                   1L,2L,840L,113533L,7L,66L,10L
-
-#  define SN_cast5_ecb                    "CAST5-ECB"
-#  define LN_cast5_ecb                    "cast5-ecb"
-#  define NID_cast5_ecb                   109
-
-#  define SN_cast5_cfb64                  "CAST5-CFB"
-#  define LN_cast5_cfb64                  "cast5-cfb"
-#  define NID_cast5_cfb64                 110
-
-#  define SN_cast5_ofb64                  "CAST5-OFB"
-#  define LN_cast5_ofb64                  "cast5-ofb"
-#  define NID_cast5_ofb64                 111
-
-#  define LN_pbeWithMD5AndCast5_CBC       "pbeWithMD5AndCast5CBC"
-#  define NID_pbeWithMD5AndCast5_CBC      112
-#  define OBJ_pbeWithMD5AndCast5_CBC      1L,2L,840L,113533L,7L,66L,12L
-
-/*-
- * This is one sun will soon be using :-(
- * id-dsa-with-sha1 ID  ::= {
- *   iso(1) member-body(2) us(840) x9-57 (10040) x9cm(4) 3 }
- */
-#  define SN_dsaWithSHA1                  "DSA-SHA1"
-#  define LN_dsaWithSHA1                  "dsaWithSHA1"
-#  define NID_dsaWithSHA1                 113
-#  define OBJ_dsaWithSHA1                 1L,2L,840L,10040L,4L,3L
-
-#  define NID_md5_sha1                    114
-#  define SN_md5_sha1                     "MD5-SHA1"
-#  define LN_md5_sha1                     "md5-sha1"
-
-#  define SN_sha1WithRSA                  "RSA-SHA1-2"
-#  define LN_sha1WithRSA                  "sha1WithRSA"
-#  define NID_sha1WithRSA                 115
-#  define OBJ_sha1WithRSA                 OBJ_algorithm,29L
-
-#  define SN_dsa                          "DSA"
-#  define LN_dsa                          "dsaEncryption"
-#  define NID_dsa                         116
-#  define OBJ_dsa                         1L,2L,840L,10040L,4L,1L
-
-#  define SN_ripemd160                    "RIPEMD160"
-#  define LN_ripemd160                    "ripemd160"
-#  define NID_ripemd160                   117
-#  define OBJ_ripemd160                   1L,3L,36L,3L,2L,1L
-
-/*
- * The name should actually be rsaSignatureWithripemd160, but I'm going to
- * continue using the convention I'm using with the other ciphers
- */
-#  define SN_ripemd160WithRSA             "RSA-RIPEMD160"
-#  define LN_ripemd160WithRSA             "ripemd160WithRSA"
-#  define NID_ripemd160WithRSA            119
-#  define OBJ_ripemd160WithRSA            1L,3L,36L,3L,3L,1L,2L
-
-/*-
- * Taken from rfc2040
- *  RC5_CBC_Parameters ::= SEQUENCE {
- *      version           INTEGER (v1_0(16)),
- *      rounds            INTEGER (8..127),
- *      blockSizeInBits   INTEGER (64, 128),
- *      iv                OCTET STRING OPTIONAL
- *      }
- */
-#  define SN_rc5_cbc                      "RC5-CBC"
-#  define LN_rc5_cbc                      "rc5-cbc"
-#  define NID_rc5_cbc                     120
-#  define OBJ_rc5_cbc                     OBJ_rsadsi,3L,8L
-
-#  define SN_rc5_ecb                      "RC5-ECB"
-#  define LN_rc5_ecb                      "rc5-ecb"
-#  define NID_rc5_ecb                     121
-
-#  define SN_rc5_cfb64                    "RC5-CFB"
-#  define LN_rc5_cfb64                    "rc5-cfb"
-#  define NID_rc5_cfb64                   122
-
-#  define SN_rc5_ofb64                    "RC5-OFB"
-#  define LN_rc5_ofb64                    "rc5-ofb"
-#  define NID_rc5_ofb64                   123
-
-#  define SN_rle_compression              "RLE"
-#  define LN_rle_compression              "run length compression"
-#  define NID_rle_compression             124
-#  define OBJ_rle_compression             1L,1L,1L,1L,666L,1L
-
-#  define SN_zlib_compression             "ZLIB"
-#  define LN_zlib_compression             "zlib compression"
-#  define NID_zlib_compression            125
-#  define OBJ_zlib_compression            1L,1L,1L,1L,666L,2L
-
-#  define SN_ext_key_usage                "extendedKeyUsage"
-#  define LN_ext_key_usage                "X509v3 Extended Key Usage"
-#  define NID_ext_key_usage               126
-#  define OBJ_ext_key_usage               OBJ_id_ce,37
-
-#  define SN_id_pkix                      "PKIX"
-#  define NID_id_pkix                     127
-#  define OBJ_id_pkix                     1L,3L,6L,1L,5L,5L,7L
-
-#  define SN_id_kp                        "id-kp"
-#  define NID_id_kp                       128
-#  define OBJ_id_kp                       OBJ_id_pkix,3L
-
-/* PKIX extended key usage OIDs */
-
-#  define SN_server_auth                  "serverAuth"
-#  define LN_server_auth                  "TLS Web Server Authentication"
-#  define NID_server_auth                 129
-#  define OBJ_server_auth                 OBJ_id_kp,1L
-
-#  define SN_client_auth                  "clientAuth"
-#  define LN_client_auth                  "TLS Web Client Authentication"
-#  define NID_client_auth                 130
-#  define OBJ_client_auth                 OBJ_id_kp,2L
-
-#  define SN_code_sign                    "codeSigning"
-#  define LN_code_sign                    "Code Signing"
-#  define NID_code_sign                   131
-#  define OBJ_code_sign                   OBJ_id_kp,3L
-
-#  define SN_email_protect                "emailProtection"
-#  define LN_email_protect                "E-mail Protection"
-#  define NID_email_protect               132
-#  define OBJ_email_protect               OBJ_id_kp,4L
-
-#  define SN_time_stamp                   "timeStamping"
-#  define LN_time_stamp                   "Time Stamping"
-#  define NID_time_stamp                  133
-#  define OBJ_time_stamp                  OBJ_id_kp,8L
-
-/* Additional extended key usage OIDs: Microsoft */
-
-#  define SN_ms_code_ind                  "msCodeInd"
-#  define LN_ms_code_ind                  "Microsoft Individual Code Signing"
-#  define NID_ms_code_ind                 134
-#  define OBJ_ms_code_ind                 1L,3L,6L,1L,4L,1L,311L,2L,1L,21L
-
-#  define SN_ms_code_com                  "msCodeCom"
-#  define LN_ms_code_com                  "Microsoft Commercial Code Signing"
-#  define NID_ms_code_com                 135
-#  define OBJ_ms_code_com                 1L,3L,6L,1L,4L,1L,311L,2L,1L,22L
-
-#  define SN_ms_ctl_sign                  "msCTLSign"
-#  define LN_ms_ctl_sign                  "Microsoft Trust List Signing"
-#  define NID_ms_ctl_sign                 136
-#  define OBJ_ms_ctl_sign                 1L,3L,6L,1L,4L,1L,311L,10L,3L,1L
-
-#  define SN_ms_sgc                       "msSGC"
-#  define LN_ms_sgc                       "Microsoft Server Gated Crypto"
-#  define NID_ms_sgc                      137
-#  define OBJ_ms_sgc                      1L,3L,6L,1L,4L,1L,311L,10L,3L,3L
-
-#  define SN_ms_efs                       "msEFS"
-#  define LN_ms_efs                       "Microsoft Encrypted File System"
-#  define NID_ms_efs                      138
-#  define OBJ_ms_efs                      1L,3L,6L,1L,4L,1L,311L,10L,3L,4L
-
-/* Additional usage: Netscape */
-
-#  define SN_ns_sgc                       "nsSGC"
-#  define LN_ns_sgc                       "Netscape Server Gated Crypto"
-#  define NID_ns_sgc                      139
-#  define OBJ_ns_sgc                      OBJ_netscape,4L,1L
-
-#  define SN_delta_crl                    "deltaCRL"
-#  define LN_delta_crl                    "X509v3 Delta CRL Indicator"
-#  define NID_delta_crl                   140
-#  define OBJ_delta_crl                   OBJ_id_ce,27L
-
-#  define SN_crl_reason                   "CRLReason"
-#  define LN_crl_reason                   "CRL Reason Code"
-#  define NID_crl_reason                  141
-#  define OBJ_crl_reason                  OBJ_id_ce,21L
-
-#  define SN_invalidity_date              "invalidityDate"
-#  define LN_invalidity_date              "Invalidity Date"
-#  define NID_invalidity_date             142
-#  define OBJ_invalidity_date             OBJ_id_ce,24L
-
-#  define SN_sxnet                        "SXNetID"
-#  define LN_sxnet                        "Strong Extranet ID"
-#  define NID_sxnet                       143
-#  define OBJ_sxnet                       1L,3L,101L,1L,4L,1L
-
-/* PKCS12 and related OBJECT IDENTIFIERS */
-
-#  define OBJ_pkcs12                      OBJ_pkcs,12L
-#  define OBJ_pkcs12_pbeids               OBJ_pkcs12, 1
-
-#  define SN_pbe_WithSHA1And128BitRC4     "PBE-SHA1-RC4-128"
-#  define LN_pbe_WithSHA1And128BitRC4     "pbeWithSHA1And128BitRC4"
-#  define NID_pbe_WithSHA1And128BitRC4    144
-#  define OBJ_pbe_WithSHA1And128BitRC4    OBJ_pkcs12_pbeids, 1L
-
-#  define SN_pbe_WithSHA1And40BitRC4      "PBE-SHA1-RC4-40"
-#  define LN_pbe_WithSHA1And40BitRC4      "pbeWithSHA1And40BitRC4"
-#  define NID_pbe_WithSHA1And40BitRC4     145
-#  define OBJ_pbe_WithSHA1And40BitRC4     OBJ_pkcs12_pbeids, 2L
-
-#  define SN_pbe_WithSHA1And3_Key_TripleDES_CBC   "PBE-SHA1-3DES"
-#  define LN_pbe_WithSHA1And3_Key_TripleDES_CBC   "pbeWithSHA1And3-KeyTripleDES-CBC"
-#  define NID_pbe_WithSHA1And3_Key_TripleDES_CBC  146
-#  define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC  OBJ_pkcs12_pbeids, 3L
-
-#  define SN_pbe_WithSHA1And2_Key_TripleDES_CBC   "PBE-SHA1-2DES"
-#  define LN_pbe_WithSHA1And2_Key_TripleDES_CBC   "pbeWithSHA1And2-KeyTripleDES-CBC"
-#  define NID_pbe_WithSHA1And2_Key_TripleDES_CBC  147
-#  define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC  OBJ_pkcs12_pbeids, 4L
-
-#  define SN_pbe_WithSHA1And128BitRC2_CBC         "PBE-SHA1-RC2-128"
-#  define LN_pbe_WithSHA1And128BitRC2_CBC         "pbeWithSHA1And128BitRC2-CBC"
-#  define NID_pbe_WithSHA1And128BitRC2_CBC        148
-#  define OBJ_pbe_WithSHA1And128BitRC2_CBC        OBJ_pkcs12_pbeids, 5L
-
-#  define SN_pbe_WithSHA1And40BitRC2_CBC  "PBE-SHA1-RC2-40"
-#  define LN_pbe_WithSHA1And40BitRC2_CBC  "pbeWithSHA1And40BitRC2-CBC"
-#  define NID_pbe_WithSHA1And40BitRC2_CBC 149
-#  define OBJ_pbe_WithSHA1And40BitRC2_CBC OBJ_pkcs12_pbeids, 6L
-
-#  define OBJ_pkcs12_Version1     OBJ_pkcs12, 10L
-
-#  define OBJ_pkcs12_BagIds       OBJ_pkcs12_Version1, 1L
-
-#  define LN_keyBag               "keyBag"
-#  define NID_keyBag              150
-#  define OBJ_keyBag              OBJ_pkcs12_BagIds, 1L
-
-#  define LN_pkcs8ShroudedKeyBag  "pkcs8ShroudedKeyBag"
-#  define NID_pkcs8ShroudedKeyBag 151
-#  define OBJ_pkcs8ShroudedKeyBag OBJ_pkcs12_BagIds, 2L
-
-#  define LN_certBag              "certBag"
-#  define NID_certBag             152
-#  define OBJ_certBag             OBJ_pkcs12_BagIds, 3L
-
-#  define LN_crlBag               "crlBag"
-#  define NID_crlBag              153
-#  define OBJ_crlBag              OBJ_pkcs12_BagIds, 4L
-
-#  define LN_secretBag            "secretBag"
-#  define NID_secretBag           154
-#  define OBJ_secretBag           OBJ_pkcs12_BagIds, 5L
-
-#  define LN_safeContentsBag      "safeContentsBag"
-#  define NID_safeContentsBag     155
-#  define OBJ_safeContentsBag     OBJ_pkcs12_BagIds, 6L
-
-#  define LN_friendlyName         "friendlyName"
-#  define NID_friendlyName        156
-#  define OBJ_friendlyName        OBJ_pkcs9, 20L
-
-#  define LN_localKeyID           "localKeyID"
-#  define NID_localKeyID          157
-#  define OBJ_localKeyID          OBJ_pkcs9, 21L
-
-#  define OBJ_certTypes           OBJ_pkcs9, 22L
-
-#  define LN_x509Certificate      "x509Certificate"
-#  define NID_x509Certificate     158
-#  define OBJ_x509Certificate     OBJ_certTypes, 1L
-
-#  define LN_sdsiCertificate      "sdsiCertificate"
-#  define NID_sdsiCertificate     159
-#  define OBJ_sdsiCertificate     OBJ_certTypes, 2L
-
-#  define OBJ_crlTypes            OBJ_pkcs9, 23L
-
-#  define LN_x509Crl              "x509Crl"
-#  define NID_x509Crl             160
-#  define OBJ_x509Crl             OBJ_crlTypes, 1L
-
-/* PKCS#5 v2 OIDs */
-
-#  define LN_pbes2                "PBES2"
-#  define NID_pbes2               161
-#  define OBJ_pbes2               OBJ_pkcs,5L,13L
-
-#  define LN_pbmac1               "PBMAC1"
-#  define NID_pbmac1              162
-#  define OBJ_pbmac1              OBJ_pkcs,5L,14L
-
-#  define LN_hmacWithSHA1         "hmacWithSHA1"
-#  define NID_hmacWithSHA1        163
-#  define OBJ_hmacWithSHA1        OBJ_rsadsi,2L,7L
-
-/* Policy Qualifier Ids */
-
-#  define LN_id_qt_cps            "Policy Qualifier CPS"
-#  define SN_id_qt_cps            "id-qt-cps"
-#  define NID_id_qt_cps           164
-#  define OBJ_id_qt_cps           OBJ_id_pkix,2L,1L
-
-#  define LN_id_qt_unotice        "Policy Qualifier User Notice"
-#  define SN_id_qt_unotice        "id-qt-unotice"
-#  define NID_id_qt_unotice       165
-#  define OBJ_id_qt_unotice       OBJ_id_pkix,2L,2L
-
-#  define SN_rc2_64_cbc                   "RC2-64-CBC"
-#  define LN_rc2_64_cbc                   "rc2-64-cbc"
-#  define NID_rc2_64_cbc                  166
-
-#  define SN_SMIMECapabilities            "SMIME-CAPS"
-#  define LN_SMIMECapabilities            "S/MIME Capabilities"
-#  define NID_SMIMECapabilities           167
-#  define OBJ_SMIMECapabilities           OBJ_pkcs9,15L
-
-#  define SN_pbeWithMD2AndRC2_CBC         "PBE-MD2-RC2-64"
-#  define LN_pbeWithMD2AndRC2_CBC         "pbeWithMD2AndRC2-CBC"
-#  define NID_pbeWithMD2AndRC2_CBC        168
-#  define OBJ_pbeWithMD2AndRC2_CBC        OBJ_pkcs,5L,4L
-
-#  define SN_pbeWithMD5AndRC2_CBC         "PBE-MD5-RC2-64"
-#  define LN_pbeWithMD5AndRC2_CBC         "pbeWithMD5AndRC2-CBC"
-#  define NID_pbeWithMD5AndRC2_CBC        169
-#  define OBJ_pbeWithMD5AndRC2_CBC        OBJ_pkcs,5L,6L
-
-#  define SN_pbeWithSHA1AndDES_CBC        "PBE-SHA1-DES"
-#  define LN_pbeWithSHA1AndDES_CBC        "pbeWithSHA1AndDES-CBC"
-#  define NID_pbeWithSHA1AndDES_CBC       170
-#  define OBJ_pbeWithSHA1AndDES_CBC       OBJ_pkcs,5L,10L
-
-/* Extension request OIDs */
-
-#  define LN_ms_ext_req                   "Microsoft Extension Request"
-#  define SN_ms_ext_req                   "msExtReq"
-#  define NID_ms_ext_req                  171
-#  define OBJ_ms_ext_req                  1L,3L,6L,1L,4L,1L,311L,2L,1L,14L
-
-#  define LN_ext_req                      "Extension Request"
-#  define SN_ext_req                      "extReq"
-#  define NID_ext_req                     172
-#  define OBJ_ext_req                     OBJ_pkcs9,14L
-
-#  define SN_name                         "name"
-#  define LN_name                         "name"
-#  define NID_name                        173
-#  define OBJ_name                        OBJ_X509,41L
-
-#  define SN_dnQualifier                  "dnQualifier"
-#  define LN_dnQualifier                  "dnQualifier"
-#  define NID_dnQualifier                 174
-#  define OBJ_dnQualifier                 OBJ_X509,46L
-
-#  define SN_id_pe                        "id-pe"
-#  define NID_id_pe                       175
-#  define OBJ_id_pe                       OBJ_id_pkix,1L
-
-#  define SN_id_ad                        "id-ad"
-#  define NID_id_ad                       176
-#  define OBJ_id_ad                       OBJ_id_pkix,48L
-
-#  define SN_info_access                  "authorityInfoAccess"
-#  define LN_info_access                  "Authority Information Access"
-#  define NID_info_access                 177
-#  define OBJ_info_access                 OBJ_id_pe,1L
-
-#  define SN_ad_OCSP                      "OCSP"
-#  define LN_ad_OCSP                      "OCSP"
-#  define NID_ad_OCSP                     178
-#  define OBJ_ad_OCSP                     OBJ_id_ad,1L
-
-#  define SN_ad_ca_issuers                "caIssuers"
-#  define LN_ad_ca_issuers                "CA Issuers"
-#  define NID_ad_ca_issuers               179
-#  define OBJ_ad_ca_issuers               OBJ_id_ad,2L
-
-#  define SN_OCSP_sign                    "OCSPSigning"
-#  define LN_OCSP_sign                    "OCSP Signing"
-#  define NID_OCSP_sign                   180
-#  define OBJ_OCSP_sign                   OBJ_id_kp,9L
-# endif                         /* USE_OBJ_MAC */
-
-# include <openssl/bio.h>
-# include <openssl/asn1.h>
-
-# define OBJ_NAME_TYPE_UNDEF             0x00
-# define OBJ_NAME_TYPE_MD_METH           0x01
-# define OBJ_NAME_TYPE_CIPHER_METH       0x02
-# define OBJ_NAME_TYPE_PKEY_METH         0x03
-# define OBJ_NAME_TYPE_COMP_METH         0x04
-# define OBJ_NAME_TYPE_NUM               0x05
-
-# define OBJ_NAME_ALIAS                  0x8000
-
-# define OBJ_BSEARCH_VALUE_ON_NOMATCH            0x01
-# define OBJ_BSEARCH_FIRST_VALUE_ON_MATCH        0x02
-
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct obj_name_st {
-    int type;
-    int alias;
-    const char *name;
-    const char *data;
-} OBJ_NAME;
-
-# define         OBJ_create_and_add_object(a,b,c) OBJ_create(a,b,c)
-
-int OBJ_NAME_init(void);
-int OBJ_NAME_new_index(unsigned long (*hash_func) (const char *),
-                       int (*cmp_func) (const char *, const char *),
-                       void (*free_func) (const char *, int, const char *));
-const char *OBJ_NAME_get(const char *name, int type);
-int OBJ_NAME_add(const char *name, int type, const char *data);
-int OBJ_NAME_remove(const char *name, int type);
-void OBJ_NAME_cleanup(int type); /* -1 for everything */
-void OBJ_NAME_do_all(int type, void (*fn) (const OBJ_NAME *, void *arg),
-                     void *arg);
-void OBJ_NAME_do_all_sorted(int type,
-                            void (*fn) (const OBJ_NAME *, void *arg),
-                            void *arg);
-
-ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o);
-ASN1_OBJECT *OBJ_nid2obj(int n);
-const char *OBJ_nid2ln(int n);
-const char *OBJ_nid2sn(int n);
-int OBJ_obj2nid(const ASN1_OBJECT *o);
-ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name);
-int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
-int OBJ_txt2nid(const char *s);
-int OBJ_ln2nid(const char *s);
-int OBJ_sn2nid(const char *s);
-int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
-const void *OBJ_bsearch_(const void *key, const void *base, int num, int size,
-                         int (*cmp) (const void *, const void *));
-const void *OBJ_bsearch_ex_(const void *key, const void *base, int num,
-                            int size,
-                            int (*cmp) (const void *, const void *),
-                            int flags);
-
-# define _DECLARE_OBJ_BSEARCH_CMP_FN(scope, type1, type2, nm)    \
-  static int nm##_cmp_BSEARCH_CMP_FN(const void *, const void *); \
-  static int nm##_cmp(type1 const *, type2 const *); \
-  scope type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num)
-
-# define DECLARE_OBJ_BSEARCH_CMP_FN(type1, type2, cmp)   \
-  _DECLARE_OBJ_BSEARCH_CMP_FN(static, type1, type2, cmp)
-# define DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm)     \
-  type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num)
-
-/*-
- * Unsolved problem: if a type is actually a pointer type, like
- * nid_triple is, then its impossible to get a const where you need
- * it. Consider:
- *
- * typedef int nid_triple[3];
- * const void *a_;
- * const nid_triple const *a = a_;
- *
- * The assignement discards a const because what you really want is:
- *
- * const int const * const *a = a_;
- *
- * But if you do that, you lose the fact that a is an array of 3 ints,
- * which breaks comparison functions.
- *
- * Thus we end up having to cast, sadly, or unpack the
- * declarations. Or, as I finally did in this case, delcare nid_triple
- * to be a struct, which it should have been in the first place.
- *
- * Ben, August 2008.
- *
- * Also, strictly speaking not all types need be const, but handling
- * the non-constness means a lot of complication, and in practice
- * comparison routines do always not touch their arguments.
- */
-
-# define IMPLEMENT_OBJ_BSEARCH_CMP_FN(type1, type2, nm)  \
-  static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_)    \
-      { \
-      type1 const *a = a_; \
-      type2 const *b = b_; \
-      return nm##_cmp(a,b); \
-      } \
-  static type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \
-      { \
-      return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \
-                                        nm##_cmp_BSEARCH_CMP_FN); \
-      } \
-      extern void dummy_prototype(void)
-
-# define IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm)   \
-  static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_)    \
-      { \
-      type1 const *a = a_; \
-      type2 const *b = b_; \
-      return nm##_cmp(a,b); \
-      } \
-  type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \
-      { \
-      return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \
-                                        nm##_cmp_BSEARCH_CMP_FN); \
-      } \
-      extern void dummy_prototype(void)
-
-# define OBJ_bsearch(type1,key,type2,base,num,cmp)                              \
-  ((type2 *)OBJ_bsearch_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \
-                         num,sizeof(type2),                             \
-                         ((void)CHECKED_PTR_OF(type1,cmp##_type_1),     \
-                          (void)CHECKED_PTR_OF(type2,cmp##_type_2),     \
-                          cmp##_BSEARCH_CMP_FN)))
-
-# define OBJ_bsearch_ex(type1,key,type2,base,num,cmp,flags)                      \
-  ((type2 *)OBJ_bsearch_ex_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \
-                         num,sizeof(type2),                             \
-                         ((void)CHECKED_PTR_OF(type1,cmp##_type_1),     \
-                          (void)type_2=CHECKED_PTR_OF(type2,cmp##_type_2), \
-                          cmp##_BSEARCH_CMP_FN)),flags)
-
-int OBJ_new_nid(int num);
-int OBJ_add_object(const ASN1_OBJECT *obj);
-int OBJ_create(const char *oid, const char *sn, const char *ln);
-void OBJ_cleanup(void);
-int OBJ_create_objects(BIO *in);
-
-int OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid);
-int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid);
-int OBJ_add_sigid(int signid, int dig_id, int pkey_id);
-void OBJ_sigid_free(void);
-
-extern int obj_cleanup_defer;
-void check_defer(int nid);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_OBJ_strings(void);
-
-/* Error codes for the OBJ functions. */
-
-/* Function codes. */
-# define OBJ_F_OBJ_ADD_OBJECT                             105
-# define OBJ_F_OBJ_CREATE                                 100
-# define OBJ_F_OBJ_DUP                                    101
-# define OBJ_F_OBJ_NAME_NEW_INDEX                         106
-# define OBJ_F_OBJ_NID2LN                                 102
-# define OBJ_F_OBJ_NID2OBJ                                103
-# define OBJ_F_OBJ_NID2SN                                 104
-
-/* Reason codes. */
-# define OBJ_R_MALLOC_FAILURE                             100
-# define OBJ_R_UNKNOWN_NID                                101
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/ocsp.h b/thirdparty/openssl/openssl/ocsp.h
deleted file mode 100644
index ca2ee76dce..0000000000
--- a/thirdparty/openssl/openssl/ocsp.h
+++ /dev/null
@@ -1,637 +0,0 @@
-/* ocsp.h */
-/*
- * Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
- * project.
- */
-
-/*
- * History: This file was transfered to Richard Levitte from CertCo by Kathy
- * Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
- * patch kit.
- */
-
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_OCSP_H
-# define HEADER_OCSP_H
-
-# include <openssl/ossl_typ.h>
-# include <openssl/x509.h>
-# include <openssl/x509v3.h>
-# include <openssl/safestack.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Various flags and values */
-
-# define OCSP_DEFAULT_NONCE_LENGTH       16
-
-# define OCSP_NOCERTS                    0x1
-# define OCSP_NOINTERN                   0x2
-# define OCSP_NOSIGS                     0x4
-# define OCSP_NOCHAIN                    0x8
-# define OCSP_NOVERIFY                   0x10
-# define OCSP_NOEXPLICIT                 0x20
-# define OCSP_NOCASIGN                   0x40
-# define OCSP_NODELEGATED                0x80
-# define OCSP_NOCHECKS                   0x100
-# define OCSP_TRUSTOTHER                 0x200
-# define OCSP_RESPID_KEY                 0x400
-# define OCSP_NOTIME                     0x800
-
-/*-  CertID ::= SEQUENCE {
- *       hashAlgorithm            AlgorithmIdentifier,
- *       issuerNameHash     OCTET STRING, -- Hash of Issuer's DN
- *       issuerKeyHash      OCTET STRING, -- Hash of Issuers public key (excluding the tag & length fields)
- *       serialNumber       CertificateSerialNumber }
- */
-typedef struct ocsp_cert_id_st {
-    X509_ALGOR *hashAlgorithm;
-    ASN1_OCTET_STRING *issuerNameHash;
-    ASN1_OCTET_STRING *issuerKeyHash;
-    ASN1_INTEGER *serialNumber;
-} OCSP_CERTID;
-
-DECLARE_STACK_OF(OCSP_CERTID)
-
-/*-  Request ::=     SEQUENCE {
- *       reqCert                    CertID,
- *       singleRequestExtensions    [0] EXPLICIT Extensions OPTIONAL }
- */
-typedef struct ocsp_one_request_st {
-    OCSP_CERTID *reqCert;
-    STACK_OF(X509_EXTENSION) *singleRequestExtensions;
-} OCSP_ONEREQ;
-
-DECLARE_STACK_OF(OCSP_ONEREQ)
-DECLARE_ASN1_SET_OF(OCSP_ONEREQ)
-
-/*-  TBSRequest      ::=     SEQUENCE {
- *       version             [0] EXPLICIT Version DEFAULT v1,
- *       requestorName       [1] EXPLICIT GeneralName OPTIONAL,
- *       requestList             SEQUENCE OF Request,
- *       requestExtensions   [2] EXPLICIT Extensions OPTIONAL }
- */
-typedef struct ocsp_req_info_st {
-    ASN1_INTEGER *version;
-    GENERAL_NAME *requestorName;
-    STACK_OF(OCSP_ONEREQ) *requestList;
-    STACK_OF(X509_EXTENSION) *requestExtensions;
-} OCSP_REQINFO;
-
-/*-  Signature       ::=     SEQUENCE {
- *       signatureAlgorithm   AlgorithmIdentifier,
- *       signature            BIT STRING,
- *       certs                [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
- */
-typedef struct ocsp_signature_st {
-    X509_ALGOR *signatureAlgorithm;
-    ASN1_BIT_STRING *signature;
-    STACK_OF(X509) *certs;
-} OCSP_SIGNATURE;
-
-/*-  OCSPRequest     ::=     SEQUENCE {
- *       tbsRequest                  TBSRequest,
- *       optionalSignature   [0]     EXPLICIT Signature OPTIONAL }
- */
-typedef struct ocsp_request_st {
-    OCSP_REQINFO *tbsRequest;
-    OCSP_SIGNATURE *optionalSignature; /* OPTIONAL */
-} OCSP_REQUEST;
-
-/*-  OCSPResponseStatus ::= ENUMERATED {
- *       successful            (0),      --Response has valid confirmations
- *       malformedRequest      (1),      --Illegal confirmation request
- *       internalError         (2),      --Internal error in issuer
- *       tryLater              (3),      --Try again later
- *                                       --(4) is not used
- *       sigRequired           (5),      --Must sign the request
- *       unauthorized          (6)       --Request unauthorized
- *   }
- */
-# define OCSP_RESPONSE_STATUS_SUCCESSFUL          0
-# define OCSP_RESPONSE_STATUS_MALFORMEDREQUEST     1
-# define OCSP_RESPONSE_STATUS_INTERNALERROR        2
-# define OCSP_RESPONSE_STATUS_TRYLATER             3
-# define OCSP_RESPONSE_STATUS_SIGREQUIRED          5
-# define OCSP_RESPONSE_STATUS_UNAUTHORIZED         6
-
-/*-  ResponseBytes ::=       SEQUENCE {
- *       responseType   OBJECT IDENTIFIER,
- *       response       OCTET STRING }
- */
-typedef struct ocsp_resp_bytes_st {
-    ASN1_OBJECT *responseType;
-    ASN1_OCTET_STRING *response;
-} OCSP_RESPBYTES;
-
-/*-  OCSPResponse ::= SEQUENCE {
- *      responseStatus         OCSPResponseStatus,
- *      responseBytes          [0] EXPLICIT ResponseBytes OPTIONAL }
- */
-struct ocsp_response_st {
-    ASN1_ENUMERATED *responseStatus;
-    OCSP_RESPBYTES *responseBytes;
-};
-
-/*-  ResponderID ::= CHOICE {
- *      byName   [1] Name,
- *      byKey    [2] KeyHash }
- */
-# define V_OCSP_RESPID_NAME 0
-# define V_OCSP_RESPID_KEY  1
-struct ocsp_responder_id_st {
-    int type;
-    union {
-        X509_NAME *byName;
-        ASN1_OCTET_STRING *byKey;
-    } value;
-};
-
-DECLARE_STACK_OF(OCSP_RESPID)
-DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
-
-/*-  KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key
- *                            --(excluding the tag and length fields)
- */
-
-/*-  RevokedInfo ::= SEQUENCE {
- *       revocationTime              GeneralizedTime,
- *       revocationReason    [0]     EXPLICIT CRLReason OPTIONAL }
- */
-typedef struct ocsp_revoked_info_st {
-    ASN1_GENERALIZEDTIME *revocationTime;
-    ASN1_ENUMERATED *revocationReason;
-} OCSP_REVOKEDINFO;
-
-/*-  CertStatus ::= CHOICE {
- *       good                [0]     IMPLICIT NULL,
- *       revoked             [1]     IMPLICIT RevokedInfo,
- *       unknown             [2]     IMPLICIT UnknownInfo }
- */
-# define V_OCSP_CERTSTATUS_GOOD    0
-# define V_OCSP_CERTSTATUS_REVOKED 1
-# define V_OCSP_CERTSTATUS_UNKNOWN 2
-typedef struct ocsp_cert_status_st {
-    int type;
-    union {
-        ASN1_NULL *good;
-        OCSP_REVOKEDINFO *revoked;
-        ASN1_NULL *unknown;
-    } value;
-} OCSP_CERTSTATUS;
-
-/*-  SingleResponse ::= SEQUENCE {
- *      certID                       CertID,
- *      certStatus                   CertStatus,
- *      thisUpdate                   GeneralizedTime,
- *      nextUpdate           [0]     EXPLICIT GeneralizedTime OPTIONAL,
- *      singleExtensions     [1]     EXPLICIT Extensions OPTIONAL }
- */
-typedef struct ocsp_single_response_st {
-    OCSP_CERTID *certId;
-    OCSP_CERTSTATUS *certStatus;
-    ASN1_GENERALIZEDTIME *thisUpdate;
-    ASN1_GENERALIZEDTIME *nextUpdate;
-    STACK_OF(X509_EXTENSION) *singleExtensions;
-} OCSP_SINGLERESP;
-
-DECLARE_STACK_OF(OCSP_SINGLERESP)
-DECLARE_ASN1_SET_OF(OCSP_SINGLERESP)
-
-/*-  ResponseData ::= SEQUENCE {
- *      version              [0] EXPLICIT Version DEFAULT v1,
- *      responderID              ResponderID,
- *      producedAt               GeneralizedTime,
- *      responses                SEQUENCE OF SingleResponse,
- *      responseExtensions   [1] EXPLICIT Extensions OPTIONAL }
- */
-typedef struct ocsp_response_data_st {
-    ASN1_INTEGER *version;
-    OCSP_RESPID *responderId;
-    ASN1_GENERALIZEDTIME *producedAt;
-    STACK_OF(OCSP_SINGLERESP) *responses;
-    STACK_OF(X509_EXTENSION) *responseExtensions;
-} OCSP_RESPDATA;
-
-/*-  BasicOCSPResponse       ::= SEQUENCE {
- *      tbsResponseData      ResponseData,
- *      signatureAlgorithm   AlgorithmIdentifier,
- *      signature            BIT STRING,
- *      certs                [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
- */
-  /*
-   * Note 1: The value for "signature" is specified in the OCSP rfc2560 as
-   * follows: "The value for the signature SHALL be computed on the hash of
-   * the DER encoding ResponseData." This means that you must hash the
-   * DER-encoded tbsResponseData, and then run it through a crypto-signing
-   * function, which will (at least w/RSA) do a hash-'n'-private-encrypt
-   * operation.  This seems a bit odd, but that's the spec.  Also note that
-   * the data structures do not leave anywhere to independently specify the
-   * algorithm used for the initial hash. So, we look at the
-   * signature-specification algorithm, and try to do something intelligent.
-   * -- Kathy Weinhold, CertCo
-   */
-  /*
-   * Note 2: It seems that the mentioned passage from RFC 2560 (section
-   * 4.2.1) is open for interpretation.  I've done tests against another
-   * responder, and found that it doesn't do the double hashing that the RFC
-   * seems to say one should.  Therefore, all relevant functions take a flag
-   * saying which variant should be used.  -- Richard Levitte, OpenSSL team
-   * and CeloCom
-   */
-typedef struct ocsp_basic_response_st {
-    OCSP_RESPDATA *tbsResponseData;
-    X509_ALGOR *signatureAlgorithm;
-    ASN1_BIT_STRING *signature;
-    STACK_OF(X509) *certs;
-} OCSP_BASICRESP;
-
-/*-
- *   CRLReason ::= ENUMERATED {
- *        unspecified             (0),
- *        keyCompromise           (1),
- *        cACompromise            (2),
- *        affiliationChanged      (3),
- *        superseded              (4),
- *        cessationOfOperation    (5),
- *        certificateHold         (6),
- *        removeFromCRL           (8) }
- */
-# define OCSP_REVOKED_STATUS_NOSTATUS               -1
-# define OCSP_REVOKED_STATUS_UNSPECIFIED             0
-# define OCSP_REVOKED_STATUS_KEYCOMPROMISE           1
-# define OCSP_REVOKED_STATUS_CACOMPROMISE            2
-# define OCSP_REVOKED_STATUS_AFFILIATIONCHANGED      3
-# define OCSP_REVOKED_STATUS_SUPERSEDED              4
-# define OCSP_REVOKED_STATUS_CESSATIONOFOPERATION    5
-# define OCSP_REVOKED_STATUS_CERTIFICATEHOLD         6
-# define OCSP_REVOKED_STATUS_REMOVEFROMCRL           8
-
-/*-
- * CrlID ::= SEQUENCE {
- *     crlUrl               [0]     EXPLICIT IA5String OPTIONAL,
- *     crlNum               [1]     EXPLICIT INTEGER OPTIONAL,
- *     crlTime              [2]     EXPLICIT GeneralizedTime OPTIONAL }
- */
-typedef struct ocsp_crl_id_st {
-    ASN1_IA5STRING *crlUrl;
-    ASN1_INTEGER *crlNum;
-    ASN1_GENERALIZEDTIME *crlTime;
-} OCSP_CRLID;
-
-/*-
- * ServiceLocator ::= SEQUENCE {
- *      issuer    Name,
- *      locator   AuthorityInfoAccessSyntax OPTIONAL }
- */
-typedef struct ocsp_service_locator_st {
-    X509_NAME *issuer;
-    STACK_OF(ACCESS_DESCRIPTION) *locator;
-} OCSP_SERVICELOC;
-
-# define PEM_STRING_OCSP_REQUEST "OCSP REQUEST"
-# define PEM_STRING_OCSP_RESPONSE "OCSP RESPONSE"
-
-# define d2i_OCSP_REQUEST_bio(bp,p) ASN1_d2i_bio_of(OCSP_REQUEST,OCSP_REQUEST_new,d2i_OCSP_REQUEST,bp,p)
-
-# define d2i_OCSP_RESPONSE_bio(bp,p) ASN1_d2i_bio_of(OCSP_RESPONSE,OCSP_RESPONSE_new,d2i_OCSP_RESPONSE,bp,p)
-
-# define PEM_read_bio_OCSP_REQUEST(bp,x,cb) (OCSP_REQUEST *)PEM_ASN1_read_bio( \
-     (char *(*)())d2i_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,bp,(char **)x,cb,NULL)
-
-# define PEM_read_bio_OCSP_RESPONSE(bp,x,cb)(OCSP_RESPONSE *)PEM_ASN1_read_bio(\
-     (char *(*)())d2i_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,bp,(char **)x,cb,NULL)
-
-# define PEM_write_bio_OCSP_REQUEST(bp,o) \
-    PEM_ASN1_write_bio((int (*)())i2d_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,\
-                        bp,(char *)o, NULL,NULL,0,NULL,NULL)
-
-# define PEM_write_bio_OCSP_RESPONSE(bp,o) \
-    PEM_ASN1_write_bio((int (*)())i2d_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,\
-                        bp,(char *)o, NULL,NULL,0,NULL,NULL)
-
-# define i2d_OCSP_RESPONSE_bio(bp,o) ASN1_i2d_bio_of(OCSP_RESPONSE,i2d_OCSP_RESPONSE,bp,o)
-
-# define i2d_OCSP_REQUEST_bio(bp,o) ASN1_i2d_bio_of(OCSP_REQUEST,i2d_OCSP_REQUEST,bp,o)
-
-# define OCSP_REQUEST_sign(o,pkey,md) \
-        ASN1_item_sign(ASN1_ITEM_rptr(OCSP_REQINFO),\
-                o->optionalSignature->signatureAlgorithm,NULL,\
-                o->optionalSignature->signature,o->tbsRequest,pkey,md)
-
-# define OCSP_BASICRESP_sign(o,pkey,md,d) \
-        ASN1_item_sign(ASN1_ITEM_rptr(OCSP_RESPDATA),o->signatureAlgorithm,NULL,\
-                o->signature,o->tbsResponseData,pkey,md)
-
-# define OCSP_REQUEST_verify(a,r) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_REQINFO),\
-        a->optionalSignature->signatureAlgorithm,\
-        a->optionalSignature->signature,a->tbsRequest,r)
-
-# define OCSP_BASICRESP_verify(a,r,d) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_RESPDATA),\
-        a->signatureAlgorithm,a->signature,a->tbsResponseData,r)
-
-# define ASN1_BIT_STRING_digest(data,type,md,len) \
-        ASN1_item_digest(ASN1_ITEM_rptr(ASN1_BIT_STRING),type,data,md,len)
-
-# define OCSP_CERTSTATUS_dup(cs)\
-                (OCSP_CERTSTATUS*)ASN1_dup((int(*)())i2d_OCSP_CERTSTATUS,\
-                (char *(*)())d2i_OCSP_CERTSTATUS,(char *)(cs))
-
-OCSP_CERTID *OCSP_CERTID_dup(OCSP_CERTID *id);
-
-OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, const char *path, OCSP_REQUEST *req);
-OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req,
-                               int maxline);
-int OCSP_REQ_CTX_nbio(OCSP_REQ_CTX *rctx);
-int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);
-OCSP_REQ_CTX *OCSP_REQ_CTX_new(BIO *io, int maxline);
-void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);
-void OCSP_set_max_response_length(OCSP_REQ_CTX *rctx, unsigned long len);
-int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const ASN1_ITEM *it,
-                     ASN1_VALUE *val);
-int OCSP_REQ_CTX_nbio_d2i(OCSP_REQ_CTX *rctx, ASN1_VALUE **pval,
-                          const ASN1_ITEM *it);
-BIO *OCSP_REQ_CTX_get0_mem_bio(OCSP_REQ_CTX *rctx);
-int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const ASN1_ITEM *it,
-                     ASN1_VALUE *val);
-int OCSP_REQ_CTX_http(OCSP_REQ_CTX *rctx, const char *op, const char *path);
-int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req);
-int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
-                             const char *name, const char *value);
-
-OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer);
-
-OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
-                              X509_NAME *issuerName,
-                              ASN1_BIT_STRING *issuerKey,
-                              ASN1_INTEGER *serialNumber);
-
-OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid);
-
-int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len);
-int OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len);
-int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs);
-int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req);
-
-int OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm);
-int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert);
-
-int OCSP_request_sign(OCSP_REQUEST *req,
-                      X509 *signer,
-                      EVP_PKEY *key,
-                      const EVP_MD *dgst,
-                      STACK_OF(X509) *certs, unsigned long flags);
-
-int OCSP_response_status(OCSP_RESPONSE *resp);
-OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp);
-
-int OCSP_resp_count(OCSP_BASICRESP *bs);
-OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
-int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
-int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
-                            ASN1_GENERALIZEDTIME **revtime,
-                            ASN1_GENERALIZEDTIME **thisupd,
-                            ASN1_GENERALIZEDTIME **nextupd);
-int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
-                          int *reason,
-                          ASN1_GENERALIZEDTIME **revtime,
-                          ASN1_GENERALIZEDTIME **thisupd,
-                          ASN1_GENERALIZEDTIME **nextupd);
-int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
-                        ASN1_GENERALIZEDTIME *nextupd, long sec, long maxsec);
-
-int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs,
-                        X509_STORE *store, unsigned long flags);
-
-int OCSP_parse_url(const char *url, char **phost, char **pport, char **ppath,
-                   int *pssl);
-
-int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
-int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
-
-int OCSP_request_onereq_count(OCSP_REQUEST *req);
-OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i);
-OCSP_CERTID *OCSP_onereq_get0_id(OCSP_ONEREQ *one);
-int OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd,
-                      ASN1_OCTET_STRING **pikeyHash,
-                      ASN1_INTEGER **pserial, OCSP_CERTID *cid);
-int OCSP_request_is_signed(OCSP_REQUEST *req);
-OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs);
-OCSP_SINGLERESP *OCSP_basic_add1_status(OCSP_BASICRESP *rsp,
-                                        OCSP_CERTID *cid,
-                                        int status, int reason,
-                                        ASN1_TIME *revtime,
-                                        ASN1_TIME *thisupd,
-                                        ASN1_TIME *nextupd);
-int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert);
-int OCSP_basic_sign(OCSP_BASICRESP *brsp,
-                    X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
-                    STACK_OF(X509) *certs, unsigned long flags);
-
-X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim);
-
-X509_EXTENSION *OCSP_accept_responses_new(char **oids);
-
-X509_EXTENSION *OCSP_archive_cutoff_new(char *tim);
-
-X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME *issuer, char **urls);
-
-int OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x);
-int OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos);
-int OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, ASN1_OBJECT *obj,
-                                int lastpos);
-int OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST *x, int crit, int lastpos);
-X509_EXTENSION *OCSP_REQUEST_get_ext(OCSP_REQUEST *x, int loc);
-X509_EXTENSION *OCSP_REQUEST_delete_ext(OCSP_REQUEST *x, int loc);
-void *OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit,
-                                int *idx);
-int OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST *x, int nid, void *value, int crit,
-                              unsigned long flags);
-int OCSP_REQUEST_add_ext(OCSP_REQUEST *x, X509_EXTENSION *ex, int loc);
-
-int OCSP_ONEREQ_get_ext_count(OCSP_ONEREQ *x);
-int OCSP_ONEREQ_get_ext_by_NID(OCSP_ONEREQ *x, int nid, int lastpos);
-int OCSP_ONEREQ_get_ext_by_OBJ(OCSP_ONEREQ *x, ASN1_OBJECT *obj, int lastpos);
-int OCSP_ONEREQ_get_ext_by_critical(OCSP_ONEREQ *x, int crit, int lastpos);
-X509_EXTENSION *OCSP_ONEREQ_get_ext(OCSP_ONEREQ *x, int loc);
-X509_EXTENSION *OCSP_ONEREQ_delete_ext(OCSP_ONEREQ *x, int loc);
-void *OCSP_ONEREQ_get1_ext_d2i(OCSP_ONEREQ *x, int nid, int *crit, int *idx);
-int OCSP_ONEREQ_add1_ext_i2d(OCSP_ONEREQ *x, int nid, void *value, int crit,
-                             unsigned long flags);
-int OCSP_ONEREQ_add_ext(OCSP_ONEREQ *x, X509_EXTENSION *ex, int loc);
-
-int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *x);
-int OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP *x, int nid, int lastpos);
-int OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, ASN1_OBJECT *obj,
-                                  int lastpos);
-int OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit,
-                                       int lastpos);
-X509_EXTENSION *OCSP_BASICRESP_get_ext(OCSP_BASICRESP *x, int loc);
-X509_EXTENSION *OCSP_BASICRESP_delete_ext(OCSP_BASICRESP *x, int loc);
-void *OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit,
-                                  int *idx);
-int OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value,
-                                int crit, unsigned long flags);
-int OCSP_BASICRESP_add_ext(OCSP_BASICRESP *x, X509_EXTENSION *ex, int loc);
-
-int OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *x);
-int OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP *x, int nid, int lastpos);
-int OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, ASN1_OBJECT *obj,
-                                   int lastpos);
-int OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit,
-                                        int lastpos);
-X509_EXTENSION *OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *x, int loc);
-X509_EXTENSION *OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP *x, int loc);
-void *OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit,
-                                   int *idx);
-int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value,
-                                 int crit, unsigned long flags);
-int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc);
-
-DECLARE_ASN1_FUNCTIONS(OCSP_SINGLERESP)
-DECLARE_ASN1_FUNCTIONS(OCSP_CERTSTATUS)
-DECLARE_ASN1_FUNCTIONS(OCSP_REVOKEDINFO)
-DECLARE_ASN1_FUNCTIONS(OCSP_BASICRESP)
-DECLARE_ASN1_FUNCTIONS(OCSP_RESPDATA)
-DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
-DECLARE_ASN1_FUNCTIONS(OCSP_RESPONSE)
-DECLARE_ASN1_FUNCTIONS(OCSP_RESPBYTES)
-DECLARE_ASN1_FUNCTIONS(OCSP_ONEREQ)
-DECLARE_ASN1_FUNCTIONS(OCSP_CERTID)
-DECLARE_ASN1_FUNCTIONS(OCSP_REQUEST)
-DECLARE_ASN1_FUNCTIONS(OCSP_SIGNATURE)
-DECLARE_ASN1_FUNCTIONS(OCSP_REQINFO)
-DECLARE_ASN1_FUNCTIONS(OCSP_CRLID)
-DECLARE_ASN1_FUNCTIONS(OCSP_SERVICELOC)
-
-const char *OCSP_response_status_str(long s);
-const char *OCSP_cert_status_str(long s);
-const char *OCSP_crl_reason_str(long s);
-
-int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST *a, unsigned long flags);
-int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE *o, unsigned long flags);
-
-int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
-                      X509_STORE *st, unsigned long flags);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_OCSP_strings(void);
-
-/* Error codes for the OCSP functions. */
-
-/* Function codes. */
-# define OCSP_F_ASN1_STRING_ENCODE                        100
-# define OCSP_F_D2I_OCSP_NONCE                            102
-# define OCSP_F_OCSP_BASIC_ADD1_STATUS                    103
-# define OCSP_F_OCSP_BASIC_SIGN                           104
-# define OCSP_F_OCSP_BASIC_VERIFY                         105
-# define OCSP_F_OCSP_CERT_ID_NEW                          101
-# define OCSP_F_OCSP_CHECK_DELEGATED                      106
-# define OCSP_F_OCSP_CHECK_IDS                            107
-# define OCSP_F_OCSP_CHECK_ISSUER                         108
-# define OCSP_F_OCSP_CHECK_VALIDITY                       115
-# define OCSP_F_OCSP_MATCH_ISSUERID                       109
-# define OCSP_F_OCSP_PARSE_URL                            114
-# define OCSP_F_OCSP_REQUEST_SIGN                         110
-# define OCSP_F_OCSP_REQUEST_VERIFY                       116
-# define OCSP_F_OCSP_RESPONSE_GET1_BASIC                  111
-# define OCSP_F_OCSP_SENDREQ_BIO                          112
-# define OCSP_F_OCSP_SENDREQ_NBIO                         117
-# define OCSP_F_PARSE_HTTP_LINE1                          118
-# define OCSP_F_REQUEST_VERIFY                            113
-
-/* Reason codes. */
-# define OCSP_R_BAD_DATA                                  100
-# define OCSP_R_CERTIFICATE_VERIFY_ERROR                  101
-# define OCSP_R_DIGEST_ERR                                102
-# define OCSP_R_ERROR_IN_NEXTUPDATE_FIELD                 122
-# define OCSP_R_ERROR_IN_THISUPDATE_FIELD                 123
-# define OCSP_R_ERROR_PARSING_URL                         121
-# define OCSP_R_MISSING_OCSPSIGNING_USAGE                 103
-# define OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE              124
-# define OCSP_R_NOT_BASIC_RESPONSE                        104
-# define OCSP_R_NO_CERTIFICATES_IN_CHAIN                  105
-# define OCSP_R_NO_CONTENT                                106
-# define OCSP_R_NO_PUBLIC_KEY                             107
-# define OCSP_R_NO_RESPONSE_DATA                          108
-# define OCSP_R_NO_REVOKED_TIME                           109
-# define OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE    110
-# define OCSP_R_REQUEST_NOT_SIGNED                        128
-# define OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA      111
-# define OCSP_R_ROOT_CA_NOT_TRUSTED                       112
-# define OCSP_R_SERVER_READ_ERROR                         113
-# define OCSP_R_SERVER_RESPONSE_ERROR                     114
-# define OCSP_R_SERVER_RESPONSE_PARSE_ERROR               115
-# define OCSP_R_SERVER_WRITE_ERROR                        116
-# define OCSP_R_SIGNATURE_FAILURE                         117
-# define OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND              118
-# define OCSP_R_STATUS_EXPIRED                            125
-# define OCSP_R_STATUS_NOT_YET_VALID                      126
-# define OCSP_R_STATUS_TOO_OLD                            127
-# define OCSP_R_UNKNOWN_MESSAGE_DIGEST                    119
-# define OCSP_R_UNKNOWN_NID                               120
-# define OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE            129
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/opensslconf.h b/thirdparty/openssl/openssl/opensslconf.h
deleted file mode 100644
index 19fad23423..0000000000
--- a/thirdparty/openssl/openssl/opensslconf.h
+++ /dev/null
@@ -1,279 +0,0 @@
-/* opensslconf.h */
-/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-/* OpenSSL was configured with the following options: */
-#ifndef OPENSSL_DOING_MAKEDEPEND
-
-// -- GODOT start --
-#if defined(OPENSSL_SYS_WINDOWS)
-# define WIN32_LEAN_AND_MEAN
-// Seems like we have troubles properly using the logic in e_os2.h
-# if defined(_WIN32)
-#  define OPENSSL_SYS_WIN32
-#  define OPENSSL_SYSNAME_WIN32
-# endif
-# if defined(_WIN64)
-#  define OPENSSL_SYS_WIN64
-#  define OPENSSL_SYSNAME_WIN64
-# endif
-#endif
-// -- GODOT end --
-
-#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-# define OPENSSL_NO_EC_NISTP_64_GCC_128
-#endif
-#ifndef OPENSSL_NO_GMP
-# define OPENSSL_NO_GMP
-#endif
-#ifndef OPENSSL_NO_JPAKE
-# define OPENSSL_NO_JPAKE
-#endif
-#ifndef OPENSSL_NO_KRB5
-# define OPENSSL_NO_KRB5
-#endif
-#ifndef OPENSSL_NO_LIBUNBOUND
-# define OPENSSL_NO_LIBUNBOUND
-#endif
-#ifndef OPENSSL_NO_MD2
-# define OPENSSL_NO_MD2
-#endif
-#ifndef OPENSSL_NO_RC5
-# define OPENSSL_NO_RC5
-#endif
-#ifndef OPENSSL_NO_RFC3779
-# define OPENSSL_NO_RFC3779
-#endif
-#ifndef OPENSSL_NO_SCTP
-# define OPENSSL_NO_SCTP
-#endif
-#ifndef OPENSSL_NO_SSL_TRACE
-# define OPENSSL_NO_SSL_TRACE
-#endif
-#ifndef OPENSSL_NO_SSL2
-# define OPENSSL_NO_SSL2
-#endif
-#ifndef OPENSSL_NO_STORE
-# define OPENSSL_NO_STORE
-#endif
-#ifndef OPENSSL_NO_UNIT_TEST
-# define OPENSSL_NO_UNIT_TEST
-#endif
-#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-# define OPENSSL_NO_WEAK_SSL_CIPHERS
-#endif
-
-#endif /* OPENSSL_DOING_MAKEDEPEND */
-
-#ifndef OPENSSL_NO_DYNAMIC_ENGINE
-# define OPENSSL_NO_DYNAMIC_ENGINE
-#endif
-
-/* The OPENSSL_NO_* macros are also defined as NO_* if the application
-   asks for it.  This is a transient feature that is provided for those
-   who haven't had the time to do the appropriate changes in their
-   applications.  */
-#ifdef OPENSSL_ALGORITHM_DEFINES
-# if defined(OPENSSL_NO_EC_NISTP_64_GCC_128) && !defined(NO_EC_NISTP_64_GCC_128)
-#  define NO_EC_NISTP_64_GCC_128
-# endif
-# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
-#  define NO_GMP
-# endif
-# if defined(OPENSSL_NO_JPAKE) && !defined(NO_JPAKE)
-#  define NO_JPAKE
-# endif
-# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
-#  define NO_KRB5
-# endif
-# if defined(OPENSSL_NO_LIBUNBOUND) && !defined(NO_LIBUNBOUND)
-#  define NO_LIBUNBOUND
-# endif
-# if defined(OPENSSL_NO_MD2) && !defined(NO_MD2)
-#  define NO_MD2
-# endif
-# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
-#  define NO_RC5
-# endif
-# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
-#  define NO_RFC3779
-# endif
-# if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP)
-#  define NO_SCTP
-# endif
-# if defined(OPENSSL_NO_SSL_TRACE) && !defined(NO_SSL_TRACE)
-#  define NO_SSL_TRACE
-# endif
-# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2)
-#  define NO_SSL2
-# endif
-# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
-#  define NO_STORE
-# endif
-# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST)
-#  define NO_UNIT_TEST
-# endif
-# if defined(OPENSSL_NO_WEAK_SSL_CIPHERS) && !defined(NO_WEAK_SSL_CIPHERS)
-#  define NO_WEAK_SSL_CIPHERS
-# endif
-#endif
-
-/* crypto/opensslconf.h.in */
-
-/* Generate 80386 code? */
-#undef I386_ONLY
-
-#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
-#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
-#define ENGINESDIR "/usr/local/ssl/lib/engines"
-#define OPENSSLDIR "/usr/local/ssl"
-#endif
-#endif
-
-#undef OPENSSL_UNISTD
-#define OPENSSL_UNISTD <unistd.h>
-
-#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
-
-#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
-#define IDEA_INT unsigned int
-#endif
-
-#if defined(HEADER_MD2_H) && !defined(MD2_INT)
-#define MD2_INT unsigned int
-#endif
-
-#if defined(HEADER_RC2_H) && !defined(RC2_INT)
-/* I need to put in a mod for the alpha - eay */
-#define RC2_INT unsigned int
-#endif
-
-#if defined(HEADER_RC4_H)
-#if !defined(RC4_INT)
-/* using int types make the structure larger but make the code faster
- * on most boxes I have tested - up to %20 faster. */
-/*
- * I don't know what does "most" mean, but declaring "int" is a must on:
- * - Intel P6 because partial register stalls are very expensive;
- * - elder Alpha because it lacks byte load/store instructions;
- */
-#define RC4_INT unsigned int
-#endif
-#if !defined(RC4_CHUNK)
-/*
- * This enables code handling data aligned at natural CPU word
- * boundary. See crypto/rc4/rc4_enc.c for further details.
- */
-#undef RC4_CHUNK
-#endif
-#endif
-
-#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
-/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
- * %20 speed up (longs are 8 bytes, int's are 4). */
-#ifndef DES_LONG
-#define DES_LONG unsigned long
-#endif
-#endif
-
-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
-#define CONFIG_HEADER_BN_H
-#undef BN_LLONG
-
-/* Should we define BN_DIV2W here? */
-
-/* Only one for the following should be defined */
-#undef SIXTY_FOUR_BIT_LONG
-#undef SIXTY_FOUR_BIT
-#define THIRTY_TWO_BIT
-#endif
-
-#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
-#define CONFIG_HEADER_RC4_LOCL_H
-/* if this is defined data[i] is used instead of *data, this is a %20
- * speedup on x86 */
-#undef RC4_INDEX
-#endif
-
-#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
-#define CONFIG_HEADER_BF_LOCL_H
-#undef BF_PTR
-#endif /* HEADER_BF_LOCL_H */
-
-#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
-#define CONFIG_HEADER_DES_LOCL_H
-#ifndef DES_DEFAULT_OPTIONS
-/* the following is tweaked from a config script, that is why it is a
- * protected undef/define */
-#ifndef DES_PTR
-#undef DES_PTR
-#endif
-
-/* This helps C compiler generate the correct code for multiple functional
- * units.  It reduces register dependancies at the expense of 2 more
- * registers */
-#ifndef DES_RISC1
-#undef DES_RISC1
-#endif
-
-#ifndef DES_RISC2
-#undef DES_RISC2
-#endif
-
-#if defined(DES_RISC1) && defined(DES_RISC2)
-#error YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
-#endif
-
-/* Unroll the inner loop, this sometimes helps, sometimes hinders.
- * Very mucy CPU dependant */
-#ifndef DES_UNROLL
-#undef DES_UNROLL
-#endif
-
-/* These default values were supplied by
- * Peter Gutman <pgut001@cs.auckland.ac.nz>
- * They are only used if nothing else has been defined */
-#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
-/* Special defines which change the way the code is built depending on the
-   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
-   even newer MIPS CPU's, but at the moment one size fits all for
-   optimization options.  Older Sparc's work better with only UNROLL, but
-   there's no way to tell at compile time what it is you're running on */
- 
-#if defined( __sun ) || defined ( sun )		/* Newer Sparc's */
-#  define DES_PTR
-#  define DES_RISC1
-#  define DES_UNROLL
-#elif defined( __ultrix )	/* Older MIPS */
-#  define DES_PTR
-#  define DES_RISC2
-#  define DES_UNROLL
-#elif defined( __osf1__ )	/* Alpha */
-#  define DES_PTR
-#  define DES_RISC2
-#elif defined ( _AIX )		/* RS6000 */
-  /* Unknown */
-#elif defined( __hpux )		/* HP-PA */
-  /* Unknown */
-#elif defined( __aux )		/* 68K */
-  /* Unknown */
-#elif defined( __dgux )		/* 88K (but P6 in latest boxes) */
-#  define DES_UNROLL
-#elif defined( __sgi )		/* Newer MIPS */
-#  define DES_PTR
-#  define DES_RISC2
-#  define DES_UNROLL
-#elif defined(i386) || defined(__i386__)	/* x86 boxes, should be gcc */
-#  define DES_PTR
-#  define DES_RISC1
-#  define DES_UNROLL
-#endif /* Systems-specific speed defines */
-#endif
-
-#endif /* DES_DEFAULT_OPTIONS */
-#endif /* HEADER_DES_LOCL_H */
-#ifdef  __cplusplus
-}
-#endif
diff --git a/thirdparty/openssl/openssl/opensslv.h b/thirdparty/openssl/openssl/opensslv.h
deleted file mode 100644
index 825a330abc..0000000000
--- a/thirdparty/openssl/openssl/opensslv.h
+++ /dev/null
@@ -1,97 +0,0 @@
-#ifndef HEADER_OPENSSLV_H
-# define HEADER_OPENSSLV_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/*-
- * Numeric release version identifier:
- * MNNFFPPS: major minor fix patch status
- * The status nibble has one of the values 0 for development, 1 to e for betas
- * 1 to 14, and f for release.  The patch level is exactly that.
- * For example:
- * 0.9.3-dev      0x00903000
- * 0.9.3-beta1    0x00903001
- * 0.9.3-beta2-dev 0x00903002
- * 0.9.3-beta2    0x00903002 (same as ...beta2-dev)
- * 0.9.3          0x0090300f
- * 0.9.3a         0x0090301f
- * 0.9.4          0x0090400f
- * 1.2.3z         0x102031af
- *
- * For continuity reasons (because 0.9.5 is already out, and is coded
- * 0x00905100), between 0.9.5 and 0.9.6 the coding of the patch level
- * part is slightly different, by setting the highest bit.  This means
- * that 0.9.5a looks like this: 0x0090581f.  At 0.9.6, we can start
- * with 0x0090600S...
- *
- * (Prior to 0.9.3-dev a different scheme was used: 0.9.2b is 0x0922.)
- * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
- *  major minor fix final patch/beta)
- */
-# define OPENSSL_VERSION_NUMBER  0x100020cfL
-# ifdef OPENSSL_FIPS
-#  define OPENSSL_VERSION_TEXT    "OpenSSL 1.0.2l-fips  25 May 2017"
-# else
-#  define OPENSSL_VERSION_TEXT    "OpenSSL 1.0.2l  25 May 2017"
-# endif
-# define OPENSSL_VERSION_PTEXT   " part of " OPENSSL_VERSION_TEXT
-
-/*-
- * The macros below are to be used for shared library (.so, .dll, ...)
- * versioning.  That kind of versioning works a bit differently between
- * operating systems.  The most usual scheme is to set a major and a minor
- * number, and have the runtime loader check that the major number is equal
- * to what it was at application link time, while the minor number has to
- * be greater or equal to what it was at application link time.  With this
- * scheme, the version number is usually part of the file name, like this:
- *
- *      libcrypto.so.0.9
- *
- * Some unixen also make a softlink with the major verson number only:
- *
- *      libcrypto.so.0
- *
- * On Tru64 and IRIX 6.x it works a little bit differently.  There, the
- * shared library version is stored in the file, and is actually a series
- * of versions, separated by colons.  The rightmost version present in the
- * library when linking an application is stored in the application to be
- * matched at run time.  When the application is run, a check is done to
- * see if the library version stored in the application matches any of the
- * versions in the version string of the library itself.
- * This version string can be constructed in any way, depending on what
- * kind of matching is desired.  However, to implement the same scheme as
- * the one used in the other unixen, all compatible versions, from lowest
- * to highest, should be part of the string.  Consecutive builds would
- * give the following versions strings:
- *
- *      3.0
- *      3.0:3.1
- *      3.0:3.1:3.2
- *      4.0
- *      4.0:4.1
- *
- * Notice how version 4 is completely incompatible with version, and
- * therefore give the breach you can see.
- *
- * There may be other schemes as well that I haven't yet discovered.
- *
- * So, here's the way it works here: first of all, the library version
- * number doesn't need at all to match the overall OpenSSL version.
- * However, it's nice and more understandable if it actually does.
- * The current library version is stored in the macro SHLIB_VERSION_NUMBER,
- * which is just a piece of text in the format "M.m.e" (Major, minor, edit).
- * For the sake of Tru64, IRIX, and any other OS that behaves in similar ways,
- * we need to keep a history of version numbers, which is done in the
- * macro SHLIB_VERSION_HISTORY.  The numbers are separated by colons and
- * should only keep the versions that are binary compatible with the current.
- */
-# define SHLIB_VERSION_HISTORY ""
-# define SHLIB_VERSION_NUMBER "1.0.0"
-
-
-#ifdef  __cplusplus
-}
-#endif
-#endif                          /* HEADER_OPENSSLV_H */
diff --git a/thirdparty/openssl/openssl/ossl_typ.h b/thirdparty/openssl/openssl/ossl_typ.h
deleted file mode 100644
index 364d26238e..0000000000
--- a/thirdparty/openssl/openssl/ossl_typ.h
+++ /dev/null
@@ -1,213 +0,0 @@
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_OPENSSL_TYPES_H
-# define HEADER_OPENSSL_TYPES_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# include <openssl/e_os2.h>
-
-# ifdef NO_ASN1_TYPEDEFS
-#  define ASN1_INTEGER            ASN1_STRING
-#  define ASN1_ENUMERATED         ASN1_STRING
-#  define ASN1_BIT_STRING         ASN1_STRING
-#  define ASN1_OCTET_STRING       ASN1_STRING
-#  define ASN1_PRINTABLESTRING    ASN1_STRING
-#  define ASN1_T61STRING          ASN1_STRING
-#  define ASN1_IA5STRING          ASN1_STRING
-#  define ASN1_UTCTIME            ASN1_STRING
-#  define ASN1_GENERALIZEDTIME    ASN1_STRING
-#  define ASN1_TIME               ASN1_STRING
-#  define ASN1_GENERALSTRING      ASN1_STRING
-#  define ASN1_UNIVERSALSTRING    ASN1_STRING
-#  define ASN1_BMPSTRING          ASN1_STRING
-#  define ASN1_VISIBLESTRING      ASN1_STRING
-#  define ASN1_UTF8STRING         ASN1_STRING
-#  define ASN1_BOOLEAN            int
-#  define ASN1_NULL               int
-# else
-typedef struct asn1_string_st ASN1_INTEGER;
-typedef struct asn1_string_st ASN1_ENUMERATED;
-typedef struct asn1_string_st ASN1_BIT_STRING;
-typedef struct asn1_string_st ASN1_OCTET_STRING;
-typedef struct asn1_string_st ASN1_PRINTABLESTRING;
-typedef struct asn1_string_st ASN1_T61STRING;
-typedef struct asn1_string_st ASN1_IA5STRING;
-typedef struct asn1_string_st ASN1_GENERALSTRING;
-typedef struct asn1_string_st ASN1_UNIVERSALSTRING;
-typedef struct asn1_string_st ASN1_BMPSTRING;
-typedef struct asn1_string_st ASN1_UTCTIME;
-typedef struct asn1_string_st ASN1_TIME;
-typedef struct asn1_string_st ASN1_GENERALIZEDTIME;
-typedef struct asn1_string_st ASN1_VISIBLESTRING;
-typedef struct asn1_string_st ASN1_UTF8STRING;
-typedef struct asn1_string_st ASN1_STRING;
-typedef int ASN1_BOOLEAN;
-typedef int ASN1_NULL;
-# endif
-
-typedef struct asn1_object_st ASN1_OBJECT;
-
-typedef struct ASN1_ITEM_st ASN1_ITEM;
-typedef struct asn1_pctx_st ASN1_PCTX;
-
-# ifdef OPENSSL_SYS_WIN32
-#  undef X509_NAME
-#  undef X509_EXTENSIONS
-#  undef X509_CERT_PAIR
-#  undef PKCS7_ISSUER_AND_SERIAL
-#  undef OCSP_REQUEST
-#  undef OCSP_RESPONSE
-# endif
-
-# ifdef BIGNUM
-#  undef BIGNUM
-# endif
-typedef struct bignum_st BIGNUM;
-typedef struct bignum_ctx BN_CTX;
-typedef struct bn_blinding_st BN_BLINDING;
-typedef struct bn_mont_ctx_st BN_MONT_CTX;
-typedef struct bn_recp_ctx_st BN_RECP_CTX;
-typedef struct bn_gencb_st BN_GENCB;
-
-typedef struct buf_mem_st BUF_MEM;
-
-typedef struct evp_cipher_st EVP_CIPHER;
-typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;
-typedef struct env_md_st EVP_MD;
-typedef struct env_md_ctx_st EVP_MD_CTX;
-typedef struct evp_pkey_st EVP_PKEY;
-
-typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
-
-typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
-typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
-
-typedef struct dh_st DH;
-typedef struct dh_method DH_METHOD;
-
-typedef struct dsa_st DSA;
-typedef struct dsa_method DSA_METHOD;
-
-typedef struct rsa_st RSA;
-typedef struct rsa_meth_st RSA_METHOD;
-
-typedef struct rand_meth_st RAND_METHOD;
-
-typedef struct ecdh_method ECDH_METHOD;
-typedef struct ecdsa_method ECDSA_METHOD;
-
-typedef struct x509_st X509;
-typedef struct X509_algor_st X509_ALGOR;
-typedef struct X509_crl_st X509_CRL;
-typedef struct x509_crl_method_st X509_CRL_METHOD;
-typedef struct x509_revoked_st X509_REVOKED;
-typedef struct X509_name_st X509_NAME;
-typedef struct X509_pubkey_st X509_PUBKEY;
-typedef struct x509_store_st X509_STORE;
-typedef struct x509_store_ctx_st X509_STORE_CTX;
-
-typedef struct pkcs8_priv_key_info_st PKCS8_PRIV_KEY_INFO;
-
-typedef struct v3_ext_ctx X509V3_CTX;
-typedef struct conf_st CONF;
-
-typedef struct store_st STORE;
-typedef struct store_method_st STORE_METHOD;
-
-typedef struct ui_st UI;
-typedef struct ui_method_st UI_METHOD;
-
-typedef struct st_ERR_FNS ERR_FNS;
-
-typedef struct engine_st ENGINE;
-typedef struct ssl_st SSL;
-typedef struct ssl_ctx_st SSL_CTX;
-
-typedef struct comp_method_st COMP_METHOD;
-
-typedef struct X509_POLICY_NODE_st X509_POLICY_NODE;
-typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL;
-typedef struct X509_POLICY_TREE_st X509_POLICY_TREE;
-typedef struct X509_POLICY_CACHE_st X509_POLICY_CACHE;
-
-typedef struct AUTHORITY_KEYID_st AUTHORITY_KEYID;
-typedef struct DIST_POINT_st DIST_POINT;
-typedef struct ISSUING_DIST_POINT_st ISSUING_DIST_POINT;
-typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS;
-
-  /* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */
-# define DECLARE_PKCS12_STACK_OF(type)/* Nothing */
-# define IMPLEMENT_PKCS12_STACK_OF(type)/* Nothing */
-
-typedef struct crypto_ex_data_st CRYPTO_EX_DATA;
-/* Callback types for crypto.h */
-typedef int CRYPTO_EX_new (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-                           int idx, long argl, void *argp);
-typedef void CRYPTO_EX_free (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-                             int idx, long argl, void *argp);
-typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from,
-                           void *from_d, int idx, long argl, void *argp);
-
-typedef struct ocsp_req_ctx_st OCSP_REQ_CTX;
-typedef struct ocsp_response_st OCSP_RESPONSE;
-typedef struct ocsp_responder_id_st OCSP_RESPID;
-
-#ifdef  __cplusplus
-}
-#endif
-#endif                          /* def HEADER_OPENSSL_TYPES_H */
diff --git a/thirdparty/openssl/openssl/pem.h b/thirdparty/openssl/openssl/pem.h
deleted file mode 100644
index aac72fb21e..0000000000
--- a/thirdparty/openssl/openssl/pem.h
+++ /dev/null
@@ -1,617 +0,0 @@
-/* crypto/pem/pem.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_PEM_H
-# define HEADER_PEM_H
-
-# include <openssl/e_os2.h>
-# ifndef OPENSSL_NO_BIO
-#  include <openssl/bio.h>
-# endif
-# ifndef OPENSSL_NO_STACK
-#  include <openssl/stack.h>
-# endif
-# include <openssl/evp.h>
-# include <openssl/x509.h>
-# include <openssl/pem2.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# define PEM_BUFSIZE             1024
-
-# define PEM_OBJ_UNDEF           0
-# define PEM_OBJ_X509            1
-# define PEM_OBJ_X509_REQ        2
-# define PEM_OBJ_CRL             3
-# define PEM_OBJ_SSL_SESSION     4
-# define PEM_OBJ_PRIV_KEY        10
-# define PEM_OBJ_PRIV_RSA        11
-# define PEM_OBJ_PRIV_DSA        12
-# define PEM_OBJ_PRIV_DH         13
-# define PEM_OBJ_PUB_RSA         14
-# define PEM_OBJ_PUB_DSA         15
-# define PEM_OBJ_PUB_DH          16
-# define PEM_OBJ_DHPARAMS        17
-# define PEM_OBJ_DSAPARAMS       18
-# define PEM_OBJ_PRIV_RSA_PUBLIC 19
-# define PEM_OBJ_PRIV_ECDSA      20
-# define PEM_OBJ_PUB_ECDSA       21
-# define PEM_OBJ_ECPARAMETERS    22
-
-# define PEM_ERROR               30
-# define PEM_DEK_DES_CBC         40
-# define PEM_DEK_IDEA_CBC        45
-# define PEM_DEK_DES_EDE         50
-# define PEM_DEK_DES_ECB         60
-# define PEM_DEK_RSA             70
-# define PEM_DEK_RSA_MD2         80
-# define PEM_DEK_RSA_MD5         90
-
-# define PEM_MD_MD2              NID_md2
-# define PEM_MD_MD5              NID_md5
-# define PEM_MD_SHA              NID_sha
-# define PEM_MD_MD2_RSA          NID_md2WithRSAEncryption
-# define PEM_MD_MD5_RSA          NID_md5WithRSAEncryption
-# define PEM_MD_SHA_RSA          NID_sha1WithRSAEncryption
-
-# define PEM_STRING_X509_OLD     "X509 CERTIFICATE"
-# define PEM_STRING_X509         "CERTIFICATE"
-# define PEM_STRING_X509_PAIR    "CERTIFICATE PAIR"
-# define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE"
-# define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST"
-# define PEM_STRING_X509_REQ     "CERTIFICATE REQUEST"
-# define PEM_STRING_X509_CRL     "X509 CRL"
-# define PEM_STRING_EVP_PKEY     "ANY PRIVATE KEY"
-# define PEM_STRING_PUBLIC       "PUBLIC KEY"
-# define PEM_STRING_RSA          "RSA PRIVATE KEY"
-# define PEM_STRING_RSA_PUBLIC   "RSA PUBLIC KEY"
-# define PEM_STRING_DSA          "DSA PRIVATE KEY"
-# define PEM_STRING_DSA_PUBLIC   "DSA PUBLIC KEY"
-# define PEM_STRING_PKCS7        "PKCS7"
-# define PEM_STRING_PKCS7_SIGNED "PKCS #7 SIGNED DATA"
-# define PEM_STRING_PKCS8        "ENCRYPTED PRIVATE KEY"
-# define PEM_STRING_PKCS8INF     "PRIVATE KEY"
-# define PEM_STRING_DHPARAMS     "DH PARAMETERS"
-# define PEM_STRING_DHXPARAMS    "X9.42 DH PARAMETERS"
-# define PEM_STRING_SSL_SESSION  "SSL SESSION PARAMETERS"
-# define PEM_STRING_DSAPARAMS    "DSA PARAMETERS"
-# define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY"
-# define PEM_STRING_ECPARAMETERS "EC PARAMETERS"
-# define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY"
-# define PEM_STRING_PARAMETERS   "PARAMETERS"
-# define PEM_STRING_CMS          "CMS"
-
-  /*
-   * Note that this structure is initialised by PEM_SealInit and cleaned up
-   * by PEM_SealFinal (at least for now)
-   */
-typedef struct PEM_Encode_Seal_st {
-    EVP_ENCODE_CTX encode;
-    EVP_MD_CTX md;
-    EVP_CIPHER_CTX cipher;
-} PEM_ENCODE_SEAL_CTX;
-
-/* enc_type is one off */
-# define PEM_TYPE_ENCRYPTED      10
-# define PEM_TYPE_MIC_ONLY       20
-# define PEM_TYPE_MIC_CLEAR      30
-# define PEM_TYPE_CLEAR          40
-
-typedef struct pem_recip_st {
-    char *name;
-    X509_NAME *dn;
-    int cipher;
-    int key_enc;
-    /*      char iv[8]; unused and wrong size */
-} PEM_USER;
-
-typedef struct pem_ctx_st {
-    int type;                   /* what type of object */
-    struct {
-        int version;
-        int mode;
-    } proc_type;
-
-    char *domain;
-
-    struct {
-        int cipher;
-        /*-
-        unused, and wrong size
-        unsigned char iv[8]; */
-    } DEK_info;
-
-    PEM_USER *originator;
-
-    int num_recipient;
-    PEM_USER **recipient;
-/*-
-    XXX(ben): don#t think this is used!
-        STACK *x509_chain;      / * certificate chain */
-    EVP_MD *md;                 /* signature type */
-
-    int md_enc;                 /* is the md encrypted or not? */
-    int md_len;                 /* length of md_data */
-    char *md_data;              /* message digest, could be pkey encrypted */
-
-    EVP_CIPHER *dec;            /* date encryption cipher */
-    int key_len;                /* key length */
-    unsigned char *key;         /* key */
-  /*-
-    unused, and wrong size
-    unsigned char iv[8]; */
-
-    int data_enc;               /* is the data encrypted */
-    int data_len;
-    unsigned char *data;
-} PEM_CTX;
-
-/*
- * These macros make the PEM_read/PEM_write functions easier to maintain and
- * write. Now they are all implemented with either: IMPLEMENT_PEM_rw(...) or
- * IMPLEMENT_PEM_rw_cb(...)
- */
-
-# ifdef OPENSSL_NO_FP_API
-
-#  define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/
-#  define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/
-#  define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) /**/
-#  define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/
-#  define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) /**/
-# else
-
-#  define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
-type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\
-{ \
-return PEM_ASN1_read((d2i_of_void *)d2i_##asn1, str,fp,(void **)x,cb,u); \
-}
-
-#  define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
-int PEM_write_##name(FILE *fp, type *x) \
-{ \
-return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL); \
-}
-
-#  define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \
-int PEM_write_##name(FILE *fp, const type *x) \
-{ \
-return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,(void *)x,NULL,NULL,0,NULL,NULL); \
-}
-
-#  define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
-int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
-             unsigned char *kstr, int klen, pem_password_cb *cb, \
-                  void *u) \
-        { \
-        return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
-        }
-
-#  define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \
-int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
-             unsigned char *kstr, int klen, pem_password_cb *cb, \
-                  void *u) \
-        { \
-        return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
-        }
-
-# endif
-
-# define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
-type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\
-{ \
-return PEM_ASN1_read_bio((d2i_of_void *)d2i_##asn1, str,bp,(void **)x,cb,u); \
-}
-
-# define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
-int PEM_write_bio_##name(BIO *bp, type *x) \
-{ \
-return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL); \
-}
-
-# define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
-int PEM_write_bio_##name(BIO *bp, const type *x) \
-{ \
-return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,NULL,NULL,0,NULL,NULL); \
-}
-
-# define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
-int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
-             unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
-        { \
-        return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u); \
-        }
-
-# define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
-int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
-             unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
-        { \
-        return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,enc,kstr,klen,cb,u); \
-        }
-
-# define IMPLEMENT_PEM_write(name, type, str, asn1) \
-        IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
-        IMPLEMENT_PEM_write_fp(name, type, str, asn1)
-
-# define IMPLEMENT_PEM_write_const(name, type, str, asn1) \
-        IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
-        IMPLEMENT_PEM_write_fp_const(name, type, str, asn1)
-
-# define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \
-        IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
-        IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1)
-
-# define IMPLEMENT_PEM_write_cb_const(name, type, str, asn1) \
-        IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
-        IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1)
-
-# define IMPLEMENT_PEM_read(name, type, str, asn1) \
-        IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
-        IMPLEMENT_PEM_read_fp(name, type, str, asn1)
-
-# define IMPLEMENT_PEM_rw(name, type, str, asn1) \
-        IMPLEMENT_PEM_read(name, type, str, asn1) \
-        IMPLEMENT_PEM_write(name, type, str, asn1)
-
-# define IMPLEMENT_PEM_rw_const(name, type, str, asn1) \
-        IMPLEMENT_PEM_read(name, type, str, asn1) \
-        IMPLEMENT_PEM_write_const(name, type, str, asn1)
-
-# define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \
-        IMPLEMENT_PEM_read(name, type, str, asn1) \
-        IMPLEMENT_PEM_write_cb(name, type, str, asn1)
-
-/* These are the same except they are for the declarations */
-
-# if defined(OPENSSL_NO_FP_API)
-
-#  define DECLARE_PEM_read_fp(name, type) /**/
-#  define DECLARE_PEM_write_fp(name, type) /**/
-#  define DECLARE_PEM_write_cb_fp(name, type) /**/
-# else
-
-#  define DECLARE_PEM_read_fp(name, type) \
-        type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u);
-
-#  define DECLARE_PEM_write_fp(name, type) \
-        int PEM_write_##name(FILE *fp, type *x);
-
-#  define DECLARE_PEM_write_fp_const(name, type) \
-        int PEM_write_##name(FILE *fp, const type *x);
-
-#  define DECLARE_PEM_write_cb_fp(name, type) \
-        int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
-             unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
-
-# endif
-
-# ifndef OPENSSL_NO_BIO
-#  define DECLARE_PEM_read_bio(name, type) \
-        type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u);
-
-#  define DECLARE_PEM_write_bio(name, type) \
-        int PEM_write_bio_##name(BIO *bp, type *x);
-
-#  define DECLARE_PEM_write_bio_const(name, type) \
-        int PEM_write_bio_##name(BIO *bp, const type *x);
-
-#  define DECLARE_PEM_write_cb_bio(name, type) \
-        int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
-             unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
-
-# else
-
-#  define DECLARE_PEM_read_bio(name, type) /**/
-#  define DECLARE_PEM_write_bio(name, type) /**/
-#  define DECLARE_PEM_write_bio_const(name, type) /**/
-#  define DECLARE_PEM_write_cb_bio(name, type) /**/
-# endif
-# define DECLARE_PEM_write(name, type) \
-        DECLARE_PEM_write_bio(name, type) \
-        DECLARE_PEM_write_fp(name, type)
-# define DECLARE_PEM_write_const(name, type) \
-        DECLARE_PEM_write_bio_const(name, type) \
-        DECLARE_PEM_write_fp_const(name, type)
-# define DECLARE_PEM_write_cb(name, type) \
-        DECLARE_PEM_write_cb_bio(name, type) \
-        DECLARE_PEM_write_cb_fp(name, type)
-# define DECLARE_PEM_read(name, type) \
-        DECLARE_PEM_read_bio(name, type) \
-        DECLARE_PEM_read_fp(name, type)
-# define DECLARE_PEM_rw(name, type) \
-        DECLARE_PEM_read(name, type) \
-        DECLARE_PEM_write(name, type)
-# define DECLARE_PEM_rw_const(name, type) \
-        DECLARE_PEM_read(name, type) \
-        DECLARE_PEM_write_const(name, type)
-# define DECLARE_PEM_rw_cb(name, type) \
-        DECLARE_PEM_read(name, type) \
-        DECLARE_PEM_write_cb(name, type)
-# if 1
-/* "userdata": new with OpenSSL 0.9.4 */
-typedef int pem_password_cb (char *buf, int size, int rwflag, void *userdata);
-# else
-/* OpenSSL 0.9.3, 0.9.3a */
-typedef int pem_password_cb (char *buf, int size, int rwflag);
-# endif
-
-int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher);
-int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *len,
-                  pem_password_cb *callback, void *u);
-
-# ifndef OPENSSL_NO_BIO
-int PEM_read_bio(BIO *bp, char **name, char **header,
-                 unsigned char **data, long *len);
-int PEM_write_bio(BIO *bp, const char *name, const char *hdr,
-                  const unsigned char *data, long len);
-int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm,
-                       const char *name, BIO *bp, pem_password_cb *cb,
-                       void *u);
-void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x,
-                        pem_password_cb *cb, void *u);
-int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
-                       const EVP_CIPHER *enc, unsigned char *kstr, int klen,
-                       pem_password_cb *cb, void *u);
-
-STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk,
-                                            pem_password_cb *cb, void *u);
-int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
-                            unsigned char *kstr, int klen,
-                            pem_password_cb *cd, void *u);
-# endif
-
-int PEM_read(FILE *fp, char **name, char **header,
-             unsigned char **data, long *len);
-int PEM_write(FILE *fp, const char *name, const char *hdr,
-              const unsigned char *data, long len);
-void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
-                    pem_password_cb *cb, void *u);
-int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
-                   void *x, const EVP_CIPHER *enc, unsigned char *kstr,
-                   int klen, pem_password_cb *callback, void *u);
-STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
-                                        pem_password_cb *cb, void *u);
-
-int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
-                 EVP_MD *md_type, unsigned char **ek, int *ekl,
-                 unsigned char *iv, EVP_PKEY **pubk, int npubk);
-void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
-                    unsigned char *in, int inl);
-int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
-                  unsigned char *out, int *outl, EVP_PKEY *priv);
-
-void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
-void PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *d, unsigned int cnt);
-int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
-                  unsigned int *siglen, EVP_PKEY *pkey);
-
-int PEM_def_callback(char *buf, int num, int w, void *key);
-void PEM_proc_type(char *buf, int type);
-void PEM_dek_info(char *buf, const char *type, int len, char *str);
-
-# include <openssl/symhacks.h>
-
-DECLARE_PEM_rw(X509, X509)
-DECLARE_PEM_rw(X509_AUX, X509)
-DECLARE_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR)
-DECLARE_PEM_rw(X509_REQ, X509_REQ)
-DECLARE_PEM_write(X509_REQ_NEW, X509_REQ)
-DECLARE_PEM_rw(X509_CRL, X509_CRL)
-DECLARE_PEM_rw(PKCS7, PKCS7)
-DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
-DECLARE_PEM_rw(PKCS8, X509_SIG)
-DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
-# ifndef OPENSSL_NO_RSA
-DECLARE_PEM_rw_cb(RSAPrivateKey, RSA)
-DECLARE_PEM_rw_const(RSAPublicKey, RSA)
-DECLARE_PEM_rw(RSA_PUBKEY, RSA)
-# endif
-# ifndef OPENSSL_NO_DSA
-DECLARE_PEM_rw_cb(DSAPrivateKey, DSA)
-DECLARE_PEM_rw(DSA_PUBKEY, DSA)
-DECLARE_PEM_rw_const(DSAparams, DSA)
-# endif
-# ifndef OPENSSL_NO_EC
-DECLARE_PEM_rw_const(ECPKParameters, EC_GROUP)
-DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY)
-DECLARE_PEM_rw(EC_PUBKEY, EC_KEY)
-# endif
-# ifndef OPENSSL_NO_DH
-DECLARE_PEM_rw_const(DHparams, DH)
-DECLARE_PEM_write_const(DHxparams, DH)
-# endif
-DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY)
-DECLARE_PEM_rw(PUBKEY, EVP_PKEY)
-
-int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
-                                      char *kstr, int klen,
-                                      pem_password_cb *cb, void *u);
-int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *, const EVP_CIPHER *,
-                                  char *, int, pem_password_cb *, void *);
-int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
-                            char *kstr, int klen,
-                            pem_password_cb *cb, void *u);
-int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
-                                char *kstr, int klen,
-                                pem_password_cb *cb, void *u);
-EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
-                                  void *u);
-
-int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
-                           char *kstr, int klen,
-                           pem_password_cb *cb, void *u);
-int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
-                               char *kstr, int klen,
-                               pem_password_cb *cb, void *u);
-int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
-                                  char *kstr, int klen,
-                                  pem_password_cb *cb, void *u);
-
-EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
-                                 void *u);
-
-int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
-                              char *kstr, int klen, pem_password_cb *cd,
-                              void *u);
-
-EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x);
-int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x);
-
-EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length);
-EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length);
-EVP_PKEY *b2i_PrivateKey_bio(BIO *in);
-EVP_PKEY *b2i_PublicKey_bio(BIO *in);
-int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk);
-int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk);
-# ifndef OPENSSL_NO_RC4
-EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u);
-int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
-                pem_password_cb *cb, void *u);
-# endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-void ERR_load_PEM_strings(void);
-
-/* Error codes for the PEM functions. */
-
-/* Function codes. */
-# define PEM_F_B2I_DSS                                    127
-# define PEM_F_B2I_PVK_BIO                                128
-# define PEM_F_B2I_RSA                                    129
-# define PEM_F_CHECK_BITLEN_DSA                           130
-# define PEM_F_CHECK_BITLEN_RSA                           131
-# define PEM_F_D2I_PKCS8PRIVATEKEY_BIO                    120
-# define PEM_F_D2I_PKCS8PRIVATEKEY_FP                     121
-# define PEM_F_DO_B2I                                     132
-# define PEM_F_DO_B2I_BIO                                 133
-# define PEM_F_DO_BLOB_HEADER                             134
-# define PEM_F_DO_PK8PKEY                                 126
-# define PEM_F_DO_PK8PKEY_FP                              125
-# define PEM_F_DO_PVK_BODY                                135
-# define PEM_F_DO_PVK_HEADER                              136
-# define PEM_F_I2B_PVK                                    137
-# define PEM_F_I2B_PVK_BIO                                138
-# define PEM_F_LOAD_IV                                    101
-# define PEM_F_PEM_ASN1_READ                              102
-# define PEM_F_PEM_ASN1_READ_BIO                          103
-# define PEM_F_PEM_ASN1_WRITE                             104
-# define PEM_F_PEM_ASN1_WRITE_BIO                         105
-# define PEM_F_PEM_DEF_CALLBACK                           100
-# define PEM_F_PEM_DO_HEADER                              106
-# define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY            118
-# define PEM_F_PEM_GET_EVP_CIPHER_INFO                    107
-# define PEM_F_PEM_PK8PKEY                                119
-# define PEM_F_PEM_READ                                   108
-# define PEM_F_PEM_READ_BIO                               109
-# define PEM_F_PEM_READ_BIO_DHPARAMS                      141
-# define PEM_F_PEM_READ_BIO_PARAMETERS                    140
-# define PEM_F_PEM_READ_BIO_PRIVATEKEY                    123
-# define PEM_F_PEM_READ_DHPARAMS                          142
-# define PEM_F_PEM_READ_PRIVATEKEY                        124
-# define PEM_F_PEM_SEALFINAL                              110
-# define PEM_F_PEM_SEALINIT                               111
-# define PEM_F_PEM_SIGNFINAL                              112
-# define PEM_F_PEM_WRITE                                  113
-# define PEM_F_PEM_WRITE_BIO                              114
-# define PEM_F_PEM_WRITE_PRIVATEKEY                       139
-# define PEM_F_PEM_X509_INFO_READ                         115
-# define PEM_F_PEM_X509_INFO_READ_BIO                     116
-# define PEM_F_PEM_X509_INFO_WRITE_BIO                    117
-
-/* Reason codes. */
-# define PEM_R_BAD_BASE64_DECODE                          100
-# define PEM_R_BAD_DECRYPT                                101
-# define PEM_R_BAD_END_LINE                               102
-# define PEM_R_BAD_IV_CHARS                               103
-# define PEM_R_BAD_MAGIC_NUMBER                           116
-# define PEM_R_BAD_PASSWORD_READ                          104
-# define PEM_R_BAD_VERSION_NUMBER                         117
-# define PEM_R_BIO_WRITE_FAILURE                          118
-# define PEM_R_CIPHER_IS_NULL                             127
-# define PEM_R_ERROR_CONVERTING_PRIVATE_KEY               115
-# define PEM_R_EXPECTING_PRIVATE_KEY_BLOB                 119
-# define PEM_R_EXPECTING_PUBLIC_KEY_BLOB                  120
-# define PEM_R_HEADER_TOO_LONG                            128
-# define PEM_R_INCONSISTENT_HEADER                        121
-# define PEM_R_KEYBLOB_HEADER_PARSE_ERROR                 122
-# define PEM_R_KEYBLOB_TOO_SHORT                          123
-# define PEM_R_NOT_DEK_INFO                               105
-# define PEM_R_NOT_ENCRYPTED                              106
-# define PEM_R_NOT_PROC_TYPE                              107
-# define PEM_R_NO_START_LINE                              108
-# define PEM_R_PROBLEMS_GETTING_PASSWORD                  109
-# define PEM_R_PUBLIC_KEY_NO_RSA                          110
-# define PEM_R_PVK_DATA_TOO_SHORT                         124
-# define PEM_R_PVK_TOO_SHORT                              125
-# define PEM_R_READ_KEY                                   111
-# define PEM_R_SHORT_HEADER                               112
-# define PEM_R_UNSUPPORTED_CIPHER                         113
-# define PEM_R_UNSUPPORTED_ENCRYPTION                     114
-# define PEM_R_UNSUPPORTED_KEY_COMPONENTS                 126
-
-# ifdef  __cplusplus
-}
-# endif
-#endif
diff --git a/thirdparty/openssl/openssl/pem2.h b/thirdparty/openssl/openssl/pem2.h
deleted file mode 100644
index 84897d5ec3..0000000000
--- a/thirdparty/openssl/openssl/pem2.h
+++ /dev/null
@@ -1,70 +0,0 @@
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * This header only exists to break a circular dependency between pem and err
- * Ben 30 Jan 1999.
- */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifndef HEADER_PEM_H
-void ERR_load_PEM_strings(void);
-#endif
-
-#ifdef __cplusplus
-}
-#endif
diff --git a/thirdparty/openssl/openssl/pkcs12.h b/thirdparty/openssl/openssl/pkcs12.h
deleted file mode 100644
index 21f1f62b36..0000000000
--- a/thirdparty/openssl/openssl/pkcs12.h
+++ /dev/null
@@ -1,342 +0,0 @@
-/* pkcs12.h */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_PKCS12_H
-# define HEADER_PKCS12_H
-
-# include <openssl/bio.h>
-# include <openssl/x509.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# define PKCS12_KEY_ID   1
-# define PKCS12_IV_ID    2
-# define PKCS12_MAC_ID   3
-
-/* Default iteration count */
-# ifndef PKCS12_DEFAULT_ITER
-#  define PKCS12_DEFAULT_ITER     PKCS5_DEFAULT_ITER
-# endif
-
-# define PKCS12_MAC_KEY_LENGTH 20
-
-# define PKCS12_SALT_LEN 8
-
-/* Uncomment out next line for unicode password and names, otherwise ASCII */
-
-/*
- * #define PBE_UNICODE
- */
-
-# ifdef PBE_UNICODE
-#  define PKCS12_key_gen PKCS12_key_gen_uni
-#  define PKCS12_add_friendlyname PKCS12_add_friendlyname_uni
-# else
-#  define PKCS12_key_gen PKCS12_key_gen_asc
-#  define PKCS12_add_friendlyname PKCS12_add_friendlyname_asc
-# endif
-
-/* MS key usage constants */
-
-# define KEY_EX  0x10
-# define KEY_SIG 0x80
-
-typedef struct {
-    X509_SIG *dinfo;
-    ASN1_OCTET_STRING *salt;
-    ASN1_INTEGER *iter;         /* defaults to 1 */
-} PKCS12_MAC_DATA;
-
-typedef struct {
-    ASN1_INTEGER *version;
-    PKCS12_MAC_DATA *mac;
-    PKCS7 *authsafes;
-} PKCS12;
-
-typedef struct {
-    ASN1_OBJECT *type;
-    union {
-        struct pkcs12_bag_st *bag; /* secret, crl and certbag */
-        struct pkcs8_priv_key_info_st *keybag; /* keybag */
-        X509_SIG *shkeybag;     /* shrouded key bag */
-        STACK_OF(PKCS12_SAFEBAG) *safes;
-        ASN1_TYPE *other;
-    } value;
-    STACK_OF(X509_ATTRIBUTE) *attrib;
-} PKCS12_SAFEBAG;
-
-DECLARE_STACK_OF(PKCS12_SAFEBAG)
-DECLARE_ASN1_SET_OF(PKCS12_SAFEBAG)
-DECLARE_PKCS12_STACK_OF(PKCS12_SAFEBAG)
-
-typedef struct pkcs12_bag_st {
-    ASN1_OBJECT *type;
-    union {
-        ASN1_OCTET_STRING *x509cert;
-        ASN1_OCTET_STRING *x509crl;
-        ASN1_OCTET_STRING *octet;
-        ASN1_IA5STRING *sdsicert;
-        ASN1_TYPE *other;       /* Secret or other bag */
-    } value;
-} PKCS12_BAGS;
-
-# define PKCS12_ERROR    0
-# define PKCS12_OK       1
-
-/* Compatibility macros */
-
-# define M_PKCS12_x5092certbag PKCS12_x5092certbag
-# define M_PKCS12_x509crl2certbag PKCS12_x509crl2certbag
-
-# define M_PKCS12_certbag2x509 PKCS12_certbag2x509
-# define M_PKCS12_certbag2x509crl PKCS12_certbag2x509crl
-
-# define M_PKCS12_unpack_p7data PKCS12_unpack_p7data
-# define M_PKCS12_pack_authsafes PKCS12_pack_authsafes
-# define M_PKCS12_unpack_authsafes PKCS12_unpack_authsafes
-# define M_PKCS12_unpack_p7encdata PKCS12_unpack_p7encdata
-
-# define M_PKCS12_decrypt_skey PKCS12_decrypt_skey
-# define M_PKCS8_decrypt PKCS8_decrypt
-
-# define M_PKCS12_bag_type(bg) OBJ_obj2nid((bg)->type)
-# define M_PKCS12_cert_bag_type(bg) OBJ_obj2nid((bg)->value.bag->type)
-# define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type
-
-# define PKCS12_get_attr(bag, attr_nid) \
-                         PKCS12_get_attr_gen(bag->attrib, attr_nid)
-
-# define PKCS8_get_attr(p8, attr_nid) \
-                PKCS12_get_attr_gen(p8->attributes, attr_nid)
-
-# define PKCS12_mac_present(p12) ((p12)->mac ? 1 : 0)
-
-PKCS12_SAFEBAG *PKCS12_x5092certbag(X509 *x509);
-PKCS12_SAFEBAG *PKCS12_x509crl2certbag(X509_CRL *crl);
-X509 *PKCS12_certbag2x509(PKCS12_SAFEBAG *bag);
-X509_CRL *PKCS12_certbag2x509crl(PKCS12_SAFEBAG *bag);
-
-PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it,
-                                         int nid1, int nid2);
-PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8);
-PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *p8, const char *pass,
-                                   int passlen);
-PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(PKCS12_SAFEBAG *bag,
-                                         const char *pass, int passlen);
-X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
-                        const char *pass, int passlen, unsigned char *salt,
-                        int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8);
-PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
-                                     int passlen, unsigned char *salt,
-                                     int saltlen, int iter,
-                                     PKCS8_PRIV_KEY_INFO *p8);
-PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk);
-STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7);
-PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
-                             unsigned char *salt, int saltlen, int iter,
-                             STACK_OF(PKCS12_SAFEBAG) *bags);
-STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass,
-                                                  int passlen);
-
-int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes);
-STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12);
-
-int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name,
-                          int namelen);
-int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
-                                int namelen);
-int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name,
-                           int namelen);
-int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag,
-                                const unsigned char *name, int namelen);
-int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage);
-ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid);
-char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag);
-unsigned char *PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
-                                int passlen, unsigned char *in, int inlen,
-                                unsigned char **data, int *datalen,
-                                int en_de);
-void *PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it,
-                              const char *pass, int passlen,
-                              ASN1_OCTET_STRING *oct, int zbuf);
-ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor,
-                                           const ASN1_ITEM *it,
-                                           const char *pass, int passlen,
-                                           void *obj, int zbuf);
-PKCS12 *PKCS12_init(int mode);
-int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
-                       int saltlen, int id, int iter, int n,
-                       unsigned char *out, const EVP_MD *md_type);
-int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
-                       int saltlen, int id, int iter, int n,
-                       unsigned char *out, const EVP_MD *md_type);
-int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-                        ASN1_TYPE *param, const EVP_CIPHER *cipher,
-                        const EVP_MD *md_type, int en_de);
-int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
-                   unsigned char *mac, unsigned int *maclen);
-int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen);
-int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
-                   unsigned char *salt, int saltlen, int iter,
-                   const EVP_MD *md_type);
-int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
-                     int saltlen, const EVP_MD *md_type);
-unsigned char *OPENSSL_asc2uni(const char *asc, int asclen,
-                               unsigned char **uni, int *unilen);
-char *OPENSSL_uni2asc(unsigned char *uni, int unilen);
-
-DECLARE_ASN1_FUNCTIONS(PKCS12)
-DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
-DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
-DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS)
-
-DECLARE_ASN1_ITEM(PKCS12_SAFEBAGS)
-DECLARE_ASN1_ITEM(PKCS12_AUTHSAFES)
-
-void PKCS12_PBE_add(void);
-int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
-                 STACK_OF(X509) **ca);
-PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
-                      STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter,
-                      int mac_iter, int keytype);
-
-PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert);
-PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags,
-                               EVP_PKEY *key, int key_usage, int iter,
-                               int key_nid, char *pass);
-int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,
-                    int safe_nid, int iter, char *pass);
-PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid);
-
-int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12);
-int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12);
-PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12);
-PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
-int PKCS12_newpass(PKCS12 *p12, const char *oldpass, const char *newpass);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_PKCS12_strings(void);
-
-/* Error codes for the PKCS12 functions. */
-
-/* Function codes. */
-# define PKCS12_F_PARSE_BAG                               129
-# define PKCS12_F_PARSE_BAGS                              103
-# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME                 100
-# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC             127
-# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI             102
-# define PKCS12_F_PKCS12_ADD_LOCALKEYID                   104
-# define PKCS12_F_PKCS12_CREATE                           105
-# define PKCS12_F_PKCS12_GEN_MAC                          107
-# define PKCS12_F_PKCS12_INIT                             109
-# define PKCS12_F_PKCS12_ITEM_DECRYPT_D2I                 106
-# define PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT                 108
-# define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG                117
-# define PKCS12_F_PKCS12_KEY_GEN_ASC                      110
-# define PKCS12_F_PKCS12_KEY_GEN_UNI                      111
-# define PKCS12_F_PKCS12_MAKE_KEYBAG                      112
-# define PKCS12_F_PKCS12_MAKE_SHKEYBAG                    113
-# define PKCS12_F_PKCS12_NEWPASS                          128
-# define PKCS12_F_PKCS12_PACK_P7DATA                      114
-# define PKCS12_F_PKCS12_PACK_P7ENCDATA                   115
-# define PKCS12_F_PKCS12_PARSE                            118
-# define PKCS12_F_PKCS12_PBE_CRYPT                        119
-# define PKCS12_F_PKCS12_PBE_KEYIVGEN                     120
-# define PKCS12_F_PKCS12_SETUP_MAC                        122
-# define PKCS12_F_PKCS12_SET_MAC                          123
-# define PKCS12_F_PKCS12_UNPACK_AUTHSAFES                 130
-# define PKCS12_F_PKCS12_UNPACK_P7DATA                    131
-# define PKCS12_F_PKCS12_VERIFY_MAC                       126
-# define PKCS12_F_PKCS8_ADD_KEYUSAGE                      124
-# define PKCS12_F_PKCS8_ENCRYPT                           125
-
-/* Reason codes. */
-# define PKCS12_R_CANT_PACK_STRUCTURE                     100
-# define PKCS12_R_CONTENT_TYPE_NOT_DATA                   121
-# define PKCS12_R_DECODE_ERROR                            101
-# define PKCS12_R_ENCODE_ERROR                            102
-# define PKCS12_R_ENCRYPT_ERROR                           103
-# define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE       120
-# define PKCS12_R_INVALID_NULL_ARGUMENT                   104
-# define PKCS12_R_INVALID_NULL_PKCS12_POINTER             105
-# define PKCS12_R_IV_GEN_ERROR                            106
-# define PKCS12_R_KEY_GEN_ERROR                           107
-# define PKCS12_R_MAC_ABSENT                              108
-# define PKCS12_R_MAC_GENERATION_ERROR                    109
-# define PKCS12_R_MAC_SETUP_ERROR                         110
-# define PKCS12_R_MAC_STRING_SET_ERROR                    111
-# define PKCS12_R_MAC_VERIFY_ERROR                        112
-# define PKCS12_R_MAC_VERIFY_FAILURE                      113
-# define PKCS12_R_PARSE_ERROR                             114
-# define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR           115
-# define PKCS12_R_PKCS12_CIPHERFINAL_ERROR                116
-# define PKCS12_R_PKCS12_PBE_CRYPT_ERROR                  117
-# define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM                118
-# define PKCS12_R_UNSUPPORTED_PKCS12_MODE                 119
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/pkcs7.h b/thirdparty/openssl/openssl/pkcs7.h
deleted file mode 100644
index b51b3863eb..0000000000
--- a/thirdparty/openssl/openssl/pkcs7.h
+++ /dev/null
@@ -1,481 +0,0 @@
-/* crypto/pkcs7/pkcs7.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_PKCS7_H
-# define HEADER_PKCS7_H
-
-# include <openssl/asn1.h>
-# include <openssl/bio.h>
-# include <openssl/e_os2.h>
-
-# include <openssl/symhacks.h>
-# include <openssl/ossl_typ.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# ifdef OPENSSL_SYS_WIN32
-/* Under Win32 thes are defined in wincrypt.h */
-#  undef PKCS7_ISSUER_AND_SERIAL
-#  undef PKCS7_SIGNER_INFO
-# endif
-
-/*-
-Encryption_ID           DES-CBC
-Digest_ID               MD5
-Digest_Encryption_ID    rsaEncryption
-Key_Encryption_ID       rsaEncryption
-*/
-
-typedef struct pkcs7_issuer_and_serial_st {
-    X509_NAME *issuer;
-    ASN1_INTEGER *serial;
-} PKCS7_ISSUER_AND_SERIAL;
-
-typedef struct pkcs7_signer_info_st {
-    ASN1_INTEGER *version;      /* version 1 */
-    PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
-    X509_ALGOR *digest_alg;
-    STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */
-    X509_ALGOR *digest_enc_alg;
-    ASN1_OCTET_STRING *enc_digest;
-    STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */
-    /* The private key to sign with */
-    EVP_PKEY *pkey;
-} PKCS7_SIGNER_INFO;
-
-DECLARE_STACK_OF(PKCS7_SIGNER_INFO)
-DECLARE_ASN1_SET_OF(PKCS7_SIGNER_INFO)
-
-typedef struct pkcs7_recip_info_st {
-    ASN1_INTEGER *version;      /* version 0 */
-    PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
-    X509_ALGOR *key_enc_algor;
-    ASN1_OCTET_STRING *enc_key;
-    X509 *cert;                 /* get the pub-key from this */
-} PKCS7_RECIP_INFO;
-
-DECLARE_STACK_OF(PKCS7_RECIP_INFO)
-DECLARE_ASN1_SET_OF(PKCS7_RECIP_INFO)
-
-typedef struct pkcs7_signed_st {
-    ASN1_INTEGER *version;      /* version 1 */
-    STACK_OF(X509_ALGOR) *md_algs; /* md used */
-    STACK_OF(X509) *cert;       /* [ 0 ] */
-    STACK_OF(X509_CRL) *crl;    /* [ 1 ] */
-    STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
-    struct pkcs7_st *contents;
-} PKCS7_SIGNED;
-/*
- * The above structure is very very similar to PKCS7_SIGN_ENVELOPE. How about
- * merging the two
- */
-
-typedef struct pkcs7_enc_content_st {
-    ASN1_OBJECT *content_type;
-    X509_ALGOR *algorithm;
-    ASN1_OCTET_STRING *enc_data; /* [ 0 ] */
-    const EVP_CIPHER *cipher;
-} PKCS7_ENC_CONTENT;
-
-typedef struct pkcs7_enveloped_st {
-    ASN1_INTEGER *version;      /* version 0 */
-    STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
-    PKCS7_ENC_CONTENT *enc_data;
-} PKCS7_ENVELOPE;
-
-typedef struct pkcs7_signedandenveloped_st {
-    ASN1_INTEGER *version;      /* version 1 */
-    STACK_OF(X509_ALGOR) *md_algs; /* md used */
-    STACK_OF(X509) *cert;       /* [ 0 ] */
-    STACK_OF(X509_CRL) *crl;    /* [ 1 ] */
-    STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
-    PKCS7_ENC_CONTENT *enc_data;
-    STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
-} PKCS7_SIGN_ENVELOPE;
-
-typedef struct pkcs7_digest_st {
-    ASN1_INTEGER *version;      /* version 0 */
-    X509_ALGOR *md;             /* md used */
-    struct pkcs7_st *contents;
-    ASN1_OCTET_STRING *digest;
-} PKCS7_DIGEST;
-
-typedef struct pkcs7_encrypted_st {
-    ASN1_INTEGER *version;      /* version 0 */
-    PKCS7_ENC_CONTENT *enc_data;
-} PKCS7_ENCRYPT;
-
-typedef struct pkcs7_st {
-    /*
-     * The following is non NULL if it contains ASN1 encoding of this
-     * structure
-     */
-    unsigned char *asn1;
-    long length;
-# define PKCS7_S_HEADER  0
-# define PKCS7_S_BODY    1
-# define PKCS7_S_TAIL    2
-    int state;                  /* used during processing */
-    int detached;
-    ASN1_OBJECT *type;
-    /* content as defined by the type */
-    /*
-     * all encryption/message digests are applied to the 'contents', leaving
-     * out the 'type' field.
-     */
-    union {
-        char *ptr;
-        /* NID_pkcs7_data */
-        ASN1_OCTET_STRING *data;
-        /* NID_pkcs7_signed */
-        PKCS7_SIGNED *sign;
-        /* NID_pkcs7_enveloped */
-        PKCS7_ENVELOPE *enveloped;
-        /* NID_pkcs7_signedAndEnveloped */
-        PKCS7_SIGN_ENVELOPE *signed_and_enveloped;
-        /* NID_pkcs7_digest */
-        PKCS7_DIGEST *digest;
-        /* NID_pkcs7_encrypted */
-        PKCS7_ENCRYPT *encrypted;
-        /* Anything else */
-        ASN1_TYPE *other;
-    } d;
-} PKCS7;
-
-DECLARE_STACK_OF(PKCS7)
-DECLARE_ASN1_SET_OF(PKCS7)
-DECLARE_PKCS12_STACK_OF(PKCS7)
-
-# define PKCS7_OP_SET_DETACHED_SIGNATURE 1
-# define PKCS7_OP_GET_DETACHED_SIGNATURE 2
-
-# define PKCS7_get_signed_attributes(si) ((si)->auth_attr)
-# define PKCS7_get_attributes(si)        ((si)->unauth_attr)
-
-# define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed)
-# define PKCS7_type_is_encrypted(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted)
-# define PKCS7_type_is_enveloped(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_enveloped)
-# define PKCS7_type_is_signedAndEnveloped(a) \
-                (OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped)
-# define PKCS7_type_is_data(a)   (OBJ_obj2nid((a)->type) == NID_pkcs7_data)
-# define PKCS7_type_is_digest(a)   (OBJ_obj2nid((a)->type) == NID_pkcs7_digest)
-
-# define PKCS7_set_detached(p,v) \
-                PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL)
-# define PKCS7_get_detached(p) \
-                PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL)
-
-# define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7))
-
-/* S/MIME related flags */
-
-# define PKCS7_TEXT              0x1
-# define PKCS7_NOCERTS           0x2
-# define PKCS7_NOSIGS            0x4
-# define PKCS7_NOCHAIN           0x8
-# define PKCS7_NOINTERN          0x10
-# define PKCS7_NOVERIFY          0x20
-# define PKCS7_DETACHED          0x40
-# define PKCS7_BINARY            0x80
-# define PKCS7_NOATTR            0x100
-# define PKCS7_NOSMIMECAP        0x200
-# define PKCS7_NOOLDMIMETYPE     0x400
-# define PKCS7_CRLFEOL           0x800
-# define PKCS7_STREAM            0x1000
-# define PKCS7_NOCRL             0x2000
-# define PKCS7_PARTIAL           0x4000
-# define PKCS7_REUSE_DIGEST      0x8000
-
-/* Flags: for compatibility with older code */
-
-# define SMIME_TEXT      PKCS7_TEXT
-# define SMIME_NOCERTS   PKCS7_NOCERTS
-# define SMIME_NOSIGS    PKCS7_NOSIGS
-# define SMIME_NOCHAIN   PKCS7_NOCHAIN
-# define SMIME_NOINTERN  PKCS7_NOINTERN
-# define SMIME_NOVERIFY  PKCS7_NOVERIFY
-# define SMIME_DETACHED  PKCS7_DETACHED
-# define SMIME_BINARY    PKCS7_BINARY
-# define SMIME_NOATTR    PKCS7_NOATTR
-
-DECLARE_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
-
-int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
-                                   const EVP_MD *type, unsigned char *md,
-                                   unsigned int *len);
-# ifndef OPENSSL_NO_FP_API
-PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7);
-int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7);
-# endif
-PKCS7 *PKCS7_dup(PKCS7 *p7);
-PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7);
-int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7);
-int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
-int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
-
-DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO)
-DECLARE_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
-DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNED)
-DECLARE_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT)
-DECLARE_ASN1_FUNCTIONS(PKCS7_ENVELOPE)
-DECLARE_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE)
-DECLARE_ASN1_FUNCTIONS(PKCS7_DIGEST)
-DECLARE_ASN1_FUNCTIONS(PKCS7_ENCRYPT)
-DECLARE_ASN1_FUNCTIONS(PKCS7)
-
-DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN)
-DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY)
-
-DECLARE_ASN1_NDEF_FUNCTION(PKCS7)
-DECLARE_ASN1_PRINT_FUNCTION(PKCS7)
-
-long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
-
-int PKCS7_set_type(PKCS7 *p7, int type);
-int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other);
-int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data);
-int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
-                          const EVP_MD *dgst);
-int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si);
-int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
-int PKCS7_add_certificate(PKCS7 *p7, X509 *x509);
-int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
-int PKCS7_content_new(PKCS7 *p7, int nid);
-int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx,
-                     BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si);
-int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
-                          X509 *x509);
-
-BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio);
-int PKCS7_dataFinal(PKCS7 *p7, BIO *bio);
-BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert);
-
-PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509,
-                                       EVP_PKEY *pkey, const EVP_MD *dgst);
-X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
-int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md);
-STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7);
-
-PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509);
-void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk,
-                                 X509_ALGOR **pdig, X509_ALGOR **psig);
-void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc);
-int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri);
-int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509);
-int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher);
-int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7);
-
-PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx);
-ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk);
-int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int type,
-                               void *data);
-int PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
-                        void *value);
-ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid);
-ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid);
-int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
-                                STACK_OF(X509_ATTRIBUTE) *sk);
-int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,
-                         STACK_OF(X509_ATTRIBUTE) *sk);
-
-PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
-                  BIO *data, int flags);
-
-PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7,
-                                         X509 *signcert, EVP_PKEY *pkey,
-                                         const EVP_MD *md, int flags);
-
-int PKCS7_final(PKCS7 *p7, BIO *data, int flags);
-int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
-                 BIO *indata, BIO *out, int flags);
-STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs,
-                                   int flags);
-PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
-                     int flags);
-int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data,
-                  int flags);
-
-int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si,
-                              STACK_OF(X509_ALGOR) *cap);
-STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si);
-int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg);
-
-int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid);
-int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t);
-int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si,
-                             const unsigned char *md, int mdlen);
-
-int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags);
-PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont);
-
-BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_PKCS7_strings(void);
-
-/* Error codes for the PKCS7 functions. */
-
-/* Function codes. */
-# define PKCS7_F_B64_READ_PKCS7                           120
-# define PKCS7_F_B64_WRITE_PKCS7                          121
-# define PKCS7_F_DO_PKCS7_SIGNED_ATTRIB                   136
-# define PKCS7_F_I2D_PKCS7_BIO_STREAM                     140
-# define PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME           135
-# define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP                118
-# define PKCS7_F_PKCS7_ADD_CERTIFICATE                    100
-# define PKCS7_F_PKCS7_ADD_CRL                            101
-# define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO                 102
-# define PKCS7_F_PKCS7_ADD_SIGNATURE                      131
-# define PKCS7_F_PKCS7_ADD_SIGNER                         103
-# define PKCS7_F_PKCS7_BIO_ADD_DIGEST                     125
-# define PKCS7_F_PKCS7_COPY_EXISTING_DIGEST               138
-# define PKCS7_F_PKCS7_CTRL                               104
-# define PKCS7_F_PKCS7_DATADECODE                         112
-# define PKCS7_F_PKCS7_DATAFINAL                          128
-# define PKCS7_F_PKCS7_DATAINIT                           105
-# define PKCS7_F_PKCS7_DATASIGN                           106
-# define PKCS7_F_PKCS7_DATAVERIFY                         107
-# define PKCS7_F_PKCS7_DECRYPT                            114
-# define PKCS7_F_PKCS7_DECRYPT_RINFO                      133
-# define PKCS7_F_PKCS7_ENCODE_RINFO                       132
-# define PKCS7_F_PKCS7_ENCRYPT                            115
-# define PKCS7_F_PKCS7_FINAL                              134
-# define PKCS7_F_PKCS7_FIND_DIGEST                        127
-# define PKCS7_F_PKCS7_GET0_SIGNERS                       124
-# define PKCS7_F_PKCS7_RECIP_INFO_SET                     130
-# define PKCS7_F_PKCS7_SET_CIPHER                         108
-# define PKCS7_F_PKCS7_SET_CONTENT                        109
-# define PKCS7_F_PKCS7_SET_DIGEST                         126
-# define PKCS7_F_PKCS7_SET_TYPE                           110
-# define PKCS7_F_PKCS7_SIGN                               116
-# define PKCS7_F_PKCS7_SIGNATUREVERIFY                    113
-# define PKCS7_F_PKCS7_SIGNER_INFO_SET                    129
-# define PKCS7_F_PKCS7_SIGNER_INFO_SIGN                   139
-# define PKCS7_F_PKCS7_SIGN_ADD_SIGNER                    137
-# define PKCS7_F_PKCS7_SIMPLE_SMIMECAP                    119
-# define PKCS7_F_PKCS7_VERIFY                             117
-# define PKCS7_F_SMIME_READ_PKCS7                         122
-# define PKCS7_F_SMIME_TEXT                               123
-
-/* Reason codes. */
-# define PKCS7_R_CERTIFICATE_VERIFY_ERROR                 117
-# define PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER          144
-# define PKCS7_R_CIPHER_NOT_INITIALIZED                   116
-# define PKCS7_R_CONTENT_AND_DATA_PRESENT                 118
-# define PKCS7_R_CTRL_ERROR                               152
-# define PKCS7_R_DECODE_ERROR                             130
-# define PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH            100
-# define PKCS7_R_DECRYPT_ERROR                            119
-# define PKCS7_R_DIGEST_FAILURE                           101
-# define PKCS7_R_ENCRYPTION_CTRL_FAILURE                  149
-# define PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 150
-# define PKCS7_R_ERROR_ADDING_RECIPIENT                   120
-# define PKCS7_R_ERROR_SETTING_CIPHER                     121
-# define PKCS7_R_INVALID_MIME_TYPE                        131
-# define PKCS7_R_INVALID_NULL_POINTER                     143
-# define PKCS7_R_INVALID_SIGNED_DATA_TYPE                 155
-# define PKCS7_R_MIME_NO_CONTENT_TYPE                     132
-# define PKCS7_R_MIME_PARSE_ERROR                         133
-# define PKCS7_R_MIME_SIG_PARSE_ERROR                     134
-# define PKCS7_R_MISSING_CERIPEND_INFO                    103
-# define PKCS7_R_NO_CONTENT                               122
-# define PKCS7_R_NO_CONTENT_TYPE                          135
-# define PKCS7_R_NO_DEFAULT_DIGEST                        151
-# define PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND            154
-# define PKCS7_R_NO_MULTIPART_BODY_FAILURE                136
-# define PKCS7_R_NO_MULTIPART_BOUNDARY                    137
-# define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE         115
-# define PKCS7_R_NO_RECIPIENT_MATCHES_KEY                 146
-# define PKCS7_R_NO_SIGNATURES_ON_DATA                    123
-# define PKCS7_R_NO_SIGNERS                               142
-# define PKCS7_R_NO_SIG_CONTENT_TYPE                      138
-# define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE     104
-# define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR                124
-# define PKCS7_R_PKCS7_ADD_SIGNER_ERROR                   153
-# define PKCS7_R_PKCS7_DATAFINAL                          126
-# define PKCS7_R_PKCS7_DATAFINAL_ERROR                    125
-# define PKCS7_R_PKCS7_DATASIGN                           145
-# define PKCS7_R_PKCS7_PARSE_ERROR                        139
-# define PKCS7_R_PKCS7_SIG_PARSE_ERROR                    140
-# define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE   127
-# define PKCS7_R_SIGNATURE_FAILURE                        105
-# define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND             128
-# define PKCS7_R_SIGNING_CTRL_FAILURE                     147
-# define PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE  148
-# define PKCS7_R_SIG_INVALID_MIME_TYPE                    141
-# define PKCS7_R_SMIME_TEXT_ERROR                         129
-# define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE               106
-# define PKCS7_R_UNABLE_TO_FIND_MEM_BIO                   107
-# define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST            108
-# define PKCS7_R_UNKNOWN_DIGEST_TYPE                      109
-# define PKCS7_R_UNKNOWN_OPERATION                        110
-# define PKCS7_R_UNSUPPORTED_CIPHER_TYPE                  111
-# define PKCS7_R_UNSUPPORTED_CONTENT_TYPE                 112
-# define PKCS7_R_WRONG_CONTENT_TYPE                       113
-# define PKCS7_R_WRONG_PKCS7_TYPE                         114
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/pqueue.h b/thirdparty/openssl/openssl/pqueue.h
deleted file mode 100644
index d40d9c7d85..0000000000
--- a/thirdparty/openssl/openssl/pqueue.h
+++ /dev/null
@@ -1,99 +0,0 @@
-/* crypto/pqueue/pqueue.h */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_PQUEUE_H
-# define HEADER_PQUEUE_H
-
-# include <stdio.h>
-# include <stdlib.h>
-# include <string.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-typedef struct _pqueue *pqueue;
-
-typedef struct _pitem {
-    unsigned char priority[8];  /* 64-bit value in big-endian encoding */
-    void *data;
-    struct _pitem *next;
-} pitem;
-
-typedef struct _pitem *piterator;
-
-pitem *pitem_new(unsigned char *prio64be, void *data);
-void pitem_free(pitem *item);
-
-pqueue pqueue_new(void);
-void pqueue_free(pqueue pq);
-
-pitem *pqueue_insert(pqueue pq, pitem *item);
-pitem *pqueue_peek(pqueue pq);
-pitem *pqueue_pop(pqueue pq);
-pitem *pqueue_find(pqueue pq, unsigned char *prio64be);
-pitem *pqueue_iterator(pqueue pq);
-pitem *pqueue_next(piterator *iter);
-
-void pqueue_print(pqueue pq);
-int pqueue_size(pqueue pq);
-
-#ifdef  __cplusplus
-}
-#endif
-#endif                          /* ! HEADER_PQUEUE_H */
diff --git a/thirdparty/openssl/openssl/rand.h b/thirdparty/openssl/openssl/rand.h
deleted file mode 100644
index 2553afda20..0000000000
--- a/thirdparty/openssl/openssl/rand.h
+++ /dev/null
@@ -1,150 +0,0 @@
-/* crypto/rand/rand.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RAND_H
-# define HEADER_RAND_H
-
-# include <stdlib.h>
-# include <openssl/ossl_typ.h>
-# include <openssl/e_os2.h>
-
-# if defined(OPENSSL_SYS_WINDOWS)
-#  include <windows.h>
-# endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# if defined(OPENSSL_FIPS)
-#  define FIPS_RAND_SIZE_T size_t
-# endif
-
-/* Already defined in ossl_typ.h */
-/* typedef struct rand_meth_st RAND_METHOD; */
-
-struct rand_meth_st {
-    void (*seed) (const void *buf, int num);
-    int (*bytes) (unsigned char *buf, int num);
-    void (*cleanup) (void);
-    void (*add) (const void *buf, int num, double entropy);
-    int (*pseudorand) (unsigned char *buf, int num);
-    int (*status) (void);
-};
-
-# ifdef BN_DEBUG
-extern int rand_predictable;
-# endif
-
-int RAND_set_rand_method(const RAND_METHOD *meth);
-const RAND_METHOD *RAND_get_rand_method(void);
-# ifndef OPENSSL_NO_ENGINE
-int RAND_set_rand_engine(ENGINE *engine);
-# endif
-RAND_METHOD *RAND_SSLeay(void);
-void RAND_cleanup(void);
-int RAND_bytes(unsigned char *buf, int num);
-int RAND_pseudo_bytes(unsigned char *buf, int num);
-void RAND_seed(const void *buf, int num);
-void RAND_add(const void *buf, int num, double entropy);
-int RAND_load_file(const char *file, long max_bytes);
-int RAND_write_file(const char *file);
-const char *RAND_file_name(char *file, size_t num);
-int RAND_status(void);
-int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes);
-int RAND_egd(const char *path);
-int RAND_egd_bytes(const char *path, int bytes);
-int RAND_poll(void);
-
-# if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
-
-void RAND_screen(void);
-int RAND_event(UINT, WPARAM, LPARAM);
-
-# endif
-
-# ifdef OPENSSL_FIPS
-void RAND_set_fips_drbg_type(int type, int flags);
-int RAND_init_fips(void);
-# endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_RAND_strings(void);
-
-/* Error codes for the RAND functions. */
-
-/* Function codes. */
-# define RAND_F_RAND_GET_RAND_METHOD                      101
-# define RAND_F_RAND_INIT_FIPS                            102
-# define RAND_F_SSLEAY_RAND_BYTES                         100
-
-/* Reason codes. */
-# define RAND_R_DUAL_EC_DRBG_DISABLED                     104
-# define RAND_R_ERROR_INITIALISING_DRBG                   102
-# define RAND_R_ERROR_INSTANTIATING_DRBG                  103
-# define RAND_R_NO_FIPS_RANDOM_METHOD_SET                 101
-# define RAND_R_PRNG_NOT_SEEDED                           100
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/rc2.h b/thirdparty/openssl/openssl/rc2.h
deleted file mode 100644
index 29d02d7322..0000000000
--- a/thirdparty/openssl/openssl/rc2.h
+++ /dev/null
@@ -1,103 +0,0 @@
-/* crypto/rc2/rc2.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RC2_H
-# define HEADER_RC2_H
-
-# include <openssl/opensslconf.h>/* OPENSSL_NO_RC2, RC2_INT */
-# ifdef OPENSSL_NO_RC2
-#  error RC2 is disabled.
-# endif
-
-# define RC2_ENCRYPT     1
-# define RC2_DECRYPT     0
-
-# define RC2_BLOCK       8
-# define RC2_KEY_LENGTH  16
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct rc2_key_st {
-    RC2_INT data[64];
-} RC2_KEY;
-
-# ifdef OPENSSL_FIPS
-void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,
-                         int bits);
-# endif
-void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits);
-void RC2_ecb_encrypt(const unsigned char *in, unsigned char *out,
-                     RC2_KEY *key, int enc);
-void RC2_encrypt(unsigned long *data, RC2_KEY *key);
-void RC2_decrypt(unsigned long *data, RC2_KEY *key);
-void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-                     RC2_KEY *ks, unsigned char *iv, int enc);
-void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-                       long length, RC2_KEY *schedule, unsigned char *ivec,
-                       int *num, int enc);
-void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-                       long length, RC2_KEY *schedule, unsigned char *ivec,
-                       int *num);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/openssl/rc4.h b/thirdparty/openssl/openssl/rc4.h
deleted file mode 100644
index 39162b1648..0000000000
--- a/thirdparty/openssl/openssl/rc4.h
+++ /dev/null
@@ -1,88 +0,0 @@
-/* crypto/rc4/rc4.h */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RC4_H
-# define HEADER_RC4_H
-
-# include <openssl/opensslconf.h>/* OPENSSL_NO_RC4, RC4_INT */
-# ifdef OPENSSL_NO_RC4
-#  error RC4 is disabled.
-# endif
-
-# include <stddef.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct rc4_key_st {
-    RC4_INT x, y;
-    RC4_INT data[256];
-} RC4_KEY;
-
-const char *RC4_options(void);
-void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
-void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
-void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
-         unsigned char *outdata);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/openssl/ripemd.h b/thirdparty/openssl/openssl/ripemd.h
deleted file mode 100644
index b88ef25e72..0000000000
--- a/thirdparty/openssl/openssl/ripemd.h
+++ /dev/null
@@ -1,105 +0,0 @@
-/* crypto/ripemd/ripemd.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RIPEMD_H
-# define HEADER_RIPEMD_H
-
-# include <openssl/e_os2.h>
-# include <stddef.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# ifdef OPENSSL_NO_RIPEMD
-#  error RIPEMD is disabled.
-# endif
-
-# if defined(__LP32__)
-#  define RIPEMD160_LONG unsigned long
-# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
-#  define RIPEMD160_LONG unsigned long
-#  define RIPEMD160_LONG_LOG2 3
-# else
-#  define RIPEMD160_LONG unsigned int
-# endif
-
-# define RIPEMD160_CBLOCK        64
-# define RIPEMD160_LBLOCK        (RIPEMD160_CBLOCK/4)
-# define RIPEMD160_DIGEST_LENGTH 20
-
-typedef struct RIPEMD160state_st {
-    RIPEMD160_LONG A, B, C, D, E;
-    RIPEMD160_LONG Nl, Nh;
-    RIPEMD160_LONG data[RIPEMD160_LBLOCK];
-    unsigned int num;
-} RIPEMD160_CTX;
-
-# ifdef OPENSSL_FIPS
-int private_RIPEMD160_Init(RIPEMD160_CTX *c);
-# endif
-int RIPEMD160_Init(RIPEMD160_CTX *c);
-int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len);
-int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
-unsigned char *RIPEMD160(const unsigned char *d, size_t n, unsigned char *md);
-void RIPEMD160_Transform(RIPEMD160_CTX *c, const unsigned char *b);
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/openssl/rsa.h b/thirdparty/openssl/openssl/rsa.h
deleted file mode 100644
index d2ee37406e..0000000000
--- a/thirdparty/openssl/openssl/rsa.h
+++ /dev/null
@@ -1,664 +0,0 @@
-/* crypto/rsa/rsa.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RSA_H
-# define HEADER_RSA_H
-
-# include <openssl/asn1.h>
-
-# ifndef OPENSSL_NO_BIO
-#  include <openssl/bio.h>
-# endif
-# include <openssl/crypto.h>
-# include <openssl/ossl_typ.h>
-# ifndef OPENSSL_NO_DEPRECATED
-#  include <openssl/bn.h>
-# endif
-
-# ifdef OPENSSL_NO_RSA
-#  error RSA is disabled.
-# endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Declared already in ossl_typ.h */
-/* typedef struct rsa_st RSA; */
-/* typedef struct rsa_meth_st RSA_METHOD; */
-
-struct rsa_meth_st {
-    const char *name;
-    int (*rsa_pub_enc) (int flen, const unsigned char *from,
-                        unsigned char *to, RSA *rsa, int padding);
-    int (*rsa_pub_dec) (int flen, const unsigned char *from,
-                        unsigned char *to, RSA *rsa, int padding);
-    int (*rsa_priv_enc) (int flen, const unsigned char *from,
-                         unsigned char *to, RSA *rsa, int padding);
-    int (*rsa_priv_dec) (int flen, const unsigned char *from,
-                         unsigned char *to, RSA *rsa, int padding);
-    /* Can be null */
-    int (*rsa_mod_exp) (BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);
-    /* Can be null */
-    int (*bn_mod_exp) (BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-                       const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-    /* called at new */
-    int (*init) (RSA *rsa);
-    /* called at free */
-    int (*finish) (RSA *rsa);
-    /* RSA_METHOD_FLAG_* things */
-    int flags;
-    /* may be needed! */
-    char *app_data;
-    /*
-     * New sign and verify functions: some libraries don't allow arbitrary
-     * data to be signed/verified: this allows them to be used. Note: for
-     * this to work the RSA_public_decrypt() and RSA_private_encrypt() should
-     * *NOT* be used RSA_sign(), RSA_verify() should be used instead. Note:
-     * for backwards compatibility this functionality is only enabled if the
-     * RSA_FLAG_SIGN_VER option is set in 'flags'.
-     */
-    int (*rsa_sign) (int type,
-                     const unsigned char *m, unsigned int m_length,
-                     unsigned char *sigret, unsigned int *siglen,
-                     const RSA *rsa);
-    int (*rsa_verify) (int dtype, const unsigned char *m,
-                       unsigned int m_length, const unsigned char *sigbuf,
-                       unsigned int siglen, const RSA *rsa);
-    /*
-     * If this callback is NULL, the builtin software RSA key-gen will be
-     * used. This is for behavioural compatibility whilst the code gets
-     * rewired, but one day it would be nice to assume there are no such
-     * things as "builtin software" implementations.
-     */
-    int (*rsa_keygen) (RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
-};
-
-struct rsa_st {
-    /*
-     * The first parameter is used to pickup errors where this is passed
-     * instead of aEVP_PKEY, it is set to 0
-     */
-    int pad;
-    long version;
-    const RSA_METHOD *meth;
-    /* functional reference if 'meth' is ENGINE-provided */
-    ENGINE *engine;
-    BIGNUM *n;
-    BIGNUM *e;
-    BIGNUM *d;
-    BIGNUM *p;
-    BIGNUM *q;
-    BIGNUM *dmp1;
-    BIGNUM *dmq1;
-    BIGNUM *iqmp;
-    /* be careful using this if the RSA structure is shared */
-    CRYPTO_EX_DATA ex_data;
-    int references;
-    int flags;
-    /* Used to cache montgomery values */
-    BN_MONT_CTX *_method_mod_n;
-    BN_MONT_CTX *_method_mod_p;
-    BN_MONT_CTX *_method_mod_q;
-    /*
-     * all BIGNUM values are actually in the following data, if it is not
-     * NULL
-     */
-    char *bignum_data;
-    BN_BLINDING *blinding;
-    BN_BLINDING *mt_blinding;
-};
-
-# ifndef OPENSSL_RSA_MAX_MODULUS_BITS
-#  define OPENSSL_RSA_MAX_MODULUS_BITS   16384
-# endif
-
-# ifndef OPENSSL_RSA_SMALL_MODULUS_BITS
-#  define OPENSSL_RSA_SMALL_MODULUS_BITS 3072
-# endif
-# ifndef OPENSSL_RSA_MAX_PUBEXP_BITS
-
-/* exponent limit enforced for "large" modulus only */
-#  define OPENSSL_RSA_MAX_PUBEXP_BITS    64
-# endif
-
-# define RSA_3   0x3L
-# define RSA_F4  0x10001L
-
-# define RSA_METHOD_FLAG_NO_CHECK        0x0001/* don't check pub/private
-                                                * match */
-
-# define RSA_FLAG_CACHE_PUBLIC           0x0002
-# define RSA_FLAG_CACHE_PRIVATE          0x0004
-# define RSA_FLAG_BLINDING               0x0008
-# define RSA_FLAG_THREAD_SAFE            0x0010
-/*
- * This flag means the private key operations will be handled by rsa_mod_exp
- * and that they do not depend on the private key components being present:
- * for example a key stored in external hardware. Without this flag
- * bn_mod_exp gets called when private key components are absent.
- */
-# define RSA_FLAG_EXT_PKEY               0x0020
-
-/*
- * This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify
- * functions.
- */
-# define RSA_FLAG_SIGN_VER               0x0040
-
-/*
- * new with 0.9.6j and 0.9.7b; the built-in
- * RSA implementation now uses blinding by
- * default (ignoring RSA_FLAG_BLINDING),
- * but other engines might not need it
- */
-# define RSA_FLAG_NO_BLINDING            0x0080
-/*
- * new with 0.9.8f; the built-in RSA
- * implementation now uses constant time
- * operations by default in private key operations,
- * e.g., constant time modular exponentiation,
- * modular inverse without leaking branches,
- * division without leaking branches. This
- * flag disables these constant time
- * operations and results in faster RSA
- * private key operations.
- */
-# define RSA_FLAG_NO_CONSTTIME           0x0100
-# ifdef OPENSSL_USE_DEPRECATED
-/* deprecated name for the flag*/
-/*
- * new with 0.9.7h; the built-in RSA
- * implementation now uses constant time
- * modular exponentiation for secret exponents
- * by default. This flag causes the
- * faster variable sliding window method to
- * be used for all exponents.
- */
-#  define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME
-# endif
-
-# define EVP_PKEY_CTX_set_rsa_padding(ctx, pad) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \
-                                pad, NULL)
-
-# define EVP_PKEY_CTX_get_rsa_padding(ctx, ppad) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, \
-                                EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad)
-
-# define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
-                                (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
-                                EVP_PKEY_CTRL_RSA_PSS_SALTLEN, \
-                                len, NULL)
-
-# define EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, plen) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
-                                (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
-                                EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, \
-                                0, plen)
-
-# define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
-                                EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL)
-
-# define EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp) \
-        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
-                                EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp)
-
-# define  EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md)  \
-                EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
-                        EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \
-                                EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)md)
-
-# define  EVP_PKEY_CTX_set_rsa_oaep_md(ctx, md)  \
-                EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
-                                EVP_PKEY_CTRL_RSA_OAEP_MD, 0, (void *)md)
-
-# define  EVP_PKEY_CTX_get_rsa_mgf1_md(ctx, pmd) \
-                EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
-                        EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \
-                                EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void *)pmd)
-
-# define  EVP_PKEY_CTX_get_rsa_oaep_md(ctx, pmd) \
-                EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
-                                EVP_PKEY_CTRL_GET_RSA_OAEP_MD, 0, (void *)pmd)
-
-# define  EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, l, llen) \
-                EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
-                                EVP_PKEY_CTRL_RSA_OAEP_LABEL, llen, (void *)l)
-
-# define  EVP_PKEY_CTX_get0_rsa_oaep_label(ctx, l)       \
-                EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
-                                EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL, 0, (void *)l)
-
-# define EVP_PKEY_CTRL_RSA_PADDING       (EVP_PKEY_ALG_CTRL + 1)
-# define EVP_PKEY_CTRL_RSA_PSS_SALTLEN   (EVP_PKEY_ALG_CTRL + 2)
-
-# define EVP_PKEY_CTRL_RSA_KEYGEN_BITS   (EVP_PKEY_ALG_CTRL + 3)
-# define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4)
-# define EVP_PKEY_CTRL_RSA_MGF1_MD       (EVP_PKEY_ALG_CTRL + 5)
-
-# define EVP_PKEY_CTRL_GET_RSA_PADDING           (EVP_PKEY_ALG_CTRL + 6)
-# define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN       (EVP_PKEY_ALG_CTRL + 7)
-# define EVP_PKEY_CTRL_GET_RSA_MGF1_MD           (EVP_PKEY_ALG_CTRL + 8)
-
-# define EVP_PKEY_CTRL_RSA_OAEP_MD       (EVP_PKEY_ALG_CTRL + 9)
-# define EVP_PKEY_CTRL_RSA_OAEP_LABEL    (EVP_PKEY_ALG_CTRL + 10)
-
-# define EVP_PKEY_CTRL_GET_RSA_OAEP_MD   (EVP_PKEY_ALG_CTRL + 11)
-# define EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 12)
-
-# define RSA_PKCS1_PADDING       1
-# define RSA_SSLV23_PADDING      2
-# define RSA_NO_PADDING          3
-# define RSA_PKCS1_OAEP_PADDING  4
-# define RSA_X931_PADDING        5
-/* EVP_PKEY_ only */
-# define RSA_PKCS1_PSS_PADDING   6
-
-# define RSA_PKCS1_PADDING_SIZE  11
-
-# define RSA_set_app_data(s,arg)         RSA_set_ex_data(s,0,arg)
-# define RSA_get_app_data(s)             RSA_get_ex_data(s,0)
-
-RSA *RSA_new(void);
-RSA *RSA_new_method(ENGINE *engine);
-int RSA_size(const RSA *rsa);
-
-/* Deprecated version */
-# ifndef OPENSSL_NO_DEPRECATED
-RSA *RSA_generate_key(int bits, unsigned long e, void
-                       (*callback) (int, int, void *), void *cb_arg);
-# endif                         /* !defined(OPENSSL_NO_DEPRECATED) */
-
-/* New version */
-int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
-
-int RSA_check_key(const RSA *);
-        /* next 4 return -1 on error */
-int RSA_public_encrypt(int flen, const unsigned char *from,
-                       unsigned char *to, RSA *rsa, int padding);
-int RSA_private_encrypt(int flen, const unsigned char *from,
-                        unsigned char *to, RSA *rsa, int padding);
-int RSA_public_decrypt(int flen, const unsigned char *from,
-                       unsigned char *to, RSA *rsa, int padding);
-int RSA_private_decrypt(int flen, const unsigned char *from,
-                        unsigned char *to, RSA *rsa, int padding);
-void RSA_free(RSA *r);
-/* "up" the RSA object's reference count */
-int RSA_up_ref(RSA *r);
-
-int RSA_flags(const RSA *r);
-
-void RSA_set_default_method(const RSA_METHOD *meth);
-const RSA_METHOD *RSA_get_default_method(void);
-const RSA_METHOD *RSA_get_method(const RSA *rsa);
-int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
-
-/* This function needs the memory locking malloc callbacks to be installed */
-int RSA_memory_lock(RSA *r);
-
-/* these are the actual SSLeay RSA functions */
-const RSA_METHOD *RSA_PKCS1_SSLeay(void);
-
-const RSA_METHOD *RSA_null_method(void);
-
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
-
-typedef struct rsa_pss_params_st {
-    X509_ALGOR *hashAlgorithm;
-    X509_ALGOR *maskGenAlgorithm;
-    ASN1_INTEGER *saltLength;
-    ASN1_INTEGER *trailerField;
-} RSA_PSS_PARAMS;
-
-DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
-
-typedef struct rsa_oaep_params_st {
-    X509_ALGOR *hashFunc;
-    X509_ALGOR *maskGenFunc;
-    X509_ALGOR *pSourceFunc;
-} RSA_OAEP_PARAMS;
-
-DECLARE_ASN1_FUNCTIONS(RSA_OAEP_PARAMS)
-
-# ifndef OPENSSL_NO_FP_API
-int RSA_print_fp(FILE *fp, const RSA *r, int offset);
-# endif
-
-# ifndef OPENSSL_NO_BIO
-int RSA_print(BIO *bp, const RSA *r, int offset);
-# endif
-
-# ifndef OPENSSL_NO_RC4
-int i2d_RSA_NET(const RSA *a, unsigned char **pp,
-                int (*cb) (char *buf, int len, const char *prompt,
-                           int verify), int sgckey);
-RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
-                 int (*cb) (char *buf, int len, const char *prompt,
-                            int verify), int sgckey);
-
-int i2d_Netscape_RSA(const RSA *a, unsigned char **pp,
-                     int (*cb) (char *buf, int len, const char *prompt,
-                                int verify));
-RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length,
-                      int (*cb) (char *buf, int len, const char *prompt,
-                                 int verify));
-# endif
-
-/*
- * The following 2 functions sign and verify a X509_SIG ASN1 object inside
- * PKCS#1 padded RSA encryption
- */
-int RSA_sign(int type, const unsigned char *m, unsigned int m_length,
-             unsigned char *sigret, unsigned int *siglen, RSA *rsa);
-int RSA_verify(int type, const unsigned char *m, unsigned int m_length,
-               const unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
-
-/*
- * The following 2 function sign and verify a ASN1_OCTET_STRING object inside
- * PKCS#1 padded RSA encryption
- */
-int RSA_sign_ASN1_OCTET_STRING(int type,
-                               const unsigned char *m, unsigned int m_length,
-                               unsigned char *sigret, unsigned int *siglen,
-                               RSA *rsa);
-int RSA_verify_ASN1_OCTET_STRING(int type, const unsigned char *m,
-                                 unsigned int m_length, unsigned char *sigbuf,
-                                 unsigned int siglen, RSA *rsa);
-
-int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
-void RSA_blinding_off(RSA *rsa);
-BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx);
-
-int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
-                                 const unsigned char *f, int fl);
-int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
-                                   const unsigned char *f, int fl,
-                                   int rsa_len);
-int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
-                                 const unsigned char *f, int fl);
-int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
-                                   const unsigned char *f, int fl,
-                                   int rsa_len);
-int PKCS1_MGF1(unsigned char *mask, long len, const unsigned char *seed,
-               long seedlen, const EVP_MD *dgst);
-int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
-                               const unsigned char *f, int fl,
-                               const unsigned char *p, int pl);
-int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
-                                 const unsigned char *f, int fl, int rsa_len,
-                                 const unsigned char *p, int pl);
-int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
-                                    const unsigned char *from, int flen,
-                                    const unsigned char *param, int plen,
-                                    const EVP_MD *md, const EVP_MD *mgf1md);
-int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
-                                      const unsigned char *from, int flen,
-                                      int num, const unsigned char *param,
-                                      int plen, const EVP_MD *md,
-                                      const EVP_MD *mgf1md);
-int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
-                           const unsigned char *f, int fl);
-int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
-                             const unsigned char *f, int fl, int rsa_len);
-int RSA_padding_add_none(unsigned char *to, int tlen, const unsigned char *f,
-                         int fl);
-int RSA_padding_check_none(unsigned char *to, int tlen,
-                           const unsigned char *f, int fl, int rsa_len);
-int RSA_padding_add_X931(unsigned char *to, int tlen, const unsigned char *f,
-                         int fl);
-int RSA_padding_check_X931(unsigned char *to, int tlen,
-                           const unsigned char *f, int fl, int rsa_len);
-int RSA_X931_hash_id(int nid);
-
-int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
-                         const EVP_MD *Hash, const unsigned char *EM,
-                         int sLen);
-int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
-                              const unsigned char *mHash, const EVP_MD *Hash,
-                              int sLen);
-
-int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
-                              const EVP_MD *Hash, const EVP_MD *mgf1Hash,
-                              const unsigned char *EM, int sLen);
-
-int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
-                                   const unsigned char *mHash,
-                                   const EVP_MD *Hash, const EVP_MD *mgf1Hash,
-                                   int sLen);
-
-int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-                         CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int RSA_set_ex_data(RSA *r, int idx, void *arg);
-void *RSA_get_ex_data(const RSA *r, int idx);
-
-RSA *RSAPublicKey_dup(RSA *rsa);
-RSA *RSAPrivateKey_dup(RSA *rsa);
-
-/*
- * If this flag is set the RSA method is FIPS compliant and can be used in
- * FIPS mode. This is set in the validated module method. If an application
- * sets this flag in its own methods it is its responsibility to ensure the
- * result is compliant.
- */
-
-# define RSA_FLAG_FIPS_METHOD                    0x0400
-
-/*
- * If this flag is set the operations normally disabled in FIPS mode are
- * permitted it is then the applications responsibility to ensure that the
- * usage is compliant.
- */
-
-# define RSA_FLAG_NON_FIPS_ALLOW                 0x0400
-/*
- * Application has decided PRNG is good enough to generate a key: don't
- * check.
- */
-# define RSA_FLAG_CHECKED                        0x0800
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_RSA_strings(void);
-
-/* Error codes for the RSA functions. */
-
-/* Function codes. */
-# define RSA_F_CHECK_PADDING_MD                           140
-# define RSA_F_DO_RSA_PRINT                               146
-# define RSA_F_INT_RSA_VERIFY                             145
-# define RSA_F_MEMORY_LOCK                                100
-# define RSA_F_OLD_RSA_PRIV_DECODE                        147
-# define RSA_F_PKEY_RSA_CTRL                              143
-# define RSA_F_PKEY_RSA_CTRL_STR                          144
-# define RSA_F_PKEY_RSA_SIGN                              142
-# define RSA_F_PKEY_RSA_VERIFY                            154
-# define RSA_F_PKEY_RSA_VERIFYRECOVER                     141
-# define RSA_F_RSA_ALGOR_TO_MD                            157
-# define RSA_F_RSA_BUILTIN_KEYGEN                         129
-# define RSA_F_RSA_CHECK_KEY                              123
-# define RSA_F_RSA_CMS_DECRYPT                            158
-# define RSA_F_RSA_EAY_PRIVATE_DECRYPT                    101
-# define RSA_F_RSA_EAY_PRIVATE_ENCRYPT                    102
-# define RSA_F_RSA_EAY_PUBLIC_DECRYPT                     103
-# define RSA_F_RSA_EAY_PUBLIC_ENCRYPT                     104
-# define RSA_F_RSA_GENERATE_KEY                           105
-# define RSA_F_RSA_GENERATE_KEY_EX                        155
-# define RSA_F_RSA_ITEM_VERIFY                            156
-# define RSA_F_RSA_MEMORY_LOCK                            130
-# define RSA_F_RSA_MGF1_TO_MD                             159
-# define RSA_F_RSA_NEW_METHOD                             106
-# define RSA_F_RSA_NULL                                   124
-# define RSA_F_RSA_NULL_MOD_EXP                           131
-# define RSA_F_RSA_NULL_PRIVATE_DECRYPT                   132
-# define RSA_F_RSA_NULL_PRIVATE_ENCRYPT                   133
-# define RSA_F_RSA_NULL_PUBLIC_DECRYPT                    134
-# define RSA_F_RSA_NULL_PUBLIC_ENCRYPT                    135
-# define RSA_F_RSA_PADDING_ADD_NONE                       107
-# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP                 121
-# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1            160
-# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS                  125
-# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1             148
-# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1               108
-# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2               109
-# define RSA_F_RSA_PADDING_ADD_SSLV23                     110
-# define RSA_F_RSA_PADDING_ADD_X931                       127
-# define RSA_F_RSA_PADDING_CHECK_NONE                     111
-# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP               122
-# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1          161
-# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1             112
-# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2             113
-# define RSA_F_RSA_PADDING_CHECK_SSLV23                   114
-# define RSA_F_RSA_PADDING_CHECK_X931                     128
-# define RSA_F_RSA_PRINT                                  115
-# define RSA_F_RSA_PRINT_FP                               116
-# define RSA_F_RSA_PRIVATE_DECRYPT                        150
-# define RSA_F_RSA_PRIVATE_ENCRYPT                        151
-# define RSA_F_RSA_PRIV_DECODE                            137
-# define RSA_F_RSA_PRIV_ENCODE                            138
-# define RSA_F_RSA_PSS_TO_CTX                             162
-# define RSA_F_RSA_PUBLIC_DECRYPT                         152
-# define RSA_F_RSA_PUBLIC_ENCRYPT                         153
-# define RSA_F_RSA_PUB_DECODE                             139
-# define RSA_F_RSA_SETUP_BLINDING                         136
-# define RSA_F_RSA_SIGN                                   117
-# define RSA_F_RSA_SIGN_ASN1_OCTET_STRING                 118
-# define RSA_F_RSA_VERIFY                                 119
-# define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING               120
-# define RSA_F_RSA_VERIFY_PKCS1_PSS                       126
-# define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1                  149
-
-/* Reason codes. */
-# define RSA_R_ALGORITHM_MISMATCH                         100
-# define RSA_R_BAD_E_VALUE                                101
-# define RSA_R_BAD_FIXED_HEADER_DECRYPT                   102
-# define RSA_R_BAD_PAD_BYTE_COUNT                         103
-# define RSA_R_BAD_SIGNATURE                              104
-# define RSA_R_BLOCK_TYPE_IS_NOT_01                       106
-# define RSA_R_BLOCK_TYPE_IS_NOT_02                       107
-# define RSA_R_DATA_GREATER_THAN_MOD_LEN                  108
-# define RSA_R_DATA_TOO_LARGE                             109
-# define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE                110
-# define RSA_R_DATA_TOO_LARGE_FOR_MODULUS                 132
-# define RSA_R_DATA_TOO_SMALL                             111
-# define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE                122
-# define RSA_R_DIGEST_DOES_NOT_MATCH                      166
-# define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY                 112
-# define RSA_R_DMP1_NOT_CONGRUENT_TO_D                    124
-# define RSA_R_DMQ1_NOT_CONGRUENT_TO_D                    125
-# define RSA_R_D_E_NOT_CONGRUENT_TO_1                     123
-# define RSA_R_FIRST_OCTET_INVALID                        133
-# define RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE        144
-# define RSA_R_INVALID_DIGEST                             160
-# define RSA_R_INVALID_DIGEST_LENGTH                      143
-# define RSA_R_INVALID_HEADER                             137
-# define RSA_R_INVALID_KEYBITS                            145
-# define RSA_R_INVALID_LABEL                              161
-# define RSA_R_INVALID_MESSAGE_LENGTH                     131
-# define RSA_R_INVALID_MGF1_MD                            156
-# define RSA_R_INVALID_OAEP_PARAMETERS                    162
-# define RSA_R_INVALID_PADDING                            138
-# define RSA_R_INVALID_PADDING_MODE                       141
-# define RSA_R_INVALID_PSS_PARAMETERS                     149
-# define RSA_R_INVALID_PSS_SALTLEN                        146
-# define RSA_R_INVALID_SALT_LENGTH                        150
-# define RSA_R_INVALID_TRAILER                            139
-# define RSA_R_INVALID_X931_DIGEST                        142
-# define RSA_R_IQMP_NOT_INVERSE_OF_Q                      126
-# define RSA_R_KEY_SIZE_TOO_SMALL                         120
-# define RSA_R_LAST_OCTET_INVALID                         134
-# define RSA_R_MODULUS_TOO_LARGE                          105
-# define RSA_R_NON_FIPS_RSA_METHOD                        157
-# define RSA_R_NO_PUBLIC_EXPONENT                         140
-# define RSA_R_NULL_BEFORE_BLOCK_MISSING                  113
-# define RSA_R_N_DOES_NOT_EQUAL_P_Q                       127
-# define RSA_R_OAEP_DECODING_ERROR                        121
-# define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE         158
-# define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE   148
-# define RSA_R_PADDING_CHECK_FAILED                       114
-# define RSA_R_PKCS_DECODING_ERROR                        159
-# define RSA_R_P_NOT_PRIME                                128
-# define RSA_R_Q_NOT_PRIME                                129
-# define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED               130
-# define RSA_R_SLEN_CHECK_FAILED                          136
-# define RSA_R_SLEN_RECOVERY_FAILED                       135
-# define RSA_R_SSLV3_ROLLBACK_ATTACK                      115
-# define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
-# define RSA_R_UNKNOWN_ALGORITHM_TYPE                     117
-# define RSA_R_UNKNOWN_DIGEST                             163
-# define RSA_R_UNKNOWN_MASK_DIGEST                        151
-# define RSA_R_UNKNOWN_PADDING_TYPE                       118
-# define RSA_R_UNKNOWN_PSS_DIGEST                         152
-# define RSA_R_UNSUPPORTED_ENCRYPTION_TYPE                164
-# define RSA_R_UNSUPPORTED_LABEL_SOURCE                   165
-# define RSA_R_UNSUPPORTED_MASK_ALGORITHM                 153
-# define RSA_R_UNSUPPORTED_MASK_PARAMETER                 154
-# define RSA_R_UNSUPPORTED_SIGNATURE_TYPE                 155
-# define RSA_R_VALUE_MISSING                              147
-# define RSA_R_WRONG_SIGNATURE_LENGTH                     119
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/safestack.h b/thirdparty/openssl/openssl/safestack.h
deleted file mode 100644
index 1d4f87eab3..0000000000
--- a/thirdparty/openssl/openssl/safestack.h
+++ /dev/null
@@ -1,2672 +0,0 @@
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_SAFESTACK_H
-# define HEADER_SAFESTACK_H
-
-# include <openssl/stack.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# ifndef CHECKED_PTR_OF
-#  define CHECKED_PTR_OF(type, p) \
-    ((void*) (1 ? p : (type*)0))
-# endif
-
-/*
- * In C++ we get problems because an explicit cast is needed from (void *) we
- * use CHECKED_STACK_OF to ensure the correct type is passed in the macros
- * below.
- */
-
-# define CHECKED_STACK_OF(type, p) \
-    ((_STACK*) (1 ? p : (STACK_OF(type)*)0))
-
-# define CHECKED_SK_COPY_FUNC(type, p) \
-    ((void *(*)(void *)) ((1 ? p : (type *(*)(const type *))0)))
-
-# define CHECKED_SK_FREE_FUNC(type, p) \
-    ((void (*)(void *)) ((1 ? p : (void (*)(type *))0)))
-
-# define CHECKED_SK_CMP_FUNC(type, p) \
-    ((int (*)(const void *, const void *)) \
-        ((1 ? p : (int (*)(const type * const *, const type * const *))0)))
-
-# define STACK_OF(type) struct stack_st_##type
-# define PREDECLARE_STACK_OF(type) STACK_OF(type);
-
-# define DECLARE_STACK_OF(type) \
-STACK_OF(type) \
-    { \
-    _STACK stack; \
-    };
-# define DECLARE_SPECIAL_STACK_OF(type, type2) \
-STACK_OF(type) \
-    { \
-    _STACK stack; \
-    };
-
-/* nada (obsolete in new safestack approach)*/
-# define IMPLEMENT_STACK_OF(type)
-
-/*-
- * Strings are special: normally an lhash entry will point to a single
- * (somewhat) mutable object. In the case of strings:
- *
- * a) Instead of a single char, there is an array of chars, NUL-terminated.
- * b) The string may have be immutable.
- *
- * So, they need their own declarations. Especially important for
- * type-checking tools, such as Deputy.
- *
- * In practice, however, it appears to be hard to have a const
- * string. For now, I'm settling for dealing with the fact it is a
- * string at all.
- */
-typedef char *OPENSSL_STRING;
-
-typedef const char *OPENSSL_CSTRING;
-
-/*
- * Confusingly, LHASH_OF(STRING) deals with char ** throughout, but
- * STACK_OF(STRING) is really more like STACK_OF(char), only, as mentioned
- * above, instead of a single char each entry is a NUL-terminated array of
- * chars. So, we have to implement STRING specially for STACK_OF. This is
- * dealt with in the autogenerated macros below.
- */
-
-DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char)
-
-/*
- * Similarly, we sometimes use a block of characters, NOT nul-terminated.
- * These should also be distinguished from "normal" stacks.
- */
-typedef void *OPENSSL_BLOCK;
-DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void)
-
-/*
- * SKM_sk_... stack macros are internal to safestack.h: never use them
- * directly, use sk_<type>_... instead
- */
-# define SKM_sk_new(type, cmp) \
-        ((STACK_OF(type) *)sk_new(CHECKED_SK_CMP_FUNC(type, cmp)))
-# define SKM_sk_new_null(type) \
-        ((STACK_OF(type) *)sk_new_null())
-# define SKM_sk_free(type, st) \
-        sk_free(CHECKED_STACK_OF(type, st))
-# define SKM_sk_num(type, st) \
-        sk_num(CHECKED_STACK_OF(type, st))
-# define SKM_sk_value(type, st,i) \
-        ((type *)sk_value(CHECKED_STACK_OF(type, st), i))
-# define SKM_sk_set(type, st,i,val) \
-        sk_set(CHECKED_STACK_OF(type, st), i, CHECKED_PTR_OF(type, val))
-# define SKM_sk_zero(type, st) \
-        sk_zero(CHECKED_STACK_OF(type, st))
-# define SKM_sk_push(type, st, val) \
-        sk_push(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val))
-# define SKM_sk_unshift(type, st, val) \
-        sk_unshift(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val))
-# define SKM_sk_find(type, st, val) \
-        sk_find(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val))
-# define SKM_sk_find_ex(type, st, val) \
-        sk_find_ex(CHECKED_STACK_OF(type, st), \
-                   CHECKED_PTR_OF(type, val))
-# define SKM_sk_delete(type, st, i) \
-        (type *)sk_delete(CHECKED_STACK_OF(type, st), i)
-# define SKM_sk_delete_ptr(type, st, ptr) \
-        (type *)sk_delete_ptr(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, ptr))
-# define SKM_sk_insert(type, st,val, i) \
-        sk_insert(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val), i)
-# define SKM_sk_set_cmp_func(type, st, cmp) \
-        ((int (*)(const type * const *,const type * const *)) \
-        sk_set_cmp_func(CHECKED_STACK_OF(type, st), CHECKED_SK_CMP_FUNC(type, cmp)))
-# define SKM_sk_dup(type, st) \
-        (STACK_OF(type) *)sk_dup(CHECKED_STACK_OF(type, st))
-# define SKM_sk_pop_free(type, st, free_func) \
-        sk_pop_free(CHECKED_STACK_OF(type, st), CHECKED_SK_FREE_FUNC(type, free_func))
-# define SKM_sk_deep_copy(type, st, copy_func, free_func) \
-        (STACK_OF(type) *)sk_deep_copy(CHECKED_STACK_OF(type, st), CHECKED_SK_COPY_FUNC(type, copy_func), CHECKED_SK_FREE_FUNC(type, free_func))
-# define SKM_sk_shift(type, st) \
-        (type *)sk_shift(CHECKED_STACK_OF(type, st))
-# define SKM_sk_pop(type, st) \
-        (type *)sk_pop(CHECKED_STACK_OF(type, st))
-# define SKM_sk_sort(type, st) \
-        sk_sort(CHECKED_STACK_OF(type, st))
-# define SKM_sk_is_sorted(type, st) \
-        sk_is_sorted(CHECKED_STACK_OF(type, st))
-# define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-  (STACK_OF(type) *)d2i_ASN1_SET( \
-                                (STACK_OF(OPENSSL_BLOCK) **)CHECKED_PTR_OF(STACK_OF(type)*, st), \
-                                pp, length, \
-                                CHECKED_D2I_OF(type, d2i_func), \
-                                CHECKED_SK_FREE_FUNC(type, free_func), \
-                                ex_tag, ex_class)
-# define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \
-  i2d_ASN1_SET((STACK_OF(OPENSSL_BLOCK) *)CHECKED_STACK_OF(type, st), pp, \
-                                CHECKED_I2D_OF(type, i2d_func), \
-                                ex_tag, ex_class, is_set)
-# define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \
-        ASN1_seq_pack(CHECKED_PTR_OF(STACK_OF(type), st), \
-                        CHECKED_I2D_OF(type, i2d_func), buf, len)
-# define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \
-        (STACK_OF(type) *)ASN1_seq_unpack(buf, len, CHECKED_D2I_OF(type, d2i_func), CHECKED_SK_FREE_FUNC(type, free_func))
-# define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \
-        (STACK_OF(type) *)PKCS12_decrypt_d2i(algor, \
-                                CHECKED_D2I_OF(type, d2i_func), \
-                                CHECKED_SK_FREE_FUNC(type, free_func), \
-                                pass, passlen, oct, seq)
-/*
- * This block of defines is updated by util/mkstack.pl, please do not touch!
- */
-# define sk_ACCESS_DESCRIPTION_new(cmp) SKM_sk_new(ACCESS_DESCRIPTION, (cmp))
-# define sk_ACCESS_DESCRIPTION_new_null() SKM_sk_new_null(ACCESS_DESCRIPTION)
-# define sk_ACCESS_DESCRIPTION_free(st) SKM_sk_free(ACCESS_DESCRIPTION, (st))
-# define sk_ACCESS_DESCRIPTION_num(st) SKM_sk_num(ACCESS_DESCRIPTION, (st))
-# define sk_ACCESS_DESCRIPTION_value(st, i) SKM_sk_value(ACCESS_DESCRIPTION, (st), (i))
-# define sk_ACCESS_DESCRIPTION_set(st, i, val) SKM_sk_set(ACCESS_DESCRIPTION, (st), (i), (val))
-# define sk_ACCESS_DESCRIPTION_zero(st) SKM_sk_zero(ACCESS_DESCRIPTION, (st))
-# define sk_ACCESS_DESCRIPTION_push(st, val) SKM_sk_push(ACCESS_DESCRIPTION, (st), (val))
-# define sk_ACCESS_DESCRIPTION_unshift(st, val) SKM_sk_unshift(ACCESS_DESCRIPTION, (st), (val))
-# define sk_ACCESS_DESCRIPTION_find(st, val) SKM_sk_find(ACCESS_DESCRIPTION, (st), (val))
-# define sk_ACCESS_DESCRIPTION_find_ex(st, val) SKM_sk_find_ex(ACCESS_DESCRIPTION, (st), (val))
-# define sk_ACCESS_DESCRIPTION_delete(st, i) SKM_sk_delete(ACCESS_DESCRIPTION, (st), (i))
-# define sk_ACCESS_DESCRIPTION_delete_ptr(st, ptr) SKM_sk_delete_ptr(ACCESS_DESCRIPTION, (st), (ptr))
-# define sk_ACCESS_DESCRIPTION_insert(st, val, i) SKM_sk_insert(ACCESS_DESCRIPTION, (st), (val), (i))
-# define sk_ACCESS_DESCRIPTION_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ACCESS_DESCRIPTION, (st), (cmp))
-# define sk_ACCESS_DESCRIPTION_dup(st) SKM_sk_dup(ACCESS_DESCRIPTION, st)
-# define sk_ACCESS_DESCRIPTION_pop_free(st, free_func) SKM_sk_pop_free(ACCESS_DESCRIPTION, (st), (free_func))
-# define sk_ACCESS_DESCRIPTION_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ACCESS_DESCRIPTION, (st), (copy_func), (free_func))
-# define sk_ACCESS_DESCRIPTION_shift(st) SKM_sk_shift(ACCESS_DESCRIPTION, (st))
-# define sk_ACCESS_DESCRIPTION_pop(st) SKM_sk_pop(ACCESS_DESCRIPTION, (st))
-# define sk_ACCESS_DESCRIPTION_sort(st) SKM_sk_sort(ACCESS_DESCRIPTION, (st))
-# define sk_ACCESS_DESCRIPTION_is_sorted(st) SKM_sk_is_sorted(ACCESS_DESCRIPTION, (st))
-# define sk_ASIdOrRange_new(cmp) SKM_sk_new(ASIdOrRange, (cmp))
-# define sk_ASIdOrRange_new_null() SKM_sk_new_null(ASIdOrRange)
-# define sk_ASIdOrRange_free(st) SKM_sk_free(ASIdOrRange, (st))
-# define sk_ASIdOrRange_num(st) SKM_sk_num(ASIdOrRange, (st))
-# define sk_ASIdOrRange_value(st, i) SKM_sk_value(ASIdOrRange, (st), (i))
-# define sk_ASIdOrRange_set(st, i, val) SKM_sk_set(ASIdOrRange, (st), (i), (val))
-# define sk_ASIdOrRange_zero(st) SKM_sk_zero(ASIdOrRange, (st))
-# define sk_ASIdOrRange_push(st, val) SKM_sk_push(ASIdOrRange, (st), (val))
-# define sk_ASIdOrRange_unshift(st, val) SKM_sk_unshift(ASIdOrRange, (st), (val))
-# define sk_ASIdOrRange_find(st, val) SKM_sk_find(ASIdOrRange, (st), (val))
-# define sk_ASIdOrRange_find_ex(st, val) SKM_sk_find_ex(ASIdOrRange, (st), (val))
-# define sk_ASIdOrRange_delete(st, i) SKM_sk_delete(ASIdOrRange, (st), (i))
-# define sk_ASIdOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASIdOrRange, (st), (ptr))
-# define sk_ASIdOrRange_insert(st, val, i) SKM_sk_insert(ASIdOrRange, (st), (val), (i))
-# define sk_ASIdOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASIdOrRange, (st), (cmp))
-# define sk_ASIdOrRange_dup(st) SKM_sk_dup(ASIdOrRange, st)
-# define sk_ASIdOrRange_pop_free(st, free_func) SKM_sk_pop_free(ASIdOrRange, (st), (free_func))
-# define sk_ASIdOrRange_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASIdOrRange, (st), (copy_func), (free_func))
-# define sk_ASIdOrRange_shift(st) SKM_sk_shift(ASIdOrRange, (st))
-# define sk_ASIdOrRange_pop(st) SKM_sk_pop(ASIdOrRange, (st))
-# define sk_ASIdOrRange_sort(st) SKM_sk_sort(ASIdOrRange, (st))
-# define sk_ASIdOrRange_is_sorted(st) SKM_sk_is_sorted(ASIdOrRange, (st))
-# define sk_ASN1_GENERALSTRING_new(cmp) SKM_sk_new(ASN1_GENERALSTRING, (cmp))
-# define sk_ASN1_GENERALSTRING_new_null() SKM_sk_new_null(ASN1_GENERALSTRING)
-# define sk_ASN1_GENERALSTRING_free(st) SKM_sk_free(ASN1_GENERALSTRING, (st))
-# define sk_ASN1_GENERALSTRING_num(st) SKM_sk_num(ASN1_GENERALSTRING, (st))
-# define sk_ASN1_GENERALSTRING_value(st, i) SKM_sk_value(ASN1_GENERALSTRING, (st), (i))
-# define sk_ASN1_GENERALSTRING_set(st, i, val) SKM_sk_set(ASN1_GENERALSTRING, (st), (i), (val))
-# define sk_ASN1_GENERALSTRING_zero(st) SKM_sk_zero(ASN1_GENERALSTRING, (st))
-# define sk_ASN1_GENERALSTRING_push(st, val) SKM_sk_push(ASN1_GENERALSTRING, (st), (val))
-# define sk_ASN1_GENERALSTRING_unshift(st, val) SKM_sk_unshift(ASN1_GENERALSTRING, (st), (val))
-# define sk_ASN1_GENERALSTRING_find(st, val) SKM_sk_find(ASN1_GENERALSTRING, (st), (val))
-# define sk_ASN1_GENERALSTRING_find_ex(st, val) SKM_sk_find_ex(ASN1_GENERALSTRING, (st), (val))
-# define sk_ASN1_GENERALSTRING_delete(st, i) SKM_sk_delete(ASN1_GENERALSTRING, (st), (i))
-# define sk_ASN1_GENERALSTRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_GENERALSTRING, (st), (ptr))
-# define sk_ASN1_GENERALSTRING_insert(st, val, i) SKM_sk_insert(ASN1_GENERALSTRING, (st), (val), (i))
-# define sk_ASN1_GENERALSTRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_GENERALSTRING, (st), (cmp))
-# define sk_ASN1_GENERALSTRING_dup(st) SKM_sk_dup(ASN1_GENERALSTRING, st)
-# define sk_ASN1_GENERALSTRING_pop_free(st, free_func) SKM_sk_pop_free(ASN1_GENERALSTRING, (st), (free_func))
-# define sk_ASN1_GENERALSTRING_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_GENERALSTRING, (st), (copy_func), (free_func))
-# define sk_ASN1_GENERALSTRING_shift(st) SKM_sk_shift(ASN1_GENERALSTRING, (st))
-# define sk_ASN1_GENERALSTRING_pop(st) SKM_sk_pop(ASN1_GENERALSTRING, (st))
-# define sk_ASN1_GENERALSTRING_sort(st) SKM_sk_sort(ASN1_GENERALSTRING, (st))
-# define sk_ASN1_GENERALSTRING_is_sorted(st) SKM_sk_is_sorted(ASN1_GENERALSTRING, (st))
-# define sk_ASN1_INTEGER_new(cmp) SKM_sk_new(ASN1_INTEGER, (cmp))
-# define sk_ASN1_INTEGER_new_null() SKM_sk_new_null(ASN1_INTEGER)
-# define sk_ASN1_INTEGER_free(st) SKM_sk_free(ASN1_INTEGER, (st))
-# define sk_ASN1_INTEGER_num(st) SKM_sk_num(ASN1_INTEGER, (st))
-# define sk_ASN1_INTEGER_value(st, i) SKM_sk_value(ASN1_INTEGER, (st), (i))
-# define sk_ASN1_INTEGER_set(st, i, val) SKM_sk_set(ASN1_INTEGER, (st), (i), (val))
-# define sk_ASN1_INTEGER_zero(st) SKM_sk_zero(ASN1_INTEGER, (st))
-# define sk_ASN1_INTEGER_push(st, val) SKM_sk_push(ASN1_INTEGER, (st), (val))
-# define sk_ASN1_INTEGER_unshift(st, val) SKM_sk_unshift(ASN1_INTEGER, (st), (val))
-# define sk_ASN1_INTEGER_find(st, val) SKM_sk_find(ASN1_INTEGER, (st), (val))
-# define sk_ASN1_INTEGER_find_ex(st, val) SKM_sk_find_ex(ASN1_INTEGER, (st), (val))
-# define sk_ASN1_INTEGER_delete(st, i) SKM_sk_delete(ASN1_INTEGER, (st), (i))
-# define sk_ASN1_INTEGER_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_INTEGER, (st), (ptr))
-# define sk_ASN1_INTEGER_insert(st, val, i) SKM_sk_insert(ASN1_INTEGER, (st), (val), (i))
-# define sk_ASN1_INTEGER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_INTEGER, (st), (cmp))
-# define sk_ASN1_INTEGER_dup(st) SKM_sk_dup(ASN1_INTEGER, st)
-# define sk_ASN1_INTEGER_pop_free(st, free_func) SKM_sk_pop_free(ASN1_INTEGER, (st), (free_func))
-# define sk_ASN1_INTEGER_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_INTEGER, (st), (copy_func), (free_func))
-# define sk_ASN1_INTEGER_shift(st) SKM_sk_shift(ASN1_INTEGER, (st))
-# define sk_ASN1_INTEGER_pop(st) SKM_sk_pop(ASN1_INTEGER, (st))
-# define sk_ASN1_INTEGER_sort(st) SKM_sk_sort(ASN1_INTEGER, (st))
-# define sk_ASN1_INTEGER_is_sorted(st) SKM_sk_is_sorted(ASN1_INTEGER, (st))
-# define sk_ASN1_OBJECT_new(cmp) SKM_sk_new(ASN1_OBJECT, (cmp))
-# define sk_ASN1_OBJECT_new_null() SKM_sk_new_null(ASN1_OBJECT)
-# define sk_ASN1_OBJECT_free(st) SKM_sk_free(ASN1_OBJECT, (st))
-# define sk_ASN1_OBJECT_num(st) SKM_sk_num(ASN1_OBJECT, (st))
-# define sk_ASN1_OBJECT_value(st, i) SKM_sk_value(ASN1_OBJECT, (st), (i))
-# define sk_ASN1_OBJECT_set(st, i, val) SKM_sk_set(ASN1_OBJECT, (st), (i), (val))
-# define sk_ASN1_OBJECT_zero(st) SKM_sk_zero(ASN1_OBJECT, (st))
-# define sk_ASN1_OBJECT_push(st, val) SKM_sk_push(ASN1_OBJECT, (st), (val))
-# define sk_ASN1_OBJECT_unshift(st, val) SKM_sk_unshift(ASN1_OBJECT, (st), (val))
-# define sk_ASN1_OBJECT_find(st, val) SKM_sk_find(ASN1_OBJECT, (st), (val))
-# define sk_ASN1_OBJECT_find_ex(st, val) SKM_sk_find_ex(ASN1_OBJECT, (st), (val))
-# define sk_ASN1_OBJECT_delete(st, i) SKM_sk_delete(ASN1_OBJECT, (st), (i))
-# define sk_ASN1_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_OBJECT, (st), (ptr))
-# define sk_ASN1_OBJECT_insert(st, val, i) SKM_sk_insert(ASN1_OBJECT, (st), (val), (i))
-# define sk_ASN1_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_OBJECT, (st), (cmp))
-# define sk_ASN1_OBJECT_dup(st) SKM_sk_dup(ASN1_OBJECT, st)
-# define sk_ASN1_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(ASN1_OBJECT, (st), (free_func))
-# define sk_ASN1_OBJECT_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_OBJECT, (st), (copy_func), (free_func))
-# define sk_ASN1_OBJECT_shift(st) SKM_sk_shift(ASN1_OBJECT, (st))
-# define sk_ASN1_OBJECT_pop(st) SKM_sk_pop(ASN1_OBJECT, (st))
-# define sk_ASN1_OBJECT_sort(st) SKM_sk_sort(ASN1_OBJECT, (st))
-# define sk_ASN1_OBJECT_is_sorted(st) SKM_sk_is_sorted(ASN1_OBJECT, (st))
-# define sk_ASN1_STRING_TABLE_new(cmp) SKM_sk_new(ASN1_STRING_TABLE, (cmp))
-# define sk_ASN1_STRING_TABLE_new_null() SKM_sk_new_null(ASN1_STRING_TABLE)
-# define sk_ASN1_STRING_TABLE_free(st) SKM_sk_free(ASN1_STRING_TABLE, (st))
-# define sk_ASN1_STRING_TABLE_num(st) SKM_sk_num(ASN1_STRING_TABLE, (st))
-# define sk_ASN1_STRING_TABLE_value(st, i) SKM_sk_value(ASN1_STRING_TABLE, (st), (i))
-# define sk_ASN1_STRING_TABLE_set(st, i, val) SKM_sk_set(ASN1_STRING_TABLE, (st), (i), (val))
-# define sk_ASN1_STRING_TABLE_zero(st) SKM_sk_zero(ASN1_STRING_TABLE, (st))
-# define sk_ASN1_STRING_TABLE_push(st, val) SKM_sk_push(ASN1_STRING_TABLE, (st), (val))
-# define sk_ASN1_STRING_TABLE_unshift(st, val) SKM_sk_unshift(ASN1_STRING_TABLE, (st), (val))
-# define sk_ASN1_STRING_TABLE_find(st, val) SKM_sk_find(ASN1_STRING_TABLE, (st), (val))
-# define sk_ASN1_STRING_TABLE_find_ex(st, val) SKM_sk_find_ex(ASN1_STRING_TABLE, (st), (val))
-# define sk_ASN1_STRING_TABLE_delete(st, i) SKM_sk_delete(ASN1_STRING_TABLE, (st), (i))
-# define sk_ASN1_STRING_TABLE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_STRING_TABLE, (st), (ptr))
-# define sk_ASN1_STRING_TABLE_insert(st, val, i) SKM_sk_insert(ASN1_STRING_TABLE, (st), (val), (i))
-# define sk_ASN1_STRING_TABLE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_STRING_TABLE, (st), (cmp))
-# define sk_ASN1_STRING_TABLE_dup(st) SKM_sk_dup(ASN1_STRING_TABLE, st)
-# define sk_ASN1_STRING_TABLE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_STRING_TABLE, (st), (free_func))
-# define sk_ASN1_STRING_TABLE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_STRING_TABLE, (st), (copy_func), (free_func))
-# define sk_ASN1_STRING_TABLE_shift(st) SKM_sk_shift(ASN1_STRING_TABLE, (st))
-# define sk_ASN1_STRING_TABLE_pop(st) SKM_sk_pop(ASN1_STRING_TABLE, (st))
-# define sk_ASN1_STRING_TABLE_sort(st) SKM_sk_sort(ASN1_STRING_TABLE, (st))
-# define sk_ASN1_STRING_TABLE_is_sorted(st) SKM_sk_is_sorted(ASN1_STRING_TABLE, (st))
-# define sk_ASN1_TYPE_new(cmp) SKM_sk_new(ASN1_TYPE, (cmp))
-# define sk_ASN1_TYPE_new_null() SKM_sk_new_null(ASN1_TYPE)
-# define sk_ASN1_TYPE_free(st) SKM_sk_free(ASN1_TYPE, (st))
-# define sk_ASN1_TYPE_num(st) SKM_sk_num(ASN1_TYPE, (st))
-# define sk_ASN1_TYPE_value(st, i) SKM_sk_value(ASN1_TYPE, (st), (i))
-# define sk_ASN1_TYPE_set(st, i, val) SKM_sk_set(ASN1_TYPE, (st), (i), (val))
-# define sk_ASN1_TYPE_zero(st) SKM_sk_zero(ASN1_TYPE, (st))
-# define sk_ASN1_TYPE_push(st, val) SKM_sk_push(ASN1_TYPE, (st), (val))
-# define sk_ASN1_TYPE_unshift(st, val) SKM_sk_unshift(ASN1_TYPE, (st), (val))
-# define sk_ASN1_TYPE_find(st, val) SKM_sk_find(ASN1_TYPE, (st), (val))
-# define sk_ASN1_TYPE_find_ex(st, val) SKM_sk_find_ex(ASN1_TYPE, (st), (val))
-# define sk_ASN1_TYPE_delete(st, i) SKM_sk_delete(ASN1_TYPE, (st), (i))
-# define sk_ASN1_TYPE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_TYPE, (st), (ptr))
-# define sk_ASN1_TYPE_insert(st, val, i) SKM_sk_insert(ASN1_TYPE, (st), (val), (i))
-# define sk_ASN1_TYPE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_TYPE, (st), (cmp))
-# define sk_ASN1_TYPE_dup(st) SKM_sk_dup(ASN1_TYPE, st)
-# define sk_ASN1_TYPE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_TYPE, (st), (free_func))
-# define sk_ASN1_TYPE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_TYPE, (st), (copy_func), (free_func))
-# define sk_ASN1_TYPE_shift(st) SKM_sk_shift(ASN1_TYPE, (st))
-# define sk_ASN1_TYPE_pop(st) SKM_sk_pop(ASN1_TYPE, (st))
-# define sk_ASN1_TYPE_sort(st) SKM_sk_sort(ASN1_TYPE, (st))
-# define sk_ASN1_TYPE_is_sorted(st) SKM_sk_is_sorted(ASN1_TYPE, (st))
-# define sk_ASN1_UTF8STRING_new(cmp) SKM_sk_new(ASN1_UTF8STRING, (cmp))
-# define sk_ASN1_UTF8STRING_new_null() SKM_sk_new_null(ASN1_UTF8STRING)
-# define sk_ASN1_UTF8STRING_free(st) SKM_sk_free(ASN1_UTF8STRING, (st))
-# define sk_ASN1_UTF8STRING_num(st) SKM_sk_num(ASN1_UTF8STRING, (st))
-# define sk_ASN1_UTF8STRING_value(st, i) SKM_sk_value(ASN1_UTF8STRING, (st), (i))
-# define sk_ASN1_UTF8STRING_set(st, i, val) SKM_sk_set(ASN1_UTF8STRING, (st), (i), (val))
-# define sk_ASN1_UTF8STRING_zero(st) SKM_sk_zero(ASN1_UTF8STRING, (st))
-# define sk_ASN1_UTF8STRING_push(st, val) SKM_sk_push(ASN1_UTF8STRING, (st), (val))
-# define sk_ASN1_UTF8STRING_unshift(st, val) SKM_sk_unshift(ASN1_UTF8STRING, (st), (val))
-# define sk_ASN1_UTF8STRING_find(st, val) SKM_sk_find(ASN1_UTF8STRING, (st), (val))
-# define sk_ASN1_UTF8STRING_find_ex(st, val) SKM_sk_find_ex(ASN1_UTF8STRING, (st), (val))
-# define sk_ASN1_UTF8STRING_delete(st, i) SKM_sk_delete(ASN1_UTF8STRING, (st), (i))
-# define sk_ASN1_UTF8STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_UTF8STRING, (st), (ptr))
-# define sk_ASN1_UTF8STRING_insert(st, val, i) SKM_sk_insert(ASN1_UTF8STRING, (st), (val), (i))
-# define sk_ASN1_UTF8STRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_UTF8STRING, (st), (cmp))
-# define sk_ASN1_UTF8STRING_dup(st) SKM_sk_dup(ASN1_UTF8STRING, st)
-# define sk_ASN1_UTF8STRING_pop_free(st, free_func) SKM_sk_pop_free(ASN1_UTF8STRING, (st), (free_func))
-# define sk_ASN1_UTF8STRING_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_UTF8STRING, (st), (copy_func), (free_func))
-# define sk_ASN1_UTF8STRING_shift(st) SKM_sk_shift(ASN1_UTF8STRING, (st))
-# define sk_ASN1_UTF8STRING_pop(st) SKM_sk_pop(ASN1_UTF8STRING, (st))
-# define sk_ASN1_UTF8STRING_sort(st) SKM_sk_sort(ASN1_UTF8STRING, (st))
-# define sk_ASN1_UTF8STRING_is_sorted(st) SKM_sk_is_sorted(ASN1_UTF8STRING, (st))
-# define sk_ASN1_VALUE_new(cmp) SKM_sk_new(ASN1_VALUE, (cmp))
-# define sk_ASN1_VALUE_new_null() SKM_sk_new_null(ASN1_VALUE)
-# define sk_ASN1_VALUE_free(st) SKM_sk_free(ASN1_VALUE, (st))
-# define sk_ASN1_VALUE_num(st) SKM_sk_num(ASN1_VALUE, (st))
-# define sk_ASN1_VALUE_value(st, i) SKM_sk_value(ASN1_VALUE, (st), (i))
-# define sk_ASN1_VALUE_set(st, i, val) SKM_sk_set(ASN1_VALUE, (st), (i), (val))
-# define sk_ASN1_VALUE_zero(st) SKM_sk_zero(ASN1_VALUE, (st))
-# define sk_ASN1_VALUE_push(st, val) SKM_sk_push(ASN1_VALUE, (st), (val))
-# define sk_ASN1_VALUE_unshift(st, val) SKM_sk_unshift(ASN1_VALUE, (st), (val))
-# define sk_ASN1_VALUE_find(st, val) SKM_sk_find(ASN1_VALUE, (st), (val))
-# define sk_ASN1_VALUE_find_ex(st, val) SKM_sk_find_ex(ASN1_VALUE, (st), (val))
-# define sk_ASN1_VALUE_delete(st, i) SKM_sk_delete(ASN1_VALUE, (st), (i))
-# define sk_ASN1_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_VALUE, (st), (ptr))
-# define sk_ASN1_VALUE_insert(st, val, i) SKM_sk_insert(ASN1_VALUE, (st), (val), (i))
-# define sk_ASN1_VALUE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_VALUE, (st), (cmp))
-# define sk_ASN1_VALUE_dup(st) SKM_sk_dup(ASN1_VALUE, st)
-# define sk_ASN1_VALUE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_VALUE, (st), (free_func))
-# define sk_ASN1_VALUE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_VALUE, (st), (copy_func), (free_func))
-# define sk_ASN1_VALUE_shift(st) SKM_sk_shift(ASN1_VALUE, (st))
-# define sk_ASN1_VALUE_pop(st) SKM_sk_pop(ASN1_VALUE, (st))
-# define sk_ASN1_VALUE_sort(st) SKM_sk_sort(ASN1_VALUE, (st))
-# define sk_ASN1_VALUE_is_sorted(st) SKM_sk_is_sorted(ASN1_VALUE, (st))
-# define sk_BIO_new(cmp) SKM_sk_new(BIO, (cmp))
-# define sk_BIO_new_null() SKM_sk_new_null(BIO)
-# define sk_BIO_free(st) SKM_sk_free(BIO, (st))
-# define sk_BIO_num(st) SKM_sk_num(BIO, (st))
-# define sk_BIO_value(st, i) SKM_sk_value(BIO, (st), (i))
-# define sk_BIO_set(st, i, val) SKM_sk_set(BIO, (st), (i), (val))
-# define sk_BIO_zero(st) SKM_sk_zero(BIO, (st))
-# define sk_BIO_push(st, val) SKM_sk_push(BIO, (st), (val))
-# define sk_BIO_unshift(st, val) SKM_sk_unshift(BIO, (st), (val))
-# define sk_BIO_find(st, val) SKM_sk_find(BIO, (st), (val))
-# define sk_BIO_find_ex(st, val) SKM_sk_find_ex(BIO, (st), (val))
-# define sk_BIO_delete(st, i) SKM_sk_delete(BIO, (st), (i))
-# define sk_BIO_delete_ptr(st, ptr) SKM_sk_delete_ptr(BIO, (st), (ptr))
-# define sk_BIO_insert(st, val, i) SKM_sk_insert(BIO, (st), (val), (i))
-# define sk_BIO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BIO, (st), (cmp))
-# define sk_BIO_dup(st) SKM_sk_dup(BIO, st)
-# define sk_BIO_pop_free(st, free_func) SKM_sk_pop_free(BIO, (st), (free_func))
-# define sk_BIO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(BIO, (st), (copy_func), (free_func))
-# define sk_BIO_shift(st) SKM_sk_shift(BIO, (st))
-# define sk_BIO_pop(st) SKM_sk_pop(BIO, (st))
-# define sk_BIO_sort(st) SKM_sk_sort(BIO, (st))
-# define sk_BIO_is_sorted(st) SKM_sk_is_sorted(BIO, (st))
-# define sk_BY_DIR_ENTRY_new(cmp) SKM_sk_new(BY_DIR_ENTRY, (cmp))
-# define sk_BY_DIR_ENTRY_new_null() SKM_sk_new_null(BY_DIR_ENTRY)
-# define sk_BY_DIR_ENTRY_free(st) SKM_sk_free(BY_DIR_ENTRY, (st))
-# define sk_BY_DIR_ENTRY_num(st) SKM_sk_num(BY_DIR_ENTRY, (st))
-# define sk_BY_DIR_ENTRY_value(st, i) SKM_sk_value(BY_DIR_ENTRY, (st), (i))
-# define sk_BY_DIR_ENTRY_set(st, i, val) SKM_sk_set(BY_DIR_ENTRY, (st), (i), (val))
-# define sk_BY_DIR_ENTRY_zero(st) SKM_sk_zero(BY_DIR_ENTRY, (st))
-# define sk_BY_DIR_ENTRY_push(st, val) SKM_sk_push(BY_DIR_ENTRY, (st), (val))
-# define sk_BY_DIR_ENTRY_unshift(st, val) SKM_sk_unshift(BY_DIR_ENTRY, (st), (val))
-# define sk_BY_DIR_ENTRY_find(st, val) SKM_sk_find(BY_DIR_ENTRY, (st), (val))
-# define sk_BY_DIR_ENTRY_find_ex(st, val) SKM_sk_find_ex(BY_DIR_ENTRY, (st), (val))
-# define sk_BY_DIR_ENTRY_delete(st, i) SKM_sk_delete(BY_DIR_ENTRY, (st), (i))
-# define sk_BY_DIR_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(BY_DIR_ENTRY, (st), (ptr))
-# define sk_BY_DIR_ENTRY_insert(st, val, i) SKM_sk_insert(BY_DIR_ENTRY, (st), (val), (i))
-# define sk_BY_DIR_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BY_DIR_ENTRY, (st), (cmp))
-# define sk_BY_DIR_ENTRY_dup(st) SKM_sk_dup(BY_DIR_ENTRY, st)
-# define sk_BY_DIR_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(BY_DIR_ENTRY, (st), (free_func))
-# define sk_BY_DIR_ENTRY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(BY_DIR_ENTRY, (st), (copy_func), (free_func))
-# define sk_BY_DIR_ENTRY_shift(st) SKM_sk_shift(BY_DIR_ENTRY, (st))
-# define sk_BY_DIR_ENTRY_pop(st) SKM_sk_pop(BY_DIR_ENTRY, (st))
-# define sk_BY_DIR_ENTRY_sort(st) SKM_sk_sort(BY_DIR_ENTRY, (st))
-# define sk_BY_DIR_ENTRY_is_sorted(st) SKM_sk_is_sorted(BY_DIR_ENTRY, (st))
-# define sk_BY_DIR_HASH_new(cmp) SKM_sk_new(BY_DIR_HASH, (cmp))
-# define sk_BY_DIR_HASH_new_null() SKM_sk_new_null(BY_DIR_HASH)
-# define sk_BY_DIR_HASH_free(st) SKM_sk_free(BY_DIR_HASH, (st))
-# define sk_BY_DIR_HASH_num(st) SKM_sk_num(BY_DIR_HASH, (st))
-# define sk_BY_DIR_HASH_value(st, i) SKM_sk_value(BY_DIR_HASH, (st), (i))
-# define sk_BY_DIR_HASH_set(st, i, val) SKM_sk_set(BY_DIR_HASH, (st), (i), (val))
-# define sk_BY_DIR_HASH_zero(st) SKM_sk_zero(BY_DIR_HASH, (st))
-# define sk_BY_DIR_HASH_push(st, val) SKM_sk_push(BY_DIR_HASH, (st), (val))
-# define sk_BY_DIR_HASH_unshift(st, val) SKM_sk_unshift(BY_DIR_HASH, (st), (val))
-# define sk_BY_DIR_HASH_find(st, val) SKM_sk_find(BY_DIR_HASH, (st), (val))
-# define sk_BY_DIR_HASH_find_ex(st, val) SKM_sk_find_ex(BY_DIR_HASH, (st), (val))
-# define sk_BY_DIR_HASH_delete(st, i) SKM_sk_delete(BY_DIR_HASH, (st), (i))
-# define sk_BY_DIR_HASH_delete_ptr(st, ptr) SKM_sk_delete_ptr(BY_DIR_HASH, (st), (ptr))
-# define sk_BY_DIR_HASH_insert(st, val, i) SKM_sk_insert(BY_DIR_HASH, (st), (val), (i))
-# define sk_BY_DIR_HASH_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BY_DIR_HASH, (st), (cmp))
-# define sk_BY_DIR_HASH_dup(st) SKM_sk_dup(BY_DIR_HASH, st)
-# define sk_BY_DIR_HASH_pop_free(st, free_func) SKM_sk_pop_free(BY_DIR_HASH, (st), (free_func))
-# define sk_BY_DIR_HASH_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(BY_DIR_HASH, (st), (copy_func), (free_func))
-# define sk_BY_DIR_HASH_shift(st) SKM_sk_shift(BY_DIR_HASH, (st))
-# define sk_BY_DIR_HASH_pop(st) SKM_sk_pop(BY_DIR_HASH, (st))
-# define sk_BY_DIR_HASH_sort(st) SKM_sk_sort(BY_DIR_HASH, (st))
-# define sk_BY_DIR_HASH_is_sorted(st) SKM_sk_is_sorted(BY_DIR_HASH, (st))
-# define sk_CMS_CertificateChoices_new(cmp) SKM_sk_new(CMS_CertificateChoices, (cmp))
-# define sk_CMS_CertificateChoices_new_null() SKM_sk_new_null(CMS_CertificateChoices)
-# define sk_CMS_CertificateChoices_free(st) SKM_sk_free(CMS_CertificateChoices, (st))
-# define sk_CMS_CertificateChoices_num(st) SKM_sk_num(CMS_CertificateChoices, (st))
-# define sk_CMS_CertificateChoices_value(st, i) SKM_sk_value(CMS_CertificateChoices, (st), (i))
-# define sk_CMS_CertificateChoices_set(st, i, val) SKM_sk_set(CMS_CertificateChoices, (st), (i), (val))
-# define sk_CMS_CertificateChoices_zero(st) SKM_sk_zero(CMS_CertificateChoices, (st))
-# define sk_CMS_CertificateChoices_push(st, val) SKM_sk_push(CMS_CertificateChoices, (st), (val))
-# define sk_CMS_CertificateChoices_unshift(st, val) SKM_sk_unshift(CMS_CertificateChoices, (st), (val))
-# define sk_CMS_CertificateChoices_find(st, val) SKM_sk_find(CMS_CertificateChoices, (st), (val))
-# define sk_CMS_CertificateChoices_find_ex(st, val) SKM_sk_find_ex(CMS_CertificateChoices, (st), (val))
-# define sk_CMS_CertificateChoices_delete(st, i) SKM_sk_delete(CMS_CertificateChoices, (st), (i))
-# define sk_CMS_CertificateChoices_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_CertificateChoices, (st), (ptr))
-# define sk_CMS_CertificateChoices_insert(st, val, i) SKM_sk_insert(CMS_CertificateChoices, (st), (val), (i))
-# define sk_CMS_CertificateChoices_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_CertificateChoices, (st), (cmp))
-# define sk_CMS_CertificateChoices_dup(st) SKM_sk_dup(CMS_CertificateChoices, st)
-# define sk_CMS_CertificateChoices_pop_free(st, free_func) SKM_sk_pop_free(CMS_CertificateChoices, (st), (free_func))
-# define sk_CMS_CertificateChoices_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CMS_CertificateChoices, (st), (copy_func), (free_func))
-# define sk_CMS_CertificateChoices_shift(st) SKM_sk_shift(CMS_CertificateChoices, (st))
-# define sk_CMS_CertificateChoices_pop(st) SKM_sk_pop(CMS_CertificateChoices, (st))
-# define sk_CMS_CertificateChoices_sort(st) SKM_sk_sort(CMS_CertificateChoices, (st))
-# define sk_CMS_CertificateChoices_is_sorted(st) SKM_sk_is_sorted(CMS_CertificateChoices, (st))
-# define sk_CMS_RecipientEncryptedKey_new(cmp) SKM_sk_new(CMS_RecipientEncryptedKey, (cmp))
-# define sk_CMS_RecipientEncryptedKey_new_null() SKM_sk_new_null(CMS_RecipientEncryptedKey)
-# define sk_CMS_RecipientEncryptedKey_free(st) SKM_sk_free(CMS_RecipientEncryptedKey, (st))
-# define sk_CMS_RecipientEncryptedKey_num(st) SKM_sk_num(CMS_RecipientEncryptedKey, (st))
-# define sk_CMS_RecipientEncryptedKey_value(st, i) SKM_sk_value(CMS_RecipientEncryptedKey, (st), (i))
-# define sk_CMS_RecipientEncryptedKey_set(st, i, val) SKM_sk_set(CMS_RecipientEncryptedKey, (st), (i), (val))
-# define sk_CMS_RecipientEncryptedKey_zero(st) SKM_sk_zero(CMS_RecipientEncryptedKey, (st))
-# define sk_CMS_RecipientEncryptedKey_push(st, val) SKM_sk_push(CMS_RecipientEncryptedKey, (st), (val))
-# define sk_CMS_RecipientEncryptedKey_unshift(st, val) SKM_sk_unshift(CMS_RecipientEncryptedKey, (st), (val))
-# define sk_CMS_RecipientEncryptedKey_find(st, val) SKM_sk_find(CMS_RecipientEncryptedKey, (st), (val))
-# define sk_CMS_RecipientEncryptedKey_find_ex(st, val) SKM_sk_find_ex(CMS_RecipientEncryptedKey, (st), (val))
-# define sk_CMS_RecipientEncryptedKey_delete(st, i) SKM_sk_delete(CMS_RecipientEncryptedKey, (st), (i))
-# define sk_CMS_RecipientEncryptedKey_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RecipientEncryptedKey, (st), (ptr))
-# define sk_CMS_RecipientEncryptedKey_insert(st, val, i) SKM_sk_insert(CMS_RecipientEncryptedKey, (st), (val), (i))
-# define sk_CMS_RecipientEncryptedKey_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RecipientEncryptedKey, (st), (cmp))
-# define sk_CMS_RecipientEncryptedKey_dup(st) SKM_sk_dup(CMS_RecipientEncryptedKey, st)
-# define sk_CMS_RecipientEncryptedKey_pop_free(st, free_func) SKM_sk_pop_free(CMS_RecipientEncryptedKey, (st), (free_func))
-# define sk_CMS_RecipientEncryptedKey_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CMS_RecipientEncryptedKey, (st), (copy_func), (free_func))
-# define sk_CMS_RecipientEncryptedKey_shift(st) SKM_sk_shift(CMS_RecipientEncryptedKey, (st))
-# define sk_CMS_RecipientEncryptedKey_pop(st) SKM_sk_pop(CMS_RecipientEncryptedKey, (st))
-# define sk_CMS_RecipientEncryptedKey_sort(st) SKM_sk_sort(CMS_RecipientEncryptedKey, (st))
-# define sk_CMS_RecipientEncryptedKey_is_sorted(st) SKM_sk_is_sorted(CMS_RecipientEncryptedKey, (st))
-# define sk_CMS_RecipientInfo_new(cmp) SKM_sk_new(CMS_RecipientInfo, (cmp))
-# define sk_CMS_RecipientInfo_new_null() SKM_sk_new_null(CMS_RecipientInfo)
-# define sk_CMS_RecipientInfo_free(st) SKM_sk_free(CMS_RecipientInfo, (st))
-# define sk_CMS_RecipientInfo_num(st) SKM_sk_num(CMS_RecipientInfo, (st))
-# define sk_CMS_RecipientInfo_value(st, i) SKM_sk_value(CMS_RecipientInfo, (st), (i))
-# define sk_CMS_RecipientInfo_set(st, i, val) SKM_sk_set(CMS_RecipientInfo, (st), (i), (val))
-# define sk_CMS_RecipientInfo_zero(st) SKM_sk_zero(CMS_RecipientInfo, (st))
-# define sk_CMS_RecipientInfo_push(st, val) SKM_sk_push(CMS_RecipientInfo, (st), (val))
-# define sk_CMS_RecipientInfo_unshift(st, val) SKM_sk_unshift(CMS_RecipientInfo, (st), (val))
-# define sk_CMS_RecipientInfo_find(st, val) SKM_sk_find(CMS_RecipientInfo, (st), (val))
-# define sk_CMS_RecipientInfo_find_ex(st, val) SKM_sk_find_ex(CMS_RecipientInfo, (st), (val))
-# define sk_CMS_RecipientInfo_delete(st, i) SKM_sk_delete(CMS_RecipientInfo, (st), (i))
-# define sk_CMS_RecipientInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RecipientInfo, (st), (ptr))
-# define sk_CMS_RecipientInfo_insert(st, val, i) SKM_sk_insert(CMS_RecipientInfo, (st), (val), (i))
-# define sk_CMS_RecipientInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RecipientInfo, (st), (cmp))
-# define sk_CMS_RecipientInfo_dup(st) SKM_sk_dup(CMS_RecipientInfo, st)
-# define sk_CMS_RecipientInfo_pop_free(st, free_func) SKM_sk_pop_free(CMS_RecipientInfo, (st), (free_func))
-# define sk_CMS_RecipientInfo_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CMS_RecipientInfo, (st), (copy_func), (free_func))
-# define sk_CMS_RecipientInfo_shift(st) SKM_sk_shift(CMS_RecipientInfo, (st))
-# define sk_CMS_RecipientInfo_pop(st) SKM_sk_pop(CMS_RecipientInfo, (st))
-# define sk_CMS_RecipientInfo_sort(st) SKM_sk_sort(CMS_RecipientInfo, (st))
-# define sk_CMS_RecipientInfo_is_sorted(st) SKM_sk_is_sorted(CMS_RecipientInfo, (st))
-# define sk_CMS_RevocationInfoChoice_new(cmp) SKM_sk_new(CMS_RevocationInfoChoice, (cmp))
-# define sk_CMS_RevocationInfoChoice_new_null() SKM_sk_new_null(CMS_RevocationInfoChoice)
-# define sk_CMS_RevocationInfoChoice_free(st) SKM_sk_free(CMS_RevocationInfoChoice, (st))
-# define sk_CMS_RevocationInfoChoice_num(st) SKM_sk_num(CMS_RevocationInfoChoice, (st))
-# define sk_CMS_RevocationInfoChoice_value(st, i) SKM_sk_value(CMS_RevocationInfoChoice, (st), (i))
-# define sk_CMS_RevocationInfoChoice_set(st, i, val) SKM_sk_set(CMS_RevocationInfoChoice, (st), (i), (val))
-# define sk_CMS_RevocationInfoChoice_zero(st) SKM_sk_zero(CMS_RevocationInfoChoice, (st))
-# define sk_CMS_RevocationInfoChoice_push(st, val) SKM_sk_push(CMS_RevocationInfoChoice, (st), (val))
-# define sk_CMS_RevocationInfoChoice_unshift(st, val) SKM_sk_unshift(CMS_RevocationInfoChoice, (st), (val))
-# define sk_CMS_RevocationInfoChoice_find(st, val) SKM_sk_find(CMS_RevocationInfoChoice, (st), (val))
-# define sk_CMS_RevocationInfoChoice_find_ex(st, val) SKM_sk_find_ex(CMS_RevocationInfoChoice, (st), (val))
-# define sk_CMS_RevocationInfoChoice_delete(st, i) SKM_sk_delete(CMS_RevocationInfoChoice, (st), (i))
-# define sk_CMS_RevocationInfoChoice_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RevocationInfoChoice, (st), (ptr))
-# define sk_CMS_RevocationInfoChoice_insert(st, val, i) SKM_sk_insert(CMS_RevocationInfoChoice, (st), (val), (i))
-# define sk_CMS_RevocationInfoChoice_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RevocationInfoChoice, (st), (cmp))
-# define sk_CMS_RevocationInfoChoice_dup(st) SKM_sk_dup(CMS_RevocationInfoChoice, st)
-# define sk_CMS_RevocationInfoChoice_pop_free(st, free_func) SKM_sk_pop_free(CMS_RevocationInfoChoice, (st), (free_func))
-# define sk_CMS_RevocationInfoChoice_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CMS_RevocationInfoChoice, (st), (copy_func), (free_func))
-# define sk_CMS_RevocationInfoChoice_shift(st) SKM_sk_shift(CMS_RevocationInfoChoice, (st))
-# define sk_CMS_RevocationInfoChoice_pop(st) SKM_sk_pop(CMS_RevocationInfoChoice, (st))
-# define sk_CMS_RevocationInfoChoice_sort(st) SKM_sk_sort(CMS_RevocationInfoChoice, (st))
-# define sk_CMS_RevocationInfoChoice_is_sorted(st) SKM_sk_is_sorted(CMS_RevocationInfoChoice, (st))
-# define sk_CMS_SignerInfo_new(cmp) SKM_sk_new(CMS_SignerInfo, (cmp))
-# define sk_CMS_SignerInfo_new_null() SKM_sk_new_null(CMS_SignerInfo)
-# define sk_CMS_SignerInfo_free(st) SKM_sk_free(CMS_SignerInfo, (st))
-# define sk_CMS_SignerInfo_num(st) SKM_sk_num(CMS_SignerInfo, (st))
-# define sk_CMS_SignerInfo_value(st, i) SKM_sk_value(CMS_SignerInfo, (st), (i))
-# define sk_CMS_SignerInfo_set(st, i, val) SKM_sk_set(CMS_SignerInfo, (st), (i), (val))
-# define sk_CMS_SignerInfo_zero(st) SKM_sk_zero(CMS_SignerInfo, (st))
-# define sk_CMS_SignerInfo_push(st, val) SKM_sk_push(CMS_SignerInfo, (st), (val))
-# define sk_CMS_SignerInfo_unshift(st, val) SKM_sk_unshift(CMS_SignerInfo, (st), (val))
-# define sk_CMS_SignerInfo_find(st, val) SKM_sk_find(CMS_SignerInfo, (st), (val))
-# define sk_CMS_SignerInfo_find_ex(st, val) SKM_sk_find_ex(CMS_SignerInfo, (st), (val))
-# define sk_CMS_SignerInfo_delete(st, i) SKM_sk_delete(CMS_SignerInfo, (st), (i))
-# define sk_CMS_SignerInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_SignerInfo, (st), (ptr))
-# define sk_CMS_SignerInfo_insert(st, val, i) SKM_sk_insert(CMS_SignerInfo, (st), (val), (i))
-# define sk_CMS_SignerInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_SignerInfo, (st), (cmp))
-# define sk_CMS_SignerInfo_dup(st) SKM_sk_dup(CMS_SignerInfo, st)
-# define sk_CMS_SignerInfo_pop_free(st, free_func) SKM_sk_pop_free(CMS_SignerInfo, (st), (free_func))
-# define sk_CMS_SignerInfo_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CMS_SignerInfo, (st), (copy_func), (free_func))
-# define sk_CMS_SignerInfo_shift(st) SKM_sk_shift(CMS_SignerInfo, (st))
-# define sk_CMS_SignerInfo_pop(st) SKM_sk_pop(CMS_SignerInfo, (st))
-# define sk_CMS_SignerInfo_sort(st) SKM_sk_sort(CMS_SignerInfo, (st))
-# define sk_CMS_SignerInfo_is_sorted(st) SKM_sk_is_sorted(CMS_SignerInfo, (st))
-# define sk_CONF_IMODULE_new(cmp) SKM_sk_new(CONF_IMODULE, (cmp))
-# define sk_CONF_IMODULE_new_null() SKM_sk_new_null(CONF_IMODULE)
-# define sk_CONF_IMODULE_free(st) SKM_sk_free(CONF_IMODULE, (st))
-# define sk_CONF_IMODULE_num(st) SKM_sk_num(CONF_IMODULE, (st))
-# define sk_CONF_IMODULE_value(st, i) SKM_sk_value(CONF_IMODULE, (st), (i))
-# define sk_CONF_IMODULE_set(st, i, val) SKM_sk_set(CONF_IMODULE, (st), (i), (val))
-# define sk_CONF_IMODULE_zero(st) SKM_sk_zero(CONF_IMODULE, (st))
-# define sk_CONF_IMODULE_push(st, val) SKM_sk_push(CONF_IMODULE, (st), (val))
-# define sk_CONF_IMODULE_unshift(st, val) SKM_sk_unshift(CONF_IMODULE, (st), (val))
-# define sk_CONF_IMODULE_find(st, val) SKM_sk_find(CONF_IMODULE, (st), (val))
-# define sk_CONF_IMODULE_find_ex(st, val) SKM_sk_find_ex(CONF_IMODULE, (st), (val))
-# define sk_CONF_IMODULE_delete(st, i) SKM_sk_delete(CONF_IMODULE, (st), (i))
-# define sk_CONF_IMODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_IMODULE, (st), (ptr))
-# define sk_CONF_IMODULE_insert(st, val, i) SKM_sk_insert(CONF_IMODULE, (st), (val), (i))
-# define sk_CONF_IMODULE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_IMODULE, (st), (cmp))
-# define sk_CONF_IMODULE_dup(st) SKM_sk_dup(CONF_IMODULE, st)
-# define sk_CONF_IMODULE_pop_free(st, free_func) SKM_sk_pop_free(CONF_IMODULE, (st), (free_func))
-# define sk_CONF_IMODULE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CONF_IMODULE, (st), (copy_func), (free_func))
-# define sk_CONF_IMODULE_shift(st) SKM_sk_shift(CONF_IMODULE, (st))
-# define sk_CONF_IMODULE_pop(st) SKM_sk_pop(CONF_IMODULE, (st))
-# define sk_CONF_IMODULE_sort(st) SKM_sk_sort(CONF_IMODULE, (st))
-# define sk_CONF_IMODULE_is_sorted(st) SKM_sk_is_sorted(CONF_IMODULE, (st))
-# define sk_CONF_MODULE_new(cmp) SKM_sk_new(CONF_MODULE, (cmp))
-# define sk_CONF_MODULE_new_null() SKM_sk_new_null(CONF_MODULE)
-# define sk_CONF_MODULE_free(st) SKM_sk_free(CONF_MODULE, (st))
-# define sk_CONF_MODULE_num(st) SKM_sk_num(CONF_MODULE, (st))
-# define sk_CONF_MODULE_value(st, i) SKM_sk_value(CONF_MODULE, (st), (i))
-# define sk_CONF_MODULE_set(st, i, val) SKM_sk_set(CONF_MODULE, (st), (i), (val))
-# define sk_CONF_MODULE_zero(st) SKM_sk_zero(CONF_MODULE, (st))
-# define sk_CONF_MODULE_push(st, val) SKM_sk_push(CONF_MODULE, (st), (val))
-# define sk_CONF_MODULE_unshift(st, val) SKM_sk_unshift(CONF_MODULE, (st), (val))
-# define sk_CONF_MODULE_find(st, val) SKM_sk_find(CONF_MODULE, (st), (val))
-# define sk_CONF_MODULE_find_ex(st, val) SKM_sk_find_ex(CONF_MODULE, (st), (val))
-# define sk_CONF_MODULE_delete(st, i) SKM_sk_delete(CONF_MODULE, (st), (i))
-# define sk_CONF_MODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_MODULE, (st), (ptr))
-# define sk_CONF_MODULE_insert(st, val, i) SKM_sk_insert(CONF_MODULE, (st), (val), (i))
-# define sk_CONF_MODULE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_MODULE, (st), (cmp))
-# define sk_CONF_MODULE_dup(st) SKM_sk_dup(CONF_MODULE, st)
-# define sk_CONF_MODULE_pop_free(st, free_func) SKM_sk_pop_free(CONF_MODULE, (st), (free_func))
-# define sk_CONF_MODULE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CONF_MODULE, (st), (copy_func), (free_func))
-# define sk_CONF_MODULE_shift(st) SKM_sk_shift(CONF_MODULE, (st))
-# define sk_CONF_MODULE_pop(st) SKM_sk_pop(CONF_MODULE, (st))
-# define sk_CONF_MODULE_sort(st) SKM_sk_sort(CONF_MODULE, (st))
-# define sk_CONF_MODULE_is_sorted(st) SKM_sk_is_sorted(CONF_MODULE, (st))
-# define sk_CONF_VALUE_new(cmp) SKM_sk_new(CONF_VALUE, (cmp))
-# define sk_CONF_VALUE_new_null() SKM_sk_new_null(CONF_VALUE)
-# define sk_CONF_VALUE_free(st) SKM_sk_free(CONF_VALUE, (st))
-# define sk_CONF_VALUE_num(st) SKM_sk_num(CONF_VALUE, (st))
-# define sk_CONF_VALUE_value(st, i) SKM_sk_value(CONF_VALUE, (st), (i))
-# define sk_CONF_VALUE_set(st, i, val) SKM_sk_set(CONF_VALUE, (st), (i), (val))
-# define sk_CONF_VALUE_zero(st) SKM_sk_zero(CONF_VALUE, (st))
-# define sk_CONF_VALUE_push(st, val) SKM_sk_push(CONF_VALUE, (st), (val))
-# define sk_CONF_VALUE_unshift(st, val) SKM_sk_unshift(CONF_VALUE, (st), (val))
-# define sk_CONF_VALUE_find(st, val) SKM_sk_find(CONF_VALUE, (st), (val))
-# define sk_CONF_VALUE_find_ex(st, val) SKM_sk_find_ex(CONF_VALUE, (st), (val))
-# define sk_CONF_VALUE_delete(st, i) SKM_sk_delete(CONF_VALUE, (st), (i))
-# define sk_CONF_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_VALUE, (st), (ptr))
-# define sk_CONF_VALUE_insert(st, val, i) SKM_sk_insert(CONF_VALUE, (st), (val), (i))
-# define sk_CONF_VALUE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_VALUE, (st), (cmp))
-# define sk_CONF_VALUE_dup(st) SKM_sk_dup(CONF_VALUE, st)
-# define sk_CONF_VALUE_pop_free(st, free_func) SKM_sk_pop_free(CONF_VALUE, (st), (free_func))
-# define sk_CONF_VALUE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CONF_VALUE, (st), (copy_func), (free_func))
-# define sk_CONF_VALUE_shift(st) SKM_sk_shift(CONF_VALUE, (st))
-# define sk_CONF_VALUE_pop(st) SKM_sk_pop(CONF_VALUE, (st))
-# define sk_CONF_VALUE_sort(st) SKM_sk_sort(CONF_VALUE, (st))
-# define sk_CONF_VALUE_is_sorted(st) SKM_sk_is_sorted(CONF_VALUE, (st))
-# define sk_CRYPTO_EX_DATA_FUNCS_new(cmp) SKM_sk_new(CRYPTO_EX_DATA_FUNCS, (cmp))
-# define sk_CRYPTO_EX_DATA_FUNCS_new_null() SKM_sk_new_null(CRYPTO_EX_DATA_FUNCS)
-# define sk_CRYPTO_EX_DATA_FUNCS_free(st) SKM_sk_free(CRYPTO_EX_DATA_FUNCS, (st))
-# define sk_CRYPTO_EX_DATA_FUNCS_num(st) SKM_sk_num(CRYPTO_EX_DATA_FUNCS, (st))
-# define sk_CRYPTO_EX_DATA_FUNCS_value(st, i) SKM_sk_value(CRYPTO_EX_DATA_FUNCS, (st), (i))
-# define sk_CRYPTO_EX_DATA_FUNCS_set(st, i, val) SKM_sk_set(CRYPTO_EX_DATA_FUNCS, (st), (i), (val))
-# define sk_CRYPTO_EX_DATA_FUNCS_zero(st) SKM_sk_zero(CRYPTO_EX_DATA_FUNCS, (st))
-# define sk_CRYPTO_EX_DATA_FUNCS_push(st, val) SKM_sk_push(CRYPTO_EX_DATA_FUNCS, (st), (val))
-# define sk_CRYPTO_EX_DATA_FUNCS_unshift(st, val) SKM_sk_unshift(CRYPTO_EX_DATA_FUNCS, (st), (val))
-# define sk_CRYPTO_EX_DATA_FUNCS_find(st, val) SKM_sk_find(CRYPTO_EX_DATA_FUNCS, (st), (val))
-# define sk_CRYPTO_EX_DATA_FUNCS_find_ex(st, val) SKM_sk_find_ex(CRYPTO_EX_DATA_FUNCS, (st), (val))
-# define sk_CRYPTO_EX_DATA_FUNCS_delete(st, i) SKM_sk_delete(CRYPTO_EX_DATA_FUNCS, (st), (i))
-# define sk_CRYPTO_EX_DATA_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_EX_DATA_FUNCS, (st), (ptr))
-# define sk_CRYPTO_EX_DATA_FUNCS_insert(st, val, i) SKM_sk_insert(CRYPTO_EX_DATA_FUNCS, (st), (val), (i))
-# define sk_CRYPTO_EX_DATA_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_EX_DATA_FUNCS, (st), (cmp))
-# define sk_CRYPTO_EX_DATA_FUNCS_dup(st) SKM_sk_dup(CRYPTO_EX_DATA_FUNCS, st)
-# define sk_CRYPTO_EX_DATA_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_EX_DATA_FUNCS, (st), (free_func))
-# define sk_CRYPTO_EX_DATA_FUNCS_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CRYPTO_EX_DATA_FUNCS, (st), (copy_func), (free_func))
-# define sk_CRYPTO_EX_DATA_FUNCS_shift(st) SKM_sk_shift(CRYPTO_EX_DATA_FUNCS, (st))
-# define sk_CRYPTO_EX_DATA_FUNCS_pop(st) SKM_sk_pop(CRYPTO_EX_DATA_FUNCS, (st))
-# define sk_CRYPTO_EX_DATA_FUNCS_sort(st) SKM_sk_sort(CRYPTO_EX_DATA_FUNCS, (st))
-# define sk_CRYPTO_EX_DATA_FUNCS_is_sorted(st) SKM_sk_is_sorted(CRYPTO_EX_DATA_FUNCS, (st))
-# define sk_CRYPTO_dynlock_new(cmp) SKM_sk_new(CRYPTO_dynlock, (cmp))
-# define sk_CRYPTO_dynlock_new_null() SKM_sk_new_null(CRYPTO_dynlock)
-# define sk_CRYPTO_dynlock_free(st) SKM_sk_free(CRYPTO_dynlock, (st))
-# define sk_CRYPTO_dynlock_num(st) SKM_sk_num(CRYPTO_dynlock, (st))
-# define sk_CRYPTO_dynlock_value(st, i) SKM_sk_value(CRYPTO_dynlock, (st), (i))
-# define sk_CRYPTO_dynlock_set(st, i, val) SKM_sk_set(CRYPTO_dynlock, (st), (i), (val))
-# define sk_CRYPTO_dynlock_zero(st) SKM_sk_zero(CRYPTO_dynlock, (st))
-# define sk_CRYPTO_dynlock_push(st, val) SKM_sk_push(CRYPTO_dynlock, (st), (val))
-# define sk_CRYPTO_dynlock_unshift(st, val) SKM_sk_unshift(CRYPTO_dynlock, (st), (val))
-# define sk_CRYPTO_dynlock_find(st, val) SKM_sk_find(CRYPTO_dynlock, (st), (val))
-# define sk_CRYPTO_dynlock_find_ex(st, val) SKM_sk_find_ex(CRYPTO_dynlock, (st), (val))
-# define sk_CRYPTO_dynlock_delete(st, i) SKM_sk_delete(CRYPTO_dynlock, (st), (i))
-# define sk_CRYPTO_dynlock_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_dynlock, (st), (ptr))
-# define sk_CRYPTO_dynlock_insert(st, val, i) SKM_sk_insert(CRYPTO_dynlock, (st), (val), (i))
-# define sk_CRYPTO_dynlock_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_dynlock, (st), (cmp))
-# define sk_CRYPTO_dynlock_dup(st) SKM_sk_dup(CRYPTO_dynlock, st)
-# define sk_CRYPTO_dynlock_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_dynlock, (st), (free_func))
-# define sk_CRYPTO_dynlock_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CRYPTO_dynlock, (st), (copy_func), (free_func))
-# define sk_CRYPTO_dynlock_shift(st) SKM_sk_shift(CRYPTO_dynlock, (st))
-# define sk_CRYPTO_dynlock_pop(st) SKM_sk_pop(CRYPTO_dynlock, (st))
-# define sk_CRYPTO_dynlock_sort(st) SKM_sk_sort(CRYPTO_dynlock, (st))
-# define sk_CRYPTO_dynlock_is_sorted(st) SKM_sk_is_sorted(CRYPTO_dynlock, (st))
-# define sk_DIST_POINT_new(cmp) SKM_sk_new(DIST_POINT, (cmp))
-# define sk_DIST_POINT_new_null() SKM_sk_new_null(DIST_POINT)
-# define sk_DIST_POINT_free(st) SKM_sk_free(DIST_POINT, (st))
-# define sk_DIST_POINT_num(st) SKM_sk_num(DIST_POINT, (st))
-# define sk_DIST_POINT_value(st, i) SKM_sk_value(DIST_POINT, (st), (i))
-# define sk_DIST_POINT_set(st, i, val) SKM_sk_set(DIST_POINT, (st), (i), (val))
-# define sk_DIST_POINT_zero(st) SKM_sk_zero(DIST_POINT, (st))
-# define sk_DIST_POINT_push(st, val) SKM_sk_push(DIST_POINT, (st), (val))
-# define sk_DIST_POINT_unshift(st, val) SKM_sk_unshift(DIST_POINT, (st), (val))
-# define sk_DIST_POINT_find(st, val) SKM_sk_find(DIST_POINT, (st), (val))
-# define sk_DIST_POINT_find_ex(st, val) SKM_sk_find_ex(DIST_POINT, (st), (val))
-# define sk_DIST_POINT_delete(st, i) SKM_sk_delete(DIST_POINT, (st), (i))
-# define sk_DIST_POINT_delete_ptr(st, ptr) SKM_sk_delete_ptr(DIST_POINT, (st), (ptr))
-# define sk_DIST_POINT_insert(st, val, i) SKM_sk_insert(DIST_POINT, (st), (val), (i))
-# define sk_DIST_POINT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(DIST_POINT, (st), (cmp))
-# define sk_DIST_POINT_dup(st) SKM_sk_dup(DIST_POINT, st)
-# define sk_DIST_POINT_pop_free(st, free_func) SKM_sk_pop_free(DIST_POINT, (st), (free_func))
-# define sk_DIST_POINT_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(DIST_POINT, (st), (copy_func), (free_func))
-# define sk_DIST_POINT_shift(st) SKM_sk_shift(DIST_POINT, (st))
-# define sk_DIST_POINT_pop(st) SKM_sk_pop(DIST_POINT, (st))
-# define sk_DIST_POINT_sort(st) SKM_sk_sort(DIST_POINT, (st))
-# define sk_DIST_POINT_is_sorted(st) SKM_sk_is_sorted(DIST_POINT, (st))
-# define sk_ENGINE_new(cmp) SKM_sk_new(ENGINE, (cmp))
-# define sk_ENGINE_new_null() SKM_sk_new_null(ENGINE)
-# define sk_ENGINE_free(st) SKM_sk_free(ENGINE, (st))
-# define sk_ENGINE_num(st) SKM_sk_num(ENGINE, (st))
-# define sk_ENGINE_value(st, i) SKM_sk_value(ENGINE, (st), (i))
-# define sk_ENGINE_set(st, i, val) SKM_sk_set(ENGINE, (st), (i), (val))
-# define sk_ENGINE_zero(st) SKM_sk_zero(ENGINE, (st))
-# define sk_ENGINE_push(st, val) SKM_sk_push(ENGINE, (st), (val))
-# define sk_ENGINE_unshift(st, val) SKM_sk_unshift(ENGINE, (st), (val))
-# define sk_ENGINE_find(st, val) SKM_sk_find(ENGINE, (st), (val))
-# define sk_ENGINE_find_ex(st, val) SKM_sk_find_ex(ENGINE, (st), (val))
-# define sk_ENGINE_delete(st, i) SKM_sk_delete(ENGINE, (st), (i))
-# define sk_ENGINE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ENGINE, (st), (ptr))
-# define sk_ENGINE_insert(st, val, i) SKM_sk_insert(ENGINE, (st), (val), (i))
-# define sk_ENGINE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ENGINE, (st), (cmp))
-# define sk_ENGINE_dup(st) SKM_sk_dup(ENGINE, st)
-# define sk_ENGINE_pop_free(st, free_func) SKM_sk_pop_free(ENGINE, (st), (free_func))
-# define sk_ENGINE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ENGINE, (st), (copy_func), (free_func))
-# define sk_ENGINE_shift(st) SKM_sk_shift(ENGINE, (st))
-# define sk_ENGINE_pop(st) SKM_sk_pop(ENGINE, (st))
-# define sk_ENGINE_sort(st) SKM_sk_sort(ENGINE, (st))
-# define sk_ENGINE_is_sorted(st) SKM_sk_is_sorted(ENGINE, (st))
-# define sk_ENGINE_CLEANUP_ITEM_new(cmp) SKM_sk_new(ENGINE_CLEANUP_ITEM, (cmp))
-# define sk_ENGINE_CLEANUP_ITEM_new_null() SKM_sk_new_null(ENGINE_CLEANUP_ITEM)
-# define sk_ENGINE_CLEANUP_ITEM_free(st) SKM_sk_free(ENGINE_CLEANUP_ITEM, (st))
-# define sk_ENGINE_CLEANUP_ITEM_num(st) SKM_sk_num(ENGINE_CLEANUP_ITEM, (st))
-# define sk_ENGINE_CLEANUP_ITEM_value(st, i) SKM_sk_value(ENGINE_CLEANUP_ITEM, (st), (i))
-# define sk_ENGINE_CLEANUP_ITEM_set(st, i, val) SKM_sk_set(ENGINE_CLEANUP_ITEM, (st), (i), (val))
-# define sk_ENGINE_CLEANUP_ITEM_zero(st) SKM_sk_zero(ENGINE_CLEANUP_ITEM, (st))
-# define sk_ENGINE_CLEANUP_ITEM_push(st, val) SKM_sk_push(ENGINE_CLEANUP_ITEM, (st), (val))
-# define sk_ENGINE_CLEANUP_ITEM_unshift(st, val) SKM_sk_unshift(ENGINE_CLEANUP_ITEM, (st), (val))
-# define sk_ENGINE_CLEANUP_ITEM_find(st, val) SKM_sk_find(ENGINE_CLEANUP_ITEM, (st), (val))
-# define sk_ENGINE_CLEANUP_ITEM_find_ex(st, val) SKM_sk_find_ex(ENGINE_CLEANUP_ITEM, (st), (val))
-# define sk_ENGINE_CLEANUP_ITEM_delete(st, i) SKM_sk_delete(ENGINE_CLEANUP_ITEM, (st), (i))
-# define sk_ENGINE_CLEANUP_ITEM_delete_ptr(st, ptr) SKM_sk_delete_ptr(ENGINE_CLEANUP_ITEM, (st), (ptr))
-# define sk_ENGINE_CLEANUP_ITEM_insert(st, val, i) SKM_sk_insert(ENGINE_CLEANUP_ITEM, (st), (val), (i))
-# define sk_ENGINE_CLEANUP_ITEM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ENGINE_CLEANUP_ITEM, (st), (cmp))
-# define sk_ENGINE_CLEANUP_ITEM_dup(st) SKM_sk_dup(ENGINE_CLEANUP_ITEM, st)
-# define sk_ENGINE_CLEANUP_ITEM_pop_free(st, free_func) SKM_sk_pop_free(ENGINE_CLEANUP_ITEM, (st), (free_func))
-# define sk_ENGINE_CLEANUP_ITEM_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ENGINE_CLEANUP_ITEM, (st), (copy_func), (free_func))
-# define sk_ENGINE_CLEANUP_ITEM_shift(st) SKM_sk_shift(ENGINE_CLEANUP_ITEM, (st))
-# define sk_ENGINE_CLEANUP_ITEM_pop(st) SKM_sk_pop(ENGINE_CLEANUP_ITEM, (st))
-# define sk_ENGINE_CLEANUP_ITEM_sort(st) SKM_sk_sort(ENGINE_CLEANUP_ITEM, (st))
-# define sk_ENGINE_CLEANUP_ITEM_is_sorted(st) SKM_sk_is_sorted(ENGINE_CLEANUP_ITEM, (st))
-# define sk_ESS_CERT_ID_new(cmp) SKM_sk_new(ESS_CERT_ID, (cmp))
-# define sk_ESS_CERT_ID_new_null() SKM_sk_new_null(ESS_CERT_ID)
-# define sk_ESS_CERT_ID_free(st) SKM_sk_free(ESS_CERT_ID, (st))
-# define sk_ESS_CERT_ID_num(st) SKM_sk_num(ESS_CERT_ID, (st))
-# define sk_ESS_CERT_ID_value(st, i) SKM_sk_value(ESS_CERT_ID, (st), (i))
-# define sk_ESS_CERT_ID_set(st, i, val) SKM_sk_set(ESS_CERT_ID, (st), (i), (val))
-# define sk_ESS_CERT_ID_zero(st) SKM_sk_zero(ESS_CERT_ID, (st))
-# define sk_ESS_CERT_ID_push(st, val) SKM_sk_push(ESS_CERT_ID, (st), (val))
-# define sk_ESS_CERT_ID_unshift(st, val) SKM_sk_unshift(ESS_CERT_ID, (st), (val))
-# define sk_ESS_CERT_ID_find(st, val) SKM_sk_find(ESS_CERT_ID, (st), (val))
-# define sk_ESS_CERT_ID_find_ex(st, val) SKM_sk_find_ex(ESS_CERT_ID, (st), (val))
-# define sk_ESS_CERT_ID_delete(st, i) SKM_sk_delete(ESS_CERT_ID, (st), (i))
-# define sk_ESS_CERT_ID_delete_ptr(st, ptr) SKM_sk_delete_ptr(ESS_CERT_ID, (st), (ptr))
-# define sk_ESS_CERT_ID_insert(st, val, i) SKM_sk_insert(ESS_CERT_ID, (st), (val), (i))
-# define sk_ESS_CERT_ID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ESS_CERT_ID, (st), (cmp))
-# define sk_ESS_CERT_ID_dup(st) SKM_sk_dup(ESS_CERT_ID, st)
-# define sk_ESS_CERT_ID_pop_free(st, free_func) SKM_sk_pop_free(ESS_CERT_ID, (st), (free_func))
-# define sk_ESS_CERT_ID_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ESS_CERT_ID, (st), (copy_func), (free_func))
-# define sk_ESS_CERT_ID_shift(st) SKM_sk_shift(ESS_CERT_ID, (st))
-# define sk_ESS_CERT_ID_pop(st) SKM_sk_pop(ESS_CERT_ID, (st))
-# define sk_ESS_CERT_ID_sort(st) SKM_sk_sort(ESS_CERT_ID, (st))
-# define sk_ESS_CERT_ID_is_sorted(st) SKM_sk_is_sorted(ESS_CERT_ID, (st))
-# define sk_EVP_MD_new(cmp) SKM_sk_new(EVP_MD, (cmp))
-# define sk_EVP_MD_new_null() SKM_sk_new_null(EVP_MD)
-# define sk_EVP_MD_free(st) SKM_sk_free(EVP_MD, (st))
-# define sk_EVP_MD_num(st) SKM_sk_num(EVP_MD, (st))
-# define sk_EVP_MD_value(st, i) SKM_sk_value(EVP_MD, (st), (i))
-# define sk_EVP_MD_set(st, i, val) SKM_sk_set(EVP_MD, (st), (i), (val))
-# define sk_EVP_MD_zero(st) SKM_sk_zero(EVP_MD, (st))
-# define sk_EVP_MD_push(st, val) SKM_sk_push(EVP_MD, (st), (val))
-# define sk_EVP_MD_unshift(st, val) SKM_sk_unshift(EVP_MD, (st), (val))
-# define sk_EVP_MD_find(st, val) SKM_sk_find(EVP_MD, (st), (val))
-# define sk_EVP_MD_find_ex(st, val) SKM_sk_find_ex(EVP_MD, (st), (val))
-# define sk_EVP_MD_delete(st, i) SKM_sk_delete(EVP_MD, (st), (i))
-# define sk_EVP_MD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_MD, (st), (ptr))
-# define sk_EVP_MD_insert(st, val, i) SKM_sk_insert(EVP_MD, (st), (val), (i))
-# define sk_EVP_MD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_MD, (st), (cmp))
-# define sk_EVP_MD_dup(st) SKM_sk_dup(EVP_MD, st)
-# define sk_EVP_MD_pop_free(st, free_func) SKM_sk_pop_free(EVP_MD, (st), (free_func))
-# define sk_EVP_MD_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(EVP_MD, (st), (copy_func), (free_func))
-# define sk_EVP_MD_shift(st) SKM_sk_shift(EVP_MD, (st))
-# define sk_EVP_MD_pop(st) SKM_sk_pop(EVP_MD, (st))
-# define sk_EVP_MD_sort(st) SKM_sk_sort(EVP_MD, (st))
-# define sk_EVP_MD_is_sorted(st) SKM_sk_is_sorted(EVP_MD, (st))
-# define sk_EVP_PBE_CTL_new(cmp) SKM_sk_new(EVP_PBE_CTL, (cmp))
-# define sk_EVP_PBE_CTL_new_null() SKM_sk_new_null(EVP_PBE_CTL)
-# define sk_EVP_PBE_CTL_free(st) SKM_sk_free(EVP_PBE_CTL, (st))
-# define sk_EVP_PBE_CTL_num(st) SKM_sk_num(EVP_PBE_CTL, (st))
-# define sk_EVP_PBE_CTL_value(st, i) SKM_sk_value(EVP_PBE_CTL, (st), (i))
-# define sk_EVP_PBE_CTL_set(st, i, val) SKM_sk_set(EVP_PBE_CTL, (st), (i), (val))
-# define sk_EVP_PBE_CTL_zero(st) SKM_sk_zero(EVP_PBE_CTL, (st))
-# define sk_EVP_PBE_CTL_push(st, val) SKM_sk_push(EVP_PBE_CTL, (st), (val))
-# define sk_EVP_PBE_CTL_unshift(st, val) SKM_sk_unshift(EVP_PBE_CTL, (st), (val))
-# define sk_EVP_PBE_CTL_find(st, val) SKM_sk_find(EVP_PBE_CTL, (st), (val))
-# define sk_EVP_PBE_CTL_find_ex(st, val) SKM_sk_find_ex(EVP_PBE_CTL, (st), (val))
-# define sk_EVP_PBE_CTL_delete(st, i) SKM_sk_delete(EVP_PBE_CTL, (st), (i))
-# define sk_EVP_PBE_CTL_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PBE_CTL, (st), (ptr))
-# define sk_EVP_PBE_CTL_insert(st, val, i) SKM_sk_insert(EVP_PBE_CTL, (st), (val), (i))
-# define sk_EVP_PBE_CTL_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PBE_CTL, (st), (cmp))
-# define sk_EVP_PBE_CTL_dup(st) SKM_sk_dup(EVP_PBE_CTL, st)
-# define sk_EVP_PBE_CTL_pop_free(st, free_func) SKM_sk_pop_free(EVP_PBE_CTL, (st), (free_func))
-# define sk_EVP_PBE_CTL_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(EVP_PBE_CTL, (st), (copy_func), (free_func))
-# define sk_EVP_PBE_CTL_shift(st) SKM_sk_shift(EVP_PBE_CTL, (st))
-# define sk_EVP_PBE_CTL_pop(st) SKM_sk_pop(EVP_PBE_CTL, (st))
-# define sk_EVP_PBE_CTL_sort(st) SKM_sk_sort(EVP_PBE_CTL, (st))
-# define sk_EVP_PBE_CTL_is_sorted(st) SKM_sk_is_sorted(EVP_PBE_CTL, (st))
-# define sk_EVP_PKEY_ASN1_METHOD_new(cmp) SKM_sk_new(EVP_PKEY_ASN1_METHOD, (cmp))
-# define sk_EVP_PKEY_ASN1_METHOD_new_null() SKM_sk_new_null(EVP_PKEY_ASN1_METHOD)
-# define sk_EVP_PKEY_ASN1_METHOD_free(st) SKM_sk_free(EVP_PKEY_ASN1_METHOD, (st))
-# define sk_EVP_PKEY_ASN1_METHOD_num(st) SKM_sk_num(EVP_PKEY_ASN1_METHOD, (st))
-# define sk_EVP_PKEY_ASN1_METHOD_value(st, i) SKM_sk_value(EVP_PKEY_ASN1_METHOD, (st), (i))
-# define sk_EVP_PKEY_ASN1_METHOD_set(st, i, val) SKM_sk_set(EVP_PKEY_ASN1_METHOD, (st), (i), (val))
-# define sk_EVP_PKEY_ASN1_METHOD_zero(st) SKM_sk_zero(EVP_PKEY_ASN1_METHOD, (st))
-# define sk_EVP_PKEY_ASN1_METHOD_push(st, val) SKM_sk_push(EVP_PKEY_ASN1_METHOD, (st), (val))
-# define sk_EVP_PKEY_ASN1_METHOD_unshift(st, val) SKM_sk_unshift(EVP_PKEY_ASN1_METHOD, (st), (val))
-# define sk_EVP_PKEY_ASN1_METHOD_find(st, val) SKM_sk_find(EVP_PKEY_ASN1_METHOD, (st), (val))
-# define sk_EVP_PKEY_ASN1_METHOD_find_ex(st, val) SKM_sk_find_ex(EVP_PKEY_ASN1_METHOD, (st), (val))
-# define sk_EVP_PKEY_ASN1_METHOD_delete(st, i) SKM_sk_delete(EVP_PKEY_ASN1_METHOD, (st), (i))
-# define sk_EVP_PKEY_ASN1_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PKEY_ASN1_METHOD, (st), (ptr))
-# define sk_EVP_PKEY_ASN1_METHOD_insert(st, val, i) SKM_sk_insert(EVP_PKEY_ASN1_METHOD, (st), (val), (i))
-# define sk_EVP_PKEY_ASN1_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PKEY_ASN1_METHOD, (st), (cmp))
-# define sk_EVP_PKEY_ASN1_METHOD_dup(st) SKM_sk_dup(EVP_PKEY_ASN1_METHOD, st)
-# define sk_EVP_PKEY_ASN1_METHOD_pop_free(st, free_func) SKM_sk_pop_free(EVP_PKEY_ASN1_METHOD, (st), (free_func))
-# define sk_EVP_PKEY_ASN1_METHOD_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(EVP_PKEY_ASN1_METHOD, (st), (copy_func), (free_func))
-# define sk_EVP_PKEY_ASN1_METHOD_shift(st) SKM_sk_shift(EVP_PKEY_ASN1_METHOD, (st))
-# define sk_EVP_PKEY_ASN1_METHOD_pop(st) SKM_sk_pop(EVP_PKEY_ASN1_METHOD, (st))
-# define sk_EVP_PKEY_ASN1_METHOD_sort(st) SKM_sk_sort(EVP_PKEY_ASN1_METHOD, (st))
-# define sk_EVP_PKEY_ASN1_METHOD_is_sorted(st) SKM_sk_is_sorted(EVP_PKEY_ASN1_METHOD, (st))
-# define sk_EVP_PKEY_METHOD_new(cmp) SKM_sk_new(EVP_PKEY_METHOD, (cmp))
-# define sk_EVP_PKEY_METHOD_new_null() SKM_sk_new_null(EVP_PKEY_METHOD)
-# define sk_EVP_PKEY_METHOD_free(st) SKM_sk_free(EVP_PKEY_METHOD, (st))
-# define sk_EVP_PKEY_METHOD_num(st) SKM_sk_num(EVP_PKEY_METHOD, (st))
-# define sk_EVP_PKEY_METHOD_value(st, i) SKM_sk_value(EVP_PKEY_METHOD, (st), (i))
-# define sk_EVP_PKEY_METHOD_set(st, i, val) SKM_sk_set(EVP_PKEY_METHOD, (st), (i), (val))
-# define sk_EVP_PKEY_METHOD_zero(st) SKM_sk_zero(EVP_PKEY_METHOD, (st))
-# define sk_EVP_PKEY_METHOD_push(st, val) SKM_sk_push(EVP_PKEY_METHOD, (st), (val))
-# define sk_EVP_PKEY_METHOD_unshift(st, val) SKM_sk_unshift(EVP_PKEY_METHOD, (st), (val))
-# define sk_EVP_PKEY_METHOD_find(st, val) SKM_sk_find(EVP_PKEY_METHOD, (st), (val))
-# define sk_EVP_PKEY_METHOD_find_ex(st, val) SKM_sk_find_ex(EVP_PKEY_METHOD, (st), (val))
-# define sk_EVP_PKEY_METHOD_delete(st, i) SKM_sk_delete(EVP_PKEY_METHOD, (st), (i))
-# define sk_EVP_PKEY_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PKEY_METHOD, (st), (ptr))
-# define sk_EVP_PKEY_METHOD_insert(st, val, i) SKM_sk_insert(EVP_PKEY_METHOD, (st), (val), (i))
-# define sk_EVP_PKEY_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PKEY_METHOD, (st), (cmp))
-# define sk_EVP_PKEY_METHOD_dup(st) SKM_sk_dup(EVP_PKEY_METHOD, st)
-# define sk_EVP_PKEY_METHOD_pop_free(st, free_func) SKM_sk_pop_free(EVP_PKEY_METHOD, (st), (free_func))
-# define sk_EVP_PKEY_METHOD_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(EVP_PKEY_METHOD, (st), (copy_func), (free_func))
-# define sk_EVP_PKEY_METHOD_shift(st) SKM_sk_shift(EVP_PKEY_METHOD, (st))
-# define sk_EVP_PKEY_METHOD_pop(st) SKM_sk_pop(EVP_PKEY_METHOD, (st))
-# define sk_EVP_PKEY_METHOD_sort(st) SKM_sk_sort(EVP_PKEY_METHOD, (st))
-# define sk_EVP_PKEY_METHOD_is_sorted(st) SKM_sk_is_sorted(EVP_PKEY_METHOD, (st))
-# define sk_GENERAL_NAME_new(cmp) SKM_sk_new(GENERAL_NAME, (cmp))
-# define sk_GENERAL_NAME_new_null() SKM_sk_new_null(GENERAL_NAME)
-# define sk_GENERAL_NAME_free(st) SKM_sk_free(GENERAL_NAME, (st))
-# define sk_GENERAL_NAME_num(st) SKM_sk_num(GENERAL_NAME, (st))
-# define sk_GENERAL_NAME_value(st, i) SKM_sk_value(GENERAL_NAME, (st), (i))
-# define sk_GENERAL_NAME_set(st, i, val) SKM_sk_set(GENERAL_NAME, (st), (i), (val))
-# define sk_GENERAL_NAME_zero(st) SKM_sk_zero(GENERAL_NAME, (st))
-# define sk_GENERAL_NAME_push(st, val) SKM_sk_push(GENERAL_NAME, (st), (val))
-# define sk_GENERAL_NAME_unshift(st, val) SKM_sk_unshift(GENERAL_NAME, (st), (val))
-# define sk_GENERAL_NAME_find(st, val) SKM_sk_find(GENERAL_NAME, (st), (val))
-# define sk_GENERAL_NAME_find_ex(st, val) SKM_sk_find_ex(GENERAL_NAME, (st), (val))
-# define sk_GENERAL_NAME_delete(st, i) SKM_sk_delete(GENERAL_NAME, (st), (i))
-# define sk_GENERAL_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAME, (st), (ptr))
-# define sk_GENERAL_NAME_insert(st, val, i) SKM_sk_insert(GENERAL_NAME, (st), (val), (i))
-# define sk_GENERAL_NAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_NAME, (st), (cmp))
-# define sk_GENERAL_NAME_dup(st) SKM_sk_dup(GENERAL_NAME, st)
-# define sk_GENERAL_NAME_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_NAME, (st), (free_func))
-# define sk_GENERAL_NAME_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(GENERAL_NAME, (st), (copy_func), (free_func))
-# define sk_GENERAL_NAME_shift(st) SKM_sk_shift(GENERAL_NAME, (st))
-# define sk_GENERAL_NAME_pop(st) SKM_sk_pop(GENERAL_NAME, (st))
-# define sk_GENERAL_NAME_sort(st) SKM_sk_sort(GENERAL_NAME, (st))
-# define sk_GENERAL_NAME_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAME, (st))
-# define sk_GENERAL_NAMES_new(cmp) SKM_sk_new(GENERAL_NAMES, (cmp))
-# define sk_GENERAL_NAMES_new_null() SKM_sk_new_null(GENERAL_NAMES)
-# define sk_GENERAL_NAMES_free(st) SKM_sk_free(GENERAL_NAMES, (st))
-# define sk_GENERAL_NAMES_num(st) SKM_sk_num(GENERAL_NAMES, (st))
-# define sk_GENERAL_NAMES_value(st, i) SKM_sk_value(GENERAL_NAMES, (st), (i))
-# define sk_GENERAL_NAMES_set(st, i, val) SKM_sk_set(GENERAL_NAMES, (st), (i), (val))
-# define sk_GENERAL_NAMES_zero(st) SKM_sk_zero(GENERAL_NAMES, (st))
-# define sk_GENERAL_NAMES_push(st, val) SKM_sk_push(GENERAL_NAMES, (st), (val))
-# define sk_GENERAL_NAMES_unshift(st, val) SKM_sk_unshift(GENERAL_NAMES, (st), (val))
-# define sk_GENERAL_NAMES_find(st, val) SKM_sk_find(GENERAL_NAMES, (st), (val))
-# define sk_GENERAL_NAMES_find_ex(st, val) SKM_sk_find_ex(GENERAL_NAMES, (st), (val))
-# define sk_GENERAL_NAMES_delete(st, i) SKM_sk_delete(GENERAL_NAMES, (st), (i))
-# define sk_GENERAL_NAMES_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAMES, (st), (ptr))
-# define sk_GENERAL_NAMES_insert(st, val, i) SKM_sk_insert(GENERAL_NAMES, (st), (val), (i))
-# define sk_GENERAL_NAMES_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_NAMES, (st), (cmp))
-# define sk_GENERAL_NAMES_dup(st) SKM_sk_dup(GENERAL_NAMES, st)
-# define sk_GENERAL_NAMES_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_NAMES, (st), (free_func))
-# define sk_GENERAL_NAMES_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(GENERAL_NAMES, (st), (copy_func), (free_func))
-# define sk_GENERAL_NAMES_shift(st) SKM_sk_shift(GENERAL_NAMES, (st))
-# define sk_GENERAL_NAMES_pop(st) SKM_sk_pop(GENERAL_NAMES, (st))
-# define sk_GENERAL_NAMES_sort(st) SKM_sk_sort(GENERAL_NAMES, (st))
-# define sk_GENERAL_NAMES_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAMES, (st))
-# define sk_GENERAL_SUBTREE_new(cmp) SKM_sk_new(GENERAL_SUBTREE, (cmp))
-# define sk_GENERAL_SUBTREE_new_null() SKM_sk_new_null(GENERAL_SUBTREE)
-# define sk_GENERAL_SUBTREE_free(st) SKM_sk_free(GENERAL_SUBTREE, (st))
-# define sk_GENERAL_SUBTREE_num(st) SKM_sk_num(GENERAL_SUBTREE, (st))
-# define sk_GENERAL_SUBTREE_value(st, i) SKM_sk_value(GENERAL_SUBTREE, (st), (i))
-# define sk_GENERAL_SUBTREE_set(st, i, val) SKM_sk_set(GENERAL_SUBTREE, (st), (i), (val))
-# define sk_GENERAL_SUBTREE_zero(st) SKM_sk_zero(GENERAL_SUBTREE, (st))
-# define sk_GENERAL_SUBTREE_push(st, val) SKM_sk_push(GENERAL_SUBTREE, (st), (val))
-# define sk_GENERAL_SUBTREE_unshift(st, val) SKM_sk_unshift(GENERAL_SUBTREE, (st), (val))
-# define sk_GENERAL_SUBTREE_find(st, val) SKM_sk_find(GENERAL_SUBTREE, (st), (val))
-# define sk_GENERAL_SUBTREE_find_ex(st, val) SKM_sk_find_ex(GENERAL_SUBTREE, (st), (val))
-# define sk_GENERAL_SUBTREE_delete(st, i) SKM_sk_delete(GENERAL_SUBTREE, (st), (i))
-# define sk_GENERAL_SUBTREE_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_SUBTREE, (st), (ptr))
-# define sk_GENERAL_SUBTREE_insert(st, val, i) SKM_sk_insert(GENERAL_SUBTREE, (st), (val), (i))
-# define sk_GENERAL_SUBTREE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_SUBTREE, (st), (cmp))
-# define sk_GENERAL_SUBTREE_dup(st) SKM_sk_dup(GENERAL_SUBTREE, st)
-# define sk_GENERAL_SUBTREE_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_SUBTREE, (st), (free_func))
-# define sk_GENERAL_SUBTREE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(GENERAL_SUBTREE, (st), (copy_func), (free_func))
-# define sk_GENERAL_SUBTREE_shift(st) SKM_sk_shift(GENERAL_SUBTREE, (st))
-# define sk_GENERAL_SUBTREE_pop(st) SKM_sk_pop(GENERAL_SUBTREE, (st))
-# define sk_GENERAL_SUBTREE_sort(st) SKM_sk_sort(GENERAL_SUBTREE, (st))
-# define sk_GENERAL_SUBTREE_is_sorted(st) SKM_sk_is_sorted(GENERAL_SUBTREE, (st))
-# define sk_IPAddressFamily_new(cmp) SKM_sk_new(IPAddressFamily, (cmp))
-# define sk_IPAddressFamily_new_null() SKM_sk_new_null(IPAddressFamily)
-# define sk_IPAddressFamily_free(st) SKM_sk_free(IPAddressFamily, (st))
-# define sk_IPAddressFamily_num(st) SKM_sk_num(IPAddressFamily, (st))
-# define sk_IPAddressFamily_value(st, i) SKM_sk_value(IPAddressFamily, (st), (i))
-# define sk_IPAddressFamily_set(st, i, val) SKM_sk_set(IPAddressFamily, (st), (i), (val))
-# define sk_IPAddressFamily_zero(st) SKM_sk_zero(IPAddressFamily, (st))
-# define sk_IPAddressFamily_push(st, val) SKM_sk_push(IPAddressFamily, (st), (val))
-# define sk_IPAddressFamily_unshift(st, val) SKM_sk_unshift(IPAddressFamily, (st), (val))
-# define sk_IPAddressFamily_find(st, val) SKM_sk_find(IPAddressFamily, (st), (val))
-# define sk_IPAddressFamily_find_ex(st, val) SKM_sk_find_ex(IPAddressFamily, (st), (val))
-# define sk_IPAddressFamily_delete(st, i) SKM_sk_delete(IPAddressFamily, (st), (i))
-# define sk_IPAddressFamily_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressFamily, (st), (ptr))
-# define sk_IPAddressFamily_insert(st, val, i) SKM_sk_insert(IPAddressFamily, (st), (val), (i))
-# define sk_IPAddressFamily_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressFamily, (st), (cmp))
-# define sk_IPAddressFamily_dup(st) SKM_sk_dup(IPAddressFamily, st)
-# define sk_IPAddressFamily_pop_free(st, free_func) SKM_sk_pop_free(IPAddressFamily, (st), (free_func))
-# define sk_IPAddressFamily_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(IPAddressFamily, (st), (copy_func), (free_func))
-# define sk_IPAddressFamily_shift(st) SKM_sk_shift(IPAddressFamily, (st))
-# define sk_IPAddressFamily_pop(st) SKM_sk_pop(IPAddressFamily, (st))
-# define sk_IPAddressFamily_sort(st) SKM_sk_sort(IPAddressFamily, (st))
-# define sk_IPAddressFamily_is_sorted(st) SKM_sk_is_sorted(IPAddressFamily, (st))
-# define sk_IPAddressOrRange_new(cmp) SKM_sk_new(IPAddressOrRange, (cmp))
-# define sk_IPAddressOrRange_new_null() SKM_sk_new_null(IPAddressOrRange)
-# define sk_IPAddressOrRange_free(st) SKM_sk_free(IPAddressOrRange, (st))
-# define sk_IPAddressOrRange_num(st) SKM_sk_num(IPAddressOrRange, (st))
-# define sk_IPAddressOrRange_value(st, i) SKM_sk_value(IPAddressOrRange, (st), (i))
-# define sk_IPAddressOrRange_set(st, i, val) SKM_sk_set(IPAddressOrRange, (st), (i), (val))
-# define sk_IPAddressOrRange_zero(st) SKM_sk_zero(IPAddressOrRange, (st))
-# define sk_IPAddressOrRange_push(st, val) SKM_sk_push(IPAddressOrRange, (st), (val))
-# define sk_IPAddressOrRange_unshift(st, val) SKM_sk_unshift(IPAddressOrRange, (st), (val))
-# define sk_IPAddressOrRange_find(st, val) SKM_sk_find(IPAddressOrRange, (st), (val))
-# define sk_IPAddressOrRange_find_ex(st, val) SKM_sk_find_ex(IPAddressOrRange, (st), (val))
-# define sk_IPAddressOrRange_delete(st, i) SKM_sk_delete(IPAddressOrRange, (st), (i))
-# define sk_IPAddressOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressOrRange, (st), (ptr))
-# define sk_IPAddressOrRange_insert(st, val, i) SKM_sk_insert(IPAddressOrRange, (st), (val), (i))
-# define sk_IPAddressOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressOrRange, (st), (cmp))
-# define sk_IPAddressOrRange_dup(st) SKM_sk_dup(IPAddressOrRange, st)
-# define sk_IPAddressOrRange_pop_free(st, free_func) SKM_sk_pop_free(IPAddressOrRange, (st), (free_func))
-# define sk_IPAddressOrRange_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(IPAddressOrRange, (st), (copy_func), (free_func))
-# define sk_IPAddressOrRange_shift(st) SKM_sk_shift(IPAddressOrRange, (st))
-# define sk_IPAddressOrRange_pop(st) SKM_sk_pop(IPAddressOrRange, (st))
-# define sk_IPAddressOrRange_sort(st) SKM_sk_sort(IPAddressOrRange, (st))
-# define sk_IPAddressOrRange_is_sorted(st) SKM_sk_is_sorted(IPAddressOrRange, (st))
-# define sk_KRB5_APREQBODY_new(cmp) SKM_sk_new(KRB5_APREQBODY, (cmp))
-# define sk_KRB5_APREQBODY_new_null() SKM_sk_new_null(KRB5_APREQBODY)
-# define sk_KRB5_APREQBODY_free(st) SKM_sk_free(KRB5_APREQBODY, (st))
-# define sk_KRB5_APREQBODY_num(st) SKM_sk_num(KRB5_APREQBODY, (st))
-# define sk_KRB5_APREQBODY_value(st, i) SKM_sk_value(KRB5_APREQBODY, (st), (i))
-# define sk_KRB5_APREQBODY_set(st, i, val) SKM_sk_set(KRB5_APREQBODY, (st), (i), (val))
-# define sk_KRB5_APREQBODY_zero(st) SKM_sk_zero(KRB5_APREQBODY, (st))
-# define sk_KRB5_APREQBODY_push(st, val) SKM_sk_push(KRB5_APREQBODY, (st), (val))
-# define sk_KRB5_APREQBODY_unshift(st, val) SKM_sk_unshift(KRB5_APREQBODY, (st), (val))
-# define sk_KRB5_APREQBODY_find(st, val) SKM_sk_find(KRB5_APREQBODY, (st), (val))
-# define sk_KRB5_APREQBODY_find_ex(st, val) SKM_sk_find_ex(KRB5_APREQBODY, (st), (val))
-# define sk_KRB5_APREQBODY_delete(st, i) SKM_sk_delete(KRB5_APREQBODY, (st), (i))
-# define sk_KRB5_APREQBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_APREQBODY, (st), (ptr))
-# define sk_KRB5_APREQBODY_insert(st, val, i) SKM_sk_insert(KRB5_APREQBODY, (st), (val), (i))
-# define sk_KRB5_APREQBODY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_APREQBODY, (st), (cmp))
-# define sk_KRB5_APREQBODY_dup(st) SKM_sk_dup(KRB5_APREQBODY, st)
-# define sk_KRB5_APREQBODY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_APREQBODY, (st), (free_func))
-# define sk_KRB5_APREQBODY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_APREQBODY, (st), (copy_func), (free_func))
-# define sk_KRB5_APREQBODY_shift(st) SKM_sk_shift(KRB5_APREQBODY, (st))
-# define sk_KRB5_APREQBODY_pop(st) SKM_sk_pop(KRB5_APREQBODY, (st))
-# define sk_KRB5_APREQBODY_sort(st) SKM_sk_sort(KRB5_APREQBODY, (st))
-# define sk_KRB5_APREQBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_APREQBODY, (st))
-# define sk_KRB5_AUTHDATA_new(cmp) SKM_sk_new(KRB5_AUTHDATA, (cmp))
-# define sk_KRB5_AUTHDATA_new_null() SKM_sk_new_null(KRB5_AUTHDATA)
-# define sk_KRB5_AUTHDATA_free(st) SKM_sk_free(KRB5_AUTHDATA, (st))
-# define sk_KRB5_AUTHDATA_num(st) SKM_sk_num(KRB5_AUTHDATA, (st))
-# define sk_KRB5_AUTHDATA_value(st, i) SKM_sk_value(KRB5_AUTHDATA, (st), (i))
-# define sk_KRB5_AUTHDATA_set(st, i, val) SKM_sk_set(KRB5_AUTHDATA, (st), (i), (val))
-# define sk_KRB5_AUTHDATA_zero(st) SKM_sk_zero(KRB5_AUTHDATA, (st))
-# define sk_KRB5_AUTHDATA_push(st, val) SKM_sk_push(KRB5_AUTHDATA, (st), (val))
-# define sk_KRB5_AUTHDATA_unshift(st, val) SKM_sk_unshift(KRB5_AUTHDATA, (st), (val))
-# define sk_KRB5_AUTHDATA_find(st, val) SKM_sk_find(KRB5_AUTHDATA, (st), (val))
-# define sk_KRB5_AUTHDATA_find_ex(st, val) SKM_sk_find_ex(KRB5_AUTHDATA, (st), (val))
-# define sk_KRB5_AUTHDATA_delete(st, i) SKM_sk_delete(KRB5_AUTHDATA, (st), (i))
-# define sk_KRB5_AUTHDATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_AUTHDATA, (st), (ptr))
-# define sk_KRB5_AUTHDATA_insert(st, val, i) SKM_sk_insert(KRB5_AUTHDATA, (st), (val), (i))
-# define sk_KRB5_AUTHDATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_AUTHDATA, (st), (cmp))
-# define sk_KRB5_AUTHDATA_dup(st) SKM_sk_dup(KRB5_AUTHDATA, st)
-# define sk_KRB5_AUTHDATA_pop_free(st, free_func) SKM_sk_pop_free(KRB5_AUTHDATA, (st), (free_func))
-# define sk_KRB5_AUTHDATA_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_AUTHDATA, (st), (copy_func), (free_func))
-# define sk_KRB5_AUTHDATA_shift(st) SKM_sk_shift(KRB5_AUTHDATA, (st))
-# define sk_KRB5_AUTHDATA_pop(st) SKM_sk_pop(KRB5_AUTHDATA, (st))
-# define sk_KRB5_AUTHDATA_sort(st) SKM_sk_sort(KRB5_AUTHDATA, (st))
-# define sk_KRB5_AUTHDATA_is_sorted(st) SKM_sk_is_sorted(KRB5_AUTHDATA, (st))
-# define sk_KRB5_AUTHENTBODY_new(cmp) SKM_sk_new(KRB5_AUTHENTBODY, (cmp))
-# define sk_KRB5_AUTHENTBODY_new_null() SKM_sk_new_null(KRB5_AUTHENTBODY)
-# define sk_KRB5_AUTHENTBODY_free(st) SKM_sk_free(KRB5_AUTHENTBODY, (st))
-# define sk_KRB5_AUTHENTBODY_num(st) SKM_sk_num(KRB5_AUTHENTBODY, (st))
-# define sk_KRB5_AUTHENTBODY_value(st, i) SKM_sk_value(KRB5_AUTHENTBODY, (st), (i))
-# define sk_KRB5_AUTHENTBODY_set(st, i, val) SKM_sk_set(KRB5_AUTHENTBODY, (st), (i), (val))
-# define sk_KRB5_AUTHENTBODY_zero(st) SKM_sk_zero(KRB5_AUTHENTBODY, (st))
-# define sk_KRB5_AUTHENTBODY_push(st, val) SKM_sk_push(KRB5_AUTHENTBODY, (st), (val))
-# define sk_KRB5_AUTHENTBODY_unshift(st, val) SKM_sk_unshift(KRB5_AUTHENTBODY, (st), (val))
-# define sk_KRB5_AUTHENTBODY_find(st, val) SKM_sk_find(KRB5_AUTHENTBODY, (st), (val))
-# define sk_KRB5_AUTHENTBODY_find_ex(st, val) SKM_sk_find_ex(KRB5_AUTHENTBODY, (st), (val))
-# define sk_KRB5_AUTHENTBODY_delete(st, i) SKM_sk_delete(KRB5_AUTHENTBODY, (st), (i))
-# define sk_KRB5_AUTHENTBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_AUTHENTBODY, (st), (ptr))
-# define sk_KRB5_AUTHENTBODY_insert(st, val, i) SKM_sk_insert(KRB5_AUTHENTBODY, (st), (val), (i))
-# define sk_KRB5_AUTHENTBODY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_AUTHENTBODY, (st), (cmp))
-# define sk_KRB5_AUTHENTBODY_dup(st) SKM_sk_dup(KRB5_AUTHENTBODY, st)
-# define sk_KRB5_AUTHENTBODY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_AUTHENTBODY, (st), (free_func))
-# define sk_KRB5_AUTHENTBODY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_AUTHENTBODY, (st), (copy_func), (free_func))
-# define sk_KRB5_AUTHENTBODY_shift(st) SKM_sk_shift(KRB5_AUTHENTBODY, (st))
-# define sk_KRB5_AUTHENTBODY_pop(st) SKM_sk_pop(KRB5_AUTHENTBODY, (st))
-# define sk_KRB5_AUTHENTBODY_sort(st) SKM_sk_sort(KRB5_AUTHENTBODY, (st))
-# define sk_KRB5_AUTHENTBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_AUTHENTBODY, (st))
-# define sk_KRB5_CHECKSUM_new(cmp) SKM_sk_new(KRB5_CHECKSUM, (cmp))
-# define sk_KRB5_CHECKSUM_new_null() SKM_sk_new_null(KRB5_CHECKSUM)
-# define sk_KRB5_CHECKSUM_free(st) SKM_sk_free(KRB5_CHECKSUM, (st))
-# define sk_KRB5_CHECKSUM_num(st) SKM_sk_num(KRB5_CHECKSUM, (st))
-# define sk_KRB5_CHECKSUM_value(st, i) SKM_sk_value(KRB5_CHECKSUM, (st), (i))
-# define sk_KRB5_CHECKSUM_set(st, i, val) SKM_sk_set(KRB5_CHECKSUM, (st), (i), (val))
-# define sk_KRB5_CHECKSUM_zero(st) SKM_sk_zero(KRB5_CHECKSUM, (st))
-# define sk_KRB5_CHECKSUM_push(st, val) SKM_sk_push(KRB5_CHECKSUM, (st), (val))
-# define sk_KRB5_CHECKSUM_unshift(st, val) SKM_sk_unshift(KRB5_CHECKSUM, (st), (val))
-# define sk_KRB5_CHECKSUM_find(st, val) SKM_sk_find(KRB5_CHECKSUM, (st), (val))
-# define sk_KRB5_CHECKSUM_find_ex(st, val) SKM_sk_find_ex(KRB5_CHECKSUM, (st), (val))
-# define sk_KRB5_CHECKSUM_delete(st, i) SKM_sk_delete(KRB5_CHECKSUM, (st), (i))
-# define sk_KRB5_CHECKSUM_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_CHECKSUM, (st), (ptr))
-# define sk_KRB5_CHECKSUM_insert(st, val, i) SKM_sk_insert(KRB5_CHECKSUM, (st), (val), (i))
-# define sk_KRB5_CHECKSUM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_CHECKSUM, (st), (cmp))
-# define sk_KRB5_CHECKSUM_dup(st) SKM_sk_dup(KRB5_CHECKSUM, st)
-# define sk_KRB5_CHECKSUM_pop_free(st, free_func) SKM_sk_pop_free(KRB5_CHECKSUM, (st), (free_func))
-# define sk_KRB5_CHECKSUM_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_CHECKSUM, (st), (copy_func), (free_func))
-# define sk_KRB5_CHECKSUM_shift(st) SKM_sk_shift(KRB5_CHECKSUM, (st))
-# define sk_KRB5_CHECKSUM_pop(st) SKM_sk_pop(KRB5_CHECKSUM, (st))
-# define sk_KRB5_CHECKSUM_sort(st) SKM_sk_sort(KRB5_CHECKSUM, (st))
-# define sk_KRB5_CHECKSUM_is_sorted(st) SKM_sk_is_sorted(KRB5_CHECKSUM, (st))
-# define sk_KRB5_ENCDATA_new(cmp) SKM_sk_new(KRB5_ENCDATA, (cmp))
-# define sk_KRB5_ENCDATA_new_null() SKM_sk_new_null(KRB5_ENCDATA)
-# define sk_KRB5_ENCDATA_free(st) SKM_sk_free(KRB5_ENCDATA, (st))
-# define sk_KRB5_ENCDATA_num(st) SKM_sk_num(KRB5_ENCDATA, (st))
-# define sk_KRB5_ENCDATA_value(st, i) SKM_sk_value(KRB5_ENCDATA, (st), (i))
-# define sk_KRB5_ENCDATA_set(st, i, val) SKM_sk_set(KRB5_ENCDATA, (st), (i), (val))
-# define sk_KRB5_ENCDATA_zero(st) SKM_sk_zero(KRB5_ENCDATA, (st))
-# define sk_KRB5_ENCDATA_push(st, val) SKM_sk_push(KRB5_ENCDATA, (st), (val))
-# define sk_KRB5_ENCDATA_unshift(st, val) SKM_sk_unshift(KRB5_ENCDATA, (st), (val))
-# define sk_KRB5_ENCDATA_find(st, val) SKM_sk_find(KRB5_ENCDATA, (st), (val))
-# define sk_KRB5_ENCDATA_find_ex(st, val) SKM_sk_find_ex(KRB5_ENCDATA, (st), (val))
-# define sk_KRB5_ENCDATA_delete(st, i) SKM_sk_delete(KRB5_ENCDATA, (st), (i))
-# define sk_KRB5_ENCDATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_ENCDATA, (st), (ptr))
-# define sk_KRB5_ENCDATA_insert(st, val, i) SKM_sk_insert(KRB5_ENCDATA, (st), (val), (i))
-# define sk_KRB5_ENCDATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_ENCDATA, (st), (cmp))
-# define sk_KRB5_ENCDATA_dup(st) SKM_sk_dup(KRB5_ENCDATA, st)
-# define sk_KRB5_ENCDATA_pop_free(st, free_func) SKM_sk_pop_free(KRB5_ENCDATA, (st), (free_func))
-# define sk_KRB5_ENCDATA_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_ENCDATA, (st), (copy_func), (free_func))
-# define sk_KRB5_ENCDATA_shift(st) SKM_sk_shift(KRB5_ENCDATA, (st))
-# define sk_KRB5_ENCDATA_pop(st) SKM_sk_pop(KRB5_ENCDATA, (st))
-# define sk_KRB5_ENCDATA_sort(st) SKM_sk_sort(KRB5_ENCDATA, (st))
-# define sk_KRB5_ENCDATA_is_sorted(st) SKM_sk_is_sorted(KRB5_ENCDATA, (st))
-# define sk_KRB5_ENCKEY_new(cmp) SKM_sk_new(KRB5_ENCKEY, (cmp))
-# define sk_KRB5_ENCKEY_new_null() SKM_sk_new_null(KRB5_ENCKEY)
-# define sk_KRB5_ENCKEY_free(st) SKM_sk_free(KRB5_ENCKEY, (st))
-# define sk_KRB5_ENCKEY_num(st) SKM_sk_num(KRB5_ENCKEY, (st))
-# define sk_KRB5_ENCKEY_value(st, i) SKM_sk_value(KRB5_ENCKEY, (st), (i))
-# define sk_KRB5_ENCKEY_set(st, i, val) SKM_sk_set(KRB5_ENCKEY, (st), (i), (val))
-# define sk_KRB5_ENCKEY_zero(st) SKM_sk_zero(KRB5_ENCKEY, (st))
-# define sk_KRB5_ENCKEY_push(st, val) SKM_sk_push(KRB5_ENCKEY, (st), (val))
-# define sk_KRB5_ENCKEY_unshift(st, val) SKM_sk_unshift(KRB5_ENCKEY, (st), (val))
-# define sk_KRB5_ENCKEY_find(st, val) SKM_sk_find(KRB5_ENCKEY, (st), (val))
-# define sk_KRB5_ENCKEY_find_ex(st, val) SKM_sk_find_ex(KRB5_ENCKEY, (st), (val))
-# define sk_KRB5_ENCKEY_delete(st, i) SKM_sk_delete(KRB5_ENCKEY, (st), (i))
-# define sk_KRB5_ENCKEY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_ENCKEY, (st), (ptr))
-# define sk_KRB5_ENCKEY_insert(st, val, i) SKM_sk_insert(KRB5_ENCKEY, (st), (val), (i))
-# define sk_KRB5_ENCKEY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_ENCKEY, (st), (cmp))
-# define sk_KRB5_ENCKEY_dup(st) SKM_sk_dup(KRB5_ENCKEY, st)
-# define sk_KRB5_ENCKEY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_ENCKEY, (st), (free_func))
-# define sk_KRB5_ENCKEY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_ENCKEY, (st), (copy_func), (free_func))
-# define sk_KRB5_ENCKEY_shift(st) SKM_sk_shift(KRB5_ENCKEY, (st))
-# define sk_KRB5_ENCKEY_pop(st) SKM_sk_pop(KRB5_ENCKEY, (st))
-# define sk_KRB5_ENCKEY_sort(st) SKM_sk_sort(KRB5_ENCKEY, (st))
-# define sk_KRB5_ENCKEY_is_sorted(st) SKM_sk_is_sorted(KRB5_ENCKEY, (st))
-# define sk_KRB5_PRINCNAME_new(cmp) SKM_sk_new(KRB5_PRINCNAME, (cmp))
-# define sk_KRB5_PRINCNAME_new_null() SKM_sk_new_null(KRB5_PRINCNAME)
-# define sk_KRB5_PRINCNAME_free(st) SKM_sk_free(KRB5_PRINCNAME, (st))
-# define sk_KRB5_PRINCNAME_num(st) SKM_sk_num(KRB5_PRINCNAME, (st))
-# define sk_KRB5_PRINCNAME_value(st, i) SKM_sk_value(KRB5_PRINCNAME, (st), (i))
-# define sk_KRB5_PRINCNAME_set(st, i, val) SKM_sk_set(KRB5_PRINCNAME, (st), (i), (val))
-# define sk_KRB5_PRINCNAME_zero(st) SKM_sk_zero(KRB5_PRINCNAME, (st))
-# define sk_KRB5_PRINCNAME_push(st, val) SKM_sk_push(KRB5_PRINCNAME, (st), (val))
-# define sk_KRB5_PRINCNAME_unshift(st, val) SKM_sk_unshift(KRB5_PRINCNAME, (st), (val))
-# define sk_KRB5_PRINCNAME_find(st, val) SKM_sk_find(KRB5_PRINCNAME, (st), (val))
-# define sk_KRB5_PRINCNAME_find_ex(st, val) SKM_sk_find_ex(KRB5_PRINCNAME, (st), (val))
-# define sk_KRB5_PRINCNAME_delete(st, i) SKM_sk_delete(KRB5_PRINCNAME, (st), (i))
-# define sk_KRB5_PRINCNAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_PRINCNAME, (st), (ptr))
-# define sk_KRB5_PRINCNAME_insert(st, val, i) SKM_sk_insert(KRB5_PRINCNAME, (st), (val), (i))
-# define sk_KRB5_PRINCNAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_PRINCNAME, (st), (cmp))
-# define sk_KRB5_PRINCNAME_dup(st) SKM_sk_dup(KRB5_PRINCNAME, st)
-# define sk_KRB5_PRINCNAME_pop_free(st, free_func) SKM_sk_pop_free(KRB5_PRINCNAME, (st), (free_func))
-# define sk_KRB5_PRINCNAME_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_PRINCNAME, (st), (copy_func), (free_func))
-# define sk_KRB5_PRINCNAME_shift(st) SKM_sk_shift(KRB5_PRINCNAME, (st))
-# define sk_KRB5_PRINCNAME_pop(st) SKM_sk_pop(KRB5_PRINCNAME, (st))
-# define sk_KRB5_PRINCNAME_sort(st) SKM_sk_sort(KRB5_PRINCNAME, (st))
-# define sk_KRB5_PRINCNAME_is_sorted(st) SKM_sk_is_sorted(KRB5_PRINCNAME, (st))
-# define sk_KRB5_TKTBODY_new(cmp) SKM_sk_new(KRB5_TKTBODY, (cmp))
-# define sk_KRB5_TKTBODY_new_null() SKM_sk_new_null(KRB5_TKTBODY)
-# define sk_KRB5_TKTBODY_free(st) SKM_sk_free(KRB5_TKTBODY, (st))
-# define sk_KRB5_TKTBODY_num(st) SKM_sk_num(KRB5_TKTBODY, (st))
-# define sk_KRB5_TKTBODY_value(st, i) SKM_sk_value(KRB5_TKTBODY, (st), (i))
-# define sk_KRB5_TKTBODY_set(st, i, val) SKM_sk_set(KRB5_TKTBODY, (st), (i), (val))
-# define sk_KRB5_TKTBODY_zero(st) SKM_sk_zero(KRB5_TKTBODY, (st))
-# define sk_KRB5_TKTBODY_push(st, val) SKM_sk_push(KRB5_TKTBODY, (st), (val))
-# define sk_KRB5_TKTBODY_unshift(st, val) SKM_sk_unshift(KRB5_TKTBODY, (st), (val))
-# define sk_KRB5_TKTBODY_find(st, val) SKM_sk_find(KRB5_TKTBODY, (st), (val))
-# define sk_KRB5_TKTBODY_find_ex(st, val) SKM_sk_find_ex(KRB5_TKTBODY, (st), (val))
-# define sk_KRB5_TKTBODY_delete(st, i) SKM_sk_delete(KRB5_TKTBODY, (st), (i))
-# define sk_KRB5_TKTBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_TKTBODY, (st), (ptr))
-# define sk_KRB5_TKTBODY_insert(st, val, i) SKM_sk_insert(KRB5_TKTBODY, (st), (val), (i))
-# define sk_KRB5_TKTBODY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_TKTBODY, (st), (cmp))
-# define sk_KRB5_TKTBODY_dup(st) SKM_sk_dup(KRB5_TKTBODY, st)
-# define sk_KRB5_TKTBODY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_TKTBODY, (st), (free_func))
-# define sk_KRB5_TKTBODY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_TKTBODY, (st), (copy_func), (free_func))
-# define sk_KRB5_TKTBODY_shift(st) SKM_sk_shift(KRB5_TKTBODY, (st))
-# define sk_KRB5_TKTBODY_pop(st) SKM_sk_pop(KRB5_TKTBODY, (st))
-# define sk_KRB5_TKTBODY_sort(st) SKM_sk_sort(KRB5_TKTBODY, (st))
-# define sk_KRB5_TKTBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_TKTBODY, (st))
-# define sk_MEM_OBJECT_DATA_new(cmp) SKM_sk_new(MEM_OBJECT_DATA, (cmp))
-# define sk_MEM_OBJECT_DATA_new_null() SKM_sk_new_null(MEM_OBJECT_DATA)
-# define sk_MEM_OBJECT_DATA_free(st) SKM_sk_free(MEM_OBJECT_DATA, (st))
-# define sk_MEM_OBJECT_DATA_num(st) SKM_sk_num(MEM_OBJECT_DATA, (st))
-# define sk_MEM_OBJECT_DATA_value(st, i) SKM_sk_value(MEM_OBJECT_DATA, (st), (i))
-# define sk_MEM_OBJECT_DATA_set(st, i, val) SKM_sk_set(MEM_OBJECT_DATA, (st), (i), (val))
-# define sk_MEM_OBJECT_DATA_zero(st) SKM_sk_zero(MEM_OBJECT_DATA, (st))
-# define sk_MEM_OBJECT_DATA_push(st, val) SKM_sk_push(MEM_OBJECT_DATA, (st), (val))
-# define sk_MEM_OBJECT_DATA_unshift(st, val) SKM_sk_unshift(MEM_OBJECT_DATA, (st), (val))
-# define sk_MEM_OBJECT_DATA_find(st, val) SKM_sk_find(MEM_OBJECT_DATA, (st), (val))
-# define sk_MEM_OBJECT_DATA_find_ex(st, val) SKM_sk_find_ex(MEM_OBJECT_DATA, (st), (val))
-# define sk_MEM_OBJECT_DATA_delete(st, i) SKM_sk_delete(MEM_OBJECT_DATA, (st), (i))
-# define sk_MEM_OBJECT_DATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(MEM_OBJECT_DATA, (st), (ptr))
-# define sk_MEM_OBJECT_DATA_insert(st, val, i) SKM_sk_insert(MEM_OBJECT_DATA, (st), (val), (i))
-# define sk_MEM_OBJECT_DATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MEM_OBJECT_DATA, (st), (cmp))
-# define sk_MEM_OBJECT_DATA_dup(st) SKM_sk_dup(MEM_OBJECT_DATA, st)
-# define sk_MEM_OBJECT_DATA_pop_free(st, free_func) SKM_sk_pop_free(MEM_OBJECT_DATA, (st), (free_func))
-# define sk_MEM_OBJECT_DATA_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(MEM_OBJECT_DATA, (st), (copy_func), (free_func))
-# define sk_MEM_OBJECT_DATA_shift(st) SKM_sk_shift(MEM_OBJECT_DATA, (st))
-# define sk_MEM_OBJECT_DATA_pop(st) SKM_sk_pop(MEM_OBJECT_DATA, (st))
-# define sk_MEM_OBJECT_DATA_sort(st) SKM_sk_sort(MEM_OBJECT_DATA, (st))
-# define sk_MEM_OBJECT_DATA_is_sorted(st) SKM_sk_is_sorted(MEM_OBJECT_DATA, (st))
-# define sk_MIME_HEADER_new(cmp) SKM_sk_new(MIME_HEADER, (cmp))
-# define sk_MIME_HEADER_new_null() SKM_sk_new_null(MIME_HEADER)
-# define sk_MIME_HEADER_free(st) SKM_sk_free(MIME_HEADER, (st))
-# define sk_MIME_HEADER_num(st) SKM_sk_num(MIME_HEADER, (st))
-# define sk_MIME_HEADER_value(st, i) SKM_sk_value(MIME_HEADER, (st), (i))
-# define sk_MIME_HEADER_set(st, i, val) SKM_sk_set(MIME_HEADER, (st), (i), (val))
-# define sk_MIME_HEADER_zero(st) SKM_sk_zero(MIME_HEADER, (st))
-# define sk_MIME_HEADER_push(st, val) SKM_sk_push(MIME_HEADER, (st), (val))
-# define sk_MIME_HEADER_unshift(st, val) SKM_sk_unshift(MIME_HEADER, (st), (val))
-# define sk_MIME_HEADER_find(st, val) SKM_sk_find(MIME_HEADER, (st), (val))
-# define sk_MIME_HEADER_find_ex(st, val) SKM_sk_find_ex(MIME_HEADER, (st), (val))
-# define sk_MIME_HEADER_delete(st, i) SKM_sk_delete(MIME_HEADER, (st), (i))
-# define sk_MIME_HEADER_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_HEADER, (st), (ptr))
-# define sk_MIME_HEADER_insert(st, val, i) SKM_sk_insert(MIME_HEADER, (st), (val), (i))
-# define sk_MIME_HEADER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_HEADER, (st), (cmp))
-# define sk_MIME_HEADER_dup(st) SKM_sk_dup(MIME_HEADER, st)
-# define sk_MIME_HEADER_pop_free(st, free_func) SKM_sk_pop_free(MIME_HEADER, (st), (free_func))
-# define sk_MIME_HEADER_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(MIME_HEADER, (st), (copy_func), (free_func))
-# define sk_MIME_HEADER_shift(st) SKM_sk_shift(MIME_HEADER, (st))
-# define sk_MIME_HEADER_pop(st) SKM_sk_pop(MIME_HEADER, (st))
-# define sk_MIME_HEADER_sort(st) SKM_sk_sort(MIME_HEADER, (st))
-# define sk_MIME_HEADER_is_sorted(st) SKM_sk_is_sorted(MIME_HEADER, (st))
-# define sk_MIME_PARAM_new(cmp) SKM_sk_new(MIME_PARAM, (cmp))
-# define sk_MIME_PARAM_new_null() SKM_sk_new_null(MIME_PARAM)
-# define sk_MIME_PARAM_free(st) SKM_sk_free(MIME_PARAM, (st))
-# define sk_MIME_PARAM_num(st) SKM_sk_num(MIME_PARAM, (st))
-# define sk_MIME_PARAM_value(st, i) SKM_sk_value(MIME_PARAM, (st), (i))
-# define sk_MIME_PARAM_set(st, i, val) SKM_sk_set(MIME_PARAM, (st), (i), (val))
-# define sk_MIME_PARAM_zero(st) SKM_sk_zero(MIME_PARAM, (st))
-# define sk_MIME_PARAM_push(st, val) SKM_sk_push(MIME_PARAM, (st), (val))
-# define sk_MIME_PARAM_unshift(st, val) SKM_sk_unshift(MIME_PARAM, (st), (val))
-# define sk_MIME_PARAM_find(st, val) SKM_sk_find(MIME_PARAM, (st), (val))
-# define sk_MIME_PARAM_find_ex(st, val) SKM_sk_find_ex(MIME_PARAM, (st), (val))
-# define sk_MIME_PARAM_delete(st, i) SKM_sk_delete(MIME_PARAM, (st), (i))
-# define sk_MIME_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_PARAM, (st), (ptr))
-# define sk_MIME_PARAM_insert(st, val, i) SKM_sk_insert(MIME_PARAM, (st), (val), (i))
-# define sk_MIME_PARAM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_PARAM, (st), (cmp))
-# define sk_MIME_PARAM_dup(st) SKM_sk_dup(MIME_PARAM, st)
-# define sk_MIME_PARAM_pop_free(st, free_func) SKM_sk_pop_free(MIME_PARAM, (st), (free_func))
-# define sk_MIME_PARAM_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(MIME_PARAM, (st), (copy_func), (free_func))
-# define sk_MIME_PARAM_shift(st) SKM_sk_shift(MIME_PARAM, (st))
-# define sk_MIME_PARAM_pop(st) SKM_sk_pop(MIME_PARAM, (st))
-# define sk_MIME_PARAM_sort(st) SKM_sk_sort(MIME_PARAM, (st))
-# define sk_MIME_PARAM_is_sorted(st) SKM_sk_is_sorted(MIME_PARAM, (st))
-# define sk_NAME_FUNCS_new(cmp) SKM_sk_new(NAME_FUNCS, (cmp))
-# define sk_NAME_FUNCS_new_null() SKM_sk_new_null(NAME_FUNCS)
-# define sk_NAME_FUNCS_free(st) SKM_sk_free(NAME_FUNCS, (st))
-# define sk_NAME_FUNCS_num(st) SKM_sk_num(NAME_FUNCS, (st))
-# define sk_NAME_FUNCS_value(st, i) SKM_sk_value(NAME_FUNCS, (st), (i))
-# define sk_NAME_FUNCS_set(st, i, val) SKM_sk_set(NAME_FUNCS, (st), (i), (val))
-# define sk_NAME_FUNCS_zero(st) SKM_sk_zero(NAME_FUNCS, (st))
-# define sk_NAME_FUNCS_push(st, val) SKM_sk_push(NAME_FUNCS, (st), (val))
-# define sk_NAME_FUNCS_unshift(st, val) SKM_sk_unshift(NAME_FUNCS, (st), (val))
-# define sk_NAME_FUNCS_find(st, val) SKM_sk_find(NAME_FUNCS, (st), (val))
-# define sk_NAME_FUNCS_find_ex(st, val) SKM_sk_find_ex(NAME_FUNCS, (st), (val))
-# define sk_NAME_FUNCS_delete(st, i) SKM_sk_delete(NAME_FUNCS, (st), (i))
-# define sk_NAME_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(NAME_FUNCS, (st), (ptr))
-# define sk_NAME_FUNCS_insert(st, val, i) SKM_sk_insert(NAME_FUNCS, (st), (val), (i))
-# define sk_NAME_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(NAME_FUNCS, (st), (cmp))
-# define sk_NAME_FUNCS_dup(st) SKM_sk_dup(NAME_FUNCS, st)
-# define sk_NAME_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(NAME_FUNCS, (st), (free_func))
-# define sk_NAME_FUNCS_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(NAME_FUNCS, (st), (copy_func), (free_func))
-# define sk_NAME_FUNCS_shift(st) SKM_sk_shift(NAME_FUNCS, (st))
-# define sk_NAME_FUNCS_pop(st) SKM_sk_pop(NAME_FUNCS, (st))
-# define sk_NAME_FUNCS_sort(st) SKM_sk_sort(NAME_FUNCS, (st))
-# define sk_NAME_FUNCS_is_sorted(st) SKM_sk_is_sorted(NAME_FUNCS, (st))
-# define sk_OCSP_CERTID_new(cmp) SKM_sk_new(OCSP_CERTID, (cmp))
-# define sk_OCSP_CERTID_new_null() SKM_sk_new_null(OCSP_CERTID)
-# define sk_OCSP_CERTID_free(st) SKM_sk_free(OCSP_CERTID, (st))
-# define sk_OCSP_CERTID_num(st) SKM_sk_num(OCSP_CERTID, (st))
-# define sk_OCSP_CERTID_value(st, i) SKM_sk_value(OCSP_CERTID, (st), (i))
-# define sk_OCSP_CERTID_set(st, i, val) SKM_sk_set(OCSP_CERTID, (st), (i), (val))
-# define sk_OCSP_CERTID_zero(st) SKM_sk_zero(OCSP_CERTID, (st))
-# define sk_OCSP_CERTID_push(st, val) SKM_sk_push(OCSP_CERTID, (st), (val))
-# define sk_OCSP_CERTID_unshift(st, val) SKM_sk_unshift(OCSP_CERTID, (st), (val))
-# define sk_OCSP_CERTID_find(st, val) SKM_sk_find(OCSP_CERTID, (st), (val))
-# define sk_OCSP_CERTID_find_ex(st, val) SKM_sk_find_ex(OCSP_CERTID, (st), (val))
-# define sk_OCSP_CERTID_delete(st, i) SKM_sk_delete(OCSP_CERTID, (st), (i))
-# define sk_OCSP_CERTID_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_CERTID, (st), (ptr))
-# define sk_OCSP_CERTID_insert(st, val, i) SKM_sk_insert(OCSP_CERTID, (st), (val), (i))
-# define sk_OCSP_CERTID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_CERTID, (st), (cmp))
-# define sk_OCSP_CERTID_dup(st) SKM_sk_dup(OCSP_CERTID, st)
-# define sk_OCSP_CERTID_pop_free(st, free_func) SKM_sk_pop_free(OCSP_CERTID, (st), (free_func))
-# define sk_OCSP_CERTID_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(OCSP_CERTID, (st), (copy_func), (free_func))
-# define sk_OCSP_CERTID_shift(st) SKM_sk_shift(OCSP_CERTID, (st))
-# define sk_OCSP_CERTID_pop(st) SKM_sk_pop(OCSP_CERTID, (st))
-# define sk_OCSP_CERTID_sort(st) SKM_sk_sort(OCSP_CERTID, (st))
-# define sk_OCSP_CERTID_is_sorted(st) SKM_sk_is_sorted(OCSP_CERTID, (st))
-# define sk_OCSP_ONEREQ_new(cmp) SKM_sk_new(OCSP_ONEREQ, (cmp))
-# define sk_OCSP_ONEREQ_new_null() SKM_sk_new_null(OCSP_ONEREQ)
-# define sk_OCSP_ONEREQ_free(st) SKM_sk_free(OCSP_ONEREQ, (st))
-# define sk_OCSP_ONEREQ_num(st) SKM_sk_num(OCSP_ONEREQ, (st))
-# define sk_OCSP_ONEREQ_value(st, i) SKM_sk_value(OCSP_ONEREQ, (st), (i))
-# define sk_OCSP_ONEREQ_set(st, i, val) SKM_sk_set(OCSP_ONEREQ, (st), (i), (val))
-# define sk_OCSP_ONEREQ_zero(st) SKM_sk_zero(OCSP_ONEREQ, (st))
-# define sk_OCSP_ONEREQ_push(st, val) SKM_sk_push(OCSP_ONEREQ, (st), (val))
-# define sk_OCSP_ONEREQ_unshift(st, val) SKM_sk_unshift(OCSP_ONEREQ, (st), (val))
-# define sk_OCSP_ONEREQ_find(st, val) SKM_sk_find(OCSP_ONEREQ, (st), (val))
-# define sk_OCSP_ONEREQ_find_ex(st, val) SKM_sk_find_ex(OCSP_ONEREQ, (st), (val))
-# define sk_OCSP_ONEREQ_delete(st, i) SKM_sk_delete(OCSP_ONEREQ, (st), (i))
-# define sk_OCSP_ONEREQ_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_ONEREQ, (st), (ptr))
-# define sk_OCSP_ONEREQ_insert(st, val, i) SKM_sk_insert(OCSP_ONEREQ, (st), (val), (i))
-# define sk_OCSP_ONEREQ_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_ONEREQ, (st), (cmp))
-# define sk_OCSP_ONEREQ_dup(st) SKM_sk_dup(OCSP_ONEREQ, st)
-# define sk_OCSP_ONEREQ_pop_free(st, free_func) SKM_sk_pop_free(OCSP_ONEREQ, (st), (free_func))
-# define sk_OCSP_ONEREQ_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(OCSP_ONEREQ, (st), (copy_func), (free_func))
-# define sk_OCSP_ONEREQ_shift(st) SKM_sk_shift(OCSP_ONEREQ, (st))
-# define sk_OCSP_ONEREQ_pop(st) SKM_sk_pop(OCSP_ONEREQ, (st))
-# define sk_OCSP_ONEREQ_sort(st) SKM_sk_sort(OCSP_ONEREQ, (st))
-# define sk_OCSP_ONEREQ_is_sorted(st) SKM_sk_is_sorted(OCSP_ONEREQ, (st))
-# define sk_OCSP_RESPID_new(cmp) SKM_sk_new(OCSP_RESPID, (cmp))
-# define sk_OCSP_RESPID_new_null() SKM_sk_new_null(OCSP_RESPID)
-# define sk_OCSP_RESPID_free(st) SKM_sk_free(OCSP_RESPID, (st))
-# define sk_OCSP_RESPID_num(st) SKM_sk_num(OCSP_RESPID, (st))
-# define sk_OCSP_RESPID_value(st, i) SKM_sk_value(OCSP_RESPID, (st), (i))
-# define sk_OCSP_RESPID_set(st, i, val) SKM_sk_set(OCSP_RESPID, (st), (i), (val))
-# define sk_OCSP_RESPID_zero(st) SKM_sk_zero(OCSP_RESPID, (st))
-# define sk_OCSP_RESPID_push(st, val) SKM_sk_push(OCSP_RESPID, (st), (val))
-# define sk_OCSP_RESPID_unshift(st, val) SKM_sk_unshift(OCSP_RESPID, (st), (val))
-# define sk_OCSP_RESPID_find(st, val) SKM_sk_find(OCSP_RESPID, (st), (val))
-# define sk_OCSP_RESPID_find_ex(st, val) SKM_sk_find_ex(OCSP_RESPID, (st), (val))
-# define sk_OCSP_RESPID_delete(st, i) SKM_sk_delete(OCSP_RESPID, (st), (i))
-# define sk_OCSP_RESPID_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_RESPID, (st), (ptr))
-# define sk_OCSP_RESPID_insert(st, val, i) SKM_sk_insert(OCSP_RESPID, (st), (val), (i))
-# define sk_OCSP_RESPID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_RESPID, (st), (cmp))
-# define sk_OCSP_RESPID_dup(st) SKM_sk_dup(OCSP_RESPID, st)
-# define sk_OCSP_RESPID_pop_free(st, free_func) SKM_sk_pop_free(OCSP_RESPID, (st), (free_func))
-# define sk_OCSP_RESPID_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(OCSP_RESPID, (st), (copy_func), (free_func))
-# define sk_OCSP_RESPID_shift(st) SKM_sk_shift(OCSP_RESPID, (st))
-# define sk_OCSP_RESPID_pop(st) SKM_sk_pop(OCSP_RESPID, (st))
-# define sk_OCSP_RESPID_sort(st) SKM_sk_sort(OCSP_RESPID, (st))
-# define sk_OCSP_RESPID_is_sorted(st) SKM_sk_is_sorted(OCSP_RESPID, (st))
-# define sk_OCSP_SINGLERESP_new(cmp) SKM_sk_new(OCSP_SINGLERESP, (cmp))
-# define sk_OCSP_SINGLERESP_new_null() SKM_sk_new_null(OCSP_SINGLERESP)
-# define sk_OCSP_SINGLERESP_free(st) SKM_sk_free(OCSP_SINGLERESP, (st))
-# define sk_OCSP_SINGLERESP_num(st) SKM_sk_num(OCSP_SINGLERESP, (st))
-# define sk_OCSP_SINGLERESP_value(st, i) SKM_sk_value(OCSP_SINGLERESP, (st), (i))
-# define sk_OCSP_SINGLERESP_set(st, i, val) SKM_sk_set(OCSP_SINGLERESP, (st), (i), (val))
-# define sk_OCSP_SINGLERESP_zero(st) SKM_sk_zero(OCSP_SINGLERESP, (st))
-# define sk_OCSP_SINGLERESP_push(st, val) SKM_sk_push(OCSP_SINGLERESP, (st), (val))
-# define sk_OCSP_SINGLERESP_unshift(st, val) SKM_sk_unshift(OCSP_SINGLERESP, (st), (val))
-# define sk_OCSP_SINGLERESP_find(st, val) SKM_sk_find(OCSP_SINGLERESP, (st), (val))
-# define sk_OCSP_SINGLERESP_find_ex(st, val) SKM_sk_find_ex(OCSP_SINGLERESP, (st), (val))
-# define sk_OCSP_SINGLERESP_delete(st, i) SKM_sk_delete(OCSP_SINGLERESP, (st), (i))
-# define sk_OCSP_SINGLERESP_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_SINGLERESP, (st), (ptr))
-# define sk_OCSP_SINGLERESP_insert(st, val, i) SKM_sk_insert(OCSP_SINGLERESP, (st), (val), (i))
-# define sk_OCSP_SINGLERESP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_SINGLERESP, (st), (cmp))
-# define sk_OCSP_SINGLERESP_dup(st) SKM_sk_dup(OCSP_SINGLERESP, st)
-# define sk_OCSP_SINGLERESP_pop_free(st, free_func) SKM_sk_pop_free(OCSP_SINGLERESP, (st), (free_func))
-# define sk_OCSP_SINGLERESP_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(OCSP_SINGLERESP, (st), (copy_func), (free_func))
-# define sk_OCSP_SINGLERESP_shift(st) SKM_sk_shift(OCSP_SINGLERESP, (st))
-# define sk_OCSP_SINGLERESP_pop(st) SKM_sk_pop(OCSP_SINGLERESP, (st))
-# define sk_OCSP_SINGLERESP_sort(st) SKM_sk_sort(OCSP_SINGLERESP, (st))
-# define sk_OCSP_SINGLERESP_is_sorted(st) SKM_sk_is_sorted(OCSP_SINGLERESP, (st))
-# define sk_PKCS12_SAFEBAG_new(cmp) SKM_sk_new(PKCS12_SAFEBAG, (cmp))
-# define sk_PKCS12_SAFEBAG_new_null() SKM_sk_new_null(PKCS12_SAFEBAG)
-# define sk_PKCS12_SAFEBAG_free(st) SKM_sk_free(PKCS12_SAFEBAG, (st))
-# define sk_PKCS12_SAFEBAG_num(st) SKM_sk_num(PKCS12_SAFEBAG, (st))
-# define sk_PKCS12_SAFEBAG_value(st, i) SKM_sk_value(PKCS12_SAFEBAG, (st), (i))
-# define sk_PKCS12_SAFEBAG_set(st, i, val) SKM_sk_set(PKCS12_SAFEBAG, (st), (i), (val))
-# define sk_PKCS12_SAFEBAG_zero(st) SKM_sk_zero(PKCS12_SAFEBAG, (st))
-# define sk_PKCS12_SAFEBAG_push(st, val) SKM_sk_push(PKCS12_SAFEBAG, (st), (val))
-# define sk_PKCS12_SAFEBAG_unshift(st, val) SKM_sk_unshift(PKCS12_SAFEBAG, (st), (val))
-# define sk_PKCS12_SAFEBAG_find(st, val) SKM_sk_find(PKCS12_SAFEBAG, (st), (val))
-# define sk_PKCS12_SAFEBAG_find_ex(st, val) SKM_sk_find_ex(PKCS12_SAFEBAG, (st), (val))
-# define sk_PKCS12_SAFEBAG_delete(st, i) SKM_sk_delete(PKCS12_SAFEBAG, (st), (i))
-# define sk_PKCS12_SAFEBAG_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS12_SAFEBAG, (st), (ptr))
-# define sk_PKCS12_SAFEBAG_insert(st, val, i) SKM_sk_insert(PKCS12_SAFEBAG, (st), (val), (i))
-# define sk_PKCS12_SAFEBAG_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS12_SAFEBAG, (st), (cmp))
-# define sk_PKCS12_SAFEBAG_dup(st) SKM_sk_dup(PKCS12_SAFEBAG, st)
-# define sk_PKCS12_SAFEBAG_pop_free(st, free_func) SKM_sk_pop_free(PKCS12_SAFEBAG, (st), (free_func))
-# define sk_PKCS12_SAFEBAG_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(PKCS12_SAFEBAG, (st), (copy_func), (free_func))
-# define sk_PKCS12_SAFEBAG_shift(st) SKM_sk_shift(PKCS12_SAFEBAG, (st))
-# define sk_PKCS12_SAFEBAG_pop(st) SKM_sk_pop(PKCS12_SAFEBAG, (st))
-# define sk_PKCS12_SAFEBAG_sort(st) SKM_sk_sort(PKCS12_SAFEBAG, (st))
-# define sk_PKCS12_SAFEBAG_is_sorted(st) SKM_sk_is_sorted(PKCS12_SAFEBAG, (st))
-# define sk_PKCS7_new(cmp) SKM_sk_new(PKCS7, (cmp))
-# define sk_PKCS7_new_null() SKM_sk_new_null(PKCS7)
-# define sk_PKCS7_free(st) SKM_sk_free(PKCS7, (st))
-# define sk_PKCS7_num(st) SKM_sk_num(PKCS7, (st))
-# define sk_PKCS7_value(st, i) SKM_sk_value(PKCS7, (st), (i))
-# define sk_PKCS7_set(st, i, val) SKM_sk_set(PKCS7, (st), (i), (val))
-# define sk_PKCS7_zero(st) SKM_sk_zero(PKCS7, (st))
-# define sk_PKCS7_push(st, val) SKM_sk_push(PKCS7, (st), (val))
-# define sk_PKCS7_unshift(st, val) SKM_sk_unshift(PKCS7, (st), (val))
-# define sk_PKCS7_find(st, val) SKM_sk_find(PKCS7, (st), (val))
-# define sk_PKCS7_find_ex(st, val) SKM_sk_find_ex(PKCS7, (st), (val))
-# define sk_PKCS7_delete(st, i) SKM_sk_delete(PKCS7, (st), (i))
-# define sk_PKCS7_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7, (st), (ptr))
-# define sk_PKCS7_insert(st, val, i) SKM_sk_insert(PKCS7, (st), (val), (i))
-# define sk_PKCS7_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7, (st), (cmp))
-# define sk_PKCS7_dup(st) SKM_sk_dup(PKCS7, st)
-# define sk_PKCS7_pop_free(st, free_func) SKM_sk_pop_free(PKCS7, (st), (free_func))
-# define sk_PKCS7_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(PKCS7, (st), (copy_func), (free_func))
-# define sk_PKCS7_shift(st) SKM_sk_shift(PKCS7, (st))
-# define sk_PKCS7_pop(st) SKM_sk_pop(PKCS7, (st))
-# define sk_PKCS7_sort(st) SKM_sk_sort(PKCS7, (st))
-# define sk_PKCS7_is_sorted(st) SKM_sk_is_sorted(PKCS7, (st))
-# define sk_PKCS7_RECIP_INFO_new(cmp) SKM_sk_new(PKCS7_RECIP_INFO, (cmp))
-# define sk_PKCS7_RECIP_INFO_new_null() SKM_sk_new_null(PKCS7_RECIP_INFO)
-# define sk_PKCS7_RECIP_INFO_free(st) SKM_sk_free(PKCS7_RECIP_INFO, (st))
-# define sk_PKCS7_RECIP_INFO_num(st) SKM_sk_num(PKCS7_RECIP_INFO, (st))
-# define sk_PKCS7_RECIP_INFO_value(st, i) SKM_sk_value(PKCS7_RECIP_INFO, (st), (i))
-# define sk_PKCS7_RECIP_INFO_set(st, i, val) SKM_sk_set(PKCS7_RECIP_INFO, (st), (i), (val))
-# define sk_PKCS7_RECIP_INFO_zero(st) SKM_sk_zero(PKCS7_RECIP_INFO, (st))
-# define sk_PKCS7_RECIP_INFO_push(st, val) SKM_sk_push(PKCS7_RECIP_INFO, (st), (val))
-# define sk_PKCS7_RECIP_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_RECIP_INFO, (st), (val))
-# define sk_PKCS7_RECIP_INFO_find(st, val) SKM_sk_find(PKCS7_RECIP_INFO, (st), (val))
-# define sk_PKCS7_RECIP_INFO_find_ex(st, val) SKM_sk_find_ex(PKCS7_RECIP_INFO, (st), (val))
-# define sk_PKCS7_RECIP_INFO_delete(st, i) SKM_sk_delete(PKCS7_RECIP_INFO, (st), (i))
-# define sk_PKCS7_RECIP_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_RECIP_INFO, (st), (ptr))
-# define sk_PKCS7_RECIP_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_RECIP_INFO, (st), (val), (i))
-# define sk_PKCS7_RECIP_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7_RECIP_INFO, (st), (cmp))
-# define sk_PKCS7_RECIP_INFO_dup(st) SKM_sk_dup(PKCS7_RECIP_INFO, st)
-# define sk_PKCS7_RECIP_INFO_pop_free(st, free_func) SKM_sk_pop_free(PKCS7_RECIP_INFO, (st), (free_func))
-# define sk_PKCS7_RECIP_INFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(PKCS7_RECIP_INFO, (st), (copy_func), (free_func))
-# define sk_PKCS7_RECIP_INFO_shift(st) SKM_sk_shift(PKCS7_RECIP_INFO, (st))
-# define sk_PKCS7_RECIP_INFO_pop(st) SKM_sk_pop(PKCS7_RECIP_INFO, (st))
-# define sk_PKCS7_RECIP_INFO_sort(st) SKM_sk_sort(PKCS7_RECIP_INFO, (st))
-# define sk_PKCS7_RECIP_INFO_is_sorted(st) SKM_sk_is_sorted(PKCS7_RECIP_INFO, (st))
-# define sk_PKCS7_SIGNER_INFO_new(cmp) SKM_sk_new(PKCS7_SIGNER_INFO, (cmp))
-# define sk_PKCS7_SIGNER_INFO_new_null() SKM_sk_new_null(PKCS7_SIGNER_INFO)
-# define sk_PKCS7_SIGNER_INFO_free(st) SKM_sk_free(PKCS7_SIGNER_INFO, (st))
-# define sk_PKCS7_SIGNER_INFO_num(st) SKM_sk_num(PKCS7_SIGNER_INFO, (st))
-# define sk_PKCS7_SIGNER_INFO_value(st, i) SKM_sk_value(PKCS7_SIGNER_INFO, (st), (i))
-# define sk_PKCS7_SIGNER_INFO_set(st, i, val) SKM_sk_set(PKCS7_SIGNER_INFO, (st), (i), (val))
-# define sk_PKCS7_SIGNER_INFO_zero(st) SKM_sk_zero(PKCS7_SIGNER_INFO, (st))
-# define sk_PKCS7_SIGNER_INFO_push(st, val) SKM_sk_push(PKCS7_SIGNER_INFO, (st), (val))
-# define sk_PKCS7_SIGNER_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_SIGNER_INFO, (st), (val))
-# define sk_PKCS7_SIGNER_INFO_find(st, val) SKM_sk_find(PKCS7_SIGNER_INFO, (st), (val))
-# define sk_PKCS7_SIGNER_INFO_find_ex(st, val) SKM_sk_find_ex(PKCS7_SIGNER_INFO, (st), (val))
-# define sk_PKCS7_SIGNER_INFO_delete(st, i) SKM_sk_delete(PKCS7_SIGNER_INFO, (st), (i))
-# define sk_PKCS7_SIGNER_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_SIGNER_INFO, (st), (ptr))
-# define sk_PKCS7_SIGNER_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_SIGNER_INFO, (st), (val), (i))
-# define sk_PKCS7_SIGNER_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7_SIGNER_INFO, (st), (cmp))
-# define sk_PKCS7_SIGNER_INFO_dup(st) SKM_sk_dup(PKCS7_SIGNER_INFO, st)
-# define sk_PKCS7_SIGNER_INFO_pop_free(st, free_func) SKM_sk_pop_free(PKCS7_SIGNER_INFO, (st), (free_func))
-# define sk_PKCS7_SIGNER_INFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(PKCS7_SIGNER_INFO, (st), (copy_func), (free_func))
-# define sk_PKCS7_SIGNER_INFO_shift(st) SKM_sk_shift(PKCS7_SIGNER_INFO, (st))
-# define sk_PKCS7_SIGNER_INFO_pop(st) SKM_sk_pop(PKCS7_SIGNER_INFO, (st))
-# define sk_PKCS7_SIGNER_INFO_sort(st) SKM_sk_sort(PKCS7_SIGNER_INFO, (st))
-# define sk_PKCS7_SIGNER_INFO_is_sorted(st) SKM_sk_is_sorted(PKCS7_SIGNER_INFO, (st))
-# define sk_POLICYINFO_new(cmp) SKM_sk_new(POLICYINFO, (cmp))
-# define sk_POLICYINFO_new_null() SKM_sk_new_null(POLICYINFO)
-# define sk_POLICYINFO_free(st) SKM_sk_free(POLICYINFO, (st))
-# define sk_POLICYINFO_num(st) SKM_sk_num(POLICYINFO, (st))
-# define sk_POLICYINFO_value(st, i) SKM_sk_value(POLICYINFO, (st), (i))
-# define sk_POLICYINFO_set(st, i, val) SKM_sk_set(POLICYINFO, (st), (i), (val))
-# define sk_POLICYINFO_zero(st) SKM_sk_zero(POLICYINFO, (st))
-# define sk_POLICYINFO_push(st, val) SKM_sk_push(POLICYINFO, (st), (val))
-# define sk_POLICYINFO_unshift(st, val) SKM_sk_unshift(POLICYINFO, (st), (val))
-# define sk_POLICYINFO_find(st, val) SKM_sk_find(POLICYINFO, (st), (val))
-# define sk_POLICYINFO_find_ex(st, val) SKM_sk_find_ex(POLICYINFO, (st), (val))
-# define sk_POLICYINFO_delete(st, i) SKM_sk_delete(POLICYINFO, (st), (i))
-# define sk_POLICYINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYINFO, (st), (ptr))
-# define sk_POLICYINFO_insert(st, val, i) SKM_sk_insert(POLICYINFO, (st), (val), (i))
-# define sk_POLICYINFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICYINFO, (st), (cmp))
-# define sk_POLICYINFO_dup(st) SKM_sk_dup(POLICYINFO, st)
-# define sk_POLICYINFO_pop_free(st, free_func) SKM_sk_pop_free(POLICYINFO, (st), (free_func))
-# define sk_POLICYINFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(POLICYINFO, (st), (copy_func), (free_func))
-# define sk_POLICYINFO_shift(st) SKM_sk_shift(POLICYINFO, (st))
-# define sk_POLICYINFO_pop(st) SKM_sk_pop(POLICYINFO, (st))
-# define sk_POLICYINFO_sort(st) SKM_sk_sort(POLICYINFO, (st))
-# define sk_POLICYINFO_is_sorted(st) SKM_sk_is_sorted(POLICYINFO, (st))
-# define sk_POLICYQUALINFO_new(cmp) SKM_sk_new(POLICYQUALINFO, (cmp))
-# define sk_POLICYQUALINFO_new_null() SKM_sk_new_null(POLICYQUALINFO)
-# define sk_POLICYQUALINFO_free(st) SKM_sk_free(POLICYQUALINFO, (st))
-# define sk_POLICYQUALINFO_num(st) SKM_sk_num(POLICYQUALINFO, (st))
-# define sk_POLICYQUALINFO_value(st, i) SKM_sk_value(POLICYQUALINFO, (st), (i))
-# define sk_POLICYQUALINFO_set(st, i, val) SKM_sk_set(POLICYQUALINFO, (st), (i), (val))
-# define sk_POLICYQUALINFO_zero(st) SKM_sk_zero(POLICYQUALINFO, (st))
-# define sk_POLICYQUALINFO_push(st, val) SKM_sk_push(POLICYQUALINFO, (st), (val))
-# define sk_POLICYQUALINFO_unshift(st, val) SKM_sk_unshift(POLICYQUALINFO, (st), (val))
-# define sk_POLICYQUALINFO_find(st, val) SKM_sk_find(POLICYQUALINFO, (st), (val))
-# define sk_POLICYQUALINFO_find_ex(st, val) SKM_sk_find_ex(POLICYQUALINFO, (st), (val))
-# define sk_POLICYQUALINFO_delete(st, i) SKM_sk_delete(POLICYQUALINFO, (st), (i))
-# define sk_POLICYQUALINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYQUALINFO, (st), (ptr))
-# define sk_POLICYQUALINFO_insert(st, val, i) SKM_sk_insert(POLICYQUALINFO, (st), (val), (i))
-# define sk_POLICYQUALINFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICYQUALINFO, (st), (cmp))
-# define sk_POLICYQUALINFO_dup(st) SKM_sk_dup(POLICYQUALINFO, st)
-# define sk_POLICYQUALINFO_pop_free(st, free_func) SKM_sk_pop_free(POLICYQUALINFO, (st), (free_func))
-# define sk_POLICYQUALINFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(POLICYQUALINFO, (st), (copy_func), (free_func))
-# define sk_POLICYQUALINFO_shift(st) SKM_sk_shift(POLICYQUALINFO, (st))
-# define sk_POLICYQUALINFO_pop(st) SKM_sk_pop(POLICYQUALINFO, (st))
-# define sk_POLICYQUALINFO_sort(st) SKM_sk_sort(POLICYQUALINFO, (st))
-# define sk_POLICYQUALINFO_is_sorted(st) SKM_sk_is_sorted(POLICYQUALINFO, (st))
-# define sk_POLICY_MAPPING_new(cmp) SKM_sk_new(POLICY_MAPPING, (cmp))
-# define sk_POLICY_MAPPING_new_null() SKM_sk_new_null(POLICY_MAPPING)
-# define sk_POLICY_MAPPING_free(st) SKM_sk_free(POLICY_MAPPING, (st))
-# define sk_POLICY_MAPPING_num(st) SKM_sk_num(POLICY_MAPPING, (st))
-# define sk_POLICY_MAPPING_value(st, i) SKM_sk_value(POLICY_MAPPING, (st), (i))
-# define sk_POLICY_MAPPING_set(st, i, val) SKM_sk_set(POLICY_MAPPING, (st), (i), (val))
-# define sk_POLICY_MAPPING_zero(st) SKM_sk_zero(POLICY_MAPPING, (st))
-# define sk_POLICY_MAPPING_push(st, val) SKM_sk_push(POLICY_MAPPING, (st), (val))
-# define sk_POLICY_MAPPING_unshift(st, val) SKM_sk_unshift(POLICY_MAPPING, (st), (val))
-# define sk_POLICY_MAPPING_find(st, val) SKM_sk_find(POLICY_MAPPING, (st), (val))
-# define sk_POLICY_MAPPING_find_ex(st, val) SKM_sk_find_ex(POLICY_MAPPING, (st), (val))
-# define sk_POLICY_MAPPING_delete(st, i) SKM_sk_delete(POLICY_MAPPING, (st), (i))
-# define sk_POLICY_MAPPING_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICY_MAPPING, (st), (ptr))
-# define sk_POLICY_MAPPING_insert(st, val, i) SKM_sk_insert(POLICY_MAPPING, (st), (val), (i))
-# define sk_POLICY_MAPPING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICY_MAPPING, (st), (cmp))
-# define sk_POLICY_MAPPING_dup(st) SKM_sk_dup(POLICY_MAPPING, st)
-# define sk_POLICY_MAPPING_pop_free(st, free_func) SKM_sk_pop_free(POLICY_MAPPING, (st), (free_func))
-# define sk_POLICY_MAPPING_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(POLICY_MAPPING, (st), (copy_func), (free_func))
-# define sk_POLICY_MAPPING_shift(st) SKM_sk_shift(POLICY_MAPPING, (st))
-# define sk_POLICY_MAPPING_pop(st) SKM_sk_pop(POLICY_MAPPING, (st))
-# define sk_POLICY_MAPPING_sort(st) SKM_sk_sort(POLICY_MAPPING, (st))
-# define sk_POLICY_MAPPING_is_sorted(st) SKM_sk_is_sorted(POLICY_MAPPING, (st))
-# define sk_SCT_new(cmp) SKM_sk_new(SCT, (cmp))
-# define sk_SCT_new_null() SKM_sk_new_null(SCT)
-# define sk_SCT_free(st) SKM_sk_free(SCT, (st))
-# define sk_SCT_num(st) SKM_sk_num(SCT, (st))
-# define sk_SCT_value(st, i) SKM_sk_value(SCT, (st), (i))
-# define sk_SCT_set(st, i, val) SKM_sk_set(SCT, (st), (i), (val))
-# define sk_SCT_zero(st) SKM_sk_zero(SCT, (st))
-# define sk_SCT_push(st, val) SKM_sk_push(SCT, (st), (val))
-# define sk_SCT_unshift(st, val) SKM_sk_unshift(SCT, (st), (val))
-# define sk_SCT_find(st, val) SKM_sk_find(SCT, (st), (val))
-# define sk_SCT_find_ex(st, val) SKM_sk_find_ex(SCT, (st), (val))
-# define sk_SCT_delete(st, i) SKM_sk_delete(SCT, (st), (i))
-# define sk_SCT_delete_ptr(st, ptr) SKM_sk_delete_ptr(SCT, (st), (ptr))
-# define sk_SCT_insert(st, val, i) SKM_sk_insert(SCT, (st), (val), (i))
-# define sk_SCT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SCT, (st), (cmp))
-# define sk_SCT_dup(st) SKM_sk_dup(SCT, st)
-# define sk_SCT_pop_free(st, free_func) SKM_sk_pop_free(SCT, (st), (free_func))
-# define sk_SCT_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SCT, (st), (copy_func), (free_func))
-# define sk_SCT_shift(st) SKM_sk_shift(SCT, (st))
-# define sk_SCT_pop(st) SKM_sk_pop(SCT, (st))
-# define sk_SCT_sort(st) SKM_sk_sort(SCT, (st))
-# define sk_SCT_is_sorted(st) SKM_sk_is_sorted(SCT, (st))
-# define sk_SRP_gN_new(cmp) SKM_sk_new(SRP_gN, (cmp))
-# define sk_SRP_gN_new_null() SKM_sk_new_null(SRP_gN)
-# define sk_SRP_gN_free(st) SKM_sk_free(SRP_gN, (st))
-# define sk_SRP_gN_num(st) SKM_sk_num(SRP_gN, (st))
-# define sk_SRP_gN_value(st, i) SKM_sk_value(SRP_gN, (st), (i))
-# define sk_SRP_gN_set(st, i, val) SKM_sk_set(SRP_gN, (st), (i), (val))
-# define sk_SRP_gN_zero(st) SKM_sk_zero(SRP_gN, (st))
-# define sk_SRP_gN_push(st, val) SKM_sk_push(SRP_gN, (st), (val))
-# define sk_SRP_gN_unshift(st, val) SKM_sk_unshift(SRP_gN, (st), (val))
-# define sk_SRP_gN_find(st, val) SKM_sk_find(SRP_gN, (st), (val))
-# define sk_SRP_gN_find_ex(st, val) SKM_sk_find_ex(SRP_gN, (st), (val))
-# define sk_SRP_gN_delete(st, i) SKM_sk_delete(SRP_gN, (st), (i))
-# define sk_SRP_gN_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_gN, (st), (ptr))
-# define sk_SRP_gN_insert(st, val, i) SKM_sk_insert(SRP_gN, (st), (val), (i))
-# define sk_SRP_gN_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_gN, (st), (cmp))
-# define sk_SRP_gN_dup(st) SKM_sk_dup(SRP_gN, st)
-# define sk_SRP_gN_pop_free(st, free_func) SKM_sk_pop_free(SRP_gN, (st), (free_func))
-# define sk_SRP_gN_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SRP_gN, (st), (copy_func), (free_func))
-# define sk_SRP_gN_shift(st) SKM_sk_shift(SRP_gN, (st))
-# define sk_SRP_gN_pop(st) SKM_sk_pop(SRP_gN, (st))
-# define sk_SRP_gN_sort(st) SKM_sk_sort(SRP_gN, (st))
-# define sk_SRP_gN_is_sorted(st) SKM_sk_is_sorted(SRP_gN, (st))
-# define sk_SRP_gN_cache_new(cmp) SKM_sk_new(SRP_gN_cache, (cmp))
-# define sk_SRP_gN_cache_new_null() SKM_sk_new_null(SRP_gN_cache)
-# define sk_SRP_gN_cache_free(st) SKM_sk_free(SRP_gN_cache, (st))
-# define sk_SRP_gN_cache_num(st) SKM_sk_num(SRP_gN_cache, (st))
-# define sk_SRP_gN_cache_value(st, i) SKM_sk_value(SRP_gN_cache, (st), (i))
-# define sk_SRP_gN_cache_set(st, i, val) SKM_sk_set(SRP_gN_cache, (st), (i), (val))
-# define sk_SRP_gN_cache_zero(st) SKM_sk_zero(SRP_gN_cache, (st))
-# define sk_SRP_gN_cache_push(st, val) SKM_sk_push(SRP_gN_cache, (st), (val))
-# define sk_SRP_gN_cache_unshift(st, val) SKM_sk_unshift(SRP_gN_cache, (st), (val))
-# define sk_SRP_gN_cache_find(st, val) SKM_sk_find(SRP_gN_cache, (st), (val))
-# define sk_SRP_gN_cache_find_ex(st, val) SKM_sk_find_ex(SRP_gN_cache, (st), (val))
-# define sk_SRP_gN_cache_delete(st, i) SKM_sk_delete(SRP_gN_cache, (st), (i))
-# define sk_SRP_gN_cache_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_gN_cache, (st), (ptr))
-# define sk_SRP_gN_cache_insert(st, val, i) SKM_sk_insert(SRP_gN_cache, (st), (val), (i))
-# define sk_SRP_gN_cache_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_gN_cache, (st), (cmp))
-# define sk_SRP_gN_cache_dup(st) SKM_sk_dup(SRP_gN_cache, st)
-# define sk_SRP_gN_cache_pop_free(st, free_func) SKM_sk_pop_free(SRP_gN_cache, (st), (free_func))
-# define sk_SRP_gN_cache_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SRP_gN_cache, (st), (copy_func), (free_func))
-# define sk_SRP_gN_cache_shift(st) SKM_sk_shift(SRP_gN_cache, (st))
-# define sk_SRP_gN_cache_pop(st) SKM_sk_pop(SRP_gN_cache, (st))
-# define sk_SRP_gN_cache_sort(st) SKM_sk_sort(SRP_gN_cache, (st))
-# define sk_SRP_gN_cache_is_sorted(st) SKM_sk_is_sorted(SRP_gN_cache, (st))
-# define sk_SRP_user_pwd_new(cmp) SKM_sk_new(SRP_user_pwd, (cmp))
-# define sk_SRP_user_pwd_new_null() SKM_sk_new_null(SRP_user_pwd)
-# define sk_SRP_user_pwd_free(st) SKM_sk_free(SRP_user_pwd, (st))
-# define sk_SRP_user_pwd_num(st) SKM_sk_num(SRP_user_pwd, (st))
-# define sk_SRP_user_pwd_value(st, i) SKM_sk_value(SRP_user_pwd, (st), (i))
-# define sk_SRP_user_pwd_set(st, i, val) SKM_sk_set(SRP_user_pwd, (st), (i), (val))
-# define sk_SRP_user_pwd_zero(st) SKM_sk_zero(SRP_user_pwd, (st))
-# define sk_SRP_user_pwd_push(st, val) SKM_sk_push(SRP_user_pwd, (st), (val))
-# define sk_SRP_user_pwd_unshift(st, val) SKM_sk_unshift(SRP_user_pwd, (st), (val))
-# define sk_SRP_user_pwd_find(st, val) SKM_sk_find(SRP_user_pwd, (st), (val))
-# define sk_SRP_user_pwd_find_ex(st, val) SKM_sk_find_ex(SRP_user_pwd, (st), (val))
-# define sk_SRP_user_pwd_delete(st, i) SKM_sk_delete(SRP_user_pwd, (st), (i))
-# define sk_SRP_user_pwd_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_user_pwd, (st), (ptr))
-# define sk_SRP_user_pwd_insert(st, val, i) SKM_sk_insert(SRP_user_pwd, (st), (val), (i))
-# define sk_SRP_user_pwd_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_user_pwd, (st), (cmp))
-# define sk_SRP_user_pwd_dup(st) SKM_sk_dup(SRP_user_pwd, st)
-# define sk_SRP_user_pwd_pop_free(st, free_func) SKM_sk_pop_free(SRP_user_pwd, (st), (free_func))
-# define sk_SRP_user_pwd_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SRP_user_pwd, (st), (copy_func), (free_func))
-# define sk_SRP_user_pwd_shift(st) SKM_sk_shift(SRP_user_pwd, (st))
-# define sk_SRP_user_pwd_pop(st) SKM_sk_pop(SRP_user_pwd, (st))
-# define sk_SRP_user_pwd_sort(st) SKM_sk_sort(SRP_user_pwd, (st))
-# define sk_SRP_user_pwd_is_sorted(st) SKM_sk_is_sorted(SRP_user_pwd, (st))
-# define sk_SRTP_PROTECTION_PROFILE_new(cmp) SKM_sk_new(SRTP_PROTECTION_PROFILE, (cmp))
-# define sk_SRTP_PROTECTION_PROFILE_new_null() SKM_sk_new_null(SRTP_PROTECTION_PROFILE)
-# define sk_SRTP_PROTECTION_PROFILE_free(st) SKM_sk_free(SRTP_PROTECTION_PROFILE, (st))
-# define sk_SRTP_PROTECTION_PROFILE_num(st) SKM_sk_num(SRTP_PROTECTION_PROFILE, (st))
-# define sk_SRTP_PROTECTION_PROFILE_value(st, i) SKM_sk_value(SRTP_PROTECTION_PROFILE, (st), (i))
-# define sk_SRTP_PROTECTION_PROFILE_set(st, i, val) SKM_sk_set(SRTP_PROTECTION_PROFILE, (st), (i), (val))
-# define sk_SRTP_PROTECTION_PROFILE_zero(st) SKM_sk_zero(SRTP_PROTECTION_PROFILE, (st))
-# define sk_SRTP_PROTECTION_PROFILE_push(st, val) SKM_sk_push(SRTP_PROTECTION_PROFILE, (st), (val))
-# define sk_SRTP_PROTECTION_PROFILE_unshift(st, val) SKM_sk_unshift(SRTP_PROTECTION_PROFILE, (st), (val))
-# define sk_SRTP_PROTECTION_PROFILE_find(st, val) SKM_sk_find(SRTP_PROTECTION_PROFILE, (st), (val))
-# define sk_SRTP_PROTECTION_PROFILE_find_ex(st, val) SKM_sk_find_ex(SRTP_PROTECTION_PROFILE, (st), (val))
-# define sk_SRTP_PROTECTION_PROFILE_delete(st, i) SKM_sk_delete(SRTP_PROTECTION_PROFILE, (st), (i))
-# define sk_SRTP_PROTECTION_PROFILE_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRTP_PROTECTION_PROFILE, (st), (ptr))
-# define sk_SRTP_PROTECTION_PROFILE_insert(st, val, i) SKM_sk_insert(SRTP_PROTECTION_PROFILE, (st), (val), (i))
-# define sk_SRTP_PROTECTION_PROFILE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRTP_PROTECTION_PROFILE, (st), (cmp))
-# define sk_SRTP_PROTECTION_PROFILE_dup(st) SKM_sk_dup(SRTP_PROTECTION_PROFILE, st)
-# define sk_SRTP_PROTECTION_PROFILE_pop_free(st, free_func) SKM_sk_pop_free(SRTP_PROTECTION_PROFILE, (st), (free_func))
-# define sk_SRTP_PROTECTION_PROFILE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SRTP_PROTECTION_PROFILE, (st), (copy_func), (free_func))
-# define sk_SRTP_PROTECTION_PROFILE_shift(st) SKM_sk_shift(SRTP_PROTECTION_PROFILE, (st))
-# define sk_SRTP_PROTECTION_PROFILE_pop(st) SKM_sk_pop(SRTP_PROTECTION_PROFILE, (st))
-# define sk_SRTP_PROTECTION_PROFILE_sort(st) SKM_sk_sort(SRTP_PROTECTION_PROFILE, (st))
-# define sk_SRTP_PROTECTION_PROFILE_is_sorted(st) SKM_sk_is_sorted(SRTP_PROTECTION_PROFILE, (st))
-# define sk_SSL_CIPHER_new(cmp) SKM_sk_new(SSL_CIPHER, (cmp))
-# define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER)
-# define sk_SSL_CIPHER_free(st) SKM_sk_free(SSL_CIPHER, (st))
-# define sk_SSL_CIPHER_num(st) SKM_sk_num(SSL_CIPHER, (st))
-# define sk_SSL_CIPHER_value(st, i) SKM_sk_value(SSL_CIPHER, (st), (i))
-# define sk_SSL_CIPHER_set(st, i, val) SKM_sk_set(SSL_CIPHER, (st), (i), (val))
-# define sk_SSL_CIPHER_zero(st) SKM_sk_zero(SSL_CIPHER, (st))
-# define sk_SSL_CIPHER_push(st, val) SKM_sk_push(SSL_CIPHER, (st), (val))
-# define sk_SSL_CIPHER_unshift(st, val) SKM_sk_unshift(SSL_CIPHER, (st), (val))
-# define sk_SSL_CIPHER_find(st, val) SKM_sk_find(SSL_CIPHER, (st), (val))
-# define sk_SSL_CIPHER_find_ex(st, val) SKM_sk_find_ex(SSL_CIPHER, (st), (val))
-# define sk_SSL_CIPHER_delete(st, i) SKM_sk_delete(SSL_CIPHER, (st), (i))
-# define sk_SSL_CIPHER_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_CIPHER, (st), (ptr))
-# define sk_SSL_CIPHER_insert(st, val, i) SKM_sk_insert(SSL_CIPHER, (st), (val), (i))
-# define sk_SSL_CIPHER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SSL_CIPHER, (st), (cmp))
-# define sk_SSL_CIPHER_dup(st) SKM_sk_dup(SSL_CIPHER, st)
-# define sk_SSL_CIPHER_pop_free(st, free_func) SKM_sk_pop_free(SSL_CIPHER, (st), (free_func))
-# define sk_SSL_CIPHER_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SSL_CIPHER, (st), (copy_func), (free_func))
-# define sk_SSL_CIPHER_shift(st) SKM_sk_shift(SSL_CIPHER, (st))
-# define sk_SSL_CIPHER_pop(st) SKM_sk_pop(SSL_CIPHER, (st))
-# define sk_SSL_CIPHER_sort(st) SKM_sk_sort(SSL_CIPHER, (st))
-# define sk_SSL_CIPHER_is_sorted(st) SKM_sk_is_sorted(SSL_CIPHER, (st))
-# define sk_SSL_COMP_new(cmp) SKM_sk_new(SSL_COMP, (cmp))
-# define sk_SSL_COMP_new_null() SKM_sk_new_null(SSL_COMP)
-# define sk_SSL_COMP_free(st) SKM_sk_free(SSL_COMP, (st))
-# define sk_SSL_COMP_num(st) SKM_sk_num(SSL_COMP, (st))
-# define sk_SSL_COMP_value(st, i) SKM_sk_value(SSL_COMP, (st), (i))
-# define sk_SSL_COMP_set(st, i, val) SKM_sk_set(SSL_COMP, (st), (i), (val))
-# define sk_SSL_COMP_zero(st) SKM_sk_zero(SSL_COMP, (st))
-# define sk_SSL_COMP_push(st, val) SKM_sk_push(SSL_COMP, (st), (val))
-# define sk_SSL_COMP_unshift(st, val) SKM_sk_unshift(SSL_COMP, (st), (val))
-# define sk_SSL_COMP_find(st, val) SKM_sk_find(SSL_COMP, (st), (val))
-# define sk_SSL_COMP_find_ex(st, val) SKM_sk_find_ex(SSL_COMP, (st), (val))
-# define sk_SSL_COMP_delete(st, i) SKM_sk_delete(SSL_COMP, (st), (i))
-# define sk_SSL_COMP_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_COMP, (st), (ptr))
-# define sk_SSL_COMP_insert(st, val, i) SKM_sk_insert(SSL_COMP, (st), (val), (i))
-# define sk_SSL_COMP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SSL_COMP, (st), (cmp))
-# define sk_SSL_COMP_dup(st) SKM_sk_dup(SSL_COMP, st)
-# define sk_SSL_COMP_pop_free(st, free_func) SKM_sk_pop_free(SSL_COMP, (st), (free_func))
-# define sk_SSL_COMP_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SSL_COMP, (st), (copy_func), (free_func))
-# define sk_SSL_COMP_shift(st) SKM_sk_shift(SSL_COMP, (st))
-# define sk_SSL_COMP_pop(st) SKM_sk_pop(SSL_COMP, (st))
-# define sk_SSL_COMP_sort(st) SKM_sk_sort(SSL_COMP, (st))
-# define sk_SSL_COMP_is_sorted(st) SKM_sk_is_sorted(SSL_COMP, (st))
-# define sk_STACK_OF_X509_NAME_ENTRY_new(cmp) SKM_sk_new(STACK_OF_X509_NAME_ENTRY, (cmp))
-# define sk_STACK_OF_X509_NAME_ENTRY_new_null() SKM_sk_new_null(STACK_OF_X509_NAME_ENTRY)
-# define sk_STACK_OF_X509_NAME_ENTRY_free(st) SKM_sk_free(STACK_OF_X509_NAME_ENTRY, (st))
-# define sk_STACK_OF_X509_NAME_ENTRY_num(st) SKM_sk_num(STACK_OF_X509_NAME_ENTRY, (st))
-# define sk_STACK_OF_X509_NAME_ENTRY_value(st, i) SKM_sk_value(STACK_OF_X509_NAME_ENTRY, (st), (i))
-# define sk_STACK_OF_X509_NAME_ENTRY_set(st, i, val) SKM_sk_set(STACK_OF_X509_NAME_ENTRY, (st), (i), (val))
-# define sk_STACK_OF_X509_NAME_ENTRY_zero(st) SKM_sk_zero(STACK_OF_X509_NAME_ENTRY, (st))
-# define sk_STACK_OF_X509_NAME_ENTRY_push(st, val) SKM_sk_push(STACK_OF_X509_NAME_ENTRY, (st), (val))
-# define sk_STACK_OF_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(STACK_OF_X509_NAME_ENTRY, (st), (val))
-# define sk_STACK_OF_X509_NAME_ENTRY_find(st, val) SKM_sk_find(STACK_OF_X509_NAME_ENTRY, (st), (val))
-# define sk_STACK_OF_X509_NAME_ENTRY_find_ex(st, val) SKM_sk_find_ex(STACK_OF_X509_NAME_ENTRY, (st), (val))
-# define sk_STACK_OF_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(STACK_OF_X509_NAME_ENTRY, (st), (i))
-# define sk_STACK_OF_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(STACK_OF_X509_NAME_ENTRY, (st), (ptr))
-# define sk_STACK_OF_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(STACK_OF_X509_NAME_ENTRY, (st), (val), (i))
-# define sk_STACK_OF_X509_NAME_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STACK_OF_X509_NAME_ENTRY, (st), (cmp))
-# define sk_STACK_OF_X509_NAME_ENTRY_dup(st) SKM_sk_dup(STACK_OF_X509_NAME_ENTRY, st)
-# define sk_STACK_OF_X509_NAME_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(STACK_OF_X509_NAME_ENTRY, (st), (free_func))
-# define sk_STACK_OF_X509_NAME_ENTRY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(STACK_OF_X509_NAME_ENTRY, (st), (copy_func), (free_func))
-# define sk_STACK_OF_X509_NAME_ENTRY_shift(st) SKM_sk_shift(STACK_OF_X509_NAME_ENTRY, (st))
-# define sk_STACK_OF_X509_NAME_ENTRY_pop(st) SKM_sk_pop(STACK_OF_X509_NAME_ENTRY, (st))
-# define sk_STACK_OF_X509_NAME_ENTRY_sort(st) SKM_sk_sort(STACK_OF_X509_NAME_ENTRY, (st))
-# define sk_STACK_OF_X509_NAME_ENTRY_is_sorted(st) SKM_sk_is_sorted(STACK_OF_X509_NAME_ENTRY, (st))
-# define sk_STORE_ATTR_INFO_new(cmp) SKM_sk_new(STORE_ATTR_INFO, (cmp))
-# define sk_STORE_ATTR_INFO_new_null() SKM_sk_new_null(STORE_ATTR_INFO)
-# define sk_STORE_ATTR_INFO_free(st) SKM_sk_free(STORE_ATTR_INFO, (st))
-# define sk_STORE_ATTR_INFO_num(st) SKM_sk_num(STORE_ATTR_INFO, (st))
-# define sk_STORE_ATTR_INFO_value(st, i) SKM_sk_value(STORE_ATTR_INFO, (st), (i))
-# define sk_STORE_ATTR_INFO_set(st, i, val) SKM_sk_set(STORE_ATTR_INFO, (st), (i), (val))
-# define sk_STORE_ATTR_INFO_zero(st) SKM_sk_zero(STORE_ATTR_INFO, (st))
-# define sk_STORE_ATTR_INFO_push(st, val) SKM_sk_push(STORE_ATTR_INFO, (st), (val))
-# define sk_STORE_ATTR_INFO_unshift(st, val) SKM_sk_unshift(STORE_ATTR_INFO, (st), (val))
-# define sk_STORE_ATTR_INFO_find(st, val) SKM_sk_find(STORE_ATTR_INFO, (st), (val))
-# define sk_STORE_ATTR_INFO_find_ex(st, val) SKM_sk_find_ex(STORE_ATTR_INFO, (st), (val))
-# define sk_STORE_ATTR_INFO_delete(st, i) SKM_sk_delete(STORE_ATTR_INFO, (st), (i))
-# define sk_STORE_ATTR_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(STORE_ATTR_INFO, (st), (ptr))
-# define sk_STORE_ATTR_INFO_insert(st, val, i) SKM_sk_insert(STORE_ATTR_INFO, (st), (val), (i))
-# define sk_STORE_ATTR_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STORE_ATTR_INFO, (st), (cmp))
-# define sk_STORE_ATTR_INFO_dup(st) SKM_sk_dup(STORE_ATTR_INFO, st)
-# define sk_STORE_ATTR_INFO_pop_free(st, free_func) SKM_sk_pop_free(STORE_ATTR_INFO, (st), (free_func))
-# define sk_STORE_ATTR_INFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(STORE_ATTR_INFO, (st), (copy_func), (free_func))
-# define sk_STORE_ATTR_INFO_shift(st) SKM_sk_shift(STORE_ATTR_INFO, (st))
-# define sk_STORE_ATTR_INFO_pop(st) SKM_sk_pop(STORE_ATTR_INFO, (st))
-# define sk_STORE_ATTR_INFO_sort(st) SKM_sk_sort(STORE_ATTR_INFO, (st))
-# define sk_STORE_ATTR_INFO_is_sorted(st) SKM_sk_is_sorted(STORE_ATTR_INFO, (st))
-# define sk_STORE_OBJECT_new(cmp) SKM_sk_new(STORE_OBJECT, (cmp))
-# define sk_STORE_OBJECT_new_null() SKM_sk_new_null(STORE_OBJECT)
-# define sk_STORE_OBJECT_free(st) SKM_sk_free(STORE_OBJECT, (st))
-# define sk_STORE_OBJECT_num(st) SKM_sk_num(STORE_OBJECT, (st))
-# define sk_STORE_OBJECT_value(st, i) SKM_sk_value(STORE_OBJECT, (st), (i))
-# define sk_STORE_OBJECT_set(st, i, val) SKM_sk_set(STORE_OBJECT, (st), (i), (val))
-# define sk_STORE_OBJECT_zero(st) SKM_sk_zero(STORE_OBJECT, (st))
-# define sk_STORE_OBJECT_push(st, val) SKM_sk_push(STORE_OBJECT, (st), (val))
-# define sk_STORE_OBJECT_unshift(st, val) SKM_sk_unshift(STORE_OBJECT, (st), (val))
-# define sk_STORE_OBJECT_find(st, val) SKM_sk_find(STORE_OBJECT, (st), (val))
-# define sk_STORE_OBJECT_find_ex(st, val) SKM_sk_find_ex(STORE_OBJECT, (st), (val))
-# define sk_STORE_OBJECT_delete(st, i) SKM_sk_delete(STORE_OBJECT, (st), (i))
-# define sk_STORE_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(STORE_OBJECT, (st), (ptr))
-# define sk_STORE_OBJECT_insert(st, val, i) SKM_sk_insert(STORE_OBJECT, (st), (val), (i))
-# define sk_STORE_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STORE_OBJECT, (st), (cmp))
-# define sk_STORE_OBJECT_dup(st) SKM_sk_dup(STORE_OBJECT, st)
-# define sk_STORE_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(STORE_OBJECT, (st), (free_func))
-# define sk_STORE_OBJECT_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(STORE_OBJECT, (st), (copy_func), (free_func))
-# define sk_STORE_OBJECT_shift(st) SKM_sk_shift(STORE_OBJECT, (st))
-# define sk_STORE_OBJECT_pop(st) SKM_sk_pop(STORE_OBJECT, (st))
-# define sk_STORE_OBJECT_sort(st) SKM_sk_sort(STORE_OBJECT, (st))
-# define sk_STORE_OBJECT_is_sorted(st) SKM_sk_is_sorted(STORE_OBJECT, (st))
-# define sk_SXNETID_new(cmp) SKM_sk_new(SXNETID, (cmp))
-# define sk_SXNETID_new_null() SKM_sk_new_null(SXNETID)
-# define sk_SXNETID_free(st) SKM_sk_free(SXNETID, (st))
-# define sk_SXNETID_num(st) SKM_sk_num(SXNETID, (st))
-# define sk_SXNETID_value(st, i) SKM_sk_value(SXNETID, (st), (i))
-# define sk_SXNETID_set(st, i, val) SKM_sk_set(SXNETID, (st), (i), (val))
-# define sk_SXNETID_zero(st) SKM_sk_zero(SXNETID, (st))
-# define sk_SXNETID_push(st, val) SKM_sk_push(SXNETID, (st), (val))
-# define sk_SXNETID_unshift(st, val) SKM_sk_unshift(SXNETID, (st), (val))
-# define sk_SXNETID_find(st, val) SKM_sk_find(SXNETID, (st), (val))
-# define sk_SXNETID_find_ex(st, val) SKM_sk_find_ex(SXNETID, (st), (val))
-# define sk_SXNETID_delete(st, i) SKM_sk_delete(SXNETID, (st), (i))
-# define sk_SXNETID_delete_ptr(st, ptr) SKM_sk_delete_ptr(SXNETID, (st), (ptr))
-# define sk_SXNETID_insert(st, val, i) SKM_sk_insert(SXNETID, (st), (val), (i))
-# define sk_SXNETID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SXNETID, (st), (cmp))
-# define sk_SXNETID_dup(st) SKM_sk_dup(SXNETID, st)
-# define sk_SXNETID_pop_free(st, free_func) SKM_sk_pop_free(SXNETID, (st), (free_func))
-# define sk_SXNETID_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SXNETID, (st), (copy_func), (free_func))
-# define sk_SXNETID_shift(st) SKM_sk_shift(SXNETID, (st))
-# define sk_SXNETID_pop(st) SKM_sk_pop(SXNETID, (st))
-# define sk_SXNETID_sort(st) SKM_sk_sort(SXNETID, (st))
-# define sk_SXNETID_is_sorted(st) SKM_sk_is_sorted(SXNETID, (st))
-# define sk_UI_STRING_new(cmp) SKM_sk_new(UI_STRING, (cmp))
-# define sk_UI_STRING_new_null() SKM_sk_new_null(UI_STRING)
-# define sk_UI_STRING_free(st) SKM_sk_free(UI_STRING, (st))
-# define sk_UI_STRING_num(st) SKM_sk_num(UI_STRING, (st))
-# define sk_UI_STRING_value(st, i) SKM_sk_value(UI_STRING, (st), (i))
-# define sk_UI_STRING_set(st, i, val) SKM_sk_set(UI_STRING, (st), (i), (val))
-# define sk_UI_STRING_zero(st) SKM_sk_zero(UI_STRING, (st))
-# define sk_UI_STRING_push(st, val) SKM_sk_push(UI_STRING, (st), (val))
-# define sk_UI_STRING_unshift(st, val) SKM_sk_unshift(UI_STRING, (st), (val))
-# define sk_UI_STRING_find(st, val) SKM_sk_find(UI_STRING, (st), (val))
-# define sk_UI_STRING_find_ex(st, val) SKM_sk_find_ex(UI_STRING, (st), (val))
-# define sk_UI_STRING_delete(st, i) SKM_sk_delete(UI_STRING, (st), (i))
-# define sk_UI_STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(UI_STRING, (st), (ptr))
-# define sk_UI_STRING_insert(st, val, i) SKM_sk_insert(UI_STRING, (st), (val), (i))
-# define sk_UI_STRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(UI_STRING, (st), (cmp))
-# define sk_UI_STRING_dup(st) SKM_sk_dup(UI_STRING, st)
-# define sk_UI_STRING_pop_free(st, free_func) SKM_sk_pop_free(UI_STRING, (st), (free_func))
-# define sk_UI_STRING_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(UI_STRING, (st), (copy_func), (free_func))
-# define sk_UI_STRING_shift(st) SKM_sk_shift(UI_STRING, (st))
-# define sk_UI_STRING_pop(st) SKM_sk_pop(UI_STRING, (st))
-# define sk_UI_STRING_sort(st) SKM_sk_sort(UI_STRING, (st))
-# define sk_UI_STRING_is_sorted(st) SKM_sk_is_sorted(UI_STRING, (st))
-# define sk_X509_new(cmp) SKM_sk_new(X509, (cmp))
-# define sk_X509_new_null() SKM_sk_new_null(X509)
-# define sk_X509_free(st) SKM_sk_free(X509, (st))
-# define sk_X509_num(st) SKM_sk_num(X509, (st))
-# define sk_X509_value(st, i) SKM_sk_value(X509, (st), (i))
-# define sk_X509_set(st, i, val) SKM_sk_set(X509, (st), (i), (val))
-# define sk_X509_zero(st) SKM_sk_zero(X509, (st))
-# define sk_X509_push(st, val) SKM_sk_push(X509, (st), (val))
-# define sk_X509_unshift(st, val) SKM_sk_unshift(X509, (st), (val))
-# define sk_X509_find(st, val) SKM_sk_find(X509, (st), (val))
-# define sk_X509_find_ex(st, val) SKM_sk_find_ex(X509, (st), (val))
-# define sk_X509_delete(st, i) SKM_sk_delete(X509, (st), (i))
-# define sk_X509_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509, (st), (ptr))
-# define sk_X509_insert(st, val, i) SKM_sk_insert(X509, (st), (val), (i))
-# define sk_X509_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509, (st), (cmp))
-# define sk_X509_dup(st) SKM_sk_dup(X509, st)
-# define sk_X509_pop_free(st, free_func) SKM_sk_pop_free(X509, (st), (free_func))
-# define sk_X509_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509, (st), (copy_func), (free_func))
-# define sk_X509_shift(st) SKM_sk_shift(X509, (st))
-# define sk_X509_pop(st) SKM_sk_pop(X509, (st))
-# define sk_X509_sort(st) SKM_sk_sort(X509, (st))
-# define sk_X509_is_sorted(st) SKM_sk_is_sorted(X509, (st))
-# define sk_X509V3_EXT_METHOD_new(cmp) SKM_sk_new(X509V3_EXT_METHOD, (cmp))
-# define sk_X509V3_EXT_METHOD_new_null() SKM_sk_new_null(X509V3_EXT_METHOD)
-# define sk_X509V3_EXT_METHOD_free(st) SKM_sk_free(X509V3_EXT_METHOD, (st))
-# define sk_X509V3_EXT_METHOD_num(st) SKM_sk_num(X509V3_EXT_METHOD, (st))
-# define sk_X509V3_EXT_METHOD_value(st, i) SKM_sk_value(X509V3_EXT_METHOD, (st), (i))
-# define sk_X509V3_EXT_METHOD_set(st, i, val) SKM_sk_set(X509V3_EXT_METHOD, (st), (i), (val))
-# define sk_X509V3_EXT_METHOD_zero(st) SKM_sk_zero(X509V3_EXT_METHOD, (st))
-# define sk_X509V3_EXT_METHOD_push(st, val) SKM_sk_push(X509V3_EXT_METHOD, (st), (val))
-# define sk_X509V3_EXT_METHOD_unshift(st, val) SKM_sk_unshift(X509V3_EXT_METHOD, (st), (val))
-# define sk_X509V3_EXT_METHOD_find(st, val) SKM_sk_find(X509V3_EXT_METHOD, (st), (val))
-# define sk_X509V3_EXT_METHOD_find_ex(st, val) SKM_sk_find_ex(X509V3_EXT_METHOD, (st), (val))
-# define sk_X509V3_EXT_METHOD_delete(st, i) SKM_sk_delete(X509V3_EXT_METHOD, (st), (i))
-# define sk_X509V3_EXT_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509V3_EXT_METHOD, (st), (ptr))
-# define sk_X509V3_EXT_METHOD_insert(st, val, i) SKM_sk_insert(X509V3_EXT_METHOD, (st), (val), (i))
-# define sk_X509V3_EXT_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509V3_EXT_METHOD, (st), (cmp))
-# define sk_X509V3_EXT_METHOD_dup(st) SKM_sk_dup(X509V3_EXT_METHOD, st)
-# define sk_X509V3_EXT_METHOD_pop_free(st, free_func) SKM_sk_pop_free(X509V3_EXT_METHOD, (st), (free_func))
-# define sk_X509V3_EXT_METHOD_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509V3_EXT_METHOD, (st), (copy_func), (free_func))
-# define sk_X509V3_EXT_METHOD_shift(st) SKM_sk_shift(X509V3_EXT_METHOD, (st))
-# define sk_X509V3_EXT_METHOD_pop(st) SKM_sk_pop(X509V3_EXT_METHOD, (st))
-# define sk_X509V3_EXT_METHOD_sort(st) SKM_sk_sort(X509V3_EXT_METHOD, (st))
-# define sk_X509V3_EXT_METHOD_is_sorted(st) SKM_sk_is_sorted(X509V3_EXT_METHOD, (st))
-# define sk_X509_ALGOR_new(cmp) SKM_sk_new(X509_ALGOR, (cmp))
-# define sk_X509_ALGOR_new_null() SKM_sk_new_null(X509_ALGOR)
-# define sk_X509_ALGOR_free(st) SKM_sk_free(X509_ALGOR, (st))
-# define sk_X509_ALGOR_num(st) SKM_sk_num(X509_ALGOR, (st))
-# define sk_X509_ALGOR_value(st, i) SKM_sk_value(X509_ALGOR, (st), (i))
-# define sk_X509_ALGOR_set(st, i, val) SKM_sk_set(X509_ALGOR, (st), (i), (val))
-# define sk_X509_ALGOR_zero(st) SKM_sk_zero(X509_ALGOR, (st))
-# define sk_X509_ALGOR_push(st, val) SKM_sk_push(X509_ALGOR, (st), (val))
-# define sk_X509_ALGOR_unshift(st, val) SKM_sk_unshift(X509_ALGOR, (st), (val))
-# define sk_X509_ALGOR_find(st, val) SKM_sk_find(X509_ALGOR, (st), (val))
-# define sk_X509_ALGOR_find_ex(st, val) SKM_sk_find_ex(X509_ALGOR, (st), (val))
-# define sk_X509_ALGOR_delete(st, i) SKM_sk_delete(X509_ALGOR, (st), (i))
-# define sk_X509_ALGOR_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ALGOR, (st), (ptr))
-# define sk_X509_ALGOR_insert(st, val, i) SKM_sk_insert(X509_ALGOR, (st), (val), (i))
-# define sk_X509_ALGOR_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_ALGOR, (st), (cmp))
-# define sk_X509_ALGOR_dup(st) SKM_sk_dup(X509_ALGOR, st)
-# define sk_X509_ALGOR_pop_free(st, free_func) SKM_sk_pop_free(X509_ALGOR, (st), (free_func))
-# define sk_X509_ALGOR_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_ALGOR, (st), (copy_func), (free_func))
-# define sk_X509_ALGOR_shift(st) SKM_sk_shift(X509_ALGOR, (st))
-# define sk_X509_ALGOR_pop(st) SKM_sk_pop(X509_ALGOR, (st))
-# define sk_X509_ALGOR_sort(st) SKM_sk_sort(X509_ALGOR, (st))
-# define sk_X509_ALGOR_is_sorted(st) SKM_sk_is_sorted(X509_ALGOR, (st))
-# define sk_X509_ATTRIBUTE_new(cmp) SKM_sk_new(X509_ATTRIBUTE, (cmp))
-# define sk_X509_ATTRIBUTE_new_null() SKM_sk_new_null(X509_ATTRIBUTE)
-# define sk_X509_ATTRIBUTE_free(st) SKM_sk_free(X509_ATTRIBUTE, (st))
-# define sk_X509_ATTRIBUTE_num(st) SKM_sk_num(X509_ATTRIBUTE, (st))
-# define sk_X509_ATTRIBUTE_value(st, i) SKM_sk_value(X509_ATTRIBUTE, (st), (i))
-# define sk_X509_ATTRIBUTE_set(st, i, val) SKM_sk_set(X509_ATTRIBUTE, (st), (i), (val))
-# define sk_X509_ATTRIBUTE_zero(st) SKM_sk_zero(X509_ATTRIBUTE, (st))
-# define sk_X509_ATTRIBUTE_push(st, val) SKM_sk_push(X509_ATTRIBUTE, (st), (val))
-# define sk_X509_ATTRIBUTE_unshift(st, val) SKM_sk_unshift(X509_ATTRIBUTE, (st), (val))
-# define sk_X509_ATTRIBUTE_find(st, val) SKM_sk_find(X509_ATTRIBUTE, (st), (val))
-# define sk_X509_ATTRIBUTE_find_ex(st, val) SKM_sk_find_ex(X509_ATTRIBUTE, (st), (val))
-# define sk_X509_ATTRIBUTE_delete(st, i) SKM_sk_delete(X509_ATTRIBUTE, (st), (i))
-# define sk_X509_ATTRIBUTE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ATTRIBUTE, (st), (ptr))
-# define sk_X509_ATTRIBUTE_insert(st, val, i) SKM_sk_insert(X509_ATTRIBUTE, (st), (val), (i))
-# define sk_X509_ATTRIBUTE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_ATTRIBUTE, (st), (cmp))
-# define sk_X509_ATTRIBUTE_dup(st) SKM_sk_dup(X509_ATTRIBUTE, st)
-# define sk_X509_ATTRIBUTE_pop_free(st, free_func) SKM_sk_pop_free(X509_ATTRIBUTE, (st), (free_func))
-# define sk_X509_ATTRIBUTE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_ATTRIBUTE, (st), (copy_func), (free_func))
-# define sk_X509_ATTRIBUTE_shift(st) SKM_sk_shift(X509_ATTRIBUTE, (st))
-# define sk_X509_ATTRIBUTE_pop(st) SKM_sk_pop(X509_ATTRIBUTE, (st))
-# define sk_X509_ATTRIBUTE_sort(st) SKM_sk_sort(X509_ATTRIBUTE, (st))
-# define sk_X509_ATTRIBUTE_is_sorted(st) SKM_sk_is_sorted(X509_ATTRIBUTE, (st))
-# define sk_X509_CRL_new(cmp) SKM_sk_new(X509_CRL, (cmp))
-# define sk_X509_CRL_new_null() SKM_sk_new_null(X509_CRL)
-# define sk_X509_CRL_free(st) SKM_sk_free(X509_CRL, (st))
-# define sk_X509_CRL_num(st) SKM_sk_num(X509_CRL, (st))
-# define sk_X509_CRL_value(st, i) SKM_sk_value(X509_CRL, (st), (i))
-# define sk_X509_CRL_set(st, i, val) SKM_sk_set(X509_CRL, (st), (i), (val))
-# define sk_X509_CRL_zero(st) SKM_sk_zero(X509_CRL, (st))
-# define sk_X509_CRL_push(st, val) SKM_sk_push(X509_CRL, (st), (val))
-# define sk_X509_CRL_unshift(st, val) SKM_sk_unshift(X509_CRL, (st), (val))
-# define sk_X509_CRL_find(st, val) SKM_sk_find(X509_CRL, (st), (val))
-# define sk_X509_CRL_find_ex(st, val) SKM_sk_find_ex(X509_CRL, (st), (val))
-# define sk_X509_CRL_delete(st, i) SKM_sk_delete(X509_CRL, (st), (i))
-# define sk_X509_CRL_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_CRL, (st), (ptr))
-# define sk_X509_CRL_insert(st, val, i) SKM_sk_insert(X509_CRL, (st), (val), (i))
-# define sk_X509_CRL_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_CRL, (st), (cmp))
-# define sk_X509_CRL_dup(st) SKM_sk_dup(X509_CRL, st)
-# define sk_X509_CRL_pop_free(st, free_func) SKM_sk_pop_free(X509_CRL, (st), (free_func))
-# define sk_X509_CRL_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_CRL, (st), (copy_func), (free_func))
-# define sk_X509_CRL_shift(st) SKM_sk_shift(X509_CRL, (st))
-# define sk_X509_CRL_pop(st) SKM_sk_pop(X509_CRL, (st))
-# define sk_X509_CRL_sort(st) SKM_sk_sort(X509_CRL, (st))
-# define sk_X509_CRL_is_sorted(st) SKM_sk_is_sorted(X509_CRL, (st))
-# define sk_X509_EXTENSION_new(cmp) SKM_sk_new(X509_EXTENSION, (cmp))
-# define sk_X509_EXTENSION_new_null() SKM_sk_new_null(X509_EXTENSION)
-# define sk_X509_EXTENSION_free(st) SKM_sk_free(X509_EXTENSION, (st))
-# define sk_X509_EXTENSION_num(st) SKM_sk_num(X509_EXTENSION, (st))
-# define sk_X509_EXTENSION_value(st, i) SKM_sk_value(X509_EXTENSION, (st), (i))
-# define sk_X509_EXTENSION_set(st, i, val) SKM_sk_set(X509_EXTENSION, (st), (i), (val))
-# define sk_X509_EXTENSION_zero(st) SKM_sk_zero(X509_EXTENSION, (st))
-# define sk_X509_EXTENSION_push(st, val) SKM_sk_push(X509_EXTENSION, (st), (val))
-# define sk_X509_EXTENSION_unshift(st, val) SKM_sk_unshift(X509_EXTENSION, (st), (val))
-# define sk_X509_EXTENSION_find(st, val) SKM_sk_find(X509_EXTENSION, (st), (val))
-# define sk_X509_EXTENSION_find_ex(st, val) SKM_sk_find_ex(X509_EXTENSION, (st), (val))
-# define sk_X509_EXTENSION_delete(st, i) SKM_sk_delete(X509_EXTENSION, (st), (i))
-# define sk_X509_EXTENSION_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_EXTENSION, (st), (ptr))
-# define sk_X509_EXTENSION_insert(st, val, i) SKM_sk_insert(X509_EXTENSION, (st), (val), (i))
-# define sk_X509_EXTENSION_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_EXTENSION, (st), (cmp))
-# define sk_X509_EXTENSION_dup(st) SKM_sk_dup(X509_EXTENSION, st)
-# define sk_X509_EXTENSION_pop_free(st, free_func) SKM_sk_pop_free(X509_EXTENSION, (st), (free_func))
-# define sk_X509_EXTENSION_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_EXTENSION, (st), (copy_func), (free_func))
-# define sk_X509_EXTENSION_shift(st) SKM_sk_shift(X509_EXTENSION, (st))
-# define sk_X509_EXTENSION_pop(st) SKM_sk_pop(X509_EXTENSION, (st))
-# define sk_X509_EXTENSION_sort(st) SKM_sk_sort(X509_EXTENSION, (st))
-# define sk_X509_EXTENSION_is_sorted(st) SKM_sk_is_sorted(X509_EXTENSION, (st))
-# define sk_X509_INFO_new(cmp) SKM_sk_new(X509_INFO, (cmp))
-# define sk_X509_INFO_new_null() SKM_sk_new_null(X509_INFO)
-# define sk_X509_INFO_free(st) SKM_sk_free(X509_INFO, (st))
-# define sk_X509_INFO_num(st) SKM_sk_num(X509_INFO, (st))
-# define sk_X509_INFO_value(st, i) SKM_sk_value(X509_INFO, (st), (i))
-# define sk_X509_INFO_set(st, i, val) SKM_sk_set(X509_INFO, (st), (i), (val))
-# define sk_X509_INFO_zero(st) SKM_sk_zero(X509_INFO, (st))
-# define sk_X509_INFO_push(st, val) SKM_sk_push(X509_INFO, (st), (val))
-# define sk_X509_INFO_unshift(st, val) SKM_sk_unshift(X509_INFO, (st), (val))
-# define sk_X509_INFO_find(st, val) SKM_sk_find(X509_INFO, (st), (val))
-# define sk_X509_INFO_find_ex(st, val) SKM_sk_find_ex(X509_INFO, (st), (val))
-# define sk_X509_INFO_delete(st, i) SKM_sk_delete(X509_INFO, (st), (i))
-# define sk_X509_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_INFO, (st), (ptr))
-# define sk_X509_INFO_insert(st, val, i) SKM_sk_insert(X509_INFO, (st), (val), (i))
-# define sk_X509_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_INFO, (st), (cmp))
-# define sk_X509_INFO_dup(st) SKM_sk_dup(X509_INFO, st)
-# define sk_X509_INFO_pop_free(st, free_func) SKM_sk_pop_free(X509_INFO, (st), (free_func))
-# define sk_X509_INFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_INFO, (st), (copy_func), (free_func))
-# define sk_X509_INFO_shift(st) SKM_sk_shift(X509_INFO, (st))
-# define sk_X509_INFO_pop(st) SKM_sk_pop(X509_INFO, (st))
-# define sk_X509_INFO_sort(st) SKM_sk_sort(X509_INFO, (st))
-# define sk_X509_INFO_is_sorted(st) SKM_sk_is_sorted(X509_INFO, (st))
-# define sk_X509_LOOKUP_new(cmp) SKM_sk_new(X509_LOOKUP, (cmp))
-# define sk_X509_LOOKUP_new_null() SKM_sk_new_null(X509_LOOKUP)
-# define sk_X509_LOOKUP_free(st) SKM_sk_free(X509_LOOKUP, (st))
-# define sk_X509_LOOKUP_num(st) SKM_sk_num(X509_LOOKUP, (st))
-# define sk_X509_LOOKUP_value(st, i) SKM_sk_value(X509_LOOKUP, (st), (i))
-# define sk_X509_LOOKUP_set(st, i, val) SKM_sk_set(X509_LOOKUP, (st), (i), (val))
-# define sk_X509_LOOKUP_zero(st) SKM_sk_zero(X509_LOOKUP, (st))
-# define sk_X509_LOOKUP_push(st, val) SKM_sk_push(X509_LOOKUP, (st), (val))
-# define sk_X509_LOOKUP_unshift(st, val) SKM_sk_unshift(X509_LOOKUP, (st), (val))
-# define sk_X509_LOOKUP_find(st, val) SKM_sk_find(X509_LOOKUP, (st), (val))
-# define sk_X509_LOOKUP_find_ex(st, val) SKM_sk_find_ex(X509_LOOKUP, (st), (val))
-# define sk_X509_LOOKUP_delete(st, i) SKM_sk_delete(X509_LOOKUP, (st), (i))
-# define sk_X509_LOOKUP_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_LOOKUP, (st), (ptr))
-# define sk_X509_LOOKUP_insert(st, val, i) SKM_sk_insert(X509_LOOKUP, (st), (val), (i))
-# define sk_X509_LOOKUP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_LOOKUP, (st), (cmp))
-# define sk_X509_LOOKUP_dup(st) SKM_sk_dup(X509_LOOKUP, st)
-# define sk_X509_LOOKUP_pop_free(st, free_func) SKM_sk_pop_free(X509_LOOKUP, (st), (free_func))
-# define sk_X509_LOOKUP_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_LOOKUP, (st), (copy_func), (free_func))
-# define sk_X509_LOOKUP_shift(st) SKM_sk_shift(X509_LOOKUP, (st))
-# define sk_X509_LOOKUP_pop(st) SKM_sk_pop(X509_LOOKUP, (st))
-# define sk_X509_LOOKUP_sort(st) SKM_sk_sort(X509_LOOKUP, (st))
-# define sk_X509_LOOKUP_is_sorted(st) SKM_sk_is_sorted(X509_LOOKUP, (st))
-# define sk_X509_NAME_new(cmp) SKM_sk_new(X509_NAME, (cmp))
-# define sk_X509_NAME_new_null() SKM_sk_new_null(X509_NAME)
-# define sk_X509_NAME_free(st) SKM_sk_free(X509_NAME, (st))
-# define sk_X509_NAME_num(st) SKM_sk_num(X509_NAME, (st))
-# define sk_X509_NAME_value(st, i) SKM_sk_value(X509_NAME, (st), (i))
-# define sk_X509_NAME_set(st, i, val) SKM_sk_set(X509_NAME, (st), (i), (val))
-# define sk_X509_NAME_zero(st) SKM_sk_zero(X509_NAME, (st))
-# define sk_X509_NAME_push(st, val) SKM_sk_push(X509_NAME, (st), (val))
-# define sk_X509_NAME_unshift(st, val) SKM_sk_unshift(X509_NAME, (st), (val))
-# define sk_X509_NAME_find(st, val) SKM_sk_find(X509_NAME, (st), (val))
-# define sk_X509_NAME_find_ex(st, val) SKM_sk_find_ex(X509_NAME, (st), (val))
-# define sk_X509_NAME_delete(st, i) SKM_sk_delete(X509_NAME, (st), (i))
-# define sk_X509_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME, (st), (ptr))
-# define sk_X509_NAME_insert(st, val, i) SKM_sk_insert(X509_NAME, (st), (val), (i))
-# define sk_X509_NAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_NAME, (st), (cmp))
-# define sk_X509_NAME_dup(st) SKM_sk_dup(X509_NAME, st)
-# define sk_X509_NAME_pop_free(st, free_func) SKM_sk_pop_free(X509_NAME, (st), (free_func))
-# define sk_X509_NAME_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_NAME, (st), (copy_func), (free_func))
-# define sk_X509_NAME_shift(st) SKM_sk_shift(X509_NAME, (st))
-# define sk_X509_NAME_pop(st) SKM_sk_pop(X509_NAME, (st))
-# define sk_X509_NAME_sort(st) SKM_sk_sort(X509_NAME, (st))
-# define sk_X509_NAME_is_sorted(st) SKM_sk_is_sorted(X509_NAME, (st))
-# define sk_X509_NAME_ENTRY_new(cmp) SKM_sk_new(X509_NAME_ENTRY, (cmp))
-# define sk_X509_NAME_ENTRY_new_null() SKM_sk_new_null(X509_NAME_ENTRY)
-# define sk_X509_NAME_ENTRY_free(st) SKM_sk_free(X509_NAME_ENTRY, (st))
-# define sk_X509_NAME_ENTRY_num(st) SKM_sk_num(X509_NAME_ENTRY, (st))
-# define sk_X509_NAME_ENTRY_value(st, i) SKM_sk_value(X509_NAME_ENTRY, (st), (i))
-# define sk_X509_NAME_ENTRY_set(st, i, val) SKM_sk_set(X509_NAME_ENTRY, (st), (i), (val))
-# define sk_X509_NAME_ENTRY_zero(st) SKM_sk_zero(X509_NAME_ENTRY, (st))
-# define sk_X509_NAME_ENTRY_push(st, val) SKM_sk_push(X509_NAME_ENTRY, (st), (val))
-# define sk_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(X509_NAME_ENTRY, (st), (val))
-# define sk_X509_NAME_ENTRY_find(st, val) SKM_sk_find(X509_NAME_ENTRY, (st), (val))
-# define sk_X509_NAME_ENTRY_find_ex(st, val) SKM_sk_find_ex(X509_NAME_ENTRY, (st), (val))
-# define sk_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(X509_NAME_ENTRY, (st), (i))
-# define sk_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME_ENTRY, (st), (ptr))
-# define sk_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(X509_NAME_ENTRY, (st), (val), (i))
-# define sk_X509_NAME_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_NAME_ENTRY, (st), (cmp))
-# define sk_X509_NAME_ENTRY_dup(st) SKM_sk_dup(X509_NAME_ENTRY, st)
-# define sk_X509_NAME_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(X509_NAME_ENTRY, (st), (free_func))
-# define sk_X509_NAME_ENTRY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_NAME_ENTRY, (st), (copy_func), (free_func))
-# define sk_X509_NAME_ENTRY_shift(st) SKM_sk_shift(X509_NAME_ENTRY, (st))
-# define sk_X509_NAME_ENTRY_pop(st) SKM_sk_pop(X509_NAME_ENTRY, (st))
-# define sk_X509_NAME_ENTRY_sort(st) SKM_sk_sort(X509_NAME_ENTRY, (st))
-# define sk_X509_NAME_ENTRY_is_sorted(st) SKM_sk_is_sorted(X509_NAME_ENTRY, (st))
-# define sk_X509_OBJECT_new(cmp) SKM_sk_new(X509_OBJECT, (cmp))
-# define sk_X509_OBJECT_new_null() SKM_sk_new_null(X509_OBJECT)
-# define sk_X509_OBJECT_free(st) SKM_sk_free(X509_OBJECT, (st))
-# define sk_X509_OBJECT_num(st) SKM_sk_num(X509_OBJECT, (st))
-# define sk_X509_OBJECT_value(st, i) SKM_sk_value(X509_OBJECT, (st), (i))
-# define sk_X509_OBJECT_set(st, i, val) SKM_sk_set(X509_OBJECT, (st), (i), (val))
-# define sk_X509_OBJECT_zero(st) SKM_sk_zero(X509_OBJECT, (st))
-# define sk_X509_OBJECT_push(st, val) SKM_sk_push(X509_OBJECT, (st), (val))
-# define sk_X509_OBJECT_unshift(st, val) SKM_sk_unshift(X509_OBJECT, (st), (val))
-# define sk_X509_OBJECT_find(st, val) SKM_sk_find(X509_OBJECT, (st), (val))
-# define sk_X509_OBJECT_find_ex(st, val) SKM_sk_find_ex(X509_OBJECT, (st), (val))
-# define sk_X509_OBJECT_delete(st, i) SKM_sk_delete(X509_OBJECT, (st), (i))
-# define sk_X509_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_OBJECT, (st), (ptr))
-# define sk_X509_OBJECT_insert(st, val, i) SKM_sk_insert(X509_OBJECT, (st), (val), (i))
-# define sk_X509_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_OBJECT, (st), (cmp))
-# define sk_X509_OBJECT_dup(st) SKM_sk_dup(X509_OBJECT, st)
-# define sk_X509_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(X509_OBJECT, (st), (free_func))
-# define sk_X509_OBJECT_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_OBJECT, (st), (copy_func), (free_func))
-# define sk_X509_OBJECT_shift(st) SKM_sk_shift(X509_OBJECT, (st))
-# define sk_X509_OBJECT_pop(st) SKM_sk_pop(X509_OBJECT, (st))
-# define sk_X509_OBJECT_sort(st) SKM_sk_sort(X509_OBJECT, (st))
-# define sk_X509_OBJECT_is_sorted(st) SKM_sk_is_sorted(X509_OBJECT, (st))
-# define sk_X509_POLICY_DATA_new(cmp) SKM_sk_new(X509_POLICY_DATA, (cmp))
-# define sk_X509_POLICY_DATA_new_null() SKM_sk_new_null(X509_POLICY_DATA)
-# define sk_X509_POLICY_DATA_free(st) SKM_sk_free(X509_POLICY_DATA, (st))
-# define sk_X509_POLICY_DATA_num(st) SKM_sk_num(X509_POLICY_DATA, (st))
-# define sk_X509_POLICY_DATA_value(st, i) SKM_sk_value(X509_POLICY_DATA, (st), (i))
-# define sk_X509_POLICY_DATA_set(st, i, val) SKM_sk_set(X509_POLICY_DATA, (st), (i), (val))
-# define sk_X509_POLICY_DATA_zero(st) SKM_sk_zero(X509_POLICY_DATA, (st))
-# define sk_X509_POLICY_DATA_push(st, val) SKM_sk_push(X509_POLICY_DATA, (st), (val))
-# define sk_X509_POLICY_DATA_unshift(st, val) SKM_sk_unshift(X509_POLICY_DATA, (st), (val))
-# define sk_X509_POLICY_DATA_find(st, val) SKM_sk_find(X509_POLICY_DATA, (st), (val))
-# define sk_X509_POLICY_DATA_find_ex(st, val) SKM_sk_find_ex(X509_POLICY_DATA, (st), (val))
-# define sk_X509_POLICY_DATA_delete(st, i) SKM_sk_delete(X509_POLICY_DATA, (st), (i))
-# define sk_X509_POLICY_DATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_DATA, (st), (ptr))
-# define sk_X509_POLICY_DATA_insert(st, val, i) SKM_sk_insert(X509_POLICY_DATA, (st), (val), (i))
-# define sk_X509_POLICY_DATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_POLICY_DATA, (st), (cmp))
-# define sk_X509_POLICY_DATA_dup(st) SKM_sk_dup(X509_POLICY_DATA, st)
-# define sk_X509_POLICY_DATA_pop_free(st, free_func) SKM_sk_pop_free(X509_POLICY_DATA, (st), (free_func))
-# define sk_X509_POLICY_DATA_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_POLICY_DATA, (st), (copy_func), (free_func))
-# define sk_X509_POLICY_DATA_shift(st) SKM_sk_shift(X509_POLICY_DATA, (st))
-# define sk_X509_POLICY_DATA_pop(st) SKM_sk_pop(X509_POLICY_DATA, (st))
-# define sk_X509_POLICY_DATA_sort(st) SKM_sk_sort(X509_POLICY_DATA, (st))
-# define sk_X509_POLICY_DATA_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_DATA, (st))
-# define sk_X509_POLICY_NODE_new(cmp) SKM_sk_new(X509_POLICY_NODE, (cmp))
-# define sk_X509_POLICY_NODE_new_null() SKM_sk_new_null(X509_POLICY_NODE)
-# define sk_X509_POLICY_NODE_free(st) SKM_sk_free(X509_POLICY_NODE, (st))
-# define sk_X509_POLICY_NODE_num(st) SKM_sk_num(X509_POLICY_NODE, (st))
-# define sk_X509_POLICY_NODE_value(st, i) SKM_sk_value(X509_POLICY_NODE, (st), (i))
-# define sk_X509_POLICY_NODE_set(st, i, val) SKM_sk_set(X509_POLICY_NODE, (st), (i), (val))
-# define sk_X509_POLICY_NODE_zero(st) SKM_sk_zero(X509_POLICY_NODE, (st))
-# define sk_X509_POLICY_NODE_push(st, val) SKM_sk_push(X509_POLICY_NODE, (st), (val))
-# define sk_X509_POLICY_NODE_unshift(st, val) SKM_sk_unshift(X509_POLICY_NODE, (st), (val))
-# define sk_X509_POLICY_NODE_find(st, val) SKM_sk_find(X509_POLICY_NODE, (st), (val))
-# define sk_X509_POLICY_NODE_find_ex(st, val) SKM_sk_find_ex(X509_POLICY_NODE, (st), (val))
-# define sk_X509_POLICY_NODE_delete(st, i) SKM_sk_delete(X509_POLICY_NODE, (st), (i))
-# define sk_X509_POLICY_NODE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_NODE, (st), (ptr))
-# define sk_X509_POLICY_NODE_insert(st, val, i) SKM_sk_insert(X509_POLICY_NODE, (st), (val), (i))
-# define sk_X509_POLICY_NODE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_POLICY_NODE, (st), (cmp))
-# define sk_X509_POLICY_NODE_dup(st) SKM_sk_dup(X509_POLICY_NODE, st)
-# define sk_X509_POLICY_NODE_pop_free(st, free_func) SKM_sk_pop_free(X509_POLICY_NODE, (st), (free_func))
-# define sk_X509_POLICY_NODE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_POLICY_NODE, (st), (copy_func), (free_func))
-# define sk_X509_POLICY_NODE_shift(st) SKM_sk_shift(X509_POLICY_NODE, (st))
-# define sk_X509_POLICY_NODE_pop(st) SKM_sk_pop(X509_POLICY_NODE, (st))
-# define sk_X509_POLICY_NODE_sort(st) SKM_sk_sort(X509_POLICY_NODE, (st))
-# define sk_X509_POLICY_NODE_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_NODE, (st))
-# define sk_X509_PURPOSE_new(cmp) SKM_sk_new(X509_PURPOSE, (cmp))
-# define sk_X509_PURPOSE_new_null() SKM_sk_new_null(X509_PURPOSE)
-# define sk_X509_PURPOSE_free(st) SKM_sk_free(X509_PURPOSE, (st))
-# define sk_X509_PURPOSE_num(st) SKM_sk_num(X509_PURPOSE, (st))
-# define sk_X509_PURPOSE_value(st, i) SKM_sk_value(X509_PURPOSE, (st), (i))
-# define sk_X509_PURPOSE_set(st, i, val) SKM_sk_set(X509_PURPOSE, (st), (i), (val))
-# define sk_X509_PURPOSE_zero(st) SKM_sk_zero(X509_PURPOSE, (st))
-# define sk_X509_PURPOSE_push(st, val) SKM_sk_push(X509_PURPOSE, (st), (val))
-# define sk_X509_PURPOSE_unshift(st, val) SKM_sk_unshift(X509_PURPOSE, (st), (val))
-# define sk_X509_PURPOSE_find(st, val) SKM_sk_find(X509_PURPOSE, (st), (val))
-# define sk_X509_PURPOSE_find_ex(st, val) SKM_sk_find_ex(X509_PURPOSE, (st), (val))
-# define sk_X509_PURPOSE_delete(st, i) SKM_sk_delete(X509_PURPOSE, (st), (i))
-# define sk_X509_PURPOSE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_PURPOSE, (st), (ptr))
-# define sk_X509_PURPOSE_insert(st, val, i) SKM_sk_insert(X509_PURPOSE, (st), (val), (i))
-# define sk_X509_PURPOSE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_PURPOSE, (st), (cmp))
-# define sk_X509_PURPOSE_dup(st) SKM_sk_dup(X509_PURPOSE, st)
-# define sk_X509_PURPOSE_pop_free(st, free_func) SKM_sk_pop_free(X509_PURPOSE, (st), (free_func))
-# define sk_X509_PURPOSE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_PURPOSE, (st), (copy_func), (free_func))
-# define sk_X509_PURPOSE_shift(st) SKM_sk_shift(X509_PURPOSE, (st))
-# define sk_X509_PURPOSE_pop(st) SKM_sk_pop(X509_PURPOSE, (st))
-# define sk_X509_PURPOSE_sort(st) SKM_sk_sort(X509_PURPOSE, (st))
-# define sk_X509_PURPOSE_is_sorted(st) SKM_sk_is_sorted(X509_PURPOSE, (st))
-# define sk_X509_REVOKED_new(cmp) SKM_sk_new(X509_REVOKED, (cmp))
-# define sk_X509_REVOKED_new_null() SKM_sk_new_null(X509_REVOKED)
-# define sk_X509_REVOKED_free(st) SKM_sk_free(X509_REVOKED, (st))
-# define sk_X509_REVOKED_num(st) SKM_sk_num(X509_REVOKED, (st))
-# define sk_X509_REVOKED_value(st, i) SKM_sk_value(X509_REVOKED, (st), (i))
-# define sk_X509_REVOKED_set(st, i, val) SKM_sk_set(X509_REVOKED, (st), (i), (val))
-# define sk_X509_REVOKED_zero(st) SKM_sk_zero(X509_REVOKED, (st))
-# define sk_X509_REVOKED_push(st, val) SKM_sk_push(X509_REVOKED, (st), (val))
-# define sk_X509_REVOKED_unshift(st, val) SKM_sk_unshift(X509_REVOKED, (st), (val))
-# define sk_X509_REVOKED_find(st, val) SKM_sk_find(X509_REVOKED, (st), (val))
-# define sk_X509_REVOKED_find_ex(st, val) SKM_sk_find_ex(X509_REVOKED, (st), (val))
-# define sk_X509_REVOKED_delete(st, i) SKM_sk_delete(X509_REVOKED, (st), (i))
-# define sk_X509_REVOKED_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_REVOKED, (st), (ptr))
-# define sk_X509_REVOKED_insert(st, val, i) SKM_sk_insert(X509_REVOKED, (st), (val), (i))
-# define sk_X509_REVOKED_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_REVOKED, (st), (cmp))
-# define sk_X509_REVOKED_dup(st) SKM_sk_dup(X509_REVOKED, st)
-# define sk_X509_REVOKED_pop_free(st, free_func) SKM_sk_pop_free(X509_REVOKED, (st), (free_func))
-# define sk_X509_REVOKED_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_REVOKED, (st), (copy_func), (free_func))
-# define sk_X509_REVOKED_shift(st) SKM_sk_shift(X509_REVOKED, (st))
-# define sk_X509_REVOKED_pop(st) SKM_sk_pop(X509_REVOKED, (st))
-# define sk_X509_REVOKED_sort(st) SKM_sk_sort(X509_REVOKED, (st))
-# define sk_X509_REVOKED_is_sorted(st) SKM_sk_is_sorted(X509_REVOKED, (st))
-# define sk_X509_TRUST_new(cmp) SKM_sk_new(X509_TRUST, (cmp))
-# define sk_X509_TRUST_new_null() SKM_sk_new_null(X509_TRUST)
-# define sk_X509_TRUST_free(st) SKM_sk_free(X509_TRUST, (st))
-# define sk_X509_TRUST_num(st) SKM_sk_num(X509_TRUST, (st))
-# define sk_X509_TRUST_value(st, i) SKM_sk_value(X509_TRUST, (st), (i))
-# define sk_X509_TRUST_set(st, i, val) SKM_sk_set(X509_TRUST, (st), (i), (val))
-# define sk_X509_TRUST_zero(st) SKM_sk_zero(X509_TRUST, (st))
-# define sk_X509_TRUST_push(st, val) SKM_sk_push(X509_TRUST, (st), (val))
-# define sk_X509_TRUST_unshift(st, val) SKM_sk_unshift(X509_TRUST, (st), (val))
-# define sk_X509_TRUST_find(st, val) SKM_sk_find(X509_TRUST, (st), (val))
-# define sk_X509_TRUST_find_ex(st, val) SKM_sk_find_ex(X509_TRUST, (st), (val))
-# define sk_X509_TRUST_delete(st, i) SKM_sk_delete(X509_TRUST, (st), (i))
-# define sk_X509_TRUST_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_TRUST, (st), (ptr))
-# define sk_X509_TRUST_insert(st, val, i) SKM_sk_insert(X509_TRUST, (st), (val), (i))
-# define sk_X509_TRUST_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_TRUST, (st), (cmp))
-# define sk_X509_TRUST_dup(st) SKM_sk_dup(X509_TRUST, st)
-# define sk_X509_TRUST_pop_free(st, free_func) SKM_sk_pop_free(X509_TRUST, (st), (free_func))
-# define sk_X509_TRUST_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_TRUST, (st), (copy_func), (free_func))
-# define sk_X509_TRUST_shift(st) SKM_sk_shift(X509_TRUST, (st))
-# define sk_X509_TRUST_pop(st) SKM_sk_pop(X509_TRUST, (st))
-# define sk_X509_TRUST_sort(st) SKM_sk_sort(X509_TRUST, (st))
-# define sk_X509_TRUST_is_sorted(st) SKM_sk_is_sorted(X509_TRUST, (st))
-# define sk_X509_VERIFY_PARAM_new(cmp) SKM_sk_new(X509_VERIFY_PARAM, (cmp))
-# define sk_X509_VERIFY_PARAM_new_null() SKM_sk_new_null(X509_VERIFY_PARAM)
-# define sk_X509_VERIFY_PARAM_free(st) SKM_sk_free(X509_VERIFY_PARAM, (st))
-# define sk_X509_VERIFY_PARAM_num(st) SKM_sk_num(X509_VERIFY_PARAM, (st))
-# define sk_X509_VERIFY_PARAM_value(st, i) SKM_sk_value(X509_VERIFY_PARAM, (st), (i))
-# define sk_X509_VERIFY_PARAM_set(st, i, val) SKM_sk_set(X509_VERIFY_PARAM, (st), (i), (val))
-# define sk_X509_VERIFY_PARAM_zero(st) SKM_sk_zero(X509_VERIFY_PARAM, (st))
-# define sk_X509_VERIFY_PARAM_push(st, val) SKM_sk_push(X509_VERIFY_PARAM, (st), (val))
-# define sk_X509_VERIFY_PARAM_unshift(st, val) SKM_sk_unshift(X509_VERIFY_PARAM, (st), (val))
-# define sk_X509_VERIFY_PARAM_find(st, val) SKM_sk_find(X509_VERIFY_PARAM, (st), (val))
-# define sk_X509_VERIFY_PARAM_find_ex(st, val) SKM_sk_find_ex(X509_VERIFY_PARAM, (st), (val))
-# define sk_X509_VERIFY_PARAM_delete(st, i) SKM_sk_delete(X509_VERIFY_PARAM, (st), (i))
-# define sk_X509_VERIFY_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_VERIFY_PARAM, (st), (ptr))
-# define sk_X509_VERIFY_PARAM_insert(st, val, i) SKM_sk_insert(X509_VERIFY_PARAM, (st), (val), (i))
-# define sk_X509_VERIFY_PARAM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_VERIFY_PARAM, (st), (cmp))
-# define sk_X509_VERIFY_PARAM_dup(st) SKM_sk_dup(X509_VERIFY_PARAM, st)
-# define sk_X509_VERIFY_PARAM_pop_free(st, free_func) SKM_sk_pop_free(X509_VERIFY_PARAM, (st), (free_func))
-# define sk_X509_VERIFY_PARAM_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_VERIFY_PARAM, (st), (copy_func), (free_func))
-# define sk_X509_VERIFY_PARAM_shift(st) SKM_sk_shift(X509_VERIFY_PARAM, (st))
-# define sk_X509_VERIFY_PARAM_pop(st) SKM_sk_pop(X509_VERIFY_PARAM, (st))
-# define sk_X509_VERIFY_PARAM_sort(st) SKM_sk_sort(X509_VERIFY_PARAM, (st))
-# define sk_X509_VERIFY_PARAM_is_sorted(st) SKM_sk_is_sorted(X509_VERIFY_PARAM, (st))
-# define sk_nid_triple_new(cmp) SKM_sk_new(nid_triple, (cmp))
-# define sk_nid_triple_new_null() SKM_sk_new_null(nid_triple)
-# define sk_nid_triple_free(st) SKM_sk_free(nid_triple, (st))
-# define sk_nid_triple_num(st) SKM_sk_num(nid_triple, (st))
-# define sk_nid_triple_value(st, i) SKM_sk_value(nid_triple, (st), (i))
-# define sk_nid_triple_set(st, i, val) SKM_sk_set(nid_triple, (st), (i), (val))
-# define sk_nid_triple_zero(st) SKM_sk_zero(nid_triple, (st))
-# define sk_nid_triple_push(st, val) SKM_sk_push(nid_triple, (st), (val))
-# define sk_nid_triple_unshift(st, val) SKM_sk_unshift(nid_triple, (st), (val))
-# define sk_nid_triple_find(st, val) SKM_sk_find(nid_triple, (st), (val))
-# define sk_nid_triple_find_ex(st, val) SKM_sk_find_ex(nid_triple, (st), (val))
-# define sk_nid_triple_delete(st, i) SKM_sk_delete(nid_triple, (st), (i))
-# define sk_nid_triple_delete_ptr(st, ptr) SKM_sk_delete_ptr(nid_triple, (st), (ptr))
-# define sk_nid_triple_insert(st, val, i) SKM_sk_insert(nid_triple, (st), (val), (i))
-# define sk_nid_triple_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(nid_triple, (st), (cmp))
-# define sk_nid_triple_dup(st) SKM_sk_dup(nid_triple, st)
-# define sk_nid_triple_pop_free(st, free_func) SKM_sk_pop_free(nid_triple, (st), (free_func))
-# define sk_nid_triple_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(nid_triple, (st), (copy_func), (free_func))
-# define sk_nid_triple_shift(st) SKM_sk_shift(nid_triple, (st))
-# define sk_nid_triple_pop(st) SKM_sk_pop(nid_triple, (st))
-# define sk_nid_triple_sort(st) SKM_sk_sort(nid_triple, (st))
-# define sk_nid_triple_is_sorted(st) SKM_sk_is_sorted(nid_triple, (st))
-# define sk_void_new(cmp) SKM_sk_new(void, (cmp))
-# define sk_void_new_null() SKM_sk_new_null(void)
-# define sk_void_free(st) SKM_sk_free(void, (st))
-# define sk_void_num(st) SKM_sk_num(void, (st))
-# define sk_void_value(st, i) SKM_sk_value(void, (st), (i))
-# define sk_void_set(st, i, val) SKM_sk_set(void, (st), (i), (val))
-# define sk_void_zero(st) SKM_sk_zero(void, (st))
-# define sk_void_push(st, val) SKM_sk_push(void, (st), (val))
-# define sk_void_unshift(st, val) SKM_sk_unshift(void, (st), (val))
-# define sk_void_find(st, val) SKM_sk_find(void, (st), (val))
-# define sk_void_find_ex(st, val) SKM_sk_find_ex(void, (st), (val))
-# define sk_void_delete(st, i) SKM_sk_delete(void, (st), (i))
-# define sk_void_delete_ptr(st, ptr) SKM_sk_delete_ptr(void, (st), (ptr))
-# define sk_void_insert(st, val, i) SKM_sk_insert(void, (st), (val), (i))
-# define sk_void_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(void, (st), (cmp))
-# define sk_void_dup(st) SKM_sk_dup(void, st)
-# define sk_void_pop_free(st, free_func) SKM_sk_pop_free(void, (st), (free_func))
-# define sk_void_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(void, (st), (copy_func), (free_func))
-# define sk_void_shift(st) SKM_sk_shift(void, (st))
-# define sk_void_pop(st) SKM_sk_pop(void, (st))
-# define sk_void_sort(st) SKM_sk_sort(void, (st))
-# define sk_void_is_sorted(st) SKM_sk_is_sorted(void, (st))
-# define sk_OPENSSL_STRING_new(cmp) ((STACK_OF(OPENSSL_STRING) *)sk_new(CHECKED_SK_CMP_FUNC(char, cmp)))
-# define sk_OPENSSL_STRING_new_null() ((STACK_OF(OPENSSL_STRING) *)sk_new_null())
-# define sk_OPENSSL_STRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
-# define sk_OPENSSL_STRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
-# define sk_OPENSSL_STRING_value(st, i) ((OPENSSL_STRING)sk_value(CHECKED_STACK_OF(OPENSSL_STRING, st), i))
-# define sk_OPENSSL_STRING_num(st) SKM_sk_num(OPENSSL_STRING, st)
-# define sk_OPENSSL_STRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_FREE_FUNC(char, free_func))
-# define sk_OPENSSL_STRING_deep_copy(st, copy_func, free_func) ((STACK_OF(OPENSSL_STRING) *)sk_deep_copy(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_COPY_FUNC(char, copy_func), CHECKED_SK_FREE_FUNC(char, free_func)))
-# define sk_OPENSSL_STRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val), i)
-# define sk_OPENSSL_STRING_free(st) SKM_sk_free(OPENSSL_STRING, st)
-# define sk_OPENSSL_STRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_STRING, st), i, CHECKED_PTR_OF(char, val))
-# define sk_OPENSSL_STRING_zero(st) SKM_sk_zero(OPENSSL_STRING, (st))
-# define sk_OPENSSL_STRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
-# define sk_OPENSSL_STRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_CONST_PTR_OF(char, val))
-# define sk_OPENSSL_STRING_delete(st, i) SKM_sk_delete(OPENSSL_STRING, (st), (i))
-# define sk_OPENSSL_STRING_delete_ptr(st, ptr) (OPENSSL_STRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, ptr))
-# define sk_OPENSSL_STRING_set_cmp_func(st, cmp)  \
-        ((int (*)(const char * const *,const char * const *)) \
-        sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_CMP_FUNC(char, cmp)))
-# define sk_OPENSSL_STRING_dup(st) SKM_sk_dup(OPENSSL_STRING, st)
-# define sk_OPENSSL_STRING_shift(st) SKM_sk_shift(OPENSSL_STRING, (st))
-# define sk_OPENSSL_STRING_pop(st) (char *)sk_pop(CHECKED_STACK_OF(OPENSSL_STRING, st))
-# define sk_OPENSSL_STRING_sort(st) SKM_sk_sort(OPENSSL_STRING, (st))
-# define sk_OPENSSL_STRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_STRING, (st))
-# define sk_OPENSSL_BLOCK_new(cmp) ((STACK_OF(OPENSSL_BLOCK) *)sk_new(CHECKED_SK_CMP_FUNC(void, cmp)))
-# define sk_OPENSSL_BLOCK_new_null() ((STACK_OF(OPENSSL_BLOCK) *)sk_new_null())
-# define sk_OPENSSL_BLOCK_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
-# define sk_OPENSSL_BLOCK_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
-# define sk_OPENSSL_BLOCK_value(st, i) ((OPENSSL_BLOCK)sk_value(CHECKED_STACK_OF(OPENSSL_BLOCK, st), i))
-# define sk_OPENSSL_BLOCK_num(st) SKM_sk_num(OPENSSL_BLOCK, st)
-# define sk_OPENSSL_BLOCK_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_SK_FREE_FUNC(void, free_func))
-# define sk_OPENSSL_BLOCK_deep_copy(st, copy_func, free_func) ((STACK_OF(OPENSSL_BLOCK) *)sk_deep_copy(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_SK_COPY_FUNC(void, copy_func), CHECKED_SK_FREE_FUNC(void, free_func)))
-# define sk_OPENSSL_BLOCK_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val), i)
-# define sk_OPENSSL_BLOCK_free(st) SKM_sk_free(OPENSSL_BLOCK, st)
-# define sk_OPENSSL_BLOCK_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_BLOCK, st), i, CHECKED_PTR_OF(void, val))
-# define sk_OPENSSL_BLOCK_zero(st) SKM_sk_zero(OPENSSL_BLOCK, (st))
-# define sk_OPENSSL_BLOCK_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
-# define sk_OPENSSL_BLOCK_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_CONST_PTR_OF(void, val))
-# define sk_OPENSSL_BLOCK_delete(st, i) SKM_sk_delete(OPENSSL_BLOCK, (st), (i))
-# define sk_OPENSSL_BLOCK_delete_ptr(st, ptr) (OPENSSL_BLOCK *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, ptr))
-# define sk_OPENSSL_BLOCK_set_cmp_func(st, cmp)  \
-        ((int (*)(const void * const *,const void * const *)) \
-        sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_SK_CMP_FUNC(void, cmp)))
-# define sk_OPENSSL_BLOCK_dup(st) SKM_sk_dup(OPENSSL_BLOCK, st)
-# define sk_OPENSSL_BLOCK_shift(st) SKM_sk_shift(OPENSSL_BLOCK, (st))
-# define sk_OPENSSL_BLOCK_pop(st) (void *)sk_pop(CHECKED_STACK_OF(OPENSSL_BLOCK, st))
-# define sk_OPENSSL_BLOCK_sort(st) SKM_sk_sort(OPENSSL_BLOCK, (st))
-# define sk_OPENSSL_BLOCK_is_sorted(st) SKM_sk_is_sorted(OPENSSL_BLOCK, (st))
-# define sk_OPENSSL_PSTRING_new(cmp) ((STACK_OF(OPENSSL_PSTRING) *)sk_new(CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
-# define sk_OPENSSL_PSTRING_new_null() ((STACK_OF(OPENSSL_PSTRING) *)sk_new_null())
-# define sk_OPENSSL_PSTRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
-# define sk_OPENSSL_PSTRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
-# define sk_OPENSSL_PSTRING_value(st, i) ((OPENSSL_PSTRING)sk_value(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i))
-# define sk_OPENSSL_PSTRING_num(st) SKM_sk_num(OPENSSL_PSTRING, st)
-# define sk_OPENSSL_PSTRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_FREE_FUNC(OPENSSL_STRING, free_func))
-# define sk_OPENSSL_PSTRING_deep_copy(st, copy_func, free_func) ((STACK_OF(OPENSSL_PSTRING) *)sk_deep_copy(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_COPY_FUNC(OPENSSL_STRING, copy_func), CHECKED_SK_FREE_FUNC(OPENSSL_STRING, free_func)))
-# define sk_OPENSSL_PSTRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val), i)
-# define sk_OPENSSL_PSTRING_free(st) SKM_sk_free(OPENSSL_PSTRING, st)
-# define sk_OPENSSL_PSTRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i, CHECKED_PTR_OF(OPENSSL_STRING, val))
-# define sk_OPENSSL_PSTRING_zero(st) SKM_sk_zero(OPENSSL_PSTRING, (st))
-# define sk_OPENSSL_PSTRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
-# define sk_OPENSSL_PSTRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_CONST_PTR_OF(OPENSSL_STRING, val))
-# define sk_OPENSSL_PSTRING_delete(st, i) SKM_sk_delete(OPENSSL_PSTRING, (st), (i))
-# define sk_OPENSSL_PSTRING_delete_ptr(st, ptr) (OPENSSL_PSTRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, ptr))
-# define sk_OPENSSL_PSTRING_set_cmp_func(st, cmp)  \
-        ((int (*)(const OPENSSL_STRING * const *,const OPENSSL_STRING * const *)) \
-        sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
-# define sk_OPENSSL_PSTRING_dup(st) SKM_sk_dup(OPENSSL_PSTRING, st)
-# define sk_OPENSSL_PSTRING_shift(st) SKM_sk_shift(OPENSSL_PSTRING, (st))
-# define sk_OPENSSL_PSTRING_pop(st) (OPENSSL_STRING *)sk_pop(CHECKED_STACK_OF(OPENSSL_PSTRING, st))
-# define sk_OPENSSL_PSTRING_sort(st) SKM_sk_sort(OPENSSL_PSTRING, (st))
-# define sk_OPENSSL_PSTRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_PSTRING, (st))
-# define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(ACCESS_DESCRIPTION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(ACCESS_DESCRIPTION, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_ACCESS_DESCRIPTION(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(ACCESS_DESCRIPTION, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_ACCESS_DESCRIPTION(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(ACCESS_DESCRIPTION, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_ASN1_INTEGER(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(ASN1_INTEGER, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_ASN1_INTEGER(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(ASN1_INTEGER, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_ASN1_INTEGER(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(ASN1_INTEGER, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_ASN1_INTEGER(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(ASN1_INTEGER, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_ASN1_OBJECT(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(ASN1_OBJECT, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_ASN1_OBJECT(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(ASN1_OBJECT, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_ASN1_OBJECT(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(ASN1_OBJECT, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_ASN1_OBJECT(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(ASN1_OBJECT, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_ASN1_TYPE(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(ASN1_TYPE, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_ASN1_TYPE(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(ASN1_TYPE, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_ASN1_TYPE(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(ASN1_TYPE, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_ASN1_TYPE(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(ASN1_TYPE, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_ASN1_UTF8STRING(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(ASN1_UTF8STRING, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_ASN1_UTF8STRING(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(ASN1_UTF8STRING, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_ASN1_UTF8STRING(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(ASN1_UTF8STRING, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_ASN1_UTF8STRING(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(ASN1_UTF8STRING, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_DIST_POINT(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(DIST_POINT, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_DIST_POINT(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(DIST_POINT, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_DIST_POINT(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(DIST_POINT, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_DIST_POINT(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(DIST_POINT, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_ESS_CERT_ID(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(ESS_CERT_ID, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_ESS_CERT_ID(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(ESS_CERT_ID, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_ESS_CERT_ID(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(ESS_CERT_ID, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_ESS_CERT_ID(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(ESS_CERT_ID, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_EVP_MD(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(EVP_MD, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_EVP_MD(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(EVP_MD, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_EVP_MD(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(EVP_MD, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_EVP_MD(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(EVP_MD, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_GENERAL_NAME(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(GENERAL_NAME, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_GENERAL_NAME(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(GENERAL_NAME, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_GENERAL_NAME(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(GENERAL_NAME, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_GENERAL_NAME(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(GENERAL_NAME, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_OCSP_ONEREQ(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(OCSP_ONEREQ, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_OCSP_ONEREQ(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(OCSP_ONEREQ, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_OCSP_ONEREQ(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(OCSP_ONEREQ, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_OCSP_ONEREQ(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(OCSP_ONEREQ, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_OCSP_SINGLERESP(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(OCSP_SINGLERESP, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_OCSP_SINGLERESP(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(OCSP_SINGLERESP, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_OCSP_SINGLERESP(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(OCSP_SINGLERESP, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_OCSP_SINGLERESP(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(OCSP_SINGLERESP, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_PKCS12_SAFEBAG(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(PKCS12_SAFEBAG, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_PKCS12_SAFEBAG(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(PKCS12_SAFEBAG, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_PKCS12_SAFEBAG(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(PKCS12_SAFEBAG, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_PKCS12_SAFEBAG(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(PKCS12_SAFEBAG, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_PKCS7(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(PKCS7, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_PKCS7(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(PKCS7, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_PKCS7(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(PKCS7, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_PKCS7(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(PKCS7, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_PKCS7_RECIP_INFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(PKCS7_RECIP_INFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_PKCS7_RECIP_INFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(PKCS7_RECIP_INFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_PKCS7_RECIP_INFO(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(PKCS7_RECIP_INFO, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_PKCS7_RECIP_INFO(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(PKCS7_RECIP_INFO, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(PKCS7_SIGNER_INFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(PKCS7_SIGNER_INFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_PKCS7_SIGNER_INFO(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(PKCS7_SIGNER_INFO, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_PKCS7_SIGNER_INFO(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(PKCS7_SIGNER_INFO, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_POLICYINFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(POLICYINFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_POLICYINFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(POLICYINFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_POLICYINFO(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(POLICYINFO, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_POLICYINFO(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(POLICYINFO, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_POLICYQUALINFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(POLICYQUALINFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_POLICYQUALINFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(POLICYQUALINFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_POLICYQUALINFO(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(POLICYQUALINFO, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_POLICYQUALINFO(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(POLICYQUALINFO, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_SXNETID(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(SXNETID, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_SXNETID(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(SXNETID, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_SXNETID(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(SXNETID, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_SXNETID(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(SXNETID, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_X509(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(X509, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_X509(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(X509, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_X509(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(X509, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_X509(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(X509, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_X509_ALGOR(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(X509_ALGOR, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_X509_ALGOR(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(X509_ALGOR, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_X509_ALGOR(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(X509_ALGOR, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_X509_ALGOR(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(X509_ALGOR, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_X509_ATTRIBUTE(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(X509_ATTRIBUTE, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_X509_ATTRIBUTE(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(X509_ATTRIBUTE, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_X509_ATTRIBUTE(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(X509_ATTRIBUTE, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_X509_ATTRIBUTE(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(X509_ATTRIBUTE, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_X509_CRL(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(X509_CRL, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_X509_CRL(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(X509_CRL, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_X509_CRL(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(X509_CRL, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_X509_CRL(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(X509_CRL, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_X509_EXTENSION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(X509_EXTENSION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_X509_EXTENSION(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(X509_EXTENSION, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_X509_EXTENSION(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(X509_EXTENSION, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_X509_EXTENSION(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(X509_EXTENSION, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_X509_NAME_ENTRY(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(X509_NAME_ENTRY, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_X509_NAME_ENTRY(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(X509_NAME_ENTRY, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_X509_NAME_ENTRY(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(X509_NAME_ENTRY, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_X509_NAME_ENTRY(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(X509_NAME_ENTRY, (buf), (len), (d2i_func), (free_func))
-# define d2i_ASN1_SET_OF_X509_REVOKED(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-        SKM_ASN1_SET_OF_d2i(X509_REVOKED, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
-# define i2d_ASN1_SET_OF_X509_REVOKED(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-        SKM_ASN1_SET_OF_i2d(X509_REVOKED, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-# define ASN1_seq_pack_X509_REVOKED(st, i2d_func, buf, len) \
-        SKM_ASN1_seq_pack(X509_REVOKED, (st), (i2d_func), (buf), (len))
-# define ASN1_seq_unpack_X509_REVOKED(buf, len, d2i_func, free_func) \
-        SKM_ASN1_seq_unpack(X509_REVOKED, (buf), (len), (d2i_func), (free_func))
-# define PKCS12_decrypt_d2i_PKCS12_SAFEBAG(algor, d2i_func, free_func, pass, passlen, oct, seq) \
-        SKM_PKCS12_decrypt_d2i(PKCS12_SAFEBAG, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq))
-# define PKCS12_decrypt_d2i_PKCS7(algor, d2i_func, free_func, pass, passlen, oct, seq) \
-        SKM_PKCS12_decrypt_d2i(PKCS7, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq))
-# define lh_ADDED_OBJ_new() LHM_lh_new(ADDED_OBJ,added_obj)
-# define lh_ADDED_OBJ_insert(lh,inst) LHM_lh_insert(ADDED_OBJ,lh,inst)
-# define lh_ADDED_OBJ_retrieve(lh,inst) LHM_lh_retrieve(ADDED_OBJ,lh,inst)
-# define lh_ADDED_OBJ_delete(lh,inst) LHM_lh_delete(ADDED_OBJ,lh,inst)
-# define lh_ADDED_OBJ_doall(lh,fn) LHM_lh_doall(ADDED_OBJ,lh,fn)
-# define lh_ADDED_OBJ_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(ADDED_OBJ,lh,fn,arg_type,arg)
-# define lh_ADDED_OBJ_error(lh) LHM_lh_error(ADDED_OBJ,lh)
-# define lh_ADDED_OBJ_num_items(lh) LHM_lh_num_items(ADDED_OBJ,lh)
-# define lh_ADDED_OBJ_down_load(lh) LHM_lh_down_load(ADDED_OBJ,lh)
-# define lh_ADDED_OBJ_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(ADDED_OBJ,lh,out)
-# define lh_ADDED_OBJ_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(ADDED_OBJ,lh,out)
-# define lh_ADDED_OBJ_stats_bio(lh,out) \
-  LHM_lh_stats_bio(ADDED_OBJ,lh,out)
-# define lh_ADDED_OBJ_free(lh) LHM_lh_free(ADDED_OBJ,lh)
-# define lh_APP_INFO_new() LHM_lh_new(APP_INFO,app_info)
-# define lh_APP_INFO_insert(lh,inst) LHM_lh_insert(APP_INFO,lh,inst)
-# define lh_APP_INFO_retrieve(lh,inst) LHM_lh_retrieve(APP_INFO,lh,inst)
-# define lh_APP_INFO_delete(lh,inst) LHM_lh_delete(APP_INFO,lh,inst)
-# define lh_APP_INFO_doall(lh,fn) LHM_lh_doall(APP_INFO,lh,fn)
-# define lh_APP_INFO_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(APP_INFO,lh,fn,arg_type,arg)
-# define lh_APP_INFO_error(lh) LHM_lh_error(APP_INFO,lh)
-# define lh_APP_INFO_num_items(lh) LHM_lh_num_items(APP_INFO,lh)
-# define lh_APP_INFO_down_load(lh) LHM_lh_down_load(APP_INFO,lh)
-# define lh_APP_INFO_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(APP_INFO,lh,out)
-# define lh_APP_INFO_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(APP_INFO,lh,out)
-# define lh_APP_INFO_stats_bio(lh,out) \
-  LHM_lh_stats_bio(APP_INFO,lh,out)
-# define lh_APP_INFO_free(lh) LHM_lh_free(APP_INFO,lh)
-# define lh_CONF_VALUE_new() LHM_lh_new(CONF_VALUE,conf_value)
-# define lh_CONF_VALUE_insert(lh,inst) LHM_lh_insert(CONF_VALUE,lh,inst)
-# define lh_CONF_VALUE_retrieve(lh,inst) LHM_lh_retrieve(CONF_VALUE,lh,inst)
-# define lh_CONF_VALUE_delete(lh,inst) LHM_lh_delete(CONF_VALUE,lh,inst)
-# define lh_CONF_VALUE_doall(lh,fn) LHM_lh_doall(CONF_VALUE,lh,fn)
-# define lh_CONF_VALUE_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(CONF_VALUE,lh,fn,arg_type,arg)
-# define lh_CONF_VALUE_error(lh) LHM_lh_error(CONF_VALUE,lh)
-# define lh_CONF_VALUE_num_items(lh) LHM_lh_num_items(CONF_VALUE,lh)
-# define lh_CONF_VALUE_down_load(lh) LHM_lh_down_load(CONF_VALUE,lh)
-# define lh_CONF_VALUE_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(CONF_VALUE,lh,out)
-# define lh_CONF_VALUE_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(CONF_VALUE,lh,out)
-# define lh_CONF_VALUE_stats_bio(lh,out) \
-  LHM_lh_stats_bio(CONF_VALUE,lh,out)
-# define lh_CONF_VALUE_free(lh) LHM_lh_free(CONF_VALUE,lh)
-# define lh_ENGINE_PILE_new() LHM_lh_new(ENGINE_PILE,engine_pile)
-# define lh_ENGINE_PILE_insert(lh,inst) LHM_lh_insert(ENGINE_PILE,lh,inst)
-# define lh_ENGINE_PILE_retrieve(lh,inst) LHM_lh_retrieve(ENGINE_PILE,lh,inst)
-# define lh_ENGINE_PILE_delete(lh,inst) LHM_lh_delete(ENGINE_PILE,lh,inst)
-# define lh_ENGINE_PILE_doall(lh,fn) LHM_lh_doall(ENGINE_PILE,lh,fn)
-# define lh_ENGINE_PILE_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(ENGINE_PILE,lh,fn,arg_type,arg)
-# define lh_ENGINE_PILE_error(lh) LHM_lh_error(ENGINE_PILE,lh)
-# define lh_ENGINE_PILE_num_items(lh) LHM_lh_num_items(ENGINE_PILE,lh)
-# define lh_ENGINE_PILE_down_load(lh) LHM_lh_down_load(ENGINE_PILE,lh)
-# define lh_ENGINE_PILE_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(ENGINE_PILE,lh,out)
-# define lh_ENGINE_PILE_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(ENGINE_PILE,lh,out)
-# define lh_ENGINE_PILE_stats_bio(lh,out) \
-  LHM_lh_stats_bio(ENGINE_PILE,lh,out)
-# define lh_ENGINE_PILE_free(lh) LHM_lh_free(ENGINE_PILE,lh)
-# define lh_ERR_STATE_new() LHM_lh_new(ERR_STATE,err_state)
-# define lh_ERR_STATE_insert(lh,inst) LHM_lh_insert(ERR_STATE,lh,inst)
-# define lh_ERR_STATE_retrieve(lh,inst) LHM_lh_retrieve(ERR_STATE,lh,inst)
-# define lh_ERR_STATE_delete(lh,inst) LHM_lh_delete(ERR_STATE,lh,inst)
-# define lh_ERR_STATE_doall(lh,fn) LHM_lh_doall(ERR_STATE,lh,fn)
-# define lh_ERR_STATE_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(ERR_STATE,lh,fn,arg_type,arg)
-# define lh_ERR_STATE_error(lh) LHM_lh_error(ERR_STATE,lh)
-# define lh_ERR_STATE_num_items(lh) LHM_lh_num_items(ERR_STATE,lh)
-# define lh_ERR_STATE_down_load(lh) LHM_lh_down_load(ERR_STATE,lh)
-# define lh_ERR_STATE_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(ERR_STATE,lh,out)
-# define lh_ERR_STATE_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(ERR_STATE,lh,out)
-# define lh_ERR_STATE_stats_bio(lh,out) \
-  LHM_lh_stats_bio(ERR_STATE,lh,out)
-# define lh_ERR_STATE_free(lh) LHM_lh_free(ERR_STATE,lh)
-# define lh_ERR_STRING_DATA_new() LHM_lh_new(ERR_STRING_DATA,err_string_data)
-# define lh_ERR_STRING_DATA_insert(lh,inst) LHM_lh_insert(ERR_STRING_DATA,lh,inst)
-# define lh_ERR_STRING_DATA_retrieve(lh,inst) LHM_lh_retrieve(ERR_STRING_DATA,lh,inst)
-# define lh_ERR_STRING_DATA_delete(lh,inst) LHM_lh_delete(ERR_STRING_DATA,lh,inst)
-# define lh_ERR_STRING_DATA_doall(lh,fn) LHM_lh_doall(ERR_STRING_DATA,lh,fn)
-# define lh_ERR_STRING_DATA_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(ERR_STRING_DATA,lh,fn,arg_type,arg)
-# define lh_ERR_STRING_DATA_error(lh) LHM_lh_error(ERR_STRING_DATA,lh)
-# define lh_ERR_STRING_DATA_num_items(lh) LHM_lh_num_items(ERR_STRING_DATA,lh)
-# define lh_ERR_STRING_DATA_down_load(lh) LHM_lh_down_load(ERR_STRING_DATA,lh)
-# define lh_ERR_STRING_DATA_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(ERR_STRING_DATA,lh,out)
-# define lh_ERR_STRING_DATA_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(ERR_STRING_DATA,lh,out)
-# define lh_ERR_STRING_DATA_stats_bio(lh,out) \
-  LHM_lh_stats_bio(ERR_STRING_DATA,lh,out)
-# define lh_ERR_STRING_DATA_free(lh) LHM_lh_free(ERR_STRING_DATA,lh)
-# define lh_EX_CLASS_ITEM_new() LHM_lh_new(EX_CLASS_ITEM,ex_class_item)
-# define lh_EX_CLASS_ITEM_insert(lh,inst) LHM_lh_insert(EX_CLASS_ITEM,lh,inst)
-# define lh_EX_CLASS_ITEM_retrieve(lh,inst) LHM_lh_retrieve(EX_CLASS_ITEM,lh,inst)
-# define lh_EX_CLASS_ITEM_delete(lh,inst) LHM_lh_delete(EX_CLASS_ITEM,lh,inst)
-# define lh_EX_CLASS_ITEM_doall(lh,fn) LHM_lh_doall(EX_CLASS_ITEM,lh,fn)
-# define lh_EX_CLASS_ITEM_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(EX_CLASS_ITEM,lh,fn,arg_type,arg)
-# define lh_EX_CLASS_ITEM_error(lh) LHM_lh_error(EX_CLASS_ITEM,lh)
-# define lh_EX_CLASS_ITEM_num_items(lh) LHM_lh_num_items(EX_CLASS_ITEM,lh)
-# define lh_EX_CLASS_ITEM_down_load(lh) LHM_lh_down_load(EX_CLASS_ITEM,lh)
-# define lh_EX_CLASS_ITEM_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(EX_CLASS_ITEM,lh,out)
-# define lh_EX_CLASS_ITEM_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(EX_CLASS_ITEM,lh,out)
-# define lh_EX_CLASS_ITEM_stats_bio(lh,out) \
-  LHM_lh_stats_bio(EX_CLASS_ITEM,lh,out)
-# define lh_EX_CLASS_ITEM_free(lh) LHM_lh_free(EX_CLASS_ITEM,lh)
-# define lh_FUNCTION_new() LHM_lh_new(FUNCTION,function)
-# define lh_FUNCTION_insert(lh,inst) LHM_lh_insert(FUNCTION,lh,inst)
-# define lh_FUNCTION_retrieve(lh,inst) LHM_lh_retrieve(FUNCTION,lh,inst)
-# define lh_FUNCTION_delete(lh,inst) LHM_lh_delete(FUNCTION,lh,inst)
-# define lh_FUNCTION_doall(lh,fn) LHM_lh_doall(FUNCTION,lh,fn)
-# define lh_FUNCTION_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(FUNCTION,lh,fn,arg_type,arg)
-# define lh_FUNCTION_error(lh) LHM_lh_error(FUNCTION,lh)
-# define lh_FUNCTION_num_items(lh) LHM_lh_num_items(FUNCTION,lh)
-# define lh_FUNCTION_down_load(lh) LHM_lh_down_load(FUNCTION,lh)
-# define lh_FUNCTION_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(FUNCTION,lh,out)
-# define lh_FUNCTION_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(FUNCTION,lh,out)
-# define lh_FUNCTION_stats_bio(lh,out) \
-  LHM_lh_stats_bio(FUNCTION,lh,out)
-# define lh_FUNCTION_free(lh) LHM_lh_free(FUNCTION,lh)
-# define lh_MEM_new() LHM_lh_new(MEM,mem)
-# define lh_MEM_insert(lh,inst) LHM_lh_insert(MEM,lh,inst)
-# define lh_MEM_retrieve(lh,inst) LHM_lh_retrieve(MEM,lh,inst)
-# define lh_MEM_delete(lh,inst) LHM_lh_delete(MEM,lh,inst)
-# define lh_MEM_doall(lh,fn) LHM_lh_doall(MEM,lh,fn)
-# define lh_MEM_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(MEM,lh,fn,arg_type,arg)
-# define lh_MEM_error(lh) LHM_lh_error(MEM,lh)
-# define lh_MEM_num_items(lh) LHM_lh_num_items(MEM,lh)
-# define lh_MEM_down_load(lh) LHM_lh_down_load(MEM,lh)
-# define lh_MEM_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(MEM,lh,out)
-# define lh_MEM_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(MEM,lh,out)
-# define lh_MEM_stats_bio(lh,out) \
-  LHM_lh_stats_bio(MEM,lh,out)
-# define lh_MEM_free(lh) LHM_lh_free(MEM,lh)
-# define lh_OBJ_NAME_new() LHM_lh_new(OBJ_NAME,obj_name)
-# define lh_OBJ_NAME_insert(lh,inst) LHM_lh_insert(OBJ_NAME,lh,inst)
-# define lh_OBJ_NAME_retrieve(lh,inst) LHM_lh_retrieve(OBJ_NAME,lh,inst)
-# define lh_OBJ_NAME_delete(lh,inst) LHM_lh_delete(OBJ_NAME,lh,inst)
-# define lh_OBJ_NAME_doall(lh,fn) LHM_lh_doall(OBJ_NAME,lh,fn)
-# define lh_OBJ_NAME_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(OBJ_NAME,lh,fn,arg_type,arg)
-# define lh_OBJ_NAME_error(lh) LHM_lh_error(OBJ_NAME,lh)
-# define lh_OBJ_NAME_num_items(lh) LHM_lh_num_items(OBJ_NAME,lh)
-# define lh_OBJ_NAME_down_load(lh) LHM_lh_down_load(OBJ_NAME,lh)
-# define lh_OBJ_NAME_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(OBJ_NAME,lh,out)
-# define lh_OBJ_NAME_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(OBJ_NAME,lh,out)
-# define lh_OBJ_NAME_stats_bio(lh,out) \
-  LHM_lh_stats_bio(OBJ_NAME,lh,out)
-# define lh_OBJ_NAME_free(lh) LHM_lh_free(OBJ_NAME,lh)
-# define lh_OPENSSL_CSTRING_new() LHM_lh_new(OPENSSL_CSTRING,openssl_cstring)
-# define lh_OPENSSL_CSTRING_insert(lh,inst) LHM_lh_insert(OPENSSL_CSTRING,lh,inst)
-# define lh_OPENSSL_CSTRING_retrieve(lh,inst) LHM_lh_retrieve(OPENSSL_CSTRING,lh,inst)
-# define lh_OPENSSL_CSTRING_delete(lh,inst) LHM_lh_delete(OPENSSL_CSTRING,lh,inst)
-# define lh_OPENSSL_CSTRING_doall(lh,fn) LHM_lh_doall(OPENSSL_CSTRING,lh,fn)
-# define lh_OPENSSL_CSTRING_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(OPENSSL_CSTRING,lh,fn,arg_type,arg)
-# define lh_OPENSSL_CSTRING_error(lh) LHM_lh_error(OPENSSL_CSTRING,lh)
-# define lh_OPENSSL_CSTRING_num_items(lh) LHM_lh_num_items(OPENSSL_CSTRING,lh)
-# define lh_OPENSSL_CSTRING_down_load(lh) LHM_lh_down_load(OPENSSL_CSTRING,lh)
-# define lh_OPENSSL_CSTRING_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(OPENSSL_CSTRING,lh,out)
-# define lh_OPENSSL_CSTRING_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(OPENSSL_CSTRING,lh,out)
-# define lh_OPENSSL_CSTRING_stats_bio(lh,out) \
-  LHM_lh_stats_bio(OPENSSL_CSTRING,lh,out)
-# define lh_OPENSSL_CSTRING_free(lh) LHM_lh_free(OPENSSL_CSTRING,lh)
-# define lh_OPENSSL_STRING_new() LHM_lh_new(OPENSSL_STRING,openssl_string)
-# define lh_OPENSSL_STRING_insert(lh,inst) LHM_lh_insert(OPENSSL_STRING,lh,inst)
-# define lh_OPENSSL_STRING_retrieve(lh,inst) LHM_lh_retrieve(OPENSSL_STRING,lh,inst)
-# define lh_OPENSSL_STRING_delete(lh,inst) LHM_lh_delete(OPENSSL_STRING,lh,inst)
-# define lh_OPENSSL_STRING_doall(lh,fn) LHM_lh_doall(OPENSSL_STRING,lh,fn)
-# define lh_OPENSSL_STRING_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(OPENSSL_STRING,lh,fn,arg_type,arg)
-# define lh_OPENSSL_STRING_error(lh) LHM_lh_error(OPENSSL_STRING,lh)
-# define lh_OPENSSL_STRING_num_items(lh) LHM_lh_num_items(OPENSSL_STRING,lh)
-# define lh_OPENSSL_STRING_down_load(lh) LHM_lh_down_load(OPENSSL_STRING,lh)
-# define lh_OPENSSL_STRING_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(OPENSSL_STRING,lh,out)
-# define lh_OPENSSL_STRING_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(OPENSSL_STRING,lh,out)
-# define lh_OPENSSL_STRING_stats_bio(lh,out) \
-  LHM_lh_stats_bio(OPENSSL_STRING,lh,out)
-# define lh_OPENSSL_STRING_free(lh) LHM_lh_free(OPENSSL_STRING,lh)
-# define lh_SSL_SESSION_new() LHM_lh_new(SSL_SESSION,ssl_session)
-# define lh_SSL_SESSION_insert(lh,inst) LHM_lh_insert(SSL_SESSION,lh,inst)
-# define lh_SSL_SESSION_retrieve(lh,inst) LHM_lh_retrieve(SSL_SESSION,lh,inst)
-# define lh_SSL_SESSION_delete(lh,inst) LHM_lh_delete(SSL_SESSION,lh,inst)
-# define lh_SSL_SESSION_doall(lh,fn) LHM_lh_doall(SSL_SESSION,lh,fn)
-# define lh_SSL_SESSION_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(SSL_SESSION,lh,fn,arg_type,arg)
-# define lh_SSL_SESSION_error(lh) LHM_lh_error(SSL_SESSION,lh)
-# define lh_SSL_SESSION_num_items(lh) LHM_lh_num_items(SSL_SESSION,lh)
-# define lh_SSL_SESSION_down_load(lh) LHM_lh_down_load(SSL_SESSION,lh)
-# define lh_SSL_SESSION_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(SSL_SESSION,lh,out)
-# define lh_SSL_SESSION_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(SSL_SESSION,lh,out)
-# define lh_SSL_SESSION_stats_bio(lh,out) \
-  LHM_lh_stats_bio(SSL_SESSION,lh,out)
-# define lh_SSL_SESSION_free(lh) LHM_lh_free(SSL_SESSION,lh)
-#ifdef  __cplusplus
-}
-#endif
-#endif                          /* !defined HEADER_SAFESTACK_H */
diff --git a/thirdparty/openssl/openssl/seed.h b/thirdparty/openssl/openssl/seed.h
deleted file mode 100644
index 8cbf0d9281..0000000000
--- a/thirdparty/openssl/openssl/seed.h
+++ /dev/null
@@ -1,149 +0,0 @@
-/*
- * Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Neither the name of author nor the names of its contributors may
- *    be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_SEED_H
-# define HEADER_SEED_H
-
-# include <openssl/opensslconf.h>
-# include <openssl/e_os2.h>
-# include <openssl/crypto.h>
-
-# ifdef OPENSSL_NO_SEED
-#  error SEED is disabled.
-# endif
-
-/* look whether we need 'long' to get 32 bits */
-# ifdef AES_LONG
-#  ifndef SEED_LONG
-#   define SEED_LONG 1
-#  endif
-# endif
-
-# if !defined(NO_SYS_TYPES_H)
-#  include <sys/types.h>
-# endif
-
-# define SEED_BLOCK_SIZE 16
-# define SEED_KEY_LENGTH 16
-
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct seed_key_st {
-# ifdef SEED_LONG
-    unsigned long data[32];
-# else
-    unsigned int data[32];
-# endif
-} SEED_KEY_SCHEDULE;
-
-# ifdef OPENSSL_FIPS
-void private_SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
-                          SEED_KEY_SCHEDULE *ks);
-# endif
-void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
-                  SEED_KEY_SCHEDULE *ks);
-
-void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE],
-                  unsigned char d[SEED_BLOCK_SIZE],
-                  const SEED_KEY_SCHEDULE *ks);
-void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE],
-                  unsigned char d[SEED_BLOCK_SIZE],
-                  const SEED_KEY_SCHEDULE *ks);
-
-void SEED_ecb_encrypt(const unsigned char *in, unsigned char *out,
-                      const SEED_KEY_SCHEDULE *ks, int enc);
-void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out, size_t len,
-                      const SEED_KEY_SCHEDULE *ks,
-                      unsigned char ivec[SEED_BLOCK_SIZE], int enc);
-void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
-                         size_t len, const SEED_KEY_SCHEDULE *ks,
-                         unsigned char ivec[SEED_BLOCK_SIZE], int *num,
-                         int enc);
-void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
-                         size_t len, const SEED_KEY_SCHEDULE *ks,
-                         unsigned char ivec[SEED_BLOCK_SIZE], int *num);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif                          /* HEADER_SEED_H */
diff --git a/thirdparty/openssl/openssl/sha.h b/thirdparty/openssl/openssl/sha.h
deleted file mode 100644
index e5169e4fee..0000000000
--- a/thirdparty/openssl/openssl/sha.h
+++ /dev/null
@@ -1,214 +0,0 @@
-/* crypto/sha/sha.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_SHA_H
-# define HEADER_SHA_H
-
-# include <openssl/e_os2.h>
-# include <stddef.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# if defined(OPENSSL_NO_SHA) || (defined(OPENSSL_NO_SHA0) && defined(OPENSSL_NO_SHA1))
-#  error SHA is disabled.
-# endif
-
-# if defined(OPENSSL_FIPS)
-#  define FIPS_SHA_SIZE_T size_t
-# endif
-
-/*-
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- * ! SHA_LONG has to be at least 32 bits wide. If it's wider, then !
- * ! SHA_LONG_LOG2 has to be defined along.                        !
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- */
-
-# if defined(__LP32__)
-#  define SHA_LONG unsigned long
-# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
-#  define SHA_LONG unsigned long
-#  define SHA_LONG_LOG2 3
-# else
-#  define SHA_LONG unsigned int
-# endif
-
-# define SHA_LBLOCK      16
-# define SHA_CBLOCK      (SHA_LBLOCK*4)/* SHA treats input data as a
-                                        * contiguous array of 32 bit wide
-                                        * big-endian values. */
-# define SHA_LAST_BLOCK  (SHA_CBLOCK-8)
-# define SHA_DIGEST_LENGTH 20
-
-typedef struct SHAstate_st {
-    SHA_LONG h0, h1, h2, h3, h4;
-    SHA_LONG Nl, Nh;
-    SHA_LONG data[SHA_LBLOCK];
-    unsigned int num;
-} SHA_CTX;
-
-# ifndef OPENSSL_NO_SHA0
-#  ifdef OPENSSL_FIPS
-int private_SHA_Init(SHA_CTX *c);
-#  endif
-int SHA_Init(SHA_CTX *c);
-int SHA_Update(SHA_CTX *c, const void *data, size_t len);
-int SHA_Final(unsigned char *md, SHA_CTX *c);
-unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md);
-void SHA_Transform(SHA_CTX *c, const unsigned char *data);
-# endif
-# ifndef OPENSSL_NO_SHA1
-#  ifdef OPENSSL_FIPS
-int private_SHA1_Init(SHA_CTX *c);
-#  endif
-int SHA1_Init(SHA_CTX *c);
-int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
-int SHA1_Final(unsigned char *md, SHA_CTX *c);
-unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md);
-void SHA1_Transform(SHA_CTX *c, const unsigned char *data);
-# endif
-
-# define SHA256_CBLOCK   (SHA_LBLOCK*4)/* SHA-256 treats input data as a
-                                        * contiguous array of 32 bit wide
-                                        * big-endian values. */
-# define SHA224_DIGEST_LENGTH    28
-# define SHA256_DIGEST_LENGTH    32
-
-typedef struct SHA256state_st {
-    SHA_LONG h[8];
-    SHA_LONG Nl, Nh;
-    SHA_LONG data[SHA_LBLOCK];
-    unsigned int num, md_len;
-} SHA256_CTX;
-
-# ifndef OPENSSL_NO_SHA256
-#  ifdef OPENSSL_FIPS
-int private_SHA224_Init(SHA256_CTX *c);
-int private_SHA256_Init(SHA256_CTX *c);
-#  endif
-int SHA224_Init(SHA256_CTX *c);
-int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
-int SHA224_Final(unsigned char *md, SHA256_CTX *c);
-unsigned char *SHA224(const unsigned char *d, size_t n, unsigned char *md);
-int SHA256_Init(SHA256_CTX *c);
-int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
-int SHA256_Final(unsigned char *md, SHA256_CTX *c);
-unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md);
-void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
-# endif
-
-# define SHA384_DIGEST_LENGTH    48
-# define SHA512_DIGEST_LENGTH    64
-
-# ifndef OPENSSL_NO_SHA512
-/*
- * Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64
- * being exactly 64-bit wide. See Implementation Notes in sha512.c
- * for further details.
- */
-/*
- * SHA-512 treats input data as a
- * contiguous array of 64 bit
- * wide big-endian values.
- */
-#  define SHA512_CBLOCK   (SHA_LBLOCK*8)
-#  if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
-#   define SHA_LONG64 unsigned __int64
-#   define U64(C)     C##UI64
-#  elif defined(__arch64__)
-#   define SHA_LONG64 unsigned long
-#   define U64(C)     C##UL
-#  else
-#   define SHA_LONG64 unsigned long long
-#   define U64(C)     C##ULL
-#  endif
-
-typedef struct SHA512state_st {
-    SHA_LONG64 h[8];
-    SHA_LONG64 Nl, Nh;
-    union {
-        SHA_LONG64 d[SHA_LBLOCK];
-        unsigned char p[SHA512_CBLOCK];
-    } u;
-    unsigned int num, md_len;
-} SHA512_CTX;
-# endif
-
-# ifndef OPENSSL_NO_SHA512
-#  ifdef OPENSSL_FIPS
-int private_SHA384_Init(SHA512_CTX *c);
-int private_SHA512_Init(SHA512_CTX *c);
-#  endif
-int SHA384_Init(SHA512_CTX *c);
-int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
-int SHA384_Final(unsigned char *md, SHA512_CTX *c);
-unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md);
-int SHA512_Init(SHA512_CTX *c);
-int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
-int SHA512_Final(unsigned char *md, SHA512_CTX *c);
-unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md);
-void SHA512_Transform(SHA512_CTX *c, const unsigned char *data);
-# endif
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/openssl/srp.h b/thirdparty/openssl/openssl/srp.h
deleted file mode 100644
index 028892a1ff..0000000000
--- a/thirdparty/openssl/openssl/srp.h
+++ /dev/null
@@ -1,179 +0,0 @@
-/* crypto/srp/srp.h */
-/*
- * Written by Christophe Renou (christophe.renou@edelweb.fr) with the
- * precious help of Peter Sylvester (peter.sylvester@edelweb.fr) for the
- * EdelKey project and contributed to the OpenSSL project 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef __SRP_H__
-# define __SRP_H__
-
-# ifndef OPENSSL_NO_SRP
-
-#  include <stdio.h>
-#  include <string.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#  include <openssl/safestack.h>
-#  include <openssl/bn.h>
-#  include <openssl/crypto.h>
-
-typedef struct SRP_gN_cache_st {
-    char *b64_bn;
-    BIGNUM *bn;
-} SRP_gN_cache;
-
-
-DECLARE_STACK_OF(SRP_gN_cache)
-
-typedef struct SRP_user_pwd_st {
-    /* Owned by us. */
-    char *id;
-    BIGNUM *s;
-    BIGNUM *v;
-    /* Not owned by us. */
-    const BIGNUM *g;
-    const BIGNUM *N;
-    /* Owned by us. */
-    char *info;
-} SRP_user_pwd;
-
-DECLARE_STACK_OF(SRP_user_pwd)
-
-void SRP_user_pwd_free(SRP_user_pwd *user_pwd);
-
-typedef struct SRP_VBASE_st {
-    STACK_OF(SRP_user_pwd) *users_pwd;
-    STACK_OF(SRP_gN_cache) *gN_cache;
-/* to simulate a user */
-    char *seed_key;
-    BIGNUM *default_g;
-    BIGNUM *default_N;
-} SRP_VBASE;
-
-/*
- * Structure interne pour retenir les couples N et g
- */
-typedef struct SRP_gN_st {
-    char *id;
-    BIGNUM *g;
-    BIGNUM *N;
-} SRP_gN;
-
-DECLARE_STACK_OF(SRP_gN)
-
-SRP_VBASE *SRP_VBASE_new(char *seed_key);
-int SRP_VBASE_free(SRP_VBASE *vb);
-int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file);
-
-/* This method ignores the configured seed and fails for an unknown user. */
-SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username);
-/* NOTE: unlike in SRP_VBASE_get_by_user, caller owns the returned pointer.*/
-SRP_user_pwd *SRP_VBASE_get1_by_user(SRP_VBASE *vb, char *username);
-
-char *SRP_create_verifier(const char *user, const char *pass, char **salt,
-                          char **verifier, const char *N, const char *g);
-int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
-                           BIGNUM **verifier, BIGNUM *N, BIGNUM *g);
-
-#  define SRP_NO_ERROR 0
-#  define SRP_ERR_VBASE_INCOMPLETE_FILE 1
-#  define SRP_ERR_VBASE_BN_LIB 2
-#  define SRP_ERR_OPEN_FILE 3
-#  define SRP_ERR_MEMORY 4
-
-#  define DB_srptype      0
-#  define DB_srpverifier  1
-#  define DB_srpsalt      2
-#  define DB_srpid        3
-#  define DB_srpgN        4
-#  define DB_srpinfo      5
-#  undef  DB_NUMBER
-#  define DB_NUMBER       6
-
-#  define DB_SRP_INDEX    'I'
-#  define DB_SRP_VALID    'V'
-#  define DB_SRP_REVOKED  'R'
-#  define DB_SRP_MODIF    'v'
-
-/* see srp.c */
-char *SRP_check_known_gN_param(BIGNUM *g, BIGNUM *N);
-SRP_gN *SRP_get_default_gN(const char *id);
-
-/* server side .... */
-BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b,
-                            BIGNUM *N);
-BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v);
-int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N);
-BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N);
-
-/* client side .... */
-BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass);
-BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g);
-BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x,
-                            BIGNUM *a, BIGNUM *u);
-int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N);
-
-#  define SRP_MINIMAL_N 1024
-
-#ifdef  __cplusplus
-}
-#endif
-
-# endif
-#endif
diff --git a/thirdparty/openssl/openssl/srtp.h b/thirdparty/openssl/openssl/srtp.h
deleted file mode 100644
index 2279c32b89..0000000000
--- a/thirdparty/openssl/openssl/srtp.h
+++ /dev/null
@@ -1,147 +0,0 @@
-/* ssl/srtp.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/*
- * DTLS code by Eric Rescorla <ekr@rtfm.com>
- *
- * Copyright (C) 2006, Network Resonance, Inc. Copyright (C) 2011, RTFM, Inc.
- */
-
-#ifndef HEADER_D1_SRTP_H
-# define HEADER_D1_SRTP_H
-
-# include <openssl/ssl.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# define SRTP_AES128_CM_SHA1_80 0x0001
-# define SRTP_AES128_CM_SHA1_32 0x0002
-# define SRTP_AES128_F8_SHA1_80 0x0003
-# define SRTP_AES128_F8_SHA1_32 0x0004
-# define SRTP_NULL_SHA1_80      0x0005
-# define SRTP_NULL_SHA1_32      0x0006
-
-# ifndef OPENSSL_NO_SRTP
-
-int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles);
-int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles);
-
-STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl);
-SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);
-
-# endif
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/openssl/ssl.h b/thirdparty/openssl/openssl/ssl.h
deleted file mode 100644
index 90aeb0ce4e..0000000000
--- a/thirdparty/openssl/openssl/ssl.h
+++ /dev/null
@@ -1,3163 +0,0 @@
-/* ssl/ssl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#ifndef HEADER_SSL_H
-# define HEADER_SSL_H
-
-# include <openssl/e_os2.h>
-
-# ifndef OPENSSL_NO_COMP
-#  include <openssl/comp.h>
-# endif
-# ifndef OPENSSL_NO_BIO
-#  include <openssl/bio.h>
-# endif
-# ifndef OPENSSL_NO_DEPRECATED
-#  ifndef OPENSSL_NO_X509
-#   include <openssl/x509.h>
-#  endif
-#  include <openssl/crypto.h>
-#  include <openssl/lhash.h>
-#  include <openssl/buffer.h>
-# endif
-# include <openssl/pem.h>
-# include <openssl/hmac.h>
-
-# include <openssl/kssl.h>
-# include <openssl/safestack.h>
-# include <openssl/symhacks.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* SSLeay version number for ASN.1 encoding of the session information */
-/*-
- * Version 0 - initial version
- * Version 1 - added the optional peer certificate
- */
-# define SSL_SESSION_ASN1_VERSION 0x0001
-
-/* text strings for the ciphers */
-# define SSL_TXT_NULL_WITH_MD5           SSL2_TXT_NULL_WITH_MD5
-# define SSL_TXT_RC4_128_WITH_MD5        SSL2_TXT_RC4_128_WITH_MD5
-# define SSL_TXT_RC4_128_EXPORT40_WITH_MD5 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5
-# define SSL_TXT_RC2_128_CBC_WITH_MD5    SSL2_TXT_RC2_128_CBC_WITH_MD5
-# define SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5
-# define SSL_TXT_IDEA_128_CBC_WITH_MD5   SSL2_TXT_IDEA_128_CBC_WITH_MD5
-# define SSL_TXT_DES_64_CBC_WITH_MD5     SSL2_TXT_DES_64_CBC_WITH_MD5
-# define SSL_TXT_DES_64_CBC_WITH_SHA     SSL2_TXT_DES_64_CBC_WITH_SHA
-# define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5
-# define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA
-
-/*
- * VRS Additional Kerberos5 entries
- */
-# define SSL_TXT_KRB5_DES_64_CBC_SHA   SSL3_TXT_KRB5_DES_64_CBC_SHA
-# define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
-# define SSL_TXT_KRB5_RC4_128_SHA      SSL3_TXT_KRB5_RC4_128_SHA
-# define SSL_TXT_KRB5_IDEA_128_CBC_SHA SSL3_TXT_KRB5_IDEA_128_CBC_SHA
-# define SSL_TXT_KRB5_DES_64_CBC_MD5   SSL3_TXT_KRB5_DES_64_CBC_MD5
-# define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5
-# define SSL_TXT_KRB5_RC4_128_MD5      SSL3_TXT_KRB5_RC4_128_MD5
-# define SSL_TXT_KRB5_IDEA_128_CBC_MD5 SSL3_TXT_KRB5_IDEA_128_CBC_MD5
-
-# define SSL_TXT_KRB5_DES_40_CBC_SHA   SSL3_TXT_KRB5_DES_40_CBC_SHA
-# define SSL_TXT_KRB5_RC2_40_CBC_SHA   SSL3_TXT_KRB5_RC2_40_CBC_SHA
-# define SSL_TXT_KRB5_RC4_40_SHA       SSL3_TXT_KRB5_RC4_40_SHA
-# define SSL_TXT_KRB5_DES_40_CBC_MD5   SSL3_TXT_KRB5_DES_40_CBC_MD5
-# define SSL_TXT_KRB5_RC2_40_CBC_MD5   SSL3_TXT_KRB5_RC2_40_CBC_MD5
-# define SSL_TXT_KRB5_RC4_40_MD5       SSL3_TXT_KRB5_RC4_40_MD5
-
-# define SSL_TXT_KRB5_DES_40_CBC_SHA   SSL3_TXT_KRB5_DES_40_CBC_SHA
-# define SSL_TXT_KRB5_DES_40_CBC_MD5   SSL3_TXT_KRB5_DES_40_CBC_MD5
-# define SSL_TXT_KRB5_DES_64_CBC_SHA   SSL3_TXT_KRB5_DES_64_CBC_SHA
-# define SSL_TXT_KRB5_DES_64_CBC_MD5   SSL3_TXT_KRB5_DES_64_CBC_MD5
-# define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
-# define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5
-# define SSL_MAX_KRB5_PRINCIPAL_LENGTH  256
-
-# define SSL_MAX_SSL_SESSION_ID_LENGTH           32
-# define SSL_MAX_SID_CTX_LENGTH                  32
-
-# define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES     (512/8)
-# define SSL_MAX_KEY_ARG_LENGTH                  8
-# define SSL_MAX_MASTER_KEY_LENGTH               48
-
-/* These are used to specify which ciphers to use and not to use */
-
-# define SSL_TXT_EXP40           "EXPORT40"
-# define SSL_TXT_EXP56           "EXPORT56"
-# define SSL_TXT_LOW             "LOW"
-# define SSL_TXT_MEDIUM          "MEDIUM"
-# define SSL_TXT_HIGH            "HIGH"
-# define SSL_TXT_FIPS            "FIPS"
-
-# define SSL_TXT_kFZA            "kFZA"/* unused! */
-# define SSL_TXT_aFZA            "aFZA"/* unused! */
-# define SSL_TXT_eFZA            "eFZA"/* unused! */
-# define SSL_TXT_FZA             "FZA"/* unused! */
-
-# define SSL_TXT_aNULL           "aNULL"
-# define SSL_TXT_eNULL           "eNULL"
-# define SSL_TXT_NULL            "NULL"
-
-# define SSL_TXT_kRSA            "kRSA"
-# define SSL_TXT_kDHr            "kDHr"
-# define SSL_TXT_kDHd            "kDHd"
-# define SSL_TXT_kDH             "kDH"
-# define SSL_TXT_kEDH            "kEDH"
-# define SSL_TXT_kDHE            "kDHE"/* alias for kEDH */
-# define SSL_TXT_kKRB5           "kKRB5"
-# define SSL_TXT_kECDHr          "kECDHr"
-# define SSL_TXT_kECDHe          "kECDHe"
-# define SSL_TXT_kECDH           "kECDH"
-# define SSL_TXT_kEECDH          "kEECDH"
-# define SSL_TXT_kECDHE          "kECDHE"/* alias for kEECDH */
-# define SSL_TXT_kPSK            "kPSK"
-# define SSL_TXT_kGOST           "kGOST"
-# define SSL_TXT_kSRP            "kSRP"
-
-# define SSL_TXT_aRSA            "aRSA"
-# define SSL_TXT_aDSS            "aDSS"
-# define SSL_TXT_aDH             "aDH"
-# define SSL_TXT_aECDH           "aECDH"
-# define SSL_TXT_aKRB5           "aKRB5"
-# define SSL_TXT_aECDSA          "aECDSA"
-# define SSL_TXT_aPSK            "aPSK"
-# define SSL_TXT_aGOST94 "aGOST94"
-# define SSL_TXT_aGOST01 "aGOST01"
-# define SSL_TXT_aGOST  "aGOST"
-# define SSL_TXT_aSRP            "aSRP"
-
-# define SSL_TXT_DSS             "DSS"
-# define SSL_TXT_DH              "DH"
-# define SSL_TXT_EDH             "EDH"/* same as "kEDH:-ADH" */
-# define SSL_TXT_DHE             "DHE"/* alias for EDH */
-# define SSL_TXT_ADH             "ADH"
-# define SSL_TXT_RSA             "RSA"
-# define SSL_TXT_ECDH            "ECDH"
-# define SSL_TXT_EECDH           "EECDH"/* same as "kEECDH:-AECDH" */
-# define SSL_TXT_ECDHE           "ECDHE"/* alias for ECDHE" */
-# define SSL_TXT_AECDH           "AECDH"
-# define SSL_TXT_ECDSA           "ECDSA"
-# define SSL_TXT_KRB5            "KRB5"
-# define SSL_TXT_PSK             "PSK"
-# define SSL_TXT_SRP             "SRP"
-
-# define SSL_TXT_DES             "DES"
-# define SSL_TXT_3DES            "3DES"
-# define SSL_TXT_RC4             "RC4"
-# define SSL_TXT_RC2             "RC2"
-# define SSL_TXT_IDEA            "IDEA"
-# define SSL_TXT_SEED            "SEED"
-# define SSL_TXT_AES128          "AES128"
-# define SSL_TXT_AES256          "AES256"
-# define SSL_TXT_AES             "AES"
-# define SSL_TXT_AES_GCM         "AESGCM"
-# define SSL_TXT_CAMELLIA128     "CAMELLIA128"
-# define SSL_TXT_CAMELLIA256     "CAMELLIA256"
-# define SSL_TXT_CAMELLIA        "CAMELLIA"
-
-# define SSL_TXT_MD5             "MD5"
-# define SSL_TXT_SHA1            "SHA1"
-# define SSL_TXT_SHA             "SHA"/* same as "SHA1" */
-# define SSL_TXT_GOST94          "GOST94"
-# define SSL_TXT_GOST89MAC               "GOST89MAC"
-# define SSL_TXT_SHA256          "SHA256"
-# define SSL_TXT_SHA384          "SHA384"
-
-# define SSL_TXT_SSLV2           "SSLv2"
-# define SSL_TXT_SSLV3           "SSLv3"
-# define SSL_TXT_TLSV1           "TLSv1"
-# define SSL_TXT_TLSV1_1         "TLSv1.1"
-# define SSL_TXT_TLSV1_2         "TLSv1.2"
-
-# define SSL_TXT_EXP             "EXP"
-# define SSL_TXT_EXPORT          "EXPORT"
-
-# define SSL_TXT_ALL             "ALL"
-
-/*-
- * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
- * ciphers normally not being used.
- * Example: "RC4" will activate all ciphers using RC4 including ciphers
- * without authentication, which would normally disabled by DEFAULT (due
- * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT"
- * will make sure that it is also disabled in the specific selection.
- * COMPLEMENTOF* identifiers are portable between version, as adjustments
- * to the default cipher setup will also be included here.
- *
- * COMPLEMENTOFDEFAULT does not experience the same special treatment that
- * DEFAULT gets, as only selection is being done and no sorting as needed
- * for DEFAULT.
- */
-# define SSL_TXT_CMPALL          "COMPLEMENTOFALL"
-# define SSL_TXT_CMPDEF          "COMPLEMENTOFDEFAULT"
-
-/*
- * The following cipher list is used by default. It also is substituted when
- * an application-defined cipher list string starts with 'DEFAULT'.
- */
-# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2"
-/*
- * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
- * starts with a reasonable order, and all we have to do for DEFAULT is
- * throwing out anonymous and unencrypted ciphersuites! (The latter are not
- * actually enabled by ALL, but "ALL:RSA" would enable some of them.)
- */
-
-/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
-# define SSL_SENT_SHUTDOWN       1
-# define SSL_RECEIVED_SHUTDOWN   2
-
-#ifdef __cplusplus
-}
-#endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# if (defined(OPENSSL_NO_RSA) || defined(OPENSSL_NO_MD5)) && !defined(OPENSSL_NO_SSL2)
-#  define OPENSSL_NO_SSL2
-# endif
-
-# define SSL_FILETYPE_ASN1       X509_FILETYPE_ASN1
-# define SSL_FILETYPE_PEM        X509_FILETYPE_PEM
-
-/*
- * This is needed to stop compilers complaining about the 'struct ssl_st *'
- * function parameters used to prototype callbacks in SSL_CTX.
- */
-typedef struct ssl_st *ssl_crock_st;
-typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT;
-typedef struct ssl_method_st SSL_METHOD;
-typedef struct ssl_cipher_st SSL_CIPHER;
-typedef struct ssl_session_st SSL_SESSION;
-typedef struct tls_sigalgs_st TLS_SIGALGS;
-typedef struct ssl_conf_ctx_st SSL_CONF_CTX;
-
-DECLARE_STACK_OF(SSL_CIPHER)
-
-/* SRTP protection profiles for use with the use_srtp extension (RFC 5764)*/
-typedef struct srtp_protection_profile_st {
-    const char *name;
-    unsigned long id;
-} SRTP_PROTECTION_PROFILE;
-
-DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE)
-
-typedef int (*tls_session_ticket_ext_cb_fn) (SSL *s,
-                                             const unsigned char *data,
-                                             int len, void *arg);
-typedef int (*tls_session_secret_cb_fn) (SSL *s, void *secret,
-                                         int *secret_len,
-                                         STACK_OF(SSL_CIPHER) *peer_ciphers,
-                                         SSL_CIPHER **cipher, void *arg);
-
-# ifndef OPENSSL_NO_TLSEXT
-
-/* Typedefs for handling custom extensions */
-
-typedef int (*custom_ext_add_cb) (SSL *s, unsigned int ext_type,
-                                  const unsigned char **out,
-                                  size_t *outlen, int *al, void *add_arg);
-
-typedef void (*custom_ext_free_cb) (SSL *s, unsigned int ext_type,
-                                    const unsigned char *out, void *add_arg);
-
-typedef int (*custom_ext_parse_cb) (SSL *s, unsigned int ext_type,
-                                    const unsigned char *in,
-                                    size_t inlen, int *al, void *parse_arg);
-
-# endif
-
-# ifndef OPENSSL_NO_SSL_INTERN
-
-/* used to hold info on the particular ciphers used */
-struct ssl_cipher_st {
-    int valid;
-    const char *name;           /* text name */
-    unsigned long id;           /* id, 4 bytes, first is version */
-    /*
-     * changed in 0.9.9: these four used to be portions of a single value
-     * 'algorithms'
-     */
-    unsigned long algorithm_mkey; /* key exchange algorithm */
-    unsigned long algorithm_auth; /* server authentication */
-    unsigned long algorithm_enc; /* symmetric encryption */
-    unsigned long algorithm_mac; /* symmetric authentication */
-    unsigned long algorithm_ssl; /* (major) protocol version */
-    unsigned long algo_strength; /* strength and export flags */
-    unsigned long algorithm2;   /* Extra flags */
-    int strength_bits;          /* Number of bits really used */
-    int alg_bits;               /* Number of bits for algorithm */
-};
-
-/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */
-struct ssl_method_st {
-    int version;
-    int (*ssl_new) (SSL *s);
-    void (*ssl_clear) (SSL *s);
-    void (*ssl_free) (SSL *s);
-    int (*ssl_accept) (SSL *s);
-    int (*ssl_connect) (SSL *s);
-    int (*ssl_read) (SSL *s, void *buf, int len);
-    int (*ssl_peek) (SSL *s, void *buf, int len);
-    int (*ssl_write) (SSL *s, const void *buf, int len);
-    int (*ssl_shutdown) (SSL *s);
-    int (*ssl_renegotiate) (SSL *s);
-    int (*ssl_renegotiate_check) (SSL *s);
-    long (*ssl_get_message) (SSL *s, int st1, int stn, int mt, long
-                             max, int *ok);
-    int (*ssl_read_bytes) (SSL *s, int type, unsigned char *buf, int len,
-                           int peek);
-    int (*ssl_write_bytes) (SSL *s, int type, const void *buf_, int len);
-    int (*ssl_dispatch_alert) (SSL *s);
-    long (*ssl_ctrl) (SSL *s, int cmd, long larg, void *parg);
-    long (*ssl_ctx_ctrl) (SSL_CTX *ctx, int cmd, long larg, void *parg);
-    const SSL_CIPHER *(*get_cipher_by_char) (const unsigned char *ptr);
-    int (*put_cipher_by_char) (const SSL_CIPHER *cipher, unsigned char *ptr);
-    int (*ssl_pending) (const SSL *s);
-    int (*num_ciphers) (void);
-    const SSL_CIPHER *(*get_cipher) (unsigned ncipher);
-    const struct ssl_method_st *(*get_ssl_method) (int version);
-    long (*get_timeout) (void);
-    struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */
-    int (*ssl_version) (void);
-    long (*ssl_callback_ctrl) (SSL *s, int cb_id, void (*fp) (void));
-    long (*ssl_ctx_callback_ctrl) (SSL_CTX *s, int cb_id, void (*fp) (void));
-};
-
-/*-
- * Lets make this into an ASN.1 type structure as follows
- * SSL_SESSION_ID ::= SEQUENCE {
- *      version                 INTEGER,        -- structure version number
- *      SSLversion              INTEGER,        -- SSL version number
- *      Cipher                  OCTET STRING,   -- the 3 byte cipher ID
- *      Session_ID              OCTET STRING,   -- the Session ID
- *      Master_key              OCTET STRING,   -- the master key
- *      KRB5_principal          OCTET STRING    -- optional Kerberos principal
- *      Key_Arg [ 0 ] IMPLICIT  OCTET STRING,   -- the optional Key argument
- *      Time [ 1 ] EXPLICIT     INTEGER,        -- optional Start Time
- *      Timeout [ 2 ] EXPLICIT  INTEGER,        -- optional Timeout ins seconds
- *      Peer [ 3 ] EXPLICIT     X509,           -- optional Peer Certificate
- *      Session_ID_context [ 4 ] EXPLICIT OCTET STRING,   -- the Session ID context
- *      Verify_result [ 5 ] EXPLICIT INTEGER,   -- X509_V_... code for `Peer'
- *      HostName [ 6 ] EXPLICIT OCTET STRING,   -- optional HostName from servername TLS extension
- *      PSK_identity_hint [ 7 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
- *      PSK_identity [ 8 ] EXPLICIT OCTET STRING,  -- optional PSK identity
- *      Ticket_lifetime_hint [9] EXPLICIT INTEGER, -- server's lifetime hint for session ticket
- *      Ticket [10]             EXPLICIT OCTET STRING, -- session ticket (clients only)
- *      Compression_meth [11]   EXPLICIT OCTET STRING, -- optional compression method
- *      SRP_username [ 12 ] EXPLICIT OCTET STRING -- optional SRP username
- *      }
- * Look in ssl/ssl_asn1.c for more details
- * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
- */
-struct ssl_session_st {
-    int ssl_version;            /* what ssl version session info is being
-                                 * kept in here? */
-    /* only really used in SSLv2 */
-    unsigned int key_arg_length;
-    unsigned char key_arg[SSL_MAX_KEY_ARG_LENGTH];
-    int master_key_length;
-    unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH];
-    /* session_id - valid? */
-    unsigned int session_id_length;
-    unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
-    /*
-     * this is used to determine whether the session is being reused in the
-     * appropriate context. It is up to the application to set this, via
-     * SSL_new
-     */
-    unsigned int sid_ctx_length;
-    unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
-#  ifndef OPENSSL_NO_KRB5
-    unsigned int krb5_client_princ_len;
-    unsigned char krb5_client_princ[SSL_MAX_KRB5_PRINCIPAL_LENGTH];
-#  endif                        /* OPENSSL_NO_KRB5 */
-#  ifndef OPENSSL_NO_PSK
-    char *psk_identity_hint;
-    char *psk_identity;
-#  endif
-    /*
-     * Used to indicate that session resumption is not allowed. Applications
-     * can also set this bit for a new session via not_resumable_session_cb
-     * to disable session caching and tickets.
-     */
-    int not_resumable;
-    /* The cert is the certificate used to establish this connection */
-    struct sess_cert_st /* SESS_CERT */ *sess_cert;
-    /*
-     * This is the cert for the other end. On clients, it will be the same as
-     * sess_cert->peer_key->x509 (the latter is not enough as sess_cert is
-     * not retained in the external representation of sessions, see
-     * ssl_asn1.c).
-     */
-    X509 *peer;
-    /*
-     * when app_verify_callback accepts a session where the peer's
-     * certificate is not ok, we must remember the error for session reuse:
-     */
-    long verify_result;         /* only for servers */
-    int references;
-    long timeout;
-    long time;
-    unsigned int compress_meth; /* Need to lookup the method */
-    const SSL_CIPHER *cipher;
-    unsigned long cipher_id;    /* when ASN.1 loaded, this needs to be used
-                                 * to load the 'cipher' structure */
-    STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */
-    CRYPTO_EX_DATA ex_data;     /* application specific data */
-    /*
-     * These are used to make removal of session-ids more efficient and to
-     * implement a maximum cache size.
-     */
-    struct ssl_session_st *prev, *next;
-#  ifndef OPENSSL_NO_TLSEXT
-    char *tlsext_hostname;
-#   ifndef OPENSSL_NO_EC
-    size_t tlsext_ecpointformatlist_length;
-    unsigned char *tlsext_ecpointformatlist; /* peer's list */
-    size_t tlsext_ellipticcurvelist_length;
-    unsigned char *tlsext_ellipticcurvelist; /* peer's list */
-#   endif                       /* OPENSSL_NO_EC */
-    /* RFC4507 info */
-    unsigned char *tlsext_tick; /* Session ticket */
-    size_t tlsext_ticklen;      /* Session ticket length */
-    long tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */
-#  endif
-#  ifndef OPENSSL_NO_SRP
-    char *srp_username;
-#  endif
-};
-
-# endif
-
-# define SSL_OP_MICROSOFT_SESS_ID_BUG                    0x00000001L
-# define SSL_OP_NETSCAPE_CHALLENGE_BUG                   0x00000002L
-/* Allow initial connection to servers that don't support RI */
-# define SSL_OP_LEGACY_SERVER_CONNECT                    0x00000004L
-# define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG         0x00000008L
-# define SSL_OP_TLSEXT_PADDING                           0x00000010L
-# define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER               0x00000020L
-# define SSL_OP_SAFARI_ECDHE_ECDSA_BUG                   0x00000040L
-# define SSL_OP_SSLEAY_080_CLIENT_DH_BUG                 0x00000080L
-# define SSL_OP_TLS_D5_BUG                               0x00000100L
-# define SSL_OP_TLS_BLOCK_PADDING_BUG                    0x00000200L
-
-/* Hasn't done anything since OpenSSL 0.9.7h, retained for compatibility */
-# define SSL_OP_MSIE_SSLV2_RSA_PADDING                   0x0
-/* Refers to ancient SSLREF and SSLv2, retained for compatibility */
-# define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG              0x0
-
-/*
- * Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added in
- * OpenSSL 0.9.6d.  Usually (depending on the application protocol) the
- * workaround is not needed.  Unfortunately some broken SSL/TLS
- * implementations cannot handle it at all, which is why we include it in
- * SSL_OP_ALL.
- */
-/* added in 0.9.6e */
-# define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS              0x00000800L
-
-/*
- * SSL_OP_ALL: various bug workarounds that should be rather harmless.  This
- * used to be 0x000FFFFFL before 0.9.7.
- */
-# define SSL_OP_ALL                                      0x80000BFFL
-
-/* DTLS options */
-# define SSL_OP_NO_QUERY_MTU                 0x00001000L
-/* Turn on Cookie Exchange (on relevant for servers) */
-# define SSL_OP_COOKIE_EXCHANGE              0x00002000L
-/* Don't use RFC4507 ticket extension */
-# define SSL_OP_NO_TICKET                    0x00004000L
-/* Use Cisco's "speshul" version of DTLS_BAD_VER (as client)  */
-# define SSL_OP_CISCO_ANYCONNECT             0x00008000L
-
-/* As server, disallow session resumption on renegotiation */
-# define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION   0x00010000L
-/* Don't use compression even if supported */
-# define SSL_OP_NO_COMPRESSION                           0x00020000L
-/* Permit unsafe legacy renegotiation */
-# define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION        0x00040000L
-/* If set, always create a new key when using tmp_ecdh parameters */
-# define SSL_OP_SINGLE_ECDH_USE                          0x00080000L
-/* Does nothing: retained for compatibility */
-# define SSL_OP_SINGLE_DH_USE                            0x00100000L
-/* Does nothing: retained for compatibiity */
-# define SSL_OP_EPHEMERAL_RSA                            0x0
-/*
- * Set on servers to choose the cipher according to the server's preferences
- */
-# define SSL_OP_CIPHER_SERVER_PREFERENCE                 0x00400000L
-/*
- * If set, a server will allow a client to issue a SSLv3.0 version number as
- * latest version supported in the premaster secret, even when TLSv1.0
- * (version 3.1) was announced in the client hello. Normally this is
- * forbidden to prevent version rollback attacks.
- */
-# define SSL_OP_TLS_ROLLBACK_BUG                         0x00800000L
-
-# define SSL_OP_NO_SSLv2                                 0x01000000L
-# define SSL_OP_NO_SSLv3                                 0x02000000L
-# define SSL_OP_NO_TLSv1                                 0x04000000L
-# define SSL_OP_NO_TLSv1_2                               0x08000000L
-# define SSL_OP_NO_TLSv1_1                               0x10000000L
-
-# define SSL_OP_NO_DTLSv1                                0x04000000L
-# define SSL_OP_NO_DTLSv1_2                              0x08000000L
-
-# define SSL_OP_NO_SSL_MASK (SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|\
-        SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1_2)
-
-/*
- * These next two were never actually used for anything since SSLeay zap so
- * we have some more flags.
- */
-/*
- * The next flag deliberately changes the ciphertest, this is a check for the
- * PKCS#1 attack
- */
-# define SSL_OP_PKCS1_CHECK_1                            0x0
-# define SSL_OP_PKCS1_CHECK_2                            0x0
-
-# define SSL_OP_NETSCAPE_CA_DN_BUG                       0x20000000L
-# define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG          0x40000000L
-/*
- * Make server add server-hello extension from early version of cryptopro
- * draft, when GOST ciphersuite is negotiated. Required for interoperability
- * with CryptoPro CSP 3.x
- */
-# define SSL_OP_CRYPTOPRO_TLSEXT_BUG                     0x80000000L
-
-/*
- * Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
- * when just a single record has been written):
- */
-# define SSL_MODE_ENABLE_PARTIAL_WRITE       0x00000001L
-/*
- * Make it possible to retry SSL_write() with changed buffer location (buffer
- * contents must stay the same!); this is not the default to avoid the
- * misconception that non-blocking SSL_write() behaves like non-blocking
- * write():
- */
-# define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L
-/*
- * Never bother the application with retries if the transport is blocking:
- */
-# define SSL_MODE_AUTO_RETRY 0x00000004L
-/* Don't attempt to automatically build certificate chain */
-# define SSL_MODE_NO_AUTO_CHAIN 0x00000008L
-/*
- * Save RAM by releasing read and write buffers when they're empty. (SSL3 and
- * TLS only.) "Released" buffers are put onto a free-list in the context or
- * just freed (depending on the context's setting for freelist_max_len).
- */
-# define SSL_MODE_RELEASE_BUFFERS 0x00000010L
-/*
- * Send the current time in the Random fields of the ClientHello and
- * ServerHello records for compatibility with hypothetical implementations
- * that require it.
- */
-# define SSL_MODE_SEND_CLIENTHELLO_TIME 0x00000020L
-# define SSL_MODE_SEND_SERVERHELLO_TIME 0x00000040L
-/*
- * Send TLS_FALLBACK_SCSV in the ClientHello. To be set only by applications
- * that reconnect with a downgraded protocol version; see
- * draft-ietf-tls-downgrade-scsv-00 for details. DO NOT ENABLE THIS if your
- * application attempts a normal handshake. Only use this in explicit
- * fallback retries, following the guidance in
- * draft-ietf-tls-downgrade-scsv-00.
- */
-# define SSL_MODE_SEND_FALLBACK_SCSV 0x00000080L
-
-/* Cert related flags */
-/*
- * Many implementations ignore some aspects of the TLS standards such as
- * enforcing certifcate chain algorithms. When this is set we enforce them.
- */
-# define SSL_CERT_FLAG_TLS_STRICT                0x00000001L
-
-/* Suite B modes, takes same values as certificate verify flags */
-# define SSL_CERT_FLAG_SUITEB_128_LOS_ONLY       0x10000
-/* Suite B 192 bit only mode */
-# define SSL_CERT_FLAG_SUITEB_192_LOS            0x20000
-/* Suite B 128 bit mode allowing 192 bit algorithms */
-# define SSL_CERT_FLAG_SUITEB_128_LOS            0x30000
-
-/* Perform all sorts of protocol violations for testing purposes */
-# define SSL_CERT_FLAG_BROKEN_PROTOCOL           0x10000000
-
-/* Flags for building certificate chains */
-/* Treat any existing certificates as untrusted CAs */
-# define SSL_BUILD_CHAIN_FLAG_UNTRUSTED          0x1
-/* Don't include root CA in chain */
-# define SSL_BUILD_CHAIN_FLAG_NO_ROOT            0x2
-/* Just check certificates already there */
-# define SSL_BUILD_CHAIN_FLAG_CHECK              0x4
-/* Ignore verification errors */
-# define SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR       0x8
-/* Clear verification errors from queue */
-# define SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR        0x10
-
-/* Flags returned by SSL_check_chain */
-/* Certificate can be used with this session */
-# define CERT_PKEY_VALID         0x1
-/* Certificate can also be used for signing */
-# define CERT_PKEY_SIGN          0x2
-/* EE certificate signing algorithm OK */
-# define CERT_PKEY_EE_SIGNATURE  0x10
-/* CA signature algorithms OK */
-# define CERT_PKEY_CA_SIGNATURE  0x20
-/* EE certificate parameters OK */
-# define CERT_PKEY_EE_PARAM      0x40
-/* CA certificate parameters OK */
-# define CERT_PKEY_CA_PARAM      0x80
-/* Signing explicitly allowed as opposed to SHA1 fallback */
-# define CERT_PKEY_EXPLICIT_SIGN 0x100
-/* Client CA issuer names match (always set for server cert) */
-# define CERT_PKEY_ISSUER_NAME   0x200
-/* Cert type matches client types (always set for server cert) */
-# define CERT_PKEY_CERT_TYPE     0x400
-/* Cert chain suitable to Suite B */
-# define CERT_PKEY_SUITEB        0x800
-
-# define SSL_CONF_FLAG_CMDLINE           0x1
-# define SSL_CONF_FLAG_FILE              0x2
-# define SSL_CONF_FLAG_CLIENT            0x4
-# define SSL_CONF_FLAG_SERVER            0x8
-# define SSL_CONF_FLAG_SHOW_ERRORS       0x10
-# define SSL_CONF_FLAG_CERTIFICATE       0x20
-/* Configuration value types */
-# define SSL_CONF_TYPE_UNKNOWN           0x0
-# define SSL_CONF_TYPE_STRING            0x1
-# define SSL_CONF_TYPE_FILE              0x2
-# define SSL_CONF_TYPE_DIR               0x3
-
-/*
- * Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, they
- * cannot be used to clear bits.
- */
-
-# define SSL_CTX_set_options(ctx,op) \
-        SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
-# define SSL_CTX_clear_options(ctx,op) \
-        SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
-# define SSL_CTX_get_options(ctx) \
-        SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL)
-# define SSL_set_options(ssl,op) \
-        SSL_ctrl((ssl),SSL_CTRL_OPTIONS,(op),NULL)
-# define SSL_clear_options(ssl,op) \
-        SSL_ctrl((ssl),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
-# define SSL_get_options(ssl) \
-        SSL_ctrl((ssl),SSL_CTRL_OPTIONS,0,NULL)
-
-# define SSL_CTX_set_mode(ctx,op) \
-        SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
-# define SSL_CTX_clear_mode(ctx,op) \
-        SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
-# define SSL_CTX_get_mode(ctx) \
-        SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL)
-# define SSL_clear_mode(ssl,op) \
-        SSL_ctrl((ssl),SSL_CTRL_CLEAR_MODE,(op),NULL)
-# define SSL_set_mode(ssl,op) \
-        SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
-# define SSL_get_mode(ssl) \
-        SSL_ctrl((ssl),SSL_CTRL_MODE,0,NULL)
-# define SSL_set_mtu(ssl, mtu) \
-        SSL_ctrl((ssl),SSL_CTRL_SET_MTU,(mtu),NULL)
-# define DTLS_set_link_mtu(ssl, mtu) \
-        SSL_ctrl((ssl),DTLS_CTRL_SET_LINK_MTU,(mtu),NULL)
-# define DTLS_get_link_min_mtu(ssl) \
-        SSL_ctrl((ssl),DTLS_CTRL_GET_LINK_MIN_MTU,0,NULL)
-
-# define SSL_get_secure_renegotiation_support(ssl) \
-        SSL_ctrl((ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL)
-
-# ifndef OPENSSL_NO_HEARTBEATS
-#  define SSL_heartbeat(ssl) \
-        SSL_ctrl((ssl),SSL_CTRL_TLS_EXT_SEND_HEARTBEAT,0,NULL)
-# endif
-
-# define SSL_CTX_set_cert_flags(ctx,op) \
-        SSL_CTX_ctrl((ctx),SSL_CTRL_CERT_FLAGS,(op),NULL)
-# define SSL_set_cert_flags(s,op) \
-        SSL_ctrl((s),SSL_CTRL_CERT_FLAGS,(op),NULL)
-# define SSL_CTX_clear_cert_flags(ctx,op) \
-        SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_CERT_FLAGS,(op),NULL)
-# define SSL_clear_cert_flags(s,op) \
-        SSL_ctrl((s),SSL_CTRL_CLEAR_CERT_FLAGS,(op),NULL)
-
-void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
-                              void (*cb) (int write_p, int version,
-                                          int content_type, const void *buf,
-                                          size_t len, SSL *ssl, void *arg));
-void SSL_set_msg_callback(SSL *ssl,
-                          void (*cb) (int write_p, int version,
-                                      int content_type, const void *buf,
-                                      size_t len, SSL *ssl, void *arg));
-# define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
-# define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
-
-# ifndef OPENSSL_NO_SRP
-
-#  ifndef OPENSSL_NO_SSL_INTERN
-
-typedef struct srp_ctx_st {
-    /* param for all the callbacks */
-    void *SRP_cb_arg;
-    /* set client Hello login callback */
-    int (*TLS_ext_srp_username_callback) (SSL *, int *, void *);
-    /* set SRP N/g param callback for verification */
-    int (*SRP_verify_param_callback) (SSL *, void *);
-    /* set SRP client passwd callback */
-    char *(*SRP_give_srp_client_pwd_callback) (SSL *, void *);
-    char *login;
-    BIGNUM *N, *g, *s, *B, *A;
-    BIGNUM *a, *b, *v;
-    char *info;
-    int strength;
-    unsigned long srp_Mask;
-} SRP_CTX;
-
-#  endif
-
-/* see tls_srp.c */
-int SSL_SRP_CTX_init(SSL *s);
-int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx);
-int SSL_SRP_CTX_free(SSL *ctx);
-int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx);
-int SSL_srp_server_param_with_username(SSL *s, int *ad);
-int SRP_generate_server_master_secret(SSL *s, unsigned char *master_key);
-int SRP_Calc_A_param(SSL *s);
-int SRP_generate_client_master_secret(SSL *s, unsigned char *master_key);
-
-# endif
-
-# if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32)
-#  define SSL_MAX_CERT_LIST_DEFAULT 1024*30
-                                          /* 30k max cert list :-) */
-# else
-#  define SSL_MAX_CERT_LIST_DEFAULT 1024*100
-                                           /* 100k max cert list :-) */
-# endif
-
-# define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT      (1024*20)
-
-/*
- * This callback type is used inside SSL_CTX, SSL, and in the functions that
- * set them. It is used to override the generation of SSL/TLS session IDs in
- * a server. Return value should be zero on an error, non-zero to proceed.
- * Also, callbacks should themselves check if the id they generate is unique
- * otherwise the SSL handshake will fail with an error - callbacks can do
- * this using the 'ssl' value they're passed by;
- * SSL_has_matching_session_id(ssl, id, *id_len) The length value passed in
- * is set at the maximum size the session ID can be. In SSLv2 this is 16
- * bytes, whereas SSLv3/TLSv1 it is 32 bytes. The callback can alter this
- * length to be less if desired, but under SSLv2 session IDs are supposed to
- * be fixed at 16 bytes so the id will be padded after the callback returns
- * in this case. It is also an error for the callback to set the size to
- * zero.
- */
-typedef int (*GEN_SESSION_CB) (const SSL *ssl, unsigned char *id,
-                               unsigned int *id_len);
-
-typedef struct ssl_comp_st SSL_COMP;
-
-# ifndef OPENSSL_NO_SSL_INTERN
-
-struct ssl_comp_st {
-    int id;
-    const char *name;
-#  ifndef OPENSSL_NO_COMP
-    COMP_METHOD *method;
-#  else
-    char *method;
-#  endif
-};
-
-DECLARE_STACK_OF(SSL_COMP)
-DECLARE_LHASH_OF(SSL_SESSION);
-
-struct ssl_ctx_st {
-    const SSL_METHOD *method;
-    STACK_OF(SSL_CIPHER) *cipher_list;
-    /* same as above but sorted for lookup */
-    STACK_OF(SSL_CIPHER) *cipher_list_by_id;
-    struct x509_store_st /* X509_STORE */ *cert_store;
-    LHASH_OF(SSL_SESSION) *sessions;
-    /*
-     * Most session-ids that will be cached, default is
-     * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited.
-     */
-    unsigned long session_cache_size;
-    struct ssl_session_st *session_cache_head;
-    struct ssl_session_st *session_cache_tail;
-    /*
-     * This can have one of 2 values, ored together, SSL_SESS_CACHE_CLIENT,
-     * SSL_SESS_CACHE_SERVER, Default is SSL_SESSION_CACHE_SERVER, which
-     * means only SSL_accept which cache SSL_SESSIONS.
-     */
-    int session_cache_mode;
-    /*
-     * If timeout is not 0, it is the default timeout value set when
-     * SSL_new() is called.  This has been put in to make life easier to set
-     * things up
-     */
-    long session_timeout;
-    /*
-     * If this callback is not null, it will be called each time a session id
-     * is added to the cache.  If this function returns 1, it means that the
-     * callback will do a SSL_SESSION_free() when it has finished using it.
-     * Otherwise, on 0, it means the callback has finished with it. If
-     * remove_session_cb is not null, it will be called when a session-id is
-     * removed from the cache.  After the call, OpenSSL will
-     * SSL_SESSION_free() it.
-     */
-    int (*new_session_cb) (struct ssl_st *ssl, SSL_SESSION *sess);
-    void (*remove_session_cb) (struct ssl_ctx_st *ctx, SSL_SESSION *sess);
-    SSL_SESSION *(*get_session_cb) (struct ssl_st *ssl,
-                                    unsigned char *data, int len, int *copy);
-    struct {
-        int sess_connect;       /* SSL new conn - started */
-        int sess_connect_renegotiate; /* SSL reneg - requested */
-        int sess_connect_good;  /* SSL new conne/reneg - finished */
-        int sess_accept;        /* SSL new accept - started */
-        int sess_accept_renegotiate; /* SSL reneg - requested */
-        int sess_accept_good;   /* SSL accept/reneg - finished */
-        int sess_miss;          /* session lookup misses */
-        int sess_timeout;       /* reuse attempt on timeouted session */
-        int sess_cache_full;    /* session removed due to full cache */
-        int sess_hit;           /* session reuse actually done */
-        int sess_cb_hit;        /* session-id that was not in the cache was
-                                 * passed back via the callback.  This
-                                 * indicates that the application is
-                                 * supplying session-id's from other
-                                 * processes - spooky :-) */
-    } stats;
-
-    int references;
-
-    /* if defined, these override the X509_verify_cert() calls */
-    int (*app_verify_callback) (X509_STORE_CTX *, void *);
-    void *app_verify_arg;
-    /*
-     * before OpenSSL 0.9.7, 'app_verify_arg' was ignored
-     * ('app_verify_callback' was called with just one argument)
-     */
-
-    /* Default password callback. */
-    pem_password_cb *default_passwd_callback;
-
-    /* Default password callback user data. */
-    void *default_passwd_callback_userdata;
-
-    /* get client cert callback */
-    int (*client_cert_cb) (SSL *ssl, X509 **x509, EVP_PKEY **pkey);
-
-    /* cookie generate callback */
-    int (*app_gen_cookie_cb) (SSL *ssl, unsigned char *cookie,
-                              unsigned int *cookie_len);
-
-    /* verify cookie callback */
-    int (*app_verify_cookie_cb) (SSL *ssl, unsigned char *cookie,
-                                 unsigned int cookie_len);
-
-    CRYPTO_EX_DATA ex_data;
-
-    const EVP_MD *rsa_md5;      /* For SSLv2 - name is 'ssl2-md5' */
-    const EVP_MD *md5;          /* For SSLv3/TLSv1 'ssl3-md5' */
-    const EVP_MD *sha1;         /* For SSLv3/TLSv1 'ssl3->sha1' */
-
-    STACK_OF(X509) *extra_certs;
-    STACK_OF(SSL_COMP) *comp_methods; /* stack of SSL_COMP, SSLv3/TLSv1 */
-
-    /* Default values used when no per-SSL value is defined follow */
-
-    /* used if SSL's info_callback is NULL */
-    void (*info_callback) (const SSL *ssl, int type, int val);
-
-    /* what we put in client cert requests */
-    STACK_OF(X509_NAME) *client_CA;
-
-    /*
-     * Default values to use in SSL structures follow (these are copied by
-     * SSL_new)
-     */
-
-    unsigned long options;
-    unsigned long mode;
-    long max_cert_list;
-
-    struct cert_st /* CERT */ *cert;
-    int read_ahead;
-
-    /* callback that allows applications to peek at protocol messages */
-    void (*msg_callback) (int write_p, int version, int content_type,
-                          const void *buf, size_t len, SSL *ssl, void *arg);
-    void *msg_callback_arg;
-
-    int verify_mode;
-    unsigned int sid_ctx_length;
-    unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
-    /* called 'verify_callback' in the SSL */
-    int (*default_verify_callback) (int ok, X509_STORE_CTX *ctx);
-
-    /* Default generate session ID callback. */
-    GEN_SESSION_CB generate_session_id;
-
-    X509_VERIFY_PARAM *param;
-
-#  if 0
-    int purpose;                /* Purpose setting */
-    int trust;                  /* Trust setting */
-#  endif
-
-    int quiet_shutdown;
-
-    /*
-     * Maximum amount of data to send in one fragment. actual record size can
-     * be more than this due to padding and MAC overheads.
-     */
-    unsigned int max_send_fragment;
-
-#  ifndef OPENSSL_NO_ENGINE
-    /*
-     * Engine to pass requests for client certs to
-     */
-    ENGINE *client_cert_engine;
-#  endif
-
-#  ifndef OPENSSL_NO_TLSEXT
-    /* TLS extensions servername callback */
-    int (*tlsext_servername_callback) (SSL *, int *, void *);
-    void *tlsext_servername_arg;
-    /* RFC 4507 session ticket keys */
-    unsigned char tlsext_tick_key_name[16];
-    unsigned char tlsext_tick_hmac_key[16];
-    unsigned char tlsext_tick_aes_key[16];
-    /* Callback to support customisation of ticket key setting */
-    int (*tlsext_ticket_key_cb) (SSL *ssl,
-                                 unsigned char *name, unsigned char *iv,
-                                 EVP_CIPHER_CTX *ectx,
-                                 HMAC_CTX *hctx, int enc);
-
-    /* certificate status request info */
-    /* Callback for status request */
-    int (*tlsext_status_cb) (SSL *ssl, void *arg);
-    void *tlsext_status_arg;
-
-    /* draft-rescorla-tls-opaque-prf-input-00.txt information */
-    int (*tlsext_opaque_prf_input_callback) (SSL *, void *peerinput,
-                                             size_t len, void *arg);
-    void *tlsext_opaque_prf_input_callback_arg;
-#  endif
-
-#  ifndef OPENSSL_NO_PSK
-    char *psk_identity_hint;
-    unsigned int (*psk_client_callback) (SSL *ssl, const char *hint,
-                                         char *identity,
-                                         unsigned int max_identity_len,
-                                         unsigned char *psk,
-                                         unsigned int max_psk_len);
-    unsigned int (*psk_server_callback) (SSL *ssl, const char *identity,
-                                         unsigned char *psk,
-                                         unsigned int max_psk_len);
-#  endif
-
-#  ifndef OPENSSL_NO_BUF_FREELISTS
-#   define SSL_MAX_BUF_FREELIST_LEN_DEFAULT 32
-    unsigned int freelist_max_len;
-    struct ssl3_buf_freelist_st *wbuf_freelist;
-    struct ssl3_buf_freelist_st *rbuf_freelist;
-#  endif
-#  ifndef OPENSSL_NO_SRP
-    SRP_CTX srp_ctx;            /* ctx for SRP authentication */
-#  endif
-
-#  ifndef OPENSSL_NO_TLSEXT
-
-#   ifndef OPENSSL_NO_NEXTPROTONEG
-    /* Next protocol negotiation information */
-    /* (for experimental NPN extension). */
-
-    /*
-     * For a server, this contains a callback function by which the set of
-     * advertised protocols can be provided.
-     */
-    int (*next_protos_advertised_cb) (SSL *s, const unsigned char **buf,
-                                      unsigned int *len, void *arg);
-    void *next_protos_advertised_cb_arg;
-    /*
-     * For a client, this contains a callback function that selects the next
-     * protocol from the list provided by the server.
-     */
-    int (*next_proto_select_cb) (SSL *s, unsigned char **out,
-                                 unsigned char *outlen,
-                                 const unsigned char *in,
-                                 unsigned int inlen, void *arg);
-    void *next_proto_select_cb_arg;
-#   endif
-    /* SRTP profiles we are willing to do from RFC 5764 */
-    STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
-
-    /*
-     * ALPN information (we are in the process of transitioning from NPN to
-     * ALPN.)
-     */
-
-    /*-
-     * For a server, this contains a callback function that allows the
-     * server to select the protocol for the connection.
-     *   out: on successful return, this must point to the raw protocol
-     *        name (without the length prefix).
-     *   outlen: on successful return, this contains the length of |*out|.
-     *   in: points to the client's list of supported protocols in
-     *       wire-format.
-     *   inlen: the length of |in|.
-     */
-    int (*alpn_select_cb) (SSL *s,
-                           const unsigned char **out,
-                           unsigned char *outlen,
-                           const unsigned char *in,
-                           unsigned int inlen, void *arg);
-    void *alpn_select_cb_arg;
-
-    /*
-     * For a client, this contains the list of supported protocols in wire
-     * format.
-     */
-    unsigned char *alpn_client_proto_list;
-    unsigned alpn_client_proto_list_len;
-
-#   ifndef OPENSSL_NO_EC
-    /* EC extension values inherited by SSL structure */
-    size_t tlsext_ecpointformatlist_length;
-    unsigned char *tlsext_ecpointformatlist;
-    size_t tlsext_ellipticcurvelist_length;
-    unsigned char *tlsext_ellipticcurvelist;
-#   endif                       /* OPENSSL_NO_EC */
-#  endif
-};
-
-# endif
-
-# define SSL_SESS_CACHE_OFF                      0x0000
-# define SSL_SESS_CACHE_CLIENT                   0x0001
-# define SSL_SESS_CACHE_SERVER                   0x0002
-# define SSL_SESS_CACHE_BOTH     (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER)
-# define SSL_SESS_CACHE_NO_AUTO_CLEAR            0x0080
-/* enough comments already ... see SSL_CTX_set_session_cache_mode(3) */
-# define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP       0x0100
-# define SSL_SESS_CACHE_NO_INTERNAL_STORE        0x0200
-# define SSL_SESS_CACHE_NO_INTERNAL \
-        (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE)
-
-LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx);
-# define SSL_CTX_sess_number(ctx) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
-# define SSL_CTX_sess_connect(ctx) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL)
-# define SSL_CTX_sess_connect_good(ctx) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL)
-# define SSL_CTX_sess_connect_renegotiate(ctx) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL)
-# define SSL_CTX_sess_accept(ctx) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL)
-# define SSL_CTX_sess_accept_renegotiate(ctx) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_RENEGOTIATE,0,NULL)
-# define SSL_CTX_sess_accept_good(ctx) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_GOOD,0,NULL)
-# define SSL_CTX_sess_hits(ctx) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_HIT,0,NULL)
-# define SSL_CTX_sess_cb_hits(ctx) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CB_HIT,0,NULL)
-# define SSL_CTX_sess_misses(ctx) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_MISSES,0,NULL)
-# define SSL_CTX_sess_timeouts(ctx) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_TIMEOUTS,0,NULL)
-# define SSL_CTX_sess_cache_full(ctx) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL)
-
-void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
-                             int (*new_session_cb) (struct ssl_st *ssl,
-                                                    SSL_SESSION *sess));
-int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)) (struct ssl_st *ssl,
-                                              SSL_SESSION *sess);
-void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
-                                void (*remove_session_cb) (struct ssl_ctx_st
-                                                           *ctx,
-                                                           SSL_SESSION
-                                                           *sess));
-void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)) (struct ssl_ctx_st *ctx,
-                                                  SSL_SESSION *sess);
-void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
-                             SSL_SESSION *(*get_session_cb) (struct ssl_st
-                                                             *ssl,
-                                                             unsigned char
-                                                             *data, int len,
-                                                             int *copy));
-SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx)) (struct ssl_st *ssl,
-                                                       unsigned char *Data,
-                                                       int len, int *copy);
-void SSL_CTX_set_info_callback(SSL_CTX *ctx,
-                               void (*cb) (const SSL *ssl, int type,
-                                           int val));
-void (*SSL_CTX_get_info_callback(SSL_CTX *ctx)) (const SSL *ssl, int type,
-                                                 int val);
-void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
-                                int (*client_cert_cb) (SSL *ssl, X509 **x509,
-                                                       EVP_PKEY **pkey));
-int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx)) (SSL *ssl, X509 **x509,
-                                                 EVP_PKEY **pkey);
-# ifndef OPENSSL_NO_ENGINE
-int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e);
-# endif
-void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
-                                    int (*app_gen_cookie_cb) (SSL *ssl,
-                                                              unsigned char
-                                                              *cookie,
-                                                              unsigned int
-                                                              *cookie_len));
-void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
-                                  int (*app_verify_cookie_cb) (SSL *ssl,
-                                                               unsigned char
-                                                               *cookie,
-                                                               unsigned int
-                                                               cookie_len));
-# ifndef OPENSSL_NO_NEXTPROTONEG
-void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s,
-                                           int (*cb) (SSL *ssl,
-                                                      const unsigned char
-                                                      **out,
-                                                      unsigned int *outlen,
-                                                      void *arg), void *arg);
-void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s,
-                                      int (*cb) (SSL *ssl,
-                                                 unsigned char **out,
-                                                 unsigned char *outlen,
-                                                 const unsigned char *in,
-                                                 unsigned int inlen,
-                                                 void *arg), void *arg);
-void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
-                                    unsigned *len);
-# endif
-
-# ifndef OPENSSL_NO_TLSEXT
-int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
-                          const unsigned char *in, unsigned int inlen,
-                          const unsigned char *client,
-                          unsigned int client_len);
-# endif
-
-# define OPENSSL_NPN_UNSUPPORTED 0
-# define OPENSSL_NPN_NEGOTIATED  1
-# define OPENSSL_NPN_NO_OVERLAP  2
-
-int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
-                            unsigned protos_len);
-int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
-                        unsigned protos_len);
-void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
-                                int (*cb) (SSL *ssl,
-                                           const unsigned char **out,
-                                           unsigned char *outlen,
-                                           const unsigned char *in,
-                                           unsigned int inlen,
-                                           void *arg), void *arg);
-void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
-                            unsigned *len);
-
-# ifndef OPENSSL_NO_PSK
-/*
- * the maximum length of the buffer given to callbacks containing the
- * resulting identity/psk
- */
-#  define PSK_MAX_IDENTITY_LEN 128
-#  define PSK_MAX_PSK_LEN 256
-void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
-                                     unsigned int (*psk_client_callback) (SSL
-                                                                          *ssl,
-                                                                          const
-                                                                          char
-                                                                          *hint,
-                                                                          char
-                                                                          *identity,
-                                                                          unsigned
-                                                                          int
-                                                                          max_identity_len,
-                                                                          unsigned
-                                                                          char
-                                                                          *psk,
-                                                                          unsigned
-                                                                          int
-                                                                          max_psk_len));
-void SSL_set_psk_client_callback(SSL *ssl,
-                                 unsigned int (*psk_client_callback) (SSL
-                                                                      *ssl,
-                                                                      const
-                                                                      char
-                                                                      *hint,
-                                                                      char
-                                                                      *identity,
-                                                                      unsigned
-                                                                      int
-                                                                      max_identity_len,
-                                                                      unsigned
-                                                                      char
-                                                                      *psk,
-                                                                      unsigned
-                                                                      int
-                                                                      max_psk_len));
-void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
-                                     unsigned int (*psk_server_callback) (SSL
-                                                                          *ssl,
-                                                                          const
-                                                                          char
-                                                                          *identity,
-                                                                          unsigned
-                                                                          char
-                                                                          *psk,
-                                                                          unsigned
-                                                                          int
-                                                                          max_psk_len));
-void SSL_set_psk_server_callback(SSL *ssl,
-                                 unsigned int (*psk_server_callback) (SSL
-                                                                      *ssl,
-                                                                      const
-                                                                      char
-                                                                      *identity,
-                                                                      unsigned
-                                                                      char
-                                                                      *psk,
-                                                                      unsigned
-                                                                      int
-                                                                      max_psk_len));
-int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint);
-int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint);
-const char *SSL_get_psk_identity_hint(const SSL *s);
-const char *SSL_get_psk_identity(const SSL *s);
-# endif
-
-# ifndef OPENSSL_NO_TLSEXT
-/* Register callbacks to handle custom TLS Extensions for client or server. */
-
-int SSL_CTX_add_client_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
-                                  custom_ext_add_cb add_cb,
-                                  custom_ext_free_cb free_cb,
-                                  void *add_arg,
-                                  custom_ext_parse_cb parse_cb,
-                                  void *parse_arg);
-
-int SSL_CTX_add_server_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
-                                  custom_ext_add_cb add_cb,
-                                  custom_ext_free_cb free_cb,
-                                  void *add_arg,
-                                  custom_ext_parse_cb parse_cb,
-                                  void *parse_arg);
-
-int SSL_extension_supported(unsigned int ext_type);
-
-# endif
-
-# define SSL_NOTHING     1
-# define SSL_WRITING     2
-# define SSL_READING     3
-# define SSL_X509_LOOKUP 4
-
-/* These will only be used when doing non-blocking IO */
-# define SSL_want_nothing(s)     (SSL_want(s) == SSL_NOTHING)
-# define SSL_want_read(s)        (SSL_want(s) == SSL_READING)
-# define SSL_want_write(s)       (SSL_want(s) == SSL_WRITING)
-# define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
-
-# define SSL_MAC_FLAG_READ_MAC_STREAM 1
-# define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
-
-# ifndef OPENSSL_NO_SSL_INTERN
-
-struct ssl_st {
-    /*
-     * protocol version (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION,
-     * DTLS1_VERSION)
-     */
-    int version;
-    /* SSL_ST_CONNECT or SSL_ST_ACCEPT */
-    int type;
-    /* SSLv3 */
-    const SSL_METHOD *method;
-    /*
-     * There are 2 BIO's even though they are normally both the same.  This
-     * is so data can be read and written to different handlers
-     */
-#  ifndef OPENSSL_NO_BIO
-    /* used by SSL_read */
-    BIO *rbio;
-    /* used by SSL_write */
-    BIO *wbio;
-    /* used during session-id reuse to concatenate messages */
-    BIO *bbio;
-#  else
-    /* used by SSL_read */
-    char *rbio;
-    /* used by SSL_write */
-    char *wbio;
-    char *bbio;
-#  endif
-    /*
-     * This holds a variable that indicates what we were doing when a 0 or -1
-     * is returned.  This is needed for non-blocking IO so we know what
-     * request needs re-doing when in SSL_accept or SSL_connect
-     */
-    int rwstate;
-    /* true when we are actually in SSL_accept() or SSL_connect() */
-    int in_handshake;
-    int (*handshake_func) (SSL *);
-    /*
-     * Imagine that here's a boolean member "init" that is switched as soon
-     * as SSL_set_{accept/connect}_state is called for the first time, so
-     * that "state" and "handshake_func" are properly initialized.  But as
-     * handshake_func is == 0 until then, we use this test instead of an
-     * "init" member.
-     */
-    /* are we the server side? - mostly used by SSL_clear */
-    int server;
-    /*
-     * Generate a new session or reuse an old one.
-     * NB: For servers, the 'new' session may actually be a previously
-     * cached session or even the previous session unless
-     * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set
-     */
-    int new_session;
-    /* don't send shutdown packets */
-    int quiet_shutdown;
-    /* we have shut things down, 0x01 sent, 0x02 for received */
-    int shutdown;
-    /* where we are */
-    int state;
-    /* where we are when reading */
-    int rstate;
-    BUF_MEM *init_buf;          /* buffer used during init */
-    void *init_msg;             /* pointer to handshake message body, set by
-                                 * ssl3_get_message() */
-    int init_num;               /* amount read/written */
-    int init_off;               /* amount read/written */
-    /* used internally to point at a raw packet */
-    unsigned char *packet;
-    unsigned int packet_length;
-    struct ssl2_state_st *s2;   /* SSLv2 variables */
-    struct ssl3_state_st *s3;   /* SSLv3 variables */
-    struct dtls1_state_st *d1;  /* DTLSv1 variables */
-    int read_ahead;             /* Read as many input bytes as possible (for
-                                 * non-blocking reads) */
-    /* callback that allows applications to peek at protocol messages */
-    void (*msg_callback) (int write_p, int version, int content_type,
-                          const void *buf, size_t len, SSL *ssl, void *arg);
-    void *msg_callback_arg;
-    int hit;                    /* reusing a previous session */
-    X509_VERIFY_PARAM *param;
-#  if 0
-    int purpose;                /* Purpose setting */
-    int trust;                  /* Trust setting */
-#  endif
-    /* crypto */
-    STACK_OF(SSL_CIPHER) *cipher_list;
-    STACK_OF(SSL_CIPHER) *cipher_list_by_id;
-    /*
-     * These are the ones being used, the ones in SSL_SESSION are the ones to
-     * be 'copied' into these ones
-     */
-    int mac_flags;
-    EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
-    EVP_MD_CTX *read_hash;      /* used for mac generation */
-#  ifndef OPENSSL_NO_COMP
-    COMP_CTX *expand;           /* uncompress */
-#  else
-    char *expand;
-#  endif
-    EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
-    EVP_MD_CTX *write_hash;     /* used for mac generation */
-#  ifndef OPENSSL_NO_COMP
-    COMP_CTX *compress;         /* compression */
-#  else
-    char *compress;
-#  endif
-    /* session info */
-    /* client cert? */
-    /* This is used to hold the server certificate used */
-    struct cert_st /* CERT */ *cert;
-    /*
-     * the session_id_context is used to ensure sessions are only reused in
-     * the appropriate context
-     */
-    unsigned int sid_ctx_length;
-    unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
-    /* This can also be in the session once a session is established */
-    SSL_SESSION *session;
-    /* Default generate session ID callback. */
-    GEN_SESSION_CB generate_session_id;
-    /* Used in SSL2 and SSL3 */
-    /*
-     * 0 don't care about verify failure.
-     * 1 fail if verify fails
-     */
-    int verify_mode;
-    /* fail if callback returns 0 */
-    int (*verify_callback) (int ok, X509_STORE_CTX *ctx);
-    /* optional informational callback */
-    void (*info_callback) (const SSL *ssl, int type, int val);
-    /* error bytes to be written */
-    int error;
-    /* actual code */
-    int error_code;
-#  ifndef OPENSSL_NO_KRB5
-    /* Kerberos 5 context */
-    KSSL_CTX *kssl_ctx;
-#  endif                        /* OPENSSL_NO_KRB5 */
-#  ifndef OPENSSL_NO_PSK
-    unsigned int (*psk_client_callback) (SSL *ssl, const char *hint,
-                                         char *identity,
-                                         unsigned int max_identity_len,
-                                         unsigned char *psk,
-                                         unsigned int max_psk_len);
-    unsigned int (*psk_server_callback) (SSL *ssl, const char *identity,
-                                         unsigned char *psk,
-                                         unsigned int max_psk_len);
-#  endif
-    SSL_CTX *ctx;
-    /*
-     * set this flag to 1 and a sleep(1) is put into all SSL_read() and
-     * SSL_write() calls, good for nbio debuging :-)
-     */
-    int debug;
-    /* extra application data */
-    long verify_result;
-    CRYPTO_EX_DATA ex_data;
-    /* for server side, keep the list of CA_dn we can use */
-    STACK_OF(X509_NAME) *client_CA;
-    int references;
-    /* protocol behaviour */
-    unsigned long options;
-    /* API behaviour */
-    unsigned long mode;
-    long max_cert_list;
-    int first_packet;
-    /* what was passed, used for SSLv3/TLS rollback check */
-    int client_version;
-    unsigned int max_send_fragment;
-#  ifndef OPENSSL_NO_TLSEXT
-    /* TLS extension debug callback */
-    void (*tlsext_debug_cb) (SSL *s, int client_server, int type,
-                             unsigned char *data, int len, void *arg);
-    void *tlsext_debug_arg;
-    char *tlsext_hostname;
-    /*-
-     * no further mod of servername
-     * 0 : call the servername extension callback.
-     * 1 : prepare 2, allow last ack just after in server callback.
-     * 2 : don't call servername callback, no ack in server hello
-     */
-    int servername_done;
-    /* certificate status request info */
-    /* Status type or -1 if no status type */
-    int tlsext_status_type;
-    /* Expect OCSP CertificateStatus message */
-    int tlsext_status_expected;
-    /* OCSP status request only */
-    STACK_OF(OCSP_RESPID) *tlsext_ocsp_ids;
-    X509_EXTENSIONS *tlsext_ocsp_exts;
-    /* OCSP response received or to be sent */
-    unsigned char *tlsext_ocsp_resp;
-    int tlsext_ocsp_resplen;
-    /* RFC4507 session ticket expected to be received or sent */
-    int tlsext_ticket_expected;
-#   ifndef OPENSSL_NO_EC
-    size_t tlsext_ecpointformatlist_length;
-    /* our list */
-    unsigned char *tlsext_ecpointformatlist;
-    size_t tlsext_ellipticcurvelist_length;
-    /* our list */
-    unsigned char *tlsext_ellipticcurvelist;
-#   endif                       /* OPENSSL_NO_EC */
-    /*
-     * draft-rescorla-tls-opaque-prf-input-00.txt information to be used for
-     * handshakes
-     */
-    void *tlsext_opaque_prf_input;
-    size_t tlsext_opaque_prf_input_len;
-    /* TLS Session Ticket extension override */
-    TLS_SESSION_TICKET_EXT *tlsext_session_ticket;
-    /* TLS Session Ticket extension callback */
-    tls_session_ticket_ext_cb_fn tls_session_ticket_ext_cb;
-    void *tls_session_ticket_ext_cb_arg;
-    /* TLS pre-shared secret session resumption */
-    tls_session_secret_cb_fn tls_session_secret_cb;
-    void *tls_session_secret_cb_arg;
-    SSL_CTX *initial_ctx;       /* initial ctx, used to store sessions */
-#   ifndef OPENSSL_NO_NEXTPROTONEG
-    /*
-     * Next protocol negotiation. For the client, this is the protocol that
-     * we sent in NextProtocol and is set when handling ServerHello
-     * extensions. For a server, this is the client's selected_protocol from
-     * NextProtocol and is set when handling the NextProtocol message, before
-     * the Finished message.
-     */
-    unsigned char *next_proto_negotiated;
-    unsigned char next_proto_negotiated_len;
-#   endif
-#   define session_ctx initial_ctx
-    /* What we'll do */
-    STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
-    /* What's been chosen */
-    SRTP_PROTECTION_PROFILE *srtp_profile;
-        /*-
-         * Is use of the Heartbeat extension negotiated?
-         * 0: disabled
-         * 1: enabled
-         * 2: enabled, but not allowed to send Requests
-         */
-    unsigned int tlsext_heartbeat;
-    /* Indicates if a HeartbeatRequest is in flight */
-    unsigned int tlsext_hb_pending;
-    /* HeartbeatRequest sequence number */
-    unsigned int tlsext_hb_seq;
-#  else
-#   define session_ctx ctx
-#  endif                        /* OPENSSL_NO_TLSEXT */
-    /*-
-     * 1 if we are renegotiating.
-     * 2 if we are a server and are inside a handshake
-     * (i.e. not just sending a HelloRequest)
-     */
-    int renegotiate;
-#  ifndef OPENSSL_NO_SRP
-    /* ctx for SRP authentication */
-    SRP_CTX srp_ctx;
-#  endif
-#  ifndef OPENSSL_NO_TLSEXT
-    /*
-     * For a client, this contains the list of supported protocols in wire
-     * format.
-     */
-    unsigned char *alpn_client_proto_list;
-    unsigned alpn_client_proto_list_len;
-#  endif                        /* OPENSSL_NO_TLSEXT */
-};
-
-# endif
-
-#ifdef __cplusplus
-}
-#endif
-
-# include <openssl/ssl2.h>
-# include <openssl/ssl3.h>
-# include <openssl/tls1.h>      /* This is mostly sslv3 with a few tweaks */
-# include <openssl/dtls1.h>     /* Datagram TLS */
-# include <openssl/ssl23.h>
-# include <openssl/srtp.h>      /* Support for the use_srtp extension */
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* compatibility */
-# define SSL_set_app_data(s,arg)         (SSL_set_ex_data(s,0,(char *)arg))
-# define SSL_get_app_data(s)             (SSL_get_ex_data(s,0))
-# define SSL_SESSION_set_app_data(s,a)   (SSL_SESSION_set_ex_data(s,0,(char *)a))
-# define SSL_SESSION_get_app_data(s)     (SSL_SESSION_get_ex_data(s,0))
-# define SSL_CTX_get_app_data(ctx)       (SSL_CTX_get_ex_data(ctx,0))
-# define SSL_CTX_set_app_data(ctx,arg)   (SSL_CTX_set_ex_data(ctx,0,(char *)arg))
-
-/*
- * The following are the possible values for ssl->state are are used to
- * indicate where we are up to in the SSL connection establishment. The
- * macros that follow are about the only things you should need to use and
- * even then, only when using non-blocking IO. It can also be useful to work
- * out where you were when the connection failed
- */
-
-# define SSL_ST_CONNECT                  0x1000
-# define SSL_ST_ACCEPT                   0x2000
-# define SSL_ST_MASK                     0x0FFF
-# define SSL_ST_INIT                     (SSL_ST_CONNECT|SSL_ST_ACCEPT)
-# define SSL_ST_BEFORE                   0x4000
-# define SSL_ST_OK                       0x03
-# define SSL_ST_RENEGOTIATE              (0x04|SSL_ST_INIT)
-# define SSL_ST_ERR                      0x05
-
-# define SSL_CB_LOOP                     0x01
-# define SSL_CB_EXIT                     0x02
-# define SSL_CB_READ                     0x04
-# define SSL_CB_WRITE                    0x08
-# define SSL_CB_ALERT                    0x4000/* used in callback */
-# define SSL_CB_READ_ALERT               (SSL_CB_ALERT|SSL_CB_READ)
-# define SSL_CB_WRITE_ALERT              (SSL_CB_ALERT|SSL_CB_WRITE)
-# define SSL_CB_ACCEPT_LOOP              (SSL_ST_ACCEPT|SSL_CB_LOOP)
-# define SSL_CB_ACCEPT_EXIT              (SSL_ST_ACCEPT|SSL_CB_EXIT)
-# define SSL_CB_CONNECT_LOOP             (SSL_ST_CONNECT|SSL_CB_LOOP)
-# define SSL_CB_CONNECT_EXIT             (SSL_ST_CONNECT|SSL_CB_EXIT)
-# define SSL_CB_HANDSHAKE_START          0x10
-# define SSL_CB_HANDSHAKE_DONE           0x20
-
-/* Is the SSL_connection established? */
-# define SSL_get_state(a)                SSL_state(a)
-# define SSL_is_init_finished(a)         (SSL_state(a) == SSL_ST_OK)
-# define SSL_in_init(a)                  (SSL_state(a)&SSL_ST_INIT)
-# define SSL_in_before(a)                (SSL_state(a)&SSL_ST_BEFORE)
-# define SSL_in_connect_init(a)          (SSL_state(a)&SSL_ST_CONNECT)
-# define SSL_in_accept_init(a)           (SSL_state(a)&SSL_ST_ACCEPT)
-
-/*
- * The following 2 states are kept in ssl->rstate when reads fail, you should
- * not need these
- */
-# define SSL_ST_READ_HEADER                      0xF0
-# define SSL_ST_READ_BODY                        0xF1
-# define SSL_ST_READ_DONE                        0xF2
-
-/*-
- * Obtain latest Finished message
- *   -- that we sent (SSL_get_finished)
- *   -- that we expected from peer (SSL_get_peer_finished).
- * Returns length (0 == no Finished so far), copies up to 'count' bytes.
- */
-size_t SSL_get_finished(const SSL *s, void *buf, size_t count);
-size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
-
-/*
- * use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options are
- * 'ored' with SSL_VERIFY_PEER if they are desired
- */
-# define SSL_VERIFY_NONE                 0x00
-# define SSL_VERIFY_PEER                 0x01
-# define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
-# define SSL_VERIFY_CLIENT_ONCE          0x04
-
-# define OpenSSL_add_ssl_algorithms()    SSL_library_init()
-# define SSLeay_add_ssl_algorithms()     SSL_library_init()
-
-/* this is for backward compatibility */
-# if 0                          /* NEW_SSLEAY */
-#  define SSL_CTX_set_default_verify(a,b,c) SSL_CTX_set_verify(a,b,c)
-#  define SSL_set_pref_cipher(c,n)        SSL_set_cipher_list(c,n)
-#  define SSL_add_session(a,b)            SSL_CTX_add_session((a),(b))
-#  define SSL_remove_session(a,b)         SSL_CTX_remove_session((a),(b))
-#  define SSL_flush_sessions(a,b)         SSL_CTX_flush_sessions((a),(b))
-# endif
-/* More backward compatibility */
-# define SSL_get_cipher(s) \
-                SSL_CIPHER_get_name(SSL_get_current_cipher(s))
-# define SSL_get_cipher_bits(s,np) \
-                SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
-# define SSL_get_cipher_version(s) \
-                SSL_CIPHER_get_version(SSL_get_current_cipher(s))
-# define SSL_get_cipher_name(s) \
-                SSL_CIPHER_get_name(SSL_get_current_cipher(s))
-# define SSL_get_time(a)         SSL_SESSION_get_time(a)
-# define SSL_set_time(a,b)       SSL_SESSION_set_time((a),(b))
-# define SSL_get_timeout(a)      SSL_SESSION_get_timeout(a)
-# define SSL_set_timeout(a,b)    SSL_SESSION_set_timeout((a),(b))
-
-# define d2i_SSL_SESSION_bio(bp,s_id) ASN1_d2i_bio_of(SSL_SESSION,SSL_SESSION_new,d2i_SSL_SESSION,bp,s_id)
-# define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio_of(SSL_SESSION,i2d_SSL_SESSION,bp,s_id)
-
-DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
-# define SSL_AD_REASON_OFFSET            1000/* offset to get SSL_R_... value
-                                              * from SSL_AD_... */
-/* These alert types are for SSLv3 and TLSv1 */
-# define SSL_AD_CLOSE_NOTIFY             SSL3_AD_CLOSE_NOTIFY
-/* fatal */
-# define SSL_AD_UNEXPECTED_MESSAGE       SSL3_AD_UNEXPECTED_MESSAGE
-/* fatal */
-# define SSL_AD_BAD_RECORD_MAC           SSL3_AD_BAD_RECORD_MAC
-# define SSL_AD_DECRYPTION_FAILED        TLS1_AD_DECRYPTION_FAILED
-# define SSL_AD_RECORD_OVERFLOW          TLS1_AD_RECORD_OVERFLOW
-/* fatal */
-# define SSL_AD_DECOMPRESSION_FAILURE    SSL3_AD_DECOMPRESSION_FAILURE
-/* fatal */
-# define SSL_AD_HANDSHAKE_FAILURE        SSL3_AD_HANDSHAKE_FAILURE
-/* Not for TLS */
-# define SSL_AD_NO_CERTIFICATE           SSL3_AD_NO_CERTIFICATE
-# define SSL_AD_BAD_CERTIFICATE          SSL3_AD_BAD_CERTIFICATE
-# define SSL_AD_UNSUPPORTED_CERTIFICATE  SSL3_AD_UNSUPPORTED_CERTIFICATE
-# define SSL_AD_CERTIFICATE_REVOKED      SSL3_AD_CERTIFICATE_REVOKED
-# define SSL_AD_CERTIFICATE_EXPIRED      SSL3_AD_CERTIFICATE_EXPIRED
-# define SSL_AD_CERTIFICATE_UNKNOWN      SSL3_AD_CERTIFICATE_UNKNOWN
-/* fatal */
-# define SSL_AD_ILLEGAL_PARAMETER        SSL3_AD_ILLEGAL_PARAMETER
-/* fatal */
-# define SSL_AD_UNKNOWN_CA               TLS1_AD_UNKNOWN_CA
-/* fatal */
-# define SSL_AD_ACCESS_DENIED            TLS1_AD_ACCESS_DENIED
-/* fatal */
-# define SSL_AD_DECODE_ERROR             TLS1_AD_DECODE_ERROR
-# define SSL_AD_DECRYPT_ERROR            TLS1_AD_DECRYPT_ERROR
-/* fatal */
-# define SSL_AD_EXPORT_RESTRICTION       TLS1_AD_EXPORT_RESTRICTION
-/* fatal */
-# define SSL_AD_PROTOCOL_VERSION         TLS1_AD_PROTOCOL_VERSION
-/* fatal */
-# define SSL_AD_INSUFFICIENT_SECURITY    TLS1_AD_INSUFFICIENT_SECURITY
-/* fatal */
-# define SSL_AD_INTERNAL_ERROR           TLS1_AD_INTERNAL_ERROR
-# define SSL_AD_USER_CANCELLED           TLS1_AD_USER_CANCELLED
-# define SSL_AD_NO_RENEGOTIATION         TLS1_AD_NO_RENEGOTIATION
-# define SSL_AD_UNSUPPORTED_EXTENSION    TLS1_AD_UNSUPPORTED_EXTENSION
-# define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE
-# define SSL_AD_UNRECOGNIZED_NAME        TLS1_AD_UNRECOGNIZED_NAME
-# define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE
-# define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE
-/* fatal */
-# define SSL_AD_UNKNOWN_PSK_IDENTITY     TLS1_AD_UNKNOWN_PSK_IDENTITY
-/* fatal */
-# define SSL_AD_INAPPROPRIATE_FALLBACK   TLS1_AD_INAPPROPRIATE_FALLBACK
-# define SSL_ERROR_NONE                  0
-# define SSL_ERROR_SSL                   1
-# define SSL_ERROR_WANT_READ             2
-# define SSL_ERROR_WANT_WRITE            3
-# define SSL_ERROR_WANT_X509_LOOKUP      4
-# define SSL_ERROR_SYSCALL               5/* look at error stack/return
-                                           * value/errno */
-# define SSL_ERROR_ZERO_RETURN           6
-# define SSL_ERROR_WANT_CONNECT          7
-# define SSL_ERROR_WANT_ACCEPT           8
-# define SSL_CTRL_NEED_TMP_RSA                   1
-# define SSL_CTRL_SET_TMP_RSA                    2
-# define SSL_CTRL_SET_TMP_DH                     3
-# define SSL_CTRL_SET_TMP_ECDH                   4
-# define SSL_CTRL_SET_TMP_RSA_CB                 5
-# define SSL_CTRL_SET_TMP_DH_CB                  6
-# define SSL_CTRL_SET_TMP_ECDH_CB                7
-# define SSL_CTRL_GET_SESSION_REUSED             8
-# define SSL_CTRL_GET_CLIENT_CERT_REQUEST        9
-# define SSL_CTRL_GET_NUM_RENEGOTIATIONS         10
-# define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS       11
-# define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS       12
-# define SSL_CTRL_GET_FLAGS                      13
-# define SSL_CTRL_EXTRA_CHAIN_CERT               14
-# define SSL_CTRL_SET_MSG_CALLBACK               15
-# define SSL_CTRL_SET_MSG_CALLBACK_ARG           16
-/* only applies to datagram connections */
-# define SSL_CTRL_SET_MTU                17
-/* Stats */
-# define SSL_CTRL_SESS_NUMBER                    20
-# define SSL_CTRL_SESS_CONNECT                   21
-# define SSL_CTRL_SESS_CONNECT_GOOD              22
-# define SSL_CTRL_SESS_CONNECT_RENEGOTIATE       23
-# define SSL_CTRL_SESS_ACCEPT                    24
-# define SSL_CTRL_SESS_ACCEPT_GOOD               25
-# define SSL_CTRL_SESS_ACCEPT_RENEGOTIATE        26
-# define SSL_CTRL_SESS_HIT                       27
-# define SSL_CTRL_SESS_CB_HIT                    28
-# define SSL_CTRL_SESS_MISSES                    29
-# define SSL_CTRL_SESS_TIMEOUTS                  30
-# define SSL_CTRL_SESS_CACHE_FULL                31
-# define SSL_CTRL_OPTIONS                        32
-# define SSL_CTRL_MODE                           33
-# define SSL_CTRL_GET_READ_AHEAD                 40
-# define SSL_CTRL_SET_READ_AHEAD                 41
-# define SSL_CTRL_SET_SESS_CACHE_SIZE            42
-# define SSL_CTRL_GET_SESS_CACHE_SIZE            43
-# define SSL_CTRL_SET_SESS_CACHE_MODE            44
-# define SSL_CTRL_GET_SESS_CACHE_MODE            45
-# define SSL_CTRL_GET_MAX_CERT_LIST              50
-# define SSL_CTRL_SET_MAX_CERT_LIST              51
-# define SSL_CTRL_SET_MAX_SEND_FRAGMENT          52
-/* see tls1.h for macros based on these */
-# ifndef OPENSSL_NO_TLSEXT
-#  define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB       53
-#  define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG      54
-#  define SSL_CTRL_SET_TLSEXT_HOSTNAME            55
-#  define SSL_CTRL_SET_TLSEXT_DEBUG_CB            56
-#  define SSL_CTRL_SET_TLSEXT_DEBUG_ARG           57
-#  define SSL_CTRL_GET_TLSEXT_TICKET_KEYS         58
-#  define SSL_CTRL_SET_TLSEXT_TICKET_KEYS         59
-#  define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT    60
-#  define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB 61
-#  define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG 62
-#  define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB       63
-#  define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG   64
-#  define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE     65
-#  define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS     66
-#  define SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS     67
-#  define SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS      68
-#  define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS      69
-#  define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP        70
-#  define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP        71
-#  define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB       72
-#  define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB    75
-#  define SSL_CTRL_SET_SRP_VERIFY_PARAM_CB                76
-#  define SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB             77
-#  define SSL_CTRL_SET_SRP_ARG            78
-#  define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME               79
-#  define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH               80
-#  define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD               81
-#  ifndef OPENSSL_NO_HEARTBEATS
-#   define SSL_CTRL_TLS_EXT_SEND_HEARTBEAT                         85
-#   define SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING          86
-#   define SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS      87
-#  endif
-# endif                         /* OPENSSL_NO_TLSEXT */
-# define DTLS_CTRL_GET_TIMEOUT           73
-# define DTLS_CTRL_HANDLE_TIMEOUT        74
-# define DTLS_CTRL_LISTEN                        75
-# define SSL_CTRL_GET_RI_SUPPORT                 76
-# define SSL_CTRL_CLEAR_OPTIONS                  77
-# define SSL_CTRL_CLEAR_MODE                     78
-# define SSL_CTRL_GET_EXTRA_CHAIN_CERTS          82
-# define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS        83
-# define SSL_CTRL_CHAIN                          88
-# define SSL_CTRL_CHAIN_CERT                     89
-# define SSL_CTRL_GET_CURVES                     90
-# define SSL_CTRL_SET_CURVES                     91
-# define SSL_CTRL_SET_CURVES_LIST                92
-# define SSL_CTRL_GET_SHARED_CURVE               93
-# define SSL_CTRL_SET_ECDH_AUTO                  94
-# define SSL_CTRL_SET_SIGALGS                    97
-# define SSL_CTRL_SET_SIGALGS_LIST               98
-# define SSL_CTRL_CERT_FLAGS                     99
-# define SSL_CTRL_CLEAR_CERT_FLAGS               100
-# define SSL_CTRL_SET_CLIENT_SIGALGS             101
-# define SSL_CTRL_SET_CLIENT_SIGALGS_LIST        102
-# define SSL_CTRL_GET_CLIENT_CERT_TYPES          103
-# define SSL_CTRL_SET_CLIENT_CERT_TYPES          104
-# define SSL_CTRL_BUILD_CERT_CHAIN               105
-# define SSL_CTRL_SET_VERIFY_CERT_STORE          106
-# define SSL_CTRL_SET_CHAIN_CERT_STORE           107
-# define SSL_CTRL_GET_PEER_SIGNATURE_NID         108
-# define SSL_CTRL_GET_SERVER_TMP_KEY             109
-# define SSL_CTRL_GET_RAW_CIPHERLIST             110
-# define SSL_CTRL_GET_EC_POINT_FORMATS           111
-# define SSL_CTRL_GET_CHAIN_CERTS                115
-# define SSL_CTRL_SELECT_CURRENT_CERT            116
-# define SSL_CTRL_SET_CURRENT_CERT               117
-# define SSL_CTRL_CHECK_PROTO_VERSION            119
-# define DTLS_CTRL_SET_LINK_MTU                  120
-# define DTLS_CTRL_GET_LINK_MIN_MTU              121
-# define SSL_CERT_SET_FIRST                      1
-# define SSL_CERT_SET_NEXT                       2
-# define SSL_CERT_SET_SERVER                     3
-# define DTLSv1_get_timeout(ssl, arg) \
-        SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
-# define DTLSv1_handle_timeout(ssl) \
-        SSL_ctrl(ssl,DTLS_CTRL_HANDLE_TIMEOUT,0, NULL)
-# define DTLSv1_listen(ssl, peer) \
-        SSL_ctrl(ssl,DTLS_CTRL_LISTEN,0, (void *)peer)
-# define SSL_session_reused(ssl) \
-        SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
-# define SSL_num_renegotiations(ssl) \
-        SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)
-# define SSL_clear_num_renegotiations(ssl) \
-        SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
-# define SSL_total_renegotiations(ssl) \
-        SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
-# define SSL_CTX_need_tmp_RSA(ctx) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL)
-# define SSL_CTX_set_tmp_rsa(ctx,rsa) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
-# define SSL_CTX_set_tmp_dh(ctx,dh) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
-# define SSL_CTX_set_tmp_ecdh(ctx,ecdh) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
-# define SSL_need_tmp_RSA(ssl) \
-        SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL)
-# define SSL_set_tmp_rsa(ssl,rsa) \
-        SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
-# define SSL_set_tmp_dh(ssl,dh) \
-        SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
-# define SSL_set_tmp_ecdh(ssl,ecdh) \
-        SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
-# define SSL_CTX_add_extra_chain_cert(ctx,x509) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
-# define SSL_CTX_get_extra_chain_certs(ctx,px509) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,0,px509)
-# define SSL_CTX_get_extra_chain_certs_only(ctx,px509) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,1,px509)
-# define SSL_CTX_clear_extra_chain_certs(ctx) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS,0,NULL)
-# define SSL_CTX_set0_chain(ctx,sk) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN,0,(char *)sk)
-# define SSL_CTX_set1_chain(ctx,sk) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN,1,(char *)sk)
-# define SSL_CTX_add0_chain_cert(ctx,x509) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN_CERT,0,(char *)x509)
-# define SSL_CTX_add1_chain_cert(ctx,x509) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN_CERT,1,(char *)x509)
-# define SSL_CTX_get0_chain_certs(ctx,px509) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_CHAIN_CERTS,0,px509)
-# define SSL_CTX_clear_chain_certs(ctx) \
-        SSL_CTX_set0_chain(ctx,NULL)
-# define SSL_CTX_build_cert_chain(ctx, flags) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL)
-# define SSL_CTX_select_current_cert(ctx,x509) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SELECT_CURRENT_CERT,0,(char *)x509)
-# define SSL_CTX_set_current_cert(ctx, op) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CURRENT_CERT, op, NULL)
-# define SSL_CTX_set0_verify_cert_store(ctx,st) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_VERIFY_CERT_STORE,0,(char *)st)
-# define SSL_CTX_set1_verify_cert_store(ctx,st) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_VERIFY_CERT_STORE,1,(char *)st)
-# define SSL_CTX_set0_chain_cert_store(ctx,st) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CHAIN_CERT_STORE,0,(char *)st)
-# define SSL_CTX_set1_chain_cert_store(ctx,st) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CHAIN_CERT_STORE,1,(char *)st)
-# define SSL_set0_chain(ctx,sk) \
-        SSL_ctrl(ctx,SSL_CTRL_CHAIN,0,(char *)sk)
-# define SSL_set1_chain(ctx,sk) \
-        SSL_ctrl(ctx,SSL_CTRL_CHAIN,1,(char *)sk)
-# define SSL_add0_chain_cert(ctx,x509) \
-        SSL_ctrl(ctx,SSL_CTRL_CHAIN_CERT,0,(char *)x509)
-# define SSL_add1_chain_cert(ctx,x509) \
-        SSL_ctrl(ctx,SSL_CTRL_CHAIN_CERT,1,(char *)x509)
-# define SSL_get0_chain_certs(ctx,px509) \
-        SSL_ctrl(ctx,SSL_CTRL_GET_CHAIN_CERTS,0,px509)
-# define SSL_clear_chain_certs(ctx) \
-        SSL_set0_chain(ctx,NULL)
-# define SSL_build_cert_chain(s, flags) \
-        SSL_ctrl(s,SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL)
-# define SSL_select_current_cert(ctx,x509) \
-        SSL_ctrl(ctx,SSL_CTRL_SELECT_CURRENT_CERT,0,(char *)x509)
-# define SSL_set_current_cert(ctx,op) \
-        SSL_ctrl(ctx,SSL_CTRL_SET_CURRENT_CERT, op, NULL)
-# define SSL_set0_verify_cert_store(s,st) \
-        SSL_ctrl(s,SSL_CTRL_SET_VERIFY_CERT_STORE,0,(char *)st)
-# define SSL_set1_verify_cert_store(s,st) \
-        SSL_ctrl(s,SSL_CTRL_SET_VERIFY_CERT_STORE,1,(char *)st)
-# define SSL_set0_chain_cert_store(s,st) \
-        SSL_ctrl(s,SSL_CTRL_SET_CHAIN_CERT_STORE,0,(char *)st)
-# define SSL_set1_chain_cert_store(s,st) \
-        SSL_ctrl(s,SSL_CTRL_SET_CHAIN_CERT_STORE,1,(char *)st)
-# define SSL_get1_curves(ctx, s) \
-        SSL_ctrl(ctx,SSL_CTRL_GET_CURVES,0,(char *)s)
-# define SSL_CTX_set1_curves(ctx, clist, clistlen) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CURVES,clistlen,(char *)clist)
-# define SSL_CTX_set1_curves_list(ctx, s) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CURVES_LIST,0,(char *)s)
-# define SSL_set1_curves(ctx, clist, clistlen) \
-        SSL_ctrl(ctx,SSL_CTRL_SET_CURVES,clistlen,(char *)clist)
-# define SSL_set1_curves_list(ctx, s) \
-        SSL_ctrl(ctx,SSL_CTRL_SET_CURVES_LIST,0,(char *)s)
-# define SSL_get_shared_curve(s, n) \
-        SSL_ctrl(s,SSL_CTRL_GET_SHARED_CURVE,n,NULL)
-# define SSL_CTX_set_ecdh_auto(ctx, onoff) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_ECDH_AUTO,onoff,NULL)
-# define SSL_set_ecdh_auto(s, onoff) \
-        SSL_ctrl(s,SSL_CTRL_SET_ECDH_AUTO,onoff,NULL)
-# define SSL_CTX_set1_sigalgs(ctx, slist, slistlen) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS,slistlen,(int *)slist)
-# define SSL_CTX_set1_sigalgs_list(ctx, s) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)s)
-# define SSL_set1_sigalgs(ctx, slist, slistlen) \
-        SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS,slistlen,(int *)slist)
-# define SSL_set1_sigalgs_list(ctx, s) \
-        SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)s)
-# define SSL_CTX_set1_client_sigalgs(ctx, slist, slistlen) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS,slistlen,(int *)slist)
-# define SSL_CTX_set1_client_sigalgs_list(ctx, s) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS_LIST,0,(char *)s)
-# define SSL_set1_client_sigalgs(ctx, slist, slistlen) \
-        SSL_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS,clistlen,(int *)slist)
-# define SSL_set1_client_sigalgs_list(ctx, s) \
-        SSL_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS_LIST,0,(char *)s)
-# define SSL_get0_certificate_types(s, clist) \
-        SSL_ctrl(s, SSL_CTRL_GET_CLIENT_CERT_TYPES, 0, (char *)clist)
-# define SSL_CTX_set1_client_certificate_types(ctx, clist, clistlen) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_CERT_TYPES,clistlen,(char *)clist)
-# define SSL_set1_client_certificate_types(s, clist, clistlen) \
-        SSL_ctrl(s,SSL_CTRL_SET_CLIENT_CERT_TYPES,clistlen,(char *)clist)
-# define SSL_get_peer_signature_nid(s, pn) \
-        SSL_ctrl(s,SSL_CTRL_GET_PEER_SIGNATURE_NID,0,pn)
-# define SSL_get_server_tmp_key(s, pk) \
-        SSL_ctrl(s,SSL_CTRL_GET_SERVER_TMP_KEY,0,pk)
-# define SSL_get0_raw_cipherlist(s, plst) \
-        SSL_ctrl(s,SSL_CTRL_GET_RAW_CIPHERLIST,0,(char *)plst)
-# define SSL_get0_ec_point_formats(s, plst) \
-        SSL_ctrl(s,SSL_CTRL_GET_EC_POINT_FORMATS,0,(char *)plst)
-# ifndef OPENSSL_NO_BIO
-BIO_METHOD *BIO_f_ssl(void);
-BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
-BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
-BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
-int BIO_ssl_copy_session_id(BIO *to, BIO *from);
-void BIO_ssl_shutdown(BIO *ssl_bio);
-
-# endif
-
-int SSL_CTX_set_cipher_list(SSL_CTX *, const char *str);
-SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
-void SSL_CTX_free(SSL_CTX *);
-long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
-long SSL_CTX_get_timeout(const SSL_CTX *ctx);
-X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *);
-void SSL_CTX_set_cert_store(SSL_CTX *, X509_STORE *);
-int SSL_want(const SSL *s);
-int SSL_clear(SSL *s);
-
-void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm);
-
-const SSL_CIPHER *SSL_get_current_cipher(const SSL *s);
-int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits);
-char *SSL_CIPHER_get_version(const SSL_CIPHER *c);
-const char *SSL_CIPHER_get_name(const SSL_CIPHER *c);
-unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c);
-
-int SSL_get_fd(const SSL *s);
-int SSL_get_rfd(const SSL *s);
-int SSL_get_wfd(const SSL *s);
-const char *SSL_get_cipher_list(const SSL *s, int n);
-char *SSL_get_shared_ciphers(const SSL *s, char *buf, int len);
-int SSL_get_read_ahead(const SSL *s);
-int SSL_pending(const SSL *s);
-# ifndef OPENSSL_NO_SOCK
-int SSL_set_fd(SSL *s, int fd);
-int SSL_set_rfd(SSL *s, int fd);
-int SSL_set_wfd(SSL *s, int fd);
-# endif
-# ifndef OPENSSL_NO_BIO
-void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio);
-BIO *SSL_get_rbio(const SSL *s);
-BIO *SSL_get_wbio(const SSL *s);
-# endif
-int SSL_set_cipher_list(SSL *s, const char *str);
-void SSL_set_read_ahead(SSL *s, int yes);
-int SSL_get_verify_mode(const SSL *s);
-int SSL_get_verify_depth(const SSL *s);
-int (*SSL_get_verify_callback(const SSL *s)) (int, X509_STORE_CTX *);
-void SSL_set_verify(SSL *s, int mode,
-                    int (*callback) (int ok, X509_STORE_CTX *ctx));
-void SSL_set_verify_depth(SSL *s, int depth);
-void SSL_set_cert_cb(SSL *s, int (*cb) (SSL *ssl, void *arg), void *arg);
-# ifndef OPENSSL_NO_RSA
-int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
-# endif
-int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
-int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
-int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, const unsigned char *d,
-                            long len);
-int SSL_use_certificate(SSL *ssl, X509 *x);
-int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len);
-
-# ifndef OPENSSL_NO_TLSEXT
-/* Set serverinfo data for the current active cert. */
-int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo,
-                           size_t serverinfo_length);
-#  ifndef OPENSSL_NO_STDIO
-int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file);
-#  endif                        /* NO_STDIO */
-
-# endif
-
-# ifndef OPENSSL_NO_STDIO
-int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
-int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
-int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
-int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
-int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
-int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
-/* PEM type */
-int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
-STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
-int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
-                                        const char *file);
-#  ifndef OPENSSL_SYS_VMS
-/* XXXXX: Better scheme needed! [was: #ifndef MAC_OS_pre_X] */
-#   ifndef OPENSSL_SYS_MACINTOSH_CLASSIC
-int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
-                                       const char *dir);
-#   endif
-#  endif
-
-# endif
-
-void SSL_load_error_strings(void);
-const char *SSL_state_string(const SSL *s);
-const char *SSL_rstate_string(const SSL *s);
-const char *SSL_state_string_long(const SSL *s);
-const char *SSL_rstate_string_long(const SSL *s);
-long SSL_SESSION_get_time(const SSL_SESSION *s);
-long SSL_SESSION_set_time(SSL_SESSION *s, long t);
-long SSL_SESSION_get_timeout(const SSL_SESSION *s);
-long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
-void SSL_copy_session_id(SSL *to, const SSL *from);
-X509 *SSL_SESSION_get0_peer(SSL_SESSION *s);
-int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
-                                unsigned int sid_ctx_len);
-
-SSL_SESSION *SSL_SESSION_new(void);
-const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,
-                                        unsigned int *len);
-unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s);
-# ifndef OPENSSL_NO_FP_API
-int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *ses);
-# endif
-# ifndef OPENSSL_NO_BIO
-int SSL_SESSION_print(BIO *fp, const SSL_SESSION *ses);
-# endif
-void SSL_SESSION_free(SSL_SESSION *ses);
-int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp);
-int SSL_set_session(SSL *to, SSL_SESSION *session);
-int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
-int SSL_CTX_remove_session(SSL_CTX *, SSL_SESSION *c);
-int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB);
-int SSL_set_generate_session_id(SSL *, GEN_SESSION_CB);
-int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
-                                unsigned int id_len);
-SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
-                             long length);
-
-# ifdef HEADER_X509_H
-X509 *SSL_get_peer_certificate(const SSL *s);
-# endif
-
-STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s);
-
-int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
-int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
-int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx)) (int,
-                                                        X509_STORE_CTX *);
-void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
-                        int (*callback) (int, X509_STORE_CTX *));
-void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
-void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
-                                      int (*cb) (X509_STORE_CTX *, void *),
-                                      void *arg);
-void SSL_CTX_set_cert_cb(SSL_CTX *c, int (*cb) (SSL *ssl, void *arg),
-                         void *arg);
-# ifndef OPENSSL_NO_RSA
-int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
-# endif
-int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d,
-                                   long len);
-int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
-int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx,
-                                const unsigned char *d, long len);
-int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
-int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len,
-                                 const unsigned char *d);
-
-void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
-void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
-
-int SSL_CTX_check_private_key(const SSL_CTX *ctx);
-int SSL_check_private_key(const SSL *ctx);
-
-int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
-                                   unsigned int sid_ctx_len);
-
-SSL *SSL_new(SSL_CTX *ctx);
-int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
-                               unsigned int sid_ctx_len);
-
-int SSL_CTX_set_purpose(SSL_CTX *s, int purpose);
-int SSL_set_purpose(SSL *s, int purpose);
-int SSL_CTX_set_trust(SSL_CTX *s, int trust);
-int SSL_set_trust(SSL *s, int trust);
-
-int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm);
-int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);
-
-X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx);
-X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl);
-
-# ifndef OPENSSL_NO_SRP
-int SSL_CTX_set_srp_username(SSL_CTX *ctx, char *name);
-int SSL_CTX_set_srp_password(SSL_CTX *ctx, char *password);
-int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength);
-int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx,
-                                        char *(*cb) (SSL *, void *));
-int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx,
-                                          int (*cb) (SSL *, void *));
-int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
-                                      int (*cb) (SSL *, int *, void *));
-int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg);
-
-int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g,
-                             BIGNUM *sa, BIGNUM *v, char *info);
-int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass,
-                                const char *grp);
-
-BIGNUM *SSL_get_srp_g(SSL *s);
-BIGNUM *SSL_get_srp_N(SSL *s);
-
-char *SSL_get_srp_username(SSL *s);
-char *SSL_get_srp_userinfo(SSL *s);
-# endif
-
-void SSL_certs_clear(SSL *s);
-void SSL_free(SSL *ssl);
-int SSL_accept(SSL *ssl);
-int SSL_connect(SSL *ssl);
-int SSL_read(SSL *ssl, void *buf, int num);
-int SSL_peek(SSL *ssl, void *buf, int num);
-int SSL_write(SSL *ssl, const void *buf, int num);
-long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg);
-long SSL_callback_ctrl(SSL *, int, void (*)(void));
-long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg);
-long SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)(void));
-
-int SSL_get_error(const SSL *s, int ret_code);
-const char *SSL_get_version(const SSL *s);
-
-/* This sets the 'default' SSL version that SSL_new() will create */
-int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
-
-# ifndef OPENSSL_NO_SSL2_METHOD
-const SSL_METHOD *SSLv2_method(void); /* SSLv2 */
-const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
-const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
-# endif
-
-# ifndef OPENSSL_NO_SSL3_METHOD
-const SSL_METHOD *SSLv3_method(void); /* SSLv3 */
-const SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */
-const SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */
-# endif
-
-const SSL_METHOD *SSLv23_method(void); /* Negotiate highest available SSL/TLS
-                                        * version */
-const SSL_METHOD *SSLv23_server_method(void); /* Negotiate highest available
-                                               * SSL/TLS version */
-const SSL_METHOD *SSLv23_client_method(void); /* Negotiate highest available
-                                               * SSL/TLS version */
-
-const SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */
-const SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
-const SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */
-
-const SSL_METHOD *TLSv1_1_method(void); /* TLSv1.1 */
-const SSL_METHOD *TLSv1_1_server_method(void); /* TLSv1.1 */
-const SSL_METHOD *TLSv1_1_client_method(void); /* TLSv1.1 */
-
-const SSL_METHOD *TLSv1_2_method(void); /* TLSv1.2 */
-const SSL_METHOD *TLSv1_2_server_method(void); /* TLSv1.2 */
-const SSL_METHOD *TLSv1_2_client_method(void); /* TLSv1.2 */
-
-const SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */
-const SSL_METHOD *DTLSv1_server_method(void); /* DTLSv1.0 */
-const SSL_METHOD *DTLSv1_client_method(void); /* DTLSv1.0 */
-
-const SSL_METHOD *DTLSv1_2_method(void); /* DTLSv1.2 */
-const SSL_METHOD *DTLSv1_2_server_method(void); /* DTLSv1.2 */
-const SSL_METHOD *DTLSv1_2_client_method(void); /* DTLSv1.2 */
-
-const SSL_METHOD *DTLS_method(void); /* DTLS 1.0 and 1.2 */
-const SSL_METHOD *DTLS_server_method(void); /* DTLS 1.0 and 1.2 */
-const SSL_METHOD *DTLS_client_method(void); /* DTLS 1.0 and 1.2 */
-
-STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s);
-
-int SSL_do_handshake(SSL *s);
-int SSL_renegotiate(SSL *s);
-int SSL_renegotiate_abbreviated(SSL *s);
-int SSL_renegotiate_pending(SSL *s);
-int SSL_shutdown(SSL *s);
-
-const SSL_METHOD *SSL_CTX_get_ssl_method(SSL_CTX *ctx);
-const SSL_METHOD *SSL_get_ssl_method(SSL *s);
-int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
-const char *SSL_alert_type_string_long(int value);
-const char *SSL_alert_type_string(int value);
-const char *SSL_alert_desc_string_long(int value);
-const char *SSL_alert_desc_string(int value);
-
-void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
-void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
-STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
-STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *s);
-int SSL_add_client_CA(SSL *ssl, X509 *x);
-int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x);
-
-void SSL_set_connect_state(SSL *s);
-void SSL_set_accept_state(SSL *s);
-
-long SSL_get_default_timeout(const SSL *s);
-
-int SSL_library_init(void);
-
-char *SSL_CIPHER_description(const SSL_CIPHER *, char *buf, int size);
-STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);
-
-SSL *SSL_dup(SSL *ssl);
-
-X509 *SSL_get_certificate(const SSL *ssl);
-/*
- * EVP_PKEY
- */ struct evp_pkey_st *SSL_get_privatekey(const SSL *ssl);
-
-X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx);
-EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx);
-
-void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);
-int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
-void SSL_set_quiet_shutdown(SSL *ssl, int mode);
-int SSL_get_quiet_shutdown(const SSL *ssl);
-void SSL_set_shutdown(SSL *ssl, int mode);
-int SSL_get_shutdown(const SSL *ssl);
-int SSL_version(const SSL *ssl);
-int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
-int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
-                                  const char *CApath);
-# define SSL_get0_session SSL_get_session/* just peek at pointer */
-SSL_SESSION *SSL_get_session(const SSL *ssl);
-SSL_SESSION *SSL_get1_session(SSL *ssl); /* obtain a reference count */
-SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);
-SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx);
-void SSL_set_info_callback(SSL *ssl,
-                           void (*cb) (const SSL *ssl, int type, int val));
-void (*SSL_get_info_callback(const SSL *ssl)) (const SSL *ssl, int type,
-                                               int val);
-int SSL_state(const SSL *ssl);
-void SSL_set_state(SSL *ssl, int state);
-
-void SSL_set_verify_result(SSL *ssl, long v);
-long SSL_get_verify_result(const SSL *ssl);
-
-int SSL_set_ex_data(SSL *ssl, int idx, void *data);
-void *SSL_get_ex_data(const SSL *ssl, int idx);
-int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-                         CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-
-int SSL_SESSION_set_ex_data(SSL_SESSION *ss, int idx, void *data);
-void *SSL_SESSION_get_ex_data(const SSL_SESSION *ss, int idx);
-int SSL_SESSION_get_ex_new_index(long argl, void *argp,
-                                 CRYPTO_EX_new *new_func,
-                                 CRYPTO_EX_dup *dup_func,
-                                 CRYPTO_EX_free *free_func);
-
-int SSL_CTX_set_ex_data(SSL_CTX *ssl, int idx, void *data);
-void *SSL_CTX_get_ex_data(const SSL_CTX *ssl, int idx);
-int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-                             CRYPTO_EX_dup *dup_func,
-                             CRYPTO_EX_free *free_func);
-
-int SSL_get_ex_data_X509_STORE_CTX_idx(void);
-
-# define SSL_CTX_sess_set_cache_size(ctx,t) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,NULL)
-# define SSL_CTX_sess_get_cache_size(ctx) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,NULL)
-# define SSL_CTX_set_session_cache_mode(ctx,m) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL)
-# define SSL_CTX_get_session_cache_mode(ctx) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL)
-
-# define SSL_CTX_get_default_read_ahead(ctx) SSL_CTX_get_read_ahead(ctx)
-# define SSL_CTX_set_default_read_ahead(ctx,m) SSL_CTX_set_read_ahead(ctx,m)
-# define SSL_CTX_get_read_ahead(ctx) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL)
-# define SSL_CTX_set_read_ahead(ctx,m) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL)
-# define SSL_CTX_get_max_cert_list(ctx) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
-# define SSL_CTX_set_max_cert_list(ctx,m) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
-# define SSL_get_max_cert_list(ssl) \
-        SSL_ctrl(ssl,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
-# define SSL_set_max_cert_list(ssl,m) \
-        SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
-
-# define SSL_CTX_set_max_send_fragment(ctx,m) \
-        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
-# define SSL_set_max_send_fragment(ssl,m) \
-        SSL_ctrl(ssl,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
-
-     /* NB: the keylength is only applicable when is_export is true */
-# ifndef OPENSSL_NO_RSA
-void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
-                                  RSA *(*cb) (SSL *ssl, int is_export,
-                                              int keylength));
-
-void SSL_set_tmp_rsa_callback(SSL *ssl,
-                              RSA *(*cb) (SSL *ssl, int is_export,
-                                          int keylength));
-# endif
-# ifndef OPENSSL_NO_DH
-void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
-                                 DH *(*dh) (SSL *ssl, int is_export,
-                                            int keylength));
-void SSL_set_tmp_dh_callback(SSL *ssl,
-                             DH *(*dh) (SSL *ssl, int is_export,
-                                        int keylength));
-# endif
-# ifndef OPENSSL_NO_ECDH
-void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,
-                                   EC_KEY *(*ecdh) (SSL *ssl, int is_export,
-                                                    int keylength));
-void SSL_set_tmp_ecdh_callback(SSL *ssl,
-                               EC_KEY *(*ecdh) (SSL *ssl, int is_export,
-                                                int keylength));
-# endif
-
-const COMP_METHOD *SSL_get_current_compression(SSL *s);
-const COMP_METHOD *SSL_get_current_expansion(SSL *s);
-const char *SSL_COMP_get_name(const COMP_METHOD *comp);
-STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
-STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP)
-                                                      *meths);
-void SSL_COMP_free_compression_methods(void);
-int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);
-
-const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
-
-/* TLS extensions functions */
-int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len);
-
-int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
-                                  void *arg);
-
-/* Pre-shared secret session resumption functions */
-int SSL_set_session_secret_cb(SSL *s,
-                              tls_session_secret_cb_fn tls_session_secret_cb,
-                              void *arg);
-
-void SSL_set_debug(SSL *s, int debug);
-int SSL_cache_hit(SSL *s);
-int SSL_is_server(SSL *s);
-
-SSL_CONF_CTX *SSL_CONF_CTX_new(void);
-int SSL_CONF_CTX_finish(SSL_CONF_CTX *cctx);
-void SSL_CONF_CTX_free(SSL_CONF_CTX *cctx);
-unsigned int SSL_CONF_CTX_set_flags(SSL_CONF_CTX *cctx, unsigned int flags);
-unsigned int SSL_CONF_CTX_clear_flags(SSL_CONF_CTX *cctx, unsigned int flags);
-int SSL_CONF_CTX_set1_prefix(SSL_CONF_CTX *cctx, const char *pre);
-
-void SSL_CONF_CTX_set_ssl(SSL_CONF_CTX *cctx, SSL *ssl);
-void SSL_CONF_CTX_set_ssl_ctx(SSL_CONF_CTX *cctx, SSL_CTX *ctx);
-
-int SSL_CONF_cmd(SSL_CONF_CTX *cctx, const char *cmd, const char *value);
-int SSL_CONF_cmd_argv(SSL_CONF_CTX *cctx, int *pargc, char ***pargv);
-int SSL_CONF_cmd_value_type(SSL_CONF_CTX *cctx, const char *cmd);
-
-# ifndef OPENSSL_NO_SSL_TRACE
-void SSL_trace(int write_p, int version, int content_type,
-               const void *buf, size_t len, SSL *ssl, void *arg);
-const char *SSL_CIPHER_standard_name(const SSL_CIPHER *c);
-# endif
-
-# ifndef OPENSSL_NO_UNIT_TEST
-const struct openssl_ssl_test_functions *SSL_test_functions(void);
-# endif
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_SSL_strings(void);
-
-/* Error codes for the SSL functions. */
-
-/* Function codes. */
-# define SSL_F_CHECK_SUITEB_CIPHER_LIST                   331
-# define SSL_F_CLIENT_CERTIFICATE                         100
-# define SSL_F_CLIENT_FINISHED                            167
-# define SSL_F_CLIENT_HELLO                               101
-# define SSL_F_CLIENT_MASTER_KEY                          102
-# define SSL_F_D2I_SSL_SESSION                            103
-# define SSL_F_DO_DTLS1_WRITE                             245
-# define SSL_F_DO_SSL3_WRITE                              104
-# define SSL_F_DTLS1_ACCEPT                               246
-# define SSL_F_DTLS1_ADD_CERT_TO_BUF                      295
-# define SSL_F_DTLS1_BUFFER_RECORD                        247
-# define SSL_F_DTLS1_CHECK_TIMEOUT_NUM                    316
-# define SSL_F_DTLS1_CLIENT_HELLO                         248
-# define SSL_F_DTLS1_CONNECT                              249
-# define SSL_F_DTLS1_ENC                                  250
-# define SSL_F_DTLS1_GET_HELLO_VERIFY                     251
-# define SSL_F_DTLS1_GET_MESSAGE                          252
-# define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT                 253
-# define SSL_F_DTLS1_GET_RECORD                           254
-# define SSL_F_DTLS1_HANDLE_TIMEOUT                       297
-# define SSL_F_DTLS1_HEARTBEAT                            305
-# define SSL_F_DTLS1_OUTPUT_CERT_CHAIN                    255
-# define SSL_F_DTLS1_PREPROCESS_FRAGMENT                  288
-# define SSL_F_DTLS1_PROCESS_BUFFERED_RECORDS             424
-# define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE           256
-# define SSL_F_DTLS1_PROCESS_RECORD                       257
-# define SSL_F_DTLS1_READ_BYTES                           258
-# define SSL_F_DTLS1_READ_FAILED                          259
-# define SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST             260
-# define SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE              261
-# define SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE             262
-# define SSL_F_DTLS1_SEND_CLIENT_VERIFY                   263
-# define SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST            264
-# define SSL_F_DTLS1_SEND_SERVER_CERTIFICATE              265
-# define SSL_F_DTLS1_SEND_SERVER_HELLO                    266
-# define SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE             267
-# define SSL_F_DTLS1_WRITE_APP_DATA_BYTES                 268
-# define SSL_F_GET_CLIENT_FINISHED                        105
-# define SSL_F_GET_CLIENT_HELLO                           106
-# define SSL_F_GET_CLIENT_MASTER_KEY                      107
-# define SSL_F_GET_SERVER_FINISHED                        108
-# define SSL_F_GET_SERVER_HELLO                           109
-# define SSL_F_GET_SERVER_STATIC_DH_KEY                   340
-# define SSL_F_GET_SERVER_VERIFY                          110
-# define SSL_F_I2D_SSL_SESSION                            111
-# define SSL_F_READ_N                                     112
-# define SSL_F_REQUEST_CERTIFICATE                        113
-# define SSL_F_SERVER_FINISH                              239
-# define SSL_F_SERVER_HELLO                               114
-# define SSL_F_SERVER_VERIFY                              240
-# define SSL_F_SSL23_ACCEPT                               115
-# define SSL_F_SSL23_CLIENT_HELLO                         116
-# define SSL_F_SSL23_CONNECT                              117
-# define SSL_F_SSL23_GET_CLIENT_HELLO                     118
-# define SSL_F_SSL23_GET_SERVER_HELLO                     119
-# define SSL_F_SSL23_PEEK                                 237
-# define SSL_F_SSL23_READ                                 120
-# define SSL_F_SSL23_WRITE                                121
-# define SSL_F_SSL2_ACCEPT                                122
-# define SSL_F_SSL2_CONNECT                               123
-# define SSL_F_SSL2_ENC_INIT                              124
-# define SSL_F_SSL2_GENERATE_KEY_MATERIAL                 241
-# define SSL_F_SSL2_PEEK                                  234
-# define SSL_F_SSL2_READ                                  125
-# define SSL_F_SSL2_READ_INTERNAL                         236
-# define SSL_F_SSL2_SET_CERTIFICATE                       126
-# define SSL_F_SSL2_WRITE                                 127
-# define SSL_F_SSL3_ACCEPT                                128
-# define SSL_F_SSL3_ADD_CERT_TO_BUF                       296
-# define SSL_F_SSL3_CALLBACK_CTRL                         233
-# define SSL_F_SSL3_CHANGE_CIPHER_STATE                   129
-# define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM              130
-# define SSL_F_SSL3_CHECK_CLIENT_HELLO                    304
-# define SSL_F_SSL3_CHECK_FINISHED                        339
-# define SSL_F_SSL3_CLIENT_HELLO                          131
-# define SSL_F_SSL3_CONNECT                               132
-# define SSL_F_SSL3_CTRL                                  213
-# define SSL_F_SSL3_CTX_CTRL                              133
-# define SSL_F_SSL3_DIGEST_CACHED_RECORDS                 293
-# define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC                 292
-# define SSL_F_SSL3_ENC                                   134
-# define SSL_F_SSL3_GENERATE_KEY_BLOCK                    238
-# define SSL_F_SSL3_GENERATE_MASTER_SECRET                388
-# define SSL_F_SSL3_GET_CERTIFICATE_REQUEST               135
-# define SSL_F_SSL3_GET_CERT_STATUS                       289
-# define SSL_F_SSL3_GET_CERT_VERIFY                       136
-# define SSL_F_SSL3_GET_CLIENT_CERTIFICATE                137
-# define SSL_F_SSL3_GET_CLIENT_HELLO                      138
-# define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE               139
-# define SSL_F_SSL3_GET_FINISHED                          140
-# define SSL_F_SSL3_GET_KEY_EXCHANGE                      141
-# define SSL_F_SSL3_GET_MESSAGE                           142
-# define SSL_F_SSL3_GET_NEW_SESSION_TICKET                283
-# define SSL_F_SSL3_GET_NEXT_PROTO                        306
-# define SSL_F_SSL3_GET_RECORD                            143
-# define SSL_F_SSL3_GET_SERVER_CERTIFICATE                144
-# define SSL_F_SSL3_GET_SERVER_DONE                       145
-# define SSL_F_SSL3_GET_SERVER_HELLO                      146
-# define SSL_F_SSL3_HANDSHAKE_MAC                         285
-# define SSL_F_SSL3_NEW_SESSION_TICKET                    287
-# define SSL_F_SSL3_OUTPUT_CERT_CHAIN                     147
-# define SSL_F_SSL3_PEEK                                  235
-# define SSL_F_SSL3_READ_BYTES                            148
-# define SSL_F_SSL3_READ_N                                149
-# define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST              150
-# define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE               151
-# define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE              152
-# define SSL_F_SSL3_SEND_CLIENT_VERIFY                    153
-# define SSL_F_SSL3_SEND_SERVER_CERTIFICATE               154
-# define SSL_F_SSL3_SEND_SERVER_HELLO                     242
-# define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE              155
-# define SSL_F_SSL3_SETUP_KEY_BLOCK                       157
-# define SSL_F_SSL3_SETUP_READ_BUFFER                     156
-# define SSL_F_SSL3_SETUP_WRITE_BUFFER                    291
-# define SSL_F_SSL3_WRITE_BYTES                           158
-# define SSL_F_SSL3_WRITE_PENDING                         159
-# define SSL_F_SSL_ADD_CERT_CHAIN                         318
-# define SSL_F_SSL_ADD_CERT_TO_BUF                        319
-# define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT        298
-# define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT                 277
-# define SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT           307
-# define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK         215
-# define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK        216
-# define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT        299
-# define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT                 278
-# define SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT           308
-# define SSL_F_SSL_BAD_METHOD                             160
-# define SSL_F_SSL_BUILD_CERT_CHAIN                       332
-# define SSL_F_SSL_BYTES_TO_CIPHER_LIST                   161
-# define SSL_F_SSL_CERT_DUP                               221
-# define SSL_F_SSL_CERT_INST                              222
-# define SSL_F_SSL_CERT_INSTANTIATE                       214
-# define SSL_F_SSL_CERT_NEW                               162
-# define SSL_F_SSL_CHECK_PRIVATE_KEY                      163
-# define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT               280
-# define SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG            279
-# define SSL_F_SSL_CIPHER_PROCESS_RULESTR                 230
-# define SSL_F_SSL_CIPHER_STRENGTH_SORT                   231
-# define SSL_F_SSL_CLEAR                                  164
-# define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD            165
-# define SSL_F_SSL_CONF_CMD                               334
-# define SSL_F_SSL_CREATE_CIPHER_LIST                     166
-# define SSL_F_SSL_CTRL                                   232
-# define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY                  168
-# define SSL_F_SSL_CTX_MAKE_PROFILES                      309
-# define SSL_F_SSL_CTX_NEW                                169
-# define SSL_F_SSL_CTX_SET_CIPHER_LIST                    269
-# define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE             290
-# define SSL_F_SSL_CTX_SET_PURPOSE                        226
-# define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT             219
-# define SSL_F_SSL_CTX_SET_SSL_VERSION                    170
-# define SSL_F_SSL_CTX_SET_TRUST                          229
-# define SSL_F_SSL_CTX_USE_CERTIFICATE                    171
-# define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1               172
-# define SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE         220
-# define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE               173
-# define SSL_F_SSL_CTX_USE_PRIVATEKEY                     174
-# define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1                175
-# define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE                176
-# define SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT              272
-# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY                  177
-# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1             178
-# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE             179
-# define SSL_F_SSL_CTX_USE_SERVERINFO                     336
-# define SSL_F_SSL_CTX_USE_SERVERINFO_FILE                337
-# define SSL_F_SSL_DO_HANDSHAKE                           180
-# define SSL_F_SSL_GET_NEW_SESSION                        181
-# define SSL_F_SSL_GET_PREV_SESSION                       217
-# define SSL_F_SSL_GET_SERVER_CERT_INDEX                  322
-# define SSL_F_SSL_GET_SERVER_SEND_CERT                   182
-# define SSL_F_SSL_GET_SERVER_SEND_PKEY                   317
-# define SSL_F_SSL_GET_SIGN_PKEY                          183
-# define SSL_F_SSL_INIT_WBIO_BUFFER                       184
-# define SSL_F_SSL_LOAD_CLIENT_CA_FILE                    185
-# define SSL_F_SSL_NEW                                    186
-# define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT      300
-# define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT               302
-# define SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT         310
-# define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT      301
-# define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT               303
-# define SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT         311
-# define SSL_F_SSL_PEEK                                   270
-# define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT             281
-# define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT             282
-# define SSL_F_SSL_READ                                   223
-# define SSL_F_SSL_RSA_PRIVATE_DECRYPT                    187
-# define SSL_F_SSL_RSA_PUBLIC_ENCRYPT                     188
-# define SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT                320
-# define SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT                321
-# define SSL_F_SSL_SESSION_DUP                            348
-# define SSL_F_SSL_SESSION_NEW                            189
-# define SSL_F_SSL_SESSION_PRINT_FP                       190
-# define SSL_F_SSL_SESSION_SET1_ID_CONTEXT                312
-# define SSL_F_SSL_SESS_CERT_NEW                          225
-# define SSL_F_SSL_SET_CERT                               191
-# define SSL_F_SSL_SET_CIPHER_LIST                        271
-# define SSL_F_SSL_SET_FD                                 192
-# define SSL_F_SSL_SET_PKEY                               193
-# define SSL_F_SSL_SET_PURPOSE                            227
-# define SSL_F_SSL_SET_RFD                                194
-# define SSL_F_SSL_SET_SESSION                            195
-# define SSL_F_SSL_SET_SESSION_ID_CONTEXT                 218
-# define SSL_F_SSL_SET_SESSION_TICKET_EXT                 294
-# define SSL_F_SSL_SET_TRUST                              228
-# define SSL_F_SSL_SET_WFD                                196
-# define SSL_F_SSL_SHUTDOWN                               224
-# define SSL_F_SSL_SRP_CTX_INIT                           313
-# define SSL_F_SSL_UNDEFINED_CONST_FUNCTION               243
-# define SSL_F_SSL_UNDEFINED_FUNCTION                     197
-# define SSL_F_SSL_UNDEFINED_VOID_FUNCTION                244
-# define SSL_F_SSL_USE_CERTIFICATE                        198
-# define SSL_F_SSL_USE_CERTIFICATE_ASN1                   199
-# define SSL_F_SSL_USE_CERTIFICATE_FILE                   200
-# define SSL_F_SSL_USE_PRIVATEKEY                         201
-# define SSL_F_SSL_USE_PRIVATEKEY_ASN1                    202
-# define SSL_F_SSL_USE_PRIVATEKEY_FILE                    203
-# define SSL_F_SSL_USE_PSK_IDENTITY_HINT                  273
-# define SSL_F_SSL_USE_RSAPRIVATEKEY                      204
-# define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1                 205
-# define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE                 206
-# define SSL_F_SSL_VERIFY_CERT_CHAIN                      207
-# define SSL_F_SSL_WRITE                                  208
-# define SSL_F_TLS12_CHECK_PEER_SIGALG                    333
-# define SSL_F_TLS1_CERT_VERIFY_MAC                       286
-# define SSL_F_TLS1_CHANGE_CIPHER_STATE                   209
-# define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT              274
-# define SSL_F_TLS1_ENC                                   210
-# define SSL_F_TLS1_EXPORT_KEYING_MATERIAL                314
-# define SSL_F_TLS1_GET_CURVELIST                         338
-# define SSL_F_TLS1_HEARTBEAT                             315
-# define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT            275
-# define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT            276
-# define SSL_F_TLS1_PRF                                   284
-# define SSL_F_TLS1_SETUP_KEY_BLOCK                       211
-# define SSL_F_TLS1_SET_SERVER_SIGALGS                    335
-# define SSL_F_WRITE_PENDING                              212
-
-/* Reason codes. */
-# define SSL_R_APP_DATA_IN_HANDSHAKE                      100
-# define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
-# define SSL_R_BAD_ALERT_RECORD                           101
-# define SSL_R_BAD_AUTHENTICATION_TYPE                    102
-# define SSL_R_BAD_CHANGE_CIPHER_SPEC                     103
-# define SSL_R_BAD_CHECKSUM                               104
-# define SSL_R_BAD_DATA                                   390
-# define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK              106
-# define SSL_R_BAD_DECOMPRESSION                          107
-# define SSL_R_BAD_DH_G_LENGTH                            108
-# define SSL_R_BAD_DH_G_VALUE                             375
-# define SSL_R_BAD_DH_PUB_KEY_LENGTH                      109
-# define SSL_R_BAD_DH_PUB_KEY_VALUE                       393
-# define SSL_R_BAD_DH_P_LENGTH                            110
-# define SSL_R_BAD_DH_P_VALUE                             395
-# define SSL_R_BAD_DIGEST_LENGTH                          111
-# define SSL_R_BAD_DSA_SIGNATURE                          112
-# define SSL_R_BAD_ECC_CERT                               304
-# define SSL_R_BAD_ECDSA_SIGNATURE                        305
-# define SSL_R_BAD_ECPOINT                                306
-# define SSL_R_BAD_HANDSHAKE_LENGTH                       332
-# define SSL_R_BAD_HELLO_REQUEST                          105
-# define SSL_R_BAD_LENGTH                                 271
-# define SSL_R_BAD_MAC_DECODE                             113
-# define SSL_R_BAD_MAC_LENGTH                             333
-# define SSL_R_BAD_MESSAGE_TYPE                           114
-# define SSL_R_BAD_PACKET_LENGTH                          115
-# define SSL_R_BAD_PROTOCOL_VERSION_NUMBER                116
-# define SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH               316
-# define SSL_R_BAD_RESPONSE_ARGUMENT                      117
-# define SSL_R_BAD_RSA_DECRYPT                            118
-# define SSL_R_BAD_RSA_ENCRYPT                            119
-# define SSL_R_BAD_RSA_E_LENGTH                           120
-# define SSL_R_BAD_RSA_MODULUS_LENGTH                     121
-# define SSL_R_BAD_RSA_SIGNATURE                          122
-# define SSL_R_BAD_SIGNATURE                              123
-# define SSL_R_BAD_SRP_A_LENGTH                           347
-# define SSL_R_BAD_SRP_B_LENGTH                           348
-# define SSL_R_BAD_SRP_G_LENGTH                           349
-# define SSL_R_BAD_SRP_N_LENGTH                           350
-# define SSL_R_BAD_SRP_PARAMETERS                         371
-# define SSL_R_BAD_SRP_S_LENGTH                           351
-# define SSL_R_BAD_SRTP_MKI_VALUE                         352
-# define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST           353
-# define SSL_R_BAD_SSL_FILETYPE                           124
-# define SSL_R_BAD_SSL_SESSION_ID_LENGTH                  125
-# define SSL_R_BAD_STATE                                  126
-# define SSL_R_BAD_VALUE                                  384
-# define SSL_R_BAD_WRITE_RETRY                            127
-# define SSL_R_BIO_NOT_SET                                128
-# define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG                  129
-# define SSL_R_BN_LIB                                     130
-# define SSL_R_CA_DN_LENGTH_MISMATCH                      131
-# define SSL_R_CA_DN_TOO_LONG                             132
-# define SSL_R_CCS_RECEIVED_EARLY                         133
-# define SSL_R_CERTIFICATE_VERIFY_FAILED                  134
-# define SSL_R_CERT_CB_ERROR                              377
-# define SSL_R_CERT_LENGTH_MISMATCH                       135
-# define SSL_R_CHALLENGE_IS_DIFFERENT                     136
-# define SSL_R_CIPHER_CODE_WRONG_LENGTH                   137
-# define SSL_R_CIPHER_OR_HASH_UNAVAILABLE                 138
-# define SSL_R_CIPHER_TABLE_SRC_ERROR                     139
-# define SSL_R_CLIENTHELLO_TLSEXT                         226
-# define SSL_R_COMPRESSED_LENGTH_TOO_LONG                 140
-# define SSL_R_COMPRESSION_DISABLED                       343
-# define SSL_R_COMPRESSION_FAILURE                        141
-# define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE    307
-# define SSL_R_COMPRESSION_LIBRARY_ERROR                  142
-# define SSL_R_CONNECTION_ID_IS_DIFFERENT                 143
-# define SSL_R_CONNECTION_TYPE_NOT_SET                    144
-# define SSL_R_COOKIE_MISMATCH                            308
-# define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED              145
-# define SSL_R_DATA_LENGTH_TOO_LONG                       146
-# define SSL_R_DECRYPTION_FAILED                          147
-# define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC        281
-# define SSL_R_DH_KEY_TOO_SMALL                           372
-# define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG            148
-# define SSL_R_DIGEST_CHECK_FAILED                        149
-# define SSL_R_DTLS_MESSAGE_TOO_BIG                       334
-# define SSL_R_DUPLICATE_COMPRESSION_ID                   309
-# define SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT             317
-# define SSL_R_ECC_CERT_NOT_FOR_SIGNING                   318
-# define SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE         322
-# define SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE        323
-# define SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE              374
-# define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER               310
-# define SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST         354
-# define SSL_R_ENCRYPTED_LENGTH_TOO_LONG                  150
-# define SSL_R_ERROR_GENERATING_TMP_RSA_KEY               282
-# define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST              151
-# define SSL_R_EXCESSIVE_MESSAGE_SIZE                     152
-# define SSL_R_EXTRA_DATA_IN_MESSAGE                      153
-# define SSL_R_GOT_A_FIN_BEFORE_A_CCS                     154
-# define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS                355
-# define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION           356
-# define SSL_R_HTTPS_PROXY_REQUEST                        155
-# define SSL_R_HTTP_REQUEST                               156
-# define SSL_R_ILLEGAL_PADDING                            283
-# define SSL_R_ILLEGAL_SUITEB_DIGEST                      380
-# define SSL_R_INAPPROPRIATE_FALLBACK                     373
-# define SSL_R_INCONSISTENT_COMPRESSION                   340
-# define SSL_R_INVALID_CHALLENGE_LENGTH                   158
-# define SSL_R_INVALID_COMMAND                            280
-# define SSL_R_INVALID_COMPRESSION_ALGORITHM              341
-# define SSL_R_INVALID_NULL_CMD_NAME                      385
-# define SSL_R_INVALID_PURPOSE                            278
-# define SSL_R_INVALID_SERVERINFO_DATA                    388
-# define SSL_R_INVALID_SRP_USERNAME                       357
-# define SSL_R_INVALID_STATUS_RESPONSE                    328
-# define SSL_R_INVALID_TICKET_KEYS_LENGTH                 325
-# define SSL_R_INVALID_TRUST                              279
-# define SSL_R_KEY_ARG_TOO_LONG                           284
-# define SSL_R_KRB5                                       285
-# define SSL_R_KRB5_C_CC_PRINC                            286
-# define SSL_R_KRB5_C_GET_CRED                            287
-# define SSL_R_KRB5_C_INIT                                288
-# define SSL_R_KRB5_C_MK_REQ                              289
-# define SSL_R_KRB5_S_BAD_TICKET                          290
-# define SSL_R_KRB5_S_INIT                                291
-# define SSL_R_KRB5_S_RD_REQ                              292
-# define SSL_R_KRB5_S_TKT_EXPIRED                         293
-# define SSL_R_KRB5_S_TKT_NYV                             294
-# define SSL_R_KRB5_S_TKT_SKEW                            295
-# define SSL_R_LENGTH_MISMATCH                            159
-# define SSL_R_LENGTH_TOO_SHORT                           160
-# define SSL_R_LIBRARY_BUG                                274
-# define SSL_R_LIBRARY_HAS_NO_CIPHERS                     161
-# define SSL_R_MESSAGE_TOO_LONG                           296
-# define SSL_R_MISSING_DH_DSA_CERT                        162
-# define SSL_R_MISSING_DH_KEY                             163
-# define SSL_R_MISSING_DH_RSA_CERT                        164
-# define SSL_R_MISSING_DSA_SIGNING_CERT                   165
-# define SSL_R_MISSING_ECDH_CERT                          382
-# define SSL_R_MISSING_ECDSA_SIGNING_CERT                 381
-# define SSL_R_MISSING_EXPORT_TMP_DH_KEY                  166
-# define SSL_R_MISSING_EXPORT_TMP_RSA_KEY                 167
-# define SSL_R_MISSING_RSA_CERTIFICATE                    168
-# define SSL_R_MISSING_RSA_ENCRYPTING_CERT                169
-# define SSL_R_MISSING_RSA_SIGNING_CERT                   170
-# define SSL_R_MISSING_SRP_PARAM                          358
-# define SSL_R_MISSING_TMP_DH_KEY                         171
-# define SSL_R_MISSING_TMP_ECDH_KEY                       311
-# define SSL_R_MISSING_TMP_RSA_KEY                        172
-# define SSL_R_MISSING_TMP_RSA_PKEY                       173
-# define SSL_R_MISSING_VERIFY_MESSAGE                     174
-# define SSL_R_MULTIPLE_SGC_RESTARTS                      346
-# define SSL_R_NON_SSLV2_INITIAL_PACKET                   175
-# define SSL_R_NO_CERTIFICATES_RETURNED                   176
-# define SSL_R_NO_CERTIFICATE_ASSIGNED                    177
-# define SSL_R_NO_CERTIFICATE_RETURNED                    178
-# define SSL_R_NO_CERTIFICATE_SET                         179
-# define SSL_R_NO_CERTIFICATE_SPECIFIED                   180
-# define SSL_R_NO_CIPHERS_AVAILABLE                       181
-# define SSL_R_NO_CIPHERS_PASSED                          182
-# define SSL_R_NO_CIPHERS_SPECIFIED                       183
-# define SSL_R_NO_CIPHER_LIST                             184
-# define SSL_R_NO_CIPHER_MATCH                            185
-# define SSL_R_NO_CLIENT_CERT_METHOD                      331
-# define SSL_R_NO_CLIENT_CERT_RECEIVED                    186
-# define SSL_R_NO_COMPRESSION_SPECIFIED                   187
-# define SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER           330
-# define SSL_R_NO_METHOD_SPECIFIED                        188
-# define SSL_R_NO_PEM_EXTENSIONS                          389
-# define SSL_R_NO_PRIVATEKEY                              189
-# define SSL_R_NO_PRIVATE_KEY_ASSIGNED                    190
-# define SSL_R_NO_PROTOCOLS_AVAILABLE                     191
-# define SSL_R_NO_PUBLICKEY                               192
-# define SSL_R_NO_RENEGOTIATION                           339
-# define SSL_R_NO_REQUIRED_DIGEST                         324
-# define SSL_R_NO_SHARED_CIPHER                           193
-# define SSL_R_NO_SHARED_SIGATURE_ALGORITHMS              376
-# define SSL_R_NO_SRTP_PROFILES                           359
-# define SSL_R_NO_VERIFY_CALLBACK                         194
-# define SSL_R_NULL_SSL_CTX                               195
-# define SSL_R_NULL_SSL_METHOD_PASSED                     196
-# define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED            197
-# define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
-# define SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE       387
-# define SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE        379
-# define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE              297
-# define SSL_R_OPAQUE_PRF_INPUT_TOO_LONG                  327
-# define SSL_R_PACKET_LENGTH_TOO_LONG                     198
-# define SSL_R_PARSE_TLSEXT                               227
-# define SSL_R_PATH_TOO_LONG                              270
-# define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE          199
-# define SSL_R_PEER_ERROR                                 200
-# define SSL_R_PEER_ERROR_CERTIFICATE                     201
-# define SSL_R_PEER_ERROR_NO_CERTIFICATE                  202
-# define SSL_R_PEER_ERROR_NO_CIPHER                       203
-# define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE    204
-# define SSL_R_PEM_NAME_BAD_PREFIX                        391
-# define SSL_R_PEM_NAME_TOO_SHORT                         392
-# define SSL_R_PRE_MAC_LENGTH_TOO_LONG                    205
-# define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS          206
-# define SSL_R_PROTOCOL_IS_SHUTDOWN                       207
-# define SSL_R_PSK_IDENTITY_NOT_FOUND                     223
-# define SSL_R_PSK_NO_CLIENT_CB                           224
-# define SSL_R_PSK_NO_SERVER_CB                           225
-# define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR                   208
-# define SSL_R_PUBLIC_KEY_IS_NOT_RSA                      209
-# define SSL_R_PUBLIC_KEY_NOT_RSA                         210
-# define SSL_R_READ_BIO_NOT_SET                           211
-# define SSL_R_READ_TIMEOUT_EXPIRED                       312
-# define SSL_R_READ_WRONG_PACKET_TYPE                     212
-# define SSL_R_RECORD_LENGTH_MISMATCH                     213
-# define SSL_R_RECORD_TOO_LARGE                           214
-# define SSL_R_RECORD_TOO_SMALL                           298
-# define SSL_R_RENEGOTIATE_EXT_TOO_LONG                   335
-# define SSL_R_RENEGOTIATION_ENCODING_ERR                 336
-# define SSL_R_RENEGOTIATION_MISMATCH                     337
-# define SSL_R_REQUIRED_CIPHER_MISSING                    215
-# define SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING    342
-# define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO                 216
-# define SSL_R_REUSE_CERT_TYPE_NOT_ZERO                   217
-# define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO                 218
-# define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING           345
-# define SSL_R_SERVERHELLO_TLSEXT                         275
-# define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED           277
-# define SSL_R_SHORT_READ                                 219
-# define SSL_R_SHUTDOWN_WHILE_IN_INIT                     407
-# define SSL_R_SIGNATURE_ALGORITHMS_ERROR                 360
-# define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE      220
-# define SSL_R_SRP_A_CALC                                 361
-# define SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES           362
-# define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG      363
-# define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE            364
-# define SSL_R_SSL23_DOING_SESSION_ID_REUSE               221
-# define SSL_R_SSL2_CONNECTION_ID_TOO_LONG                299
-# define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT             321
-# define SSL_R_SSL3_EXT_INVALID_SERVERNAME                319
-# define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE           320
-# define SSL_R_SSL3_SESSION_ID_TOO_LONG                   300
-# define SSL_R_SSL3_SESSION_ID_TOO_SHORT                  222
-# define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE                1042
-# define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC                 1020
-# define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED            1045
-# define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED            1044
-# define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN            1046
-# define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE          1030
-# define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE              1040
-# define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER              1047
-# define SSL_R_SSLV3_ALERT_NO_CERTIFICATE                 1041
-# define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE             1010
-# define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE        1043
-# define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION         228
-# define SSL_R_SSL_HANDSHAKE_FAILURE                      229
-# define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS                 230
-# define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED             301
-# define SSL_R_SSL_SESSION_ID_CONFLICT                    302
-# define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG            273
-# define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH              303
-# define SSL_R_SSL_SESSION_ID_IS_DIFFERENT                231
-# define SSL_R_TLSV1_ALERT_ACCESS_DENIED                  1049
-# define SSL_R_TLSV1_ALERT_DECODE_ERROR                   1050
-# define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED              1021
-# define SSL_R_TLSV1_ALERT_DECRYPT_ERROR                  1051
-# define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION             1060
-# define SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK         1086
-# define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY          1071
-# define SSL_R_TLSV1_ALERT_INTERNAL_ERROR                 1080
-# define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION               1100
-# define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION               1070
-# define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW                1022
-# define SSL_R_TLSV1_ALERT_UNKNOWN_CA                     1048
-# define SSL_R_TLSV1_ALERT_USER_CANCELLED                 1090
-# define SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE           1114
-# define SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE      1113
-# define SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE             1111
-# define SSL_R_TLSV1_UNRECOGNIZED_NAME                    1112
-# define SSL_R_TLSV1_UNSUPPORTED_EXTENSION                1110
-# define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER       232
-# define SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT           365
-# define SSL_R_TLS_HEARTBEAT_PENDING                      366
-# define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL                 367
-# define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST             157
-# define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
-# define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG    234
-# define SSL_R_TOO_MANY_WARN_ALERTS                       409
-# define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER            235
-# define SSL_R_UNABLE_TO_DECODE_DH_CERTS                  236
-# define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS                313
-# define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY               237
-# define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS               238
-# define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS             314
-# define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS       239
-# define SSL_R_UNABLE_TO_FIND_SSL_METHOD                  240
-# define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES           241
-# define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES           242
-# define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES          243
-# define SSL_R_UNEXPECTED_MESSAGE                         244
-# define SSL_R_UNEXPECTED_RECORD                          245
-# define SSL_R_UNINITIALIZED                              276
-# define SSL_R_UNKNOWN_ALERT_TYPE                         246
-# define SSL_R_UNKNOWN_CERTIFICATE_TYPE                   247
-# define SSL_R_UNKNOWN_CIPHER_RETURNED                    248
-# define SSL_R_UNKNOWN_CIPHER_TYPE                        249
-# define SSL_R_UNKNOWN_CMD_NAME                           386
-# define SSL_R_UNKNOWN_DIGEST                             368
-# define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE                  250
-# define SSL_R_UNKNOWN_PKEY_TYPE                          251
-# define SSL_R_UNKNOWN_PROTOCOL                           252
-# define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE                  253
-# define SSL_R_UNKNOWN_SSL_VERSION                        254
-# define SSL_R_UNKNOWN_STATE                              255
-# define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED       338
-# define SSL_R_UNSUPPORTED_CIPHER                         256
-# define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM          257
-# define SSL_R_UNSUPPORTED_DIGEST_TYPE                    326
-# define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE                 315
-# define SSL_R_UNSUPPORTED_PROTOCOL                       258
-# define SSL_R_UNSUPPORTED_SSL_VERSION                    259
-# define SSL_R_UNSUPPORTED_STATUS_TYPE                    329
-# define SSL_R_USE_SRTP_NOT_NEGOTIATED                    369
-# define SSL_R_WRITE_BIO_NOT_SET                          260
-# define SSL_R_WRONG_CERTIFICATE_TYPE                     383
-# define SSL_R_WRONG_CIPHER_RETURNED                      261
-# define SSL_R_WRONG_CURVE                                378
-# define SSL_R_WRONG_MESSAGE_TYPE                         262
-# define SSL_R_WRONG_NUMBER_OF_KEY_BITS                   263
-# define SSL_R_WRONG_SIGNATURE_LENGTH                     264
-# define SSL_R_WRONG_SIGNATURE_SIZE                       265
-# define SSL_R_WRONG_SIGNATURE_TYPE                       370
-# define SSL_R_WRONG_SSL_VERSION                          266
-# define SSL_R_WRONG_VERSION_NUMBER                       267
-# define SSL_R_X509_LIB                                   268
-# define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS           269
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/ssl2.h b/thirdparty/openssl/openssl/ssl2.h
deleted file mode 100644
index 03c7dd8cac..0000000000
--- a/thirdparty/openssl/openssl/ssl2.h
+++ /dev/null
@@ -1,265 +0,0 @@
-/* ssl/ssl2.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_SSL2_H
-# define HEADER_SSL2_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Protocol Version Codes */
-# define SSL2_VERSION            0x0002
-# define SSL2_VERSION_MAJOR      0x00
-# define SSL2_VERSION_MINOR      0x02
-/* #define SSL2_CLIENT_VERSION  0x0002 */
-/* #define SSL2_SERVER_VERSION  0x0002 */
-
-/* Protocol Message Codes */
-# define SSL2_MT_ERROR                   0
-# define SSL2_MT_CLIENT_HELLO            1
-# define SSL2_MT_CLIENT_MASTER_KEY       2
-# define SSL2_MT_CLIENT_FINISHED         3
-# define SSL2_MT_SERVER_HELLO            4
-# define SSL2_MT_SERVER_VERIFY           5
-# define SSL2_MT_SERVER_FINISHED         6
-# define SSL2_MT_REQUEST_CERTIFICATE     7
-# define SSL2_MT_CLIENT_CERTIFICATE      8
-
-/* Error Message Codes */
-# define SSL2_PE_UNDEFINED_ERROR         0x0000
-# define SSL2_PE_NO_CIPHER               0x0001
-# define SSL2_PE_NO_CERTIFICATE          0x0002
-# define SSL2_PE_BAD_CERTIFICATE         0x0004
-# define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
-
-/* Cipher Kind Values */
-# define SSL2_CK_NULL_WITH_MD5                   0x02000000/* v3 */
-# define SSL2_CK_RC4_128_WITH_MD5                0x02010080
-# define SSL2_CK_RC4_128_EXPORT40_WITH_MD5       0x02020080
-# define SSL2_CK_RC2_128_CBC_WITH_MD5            0x02030080
-# define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5   0x02040080
-# define SSL2_CK_IDEA_128_CBC_WITH_MD5           0x02050080
-# define SSL2_CK_DES_64_CBC_WITH_MD5             0x02060040
-# define SSL2_CK_DES_64_CBC_WITH_SHA             0x02060140/* v3 */
-# define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5       0x020700c0
-# define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA       0x020701c0/* v3 */
-# define SSL2_CK_RC4_64_WITH_MD5                 0x02080080/* MS hack */
-
-# define SSL2_CK_DES_64_CFB64_WITH_MD5_1         0x02ff0800/* SSLeay */
-# define SSL2_CK_NULL                            0x02ff0810/* SSLeay */
-
-# define SSL2_TXT_DES_64_CFB64_WITH_MD5_1        "DES-CFB-M1"
-# define SSL2_TXT_NULL_WITH_MD5                  "NULL-MD5"
-# define SSL2_TXT_RC4_128_WITH_MD5               "RC4-MD5"
-# define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5      "EXP-RC4-MD5"
-# define SSL2_TXT_RC2_128_CBC_WITH_MD5           "RC2-CBC-MD5"
-# define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5  "EXP-RC2-CBC-MD5"
-# define SSL2_TXT_IDEA_128_CBC_WITH_MD5          "IDEA-CBC-MD5"
-# define SSL2_TXT_DES_64_CBC_WITH_MD5            "DES-CBC-MD5"
-# define SSL2_TXT_DES_64_CBC_WITH_SHA            "DES-CBC-SHA"
-# define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5      "DES-CBC3-MD5"
-# define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA      "DES-CBC3-SHA"
-# define SSL2_TXT_RC4_64_WITH_MD5                "RC4-64-MD5"
-
-# define SSL2_TXT_NULL                           "NULL"
-
-/* Flags for the SSL_CIPHER.algorithm2 field */
-# define SSL2_CF_5_BYTE_ENC                      0x01
-# define SSL2_CF_8_BYTE_ENC                      0x02
-
-/* Certificate Type Codes */
-# define SSL2_CT_X509_CERTIFICATE                0x01
-
-/* Authentication Type Code */
-# define SSL2_AT_MD5_WITH_RSA_ENCRYPTION         0x01
-
-# define SSL2_MAX_SSL_SESSION_ID_LENGTH          32
-
-/* Upper/Lower Bounds */
-# define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS      256
-# ifdef OPENSSL_SYS_MPE
-#  define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER    29998u
-# else
-#  define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER    32767u
-                                                       /* 2^15-1 */
-# endif
-# define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER    16383/* 2^14-1 */
-
-# define SSL2_CHALLENGE_LENGTH   16
-/*
- * #define SSL2_CHALLENGE_LENGTH 32
- */
-# define SSL2_MIN_CHALLENGE_LENGTH       16
-# define SSL2_MAX_CHALLENGE_LENGTH       32
-# define SSL2_CONNECTION_ID_LENGTH       16
-# define SSL2_MAX_CONNECTION_ID_LENGTH   16
-# define SSL2_SSL_SESSION_ID_LENGTH      16
-# define SSL2_MAX_CERT_CHALLENGE_LENGTH  32
-# define SSL2_MIN_CERT_CHALLENGE_LENGTH  16
-# define SSL2_MAX_KEY_MATERIAL_LENGTH    24
-
-# ifndef HEADER_SSL_LOCL_H
-#  define  CERT           char
-# endif
-
-# ifndef OPENSSL_NO_SSL_INTERN
-
-typedef struct ssl2_state_st {
-    int three_byte_header;
-    int clear_text;             /* clear text */
-    int escape;                 /* not used in SSLv2 */
-    int ssl2_rollback;          /* used if SSLv23 rolled back to SSLv2 */
-    /*
-     * non-blocking io info, used to make sure the same args were passwd
-     */
-    unsigned int wnum;          /* number of bytes sent so far */
-    int wpend_tot;
-    const unsigned char *wpend_buf;
-    int wpend_off;              /* offset to data to write */
-    int wpend_len;              /* number of bytes passwd to write */
-    int wpend_ret;              /* number of bytes to return to caller */
-    /* buffer raw data */
-    int rbuf_left;
-    int rbuf_offs;
-    unsigned char *rbuf;
-    unsigned char *wbuf;
-    unsigned char *write_ptr;   /* used to point to the start due to 2/3 byte
-                                 * header. */
-    unsigned int padding;
-    unsigned int rlength;       /* passed to ssl2_enc */
-    int ract_data_length;       /* Set when things are encrypted. */
-    unsigned int wlength;       /* passed to ssl2_enc */
-    int wact_data_length;       /* Set when things are decrypted. */
-    unsigned char *ract_data;
-    unsigned char *wact_data;
-    unsigned char *mac_data;
-    unsigned char *read_key;
-    unsigned char *write_key;
-    /* Stuff specifically to do with this SSL session */
-    unsigned int challenge_length;
-    unsigned char challenge[SSL2_MAX_CHALLENGE_LENGTH];
-    unsigned int conn_id_length;
-    unsigned char conn_id[SSL2_MAX_CONNECTION_ID_LENGTH];
-    unsigned int key_material_length;
-    unsigned char key_material[SSL2_MAX_KEY_MATERIAL_LENGTH * 2];
-    unsigned long read_sequence;
-    unsigned long write_sequence;
-    struct {
-        unsigned int conn_id_length;
-        unsigned int cert_type;
-        unsigned int cert_length;
-        unsigned int csl;
-        unsigned int clear;
-        unsigned int enc;
-        unsigned char ccl[SSL2_MAX_CERT_CHALLENGE_LENGTH];
-        unsigned int cipher_spec_length;
-        unsigned int session_id_length;
-        unsigned int clen;
-        unsigned int rlen;
-    } tmp;
-} SSL2_STATE;
-
-# endif
-
-/* SSLv2 */
-/* client */
-# define SSL2_ST_SEND_CLIENT_HELLO_A             (0x10|SSL_ST_CONNECT)
-# define SSL2_ST_SEND_CLIENT_HELLO_B             (0x11|SSL_ST_CONNECT)
-# define SSL2_ST_GET_SERVER_HELLO_A              (0x20|SSL_ST_CONNECT)
-# define SSL2_ST_GET_SERVER_HELLO_B              (0x21|SSL_ST_CONNECT)
-# define SSL2_ST_SEND_CLIENT_MASTER_KEY_A        (0x30|SSL_ST_CONNECT)
-# define SSL2_ST_SEND_CLIENT_MASTER_KEY_B        (0x31|SSL_ST_CONNECT)
-# define SSL2_ST_SEND_CLIENT_FINISHED_A          (0x40|SSL_ST_CONNECT)
-# define SSL2_ST_SEND_CLIENT_FINISHED_B          (0x41|SSL_ST_CONNECT)
-# define SSL2_ST_SEND_CLIENT_CERTIFICATE_A       (0x50|SSL_ST_CONNECT)
-# define SSL2_ST_SEND_CLIENT_CERTIFICATE_B       (0x51|SSL_ST_CONNECT)
-# define SSL2_ST_SEND_CLIENT_CERTIFICATE_C       (0x52|SSL_ST_CONNECT)
-# define SSL2_ST_SEND_CLIENT_CERTIFICATE_D       (0x53|SSL_ST_CONNECT)
-# define SSL2_ST_GET_SERVER_VERIFY_A             (0x60|SSL_ST_CONNECT)
-# define SSL2_ST_GET_SERVER_VERIFY_B             (0x61|SSL_ST_CONNECT)
-# define SSL2_ST_GET_SERVER_FINISHED_A           (0x70|SSL_ST_CONNECT)
-# define SSL2_ST_GET_SERVER_FINISHED_B           (0x71|SSL_ST_CONNECT)
-# define SSL2_ST_CLIENT_START_ENCRYPTION         (0x80|SSL_ST_CONNECT)
-# define SSL2_ST_X509_GET_CLIENT_CERTIFICATE     (0x90|SSL_ST_CONNECT)
-/* server */
-# define SSL2_ST_GET_CLIENT_HELLO_A              (0x10|SSL_ST_ACCEPT)
-# define SSL2_ST_GET_CLIENT_HELLO_B              (0x11|SSL_ST_ACCEPT)
-# define SSL2_ST_GET_CLIENT_HELLO_C              (0x12|SSL_ST_ACCEPT)
-# define SSL2_ST_SEND_SERVER_HELLO_A             (0x20|SSL_ST_ACCEPT)
-# define SSL2_ST_SEND_SERVER_HELLO_B             (0x21|SSL_ST_ACCEPT)
-# define SSL2_ST_GET_CLIENT_MASTER_KEY_A         (0x30|SSL_ST_ACCEPT)
-# define SSL2_ST_GET_CLIENT_MASTER_KEY_B         (0x31|SSL_ST_ACCEPT)
-# define SSL2_ST_SEND_SERVER_VERIFY_A            (0x40|SSL_ST_ACCEPT)
-# define SSL2_ST_SEND_SERVER_VERIFY_B            (0x41|SSL_ST_ACCEPT)
-# define SSL2_ST_SEND_SERVER_VERIFY_C            (0x42|SSL_ST_ACCEPT)
-# define SSL2_ST_GET_CLIENT_FINISHED_A           (0x50|SSL_ST_ACCEPT)
-# define SSL2_ST_GET_CLIENT_FINISHED_B           (0x51|SSL_ST_ACCEPT)
-# define SSL2_ST_SEND_SERVER_FINISHED_A          (0x60|SSL_ST_ACCEPT)
-# define SSL2_ST_SEND_SERVER_FINISHED_B          (0x61|SSL_ST_ACCEPT)
-# define SSL2_ST_SEND_REQUEST_CERTIFICATE_A      (0x70|SSL_ST_ACCEPT)
-# define SSL2_ST_SEND_REQUEST_CERTIFICATE_B      (0x71|SSL_ST_ACCEPT)
-# define SSL2_ST_SEND_REQUEST_CERTIFICATE_C      (0x72|SSL_ST_ACCEPT)
-# define SSL2_ST_SEND_REQUEST_CERTIFICATE_D      (0x73|SSL_ST_ACCEPT)
-# define SSL2_ST_SERVER_START_ENCRYPTION         (0x80|SSL_ST_ACCEPT)
-# define SSL2_ST_X509_GET_SERVER_CERTIFICATE     (0x90|SSL_ST_ACCEPT)
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/ssl23.h b/thirdparty/openssl/openssl/ssl23.h
deleted file mode 100644
index 9de4685af9..0000000000
--- a/thirdparty/openssl/openssl/ssl23.h
+++ /dev/null
@@ -1,84 +0,0 @@
-/* ssl/ssl23.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_SSL23_H
-# define HEADER_SSL23_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/*
- * client
- */
-/* write to server */
-# define SSL23_ST_CW_CLNT_HELLO_A        (0x210|SSL_ST_CONNECT)
-# define SSL23_ST_CW_CLNT_HELLO_B        (0x211|SSL_ST_CONNECT)
-/* read from server */
-# define SSL23_ST_CR_SRVR_HELLO_A        (0x220|SSL_ST_CONNECT)
-# define SSL23_ST_CR_SRVR_HELLO_B        (0x221|SSL_ST_CONNECT)
-
-/* server */
-/* read from client */
-# define SSL23_ST_SR_CLNT_HELLO_A        (0x210|SSL_ST_ACCEPT)
-# define SSL23_ST_SR_CLNT_HELLO_B        (0x211|SSL_ST_ACCEPT)
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/ssl3.h b/thirdparty/openssl/openssl/ssl3.h
deleted file mode 100644
index e681d50a9e..0000000000
--- a/thirdparty/openssl/openssl/ssl3.h
+++ /dev/null
@@ -1,774 +0,0 @@
-/* ssl/ssl3.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#ifndef HEADER_SSL3_H
-# define HEADER_SSL3_H
-
-# ifndef OPENSSL_NO_COMP
-#  include <openssl/comp.h>
-# endif
-# include <openssl/buffer.h>
-# include <openssl/evp.h>
-# include <openssl/ssl.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/*
- * Signalling cipher suite value from RFC 5746
- * (TLS_EMPTY_RENEGOTIATION_INFO_SCSV)
- */
-# define SSL3_CK_SCSV                            0x030000FF
-
-/*
- * Signalling cipher suite value from draft-ietf-tls-downgrade-scsv-00
- * (TLS_FALLBACK_SCSV)
- */
-# define SSL3_CK_FALLBACK_SCSV                   0x03005600
-
-# define SSL3_CK_RSA_NULL_MD5                    0x03000001
-# define SSL3_CK_RSA_NULL_SHA                    0x03000002
-# define SSL3_CK_RSA_RC4_40_MD5                  0x03000003
-# define SSL3_CK_RSA_RC4_128_MD5                 0x03000004
-# define SSL3_CK_RSA_RC4_128_SHA                 0x03000005
-# define SSL3_CK_RSA_RC2_40_MD5                  0x03000006
-# define SSL3_CK_RSA_IDEA_128_SHA                0x03000007
-# define SSL3_CK_RSA_DES_40_CBC_SHA              0x03000008
-# define SSL3_CK_RSA_DES_64_CBC_SHA              0x03000009
-# define SSL3_CK_RSA_DES_192_CBC3_SHA            0x0300000A
-
-# define SSL3_CK_DH_DSS_DES_40_CBC_SHA           0x0300000B
-# define SSL3_CK_DH_DSS_DES_64_CBC_SHA           0x0300000C
-# define SSL3_CK_DH_DSS_DES_192_CBC3_SHA         0x0300000D
-# define SSL3_CK_DH_RSA_DES_40_CBC_SHA           0x0300000E
-# define SSL3_CK_DH_RSA_DES_64_CBC_SHA           0x0300000F
-# define SSL3_CK_DH_RSA_DES_192_CBC3_SHA         0x03000010
-
-# define SSL3_CK_EDH_DSS_DES_40_CBC_SHA          0x03000011
-# define SSL3_CK_DHE_DSS_DES_40_CBC_SHA          SSL3_CK_EDH_DSS_DES_40_CBC_SHA
-# define SSL3_CK_EDH_DSS_DES_64_CBC_SHA          0x03000012
-# define SSL3_CK_DHE_DSS_DES_64_CBC_SHA          SSL3_CK_EDH_DSS_DES_64_CBC_SHA
-# define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA        0x03000013
-# define SSL3_CK_DHE_DSS_DES_192_CBC3_SHA        SSL3_CK_EDH_DSS_DES_192_CBC3_SHA
-# define SSL3_CK_EDH_RSA_DES_40_CBC_SHA          0x03000014
-# define SSL3_CK_DHE_RSA_DES_40_CBC_SHA          SSL3_CK_EDH_RSA_DES_40_CBC_SHA
-# define SSL3_CK_EDH_RSA_DES_64_CBC_SHA          0x03000015
-# define SSL3_CK_DHE_RSA_DES_64_CBC_SHA          SSL3_CK_EDH_RSA_DES_64_CBC_SHA
-# define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA        0x03000016
-# define SSL3_CK_DHE_RSA_DES_192_CBC3_SHA        SSL3_CK_EDH_RSA_DES_192_CBC3_SHA
-
-# define SSL3_CK_ADH_RC4_40_MD5                  0x03000017
-# define SSL3_CK_ADH_RC4_128_MD5                 0x03000018
-# define SSL3_CK_ADH_DES_40_CBC_SHA              0x03000019
-# define SSL3_CK_ADH_DES_64_CBC_SHA              0x0300001A
-# define SSL3_CK_ADH_DES_192_CBC_SHA             0x0300001B
-
-# if 0
-#  define SSL3_CK_FZA_DMS_NULL_SHA                0x0300001C
-#  define SSL3_CK_FZA_DMS_FZA_SHA                 0x0300001D
-#  if 0                         /* Because it clashes with KRB5, is never
-                                 * used any more, and is safe to remove
-                                 * according to David Hopwood
-                                 * <david.hopwood@zetnet.co.uk> of the
-                                 * ietf-tls list */
-#   define SSL3_CK_FZA_DMS_RC4_SHA                 0x0300001E
-#  endif
-# endif
-
-/*
- * VRS Additional Kerberos5 entries
- */
-# define SSL3_CK_KRB5_DES_64_CBC_SHA             0x0300001E
-# define SSL3_CK_KRB5_DES_192_CBC3_SHA           0x0300001F
-# define SSL3_CK_KRB5_RC4_128_SHA                0x03000020
-# define SSL3_CK_KRB5_IDEA_128_CBC_SHA           0x03000021
-# define SSL3_CK_KRB5_DES_64_CBC_MD5             0x03000022
-# define SSL3_CK_KRB5_DES_192_CBC3_MD5           0x03000023
-# define SSL3_CK_KRB5_RC4_128_MD5                0x03000024
-# define SSL3_CK_KRB5_IDEA_128_CBC_MD5           0x03000025
-
-# define SSL3_CK_KRB5_DES_40_CBC_SHA             0x03000026
-# define SSL3_CK_KRB5_RC2_40_CBC_SHA             0x03000027
-# define SSL3_CK_KRB5_RC4_40_SHA                 0x03000028
-# define SSL3_CK_KRB5_DES_40_CBC_MD5             0x03000029
-# define SSL3_CK_KRB5_RC2_40_CBC_MD5             0x0300002A
-# define SSL3_CK_KRB5_RC4_40_MD5                 0x0300002B
-
-# define SSL3_TXT_RSA_NULL_MD5                   "NULL-MD5"
-# define SSL3_TXT_RSA_NULL_SHA                   "NULL-SHA"
-# define SSL3_TXT_RSA_RC4_40_MD5                 "EXP-RC4-MD5"
-# define SSL3_TXT_RSA_RC4_128_MD5                "RC4-MD5"
-# define SSL3_TXT_RSA_RC4_128_SHA                "RC4-SHA"
-# define SSL3_TXT_RSA_RC2_40_MD5                 "EXP-RC2-CBC-MD5"
-# define SSL3_TXT_RSA_IDEA_128_SHA               "IDEA-CBC-SHA"
-# define SSL3_TXT_RSA_DES_40_CBC_SHA             "EXP-DES-CBC-SHA"
-# define SSL3_TXT_RSA_DES_64_CBC_SHA             "DES-CBC-SHA"
-# define SSL3_TXT_RSA_DES_192_CBC3_SHA           "DES-CBC3-SHA"
-
-# define SSL3_TXT_DH_DSS_DES_40_CBC_SHA          "EXP-DH-DSS-DES-CBC-SHA"
-# define SSL3_TXT_DH_DSS_DES_64_CBC_SHA          "DH-DSS-DES-CBC-SHA"
-# define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA        "DH-DSS-DES-CBC3-SHA"
-# define SSL3_TXT_DH_RSA_DES_40_CBC_SHA          "EXP-DH-RSA-DES-CBC-SHA"
-# define SSL3_TXT_DH_RSA_DES_64_CBC_SHA          "DH-RSA-DES-CBC-SHA"
-# define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA        "DH-RSA-DES-CBC3-SHA"
-
-# define SSL3_TXT_DHE_DSS_DES_40_CBC_SHA         "EXP-DHE-DSS-DES-CBC-SHA"
-# define SSL3_TXT_DHE_DSS_DES_64_CBC_SHA         "DHE-DSS-DES-CBC-SHA"
-# define SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA       "DHE-DSS-DES-CBC3-SHA"
-# define SSL3_TXT_DHE_RSA_DES_40_CBC_SHA         "EXP-DHE-RSA-DES-CBC-SHA"
-# define SSL3_TXT_DHE_RSA_DES_64_CBC_SHA         "DHE-RSA-DES-CBC-SHA"
-# define SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA       "DHE-RSA-DES-CBC3-SHA"
-
-/*
- * This next block of six "EDH" labels is for backward compatibility with
- * older versions of OpenSSL.  New code should use the six "DHE" labels above
- * instead:
- */
-# define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA         "EXP-EDH-DSS-DES-CBC-SHA"
-# define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA         "EDH-DSS-DES-CBC-SHA"
-# define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA       "EDH-DSS-DES-CBC3-SHA"
-# define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA         "EXP-EDH-RSA-DES-CBC-SHA"
-# define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA         "EDH-RSA-DES-CBC-SHA"
-# define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA       "EDH-RSA-DES-CBC3-SHA"
-
-# define SSL3_TXT_ADH_RC4_40_MD5                 "EXP-ADH-RC4-MD5"
-# define SSL3_TXT_ADH_RC4_128_MD5                "ADH-RC4-MD5"
-# define SSL3_TXT_ADH_DES_40_CBC_SHA             "EXP-ADH-DES-CBC-SHA"
-# define SSL3_TXT_ADH_DES_64_CBC_SHA             "ADH-DES-CBC-SHA"
-# define SSL3_TXT_ADH_DES_192_CBC_SHA            "ADH-DES-CBC3-SHA"
-
-# if 0
-#  define SSL3_TXT_FZA_DMS_NULL_SHA               "FZA-NULL-SHA"
-#  define SSL3_TXT_FZA_DMS_FZA_SHA                "FZA-FZA-CBC-SHA"
-#  define SSL3_TXT_FZA_DMS_RC4_SHA                "FZA-RC4-SHA"
-# endif
-
-# define SSL3_TXT_KRB5_DES_64_CBC_SHA            "KRB5-DES-CBC-SHA"
-# define SSL3_TXT_KRB5_DES_192_CBC3_SHA          "KRB5-DES-CBC3-SHA"
-# define SSL3_TXT_KRB5_RC4_128_SHA               "KRB5-RC4-SHA"
-# define SSL3_TXT_KRB5_IDEA_128_CBC_SHA          "KRB5-IDEA-CBC-SHA"
-# define SSL3_TXT_KRB5_DES_64_CBC_MD5            "KRB5-DES-CBC-MD5"
-# define SSL3_TXT_KRB5_DES_192_CBC3_MD5          "KRB5-DES-CBC3-MD5"
-# define SSL3_TXT_KRB5_RC4_128_MD5               "KRB5-RC4-MD5"
-# define SSL3_TXT_KRB5_IDEA_128_CBC_MD5          "KRB5-IDEA-CBC-MD5"
-
-# define SSL3_TXT_KRB5_DES_40_CBC_SHA            "EXP-KRB5-DES-CBC-SHA"
-# define SSL3_TXT_KRB5_RC2_40_CBC_SHA            "EXP-KRB5-RC2-CBC-SHA"
-# define SSL3_TXT_KRB5_RC4_40_SHA                "EXP-KRB5-RC4-SHA"
-# define SSL3_TXT_KRB5_DES_40_CBC_MD5            "EXP-KRB5-DES-CBC-MD5"
-# define SSL3_TXT_KRB5_RC2_40_CBC_MD5            "EXP-KRB5-RC2-CBC-MD5"
-# define SSL3_TXT_KRB5_RC4_40_MD5                "EXP-KRB5-RC4-MD5"
-
-# define SSL3_SSL_SESSION_ID_LENGTH              32
-# define SSL3_MAX_SSL_SESSION_ID_LENGTH          32
-
-# define SSL3_MASTER_SECRET_SIZE                 48
-# define SSL3_RANDOM_SIZE                        32
-# define SSL3_SESSION_ID_SIZE                    32
-# define SSL3_RT_HEADER_LENGTH                   5
-
-# define SSL3_HM_HEADER_LENGTH                  4
-
-# ifndef SSL3_ALIGN_PAYLOAD
- /*
-  * Some will argue that this increases memory footprint, but it's not
-  * actually true. Point is that malloc has to return at least 64-bit aligned
-  * pointers, meaning that allocating 5 bytes wastes 3 bytes in either case.
-  * Suggested pre-gaping simply moves these wasted bytes from the end of
-  * allocated region to its front, but makes data payload aligned, which
-  * improves performance:-)
-  */
-#  define SSL3_ALIGN_PAYLOAD                     8
-# else
-#  if (SSL3_ALIGN_PAYLOAD&(SSL3_ALIGN_PAYLOAD-1))!=0
-#   error "insane SSL3_ALIGN_PAYLOAD"
-#   undef SSL3_ALIGN_PAYLOAD
-#  endif
-# endif
-
-/*
- * This is the maximum MAC (digest) size used by the SSL library. Currently
- * maximum of 20 is used by SHA1, but we reserve for future extension for
- * 512-bit hashes.
- */
-
-# define SSL3_RT_MAX_MD_SIZE                     64
-
-/*
- * Maximum block size used in all ciphersuites. Currently 16 for AES.
- */
-
-# define SSL_RT_MAX_CIPHER_BLOCK_SIZE            16
-
-# define SSL3_RT_MAX_EXTRA                       (16384)
-
-/* Maximum plaintext length: defined by SSL/TLS standards */
-# define SSL3_RT_MAX_PLAIN_LENGTH                16384
-/* Maximum compression overhead: defined by SSL/TLS standards */
-# define SSL3_RT_MAX_COMPRESSED_OVERHEAD         1024
-
-/*
- * The standards give a maximum encryption overhead of 1024 bytes. In
- * practice the value is lower than this. The overhead is the maximum number
- * of padding bytes (256) plus the mac size.
- */
-# define SSL3_RT_MAX_ENCRYPTED_OVERHEAD  (256 + SSL3_RT_MAX_MD_SIZE)
-
-/*
- * OpenSSL currently only uses a padding length of at most one block so the
- * send overhead is smaller.
- */
-
-# define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \
-                        (SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE)
-
-/* If compression isn't used don't include the compression overhead */
-
-# ifdef OPENSSL_NO_COMP
-#  define SSL3_RT_MAX_COMPRESSED_LENGTH           SSL3_RT_MAX_PLAIN_LENGTH
-# else
-#  define SSL3_RT_MAX_COMPRESSED_LENGTH   \
-                (SSL3_RT_MAX_PLAIN_LENGTH+SSL3_RT_MAX_COMPRESSED_OVERHEAD)
-# endif
-# define SSL3_RT_MAX_ENCRYPTED_LENGTH    \
-                (SSL3_RT_MAX_ENCRYPTED_OVERHEAD+SSL3_RT_MAX_COMPRESSED_LENGTH)
-# define SSL3_RT_MAX_PACKET_SIZE         \
-                (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
-
-# define SSL3_MD_CLIENT_FINISHED_CONST   "\x43\x4C\x4E\x54"
-# define SSL3_MD_SERVER_FINISHED_CONST   "\x53\x52\x56\x52"
-
-# define SSL3_VERSION                    0x0300
-# define SSL3_VERSION_MAJOR              0x03
-# define SSL3_VERSION_MINOR              0x00
-
-# define SSL3_RT_CHANGE_CIPHER_SPEC      20
-# define SSL3_RT_ALERT                   21
-# define SSL3_RT_HANDSHAKE               22
-# define SSL3_RT_APPLICATION_DATA        23
-# define TLS1_RT_HEARTBEAT               24
-
-/* Pseudo content types to indicate additional parameters */
-# define TLS1_RT_CRYPTO                  0x1000
-# define TLS1_RT_CRYPTO_PREMASTER        (TLS1_RT_CRYPTO | 0x1)
-# define TLS1_RT_CRYPTO_CLIENT_RANDOM    (TLS1_RT_CRYPTO | 0x2)
-# define TLS1_RT_CRYPTO_SERVER_RANDOM    (TLS1_RT_CRYPTO | 0x3)
-# define TLS1_RT_CRYPTO_MASTER           (TLS1_RT_CRYPTO | 0x4)
-
-# define TLS1_RT_CRYPTO_READ             0x0000
-# define TLS1_RT_CRYPTO_WRITE            0x0100
-# define TLS1_RT_CRYPTO_MAC              (TLS1_RT_CRYPTO | 0x5)
-# define TLS1_RT_CRYPTO_KEY              (TLS1_RT_CRYPTO | 0x6)
-# define TLS1_RT_CRYPTO_IV               (TLS1_RT_CRYPTO | 0x7)
-# define TLS1_RT_CRYPTO_FIXED_IV         (TLS1_RT_CRYPTO | 0x8)
-
-/* Pseudo content type for SSL/TLS header info */
-# define SSL3_RT_HEADER                  0x100
-
-# define SSL3_AL_WARNING                 1
-# define SSL3_AL_FATAL                   2
-
-# define SSL3_AD_CLOSE_NOTIFY             0
-# define SSL3_AD_UNEXPECTED_MESSAGE      10/* fatal */
-# define SSL3_AD_BAD_RECORD_MAC          20/* fatal */
-# define SSL3_AD_DECOMPRESSION_FAILURE   30/* fatal */
-# define SSL3_AD_HANDSHAKE_FAILURE       40/* fatal */
-# define SSL3_AD_NO_CERTIFICATE          41
-# define SSL3_AD_BAD_CERTIFICATE         42
-# define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
-# define SSL3_AD_CERTIFICATE_REVOKED     44
-# define SSL3_AD_CERTIFICATE_EXPIRED     45
-# define SSL3_AD_CERTIFICATE_UNKNOWN     46
-# define SSL3_AD_ILLEGAL_PARAMETER       47/* fatal */
-
-# define TLS1_HB_REQUEST         1
-# define TLS1_HB_RESPONSE        2
-
-# ifndef OPENSSL_NO_SSL_INTERN
-
-typedef struct ssl3_record_st {
-    /* type of record */
-    /*
-     * r
-     */ int type;
-    /* How many bytes available */
-    /*
-     * rw
-     */ unsigned int length;
-    /* read/write offset into 'buf' */
-    /*
-     * r
-     */ unsigned int off;
-    /* pointer to the record data */
-    /*
-     * rw
-     */ unsigned char *data;
-    /* where the decode bytes are */
-    /*
-     * rw
-     */ unsigned char *input;
-    /* only used with decompression - malloc()ed */
-    /*
-     * r
-     */ unsigned char *comp;
-    /* epoch number, needed by DTLS1 */
-    /*
-     * r
-     */ unsigned long epoch;
-    /* sequence number, needed by DTLS1 */
-    /*
-     * r
-     */ unsigned char seq_num[8];
-} SSL3_RECORD;
-
-typedef struct ssl3_buffer_st {
-    /* at least SSL3_RT_MAX_PACKET_SIZE bytes, see ssl3_setup_buffers() */
-    unsigned char *buf;
-    /* buffer size */
-    size_t len;
-    /* where to 'copy from' */
-    int offset;
-    /* how many bytes left */
-    int left;
-} SSL3_BUFFER;
-
-# endif
-
-# define SSL3_CT_RSA_SIGN                        1
-# define SSL3_CT_DSS_SIGN                        2
-# define SSL3_CT_RSA_FIXED_DH                    3
-# define SSL3_CT_DSS_FIXED_DH                    4
-# define SSL3_CT_RSA_EPHEMERAL_DH                5
-# define SSL3_CT_DSS_EPHEMERAL_DH                6
-# define SSL3_CT_FORTEZZA_DMS                    20
-/*
- * SSL3_CT_NUMBER is used to size arrays and it must be large enough to
- * contain all of the cert types defined either for SSLv3 and TLSv1.
- */
-# define SSL3_CT_NUMBER                  9
-
-# define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS       0x0001
-# define SSL3_FLAGS_DELAY_CLIENT_FINISHED        0x0002
-# define SSL3_FLAGS_POP_BUFFER                   0x0004
-# define TLS1_FLAGS_TLS_PADDING_BUG              0x0008
-# define TLS1_FLAGS_SKIP_CERT_VERIFY             0x0010
-# define TLS1_FLAGS_KEEP_HANDSHAKE               0x0020
-/*
- * Set when the handshake is ready to process peer's ChangeCipherSpec message.
- * Cleared after the message has been processed.
- */
-# define SSL3_FLAGS_CCS_OK                       0x0080
-
-/* SSL3_FLAGS_SGC_RESTART_DONE is no longer used */
-# define SSL3_FLAGS_SGC_RESTART_DONE             0x0040
-
-# ifndef OPENSSL_NO_SSL_INTERN
-
-typedef struct ssl3_state_st {
-    long flags;
-    int delay_buf_pop_ret;
-    unsigned char read_sequence[8];
-    int read_mac_secret_size;
-    unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
-    unsigned char write_sequence[8];
-    int write_mac_secret_size;
-    unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
-    unsigned char server_random[SSL3_RANDOM_SIZE];
-    unsigned char client_random[SSL3_RANDOM_SIZE];
-    /* flags for countermeasure against known-IV weakness */
-    int need_empty_fragments;
-    int empty_fragment_done;
-    /* The value of 'extra' when the buffers were initialized */
-    int init_extra;
-    SSL3_BUFFER rbuf;           /* read IO goes into here */
-    SSL3_BUFFER wbuf;           /* write IO goes into here */
-    SSL3_RECORD rrec;           /* each decoded record goes in here */
-    SSL3_RECORD wrec;           /* goes out from here */
-    /*
-     * storage for Alert/Handshake protocol data received but not yet
-     * processed by ssl3_read_bytes:
-     */
-    unsigned char alert_fragment[2];
-    unsigned int alert_fragment_len;
-    unsigned char handshake_fragment[4];
-    unsigned int handshake_fragment_len;
-    /* partial write - check the numbers match */
-    unsigned int wnum;          /* number of bytes sent so far */
-    int wpend_tot;              /* number bytes written */
-    int wpend_type;
-    int wpend_ret;              /* number of bytes submitted */
-    const unsigned char *wpend_buf;
-    /* used during startup, digest all incoming/outgoing packets */
-    BIO *handshake_buffer;
-    /*
-     * When set of handshake digests is determined, buffer is hashed and
-     * freed and MD_CTX-es for all required digests are stored in this array
-     */
-    EVP_MD_CTX **handshake_dgst;
-    /*
-     * Set whenever an expected ChangeCipherSpec message is processed.
-     * Unset when the peer's Finished message is received.
-     * Unexpected ChangeCipherSpec messages trigger a fatal alert.
-     */
-    int change_cipher_spec;
-    int warn_alert;
-    int fatal_alert;
-    /*
-     * we allow one fatal and one warning alert to be outstanding, send close
-     * alert via the warning alert
-     */
-    int alert_dispatch;
-    unsigned char send_alert[2];
-    /*
-     * This flag is set when we should renegotiate ASAP, basically when there
-     * is no more data in the read or write buffers
-     */
-    int renegotiate;
-    int total_renegotiations;
-    int num_renegotiations;
-    int in_read_app_data;
-    /*
-     * Opaque PRF input as used for the current handshake. These fields are
-     * used only if TLSEXT_TYPE_opaque_prf_input is defined (otherwise, they
-     * are merely present to improve binary compatibility)
-     */
-    void *client_opaque_prf_input;
-    size_t client_opaque_prf_input_len;
-    void *server_opaque_prf_input;
-    size_t server_opaque_prf_input_len;
-    struct {
-        /* actually only needs to be 16+20 */
-        unsigned char cert_verify_md[EVP_MAX_MD_SIZE * 2];
-        /* actually only need to be 16+20 for SSLv3 and 12 for TLS */
-        unsigned char finish_md[EVP_MAX_MD_SIZE * 2];
-        int finish_md_len;
-        unsigned char peer_finish_md[EVP_MAX_MD_SIZE * 2];
-        int peer_finish_md_len;
-        unsigned long message_size;
-        int message_type;
-        /* used to hold the new cipher we are going to use */
-        const SSL_CIPHER *new_cipher;
-#  ifndef OPENSSL_NO_DH
-        DH *dh;
-#  endif
-#  ifndef OPENSSL_NO_ECDH
-        EC_KEY *ecdh;           /* holds short lived ECDH key */
-#  endif
-        /* used when SSL_ST_FLUSH_DATA is entered */
-        int next_state;
-        int reuse_message;
-        /* used for certificate requests */
-        int cert_req;
-        int ctype_num;
-        char ctype[SSL3_CT_NUMBER];
-        STACK_OF(X509_NAME) *ca_names;
-        int use_rsa_tmp;
-        int key_block_length;
-        unsigned char *key_block;
-        const EVP_CIPHER *new_sym_enc;
-        const EVP_MD *new_hash;
-        int new_mac_pkey_type;
-        int new_mac_secret_size;
-#  ifndef OPENSSL_NO_COMP
-        const SSL_COMP *new_compression;
-#  else
-        char *new_compression;
-#  endif
-        int cert_request;
-    } tmp;
-
-    /* Connection binding to prevent renegotiation attacks */
-    unsigned char previous_client_finished[EVP_MAX_MD_SIZE];
-    unsigned char previous_client_finished_len;
-    unsigned char previous_server_finished[EVP_MAX_MD_SIZE];
-    unsigned char previous_server_finished_len;
-    int send_connection_binding; /* TODOEKR */
-
-#  ifndef OPENSSL_NO_NEXTPROTONEG
-    /*
-     * Set if we saw the Next Protocol Negotiation extension from our peer.
-     */
-    int next_proto_neg_seen;
-#  endif
-
-#  ifndef OPENSSL_NO_TLSEXT
-#   ifndef OPENSSL_NO_EC
-    /*
-     * This is set to true if we believe that this is a version of Safari
-     * running on OS X 10.6 or newer. We wish to know this because Safari on
-     * 10.8 .. 10.8.3 has broken ECDHE-ECDSA support.
-     */
-    char is_probably_safari;
-#   endif                       /* !OPENSSL_NO_EC */
-
-    /*
-     * ALPN information (we are in the process of transitioning from NPN to
-     * ALPN.)
-     */
-
-    /*
-     * In a server these point to the selected ALPN protocol after the
-     * ClientHello has been processed. In a client these contain the protocol
-     * that the server selected once the ServerHello has been processed.
-     */
-    unsigned char *alpn_selected;
-    unsigned alpn_selected_len;
-#  endif                        /* OPENSSL_NO_TLSEXT */
-} SSL3_STATE;
-
-# endif
-
-/* SSLv3 */
-/*
- * client
- */
-/* extra state */
-# define SSL3_ST_CW_FLUSH                (0x100|SSL_ST_CONNECT)
-# ifndef OPENSSL_NO_SCTP
-#  define DTLS1_SCTP_ST_CW_WRITE_SOCK                     (0x310|SSL_ST_CONNECT)
-#  define DTLS1_SCTP_ST_CR_READ_SOCK                      (0x320|SSL_ST_CONNECT)
-# endif
-/* write to server */
-# define SSL3_ST_CW_CLNT_HELLO_A         (0x110|SSL_ST_CONNECT)
-# define SSL3_ST_CW_CLNT_HELLO_B         (0x111|SSL_ST_CONNECT)
-/* read from server */
-# define SSL3_ST_CR_SRVR_HELLO_A         (0x120|SSL_ST_CONNECT)
-# define SSL3_ST_CR_SRVR_HELLO_B         (0x121|SSL_ST_CONNECT)
-# define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126|SSL_ST_CONNECT)
-# define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127|SSL_ST_CONNECT)
-# define SSL3_ST_CR_CERT_A               (0x130|SSL_ST_CONNECT)
-# define SSL3_ST_CR_CERT_B               (0x131|SSL_ST_CONNECT)
-# define SSL3_ST_CR_KEY_EXCH_A           (0x140|SSL_ST_CONNECT)
-# define SSL3_ST_CR_KEY_EXCH_B           (0x141|SSL_ST_CONNECT)
-# define SSL3_ST_CR_CERT_REQ_A           (0x150|SSL_ST_CONNECT)
-# define SSL3_ST_CR_CERT_REQ_B           (0x151|SSL_ST_CONNECT)
-# define SSL3_ST_CR_SRVR_DONE_A          (0x160|SSL_ST_CONNECT)
-# define SSL3_ST_CR_SRVR_DONE_B          (0x161|SSL_ST_CONNECT)
-/* write to server */
-# define SSL3_ST_CW_CERT_A               (0x170|SSL_ST_CONNECT)
-# define SSL3_ST_CW_CERT_B               (0x171|SSL_ST_CONNECT)
-# define SSL3_ST_CW_CERT_C               (0x172|SSL_ST_CONNECT)
-# define SSL3_ST_CW_CERT_D               (0x173|SSL_ST_CONNECT)
-# define SSL3_ST_CW_KEY_EXCH_A           (0x180|SSL_ST_CONNECT)
-# define SSL3_ST_CW_KEY_EXCH_B           (0x181|SSL_ST_CONNECT)
-# define SSL3_ST_CW_CERT_VRFY_A          (0x190|SSL_ST_CONNECT)
-# define SSL3_ST_CW_CERT_VRFY_B          (0x191|SSL_ST_CONNECT)
-# define SSL3_ST_CW_CHANGE_A             (0x1A0|SSL_ST_CONNECT)
-# define SSL3_ST_CW_CHANGE_B             (0x1A1|SSL_ST_CONNECT)
-# ifndef OPENSSL_NO_NEXTPROTONEG
-#  define SSL3_ST_CW_NEXT_PROTO_A         (0x200|SSL_ST_CONNECT)
-#  define SSL3_ST_CW_NEXT_PROTO_B         (0x201|SSL_ST_CONNECT)
-# endif
-# define SSL3_ST_CW_FINISHED_A           (0x1B0|SSL_ST_CONNECT)
-# define SSL3_ST_CW_FINISHED_B           (0x1B1|SSL_ST_CONNECT)
-/* read from server */
-# define SSL3_ST_CR_CHANGE_A             (0x1C0|SSL_ST_CONNECT)
-# define SSL3_ST_CR_CHANGE_B             (0x1C1|SSL_ST_CONNECT)
-# define SSL3_ST_CR_FINISHED_A           (0x1D0|SSL_ST_CONNECT)
-# define SSL3_ST_CR_FINISHED_B           (0x1D1|SSL_ST_CONNECT)
-# define SSL3_ST_CR_SESSION_TICKET_A     (0x1E0|SSL_ST_CONNECT)
-# define SSL3_ST_CR_SESSION_TICKET_B     (0x1E1|SSL_ST_CONNECT)
-# define SSL3_ST_CR_CERT_STATUS_A        (0x1F0|SSL_ST_CONNECT)
-# define SSL3_ST_CR_CERT_STATUS_B        (0x1F1|SSL_ST_CONNECT)
-
-/* server */
-/* extra state */
-# define SSL3_ST_SW_FLUSH                (0x100|SSL_ST_ACCEPT)
-# ifndef OPENSSL_NO_SCTP
-#  define DTLS1_SCTP_ST_SW_WRITE_SOCK                     (0x310|SSL_ST_ACCEPT)
-#  define DTLS1_SCTP_ST_SR_READ_SOCK                      (0x320|SSL_ST_ACCEPT)
-# endif
-/* read from client */
-/* Do not change the number values, they do matter */
-# define SSL3_ST_SR_CLNT_HELLO_A         (0x110|SSL_ST_ACCEPT)
-# define SSL3_ST_SR_CLNT_HELLO_B         (0x111|SSL_ST_ACCEPT)
-# define SSL3_ST_SR_CLNT_HELLO_C         (0x112|SSL_ST_ACCEPT)
-# define SSL3_ST_SR_CLNT_HELLO_D         (0x115|SSL_ST_ACCEPT)
-/* write to client */
-# define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A (0x113|SSL_ST_ACCEPT)
-# define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B (0x114|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_HELLO_REQ_A          (0x120|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_HELLO_REQ_B          (0x121|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_HELLO_REQ_C          (0x122|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_SRVR_HELLO_A         (0x130|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_SRVR_HELLO_B         (0x131|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_CERT_A               (0x140|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_CERT_B               (0x141|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_KEY_EXCH_A           (0x150|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_KEY_EXCH_B           (0x151|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_CERT_REQ_A           (0x160|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_CERT_REQ_B           (0x161|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_SRVR_DONE_A          (0x170|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_SRVR_DONE_B          (0x171|SSL_ST_ACCEPT)
-/* read from client */
-# define SSL3_ST_SR_CERT_A               (0x180|SSL_ST_ACCEPT)
-# define SSL3_ST_SR_CERT_B               (0x181|SSL_ST_ACCEPT)
-# define SSL3_ST_SR_KEY_EXCH_A           (0x190|SSL_ST_ACCEPT)
-# define SSL3_ST_SR_KEY_EXCH_B           (0x191|SSL_ST_ACCEPT)
-# define SSL3_ST_SR_CERT_VRFY_A          (0x1A0|SSL_ST_ACCEPT)
-# define SSL3_ST_SR_CERT_VRFY_B          (0x1A1|SSL_ST_ACCEPT)
-# define SSL3_ST_SR_CHANGE_A             (0x1B0|SSL_ST_ACCEPT)
-# define SSL3_ST_SR_CHANGE_B             (0x1B1|SSL_ST_ACCEPT)
-# ifndef OPENSSL_NO_NEXTPROTONEG
-#  define SSL3_ST_SR_NEXT_PROTO_A         (0x210|SSL_ST_ACCEPT)
-#  define SSL3_ST_SR_NEXT_PROTO_B         (0x211|SSL_ST_ACCEPT)
-# endif
-# define SSL3_ST_SR_FINISHED_A           (0x1C0|SSL_ST_ACCEPT)
-# define SSL3_ST_SR_FINISHED_B           (0x1C1|SSL_ST_ACCEPT)
-/* write to client */
-# define SSL3_ST_SW_CHANGE_A             (0x1D0|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_CHANGE_B             (0x1D1|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_FINISHED_A           (0x1E0|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_FINISHED_B           (0x1E1|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_SESSION_TICKET_A     (0x1F0|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_SESSION_TICKET_B     (0x1F1|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_CERT_STATUS_A        (0x200|SSL_ST_ACCEPT)
-# define SSL3_ST_SW_CERT_STATUS_B        (0x201|SSL_ST_ACCEPT)
-
-# define SSL3_MT_HELLO_REQUEST                   0
-# define SSL3_MT_CLIENT_HELLO                    1
-# define SSL3_MT_SERVER_HELLO                    2
-# define SSL3_MT_NEWSESSION_TICKET               4
-# define SSL3_MT_CERTIFICATE                     11
-# define SSL3_MT_SERVER_KEY_EXCHANGE             12
-# define SSL3_MT_CERTIFICATE_REQUEST             13
-# define SSL3_MT_SERVER_DONE                     14
-# define SSL3_MT_CERTIFICATE_VERIFY              15
-# define SSL3_MT_CLIENT_KEY_EXCHANGE             16
-# define SSL3_MT_FINISHED                        20
-# define SSL3_MT_CERTIFICATE_STATUS              22
-# ifndef OPENSSL_NO_NEXTPROTONEG
-#  define SSL3_MT_NEXT_PROTO                      67
-# endif
-# define DTLS1_MT_HELLO_VERIFY_REQUEST    3
-
-# define SSL3_MT_CCS                             1
-
-/* These are used when changing over to a new cipher */
-# define SSL3_CC_READ            0x01
-# define SSL3_CC_WRITE           0x02
-# define SSL3_CC_CLIENT          0x10
-# define SSL3_CC_SERVER          0x20
-# define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE)
-# define SSL3_CHANGE_CIPHER_SERVER_READ  (SSL3_CC_SERVER|SSL3_CC_READ)
-# define SSL3_CHANGE_CIPHER_CLIENT_READ  (SSL3_CC_CLIENT|SSL3_CC_READ)
-# define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE)
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/stack.h b/thirdparty/openssl/openssl/stack.h
deleted file mode 100644
index eb07216659..0000000000
--- a/thirdparty/openssl/openssl/stack.h
+++ /dev/null
@@ -1,107 +0,0 @@
-/* crypto/stack/stack.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_STACK_H
-# define HEADER_STACK_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct stack_st {
-    int num;
-    char **data;
-    int sorted;
-    int num_alloc;
-    int (*comp) (const void *, const void *);
-} _STACK;                       /* Use STACK_OF(...) instead */
-
-# define M_sk_num(sk)            ((sk) ? (sk)->num:-1)
-# define M_sk_value(sk,n)        ((sk) ? (sk)->data[n] : NULL)
-
-int sk_num(const _STACK *);
-void *sk_value(const _STACK *, int);
-
-void *sk_set(_STACK *, int, void *);
-
-_STACK *sk_new(int (*cmp) (const void *, const void *));
-_STACK *sk_new_null(void);
-void sk_free(_STACK *);
-void sk_pop_free(_STACK *st, void (*func) (void *));
-_STACK *sk_deep_copy(_STACK *, void *(*)(void *), void (*)(void *));
-int sk_insert(_STACK *sk, void *data, int where);
-void *sk_delete(_STACK *st, int loc);
-void *sk_delete_ptr(_STACK *st, void *p);
-int sk_find(_STACK *st, void *data);
-int sk_find_ex(_STACK *st, void *data);
-int sk_push(_STACK *st, void *data);
-int sk_unshift(_STACK *st, void *data);
-void *sk_shift(_STACK *st);
-void *sk_pop(_STACK *st);
-void sk_zero(_STACK *st);
-int (*sk_set_cmp_func(_STACK *sk, int (*c) (const void *, const void *)))
- (const void *, const void *);
-_STACK *sk_dup(_STACK *st);
-void sk_sort(_STACK *st);
-int sk_is_sorted(const _STACK *st);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/openssl/symhacks.h b/thirdparty/openssl/openssl/symhacks.h
deleted file mode 100644
index 239fa4fb1b..0000000000
--- a/thirdparty/openssl/openssl/symhacks.h
+++ /dev/null
@@ -1,516 +0,0 @@
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_SYMHACKS_H
-# define HEADER_SYMHACKS_H
-
-# include <openssl/e_os2.h>
-
-/*
- * Hacks to solve the problem with linkers incapable of handling very long
- * symbol names.  In the case of VMS, the limit is 31 characters on VMS for
- * VAX.
- */
-/*
- * Note that this affects util/libeay.num and util/ssleay.num...  you may
- * change those manually, but that's not recommended, as those files are
- * controlled centrally and updated on Unix, and the central definition may
- * disagree with yours, which in turn may come with shareable library
- * incompatibilities.
- */
-# ifdef OPENSSL_SYS_VMS
-
-/* Hack a long name in crypto/ex_data.c */
-#  undef CRYPTO_get_ex_data_implementation
-#  define CRYPTO_get_ex_data_implementation       CRYPTO_get_ex_data_impl
-#  undef CRYPTO_set_ex_data_implementation
-#  define CRYPTO_set_ex_data_implementation       CRYPTO_set_ex_data_impl
-
-/* Hack a long name in crypto/asn1/a_mbstr.c */
-#  undef ASN1_STRING_set_default_mask_asc
-#  define ASN1_STRING_set_default_mask_asc        ASN1_STRING_set_def_mask_asc
-
-#  if 0                         /* No longer needed, since safestack macro
-                                 * magic does the job */
-/* Hack the names created with DECLARE_ASN1_SET_OF(PKCS7_SIGNER_INFO) */
-#   undef i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO
-#   define i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO       i2d_ASN1_SET_OF_PKCS7_SIGINF
-#   undef d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO
-#   define d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO       d2i_ASN1_SET_OF_PKCS7_SIGINF
-#  endif
-
-#  if 0                         /* No longer needed, since safestack macro
-                                 * magic does the job */
-/* Hack the names created with DECLARE_ASN1_SET_OF(PKCS7_RECIP_INFO) */
-#   undef i2d_ASN1_SET_OF_PKCS7_RECIP_INFO
-#   define i2d_ASN1_SET_OF_PKCS7_RECIP_INFO        i2d_ASN1_SET_OF_PKCS7_RECINF
-#   undef d2i_ASN1_SET_OF_PKCS7_RECIP_INFO
-#   define d2i_ASN1_SET_OF_PKCS7_RECIP_INFO        d2i_ASN1_SET_OF_PKCS7_RECINF
-#  endif
-
-#  if 0                         /* No longer needed, since safestack macro
-                                 * magic does the job */
-/* Hack the names created with DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION) */
-#   undef i2d_ASN1_SET_OF_ACCESS_DESCRIPTION
-#   define i2d_ASN1_SET_OF_ACCESS_DESCRIPTION      i2d_ASN1_SET_OF_ACC_DESC
-#   undef d2i_ASN1_SET_OF_ACCESS_DESCRIPTION
-#   define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION      d2i_ASN1_SET_OF_ACC_DESC
-#  endif
-
-/* Hack the names created with DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE) */
-#  undef PEM_read_NETSCAPE_CERT_SEQUENCE
-#  define PEM_read_NETSCAPE_CERT_SEQUENCE         PEM_read_NS_CERT_SEQ
-#  undef PEM_write_NETSCAPE_CERT_SEQUENCE
-#  define PEM_write_NETSCAPE_CERT_SEQUENCE        PEM_write_NS_CERT_SEQ
-#  undef PEM_read_bio_NETSCAPE_CERT_SEQUENCE
-#  define PEM_read_bio_NETSCAPE_CERT_SEQUENCE     PEM_read_bio_NS_CERT_SEQ
-#  undef PEM_write_bio_NETSCAPE_CERT_SEQUENCE
-#  define PEM_write_bio_NETSCAPE_CERT_SEQUENCE    PEM_write_bio_NS_CERT_SEQ
-#  undef PEM_write_cb_bio_NETSCAPE_CERT_SEQUENCE
-#  define PEM_write_cb_bio_NETSCAPE_CERT_SEQUENCE PEM_write_cb_bio_NS_CERT_SEQ
-
-/* Hack the names created with DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO) */
-#  undef PEM_read_PKCS8_PRIV_KEY_INFO
-#  define PEM_read_PKCS8_PRIV_KEY_INFO            PEM_read_P8_PRIV_KEY_INFO
-#  undef PEM_write_PKCS8_PRIV_KEY_INFO
-#  define PEM_write_PKCS8_PRIV_KEY_INFO           PEM_write_P8_PRIV_KEY_INFO
-#  undef PEM_read_bio_PKCS8_PRIV_KEY_INFO
-#  define PEM_read_bio_PKCS8_PRIV_KEY_INFO        PEM_read_bio_P8_PRIV_KEY_INFO
-#  undef PEM_write_bio_PKCS8_PRIV_KEY_INFO
-#  define PEM_write_bio_PKCS8_PRIV_KEY_INFO       PEM_write_bio_P8_PRIV_KEY_INFO
-#  undef PEM_write_cb_bio_PKCS8_PRIV_KEY_INFO
-#  define PEM_write_cb_bio_PKCS8_PRIV_KEY_INFO    PEM_wrt_cb_bio_P8_PRIV_KEY_INFO
-
-/* Hack other PEM names */
-#  undef PEM_write_bio_PKCS8PrivateKey_nid
-#  define PEM_write_bio_PKCS8PrivateKey_nid       PEM_write_bio_PKCS8PrivKey_nid
-
-/* Hack some long X509 names */
-#  undef X509_REVOKED_get_ext_by_critical
-#  define X509_REVOKED_get_ext_by_critical        X509_REVOKED_get_ext_by_critic
-#  undef X509_policy_tree_get0_user_policies
-#  define X509_policy_tree_get0_user_policies     X509_pcy_tree_get0_usr_policies
-#  undef X509_policy_node_get0_qualifiers
-#  define X509_policy_node_get0_qualifiers        X509_pcy_node_get0_qualifiers
-#  undef X509_STORE_CTX_get_explicit_policy
-#  define X509_STORE_CTX_get_explicit_policy      X509_STORE_CTX_get_expl_policy
-#  undef X509_STORE_CTX_get0_current_issuer
-#  define X509_STORE_CTX_get0_current_issuer      X509_STORE_CTX_get0_cur_issuer
-
-/* Hack some long CRYPTO names */
-#  undef CRYPTO_set_dynlock_destroy_callback
-#  define CRYPTO_set_dynlock_destroy_callback     CRYPTO_set_dynlock_destroy_cb
-#  undef CRYPTO_set_dynlock_create_callback
-#  define CRYPTO_set_dynlock_create_callback      CRYPTO_set_dynlock_create_cb
-#  undef CRYPTO_set_dynlock_lock_callback
-#  define CRYPTO_set_dynlock_lock_callback        CRYPTO_set_dynlock_lock_cb
-#  undef CRYPTO_get_dynlock_lock_callback
-#  define CRYPTO_get_dynlock_lock_callback        CRYPTO_get_dynlock_lock_cb
-#  undef CRYPTO_get_dynlock_destroy_callback
-#  define CRYPTO_get_dynlock_destroy_callback     CRYPTO_get_dynlock_destroy_cb
-#  undef CRYPTO_get_dynlock_create_callback
-#  define CRYPTO_get_dynlock_create_callback      CRYPTO_get_dynlock_create_cb
-#  undef CRYPTO_set_locked_mem_ex_functions
-#  define CRYPTO_set_locked_mem_ex_functions      CRYPTO_set_locked_mem_ex_funcs
-#  undef CRYPTO_get_locked_mem_ex_functions
-#  define CRYPTO_get_locked_mem_ex_functions      CRYPTO_get_locked_mem_ex_funcs
-
-/* Hack some long SSL/TLS names */
-#  undef SSL_CTX_set_default_verify_paths
-#  define SSL_CTX_set_default_verify_paths        SSL_CTX_set_def_verify_paths
-#  undef SSL_get_ex_data_X509_STORE_CTX_idx
-#  define SSL_get_ex_data_X509_STORE_CTX_idx      SSL_get_ex_d_X509_STORE_CTX_idx
-#  undef SSL_add_file_cert_subjects_to_stack
-#  define SSL_add_file_cert_subjects_to_stack     SSL_add_file_cert_subjs_to_stk
-#  undef SSL_add_dir_cert_subjects_to_stack
-#  define SSL_add_dir_cert_subjects_to_stack      SSL_add_dir_cert_subjs_to_stk
-#  undef SSL_CTX_use_certificate_chain_file
-#  define SSL_CTX_use_certificate_chain_file      SSL_CTX_use_cert_chain_file
-#  undef SSL_CTX_set_cert_verify_callback
-#  define SSL_CTX_set_cert_verify_callback        SSL_CTX_set_cert_verify_cb
-#  undef SSL_CTX_set_default_passwd_cb_userdata
-#  define SSL_CTX_set_default_passwd_cb_userdata  SSL_CTX_set_def_passwd_cb_ud
-#  undef SSL_COMP_get_compression_methods
-#  define SSL_COMP_get_compression_methods        SSL_COMP_get_compress_methods
-#  undef SSL_COMP_set0_compression_methods
-#  define SSL_COMP_set0_compression_methods       SSL_COMP_set0_compress_methods
-#  undef SSL_COMP_free_compression_methods
-#  define SSL_COMP_free_compression_methods       SSL_COMP_free_compress_methods
-#  undef ssl_add_clienthello_renegotiate_ext
-#  define ssl_add_clienthello_renegotiate_ext     ssl_add_clienthello_reneg_ext
-#  undef ssl_add_serverhello_renegotiate_ext
-#  define ssl_add_serverhello_renegotiate_ext     ssl_add_serverhello_reneg_ext
-#  undef ssl_parse_clienthello_renegotiate_ext
-#  define ssl_parse_clienthello_renegotiate_ext   ssl_parse_clienthello_reneg_ext
-#  undef ssl_parse_serverhello_renegotiate_ext
-#  define ssl_parse_serverhello_renegotiate_ext   ssl_parse_serverhello_reneg_ext
-#  undef SSL_srp_server_param_with_username
-#  define SSL_srp_server_param_with_username      SSL_srp_server_param_with_un
-#  undef SSL_CTX_set_srp_client_pwd_callback
-#  define SSL_CTX_set_srp_client_pwd_callback     SSL_CTX_set_srp_client_pwd_cb
-#  undef SSL_CTX_set_srp_verify_param_callback
-#  define SSL_CTX_set_srp_verify_param_callback   SSL_CTX_set_srp_vfy_param_cb
-#  undef SSL_CTX_set_srp_username_callback
-#  define SSL_CTX_set_srp_username_callback       SSL_CTX_set_srp_un_cb
-#  undef ssl_add_clienthello_use_srtp_ext
-#  define ssl_add_clienthello_use_srtp_ext        ssl_add_clihello_use_srtp_ext
-#  undef ssl_add_serverhello_use_srtp_ext
-#  define ssl_add_serverhello_use_srtp_ext        ssl_add_serhello_use_srtp_ext
-#  undef ssl_parse_clienthello_use_srtp_ext
-#  define ssl_parse_clienthello_use_srtp_ext      ssl_parse_clihello_use_srtp_ext
-#  undef ssl_parse_serverhello_use_srtp_ext
-#  define ssl_parse_serverhello_use_srtp_ext      ssl_parse_serhello_use_srtp_ext
-#  undef SSL_CTX_set_next_protos_advertised_cb
-#  define SSL_CTX_set_next_protos_advertised_cb   SSL_CTX_set_next_protos_adv_cb
-#  undef SSL_CTX_set_next_proto_select_cb
-#  define SSL_CTX_set_next_proto_select_cb        SSL_CTX_set_next_proto_sel_cb
-
-#  undef tls1_send_server_supplemental_data
-#  define tls1_send_server_supplemental_data      tls1_send_server_suppl_data
-#  undef tls1_send_client_supplemental_data
-#  define tls1_send_client_supplemental_data      tls1_send_client_suppl_data
-#  undef tls1_get_server_supplemental_data
-#  define tls1_get_server_supplemental_data       tls1_get_server_suppl_data
-#  undef tls1_get_client_supplemental_data
-#  define tls1_get_client_supplemental_data       tls1_get_client_suppl_data
-
-#  undef ssl3_cbc_record_digest_supported
-#  define ssl3_cbc_record_digest_supported        ssl3_cbc_record_digest_support
-#  undef ssl_check_clienthello_tlsext_late
-#  define ssl_check_clienthello_tlsext_late       ssl_check_clihello_tlsext_late
-#  undef ssl_check_clienthello_tlsext_early
-#  define ssl_check_clienthello_tlsext_early      ssl_check_clihello_tlsext_early
-
-/* Hack some RSA long names */
-#  undef RSA_padding_check_PKCS1_OAEP_mgf1
-#  define RSA_padding_check_PKCS1_OAEP_mgf1       RSA_pad_check_PKCS1_OAEP_mgf1
-
-/* Hack some ENGINE long names */
-#  undef ENGINE_get_default_BN_mod_exp_crt
-#  define ENGINE_get_default_BN_mod_exp_crt       ENGINE_get_def_BN_mod_exp_crt
-#  undef ENGINE_set_default_BN_mod_exp_crt
-#  define ENGINE_set_default_BN_mod_exp_crt       ENGINE_set_def_BN_mod_exp_crt
-#  undef ENGINE_set_load_privkey_function
-#  define ENGINE_set_load_privkey_function        ENGINE_set_load_privkey_fn
-#  undef ENGINE_get_load_privkey_function
-#  define ENGINE_get_load_privkey_function        ENGINE_get_load_privkey_fn
-#  undef ENGINE_unregister_pkey_asn1_meths
-#  define ENGINE_unregister_pkey_asn1_meths       ENGINE_unreg_pkey_asn1_meths
-#  undef ENGINE_register_all_pkey_asn1_meths
-#  define ENGINE_register_all_pkey_asn1_meths     ENGINE_reg_all_pkey_asn1_meths
-#  undef ENGINE_set_default_pkey_asn1_meths
-#  define ENGINE_set_default_pkey_asn1_meths      ENGINE_set_def_pkey_asn1_meths
-#  undef ENGINE_get_pkey_asn1_meth_engine
-#  define ENGINE_get_pkey_asn1_meth_engine        ENGINE_get_pkey_asn1_meth_eng
-#  undef ENGINE_set_load_ssl_client_cert_function
-#  define ENGINE_set_load_ssl_client_cert_function \
-                                                ENGINE_set_ld_ssl_clnt_cert_fn
-#  undef ENGINE_get_ssl_client_cert_function
-#  define ENGINE_get_ssl_client_cert_function     ENGINE_get_ssl_client_cert_fn
-
-/* Hack some long OCSP names */
-#  undef OCSP_REQUEST_get_ext_by_critical
-#  define OCSP_REQUEST_get_ext_by_critical        OCSP_REQUEST_get_ext_by_crit
-#  undef OCSP_BASICRESP_get_ext_by_critical
-#  define OCSP_BASICRESP_get_ext_by_critical      OCSP_BASICRESP_get_ext_by_crit
-#  undef OCSP_SINGLERESP_get_ext_by_critical
-#  define OCSP_SINGLERESP_get_ext_by_critical     OCSP_SINGLERESP_get_ext_by_crit
-
-/* Hack some long DES names */
-#  undef _ossl_old_des_ede3_cfb64_encrypt
-#  define _ossl_old_des_ede3_cfb64_encrypt        _ossl_odes_ede3_cfb64_encrypt
-#  undef _ossl_old_des_ede3_ofb64_encrypt
-#  define _ossl_old_des_ede3_ofb64_encrypt        _ossl_odes_ede3_ofb64_encrypt
-
-/* Hack some long EVP names */
-#  undef OPENSSL_add_all_algorithms_noconf
-#  define OPENSSL_add_all_algorithms_noconf       OPENSSL_add_all_algo_noconf
-#  undef OPENSSL_add_all_algorithms_conf
-#  define OPENSSL_add_all_algorithms_conf         OPENSSL_add_all_algo_conf
-#  undef EVP_PKEY_meth_set_verify_recover
-#  define EVP_PKEY_meth_set_verify_recover        EVP_PKEY_meth_set_vrfy_recover
-
-/* Hack some long EC names */
-#  undef EC_GROUP_set_point_conversion_form
-#  define EC_GROUP_set_point_conversion_form      EC_GROUP_set_point_conv_form
-#  undef EC_GROUP_get_point_conversion_form
-#  define EC_GROUP_get_point_conversion_form      EC_GROUP_get_point_conv_form
-#  undef EC_GROUP_clear_free_all_extra_data
-#  define EC_GROUP_clear_free_all_extra_data      EC_GROUP_clr_free_all_xtra_data
-#  undef EC_KEY_set_public_key_affine_coordinates
-#  define EC_KEY_set_public_key_affine_coordinates \
-                                                EC_KEY_set_pub_key_aff_coords
-#  undef EC_POINT_set_Jprojective_coordinates_GFp
-#  define EC_POINT_set_Jprojective_coordinates_GFp \
-                                                EC_POINT_set_Jproj_coords_GFp
-#  undef EC_POINT_get_Jprojective_coordinates_GFp
-#  define EC_POINT_get_Jprojective_coordinates_GFp \
-                                                EC_POINT_get_Jproj_coords_GFp
-#  undef EC_POINT_set_affine_coordinates_GFp
-#  define EC_POINT_set_affine_coordinates_GFp     EC_POINT_set_affine_coords_GFp
-#  undef EC_POINT_get_affine_coordinates_GFp
-#  define EC_POINT_get_affine_coordinates_GFp     EC_POINT_get_affine_coords_GFp
-#  undef EC_POINT_set_compressed_coordinates_GFp
-#  define EC_POINT_set_compressed_coordinates_GFp EC_POINT_set_compr_coords_GFp
-#  undef EC_POINT_set_affine_coordinates_GF2m
-#  define EC_POINT_set_affine_coordinates_GF2m    EC_POINT_set_affine_coords_GF2m
-#  undef EC_POINT_get_affine_coordinates_GF2m
-#  define EC_POINT_get_affine_coordinates_GF2m    EC_POINT_get_affine_coords_GF2m
-#  undef EC_POINT_set_compressed_coordinates_GF2m
-#  define EC_POINT_set_compressed_coordinates_GF2m \
-                                                EC_POINT_set_compr_coords_GF2m
-#  undef ec_GF2m_simple_group_clear_finish
-#  define ec_GF2m_simple_group_clear_finish       ec_GF2m_simple_grp_clr_finish
-#  undef ec_GF2m_simple_group_check_discriminant
-#  define ec_GF2m_simple_group_check_discriminant ec_GF2m_simple_grp_chk_discrim
-#  undef ec_GF2m_simple_point_clear_finish
-#  define ec_GF2m_simple_point_clear_finish       ec_GF2m_simple_pt_clr_finish
-#  undef ec_GF2m_simple_point_set_to_infinity
-#  define ec_GF2m_simple_point_set_to_infinity    ec_GF2m_simple_pt_set_to_inf
-#  undef ec_GF2m_simple_points_make_affine
-#  define ec_GF2m_simple_points_make_affine       ec_GF2m_simple_pts_make_affine
-#  undef ec_GF2m_simple_point_set_affine_coordinates
-#  define ec_GF2m_simple_point_set_affine_coordinates \
-                                                ec_GF2m_smp_pt_set_af_coords
-#  undef ec_GF2m_simple_point_get_affine_coordinates
-#  define ec_GF2m_simple_point_get_affine_coordinates \
-                                                ec_GF2m_smp_pt_get_af_coords
-#  undef ec_GF2m_simple_set_compressed_coordinates
-#  define ec_GF2m_simple_set_compressed_coordinates \
-                                                ec_GF2m_smp_set_compr_coords
-#  undef ec_GFp_simple_group_set_curve_GFp
-#  define ec_GFp_simple_group_set_curve_GFp       ec_GFp_simple_grp_set_curve_GFp
-#  undef ec_GFp_simple_group_get_curve_GFp
-#  define ec_GFp_simple_group_get_curve_GFp       ec_GFp_simple_grp_get_curve_GFp
-#  undef ec_GFp_simple_group_clear_finish
-#  define ec_GFp_simple_group_clear_finish        ec_GFp_simple_grp_clear_finish
-#  undef ec_GFp_simple_group_set_generator
-#  define ec_GFp_simple_group_set_generator       ec_GFp_simple_grp_set_generator
-#  undef ec_GFp_simple_group_get0_generator
-#  define ec_GFp_simple_group_get0_generator      ec_GFp_simple_grp_gt0_generator
-#  undef ec_GFp_simple_group_get_cofactor
-#  define ec_GFp_simple_group_get_cofactor        ec_GFp_simple_grp_get_cofactor
-#  undef ec_GFp_simple_point_clear_finish
-#  define ec_GFp_simple_point_clear_finish        ec_GFp_simple_pt_clear_finish
-#  undef ec_GFp_simple_point_set_to_infinity
-#  define ec_GFp_simple_point_set_to_infinity     ec_GFp_simple_pt_set_to_inf
-#  undef ec_GFp_simple_points_make_affine
-#  define ec_GFp_simple_points_make_affine        ec_GFp_simple_pts_make_affine
-#  undef ec_GFp_simple_set_Jprojective_coordinates_GFp
-#  define ec_GFp_simple_set_Jprojective_coordinates_GFp \
-                                                ec_GFp_smp_set_Jproj_coords_GFp
-#  undef ec_GFp_simple_get_Jprojective_coordinates_GFp
-#  define ec_GFp_simple_get_Jprojective_coordinates_GFp \
-                                                ec_GFp_smp_get_Jproj_coords_GFp
-#  undef ec_GFp_simple_point_set_affine_coordinates_GFp
-#  define ec_GFp_simple_point_set_affine_coordinates_GFp \
-                                                ec_GFp_smp_pt_set_af_coords_GFp
-#  undef ec_GFp_simple_point_get_affine_coordinates_GFp
-#  define ec_GFp_simple_point_get_affine_coordinates_GFp \
-                                                ec_GFp_smp_pt_get_af_coords_GFp
-#  undef ec_GFp_simple_set_compressed_coordinates_GFp
-#  define ec_GFp_simple_set_compressed_coordinates_GFp \
-                                                ec_GFp_smp_set_compr_coords_GFp
-#  undef ec_GFp_simple_point_set_affine_coordinates
-#  define ec_GFp_simple_point_set_affine_coordinates \
-                                                ec_GFp_smp_pt_set_af_coords
-#  undef ec_GFp_simple_point_get_affine_coordinates
-#  define ec_GFp_simple_point_get_affine_coordinates \
-                                                ec_GFp_smp_pt_get_af_coords
-#  undef ec_GFp_simple_set_compressed_coordinates
-#  define ec_GFp_simple_set_compressed_coordinates \
-                                                ec_GFp_smp_set_compr_coords
-#  undef ec_GFp_simple_group_check_discriminant
-#  define ec_GFp_simple_group_check_discriminant  ec_GFp_simple_grp_chk_discrim
-
-/* Hack som long STORE names */
-#  undef STORE_method_set_initialise_function
-#  define STORE_method_set_initialise_function    STORE_meth_set_initialise_fn
-#  undef STORE_method_set_cleanup_function
-#  define STORE_method_set_cleanup_function       STORE_meth_set_cleanup_fn
-#  undef STORE_method_set_generate_function
-#  define STORE_method_set_generate_function      STORE_meth_set_generate_fn
-#  undef STORE_method_set_modify_function
-#  define STORE_method_set_modify_function        STORE_meth_set_modify_fn
-#  undef STORE_method_set_revoke_function
-#  define STORE_method_set_revoke_function        STORE_meth_set_revoke_fn
-#  undef STORE_method_set_delete_function
-#  define STORE_method_set_delete_function        STORE_meth_set_delete_fn
-#  undef STORE_method_set_list_start_function
-#  define STORE_method_set_list_start_function    STORE_meth_set_list_start_fn
-#  undef STORE_method_set_list_next_function
-#  define STORE_method_set_list_next_function     STORE_meth_set_list_next_fn
-#  undef STORE_method_set_list_end_function
-#  define STORE_method_set_list_end_function      STORE_meth_set_list_end_fn
-#  undef STORE_method_set_update_store_function
-#  define STORE_method_set_update_store_function  STORE_meth_set_update_store_fn
-#  undef STORE_method_set_lock_store_function
-#  define STORE_method_set_lock_store_function    STORE_meth_set_lock_store_fn
-#  undef STORE_method_set_unlock_store_function
-#  define STORE_method_set_unlock_store_function  STORE_meth_set_unlock_store_fn
-#  undef STORE_method_get_initialise_function
-#  define STORE_method_get_initialise_function    STORE_meth_get_initialise_fn
-#  undef STORE_method_get_cleanup_function
-#  define STORE_method_get_cleanup_function       STORE_meth_get_cleanup_fn
-#  undef STORE_method_get_generate_function
-#  define STORE_method_get_generate_function      STORE_meth_get_generate_fn
-#  undef STORE_method_get_modify_function
-#  define STORE_method_get_modify_function        STORE_meth_get_modify_fn
-#  undef STORE_method_get_revoke_function
-#  define STORE_method_get_revoke_function        STORE_meth_get_revoke_fn
-#  undef STORE_method_get_delete_function
-#  define STORE_method_get_delete_function        STORE_meth_get_delete_fn
-#  undef STORE_method_get_list_start_function
-#  define STORE_method_get_list_start_function    STORE_meth_get_list_start_fn
-#  undef STORE_method_get_list_next_function
-#  define STORE_method_get_list_next_function     STORE_meth_get_list_next_fn
-#  undef STORE_method_get_list_end_function
-#  define STORE_method_get_list_end_function      STORE_meth_get_list_end_fn
-#  undef STORE_method_get_update_store_function
-#  define STORE_method_get_update_store_function  STORE_meth_get_update_store_fn
-#  undef STORE_method_get_lock_store_function
-#  define STORE_method_get_lock_store_function    STORE_meth_get_lock_store_fn
-#  undef STORE_method_get_unlock_store_function
-#  define STORE_method_get_unlock_store_function  STORE_meth_get_unlock_store_fn
-
-/* Hack some long TS names */
-#  undef TS_RESP_CTX_set_status_info_cond
-#  define TS_RESP_CTX_set_status_info_cond        TS_RESP_CTX_set_stat_info_cond
-#  undef TS_RESP_CTX_set_clock_precision_digits
-#  define TS_RESP_CTX_set_clock_precision_digits  TS_RESP_CTX_set_clk_prec_digits
-#  undef TS_CONF_set_clock_precision_digits
-#  define TS_CONF_set_clock_precision_digits      TS_CONF_set_clk_prec_digits
-
-/* Hack some long CMS names */
-#  undef CMS_RecipientInfo_ktri_get0_algs
-#  define CMS_RecipientInfo_ktri_get0_algs        CMS_RecipInfo_ktri_get0_algs
-#  undef CMS_RecipientInfo_ktri_get0_signer_id
-#  define CMS_RecipientInfo_ktri_get0_signer_id   CMS_RecipInfo_ktri_get0_sigr_id
-#  undef CMS_OtherRevocationInfoFormat_it
-#  define CMS_OtherRevocationInfoFormat_it        CMS_OtherRevocInfoFormat_it
-#  undef CMS_KeyAgreeRecipientIdentifier_it
-#  define CMS_KeyAgreeRecipientIdentifier_it      CMS_KeyAgreeRecipIdentifier_it
-#  undef CMS_OriginatorIdentifierOrKey_it
-#  define CMS_OriginatorIdentifierOrKey_it        CMS_OriginatorIdOrKey_it
-#  undef cms_SignerIdentifier_get0_signer_id
-#  define cms_SignerIdentifier_get0_signer_id     cms_SignerId_get0_signer_id
-#  undef CMS_RecipientInfo_kari_get0_orig_id
-#  define CMS_RecipientInfo_kari_get0_orig_id     CMS_RecipInfo_kari_get0_orig_id
-#  undef CMS_RecipientInfo_kari_get0_reks
-#  define CMS_RecipientInfo_kari_get0_reks        CMS_RecipInfo_kari_get0_reks
-#  undef CMS_RecipientEncryptedKey_cert_cmp
-#  define CMS_RecipientEncryptedKey_cert_cmp      CMS_RecipEncryptedKey_cert_cmp
-#  undef CMS_RecipientInfo_kari_set0_pkey
-#  define CMS_RecipientInfo_kari_set0_pkey        CMS_RecipInfo_kari_set0_pkey
-#  undef CMS_RecipientEncryptedKey_get0_id
-#  define CMS_RecipientEncryptedKey_get0_id       CMS_RecipEncryptedKey_get0_id
-#  undef CMS_RecipientInfo_kari_orig_id_cmp
-#  define CMS_RecipientInfo_kari_orig_id_cmp      CMS_RecipInfo_kari_orig_id_cmp
-
-/* Hack some long DTLS1 names */
-#  undef dtls1_retransmit_buffered_messages
-#  define dtls1_retransmit_buffered_messages      dtls1_retransmit_buffered_msgs
-
-/* Hack some long SRP names */
-#  undef SRP_generate_server_master_secret
-#  define SRP_generate_server_master_secret       SRP_gen_server_master_secret
-#  undef SRP_generate_client_master_secret
-#  define SRP_generate_client_master_secret       SRP_gen_client_master_secret
-
-/* Hack some long UI names */
-#  undef UI_method_get_prompt_constructor
-#  define UI_method_get_prompt_constructor        UI_method_get_prompt_constructr
-#  undef UI_method_set_prompt_constructor
-#  define UI_method_set_prompt_constructor        UI_method_set_prompt_constructr
-
-# endif                         /* defined OPENSSL_SYS_VMS */
-
-/* Case insensitive linking causes problems.... */
-# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2)
-#  undef ERR_load_CRYPTO_strings
-#  define ERR_load_CRYPTO_strings                 ERR_load_CRYPTOlib_strings
-#  undef OCSP_crlID_new
-#  define OCSP_crlID_new                          OCSP_crlID2_new
-
-#  undef d2i_ECPARAMETERS
-#  define d2i_ECPARAMETERS                        d2i_UC_ECPARAMETERS
-#  undef i2d_ECPARAMETERS
-#  define i2d_ECPARAMETERS                        i2d_UC_ECPARAMETERS
-#  undef d2i_ECPKPARAMETERS
-#  define d2i_ECPKPARAMETERS                      d2i_UC_ECPKPARAMETERS
-#  undef i2d_ECPKPARAMETERS
-#  define i2d_ECPKPARAMETERS                      i2d_UC_ECPKPARAMETERS
-
-/*
- * These functions do not seem to exist! However, I'm paranoid... Original
- * command in x509v3.h: These functions are being redefined in another
- * directory, and clash when the linker is case-insensitive, so let's hide
- * them a little, by giving them an extra 'o' at the beginning of the name...
- */
-#  undef X509v3_cleanup_extensions
-#  define X509v3_cleanup_extensions               oX509v3_cleanup_extensions
-#  undef X509v3_add_extension
-#  define X509v3_add_extension                    oX509v3_add_extension
-#  undef X509v3_add_netscape_extensions
-#  define X509v3_add_netscape_extensions          oX509v3_add_netscape_extensions
-#  undef X509v3_add_standard_extensions
-#  define X509v3_add_standard_extensions          oX509v3_add_standard_extensions
-
-/* This one clashes with CMS_data_create */
-#  undef cms_Data_create
-#  define cms_Data_create                         priv_cms_Data_create
-
-# endif
-
-#endif                          /* ! defined HEADER_VMS_IDHACKS_H */
diff --git a/thirdparty/openssl/openssl/tls1.h b/thirdparty/openssl/openssl/tls1.h
deleted file mode 100644
index 7e237d0631..0000000000
--- a/thirdparty/openssl/openssl/tls1.h
+++ /dev/null
@@ -1,810 +0,0 @@
-/* ssl/tls1.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * ECC cipher suite support in OpenSSL originally written by
- * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#ifndef HEADER_TLS1_H
-# define HEADER_TLS1_H
-
-# include <openssl/buffer.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES    0
-
-# define TLS1_VERSION                    0x0301
-# define TLS1_1_VERSION                  0x0302
-# define TLS1_2_VERSION                  0x0303
-# define TLS_MAX_VERSION                 TLS1_2_VERSION
-
-# define TLS1_VERSION_MAJOR              0x03
-# define TLS1_VERSION_MINOR              0x01
-
-# define TLS1_1_VERSION_MAJOR            0x03
-# define TLS1_1_VERSION_MINOR            0x02
-
-# define TLS1_2_VERSION_MAJOR            0x03
-# define TLS1_2_VERSION_MINOR            0x03
-
-# define TLS1_get_version(s) \
-                ((s->version >> 8) == TLS1_VERSION_MAJOR ? s->version : 0)
-
-# define TLS1_get_client_version(s) \
-                ((s->client_version >> 8) == TLS1_VERSION_MAJOR ? s->client_version : 0)
-
-# define TLS1_AD_DECRYPTION_FAILED       21
-# define TLS1_AD_RECORD_OVERFLOW         22
-# define TLS1_AD_UNKNOWN_CA              48/* fatal */
-# define TLS1_AD_ACCESS_DENIED           49/* fatal */
-# define TLS1_AD_DECODE_ERROR            50/* fatal */
-# define TLS1_AD_DECRYPT_ERROR           51
-# define TLS1_AD_EXPORT_RESTRICTION      60/* fatal */
-# define TLS1_AD_PROTOCOL_VERSION        70/* fatal */
-# define TLS1_AD_INSUFFICIENT_SECURITY   71/* fatal */
-# define TLS1_AD_INTERNAL_ERROR          80/* fatal */
-# define TLS1_AD_INAPPROPRIATE_FALLBACK  86/* fatal */
-# define TLS1_AD_USER_CANCELLED          90
-# define TLS1_AD_NO_RENEGOTIATION        100
-/* codes 110-114 are from RFC3546 */
-# define TLS1_AD_UNSUPPORTED_EXTENSION   110
-# define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111
-# define TLS1_AD_UNRECOGNIZED_NAME       112
-# define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
-# define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
-# define TLS1_AD_UNKNOWN_PSK_IDENTITY    115/* fatal */
-
-/* ExtensionType values from RFC3546 / RFC4366 / RFC6066 */
-# define TLSEXT_TYPE_server_name                 0
-# define TLSEXT_TYPE_max_fragment_length         1
-# define TLSEXT_TYPE_client_certificate_url      2
-# define TLSEXT_TYPE_trusted_ca_keys             3
-# define TLSEXT_TYPE_truncated_hmac              4
-# define TLSEXT_TYPE_status_request              5
-/* ExtensionType values from RFC4681 */
-# define TLSEXT_TYPE_user_mapping                6
-/* ExtensionType values from RFC5878 */
-# define TLSEXT_TYPE_client_authz                7
-# define TLSEXT_TYPE_server_authz                8
-/* ExtensionType values from RFC6091 */
-# define TLSEXT_TYPE_cert_type           9
-
-/* ExtensionType values from RFC4492 */
-# define TLSEXT_TYPE_elliptic_curves             10
-# define TLSEXT_TYPE_ec_point_formats            11
-
-/* ExtensionType value from RFC5054 */
-# define TLSEXT_TYPE_srp                         12
-
-/* ExtensionType values from RFC5246 */
-# define TLSEXT_TYPE_signature_algorithms        13
-
-/* ExtensionType value from RFC5764 */
-# define TLSEXT_TYPE_use_srtp    14
-
-/* ExtensionType value from RFC5620 */
-# define TLSEXT_TYPE_heartbeat   15
-
-/* ExtensionType value from RFC7301 */
-# define TLSEXT_TYPE_application_layer_protocol_negotiation 16
-
-/*
- * ExtensionType value for TLS padding extension.
- * http://tools.ietf.org/html/draft-agl-tls-padding
- */
-# define TLSEXT_TYPE_padding     21
-
-/* ExtensionType value from RFC4507 */
-# define TLSEXT_TYPE_session_ticket              35
-
-/* ExtensionType value from draft-rescorla-tls-opaque-prf-input-00.txt */
-# if 0
-/*
- * will have to be provided externally for now ,
- * i.e. build with -DTLSEXT_TYPE_opaque_prf_input=38183
- * using whatever extension number you'd like to try
- */
-#  define TLSEXT_TYPE_opaque_prf_input           ??
-# endif
-
-/* Temporary extension type */
-# define TLSEXT_TYPE_renegotiate                 0xff01
-
-# ifndef OPENSSL_NO_NEXTPROTONEG
-/* This is not an IANA defined extension number */
-#  define TLSEXT_TYPE_next_proto_neg              13172
-# endif
-
-/* NameType value from RFC3546 */
-# define TLSEXT_NAMETYPE_host_name 0
-/* status request value from RFC3546 */
-# define TLSEXT_STATUSTYPE_ocsp 1
-
-/* ECPointFormat values from RFC4492 */
-# define TLSEXT_ECPOINTFORMAT_first                      0
-# define TLSEXT_ECPOINTFORMAT_uncompressed               0
-# define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime  1
-# define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2  2
-# define TLSEXT_ECPOINTFORMAT_last                       2
-
-/* Signature and hash algorithms from RFC5246 */
-# define TLSEXT_signature_anonymous                      0
-# define TLSEXT_signature_rsa                            1
-# define TLSEXT_signature_dsa                            2
-# define TLSEXT_signature_ecdsa                          3
-
-/* Total number of different signature algorithms */
-# define TLSEXT_signature_num                            4
-
-# define TLSEXT_hash_none                                0
-# define TLSEXT_hash_md5                                 1
-# define TLSEXT_hash_sha1                                2
-# define TLSEXT_hash_sha224                              3
-# define TLSEXT_hash_sha256                              4
-# define TLSEXT_hash_sha384                              5
-# define TLSEXT_hash_sha512                              6
-
-/* Total number of different digest algorithms */
-
-# define TLSEXT_hash_num                                 7
-
-/* Flag set for unrecognised algorithms */
-# define TLSEXT_nid_unknown                              0x1000000
-
-/* ECC curves */
-
-# define TLSEXT_curve_P_256                              23
-# define TLSEXT_curve_P_384                              24
-
-# ifndef OPENSSL_NO_TLSEXT
-
-#  define TLSEXT_MAXLEN_host_name 255
-
-const char *SSL_get_servername(const SSL *s, const int type);
-int SSL_get_servername_type(const SSL *s);
-/*
- * SSL_export_keying_material exports a value derived from the master secret,
- * as specified in RFC 5705. It writes |olen| bytes to |out| given a label and
- * optional context. (Since a zero length context is allowed, the |use_context|
- * flag controls whether a context is included.) It returns 1 on success and
- * zero otherwise.
- */
-int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
-                               const char *label, size_t llen,
-                               const unsigned char *p, size_t plen,
-                               int use_context);
-
-int SSL_get_sigalgs(SSL *s, int idx,
-                    int *psign, int *phash, int *psignandhash,
-                    unsigned char *rsig, unsigned char *rhash);
-
-int SSL_get_shared_sigalgs(SSL *s, int idx,
-                           int *psign, int *phash, int *psignandhash,
-                           unsigned char *rsig, unsigned char *rhash);
-
-int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain);
-
-#  define SSL_set_tlsext_host_name(s,name) \
-SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)
-
-#  define SSL_set_tlsext_debug_callback(ssl, cb) \
-SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,(void (*)(void))cb)
-
-#  define SSL_set_tlsext_debug_arg(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0, (void *)arg)
-
-#  define SSL_set_tlsext_status_type(ssl, type) \
-SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type, NULL)
-
-#  define SSL_get_tlsext_status_exts(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS,0, (void *)arg)
-
-#  define SSL_set_tlsext_status_exts(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS,0, (void *)arg)
-
-#  define SSL_get_tlsext_status_ids(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS,0, (void *)arg)
-
-#  define SSL_set_tlsext_status_ids(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS,0, (void *)arg)
-
-#  define SSL_get_tlsext_status_ocsp_resp(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP,0, (void *)arg)
-
-#  define SSL_set_tlsext_status_ocsp_resp(ssl, arg, arglen) \
-SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP,arglen, (void *)arg)
-
-#  define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \
-SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,(void (*)(void))cb)
-
-#  define SSL_TLSEXT_ERR_OK 0
-#  define SSL_TLSEXT_ERR_ALERT_WARNING 1
-#  define SSL_TLSEXT_ERR_ALERT_FATAL 2
-#  define SSL_TLSEXT_ERR_NOACK 3
-
-#  define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \
-SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0, (void *)arg)
-
-#  define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \
-        SSL_CTX_ctrl((ctx),SSL_CTRL_GET_TLSEXT_TICKET_KEYS,(keylen),(keys))
-#  define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
-        SSL_CTX_ctrl((ctx),SSL_CTRL_SET_TLSEXT_TICKET_KEYS,(keylen),(keys))
-
-#  define SSL_CTX_set_tlsext_status_cb(ssl, cb) \
-SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb)
-
-#  define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
-SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg)
-
-#  define SSL_set_tlsext_opaque_prf_input(s, src, len) \
-SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT, len, src)
-#  define SSL_CTX_set_tlsext_opaque_prf_input_callback(ctx, cb) \
-SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB, (void (*)(void))cb)
-#  define SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(ctx, arg) \
-SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG, 0, arg)
-
-#  define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
-SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
-
-#  ifndef OPENSSL_NO_HEARTBEATS
-#   define SSL_TLSEXT_HB_ENABLED                           0x01
-#   define SSL_TLSEXT_HB_DONT_SEND_REQUESTS        0x02
-#   define SSL_TLSEXT_HB_DONT_RECV_REQUESTS        0x04
-
-#   define SSL_get_tlsext_heartbeat_pending(ssl) \
-        SSL_ctrl((ssl),SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING,0,NULL)
-#   define SSL_set_tlsext_heartbeat_no_requests(ssl, arg) \
-        SSL_ctrl((ssl),SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS,arg,NULL)
-#  endif
-# endif
-
-/* PSK ciphersuites from 4279 */
-# define TLS1_CK_PSK_WITH_RC4_128_SHA                    0x0300008A
-# define TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA               0x0300008B
-# define TLS1_CK_PSK_WITH_AES_128_CBC_SHA                0x0300008C
-# define TLS1_CK_PSK_WITH_AES_256_CBC_SHA                0x0300008D
-
-/*
- * Additional TLS ciphersuites from expired Internet Draft
- * draft-ietf-tls-56-bit-ciphersuites-01.txt (available if
- * TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see s3_lib.c).  We
- * actually treat them like SSL 3.0 ciphers, which we probably shouldn't.
- * Note that the first two are actually not in the IDs.
- */
-# define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5          0x03000060/* not in
-                                                                    * ID */
-# define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5      0x03000061/* not in
-                                                                    * ID */
-# define TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA         0x03000062
-# define TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA     0x03000063
-# define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA          0x03000064
-# define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA      0x03000065
-# define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA                0x03000066
-
-/* AES ciphersuites from RFC3268 */
-# define TLS1_CK_RSA_WITH_AES_128_SHA                    0x0300002F
-# define TLS1_CK_DH_DSS_WITH_AES_128_SHA                 0x03000030
-# define TLS1_CK_DH_RSA_WITH_AES_128_SHA                 0x03000031
-# define TLS1_CK_DHE_DSS_WITH_AES_128_SHA                0x03000032
-# define TLS1_CK_DHE_RSA_WITH_AES_128_SHA                0x03000033
-# define TLS1_CK_ADH_WITH_AES_128_SHA                    0x03000034
-
-# define TLS1_CK_RSA_WITH_AES_256_SHA                    0x03000035
-# define TLS1_CK_DH_DSS_WITH_AES_256_SHA                 0x03000036
-# define TLS1_CK_DH_RSA_WITH_AES_256_SHA                 0x03000037
-# define TLS1_CK_DHE_DSS_WITH_AES_256_SHA                0x03000038
-# define TLS1_CK_DHE_RSA_WITH_AES_256_SHA                0x03000039
-# define TLS1_CK_ADH_WITH_AES_256_SHA                    0x0300003A
-
-/* TLS v1.2 ciphersuites */
-# define TLS1_CK_RSA_WITH_NULL_SHA256                    0x0300003B
-# define TLS1_CK_RSA_WITH_AES_128_SHA256                 0x0300003C
-# define TLS1_CK_RSA_WITH_AES_256_SHA256                 0x0300003D
-# define TLS1_CK_DH_DSS_WITH_AES_128_SHA256              0x0300003E
-# define TLS1_CK_DH_RSA_WITH_AES_128_SHA256              0x0300003F
-# define TLS1_CK_DHE_DSS_WITH_AES_128_SHA256             0x03000040
-
-/* Camellia ciphersuites from RFC4132 */
-# define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA           0x03000041
-# define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA        0x03000042
-# define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA        0x03000043
-# define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA       0x03000044
-# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA       0x03000045
-# define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA           0x03000046
-
-/* TLS v1.2 ciphersuites */
-# define TLS1_CK_DHE_RSA_WITH_AES_128_SHA256             0x03000067
-# define TLS1_CK_DH_DSS_WITH_AES_256_SHA256              0x03000068
-# define TLS1_CK_DH_RSA_WITH_AES_256_SHA256              0x03000069
-# define TLS1_CK_DHE_DSS_WITH_AES_256_SHA256             0x0300006A
-# define TLS1_CK_DHE_RSA_WITH_AES_256_SHA256             0x0300006B
-# define TLS1_CK_ADH_WITH_AES_128_SHA256                 0x0300006C
-# define TLS1_CK_ADH_WITH_AES_256_SHA256                 0x0300006D
-
-/* Camellia ciphersuites from RFC4132 */
-# define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA           0x03000084
-# define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA        0x03000085
-# define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA        0x03000086
-# define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA       0x03000087
-# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA       0x03000088
-# define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA           0x03000089
-
-/* SEED ciphersuites from RFC4162 */
-# define TLS1_CK_RSA_WITH_SEED_SHA                       0x03000096
-# define TLS1_CK_DH_DSS_WITH_SEED_SHA                    0x03000097
-# define TLS1_CK_DH_RSA_WITH_SEED_SHA                    0x03000098
-# define TLS1_CK_DHE_DSS_WITH_SEED_SHA                   0x03000099
-# define TLS1_CK_DHE_RSA_WITH_SEED_SHA                   0x0300009A
-# define TLS1_CK_ADH_WITH_SEED_SHA                       0x0300009B
-
-/* TLS v1.2 GCM ciphersuites from RFC5288 */
-# define TLS1_CK_RSA_WITH_AES_128_GCM_SHA256             0x0300009C
-# define TLS1_CK_RSA_WITH_AES_256_GCM_SHA384             0x0300009D
-# define TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256         0x0300009E
-# define TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384         0x0300009F
-# define TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256          0x030000A0
-# define TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384          0x030000A1
-# define TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256         0x030000A2
-# define TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384         0x030000A3
-# define TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256          0x030000A4
-# define TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384          0x030000A5
-# define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256             0x030000A6
-# define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384             0x030000A7
-
-/*
- * ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in
- * draft 13
- */
-# define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA                0x0300C001
-# define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA             0x0300C002
-# define TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA        0x0300C003
-# define TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA         0x0300C004
-# define TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA         0x0300C005
-
-# define TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA               0x0300C006
-# define TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA            0x0300C007
-# define TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA       0x0300C008
-# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA        0x0300C009
-# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA        0x0300C00A
-
-# define TLS1_CK_ECDH_RSA_WITH_NULL_SHA                  0x0300C00B
-# define TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA               0x0300C00C
-# define TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA          0x0300C00D
-# define TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA           0x0300C00E
-# define TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA           0x0300C00F
-
-# define TLS1_CK_ECDHE_RSA_WITH_NULL_SHA                 0x0300C010
-# define TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA              0x0300C011
-# define TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA         0x0300C012
-# define TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA          0x0300C013
-# define TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA          0x0300C014
-
-# define TLS1_CK_ECDH_anon_WITH_NULL_SHA                 0x0300C015
-# define TLS1_CK_ECDH_anon_WITH_RC4_128_SHA              0x0300C016
-# define TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA         0x0300C017
-# define TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA          0x0300C018
-# define TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA          0x0300C019
-
-/* SRP ciphersuites from RFC 5054 */
-# define TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA           0x0300C01A
-# define TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA       0x0300C01B
-# define TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA       0x0300C01C
-# define TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA            0x0300C01D
-# define TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA        0x0300C01E
-# define TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA        0x0300C01F
-# define TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA            0x0300C020
-# define TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA        0x0300C021
-# define TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA        0x0300C022
-
-/* ECDH HMAC based ciphersuites from RFC5289 */
-
-# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256         0x0300C023
-# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384         0x0300C024
-# define TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256          0x0300C025
-# define TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384          0x0300C026
-# define TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256           0x0300C027
-# define TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384           0x0300C028
-# define TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256            0x0300C029
-# define TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384            0x0300C02A
-
-/* ECDH GCM based ciphersuites from RFC5289 */
-# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256     0x0300C02B
-# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384     0x0300C02C
-# define TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256      0x0300C02D
-# define TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384      0x0300C02E
-# define TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256       0x0300C02F
-# define TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384       0x0300C030
-# define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256        0x0300C031
-# define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384        0x0300C032
-
-/*
- * XXX * Backward compatibility alert: + * Older versions of OpenSSL gave
- * some DHE ciphers names with "EDH" + * instead of "DHE".  Going forward, we
- * should be using DHE + * everywhere, though we may indefinitely maintain
- * aliases for users + * or configurations that used "EDH" +
- */
-# define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5         "EXP1024-RC4-MD5"
-# define TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5     "EXP1024-RC2-CBC-MD5"
-# define TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA        "EXP1024-DES-CBC-SHA"
-# define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA    "EXP1024-DHE-DSS-DES-CBC-SHA"
-# define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA         "EXP1024-RC4-SHA"
-# define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA     "EXP1024-DHE-DSS-RC4-SHA"
-# define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA               "DHE-DSS-RC4-SHA"
-
-/* AES ciphersuites from RFC3268 */
-# define TLS1_TXT_RSA_WITH_AES_128_SHA                   "AES128-SHA"
-# define TLS1_TXT_DH_DSS_WITH_AES_128_SHA                "DH-DSS-AES128-SHA"
-# define TLS1_TXT_DH_RSA_WITH_AES_128_SHA                "DH-RSA-AES128-SHA"
-# define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA               "DHE-DSS-AES128-SHA"
-# define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA               "DHE-RSA-AES128-SHA"
-# define TLS1_TXT_ADH_WITH_AES_128_SHA                   "ADH-AES128-SHA"
-
-# define TLS1_TXT_RSA_WITH_AES_256_SHA                   "AES256-SHA"
-# define TLS1_TXT_DH_DSS_WITH_AES_256_SHA                "DH-DSS-AES256-SHA"
-# define TLS1_TXT_DH_RSA_WITH_AES_256_SHA                "DH-RSA-AES256-SHA"
-# define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA               "DHE-DSS-AES256-SHA"
-# define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA               "DHE-RSA-AES256-SHA"
-# define TLS1_TXT_ADH_WITH_AES_256_SHA                   "ADH-AES256-SHA"
-
-/* ECC ciphersuites from RFC4492 */
-# define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA               "ECDH-ECDSA-NULL-SHA"
-# define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA            "ECDH-ECDSA-RC4-SHA"
-# define TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA       "ECDH-ECDSA-DES-CBC3-SHA"
-# define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA        "ECDH-ECDSA-AES128-SHA"
-# define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA        "ECDH-ECDSA-AES256-SHA"
-
-# define TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA              "ECDHE-ECDSA-NULL-SHA"
-# define TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA           "ECDHE-ECDSA-RC4-SHA"
-# define TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA      "ECDHE-ECDSA-DES-CBC3-SHA"
-# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA       "ECDHE-ECDSA-AES128-SHA"
-# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA       "ECDHE-ECDSA-AES256-SHA"
-
-# define TLS1_TXT_ECDH_RSA_WITH_NULL_SHA                 "ECDH-RSA-NULL-SHA"
-# define TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA              "ECDH-RSA-RC4-SHA"
-# define TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA         "ECDH-RSA-DES-CBC3-SHA"
-# define TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA          "ECDH-RSA-AES128-SHA"
-# define TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA          "ECDH-RSA-AES256-SHA"
-
-# define TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA                "ECDHE-RSA-NULL-SHA"
-# define TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA             "ECDHE-RSA-RC4-SHA"
-# define TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA        "ECDHE-RSA-DES-CBC3-SHA"
-# define TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA         "ECDHE-RSA-AES128-SHA"
-# define TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA         "ECDHE-RSA-AES256-SHA"
-
-# define TLS1_TXT_ECDH_anon_WITH_NULL_SHA                "AECDH-NULL-SHA"
-# define TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA             "AECDH-RC4-SHA"
-# define TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA        "AECDH-DES-CBC3-SHA"
-# define TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA         "AECDH-AES128-SHA"
-# define TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA         "AECDH-AES256-SHA"
-
-/* PSK ciphersuites from RFC 4279 */
-# define TLS1_TXT_PSK_WITH_RC4_128_SHA                   "PSK-RC4-SHA"
-# define TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA              "PSK-3DES-EDE-CBC-SHA"
-# define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA               "PSK-AES128-CBC-SHA"
-# define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA               "PSK-AES256-CBC-SHA"
-
-/* SRP ciphersuite from RFC 5054 */
-# define TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA          "SRP-3DES-EDE-CBC-SHA"
-# define TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA      "SRP-RSA-3DES-EDE-CBC-SHA"
-# define TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA      "SRP-DSS-3DES-EDE-CBC-SHA"
-# define TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA           "SRP-AES-128-CBC-SHA"
-# define TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA       "SRP-RSA-AES-128-CBC-SHA"
-# define TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA       "SRP-DSS-AES-128-CBC-SHA"
-# define TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA           "SRP-AES-256-CBC-SHA"
-# define TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA       "SRP-RSA-AES-256-CBC-SHA"
-# define TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA       "SRP-DSS-AES-256-CBC-SHA"
-
-/* Camellia ciphersuites from RFC4132 */
-# define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA          "CAMELLIA128-SHA"
-# define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA       "DH-DSS-CAMELLIA128-SHA"
-# define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA       "DH-RSA-CAMELLIA128-SHA"
-# define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA      "DHE-DSS-CAMELLIA128-SHA"
-# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA      "DHE-RSA-CAMELLIA128-SHA"
-# define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA          "ADH-CAMELLIA128-SHA"
-
-# define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA          "CAMELLIA256-SHA"
-# define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA       "DH-DSS-CAMELLIA256-SHA"
-# define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA       "DH-RSA-CAMELLIA256-SHA"
-# define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA      "DHE-DSS-CAMELLIA256-SHA"
-# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA      "DHE-RSA-CAMELLIA256-SHA"
-# define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA          "ADH-CAMELLIA256-SHA"
-
-/* SEED ciphersuites from RFC4162 */
-# define TLS1_TXT_RSA_WITH_SEED_SHA                      "SEED-SHA"
-# define TLS1_TXT_DH_DSS_WITH_SEED_SHA                   "DH-DSS-SEED-SHA"
-# define TLS1_TXT_DH_RSA_WITH_SEED_SHA                   "DH-RSA-SEED-SHA"
-# define TLS1_TXT_DHE_DSS_WITH_SEED_SHA                  "DHE-DSS-SEED-SHA"
-# define TLS1_TXT_DHE_RSA_WITH_SEED_SHA                  "DHE-RSA-SEED-SHA"
-# define TLS1_TXT_ADH_WITH_SEED_SHA                      "ADH-SEED-SHA"
-
-/* TLS v1.2 ciphersuites */
-# define TLS1_TXT_RSA_WITH_NULL_SHA256                   "NULL-SHA256"
-# define TLS1_TXT_RSA_WITH_AES_128_SHA256                "AES128-SHA256"
-# define TLS1_TXT_RSA_WITH_AES_256_SHA256                "AES256-SHA256"
-# define TLS1_TXT_DH_DSS_WITH_AES_128_SHA256             "DH-DSS-AES128-SHA256"
-# define TLS1_TXT_DH_RSA_WITH_AES_128_SHA256             "DH-RSA-AES128-SHA256"
-# define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256            "DHE-DSS-AES128-SHA256"
-# define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256            "DHE-RSA-AES128-SHA256"
-# define TLS1_TXT_DH_DSS_WITH_AES_256_SHA256             "DH-DSS-AES256-SHA256"
-# define TLS1_TXT_DH_RSA_WITH_AES_256_SHA256             "DH-RSA-AES256-SHA256"
-# define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256            "DHE-DSS-AES256-SHA256"
-# define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256            "DHE-RSA-AES256-SHA256"
-# define TLS1_TXT_ADH_WITH_AES_128_SHA256                "ADH-AES128-SHA256"
-# define TLS1_TXT_ADH_WITH_AES_256_SHA256                "ADH-AES256-SHA256"
-
-/* TLS v1.2 GCM ciphersuites from RFC5288 */
-# define TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256            "AES128-GCM-SHA256"
-# define TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384            "AES256-GCM-SHA384"
-# define TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256        "DHE-RSA-AES128-GCM-SHA256"
-# define TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384        "DHE-RSA-AES256-GCM-SHA384"
-# define TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256         "DH-RSA-AES128-GCM-SHA256"
-# define TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384         "DH-RSA-AES256-GCM-SHA384"
-# define TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256        "DHE-DSS-AES128-GCM-SHA256"
-# define TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384        "DHE-DSS-AES256-GCM-SHA384"
-# define TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256         "DH-DSS-AES128-GCM-SHA256"
-# define TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384         "DH-DSS-AES256-GCM-SHA384"
-# define TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256            "ADH-AES128-GCM-SHA256"
-# define TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384            "ADH-AES256-GCM-SHA384"
-
-/* ECDH HMAC based ciphersuites from RFC5289 */
-
-# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256    "ECDHE-ECDSA-AES128-SHA256"
-# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384    "ECDHE-ECDSA-AES256-SHA384"
-# define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256     "ECDH-ECDSA-AES128-SHA256"
-# define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384     "ECDH-ECDSA-AES256-SHA384"
-# define TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256      "ECDHE-RSA-AES128-SHA256"
-# define TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384      "ECDHE-RSA-AES256-SHA384"
-# define TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256       "ECDH-RSA-AES128-SHA256"
-# define TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384       "ECDH-RSA-AES256-SHA384"
-
-/* ECDH GCM based ciphersuites from RFC5289 */
-# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256    "ECDHE-ECDSA-AES128-GCM-SHA256"
-# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384    "ECDHE-ECDSA-AES256-GCM-SHA384"
-# define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256     "ECDH-ECDSA-AES128-GCM-SHA256"
-# define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384     "ECDH-ECDSA-AES256-GCM-SHA384"
-# define TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256      "ECDHE-RSA-AES128-GCM-SHA256"
-# define TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384      "ECDHE-RSA-AES256-GCM-SHA384"
-# define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256       "ECDH-RSA-AES128-GCM-SHA256"
-# define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384       "ECDH-RSA-AES256-GCM-SHA384"
-
-# define TLS_CT_RSA_SIGN                 1
-# define TLS_CT_DSS_SIGN                 2
-# define TLS_CT_RSA_FIXED_DH             3
-# define TLS_CT_DSS_FIXED_DH             4
-# define TLS_CT_ECDSA_SIGN               64
-# define TLS_CT_RSA_FIXED_ECDH           65
-# define TLS_CT_ECDSA_FIXED_ECDH         66
-# define TLS_CT_GOST94_SIGN              21
-# define TLS_CT_GOST01_SIGN              22
-/*
- * when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
- * comment there)
- */
-# define TLS_CT_NUMBER                   9
-
-# define TLS1_FINISH_MAC_LENGTH          12
-
-# define TLS_MD_MAX_CONST_SIZE                   20
-# define TLS_MD_CLIENT_FINISH_CONST              "client finished"
-# define TLS_MD_CLIENT_FINISH_CONST_SIZE         15
-# define TLS_MD_SERVER_FINISH_CONST              "server finished"
-# define TLS_MD_SERVER_FINISH_CONST_SIZE         15
-# define TLS_MD_SERVER_WRITE_KEY_CONST           "server write key"
-# define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE      16
-# define TLS_MD_KEY_EXPANSION_CONST              "key expansion"
-# define TLS_MD_KEY_EXPANSION_CONST_SIZE         13
-# define TLS_MD_CLIENT_WRITE_KEY_CONST           "client write key"
-# define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE      16
-# define TLS_MD_SERVER_WRITE_KEY_CONST           "server write key"
-# define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE      16
-# define TLS_MD_IV_BLOCK_CONST                   "IV block"
-# define TLS_MD_IV_BLOCK_CONST_SIZE              8
-# define TLS_MD_MASTER_SECRET_CONST              "master secret"
-# define TLS_MD_MASTER_SECRET_CONST_SIZE         13
-
-# ifdef CHARSET_EBCDIC
-#  undef TLS_MD_CLIENT_FINISH_CONST
-/*
- * client finished
- */
-#  define TLS_MD_CLIENT_FINISH_CONST    "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
-
-#  undef TLS_MD_SERVER_FINISH_CONST
-/*
- * server finished
- */
-#  define TLS_MD_SERVER_FINISH_CONST    "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
-
-#  undef TLS_MD_SERVER_WRITE_KEY_CONST
-/*
- * server write key
- */
-#  define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
-
-#  undef TLS_MD_KEY_EXPANSION_CONST
-/*
- * key expansion
- */
-#  define TLS_MD_KEY_EXPANSION_CONST    "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e"
-
-#  undef TLS_MD_CLIENT_WRITE_KEY_CONST
-/*
- * client write key
- */
-#  define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
-
-#  undef TLS_MD_SERVER_WRITE_KEY_CONST
-/*
- * server write key
- */
-#  define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
-
-#  undef TLS_MD_IV_BLOCK_CONST
-/*
- * IV block
- */
-#  define TLS_MD_IV_BLOCK_CONST         "\x49\x56\x20\x62\x6c\x6f\x63\x6b"
-
-#  undef TLS_MD_MASTER_SECRET_CONST
-/*
- * master secret
- */
-#  define TLS_MD_MASTER_SECRET_CONST    "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"
-# endif
-
-/* TLS Session Ticket extension struct */
-struct tls_session_ticket_ext_st {
-    unsigned short length;
-    void *data;
-};
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/ts.h b/thirdparty/openssl/openssl/ts.h
deleted file mode 100644
index 2daa1b2fb5..0000000000
--- a/thirdparty/openssl/openssl/ts.h
+++ /dev/null
@@ -1,865 +0,0 @@
-/* crypto/ts/ts.h */
-/*
- * Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL project
- * 2002, 2003, 2004.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_TS_H
-# define HEADER_TS_H
-
-# include <openssl/opensslconf.h>
-# include <openssl/symhacks.h>
-# ifndef OPENSSL_NO_BUFFER
-#  include <openssl/buffer.h>
-# endif
-# ifndef OPENSSL_NO_EVP
-#  include <openssl/evp.h>
-# endif
-# ifndef OPENSSL_NO_BIO
-#  include <openssl/bio.h>
-# endif
-# include <openssl/stack.h>
-# include <openssl/asn1.h>
-# include <openssl/safestack.h>
-
-# ifndef OPENSSL_NO_RSA
-#  include <openssl/rsa.h>
-# endif
-
-# ifndef OPENSSL_NO_DSA
-#  include <openssl/dsa.h>
-# endif
-
-# ifndef OPENSSL_NO_DH
-#  include <openssl/dh.h>
-# endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# ifdef WIN32
-/* Under Win32 this is defined in wincrypt.h */
-#  undef X509_NAME
-# endif
-
-# include <openssl/x509.h>
-# include <openssl/x509v3.h>
-
-/*-
-MessageImprint ::= SEQUENCE  {
-     hashAlgorithm                AlgorithmIdentifier,
-     hashedMessage                OCTET STRING  }
-*/
-
-typedef struct TS_msg_imprint_st {
-    X509_ALGOR *hash_algo;
-    ASN1_OCTET_STRING *hashed_msg;
-} TS_MSG_IMPRINT;
-
-/*-
-TimeStampReq ::= SEQUENCE  {
-   version                  INTEGER  { v1(1) },
-   messageImprint           MessageImprint,
-     --a hash algorithm OID and the hash value of the data to be
-     --time-stamped
-   reqPolicy                TSAPolicyId                OPTIONAL,
-   nonce                    INTEGER                    OPTIONAL,
-   certReq                  BOOLEAN                    DEFAULT FALSE,
-   extensions               [0] IMPLICIT Extensions    OPTIONAL  }
-*/
-
-typedef struct TS_req_st {
-    ASN1_INTEGER *version;
-    TS_MSG_IMPRINT *msg_imprint;
-    ASN1_OBJECT *policy_id;     /* OPTIONAL */
-    ASN1_INTEGER *nonce;        /* OPTIONAL */
-    ASN1_BOOLEAN cert_req;      /* DEFAULT FALSE */
-    STACK_OF(X509_EXTENSION) *extensions; /* [0] OPTIONAL */
-} TS_REQ;
-
-/*-
-Accuracy ::= SEQUENCE {
-                seconds        INTEGER           OPTIONAL,
-                millis     [0] INTEGER  (1..999) OPTIONAL,
-                micros     [1] INTEGER  (1..999) OPTIONAL  }
-*/
-
-typedef struct TS_accuracy_st {
-    ASN1_INTEGER *seconds;
-    ASN1_INTEGER *millis;
-    ASN1_INTEGER *micros;
-} TS_ACCURACY;
-
-/*-
-TSTInfo ::= SEQUENCE  {
-    version                      INTEGER  { v1(1) },
-    policy                       TSAPolicyId,
-    messageImprint               MessageImprint,
-      -- MUST have the same value as the similar field in
-      -- TimeStampReq
-    serialNumber                 INTEGER,
-     -- Time-Stamping users MUST be ready to accommodate integers
-     -- up to 160 bits.
-    genTime                      GeneralizedTime,
-    accuracy                     Accuracy                 OPTIONAL,
-    ordering                     BOOLEAN             DEFAULT FALSE,
-    nonce                        INTEGER                  OPTIONAL,
-      -- MUST be present if the similar field was present
-      -- in TimeStampReq.  In that case it MUST have the same value.
-    tsa                          [0] GeneralName          OPTIONAL,
-    extensions                   [1] IMPLICIT Extensions  OPTIONAL   }
-*/
-
-typedef struct TS_tst_info_st {
-    ASN1_INTEGER *version;
-    ASN1_OBJECT *policy_id;
-    TS_MSG_IMPRINT *msg_imprint;
-    ASN1_INTEGER *serial;
-    ASN1_GENERALIZEDTIME *time;
-    TS_ACCURACY *accuracy;
-    ASN1_BOOLEAN ordering;
-    ASN1_INTEGER *nonce;
-    GENERAL_NAME *tsa;
-    STACK_OF(X509_EXTENSION) *extensions;
-} TS_TST_INFO;
-
-/*-
-PKIStatusInfo ::= SEQUENCE {
-    status        PKIStatus,
-    statusString  PKIFreeText     OPTIONAL,
-    failInfo      PKIFailureInfo  OPTIONAL  }
-
-From RFC 1510 - section 3.1.1:
-PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String
-        -- text encoded as UTF-8 String (note:  each UTF8String SHOULD
-        -- include an RFC 1766 language tag to indicate the language
-        -- of the contained text)
-*/
-
-/* Possible values for status. See ts_resp_print.c && ts_resp_verify.c. */
-
-# define TS_STATUS_GRANTED                       0
-# define TS_STATUS_GRANTED_WITH_MODS             1
-# define TS_STATUS_REJECTION                     2
-# define TS_STATUS_WAITING                       3
-# define TS_STATUS_REVOCATION_WARNING            4
-# define TS_STATUS_REVOCATION_NOTIFICATION       5
-
-/*
- * Possible values for failure_info. See ts_resp_print.c && ts_resp_verify.c
- */
-
-# define TS_INFO_BAD_ALG                 0
-# define TS_INFO_BAD_REQUEST             2
-# define TS_INFO_BAD_DATA_FORMAT         5
-# define TS_INFO_TIME_NOT_AVAILABLE      14
-# define TS_INFO_UNACCEPTED_POLICY       15
-# define TS_INFO_UNACCEPTED_EXTENSION    16
-# define TS_INFO_ADD_INFO_NOT_AVAILABLE  17
-# define TS_INFO_SYSTEM_FAILURE          25
-
-typedef struct TS_status_info_st {
-    ASN1_INTEGER *status;
-    STACK_OF(ASN1_UTF8STRING) *text;
-    ASN1_BIT_STRING *failure_info;
-} TS_STATUS_INFO;
-
-DECLARE_STACK_OF(ASN1_UTF8STRING)
-DECLARE_ASN1_SET_OF(ASN1_UTF8STRING)
-
-/*-
-TimeStampResp ::= SEQUENCE  {
-     status                  PKIStatusInfo,
-     timeStampToken          TimeStampToken     OPTIONAL }
-*/
-
-typedef struct TS_resp_st {
-    TS_STATUS_INFO *status_info;
-    PKCS7 *token;
-    TS_TST_INFO *tst_info;
-} TS_RESP;
-
-/* The structure below would belong to the ESS component. */
-
-/*-
-IssuerSerial ::= SEQUENCE {
-        issuer                   GeneralNames,
-        serialNumber             CertificateSerialNumber
-        }
-*/
-
-typedef struct ESS_issuer_serial {
-    STACK_OF(GENERAL_NAME) *issuer;
-    ASN1_INTEGER *serial;
-} ESS_ISSUER_SERIAL;
-
-/*-
-ESSCertID ::=  SEQUENCE {
-        certHash                 Hash,
-        issuerSerial             IssuerSerial OPTIONAL
-}
-*/
-
-typedef struct ESS_cert_id {
-    ASN1_OCTET_STRING *hash;    /* Always SHA-1 digest. */
-    ESS_ISSUER_SERIAL *issuer_serial;
-} ESS_CERT_ID;
-
-DECLARE_STACK_OF(ESS_CERT_ID)
-DECLARE_ASN1_SET_OF(ESS_CERT_ID)
-
-/*-
-SigningCertificate ::=  SEQUENCE {
-       certs        SEQUENCE OF ESSCertID,
-       policies     SEQUENCE OF PolicyInformation OPTIONAL
-}
-*/
-
-typedef struct ESS_signing_cert {
-    STACK_OF(ESS_CERT_ID) *cert_ids;
-    STACK_OF(POLICYINFO) *policy_info;
-} ESS_SIGNING_CERT;
-
-TS_REQ *TS_REQ_new(void);
-void TS_REQ_free(TS_REQ *a);
-int i2d_TS_REQ(const TS_REQ *a, unsigned char **pp);
-TS_REQ *d2i_TS_REQ(TS_REQ **a, const unsigned char **pp, long length);
-
-TS_REQ *TS_REQ_dup(TS_REQ *a);
-
-TS_REQ *d2i_TS_REQ_fp(FILE *fp, TS_REQ **a);
-int i2d_TS_REQ_fp(FILE *fp, TS_REQ *a);
-TS_REQ *d2i_TS_REQ_bio(BIO *fp, TS_REQ **a);
-int i2d_TS_REQ_bio(BIO *fp, TS_REQ *a);
-
-TS_MSG_IMPRINT *TS_MSG_IMPRINT_new(void);
-void TS_MSG_IMPRINT_free(TS_MSG_IMPRINT *a);
-int i2d_TS_MSG_IMPRINT(const TS_MSG_IMPRINT *a, unsigned char **pp);
-TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT **a,
-                                   const unsigned char **pp, long length);
-
-TS_MSG_IMPRINT *TS_MSG_IMPRINT_dup(TS_MSG_IMPRINT *a);
-
-TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a);
-int i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a);
-TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT **a);
-int i2d_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT *a);
-
-TS_RESP *TS_RESP_new(void);
-void TS_RESP_free(TS_RESP *a);
-int i2d_TS_RESP(const TS_RESP *a, unsigned char **pp);
-TS_RESP *d2i_TS_RESP(TS_RESP **a, const unsigned char **pp, long length);
-TS_TST_INFO *PKCS7_to_TS_TST_INFO(PKCS7 *token);
-TS_RESP *TS_RESP_dup(TS_RESP *a);
-
-TS_RESP *d2i_TS_RESP_fp(FILE *fp, TS_RESP **a);
-int i2d_TS_RESP_fp(FILE *fp, TS_RESP *a);
-TS_RESP *d2i_TS_RESP_bio(BIO *fp, TS_RESP **a);
-int i2d_TS_RESP_bio(BIO *fp, TS_RESP *a);
-
-TS_STATUS_INFO *TS_STATUS_INFO_new(void);
-void TS_STATUS_INFO_free(TS_STATUS_INFO *a);
-int i2d_TS_STATUS_INFO(const TS_STATUS_INFO *a, unsigned char **pp);
-TS_STATUS_INFO *d2i_TS_STATUS_INFO(TS_STATUS_INFO **a,
-                                   const unsigned char **pp, long length);
-TS_STATUS_INFO *TS_STATUS_INFO_dup(TS_STATUS_INFO *a);
-
-TS_TST_INFO *TS_TST_INFO_new(void);
-void TS_TST_INFO_free(TS_TST_INFO *a);
-int i2d_TS_TST_INFO(const TS_TST_INFO *a, unsigned char **pp);
-TS_TST_INFO *d2i_TS_TST_INFO(TS_TST_INFO **a, const unsigned char **pp,
-                             long length);
-TS_TST_INFO *TS_TST_INFO_dup(TS_TST_INFO *a);
-
-TS_TST_INFO *d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a);
-int i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a);
-TS_TST_INFO *d2i_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO **a);
-int i2d_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO *a);
-
-TS_ACCURACY *TS_ACCURACY_new(void);
-void TS_ACCURACY_free(TS_ACCURACY *a);
-int i2d_TS_ACCURACY(const TS_ACCURACY *a, unsigned char **pp);
-TS_ACCURACY *d2i_TS_ACCURACY(TS_ACCURACY **a, const unsigned char **pp,
-                             long length);
-TS_ACCURACY *TS_ACCURACY_dup(TS_ACCURACY *a);
-
-ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_new(void);
-void ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL *a);
-int i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL *a, unsigned char **pp);
-ESS_ISSUER_SERIAL *d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL **a,
-                                         const unsigned char **pp,
-                                         long length);
-ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL *a);
-
-ESS_CERT_ID *ESS_CERT_ID_new(void);
-void ESS_CERT_ID_free(ESS_CERT_ID *a);
-int i2d_ESS_CERT_ID(const ESS_CERT_ID *a, unsigned char **pp);
-ESS_CERT_ID *d2i_ESS_CERT_ID(ESS_CERT_ID **a, const unsigned char **pp,
-                             long length);
-ESS_CERT_ID *ESS_CERT_ID_dup(ESS_CERT_ID *a);
-
-ESS_SIGNING_CERT *ESS_SIGNING_CERT_new(void);
-void ESS_SIGNING_CERT_free(ESS_SIGNING_CERT *a);
-int i2d_ESS_SIGNING_CERT(const ESS_SIGNING_CERT *a, unsigned char **pp);
-ESS_SIGNING_CERT *d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT **a,
-                                       const unsigned char **pp, long length);
-ESS_SIGNING_CERT *ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT *a);
-
-void ERR_load_TS_strings(void);
-
-int TS_REQ_set_version(TS_REQ *a, long version);
-long TS_REQ_get_version(const TS_REQ *a);
-
-int TS_REQ_set_msg_imprint(TS_REQ *a, TS_MSG_IMPRINT *msg_imprint);
-TS_MSG_IMPRINT *TS_REQ_get_msg_imprint(TS_REQ *a);
-
-int TS_MSG_IMPRINT_set_algo(TS_MSG_IMPRINT *a, X509_ALGOR *alg);
-X509_ALGOR *TS_MSG_IMPRINT_get_algo(TS_MSG_IMPRINT *a);
-
-int TS_MSG_IMPRINT_set_msg(TS_MSG_IMPRINT *a, unsigned char *d, int len);
-ASN1_OCTET_STRING *TS_MSG_IMPRINT_get_msg(TS_MSG_IMPRINT *a);
-
-int TS_REQ_set_policy_id(TS_REQ *a, ASN1_OBJECT *policy);
-ASN1_OBJECT *TS_REQ_get_policy_id(TS_REQ *a);
-
-int TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce);
-const ASN1_INTEGER *TS_REQ_get_nonce(const TS_REQ *a);
-
-int TS_REQ_set_cert_req(TS_REQ *a, int cert_req);
-int TS_REQ_get_cert_req(const TS_REQ *a);
-
-STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a);
-void TS_REQ_ext_free(TS_REQ *a);
-int TS_REQ_get_ext_count(TS_REQ *a);
-int TS_REQ_get_ext_by_NID(TS_REQ *a, int nid, int lastpos);
-int TS_REQ_get_ext_by_OBJ(TS_REQ *a, ASN1_OBJECT *obj, int lastpos);
-int TS_REQ_get_ext_by_critical(TS_REQ *a, int crit, int lastpos);
-X509_EXTENSION *TS_REQ_get_ext(TS_REQ *a, int loc);
-X509_EXTENSION *TS_REQ_delete_ext(TS_REQ *a, int loc);
-int TS_REQ_add_ext(TS_REQ *a, X509_EXTENSION *ex, int loc);
-void *TS_REQ_get_ext_d2i(TS_REQ *a, int nid, int *crit, int *idx);
-
-/* Function declarations for TS_REQ defined in ts/ts_req_print.c */
-
-int TS_REQ_print_bio(BIO *bio, TS_REQ *a);
-
-/* Function declarations for TS_RESP defined in ts/ts_resp_utils.c */
-
-int TS_RESP_set_status_info(TS_RESP *a, TS_STATUS_INFO *info);
-TS_STATUS_INFO *TS_RESP_get_status_info(TS_RESP *a);
-
-/* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */
-void TS_RESP_set_tst_info(TS_RESP *a, PKCS7 *p7, TS_TST_INFO *tst_info);
-PKCS7 *TS_RESP_get_token(TS_RESP *a);
-TS_TST_INFO *TS_RESP_get_tst_info(TS_RESP *a);
-
-int TS_TST_INFO_set_version(TS_TST_INFO *a, long version);
-long TS_TST_INFO_get_version(const TS_TST_INFO *a);
-
-int TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy_id);
-ASN1_OBJECT *TS_TST_INFO_get_policy_id(TS_TST_INFO *a);
-
-int TS_TST_INFO_set_msg_imprint(TS_TST_INFO *a, TS_MSG_IMPRINT *msg_imprint);
-TS_MSG_IMPRINT *TS_TST_INFO_get_msg_imprint(TS_TST_INFO *a);
-
-int TS_TST_INFO_set_serial(TS_TST_INFO *a, const ASN1_INTEGER *serial);
-const ASN1_INTEGER *TS_TST_INFO_get_serial(const TS_TST_INFO *a);
-
-int TS_TST_INFO_set_time(TS_TST_INFO *a, const ASN1_GENERALIZEDTIME *gtime);
-const ASN1_GENERALIZEDTIME *TS_TST_INFO_get_time(const TS_TST_INFO *a);
-
-int TS_TST_INFO_set_accuracy(TS_TST_INFO *a, TS_ACCURACY *accuracy);
-TS_ACCURACY *TS_TST_INFO_get_accuracy(TS_TST_INFO *a);
-
-int TS_ACCURACY_set_seconds(TS_ACCURACY *a, const ASN1_INTEGER *seconds);
-const ASN1_INTEGER *TS_ACCURACY_get_seconds(const TS_ACCURACY *a);
-
-int TS_ACCURACY_set_millis(TS_ACCURACY *a, const ASN1_INTEGER *millis);
-const ASN1_INTEGER *TS_ACCURACY_get_millis(const TS_ACCURACY *a);
-
-int TS_ACCURACY_set_micros(TS_ACCURACY *a, const ASN1_INTEGER *micros);
-const ASN1_INTEGER *TS_ACCURACY_get_micros(const TS_ACCURACY *a);
-
-int TS_TST_INFO_set_ordering(TS_TST_INFO *a, int ordering);
-int TS_TST_INFO_get_ordering(const TS_TST_INFO *a);
-
-int TS_TST_INFO_set_nonce(TS_TST_INFO *a, const ASN1_INTEGER *nonce);
-const ASN1_INTEGER *TS_TST_INFO_get_nonce(const TS_TST_INFO *a);
-
-int TS_TST_INFO_set_tsa(TS_TST_INFO *a, GENERAL_NAME *tsa);
-GENERAL_NAME *TS_TST_INFO_get_tsa(TS_TST_INFO *a);
-
-STACK_OF(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO *a);
-void TS_TST_INFO_ext_free(TS_TST_INFO *a);
-int TS_TST_INFO_get_ext_count(TS_TST_INFO *a);
-int TS_TST_INFO_get_ext_by_NID(TS_TST_INFO *a, int nid, int lastpos);
-int TS_TST_INFO_get_ext_by_OBJ(TS_TST_INFO *a, ASN1_OBJECT *obj, int lastpos);
-int TS_TST_INFO_get_ext_by_critical(TS_TST_INFO *a, int crit, int lastpos);
-X509_EXTENSION *TS_TST_INFO_get_ext(TS_TST_INFO *a, int loc);
-X509_EXTENSION *TS_TST_INFO_delete_ext(TS_TST_INFO *a, int loc);
-int TS_TST_INFO_add_ext(TS_TST_INFO *a, X509_EXTENSION *ex, int loc);
-void *TS_TST_INFO_get_ext_d2i(TS_TST_INFO *a, int nid, int *crit, int *idx);
-
-/*
- * Declarations related to response generation, defined in ts/ts_resp_sign.c.
- */
-
-/* Optional flags for response generation. */
-
-/* Don't include the TSA name in response. */
-# define TS_TSA_NAME             0x01
-
-/* Set ordering to true in response. */
-# define TS_ORDERING             0x02
-
-/*
- * Include the signer certificate and the other specified certificates in
- * the ESS signing certificate attribute beside the PKCS7 signed data.
- * Only the signer certificates is included by default.
- */
-# define TS_ESS_CERT_ID_CHAIN    0x04
-
-/* Forward declaration. */
-struct TS_resp_ctx;
-
-/* This must return a unique number less than 160 bits long. */
-typedef ASN1_INTEGER *(*TS_serial_cb) (struct TS_resp_ctx *, void *);
-
-/*
- * This must return the seconds and microseconds since Jan 1, 1970 in the sec
- * and usec variables allocated by the caller. Return non-zero for success
- * and zero for failure.
- */
-typedef int (*TS_time_cb) (struct TS_resp_ctx *, void *, long *sec,
-                           long *usec);
-
-/*
- * This must process the given extension. It can modify the TS_TST_INFO
- * object of the context. Return values: !0 (processed), 0 (error, it must
- * set the status info/failure info of the response).
- */
-typedef int (*TS_extension_cb) (struct TS_resp_ctx *, X509_EXTENSION *,
-                                void *);
-
-typedef struct TS_resp_ctx {
-    X509 *signer_cert;
-    EVP_PKEY *signer_key;
-    STACK_OF(X509) *certs;      /* Certs to include in signed data. */
-    STACK_OF(ASN1_OBJECT) *policies; /* Acceptable policies. */
-    ASN1_OBJECT *default_policy; /* It may appear in policies, too. */
-    STACK_OF(EVP_MD) *mds;      /* Acceptable message digests. */
-    ASN1_INTEGER *seconds;      /* accuracy, 0 means not specified. */
-    ASN1_INTEGER *millis;       /* accuracy, 0 means not specified. */
-    ASN1_INTEGER *micros;       /* accuracy, 0 means not specified. */
-    unsigned clock_precision_digits; /* fraction of seconds in time stamp
-                                      * token. */
-    unsigned flags;             /* Optional info, see values above. */
-    /* Callback functions. */
-    TS_serial_cb serial_cb;
-    void *serial_cb_data;       /* User data for serial_cb. */
-    TS_time_cb time_cb;
-    void *time_cb_data;         /* User data for time_cb. */
-    TS_extension_cb extension_cb;
-    void *extension_cb_data;    /* User data for extension_cb. */
-    /* These members are used only while creating the response. */
-    TS_REQ *request;
-    TS_RESP *response;
-    TS_TST_INFO *tst_info;
-} TS_RESP_CTX;
-
-DECLARE_STACK_OF(EVP_MD)
-DECLARE_ASN1_SET_OF(EVP_MD)
-
-/* Creates a response context that can be used for generating responses. */
-TS_RESP_CTX *TS_RESP_CTX_new(void);
-void TS_RESP_CTX_free(TS_RESP_CTX *ctx);
-
-/* This parameter must be set. */
-int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer);
-
-/* This parameter must be set. */
-int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key);
-
-/* This parameter must be set. */
-int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy);
-
-/* No additional certs are included in the response by default. */
-int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs);
-
-/*
- * Adds a new acceptable policy, only the default policy is accepted by
- * default.
- */
-int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *policy);
-
-/*
- * Adds a new acceptable message digest. Note that no message digests are
- * accepted by default. The md argument is shared with the caller.
- */
-int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md);
-
-/* Accuracy is not included by default. */
-int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx,
-                             int secs, int millis, int micros);
-
-/*
- * Clock precision digits, i.e. the number of decimal digits: '0' means sec,
- * '3' msec, '6' usec, and so on. Default is 0.
- */
-int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx,
-                                           unsigned clock_precision_digits);
-/* At most we accept usec precision. */
-# define TS_MAX_CLOCK_PRECISION_DIGITS   6
-
-/* Maximum status message length */
-# define TS_MAX_STATUS_LENGTH   (1024 * 1024)
-
-/* No flags are set by default. */
-void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags);
-
-/* Default callback always returns a constant. */
-void TS_RESP_CTX_set_serial_cb(TS_RESP_CTX *ctx, TS_serial_cb cb, void *data);
-
-/* Default callback uses the gettimeofday() and gmtime() system calls. */
-void TS_RESP_CTX_set_time_cb(TS_RESP_CTX *ctx, TS_time_cb cb, void *data);
-
-/*
- * Default callback rejects all extensions. The extension callback is called
- * when the TS_TST_INFO object is already set up and not signed yet.
- */
-/* FIXME: extension handling is not tested yet. */
-void TS_RESP_CTX_set_extension_cb(TS_RESP_CTX *ctx,
-                                  TS_extension_cb cb, void *data);
-
-/* The following methods can be used in the callbacks. */
-int TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx,
-                                int status, const char *text);
-
-/* Sets the status info only if it is still TS_STATUS_GRANTED. */
-int TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX *ctx,
-                                     int status, const char *text);
-
-int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure);
-
-/* The get methods below can be used in the extension callback. */
-TS_REQ *TS_RESP_CTX_get_request(TS_RESP_CTX *ctx);
-
-TS_TST_INFO *TS_RESP_CTX_get_tst_info(TS_RESP_CTX *ctx);
-
-/*
- * Creates the signed TS_TST_INFO and puts it in TS_RESP.
- * In case of errors it sets the status info properly.
- * Returns NULL only in case of memory allocation/fatal error.
- */
-TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio);
-
-/*
- * Declarations related to response verification,
- * they are defined in ts/ts_resp_verify.c.
- */
-
-int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
-                             X509_STORE *store, X509 **signer_out);
-
-/* Context structure for the generic verify method. */
-
-/* Verify the signer's certificate and the signature of the response. */
-# define TS_VFY_SIGNATURE        (1u << 0)
-/* Verify the version number of the response. */
-# define TS_VFY_VERSION          (1u << 1)
-/* Verify if the policy supplied by the user matches the policy of the TSA. */
-# define TS_VFY_POLICY           (1u << 2)
-/*
- * Verify the message imprint provided by the user. This flag should not be
- * specified with TS_VFY_DATA.
- */
-# define TS_VFY_IMPRINT          (1u << 3)
-/*
- * Verify the message imprint computed by the verify method from the user
- * provided data and the MD algorithm of the response. This flag should not
- * be specified with TS_VFY_IMPRINT.
- */
-# define TS_VFY_DATA             (1u << 4)
-/* Verify the nonce value. */
-# define TS_VFY_NONCE            (1u << 5)
-/* Verify if the TSA name field matches the signer certificate. */
-# define TS_VFY_SIGNER           (1u << 6)
-/* Verify if the TSA name field equals to the user provided name. */
-# define TS_VFY_TSA_NAME         (1u << 7)
-
-/* You can use the following convenience constants. */
-# define TS_VFY_ALL_IMPRINT      (TS_VFY_SIGNATURE       \
-                                 | TS_VFY_VERSION       \
-                                 | TS_VFY_POLICY        \
-                                 | TS_VFY_IMPRINT       \
-                                 | TS_VFY_NONCE         \
-                                 | TS_VFY_SIGNER        \
-                                 | TS_VFY_TSA_NAME)
-# define TS_VFY_ALL_DATA         (TS_VFY_SIGNATURE       \
-                                 | TS_VFY_VERSION       \
-                                 | TS_VFY_POLICY        \
-                                 | TS_VFY_DATA          \
-                                 | TS_VFY_NONCE         \
-                                 | TS_VFY_SIGNER        \
-                                 | TS_VFY_TSA_NAME)
-
-typedef struct TS_verify_ctx {
-    /* Set this to the union of TS_VFY_... flags you want to carry out. */
-    unsigned flags;
-    /* Must be set only with TS_VFY_SIGNATURE. certs is optional. */
-    X509_STORE *store;
-    STACK_OF(X509) *certs;
-    /* Must be set only with TS_VFY_POLICY. */
-    ASN1_OBJECT *policy;
-    /*
-     * Must be set only with TS_VFY_IMPRINT. If md_alg is NULL, the
-     * algorithm from the response is used.
-     */
-    X509_ALGOR *md_alg;
-    unsigned char *imprint;
-    unsigned imprint_len;
-    /* Must be set only with TS_VFY_DATA. */
-    BIO *data;
-    /* Must be set only with TS_VFY_TSA_NAME. */
-    ASN1_INTEGER *nonce;
-    /* Must be set only with TS_VFY_TSA_NAME. */
-    GENERAL_NAME *tsa_name;
-} TS_VERIFY_CTX;
-
-int TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response);
-int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token);
-
-/*
- * Declarations related to response verification context,
- * they are defined in ts/ts_verify_ctx.c.
- */
-
-/* Set all fields to zero. */
-TS_VERIFY_CTX *TS_VERIFY_CTX_new(void);
-void TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx);
-void TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx);
-void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx);
-
-/*-
- * If ctx is NULL, it allocates and returns a new object, otherwise
- * it returns ctx. It initialises all the members as follows:
- * flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE)
- * certs = NULL
- * store = NULL
- * policy = policy from the request or NULL if absent (in this case
- *      TS_VFY_POLICY is cleared from flags as well)
- * md_alg = MD algorithm from request
- * imprint, imprint_len = imprint from request
- * data = NULL
- * nonce, nonce_len = nonce from the request or NULL if absent (in this case
- *      TS_VFY_NONCE is cleared from flags as well)
- * tsa_name = NULL
- * Important: after calling this method TS_VFY_SIGNATURE should be added!
- */
-TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx);
-
-/* Function declarations for TS_RESP defined in ts/ts_resp_print.c */
-
-int TS_RESP_print_bio(BIO *bio, TS_RESP *a);
-int TS_STATUS_INFO_print_bio(BIO *bio, TS_STATUS_INFO *a);
-int TS_TST_INFO_print_bio(BIO *bio, TS_TST_INFO *a);
-
-/* Common utility functions defined in ts/ts_lib.c */
-
-int TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num);
-int TS_OBJ_print_bio(BIO *bio, const ASN1_OBJECT *obj);
-int TS_ext_print_bio(BIO *bio, const STACK_OF(X509_EXTENSION) *extensions);
-int TS_X509_ALGOR_print_bio(BIO *bio, const X509_ALGOR *alg);
-int TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *msg);
-
-/*
- * Function declarations for handling configuration options, defined in
- * ts/ts_conf.c
- */
-
-X509 *TS_CONF_load_cert(const char *file);
-STACK_OF(X509) *TS_CONF_load_certs(const char *file);
-EVP_PKEY *TS_CONF_load_key(const char *file, const char *pass);
-const char *TS_CONF_get_tsa_section(CONF *conf, const char *section);
-int TS_CONF_set_serial(CONF *conf, const char *section, TS_serial_cb cb,
-                       TS_RESP_CTX *ctx);
-int TS_CONF_set_crypto_device(CONF *conf, const char *section,
-                              const char *device);
-int TS_CONF_set_default_engine(const char *name);
-int TS_CONF_set_signer_cert(CONF *conf, const char *section,
-                            const char *cert, TS_RESP_CTX *ctx);
-int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs,
-                      TS_RESP_CTX *ctx);
-int TS_CONF_set_signer_key(CONF *conf, const char *section,
-                           const char *key, const char *pass,
-                           TS_RESP_CTX *ctx);
-int TS_CONF_set_def_policy(CONF *conf, const char *section,
-                           const char *policy, TS_RESP_CTX *ctx);
-int TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx);
-int TS_CONF_set_digests(CONF *conf, const char *section, TS_RESP_CTX *ctx);
-int TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx);
-int TS_CONF_set_clock_precision_digits(CONF *conf, const char *section,
-                                       TS_RESP_CTX *ctx);
-int TS_CONF_set_ordering(CONF *conf, const char *section, TS_RESP_CTX *ctx);
-int TS_CONF_set_tsa_name(CONF *conf, const char *section, TS_RESP_CTX *ctx);
-int TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section,
-                                  TS_RESP_CTX *ctx);
-
-/* -------------------------------------------------- */
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_TS_strings(void);
-
-/* Error codes for the TS functions. */
-
-/* Function codes. */
-# define TS_F_D2I_TS_RESP                                 147
-# define TS_F_DEF_SERIAL_CB                               110
-# define TS_F_DEF_TIME_CB                                 111
-# define TS_F_ESS_ADD_SIGNING_CERT                        112
-# define TS_F_ESS_CERT_ID_NEW_INIT                        113
-# define TS_F_ESS_SIGNING_CERT_NEW_INIT                   114
-# define TS_F_INT_TS_RESP_VERIFY_TOKEN                    149
-# define TS_F_PKCS7_TO_TS_TST_INFO                        148
-# define TS_F_TS_ACCURACY_SET_MICROS                      115
-# define TS_F_TS_ACCURACY_SET_MILLIS                      116
-# define TS_F_TS_ACCURACY_SET_SECONDS                     117
-# define TS_F_TS_CHECK_IMPRINTS                           100
-# define TS_F_TS_CHECK_NONCES                             101
-# define TS_F_TS_CHECK_POLICY                             102
-# define TS_F_TS_CHECK_SIGNING_CERTS                      103
-# define TS_F_TS_CHECK_STATUS_INFO                        104
-# define TS_F_TS_COMPUTE_IMPRINT                          145
-# define TS_F_TS_CONF_SET_DEFAULT_ENGINE                  146
-# define TS_F_TS_GET_STATUS_TEXT                          105
-# define TS_F_TS_MSG_IMPRINT_SET_ALGO                     118
-# define TS_F_TS_REQ_SET_MSG_IMPRINT                      119
-# define TS_F_TS_REQ_SET_NONCE                            120
-# define TS_F_TS_REQ_SET_POLICY_ID                        121
-# define TS_F_TS_RESP_CREATE_RESPONSE                     122
-# define TS_F_TS_RESP_CREATE_TST_INFO                     123
-# define TS_F_TS_RESP_CTX_ADD_FAILURE_INFO                124
-# define TS_F_TS_RESP_CTX_ADD_MD                          125
-# define TS_F_TS_RESP_CTX_ADD_POLICY                      126
-# define TS_F_TS_RESP_CTX_NEW                             127
-# define TS_F_TS_RESP_CTX_SET_ACCURACY                    128
-# define TS_F_TS_RESP_CTX_SET_CERTS                       129
-# define TS_F_TS_RESP_CTX_SET_DEF_POLICY                  130
-# define TS_F_TS_RESP_CTX_SET_SIGNER_CERT                 131
-# define TS_F_TS_RESP_CTX_SET_STATUS_INFO                 132
-# define TS_F_TS_RESP_GET_POLICY                          133
-# define TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION          134
-# define TS_F_TS_RESP_SET_STATUS_INFO                     135
-# define TS_F_TS_RESP_SET_TST_INFO                        150
-# define TS_F_TS_RESP_SIGN                                136
-# define TS_F_TS_RESP_VERIFY_SIGNATURE                    106
-# define TS_F_TS_RESP_VERIFY_TOKEN                        107
-# define TS_F_TS_TST_INFO_SET_ACCURACY                    137
-# define TS_F_TS_TST_INFO_SET_MSG_IMPRINT                 138
-# define TS_F_TS_TST_INFO_SET_NONCE                       139
-# define TS_F_TS_TST_INFO_SET_POLICY_ID                   140
-# define TS_F_TS_TST_INFO_SET_SERIAL                      141
-# define TS_F_TS_TST_INFO_SET_TIME                        142
-# define TS_F_TS_TST_INFO_SET_TSA                         143
-# define TS_F_TS_VERIFY                                   108
-# define TS_F_TS_VERIFY_CERT                              109
-# define TS_F_TS_VERIFY_CTX_NEW                           144
-
-/* Reason codes. */
-# define TS_R_BAD_PKCS7_TYPE                              132
-# define TS_R_BAD_TYPE                                    133
-# define TS_R_CERTIFICATE_VERIFY_ERROR                    100
-# define TS_R_COULD_NOT_SET_ENGINE                        127
-# define TS_R_COULD_NOT_SET_TIME                          115
-# define TS_R_D2I_TS_RESP_INT_FAILED                      128
-# define TS_R_DETACHED_CONTENT                            134
-# define TS_R_ESS_ADD_SIGNING_CERT_ERROR                  116
-# define TS_R_ESS_SIGNING_CERTIFICATE_ERROR               101
-# define TS_R_INVALID_NULL_POINTER                        102
-# define TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE          117
-# define TS_R_MESSAGE_IMPRINT_MISMATCH                    103
-# define TS_R_NONCE_MISMATCH                              104
-# define TS_R_NONCE_NOT_RETURNED                          105
-# define TS_R_NO_CONTENT                                  106
-# define TS_R_NO_TIME_STAMP_TOKEN                         107
-# define TS_R_PKCS7_ADD_SIGNATURE_ERROR                   118
-# define TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR                 119
-# define TS_R_PKCS7_TO_TS_TST_INFO_FAILED                 129
-# define TS_R_POLICY_MISMATCH                             108
-# define TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE      120
-# define TS_R_RESPONSE_SETUP_ERROR                        121
-# define TS_R_SIGNATURE_FAILURE                           109
-# define TS_R_THERE_MUST_BE_ONE_SIGNER                    110
-# define TS_R_TIME_SYSCALL_ERROR                          122
-# define TS_R_TOKEN_NOT_PRESENT                           130
-# define TS_R_TOKEN_PRESENT                               131
-# define TS_R_TSA_NAME_MISMATCH                           111
-# define TS_R_TSA_UNTRUSTED                               112
-# define TS_R_TST_INFO_SETUP_ERROR                        123
-# define TS_R_TS_DATASIGN                                 124
-# define TS_R_UNACCEPTABLE_POLICY                         125
-# define TS_R_UNSUPPORTED_MD_ALGORITHM                    126
-# define TS_R_UNSUPPORTED_VERSION                         113
-# define TS_R_WRONG_CONTENT_TYPE                          114
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/txt_db.h b/thirdparty/openssl/openssl/txt_db.h
deleted file mode 100644
index 98e23a2003..0000000000
--- a/thirdparty/openssl/openssl/txt_db.h
+++ /dev/null
@@ -1,112 +0,0 @@
-/* crypto/txt_db/txt_db.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_TXT_DB_H
-# define HEADER_TXT_DB_H
-
-# include <openssl/opensslconf.h>
-# ifndef OPENSSL_NO_BIO
-#  include <openssl/bio.h>
-# endif
-# include <openssl/stack.h>
-# include <openssl/lhash.h>
-
-# define DB_ERROR_OK                     0
-# define DB_ERROR_MALLOC                 1
-# define DB_ERROR_INDEX_CLASH            2
-# define DB_ERROR_INDEX_OUT_OF_RANGE     3
-# define DB_ERROR_NO_INDEX               4
-# define DB_ERROR_INSERT_INDEX_CLASH     5
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef OPENSSL_STRING *OPENSSL_PSTRING;
-DECLARE_SPECIAL_STACK_OF(OPENSSL_PSTRING, OPENSSL_STRING)
-
-typedef struct txt_db_st {
-    int num_fields;
-    STACK_OF(OPENSSL_PSTRING) *data;
-    LHASH_OF(OPENSSL_STRING) **index;
-    int (**qual) (OPENSSL_STRING *);
-    long error;
-    long arg1;
-    long arg2;
-    OPENSSL_STRING *arg_row;
-} TXT_DB;
-
-# ifndef OPENSSL_NO_BIO
-TXT_DB *TXT_DB_read(BIO *in, int num);
-long TXT_DB_write(BIO *out, TXT_DB *db);
-# else
-TXT_DB *TXT_DB_read(char *in, int num);
-long TXT_DB_write(char *out, TXT_DB *db);
-# endif
-int TXT_DB_create_index(TXT_DB *db, int field, int (*qual) (OPENSSL_STRING *),
-                        LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp);
-void TXT_DB_free(TXT_DB *db);
-OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx,
-                                    OPENSSL_STRING *value);
-int TXT_DB_insert(TXT_DB *db, OPENSSL_STRING *value);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/openssl/ui.h b/thirdparty/openssl/openssl/ui.h
deleted file mode 100644
index 0dc16330b8..0000000000
--- a/thirdparty/openssl/openssl/ui.h
+++ /dev/null
@@ -1,415 +0,0 @@
-/* crypto/ui/ui.h */
-/*
- * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_UI_H
-# define HEADER_UI_H
-
-# ifndef OPENSSL_NO_DEPRECATED
-#  include <openssl/crypto.h>
-# endif
-# include <openssl/safestack.h>
-# include <openssl/ossl_typ.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Declared already in ossl_typ.h */
-/* typedef struct ui_st UI; */
-/* typedef struct ui_method_st UI_METHOD; */
-
-/*
- * All the following functions return -1 or NULL on error and in some cases
- * (UI_process()) -2 if interrupted or in some other way cancelled. When
- * everything is fine, they return 0, a positive value or a non-NULL pointer,
- * all depending on their purpose.
- */
-
-/* Creators and destructor.   */
-UI *UI_new(void);
-UI *UI_new_method(const UI_METHOD *method);
-void UI_free(UI *ui);
-
-/*-
-   The following functions are used to add strings to be printed and prompt
-   strings to prompt for data.  The names are UI_{add,dup}_<function>_string
-   and UI_{add,dup}_input_boolean.
-
-   UI_{add,dup}_<function>_string have the following meanings:
-        add     add a text or prompt string.  The pointers given to these
-                functions are used verbatim, no copying is done.
-        dup     make a copy of the text or prompt string, then add the copy
-                to the collection of strings in the user interface.
-        <function>
-                The function is a name for the functionality that the given
-                string shall be used for.  It can be one of:
-                        input   use the string as data prompt.
-                        verify  use the string as verification prompt.  This
-                                is used to verify a previous input.
-                        info    use the string for informational output.
-                        error   use the string for error output.
-   Honestly, there's currently no difference between info and error for the
-   moment.
-
-   UI_{add,dup}_input_boolean have the same semantics for "add" and "dup",
-   and are typically used when one wants to prompt for a yes/no response.
-
-   All of the functions in this group take a UI and a prompt string.
-   The string input and verify addition functions also take a flag argument,
-   a buffer for the result to end up with, a minimum input size and a maximum
-   input size (the result buffer MUST be large enough to be able to contain
-   the maximum number of characters).  Additionally, the verify addition
-   functions takes another buffer to compare the result against.
-   The boolean input functions take an action description string (which should
-   be safe to ignore if the expected user action is obvious, for example with
-   a dialog box with an OK button and a Cancel button), a string of acceptable
-   characters to mean OK and to mean Cancel.  The two last strings are checked
-   to make sure they don't have common characters.  Additionally, the same
-   flag argument as for the string input is taken, as well as a result buffer.
-   The result buffer is required to be at least one byte long.  Depending on
-   the answer, the first character from the OK or the Cancel character strings
-   will be stored in the first byte of the result buffer.  No NUL will be
-   added, so the result is *not* a string.
-
-   On success, the all return an index of the added information.  That index
-   is usefull when retrieving results with UI_get0_result(). */
-int UI_add_input_string(UI *ui, const char *prompt, int flags,
-                        char *result_buf, int minsize, int maxsize);
-int UI_dup_input_string(UI *ui, const char *prompt, int flags,
-                        char *result_buf, int minsize, int maxsize);
-int UI_add_verify_string(UI *ui, const char *prompt, int flags,
-                         char *result_buf, int minsize, int maxsize,
-                         const char *test_buf);
-int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
-                         char *result_buf, int minsize, int maxsize,
-                         const char *test_buf);
-int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
-                         const char *ok_chars, const char *cancel_chars,
-                         int flags, char *result_buf);
-int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
-                         const char *ok_chars, const char *cancel_chars,
-                         int flags, char *result_buf);
-int UI_add_info_string(UI *ui, const char *text);
-int UI_dup_info_string(UI *ui, const char *text);
-int UI_add_error_string(UI *ui, const char *text);
-int UI_dup_error_string(UI *ui, const char *text);
-
-/* These are the possible flags.  They can be or'ed together. */
-/* Use to have echoing of input */
-# define UI_INPUT_FLAG_ECHO              0x01
-/*
- * Use a default password.  Where that password is found is completely up to
- * the application, it might for example be in the user data set with
- * UI_add_user_data().  It is not recommended to have more than one input in
- * each UI being marked with this flag, or the application might get
- * confused.
- */
-# define UI_INPUT_FLAG_DEFAULT_PWD       0x02
-
-/*-
- * The user of these routines may want to define flags of their own.  The core
- * UI won't look at those, but will pass them on to the method routines.  They
- * must use higher bits so they don't get confused with the UI bits above.
- * UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use.  A good
- * example of use is this:
- *
- *    #define MY_UI_FLAG1       (0x01 << UI_INPUT_FLAG_USER_BASE)
- *
-*/
-# define UI_INPUT_FLAG_USER_BASE 16
-
-/*-
- * The following function helps construct a prompt.  object_desc is a
- * textual short description of the object, for example "pass phrase",
- * and object_name is the name of the object (might be a card name or
- * a file name.
- * The returned string shall always be allocated on the heap with
- * OPENSSL_malloc(), and need to be free'd with OPENSSL_free().
- *
- * If the ui_method doesn't contain a pointer to a user-defined prompt
- * constructor, a default string is built, looking like this:
- *
- *       "Enter {object_desc} for {object_name}:"
- *
- * So, if object_desc has the value "pass phrase" and object_name has
- * the value "foo.key", the resulting string is:
- *
- *       "Enter pass phrase for foo.key:"
-*/
-char *UI_construct_prompt(UI *ui_method,
-                          const char *object_desc, const char *object_name);
-
-/*
- * The following function is used to store a pointer to user-specific data.
- * Any previous such pointer will be returned and replaced.
- *
- * For callback purposes, this function makes a lot more sense than using
- * ex_data, since the latter requires that different parts of OpenSSL or
- * applications share the same ex_data index.
- *
- * Note that the UI_OpenSSL() method completely ignores the user data. Other
- * methods may not, however.
- */
-void *UI_add_user_data(UI *ui, void *user_data);
-/* We need a user data retrieving function as well.  */
-void *UI_get0_user_data(UI *ui);
-
-/* Return the result associated with a prompt given with the index i. */
-const char *UI_get0_result(UI *ui, int i);
-
-/* When all strings have been added, process the whole thing. */
-int UI_process(UI *ui);
-
-/*
- * Give a user interface parametrised control commands.  This can be used to
- * send down an integer, a data pointer or a function pointer, as well as be
- * used to get information from a UI.
- */
-int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void));
-
-/* The commands */
-/*
- * Use UI_CONTROL_PRINT_ERRORS with the value 1 to have UI_process print the
- * OpenSSL error stack before printing any info or added error messages and
- * before any prompting.
- */
-# define UI_CTRL_PRINT_ERRORS            1
-/*
- * Check if a UI_process() is possible to do again with the same instance of
- * a user interface.  This makes UI_ctrl() return 1 if it is redoable, and 0
- * if not.
- */
-# define UI_CTRL_IS_REDOABLE             2
-
-/* Some methods may use extra data */
-# define UI_set_app_data(s,arg)         UI_set_ex_data(s,0,arg)
-# define UI_get_app_data(s)             UI_get_ex_data(s,0)
-int UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-                        CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int UI_set_ex_data(UI *r, int idx, void *arg);
-void *UI_get_ex_data(UI *r, int idx);
-
-/* Use specific methods instead of the built-in one */
-void UI_set_default_method(const UI_METHOD *meth);
-const UI_METHOD *UI_get_default_method(void);
-const UI_METHOD *UI_get_method(UI *ui);
-const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
-
-/* The method with all the built-in thingies */
-UI_METHOD *UI_OpenSSL(void);
-
-/* ---------- For method writers ---------- */
-/*-
-   A method contains a number of functions that implement the low level
-   of the User Interface.  The functions are:
-
-        an opener       This function starts a session, maybe by opening
-                        a channel to a tty, or by opening a window.
-        a writer        This function is called to write a given string,
-                        maybe to the tty, maybe as a field label in a
-                        window.
-        a flusher       This function is called to flush everything that
-                        has been output so far.  It can be used to actually
-                        display a dialog box after it has been built.
-        a reader        This function is called to read a given prompt,
-                        maybe from the tty, maybe from a field in a
-                        window.  Note that it's called wth all string
-                        structures, not only the prompt ones, so it must
-                        check such things itself.
-        a closer        This function closes the session, maybe by closing
-                        the channel to the tty, or closing the window.
-
-   All these functions are expected to return:
-
-        0       on error.
-        1       on success.
-        -1      on out-of-band events, for example if some prompting has
-                been canceled (by pressing Ctrl-C, for example).  This is
-                only checked when returned by the flusher or the reader.
-
-   The way this is used, the opener is first called, then the writer for all
-   strings, then the flusher, then the reader for all strings and finally the
-   closer.  Note that if you want to prompt from a terminal or other command
-   line interface, the best is to have the reader also write the prompts
-   instead of having the writer do it.  If you want to prompt from a dialog
-   box, the writer can be used to build up the contents of the box, and the
-   flusher to actually display the box and run the event loop until all data
-   has been given, after which the reader only grabs the given data and puts
-   them back into the UI strings.
-
-   All method functions take a UI as argument.  Additionally, the writer and
-   the reader take a UI_STRING.
-*/
-
-/*
- * The UI_STRING type is the data structure that contains all the needed info
- * about a string or a prompt, including test data for a verification prompt.
- */
-typedef struct ui_string_st UI_STRING;
-DECLARE_STACK_OF(UI_STRING)
-
-/*
- * The different types of strings that are currently supported. This is only
- * needed by method authors.
- */
-enum UI_string_types {
-    UIT_NONE = 0,
-    UIT_PROMPT,                 /* Prompt for a string */
-    UIT_VERIFY,                 /* Prompt for a string and verify */
-    UIT_BOOLEAN,                /* Prompt for a yes/no response */
-    UIT_INFO,                   /* Send info to the user */
-    UIT_ERROR                   /* Send an error message to the user */
-};
-
-/* Create and manipulate methods */
-UI_METHOD *UI_create_method(char *name);
-void UI_destroy_method(UI_METHOD *ui_method);
-int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
-int UI_method_set_writer(UI_METHOD *method,
-                         int (*writer) (UI *ui, UI_STRING *uis));
-int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
-int UI_method_set_reader(UI_METHOD *method,
-                         int (*reader) (UI *ui, UI_STRING *uis));
-int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
-int UI_method_set_prompt_constructor(UI_METHOD *method,
-                                     char *(*prompt_constructor) (UI *ui,
-                                                                  const char
-                                                                  *object_desc,
-                                                                  const char
-                                                                  *object_name));
-int (*UI_method_get_opener(UI_METHOD *method)) (UI *);
-int (*UI_method_get_writer(UI_METHOD *method)) (UI *, UI_STRING *);
-int (*UI_method_get_flusher(UI_METHOD *method)) (UI *);
-int (*UI_method_get_reader(UI_METHOD *method)) (UI *, UI_STRING *);
-int (*UI_method_get_closer(UI_METHOD *method)) (UI *);
-char *(*UI_method_get_prompt_constructor(UI_METHOD *method)) (UI *,
-                                                              const char *,
-                                                              const char *);
-
-/*
- * The following functions are helpers for method writers to access relevant
- * data from a UI_STRING.
- */
-
-/* Return type of the UI_STRING */
-enum UI_string_types UI_get_string_type(UI_STRING *uis);
-/* Return input flags of the UI_STRING */
-int UI_get_input_flags(UI_STRING *uis);
-/* Return the actual string to output (the prompt, info or error) */
-const char *UI_get0_output_string(UI_STRING *uis);
-/*
- * Return the optional action string to output (the boolean promtp
- * instruction)
- */
-const char *UI_get0_action_string(UI_STRING *uis);
-/* Return the result of a prompt */
-const char *UI_get0_result_string(UI_STRING *uis);
-/*
- * Return the string to test the result against.  Only useful with verifies.
- */
-const char *UI_get0_test_string(UI_STRING *uis);
-/* Return the required minimum size of the result */
-int UI_get_result_minsize(UI_STRING *uis);
-/* Return the required maximum size of the result */
-int UI_get_result_maxsize(UI_STRING *uis);
-/* Set the result of a UI_STRING. */
-int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
-
-/* A couple of popular utility functions */
-int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt,
-                           int verify);
-int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt,
-                    int verify);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_UI_strings(void);
-
-/* Error codes for the UI functions. */
-
-/* Function codes. */
-# define UI_F_GENERAL_ALLOCATE_BOOLEAN                    108
-# define UI_F_GENERAL_ALLOCATE_PROMPT                     109
-# define UI_F_GENERAL_ALLOCATE_STRING                     100
-# define UI_F_UI_CTRL                                     111
-# define UI_F_UI_DUP_ERROR_STRING                         101
-# define UI_F_UI_DUP_INFO_STRING                          102
-# define UI_F_UI_DUP_INPUT_BOOLEAN                        110
-# define UI_F_UI_DUP_INPUT_STRING                         103
-# define UI_F_UI_DUP_VERIFY_STRING                        106
-# define UI_F_UI_GET0_RESULT                              107
-# define UI_F_UI_NEW_METHOD                               104
-# define UI_F_UI_SET_RESULT                               105
-
-/* Reason codes. */
-# define UI_R_COMMON_OK_AND_CANCEL_CHARACTERS             104
-# define UI_R_INDEX_TOO_LARGE                             102
-# define UI_R_INDEX_TOO_SMALL                             103
-# define UI_R_NO_RESULT_BUFFER                            105
-# define UI_R_RESULT_TOO_LARGE                            100
-# define UI_R_RESULT_TOO_SMALL                            101
-# define UI_R_UNKNOWN_CONTROL_COMMAND                     106
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/ui_compat.h b/thirdparty/openssl/openssl/ui_compat.h
deleted file mode 100644
index bf541542c0..0000000000
--- a/thirdparty/openssl/openssl/ui_compat.h
+++ /dev/null
@@ -1,88 +0,0 @@
-/* crypto/ui/ui.h */
-/*
- * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_UI_COMPAT_H
-# define HEADER_UI_COMPAT_H
-
-# include <openssl/opensslconf.h>
-# include <openssl/ui.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/*
- * The following functions were previously part of the DES section, and are
- * provided here for backward compatibility reasons.
- */
-
-# define des_read_pw_string(b,l,p,v) \
-        _ossl_old_des_read_pw_string((b),(l),(p),(v))
-# define des_read_pw(b,bf,s,p,v) \
-        _ossl_old_des_read_pw((b),(bf),(s),(p),(v))
-
-int _ossl_old_des_read_pw_string(char *buf, int length, const char *prompt,
-                                 int verify);
-int _ossl_old_des_read_pw(char *buf, char *buff, int size, const char *prompt,
-                          int verify);
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/whrlpool.h b/thirdparty/openssl/openssl/whrlpool.h
deleted file mode 100644
index 73c749da81..0000000000
--- a/thirdparty/openssl/openssl/whrlpool.h
+++ /dev/null
@@ -1,41 +0,0 @@
-#ifndef HEADER_WHRLPOOL_H
-# define HEADER_WHRLPOOL_H
-
-# include <openssl/e_os2.h>
-# include <stddef.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# define WHIRLPOOL_DIGEST_LENGTH (512/8)
-# define WHIRLPOOL_BBLOCK        512
-# define WHIRLPOOL_COUNTER       (256/8)
-
-typedef struct {
-    union {
-        unsigned char c[WHIRLPOOL_DIGEST_LENGTH];
-        /* double q is here to ensure 64-bit alignment */
-        double q[WHIRLPOOL_DIGEST_LENGTH / sizeof(double)];
-    } H;
-    unsigned char data[WHIRLPOOL_BBLOCK / 8];
-    unsigned int bitoff;
-    size_t bitlen[WHIRLPOOL_COUNTER / sizeof(size_t)];
-} WHIRLPOOL_CTX;
-
-# ifndef OPENSSL_NO_WHIRLPOOL
-#  ifdef OPENSSL_FIPS
-int private_WHIRLPOOL_Init(WHIRLPOOL_CTX *c);
-#  endif
-int WHIRLPOOL_Init(WHIRLPOOL_CTX *c);
-int WHIRLPOOL_Update(WHIRLPOOL_CTX *c, const void *inp, size_t bytes);
-void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c, const void *inp, size_t bits);
-int WHIRLPOOL_Final(unsigned char *md, WHIRLPOOL_CTX *c);
-unsigned char *WHIRLPOOL(const void *inp, size_t bytes, unsigned char *md);
-# endif
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/thirdparty/openssl/openssl/x509.h b/thirdparty/openssl/openssl/x509.h
deleted file mode 100644
index 6fa28ebada..0000000000
--- a/thirdparty/openssl/openssl/x509.h
+++ /dev/null
@@ -1,1330 +0,0 @@
-/* crypto/x509/x509.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#ifndef HEADER_X509_H
-# define HEADER_X509_H
-
-# include <openssl/e_os2.h>
-# include <openssl/symhacks.h>
-# ifndef OPENSSL_NO_BUFFER
-#  include <openssl/buffer.h>
-# endif
-# ifndef OPENSSL_NO_EVP
-#  include <openssl/evp.h>
-# endif
-# ifndef OPENSSL_NO_BIO
-#  include <openssl/bio.h>
-# endif
-# include <openssl/stack.h>
-# include <openssl/asn1.h>
-# include <openssl/safestack.h>
-
-# ifndef OPENSSL_NO_EC
-#  include <openssl/ec.h>
-# endif
-
-# ifndef OPENSSL_NO_ECDSA
-#  include <openssl/ecdsa.h>
-# endif
-
-# ifndef OPENSSL_NO_ECDH
-#  include <openssl/ecdh.h>
-# endif
-
-# ifndef OPENSSL_NO_DEPRECATED
-#  ifndef OPENSSL_NO_RSA
-#   include <openssl/rsa.h>
-#  endif
-#  ifndef OPENSSL_NO_DSA
-#   include <openssl/dsa.h>
-#  endif
-#  ifndef OPENSSL_NO_DH
-#   include <openssl/dh.h>
-#  endif
-# endif
-
-# ifndef OPENSSL_NO_SHA
-#  include <openssl/sha.h>
-# endif
-# include <openssl/ossl_typ.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# ifdef OPENSSL_SYS_WIN32
-/* Under Win32 these are defined in wincrypt.h */
-#  undef X509_NAME
-#  undef X509_CERT_PAIR
-#  undef X509_EXTENSIONS
-# endif
-
-# define X509_FILETYPE_PEM       1
-# define X509_FILETYPE_ASN1      2
-# define X509_FILETYPE_DEFAULT   3
-
-# define X509v3_KU_DIGITAL_SIGNATURE     0x0080
-# define X509v3_KU_NON_REPUDIATION       0x0040
-# define X509v3_KU_KEY_ENCIPHERMENT      0x0020
-# define X509v3_KU_DATA_ENCIPHERMENT     0x0010
-# define X509v3_KU_KEY_AGREEMENT         0x0008
-# define X509v3_KU_KEY_CERT_SIGN         0x0004
-# define X509v3_KU_CRL_SIGN              0x0002
-# define X509v3_KU_ENCIPHER_ONLY         0x0001
-# define X509v3_KU_DECIPHER_ONLY         0x8000
-# define X509v3_KU_UNDEF                 0xffff
-
-typedef struct X509_objects_st {
-    int nid;
-    int (*a2i) (void);
-    int (*i2a) (void);
-} X509_OBJECTS;
-
-struct X509_algor_st {
-    ASN1_OBJECT *algorithm;
-    ASN1_TYPE *parameter;
-} /* X509_ALGOR */ ;
-
-DECLARE_ASN1_SET_OF(X509_ALGOR)
-
-typedef STACK_OF(X509_ALGOR) X509_ALGORS;
-
-typedef struct X509_val_st {
-    ASN1_TIME *notBefore;
-    ASN1_TIME *notAfter;
-} X509_VAL;
-
-struct X509_pubkey_st {
-    X509_ALGOR *algor;
-    ASN1_BIT_STRING *public_key;
-    EVP_PKEY *pkey;
-};
-
-typedef struct X509_sig_st {
-    X509_ALGOR *algor;
-    ASN1_OCTET_STRING *digest;
-} X509_SIG;
-
-typedef struct X509_name_entry_st {
-    ASN1_OBJECT *object;
-    ASN1_STRING *value;
-    int set;
-    int size;                   /* temp variable */
-} X509_NAME_ENTRY;
-
-DECLARE_STACK_OF(X509_NAME_ENTRY)
-DECLARE_ASN1_SET_OF(X509_NAME_ENTRY)
-
-/* we always keep X509_NAMEs in 2 forms. */
-struct X509_name_st {
-    STACK_OF(X509_NAME_ENTRY) *entries;
-    int modified;               /* true if 'bytes' needs to be built */
-# ifndef OPENSSL_NO_BUFFER
-    BUF_MEM *bytes;
-# else
-    char *bytes;
-# endif
-/*      unsigned long hash; Keep the hash around for lookups */
-    unsigned char *canon_enc;
-    int canon_enclen;
-} /* X509_NAME */ ;
-
-DECLARE_STACK_OF(X509_NAME)
-
-# define X509_EX_V_NETSCAPE_HACK         0x8000
-# define X509_EX_V_INIT                  0x0001
-typedef struct X509_extension_st {
-    ASN1_OBJECT *object;
-    ASN1_BOOLEAN critical;
-    ASN1_OCTET_STRING *value;
-} X509_EXTENSION;
-
-typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
-
-DECLARE_STACK_OF(X509_EXTENSION)
-DECLARE_ASN1_SET_OF(X509_EXTENSION)
-
-/* a sequence of these are used */
-typedef struct x509_attributes_st {
-    ASN1_OBJECT *object;
-    int single;                 /* 0 for a set, 1 for a single item (which is
-                                 * wrong) */
-    union {
-        char *ptr;
-        /*
-         * 0
-         */ STACK_OF(ASN1_TYPE) *set;
-        /*
-         * 1
-         */ ASN1_TYPE *single;
-    } value;
-} X509_ATTRIBUTE;
-
-DECLARE_STACK_OF(X509_ATTRIBUTE)
-DECLARE_ASN1_SET_OF(X509_ATTRIBUTE)
-
-typedef struct X509_req_info_st {
-    ASN1_ENCODING enc;
-    ASN1_INTEGER *version;
-    X509_NAME *subject;
-    X509_PUBKEY *pubkey;
-    /*  d=2 hl=2 l=  0 cons: cont: 00 */
-    STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
-} X509_REQ_INFO;
-
-typedef struct X509_req_st {
-    X509_REQ_INFO *req_info;
-    X509_ALGOR *sig_alg;
-    ASN1_BIT_STRING *signature;
-    int references;
-} X509_REQ;
-
-typedef struct x509_cinf_st {
-    ASN1_INTEGER *version;      /* [ 0 ] default of v1 */
-    ASN1_INTEGER *serialNumber;
-    X509_ALGOR *signature;
-    X509_NAME *issuer;
-    X509_VAL *validity;
-    X509_NAME *subject;
-    X509_PUBKEY *key;
-    ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */
-    ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */
-    STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */
-    ASN1_ENCODING enc;
-} X509_CINF;
-
-/*
- * This stuff is certificate "auxiliary info" it contains details which are
- * useful in certificate stores and databases. When used this is tagged onto
- * the end of the certificate itself
- */
-
-typedef struct x509_cert_aux_st {
-    STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */
-    STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */
-    ASN1_UTF8STRING *alias;     /* "friendly name" */
-    ASN1_OCTET_STRING *keyid;   /* key id of private key */
-    STACK_OF(X509_ALGOR) *other; /* other unspecified info */
-} X509_CERT_AUX;
-
-struct x509_st {
-    X509_CINF *cert_info;
-    X509_ALGOR *sig_alg;
-    ASN1_BIT_STRING *signature;
-    int valid;
-    int references;
-    char *name;
-    CRYPTO_EX_DATA ex_data;
-    /* These contain copies of various extension values */
-    long ex_pathlen;
-    long ex_pcpathlen;
-    unsigned long ex_flags;
-    unsigned long ex_kusage;
-    unsigned long ex_xkusage;
-    unsigned long ex_nscert;
-    ASN1_OCTET_STRING *skid;
-    AUTHORITY_KEYID *akid;
-    X509_POLICY_CACHE *policy_cache;
-    STACK_OF(DIST_POINT) *crldp;
-    STACK_OF(GENERAL_NAME) *altname;
-    NAME_CONSTRAINTS *nc;
-# ifndef OPENSSL_NO_RFC3779
-    STACK_OF(IPAddressFamily) *rfc3779_addr;
-    struct ASIdentifiers_st *rfc3779_asid;
-# endif
-# ifndef OPENSSL_NO_SHA
-    unsigned char sha1_hash[SHA_DIGEST_LENGTH];
-# endif
-    X509_CERT_AUX *aux;
-} /* X509 */ ;
-
-DECLARE_STACK_OF(X509)
-DECLARE_ASN1_SET_OF(X509)
-
-/* This is used for a table of trust checking functions */
-
-typedef struct x509_trust_st {
-    int trust;
-    int flags;
-    int (*check_trust) (struct x509_trust_st *, X509 *, int);
-    char *name;
-    int arg1;
-    void *arg2;
-} X509_TRUST;
-
-DECLARE_STACK_OF(X509_TRUST)
-
-typedef struct x509_cert_pair_st {
-    X509 *forward;
-    X509 *reverse;
-} X509_CERT_PAIR;
-
-/* standard trust ids */
-
-# define X509_TRUST_DEFAULT      -1/* Only valid in purpose settings */
-
-# define X509_TRUST_COMPAT       1
-# define X509_TRUST_SSL_CLIENT   2
-# define X509_TRUST_SSL_SERVER   3
-# define X509_TRUST_EMAIL        4
-# define X509_TRUST_OBJECT_SIGN  5
-# define X509_TRUST_OCSP_SIGN    6
-# define X509_TRUST_OCSP_REQUEST 7
-# define X509_TRUST_TSA          8
-
-/* Keep these up to date! */
-# define X509_TRUST_MIN          1
-# define X509_TRUST_MAX          8
-
-/* trust_flags values */
-# define X509_TRUST_DYNAMIC      1
-# define X509_TRUST_DYNAMIC_NAME 2
-
-/* check_trust return codes */
-
-# define X509_TRUST_TRUSTED      1
-# define X509_TRUST_REJECTED     2
-# define X509_TRUST_UNTRUSTED    3
-
-/* Flags for X509_print_ex() */
-
-# define X509_FLAG_COMPAT                0
-# define X509_FLAG_NO_HEADER             1L
-# define X509_FLAG_NO_VERSION            (1L << 1)
-# define X509_FLAG_NO_SERIAL             (1L << 2)
-# define X509_FLAG_NO_SIGNAME            (1L << 3)
-# define X509_FLAG_NO_ISSUER             (1L << 4)
-# define X509_FLAG_NO_VALIDITY           (1L << 5)
-# define X509_FLAG_NO_SUBJECT            (1L << 6)
-# define X509_FLAG_NO_PUBKEY             (1L << 7)
-# define X509_FLAG_NO_EXTENSIONS         (1L << 8)
-# define X509_FLAG_NO_SIGDUMP            (1L << 9)
-# define X509_FLAG_NO_AUX                (1L << 10)
-# define X509_FLAG_NO_ATTRIBUTES         (1L << 11)
-# define X509_FLAG_NO_IDS                (1L << 12)
-
-/* Flags specific to X509_NAME_print_ex() */
-
-/* The field separator information */
-
-# define XN_FLAG_SEP_MASK        (0xf << 16)
-
-# define XN_FLAG_COMPAT          0/* Traditional SSLeay: use old
-                                   * X509_NAME_print */
-# define XN_FLAG_SEP_COMMA_PLUS  (1 << 16)/* RFC2253 ,+ */
-# define XN_FLAG_SEP_CPLUS_SPC   (2 << 16)/* ,+ spaced: more readable */
-# define XN_FLAG_SEP_SPLUS_SPC   (3 << 16)/* ;+ spaced */
-# define XN_FLAG_SEP_MULTILINE   (4 << 16)/* One line per field */
-
-# define XN_FLAG_DN_REV          (1 << 20)/* Reverse DN order */
-
-/* How the field name is shown */
-
-# define XN_FLAG_FN_MASK         (0x3 << 21)
-
-# define XN_FLAG_FN_SN           0/* Object short name */
-# define XN_FLAG_FN_LN           (1 << 21)/* Object long name */
-# define XN_FLAG_FN_OID          (2 << 21)/* Always use OIDs */
-# define XN_FLAG_FN_NONE         (3 << 21)/* No field names */
-
-# define XN_FLAG_SPC_EQ          (1 << 23)/* Put spaces round '=' */
-
-/*
- * This determines if we dump fields we don't recognise: RFC2253 requires
- * this.
- */
-
-# define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24)
-
-# define XN_FLAG_FN_ALIGN        (1 << 25)/* Align field names to 20
-                                           * characters */
-
-/* Complete set of RFC2253 flags */
-
-# define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \
-                        XN_FLAG_SEP_COMMA_PLUS | \
-                        XN_FLAG_DN_REV | \
-                        XN_FLAG_FN_SN | \
-                        XN_FLAG_DUMP_UNKNOWN_FIELDS)
-
-/* readable oneline form */
-
-# define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \
-                        ASN1_STRFLGS_ESC_QUOTE | \
-                        XN_FLAG_SEP_CPLUS_SPC | \
-                        XN_FLAG_SPC_EQ | \
-                        XN_FLAG_FN_SN)
-
-/* readable multiline form */
-
-# define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \
-                        ASN1_STRFLGS_ESC_MSB | \
-                        XN_FLAG_SEP_MULTILINE | \
-                        XN_FLAG_SPC_EQ | \
-                        XN_FLAG_FN_LN | \
-                        XN_FLAG_FN_ALIGN)
-
-struct x509_revoked_st {
-    ASN1_INTEGER *serialNumber;
-    ASN1_TIME *revocationDate;
-    STACK_OF(X509_EXTENSION) /* optional */ *extensions;
-    /* Set up if indirect CRL */
-    STACK_OF(GENERAL_NAME) *issuer;
-    /* Revocation reason */
-    int reason;
-    int sequence;               /* load sequence */
-};
-
-DECLARE_STACK_OF(X509_REVOKED)
-DECLARE_ASN1_SET_OF(X509_REVOKED)
-
-typedef struct X509_crl_info_st {
-    ASN1_INTEGER *version;
-    X509_ALGOR *sig_alg;
-    X509_NAME *issuer;
-    ASN1_TIME *lastUpdate;
-    ASN1_TIME *nextUpdate;
-    STACK_OF(X509_REVOKED) *revoked;
-    STACK_OF(X509_EXTENSION) /* [0] */ *extensions;
-    ASN1_ENCODING enc;
-} X509_CRL_INFO;
-
-struct X509_crl_st {
-    /* actual signature */
-    X509_CRL_INFO *crl;
-    X509_ALGOR *sig_alg;
-    ASN1_BIT_STRING *signature;
-    int references;
-    int flags;
-    /* Copies of various extensions */
-    AUTHORITY_KEYID *akid;
-    ISSUING_DIST_POINT *idp;
-    /* Convenient breakdown of IDP */
-    int idp_flags;
-    int idp_reasons;
-    /* CRL and base CRL numbers for delta processing */
-    ASN1_INTEGER *crl_number;
-    ASN1_INTEGER *base_crl_number;
-# ifndef OPENSSL_NO_SHA
-    unsigned char sha1_hash[SHA_DIGEST_LENGTH];
-# endif
-    STACK_OF(GENERAL_NAMES) *issuers;
-    const X509_CRL_METHOD *meth;
-    void *meth_data;
-} /* X509_CRL */ ;
-
-DECLARE_STACK_OF(X509_CRL)
-DECLARE_ASN1_SET_OF(X509_CRL)
-
-typedef struct private_key_st {
-    int version;
-    /* The PKCS#8 data types */
-    X509_ALGOR *enc_algor;
-    ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */
-    /* When decrypted, the following will not be NULL */
-    EVP_PKEY *dec_pkey;
-    /* used to encrypt and decrypt */
-    int key_length;
-    char *key_data;
-    int key_free;               /* true if we should auto free key_data */
-    /* expanded version of 'enc_algor' */
-    EVP_CIPHER_INFO cipher;
-    int references;
-} X509_PKEY;
-
-# ifndef OPENSSL_NO_EVP
-typedef struct X509_info_st {
-    X509 *x509;
-    X509_CRL *crl;
-    X509_PKEY *x_pkey;
-    EVP_CIPHER_INFO enc_cipher;
-    int enc_len;
-    char *enc_data;
-    int references;
-} X509_INFO;
-
-DECLARE_STACK_OF(X509_INFO)
-# endif
-
-/*
- * The next 2 structures and their 8 routines were sent to me by Pat Richard
- * <patr@x509.com> and are used to manipulate Netscapes spki structures -
- * useful if you are writing a CA web page
- */
-typedef struct Netscape_spkac_st {
-    X509_PUBKEY *pubkey;
-    ASN1_IA5STRING *challenge;  /* challenge sent in atlas >= PR2 */
-} NETSCAPE_SPKAC;
-
-typedef struct Netscape_spki_st {
-    NETSCAPE_SPKAC *spkac;      /* signed public key and challenge */
-    X509_ALGOR *sig_algor;
-    ASN1_BIT_STRING *signature;
-} NETSCAPE_SPKI;
-
-/* Netscape certificate sequence structure */
-typedef struct Netscape_certificate_sequence {
-    ASN1_OBJECT *type;
-    STACK_OF(X509) *certs;
-} NETSCAPE_CERT_SEQUENCE;
-
-/*- Unused (and iv length is wrong)
-typedef struct CBCParameter_st
-        {
-        unsigned char iv[8];
-        } CBC_PARAM;
-*/
-
-/* Password based encryption structure */
-
-typedef struct PBEPARAM_st {
-    ASN1_OCTET_STRING *salt;
-    ASN1_INTEGER *iter;
-} PBEPARAM;
-
-/* Password based encryption V2 structures */
-
-typedef struct PBE2PARAM_st {
-    X509_ALGOR *keyfunc;
-    X509_ALGOR *encryption;
-} PBE2PARAM;
-
-typedef struct PBKDF2PARAM_st {
-/* Usually OCTET STRING but could be anything */
-    ASN1_TYPE *salt;
-    ASN1_INTEGER *iter;
-    ASN1_INTEGER *keylength;
-    X509_ALGOR *prf;
-} PBKDF2PARAM;
-
-/* PKCS#8 private key info structure */
-
-struct pkcs8_priv_key_info_st {
-    /* Flag for various broken formats */
-    int broken;
-# define PKCS8_OK                0
-# define PKCS8_NO_OCTET          1
-# define PKCS8_EMBEDDED_PARAM    2
-# define PKCS8_NS_DB             3
-# define PKCS8_NEG_PRIVKEY       4
-    ASN1_INTEGER *version;
-    X509_ALGOR *pkeyalg;
-    /* Should be OCTET STRING but some are broken */
-    ASN1_TYPE *pkey;
-    STACK_OF(X509_ATTRIBUTE) *attributes;
-};
-
-#ifdef  __cplusplus
-}
-#endif
-
-# include <openssl/x509_vfy.h>
-# include <openssl/pkcs7.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# define X509_EXT_PACK_UNKNOWN   1
-# define X509_EXT_PACK_STRING    2
-
-# define         X509_get_version(x) ASN1_INTEGER_get((x)->cert_info->version)
-/* #define      X509_get_serialNumber(x) ((x)->cert_info->serialNumber) */
-# define         X509_get_notBefore(x) ((x)->cert_info->validity->notBefore)
-# define         X509_get_notAfter(x) ((x)->cert_info->validity->notAfter)
-# define         X509_extract_key(x)     X509_get_pubkey(x)/*****/
-# define         X509_REQ_get_version(x) ASN1_INTEGER_get((x)->req_info->version)
-# define         X509_REQ_get_subject_name(x) ((x)->req_info->subject)
-# define         X509_REQ_extract_key(a) X509_REQ_get_pubkey(a)
-# define         X509_name_cmp(a,b)      X509_NAME_cmp((a),(b))
-# define         X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm))
-
-# define         X509_CRL_get_version(x) ASN1_INTEGER_get((x)->crl->version)
-# define         X509_CRL_get_lastUpdate(x) ((x)->crl->lastUpdate)
-# define         X509_CRL_get_nextUpdate(x) ((x)->crl->nextUpdate)
-# define         X509_CRL_get_issuer(x) ((x)->crl->issuer)
-# define         X509_CRL_get_REVOKED(x) ((x)->crl->revoked)
-
-void X509_CRL_set_default_method(const X509_CRL_METHOD *meth);
-X509_CRL_METHOD *X509_CRL_METHOD_new(int (*crl_init) (X509_CRL *crl),
-                                     int (*crl_free) (X509_CRL *crl),
-                                     int (*crl_lookup) (X509_CRL *crl,
-                                                        X509_REVOKED **ret,
-                                                        ASN1_INTEGER *ser,
-                                                        X509_NAME *issuer),
-                                     int (*crl_verify) (X509_CRL *crl,
-                                                        EVP_PKEY *pk));
-void X509_CRL_METHOD_free(X509_CRL_METHOD *m);
-
-void X509_CRL_set_meth_data(X509_CRL *crl, void *dat);
-void *X509_CRL_get_meth_data(X509_CRL *crl);
-
-/*
- * This one is only used so that a binary form can output, as in
- * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf)
- */
-# define         X509_get_X509_PUBKEY(x) ((x)->cert_info->key)
-
-const char *X509_verify_cert_error_string(long n);
-
-# ifndef OPENSSL_NO_EVP
-int X509_verify(X509 *a, EVP_PKEY *r);
-
-int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
-int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);
-int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r);
-
-NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str, int len);
-char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x);
-EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x);
-int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey);
-
-int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki);
-
-int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent);
-int X509_signature_print(BIO *bp, X509_ALGOR *alg, ASN1_STRING *sig);
-
-int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
-int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
-int X509_http_nbio(OCSP_REQ_CTX *rctx, X509 **pcert);
-int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
-int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx);
-int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
-int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx);
-int X509_CRL_http_nbio(OCSP_REQ_CTX *rctx, X509_CRL **pcrl);
-int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md);
-
-int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
-                       unsigned char *md, unsigned int *len);
-int X509_digest(const X509 *data, const EVP_MD *type,
-                unsigned char *md, unsigned int *len);
-int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type,
-                    unsigned char *md, unsigned int *len);
-int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
-                    unsigned char *md, unsigned int *len);
-int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
-                     unsigned char *md, unsigned int *len);
-# endif
-
-# ifndef OPENSSL_NO_FP_API
-X509 *d2i_X509_fp(FILE *fp, X509 **x509);
-int i2d_X509_fp(FILE *fp, X509 *x509);
-X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl);
-int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl);
-X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req);
-int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req);
-#  ifndef OPENSSL_NO_RSA
-RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa);
-int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa);
-RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa);
-int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa);
-RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa);
-int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa);
-#  endif
-#  ifndef OPENSSL_NO_DSA
-DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa);
-int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa);
-DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
-int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
-#  endif
-#  ifndef OPENSSL_NO_EC
-EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey);
-int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey);
-EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey);
-int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey);
-#  endif
-X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8);
-int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8);
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
-                                                PKCS8_PRIV_KEY_INFO **p8inf);
-int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf);
-int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key);
-int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
-int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
-# endif
-
-# ifndef OPENSSL_NO_BIO
-X509 *d2i_X509_bio(BIO *bp, X509 **x509);
-int i2d_X509_bio(BIO *bp, X509 *x509);
-X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl);
-int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl);
-X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req);
-int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req);
-#  ifndef OPENSSL_NO_RSA
-RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa);
-int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa);
-RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa);
-int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa);
-RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa);
-int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa);
-#  endif
-#  ifndef OPENSSL_NO_DSA
-DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa);
-int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa);
-DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
-int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
-#  endif
-#  ifndef OPENSSL_NO_EC
-EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey);
-int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey);
-EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey);
-int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey);
-#  endif
-X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8);
-int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8);
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
-                                                 PKCS8_PRIV_KEY_INFO **p8inf);
-int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf);
-int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key);
-int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
-int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
-# endif
-
-X509 *X509_dup(X509 *x509);
-X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa);
-X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex);
-X509_CRL *X509_CRL_dup(X509_CRL *crl);
-X509_REVOKED *X509_REVOKED_dup(X509_REVOKED *rev);
-X509_REQ *X509_REQ_dup(X509_REQ *req);
-X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
-int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype,
-                    void *pval);
-void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
-                     X509_ALGOR *algor);
-void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
-int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);
-
-X509_NAME *X509_NAME_dup(X509_NAME *xn);
-X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
-
-int X509_cmp_time(const ASN1_TIME *s, time_t *t);
-int X509_cmp_current_time(const ASN1_TIME *s);
-ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *t);
-ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s,
-                            int offset_day, long offset_sec, time_t *t);
-ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj);
-
-const char *X509_get_default_cert_area(void);
-const char *X509_get_default_cert_dir(void);
-const char *X509_get_default_cert_file(void);
-const char *X509_get_default_cert_dir_env(void);
-const char *X509_get_default_cert_file_env(void);
-const char *X509_get_default_private_dir(void);
-
-X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
-X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey);
-
-DECLARE_ASN1_FUNCTIONS(X509_ALGOR)
-DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS)
-DECLARE_ASN1_FUNCTIONS(X509_VAL)
-
-DECLARE_ASN1_FUNCTIONS(X509_PUBKEY)
-
-int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
-EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
-int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain);
-int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp);
-EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length);
-# ifndef OPENSSL_NO_RSA
-int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp);
-RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length);
-# endif
-# ifndef OPENSSL_NO_DSA
-int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp);
-DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length);
-# endif
-# ifndef OPENSSL_NO_EC
-int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp);
-EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length);
-# endif
-
-DECLARE_ASN1_FUNCTIONS(X509_SIG)
-DECLARE_ASN1_FUNCTIONS(X509_REQ_INFO)
-DECLARE_ASN1_FUNCTIONS(X509_REQ)
-
-DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE)
-X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value);
-
-DECLARE_ASN1_FUNCTIONS(X509_EXTENSION)
-DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS)
-
-DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY)
-
-DECLARE_ASN1_FUNCTIONS(X509_NAME)
-
-int X509_NAME_set(X509_NAME **xn, X509_NAME *name);
-
-DECLARE_ASN1_FUNCTIONS(X509_CINF)
-
-DECLARE_ASN1_FUNCTIONS(X509)
-DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)
-
-DECLARE_ASN1_FUNCTIONS(X509_CERT_PAIR)
-
-int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-                          CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int X509_set_ex_data(X509 *r, int idx, void *arg);
-void *X509_get_ex_data(X509 *r, int idx);
-int i2d_X509_AUX(X509 *a, unsigned char **pp);
-X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length);
-
-int i2d_re_X509_tbs(X509 *x, unsigned char **pp);
-
-void X509_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg,
-                         const X509 *x);
-int X509_get_signature_nid(const X509 *x);
-
-int X509_alias_set1(X509 *x, unsigned char *name, int len);
-int X509_keyid_set1(X509 *x, unsigned char *id, int len);
-unsigned char *X509_alias_get0(X509 *x, int *len);
-unsigned char *X509_keyid_get0(X509 *x, int *len);
-int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *,
-                                                                int);
-int X509_TRUST_set(int *t, int trust);
-int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj);
-int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj);
-void X509_trust_clear(X509 *x);
-void X509_reject_clear(X509 *x);
-
-DECLARE_ASN1_FUNCTIONS(X509_REVOKED)
-DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO)
-DECLARE_ASN1_FUNCTIONS(X509_CRL)
-
-int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
-int X509_CRL_get0_by_serial(X509_CRL *crl,
-                            X509_REVOKED **ret, ASN1_INTEGER *serial);
-int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);
-
-X509_PKEY *X509_PKEY_new(void);
-void X509_PKEY_free(X509_PKEY *a);
-int i2d_X509_PKEY(X509_PKEY *a, unsigned char **pp);
-X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, const unsigned char **pp,
-                         long length);
-
-DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI)
-DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
-DECLARE_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE)
-
-# ifndef OPENSSL_NO_EVP
-X509_INFO *X509_INFO_new(void);
-void X509_INFO_free(X509_INFO *a);
-char *X509_NAME_oneline(X509_NAME *a, char *buf, int size);
-
-int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *algor1,
-                ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey);
-
-int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
-                unsigned char *md, unsigned int *len);
-
-int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1,
-              X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
-              char *data, EVP_PKEY *pkey, const EVP_MD *type);
-
-int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *data,
-                     unsigned char *md, unsigned int *len);
-
-int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *algor1,
-                     ASN1_BIT_STRING *signature, void *data, EVP_PKEY *pkey);
-
-int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1,
-                   X509_ALGOR *algor2, ASN1_BIT_STRING *signature, void *data,
-                   EVP_PKEY *pkey, const EVP_MD *type);
-int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
-                       X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
-                       void *asn, EVP_MD_CTX *ctx);
-# endif
-
-int X509_set_version(X509 *x, long version);
-int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial);
-ASN1_INTEGER *X509_get_serialNumber(X509 *x);
-int X509_set_issuer_name(X509 *x, X509_NAME *name);
-X509_NAME *X509_get_issuer_name(X509 *a);
-int X509_set_subject_name(X509 *x, X509_NAME *name);
-X509_NAME *X509_get_subject_name(X509 *a);
-int X509_set_notBefore(X509 *x, const ASN1_TIME *tm);
-int X509_set_notAfter(X509 *x, const ASN1_TIME *tm);
-int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
-EVP_PKEY *X509_get_pubkey(X509 *x);
-ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x);
-int X509_certificate_type(X509 *x, EVP_PKEY *pubkey /* optional */ );
-
-int X509_REQ_set_version(X509_REQ *x, long version);
-int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name);
-int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
-EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
-int X509_REQ_extension_nid(int nid);
-int *X509_REQ_get_extension_nids(void);
-void X509_REQ_set_extension_nids(int *nids);
-STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
-int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
-                                int nid);
-int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts);
-int X509_REQ_get_attr_count(const X509_REQ *req);
-int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, int lastpos);
-int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj,
-                             int lastpos);
-X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc);
-X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc);
-int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr);
-int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
-                              const ASN1_OBJECT *obj, int type,
-                              const unsigned char *bytes, int len);
-int X509_REQ_add1_attr_by_NID(X509_REQ *req,
-                              int nid, int type,
-                              const unsigned char *bytes, int len);
-int X509_REQ_add1_attr_by_txt(X509_REQ *req,
-                              const char *attrname, int type,
-                              const unsigned char *bytes, int len);
-
-int X509_CRL_set_version(X509_CRL *x, long version);
-int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);
-int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
-int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);
-int X509_CRL_sort(X509_CRL *crl);
-
-int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial);
-int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
-
-X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
-                        EVP_PKEY *skey, const EVP_MD *md, unsigned int flags);
-
-int X509_REQ_check_private_key(X509_REQ *x509, EVP_PKEY *pkey);
-
-int X509_check_private_key(X509 *x509, EVP_PKEY *pkey);
-int X509_chain_check_suiteb(int *perror_depth,
-                            X509 *x, STACK_OF(X509) *chain,
-                            unsigned long flags);
-int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk, unsigned long flags);
-STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain);
-
-int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b);
-unsigned long X509_issuer_and_serial_hash(X509 *a);
-
-int X509_issuer_name_cmp(const X509 *a, const X509 *b);
-unsigned long X509_issuer_name_hash(X509 *a);
-
-int X509_subject_name_cmp(const X509 *a, const X509 *b);
-unsigned long X509_subject_name_hash(X509 *x);
-
-# ifndef OPENSSL_NO_MD5
-unsigned long X509_issuer_name_hash_old(X509 *a);
-unsigned long X509_subject_name_hash_old(X509 *x);
-# endif
-
-int X509_cmp(const X509 *a, const X509 *b);
-int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b);
-unsigned long X509_NAME_hash(X509_NAME *x);
-unsigned long X509_NAME_hash_old(X509_NAME *x);
-
-int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
-int X509_CRL_match(const X509_CRL *a, const X509_CRL *b);
-# ifndef OPENSSL_NO_FP_API
-int X509_print_ex_fp(FILE *bp, X509 *x, unsigned long nmflag,
-                     unsigned long cflag);
-int X509_print_fp(FILE *bp, X509 *x);
-int X509_CRL_print_fp(FILE *bp, X509_CRL *x);
-int X509_REQ_print_fp(FILE *bp, X509_REQ *req);
-int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent,
-                          unsigned long flags);
-# endif
-
-# ifndef OPENSSL_NO_BIO
-int X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
-int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent,
-                       unsigned long flags);
-int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflag,
-                  unsigned long cflag);
-int X509_print(BIO *bp, X509 *x);
-int X509_ocspid_print(BIO *bp, X509 *x);
-int X509_CERT_AUX_print(BIO *bp, X509_CERT_AUX *x, int indent);
-int X509_CRL_print(BIO *bp, X509_CRL *x);
-int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag,
-                      unsigned long cflag);
-int X509_REQ_print(BIO *bp, X509_REQ *req);
-# endif
-
-int X509_NAME_entry_count(X509_NAME *name);
-int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len);
-int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
-                              char *buf, int len);
-
-/*
- * NOTE: you should be passsing -1, not 0 as lastpos.  The functions that use
- * lastpos, search after that position on.
- */
-int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos);
-int X509_NAME_get_index_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
-                               int lastpos);
-X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
-X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
-int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne,
-                        int loc, int set);
-int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,
-                               unsigned char *bytes, int len, int loc,
-                               int set);
-int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
-                               unsigned char *bytes, int len, int loc,
-                               int set);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
-                                               const char *field, int type,
-                                               const unsigned char *bytes,
-                                               int len);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
-                                               int type, unsigned char *bytes,
-                                               int len);
-int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
-                               const unsigned char *bytes, int len, int loc,
-                               int set);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
-                                               ASN1_OBJECT *obj, int type,
-                                               const unsigned char *bytes,
-                                               int len);
-int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj);
-int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
-                             const unsigned char *bytes, int len);
-ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
-ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
-
-int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
-int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
-                          int nid, int lastpos);
-int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
-                          ASN1_OBJECT *obj, int lastpos);
-int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
-                               int crit, int lastpos);
-X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
-X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
-STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
-                                         X509_EXTENSION *ex, int loc);
-
-int X509_get_ext_count(X509 *x);
-int X509_get_ext_by_NID(X509 *x, int nid, int lastpos);
-int X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj, int lastpos);
-int X509_get_ext_by_critical(X509 *x, int crit, int lastpos);
-X509_EXTENSION *X509_get_ext(X509 *x, int loc);
-X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
-int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
-void *X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx);
-int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
-                      unsigned long flags);
-
-int X509_CRL_get_ext_count(X509_CRL *x);
-int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos);
-int X509_CRL_get_ext_by_OBJ(X509_CRL *x, ASN1_OBJECT *obj, int lastpos);
-int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos);
-X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc);
-X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
-int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
-void *X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx);
-int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit,
-                          unsigned long flags);
-
-int X509_REVOKED_get_ext_count(X509_REVOKED *x);
-int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos);
-int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x, ASN1_OBJECT *obj,
-                                int lastpos);
-int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos);
-X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc);
-X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
-int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);
-void *X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx);
-int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit,
-                              unsigned long flags);
-
-X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
-                                             int nid, int crit,
-                                             ASN1_OCTET_STRING *data);
-X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
-                                             ASN1_OBJECT *obj, int crit,
-                                             ASN1_OCTET_STRING *data);
-int X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj);
-int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
-int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data);
-ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
-ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
-int X509_EXTENSION_get_critical(X509_EXTENSION *ex);
-
-int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
-int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
-                           int lastpos);
-int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
-                           ASN1_OBJECT *obj, int lastpos);
-X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc);
-X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
-                                           X509_ATTRIBUTE *attr);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE)
-                                                  **x, const ASN1_OBJECT *obj,
-                                                  int type,
-                                                  const unsigned char *bytes,
-                                                  int len);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE)
-                                                  **x, int nid, int type,
-                                                  const unsigned char *bytes,
-                                                  int len);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE)
-                                                  **x, const char *attrname,
-                                                  int type,
-                                                  const unsigned char *bytes,
-                                                  int len);
-void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, ASN1_OBJECT *obj,
-                              int lastpos, int type);
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
-                                             int atrtype, const void *data,
-                                             int len);
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
-                                             const ASN1_OBJECT *obj,
-                                             int atrtype, const void *data,
-                                             int len);
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
-                                             const char *atrname, int type,
-                                             const unsigned char *bytes,
-                                             int len);
-int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj);
-int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype,
-                             const void *data, int len);
-void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, int atrtype,
-                               void *data);
-int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr);
-ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr);
-ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx);
-
-int EVP_PKEY_get_attr_count(const EVP_PKEY *key);
-int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, int lastpos);
-int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj,
-                             int lastpos);
-X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc);
-X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc);
-int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr);
-int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key,
-                              const ASN1_OBJECT *obj, int type,
-                              const unsigned char *bytes, int len);
-int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key,
-                              int nid, int type,
-                              const unsigned char *bytes, int len);
-int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key,
-                              const char *attrname, int type,
-                              const unsigned char *bytes, int len);
-
-int X509_verify_cert(X509_STORE_CTX *ctx);
-
-/* lookup a cert from a X509 STACK */
-X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name,
-                                     ASN1_INTEGER *serial);
-X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name);
-
-DECLARE_ASN1_FUNCTIONS(PBEPARAM)
-DECLARE_ASN1_FUNCTIONS(PBE2PARAM)
-DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM)
-
-int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
-                         const unsigned char *salt, int saltlen);
-
-X509_ALGOR *PKCS5_pbe_set(int alg, int iter,
-                          const unsigned char *salt, int saltlen);
-X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
-                           unsigned char *salt, int saltlen);
-X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
-                              unsigned char *salt, int saltlen,
-                              unsigned char *aiv, int prf_nid);
-
-X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
-                             int prf_nid, int keylen);
-
-/* PKCS#8 utilities */
-
-DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
-
-EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8);
-PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey);
-PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken);
-PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken);
-
-int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
-                    int version, int ptype, void *pval,
-                    unsigned char *penc, int penclen);
-int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg,
-                    const unsigned char **pk, int *ppklen,
-                    X509_ALGOR **pa, PKCS8_PRIV_KEY_INFO *p8);
-
-int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
-                           int ptype, void *pval,
-                           unsigned char *penc, int penclen);
-int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
-                           const unsigned char **pk, int *ppklen,
-                           X509_ALGOR **pa, X509_PUBKEY *pub);
-
-int X509_check_trust(X509 *x, int id, int flags);
-int X509_TRUST_get_count(void);
-X509_TRUST *X509_TRUST_get0(int idx);
-int X509_TRUST_get_by_id(int id);
-int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int),
-                   char *name, int arg1, void *arg2);
-void X509_TRUST_cleanup(void);
-int X509_TRUST_get_flags(X509_TRUST *xp);
-char *X509_TRUST_get0_name(X509_TRUST *xp);
-int X509_TRUST_get_trust(X509_TRUST *xp);
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-void ERR_load_X509_strings(void);
-
-/* Error codes for the X509 functions. */
-
-/* Function codes. */
-# define X509_F_ADD_CERT_DIR                              100
-# define X509_F_BY_FILE_CTRL                              101
-# define X509_F_CHECK_NAME_CONSTRAINTS                    106
-# define X509_F_CHECK_POLICY                              145
-# define X509_F_DIR_CTRL                                  102
-# define X509_F_GET_CERT_BY_SUBJECT                       103
-# define X509_F_NETSCAPE_SPKI_B64_DECODE                  129
-# define X509_F_NETSCAPE_SPKI_B64_ENCODE                  130
-# define X509_F_X509AT_ADD1_ATTR                          135
-# define X509_F_X509V3_ADD_EXT                            104
-# define X509_F_X509_ATTRIBUTE_CREATE_BY_NID              136
-# define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ              137
-# define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT              140
-# define X509_F_X509_ATTRIBUTE_GET0_DATA                  139
-# define X509_F_X509_ATTRIBUTE_SET1_DATA                  138
-# define X509_F_X509_CHECK_PRIVATE_KEY                    128
-# define X509_F_X509_CRL_DIFF                             105
-# define X509_F_X509_CRL_PRINT_FP                         147
-# define X509_F_X509_EXTENSION_CREATE_BY_NID              108
-# define X509_F_X509_EXTENSION_CREATE_BY_OBJ              109
-# define X509_F_X509_GET_PUBKEY_PARAMETERS                110
-# define X509_F_X509_LOAD_CERT_CRL_FILE                   132
-# define X509_F_X509_LOAD_CERT_FILE                       111
-# define X509_F_X509_LOAD_CRL_FILE                        112
-# define X509_F_X509_NAME_ADD_ENTRY                       113
-# define X509_F_X509_NAME_ENTRY_CREATE_BY_NID             114
-# define X509_F_X509_NAME_ENTRY_CREATE_BY_TXT             131
-# define X509_F_X509_NAME_ENTRY_SET_OBJECT                115
-# define X509_F_X509_NAME_ONELINE                         116
-# define X509_F_X509_NAME_PRINT                           117
-# define X509_F_X509_PRINT_EX_FP                          118
-# define X509_F_X509_PUBKEY_GET                           119
-# define X509_F_X509_PUBKEY_SET                           120
-# define X509_F_X509_REQ_CHECK_PRIVATE_KEY                144
-# define X509_F_X509_REQ_PRINT_EX                         121
-# define X509_F_X509_REQ_PRINT_FP                         122
-# define X509_F_X509_REQ_TO_X509                          123
-# define X509_F_X509_STORE_ADD_CERT                       124
-# define X509_F_X509_STORE_ADD_CRL                        125
-# define X509_F_X509_STORE_CTX_GET1_ISSUER                146
-# define X509_F_X509_STORE_CTX_INIT                       143
-# define X509_F_X509_STORE_CTX_NEW                        142
-# define X509_F_X509_STORE_CTX_PURPOSE_INHERIT            134
-# define X509_F_X509_TO_X509_REQ                          126
-# define X509_F_X509_TRUST_ADD                            133
-# define X509_F_X509_TRUST_SET                            141
-# define X509_F_X509_VERIFY_CERT                          127
-
-/* Reason codes. */
-# define X509_R_AKID_MISMATCH                             110
-# define X509_R_BAD_X509_FILETYPE                         100
-# define X509_R_BASE64_DECODE_ERROR                       118
-# define X509_R_CANT_CHECK_DH_KEY                         114
-# define X509_R_CERT_ALREADY_IN_HASH_TABLE                101
-# define X509_R_CRL_ALREADY_DELTA                         127
-# define X509_R_CRL_VERIFY_FAILURE                        131
-# define X509_R_ERR_ASN1_LIB                              102
-# define X509_R_IDP_MISMATCH                              128
-# define X509_R_INVALID_DIRECTORY                         113
-# define X509_R_INVALID_FIELD_NAME                        119
-# define X509_R_INVALID_TRUST                             123
-# define X509_R_ISSUER_MISMATCH                           129
-# define X509_R_KEY_TYPE_MISMATCH                         115
-# define X509_R_KEY_VALUES_MISMATCH                       116
-# define X509_R_LOADING_CERT_DIR                          103
-# define X509_R_LOADING_DEFAULTS                          104
-# define X509_R_METHOD_NOT_SUPPORTED                      124
-# define X509_R_NAME_TOO_LONG                             134
-# define X509_R_NEWER_CRL_NOT_NEWER                       132
-# define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY              105
-# define X509_R_NO_CRL_NUMBER                             130
-# define X509_R_PUBLIC_KEY_DECODE_ERROR                   125
-# define X509_R_PUBLIC_KEY_ENCODE_ERROR                   126
-# define X509_R_SHOULD_RETRY                              106
-# define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN        107
-# define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY            108
-# define X509_R_UNKNOWN_KEY_TYPE                          117
-# define X509_R_UNKNOWN_NID                               109
-# define X509_R_UNKNOWN_PURPOSE_ID                        121
-# define X509_R_UNKNOWN_TRUST_ID                          120
-# define X509_R_UNSUPPORTED_ALGORITHM                     111
-# define X509_R_WRONG_LOOKUP_TYPE                         112
-# define X509_R_WRONG_TYPE                                122
-
-# ifdef  __cplusplus
-}
-# endif
-#endif
diff --git a/thirdparty/openssl/openssl/x509_vfy.h b/thirdparty/openssl/openssl/x509_vfy.h
deleted file mode 100644
index 50626826e0..0000000000
--- a/thirdparty/openssl/openssl/x509_vfy.h
+++ /dev/null
@@ -1,652 +0,0 @@
-/* crypto/x509/x509_vfy.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_X509_H
-# include <openssl/x509.h>
-/*
- * openssl/x509.h ends up #include-ing this file at about the only
- * appropriate moment.
- */
-#endif
-
-#ifndef HEADER_X509_VFY_H
-# define HEADER_X509_VFY_H
-
-# include <openssl/opensslconf.h>
-# ifndef OPENSSL_NO_LHASH
-#  include <openssl/lhash.h>
-# endif
-# include <openssl/bio.h>
-# include <openssl/crypto.h>
-# include <openssl/symhacks.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-# if 0
-/* Outer object */
-typedef struct x509_hash_dir_st {
-    int num_dirs;
-    char **dirs;
-    int *dirs_type;
-    int num_dirs_alloced;
-} X509_HASH_DIR_CTX;
-# endif
-
-typedef struct x509_file_st {
-    int num_paths;              /* number of paths to files or directories */
-    int num_alloced;
-    char **paths;               /* the list of paths or directories */
-    int *path_type;
-} X509_CERT_FILE_CTX;
-
-/*******************************/
-/*-
-SSL_CTX -> X509_STORE
-                -> X509_LOOKUP
-                        ->X509_LOOKUP_METHOD
-                -> X509_LOOKUP
-                        ->X509_LOOKUP_METHOD
-
-SSL     -> X509_STORE_CTX
-                ->X509_STORE
-
-The X509_STORE holds the tables etc for verification stuff.
-A X509_STORE_CTX is used while validating a single certificate.
-The X509_STORE has X509_LOOKUPs for looking up certs.
-The X509_STORE then calls a function to actually verify the
-certificate chain.
-*/
-
-# define X509_LU_RETRY           -1
-# define X509_LU_FAIL            0
-# define X509_LU_X509            1
-# define X509_LU_CRL             2
-# define X509_LU_PKEY            3
-
-typedef struct x509_object_st {
-    /* one of the above types */
-    int type;
-    union {
-        char *ptr;
-        X509 *x509;
-        X509_CRL *crl;
-        EVP_PKEY *pkey;
-    } data;
-} X509_OBJECT;
-
-typedef struct x509_lookup_st X509_LOOKUP;
-
-DECLARE_STACK_OF(X509_LOOKUP)
-DECLARE_STACK_OF(X509_OBJECT)
-
-/* This is a static that defines the function interface */
-typedef struct x509_lookup_method_st {
-    const char *name;
-    int (*new_item) (X509_LOOKUP *ctx);
-    void (*free) (X509_LOOKUP *ctx);
-    int (*init) (X509_LOOKUP *ctx);
-    int (*shutdown) (X509_LOOKUP *ctx);
-    int (*ctrl) (X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
-                 char **ret);
-    int (*get_by_subject) (X509_LOOKUP *ctx, int type, X509_NAME *name,
-                           X509_OBJECT *ret);
-    int (*get_by_issuer_serial) (X509_LOOKUP *ctx, int type, X509_NAME *name,
-                                 ASN1_INTEGER *serial, X509_OBJECT *ret);
-    int (*get_by_fingerprint) (X509_LOOKUP *ctx, int type,
-                               unsigned char *bytes, int len,
-                               X509_OBJECT *ret);
-    int (*get_by_alias) (X509_LOOKUP *ctx, int type, char *str, int len,
-                         X509_OBJECT *ret);
-} X509_LOOKUP_METHOD;
-
-typedef struct X509_VERIFY_PARAM_ID_st X509_VERIFY_PARAM_ID;
-
-/*
- * This structure hold all parameters associated with a verify operation by
- * including an X509_VERIFY_PARAM structure in related structures the
- * parameters used can be customized
- */
-
-typedef struct X509_VERIFY_PARAM_st {
-    char *name;
-    time_t check_time;          /* Time to use */
-    unsigned long inh_flags;    /* Inheritance flags */
-    unsigned long flags;        /* Various verify flags */
-    int purpose;                /* purpose to check untrusted certificates */
-    int trust;                  /* trust setting to check */
-    int depth;                  /* Verify depth */
-    STACK_OF(ASN1_OBJECT) *policies; /* Permissible policies */
-    X509_VERIFY_PARAM_ID *id;   /* opaque ID data */
-} X509_VERIFY_PARAM;
-
-DECLARE_STACK_OF(X509_VERIFY_PARAM)
-
-/*
- * This is used to hold everything.  It is used for all certificate
- * validation.  Once we have a certificate chain, the 'verify' function is
- * then called to actually check the cert chain.
- */
-struct x509_store_st {
-    /* The following is a cache of trusted certs */
-    int cache;                  /* if true, stash any hits */
-    STACK_OF(X509_OBJECT) *objs; /* Cache of all objects */
-    /* These are external lookup methods */
-    STACK_OF(X509_LOOKUP) *get_cert_methods;
-    X509_VERIFY_PARAM *param;
-    /* Callbacks for various operations */
-    /* called to verify a certificate */
-    int (*verify) (X509_STORE_CTX *ctx);
-    /* error callback */
-    int (*verify_cb) (int ok, X509_STORE_CTX *ctx);
-    /* get issuers cert from ctx */
-    int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
-    /* check issued */
-    int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
-    /* Check revocation status of chain */
-    int (*check_revocation) (X509_STORE_CTX *ctx);
-    /* retrieve CRL */
-    int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
-    /* Check CRL validity */
-    int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);
-    /* Check certificate against CRL */
-    int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
-    STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);
-    STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);
-    int (*cleanup) (X509_STORE_CTX *ctx);
-    CRYPTO_EX_DATA ex_data;
-    int references;
-} /* X509_STORE */ ;
-
-int X509_STORE_set_depth(X509_STORE *store, int depth);
-
-# define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func))
-# define X509_STORE_set_verify_func(ctx,func)    ((ctx)->verify=(func))
-
-/* This is the functions plus an instance of the local variables. */
-struct x509_lookup_st {
-    int init;                   /* have we been started */
-    int skip;                   /* don't use us. */
-    X509_LOOKUP_METHOD *method; /* the functions */
-    char *method_data;          /* method data */
-    X509_STORE *store_ctx;      /* who owns us */
-} /* X509_LOOKUP */ ;
-
-/*
- * This is a used when verifying cert chains.  Since the gathering of the
- * cert chain can take some time (and have to be 'retried', this needs to be
- * kept and passed around.
- */
-struct x509_store_ctx_st {      /* X509_STORE_CTX */
-    X509_STORE *ctx;
-    /* used when looking up certs */
-    int current_method;
-    /* The following are set by the caller */
-    /* The cert to check */
-    X509 *cert;
-    /* chain of X509s - untrusted - passed in */
-    STACK_OF(X509) *untrusted;
-    /* set of CRLs passed in */
-    STACK_OF(X509_CRL) *crls;
-    X509_VERIFY_PARAM *param;
-    /* Other info for use with get_issuer() */
-    void *other_ctx;
-    /* Callbacks for various operations */
-    /* called to verify a certificate */
-    int (*verify) (X509_STORE_CTX *ctx);
-    /* error callback */
-    int (*verify_cb) (int ok, X509_STORE_CTX *ctx);
-    /* get issuers cert from ctx */
-    int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
-    /* check issued */
-    int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
-    /* Check revocation status of chain */
-    int (*check_revocation) (X509_STORE_CTX *ctx);
-    /* retrieve CRL */
-    int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
-    /* Check CRL validity */
-    int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);
-    /* Check certificate against CRL */
-    int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
-    int (*check_policy) (X509_STORE_CTX *ctx);
-    STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);
-    STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);
-    int (*cleanup) (X509_STORE_CTX *ctx);
-    /* The following is built up */
-    /* if 0, rebuild chain */
-    int valid;
-    /* index of last untrusted cert */
-    int last_untrusted;
-    /* chain of X509s - built up and trusted */
-    STACK_OF(X509) *chain;
-    /* Valid policy tree */
-    X509_POLICY_TREE *tree;
-    /* Require explicit policy value */
-    int explicit_policy;
-    /* When something goes wrong, this is why */
-    int error_depth;
-    int error;
-    X509 *current_cert;
-    /* cert currently being tested as valid issuer */
-    X509 *current_issuer;
-    /* current CRL */
-    X509_CRL *current_crl;
-    /* score of current CRL */
-    int current_crl_score;
-    /* Reason mask */
-    unsigned int current_reasons;
-    /* For CRL path validation: parent context */
-    X509_STORE_CTX *parent;
-    CRYPTO_EX_DATA ex_data;
-} /* X509_STORE_CTX */ ;
-
-void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
-
-# define X509_STORE_CTX_set_app_data(ctx,data) \
-        X509_STORE_CTX_set_ex_data(ctx,0,data)
-# define X509_STORE_CTX_get_app_data(ctx) \
-        X509_STORE_CTX_get_ex_data(ctx,0)
-
-# define X509_L_FILE_LOAD        1
-# define X509_L_ADD_DIR          2
-
-# define X509_LOOKUP_load_file(x,name,type) \
-                X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL)
-
-# define X509_LOOKUP_add_dir(x,name,type) \
-                X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL)
-
-# define         X509_V_OK                                       0
-# define         X509_V_ERR_UNSPECIFIED                          1
-
-# define         X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT            2
-# define         X509_V_ERR_UNABLE_TO_GET_CRL                    3
-# define         X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE     4
-# define         X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE      5
-# define         X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY   6
-# define         X509_V_ERR_CERT_SIGNATURE_FAILURE               7
-# define         X509_V_ERR_CRL_SIGNATURE_FAILURE                8
-# define         X509_V_ERR_CERT_NOT_YET_VALID                   9
-# define         X509_V_ERR_CERT_HAS_EXPIRED                     10
-# define         X509_V_ERR_CRL_NOT_YET_VALID                    11
-# define         X509_V_ERR_CRL_HAS_EXPIRED                      12
-# define         X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD       13
-# define         X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD        14
-# define         X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD       15
-# define         X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD       16
-# define         X509_V_ERR_OUT_OF_MEM                           17
-# define         X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT          18
-# define         X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN            19
-# define         X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY    20
-# define         X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE      21
-# define         X509_V_ERR_CERT_CHAIN_TOO_LONG                  22
-# define         X509_V_ERR_CERT_REVOKED                         23
-# define         X509_V_ERR_INVALID_CA                           24
-# define         X509_V_ERR_PATH_LENGTH_EXCEEDED                 25
-# define         X509_V_ERR_INVALID_PURPOSE                      26
-# define         X509_V_ERR_CERT_UNTRUSTED                       27
-# define         X509_V_ERR_CERT_REJECTED                        28
-/* These are 'informational' when looking for issuer cert */
-# define         X509_V_ERR_SUBJECT_ISSUER_MISMATCH              29
-# define         X509_V_ERR_AKID_SKID_MISMATCH                   30
-# define         X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH          31
-# define         X509_V_ERR_KEYUSAGE_NO_CERTSIGN                 32
-
-# define         X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER             33
-# define         X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION         34
-# define         X509_V_ERR_KEYUSAGE_NO_CRL_SIGN                 35
-# define         X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION     36
-# define         X509_V_ERR_INVALID_NON_CA                       37
-# define         X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED           38
-# define         X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE        39
-# define         X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED       40
-
-# define         X509_V_ERR_INVALID_EXTENSION                    41
-# define         X509_V_ERR_INVALID_POLICY_EXTENSION             42
-# define         X509_V_ERR_NO_EXPLICIT_POLICY                   43
-# define         X509_V_ERR_DIFFERENT_CRL_SCOPE                  44
-# define         X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE        45
-
-# define         X509_V_ERR_UNNESTED_RESOURCE                    46
-
-# define         X509_V_ERR_PERMITTED_VIOLATION                  47
-# define         X509_V_ERR_EXCLUDED_VIOLATION                   48
-# define         X509_V_ERR_SUBTREE_MINMAX                       49
-# define         X509_V_ERR_APPLICATION_VERIFICATION             50
-# define         X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE          51
-# define         X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX        52
-# define         X509_V_ERR_UNSUPPORTED_NAME_SYNTAX              53
-# define         X509_V_ERR_CRL_PATH_VALIDATION_ERROR            54
-
-/* Suite B mode algorithm violation */
-# define         X509_V_ERR_SUITE_B_INVALID_VERSION              56
-# define         X509_V_ERR_SUITE_B_INVALID_ALGORITHM            57
-# define         X509_V_ERR_SUITE_B_INVALID_CURVE                58
-# define         X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM  59
-# define         X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED              60
-# define         X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 61
-
-/* Host, email and IP check errors */
-# define         X509_V_ERR_HOSTNAME_MISMATCH                    62
-# define         X509_V_ERR_EMAIL_MISMATCH                       63
-# define         X509_V_ERR_IP_ADDRESS_MISMATCH                  64
-
-/* Caller error */
-# define         X509_V_ERR_INVALID_CALL                         65
-/* Issuer lookup error */
-# define         X509_V_ERR_STORE_LOOKUP                         66
-
-# define         X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION         67
-
-/* Certificate verify flags */
-
-/* Send issuer+subject checks to verify_cb */
-# define X509_V_FLAG_CB_ISSUER_CHECK             0x1
-/* Use check time instead of current time */
-# define X509_V_FLAG_USE_CHECK_TIME              0x2
-/* Lookup CRLs */
-# define X509_V_FLAG_CRL_CHECK                   0x4
-/* Lookup CRLs for whole chain */
-# define X509_V_FLAG_CRL_CHECK_ALL               0x8
-/* Ignore unhandled critical extensions */
-# define X509_V_FLAG_IGNORE_CRITICAL             0x10
-/* Disable workarounds for broken certificates */
-# define X509_V_FLAG_X509_STRICT                 0x20
-/* Enable proxy certificate validation */
-# define X509_V_FLAG_ALLOW_PROXY_CERTS           0x40
-/* Enable policy checking */
-# define X509_V_FLAG_POLICY_CHECK                0x80
-/* Policy variable require-explicit-policy */
-# define X509_V_FLAG_EXPLICIT_POLICY             0x100
-/* Policy variable inhibit-any-policy */
-# define X509_V_FLAG_INHIBIT_ANY                 0x200
-/* Policy variable inhibit-policy-mapping */
-# define X509_V_FLAG_INHIBIT_MAP                 0x400
-/* Notify callback that policy is OK */
-# define X509_V_FLAG_NOTIFY_POLICY               0x800
-/* Extended CRL features such as indirect CRLs, alternate CRL signing keys */
-# define X509_V_FLAG_EXTENDED_CRL_SUPPORT        0x1000
-/* Delta CRL support */
-# define X509_V_FLAG_USE_DELTAS                  0x2000
-/* Check selfsigned CA signature */
-# define X509_V_FLAG_CHECK_SS_SIGNATURE          0x4000
-/* Use trusted store first */
-# define X509_V_FLAG_TRUSTED_FIRST               0x8000
-/* Suite B 128 bit only mode: not normally used */
-# define X509_V_FLAG_SUITEB_128_LOS_ONLY         0x10000
-/* Suite B 192 bit only mode */
-# define X509_V_FLAG_SUITEB_192_LOS              0x20000
-/* Suite B 128 bit mode allowing 192 bit algorithms */
-# define X509_V_FLAG_SUITEB_128_LOS              0x30000
-
-/* Allow partial chains if at least one certificate is in trusted store */
-# define X509_V_FLAG_PARTIAL_CHAIN               0x80000
-/*
- * If the initial chain is not trusted, do not attempt to build an alternative
- * chain. Alternate chain checking was introduced in 1.0.2b. Setting this flag
- * will force the behaviour to match that of previous versions.
- */
-# define X509_V_FLAG_NO_ALT_CHAINS               0x100000
-
-# define X509_VP_FLAG_DEFAULT                    0x1
-# define X509_VP_FLAG_OVERWRITE                  0x2
-# define X509_VP_FLAG_RESET_FLAGS                0x4
-# define X509_VP_FLAG_LOCKED                     0x8
-# define X509_VP_FLAG_ONCE                       0x10
-
-/* Internal use: mask of policy related options */
-# define X509_V_FLAG_POLICY_MASK (X509_V_FLAG_POLICY_CHECK \
-                                | X509_V_FLAG_EXPLICIT_POLICY \
-                                | X509_V_FLAG_INHIBIT_ANY \
-                                | X509_V_FLAG_INHIBIT_MAP)
-
-int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
-                               X509_NAME *name);
-X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,
-                                             int type, X509_NAME *name);
-X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
-                                        X509_OBJECT *x);
-void X509_OBJECT_up_ref_count(X509_OBJECT *a);
-void X509_OBJECT_free_contents(X509_OBJECT *a);
-X509_STORE *X509_STORE_new(void);
-void X509_STORE_free(X509_STORE *v);
-
-STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
-STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
-int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
-int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
-int X509_STORE_set_trust(X509_STORE *ctx, int trust);
-int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
-
-void X509_STORE_set_verify_cb(X509_STORE *ctx,
-                              int (*verify_cb) (int, X509_STORE_CTX *));
-
-void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
-                                   STACK_OF(X509_CRL) *(*cb) (X509_STORE_CTX
-                                                              *ctx,
-                                                              X509_NAME *nm));
-
-X509_STORE_CTX *X509_STORE_CTX_new(void);
-
-int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
-
-void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
-int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
-                        X509 *x509, STACK_OF(X509) *chain);
-void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
-void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
-
-X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *ctx);
-
-X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
-
-X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
-X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
-
-int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
-int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
-
-int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
-                              X509_OBJECT *ret);
-
-int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
-                     long argl, char **ret);
-
-# ifndef OPENSSL_NO_STDIO
-int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);
-int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
-int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);
-# endif
-
-X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
-void X509_LOOKUP_free(X509_LOOKUP *ctx);
-int X509_LOOKUP_init(X509_LOOKUP *ctx);
-int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
-                           X509_OBJECT *ret);
-int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
-                                 ASN1_INTEGER *serial, X509_OBJECT *ret);
-int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
-                               unsigned char *bytes, int len,
-                               X509_OBJECT *ret);
-int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, int len,
-                         X509_OBJECT *ret);
-int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
-
-# ifndef OPENSSL_NO_STDIO
-int X509_STORE_load_locations(X509_STORE *ctx,
-                              const char *file, const char *dir);
-int X509_STORE_set_default_paths(X509_STORE *ctx);
-# endif
-
-int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
-                                    CRYPTO_EX_new *new_func,
-                                    CRYPTO_EX_dup *dup_func,
-                                    CRYPTO_EX_free *free_func);
-int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data);
-void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx);
-int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
-void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
-int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
-X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
-X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx);
-X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx);
-X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx);
-STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
-STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
-void X509_STORE_CTX_set_cert(X509_STORE_CTX *c, X509 *x);
-void X509_STORE_CTX_set_chain(X509_STORE_CTX *c, STACK_OF(X509) *sk);
-void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c, STACK_OF(X509_CRL) *sk);
-int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
-int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
-int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
-                                   int purpose, int trust);
-void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags);
-void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags,
-                             time_t t);
-void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
-                                  int (*verify_cb) (int, X509_STORE_CTX *));
-
-X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx);
-int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx);
-
-X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
-void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
-int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
-
-/* X509_VERIFY_PARAM functions */
-
-X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void);
-void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param);
-int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *to,
-                              const X509_VERIFY_PARAM *from);
-int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to,
-                           const X509_VERIFY_PARAM *from);
-int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name);
-int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
-                                unsigned long flags);
-int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
-                                  unsigned long flags);
-unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
-int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
-int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
-void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
-void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
-int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
-                                  ASN1_OBJECT *policy);
-int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
-                                    STACK_OF(ASN1_OBJECT) *policies);
-
-int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
-                                const char *name, size_t namelen);
-int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
-                                const char *name, size_t namelen);
-void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
-                                     unsigned int flags);
-char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *);
-int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
-                                 const char *email, size_t emaillen);
-int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
-                              const unsigned char *ip, size_t iplen);
-int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param,
-                                  const char *ipasc);
-
-int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
-const char *X509_VERIFY_PARAM_get0_name(const X509_VERIFY_PARAM *param);
-
-int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param);
-int X509_VERIFY_PARAM_get_count(void);
-const X509_VERIFY_PARAM *X509_VERIFY_PARAM_get0(int id);
-const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name);
-void X509_VERIFY_PARAM_table_cleanup(void);
-
-int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
-                      STACK_OF(X509) *certs,
-                      STACK_OF(ASN1_OBJECT) *policy_oids, unsigned int flags);
-
-void X509_policy_tree_free(X509_POLICY_TREE *tree);
-
-int X509_policy_tree_level_count(const X509_POLICY_TREE *tree);
-X509_POLICY_LEVEL *X509_policy_tree_get0_level(const X509_POLICY_TREE *tree,
-                                               int i);
-
-STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_policies(const
-                                                           X509_POLICY_TREE
-                                                           *tree);
-
-STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_user_policies(const
-                                                                X509_POLICY_TREE
-                                                                *tree);
-
-int X509_policy_level_node_count(X509_POLICY_LEVEL *level);
-
-X509_POLICY_NODE *X509_policy_level_get0_node(X509_POLICY_LEVEL *level,
-                                              int i);
-
-const ASN1_OBJECT *X509_policy_node_get0_policy(const X509_POLICY_NODE *node);
-
-STACK_OF(POLICYQUALINFO) *X509_policy_node_get0_qualifiers(const
-                                                           X509_POLICY_NODE
-                                                           *node);
-const X509_POLICY_NODE *X509_policy_node_get0_parent(const X509_POLICY_NODE
-                                                     *node);
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/openssl/x509v3.h b/thirdparty/openssl/openssl/x509v3.h
deleted file mode 100644
index f5c61560aa..0000000000
--- a/thirdparty/openssl/openssl/x509v3.h
+++ /dev/null
@@ -1,1055 +0,0 @@
-/* x509v3.h */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef HEADER_X509V3_H
-# define HEADER_X509V3_H
-
-# include <openssl/bio.h>
-# include <openssl/x509.h>
-# include <openssl/conf.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-# ifdef OPENSSL_SYS_WIN32
-/* Under Win32 these are defined in wincrypt.h */
-#  undef X509_NAME
-#  undef X509_CERT_PAIR
-#  undef X509_EXTENSIONS
-# endif
-
-/* Forward reference */
-struct v3_ext_method;
-struct v3_ext_ctx;
-
-/* Useful typedefs */
-
-typedef void *(*X509V3_EXT_NEW)(void);
-typedef void (*X509V3_EXT_FREE) (void *);
-typedef void *(*X509V3_EXT_D2I)(void *, const unsigned char **, long);
-typedef int (*X509V3_EXT_I2D) (void *, unsigned char **);
-typedef STACK_OF(CONF_VALUE) *
-    (*X509V3_EXT_I2V) (const struct v3_ext_method *method, void *ext,
-                       STACK_OF(CONF_VALUE) *extlist);
-typedef void *(*X509V3_EXT_V2I)(const struct v3_ext_method *method,
-                                struct v3_ext_ctx *ctx,
-                                STACK_OF(CONF_VALUE) *values);
-typedef char *(*X509V3_EXT_I2S)(const struct v3_ext_method *method,
-                                void *ext);
-typedef void *(*X509V3_EXT_S2I)(const struct v3_ext_method *method,
-                                struct v3_ext_ctx *ctx, const char *str);
-typedef int (*X509V3_EXT_I2R) (const struct v3_ext_method *method, void *ext,
-                               BIO *out, int indent);
-typedef void *(*X509V3_EXT_R2I)(const struct v3_ext_method *method,
-                                struct v3_ext_ctx *ctx, const char *str);
-
-/* V3 extension structure */
-
-struct v3_ext_method {
-    int ext_nid;
-    int ext_flags;
-/* If this is set the following four fields are ignored */
-    ASN1_ITEM_EXP *it;
-/* Old style ASN1 calls */
-    X509V3_EXT_NEW ext_new;
-    X509V3_EXT_FREE ext_free;
-    X509V3_EXT_D2I d2i;
-    X509V3_EXT_I2D i2d;
-/* The following pair is used for string extensions */
-    X509V3_EXT_I2S i2s;
-    X509V3_EXT_S2I s2i;
-/* The following pair is used for multi-valued extensions */
-    X509V3_EXT_I2V i2v;
-    X509V3_EXT_V2I v2i;
-/* The following are used for raw extensions */
-    X509V3_EXT_I2R i2r;
-    X509V3_EXT_R2I r2i;
-    void *usr_data;             /* Any extension specific data */
-};
-
-typedef struct X509V3_CONF_METHOD_st {
-    char *(*get_string) (void *db, char *section, char *value);
-    STACK_OF(CONF_VALUE) *(*get_section) (void *db, char *section);
-    void (*free_string) (void *db, char *string);
-    void (*free_section) (void *db, STACK_OF(CONF_VALUE) *section);
-} X509V3_CONF_METHOD;
-
-/* Context specific info */
-struct v3_ext_ctx {
-# define CTX_TEST 0x1
-    int flags;
-    X509 *issuer_cert;
-    X509 *subject_cert;
-    X509_REQ *subject_req;
-    X509_CRL *crl;
-    X509V3_CONF_METHOD *db_meth;
-    void *db;
-/* Maybe more here */
-};
-
-typedef struct v3_ext_method X509V3_EXT_METHOD;
-
-DECLARE_STACK_OF(X509V3_EXT_METHOD)
-
-/* ext_flags values */
-# define X509V3_EXT_DYNAMIC      0x1
-# define X509V3_EXT_CTX_DEP      0x2
-# define X509V3_EXT_MULTILINE    0x4
-
-typedef BIT_STRING_BITNAME ENUMERATED_NAMES;
-
-typedef struct BASIC_CONSTRAINTS_st {
-    int ca;
-    ASN1_INTEGER *pathlen;
-} BASIC_CONSTRAINTS;
-
-typedef struct PKEY_USAGE_PERIOD_st {
-    ASN1_GENERALIZEDTIME *notBefore;
-    ASN1_GENERALIZEDTIME *notAfter;
-} PKEY_USAGE_PERIOD;
-
-typedef struct otherName_st {
-    ASN1_OBJECT *type_id;
-    ASN1_TYPE *value;
-} OTHERNAME;
-
-typedef struct EDIPartyName_st {
-    ASN1_STRING *nameAssigner;
-    ASN1_STRING *partyName;
-} EDIPARTYNAME;
-
-typedef struct GENERAL_NAME_st {
-# define GEN_OTHERNAME   0
-# define GEN_EMAIL       1
-# define GEN_DNS         2
-# define GEN_X400        3
-# define GEN_DIRNAME     4
-# define GEN_EDIPARTY    5
-# define GEN_URI         6
-# define GEN_IPADD       7
-# define GEN_RID         8
-    int type;
-    union {
-        char *ptr;
-        OTHERNAME *otherName;   /* otherName */
-        ASN1_IA5STRING *rfc822Name;
-        ASN1_IA5STRING *dNSName;
-        ASN1_TYPE *x400Address;
-        X509_NAME *directoryName;
-        EDIPARTYNAME *ediPartyName;
-        ASN1_IA5STRING *uniformResourceIdentifier;
-        ASN1_OCTET_STRING *iPAddress;
-        ASN1_OBJECT *registeredID;
-        /* Old names */
-        ASN1_OCTET_STRING *ip;  /* iPAddress */
-        X509_NAME *dirn;        /* dirn */
-        ASN1_IA5STRING *ia5;    /* rfc822Name, dNSName,
-                                 * uniformResourceIdentifier */
-        ASN1_OBJECT *rid;       /* registeredID */
-        ASN1_TYPE *other;       /* x400Address */
-    } d;
-} GENERAL_NAME;
-
-typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
-
-typedef struct ACCESS_DESCRIPTION_st {
-    ASN1_OBJECT *method;
-    GENERAL_NAME *location;
-} ACCESS_DESCRIPTION;
-
-typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
-
-typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE;
-
-DECLARE_STACK_OF(GENERAL_NAME)
-DECLARE_ASN1_SET_OF(GENERAL_NAME)
-
-DECLARE_STACK_OF(ACCESS_DESCRIPTION)
-DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION)
-
-typedef struct DIST_POINT_NAME_st {
-    int type;
-    union {
-        GENERAL_NAMES *fullname;
-        STACK_OF(X509_NAME_ENTRY) *relativename;
-    } name;
-/* If relativename then this contains the full distribution point name */
-    X509_NAME *dpname;
-} DIST_POINT_NAME;
-/* All existing reasons */
-# define CRLDP_ALL_REASONS       0x807f
-
-# define CRL_REASON_NONE                         -1
-# define CRL_REASON_UNSPECIFIED                  0
-# define CRL_REASON_KEY_COMPROMISE               1
-# define CRL_REASON_CA_COMPROMISE                2
-# define CRL_REASON_AFFILIATION_CHANGED          3
-# define CRL_REASON_SUPERSEDED                   4
-# define CRL_REASON_CESSATION_OF_OPERATION       5
-# define CRL_REASON_CERTIFICATE_HOLD             6
-# define CRL_REASON_REMOVE_FROM_CRL              8
-# define CRL_REASON_PRIVILEGE_WITHDRAWN          9
-# define CRL_REASON_AA_COMPROMISE                10
-
-struct DIST_POINT_st {
-    DIST_POINT_NAME *distpoint;
-    ASN1_BIT_STRING *reasons;
-    GENERAL_NAMES *CRLissuer;
-    int dp_reasons;
-};
-
-typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS;
-
-DECLARE_STACK_OF(DIST_POINT)
-DECLARE_ASN1_SET_OF(DIST_POINT)
-
-struct AUTHORITY_KEYID_st {
-    ASN1_OCTET_STRING *keyid;
-    GENERAL_NAMES *issuer;
-    ASN1_INTEGER *serial;
-};
-
-/* Strong extranet structures */
-
-typedef struct SXNET_ID_st {
-    ASN1_INTEGER *zone;
-    ASN1_OCTET_STRING *user;
-} SXNETID;
-
-DECLARE_STACK_OF(SXNETID)
-DECLARE_ASN1_SET_OF(SXNETID)
-
-typedef struct SXNET_st {
-    ASN1_INTEGER *version;
-    STACK_OF(SXNETID) *ids;
-} SXNET;
-
-typedef struct NOTICEREF_st {
-    ASN1_STRING *organization;
-    STACK_OF(ASN1_INTEGER) *noticenos;
-} NOTICEREF;
-
-typedef struct USERNOTICE_st {
-    NOTICEREF *noticeref;
-    ASN1_STRING *exptext;
-} USERNOTICE;
-
-typedef struct POLICYQUALINFO_st {
-    ASN1_OBJECT *pqualid;
-    union {
-        ASN1_IA5STRING *cpsuri;
-        USERNOTICE *usernotice;
-        ASN1_TYPE *other;
-    } d;
-} POLICYQUALINFO;
-
-DECLARE_STACK_OF(POLICYQUALINFO)
-DECLARE_ASN1_SET_OF(POLICYQUALINFO)
-
-typedef struct POLICYINFO_st {
-    ASN1_OBJECT *policyid;
-    STACK_OF(POLICYQUALINFO) *qualifiers;
-} POLICYINFO;
-
-typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES;
-
-DECLARE_STACK_OF(POLICYINFO)
-DECLARE_ASN1_SET_OF(POLICYINFO)
-
-typedef struct POLICY_MAPPING_st {
-    ASN1_OBJECT *issuerDomainPolicy;
-    ASN1_OBJECT *subjectDomainPolicy;
-} POLICY_MAPPING;
-
-DECLARE_STACK_OF(POLICY_MAPPING)
-
-typedef STACK_OF(POLICY_MAPPING) POLICY_MAPPINGS;
-
-typedef struct GENERAL_SUBTREE_st {
-    GENERAL_NAME *base;
-    ASN1_INTEGER *minimum;
-    ASN1_INTEGER *maximum;
-} GENERAL_SUBTREE;
-
-DECLARE_STACK_OF(GENERAL_SUBTREE)
-
-struct NAME_CONSTRAINTS_st {
-    STACK_OF(GENERAL_SUBTREE) *permittedSubtrees;
-    STACK_OF(GENERAL_SUBTREE) *excludedSubtrees;
-};
-
-typedef struct POLICY_CONSTRAINTS_st {
-    ASN1_INTEGER *requireExplicitPolicy;
-    ASN1_INTEGER *inhibitPolicyMapping;
-} POLICY_CONSTRAINTS;
-
-/* Proxy certificate structures, see RFC 3820 */
-typedef struct PROXY_POLICY_st {
-    ASN1_OBJECT *policyLanguage;
-    ASN1_OCTET_STRING *policy;
-} PROXY_POLICY;
-
-typedef struct PROXY_CERT_INFO_EXTENSION_st {
-    ASN1_INTEGER *pcPathLengthConstraint;
-    PROXY_POLICY *proxyPolicy;
-} PROXY_CERT_INFO_EXTENSION;
-
-DECLARE_ASN1_FUNCTIONS(PROXY_POLICY)
-DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
-
-struct ISSUING_DIST_POINT_st {
-    DIST_POINT_NAME *distpoint;
-    int onlyuser;
-    int onlyCA;
-    ASN1_BIT_STRING *onlysomereasons;
-    int indirectCRL;
-    int onlyattr;
-};
-
-/* Values in idp_flags field */
-/* IDP present */
-# define IDP_PRESENT     0x1
-/* IDP values inconsistent */
-# define IDP_INVALID     0x2
-/* onlyuser true */
-# define IDP_ONLYUSER    0x4
-/* onlyCA true */
-# define IDP_ONLYCA      0x8
-/* onlyattr true */
-# define IDP_ONLYATTR    0x10
-/* indirectCRL true */
-# define IDP_INDIRECT    0x20
-/* onlysomereasons present */
-# define IDP_REASONS     0x40
-
-# define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \
-",name:", val->name, ",value:", val->value);
-
-# define X509V3_set_ctx_test(ctx) \
-                        X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
-# define X509V3_set_ctx_nodb(ctx) (ctx)->db = NULL;
-
-# define EXT_BITSTRING(nid, table) { nid, 0, ASN1_ITEM_ref(ASN1_BIT_STRING), \
-                        0,0,0,0, \
-                        0,0, \
-                        (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \
-                        (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \
-                        NULL, NULL, \
-                        table}
-
-# define EXT_IA5STRING(nid) { nid, 0, ASN1_ITEM_ref(ASN1_IA5STRING), \
-                        0,0,0,0, \
-                        (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \
-                        (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \
-                        0,0,0,0, \
-                        NULL}
-
-# define EXT_END { -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
-
-/* X509_PURPOSE stuff */
-
-# define EXFLAG_BCONS            0x1
-# define EXFLAG_KUSAGE           0x2
-# define EXFLAG_XKUSAGE          0x4
-# define EXFLAG_NSCERT           0x8
-
-# define EXFLAG_CA               0x10
-/* Really self issued not necessarily self signed */
-# define EXFLAG_SI               0x20
-# define EXFLAG_V1               0x40
-# define EXFLAG_INVALID          0x80
-# define EXFLAG_SET              0x100
-# define EXFLAG_CRITICAL         0x200
-# define EXFLAG_PROXY            0x400
-
-# define EXFLAG_INVALID_POLICY   0x800
-# define EXFLAG_FRESHEST         0x1000
-/* Self signed */
-# define EXFLAG_SS               0x2000
-
-# define KU_DIGITAL_SIGNATURE    0x0080
-# define KU_NON_REPUDIATION      0x0040
-# define KU_KEY_ENCIPHERMENT     0x0020
-# define KU_DATA_ENCIPHERMENT    0x0010
-# define KU_KEY_AGREEMENT        0x0008
-# define KU_KEY_CERT_SIGN        0x0004
-# define KU_CRL_SIGN             0x0002
-# define KU_ENCIPHER_ONLY        0x0001
-# define KU_DECIPHER_ONLY        0x8000
-
-# define NS_SSL_CLIENT           0x80
-# define NS_SSL_SERVER           0x40
-# define NS_SMIME                0x20
-# define NS_OBJSIGN              0x10
-# define NS_SSL_CA               0x04
-# define NS_SMIME_CA             0x02
-# define NS_OBJSIGN_CA           0x01
-# define NS_ANY_CA               (NS_SSL_CA|NS_SMIME_CA|NS_OBJSIGN_CA)
-
-# define XKU_SSL_SERVER          0x1
-# define XKU_SSL_CLIENT          0x2
-# define XKU_SMIME               0x4
-# define XKU_CODE_SIGN           0x8
-# define XKU_SGC                 0x10
-# define XKU_OCSP_SIGN           0x20
-# define XKU_TIMESTAMP           0x40
-# define XKU_DVCS                0x80
-# define XKU_ANYEKU              0x100
-
-# define X509_PURPOSE_DYNAMIC    0x1
-# define X509_PURPOSE_DYNAMIC_NAME       0x2
-
-typedef struct x509_purpose_st {
-    int purpose;
-    int trust;                  /* Default trust ID */
-    int flags;
-    int (*check_purpose) (const struct x509_purpose_st *, const X509 *, int);
-    char *name;
-    char *sname;
-    void *usr_data;
-} X509_PURPOSE;
-
-# define X509_PURPOSE_SSL_CLIENT         1
-# define X509_PURPOSE_SSL_SERVER         2
-# define X509_PURPOSE_NS_SSL_SERVER      3
-# define X509_PURPOSE_SMIME_SIGN         4
-# define X509_PURPOSE_SMIME_ENCRYPT      5
-# define X509_PURPOSE_CRL_SIGN           6
-# define X509_PURPOSE_ANY                7
-# define X509_PURPOSE_OCSP_HELPER        8
-# define X509_PURPOSE_TIMESTAMP_SIGN     9
-
-# define X509_PURPOSE_MIN                1
-# define X509_PURPOSE_MAX                9
-
-/* Flags for X509V3_EXT_print() */
-
-# define X509V3_EXT_UNKNOWN_MASK         (0xfL << 16)
-/* Return error for unknown extensions */
-# define X509V3_EXT_DEFAULT              0
-/* Print error for unknown extensions */
-# define X509V3_EXT_ERROR_UNKNOWN        (1L << 16)
-/* ASN1 parse unknown extensions */
-# define X509V3_EXT_PARSE_UNKNOWN        (2L << 16)
-/* BIO_dump unknown extensions */
-# define X509V3_EXT_DUMP_UNKNOWN         (3L << 16)
-
-/* Flags for X509V3_add1_i2d */
-
-# define X509V3_ADD_OP_MASK              0xfL
-# define X509V3_ADD_DEFAULT              0L
-# define X509V3_ADD_APPEND               1L
-# define X509V3_ADD_REPLACE              2L
-# define X509V3_ADD_REPLACE_EXISTING     3L
-# define X509V3_ADD_KEEP_EXISTING        4L
-# define X509V3_ADD_DELETE               5L
-# define X509V3_ADD_SILENT               0x10
-
-DECLARE_STACK_OF(X509_PURPOSE)
-
-DECLARE_ASN1_FUNCTIONS(BASIC_CONSTRAINTS)
-
-DECLARE_ASN1_FUNCTIONS(SXNET)
-DECLARE_ASN1_FUNCTIONS(SXNETID)
-
-int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen);
-int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user,
-                       int userlen);
-int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *izone, char *user,
-                         int userlen);
-
-ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone);
-ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone);
-ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone);
-
-DECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID)
-
-DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD)
-
-DECLARE_ASN1_FUNCTIONS(GENERAL_NAME)
-GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a);
-int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b);
-
-ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
-                                     X509V3_CTX *ctx,
-                                     STACK_OF(CONF_VALUE) *nval);
-STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
-                                          ASN1_BIT_STRING *bits,
-                                          STACK_OF(CONF_VALUE) *extlist);
-
-STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
-                                       GENERAL_NAME *gen,
-                                       STACK_OF(CONF_VALUE) *ret);
-int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen);
-
-DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
-
-STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
-                                        GENERAL_NAMES *gen,
-                                        STACK_OF(CONF_VALUE) *extlist);
-GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method,
-                                 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-
-DECLARE_ASN1_FUNCTIONS(OTHERNAME)
-DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME)
-int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b);
-void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value);
-void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype);
-int GENERAL_NAME_set0_othername(GENERAL_NAME *gen,
-                                ASN1_OBJECT *oid, ASN1_TYPE *value);
-int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen,
-                                ASN1_OBJECT **poid, ASN1_TYPE **pvalue);
-
-char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
-                            ASN1_OCTET_STRING *ia5);
-ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
-                                         X509V3_CTX *ctx, char *str);
-
-DECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
-int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION *a);
-
-DECLARE_ASN1_FUNCTIONS(CERTIFICATEPOLICIES)
-DECLARE_ASN1_FUNCTIONS(POLICYINFO)
-DECLARE_ASN1_FUNCTIONS(POLICYQUALINFO)
-DECLARE_ASN1_FUNCTIONS(USERNOTICE)
-DECLARE_ASN1_FUNCTIONS(NOTICEREF)
-
-DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS)
-DECLARE_ASN1_FUNCTIONS(DIST_POINT)
-DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME)
-DECLARE_ASN1_FUNCTIONS(ISSUING_DIST_POINT)
-
-int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname);
-
-int NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc);
-
-DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
-DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
-
-DECLARE_ASN1_ITEM(POLICY_MAPPING)
-DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_MAPPING)
-DECLARE_ASN1_ITEM(POLICY_MAPPINGS)
-
-DECLARE_ASN1_ITEM(GENERAL_SUBTREE)
-DECLARE_ASN1_ALLOC_FUNCTIONS(GENERAL_SUBTREE)
-
-DECLARE_ASN1_ITEM(NAME_CONSTRAINTS)
-DECLARE_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
-
-DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
-DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS)
-
-GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
-                               const X509V3_EXT_METHOD *method,
-                               X509V3_CTX *ctx, int gen_type, char *value,
-                               int is_nc);
-
-# ifdef HEADER_CONF_H
-GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method,
-                               X509V3_CTX *ctx, CONF_VALUE *cnf);
-GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
-                                  const X509V3_EXT_METHOD *method,
-                                  X509V3_CTX *ctx, CONF_VALUE *cnf,
-                                  int is_nc);
-void X509V3_conf_free(CONF_VALUE *val);
-
-X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid,
-                                     char *value);
-X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name,
-                                 char *value);
-int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section,
-                            STACK_OF(X509_EXTENSION) **sk);
-int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
-                         X509 *cert);
-int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
-                             X509_REQ *req);
-int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
-                             X509_CRL *crl);
-
-X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf,
-                                    X509V3_CTX *ctx, int ext_nid,
-                                    char *value);
-X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-                                char *name, char *value);
-int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-                        char *section, X509 *cert);
-int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-                            char *section, X509_REQ *req);
-int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-                            char *section, X509_CRL *crl);
-
-int X509V3_add_value_bool_nf(char *name, int asn1_bool,
-                             STACK_OF(CONF_VALUE) **extlist);
-int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
-int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
-void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf);
-void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash);
-# endif
-
-char *X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
-STACK_OF(CONF_VALUE) *X509V3_get_section(X509V3_CTX *ctx, char *section);
-void X509V3_string_free(X509V3_CTX *ctx, char *str);
-void X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
-void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
-                    X509_REQ *req, X509_CRL *crl, int flags);
-
-int X509V3_add_value(const char *name, const char *value,
-                     STACK_OF(CONF_VALUE) **extlist);
-int X509V3_add_value_uchar(const char *name, const unsigned char *value,
-                           STACK_OF(CONF_VALUE) **extlist);
-int X509V3_add_value_bool(const char *name, int asn1_bool,
-                          STACK_OF(CONF_VALUE) **extlist);
-int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
-                         STACK_OF(CONF_VALUE) **extlist);
-char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint);
-ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value);
-char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
-char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth,
-                                ASN1_ENUMERATED *aint);
-int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
-int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist);
-int X509V3_EXT_add_alias(int nid_to, int nid_from);
-void X509V3_EXT_cleanup(void);
-
-const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext);
-const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
-int X509V3_add_standard_extensions(void);
-STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line);
-void *X509V3_EXT_d2i(X509_EXTENSION *ext);
-void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
-                     int *idx);
-int X509V3_EXT_free(int nid, void *ext_data);
-
-X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
-int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
-                    int crit, unsigned long flags);
-
-char *hex_to_string(const unsigned char *buffer, long len);
-unsigned char *string_to_hex(const char *str, long *len);
-int name_cmp(const char *name, const char *cmp);
-
-void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent,
-                        int ml);
-int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag,
-                     int indent);
-int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
-
-int X509V3_extensions_print(BIO *out, char *title,
-                            STACK_OF(X509_EXTENSION) *exts,
-                            unsigned long flag, int indent);
-
-int X509_check_ca(X509 *x);
-int X509_check_purpose(X509 *x, int id, int ca);
-int X509_supported_extension(X509_EXTENSION *ex);
-int X509_PURPOSE_set(int *p, int purpose);
-int X509_check_issued(X509 *issuer, X509 *subject);
-int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid);
-int X509_PURPOSE_get_count(void);
-X509_PURPOSE *X509_PURPOSE_get0(int idx);
-int X509_PURPOSE_get_by_sname(char *sname);
-int X509_PURPOSE_get_by_id(int id);
-int X509_PURPOSE_add(int id, int trust, int flags,
-                     int (*ck) (const X509_PURPOSE *, const X509 *, int),
-                     char *name, char *sname, void *arg);
-char *X509_PURPOSE_get0_name(X509_PURPOSE *xp);
-char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp);
-int X509_PURPOSE_get_trust(X509_PURPOSE *xp);
-void X509_PURPOSE_cleanup(void);
-int X509_PURPOSE_get_id(X509_PURPOSE *);
-
-STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x);
-STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x);
-void X509_email_free(STACK_OF(OPENSSL_STRING) *sk);
-STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x);
-/* Flags for X509_check_* functions */
-
-/*
- * Always check subject name for host match even if subject alt names present
- */
-# define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT    0x1
-/* Disable wildcard matching for dnsName fields and common name. */
-# define X509_CHECK_FLAG_NO_WILDCARDS    0x2
-/* Wildcards must not match a partial label. */
-# define X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS 0x4
-/* Allow (non-partial) wildcards to match multiple labels. */
-# define X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS 0x8
-/* Constraint verifier subdomain patterns to match a single labels. */
-# define X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS 0x10
-/*
- * Match reference identifiers starting with "." to any sub-domain.
- * This is a non-public flag, turned on implicitly when the subject
- * reference identity is a DNS name.
- */
-# define _X509_CHECK_FLAG_DOT_SUBDOMAINS 0x8000
-
-int X509_check_host(X509 *x, const char *chk, size_t chklen,
-                    unsigned int flags, char **peername);
-int X509_check_email(X509 *x, const char *chk, size_t chklen,
-                     unsigned int flags);
-int X509_check_ip(X509 *x, const unsigned char *chk, size_t chklen,
-                  unsigned int flags);
-int X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags);
-
-ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc);
-ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc);
-int a2i_ipadd(unsigned char *ipout, const char *ipasc);
-int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE) *dn_sk,
-                             unsigned long chtype);
-
-void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent);
-DECLARE_STACK_OF(X509_POLICY_NODE)
-
-# ifndef OPENSSL_NO_RFC3779
-
-typedef struct ASRange_st {
-    ASN1_INTEGER *min, *max;
-} ASRange;
-
-#  define ASIdOrRange_id          0
-#  define ASIdOrRange_range       1
-
-typedef struct ASIdOrRange_st {
-    int type;
-    union {
-        ASN1_INTEGER *id;
-        ASRange *range;
-    } u;
-} ASIdOrRange;
-
-typedef STACK_OF(ASIdOrRange) ASIdOrRanges;
-DECLARE_STACK_OF(ASIdOrRange)
-
-#  define ASIdentifierChoice_inherit              0
-#  define ASIdentifierChoice_asIdsOrRanges        1
-
-typedef struct ASIdentifierChoice_st {
-    int type;
-    union {
-        ASN1_NULL *inherit;
-        ASIdOrRanges *asIdsOrRanges;
-    } u;
-} ASIdentifierChoice;
-
-typedef struct ASIdentifiers_st {
-    ASIdentifierChoice *asnum, *rdi;
-} ASIdentifiers;
-
-DECLARE_ASN1_FUNCTIONS(ASRange)
-DECLARE_ASN1_FUNCTIONS(ASIdOrRange)
-DECLARE_ASN1_FUNCTIONS(ASIdentifierChoice)
-DECLARE_ASN1_FUNCTIONS(ASIdentifiers)
-
-typedef struct IPAddressRange_st {
-    ASN1_BIT_STRING *min, *max;
-} IPAddressRange;
-
-#  define IPAddressOrRange_addressPrefix  0
-#  define IPAddressOrRange_addressRange   1
-
-typedef struct IPAddressOrRange_st {
-    int type;
-    union {
-        ASN1_BIT_STRING *addressPrefix;
-        IPAddressRange *addressRange;
-    } u;
-} IPAddressOrRange;
-
-typedef STACK_OF(IPAddressOrRange) IPAddressOrRanges;
-DECLARE_STACK_OF(IPAddressOrRange)
-
-#  define IPAddressChoice_inherit                 0
-#  define IPAddressChoice_addressesOrRanges       1
-
-typedef struct IPAddressChoice_st {
-    int type;
-    union {
-        ASN1_NULL *inherit;
-        IPAddressOrRanges *addressesOrRanges;
-    } u;
-} IPAddressChoice;
-
-typedef struct IPAddressFamily_st {
-    ASN1_OCTET_STRING *addressFamily;
-    IPAddressChoice *ipAddressChoice;
-} IPAddressFamily;
-
-typedef STACK_OF(IPAddressFamily) IPAddrBlocks;
-DECLARE_STACK_OF(IPAddressFamily)
-
-DECLARE_ASN1_FUNCTIONS(IPAddressRange)
-DECLARE_ASN1_FUNCTIONS(IPAddressOrRange)
-DECLARE_ASN1_FUNCTIONS(IPAddressChoice)
-DECLARE_ASN1_FUNCTIONS(IPAddressFamily)
-
-/*
- * API tag for elements of the ASIdentifer SEQUENCE.
- */
-#  define V3_ASID_ASNUM   0
-#  define V3_ASID_RDI     1
-
-/*
- * AFI values, assigned by IANA.  It'd be nice to make the AFI
- * handling code totally generic, but there are too many little things
- * that would need to be defined for other address families for it to
- * be worth the trouble.
- */
-#  define IANA_AFI_IPV4   1
-#  define IANA_AFI_IPV6   2
-
-/*
- * Utilities to construct and extract values from RFC3779 extensions,
- * since some of the encodings (particularly for IP address prefixes
- * and ranges) are a bit tedious to work with directly.
- */
-int v3_asid_add_inherit(ASIdentifiers *asid, int which);
-int v3_asid_add_id_or_range(ASIdentifiers *asid, int which,
-                            ASN1_INTEGER *min, ASN1_INTEGER *max);
-int v3_addr_add_inherit(IPAddrBlocks *addr,
-                        const unsigned afi, const unsigned *safi);
-int v3_addr_add_prefix(IPAddrBlocks *addr,
-                       const unsigned afi, const unsigned *safi,
-                       unsigned char *a, const int prefixlen);
-int v3_addr_add_range(IPAddrBlocks *addr,
-                      const unsigned afi, const unsigned *safi,
-                      unsigned char *min, unsigned char *max);
-unsigned v3_addr_get_afi(const IPAddressFamily *f);
-int v3_addr_get_range(IPAddressOrRange *aor, const unsigned afi,
-                      unsigned char *min, unsigned char *max,
-                      const int length);
-
-/*
- * Canonical forms.
- */
-int v3_asid_is_canonical(ASIdentifiers *asid);
-int v3_addr_is_canonical(IPAddrBlocks *addr);
-int v3_asid_canonize(ASIdentifiers *asid);
-int v3_addr_canonize(IPAddrBlocks *addr);
-
-/*
- * Tests for inheritance and containment.
- */
-int v3_asid_inherits(ASIdentifiers *asid);
-int v3_addr_inherits(IPAddrBlocks *addr);
-int v3_asid_subset(ASIdentifiers *a, ASIdentifiers *b);
-int v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b);
-
-/*
- * Check whether RFC 3779 extensions nest properly in chains.
- */
-int v3_asid_validate_path(X509_STORE_CTX *);
-int v3_addr_validate_path(X509_STORE_CTX *);
-int v3_asid_validate_resource_set(STACK_OF(X509) *chain,
-                                  ASIdentifiers *ext, int allow_inheritance);
-int v3_addr_validate_resource_set(STACK_OF(X509) *chain,
-                                  IPAddrBlocks *ext, int allow_inheritance);
-
-# endif                         /* OPENSSL_NO_RFC3779 */
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_X509V3_strings(void);
-
-/* Error codes for the X509V3 functions. */
-
-/* Function codes. */
-# define X509V3_F_A2I_GENERAL_NAME                        164
-# define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE             161
-# define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL         162
-# define X509V3_F_COPY_EMAIL                              122
-# define X509V3_F_COPY_ISSUER                             123
-# define X509V3_F_DO_DIRNAME                              144
-# define X509V3_F_DO_EXT_CONF                             124
-# define X509V3_F_DO_EXT_I2D                              135
-# define X509V3_F_DO_EXT_NCONF                            151
-# define X509V3_F_DO_I2V_NAME_CONSTRAINTS                 148
-# define X509V3_F_GNAMES_FROM_SECTNAME                    156
-# define X509V3_F_HEX_TO_STRING                           111
-# define X509V3_F_I2S_ASN1_ENUMERATED                     121
-# define X509V3_F_I2S_ASN1_IA5STRING                      149
-# define X509V3_F_I2S_ASN1_INTEGER                        120
-# define X509V3_F_I2V_AUTHORITY_INFO_ACCESS               138
-# define X509V3_F_NOTICE_SECTION                          132
-# define X509V3_F_NREF_NOS                                133
-# define X509V3_F_POLICY_SECTION                          131
-# define X509V3_F_PROCESS_PCI_VALUE                       150
-# define X509V3_F_R2I_CERTPOL                             130
-# define X509V3_F_R2I_PCI                                 155
-# define X509V3_F_S2I_ASN1_IA5STRING                      100
-# define X509V3_F_S2I_ASN1_INTEGER                        108
-# define X509V3_F_S2I_ASN1_OCTET_STRING                   112
-# define X509V3_F_S2I_ASN1_SKEY_ID                        114
-# define X509V3_F_S2I_SKEY_ID                             115
-# define X509V3_F_SET_DIST_POINT_NAME                     158
-# define X509V3_F_STRING_TO_HEX                           113
-# define X509V3_F_SXNET_ADD_ID_ASC                        125
-# define X509V3_F_SXNET_ADD_ID_INTEGER                    126
-# define X509V3_F_SXNET_ADD_ID_ULONG                      127
-# define X509V3_F_SXNET_GET_ID_ASC                        128
-# define X509V3_F_SXNET_GET_ID_ULONG                      129
-# define X509V3_F_V2I_ASIDENTIFIERS                       163
-# define X509V3_F_V2I_ASN1_BIT_STRING                     101
-# define X509V3_F_V2I_AUTHORITY_INFO_ACCESS               139
-# define X509V3_F_V2I_AUTHORITY_KEYID                     119
-# define X509V3_F_V2I_BASIC_CONSTRAINTS                   102
-# define X509V3_F_V2I_CRLD                                134
-# define X509V3_F_V2I_EXTENDED_KEY_USAGE                  103
-# define X509V3_F_V2I_GENERAL_NAMES                       118
-# define X509V3_F_V2I_GENERAL_NAME_EX                     117
-# define X509V3_F_V2I_IDP                                 157
-# define X509V3_F_V2I_IPADDRBLOCKS                        159
-# define X509V3_F_V2I_ISSUER_ALT                          153
-# define X509V3_F_V2I_NAME_CONSTRAINTS                    147
-# define X509V3_F_V2I_POLICY_CONSTRAINTS                  146
-# define X509V3_F_V2I_POLICY_MAPPINGS                     145
-# define X509V3_F_V2I_SUBJECT_ALT                         154
-# define X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL          160
-# define X509V3_F_V3_GENERIC_EXTENSION                    116
-# define X509V3_F_X509V3_ADD1_I2D                         140
-# define X509V3_F_X509V3_ADD_VALUE                        105
-# define X509V3_F_X509V3_EXT_ADD                          104
-# define X509V3_F_X509V3_EXT_ADD_ALIAS                    106
-# define X509V3_F_X509V3_EXT_CONF                         107
-# define X509V3_F_X509V3_EXT_FREE                         165
-# define X509V3_F_X509V3_EXT_I2D                          136
-# define X509V3_F_X509V3_EXT_NCONF                        152
-# define X509V3_F_X509V3_GET_SECTION                      142
-# define X509V3_F_X509V3_GET_STRING                       143
-# define X509V3_F_X509V3_GET_VALUE_BOOL                   110
-# define X509V3_F_X509V3_PARSE_LIST                       109
-# define X509V3_F_X509_PURPOSE_ADD                        137
-# define X509V3_F_X509_PURPOSE_SET                        141
-
-/* Reason codes. */
-# define X509V3_R_BAD_IP_ADDRESS                          118
-# define X509V3_R_BAD_OBJECT                              119
-# define X509V3_R_BN_DEC2BN_ERROR                         100
-# define X509V3_R_BN_TO_ASN1_INTEGER_ERROR                101
-# define X509V3_R_CANNOT_FIND_FREE_FUNCTION               168
-# define X509V3_R_DIRNAME_ERROR                           149
-# define X509V3_R_DISTPOINT_ALREADY_SET                   160
-# define X509V3_R_DUPLICATE_ZONE_ID                       133
-# define X509V3_R_ERROR_CONVERTING_ZONE                   131
-# define X509V3_R_ERROR_CREATING_EXTENSION                144
-# define X509V3_R_ERROR_IN_EXTENSION                      128
-# define X509V3_R_EXPECTED_A_SECTION_NAME                 137
-# define X509V3_R_EXTENSION_EXISTS                        145
-# define X509V3_R_EXTENSION_NAME_ERROR                    115
-# define X509V3_R_EXTENSION_NOT_FOUND                     102
-# define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED         103
-# define X509V3_R_EXTENSION_VALUE_ERROR                   116
-# define X509V3_R_ILLEGAL_EMPTY_EXTENSION                 151
-# define X509V3_R_ILLEGAL_HEX_DIGIT                       113
-# define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG             152
-# define X509V3_R_INVALID_ASNUMBER                        162
-# define X509V3_R_INVALID_ASRANGE                         163
-# define X509V3_R_INVALID_BOOLEAN_STRING                  104
-# define X509V3_R_INVALID_EXTENSION_STRING                105
-# define X509V3_R_INVALID_INHERITANCE                     165
-# define X509V3_R_INVALID_IPADDRESS                       166
-# define X509V3_R_INVALID_MULTIPLE_RDNS                   161
-# define X509V3_R_INVALID_NAME                            106
-# define X509V3_R_INVALID_NULL_ARGUMENT                   107
-# define X509V3_R_INVALID_NULL_NAME                       108
-# define X509V3_R_INVALID_NULL_VALUE                      109
-# define X509V3_R_INVALID_NUMBER                          140
-# define X509V3_R_INVALID_NUMBERS                         141
-# define X509V3_R_INVALID_OBJECT_IDENTIFIER               110
-# define X509V3_R_INVALID_OPTION                          138
-# define X509V3_R_INVALID_POLICY_IDENTIFIER               134
-# define X509V3_R_INVALID_PROXY_POLICY_SETTING            153
-# define X509V3_R_INVALID_PURPOSE                         146
-# define X509V3_R_INVALID_SAFI                            164
-# define X509V3_R_INVALID_SECTION                         135
-# define X509V3_R_INVALID_SYNTAX                          143
-# define X509V3_R_ISSUER_DECODE_ERROR                     126
-# define X509V3_R_MISSING_VALUE                           124
-# define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS           142
-# define X509V3_R_NO_CONFIG_DATABASE                      136
-# define X509V3_R_NO_ISSUER_CERTIFICATE                   121
-# define X509V3_R_NO_ISSUER_DETAILS                       127
-# define X509V3_R_NO_POLICY_IDENTIFIER                    139
-# define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED   154
-# define X509V3_R_NO_PUBLIC_KEY                           114
-# define X509V3_R_NO_SUBJECT_DETAILS                      125
-# define X509V3_R_ODD_NUMBER_OF_DIGITS                    112
-# define X509V3_R_OPERATION_NOT_DEFINED                   148
-# define X509V3_R_OTHERNAME_ERROR                         147
-# define X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED         155
-# define X509V3_R_POLICY_PATH_LENGTH                      156
-# define X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED      157
-# define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED   158
-# define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159
-# define X509V3_R_SECTION_NOT_FOUND                       150
-# define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS            122
-# define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID              123
-# define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT             111
-# define X509V3_R_UNKNOWN_EXTENSION                       129
-# define X509V3_R_UNKNOWN_EXTENSION_NAME                  130
-# define X509V3_R_UNKNOWN_OPTION                          120
-# define X509V3_R_UNSUPPORTED_OPTION                      117
-# define X509V3_R_UNSUPPORTED_TYPE                        167
-# define X509V3_R_USER_TOO_LONG                           132
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/thirdparty/openssl/patches/config_windows.patch b/thirdparty/openssl/patches/config_windows.patch
deleted file mode 100644
index e69ff1356a..0000000000
--- a/thirdparty/openssl/patches/config_windows.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-commit 4c8ab8b4415d129d0283d7d0d9a5789163ec8d5e
-Author: Rémi Verschelde <rverschelde@gmail.com>
-Date:   Sat May 27 16:38:46 2017 +0200
-
-    openssl: Define WIN32_LEAN_AND_MEAN on Windows
-    
-    This avoids namespace collisions with things such as X509_NAME.
-    Also force include of necessary definitions in `crypto/o_str.c`
-    which seem missing on MSVC (but work on MinGW).
-
-diff --git a/thirdparty/openssl/crypto/o_str.c b/thirdparty/openssl/crypto/o_str.c
-index 7e61cde85..1854798e2 100644
---- a/thirdparty/openssl/crypto/o_str.c
-+++ b/thirdparty/openssl/crypto/o_str.c
-@@ -59,6 +59,9 @@
- 
- #include <ctype.h>
- #include <e_os.h>
-+// -- GODOT start --
-+#include <openssl/opensslconf.h>
-+// -- GODOT end --
- #include "o_str.h"
- 
- #if !defined(OPENSSL_IMPLEMENTS_strncasecmp) && \
-diff --git a/thirdparty/openssl/openssl/opensslconf.h b/thirdparty/openssl/openssl/opensslconf.h
-index f533508b1..19fad2342 100644
---- a/thirdparty/openssl/openssl/opensslconf.h
-+++ b/thirdparty/openssl/openssl/opensslconf.h
-@@ -7,6 +7,20 @@ extern "C" {
- /* OpenSSL was configured with the following options: */
- #ifndef OPENSSL_DOING_MAKEDEPEND
- 
-+// -- GODOT start --
-+#if defined(OPENSSL_SYS_WINDOWS)
-+# define WIN32_LEAN_AND_MEAN
-+// Seems like we have troubles properly using the logic in e_os2.h
-+# if defined(_WIN32)
-+#  define OPENSSL_SYS_WIN32
-+#  define OPENSSL_SYSNAME_WIN32
-+# endif
-+# if defined(_WIN64)
-+#  define OPENSSL_SYS_WIN64
-+#  define OPENSSL_SYSNAME_WIN64
-+# endif
-+#endif
-+// -- GODOT end --
- 
- #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
- # define OPENSSL_NO_EC_NISTP_64_GCC_128
diff --git a/thirdparty/openssl/patches/uwp_fix.patch b/thirdparty/openssl/patches/uwp_fix.patch
deleted file mode 100644
index 54aeb1f80d..0000000000
--- a/thirdparty/openssl/patches/uwp_fix.patch
+++ /dev/null
@@ -1,64 +0,0 @@
-diff --git a/thirdparty/openssl/crypto/rand/rand_win.c b/thirdparty/openssl/crypto/rand/rand_win.c
-index 06670ae01..cb4093128 100644
---- a/thirdparty/openssl/crypto/rand/rand_win.c
-+++ b/thirdparty/openssl/crypto/rand/rand_win.c
-@@ -118,8 +118,10 @@
- # ifndef _WIN32_WINNT
- #  define _WIN32_WINNT 0x0400
- # endif
-+#ifndef UWP_ENABLED // -- GODOT --
- # include <wincrypt.h>
- # include <tlhelp32.h>
-+#endif // -- GODOT --
- 
- /*
-  * Limit the time spent walking through the heap, processes, threads and
-@@ -161,7 +163,7 @@ typedef struct tagCURSORINFO {
- #  define CURSOR_SHOWING     0x00000001
- # endif                         /* CURSOR_SHOWING */
- 
--# if !defined(OPENSSL_SYS_WINCE)
-+# if !defined(OPENSSL_SYS_WINCE) && !defined(UWP_ENABLED) // -- GODOT --
- typedef BOOL(WINAPI *CRYPTACQUIRECONTEXTW) (HCRYPTPROV *, LPCWSTR, LPCWSTR,
-                                             DWORD, DWORD);
- typedef BOOL(WINAPI *CRYPTGENRANDOM) (HCRYPTPROV, DWORD, BYTE *);
-@@ -196,6 +198,7 @@ typedef NET_API_STATUS(NET_API_FUNCTION *NETFREE) (LPBYTE);
- #  endif                        /* 1 */
- # endif                         /* !OPENSSL_SYS_WINCE */
- 
-+#if !defined(UWP_ENABLED) // -- GODOT --
- int RAND_poll(void)
- {
-     MEMORYSTATUS m;
-@@ -580,6 +583,8 @@ int RAND_poll(void)
-     return (1);
- }
- 
-+#endif // UWP_ENABLED // -- GODOT --
-+
- int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam)
- {
-     double add_entropy = 0;
-@@ -682,7 +687,7 @@ static void readtimer(void)
- 
- static void readscreen(void)
- {
--# if !defined(OPENSSL_SYS_WINCE) && !defined(OPENSSL_SYS_WIN32_CYGWIN)
-+# if !defined(OPENSSL_SYS_WINCE) && !defined(OPENSSL_SYS_WIN32_CYGWIN) && !defined(UWP_ENABLED) // -- GODOT --
-     HDC hScrDC;                 /* screen DC */
-     HBITMAP hBitmap;            /* handle for our bitmap */
-     BITMAP bm;                  /* bitmap properties */
-diff --git a/thirdparty/openssl/openssl/dtls1.h b/thirdparty/openssl/openssl/dtls1.h
-index 30bbcf278..81d28c29c 100644
---- a/thirdparty/openssl/openssl/dtls1.h
-+++ b/thirdparty/openssl/openssl/dtls1.h
-@@ -78,6 +78,9 @@
- #   include <sys/time.h>
- #  endif
- # endif
-+#ifdef UWP_ENABLED // -- GODOT start --
-+#include <winsock2.h>
-+#endif // -- GODOT end --
- 
- #ifdef  __cplusplus
- extern "C" {
diff --git a/thirdparty/openssl/ssl/bio_ssl.c b/thirdparty/openssl/ssl/bio_ssl.c
deleted file mode 100644
index d2d4d2ea2d..0000000000
--- a/thirdparty/openssl/ssl/bio_ssl.c
+++ /dev/null
@@ -1,591 +0,0 @@
-/* ssl/bio_ssl.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include <openssl/crypto.h>
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-
-static int ssl_write(BIO *h, const char *buf, int num);
-static int ssl_read(BIO *h, char *buf, int size);
-static int ssl_puts(BIO *h, const char *str);
-static long ssl_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int ssl_new(BIO *h);
-static int ssl_free(BIO *data);
-static long ssl_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-typedef struct bio_ssl_st {
-    SSL *ssl;                   /* The ssl handle :-) */
-    /* re-negotiate every time the total number of bytes is this size */
-    int num_renegotiates;
-    unsigned long renegotiate_count;
-    unsigned long byte_count;
-    unsigned long renegotiate_timeout;
-    unsigned long last_time;
-} BIO_SSL;
-
-static BIO_METHOD methods_sslp = {
-    BIO_TYPE_SSL, "ssl",
-    ssl_write,
-    ssl_read,
-    ssl_puts,
-    NULL,                       /* ssl_gets, */
-    ssl_ctrl,
-    ssl_new,
-    ssl_free,
-    ssl_callback_ctrl,
-};
-
-BIO_METHOD *BIO_f_ssl(void)
-{
-    return (&methods_sslp);
-}
-
-static int ssl_new(BIO *bi)
-{
-    BIO_SSL *bs;
-
-    bs = (BIO_SSL *)OPENSSL_malloc(sizeof(BIO_SSL));
-    if (bs == NULL) {
-        BIOerr(BIO_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-    memset(bs, 0, sizeof(BIO_SSL));
-    bi->init = 0;
-    bi->ptr = (char *)bs;
-    bi->flags = 0;
-    return (1);
-}
-
-static int ssl_free(BIO *a)
-{
-    BIO_SSL *bs;
-
-    if (a == NULL)
-        return (0);
-    bs = (BIO_SSL *)a->ptr;
-    if (bs->ssl != NULL)
-        SSL_shutdown(bs->ssl);
-    if (a->shutdown) {
-        if (a->init && (bs->ssl != NULL))
-            SSL_free(bs->ssl);
-        a->init = 0;
-        a->flags = 0;
-    }
-    if (a->ptr != NULL)
-        OPENSSL_free(a->ptr);
-    return (1);
-}
-
-static int ssl_read(BIO *b, char *out, int outl)
-{
-    int ret = 1;
-    BIO_SSL *sb;
-    SSL *ssl;
-    int retry_reason = 0;
-    int r = 0;
-
-    if (out == NULL)
-        return (0);
-    sb = (BIO_SSL *)b->ptr;
-    ssl = sb->ssl;
-
-    BIO_clear_retry_flags(b);
-
-#if 0
-    if (!SSL_is_init_finished(ssl)) {
-/*              ret=SSL_do_handshake(ssl); */
-        if (ret > 0) {
-
-            outflags = (BIO_FLAGS_READ | BIO_FLAGS_SHOULD_RETRY);
-            ret = -1;
-            goto end;
-        }
-    }
-#endif
-/*      if (ret > 0) */
-    ret = SSL_read(ssl, out, outl);
-
-    switch (SSL_get_error(ssl, ret)) {
-    case SSL_ERROR_NONE:
-        if (ret <= 0)
-            break;
-        if (sb->renegotiate_count > 0) {
-            sb->byte_count += ret;
-            if (sb->byte_count > sb->renegotiate_count) {
-                sb->byte_count = 0;
-                sb->num_renegotiates++;
-                SSL_renegotiate(ssl);
-                r = 1;
-            }
-        }
-        if ((sb->renegotiate_timeout > 0) && (!r)) {
-            unsigned long tm;
-
-            tm = (unsigned long)time(NULL);
-            if (tm > sb->last_time + sb->renegotiate_timeout) {
-                sb->last_time = tm;
-                sb->num_renegotiates++;
-                SSL_renegotiate(ssl);
-            }
-        }
-
-        break;
-    case SSL_ERROR_WANT_READ:
-        BIO_set_retry_read(b);
-        break;
-    case SSL_ERROR_WANT_WRITE:
-        BIO_set_retry_write(b);
-        break;
-    case SSL_ERROR_WANT_X509_LOOKUP:
-        BIO_set_retry_special(b);
-        retry_reason = BIO_RR_SSL_X509_LOOKUP;
-        break;
-    case SSL_ERROR_WANT_ACCEPT:
-        BIO_set_retry_special(b);
-        retry_reason = BIO_RR_ACCEPT;
-        break;
-    case SSL_ERROR_WANT_CONNECT:
-        BIO_set_retry_special(b);
-        retry_reason = BIO_RR_CONNECT;
-        break;
-    case SSL_ERROR_SYSCALL:
-    case SSL_ERROR_SSL:
-    case SSL_ERROR_ZERO_RETURN:
-    default:
-        break;
-    }
-
-    b->retry_reason = retry_reason;
-    return (ret);
-}
-
-static int ssl_write(BIO *b, const char *out, int outl)
-{
-    int ret, r = 0;
-    int retry_reason = 0;
-    SSL *ssl;
-    BIO_SSL *bs;
-
-    if (out == NULL)
-        return (0);
-    bs = (BIO_SSL *)b->ptr;
-    ssl = bs->ssl;
-
-    BIO_clear_retry_flags(b);
-
-    /*
-     * ret=SSL_do_handshake(ssl); if (ret > 0)
-     */
-    ret = SSL_write(ssl, out, outl);
-
-    switch (SSL_get_error(ssl, ret)) {
-    case SSL_ERROR_NONE:
-        if (ret <= 0)
-            break;
-        if (bs->renegotiate_count > 0) {
-            bs->byte_count += ret;
-            if (bs->byte_count > bs->renegotiate_count) {
-                bs->byte_count = 0;
-                bs->num_renegotiates++;
-                SSL_renegotiate(ssl);
-                r = 1;
-            }
-        }
-        if ((bs->renegotiate_timeout > 0) && (!r)) {
-            unsigned long tm;
-
-            tm = (unsigned long)time(NULL);
-            if (tm > bs->last_time + bs->renegotiate_timeout) {
-                bs->last_time = tm;
-                bs->num_renegotiates++;
-                SSL_renegotiate(ssl);
-            }
-        }
-        break;
-    case SSL_ERROR_WANT_WRITE:
-        BIO_set_retry_write(b);
-        break;
-    case SSL_ERROR_WANT_READ:
-        BIO_set_retry_read(b);
-        break;
-    case SSL_ERROR_WANT_X509_LOOKUP:
-        BIO_set_retry_special(b);
-        retry_reason = BIO_RR_SSL_X509_LOOKUP;
-        break;
-    case SSL_ERROR_WANT_CONNECT:
-        BIO_set_retry_special(b);
-        retry_reason = BIO_RR_CONNECT;
-    case SSL_ERROR_SYSCALL:
-    case SSL_ERROR_SSL:
-    default:
-        break;
-    }
-
-    b->retry_reason = retry_reason;
-    return (ret);
-}
-
-static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-    SSL **sslp, *ssl;
-    BIO_SSL *bs;
-    BIO *dbio, *bio;
-    long ret = 1;
-
-    bs = (BIO_SSL *)b->ptr;
-    ssl = bs->ssl;
-    if ((ssl == NULL) && (cmd != BIO_C_SET_SSL))
-        return (0);
-    switch (cmd) {
-    case BIO_CTRL_RESET:
-        SSL_shutdown(ssl);
-
-        if (ssl->handshake_func == ssl->method->ssl_connect)
-            SSL_set_connect_state(ssl);
-        else if (ssl->handshake_func == ssl->method->ssl_accept)
-            SSL_set_accept_state(ssl);
-
-        SSL_clear(ssl);
-
-        if (b->next_bio != NULL)
-            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-        else if (ssl->rbio != NULL)
-            ret = BIO_ctrl(ssl->rbio, cmd, num, ptr);
-        else
-            ret = 1;
-        break;
-    case BIO_CTRL_INFO:
-        ret = 0;
-        break;
-    case BIO_C_SSL_MODE:
-        if (num)                /* client mode */
-            SSL_set_connect_state(ssl);
-        else
-            SSL_set_accept_state(ssl);
-        break;
-    case BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT:
-        ret = bs->renegotiate_timeout;
-        if (num < 60)
-            num = 5;
-        bs->renegotiate_timeout = (unsigned long)num;
-        bs->last_time = (unsigned long)time(NULL);
-        break;
-    case BIO_C_SET_SSL_RENEGOTIATE_BYTES:
-        ret = bs->renegotiate_count;
-        if ((long)num >= 512)
-            bs->renegotiate_count = (unsigned long)num;
-        break;
-    case BIO_C_GET_SSL_NUM_RENEGOTIATES:
-        ret = bs->num_renegotiates;
-        break;
-    case BIO_C_SET_SSL:
-        if (ssl != NULL) {
-            ssl_free(b);
-            if (!ssl_new(b))
-                return 0;
-        }
-        b->shutdown = (int)num;
-        ssl = (SSL *)ptr;
-        ((BIO_SSL *)b->ptr)->ssl = ssl;
-        bio = SSL_get_rbio(ssl);
-        if (bio != NULL) {
-            if (b->next_bio != NULL)
-                BIO_push(bio, b->next_bio);
-            b->next_bio = bio;
-            CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO);
-        }
-        b->init = 1;
-        break;
-    case BIO_C_GET_SSL:
-        if (ptr != NULL) {
-            sslp = (SSL **)ptr;
-            *sslp = ssl;
-        } else
-            ret = 0;
-        break;
-    case BIO_CTRL_GET_CLOSE:
-        ret = b->shutdown;
-        break;
-    case BIO_CTRL_SET_CLOSE:
-        b->shutdown = (int)num;
-        break;
-    case BIO_CTRL_WPENDING:
-        ret = BIO_ctrl(ssl->wbio, cmd, num, ptr);
-        break;
-    case BIO_CTRL_PENDING:
-        ret = SSL_pending(ssl);
-        if (ret == 0)
-            ret = BIO_pending(ssl->rbio);
-        break;
-    case BIO_CTRL_FLUSH:
-        BIO_clear_retry_flags(b);
-        ret = BIO_ctrl(ssl->wbio, cmd, num, ptr);
-        BIO_copy_next_retry(b);
-        break;
-    case BIO_CTRL_PUSH:
-        if ((b->next_bio != NULL) && (b->next_bio != ssl->rbio)) {
-            SSL_set_bio(ssl, b->next_bio, b->next_bio);
-            CRYPTO_add(&b->next_bio->references, 1, CRYPTO_LOCK_BIO);
-        }
-        break;
-    case BIO_CTRL_POP:
-        /* Only detach if we are the BIO explicitly being popped */
-        if (b == ptr) {
-            /*
-             * Shouldn't happen in practice because the rbio and wbio are the
-             * same when pushed.
-             */
-            if (ssl->rbio != ssl->wbio)
-                BIO_free_all(ssl->wbio);
-            if (b->next_bio != NULL)
-                CRYPTO_add(&b->next_bio->references, -1, CRYPTO_LOCK_BIO);
-            ssl->wbio = NULL;
-            ssl->rbio = NULL;
-        }
-        break;
-    case BIO_C_DO_STATE_MACHINE:
-        BIO_clear_retry_flags(b);
-
-        b->retry_reason = 0;
-        ret = (int)SSL_do_handshake(ssl);
-
-        switch (SSL_get_error(ssl, (int)ret)) {
-        case SSL_ERROR_WANT_READ:
-            BIO_set_flags(b, BIO_FLAGS_READ | BIO_FLAGS_SHOULD_RETRY);
-            break;
-        case SSL_ERROR_WANT_WRITE:
-            BIO_set_flags(b, BIO_FLAGS_WRITE | BIO_FLAGS_SHOULD_RETRY);
-            break;
-        case SSL_ERROR_WANT_CONNECT:
-            BIO_set_flags(b, BIO_FLAGS_IO_SPECIAL | BIO_FLAGS_SHOULD_RETRY);
-            b->retry_reason = b->next_bio->retry_reason;
-            break;
-        case SSL_ERROR_WANT_X509_LOOKUP:
-            BIO_set_retry_special(b);
-            b->retry_reason = BIO_RR_SSL_X509_LOOKUP;
-            break;
-        default:
-            break;
-        }
-        break;
-    case BIO_CTRL_DUP:
-        dbio = (BIO *)ptr;
-        if (((BIO_SSL *)dbio->ptr)->ssl != NULL)
-            SSL_free(((BIO_SSL *)dbio->ptr)->ssl);
-        ((BIO_SSL *)dbio->ptr)->ssl = SSL_dup(ssl);
-        ((BIO_SSL *)dbio->ptr)->renegotiate_count =
-            ((BIO_SSL *)b->ptr)->renegotiate_count;
-        ((BIO_SSL *)dbio->ptr)->byte_count = ((BIO_SSL *)b->ptr)->byte_count;
-        ((BIO_SSL *)dbio->ptr)->renegotiate_timeout =
-            ((BIO_SSL *)b->ptr)->renegotiate_timeout;
-        ((BIO_SSL *)dbio->ptr)->last_time = ((BIO_SSL *)b->ptr)->last_time;
-        ret = (((BIO_SSL *)dbio->ptr)->ssl != NULL);
-        break;
-    case BIO_C_GET_FD:
-        ret = BIO_ctrl(ssl->rbio, cmd, num, ptr);
-        break;
-    case BIO_CTRL_SET_CALLBACK:
-        {
-#if 0                           /* FIXME: Should this be used? -- Richard
-                                 * Levitte */
-            SSLerr(SSL_F_SSL_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-            ret = -1;
-#else
-            ret = 0;
-#endif
-        }
-        break;
-    case BIO_CTRL_GET_CALLBACK:
-        {
-            void (**fptr) (const SSL *xssl, int type, int val);
-
-            fptr = (void (**)(const SSL *xssl, int type, int val))ptr;
-            *fptr = SSL_get_info_callback(ssl);
-        }
-        break;
-    default:
-        ret = BIO_ctrl(ssl->rbio, cmd, num, ptr);
-        break;
-    }
-    return (ret);
-}
-
-static long ssl_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
-    SSL *ssl;
-    BIO_SSL *bs;
-    long ret = 1;
-
-    bs = (BIO_SSL *)b->ptr;
-    ssl = bs->ssl;
-    switch (cmd) {
-    case BIO_CTRL_SET_CALLBACK:
-        {
-            /*
-             * FIXME: setting this via a completely different prototype seems
-             * like a crap idea
-             */
-            SSL_set_info_callback(ssl, (void (*)(const SSL *, int, int))fp);
-        }
-        break;
-    default:
-        ret = BIO_callback_ctrl(ssl->rbio, cmd, fp);
-        break;
-    }
-    return (ret);
-}
-
-static int ssl_puts(BIO *bp, const char *str)
-{
-    int n, ret;
-
-    n = strlen(str);
-    ret = BIO_write(bp, str, n);
-    return (ret);
-}
-
-BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx)
-{
-#ifndef OPENSSL_NO_SOCK
-    BIO *ret = NULL, *buf = NULL, *ssl = NULL;
-
-    if ((buf = BIO_new(BIO_f_buffer())) == NULL)
-        return (NULL);
-    if ((ssl = BIO_new_ssl_connect(ctx)) == NULL)
-        goto err;
-    if ((ret = BIO_push(buf, ssl)) == NULL)
-        goto err;
-    return (ret);
- err:
-    if (buf != NULL)
-        BIO_free(buf);
-    if (ssl != NULL)
-        BIO_free(ssl);
-#endif
-    return (NULL);
-}
-
-BIO *BIO_new_ssl_connect(SSL_CTX *ctx)
-{
-#ifndef OPENSSL_NO_SOCK
-    BIO *ret = NULL, *con = NULL, *ssl = NULL;
-
-    if ((con = BIO_new(BIO_s_connect())) == NULL)
-        return (NULL);
-    if ((ssl = BIO_new_ssl(ctx, 1)) == NULL)
-        goto err;
-    if ((ret = BIO_push(ssl, con)) == NULL)
-        goto err;
-    return (ret);
- err:
-    if (con != NULL)
-        BIO_free(con);
-#endif
-    return (NULL);
-}
-
-BIO *BIO_new_ssl(SSL_CTX *ctx, int client)
-{
-    BIO *ret;
-    SSL *ssl;
-
-    if ((ret = BIO_new(BIO_f_ssl())) == NULL)
-        return (NULL);
-    if ((ssl = SSL_new(ctx)) == NULL) {
-        BIO_free(ret);
-        return (NULL);
-    }
-    if (client)
-        SSL_set_connect_state(ssl);
-    else
-        SSL_set_accept_state(ssl);
-
-    BIO_set_ssl(ret, ssl, BIO_CLOSE);
-    return (ret);
-}
-
-int BIO_ssl_copy_session_id(BIO *t, BIO *f)
-{
-    t = BIO_find_type(t, BIO_TYPE_SSL);
-    f = BIO_find_type(f, BIO_TYPE_SSL);
-    if ((t == NULL) || (f == NULL))
-        return (0);
-    if ((((BIO_SSL *)t->ptr)->ssl == NULL) ||
-        (((BIO_SSL *)f->ptr)->ssl == NULL))
-        return (0);
-    SSL_copy_session_id(((BIO_SSL *)t->ptr)->ssl, ((BIO_SSL *)f->ptr)->ssl);
-    return (1);
-}
-
-void BIO_ssl_shutdown(BIO *b)
-{
-    SSL *s;
-
-    while (b != NULL) {
-        if (b->method->type == BIO_TYPE_SSL) {
-            s = ((BIO_SSL *)b->ptr)->ssl;
-            SSL_shutdown(s);
-            break;
-        }
-        b = b->next_bio;
-    }
-}
diff --git a/thirdparty/openssl/ssl/d1_both.c b/thirdparty/openssl/ssl/d1_both.c
deleted file mode 100644
index e6bc761e8b..0000000000
--- a/thirdparty/openssl/ssl/d1_both.c
+++ /dev/null
@@ -1,1598 +0,0 @@
-/* ssl/d1_both.c */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <limits.h>
-#include <string.h>
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-#define RSMBLY_BITMASK_SIZE(msg_len) (((msg_len) + 7) / 8)
-
-#define RSMBLY_BITMASK_MARK(bitmask, start, end) { \
-                        if ((end) - (start) <= 8) { \
-                                long ii; \
-                                for (ii = (start); ii < (end); ii++) bitmask[((ii) >> 3)] |= (1 << ((ii) & 7)); \
-                        } else { \
-                                long ii; \
-                                bitmask[((start) >> 3)] |= bitmask_start_values[((start) & 7)]; \
-                                for (ii = (((start) >> 3) + 1); ii < ((((end) - 1)) >> 3); ii++) bitmask[ii] = 0xff; \
-                                bitmask[(((end) - 1) >> 3)] |= bitmask_end_values[((end) & 7)]; \
-                        } }
-
-#define RSMBLY_BITMASK_IS_COMPLETE(bitmask, msg_len, is_complete) { \
-                        long ii; \
-                        OPENSSL_assert((msg_len) > 0); \
-                        is_complete = 1; \
-                        if (bitmask[(((msg_len) - 1) >> 3)] != bitmask_end_values[((msg_len) & 7)]) is_complete = 0; \
-                        if (is_complete) for (ii = (((msg_len) - 1) >> 3) - 1; ii >= 0 ; ii--) \
-                                if (bitmask[ii] != 0xff) { is_complete = 0; break; } }
-
-#if 0
-# define RSMBLY_BITMASK_PRINT(bitmask, msg_len) { \
-                        long ii; \
-                        printf("bitmask: "); for (ii = 0; ii < (msg_len); ii++) \
-                        printf("%d ", (bitmask[ii >> 3] & (1 << (ii & 7))) >> (ii & 7)); \
-                        printf("\n"); }
-#endif
-
-static unsigned char bitmask_start_values[] =
-    { 0xff, 0xfe, 0xfc, 0xf8, 0xf0, 0xe0, 0xc0, 0x80 };
-static unsigned char bitmask_end_values[] =
-    { 0xff, 0x01, 0x03, 0x07, 0x0f, 0x1f, 0x3f, 0x7f };
-
-/* XDTLS:  figure out the right values */
-static const unsigned int g_probable_mtu[] = { 1500, 512, 256 };
-
-static void dtls1_fix_message_header(SSL *s, unsigned long frag_off,
-                                     unsigned long frag_len);
-static unsigned char *dtls1_write_message_header(SSL *s, unsigned char *p);
-static void dtls1_set_message_header_int(SSL *s, unsigned char mt,
-                                         unsigned long len,
-                                         unsigned short seq_num,
-                                         unsigned long frag_off,
-                                         unsigned long frag_len);
-static long dtls1_get_message_fragment(SSL *s, int st1, int stn, long max,
-                                       int *ok);
-
-static hm_fragment *dtls1_hm_fragment_new(unsigned long frag_len,
-                                          int reassembly)
-{
-    hm_fragment *frag = NULL;
-    unsigned char *buf = NULL;
-    unsigned char *bitmask = NULL;
-
-    frag = (hm_fragment *)OPENSSL_malloc(sizeof(hm_fragment));
-    if (frag == NULL)
-        return NULL;
-
-    if (frag_len) {
-        buf = (unsigned char *)OPENSSL_malloc(frag_len);
-        if (buf == NULL) {
-            OPENSSL_free(frag);
-            return NULL;
-        }
-    }
-
-    /* zero length fragment gets zero frag->fragment */
-    frag->fragment = buf;
-
-    /* Initialize reassembly bitmask if necessary */
-    if (reassembly) {
-        bitmask =
-            (unsigned char *)OPENSSL_malloc(RSMBLY_BITMASK_SIZE(frag_len));
-        if (bitmask == NULL) {
-            if (buf != NULL)
-                OPENSSL_free(buf);
-            OPENSSL_free(frag);
-            return NULL;
-        }
-        memset(bitmask, 0, RSMBLY_BITMASK_SIZE(frag_len));
-    }
-
-    frag->reassembly = bitmask;
-
-    return frag;
-}
-
-void dtls1_hm_fragment_free(hm_fragment *frag)
-{
-
-    if (frag->msg_header.is_ccs) {
-        EVP_CIPHER_CTX_free(frag->msg_header.
-                            saved_retransmit_state.enc_write_ctx);
-        EVP_MD_CTX_destroy(frag->msg_header.
-                           saved_retransmit_state.write_hash);
-    }
-    if (frag->fragment)
-        OPENSSL_free(frag->fragment);
-    if (frag->reassembly)
-        OPENSSL_free(frag->reassembly);
-    OPENSSL_free(frag);
-}
-
-static int dtls1_query_mtu(SSL *s)
-{
-    if (s->d1->link_mtu) {
-        s->d1->mtu =
-            s->d1->link_mtu - BIO_dgram_get_mtu_overhead(SSL_get_wbio(s));
-        s->d1->link_mtu = 0;
-    }
-
-    /* AHA!  Figure out the MTU, and stick to the right size */
-    if (s->d1->mtu < dtls1_min_mtu(s)) {
-        if (!(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {
-            s->d1->mtu =
-                BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
-
-            /*
-             * I've seen the kernel return bogus numbers when it doesn't know
-             * (initial write), so just make sure we have a reasonable number
-             */
-            if (s->d1->mtu < dtls1_min_mtu(s)) {
-                /* Set to min mtu */
-                s->d1->mtu = dtls1_min_mtu(s);
-                BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SET_MTU,
-                         s->d1->mtu, NULL);
-            }
-        } else
-            return 0;
-    }
-    return 1;
-}
-
-/*
- * send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or
- * SSL3_RT_CHANGE_CIPHER_SPEC)
- */
-int dtls1_do_write(SSL *s, int type)
-{
-    int ret;
-    unsigned int curr_mtu;
-    int retry = 1;
-    unsigned int len, frag_off, mac_size, blocksize, used_len;
-
-    if (!dtls1_query_mtu(s))
-        return -1;
-
-    OPENSSL_assert(s->d1->mtu >= dtls1_min_mtu(s)); /* should have something
-                                                     * reasonable now */
-
-    if (s->init_off == 0 && type == SSL3_RT_HANDSHAKE)
-        OPENSSL_assert(s->init_num ==
-                       (int)s->d1->w_msg_hdr.msg_len +
-                       DTLS1_HM_HEADER_LENGTH);
-
-    if (s->write_hash) {
-        if (s->enc_write_ctx
-            && EVP_CIPHER_CTX_mode(s->enc_write_ctx) == EVP_CIPH_GCM_MODE)
-            mac_size = 0;
-        else
-            mac_size = EVP_MD_CTX_size(s->write_hash);
-    } else
-        mac_size = 0;
-
-    if (s->enc_write_ctx &&
-        (EVP_CIPHER_CTX_mode(s->enc_write_ctx) == EVP_CIPH_CBC_MODE))
-        blocksize = 2 * EVP_CIPHER_block_size(s->enc_write_ctx->cipher);
-    else
-        blocksize = 0;
-
-    frag_off = 0;
-    s->rwstate = SSL_NOTHING;
-
-    /* s->init_num shouldn't ever be < 0...but just in case */
-    while (s->init_num > 0) {
-        if (type == SSL3_RT_HANDSHAKE && s->init_off != 0) {
-            /* We must be writing a fragment other than the first one */
-
-            if (frag_off > 0) {
-                /* This is the first attempt at writing out this fragment */
-
-                if (s->init_off <= DTLS1_HM_HEADER_LENGTH) {
-                    /*
-                     * Each fragment that was already sent must at least have
-                     * contained the message header plus one other byte.
-                     * Therefore |init_off| must have progressed by at least
-                     * |DTLS1_HM_HEADER_LENGTH + 1| bytes. If not something went
-                     * wrong.
-                     */
-                    return -1;
-                }
-
-                /*
-                 * Adjust |init_off| and |init_num| to allow room for a new
-                 * message header for this fragment.
-                 */
-                s->init_off -= DTLS1_HM_HEADER_LENGTH;
-                s->init_num += DTLS1_HM_HEADER_LENGTH;
-            } else {
-                /*
-                 * We must have been called again after a retry so use the
-                 * fragment offset from our last attempt. We do not need
-                 * to adjust |init_off| and |init_num| as above, because
-                 * that should already have been done before the retry.
-                 */
-                frag_off = s->d1->w_msg_hdr.frag_off;
-            }
-        }
-
-        used_len = BIO_wpending(SSL_get_wbio(s)) + DTLS1_RT_HEADER_LENGTH
-            + mac_size + blocksize;
-        if (s->d1->mtu > used_len)
-            curr_mtu = s->d1->mtu - used_len;
-        else
-            curr_mtu = 0;
-
-        if (curr_mtu <= DTLS1_HM_HEADER_LENGTH) {
-            /*
-             * grr.. we could get an error if MTU picked was wrong
-             */
-            ret = BIO_flush(SSL_get_wbio(s));
-            if (ret <= 0) {
-                s->rwstate = SSL_WRITING;
-                return ret;
-            }
-            used_len = DTLS1_RT_HEADER_LENGTH + mac_size + blocksize;
-            if (s->d1->mtu > used_len + DTLS1_HM_HEADER_LENGTH) {
-                curr_mtu = s->d1->mtu - used_len;
-            } else {
-                /* Shouldn't happen */
-                return -1;
-            }
-        }
-
-        /*
-         * We just checked that s->init_num > 0 so this cast should be safe
-         */
-        if (((unsigned int)s->init_num) > curr_mtu)
-            len = curr_mtu;
-        else
-            len = s->init_num;
-
-        /* Shouldn't ever happen */
-        if (len > INT_MAX)
-            len = INT_MAX;
-
-        /*
-         * XDTLS: this function is too long.  split out the CCS part
-         */
-        if (type == SSL3_RT_HANDSHAKE) {
-            if (len < DTLS1_HM_HEADER_LENGTH) {
-                /*
-                 * len is so small that we really can't do anything sensible
-                 * so fail
-                 */
-                return -1;
-            }
-            dtls1_fix_message_header(s, frag_off,
-                                     len - DTLS1_HM_HEADER_LENGTH);
-
-            dtls1_write_message_header(s,
-                                       (unsigned char *)&s->init_buf->
-                                       data[s->init_off]);
-        }
-
-        ret = dtls1_write_bytes(s, type, &s->init_buf->data[s->init_off],
-                                len);
-        if (ret < 0) {
-            /*
-             * might need to update MTU here, but we don't know which
-             * previous packet caused the failure -- so can't really
-             * retransmit anything.  continue as if everything is fine and
-             * wait for an alert to handle the retransmit
-             */
-            if (retry && BIO_ctrl(SSL_get_wbio(s),
-                                  BIO_CTRL_DGRAM_MTU_EXCEEDED, 0, NULL) > 0) {
-                if (!(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {
-                    if (!dtls1_query_mtu(s))
-                        return -1;
-                    /* Have one more go */
-                    retry = 0;
-                } else
-                    return -1;
-            } else {
-                return (-1);
-            }
-        } else {
-
-            /*
-             * bad if this assert fails, only part of the handshake message
-             * got sent.  but why would this happen?
-             */
-            OPENSSL_assert(len == (unsigned int)ret);
-
-            if (type == SSL3_RT_HANDSHAKE && !s->d1->retransmitting) {
-                /*
-                 * should not be done for 'Hello Request's, but in that case
-                 * we'll ignore the result anyway
-                 */
-                unsigned char *p =
-                    (unsigned char *)&s->init_buf->data[s->init_off];
-                const struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
-                int xlen;
-
-                if (frag_off == 0 && s->version != DTLS1_BAD_VER) {
-                    /*
-                     * reconstruct message header is if it is being sent in
-                     * single fragment
-                     */
-                    *p++ = msg_hdr->type;
-                    l2n3(msg_hdr->msg_len, p);
-                    s2n(msg_hdr->seq, p);
-                    l2n3(0, p);
-                    l2n3(msg_hdr->msg_len, p);
-                    p -= DTLS1_HM_HEADER_LENGTH;
-                    xlen = ret;
-                } else {
-                    p += DTLS1_HM_HEADER_LENGTH;
-                    xlen = ret - DTLS1_HM_HEADER_LENGTH;
-                }
-
-                ssl3_finish_mac(s, p, xlen);
-            }
-
-            if (ret == s->init_num) {
-                if (s->msg_callback)
-                    s->msg_callback(1, s->version, type, s->init_buf->data,
-                                    (size_t)(s->init_off + s->init_num), s,
-                                    s->msg_callback_arg);
-
-                s->init_off = 0; /* done writing this message */
-                s->init_num = 0;
-
-                return (1);
-            }
-            s->init_off += ret;
-            s->init_num -= ret;
-            ret -= DTLS1_HM_HEADER_LENGTH;
-            frag_off += ret;
-
-            /*
-             * We save the fragment offset for the next fragment so we have it
-             * available in case of an IO retry. We don't know the length of the
-             * next fragment yet so just set that to 0 for now. It will be
-             * updated again later.
-             */
-            dtls1_fix_message_header(s, frag_off, 0);
-        }
-    }
-    return (0);
-}
-
-/*
- * Obtain handshake message of message type 'mt' (any if mt == -1), maximum
- * acceptable body length 'max'. Read an entire handshake message.  Handshake
- * messages arrive in fragments.
- */
-long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
-{
-    int i, al;
-    struct hm_header_st *msg_hdr;
-    unsigned char *p;
-    unsigned long msg_len;
-
-    /*
-     * s3->tmp is used to store messages that are unexpected, caused by the
-     * absence of an optional handshake message
-     */
-    if (s->s3->tmp.reuse_message) {
-        s->s3->tmp.reuse_message = 0;
-        if ((mt >= 0) && (s->s3->tmp.message_type != mt)) {
-            al = SSL_AD_UNEXPECTED_MESSAGE;
-            SSLerr(SSL_F_DTLS1_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
-            goto f_err;
-        }
-        *ok = 1;
-        s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
-        s->init_num = (int)s->s3->tmp.message_size;
-        return s->init_num;
-    }
-
-    msg_hdr = &s->d1->r_msg_hdr;
-    memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
-
- again:
-    i = dtls1_get_message_fragment(s, st1, stn, max, ok);
-    if (i == DTLS1_HM_BAD_FRAGMENT || i == DTLS1_HM_FRAGMENT_RETRY) {
-        /* bad fragment received */
-        goto again;
-    } else if (i <= 0 && !*ok) {
-        return i;
-    }
-
-    /*
-     * Don't change the *message* read sequence number while listening. For
-     * the *record* write sequence we reflect the ClientHello sequence number
-     * when listening.
-     */
-    if (s->d1->listen)
-        memcpy(s->s3->write_sequence, s->s3->read_sequence,
-               sizeof(s->s3->write_sequence));
-    else
-        s->d1->handshake_read_seq++;
-
-    if (mt >= 0 && s->s3->tmp.message_type != mt) {
-        al = SSL_AD_UNEXPECTED_MESSAGE;
-        SSLerr(SSL_F_DTLS1_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
-        goto f_err;
-    }
-
-    p = (unsigned char *)s->init_buf->data;
-    msg_len = msg_hdr->msg_len;
-
-    /* reconstruct message header */
-    *(p++) = msg_hdr->type;
-    l2n3(msg_len, p);
-    s2n(msg_hdr->seq, p);
-    l2n3(0, p);
-    l2n3(msg_len, p);
-    if (s->version != DTLS1_BAD_VER) {
-        p -= DTLS1_HM_HEADER_LENGTH;
-        msg_len += DTLS1_HM_HEADER_LENGTH;
-    }
-
-    ssl3_finish_mac(s, p, msg_len);
-    if (s->msg_callback)
-        s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
-                        p, msg_len, s, s->msg_callback_arg);
-
-    memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
-
-    s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
-    return s->init_num;
-
- f_err:
-    ssl3_send_alert(s, SSL3_AL_FATAL, al);
-    *ok = 0;
-    return -1;
-}
-
-static int dtls1_preprocess_fragment(SSL *s, struct hm_header_st *msg_hdr,
-                                     int max)
-{
-    size_t frag_off, frag_len, msg_len;
-
-    msg_len = msg_hdr->msg_len;
-    frag_off = msg_hdr->frag_off;
-    frag_len = msg_hdr->frag_len;
-
-    /* sanity checking */
-    if ((frag_off + frag_len) > msg_len) {
-        SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, SSL_R_EXCESSIVE_MESSAGE_SIZE);
-        return SSL_AD_ILLEGAL_PARAMETER;
-    }
-
-    if ((frag_off + frag_len) > (unsigned long)max) {
-        SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, SSL_R_EXCESSIVE_MESSAGE_SIZE);
-        return SSL_AD_ILLEGAL_PARAMETER;
-    }
-
-    if (s->d1->r_msg_hdr.frag_off == 0) { /* first fragment */
-        /*
-         * msg_len is limited to 2^24, but is effectively checked against max
-         * above
-         *
-         * Make buffer slightly larger than message length as a precaution
-         * against small OOB reads e.g. CVE-2016-6306
-         */
-        if (!BUF_MEM_grow_clean
-            (s->init_buf, msg_len + DTLS1_HM_HEADER_LENGTH + 16)) {
-            SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, ERR_R_BUF_LIB);
-            return SSL_AD_INTERNAL_ERROR;
-        }
-
-        s->s3->tmp.message_size = msg_len;
-        s->d1->r_msg_hdr.msg_len = msg_len;
-        s->s3->tmp.message_type = msg_hdr->type;
-        s->d1->r_msg_hdr.type = msg_hdr->type;
-        s->d1->r_msg_hdr.seq = msg_hdr->seq;
-    } else if (msg_len != s->d1->r_msg_hdr.msg_len) {
-        /*
-         * They must be playing with us! BTW, failure to enforce upper limit
-         * would open possibility for buffer overrun.
-         */
-        SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, SSL_R_EXCESSIVE_MESSAGE_SIZE);
-        return SSL_AD_ILLEGAL_PARAMETER;
-    }
-
-    return 0;                   /* no error */
-}
-
-static int dtls1_retrieve_buffered_fragment(SSL *s, long max, int *ok)
-{
-    /*-
-     * (0) check whether the desired fragment is available
-     * if so:
-     * (1) copy over the fragment to s->init_buf->data[]
-     * (2) update s->init_num
-     */
-    pitem *item;
-    hm_fragment *frag;
-    int al;
-
-    *ok = 0;
-    do {
-        item = pqueue_peek(s->d1->buffered_messages);
-        if (item == NULL)
-            return 0;
-
-        frag = (hm_fragment *)item->data;
-
-        if (frag->msg_header.seq < s->d1->handshake_read_seq) {
-            /* This is a stale message that has been buffered so clear it */
-            pqueue_pop(s->d1->buffered_messages);
-            dtls1_hm_fragment_free(frag);
-            pitem_free(item);
-            item = NULL;
-            frag = NULL;
-        }
-    } while (item == NULL);
-
-
-    /* Don't return if reassembly still in progress */
-    if (frag->reassembly != NULL)
-        return 0;
-
-    if (s->d1->handshake_read_seq == frag->msg_header.seq) {
-        unsigned long frag_len = frag->msg_header.frag_len;
-        pqueue_pop(s->d1->buffered_messages);
-
-        al = dtls1_preprocess_fragment(s, &frag->msg_header, max);
-
-        if (al == 0) {          /* no alert */
-            unsigned char *p =
-                (unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
-            memcpy(&p[frag->msg_header.frag_off], frag->fragment,
-                   frag->msg_header.frag_len);
-        }
-
-        dtls1_hm_fragment_free(frag);
-        pitem_free(item);
-
-        if (al == 0) {
-            *ok = 1;
-            return frag_len;
-        }
-
-        ssl3_send_alert(s, SSL3_AL_FATAL, al);
-        s->init_num = 0;
-        *ok = 0;
-        return -1;
-    } else
-        return 0;
-}
-
-/*
- * dtls1_max_handshake_message_len returns the maximum number of bytes
- * permitted in a DTLS handshake message for |s|. The minimum is 16KB, but
- * may be greater if the maximum certificate list size requires it.
- */
-static unsigned long dtls1_max_handshake_message_len(const SSL *s)
-{
-    unsigned long max_len =
-        DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH;
-    if (max_len < (unsigned long)s->max_cert_list)
-        return s->max_cert_list;
-    return max_len;
-}
-
-static int
-dtls1_reassemble_fragment(SSL *s, const struct hm_header_st *msg_hdr, int *ok)
-{
-    hm_fragment *frag = NULL;
-    pitem *item = NULL;
-    int i = -1, is_complete;
-    unsigned char seq64be[8];
-    unsigned long frag_len = msg_hdr->frag_len;
-
-    if ((msg_hdr->frag_off + frag_len) > msg_hdr->msg_len ||
-        msg_hdr->msg_len > dtls1_max_handshake_message_len(s))
-        goto err;
-
-    if (frag_len == 0)
-        return DTLS1_HM_FRAGMENT_RETRY;
-
-    /* Try to find item in queue */
-    memset(seq64be, 0, sizeof(seq64be));
-    seq64be[6] = (unsigned char)(msg_hdr->seq >> 8);
-    seq64be[7] = (unsigned char)msg_hdr->seq;
-    item = pqueue_find(s->d1->buffered_messages, seq64be);
-
-    if (item == NULL) {
-        frag = dtls1_hm_fragment_new(msg_hdr->msg_len, 1);
-        if (frag == NULL)
-            goto err;
-        memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
-        frag->msg_header.frag_len = frag->msg_header.msg_len;
-        frag->msg_header.frag_off = 0;
-    } else {
-        frag = (hm_fragment *)item->data;
-        if (frag->msg_header.msg_len != msg_hdr->msg_len) {
-            item = NULL;
-            frag = NULL;
-            goto err;
-        }
-    }
-
-    /*
-     * If message is already reassembled, this must be a retransmit and can
-     * be dropped. In this case item != NULL and so frag does not need to be
-     * freed.
-     */
-    if (frag->reassembly == NULL) {
-        unsigned char devnull[256];
-
-        while (frag_len) {
-            i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
-                                          devnull,
-                                          frag_len >
-                                          sizeof(devnull) ? sizeof(devnull) :
-                                          frag_len, 0);
-            if (i <= 0)
-                goto err;
-            frag_len -= i;
-        }
-        return DTLS1_HM_FRAGMENT_RETRY;
-    }
-
-    /* read the body of the fragment (header has already been read */
-    i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
-                                  frag->fragment + msg_hdr->frag_off,
-                                  frag_len, 0);
-    if ((unsigned long)i != frag_len)
-        i = -1;
-    if (i <= 0)
-        goto err;
-
-    RSMBLY_BITMASK_MARK(frag->reassembly, (long)msg_hdr->frag_off,
-                        (long)(msg_hdr->frag_off + frag_len));
-
-    RSMBLY_BITMASK_IS_COMPLETE(frag->reassembly, (long)msg_hdr->msg_len,
-                               is_complete);
-
-    if (is_complete) {
-        OPENSSL_free(frag->reassembly);
-        frag->reassembly = NULL;
-    }
-
-    if (item == NULL) {
-        item = pitem_new(seq64be, frag);
-        if (item == NULL) {
-            i = -1;
-            goto err;
-        }
-
-        item = pqueue_insert(s->d1->buffered_messages, item);
-        /*
-         * pqueue_insert fails iff a duplicate item is inserted. However,
-         * |item| cannot be a duplicate. If it were, |pqueue_find|, above,
-         * would have returned it and control would never have reached this
-         * branch.
-         */
-        OPENSSL_assert(item != NULL);
-    }
-
-    return DTLS1_HM_FRAGMENT_RETRY;
-
- err:
-    if (frag != NULL && item == NULL)
-        dtls1_hm_fragment_free(frag);
-    *ok = 0;
-    return i;
-}
-
-static int
-dtls1_process_out_of_seq_message(SSL *s, const struct hm_header_st *msg_hdr,
-                                 int *ok)
-{
-    int i = -1;
-    hm_fragment *frag = NULL;
-    pitem *item = NULL;
-    unsigned char seq64be[8];
-    unsigned long frag_len = msg_hdr->frag_len;
-
-    if ((msg_hdr->frag_off + frag_len) > msg_hdr->msg_len)
-        goto err;
-
-    /* Try to find item in queue, to prevent duplicate entries */
-    memset(seq64be, 0, sizeof(seq64be));
-    seq64be[6] = (unsigned char)(msg_hdr->seq >> 8);
-    seq64be[7] = (unsigned char)msg_hdr->seq;
-    item = pqueue_find(s->d1->buffered_messages, seq64be);
-
-    /*
-     * If we already have an entry and this one is a fragment, don't discard
-     * it and rather try to reassemble it.
-     */
-    if (item != NULL && frag_len != msg_hdr->msg_len)
-        item = NULL;
-
-    /*
-     * Discard the message if sequence number was already there, is too far
-     * in the future, already in the queue or if we received a FINISHED
-     * before the SERVER_HELLO, which then must be a stale retransmit.
-     */
-    if (msg_hdr->seq <= s->d1->handshake_read_seq ||
-        msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL ||
-        (s->d1->handshake_read_seq == 0 && msg_hdr->type == SSL3_MT_FINISHED))
-    {
-        unsigned char devnull[256];
-
-        while (frag_len) {
-            i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
-                                          devnull,
-                                          frag_len >
-                                          sizeof(devnull) ? sizeof(devnull) :
-                                          frag_len, 0);
-            if (i <= 0)
-                goto err;
-            frag_len -= i;
-        }
-    } else {
-        if (frag_len != msg_hdr->msg_len)
-            return dtls1_reassemble_fragment(s, msg_hdr, ok);
-
-        if (frag_len > dtls1_max_handshake_message_len(s))
-            goto err;
-
-        frag = dtls1_hm_fragment_new(frag_len, 0);
-        if (frag == NULL)
-            goto err;
-
-        memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
-
-        if (frag_len) {
-            /*
-             * read the body of the fragment (header has already been read
-             */
-            i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
-                                          frag->fragment, frag_len, 0);
-            if ((unsigned long)i != frag_len)
-                i = -1;
-            if (i <= 0)
-                goto err;
-        }
-
-        item = pitem_new(seq64be, frag);
-        if (item == NULL)
-            goto err;
-
-        item = pqueue_insert(s->d1->buffered_messages, item);
-        /*
-         * pqueue_insert fails iff a duplicate item is inserted. However,
-         * |item| cannot be a duplicate. If it were, |pqueue_find|, above,
-         * would have returned it. Then, either |frag_len| !=
-         * |msg_hdr->msg_len| in which case |item| is set to NULL and it will
-         * have been processed with |dtls1_reassemble_fragment|, above, or
-         * the record will have been discarded.
-         */
-        OPENSSL_assert(item != NULL);
-    }
-
-    return DTLS1_HM_FRAGMENT_RETRY;
-
- err:
-    if (frag != NULL && item == NULL)
-        dtls1_hm_fragment_free(frag);
-    *ok = 0;
-    return i;
-}
-
-static long
-dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
-{
-    unsigned char wire[DTLS1_HM_HEADER_LENGTH];
-    unsigned long len, frag_off, frag_len;
-    int i, al;
-    struct hm_header_st msg_hdr;
-
- redo:
-    /* see if we have the required fragment already */
-    if ((frag_len = dtls1_retrieve_buffered_fragment(s, max, ok)) || *ok) {
-        if (*ok)
-            s->init_num = frag_len;
-        return frag_len;
-    }
-
-    /* read handshake message header */
-    i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, wire,
-                                  DTLS1_HM_HEADER_LENGTH, 0);
-    if (i <= 0) {               /* nbio, or an error */
-        s->rwstate = SSL_READING;
-        *ok = 0;
-        return i;
-    }
-    /* Handshake fails if message header is incomplete */
-    if (i != DTLS1_HM_HEADER_LENGTH) {
-        al = SSL_AD_UNEXPECTED_MESSAGE;
-        SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT, SSL_R_UNEXPECTED_MESSAGE);
-        goto f_err;
-    }
-
-    /* parse the message fragment header */
-    dtls1_get_message_header(wire, &msg_hdr);
-
-    len = msg_hdr.msg_len;
-    frag_off = msg_hdr.frag_off;
-    frag_len = msg_hdr.frag_len;
-
-    /*
-     * We must have at least frag_len bytes left in the record to be read.
-     * Fragments must not span records.
-     */
-    if (frag_len > s->s3->rrec.length) {
-        al = SSL3_AD_ILLEGAL_PARAMETER;
-        SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT, SSL_R_BAD_LENGTH);
-        goto f_err;
-    }
-
-    /*
-     * if this is a future (or stale) message it gets buffered
-     * (or dropped)--no further processing at this time
-     * While listening, we accept seq 1 (ClientHello with cookie)
-     * although we're still expecting seq 0 (ClientHello)
-     */
-    if (msg_hdr.seq != s->d1->handshake_read_seq
-        && !(s->d1->listen && msg_hdr.seq == 1))
-        return dtls1_process_out_of_seq_message(s, &msg_hdr, ok);
-
-    if (frag_len && frag_len < len)
-        return dtls1_reassemble_fragment(s, &msg_hdr, ok);
-
-    if (!s->server && s->d1->r_msg_hdr.frag_off == 0 &&
-        wire[0] == SSL3_MT_HELLO_REQUEST) {
-        /*
-         * The server may always send 'Hello Request' messages -- we are
-         * doing a handshake anyway now, so ignore them if their format is
-         * correct. Does not count for 'Finished' MAC.
-         */
-        if (wire[1] == 0 && wire[2] == 0 && wire[3] == 0) {
-            if (s->msg_callback)
-                s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
-                                wire, DTLS1_HM_HEADER_LENGTH, s,
-                                s->msg_callback_arg);
-
-            s->init_num = 0;
-            goto redo;
-        } else {                /* Incorrectly formated Hello request */
-
-            al = SSL_AD_UNEXPECTED_MESSAGE;
-            SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,
-                   SSL_R_UNEXPECTED_MESSAGE);
-            goto f_err;
-        }
-    }
-
-    if ((al = dtls1_preprocess_fragment(s, &msg_hdr, max)))
-        goto f_err;
-
-    if (frag_len > 0) {
-        unsigned char *p =
-            (unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
-
-        i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
-                                      &p[frag_off], frag_len, 0);
-
-        /*
-         * This shouldn't ever fail due to NBIO because we already checked
-         * that we have enough data in the record
-         */
-        if (i <= 0) {
-            s->rwstate = SSL_READING;
-            *ok = 0;
-            return i;
-        }
-    } else
-        i = 0;
-
-    /*
-     * XDTLS: an incorrectly formatted fragment should cause the handshake
-     * to fail
-     */
-    if (i != (int)frag_len) {
-        al = SSL3_AD_ILLEGAL_PARAMETER;
-        SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT, SSL3_AD_ILLEGAL_PARAMETER);
-        goto f_err;
-    }
-
-    *ok = 1;
-    s->state = stn;
-
-    /*
-     * Note that s->init_num is *not* used as current offset in
-     * s->init_buf->data, but as a counter summing up fragments' lengths: as
-     * soon as they sum up to handshake packet length, we assume we have got
-     * all the fragments.
-     */
-    s->init_num = frag_len;
-    return frag_len;
-
- f_err:
-    ssl3_send_alert(s, SSL3_AL_FATAL, al);
-    s->init_num = 0;
-
-    *ok = 0;
-    return (-1);
-}
-
-/*-
- * for these 2 messages, we need to
- * ssl->enc_read_ctx                    re-init
- * ssl->s3->read_sequence               zero
- * ssl->s3->read_mac_secret             re-init
- * ssl->session->read_sym_enc           assign
- * ssl->session->read_compression       assign
- * ssl->session->read_hash              assign
- */
-int dtls1_send_change_cipher_spec(SSL *s, int a, int b)
-{
-    unsigned char *p;
-
-    if (s->state == a) {
-        p = (unsigned char *)s->init_buf->data;
-        *p++ = SSL3_MT_CCS;
-        s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
-        s->init_num = DTLS1_CCS_HEADER_LENGTH;
-
-        if (s->version == DTLS1_BAD_VER) {
-            s->d1->next_handshake_write_seq++;
-            s2n(s->d1->handshake_write_seq, p);
-            s->init_num += 2;
-        }
-
-        s->init_off = 0;
-
-        dtls1_set_message_header_int(s, SSL3_MT_CCS, 0,
-                                     s->d1->handshake_write_seq, 0, 0);
-
-        /* buffer the message to handle re-xmits */
-        dtls1_buffer_message(s, 1);
-
-        s->state = b;
-    }
-
-    /* SSL3_ST_CW_CHANGE_B */
-    return (dtls1_do_write(s, SSL3_RT_CHANGE_CIPHER_SPEC));
-}
-
-int dtls1_read_failed(SSL *s, int code)
-{
-    if (code > 0) {
-#ifdef TLS_DEBUG
-        fprintf(stderr, "invalid state reached %s:%d", __FILE__, __LINE__);
-#endif
-        return 1;
-    }
-
-    if (!dtls1_is_timer_expired(s)) {
-        /*
-         * not a timeout, none of our business, let higher layers handle
-         * this.  in fact it's probably an error
-         */
-        return code;
-    }
-#ifndef OPENSSL_NO_HEARTBEATS
-    /* done, no need to send a retransmit */
-    if (!SSL_in_init(s) && !s->tlsext_hb_pending)
-#else
-    /* done, no need to send a retransmit */
-    if (!SSL_in_init(s))
-#endif
-    {
-        BIO_set_flags(SSL_get_rbio(s), BIO_FLAGS_READ);
-        return code;
-    }
-#if 0                           /* for now, each alert contains only one
-                                 * record number */
-    item = pqueue_peek(state->rcvd_records);
-    if (item) {
-        /* send an alert immediately for all the missing records */
-    } else
-#endif
-
-#if 0                           /* no more alert sending, just retransmit the
-                                 * last set of messages */
-    if (state->timeout.read_timeouts >= DTLS1_TMO_READ_COUNT)
-        ssl3_send_alert(s, SSL3_AL_WARNING,
-                        DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
-#endif
-
-    return dtls1_handle_timeout(s);
-}
-
-int dtls1_get_queue_priority(unsigned short seq, int is_ccs)
-{
-    /*
-     * The index of the retransmission queue actually is the message sequence
-     * number, since the queue only contains messages of a single handshake.
-     * However, the ChangeCipherSpec has no message sequence number and so
-     * using only the sequence will result in the CCS and Finished having the
-     * same index. To prevent this, the sequence number is multiplied by 2.
-     * In case of a CCS 1 is subtracted. This does not only differ CSS and
-     * Finished, it also maintains the order of the index (important for
-     * priority queues) and fits in the unsigned short variable.
-     */
-    return seq * 2 - is_ccs;
-}
-
-int dtls1_retransmit_buffered_messages(SSL *s)
-{
-    pqueue sent = s->d1->sent_messages;
-    piterator iter;
-    pitem *item;
-    hm_fragment *frag;
-    int found = 0;
-
-    iter = pqueue_iterator(sent);
-
-    for (item = pqueue_next(&iter); item != NULL; item = pqueue_next(&iter)) {
-        frag = (hm_fragment *)item->data;
-        if (dtls1_retransmit_message(s, (unsigned short)
-                                     dtls1_get_queue_priority
-                                     (frag->msg_header.seq,
-                                      frag->msg_header.is_ccs), 0,
-                                     &found) <= 0 && found) {
-#ifdef TLS_DEBUG
-            fprintf(stderr, "dtls1_retransmit_message() failed\n");
-#endif
-            return -1;
-        }
-    }
-
-    return 1;
-}
-
-int dtls1_buffer_message(SSL *s, int is_ccs)
-{
-    pitem *item;
-    hm_fragment *frag;
-    unsigned char seq64be[8];
-
-    /*
-     * this function is called immediately after a message has been
-     * serialized
-     */
-    OPENSSL_assert(s->init_off == 0);
-
-    frag = dtls1_hm_fragment_new(s->init_num, 0);
-    if (!frag)
-        return 0;
-
-    memcpy(frag->fragment, s->init_buf->data, s->init_num);
-
-    if (is_ccs) {
-        /* For DTLS1_BAD_VER the header length is non-standard */
-        OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
-                       ((s->version==DTLS1_BAD_VER)?3:DTLS1_CCS_HEADER_LENGTH)
-                       == (unsigned int)s->init_num);
-    } else {
-        OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
-                       DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num);
-    }
-
-    frag->msg_header.msg_len = s->d1->w_msg_hdr.msg_len;
-    frag->msg_header.seq = s->d1->w_msg_hdr.seq;
-    frag->msg_header.type = s->d1->w_msg_hdr.type;
-    frag->msg_header.frag_off = 0;
-    frag->msg_header.frag_len = s->d1->w_msg_hdr.msg_len;
-    frag->msg_header.is_ccs = is_ccs;
-
-    /* save current state */
-    frag->msg_header.saved_retransmit_state.enc_write_ctx = s->enc_write_ctx;
-    frag->msg_header.saved_retransmit_state.write_hash = s->write_hash;
-    frag->msg_header.saved_retransmit_state.compress = s->compress;
-    frag->msg_header.saved_retransmit_state.session = s->session;
-    frag->msg_header.saved_retransmit_state.epoch = s->d1->w_epoch;
-
-    memset(seq64be, 0, sizeof(seq64be));
-    seq64be[6] =
-        (unsigned
-         char)(dtls1_get_queue_priority(frag->msg_header.seq,
-                                        frag->msg_header.is_ccs) >> 8);
-    seq64be[7] =
-        (unsigned
-         char)(dtls1_get_queue_priority(frag->msg_header.seq,
-                                        frag->msg_header.is_ccs));
-
-    item = pitem_new(seq64be, frag);
-    if (item == NULL) {
-        dtls1_hm_fragment_free(frag);
-        return 0;
-    }
-#if 0
-    fprintf(stderr, "buffered messge: \ttype = %xx\n", msg_buf->type);
-    fprintf(stderr, "\t\t\t\t\tlen = %d\n", msg_buf->len);
-    fprintf(stderr, "\t\t\t\t\tseq_num = %d\n", msg_buf->seq_num);
-#endif
-
-    pqueue_insert(s->d1->sent_messages, item);
-    return 1;
-}
-
-int
-dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
-                         int *found)
-{
-    int ret;
-    /* XDTLS: for now assuming that read/writes are blocking */
-    pitem *item;
-    hm_fragment *frag;
-    unsigned long header_length;
-    unsigned char seq64be[8];
-    struct dtls1_retransmit_state saved_state;
-    unsigned char save_write_sequence[8] = {0, 0, 0, 0, 0, 0, 0, 0};
-
-    /*-
-      OPENSSL_assert(s->init_num == 0);
-      OPENSSL_assert(s->init_off == 0);
-     */
-
-    /* XDTLS:  the requested message ought to be found, otherwise error */
-    memset(seq64be, 0, sizeof(seq64be));
-    seq64be[6] = (unsigned char)(seq >> 8);
-    seq64be[7] = (unsigned char)seq;
-
-    item = pqueue_find(s->d1->sent_messages, seq64be);
-    if (item == NULL) {
-#ifdef TLS_DEBUG
-        fprintf(stderr, "retransmit:  message %d non-existant\n", seq);
-#endif
-        *found = 0;
-        return 0;
-    }
-
-    *found = 1;
-    frag = (hm_fragment *)item->data;
-
-    if (frag->msg_header.is_ccs)
-        header_length = DTLS1_CCS_HEADER_LENGTH;
-    else
-        header_length = DTLS1_HM_HEADER_LENGTH;
-
-    memcpy(s->init_buf->data, frag->fragment,
-           frag->msg_header.msg_len + header_length);
-    s->init_num = frag->msg_header.msg_len + header_length;
-
-    dtls1_set_message_header_int(s, frag->msg_header.type,
-                                 frag->msg_header.msg_len,
-                                 frag->msg_header.seq, 0,
-                                 frag->msg_header.frag_len);
-
-    /* save current state */
-    saved_state.enc_write_ctx = s->enc_write_ctx;
-    saved_state.write_hash = s->write_hash;
-    saved_state.compress = s->compress;
-    saved_state.session = s->session;
-    saved_state.epoch = s->d1->w_epoch;
-    saved_state.epoch = s->d1->w_epoch;
-
-    s->d1->retransmitting = 1;
-
-    /* restore state in which the message was originally sent */
-    s->enc_write_ctx = frag->msg_header.saved_retransmit_state.enc_write_ctx;
-    s->write_hash = frag->msg_header.saved_retransmit_state.write_hash;
-    s->compress = frag->msg_header.saved_retransmit_state.compress;
-    s->session = frag->msg_header.saved_retransmit_state.session;
-    s->d1->w_epoch = frag->msg_header.saved_retransmit_state.epoch;
-
-    if (frag->msg_header.saved_retransmit_state.epoch ==
-        saved_state.epoch - 1) {
-        memcpy(save_write_sequence, s->s3->write_sequence,
-               sizeof(s->s3->write_sequence));
-        memcpy(s->s3->write_sequence, s->d1->last_write_sequence,
-               sizeof(s->s3->write_sequence));
-    }
-
-    ret = dtls1_do_write(s, frag->msg_header.is_ccs ?
-                         SSL3_RT_CHANGE_CIPHER_SPEC : SSL3_RT_HANDSHAKE);
-
-    /* restore current state */
-    s->enc_write_ctx = saved_state.enc_write_ctx;
-    s->write_hash = saved_state.write_hash;
-    s->compress = saved_state.compress;
-    s->session = saved_state.session;
-    s->d1->w_epoch = saved_state.epoch;
-
-    if (frag->msg_header.saved_retransmit_state.epoch ==
-        saved_state.epoch - 1) {
-        memcpy(s->d1->last_write_sequence, s->s3->write_sequence,
-               sizeof(s->s3->write_sequence));
-        memcpy(s->s3->write_sequence, save_write_sequence,
-               sizeof(s->s3->write_sequence));
-    }
-
-    s->d1->retransmitting = 0;
-
-    (void)BIO_flush(SSL_get_wbio(s));
-    return ret;
-}
-
-unsigned char *dtls1_set_message_header(SSL *s, unsigned char *p,
-                                        unsigned char mt, unsigned long len,
-                                        unsigned long frag_off,
-                                        unsigned long frag_len)
-{
-    /* Don't change sequence numbers while listening */
-    if (frag_off == 0 && !s->d1->listen) {
-        s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
-        s->d1->next_handshake_write_seq++;
-    }
-
-    dtls1_set_message_header_int(s, mt, len, s->d1->handshake_write_seq,
-                                 frag_off, frag_len);
-
-    return p += DTLS1_HM_HEADER_LENGTH;
-}
-
-/* don't actually do the writing, wait till the MTU has been retrieved */
-static void
-dtls1_set_message_header_int(SSL *s, unsigned char mt,
-                             unsigned long len, unsigned short seq_num,
-                             unsigned long frag_off, unsigned long frag_len)
-{
-    struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
-
-    msg_hdr->type = mt;
-    msg_hdr->msg_len = len;
-    msg_hdr->seq = seq_num;
-    msg_hdr->frag_off = frag_off;
-    msg_hdr->frag_len = frag_len;
-}
-
-static void
-dtls1_fix_message_header(SSL *s, unsigned long frag_off,
-                         unsigned long frag_len)
-{
-    struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
-
-    msg_hdr->frag_off = frag_off;
-    msg_hdr->frag_len = frag_len;
-}
-
-static unsigned char *dtls1_write_message_header(SSL *s, unsigned char *p)
-{
-    struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
-
-    *p++ = msg_hdr->type;
-    l2n3(msg_hdr->msg_len, p);
-
-    s2n(msg_hdr->seq, p);
-    l2n3(msg_hdr->frag_off, p);
-    l2n3(msg_hdr->frag_len, p);
-
-    return p;
-}
-
-unsigned int dtls1_link_min_mtu(void)
-{
-    return (g_probable_mtu[(sizeof(g_probable_mtu) /
-                            sizeof(g_probable_mtu[0])) - 1]);
-}
-
-unsigned int dtls1_min_mtu(SSL *s)
-{
-    return dtls1_link_min_mtu() - BIO_dgram_get_mtu_overhead(SSL_get_wbio(s));
-}
-
-void
-dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr)
-{
-    memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
-    msg_hdr->type = *(data++);
-    n2l3(data, msg_hdr->msg_len);
-
-    n2s(data, msg_hdr->seq);
-    n2l3(data, msg_hdr->frag_off);
-    n2l3(data, msg_hdr->frag_len);
-}
-
-void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr)
-{
-    memset(ccs_hdr, 0x00, sizeof(struct ccs_header_st));
-
-    ccs_hdr->type = *(data++);
-}
-
-int dtls1_shutdown(SSL *s)
-{
-    int ret;
-#ifndef OPENSSL_NO_SCTP
-    BIO *wbio;
-
-    wbio = SSL_get_wbio(s);
-    if (wbio != NULL && BIO_dgram_is_sctp(wbio) &&
-        !(s->shutdown & SSL_SENT_SHUTDOWN)) {
-        ret = BIO_dgram_sctp_wait_for_dry(wbio);
-        if (ret < 0)
-            return -1;
-
-        if (ret == 0)
-            BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN, 1,
-                     NULL);
-    }
-#endif
-    ret = ssl3_shutdown(s);
-#ifndef OPENSSL_NO_SCTP
-    BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN, 0, NULL);
-#endif
-    return ret;
-}
-
-#ifndef OPENSSL_NO_HEARTBEATS
-int dtls1_process_heartbeat(SSL *s)
-{
-    unsigned char *p = &s->s3->rrec.data[0], *pl;
-    unsigned short hbtype;
-    unsigned int payload;
-    unsigned int padding = 16;  /* Use minimum padding */
-
-    if (s->msg_callback)
-        s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
-                        &s->s3->rrec.data[0], s->s3->rrec.length,
-                        s, s->msg_callback_arg);
-
-    /* Read type and payload length first */
-    if (1 + 2 + 16 > s->s3->rrec.length)
-        return 0;               /* silently discard */
-    if (s->s3->rrec.length > SSL3_RT_MAX_PLAIN_LENGTH)
-        return 0;               /* silently discard per RFC 6520 sec. 4 */
-
-    hbtype = *p++;
-    n2s(p, payload);
-    if (1 + 2 + payload + 16 > s->s3->rrec.length)
-        return 0;               /* silently discard per RFC 6520 sec. 4 */
-    pl = p;
-
-    if (hbtype == TLS1_HB_REQUEST) {
-        unsigned char *buffer, *bp;
-        unsigned int write_length = 1 /* heartbeat type */  +
-            2 /* heartbeat length */  +
-            payload + padding;
-        int r;
-
-        if (write_length > SSL3_RT_MAX_PLAIN_LENGTH)
-            return 0;
-
-        /*
-         * Allocate memory for the response, size is 1 byte message type,
-         * plus 2 bytes payload length, plus payload, plus padding
-         */
-        buffer = OPENSSL_malloc(write_length);
-        if (buffer == NULL)
-            return -1;
-        bp = buffer;
-
-        /* Enter response type, length and copy payload */
-        *bp++ = TLS1_HB_RESPONSE;
-        s2n(payload, bp);
-        memcpy(bp, pl, payload);
-        bp += payload;
-        /* Random padding */
-        if (RAND_bytes(bp, padding) <= 0) {
-            OPENSSL_free(buffer);
-            return -1;
-        }
-
-        r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, write_length);
-
-        if (r >= 0 && s->msg_callback)
-            s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
-                            buffer, write_length, s, s->msg_callback_arg);
-
-        OPENSSL_free(buffer);
-
-        if (r < 0)
-            return r;
-    } else if (hbtype == TLS1_HB_RESPONSE) {
-        unsigned int seq;
-
-        /*
-         * We only send sequence numbers (2 bytes unsigned int), and 16
-         * random bytes, so we just try to read the sequence number
-         */
-        n2s(pl, seq);
-
-        if (payload == 18 && seq == s->tlsext_hb_seq) {
-            dtls1_stop_timer(s);
-            s->tlsext_hb_seq++;
-            s->tlsext_hb_pending = 0;
-        }
-    }
-
-    return 0;
-}
-
-int dtls1_heartbeat(SSL *s)
-{
-    unsigned char *buf, *p;
-    int ret = -1;
-    unsigned int payload = 18;  /* Sequence number + random bytes */
-    unsigned int padding = 16;  /* Use minimum padding */
-
-    /* Only send if peer supports and accepts HB requests... */
-    if (!(s->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED) ||
-        s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS) {
-        SSLerr(SSL_F_DTLS1_HEARTBEAT, SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT);
-        return -1;
-    }
-
-    /* ...and there is none in flight yet... */
-    if (s->tlsext_hb_pending) {
-        SSLerr(SSL_F_DTLS1_HEARTBEAT, SSL_R_TLS_HEARTBEAT_PENDING);
-        return -1;
-    }
-
-    /* ...and no handshake in progress. */
-    if (SSL_in_init(s) || s->in_handshake) {
-        SSLerr(SSL_F_DTLS1_HEARTBEAT, SSL_R_UNEXPECTED_MESSAGE);
-        return -1;
-    }
-
-    /*
-     * Check if padding is too long, payload and padding must not exceed 2^14
-     * - 3 = 16381 bytes in total.
-     */
-    OPENSSL_assert(payload + padding <= 16381);
-
-    /*-
-     * Create HeartBeat message, we just use a sequence number
-     * as payload to distuingish different messages and add
-     * some random stuff.
-     *  - Message Type, 1 byte
-     *  - Payload Length, 2 bytes (unsigned int)
-     *  - Payload, the sequence number (2 bytes uint)
-     *  - Payload, random bytes (16 bytes uint)
-     *  - Padding
-     */
-    buf = OPENSSL_malloc(1 + 2 + payload + padding);
-    if (buf == NULL)
-        goto err;
-    p = buf;
-    /* Message Type */
-    *p++ = TLS1_HB_REQUEST;
-    /* Payload length (18 bytes here) */
-    s2n(payload, p);
-    /* Sequence number */
-    s2n(s->tlsext_hb_seq, p);
-    /* 16 random bytes */
-    if (RAND_bytes(p, 16) <= 0)
-        goto err;
-    p += 16;
-    /* Random padding */
-    if (RAND_bytes(p, padding) <= 0)
-        goto err;
-
-    ret = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding);
-    if (ret >= 0) {
-        if (s->msg_callback)
-            s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
-                            buf, 3 + payload + padding,
-                            s, s->msg_callback_arg);
-
-        dtls1_start_timer(s);
-        s->tlsext_hb_pending = 1;
-    }
-
-err:
-    OPENSSL_free(buf);
-
-    return ret;
-}
-#endif
diff --git a/thirdparty/openssl/ssl/d1_clnt.c b/thirdparty/openssl/ssl/d1_clnt.c
deleted file mode 100644
index 76451a346d..0000000000
--- a/thirdparty/openssl/ssl/d1_clnt.c
+++ /dev/null
@@ -1,875 +0,0 @@
-/* ssl/d1_clnt.c */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_KRB5
-# include "kssl_lcl.h"
-#endif
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/md5.h>
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-
-static const SSL_METHOD *dtls1_get_client_method(int ver);
-static int dtls1_get_hello_verify(SSL *s);
-
-static const SSL_METHOD *dtls1_get_client_method(int ver)
-{
-    if (ver == DTLS_ANY_VERSION)
-        return DTLS_client_method();
-    else if (ver == DTLS1_VERSION || ver == DTLS1_BAD_VER)
-        return DTLSv1_client_method();
-    else if (ver == DTLS1_2_VERSION)
-        return DTLSv1_2_client_method();
-    else
-        return NULL;
-}
-
-IMPLEMENT_dtls1_meth_func(DTLS1_VERSION,
-                          DTLSv1_client_method,
-                          ssl_undefined_function,
-                          dtls1_connect,
-                          dtls1_get_client_method, DTLSv1_enc_data)
-
-IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION,
-                          DTLSv1_2_client_method,
-                          ssl_undefined_function,
-                          dtls1_connect,
-                          dtls1_get_client_method, DTLSv1_2_enc_data)
-
-IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION,
-                          DTLS_client_method,
-                          ssl_undefined_function,
-                          dtls1_connect,
-                          dtls1_get_client_method, DTLSv1_2_enc_data)
-
-int dtls1_connect(SSL *s)
-{
-    BUF_MEM *buf = NULL;
-    unsigned long Time = (unsigned long)time(NULL);
-    void (*cb) (const SSL *ssl, int type, int val) = NULL;
-    int ret = -1;
-    int new_state, state, skip = 0;
-#ifndef OPENSSL_NO_SCTP
-    unsigned char sctpauthkey[64];
-    char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
-#endif
-
-    RAND_add(&Time, sizeof(Time), 0);
-    ERR_clear_error();
-    clear_sys_error();
-
-    if (s->info_callback != NULL)
-        cb = s->info_callback;
-    else if (s->ctx->info_callback != NULL)
-        cb = s->ctx->info_callback;
-
-    s->in_handshake++;
-    if (!SSL_in_init(s) || SSL_in_before(s))
-        SSL_clear(s);
-
-#ifndef OPENSSL_NO_SCTP
-    /*
-     * Notify SCTP BIO socket to enter handshake mode and prevent stream
-     * identifier other than 0. Will be ignored if no SCTP is used.
-     */
-    BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
-             s->in_handshake, NULL);
-#endif
-
-#ifndef OPENSSL_NO_HEARTBEATS
-    /*
-     * If we're awaiting a HeartbeatResponse, pretend we already got and
-     * don't await it anymore, because Heartbeats don't make sense during
-     * handshakes anyway.
-     */
-    if (s->tlsext_hb_pending) {
-        dtls1_stop_timer(s);
-        s->tlsext_hb_pending = 0;
-        s->tlsext_hb_seq++;
-    }
-#endif
-
-    for (;;) {
-        state = s->state;
-
-        switch (s->state) {
-        case SSL_ST_RENEGOTIATE:
-            s->renegotiate = 1;
-            s->state = SSL_ST_CONNECT;
-            s->ctx->stats.sess_connect_renegotiate++;
-            /* break */
-        case SSL_ST_BEFORE:
-        case SSL_ST_CONNECT:
-        case SSL_ST_BEFORE | SSL_ST_CONNECT:
-        case SSL_ST_OK | SSL_ST_CONNECT:
-
-            s->server = 0;
-            if (cb != NULL)
-                cb(s, SSL_CB_HANDSHAKE_START, 1);
-
-            if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00) &&
-                (s->version & 0xff00) != (DTLS1_BAD_VER & 0xff00)) {
-                SSLerr(SSL_F_DTLS1_CONNECT, ERR_R_INTERNAL_ERROR);
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            }
-
-            /* s->version=SSL3_VERSION; */
-            s->type = SSL_ST_CONNECT;
-
-            if (s->init_buf == NULL) {
-                if ((buf = BUF_MEM_new()) == NULL) {
-                    ret = -1;
-                    s->state = SSL_ST_ERR;
-                    goto end;
-                }
-                if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
-                    ret = -1;
-                    s->state = SSL_ST_ERR;
-                    goto end;
-                }
-                s->init_buf = buf;
-                buf = NULL;
-            }
-
-            if (!ssl3_setup_buffers(s)) {
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            }
-
-            /* setup buffing BIO */
-            if (!ssl_init_wbio_buffer(s, 0)) {
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            }
-
-            /* don't push the buffering BIO quite yet */
-
-            s->state = SSL3_ST_CW_CLNT_HELLO_A;
-            s->ctx->stats.sess_connect++;
-            s->init_num = 0;
-            /* mark client_random uninitialized */
-            memset(s->s3->client_random, 0, sizeof(s->s3->client_random));
-            s->d1->send_cookie = 0;
-            s->hit = 0;
-            s->d1->change_cipher_spec_ok = 0;
-            /*
-             * Should have been reset by ssl3_get_finished, too.
-             */
-            s->s3->change_cipher_spec = 0;
-            break;
-
-#ifndef OPENSSL_NO_SCTP
-        case DTLS1_SCTP_ST_CR_READ_SOCK:
-
-            if (BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) {
-                s->s3->in_read_app_data = 2;
-                s->rwstate = SSL_READING;
-                BIO_clear_retry_flags(SSL_get_rbio(s));
-                BIO_set_retry_read(SSL_get_rbio(s));
-                ret = -1;
-                goto end;
-            }
-
-            s->state = s->s3->tmp.next_state;
-            break;
-
-        case DTLS1_SCTP_ST_CW_WRITE_SOCK:
-            /* read app data until dry event */
-
-            ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
-            if (ret < 0)
-                goto end;
-
-            if (ret == 0) {
-                s->s3->in_read_app_data = 2;
-                s->rwstate = SSL_READING;
-                BIO_clear_retry_flags(SSL_get_rbio(s));
-                BIO_set_retry_read(SSL_get_rbio(s));
-                ret = -1;
-                goto end;
-            }
-
-            s->state = s->d1->next_state;
-            break;
-#endif
-
-        case SSL3_ST_CW_CLNT_HELLO_A:
-            s->shutdown = 0;
-
-            /* every DTLS ClientHello resets Finished MAC */
-            if (!ssl3_init_finished_mac(s)) {
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            }
-
-            /* fall thru */
-        case SSL3_ST_CW_CLNT_HELLO_B:
-            dtls1_start_timer(s);
-            ret = ssl3_client_hello(s);
-            if (ret <= 0)
-                goto end;
-
-            if (s->d1->send_cookie) {
-                s->state = SSL3_ST_CW_FLUSH;
-                s->s3->tmp.next_state = SSL3_ST_CR_SRVR_HELLO_A;
-            } else
-                s->state = SSL3_ST_CR_SRVR_HELLO_A;
-
-            s->init_num = 0;
-
-#ifndef OPENSSL_NO_SCTP
-            /* Disable buffering for SCTP */
-            if (!BIO_dgram_is_sctp(SSL_get_wbio(s))) {
-#endif
-                /*
-                 * turn on buffering for the next lot of output
-                 */
-                if (s->bbio != s->wbio)
-                    s->wbio = BIO_push(s->bbio, s->wbio);
-#ifndef OPENSSL_NO_SCTP
-            }
-#endif
-
-            break;
-
-        case SSL3_ST_CR_SRVR_HELLO_A:
-        case SSL3_ST_CR_SRVR_HELLO_B:
-            ret = ssl3_get_server_hello(s);
-            if (ret <= 0)
-                goto end;
-            else {
-                if (s->hit) {
-#ifndef OPENSSL_NO_SCTP
-                    /*
-                     * Add new shared key for SCTP-Auth, will be ignored if
-                     * no SCTP used.
-                     */
-                    snprintf((char *)labelbuffer,
-                             sizeof(DTLS1_SCTP_AUTH_LABEL),
-                             DTLS1_SCTP_AUTH_LABEL);
-
-                    if (SSL_export_keying_material(s, sctpauthkey,
-                                               sizeof(sctpauthkey),
-                                               labelbuffer,
-                                               sizeof(labelbuffer), NULL, 0,
-                                               0) <= 0) {
-                        ret = -1;
-                        s->state = SSL_ST_ERR;
-                        goto end;
-                    }
-
-                    BIO_ctrl(SSL_get_wbio(s),
-                             BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
-                             sizeof(sctpauthkey), sctpauthkey);
-#endif
-
-                    s->state = SSL3_ST_CR_FINISHED_A;
-                    if (s->tlsext_ticket_expected) {
-                        /* receive renewed session ticket */
-                        s->state = SSL3_ST_CR_SESSION_TICKET_A;
-                    }
-                } else
-                    s->state = DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A;
-            }
-            s->init_num = 0;
-            break;
-
-        case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
-        case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
-
-            ret = dtls1_get_hello_verify(s);
-            if (ret <= 0)
-                goto end;
-            dtls1_stop_timer(s);
-            if (s->d1->send_cookie) /* start again, with a cookie */
-                s->state = SSL3_ST_CW_CLNT_HELLO_A;
-            else
-                s->state = SSL3_ST_CR_CERT_A;
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_CR_CERT_A:
-        case SSL3_ST_CR_CERT_B:
-            /* Check if it is anon DH or PSK */
-            if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
-                !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
-                ret = ssl3_get_server_certificate(s);
-                if (ret <= 0)
-                    goto end;
-#ifndef OPENSSL_NO_TLSEXT
-                if (s->tlsext_status_expected)
-                    s->state = SSL3_ST_CR_CERT_STATUS_A;
-                else
-                    s->state = SSL3_ST_CR_KEY_EXCH_A;
-            } else {
-                skip = 1;
-                s->state = SSL3_ST_CR_KEY_EXCH_A;
-            }
-#else
-            } else
-                skip = 1;
-
-            s->state = SSL3_ST_CR_KEY_EXCH_A;
-#endif
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_CR_KEY_EXCH_A:
-        case SSL3_ST_CR_KEY_EXCH_B:
-            ret = ssl3_get_key_exchange(s);
-            if (ret <= 0)
-                goto end;
-            s->state = SSL3_ST_CR_CERT_REQ_A;
-            s->init_num = 0;
-
-            /*
-             * at this point we check that we have the required stuff from
-             * the server
-             */
-            if (!ssl3_check_cert_and_algorithm(s)) {
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            }
-            break;
-
-        case SSL3_ST_CR_CERT_REQ_A:
-        case SSL3_ST_CR_CERT_REQ_B:
-            ret = ssl3_get_certificate_request(s);
-            if (ret <= 0)
-                goto end;
-            s->state = SSL3_ST_CR_SRVR_DONE_A;
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_CR_SRVR_DONE_A:
-        case SSL3_ST_CR_SRVR_DONE_B:
-            ret = ssl3_get_server_done(s);
-            if (ret <= 0)
-                goto end;
-            dtls1_stop_timer(s);
-            if (s->s3->tmp.cert_req)
-                s->s3->tmp.next_state = SSL3_ST_CW_CERT_A;
-            else
-                s->s3->tmp.next_state = SSL3_ST_CW_KEY_EXCH_A;
-            s->init_num = 0;
-
-#ifndef OPENSSL_NO_SCTP
-            if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
-                state == SSL_ST_RENEGOTIATE)
-                s->state = DTLS1_SCTP_ST_CR_READ_SOCK;
-            else
-#endif
-                s->state = s->s3->tmp.next_state;
-            break;
-
-        case SSL3_ST_CW_CERT_A:
-        case SSL3_ST_CW_CERT_B:
-        case SSL3_ST_CW_CERT_C:
-        case SSL3_ST_CW_CERT_D:
-            dtls1_start_timer(s);
-            ret = ssl3_send_client_certificate(s);
-            if (ret <= 0)
-                goto end;
-            s->state = SSL3_ST_CW_KEY_EXCH_A;
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_CW_KEY_EXCH_A:
-        case SSL3_ST_CW_KEY_EXCH_B:
-            dtls1_start_timer(s);
-            ret = ssl3_send_client_key_exchange(s);
-            if (ret <= 0)
-                goto end;
-
-#ifndef OPENSSL_NO_SCTP
-            /*
-             * Add new shared key for SCTP-Auth, will be ignored if no SCTP
-             * used.
-             */
-            snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
-                     DTLS1_SCTP_AUTH_LABEL);
-
-            if (SSL_export_keying_material(s, sctpauthkey,
-                                       sizeof(sctpauthkey), labelbuffer,
-                                       sizeof(labelbuffer), NULL, 0, 0) <= 0) {
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            }
-
-            BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
-                     sizeof(sctpauthkey), sctpauthkey);
-#endif
-
-            /*
-             * EAY EAY EAY need to check for DH fix cert sent back
-             */
-            /*
-             * For TLS, cert_req is set to 2, so a cert chain of nothing is
-             * sent, but no verify packet is sent
-             */
-            if (s->s3->tmp.cert_req == 1) {
-                s->state = SSL3_ST_CW_CERT_VRFY_A;
-            } else {
-#ifndef OPENSSL_NO_SCTP
-                if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
-                    s->d1->next_state = SSL3_ST_CW_CHANGE_A;
-                    s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
-                } else
-#endif
-                    s->state = SSL3_ST_CW_CHANGE_A;
-            }
-
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_CW_CERT_VRFY_A:
-        case SSL3_ST_CW_CERT_VRFY_B:
-            dtls1_start_timer(s);
-            ret = ssl3_send_client_verify(s);
-            if (ret <= 0)
-                goto end;
-#ifndef OPENSSL_NO_SCTP
-            if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
-                s->d1->next_state = SSL3_ST_CW_CHANGE_A;
-                s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
-            } else
-#endif
-                s->state = SSL3_ST_CW_CHANGE_A;
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_CW_CHANGE_A:
-        case SSL3_ST_CW_CHANGE_B:
-            if (!s->hit)
-                dtls1_start_timer(s);
-            ret = dtls1_send_change_cipher_spec(s,
-                                                SSL3_ST_CW_CHANGE_A,
-                                                SSL3_ST_CW_CHANGE_B);
-            if (ret <= 0)
-                goto end;
-
-            s->state = SSL3_ST_CW_FINISHED_A;
-            s->init_num = 0;
-
-            s->session->cipher = s->s3->tmp.new_cipher;
-#ifdef OPENSSL_NO_COMP
-            s->session->compress_meth = 0;
-#else
-            if (s->s3->tmp.new_compression == NULL)
-                s->session->compress_meth = 0;
-            else
-                s->session->compress_meth = s->s3->tmp.new_compression->id;
-#endif
-            if (!s->method->ssl3_enc->setup_key_block(s)) {
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            }
-
-            if (!s->method->ssl3_enc->change_cipher_state(s,
-                                                          SSL3_CHANGE_CIPHER_CLIENT_WRITE))
-            {
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            }
-#ifndef OPENSSL_NO_SCTP
-            if (s->hit) {
-                /*
-                 * Change to new shared key of SCTP-Auth, will be ignored if
-                 * no SCTP used.
-                 */
-                BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY,
-                         0, NULL);
-            }
-#endif
-
-            dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
-            break;
-
-        case SSL3_ST_CW_FINISHED_A:
-        case SSL3_ST_CW_FINISHED_B:
-            if (!s->hit)
-                dtls1_start_timer(s);
-            ret = ssl3_send_finished(s,
-                                     SSL3_ST_CW_FINISHED_A,
-                                     SSL3_ST_CW_FINISHED_B,
-                                     s->method->
-                                     ssl3_enc->client_finished_label,
-                                     s->method->
-                                     ssl3_enc->client_finished_label_len);
-            if (ret <= 0)
-                goto end;
-            s->state = SSL3_ST_CW_FLUSH;
-
-            /* clear flags */
-            s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER;
-            if (s->hit) {
-                s->s3->tmp.next_state = SSL_ST_OK;
-#ifndef OPENSSL_NO_SCTP
-                if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
-                    s->d1->next_state = s->s3->tmp.next_state;
-                    s->s3->tmp.next_state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
-                }
-#endif
-                if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
-                    s->state = SSL_ST_OK;
-#ifndef OPENSSL_NO_SCTP
-                    if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
-                        s->d1->next_state = SSL_ST_OK;
-                        s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
-                    }
-#endif
-                    s->s3->flags |= SSL3_FLAGS_POP_BUFFER;
-                    s->s3->delay_buf_pop_ret = 0;
-                }
-            } else {
-#ifndef OPENSSL_NO_SCTP
-                /*
-                 * Change to new shared key of SCTP-Auth, will be ignored if
-                 * no SCTP used.
-                 */
-                BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY,
-                         0, NULL);
-#endif
-
-#ifndef OPENSSL_NO_TLSEXT
-                /*
-                 * Allow NewSessionTicket if ticket expected
-                 */
-                if (s->tlsext_ticket_expected)
-                    s->s3->tmp.next_state = SSL3_ST_CR_SESSION_TICKET_A;
-                else
-#endif
-
-                    s->s3->tmp.next_state = SSL3_ST_CR_FINISHED_A;
-            }
-            s->init_num = 0;
-            break;
-
-#ifndef OPENSSL_NO_TLSEXT
-        case SSL3_ST_CR_SESSION_TICKET_A:
-        case SSL3_ST_CR_SESSION_TICKET_B:
-            ret = ssl3_get_new_session_ticket(s);
-            if (ret <= 0)
-                goto end;
-            s->state = SSL3_ST_CR_FINISHED_A;
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_CR_CERT_STATUS_A:
-        case SSL3_ST_CR_CERT_STATUS_B:
-            ret = ssl3_get_cert_status(s);
-            if (ret <= 0)
-                goto end;
-            s->state = SSL3_ST_CR_KEY_EXCH_A;
-            s->init_num = 0;
-            break;
-#endif
-
-        case SSL3_ST_CR_FINISHED_A:
-        case SSL3_ST_CR_FINISHED_B:
-            s->d1->change_cipher_spec_ok = 1;
-            ret = ssl3_get_finished(s, SSL3_ST_CR_FINISHED_A,
-                                    SSL3_ST_CR_FINISHED_B);
-            if (ret <= 0)
-                goto end;
-            dtls1_stop_timer(s);
-
-            if (s->hit)
-                s->state = SSL3_ST_CW_CHANGE_A;
-            else
-                s->state = SSL_ST_OK;
-
-#ifndef OPENSSL_NO_SCTP
-            if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
-                state == SSL_ST_RENEGOTIATE) {
-                s->d1->next_state = s->state;
-                s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
-            }
-#endif
-
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_CW_FLUSH:
-            s->rwstate = SSL_WRITING;
-            if (BIO_flush(s->wbio) <= 0) {
-                /*
-                 * If the write error was fatal, stop trying
-                 */
-                if (!BIO_should_retry(s->wbio)) {
-                    s->rwstate = SSL_NOTHING;
-                    s->state = s->s3->tmp.next_state;
-                }
-
-                ret = -1;
-                goto end;
-            }
-            s->rwstate = SSL_NOTHING;
-            s->state = s->s3->tmp.next_state;
-            break;
-
-        case SSL_ST_OK:
-            /* clean a few things up */
-            ssl3_cleanup_key_block(s);
-
-#if 0
-            if (s->init_buf != NULL) {
-                BUF_MEM_free(s->init_buf);
-                s->init_buf = NULL;
-            }
-#endif
-
-            /*
-             * If we are not 'joining' the last two packets, remove the
-             * buffering now
-             */
-            if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
-                ssl_free_wbio_buffer(s);
-            /* else do it later in ssl3_write */
-
-            s->init_num = 0;
-            s->renegotiate = 0;
-            s->new_session = 0;
-
-            ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
-            if (s->hit)
-                s->ctx->stats.sess_hit++;
-
-            ret = 1;
-            /* s->server=0; */
-            s->handshake_func = dtls1_connect;
-            s->ctx->stats.sess_connect_good++;
-
-            if (cb != NULL)
-                cb(s, SSL_CB_HANDSHAKE_DONE, 1);
-
-            /* done with handshaking */
-            s->d1->handshake_read_seq = 0;
-            s->d1->next_handshake_write_seq = 0;
-            dtls1_clear_received_buffer(s);
-            goto end;
-            /* break; */
-
-        case SSL_ST_ERR:
-        default:
-            SSLerr(SSL_F_DTLS1_CONNECT, SSL_R_UNKNOWN_STATE);
-            ret = -1;
-            goto end;
-            /* break; */
-        }
-
-        /* did we do anything */
-        if (!s->s3->tmp.reuse_message && !skip) {
-            if (s->debug) {
-                if ((ret = BIO_flush(s->wbio)) <= 0)
-                    goto end;
-            }
-
-            if ((cb != NULL) && (s->state != state)) {
-                new_state = s->state;
-                s->state = state;
-                cb(s, SSL_CB_CONNECT_LOOP, 1);
-                s->state = new_state;
-            }
-        }
-        skip = 0;
-    }
- end:
-    s->in_handshake--;
-
-#ifndef OPENSSL_NO_SCTP
-    /*
-     * Notify SCTP BIO socket to leave handshake mode and allow stream
-     * identifier other than 0. Will be ignored if no SCTP is used.
-     */
-    BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
-             s->in_handshake, NULL);
-#endif
-
-    if (buf != NULL)
-        BUF_MEM_free(buf);
-    if (cb != NULL)
-        cb(s, SSL_CB_CONNECT_EXIT, ret);
-    return (ret);
-}
-
-static int dtls1_get_hello_verify(SSL *s)
-{
-    int n, al, ok = 0;
-    unsigned char *data;
-    unsigned int cookie_len;
-
-    s->first_packet = 1;
-    n = s->method->ssl_get_message(s,
-                                   DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A,
-                                   DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B,
-                                   -1, s->max_cert_list, &ok);
-    s->first_packet = 0;
-
-    if (!ok)
-        return ((int)n);
-
-    if (s->s3->tmp.message_type != DTLS1_MT_HELLO_VERIFY_REQUEST) {
-        s->d1->send_cookie = 0;
-        s->s3->tmp.reuse_message = 1;
-        return (1);
-    }
-
-    data = (unsigned char *)s->init_msg;
-#if 0
-    if (s->method->version != DTLS_ANY_VERSION &&
-        ((data[0] != (s->version >> 8)) || (data[1] != (s->version & 0xff))))
-    {
-        SSLerr(SSL_F_DTLS1_GET_HELLO_VERIFY, SSL_R_WRONG_SSL_VERSION);
-        s->version = (s->version & 0xff00) | data[1];
-        al = SSL_AD_PROTOCOL_VERSION;
-        goto f_err;
-    }
-#endif
-    data += 2;
-
-    cookie_len = *(data++);
-    if (cookie_len > sizeof(s->d1->cookie)) {
-        al = SSL_AD_ILLEGAL_PARAMETER;
-        goto f_err;
-    }
-
-    memcpy(s->d1->cookie, data, cookie_len);
-    s->d1->cookie_len = cookie_len;
-
-    s->d1->send_cookie = 1;
-    return 1;
-
- f_err:
-    ssl3_send_alert(s, SSL3_AL_FATAL, al);
-    s->state = SSL_ST_ERR;
-    return -1;
-}
diff --git a/thirdparty/openssl/ssl/d1_lib.c b/thirdparty/openssl/ssl/d1_lib.c
deleted file mode 100644
index debd4fd5dc..0000000000
--- a/thirdparty/openssl/ssl/d1_lib.c
+++ /dev/null
@@ -1,588 +0,0 @@
-/* ssl/d1_lib.c */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#define USE_SOCKETS
-#include <openssl/objects.h>
-#include "ssl_locl.h"
-
-#if defined(OPENSSL_SYS_VMS)
-# include <sys/timeb.h>
-#endif
-
-static void get_current_time(struct timeval *t);
-static void dtls1_set_handshake_header(SSL *s, int type, unsigned long len);
-static int dtls1_handshake_write(SSL *s);
-const char dtls1_version_str[] = "DTLSv1" OPENSSL_VERSION_PTEXT;
-int dtls1_listen(SSL *s, struct sockaddr *client);
-
-SSL3_ENC_METHOD DTLSv1_enc_data = {
-    tls1_enc,
-    tls1_mac,
-    tls1_setup_key_block,
-    tls1_generate_master_secret,
-    tls1_change_cipher_state,
-    tls1_final_finish_mac,
-    TLS1_FINISH_MAC_LENGTH,
-    tls1_cert_verify_mac,
-    TLS_MD_CLIENT_FINISH_CONST, TLS_MD_CLIENT_FINISH_CONST_SIZE,
-    TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
-    tls1_alert_code,
-    tls1_export_keying_material,
-    SSL_ENC_FLAG_DTLS | SSL_ENC_FLAG_EXPLICIT_IV,
-    DTLS1_HM_HEADER_LENGTH,
-    dtls1_set_handshake_header,
-    dtls1_handshake_write
-};
-
-SSL3_ENC_METHOD DTLSv1_2_enc_data = {
-    tls1_enc,
-    tls1_mac,
-    tls1_setup_key_block,
-    tls1_generate_master_secret,
-    tls1_change_cipher_state,
-    tls1_final_finish_mac,
-    TLS1_FINISH_MAC_LENGTH,
-    tls1_cert_verify_mac,
-    TLS_MD_CLIENT_FINISH_CONST, TLS_MD_CLIENT_FINISH_CONST_SIZE,
-    TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
-    tls1_alert_code,
-    tls1_export_keying_material,
-    SSL_ENC_FLAG_DTLS | SSL_ENC_FLAG_EXPLICIT_IV | SSL_ENC_FLAG_SIGALGS
-        | SSL_ENC_FLAG_SHA256_PRF | SSL_ENC_FLAG_TLS1_2_CIPHERS,
-    DTLS1_HM_HEADER_LENGTH,
-    dtls1_set_handshake_header,
-    dtls1_handshake_write
-};
-
-long dtls1_default_timeout(void)
-{
-    /*
-     * 2 hours, the 24 hours mentioned in the DTLSv1 spec is way too long for
-     * http, the cache would over fill
-     */
-    return (60 * 60 * 2);
-}
-
-int dtls1_new(SSL *s)
-{
-    DTLS1_STATE *d1;
-
-    if (!ssl3_new(s))
-        return (0);
-    if ((d1 = OPENSSL_malloc(sizeof *d1)) == NULL)
-        return (0);
-    memset(d1, 0, sizeof *d1);
-
-    /* d1->handshake_epoch=0; */
-
-    d1->unprocessed_rcds.q = pqueue_new();
-    d1->processed_rcds.q = pqueue_new();
-    d1->buffered_messages = pqueue_new();
-    d1->sent_messages = pqueue_new();
-    d1->buffered_app_data.q = pqueue_new();
-
-    if (s->server) {
-        d1->cookie_len = sizeof(s->d1->cookie);
-    }
-
-    d1->link_mtu = 0;
-    d1->mtu = 0;
-
-    if (!d1->unprocessed_rcds.q || !d1->processed_rcds.q
-        || !d1->buffered_messages || !d1->sent_messages
-        || !d1->buffered_app_data.q) {
-        if (d1->unprocessed_rcds.q)
-            pqueue_free(d1->unprocessed_rcds.q);
-        if (d1->processed_rcds.q)
-            pqueue_free(d1->processed_rcds.q);
-        if (d1->buffered_messages)
-            pqueue_free(d1->buffered_messages);
-        if (d1->sent_messages)
-            pqueue_free(d1->sent_messages);
-        if (d1->buffered_app_data.q)
-            pqueue_free(d1->buffered_app_data.q);
-        OPENSSL_free(d1);
-        return (0);
-    }
-
-    s->d1 = d1;
-    s->method->ssl_clear(s);
-    return (1);
-}
-
-static void dtls1_clear_queues(SSL *s)
-{
-    pitem *item = NULL;
-    DTLS1_RECORD_DATA *rdata;
-
-    while ((item = pqueue_pop(s->d1->unprocessed_rcds.q)) != NULL) {
-        rdata = (DTLS1_RECORD_DATA *)item->data;
-        if (rdata->rbuf.buf) {
-            OPENSSL_free(rdata->rbuf.buf);
-        }
-        OPENSSL_free(item->data);
-        pitem_free(item);
-    }
-
-    while ((item = pqueue_pop(s->d1->processed_rcds.q)) != NULL) {
-        rdata = (DTLS1_RECORD_DATA *)item->data;
-        if (rdata->rbuf.buf) {
-            OPENSSL_free(rdata->rbuf.buf);
-        }
-        OPENSSL_free(item->data);
-        pitem_free(item);
-    }
-
-    while ((item = pqueue_pop(s->d1->buffered_app_data.q)) != NULL) {
-        rdata = (DTLS1_RECORD_DATA *)item->data;
-        if (rdata->rbuf.buf) {
-            OPENSSL_free(rdata->rbuf.buf);
-        }
-        OPENSSL_free(item->data);
-        pitem_free(item);
-    }
-
-    dtls1_clear_received_buffer(s);
-    dtls1_clear_sent_buffer(s);
-}
-
-void dtls1_clear_received_buffer(SSL *s)
-{
-    pitem *item = NULL;
-    hm_fragment *frag = NULL;
-
-    while ((item = pqueue_pop(s->d1->buffered_messages)) != NULL) {
-        frag = (hm_fragment *)item->data;
-        dtls1_hm_fragment_free(frag);
-        pitem_free(item);
-    }
-}
-
-void dtls1_clear_sent_buffer(SSL *s)
-{
-    pitem *item = NULL;
-    hm_fragment *frag = NULL;
-
-    while ((item = pqueue_pop(s->d1->sent_messages)) != NULL) {
-        frag = (hm_fragment *)item->data;
-        dtls1_hm_fragment_free(frag);
-        pitem_free(item);
-    }
-}
-
-
-void dtls1_free(SSL *s)
-{
-    ssl3_free(s);
-
-    dtls1_clear_queues(s);
-
-    pqueue_free(s->d1->unprocessed_rcds.q);
-    pqueue_free(s->d1->processed_rcds.q);
-    pqueue_free(s->d1->buffered_messages);
-    pqueue_free(s->d1->sent_messages);
-    pqueue_free(s->d1->buffered_app_data.q);
-
-    OPENSSL_free(s->d1);
-    s->d1 = NULL;
-}
-
-void dtls1_clear(SSL *s)
-{
-    pqueue unprocessed_rcds;
-    pqueue processed_rcds;
-    pqueue buffered_messages;
-    pqueue sent_messages;
-    pqueue buffered_app_data;
-    unsigned int mtu;
-    unsigned int link_mtu;
-
-    if (s->d1) {
-        unprocessed_rcds = s->d1->unprocessed_rcds.q;
-        processed_rcds = s->d1->processed_rcds.q;
-        buffered_messages = s->d1->buffered_messages;
-        sent_messages = s->d1->sent_messages;
-        buffered_app_data = s->d1->buffered_app_data.q;
-        mtu = s->d1->mtu;
-        link_mtu = s->d1->link_mtu;
-
-        dtls1_clear_queues(s);
-
-        memset(s->d1, 0, sizeof(*(s->d1)));
-
-        if (s->server) {
-            s->d1->cookie_len = sizeof(s->d1->cookie);
-        }
-
-        if (SSL_get_options(s) & SSL_OP_NO_QUERY_MTU) {
-            s->d1->mtu = mtu;
-            s->d1->link_mtu = link_mtu;
-        }
-
-        s->d1->unprocessed_rcds.q = unprocessed_rcds;
-        s->d1->processed_rcds.q = processed_rcds;
-        s->d1->buffered_messages = buffered_messages;
-        s->d1->sent_messages = sent_messages;
-        s->d1->buffered_app_data.q = buffered_app_data;
-    }
-
-    ssl3_clear(s);
-    if (s->options & SSL_OP_CISCO_ANYCONNECT)
-        s->client_version = s->version = DTLS1_BAD_VER;
-    else if (s->method->version == DTLS_ANY_VERSION)
-        s->version = DTLS1_2_VERSION;
-    else
-        s->version = s->method->version;
-}
-
-long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg)
-{
-    int ret = 0;
-
-    switch (cmd) {
-    case DTLS_CTRL_GET_TIMEOUT:
-        if (dtls1_get_timeout(s, (struct timeval *)parg) != NULL) {
-            ret = 1;
-        }
-        break;
-    case DTLS_CTRL_HANDLE_TIMEOUT:
-        ret = dtls1_handle_timeout(s);
-        break;
-    case DTLS_CTRL_LISTEN:
-        ret = dtls1_listen(s, parg);
-        break;
-    case SSL_CTRL_CHECK_PROTO_VERSION:
-        /*
-         * For library-internal use; checks that the current protocol is the
-         * highest enabled version (according to s->ctx->method, as version
-         * negotiation may have changed s->method).
-         */
-        if (s->version == s->ctx->method->version)
-            return 1;
-        /*
-         * Apparently we're using a version-flexible SSL_METHOD (not at its
-         * highest protocol version).
-         */
-        if (s->ctx->method->version == DTLS_method()->version) {
-#if DTLS_MAX_VERSION != DTLS1_2_VERSION
-# error Code needs update for DTLS_method() support beyond DTLS1_2_VERSION.
-#endif
-            if (!(s->options & SSL_OP_NO_DTLSv1_2))
-                return s->version == DTLS1_2_VERSION;
-            if (!(s->options & SSL_OP_NO_DTLSv1))
-                return s->version == DTLS1_VERSION;
-        }
-        return 0;               /* Unexpected state; fail closed. */
-    case DTLS_CTRL_SET_LINK_MTU:
-        if (larg < (long)dtls1_link_min_mtu())
-            return 0;
-        s->d1->link_mtu = larg;
-        return 1;
-    case DTLS_CTRL_GET_LINK_MIN_MTU:
-        return (long)dtls1_link_min_mtu();
-    case SSL_CTRL_SET_MTU:
-        /*
-         *  We may not have a BIO set yet so can't call dtls1_min_mtu()
-         *  We'll have to make do with dtls1_link_min_mtu() and max overhead
-         */
-        if (larg < (long)dtls1_link_min_mtu() - DTLS1_MAX_MTU_OVERHEAD)
-            return 0;
-        s->d1->mtu = larg;
-        return larg;
-    default:
-        ret = ssl3_ctrl(s, cmd, larg, parg);
-        break;
-    }
-    return (ret);
-}
-
-/*
- * As it's impossible to use stream ciphers in "datagram" mode, this
- * simple filter is designed to disengage them in DTLS. Unfortunately
- * there is no universal way to identify stream SSL_CIPHER, so we have
- * to explicitly list their SSL_* codes. Currently RC4 is the only one
- * available, but if new ones emerge, they will have to be added...
- */
-const SSL_CIPHER *dtls1_get_cipher(unsigned int u)
-{
-    const SSL_CIPHER *ciph = ssl3_get_cipher(u);
-
-    if (ciph != NULL) {
-        if (ciph->algorithm_enc == SSL_RC4)
-            return NULL;
-    }
-
-    return ciph;
-}
-
-void dtls1_start_timer(SSL *s)
-{
-#ifndef OPENSSL_NO_SCTP
-    /* Disable timer for SCTP */
-    if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
-        memset(&(s->d1->next_timeout), 0, sizeof(struct timeval));
-        return;
-    }
-#endif
-
-    /* If timer is not set, initialize duration with 1 second */
-    if (s->d1->next_timeout.tv_sec == 0 && s->d1->next_timeout.tv_usec == 0) {
-        s->d1->timeout_duration = 1;
-    }
-
-    /* Set timeout to current time */
-    get_current_time(&(s->d1->next_timeout));
-
-    /* Add duration to current time */
-    s->d1->next_timeout.tv_sec += s->d1->timeout_duration;
-    BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0,
-             &(s->d1->next_timeout));
-}
-
-struct timeval *dtls1_get_timeout(SSL *s, struct timeval *timeleft)
-{
-    struct timeval timenow;
-
-    /* If no timeout is set, just return NULL */
-    if (s->d1->next_timeout.tv_sec == 0 && s->d1->next_timeout.tv_usec == 0) {
-        return NULL;
-    }
-
-    /* Get current time */
-    get_current_time(&timenow);
-
-    /* If timer already expired, set remaining time to 0 */
-    if (s->d1->next_timeout.tv_sec < timenow.tv_sec ||
-        (s->d1->next_timeout.tv_sec == timenow.tv_sec &&
-         s->d1->next_timeout.tv_usec <= timenow.tv_usec)) {
-        memset(timeleft, 0, sizeof(struct timeval));
-        return timeleft;
-    }
-
-    /* Calculate time left until timer expires */
-    memcpy(timeleft, &(s->d1->next_timeout), sizeof(struct timeval));
-    timeleft->tv_sec -= timenow.tv_sec;
-    timeleft->tv_usec -= timenow.tv_usec;
-    if (timeleft->tv_usec < 0) {
-        timeleft->tv_sec--;
-        timeleft->tv_usec += 1000000;
-    }
-
-    /*
-     * If remaining time is less than 15 ms, set it to 0 to prevent issues
-     * because of small devergences with socket timeouts.
-     */
-    if (timeleft->tv_sec == 0 && timeleft->tv_usec < 15000) {
-        memset(timeleft, 0, sizeof(struct timeval));
-    }
-
-    return timeleft;
-}
-
-int dtls1_is_timer_expired(SSL *s)
-{
-    struct timeval timeleft;
-
-    /* Get time left until timeout, return false if no timer running */
-    if (dtls1_get_timeout(s, &timeleft) == NULL) {
-        return 0;
-    }
-
-    /* Return false if timer is not expired yet */
-    if (timeleft.tv_sec > 0 || timeleft.tv_usec > 0) {
-        return 0;
-    }
-
-    /* Timer expired, so return true */
-    return 1;
-}
-
-void dtls1_double_timeout(SSL *s)
-{
-    s->d1->timeout_duration *= 2;
-    if (s->d1->timeout_duration > 60)
-        s->d1->timeout_duration = 60;
-    dtls1_start_timer(s);
-}
-
-void dtls1_stop_timer(SSL *s)
-{
-    /* Reset everything */
-    memset(&(s->d1->timeout), 0, sizeof(struct dtls1_timeout_st));
-    memset(&(s->d1->next_timeout), 0, sizeof(struct timeval));
-    s->d1->timeout_duration = 1;
-    BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0,
-             &(s->d1->next_timeout));
-    /* Clear retransmission buffer */
-    dtls1_clear_sent_buffer(s);
-}
-
-int dtls1_check_timeout_num(SSL *s)
-{
-    unsigned int mtu;
-
-    s->d1->timeout.num_alerts++;
-
-    /* Reduce MTU after 2 unsuccessful retransmissions */
-    if (s->d1->timeout.num_alerts > 2
-        && !(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {
-        mtu =
-            BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_GET_FALLBACK_MTU, 0,
-                     NULL);
-        if (mtu < s->d1->mtu)
-            s->d1->mtu = mtu;
-    }
-
-    if (s->d1->timeout.num_alerts > DTLS1_TMO_ALERT_COUNT) {
-        /* fail the connection, enough alerts have been sent */
-        SSLerr(SSL_F_DTLS1_CHECK_TIMEOUT_NUM, SSL_R_READ_TIMEOUT_EXPIRED);
-        return -1;
-    }
-
-    return 0;
-}
-
-int dtls1_handle_timeout(SSL *s)
-{
-    /* if no timer is expired, don't do anything */
-    if (!dtls1_is_timer_expired(s)) {
-        return 0;
-    }
-
-    dtls1_double_timeout(s);
-
-    if (dtls1_check_timeout_num(s) < 0)
-        return -1;
-
-    s->d1->timeout.read_timeouts++;
-    if (s->d1->timeout.read_timeouts > DTLS1_TMO_READ_COUNT) {
-        s->d1->timeout.read_timeouts = 1;
-    }
-#ifndef OPENSSL_NO_HEARTBEATS
-    if (s->tlsext_hb_pending) {
-        s->tlsext_hb_pending = 0;
-        return dtls1_heartbeat(s);
-    }
-#endif
-
-    dtls1_start_timer(s);
-    return dtls1_retransmit_buffered_messages(s);
-}
-
-static void get_current_time(struct timeval *t)
-{
-#if defined(_WIN32)
-    SYSTEMTIME st;
-    union {
-        unsigned __int64 ul;
-        FILETIME ft;
-    } now;
-
-    GetSystemTime(&st);
-    SystemTimeToFileTime(&st, &now.ft);
-# ifdef  __MINGW32__
-    now.ul -= 116444736000000000ULL;
-# else
-    now.ul -= 116444736000000000UI64; /* re-bias to 1/1/1970 */
-# endif
-    t->tv_sec = (long)(now.ul / 10000000);
-    t->tv_usec = ((int)(now.ul % 10000000)) / 10;
-#elif defined(OPENSSL_SYS_VMS)
-    struct timeb tb;
-    ftime(&tb);
-    t->tv_sec = (long)tb.time;
-    t->tv_usec = (long)tb.millitm * 1000;
-#else
-    gettimeofday(t, NULL);
-#endif
-}
-
-int dtls1_listen(SSL *s, struct sockaddr *client)
-{
-    int ret;
-
-    /* Ensure there is no state left over from a previous invocation */
-    SSL_clear(s);
-
-    SSL_set_options(s, SSL_OP_COOKIE_EXCHANGE);
-    s->d1->listen = 1;
-
-    ret = SSL_accept(s);
-    if (ret <= 0)
-        return ret;
-
-    (void)BIO_dgram_get_peer(SSL_get_rbio(s), client);
-    return 1;
-}
-
-static void dtls1_set_handshake_header(SSL *s, int htype, unsigned long len)
-{
-    unsigned char *p = (unsigned char *)s->init_buf->data;
-    dtls1_set_message_header(s, p, htype, len, 0, len);
-    s->init_num = (int)len + DTLS1_HM_HEADER_LENGTH;
-    s->init_off = 0;
-    /* Buffer the message to handle re-xmits */
-    dtls1_buffer_message(s, 0);
-}
-
-static int dtls1_handshake_write(SSL *s)
-{
-    return dtls1_do_write(s, SSL3_RT_HANDSHAKE);
-}
diff --git a/thirdparty/openssl/ssl/d1_meth.c b/thirdparty/openssl/ssl/d1_meth.c
deleted file mode 100644
index 899010e985..0000000000
--- a/thirdparty/openssl/ssl/d1_meth.c
+++ /dev/null
@@ -1,90 +0,0 @@
-/* ssl/d1_meth.h */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include "ssl_locl.h"
-
-static const SSL_METHOD *dtls1_get_method(int ver);
-static const SSL_METHOD *dtls1_get_method(int ver)
-{
-    if (ver == DTLS_ANY_VERSION)
-        return DTLS_method();
-    else if (ver == DTLS1_VERSION)
-        return DTLSv1_method();
-    else if (ver == DTLS1_2_VERSION)
-        return DTLSv1_2_method();
-    else
-        return NULL;
-}
-
-IMPLEMENT_dtls1_meth_func(DTLS1_VERSION,
-                          DTLSv1_method,
-                          dtls1_accept,
-                          dtls1_connect, dtls1_get_method, DTLSv1_enc_data)
-
-IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION,
-                          DTLSv1_2_method,
-                          dtls1_accept,
-                          dtls1_connect, dtls1_get_method, DTLSv1_2_enc_data)
-
-IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION,
-                          DTLS_method,
-                          dtls1_accept,
-                          dtls1_connect, dtls1_get_method, DTLSv1_2_enc_data)
diff --git a/thirdparty/openssl/ssl/d1_pkt.c b/thirdparty/openssl/ssl/d1_pkt.c
deleted file mode 100644
index 10586fee54..0000000000
--- a/thirdparty/openssl/ssl/d1_pkt.c
+++ /dev/null
@@ -1,2020 +0,0 @@
-/* ssl/d1_pkt.c */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include "ssl_locl.h"
-#include <openssl/evp.h>
-#include <openssl/buffer.h>
-#include <openssl/pqueue.h>
-#include <openssl/rand.h>
-
-/* mod 128 saturating subtract of two 64-bit values in big-endian order */
-static int satsub64be(const unsigned char *v1, const unsigned char *v2)
-{
-    int ret, i;
-
-    if (sizeof(long) == 8)
-        do {
-            const union {
-                long one;
-                char little;
-            } is_endian = {
-                1
-            };
-            long l;
-
-            if (is_endian.little)
-                break;
-            /* not reached on little-endians */
-            /*
-             * following test is redundant, because input is always aligned,
-             * but I take no chances...
-             */
-            if (((size_t)v1 | (size_t)v2) & 0x7)
-                break;
-
-            l = *((long *)v1);
-            l -= *((long *)v2);
-            if (l > 128)
-                return 128;
-            else if (l < -128)
-                return -128;
-            else
-                return (int)l;
-        } while (0);
-
-    ret = 0;
-    for (i=0; i<7; i++) {
-        if (v1[i] > v2[i]) {
-            /* v1 is larger... but by how much? */
-            if (v1[i] != v2[i] + 1)
-                return 128;
-            while (++i <= 6) {
-                if (v1[i] != 0x00 || v2[i] != 0xff)
-                    return 128; /* too much */
-            }
-            /* We checked all the way to the penultimate byte,
-             * so despite higher bytes changing we actually
-             * know that it only changed from (e.g.)
-             *       ... (xx)  ff ff ff ??
-             * to   ... (xx+1) 00 00 00 ??
-             * so we add a 'bias' of 256 for the carry that
-             * happened, and will eventually return
-             * 256 + v1[7] - v2[7]. */
-            ret = 256;
-            break;
-        } else if (v2[i] > v1[i]) {
-            /* v2 is larger... but by how much? */
-            if (v2[i] != v1[i] + 1)
-                return -128;
-            while (++i <= 6) {
-                if (v2[i] != 0x00 || v1[i] != 0xff)
-                    return -128; /* too much */
-            }
-            /* Similar to the case above, we know it changed
-             * from    ... (xx)  00 00 00 ??
-             * to     ... (xx-1) ff ff ff ??
-             * so we add a 'bias' of -256 for the borrow,
-             * to return -256 + v1[7] - v2[7]. */
-            ret = -256;
-        }
-    }
-
-    ret += (int)v1[7] - (int)v2[7];
-
-    if (ret > 128)
-        return 128;
-    else if (ret < -128)
-        return -128;
-    else
-        return ret;
-}
-
-static int have_handshake_fragment(SSL *s, int type, unsigned char *buf,
-                                   int len, int peek);
-static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap);
-static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap);
-static DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr,
-                                      unsigned int *is_next_epoch);
-#if 0
-static int dtls1_record_needs_buffering(SSL *s, SSL3_RECORD *rr,
-                                        unsigned short *priority,
-                                        unsigned long *offset);
-#endif
-static int dtls1_buffer_record(SSL *s, record_pqueue *q,
-                               unsigned char *priority);
-static int dtls1_process_record(SSL *s, DTLS1_BITMAP *bitmap);
-
-/* copy buffered record into SSL structure */
-static int dtls1_copy_record(SSL *s, pitem *item)
-{
-    DTLS1_RECORD_DATA *rdata;
-
-    rdata = (DTLS1_RECORD_DATA *)item->data;
-
-    if (s->s3->rbuf.buf != NULL)
-        OPENSSL_free(s->s3->rbuf.buf);
-
-    s->packet = rdata->packet;
-    s->packet_length = rdata->packet_length;
-    memcpy(&(s->s3->rbuf), &(rdata->rbuf), sizeof(SSL3_BUFFER));
-    memcpy(&(s->s3->rrec), &(rdata->rrec), sizeof(SSL3_RECORD));
-
-    /* Set proper sequence number for mac calculation */
-    memcpy(&(s->s3->read_sequence[2]), &(rdata->packet[5]), 6);
-
-    return (1);
-}
-
-static int
-dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)
-{
-    DTLS1_RECORD_DATA *rdata;
-    pitem *item;
-
-    /* Limit the size of the queue to prevent DOS attacks */
-    if (pqueue_size(queue->q) >= 100)
-        return 0;
-
-    rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA));
-    item = pitem_new(priority, rdata);
-    if (rdata == NULL || item == NULL) {
-        if (rdata != NULL)
-            OPENSSL_free(rdata);
-        if (item != NULL)
-            pitem_free(item);
-
-        SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
-        return -1;
-    }
-
-    rdata->packet = s->packet;
-    rdata->packet_length = s->packet_length;
-    memcpy(&(rdata->rbuf), &(s->s3->rbuf), sizeof(SSL3_BUFFER));
-    memcpy(&(rdata->rrec), &(s->s3->rrec), sizeof(SSL3_RECORD));
-
-    item->data = rdata;
-
-#ifndef OPENSSL_NO_SCTP
-    /* Store bio_dgram_sctp_rcvinfo struct */
-    if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
-        (s->state == SSL3_ST_SR_FINISHED_A
-         || s->state == SSL3_ST_CR_FINISHED_A)) {
-        BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SCTP_GET_RCVINFO,
-                 sizeof(rdata->recordinfo), &rdata->recordinfo);
-    }
-#endif
-
-    s->packet = NULL;
-    s->packet_length = 0;
-    memset(&(s->s3->rbuf), 0, sizeof(SSL3_BUFFER));
-    memset(&(s->s3->rrec), 0, sizeof(SSL3_RECORD));
-
-    if (!ssl3_setup_buffers(s)) {
-        SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
-        if (rdata->rbuf.buf != NULL)
-            OPENSSL_free(rdata->rbuf.buf);
-        OPENSSL_free(rdata);
-        pitem_free(item);
-        return (-1);
-    }
-
-    /* insert should not fail, since duplicates are dropped */
-    if (pqueue_insert(queue->q, item) == NULL) {
-        SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
-        if (rdata->rbuf.buf != NULL)
-            OPENSSL_free(rdata->rbuf.buf);
-        OPENSSL_free(rdata);
-        pitem_free(item);
-        return (-1);
-    }
-
-    return (1);
-}
-
-static int dtls1_retrieve_buffered_record(SSL *s, record_pqueue *queue)
-{
-    pitem *item;
-
-    item = pqueue_pop(queue->q);
-    if (item) {
-        dtls1_copy_record(s, item);
-
-        OPENSSL_free(item->data);
-        pitem_free(item);
-
-        return (1);
-    }
-
-    return (0);
-}
-
-/*
- * retrieve a buffered record that belongs to the new epoch, i.e., not
- * processed yet
- */
-#define dtls1_get_unprocessed_record(s) \
-                   dtls1_retrieve_buffered_record((s), \
-                   &((s)->d1->unprocessed_rcds))
-
-/*
- * retrieve a buffered record that belongs to the current epoch, ie,
- * processed
- */
-#define dtls1_get_processed_record(s) \
-                   dtls1_retrieve_buffered_record((s), \
-                   &((s)->d1->processed_rcds))
-
-static int dtls1_process_buffered_records(SSL *s)
-{
-    pitem *item;
-    SSL3_BUFFER *rb;
-    SSL3_RECORD *rr;
-    DTLS1_BITMAP *bitmap;
-    unsigned int is_next_epoch;
-    int replayok = 1;
-
-    item = pqueue_peek(s->d1->unprocessed_rcds.q);
-    if (item) {
-        /* Check if epoch is current. */
-        if (s->d1->unprocessed_rcds.epoch != s->d1->r_epoch)
-            return 1;         /* Nothing to do. */
-
-        rr = &s->s3->rrec;
-        rb = &s->s3->rbuf;
-
-        if (rb->left > 0) {
-            /*
-             * We've still got data from the current packet to read. There could
-             * be a record from the new epoch in it - so don't overwrite it
-             * with the unprocessed records yet (we'll do it when we've
-             * finished reading the current packet).
-             */
-            return 1;
-        }
-
-
-        /* Process all the records. */
-        while (pqueue_peek(s->d1->unprocessed_rcds.q)) {
-            dtls1_get_unprocessed_record(s);
-            bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch);
-            if (bitmap == NULL) {
-                /*
-                 * Should not happen. This will only ever be NULL when the
-                 * current record is from a different epoch. But that cannot
-                 * be the case because we already checked the epoch above
-                 */
-                 SSLerr(SSL_F_DTLS1_PROCESS_BUFFERED_RECORDS,
-                        ERR_R_INTERNAL_ERROR);
-                 return 0;
-            }
-#ifndef OPENSSL_NO_SCTP
-            /* Only do replay check if no SCTP bio */
-            if (!BIO_dgram_is_sctp(SSL_get_rbio(s)))
-#endif
-            {
-                /*
-                 * Check whether this is a repeat, or aged record. We did this
-                 * check once already when we first received the record - but
-                 * we might have updated the window since then due to
-                 * records we subsequently processed.
-                 */
-                replayok = dtls1_record_replay_check(s, bitmap);
-            }
-
-            if (!replayok || !dtls1_process_record(s, bitmap)) {
-                /* dump this record */
-                rr->length = 0;
-                s->packet_length = 0;
-                continue;
-            }
-
-            if (dtls1_buffer_record(s, &(s->d1->processed_rcds),
-                                    s->s3->rrec.seq_num) < 0)
-                return 0;
-        }
-    }
-
-    /*
-     * sync epoch numbers once all the unprocessed records have been
-     * processed
-     */
-    s->d1->processed_rcds.epoch = s->d1->r_epoch;
-    s->d1->unprocessed_rcds.epoch = s->d1->r_epoch + 1;
-
-    return 1;
-}
-
-#if 0
-
-static int dtls1_get_buffered_record(SSL *s)
-{
-    pitem *item;
-    PQ_64BIT priority =
-        (((PQ_64BIT) s->d1->handshake_read_seq) << 32) |
-        ((PQ_64BIT) s->d1->r_msg_hdr.frag_off);
-
-    /* if we're not (re)negotiating, nothing buffered */
-    if (!SSL_in_init(s))
-        return 0;
-
-    item = pqueue_peek(s->d1->rcvd_records);
-    if (item && item->priority == priority) {
-        /*
-         * Check if we've received the record of interest.  It must be a
-         * handshake record, since data records as passed up without
-         * buffering
-         */
-        DTLS1_RECORD_DATA *rdata;
-        item = pqueue_pop(s->d1->rcvd_records);
-        rdata = (DTLS1_RECORD_DATA *)item->data;
-
-        if (s->s3->rbuf.buf != NULL)
-            OPENSSL_free(s->s3->rbuf.buf);
-
-        s->packet = rdata->packet;
-        s->packet_length = rdata->packet_length;
-        memcpy(&(s->s3->rbuf), &(rdata->rbuf), sizeof(SSL3_BUFFER));
-        memcpy(&(s->s3->rrec), &(rdata->rrec), sizeof(SSL3_RECORD));
-
-        OPENSSL_free(item->data);
-        pitem_free(item);
-
-        /* s->d1->next_expected_seq_num++; */
-        return (1);
-    }
-
-    return 0;
-}
-
-#endif
-
-static int dtls1_process_record(SSL *s, DTLS1_BITMAP *bitmap)
-{
-    int i, al;
-    int enc_err;
-    SSL_SESSION *sess;
-    SSL3_RECORD *rr;
-    unsigned int mac_size, orig_len;
-    unsigned char md[EVP_MAX_MD_SIZE];
-
-    rr = &(s->s3->rrec);
-    sess = s->session;
-
-    /*
-     * At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
-     * and we have that many bytes in s->packet
-     */
-    rr->input = &(s->packet[DTLS1_RT_HEADER_LENGTH]);
-
-    /*
-     * ok, we can now read from 's->packet' data into 'rr' rr->input points
-     * at rr->length bytes, which need to be copied into rr->data by either
-     * the decryption or by the decompression When the data is 'copied' into
-     * the rr->data buffer, rr->input will be pointed at the new buffer
-     */
-
-    /*
-     * We now have - encrypted [ MAC [ compressed [ plain ] ] ] rr->length
-     * bytes of encrypted compressed stuff.
-     */
-
-    /* check is not needed I believe */
-    if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) {
-        al = SSL_AD_RECORD_OVERFLOW;
-        SSLerr(SSL_F_DTLS1_PROCESS_RECORD, SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
-        goto f_err;
-    }
-
-    /* decrypt in place in 'rr->input' */
-    rr->data = rr->input;
-
-    enc_err = s->method->ssl3_enc->enc(s, 0);
-    /*-
-     * enc_err is:
-     *    0: (in non-constant time) if the record is publically invalid.
-     *    1: if the padding is valid
-     *   -1: if the padding is invalid
-     */
-    if (enc_err == 0) {
-        /* For DTLS we simply ignore bad packets. */
-        rr->length = 0;
-        s->packet_length = 0;
-        goto err;
-    }
-#ifdef TLS_DEBUG
-    printf("dec %d\n", rr->length);
-    {
-        unsigned int z;
-        for (z = 0; z < rr->length; z++)
-            printf("%02X%c", rr->data[z], ((z + 1) % 16) ? ' ' : '\n');
-    }
-    printf("\n");
-#endif
-
-    /* r->length is now the compressed data plus mac */
-    if ((sess != NULL) &&
-        (s->enc_read_ctx != NULL) && (EVP_MD_CTX_md(s->read_hash) != NULL)) {
-        /* s->read_hash != NULL => mac_size != -1 */
-        unsigned char *mac = NULL;
-        unsigned char mac_tmp[EVP_MAX_MD_SIZE];
-        mac_size = EVP_MD_CTX_size(s->read_hash);
-        OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);
-
-        /*
-         * kludge: *_cbc_remove_padding passes padding length in rr->type
-         */
-        orig_len = rr->length + ((unsigned int)rr->type >> 8);
-
-        /*
-         * orig_len is the length of the record before any padding was
-         * removed. This is public information, as is the MAC in use,
-         * therefore we can safely process the record in a different amount
-         * of time if it's too short to possibly contain a MAC.
-         */
-        if (orig_len < mac_size ||
-            /* CBC records must have a padding length byte too. */
-            (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
-             orig_len < mac_size + 1)) {
-            al = SSL_AD_DECODE_ERROR;
-            SSLerr(SSL_F_DTLS1_PROCESS_RECORD, SSL_R_LENGTH_TOO_SHORT);
-            goto f_err;
-        }
-
-        if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE) {
-            /*
-             * We update the length so that the TLS header bytes can be
-             * constructed correctly but we need to extract the MAC in
-             * constant time from within the record, without leaking the
-             * contents of the padding bytes.
-             */
-            mac = mac_tmp;
-            ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);
-            rr->length -= mac_size;
-        } else {
-            /*
-             * In this case there's no padding, so |orig_len| equals
-             * |rec->length| and we checked that there's enough bytes for
-             * |mac_size| above.
-             */
-            rr->length -= mac_size;
-            mac = &rr->data[rr->length];
-        }
-
-        i = s->method->ssl3_enc->mac(s, md, 0 /* not send */ );
-        if (i < 0 || mac == NULL
-            || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0)
-            enc_err = -1;
-        if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size)
-            enc_err = -1;
-    }
-
-    if (enc_err < 0) {
-        /* decryption failed, silently discard message */
-        rr->length = 0;
-        s->packet_length = 0;
-        goto err;
-    }
-
-    /* r->length is now just compressed */
-    if (s->expand != NULL) {
-        if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH) {
-            al = SSL_AD_RECORD_OVERFLOW;
-            SSLerr(SSL_F_DTLS1_PROCESS_RECORD,
-                   SSL_R_COMPRESSED_LENGTH_TOO_LONG);
-            goto f_err;
-        }
-        if (!ssl3_do_uncompress(s)) {
-            al = SSL_AD_DECOMPRESSION_FAILURE;
-            SSLerr(SSL_F_DTLS1_PROCESS_RECORD, SSL_R_BAD_DECOMPRESSION);
-            goto f_err;
-        }
-    }
-
-    if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH) {
-        al = SSL_AD_RECORD_OVERFLOW;
-        SSLerr(SSL_F_DTLS1_PROCESS_RECORD, SSL_R_DATA_LENGTH_TOO_LONG);
-        goto f_err;
-    }
-
-    rr->off = 0;
-    /*-
-     * So at this point the following is true
-     * ssl->s3->rrec.type   is the type of record
-     * ssl->s3->rrec.length == number of bytes in record
-     * ssl->s3->rrec.off    == offset to first valid byte
-     * ssl->s3->rrec.data   == where to take bytes from, increment
-     *                         after use :-).
-     */
-
-    /* we have pulled in a full packet so zero things */
-    s->packet_length = 0;
-
-    /* Mark receipt of record. */
-    dtls1_record_bitmap_update(s, bitmap);
-
-    return (1);
-
- f_err:
-    ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
-    return (0);
-}
-
-/*-
- * Call this to get a new input record.
- * It will return <= 0 if more data is needed, normally due to an error
- * or non-blocking IO.
- * When it finishes, one packet has been decoded and can be found in
- * ssl->s3->rrec.type    - is the type of record
- * ssl->s3->rrec.data,   - data
- * ssl->s3->rrec.length, - number of bytes
- */
-/* used only by dtls1_read_bytes */
-int dtls1_get_record(SSL *s)
-{
-    int ssl_major, ssl_minor;
-    int i, n;
-    SSL3_RECORD *rr;
-    unsigned char *p = NULL;
-    unsigned short version;
-    DTLS1_BITMAP *bitmap;
-    unsigned int is_next_epoch;
-
-    rr = &(s->s3->rrec);
-
- again:
-    /*
-     * The epoch may have changed.  If so, process all the pending records.
-     * This is a non-blocking operation.
-     */
-    if (!dtls1_process_buffered_records(s))
-        return -1;
-
-    /* if we're renegotiating, then there may be buffered records */
-    if (dtls1_get_processed_record(s))
-        return 1;
-
-    /* get something from the wire */
-    /* check if we have the header */
-    if ((s->rstate != SSL_ST_READ_BODY) ||
-        (s->packet_length < DTLS1_RT_HEADER_LENGTH)) {
-        n = ssl3_read_n(s, DTLS1_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);
-        /* read timeout is handled by dtls1_read_bytes */
-        if (n <= 0)
-            return (n);         /* error or non-blocking */
-
-        /* this packet contained a partial record, dump it */
-        if (s->packet_length != DTLS1_RT_HEADER_LENGTH) {
-            s->packet_length = 0;
-            goto again;
-        }
-
-        s->rstate = SSL_ST_READ_BODY;
-
-        p = s->packet;
-
-        if (s->msg_callback)
-            s->msg_callback(0, 0, SSL3_RT_HEADER, p, DTLS1_RT_HEADER_LENGTH,
-                            s, s->msg_callback_arg);
-
-        /* Pull apart the header into the DTLS1_RECORD */
-        rr->type = *(p++);
-        ssl_major = *(p++);
-        ssl_minor = *(p++);
-        version = (ssl_major << 8) | ssl_minor;
-
-        /* sequence number is 64 bits, with top 2 bytes = epoch */
-        n2s(p, rr->epoch);
-
-        memcpy(&(s->s3->read_sequence[2]), p, 6);
-        p += 6;
-
-        n2s(p, rr->length);
-
-        /* Lets check version */
-        if (!s->first_packet) {
-            if (version != s->version) {
-                /* unexpected version, silently discard */
-                rr->length = 0;
-                s->packet_length = 0;
-                goto again;
-            }
-        }
-
-        if ((version & 0xff00) != (s->version & 0xff00)) {
-            /* wrong version, silently discard record */
-            rr->length = 0;
-            s->packet_length = 0;
-            goto again;
-        }
-
-        if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) {
-            /* record too long, silently discard it */
-            rr->length = 0;
-            s->packet_length = 0;
-            goto again;
-        }
-
-        /* now s->rstate == SSL_ST_READ_BODY */
-    }
-
-    /* s->rstate == SSL_ST_READ_BODY, get and decode the data */
-
-    if (rr->length > s->packet_length - DTLS1_RT_HEADER_LENGTH) {
-        /* now s->packet_length == DTLS1_RT_HEADER_LENGTH */
-        i = rr->length;
-        n = ssl3_read_n(s, i, i, 1);
-        /* this packet contained a partial record, dump it */
-        if (n != i) {
-            rr->length = 0;
-            s->packet_length = 0;
-            goto again;
-        }
-
-        /*
-         * now n == rr->length, and s->packet_length ==
-         * DTLS1_RT_HEADER_LENGTH + rr->length
-         */
-    }
-    s->rstate = SSL_ST_READ_HEADER; /* set state for later operations */
-
-    /* match epochs.  NULL means the packet is dropped on the floor */
-    bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch);
-    if (bitmap == NULL) {
-        rr->length = 0;
-        s->packet_length = 0;   /* dump this record */
-        goto again;             /* get another record */
-    }
-#ifndef OPENSSL_NO_SCTP
-    /* Only do replay check if no SCTP bio */
-    if (!BIO_dgram_is_sctp(SSL_get_rbio(s))) {
-#endif
-        /*
-         * Check whether this is a repeat, or aged record. Don't check if
-         * we're listening and this message is a ClientHello. They can look
-         * as if they're replayed, since they arrive from different
-         * connections and would be dropped unnecessarily.
-         */
-        if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
-              s->packet_length > DTLS1_RT_HEADER_LENGTH &&
-              s->packet[DTLS1_RT_HEADER_LENGTH] == SSL3_MT_CLIENT_HELLO) &&
-            !dtls1_record_replay_check(s, bitmap)) {
-            rr->length = 0;
-            s->packet_length = 0; /* dump this record */
-            goto again;         /* get another record */
-        }
-#ifndef OPENSSL_NO_SCTP
-    }
-#endif
-
-    /* just read a 0 length packet */
-    if (rr->length == 0)
-        goto again;
-
-    /*
-     * If this record is from the next epoch (either HM or ALERT), and a
-     * handshake is currently in progress, buffer it since it cannot be
-     * processed at this time. However, do not buffer anything while
-     * listening.
-     */
-    if (is_next_epoch) {
-        if ((SSL_in_init(s) || s->in_handshake) && !s->d1->listen) {
-            if (dtls1_buffer_record
-                (s, &(s->d1->unprocessed_rcds), rr->seq_num) < 0)
-                return -1;
-        }
-        rr->length = 0;
-        s->packet_length = 0;
-        goto again;
-    }
-
-    if (!dtls1_process_record(s, bitmap)) {
-        rr->length = 0;
-        s->packet_length = 0;   /* dump this record */
-        goto again;             /* get another record */
-    }
-
-    return (1);
-
-}
-
-/*-
- * Return up to 'len' payload bytes received in 'type' records.
- * 'type' is one of the following:
- *
- *   -  SSL3_RT_HANDSHAKE (when ssl3_get_message calls us)
- *   -  SSL3_RT_APPLICATION_DATA (when ssl3_read calls us)
- *   -  0 (during a shutdown, no data has to be returned)
- *
- * If we don't have stored data to work from, read a SSL/TLS record first
- * (possibly multiple records if we still don't have anything to return).
- *
- * This function must handle any surprises the peer may have for us, such as
- * Alert records (e.g. close_notify), ChangeCipherSpec records (not really
- * a surprise, but handled as if it were), or renegotiation requests.
- * Also if record payloads contain fragments too small to process, we store
- * them until there is enough for the respective protocol (the record protocol
- * may use arbitrary fragmentation and even interleaving):
- *     Change cipher spec protocol
- *             just 1 byte needed, no need for keeping anything stored
- *     Alert protocol
- *             2 bytes needed (AlertLevel, AlertDescription)
- *     Handshake protocol
- *             4 bytes needed (HandshakeType, uint24 length) -- we just have
- *             to detect unexpected Client Hello and Hello Request messages
- *             here, anything else is handled by higher layers
- *     Application data protocol
- *             none of our business
- */
-int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
-{
-    int al, i, j, ret;
-    unsigned int n;
-    SSL3_RECORD *rr;
-    void (*cb) (const SSL *ssl, int type2, int val) = NULL;
-
-    if (s->s3->rbuf.buf == NULL) /* Not initialized yet */
-        if (!ssl3_setup_buffers(s))
-            return (-1);
-
-    /* XXX: check what the second '&& type' is about */
-    if ((type && (type != SSL3_RT_APPLICATION_DATA) &&
-         (type != SSL3_RT_HANDSHAKE) && type) ||
-        (peek && (type != SSL3_RT_APPLICATION_DATA))) {
-        SSLerr(SSL_F_DTLS1_READ_BYTES, ERR_R_INTERNAL_ERROR);
-        return -1;
-    }
-
-    /*
-     * check whether there's a handshake message (client hello?) waiting
-     */
-    if ((ret = have_handshake_fragment(s, type, buf, len, peek)))
-        return ret;
-
-    /*
-     * Now s->d1->handshake_fragment_len == 0 if type == SSL3_RT_HANDSHAKE.
-     */
-
-#ifndef OPENSSL_NO_SCTP
-    /*
-     * Continue handshake if it had to be interrupted to read app data with
-     * SCTP.
-     */
-    if ((!s->in_handshake && SSL_in_init(s)) ||
-        (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
-         (s->state == DTLS1_SCTP_ST_SR_READ_SOCK
-          || s->state == DTLS1_SCTP_ST_CR_READ_SOCK)
-         && s->s3->in_read_app_data != 2))
-#else
-    if (!s->in_handshake && SSL_in_init(s))
-#endif
-    {
-        /* type == SSL3_RT_APPLICATION_DATA */
-        i = s->handshake_func(s);
-        if (i < 0)
-            return (i);
-        if (i == 0) {
-            SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);
-            return (-1);
-        }
-    }
-
- start:
-    s->rwstate = SSL_NOTHING;
-
-    /*-
-     * s->s3->rrec.type         - is the type of record
-     * s->s3->rrec.data,    - data
-     * s->s3->rrec.off,     - offset into 'data' for next read
-     * s->s3->rrec.length,  - number of bytes.
-     */
-    rr = &(s->s3->rrec);
-
-    /*
-     * We are not handshaking and have no data yet, so process data buffered
-     * during the last handshake in advance, if any.
-     */
-    if (s->state == SSL_ST_OK && rr->length == 0) {
-        pitem *item;
-        item = pqueue_pop(s->d1->buffered_app_data.q);
-        if (item) {
-#ifndef OPENSSL_NO_SCTP
-            /* Restore bio_dgram_sctp_rcvinfo struct */
-            if (BIO_dgram_is_sctp(SSL_get_rbio(s))) {
-                DTLS1_RECORD_DATA *rdata = (DTLS1_RECORD_DATA *)item->data;
-                BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SCTP_SET_RCVINFO,
-                         sizeof(rdata->recordinfo), &rdata->recordinfo);
-            }
-#endif
-
-            dtls1_copy_record(s, item);
-
-            OPENSSL_free(item->data);
-            pitem_free(item);
-        }
-    }
-
-    /* Check for timeout */
-    if (dtls1_handle_timeout(s) > 0)
-        goto start;
-
-    /* get new packet if necessary */
-    if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY)) {
-        ret = dtls1_get_record(s);
-        if (ret <= 0) {
-            ret = dtls1_read_failed(s, ret);
-            /* anything other than a timeout is an error */
-            if (ret <= 0)
-                return (ret);
-            else
-                goto start;
-        }
-    }
-
-    if (s->d1->listen && rr->type != SSL3_RT_HANDSHAKE) {
-        rr->length = 0;
-        goto start;
-    }
-
-    /*
-     * Reset the count of consecutive warning alerts if we've got a non-empty
-     * record that isn't an alert.
-     */
-    if (rr->type != SSL3_RT_ALERT && rr->length != 0)
-        s->cert->alert_count = 0;
-
-    /* we now have a packet which can be read and processed */
-
-    if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
-                                   * reset by ssl3_get_finished */
-        && (rr->type != SSL3_RT_HANDSHAKE)) {
-        /*
-         * We now have application data between CCS and Finished. Most likely
-         * the packets were reordered on their way, so buffer the application
-         * data for later processing rather than dropping the connection.
-         */
-        if (dtls1_buffer_record(s, &(s->d1->buffered_app_data), rr->seq_num) <
-            0) {
-            SSLerr(SSL_F_DTLS1_READ_BYTES, ERR_R_INTERNAL_ERROR);
-            return -1;
-        }
-        rr->length = 0;
-        goto start;
-    }
-
-    /*
-     * If the other end has shut down, throw anything we read away (even in
-     * 'peek' mode)
-     */
-    if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
-        rr->length = 0;
-        s->rwstate = SSL_NOTHING;
-        return (0);
-    }
-
-    if (type == rr->type) {     /* SSL3_RT_APPLICATION_DATA or
-                                 * SSL3_RT_HANDSHAKE */
-        /*
-         * make sure that we are not getting application data when we are
-         * doing a handshake for the first time
-         */
-        if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&
-            (s->enc_read_ctx == NULL)) {
-            al = SSL_AD_UNEXPECTED_MESSAGE;
-            SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_APP_DATA_IN_HANDSHAKE);
-            goto f_err;
-        }
-
-        if (len <= 0)
-            return (len);
-
-        if ((unsigned int)len > rr->length)
-            n = rr->length;
-        else
-            n = (unsigned int)len;
-
-        memcpy(buf, &(rr->data[rr->off]), n);
-        if (!peek) {
-            rr->length -= n;
-            rr->off += n;
-            if (rr->length == 0) {
-                s->rstate = SSL_ST_READ_HEADER;
-                rr->off = 0;
-            }
-        }
-#ifndef OPENSSL_NO_SCTP
-        /*
-         * We were about to renegotiate but had to read belated application
-         * data first, so retry.
-         */
-        if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
-            rr->type == SSL3_RT_APPLICATION_DATA &&
-            (s->state == DTLS1_SCTP_ST_SR_READ_SOCK
-             || s->state == DTLS1_SCTP_ST_CR_READ_SOCK)) {
-            s->rwstate = SSL_READING;
-            BIO_clear_retry_flags(SSL_get_rbio(s));
-            BIO_set_retry_read(SSL_get_rbio(s));
-        }
-
-        /*
-         * We might had to delay a close_notify alert because of reordered
-         * app data. If there was an alert and there is no message to read
-         * anymore, finally set shutdown.
-         */
-        if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
-            s->d1->shutdown_received
-            && !BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) {
-            s->shutdown |= SSL_RECEIVED_SHUTDOWN;
-            return (0);
-        }
-#endif
-        return (n);
-    }
-
-    /*
-     * If we get here, then type != rr->type; if we have a handshake message,
-     * then it was unexpected (Hello Request or Client Hello).
-     */
-
-    /*
-     * In case of record types for which we have 'fragment' storage, fill
-     * that so that we can process the data at a fixed place.
-     */
-    {
-        unsigned int k, dest_maxlen = 0;
-        unsigned char *dest = NULL;
-        unsigned int *dest_len = NULL;
-
-        if (rr->type == SSL3_RT_HANDSHAKE) {
-            dest_maxlen = sizeof s->d1->handshake_fragment;
-            dest = s->d1->handshake_fragment;
-            dest_len = &s->d1->handshake_fragment_len;
-        } else if (rr->type == SSL3_RT_ALERT) {
-            dest_maxlen = sizeof(s->d1->alert_fragment);
-            dest = s->d1->alert_fragment;
-            dest_len = &s->d1->alert_fragment_len;
-        }
-#ifndef OPENSSL_NO_HEARTBEATS
-        else if (rr->type == TLS1_RT_HEARTBEAT) {
-            dtls1_process_heartbeat(s);
-
-            /* Exit and notify application to read again */
-            rr->length = 0;
-            s->rwstate = SSL_READING;
-            BIO_clear_retry_flags(SSL_get_rbio(s));
-            BIO_set_retry_read(SSL_get_rbio(s));
-            return (-1);
-        }
-#endif
-        /* else it's a CCS message, or application data or wrong */
-        else if (rr->type != SSL3_RT_CHANGE_CIPHER_SPEC) {
-            /*
-             * Application data while renegotiating is allowed. Try again
-             * reading.
-             */
-            if (rr->type == SSL3_RT_APPLICATION_DATA) {
-                BIO *bio;
-                s->s3->in_read_app_data = 2;
-                bio = SSL_get_rbio(s);
-                s->rwstate = SSL_READING;
-                BIO_clear_retry_flags(bio);
-                BIO_set_retry_read(bio);
-                return (-1);
-            }
-
-            /* Not certain if this is the right error handling */
-            al = SSL_AD_UNEXPECTED_MESSAGE;
-            SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
-            goto f_err;
-        }
-
-        if (dest_maxlen > 0) {
-            /*
-             * XDTLS: In a pathalogical case, the Client Hello may be
-             * fragmented--don't always expect dest_maxlen bytes
-             */
-            if (rr->length < dest_maxlen) {
-#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
-                /*
-                 * for normal alerts rr->length is 2, while
-                 * dest_maxlen is 7 if we were to handle this
-                 * non-existing alert...
-                 */
-                FIX ME
-#endif
-                 s->rstate = SSL_ST_READ_HEADER;
-                rr->length = 0;
-                goto start;
-            }
-
-            /* now move 'n' bytes: */
-            for (k = 0; k < dest_maxlen; k++) {
-                dest[k] = rr->data[rr->off++];
-                rr->length--;
-            }
-            *dest_len = dest_maxlen;
-        }
-    }
-
-    /*-
-     * s->d1->handshake_fragment_len == 12  iff  rr->type == SSL3_RT_HANDSHAKE;
-     * s->d1->alert_fragment_len == 7      iff  rr->type == SSL3_RT_ALERT.
-     * (Possibly rr is 'empty' now, i.e. rr->length may be 0.)
-     */
-
-    /* If we are a client, check for an incoming 'Hello Request': */
-    if ((!s->server) &&
-        (s->d1->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) &&
-        (s->d1->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) &&
-        (s->session != NULL) && (s->session->cipher != NULL)) {
-        s->d1->handshake_fragment_len = 0;
-
-        if ((s->d1->handshake_fragment[1] != 0) ||
-            (s->d1->handshake_fragment[2] != 0) ||
-            (s->d1->handshake_fragment[3] != 0)) {
-            al = SSL_AD_DECODE_ERROR;
-            SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_BAD_HELLO_REQUEST);
-            goto f_err;
-        }
-
-        /*
-         * no need to check sequence number on HELLO REQUEST messages
-         */
-
-        if (s->msg_callback)
-            s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
-                            s->d1->handshake_fragment, 4, s,
-                            s->msg_callback_arg);
-
-        if (SSL_is_init_finished(s) &&
-            !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
-            !s->s3->renegotiate) {
-            s->d1->handshake_read_seq++;
-            s->new_session = 1;
-            ssl3_renegotiate(s);
-            if (ssl3_renegotiate_check(s)) {
-                i = s->handshake_func(s);
-                if (i < 0)
-                    return (i);
-                if (i == 0) {
-                    SSLerr(SSL_F_DTLS1_READ_BYTES,
-                           SSL_R_SSL_HANDSHAKE_FAILURE);
-                    return (-1);
-                }
-
-                if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
-                    if (s->s3->rbuf.left == 0) { /* no read-ahead left? */
-                        BIO *bio;
-                        /*
-                         * In the case where we try to read application data,
-                         * but we trigger an SSL handshake, we return -1 with
-                         * the retry option set.  Otherwise renegotiation may
-                         * cause nasty problems in the blocking world
-                         */
-                        s->rwstate = SSL_READING;
-                        bio = SSL_get_rbio(s);
-                        BIO_clear_retry_flags(bio);
-                        BIO_set_retry_read(bio);
-                        return (-1);
-                    }
-                }
-            }
-        }
-        /*
-         * we either finished a handshake or ignored the request, now try
-         * again to obtain the (application) data we were asked for
-         */
-        goto start;
-    }
-
-    if (s->d1->alert_fragment_len >= DTLS1_AL_HEADER_LENGTH) {
-        int alert_level = s->d1->alert_fragment[0];
-        int alert_descr = s->d1->alert_fragment[1];
-
-        s->d1->alert_fragment_len = 0;
-
-        if (s->msg_callback)
-            s->msg_callback(0, s->version, SSL3_RT_ALERT,
-                            s->d1->alert_fragment, 2, s, s->msg_callback_arg);
-
-        if (s->info_callback != NULL)
-            cb = s->info_callback;
-        else if (s->ctx->info_callback != NULL)
-            cb = s->ctx->info_callback;
-
-        if (cb != NULL) {
-            j = (alert_level << 8) | alert_descr;
-            cb(s, SSL_CB_READ_ALERT, j);
-        }
-
-        if (alert_level == SSL3_AL_WARNING) {
-            s->s3->warn_alert = alert_descr;
-
-            s->cert->alert_count++;
-            if (s->cert->alert_count == MAX_WARN_ALERT_COUNT) {
-                al = SSL_AD_UNEXPECTED_MESSAGE;
-                SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
-                goto f_err;
-            }
-
-            if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
-#ifndef OPENSSL_NO_SCTP
-                /*
-                 * With SCTP and streams the socket may deliver app data
-                 * after a close_notify alert. We have to check this first so
-                 * that nothing gets discarded.
-                 */
-                if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
-                    BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) {
-                    s->d1->shutdown_received = 1;
-                    s->rwstate = SSL_READING;
-                    BIO_clear_retry_flags(SSL_get_rbio(s));
-                    BIO_set_retry_read(SSL_get_rbio(s));
-                    return -1;
-                }
-#endif
-                s->shutdown |= SSL_RECEIVED_SHUTDOWN;
-                return (0);
-            }
-#if 0
-            /* XXX: this is a possible improvement in the future */
-            /* now check if it's a missing record */
-            if (alert_descr == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE) {
-                unsigned short seq;
-                unsigned int frag_off;
-                unsigned char *p = &(s->d1->alert_fragment[2]);
-
-                n2s(p, seq);
-                n2l3(p, frag_off);
-
-                dtls1_retransmit_message(s,
-                                         dtls1_get_queue_priority
-                                         (frag->msg_header.seq, 0), frag_off,
-                                         &found);
-                if (!found && SSL_in_init(s)) {
-                    /*
-                     * fprintf( stderr,"in init = %d\n", SSL_in_init(s));
-                     */
-                    /*
-                     * requested a message not yet sent, send an alert
-                     * ourselves
-                     */
-                    ssl3_send_alert(s, SSL3_AL_WARNING,
-                                    DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
-                }
-            }
-#endif
-        } else if (alert_level == SSL3_AL_FATAL) {
-            char tmp[16];
-
-            s->rwstate = SSL_NOTHING;
-            s->s3->fatal_alert = alert_descr;
-            SSLerr(SSL_F_DTLS1_READ_BYTES,
-                   SSL_AD_REASON_OFFSET + alert_descr);
-            BIO_snprintf(tmp, sizeof tmp, "%d", alert_descr);
-            ERR_add_error_data(2, "SSL alert number ", tmp);
-            s->shutdown |= SSL_RECEIVED_SHUTDOWN;
-            SSL_CTX_remove_session(s->session_ctx, s->session);
-            return (0);
-        } else {
-            al = SSL_AD_ILLEGAL_PARAMETER;
-            SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNKNOWN_ALERT_TYPE);
-            goto f_err;
-        }
-
-        goto start;
-    }
-
-    if (s->shutdown & SSL_SENT_SHUTDOWN) { /* but we have not received a
-                                            * shutdown */
-        s->rwstate = SSL_NOTHING;
-        rr->length = 0;
-        return (0);
-    }
-
-    if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) {
-        struct ccs_header_st ccs_hdr;
-        unsigned int ccs_hdr_len = DTLS1_CCS_HEADER_LENGTH;
-
-        dtls1_get_ccs_header(rr->data, &ccs_hdr);
-
-        if (s->version == DTLS1_BAD_VER)
-            ccs_hdr_len = 3;
-
-        /*
-         * 'Change Cipher Spec' is just a single byte, so we know exactly
-         * what the record payload has to look like
-         */
-        /* XDTLS: check that epoch is consistent */
-        if ((rr->length != ccs_hdr_len) ||
-            (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS)) {
-            al = SSL_AD_ILLEGAL_PARAMETER;
-            SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_BAD_CHANGE_CIPHER_SPEC);
-            goto f_err;
-        }
-
-        rr->length = 0;
-
-        if (s->msg_callback)
-            s->msg_callback(0, s->version, SSL3_RT_CHANGE_CIPHER_SPEC,
-                            rr->data, 1, s, s->msg_callback_arg);
-
-        /*
-         * We can't process a CCS now, because previous handshake messages
-         * are still missing, so just drop it.
-         */
-        if (!s->d1->change_cipher_spec_ok) {
-            goto start;
-        }
-
-        s->d1->change_cipher_spec_ok = 0;
-
-        s->s3->change_cipher_spec = 1;
-        if (!ssl3_do_change_cipher_spec(s))
-            goto err;
-
-        /* do this whenever CCS is processed */
-        dtls1_reset_seq_numbers(s, SSL3_CC_READ);
-
-        if (s->version == DTLS1_BAD_VER)
-            s->d1->handshake_read_seq++;
-
-#ifndef OPENSSL_NO_SCTP
-        /*
-         * Remember that a CCS has been received, so that an old key of
-         * SCTP-Auth can be deleted when a CCS is sent. Will be ignored if no
-         * SCTP is used
-         */
-        BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD, 1, NULL);
-#endif
-
-        goto start;
-    }
-
-    /*
-     * Unexpected handshake message (Client Hello, or protocol violation)
-     */
-    if ((s->d1->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) &&
-        !s->in_handshake) {
-        struct hm_header_st msg_hdr;
-
-        /* this may just be a stale retransmit */
-        dtls1_get_message_header(rr->data, &msg_hdr);
-        if (rr->epoch != s->d1->r_epoch) {
-            rr->length = 0;
-            goto start;
-        }
-
-        /*
-         * If we are server, we may have a repeated FINISHED of the client
-         * here, then retransmit our CCS and FINISHED.
-         */
-        if (msg_hdr.type == SSL3_MT_FINISHED) {
-            if (dtls1_check_timeout_num(s) < 0)
-                return -1;
-
-            dtls1_retransmit_buffered_messages(s);
-            rr->length = 0;
-            goto start;
-        }
-
-        if (((s->state & SSL_ST_MASK) == SSL_ST_OK) &&
-            !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) {
-#if 0                           /* worked only because C operator preferences
-                                 * are not as expected (and because this is
-                                 * not really needed for clients except for
-                                 * detecting protocol violations): */
-            s->state = SSL_ST_BEFORE | (s->server)
-                ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
-#else
-            s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
-#endif
-            s->renegotiate = 1;
-            s->new_session = 1;
-        }
-        i = s->handshake_func(s);
-        if (i < 0)
-            return (i);
-        if (i == 0) {
-            SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);
-            return (-1);
-        }
-
-        if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
-            if (s->s3->rbuf.left == 0) { /* no read-ahead left? */
-                BIO *bio;
-                /*
-                 * In the case where we try to read application data, but we
-                 * trigger an SSL handshake, we return -1 with the retry
-                 * option set.  Otherwise renegotiation may cause nasty
-                 * problems in the blocking world
-                 */
-                s->rwstate = SSL_READING;
-                bio = SSL_get_rbio(s);
-                BIO_clear_retry_flags(bio);
-                BIO_set_retry_read(bio);
-                return (-1);
-            }
-        }
-        goto start;
-    }
-
-    switch (rr->type) {
-    default:
-#ifndef OPENSSL_NO_TLS
-        /* TLS just ignores unknown message types */
-        if (s->version == TLS1_VERSION) {
-            rr->length = 0;
-            goto start;
-        }
-#endif
-        al = SSL_AD_UNEXPECTED_MESSAGE;
-        SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
-        goto f_err;
-    case SSL3_RT_CHANGE_CIPHER_SPEC:
-    case SSL3_RT_ALERT:
-    case SSL3_RT_HANDSHAKE:
-        /*
-         * we already handled all of these, with the possible exception of
-         * SSL3_RT_HANDSHAKE when s->in_handshake is set, but that should not
-         * happen when type != rr->type
-         */
-        al = SSL_AD_UNEXPECTED_MESSAGE;
-        SSLerr(SSL_F_DTLS1_READ_BYTES, ERR_R_INTERNAL_ERROR);
-        goto f_err;
-    case SSL3_RT_APPLICATION_DATA:
-        /*
-         * At this point, we were expecting handshake data, but have
-         * application data.  If the library was running inside ssl3_read()
-         * (i.e. in_read_app_data is set) and it makes sense to read
-         * application data at this point (session renegotiation not yet
-         * started), we will indulge it.
-         */
-        if (s->s3->in_read_app_data &&
-            (s->s3->total_renegotiations != 0) &&
-            (((s->state & SSL_ST_CONNECT) &&
-              (s->state >= SSL3_ST_CW_CLNT_HELLO_A) &&
-              (s->state <= SSL3_ST_CR_SRVR_HELLO_A)
-             ) || ((s->state & SSL_ST_ACCEPT) &&
-                   (s->state <= SSL3_ST_SW_HELLO_REQ_A) &&
-                   (s->state >= SSL3_ST_SR_CLNT_HELLO_A)
-             )
-            )) {
-            s->s3->in_read_app_data = 2;
-            return (-1);
-        } else {
-            al = SSL_AD_UNEXPECTED_MESSAGE;
-            SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
-            goto f_err;
-        }
-    }
-    /* not reached */
-
- f_err:
-    ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
-    return (-1);
-}
-
-int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf_, int len)
-{
-    int i;
-
-#ifndef OPENSSL_NO_SCTP
-    /*
-     * Check if we have to continue an interrupted handshake for reading
-     * belated app data with SCTP.
-     */
-    if ((SSL_in_init(s) && !s->in_handshake) ||
-        (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
-         (s->state == DTLS1_SCTP_ST_SR_READ_SOCK
-          || s->state == DTLS1_SCTP_ST_CR_READ_SOCK)))
-#else
-    if (SSL_in_init(s) && !s->in_handshake)
-#endif
-    {
-        i = s->handshake_func(s);
-        if (i < 0)
-            return (i);
-        if (i == 0) {
-            SSLerr(SSL_F_DTLS1_WRITE_APP_DATA_BYTES,
-                   SSL_R_SSL_HANDSHAKE_FAILURE);
-            return -1;
-        }
-    }
-
-    if (len > SSL3_RT_MAX_PLAIN_LENGTH) {
-        SSLerr(SSL_F_DTLS1_WRITE_APP_DATA_BYTES, SSL_R_DTLS_MESSAGE_TOO_BIG);
-        return -1;
-    }
-
-    i = dtls1_write_bytes(s, type, buf_, len);
-    return i;
-}
-
-        /*
-         * this only happens when a client hello is received and a handshake
-         * is started.
-         */
-static int
-have_handshake_fragment(SSL *s, int type, unsigned char *buf,
-                        int len, int peek)
-{
-
-    if ((type == SSL3_RT_HANDSHAKE) && (s->d1->handshake_fragment_len > 0))
-        /* (partially) satisfy request from storage */
-    {
-        unsigned char *src = s->d1->handshake_fragment;
-        unsigned char *dst = buf;
-        unsigned int k, n;
-
-        /* peek == 0 */
-        n = 0;
-        while ((len > 0) && (s->d1->handshake_fragment_len > 0)) {
-            *dst++ = *src++;
-            len--;
-            s->d1->handshake_fragment_len--;
-            n++;
-        }
-        /* move any remaining fragment bytes: */
-        for (k = 0; k < s->d1->handshake_fragment_len; k++)
-            s->d1->handshake_fragment[k] = *src++;
-        return n;
-    }
-
-    return 0;
-}
-
-/*
- * Call this to write data in records of type 'type' It will return <= 0 if
- * not all data has been sent or non-blocking IO.
- */
-int dtls1_write_bytes(SSL *s, int type, const void *buf, int len)
-{
-    int i;
-
-    OPENSSL_assert(len <= SSL3_RT_MAX_PLAIN_LENGTH);
-    s->rwstate = SSL_NOTHING;
-    i = do_dtls1_write(s, type, buf, len, 0);
-    return i;
-}
-
-int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
-                   unsigned int len, int create_empty_fragment)
-{
-    unsigned char *p, *pseq;
-    int i, mac_size, clear = 0;
-    int prefix_len = 0;
-    int eivlen;
-    SSL3_RECORD *wr;
-    SSL3_BUFFER *wb;
-    SSL_SESSION *sess;
-
-    /*
-     * first check if there is a SSL3_BUFFER still being written out.  This
-     * will happen with non blocking IO
-     */
-    if (s->s3->wbuf.left != 0) {
-        OPENSSL_assert(0);      /* XDTLS: want to see if we ever get here */
-        return (ssl3_write_pending(s, type, buf, len));
-    }
-
-    /* If we have an alert to send, lets send it */
-    if (s->s3->alert_dispatch) {
-        i = s->method->ssl_dispatch_alert(s);
-        if (i <= 0)
-            return (i);
-        /* if it went, fall through and send more stuff */
-    }
-
-    if (len == 0 && !create_empty_fragment)
-        return 0;
-
-    wr = &(s->s3->wrec);
-    wb = &(s->s3->wbuf);
-    sess = s->session;
-
-    if ((sess == NULL) ||
-        (s->enc_write_ctx == NULL) || (EVP_MD_CTX_md(s->write_hash) == NULL))
-        clear = 1;
-
-    if (clear)
-        mac_size = 0;
-    else {
-        mac_size = EVP_MD_CTX_size(s->write_hash);
-        if (mac_size < 0)
-            goto err;
-    }
-
-    /* DTLS implements explicit IV, so no need for empty fragments */
-#if 0
-    /*
-     * 'create_empty_fragment' is true only when this function calls itself
-     */
-    if (!clear && !create_empty_fragment && !s->s3->empty_fragment_done
-        && SSL_version(s) != DTLS1_VERSION && SSL_version(s) != DTLS1_BAD_VER)
-    {
-        /*
-         * countermeasure against known-IV weakness in CBC ciphersuites (see
-         * http://www.openssl.org/~bodo/tls-cbc.txt)
-         */
-
-        if (s->s3->need_empty_fragments && type == SSL3_RT_APPLICATION_DATA) {
-            /*
-             * recursive function call with 'create_empty_fragment' set; this
-             * prepares and buffers the data for an empty fragment (these
-             * 'prefix_len' bytes are sent out later together with the actual
-             * payload)
-             */
-            prefix_len = s->method->do_ssl_write(s, type, buf, 0, 1);
-            if (prefix_len <= 0)
-                goto err;
-
-            if (s->s3->wbuf.len <
-                (size_t)prefix_len + SSL3_RT_MAX_PACKET_SIZE) {
-                /* insufficient space */
-                SSLerr(SSL_F_DO_DTLS1_WRITE, ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-        }
-
-        s->s3->empty_fragment_done = 1;
-    }
-#endif
-    p = wb->buf + prefix_len;
-
-    /* write the header */
-
-    *(p++) = type & 0xff;
-    wr->type = type;
-    /*
-     * Special case: for hello verify request, client version 1.0 and we
-     * haven't decided which version to use yet send back using version 1.0
-     * header: otherwise some clients will ignore it.
-     */
-    if (s->method->version == DTLS_ANY_VERSION) {
-        *(p++) = DTLS1_VERSION >> 8;
-        *(p++) = DTLS1_VERSION & 0xff;
-    } else {
-        *(p++) = s->version >> 8;
-        *(p++) = s->version & 0xff;
-    }
-
-    /* field where we are to write out packet epoch, seq num and len */
-    pseq = p;
-    p += 10;
-
-    /* Explicit IV length, block ciphers appropriate version flag */
-    if (s->enc_write_ctx) {
-        int mode = EVP_CIPHER_CTX_mode(s->enc_write_ctx);
-        if (mode == EVP_CIPH_CBC_MODE) {
-            eivlen = EVP_CIPHER_CTX_iv_length(s->enc_write_ctx);
-            if (eivlen <= 1)
-                eivlen = 0;
-        }
-        /* Need explicit part of IV for GCM mode */
-        else if (mode == EVP_CIPH_GCM_MODE)
-            eivlen = EVP_GCM_TLS_EXPLICIT_IV_LEN;
-        else
-            eivlen = 0;
-    } else
-        eivlen = 0;
-
-    /* lets setup the record stuff. */
-    wr->data = p + eivlen;      /* make room for IV in case of CBC */
-    wr->length = (int)len;
-    wr->input = (unsigned char *)buf;
-
-    /*
-     * we now 'read' from wr->input, wr->length bytes into wr->data
-     */
-
-    /* first we compress */
-    if (s->compress != NULL) {
-        if (!ssl3_do_compress(s)) {
-            SSLerr(SSL_F_DO_DTLS1_WRITE, SSL_R_COMPRESSION_FAILURE);
-            goto err;
-        }
-    } else {
-        memcpy(wr->data, wr->input, wr->length);
-        wr->input = wr->data;
-    }
-
-    /*
-     * we should still have the output to wr->data and the input from
-     * wr->input.  Length should be wr->length. wr->data still points in the
-     * wb->buf
-     */
-
-    if (mac_size != 0) {
-        if (s->method->ssl3_enc->mac(s, &(p[wr->length + eivlen]), 1) < 0)
-            goto err;
-        wr->length += mac_size;
-    }
-
-    /* this is true regardless of mac size */
-    wr->input = p;
-    wr->data = p;
-
-    if (eivlen)
-        wr->length += eivlen;
-
-    if (s->method->ssl3_enc->enc(s, 1) < 1)
-        goto err;
-
-    /* record length after mac and block padding */
-    /*
-     * if (type == SSL3_RT_APPLICATION_DATA || (type == SSL3_RT_ALERT && !
-     * SSL_in_init(s)))
-     */
-
-    /* there's only one epoch between handshake and app data */
-
-    s2n(s->d1->w_epoch, pseq);
-
-    /* XDTLS: ?? */
-    /*
-     * else s2n(s->d1->handshake_epoch, pseq);
-     */
-
-    memcpy(pseq, &(s->s3->write_sequence[2]), 6);
-    pseq += 6;
-    s2n(wr->length, pseq);
-
-    if (s->msg_callback)
-        s->msg_callback(1, 0, SSL3_RT_HEADER, pseq - DTLS1_RT_HEADER_LENGTH,
-                        DTLS1_RT_HEADER_LENGTH, s, s->msg_callback_arg);
-
-    /*
-     * we should now have wr->data pointing to the encrypted data, which is
-     * wr->length long
-     */
-    wr->type = type;            /* not needed but helps for debugging */
-    wr->length += DTLS1_RT_HEADER_LENGTH;
-
-#if 0                           /* this is now done at the message layer */
-    /* buffer the record, making it easy to handle retransmits */
-    if (type == SSL3_RT_HANDSHAKE || type == SSL3_RT_CHANGE_CIPHER_SPEC)
-        dtls1_buffer_record(s, wr->data, wr->length,
-                            *((PQ_64BIT *) & (s->s3->write_sequence[0])));
-#endif
-
-    ssl3_record_sequence_update(&(s->s3->write_sequence[0]));
-
-    if (create_empty_fragment) {
-        /*
-         * we are in a recursive call; just return the length, don't write
-         * out anything here
-         */
-        return wr->length;
-    }
-
-    /* now let's set up wb */
-    wb->left = prefix_len + wr->length;
-    wb->offset = 0;
-
-    /*
-     * memorize arguments so that ssl3_write_pending can detect bad write
-     * retries later
-     */
-    s->s3->wpend_tot = len;
-    s->s3->wpend_buf = buf;
-    s->s3->wpend_type = type;
-    s->s3->wpend_ret = len;
-
-    /* we now just need to write the buffer */
-    return ssl3_write_pending(s, type, buf, len);
- err:
-    return -1;
-}
-
-static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap)
-{
-    int cmp;
-    unsigned int shift;
-    const unsigned char *seq = s->s3->read_sequence;
-
-    cmp = satsub64be(seq, bitmap->max_seq_num);
-    if (cmp > 0) {
-        memcpy(s->s3->rrec.seq_num, seq, 8);
-        return 1;               /* this record in new */
-    }
-    shift = -cmp;
-    if (shift >= sizeof(bitmap->map) * 8)
-        return 0;               /* stale, outside the window */
-    else if (bitmap->map & (1UL << shift))
-        return 0;               /* record previously received */
-
-    memcpy(s->s3->rrec.seq_num, seq, 8);
-    return 1;
-}
-
-static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap)
-{
-    int cmp;
-    unsigned int shift;
-    const unsigned char *seq = s->s3->read_sequence;
-
-    cmp = satsub64be(seq, bitmap->max_seq_num);
-    if (cmp > 0) {
-        shift = cmp;
-        if (shift < sizeof(bitmap->map) * 8)
-            bitmap->map <<= shift, bitmap->map |= 1UL;
-        else
-            bitmap->map = 1UL;
-        memcpy(bitmap->max_seq_num, seq, 8);
-    } else {
-        shift = -cmp;
-        if (shift < sizeof(bitmap->map) * 8)
-            bitmap->map |= 1UL << shift;
-    }
-}
-
-int dtls1_dispatch_alert(SSL *s)
-{
-    int i, j;
-    void (*cb) (const SSL *ssl, int type, int val) = NULL;
-    unsigned char buf[DTLS1_AL_HEADER_LENGTH];
-    unsigned char *ptr = &buf[0];
-
-    s->s3->alert_dispatch = 0;
-
-    memset(buf, 0x00, sizeof(buf));
-    *ptr++ = s->s3->send_alert[0];
-    *ptr++ = s->s3->send_alert[1];
-
-#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
-    if (s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE) {
-        s2n(s->d1->handshake_read_seq, ptr);
-# if 0
-        if (s->d1->r_msg_hdr.frag_off == 0)
-            /*
-             * waiting for a new msg
-             */
-            else
-            s2n(s->d1->r_msg_hdr.seq, ptr); /* partial msg read */
-# endif
-
-# if 0
-        fprintf(stderr,
-                "s->d1->handshake_read_seq = %d, s->d1->r_msg_hdr.seq = %d\n",
-                s->d1->handshake_read_seq, s->d1->r_msg_hdr.seq);
-# endif
-        l2n3(s->d1->r_msg_hdr.frag_off, ptr);
-    }
-#endif
-
-    i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf), 0);
-    if (i <= 0) {
-        s->s3->alert_dispatch = 1;
-        /* fprintf( stderr, "not done with alert\n" ); */
-    } else {
-        if (s->s3->send_alert[0] == SSL3_AL_FATAL
-#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
-            || s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
-#endif
-            )
-            (void)BIO_flush(s->wbio);
-
-        if (s->msg_callback)
-            s->msg_callback(1, s->version, SSL3_RT_ALERT, s->s3->send_alert,
-                            2, s, s->msg_callback_arg);
-
-        if (s->info_callback != NULL)
-            cb = s->info_callback;
-        else if (s->ctx->info_callback != NULL)
-            cb = s->ctx->info_callback;
-
-        if (cb != NULL) {
-            j = (s->s3->send_alert[0] << 8) | s->s3->send_alert[1];
-            cb(s, SSL_CB_WRITE_ALERT, j);
-        }
-    }
-    return (i);
-}
-
-static DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr,
-                                      unsigned int *is_next_epoch)
-{
-
-    *is_next_epoch = 0;
-
-    /* In current epoch, accept HM, CCS, DATA, & ALERT */
-    if (rr->epoch == s->d1->r_epoch)
-        return &s->d1->bitmap;
-
-    /*
-     * Only HM and ALERT messages can be from the next epoch and only if we
-     * have already processed all of the unprocessed records from the last
-     * epoch
-     */
-    else if (rr->epoch == (unsigned long)(s->d1->r_epoch + 1) &&
-             s->d1->unprocessed_rcds.epoch != s->d1->r_epoch &&
-             (rr->type == SSL3_RT_HANDSHAKE || rr->type == SSL3_RT_ALERT)) {
-        *is_next_epoch = 1;
-        return &s->d1->next_bitmap;
-    }
-
-    return NULL;
-}
-
-#if 0
-static int
-dtls1_record_needs_buffering(SSL *s, SSL3_RECORD *rr,
-                             unsigned short *priority, unsigned long *offset)
-{
-
-    /* alerts are passed up immediately */
-    if (rr->type == SSL3_RT_APPLICATION_DATA || rr->type == SSL3_RT_ALERT)
-        return 0;
-
-    /*
-     * Only need to buffer if a handshake is underway. (this implies that
-     * Hello Request and Client Hello are passed up immediately)
-     */
-    if (SSL_in_init(s)) {
-        unsigned char *data = rr->data;
-        /* need to extract the HM/CCS sequence number here */
-        if (rr->type == SSL3_RT_HANDSHAKE ||
-            rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) {
-            unsigned short seq_num;
-            struct hm_header_st msg_hdr;
-            struct ccs_header_st ccs_hdr;
-
-            if (rr->type == SSL3_RT_HANDSHAKE) {
-                dtls1_get_message_header(data, &msg_hdr);
-                seq_num = msg_hdr.seq;
-                *offset = msg_hdr.frag_off;
-            } else {
-                dtls1_get_ccs_header(data, &ccs_hdr);
-                seq_num = ccs_hdr.seq;
-                *offset = 0;
-            }
-
-            /*
-             * this is either a record we're waiting for, or a retransmit of
-             * something we happened to previously receive (higher layers
-             * will drop the repeat silently
-             */
-            if (seq_num < s->d1->handshake_read_seq)
-                return 0;
-            if (rr->type == SSL3_RT_HANDSHAKE &&
-                seq_num == s->d1->handshake_read_seq &&
-                msg_hdr.frag_off < s->d1->r_msg_hdr.frag_off)
-                return 0;
-            else if (seq_num == s->d1->handshake_read_seq &&
-                     (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC ||
-                      msg_hdr.frag_off == s->d1->r_msg_hdr.frag_off))
-                return 0;
-            else {
-                *priority = seq_num;
-                return 1;
-            }
-        } else                  /* unknown record type */
-            return 0;
-    }
-
-    return 0;
-}
-#endif
-
-void dtls1_reset_seq_numbers(SSL *s, int rw)
-{
-    unsigned char *seq;
-    unsigned int seq_bytes = sizeof(s->s3->read_sequence);
-
-    if (rw & SSL3_CC_READ) {
-        seq = s->s3->read_sequence;
-        s->d1->r_epoch++;
-        memcpy(&(s->d1->bitmap), &(s->d1->next_bitmap), sizeof(DTLS1_BITMAP));
-        memset(&(s->d1->next_bitmap), 0x00, sizeof(DTLS1_BITMAP));
-
-        /*
-         * We must not use any buffered messages received from the previous
-         * epoch
-         */
-        dtls1_clear_received_buffer(s);
-    } else {
-        seq = s->s3->write_sequence;
-        memcpy(s->d1->last_write_sequence, seq,
-               sizeof(s->s3->write_sequence));
-        s->d1->w_epoch++;
-    }
-
-    memset(seq, 0x00, seq_bytes);
-}
diff --git a/thirdparty/openssl/ssl/d1_srtp.c b/thirdparty/openssl/ssl/d1_srtp.c
deleted file mode 100644
index 64d0634a38..0000000000
--- a/thirdparty/openssl/ssl/d1_srtp.c
+++ /dev/null
@@ -1,448 +0,0 @@
-/* ssl/t1_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/*
- * DTLS code by Eric Rescorla <ekr@rtfm.com>
- *
- * Copyright (C) 2006, Network Resonance, Inc. Copyright (C) 2011, RTFM, Inc.
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include "ssl_locl.h"
-#include "srtp.h"
-
-#ifndef OPENSSL_NO_SRTP
-
-static SRTP_PROTECTION_PROFILE srtp_known_profiles[] = {
-    {
-     "SRTP_AES128_CM_SHA1_80",
-     SRTP_AES128_CM_SHA1_80,
-     },
-    {
-     "SRTP_AES128_CM_SHA1_32",
-     SRTP_AES128_CM_SHA1_32,
-     },
-# if 0
-    {
-     "SRTP_NULL_SHA1_80",
-     SRTP_NULL_SHA1_80,
-     },
-    {
-     "SRTP_NULL_SHA1_32",
-     SRTP_NULL_SHA1_32,
-     },
-# endif
-    {0}
-};
-
-static int find_profile_by_name(char *profile_name,
-                                SRTP_PROTECTION_PROFILE **pptr, unsigned len)
-{
-    SRTP_PROTECTION_PROFILE *p;
-
-    p = srtp_known_profiles;
-    while (p->name) {
-        if ((len == strlen(p->name)) && !strncmp(p->name, profile_name, len)) {
-            *pptr = p;
-            return 0;
-        }
-
-        p++;
-    }
-
-    return 1;
-}
-
-static int ssl_ctx_make_profiles(const char *profiles_string,
-                                 STACK_OF(SRTP_PROTECTION_PROFILE) **out)
-{
-    STACK_OF(SRTP_PROTECTION_PROFILE) *profiles;
-
-    char *col;
-    char *ptr = (char *)profiles_string;
-
-    SRTP_PROTECTION_PROFILE *p;
-
-    if (!(profiles = sk_SRTP_PROTECTION_PROFILE_new_null())) {
-        SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES,
-               SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES);
-        return 1;
-    }
-
-    do {
-        col = strchr(ptr, ':');
-
-        if (!find_profile_by_name(ptr, &p,
-                                  col ? col - ptr : (int)strlen(ptr))) {
-            if (sk_SRTP_PROTECTION_PROFILE_find(profiles, p) >= 0) {
-                SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES,
-                       SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
-                sk_SRTP_PROTECTION_PROFILE_free(profiles);
-                return 1;
-            }
-
-            sk_SRTP_PROTECTION_PROFILE_push(profiles, p);
-        } else {
-            SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES,
-                   SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE);
-            sk_SRTP_PROTECTION_PROFILE_free(profiles);
-            return 1;
-        }
-
-        if (col)
-            ptr = col + 1;
-    } while (col);
-
-    *out = profiles;
-
-    return 0;
-}
-
-int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles)
-{
-    return ssl_ctx_make_profiles(profiles, &ctx->srtp_profiles);
-}
-
-int SSL_set_tlsext_use_srtp(SSL *s, const char *profiles)
-{
-    return ssl_ctx_make_profiles(profiles, &s->srtp_profiles);
-}
-
-STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *s)
-{
-    if (s != NULL) {
-        if (s->srtp_profiles != NULL) {
-            return s->srtp_profiles;
-        } else if ((s->ctx != NULL) && (s->ctx->srtp_profiles != NULL)) {
-            return s->ctx->srtp_profiles;
-        }
-    }
-
-    return NULL;
-}
-
-SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s)
-{
-    return s->srtp_profile;
-}
-
-/*
- * Note: this function returns 0 length if there are no profiles specified
- */
-int ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p, int *len,
-                                     int maxlen)
-{
-    int ct = 0;
-    int i;
-    STACK_OF(SRTP_PROTECTION_PROFILE) *clnt = 0;
-    SRTP_PROTECTION_PROFILE *prof;
-
-    clnt = SSL_get_srtp_profiles(s);
-    ct = sk_SRTP_PROTECTION_PROFILE_num(clnt); /* -1 if clnt == 0 */
-
-    if (p) {
-        if (ct == 0) {
-            SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT,
-                   SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST);
-            return 1;
-        }
-
-        if ((2 + ct * 2 + 1) > maxlen) {
-            SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT,
-                   SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG);
-            return 1;
-        }
-
-        /* Add the length */
-        s2n(ct * 2, p);
-        for (i = 0; i < ct; i++) {
-            prof = sk_SRTP_PROTECTION_PROFILE_value(clnt, i);
-            s2n(prof->id, p);
-        }
-
-        /* Add an empty use_mki value */
-        *p++ = 0;
-    }
-
-    *len = 2 + ct * 2 + 1;
-
-    return 0;
-}
-
-int ssl_parse_clienthello_use_srtp_ext(SSL *s, unsigned char *d, int len,
-                                       int *al)
-{
-    SRTP_PROTECTION_PROFILE *sprof;
-    STACK_OF(SRTP_PROTECTION_PROFILE) *srvr;
-    int ct;
-    int mki_len;
-    int i, srtp_pref;
-    unsigned int id;
-
-    /* Length value + the MKI length */
-    if (len < 3) {
-        SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,
-               SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
-        *al = SSL_AD_DECODE_ERROR;
-        return 1;
-    }
-
-    /* Pull off the length of the cipher suite list */
-    n2s(d, ct);
-    len -= 2;
-
-    /* Check that it is even */
-    if (ct % 2) {
-        SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,
-               SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
-        *al = SSL_AD_DECODE_ERROR;
-        return 1;
-    }
-
-    /* Check that lengths are consistent */
-    if (len < (ct + 1)) {
-        SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,
-               SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
-        *al = SSL_AD_DECODE_ERROR;
-        return 1;
-    }
-
-    srvr = SSL_get_srtp_profiles(s);
-    s->srtp_profile = NULL;
-    /* Search all profiles for a match initially */
-    srtp_pref = sk_SRTP_PROTECTION_PROFILE_num(srvr);
-
-    while (ct) {
-        n2s(d, id);
-        ct -= 2;
-        len -= 2;
-
-        /*
-         * Only look for match in profiles of higher preference than
-         * current match.
-         * If no profiles have been have been configured then this
-         * does nothing.
-         */
-        for (i = 0; i < srtp_pref; i++) {
-            sprof = sk_SRTP_PROTECTION_PROFILE_value(srvr, i);
-            if (sprof->id == id) {
-                s->srtp_profile = sprof;
-                srtp_pref = i;
-                break;
-            }
-        }
-    }
-
-    /*
-     * Now extract the MKI value as a sanity check, but discard it for now
-     */
-    mki_len = *d;
-    d++;
-    len--;
-
-    if (mki_len != len) {
-        SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,
-               SSL_R_BAD_SRTP_MKI_VALUE);
-        *al = SSL_AD_DECODE_ERROR;
-        return 1;
-    }
-
-    return 0;
-}
-
-int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len,
-                                     int maxlen)
-{
-    if (p) {
-        if (maxlen < 5) {
-            SSLerr(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT,
-                   SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG);
-            return 1;
-        }
-
-        if (s->srtp_profile == 0) {
-            SSLerr(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT,
-                   SSL_R_USE_SRTP_NOT_NEGOTIATED);
-            return 1;
-        }
-        s2n(2, p);
-        s2n(s->srtp_profile->id, p);
-        *p++ = 0;
-    }
-    *len = 5;
-
-    return 0;
-}
-
-int ssl_parse_serverhello_use_srtp_ext(SSL *s, unsigned char *d, int len,
-                                       int *al)
-{
-    unsigned id;
-    int i;
-    int ct;
-
-    STACK_OF(SRTP_PROTECTION_PROFILE) *clnt;
-    SRTP_PROTECTION_PROFILE *prof;
-
-    if (len != 5) {
-        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,
-               SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
-        *al = SSL_AD_DECODE_ERROR;
-        return 1;
-    }
-
-    n2s(d, ct);
-    if (ct != 2) {
-        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,
-               SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
-        *al = SSL_AD_DECODE_ERROR;
-        return 1;
-    }
-
-    n2s(d, id);
-    if (*d) {                   /* Must be no MKI, since we never offer one */
-        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,
-               SSL_R_BAD_SRTP_MKI_VALUE);
-        *al = SSL_AD_ILLEGAL_PARAMETER;
-        return 1;
-    }
-
-    clnt = SSL_get_srtp_profiles(s);
-
-    /* Throw an error if the server gave us an unsolicited extension */
-    if (clnt == NULL) {
-        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,
-               SSL_R_NO_SRTP_PROFILES);
-        *al = SSL_AD_DECODE_ERROR;
-        return 1;
-    }
-
-    /*
-     * Check to see if the server gave us something we support (and
-     * presumably offered)
-     */
-    for (i = 0; i < sk_SRTP_PROTECTION_PROFILE_num(clnt); i++) {
-        prof = sk_SRTP_PROTECTION_PROFILE_value(clnt, i);
-
-        if (prof->id == id) {
-            s->srtp_profile = prof;
-            *al = 0;
-            return 0;
-        }
-    }
-
-    SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,
-           SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
-    *al = SSL_AD_DECODE_ERROR;
-    return 1;
-}
-
-#endif
diff --git a/thirdparty/openssl/ssl/d1_srvr.c b/thirdparty/openssl/ssl/d1_srvr.c
deleted file mode 100644
index 8502b242e5..0000000000
--- a/thirdparty/openssl/ssl/d1_srvr.c
+++ /dev/null
@@ -1,985 +0,0 @@
-/* ssl/d1_srvr.c */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/md5.h>
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-
-static const SSL_METHOD *dtls1_get_server_method(int ver);
-static int dtls1_send_hello_verify_request(SSL *s);
-
-static const SSL_METHOD *dtls1_get_server_method(int ver)
-{
-    if (ver == DTLS_ANY_VERSION)
-        return DTLS_server_method();
-    else if (ver == DTLS1_VERSION)
-        return DTLSv1_server_method();
-    else if (ver == DTLS1_2_VERSION)
-        return DTLSv1_2_server_method();
-    else
-        return NULL;
-}
-
-IMPLEMENT_dtls1_meth_func(DTLS1_VERSION,
-                          DTLSv1_server_method,
-                          dtls1_accept,
-                          ssl_undefined_function,
-                          dtls1_get_server_method, DTLSv1_enc_data)
-
-IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION,
-                          DTLSv1_2_server_method,
-                          dtls1_accept,
-                          ssl_undefined_function,
-                          dtls1_get_server_method, DTLSv1_2_enc_data)
-
-IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION,
-                          DTLS_server_method,
-                          dtls1_accept,
-                          ssl_undefined_function,
-                          dtls1_get_server_method, DTLSv1_2_enc_data)
-
-int dtls1_accept(SSL *s)
-{
-    BUF_MEM *buf;
-    unsigned long Time = (unsigned long)time(NULL);
-    void (*cb) (const SSL *ssl, int type, int val) = NULL;
-    unsigned long alg_k;
-    int ret = -1;
-    int new_state, state, skip = 0;
-    int listen;
-#ifndef OPENSSL_NO_SCTP
-    unsigned char sctpauthkey[64];
-    char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
-#endif
-
-    RAND_add(&Time, sizeof(Time), 0);
-    ERR_clear_error();
-    clear_sys_error();
-
-    if (s->info_callback != NULL)
-        cb = s->info_callback;
-    else if (s->ctx->info_callback != NULL)
-        cb = s->ctx->info_callback;
-
-    listen = s->d1->listen;
-
-    /* init things to blank */
-    s->in_handshake++;
-    if (!SSL_in_init(s) || SSL_in_before(s))
-        SSL_clear(s);
-
-    s->d1->listen = listen;
-#ifndef OPENSSL_NO_SCTP
-    /*
-     * Notify SCTP BIO socket to enter handshake mode and prevent stream
-     * identifier other than 0. Will be ignored if no SCTP is used.
-     */
-    BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
-             s->in_handshake, NULL);
-#endif
-
-    if (s->cert == NULL) {
-        SSLerr(SSL_F_DTLS1_ACCEPT, SSL_R_NO_CERTIFICATE_SET);
-        return (-1);
-    }
-#ifndef OPENSSL_NO_HEARTBEATS
-    /*
-     * If we're awaiting a HeartbeatResponse, pretend we already got and
-     * don't await it anymore, because Heartbeats don't make sense during
-     * handshakes anyway.
-     */
-    if (s->tlsext_hb_pending) {
-        dtls1_stop_timer(s);
-        s->tlsext_hb_pending = 0;
-        s->tlsext_hb_seq++;
-    }
-#endif
-
-    for (;;) {
-        state = s->state;
-
-        switch (s->state) {
-        case SSL_ST_RENEGOTIATE:
-            s->renegotiate = 1;
-            /* s->state=SSL_ST_ACCEPT; */
-
-        case SSL_ST_BEFORE:
-        case SSL_ST_ACCEPT:
-        case SSL_ST_BEFORE | SSL_ST_ACCEPT:
-        case SSL_ST_OK | SSL_ST_ACCEPT:
-
-            s->server = 1;
-            if (cb != NULL)
-                cb(s, SSL_CB_HANDSHAKE_START, 1);
-
-            if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00)) {
-                SSLerr(SSL_F_DTLS1_ACCEPT, ERR_R_INTERNAL_ERROR);
-                return -1;
-            }
-            s->type = SSL_ST_ACCEPT;
-
-            if (s->init_buf == NULL) {
-                if ((buf = BUF_MEM_new()) == NULL) {
-                    ret = -1;
-                    s->state = SSL_ST_ERR;
-                    goto end;
-                }
-                if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
-                    BUF_MEM_free(buf);
-                    ret = -1;
-                    s->state = SSL_ST_ERR;
-                    goto end;
-                }
-                s->init_buf = buf;
-            }
-
-            if (!ssl3_setup_buffers(s)) {
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            }
-
-            s->init_num = 0;
-            s->d1->change_cipher_spec_ok = 0;
-            /*
-             * Should have been reset by ssl3_get_finished, too.
-             */
-            s->s3->change_cipher_spec = 0;
-
-            if (s->state != SSL_ST_RENEGOTIATE) {
-                /*
-                 * Ok, we now need to push on a buffering BIO so that the
-                 * output is sent in a way that TCP likes :-) ...but not with
-                 * SCTP :-)
-                 */
-#ifndef OPENSSL_NO_SCTP
-                if (!BIO_dgram_is_sctp(SSL_get_wbio(s)))
-#endif
-                    if (!ssl_init_wbio_buffer(s, 1)) {
-                        ret = -1;
-                        s->state = SSL_ST_ERR;
-                        goto end;
-                    }
-
-                if (!ssl3_init_finished_mac(s)) {
-                    ret = -1;
-                    s->state = SSL_ST_ERR;
-                    goto end;
-                }
-
-                s->state = SSL3_ST_SR_CLNT_HELLO_A;
-                s->ctx->stats.sess_accept++;
-            } else if (!s->s3->send_connection_binding &&
-                       !(s->options &
-                         SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) {
-                /*
-                 * Server attempting to renegotiate with client that doesn't
-                 * support secure renegotiation.
-                 */
-                SSLerr(SSL_F_DTLS1_ACCEPT,
-                       SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
-                ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            } else {
-                /*
-                 * s->state == SSL_ST_RENEGOTIATE, we will just send a
-                 * HelloRequest
-                 */
-                s->ctx->stats.sess_accept_renegotiate++;
-                s->state = SSL3_ST_SW_HELLO_REQ_A;
-            }
-
-            break;
-
-        case SSL3_ST_SW_HELLO_REQ_A:
-        case SSL3_ST_SW_HELLO_REQ_B:
-
-            s->shutdown = 0;
-            dtls1_clear_sent_buffer(s);
-            dtls1_start_timer(s);
-            ret = ssl3_send_hello_request(s);
-            if (ret <= 0)
-                goto end;
-            s->s3->tmp.next_state = SSL3_ST_SR_CLNT_HELLO_A;
-            s->state = SSL3_ST_SW_FLUSH;
-            s->init_num = 0;
-
-            if (!ssl3_init_finished_mac(s)) {
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            }
-            break;
-
-        case SSL3_ST_SW_HELLO_REQ_C:
-            s->state = SSL_ST_OK;
-            break;
-
-        case SSL3_ST_SR_CLNT_HELLO_A:
-        case SSL3_ST_SR_CLNT_HELLO_B:
-        case SSL3_ST_SR_CLNT_HELLO_C:
-
-            s->shutdown = 0;
-            ret = ssl3_get_client_hello(s);
-            if (ret <= 0)
-                goto end;
-            dtls1_stop_timer(s);
-
-            if (ret == 1 && (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE))
-                s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A;
-            else
-                s->state = SSL3_ST_SW_SRVR_HELLO_A;
-
-            s->init_num = 0;
-
-            /* If we're just listening, stop here */
-            if (listen && s->state == SSL3_ST_SW_SRVR_HELLO_A) {
-                ret = 2;
-                s->d1->listen = 0;
-                /*
-                 * Set expected sequence numbers to continue the handshake.
-                 */
-                s->d1->handshake_read_seq = 2;
-                s->d1->handshake_write_seq = 1;
-                s->d1->next_handshake_write_seq = 1;
-                goto end;
-            }
-
-            break;
-
-        case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
-        case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
-
-            ret = dtls1_send_hello_verify_request(s);
-            if (ret <= 0)
-                goto end;
-            s->state = SSL3_ST_SW_FLUSH;
-            s->s3->tmp.next_state = SSL3_ST_SR_CLNT_HELLO_A;
-
-            /* HelloVerifyRequest resets Finished MAC */
-            if (s->version != DTLS1_BAD_VER)
-                if (!ssl3_init_finished_mac(s)) {
-                    ret = -1;
-                    s->state = SSL_ST_ERR;
-                    goto end;
-                }
-            break;
-
-#ifndef OPENSSL_NO_SCTP
-        case DTLS1_SCTP_ST_SR_READ_SOCK:
-
-            if (BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) {
-                s->s3->in_read_app_data = 2;
-                s->rwstate = SSL_READING;
-                BIO_clear_retry_flags(SSL_get_rbio(s));
-                BIO_set_retry_read(SSL_get_rbio(s));
-                ret = -1;
-                goto end;
-            }
-
-            s->state = SSL3_ST_SR_FINISHED_A;
-            break;
-
-        case DTLS1_SCTP_ST_SW_WRITE_SOCK:
-            ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
-            if (ret < 0)
-                goto end;
-
-            if (ret == 0) {
-                if (s->d1->next_state != SSL_ST_OK) {
-                    s->s3->in_read_app_data = 2;
-                    s->rwstate = SSL_READING;
-                    BIO_clear_retry_flags(SSL_get_rbio(s));
-                    BIO_set_retry_read(SSL_get_rbio(s));
-                    ret = -1;
-                    goto end;
-                }
-            }
-
-            s->state = s->d1->next_state;
-            break;
-#endif
-
-        case SSL3_ST_SW_SRVR_HELLO_A:
-        case SSL3_ST_SW_SRVR_HELLO_B:
-            s->renegotiate = 2;
-            dtls1_start_timer(s);
-            ret = ssl3_send_server_hello(s);
-            if (ret <= 0)
-                goto end;
-
-            if (s->hit) {
-#ifndef OPENSSL_NO_SCTP
-                /*
-                 * Add new shared key for SCTP-Auth, will be ignored if no
-                 * SCTP used.
-                 */
-                snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
-                         DTLS1_SCTP_AUTH_LABEL);
-
-                if (SSL_export_keying_material(s, sctpauthkey,
-                        sizeof(sctpauthkey), labelbuffer,
-                        sizeof(labelbuffer), NULL, 0, 0) <= 0) {
-                    ret = -1;
-                    s->state = SSL_ST_ERR;
-                    goto end;
-                }
-
-                BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
-                         sizeof(sctpauthkey), sctpauthkey);
-#endif
-#ifndef OPENSSL_NO_TLSEXT
-                if (s->tlsext_ticket_expected)
-                    s->state = SSL3_ST_SW_SESSION_TICKET_A;
-                else
-                    s->state = SSL3_ST_SW_CHANGE_A;
-#else
-                s->state = SSL3_ST_SW_CHANGE_A;
-#endif
-            } else
-                s->state = SSL3_ST_SW_CERT_A;
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_SW_CERT_A:
-        case SSL3_ST_SW_CERT_B:
-            /* Check if it is anon DH or normal PSK */
-            if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
-                && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
-                dtls1_start_timer(s);
-                ret = ssl3_send_server_certificate(s);
-                if (ret <= 0)
-                    goto end;
-#ifndef OPENSSL_NO_TLSEXT
-                if (s->tlsext_status_expected)
-                    s->state = SSL3_ST_SW_CERT_STATUS_A;
-                else
-                    s->state = SSL3_ST_SW_KEY_EXCH_A;
-            } else {
-                skip = 1;
-                s->state = SSL3_ST_SW_KEY_EXCH_A;
-            }
-#else
-            } else
-                skip = 1;
-
-            s->state = SSL3_ST_SW_KEY_EXCH_A;
-#endif
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_SW_KEY_EXCH_A:
-        case SSL3_ST_SW_KEY_EXCH_B:
-            alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-
-            /*
-             * clear this, it may get reset by
-             * send_server_key_exchange
-             */
-            s->s3->tmp.use_rsa_tmp = 0;
-
-            /*
-             * only send if a DH key exchange or RSA but we have a sign only
-             * certificate
-             */
-            if (0
-                /*
-                 * PSK: send ServerKeyExchange if PSK identity hint if
-                 * provided
-                 */
-#ifndef OPENSSL_NO_PSK
-                || ((alg_k & SSL_kPSK) && s->ctx->psk_identity_hint)
-#endif
-                || (alg_k & SSL_kDHE)
-                || (alg_k & SSL_kEECDH)
-                || ((alg_k & SSL_kRSA)
-                    && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
-                        || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
-                            && EVP_PKEY_size(s->cert->pkeys
-                                             [SSL_PKEY_RSA_ENC].privatekey) *
-                            8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)
-                        )
-                    )
-                )
-                ) {
-                dtls1_start_timer(s);
-                ret = ssl3_send_server_key_exchange(s);
-                if (ret <= 0)
-                    goto end;
-            } else
-                skip = 1;
-
-            s->state = SSL3_ST_SW_CERT_REQ_A;
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_SW_CERT_REQ_A:
-        case SSL3_ST_SW_CERT_REQ_B:
-            if (                /* don't request cert unless asked for it: */
-                   !(s->verify_mode & SSL_VERIFY_PEER) ||
-                   /*
-                    * if SSL_VERIFY_CLIENT_ONCE is set, don't request cert
-                    * during re-negotiation:
-                    */
-                   ((s->session->peer != NULL) &&
-                    (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)) ||
-                   /*
-                    * never request cert in anonymous ciphersuites (see
-                    * section "Certificate request" in SSL 3 drafts and in
-                    * RFC 2246):
-                    */
-                   ((s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
-                    /*
-                     * ... except when the application insists on
-                     * verification (against the specs, but s3_clnt.c accepts
-                     * this for SSL 3)
-                     */
-                    !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) ||
-                   /*
-                    * never request cert in Kerberos ciphersuites
-                    */
-                   (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5)
-                   /*
-                    * With normal PSK Certificates and Certificate Requests
-                    * are omitted
-                    */
-                   || (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
-                /* no cert request */
-                skip = 1;
-                s->s3->tmp.cert_request = 0;
-                s->state = SSL3_ST_SW_SRVR_DONE_A;
-#ifndef OPENSSL_NO_SCTP
-                if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
-                    s->d1->next_state = SSL3_ST_SW_SRVR_DONE_A;
-                    s->state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
-                }
-#endif
-            } else {
-                s->s3->tmp.cert_request = 1;
-                dtls1_start_timer(s);
-                ret = ssl3_send_certificate_request(s);
-                if (ret <= 0)
-                    goto end;
-#ifndef NETSCAPE_HANG_BUG
-                s->state = SSL3_ST_SW_SRVR_DONE_A;
-# ifndef OPENSSL_NO_SCTP
-                if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
-                    s->d1->next_state = SSL3_ST_SW_SRVR_DONE_A;
-                    s->state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
-                }
-# endif
-#else
-                s->state = SSL3_ST_SW_FLUSH;
-                s->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
-# ifndef OPENSSL_NO_SCTP
-                if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
-                    s->d1->next_state = s->s3->tmp.next_state;
-                    s->s3->tmp.next_state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
-                }
-# endif
-#endif
-                s->init_num = 0;
-            }
-            break;
-
-        case SSL3_ST_SW_SRVR_DONE_A:
-        case SSL3_ST_SW_SRVR_DONE_B:
-            dtls1_start_timer(s);
-            ret = ssl3_send_server_done(s);
-            if (ret <= 0)
-                goto end;
-            s->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
-            s->state = SSL3_ST_SW_FLUSH;
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_SW_FLUSH:
-            s->rwstate = SSL_WRITING;
-            if (BIO_flush(s->wbio) <= 0) {
-                /*
-                 * If the write error was fatal, stop trying
-                 */
-                if (!BIO_should_retry(s->wbio)) {
-                    s->rwstate = SSL_NOTHING;
-                    s->state = s->s3->tmp.next_state;
-                }
-
-                ret = -1;
-                goto end;
-            }
-            s->rwstate = SSL_NOTHING;
-            s->state = s->s3->tmp.next_state;
-            break;
-
-        case SSL3_ST_SR_CERT_A:
-        case SSL3_ST_SR_CERT_B:
-            if (s->s3->tmp.cert_request) {
-                ret = ssl3_get_client_certificate(s);
-                if (ret <= 0)
-                    goto end;
-            }
-            s->init_num = 0;
-            s->state = SSL3_ST_SR_KEY_EXCH_A;
-            break;
-
-        case SSL3_ST_SR_KEY_EXCH_A:
-        case SSL3_ST_SR_KEY_EXCH_B:
-            ret = ssl3_get_client_key_exchange(s);
-            if (ret <= 0)
-                goto end;
-#ifndef OPENSSL_NO_SCTP
-            /*
-             * Add new shared key for SCTP-Auth, will be ignored if no SCTP
-             * used.
-             */
-            snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
-                     DTLS1_SCTP_AUTH_LABEL);
-
-            if (SSL_export_keying_material(s, sctpauthkey,
-                                       sizeof(sctpauthkey), labelbuffer,
-                                       sizeof(labelbuffer), NULL, 0, 0) <= 0) {
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            }
-
-            BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
-                     sizeof(sctpauthkey), sctpauthkey);
-#endif
-
-            s->state = SSL3_ST_SR_CERT_VRFY_A;
-            s->init_num = 0;
-
-            if (ret == 2) {
-                /*
-                 * For the ECDH ciphersuites when the client sends its ECDH
-                 * pub key in a certificate, the CertificateVerify message is
-                 * not sent.
-                 */
-                s->state = SSL3_ST_SR_FINISHED_A;
-                s->init_num = 0;
-            } else if (SSL_USE_SIGALGS(s)) {
-                s->state = SSL3_ST_SR_CERT_VRFY_A;
-                s->init_num = 0;
-                if (!s->session->peer)
-                    break;
-                /*
-                 * For sigalgs freeze the handshake buffer at this point and
-                 * digest cached records.
-                 */
-                if (!s->s3->handshake_buffer) {
-                    SSLerr(SSL_F_DTLS1_ACCEPT, ERR_R_INTERNAL_ERROR);
-                    s->state = SSL_ST_ERR;
-                    return -1;
-                }
-                s->s3->flags |= TLS1_FLAGS_KEEP_HANDSHAKE;
-                if (!ssl3_digest_cached_records(s)) {
-                    s->state = SSL_ST_ERR;
-                    return -1;
-                }
-            } else {
-                s->state = SSL3_ST_SR_CERT_VRFY_A;
-                s->init_num = 0;
-
-                /*
-                 * We need to get hashes here so if there is a client cert,
-                 * it can be verified
-                 */
-                s->method->ssl3_enc->cert_verify_mac(s,
-                                                     NID_md5,
-                                                     &(s->s3->
-                                                       tmp.cert_verify_md
-                                                       [0]));
-                s->method->ssl3_enc->cert_verify_mac(s, NID_sha1,
-                                                     &(s->s3->
-                                                       tmp.cert_verify_md
-                                                       [MD5_DIGEST_LENGTH]));
-            }
-            break;
-
-        case SSL3_ST_SR_CERT_VRFY_A:
-        case SSL3_ST_SR_CERT_VRFY_B:
-            ret = ssl3_get_cert_verify(s);
-            if (ret <= 0)
-                goto end;
-#ifndef OPENSSL_NO_SCTP
-            if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
-                state == SSL_ST_RENEGOTIATE)
-                s->state = DTLS1_SCTP_ST_SR_READ_SOCK;
-            else
-#endif
-                s->state = SSL3_ST_SR_FINISHED_A;
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_SR_FINISHED_A:
-        case SSL3_ST_SR_FINISHED_B:
-            /*
-             * Enable CCS. Receiving a CCS clears the flag, so make
-             * sure not to re-enable it to ban duplicates. This *should* be the
-             * first time we have received one - but we check anyway to be
-             * cautious.
-             * s->s3->change_cipher_spec is set when a CCS is
-             * processed in d1_pkt.c, and remains set until
-             * the client's Finished message is read.
-             */
-            if (!s->s3->change_cipher_spec)
-                s->d1->change_cipher_spec_ok = 1;
-            ret = ssl3_get_finished(s, SSL3_ST_SR_FINISHED_A,
-                                    SSL3_ST_SR_FINISHED_B);
-            if (ret <= 0)
-                goto end;
-            dtls1_stop_timer(s);
-            if (s->hit)
-                s->state = SSL_ST_OK;
-#ifndef OPENSSL_NO_TLSEXT
-            else if (s->tlsext_ticket_expected)
-                s->state = SSL3_ST_SW_SESSION_TICKET_A;
-#endif
-            else
-                s->state = SSL3_ST_SW_CHANGE_A;
-            s->init_num = 0;
-            break;
-
-#ifndef OPENSSL_NO_TLSEXT
-        case SSL3_ST_SW_SESSION_TICKET_A:
-        case SSL3_ST_SW_SESSION_TICKET_B:
-            ret = ssl3_send_newsession_ticket(s);
-            if (ret <= 0)
-                goto end;
-            s->state = SSL3_ST_SW_CHANGE_A;
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_SW_CERT_STATUS_A:
-        case SSL3_ST_SW_CERT_STATUS_B:
-            ret = ssl3_send_cert_status(s);
-            if (ret <= 0)
-                goto end;
-            s->state = SSL3_ST_SW_KEY_EXCH_A;
-            s->init_num = 0;
-            break;
-
-#endif
-
-        case SSL3_ST_SW_CHANGE_A:
-        case SSL3_ST_SW_CHANGE_B:
-
-            s->session->cipher = s->s3->tmp.new_cipher;
-            if (!s->method->ssl3_enc->setup_key_block(s)) {
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            }
-
-            ret = dtls1_send_change_cipher_spec(s,
-                                                SSL3_ST_SW_CHANGE_A,
-                                                SSL3_ST_SW_CHANGE_B);
-
-            if (ret <= 0)
-                goto end;
-
-#ifndef OPENSSL_NO_SCTP
-            if (!s->hit) {
-                /*
-                 * Change to new shared key of SCTP-Auth, will be ignored if
-                 * no SCTP used.
-                 */
-                BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY,
-                         0, NULL);
-            }
-#endif
-
-            s->state = SSL3_ST_SW_FINISHED_A;
-            s->init_num = 0;
-
-            if (!s->method->ssl3_enc->change_cipher_state(s,
-                                                          SSL3_CHANGE_CIPHER_SERVER_WRITE))
-            {
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            }
-
-            dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
-            break;
-
-        case SSL3_ST_SW_FINISHED_A:
-        case SSL3_ST_SW_FINISHED_B:
-            ret = ssl3_send_finished(s,
-                                     SSL3_ST_SW_FINISHED_A,
-                                     SSL3_ST_SW_FINISHED_B,
-                                     s->method->
-                                     ssl3_enc->server_finished_label,
-                                     s->method->
-                                     ssl3_enc->server_finished_label_len);
-            if (ret <= 0)
-                goto end;
-            s->state = SSL3_ST_SW_FLUSH;
-            if (s->hit) {
-                s->s3->tmp.next_state = SSL3_ST_SR_FINISHED_A;
-
-#ifndef OPENSSL_NO_SCTP
-                /*
-                 * Change to new shared key of SCTP-Auth, will be ignored if
-                 * no SCTP used.
-                 */
-                BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY,
-                         0, NULL);
-#endif
-            } else {
-                s->s3->tmp.next_state = SSL_ST_OK;
-#ifndef OPENSSL_NO_SCTP
-                if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
-                    s->d1->next_state = s->s3->tmp.next_state;
-                    s->s3->tmp.next_state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
-                }
-#endif
-            }
-            s->init_num = 0;
-            break;
-
-        case SSL_ST_OK:
-            /* clean a few things up */
-            ssl3_cleanup_key_block(s);
-
-#if 0
-            BUF_MEM_free(s->init_buf);
-            s->init_buf = NULL;
-#endif
-
-            /* remove buffering on output */
-            ssl_free_wbio_buffer(s);
-
-            s->init_num = 0;
-
-            if (s->renegotiate == 2) { /* skipped if we just sent a
-                                        * HelloRequest */
-                s->renegotiate = 0;
-                s->new_session = 0;
-
-                ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
-
-                s->ctx->stats.sess_accept_good++;
-                /* s->server=1; */
-                s->handshake_func = dtls1_accept;
-
-                if (cb != NULL)
-                    cb(s, SSL_CB_HANDSHAKE_DONE, 1);
-            }
-
-            ret = 1;
-
-            /* done handshaking, next message is client hello */
-            s->d1->handshake_read_seq = 0;
-            /* next message is server hello */
-            s->d1->handshake_write_seq = 0;
-            s->d1->next_handshake_write_seq = 0;
-            dtls1_clear_received_buffer(s);
-            goto end;
-            /* break; */
-
-        case SSL_ST_ERR:
-        default:
-            SSLerr(SSL_F_DTLS1_ACCEPT, SSL_R_UNKNOWN_STATE);
-            ret = -1;
-            goto end;
-            /* break; */
-        }
-
-        if (!s->s3->tmp.reuse_message && !skip) {
-            if (s->debug) {
-                if ((ret = BIO_flush(s->wbio)) <= 0)
-                    goto end;
-            }
-
-            if ((cb != NULL) && (s->state != state)) {
-                new_state = s->state;
-                s->state = state;
-                cb(s, SSL_CB_ACCEPT_LOOP, 1);
-                s->state = new_state;
-            }
-        }
-        skip = 0;
-    }
- end:
-    /* BIO_flush(s->wbio); */
-
-    s->in_handshake--;
-#ifndef OPENSSL_NO_SCTP
-    /*
-     * Notify SCTP BIO socket to leave handshake mode and prevent stream
-     * identifier other than 0. Will be ignored if no SCTP is used.
-     */
-    BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
-             s->in_handshake, NULL);
-#endif
-
-    if (cb != NULL)
-        cb(s, SSL_CB_ACCEPT_EXIT, ret);
-    return (ret);
-}
-
-int dtls1_send_hello_verify_request(SSL *s)
-{
-    unsigned int msg_len;
-    unsigned char *msg, *buf, *p;
-
-    if (s->state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A) {
-        buf = (unsigned char *)s->init_buf->data;
-
-        msg = p = &(buf[DTLS1_HM_HEADER_LENGTH]);
-        /* Always use DTLS 1.0 version: see RFC 6347 */
-        *(p++) = DTLS1_VERSION >> 8;
-        *(p++) = DTLS1_VERSION & 0xFF;
-
-        if (s->ctx->app_gen_cookie_cb == NULL ||
-            s->ctx->app_gen_cookie_cb(s, s->d1->cookie,
-                                      &(s->d1->cookie_len)) == 0) {
-            SSLerr(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST,
-                   ERR_R_INTERNAL_ERROR);
-            s->state = SSL_ST_ERR;
-            return 0;
-        }
-
-        *(p++) = (unsigned char)s->d1->cookie_len;
-        memcpy(p, s->d1->cookie, s->d1->cookie_len);
-        p += s->d1->cookie_len;
-        msg_len = p - msg;
-
-        dtls1_set_message_header(s, buf,
-                                 DTLS1_MT_HELLO_VERIFY_REQUEST, msg_len, 0,
-                                 msg_len);
-
-        s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B;
-        /* number of bytes to write */
-        s->init_num = p - buf;
-        s->init_off = 0;
-    }
-
-    /* s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B */
-    return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
-}
diff --git a/thirdparty/openssl/ssl/kssl.c b/thirdparty/openssl/ssl/kssl.c
deleted file mode 100644
index f2839bdcd7..0000000000
--- a/thirdparty/openssl/ssl/kssl.c
+++ /dev/null
@@ -1,2260 +0,0 @@
-/* ssl/kssl.c */
-/*
- * Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project
- * 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*-
- * ssl/kssl.c  --  Routines to support (& debug) Kerberos5 auth for openssl
- *
- *  19990701    VRS     Started.
- *  200011??    Jeffrey Altman, Richard Levitte
- *                      Generalized for Heimdal, Newer MIT, & Win32.
- *                      Integrated into main OpenSSL 0.9.7 snapshots.
- *  20010413    Simon Wilkinson, VRS
- *                      Real RFC2712 KerberosWrapper replaces AP_REQ.
- */
-
-#include <openssl/opensslconf.h>
-
-#include <string.h>
-
-#define KRB5_PRIVATE    1
-
-#include <openssl/ssl.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/krb5_asn.h>
-#include "kssl_lcl.h"
-
-#ifndef OPENSSL_NO_KRB5
-
-# ifndef ENOMEM
-#  define ENOMEM KRB5KRB_ERR_GENERIC
-# endif
-
-/*
- * When OpenSSL is built on Windows, we do not want to require that
- * the Kerberos DLLs be available in order for the OpenSSL DLLs to
- * work.  Therefore, all Kerberos routines are loaded at run time
- * and we do not link to a .LIB file.
- */
-
-# if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
-/*
- * The purpose of the following pre-processor statements is to provide
- * compatibility with different releases of MIT Kerberos for Windows.
- * All versions up to 1.2 used macros.  But macros do not allow for
- * a binary compatible interface for DLLs.  Therefore, all macros are
- * being replaced by function calls.  The following code will allow
- * an OpenSSL DLL built on Windows to work whether or not the macro
- * or function form of the routines are utilized.
- */
-#  ifdef  krb5_cc_get_principal
-#   define NO_DEF_KRB5_CCACHE
-#   undef  krb5_cc_get_principal
-#  endif
-#  define krb5_cc_get_principal    kssl_krb5_cc_get_principal
-
-#  define krb5_free_data_contents  kssl_krb5_free_data_contents
-#  define krb5_free_context        kssl_krb5_free_context
-#  define krb5_auth_con_free       kssl_krb5_auth_con_free
-#  define krb5_free_principal      kssl_krb5_free_principal
-#  define krb5_mk_req_extended     kssl_krb5_mk_req_extended
-#  define krb5_get_credentials     kssl_krb5_get_credentials
-#  define krb5_cc_default          kssl_krb5_cc_default
-#  define krb5_sname_to_principal  kssl_krb5_sname_to_principal
-#  define krb5_init_context        kssl_krb5_init_context
-#  define krb5_free_ticket         kssl_krb5_free_ticket
-#  define krb5_rd_req              kssl_krb5_rd_req
-#  define krb5_kt_default          kssl_krb5_kt_default
-#  define krb5_kt_resolve          kssl_krb5_kt_resolve
-/* macros in mit 1.2.2 and earlier; functions in mit 1.2.3 and greater */
-#  ifndef krb5_kt_close
-#   define krb5_kt_close            kssl_krb5_kt_close
-#  endif                        /* krb5_kt_close */
-#  ifndef krb5_kt_get_entry
-#   define krb5_kt_get_entry        kssl_krb5_kt_get_entry
-#  endif                        /* krb5_kt_get_entry */
-#  define krb5_auth_con_init       kssl_krb5_auth_con_init
-
-#  define krb5_principal_compare   kssl_krb5_principal_compare
-#  define krb5_decrypt_tkt_part    kssl_krb5_decrypt_tkt_part
-#  define krb5_timeofday           kssl_krb5_timeofday
-#  define krb5_rc_default          kssl_krb5_rc_default
-
-#  ifdef krb5_rc_initialize
-#   undef krb5_rc_initialize
-#  endif
-#  define krb5_rc_initialize   kssl_krb5_rc_initialize
-
-#  ifdef krb5_rc_get_lifespan
-#   undef krb5_rc_get_lifespan
-#  endif
-#  define krb5_rc_get_lifespan kssl_krb5_rc_get_lifespan
-
-#  ifdef krb5_rc_destroy
-#   undef krb5_rc_destroy
-#  endif
-#  define krb5_rc_destroy      kssl_krb5_rc_destroy
-
-#  define valid_cksumtype      kssl_valid_cksumtype
-#  define krb5_checksum_size   kssl_krb5_checksum_size
-#  define krb5_kt_free_entry   kssl_krb5_kt_free_entry
-#  define krb5_auth_con_setrcache  kssl_krb5_auth_con_setrcache
-#  define krb5_auth_con_getrcache  kssl_krb5_auth_con_getrcache
-#  define krb5_get_server_rcache   kssl_krb5_get_server_rcache
-
-/* Prototypes for built in stubs */
-void kssl_krb5_free_data_contents(krb5_context, krb5_data *);
-void kssl_krb5_free_principal(krb5_context, krb5_principal);
-krb5_error_code kssl_krb5_kt_resolve(krb5_context,
-                                     krb5_const char *, krb5_keytab *);
-krb5_error_code kssl_krb5_kt_default(krb5_context, krb5_keytab *);
-krb5_error_code kssl_krb5_free_ticket(krb5_context, krb5_ticket *);
-krb5_error_code kssl_krb5_rd_req(krb5_context, krb5_auth_context *,
-                                 krb5_const krb5_data *,
-                                 krb5_const_principal, krb5_keytab,
-                                 krb5_flags *, krb5_ticket **);
-
-krb5_boolean kssl_krb5_principal_compare(krb5_context, krb5_const_principal,
-                                         krb5_const_principal);
-krb5_error_code kssl_krb5_mk_req_extended(krb5_context,
-                                          krb5_auth_context *,
-                                          krb5_const krb5_flags,
-                                          krb5_data *,
-                                          krb5_creds *, krb5_data *);
-krb5_error_code kssl_krb5_init_context(krb5_context *);
-void kssl_krb5_free_context(krb5_context);
-krb5_error_code kssl_krb5_cc_default(krb5_context, krb5_ccache *);
-krb5_error_code kssl_krb5_sname_to_principal(krb5_context,
-                                             krb5_const char *,
-                                             krb5_const char *,
-                                             krb5_int32, krb5_principal *);
-krb5_error_code kssl_krb5_get_credentials(krb5_context,
-                                          krb5_const krb5_flags,
-                                          krb5_ccache,
-                                          krb5_creds *, krb5_creds * *);
-krb5_error_code kssl_krb5_auth_con_init(krb5_context, krb5_auth_context *);
-krb5_error_code kssl_krb5_cc_get_principal(krb5_context context,
-                                           krb5_ccache cache,
-                                           krb5_principal *principal);
-krb5_error_code kssl_krb5_auth_con_free(krb5_context, krb5_auth_context);
-size_t kssl_krb5_checksum_size(krb5_context context, krb5_cksumtype ctype);
-krb5_boolean kssl_valid_cksumtype(krb5_cksumtype ctype);
-krb5_error_code krb5_kt_free_entry(krb5_context, krb5_keytab_entry FAR *);
-krb5_error_code kssl_krb5_auth_con_setrcache(krb5_context,
-                                             krb5_auth_context, krb5_rcache);
-krb5_error_code kssl_krb5_get_server_rcache(krb5_context,
-                                            krb5_const krb5_data *,
-                                            krb5_rcache *);
-krb5_error_code kssl_krb5_auth_con_getrcache(krb5_context,
-                                             krb5_auth_context,
-                                             krb5_rcache *);
-
-/* Function pointers (almost all Kerberos functions are _stdcall) */
-static void (_stdcall *p_krb5_free_data_contents) (krb5_context, krb5_data *)
-    = NULL;
-static void (_stdcall *p_krb5_free_principal) (krb5_context, krb5_principal)
-    = NULL;
-static krb5_error_code(_stdcall *p_krb5_kt_resolve)
- (krb5_context, krb5_const char *, krb5_keytab *) = NULL;
-static krb5_error_code(_stdcall *p_krb5_kt_default) (krb5_context,
-                                                     krb5_keytab *) = NULL;
-static krb5_error_code(_stdcall *p_krb5_free_ticket) (krb5_context,
-                                                      krb5_ticket *) = NULL;
-static krb5_error_code(_stdcall *p_krb5_rd_req) (krb5_context,
-                                                 krb5_auth_context *,
-                                                 krb5_const krb5_data *,
-                                                 krb5_const_principal,
-                                                 krb5_keytab, krb5_flags *,
-                                                 krb5_ticket **) = NULL;
-static krb5_error_code(_stdcall *p_krb5_mk_req_extended)
- (krb5_context, krb5_auth_context *,
-  krb5_const krb5_flags, krb5_data *, krb5_creds *, krb5_data *) = NULL;
-static krb5_error_code(_stdcall *p_krb5_init_context) (krb5_context *) = NULL;
-static void (_stdcall *p_krb5_free_context) (krb5_context) = NULL;
-static krb5_error_code(_stdcall *p_krb5_cc_default) (krb5_context,
-                                                     krb5_ccache *) = NULL;
-static krb5_error_code(_stdcall *p_krb5_sname_to_principal)
- (krb5_context, krb5_const char *, krb5_const char *,
-  krb5_int32, krb5_principal *) = NULL;
-static krb5_error_code(_stdcall *p_krb5_get_credentials)
- (krb5_context, krb5_const krb5_flags, krb5_ccache,
-  krb5_creds *, krb5_creds **) = NULL;
-static krb5_error_code(_stdcall *p_krb5_auth_con_init)
- (krb5_context, krb5_auth_context *) = NULL;
-static krb5_error_code(_stdcall *p_krb5_cc_get_principal)
- (krb5_context context, krb5_ccache cache, krb5_principal *principal) = NULL;
-static krb5_error_code(_stdcall *p_krb5_auth_con_free)
- (krb5_context, krb5_auth_context) = NULL;
-static krb5_error_code(_stdcall *p_krb5_decrypt_tkt_part)
- (krb5_context, krb5_const krb5_keyblock *, krb5_ticket *) = NULL;
-static krb5_error_code(_stdcall *p_krb5_timeofday)
- (krb5_context context, krb5_int32 *timeret) = NULL;
-static krb5_error_code(_stdcall *p_krb5_rc_default)
- (krb5_context context, krb5_rcache *rc) = NULL;
-static krb5_error_code(_stdcall *p_krb5_rc_initialize)
- (krb5_context context, krb5_rcache rc, krb5_deltat lifespan) = NULL;
-static krb5_error_code(_stdcall *p_krb5_rc_get_lifespan)
- (krb5_context context, krb5_rcache rc, krb5_deltat *lifespan) = NULL;
-static krb5_error_code(_stdcall *p_krb5_rc_destroy)
- (krb5_context context, krb5_rcache rc) = NULL;
-static krb5_boolean(_stdcall *p_krb5_principal_compare)
- (krb5_context, krb5_const_principal, krb5_const_principal) = NULL;
-static size_t (_stdcall *p_krb5_checksum_size) (krb5_context context,
-                                                krb5_cksumtype ctype) = NULL;
-static krb5_boolean(_stdcall *p_valid_cksumtype) (krb5_cksumtype ctype) =
-    NULL;
-static krb5_error_code(_stdcall *p_krb5_kt_free_entry)
- (krb5_context, krb5_keytab_entry *) = NULL;
-static krb5_error_code(_stdcall *p_krb5_auth_con_setrcache) (krb5_context,
-                                                             krb5_auth_context,
-                                                             krb5_rcache) =
-    NULL;
-static krb5_error_code(_stdcall *p_krb5_get_server_rcache) (krb5_context,
-                                                            krb5_const
-                                                            krb5_data *,
-                                                            krb5_rcache *) =
-    NULL;
-static krb5_error_code(*p_krb5_auth_con_getrcache) (krb5_context,
-                                                    krb5_auth_context,
-                                                    krb5_rcache *) = NULL;
-static krb5_error_code(_stdcall *p_krb5_kt_close) (krb5_context context,
-                                                   krb5_keytab keytab) = NULL;
-static krb5_error_code(_stdcall *p_krb5_kt_get_entry) (krb5_context context,
-                                                       krb5_keytab keytab,
-                                                       krb5_const_principal
-                                                       principal,
-                                                       krb5_kvno vno,
-                                                       krb5_enctype enctype,
-                                                       krb5_keytab_entry
-                                                       *entry) = NULL;
-static int krb5_loaded = 0;     /* only attempt to initialize func ptrs once */
-
-/* Function to Load the Kerberos 5 DLL and initialize function pointers */
-void load_krb5_dll(void)
-{
-    HANDLE hKRB5_32;
-
-    krb5_loaded++;
-    hKRB5_32 = LoadLibrary(TEXT("KRB5_32"));
-    if (!hKRB5_32)
-        return;
-
-    (FARPROC) p_krb5_free_data_contents =
-        GetProcAddress(hKRB5_32, "krb5_free_data_contents");
-    (FARPROC) p_krb5_free_context =
-        GetProcAddress(hKRB5_32, "krb5_free_context");
-    (FARPROC) p_krb5_auth_con_free =
-        GetProcAddress(hKRB5_32, "krb5_auth_con_free");
-    (FARPROC) p_krb5_free_principal =
-        GetProcAddress(hKRB5_32, "krb5_free_principal");
-    (FARPROC) p_krb5_mk_req_extended =
-        GetProcAddress(hKRB5_32, "krb5_mk_req_extended");
-    (FARPROC) p_krb5_get_credentials =
-        GetProcAddress(hKRB5_32, "krb5_get_credentials");
-    (FARPROC) p_krb5_cc_get_principal =
-        GetProcAddress(hKRB5_32, "krb5_cc_get_principal");
-    (FARPROC) p_krb5_cc_default = GetProcAddress(hKRB5_32, "krb5_cc_default");
-    (FARPROC) p_krb5_sname_to_principal =
-        GetProcAddress(hKRB5_32, "krb5_sname_to_principal");
-    (FARPROC) p_krb5_init_context =
-        GetProcAddress(hKRB5_32, "krb5_init_context");
-    (FARPROC) p_krb5_free_ticket =
-        GetProcAddress(hKRB5_32, "krb5_free_ticket");
-    (FARPROC) p_krb5_rd_req = GetProcAddress(hKRB5_32, "krb5_rd_req");
-    (FARPROC) p_krb5_principal_compare =
-        GetProcAddress(hKRB5_32, "krb5_principal_compare");
-    (FARPROC) p_krb5_decrypt_tkt_part =
-        GetProcAddress(hKRB5_32, "krb5_decrypt_tkt_part");
-    (FARPROC) p_krb5_timeofday = GetProcAddress(hKRB5_32, "krb5_timeofday");
-    (FARPROC) p_krb5_rc_default = GetProcAddress(hKRB5_32, "krb5_rc_default");
-    (FARPROC) p_krb5_rc_initialize =
-        GetProcAddress(hKRB5_32, "krb5_rc_initialize");
-    (FARPROC) p_krb5_rc_get_lifespan =
-        GetProcAddress(hKRB5_32, "krb5_rc_get_lifespan");
-    (FARPROC) p_krb5_rc_destroy = GetProcAddress(hKRB5_32, "krb5_rc_destroy");
-    (FARPROC) p_krb5_kt_default = GetProcAddress(hKRB5_32, "krb5_kt_default");
-    (FARPROC) p_krb5_kt_resolve = GetProcAddress(hKRB5_32, "krb5_kt_resolve");
-    (FARPROC) p_krb5_auth_con_init =
-        GetProcAddress(hKRB5_32, "krb5_auth_con_init");
-    (FARPROC) p_valid_cksumtype = GetProcAddress(hKRB5_32, "valid_cksumtype");
-    (FARPROC) p_krb5_checksum_size =
-        GetProcAddress(hKRB5_32, "krb5_checksum_size");
-    (FARPROC) p_krb5_kt_free_entry =
-        GetProcAddress(hKRB5_32, "krb5_kt_free_entry");
-    (FARPROC) p_krb5_auth_con_setrcache =
-        GetProcAddress(hKRB5_32, "krb5_auth_con_setrcache");
-    (FARPROC) p_krb5_get_server_rcache =
-        GetProcAddress(hKRB5_32, "krb5_get_server_rcache");
-    (FARPROC) p_krb5_auth_con_getrcache =
-        GetProcAddress(hKRB5_32, "krb5_auth_con_getrcache");
-    (FARPROC) p_krb5_kt_close = GetProcAddress(hKRB5_32, "krb5_kt_close");
-    (FARPROC) p_krb5_kt_get_entry =
-        GetProcAddress(hKRB5_32, "krb5_kt_get_entry");
-}
-
-/* Stubs for each function to be dynamicly loaded */
-void kssl_krb5_free_data_contents(krb5_context CO, krb5_data *data)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_krb5_free_data_contents)
-        p_krb5_free_data_contents(CO, data);
-}
-
-krb5_error_code
-kssl_krb5_mk_req_extended(krb5_context CO,
-                          krb5_auth_context *pACO,
-                          krb5_const krb5_flags F,
-                          krb5_data *pD1, krb5_creds *pC, krb5_data *pD2)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_krb5_mk_req_extended)
-        return (p_krb5_mk_req_extended(CO, pACO, F, pD1, pC, pD2));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code
-kssl_krb5_auth_con_init(krb5_context CO, krb5_auth_context *pACO)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_krb5_auth_con_init)
-        return (p_krb5_auth_con_init(CO, pACO));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code
-kssl_krb5_auth_con_free(krb5_context CO, krb5_auth_context ACO)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_krb5_auth_con_free)
-        return (p_krb5_auth_con_free(CO, ACO));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code
-kssl_krb5_get_credentials(krb5_context CO,
-                          krb5_const krb5_flags F,
-                          krb5_ccache CC, krb5_creds *pCR, krb5_creds **ppCR)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_krb5_get_credentials)
-        return (p_krb5_get_credentials(CO, F, CC, pCR, ppCR));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code
-kssl_krb5_sname_to_principal(krb5_context CO,
-                             krb5_const char *pC1,
-                             krb5_const char *pC2,
-                             krb5_int32 I, krb5_principal *pPR)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_krb5_sname_to_principal)
-        return (p_krb5_sname_to_principal(CO, pC1, pC2, I, pPR));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code kssl_krb5_cc_default(krb5_context CO, krb5_ccache *pCC)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_krb5_cc_default)
-        return (p_krb5_cc_default(CO, pCC));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code kssl_krb5_init_context(krb5_context *pCO)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_krb5_init_context)
-        return (p_krb5_init_context(pCO));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-void kssl_krb5_free_context(krb5_context CO)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_krb5_free_context)
-        p_krb5_free_context(CO);
-}
-
-void kssl_krb5_free_principal(krb5_context c, krb5_principal p)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_krb5_free_principal)
-        p_krb5_free_principal(c, p);
-}
-
-krb5_error_code
-kssl_krb5_kt_resolve(krb5_context con, krb5_const char *sz, krb5_keytab *kt)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_krb5_kt_resolve)
-        return (p_krb5_kt_resolve(con, sz, kt));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code kssl_krb5_kt_default(krb5_context con, krb5_keytab *kt)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_krb5_kt_default)
-        return (p_krb5_kt_default(con, kt));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code kssl_krb5_free_ticket(krb5_context con, krb5_ticket *kt)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_krb5_free_ticket)
-        return (p_krb5_free_ticket(con, kt));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code
-kssl_krb5_rd_req(krb5_context con, krb5_auth_context *pacon,
-                 krb5_const krb5_data *data,
-                 krb5_const_principal princ, krb5_keytab keytab,
-                 krb5_flags *flags, krb5_ticket **pptkt)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_krb5_rd_req)
-        return (p_krb5_rd_req(con, pacon, data, princ, keytab, flags, pptkt));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_boolean
-krb5_principal_compare(krb5_context con, krb5_const_principal princ1,
-                       krb5_const_principal princ2)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_krb5_principal_compare)
-        return (p_krb5_principal_compare(con, princ1, princ2));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code
-krb5_decrypt_tkt_part(krb5_context con, krb5_const krb5_keyblock *keys,
-                      krb5_ticket *ticket)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_krb5_decrypt_tkt_part)
-        return (p_krb5_decrypt_tkt_part(con, keys, ticket));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code krb5_timeofday(krb5_context con, krb5_int32 *timeret)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_krb5_timeofday)
-        return (p_krb5_timeofday(con, timeret));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code krb5_rc_default(krb5_context con, krb5_rcache *rc)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_krb5_rc_default)
-        return (p_krb5_rc_default(con, rc));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code
-krb5_rc_initialize(krb5_context con, krb5_rcache rc, krb5_deltat lifespan)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_krb5_rc_initialize)
-        return (p_krb5_rc_initialize(con, rc, lifespan));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code
-krb5_rc_get_lifespan(krb5_context con, krb5_rcache rc, krb5_deltat *lifespanp)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_krb5_rc_get_lifespan)
-        return (p_krb5_rc_get_lifespan(con, rc, lifespanp));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code krb5_rc_destroy(krb5_context con, krb5_rcache rc)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_krb5_rc_destroy)
-        return (p_krb5_rc_destroy(con, rc));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-size_t krb5_checksum_size(krb5_context context, krb5_cksumtype ctype)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_krb5_checksum_size)
-        return (p_krb5_checksum_size(context, ctype));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_boolean valid_cksumtype(krb5_cksumtype ctype)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_valid_cksumtype)
-        return (p_valid_cksumtype(ctype));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code krb5_kt_free_entry(krb5_context con, krb5_keytab_entry *entry)
-{
-    if (!krb5_loaded)
-        load_krb5_dll();
-
-    if (p_krb5_kt_free_entry)
-        return (p_krb5_kt_free_entry(con, entry));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-/* Structure definitions  */
-#  ifndef NO_DEF_KRB5_CCACHE
-#   ifndef krb5_x
-#    define krb5_x(ptr,args) ((ptr)?((*(ptr)) args):(abort(),1))
-#    define krb5_xc(ptr,args) ((ptr)?((*(ptr)) args):(abort(),(char*)0))
-#   endif
-
-typedef krb5_pointer krb5_cc_cursor; /* cursor for sequential lookup */
-
-typedef struct _krb5_ccache {
-    krb5_magic magic;
-    struct _krb5_cc_ops FAR *ops;
-    krb5_pointer data;
-} *krb5_ccache;
-
-typedef struct _krb5_cc_ops {
-    krb5_magic magic;
-    char *prefix;
-    char *(KRB5_CALLCONV *get_name)
-     (krb5_context, krb5_ccache);
-     krb5_error_code(KRB5_CALLCONV *resolve)
-     (krb5_context, krb5_ccache *, const char *);
-     krb5_error_code(KRB5_CALLCONV *gen_new)
-     (krb5_context, krb5_ccache *);
-     krb5_error_code(KRB5_CALLCONV *init)
-     (krb5_context, krb5_ccache, krb5_principal);
-     krb5_error_code(KRB5_CALLCONV *destroy)
-     (krb5_context, krb5_ccache);
-     krb5_error_code(KRB5_CALLCONV *close)
-     (krb5_context, krb5_ccache);
-     krb5_error_code(KRB5_CALLCONV *store)
-     (krb5_context, krb5_ccache, krb5_creds *);
-     krb5_error_code(KRB5_CALLCONV *retrieve)
-     (krb5_context, krb5_ccache, krb5_flags, krb5_creds *, krb5_creds *);
-     krb5_error_code(KRB5_CALLCONV *get_princ)
-     (krb5_context, krb5_ccache, krb5_principal *);
-     krb5_error_code(KRB5_CALLCONV *get_first)
-     (krb5_context, krb5_ccache, krb5_cc_cursor *);
-     krb5_error_code(KRB5_CALLCONV *get_next)
-     (krb5_context, krb5_ccache, krb5_cc_cursor *, krb5_creds *);
-     krb5_error_code(KRB5_CALLCONV *end_get)
-     (krb5_context, krb5_ccache, krb5_cc_cursor *);
-     krb5_error_code(KRB5_CALLCONV *remove_cred)
-     (krb5_context, krb5_ccache, krb5_flags, krb5_creds *);
-     krb5_error_code(KRB5_CALLCONV *set_flags)
-     (krb5_context, krb5_ccache, krb5_flags);
-} krb5_cc_ops;
-#  endif                        /* NO_DEF_KRB5_CCACHE */
-
-krb5_error_code
-    kssl_krb5_cc_get_principal
-    (krb5_context context, krb5_ccache cache, krb5_principal *principal) {
-    if (p_krb5_cc_get_principal)
-        return (p_krb5_cc_get_principal(context, cache, principal));
-    else
-        return (krb5_x((cache)->ops->get_princ, (context, cache, principal)));
-}
-
-krb5_error_code
-kssl_krb5_auth_con_setrcache(krb5_context con, krb5_auth_context acon,
-                             krb5_rcache rcache)
-{
-    if (p_krb5_auth_con_setrcache)
-        return (p_krb5_auth_con_setrcache(con, acon, rcache));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code
-kssl_krb5_get_server_rcache(krb5_context con, krb5_const krb5_data *data,
-                            krb5_rcache *rcache)
-{
-    if (p_krb5_get_server_rcache)
-        return (p_krb5_get_server_rcache(con, data, rcache));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code
-kssl_krb5_auth_con_getrcache(krb5_context con, krb5_auth_context acon,
-                             krb5_rcache *prcache)
-{
-    if (p_krb5_auth_con_getrcache)
-        return (p_krb5_auth_con_getrcache(con, acon, prcache));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code kssl_krb5_kt_close(krb5_context context, krb5_keytab keytab)
-{
-    if (p_krb5_kt_close)
-        return (p_krb5_kt_close(context, keytab));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-
-krb5_error_code
-kssl_krb5_kt_get_entry(krb5_context context, krb5_keytab keytab,
-                       krb5_const_principal principal, krb5_kvno vno,
-                       krb5_enctype enctype, krb5_keytab_entry *entry)
-{
-    if (p_krb5_kt_get_entry)
-        return (p_krb5_kt_get_entry
-                (context, keytab, principal, vno, enctype, entry));
-    else
-        return KRB5KRB_ERR_GENERIC;
-}
-# endif                         /* OPENSSL_SYS_WINDOWS || OPENSSL_SYS_WIN32 */
-
-/*
- * memory allocation functions for non-temporary storage (e.g. stuff that
- * gets saved into the kssl context)
- */
-static void *kssl_calloc(size_t nmemb, size_t size)
-{
-    void *p;
-
-    p = OPENSSL_malloc(nmemb * size);
-    if (p) {
-        memset(p, 0, nmemb * size);
-    }
-    return p;
-}
-
-# define kssl_malloc(size) OPENSSL_malloc((size))
-# define kssl_realloc(ptr, size) OPENSSL_realloc(ptr, size)
-# define kssl_free(ptr) OPENSSL_free((ptr))
-
-char
-*kstring(char *string)
-{
-    static char *null = "[NULL]";
-
-    return ((string == NULL) ? null : string);
-}
-
-/*
- * Given KRB5 enctype (basically DES or 3DES), return closest match openssl
- * EVP_ encryption algorithm.  Return NULL for unknown or problematic
- * (krb5_dk_encrypt) enctypes.  Assume ENCTYPE_*_RAW (krb5_raw_encrypt) are
- * OK.
- */
-const EVP_CIPHER *kssl_map_enc(krb5_enctype enctype)
-{
-    switch (enctype) {
-    case ENCTYPE_DES_HMAC_SHA1: /* EVP_des_cbc(); */
-    case ENCTYPE_DES_CBC_CRC:
-    case ENCTYPE_DES_CBC_MD4:
-    case ENCTYPE_DES_CBC_MD5:
-    case ENCTYPE_DES_CBC_RAW:
-        return EVP_des_cbc();
-        break;
-    case ENCTYPE_DES3_CBC_SHA1: /* EVP_des_ede3_cbc(); */
-    case ENCTYPE_DES3_CBC_SHA:
-    case ENCTYPE_DES3_CBC_RAW:
-        return EVP_des_ede3_cbc();
-        break;
-    default:
-        return NULL;
-        break;
-    }
-}
-
-/*
- * Return true:1 if p "looks like" the start of the real authenticator
- * described in kssl_skip_confound() below.  The ASN.1 pattern is "62 xx 30
- * yy" (APPLICATION-2, SEQUENCE), where xx-yy =~ 2, and xx and yy are
- * possibly multi-byte length fields.
- */
-static int kssl_test_confound(unsigned char *p)
-{
-    int len = 2;
-    int xx = 0, yy = 0;
-
-    if (*p++ != 0x62)
-        return 0;
-    if (*p > 0x82)
-        return 0;
-    switch (*p) {
-    case 0x82:
-        p++;
-        xx = (*p++ << 8);
-        xx += *p++;
-        break;
-    case 0x81:
-        p++;
-        xx = *p++;
-        break;
-    case 0x80:
-        return 0;
-    default:
-        xx = *p++;
-        break;
-    }
-    if (*p++ != 0x30)
-        return 0;
-    if (*p > 0x82)
-        return 0;
-    switch (*p) {
-    case 0x82:
-        p++;
-        len += 2;
-        yy = (*p++ << 8);
-        yy += *p++;
-        break;
-    case 0x81:
-        p++;
-        len++;
-        yy = *p++;
-        break;
-    case 0x80:
-        return 0;
-    default:
-        yy = *p++;
-        break;
-    }
-
-    return (xx - len == yy) ? 1 : 0;
-}
-
-/*
- * Allocate, fill, and return cksumlens array of checksum lengths.  This
- * array holds just the unique elements from the krb5_cksumarray[].  array[n]
- * == 0 signals end of data.  The krb5_cksumarray[] was an internal variable
- * that has since been replaced by a more general method for storing the
- * data.  It should not be used.  Instead we use real API calls and make a
- * guess for what the highest assigned CKSUMTYPE_ constant is.  As of 1.2.2
- * it is 0x000c (CKSUMTYPE_HMAC_SHA1_DES3).  So we will use 0x0010.
- */
-static size_t *populate_cksumlens(void)
-{
-    int i, j, n;
-    static size_t *cklens = NULL;
-
-# ifdef KRB5_MIT_OLD11
-    n = krb5_max_cksum;
-# else
-    n = 0x0010;
-# endif                         /* KRB5_MIT_OLD11 */
-
-# ifdef KRB5CHECKAUTH
-    if (!cklens && !(cklens = (size_t *)calloc(sizeof(int), n + 1)))
-        return NULL;
-
-    for (i = 0; i < n; i++) {
-        if (!valid_cksumtype(i))
-            continue;           /* array has holes */
-        for (j = 0; j < n; j++) {
-            if (cklens[j] == 0) {
-                cklens[j] = krb5_checksum_size(NULL, i);
-                break;          /* krb5 elem was new: add */
-            }
-            if (cklens[j] == krb5_checksum_size(NULL, i)) {
-                break;          /* ignore duplicate elements */
-            }
-        }
-    }
-# endif                         /* KRB5CHECKAUTH */
-
-    return cklens;
-}
-
-/*-
- *      Return pointer to start of real authenticator within authenticator, or
- *      return NULL on error.
- *      Decrypted authenticator looks like this:
- *              [0 or 8 byte confounder] [4-24 byte checksum] [real authent'r]
- *      This hackery wouldn't be necessary if MIT KRB5 1.0.6 had the
- *      krb5_auth_con_getcksumtype() function advertised in its krb5.h.
- */
-unsigned char *kssl_skip_confound(krb5_enctype etype, unsigned char *a)
-{
-    int i, conlen;
-    size_t cklen;
-    static size_t *cksumlens = NULL;
-    unsigned char *test_auth;
-
-    conlen = (etype) ? 8 : 0;
-
-    if (!cksumlens && !(cksumlens = populate_cksumlens()))
-        return NULL;
-    for (i = 0; (cklen = cksumlens[i]) != 0; i++) {
-        test_auth = a + conlen + cklen;
-        if (kssl_test_confound(test_auth))
-            return test_auth;
-    }
-
-    return NULL;
-}
-
-/*
- * Set kssl_err error info when reason text is a simple string kssl_err =
- * struct { int reason; char text[KSSL_ERR_MAX+1]; }
- */
-void kssl_err_set(KSSL_ERR *kssl_err, int reason, char *text)
-{
-    if (kssl_err == NULL)
-        return;
-
-    kssl_err->reason = reason;
-    BIO_snprintf(kssl_err->text, KSSL_ERR_MAX, "%s", text);
-    return;
-}
-
-/*
- * Display contents of krb5_data struct, for debugging
- */
-void print_krb5_data(char *label, krb5_data *kdata)
-{
-    int i;
-
-    fprintf(stderr, "%s[%d] ", label, kdata->length);
-    for (i = 0; i < (int)kdata->length; i++) {
-        if (0 && isprint((int)kdata->data[i]))
-            fprintf(stderr, "%c ", kdata->data[i]);
-        else
-            fprintf(stderr, "%02x ", (unsigned char)kdata->data[i]);
-    }
-    fprintf(stderr, "\n");
-}
-
-/*
- * Display contents of krb5_authdata struct, for debugging
- */
-void print_krb5_authdata(char *label, krb5_authdata **adata)
-{
-    if (adata == NULL) {
-        fprintf(stderr, "%s, authdata==0\n", label);
-        return;
-    }
-    fprintf(stderr, "%s [%p]\n", label, (void *)adata);
-# if 0
-    {
-        int i;
-        fprintf(stderr, "%s[at%d:%d] ", label, adata->ad_type, adata->length);
-        for (i = 0; i < adata->length; i++) {
-            fprintf(stderr, (isprint(adata->contents[i])) ? "%c " : "%02x",
-                    adata->contents[i]);
-        }
-        fprintf(stderr, "\n");
-    }
-# endif
-}
-
-/*
- * Display contents of krb5_keyblock struct, for debugging
- */
-void print_krb5_keyblock(char *label, krb5_keyblock *keyblk)
-{
-    int i;
-
-    if (keyblk == NULL) {
-        fprintf(stderr, "%s, keyblk==0\n", label);
-        return;
-    }
-# ifdef KRB5_HEIMDAL
-    fprintf(stderr, "%s\n\t[et%d:%d]: ", label, keyblk->keytype,
-            keyblk->keyvalue->length);
-    for (i = 0; i < (int)keyblk->keyvalue->length; i++) {
-        fprintf(stderr, "%02x",
-                (unsigned char *)(keyblk->keyvalue->contents)[i]);
-    }
-    fprintf(stderr, "\n");
-# else
-    fprintf(stderr, "%s\n\t[et%d:%d]: ", label, keyblk->enctype,
-            keyblk->length);
-    for (i = 0; i < (int)keyblk->length; i++) {
-        fprintf(stderr, "%02x", keyblk->contents[i]);
-    }
-    fprintf(stderr, "\n");
-# endif
-}
-
-/*
- * Display contents of krb5_principal_data struct, for debugging
- * (krb5_principal is typedef'd == krb5_principal_data *)
- */
-static void print_krb5_princ(char *label, krb5_principal_data *princ)
-{
-    int i, ui, uj;
-
-    fprintf(stderr, "%s principal Realm: ", label);
-    if (princ == NULL)
-        return;
-    for (ui = 0; ui < (int)princ->realm.length; ui++)
-        putchar(princ->realm.data[ui]);
-    fprintf(stderr, " (nametype %d) has %d strings:\n", princ->type,
-            princ->length);
-    for (i = 0; i < (int)princ->length; i++) {
-        fprintf(stderr, "\t%d [%d]: ", i, princ->data[i].length);
-        for (uj = 0; uj < (int)princ->data[i].length; uj++) {
-            putchar(princ->data[i].data[uj]);
-        }
-        fprintf(stderr, "\n");
-    }
-    return;
-}
-
-/*-     Given krb5 service (typically "kssl") and hostname in kssl_ctx,
- *      Return encrypted Kerberos ticket for service @ hostname.
- *      If authenp is non-NULL, also return encrypted authenticator,
- *      whose data should be freed by caller.
- *      (Originally was: Create Kerberos AP_REQ message for SSL Client.)
- *
- *      19990628        VRS     Started; Returns Kerberos AP_REQ message.
- *      20010409        VRS     Modified for RFC2712; Returns enc tkt.
- *      20010606        VRS     May also return optional authenticator.
- */
-krb5_error_code kssl_cget_tkt( /* UPDATE */ KSSL_CTX *kssl_ctx,
-                              /*
-                               * OUT
-                               */ krb5_data **enc_ticketp,
-                              /*
-                               * UPDATE
-                               */ krb5_data *authenp,
-                              /*
-                               * OUT
-                               */ KSSL_ERR *kssl_err)
-{
-    krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC;
-    krb5_context krb5context = NULL;
-    krb5_auth_context krb5auth_context = NULL;
-    krb5_ccache krb5ccdef = NULL;
-    krb5_creds krb5creds, *krb5credsp = NULL;
-    krb5_data krb5_app_req;
-
-    kssl_err_set(kssl_err, 0, "");
-    memset((char *)&krb5creds, 0, sizeof(krb5creds));
-
-    if (!kssl_ctx) {
-        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT, "No kssl_ctx defined.\n");
-        goto err;
-    } else if (!kssl_ctx->service_host) {
-        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                     "kssl_ctx service_host undefined.\n");
-        goto err;
-    }
-
-    if ((krb5rc = krb5_init_context(&krb5context)) != 0) {
-        BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
-                     "krb5_init_context() fails: %d\n", krb5rc);
-        kssl_err->reason = SSL_R_KRB5_C_INIT;
-        goto err;
-    }
-
-    if ((krb5rc = krb5_sname_to_principal(krb5context,
-                                          kssl_ctx->service_host,
-                                          (kssl_ctx->service_name) ?
-                                          kssl_ctx->service_name : KRB5SVC,
-                                          KRB5_NT_SRV_HST,
-                                          &krb5creds.server)) != 0) {
-        BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
-                     "krb5_sname_to_principal() fails for %s/%s\n",
-                     kssl_ctx->service_host,
-                     (kssl_ctx->
-                      service_name) ? kssl_ctx->service_name : KRB5SVC);
-        kssl_err->reason = SSL_R_KRB5_C_INIT;
-        goto err;
-    }
-
-    if ((krb5rc = krb5_cc_default(krb5context, &krb5ccdef)) != 0) {
-        kssl_err_set(kssl_err, SSL_R_KRB5_C_CC_PRINC,
-                     "krb5_cc_default fails.\n");
-        goto err;
-    }
-
-    if ((krb5rc = krb5_cc_get_principal(krb5context, krb5ccdef,
-                                        &krb5creds.client)) != 0) {
-        kssl_err_set(kssl_err, SSL_R_KRB5_C_CC_PRINC,
-                     "krb5_cc_get_principal() fails.\n");
-        goto err;
-    }
-
-    if ((krb5rc = krb5_get_credentials(krb5context, 0, krb5ccdef,
-                                       &krb5creds, &krb5credsp)) != 0) {
-        kssl_err_set(kssl_err, SSL_R_KRB5_C_GET_CRED,
-                     "krb5_get_credentials() fails.\n");
-        goto err;
-    }
-
-    *enc_ticketp = &krb5credsp->ticket;
-# ifdef KRB5_HEIMDAL
-    kssl_ctx->enctype = krb5credsp->session.keytype;
-# else
-    kssl_ctx->enctype = krb5credsp->keyblock.enctype;
-# endif
-
-    krb5rc = KRB5KRB_ERR_GENERIC;
-    /*      caller should free data of krb5_app_req  */
-    /*
-     * 20010406 VRS deleted for real KerberosWrapper 20010605 VRS reinstated
-     * to offer Authenticator to KerberosWrapper
-     */
-    krb5_app_req.length = 0;
-    if (authenp) {
-        krb5_data krb5in_data;
-        const unsigned char *p;
-        long arlen;
-        KRB5_APREQBODY *ap_req;
-
-        authenp->length = 0;
-        krb5in_data.data = NULL;
-        krb5in_data.length = 0;
-        if ((krb5rc = krb5_mk_req_extended(krb5context,
-                                           &krb5auth_context, 0, &krb5in_data,
-                                           krb5credsp, &krb5_app_req)) != 0) {
-            kssl_err_set(kssl_err, SSL_R_KRB5_C_MK_REQ,
-                         "krb5_mk_req_extended() fails.\n");
-            goto err;
-        }
-
-        arlen = krb5_app_req.length;
-        p = (unsigned char *)krb5_app_req.data;
-        ap_req = (KRB5_APREQBODY *)d2i_KRB5_APREQ(NULL, &p, arlen);
-        if (ap_req) {
-            authenp->length = i2d_KRB5_ENCDATA(ap_req->authenticator, NULL);
-            if (authenp->length && (authenp->data = malloc(authenp->length))) {
-                unsigned char *adp = (unsigned char *)authenp->data;
-                authenp->length =
-                    i2d_KRB5_ENCDATA(ap_req->authenticator, &adp);
-            }
-        }
-
-        if (ap_req)
-            KRB5_APREQ_free((KRB5_APREQ *) ap_req);
-        if (krb5_app_req.length)
-            kssl_krb5_free_data_contents(krb5context, &krb5_app_req);
-    }
-# ifdef KRB5_HEIMDAL
-    if (kssl_ctx_setkey(kssl_ctx, &krb5credsp->session)) {
-        kssl_err_set(kssl_err, SSL_R_KRB5_C_INIT,
-                     "kssl_ctx_setkey() fails.\n");
-    }
-# else
-    if (kssl_ctx_setkey(kssl_ctx, &krb5credsp->keyblock)) {
-        kssl_err_set(kssl_err, SSL_R_KRB5_C_INIT,
-                     "kssl_ctx_setkey() fails.\n");
-    }
-# endif
-    else
-        krb5rc = 0;
-
- err:
-# ifdef KSSL_DEBUG
-    kssl_ctx_show(kssl_ctx);
-# endif                         /* KSSL_DEBUG */
-
-    if (krb5creds.client)
-        krb5_free_principal(krb5context, krb5creds.client);
-    if (krb5creds.server)
-        krb5_free_principal(krb5context, krb5creds.server);
-    if (krb5auth_context)
-        krb5_auth_con_free(krb5context, krb5auth_context);
-    if (krb5context)
-        krb5_free_context(krb5context);
-    return (krb5rc);
-}
-
-/*-
- *  Given d2i_-decoded asn1ticket, allocate and return a new krb5_ticket.
- *  Return Kerberos error code and kssl_err struct on error.
- *  Allocates krb5_ticket and krb5_principal; caller should free these.
- *
- *      20010410        VRS     Implemented krb5_decode_ticket() as
- *                              old_krb5_decode_ticket(). Missing from MIT1.0.6.
- *      20010615        VRS     Re-cast as openssl/asn1 d2i_*() functions.
- *                              Re-used some of the old krb5_decode_ticket()
- *                              code here.  This tkt should alloc/free just
- *                              like the real thing.
- */
-static krb5_error_code kssl_TKT2tkt( /* IN */ krb5_context krb5context,
-                                    /*
-                                     * IN
-                                     */ KRB5_TKTBODY *asn1ticket,
-                                    /*
-                                     * OUT
-                                     */ krb5_ticket **krb5ticket,
-                                    /*
-                                     * OUT
-                                     */ KSSL_ERR *kssl_err)
-{
-    krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC;
-    krb5_ticket *new5ticket = NULL;
-    ASN1_GENERALSTRING *gstr_svc, *gstr_host;
-
-    *krb5ticket = NULL;
-
-    if (asn1ticket == NULL || asn1ticket->realm == NULL ||
-        asn1ticket->sname == NULL ||
-        sk_ASN1_GENERALSTRING_num(asn1ticket->sname->namestring) < 2) {
-        BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
-                     "Null field in asn1ticket.\n");
-        kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
-        return KRB5KRB_ERR_GENERIC;
-    }
-
-    if ((new5ticket = (krb5_ticket *)calloc(1, sizeof(krb5_ticket))) == NULL) {
-        BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
-                     "Unable to allocate new krb5_ticket.\n");
-        kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
-        return ENOMEM;          /* or KRB5KRB_ERR_GENERIC; */
-    }
-
-    gstr_svc = sk_ASN1_GENERALSTRING_value(asn1ticket->sname->namestring, 0);
-    gstr_host = sk_ASN1_GENERALSTRING_value(asn1ticket->sname->namestring, 1);
-
-    if ((krb5rc = kssl_build_principal_2(krb5context,
-                                         &new5ticket->server,
-                                         asn1ticket->realm->length,
-                                         (char *)asn1ticket->realm->data,
-                                         gstr_svc->length,
-                                         (char *)gstr_svc->data,
-                                         gstr_host->length,
-                                         (char *)gstr_host->data)) != 0) {
-        free(new5ticket);
-        BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
-                     "Error building ticket server principal.\n");
-        kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
-        return krb5rc;          /* or KRB5KRB_ERR_GENERIC; */
-    }
-
-    krb5_princ_type(krb5context, new5ticket->server) =
-        asn1ticket->sname->nametype->data[0];
-    new5ticket->enc_part.enctype = asn1ticket->encdata->etype->data[0];
-    new5ticket->enc_part.kvno = asn1ticket->encdata->kvno->data[0];
-    new5ticket->enc_part.ciphertext.length =
-        asn1ticket->encdata->cipher->length;
-    if ((new5ticket->enc_part.ciphertext.data =
-         calloc(1, asn1ticket->encdata->cipher->length)) == NULL) {
-        free(new5ticket);
-        BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
-                     "Error allocating cipher in krb5ticket.\n");
-        kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
-        return KRB5KRB_ERR_GENERIC;
-    } else {
-        memcpy(new5ticket->enc_part.ciphertext.data,
-               asn1ticket->encdata->cipher->data,
-               asn1ticket->encdata->cipher->length);
-    }
-
-    *krb5ticket = new5ticket;
-    return 0;
-}
-
-/*-
- *      Given krb5 service name in KSSL_CTX *kssl_ctx (typically "kssl"),
- *              and krb5 AP_REQ message & message length,
- *      Return Kerberos session key and client principle
- *              to SSL Server in KSSL_CTX *kssl_ctx.
- *
- *      19990702        VRS     Started.
- */
-krb5_error_code kssl_sget_tkt( /* UPDATE */ KSSL_CTX *kssl_ctx,
-                              /*
-                               * IN
-                               */ krb5_data *indata,
-                              /*
-                               * OUT
-                               */ krb5_ticket_times *ttimes,
-                              /*
-                               * OUT
-                               */ KSSL_ERR *kssl_err)
-{
-    krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC;
-    static krb5_context krb5context = NULL;
-    static krb5_auth_context krb5auth_context = NULL;
-    krb5_ticket *krb5ticket = NULL;
-    KRB5_TKTBODY *asn1ticket = NULL;
-    const unsigned char *p;
-    krb5_keytab krb5keytab = NULL;
-    krb5_keytab_entry kt_entry;
-    krb5_principal krb5server;
-    krb5_rcache rcache = NULL;
-
-    kssl_err_set(kssl_err, 0, "");
-
-    if (!kssl_ctx) {
-        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT, "No kssl_ctx defined.\n");
-        goto err;
-    }
-# ifdef KSSL_DEBUG
-    fprintf(stderr, "in kssl_sget_tkt(%s)\n",
-            kstring(kssl_ctx->service_name));
-# endif                         /* KSSL_DEBUG */
-
-    if (!krb5context && (krb5rc = krb5_init_context(&krb5context))) {
-        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                     "krb5_init_context() fails.\n");
-        goto err;
-    }
-    if (krb5auth_context &&
-        (krb5rc = krb5_auth_con_free(krb5context, krb5auth_context))) {
-        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                     "krb5_auth_con_free() fails.\n");
-        goto err;
-    } else
-        krb5auth_context = NULL;
-    if (!krb5auth_context &&
-        (krb5rc = krb5_auth_con_init(krb5context, &krb5auth_context))) {
-        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                     "krb5_auth_con_init() fails.\n");
-        goto err;
-    }
-
-    if ((krb5rc = krb5_auth_con_getrcache(krb5context, krb5auth_context,
-                                          &rcache))) {
-        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                     "krb5_auth_con_getrcache() fails.\n");
-        goto err;
-    }
-
-    if ((krb5rc = krb5_sname_to_principal(krb5context, NULL,
-                                          (kssl_ctx->service_name) ?
-                                          kssl_ctx->service_name : KRB5SVC,
-                                          KRB5_NT_SRV_HST,
-                                          &krb5server)) != 0) {
-        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                     "krb5_sname_to_principal() fails.\n");
-        goto err;
-    }
-
-    if (rcache == NULL) {
-        if ((krb5rc = krb5_get_server_rcache(krb5context,
-                                             krb5_princ_component(krb5context,
-                                                                  krb5server,
-                                                                  0),
-                                             &rcache))) {
-            kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                         "krb5_get_server_rcache() fails.\n");
-            goto err;
-        }
-    }
-
-    if ((krb5rc =
-         krb5_auth_con_setrcache(krb5context, krb5auth_context, rcache))) {
-        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                     "krb5_auth_con_setrcache() fails.\n");
-        goto err;
-    }
-
-    /*
-     * kssl_ctx->keytab_file == NULL ==> use Kerberos default
-     */
-    if (kssl_ctx->keytab_file) {
-        krb5rc = krb5_kt_resolve(krb5context, kssl_ctx->keytab_file,
-                                 &krb5keytab);
-        if (krb5rc) {
-            kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                         "krb5_kt_resolve() fails.\n");
-            goto err;
-        }
-    } else {
-        krb5rc = krb5_kt_default(krb5context, &krb5keytab);
-        if (krb5rc) {
-            kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                         "krb5_kt_default() fails.\n");
-            goto err;
-        }
-    }
-
-    /*-     Actual Kerberos5 krb5_recvauth() has initial conversation here
-     *      o       check KRB5_SENDAUTH_BADAUTHVERS
-     *              unless KRB5_RECVAUTH_SKIP_VERSION
-     *      o       check KRB5_SENDAUTH_BADAPPLVERS
-     *      o       send "0" msg if all OK
-     */
-
-    /*-
-     * 20010411 was using AP_REQ instead of true KerberosWrapper
-     *
-     *  if ((krb5rc = krb5_rd_req(krb5context, &krb5auth_context,
-     *                      &krb5in_data, krb5server, krb5keytab,
-     *                      &ap_option, &krb5ticket)) != 0)  { Error }
-     */
-
-    p = (unsigned char *)indata->data;
-    if ((asn1ticket = (KRB5_TKTBODY *)d2i_KRB5_TICKET(NULL, &p,
-                                                      (long)indata->length))
-        == NULL) {
-        BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
-                     "d2i_KRB5_TICKET() ASN.1 decode failure.\n");
-        kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
-        goto err;
-    }
-
-    /*
-     * Was: krb5rc = krb5_decode_ticket(krb5in_data,&krb5ticket)) != 0)
-     */
-    if ((krb5rc = kssl_TKT2tkt(krb5context, asn1ticket, &krb5ticket,
-                               kssl_err)) != 0) {
-        BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
-                     "Error converting ASN.1 ticket to krb5_ticket.\n");
-        kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
-        goto err;
-    }
-
-    if (!krb5_principal_compare(krb5context, krb5server, krb5ticket->server)) {
-        krb5rc = KRB5_PRINC_NOMATCH;
-        BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
-                     "server principal != ticket principal\n");
-        kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
-        goto err;
-    }
-    if ((krb5rc = krb5_kt_get_entry(krb5context, krb5keytab,
-                                    krb5ticket->server,
-                                    krb5ticket->enc_part.kvno,
-                                    krb5ticket->enc_part.enctype,
-                                    &kt_entry)) != 0) {
-        BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
-                     "krb5_kt_get_entry() fails with %x.\n", krb5rc);
-        kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
-        goto err;
-    }
-    if ((krb5rc = krb5_decrypt_tkt_part(krb5context, &kt_entry.key,
-                                        krb5ticket)) != 0) {
-        BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
-                     "krb5_decrypt_tkt_part() failed.\n");
-        kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
-        goto err;
-    } else {
-        krb5_kt_free_entry(krb5context, &kt_entry);
-# ifdef KSSL_DEBUG
-        {
-            int i;
-            krb5_address **paddr = krb5ticket->enc_part2->caddrs;
-            fprintf(stderr, "Decrypted ticket fields:\n");
-            fprintf(stderr, "\tflags: %X, transit-type: %X",
-                    krb5ticket->enc_part2->flags,
-                    krb5ticket->enc_part2->transited.tr_type);
-            print_krb5_data("\ttransit-data: ",
-                            &(krb5ticket->enc_part2->transited.tr_contents));
-            fprintf(stderr, "\tcaddrs: %p, authdata: %p\n",
-                    krb5ticket->enc_part2->caddrs,
-                    krb5ticket->enc_part2->authorization_data);
-            if (paddr) {
-                fprintf(stderr, "\tcaddrs:\n");
-                for (i = 0; paddr[i] != NULL; i++) {
-                    krb5_data d;
-                    d.length = paddr[i]->length;
-                    d.data = paddr[i]->contents;
-                    print_krb5_data("\t\tIP: ", &d);
-                }
-            }
-            fprintf(stderr, "\tstart/auth/end times: %d / %d / %d\n",
-                    krb5ticket->enc_part2->times.starttime,
-                    krb5ticket->enc_part2->times.authtime,
-                    krb5ticket->enc_part2->times.endtime);
-        }
-# endif                         /* KSSL_DEBUG */
-    }
-
-    krb5rc = KRB5_NO_TKT_SUPPLIED;
-    if (!krb5ticket || !krb5ticket->enc_part2 ||
-        !krb5ticket->enc_part2->client ||
-        !krb5ticket->enc_part2->client->data ||
-        !krb5ticket->enc_part2->session) {
-        kssl_err_set(kssl_err, SSL_R_KRB5_S_BAD_TICKET,
-                     "bad ticket from krb5_rd_req.\n");
-    } else if (kssl_ctx_setprinc(kssl_ctx, KSSL_CLIENT,
-                                 &krb5ticket->enc_part2->client->realm,
-                                 krb5ticket->enc_part2->client->data,
-                                 krb5ticket->enc_part2->client->length)) {
-        kssl_err_set(kssl_err, SSL_R_KRB5_S_BAD_TICKET,
-                     "kssl_ctx_setprinc() fails.\n");
-    } else if (kssl_ctx_setkey(kssl_ctx, krb5ticket->enc_part2->session)) {
-        kssl_err_set(kssl_err, SSL_R_KRB5_S_BAD_TICKET,
-                     "kssl_ctx_setkey() fails.\n");
-    } else if (krb5ticket->enc_part2->flags & TKT_FLG_INVALID) {
-        krb5rc = KRB5KRB_AP_ERR_TKT_INVALID;
-        kssl_err_set(kssl_err, SSL_R_KRB5_S_BAD_TICKET,
-                     "invalid ticket from krb5_rd_req.\n");
-    } else
-        krb5rc = 0;
-
-    kssl_ctx->enctype = krb5ticket->enc_part.enctype;
-    ttimes->authtime = krb5ticket->enc_part2->times.authtime;
-    ttimes->starttime = krb5ticket->enc_part2->times.starttime;
-    ttimes->endtime = krb5ticket->enc_part2->times.endtime;
-    ttimes->renew_till = krb5ticket->enc_part2->times.renew_till;
-
- err:
-# ifdef KSSL_DEBUG
-    kssl_ctx_show(kssl_ctx);
-# endif                         /* KSSL_DEBUG */
-
-    if (asn1ticket)
-        KRB5_TICKET_free((KRB5_TICKET *) asn1ticket);
-    if (krb5keytab)
-        krb5_kt_close(krb5context, krb5keytab);
-    if (krb5ticket)
-        krb5_free_ticket(krb5context, krb5ticket);
-    if (krb5server)
-        krb5_free_principal(krb5context, krb5server);
-    return (krb5rc);
-}
-
-/*
- * Allocate & return a new kssl_ctx struct.
- */
-KSSL_CTX *kssl_ctx_new(void)
-{
-    return ((KSSL_CTX *)kssl_calloc(1, sizeof(KSSL_CTX)));
-}
-
-/*
- * Frees a kssl_ctx struct and any allocated memory it holds.  Returns NULL.
- */
-KSSL_CTX *kssl_ctx_free(KSSL_CTX *kssl_ctx)
-{
-    if (kssl_ctx == NULL)
-        return kssl_ctx;
-
-    if (kssl_ctx->key)
-        OPENSSL_cleanse(kssl_ctx->key, kssl_ctx->length);
-    if (kssl_ctx->key)
-        kssl_free(kssl_ctx->key);
-    if (kssl_ctx->client_princ)
-        kssl_free(kssl_ctx->client_princ);
-    if (kssl_ctx->service_host)
-        kssl_free(kssl_ctx->service_host);
-    if (kssl_ctx->service_name)
-        kssl_free(kssl_ctx->service_name);
-    if (kssl_ctx->keytab_file)
-        kssl_free(kssl_ctx->keytab_file);
-
-    kssl_free(kssl_ctx);
-    return (KSSL_CTX *)NULL;
-}
-
-/*
- * Given an array of (krb5_data *) entity (and optional realm), set the plain
- * (char *) client_princ or service_host member of the kssl_ctx struct.
- */
-krb5_error_code
-kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
-                  krb5_data *realm, krb5_data *entity, int nentities)
-{
-    char **princ;
-    int length;
-    int i;
-
-    if (kssl_ctx == NULL || entity == NULL)
-        return KSSL_CTX_ERR;
-
-    switch (which) {
-    case KSSL_CLIENT:
-        princ = &kssl_ctx->client_princ;
-        break;
-    case KSSL_SERVER:
-        princ = &kssl_ctx->service_host;
-        break;
-    default:
-        return KSSL_CTX_ERR;
-        break;
-    }
-    if (*princ)
-        kssl_free(*princ);
-
-    /* Add up all the entity->lengths */
-    length = 0;
-    for (i = 0; i < nentities; i++) {
-        length += entity[i].length;
-    }
-    /* Add in space for the '/' character(s) (if any) */
-    length += nentities - 1;
-    /* Space for the ('@'+realm+NULL | NULL) */
-    length += ((realm) ? realm->length + 2 : 1);
-
-    if ((*princ = kssl_calloc(1, length)) == NULL)
-        return KSSL_CTX_ERR;
-    else {
-        for (i = 0; i < nentities; i++) {
-            strncat(*princ, entity[i].data, entity[i].length);
-            if (i < nentities - 1) {
-                strcat(*princ, "/");
-            }
-        }
-        if (realm) {
-            strcat(*princ, "@");
-            (void)strncat(*princ, realm->data, realm->length);
-        }
-    }
-
-    return KSSL_CTX_OK;
-}
-
-/*-     Set one of the plain (char *) string members of the kssl_ctx struct.
- *      Default values should be:
- *              which == KSSL_SERVICE   =>      "khost" (KRB5SVC)
- *              which == KSSL_KEYTAB    =>      "/etc/krb5.keytab" (KRB5KEYTAB)
- */
-krb5_error_code kssl_ctx_setstring(KSSL_CTX *kssl_ctx, int which, char *text)
-{
-    char **string;
-
-    if (!kssl_ctx)
-        return KSSL_CTX_ERR;
-
-    switch (which) {
-    case KSSL_SERVICE:
-        string = &kssl_ctx->service_name;
-        break;
-    case KSSL_SERVER:
-        string = &kssl_ctx->service_host;
-        break;
-    case KSSL_CLIENT:
-        string = &kssl_ctx->client_princ;
-        break;
-    case KSSL_KEYTAB:
-        string = &kssl_ctx->keytab_file;
-        break;
-    default:
-        return KSSL_CTX_ERR;
-        break;
-    }
-    if (*string)
-        kssl_free(*string);
-
-    if (!text) {
-        *string = '\0';
-        return KSSL_CTX_OK;
-    }
-
-    if ((*string = kssl_calloc(1, strlen(text) + 1)) == NULL)
-        return KSSL_CTX_ERR;
-    else
-        strcpy(*string, text);
-
-    return KSSL_CTX_OK;
-}
-
-/*
- * Copy the Kerberos session key from a (krb5_keyblock *) to a kssl_ctx
- * struct.  Clear kssl_ctx->key if Kerberos session key is NULL.
- */
-krb5_error_code kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session)
-{
-    int length;
-    krb5_enctype enctype;
-    krb5_octet FAR *contents = NULL;
-
-    if (!kssl_ctx)
-        return KSSL_CTX_ERR;
-
-    if (kssl_ctx->key) {
-        OPENSSL_cleanse(kssl_ctx->key, kssl_ctx->length);
-        kssl_free(kssl_ctx->key);
-    }
-
-    if (session) {
-
-# ifdef KRB5_HEIMDAL
-        length = session->keyvalue->length;
-        enctype = session->keytype;
-        contents = session->keyvalue->contents;
-# else
-        length = session->length;
-        enctype = session->enctype;
-        contents = session->contents;
-# endif
-        kssl_ctx->enctype = enctype;
-        kssl_ctx->length = length;
-    } else {
-        kssl_ctx->enctype = ENCTYPE_UNKNOWN;
-        kssl_ctx->length = 0;
-        return KSSL_CTX_OK;
-    }
-
-    if ((kssl_ctx->key =
-         (krb5_octet FAR *)kssl_calloc(1, kssl_ctx->length)) == NULL) {
-        kssl_ctx->length = 0;
-        return KSSL_CTX_ERR;
-    } else
-        memcpy(kssl_ctx->key, contents, length);
-
-    return KSSL_CTX_OK;
-}
-
-/*
- * Display contents of kssl_ctx struct
- */
-void kssl_ctx_show(KSSL_CTX *kssl_ctx)
-{
-    int i;
-
-    printf("kssl_ctx: ");
-    if (kssl_ctx == NULL) {
-        printf("NULL\n");
-        return;
-    } else
-        printf("%p\n", (void *)kssl_ctx);
-
-    printf("\tservice:\t%s\n",
-           (kssl_ctx->service_name) ? kssl_ctx->service_name : "NULL");
-    printf("\tclient:\t%s\n",
-           (kssl_ctx->client_princ) ? kssl_ctx->client_princ : "NULL");
-    printf("\tserver:\t%s\n",
-           (kssl_ctx->service_host) ? kssl_ctx->service_host : "NULL");
-    printf("\tkeytab:\t%s\n",
-           (kssl_ctx->keytab_file) ? kssl_ctx->keytab_file : "NULL");
-    printf("\tkey [%d:%d]:\t", kssl_ctx->enctype, kssl_ctx->length);
-
-    for (i = 0; i < kssl_ctx->length && kssl_ctx->key; i++) {
-        printf("%02x", kssl_ctx->key[i]);
-    }
-    printf("\n");
-    return;
-}
-
-int kssl_keytab_is_available(KSSL_CTX *kssl_ctx)
-{
-    krb5_context krb5context = NULL;
-    krb5_keytab krb5keytab = NULL;
-    krb5_keytab_entry entry;
-    krb5_principal princ = NULL;
-    krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC;
-    int rc = 0;
-
-    if ((krb5rc = krb5_init_context(&krb5context)))
-        return (0);
-
-    /*
-     * kssl_ctx->keytab_file == NULL ==> use Kerberos default
-     */
-    if (kssl_ctx->keytab_file) {
-        krb5rc = krb5_kt_resolve(krb5context, kssl_ctx->keytab_file,
-                                 &krb5keytab);
-        if (krb5rc)
-            goto exit;
-    } else {
-        krb5rc = krb5_kt_default(krb5context, &krb5keytab);
-        if (krb5rc)
-            goto exit;
-    }
-
-    /* the host key we are looking for */
-    krb5rc = krb5_sname_to_principal(krb5context, NULL,
-                                     kssl_ctx->
-                                     service_name ? kssl_ctx->service_name :
-                                     KRB5SVC, KRB5_NT_SRV_HST, &princ);
-
-    if (krb5rc)
-        goto exit;
-
-    krb5rc = krb5_kt_get_entry(krb5context, krb5keytab, princ,
-                               /* IGNORE_VNO */
-                               0,
-                               /* IGNORE_ENCTYPE */
-                               0, &entry);
-    if (krb5rc == KRB5_KT_NOTFOUND) {
-        rc = 1;
-        goto exit;
-    } else if (krb5rc)
-        goto exit;
-
-    krb5_kt_free_entry(krb5context, &entry);
-    rc = 1;
-
- exit:
-    if (krb5keytab)
-        krb5_kt_close(krb5context, krb5keytab);
-    if (princ)
-        krb5_free_principal(krb5context, princ);
-    if (krb5context)
-        krb5_free_context(krb5context);
-    return (rc);
-}
-
-int kssl_tgt_is_available(KSSL_CTX *kssl_ctx)
-{
-    krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC;
-    krb5_context krb5context = NULL;
-    krb5_ccache krb5ccdef = NULL;
-    krb5_creds krb5creds, *krb5credsp = NULL;
-    int rc = 0;
-
-    memset((char *)&krb5creds, 0, sizeof(krb5creds));
-
-    if (!kssl_ctx)
-        return (0);
-
-    if (!kssl_ctx->service_host)
-        return (0);
-
-    if ((krb5rc = krb5_init_context(&krb5context)) != 0)
-        goto err;
-
-    if ((krb5rc = krb5_sname_to_principal(krb5context,
-                                          kssl_ctx->service_host,
-                                          (kssl_ctx->service_name) ?
-                                          kssl_ctx->service_name : KRB5SVC,
-                                          KRB5_NT_SRV_HST,
-                                          &krb5creds.server)) != 0)
-        goto err;
-
-    if ((krb5rc = krb5_cc_default(krb5context, &krb5ccdef)) != 0)
-        goto err;
-
-    if ((krb5rc = krb5_cc_get_principal(krb5context, krb5ccdef,
-                                        &krb5creds.client)) != 0)
-        goto err;
-
-    if ((krb5rc = krb5_get_credentials(krb5context, 0, krb5ccdef,
-                                       &krb5creds, &krb5credsp)) != 0)
-        goto err;
-
-    rc = 1;
-
- err:
-# ifdef KSSL_DEBUG
-    kssl_ctx_show(kssl_ctx);
-# endif                         /* KSSL_DEBUG */
-
-    if (krb5creds.client)
-        krb5_free_principal(krb5context, krb5creds.client);
-    if (krb5creds.server)
-        krb5_free_principal(krb5context, krb5creds.server);
-    if (krb5context)
-        krb5_free_context(krb5context);
-    return (rc);
-}
-
-# if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_WIN32)
-void kssl_krb5_free_data_contents(krb5_context context, krb5_data *data)
-{
-#  ifdef KRB5_HEIMDAL
-    data->length = 0;
-    if (data->data)
-        free(data->data);
-#  elif defined(KRB5_MIT_OLD11)
-    if (data->data) {
-        krb5_xfree(data->data);
-        data->data = 0;
-    }
-#  else
-    krb5_free_data_contents(NULL, data);
-#  endif
-}
-# endif
-/* !OPENSSL_SYS_WINDOWS && !OPENSSL_SYS_WIN32 */
-
-/*
- * Given pointers to KerberosTime and struct tm structs, convert the
- * KerberosTime string to struct tm.  Note that KerberosTime is a
- * ASN1_GENERALIZEDTIME value, constrained to GMT with no fractional seconds
- * as defined in RFC 1510.  Return pointer to the (partially) filled in
- * struct tm on success, return NULL on failure.
- */
-static struct tm *k_gmtime(ASN1_GENERALIZEDTIME *gtime, struct tm *k_tm)
-{
-    char c, *p;
-
-    if (!k_tm)
-        return NULL;
-    if (gtime == NULL || gtime->length < 14)
-        return NULL;
-    if (gtime->data == NULL)
-        return NULL;
-
-    p = (char *)&gtime->data[14];
-
-    c = *p;
-    *p = '\0';
-    p -= 2;
-    k_tm->tm_sec = atoi(p);
-    *(p + 2) = c;
-    c = *p;
-    *p = '\0';
-    p -= 2;
-    k_tm->tm_min = atoi(p);
-    *(p + 2) = c;
-    c = *p;
-    *p = '\0';
-    p -= 2;
-    k_tm->tm_hour = atoi(p);
-    *(p + 2) = c;
-    c = *p;
-    *p = '\0';
-    p -= 2;
-    k_tm->tm_mday = atoi(p);
-    *(p + 2) = c;
-    c = *p;
-    *p = '\0';
-    p -= 2;
-    k_tm->tm_mon = atoi(p) - 1;
-    *(p + 2) = c;
-    c = *p;
-    *p = '\0';
-    p -= 4;
-    k_tm->tm_year = atoi(p) - 1900;
-    *(p + 4) = c;
-
-    return k_tm;
-}
-
-/*
- * Helper function for kssl_validate_times().  We need context->clockskew,
- * but krb5_context is an opaque struct.  So we try to sneek the clockskew
- * out through the replay cache.  If that fails just return a likely default
- * (300 seconds).
- */
-static krb5_deltat get_rc_clockskew(krb5_context context)
-{
-    krb5_rcache rc;
-    krb5_deltat clockskew;
-
-    if (krb5_rc_default(context, &rc))
-        return KSSL_CLOCKSKEW;
-    if (krb5_rc_initialize(context, rc, 0))
-        return KSSL_CLOCKSKEW;
-    if (krb5_rc_get_lifespan(context, rc, &clockskew)) {
-        clockskew = KSSL_CLOCKSKEW;
-    }
-    (void)krb5_rc_destroy(context, rc);
-    return clockskew;
-}
-
-/*
- * kssl_validate_times() combines (and more importantly exposes) the MIT KRB5
- * internal function krb5_validate_times() and the in_clock_skew() macro.
- * The authenticator client time is checked to be within clockskew secs of
- * the current time and the current time is checked to be within the ticket
- * start and expire times.  Either check may be omitted by supplying a NULL
- * value.  Returns 0 for valid times, SSL_R_KRB5* error codes otherwise.  See
- * Also: (Kerberos source)/krb5/lib/krb5/krb/valid_times.c 20010420 VRS
- */
-krb5_error_code kssl_validate_times(krb5_timestamp atime,
-                                    krb5_ticket_times *ttimes)
-{
-    krb5_deltat skew;
-    krb5_timestamp start, now;
-    krb5_error_code rc;
-    krb5_context context;
-
-    if ((rc = krb5_init_context(&context)))
-        return SSL_R_KRB5_S_BAD_TICKET;
-    skew = get_rc_clockskew(context);
-    if ((rc = krb5_timeofday(context, &now)))
-        return SSL_R_KRB5_S_BAD_TICKET;
-    krb5_free_context(context);
-
-    if (atime && labs(atime - now) >= skew)
-        return SSL_R_KRB5_S_TKT_SKEW;
-
-    if (!ttimes)
-        return 0;
-
-    start = (ttimes->starttime != 0) ? ttimes->starttime : ttimes->authtime;
-    if (start - now > skew)
-        return SSL_R_KRB5_S_TKT_NYV;
-    if ((now - ttimes->endtime) > skew)
-        return SSL_R_KRB5_S_TKT_EXPIRED;
-
-# ifdef KSSL_DEBUG
-    fprintf(stderr, "kssl_validate_times: %d |<-  | %d - %d | < %d  ->| %d\n",
-            start, atime, now, skew, ttimes->endtime);
-# endif                         /* KSSL_DEBUG */
-
-    return 0;
-}
-
-/*
- * Decode and decrypt given DER-encoded authenticator, then pass
- * authenticator ctime back in *atimep (or 0 if time unavailable).  Returns
- * krb5_error_code and kssl_err on error.  A NULL authenticator
- * (authentp->length == 0) is not considered an error.  Note that
- * kssl_check_authent() makes use of the KRB5 session key; you must call
- * kssl_sget_tkt() to get the key before calling this routine.
- */
-krb5_error_code kssl_check_authent(
-                                      /*
-                                       * IN
-                                       */ KSSL_CTX *kssl_ctx,
-                                      /*
-                                       * IN
-                                       */ krb5_data *authentp,
-                                      /*
-                                       * OUT
-                                       */ krb5_timestamp *atimep,
-                                      /*
-                                       * OUT
-                                       */ KSSL_ERR *kssl_err)
-{
-    krb5_error_code krb5rc = 0;
-    KRB5_ENCDATA *dec_authent = NULL;
-    KRB5_AUTHENTBODY *auth = NULL;
-    krb5_enctype enctype;
-    EVP_CIPHER_CTX ciph_ctx;
-    const EVP_CIPHER *enc = NULL;
-    unsigned char iv[EVP_MAX_IV_LENGTH];
-    const unsigned char *p;
-    unsigned char *unenc_authent;
-    int outl, unencbufsize;
-    struct tm tm_time, *tm_l, *tm_g;
-    time_t now, tl, tg, tr, tz_offset;
-
-    EVP_CIPHER_CTX_init(&ciph_ctx);
-    *atimep = 0;
-    kssl_err_set(kssl_err, 0, "");
-
-# ifndef KRB5CHECKAUTH
-    authentp = NULL;
-# else
-#  if     KRB5CHECKAUTH == 0
-    authentp = NULL;
-#  endif
-# endif                         /* KRB5CHECKAUTH */
-
-    if (authentp == NULL || authentp->length == 0)
-        return 0;
-
-# ifdef KSSL_DEBUG
-    {
-        unsigned int ui;
-        fprintf(stderr, "kssl_check_authent: authenticator[%d]:\n",
-                authentp->length);
-        p = authentp->data;
-        for (ui = 0; ui < authentp->length; ui++)
-            fprintf(stderr, "%02x ", p[ui]);
-        fprintf(stderr, "\n");
-    }
-# endif                         /* KSSL_DEBUG */
-
-    unencbufsize = 2 * authentp->length;
-    if ((unenc_authent = calloc(1, unencbufsize)) == NULL) {
-        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                     "Unable to allocate authenticator buffer.\n");
-        krb5rc = KRB5KRB_ERR_GENERIC;
-        goto err;
-    }
-
-    p = (unsigned char *)authentp->data;
-    if ((dec_authent = d2i_KRB5_ENCDATA(NULL, &p,
-                                        (long)authentp->length)) == NULL) {
-        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                     "Error decoding authenticator.\n");
-        krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
-        goto err;
-    }
-
-    enctype = dec_authent->etype->data[0]; /* should = kssl_ctx->enctype */
-# if !defined(KRB5_MIT_OLD11)
-    switch (enctype) {
-    case ENCTYPE_DES3_CBC_SHA1: /* EVP_des_ede3_cbc(); */
-    case ENCTYPE_DES3_CBC_SHA:
-    case ENCTYPE_DES3_CBC_RAW:
-        krb5rc = 0;             /* Skip, can't handle derived keys */
-        goto err;
-    }
-# endif
-    enc = kssl_map_enc(enctype);
-    memset(iv, 0, sizeof iv);   /* per RFC 1510 */
-
-    if (enc == NULL) {
-        /*
-         * Disable kssl_check_authent for ENCTYPE_DES3_CBC_SHA1.  This
-         * enctype indicates the authenticator was encrypted using key-usage
-         * derived keys which openssl cannot decrypt.
-         */
-        goto err;
-    }
-
-    if (!EVP_CipherInit(&ciph_ctx, enc, kssl_ctx->key, iv, 0)) {
-        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                     "EVP_CipherInit error decrypting authenticator.\n");
-        krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
-        goto err;
-    }
-    outl = dec_authent->cipher->length;
-    if (!EVP_Cipher
-        (&ciph_ctx, unenc_authent, dec_authent->cipher->data, outl)) {
-        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                     "EVP_Cipher error decrypting authenticator.\n");
-        krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
-        goto err;
-    }
-    EVP_CIPHER_CTX_cleanup(&ciph_ctx);
-
-# ifdef KSSL_DEBUG
-    {
-        int padl;
-        fprintf(stderr, "kssl_check_authent: decrypted authenticator[%d] =\n",
-                outl);
-        for (padl = 0; padl < outl; padl++)
-            fprintf(stderr, "%02x ", unenc_authent[padl]);
-        fprintf(stderr, "\n");
-    }
-# endif                         /* KSSL_DEBUG */
-
-    if ((p = kssl_skip_confound(enctype, unenc_authent)) == NULL) {
-        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                     "confounded by authenticator.\n");
-        krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
-        goto err;
-    }
-    outl -= p - unenc_authent;
-
-    if ((auth = (KRB5_AUTHENTBODY *)d2i_KRB5_AUTHENT(NULL, &p,
-                                                     (long)outl)) == NULL) {
-        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
-                     "Error decoding authenticator body.\n");
-        krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
-        goto err;
-    }
-
-    memset(&tm_time, 0, sizeof(struct tm));
-    if (k_gmtime(auth->ctime, &tm_time) &&
-        ((tr = mktime(&tm_time)) != (time_t)(-1))) {
-        now = time(&now);
-        tm_l = localtime(&now);
-        tl = mktime(tm_l);
-        tm_g = gmtime(&now);
-        tg = mktime(tm_g);
-        tz_offset = tg - tl;
-
-        *atimep = (krb5_timestamp)(tr - tz_offset);
-    }
-# ifdef KSSL_DEBUG
-    fprintf(stderr, "kssl_check_authent: returns %d for client time ",
-            *atimep);
-    if (auth && auth->ctime && auth->ctime->length && auth->ctime->data)
-        fprintf(stderr, "%.*s\n", auth->ctime->length, auth->ctime->data);
-    else
-        fprintf(stderr, "NULL\n");
-# endif                         /* KSSL_DEBUG */
-
- err:
-    if (auth)
-        KRB5_AUTHENT_free((KRB5_AUTHENT *) auth);
-    if (dec_authent)
-        KRB5_ENCDATA_free(dec_authent);
-    if (unenc_authent)
-        free(unenc_authent);
-    EVP_CIPHER_CTX_cleanup(&ciph_ctx);
-    return krb5rc;
-}
-
-/*
- * Replaces krb5_build_principal_ext(), with varargs length == 2 (svc, host),
- * because I don't know how to stub varargs.  Returns krb5_error_code ==
- * ENOMEM on alloc error, otherwise passes back newly constructed principal,
- * which should be freed by caller.
- */
-krb5_error_code kssl_build_principal_2(
-                                          /*
-                                           * UPDATE
-                                           */ krb5_context context,
-                                          /*
-                                           * OUT
-                                           */ krb5_principal *princ,
-                                          /*
-                                           * IN
-                                           */ int rlen, const char *realm,
-                                          /*
-                                           * IN
-                                           */ int slen, const char *svc,
-                                          /*
-                                           * IN
-                                           */ int hlen, const char *host)
-{
-    krb5_data *p_data = NULL;
-    krb5_principal new_p = NULL;
-    char *new_r = NULL;
-
-    if ((p_data = (krb5_data *)calloc(2, sizeof(krb5_data))) == NULL ||
-        (new_p = (krb5_principal)calloc(1, sizeof(krb5_principal_data)))
-        == NULL)
-        goto err;
-    new_p->length = 2;
-    new_p->data = p_data;
-
-    if ((new_r = calloc(1, rlen + 1)) == NULL)
-        goto err;
-    memcpy(new_r, realm, rlen);
-    krb5_princ_set_realm_length(context, new_p, rlen);
-    krb5_princ_set_realm_data(context, new_p, new_r);
-
-    if ((new_p->data[0].data = calloc(1, slen + 1)) == NULL)
-        goto err;
-    memcpy(new_p->data[0].data, svc, slen);
-    new_p->data[0].length = slen;
-
-    if ((new_p->data[1].data = calloc(1, hlen + 1)) == NULL)
-        goto err;
-    memcpy(new_p->data[1].data, host, hlen);
-    new_p->data[1].length = hlen;
-
-    krb5_princ_type(context, new_p) = KRB5_NT_UNKNOWN;
-    *princ = new_p;
-    return 0;
-
- err:
-    if (new_p && new_p[0].data)
-        free(new_p[0].data);
-    if (new_p && new_p[1].data)
-        free(new_p[1].data);
-    if (new_p)
-        free(new_p);
-    if (new_r)
-        free(new_r);
-    return ENOMEM;
-}
-
-void SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx)
-{
-    s->kssl_ctx = kctx;
-}
-
-KSSL_CTX *SSL_get0_kssl_ctx(SSL *s)
-{
-    return s->kssl_ctx;
-}
-
-char *kssl_ctx_get0_client_princ(KSSL_CTX *kctx)
-{
-    if (kctx)
-        return kctx->client_princ;
-    return NULL;
-}
-
-#else                           /* !OPENSSL_NO_KRB5 */
-
-# if defined(PEDANTIC) || defined(OPENSSL_SYS_VMS)
-static void *dummy = &dummy;
-# endif
-
-#endif                          /* !OPENSSL_NO_KRB5 */
diff --git a/thirdparty/openssl/ssl/kssl_lcl.h b/thirdparty/openssl/ssl/kssl_lcl.h
deleted file mode 100644
index 8e6a6d69e9..0000000000
--- a/thirdparty/openssl/ssl/kssl_lcl.h
+++ /dev/null
@@ -1,88 +0,0 @@
-/* ssl/kssl.h */
-/*
- * Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project
- * 2000. project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef KSSL_LCL_H
-# define KSSL_LCL_H
-
-# include <openssl/kssl.h>
-
-# ifndef OPENSSL_NO_KRB5
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Private (internal to OpenSSL) */
-void print_krb5_data(char *label, krb5_data *kdata);
-void print_krb5_authdata(char *label, krb5_authdata **adata);
-void print_krb5_keyblock(char *label, krb5_keyblock *keyblk);
-
-char *kstring(char *string);
-char *knumber(int len, krb5_octet *contents);
-
-const EVP_CIPHER *kssl_map_enc(krb5_enctype enctype);
-
-int kssl_keytab_is_available(KSSL_CTX *kssl_ctx);
-int kssl_tgt_is_available(KSSL_CTX *kssl_ctx);
-
-#ifdef  __cplusplus
-}
-#endif
-# endif                         /* OPENSSL_NO_KRB5 */
-#endif                          /* KSSL_LCL_H */
diff --git a/thirdparty/openssl/ssl/s23_clnt.c b/thirdparty/openssl/ssl/s23_clnt.c
deleted file mode 100644
index b80d1fd8ce..0000000000
--- a/thirdparty/openssl/ssl/s23_clnt.c
+++ /dev/null
@@ -1,805 +0,0 @@
-/* ssl/s23_clnt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-
-static const SSL_METHOD *ssl23_get_client_method(int ver);
-static int ssl23_client_hello(SSL *s);
-static int ssl23_get_server_hello(SSL *s);
-static const SSL_METHOD *ssl23_get_client_method(int ver)
-{
-#ifndef OPENSSL_NO_SSL2
-    if (ver == SSL2_VERSION)
-        return (SSLv2_client_method());
-#endif
-#ifndef OPENSSL_NO_SSL3
-    if (ver == SSL3_VERSION)
-        return (SSLv3_client_method());
-#endif
-    if (ver == TLS1_VERSION)
-        return (TLSv1_client_method());
-    else if (ver == TLS1_1_VERSION)
-        return (TLSv1_1_client_method());
-    else if (ver == TLS1_2_VERSION)
-        return (TLSv1_2_client_method());
-    else
-        return (NULL);
-}
-
-IMPLEMENT_ssl23_meth_func(SSLv23_client_method,
-                          ssl_undefined_function,
-                          ssl23_connect, ssl23_get_client_method)
-
-int ssl23_connect(SSL *s)
-{
-    BUF_MEM *buf = NULL;
-    unsigned long Time = (unsigned long)time(NULL);
-    void (*cb) (const SSL *ssl, int type, int val) = NULL;
-    int ret = -1;
-    int new_state, state;
-
-    RAND_add(&Time, sizeof(Time), 0);
-    ERR_clear_error();
-    clear_sys_error();
-
-    if (s->info_callback != NULL)
-        cb = s->info_callback;
-    else if (s->ctx->info_callback != NULL)
-        cb = s->ctx->info_callback;
-
-    s->in_handshake++;
-    if (!SSL_in_init(s) || SSL_in_before(s))
-        SSL_clear(s);
-
-    for (;;) {
-        state = s->state;
-
-        switch (s->state) {
-        case SSL_ST_BEFORE:
-        case SSL_ST_CONNECT:
-        case SSL_ST_BEFORE | SSL_ST_CONNECT:
-        case SSL_ST_OK | SSL_ST_CONNECT:
-
-            if (s->session != NULL) {
-                SSLerr(SSL_F_SSL23_CONNECT,
-                       SSL_R_SSL23_DOING_SESSION_ID_REUSE);
-                ret = -1;
-                goto end;
-            }
-            s->server = 0;
-            if (cb != NULL)
-                cb(s, SSL_CB_HANDSHAKE_START, 1);
-
-            /* s->version=TLS1_VERSION; */
-            s->type = SSL_ST_CONNECT;
-
-            if (s->init_buf == NULL) {
-                if ((buf = BUF_MEM_new()) == NULL) {
-                    ret = -1;
-                    goto end;
-                }
-                if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
-                    ret = -1;
-                    goto end;
-                }
-                s->init_buf = buf;
-                buf = NULL;
-            }
-
-            if (!ssl3_setup_buffers(s)) {
-                ret = -1;
-                goto end;
-            }
-
-            if (!ssl3_init_finished_mac(s)) {
-                ret = -1;
-                goto end;
-            }
-
-            s->state = SSL23_ST_CW_CLNT_HELLO_A;
-            s->ctx->stats.sess_connect++;
-            s->init_num = 0;
-            break;
-
-        case SSL23_ST_CW_CLNT_HELLO_A:
-        case SSL23_ST_CW_CLNT_HELLO_B:
-
-            s->shutdown = 0;
-            ret = ssl23_client_hello(s);
-            if (ret <= 0)
-                goto end;
-            s->state = SSL23_ST_CR_SRVR_HELLO_A;
-            s->init_num = 0;
-
-            break;
-
-        case SSL23_ST_CR_SRVR_HELLO_A:
-        case SSL23_ST_CR_SRVR_HELLO_B:
-            ret = ssl23_get_server_hello(s);
-            if (ret >= 0)
-                cb = NULL;
-            goto end;
-            /* break; */
-
-        default:
-            SSLerr(SSL_F_SSL23_CONNECT, SSL_R_UNKNOWN_STATE);
-            ret = -1;
-            goto end;
-            /* break; */
-        }
-
-        if (s->debug) {
-            (void)BIO_flush(s->wbio);
-        }
-
-        if ((cb != NULL) && (s->state != state)) {
-            new_state = s->state;
-            s->state = state;
-            cb(s, SSL_CB_CONNECT_LOOP, 1);
-            s->state = new_state;
-        }
-    }
- end:
-    s->in_handshake--;
-    if (buf != NULL)
-        BUF_MEM_free(buf);
-    if (cb != NULL)
-        cb(s, SSL_CB_CONNECT_EXIT, ret);
-    return (ret);
-}
-
-static int ssl23_no_ssl2_ciphers(SSL *s)
-{
-    SSL_CIPHER *cipher;
-    STACK_OF(SSL_CIPHER) *ciphers;
-    int i;
-    ciphers = SSL_get_ciphers(s);
-    for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
-        cipher = sk_SSL_CIPHER_value(ciphers, i);
-        if (cipher->algorithm_ssl == SSL_SSLV2)
-            return 0;
-    }
-    return 1;
-}
-
-/*
- * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 on
- * failure, 1 on success.
- */
-int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len)
-{
-    int send_time = 0;
-    if (len < 4)
-        return 0;
-    if (server)
-        send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0;
-    else
-        send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0;
-    if (send_time) {
-        unsigned long Time = (unsigned long)time(NULL);
-        unsigned char *p = result;
-        l2n(Time, p);
-        return RAND_bytes(p, len - 4);
-    } else
-        return RAND_bytes(result, len);
-}
-
-static int ssl23_client_hello(SSL *s)
-{
-    unsigned char *buf;
-    unsigned char *p, *d;
-    int i, ch_len;
-    unsigned long l;
-    int ssl2_compat;
-    int version = 0, version_major, version_minor;
-    int al = 0;
-#ifndef OPENSSL_NO_COMP
-    int j;
-    SSL_COMP *comp;
-#endif
-    int ret;
-    unsigned long mask, options = s->options;
-
-    ssl2_compat = (options & SSL_OP_NO_SSLv2) ? 0 : 1;
-
-    if (ssl2_compat && ssl23_no_ssl2_ciphers(s))
-        ssl2_compat = 0;
-
-    /*
-     * SSL_OP_NO_X disables all protocols above X *if* there are
-     * some protocols below X enabled. This is required in order
-     * to maintain "version capability" vector contiguous. So
-     * that if application wants to disable TLS1.0 in favour of
-     * TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the
-     * answer is SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2.
-     */
-    mask = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1
-#if !defined(OPENSSL_NO_SSL3)
-        | SSL_OP_NO_SSLv3
-#endif
-#if !defined(OPENSSL_NO_SSL2)
-        | (ssl2_compat ? SSL_OP_NO_SSLv2 : 0)
-#endif
-        ;
-#if !defined(OPENSSL_NO_TLS1_2_CLIENT)
-    version = TLS1_2_VERSION;
-
-    if ((options & SSL_OP_NO_TLSv1_2) && (options & mask) != mask)
-        version = TLS1_1_VERSION;
-#else
-    version = TLS1_1_VERSION;
-#endif
-    mask &= ~SSL_OP_NO_TLSv1_1;
-    if ((options & SSL_OP_NO_TLSv1_1) && (options & mask) != mask)
-        version = TLS1_VERSION;
-    mask &= ~SSL_OP_NO_TLSv1;
-#if !defined(OPENSSL_NO_SSL3)
-    if ((options & SSL_OP_NO_TLSv1) && (options & mask) != mask)
-        version = SSL3_VERSION;
-    mask &= ~SSL_OP_NO_SSLv3;
-#endif
-#if !defined(OPENSSL_NO_SSL2)
-    if ((options & SSL_OP_NO_SSLv3) && (options & mask) != mask)
-        version = SSL2_VERSION;
-#endif
-
-#ifndef OPENSSL_NO_TLSEXT
-    if (version != SSL2_VERSION) {
-        /*
-         * have to disable SSL 2.0 compatibility if we need TLS extensions
-         */
-
-        if (s->tlsext_hostname != NULL)
-            ssl2_compat = 0;
-        if (s->tlsext_status_type != -1)
-            ssl2_compat = 0;
-# ifdef TLSEXT_TYPE_opaque_prf_input
-        if (s->ctx->tlsext_opaque_prf_input_callback != 0
-            || s->tlsext_opaque_prf_input != NULL)
-            ssl2_compat = 0;
-# endif
-        if (s->cert->cli_ext.meths_count != 0)
-            ssl2_compat = 0;
-    }
-#endif
-
-    buf = (unsigned char *)s->init_buf->data;
-    if (s->state == SSL23_ST_CW_CLNT_HELLO_A) {
-        /*
-         * Since we're sending s23 client hello, we're not reusing a session, as
-         * we'd be using the method from the saved session instead
-         */
-        if (!ssl_get_new_session(s, 0)) {
-            return -1;
-        }
-
-        p = s->s3->client_random;
-        if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0)
-            return -1;
-
-        if (version == TLS1_2_VERSION) {
-            version_major = TLS1_2_VERSION_MAJOR;
-            version_minor = TLS1_2_VERSION_MINOR;
-        } else if (tls1_suiteb(s)) {
-            SSLerr(SSL_F_SSL23_CLIENT_HELLO,
-                   SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE);
-            return -1;
-        } else if (version == TLS1_1_VERSION) {
-            version_major = TLS1_1_VERSION_MAJOR;
-            version_minor = TLS1_1_VERSION_MINOR;
-        } else if (version == TLS1_VERSION) {
-            version_major = TLS1_VERSION_MAJOR;
-            version_minor = TLS1_VERSION_MINOR;
-        }
-#ifdef OPENSSL_FIPS
-        else if (FIPS_mode()) {
-            SSLerr(SSL_F_SSL23_CLIENT_HELLO,
-                   SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
-            return -1;
-        }
-#endif
-        else if (version == SSL3_VERSION) {
-            version_major = SSL3_VERSION_MAJOR;
-            version_minor = SSL3_VERSION_MINOR;
-        } else if (version == SSL2_VERSION) {
-            version_major = SSL2_VERSION_MAJOR;
-            version_minor = SSL2_VERSION_MINOR;
-        } else {
-            SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_PROTOCOLS_AVAILABLE);
-            return (-1);
-        }
-
-        s->client_version = version;
-
-        if (ssl2_compat) {
-            /* create SSL 2.0 compatible Client Hello */
-
-            /* two byte record header will be written last */
-            d = &(buf[2]);
-            p = d + 9;          /* leave space for message type, version,
-                                 * individual length fields */
-
-            *(d++) = SSL2_MT_CLIENT_HELLO;
-            *(d++) = version_major;
-            *(d++) = version_minor;
-
-            /* Ciphers supported */
-            i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), p, 0);
-            if (i == 0) {
-                /* no ciphers */
-                SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
-                return -1;
-            }
-            s2n(i, d);
-            p += i;
-
-            /*
-             * put in the session-id length (zero since there is no reuse)
-             */
-            s2n(0, d);
-
-            if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
-                ch_len = SSL2_CHALLENGE_LENGTH;
-            else
-                ch_len = SSL2_MAX_CHALLENGE_LENGTH;
-
-            /* write out sslv2 challenge */
-            /*
-             * Note that ch_len must be <= SSL3_RANDOM_SIZE (32), because it
-             * is one of SSL2_MAX_CHALLENGE_LENGTH (32) or
-             * SSL2_MAX_CHALLENGE_LENGTH (16), but leave the check in for
-             * futurproofing
-             */
-            if (SSL3_RANDOM_SIZE < ch_len)
-                i = SSL3_RANDOM_SIZE;
-            else
-                i = ch_len;
-            s2n(i, d);
-            memset(&(s->s3->client_random[0]), 0, SSL3_RANDOM_SIZE);
-            if (RAND_bytes (&(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i)
-                    <= 0)
-                return -1;
-
-            memcpy(p, &(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i);
-            p += i;
-
-            i = p - &(buf[2]);
-            buf[0] = ((i >> 8) & 0xff) | 0x80;
-            buf[1] = (i & 0xff);
-
-            /* number of bytes to write */
-            s->init_num = i + 2;
-            s->init_off = 0;
-
-            ssl3_finish_mac(s, &(buf[2]), i);
-        } else {
-            /* create Client Hello in SSL 3.0/TLS 1.0 format */
-
-            /*
-             * do the record header (5 bytes) and handshake message header (4
-             * bytes) last
-             */
-            d = p = &(buf[9]);
-
-            *(p++) = version_major;
-            *(p++) = version_minor;
-
-            /* Random stuff */
-            memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
-            p += SSL3_RANDOM_SIZE;
-
-            /* Session ID (zero since there is no reuse) */
-            *(p++) = 0;
-
-            /* Ciphers supported (using SSL 3.0/TLS 1.0 format) */
-            i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]),
-                                         ssl3_put_cipher_by_char);
-            if (i == 0) {
-                SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
-                return -1;
-            }
-#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH
-            /*
-             * Some servers hang if client hello > 256 bytes as hack
-             * workaround chop number of supported ciphers to keep it well
-             * below this if we use TLS v1.2
-             */
-            if (TLS1_get_version(s) >= TLS1_2_VERSION
-                && i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
-                i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
-#endif
-            s2n(i, p);
-            p += i;
-
-            /* COMPRESSION */
-#ifdef OPENSSL_NO_COMP
-            *(p++) = 1;
-#else
-            if ((s->options & SSL_OP_NO_COMPRESSION)
-                || !s->ctx->comp_methods)
-                j = 0;
-            else
-                j = sk_SSL_COMP_num(s->ctx->comp_methods);
-            *(p++) = 1 + j;
-            for (i = 0; i < j; i++) {
-                comp = sk_SSL_COMP_value(s->ctx->comp_methods, i);
-                *(p++) = comp->id;
-            }
-#endif
-            *(p++) = 0;         /* Add the NULL method */
-
-#ifndef OPENSSL_NO_TLSEXT
-            /* TLS extensions */
-            if (ssl_prepare_clienthello_tlsext(s) <= 0) {
-                SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
-                return -1;
-            }
-            if ((p =
-                 ssl_add_clienthello_tlsext(s, p,
-                                            buf + SSL3_RT_MAX_PLAIN_LENGTH,
-                                            &al)) == NULL) {
-                ssl3_send_alert(s, SSL3_AL_FATAL, al);
-                SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
-                return -1;
-            }
-#endif
-
-            l = p - d;
-
-            /* fill in 4-byte handshake header */
-            d = &(buf[5]);
-            *(d++) = SSL3_MT_CLIENT_HELLO;
-            l2n3(l, d);
-
-            l += 4;
-
-            if (l > SSL3_RT_MAX_PLAIN_LENGTH) {
-                SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
-                return -1;
-            }
-
-            /* fill in 5-byte record header */
-            d = buf;
-            *(d++) = SSL3_RT_HANDSHAKE;
-            *(d++) = version_major;
-            /*
-             * Some servers hang if we use long client hellos and a record
-             * number > TLS 1.0.
-             */
-            if (TLS1_get_client_version(s) > TLS1_VERSION)
-                *(d++) = 1;
-            else
-                *(d++) = version_minor;
-            s2n((int)l, d);
-
-            /* number of bytes to write */
-            s->init_num = p - buf;
-            s->init_off = 0;
-
-            ssl3_finish_mac(s, &(buf[5]), s->init_num - 5);
-        }
-
-        s->state = SSL23_ST_CW_CLNT_HELLO_B;
-        s->init_off = 0;
-    }
-
-    /* SSL3_ST_CW_CLNT_HELLO_B */
-    ret = ssl23_write_bytes(s);
-
-    if ((ret >= 2) && s->msg_callback) {
-        /* Client Hello has been sent; tell msg_callback */
-
-        if (ssl2_compat)
-            s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data + 2,
-                            ret - 2, s, s->msg_callback_arg);
-        else {
-            s->msg_callback(1, version, SSL3_RT_HEADER, s->init_buf->data, 5,
-                            s, s->msg_callback_arg);
-            s->msg_callback(1, version, SSL3_RT_HANDSHAKE,
-                            s->init_buf->data + 5, ret - 5, s,
-                            s->msg_callback_arg);
-        }
-    }
-
-    return ret;
-}
-
-static int ssl23_get_server_hello(SSL *s)
-{
-    char buf[8];
-    unsigned char *p;
-    int i;
-    int n;
-
-    n = ssl23_read_bytes(s, 7);
-
-    if (n != 7)
-        return (n);
-    p = s->packet;
-
-    memcpy(buf, p, n);
-
-    if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
-        (p[5] == 0x00) && (p[6] == 0x02)) {
-#ifdef OPENSSL_NO_SSL2
-        SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
-        goto err;
-#else
-        /* we are talking sslv2 */
-        /*
-         * we need to clean up the SSLv3 setup and put in the sslv2 stuff.
-         */
-        int ch_len;
-
-        if (s->options & SSL_OP_NO_SSLv2) {
-            SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
-            goto err;
-        }
-        if (s->s2 == NULL) {
-            if (!ssl2_new(s))
-                goto err;
-        } else
-            ssl2_clear(s);
-
-        if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
-            ch_len = SSL2_CHALLENGE_LENGTH;
-        else
-            ch_len = SSL2_MAX_CHALLENGE_LENGTH;
-
-        /* write out sslv2 challenge */
-        /*
-         * Note that ch_len must be <= SSL3_RANDOM_SIZE (32), because it is
-         * one of SSL2_MAX_CHALLENGE_LENGTH (32) or SSL2_MAX_CHALLENGE_LENGTH
-         * (16), but leave the check in for futurproofing
-         */
-        i = (SSL3_RANDOM_SIZE < ch_len)
-            ? SSL3_RANDOM_SIZE : ch_len;
-        s->s2->challenge_length = i;
-        memcpy(s->s2->challenge,
-               &(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i);
-
-        if (s->s3 != NULL)
-            ssl3_free(s);
-
-        if (!BUF_MEM_grow_clean(s->init_buf,
-                                SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
-            SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, ERR_R_BUF_LIB);
-            goto err;
-        }
-
-        s->state = SSL2_ST_GET_SERVER_HELLO_A;
-        if (!(s->client_version == SSL2_VERSION))
-            /*
-             * use special padding (SSL 3.0 draft/RFC 2246, App. E.2)
-             */
-            s->s2->ssl2_rollback = 1;
-
-        /*
-         * setup the 7 bytes we have read so we get them from the sslv2
-         * buffer
-         */
-        s->rstate = SSL_ST_READ_HEADER;
-        s->packet_length = n;
-        s->packet = &(s->s2->rbuf[0]);
-        memcpy(s->packet, buf, n);
-        s->s2->rbuf_left = n;
-        s->s2->rbuf_offs = 0;
-
-        /* we have already written one */
-        s->s2->write_sequence = 1;
-
-        s->method = SSLv2_client_method();
-        s->handshake_func = s->method->ssl_connect;
-#endif
-    } else if (p[1] == SSL3_VERSION_MAJOR &&
-               p[2] <= TLS1_2_VERSION_MINOR &&
-               ((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) ||
-                (p[0] == SSL3_RT_ALERT && p[3] == 0 && p[4] == 2))) {
-        /* we have sslv3 or tls1 (server hello or alert) */
-
-#ifndef OPENSSL_NO_SSL3
-        if ((p[2] == SSL3_VERSION_MINOR) && !(s->options & SSL_OP_NO_SSLv3)) {
-# ifdef OPENSSL_FIPS
-            if (FIPS_mode()) {
-                SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
-                       SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
-                goto err;
-            }
-# endif
-            s->version = SSL3_VERSION;
-            s->method = SSLv3_client_method();
-        } else
-#endif
-        if ((p[2] == TLS1_VERSION_MINOR) && !(s->options & SSL_OP_NO_TLSv1)) {
-            s->version = TLS1_VERSION;
-            s->method = TLSv1_client_method();
-        } else if ((p[2] == TLS1_1_VERSION_MINOR) &&
-                   !(s->options & SSL_OP_NO_TLSv1_1)) {
-            s->version = TLS1_1_VERSION;
-            s->method = TLSv1_1_client_method();
-        } else if ((p[2] == TLS1_2_VERSION_MINOR) &&
-                   !(s->options & SSL_OP_NO_TLSv1_2)) {
-            s->version = TLS1_2_VERSION;
-            s->method = TLSv1_2_client_method();
-        } else {
-            SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
-            goto err;
-        }
-
-        s->session->ssl_version = s->version;
-
-        /* ensure that TLS_MAX_VERSION is up-to-date */
-        OPENSSL_assert(s->version <= TLS_MAX_VERSION);
-
-        if (p[0] == SSL3_RT_ALERT && p[5] != SSL3_AL_WARNING) {
-            /* fatal alert */
-
-            void (*cb) (const SSL *ssl, int type, int val) = NULL;
-            int j;
-
-            if (s->info_callback != NULL)
-                cb = s->info_callback;
-            else if (s->ctx->info_callback != NULL)
-                cb = s->ctx->info_callback;
-
-            i = p[5];
-            if (cb != NULL) {
-                j = (i << 8) | p[6];
-                cb(s, SSL_CB_READ_ALERT, j);
-            }
-
-            if (s->msg_callback) {
-                s->msg_callback(0, s->version, SSL3_RT_HEADER, p, 5, s,
-                                s->msg_callback_arg);
-                s->msg_callback(0, s->version, SSL3_RT_ALERT, p + 5, 2, s,
-                                s->msg_callback_arg);
-            }
-
-            s->rwstate = SSL_NOTHING;
-            SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_AD_REASON_OFFSET + p[6]);
-            goto err;
-        }
-
-        if (!ssl_init_wbio_buffer(s, 1))
-            goto err;
-
-        /* we are in this state */
-        s->state = SSL3_ST_CR_SRVR_HELLO_A;
-
-        /*
-         * put the 7 bytes we have read into the input buffer for SSLv3
-         */
-        s->rstate = SSL_ST_READ_HEADER;
-        s->packet_length = n;
-        if (s->s3->rbuf.buf == NULL)
-            if (!ssl3_setup_read_buffer(s))
-                goto err;
-        s->packet = &(s->s3->rbuf.buf[0]);
-        memcpy(s->packet, buf, n);
-        s->s3->rbuf.left = n;
-        s->s3->rbuf.offset = 0;
-
-        s->handshake_func = s->method->ssl_connect;
-    } else {
-        SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNKNOWN_PROTOCOL);
-        goto err;
-    }
-    s->init_num = 0;
-
-    return (SSL_connect(s));
- err:
-    return (-1);
-}
diff --git a/thirdparty/openssl/ssl/s23_lib.c b/thirdparty/openssl/ssl/s23_lib.c
deleted file mode 100644
index 9056d39e83..0000000000
--- a/thirdparty/openssl/ssl/s23_lib.c
+++ /dev/null
@@ -1,185 +0,0 @@
-/* ssl/s23_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include "ssl_locl.h"
-
-long ssl23_default_timeout(void)
-{
-    return (300);
-}
-
-int ssl23_num_ciphers(void)
-{
-    return (ssl3_num_ciphers()
-#ifndef OPENSSL_NO_SSL2
-            + ssl2_num_ciphers()
-#endif
-        );
-}
-
-const SSL_CIPHER *ssl23_get_cipher(unsigned int u)
-{
-    unsigned int uu = ssl3_num_ciphers();
-
-    if (u < uu)
-        return (ssl3_get_cipher(u));
-    else
-#ifndef OPENSSL_NO_SSL2
-        return (ssl2_get_cipher(u - uu));
-#else
-        return (NULL);
-#endif
-}
-
-/*
- * This function needs to check if the ciphers required are actually
- * available
- */
-const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
-{
-    const SSL_CIPHER *cp;
-
-    cp = ssl3_get_cipher_by_char(p);
-#ifndef OPENSSL_NO_SSL2
-    if (cp == NULL)
-        cp = ssl2_get_cipher_by_char(p);
-#endif
-    return (cp);
-}
-
-int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
-{
-    long l;
-
-    /* We can write SSLv2 and SSLv3 ciphers */
-    /* but no ECC ciphers */
-    if (c->algorithm_mkey == SSL_kECDHr ||
-        c->algorithm_mkey == SSL_kECDHe ||
-        c->algorithm_mkey == SSL_kEECDH ||
-        c->algorithm_auth == SSL_aECDH || c->algorithm_auth == SSL_aECDSA)
-        return 0;
-    if (p != NULL) {
-        l = c->id;
-        p[0] = ((unsigned char)(l >> 16L)) & 0xFF;
-        p[1] = ((unsigned char)(l >> 8L)) & 0xFF;
-        p[2] = ((unsigned char)(l)) & 0xFF;
-    }
-    return (3);
-}
-
-int ssl23_read(SSL *s, void *buf, int len)
-{
-    int n;
-
-    clear_sys_error();
-    if (SSL_in_init(s) && (!s->in_handshake)) {
-        n = s->handshake_func(s);
-        if (n < 0)
-            return (n);
-        if (n == 0) {
-            SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE);
-            return (-1);
-        }
-        return (SSL_read(s, buf, len));
-    } else {
-        ssl_undefined_function(s);
-        return (-1);
-    }
-}
-
-int ssl23_peek(SSL *s, void *buf, int len)
-{
-    int n;
-
-    clear_sys_error();
-    if (SSL_in_init(s) && (!s->in_handshake)) {
-        n = s->handshake_func(s);
-        if (n < 0)
-            return (n);
-        if (n == 0) {
-            SSLerr(SSL_F_SSL23_PEEK, SSL_R_SSL_HANDSHAKE_FAILURE);
-            return (-1);
-        }
-        return (SSL_peek(s, buf, len));
-    } else {
-        ssl_undefined_function(s);
-        return (-1);
-    }
-}
-
-int ssl23_write(SSL *s, const void *buf, int len)
-{
-    int n;
-
-    clear_sys_error();
-    if (SSL_in_init(s) && (!s->in_handshake)) {
-        n = s->handshake_func(s);
-        if (n < 0)
-            return (n);
-        if (n == 0) {
-            SSLerr(SSL_F_SSL23_WRITE, SSL_R_SSL_HANDSHAKE_FAILURE);
-            return (-1);
-        }
-        return (SSL_write(s, buf, len));
-    } else {
-        ssl_undefined_function(s);
-        return (-1);
-    }
-}
diff --git a/thirdparty/openssl/ssl/s23_meth.c b/thirdparty/openssl/ssl/s23_meth.c
deleted file mode 100644
index eb76098792..0000000000
--- a/thirdparty/openssl/ssl/s23_meth.c
+++ /dev/null
@@ -1,89 +0,0 @@
-/* ssl/s23_meth.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include "ssl_locl.h"
-
-static const SSL_METHOD *ssl23_get_method(int ver);
-static const SSL_METHOD *ssl23_get_method(int ver)
-{
-#ifndef OPENSSL_NO_SSL2
-    if (ver == SSL2_VERSION)
-        return (SSLv2_method());
-    else
-#endif
-#ifndef OPENSSL_NO_SSL3
-    if (ver == SSL3_VERSION)
-        return (SSLv3_method());
-    else
-#endif
-#ifndef OPENSSL_NO_TLS1
-    if (ver == TLS1_VERSION)
-        return (TLSv1_method());
-    else if (ver == TLS1_1_VERSION)
-        return (TLSv1_1_method());
-    else if (ver == TLS1_2_VERSION)
-        return (TLSv1_2_method());
-    else
-#endif
-        return (NULL);
-}
-
-IMPLEMENT_ssl23_meth_func(SSLv23_method,
-                          ssl23_accept, ssl23_connect, ssl23_get_method)
diff --git a/thirdparty/openssl/ssl/s23_pkt.c b/thirdparty/openssl/ssl/s23_pkt.c
deleted file mode 100644
index 6544180efe..0000000000
--- a/thirdparty/openssl/ssl/s23_pkt.c
+++ /dev/null
@@ -1,119 +0,0 @@
-/* ssl/s23_pkt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include "ssl_locl.h"
-#include <openssl/evp.h>
-#include <openssl/buffer.h>
-
-/*
- * Return values are as per SSL_write()
- */
-int ssl23_write_bytes(SSL *s)
-{
-    int i, num, tot;
-    char *buf;
-
-    buf = s->init_buf->data;
-    tot = s->init_off;
-    num = s->init_num;
-    for (;;) {
-        s->rwstate = SSL_WRITING;
-        i = BIO_write(s->wbio, &(buf[tot]), num);
-        if (i <= 0) {
-            s->init_off = tot;
-            s->init_num = num;
-            return i;
-        }
-        s->rwstate = SSL_NOTHING;
-        if (i == num)
-            return (tot + i);
-
-        num -= i;
-        tot += i;
-    }
-}
-
-/* return regularly only when we have read (at least) 'n' bytes
- *
- * Return values are as per SSL_read()
- */
-int ssl23_read_bytes(SSL *s, int n)
-{
-    unsigned char *p;
-    int j;
-
-    if (s->packet_length < (unsigned int)n) {
-        p = s->packet;
-
-        for (;;) {
-            s->rwstate = SSL_READING;
-            j = BIO_read(s->rbio, (char *)&(p[s->packet_length]),
-                         n - s->packet_length);
-            if (j <= 0)
-                return j;
-            s->rwstate = SSL_NOTHING;
-            s->packet_length += j;
-            if (s->packet_length >= (unsigned int)n)
-                return (s->packet_length);
-        }
-    }
-    return (n);
-}
diff --git a/thirdparty/openssl/ssl/s23_srvr.c b/thirdparty/openssl/ssl/s23_srvr.c
deleted file mode 100644
index d3f6db15cc..0000000000
--- a/thirdparty/openssl/ssl/s23_srvr.c
+++ /dev/null
@@ -1,655 +0,0 @@
-/* ssl/s23_srvr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-
-static const SSL_METHOD *ssl23_get_server_method(int ver);
-int ssl23_get_client_hello(SSL *s);
-static const SSL_METHOD *ssl23_get_server_method(int ver)
-{
-#ifndef OPENSSL_NO_SSL2
-    if (ver == SSL2_VERSION)
-        return (SSLv2_server_method());
-#endif
-#ifndef OPENSSL_NO_SSL3
-    if (ver == SSL3_VERSION)
-        return (SSLv3_server_method());
-#endif
-    if (ver == TLS1_VERSION)
-        return (TLSv1_server_method());
-    else if (ver == TLS1_1_VERSION)
-        return (TLSv1_1_server_method());
-    else if (ver == TLS1_2_VERSION)
-        return (TLSv1_2_server_method());
-    else
-        return (NULL);
-}
-
-IMPLEMENT_ssl23_meth_func(SSLv23_server_method,
-                          ssl23_accept,
-                          ssl_undefined_function, ssl23_get_server_method)
-
-int ssl23_accept(SSL *s)
-{
-    BUF_MEM *buf;
-    unsigned long Time = (unsigned long)time(NULL);
-    void (*cb) (const SSL *ssl, int type, int val) = NULL;
-    int ret = -1;
-    int new_state, state;
-
-    RAND_add(&Time, sizeof(Time), 0);
-    ERR_clear_error();
-    clear_sys_error();
-
-    if (s->info_callback != NULL)
-        cb = s->info_callback;
-    else if (s->ctx->info_callback != NULL)
-        cb = s->ctx->info_callback;
-
-    s->in_handshake++;
-    if (!SSL_in_init(s) || SSL_in_before(s))
-        SSL_clear(s);
-
-    for (;;) {
-        state = s->state;
-
-        switch (s->state) {
-        case SSL_ST_BEFORE:
-        case SSL_ST_ACCEPT:
-        case SSL_ST_BEFORE | SSL_ST_ACCEPT:
-        case SSL_ST_OK | SSL_ST_ACCEPT:
-
-            s->server = 1;
-            if (cb != NULL)
-                cb(s, SSL_CB_HANDSHAKE_START, 1);
-
-            /* s->version=SSL3_VERSION; */
-            s->type = SSL_ST_ACCEPT;
-
-            if (s->init_buf == NULL) {
-                if ((buf = BUF_MEM_new()) == NULL) {
-                    ret = -1;
-                    goto end;
-                }
-                if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
-                    BUF_MEM_free(buf);
-                    ret = -1;
-                    goto end;
-                }
-                s->init_buf = buf;
-            }
-
-            if (!ssl3_init_finished_mac(s)) {
-                ret = -1;
-                goto end;
-            }
-
-            s->state = SSL23_ST_SR_CLNT_HELLO_A;
-            s->ctx->stats.sess_accept++;
-            s->init_num = 0;
-            break;
-
-        case SSL23_ST_SR_CLNT_HELLO_A:
-        case SSL23_ST_SR_CLNT_HELLO_B:
-
-            s->shutdown = 0;
-            ret = ssl23_get_client_hello(s);
-            if (ret >= 0)
-                cb = NULL;
-            goto end;
-            /* break; */
-
-        default:
-            SSLerr(SSL_F_SSL23_ACCEPT, SSL_R_UNKNOWN_STATE);
-            ret = -1;
-            goto end;
-            /* break; */
-        }
-
-        if ((cb != NULL) && (s->state != state)) {
-            new_state = s->state;
-            s->state = state;
-            cb(s, SSL_CB_ACCEPT_LOOP, 1);
-            s->state = new_state;
-        }
-    }
- end:
-    s->in_handshake--;
-    if (cb != NULL)
-        cb(s, SSL_CB_ACCEPT_EXIT, ret);
-    return (ret);
-}
-
-int ssl23_get_client_hello(SSL *s)
-{
-    /*-
-     * Request this many bytes in initial read.
-     * We can detect SSL 3.0/TLS 1.0 Client Hellos
-     * ('type == 3') correctly only when the following
-     * is in a single record, which is not guaranteed by
-     * the protocol specification:
-     * Byte  Content
-     *  0     type            \
-     *  1/2   version          > record header
-     *  3/4   length          /
-     *  5     msg_type        \
-     *  6-8   length           > Client Hello message
-     *  9/10  client_version  /
-     */
-    char buf_space[11];
-    char *buf = &(buf_space[0]);
-    unsigned char *p, *d, *d_len, *dd;
-    unsigned int i;
-    unsigned int csl, sil, cl;
-    int n = 0, j;
-    int type = 0;
-    int v[2];
-
-    if (s->state == SSL23_ST_SR_CLNT_HELLO_A) {
-        /* read the initial header */
-        v[0] = v[1] = 0;
-
-        if (!ssl3_setup_buffers(s))
-            goto err;
-
-        n = ssl23_read_bytes(s, sizeof buf_space);
-        if (n != sizeof buf_space)
-            return (n);         /* n == -1 || n == 0 */
-
-        p = s->packet;
-
-        memcpy(buf, p, n);
-
-        if ((p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO)) {
-            /*
-             * SSLv2 header
-             */
-            if ((p[3] == 0x00) && (p[4] == 0x02)) {
-                v[0] = p[3];
-                v[1] = p[4];
-                /* SSLv2 */
-                if (!(s->options & SSL_OP_NO_SSLv2))
-                    type = 1;
-            } else if (p[3] == SSL3_VERSION_MAJOR) {
-                v[0] = p[3];
-                v[1] = p[4];
-                /* SSLv3/TLSv1 */
-                if (p[4] >= TLS1_VERSION_MINOR) {
-                    if (p[4] >= TLS1_2_VERSION_MINOR &&
-                        !(s->options & SSL_OP_NO_TLSv1_2)) {
-                        s->version = TLS1_2_VERSION;
-                        s->state = SSL23_ST_SR_CLNT_HELLO_B;
-                    } else if (p[4] >= TLS1_1_VERSION_MINOR &&
-                               !(s->options & SSL_OP_NO_TLSv1_1)) {
-                        s->version = TLS1_1_VERSION;
-                        /*
-                         * type=2;
-                         *//*
-                         * done later to survive restarts
-                         */
-                        s->state = SSL23_ST_SR_CLNT_HELLO_B;
-                    } else if (!(s->options & SSL_OP_NO_TLSv1)) {
-                        s->version = TLS1_VERSION;
-                        /*
-                         * type=2;
-                         *//*
-                         * done later to survive restarts
-                         */
-                        s->state = SSL23_ST_SR_CLNT_HELLO_B;
-                    } else if (!(s->options & SSL_OP_NO_SSLv3)) {
-                        s->version = SSL3_VERSION;
-                        /* type=2; */
-                        s->state = SSL23_ST_SR_CLNT_HELLO_B;
-                    } else if (!(s->options & SSL_OP_NO_SSLv2)) {
-                        type = 1;
-                    }
-                } else if (!(s->options & SSL_OP_NO_SSLv3)) {
-                    s->version = SSL3_VERSION;
-                    /* type=2; */
-                    s->state = SSL23_ST_SR_CLNT_HELLO_B;
-                } else if (!(s->options & SSL_OP_NO_SSLv2))
-                    type = 1;
-
-            }
-        }
-        /* p[4] < 5 ... silly record length? */
-        else if ((p[0] == SSL3_RT_HANDSHAKE) &&
-                 (p[1] == SSL3_VERSION_MAJOR) &&
-                 (p[5] == SSL3_MT_CLIENT_HELLO) && ((p[3] == 0 && p[4] < 5)
-                                                    || (p[9] >= p[1]))) {
-            /*
-             * SSLv3 or tls1 header
-             */
-
-            v[0] = p[1];        /* major version (= SSL3_VERSION_MAJOR) */
-            /*
-             * We must look at client_version inside the Client Hello message
-             * to get the correct minor version. However if we have only a
-             * pathologically small fragment of the Client Hello message, this
-             * would be difficult, and we'd have to read more records to find
-             * out. No known SSL 3.0 client fragments ClientHello like this,
-             * so we simply reject such connections to avoid protocol version
-             * downgrade attacks.
-             */
-            if (p[3] == 0 && p[4] < 6) {
-                SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_RECORD_TOO_SMALL);
-                goto err;
-            }
-            /*
-             * if major version number > 3 set minor to a value which will
-             * use the highest version 3 we support. If TLS 2.0 ever appears
-             * we will need to revise this....
-             */
-            if (p[9] > SSL3_VERSION_MAJOR)
-                v[1] = 0xff;
-            else
-                v[1] = p[10];   /* minor version according to client_version */
-            if (v[1] >= TLS1_VERSION_MINOR) {
-                if (v[1] >= TLS1_2_VERSION_MINOR &&
-                    !(s->options & SSL_OP_NO_TLSv1_2)) {
-                    s->version = TLS1_2_VERSION;
-                    type = 3;
-                } else if (v[1] >= TLS1_1_VERSION_MINOR &&
-                           !(s->options & SSL_OP_NO_TLSv1_1)) {
-                    s->version = TLS1_1_VERSION;
-                    type = 3;
-                } else if (!(s->options & SSL_OP_NO_TLSv1)) {
-                    s->version = TLS1_VERSION;
-                    type = 3;
-                } else if (!(s->options & SSL_OP_NO_SSLv3)) {
-                    s->version = SSL3_VERSION;
-                    type = 3;
-                }
-            } else {
-                /* client requests SSL 3.0 */
-                if (!(s->options & SSL_OP_NO_SSLv3)) {
-                    s->version = SSL3_VERSION;
-                    type = 3;
-                } else if (!(s->options & SSL_OP_NO_TLSv1)) {
-                    /*
-                     * we won't be able to use TLS of course, but this will
-                     * send an appropriate alert
-                     */
-                    s->version = TLS1_VERSION;
-                    type = 3;
-                }
-            }
-        } else if ((strncmp("GET ", (char *)p, 4) == 0) ||
-                   (strncmp("POST ", (char *)p, 5) == 0) ||
-                   (strncmp("HEAD ", (char *)p, 5) == 0) ||
-                   (strncmp("PUT ", (char *)p, 4) == 0)) {
-            SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_HTTP_REQUEST);
-            goto err;
-        } else if (strncmp("CONNECT", (char *)p, 7) == 0) {
-            SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_HTTPS_PROXY_REQUEST);
-            goto err;
-        }
-    }
-
-    /* ensure that TLS_MAX_VERSION is up-to-date */
-    OPENSSL_assert(s->version <= TLS_MAX_VERSION);
-
-    if (s->version < TLS1_2_VERSION && tls1_suiteb(s)) {
-        SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
-               SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE);
-        goto err;
-    }
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode() && (s->version < TLS1_VERSION)) {
-        SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
-               SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
-        goto err;
-    }
-#endif
-
-    if (s->state == SSL23_ST_SR_CLNT_HELLO_B) {
-        /*
-         * we have SSLv3/TLSv1 in an SSLv2 header (other cases skip this
-         * state)
-         */
-
-        type = 2;
-        p = s->packet;
-        v[0] = p[3];            /* == SSL3_VERSION_MAJOR */
-        v[1] = p[4];
-
-        /*-
-         * An SSLv3/TLSv1 backwards-compatible CLIENT-HELLO in an SSLv2
-         * header is sent directly on the wire, not wrapped as a TLS
-         * record. It's format is:
-         * Byte  Content
-         * 0-1   msg_length
-         * 2     msg_type
-         * 3-4   version
-         * 5-6   cipher_spec_length
-         * 7-8   session_id_length
-         * 9-10  challenge_length
-         * ...   ...
-         */
-        n = ((p[0] & 0x7f) << 8) | p[1];
-        if (n > (1024 * 4)) {
-            SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_RECORD_TOO_LARGE);
-            goto err;
-        }
-        if (n < 9) {
-            SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
-                   SSL_R_RECORD_LENGTH_MISMATCH);
-            goto err;
-        }
-
-        j = ssl23_read_bytes(s, n + 2);
-        /*
-         * We previously read 11 bytes, so if j > 0, we must have j == n+2 ==
-         * s->packet_length. We have at least 11 valid packet bytes.
-         */
-        if (j <= 0)
-            return (j);
-
-        ssl3_finish_mac(s, s->packet + 2, s->packet_length - 2);
-
-        /* CLIENT-HELLO */
-        if (s->msg_callback)
-            s->msg_callback(0, SSL2_VERSION, 0, s->packet + 2,
-                            s->packet_length - 2, s, s->msg_callback_arg);
-
-        p = s->packet;
-        p += 5;
-        n2s(p, csl);
-        n2s(p, sil);
-        n2s(p, cl);
-        d = (unsigned char *)s->init_buf->data;
-        if ((csl + sil + cl + 11) != s->packet_length) { /* We can't have TLS
-                                                          * extensions in SSL
-                                                          * 2.0 format *
-                                                          * Client Hello, can
-                                                          * we? Error
-                                                          * condition should
-                                                          * be * '>'
-                                                          * otherweise */
-            SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
-                   SSL_R_RECORD_LENGTH_MISMATCH);
-            goto err;
-        }
-
-        /* record header: msg_type ... */
-        *(d++) = SSL3_MT_CLIENT_HELLO;
-        /* ... and length (actual value will be written later) */
-        d_len = d;
-        d += 3;
-
-        /* client_version */
-        *(d++) = SSL3_VERSION_MAJOR; /* == v[0] */
-        *(d++) = v[1];
-
-        /* lets populate the random area */
-        /* get the challenge_length */
-        i = (cl > SSL3_RANDOM_SIZE) ? SSL3_RANDOM_SIZE : cl;
-        memset(d, 0, SSL3_RANDOM_SIZE);
-        memcpy(&(d[SSL3_RANDOM_SIZE - i]), &(p[csl + sil]), i);
-        d += SSL3_RANDOM_SIZE;
-
-        /* no session-id reuse */
-        *(d++) = 0;
-
-        /* ciphers */
-        j = 0;
-        dd = d;
-        d += 2;
-        for (i = 0; i < csl; i += 3) {
-            if (p[i] != 0)
-                continue;
-            *(d++) = p[i + 1];
-            *(d++) = p[i + 2];
-            j += 2;
-        }
-        s2n(j, dd);
-
-        /* COMPRESSION */
-        *(d++) = 1;
-        *(d++) = 0;
-
-#if 0
-        /* copy any remaining data with may be extensions */
-        p = p + csl + sil + cl;
-        while (p < s->packet + s->packet_length) {
-            *(d++) = *(p++);
-        }
-#endif
-
-        i = (d - (unsigned char *)s->init_buf->data) - 4;
-        l2n3((long)i, d_len);
-
-        /* get the data reused from the init_buf */
-        s->s3->tmp.reuse_message = 1;
-        s->s3->tmp.message_type = SSL3_MT_CLIENT_HELLO;
-        s->s3->tmp.message_size = i;
-    }
-
-    /* imaginary new state (for program structure): */
-    /* s->state = SSL23_SR_CLNT_HELLO_C */
-
-    if (type == 1) {
-#ifdef OPENSSL_NO_SSL2
-        SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
-        goto err;
-#else
-        /* we are talking sslv2 */
-        /*
-         * we need to clean up the SSLv3/TLSv1 setup and put in the sslv2
-         * stuff.
-         */
-
-        if (s->s2 == NULL) {
-            if (!ssl2_new(s))
-                goto err;
-        } else
-            ssl2_clear(s);
-
-        if (s->s3 != NULL)
-            ssl3_free(s);
-
-        if (!BUF_MEM_grow_clean(s->init_buf,
-                                SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
-            goto err;
-        }
-
-        s->state = SSL2_ST_GET_CLIENT_HELLO_A;
-        if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
-            s->s2->ssl2_rollback = 0;
-        else
-            /*
-             * reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
-             * (SSL 3.0 draft/RFC 2246, App. E.2)
-             */
-            s->s2->ssl2_rollback = 1;
-
-        /*
-         * setup the n bytes we have read so we get them from the sslv2
-         * buffer
-         */
-        s->rstate = SSL_ST_READ_HEADER;
-        s->packet_length = n;
-        s->packet = &(s->s2->rbuf[0]);
-        memcpy(s->packet, buf, n);
-        s->s2->rbuf_left = n;
-        s->s2->rbuf_offs = 0;
-
-        s->method = SSLv2_server_method();
-        s->handshake_func = s->method->ssl_accept;
-#endif
-    }
-
-    if ((type == 2) || (type == 3)) {
-        /*
-         * we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style)
-         */
-        const SSL_METHOD *new_method;
-        new_method = ssl23_get_server_method(s->version);
-        if (new_method == NULL) {
-            SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
-            goto err;
-        }
-        s->method = new_method;
-
-        if (!ssl_init_wbio_buffer(s, 1))
-            goto err;
-
-        /* we are in this state */
-        s->state = SSL3_ST_SR_CLNT_HELLO_A;
-
-        if (type == 3) {
-            /*
-             * put the 'n' bytes we have read into the input buffer for SSLv3
-             */
-            s->rstate = SSL_ST_READ_HEADER;
-            s->packet_length = n;
-            if (s->s3->rbuf.buf == NULL)
-                if (!ssl3_setup_read_buffer(s))
-                    goto err;
-
-            s->packet = &(s->s3->rbuf.buf[0]);
-            memcpy(s->packet, buf, n);
-            s->s3->rbuf.left = n;
-            s->s3->rbuf.offset = 0;
-        } else {
-            s->packet_length = 0;
-            s->s3->rbuf.left = 0;
-            s->s3->rbuf.offset = 0;
-        }
-#if 0                           /* ssl3_get_client_hello does this */
-        s->client_version = (v[0] << 8) | v[1];
-#endif
-        s->handshake_func = s->method->ssl_accept;
-    }
-
-    if ((type < 1) || (type > 3)) {
-        /* bad, very bad */
-        SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNKNOWN_PROTOCOL);
-        goto err;
-    }
-    s->init_num = 0;
-
-    if (buf != buf_space)
-        OPENSSL_free(buf);
-    return (SSL_accept(s));
- err:
-    if (buf != buf_space)
-        OPENSSL_free(buf);
-    return (-1);
-}
diff --git a/thirdparty/openssl/ssl/s2_clnt.c b/thirdparty/openssl/ssl/s2_clnt.c
deleted file mode 100644
index 20de1a8217..0000000000
--- a/thirdparty/openssl/ssl/s2_clnt.c
+++ /dev/null
@@ -1,1094 +0,0 @@
-/* ssl/s2_clnt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SSL2
-# include <stdio.h>
-# include <openssl/rand.h>
-# include <openssl/buffer.h>
-# include <openssl/objects.h>
-# include <openssl/evp.h>
-
-static const SSL_METHOD *ssl2_get_client_method(int ver);
-static int get_server_finished(SSL *s);
-static int get_server_verify(SSL *s);
-static int get_server_hello(SSL *s);
-static int client_hello(SSL *s);
-static int client_master_key(SSL *s);
-static int client_finished(SSL *s);
-static int client_certificate(SSL *s);
-static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
-                                  unsigned char *to, int padding);
-# define BREAK   break
-
-static const SSL_METHOD *ssl2_get_client_method(int ver)
-{
-    if (ver == SSL2_VERSION)
-        return (SSLv2_client_method());
-    else
-        return (NULL);
-}
-
-IMPLEMENT_ssl2_meth_func(SSLv2_client_method,
-                         ssl_undefined_function,
-                         ssl2_connect, ssl2_get_client_method)
-
-int ssl2_connect(SSL *s)
-{
-    unsigned long l = (unsigned long)time(NULL);
-    BUF_MEM *buf = NULL;
-    int ret = -1;
-    void (*cb) (const SSL *ssl, int type, int val) = NULL;
-    int new_state, state;
-
-    RAND_add(&l, sizeof(l), 0);
-    ERR_clear_error();
-    clear_sys_error();
-
-    if (s->info_callback != NULL)
-        cb = s->info_callback;
-    else if (s->ctx->info_callback != NULL)
-        cb = s->ctx->info_callback;
-
-    /* init things to blank */
-    s->in_handshake++;
-    if (!SSL_in_init(s) || SSL_in_before(s))
-        SSL_clear(s);
-
-    for (;;) {
-        state = s->state;
-
-        switch (s->state) {
-        case SSL_ST_BEFORE:
-        case SSL_ST_CONNECT:
-        case SSL_ST_BEFORE | SSL_ST_CONNECT:
-        case SSL_ST_OK | SSL_ST_CONNECT:
-
-            s->server = 0;
-            if (cb != NULL)
-                cb(s, SSL_CB_HANDSHAKE_START, 1);
-
-            s->version = SSL2_VERSION;
-            s->type = SSL_ST_CONNECT;
-
-            buf = s->init_buf;
-            if ((buf == NULL) && ((buf = BUF_MEM_new()) == NULL)) {
-                ret = -1;
-                goto end;
-            }
-            if (!BUF_MEM_grow(buf, SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
-                if (buf == s->init_buf)
-                    buf = NULL;
-                ret = -1;
-                goto end;
-            }
-            s->init_buf = buf;
-            buf = NULL;
-            s->init_num = 0;
-            s->state = SSL2_ST_SEND_CLIENT_HELLO_A;
-            s->ctx->stats.sess_connect++;
-            s->handshake_func = ssl2_connect;
-            BREAK;
-
-        case SSL2_ST_SEND_CLIENT_HELLO_A:
-        case SSL2_ST_SEND_CLIENT_HELLO_B:
-            s->shutdown = 0;
-            ret = client_hello(s);
-            if (ret <= 0)
-                goto end;
-            s->init_num = 0;
-            s->state = SSL2_ST_GET_SERVER_HELLO_A;
-            BREAK;
-
-        case SSL2_ST_GET_SERVER_HELLO_A:
-        case SSL2_ST_GET_SERVER_HELLO_B:
-            ret = get_server_hello(s);
-            if (ret <= 0)
-                goto end;
-            s->init_num = 0;
-            if (!s->hit) {      /* new session */
-                s->state = SSL2_ST_SEND_CLIENT_MASTER_KEY_A;
-                BREAK;
-            } else {
-                s->state = SSL2_ST_CLIENT_START_ENCRYPTION;
-                break;
-            }
-
-        case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
-        case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
-            ret = client_master_key(s);
-            if (ret <= 0)
-                goto end;
-            s->init_num = 0;
-            s->state = SSL2_ST_CLIENT_START_ENCRYPTION;
-            break;
-
-        case SSL2_ST_CLIENT_START_ENCRYPTION:
-            /*
-             * Ok, we now have all the stuff needed to start encrypting, so
-             * lets fire it up :-)
-             */
-            if (!ssl2_enc_init(s, 1)) {
-                ret = -1;
-                goto end;
-            }
-            s->s2->clear_text = 0;
-            s->state = SSL2_ST_SEND_CLIENT_FINISHED_A;
-            break;
-
-        case SSL2_ST_SEND_CLIENT_FINISHED_A:
-        case SSL2_ST_SEND_CLIENT_FINISHED_B:
-            ret = client_finished(s);
-            if (ret <= 0)
-                goto end;
-            s->init_num = 0;
-            s->state = SSL2_ST_GET_SERVER_VERIFY_A;
-            break;
-
-        case SSL2_ST_GET_SERVER_VERIFY_A:
-        case SSL2_ST_GET_SERVER_VERIFY_B:
-            ret = get_server_verify(s);
-            if (ret <= 0)
-                goto end;
-            s->init_num = 0;
-            s->state = SSL2_ST_GET_SERVER_FINISHED_A;
-            break;
-
-        case SSL2_ST_GET_SERVER_FINISHED_A:
-        case SSL2_ST_GET_SERVER_FINISHED_B:
-            ret = get_server_finished(s);
-            if (ret <= 0)
-                goto end;
-            break;
-
-        case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
-        case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:
-        case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
-        case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
-        case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
-            ret = client_certificate(s);
-            if (ret <= 0)
-                goto end;
-            s->init_num = 0;
-            s->state = SSL2_ST_GET_SERVER_FINISHED_A;
-            break;
-
-        case SSL_ST_OK:
-            if (s->init_buf != NULL) {
-                BUF_MEM_free(s->init_buf);
-                s->init_buf = NULL;
-            }
-            s->init_num = 0;
-            /*      ERR_clear_error(); */
-
-            /*
-             * If we want to cache session-ids in the client and we
-             * successfully add the session-id to the cache, and there is a
-             * callback, then pass it out. 26/11/96 - eay - only add if not a
-             * re-used session.
-             */
-
-            ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
-            if (s->hit)
-                s->ctx->stats.sess_hit++;
-
-            ret = 1;
-            /* s->server=0; */
-            s->ctx->stats.sess_connect_good++;
-
-            if (cb != NULL)
-                cb(s, SSL_CB_HANDSHAKE_DONE, 1);
-
-            goto end;
-            /* break; */
-        default:
-            SSLerr(SSL_F_SSL2_CONNECT, SSL_R_UNKNOWN_STATE);
-            return (-1);
-            /* break; */
-        }
-
-        if ((cb != NULL) && (s->state != state)) {
-            new_state = s->state;
-            s->state = state;
-            cb(s, SSL_CB_CONNECT_LOOP, 1);
-            s->state = new_state;
-        }
-    }
- end:
-    s->in_handshake--;
-    if (buf != NULL)
-        BUF_MEM_free(buf);
-    if (cb != NULL)
-        cb(s, SSL_CB_CONNECT_EXIT, ret);
-    return (ret);
-}
-
-static int get_server_hello(SSL *s)
-{
-    unsigned char *buf;
-    unsigned char *p;
-    int i, j;
-    unsigned long len;
-    STACK_OF(SSL_CIPHER) *sk = NULL, *cl, *prio, *allow;
-
-    buf = (unsigned char *)s->init_buf->data;
-    p = buf;
-    if (s->state == SSL2_ST_GET_SERVER_HELLO_A) {
-        i = ssl2_read(s, (char *)&(buf[s->init_num]), 11 - s->init_num);
-        if (i < (11 - s->init_num))
-            return (ssl2_part_read(s, SSL_F_GET_SERVER_HELLO, i));
-        s->init_num = 11;
-
-        if (*(p++) != SSL2_MT_SERVER_HELLO) {
-            if (p[-1] != SSL2_MT_ERROR) {
-                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-                SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_READ_WRONG_PACKET_TYPE);
-            } else
-                SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_PEER_ERROR);
-            return (-1);
-        }
-# if 0
-        s->hit = (*(p++)) ? 1 : 0;
-        /*
-         * Some [PPC?] compilers fail to increment p in above statement, e.g.
-         * one provided with Rhapsody 5.5, but most recent example XL C 11.1
-         * for AIX, even without optimization flag...
-         */
-# else
-        s->hit = (*p) ? 1 : 0;
-        p++;
-# endif
-        s->s2->tmp.cert_type = *(p++);
-        n2s(p, i);
-        if (i < s->version)
-            s->version = i;
-        n2s(p, i);
-        s->s2->tmp.cert_length = i;
-        n2s(p, i);
-        s->s2->tmp.csl = i;
-        n2s(p, i);
-        s->s2->tmp.conn_id_length = i;
-        s->state = SSL2_ST_GET_SERVER_HELLO_B;
-    }
-
-    /* SSL2_ST_GET_SERVER_HELLO_B */
-    len =
-        11 + (unsigned long)s->s2->tmp.cert_length +
-        (unsigned long)s->s2->tmp.csl +
-        (unsigned long)s->s2->tmp.conn_id_length;
-    if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
-        SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_MESSAGE_TOO_LONG);
-        return -1;
-    }
-    j = (int)len - s->init_num;
-    i = ssl2_read(s, (char *)&(buf[s->init_num]), j);
-    if (i != j)
-        return (ssl2_part_read(s, SSL_F_GET_SERVER_HELLO, i));
-    if (s->msg_callback) {
-        /* SERVER-HELLO */
-        s->msg_callback(0, s->version, 0, buf, (size_t)len, s,
-                        s->msg_callback_arg);
-    }
-
-    /* things are looking good */
-
-    p = buf + 11;
-    if (s->hit) {
-        if (s->s2->tmp.cert_length != 0) {
-            SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_REUSE_CERT_LENGTH_NOT_ZERO);
-            return (-1);
-        }
-        if (s->s2->tmp.cert_type != 0) {
-            if (!(s->options & SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG)) {
-                SSLerr(SSL_F_GET_SERVER_HELLO,
-                       SSL_R_REUSE_CERT_TYPE_NOT_ZERO);
-                return (-1);
-            }
-        }
-        if (s->s2->tmp.csl != 0) {
-            SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_REUSE_CIPHER_LIST_NOT_ZERO);
-            return (-1);
-        }
-    } else {
-# if 0
-        /* very bad */
-        memset(s->session->session_id, 0,
-               SSL_MAX_SSL_SESSION_ID_LENGTH_IN_BYTES);
-        s->session->session_id_length = 0;
-# endif
-
-        /*
-         * we need to do this in case we were trying to reuse a client
-         * session but others are already reusing it. If this was a new
-         * 'blank' session ID, the session-id length will still be 0
-         */
-        if (s->session->session_id_length > 0) {
-            if (!ssl_get_new_session(s, 0)) {
-                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-                return (-1);
-            }
-        }
-
-        if (ssl2_set_certificate(s, s->s2->tmp.cert_type,
-                                 s->s2->tmp.cert_length, p) <= 0) {
-            ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
-            return (-1);
-        }
-        p += s->s2->tmp.cert_length;
-
-        if (s->s2->tmp.csl == 0) {
-            ssl2_return_error(s, SSL2_PE_NO_CIPHER);
-            SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_NO_CIPHER_LIST);
-            return (-1);
-        }
-
-        /*
-         * We have just received a list of ciphers back from the server.  We
-         * need to get the ones that match, then select the one we want the
-         * most :-).
-         */
-
-        /* load the ciphers */
-        sk = ssl_bytes_to_cipher_list(s, p, s->s2->tmp.csl,
-                                      &s->session->ciphers);
-        p += s->s2->tmp.csl;
-        if (sk == NULL) {
-            ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-            SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_MALLOC_FAILURE);
-            return (-1);
-        }
-
-        (void)sk_SSL_CIPHER_set_cmp_func(sk, ssl_cipher_ptr_id_cmp);
-
-        /* get the array of ciphers we will accept */
-        cl = SSL_get_ciphers(s);
-        (void)sk_SSL_CIPHER_set_cmp_func(cl, ssl_cipher_ptr_id_cmp);
-
-        /*
-         * If server preference flag set, choose the first
-         * (highest priority) cipher the server sends, otherwise
-         * client preference has priority.
-         */
-        if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
-            prio = sk;
-            allow = cl;
-        } else {
-            prio = cl;
-            allow = sk;
-        }
-        /*
-         * In theory we could have ciphers sent back that we don't want to
-         * use but that does not matter since we will check against the list
-         * we originally sent and for performance reasons we should not
-         * bother to match the two lists up just to check.
-         */
-        for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
-            if (sk_SSL_CIPHER_find(allow, sk_SSL_CIPHER_value(prio, i)) >= 0)
-                break;
-        }
-
-        if (i >= sk_SSL_CIPHER_num(prio)) {
-            ssl2_return_error(s, SSL2_PE_NO_CIPHER);
-            SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_NO_CIPHER_MATCH);
-            return (-1);
-        }
-        s->session->cipher = sk_SSL_CIPHER_value(prio, i);
-
-        if (s->session->peer != NULL) { /* can't happen */
-            ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-            SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
-            return (-1);
-        }
-
-        s->session->peer = s->session->sess_cert->peer_key->x509;
-        /* peer_key->x509 has been set by ssl2_set_certificate. */
-        CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509);
-    }
-
-    if (s->session->sess_cert == NULL
-        || s->session->peer != s->session->sess_cert->peer_key->x509)
-        /* can't happen */
-    {
-        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-        SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
-        return (-1);
-    }
-
-    s->s2->conn_id_length = s->s2->tmp.conn_id_length;
-    if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
-        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-        SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_SSL2_CONNECTION_ID_TOO_LONG);
-        return -1;
-    }
-    memcpy(s->s2->conn_id, p, s->s2->tmp.conn_id_length);
-    return (1);
-}
-
-static int client_hello(SSL *s)
-{
-    unsigned char *buf;
-    unsigned char *p, *d;
-/*      CIPHER **cipher;*/
-    int i, n, j;
-
-    buf = (unsigned char *)s->init_buf->data;
-    if (s->state == SSL2_ST_SEND_CLIENT_HELLO_A) {
-        if ((s->session == NULL) || (s->session->ssl_version != s->version)) {
-            if (!ssl_get_new_session(s, 0)) {
-                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-                return (-1);
-            }
-        }
-        /* else use the pre-loaded session */
-
-        p = buf;                /* header */
-        d = p + 9;              /* data section */
-        *(p++) = SSL2_MT_CLIENT_HELLO; /* type */
-        s2n(SSL2_VERSION, p);   /* version */
-        n = j = 0;
-
-        n = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), d, 0);
-        d += n;
-
-        if (n == 0) {
-            SSLerr(SSL_F_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
-            return (-1);
-        }
-
-        s2n(n, p);              /* cipher spec num bytes */
-
-        if ((s->session->session_id_length > 0) &&
-            (s->session->session_id_length <=
-             SSL2_MAX_SSL_SESSION_ID_LENGTH)) {
-            i = s->session->session_id_length;
-            s2n(i, p);          /* session id length */
-            memcpy(d, s->session->session_id, (unsigned int)i);
-            d += i;
-        } else {
-            s2n(0, p);
-        }
-
-        s->s2->challenge_length = SSL2_CHALLENGE_LENGTH;
-        s2n(SSL2_CHALLENGE_LENGTH, p); /* challenge length */
-        /*
-         * challenge id data
-         */
-        if (RAND_bytes(s->s2->challenge, SSL2_CHALLENGE_LENGTH) <= 0)
-            return -1;
-        memcpy(d, s->s2->challenge, SSL2_CHALLENGE_LENGTH);
-        d += SSL2_CHALLENGE_LENGTH;
-
-        s->state = SSL2_ST_SEND_CLIENT_HELLO_B;
-        s->init_num = d - buf;
-        s->init_off = 0;
-    }
-    /* SSL2_ST_SEND_CLIENT_HELLO_B */
-    return (ssl2_do_write(s));
-}
-
-static int client_master_key(SSL *s)
-{
-    unsigned char *buf;
-    unsigned char *p, *d;
-    int clear, enc, karg, i;
-    SSL_SESSION *sess;
-    const EVP_CIPHER *c;
-    const EVP_MD *md;
-
-    buf = (unsigned char *)s->init_buf->data;
-    if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A) {
-
-        if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
-            ssl2_return_error(s, SSL2_PE_NO_CIPHER);
-            SSLerr(SSL_F_CLIENT_MASTER_KEY,
-                   SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
-            return (-1);
-        }
-        sess = s->session;
-        p = buf;
-        d = p + 10;
-        *(p++) = SSL2_MT_CLIENT_MASTER_KEY; /* type */
-
-        i = ssl_put_cipher_by_char(s, sess->cipher, p);
-        p += i;
-
-        /* make key_arg data */
-        i = EVP_CIPHER_iv_length(c);
-        sess->key_arg_length = i;
-        if (i > SSL_MAX_KEY_ARG_LENGTH) {
-            ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-            SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
-            return -1;
-        }
-        if (i > 0)
-            if (RAND_bytes(sess->key_arg, i) <= 0)
-                return -1;
-
-        /* make a master key */
-        i = EVP_CIPHER_key_length(c);
-        sess->master_key_length = i;
-        if (i > 0) {
-            if (i > (int)sizeof(sess->master_key)) {
-                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-                SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
-                return -1;
-            }
-            if (RAND_bytes(sess->master_key, i) <= 0) {
-                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-                return (-1);
-            }
-        }
-
-        if (sess->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC)
-            enc = 8;
-        else if (SSL_C_IS_EXPORT(sess->cipher))
-            enc = 5;
-        else
-            enc = i;
-
-        if ((int)i < enc) {
-            ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-            SSLerr(SSL_F_CLIENT_MASTER_KEY, SSL_R_CIPHER_TABLE_SRC_ERROR);
-            return (-1);
-        }
-        clear = i - enc;
-        s2n(clear, p);
-        memcpy(d, sess->master_key, (unsigned int)clear);
-        d += clear;
-
-        enc = ssl_rsa_public_encrypt(sess->sess_cert, enc,
-                                     &(sess->master_key[clear]), d,
-                                     (s->
-                                      s2->ssl2_rollback) ? RSA_SSLV23_PADDING
-                                     : RSA_PKCS1_PADDING);
-        if (enc <= 0) {
-            ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-            SSLerr(SSL_F_CLIENT_MASTER_KEY, SSL_R_PUBLIC_KEY_ENCRYPT_ERROR);
-            return (-1);
-        }
-# ifdef PKCS1_CHECK
-        if (s->options & SSL_OP_PKCS1_CHECK_1)
-            d[1]++;
-        if (s->options & SSL_OP_PKCS1_CHECK_2)
-            sess->master_key[clear]++;
-# endif
-        s2n(enc, p);
-        d += enc;
-        karg = sess->key_arg_length;
-        s2n(karg, p);           /* key arg size */
-        if (karg > (int)sizeof(sess->key_arg)) {
-            ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-            SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
-            return -1;
-        }
-        memcpy(d, sess->key_arg, (unsigned int)karg);
-        d += karg;
-
-        s->state = SSL2_ST_SEND_CLIENT_MASTER_KEY_B;
-        s->init_num = d - buf;
-        s->init_off = 0;
-    }
-
-    /* SSL2_ST_SEND_CLIENT_MASTER_KEY_B */
-    return (ssl2_do_write(s));
-}
-
-static int client_finished(SSL *s)
-{
-    unsigned char *p;
-
-    if (s->state == SSL2_ST_SEND_CLIENT_FINISHED_A) {
-        p = (unsigned char *)s->init_buf->data;
-        *(p++) = SSL2_MT_CLIENT_FINISHED;
-        if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
-            SSLerr(SSL_F_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
-            return -1;
-        }
-        memcpy(p, s->s2->conn_id, (unsigned int)s->s2->conn_id_length);
-
-        s->state = SSL2_ST_SEND_CLIENT_FINISHED_B;
-        s->init_num = s->s2->conn_id_length + 1;
-        s->init_off = 0;
-    }
-    return (ssl2_do_write(s));
-}
-
-/* read the data and then respond */
-static int client_certificate(SSL *s)
-{
-    unsigned char *buf;
-    unsigned char *p, *d;
-    int i;
-    unsigned int n;
-    int cert_ch_len;
-    unsigned char *cert_ch;
-
-    buf = (unsigned char *)s->init_buf->data;
-
-    /*
-     * We have a cert associated with the SSL, so attach it to the session if
-     * it does not have one
-     */
-
-    if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A) {
-        i = ssl2_read(s, (char *)&(buf[s->init_num]),
-                      SSL2_MAX_CERT_CHALLENGE_LENGTH + 2 - s->init_num);
-        if (i < (SSL2_MIN_CERT_CHALLENGE_LENGTH + 2 - s->init_num))
-            return (ssl2_part_read(s, SSL_F_CLIENT_CERTIFICATE, i));
-        s->init_num += i;
-        if (s->msg_callback) {
-            /* REQUEST-CERTIFICATE */
-            s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s,
-                            s->msg_callback_arg);
-        }
-
-        /* type=buf[0]; */
-        /* type eq x509 */
-        if (buf[1] != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) {
-            ssl2_return_error(s, SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
-            SSLerr(SSL_F_CLIENT_CERTIFICATE, SSL_R_BAD_AUTHENTICATION_TYPE);
-            return (-1);
-        }
-
-        if ((s->cert == NULL) ||
-            (s->cert->key->x509 == NULL) ||
-            (s->cert->key->privatekey == NULL)) {
-            s->state = SSL2_ST_X509_GET_CLIENT_CERTIFICATE;
-        } else
-            s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
-    }
-
-    cert_ch = buf + 2;
-    cert_ch_len = s->init_num - 2;
-
-    if (s->state == SSL2_ST_X509_GET_CLIENT_CERTIFICATE) {
-        X509 *x509 = NULL;
-        EVP_PKEY *pkey = NULL;
-
-        /*
-         * If we get an error we need to ssl->rwstate=SSL_X509_LOOKUP;
-         * return(error); We should then be retried when things are ok and we
-         * can get a cert or not
-         */
-
-        i = 0;
-        if (s->ctx->client_cert_cb != NULL) {
-            i = s->ctx->client_cert_cb(s, &(x509), &(pkey));
-        }
-
-        if (i < 0) {
-            s->rwstate = SSL_X509_LOOKUP;
-            return (-1);
-        }
-        s->rwstate = SSL_NOTHING;
-
-        if ((i == 1) && (pkey != NULL) && (x509 != NULL)) {
-            s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
-            if (!SSL_use_certificate(s, x509) || !SSL_use_PrivateKey(s, pkey)) {
-                i = 0;
-            }
-            X509_free(x509);
-            EVP_PKEY_free(pkey);
-        } else if (i == 1) {
-            if (x509 != NULL)
-                X509_free(x509);
-            if (pkey != NULL)
-                EVP_PKEY_free(pkey);
-            SSLerr(SSL_F_CLIENT_CERTIFICATE,
-                   SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
-            i = 0;
-        }
-
-        if (i == 0) {
-            /*
-             * We have no client certificate to respond with so send the
-             * correct error message back
-             */
-            s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_B;
-            p = buf;
-            *(p++) = SSL2_MT_ERROR;
-            s2n(SSL2_PE_NO_CERTIFICATE, p);
-            s->init_off = 0;
-            s->init_num = 3;
-            /* Write is done at the end */
-        }
-    }
-
-    if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_B) {
-        return (ssl2_do_write(s));
-    }
-
-    if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_C) {
-        EVP_MD_CTX ctx;
-
-        /*
-         * ok, now we calculate the checksum do it first so we can reuse buf
-         * :-)
-         */
-        p = buf;
-        EVP_MD_CTX_init(&ctx);
-        EVP_SignInit_ex(&ctx, s->ctx->rsa_md5, NULL);
-        EVP_SignUpdate(&ctx, s->s2->key_material, s->s2->key_material_length);
-        EVP_SignUpdate(&ctx, cert_ch, (unsigned int)cert_ch_len);
-        i = i2d_X509(s->session->sess_cert->peer_key->x509, &p);
-        /*
-         * Don't update the signature if it fails - FIXME: probably should
-         * handle this better
-         */
-        if (i > 0)
-            EVP_SignUpdate(&ctx, buf, (unsigned int)i);
-
-        p = buf;
-        d = p + 6;
-        *(p++) = SSL2_MT_CLIENT_CERTIFICATE;
-        *(p++) = SSL2_CT_X509_CERTIFICATE;
-        n = i2d_X509(s->cert->key->x509, &d);
-        s2n(n, p);
-
-        if (!EVP_SignFinal(&ctx, d, &n, s->cert->key->privatekey)) {
-            /*
-             * this is not good.  If things have failed it means there so
-             * something wrong with the key. We will continue with a 0 length
-             * signature
-             */
-        }
-        EVP_MD_CTX_cleanup(&ctx);
-        s2n(n, p);
-        d += n;
-
-        s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_D;
-        s->init_num = d - buf;
-        s->init_off = 0;
-    }
-    /* if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_D) */
-    return (ssl2_do_write(s));
-}
-
-static int get_server_verify(SSL *s)
-{
-    unsigned char *p;
-    int i, n, len;
-
-    p = (unsigned char *)s->init_buf->data;
-    if (s->state == SSL2_ST_GET_SERVER_VERIFY_A) {
-        i = ssl2_read(s, (char *)&(p[s->init_num]), 1 - s->init_num);
-        if (i < (1 - s->init_num))
-            return (ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i));
-        s->init_num += i;
-
-        s->state = SSL2_ST_GET_SERVER_VERIFY_B;
-        if (*p != SSL2_MT_SERVER_VERIFY) {
-            if (p[0] != SSL2_MT_ERROR) {
-                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-                SSLerr(SSL_F_GET_SERVER_VERIFY, SSL_R_READ_WRONG_PACKET_TYPE);
-            } else {
-                SSLerr(SSL_F_GET_SERVER_VERIFY, SSL_R_PEER_ERROR);
-                /* try to read the error message */
-                i = ssl2_read(s, (char *)&(p[s->init_num]), 3 - s->init_num);
-                return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
-            }
-            return (-1);
-        }
-    }
-
-    p = (unsigned char *)s->init_buf->data;
-    len = 1 + s->s2->challenge_length;
-    n = len - s->init_num;
-    i = ssl2_read(s, (char *)&(p[s->init_num]), n);
-    if (i < n)
-        return (ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i));
-    if (s->msg_callback) {
-        /* SERVER-VERIFY */
-        s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg);
-    }
-    p += 1;
-
-    if (CRYPTO_memcmp(p, s->s2->challenge, s->s2->challenge_length) != 0) {
-        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-        SSLerr(SSL_F_GET_SERVER_VERIFY, SSL_R_CHALLENGE_IS_DIFFERENT);
-        return (-1);
-    }
-    return (1);
-}
-
-static int get_server_finished(SSL *s)
-{
-    unsigned char *buf;
-    unsigned char *p;
-    int i, n, len;
-
-    buf = (unsigned char *)s->init_buf->data;
-    p = buf;
-    if (s->state == SSL2_ST_GET_SERVER_FINISHED_A) {
-        i = ssl2_read(s, (char *)&(buf[s->init_num]), 1 - s->init_num);
-        if (i < (1 - s->init_num))
-            return (ssl2_part_read(s, SSL_F_GET_SERVER_FINISHED, i));
-        s->init_num += i;
-
-        if (*p == SSL2_MT_REQUEST_CERTIFICATE) {
-            s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_A;
-            return (1);
-        } else if (*p != SSL2_MT_SERVER_FINISHED) {
-            if (p[0] != SSL2_MT_ERROR) {
-                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-                SSLerr(SSL_F_GET_SERVER_FINISHED,
-                       SSL_R_READ_WRONG_PACKET_TYPE);
-            } else {
-                SSLerr(SSL_F_GET_SERVER_FINISHED, SSL_R_PEER_ERROR);
-                /* try to read the error message */
-                i = ssl2_read(s, (char *)&(p[s->init_num]), 3 - s->init_num);
-                return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
-            }
-            return (-1);
-        }
-        s->state = SSL2_ST_GET_SERVER_FINISHED_B;
-    }
-
-    len = 1 + SSL2_SSL_SESSION_ID_LENGTH;
-    n = len - s->init_num;
-    i = ssl2_read(s, (char *)&(buf[s->init_num]), n);
-    if (i < n) {
-        /*
-         * XXX could be shorter than SSL2_SSL_SESSION_ID_LENGTH,
-         * that's the maximum
-         */
-        return (ssl2_part_read(s, SSL_F_GET_SERVER_FINISHED, i));
-    }
-    s->init_num += i;
-    if (s->msg_callback) {
-        /* SERVER-FINISHED */
-        s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s,
-                        s->msg_callback_arg);
-    }
-
-    if (!s->hit) {              /* new session */
-        /* new session-id */
-        /*
-         * Make sure we were not trying to re-use an old SSL_SESSION or bad
-         * things can happen
-         */
-        /* ZZZZZZZZZZZZZ */
-        s->session->session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
-        memcpy(s->session->session_id, p + 1, SSL2_SSL_SESSION_ID_LENGTH);
-    } else {
-        if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) {
-            if ((s->session->session_id_length >
-                 sizeof s->session->session_id)
-                || (0 !=
-                    memcmp(buf + 1, s->session->session_id,
-                           (unsigned int)s->session->session_id_length))) {
-                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-                SSLerr(SSL_F_GET_SERVER_FINISHED,
-                       SSL_R_SSL_SESSION_ID_IS_DIFFERENT);
-                return (-1);
-            }
-        }
-    }
-    s->state = SSL_ST_OK;
-    return (1);
-}
-
-/* loads in the certificate from the server */
-int ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data)
-{
-    STACK_OF(X509) *sk = NULL;
-    EVP_PKEY *pkey = NULL;
-    SESS_CERT *sc = NULL;
-    int i;
-    X509 *x509 = NULL;
-    int ret = 0;
-
-    x509 = d2i_X509(NULL, &data, (long)len);
-    if (x509 == NULL) {
-        SSLerr(SSL_F_SSL2_SET_CERTIFICATE, ERR_R_X509_LIB);
-        goto err;
-    }
-
-    if ((sk = sk_X509_new_null()) == NULL || !sk_X509_push(sk, x509)) {
-        SSLerr(SSL_F_SSL2_SET_CERTIFICATE, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    i = ssl_verify_cert_chain(s, sk);
-
-    if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)) {
-        SSLerr(SSL_F_SSL2_SET_CERTIFICATE, SSL_R_CERTIFICATE_VERIFY_FAILED);
-        goto err;
-    }
-    ERR_clear_error();          /* but we keep s->verify_result */
-    s->session->verify_result = s->verify_result;
-
-    /* server's cert for this session */
-    sc = ssl_sess_cert_new();
-    if (sc == NULL) {
-        ret = -1;
-        goto err;
-    }
-    if (s->session->sess_cert)
-        ssl_sess_cert_free(s->session->sess_cert);
-    s->session->sess_cert = sc;
-
-    sc->peer_pkeys[SSL_PKEY_RSA_ENC].x509 = x509;
-    sc->peer_key = &(sc->peer_pkeys[SSL_PKEY_RSA_ENC]);
-
-    pkey = X509_get_pubkey(x509);
-    x509 = NULL;
-    if (pkey == NULL) {
-        SSLerr(SSL_F_SSL2_SET_CERTIFICATE,
-               SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY);
-        goto err;
-    }
-    if (pkey->type != EVP_PKEY_RSA) {
-        SSLerr(SSL_F_SSL2_SET_CERTIFICATE, SSL_R_PUBLIC_KEY_NOT_RSA);
-        goto err;
-    }
-
-    if (!ssl_set_peer_cert_type(sc, SSL2_CT_X509_CERTIFICATE))
-        goto err;
-    ret = 1;
- err:
-    sk_X509_free(sk);
-    X509_free(x509);
-    EVP_PKEY_free(pkey);
-    return (ret);
-}
-
-static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
-                                  unsigned char *to, int padding)
-{
-    EVP_PKEY *pkey = NULL;
-    int i = -1;
-
-    if ((sc == NULL) || (sc->peer_key->x509 == NULL) ||
-        ((pkey = X509_get_pubkey(sc->peer_key->x509)) == NULL)) {
-        SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, SSL_R_NO_PUBLICKEY);
-        return (-1);
-    }
-    if (pkey->type != EVP_PKEY_RSA) {
-        SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, SSL_R_PUBLIC_KEY_IS_NOT_RSA);
-        goto end;
-    }
-
-    /* we have the public key */
-    i = RSA_public_encrypt(len, from, to, pkey->pkey.rsa, padding);
-    if (i < 0)
-        SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, ERR_R_RSA_LIB);
- end:
-    EVP_PKEY_free(pkey);
-    return (i);
-}
-#else                           /* !OPENSSL_NO_SSL2 */
-
-# if PEDANTIC
-static void *dummy = &dummy;
-# endif
-
-#endif
diff --git a/thirdparty/openssl/ssl/s2_enc.c b/thirdparty/openssl/ssl/s2_enc.c
deleted file mode 100644
index 23eef72aa4..0000000000
--- a/thirdparty/openssl/ssl/s2_enc.c
+++ /dev/null
@@ -1,197 +0,0 @@
-/* ssl/s2_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SSL2
-# include <stdio.h>
-
-int ssl2_enc_init(SSL *s, int client)
-{
-    /* Max number of bytes needed */
-    EVP_CIPHER_CTX *rs, *ws;
-    const EVP_CIPHER *c;
-    const EVP_MD *md;
-    int num;
-
-    if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
-        ssl2_return_error(s, SSL2_PE_NO_CIPHER);
-        SSLerr(SSL_F_SSL2_ENC_INIT, SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
-        return (0);
-    }
-    ssl_replace_hash(&s->read_hash, md);
-    ssl_replace_hash(&s->write_hash, md);
-
-    if ((s->enc_read_ctx == NULL) && ((s->enc_read_ctx = (EVP_CIPHER_CTX *)
-                                       OPENSSL_malloc(sizeof(EVP_CIPHER_CTX)))
-                                      == NULL))
-        goto err;
-
-    /*
-     * make sure it's intialized in case the malloc for enc_write_ctx fails
-     * and we exit with an error
-     */
-    rs = s->enc_read_ctx;
-    EVP_CIPHER_CTX_init(rs);
-
-    if ((s->enc_write_ctx == NULL) && ((s->enc_write_ctx = (EVP_CIPHER_CTX *)
-                                        OPENSSL_malloc(sizeof
-                                                       (EVP_CIPHER_CTX))) ==
-                                       NULL))
-        goto err;
-
-    ws = s->enc_write_ctx;
-    EVP_CIPHER_CTX_init(ws);
-
-    num = c->key_len;
-    s->s2->key_material_length = num * 2;
-    OPENSSL_assert(s->s2->key_material_length <= sizeof s->s2->key_material);
-
-    if (ssl2_generate_key_material(s) <= 0)
-        return 0;
-
-    OPENSSL_assert(c->iv_len <= (int)sizeof(s->session->key_arg));
-    EVP_EncryptInit_ex(ws, c, NULL,
-                       &(s->s2->key_material[(client) ? num : 0]),
-                       s->session->key_arg);
-    EVP_DecryptInit_ex(rs, c, NULL,
-                       &(s->s2->key_material[(client) ? 0 : num]),
-                       s->session->key_arg);
-    s->s2->read_key = &(s->s2->key_material[(client) ? 0 : num]);
-    s->s2->write_key = &(s->s2->key_material[(client) ? num : 0]);
-    return (1);
- err:
-    SSLerr(SSL_F_SSL2_ENC_INIT, ERR_R_MALLOC_FAILURE);
-    return (0);
-}
-
-/*
- * read/writes from s->s2->mac_data using length for encrypt and decrypt.
- * It sets s->s2->padding and s->[rw]length if we are encrypting Returns 0 on
- * error and 1 on success
- */
-int ssl2_enc(SSL *s, int send)
-{
-    EVP_CIPHER_CTX *ds;
-    unsigned long l;
-    int bs;
-
-    if (send) {
-        ds = s->enc_write_ctx;
-        l = s->s2->wlength;
-    } else {
-        ds = s->enc_read_ctx;
-        l = s->s2->rlength;
-    }
-
-    /* check for NULL cipher */
-    if (ds == NULL)
-        return 1;
-
-    bs = ds->cipher->block_size;
-    /*
-     * This should be using (bs-1) and bs instead of 7 and 8, but what the
-     * hell.
-     */
-    if (bs == 8)
-        l = (l + 7) / 8 * 8;
-
-    if (EVP_Cipher(ds, s->s2->mac_data, s->s2->mac_data, l) < 1)
-        return 0;
-
-    return 1;
-}
-
-void ssl2_mac(SSL *s, unsigned char *md, int send)
-{
-    EVP_MD_CTX c;
-    unsigned char sequence[4], *p, *sec, *act;
-    unsigned long seq;
-    unsigned int len;
-
-    if (send) {
-        seq = s->s2->write_sequence;
-        sec = s->s2->write_key;
-        len = s->s2->wact_data_length;
-        act = s->s2->wact_data;
-    } else {
-        seq = s->s2->read_sequence;
-        sec = s->s2->read_key;
-        len = s->s2->ract_data_length;
-        act = s->s2->ract_data;
-    }
-
-    p = &(sequence[0]);
-    l2n(seq, p);
-
-    /* There has to be a MAC algorithm. */
-    EVP_MD_CTX_init(&c);
-    EVP_MD_CTX_copy(&c, s->read_hash);
-    EVP_DigestUpdate(&c, sec, EVP_CIPHER_CTX_key_length(s->enc_read_ctx));
-    EVP_DigestUpdate(&c, act, len);
-    /* the above line also does the pad data */
-    EVP_DigestUpdate(&c, sequence, 4);
-    EVP_DigestFinal_ex(&c, md, NULL);
-    EVP_MD_CTX_cleanup(&c);
-}
-#else                           /* !OPENSSL_NO_SSL2 */
-
-# if PEDANTIC
-static void *dummy = &dummy;
-# endif
-
-#endif
diff --git a/thirdparty/openssl/ssl/s2_lib.c b/thirdparty/openssl/ssl/s2_lib.c
deleted file mode 100644
index cc1360307b..0000000000
--- a/thirdparty/openssl/ssl/s2_lib.c
+++ /dev/null
@@ -1,570 +0,0 @@
-/* ssl/s2_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SSL2
-# include <stdio.h>
-# include <openssl/objects.h>
-# include <openssl/evp.h>
-# include <openssl/md5.h>
-
-const char ssl2_version_str[] = "SSLv2" OPENSSL_VERSION_PTEXT;
-
-# define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
-
-/* list of available SSLv2 ciphers (sorted by id) */
-OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
-# if 0
-/* NULL_WITH_MD5 v3 */
-    {
-     1,
-     SSL2_TXT_NULL_WITH_MD5,
-     SSL2_CK_NULL_WITH_MD5,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_eNULL,
-     SSL_MD5,
-     SSL_SSLV2,
-     SSL_EXPORT | SSL_EXP40 | SSL_STRONG_NONE,
-     0,
-     0,
-     0,
-     },
-# endif
-
-/* RC4_128_WITH_MD5 */
-    {
-     1,
-     SSL2_TXT_RC4_128_WITH_MD5,
-     SSL2_CK_RC4_128_WITH_MD5,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_RC4,
-     SSL_MD5,
-     SSL_SSLV2,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
-     0,
-     128,
-     128,
-     },
-
-# if 0
-/* RC4_128_EXPORT40_WITH_MD5 */
-    {
-     1,
-     SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
-     SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_RC4,
-     SSL_MD5,
-     SSL_SSLV2,
-     SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
-     SSL2_CF_5_BYTE_ENC,
-     40,
-     128,
-     },
-# endif
-
-/* RC2_128_CBC_WITH_MD5 */
-    {
-     1,
-     SSL2_TXT_RC2_128_CBC_WITH_MD5,
-     SSL2_CK_RC2_128_CBC_WITH_MD5,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_RC2,
-     SSL_MD5,
-     SSL_SSLV2,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
-     0,
-     128,
-     128,
-     },
-
-# if 0
-/* RC2_128_CBC_EXPORT40_WITH_MD5 */
-    {
-     1,
-     SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
-     SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_RC2,
-     SSL_MD5,
-     SSL_SSLV2,
-     SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
-     SSL2_CF_5_BYTE_ENC,
-     40,
-     128,
-     },
-# endif
-
-# ifndef OPENSSL_NO_IDEA
-/* IDEA_128_CBC_WITH_MD5 */
-    {
-     1,
-     SSL2_TXT_IDEA_128_CBC_WITH_MD5,
-     SSL2_CK_IDEA_128_CBC_WITH_MD5,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_IDEA,
-     SSL_MD5,
-     SSL_SSLV2,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
-     0,
-     128,
-     128,
-     },
-# endif
-
-# if 0
-/* DES_64_CBC_WITH_MD5 */
-    {
-     1,
-     SSL2_TXT_DES_64_CBC_WITH_MD5,
-     SSL2_CK_DES_64_CBC_WITH_MD5,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_DES,
-     SSL_MD5,
-     SSL_SSLV2,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
-     0,
-     56,
-     56,
-     },
-# endif
-
-/* DES_192_EDE3_CBC_WITH_MD5 */
-    {
-     1,
-     SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
-     SSL2_CK_DES_192_EDE3_CBC_WITH_MD5,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_3DES,
-     SSL_MD5,
-     SSL_SSLV2,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
-     0,
-     112,
-     168,
-     },
-
-# if 0
-/* RC4_64_WITH_MD5 */
-    {
-     1,
-     SSL2_TXT_RC4_64_WITH_MD5,
-     SSL2_CK_RC4_64_WITH_MD5,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_RC4,
-     SSL_MD5,
-     SSL_SSLV2,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
-     SSL2_CF_8_BYTE_ENC,
-     64,
-     64,
-     },
-# endif
-
-# if 0
-/* NULL SSLeay (testing) */
-    {
-     0,
-     SSL2_TXT_NULL,
-     SSL2_CK_NULL,
-     0,
-     0,
-     0,
-     0,
-     SSL_SSLV2,
-     SSL_STRONG_NONE,
-     0,
-     0,
-     0,
-     },
-# endif
-
-/* end of list :-) */
-};
-
-long ssl2_default_timeout(void)
-{
-    return (300);
-}
-
-int ssl2_num_ciphers(void)
-{
-    return (SSL2_NUM_CIPHERS);
-}
-
-const SSL_CIPHER *ssl2_get_cipher(unsigned int u)
-{
-    if (u < SSL2_NUM_CIPHERS)
-        return (&(ssl2_ciphers[SSL2_NUM_CIPHERS - 1 - u]));
-    else
-        return (NULL);
-}
-
-int ssl2_pending(const SSL *s)
-{
-    return SSL_in_init(s) ? 0 : s->s2->ract_data_length;
-}
-
-int ssl2_new(SSL *s)
-{
-    SSL2_STATE *s2;
-
-    if ((s2 = OPENSSL_malloc(sizeof *s2)) == NULL)
-        goto err;
-    memset(s2, 0, sizeof *s2);
-
-# if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2
-#  error "assertion failed"
-# endif
-
-    if ((s2->rbuf =
-         OPENSSL_malloc(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2)) == NULL)
-        goto err;
-    /*
-     * wbuf needs one byte more because when using two-byte headers, we leave
-     * the first byte unused in do_ssl_write (s2_pkt.c)
-     */
-    if ((s2->wbuf =
-         OPENSSL_malloc(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 3)) == NULL)
-        goto err;
-    s->s2 = s2;
-
-    ssl2_clear(s);
-    return (1);
- err:
-    if (s2 != NULL) {
-        if (s2->wbuf != NULL)
-            OPENSSL_free(s2->wbuf);
-        if (s2->rbuf != NULL)
-            OPENSSL_free(s2->rbuf);
-        OPENSSL_free(s2);
-    }
-    return (0);
-}
-
-void ssl2_free(SSL *s)
-{
-    SSL2_STATE *s2;
-
-    if (s == NULL)
-        return;
-
-    s2 = s->s2;
-    if (s2->rbuf != NULL)
-        OPENSSL_free(s2->rbuf);
-    if (s2->wbuf != NULL)
-        OPENSSL_free(s2->wbuf);
-    OPENSSL_cleanse(s2, sizeof *s2);
-    OPENSSL_free(s2);
-    s->s2 = NULL;
-}
-
-void ssl2_clear(SSL *s)
-{
-    SSL2_STATE *s2;
-    unsigned char *rbuf, *wbuf;
-
-    s2 = s->s2;
-
-    rbuf = s2->rbuf;
-    wbuf = s2->wbuf;
-
-    memset(s2, 0, sizeof *s2);
-
-    s2->rbuf = rbuf;
-    s2->wbuf = wbuf;
-    s2->clear_text = 1;
-    s->packet = s2->rbuf;
-    s->version = SSL2_VERSION;
-    s->packet_length = 0;
-}
-
-long ssl2_ctrl(SSL *s, int cmd, long larg, void *parg)
-{
-    int ret = 0;
-
-    switch (cmd) {
-    case SSL_CTRL_GET_SESSION_REUSED:
-        ret = s->hit;
-        break;
-    case SSL_CTRL_CHECK_PROTO_VERSION:
-        return ssl3_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, larg, parg);
-    default:
-        break;
-    }
-    return (ret);
-}
-
-long ssl2_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
-{
-    return (0);
-}
-
-long ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
-{
-    return (0);
-}
-
-long ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
-{
-    return (0);
-}
-
-/*
- * This function needs to check if the ciphers required are actually
- * available
- */
-const SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)
-{
-    SSL_CIPHER c;
-    const SSL_CIPHER *cp;
-    unsigned long id;
-
-    id = 0x02000000L | ((unsigned long)p[0] << 16L) |
-        ((unsigned long)p[1] << 8L) | (unsigned long)p[2];
-    c.id = id;
-    cp = OBJ_bsearch_ssl_cipher_id(&c, ssl2_ciphers, SSL2_NUM_CIPHERS);
-    return cp;
-}
-
-int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
-{
-    long l;
-
-    if (p != NULL) {
-        l = c->id;
-        if ((l & 0xff000000) != 0x02000000 && l != SSL3_CK_FALLBACK_SCSV)
-            return (0);
-        p[0] = ((unsigned char)(l >> 16L)) & 0xFF;
-        p[1] = ((unsigned char)(l >> 8L)) & 0xFF;
-        p[2] = ((unsigned char)(l)) & 0xFF;
-    }
-    return (3);
-}
-
-int ssl2_generate_key_material(SSL *s)
-{
-    unsigned int i;
-    EVP_MD_CTX ctx;
-    unsigned char *km;
-    unsigned char c = '0';
-    const EVP_MD *md5;
-    int md_size;
-
-    md5 = EVP_md5();
-
-# ifdef CHARSET_EBCDIC
-    c = os_toascii['0'];        /* Must be an ASCII '0', not EBCDIC '0', see
-                                 * SSLv2 docu */
-# endif
-    EVP_MD_CTX_init(&ctx);
-    km = s->s2->key_material;
-
-    if (s->session->master_key_length < 0 ||
-        s->session->master_key_length > (int)sizeof(s->session->master_key)) {
-        SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
-        return 0;
-    }
-    md_size = EVP_MD_size(md5);
-    if (md_size < 0)
-        return 0;
-    for (i = 0; i < s->s2->key_material_length; i += md_size) {
-        if (((km - s->s2->key_material) + md_size) >
-            (int)sizeof(s->s2->key_material)) {
-            /*
-             * EVP_DigestFinal_ex() below would write beyond buffer
-             */
-            SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
-            return 0;
-        }
-
-        EVP_DigestInit_ex(&ctx, md5, NULL);
-
-        OPENSSL_assert(s->session->master_key_length >= 0
-                       && s->session->master_key_length
-                       <= (int)sizeof(s->session->master_key));
-        EVP_DigestUpdate(&ctx, s->session->master_key,
-                         s->session->master_key_length);
-        EVP_DigestUpdate(&ctx, &c, 1);
-        c++;
-        EVP_DigestUpdate(&ctx, s->s2->challenge, s->s2->challenge_length);
-        EVP_DigestUpdate(&ctx, s->s2->conn_id, s->s2->conn_id_length);
-        EVP_DigestFinal_ex(&ctx, km, NULL);
-        km += md_size;
-    }
-
-    EVP_MD_CTX_cleanup(&ctx);
-    return 1;
-}
-
-void ssl2_return_error(SSL *s, int err)
-{
-    if (!s->error) {
-        s->error = 3;
-        s->error_code = err;
-
-        ssl2_write_error(s);
-    }
-}
-
-void ssl2_write_error(SSL *s)
-{
-    unsigned char buf[3];
-    int i, error;
-
-    buf[0] = SSL2_MT_ERROR;
-    buf[1] = (s->error_code >> 8) & 0xff;
-    buf[2] = (s->error_code) & 0xff;
-
-/*      state=s->rwstate;*/
-
-    error = s->error;           /* number of bytes left to write */
-    s->error = 0;
-    OPENSSL_assert(error >= 0 && error <= (int)sizeof(buf));
-    i = ssl2_write(s, &(buf[3 - error]), error);
-
-/*      if (i == error) s->rwstate=state; */
-
-    if (i < 0)
-        s->error = error;
-    else {
-        s->error = error - i;
-
-        if (s->error == 0)
-            if (s->msg_callback) {
-                /* ERROR */
-                s->msg_callback(1, s->version, 0, buf, 3, s,
-                                s->msg_callback_arg);
-            }
-    }
-}
-
-int ssl2_shutdown(SSL *s)
-{
-    s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
-    return (1);
-}
-#else                           /* !OPENSSL_NO_SSL2 */
-
-# if PEDANTIC
-static void *dummy = &dummy;
-# endif
-
-#endif
diff --git a/thirdparty/openssl/ssl/s2_meth.c b/thirdparty/openssl/ssl/s2_meth.c
deleted file mode 100644
index 73885b7ecf..0000000000
--- a/thirdparty/openssl/ssl/s2_meth.c
+++ /dev/null
@@ -1,91 +0,0 @@
-/* ssl/s2_meth.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SSL2_METHOD
-# ifndef OPENSSL_NO_SSL2
-# include <stdio.h>
-# include <openssl/objects.h>
-
-static const SSL_METHOD *ssl2_get_method(int ver);
-static const SSL_METHOD *ssl2_get_method(int ver)
-{
-    if (ver == SSL2_VERSION)
-        return (SSLv2_method());
-    else
-        return (NULL);
-}
-
-IMPLEMENT_ssl2_meth_func(SSLv2_method,
-                         ssl2_accept, ssl2_connect, ssl2_get_method)
-
-# else /* !OPENSSL_NO_SSL2 */
-
-const SSL_METHOD *SSLv2_method(void) { return NULL; }
-const SSL_METHOD *SSLv2_client_method(void) { return NULL; }
-const SSL_METHOD *SSLv2_server_method(void) { return NULL; }
-
-# endif
-
-#else /* !OPENSSL_NO_SSL2_METHOD */
-
-# if PEDANTIC
-static void *dummy = &dummy;
-# endif
-
-#endif
diff --git a/thirdparty/openssl/ssl/s2_pkt.c b/thirdparty/openssl/ssl/s2_pkt.c
deleted file mode 100644
index e44bc0335a..0000000000
--- a/thirdparty/openssl/ssl/s2_pkt.c
+++ /dev/null
@@ -1,731 +0,0 @@
-/* ssl/s2_pkt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SSL2
-# include <stdio.h>
-# include <errno.h>
-# define USE_SOCKETS
-
-static int read_n(SSL *s, unsigned int n, unsigned int max,
-                  unsigned int extend);
-static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len);
-static int write_pending(SSL *s, const unsigned char *buf, unsigned int len);
-static int ssl_mt_error(int n);
-
-/*
- * SSL 2.0 imlementation for SSL_read/SSL_peek - This routine will return 0
- * to len bytes, decrypted etc if required.
- */
-static int ssl2_read_internal(SSL *s, void *buf, int len, int peek)
-{
-    int n;
-    unsigned char mac[MAX_MAC_SIZE];
-    unsigned char *p;
-    int i;
-    int mac_size;
-
- ssl2_read_again:
-    if (SSL_in_init(s) && !s->in_handshake) {
-        n = s->handshake_func(s);
-        if (n < 0)
-            return (n);
-        if (n == 0) {
-            SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_SSL_HANDSHAKE_FAILURE);
-            return (-1);
-        }
-    }
-
-    clear_sys_error();
-    s->rwstate = SSL_NOTHING;
-    if (len <= 0)
-        return (len);
-
-    if (s->s2->ract_data_length != 0) { /* read from buffer */
-        if (len > s->s2->ract_data_length)
-            n = s->s2->ract_data_length;
-        else
-            n = len;
-
-        memcpy(buf, s->s2->ract_data, (unsigned int)n);
-        if (!peek) {
-            s->s2->ract_data_length -= n;
-            s->s2->ract_data += n;
-            if (s->s2->ract_data_length == 0)
-                s->rstate = SSL_ST_READ_HEADER;
-        }
-
-        return (n);
-    }
-
-    /*
-     * s->s2->ract_data_length == 0 Fill the buffer, then goto
-     * ssl2_read_again.
-     */
-
-    if (s->rstate == SSL_ST_READ_HEADER) {
-        if (s->first_packet) {
-            n = read_n(s, 5, SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2, 0);
-            if (n <= 0)
-                return (n);     /* error or non-blocking */
-            s->first_packet = 0;
-            p = s->packet;
-            if (!((p[0] & 0x80) && ((p[2] == SSL2_MT_CLIENT_HELLO) ||
-                                    (p[2] == SSL2_MT_SERVER_HELLO)))) {
-                SSLerr(SSL_F_SSL2_READ_INTERNAL,
-                       SSL_R_NON_SSLV2_INITIAL_PACKET);
-                return (-1);
-            }
-        } else {
-            n = read_n(s, 2, SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2, 0);
-            if (n <= 0)
-                return (n);     /* error or non-blocking */
-        }
-        /* part read stuff */
-
-        s->rstate = SSL_ST_READ_BODY;
-        p = s->packet;
-        /* Do header */
-        /*
-         * s->s2->padding=0;
-         */
-        s->s2->escape = 0;
-        s->s2->rlength = (((unsigned int)p[0]) << 8) | ((unsigned int)p[1]);
-        if ((p[0] & TWO_BYTE_BIT)) { /* Two byte header? */
-            s->s2->three_byte_header = 0;
-            s->s2->rlength &= TWO_BYTE_MASK;
-        } else {
-            s->s2->three_byte_header = 1;
-            s->s2->rlength &= THREE_BYTE_MASK;
-
-            /* security >s2->escape */
-            s->s2->escape = ((p[0] & SEC_ESC_BIT)) ? 1 : 0;
-        }
-    }
-
-    if (s->rstate == SSL_ST_READ_BODY) {
-        n = s->s2->rlength + 2 + s->s2->three_byte_header;
-        if (n > (int)s->packet_length) {
-            n -= s->packet_length;
-            i = read_n(s, (unsigned int)n, (unsigned int)n, 1);
-            if (i <= 0)
-                return (i);     /* ERROR */
-        }
-
-        p = &(s->packet[2]);
-        s->rstate = SSL_ST_READ_HEADER;
-        if (s->s2->three_byte_header)
-            s->s2->padding = *(p++);
-        else
-            s->s2->padding = 0;
-
-        /* Data portion */
-        if (s->s2->clear_text) {
-            mac_size = 0;
-            s->s2->mac_data = p;
-            s->s2->ract_data = p;
-            if (s->s2->padding) {
-                SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_ILLEGAL_PADDING);
-                return (-1);
-            }
-        } else {
-            mac_size = EVP_MD_CTX_size(s->read_hash);
-            if (mac_size < 0)
-                return -1;
-            OPENSSL_assert(mac_size <= MAX_MAC_SIZE);
-            s->s2->mac_data = p;
-            s->s2->ract_data = &p[mac_size];
-            if (s->s2->padding + mac_size > s->s2->rlength) {
-                SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_ILLEGAL_PADDING);
-                return (-1);
-            }
-        }
-
-        s->s2->ract_data_length = s->s2->rlength;
-        /*
-         * added a check for length > max_size in case encryption was not
-         * turned on yet due to an error
-         */
-        if ((!s->s2->clear_text) &&
-            (s->s2->rlength >= (unsigned int)mac_size)) {
-            if (!ssl2_enc(s, 0)) {
-                SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_DECRYPTION_FAILED);
-                return (-1);
-            }
-            s->s2->ract_data_length -= mac_size;
-            ssl2_mac(s, mac, 0);
-            s->s2->ract_data_length -= s->s2->padding;
-            if ((CRYPTO_memcmp(mac, s->s2->mac_data, mac_size) != 0) ||
-                (s->s2->rlength %
-                 EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0)) {
-                SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_BAD_MAC_DECODE);
-                return (-1);
-            }
-        }
-        INC32(s->s2->read_sequence); /* expect next number */
-        /* s->s2->ract_data is now available for processing */
-
-        /*
-         * Possibly the packet that we just read had 0 actual data bytes.
-         * (SSLeay/OpenSSL itself never sends such packets; see ssl2_write.)
-         * In this case, returning 0 would be interpreted by the caller as
-         * indicating EOF, so it's not a good idea.  Instead, we just
-         * continue reading; thus ssl2_read_internal may have to process
-         * multiple packets before it can return. [Note that using select()
-         * for blocking sockets *never* guarantees that the next SSL_read
-         * will not block -- the available data may contain incomplete
-         * packets, and except for SSL 2, renegotiation can confuse things
-         * even more.]
-         */
-
-        goto ssl2_read_again;   /* This should really be "return
-                                 * ssl2_read(s,buf,len)", but that would
-                                 * allow for denial-of-service attacks if a C
-                                 * compiler is used that does not recognize
-                                 * end-recursion. */
-    } else {
-        SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_BAD_STATE);
-        return (-1);
-    }
-}
-
-int ssl2_read(SSL *s, void *buf, int len)
-{
-    return ssl2_read_internal(s, buf, len, 0);
-}
-
-int ssl2_peek(SSL *s, void *buf, int len)
-{
-    return ssl2_read_internal(s, buf, len, 1);
-}
-
-/*
- * Return values are as per SSL_read()
- */
-static int read_n(SSL *s, unsigned int n, unsigned int max,
-                  unsigned int extend)
-{
-    int i, off, newb;
-
-    /*
-     * if there is stuff still in the buffer from a previous read, and there
-     * is more than we want, take some.
-     */
-    if (s->s2->rbuf_left >= (int)n) {
-        if (extend)
-            s->packet_length += n;
-        else {
-            s->packet = &(s->s2->rbuf[s->s2->rbuf_offs]);
-            s->packet_length = n;
-        }
-        s->s2->rbuf_left -= n;
-        s->s2->rbuf_offs += n;
-        return (n);
-    }
-
-    if (!s->read_ahead)
-        max = n;
-    if (max > (unsigned int)(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2))
-        max = SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2;
-
-    /*
-     * Else we want more than we have. First, if there is some left or we
-     * want to extend
-     */
-    off = 0;
-    if ((s->s2->rbuf_left != 0) || ((s->packet_length != 0) && extend)) {
-        newb = s->s2->rbuf_left;
-        if (extend) {
-            off = s->packet_length;
-            if (s->packet != s->s2->rbuf)
-                memcpy(s->s2->rbuf, s->packet, (unsigned int)newb + off);
-        } else if (s->s2->rbuf_offs != 0) {
-            memcpy(s->s2->rbuf, &(s->s2->rbuf[s->s2->rbuf_offs]),
-                   (unsigned int)newb);
-            s->s2->rbuf_offs = 0;
-        }
-        s->s2->rbuf_left = 0;
-    } else
-        newb = 0;
-
-    /*
-     * off is the offset to start writing too. r->s2->rbuf_offs is the
-     * 'unread data', now 0. newb is the number of new bytes so far
-     */
-    s->packet = s->s2->rbuf;
-    while (newb < (int)n) {
-        clear_sys_error();
-        if (s->rbio != NULL) {
-            s->rwstate = SSL_READING;
-            i = BIO_read(s->rbio, (char *)&(s->s2->rbuf[off + newb]),
-                         max - newb);
-        } else {
-            SSLerr(SSL_F_READ_N, SSL_R_READ_BIO_NOT_SET);
-            i = -1;
-        }
-# ifdef PKT_DEBUG
-        if (s->debug & 0x01)
-            sleep(1);
-# endif
-        if (i <= 0) {
-            s->s2->rbuf_left += newb;
-            return i;
-        }
-        newb += i;
-    }
-
-    /* record unread data */
-    if (newb > (int)n) {
-        s->s2->rbuf_offs = n + off;
-        s->s2->rbuf_left = newb - n;
-    } else {
-        s->s2->rbuf_offs = 0;
-        s->s2->rbuf_left = 0;
-    }
-    if (extend)
-        s->packet_length += n;
-    else
-        s->packet_length = n;
-    s->rwstate = SSL_NOTHING;
-    return (n);
-}
-
-int ssl2_write(SSL *s, const void *_buf, int len)
-{
-    const unsigned char *buf = _buf;
-    unsigned int n, tot;
-    int i;
-
-    if (SSL_in_init(s) && !s->in_handshake) {
-        i = s->handshake_func(s);
-        if (i < 0)
-            return (i);
-        if (i == 0) {
-            SSLerr(SSL_F_SSL2_WRITE, SSL_R_SSL_HANDSHAKE_FAILURE);
-            return (-1);
-        }
-    }
-
-    if (s->error) {
-        ssl2_write_error(s);
-        if (s->error)
-            return (-1);
-    }
-
-    clear_sys_error();
-    s->rwstate = SSL_NOTHING;
-    if (len <= 0)
-        return (len);
-
-    tot = s->s2->wnum;
-    s->s2->wnum = 0;
-
-    n = (len - tot);
-    for (;;) {
-        i = n_do_ssl_write(s, &(buf[tot]), n);
-        if (i <= 0) {
-            s->s2->wnum = tot;
-            return (i);
-        }
-        if ((i == (int)n) || (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE)) {
-            return (tot + i);
-        }
-
-        n -= i;
-        tot += i;
-    }
-}
-
-/*
- * Return values are as per SSL_write()
- */
-static int write_pending(SSL *s, const unsigned char *buf, unsigned int len)
-{
-    int i;
-
-    /* s->s2->wpend_len != 0 MUST be true. */
-
-    /*
-     * check that they have given us the same buffer to write
-     */
-    if ((s->s2->wpend_tot > (int)len) ||
-        ((s->s2->wpend_buf != buf) &&
-         !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER))) {
-        SSLerr(SSL_F_WRITE_PENDING, SSL_R_BAD_WRITE_RETRY);
-        return (-1);
-    }
-
-    for (;;) {
-        clear_sys_error();
-        if (s->wbio != NULL) {
-            s->rwstate = SSL_WRITING;
-            i = BIO_write(s->wbio,
-                          (char *)&(s->s2->write_ptr[s->s2->wpend_off]),
-                          (unsigned int)s->s2->wpend_len);
-        } else {
-            SSLerr(SSL_F_WRITE_PENDING, SSL_R_WRITE_BIO_NOT_SET);
-            i = -1;
-        }
-# ifdef PKT_DEBUG
-        if (s->debug & 0x01)
-            sleep(1);
-# endif
-        if (i == s->s2->wpend_len) {
-            s->s2->wpend_len = 0;
-            s->rwstate = SSL_NOTHING;
-            return (s->s2->wpend_ret);
-        } else if (i <= 0)
-            return i;
-        s->s2->wpend_off += i;
-        s->s2->wpend_len -= i;
-    }
-}
-
-static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
-{
-    unsigned int j, k, olen, p, bs;
-    int mac_size;
-    register unsigned char *pp;
-
-    olen = len;
-
-    /*
-     * first check if there is data from an encryption waiting to be sent -
-     * it must be sent because the other end is waiting. This will happen
-     * with non-blocking IO.  We print it and then return.
-     */
-    if (s->s2->wpend_len != 0)
-        return (write_pending(s, buf, len));
-
-    /* set mac_size to mac size */
-    if (s->s2->clear_text)
-        mac_size = 0;
-    else {
-        mac_size = EVP_MD_CTX_size(s->write_hash);
-        if (mac_size < 0)
-            return -1;
-    }
-
-    /* lets set the pad p */
-    if (s->s2->clear_text) {
-        if (len > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER)
-            len = SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER;
-        p = 0;
-        s->s2->three_byte_header = 0;
-        /* len=len; */
-    } else {
-        bs = EVP_CIPHER_CTX_block_size(s->enc_read_ctx);
-        j = len + mac_size;
-        /*
-         * Two-byte headers allow for a larger record length than three-byte
-         * headers, but we can't use them if we need padding or if we have to
-         * set the escape bit.
-         */
-        if ((j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) && (!s->s2->escape)) {
-            if (j > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER)
-                j = SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER;
-            /*
-             * set k to the max number of bytes with 2 byte header
-             */
-            k = j - (j % bs);
-            /* how many data bytes? */
-            len = k - mac_size;
-            s->s2->three_byte_header = 0;
-            p = 0;
-        } else if ((bs <= 1) && (!s->s2->escape)) {
-            /*-
-             * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus
-             * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER
-             */
-            s->s2->three_byte_header = 0;
-            p = 0;
-        } else {                /* we may have to use a 3 byte header */
-
-            /*-
-             * If s->s2->escape is not set, then
-             * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, and thus
-             * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER.
-             */
-            p = (j % bs);
-            p = (p == 0) ? 0 : (bs - p);
-            if (s->s2->escape) {
-                s->s2->three_byte_header = 1;
-                if (j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
-                    j = SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER;
-            } else
-                s->s2->three_byte_header = (p == 0) ? 0 : 1;
-        }
-    }
-
-    /*-
-     * Now
-     *      j <= SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER
-     * holds, and if s->s2->three_byte_header is set, then even
-     *      j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER.
-     */
-
-    /*
-     * mac_size is the number of MAC bytes len is the number of data bytes we
-     * are going to send p is the number of padding bytes (if it is a
-     * two-byte header, then p == 0)
-     */
-
-    s->s2->wlength = len;
-    s->s2->padding = p;
-    s->s2->mac_data = &(s->s2->wbuf[3]);
-    s->s2->wact_data = &(s->s2->wbuf[3 + mac_size]);
-
-    /*
-     * It would be clearer to write this as follows:
-     *     if (mac_size + len + p > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER)
-     * However |len| is user input that could in theory be very large. We
-     * know |mac_size| and |p| are small, so to avoid any possibility of
-     * overflow we write it like this.
-     *
-     * In theory this should never fail because the logic above should have
-     * modified |len| if it is too big. But we are being cautious.
-     */
-    if (len > (SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER - (mac_size + p))) {
-        return -1;
-    }
-    /* we copy the data into s->s2->wbuf */
-    memcpy(s->s2->wact_data, buf, len);
-    if (p)
-        memset(&(s->s2->wact_data[len]), 0, p); /* arbitrary padding */
-
-    if (!s->s2->clear_text) {
-        s->s2->wact_data_length = len + p;
-        ssl2_mac(s, s->s2->mac_data, 1);
-        s->s2->wlength += p + mac_size;
-        if (ssl2_enc(s, 1) < 1)
-            return -1;
-    }
-
-    /* package up the header */
-    s->s2->wpend_len = s->s2->wlength;
-    if (s->s2->three_byte_header) { /* 3 byte header */
-        pp = s->s2->mac_data;
-        pp -= 3;
-        pp[0] = (s->s2->wlength >> 8) & (THREE_BYTE_MASK >> 8);
-        if (s->s2->escape)
-            pp[0] |= SEC_ESC_BIT;
-        pp[1] = s->s2->wlength & 0xff;
-        pp[2] = s->s2->padding;
-        s->s2->wpend_len += 3;
-    } else {
-        pp = s->s2->mac_data;
-        pp -= 2;
-        pp[0] = ((s->s2->wlength >> 8) & (TWO_BYTE_MASK >> 8)) | TWO_BYTE_BIT;
-        pp[1] = s->s2->wlength & 0xff;
-        s->s2->wpend_len += 2;
-    }
-    s->s2->write_ptr = pp;
-
-    INC32(s->s2->write_sequence); /* expect next number */
-
-    /* lets try to actually write the data */
-    s->s2->wpend_tot = olen;
-    s->s2->wpend_buf = buf;
-
-    s->s2->wpend_ret = len;
-
-    s->s2->wpend_off = 0;
-    return (write_pending(s, buf, olen));
-}
-
-int ssl2_part_read(SSL *s, unsigned long f, int i)
-{
-    unsigned char *p;
-    int j;
-
-    if (i < 0) {
-        /* ssl2_return_error(s); */
-        /*
-         * for non-blocking io, this is not necessarily fatal
-         */
-        return (i);
-    } else {
-        s->init_num += i;
-
-        /*
-         * Check for error.  While there are recoverable errors, this
-         * function is not called when those must be expected; any error
-         * detected here is fatal.
-         */
-        if (s->init_num >= 3) {
-            p = (unsigned char *)s->init_buf->data;
-            if (p[0] == SSL2_MT_ERROR) {
-                j = (p[1] << 8) | p[2];
-                SSLerr((int)f, ssl_mt_error(j));
-                s->init_num -= 3;
-                if (s->init_num > 0)
-                    memmove(p, p + 3, s->init_num);
-            }
-        }
-
-        /*
-         * If it's not an error message, we have some error anyway -- the
-         * message was shorter than expected.  This too is treated as fatal
-         * (at least if SSL_get_error is asked for its opinion).
-         */
-        return (0);
-    }
-}
-
-int ssl2_do_write(SSL *s)
-{
-    int ret;
-
-    ret = ssl2_write(s, &s->init_buf->data[s->init_off], s->init_num);
-    if (ret == s->init_num) {
-        if (s->msg_callback)
-            s->msg_callback(1, s->version, 0, s->init_buf->data,
-                            (size_t)(s->init_off + s->init_num), s,
-                            s->msg_callback_arg);
-        return (1);
-    }
-    if (ret < 0)
-        return (-1);
-    s->init_off += ret;
-    s->init_num -= ret;
-    return (0);
-}
-
-static int ssl_mt_error(int n)
-{
-    int ret;
-
-    switch (n) {
-    case SSL2_PE_NO_CIPHER:
-        ret = SSL_R_PEER_ERROR_NO_CIPHER;
-        break;
-    case SSL2_PE_NO_CERTIFICATE:
-        ret = SSL_R_PEER_ERROR_NO_CERTIFICATE;
-        break;
-    case SSL2_PE_BAD_CERTIFICATE:
-        ret = SSL_R_PEER_ERROR_CERTIFICATE;
-        break;
-    case SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE:
-        ret = SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE;
-        break;
-    default:
-        ret = SSL_R_UNKNOWN_REMOTE_ERROR_TYPE;
-        break;
-    }
-    return (ret);
-}
-#else                           /* !OPENSSL_NO_SSL2 */
-
-# if PEDANTIC
-static void *dummy = &dummy;
-# endif
-
-#endif
diff --git a/thirdparty/openssl/ssl/s2_srvr.c b/thirdparty/openssl/ssl/s2_srvr.c
deleted file mode 100644
index d3b243c27e..0000000000
--- a/thirdparty/openssl/ssl/s2_srvr.c
+++ /dev/null
@@ -1,1167 +0,0 @@
-/* ssl/s2_srvr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SSL2
-#include "../crypto/constant_time_locl.h"
-# include <stdio.h>
-# include <openssl/bio.h>
-# include <openssl/rand.h>
-# include <openssl/objects.h>
-# include <openssl/evp.h>
-
-static const SSL_METHOD *ssl2_get_server_method(int ver);
-static int get_client_master_key(SSL *s);
-static int get_client_hello(SSL *s);
-static int server_hello(SSL *s);
-static int get_client_finished(SSL *s);
-static int server_verify(SSL *s);
-static int server_finish(SSL *s);
-static int request_certificate(SSL *s);
-static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
-                                   unsigned char *to, int padding);
-# define BREAK   break
-
-static const SSL_METHOD *ssl2_get_server_method(int ver)
-{
-    if (ver == SSL2_VERSION)
-        return (SSLv2_server_method());
-    else
-        return (NULL);
-}
-
-IMPLEMENT_ssl2_meth_func(SSLv2_server_method,
-                         ssl2_accept,
-                         ssl_undefined_function, ssl2_get_server_method)
-
-int ssl2_accept(SSL *s)
-{
-    unsigned long l = (unsigned long)time(NULL);
-    BUF_MEM *buf = NULL;
-    int ret = -1;
-    long num1;
-    void (*cb) (const SSL *ssl, int type, int val) = NULL;
-    int new_state, state;
-
-    RAND_add(&l, sizeof(l), 0);
-    ERR_clear_error();
-    clear_sys_error();
-
-    if (s->info_callback != NULL)
-        cb = s->info_callback;
-    else if (s->ctx->info_callback != NULL)
-        cb = s->ctx->info_callback;
-
-    /* init things to blank */
-    s->in_handshake++;
-    if (!SSL_in_init(s) || SSL_in_before(s))
-        SSL_clear(s);
-
-    if (s->cert == NULL) {
-        SSLerr(SSL_F_SSL2_ACCEPT, SSL_R_NO_CERTIFICATE_SET);
-        return (-1);
-    }
-
-    clear_sys_error();
-    for (;;) {
-        state = s->state;
-
-        switch (s->state) {
-        case SSL_ST_BEFORE:
-        case SSL_ST_ACCEPT:
-        case SSL_ST_BEFORE | SSL_ST_ACCEPT:
-        case SSL_ST_OK | SSL_ST_ACCEPT:
-
-            s->server = 1;
-            if (cb != NULL)
-                cb(s, SSL_CB_HANDSHAKE_START, 1);
-
-            s->version = SSL2_VERSION;
-            s->type = SSL_ST_ACCEPT;
-
-            if (s->init_buf == NULL) {
-                if ((buf = BUF_MEM_new()) == NULL) {
-                    ret = -1;
-                    goto end;
-                }
-                if (!BUF_MEM_grow
-                    (buf, (int)SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
-                    BUF_MEM_free(buf);
-                    ret = -1;
-                    goto end;
-                }
-                s->init_buf = buf;
-            }
-            s->init_num = 0;
-            s->ctx->stats.sess_accept++;
-            s->handshake_func = ssl2_accept;
-            s->state = SSL2_ST_GET_CLIENT_HELLO_A;
-            BREAK;
-
-        case SSL2_ST_GET_CLIENT_HELLO_A:
-        case SSL2_ST_GET_CLIENT_HELLO_B:
-        case SSL2_ST_GET_CLIENT_HELLO_C:
-            s->shutdown = 0;
-            ret = get_client_hello(s);
-            if (ret <= 0)
-                goto end;
-            s->init_num = 0;
-            s->state = SSL2_ST_SEND_SERVER_HELLO_A;
-            BREAK;
-
-        case SSL2_ST_SEND_SERVER_HELLO_A:
-        case SSL2_ST_SEND_SERVER_HELLO_B:
-            ret = server_hello(s);
-            if (ret <= 0)
-                goto end;
-            s->init_num = 0;
-            if (!s->hit) {
-                s->state = SSL2_ST_GET_CLIENT_MASTER_KEY_A;
-                BREAK;
-            } else {
-                s->state = SSL2_ST_SERVER_START_ENCRYPTION;
-                BREAK;
-            }
-        case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
-        case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
-            ret = get_client_master_key(s);
-            if (ret <= 0)
-                goto end;
-            s->init_num = 0;
-            s->state = SSL2_ST_SERVER_START_ENCRYPTION;
-            BREAK;
-
-        case SSL2_ST_SERVER_START_ENCRYPTION:
-            /*
-             * Ok we how have sent all the stuff needed to start encrypting,
-             * the next packet back will be encrypted.
-             */
-            if (!ssl2_enc_init(s, 0)) {
-                ret = -1;
-                goto end;
-            }
-            s->s2->clear_text = 0;
-            s->state = SSL2_ST_SEND_SERVER_VERIFY_A;
-            BREAK;
-
-        case SSL2_ST_SEND_SERVER_VERIFY_A:
-        case SSL2_ST_SEND_SERVER_VERIFY_B:
-            ret = server_verify(s);
-            if (ret <= 0)
-                goto end;
-            s->init_num = 0;
-            if (s->hit) {
-                /*
-                 * If we are in here, we have been buffering the output, so
-                 * we need to flush it and remove buffering from future
-                 * traffic
-                 */
-                s->state = SSL2_ST_SEND_SERVER_VERIFY_C;
-                BREAK;
-            } else {
-                s->state = SSL2_ST_GET_CLIENT_FINISHED_A;
-                break;
-            }
-
-        case SSL2_ST_SEND_SERVER_VERIFY_C:
-            /* get the number of bytes to write */
-            num1 = BIO_ctrl(s->wbio, BIO_CTRL_INFO, 0, NULL);
-            if (num1 > 0) {
-                s->rwstate = SSL_WRITING;
-                num1 = BIO_flush(s->wbio);
-                if (num1 <= 0) {
-                    ret = -1;
-                    goto end;
-                }
-                s->rwstate = SSL_NOTHING;
-            }
-
-            /* flushed and now remove buffering */
-            s->wbio = BIO_pop(s->wbio);
-
-            s->state = SSL2_ST_GET_CLIENT_FINISHED_A;
-            BREAK;
-
-        case SSL2_ST_GET_CLIENT_FINISHED_A:
-        case SSL2_ST_GET_CLIENT_FINISHED_B:
-            ret = get_client_finished(s);
-            if (ret <= 0)
-                goto end;
-            s->init_num = 0;
-            s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_A;
-            BREAK;
-
-        case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
-        case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:
-        case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:
-        case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:
-            /*
-             * don't do a 'request certificate' if we don't want to, or we
-             * already have one, and we only want to do it once.
-             */
-            if (!(s->verify_mode & SSL_VERIFY_PEER) ||
-                ((s->session->peer != NULL) &&
-                 (s->verify_mode & SSL_VERIFY_CLIENT_ONCE))) {
-                s->state = SSL2_ST_SEND_SERVER_FINISHED_A;
-                break;
-            } else {
-                ret = request_certificate(s);
-                if (ret <= 0)
-                    goto end;
-                s->init_num = 0;
-                s->state = SSL2_ST_SEND_SERVER_FINISHED_A;
-            }
-            BREAK;
-
-        case SSL2_ST_SEND_SERVER_FINISHED_A:
-        case SSL2_ST_SEND_SERVER_FINISHED_B:
-            ret = server_finish(s);
-            if (ret <= 0)
-                goto end;
-            s->init_num = 0;
-            s->state = SSL_ST_OK;
-            break;
-
-        case SSL_ST_OK:
-            BUF_MEM_free(s->init_buf);
-            ssl_free_wbio_buffer(s);
-            s->init_buf = NULL;
-            s->init_num = 0;
-            /*      ERR_clear_error(); */
-
-            ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
-
-            s->ctx->stats.sess_accept_good++;
-            /* s->server=1; */
-            ret = 1;
-
-            if (cb != NULL)
-                cb(s, SSL_CB_HANDSHAKE_DONE, 1);
-
-            goto end;
-            /* BREAK; */
-
-        default:
-            SSLerr(SSL_F_SSL2_ACCEPT, SSL_R_UNKNOWN_STATE);
-            ret = -1;
-            goto end;
-            /* BREAK; */
-        }
-
-        if ((cb != NULL) && (s->state != state)) {
-            new_state = s->state;
-            s->state = state;
-            cb(s, SSL_CB_ACCEPT_LOOP, 1);
-            s->state = new_state;
-        }
-    }
- end:
-    s->in_handshake--;
-    if (cb != NULL)
-        cb(s, SSL_CB_ACCEPT_EXIT, ret);
-    return (ret);
-}
-
-static int get_client_master_key(SSL *s)
-{
-    int is_export, i, n, keya;
-    unsigned int num_encrypted_key_bytes, key_length;
-    unsigned long len;
-    unsigned char *p;
-    const SSL_CIPHER *cp;
-    const EVP_CIPHER *c;
-    const EVP_MD *md;
-    unsigned char rand_premaster_secret[SSL_MAX_MASTER_KEY_LENGTH];
-    unsigned char decrypt_good;
-    size_t j;
-
-    p = (unsigned char *)s->init_buf->data;
-    if (s->state == SSL2_ST_GET_CLIENT_MASTER_KEY_A) {
-        i = ssl2_read(s, (char *)&(p[s->init_num]), 10 - s->init_num);
-
-        if (i < (10 - s->init_num))
-            return (ssl2_part_read(s, SSL_F_GET_CLIENT_MASTER_KEY, i));
-        s->init_num = 10;
-
-        if (*(p++) != SSL2_MT_CLIENT_MASTER_KEY) {
-            if (p[-1] != SSL2_MT_ERROR) {
-                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-                SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,
-                       SSL_R_READ_WRONG_PACKET_TYPE);
-            } else
-                SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_PEER_ERROR);
-            return (-1);
-        }
-
-        cp = ssl2_get_cipher_by_char(p);
-        if (cp == NULL || sk_SSL_CIPHER_find(s->session->ciphers, cp) < 0) {
-            ssl2_return_error(s, SSL2_PE_NO_CIPHER);
-            SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH);
-            return (-1);
-        }
-        s->session->cipher = cp;
-
-        p += 3;
-        n2s(p, i);
-        s->s2->tmp.clear = i;
-        n2s(p, i);
-        s->s2->tmp.enc = i;
-        n2s(p, i);
-        if (i > SSL_MAX_KEY_ARG_LENGTH) {
-            ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-            SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_KEY_ARG_TOO_LONG);
-            return -1;
-        }
-        s->session->key_arg_length = i;
-        s->state = SSL2_ST_GET_CLIENT_MASTER_KEY_B;
-    }
-
-    /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */
-    p = (unsigned char *)s->init_buf->data;
-    if (s->init_buf->length < SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
-        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-        SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
-        return -1;
-    }
-    keya = s->session->key_arg_length;
-    len =
-        10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc +
-        (unsigned long)keya;
-    if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
-        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-        SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_MESSAGE_TOO_LONG);
-        return -1;
-    }
-    n = (int)len - s->init_num;
-    i = ssl2_read(s, (char *)&(p[s->init_num]), n);
-    if (i != n)
-        return (ssl2_part_read(s, SSL_F_GET_CLIENT_MASTER_KEY, i));
-    if (s->msg_callback) {
-        /* CLIENT-MASTER-KEY */
-        s->msg_callback(0, s->version, 0, p, (size_t)len, s,
-                        s->msg_callback_arg);
-    }
-    p += 10;
-
-    memcpy(s->session->key_arg, &(p[s->s2->tmp.clear + s->s2->tmp.enc]),
-           (unsigned int)keya);
-
-    if (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) {
-        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-        SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_PRIVATEKEY);
-        return (-1);
-    }
-
-    is_export = SSL_C_IS_EXPORT(s->session->cipher);
-
-    if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
-        ssl2_return_error(s, SSL2_PE_NO_CIPHER);
-        SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,
-               SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
-        return (0);
-    }
-
-    /*
-     * The format of the CLIENT-MASTER-KEY message is
-     * 1 byte message type
-     * 3 bytes cipher
-     * 2-byte clear key length (stored in s->s2->tmp.clear)
-     * 2-byte encrypted key length (stored in s->s2->tmp.enc)
-     * 2-byte key args length (IV etc)
-     * clear key
-     * encrypted key
-     * key args
-     *
-     * If the cipher is an export cipher, then the encrypted key bytes
-     * are a fixed portion of the total key (5 or 8 bytes). The size of
-     * this portion is in |num_encrypted_key_bytes|. If the cipher is not an
-     * export cipher, then the entire key material is encrypted (i.e., clear
-     * key length must be zero).
-     */
-    key_length = (unsigned int)EVP_CIPHER_key_length(c);
-    if (key_length > SSL_MAX_MASTER_KEY_LENGTH) {
-        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-        SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
-        return -1;
-    }
-
-    if (s->session->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC) {
-        is_export = 1;
-        num_encrypted_key_bytes = 8;
-    } else if (is_export) {
-        num_encrypted_key_bytes = 5;
-    } else {
-        num_encrypted_key_bytes = key_length;
-    }
-
-    if (s->s2->tmp.clear + num_encrypted_key_bytes != key_length) {
-        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-        SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_LENGTH);
-        return -1;
-    }
-    /*
-     * The encrypted blob must decrypt to the encrypted portion of the key.
-     * Decryption can't be expanding, so if we don't have enough encrypted
-     * bytes to fit the key in the buffer, stop now.
-     */
-    if (s->s2->tmp.enc < num_encrypted_key_bytes) {
-        ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
-        SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_LENGTH_TOO_SHORT);
-        return -1;
-    }
-
-    /*
-     * We must not leak whether a decryption failure occurs because of
-     * Bleichenbacher's attack on PKCS #1 v1.5 RSA padding (see RFC 2246,
-     * section 7.4.7.1). The code follows that advice of the TLS RFC and
-     * generates a random premaster secret for the case that the decrypt
-     * fails. See https://tools.ietf.org/html/rfc5246#section-7.4.7.1
-     */
-
-    if (RAND_bytes(rand_premaster_secret,
-                  (int)num_encrypted_key_bytes) <= 0)
-        return 0;
-
-    i = ssl_rsa_private_decrypt(s->cert, s->s2->tmp.enc,
-                                &(p[s->s2->tmp.clear]),
-                                &(p[s->s2->tmp.clear]),
-                                (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING :
-                                RSA_PKCS1_PADDING);
-    ERR_clear_error();
-    /*
-     * If a bad decrypt, continue with protocol but with a random master
-     * secret (Bleichenbacher attack)
-     */
-    decrypt_good = constant_time_eq_int_8(i, (int)num_encrypted_key_bytes);
-    for (j = 0; j < num_encrypted_key_bytes; j++) {
-        p[s->s2->tmp.clear + j] =
-                constant_time_select_8(decrypt_good, p[s->s2->tmp.clear + j],
-                                       rand_premaster_secret[j]);
-    }
-
-    s->session->master_key_length = (int)key_length;
-    memcpy(s->session->master_key, p, key_length);
-    OPENSSL_cleanse(p, key_length);
-
-    return 1;
-}
-
-static int get_client_hello(SSL *s)
-{
-    int i, n;
-    unsigned long len;
-    unsigned char *p;
-    STACK_OF(SSL_CIPHER) *cs;   /* a stack of SSL_CIPHERS */
-    STACK_OF(SSL_CIPHER) *cl;   /* the ones we want to use */
-    STACK_OF(SSL_CIPHER) *prio, *allow;
-    int z;
-
-    /*
-     * This is a bit of a hack to check for the correct packet type the first
-     * time round.
-     */
-    if (s->state == SSL2_ST_GET_CLIENT_HELLO_A) {
-        s->first_packet = 1;
-        s->state = SSL2_ST_GET_CLIENT_HELLO_B;
-    }
-
-    p = (unsigned char *)s->init_buf->data;
-    if (s->state == SSL2_ST_GET_CLIENT_HELLO_B) {
-        i = ssl2_read(s, (char *)&(p[s->init_num]), 9 - s->init_num);
-        if (i < (9 - s->init_num))
-            return (ssl2_part_read(s, SSL_F_GET_CLIENT_HELLO, i));
-        s->init_num = 9;
-
-        if (*(p++) != SSL2_MT_CLIENT_HELLO) {
-            if (p[-1] != SSL2_MT_ERROR) {
-                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-                SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_READ_WRONG_PACKET_TYPE);
-            } else
-                SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_PEER_ERROR);
-            return (-1);
-        }
-        n2s(p, i);
-        if (i < s->version)
-            s->version = i;
-        n2s(p, i);
-        s->s2->tmp.cipher_spec_length = i;
-        n2s(p, i);
-        s->s2->tmp.session_id_length = i;
-        if ((i < 0) || (i > SSL_MAX_SSL_SESSION_ID_LENGTH)) {
-            ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-            SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH);
-            return -1;
-        }
-        n2s(p, i);
-        s->s2->challenge_length = i;
-        if ((i < SSL2_MIN_CHALLENGE_LENGTH) ||
-            (i > SSL2_MAX_CHALLENGE_LENGTH)) {
-            ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-            SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_INVALID_CHALLENGE_LENGTH);
-            return (-1);
-        }
-        s->state = SSL2_ST_GET_CLIENT_HELLO_C;
-    }
-
-    /* SSL2_ST_GET_CLIENT_HELLO_C */
-    p = (unsigned char *)s->init_buf->data;
-    len =
-        9 + (unsigned long)s->s2->tmp.cipher_spec_length +
-        (unsigned long)s->s2->challenge_length +
-        (unsigned long)s->s2->tmp.session_id_length;
-    if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
-        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-        SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_MESSAGE_TOO_LONG);
-        return -1;
-    }
-    n = (int)len - s->init_num;
-    i = ssl2_read(s, (char *)&(p[s->init_num]), n);
-    if (i != n)
-        return (ssl2_part_read(s, SSL_F_GET_CLIENT_HELLO, i));
-    if (s->msg_callback) {
-        /* CLIENT-HELLO */
-        s->msg_callback(0, s->version, 0, p, (size_t)len, s,
-                        s->msg_callback_arg);
-    }
-    p += 9;
-
-    /*
-     * get session-id before cipher stuff so we can get out session structure
-     * if it is cached
-     */
-    /* session-id */
-    if ((s->s2->tmp.session_id_length != 0) &&
-        (s->s2->tmp.session_id_length != SSL2_SSL_SESSION_ID_LENGTH)) {
-        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-        SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_BAD_SSL_SESSION_ID_LENGTH);
-        return (-1);
-    }
-
-    if (s->s2->tmp.session_id_length == 0) {
-        if (!ssl_get_new_session(s, 1)) {
-            ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-            return (-1);
-        }
-    } else {
-        i = ssl_get_prev_session(s, &(p[s->s2->tmp.cipher_spec_length]),
-                                 s->s2->tmp.session_id_length, NULL);
-        if (i == 1) {           /* previous session */
-            s->hit = 1;
-        } else if (i == -1) {
-            ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-            return (-1);
-        } else {
-            if (s->cert == NULL) {
-                ssl2_return_error(s, SSL2_PE_NO_CERTIFICATE);
-                SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_NO_CERTIFICATE_SET);
-                return (-1);
-            }
-
-            if (!ssl_get_new_session(s, 1)) {
-                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-                return (-1);
-            }
-        }
-    }
-
-    if (!s->hit) {
-        cs = ssl_bytes_to_cipher_list(s, p, s->s2->tmp.cipher_spec_length,
-                                      &s->session->ciphers);
-        if (cs == NULL)
-            goto mem_err;
-
-        cl = SSL_get_ciphers(s);
-
-        if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
-            prio = sk_SSL_CIPHER_dup(cl);
-            if (prio == NULL)
-                goto mem_err;
-            allow = cs;
-        } else {
-            prio = cs;
-            allow = cl;
-        }
-
-        /* Generate list of SSLv2 ciphers shared between client and server */
-        for (z = 0; z < sk_SSL_CIPHER_num(prio); z++) {
-            const SSL_CIPHER *cp = sk_SSL_CIPHER_value(prio, z);
-            if ((cp->algorithm_ssl & SSL_SSLV2) == 0 ||
-                sk_SSL_CIPHER_find(allow, cp) < 0) {
-                (void)sk_SSL_CIPHER_delete(prio, z);
-                z--;
-            }
-        }
-        if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
-            sk_SSL_CIPHER_free(s->session->ciphers);
-            s->session->ciphers = prio;
-        }
-
-        /* Make sure we have at least one cipher in common */
-        if (sk_SSL_CIPHER_num(s->session->ciphers) == 0) {
-            ssl2_return_error(s, SSL2_PE_NO_CIPHER);
-            SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_NO_CIPHER_MATCH);
-            return -1;
-        }
-        /*
-         * s->session->ciphers should now have a list of ciphers that are on
-         * both the client and server. This list is ordered by the order the
-         * client sent the ciphers or in the order of the server's preference
-         * if SSL_OP_CIPHER_SERVER_PREFERENCE was set.
-         */
-    }
-    p += s->s2->tmp.cipher_spec_length;
-    /* done cipher selection */
-
-    /* session id extracted already */
-    p += s->s2->tmp.session_id_length;
-
-    /* challenge */
-    if (s->s2->challenge_length > sizeof s->s2->challenge) {
-        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-        SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
-        return -1;
-    }
-    memcpy(s->s2->challenge, p, (unsigned int)s->s2->challenge_length);
-    return (1);
- mem_err:
-    SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_MALLOC_FAILURE);
-    return (0);
-}
-
-static int server_hello(SSL *s)
-{
-    unsigned char *p, *d;
-    int n, hit;
-
-    p = (unsigned char *)s->init_buf->data;
-    if (s->state == SSL2_ST_SEND_SERVER_HELLO_A) {
-        d = p + 11;
-        *(p++) = SSL2_MT_SERVER_HELLO; /* type */
-        hit = s->hit;
-        *(p++) = (unsigned char)hit;
-# if 1
-        if (!hit) {
-            if (s->session->sess_cert != NULL)
-                /*
-                 * This can't really happen because get_client_hello has
-                 * called ssl_get_new_session, which does not set sess_cert.
-                 */
-                ssl_sess_cert_free(s->session->sess_cert);
-            s->session->sess_cert = ssl_sess_cert_new();
-            if (s->session->sess_cert == NULL) {
-                SSLerr(SSL_F_SERVER_HELLO, ERR_R_MALLOC_FAILURE);
-                return (-1);
-            }
-        }
-        /*
-         * If 'hit' is set, then s->sess_cert may be non-NULL or NULL,
-         * depending on whether it survived in the internal cache or was
-         * retrieved from an external cache. If it is NULL, we cannot put any
-         * useful data in it anyway, so we don't touch it.
-         */
-
-# else                          /* That's what used to be done when cert_st
-                                 * and sess_cert_st were * the same. */
-        if (!hit) {             /* else add cert to session */
-            CRYPTO_add(&s->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
-            if (s->session->sess_cert != NULL)
-                ssl_cert_free(s->session->sess_cert);
-            s->session->sess_cert = s->cert;
-        } else {                /* We have a session id-cache hit, if the *
-                                 * session-id has no certificate listed
-                                 * against * the 'cert' structure, grab the
-                                 * 'old' one * listed against the SSL
-                                 * connection */
-            if (s->session->sess_cert == NULL) {
-                CRYPTO_add(&s->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
-                s->session->sess_cert = s->cert;
-            }
-        }
-# endif
-
-        if (s->cert == NULL) {
-            ssl2_return_error(s, SSL2_PE_NO_CERTIFICATE);
-            SSLerr(SSL_F_SERVER_HELLO, SSL_R_NO_CERTIFICATE_SPECIFIED);
-            return (-1);
-        }
-
-        if (hit) {
-            *(p++) = 0;         /* no certificate type */
-            s2n(s->version, p); /* version */
-            s2n(0, p);          /* cert len */
-            s2n(0, p);          /* ciphers len */
-        } else {
-            /* EAY EAY */
-            /* put certificate type */
-            *(p++) = SSL2_CT_X509_CERTIFICATE;
-            s2n(s->version, p); /* version */
-            n = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, NULL);
-            s2n(n, p);          /* certificate length */
-            i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, &d);
-            n = 0;
-
-            /*
-             * lets send out the ciphers we like in the prefered order
-             */
-            n = ssl_cipher_list_to_bytes(s, s->session->ciphers, d, 0);
-            d += n;
-            s2n(n, p);          /* add cipher length */
-        }
-
-        /* make and send conn_id */
-        s2n(SSL2_CONNECTION_ID_LENGTH, p); /* add conn_id length */
-        s->s2->conn_id_length = SSL2_CONNECTION_ID_LENGTH;
-        if (RAND_bytes(s->s2->conn_id, (int)s->s2->conn_id_length) <= 0)
-            return -1;
-        memcpy(d, s->s2->conn_id, SSL2_CONNECTION_ID_LENGTH);
-        d += SSL2_CONNECTION_ID_LENGTH;
-
-        s->state = SSL2_ST_SEND_SERVER_HELLO_B;
-        s->init_num = d - (unsigned char *)s->init_buf->data;
-        s->init_off = 0;
-    }
-    /* SSL2_ST_SEND_SERVER_HELLO_B */
-    /*
-     * If we are using TCP/IP, the performance is bad if we do 2 writes
-     * without a read between them.  This occurs when Session-id reuse is
-     * used, so I will put in a buffering module
-     */
-    if (s->hit) {
-        if (!ssl_init_wbio_buffer(s, 1))
-            return (-1);
-    }
-
-    return (ssl2_do_write(s));
-}
-
-static int get_client_finished(SSL *s)
-{
-    unsigned char *p;
-    int i, n;
-    unsigned long len;
-
-    p = (unsigned char *)s->init_buf->data;
-    if (s->state == SSL2_ST_GET_CLIENT_FINISHED_A) {
-        i = ssl2_read(s, (char *)&(p[s->init_num]), 1 - s->init_num);
-        if (i < 1 - s->init_num)
-            return (ssl2_part_read(s, SSL_F_GET_CLIENT_FINISHED, i));
-        s->init_num += i;
-
-        if (*p != SSL2_MT_CLIENT_FINISHED) {
-            if (*p != SSL2_MT_ERROR) {
-                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-                SSLerr(SSL_F_GET_CLIENT_FINISHED,
-                       SSL_R_READ_WRONG_PACKET_TYPE);
-            } else {
-                SSLerr(SSL_F_GET_CLIENT_FINISHED, SSL_R_PEER_ERROR);
-                /* try to read the error message */
-                i = ssl2_read(s, (char *)&(p[s->init_num]), 3 - s->init_num);
-                return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
-            }
-            return (-1);
-        }
-        s->state = SSL2_ST_GET_CLIENT_FINISHED_B;
-    }
-
-    /* SSL2_ST_GET_CLIENT_FINISHED_B */
-    if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
-        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-        SSLerr(SSL_F_GET_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
-        return -1;
-    }
-    len = 1 + (unsigned long)s->s2->conn_id_length;
-    n = (int)len - s->init_num;
-    i = ssl2_read(s, (char *)&(p[s->init_num]), n);
-    if (i < n) {
-        return (ssl2_part_read(s, SSL_F_GET_CLIENT_FINISHED, i));
-    }
-    if (s->msg_callback) {
-        /* CLIENT-FINISHED */
-        s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg);
-    }
-    p += 1;
-    if (memcmp(p, s->s2->conn_id, s->s2->conn_id_length) != 0) {
-        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-        SSLerr(SSL_F_GET_CLIENT_FINISHED, SSL_R_CONNECTION_ID_IS_DIFFERENT);
-        return (-1);
-    }
-    return (1);
-}
-
-static int server_verify(SSL *s)
-{
-    unsigned char *p;
-
-    if (s->state == SSL2_ST_SEND_SERVER_VERIFY_A) {
-        p = (unsigned char *)s->init_buf->data;
-        *(p++) = SSL2_MT_SERVER_VERIFY;
-        if (s->s2->challenge_length > sizeof s->s2->challenge) {
-            SSLerr(SSL_F_SERVER_VERIFY, ERR_R_INTERNAL_ERROR);
-            return -1;
-        }
-        memcpy(p, s->s2->challenge, (unsigned int)s->s2->challenge_length);
-        /* p+=s->s2->challenge_length; */
-
-        s->state = SSL2_ST_SEND_SERVER_VERIFY_B;
-        s->init_num = s->s2->challenge_length + 1;
-        s->init_off = 0;
-    }
-    return (ssl2_do_write(s));
-}
-
-static int server_finish(SSL *s)
-{
-    unsigned char *p;
-
-    if (s->state == SSL2_ST_SEND_SERVER_FINISHED_A) {
-        p = (unsigned char *)s->init_buf->data;
-        *(p++) = SSL2_MT_SERVER_FINISHED;
-
-        if (s->session->session_id_length > sizeof s->session->session_id) {
-            SSLerr(SSL_F_SERVER_FINISH, ERR_R_INTERNAL_ERROR);
-            return -1;
-        }
-        memcpy(p, s->session->session_id,
-               (unsigned int)s->session->session_id_length);
-        /* p+=s->session->session_id_length; */
-
-        s->state = SSL2_ST_SEND_SERVER_FINISHED_B;
-        s->init_num = s->session->session_id_length + 1;
-        s->init_off = 0;
-    }
-
-    /* SSL2_ST_SEND_SERVER_FINISHED_B */
-    return (ssl2_do_write(s));
-}
-
-/* send the request and check the response */
-static int request_certificate(SSL *s)
-{
-    const unsigned char *cp;
-    unsigned char *p, *p2, *buf2;
-    unsigned char *ccd;
-    int i, j, ctype, ret = -1;
-    unsigned long len;
-    X509 *x509 = NULL;
-    STACK_OF(X509) *sk = NULL;
-
-    ccd = s->s2->tmp.ccl;
-    if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_A) {
-        p = (unsigned char *)s->init_buf->data;
-        *(p++) = SSL2_MT_REQUEST_CERTIFICATE;
-        *(p++) = SSL2_AT_MD5_WITH_RSA_ENCRYPTION;
-        if (RAND_bytes(ccd, SSL2_MIN_CERT_CHALLENGE_LENGTH) <= 0)
-            return -1;
-        memcpy(p, ccd, SSL2_MIN_CERT_CHALLENGE_LENGTH);
-
-        s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_B;
-        s->init_num = SSL2_MIN_CERT_CHALLENGE_LENGTH + 2;
-        s->init_off = 0;
-    }
-
-    if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_B) {
-        i = ssl2_do_write(s);
-        if (i <= 0) {
-            ret = i;
-            goto end;
-        }
-
-        s->init_num = 0;
-        s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_C;
-    }
-
-    if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_C) {
-        p = (unsigned char *)s->init_buf->data;
-        /* try to read 6 octets ... */
-        i = ssl2_read(s, (char *)&(p[s->init_num]), 6 - s->init_num);
-        /*
-         * ... but don't call ssl2_part_read now if we got at least 3
-         * (probably NO-CERTIFICATE-ERROR)
-         */
-        if (i < 3 - s->init_num) {
-            ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, i);
-            goto end;
-        }
-        s->init_num += i;
-
-        if ((s->init_num >= 3) && (p[0] == SSL2_MT_ERROR)) {
-            n2s(p, i);
-            if (i != SSL2_PE_NO_CERTIFICATE) {
-                /*
-                 * not the error message we expected -- let ssl2_part_read
-                 * handle it
-                 */
-                s->init_num -= 3;
-                ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, 3);
-                goto end;
-            }
-
-            if (s->msg_callback) {
-                /* ERROR */
-                s->msg_callback(0, s->version, 0, p, 3, s,
-                                s->msg_callback_arg);
-            }
-
-            /*
-             * this is the one place where we can recover from an SSL 2.0
-             * error
-             */
-
-            if (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) {
-                ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
-                SSLerr(SSL_F_REQUEST_CERTIFICATE,
-                       SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
-                goto end;
-            }
-            ret = 1;
-            goto end;
-        }
-        if ((*(p++) != SSL2_MT_CLIENT_CERTIFICATE) || (s->init_num < 6)) {
-            ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
-            SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_SHORT_READ);
-            goto end;
-        }
-        if (s->init_num != 6) {
-            SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_INTERNAL_ERROR);
-            goto end;
-        }
-
-        /* ok we have a response */
-        /* certificate type, there is only one right now. */
-        ctype = *(p++);
-        if (ctype != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) {
-            ssl2_return_error(s, SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
-            SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_BAD_RESPONSE_ARGUMENT);
-            goto end;
-        }
-        n2s(p, i);
-        s->s2->tmp.clen = i;
-        n2s(p, i);
-        s->s2->tmp.rlen = i;
-        s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_D;
-    }
-
-    /* SSL2_ST_SEND_REQUEST_CERTIFICATE_D */
-    p = (unsigned char *)s->init_buf->data;
-    len = 6 + (unsigned long)s->s2->tmp.clen + (unsigned long)s->s2->tmp.rlen;
-    if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
-        SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_MESSAGE_TOO_LONG);
-        goto end;
-    }
-    j = (int)len - s->init_num;
-    i = ssl2_read(s, (char *)&(p[s->init_num]), j);
-    if (i < j) {
-        ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, i);
-        goto end;
-    }
-    if (s->msg_callback) {
-        /* CLIENT-CERTIFICATE */
-        s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg);
-    }
-    p += 6;
-
-    cp = p;
-    x509 = (X509 *)d2i_X509(NULL, &cp, (long)s->s2->tmp.clen);
-    if (x509 == NULL) {
-        SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_X509_LIB);
-        goto msg_end;
-    }
-
-    if (((sk = sk_X509_new_null()) == NULL) || (!sk_X509_push(sk, x509))) {
-        SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_MALLOC_FAILURE);
-        goto msg_end;
-    }
-
-    i = ssl_verify_cert_chain(s, sk);
-
-    if (i > 0) {                /* we like the packet, now check the chksum */
-        EVP_MD_CTX ctx;
-        EVP_PKEY *pkey = NULL;
-
-        EVP_MD_CTX_init(&ctx);
-        if (!EVP_VerifyInit_ex(&ctx, s->ctx->rsa_md5, NULL)
-            || !EVP_VerifyUpdate(&ctx, s->s2->key_material,
-                                 s->s2->key_material_length)
-            || !EVP_VerifyUpdate(&ctx, ccd, SSL2_MIN_CERT_CHALLENGE_LENGTH))
-            goto msg_end;
-
-        i = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, NULL);
-        buf2 = OPENSSL_malloc((unsigned int)i);
-        if (buf2 == NULL) {
-            SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_MALLOC_FAILURE);
-            goto msg_end;
-        }
-        p2 = buf2;
-        i = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, &p2);
-        if (!EVP_VerifyUpdate(&ctx, buf2, (unsigned int)i)) {
-            OPENSSL_free(buf2);
-            goto msg_end;
-        }
-        OPENSSL_free(buf2);
-
-        pkey = X509_get_pubkey(x509);
-        if (pkey == NULL)
-            goto end;
-        i = EVP_VerifyFinal(&ctx, cp, s->s2->tmp.rlen, pkey);
-        EVP_PKEY_free(pkey);
-        EVP_MD_CTX_cleanup(&ctx);
-
-        if (i > 0) {
-            if (s->session->peer != NULL)
-                X509_free(s->session->peer);
-            s->session->peer = x509;
-            CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509);
-            s->session->verify_result = s->verify_result;
-            ret = 1;
-            goto end;
-        } else {
-            SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_BAD_CHECKSUM);
-            goto msg_end;
-        }
-    } else {
- msg_end:
-        ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
-    }
- end:
-    sk_X509_free(sk);
-    X509_free(x509);
-    return (ret);
-}
-
-static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
-                                   unsigned char *to, int padding)
-{
-    RSA *rsa;
-    int i;
-
-    if ((c == NULL) || (c->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL)) {
-        SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, SSL_R_NO_PRIVATEKEY);
-        return (-1);
-    }
-    if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey->type != EVP_PKEY_RSA) {
-        SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, SSL_R_PUBLIC_KEY_IS_NOT_RSA);
-        return (-1);
-    }
-    rsa = c->pkeys[SSL_PKEY_RSA_ENC].privatekey->pkey.rsa;
-
-    /* we have the public key */
-    i = RSA_private_decrypt(len, from, to, rsa, padding);
-    if (i < 0)
-        SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, ERR_R_RSA_LIB);
-    return (i);
-}
-#else                           /* !OPENSSL_NO_SSL2 */
-
-# if PEDANTIC
-static void *dummy = &dummy;
-# endif
-
-#endif
diff --git a/thirdparty/openssl/ssl/s3_both.c b/thirdparty/openssl/ssl/s3_both.c
deleted file mode 100644
index 054ded1c99..0000000000
--- a/thirdparty/openssl/ssl/s3_both.c
+++ /dev/null
@@ -1,758 +0,0 @@
-/* ssl/s3_both.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#include <limits.h>
-#include <string.h>
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-/*
- * send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or
- * SSL3_RT_CHANGE_CIPHER_SPEC)
- */
-int ssl3_do_write(SSL *s, int type)
-{
-    int ret;
-
-    ret = ssl3_write_bytes(s, type, &s->init_buf->data[s->init_off],
-                           s->init_num);
-    if (ret < 0)
-        return (-1);
-    if (type == SSL3_RT_HANDSHAKE)
-        /*
-         * should not be done for 'Hello Request's, but in that case we'll
-         * ignore the result anyway
-         */
-        ssl3_finish_mac(s, (unsigned char *)&s->init_buf->data[s->init_off],
-                        ret);
-
-    if (ret == s->init_num) {
-        if (s->msg_callback)
-            s->msg_callback(1, s->version, type, s->init_buf->data,
-                            (size_t)(s->init_off + s->init_num), s,
-                            s->msg_callback_arg);
-        return (1);
-    }
-    s->init_off += ret;
-    s->init_num -= ret;
-    return (0);
-}
-
-int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
-{
-    unsigned char *p;
-    int i;
-    unsigned long l;
-
-    if (s->state == a) {
-        p = ssl_handshake_start(s);
-
-        i = s->method->ssl3_enc->final_finish_mac(s,
-                                                  sender, slen,
-                                                  s->s3->tmp.finish_md);
-        if (i <= 0)
-            return 0;
-        s->s3->tmp.finish_md_len = i;
-        memcpy(p, s->s3->tmp.finish_md, i);
-        l = i;
-
-        /*
-         * Copy the finished so we can use it for renegotiation checks
-         */
-        if (s->type == SSL_ST_CONNECT) {
-            OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
-            memcpy(s->s3->previous_client_finished, s->s3->tmp.finish_md, i);
-            s->s3->previous_client_finished_len = i;
-        } else {
-            OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
-            memcpy(s->s3->previous_server_finished, s->s3->tmp.finish_md, i);
-            s->s3->previous_server_finished_len = i;
-        }
-
-#ifdef OPENSSL_SYS_WIN16
-        /*
-         * MSVC 1.5 does not clear the top bytes of the word unless I do
-         * this.
-         */
-        l &= 0xffff;
-#endif
-        ssl_set_handshake_header(s, SSL3_MT_FINISHED, l);
-        s->state = b;
-    }
-
-    /* SSL3_ST_SEND_xxxxxx_HELLO_B */
-    return ssl_do_write(s);
-}
-
-#ifndef OPENSSL_NO_NEXTPROTONEG
-/*
- * ssl3_take_mac calculates the Finished MAC for the handshakes messages seen
- * to far.
- */
-static void ssl3_take_mac(SSL *s)
-{
-    const char *sender;
-    int slen;
-    /*
-     * If no new cipher setup return immediately: other functions will set
-     * the appropriate error.
-     */
-    if (s->s3->tmp.new_cipher == NULL)
-        return;
-    if (s->state & SSL_ST_CONNECT) {
-        sender = s->method->ssl3_enc->server_finished_label;
-        slen = s->method->ssl3_enc->server_finished_label_len;
-    } else {
-        sender = s->method->ssl3_enc->client_finished_label;
-        slen = s->method->ssl3_enc->client_finished_label_len;
-    }
-
-    s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
-                                                                          sender,
-                                                                          slen,
-                                                                          s->s3->tmp.peer_finish_md);
-}
-#endif
-
-int ssl3_get_finished(SSL *s, int a, int b)
-{
-    int al, i, ok;
-    long n;
-    unsigned char *p;
-
-#ifdef OPENSSL_NO_NEXTPROTONEG
-    /*
-     * the mac has already been generated when we received the change cipher
-     * spec message and is in s->s3->tmp.peer_finish_md
-     */
-#endif
-
-    /* 64 argument should actually be 36+4 :-) */
-    n = s->method->ssl_get_message(s, a, b, SSL3_MT_FINISHED, 64, &ok);
-
-    if (!ok)
-        return ((int)n);
-
-    /* If this occurs, we have missed a message */
-    if (!s->s3->change_cipher_spec) {
-        al = SSL_AD_UNEXPECTED_MESSAGE;
-        SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_GOT_A_FIN_BEFORE_A_CCS);
-        goto f_err;
-    }
-    s->s3->change_cipher_spec = 0;
-
-    p = (unsigned char *)s->init_msg;
-    i = s->s3->tmp.peer_finish_md_len;
-
-    if (i != n) {
-        al = SSL_AD_DECODE_ERROR;
-        SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_BAD_DIGEST_LENGTH);
-        goto f_err;
-    }
-
-    if (CRYPTO_memcmp(p, s->s3->tmp.peer_finish_md, i) != 0) {
-        al = SSL_AD_DECRYPT_ERROR;
-        SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_DIGEST_CHECK_FAILED);
-        goto f_err;
-    }
-
-    /*
-     * Copy the finished so we can use it for renegotiation checks
-     */
-    if (s->type == SSL_ST_ACCEPT) {
-        OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
-        memcpy(s->s3->previous_client_finished, s->s3->tmp.peer_finish_md, i);
-        s->s3->previous_client_finished_len = i;
-    } else {
-        OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
-        memcpy(s->s3->previous_server_finished, s->s3->tmp.peer_finish_md, i);
-        s->s3->previous_server_finished_len = i;
-    }
-
-    return (1);
- f_err:
-    ssl3_send_alert(s, SSL3_AL_FATAL, al);
-    return (0);
-}
-
-/*-
- * for these 2 messages, we need to
- * ssl->enc_read_ctx                    re-init
- * ssl->s3->read_sequence               zero
- * ssl->s3->read_mac_secret             re-init
- * ssl->session->read_sym_enc           assign
- * ssl->session->read_compression       assign
- * ssl->session->read_hash              assign
- */
-int ssl3_send_change_cipher_spec(SSL *s, int a, int b)
-{
-    unsigned char *p;
-
-    if (s->state == a) {
-        p = (unsigned char *)s->init_buf->data;
-        *p = SSL3_MT_CCS;
-        s->init_num = 1;
-        s->init_off = 0;
-
-        s->state = b;
-    }
-
-    /* SSL3_ST_CW_CHANGE_B */
-    return (ssl3_do_write(s, SSL3_RT_CHANGE_CIPHER_SPEC));
-}
-
-unsigned long ssl3_output_cert_chain(SSL *s, CERT_PKEY *cpk)
-{
-    unsigned char *p;
-    unsigned long l = 3 + SSL_HM_HEADER_LENGTH(s);
-
-    if (!ssl_add_cert_chain(s, cpk, &l))
-        return 0;
-
-    l -= 3 + SSL_HM_HEADER_LENGTH(s);
-    p = ssl_handshake_start(s);
-    l2n3(l, p);
-    l += 3;
-    ssl_set_handshake_header(s, SSL3_MT_CERTIFICATE, l);
-    return l + SSL_HM_HEADER_LENGTH(s);
-}
-
-/*
- * Obtain handshake message of message type 'mt' (any if mt == -1), maximum
- * acceptable body length 'max'. The first four bytes (msg_type and length)
- * are read in state 'st1', the body is read in state 'stn'.
- */
-long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
-{
-    unsigned char *p;
-    unsigned long l;
-    long n;
-    int i, al;
-
-    if (s->s3->tmp.reuse_message) {
-        s->s3->tmp.reuse_message = 0;
-        if ((mt >= 0) && (s->s3->tmp.message_type != mt)) {
-            al = SSL_AD_UNEXPECTED_MESSAGE;
-            SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
-            goto f_err;
-        }
-        *ok = 1;
-        s->state = stn;
-        s->init_msg = s->init_buf->data + SSL3_HM_HEADER_LENGTH;
-        s->init_num = (int)s->s3->tmp.message_size;
-        return s->init_num;
-    }
-
-    p = (unsigned char *)s->init_buf->data;
-
-    if (s->state == st1) {      /* s->init_num < SSL3_HM_HEADER_LENGTH */
-        int skip_message;
-
-        do {
-            while (s->init_num < SSL3_HM_HEADER_LENGTH) {
-                i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
-                                              &p[s->init_num],
-                                              SSL3_HM_HEADER_LENGTH -
-                                              s->init_num, 0);
-                if (i <= 0) {
-                    s->rwstate = SSL_READING;
-                    *ok = 0;
-                    return i;
-                }
-                s->init_num += i;
-            }
-
-            skip_message = 0;
-            if (!s->server)
-                if (p[0] == SSL3_MT_HELLO_REQUEST)
-                    /*
-                     * The server may always send 'Hello Request' messages --
-                     * we are doing a handshake anyway now, so ignore them if
-                     * their format is correct. Does not count for 'Finished'
-                     * MAC.
-                     */
-                    if (p[1] == 0 && p[2] == 0 && p[3] == 0) {
-                        s->init_num = 0;
-                        skip_message = 1;
-
-                        if (s->msg_callback)
-                            s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
-                                            p, SSL3_HM_HEADER_LENGTH, s,
-                                            s->msg_callback_arg);
-                    }
-        }
-        while (skip_message);
-
-        /* s->init_num == SSL3_HM_HEADER_LENGTH */
-
-        if ((mt >= 0) && (*p != mt)) {
-            al = SSL_AD_UNEXPECTED_MESSAGE;
-            SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
-            goto f_err;
-        }
-
-        s->s3->tmp.message_type = *(p++);
-
-        n2l3(p, l);
-        if (l > (unsigned long)max) {
-            al = SSL_AD_ILLEGAL_PARAMETER;
-            SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_EXCESSIVE_MESSAGE_SIZE);
-            goto f_err;
-        }
-        /*
-         * Make buffer slightly larger than message length as a precaution
-         * against small OOB reads e.g. CVE-2016-6306
-         */
-        if (l
-            && !BUF_MEM_grow_clean(s->init_buf,
-                                   (int)l + SSL3_HM_HEADER_LENGTH + 16)) {
-            SSLerr(SSL_F_SSL3_GET_MESSAGE, ERR_R_BUF_LIB);
-            goto err;
-        }
-        s->s3->tmp.message_size = l;
-        s->state = stn;
-
-        s->init_msg = s->init_buf->data + SSL3_HM_HEADER_LENGTH;
-        s->init_num = 0;
-    }
-
-    /* next state (stn) */
-    p = s->init_msg;
-    n = s->s3->tmp.message_size - s->init_num;
-    while (n > 0) {
-        i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, &p[s->init_num],
-                                      n, 0);
-        if (i <= 0) {
-            s->rwstate = SSL_READING;
-            *ok = 0;
-            return i;
-        }
-        s->init_num += i;
-        n -= i;
-    }
-
-#ifndef OPENSSL_NO_NEXTPROTONEG
-    /*
-     * If receiving Finished, record MAC of prior handshake messages for
-     * Finished verification.
-     */
-    if (*s->init_buf->data == SSL3_MT_FINISHED)
-        ssl3_take_mac(s);
-#endif
-
-    /* Feed this message into MAC computation. */
-    ssl3_finish_mac(s, (unsigned char *)s->init_buf->data,
-                    s->init_num + SSL3_HM_HEADER_LENGTH);
-    if (s->msg_callback)
-        s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->init_buf->data,
-                        (size_t)s->init_num + SSL3_HM_HEADER_LENGTH, s,
-                        s->msg_callback_arg);
-    *ok = 1;
-    return s->init_num;
- f_err:
-    ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
-    *ok = 0;
-    return (-1);
-}
-
-int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
-{
-    EVP_PKEY *pk;
-    int ret = -1, i;
-
-    if (pkey == NULL)
-        pk = X509_get_pubkey(x);
-    else
-        pk = pkey;
-    if (pk == NULL)
-        goto err;
-
-    i = pk->type;
-    if (i == EVP_PKEY_RSA) {
-        ret = SSL_PKEY_RSA_ENC;
-    } else if (i == EVP_PKEY_DSA) {
-        ret = SSL_PKEY_DSA_SIGN;
-    }
-#ifndef OPENSSL_NO_EC
-    else if (i == EVP_PKEY_EC) {
-        ret = SSL_PKEY_ECC;
-    }
-#endif
-    else if (i == NID_id_GostR3410_94 || i == NID_id_GostR3410_94_cc) {
-        ret = SSL_PKEY_GOST94;
-    } else if (i == NID_id_GostR3410_2001 || i == NID_id_GostR3410_2001_cc) {
-        ret = SSL_PKEY_GOST01;
-    } else if (x && (i == EVP_PKEY_DH || i == EVP_PKEY_DHX)) {
-        /*
-         * For DH two cases: DH certificate signed with RSA and DH
-         * certificate signed with DSA.
-         */
-        i = X509_certificate_type(x, pk);
-        if (i & EVP_PKS_RSA)
-            ret = SSL_PKEY_DH_RSA;
-        else if (i & EVP_PKS_DSA)
-            ret = SSL_PKEY_DH_DSA;
-    }
-
- err:
-    if (!pkey)
-        EVP_PKEY_free(pk);
-    return (ret);
-}
-
-int ssl_verify_alarm_type(long type)
-{
-    int al;
-
-    switch (type) {
-    case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
-    case X509_V_ERR_UNABLE_TO_GET_CRL:
-    case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER:
-        al = SSL_AD_UNKNOWN_CA;
-        break;
-    case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
-    case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
-    case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
-    case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
-    case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
-    case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
-    case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
-    case X509_V_ERR_CERT_NOT_YET_VALID:
-    case X509_V_ERR_CRL_NOT_YET_VALID:
-    case X509_V_ERR_CERT_UNTRUSTED:
-    case X509_V_ERR_CERT_REJECTED:
-    case X509_V_ERR_HOSTNAME_MISMATCH:
-    case X509_V_ERR_EMAIL_MISMATCH:
-    case X509_V_ERR_IP_ADDRESS_MISMATCH:
-        al = SSL_AD_BAD_CERTIFICATE;
-        break;
-    case X509_V_ERR_CERT_SIGNATURE_FAILURE:
-    case X509_V_ERR_CRL_SIGNATURE_FAILURE:
-        al = SSL_AD_DECRYPT_ERROR;
-        break;
-    case X509_V_ERR_CERT_HAS_EXPIRED:
-    case X509_V_ERR_CRL_HAS_EXPIRED:
-        al = SSL_AD_CERTIFICATE_EXPIRED;
-        break;
-    case X509_V_ERR_CERT_REVOKED:
-        al = SSL_AD_CERTIFICATE_REVOKED;
-        break;
-    case X509_V_ERR_UNSPECIFIED:
-    case X509_V_ERR_OUT_OF_MEM:
-    case X509_V_ERR_INVALID_CALL:
-    case X509_V_ERR_STORE_LOOKUP:
-        al = SSL_AD_INTERNAL_ERROR;
-        break;
-    case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
-    case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
-    case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
-    case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
-    case X509_V_ERR_CERT_CHAIN_TOO_LONG:
-    case X509_V_ERR_PATH_LENGTH_EXCEEDED:
-    case X509_V_ERR_INVALID_CA:
-        al = SSL_AD_UNKNOWN_CA;
-        break;
-    case X509_V_ERR_APPLICATION_VERIFICATION:
-        al = SSL_AD_HANDSHAKE_FAILURE;
-        break;
-    case X509_V_ERR_INVALID_PURPOSE:
-        al = SSL_AD_UNSUPPORTED_CERTIFICATE;
-        break;
-    default:
-        al = SSL_AD_CERTIFICATE_UNKNOWN;
-        break;
-    }
-    return (al);
-}
-
-#ifndef OPENSSL_NO_BUF_FREELISTS
-/*-
- * On some platforms, malloc() performance is bad enough that you can't just
- * free() and malloc() buffers all the time, so we need to use freelists from
- * unused buffers.  Currently, each freelist holds memory chunks of only a
- * given size (list->chunklen); other sized chunks are freed and malloced.
- * This doesn't help much if you're using many different SSL option settings
- * with a given context.  (The options affecting buffer size are
- * max_send_fragment, read buffer vs write buffer,
- * SSL_OP_MICROSOFT_BIG_WRITE_BUFFER, SSL_OP_NO_COMPRESSION, and
- * SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS.)  Using a separate freelist for every
- * possible size is not an option, since max_send_fragment can take on many
- * different values.
- *
- * If you are on a platform with a slow malloc(), and you're using SSL
- * connections with many different settings for these options, and you need to
- * use the SSL_MOD_RELEASE_BUFFERS feature, you have a few options:
- *    - Link against a faster malloc implementation.
- *    - Use a separate SSL_CTX for each option set.
- *    - Improve this code.
- */
-static void *freelist_extract(SSL_CTX *ctx, int for_read, int sz)
-{
-    SSL3_BUF_FREELIST *list;
-    SSL3_BUF_FREELIST_ENTRY *ent = NULL;
-    void *result = NULL;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-    list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
-    if (list != NULL && sz == (int)list->chunklen)
-        ent = list->head;
-    if (ent != NULL) {
-        list->head = ent->next;
-        result = ent;
-        if (--list->len == 0)
-            list->chunklen = 0;
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-    if (!result)
-        result = OPENSSL_malloc(sz);
-    return result;
-}
-
-static void freelist_insert(SSL_CTX *ctx, int for_read, size_t sz, void *mem)
-{
-    SSL3_BUF_FREELIST *list;
-    SSL3_BUF_FREELIST_ENTRY *ent;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-    list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
-    if (list != NULL &&
-        (sz == list->chunklen || list->chunklen == 0) &&
-        list->len < ctx->freelist_max_len && sz >= sizeof(*ent)) {
-        list->chunklen = sz;
-        ent = mem;
-        ent->next = list->head;
-        list->head = ent;
-        ++list->len;
-        mem = NULL;
-    }
-
-    CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-    if (mem)
-        OPENSSL_free(mem);
-}
-#else
-# define freelist_extract(c,fr,sz) OPENSSL_malloc(sz)
-# define freelist_insert(c,fr,sz,m) OPENSSL_free(m)
-#endif
-
-int ssl3_setup_read_buffer(SSL *s)
-{
-    unsigned char *p;
-    size_t len, align = 0, headerlen;
-
-    if (SSL_IS_DTLS(s))
-        headerlen = DTLS1_RT_HEADER_LENGTH;
-    else
-        headerlen = SSL3_RT_HEADER_LENGTH;
-
-#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
-    align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1);
-#endif
-
-    if (s->s3->rbuf.buf == NULL) {
-        len = SSL3_RT_MAX_PLAIN_LENGTH
-            + SSL3_RT_MAX_ENCRYPTED_OVERHEAD + headerlen + align;
-        if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER) {
-            s->s3->init_extra = 1;
-            len += SSL3_RT_MAX_EXTRA;
-        }
-#ifndef OPENSSL_NO_COMP
-        if (!(s->options & SSL_OP_NO_COMPRESSION))
-            len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
-#endif
-        if ((p = freelist_extract(s->ctx, 1, len)) == NULL)
-            goto err;
-        s->s3->rbuf.buf = p;
-        s->s3->rbuf.len = len;
-    }
-
-    s->packet = &(s->s3->rbuf.buf[0]);
-    return 1;
-
- err:
-    SSLerr(SSL_F_SSL3_SETUP_READ_BUFFER, ERR_R_MALLOC_FAILURE);
-    return 0;
-}
-
-int ssl3_setup_write_buffer(SSL *s)
-{
-    unsigned char *p;
-    size_t len, align = 0, headerlen;
-
-    if (SSL_IS_DTLS(s))
-        headerlen = DTLS1_RT_HEADER_LENGTH + 1;
-    else
-        headerlen = SSL3_RT_HEADER_LENGTH;
-
-#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
-    align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1);
-#endif
-
-    if (s->s3->wbuf.buf == NULL) {
-        len = s->max_send_fragment
-            + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD + headerlen + align;
-#ifndef OPENSSL_NO_COMP
-        if (!(s->options & SSL_OP_NO_COMPRESSION))
-            len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
-#endif
-        if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
-            len += headerlen + align + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;
-
-        if ((p = freelist_extract(s->ctx, 0, len)) == NULL)
-            goto err;
-        s->s3->wbuf.buf = p;
-        s->s3->wbuf.len = len;
-    }
-
-    return 1;
-
- err:
-    SSLerr(SSL_F_SSL3_SETUP_WRITE_BUFFER, ERR_R_MALLOC_FAILURE);
-    return 0;
-}
-
-int ssl3_setup_buffers(SSL *s)
-{
-    if (!ssl3_setup_read_buffer(s))
-        return 0;
-    if (!ssl3_setup_write_buffer(s))
-        return 0;
-    return 1;
-}
-
-int ssl3_release_write_buffer(SSL *s)
-{
-    if (s->s3->wbuf.buf != NULL) {
-        freelist_insert(s->ctx, 0, s->s3->wbuf.len, s->s3->wbuf.buf);
-        s->s3->wbuf.buf = NULL;
-    }
-    return 1;
-}
-
-int ssl3_release_read_buffer(SSL *s)
-{
-    if (s->s3->rbuf.buf != NULL) {
-        freelist_insert(s->ctx, 1, s->s3->rbuf.len, s->s3->rbuf.buf);
-        s->s3->rbuf.buf = NULL;
-    }
-    return 1;
-}
diff --git a/thirdparty/openssl/ssl/s3_cbc.c b/thirdparty/openssl/ssl/s3_cbc.c
deleted file mode 100644
index 557622f513..0000000000
--- a/thirdparty/openssl/ssl/s3_cbc.c
+++ /dev/null
@@ -1,820 +0,0 @@
-/* ssl/s3_cbc.c */
-/* ====================================================================
- * Copyright (c) 2012 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "../crypto/constant_time_locl.h"
-#include "ssl_locl.h"
-
-#include <openssl/md5.h>
-#include <openssl/sha.h>
-
-/*
- * MAX_HASH_BIT_COUNT_BYTES is the maximum number of bytes in the hash's
- * length field. (SHA-384/512 have 128-bit length.)
- */
-#define MAX_HASH_BIT_COUNT_BYTES 16
-
-/*
- * MAX_HASH_BLOCK_SIZE is the maximum hash block size that we'll support.
- * Currently SHA-384/512 has a 128-byte block size and that's the largest
- * supported by TLS.)
- */
-#define MAX_HASH_BLOCK_SIZE 128
-
-/*-
- * ssl3_cbc_remove_padding removes padding from the decrypted, SSLv3, CBC
- * record in |rec| by updating |rec->length| in constant time.
- *
- * block_size: the block size of the cipher used to encrypt the record.
- * returns:
- *   0: (in non-constant time) if the record is publicly invalid.
- *   1: if the padding was valid
- *  -1: otherwise.
- */
-int ssl3_cbc_remove_padding(const SSL *s,
-                            SSL3_RECORD *rec,
-                            unsigned block_size, unsigned mac_size)
-{
-    unsigned padding_length, good;
-    const unsigned overhead = 1 /* padding length byte */  + mac_size;
-
-    /*
-     * These lengths are all public so we can test them in non-constant time.
-     */
-    if (overhead > rec->length)
-        return 0;
-
-    padding_length = rec->data[rec->length - 1];
-    good = constant_time_ge(rec->length, padding_length + overhead);
-    /* SSLv3 requires that the padding is minimal. */
-    good &= constant_time_ge(block_size, padding_length + 1);
-    padding_length = good & (padding_length + 1);
-    rec->length -= padding_length;
-    rec->type |= padding_length << 8; /* kludge: pass padding length */
-    return constant_time_select_int(good, 1, -1);
-}
-
-/*-
- * tls1_cbc_remove_padding removes the CBC padding from the decrypted, TLS, CBC
- * record in |rec| in constant time and returns 1 if the padding is valid and
- * -1 otherwise. It also removes any explicit IV from the start of the record
- * without leaking any timing about whether there was enough space after the
- * padding was removed.
- *
- * block_size: the block size of the cipher used to encrypt the record.
- * returns:
- *   0: (in non-constant time) if the record is publicly invalid.
- *   1: if the padding was valid
- *  -1: otherwise.
- */
-int tls1_cbc_remove_padding(const SSL *s,
-                            SSL3_RECORD *rec,
-                            unsigned block_size, unsigned mac_size)
-{
-    unsigned padding_length, good, to_check, i;
-    const unsigned overhead = 1 /* padding length byte */  + mac_size;
-    /* Check if version requires explicit IV */
-    if (SSL_USE_EXPLICIT_IV(s)) {
-        /*
-         * These lengths are all public so we can test them in non-constant
-         * time.
-         */
-        if (overhead + block_size > rec->length)
-            return 0;
-        /* We can now safely skip explicit IV */
-        rec->data += block_size;
-        rec->input += block_size;
-        rec->length -= block_size;
-    } else if (overhead > rec->length)
-        return 0;
-
-    padding_length = rec->data[rec->length - 1];
-
-    /*
-     * NB: if compression is in operation the first packet may not be of even
-     * length so the padding bug check cannot be performed. This bug
-     * workaround has been around since SSLeay so hopefully it is either
-     * fixed now or no buggy implementation supports compression [steve]
-     */
-    if ((s->options & SSL_OP_TLS_BLOCK_PADDING_BUG) && !s->expand) {
-        /* First packet is even in size, so check */
-        if ((CRYPTO_memcmp(s->s3->read_sequence, "\0\0\0\0\0\0\0\0", 8) == 0) &&
-            !(padding_length & 1)) {
-            s->s3->flags |= TLS1_FLAGS_TLS_PADDING_BUG;
-        }
-        if ((s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG) && padding_length > 0) {
-            padding_length--;
-        }
-    }
-
-    if (EVP_CIPHER_flags(s->enc_read_ctx->cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
-        /* padding is already verified */
-        rec->length -= padding_length + 1;
-        return 1;
-    }
-
-    good = constant_time_ge(rec->length, overhead + padding_length);
-    /*
-     * The padding consists of a length byte at the end of the record and
-     * then that many bytes of padding, all with the same value as the length
-     * byte. Thus, with the length byte included, there are i+1 bytes of
-     * padding. We can't check just |padding_length+1| bytes because that
-     * leaks decrypted information. Therefore we always have to check the
-     * maximum amount of padding possible. (Again, the length of the record
-     * is public information so we can use it.)
-     */
-    to_check = 255;             /* maximum amount of padding. */
-    if (to_check > rec->length - 1)
-        to_check = rec->length - 1;
-
-    for (i = 0; i < to_check; i++) {
-        unsigned char mask = constant_time_ge_8(padding_length, i);
-        unsigned char b = rec->data[rec->length - 1 - i];
-        /*
-         * The final |padding_length+1| bytes should all have the value
-         * |padding_length|. Therefore the XOR should be zero.
-         */
-        good &= ~(mask & (padding_length ^ b));
-    }
-
-    /*
-     * If any of the final |padding_length+1| bytes had the wrong value, one
-     * or more of the lower eight bits of |good| will be cleared.
-     */
-    good = constant_time_eq(0xff, good & 0xff);
-    padding_length = good & (padding_length + 1);
-    rec->length -= padding_length;
-    rec->type |= padding_length << 8; /* kludge: pass padding length */
-
-    return constant_time_select_int(good, 1, -1);
-}
-
-/*-
- * ssl3_cbc_copy_mac copies |md_size| bytes from the end of |rec| to |out| in
- * constant time (independent of the concrete value of rec->length, which may
- * vary within a 256-byte window).
- *
- * ssl3_cbc_remove_padding or tls1_cbc_remove_padding must be called prior to
- * this function.
- *
- * On entry:
- *   rec->orig_len >= md_size
- *   md_size <= EVP_MAX_MD_SIZE
- *
- * If CBC_MAC_ROTATE_IN_PLACE is defined then the rotation is performed with
- * variable accesses in a 64-byte-aligned buffer. Assuming that this fits into
- * a single or pair of cache-lines, then the variable memory accesses don't
- * actually affect the timing. CPUs with smaller cache-lines [if any] are
- * not multi-core and are not considered vulnerable to cache-timing attacks.
- */
-#define CBC_MAC_ROTATE_IN_PLACE
-
-void ssl3_cbc_copy_mac(unsigned char *out,
-                       const SSL3_RECORD *rec,
-                       unsigned md_size, unsigned orig_len)
-{
-#if defined(CBC_MAC_ROTATE_IN_PLACE)
-    unsigned char rotated_mac_buf[64 + EVP_MAX_MD_SIZE];
-    unsigned char *rotated_mac;
-#else
-    unsigned char rotated_mac[EVP_MAX_MD_SIZE];
-#endif
-
-    /*
-     * mac_end is the index of |rec->data| just after the end of the MAC.
-     */
-    unsigned mac_end = rec->length;
-    unsigned mac_start = mac_end - md_size;
-    /*
-     * scan_start contains the number of bytes that we can ignore because the
-     * MAC's position can only vary by 255 bytes.
-     */
-    unsigned scan_start = 0;
-    unsigned i, j;
-    unsigned div_spoiler;
-    unsigned rotate_offset;
-
-    OPENSSL_assert(orig_len >= md_size);
-    OPENSSL_assert(md_size <= EVP_MAX_MD_SIZE);
-
-#if defined(CBC_MAC_ROTATE_IN_PLACE)
-    rotated_mac = rotated_mac_buf + ((0 - (size_t)rotated_mac_buf) & 63);
-#endif
-
-    /* This information is public so it's safe to branch based on it. */
-    if (orig_len > md_size + 255 + 1)
-        scan_start = orig_len - (md_size + 255 + 1);
-    /*
-     * div_spoiler contains a multiple of md_size that is used to cause the
-     * modulo operation to be constant time. Without this, the time varies
-     * based on the amount of padding when running on Intel chips at least.
-     * The aim of right-shifting md_size is so that the compiler doesn't
-     * figure out that it can remove div_spoiler as that would require it to
-     * prove that md_size is always even, which I hope is beyond it.
-     */
-    div_spoiler = md_size >> 1;
-    div_spoiler <<= (sizeof(div_spoiler) - 1) * 8;
-    rotate_offset = (div_spoiler + mac_start - scan_start) % md_size;
-
-    memset(rotated_mac, 0, md_size);
-    for (i = scan_start, j = 0; i < orig_len; i++) {
-        unsigned char mac_started = constant_time_ge_8(i, mac_start);
-        unsigned char mac_ended = constant_time_ge_8(i, mac_end);
-        unsigned char b = rec->data[i];
-        rotated_mac[j++] |= b & mac_started & ~mac_ended;
-        j &= constant_time_lt(j, md_size);
-    }
-
-    /* Now rotate the MAC */
-#if defined(CBC_MAC_ROTATE_IN_PLACE)
-    j = 0;
-    for (i = 0; i < md_size; i++) {
-        /* in case cache-line is 32 bytes, touch second line */
-        ((volatile unsigned char *)rotated_mac)[rotate_offset ^ 32];
-        out[j++] = rotated_mac[rotate_offset++];
-        rotate_offset &= constant_time_lt(rotate_offset, md_size);
-    }
-#else
-    memset(out, 0, md_size);
-    rotate_offset = md_size - rotate_offset;
-    rotate_offset &= constant_time_lt(rotate_offset, md_size);
-    for (i = 0; i < md_size; i++) {
-        for (j = 0; j < md_size; j++)
-            out[j] |= rotated_mac[i] & constant_time_eq_8(j, rotate_offset);
-        rotate_offset++;
-        rotate_offset &= constant_time_lt(rotate_offset, md_size);
-    }
-#endif
-}
-
-/*
- * u32toLE serialises an unsigned, 32-bit number (n) as four bytes at (p) in
- * little-endian order. The value of p is advanced by four.
- */
-#define u32toLE(n, p) \
-        (*((p)++)=(unsigned char)(n), \
-         *((p)++)=(unsigned char)(n>>8), \
-         *((p)++)=(unsigned char)(n>>16), \
-         *((p)++)=(unsigned char)(n>>24))
-
-/*
- * These functions serialize the state of a hash and thus perform the
- * standard "final" operation without adding the padding and length that such
- * a function typically does.
- */
-static void tls1_md5_final_raw(void *ctx, unsigned char *md_out)
-{
-    MD5_CTX *md5 = ctx;
-    u32toLE(md5->A, md_out);
-    u32toLE(md5->B, md_out);
-    u32toLE(md5->C, md_out);
-    u32toLE(md5->D, md_out);
-}
-
-static void tls1_sha1_final_raw(void *ctx, unsigned char *md_out)
-{
-    SHA_CTX *sha1 = ctx;
-    l2n(sha1->h0, md_out);
-    l2n(sha1->h1, md_out);
-    l2n(sha1->h2, md_out);
-    l2n(sha1->h3, md_out);
-    l2n(sha1->h4, md_out);
-}
-
-#define LARGEST_DIGEST_CTX SHA_CTX
-
-#ifndef OPENSSL_NO_SHA256
-static void tls1_sha256_final_raw(void *ctx, unsigned char *md_out)
-{
-    SHA256_CTX *sha256 = ctx;
-    unsigned i;
-
-    for (i = 0; i < 8; i++) {
-        l2n(sha256->h[i], md_out);
-    }
-}
-
-# undef  LARGEST_DIGEST_CTX
-# define LARGEST_DIGEST_CTX SHA256_CTX
-#endif
-
-#ifndef OPENSSL_NO_SHA512
-static void tls1_sha512_final_raw(void *ctx, unsigned char *md_out)
-{
-    SHA512_CTX *sha512 = ctx;
-    unsigned i;
-
-    for (i = 0; i < 8; i++) {
-        l2n8(sha512->h[i], md_out);
-    }
-}
-
-# undef  LARGEST_DIGEST_CTX
-# define LARGEST_DIGEST_CTX SHA512_CTX
-#endif
-
-/*
- * ssl3_cbc_record_digest_supported returns 1 iff |ctx| uses a hash function
- * which ssl3_cbc_digest_record supports.
- */
-char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx)
-{
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode())
-        return 0;
-#endif
-    switch (EVP_MD_CTX_type(ctx)) {
-    case NID_md5:
-    case NID_sha1:
-#ifndef OPENSSL_NO_SHA256
-    case NID_sha224:
-    case NID_sha256:
-#endif
-#ifndef OPENSSL_NO_SHA512
-    case NID_sha384:
-    case NID_sha512:
-#endif
-        return 1;
-    default:
-        return 0;
-    }
-}
-
-/*-
- * ssl3_cbc_digest_record computes the MAC of a decrypted, padded SSLv3/TLS
- * record.
- *
- *   ctx: the EVP_MD_CTX from which we take the hash function.
- *     ssl3_cbc_record_digest_supported must return true for this EVP_MD_CTX.
- *   md_out: the digest output. At most EVP_MAX_MD_SIZE bytes will be written.
- *   md_out_size: if non-NULL, the number of output bytes is written here.
- *   header: the 13-byte, TLS record header.
- *   data: the record data itself, less any preceeding explicit IV.
- *   data_plus_mac_size: the secret, reported length of the data and MAC
- *     once the padding has been removed.
- *   data_plus_mac_plus_padding_size: the public length of the whole
- *     record, including padding.
- *   is_sslv3: non-zero if we are to use SSLv3. Otherwise, TLS.
- *
- * On entry: by virtue of having been through one of the remove_padding
- * functions, above, we know that data_plus_mac_size is large enough to contain
- * a padding byte and MAC. (If the padding was invalid, it might contain the
- * padding too. )
- * Returns 1 on success or 0 on error
- */
-int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx,
-                            unsigned char *md_out,
-                            size_t *md_out_size,
-                            const unsigned char header[13],
-                            const unsigned char *data,
-                            size_t data_plus_mac_size,
-                            size_t data_plus_mac_plus_padding_size,
-                            const unsigned char *mac_secret,
-                            unsigned mac_secret_length, char is_sslv3)
-{
-    union {
-        double align;
-        unsigned char c[sizeof(LARGEST_DIGEST_CTX)];
-    } md_state;
-    void (*md_final_raw) (void *ctx, unsigned char *md_out);
-    void (*md_transform) (void *ctx, const unsigned char *block);
-    unsigned md_size, md_block_size = 64;
-    unsigned sslv3_pad_length = 40, header_length, variance_blocks,
-        len, max_mac_bytes, num_blocks,
-        num_starting_blocks, k, mac_end_offset, c, index_a, index_b;
-    unsigned int bits;          /* at most 18 bits */
-    unsigned char length_bytes[MAX_HASH_BIT_COUNT_BYTES];
-    /* hmac_pad is the masked HMAC key. */
-    unsigned char hmac_pad[MAX_HASH_BLOCK_SIZE];
-    unsigned char first_block[MAX_HASH_BLOCK_SIZE];
-    unsigned char mac_out[EVP_MAX_MD_SIZE];
-    unsigned i, j, md_out_size_u;
-    EVP_MD_CTX md_ctx;
-    /*
-     * mdLengthSize is the number of bytes in the length field that
-     * terminates * the hash.
-     */
-    unsigned md_length_size = 8;
-    char length_is_big_endian = 1;
-
-    /*
-     * This is a, hopefully redundant, check that allows us to forget about
-     * many possible overflows later in this function.
-     */
-    OPENSSL_assert(data_plus_mac_plus_padding_size < 1024 * 1024);
-
-    switch (EVP_MD_CTX_type(ctx)) {
-    case NID_md5:
-        if (MD5_Init((MD5_CTX *)md_state.c) <= 0)
-            return 0;
-        md_final_raw = tls1_md5_final_raw;
-        md_transform =
-            (void (*)(void *ctx, const unsigned char *block))MD5_Transform;
-        md_size = 16;
-        sslv3_pad_length = 48;
-        length_is_big_endian = 0;
-        break;
-    case NID_sha1:
-        if (SHA1_Init((SHA_CTX *)md_state.c) <= 0)
-            return 0;
-        md_final_raw = tls1_sha1_final_raw;
-        md_transform =
-            (void (*)(void *ctx, const unsigned char *block))SHA1_Transform;
-        md_size = 20;
-        break;
-#ifndef OPENSSL_NO_SHA256
-    case NID_sha224:
-        if (SHA224_Init((SHA256_CTX *)md_state.c) <= 0)
-            return 0;
-        md_final_raw = tls1_sha256_final_raw;
-        md_transform =
-            (void (*)(void *ctx, const unsigned char *block))SHA256_Transform;
-        md_size = 224 / 8;
-        break;
-    case NID_sha256:
-        if (SHA256_Init((SHA256_CTX *)md_state.c) <= 0)
-            return 0;
-        md_final_raw = tls1_sha256_final_raw;
-        md_transform =
-            (void (*)(void *ctx, const unsigned char *block))SHA256_Transform;
-        md_size = 32;
-        break;
-#endif
-#ifndef OPENSSL_NO_SHA512
-    case NID_sha384:
-        if (SHA384_Init((SHA512_CTX *)md_state.c) <= 0)
-            return 0;
-        md_final_raw = tls1_sha512_final_raw;
-        md_transform =
-            (void (*)(void *ctx, const unsigned char *block))SHA512_Transform;
-        md_size = 384 / 8;
-        md_block_size = 128;
-        md_length_size = 16;
-        break;
-    case NID_sha512:
-        if (SHA512_Init((SHA512_CTX *)md_state.c) <= 0)
-            return 0;
-        md_final_raw = tls1_sha512_final_raw;
-        md_transform =
-            (void (*)(void *ctx, const unsigned char *block))SHA512_Transform;
-        md_size = 64;
-        md_block_size = 128;
-        md_length_size = 16;
-        break;
-#endif
-    default:
-        /*
-         * ssl3_cbc_record_digest_supported should have been called first to
-         * check that the hash function is supported.
-         */
-        OPENSSL_assert(0);
-        if (md_out_size)
-            *md_out_size = 0;
-        return 0;
-    }
-
-    OPENSSL_assert(md_length_size <= MAX_HASH_BIT_COUNT_BYTES);
-    OPENSSL_assert(md_block_size <= MAX_HASH_BLOCK_SIZE);
-    OPENSSL_assert(md_size <= EVP_MAX_MD_SIZE);
-
-    header_length = 13;
-    if (is_sslv3) {
-        header_length = mac_secret_length + sslv3_pad_length + 8 /* sequence
-                                                                  * number */  +
-            1 /* record type */  +
-            2 /* record length */ ;
-    }
-
-    /*
-     * variance_blocks is the number of blocks of the hash that we have to
-     * calculate in constant time because they could be altered by the
-     * padding value. In SSLv3, the padding must be minimal so the end of
-     * the plaintext varies by, at most, 15+20 = 35 bytes. (We conservatively
-     * assume that the MAC size varies from 0..20 bytes.) In case the 9 bytes
-     * of hash termination (0x80 + 64-bit length) don't fit in the final
-     * block, we say that the final two blocks can vary based on the padding.
-     * TLSv1 has MACs up to 48 bytes long (SHA-384) and the padding is not
-     * required to be minimal. Therefore we say that the final six blocks can
-     * vary based on the padding. Later in the function, if the message is
-     * short and there obviously cannot be this many blocks then
-     * variance_blocks can be reduced.
-     */
-    variance_blocks = is_sslv3 ? 2 : 6;
-    /*
-     * From now on we're dealing with the MAC, which conceptually has 13
-     * bytes of `header' before the start of the data (TLS) or 71/75 bytes
-     * (SSLv3)
-     */
-    len = data_plus_mac_plus_padding_size + header_length;
-    /*
-     * max_mac_bytes contains the maximum bytes of bytes in the MAC,
-     * including * |header|, assuming that there's no padding.
-     */
-    max_mac_bytes = len - md_size - 1;
-    /* num_blocks is the maximum number of hash blocks. */
-    num_blocks =
-        (max_mac_bytes + 1 + md_length_size + md_block_size -
-         1) / md_block_size;
-    /*
-     * In order to calculate the MAC in constant time we have to handle the
-     * final blocks specially because the padding value could cause the end
-     * to appear somewhere in the final |variance_blocks| blocks and we can't
-     * leak where. However, |num_starting_blocks| worth of data can be hashed
-     * right away because no padding value can affect whether they are
-     * plaintext.
-     */
-    num_starting_blocks = 0;
-    /*
-     * k is the starting byte offset into the conceptual header||data where
-     * we start processing.
-     */
-    k = 0;
-    /*
-     * mac_end_offset is the index just past the end of the data to be MACed.
-     */
-    mac_end_offset = data_plus_mac_size + header_length - md_size;
-    /*
-     * c is the index of the 0x80 byte in the final hash block that contains
-     * application data.
-     */
-    c = mac_end_offset % md_block_size;
-    /*
-     * index_a is the hash block number that contains the 0x80 terminating
-     * value.
-     */
-    index_a = mac_end_offset / md_block_size;
-    /*
-     * index_b is the hash block number that contains the 64-bit hash length,
-     * in bits.
-     */
-    index_b = (mac_end_offset + md_length_size) / md_block_size;
-    /*
-     * bits is the hash-length in bits. It includes the additional hash block
-     * for the masked HMAC key, or whole of |header| in the case of SSLv3.
-     */
-
-    /*
-     * For SSLv3, if we're going to have any starting blocks then we need at
-     * least two because the header is larger than a single block.
-     */
-    if (num_blocks > variance_blocks + (is_sslv3 ? 1 : 0)) {
-        num_starting_blocks = num_blocks - variance_blocks;
-        k = md_block_size * num_starting_blocks;
-    }
-
-    bits = 8 * mac_end_offset;
-    if (!is_sslv3) {
-        /*
-         * Compute the initial HMAC block. For SSLv3, the padding and secret
-         * bytes are included in |header| because they take more than a
-         * single block.
-         */
-        bits += 8 * md_block_size;
-        memset(hmac_pad, 0, md_block_size);
-        OPENSSL_assert(mac_secret_length <= sizeof(hmac_pad));
-        memcpy(hmac_pad, mac_secret, mac_secret_length);
-        for (i = 0; i < md_block_size; i++)
-            hmac_pad[i] ^= 0x36;
-
-        md_transform(md_state.c, hmac_pad);
-    }
-
-    if (length_is_big_endian) {
-        memset(length_bytes, 0, md_length_size - 4);
-        length_bytes[md_length_size - 4] = (unsigned char)(bits >> 24);
-        length_bytes[md_length_size - 3] = (unsigned char)(bits >> 16);
-        length_bytes[md_length_size - 2] = (unsigned char)(bits >> 8);
-        length_bytes[md_length_size - 1] = (unsigned char)bits;
-    } else {
-        memset(length_bytes, 0, md_length_size);
-        length_bytes[md_length_size - 5] = (unsigned char)(bits >> 24);
-        length_bytes[md_length_size - 6] = (unsigned char)(bits >> 16);
-        length_bytes[md_length_size - 7] = (unsigned char)(bits >> 8);
-        length_bytes[md_length_size - 8] = (unsigned char)bits;
-    }
-
-    if (k > 0) {
-        if (is_sslv3) {
-            unsigned overhang;
-
-            /*
-             * The SSLv3 header is larger than a single block. overhang is
-             * the number of bytes beyond a single block that the header
-             * consumes: either 7 bytes (SHA1) or 11 bytes (MD5). There are no
-             * ciphersuites in SSLv3 that are not SHA1 or MD5 based and
-             * therefore we can be confident that the header_length will be
-             * greater than |md_block_size|. However we add a sanity check just
-             * in case
-             */
-            if (header_length <= md_block_size) {
-                /* Should never happen */
-                return 0;
-            }
-            overhang = header_length - md_block_size;
-            md_transform(md_state.c, header);
-            memcpy(first_block, header + md_block_size, overhang);
-            memcpy(first_block + overhang, data, md_block_size - overhang);
-            md_transform(md_state.c, first_block);
-            for (i = 1; i < k / md_block_size - 1; i++)
-                md_transform(md_state.c, data + md_block_size * i - overhang);
-        } else {
-            /* k is a multiple of md_block_size. */
-            memcpy(first_block, header, 13);
-            memcpy(first_block + 13, data, md_block_size - 13);
-            md_transform(md_state.c, first_block);
-            for (i = 1; i < k / md_block_size; i++)
-                md_transform(md_state.c, data + md_block_size * i - 13);
-        }
-    }
-
-    memset(mac_out, 0, sizeof(mac_out));
-
-    /*
-     * We now process the final hash blocks. For each block, we construct it
-     * in constant time. If the |i==index_a| then we'll include the 0x80
-     * bytes and zero pad etc. For each block we selectively copy it, in
-     * constant time, to |mac_out|.
-     */
-    for (i = num_starting_blocks; i <= num_starting_blocks + variance_blocks;
-         i++) {
-        unsigned char block[MAX_HASH_BLOCK_SIZE];
-        unsigned char is_block_a = constant_time_eq_8(i, index_a);
-        unsigned char is_block_b = constant_time_eq_8(i, index_b);
-        for (j = 0; j < md_block_size; j++) {
-            unsigned char b = 0, is_past_c, is_past_cp1;
-            if (k < header_length)
-                b = header[k];
-            else if (k < data_plus_mac_plus_padding_size + header_length)
-                b = data[k - header_length];
-            k++;
-
-            is_past_c = is_block_a & constant_time_ge_8(j, c);
-            is_past_cp1 = is_block_a & constant_time_ge_8(j, c + 1);
-            /*
-             * If this is the block containing the end of the application
-             * data, and we are at the offset for the 0x80 value, then
-             * overwrite b with 0x80.
-             */
-            b = constant_time_select_8(is_past_c, 0x80, b);
-            /*
-             * If this the the block containing the end of the application
-             * data and we're past the 0x80 value then just write zero.
-             */
-            b = b & ~is_past_cp1;
-            /*
-             * If this is index_b (the final block), but not index_a (the end
-             * of the data), then the 64-bit length didn't fit into index_a
-             * and we're having to add an extra block of zeros.
-             */
-            b &= ~is_block_b | is_block_a;
-
-            /*
-             * The final bytes of one of the blocks contains the length.
-             */
-            if (j >= md_block_size - md_length_size) {
-                /* If this is index_b, write a length byte. */
-                b = constant_time_select_8(is_block_b,
-                                           length_bytes[j -
-                                                        (md_block_size -
-                                                         md_length_size)], b);
-            }
-            block[j] = b;
-        }
-
-        md_transform(md_state.c, block);
-        md_final_raw(md_state.c, block);
-        /* If this is index_b, copy the hash value to |mac_out|. */
-        for (j = 0; j < md_size; j++)
-            mac_out[j] |= block[j] & is_block_b;
-    }
-
-    EVP_MD_CTX_init(&md_ctx);
-    if (EVP_DigestInit_ex(&md_ctx, ctx->digest, NULL /* engine */ ) <= 0)
-        goto err;
-    if (is_sslv3) {
-        /* We repurpose |hmac_pad| to contain the SSLv3 pad2 block. */
-        memset(hmac_pad, 0x5c, sslv3_pad_length);
-
-        if (EVP_DigestUpdate(&md_ctx, mac_secret, mac_secret_length) <= 0
-                || EVP_DigestUpdate(&md_ctx, hmac_pad, sslv3_pad_length) <= 0
-                || EVP_DigestUpdate(&md_ctx, mac_out, md_size) <= 0)
-            goto err;
-    } else {
-        /* Complete the HMAC in the standard manner. */
-        for (i = 0; i < md_block_size; i++)
-            hmac_pad[i] ^= 0x6a;
-
-        if (EVP_DigestUpdate(&md_ctx, hmac_pad, md_block_size) <= 0
-                || EVP_DigestUpdate(&md_ctx, mac_out, md_size) <= 0)
-            goto err;
-    }
-    EVP_DigestFinal(&md_ctx, md_out, &md_out_size_u);
-    if (md_out_size)
-        *md_out_size = md_out_size_u;
-    EVP_MD_CTX_cleanup(&md_ctx);
-
-    return 1;
-err:
-    EVP_MD_CTX_cleanup(&md_ctx);
-    return 0;
-}
-
-#ifdef OPENSSL_FIPS
-
-/*
- * Due to the need to use EVP in FIPS mode we can't reimplement digests but
- * we can ensure the number of blocks processed is equal for all cases by
- * digesting additional data.
- */
-
-void tls_fips_digest_extra(const EVP_CIPHER_CTX *cipher_ctx,
-                           EVP_MD_CTX *mac_ctx, const unsigned char *data,
-                           size_t data_len, size_t orig_len)
-{
-    size_t block_size, digest_pad, blocks_data, blocks_orig;
-    if (EVP_CIPHER_CTX_mode(cipher_ctx) != EVP_CIPH_CBC_MODE)
-        return;
-    block_size = EVP_MD_CTX_block_size(mac_ctx);
-    /*-
-     * We are in FIPS mode if we get this far so we know we have only SHA*
-     * digests and TLS to deal with.
-     * Minimum digest padding length is 17 for SHA384/SHA512 and 9
-     * otherwise.
-     * Additional header is 13 bytes. To get the number of digest blocks
-     * processed round up the amount of data plus padding to the nearest
-     * block length. Block length is 128 for SHA384/SHA512 and 64 otherwise.
-     * So we have:
-     * blocks = (payload_len + digest_pad + 13 + block_size - 1)/block_size
-     * equivalently:
-     * blocks = (payload_len + digest_pad + 12)/block_size + 1
-     * HMAC adds a constant overhead.
-     * We're ultimately only interested in differences so this becomes
-     * blocks = (payload_len + 29)/128
-     * for SHA384/SHA512 and
-     * blocks = (payload_len + 21)/64
-     * otherwise.
-     */
-    digest_pad = block_size == 64 ? 21 : 29;
-    blocks_orig = (orig_len + digest_pad) / block_size;
-    blocks_data = (data_len + digest_pad) / block_size;
-    /*
-     * MAC enough blocks to make up the difference between the original and
-     * actual lengths plus one extra block to ensure this is never a no op.
-     * The "data" pointer should always have enough space to perform this
-     * operation as it is large enough for a maximum length TLS buffer.
-     */
-    EVP_DigestSignUpdate(mac_ctx, data,
-                         (blocks_orig - blocks_data + 1) * block_size);
-}
-#endif
diff --git a/thirdparty/openssl/ssl/s3_clnt.c b/thirdparty/openssl/ssl/s3_clnt.c
deleted file mode 100644
index 5b8b2da59f..0000000000
--- a/thirdparty/openssl/ssl/s3_clnt.c
+++ /dev/null
@@ -1,3787 +0,0 @@
-/* ssl/s3_clnt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * ECC cipher suite support in OpenSSL originally written by
- * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#include "kssl_lcl.h"
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/md5.h>
-#ifdef OPENSSL_FIPS
-# include <openssl/fips.h>
-#endif
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-
-static int ca_dn_cmp(const X509_NAME *const *a, const X509_NAME *const *b);
-#ifndef OPENSSL_NO_TLSEXT
-static int ssl3_check_finished(SSL *s);
-#endif
-
-#ifndef OPENSSL_NO_SSL3_METHOD
-static const SSL_METHOD *ssl3_get_client_method(int ver)
-{
-    if (ver == SSL3_VERSION)
-        return (SSLv3_client_method());
-    else
-        return (NULL);
-}
-
-IMPLEMENT_ssl3_meth_func(SSLv3_client_method,
-                         ssl_undefined_function,
-                         ssl3_connect, ssl3_get_client_method)
-#endif
-int ssl3_connect(SSL *s)
-{
-    BUF_MEM *buf = NULL;
-    unsigned long Time = (unsigned long)time(NULL);
-    void (*cb) (const SSL *ssl, int type, int val) = NULL;
-    int ret = -1;
-    int new_state, state, skip = 0;
-
-    RAND_add(&Time, sizeof(Time), 0);
-    ERR_clear_error();
-    clear_sys_error();
-
-    if (s->info_callback != NULL)
-        cb = s->info_callback;
-    else if (s->ctx->info_callback != NULL)
-        cb = s->ctx->info_callback;
-
-    s->in_handshake++;
-    if (!SSL_in_init(s) || SSL_in_before(s))
-        SSL_clear(s);
-
-#ifndef OPENSSL_NO_HEARTBEATS
-    /*
-     * If we're awaiting a HeartbeatResponse, pretend we already got and
-     * don't await it anymore, because Heartbeats don't make sense during
-     * handshakes anyway.
-     */
-    if (s->tlsext_hb_pending) {
-        s->tlsext_hb_pending = 0;
-        s->tlsext_hb_seq++;
-    }
-#endif
-
-    for (;;) {
-        state = s->state;
-
-        switch (s->state) {
-        case SSL_ST_RENEGOTIATE:
-            s->renegotiate = 1;
-            s->state = SSL_ST_CONNECT;
-            s->ctx->stats.sess_connect_renegotiate++;
-            /* break */
-        case SSL_ST_BEFORE:
-        case SSL_ST_CONNECT:
-        case SSL_ST_BEFORE | SSL_ST_CONNECT:
-        case SSL_ST_OK | SSL_ST_CONNECT:
-
-            s->server = 0;
-            if (cb != NULL)
-                cb(s, SSL_CB_HANDSHAKE_START, 1);
-
-            if ((s->version & 0xff00) != 0x0300) {
-                SSLerr(SSL_F_SSL3_CONNECT, ERR_R_INTERNAL_ERROR);
-                s->state = SSL_ST_ERR;
-                ret = -1;
-                goto end;
-            }
-
-            /* s->version=SSL3_VERSION; */
-            s->type = SSL_ST_CONNECT;
-
-            if (s->init_buf == NULL) {
-                if ((buf = BUF_MEM_new()) == NULL) {
-                    ret = -1;
-                    s->state = SSL_ST_ERR;
-                    goto end;
-                }
-                if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
-                    ret = -1;
-                    s->state = SSL_ST_ERR;
-                    goto end;
-                }
-                s->init_buf = buf;
-                buf = NULL;
-            }
-
-            if (!ssl3_setup_buffers(s)) {
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            }
-
-            /* setup buffing BIO */
-            if (!ssl_init_wbio_buffer(s, 0)) {
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            }
-
-            /* don't push the buffering BIO quite yet */
-
-            if (!ssl3_init_finished_mac(s)) {
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            }
-
-            s->state = SSL3_ST_CW_CLNT_HELLO_A;
-            s->ctx->stats.sess_connect++;
-            s->init_num = 0;
-            s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
-            /*
-             * Should have been reset by ssl3_get_finished, too.
-             */
-            s->s3->change_cipher_spec = 0;
-            break;
-
-        case SSL3_ST_CW_CLNT_HELLO_A:
-        case SSL3_ST_CW_CLNT_HELLO_B:
-
-            s->shutdown = 0;
-            ret = ssl3_client_hello(s);
-            if (ret <= 0)
-                goto end;
-            s->state = SSL3_ST_CR_SRVR_HELLO_A;
-            s->init_num = 0;
-
-            /* turn on buffering for the next lot of output */
-            if (s->bbio != s->wbio)
-                s->wbio = BIO_push(s->bbio, s->wbio);
-
-            break;
-
-        case SSL3_ST_CR_SRVR_HELLO_A:
-        case SSL3_ST_CR_SRVR_HELLO_B:
-            ret = ssl3_get_server_hello(s);
-            if (ret <= 0)
-                goto end;
-
-            if (s->hit) {
-                s->state = SSL3_ST_CR_FINISHED_A;
-#ifndef OPENSSL_NO_TLSEXT
-                if (s->tlsext_ticket_expected) {
-                    /* receive renewed session ticket */
-                    s->state = SSL3_ST_CR_SESSION_TICKET_A;
-                }
-#endif
-            } else {
-                s->state = SSL3_ST_CR_CERT_A;
-            }
-            s->init_num = 0;
-            break;
-        case SSL3_ST_CR_CERT_A:
-        case SSL3_ST_CR_CERT_B:
-#ifndef OPENSSL_NO_TLSEXT
-            /* Noop (ret = 0) for everything but EAP-FAST. */
-            ret = ssl3_check_finished(s);
-            if (ret < 0)
-                goto end;
-            if (ret == 1) {
-                s->hit = 1;
-                s->state = SSL3_ST_CR_FINISHED_A;
-                s->init_num = 0;
-                break;
-            }
-#endif
-            /* Check if it is anon DH/ECDH, SRP auth */
-            /* or PSK */
-            if (!
-                (s->s3->tmp.
-                 new_cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
-                    && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
-                ret = ssl3_get_server_certificate(s);
-                if (ret <= 0)
-                    goto end;
-#ifndef OPENSSL_NO_TLSEXT
-                if (s->tlsext_status_expected)
-                    s->state = SSL3_ST_CR_CERT_STATUS_A;
-                else
-                    s->state = SSL3_ST_CR_KEY_EXCH_A;
-            } else {
-                skip = 1;
-                s->state = SSL3_ST_CR_KEY_EXCH_A;
-            }
-#else
-            } else
-                skip = 1;
-
-            s->state = SSL3_ST_CR_KEY_EXCH_A;
-#endif
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_CR_KEY_EXCH_A:
-        case SSL3_ST_CR_KEY_EXCH_B:
-            ret = ssl3_get_key_exchange(s);
-            if (ret <= 0)
-                goto end;
-            s->state = SSL3_ST_CR_CERT_REQ_A;
-            s->init_num = 0;
-
-            /*
-             * at this point we check that we have the required stuff from
-             * the server
-             */
-            if (!ssl3_check_cert_and_algorithm(s)) {
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            }
-            break;
-
-        case SSL3_ST_CR_CERT_REQ_A:
-        case SSL3_ST_CR_CERT_REQ_B:
-            ret = ssl3_get_certificate_request(s);
-            if (ret <= 0)
-                goto end;
-            s->state = SSL3_ST_CR_SRVR_DONE_A;
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_CR_SRVR_DONE_A:
-        case SSL3_ST_CR_SRVR_DONE_B:
-            ret = ssl3_get_server_done(s);
-            if (ret <= 0)
-                goto end;
-#ifndef OPENSSL_NO_SRP
-            if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP) {
-                if ((ret = SRP_Calc_A_param(s)) <= 0) {
-                    SSLerr(SSL_F_SSL3_CONNECT, SSL_R_SRP_A_CALC);
-                    ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
-                    s->state = SSL_ST_ERR;
-                    goto end;
-                }
-            }
-#endif
-            if (s->s3->tmp.cert_req)
-                s->state = SSL3_ST_CW_CERT_A;
-            else
-                s->state = SSL3_ST_CW_KEY_EXCH_A;
-            s->init_num = 0;
-
-            break;
-
-        case SSL3_ST_CW_CERT_A:
-        case SSL3_ST_CW_CERT_B:
-        case SSL3_ST_CW_CERT_C:
-        case SSL3_ST_CW_CERT_D:
-            ret = ssl3_send_client_certificate(s);
-            if (ret <= 0)
-                goto end;
-            s->state = SSL3_ST_CW_KEY_EXCH_A;
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_CW_KEY_EXCH_A:
-        case SSL3_ST_CW_KEY_EXCH_B:
-            ret = ssl3_send_client_key_exchange(s);
-            if (ret <= 0)
-                goto end;
-            /*
-             * EAY EAY EAY need to check for DH fix cert sent back
-             */
-            /*
-             * For TLS, cert_req is set to 2, so a cert chain of nothing is
-             * sent, but no verify packet is sent
-             */
-            /*
-             * XXX: For now, we do not support client authentication in ECDH
-             * cipher suites with ECDH (rather than ECDSA) certificates. We
-             * need to skip the certificate verify message when client's
-             * ECDH public key is sent inside the client certificate.
-             */
-            if (s->s3->tmp.cert_req == 1) {
-                s->state = SSL3_ST_CW_CERT_VRFY_A;
-            } else {
-                s->state = SSL3_ST_CW_CHANGE_A;
-            }
-            if (s->s3->flags & TLS1_FLAGS_SKIP_CERT_VERIFY) {
-                s->state = SSL3_ST_CW_CHANGE_A;
-            }
-
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_CW_CERT_VRFY_A:
-        case SSL3_ST_CW_CERT_VRFY_B:
-            ret = ssl3_send_client_verify(s);
-            if (ret <= 0)
-                goto end;
-            s->state = SSL3_ST_CW_CHANGE_A;
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_CW_CHANGE_A:
-        case SSL3_ST_CW_CHANGE_B:
-            ret = ssl3_send_change_cipher_spec(s,
-                                               SSL3_ST_CW_CHANGE_A,
-                                               SSL3_ST_CW_CHANGE_B);
-            if (ret <= 0)
-                goto end;
-
-#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
-            s->state = SSL3_ST_CW_FINISHED_A;
-#else
-            if (s->s3->next_proto_neg_seen)
-                s->state = SSL3_ST_CW_NEXT_PROTO_A;
-            else
-                s->state = SSL3_ST_CW_FINISHED_A;
-#endif
-            s->init_num = 0;
-
-            s->session->cipher = s->s3->tmp.new_cipher;
-#ifdef OPENSSL_NO_COMP
-            s->session->compress_meth = 0;
-#else
-            if (s->s3->tmp.new_compression == NULL)
-                s->session->compress_meth = 0;
-            else
-                s->session->compress_meth = s->s3->tmp.new_compression->id;
-#endif
-            if (!s->method->ssl3_enc->setup_key_block(s)) {
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            }
-
-            if (!s->method->ssl3_enc->change_cipher_state(s,
-                                                          SSL3_CHANGE_CIPHER_CLIENT_WRITE))
-            {
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            }
-
-            break;
-
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
-        case SSL3_ST_CW_NEXT_PROTO_A:
-        case SSL3_ST_CW_NEXT_PROTO_B:
-            ret = ssl3_send_next_proto(s);
-            if (ret <= 0)
-                goto end;
-            s->state = SSL3_ST_CW_FINISHED_A;
-            break;
-#endif
-
-        case SSL3_ST_CW_FINISHED_A:
-        case SSL3_ST_CW_FINISHED_B:
-            ret = ssl3_send_finished(s,
-                                     SSL3_ST_CW_FINISHED_A,
-                                     SSL3_ST_CW_FINISHED_B,
-                                     s->method->
-                                     ssl3_enc->client_finished_label,
-                                     s->method->
-                                     ssl3_enc->client_finished_label_len);
-            if (ret <= 0)
-                goto end;
-            s->state = SSL3_ST_CW_FLUSH;
-
-            /* clear flags */
-            s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER;
-            if (s->hit) {
-                s->s3->tmp.next_state = SSL_ST_OK;
-                if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
-                    s->state = SSL_ST_OK;
-                    s->s3->flags |= SSL3_FLAGS_POP_BUFFER;
-                    s->s3->delay_buf_pop_ret = 0;
-                }
-            } else {
-#ifndef OPENSSL_NO_TLSEXT
-                /*
-                 * Allow NewSessionTicket if ticket expected
-                 */
-                if (s->tlsext_ticket_expected)
-                    s->s3->tmp.next_state = SSL3_ST_CR_SESSION_TICKET_A;
-                else
-#endif
-
-                    s->s3->tmp.next_state = SSL3_ST_CR_FINISHED_A;
-            }
-            s->init_num = 0;
-            break;
-
-#ifndef OPENSSL_NO_TLSEXT
-        case SSL3_ST_CR_SESSION_TICKET_A:
-        case SSL3_ST_CR_SESSION_TICKET_B:
-            ret = ssl3_get_new_session_ticket(s);
-            if (ret <= 0)
-                goto end;
-            s->state = SSL3_ST_CR_FINISHED_A;
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_CR_CERT_STATUS_A:
-        case SSL3_ST_CR_CERT_STATUS_B:
-            ret = ssl3_get_cert_status(s);
-            if (ret <= 0)
-                goto end;
-            s->state = SSL3_ST_CR_KEY_EXCH_A;
-            s->init_num = 0;
-            break;
-#endif
-
-        case SSL3_ST_CR_FINISHED_A:
-        case SSL3_ST_CR_FINISHED_B:
-            if (!s->s3->change_cipher_spec)
-                s->s3->flags |= SSL3_FLAGS_CCS_OK;
-            ret = ssl3_get_finished(s, SSL3_ST_CR_FINISHED_A,
-                                    SSL3_ST_CR_FINISHED_B);
-            if (ret <= 0)
-                goto end;
-
-            if (s->hit)
-                s->state = SSL3_ST_CW_CHANGE_A;
-            else
-                s->state = SSL_ST_OK;
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_CW_FLUSH:
-            s->rwstate = SSL_WRITING;
-            if (BIO_flush(s->wbio) <= 0) {
-                ret = -1;
-                goto end;
-            }
-            s->rwstate = SSL_NOTHING;
-            s->state = s->s3->tmp.next_state;
-            break;
-
-        case SSL_ST_OK:
-            /* clean a few things up */
-            ssl3_cleanup_key_block(s);
-
-            if (s->init_buf != NULL) {
-                BUF_MEM_free(s->init_buf);
-                s->init_buf = NULL;
-            }
-
-            /*
-             * If we are not 'joining' the last two packets, remove the
-             * buffering now
-             */
-            if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
-                ssl_free_wbio_buffer(s);
-            /* else do it later in ssl3_write */
-
-            s->init_num = 0;
-            s->renegotiate = 0;
-            s->new_session = 0;
-
-            ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
-            if (s->hit)
-                s->ctx->stats.sess_hit++;
-
-            ret = 1;
-            /* s->server=0; */
-            s->handshake_func = ssl3_connect;
-            s->ctx->stats.sess_connect_good++;
-
-            if (cb != NULL)
-                cb(s, SSL_CB_HANDSHAKE_DONE, 1);
-
-            goto end;
-            /* break; */
-
-        case SSL_ST_ERR:
-        default:
-            SSLerr(SSL_F_SSL3_CONNECT, SSL_R_UNKNOWN_STATE);
-            ret = -1;
-            goto end;
-            /* break; */
-        }
-
-        /* did we do anything */
-        if (!s->s3->tmp.reuse_message && !skip) {
-            if (s->debug) {
-                if ((ret = BIO_flush(s->wbio)) <= 0)
-                    goto end;
-            }
-
-            if ((cb != NULL) && (s->state != state)) {
-                new_state = s->state;
-                s->state = state;
-                cb(s, SSL_CB_CONNECT_LOOP, 1);
-                s->state = new_state;
-            }
-        }
-        skip = 0;
-    }
- end:
-    s->in_handshake--;
-    if (buf != NULL)
-        BUF_MEM_free(buf);
-    if (cb != NULL)
-        cb(s, SSL_CB_CONNECT_EXIT, ret);
-    return (ret);
-}
-
-int ssl3_client_hello(SSL *s)
-{
-    unsigned char *buf;
-    unsigned char *p, *d;
-    int i;
-    unsigned long l;
-    int al = 0;
-#ifndef OPENSSL_NO_COMP
-    int j;
-    SSL_COMP *comp;
-#endif
-
-    buf = (unsigned char *)s->init_buf->data;
-    if (s->state == SSL3_ST_CW_CLNT_HELLO_A) {
-        SSL_SESSION *sess = s->session;
-        if ((sess == NULL) || (sess->ssl_version != s->version) ||
-#ifdef OPENSSL_NO_TLSEXT
-            !sess->session_id_length ||
-#else
-            /*
-             * In the case of EAP-FAST, we can have a pre-shared
-             * "ticket" without a session ID.
-             */
-            (!sess->session_id_length && !sess->tlsext_tick) ||
-#endif
-            (sess->not_resumable)) {
-            if (!ssl_get_new_session(s, 0))
-                goto err;
-        }
-        if (s->method->version == DTLS_ANY_VERSION) {
-            /* Determine which DTLS version to use */
-            int options = s->options;
-            /* If DTLS 1.2 disabled correct the version number */
-            if (options & SSL_OP_NO_DTLSv1_2) {
-                if (tls1_suiteb(s)) {
-                    SSLerr(SSL_F_SSL3_CLIENT_HELLO,
-                           SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE);
-                    goto err;
-                }
-                /*
-                 * Disabling all versions is silly: return an error.
-                 */
-                if (options & SSL_OP_NO_DTLSv1) {
-                    SSLerr(SSL_F_SSL3_CLIENT_HELLO, SSL_R_WRONG_SSL_VERSION);
-                    goto err;
-                }
-                /*
-                 * Update method so we don't use any DTLS 1.2 features.
-                 */
-                s->method = DTLSv1_client_method();
-                s->version = DTLS1_VERSION;
-            } else {
-                /*
-                 * We only support one version: update method
-                 */
-                if (options & SSL_OP_NO_DTLSv1)
-                    s->method = DTLSv1_2_client_method();
-                s->version = DTLS1_2_VERSION;
-            }
-            s->client_version = s->version;
-        }
-        /* else use the pre-loaded session */
-
-        p = s->s3->client_random;
-
-        /*
-         * for DTLS if client_random is initialized, reuse it, we are
-         * required to use same upon reply to HelloVerify
-         */
-        if (SSL_IS_DTLS(s)) {
-            size_t idx;
-            i = 1;
-            for (idx = 0; idx < sizeof(s->s3->client_random); idx++) {
-                if (p[idx]) {
-                    i = 0;
-                    break;
-                }
-            }
-        } else
-            i = 1;
-
-        if (i && ssl_fill_hello_random(s, 0, p,
-                                       sizeof(s->s3->client_random)) <= 0)
-            goto err;
-
-        /* Do the message type and length last */
-        d = p = ssl_handshake_start(s);
-
-        /*-
-         * version indicates the negotiated version: for example from
-         * an SSLv2/v3 compatible client hello). The client_version
-         * field is the maximum version we permit and it is also
-         * used in RSA encrypted premaster secrets. Some servers can
-         * choke if we initially report a higher version then
-         * renegotiate to a lower one in the premaster secret. This
-         * didn't happen with TLS 1.0 as most servers supported it
-         * but it can with TLS 1.1 or later if the server only supports
-         * 1.0.
-         *
-         * Possible scenario with previous logic:
-         *      1. Client hello indicates TLS 1.2
-         *      2. Server hello says TLS 1.0
-         *      3. RSA encrypted premaster secret uses 1.2.
-         *      4. Handhaked proceeds using TLS 1.0.
-         *      5. Server sends hello request to renegotiate.
-         *      6. Client hello indicates TLS v1.0 as we now
-         *         know that is maximum server supports.
-         *      7. Server chokes on RSA encrypted premaster secret
-         *         containing version 1.0.
-         *
-         * For interoperability it should be OK to always use the
-         * maximum version we support in client hello and then rely
-         * on the checking of version to ensure the servers isn't
-         * being inconsistent: for example initially negotiating with
-         * TLS 1.0 and renegotiating with TLS 1.2. We do this by using
-         * client_version in client hello and not resetting it to
-         * the negotiated version.
-         */
-#if 0
-        *(p++) = s->version >> 8;
-        *(p++) = s->version & 0xff;
-        s->client_version = s->version;
-#else
-        *(p++) = s->client_version >> 8;
-        *(p++) = s->client_version & 0xff;
-#endif
-
-        /* Random stuff */
-        memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
-        p += SSL3_RANDOM_SIZE;
-
-        /* Session ID */
-        if (s->new_session)
-            i = 0;
-        else
-            i = s->session->session_id_length;
-        *(p++) = i;
-        if (i != 0) {
-            if (i > (int)sizeof(s->session->session_id)) {
-                SSLerr(SSL_F_SSL3_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-            memcpy(p, s->session->session_id, i);
-            p += i;
-        }
-
-        /* cookie stuff for DTLS */
-        if (SSL_IS_DTLS(s)) {
-            if (s->d1->cookie_len > sizeof(s->d1->cookie)) {
-                SSLerr(SSL_F_SSL3_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-            *(p++) = s->d1->cookie_len;
-            memcpy(p, s->d1->cookie, s->d1->cookie_len);
-            p += s->d1->cookie_len;
-        }
-
-        /* Ciphers supported */
-        i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]), 0);
-        if (i == 0) {
-            SSLerr(SSL_F_SSL3_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
-            goto err;
-        }
-#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH
-        /*
-         * Some servers hang if client hello > 256 bytes as hack workaround
-         * chop number of supported ciphers to keep it well below this if we
-         * use TLS v1.2
-         */
-        if (TLS1_get_version(s) >= TLS1_2_VERSION
-            && i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
-            i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
-#endif
-        s2n(i, p);
-        p += i;
-
-        /* COMPRESSION */
-#ifdef OPENSSL_NO_COMP
-        *(p++) = 1;
-#else
-
-        if ((s->options & SSL_OP_NO_COMPRESSION)
-            || !s->ctx->comp_methods)
-            j = 0;
-        else
-            j = sk_SSL_COMP_num(s->ctx->comp_methods);
-        *(p++) = 1 + j;
-        for (i = 0; i < j; i++) {
-            comp = sk_SSL_COMP_value(s->ctx->comp_methods, i);
-            *(p++) = comp->id;
-        }
-#endif
-        *(p++) = 0;             /* Add the NULL method */
-
-#ifndef OPENSSL_NO_TLSEXT
-        /* TLS extensions */
-        if (ssl_prepare_clienthello_tlsext(s) <= 0) {
-            SSLerr(SSL_F_SSL3_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
-            goto err;
-        }
-        if ((p =
-             ssl_add_clienthello_tlsext(s, p, buf + SSL3_RT_MAX_PLAIN_LENGTH,
-                                        &al)) == NULL) {
-            ssl3_send_alert(s, SSL3_AL_FATAL, al);
-            SSLerr(SSL_F_SSL3_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
-            goto err;
-        }
-#endif
-
-        l = p - d;
-        ssl_set_handshake_header(s, SSL3_MT_CLIENT_HELLO, l);
-        s->state = SSL3_ST_CW_CLNT_HELLO_B;
-    }
-
-    /* SSL3_ST_CW_CLNT_HELLO_B */
-    return ssl_do_write(s);
- err:
-    s->state = SSL_ST_ERR;
-    return (-1);
-}
-
-int ssl3_get_server_hello(SSL *s)
-{
-    STACK_OF(SSL_CIPHER) *sk;
-    const SSL_CIPHER *c;
-    CERT *ct = s->cert;
-    unsigned char *p, *d;
-    int i, al = SSL_AD_INTERNAL_ERROR, ok;
-    unsigned int j;
-    long n;
-#ifndef OPENSSL_NO_COMP
-    SSL_COMP *comp;
-#endif
-    /*
-     * Hello verify request and/or server hello version may not match so set
-     * first packet if we're negotiating version.
-     */
-    if (SSL_IS_DTLS(s))
-        s->first_packet = 1;
-
-    n = s->method->ssl_get_message(s,
-                                   SSL3_ST_CR_SRVR_HELLO_A,
-                                   SSL3_ST_CR_SRVR_HELLO_B, -1, 20000, &ok);
-
-    if (!ok)
-        return ((int)n);
-
-    if (SSL_IS_DTLS(s)) {
-        s->first_packet = 0;
-        if (s->s3->tmp.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST) {
-            if (s->d1->send_cookie == 0) {
-                s->s3->tmp.reuse_message = 1;
-                return 1;
-            } else {            /* already sent a cookie */
-
-                al = SSL_AD_UNEXPECTED_MESSAGE;
-                SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_BAD_MESSAGE_TYPE);
-                goto f_err;
-            }
-        }
-    }
-
-    if (s->s3->tmp.message_type != SSL3_MT_SERVER_HELLO) {
-        al = SSL_AD_UNEXPECTED_MESSAGE;
-        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_BAD_MESSAGE_TYPE);
-        goto f_err;
-    }
-
-    d = p = (unsigned char *)s->init_msg;
-    if (s->method->version == DTLS_ANY_VERSION) {
-        /* Work out correct protocol version to use */
-        int hversion = (p[0] << 8) | p[1];
-        int options = s->options;
-        if (hversion == DTLS1_2_VERSION && !(options & SSL_OP_NO_DTLSv1_2))
-            s->method = DTLSv1_2_client_method();
-        else if (tls1_suiteb(s)) {
-            SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
-                   SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE);
-            s->version = hversion;
-            al = SSL_AD_PROTOCOL_VERSION;
-            goto f_err;
-        } else if (hversion == DTLS1_VERSION && !(options & SSL_OP_NO_DTLSv1))
-            s->method = DTLSv1_client_method();
-        else {
-            SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_SSL_VERSION);
-            s->version = hversion;
-            al = SSL_AD_PROTOCOL_VERSION;
-            goto f_err;
-        }
-        s->session->ssl_version = s->version = s->method->version;
-    }
-
-    if ((p[0] != (s->version >> 8)) || (p[1] != (s->version & 0xff))) {
-        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_SSL_VERSION);
-        s->version = (s->version & 0xff00) | p[1];
-        al = SSL_AD_PROTOCOL_VERSION;
-        goto f_err;
-    }
-    p += 2;
-
-    /* load the server hello data */
-    /* load the server random */
-    memcpy(s->s3->server_random, p, SSL3_RANDOM_SIZE);
-    p += SSL3_RANDOM_SIZE;
-
-    s->hit = 0;
-
-    /* get the session-id */
-    j = *(p++);
-
-    if ((j > sizeof s->session->session_id) || (j > SSL3_SESSION_ID_SIZE)) {
-        al = SSL_AD_ILLEGAL_PARAMETER;
-        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_SSL3_SESSION_ID_TOO_LONG);
-        goto f_err;
-    }
-#ifndef OPENSSL_NO_TLSEXT
-    /*
-     * Check if we can resume the session based on external pre-shared secret.
-     * EAP-FAST (RFC 4851) supports two types of session resumption.
-     * Resumption based on server-side state works with session IDs.
-     * Resumption based on pre-shared Protected Access Credentials (PACs)
-     * works by overriding the SessionTicket extension at the application
-     * layer, and does not send a session ID. (We do not know whether EAP-FAST
-     * servers would honour the session ID.) Therefore, the session ID alone
-     * is not a reliable indicator of session resumption, so we first check if
-     * we can resume, and later peek at the next handshake message to see if the
-     * server wants to resume.
-     */
-    if (s->version >= TLS1_VERSION && s->tls_session_secret_cb &&
-        s->session->tlsext_tick) {
-        SSL_CIPHER *pref_cipher = NULL;
-        s->session->master_key_length = sizeof(s->session->master_key);
-        if (s->tls_session_secret_cb(s, s->session->master_key,
-                                     &s->session->master_key_length,
-                                     NULL, &pref_cipher,
-                                     s->tls_session_secret_cb_arg)) {
-            s->session->cipher = pref_cipher ?
-                pref_cipher : ssl_get_cipher_by_char(s, p + j);
-        } else {
-            SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
-            al = SSL_AD_INTERNAL_ERROR;
-            goto f_err;
-        }
-    }
-#endif                          /* OPENSSL_NO_TLSEXT */
-
-    if (j != 0 && j == s->session->session_id_length
-        && memcmp(p, s->session->session_id, j) == 0) {
-        if (s->sid_ctx_length != s->session->sid_ctx_length
-            || memcmp(s->session->sid_ctx, s->sid_ctx, s->sid_ctx_length)) {
-            /* actually a client application bug */
-            al = SSL_AD_ILLEGAL_PARAMETER;
-            SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
-                   SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
-            goto f_err;
-        }
-        s->hit = 1;
-    } else {
-        /*
-         * If we were trying for session-id reuse but the server
-         * didn't echo the ID, make a new SSL_SESSION.
-         * In the case of EAP-FAST and PAC, we do not send a session ID,
-         * so the PAC-based session secret is always preserved. It'll be
-         * overwritten if the server refuses resumption.
-         */
-        if (s->session->session_id_length > 0) {
-            if (!ssl_get_new_session(s, 0)) {
-                goto f_err;
-            }
-        }
-        s->session->session_id_length = j;
-        memcpy(s->session->session_id, p, j); /* j could be 0 */
-    }
-    p += j;
-    c = ssl_get_cipher_by_char(s, p);
-    if (c == NULL) {
-        /* unknown cipher */
-        al = SSL_AD_ILLEGAL_PARAMETER;
-        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_UNKNOWN_CIPHER_RETURNED);
-        goto f_err;
-    }
-    /* Set version disabled mask now we know version */
-    if (!SSL_USE_TLS1_2_CIPHERS(s))
-        ct->mask_ssl = SSL_TLSV1_2;
-    else
-        ct->mask_ssl = 0;
-    /*
-     * If it is a disabled cipher we didn't send it in client hello, so
-     * return an error.
-     */
-    if (c->algorithm_ssl & ct->mask_ssl ||
-        c->algorithm_mkey & ct->mask_k || c->algorithm_auth & ct->mask_a) {
-        al = SSL_AD_ILLEGAL_PARAMETER;
-        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_CIPHER_RETURNED);
-        goto f_err;
-    }
-    p += ssl_put_cipher_by_char(s, NULL, NULL);
-
-    sk = ssl_get_ciphers_by_id(s);
-    i = sk_SSL_CIPHER_find(sk, c);
-    if (i < 0) {
-        /* we did not say we would use this cipher */
-        al = SSL_AD_ILLEGAL_PARAMETER;
-        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_CIPHER_RETURNED);
-        goto f_err;
-    }
-
-    /*
-     * Depending on the session caching (internal/external), the cipher
-     * and/or cipher_id values may not be set. Make sure that cipher_id is
-     * set and use it for comparison.
-     */
-    if (s->session->cipher)
-        s->session->cipher_id = s->session->cipher->id;
-    if (s->hit && (s->session->cipher_id != c->id)) {
-/* Workaround is now obsolete */
-#if 0
-        if (!(s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
-#endif
-        {
-            al = SSL_AD_ILLEGAL_PARAMETER;
-            SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
-                   SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
-            goto f_err;
-        }
-    }
-    s->s3->tmp.new_cipher = c;
-    /*
-     * Don't digest cached records if no sigalgs: we may need them for client
-     * authentication.
-     */
-    if (!SSL_USE_SIGALGS(s) && !ssl3_digest_cached_records(s))
-        goto f_err;
-    /* lets get the compression algorithm */
-    /* COMPRESSION */
-#ifdef OPENSSL_NO_COMP
-    if (*(p++) != 0) {
-        al = SSL_AD_ILLEGAL_PARAMETER;
-        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
-               SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
-        goto f_err;
-    }
-    /*
-     * If compression is disabled we'd better not try to resume a session
-     * using compression.
-     */
-    if (s->session->compress_meth != 0) {
-        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_INCONSISTENT_COMPRESSION);
-        goto f_err;
-    }
-#else
-    j = *(p++);
-    if (s->hit && j != s->session->compress_meth) {
-        al = SSL_AD_ILLEGAL_PARAMETER;
-        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
-               SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED);
-        goto f_err;
-    }
-    if (j == 0)
-        comp = NULL;
-    else if (s->options & SSL_OP_NO_COMPRESSION) {
-        al = SSL_AD_ILLEGAL_PARAMETER;
-        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_COMPRESSION_DISABLED);
-        goto f_err;
-    } else
-        comp = ssl3_comp_find(s->ctx->comp_methods, j);
-
-    if ((j != 0) && (comp == NULL)) {
-        al = SSL_AD_ILLEGAL_PARAMETER;
-        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
-               SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
-        goto f_err;
-    } else {
-        s->s3->tmp.new_compression = comp;
-    }
-#endif
-
-#ifndef OPENSSL_NO_TLSEXT
-    /* TLS extensions */
-    if (!ssl_parse_serverhello_tlsext(s, &p, d, n)) {
-        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_PARSE_TLSEXT);
-        goto err;
-    }
-#endif
-
-    if (p != (d + n)) {
-        /* wrong packet length */
-        al = SSL_AD_DECODE_ERROR;
-        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_BAD_PACKET_LENGTH);
-        goto f_err;
-    }
-
-    return (1);
- f_err:
-    ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
-    s->state = SSL_ST_ERR;
-    return (-1);
-}
-
-int ssl3_get_server_certificate(SSL *s)
-{
-    int al, i, ok, ret = -1;
-    unsigned long n, nc, llen, l;
-    X509 *x = NULL;
-    const unsigned char *q, *p;
-    unsigned char *d;
-    STACK_OF(X509) *sk = NULL;
-    SESS_CERT *sc;
-    EVP_PKEY *pkey = NULL;
-    int need_cert = 1;          /* VRS: 0=> will allow null cert if auth ==
-                                 * KRB5 */
-
-    n = s->method->ssl_get_message(s,
-                                   SSL3_ST_CR_CERT_A,
-                                   SSL3_ST_CR_CERT_B,
-                                   -1, s->max_cert_list, &ok);
-
-    if (!ok)
-        return ((int)n);
-
-    if ((s->s3->tmp.message_type == SSL3_MT_SERVER_KEY_EXCHANGE) ||
-        ((s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5) &&
-         (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE))) {
-        s->s3->tmp.reuse_message = 1;
-        return (1);
-    }
-
-    if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE) {
-        al = SSL_AD_UNEXPECTED_MESSAGE;
-        SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, SSL_R_BAD_MESSAGE_TYPE);
-        goto f_err;
-    }
-    p = d = (unsigned char *)s->init_msg;
-
-    if ((sk = sk_X509_new_null()) == NULL) {
-        SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    n2l3(p, llen);
-    if (llen + 3 != n) {
-        al = SSL_AD_DECODE_ERROR;
-        SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, SSL_R_LENGTH_MISMATCH);
-        goto f_err;
-    }
-    for (nc = 0; nc < llen;) {
-        if (nc + 3 > llen) {
-            al = SSL_AD_DECODE_ERROR;
-            SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
-                   SSL_R_CERT_LENGTH_MISMATCH);
-            goto f_err;
-        }
-        n2l3(p, l);
-        if ((l + nc + 3) > llen) {
-            al = SSL_AD_DECODE_ERROR;
-            SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
-                   SSL_R_CERT_LENGTH_MISMATCH);
-            goto f_err;
-        }
-
-        q = p;
-        x = d2i_X509(NULL, &q, l);
-        if (x == NULL) {
-            al = SSL_AD_BAD_CERTIFICATE;
-            SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, ERR_R_ASN1_LIB);
-            goto f_err;
-        }
-        if (q != (p + l)) {
-            al = SSL_AD_DECODE_ERROR;
-            SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
-                   SSL_R_CERT_LENGTH_MISMATCH);
-            goto f_err;
-        }
-        if (!sk_X509_push(sk, x)) {
-            SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        x = NULL;
-        nc += l + 3;
-        p = q;
-    }
-
-    i = ssl_verify_cert_chain(s, sk);
-    if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)
-#ifndef OPENSSL_NO_KRB5
-        && !((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5) &&
-             (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
-#endif                          /* OPENSSL_NO_KRB5 */
-        ) {
-        al = ssl_verify_alarm_type(s->verify_result);
-        SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
-               SSL_R_CERTIFICATE_VERIFY_FAILED);
-        goto f_err;
-    }
-    ERR_clear_error();          /* but we keep s->verify_result */
-
-    sc = ssl_sess_cert_new();
-    if (sc == NULL)
-        goto err;
-
-    if (s->session->sess_cert)
-        ssl_sess_cert_free(s->session->sess_cert);
-    s->session->sess_cert = sc;
-
-    sc->cert_chain = sk;
-    /*
-     * Inconsistency alert: cert_chain does include the peer's certificate,
-     * which we don't include in s3_srvr.c
-     */
-    x = sk_X509_value(sk, 0);
-    sk = NULL;
-    /*
-     * VRS 19990621: possible memory leak; sk=null ==> !sk_pop_free() @end
-     */
-
-    pkey = X509_get_pubkey(x);
-
-    /* VRS: allow null cert if auth == KRB5 */
-    need_cert = ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5) &&
-                 (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
-        ? 0 : 1;
-
-#ifdef KSSL_DEBUG
-    fprintf(stderr, "pkey,x = %p, %p\n", pkey, x);
-    fprintf(stderr, "ssl_cert_type(x,pkey) = %d\n", ssl_cert_type(x, pkey));
-    fprintf(stderr, "cipher, alg, nc = %s, %lx, %lx, %d\n",
-            s->s3->tmp.new_cipher->name,
-            s->s3->tmp.new_cipher->algorithm_mkey,
-            s->s3->tmp.new_cipher->algorithm_auth, need_cert);
-#endif                          /* KSSL_DEBUG */
-
-    if (need_cert && ((pkey == NULL) || EVP_PKEY_missing_parameters(pkey))) {
-        x = NULL;
-        al = SSL3_AL_FATAL;
-        SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
-               SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS);
-        goto f_err;
-    }
-
-    i = ssl_cert_type(x, pkey);
-    if (need_cert && i < 0) {
-        x = NULL;
-        al = SSL3_AL_FATAL;
-        SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
-               SSL_R_UNKNOWN_CERTIFICATE_TYPE);
-        goto f_err;
-    }
-
-    if (need_cert) {
-        int exp_idx = ssl_cipher_get_cert_index(s->s3->tmp.new_cipher);
-        if (exp_idx >= 0 && i != exp_idx) {
-            x = NULL;
-            al = SSL_AD_ILLEGAL_PARAMETER;
-            SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
-                   SSL_R_WRONG_CERTIFICATE_TYPE);
-            goto f_err;
-        }
-        sc->peer_cert_type = i;
-        CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
-        /*
-         * Why would the following ever happen? We just created sc a couple
-         * of lines ago.
-         */
-        if (sc->peer_pkeys[i].x509 != NULL)
-            X509_free(sc->peer_pkeys[i].x509);
-        sc->peer_pkeys[i].x509 = x;
-        sc->peer_key = &(sc->peer_pkeys[i]);
-
-        if (s->session->peer != NULL)
-            X509_free(s->session->peer);
-        CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
-        s->session->peer = x;
-    } else {
-        sc->peer_cert_type = i;
-        sc->peer_key = NULL;
-
-        if (s->session->peer != NULL)
-            X509_free(s->session->peer);
-        s->session->peer = NULL;
-    }
-    s->session->verify_result = s->verify_result;
-
-    x = NULL;
-    ret = 1;
-    if (0) {
- f_err:
-        ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
-        s->state = SSL_ST_ERR;
-    }
-
-    EVP_PKEY_free(pkey);
-    X509_free(x);
-    sk_X509_pop_free(sk, X509_free);
-    return (ret);
-}
-
-int ssl3_get_key_exchange(SSL *s)
-{
-#ifndef OPENSSL_NO_RSA
-    unsigned char *q, md_buf[EVP_MAX_MD_SIZE * 2];
-#endif
-    EVP_MD_CTX md_ctx;
-    unsigned char *param, *p;
-    int al, j, ok;
-    long i, param_len, n, alg_k, alg_a;
-    EVP_PKEY *pkey = NULL;
-    const EVP_MD *md = NULL;
-#ifndef OPENSSL_NO_RSA
-    RSA *rsa = NULL;
-#endif
-#ifndef OPENSSL_NO_DH
-    DH *dh = NULL;
-#endif
-#ifndef OPENSSL_NO_ECDH
-    EC_KEY *ecdh = NULL;
-    BN_CTX *bn_ctx = NULL;
-    EC_POINT *srvr_ecpoint = NULL;
-    int curve_nid = 0;
-    int encoded_pt_len = 0;
-#endif
-
-    EVP_MD_CTX_init(&md_ctx);
-
-    /*
-     * use same message size as in ssl3_get_certificate_request() as
-     * ServerKeyExchange message may be skipped
-     */
-    n = s->method->ssl_get_message(s,
-                                   SSL3_ST_CR_KEY_EXCH_A,
-                                   SSL3_ST_CR_KEY_EXCH_B,
-                                   -1, s->max_cert_list, &ok);
-    if (!ok)
-        return ((int)n);
-
-    alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-
-    if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) {
-        /*
-         * Can't skip server key exchange if this is an ephemeral
-         * ciphersuite.
-         */
-        if (alg_k & (SSL_kDHE | SSL_kECDHE)) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE);
-            al = SSL_AD_UNEXPECTED_MESSAGE;
-            goto f_err;
-        }
-#ifndef OPENSSL_NO_PSK
-        /*
-         * In plain PSK ciphersuite, ServerKeyExchange can be omitted if no
-         * identity hint is sent. Set session->sess_cert anyway to avoid
-         * problems later.
-         */
-        if (alg_k & SSL_kPSK) {
-            s->session->sess_cert = ssl_sess_cert_new();
-            if (s->ctx->psk_identity_hint)
-                OPENSSL_free(s->ctx->psk_identity_hint);
-            s->ctx->psk_identity_hint = NULL;
-        }
-#endif
-        s->s3->tmp.reuse_message = 1;
-        return (1);
-    }
-
-    param = p = (unsigned char *)s->init_msg;
-    if (s->session->sess_cert != NULL) {
-#ifndef OPENSSL_NO_RSA
-        if (s->session->sess_cert->peer_rsa_tmp != NULL) {
-            RSA_free(s->session->sess_cert->peer_rsa_tmp);
-            s->session->sess_cert->peer_rsa_tmp = NULL;
-        }
-#endif
-#ifndef OPENSSL_NO_DH
-        if (s->session->sess_cert->peer_dh_tmp) {
-            DH_free(s->session->sess_cert->peer_dh_tmp);
-            s->session->sess_cert->peer_dh_tmp = NULL;
-        }
-#endif
-#ifndef OPENSSL_NO_ECDH
-        if (s->session->sess_cert->peer_ecdh_tmp) {
-            EC_KEY_free(s->session->sess_cert->peer_ecdh_tmp);
-            s->session->sess_cert->peer_ecdh_tmp = NULL;
-        }
-#endif
-    } else {
-        s->session->sess_cert = ssl_sess_cert_new();
-    }
-
-    /* Total length of the parameters including the length prefix */
-    param_len = 0;
-
-    alg_a = s->s3->tmp.new_cipher->algorithm_auth;
-
-    al = SSL_AD_DECODE_ERROR;
-
-#ifndef OPENSSL_NO_PSK
-    if (alg_k & SSL_kPSK) {
-        param_len = 2;
-        if (param_len > n) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
-            goto f_err;
-        }
-        n2s(p, i);
-
-        /*
-         * Store PSK identity hint for later use, hint is used in
-         * ssl3_send_client_key_exchange.  Assume that the maximum length of
-         * a PSK identity hint can be as long as the maximum length of a PSK
-         * identity.
-         */
-        if (i > PSK_MAX_IDENTITY_LEN) {
-            al = SSL_AD_HANDSHAKE_FAILURE;
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_DATA_LENGTH_TOO_LONG);
-            goto f_err;
-        }
-        if (i > n - param_len) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-                   SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH);
-            goto f_err;
-        }
-        param_len += i;
-
-        s->session->psk_identity_hint = BUF_strndup((char *)p, i);
-        if (s->session->psk_identity_hint == NULL) {
-            al = SSL_AD_HANDSHAKE_FAILURE;
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
-            goto f_err;
-        }
-
-        p += i;
-        n -= param_len;
-    } else
-#endif                          /* !OPENSSL_NO_PSK */
-#ifndef OPENSSL_NO_SRP
-    if (alg_k & SSL_kSRP) {
-        param_len = 2;
-        if (param_len > n) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
-            goto f_err;
-        }
-        n2s(p, i);
-
-        if (i > n - param_len) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_N_LENGTH);
-            goto f_err;
-        }
-        param_len += i;
-
-        if (!(s->srp_ctx.N = BN_bin2bn(p, i, NULL))) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
-            goto err;
-        }
-        p += i;
-
-        if (2 > n - param_len) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
-            goto f_err;
-        }
-        param_len += 2;
-
-        n2s(p, i);
-
-        if (i > n - param_len) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_G_LENGTH);
-            goto f_err;
-        }
-        param_len += i;
-
-        if (!(s->srp_ctx.g = BN_bin2bn(p, i, NULL))) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
-            goto err;
-        }
-        p += i;
-
-        if (1 > n - param_len) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
-            goto f_err;
-        }
-        param_len += 1;
-
-        i = (unsigned int)(p[0]);
-        p++;
-
-        if (i > n - param_len) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_S_LENGTH);
-            goto f_err;
-        }
-        param_len += i;
-
-        if (!(s->srp_ctx.s = BN_bin2bn(p, i, NULL))) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
-            goto err;
-        }
-        p += i;
-
-        if (2 > n - param_len) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
-            goto f_err;
-        }
-        param_len += 2;
-
-        n2s(p, i);
-
-        if (i > n - param_len) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_B_LENGTH);
-            goto f_err;
-        }
-        param_len += i;
-
-        if (!(s->srp_ctx.B = BN_bin2bn(p, i, NULL))) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
-            goto err;
-        }
-        p += i;
-        n -= param_len;
-
-        if (!srp_verify_server_param(s, &al)) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_PARAMETERS);
-            goto f_err;
-        }
-
-/* We must check if there is a certificate */
-# ifndef OPENSSL_NO_RSA
-        if (alg_a & SSL_aRSA)
-            pkey =
-                X509_get_pubkey(s->session->
-                                sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
-# else
-        if (0) ;
-# endif
-# ifndef OPENSSL_NO_DSA
-        else if (alg_a & SSL_aDSS)
-            pkey =
-                X509_get_pubkey(s->session->
-                                sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].
-                                x509);
-# endif
-    } else
-#endif                          /* !OPENSSL_NO_SRP */
-#ifndef OPENSSL_NO_RSA
-    if (alg_k & SSL_kRSA) {
-        /* Temporary RSA keys only allowed in export ciphersuites */
-        if (!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)) {
-            al = SSL_AD_UNEXPECTED_MESSAGE;
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE);
-            goto f_err;
-        }
-        if ((rsa = RSA_new()) == NULL) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-
-        param_len = 2;
-        if (param_len > n) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
-            goto f_err;
-        }
-        n2s(p, i);
-
-        if (i > n - param_len) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_RSA_MODULUS_LENGTH);
-            goto f_err;
-        }
-        param_len += i;
-
-        if (!(rsa->n = BN_bin2bn(p, i, rsa->n))) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
-            goto err;
-        }
-        p += i;
-
-        if (2 > n - param_len) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
-            goto f_err;
-        }
-        param_len += 2;
-
-        n2s(p, i);
-
-        if (i > n - param_len) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_RSA_E_LENGTH);
-            goto f_err;
-        }
-        param_len += i;
-
-        if (!(rsa->e = BN_bin2bn(p, i, rsa->e))) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
-            goto err;
-        }
-        p += i;
-        n -= param_len;
-
-        /* this should be because we are using an export cipher */
-        if (alg_a & SSL_aRSA)
-            pkey =
-                X509_get_pubkey(s->session->
-                                sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
-        else {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
-            goto err;
-        }
-
-        if (EVP_PKEY_bits(pkey) <= SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
-            al = SSL_AD_UNEXPECTED_MESSAGE;
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE);
-            goto f_err;
-        }
-
-        s->session->sess_cert->peer_rsa_tmp = rsa;
-        rsa = NULL;
-    }
-#else                           /* OPENSSL_NO_RSA */
-    if (0) ;
-#endif
-#ifndef OPENSSL_NO_DH
-    else if (alg_k & SSL_kEDH) {
-        if ((dh = DH_new()) == NULL) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_DH_LIB);
-            goto err;
-        }
-
-        param_len = 2;
-        if (param_len > n) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
-            goto f_err;
-        }
-        n2s(p, i);
-
-        if (i > n - param_len) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_P_LENGTH);
-            goto f_err;
-        }
-        param_len += i;
-
-        if (!(dh->p = BN_bin2bn(p, i, NULL))) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
-            goto err;
-        }
-        p += i;
-
-        if (2 > n - param_len) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
-            goto f_err;
-        }
-        param_len += 2;
-
-        n2s(p, i);
-
-        if (i > n - param_len) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_G_LENGTH);
-            goto f_err;
-        }
-        param_len += i;
-
-        if (!(dh->g = BN_bin2bn(p, i, NULL))) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
-            goto err;
-        }
-        p += i;
-
-        if (2 > n - param_len) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
-            goto f_err;
-        }
-        param_len += 2;
-
-        n2s(p, i);
-
-        if (i > n - param_len) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_PUB_KEY_LENGTH);
-            goto f_err;
-        }
-        param_len += i;
-
-        if (!(dh->pub_key = BN_bin2bn(p, i, NULL))) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
-            goto err;
-        }
-        p += i;
-        n -= param_len;
-
-        if (BN_is_zero(dh->pub_key)) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_PUB_KEY_VALUE);
-            goto f_err;
-        }
-
-        /*-
-         * Check that p and g are suitable enough
-         *
-         * p is odd
-         * 1 < g < p - 1
-         */
-        {
-            BIGNUM *tmp = NULL;
-
-            if (!BN_is_odd(dh->p)) {
-                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_P_VALUE);
-                goto f_err;
-            }
-            if (BN_is_negative(dh->g) || BN_is_zero(dh->g)
-                || BN_is_one(dh->g)) {
-                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_G_VALUE);
-                goto f_err;
-            }
-            if ((tmp = BN_new()) == NULL
-                || BN_copy(tmp, dh->p) == NULL
-                || !BN_sub_word(tmp, 1)) {
-                BN_free(tmp);
-                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
-                goto err;
-            }
-            if (BN_cmp(dh->g, tmp) >= 0) {
-                BN_free(tmp);
-                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_G_VALUE);
-                goto f_err;
-            }
-            BN_free(tmp);
-        }
-
-# ifndef OPENSSL_NO_RSA
-        if (alg_a & SSL_aRSA)
-            pkey =
-                X509_get_pubkey(s->session->
-                                sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
-# else
-        if (0) ;
-# endif
-# ifndef OPENSSL_NO_DSA
-        else if (alg_a & SSL_aDSS)
-            pkey =
-                X509_get_pubkey(s->session->
-                                sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].
-                                x509);
-# endif
-        /* else anonymous DH, so no certificate or pkey. */
-
-        s->session->sess_cert->peer_dh_tmp = dh;
-        dh = NULL;
-    } else if ((alg_k & SSL_kDHr) || (alg_k & SSL_kDHd)) {
-        al = SSL_AD_ILLEGAL_PARAMETER;
-        SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-               SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
-        goto f_err;
-    }
-#endif                          /* !OPENSSL_NO_DH */
-
-#ifndef OPENSSL_NO_ECDH
-    else if (alg_k & SSL_kEECDH) {
-        EC_GROUP *ngroup;
-        const EC_GROUP *group;
-
-        if ((ecdh = EC_KEY_new()) == NULL) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-
-        /*
-         * Extract elliptic curve parameters and the server's ephemeral ECDH
-         * public key. Keep accumulating lengths of various components in
-         * param_len and make sure it never exceeds n.
-         */
-
-        /*
-         * XXX: For now we only support named (not generic) curves and the
-         * ECParameters in this case is just three bytes. We also need one
-         * byte for the length of the encoded point
-         */
-        param_len = 4;
-        if (param_len > n) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
-            goto f_err;
-        }
-        /*
-         * Check curve is one of our preferences, if not server has sent an
-         * invalid curve. ECParameters is 3 bytes.
-         */
-        if (!tls1_check_curve(s, p, 3)) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_WRONG_CURVE);
-            goto f_err;
-        }
-
-        if ((curve_nid = tls1_ec_curve_id2nid(*(p + 2))) == 0) {
-            al = SSL_AD_INTERNAL_ERROR;
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-                   SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS);
-            goto f_err;
-        }
-
-        ngroup = EC_GROUP_new_by_curve_name(curve_nid);
-        if (ngroup == NULL) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_EC_LIB);
-            goto err;
-        }
-        if (EC_KEY_set_group(ecdh, ngroup) == 0) {
-            EC_GROUP_free(ngroup);
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_EC_LIB);
-            goto err;
-        }
-        EC_GROUP_free(ngroup);
-
-        group = EC_KEY_get0_group(ecdh);
-
-        if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
-            (EC_GROUP_get_degree(group) > 163)) {
-            al = SSL_AD_EXPORT_RESTRICTION;
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-                   SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);
-            goto f_err;
-        }
-
-        p += 3;
-
-        /* Next, get the encoded ECPoint */
-        if (((srvr_ecpoint = EC_POINT_new(group)) == NULL) ||
-            ((bn_ctx = BN_CTX_new()) == NULL)) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-
-        encoded_pt_len = *p;    /* length of encoded point */
-        p += 1;
-
-        if ((encoded_pt_len > n - param_len) ||
-            (EC_POINT_oct2point(group, srvr_ecpoint,
-                                p, encoded_pt_len, bn_ctx) == 0)) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_ECPOINT);
-            goto f_err;
-        }
-        param_len += encoded_pt_len;
-
-        n -= param_len;
-        p += encoded_pt_len;
-
-        /*
-         * The ECC/TLS specification does not mention the use of DSA to sign
-         * ECParameters in the server key exchange message. We do support RSA
-         * and ECDSA.
-         */
-        if (0) ;
-# ifndef OPENSSL_NO_RSA
-        else if (alg_a & SSL_aRSA)
-            pkey =
-                X509_get_pubkey(s->session->
-                                sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
-# endif
-# ifndef OPENSSL_NO_ECDSA
-        else if (alg_a & SSL_aECDSA)
-            pkey =
-                X509_get_pubkey(s->session->
-                                sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
-# endif
-        /* else anonymous ECDH, so no certificate or pkey. */
-        EC_KEY_set_public_key(ecdh, srvr_ecpoint);
-        s->session->sess_cert->peer_ecdh_tmp = ecdh;
-        ecdh = NULL;
-        BN_CTX_free(bn_ctx);
-        bn_ctx = NULL;
-        EC_POINT_free(srvr_ecpoint);
-        srvr_ecpoint = NULL;
-    } else if (alg_k) {
-        al = SSL_AD_UNEXPECTED_MESSAGE;
-        SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE);
-        goto f_err;
-    }
-#endif                          /* !OPENSSL_NO_ECDH */
-
-    /* p points to the next byte, there are 'n' bytes left */
-
-    /* if it was signed, check the signature */
-    if (pkey != NULL) {
-        if (SSL_USE_SIGALGS(s)) {
-            int rv;
-            if (2 > n) {
-                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
-                goto f_err;
-            }
-            rv = tls12_check_peer_sigalg(&md, s, p, pkey);
-            if (rv == -1)
-                goto err;
-            else if (rv == 0) {
-                goto f_err;
-            }
-#ifdef SSL_DEBUG
-            fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md));
-#endif
-            p += 2;
-            n -= 2;
-        } else
-            md = EVP_sha1();
-
-        if (2 > n) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
-            goto f_err;
-        }
-        n2s(p, i);
-        n -= 2;
-        j = EVP_PKEY_size(pkey);
-
-        /*
-         * Check signature length. If n is 0 then signature is empty
-         */
-        if ((i != n) || (n > j) || (n <= 0)) {
-            /* wrong packet length */
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_WRONG_SIGNATURE_LENGTH);
-            goto f_err;
-        }
-#ifndef OPENSSL_NO_RSA
-        if (pkey->type == EVP_PKEY_RSA && !SSL_USE_SIGALGS(s)) {
-            int num;
-            unsigned int size;
-
-            j = 0;
-            q = md_buf;
-            for (num = 2; num > 0; num--) {
-                EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
-                if (EVP_DigestInit_ex(&md_ctx,
-                                      (num == 2) ? s->ctx->md5 : s->ctx->sha1,
-                                      NULL) <= 0
-                        || EVP_DigestUpdate(&md_ctx, &(s->s3->client_random[0]),
-                                            SSL3_RANDOM_SIZE) <= 0
-                        || EVP_DigestUpdate(&md_ctx, &(s->s3->server_random[0]),
-                                            SSL3_RANDOM_SIZE) <= 0
-                        || EVP_DigestUpdate(&md_ctx, param, param_len) <= 0
-                        || EVP_DigestFinal_ex(&md_ctx, q, &size) <= 0) {
-                    SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-                           ERR_R_INTERNAL_ERROR);
-                    al = SSL_AD_INTERNAL_ERROR;
-                    goto f_err;
-                }
-                q += size;
-                j += size;
-            }
-            i = RSA_verify(NID_md5_sha1, md_buf, j, p, n, pkey->pkey.rsa);
-            if (i < 0) {
-                al = SSL_AD_DECRYPT_ERROR;
-                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_RSA_DECRYPT);
-                goto f_err;
-            }
-            if (i == 0) {
-                /* bad signature */
-                al = SSL_AD_DECRYPT_ERROR;
-                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SIGNATURE);
-                goto f_err;
-            }
-        } else
-#endif
-        {
-            if (EVP_VerifyInit_ex(&md_ctx, md, NULL) <= 0
-                    || EVP_VerifyUpdate(&md_ctx, &(s->s3->client_random[0]),
-                                        SSL3_RANDOM_SIZE) <= 0
-                    || EVP_VerifyUpdate(&md_ctx, &(s->s3->server_random[0]),
-                                        SSL3_RANDOM_SIZE) <= 0
-                    || EVP_VerifyUpdate(&md_ctx, param, param_len) <= 0) {
-                al = SSL_AD_INTERNAL_ERROR;
-                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_EVP_LIB);
-                goto f_err;
-            }
-            if (EVP_VerifyFinal(&md_ctx, p, (int)n, pkey) <= 0) {
-                /* bad signature */
-                al = SSL_AD_DECRYPT_ERROR;
-                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SIGNATURE);
-                goto f_err;
-            }
-        }
-    } else {
-        /* aNULL, aSRP or kPSK do not need public keys */
-        if (!(alg_a & (SSL_aNULL | SSL_aSRP)) && !(alg_k & SSL_kPSK)) {
-            /* Might be wrong key type, check it */
-            if (ssl3_check_cert_and_algorithm(s))
-                /* Otherwise this shouldn't happen */
-                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
-            goto err;
-        }
-        /* still data left over */
-        if (n != 0) {
-            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_EXTRA_DATA_IN_MESSAGE);
-            goto f_err;
-        }
-    }
-    EVP_PKEY_free(pkey);
-    EVP_MD_CTX_cleanup(&md_ctx);
-    return (1);
- f_err:
-    ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
-    EVP_PKEY_free(pkey);
-#ifndef OPENSSL_NO_RSA
-    if (rsa != NULL)
-        RSA_free(rsa);
-#endif
-#ifndef OPENSSL_NO_DH
-    if (dh != NULL)
-        DH_free(dh);
-#endif
-#ifndef OPENSSL_NO_ECDH
-    BN_CTX_free(bn_ctx);
-    EC_POINT_free(srvr_ecpoint);
-    if (ecdh != NULL)
-        EC_KEY_free(ecdh);
-#endif
-    EVP_MD_CTX_cleanup(&md_ctx);
-    s->state = SSL_ST_ERR;
-    return (-1);
-}
-
-int ssl3_get_certificate_request(SSL *s)
-{
-    int ok, ret = 0;
-    unsigned long n, nc, l;
-    unsigned int llen, ctype_num, i;
-    X509_NAME *xn = NULL;
-    const unsigned char *p, *q;
-    unsigned char *d;
-    STACK_OF(X509_NAME) *ca_sk = NULL;
-
-    n = s->method->ssl_get_message(s,
-                                   SSL3_ST_CR_CERT_REQ_A,
-                                   SSL3_ST_CR_CERT_REQ_B,
-                                   -1, s->max_cert_list, &ok);
-
-    if (!ok)
-        return ((int)n);
-
-    s->s3->tmp.cert_req = 0;
-
-    if (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE) {
-        s->s3->tmp.reuse_message = 1;
-        /*
-         * If we get here we don't need any cached handshake records as we
-         * wont be doing client auth.
-         */
-        if (s->s3->handshake_buffer) {
-            if (!ssl3_digest_cached_records(s))
-                goto err;
-        }
-        return (1);
-    }
-
-    if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST) {
-        ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
-        SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, SSL_R_WRONG_MESSAGE_TYPE);
-        goto err;
-    }
-
-    /* TLS does not like anon-DH with client cert */
-    if (s->version > SSL3_VERSION) {
-        if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) {
-            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
-            SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
-                   SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER);
-            goto err;
-        }
-    }
-
-    p = d = (unsigned char *)s->init_msg;
-
-    if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) {
-        SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    /* get the certificate types */
-    ctype_num = *(p++);
-    if (s->cert->ctypes) {
-        OPENSSL_free(s->cert->ctypes);
-        s->cert->ctypes = NULL;
-    }
-    if (ctype_num > SSL3_CT_NUMBER) {
-        /* If we exceed static buffer copy all to cert structure */
-        s->cert->ctypes = OPENSSL_malloc(ctype_num);
-        if (s->cert->ctypes == NULL) {
-            SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        memcpy(s->cert->ctypes, p, ctype_num);
-        s->cert->ctype_num = (size_t)ctype_num;
-        ctype_num = SSL3_CT_NUMBER;
-    }
-    for (i = 0; i < ctype_num; i++)
-        s->s3->tmp.ctype[i] = p[i];
-    p += p[-1];
-    if (SSL_USE_SIGALGS(s)) {
-        n2s(p, llen);
-        /*
-         * Check we have enough room for signature algorithms and following
-         * length value.
-         */
-        if ((unsigned long)(p - d + llen + 2) > n) {
-            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
-            SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
-                   SSL_R_DATA_LENGTH_TOO_LONG);
-            goto err;
-        }
-        /* Clear certificate digests and validity flags */
-        for (i = 0; i < SSL_PKEY_NUM; i++) {
-            s->cert->pkeys[i].digest = NULL;
-            s->cert->pkeys[i].valid_flags = 0;
-        }
-        if ((llen & 1) || !tls1_save_sigalgs(s, p, llen)) {
-            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
-            SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
-                   SSL_R_SIGNATURE_ALGORITHMS_ERROR);
-            goto err;
-        }
-        if (!tls1_process_sigalgs(s)) {
-            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
-            SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        p += llen;
-    }
-
-    /* get the CA RDNs */
-    n2s(p, llen);
-#if 0
-    {
-        FILE *out;
-        out = fopen("/tmp/vsign.der", "w");
-        fwrite(p, 1, llen, out);
-        fclose(out);
-    }
-#endif
-
-    if ((unsigned long)(p - d + llen) != n) {
-        ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
-        SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, SSL_R_LENGTH_MISMATCH);
-        goto err;
-    }
-
-    for (nc = 0; nc < llen;) {
-        if (nc + 2 > llen) {
-            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
-            SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, SSL_R_CA_DN_TOO_LONG);
-            goto err;
-        }
-        n2s(p, l);
-        if ((l + nc + 2) > llen) {
-            if ((s->options & SSL_OP_NETSCAPE_CA_DN_BUG))
-                goto cont;      /* netscape bugs */
-            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
-            SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, SSL_R_CA_DN_TOO_LONG);
-            goto err;
-        }
-
-        q = p;
-
-        if ((xn = d2i_X509_NAME(NULL, &q, l)) == NULL) {
-            /* If netscape tolerance is on, ignore errors */
-            if (s->options & SSL_OP_NETSCAPE_CA_DN_BUG)
-                goto cont;
-            else {
-                ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
-                SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, ERR_R_ASN1_LIB);
-                goto err;
-            }
-        }
-
-        if (q != (p + l)) {
-            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
-            SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
-                   SSL_R_CA_DN_LENGTH_MISMATCH);
-            goto err;
-        }
-        if (!sk_X509_NAME_push(ca_sk, xn)) {
-            SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        xn = NULL;
-
-        p += l;
-        nc += l + 2;
-    }
-
-    if (0) {
- cont:
-        ERR_clear_error();
-    }
-
-    /* we should setup a certificate to return.... */
-    s->s3->tmp.cert_req = 1;
-    s->s3->tmp.ctype_num = ctype_num;
-    if (s->s3->tmp.ca_names != NULL)
-        sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
-    s->s3->tmp.ca_names = ca_sk;
-    ca_sk = NULL;
-
-    ret = 1;
-    goto done;
- err:
-    s->state = SSL_ST_ERR;
- done:
-    X509_NAME_free(xn);
-    if (ca_sk != NULL)
-        sk_X509_NAME_pop_free(ca_sk, X509_NAME_free);
-    return (ret);
-}
-
-static int ca_dn_cmp(const X509_NAME *const *a, const X509_NAME *const *b)
-{
-    return (X509_NAME_cmp(*a, *b));
-}
-
-#ifndef OPENSSL_NO_TLSEXT
-int ssl3_get_new_session_ticket(SSL *s)
-{
-    int ok, al, ret = 0, ticklen;
-    long n;
-    const unsigned char *p;
-    unsigned char *d;
-    unsigned long ticket_lifetime_hint;
-
-    n = s->method->ssl_get_message(s,
-                                   SSL3_ST_CR_SESSION_TICKET_A,
-                                   SSL3_ST_CR_SESSION_TICKET_B,
-                                   SSL3_MT_NEWSESSION_TICKET, 16384, &ok);
-
-    if (!ok)
-        return ((int)n);
-
-    if (n < 6) {
-        /* need at least ticket_lifetime_hint + ticket length */
-        al = SSL_AD_DECODE_ERROR;
-        SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, SSL_R_LENGTH_MISMATCH);
-        goto f_err;
-    }
-
-    p = d = (unsigned char *)s->init_msg;
-
-    n2l(p, ticket_lifetime_hint);
-    n2s(p, ticklen);
-    /* ticket_lifetime_hint + ticket_length + ticket */
-    if (ticklen + 6 != n) {
-        al = SSL_AD_DECODE_ERROR;
-        SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, SSL_R_LENGTH_MISMATCH);
-        goto f_err;
-    }
-
-    /* Server is allowed to change its mind and send an empty ticket. */
-    if (ticklen == 0)
-        return 1;
-
-    if (s->session->session_id_length > 0) {
-        int i = s->session_ctx->session_cache_mode;
-        SSL_SESSION *new_sess;
-        /*
-         * We reused an existing session, so we need to replace it with a new
-         * one
-         */
-        if (i & SSL_SESS_CACHE_CLIENT) {
-            /*
-             * Remove the old session from the cache
-             */
-            if (i & SSL_SESS_CACHE_NO_INTERNAL_STORE) {
-                if (s->session_ctx->remove_session_cb != NULL)
-                    s->session_ctx->remove_session_cb(s->session_ctx,
-                                                      s->session);
-            } else {
-                /* We carry on if this fails */
-                SSL_CTX_remove_session(s->session_ctx, s->session);
-            }
-        }
-
-        if ((new_sess = ssl_session_dup(s->session, 0)) == 0) {
-            al = SSL_AD_INTERNAL_ERROR;
-            SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, ERR_R_MALLOC_FAILURE);
-            goto f_err;
-        }
-
-        SSL_SESSION_free(s->session);
-        s->session = new_sess;
-    }
-
-    if (s->session->tlsext_tick) {
-        OPENSSL_free(s->session->tlsext_tick);
-        s->session->tlsext_ticklen = 0;
-    }
-    s->session->tlsext_tick = OPENSSL_malloc(ticklen);
-    if (!s->session->tlsext_tick) {
-        SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    memcpy(s->session->tlsext_tick, p, ticklen);
-    s->session->tlsext_tick_lifetime_hint = ticket_lifetime_hint;
-    s->session->tlsext_ticklen = ticklen;
-    /*
-     * There are two ways to detect a resumed ticket session. One is to set
-     * an appropriate session ID and then the server must return a match in
-     * ServerHello. This allows the normal client session ID matching to work
-     * and we know much earlier that the ticket has been accepted. The
-     * other way is to set zero length session ID when the ticket is
-     * presented and rely on the handshake to determine session resumption.
-     * We choose the former approach because this fits in with assumptions
-     * elsewhere in OpenSSL. The session ID is set to the SHA256 (or SHA1 is
-     * SHA256 is disabled) hash of the ticket.
-     */
-    EVP_Digest(p, ticklen,
-               s->session->session_id, &s->session->session_id_length,
-# ifndef OPENSSL_NO_SHA256
-               EVP_sha256(), NULL);
-# else
-               EVP_sha1(), NULL);
-# endif
-    ret = 1;
-    return (ret);
- f_err:
-    ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
-    s->state = SSL_ST_ERR;
-    return (-1);
-}
-
-int ssl3_get_cert_status(SSL *s)
-{
-    int ok, al;
-    unsigned long resplen, n;
-    const unsigned char *p;
-
-    n = s->method->ssl_get_message(s,
-                                   SSL3_ST_CR_CERT_STATUS_A,
-                                   SSL3_ST_CR_CERT_STATUS_B,
-                                   -1, 16384, &ok);
-
-    if (!ok)
-        return ((int)n);
-
-    if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_STATUS) {
-        /*
-         * The CertificateStatus message is optional even if
-         * tlsext_status_expected is set
-         */
-        s->s3->tmp.reuse_message = 1;
-    } else {
-        if (n < 4) {
-            /* need at least status type + length */
-            al = SSL_AD_DECODE_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_LENGTH_MISMATCH);
-            goto f_err;
-        }
-        p = (unsigned char *)s->init_msg;
-        if (*p++ != TLSEXT_STATUSTYPE_ocsp) {
-            al = SSL_AD_DECODE_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_UNSUPPORTED_STATUS_TYPE);
-            goto f_err;
-        }
-        n2l3(p, resplen);
-        if (resplen + 4 != n) {
-            al = SSL_AD_DECODE_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_LENGTH_MISMATCH);
-            goto f_err;
-        }
-        s->tlsext_ocsp_resp = BUF_memdup(p, resplen);
-        if (s->tlsext_ocsp_resp == NULL) {
-            al = SSL_AD_INTERNAL_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CERT_STATUS, ERR_R_MALLOC_FAILURE);
-            goto f_err;
-        }
-        s->tlsext_ocsp_resplen = resplen;
-    }
-    if (s->ctx->tlsext_status_cb) {
-        int ret;
-        ret = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
-        if (ret == 0) {
-            al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
-            SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_INVALID_STATUS_RESPONSE);
-            goto f_err;
-        }
-        if (ret < 0) {
-            al = SSL_AD_INTERNAL_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CERT_STATUS, ERR_R_MALLOC_FAILURE);
-            goto f_err;
-        }
-    }
-    return 1;
- f_err:
-    ssl3_send_alert(s, SSL3_AL_FATAL, al);
-    s->state = SSL_ST_ERR;
-    return (-1);
-}
-#endif
-
-int ssl3_get_server_done(SSL *s)
-{
-    int ok, ret = 0;
-    long n;
-
-    /* Second to last param should be very small, like 0 :-) */
-    n = s->method->ssl_get_message(s,
-                                   SSL3_ST_CR_SRVR_DONE_A,
-                                   SSL3_ST_CR_SRVR_DONE_B,
-                                   SSL3_MT_SERVER_DONE, 30, &ok);
-
-    if (!ok)
-        return ((int)n);
-    if (n > 0) {
-        /* should contain no data */
-        ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
-        SSLerr(SSL_F_SSL3_GET_SERVER_DONE, SSL_R_LENGTH_MISMATCH);
-        s->state = SSL_ST_ERR;
-        return -1;
-    }
-    ret = 1;
-    return (ret);
-}
-
-#ifndef OPENSSL_NO_DH
-static DH *get_server_static_dh_key(SESS_CERT *scert)
-{
-    DH *dh_srvr = NULL;
-    EVP_PKEY *spkey = NULL;
-    int idx = scert->peer_cert_type;
-
-    if (idx >= 0)
-        spkey = X509_get_pubkey(scert->peer_pkeys[idx].x509);
-    if (spkey) {
-        dh_srvr = EVP_PKEY_get1_DH(spkey);
-        EVP_PKEY_free(spkey);
-    }
-    if (dh_srvr == NULL)
-        SSLerr(SSL_F_GET_SERVER_STATIC_DH_KEY, ERR_R_INTERNAL_ERROR);
-    return dh_srvr;
-}
-#endif
-
-int ssl3_send_client_key_exchange(SSL *s)
-{
-    unsigned char *p;
-    int n;
-    unsigned long alg_k;
-#ifndef OPENSSL_NO_RSA
-    unsigned char *q;
-    EVP_PKEY *pkey = NULL;
-#endif
-#ifndef OPENSSL_NO_KRB5
-    KSSL_ERR kssl_err;
-#endif                          /* OPENSSL_NO_KRB5 */
-#ifndef OPENSSL_NO_ECDH
-    EC_KEY *clnt_ecdh = NULL;
-    const EC_POINT *srvr_ecpoint = NULL;
-    EVP_PKEY *srvr_pub_pkey = NULL;
-    unsigned char *encodedPoint = NULL;
-    int encoded_pt_len = 0;
-    BN_CTX *bn_ctx = NULL;
-#endif
-
-    if (s->state == SSL3_ST_CW_KEY_EXCH_A) {
-        p = ssl_handshake_start(s);
-
-        alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-
-        /* Fool emacs indentation */
-        if (0) {
-        }
-#ifndef OPENSSL_NO_RSA
-        else if (alg_k & SSL_kRSA) {
-            RSA *rsa;
-            unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
-
-            if (s->session->sess_cert == NULL) {
-                /*
-                 * We should always have a server certificate with SSL_kRSA.
-                 */
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                       ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-
-            if (s->session->sess_cert->peer_rsa_tmp != NULL)
-                rsa = s->session->sess_cert->peer_rsa_tmp;
-            else {
-                pkey =
-                    X509_get_pubkey(s->session->
-                                    sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].
-                                    x509);
-                if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA)
-                    || (pkey->pkey.rsa == NULL)) {
-                    SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                           ERR_R_INTERNAL_ERROR);
-                    EVP_PKEY_free(pkey);
-                    goto err;
-                }
-                rsa = pkey->pkey.rsa;
-                EVP_PKEY_free(pkey);
-            }
-
-            tmp_buf[0] = s->client_version >> 8;
-            tmp_buf[1] = s->client_version & 0xff;
-            if (RAND_bytes(&(tmp_buf[2]), sizeof tmp_buf - 2) <= 0)
-                goto err;
-
-            s->session->master_key_length = sizeof tmp_buf;
-
-            q = p;
-            /* Fix buf for TLS and beyond */
-            if (s->version > SSL3_VERSION)
-                p += 2;
-            n = RSA_public_encrypt(sizeof tmp_buf,
-                                   tmp_buf, p, rsa, RSA_PKCS1_PADDING);
-# ifdef PKCS1_CHECK
-            if (s->options & SSL_OP_PKCS1_CHECK_1)
-                p[1]++;
-            if (s->options & SSL_OP_PKCS1_CHECK_2)
-                tmp_buf[0] = 0x70;
-# endif
-            if (n <= 0) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                       SSL_R_BAD_RSA_ENCRYPT);
-                goto err;
-            }
-
-            /* Fix buf for TLS and beyond */
-            if (s->version > SSL3_VERSION) {
-                s2n(n, q);
-                n += 2;
-            }
-
-            s->session->master_key_length =
-                s->method->ssl3_enc->generate_master_secret(s,
-                                                            s->
-                                                            session->master_key,
-                                                            tmp_buf,
-                                                            sizeof tmp_buf);
-            OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
-        }
-#endif
-#ifndef OPENSSL_NO_KRB5
-        else if (alg_k & SSL_kKRB5) {
-            krb5_error_code krb5rc;
-            KSSL_CTX *kssl_ctx = s->kssl_ctx;
-            /*  krb5_data   krb5_ap_req;  */
-            krb5_data *enc_ticket;
-            krb5_data authenticator, *authp = NULL;
-            EVP_CIPHER_CTX ciph_ctx;
-            const EVP_CIPHER *enc = NULL;
-            unsigned char iv[EVP_MAX_IV_LENGTH];
-            unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
-            unsigned char epms[SSL_MAX_MASTER_KEY_LENGTH + EVP_MAX_IV_LENGTH];
-            int padl, outl = sizeof(epms);
-
-            EVP_CIPHER_CTX_init(&ciph_ctx);
-
-# ifdef KSSL_DEBUG
-            fprintf(stderr, "ssl3_send_client_key_exchange(%lx & %lx)\n",
-                    alg_k, SSL_kKRB5);
-# endif                         /* KSSL_DEBUG */
-
-            authp = NULL;
-# ifdef KRB5SENDAUTH
-            if (KRB5SENDAUTH)
-                authp = &authenticator;
-# endif                         /* KRB5SENDAUTH */
-
-            krb5rc = kssl_cget_tkt(kssl_ctx, &enc_ticket, authp, &kssl_err);
-            enc = kssl_map_enc(kssl_ctx->enctype);
-            if (enc == NULL)
-                goto err;
-# ifdef KSSL_DEBUG
-            {
-                fprintf(stderr, "kssl_cget_tkt rtn %d\n", krb5rc);
-                if (krb5rc && kssl_err.text)
-                    fprintf(stderr, "kssl_cget_tkt kssl_err=%s\n",
-                            kssl_err.text);
-            }
-# endif                         /* KSSL_DEBUG */
-
-            if (krb5rc) {
-                ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, kssl_err.reason);
-                goto err;
-            }
-
-            /*-
-             * 20010406 VRS - Earlier versions used KRB5 AP_REQ
-             * in place of RFC 2712 KerberosWrapper, as in:
-             *
-             * Send ticket (copy to *p, set n = length)
-             * n = krb5_ap_req.length;
-             * memcpy(p, krb5_ap_req.data, krb5_ap_req.length);
-             * if (krb5_ap_req.data)
-             *   kssl_krb5_free_data_contents(NULL,&krb5_ap_req);
-             *
-             * Now using real RFC 2712 KerberosWrapper
-             * (Thanks to Simon Wilkinson <sxw@sxw.org.uk>)
-             * Note: 2712 "opaque" types are here replaced
-             * with a 2-byte length followed by the value.
-             * Example:
-             * KerberosWrapper= xx xx asn1ticket 0 0 xx xx encpms
-             * Where "xx xx" = length bytes.  Shown here with
-             * optional authenticator omitted.
-             */
-
-            /*  KerberosWrapper.Ticket              */
-            s2n(enc_ticket->length, p);
-            memcpy(p, enc_ticket->data, enc_ticket->length);
-            p += enc_ticket->length;
-            n = enc_ticket->length + 2;
-
-            /*  KerberosWrapper.Authenticator       */
-            if (authp && authp->length) {
-                s2n(authp->length, p);
-                memcpy(p, authp->data, authp->length);
-                p += authp->length;
-                n += authp->length + 2;
-
-                free(authp->data);
-                authp->data = NULL;
-                authp->length = 0;
-            } else {
-                s2n(0, p);      /* null authenticator length */
-                n += 2;
-            }
-
-            tmp_buf[0] = s->client_version >> 8;
-            tmp_buf[1] = s->client_version & 0xff;
-            if (RAND_bytes(&(tmp_buf[2]), sizeof tmp_buf - 2) <= 0)
-                goto err;
-
-            /*-
-             * 20010420 VRS.  Tried it this way; failed.
-             *      EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL);
-             *      EVP_CIPHER_CTX_set_key_length(&ciph_ctx,
-             *                              kssl_ctx->length);
-             *      EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);
-             */
-
-            memset(iv, 0, sizeof iv); /* per RFC 1510 */
-            EVP_EncryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv);
-            EVP_EncryptUpdate(&ciph_ctx, epms, &outl, tmp_buf,
-                              sizeof tmp_buf);
-            EVP_EncryptFinal_ex(&ciph_ctx, &(epms[outl]), &padl);
-            outl += padl;
-            if (outl > (int)sizeof epms) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                       ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-            EVP_CIPHER_CTX_cleanup(&ciph_ctx);
-
-            /*  KerberosWrapper.EncryptedPreMasterSecret    */
-            s2n(outl, p);
-            memcpy(p, epms, outl);
-            p += outl;
-            n += outl + 2;
-
-            s->session->master_key_length =
-                s->method->ssl3_enc->generate_master_secret(s,
-                                                            s->
-                                                            session->master_key,
-                                                            tmp_buf,
-                                                            sizeof tmp_buf);
-
-            OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
-            OPENSSL_cleanse(epms, outl);
-        }
-#endif
-#ifndef OPENSSL_NO_DH
-        else if (alg_k & (SSL_kEDH | SSL_kDHr | SSL_kDHd)) {
-            DH *dh_srvr, *dh_clnt;
-            SESS_CERT *scert = s->session->sess_cert;
-
-            if (scert == NULL) {
-                ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                       SSL_R_UNEXPECTED_MESSAGE);
-                goto err;
-            }
-
-            if (scert->peer_dh_tmp != NULL) {
-                dh_srvr = scert->peer_dh_tmp;
-            } else {
-                dh_srvr = get_server_static_dh_key(scert);
-                if (dh_srvr == NULL)
-                    goto err;
-            }
-
-            if (s->s3->flags & TLS1_FLAGS_SKIP_CERT_VERIFY) {
-                /* Use client certificate key */
-                EVP_PKEY *clkey = s->cert->key->privatekey;
-                dh_clnt = NULL;
-                if (clkey)
-                    dh_clnt = EVP_PKEY_get1_DH(clkey);
-                if (dh_clnt == NULL) {
-                    SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                           ERR_R_INTERNAL_ERROR);
-                    goto err;
-                }
-            } else {
-                /* generate a new random key */
-                if ((dh_clnt = DHparams_dup(dh_srvr)) == NULL) {
-                    SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
-                    goto err;
-                }
-                if (!DH_generate_key(dh_clnt)) {
-                    SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
-                    DH_free(dh_clnt);
-                    goto err;
-                }
-            }
-
-            /*
-             * use the 'p' output buffer for the DH key, but make sure to
-             * clear it out afterwards
-             */
-
-            n = DH_compute_key(p, dh_srvr->pub_key, dh_clnt);
-            if (scert->peer_dh_tmp == NULL)
-                DH_free(dh_srvr);
-
-            if (n <= 0) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
-                DH_free(dh_clnt);
-                goto err;
-            }
-
-            /* generate master key from the result */
-            s->session->master_key_length =
-                s->method->ssl3_enc->generate_master_secret(s,
-                                                            s->
-                                                            session->master_key,
-                                                            p, n);
-            /* clean up */
-            memset(p, 0, n);
-
-            if (s->s3->flags & TLS1_FLAGS_SKIP_CERT_VERIFY)
-                n = 0;
-            else {
-                /* send off the data */
-                n = BN_num_bytes(dh_clnt->pub_key);
-                s2n(n, p);
-                BN_bn2bin(dh_clnt->pub_key, p);
-                n += 2;
-            }
-
-            DH_free(dh_clnt);
-        }
-#endif
-
-#ifndef OPENSSL_NO_ECDH
-        else if (alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe)) {
-            const EC_GROUP *srvr_group = NULL;
-            EC_KEY *tkey;
-            int ecdh_clnt_cert = 0;
-            int field_size = 0;
-
-            if (s->session->sess_cert == NULL) {
-                ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                       SSL_R_UNEXPECTED_MESSAGE);
-                goto err;
-            }
-
-            /*
-             * Did we send out the client's ECDH share for use in premaster
-             * computation as part of client certificate? If so, set
-             * ecdh_clnt_cert to 1.
-             */
-            if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->cert != NULL)) {
-                /*-
-                 * XXX: For now, we do not support client
-                 * authentication using ECDH certificates.
-                 * To add such support, one needs to add
-                 * code that checks for appropriate
-                 * conditions and sets ecdh_clnt_cert to 1.
-                 * For example, the cert have an ECC
-                 * key on the same curve as the server's
-                 * and the key should be authorized for
-                 * key agreement.
-                 *
-                 * One also needs to add code in ssl3_connect
-                 * to skip sending the certificate verify
-                 * message.
-                 *
-                 * if ((s->cert->key->privatekey != NULL) &&
-                 *     (s->cert->key->privatekey->type ==
-                 *      EVP_PKEY_EC) && ...)
-                 * ecdh_clnt_cert = 1;
-                 */
-            }
-
-            if (s->session->sess_cert->peer_ecdh_tmp != NULL) {
-                tkey = s->session->sess_cert->peer_ecdh_tmp;
-            } else {
-                /* Get the Server Public Key from Cert */
-                srvr_pub_pkey =
-                    X509_get_pubkey(s->session->
-                                    sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
-                if ((srvr_pub_pkey == NULL)
-                    || (srvr_pub_pkey->type != EVP_PKEY_EC)
-                    || (srvr_pub_pkey->pkey.ec == NULL)) {
-                    SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                           ERR_R_INTERNAL_ERROR);
-                    goto err;
-                }
-
-                tkey = srvr_pub_pkey->pkey.ec;
-            }
-
-            srvr_group = EC_KEY_get0_group(tkey);
-            srvr_ecpoint = EC_KEY_get0_public_key(tkey);
-
-            if ((srvr_group == NULL) || (srvr_ecpoint == NULL)) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                       ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-
-            if ((clnt_ecdh = EC_KEY_new()) == NULL) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                       ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-
-            if (!EC_KEY_set_group(clnt_ecdh, srvr_group)) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
-                goto err;
-            }
-            if (ecdh_clnt_cert) {
-                /*
-                 * Reuse key info from our certificate We only need our
-                 * private key to perform the ECDH computation.
-                 */
-                const BIGNUM *priv_key;
-                tkey = s->cert->key->privatekey->pkey.ec;
-                priv_key = EC_KEY_get0_private_key(tkey);
-                if (priv_key == NULL) {
-                    SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                           ERR_R_MALLOC_FAILURE);
-                    goto err;
-                }
-                if (!EC_KEY_set_private_key(clnt_ecdh, priv_key)) {
-                    SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
-                    goto err;
-                }
-            } else {
-                /* Generate a new ECDH key pair */
-                if (!(EC_KEY_generate_key(clnt_ecdh))) {
-                    SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                           ERR_R_ECDH_LIB);
-                    goto err;
-                }
-            }
-
-            /*
-             * use the 'p' output buffer for the ECDH key, but make sure to
-             * clear it out afterwards
-             */
-
-            field_size = EC_GROUP_get_degree(srvr_group);
-            if (field_size <= 0) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
-                goto err;
-            }
-            n = ECDH_compute_key(p, (field_size + 7) / 8, srvr_ecpoint,
-                                 clnt_ecdh, NULL);
-            if (n <= 0) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
-                goto err;
-            }
-
-            /* generate master key from the result */
-            s->session->master_key_length =
-                s->method->ssl3_enc->generate_master_secret(s,
-                                                            s->
-                                                            session->master_key,
-                                                            p, n);
-
-            memset(p, 0, n);    /* clean up */
-
-            if (ecdh_clnt_cert) {
-                /* Send empty client key exch message */
-                n = 0;
-            } else {
-                /*
-                 * First check the size of encoding and allocate memory
-                 * accordingly.
-                 */
-                encoded_pt_len =
-                    EC_POINT_point2oct(srvr_group,
-                                       EC_KEY_get0_public_key(clnt_ecdh),
-                                       POINT_CONVERSION_UNCOMPRESSED,
-                                       NULL, 0, NULL);
-
-                encodedPoint = (unsigned char *)
-                    OPENSSL_malloc(encoded_pt_len * sizeof(unsigned char));
-                bn_ctx = BN_CTX_new();
-                if ((encodedPoint == NULL) || (bn_ctx == NULL)) {
-                    SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                           ERR_R_MALLOC_FAILURE);
-                    goto err;
-                }
-
-                /* Encode the public key */
-                n = EC_POINT_point2oct(srvr_group,
-                                       EC_KEY_get0_public_key(clnt_ecdh),
-                                       POINT_CONVERSION_UNCOMPRESSED,
-                                       encodedPoint, encoded_pt_len, bn_ctx);
-
-                *p = n;         /* length of encoded point */
-                /* Encoded point will be copied here */
-                p += 1;
-                /* copy the point */
-                memcpy((unsigned char *)p, encodedPoint, n);
-                /* increment n to account for length field */
-                n += 1;
-            }
-
-            /* Free allocated memory */
-            BN_CTX_free(bn_ctx);
-            if (encodedPoint != NULL)
-                OPENSSL_free(encodedPoint);
-            if (clnt_ecdh != NULL)
-                EC_KEY_free(clnt_ecdh);
-            EVP_PKEY_free(srvr_pub_pkey);
-        }
-#endif                          /* !OPENSSL_NO_ECDH */
-        else if (alg_k & SSL_kGOST) {
-            /* GOST key exchange message creation */
-            EVP_PKEY_CTX *pkey_ctx;
-            X509 *peer_cert;
-            size_t msglen;
-            unsigned int md_len;
-            int keytype;
-            unsigned char premaster_secret[32], shared_ukm[32], tmp[256];
-            EVP_MD_CTX *ukm_hash;
-            EVP_PKEY *pub_key;
-
-            /*
-             * Get server sertificate PKEY and create ctx from it
-             */
-            peer_cert =
-                s->session->
-                sess_cert->peer_pkeys[(keytype = SSL_PKEY_GOST01)].x509;
-            if (!peer_cert)
-                peer_cert =
-                    s->session->
-                    sess_cert->peer_pkeys[(keytype = SSL_PKEY_GOST94)].x509;
-            if (!peer_cert) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                       SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER);
-                goto err;
-            }
-
-            pkey_ctx = EVP_PKEY_CTX_new(pub_key =
-                                        X509_get_pubkey(peer_cert), NULL);
-            if (pkey_ctx == NULL) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                       ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            /*
-             * If we have send a certificate, and certificate key
-             *
-             * * parameters match those of server certificate, use
-             * certificate key for key exchange
-             */
-
-            /* Otherwise, generate ephemeral key pair */
-
-            if (pkey_ctx == NULL
-                    || EVP_PKEY_encrypt_init(pkey_ctx) <= 0
-                    /* Generate session key */
-                    || RAND_bytes(premaster_secret, 32) <= 0) {
-                EVP_PKEY_CTX_free(pkey_ctx);
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                       ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-            /*
-             * Compute shared IV and store it in algorithm-specific context
-             * data
-             */
-            ukm_hash = EVP_MD_CTX_create();
-            if (EVP_DigestInit(ukm_hash,
-                               EVP_get_digestbynid(NID_id_GostR3411_94)) <= 0
-                    || EVP_DigestUpdate(ukm_hash, s->s3->client_random,
-                                        SSL3_RANDOM_SIZE) <= 0
-                    || EVP_DigestUpdate(ukm_hash, s->s3->server_random,
-                                        SSL3_RANDOM_SIZE) <= 0
-                    || EVP_DigestFinal_ex(ukm_hash, shared_ukm, &md_len) <= 0) {
-                EVP_MD_CTX_destroy(ukm_hash);
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                       ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-            EVP_MD_CTX_destroy(ukm_hash);
-            if (EVP_PKEY_CTX_ctrl
-                (pkey_ctx, -1, EVP_PKEY_OP_ENCRYPT, EVP_PKEY_CTRL_SET_IV, 8,
-                 shared_ukm) < 0) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                       SSL_R_LIBRARY_BUG);
-                goto err;
-            }
-            /* Make GOST keytransport blob message */
-            /*
-             * Encapsulate it into sequence
-             */
-            *(p++) = V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED;
-            msglen = 255;
-            if (EVP_PKEY_encrypt(pkey_ctx, tmp, &msglen, premaster_secret, 32)
-                <= 0) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                       SSL_R_LIBRARY_BUG);
-                goto err;
-            }
-            if (msglen >= 0x80) {
-                *(p++) = 0x81;
-                *(p++) = msglen & 0xff;
-                n = msglen + 3;
-            } else {
-                *(p++) = msglen & 0xff;
-                n = msglen + 2;
-            }
-            memcpy(p, tmp, msglen);
-            EVP_PKEY_CTX_free(pkey_ctx);
-            s->session->master_key_length =
-                s->method->ssl3_enc->generate_master_secret(s,
-                                                            s->
-                                                            session->master_key,
-                                                            premaster_secret,
-                                                            32);
-            EVP_PKEY_free(pub_key);
-
-        }
-#ifndef OPENSSL_NO_SRP
-        else if (alg_k & SSL_kSRP) {
-            if (s->srp_ctx.A != NULL) {
-                /* send off the data */
-                n = BN_num_bytes(s->srp_ctx.A);
-                s2n(n, p);
-                BN_bn2bin(s->srp_ctx.A, p);
-                n += 2;
-            } else {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                       ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-            if (s->session->srp_username != NULL)
-                OPENSSL_free(s->session->srp_username);
-            s->session->srp_username = BUF_strdup(s->srp_ctx.login);
-            if (s->session->srp_username == NULL) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                       ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-
-            if ((s->session->master_key_length =
-                 SRP_generate_client_master_secret(s,
-                                                   s->session->master_key)) <
-                0) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                       ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-        }
-#endif
-#ifndef OPENSSL_NO_PSK
-        else if (alg_k & SSL_kPSK) {
-            /*
-             * The callback needs PSK_MAX_IDENTITY_LEN + 1 bytes to return a
-             * \0-terminated identity. The last byte is for us for simulating
-             * strnlen.
-             */
-            char identity[PSK_MAX_IDENTITY_LEN + 2];
-            size_t identity_len;
-            unsigned char *t = NULL;
-            unsigned char psk_or_pre_ms[PSK_MAX_PSK_LEN * 2 + 4];
-            unsigned int pre_ms_len = 0, psk_len = 0;
-            int psk_err = 1;
-
-            n = 0;
-            if (s->psk_client_callback == NULL) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                       SSL_R_PSK_NO_CLIENT_CB);
-                goto err;
-            }
-
-            memset(identity, 0, sizeof(identity));
-            psk_len = s->psk_client_callback(s, s->session->psk_identity_hint,
-                                             identity, sizeof(identity) - 1,
-                                             psk_or_pre_ms,
-                                             sizeof(psk_or_pre_ms));
-            if (psk_len > PSK_MAX_PSK_LEN) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                       ERR_R_INTERNAL_ERROR);
-                goto psk_err;
-            } else if (psk_len == 0) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                       SSL_R_PSK_IDENTITY_NOT_FOUND);
-                goto psk_err;
-            }
-            identity[PSK_MAX_IDENTITY_LEN + 1] = '\0';
-            identity_len = strlen(identity);
-            if (identity_len > PSK_MAX_IDENTITY_LEN) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                       ERR_R_INTERNAL_ERROR);
-                goto psk_err;
-            }
-            /* create PSK pre_master_secret */
-            pre_ms_len = 2 + psk_len + 2 + psk_len;
-            t = psk_or_pre_ms;
-            memmove(psk_or_pre_ms + psk_len + 4, psk_or_pre_ms, psk_len);
-            s2n(psk_len, t);
-            memset(t, 0, psk_len);
-            t += psk_len;
-            s2n(psk_len, t);
-
-            if (s->session->psk_identity_hint != NULL)
-                OPENSSL_free(s->session->psk_identity_hint);
-            s->session->psk_identity_hint =
-                BUF_strdup(s->ctx->psk_identity_hint);
-            if (s->ctx->psk_identity_hint != NULL
-                && s->session->psk_identity_hint == NULL) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                       ERR_R_MALLOC_FAILURE);
-                goto psk_err;
-            }
-
-            if (s->session->psk_identity != NULL)
-                OPENSSL_free(s->session->psk_identity);
-            s->session->psk_identity = BUF_strdup(identity);
-            if (s->session->psk_identity == NULL) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-                       ERR_R_MALLOC_FAILURE);
-                goto psk_err;
-            }
-
-            s->session->master_key_length =
-                s->method->ssl3_enc->generate_master_secret(s,
-                                                            s->
-                                                            session->master_key,
-                                                            psk_or_pre_ms,
-                                                            pre_ms_len);
-            s2n(identity_len, p);
-            memcpy(p, identity, identity_len);
-            n = 2 + identity_len;
-            psk_err = 0;
- psk_err:
-            OPENSSL_cleanse(identity, sizeof(identity));
-            OPENSSL_cleanse(psk_or_pre_ms, sizeof(psk_or_pre_ms));
-            if (psk_err != 0) {
-                ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
-                goto err;
-            }
-        }
-#endif
-        else {
-            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
-            SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
-            goto err;
-        }
-
-        ssl_set_handshake_header(s, SSL3_MT_CLIENT_KEY_EXCHANGE, n);
-        s->state = SSL3_ST_CW_KEY_EXCH_B;
-    }
-
-    /* SSL3_ST_CW_KEY_EXCH_B */
-    return ssl_do_write(s);
- err:
-#ifndef OPENSSL_NO_ECDH
-    BN_CTX_free(bn_ctx);
-    if (encodedPoint != NULL)
-        OPENSSL_free(encodedPoint);
-    if (clnt_ecdh != NULL)
-        EC_KEY_free(clnt_ecdh);
-    EVP_PKEY_free(srvr_pub_pkey);
-#endif
-    s->state = SSL_ST_ERR;
-    return (-1);
-}
-
-int ssl3_send_client_verify(SSL *s)
-{
-    unsigned char *p;
-    unsigned char data[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
-    EVP_PKEY *pkey;
-    EVP_PKEY_CTX *pctx = NULL;
-    EVP_MD_CTX mctx;
-    unsigned u = 0;
-    unsigned long n;
-    int j;
-
-    EVP_MD_CTX_init(&mctx);
-
-    if (s->state == SSL3_ST_CW_CERT_VRFY_A) {
-        p = ssl_handshake_start(s);
-        pkey = s->cert->key->privatekey;
-/* Create context from key and test if sha1 is allowed as digest */
-        pctx = EVP_PKEY_CTX_new(pkey, NULL);
-        if (pctx == NULL || EVP_PKEY_sign_init(pctx) <= 0) {
-            SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
-            goto err;
-        }
-        if (EVP_PKEY_CTX_set_signature_md(pctx, EVP_sha1()) > 0) {
-            if (!SSL_USE_SIGALGS(s))
-                s->method->ssl3_enc->cert_verify_mac(s,
-                                                     NID_sha1,
-                                                     &(data
-                                                       [MD5_DIGEST_LENGTH]));
-        } else {
-            ERR_clear_error();
-        }
-        /*
-         * For TLS v1.2 send signature algorithm and signature using agreed
-         * digest and cached handshake records.
-         */
-        if (SSL_USE_SIGALGS(s)) {
-            long hdatalen = 0;
-            void *hdata;
-            const EVP_MD *md = s->cert->key->digest;
-            hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata);
-            if (hdatalen <= 0 || !tls12_get_sigandhash(p, pkey, md)) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-            p += 2;
-#ifdef SSL_DEBUG
-            fprintf(stderr, "Using TLS 1.2 with client alg %s\n",
-                    EVP_MD_name(md));
-#endif
-            if (!EVP_SignInit_ex(&mctx, md, NULL)
-                || !EVP_SignUpdate(&mctx, hdata, hdatalen)
-                || !EVP_SignFinal(&mctx, p + 2, &u, pkey)) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_EVP_LIB);
-                goto err;
-            }
-            s2n(u, p);
-            n = u + 4;
-            if (!ssl3_digest_cached_records(s))
-                goto err;
-        } else
-#ifndef OPENSSL_NO_RSA
-        if (pkey->type == EVP_PKEY_RSA) {
-            s->method->ssl3_enc->cert_verify_mac(s, NID_md5, &(data[0]));
-            if (RSA_sign(NID_md5_sha1, data,
-                         MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH,
-                         &(p[2]), &u, pkey->pkey.rsa) <= 0) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_RSA_LIB);
-                goto err;
-            }
-            s2n(u, p);
-            n = u + 2;
-        } else
-#endif
-#ifndef OPENSSL_NO_DSA
-        if (pkey->type == EVP_PKEY_DSA) {
-            if (!DSA_sign(pkey->save_type,
-                          &(data[MD5_DIGEST_LENGTH]),
-                          SHA_DIGEST_LENGTH, &(p[2]),
-                          (unsigned int *)&j, pkey->pkey.dsa)) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_DSA_LIB);
-                goto err;
-            }
-            s2n(j, p);
-            n = j + 2;
-        } else
-#endif
-#ifndef OPENSSL_NO_ECDSA
-        if (pkey->type == EVP_PKEY_EC) {
-            if (!ECDSA_sign(pkey->save_type,
-                            &(data[MD5_DIGEST_LENGTH]),
-                            SHA_DIGEST_LENGTH, &(p[2]),
-                            (unsigned int *)&j, pkey->pkey.ec)) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_ECDSA_LIB);
-                goto err;
-            }
-            s2n(j, p);
-            n = j + 2;
-        } else
-#endif
-        if (pkey->type == NID_id_GostR3410_94
-                || pkey->type == NID_id_GostR3410_2001) {
-            unsigned char signbuf[64];
-            int i;
-            size_t sigsize = 64;
-            s->method->ssl3_enc->cert_verify_mac(s,
-                                                 NID_id_GostR3411_94, data);
-            if (EVP_PKEY_sign(pctx, signbuf, &sigsize, data, 32) <= 0) {
-                SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-            for (i = 63, j = 0; i >= 0; j++, i--) {
-                p[2 + j] = signbuf[i];
-            }
-            s2n(j, p);
-            n = j + 2;
-        } else {
-            SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
-            goto err;
-        }
-        ssl_set_handshake_header(s, SSL3_MT_CERTIFICATE_VERIFY, n);
-        s->state = SSL3_ST_CW_CERT_VRFY_B;
-    }
-    EVP_MD_CTX_cleanup(&mctx);
-    EVP_PKEY_CTX_free(pctx);
-    return ssl_do_write(s);
- err:
-    EVP_MD_CTX_cleanup(&mctx);
-    EVP_PKEY_CTX_free(pctx);
-    s->state = SSL_ST_ERR;
-    return (-1);
-}
-
-/*
- * Check a certificate can be used for client authentication. Currently check
- * cert exists, if we have a suitable digest for TLS 1.2 if static DH client
- * certificates can be used and optionally checks suitability for Suite B.
- */
-static int ssl3_check_client_certificate(SSL *s)
-{
-    unsigned long alg_k;
-    if (!s->cert || !s->cert->key->x509 || !s->cert->key->privatekey)
-        return 0;
-    /* If no suitable signature algorithm can't use certificate */
-    if (SSL_USE_SIGALGS(s) && !s->cert->key->digest)
-        return 0;
-    /*
-     * If strict mode check suitability of chain before using it. This also
-     * adjusts suite B digest if necessary.
-     */
-    if (s->cert->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT &&
-        !tls1_check_chain(s, NULL, NULL, NULL, -2))
-        return 0;
-    alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-    /* See if we can use client certificate for fixed DH */
-    if (alg_k & (SSL_kDHr | SSL_kDHd)) {
-        SESS_CERT *scert = s->session->sess_cert;
-        int i = scert->peer_cert_type;
-        EVP_PKEY *clkey = NULL, *spkey = NULL;
-        clkey = s->cert->key->privatekey;
-        /* If client key not DH assume it can be used */
-        if (EVP_PKEY_id(clkey) != EVP_PKEY_DH)
-            return 1;
-        if (i >= 0)
-            spkey = X509_get_pubkey(scert->peer_pkeys[i].x509);
-        if (spkey) {
-            /* Compare server and client parameters */
-            i = EVP_PKEY_cmp_parameters(clkey, spkey);
-            EVP_PKEY_free(spkey);
-            if (i != 1)
-                return 0;
-        }
-        s->s3->flags |= TLS1_FLAGS_SKIP_CERT_VERIFY;
-    }
-    return 1;
-}
-
-int ssl3_send_client_certificate(SSL *s)
-{
-    X509 *x509 = NULL;
-    EVP_PKEY *pkey = NULL;
-    int i;
-
-    if (s->state == SSL3_ST_CW_CERT_A) {
-        /* Let cert callback update client certificates if required */
-        if (s->cert->cert_cb) {
-            i = s->cert->cert_cb(s, s->cert->cert_cb_arg);
-            if (i < 0) {
-                s->rwstate = SSL_X509_LOOKUP;
-                return -1;
-            }
-            if (i == 0) {
-                ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
-                s->state = SSL_ST_ERR;
-                return 0;
-            }
-            s->rwstate = SSL_NOTHING;
-        }
-        if (ssl3_check_client_certificate(s))
-            s->state = SSL3_ST_CW_CERT_C;
-        else
-            s->state = SSL3_ST_CW_CERT_B;
-    }
-
-    /* We need to get a client cert */
-    if (s->state == SSL3_ST_CW_CERT_B) {
-        /*
-         * If we get an error, we need to ssl->rwstate=SSL_X509_LOOKUP;
-         * return(-1); We then get retied later
-         */
-        i = ssl_do_client_cert_cb(s, &x509, &pkey);
-        if (i < 0) {
-            s->rwstate = SSL_X509_LOOKUP;
-            return (-1);
-        }
-        s->rwstate = SSL_NOTHING;
-        if ((i == 1) && (pkey != NULL) && (x509 != NULL)) {
-            s->state = SSL3_ST_CW_CERT_B;
-            if (!SSL_use_certificate(s, x509) || !SSL_use_PrivateKey(s, pkey))
-                i = 0;
-        } else if (i == 1) {
-            i = 0;
-            SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,
-                   SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
-        }
-
-        if (x509 != NULL)
-            X509_free(x509);
-        if (pkey != NULL)
-            EVP_PKEY_free(pkey);
-        if (i && !ssl3_check_client_certificate(s))
-            i = 0;
-        if (i == 0) {
-            if (s->version == SSL3_VERSION) {
-                s->s3->tmp.cert_req = 0;
-                ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_NO_CERTIFICATE);
-                return (1);
-            } else {
-                s->s3->tmp.cert_req = 2;
-            }
-        }
-
-        /* Ok, we have a cert */
-        s->state = SSL3_ST_CW_CERT_C;
-    }
-
-    if (s->state == SSL3_ST_CW_CERT_C) {
-        s->state = SSL3_ST_CW_CERT_D;
-        if (!ssl3_output_cert_chain(s,
-                                    (s->s3->tmp.cert_req ==
-                                     2) ? NULL : s->cert->key)) {
-            SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
-            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
-            s->state = SSL_ST_ERR;
-            return 0;
-        }
-    }
-    /* SSL3_ST_CW_CERT_D */
-    return ssl_do_write(s);
-}
-
-#define has_bits(i,m)   (((i)&(m)) == (m))
-
-int ssl3_check_cert_and_algorithm(SSL *s)
-{
-    int i, idx;
-    long alg_k, alg_a;
-    EVP_PKEY *pkey = NULL;
-    int pkey_bits;
-    SESS_CERT *sc;
-#ifndef OPENSSL_NO_RSA
-    RSA *rsa;
-#endif
-#ifndef OPENSSL_NO_DH
-    DH *dh;
-#endif
-    int al = SSL_AD_HANDSHAKE_FAILURE;
-
-    alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-    alg_a = s->s3->tmp.new_cipher->algorithm_auth;
-
-    /* we don't have a certificate */
-    if ((alg_a & (SSL_aNULL | SSL_aKRB5)) || (alg_k & SSL_kPSK))
-        return (1);
-
-    sc = s->session->sess_cert;
-    if (sc == NULL) {
-        SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-#ifndef OPENSSL_NO_RSA
-    rsa = s->session->sess_cert->peer_rsa_tmp;
-#endif
-#ifndef OPENSSL_NO_DH
-    dh = s->session->sess_cert->peer_dh_tmp;
-#endif
-
-    /* This is the passed certificate */
-
-    idx = sc->peer_cert_type;
-#ifndef OPENSSL_NO_ECDH
-    if (idx == SSL_PKEY_ECC) {
-        if (ssl_check_srvr_ecc_cert_and_alg(sc->peer_pkeys[idx].x509, s) == 0) {
-            /* check failed */
-            SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_BAD_ECC_CERT);
-            goto f_err;
-        } else {
-            return 1;
-        }
-    } else if (alg_a & SSL_aECDSA) {
-        SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
-               SSL_R_MISSING_ECDSA_SIGNING_CERT);
-        goto f_err;
-    } else if (alg_k & (SSL_kECDHr | SSL_kECDHe)) {
-        SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_MISSING_ECDH_CERT);
-        goto f_err;
-    }
-#endif
-    pkey = X509_get_pubkey(sc->peer_pkeys[idx].x509);
-    pkey_bits = EVP_PKEY_bits(pkey);
-    i = X509_certificate_type(sc->peer_pkeys[idx].x509, pkey);
-    EVP_PKEY_free(pkey);
-
-    /* Check that we have a certificate if we require one */
-    if ((alg_a & SSL_aRSA) && !has_bits(i, EVP_PK_RSA | EVP_PKT_SIGN)) {
-        SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
-               SSL_R_MISSING_RSA_SIGNING_CERT);
-        goto f_err;
-    }
-#ifndef OPENSSL_NO_DSA
-    else if ((alg_a & SSL_aDSS) && !has_bits(i, EVP_PK_DSA | EVP_PKT_SIGN)) {
-        SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
-               SSL_R_MISSING_DSA_SIGNING_CERT);
-        goto f_err;
-    }
-#endif
-#ifndef OPENSSL_NO_RSA
-    if (alg_k & SSL_kRSA) {
-        if (!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
-            !has_bits(i, EVP_PK_RSA | EVP_PKT_ENC)) {
-            SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
-                   SSL_R_MISSING_RSA_ENCRYPTING_CERT);
-            goto f_err;
-        } else if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)) {
-            if (pkey_bits <= SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
-                if (!has_bits(i, EVP_PK_RSA | EVP_PKT_ENC)) {
-                    SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
-                           SSL_R_MISSING_RSA_ENCRYPTING_CERT);
-                    goto f_err;
-                }
-                if (rsa != NULL) {
-                    /* server key exchange is not allowed. */
-                    al = SSL_AD_INTERNAL_ERROR;
-                    SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, ERR_R_INTERNAL_ERROR);
-                    goto f_err;
-                }
-            }
-        }
-    }
-#endif
-#ifndef OPENSSL_NO_DH
-    if ((alg_k & SSL_kEDH) && dh == NULL) {
-        al = SSL_AD_INTERNAL_ERROR;
-        SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, ERR_R_INTERNAL_ERROR);
-        goto f_err;
-    }
-    if ((alg_k & SSL_kDHr) && !SSL_USE_SIGALGS(s) &&
-               !has_bits(i, EVP_PK_DH | EVP_PKS_RSA)) {
-        SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
-               SSL_R_MISSING_DH_RSA_CERT);
-        goto f_err;
-    }
-# ifndef OPENSSL_NO_DSA
-    if ((alg_k & SSL_kDHd) && !SSL_USE_SIGALGS(s) &&
-        !has_bits(i, EVP_PK_DH | EVP_PKS_DSA)) {
-        SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
-               SSL_R_MISSING_DH_DSA_CERT);
-        goto f_err;
-    }
-# endif
-
-    if (alg_k & (SSL_kDHE | SSL_kDHr | SSL_kDHd)) {
-        int dh_size;
-        if (alg_k & SSL_kDHE) {
-            dh_size = BN_num_bits(dh->p);
-        } else {
-            DH *dh_srvr = get_server_static_dh_key(sc);
-            if (dh_srvr == NULL)
-                goto f_err;
-            dh_size = BN_num_bits(dh_srvr->p);
-            DH_free(dh_srvr);
-        }
-
-        if ((!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 1024)
-            || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && dh_size < 512)) {
-            SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_DH_KEY_TOO_SMALL);
-            goto f_err;
-        }
-    }
-#endif  /* !OPENSSL_NO_DH */
-
-    if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
-        pkey_bits > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
-#ifndef OPENSSL_NO_RSA
-        if (alg_k & SSL_kRSA) {
-            if (rsa == NULL) {
-                SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
-                       SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
-                goto f_err;
-            } else if (BN_num_bits(rsa->n) >
-                SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
-                /* We have a temporary RSA key but it's too large. */
-                al = SSL_AD_EXPORT_RESTRICTION;
-                SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
-                       SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
-                goto f_err;
-            }
-        } else
-#endif
-#ifndef OPENSSL_NO_DH
-        if (alg_k & SSL_kDHE) {
-            if (BN_num_bits(dh->p) >
-                SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
-                /* We have a temporary DH key but it's too large. */
-                al = SSL_AD_EXPORT_RESTRICTION;
-                SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
-                       SSL_R_MISSING_EXPORT_TMP_DH_KEY);
-                goto f_err;
-            }
-        } else if (alg_k & (SSL_kDHr | SSL_kDHd)) {
-            /* The cert should have had an export DH key. */
-            al = SSL_AD_EXPORT_RESTRICTION;
-            SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
-                   SSL_R_MISSING_EXPORT_TMP_DH_KEY);
-                goto f_err;
-        } else
-#endif
-        {
-            SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
-                   SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
-            goto f_err;
-        }
-    }
-    return (1);
- f_err:
-    ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
-    return (0);
-}
-
-#ifndef OPENSSL_NO_TLSEXT
-/*
- * Normally, we can tell if the server is resuming the session from
- * the session ID. EAP-FAST (RFC 4851), however, relies on the next server
- * message after the ServerHello to determine if the server is resuming.
- * Therefore, we allow EAP-FAST to peek ahead.
- * ssl3_check_finished returns 1 if we are resuming from an external
- * pre-shared secret, we have a "ticket" and the next server handshake message
- * is Finished; and 0 otherwise. It returns -1 upon an error.
- */
-static int ssl3_check_finished(SSL *s)
-{
-    int ok = 0;
-
-    if (s->version < TLS1_VERSION || !s->tls_session_secret_cb ||
-        !s->session->tlsext_tick)
-        return 0;
-
-    /* Need to permit this temporarily, in case the next message is Finished. */
-    s->s3->flags |= SSL3_FLAGS_CCS_OK;
-    /*
-     * This function is called when we might get a Certificate message instead,
-     * so permit appropriate message length.
-     * We ignore the return value as we're only interested in the message type
-     * and not its length.
-     */
-    s->method->ssl_get_message(s,
-                               SSL3_ST_CR_CERT_A,
-                               SSL3_ST_CR_CERT_B,
-                               -1, s->max_cert_list, &ok);
-    s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
-
-    if (!ok)
-        return -1;
-
-    s->s3->tmp.reuse_message = 1;
-
-    if (s->s3->tmp.message_type == SSL3_MT_FINISHED)
-        return 1;
-
-    /* If we're not done, then the CCS arrived early and we should bail. */
-    if (s->s3->change_cipher_spec) {
-        SSLerr(SSL_F_SSL3_CHECK_FINISHED, SSL_R_CCS_RECEIVED_EARLY);
-        ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
-        return -1;
-    }
-
-    return 0;
-}
-
-# ifndef OPENSSL_NO_NEXTPROTONEG
-int ssl3_send_next_proto(SSL *s)
-{
-    unsigned int len, padding_len;
-    unsigned char *d;
-
-    if (s->state == SSL3_ST_CW_NEXT_PROTO_A) {
-        len = s->next_proto_negotiated_len;
-        padding_len = 32 - ((len + 2) % 32);
-        d = (unsigned char *)s->init_buf->data;
-        d[4] = len;
-        memcpy(d + 5, s->next_proto_negotiated, len);
-        d[5 + len] = padding_len;
-        memset(d + 6 + len, 0, padding_len);
-        *(d++) = SSL3_MT_NEXT_PROTO;
-        l2n3(2 + len + padding_len, d);
-        s->state = SSL3_ST_CW_NEXT_PROTO_B;
-        s->init_num = 4 + 2 + len + padding_len;
-        s->init_off = 0;
-    }
-
-    return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
-}
-#endif                          /* !OPENSSL_NO_NEXTPROTONEG */
-#endif                          /* !OPENSSL_NO_TLSEXT */
-
-int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey)
-{
-    int i = 0;
-#ifndef OPENSSL_NO_ENGINE
-    if (s->ctx->client_cert_engine) {
-        i = ENGINE_load_ssl_client_cert(s->ctx->client_cert_engine, s,
-                                        SSL_get_client_CA_list(s),
-                                        px509, ppkey, NULL, NULL, NULL);
-        if (i != 0)
-            return i;
-    }
-#endif
-    if (s->ctx->client_cert_cb)
-        i = s->ctx->client_cert_cb(s, px509, ppkey);
-    return i;
-}
diff --git a/thirdparty/openssl/ssl/s3_enc.c b/thirdparty/openssl/ssl/s3_enc.c
deleted file mode 100644
index 1eee9d9b21..0000000000
--- a/thirdparty/openssl/ssl/s3_enc.c
+++ /dev/null
@@ -1,1000 +0,0 @@
-/* ssl/s3_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/evp.h>
-#include <openssl/md5.h>
-
-static unsigned char ssl3_pad_1[48] = {
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36
-};
-
-static unsigned char ssl3_pad_2[48] = {
-    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c
-};
-
-static int ssl3_handshake_mac(SSL *s, int md_nid,
-                              const char *sender, int len, unsigned char *p);
-static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
-{
-    EVP_MD_CTX m5;
-    EVP_MD_CTX s1;
-    unsigned char buf[16], smd[SHA_DIGEST_LENGTH];
-    unsigned char c = 'A';
-    unsigned int i, j, k;
-
-#ifdef CHARSET_EBCDIC
-    c = os_toascii[c];          /* 'A' in ASCII */
-#endif
-    k = 0;
-    EVP_MD_CTX_init(&m5);
-    EVP_MD_CTX_set_flags(&m5, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
-    EVP_MD_CTX_init(&s1);
-    for (i = 0; (int)i < num; i += MD5_DIGEST_LENGTH) {
-        k++;
-        if (k > sizeof(buf))
-            /* bug: 'buf' is too small for this ciphersuite */
-            goto err;
-
-        for (j = 0; j < k; j++)
-            buf[j] = c;
-        c++;
-        if (!EVP_DigestInit_ex(&s1, EVP_sha1(), NULL) ||
-            !EVP_DigestUpdate(&s1, buf, k) ||
-            !EVP_DigestUpdate(&s1, s->session->master_key,
-                              s->session->master_key_length) ||
-            !EVP_DigestUpdate(&s1, s->s3->server_random, SSL3_RANDOM_SIZE) ||
-            !EVP_DigestUpdate(&s1, s->s3->client_random, SSL3_RANDOM_SIZE) ||
-            !EVP_DigestFinal_ex(&s1, smd, NULL))
-            goto err2;
-
-        if (!EVP_DigestInit_ex(&m5, EVP_md5(), NULL) ||
-            !EVP_DigestUpdate(&m5, s->session->master_key,
-                              s->session->master_key_length) ||
-            !EVP_DigestUpdate(&m5, smd, SHA_DIGEST_LENGTH))
-            goto err2;
-        if ((int)(i + MD5_DIGEST_LENGTH) > num) {
-            if (!EVP_DigestFinal_ex(&m5, smd, NULL))
-                goto err2;
-            memcpy(km, smd, (num - i));
-        } else
-            if (!EVP_DigestFinal_ex(&m5, km, NULL))
-                goto err2;
-
-        km += MD5_DIGEST_LENGTH;
-    }
-    OPENSSL_cleanse(smd, SHA_DIGEST_LENGTH);
-    EVP_MD_CTX_cleanup(&m5);
-    EVP_MD_CTX_cleanup(&s1);
-    return 1;
- err:
-    SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK, ERR_R_INTERNAL_ERROR);
- err2:
-    EVP_MD_CTX_cleanup(&m5);
-    EVP_MD_CTX_cleanup(&s1);
-    return 0;
-}
-
-int ssl3_change_cipher_state(SSL *s, int which)
-{
-    unsigned char *p, *mac_secret;
-    unsigned char exp_key[EVP_MAX_KEY_LENGTH];
-    unsigned char exp_iv[EVP_MAX_IV_LENGTH];
-    unsigned char *ms, *key, *iv, *er1, *er2;
-    EVP_CIPHER_CTX *dd;
-    const EVP_CIPHER *c;
-#ifndef OPENSSL_NO_COMP
-    COMP_METHOD *comp;
-#endif
-    const EVP_MD *m;
-    EVP_MD_CTX md;
-    int is_exp, n, i, j, k, cl;
-    int reuse_dd = 0;
-
-    is_exp = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
-    c = s->s3->tmp.new_sym_enc;
-    m = s->s3->tmp.new_hash;
-    /* m == NULL will lead to a crash later */
-    OPENSSL_assert(m);
-#ifndef OPENSSL_NO_COMP
-    if (s->s3->tmp.new_compression == NULL)
-        comp = NULL;
-    else
-        comp = s->s3->tmp.new_compression->method;
-#endif
-
-    if (which & SSL3_CC_READ) {
-        if (s->enc_read_ctx != NULL)
-            reuse_dd = 1;
-        else if ((s->enc_read_ctx =
-                  OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
-            goto err;
-        else
-            /*
-             * make sure it's intialized in case we exit later with an error
-             */
-            EVP_CIPHER_CTX_init(s->enc_read_ctx);
-        dd = s->enc_read_ctx;
-
-        if (ssl_replace_hash(&s->read_hash, m) == NULL) {
-                SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
-                goto err2;
-        }
-#ifndef OPENSSL_NO_COMP
-        /* COMPRESS */
-        if (s->expand != NULL) {
-            COMP_CTX_free(s->expand);
-            s->expand = NULL;
-        }
-        if (comp != NULL) {
-            s->expand = COMP_CTX_new(comp);
-            if (s->expand == NULL) {
-                SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,
-                       SSL_R_COMPRESSION_LIBRARY_ERROR);
-                goto err2;
-            }
-            if (s->s3->rrec.comp == NULL)
-                s->s3->rrec.comp = (unsigned char *)
-                    OPENSSL_malloc(SSL3_RT_MAX_PLAIN_LENGTH);
-            if (s->s3->rrec.comp == NULL)
-                goto err;
-        }
-#endif
-        memset(&(s->s3->read_sequence[0]), 0, 8);
-        mac_secret = &(s->s3->read_mac_secret[0]);
-    } else {
-        if (s->enc_write_ctx != NULL)
-            reuse_dd = 1;
-        else if ((s->enc_write_ctx =
-                  OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
-            goto err;
-        else
-            /*
-             * make sure it's intialized in case we exit later with an error
-             */
-            EVP_CIPHER_CTX_init(s->enc_write_ctx);
-        dd = s->enc_write_ctx;
-        if (ssl_replace_hash(&s->write_hash, m) == NULL) {
-                SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
-                goto err2;
-        }
-#ifndef OPENSSL_NO_COMP
-        /* COMPRESS */
-        if (s->compress != NULL) {
-            COMP_CTX_free(s->compress);
-            s->compress = NULL;
-        }
-        if (comp != NULL) {
-            s->compress = COMP_CTX_new(comp);
-            if (s->compress == NULL) {
-                SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,
-                       SSL_R_COMPRESSION_LIBRARY_ERROR);
-                goto err2;
-            }
-        }
-#endif
-        memset(&(s->s3->write_sequence[0]), 0, 8);
-        mac_secret = &(s->s3->write_mac_secret[0]);
-    }
-
-    if (reuse_dd)
-        EVP_CIPHER_CTX_cleanup(dd);
-
-    p = s->s3->tmp.key_block;
-    i = EVP_MD_size(m);
-    if (i < 0)
-        goto err2;
-    cl = EVP_CIPHER_key_length(c);
-    j = is_exp ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ?
-                  cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
-    /* Was j=(is_exp)?5:EVP_CIPHER_key_length(c); */
-    k = EVP_CIPHER_iv_length(c);
-    if ((which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
-        (which == SSL3_CHANGE_CIPHER_SERVER_READ)) {
-        ms = &(p[0]);
-        n = i + i;
-        key = &(p[n]);
-        n += j + j;
-        iv = &(p[n]);
-        n += k + k;
-        er1 = &(s->s3->client_random[0]);
-        er2 = &(s->s3->server_random[0]);
-    } else {
-        n = i;
-        ms = &(p[n]);
-        n += i + j;
-        key = &(p[n]);
-        n += j + k;
-        iv = &(p[n]);
-        n += k;
-        er1 = &(s->s3->server_random[0]);
-        er2 = &(s->s3->client_random[0]);
-    }
-
-    if (n > s->s3->tmp.key_block_length) {
-        SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
-        goto err2;
-    }
-
-    EVP_MD_CTX_init(&md);
-    memcpy(mac_secret, ms, i);
-    if (is_exp) {
-        /*
-         * In here I set both the read and write key/iv to the same value
-         * since only the correct one will be used :-).
-         */
-        if (!EVP_DigestInit_ex(&md, EVP_md5(), NULL) ||
-            !EVP_DigestUpdate(&md, key, j) ||
-            !EVP_DigestUpdate(&md, er1, SSL3_RANDOM_SIZE) ||
-            !EVP_DigestUpdate(&md, er2, SSL3_RANDOM_SIZE) ||
-            !EVP_DigestFinal_ex(&md, &(exp_key[0]), NULL)) {
-            EVP_MD_CTX_cleanup(&md);
-            goto err2;
-        }
-        key = &(exp_key[0]);
-
-        if (k > 0) {
-            if (!EVP_DigestInit_ex(&md, EVP_md5(), NULL) ||
-                !EVP_DigestUpdate(&md, er1, SSL3_RANDOM_SIZE) ||
-                !EVP_DigestUpdate(&md, er2, SSL3_RANDOM_SIZE) ||
-                !EVP_DigestFinal_ex(&md, &(exp_iv[0]), NULL)) {
-                EVP_MD_CTX_cleanup(&md);
-                goto err2;
-            }
-            iv = &(exp_iv[0]);
-        }
-    }
-    EVP_MD_CTX_cleanup(&md);
-
-    s->session->key_arg_length = 0;
-
-    if (!EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE)))
-        goto err2;
-
-#ifdef OPENSSL_SSL_TRACE_CRYPTO
-    if (s->msg_callback) {
-
-        int wh = which & SSL3_CC_WRITE ?
-            TLS1_RT_CRYPTO_WRITE : TLS1_RT_CRYPTO_READ;
-        s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_MAC,
-                        mac_secret, EVP_MD_size(m), s, s->msg_callback_arg);
-        if (c->key_len)
-            s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_KEY,
-                            key, c->key_len, s, s->msg_callback_arg);
-        if (k) {
-            s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_IV,
-                            iv, k, s, s->msg_callback_arg);
-        }
-    }
-#endif
-
-    OPENSSL_cleanse(&(exp_key[0]), sizeof(exp_key));
-    OPENSSL_cleanse(&(exp_iv[0]), sizeof(exp_iv));
-    return (1);
- err:
-    SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_MALLOC_FAILURE);
- err2:
-    return (0);
-}
-
-int ssl3_setup_key_block(SSL *s)
-{
-    unsigned char *p;
-    const EVP_CIPHER *c;
-    const EVP_MD *hash;
-    int num;
-    int ret = 0;
-    SSL_COMP *comp;
-
-    if (s->s3->tmp.key_block_length != 0)
-        return (1);
-
-    if (!ssl_cipher_get_evp(s->session, &c, &hash, NULL, NULL, &comp)) {
-        SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK, SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
-        return (0);
-    }
-
-    s->s3->tmp.new_sym_enc = c;
-    s->s3->tmp.new_hash = hash;
-#ifdef OPENSSL_NO_COMP
-    s->s3->tmp.new_compression = NULL;
-#else
-    s->s3->tmp.new_compression = comp;
-#endif
-
-    num = EVP_MD_size(hash);
-    if (num < 0)
-        return 0;
-
-    num = EVP_CIPHER_key_length(c) + num + EVP_CIPHER_iv_length(c);
-    num *= 2;
-
-    ssl3_cleanup_key_block(s);
-
-    if ((p = OPENSSL_malloc(num)) == NULL)
-        goto err;
-
-    s->s3->tmp.key_block_length = num;
-    s->s3->tmp.key_block = p;
-
-    ret = ssl3_generate_key_block(s, p, num);
-
-    if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)) {
-        /*
-         * enable vulnerability countermeasure for CBC ciphers with known-IV
-         * problem (http://www.openssl.org/~bodo/tls-cbc.txt)
-         */
-        s->s3->need_empty_fragments = 1;
-
-        if (s->session->cipher != NULL) {
-            if (s->session->cipher->algorithm_enc == SSL_eNULL)
-                s->s3->need_empty_fragments = 0;
-
-#ifndef OPENSSL_NO_RC4
-            if (s->session->cipher->algorithm_enc == SSL_RC4)
-                s->s3->need_empty_fragments = 0;
-#endif
-        }
-    }
-
-    return ret;
-
- err:
-    SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE);
-    return (0);
-}
-
-void ssl3_cleanup_key_block(SSL *s)
-{
-    if (s->s3->tmp.key_block != NULL) {
-        OPENSSL_cleanse(s->s3->tmp.key_block, s->s3->tmp.key_block_length);
-        OPENSSL_free(s->s3->tmp.key_block);
-        s->s3->tmp.key_block = NULL;
-    }
-    s->s3->tmp.key_block_length = 0;
-}
-
-/*-
- * ssl3_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively.
- *
- * Returns:
- *   0: (in non-constant time) if the record is publically invalid (i.e. too
- *       short etc).
- *   1: if the record's padding is valid / the encryption was successful.
- *   -1: if the record's padding is invalid or, if sending, an internal error
- *       occured.
- */
-int ssl3_enc(SSL *s, int send)
-{
-    SSL3_RECORD *rec;
-    EVP_CIPHER_CTX *ds;
-    unsigned long l;
-    int bs, i, mac_size = 0;
-    const EVP_CIPHER *enc;
-
-    if (send) {
-        ds = s->enc_write_ctx;
-        rec = &(s->s3->wrec);
-        if (s->enc_write_ctx == NULL)
-            enc = NULL;
-        else
-            enc = EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
-    } else {
-        ds = s->enc_read_ctx;
-        rec = &(s->s3->rrec);
-        if (s->enc_read_ctx == NULL)
-            enc = NULL;
-        else
-            enc = EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
-    }
-
-    if ((s->session == NULL) || (ds == NULL) || (enc == NULL)) {
-        memmove(rec->data, rec->input, rec->length);
-        rec->input = rec->data;
-    } else {
-        l = rec->length;
-        bs = EVP_CIPHER_block_size(ds->cipher);
-
-        /* COMPRESS */
-
-        if ((bs != 1) && send) {
-            i = bs - ((int)l % bs);
-
-            /* we need to add 'i-1' padding bytes */
-            l += i;
-            /*
-             * the last of these zero bytes will be overwritten with the
-             * padding length.
-             */
-            memset(&rec->input[rec->length], 0, i);
-            rec->length += i;
-            rec->input[l - 1] = (i - 1);
-        }
-
-        if (!send) {
-            if (l == 0 || l % bs != 0)
-                return 0;
-            /* otherwise, rec->length >= bs */
-        }
-
-        if (EVP_Cipher(ds, rec->data, rec->input, l) < 1)
-            return -1;
-
-        if (EVP_MD_CTX_md(s->read_hash) != NULL)
-            mac_size = EVP_MD_CTX_size(s->read_hash);
-        if ((bs != 1) && !send)
-            return ssl3_cbc_remove_padding(s, rec, bs, mac_size);
-    }
-    return 1;
-}
-
-int ssl3_init_finished_mac(SSL *s)
-{
-    if (s->s3->handshake_buffer)
-        BIO_free(s->s3->handshake_buffer);
-    if (s->s3->handshake_dgst)
-        ssl3_free_digest_list(s);
-    s->s3->handshake_buffer = BIO_new(BIO_s_mem());
-    if (s->s3->handshake_buffer == NULL)
-        return 0;
-    (void)BIO_set_close(s->s3->handshake_buffer, BIO_CLOSE);
-    return 1;
-}
-
-void ssl3_free_digest_list(SSL *s)
-{
-    int i;
-    if (!s->s3->handshake_dgst)
-        return;
-    for (i = 0; i < SSL_MAX_DIGEST; i++) {
-        if (s->s3->handshake_dgst[i])
-            EVP_MD_CTX_destroy(s->s3->handshake_dgst[i]);
-    }
-    OPENSSL_free(s->s3->handshake_dgst);
-    s->s3->handshake_dgst = NULL;
-}
-
-void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len)
-{
-    if (s->s3->handshake_buffer
-        && !(s->s3->flags & TLS1_FLAGS_KEEP_HANDSHAKE)) {
-        BIO_write(s->s3->handshake_buffer, (void *)buf, len);
-    } else {
-        int i;
-        for (i = 0; i < SSL_MAX_DIGEST; i++) {
-            if (s->s3->handshake_dgst[i] != NULL)
-                EVP_DigestUpdate(s->s3->handshake_dgst[i], buf, len);
-        }
-    }
-}
-
-int ssl3_digest_cached_records(SSL *s)
-{
-    int i;
-    long mask;
-    const EVP_MD *md;
-    long hdatalen;
-    void *hdata;
-
-    /* Allocate handshake_dgst array */
-    ssl3_free_digest_list(s);
-    s->s3->handshake_dgst =
-        OPENSSL_malloc(SSL_MAX_DIGEST * sizeof(EVP_MD_CTX *));
-    if (s->s3->handshake_dgst == NULL) {
-        SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    memset(s->s3->handshake_dgst, 0, SSL_MAX_DIGEST * sizeof(EVP_MD_CTX *));
-    hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata);
-    if (hdatalen <= 0) {
-        SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, SSL_R_BAD_HANDSHAKE_LENGTH);
-        return 0;
-    }
-
-    /* Loop through bitso of algorithm2 field and create MD_CTX-es */
-    for (i = 0; ssl_get_handshake_digest(i, &mask, &md); i++) {
-        if ((mask & ssl_get_algorithm2(s)) && md) {
-            s->s3->handshake_dgst[i] = EVP_MD_CTX_create();
-            if (s->s3->handshake_dgst[i] == NULL) {
-                SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, ERR_R_MALLOC_FAILURE);
-                return 0;
-            }
-#ifdef OPENSSL_FIPS
-            if (EVP_MD_nid(md) == NID_md5) {
-                EVP_MD_CTX_set_flags(s->s3->handshake_dgst[i],
-                                     EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
-            }
-#endif
-            if (!EVP_DigestInit_ex(s->s3->handshake_dgst[i], md, NULL)
-                || !EVP_DigestUpdate(s->s3->handshake_dgst[i], hdata,
-                                     hdatalen)) {
-                SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, ERR_R_INTERNAL_ERROR);
-                return 0;
-            }
-        } else {
-            s->s3->handshake_dgst[i] = NULL;
-        }
-    }
-    if (!(s->s3->flags & TLS1_FLAGS_KEEP_HANDSHAKE)) {
-        /* Free handshake_buffer BIO */
-        BIO_free(s->s3->handshake_buffer);
-        s->s3->handshake_buffer = NULL;
-    }
-
-    return 1;
-}
-
-int ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p)
-{
-    return (ssl3_handshake_mac(s, md_nid, NULL, 0, p));
-}
-
-int ssl3_final_finish_mac(SSL *s,
-                          const char *sender, int len, unsigned char *p)
-{
-    int ret, sha1len;
-    ret = ssl3_handshake_mac(s, NID_md5, sender, len, p);
-    if (ret == 0)
-        return 0;
-
-    p += ret;
-
-    sha1len = ssl3_handshake_mac(s, NID_sha1, sender, len, p);
-    if (sha1len == 0)
-        return 0;
-
-    ret += sha1len;
-    return (ret);
-}
-
-static int ssl3_handshake_mac(SSL *s, int md_nid,
-                              const char *sender, int len, unsigned char *p)
-{
-    unsigned int ret;
-    int npad, n;
-    unsigned int i;
-    unsigned char md_buf[EVP_MAX_MD_SIZE];
-    EVP_MD_CTX ctx, *d = NULL;
-
-    if (s->s3->handshake_buffer)
-        if (!ssl3_digest_cached_records(s))
-            return 0;
-
-    /*
-     * Search for digest of specified type in the handshake_dgst array
-     */
-    for (i = 0; i < SSL_MAX_DIGEST; i++) {
-        if (s->s3->handshake_dgst[i]
-            && EVP_MD_CTX_type(s->s3->handshake_dgst[i]) == md_nid) {
-            d = s->s3->handshake_dgst[i];
-            break;
-        }
-    }
-    if (!d) {
-        SSLerr(SSL_F_SSL3_HANDSHAKE_MAC, SSL_R_NO_REQUIRED_DIGEST);
-        return 0;
-    }
-    EVP_MD_CTX_init(&ctx);
-    EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
-    EVP_MD_CTX_copy_ex(&ctx, d);
-    n = EVP_MD_CTX_size(&ctx);
-    if (n < 0)
-        return 0;
-
-    npad = (48 / n) * n;
-    if ((sender != NULL && EVP_DigestUpdate(&ctx, sender, len) <= 0)
-            || EVP_DigestUpdate(&ctx, s->session->master_key,
-                                s->session->master_key_length) <= 0
-            || EVP_DigestUpdate(&ctx, ssl3_pad_1, npad) <= 0
-            || EVP_DigestFinal_ex(&ctx, md_buf, &i) <= 0
-
-            || EVP_DigestInit_ex(&ctx, EVP_MD_CTX_md(&ctx), NULL) <= 0
-            || EVP_DigestUpdate(&ctx, s->session->master_key,
-                                s->session->master_key_length) <= 0
-            || EVP_DigestUpdate(&ctx, ssl3_pad_2, npad) <= 0
-            || EVP_DigestUpdate(&ctx, md_buf, i) <= 0
-            || EVP_DigestFinal_ex(&ctx, p, &ret) <= 0) {
-        SSLerr(SSL_F_SSL3_HANDSHAKE_MAC, ERR_R_INTERNAL_ERROR);
-        ret = 0;
-    }
-
-    EVP_MD_CTX_cleanup(&ctx);
-
-    return ((int)ret);
-}
-
-int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
-{
-    SSL3_RECORD *rec;
-    unsigned char *mac_sec, *seq;
-    EVP_MD_CTX md_ctx;
-    const EVP_MD_CTX *hash;
-    unsigned char *p, rec_char;
-    size_t md_size, orig_len;
-    int npad;
-    int t;
-
-    if (send) {
-        rec = &(ssl->s3->wrec);
-        mac_sec = &(ssl->s3->write_mac_secret[0]);
-        seq = &(ssl->s3->write_sequence[0]);
-        hash = ssl->write_hash;
-    } else {
-        rec = &(ssl->s3->rrec);
-        mac_sec = &(ssl->s3->read_mac_secret[0]);
-        seq = &(ssl->s3->read_sequence[0]);
-        hash = ssl->read_hash;
-    }
-
-    t = EVP_MD_CTX_size(hash);
-    if (t < 0)
-        return -1;
-    md_size = t;
-    npad = (48 / md_size) * md_size;
-
-    /*
-     * kludge: ssl3_cbc_remove_padding passes padding length in rec->type
-     */
-    orig_len = rec->length + md_size + ((unsigned int)rec->type >> 8);
-    rec->type &= 0xff;
-
-    if (!send &&
-        EVP_CIPHER_CTX_mode(ssl->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
-        ssl3_cbc_record_digest_supported(hash)) {
-        /*
-         * This is a CBC-encrypted record. We must avoid leaking any
-         * timing-side channel information about how many blocks of data we
-         * are hashing because that gives an attacker a timing-oracle.
-         */
-
-        /*-
-         * npad is, at most, 48 bytes and that's with MD5:
-         *   16 + 48 + 8 (sequence bytes) + 1 + 2 = 75.
-         *
-         * With SHA-1 (the largest hash speced for SSLv3) the hash size
-         * goes up 4, but npad goes down by 8, resulting in a smaller
-         * total size.
-         */
-        unsigned char header[75];
-        unsigned j = 0;
-        memcpy(header + j, mac_sec, md_size);
-        j += md_size;
-        memcpy(header + j, ssl3_pad_1, npad);
-        j += npad;
-        memcpy(header + j, seq, 8);
-        j += 8;
-        header[j++] = rec->type;
-        header[j++] = rec->length >> 8;
-        header[j++] = rec->length & 0xff;
-
-        /* Final param == is SSLv3 */
-        if (ssl3_cbc_digest_record(hash,
-                                   md, &md_size,
-                                   header, rec->input,
-                                   rec->length + md_size, orig_len,
-                                   mac_sec, md_size, 1) <= 0)
-            return -1;
-    } else {
-        unsigned int md_size_u;
-        /* Chop the digest off the end :-) */
-        EVP_MD_CTX_init(&md_ctx);
-
-        rec_char = rec->type;
-        p = md;
-        s2n(rec->length, p);
-        if (EVP_MD_CTX_copy_ex(&md_ctx, hash) <= 0
-                || EVP_DigestUpdate(&md_ctx, mac_sec, md_size) <= 0
-                || EVP_DigestUpdate(&md_ctx, ssl3_pad_1, npad) <= 0
-                || EVP_DigestUpdate(&md_ctx, seq, 8) <= 0
-                || EVP_DigestUpdate(&md_ctx, &rec_char, 1) <= 0
-                || EVP_DigestUpdate(&md_ctx, md, 2) <= 0
-                || EVP_DigestUpdate(&md_ctx, rec->input, rec->length) <= 0
-                || EVP_DigestFinal_ex(&md_ctx, md, NULL) <= 0
-                || EVP_MD_CTX_copy_ex(&md_ctx, hash) <= 0
-                || EVP_DigestUpdate(&md_ctx, mac_sec, md_size) <= 0
-                || EVP_DigestUpdate(&md_ctx, ssl3_pad_2, npad) <= 0
-                || EVP_DigestUpdate(&md_ctx, md, md_size) <= 0
-                || EVP_DigestFinal_ex(&md_ctx, md, &md_size_u) <= 0) {
-            EVP_MD_CTX_cleanup(&md_ctx);
-            return -1;
-        }
-        md_size = md_size_u;
-
-        EVP_MD_CTX_cleanup(&md_ctx);
-    }
-
-    ssl3_record_sequence_update(seq);
-    return (md_size);
-}
-
-void ssl3_record_sequence_update(unsigned char *seq)
-{
-    int i;
-
-    for (i = 7; i >= 0; i--) {
-        ++seq[i];
-        if (seq[i] != 0)
-            break;
-    }
-}
-
-int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
-                                int len)
-{
-    static const unsigned char *salt[3] = {
-#ifndef CHARSET_EBCDIC
-        (const unsigned char *)"A",
-        (const unsigned char *)"BB",
-        (const unsigned char *)"CCC",
-#else
-        (const unsigned char *)"\x41",
-        (const unsigned char *)"\x42\x42",
-        (const unsigned char *)"\x43\x43\x43",
-#endif
-    };
-    unsigned char buf[EVP_MAX_MD_SIZE];
-    EVP_MD_CTX ctx;
-    int i, ret = 0;
-    unsigned int n;
-#ifdef OPENSSL_SSL_TRACE_CRYPTO
-    unsigned char *tmpout = out;
-#endif
-
-    EVP_MD_CTX_init(&ctx);
-    for (i = 0; i < 3; i++) {
-        if (EVP_DigestInit_ex(&ctx, s->ctx->sha1, NULL) <= 0
-                || EVP_DigestUpdate(&ctx, salt[i],
-                                    strlen((const char *)salt[i])) <= 0
-                || EVP_DigestUpdate(&ctx, p, len) <= 0
-                || EVP_DigestUpdate(&ctx, &(s->s3->client_random[0]),
-                                    SSL3_RANDOM_SIZE) <= 0
-                || EVP_DigestUpdate(&ctx, &(s->s3->server_random[0]),
-                                    SSL3_RANDOM_SIZE) <= 0
-                || EVP_DigestFinal_ex(&ctx, buf, &n) <= 0
-
-                || EVP_DigestInit_ex(&ctx, s->ctx->md5, NULL) <= 0
-                || EVP_DigestUpdate(&ctx, p, len) <= 0
-                || EVP_DigestUpdate(&ctx, buf, n) <= 0
-                || EVP_DigestFinal_ex(&ctx, out, &n) <= 0) {
-            SSLerr(SSL_F_SSL3_GENERATE_MASTER_SECRET, ERR_R_INTERNAL_ERROR);
-            ret = 0;
-            break;
-        }
-        out += n;
-        ret += n;
-    }
-    EVP_MD_CTX_cleanup(&ctx);
-
-#ifdef OPENSSL_SSL_TRACE_CRYPTO
-    if (ret > 0 && s->msg_callback) {
-        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_PREMASTER,
-                        p, len, s, s->msg_callback_arg);
-        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_CLIENT_RANDOM,
-                        s->s3->client_random, SSL3_RANDOM_SIZE,
-                        s, s->msg_callback_arg);
-        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_SERVER_RANDOM,
-                        s->s3->server_random, SSL3_RANDOM_SIZE,
-                        s, s->msg_callback_arg);
-        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_MASTER,
-                        tmpout, SSL3_MASTER_SECRET_SIZE,
-                        s, s->msg_callback_arg);
-    }
-#endif
-    OPENSSL_cleanse(buf, sizeof(buf));
-    return (ret);
-}
-
-int ssl3_alert_code(int code)
-{
-    switch (code) {
-    case SSL_AD_CLOSE_NOTIFY:
-        return (SSL3_AD_CLOSE_NOTIFY);
-    case SSL_AD_UNEXPECTED_MESSAGE:
-        return (SSL3_AD_UNEXPECTED_MESSAGE);
-    case SSL_AD_BAD_RECORD_MAC:
-        return (SSL3_AD_BAD_RECORD_MAC);
-    case SSL_AD_DECRYPTION_FAILED:
-        return (SSL3_AD_BAD_RECORD_MAC);
-    case SSL_AD_RECORD_OVERFLOW:
-        return (SSL3_AD_BAD_RECORD_MAC);
-    case SSL_AD_DECOMPRESSION_FAILURE:
-        return (SSL3_AD_DECOMPRESSION_FAILURE);
-    case SSL_AD_HANDSHAKE_FAILURE:
-        return (SSL3_AD_HANDSHAKE_FAILURE);
-    case SSL_AD_NO_CERTIFICATE:
-        return (SSL3_AD_NO_CERTIFICATE);
-    case SSL_AD_BAD_CERTIFICATE:
-        return (SSL3_AD_BAD_CERTIFICATE);
-    case SSL_AD_UNSUPPORTED_CERTIFICATE:
-        return (SSL3_AD_UNSUPPORTED_CERTIFICATE);
-    case SSL_AD_CERTIFICATE_REVOKED:
-        return (SSL3_AD_CERTIFICATE_REVOKED);
-    case SSL_AD_CERTIFICATE_EXPIRED:
-        return (SSL3_AD_CERTIFICATE_EXPIRED);
-    case SSL_AD_CERTIFICATE_UNKNOWN:
-        return (SSL3_AD_CERTIFICATE_UNKNOWN);
-    case SSL_AD_ILLEGAL_PARAMETER:
-        return (SSL3_AD_ILLEGAL_PARAMETER);
-    case SSL_AD_UNKNOWN_CA:
-        return (SSL3_AD_BAD_CERTIFICATE);
-    case SSL_AD_ACCESS_DENIED:
-        return (SSL3_AD_HANDSHAKE_FAILURE);
-    case SSL_AD_DECODE_ERROR:
-        return (SSL3_AD_HANDSHAKE_FAILURE);
-    case SSL_AD_DECRYPT_ERROR:
-        return (SSL3_AD_HANDSHAKE_FAILURE);
-    case SSL_AD_EXPORT_RESTRICTION:
-        return (SSL3_AD_HANDSHAKE_FAILURE);
-    case SSL_AD_PROTOCOL_VERSION:
-        return (SSL3_AD_HANDSHAKE_FAILURE);
-    case SSL_AD_INSUFFICIENT_SECURITY:
-        return (SSL3_AD_HANDSHAKE_FAILURE);
-    case SSL_AD_INTERNAL_ERROR:
-        return (SSL3_AD_HANDSHAKE_FAILURE);
-    case SSL_AD_USER_CANCELLED:
-        return (SSL3_AD_HANDSHAKE_FAILURE);
-    case SSL_AD_NO_RENEGOTIATION:
-        return (-1);            /* Don't send it :-) */
-    case SSL_AD_UNSUPPORTED_EXTENSION:
-        return (SSL3_AD_HANDSHAKE_FAILURE);
-    case SSL_AD_CERTIFICATE_UNOBTAINABLE:
-        return (SSL3_AD_HANDSHAKE_FAILURE);
-    case SSL_AD_UNRECOGNIZED_NAME:
-        return (SSL3_AD_HANDSHAKE_FAILURE);
-    case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
-        return (SSL3_AD_HANDSHAKE_FAILURE);
-    case SSL_AD_BAD_CERTIFICATE_HASH_VALUE:
-        return (SSL3_AD_HANDSHAKE_FAILURE);
-    case SSL_AD_UNKNOWN_PSK_IDENTITY:
-        return (TLS1_AD_UNKNOWN_PSK_IDENTITY);
-    case SSL_AD_INAPPROPRIATE_FALLBACK:
-        return (TLS1_AD_INAPPROPRIATE_FALLBACK);
-    default:
-        return (-1);
-    }
-}
diff --git a/thirdparty/openssl/ssl/s3_lib.c b/thirdparty/openssl/ssl/s3_lib.c
deleted file mode 100644
index 1014a3fce1..0000000000
--- a/thirdparty/openssl/ssl/s3_lib.c
+++ /dev/null
@@ -1,4539 +0,0 @@
-/* ssl/s3_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * ECC cipher suite support in OpenSSL originally written by
- * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include "ssl_locl.h"
-#include "kssl_lcl.h"
-#include <openssl/md5.h>
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-
-const char ssl3_version_str[] = "SSLv3" OPENSSL_VERSION_PTEXT;
-
-#define SSL3_NUM_CIPHERS        (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
-
-/* list of available SSLv3 ciphers (sorted by id) */
-OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
-
-/* The RSA ciphers */
-/* Cipher 01 */
-    {
-     1,
-     SSL3_TXT_RSA_NULL_MD5,
-     SSL3_CK_RSA_NULL_MD5,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_eNULL,
-     SSL_MD5,
-     SSL_SSLV3,
-     SSL_NOT_EXP | SSL_STRONG_NONE,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     0,
-     0,
-     },
-
-/* Cipher 02 */
-    {
-     1,
-     SSL3_TXT_RSA_NULL_SHA,
-     SSL3_CK_RSA_NULL_SHA,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_eNULL,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     0,
-     0,
-     },
-
-/* Cipher 03 */
-#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     SSL3_TXT_RSA_RC4_40_MD5,
-     SSL3_CK_RSA_RC4_40_MD5,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_RC4,
-     SSL_MD5,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     40,
-     128,
-     },
-#endif
-
-/* Cipher 04 */
-    {
-     1,
-     SSL3_TXT_RSA_RC4_128_MD5,
-     SSL3_CK_RSA_RC4_128_MD5,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_RC4,
-     SSL_MD5,
-     SSL_SSLV3,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-/* Cipher 05 */
-    {
-     1,
-     SSL3_TXT_RSA_RC4_128_SHA,
-     SSL3_CK_RSA_RC4_128_SHA,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_RC4,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-/* Cipher 06 */
-#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     SSL3_TXT_RSA_RC2_40_MD5,
-     SSL3_CK_RSA_RC2_40_MD5,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_RC2,
-     SSL_MD5,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     40,
-     128,
-     },
-#endif
-
-/* Cipher 07 */
-#ifndef OPENSSL_NO_IDEA
-    {
-     1,
-     SSL3_TXT_RSA_IDEA_128_SHA,
-     SSL3_CK_RSA_IDEA_128_SHA,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_IDEA,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-#endif
-
-/* Cipher 08 */
-#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     SSL3_TXT_RSA_DES_40_CBC_SHA,
-     SSL3_CK_RSA_DES_40_CBC_SHA,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_DES,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     40,
-     56,
-     },
-#endif
-
-/* Cipher 09 */
-#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     SSL3_TXT_RSA_DES_64_CBC_SHA,
-     SSL3_CK_RSA_DES_64_CBC_SHA,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_DES,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     56,
-     56,
-     },
-#endif
-
-/* Cipher 0A */
-    {
-     1,
-     SSL3_TXT_RSA_DES_192_CBC3_SHA,
-     SSL3_CK_RSA_DES_192_CBC3_SHA,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_3DES,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     112,
-     168,
-     },
-
-/* The DH ciphers */
-/* Cipher 0B */
-#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     0,
-     SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
-     SSL3_CK_DH_DSS_DES_40_CBC_SHA,
-     SSL_kDHd,
-     SSL_aDH,
-     SSL_DES,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     40,
-     56,
-     },
-#endif
-
-/* Cipher 0C */
-#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
-     SSL3_CK_DH_DSS_DES_64_CBC_SHA,
-     SSL_kDHd,
-     SSL_aDH,
-     SSL_DES,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     56,
-     56,
-     },
-#endif
-
-/* Cipher 0D */
-    {
-     1,
-     SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
-     SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
-     SSL_kDHd,
-     SSL_aDH,
-     SSL_3DES,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     112,
-     168,
-     },
-
-/* Cipher 0E */
-#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     0,
-     SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
-     SSL3_CK_DH_RSA_DES_40_CBC_SHA,
-     SSL_kDHr,
-     SSL_aDH,
-     SSL_DES,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     40,
-     56,
-     },
-#endif
-
-/* Cipher 0F */
-#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
-     SSL3_CK_DH_RSA_DES_64_CBC_SHA,
-     SSL_kDHr,
-     SSL_aDH,
-     SSL_DES,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     56,
-     56,
-     },
-#endif
-
-/* Cipher 10 */
-    {
-     1,
-     SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
-     SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
-     SSL_kDHr,
-     SSL_aDH,
-     SSL_3DES,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     112,
-     168,
-     },
-
-/* The Ephemeral DH ciphers */
-/* Cipher 11 */
-#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
-     SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
-     SSL_kEDH,
-     SSL_aDSS,
-     SSL_DES,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     40,
-     56,
-     },
-#endif
-
-/* Cipher 12 */
-#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
-     SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
-     SSL_kEDH,
-     SSL_aDSS,
-     SSL_DES,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     56,
-     56,
-     },
-#endif
-
-/* Cipher 13 */
-    {
-     1,
-     SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
-     SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
-     SSL_kEDH,
-     SSL_aDSS,
-     SSL_3DES,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     112,
-     168,
-     },
-
-/* Cipher 14 */
-#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
-     SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
-     SSL_kEDH,
-     SSL_aRSA,
-     SSL_DES,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     40,
-     56,
-     },
-#endif
-
-/* Cipher 15 */
-#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
-     SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
-     SSL_kEDH,
-     SSL_aRSA,
-     SSL_DES,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     56,
-     56,
-     },
-#endif
-
-/* Cipher 16 */
-    {
-     1,
-     SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
-     SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
-     SSL_kEDH,
-     SSL_aRSA,
-     SSL_3DES,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     112,
-     168,
-     },
-
-/* Cipher 17 */
-#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     SSL3_TXT_ADH_RC4_40_MD5,
-     SSL3_CK_ADH_RC4_40_MD5,
-     SSL_kEDH,
-     SSL_aNULL,
-     SSL_RC4,
-     SSL_MD5,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     40,
-     128,
-     },
-#endif
-
-/* Cipher 18 */
-    {
-     1,
-     SSL3_TXT_ADH_RC4_128_MD5,
-     SSL3_CK_ADH_RC4_128_MD5,
-     SSL_kEDH,
-     SSL_aNULL,
-     SSL_RC4,
-     SSL_MD5,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-/* Cipher 19 */
-#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     SSL3_TXT_ADH_DES_40_CBC_SHA,
-     SSL3_CK_ADH_DES_40_CBC_SHA,
-     SSL_kEDH,
-     SSL_aNULL,
-     SSL_DES,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     40,
-     128,
-     },
-#endif
-
-/* Cipher 1A */
-#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     SSL3_TXT_ADH_DES_64_CBC_SHA,
-     SSL3_CK_ADH_DES_64_CBC_SHA,
-     SSL_kEDH,
-     SSL_aNULL,
-     SSL_DES,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     56,
-     56,
-     },
-#endif
-
-/* Cipher 1B */
-    {
-     1,
-     SSL3_TXT_ADH_DES_192_CBC_SHA,
-     SSL3_CK_ADH_DES_192_CBC_SHA,
-     SSL_kEDH,
-     SSL_aNULL,
-     SSL_3DES,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     112,
-     168,
-     },
-
-/* Fortezza ciphersuite from SSL 3.0 spec */
-#if 0
-/* Cipher 1C */
-    {
-     0,
-     SSL3_TXT_FZA_DMS_NULL_SHA,
-     SSL3_CK_FZA_DMS_NULL_SHA,
-     SSL_kFZA,
-     SSL_aFZA,
-     SSL_eNULL,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_EXP | SSL_STRONG_NONE,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     0,
-     0,
-     },
-
-/* Cipher 1D */
-    {
-     0,
-     SSL3_TXT_FZA_DMS_FZA_SHA,
-     SSL3_CK_FZA_DMS_FZA_SHA,
-     SSL_kFZA,
-     SSL_aFZA,
-     SSL_eFZA,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_EXP | SSL_STRONG_NONE,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     0,
-     0,
-     },
-
-/* Cipher 1E */
-    {
-     0,
-     SSL3_TXT_FZA_DMS_RC4_SHA,
-     SSL3_CK_FZA_DMS_RC4_SHA,
-     SSL_kFZA,
-     SSL_aFZA,
-     SSL_RC4,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-#endif
-
-#ifndef OPENSSL_NO_KRB5
-/* The Kerberos ciphers*/
-/* Cipher 1E */
-# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     SSL3_TXT_KRB5_DES_64_CBC_SHA,
-     SSL3_CK_KRB5_DES_64_CBC_SHA,
-     SSL_kKRB5,
-     SSL_aKRB5,
-     SSL_DES,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     56,
-     56,
-     },
-# endif
-
-/* Cipher 1F */
-    {
-     1,
-     SSL3_TXT_KRB5_DES_192_CBC3_SHA,
-     SSL3_CK_KRB5_DES_192_CBC3_SHA,
-     SSL_kKRB5,
-     SSL_aKRB5,
-     SSL_3DES,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     112,
-     168,
-     },
-
-/* Cipher 20 */
-    {
-     1,
-     SSL3_TXT_KRB5_RC4_128_SHA,
-     SSL3_CK_KRB5_RC4_128_SHA,
-     SSL_kKRB5,
-     SSL_aKRB5,
-     SSL_RC4,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-/* Cipher 21 */
-    {
-     1,
-     SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
-     SSL3_CK_KRB5_IDEA_128_CBC_SHA,
-     SSL_kKRB5,
-     SSL_aKRB5,
-     SSL_IDEA,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-/* Cipher 22 */
-# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     SSL3_TXT_KRB5_DES_64_CBC_MD5,
-     SSL3_CK_KRB5_DES_64_CBC_MD5,
-     SSL_kKRB5,
-     SSL_aKRB5,
-     SSL_DES,
-     SSL_MD5,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     56,
-     56,
-     },
-# endif
-
-/* Cipher 23 */
-    {
-     1,
-     SSL3_TXT_KRB5_DES_192_CBC3_MD5,
-     SSL3_CK_KRB5_DES_192_CBC3_MD5,
-     SSL_kKRB5,
-     SSL_aKRB5,
-     SSL_3DES,
-     SSL_MD5,
-     SSL_SSLV3,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     112,
-     168,
-     },
-
-/* Cipher 24 */
-    {
-     1,
-     SSL3_TXT_KRB5_RC4_128_MD5,
-     SSL3_CK_KRB5_RC4_128_MD5,
-     SSL_kKRB5,
-     SSL_aKRB5,
-     SSL_RC4,
-     SSL_MD5,
-     SSL_SSLV3,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-/* Cipher 25 */
-    {
-     1,
-     SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
-     SSL3_CK_KRB5_IDEA_128_CBC_MD5,
-     SSL_kKRB5,
-     SSL_aKRB5,
-     SSL_IDEA,
-     SSL_MD5,
-     SSL_SSLV3,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-/* Cipher 26 */
-# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     SSL3_TXT_KRB5_DES_40_CBC_SHA,
-     SSL3_CK_KRB5_DES_40_CBC_SHA,
-     SSL_kKRB5,
-     SSL_aKRB5,
-     SSL_DES,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     40,
-     56,
-     },
-# endif
-
-/* Cipher 27 */
-# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     SSL3_TXT_KRB5_RC2_40_CBC_SHA,
-     SSL3_CK_KRB5_RC2_40_CBC_SHA,
-     SSL_kKRB5,
-     SSL_aKRB5,
-     SSL_RC2,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     40,
-     128,
-     },
-# endif
-
-/* Cipher 28 */
-# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     SSL3_TXT_KRB5_RC4_40_SHA,
-     SSL3_CK_KRB5_RC4_40_SHA,
-     SSL_kKRB5,
-     SSL_aKRB5,
-     SSL_RC4,
-     SSL_SHA1,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     40,
-     128,
-     },
-# endif
-
-/* Cipher 29 */
-# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     SSL3_TXT_KRB5_DES_40_CBC_MD5,
-     SSL3_CK_KRB5_DES_40_CBC_MD5,
-     SSL_kKRB5,
-     SSL_aKRB5,
-     SSL_DES,
-     SSL_MD5,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     40,
-     56,
-     },
-# endif
-
-/* Cipher 2A */
-# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     SSL3_TXT_KRB5_RC2_40_CBC_MD5,
-     SSL3_CK_KRB5_RC2_40_CBC_MD5,
-     SSL_kKRB5,
-     SSL_aKRB5,
-     SSL_RC2,
-     SSL_MD5,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     40,
-     128,
-     },
-# endif
-
-/* Cipher 2B */
-# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     SSL3_TXT_KRB5_RC4_40_MD5,
-     SSL3_CK_KRB5_RC4_40_MD5,
-     SSL_kKRB5,
-     SSL_aKRB5,
-     SSL_RC4,
-     SSL_MD5,
-     SSL_SSLV3,
-     SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     40,
-     128,
-     },
-# endif
-#endif                          /* OPENSSL_NO_KRB5 */
-
-/* New AES ciphersuites */
-/* Cipher 2F */
-    {
-     1,
-     TLS1_TXT_RSA_WITH_AES_128_SHA,
-     TLS1_CK_RSA_WITH_AES_128_SHA,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_AES128,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-/* Cipher 30 */
-    {
-     1,
-     TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
-     TLS1_CK_DH_DSS_WITH_AES_128_SHA,
-     SSL_kDHd,
-     SSL_aDH,
-     SSL_AES128,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-/* Cipher 31 */
-    {
-     1,
-     TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
-     TLS1_CK_DH_RSA_WITH_AES_128_SHA,
-     SSL_kDHr,
-     SSL_aDH,
-     SSL_AES128,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-/* Cipher 32 */
-    {
-     1,
-     TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
-     TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
-     SSL_kEDH,
-     SSL_aDSS,
-     SSL_AES128,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-/* Cipher 33 */
-    {
-     1,
-     TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
-     TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
-     SSL_kEDH,
-     SSL_aRSA,
-     SSL_AES128,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-/* Cipher 34 */
-    {
-     1,
-     TLS1_TXT_ADH_WITH_AES_128_SHA,
-     TLS1_CK_ADH_WITH_AES_128_SHA,
-     SSL_kEDH,
-     SSL_aNULL,
-     SSL_AES128,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-/* Cipher 35 */
-    {
-     1,
-     TLS1_TXT_RSA_WITH_AES_256_SHA,
-     TLS1_CK_RSA_WITH_AES_256_SHA,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_AES256,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-/* Cipher 36 */
-    {
-     1,
-     TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
-     TLS1_CK_DH_DSS_WITH_AES_256_SHA,
-     SSL_kDHd,
-     SSL_aDH,
-     SSL_AES256,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-
-/* Cipher 37 */
-    {
-     1,
-     TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
-     TLS1_CK_DH_RSA_WITH_AES_256_SHA,
-     SSL_kDHr,
-     SSL_aDH,
-     SSL_AES256,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-
-/* Cipher 38 */
-    {
-     1,
-     TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
-     TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
-     SSL_kEDH,
-     SSL_aDSS,
-     SSL_AES256,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-
-/* Cipher 39 */
-    {
-     1,
-     TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
-     TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
-     SSL_kEDH,
-     SSL_aRSA,
-     SSL_AES256,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-
-    /* Cipher 3A */
-    {
-     1,
-     TLS1_TXT_ADH_WITH_AES_256_SHA,
-     TLS1_CK_ADH_WITH_AES_256_SHA,
-     SSL_kEDH,
-     SSL_aNULL,
-     SSL_AES256,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-
-    /* TLS v1.2 ciphersuites */
-    /* Cipher 3B */
-    {
-     1,
-     TLS1_TXT_RSA_WITH_NULL_SHA256,
-     TLS1_CK_RSA_WITH_NULL_SHA256,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_eNULL,
-     SSL_SHA256,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     0,
-     0,
-     },
-
-    /* Cipher 3C */
-    {
-     1,
-     TLS1_TXT_RSA_WITH_AES_128_SHA256,
-     TLS1_CK_RSA_WITH_AES_128_SHA256,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_AES128,
-     SSL_SHA256,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher 3D */
-    {
-     1,
-     TLS1_TXT_RSA_WITH_AES_256_SHA256,
-     TLS1_CK_RSA_WITH_AES_256_SHA256,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_AES256,
-     SSL_SHA256,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-
-    /* Cipher 3E */
-    {
-     1,
-     TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
-     TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
-     SSL_kDHd,
-     SSL_aDH,
-     SSL_AES128,
-     SSL_SHA256,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher 3F */
-    {
-     1,
-     TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
-     TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
-     SSL_kDHr,
-     SSL_aDH,
-     SSL_AES128,
-     SSL_SHA256,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher 40 */
-    {
-     1,
-     TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
-     TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
-     SSL_kEDH,
-     SSL_aDSS,
-     SSL_AES128,
-     SSL_SHA256,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-#ifndef OPENSSL_NO_CAMELLIA
-    /* Camellia ciphersuites from RFC4132 (128-bit portion) */
-
-    /* Cipher 41 */
-    {
-     1,
-     TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
-     TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_CAMELLIA128,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher 42 */
-    {
-     1,
-     TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
-     TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
-     SSL_kDHd,
-     SSL_aDH,
-     SSL_CAMELLIA128,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher 43 */
-    {
-     1,
-     TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
-     TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
-     SSL_kDHr,
-     SSL_aDH,
-     SSL_CAMELLIA128,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher 44 */
-    {
-     1,
-     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
-     TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
-     SSL_kEDH,
-     SSL_aDSS,
-     SSL_CAMELLIA128,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher 45 */
-    {
-     1,
-     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
-     TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
-     SSL_kEDH,
-     SSL_aRSA,
-     SSL_CAMELLIA128,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher 46 */
-    {
-     1,
-     TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
-     TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
-     SSL_kEDH,
-     SSL_aNULL,
-     SSL_CAMELLIA128,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-#endif                          /* OPENSSL_NO_CAMELLIA */
-
-#if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
-    /* New TLS Export CipherSuites from expired ID */
-# if 0
-    /* Cipher 60 */
-    {
-     1,
-     TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
-     TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_RC4,
-     SSL_MD5,
-     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     56,
-     128,
-     },
-
-    /* Cipher 61 */
-    {
-     1,
-     TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
-     TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_RC2,
-     SSL_MD5,
-     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     56,
-     128,
-     },
-# endif
-
-    /* Cipher 62 */
-# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
-     TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_DES,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     56,
-     56,
-     },
-# endif
-
-    /* Cipher 63 */
-# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
-     TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
-     SSL_kEDH,
-     SSL_aDSS,
-     SSL_DES,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     56,
-     56,
-     },
-# endif
-
-    /* Cipher 64 */
-# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
-     TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_RC4,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     56,
-     128,
-     },
-# endif
-
-    /* Cipher 65 */
-# ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-    {
-     1,
-     TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
-     TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
-     SSL_kEDH,
-     SSL_aDSS,
-     SSL_RC4,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     56,
-     128,
-     },
-# endif
-
-    /* Cipher 66 */
-    {
-     1,
-     TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
-     TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
-     SSL_kEDH,
-     SSL_aDSS,
-     SSL_RC4,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-#endif
-
-    /* TLS v1.2 ciphersuites */
-    /* Cipher 67 */
-    {
-     1,
-     TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
-     TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
-     SSL_kEDH,
-     SSL_aRSA,
-     SSL_AES128,
-     SSL_SHA256,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher 68 */
-    {
-     1,
-     TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
-     TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
-     SSL_kDHd,
-     SSL_aDH,
-     SSL_AES256,
-     SSL_SHA256,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-
-    /* Cipher 69 */
-    {
-     1,
-     TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
-     TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
-     SSL_kDHr,
-     SSL_aDH,
-     SSL_AES256,
-     SSL_SHA256,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-
-    /* Cipher 6A */
-    {
-     1,
-     TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
-     TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
-     SSL_kEDH,
-     SSL_aDSS,
-     SSL_AES256,
-     SSL_SHA256,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-
-    /* Cipher 6B */
-    {
-     1,
-     TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
-     TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
-     SSL_kEDH,
-     SSL_aRSA,
-     SSL_AES256,
-     SSL_SHA256,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-
-    /* Cipher 6C */
-    {
-     1,
-     TLS1_TXT_ADH_WITH_AES_128_SHA256,
-     TLS1_CK_ADH_WITH_AES_128_SHA256,
-     SSL_kEDH,
-     SSL_aNULL,
-     SSL_AES128,
-     SSL_SHA256,
-     SSL_TLSV1_2,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher 6D */
-    {
-     1,
-     TLS1_TXT_ADH_WITH_AES_256_SHA256,
-     TLS1_CK_ADH_WITH_AES_256_SHA256,
-     SSL_kEDH,
-     SSL_aNULL,
-     SSL_AES256,
-     SSL_SHA256,
-     SSL_TLSV1_2,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-
-    /* GOST Ciphersuites */
-
-    {
-     1,
-     "GOST94-GOST89-GOST89",
-     0x3000080,
-     SSL_kGOST,
-     SSL_aGOST94,
-     SSL_eGOST2814789CNT,
-     SSL_GOST89MAC,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
-     256,
-     256},
-    {
-     1,
-     "GOST2001-GOST89-GOST89",
-     0x3000081,
-     SSL_kGOST,
-     SSL_aGOST01,
-     SSL_eGOST2814789CNT,
-     SSL_GOST89MAC,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
-     256,
-     256},
-    {
-     1,
-     "GOST94-NULL-GOST94",
-     0x3000082,
-     SSL_kGOST,
-     SSL_aGOST94,
-     SSL_eNULL,
-     SSL_GOST94,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_STRONG_NONE,
-     SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
-     0,
-     0},
-    {
-     1,
-     "GOST2001-NULL-GOST94",
-     0x3000083,
-     SSL_kGOST,
-     SSL_aGOST01,
-     SSL_eNULL,
-     SSL_GOST94,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_STRONG_NONE,
-     SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
-     0,
-     0},
-
-#ifndef OPENSSL_NO_CAMELLIA
-    /* Camellia ciphersuites from RFC4132 (256-bit portion) */
-
-    /* Cipher 84 */
-    {
-     1,
-     TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
-     TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_CAMELLIA256,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-    /* Cipher 85 */
-    {
-     1,
-     TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
-     TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
-     SSL_kDHd,
-     SSL_aDH,
-     SSL_CAMELLIA256,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-
-    /* Cipher 86 */
-    {
-     1,
-     TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
-     TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
-     SSL_kDHr,
-     SSL_aDH,
-     SSL_CAMELLIA256,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-
-    /* Cipher 87 */
-    {
-     1,
-     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
-     TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
-     SSL_kEDH,
-     SSL_aDSS,
-     SSL_CAMELLIA256,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-
-    /* Cipher 88 */
-    {
-     1,
-     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
-     TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
-     SSL_kEDH,
-     SSL_aRSA,
-     SSL_CAMELLIA256,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-
-    /* Cipher 89 */
-    {
-     1,
-     TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
-     TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
-     SSL_kEDH,
-     SSL_aNULL,
-     SSL_CAMELLIA256,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-#endif                          /* OPENSSL_NO_CAMELLIA */
-
-#ifndef OPENSSL_NO_PSK
-    /* Cipher 8A */
-    {
-     1,
-     TLS1_TXT_PSK_WITH_RC4_128_SHA,
-     TLS1_CK_PSK_WITH_RC4_128_SHA,
-     SSL_kPSK,
-     SSL_aPSK,
-     SSL_RC4,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher 8B */
-    {
-     1,
-     TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
-     TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
-     SSL_kPSK,
-     SSL_aPSK,
-     SSL_3DES,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     112,
-     168,
-     },
-
-    /* Cipher 8C */
-    {
-     1,
-     TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
-     TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
-     SSL_kPSK,
-     SSL_aPSK,
-     SSL_AES128,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher 8D */
-    {
-     1,
-     TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
-     TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
-     SSL_kPSK,
-     SSL_aPSK,
-     SSL_AES256,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-#endif                          /* OPENSSL_NO_PSK */
-
-#ifndef OPENSSL_NO_SEED
-    /* SEED ciphersuites from RFC4162 */
-
-    /* Cipher 96 */
-    {
-     1,
-     TLS1_TXT_RSA_WITH_SEED_SHA,
-     TLS1_CK_RSA_WITH_SEED_SHA,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_SEED,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher 97 */
-    {
-     1,
-     TLS1_TXT_DH_DSS_WITH_SEED_SHA,
-     TLS1_CK_DH_DSS_WITH_SEED_SHA,
-     SSL_kDHd,
-     SSL_aDH,
-     SSL_SEED,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher 98 */
-    {
-     1,
-     TLS1_TXT_DH_RSA_WITH_SEED_SHA,
-     TLS1_CK_DH_RSA_WITH_SEED_SHA,
-     SSL_kDHr,
-     SSL_aDH,
-     SSL_SEED,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher 99 */
-    {
-     1,
-     TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
-     TLS1_CK_DHE_DSS_WITH_SEED_SHA,
-     SSL_kEDH,
-     SSL_aDSS,
-     SSL_SEED,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher 9A */
-    {
-     1,
-     TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
-     TLS1_CK_DHE_RSA_WITH_SEED_SHA,
-     SSL_kEDH,
-     SSL_aRSA,
-     SSL_SEED,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher 9B */
-    {
-     1,
-     TLS1_TXT_ADH_WITH_SEED_SHA,
-     TLS1_CK_ADH_WITH_SEED_SHA,
-     SSL_kEDH,
-     SSL_aNULL,
-     SSL_SEED,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-#endif                          /* OPENSSL_NO_SEED */
-
-    /* GCM ciphersuites from RFC5288 */
-
-    /* Cipher 9C */
-    {
-     1,
-     TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
-     TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_AES128GCM,
-     SSL_AEAD,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
-     128,
-     128,
-     },
-
-    /* Cipher 9D */
-    {
-     1,
-     TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
-     TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_AES256GCM,
-     SSL_AEAD,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
-     256,
-     256,
-     },
-
-    /* Cipher 9E */
-    {
-     1,
-     TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
-     TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
-     SSL_kEDH,
-     SSL_aRSA,
-     SSL_AES128GCM,
-     SSL_AEAD,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
-     128,
-     128,
-     },
-
-    /* Cipher 9F */
-    {
-     1,
-     TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
-     TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
-     SSL_kEDH,
-     SSL_aRSA,
-     SSL_AES256GCM,
-     SSL_AEAD,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
-     256,
-     256,
-     },
-
-    /* Cipher A0 */
-    {
-     1,
-     TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
-     TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
-     SSL_kDHr,
-     SSL_aDH,
-     SSL_AES128GCM,
-     SSL_AEAD,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
-     128,
-     128,
-     },
-
-    /* Cipher A1 */
-    {
-     1,
-     TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
-     TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
-     SSL_kDHr,
-     SSL_aDH,
-     SSL_AES256GCM,
-     SSL_AEAD,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
-     256,
-     256,
-     },
-
-    /* Cipher A2 */
-    {
-     1,
-     TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
-     TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
-     SSL_kEDH,
-     SSL_aDSS,
-     SSL_AES128GCM,
-     SSL_AEAD,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
-     128,
-     128,
-     },
-
-    /* Cipher A3 */
-    {
-     1,
-     TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
-     TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
-     SSL_kEDH,
-     SSL_aDSS,
-     SSL_AES256GCM,
-     SSL_AEAD,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
-     256,
-     256,
-     },
-
-    /* Cipher A4 */
-    {
-     1,
-     TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
-     TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
-     SSL_kDHd,
-     SSL_aDH,
-     SSL_AES128GCM,
-     SSL_AEAD,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
-     128,
-     128,
-     },
-
-    /* Cipher A5 */
-    {
-     1,
-     TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
-     TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
-     SSL_kDHd,
-     SSL_aDH,
-     SSL_AES256GCM,
-     SSL_AEAD,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
-     256,
-     256,
-     },
-
-    /* Cipher A6 */
-    {
-     1,
-     TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
-     TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
-     SSL_kEDH,
-     SSL_aNULL,
-     SSL_AES128GCM,
-     SSL_AEAD,
-     SSL_TLSV1_2,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
-     128,
-     128,
-     },
-
-    /* Cipher A7 */
-    {
-     1,
-     TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
-     TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
-     SSL_kEDH,
-     SSL_aNULL,
-     SSL_AES256GCM,
-     SSL_AEAD,
-     SSL_TLSV1_2,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
-     256,
-     256,
-     },
-#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
-    {
-     1,
-     "SCSV",
-     SSL3_CK_SCSV,
-     0,
-     0,
-     0,
-     0,
-     0,
-     0,
-     0,
-     0,
-     0},
-#endif
-
-#ifndef OPENSSL_NO_ECDH
-    /* Cipher C001 */
-    {
-     1,
-     TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
-     TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
-     SSL_kECDHe,
-     SSL_aECDH,
-     SSL_eNULL,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     0,
-     0,
-     },
-
-    /* Cipher C002 */
-    {
-     1,
-     TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
-     TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
-     SSL_kECDHe,
-     SSL_aECDH,
-     SSL_RC4,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher C003 */
-    {
-     1,
-     TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
-     TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
-     SSL_kECDHe,
-     SSL_aECDH,
-     SSL_3DES,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     112,
-     168,
-     },
-
-    /* Cipher C004 */
-    {
-     1,
-     TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
-     TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
-     SSL_kECDHe,
-     SSL_aECDH,
-     SSL_AES128,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher C005 */
-    {
-     1,
-     TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
-     TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
-     SSL_kECDHe,
-     SSL_aECDH,
-     SSL_AES256,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-
-    /* Cipher C006 */
-    {
-     1,
-     TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
-     TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
-     SSL_kEECDH,
-     SSL_aECDSA,
-     SSL_eNULL,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     0,
-     0,
-     },
-
-    /* Cipher C007 */
-    {
-     1,
-     TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
-     TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
-     SSL_kEECDH,
-     SSL_aECDSA,
-     SSL_RC4,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher C008 */
-    {
-     1,
-     TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
-     TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
-     SSL_kEECDH,
-     SSL_aECDSA,
-     SSL_3DES,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     112,
-     168,
-     },
-
-    /* Cipher C009 */
-    {
-     1,
-     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-     SSL_kEECDH,
-     SSL_aECDSA,
-     SSL_AES128,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher C00A */
-    {
-     1,
-     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
-     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
-     SSL_kEECDH,
-     SSL_aECDSA,
-     SSL_AES256,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-
-    /* Cipher C00B */
-    {
-     1,
-     TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
-     TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
-     SSL_kECDHr,
-     SSL_aECDH,
-     SSL_eNULL,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     0,
-     0,
-     },
-
-    /* Cipher C00C */
-    {
-     1,
-     TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
-     TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
-     SSL_kECDHr,
-     SSL_aECDH,
-     SSL_RC4,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher C00D */
-    {
-     1,
-     TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
-     TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
-     SSL_kECDHr,
-     SSL_aECDH,
-     SSL_3DES,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     112,
-     168,
-     },
-
-    /* Cipher C00E */
-    {
-     1,
-     TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
-     TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
-     SSL_kECDHr,
-     SSL_aECDH,
-     SSL_AES128,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher C00F */
-    {
-     1,
-     TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
-     TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
-     SSL_kECDHr,
-     SSL_aECDH,
-     SSL_AES256,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-
-    /* Cipher C010 */
-    {
-     1,
-     TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
-     TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
-     SSL_kEECDH,
-     SSL_aRSA,
-     SSL_eNULL,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     0,
-     0,
-     },
-
-    /* Cipher C011 */
-    {
-     1,
-     TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
-     TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
-     SSL_kEECDH,
-     SSL_aRSA,
-     SSL_RC4,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher C012 */
-    {
-     1,
-     TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
-     TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
-     SSL_kEECDH,
-     SSL_aRSA,
-     SSL_3DES,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     112,
-     168,
-     },
-
-    /* Cipher C013 */
-    {
-     1,
-     TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-     TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-     SSL_kEECDH,
-     SSL_aRSA,
-     SSL_AES128,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher C014 */
-    {
-     1,
-     TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-     TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-     SSL_kEECDH,
-     SSL_aRSA,
-     SSL_AES256,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-
-    /* Cipher C015 */
-    {
-     1,
-     TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
-     TLS1_CK_ECDH_anon_WITH_NULL_SHA,
-     SSL_kEECDH,
-     SSL_aNULL,
-     SSL_eNULL,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     0,
-     0,
-     },
-
-    /* Cipher C016 */
-    {
-     1,
-     TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
-     TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
-     SSL_kEECDH,
-     SSL_aNULL,
-     SSL_RC4,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher C017 */
-    {
-     1,
-     TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
-     TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
-     SSL_kEECDH,
-     SSL_aNULL,
-     SSL_3DES,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     112,
-     168,
-     },
-
-    /* Cipher C018 */
-    {
-     1,
-     TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
-     TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
-     SSL_kEECDH,
-     SSL_aNULL,
-     SSL_AES128,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher C019 */
-    {
-     1,
-     TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
-     TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
-     SSL_kEECDH,
-     SSL_aNULL,
-     SSL_AES256,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-#endif                          /* OPENSSL_NO_ECDH */
-
-#ifndef OPENSSL_NO_SRP
-    /* Cipher C01A */
-    {
-     1,
-     TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
-     TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
-     SSL_kSRP,
-     SSL_aSRP,
-     SSL_3DES,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     112,
-     168,
-     },
-
-    /* Cipher C01B */
-    {
-     1,
-     TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
-     TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
-     SSL_kSRP,
-     SSL_aRSA,
-     SSL_3DES,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     112,
-     168,
-     },
-
-    /* Cipher C01C */
-    {
-     1,
-     TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
-     TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
-     SSL_kSRP,
-     SSL_aDSS,
-     SSL_3DES,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_MEDIUM,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     112,
-     168,
-     },
-
-    /* Cipher C01D */
-    {
-     1,
-     TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
-     TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
-     SSL_kSRP,
-     SSL_aSRP,
-     SSL_AES128,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher C01E */
-    {
-     1,
-     TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
-     TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
-     SSL_kSRP,
-     SSL_aRSA,
-     SSL_AES128,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher C01F */
-    {
-     1,
-     TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
-     TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
-     SSL_kSRP,
-     SSL_aDSS,
-     SSL_AES128,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     128,
-     128,
-     },
-
-    /* Cipher C020 */
-    {
-     1,
-     TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
-     TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
-     SSL_kSRP,
-     SSL_aSRP,
-     SSL_AES256,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-
-    /* Cipher C021 */
-    {
-     1,
-     TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
-     TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
-     SSL_kSRP,
-     SSL_aRSA,
-     SSL_AES256,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-
-    /* Cipher C022 */
-    {
-     1,
-     TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
-     TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
-     SSL_kSRP,
-     SSL_aDSS,
-     SSL_AES256,
-     SSL_SHA1,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-#endif                          /* OPENSSL_NO_SRP */
-#ifndef OPENSSL_NO_ECDH
-
-    /* HMAC based TLS v1.2 ciphersuites from RFC5289 */
-
-    /* Cipher C023 */
-    {
-     1,
-     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
-     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
-     SSL_kEECDH,
-     SSL_aECDSA,
-     SSL_AES128,
-     SSL_SHA256,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
-     128,
-     128,
-     },
-
-    /* Cipher C024 */
-    {
-     1,
-     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
-     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
-     SSL_kEECDH,
-     SSL_aECDSA,
-     SSL_AES256,
-     SSL_SHA384,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
-     256,
-     256,
-     },
-
-    /* Cipher C025 */
-    {
-     1,
-     TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
-     TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
-     SSL_kECDHe,
-     SSL_aECDH,
-     SSL_AES128,
-     SSL_SHA256,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
-     128,
-     128,
-     },
-
-    /* Cipher C026 */
-    {
-     1,
-     TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
-     TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
-     SSL_kECDHe,
-     SSL_aECDH,
-     SSL_AES256,
-     SSL_SHA384,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
-     256,
-     256,
-     },
-
-    /* Cipher C027 */
-    {
-     1,
-     TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
-     TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
-     SSL_kEECDH,
-     SSL_aRSA,
-     SSL_AES128,
-     SSL_SHA256,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
-     128,
-     128,
-     },
-
-    /* Cipher C028 */
-    {
-     1,
-     TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
-     TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
-     SSL_kEECDH,
-     SSL_aRSA,
-     SSL_AES256,
-     SSL_SHA384,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
-     256,
-     256,
-     },
-
-    /* Cipher C029 */
-    {
-     1,
-     TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
-     TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
-     SSL_kECDHr,
-     SSL_aECDH,
-     SSL_AES128,
-     SSL_SHA256,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
-     128,
-     128,
-     },
-
-    /* Cipher C02A */
-    {
-     1,
-     TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
-     TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
-     SSL_kECDHr,
-     SSL_aECDH,
-     SSL_AES256,
-     SSL_SHA384,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
-     256,
-     256,
-     },
-
-    /* GCM based TLS v1.2 ciphersuites from RFC5289 */
-
-    /* Cipher C02B */
-    {
-     1,
-     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-     SSL_kEECDH,
-     SSL_aECDSA,
-     SSL_AES128GCM,
-     SSL_AEAD,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
-     128,
-     128,
-     },
-
-    /* Cipher C02C */
-    {
-     1,
-     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
-     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
-     SSL_kEECDH,
-     SSL_aECDSA,
-     SSL_AES256GCM,
-     SSL_AEAD,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
-     256,
-     256,
-     },
-
-    /* Cipher C02D */
-    {
-     1,
-     TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
-     TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
-     SSL_kECDHe,
-     SSL_aECDH,
-     SSL_AES128GCM,
-     SSL_AEAD,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
-     128,
-     128,
-     },
-
-    /* Cipher C02E */
-    {
-     1,
-     TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
-     TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
-     SSL_kECDHe,
-     SSL_aECDH,
-     SSL_AES256GCM,
-     SSL_AEAD,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
-     256,
-     256,
-     },
-
-    /* Cipher C02F */
-    {
-     1,
-     TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-     TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-     SSL_kEECDH,
-     SSL_aRSA,
-     SSL_AES128GCM,
-     SSL_AEAD,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
-     128,
-     128,
-     },
-
-    /* Cipher C030 */
-    {
-     1,
-     TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-     TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-     SSL_kEECDH,
-     SSL_aRSA,
-     SSL_AES256GCM,
-     SSL_AEAD,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
-     256,
-     256,
-     },
-
-    /* Cipher C031 */
-    {
-     1,
-     TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
-     TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
-     SSL_kECDHr,
-     SSL_aECDH,
-     SSL_AES128GCM,
-     SSL_AEAD,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
-     128,
-     128,
-     },
-
-    /* Cipher C032 */
-    {
-     1,
-     TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
-     TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
-     SSL_kECDHr,
-     SSL_aECDH,
-     SSL_AES256GCM,
-     SSL_AEAD,
-     SSL_TLSV1_2,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
-     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
-     256,
-     256,
-     },
-
-#endif                          /* OPENSSL_NO_ECDH */
-
-#ifdef TEMP_GOST_TLS
-/* Cipher FF00 */
-    {
-     1,
-     "GOST-MD5",
-     0x0300ff00,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_eGOST2814789CNT,
-     SSL_MD5,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256,
-     },
-    {
-     1,
-     "GOST-GOST94",
-     0x0300ff01,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_eGOST2814789CNT,
-     SSL_GOST94,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256},
-    {
-     1,
-     "GOST-GOST89MAC",
-     0x0300ff02,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_eGOST2814789CNT,
-     SSL_GOST89MAC,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
-     256,
-     256},
-    {
-     1,
-     "GOST-GOST89STREAM",
-     0x0300ff03,
-     SSL_kRSA,
-     SSL_aRSA,
-     SSL_eGOST2814789CNT,
-     SSL_GOST89MAC,
-     SSL_TLSV1,
-     SSL_NOT_EXP | SSL_HIGH,
-     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF | TLS1_STREAM_MAC,
-     256,
-     256},
-#endif
-
-/* end of list */
-};
-
-SSL3_ENC_METHOD SSLv3_enc_data = {
-    ssl3_enc,
-    n_ssl3_mac,
-    ssl3_setup_key_block,
-    ssl3_generate_master_secret,
-    ssl3_change_cipher_state,
-    ssl3_final_finish_mac,
-    MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH,
-    ssl3_cert_verify_mac,
-    SSL3_MD_CLIENT_FINISHED_CONST, 4,
-    SSL3_MD_SERVER_FINISHED_CONST, 4,
-    ssl3_alert_code,
-    (int (*)(SSL *, unsigned char *, size_t, const char *,
-             size_t, const unsigned char *, size_t,
-             int use_context))ssl_undefined_function,
-    0,
-    SSL3_HM_HEADER_LENGTH,
-    ssl3_set_handshake_header,
-    ssl3_handshake_write
-};
-
-long ssl3_default_timeout(void)
-{
-    /*
-     * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for
-     * http, the cache would over fill
-     */
-    return (60 * 60 * 2);
-}
-
-int ssl3_num_ciphers(void)
-{
-    return (SSL3_NUM_CIPHERS);
-}
-
-const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
-{
-    if (u < SSL3_NUM_CIPHERS)
-        return (&(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u]));
-    else
-        return (NULL);
-}
-
-int ssl3_pending(const SSL *s)
-{
-    if (s->rstate == SSL_ST_READ_BODY)
-        return 0;
-
-    return (s->s3->rrec.type ==
-            SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
-}
-
-void ssl3_set_handshake_header(SSL *s, int htype, unsigned long len)
-{
-    unsigned char *p = (unsigned char *)s->init_buf->data;
-    *(p++) = htype;
-    l2n3(len, p);
-    s->init_num = (int)len + SSL3_HM_HEADER_LENGTH;
-    s->init_off = 0;
-}
-
-int ssl3_handshake_write(SSL *s)
-{
-    return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
-}
-
-int ssl3_new(SSL *s)
-{
-    SSL3_STATE *s3;
-
-    if ((s3 = OPENSSL_malloc(sizeof *s3)) == NULL)
-        goto err;
-    memset(s3, 0, sizeof *s3);
-    memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num));
-    memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num));
-
-    s->s3 = s3;
-
-#ifndef OPENSSL_NO_SRP
-    SSL_SRP_CTX_init(s);
-#endif
-    s->method->ssl_clear(s);
-    return (1);
- err:
-    return (0);
-}
-
-void ssl3_free(SSL *s)
-{
-    if (s == NULL || s->s3 == NULL)
-        return;
-
-#ifdef TLSEXT_TYPE_opaque_prf_input
-    if (s->s3->client_opaque_prf_input != NULL)
-        OPENSSL_free(s->s3->client_opaque_prf_input);
-    if (s->s3->server_opaque_prf_input != NULL)
-        OPENSSL_free(s->s3->server_opaque_prf_input);
-#endif
-
-    ssl3_cleanup_key_block(s);
-    if (s->s3->rbuf.buf != NULL)
-        ssl3_release_read_buffer(s);
-    if (s->s3->wbuf.buf != NULL)
-        ssl3_release_write_buffer(s);
-    if (s->s3->rrec.comp != NULL)
-        OPENSSL_free(s->s3->rrec.comp);
-#ifndef OPENSSL_NO_DH
-    if (s->s3->tmp.dh != NULL)
-        DH_free(s->s3->tmp.dh);
-#endif
-#ifndef OPENSSL_NO_ECDH
-    if (s->s3->tmp.ecdh != NULL)
-        EC_KEY_free(s->s3->tmp.ecdh);
-#endif
-
-    if (s->s3->tmp.ca_names != NULL)
-        sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
-    if (s->s3->handshake_buffer) {
-        BIO_free(s->s3->handshake_buffer);
-    }
-    if (s->s3->handshake_dgst)
-        ssl3_free_digest_list(s);
-#ifndef OPENSSL_NO_TLSEXT
-    if (s->s3->alpn_selected)
-        OPENSSL_free(s->s3->alpn_selected);
-#endif
-
-#ifndef OPENSSL_NO_SRP
-    SSL_SRP_CTX_free(s);
-#endif
-    OPENSSL_cleanse(s->s3, sizeof *s->s3);
-    OPENSSL_free(s->s3);
-    s->s3 = NULL;
-}
-
-void ssl3_clear(SSL *s)
-{
-    unsigned char *rp, *wp;
-    size_t rlen, wlen;
-    int init_extra;
-
-#ifdef TLSEXT_TYPE_opaque_prf_input
-    if (s->s3->client_opaque_prf_input != NULL)
-        OPENSSL_free(s->s3->client_opaque_prf_input);
-    s->s3->client_opaque_prf_input = NULL;
-    if (s->s3->server_opaque_prf_input != NULL)
-        OPENSSL_free(s->s3->server_opaque_prf_input);
-    s->s3->server_opaque_prf_input = NULL;
-#endif
-
-    ssl3_cleanup_key_block(s);
-    if (s->s3->tmp.ca_names != NULL)
-        sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
-
-    if (s->s3->rrec.comp != NULL) {
-        OPENSSL_free(s->s3->rrec.comp);
-        s->s3->rrec.comp = NULL;
-    }
-#ifndef OPENSSL_NO_DH
-    if (s->s3->tmp.dh != NULL) {
-        DH_free(s->s3->tmp.dh);
-        s->s3->tmp.dh = NULL;
-    }
-#endif
-#ifndef OPENSSL_NO_ECDH
-    if (s->s3->tmp.ecdh != NULL) {
-        EC_KEY_free(s->s3->tmp.ecdh);
-        s->s3->tmp.ecdh = NULL;
-    }
-#endif
-#ifndef OPENSSL_NO_TLSEXT
-# ifndef OPENSSL_NO_EC
-    s->s3->is_probably_safari = 0;
-# endif                         /* !OPENSSL_NO_EC */
-#endif                          /* !OPENSSL_NO_TLSEXT */
-
-    rp = s->s3->rbuf.buf;
-    wp = s->s3->wbuf.buf;
-    rlen = s->s3->rbuf.len;
-    wlen = s->s3->wbuf.len;
-    init_extra = s->s3->init_extra;
-    if (s->s3->handshake_buffer) {
-        BIO_free(s->s3->handshake_buffer);
-        s->s3->handshake_buffer = NULL;
-    }
-    if (s->s3->handshake_dgst) {
-        ssl3_free_digest_list(s);
-    }
-#if !defined(OPENSSL_NO_TLSEXT)
-    if (s->s3->alpn_selected) {
-        OPENSSL_free(s->s3->alpn_selected);
-        s->s3->alpn_selected = NULL;
-    }
-#endif
-    memset(s->s3, 0, sizeof *s->s3);
-    s->s3->rbuf.buf = rp;
-    s->s3->wbuf.buf = wp;
-    s->s3->rbuf.len = rlen;
-    s->s3->wbuf.len = wlen;
-    s->s3->init_extra = init_extra;
-
-    ssl_free_wbio_buffer(s);
-
-    s->packet_length = 0;
-    s->s3->renegotiate = 0;
-    s->s3->total_renegotiations = 0;
-    s->s3->num_renegotiations = 0;
-    s->s3->in_read_app_data = 0;
-    s->version = SSL3_VERSION;
-
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
-    if (s->next_proto_negotiated) {
-        OPENSSL_free(s->next_proto_negotiated);
-        s->next_proto_negotiated = NULL;
-        s->next_proto_negotiated_len = 0;
-    }
-#endif
-}
-
-#ifndef OPENSSL_NO_SRP
-static char *MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg)
-{
-    return BUF_strdup(s->srp_ctx.info);
-}
-#endif
-
-static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p,
-                                  size_t len);
-
-long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
-{
-    int ret = 0;
-
-#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
-    if (
-# ifndef OPENSSL_NO_RSA
-           cmd == SSL_CTRL_SET_TMP_RSA || cmd == SSL_CTRL_SET_TMP_RSA_CB ||
-# endif
-# ifndef OPENSSL_NO_DSA
-           cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB ||
-# endif
-           0) {
-        if (!ssl_cert_inst(&s->cert)) {
-            SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
-            return (0);
-        }
-    }
-#endif
-
-    switch (cmd) {
-    case SSL_CTRL_GET_SESSION_REUSED:
-        ret = s->hit;
-        break;
-    case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
-        break;
-    case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
-        ret = s->s3->num_renegotiations;
-        break;
-    case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
-        ret = s->s3->num_renegotiations;
-        s->s3->num_renegotiations = 0;
-        break;
-    case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
-        ret = s->s3->total_renegotiations;
-        break;
-    case SSL_CTRL_GET_FLAGS:
-        ret = (int)(s->s3->flags);
-        break;
-#ifndef OPENSSL_NO_RSA
-    case SSL_CTRL_NEED_TMP_RSA:
-        if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
-            ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
-             (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) >
-              (512 / 8))))
-            ret = 1;
-        break;
-    case SSL_CTRL_SET_TMP_RSA:
-        {
-            RSA *rsa = (RSA *)parg;
-            if (rsa == NULL) {
-                SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
-                return (ret);
-            }
-            if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) {
-                SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
-                return (ret);
-            }
-            if (s->cert->rsa_tmp != NULL)
-                RSA_free(s->cert->rsa_tmp);
-            s->cert->rsa_tmp = rsa;
-            ret = 1;
-        }
-        break;
-    case SSL_CTRL_SET_TMP_RSA_CB:
-        {
-            SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-            return (ret);
-        }
-        break;
-#endif
-#ifndef OPENSSL_NO_DH
-    case SSL_CTRL_SET_TMP_DH:
-        {
-            DH *dh = (DH *)parg;
-            if (dh == NULL) {
-                SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
-                return (ret);
-            }
-            if ((dh = DHparams_dup(dh)) == NULL) {
-                SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
-                return (ret);
-            }
-            if (s->cert->dh_tmp != NULL)
-                DH_free(s->cert->dh_tmp);
-            s->cert->dh_tmp = dh;
-            ret = 1;
-        }
-        break;
-    case SSL_CTRL_SET_TMP_DH_CB:
-        {
-            SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-            return (ret);
-        }
-        break;
-#endif
-#ifndef OPENSSL_NO_ECDH
-    case SSL_CTRL_SET_TMP_ECDH:
-        {
-            EC_KEY *ecdh = NULL;
-
-            if (parg == NULL) {
-                SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
-                return (ret);
-            }
-            if (!EC_KEY_up_ref((EC_KEY *)parg)) {
-                SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB);
-                return (ret);
-            }
-            ecdh = (EC_KEY *)parg;
-            if (!(s->options & SSL_OP_SINGLE_ECDH_USE)) {
-                if (!EC_KEY_generate_key(ecdh)) {
-                    EC_KEY_free(ecdh);
-                    SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB);
-                    return (ret);
-                }
-            }
-            if (s->cert->ecdh_tmp != NULL)
-                EC_KEY_free(s->cert->ecdh_tmp);
-            s->cert->ecdh_tmp = ecdh;
-            ret = 1;
-        }
-        break;
-    case SSL_CTRL_SET_TMP_ECDH_CB:
-        {
-            SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-            return (ret);
-        }
-        break;
-#endif                          /* !OPENSSL_NO_ECDH */
-#ifndef OPENSSL_NO_TLSEXT
-    case SSL_CTRL_SET_TLSEXT_HOSTNAME:
-        if (larg == TLSEXT_NAMETYPE_host_name) {
-            size_t len;
-
-            if (s->tlsext_hostname != NULL)
-                OPENSSL_free(s->tlsext_hostname);
-            s->tlsext_hostname = NULL;
-
-            ret = 1;
-            if (parg == NULL)
-                break;
-            len = strlen((char *)parg);
-            if (len == 0 || len > TLSEXT_MAXLEN_host_name) {
-                SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
-                return 0;
-            }
-            if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL) {
-                SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
-                return 0;
-            }
-        } else {
-            SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
-            return 0;
-        }
-        break;
-    case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
-        s->tlsext_debug_arg = parg;
-        ret = 1;
-        break;
-
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT:
-        if (larg > 12288) {     /* actual internal limit is 2^16 for the
-                                 * complete hello message * (including the
-                                 * cert chain and everything) */
-            SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
-            break;
-        }
-        if (s->tlsext_opaque_prf_input != NULL)
-            OPENSSL_free(s->tlsext_opaque_prf_input);
-        if ((size_t)larg == 0)
-            s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte
-                                                             * just to get
-                                                             * non-NULL */
-        else
-            s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg);
-        if (s->tlsext_opaque_prf_input != NULL) {
-            s->tlsext_opaque_prf_input_len = (size_t)larg;
-            ret = 1;
-        } else
-            s->tlsext_opaque_prf_input_len = 0;
-        break;
-# endif
-
-    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
-        s->tlsext_status_type = larg;
-        ret = 1;
-        break;
-
-    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
-        *(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts;
-        ret = 1;
-        break;
-
-    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
-        s->tlsext_ocsp_exts = parg;
-        ret = 1;
-        break;
-
-    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
-        *(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids;
-        ret = 1;
-        break;
-
-    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
-        s->tlsext_ocsp_ids = parg;
-        ret = 1;
-        break;
-
-    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
-        *(unsigned char **)parg = s->tlsext_ocsp_resp;
-        return s->tlsext_ocsp_resplen;
-
-    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
-        if (s->tlsext_ocsp_resp)
-            OPENSSL_free(s->tlsext_ocsp_resp);
-        s->tlsext_ocsp_resp = parg;
-        s->tlsext_ocsp_resplen = larg;
-        ret = 1;
-        break;
-
-# ifndef OPENSSL_NO_HEARTBEATS
-    case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT:
-        if (SSL_IS_DTLS(s))
-            ret = dtls1_heartbeat(s);
-        else
-            ret = tls1_heartbeat(s);
-        break;
-
-    case SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING:
-        ret = s->tlsext_hb_pending;
-        break;
-
-    case SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS:
-        if (larg)
-            s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
-        else
-            s->tlsext_heartbeat &= ~SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
-        ret = 1;
-        break;
-# endif
-
-#endif                          /* !OPENSSL_NO_TLSEXT */
-
-    case SSL_CTRL_CHAIN:
-        if (larg)
-            return ssl_cert_set1_chain(s->cert, (STACK_OF(X509) *)parg);
-        else
-            return ssl_cert_set0_chain(s->cert, (STACK_OF(X509) *)parg);
-
-    case SSL_CTRL_CHAIN_CERT:
-        if (larg)
-            return ssl_cert_add1_chain_cert(s->cert, (X509 *)parg);
-        else
-            return ssl_cert_add0_chain_cert(s->cert, (X509 *)parg);
-
-    case SSL_CTRL_GET_CHAIN_CERTS:
-        *(STACK_OF(X509) **)parg = s->cert->key->chain;
-        break;
-
-    case SSL_CTRL_SELECT_CURRENT_CERT:
-        return ssl_cert_select_current(s->cert, (X509 *)parg);
-
-    case SSL_CTRL_SET_CURRENT_CERT:
-        if (larg == SSL_CERT_SET_SERVER) {
-            CERT_PKEY *cpk;
-            const SSL_CIPHER *cipher;
-            if (!s->server)
-                return 0;
-            cipher = s->s3->tmp.new_cipher;
-            if (!cipher)
-                return 0;
-            /*
-             * No certificate for unauthenticated ciphersuites or using SRP
-             * authentication
-             */
-            if (cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
-                return 2;
-            cpk = ssl_get_server_send_pkey(s);
-            if (!cpk)
-                return 0;
-            s->cert->key = cpk;
-            return 1;
-        }
-        return ssl_cert_set_current(s->cert, larg);
-
-#ifndef OPENSSL_NO_EC
-    case SSL_CTRL_GET_CURVES:
-        {
-            unsigned char *clist;
-            size_t clistlen;
-            if (!s->session)
-                return 0;
-            clist = s->session->tlsext_ellipticcurvelist;
-            clistlen = s->session->tlsext_ellipticcurvelist_length / 2;
-            if (parg) {
-                size_t i;
-                int *cptr = parg;
-                unsigned int cid, nid;
-                for (i = 0; i < clistlen; i++) {
-                    n2s(clist, cid);
-                    nid = tls1_ec_curve_id2nid(cid);
-                    if (nid != 0)
-                        cptr[i] = nid;
-                    else
-                        cptr[i] = TLSEXT_nid_unknown | cid;
-                }
-            }
-            return (int)clistlen;
-        }
-
-    case SSL_CTRL_SET_CURVES:
-        return tls1_set_curves(&s->tlsext_ellipticcurvelist,
-                               &s->tlsext_ellipticcurvelist_length,
-                               parg, larg);
-
-    case SSL_CTRL_SET_CURVES_LIST:
-        return tls1_set_curves_list(&s->tlsext_ellipticcurvelist,
-                                    &s->tlsext_ellipticcurvelist_length,
-                                    parg);
-
-    case SSL_CTRL_GET_SHARED_CURVE:
-        return tls1_shared_curve(s, larg);
-
-# ifndef OPENSSL_NO_ECDH
-    case SSL_CTRL_SET_ECDH_AUTO:
-        s->cert->ecdh_tmp_auto = larg;
-        return 1;
-# endif
-#endif
-    case SSL_CTRL_SET_SIGALGS:
-        return tls1_set_sigalgs(s->cert, parg, larg, 0);
-
-    case SSL_CTRL_SET_SIGALGS_LIST:
-        return tls1_set_sigalgs_list(s->cert, parg, 0);
-
-    case SSL_CTRL_SET_CLIENT_SIGALGS:
-        return tls1_set_sigalgs(s->cert, parg, larg, 1);
-
-    case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
-        return tls1_set_sigalgs_list(s->cert, parg, 1);
-
-    case SSL_CTRL_GET_CLIENT_CERT_TYPES:
-        {
-            const unsigned char **pctype = parg;
-            if (s->server || !s->s3->tmp.cert_req)
-                return 0;
-            if (s->cert->ctypes) {
-                if (pctype)
-                    *pctype = s->cert->ctypes;
-                return (int)s->cert->ctype_num;
-            }
-            if (pctype)
-                *pctype = (unsigned char *)s->s3->tmp.ctype;
-            return s->s3->tmp.ctype_num;
-        }
-
-    case SSL_CTRL_SET_CLIENT_CERT_TYPES:
-        if (!s->server)
-            return 0;
-        return ssl3_set_req_cert_type(s->cert, parg, larg);
-
-    case SSL_CTRL_BUILD_CERT_CHAIN:
-        return ssl_build_cert_chain(s->cert, s->ctx->cert_store, larg);
-
-    case SSL_CTRL_SET_VERIFY_CERT_STORE:
-        return ssl_cert_set_cert_store(s->cert, parg, 0, larg);
-
-    case SSL_CTRL_SET_CHAIN_CERT_STORE:
-        return ssl_cert_set_cert_store(s->cert, parg, 1, larg);
-
-    case SSL_CTRL_GET_PEER_SIGNATURE_NID:
-        if (SSL_USE_SIGALGS(s)) {
-            if (s->session && s->session->sess_cert) {
-                const EVP_MD *sig;
-                sig = s->session->sess_cert->peer_key->digest;
-                if (sig) {
-                    *(int *)parg = EVP_MD_type(sig);
-                    return 1;
-                }
-            }
-            return 0;
-        }
-        /* Might want to do something here for other versions */
-        else
-            return 0;
-
-    case SSL_CTRL_GET_SERVER_TMP_KEY:
-        if (s->server || !s->session || !s->session->sess_cert)
-            return 0;
-        else {
-            SESS_CERT *sc;
-            EVP_PKEY *ptmp;
-            int rv = 0;
-            sc = s->session->sess_cert;
-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_ECDH)
-            if (!sc->peer_rsa_tmp && !sc->peer_dh_tmp && !sc->peer_ecdh_tmp)
-                return 0;
-#endif
-            ptmp = EVP_PKEY_new();
-            if (!ptmp)
-                return 0;
-            if (0) ;
-#ifndef OPENSSL_NO_RSA
-            else if (sc->peer_rsa_tmp)
-                rv = EVP_PKEY_set1_RSA(ptmp, sc->peer_rsa_tmp);
-#endif
-#ifndef OPENSSL_NO_DH
-            else if (sc->peer_dh_tmp)
-                rv = EVP_PKEY_set1_DH(ptmp, sc->peer_dh_tmp);
-#endif
-#ifndef OPENSSL_NO_ECDH
-            else if (sc->peer_ecdh_tmp)
-                rv = EVP_PKEY_set1_EC_KEY(ptmp, sc->peer_ecdh_tmp);
-#endif
-            if (rv) {
-                *(EVP_PKEY **)parg = ptmp;
-                return 1;
-            }
-            EVP_PKEY_free(ptmp);
-            return 0;
-        }
-#ifndef OPENSSL_NO_EC
-    case SSL_CTRL_GET_EC_POINT_FORMATS:
-        {
-            SSL_SESSION *sess = s->session;
-            const unsigned char **pformat = parg;
-            if (!sess || !sess->tlsext_ecpointformatlist)
-                return 0;
-            *pformat = sess->tlsext_ecpointformatlist;
-            return (int)sess->tlsext_ecpointformatlist_length;
-        }
-#endif
-
-    case SSL_CTRL_CHECK_PROTO_VERSION:
-        /*
-         * For library-internal use; checks that the current protocol is the
-         * highest enabled version (according to s->ctx->method, as version
-         * negotiation may have changed s->method).
-         */
-        if (s->version == s->ctx->method->version)
-            return 1;
-        /*
-         * Apparently we're using a version-flexible SSL_METHOD (not at its
-         * highest protocol version).
-         */
-        if (s->ctx->method->version == SSLv23_method()->version) {
-#if TLS_MAX_VERSION != TLS1_2_VERSION
-# error Code needs update for SSLv23_method() support beyond TLS1_2_VERSION.
-#endif
-            if (!(s->options & SSL_OP_NO_TLSv1_2))
-                return s->version == TLS1_2_VERSION;
-            if (!(s->options & SSL_OP_NO_TLSv1_1))
-                return s->version == TLS1_1_VERSION;
-            if (!(s->options & SSL_OP_NO_TLSv1))
-                return s->version == TLS1_VERSION;
-            if (!(s->options & SSL_OP_NO_SSLv3))
-                return s->version == SSL3_VERSION;
-            if (!(s->options & SSL_OP_NO_SSLv2))
-                return s->version == SSL2_VERSION;
-        }
-        return 0;               /* Unexpected state; fail closed. */
-
-    default:
-        break;
-    }
-    return (ret);
-}
-
-long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
-{
-    int ret = 0;
-
-#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
-    if (
-# ifndef OPENSSL_NO_RSA
-           cmd == SSL_CTRL_SET_TMP_RSA_CB ||
-# endif
-# ifndef OPENSSL_NO_DSA
-           cmd == SSL_CTRL_SET_TMP_DH_CB ||
-# endif
-           0) {
-        if (!ssl_cert_inst(&s->cert)) {
-            SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
-            return (0);
-        }
-    }
-#endif
-
-    switch (cmd) {
-#ifndef OPENSSL_NO_RSA
-    case SSL_CTRL_SET_TMP_RSA_CB:
-        {
-            s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
-        }
-        break;
-#endif
-#ifndef OPENSSL_NO_DH
-    case SSL_CTRL_SET_TMP_DH_CB:
-        {
-            s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
-        }
-        break;
-#endif
-#ifndef OPENSSL_NO_ECDH
-    case SSL_CTRL_SET_TMP_ECDH_CB:
-        {
-            s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
-        }
-        break;
-#endif
-#ifndef OPENSSL_NO_TLSEXT
-    case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
-        s->tlsext_debug_cb = (void (*)(SSL *, int, int,
-                                       unsigned char *, int, void *))fp;
-        break;
-#endif
-    default:
-        break;
-    }
-    return (ret);
-}
-
-long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
-{
-    CERT *cert;
-
-    cert = ctx->cert;
-
-    switch (cmd) {
-#ifndef OPENSSL_NO_RSA
-    case SSL_CTRL_NEED_TMP_RSA:
-        if ((cert->rsa_tmp == NULL) &&
-            ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
-             (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) >
-              (512 / 8)))
-            )
-            return (1);
-        else
-            return (0);
-        /* break; */
-    case SSL_CTRL_SET_TMP_RSA:
-        {
-            RSA *rsa;
-            int i;
-
-            rsa = (RSA *)parg;
-            i = 1;
-            if (rsa == NULL)
-                i = 0;
-            else {
-                if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
-                    i = 0;
-            }
-            if (!i) {
-                SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_RSA_LIB);
-                return (0);
-            } else {
-                if (cert->rsa_tmp != NULL)
-                    RSA_free(cert->rsa_tmp);
-                cert->rsa_tmp = rsa;
-                return (1);
-            }
-        }
-        /* break; */
-    case SSL_CTRL_SET_TMP_RSA_CB:
-        {
-            SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-            return (0);
-        }
-        break;
-#endif
-#ifndef OPENSSL_NO_DH
-    case SSL_CTRL_SET_TMP_DH:
-        {
-            DH *new = NULL, *dh;
-
-            dh = (DH *)parg;
-            if ((new = DHparams_dup(dh)) == NULL) {
-                SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB);
-                return 0;
-            }
-            if (cert->dh_tmp != NULL)
-                DH_free(cert->dh_tmp);
-            cert->dh_tmp = new;
-            return 1;
-        }
-        /*
-         * break;
-         */
-    case SSL_CTRL_SET_TMP_DH_CB:
-        {
-            SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-            return (0);
-        }
-        break;
-#endif
-#ifndef OPENSSL_NO_ECDH
-    case SSL_CTRL_SET_TMP_ECDH:
-        {
-            EC_KEY *ecdh = NULL;
-
-            if (parg == NULL) {
-                SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB);
-                return 0;
-            }
-            ecdh = EC_KEY_dup((EC_KEY *)parg);
-            if (ecdh == NULL) {
-                SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_EC_LIB);
-                return 0;
-            }
-            if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE)) {
-                if (!EC_KEY_generate_key(ecdh)) {
-                    EC_KEY_free(ecdh);
-                    SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB);
-                    return 0;
-                }
-            }
-
-            if (cert->ecdh_tmp != NULL) {
-                EC_KEY_free(cert->ecdh_tmp);
-            }
-            cert->ecdh_tmp = ecdh;
-            return 1;
-        }
-        /* break; */
-    case SSL_CTRL_SET_TMP_ECDH_CB:
-        {
-            SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-            return (0);
-        }
-        break;
-#endif                          /* !OPENSSL_NO_ECDH */
-#ifndef OPENSSL_NO_TLSEXT
-    case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
-        ctx->tlsext_servername_arg = parg;
-        break;
-    case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
-    case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
-        {
-            unsigned char *keys = parg;
-            if (!keys)
-                return 48;
-            if (larg != 48) {
-                SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
-                return 0;
-            }
-            if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
-                memcpy(ctx->tlsext_tick_key_name, keys, 16);
-                memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16);
-                memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
-            } else {
-                memcpy(keys, ctx->tlsext_tick_key_name, 16);
-                memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16);
-                memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16);
-            }
-            return 1;
-        }
-
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG:
-        ctx->tlsext_opaque_prf_input_callback_arg = parg;
-        return 1;
-# endif
-
-    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
-        ctx->tlsext_status_arg = parg;
-        return 1;
-        break;
-
-# ifndef OPENSSL_NO_SRP
-    case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
-        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
-        if (ctx->srp_ctx.login != NULL)
-            OPENSSL_free(ctx->srp_ctx.login);
-        ctx->srp_ctx.login = NULL;
-        if (parg == NULL)
-            break;
-        if (strlen((const char *)parg) > 255
-            || strlen((const char *)parg) < 1) {
-            SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
-            return 0;
-        }
-        if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL) {
-            SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
-            return 0;
-        }
-        break;
-    case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
-        ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
-            srp_password_from_info_cb;
-        ctx->srp_ctx.info = parg;
-        break;
-    case SSL_CTRL_SET_SRP_ARG:
-        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
-        ctx->srp_ctx.SRP_cb_arg = parg;
-        break;
-
-    case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
-        ctx->srp_ctx.strength = larg;
-        break;
-# endif
-
-# ifndef OPENSSL_NO_EC
-    case SSL_CTRL_SET_CURVES:
-        return tls1_set_curves(&ctx->tlsext_ellipticcurvelist,
-                               &ctx->tlsext_ellipticcurvelist_length,
-                               parg, larg);
-
-    case SSL_CTRL_SET_CURVES_LIST:
-        return tls1_set_curves_list(&ctx->tlsext_ellipticcurvelist,
-                                    &ctx->tlsext_ellipticcurvelist_length,
-                                    parg);
-#  ifndef OPENSSL_NO_ECDH
-    case SSL_CTRL_SET_ECDH_AUTO:
-        ctx->cert->ecdh_tmp_auto = larg;
-        return 1;
-#  endif
-# endif
-    case SSL_CTRL_SET_SIGALGS:
-        return tls1_set_sigalgs(ctx->cert, parg, larg, 0);
-
-    case SSL_CTRL_SET_SIGALGS_LIST:
-        return tls1_set_sigalgs_list(ctx->cert, parg, 0);
-
-    case SSL_CTRL_SET_CLIENT_SIGALGS:
-        return tls1_set_sigalgs(ctx->cert, parg, larg, 1);
-
-    case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
-        return tls1_set_sigalgs_list(ctx->cert, parg, 1);
-
-    case SSL_CTRL_SET_CLIENT_CERT_TYPES:
-        return ssl3_set_req_cert_type(ctx->cert, parg, larg);
-
-    case SSL_CTRL_BUILD_CERT_CHAIN:
-        return ssl_build_cert_chain(ctx->cert, ctx->cert_store, larg);
-
-    case SSL_CTRL_SET_VERIFY_CERT_STORE:
-        return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg);
-
-    case SSL_CTRL_SET_CHAIN_CERT_STORE:
-        return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg);
-
-#endif                          /* !OPENSSL_NO_TLSEXT */
-
-        /* A Thawte special :-) */
-    case SSL_CTRL_EXTRA_CHAIN_CERT:
-        if (ctx->extra_certs == NULL) {
-            if ((ctx->extra_certs = sk_X509_new_null()) == NULL)
-                return (0);
-        }
-        sk_X509_push(ctx->extra_certs, (X509 *)parg);
-        break;
-
-    case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
-        if (ctx->extra_certs == NULL && larg == 0)
-            *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
-        else
-            *(STACK_OF(X509) **)parg = ctx->extra_certs;
-        break;
-
-    case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
-        if (ctx->extra_certs) {
-            sk_X509_pop_free(ctx->extra_certs, X509_free);
-            ctx->extra_certs = NULL;
-        }
-        break;
-
-    case SSL_CTRL_CHAIN:
-        if (larg)
-            return ssl_cert_set1_chain(ctx->cert, (STACK_OF(X509) *)parg);
-        else
-            return ssl_cert_set0_chain(ctx->cert, (STACK_OF(X509) *)parg);
-
-    case SSL_CTRL_CHAIN_CERT:
-        if (larg)
-            return ssl_cert_add1_chain_cert(ctx->cert, (X509 *)parg);
-        else
-            return ssl_cert_add0_chain_cert(ctx->cert, (X509 *)parg);
-
-    case SSL_CTRL_GET_CHAIN_CERTS:
-        *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
-        break;
-
-    case SSL_CTRL_SELECT_CURRENT_CERT:
-        return ssl_cert_select_current(ctx->cert, (X509 *)parg);
-
-    case SSL_CTRL_SET_CURRENT_CERT:
-        return ssl_cert_set_current(ctx->cert, larg);
-
-    default:
-        return (0);
-    }
-    return (1);
-}
-
-long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
-{
-    CERT *cert;
-
-    cert = ctx->cert;
-
-    switch (cmd) {
-#ifndef OPENSSL_NO_RSA
-    case SSL_CTRL_SET_TMP_RSA_CB:
-        {
-            cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
-        }
-        break;
-#endif
-#ifndef OPENSSL_NO_DH
-    case SSL_CTRL_SET_TMP_DH_CB:
-        {
-            cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
-        }
-        break;
-#endif
-#ifndef OPENSSL_NO_ECDH
-    case SSL_CTRL_SET_TMP_ECDH_CB:
-        {
-            cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
-        }
-        break;
-#endif
-#ifndef OPENSSL_NO_TLSEXT
-    case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
-        ctx->tlsext_servername_callback = (int (*)(SSL *, int *, void *))fp;
-        break;
-
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB:
-        ctx->tlsext_opaque_prf_input_callback =
-            (int (*)(SSL *, void *, size_t, void *))fp;
-        break;
-# endif
-
-    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
-        ctx->tlsext_status_cb = (int (*)(SSL *, void *))fp;
-        break;
-
-    case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
-        ctx->tlsext_ticket_key_cb = (int (*)(SSL *, unsigned char *,
-                                             unsigned char *,
-                                             EVP_CIPHER_CTX *,
-                                             HMAC_CTX *, int))fp;
-        break;
-
-# ifndef OPENSSL_NO_SRP
-    case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
-        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
-        ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp;
-        break;
-    case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
-        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
-        ctx->srp_ctx.TLS_ext_srp_username_callback =
-            (int (*)(SSL *, int *, void *))fp;
-        break;
-    case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
-        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
-        ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
-            (char *(*)(SSL *, void *))fp;
-        break;
-# endif
-#endif
-    default:
-        return (0);
-    }
-    return (1);
-}
-
-/*
- * This function needs to check if the ciphers required are actually
- * available
- */
-const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
-{
-    SSL_CIPHER c;
-    const SSL_CIPHER *cp;
-    unsigned long id;
-
-    id = 0x03000000L | ((unsigned long)p[0] << 8L) | (unsigned long)p[1];
-    c.id = id;
-    cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
-#ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES
-    if (cp == NULL)
-        fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]);
-#endif
-    return cp;
-}
-
-int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
-{
-    long l;
-
-    if (p != NULL) {
-        l = c->id;
-        if ((l & 0xff000000) != 0x03000000)
-            return (0);
-        p[0] = ((unsigned char)(l >> 8L)) & 0xFF;
-        p[1] = ((unsigned char)(l)) & 0xFF;
-    }
-    return (2);
-}
-
-SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
-                               STACK_OF(SSL_CIPHER) *srvr)
-{
-    SSL_CIPHER *c, *ret = NULL;
-    STACK_OF(SSL_CIPHER) *prio, *allow;
-    int i, ii, ok;
-    CERT *cert;
-    unsigned long alg_k, alg_a, mask_k, mask_a, emask_k, emask_a;
-
-    /* Let's see which ciphers we can support */
-    cert = s->cert;
-
-#if 0
-    /*
-     * Do not set the compare functions, because this may lead to a
-     * reordering by "id". We want to keep the original ordering. We may pay
-     * a price in performance during sk_SSL_CIPHER_find(), but would have to
-     * pay with the price of sk_SSL_CIPHER_dup().
-     */
-    sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
-    sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
-#endif
-
-#ifdef CIPHER_DEBUG
-    fprintf(stderr, "Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr),
-            (void *)srvr);
-    for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) {
-        c = sk_SSL_CIPHER_value(srvr, i);
-        fprintf(stderr, "%p:%s\n", (void *)c, c->name);
-    }
-    fprintf(stderr, "Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt),
-            (void *)clnt);
-    for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) {
-        c = sk_SSL_CIPHER_value(clnt, i);
-        fprintf(stderr, "%p:%s\n", (void *)c, c->name);
-    }
-#endif
-
-    if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || tls1_suiteb(s)) {
-        prio = srvr;
-        allow = clnt;
-    } else {
-        prio = clnt;
-        allow = srvr;
-    }
-
-    tls1_set_cert_validity(s);
-
-    for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
-        c = sk_SSL_CIPHER_value(prio, i);
-
-        /* Skip TLS v1.2 only ciphersuites if not supported */
-        if ((c->algorithm_ssl & SSL_TLSV1_2) && !SSL_USE_TLS1_2_CIPHERS(s))
-            continue;
-
-        ssl_set_cert_masks(cert, c);
-        mask_k = cert->mask_k;
-        mask_a = cert->mask_a;
-        emask_k = cert->export_mask_k;
-        emask_a = cert->export_mask_a;
-#ifndef OPENSSL_NO_SRP
-        if (s->srp_ctx.srp_Mask & SSL_kSRP) {
-            mask_k |= SSL_kSRP;
-            emask_k |= SSL_kSRP;
-            mask_a |= SSL_aSRP;
-            emask_a |= SSL_aSRP;
-        }
-#endif
-
-#ifdef KSSL_DEBUG
-        /*
-         * fprintf(stderr,"ssl3_choose_cipher %d alg= %lx\n",
-         * i,c->algorithms);
-         */
-#endif                          /* KSSL_DEBUG */
-
-        alg_k = c->algorithm_mkey;
-        alg_a = c->algorithm_auth;
-
-#ifndef OPENSSL_NO_KRB5
-        if (alg_k & SSL_kKRB5) {
-            if (!kssl_keytab_is_available(s->kssl_ctx))
-                continue;
-        }
-#endif                          /* OPENSSL_NO_KRB5 */
-#ifndef OPENSSL_NO_PSK
-        /* with PSK there must be server callback set */
-        if ((alg_k & SSL_kPSK) && s->psk_server_callback == NULL)
-            continue;
-#endif                          /* OPENSSL_NO_PSK */
-
-        if (SSL_C_IS_EXPORT(c)) {
-            ok = (alg_k & emask_k) && (alg_a & emask_a);
-#ifdef CIPHER_DEBUG
-            fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n",
-                    ok, alg_k, alg_a, emask_k, emask_a, (void *)c, c->name);
-#endif
-        } else {
-            ok = (alg_k & mask_k) && (alg_a & mask_a);
-#ifdef CIPHER_DEBUG
-            fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k,
-                    alg_a, mask_k, mask_a, (void *)c, c->name);
-#endif
-        }
-
-#ifndef OPENSSL_NO_TLSEXT
-# ifndef OPENSSL_NO_EC
-#  ifndef OPENSSL_NO_ECDH
-        /*
-         * if we are considering an ECC cipher suite that uses an ephemeral
-         * EC key check it
-         */
-        if (alg_k & SSL_kEECDH)
-            ok = ok && tls1_check_ec_tmp_key(s, c->id);
-#  endif                        /* OPENSSL_NO_ECDH */
-# endif                         /* OPENSSL_NO_EC */
-#endif                          /* OPENSSL_NO_TLSEXT */
-
-        if (!ok)
-            continue;
-        ii = sk_SSL_CIPHER_find(allow, c);
-        if (ii >= 0) {
-#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT)
-            if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA)
-                && s->s3->is_probably_safari) {
-                if (!ret)
-                    ret = sk_SSL_CIPHER_value(allow, ii);
-                continue;
-            }
-#endif
-            ret = sk_SSL_CIPHER_value(allow, ii);
-            break;
-        }
-    }
-    return (ret);
-}
-
-int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
-{
-    int ret = 0;
-    const unsigned char *sig;
-    size_t i, siglen;
-    int have_rsa_sign = 0, have_dsa_sign = 0;
-#ifndef OPENSSL_NO_ECDSA
-    int have_ecdsa_sign = 0;
-#endif
-    int nostrict = 1;
-    unsigned long alg_k;
-
-    /* If we have custom certificate types set, use them */
-    if (s->cert->ctypes) {
-        memcpy(p, s->cert->ctypes, s->cert->ctype_num);
-        return (int)s->cert->ctype_num;
-    }
-    /* get configured sigalgs */
-    siglen = tls12_get_psigalgs(s, 1, &sig);
-    if (s->cert->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT)
-        nostrict = 0;
-    for (i = 0; i < siglen; i += 2, sig += 2) {
-        switch (sig[1]) {
-        case TLSEXT_signature_rsa:
-            have_rsa_sign = 1;
-            break;
-
-        case TLSEXT_signature_dsa:
-            have_dsa_sign = 1;
-            break;
-#ifndef OPENSSL_NO_ECDSA
-        case TLSEXT_signature_ecdsa:
-            have_ecdsa_sign = 1;
-            break;
-#endif
-        }
-    }
-
-    alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-
-#ifndef OPENSSL_NO_GOST
-    if (s->version >= TLS1_VERSION) {
-        if (alg_k & SSL_kGOST) {
-            p[ret++] = TLS_CT_GOST94_SIGN;
-            p[ret++] = TLS_CT_GOST01_SIGN;
-            return (ret);
-        }
-    }
-#endif
-
-#ifndef OPENSSL_NO_DH
-    if (alg_k & (SSL_kDHr | SSL_kEDH)) {
-# ifndef OPENSSL_NO_RSA
-        /*
-         * Since this refers to a certificate signed with an RSA algorithm,
-         * only check for rsa signing in strict mode.
-         */
-        if (nostrict || have_rsa_sign)
-            p[ret++] = SSL3_CT_RSA_FIXED_DH;
-# endif
-# ifndef OPENSSL_NO_DSA
-        if (nostrict || have_dsa_sign)
-            p[ret++] = SSL3_CT_DSS_FIXED_DH;
-# endif
-    }
-    if ((s->version == SSL3_VERSION) &&
-        (alg_k & (SSL_kEDH | SSL_kDHd | SSL_kDHr))) {
-# ifndef OPENSSL_NO_RSA
-        p[ret++] = SSL3_CT_RSA_EPHEMERAL_DH;
-# endif
-# ifndef OPENSSL_NO_DSA
-        p[ret++] = SSL3_CT_DSS_EPHEMERAL_DH;
-# endif
-    }
-#endif                          /* !OPENSSL_NO_DH */
-#ifndef OPENSSL_NO_RSA
-    if (have_rsa_sign)
-        p[ret++] = SSL3_CT_RSA_SIGN;
-#endif
-#ifndef OPENSSL_NO_DSA
-    if (have_dsa_sign)
-        p[ret++] = SSL3_CT_DSS_SIGN;
-#endif
-#ifndef OPENSSL_NO_ECDH
-    if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->version >= TLS1_VERSION)) {
-        if (nostrict || have_rsa_sign)
-            p[ret++] = TLS_CT_RSA_FIXED_ECDH;
-        if (nostrict || have_ecdsa_sign)
-            p[ret++] = TLS_CT_ECDSA_FIXED_ECDH;
-    }
-#endif
-
-#ifndef OPENSSL_NO_ECDSA
-    /*
-     * ECDSA certs can be used with RSA cipher suites as well so we don't
-     * need to check for SSL_kECDH or SSL_kEECDH
-     */
-    if (s->version >= TLS1_VERSION) {
-        if (have_ecdsa_sign)
-            p[ret++] = TLS_CT_ECDSA_SIGN;
-    }
-#endif
-    return (ret);
-}
-
-static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len)
-{
-    if (c->ctypes) {
-        OPENSSL_free(c->ctypes);
-        c->ctypes = NULL;
-    }
-    if (!p || !len)
-        return 1;
-    if (len > 0xff)
-        return 0;
-    c->ctypes = OPENSSL_malloc(len);
-    if (!c->ctypes)
-        return 0;
-    memcpy(c->ctypes, p, len);
-    c->ctype_num = len;
-    return 1;
-}
-
-int ssl3_shutdown(SSL *s)
-{
-    int ret;
-
-    /*
-     * Don't do anything much if we have not done the handshake or we don't
-     * want to send messages :-)
-     */
-    if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) {
-        s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
-        return (1);
-    }
-
-    if (!(s->shutdown & SSL_SENT_SHUTDOWN)) {
-        s->shutdown |= SSL_SENT_SHUTDOWN;
-#if 1
-        ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);
-#endif
-        /*
-         * our shutdown alert has been sent now, and if it still needs to be
-         * written, s->s3->alert_dispatch will be true
-         */
-        if (s->s3->alert_dispatch)
-            return (-1);        /* return WANT_WRITE */
-    } else if (s->s3->alert_dispatch) {
-        /* resend it if not sent */
-#if 1
-        ret = s->method->ssl_dispatch_alert(s);
-        if (ret == -1) {
-            /*
-             * we only get to return -1 here the 2nd/Nth invocation, we must
-             * have already signalled return 0 upon a previous invoation,
-             * return WANT_WRITE
-             */
-            return (ret);
-        }
-#endif
-    } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
-        /*
-         * If we are waiting for a close from our peer, we are closed
-         */
-        s->method->ssl_read_bytes(s, 0, NULL, 0, 0);
-        if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
-            return (-1);        /* return WANT_READ */
-        }
-    }
-
-    if ((s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN)) &&
-        !s->s3->alert_dispatch)
-        return (1);
-    else
-        return (0);
-}
-
-int ssl3_write(SSL *s, const void *buf, int len)
-{
-    int ret, n;
-
-#if 0
-    if (s->shutdown & SSL_SEND_SHUTDOWN) {
-        s->rwstate = SSL_NOTHING;
-        return (0);
-    }
-#endif
-    clear_sys_error();
-    if (s->s3->renegotiate)
-        ssl3_renegotiate_check(s);
-
-    /*
-     * This is an experimental flag that sends the last handshake message in
-     * the same packet as the first use data - used to see if it helps the
-     * TCP protocol during session-id reuse
-     */
-    /* The second test is because the buffer may have been removed */
-    if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) {
-        /* First time through, we write into the buffer */
-        if (s->s3->delay_buf_pop_ret == 0) {
-            ret = ssl3_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len);
-            if (ret <= 0)
-                return (ret);
-
-            s->s3->delay_buf_pop_ret = ret;
-        }
-
-        s->rwstate = SSL_WRITING;
-        n = BIO_flush(s->wbio);
-        if (n <= 0)
-            return (n);
-        s->rwstate = SSL_NOTHING;
-
-        /* We have flushed the buffer, so remove it */
-        ssl_free_wbio_buffer(s);
-        s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER;
-
-        ret = s->s3->delay_buf_pop_ret;
-        s->s3->delay_buf_pop_ret = 0;
-    } else {
-        ret = s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA,
-                                         buf, len);
-        if (ret <= 0)
-            return (ret);
-    }
-
-    return (ret);
-}
-
-static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
-{
-    int ret;
-
-    clear_sys_error();
-    if (s->s3->renegotiate)
-        ssl3_renegotiate_check(s);
-    s->s3->in_read_app_data = 1;
-    ret =
-        s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len,
-                                  peek);
-    if ((ret == -1) && (s->s3->in_read_app_data == 2)) {
-        /*
-         * ssl3_read_bytes decided to call s->handshake_func, which called
-         * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes
-         * actually found application data and thinks that application data
-         * makes sense here; so disable handshake processing and try to read
-         * application data again.
-         */
-        s->in_handshake++;
-        ret =
-            s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len,
-                                      peek);
-        s->in_handshake--;
-    } else
-        s->s3->in_read_app_data = 0;
-
-    return (ret);
-}
-
-int ssl3_read(SSL *s, void *buf, int len)
-{
-    return ssl3_read_internal(s, buf, len, 0);
-}
-
-int ssl3_peek(SSL *s, void *buf, int len)
-{
-    return ssl3_read_internal(s, buf, len, 1);
-}
-
-int ssl3_renegotiate(SSL *s)
-{
-    if (s->handshake_func == NULL)
-        return (1);
-
-    if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
-        return (0);
-
-    s->s3->renegotiate = 1;
-    return (1);
-}
-
-int ssl3_renegotiate_check(SSL *s)
-{
-    int ret = 0;
-
-    if (s->s3->renegotiate) {
-        if ((s->s3->rbuf.left == 0) &&
-            (s->s3->wbuf.left == 0) && !SSL_in_init(s)) {
-            /*
-             * if we are the server, and we have sent a 'RENEGOTIATE'
-             * message, we need to go to SSL_ST_ACCEPT.
-             */
-            /* SSL_ST_ACCEPT */
-            s->state = SSL_ST_RENEGOTIATE;
-            s->s3->renegotiate = 0;
-            s->s3->num_renegotiations++;
-            s->s3->total_renegotiations++;
-            ret = 1;
-        }
-    }
-    return (ret);
-}
-
-/*
- * If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and
- * handshake macs if required.
- */
-long ssl_get_algorithm2(SSL *s)
-{
-    long alg2;
-    if (s->s3 == NULL || s->s3->tmp.new_cipher == NULL)
-        return -1;
-    alg2 = s->s3->tmp.new_cipher->algorithm2;
-    if (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SHA256_PRF
-        && alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF))
-        return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
-    return alg2;
-}
diff --git a/thirdparty/openssl/ssl/s3_meth.c b/thirdparty/openssl/ssl/s3_meth.c
deleted file mode 100644
index e5a52993fc..0000000000
--- a/thirdparty/openssl/ssl/s3_meth.c
+++ /dev/null
@@ -1,74 +0,0 @@
-/* ssl/s3_meth.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include "ssl_locl.h"
-
-#ifndef OPENSSL_NO_SSL3_METHOD
-static const SSL_METHOD *ssl3_get_method(int ver)
-{
-    if (ver == SSL3_VERSION)
-        return (SSLv3_method());
-    else
-        return (NULL);
-}
-
-IMPLEMENT_ssl3_meth_func(SSLv3_method,
-                         ssl3_accept, ssl3_connect, ssl3_get_method)
-#endif
diff --git a/thirdparty/openssl/ssl/s3_pkt.c b/thirdparty/openssl/ssl/s3_pkt.c
deleted file mode 100644
index 0290c991d8..0000000000
--- a/thirdparty/openssl/ssl/s3_pkt.c
+++ /dev/null
@@ -1,1767 +0,0 @@
-/* ssl/s3_pkt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <limits.h>
-#include <errno.h>
-#define USE_SOCKETS
-#include "ssl_locl.h"
-#include <openssl/evp.h>
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-
-#ifndef  EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
-# define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0
-#endif
-
-#if     defined(OPENSSL_SMALL_FOOTPRINT) || \
-        !(      defined(AES_ASM) &&     ( \
-                defined(__x86_64)       || defined(__x86_64__)  || \
-                defined(_M_AMD64)       || defined(_M_X64)      || \
-                defined(__INTEL__)      ) \
-        )
-# undef EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
-# define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0
-#endif
-
-static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
-                         unsigned int len, int create_empty_fragment);
-static int ssl3_get_record(SSL *s);
-
-/*
- * Return values are as per SSL_read()
- */
-int ssl3_read_n(SSL *s, int n, int max, int extend)
-{
-    /*
-     * If extend == 0, obtain new n-byte packet; if extend == 1, increase
-     * packet by another n bytes. The packet will be in the sub-array of
-     * s->s3->rbuf.buf specified by s->packet and s->packet_length. (If
-     * s->read_ahead is set, 'max' bytes may be stored in rbuf [plus
-     * s->packet_length bytes if extend == 1].)
-     */
-    int i, len, left;
-    long align = 0;
-    unsigned char *pkt;
-    SSL3_BUFFER *rb;
-
-    if (n <= 0)
-        return n;
-
-    rb = &(s->s3->rbuf);
-    if (rb->buf == NULL)
-        if (!ssl3_setup_read_buffer(s))
-            return -1;
-
-    left = rb->left;
-#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
-    align = (long)rb->buf + SSL3_RT_HEADER_LENGTH;
-    align = (-align) & (SSL3_ALIGN_PAYLOAD - 1);
-#endif
-
-    if (!extend) {
-        /* start with empty packet ... */
-        if (left == 0)
-            rb->offset = align;
-        else if (align != 0 && left >= SSL3_RT_HEADER_LENGTH) {
-            /*
-             * check if next packet length is large enough to justify payload
-             * alignment...
-             */
-            pkt = rb->buf + rb->offset;
-            if (pkt[0] == SSL3_RT_APPLICATION_DATA
-                && (pkt[3] << 8 | pkt[4]) >= 128) {
-                /*
-                 * Note that even if packet is corrupted and its length field
-                 * is insane, we can only be led to wrong decision about
-                 * whether memmove will occur or not. Header values has no
-                 * effect on memmove arguments and therefore no buffer
-                 * overrun can be triggered.
-                 */
-                memmove(rb->buf + align, pkt, left);
-                rb->offset = align;
-            }
-        }
-        s->packet = rb->buf + rb->offset;
-        s->packet_length = 0;
-        /* ... now we can act as if 'extend' was set */
-    }
-
-    /*
-     * For DTLS/UDP reads should not span multiple packets because the read
-     * operation returns the whole packet at once (as long as it fits into
-     * the buffer).
-     */
-    if (SSL_IS_DTLS(s)) {
-        if (left == 0 && extend)
-            return 0;
-        if (left > 0 && n > left)
-            n = left;
-    }
-
-    /* if there is enough in the buffer from a previous read, take some */
-    if (left >= n) {
-        s->packet_length += n;
-        rb->left = left - n;
-        rb->offset += n;
-        return (n);
-    }
-
-    /* else we need to read more data */
-
-    len = s->packet_length;
-    pkt = rb->buf + align;
-    /*
-     * Move any available bytes to front of buffer: 'len' bytes already
-     * pointed to by 'packet', 'left' extra ones at the end
-     */
-    if (s->packet != pkt) {     /* len > 0 */
-        memmove(pkt, s->packet, len + left);
-        s->packet = pkt;
-        rb->offset = len + align;
-    }
-
-    if (n > (int)(rb->len - rb->offset)) { /* does not happen */
-        SSLerr(SSL_F_SSL3_READ_N, ERR_R_INTERNAL_ERROR);
-        return -1;
-    }
-
-    /* We always act like read_ahead is set for DTLS */
-    if (!s->read_ahead && !SSL_IS_DTLS(s))
-        /* ignore max parameter */
-        max = n;
-    else {
-        if (max < n)
-            max = n;
-        if (max > (int)(rb->len - rb->offset))
-            max = rb->len - rb->offset;
-    }
-
-    while (left < n) {
-        /*
-         * Now we have len+left bytes at the front of s->s3->rbuf.buf and
-         * need to read in more until we have len+n (up to len+max if
-         * possible)
-         */
-
-        clear_sys_error();
-        if (s->rbio != NULL) {
-            s->rwstate = SSL_READING;
-            i = BIO_read(s->rbio, pkt + len + left, max - left);
-        } else {
-            SSLerr(SSL_F_SSL3_READ_N, SSL_R_READ_BIO_NOT_SET);
-            i = -1;
-        }
-
-        if (i <= 0) {
-            rb->left = left;
-            if (s->mode & SSL_MODE_RELEASE_BUFFERS && !SSL_IS_DTLS(s))
-                if (len + left == 0)
-                    ssl3_release_read_buffer(s);
-            return (i);
-        }
-        left += i;
-        /*
-         * reads should *never* span multiple packets for DTLS because the
-         * underlying transport protocol is message oriented as opposed to
-         * byte oriented as in the TLS case.
-         */
-        if (SSL_IS_DTLS(s)) {
-            if (n > left)
-                n = left;       /* makes the while condition false */
-        }
-    }
-
-    /* done reading, now the book-keeping */
-    rb->offset += n;
-    rb->left = left - n;
-    s->packet_length += n;
-    s->rwstate = SSL_NOTHING;
-    return (n);
-}
-
-/*
- * MAX_EMPTY_RECORDS defines the number of consecutive, empty records that
- * will be processed per call to ssl3_get_record. Without this limit an
- * attacker could send empty records at a faster rate than we can process and
- * cause ssl3_get_record to loop forever.
- */
-#define MAX_EMPTY_RECORDS 32
-
-/*-
- * Call this to get a new input record.
- * It will return <= 0 if more data is needed, normally due to an error
- * or non-blocking IO.
- * When it finishes, one packet has been decoded and can be found in
- * ssl->s3->rrec.type    - is the type of record
- * ssl->s3->rrec.data,   - data
- * ssl->s3->rrec.length, - number of bytes
- */
-/* used only by ssl3_read_bytes */
-static int ssl3_get_record(SSL *s)
-{
-    int ssl_major, ssl_minor, al;
-    int enc_err, n, i, ret = -1;
-    SSL3_RECORD *rr;
-    SSL_SESSION *sess;
-    unsigned char *p;
-    unsigned char md[EVP_MAX_MD_SIZE];
-    short version;
-    unsigned mac_size, orig_len;
-    size_t extra;
-    unsigned empty_record_count = 0;
-
-    rr = &(s->s3->rrec);
-    sess = s->session;
-
-    if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
-        extra = SSL3_RT_MAX_EXTRA;
-    else
-        extra = 0;
-    if (extra && !s->s3->init_extra) {
-        /*
-         * An application error: SLS_OP_MICROSOFT_BIG_SSLV3_BUFFER set after
-         * ssl3_setup_buffers() was done
-         */
-        SSLerr(SSL_F_SSL3_GET_RECORD, ERR_R_INTERNAL_ERROR);
-        return -1;
-    }
-
- again:
-    /* check if we have the header */
-    if ((s->rstate != SSL_ST_READ_BODY) ||
-        (s->packet_length < SSL3_RT_HEADER_LENGTH)) {
-        n = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);
-        if (n <= 0)
-            return (n);         /* error or non-blocking */
-        s->rstate = SSL_ST_READ_BODY;
-
-        p = s->packet;
-        if (s->msg_callback)
-            s->msg_callback(0, 0, SSL3_RT_HEADER, p, 5, s,
-                            s->msg_callback_arg);
-
-        /* Pull apart the header into the SSL3_RECORD */
-        rr->type = *(p++);
-        ssl_major = *(p++);
-        ssl_minor = *(p++);
-        version = (ssl_major << 8) | ssl_minor;
-        n2s(p, rr->length);
-#if 0
-        fprintf(stderr, "Record type=%d, Length=%d\n", rr->type, rr->length);
-#endif
-
-        /* Lets check version */
-        if (!s->first_packet) {
-            if (version != s->version) {
-                SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_WRONG_VERSION_NUMBER);
-                if ((s->version & 0xFF00) == (version & 0xFF00)
-                    && !s->enc_write_ctx && !s->write_hash) {
-                    if (rr->type == SSL3_RT_ALERT) {
-                        /*
-                         * The record is using an incorrect version number, but
-                         * what we've got appears to be an alert. We haven't
-                         * read the body yet to check whether its a fatal or
-                         * not - but chances are it is. We probably shouldn't
-                         * send a fatal alert back. We'll just end.
-                         */
-                         goto err;
-                    }
-                    /*
-                     * Send back error using their minor version number :-)
-                     */
-                    s->version = (unsigned short)version;
-                }
-                al = SSL_AD_PROTOCOL_VERSION;
-                goto f_err;
-            }
-        }
-
-        if ((version >> 8) != SSL3_VERSION_MAJOR) {
-            SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_WRONG_VERSION_NUMBER);
-            goto err;
-        }
-
-        if (rr->length > s->s3->rbuf.len - SSL3_RT_HEADER_LENGTH) {
-            al = SSL_AD_RECORD_OVERFLOW;
-            SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_PACKET_LENGTH_TOO_LONG);
-            goto f_err;
-        }
-
-        /* now s->rstate == SSL_ST_READ_BODY */
-    }
-
-    /* s->rstate == SSL_ST_READ_BODY, get and decode the data */
-
-    if (rr->length > s->packet_length - SSL3_RT_HEADER_LENGTH) {
-        /* now s->packet_length == SSL3_RT_HEADER_LENGTH */
-        i = rr->length;
-        n = ssl3_read_n(s, i, i, 1);
-        if (n <= 0)
-            return (n);         /* error or non-blocking io */
-        /*
-         * now n == rr->length, and s->packet_length == SSL3_RT_HEADER_LENGTH
-         * + rr->length
-         */
-    }
-
-    s->rstate = SSL_ST_READ_HEADER; /* set state for later operations */
-
-    /*
-     * At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
-     * and we have that many bytes in s->packet
-     */
-    rr->input = &(s->packet[SSL3_RT_HEADER_LENGTH]);
-
-    /*
-     * ok, we can now read from 's->packet' data into 'rr' rr->input points
-     * at rr->length bytes, which need to be copied into rr->data by either
-     * the decryption or by the decompression When the data is 'copied' into
-     * the rr->data buffer, rr->input will be pointed at the new buffer
-     */
-
-    /*
-     * We now have - encrypted [ MAC [ compressed [ plain ] ] ] rr->length
-     * bytes of encrypted compressed stuff.
-     */
-
-    /* check is not needed I believe */
-    if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH + extra) {
-        al = SSL_AD_RECORD_OVERFLOW;
-        SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
-        goto f_err;
-    }
-
-    /* decrypt in place in 'rr->input' */
-    rr->data = rr->input;
-
-    enc_err = s->method->ssl3_enc->enc(s, 0);
-    /*-
-     * enc_err is:
-     *    0: (in non-constant time) if the record is publically invalid.
-     *    1: if the padding is valid
-     *    -1: if the padding is invalid
-     */
-    if (enc_err == 0) {
-        al = SSL_AD_DECRYPTION_FAILED;
-        SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
-        goto f_err;
-    }
-#ifdef TLS_DEBUG
-    printf("dec %d\n", rr->length);
-    {
-        unsigned int z;
-        for (z = 0; z < rr->length; z++)
-            printf("%02X%c", rr->data[z], ((z + 1) % 16) ? ' ' : '\n');
-    }
-    printf("\n");
-#endif
-
-    /* r->length is now the compressed data plus mac */
-    if ((sess != NULL) &&
-        (s->enc_read_ctx != NULL) && (EVP_MD_CTX_md(s->read_hash) != NULL)) {
-        /* s->read_hash != NULL => mac_size != -1 */
-        unsigned char *mac = NULL;
-        unsigned char mac_tmp[EVP_MAX_MD_SIZE];
-        mac_size = EVP_MD_CTX_size(s->read_hash);
-        OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);
-
-        /*
-         * kludge: *_cbc_remove_padding passes padding length in rr->type
-         */
-        orig_len = rr->length + ((unsigned int)rr->type >> 8);
-
-        /*
-         * orig_len is the length of the record before any padding was
-         * removed. This is public information, as is the MAC in use,
-         * therefore we can safely process the record in a different amount
-         * of time if it's too short to possibly contain a MAC.
-         */
-        if (orig_len < mac_size ||
-            /* CBC records must have a padding length byte too. */
-            (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
-             orig_len < mac_size + 1)) {
-            al = SSL_AD_DECODE_ERROR;
-            SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_LENGTH_TOO_SHORT);
-            goto f_err;
-        }
-
-        if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE) {
-            /*
-             * We update the length so that the TLS header bytes can be
-             * constructed correctly but we need to extract the MAC in
-             * constant time from within the record, without leaking the
-             * contents of the padding bytes.
-             */
-            mac = mac_tmp;
-            ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);
-            rr->length -= mac_size;
-        } else {
-            /*
-             * In this case there's no padding, so |orig_len| equals
-             * |rec->length| and we checked that there's enough bytes for
-             * |mac_size| above.
-             */
-            rr->length -= mac_size;
-            mac = &rr->data[rr->length];
-        }
-
-        i = s->method->ssl3_enc->mac(s, md, 0 /* not send */ );
-        if (i < 0 || mac == NULL
-            || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0)
-            enc_err = -1;
-        if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + extra + mac_size)
-            enc_err = -1;
-    }
-
-    if (enc_err < 0) {
-        /*
-         * A separate 'decryption_failed' alert was introduced with TLS 1.0,
-         * SSL 3.0 only has 'bad_record_mac'.  But unless a decryption
-         * failure is directly visible from the ciphertext anyway, we should
-         * not reveal which kind of error occured -- this might become
-         * visible to an attacker (e.g. via a logfile)
-         */
-        al = SSL_AD_BAD_RECORD_MAC;
-        SSLerr(SSL_F_SSL3_GET_RECORD,
-               SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);
-        goto f_err;
-    }
-
-    /* r->length is now just compressed */
-    if (s->expand != NULL) {
-        if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + extra) {
-            al = SSL_AD_RECORD_OVERFLOW;
-            SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_COMPRESSED_LENGTH_TOO_LONG);
-            goto f_err;
-        }
-        if (!ssl3_do_uncompress(s)) {
-            al = SSL_AD_DECOMPRESSION_FAILURE;
-            SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_BAD_DECOMPRESSION);
-            goto f_err;
-        }
-    }
-
-    if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH + extra) {
-        al = SSL_AD_RECORD_OVERFLOW;
-        SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_DATA_LENGTH_TOO_LONG);
-        goto f_err;
-    }
-
-    rr->off = 0;
-    /*-
-     * So at this point the following is true
-     * ssl->s3->rrec.type   is the type of record
-     * ssl->s3->rrec.length == number of bytes in record
-     * ssl->s3->rrec.off    == offset to first valid byte
-     * ssl->s3->rrec.data   == where to take bytes from, increment
-     *                         after use :-).
-     */
-
-    /* we have pulled in a full packet so zero things */
-    s->packet_length = 0;
-
-    /* just read a 0 length packet */
-    if (rr->length == 0) {
-        empty_record_count++;
-        if (empty_record_count > MAX_EMPTY_RECORDS) {
-            al = SSL_AD_UNEXPECTED_MESSAGE;
-            SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_RECORD_TOO_SMALL);
-            goto f_err;
-        }
-        goto again;
-    }
-#if 0
-    fprintf(stderr, "Ultimate Record type=%d, Length=%d\n", rr->type,
-            rr->length);
-#endif
-
-    return (1);
-
- f_err:
-    ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
-    return (ret);
-}
-
-int ssl3_do_uncompress(SSL *ssl)
-{
-#ifndef OPENSSL_NO_COMP
-    int i;
-    SSL3_RECORD *rr;
-
-    rr = &(ssl->s3->rrec);
-    i = COMP_expand_block(ssl->expand, rr->comp,
-                          SSL3_RT_MAX_PLAIN_LENGTH, rr->data,
-                          (int)rr->length);
-    if (i < 0)
-        return (0);
-    else
-        rr->length = i;
-    rr->data = rr->comp;
-#endif
-    return (1);
-}
-
-int ssl3_do_compress(SSL *ssl)
-{
-#ifndef OPENSSL_NO_COMP
-    int i;
-    SSL3_RECORD *wr;
-
-    wr = &(ssl->s3->wrec);
-    i = COMP_compress_block(ssl->compress, wr->data,
-                            SSL3_RT_MAX_COMPRESSED_LENGTH,
-                            wr->input, (int)wr->length);
-    if (i < 0)
-        return (0);
-    else
-        wr->length = i;
-
-    wr->input = wr->data;
-#endif
-    return (1);
-}
-
-/*
- * Call this to write data in records of type 'type' It will return <= 0 if
- * not all data has been sent or non-blocking IO.
- */
-int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
-{
-    const unsigned char *buf = buf_;
-    int tot;
-    unsigned int n, nw;
-#if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
-    unsigned int max_send_fragment;
-#endif
-    SSL3_BUFFER *wb = &(s->s3->wbuf);
-    int i;
-
-    s->rwstate = SSL_NOTHING;
-    OPENSSL_assert(s->s3->wnum <= INT_MAX);
-    tot = s->s3->wnum;
-    s->s3->wnum = 0;
-
-    if (SSL_in_init(s) && !s->in_handshake) {
-        i = s->handshake_func(s);
-        if (i < 0)
-            return (i);
-        if (i == 0) {
-            SSLerr(SSL_F_SSL3_WRITE_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);
-            return -1;
-        }
-    }
-
-    /*
-     * ensure that if we end up with a smaller value of data to write out
-     * than the the original len from a write which didn't complete for
-     * non-blocking I/O and also somehow ended up avoiding the check for
-     * this in ssl3_write_pending/SSL_R_BAD_WRITE_RETRY as it must never be
-     * possible to end up with (len-tot) as a large number that will then
-     * promptly send beyond the end of the users buffer ... so we trap and
-     * report the error in a way the user will notice
-     */
-    if ((len < tot) || ((wb->left != 0) && (len < (tot + s->s3->wpend_tot)))) {
-        SSLerr(SSL_F_SSL3_WRITE_BYTES, SSL_R_BAD_LENGTH);
-        return (-1);
-    }
-
-    /*
-     * first check if there is a SSL3_BUFFER still being written out.  This
-     * will happen with non blocking IO
-     */
-    if (wb->left != 0) {
-        i = ssl3_write_pending(s, type, &buf[tot], s->s3->wpend_tot);
-        if (i <= 0) {
-            /* XXX should we ssl3_release_write_buffer if i<0? */
-            s->s3->wnum = tot;
-            return i;
-        }
-        tot += i;               /* this might be last fragment */
-    }
-#if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
-    /*
-     * Depending on platform multi-block can deliver several *times*
-     * better performance. Downside is that it has to allocate
-     * jumbo buffer to accomodate up to 8 records, but the
-     * compromise is considered worthy.
-     */
-    if (type == SSL3_RT_APPLICATION_DATA &&
-        len >= 4 * (int)(max_send_fragment = s->max_send_fragment) &&
-        s->compress == NULL && s->msg_callback == NULL &&
-        SSL_USE_EXPLICIT_IV(s) &&
-        s->enc_write_ctx != NULL &&
-        EVP_CIPHER_flags(s->enc_write_ctx->cipher) &
-        EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK) {
-        unsigned char aad[13];
-        EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
-        int packlen;
-
-        /* minimize address aliasing conflicts */
-        if ((max_send_fragment & 0xfff) == 0)
-            max_send_fragment -= 512;
-
-        if (tot == 0 || wb->buf == NULL) { /* allocate jumbo buffer */
-            ssl3_release_write_buffer(s);
-
-            packlen = EVP_CIPHER_CTX_ctrl(s->enc_write_ctx,
-                                          EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE,
-                                          max_send_fragment, NULL);
-
-            if (len >= 8 * (int)max_send_fragment)
-                packlen *= 8;
-            else
-                packlen *= 4;
-
-            wb->buf = OPENSSL_malloc(packlen);
-            if (!wb->buf) {
-                SSLerr(SSL_F_SSL3_WRITE_BYTES, ERR_R_MALLOC_FAILURE);
-                return -1;
-            }
-            wb->len = packlen;
-        } else if (tot == len) { /* done? */
-            OPENSSL_free(wb->buf); /* free jumbo buffer */
-            wb->buf = NULL;
-            return tot;
-        }
-
-        n = (len - tot);
-        for (;;) {
-            if (n < 4 * max_send_fragment) {
-                OPENSSL_free(wb->buf); /* free jumbo buffer */
-                wb->buf = NULL;
-                break;
-            }
-
-            if (s->s3->alert_dispatch) {
-                i = s->method->ssl_dispatch_alert(s);
-                if (i <= 0) {
-                    s->s3->wnum = tot;
-                    return i;
-                }
-            }
-
-            if (n >= 8 * max_send_fragment)
-                nw = max_send_fragment * (mb_param.interleave = 8);
-            else
-                nw = max_send_fragment * (mb_param.interleave = 4);
-
-            memcpy(aad, s->s3->write_sequence, 8);
-            aad[8] = type;
-            aad[9] = (unsigned char)(s->version >> 8);
-            aad[10] = (unsigned char)(s->version);
-            aad[11] = 0;
-            aad[12] = 0;
-            mb_param.out = NULL;
-            mb_param.inp = aad;
-            mb_param.len = nw;
-
-            packlen = EVP_CIPHER_CTX_ctrl(s->enc_write_ctx,
-                                          EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
-                                          sizeof(mb_param), &mb_param);
-
-            if (packlen <= 0 || packlen > (int)wb->len) { /* never happens */
-                OPENSSL_free(wb->buf); /* free jumbo buffer */
-                wb->buf = NULL;
-                break;
-            }
-
-            mb_param.out = wb->buf;
-            mb_param.inp = &buf[tot];
-            mb_param.len = nw;
-
-            if (EVP_CIPHER_CTX_ctrl(s->enc_write_ctx,
-                                    EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
-                                    sizeof(mb_param), &mb_param) <= 0)
-                return -1;
-
-            s->s3->write_sequence[7] += mb_param.interleave;
-            if (s->s3->write_sequence[7] < mb_param.interleave) {
-                int j = 6;
-                while (j >= 0 && (++s->s3->write_sequence[j--]) == 0) ;
-            }
-
-            wb->offset = 0;
-            wb->left = packlen;
-
-            s->s3->wpend_tot = nw;
-            s->s3->wpend_buf = &buf[tot];
-            s->s3->wpend_type = type;
-            s->s3->wpend_ret = nw;
-
-            i = ssl3_write_pending(s, type, &buf[tot], nw);
-            if (i <= 0) {
-                if (i < 0 && (!s->wbio || !BIO_should_retry(s->wbio))) {
-                    OPENSSL_free(wb->buf);
-                    wb->buf = NULL;
-                }
-                s->s3->wnum = tot;
-                return i;
-            }
-            if (i == (int)n) {
-                OPENSSL_free(wb->buf); /* free jumbo buffer */
-                wb->buf = NULL;
-                return tot + i;
-            }
-            n -= i;
-            tot += i;
-        }
-    } else
-#endif
-    if (tot == len) {           /* done? */
-        if (s->mode & SSL_MODE_RELEASE_BUFFERS && !SSL_IS_DTLS(s))
-            ssl3_release_write_buffer(s);
-
-        return tot;
-    }
-
-    n = (len - tot);
-    for (;;) {
-        if (n > s->max_send_fragment)
-            nw = s->max_send_fragment;
-        else
-            nw = n;
-
-        i = do_ssl3_write(s, type, &(buf[tot]), nw, 0);
-        if (i <= 0) {
-            /* XXX should we ssl3_release_write_buffer if i<0? */
-            s->s3->wnum = tot;
-            return i;
-        }
-
-        if ((i == (int)n) ||
-            (type == SSL3_RT_APPLICATION_DATA &&
-             (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE))) {
-            /*
-             * next chunk of data should get another prepended empty fragment
-             * in ciphersuites with known-IV weakness:
-             */
-            s->s3->empty_fragment_done = 0;
-
-            if ((i == (int)n) && s->mode & SSL_MODE_RELEASE_BUFFERS &&
-                !SSL_IS_DTLS(s))
-                ssl3_release_write_buffer(s);
-
-            return tot + i;
-        }
-
-        n -= i;
-        tot += i;
-    }
-}
-
-static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
-                         unsigned int len, int create_empty_fragment)
-{
-    unsigned char *p, *plen;
-    int i, mac_size, clear = 0;
-    int prefix_len = 0;
-    int eivlen;
-    long align = 0;
-    SSL3_RECORD *wr;
-    SSL3_BUFFER *wb = &(s->s3->wbuf);
-    SSL_SESSION *sess;
-
-    /*
-     * first check if there is a SSL3_BUFFER still being written out.  This
-     * will happen with non blocking IO
-     */
-    if (wb->left != 0)
-        return (ssl3_write_pending(s, type, buf, len));
-
-    /* If we have an alert to send, lets send it */
-    if (s->s3->alert_dispatch) {
-        i = s->method->ssl_dispatch_alert(s);
-        if (i <= 0)
-            return (i);
-        /* if it went, fall through and send more stuff */
-    }
-
-    if (wb->buf == NULL)
-        if (!ssl3_setup_write_buffer(s))
-            return -1;
-
-    if (len == 0 && !create_empty_fragment)
-        return 0;
-
-    wr = &(s->s3->wrec);
-    sess = s->session;
-
-    if ((sess == NULL) ||
-        (s->enc_write_ctx == NULL) ||
-        (EVP_MD_CTX_md(s->write_hash) == NULL)) {
-#if 1
-        clear = s->enc_write_ctx ? 0 : 1; /* must be AEAD cipher */
-#else
-        clear = 1;
-#endif
-        mac_size = 0;
-    } else {
-        mac_size = EVP_MD_CTX_size(s->write_hash);
-        if (mac_size < 0)
-            goto err;
-    }
-
-    /*
-     * 'create_empty_fragment' is true only when this function calls itself
-     */
-    if (!clear && !create_empty_fragment && !s->s3->empty_fragment_done) {
-        /*
-         * countermeasure against known-IV weakness in CBC ciphersuites (see
-         * http://www.openssl.org/~bodo/tls-cbc.txt)
-         */
-
-        if (s->s3->need_empty_fragments && type == SSL3_RT_APPLICATION_DATA) {
-            /*
-             * recursive function call with 'create_empty_fragment' set; this
-             * prepares and buffers the data for an empty fragment (these
-             * 'prefix_len' bytes are sent out later together with the actual
-             * payload)
-             */
-            prefix_len = do_ssl3_write(s, type, buf, 0, 1);
-            if (prefix_len <= 0)
-                goto err;
-
-            if (prefix_len >
-                (SSL3_RT_HEADER_LENGTH + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD))
-            {
-                /* insufficient space */
-                SSLerr(SSL_F_DO_SSL3_WRITE, ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-        }
-
-        s->s3->empty_fragment_done = 1;
-    }
-
-    if (create_empty_fragment) {
-#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
-        /*
-         * extra fragment would be couple of cipher blocks, which would be
-         * multiple of SSL3_ALIGN_PAYLOAD, so if we want to align the real
-         * payload, then we can just pretent we simply have two headers.
-         */
-        align = (long)wb->buf + 2 * SSL3_RT_HEADER_LENGTH;
-        align = (-align) & (SSL3_ALIGN_PAYLOAD - 1);
-#endif
-        p = wb->buf + align;
-        wb->offset = align;
-    } else if (prefix_len) {
-        p = wb->buf + wb->offset + prefix_len;
-    } else {
-#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
-        align = (long)wb->buf + SSL3_RT_HEADER_LENGTH;
-        align = (-align) & (SSL3_ALIGN_PAYLOAD - 1);
-#endif
-        p = wb->buf + align;
-        wb->offset = align;
-    }
-
-    /* write the header */
-
-    *(p++) = type & 0xff;
-    wr->type = type;
-
-    *(p++) = (s->version >> 8);
-    /*
-     * Some servers hang if iniatial client hello is larger than 256 bytes
-     * and record version number > TLS 1.0
-     */
-    if (s->state == SSL3_ST_CW_CLNT_HELLO_B
-        && !s->renegotiate && TLS1_get_version(s) > TLS1_VERSION)
-        *(p++) = 0x1;
-    else
-        *(p++) = s->version & 0xff;
-
-    /* field where we are to write out packet length */
-    plen = p;
-    p += 2;
-    /* Explicit IV length, block ciphers appropriate version flag */
-    if (s->enc_write_ctx && SSL_USE_EXPLICIT_IV(s)) {
-        int mode = EVP_CIPHER_CTX_mode(s->enc_write_ctx);
-        if (mode == EVP_CIPH_CBC_MODE) {
-            eivlen = EVP_CIPHER_CTX_iv_length(s->enc_write_ctx);
-            if (eivlen <= 1)
-                eivlen = 0;
-        }
-        /* Need explicit part of IV for GCM mode */
-        else if (mode == EVP_CIPH_GCM_MODE)
-            eivlen = EVP_GCM_TLS_EXPLICIT_IV_LEN;
-        else
-            eivlen = 0;
-    } else
-        eivlen = 0;
-
-    /* lets setup the record stuff. */
-    wr->data = p + eivlen;
-    wr->length = (int)len;
-    wr->input = (unsigned char *)buf;
-
-    /*
-     * we now 'read' from wr->input, wr->length bytes into wr->data
-     */
-
-    /* first we compress */
-    if (s->compress != NULL) {
-        if (!ssl3_do_compress(s)) {
-            SSLerr(SSL_F_DO_SSL3_WRITE, SSL_R_COMPRESSION_FAILURE);
-            goto err;
-        }
-    } else {
-        memcpy(wr->data, wr->input, wr->length);
-        wr->input = wr->data;
-    }
-
-    /*
-     * we should still have the output to wr->data and the input from
-     * wr->input.  Length should be wr->length. wr->data still points in the
-     * wb->buf
-     */
-
-    if (mac_size != 0) {
-        if (s->method->ssl3_enc->mac(s, &(p[wr->length + eivlen]), 1) < 0)
-            goto err;
-        wr->length += mac_size;
-    }
-
-    wr->input = p;
-    wr->data = p;
-
-    if (eivlen) {
-        /*
-         * if (RAND_pseudo_bytes(p, eivlen) <= 0) goto err;
-         */
-        wr->length += eivlen;
-    }
-
-    if (s->method->ssl3_enc->enc(s, 1) < 1)
-        goto err;
-
-    /* record length after mac and block padding */
-    s2n(wr->length, plen);
-
-    if (s->msg_callback)
-        s->msg_callback(1, 0, SSL3_RT_HEADER, plen - 5, 5, s,
-                        s->msg_callback_arg);
-
-    /*
-     * we should now have wr->data pointing to the encrypted data, which is
-     * wr->length long
-     */
-    wr->type = type;            /* not needed but helps for debugging */
-    wr->length += SSL3_RT_HEADER_LENGTH;
-
-    if (create_empty_fragment) {
-        /*
-         * we are in a recursive call; just return the length, don't write
-         * out anything here
-         */
-        return wr->length;
-    }
-
-    /* now let's set up wb */
-    wb->left = prefix_len + wr->length;
-
-    /*
-     * memorize arguments so that ssl3_write_pending can detect bad write
-     * retries later
-     */
-    s->s3->wpend_tot = len;
-    s->s3->wpend_buf = buf;
-    s->s3->wpend_type = type;
-    s->s3->wpend_ret = len;
-
-    /* we now just need to write the buffer */
-    return ssl3_write_pending(s, type, buf, len);
- err:
-    return -1;
-}
-
-/* if s->s3->wbuf.left != 0, we need to call this
- *
- * Return values are as per SSL_write(), i.e.
- */
-int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
-                       unsigned int len)
-{
-    int i;
-    SSL3_BUFFER *wb = &(s->s3->wbuf);
-
-/* XXXX */
-    if ((s->s3->wpend_tot > (int)len)
-        || ((s->s3->wpend_buf != buf) &&
-            !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER))
-        || (s->s3->wpend_type != type)) {
-        SSLerr(SSL_F_SSL3_WRITE_PENDING, SSL_R_BAD_WRITE_RETRY);
-        return (-1);
-    }
-
-    for (;;) {
-        clear_sys_error();
-        if (s->wbio != NULL) {
-            s->rwstate = SSL_WRITING;
-            i = BIO_write(s->wbio,
-                          (char *)&(wb->buf[wb->offset]),
-                          (unsigned int)wb->left);
-        } else {
-            SSLerr(SSL_F_SSL3_WRITE_PENDING, SSL_R_BIO_NOT_SET);
-            i = -1;
-        }
-        if (i == wb->left) {
-            wb->left = 0;
-            wb->offset += i;
-            s->rwstate = SSL_NOTHING;
-            return (s->s3->wpend_ret);
-        } else if (i <= 0) {
-            if (SSL_IS_DTLS(s)) {
-                /*
-                 * For DTLS, just drop it. That's kind of the whole point in
-                 * using a datagram service
-                 */
-                wb->left = 0;
-            }
-            return i;
-        }
-        wb->offset += i;
-        wb->left -= i;
-    }
-}
-
-/*-
- * Return up to 'len' payload bytes received in 'type' records.
- * 'type' is one of the following:
- *
- *   -  SSL3_RT_HANDSHAKE (when ssl3_get_message calls us)
- *   -  SSL3_RT_APPLICATION_DATA (when ssl3_read calls us)
- *   -  0 (during a shutdown, no data has to be returned)
- *
- * If we don't have stored data to work from, read a SSL/TLS record first
- * (possibly multiple records if we still don't have anything to return).
- *
- * This function must handle any surprises the peer may have for us, such as
- * Alert records (e.g. close_notify), ChangeCipherSpec records (not really
- * a surprise, but handled as if it were), or renegotiation requests.
- * Also if record payloads contain fragments too small to process, we store
- * them until there is enough for the respective protocol (the record protocol
- * may use arbitrary fragmentation and even interleaving):
- *     Change cipher spec protocol
- *             just 1 byte needed, no need for keeping anything stored
- *     Alert protocol
- *             2 bytes needed (AlertLevel, AlertDescription)
- *     Handshake protocol
- *             4 bytes needed (HandshakeType, uint24 length) -- we just have
- *             to detect unexpected Client Hello and Hello Request messages
- *             here, anything else is handled by higher layers
- *     Application data protocol
- *             none of our business
- */
-int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
-{
-    int al, i, j, ret;
-    unsigned int n;
-    SSL3_RECORD *rr;
-    void (*cb) (const SSL *ssl, int type2, int val) = NULL;
-
-    if (s->s3->rbuf.buf == NULL) /* Not initialized yet */
-        if (!ssl3_setup_read_buffer(s))
-            return (-1);
-
-    if ((type && (type != SSL3_RT_APPLICATION_DATA)
-         && (type != SSL3_RT_HANDSHAKE)) || (peek
-                                             && (type !=
-                                                 SSL3_RT_APPLICATION_DATA))) {
-        SSLerr(SSL_F_SSL3_READ_BYTES, ERR_R_INTERNAL_ERROR);
-        return -1;
-    }
-
-    if ((type == SSL3_RT_HANDSHAKE) && (s->s3->handshake_fragment_len > 0))
-        /* (partially) satisfy request from storage */
-    {
-        unsigned char *src = s->s3->handshake_fragment;
-        unsigned char *dst = buf;
-        unsigned int k;
-
-        /* peek == 0 */
-        n = 0;
-        while ((len > 0) && (s->s3->handshake_fragment_len > 0)) {
-            *dst++ = *src++;
-            len--;
-            s->s3->handshake_fragment_len--;
-            n++;
-        }
-        /* move any remaining fragment bytes: */
-        for (k = 0; k < s->s3->handshake_fragment_len; k++)
-            s->s3->handshake_fragment[k] = *src++;
-        return n;
-    }
-
-    /*
-     * Now s->s3->handshake_fragment_len == 0 if type == SSL3_RT_HANDSHAKE.
-     */
-
-    if (!s->in_handshake && SSL_in_init(s)) {
-        /* type == SSL3_RT_APPLICATION_DATA */
-        i = s->handshake_func(s);
-        if (i < 0)
-            return (i);
-        if (i == 0) {
-            SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);
-            return (-1);
-        }
-    }
- start:
-    s->rwstate = SSL_NOTHING;
-
-    /*-
-     * s->s3->rrec.type         - is the type of record
-     * s->s3->rrec.data,    - data
-     * s->s3->rrec.off,     - offset into 'data' for next read
-     * s->s3->rrec.length,  - number of bytes.
-     */
-    rr = &(s->s3->rrec);
-
-    /* get new packet if necessary */
-    if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY)) {
-        ret = ssl3_get_record(s);
-        if (ret <= 0)
-            return (ret);
-    }
-
-    /*
-     * Reset the count of consecutive warning alerts if we've got a non-empty
-     * record that isn't an alert.
-     */
-    if (rr->type != SSL3_RT_ALERT && rr->length != 0)
-        s->cert->alert_count = 0;
-
-    /* we now have a packet which can be read and processed */
-
-    if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
-                                   * reset by ssl3_get_finished */
-        && (rr->type != SSL3_RT_HANDSHAKE)) {
-        al = SSL_AD_UNEXPECTED_MESSAGE;
-        SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_DATA_BETWEEN_CCS_AND_FINISHED);
-        goto f_err;
-    }
-
-    /*
-     * If the other end has shut down, throw anything we read away (even in
-     * 'peek' mode)
-     */
-    if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
-        rr->length = 0;
-        s->rwstate = SSL_NOTHING;
-        return (0);
-    }
-
-    if (type == rr->type) {     /* SSL3_RT_APPLICATION_DATA or
-                                 * SSL3_RT_HANDSHAKE */
-        /*
-         * make sure that we are not getting application data when we are
-         * doing a handshake for the first time
-         */
-        if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&
-            (s->enc_read_ctx == NULL)) {
-            al = SSL_AD_UNEXPECTED_MESSAGE;
-            SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_APP_DATA_IN_HANDSHAKE);
-            goto f_err;
-        }
-
-        if (len <= 0)
-            return (len);
-
-        if ((unsigned int)len > rr->length)
-            n = rr->length;
-        else
-            n = (unsigned int)len;
-
-        memcpy(buf, &(rr->data[rr->off]), n);
-        if (!peek) {
-            rr->length -= n;
-            rr->off += n;
-            if (rr->length == 0) {
-                s->rstate = SSL_ST_READ_HEADER;
-                rr->off = 0;
-                if (s->mode & SSL_MODE_RELEASE_BUFFERS
-                    && s->s3->rbuf.left == 0)
-                    ssl3_release_read_buffer(s);
-            }
-        }
-        return (n);
-    }
-
-    /*
-     * If we get here, then type != rr->type; if we have a handshake message,
-     * then it was unexpected (Hello Request or Client Hello).
-     */
-
-    /*
-     * In case of record types for which we have 'fragment' storage, fill
-     * that so that we can process the data at a fixed place.
-     */
-    {
-        unsigned int dest_maxlen = 0;
-        unsigned char *dest = NULL;
-        unsigned int *dest_len = NULL;
-
-        if (rr->type == SSL3_RT_HANDSHAKE) {
-            dest_maxlen = sizeof s->s3->handshake_fragment;
-            dest = s->s3->handshake_fragment;
-            dest_len = &s->s3->handshake_fragment_len;
-        } else if (rr->type == SSL3_RT_ALERT) {
-            dest_maxlen = sizeof s->s3->alert_fragment;
-            dest = s->s3->alert_fragment;
-            dest_len = &s->s3->alert_fragment_len;
-        }
-#ifndef OPENSSL_NO_HEARTBEATS
-        else if (rr->type == TLS1_RT_HEARTBEAT) {
-            tls1_process_heartbeat(s);
-
-            /* Exit and notify application to read again */
-            rr->length = 0;
-            s->rwstate = SSL_READING;
-            BIO_clear_retry_flags(SSL_get_rbio(s));
-            BIO_set_retry_read(SSL_get_rbio(s));
-            return (-1);
-        }
-#endif
-
-        if (dest_maxlen > 0) {
-            n = dest_maxlen - *dest_len; /* available space in 'dest' */
-            if (rr->length < n)
-                n = rr->length; /* available bytes */
-
-            /* now move 'n' bytes: */
-            while (n-- > 0) {
-                dest[(*dest_len)++] = rr->data[rr->off++];
-                rr->length--;
-            }
-
-            if (*dest_len < dest_maxlen)
-                goto start;     /* fragment was too small */
-        }
-    }
-
-    /*-
-     * s->s3->handshake_fragment_len == 4  iff  rr->type == SSL3_RT_HANDSHAKE;
-     * s->s3->alert_fragment_len == 2      iff  rr->type == SSL3_RT_ALERT.
-     * (Possibly rr is 'empty' now, i.e. rr->length may be 0.)
-     */
-
-    /* If we are a client, check for an incoming 'Hello Request': */
-    if ((!s->server) &&
-        (s->s3->handshake_fragment_len >= 4) &&
-        (s->s3->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) &&
-        (s->session != NULL) && (s->session->cipher != NULL)) {
-        s->s3->handshake_fragment_len = 0;
-
-        if ((s->s3->handshake_fragment[1] != 0) ||
-            (s->s3->handshake_fragment[2] != 0) ||
-            (s->s3->handshake_fragment[3] != 0)) {
-            al = SSL_AD_DECODE_ERROR;
-            SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_BAD_HELLO_REQUEST);
-            goto f_err;
-        }
-
-        if (s->msg_callback)
-            s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
-                            s->s3->handshake_fragment, 4, s,
-                            s->msg_callback_arg);
-
-        if (SSL_is_init_finished(s) &&
-            !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
-            !s->s3->renegotiate) {
-            ssl3_renegotiate(s);
-            if (ssl3_renegotiate_check(s)) {
-                i = s->handshake_func(s);
-                if (i < 0)
-                    return (i);
-                if (i == 0) {
-                    SSLerr(SSL_F_SSL3_READ_BYTES,
-                           SSL_R_SSL_HANDSHAKE_FAILURE);
-                    return (-1);
-                }
-
-                if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
-                    if (s->s3->rbuf.left == 0) { /* no read-ahead left? */
-                        BIO *bio;
-                        /*
-                         * In the case where we try to read application data,
-                         * but we trigger an SSL handshake, we return -1 with
-                         * the retry option set.  Otherwise renegotiation may
-                         * cause nasty problems in the blocking world
-                         */
-                        s->rwstate = SSL_READING;
-                        bio = SSL_get_rbio(s);
-                        BIO_clear_retry_flags(bio);
-                        BIO_set_retry_read(bio);
-                        return (-1);
-                    }
-                }
-            }
-        }
-        /*
-         * we either finished a handshake or ignored the request, now try
-         * again to obtain the (application) data we were asked for
-         */
-        goto start;
-    }
-    /*
-     * If we are a server and get a client hello when renegotiation isn't
-     * allowed send back a no renegotiation alert and carry on. WARNING:
-     * experimental code, needs reviewing (steve)
-     */
-    if (s->server &&
-        SSL_is_init_finished(s) &&
-        !s->s3->send_connection_binding &&
-        (s->version > SSL3_VERSION) &&
-        (s->s3->handshake_fragment_len >= 4) &&
-        (s->s3->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO) &&
-        (s->session != NULL) && (s->session->cipher != NULL) &&
-        !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) {
-        /*
-         * s->s3->handshake_fragment_len = 0;
-         */
-        rr->length = 0;
-        ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_NO_RENEGOTIATION);
-        goto start;
-    }
-    if (s->s3->alert_fragment_len >= 2) {
-        int alert_level = s->s3->alert_fragment[0];
-        int alert_descr = s->s3->alert_fragment[1];
-
-        s->s3->alert_fragment_len = 0;
-
-        if (s->msg_callback)
-            s->msg_callback(0, s->version, SSL3_RT_ALERT,
-                            s->s3->alert_fragment, 2, s, s->msg_callback_arg);
-
-        if (s->info_callback != NULL)
-            cb = s->info_callback;
-        else if (s->ctx->info_callback != NULL)
-            cb = s->ctx->info_callback;
-
-        if (cb != NULL) {
-            j = (alert_level << 8) | alert_descr;
-            cb(s, SSL_CB_READ_ALERT, j);
-        }
-
-        if (alert_level == SSL3_AL_WARNING) {
-            s->s3->warn_alert = alert_descr;
-
-            s->cert->alert_count++;
-            if (s->cert->alert_count == MAX_WARN_ALERT_COUNT) {
-                al = SSL_AD_UNEXPECTED_MESSAGE;
-                SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
-                goto f_err;
-            }
-
-            if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
-                s->shutdown |= SSL_RECEIVED_SHUTDOWN;
-                return (0);
-            }
-            /*
-             * This is a warning but we receive it if we requested
-             * renegotiation and the peer denied it. Terminate with a fatal
-             * alert because if application tried to renegotiatie it
-             * presumably had a good reason and expects it to succeed. In
-             * future we might have a renegotiation where we don't care if
-             * the peer refused it where we carry on.
-             */
-            else if (alert_descr == SSL_AD_NO_RENEGOTIATION) {
-                al = SSL_AD_HANDSHAKE_FAILURE;
-                SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_NO_RENEGOTIATION);
-                goto f_err;
-            }
-#ifdef SSL_AD_MISSING_SRP_USERNAME
-            else if (alert_descr == SSL_AD_MISSING_SRP_USERNAME)
-                return (0);
-#endif
-        } else if (alert_level == SSL3_AL_FATAL) {
-            char tmp[16];
-
-            s->rwstate = SSL_NOTHING;
-            s->s3->fatal_alert = alert_descr;
-            SSLerr(SSL_F_SSL3_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr);
-            BIO_snprintf(tmp, sizeof tmp, "%d", alert_descr);
-            ERR_add_error_data(2, "SSL alert number ", tmp);
-            s->shutdown |= SSL_RECEIVED_SHUTDOWN;
-            SSL_CTX_remove_session(s->session_ctx, s->session);
-            return (0);
-        } else {
-            al = SSL_AD_ILLEGAL_PARAMETER;
-            SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_UNKNOWN_ALERT_TYPE);
-            goto f_err;
-        }
-
-        goto start;
-    }
-
-    if (s->shutdown & SSL_SENT_SHUTDOWN) { /* but we have not received a
-                                            * shutdown */
-        s->rwstate = SSL_NOTHING;
-        rr->length = 0;
-        return (0);
-    }
-
-    if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) {
-        /*
-         * 'Change Cipher Spec' is just a single byte, so we know exactly
-         * what the record payload has to look like
-         */
-        if ((rr->length != 1) || (rr->off != 0) ||
-            (rr->data[0] != SSL3_MT_CCS)) {
-            al = SSL_AD_ILLEGAL_PARAMETER;
-            SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_BAD_CHANGE_CIPHER_SPEC);
-            goto f_err;
-        }
-
-        /* Check we have a cipher to change to */
-        if (s->s3->tmp.new_cipher == NULL) {
-            al = SSL_AD_UNEXPECTED_MESSAGE;
-            SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_CCS_RECEIVED_EARLY);
-            goto f_err;
-        }
-
-        if (!(s->s3->flags & SSL3_FLAGS_CCS_OK)) {
-            al = SSL_AD_UNEXPECTED_MESSAGE;
-            SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_CCS_RECEIVED_EARLY);
-            goto f_err;
-        }
-
-        s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
-
-        rr->length = 0;
-
-        if (s->msg_callback)
-            s->msg_callback(0, s->version, SSL3_RT_CHANGE_CIPHER_SPEC,
-                            rr->data, 1, s, s->msg_callback_arg);
-
-        s->s3->change_cipher_spec = 1;
-        if (!ssl3_do_change_cipher_spec(s))
-            goto err;
-        else
-            goto start;
-    }
-
-    /*
-     * Unexpected handshake message (Client Hello, or protocol violation)
-     */
-    if ((s->s3->handshake_fragment_len >= 4) && !s->in_handshake) {
-        if (((s->state & SSL_ST_MASK) == SSL_ST_OK) &&
-            !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) {
-#if 0                           /* worked only because C operator preferences
-                                 * are not as expected (and because this is
-                                 * not really needed for clients except for
-                                 * detecting protocol violations): */
-            s->state = SSL_ST_BEFORE | (s->server)
-                ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
-#else
-            s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
-#endif
-            s->renegotiate = 1;
-            s->new_session = 1;
-        }
-        i = s->handshake_func(s);
-        if (i < 0)
-            return (i);
-        if (i == 0) {
-            SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);
-            return (-1);
-        }
-
-        if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
-            if (s->s3->rbuf.left == 0) { /* no read-ahead left? */
-                BIO *bio;
-                /*
-                 * In the case where we try to read application data, but we
-                 * trigger an SSL handshake, we return -1 with the retry
-                 * option set.  Otherwise renegotiation may cause nasty
-                 * problems in the blocking world
-                 */
-                s->rwstate = SSL_READING;
-                bio = SSL_get_rbio(s);
-                BIO_clear_retry_flags(bio);
-                BIO_set_retry_read(bio);
-                return (-1);
-            }
-        }
-        goto start;
-    }
-
-    switch (rr->type) {
-    default:
-        /*
-         * TLS 1.0 and 1.1 say you SHOULD ignore unrecognised record types, but
-         * TLS 1.2 says you MUST send an unexpected message alert. We use the
-         * TLS 1.2 behaviour for all protocol versions to prevent issues where
-         * no progress is being made and the peer continually sends unrecognised
-         * record types, using up resources processing them.
-         */
-        al = SSL_AD_UNEXPECTED_MESSAGE;
-        SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
-        goto f_err;
-    case SSL3_RT_CHANGE_CIPHER_SPEC:
-    case SSL3_RT_ALERT:
-    case SSL3_RT_HANDSHAKE:
-        /*
-         * we already handled all of these, with the possible exception of
-         * SSL3_RT_HANDSHAKE when s->in_handshake is set, but that should not
-         * happen when type != rr->type
-         */
-        al = SSL_AD_UNEXPECTED_MESSAGE;
-        SSLerr(SSL_F_SSL3_READ_BYTES, ERR_R_INTERNAL_ERROR);
-        goto f_err;
-    case SSL3_RT_APPLICATION_DATA:
-        /*
-         * At this point, we were expecting handshake data, but have
-         * application data.  If the library was running inside ssl3_read()
-         * (i.e. in_read_app_data is set) and it makes sense to read
-         * application data at this point (session renegotiation not yet
-         * started), we will indulge it.
-         */
-        if (s->s3->in_read_app_data &&
-            (s->s3->total_renegotiations != 0) &&
-            (((s->state & SSL_ST_CONNECT) &&
-              (s->state >= SSL3_ST_CW_CLNT_HELLO_A) &&
-              (s->state <= SSL3_ST_CR_SRVR_HELLO_A)
-             ) || ((s->state & SSL_ST_ACCEPT) &&
-                   (s->state <= SSL3_ST_SW_HELLO_REQ_A) &&
-                   (s->state >= SSL3_ST_SR_CLNT_HELLO_A)
-             )
-            )) {
-            s->s3->in_read_app_data = 2;
-            return (-1);
-        } else {
-            al = SSL_AD_UNEXPECTED_MESSAGE;
-            SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
-            goto f_err;
-        }
-    }
-    /* not reached */
-
- f_err:
-    ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
-    return (-1);
-}
-
-int ssl3_do_change_cipher_spec(SSL *s)
-{
-    int i;
-    const char *sender;
-    int slen;
-
-    if (s->state & SSL_ST_ACCEPT)
-        i = SSL3_CHANGE_CIPHER_SERVER_READ;
-    else
-        i = SSL3_CHANGE_CIPHER_CLIENT_READ;
-
-    if (s->s3->tmp.key_block == NULL) {
-        if (s->session == NULL || s->session->master_key_length == 0) {
-            /* might happen if dtls1_read_bytes() calls this */
-            SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,
-                   SSL_R_CCS_RECEIVED_EARLY);
-            return (0);
-        }
-
-        s->session->cipher = s->s3->tmp.new_cipher;
-        if (!s->method->ssl3_enc->setup_key_block(s))
-            return (0);
-    }
-
-    if (!s->method->ssl3_enc->change_cipher_state(s, i))
-        return (0);
-
-    /*
-     * we have to record the message digest at this point so we can get it
-     * before we read the finished message
-     */
-    if (s->state & SSL_ST_CONNECT) {
-        sender = s->method->ssl3_enc->server_finished_label;
-        slen = s->method->ssl3_enc->server_finished_label_len;
-    } else {
-        sender = s->method->ssl3_enc->client_finished_label;
-        slen = s->method->ssl3_enc->client_finished_label_len;
-    }
-
-    i = s->method->ssl3_enc->final_finish_mac(s,
-                                              sender, slen,
-                                              s->s3->tmp.peer_finish_md);
-    if (i == 0) {
-        SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
-        return 0;
-    }
-    s->s3->tmp.peer_finish_md_len = i;
-
-    return (1);
-}
-
-int ssl3_send_alert(SSL *s, int level, int desc)
-{
-    /* Map tls/ssl alert value to correct one */
-    desc = s->method->ssl3_enc->alert_value(desc);
-    if (s->version == SSL3_VERSION && desc == SSL_AD_PROTOCOL_VERSION)
-        desc = SSL_AD_HANDSHAKE_FAILURE; /* SSL 3.0 does not have
-                                          * protocol_version alerts */
-    if (desc < 0)
-        return -1;
-    /* If a fatal one, remove from cache */
-    if ((level == 2) && (s->session != NULL))
-        SSL_CTX_remove_session(s->session_ctx, s->session);
-
-    s->s3->alert_dispatch = 1;
-    s->s3->send_alert[0] = level;
-    s->s3->send_alert[1] = desc;
-    if (s->s3->wbuf.left == 0)  /* data still being written out? */
-        return s->method->ssl_dispatch_alert(s);
-    /*
-     * else data is still being written out, we will get written some time in
-     * the future
-     */
-    return -1;
-}
-
-int ssl3_dispatch_alert(SSL *s)
-{
-    int i, j;
-    void (*cb) (const SSL *ssl, int type, int val) = NULL;
-
-    s->s3->alert_dispatch = 0;
-    i = do_ssl3_write(s, SSL3_RT_ALERT, &s->s3->send_alert[0], 2, 0);
-    if (i <= 0) {
-        s->s3->alert_dispatch = 1;
-    } else {
-        /*
-         * Alert sent to BIO.  If it is important, flush it now. If the
-         * message does not get sent due to non-blocking IO, we will not
-         * worry too much.
-         */
-        if (s->s3->send_alert[0] == SSL3_AL_FATAL)
-            (void)BIO_flush(s->wbio);
-
-        if (s->msg_callback)
-            s->msg_callback(1, s->version, SSL3_RT_ALERT, s->s3->send_alert,
-                            2, s, s->msg_callback_arg);
-
-        if (s->info_callback != NULL)
-            cb = s->info_callback;
-        else if (s->ctx->info_callback != NULL)
-            cb = s->ctx->info_callback;
-
-        if (cb != NULL) {
-            j = (s->s3->send_alert[0] << 8) | s->s3->send_alert[1];
-            cb(s, SSL_CB_WRITE_ALERT, j);
-        }
-    }
-    return (i);
-}
diff --git a/thirdparty/openssl/ssl/s3_srvr.c b/thirdparty/openssl/ssl/s3_srvr.c
deleted file mode 100644
index ba17f1b562..0000000000
--- a/thirdparty/openssl/ssl/s3_srvr.c
+++ /dev/null
@@ -1,3677 +0,0 @@
-/* ssl/s3_srvr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * ECC cipher suite support in OpenSSL originally written by
- * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#define REUSE_CIPHER_BUG
-#define NETSCAPE_HANG_BUG
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#include "kssl_lcl.h"
-#include "../crypto/constant_time_locl.h"
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/hmac.h>
-#include <openssl/x509.h>
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_KRB5
-# include <openssl/krb5_asn.h>
-#endif
-#include <openssl/md5.h>
-
-#ifndef OPENSSL_NO_SSL3_METHOD
-static const SSL_METHOD *ssl3_get_server_method(int ver);
-
-static const SSL_METHOD *ssl3_get_server_method(int ver)
-{
-    if (ver == SSL3_VERSION)
-        return (SSLv3_server_method());
-    else
-        return (NULL);
-}
-
-IMPLEMENT_ssl3_meth_func(SSLv3_server_method,
-                         ssl3_accept,
-                         ssl_undefined_function, ssl3_get_server_method)
-#endif
-#ifndef OPENSSL_NO_SRP
-static int ssl_check_srp_ext_ClientHello(SSL *s, int *al)
-{
-    int ret = SSL_ERROR_NONE;
-
-    *al = SSL_AD_UNRECOGNIZED_NAME;
-
-    if ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP) &&
-        (s->srp_ctx.TLS_ext_srp_username_callback != NULL)) {
-        if (s->srp_ctx.login == NULL) {
-            /*
-             * RFC 5054 says SHOULD reject, we do so if There is no srp
-             * login name
-             */
-            ret = SSL3_AL_FATAL;
-            *al = SSL_AD_UNKNOWN_PSK_IDENTITY;
-        } else {
-            ret = SSL_srp_server_param_with_username(s, al);
-        }
-    }
-    return ret;
-}
-#endif
-
-int ssl3_accept(SSL *s)
-{
-    BUF_MEM *buf;
-    unsigned long alg_k, Time = (unsigned long)time(NULL);
-    void (*cb) (const SSL *ssl, int type, int val) = NULL;
-    int ret = -1;
-    int new_state, state, skip = 0;
-
-    RAND_add(&Time, sizeof(Time), 0);
-    ERR_clear_error();
-    clear_sys_error();
-
-    if (s->info_callback != NULL)
-        cb = s->info_callback;
-    else if (s->ctx->info_callback != NULL)
-        cb = s->ctx->info_callback;
-
-    /* init things to blank */
-    s->in_handshake++;
-    if (!SSL_in_init(s) || SSL_in_before(s))
-        SSL_clear(s);
-
-    if (s->cert == NULL) {
-        SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_NO_CERTIFICATE_SET);
-        return (-1);
-    }
-#ifndef OPENSSL_NO_HEARTBEATS
-    /*
-     * If we're awaiting a HeartbeatResponse, pretend we already got and
-     * don't await it anymore, because Heartbeats don't make sense during
-     * handshakes anyway.
-     */
-    if (s->tlsext_hb_pending) {
-        s->tlsext_hb_pending = 0;
-        s->tlsext_hb_seq++;
-    }
-#endif
-
-    for (;;) {
-        state = s->state;
-
-        switch (s->state) {
-        case SSL_ST_RENEGOTIATE:
-            s->renegotiate = 1;
-            /* s->state=SSL_ST_ACCEPT; */
-
-        case SSL_ST_BEFORE:
-        case SSL_ST_ACCEPT:
-        case SSL_ST_BEFORE | SSL_ST_ACCEPT:
-        case SSL_ST_OK | SSL_ST_ACCEPT:
-
-            s->server = 1;
-            if (cb != NULL)
-                cb(s, SSL_CB_HANDSHAKE_START, 1);
-
-            if ((s->version >> 8) != 3) {
-                SSLerr(SSL_F_SSL3_ACCEPT, ERR_R_INTERNAL_ERROR);
-                s->state = SSL_ST_ERR;
-                return -1;
-            }
-            s->type = SSL_ST_ACCEPT;
-
-            if (s->init_buf == NULL) {
-                if ((buf = BUF_MEM_new()) == NULL) {
-                    ret = -1;
-                    s->state = SSL_ST_ERR;
-                    goto end;
-                }
-                if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
-                    BUF_MEM_free(buf);
-                    ret = -1;
-                    s->state = SSL_ST_ERR;
-                    goto end;
-                }
-                s->init_buf = buf;
-            }
-
-            if (!ssl3_setup_buffers(s)) {
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            }
-
-            s->init_num = 0;
-            s->s3->flags &= ~TLS1_FLAGS_SKIP_CERT_VERIFY;
-            s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
-            /*
-             * Should have been reset by ssl3_get_finished, too.
-             */
-            s->s3->change_cipher_spec = 0;
-
-            if (s->state != SSL_ST_RENEGOTIATE) {
-                /*
-                 * Ok, we now need to push on a buffering BIO so that the
-                 * output is sent in a way that TCP likes :-)
-                 */
-                if (!ssl_init_wbio_buffer(s, 1)) {
-                    ret = -1;
-                    s->state = SSL_ST_ERR;
-                    goto end;
-                }
-
-                if (!ssl3_init_finished_mac(s)) {
-                    ret = -1;
-                    s->state = SSL_ST_ERR;
-                    goto end;
-                }
-
-                s->state = SSL3_ST_SR_CLNT_HELLO_A;
-                s->ctx->stats.sess_accept++;
-            } else if (!s->s3->send_connection_binding &&
-                       !(s->options &
-                         SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) {
-                /*
-                 * Server attempting to renegotiate with client that doesn't
-                 * support secure renegotiation.
-                 */
-                SSLerr(SSL_F_SSL3_ACCEPT,
-                       SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
-                ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            } else {
-                /*
-                 * s->state == SSL_ST_RENEGOTIATE, we will just send a
-                 * HelloRequest
-                 */
-                s->ctx->stats.sess_accept_renegotiate++;
-                s->state = SSL3_ST_SW_HELLO_REQ_A;
-            }
-            break;
-
-        case SSL3_ST_SW_HELLO_REQ_A:
-        case SSL3_ST_SW_HELLO_REQ_B:
-
-            s->shutdown = 0;
-            ret = ssl3_send_hello_request(s);
-            if (ret <= 0)
-                goto end;
-            s->s3->tmp.next_state = SSL3_ST_SW_HELLO_REQ_C;
-            s->state = SSL3_ST_SW_FLUSH;
-            s->init_num = 0;
-
-            if (!ssl3_init_finished_mac(s)) {
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            }
-            break;
-
-        case SSL3_ST_SW_HELLO_REQ_C:
-            s->state = SSL_ST_OK;
-            break;
-
-        case SSL3_ST_SR_CLNT_HELLO_A:
-        case SSL3_ST_SR_CLNT_HELLO_B:
-        case SSL3_ST_SR_CLNT_HELLO_C:
-
-            s->shutdown = 0;
-            ret = ssl3_get_client_hello(s);
-            if (ret <= 0)
-                goto end;
-#ifndef OPENSSL_NO_SRP
-            s->state = SSL3_ST_SR_CLNT_HELLO_D;
-        case SSL3_ST_SR_CLNT_HELLO_D:
-            {
-                int al;
-                if ((ret = ssl_check_srp_ext_ClientHello(s, &al)) < 0) {
-                    /*
-                     * callback indicates firther work to be done
-                     */
-                    s->rwstate = SSL_X509_LOOKUP;
-                    goto end;
-                }
-                if (ret != SSL_ERROR_NONE) {
-                    ssl3_send_alert(s, SSL3_AL_FATAL, al);
-                    /*
-                     * This is not really an error but the only means to for
-                     * a client to detect whether srp is supported.
-                     */
-                    if (al != TLS1_AD_UNKNOWN_PSK_IDENTITY)
-                        SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_CLIENTHELLO_TLSEXT);
-                    ret = -1;
-                    s->state = SSL_ST_ERR;
-                    goto end;
-                }
-            }
-#endif
-
-            s->renegotiate = 2;
-            s->state = SSL3_ST_SW_SRVR_HELLO_A;
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_SW_SRVR_HELLO_A:
-        case SSL3_ST_SW_SRVR_HELLO_B:
-            ret = ssl3_send_server_hello(s);
-            if (ret <= 0)
-                goto end;
-#ifndef OPENSSL_NO_TLSEXT
-            if (s->hit) {
-                if (s->tlsext_ticket_expected)
-                    s->state = SSL3_ST_SW_SESSION_TICKET_A;
-                else
-                    s->state = SSL3_ST_SW_CHANGE_A;
-            }
-#else
-            if (s->hit)
-                s->state = SSL3_ST_SW_CHANGE_A;
-#endif
-            else
-                s->state = SSL3_ST_SW_CERT_A;
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_SW_CERT_A:
-        case SSL3_ST_SW_CERT_B:
-            /* Check if it is anon DH or anon ECDH, */
-            /* normal PSK or KRB5 or SRP */
-            if (!
-                (s->s3->tmp.
-                 new_cipher->algorithm_auth & (SSL_aNULL | SSL_aKRB5 |
-                                               SSL_aSRP))
-&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
-                ret = ssl3_send_server_certificate(s);
-                if (ret <= 0)
-                    goto end;
-#ifndef OPENSSL_NO_TLSEXT
-                if (s->tlsext_status_expected)
-                    s->state = SSL3_ST_SW_CERT_STATUS_A;
-                else
-                    s->state = SSL3_ST_SW_KEY_EXCH_A;
-            } else {
-                skip = 1;
-                s->state = SSL3_ST_SW_KEY_EXCH_A;
-            }
-#else
-            } else
-                skip = 1;
-
-            s->state = SSL3_ST_SW_KEY_EXCH_A;
-#endif
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_SW_KEY_EXCH_A:
-        case SSL3_ST_SW_KEY_EXCH_B:
-            alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-
-            /*
-             * clear this, it may get reset by
-             * send_server_key_exchange
-             */
-            s->s3->tmp.use_rsa_tmp = 0;
-
-            /*
-             * only send if a DH key exchange, fortezza or RSA but we have a
-             * sign only certificate PSK: may send PSK identity hints For
-             * ECC ciphersuites, we send a serverKeyExchange message only if
-             * the cipher suite is either ECDH-anon or ECDHE. In other cases,
-             * the server certificate contains the server's public key for
-             * key exchange.
-             */
-            if (0
-                /*
-                 * PSK: send ServerKeyExchange if PSK identity hint if
-                 * provided
-                 */
-#ifndef OPENSSL_NO_PSK
-                || ((alg_k & SSL_kPSK) && s->ctx->psk_identity_hint)
-#endif
-#ifndef OPENSSL_NO_SRP
-                /* SRP: send ServerKeyExchange */
-                || (alg_k & SSL_kSRP)
-#endif
-                || (alg_k & SSL_kEDH)
-                || (alg_k & SSL_kEECDH)
-                || ((alg_k & SSL_kRSA)
-                    && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
-                        || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
-                            && EVP_PKEY_size(s->cert->pkeys
-                                             [SSL_PKEY_RSA_ENC].privatekey) *
-                            8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)
-                        )
-                    )
-                )
-                ) {
-                ret = ssl3_send_server_key_exchange(s);
-                if (ret <= 0)
-                    goto end;
-            } else
-                skip = 1;
-
-            s->state = SSL3_ST_SW_CERT_REQ_A;
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_SW_CERT_REQ_A:
-        case SSL3_ST_SW_CERT_REQ_B:
-            if (                /* don't request cert unless asked for it: */
-                   !(s->verify_mode & SSL_VERIFY_PEER) ||
-                   /*
-                    * if SSL_VERIFY_CLIENT_ONCE is set, don't request cert
-                    * during re-negotiation:
-                    */
-                   (s->s3->tmp.finish_md_len != 0 &&
-                    (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)) ||
-                   /*
-                    * never request cert in anonymous ciphersuites (see
-                    * section "Certificate request" in SSL 3 drafts and in
-                    * RFC 2246):
-                    */
-                   ((s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
-                    /*
-                     * ... except when the application insists on
-                     * verification (against the specs, but s3_clnt.c accepts
-                     * this for SSL 3)
-                     */
-                    !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) ||
-                   /*
-                    * never request cert in Kerberos ciphersuites
-                    */
-                   (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5) ||
-                   /* don't request certificate for SRP auth */
-                   (s->s3->tmp.new_cipher->algorithm_auth & SSL_aSRP)
-                   /*
-                    * With normal PSK Certificates and Certificate Requests
-                    * are omitted
-                    */
-                   || (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
-                /* no cert request */
-                skip = 1;
-                s->s3->tmp.cert_request = 0;
-                s->state = SSL3_ST_SW_SRVR_DONE_A;
-                if (s->s3->handshake_buffer) {
-                    if (!ssl3_digest_cached_records(s)) {
-                        s->state = SSL_ST_ERR;
-                        return -1;
-                    }
-                }
-            } else {
-                s->s3->tmp.cert_request = 1;
-                ret = ssl3_send_certificate_request(s);
-                if (ret <= 0)
-                    goto end;
-#ifndef NETSCAPE_HANG_BUG
-                s->state = SSL3_ST_SW_SRVR_DONE_A;
-#else
-                s->state = SSL3_ST_SW_FLUSH;
-                s->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
-#endif
-                s->init_num = 0;
-            }
-            break;
-
-        case SSL3_ST_SW_SRVR_DONE_A:
-        case SSL3_ST_SW_SRVR_DONE_B:
-            ret = ssl3_send_server_done(s);
-            if (ret <= 0)
-                goto end;
-            s->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
-            s->state = SSL3_ST_SW_FLUSH;
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_SW_FLUSH:
-
-            /*
-             * This code originally checked to see if any data was pending
-             * using BIO_CTRL_INFO and then flushed. This caused problems as
-             * documented in PR#1939. The proposed fix doesn't completely
-             * resolve this issue as buggy implementations of
-             * BIO_CTRL_PENDING still exist. So instead we just flush
-             * unconditionally.
-             */
-
-            s->rwstate = SSL_WRITING;
-            if (BIO_flush(s->wbio) <= 0) {
-                ret = -1;
-                goto end;
-            }
-            s->rwstate = SSL_NOTHING;
-
-            s->state = s->s3->tmp.next_state;
-            break;
-
-        case SSL3_ST_SR_CERT_A:
-        case SSL3_ST_SR_CERT_B:
-            if (s->s3->tmp.cert_request) {
-                ret = ssl3_get_client_certificate(s);
-                if (ret <= 0)
-                    goto end;
-            }
-            s->init_num = 0;
-            s->state = SSL3_ST_SR_KEY_EXCH_A;
-            break;
-
-        case SSL3_ST_SR_KEY_EXCH_A:
-        case SSL3_ST_SR_KEY_EXCH_B:
-            ret = ssl3_get_client_key_exchange(s);
-            if (ret <= 0)
-                goto end;
-            if (ret == 2) {
-                /*
-                 * For the ECDH ciphersuites when the client sends its ECDH
-                 * pub key in a certificate, the CertificateVerify message is
-                 * not sent. Also for GOST ciphersuites when the client uses
-                 * its key from the certificate for key exchange.
-                 */
-#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
-                s->state = SSL3_ST_SR_FINISHED_A;
-#else
-                if (s->s3->next_proto_neg_seen)
-                    s->state = SSL3_ST_SR_NEXT_PROTO_A;
-                else
-                    s->state = SSL3_ST_SR_FINISHED_A;
-#endif
-                s->init_num = 0;
-            } else if (SSL_USE_SIGALGS(s)) {
-                s->state = SSL3_ST_SR_CERT_VRFY_A;
-                s->init_num = 0;
-                if (!s->session->peer)
-                    break;
-                /*
-                 * For sigalgs freeze the handshake buffer at this point and
-                 * digest cached records.
-                 */
-                if (!s->s3->handshake_buffer) {
-                    SSLerr(SSL_F_SSL3_ACCEPT, ERR_R_INTERNAL_ERROR);
-                    s->state = SSL_ST_ERR;
-                    return -1;
-                }
-                s->s3->flags |= TLS1_FLAGS_KEEP_HANDSHAKE;
-                if (!ssl3_digest_cached_records(s)) {
-                    s->state = SSL_ST_ERR;
-                    return -1;
-                }
-            } else {
-                int offset = 0;
-                int dgst_num;
-
-                s->state = SSL3_ST_SR_CERT_VRFY_A;
-                s->init_num = 0;
-
-                /*
-                 * We need to get hashes here so if there is a client cert,
-                 * it can be verified FIXME - digest processing for
-                 * CertificateVerify should be generalized. But it is next
-                 * step
-                 */
-                if (s->s3->handshake_buffer) {
-                    if (!ssl3_digest_cached_records(s)) {
-                        s->state = SSL_ST_ERR;
-                        return -1;
-                    }
-                }
-                for (dgst_num = 0; dgst_num < SSL_MAX_DIGEST; dgst_num++)
-                    if (s->s3->handshake_dgst[dgst_num]) {
-                        int dgst_size;
-
-                        s->method->ssl3_enc->cert_verify_mac(s,
-                                                             EVP_MD_CTX_type
-                                                             (s->
-                                                              s3->handshake_dgst
-                                                              [dgst_num]),
-                                                             &(s->s3->
-                                                               tmp.cert_verify_md
-                                                               [offset]));
-                        dgst_size =
-                            EVP_MD_CTX_size(s->s3->handshake_dgst[dgst_num]);
-                        if (dgst_size < 0) {
-                            s->state = SSL_ST_ERR;
-                            ret = -1;
-                            goto end;
-                        }
-                        offset += dgst_size;
-                    }
-            }
-            break;
-
-        case SSL3_ST_SR_CERT_VRFY_A:
-        case SSL3_ST_SR_CERT_VRFY_B:
-            ret = ssl3_get_cert_verify(s);
-            if (ret <= 0)
-                goto end;
-
-#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
-            s->state = SSL3_ST_SR_FINISHED_A;
-#else
-            if (s->s3->next_proto_neg_seen)
-                s->state = SSL3_ST_SR_NEXT_PROTO_A;
-            else
-                s->state = SSL3_ST_SR_FINISHED_A;
-#endif
-            s->init_num = 0;
-            break;
-
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
-        case SSL3_ST_SR_NEXT_PROTO_A:
-        case SSL3_ST_SR_NEXT_PROTO_B:
-            /*
-             * Enable CCS for NPN. Receiving a CCS clears the flag, so make
-             * sure not to re-enable it to ban duplicates. This *should* be the
-             * first time we have received one - but we check anyway to be
-             * cautious.
-             * s->s3->change_cipher_spec is set when a CCS is
-             * processed in s3_pkt.c, and remains set until
-             * the client's Finished message is read.
-             */
-            if (!s->s3->change_cipher_spec)
-                s->s3->flags |= SSL3_FLAGS_CCS_OK;
-
-            ret = ssl3_get_next_proto(s);
-            if (ret <= 0)
-                goto end;
-            s->init_num = 0;
-            s->state = SSL3_ST_SR_FINISHED_A;
-            break;
-#endif
-
-        case SSL3_ST_SR_FINISHED_A:
-        case SSL3_ST_SR_FINISHED_B:
-            /*
-             * Enable CCS for handshakes without NPN. In NPN the CCS flag has
-             * already been set. Receiving a CCS clears the flag, so make
-             * sure not to re-enable it to ban duplicates.
-             * s->s3->change_cipher_spec is set when a CCS is
-             * processed in s3_pkt.c, and remains set until
-             * the client's Finished message is read.
-             */
-            if (!s->s3->change_cipher_spec)
-                s->s3->flags |= SSL3_FLAGS_CCS_OK;
-            ret = ssl3_get_finished(s, SSL3_ST_SR_FINISHED_A,
-                                    SSL3_ST_SR_FINISHED_B);
-            if (ret <= 0)
-                goto end;
-            if (s->hit)
-                s->state = SSL_ST_OK;
-#ifndef OPENSSL_NO_TLSEXT
-            else if (s->tlsext_ticket_expected)
-                s->state = SSL3_ST_SW_SESSION_TICKET_A;
-#endif
-            else
-                s->state = SSL3_ST_SW_CHANGE_A;
-            s->init_num = 0;
-            break;
-
-#ifndef OPENSSL_NO_TLSEXT
-        case SSL3_ST_SW_SESSION_TICKET_A:
-        case SSL3_ST_SW_SESSION_TICKET_B:
-            ret = ssl3_send_newsession_ticket(s);
-            if (ret <= 0)
-                goto end;
-            s->state = SSL3_ST_SW_CHANGE_A;
-            s->init_num = 0;
-            break;
-
-        case SSL3_ST_SW_CERT_STATUS_A:
-        case SSL3_ST_SW_CERT_STATUS_B:
-            ret = ssl3_send_cert_status(s);
-            if (ret <= 0)
-                goto end;
-            s->state = SSL3_ST_SW_KEY_EXCH_A;
-            s->init_num = 0;
-            break;
-
-#endif
-
-        case SSL3_ST_SW_CHANGE_A:
-        case SSL3_ST_SW_CHANGE_B:
-
-            s->session->cipher = s->s3->tmp.new_cipher;
-            if (!s->method->ssl3_enc->setup_key_block(s)) {
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            }
-
-            ret = ssl3_send_change_cipher_spec(s,
-                                               SSL3_ST_SW_CHANGE_A,
-                                               SSL3_ST_SW_CHANGE_B);
-
-            if (ret <= 0)
-                goto end;
-            s->state = SSL3_ST_SW_FINISHED_A;
-            s->init_num = 0;
-
-            if (!s->method->ssl3_enc->change_cipher_state(s,
-                                                          SSL3_CHANGE_CIPHER_SERVER_WRITE))
-            {
-                ret = -1;
-                s->state = SSL_ST_ERR;
-                goto end;
-            }
-
-            break;
-
-        case SSL3_ST_SW_FINISHED_A:
-        case SSL3_ST_SW_FINISHED_B:
-            ret = ssl3_send_finished(s,
-                                     SSL3_ST_SW_FINISHED_A,
-                                     SSL3_ST_SW_FINISHED_B,
-                                     s->method->
-                                     ssl3_enc->server_finished_label,
-                                     s->method->
-                                     ssl3_enc->server_finished_label_len);
-            if (ret <= 0)
-                goto end;
-            s->state = SSL3_ST_SW_FLUSH;
-            if (s->hit) {
-#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
-                s->s3->tmp.next_state = SSL3_ST_SR_FINISHED_A;
-#else
-                if (s->s3->next_proto_neg_seen) {
-                    s->s3->tmp.next_state = SSL3_ST_SR_NEXT_PROTO_A;
-                } else
-                    s->s3->tmp.next_state = SSL3_ST_SR_FINISHED_A;
-#endif
-            } else
-                s->s3->tmp.next_state = SSL_ST_OK;
-            s->init_num = 0;
-            break;
-
-        case SSL_ST_OK:
-            /* clean a few things up */
-            ssl3_cleanup_key_block(s);
-
-            BUF_MEM_free(s->init_buf);
-            s->init_buf = NULL;
-
-            /* remove buffering on output */
-            ssl_free_wbio_buffer(s);
-
-            s->init_num = 0;
-
-            if (s->renegotiate == 2) { /* skipped if we just sent a
-                                        * HelloRequest */
-                s->renegotiate = 0;
-                s->new_session = 0;
-
-                ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
-
-                s->ctx->stats.sess_accept_good++;
-                /* s->server=1; */
-                s->handshake_func = ssl3_accept;
-
-                if (cb != NULL)
-                    cb(s, SSL_CB_HANDSHAKE_DONE, 1);
-            }
-
-            ret = 1;
-            goto end;
-            /* break; */
-
-        case SSL_ST_ERR:
-        default:
-            SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_UNKNOWN_STATE);
-            ret = -1;
-            goto end;
-            /* break; */
-        }
-
-        if (!s->s3->tmp.reuse_message && !skip) {
-            if (s->debug) {
-                if ((ret = BIO_flush(s->wbio)) <= 0)
-                    goto end;
-            }
-
-            if ((cb != NULL) && (s->state != state)) {
-                new_state = s->state;
-                s->state = state;
-                cb(s, SSL_CB_ACCEPT_LOOP, 1);
-                s->state = new_state;
-            }
-        }
-        skip = 0;
-    }
- end:
-    /* BIO_flush(s->wbio); */
-
-    s->in_handshake--;
-    if (cb != NULL)
-        cb(s, SSL_CB_ACCEPT_EXIT, ret);
-    return (ret);
-}
-
-int ssl3_send_hello_request(SSL *s)
-{
-
-    if (s->state == SSL3_ST_SW_HELLO_REQ_A) {
-        ssl_set_handshake_header(s, SSL3_MT_HELLO_REQUEST, 0);
-        s->state = SSL3_ST_SW_HELLO_REQ_B;
-    }
-
-    /* SSL3_ST_SW_HELLO_REQ_B */
-    return ssl_do_write(s);
-}
-
-int ssl3_get_client_hello(SSL *s)
-{
-    int i, j, ok, al = SSL_AD_INTERNAL_ERROR, ret = -1, cookie_valid = 0;
-    unsigned int cookie_len;
-    long n;
-    unsigned long id;
-    unsigned char *p, *d;
-    SSL_CIPHER *c;
-#ifndef OPENSSL_NO_COMP
-    unsigned char *q;
-    SSL_COMP *comp = NULL;
-#endif
-    STACK_OF(SSL_CIPHER) *ciphers = NULL;
-
-    if (s->state == SSL3_ST_SR_CLNT_HELLO_C && !s->first_packet)
-        goto retry_cert;
-
-    /*
-     * We do this so that we will respond with our native type. If we are
-     * TLSv1 and we get SSLv3, we will respond with TLSv1, This down
-     * switching should be handled by a different method. If we are SSLv3, we
-     * will respond with SSLv3, even if prompted with TLSv1.
-     */
-    if (s->state == SSL3_ST_SR_CLNT_HELLO_A) {
-        s->state = SSL3_ST_SR_CLNT_HELLO_B;
-    }
-    s->first_packet = 1;
-    n = s->method->ssl_get_message(s,
-                                   SSL3_ST_SR_CLNT_HELLO_B,
-                                   SSL3_ST_SR_CLNT_HELLO_C,
-                                   SSL3_MT_CLIENT_HELLO,
-                                   SSL3_RT_MAX_PLAIN_LENGTH, &ok);
-
-    if (!ok)
-        return ((int)n);
-    s->first_packet = 0;
-    d = p = (unsigned char *)s->init_msg;
-
-    /*
-     * 2 bytes for client version, SSL3_RANDOM_SIZE bytes for random, 1 byte
-     * for session id length
-     */
-    if (n < 2 + SSL3_RANDOM_SIZE + 1) {
-        al = SSL_AD_DECODE_ERROR;
-        SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
-        goto f_err;
-    }
-
-    /*
-     * use version from inside client hello, not from record header (may
-     * differ: see RFC 2246, Appendix E, second paragraph)
-     */
-    s->client_version = (((int)p[0]) << 8) | (int)p[1];
-    p += 2;
-
-    if (SSL_IS_DTLS(s) ? (s->client_version > s->version &&
-                          s->method->version != DTLS_ANY_VERSION)
-        : (s->client_version < s->version)) {
-        SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_WRONG_VERSION_NUMBER);
-        if ((s->client_version >> 8) == SSL3_VERSION_MAJOR &&
-            !s->enc_write_ctx && !s->write_hash) {
-            /*
-             * similar to ssl3_get_record, send alert using remote version
-             * number
-             */
-            s->version = s->client_version;
-        }
-        al = SSL_AD_PROTOCOL_VERSION;
-        goto f_err;
-    }
-
-    /*
-     * If we require cookies and this ClientHello doesn't contain one, just
-     * return since we do not want to allocate any memory yet. So check
-     * cookie length...
-     */
-    if (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE) {
-        unsigned int session_length, cookie_length;
-
-        session_length = *(p + SSL3_RANDOM_SIZE);
-
-        if (SSL3_RANDOM_SIZE + session_length + 1
-                >= (unsigned int)((d + n) - p)) {
-            al = SSL_AD_DECODE_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
-            goto f_err;
-        }
-        cookie_length = *(p + SSL3_RANDOM_SIZE + session_length + 1);
-
-        if (cookie_length == 0)
-            return 1;
-    }
-
-    /* load the client random */
-    memcpy(s->s3->client_random, p, SSL3_RANDOM_SIZE);
-    p += SSL3_RANDOM_SIZE;
-
-    /* get the session-id */
-    j = *(p++);
-
-    if ((d + n) - p < j) {
-        al = SSL_AD_DECODE_ERROR;
-        SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
-        goto f_err;
-    }
-
-    if ((j < 0) || (j > SSL_MAX_SSL_SESSION_ID_LENGTH)) {
-        al = SSL_AD_DECODE_ERROR;
-        SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH);
-        goto f_err;
-    }
-
-    s->hit = 0;
-    /*
-     * Versions before 0.9.7 always allow clients to resume sessions in
-     * renegotiation. 0.9.7 and later allow this by default, but optionally
-     * ignore resumption requests with flag
-     * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION (it's a new flag rather
-     * than a change to default behavior so that applications relying on this
-     * for security won't even compile against older library versions).
-     * 1.0.1 and later also have a function SSL_renegotiate_abbreviated() to
-     * request renegotiation but not a new session (s->new_session remains
-     * unset): for servers, this essentially just means that the
-     * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION setting will be ignored.
-     */
-    if ((s->new_session
-         && (s->options & SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION))) {
-        if (!ssl_get_new_session(s, 1))
-            goto err;
-    } else {
-        i = ssl_get_prev_session(s, p, j, d + n);
-        /*
-         * Only resume if the session's version matches the negotiated
-         * version.
-         * RFC 5246 does not provide much useful advice on resumption
-         * with a different protocol version. It doesn't forbid it but
-         * the sanity of such behaviour would be questionable.
-         * In practice, clients do not accept a version mismatch and
-         * will abort the handshake with an error.
-         */
-        if (i == 1 && s->version == s->session->ssl_version) { /* previous
-                                                                * session */
-            s->hit = 1;
-        } else if (i == -1)
-            goto err;
-        else {                  /* i == 0 */
-
-            if (!ssl_get_new_session(s, 1))
-                goto err;
-        }
-    }
-
-    p += j;
-
-    if (SSL_IS_DTLS(s)) {
-        /* cookie stuff */
-        if ((d + n) - p < 1) {
-            al = SSL_AD_DECODE_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
-            goto f_err;
-        }
-        cookie_len = *(p++);
-
-        if ((unsigned int)((d + n ) - p) < cookie_len) {
-            al = SSL_AD_DECODE_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
-            goto f_err;
-        }
-
-        /*
-         * The ClientHello may contain a cookie even if the
-         * HelloVerify message has not been sent--make sure that it
-         * does not cause an overflow.
-         */
-        if (cookie_len > sizeof(s->d1->rcvd_cookie)) {
-            /* too much data */
-            al = SSL_AD_DECODE_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_COOKIE_MISMATCH);
-            goto f_err;
-        }
-
-        /* verify the cookie if appropriate option is set. */
-        if ((SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE) && cookie_len > 0) {
-            memcpy(s->d1->rcvd_cookie, p, cookie_len);
-
-            if (s->ctx->app_verify_cookie_cb != NULL) {
-                if (s->ctx->app_verify_cookie_cb(s, s->d1->rcvd_cookie,
-                                                 cookie_len) == 0) {
-                    al = SSL_AD_HANDSHAKE_FAILURE;
-                    SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
-                           SSL_R_COOKIE_MISMATCH);
-                    goto f_err;
-                }
-                /* else cookie verification succeeded */
-            }
-            /* default verification */
-            else if (memcmp(s->d1->rcvd_cookie, s->d1->cookie,
-                            s->d1->cookie_len) != 0) {
-                al = SSL_AD_HANDSHAKE_FAILURE;
-                SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_COOKIE_MISMATCH);
-                goto f_err;
-            }
-            cookie_valid = 1;
-        }
-
-        p += cookie_len;
-        if (s->method->version == DTLS_ANY_VERSION) {
-            /* Select version to use */
-            if (s->client_version <= DTLS1_2_VERSION &&
-                !(s->options & SSL_OP_NO_DTLSv1_2)) {
-                s->version = DTLS1_2_VERSION;
-                s->method = DTLSv1_2_server_method();
-            } else if (tls1_suiteb(s)) {
-                SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
-                       SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE);
-                s->version = s->client_version;
-                al = SSL_AD_PROTOCOL_VERSION;
-                goto f_err;
-            } else if (s->client_version <= DTLS1_VERSION &&
-                       !(s->options & SSL_OP_NO_DTLSv1)) {
-                s->version = DTLS1_VERSION;
-                s->method = DTLSv1_server_method();
-            } else {
-                SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
-                       SSL_R_WRONG_VERSION_NUMBER);
-                s->version = s->client_version;
-                al = SSL_AD_PROTOCOL_VERSION;
-                goto f_err;
-            }
-            s->session->ssl_version = s->version;
-        }
-    }
-
-    if ((d + n ) - p < 2) {
-        al = SSL_AD_DECODE_ERROR;
-        SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
-        goto f_err;
-    }
-    n2s(p, i);
-
-    if (i == 0) {
-        al = SSL_AD_ILLEGAL_PARAMETER;
-        SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_NO_CIPHERS_SPECIFIED);
-        goto f_err;
-    }
-
-    /* i bytes of cipher data + 1 byte for compression length later */
-    if ((d + n) - p < i + 1) {
-        /* not enough data */
-        al = SSL_AD_DECODE_ERROR;
-        SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH);
-        goto f_err;
-    }
-    if (ssl_bytes_to_cipher_list(s, p, i, &(ciphers)) == NULL) {
-        goto err;
-    }
-    p += i;
-
-    /* If it is a hit, check that the cipher is in the list */
-    if (s->hit) {
-        j = 0;
-        id = s->session->cipher->id;
-
-#ifdef CIPHER_DEBUG
-        fprintf(stderr, "client sent %d ciphers\n",
-                sk_SSL_CIPHER_num(ciphers));
-#endif
-        for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
-            c = sk_SSL_CIPHER_value(ciphers, i);
-#ifdef CIPHER_DEBUG
-            fprintf(stderr, "client [%2d of %2d]:%s\n",
-                    i, sk_SSL_CIPHER_num(ciphers), SSL_CIPHER_get_name(c));
-#endif
-            if (c->id == id) {
-                j = 1;
-                break;
-            }
-        }
-        /*
-         * Disabled because it can be used in a ciphersuite downgrade attack:
-         * CVE-2010-4180.
-         */
-#if 0
-        if (j == 0 && (s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)
-            && (sk_SSL_CIPHER_num(ciphers) == 1)) {
-            /*
-             * Special case as client bug workaround: the previously used
-             * cipher may not be in the current list, the client instead
-             * might be trying to continue using a cipher that before wasn't
-             * chosen due to server preferences.  We'll have to reject the
-             * connection if the cipher is not enabled, though.
-             */
-            c = sk_SSL_CIPHER_value(ciphers, 0);
-            if (sk_SSL_CIPHER_find(SSL_get_ciphers(s), c) >= 0) {
-                s->session->cipher = c;
-                j = 1;
-            }
-        }
-#endif
-        if (j == 0) {
-            /*
-             * we need to have the cipher in the cipher list if we are asked
-             * to reuse it
-             */
-            al = SSL_AD_ILLEGAL_PARAMETER;
-            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
-                   SSL_R_REQUIRED_CIPHER_MISSING);
-            goto f_err;
-        }
-    }
-
-    /* compression */
-    i = *(p++);
-    if ((d + n) - p < i) {
-        /* not enough data */
-        al = SSL_AD_DECODE_ERROR;
-        SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH);
-        goto f_err;
-    }
-#ifndef OPENSSL_NO_COMP
-    q = p;
-#endif
-    for (j = 0; j < i; j++) {
-        if (p[j] == 0)
-            break;
-    }
-
-    p += i;
-    if (j >= i) {
-        /* no compress */
-        al = SSL_AD_DECODE_ERROR;
-        SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_NO_COMPRESSION_SPECIFIED);
-        goto f_err;
-    }
-#ifndef OPENSSL_NO_TLSEXT
-    /* TLS extensions */
-    if (s->version >= SSL3_VERSION) {
-        if (!ssl_parse_clienthello_tlsext(s, &p, d + n)) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_PARSE_TLSEXT);
-            goto err;
-        }
-    }
-
-    /*
-     * Check if we want to use external pre-shared secret for this handshake
-     * for not reused session only. We need to generate server_random before
-     * calling tls_session_secret_cb in order to allow SessionTicket
-     * processing to use it in key derivation.
-     */
-    {
-        unsigned char *pos;
-        pos = s->s3->server_random;
-        if (ssl_fill_hello_random(s, 1, pos, SSL3_RANDOM_SIZE) <= 0) {
-            goto f_err;
-        }
-    }
-
-    if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) {
-        SSL_CIPHER *pref_cipher = NULL;
-
-        s->session->master_key_length = sizeof(s->session->master_key);
-        if (s->tls_session_secret_cb(s, s->session->master_key,
-                                     &s->session->master_key_length, ciphers,
-                                     &pref_cipher,
-                                     s->tls_session_secret_cb_arg)) {
-            s->hit = 1;
-            s->session->ciphers = ciphers;
-            s->session->verify_result = X509_V_OK;
-
-            ciphers = NULL;
-
-            /* check if some cipher was preferred by call back */
-            pref_cipher =
-                pref_cipher ? pref_cipher : ssl3_choose_cipher(s,
-                                                               s->
-                                                               session->ciphers,
-                                                               SSL_get_ciphers
-                                                               (s));
-            if (pref_cipher == NULL) {
-                al = SSL_AD_HANDSHAKE_FAILURE;
-                SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_NO_SHARED_CIPHER);
-                goto f_err;
-            }
-
-            s->session->cipher = pref_cipher;
-
-            if (s->cipher_list)
-                sk_SSL_CIPHER_free(s->cipher_list);
-
-            if (s->cipher_list_by_id)
-                sk_SSL_CIPHER_free(s->cipher_list_by_id);
-
-            s->cipher_list = sk_SSL_CIPHER_dup(s->session->ciphers);
-            s->cipher_list_by_id = sk_SSL_CIPHER_dup(s->session->ciphers);
-        }
-    }
-#endif
-
-    /*
-     * Worst case, we will use the NULL compression, but if we have other
-     * options, we will now look for them.  We have i-1 compression
-     * algorithms from the client, starting at q.
-     */
-    s->s3->tmp.new_compression = NULL;
-#ifndef OPENSSL_NO_COMP
-    /* This only happens if we have a cache hit */
-    if (s->session->compress_meth != 0) {
-        int m, comp_id = s->session->compress_meth;
-        /* Perform sanity checks on resumed compression algorithm */
-        /* Can't disable compression */
-        if (s->options & SSL_OP_NO_COMPRESSION) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
-                   SSL_R_INCONSISTENT_COMPRESSION);
-            goto f_err;
-        }
-        /* Look for resumed compression method */
-        for (m = 0; m < sk_SSL_COMP_num(s->ctx->comp_methods); m++) {
-            comp = sk_SSL_COMP_value(s->ctx->comp_methods, m);
-            if (comp_id == comp->id) {
-                s->s3->tmp.new_compression = comp;
-                break;
-            }
-        }
-        if (s->s3->tmp.new_compression == NULL) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
-                   SSL_R_INVALID_COMPRESSION_ALGORITHM);
-            goto f_err;
-        }
-        /* Look for resumed method in compression list */
-        for (m = 0; m < i; m++) {
-            if (q[m] == comp_id)
-                break;
-        }
-        if (m >= i) {
-            al = SSL_AD_ILLEGAL_PARAMETER;
-            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
-                   SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING);
-            goto f_err;
-        }
-    } else if (s->hit)
-        comp = NULL;
-    else if (!(s->options & SSL_OP_NO_COMPRESSION) && s->ctx->comp_methods) {
-        /* See if we have a match */
-        int m, nn, o, v, done = 0;
-
-        nn = sk_SSL_COMP_num(s->ctx->comp_methods);
-        for (m = 0; m < nn; m++) {
-            comp = sk_SSL_COMP_value(s->ctx->comp_methods, m);
-            v = comp->id;
-            for (o = 0; o < i; o++) {
-                if (v == q[o]) {
-                    done = 1;
-                    break;
-                }
-            }
-            if (done)
-                break;
-        }
-        if (done)
-            s->s3->tmp.new_compression = comp;
-        else
-            comp = NULL;
-    }
-#else
-    /*
-     * If compression is disabled we'd better not try to resume a session
-     * using compression.
-     */
-    if (s->session->compress_meth != 0) {
-        SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_INCONSISTENT_COMPRESSION);
-        goto f_err;
-    }
-#endif
-
-    /*
-     * Given s->session->ciphers and SSL_get_ciphers, we must pick a cipher
-     */
-
-    if (!s->hit) {
-#ifdef OPENSSL_NO_COMP
-        s->session->compress_meth = 0;
-#else
-        s->session->compress_meth = (comp == NULL) ? 0 : comp->id;
-#endif
-        if (s->session->ciphers != NULL)
-            sk_SSL_CIPHER_free(s->session->ciphers);
-        s->session->ciphers = ciphers;
-        if (ciphers == NULL) {
-            al = SSL_AD_INTERNAL_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
-            goto f_err;
-        }
-        ciphers = NULL;
-        if (!tls1_set_server_sigalgs(s)) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
-            goto err;
-        }
-        /* Let cert callback update server certificates if required */
- retry_cert:
-        if (s->cert->cert_cb) {
-            int rv = s->cert->cert_cb(s, s->cert->cert_cb_arg);
-            if (rv == 0) {
-                al = SSL_AD_INTERNAL_ERROR;
-                SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_CERT_CB_ERROR);
-                goto f_err;
-            }
-            if (rv < 0) {
-                s->rwstate = SSL_X509_LOOKUP;
-                return -1;
-            }
-            s->rwstate = SSL_NOTHING;
-        }
-        c = ssl3_choose_cipher(s, s->session->ciphers, SSL_get_ciphers(s));
-
-        if (c == NULL) {
-            al = SSL_AD_HANDSHAKE_FAILURE;
-            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_NO_SHARED_CIPHER);
-            goto f_err;
-        }
-        s->s3->tmp.new_cipher = c;
-    } else {
-        /* Session-id reuse */
-#ifdef REUSE_CIPHER_BUG
-        STACK_OF(SSL_CIPHER) *sk;
-        SSL_CIPHER *nc = NULL;
-        SSL_CIPHER *ec = NULL;
-
-        if (s->options & SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG) {
-            sk = s->session->ciphers;
-            for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
-                c = sk_SSL_CIPHER_value(sk, i);
-                if (c->algorithm_enc & SSL_eNULL)
-                    nc = c;
-                if (SSL_C_IS_EXPORT(c))
-                    ec = c;
-            }
-            if (nc != NULL)
-                s->s3->tmp.new_cipher = nc;
-            else if (ec != NULL)
-                s->s3->tmp.new_cipher = ec;
-            else
-                s->s3->tmp.new_cipher = s->session->cipher;
-        } else
-#endif
-            s->s3->tmp.new_cipher = s->session->cipher;
-    }
-
-    if (!SSL_USE_SIGALGS(s) || !(s->verify_mode & SSL_VERIFY_PEER)) {
-        if (!ssl3_digest_cached_records(s))
-            goto f_err;
-    }
-
-    /*-
-    * we now have the following setup.
-     * client_random
-     * cipher_list          - our prefered list of ciphers
-     * ciphers              - the clients prefered list of ciphers
-     * compression          - basically ignored right now
-     * ssl version is set   - sslv3
-     * s->session           - The ssl session has been setup.
-     * s->hit               - session reuse flag
-     * s->tmp.new_cipher    - the new cipher to use.
-     */
-
-    /* Handles TLS extensions that we couldn't check earlier */
-    if (s->version >= SSL3_VERSION) {
-        if (!ssl_check_clienthello_tlsext_late(s, &al)) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
-            goto f_err;
-        }
-    }
-
-    ret = cookie_valid ? 2 : 1;
-    if (0) {
- f_err:
-        ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
-        s->state = SSL_ST_ERR;
-    }
-
-    if (ciphers != NULL)
-        sk_SSL_CIPHER_free(ciphers);
-    return ret;
-}
-
-int ssl3_send_server_hello(SSL *s)
-{
-    unsigned char *buf;
-    unsigned char *p, *d;
-    int i, sl;
-    int al = 0;
-    unsigned long l;
-
-    if (s->state == SSL3_ST_SW_SRVR_HELLO_A) {
-        buf = (unsigned char *)s->init_buf->data;
-#ifdef OPENSSL_NO_TLSEXT
-        p = s->s3->server_random;
-        if (ssl_fill_hello_random(s, 1, p, SSL3_RANDOM_SIZE) <= 0) {
-            s->state = SSL_ST_ERR;
-            return -1;
-        }
-#endif
-        /* Do the message type and length last */
-        d = p = ssl_handshake_start(s);
-
-        *(p++) = s->version >> 8;
-        *(p++) = s->version & 0xff;
-
-        /* Random stuff */
-        memcpy(p, s->s3->server_random, SSL3_RANDOM_SIZE);
-        p += SSL3_RANDOM_SIZE;
-
-        /*-
-         * There are several cases for the session ID to send
-         * back in the server hello:
-         * - For session reuse from the session cache,
-         *   we send back the old session ID.
-         * - If stateless session reuse (using a session ticket)
-         *   is successful, we send back the client's "session ID"
-         *   (which doesn't actually identify the session).
-         * - If it is a new session, we send back the new
-         *   session ID.
-         * - However, if we want the new session to be single-use,
-         *   we send back a 0-length session ID.
-         * s->hit is non-zero in either case of session reuse,
-         * so the following won't overwrite an ID that we're supposed
-         * to send back.
-         */
-        if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER)
-            && !s->hit)
-            s->session->session_id_length = 0;
-
-        sl = s->session->session_id_length;
-        if (sl > (int)sizeof(s->session->session_id)) {
-            SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
-            s->state = SSL_ST_ERR;
-            return -1;
-        }
-        *(p++) = sl;
-        memcpy(p, s->session->session_id, sl);
-        p += sl;
-
-        /* put the cipher */
-        i = ssl3_put_cipher_by_char(s->s3->tmp.new_cipher, p);
-        p += i;
-
-        /* put the compression method */
-#ifdef OPENSSL_NO_COMP
-        *(p++) = 0;
-#else
-        if (s->s3->tmp.new_compression == NULL)
-            *(p++) = 0;
-        else
-            *(p++) = s->s3->tmp.new_compression->id;
-#endif
-#ifndef OPENSSL_NO_TLSEXT
-        if (ssl_prepare_serverhello_tlsext(s) <= 0) {
-            SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, SSL_R_SERVERHELLO_TLSEXT);
-            s->state = SSL_ST_ERR;
-            return -1;
-        }
-        if ((p =
-             ssl_add_serverhello_tlsext(s, p, buf + SSL3_RT_MAX_PLAIN_LENGTH,
-                                        &al)) == NULL) {
-            ssl3_send_alert(s, SSL3_AL_FATAL, al);
-            SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
-            s->state = SSL_ST_ERR;
-            return -1;
-        }
-#endif
-        /* do the header */
-        l = (p - d);
-        ssl_set_handshake_header(s, SSL3_MT_SERVER_HELLO, l);
-        s->state = SSL3_ST_SW_SRVR_HELLO_B;
-    }
-
-    /* SSL3_ST_SW_SRVR_HELLO_B */
-    return ssl_do_write(s);
-}
-
-int ssl3_send_server_done(SSL *s)
-{
-
-    if (s->state == SSL3_ST_SW_SRVR_DONE_A) {
-        ssl_set_handshake_header(s, SSL3_MT_SERVER_DONE, 0);
-        s->state = SSL3_ST_SW_SRVR_DONE_B;
-    }
-
-    /* SSL3_ST_SW_SRVR_DONE_B */
-    return ssl_do_write(s);
-}
-
-int ssl3_send_server_key_exchange(SSL *s)
-{
-#ifndef OPENSSL_NO_RSA
-    unsigned char *q;
-    int j, num;
-    RSA *rsa;
-    unsigned char md_buf[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
-    unsigned int u;
-#endif
-#ifndef OPENSSL_NO_DH
-# ifdef OPENSSL_NO_RSA
-    int j;
-# endif
-    DH *dh = NULL, *dhp;
-#endif
-#ifndef OPENSSL_NO_ECDH
-    EC_KEY *ecdh = NULL, *ecdhp;
-    unsigned char *encodedPoint = NULL;
-    int encodedlen = 0;
-    int curve_id = 0;
-    BN_CTX *bn_ctx = NULL;
-#endif
-    EVP_PKEY *pkey;
-    const EVP_MD *md = NULL;
-    unsigned char *p, *d;
-    int al, i;
-    unsigned long type;
-    int n;
-    CERT *cert;
-    BIGNUM *r[4];
-    int nr[4], kn;
-    BUF_MEM *buf;
-    EVP_MD_CTX md_ctx;
-
-    EVP_MD_CTX_init(&md_ctx);
-    if (s->state == SSL3_ST_SW_KEY_EXCH_A) {
-        type = s->s3->tmp.new_cipher->algorithm_mkey;
-        cert = s->cert;
-
-        buf = s->init_buf;
-
-        r[0] = r[1] = r[2] = r[3] = NULL;
-        n = 0;
-#ifndef OPENSSL_NO_RSA
-        if (type & SSL_kRSA) {
-            rsa = cert->rsa_tmp;
-            if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {
-                rsa = s->cert->rsa_tmp_cb(s,
-                                          SSL_C_IS_EXPORT(s->s3->
-                                                          tmp.new_cipher),
-                                          SSL_C_EXPORT_PKEYLENGTH(s->s3->
-                                                                  tmp.new_cipher));
-                if (rsa == NULL) {
-                    al = SSL_AD_HANDSHAKE_FAILURE;
-                    SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-                           SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
-                    goto f_err;
-                }
-                RSA_up_ref(rsa);
-                cert->rsa_tmp = rsa;
-            }
-            if (rsa == NULL) {
-                al = SSL_AD_HANDSHAKE_FAILURE;
-                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-                       SSL_R_MISSING_TMP_RSA_KEY);
-                goto f_err;
-            }
-            r[0] = rsa->n;
-            r[1] = rsa->e;
-            s->s3->tmp.use_rsa_tmp = 1;
-        } else
-#endif
-#ifndef OPENSSL_NO_DH
-        if (type & SSL_kEDH) {
-            dhp = cert->dh_tmp;
-            if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
-                dhp = s->cert->dh_tmp_cb(s,
-                                         SSL_C_IS_EXPORT(s->s3->
-                                                         tmp.new_cipher),
-                                         SSL_C_EXPORT_PKEYLENGTH(s->s3->
-                                                                 tmp.new_cipher));
-            if (dhp == NULL) {
-                al = SSL_AD_HANDSHAKE_FAILURE;
-                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-                       SSL_R_MISSING_TMP_DH_KEY);
-                goto f_err;
-            }
-
-            if (s->s3->tmp.dh != NULL) {
-                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-                       ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-
-            if ((dh = DHparams_dup(dhp)) == NULL) {
-                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB);
-                goto err;
-            }
-
-            s->s3->tmp.dh = dh;
-            if (!DH_generate_key(dh)) {
-                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB);
-                goto err;
-            }
-            r[0] = dh->p;
-            r[1] = dh->g;
-            r[2] = dh->pub_key;
-        } else
-#endif
-#ifndef OPENSSL_NO_ECDH
-        if (type & SSL_kEECDH) {
-            const EC_GROUP *group;
-
-            if (s->s3->tmp.ecdh != NULL) {
-                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-                       ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-
-            ecdhp = cert->ecdh_tmp;
-            if (s->cert->ecdh_tmp_auto) {
-                /* Get NID of appropriate shared curve */
-                int nid = tls1_shared_curve(s, -2);
-                if (nid != NID_undef)
-                    ecdhp = EC_KEY_new_by_curve_name(nid);
-            } else if ((ecdhp == NULL) && s->cert->ecdh_tmp_cb) {
-                ecdhp = s->cert->ecdh_tmp_cb(s,
-                                             SSL_C_IS_EXPORT(s->s3->
-                                                             tmp.new_cipher),
-                                             SSL_C_EXPORT_PKEYLENGTH(s->
-                                                                     s3->tmp.new_cipher));
-            }
-            if (ecdhp == NULL) {
-                al = SSL_AD_HANDSHAKE_FAILURE;
-                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-                       SSL_R_MISSING_TMP_ECDH_KEY);
-                goto f_err;
-            }
-
-            /* Duplicate the ECDH structure. */
-            if (s->cert->ecdh_tmp_auto)
-                ecdh = ecdhp;
-            else if ((ecdh = EC_KEY_dup(ecdhp)) == NULL) {
-                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
-                goto err;
-            }
-
-            s->s3->tmp.ecdh = ecdh;
-            if ((EC_KEY_get0_public_key(ecdh) == NULL) ||
-                (EC_KEY_get0_private_key(ecdh) == NULL) ||
-                (s->options & SSL_OP_SINGLE_ECDH_USE)) {
-                if (!EC_KEY_generate_key(ecdh)) {
-                    SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-                           ERR_R_ECDH_LIB);
-                    goto err;
-                }
-            }
-
-            if (((group = EC_KEY_get0_group(ecdh)) == NULL) ||
-                (EC_KEY_get0_public_key(ecdh) == NULL) ||
-                (EC_KEY_get0_private_key(ecdh) == NULL)) {
-                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
-                goto err;
-            }
-
-            if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
-                (EC_GROUP_get_degree(group) > 163)) {
-                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-                       SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);
-                goto err;
-            }
-
-            /*
-             * XXX: For now, we only support ephemeral ECDH keys over named
-             * (not generic) curves. For supported named curves, curve_id is
-             * non-zero.
-             */
-            if ((curve_id =
-                 tls1_ec_nid2curve_id(EC_GROUP_get_curve_name(group)))
-                == 0) {
-                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-                       SSL_R_UNSUPPORTED_ELLIPTIC_CURVE);
-                goto err;
-            }
-
-            /*
-             * Encode the public key. First check the size of encoding and
-             * allocate memory accordingly.
-             */
-            encodedlen = EC_POINT_point2oct(group,
-                                            EC_KEY_get0_public_key(ecdh),
-                                            POINT_CONVERSION_UNCOMPRESSED,
-                                            NULL, 0, NULL);
-
-            encodedPoint = (unsigned char *)
-                OPENSSL_malloc(encodedlen * sizeof(unsigned char));
-            bn_ctx = BN_CTX_new();
-            if ((encodedPoint == NULL) || (bn_ctx == NULL)) {
-                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-                       ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-
-            encodedlen = EC_POINT_point2oct(group,
-                                            EC_KEY_get0_public_key(ecdh),
-                                            POINT_CONVERSION_UNCOMPRESSED,
-                                            encodedPoint, encodedlen, bn_ctx);
-
-            if (encodedlen == 0) {
-                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
-                goto err;
-            }
-
-            BN_CTX_free(bn_ctx);
-            bn_ctx = NULL;
-
-            /*
-             * XXX: For now, we only support named (not generic) curves in
-             * ECDH ephemeral key exchanges. In this situation, we need four
-             * additional bytes to encode the entire ServerECDHParams
-             * structure.
-             */
-            n = 4 + encodedlen;
-
-            /*
-             * We'll generate the serverKeyExchange message explicitly so we
-             * can set these to NULLs
-             */
-            r[0] = NULL;
-            r[1] = NULL;
-            r[2] = NULL;
-            r[3] = NULL;
-        } else
-#endif                          /* !OPENSSL_NO_ECDH */
-#ifndef OPENSSL_NO_PSK
-        if (type & SSL_kPSK) {
-            /*
-             * reserve size for record length and PSK identity hint
-             */
-            n += 2 + strlen(s->ctx->psk_identity_hint);
-        } else
-#endif                          /* !OPENSSL_NO_PSK */
-#ifndef OPENSSL_NO_SRP
-        if (type & SSL_kSRP) {
-            if ((s->srp_ctx.N == NULL) ||
-                (s->srp_ctx.g == NULL) ||
-                (s->srp_ctx.s == NULL) || (s->srp_ctx.B == NULL)) {
-                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-                       SSL_R_MISSING_SRP_PARAM);
-                goto err;
-            }
-            r[0] = s->srp_ctx.N;
-            r[1] = s->srp_ctx.g;
-            r[2] = s->srp_ctx.s;
-            r[3] = s->srp_ctx.B;
-        } else
-#endif
-        {
-            al = SSL_AD_HANDSHAKE_FAILURE;
-            SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-                   SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
-            goto f_err;
-        }
-        for (i = 0; i < 4 && r[i] != NULL; i++) {
-            nr[i] = BN_num_bytes(r[i]);
-#ifndef OPENSSL_NO_SRP
-            if ((i == 2) && (type & SSL_kSRP))
-                n += 1 + nr[i];
-            else
-#endif
-#ifndef OPENSSL_NO_DH
-            /*
-             * for interoperability with some versions of the Microsoft TLS
-             * stack, we need to zero pad the DHE pub key to the same length
-             * as the prime, so use the length of the prime here
-             */
-            if ((i == 2) && (type & (SSL_kEDH)))
-                n += 2 + nr[0];
-            else
-#endif
-                n += 2 + nr[i];
-        }
-
-        if (!(s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
-            && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
-            if ((pkey = ssl_get_sign_pkey(s, s->s3->tmp.new_cipher, &md))
-                == NULL) {
-                al = SSL_AD_DECODE_ERROR;
-                goto f_err;
-            }
-            kn = EVP_PKEY_size(pkey);
-            /* Allow space for signature algorithm */
-            if (SSL_USE_SIGALGS(s))
-                kn += 2;
-            /* Allow space for signature length */
-            kn += 2;
-        } else {
-            pkey = NULL;
-            kn = 0;
-        }
-
-        if (!BUF_MEM_grow_clean(buf, n + SSL_HM_HEADER_LENGTH(s) + kn)) {
-            SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_LIB_BUF);
-            goto err;
-        }
-        d = p = ssl_handshake_start(s);
-
-        for (i = 0; i < 4 && r[i] != NULL; i++) {
-#ifndef OPENSSL_NO_SRP
-            if ((i == 2) && (type & SSL_kSRP)) {
-                *p = nr[i];
-                p++;
-            } else
-#endif
-#ifndef OPENSSL_NO_DH
-            /*
-             * for interoperability with some versions of the Microsoft TLS
-             * stack, we need to zero pad the DHE pub key to the same length
-             * as the prime
-             */
-            if ((i == 2) && (type & (SSL_kEDH))) {
-                s2n(nr[0], p);
-                for (j = 0; j < (nr[0] - nr[2]); ++j) {
-                    *p = 0;
-                    ++p;
-                }
-            } else
-#endif
-                s2n(nr[i], p);
-            BN_bn2bin(r[i], p);
-            p += nr[i];
-        }
-
-#ifndef OPENSSL_NO_ECDH
-        if (type & SSL_kEECDH) {
-            /*
-             * XXX: For now, we only support named (not generic) curves. In
-             * this situation, the serverKeyExchange message has: [1 byte
-             * CurveType], [2 byte CurveName] [1 byte length of encoded
-             * point], followed by the actual encoded point itself
-             */
-            *p = NAMED_CURVE_TYPE;
-            p += 1;
-            *p = 0;
-            p += 1;
-            *p = curve_id;
-            p += 1;
-            *p = encodedlen;
-            p += 1;
-            memcpy((unsigned char *)p,
-                   (unsigned char *)encodedPoint, encodedlen);
-            OPENSSL_free(encodedPoint);
-            encodedPoint = NULL;
-            p += encodedlen;
-        }
-#endif
-
-#ifndef OPENSSL_NO_PSK
-        if (type & SSL_kPSK) {
-            /* copy PSK identity hint */
-            s2n(strlen(s->ctx->psk_identity_hint), p);
-            strncpy((char *)p, s->ctx->psk_identity_hint,
-                    strlen(s->ctx->psk_identity_hint));
-            p += strlen(s->ctx->psk_identity_hint);
-        }
-#endif
-
-        /* not anonymous */
-        if (pkey != NULL) {
-            /*
-             * n is the length of the params, they start at &(d[4]) and p
-             * points to the space at the end.
-             */
-#ifndef OPENSSL_NO_RSA
-            if (pkey->type == EVP_PKEY_RSA && !SSL_USE_SIGALGS(s)) {
-                q = md_buf;
-                j = 0;
-                for (num = 2; num > 0; num--) {
-                    EVP_MD_CTX_set_flags(&md_ctx,
-                                         EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
-                    if (EVP_DigestInit_ex(&md_ctx,
-                                          (num == 2) ? s->ctx->md5
-                                                     : s->ctx->sha1,
-                                          NULL) <= 0
-                        || EVP_DigestUpdate(&md_ctx, &(s->s3->client_random[0]),
-                                            SSL3_RANDOM_SIZE) <= 0
-                        || EVP_DigestUpdate(&md_ctx, &(s->s3->server_random[0]),
-                                            SSL3_RANDOM_SIZE) <= 0
-                        || EVP_DigestUpdate(&md_ctx, d, n) <= 0
-                        || EVP_DigestFinal_ex(&md_ctx, q,
-                                              (unsigned int *)&i) <= 0) {
-                        SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-                               ERR_LIB_EVP);
-                        al = SSL_AD_INTERNAL_ERROR;
-                        goto f_err;
-                    }
-                    q += i;
-                    j += i;
-                }
-                if (RSA_sign(NID_md5_sha1, md_buf, j,
-                             &(p[2]), &u, pkey->pkey.rsa) <= 0) {
-                    SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_LIB_RSA);
-                    goto err;
-                }
-                s2n(u, p);
-                n += u + 2;
-            } else
-#endif
-            if (md) {
-                /* send signature algorithm */
-                if (SSL_USE_SIGALGS(s)) {
-                    if (!tls12_get_sigandhash(p, pkey, md)) {
-                        /* Should never happen */
-                        al = SSL_AD_INTERNAL_ERROR;
-                        SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-                               ERR_R_INTERNAL_ERROR);
-                        goto f_err;
-                    }
-                    p += 2;
-                }
-#ifdef SSL_DEBUG
-                fprintf(stderr, "Using hash %s\n", EVP_MD_name(md));
-#endif
-                if (EVP_SignInit_ex(&md_ctx, md, NULL) <= 0
-                        || EVP_SignUpdate(&md_ctx, &(s->s3->client_random[0]),
-                                          SSL3_RANDOM_SIZE) <= 0
-                        || EVP_SignUpdate(&md_ctx, &(s->s3->server_random[0]),
-                                          SSL3_RANDOM_SIZE) <= 0
-                        || EVP_SignUpdate(&md_ctx, d, n) <= 0
-                        || EVP_SignFinal(&md_ctx, &(p[2]),
-                                         (unsigned int *)&i, pkey) <= 0) {
-                    SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_LIB_EVP);
-                    al = SSL_AD_INTERNAL_ERROR;
-                    goto f_err;
-                }
-                s2n(i, p);
-                n += i + 2;
-                if (SSL_USE_SIGALGS(s))
-                    n += 2;
-            } else {
-                /* Is this error check actually needed? */
-                al = SSL_AD_HANDSHAKE_FAILURE;
-                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-                       SSL_R_UNKNOWN_PKEY_TYPE);
-                goto f_err;
-            }
-        }
-
-        ssl_set_handshake_header(s, SSL3_MT_SERVER_KEY_EXCHANGE, n);
-    }
-
-    s->state = SSL3_ST_SW_KEY_EXCH_B;
-    EVP_MD_CTX_cleanup(&md_ctx);
-    return ssl_do_write(s);
- f_err:
-    ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
-#ifndef OPENSSL_NO_ECDH
-    if (encodedPoint != NULL)
-        OPENSSL_free(encodedPoint);
-    BN_CTX_free(bn_ctx);
-#endif
-    EVP_MD_CTX_cleanup(&md_ctx);
-    s->state = SSL_ST_ERR;
-    return (-1);
-}
-
-int ssl3_send_certificate_request(SSL *s)
-{
-    unsigned char *p, *d;
-    int i, j, nl, off, n;
-    STACK_OF(X509_NAME) *sk = NULL;
-    X509_NAME *name;
-    BUF_MEM *buf;
-
-    if (s->state == SSL3_ST_SW_CERT_REQ_A) {
-        buf = s->init_buf;
-
-        d = p = ssl_handshake_start(s);
-
-        /* get the list of acceptable cert types */
-        p++;
-        n = ssl3_get_req_cert_type(s, p);
-        d[0] = n;
-        p += n;
-        n++;
-
-        if (SSL_USE_SIGALGS(s)) {
-            const unsigned char *psigs;
-            nl = tls12_get_psigalgs(s, 1, &psigs);
-            s2n(nl, p);
-            memcpy(p, psigs, nl);
-            p += nl;
-            n += nl + 2;
-        }
-
-        off = n;
-        p += 2;
-        n += 2;
-
-        sk = SSL_get_client_CA_list(s);
-        nl = 0;
-        if (sk != NULL) {
-            for (i = 0; i < sk_X509_NAME_num(sk); i++) {
-                name = sk_X509_NAME_value(sk, i);
-                j = i2d_X509_NAME(name, NULL);
-                if (!BUF_MEM_grow_clean
-                    (buf, SSL_HM_HEADER_LENGTH(s) + n + j + 2)) {
-                    SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,
-                           ERR_R_BUF_LIB);
-                    goto err;
-                }
-                p = ssl_handshake_start(s) + n;
-                if (!(s->options & SSL_OP_NETSCAPE_CA_DN_BUG)) {
-                    s2n(j, p);
-                    i2d_X509_NAME(name, &p);
-                    n += 2 + j;
-                    nl += 2 + j;
-                } else {
-                    d = p;
-                    i2d_X509_NAME(name, &p);
-                    j -= 2;
-                    s2n(j, d);
-                    j += 2;
-                    n += j;
-                    nl += j;
-                }
-            }
-        }
-        /* else no CA names */
-        p = ssl_handshake_start(s) + off;
-        s2n(nl, p);
-
-        ssl_set_handshake_header(s, SSL3_MT_CERTIFICATE_REQUEST, n);
-
-#ifdef NETSCAPE_HANG_BUG
-        if (!SSL_IS_DTLS(s)) {
-            if (!BUF_MEM_grow_clean(buf, s->init_num + 4)) {
-                SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST, ERR_R_BUF_LIB);
-                goto err;
-            }
-            p = (unsigned char *)s->init_buf->data + s->init_num;
-            /* do the header */
-            *(p++) = SSL3_MT_SERVER_DONE;
-            *(p++) = 0;
-            *(p++) = 0;
-            *(p++) = 0;
-            s->init_num += 4;
-        }
-#endif
-
-        s->state = SSL3_ST_SW_CERT_REQ_B;
-    }
-
-    /* SSL3_ST_SW_CERT_REQ_B */
-    return ssl_do_write(s);
- err:
-    s->state = SSL_ST_ERR;
-    return (-1);
-}
-
-int ssl3_get_client_key_exchange(SSL *s)
-{
-    int i, al, ok;
-    long n;
-    unsigned long alg_k;
-    unsigned char *p;
-#ifndef OPENSSL_NO_RSA
-    RSA *rsa = NULL;
-    EVP_PKEY *pkey = NULL;
-#endif
-#ifndef OPENSSL_NO_DH
-    BIGNUM *pub = NULL;
-    DH *dh_srvr, *dh_clnt = NULL;
-#endif
-#ifndef OPENSSL_NO_KRB5
-    KSSL_ERR kssl_err;
-#endif                          /* OPENSSL_NO_KRB5 */
-
-#ifndef OPENSSL_NO_ECDH
-    EC_KEY *srvr_ecdh = NULL;
-    EVP_PKEY *clnt_pub_pkey = NULL;
-    EC_POINT *clnt_ecpoint = NULL;
-    BN_CTX *bn_ctx = NULL;
-#endif
-
-    n = s->method->ssl_get_message(s,
-                                   SSL3_ST_SR_KEY_EXCH_A,
-                                   SSL3_ST_SR_KEY_EXCH_B,
-                                   SSL3_MT_CLIENT_KEY_EXCHANGE, 2048, &ok);
-
-    if (!ok)
-        return ((int)n);
-    p = (unsigned char *)s->init_msg;
-
-    alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-
-#ifndef OPENSSL_NO_RSA
-    if (alg_k & SSL_kRSA) {
-        unsigned char rand_premaster_secret[SSL_MAX_MASTER_KEY_LENGTH];
-        int decrypt_len;
-        unsigned char decrypt_good, version_good;
-        size_t j;
-
-        /* FIX THIS UP EAY EAY EAY EAY */
-        if (s->s3->tmp.use_rsa_tmp) {
-            if ((s->cert != NULL) && (s->cert->rsa_tmp != NULL))
-                rsa = s->cert->rsa_tmp;
-            /*
-             * Don't do a callback because rsa_tmp should be sent already
-             */
-            if (rsa == NULL) {
-                al = SSL_AD_HANDSHAKE_FAILURE;
-                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                       SSL_R_MISSING_TMP_RSA_PKEY);
-                goto f_err;
-
-            }
-        } else {
-            pkey = s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey;
-            if ((pkey == NULL) ||
-                (pkey->type != EVP_PKEY_RSA) || (pkey->pkey.rsa == NULL)) {
-                al = SSL_AD_HANDSHAKE_FAILURE;
-                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                       SSL_R_MISSING_RSA_CERTIFICATE);
-                goto f_err;
-            }
-            rsa = pkey->pkey.rsa;
-        }
-
-        /* TLS and [incidentally] DTLS{0xFEFF} */
-        if (s->version > SSL3_VERSION && s->version != DTLS1_BAD_VER) {
-            n2s(p, i);
-            if (n != i + 2) {
-                if (!(s->options & SSL_OP_TLS_D5_BUG)) {
-                    al = SSL_AD_DECODE_ERROR;
-                    SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                           SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);
-                    goto f_err;
-                } else
-                    p -= 2;
-            } else
-                n = i;
-        }
-
-        /*
-         * Reject overly short RSA ciphertext because we want to be sure
-         * that the buffer size makes it safe to iterate over the entire
-         * size of a premaster secret (SSL_MAX_MASTER_KEY_LENGTH). The
-         * actual expected size is larger due to RSA padding, but the
-         * bound is sufficient to be safe.
-         */
-        if (n < SSL_MAX_MASTER_KEY_LENGTH) {
-            al = SSL_AD_DECRYPT_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                   SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);
-            goto f_err;
-        }
-
-        /*
-         * We must not leak whether a decryption failure occurs because of
-         * Bleichenbacher's attack on PKCS #1 v1.5 RSA padding (see RFC 2246,
-         * section 7.4.7.1). The code follows that advice of the TLS RFC and
-         * generates a random premaster secret for the case that the decrypt
-         * fails. See https://tools.ietf.org/html/rfc5246#section-7.4.7.1
-         */
-
-        if (RAND_bytes(rand_premaster_secret,
-                       sizeof(rand_premaster_secret)) <= 0)
-            goto err;
-        decrypt_len =
-            RSA_private_decrypt((int)n, p, p, rsa, RSA_PKCS1_PADDING);
-        ERR_clear_error();
-
-        /*
-         * decrypt_len should be SSL_MAX_MASTER_KEY_LENGTH. decrypt_good will
-         * be 0xff if so and zero otherwise.
-         */
-        decrypt_good =
-            constant_time_eq_int_8(decrypt_len, SSL_MAX_MASTER_KEY_LENGTH);
-
-        /*
-         * If the version in the decrypted pre-master secret is correct then
-         * version_good will be 0xff, otherwise it'll be zero. The
-         * Klima-Pokorny-Rosa extension of Bleichenbacher's attack
-         * (http://eprint.iacr.org/2003/052/) exploits the version number
-         * check as a "bad version oracle". Thus version checks are done in
-         * constant time and are treated like any other decryption error.
-         */
-        version_good =
-            constant_time_eq_8(p[0], (unsigned)(s->client_version >> 8));
-        version_good &=
-            constant_time_eq_8(p[1], (unsigned)(s->client_version & 0xff));
-
-        /*
-         * The premaster secret must contain the same version number as the
-         * ClientHello to detect version rollback attacks (strangely, the
-         * protocol does not offer such protection for DH ciphersuites).
-         * However, buggy clients exist that send the negotiated protocol
-         * version instead if the server does not support the requested
-         * protocol version. If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such
-         * clients.
-         */
-        if (s->options & SSL_OP_TLS_ROLLBACK_BUG) {
-            unsigned char workaround_good;
-            workaround_good =
-                constant_time_eq_8(p[0], (unsigned)(s->version >> 8));
-            workaround_good &=
-                constant_time_eq_8(p[1], (unsigned)(s->version & 0xff));
-            version_good |= workaround_good;
-        }
-
-        /*
-         * Both decryption and version must be good for decrypt_good to
-         * remain non-zero (0xff).
-         */
-        decrypt_good &= version_good;
-
-        /*
-         * Now copy rand_premaster_secret over from p using
-         * decrypt_good_mask. If decryption failed, then p does not
-         * contain valid plaintext, however, a check above guarantees
-         * it is still sufficiently large to read from.
-         */
-        for (j = 0; j < sizeof(rand_premaster_secret); j++) {
-            p[j] = constant_time_select_8(decrypt_good, p[j],
-                                          rand_premaster_secret[j]);
-        }
-
-        s->session->master_key_length =
-            s->method->ssl3_enc->generate_master_secret(s,
-                                                        s->
-                                                        session->master_key,
-                                                        p,
-                                                        sizeof
-                                                        (rand_premaster_secret));
-        OPENSSL_cleanse(p, sizeof(rand_premaster_secret));
-    } else
-#endif
-#ifndef OPENSSL_NO_DH
-    if (alg_k & (SSL_kEDH | SSL_kDHr | SSL_kDHd)) {
-        int idx = -1;
-        EVP_PKEY *skey = NULL;
-        if (n > 1) {
-            n2s(p, i);
-        } else {
-            if (alg_k & SSL_kDHE) {
-                al = SSL_AD_HANDSHAKE_FAILURE;
-                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                       SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);
-                goto f_err;
-            }
-            i = 0;
-        }
-        if (n && n != i + 2) {
-            if (!(s->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG)) {
-                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                       SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);
-                al = SSL_AD_HANDSHAKE_FAILURE;
-                goto f_err;
-            } else {
-                p -= 2;
-                i = (int)n;
-            }
-        }
-        if (alg_k & SSL_kDHr)
-            idx = SSL_PKEY_DH_RSA;
-        else if (alg_k & SSL_kDHd)
-            idx = SSL_PKEY_DH_DSA;
-        if (idx >= 0) {
-            skey = s->cert->pkeys[idx].privatekey;
-            if ((skey == NULL) ||
-                (skey->type != EVP_PKEY_DH) || (skey->pkey.dh == NULL)) {
-                al = SSL_AD_HANDSHAKE_FAILURE;
-                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                       SSL_R_MISSING_RSA_CERTIFICATE);
-                goto f_err;
-            }
-            dh_srvr = skey->pkey.dh;
-        } else if (s->s3->tmp.dh == NULL) {
-            al = SSL_AD_HANDSHAKE_FAILURE;
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                   SSL_R_MISSING_TMP_DH_KEY);
-            goto f_err;
-        } else
-            dh_srvr = s->s3->tmp.dh;
-
-        if (n == 0L) {
-            /* Get pubkey from cert */
-            EVP_PKEY *clkey = X509_get_pubkey(s->session->peer);
-            if (clkey) {
-                if (EVP_PKEY_cmp_parameters(clkey, skey) == 1)
-                    dh_clnt = EVP_PKEY_get1_DH(clkey);
-            }
-            if (dh_clnt == NULL) {
-                al = SSL_AD_HANDSHAKE_FAILURE;
-                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                       SSL_R_MISSING_TMP_DH_KEY);
-                goto f_err;
-            }
-            EVP_PKEY_free(clkey);
-            pub = dh_clnt->pub_key;
-        } else
-            pub = BN_bin2bn(p, i, NULL);
-        if (pub == NULL) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_BN_LIB);
-            goto err;
-        }
-
-        i = DH_compute_key(p, pub, dh_srvr);
-
-        if (i <= 0) {
-            al = SSL_AD_HANDSHAKE_FAILURE;
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
-            BN_clear_free(pub);
-            goto f_err;
-        }
-
-        DH_free(s->s3->tmp.dh);
-        s->s3->tmp.dh = NULL;
-        if (dh_clnt)
-            DH_free(dh_clnt);
-        else
-            BN_clear_free(pub);
-        pub = NULL;
-        s->session->master_key_length =
-            s->method->ssl3_enc->generate_master_secret(s,
-                                                        s->
-                                                        session->master_key,
-                                                        p, i);
-        OPENSSL_cleanse(p, i);
-        if (dh_clnt)
-            return 2;
-    } else
-#endif
-#ifndef OPENSSL_NO_KRB5
-    if (alg_k & SSL_kKRB5) {
-        krb5_error_code krb5rc;
-        krb5_data enc_ticket;
-        krb5_data authenticator;
-        krb5_data enc_pms;
-        KSSL_CTX *kssl_ctx = s->kssl_ctx;
-        EVP_CIPHER_CTX ciph_ctx;
-        const EVP_CIPHER *enc = NULL;
-        unsigned char iv[EVP_MAX_IV_LENGTH];
-        unsigned char pms[SSL_MAX_MASTER_KEY_LENGTH + EVP_MAX_BLOCK_LENGTH];
-        int padl, outl;
-        krb5_timestamp authtime = 0;
-        krb5_ticket_times ttimes;
-        int kerr = 0;
-
-        EVP_CIPHER_CTX_init(&ciph_ctx);
-
-        if (!kssl_ctx)
-            kssl_ctx = kssl_ctx_new();
-
-        n2s(p, i);
-        enc_ticket.length = i;
-
-        if (n < (long)(enc_ticket.length + 6)) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                   SSL_R_DATA_LENGTH_TOO_LONG);
-            goto err;
-        }
-
-        enc_ticket.data = (char *)p;
-        p += enc_ticket.length;
-
-        n2s(p, i);
-        authenticator.length = i;
-
-        if (n < (long)(enc_ticket.length + authenticator.length + 6)) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                   SSL_R_DATA_LENGTH_TOO_LONG);
-            goto err;
-        }
-
-        authenticator.data = (char *)p;
-        p += authenticator.length;
-
-        n2s(p, i);
-        enc_pms.length = i;
-        enc_pms.data = (char *)p;
-        p += enc_pms.length;
-
-        /*
-         * Note that the length is checked again below, ** after decryption
-         */
-        if (enc_pms.length > sizeof pms) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                   SSL_R_DATA_LENGTH_TOO_LONG);
-            goto err;
-        }
-
-        if (n != (long)(enc_ticket.length + authenticator.length +
-                        enc_pms.length + 6)) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                   SSL_R_DATA_LENGTH_TOO_LONG);
-            goto err;
-        }
-
-        if ((krb5rc = kssl_sget_tkt(kssl_ctx, &enc_ticket, &ttimes,
-                                    &kssl_err)) != 0) {
-# ifdef KSSL_DEBUG
-            fprintf(stderr, "kssl_sget_tkt rtn %d [%d]\n",
-                    krb5rc, kssl_err.reason);
-            if (kssl_err.text)
-                fprintf(stderr, "kssl_err text= %s\n", kssl_err.text);
-# endif                         /* KSSL_DEBUG */
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, kssl_err.reason);
-            goto err;
-        }
-
-        /*
-         * Note: no authenticator is not considered an error, ** but will
-         * return authtime == 0.
-         */
-        if ((krb5rc = kssl_check_authent(kssl_ctx, &authenticator,
-                                         &authtime, &kssl_err)) != 0) {
-# ifdef KSSL_DEBUG
-            fprintf(stderr, "kssl_check_authent rtn %d [%d]\n",
-                    krb5rc, kssl_err.reason);
-            if (kssl_err.text)
-                fprintf(stderr, "kssl_err text= %s\n", kssl_err.text);
-# endif                         /* KSSL_DEBUG */
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, kssl_err.reason);
-            goto err;
-        }
-
-        if ((krb5rc = kssl_validate_times(authtime, &ttimes)) != 0) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, krb5rc);
-            goto err;
-        }
-# ifdef KSSL_DEBUG
-        kssl_ctx_show(kssl_ctx);
-# endif                         /* KSSL_DEBUG */
-
-        enc = kssl_map_enc(kssl_ctx->enctype);
-        if (enc == NULL)
-            goto err;
-
-        memset(iv, 0, sizeof iv); /* per RFC 1510 */
-
-        if (!EVP_DecryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv)) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                   SSL_R_DECRYPTION_FAILED);
-            goto err;
-        }
-        if (!EVP_DecryptUpdate(&ciph_ctx, pms, &outl,
-                               (unsigned char *)enc_pms.data, enc_pms.length))
-        {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                   SSL_R_DECRYPTION_FAILED);
-            kerr = 1;
-            goto kclean;
-        }
-        if (outl > SSL_MAX_MASTER_KEY_LENGTH) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                   SSL_R_DATA_LENGTH_TOO_LONG);
-            kerr = 1;
-            goto kclean;
-        }
-        if (!EVP_DecryptFinal_ex(&ciph_ctx, &(pms[outl]), &padl)) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                   SSL_R_DECRYPTION_FAILED);
-            kerr = 1;
-            goto kclean;
-        }
-        outl += padl;
-        if (outl > SSL_MAX_MASTER_KEY_LENGTH) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                   SSL_R_DATA_LENGTH_TOO_LONG);
-            kerr = 1;
-            goto kclean;
-        }
-        if (!((pms[0] == (s->client_version >> 8))
-              && (pms[1] == (s->client_version & 0xff)))) {
-            /*
-             * The premaster secret must contain the same version number as
-             * the ClientHello to detect version rollback attacks (strangely,
-             * the protocol does not offer such protection for DH
-             * ciphersuites). However, buggy clients exist that send random
-             * bytes instead of the protocol version. If
-             * SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such clients.
-             * (Perhaps we should have a separate BUG value for the Kerberos
-             * cipher)
-             */
-            if (!(s->options & SSL_OP_TLS_ROLLBACK_BUG)) {
-                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                       SSL_AD_DECODE_ERROR);
-                kerr = 1;
-                goto kclean;
-            }
-        }
-
-        EVP_CIPHER_CTX_cleanup(&ciph_ctx);
-
-        s->session->master_key_length =
-            s->method->ssl3_enc->generate_master_secret(s,
-                                                        s->
-                                                        session->master_key,
-                                                        pms, outl);
-
-        if (kssl_ctx->client_princ) {
-            size_t len = strlen(kssl_ctx->client_princ);
-            if (len < SSL_MAX_KRB5_PRINCIPAL_LENGTH) {
-                s->session->krb5_client_princ_len = len;
-                memcpy(s->session->krb5_client_princ, kssl_ctx->client_princ,
-                       len);
-            }
-        }
-
-        /*- Was doing kssl_ctx_free() here,
-         *  but it caused problems for apache.
-         *  kssl_ctx = kssl_ctx_free(kssl_ctx);
-         *  if (s->kssl_ctx)  s->kssl_ctx = NULL;
-         */
-
- kclean:
-        OPENSSL_cleanse(pms, sizeof(pms));
-        if (kerr)
-            goto err;
-    } else
-#endif                          /* OPENSSL_NO_KRB5 */
-
-#ifndef OPENSSL_NO_ECDH
-    if (alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe)) {
-        int ret = 1;
-        int field_size = 0;
-        const EC_KEY *tkey;
-        const EC_GROUP *group;
-        const BIGNUM *priv_key;
-
-        /* initialize structures for server's ECDH key pair */
-        if ((srvr_ecdh = EC_KEY_new()) == NULL) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-
-        /* Let's get server private key and group information */
-        if (alg_k & (SSL_kECDHr | SSL_kECDHe)) {
-            /* use the certificate */
-            tkey = s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec;
-        } else {
-            /*
-             * use the ephermeral values we saved when generating the
-             * ServerKeyExchange msg.
-             */
-            tkey = s->s3->tmp.ecdh;
-        }
-
-        group = EC_KEY_get0_group(tkey);
-        priv_key = EC_KEY_get0_private_key(tkey);
-
-        if (!EC_KEY_set_group(srvr_ecdh, group) ||
-            !EC_KEY_set_private_key(srvr_ecdh, priv_key)) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
-            goto err;
-        }
-
-        /* Let's get client's public key */
-        if ((clnt_ecpoint = EC_POINT_new(group)) == NULL) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-
-        if (n == 0L) {
-            /* Client Publickey was in Client Certificate */
-
-            if (alg_k & SSL_kEECDH) {
-                al = SSL_AD_HANDSHAKE_FAILURE;
-                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                       SSL_R_MISSING_TMP_ECDH_KEY);
-                goto f_err;
-            }
-            if (((clnt_pub_pkey = X509_get_pubkey(s->session->peer))
-                 == NULL) || (clnt_pub_pkey->type != EVP_PKEY_EC)) {
-                /*
-                 * XXX: For now, we do not support client authentication
-                 * using ECDH certificates so this branch (n == 0L) of the
-                 * code is never executed. When that support is added, we
-                 * ought to ensure the key received in the certificate is
-                 * authorized for key agreement. ECDH_compute_key implicitly
-                 * checks that the two ECDH shares are for the same group.
-                 */
-                al = SSL_AD_HANDSHAKE_FAILURE;
-                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                       SSL_R_UNABLE_TO_DECODE_ECDH_CERTS);
-                goto f_err;
-            }
-
-            if (EC_POINT_copy(clnt_ecpoint,
-                              EC_KEY_get0_public_key(clnt_pub_pkey->
-                                                     pkey.ec)) == 0) {
-                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
-                goto err;
-            }
-            ret = 2;            /* Skip certificate verify processing */
-        } else {
-            /*
-             * Get client's public key from encoded point in the
-             * ClientKeyExchange message.
-             */
-            if ((bn_ctx = BN_CTX_new()) == NULL) {
-                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                       ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-
-            /* Get encoded point length */
-            i = *p;
-            p += 1;
-            if (n != 1 + i) {
-                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_LENGTH_MISMATCH);
-                al = SSL_AD_DECODE_ERROR;
-                goto f_err;
-            }
-            if (EC_POINT_oct2point(group, clnt_ecpoint, p, i, bn_ctx) == 0) {
-                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
-                al = SSL_AD_HANDSHAKE_FAILURE;
-                goto f_err;
-            }
-            /*
-             * p is pointing to somewhere in the buffer currently, so set it
-             * to the start
-             */
-            p = (unsigned char *)s->init_buf->data;
-        }
-
-        /* Compute the shared pre-master secret */
-        field_size = EC_GROUP_get_degree(group);
-        if (field_size <= 0) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
-            goto err;
-        }
-        i = ECDH_compute_key(p, (field_size + 7) / 8, clnt_ecpoint, srvr_ecdh,
-                             NULL);
-        if (i <= 0) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
-            goto err;
-        }
-
-        EVP_PKEY_free(clnt_pub_pkey);
-        EC_POINT_free(clnt_ecpoint);
-        EC_KEY_free(srvr_ecdh);
-        BN_CTX_free(bn_ctx);
-        EC_KEY_free(s->s3->tmp.ecdh);
-        s->s3->tmp.ecdh = NULL;
-
-        /* Compute the master secret */
-        s->session->master_key_length =
-            s->method->ssl3_enc->generate_master_secret(s,
-                                                        s->
-                                                        session->master_key,
-                                                        p, i);
-
-        OPENSSL_cleanse(p, i);
-        return (ret);
-    } else
-#endif
-#ifndef OPENSSL_NO_PSK
-    if (alg_k & SSL_kPSK) {
-        unsigned char *t = NULL;
-        unsigned char psk_or_pre_ms[PSK_MAX_PSK_LEN * 2 + 4];
-        unsigned int pre_ms_len = 0, psk_len = 0;
-        int psk_err = 1;
-        char tmp_id[PSK_MAX_IDENTITY_LEN + 1];
-
-        al = SSL_AD_HANDSHAKE_FAILURE;
-
-        n2s(p, i);
-        if (n != i + 2) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_LENGTH_MISMATCH);
-            goto psk_err;
-        }
-        if (i > PSK_MAX_IDENTITY_LEN) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                   SSL_R_DATA_LENGTH_TOO_LONG);
-            goto psk_err;
-        }
-        if (s->psk_server_callback == NULL) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                   SSL_R_PSK_NO_SERVER_CB);
-            goto psk_err;
-        }
-
-        /*
-         * Create guaranteed NULL-terminated identity string for the callback
-         */
-        memcpy(tmp_id, p, i);
-        memset(tmp_id + i, 0, PSK_MAX_IDENTITY_LEN + 1 - i);
-        psk_len = s->psk_server_callback(s, tmp_id,
-                                         psk_or_pre_ms,
-                                         sizeof(psk_or_pre_ms));
-        OPENSSL_cleanse(tmp_id, PSK_MAX_IDENTITY_LEN + 1);
-
-        if (psk_len > PSK_MAX_PSK_LEN) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
-            goto psk_err;
-        } else if (psk_len == 0) {
-            /*
-             * PSK related to the given identity not found
-             */
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                   SSL_R_PSK_IDENTITY_NOT_FOUND);
-            al = SSL_AD_UNKNOWN_PSK_IDENTITY;
-            goto psk_err;
-        }
-
-        /* create PSK pre_master_secret */
-        pre_ms_len = 2 + psk_len + 2 + psk_len;
-        t = psk_or_pre_ms;
-        memmove(psk_or_pre_ms + psk_len + 4, psk_or_pre_ms, psk_len);
-        s2n(psk_len, t);
-        memset(t, 0, psk_len);
-        t += psk_len;
-        s2n(psk_len, t);
-
-        if (s->session->psk_identity != NULL)
-            OPENSSL_free(s->session->psk_identity);
-        s->session->psk_identity = BUF_strndup((char *)p, i);
-        if (s->session->psk_identity == NULL) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
-            goto psk_err;
-        }
-
-        if (s->session->psk_identity_hint != NULL)
-            OPENSSL_free(s->session->psk_identity_hint);
-        s->session->psk_identity_hint = BUF_strdup(s->ctx->psk_identity_hint);
-        if (s->ctx->psk_identity_hint != NULL &&
-            s->session->psk_identity_hint == NULL) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
-            goto psk_err;
-        }
-
-        s->session->master_key_length =
-            s->method->ssl3_enc->generate_master_secret(s,
-                                                        s->
-                                                        session->master_key,
-                                                        psk_or_pre_ms,
-                                                        pre_ms_len);
-        psk_err = 0;
- psk_err:
-        OPENSSL_cleanse(psk_or_pre_ms, sizeof(psk_or_pre_ms));
-        if (psk_err != 0)
-            goto f_err;
-    } else
-#endif
-#ifndef OPENSSL_NO_SRP
-    if (alg_k & SSL_kSRP) {
-        int param_len;
-
-        n2s(p, i);
-        param_len = i + 2;
-        if (param_len > n) {
-            al = SSL_AD_DECODE_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                   SSL_R_BAD_SRP_A_LENGTH);
-            goto f_err;
-        }
-        if (!(s->srp_ctx.A = BN_bin2bn(p, i, NULL))) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_BN_LIB);
-            goto err;
-        }
-        if (BN_ucmp(s->srp_ctx.A, s->srp_ctx.N) >= 0
-            || BN_is_zero(s->srp_ctx.A)) {
-            al = SSL_AD_ILLEGAL_PARAMETER;
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                   SSL_R_BAD_SRP_PARAMETERS);
-            goto f_err;
-        }
-        if (s->session->srp_username != NULL)
-            OPENSSL_free(s->session->srp_username);
-        s->session->srp_username = BUF_strdup(s->srp_ctx.login);
-        if (s->session->srp_username == NULL) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-
-        if ((s->session->master_key_length =
-             SRP_generate_server_master_secret(s,
-                                               s->session->master_key)) < 0) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
-            goto err;
-        }
-
-        p += i;
-    } else
-#endif                          /* OPENSSL_NO_SRP */
-    if (alg_k & SSL_kGOST) {
-        int ret = 0;
-        EVP_PKEY_CTX *pkey_ctx;
-        EVP_PKEY *client_pub_pkey = NULL, *pk = NULL;
-        unsigned char premaster_secret[32], *start;
-        size_t outlen = 32, inlen;
-        unsigned long alg_a;
-        int Ttag, Tclass;
-        long Tlen;
-
-        /* Get our certificate private key */
-        alg_a = s->s3->tmp.new_cipher->algorithm_auth;
-        if (alg_a & SSL_aGOST94)
-            pk = s->cert->pkeys[SSL_PKEY_GOST94].privatekey;
-        else if (alg_a & SSL_aGOST01)
-            pk = s->cert->pkeys[SSL_PKEY_GOST01].privatekey;
-
-        pkey_ctx = EVP_PKEY_CTX_new(pk, NULL);
-        if (pkey_ctx == NULL) {
-            al = SSL_AD_INTERNAL_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
-            goto f_err;
-        }
-        if (EVP_PKEY_decrypt_init(pkey_ctx) <= 0) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
-            goto gerr;
-        }
-        /*
-         * If client certificate is present and is of the same type, maybe
-         * use it for key exchange.  Don't mind errors from
-         * EVP_PKEY_derive_set_peer, because it is completely valid to use a
-         * client certificate for authorization only.
-         */
-        client_pub_pkey = X509_get_pubkey(s->session->peer);
-        if (client_pub_pkey) {
-            if (EVP_PKEY_derive_set_peer(pkey_ctx, client_pub_pkey) <= 0)
-                ERR_clear_error();
-        }
-        /* Decrypt session key */
-        if (ASN1_get_object
-            ((const unsigned char **)&p, &Tlen, &Ttag, &Tclass,
-             n) != V_ASN1_CONSTRUCTED || Ttag != V_ASN1_SEQUENCE
-            || Tclass != V_ASN1_UNIVERSAL) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                   SSL_R_DECRYPTION_FAILED);
-            goto gerr;
-        }
-        start = p;
-        inlen = Tlen;
-        if (EVP_PKEY_decrypt
-            (pkey_ctx, premaster_secret, &outlen, start, inlen) <= 0) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-                   SSL_R_DECRYPTION_FAILED);
-            goto gerr;
-        }
-        /* Generate master secret */
-        s->session->master_key_length =
-            s->method->ssl3_enc->generate_master_secret(s,
-                                                        s->
-                                                        session->master_key,
-                                                        premaster_secret, 32);
-        OPENSSL_cleanse(premaster_secret, sizeof(premaster_secret));
-        /* Check if pubkey from client certificate was used */
-        if (EVP_PKEY_CTX_ctrl
-            (pkey_ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 2, NULL) > 0)
-            ret = 2;
-        else
-            ret = 1;
- gerr:
-        EVP_PKEY_free(client_pub_pkey);
-        EVP_PKEY_CTX_free(pkey_ctx);
-        if (ret)
-            return ret;
-        else
-            goto err;
-    } else {
-        al = SSL_AD_HANDSHAKE_FAILURE;
-        SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_UNKNOWN_CIPHER_TYPE);
-        goto f_err;
-    }
-
-    return (1);
- f_err:
-    ssl3_send_alert(s, SSL3_AL_FATAL, al);
-#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_ECDH) || defined(OPENSSL_NO_SRP)
- err:
-#endif
-#ifndef OPENSSL_NO_ECDH
-    EVP_PKEY_free(clnt_pub_pkey);
-    EC_POINT_free(clnt_ecpoint);
-    if (srvr_ecdh != NULL)
-        EC_KEY_free(srvr_ecdh);
-    BN_CTX_free(bn_ctx);
-#endif
-    s->state = SSL_ST_ERR;
-    return (-1);
-}
-
-int ssl3_get_cert_verify(SSL *s)
-{
-    EVP_PKEY *pkey = NULL;
-    unsigned char *p;
-    int al, ok, ret = 0;
-    long n;
-    int type = 0, i, j;
-    X509 *peer;
-    const EVP_MD *md = NULL;
-    EVP_MD_CTX mctx;
-    EVP_MD_CTX_init(&mctx);
-
-    /*
-     * We should only process a CertificateVerify message if we have received
-     * a Certificate from the client. If so then |s->session->peer| will be non
-     * NULL. In some instances a CertificateVerify message is not required even
-     * if the peer has sent a Certificate (e.g. such as in the case of static
-     * DH). In that case the ClientKeyExchange processing will skip the
-     * CertificateVerify state so we should not arrive here.
-     */
-    if (s->session->peer == NULL) {
-        ret = 1;
-        goto end;
-    }
-
-    n = s->method->ssl_get_message(s,
-                                   SSL3_ST_SR_CERT_VRFY_A,
-                                   SSL3_ST_SR_CERT_VRFY_B,
-                                   SSL3_MT_CERTIFICATE_VERIFY,
-                                   SSL3_RT_MAX_PLAIN_LENGTH, &ok);
-
-    if (!ok)
-        return ((int)n);
-
-    peer = s->session->peer;
-    pkey = X509_get_pubkey(peer);
-    if (pkey == NULL) {
-        al = SSL_AD_INTERNAL_ERROR;
-        goto f_err;
-    }
-
-    type = X509_certificate_type(peer, pkey);
-
-    if (!(type & EVP_PKT_SIGN)) {
-        SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
-               SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE);
-        al = SSL_AD_ILLEGAL_PARAMETER;
-        goto f_err;
-    }
-
-    /* we now have a signature that we need to verify */
-    p = (unsigned char *)s->init_msg;
-    /* Check for broken implementations of GOST ciphersuites */
-    /*
-     * If key is GOST and n is exactly 64, it is bare signature without
-     * length field
-     */
-    if (n == 64 && (pkey->type == NID_id_GostR3410_94 ||
-                    pkey->type == NID_id_GostR3410_2001)) {
-        i = 64;
-    } else {
-        if (SSL_USE_SIGALGS(s)) {
-            int rv = tls12_check_peer_sigalg(&md, s, p, pkey);
-            if (rv == -1) {
-                al = SSL_AD_INTERNAL_ERROR;
-                goto f_err;
-            } else if (rv == 0) {
-                al = SSL_AD_DECODE_ERROR;
-                goto f_err;
-            }
-#ifdef SSL_DEBUG
-            fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md));
-#endif
-            p += 2;
-            n -= 2;
-        }
-        n2s(p, i);
-        n -= 2;
-        if (i > n) {
-            SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_LENGTH_MISMATCH);
-            al = SSL_AD_DECODE_ERROR;
-            goto f_err;
-        }
-    }
-    j = EVP_PKEY_size(pkey);
-    if ((i > j) || (n > j) || (n <= 0)) {
-        SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_WRONG_SIGNATURE_SIZE);
-        al = SSL_AD_DECODE_ERROR;
-        goto f_err;
-    }
-
-    if (SSL_USE_SIGALGS(s)) {
-        long hdatalen = 0;
-        void *hdata;
-        hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata);
-        if (hdatalen <= 0) {
-            SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_INTERNAL_ERROR);
-            al = SSL_AD_INTERNAL_ERROR;
-            goto f_err;
-        }
-#ifdef SSL_DEBUG
-        fprintf(stderr, "Using TLS 1.2 with client verify alg %s\n",
-                EVP_MD_name(md));
-#endif
-        if (!EVP_VerifyInit_ex(&mctx, md, NULL)
-            || !EVP_VerifyUpdate(&mctx, hdata, hdatalen)) {
-            SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_EVP_LIB);
-            al = SSL_AD_INTERNAL_ERROR;
-            goto f_err;
-        }
-
-        if (EVP_VerifyFinal(&mctx, p, i, pkey) <= 0) {
-            al = SSL_AD_DECRYPT_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_SIGNATURE);
-            goto f_err;
-        }
-    } else
-#ifndef OPENSSL_NO_RSA
-    if (pkey->type == EVP_PKEY_RSA) {
-        i = RSA_verify(NID_md5_sha1, s->s3->tmp.cert_verify_md,
-                       MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, p, i,
-                       pkey->pkey.rsa);
-        if (i < 0) {
-            al = SSL_AD_DECRYPT_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_RSA_DECRYPT);
-            goto f_err;
-        }
-        if (i == 0) {
-            al = SSL_AD_DECRYPT_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_RSA_SIGNATURE);
-            goto f_err;
-        }
-    } else
-#endif
-#ifndef OPENSSL_NO_DSA
-    if (pkey->type == EVP_PKEY_DSA) {
-        j = DSA_verify(pkey->save_type,
-                       &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
-                       SHA_DIGEST_LENGTH, p, i, pkey->pkey.dsa);
-        if (j <= 0) {
-            /* bad signature */
-            al = SSL_AD_DECRYPT_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_DSA_SIGNATURE);
-            goto f_err;
-        }
-    } else
-#endif
-#ifndef OPENSSL_NO_ECDSA
-    if (pkey->type == EVP_PKEY_EC) {
-        j = ECDSA_verify(pkey->save_type,
-                         &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
-                         SHA_DIGEST_LENGTH, p, i, pkey->pkey.ec);
-        if (j <= 0) {
-            /* bad signature */
-            al = SSL_AD_DECRYPT_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_ECDSA_SIGNATURE);
-            goto f_err;
-        }
-    } else
-#endif
-    if (pkey->type == NID_id_GostR3410_94
-            || pkey->type == NID_id_GostR3410_2001) {
-        unsigned char signature[64];
-        int idx;
-        EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new(pkey, NULL);
-        if (pctx == NULL) {
-            al = SSL_AD_INTERNAL_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_MALLOC_FAILURE);
-            goto f_err;
-        }
-        if (EVP_PKEY_verify_init(pctx) <= 0) {
-            EVP_PKEY_CTX_free(pctx);
-            al = SSL_AD_INTERNAL_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_INTERNAL_ERROR);
-            goto f_err;
-        }
-        if (i != 64) {
-#ifdef SSL_DEBUG
-            fprintf(stderr, "GOST signature length is %d", i);
-#endif
-        }
-        for (idx = 0; idx < 64; idx++) {
-            signature[63 - idx] = p[idx];
-        }
-        j = EVP_PKEY_verify(pctx, signature, 64, s->s3->tmp.cert_verify_md,
-                            32);
-        EVP_PKEY_CTX_free(pctx);
-        if (j <= 0) {
-            al = SSL_AD_DECRYPT_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_ECDSA_SIGNATURE);
-            goto f_err;
-        }
-    } else {
-        SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_INTERNAL_ERROR);
-        al = SSL_AD_UNSUPPORTED_CERTIFICATE;
-        goto f_err;
-    }
-
-    ret = 1;
-    if (0) {
- f_err:
-        ssl3_send_alert(s, SSL3_AL_FATAL, al);
-        s->state = SSL_ST_ERR;
-    }
- end:
-    if (s->s3->handshake_buffer) {
-        BIO_free(s->s3->handshake_buffer);
-        s->s3->handshake_buffer = NULL;
-        s->s3->flags &= ~TLS1_FLAGS_KEEP_HANDSHAKE;
-    }
-    EVP_MD_CTX_cleanup(&mctx);
-    EVP_PKEY_free(pkey);
-    return (ret);
-}
-
-int ssl3_get_client_certificate(SSL *s)
-{
-    int i, ok, al, ret = -1;
-    X509 *x = NULL;
-    unsigned long l, nc, llen, n;
-    const unsigned char *p, *q;
-    unsigned char *d;
-    STACK_OF(X509) *sk = NULL;
-
-    n = s->method->ssl_get_message(s,
-                                   SSL3_ST_SR_CERT_A,
-                                   SSL3_ST_SR_CERT_B,
-                                   -1, s->max_cert_list, &ok);
-
-    if (!ok)
-        return ((int)n);
-
-    if (s->s3->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE) {
-        if ((s->verify_mode & SSL_VERIFY_PEER) &&
-            (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
-                   SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
-            al = SSL_AD_HANDSHAKE_FAILURE;
-            goto f_err;
-        }
-        /*
-         * If tls asked for a client cert, the client must return a 0 list
-         */
-        if ((s->version > SSL3_VERSION) && s->s3->tmp.cert_request) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
-                   SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST);
-            al = SSL_AD_UNEXPECTED_MESSAGE;
-            goto f_err;
-        }
-        s->s3->tmp.reuse_message = 1;
-        return (1);
-    }
-
-    if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE) {
-        al = SSL_AD_UNEXPECTED_MESSAGE;
-        SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, SSL_R_WRONG_MESSAGE_TYPE);
-        goto f_err;
-    }
-    p = d = (unsigned char *)s->init_msg;
-
-    if ((sk = sk_X509_new_null()) == NULL) {
-        SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    n2l3(p, llen);
-    if (llen + 3 != n) {
-        al = SSL_AD_DECODE_ERROR;
-        SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, SSL_R_LENGTH_MISMATCH);
-        goto f_err;
-    }
-    for (nc = 0; nc < llen;) {
-        if (nc + 3 > llen) {
-            al = SSL_AD_DECODE_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
-                   SSL_R_CERT_LENGTH_MISMATCH);
-            goto f_err;
-        }
-        n2l3(p, l);
-        if ((l + nc + 3) > llen) {
-            al = SSL_AD_DECODE_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
-                   SSL_R_CERT_LENGTH_MISMATCH);
-            goto f_err;
-        }
-
-        q = p;
-        x = d2i_X509(NULL, &p, l);
-        if (x == NULL) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_ASN1_LIB);
-            goto err;
-        }
-        if (p != (q + l)) {
-            al = SSL_AD_DECODE_ERROR;
-            SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
-                   SSL_R_CERT_LENGTH_MISMATCH);
-            goto f_err;
-        }
-        if (!sk_X509_push(sk, x)) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-        x = NULL;
-        nc += l + 3;
-    }
-
-    if (sk_X509_num(sk) <= 0) {
-        /* TLS does not mind 0 certs returned */
-        if (s->version == SSL3_VERSION) {
-            al = SSL_AD_HANDSHAKE_FAILURE;
-            SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
-                   SSL_R_NO_CERTIFICATES_RETURNED);
-            goto f_err;
-        }
-        /* Fail for TLS only if we required a certificate */
-        else if ((s->verify_mode & SSL_VERIFY_PEER) &&
-                 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
-                   SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
-            al = SSL_AD_HANDSHAKE_FAILURE;
-            goto f_err;
-        }
-        /* No client certificate so digest cached records */
-        if (s->s3->handshake_buffer && !ssl3_digest_cached_records(s)) {
-            al = SSL_AD_INTERNAL_ERROR;
-            goto f_err;
-        }
-    } else {
-        i = ssl_verify_cert_chain(s, sk);
-        if (i <= 0) {
-            al = ssl_verify_alarm_type(s->verify_result);
-            SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
-                   SSL_R_CERTIFICATE_VERIFY_FAILED);
-            goto f_err;
-        }
-    }
-
-    if (s->session->peer != NULL) /* This should not be needed */
-        X509_free(s->session->peer);
-    s->session->peer = sk_X509_shift(sk);
-    s->session->verify_result = s->verify_result;
-
-    /*
-     * With the current implementation, sess_cert will always be NULL when we
-     * arrive here.
-     */
-    if (s->session->sess_cert == NULL) {
-        s->session->sess_cert = ssl_sess_cert_new();
-        if (s->session->sess_cert == NULL) {
-            SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_MALLOC_FAILURE);
-            goto err;
-        }
-    }
-    if (s->session->sess_cert->cert_chain != NULL)
-        sk_X509_pop_free(s->session->sess_cert->cert_chain, X509_free);
-    s->session->sess_cert->cert_chain = sk;
-    /*
-     * Inconsistency alert: cert_chain does *not* include the peer's own
-     * certificate, while we do include it in s3_clnt.c
-     */
-
-    sk = NULL;
-
-    ret = 1;
-    if (0) {
- f_err:
-        ssl3_send_alert(s, SSL3_AL_FATAL, al);
- err:
-        s->state = SSL_ST_ERR;
-    }
-
-    if (x != NULL)
-        X509_free(x);
-    if (sk != NULL)
-        sk_X509_pop_free(sk, X509_free);
-    return (ret);
-}
-
-int ssl3_send_server_certificate(SSL *s)
-{
-    CERT_PKEY *cpk;
-
-    if (s->state == SSL3_ST_SW_CERT_A) {
-        cpk = ssl_get_server_send_pkey(s);
-        if (cpk == NULL) {
-            /* VRS: allow null cert if auth == KRB5 */
-            if ((s->s3->tmp.new_cipher->algorithm_auth != SSL_aKRB5) ||
-                (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5)) {
-                SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,
-                       ERR_R_INTERNAL_ERROR);
-                s->state = SSL_ST_ERR;
-                return (0);
-            }
-        }
-
-        if (!ssl3_output_cert_chain(s, cpk)) {
-            SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE, ERR_R_INTERNAL_ERROR);
-            s->state = SSL_ST_ERR;
-            return (0);
-        }
-        s->state = SSL3_ST_SW_CERT_B;
-    }
-
-    /* SSL3_ST_SW_CERT_B */
-    return ssl_do_write(s);
-}
-
-#ifndef OPENSSL_NO_TLSEXT
-/* send a new session ticket (not necessarily for a new session) */
-int ssl3_send_newsession_ticket(SSL *s)
-{
-    unsigned char *senc = NULL;
-    EVP_CIPHER_CTX ctx;
-    HMAC_CTX hctx;
-
-    if (s->state == SSL3_ST_SW_SESSION_TICKET_A) {
-        unsigned char *p, *macstart;
-        const unsigned char *const_p;
-        int len, slen_full, slen;
-        SSL_SESSION *sess;
-        unsigned int hlen;
-        SSL_CTX *tctx = s->initial_ctx;
-        unsigned char iv[EVP_MAX_IV_LENGTH];
-        unsigned char key_name[16];
-
-        /* get session encoding length */
-        slen_full = i2d_SSL_SESSION(s->session, NULL);
-        /*
-         * Some length values are 16 bits, so forget it if session is too
-         * long
-         */
-        if (slen_full == 0 || slen_full > 0xFF00) {
-            s->state = SSL_ST_ERR;
-            return -1;
-        }
-        senc = OPENSSL_malloc(slen_full);
-        if (!senc) {
-            s->state = SSL_ST_ERR;
-            return -1;
-        }
-
-        EVP_CIPHER_CTX_init(&ctx);
-        HMAC_CTX_init(&hctx);
-
-        p = senc;
-        if (!i2d_SSL_SESSION(s->session, &p))
-            goto err;
-
-        /*
-         * create a fresh copy (not shared with other threads) to clean up
-         */
-        const_p = senc;
-        sess = d2i_SSL_SESSION(NULL, &const_p, slen_full);
-        if (sess == NULL)
-            goto err;
-        sess->session_id_length = 0; /* ID is irrelevant for the ticket */
-
-        slen = i2d_SSL_SESSION(sess, NULL);
-        if (slen == 0 || slen > slen_full) { /* shouldn't ever happen */
-            SSL_SESSION_free(sess);
-            goto err;
-        }
-        p = senc;
-        if (!i2d_SSL_SESSION(sess, &p)) {
-            SSL_SESSION_free(sess);
-            goto err;
-        }
-        SSL_SESSION_free(sess);
-
-        /*-
-         * Grow buffer if need be: the length calculation is as
-         * follows handshake_header_length +
-         * 4 (ticket lifetime hint) + 2 (ticket length) +
-         * 16 (key name) + max_iv_len (iv length) +
-         * session_length + max_enc_block_size (max encrypted session
-         * length) + max_md_size (HMAC).
-         */
-        if (!BUF_MEM_grow(s->init_buf,
-                          SSL_HM_HEADER_LENGTH(s) + 22 + EVP_MAX_IV_LENGTH +
-                          EVP_MAX_BLOCK_LENGTH + EVP_MAX_MD_SIZE + slen))
-            goto err;
-
-        p = ssl_handshake_start(s);
-        /*
-         * Initialize HMAC and cipher contexts. If callback present it does
-         * all the work otherwise use generated values from parent ctx.
-         */
-        if (tctx->tlsext_ticket_key_cb) {
-            /* if 0 is returned, write en empty ticket */
-            int ret = tctx->tlsext_ticket_key_cb(s, key_name, iv, &ctx,
-                                                 &hctx, 1);
-
-            if (ret == 0) {
-                l2n(0, p); /* timeout */
-                s2n(0, p); /* length */
-                ssl_set_handshake_header(s, SSL3_MT_NEWSESSION_TICKET,
-                                         p - ssl_handshake_start(s));
-                s->state = SSL3_ST_SW_SESSION_TICKET_B;
-                OPENSSL_free(senc);
-                EVP_CIPHER_CTX_cleanup(&ctx);
-                HMAC_CTX_cleanup(&hctx);
-                return ssl_do_write(s);
-            }
-            if (ret < 0)
-                goto err;
-        } else {
-            if (RAND_bytes(iv, 16) <= 0)
-                goto err;
-            if (!EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
-                                    tctx->tlsext_tick_aes_key, iv))
-                goto err;
-            if (!HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
-                              tlsext_tick_md(), NULL))
-                goto err;
-            memcpy(key_name, tctx->tlsext_tick_key_name, 16);
-        }
-
-        /*
-         * Ticket lifetime hint (advisory only): We leave this unspecified
-         * for resumed session (for simplicity), and guess that tickets for
-         * new sessions will live as long as their sessions.
-         */
-        l2n(s->hit ? 0 : s->session->timeout, p);
-
-        /* Skip ticket length for now */
-        p += 2;
-        /* Output key name */
-        macstart = p;
-        memcpy(p, key_name, 16);
-        p += 16;
-        /* output IV */
-        memcpy(p, iv, EVP_CIPHER_CTX_iv_length(&ctx));
-        p += EVP_CIPHER_CTX_iv_length(&ctx);
-        /* Encrypt session data */
-        if (!EVP_EncryptUpdate(&ctx, p, &len, senc, slen))
-            goto err;
-        p += len;
-        if (!EVP_EncryptFinal(&ctx, p, &len))
-            goto err;
-        p += len;
-
-        if (!HMAC_Update(&hctx, macstart, p - macstart))
-            goto err;
-        if (!HMAC_Final(&hctx, p, &hlen))
-            goto err;
-
-        EVP_CIPHER_CTX_cleanup(&ctx);
-        HMAC_CTX_cleanup(&hctx);
-
-        p += hlen;
-        /* Now write out lengths: p points to end of data written */
-        /* Total length */
-        len = p - ssl_handshake_start(s);
-        /* Skip ticket lifetime hint */
-        p = ssl_handshake_start(s) + 4;
-        s2n(len - 6, p);
-        ssl_set_handshake_header(s, SSL3_MT_NEWSESSION_TICKET, len);
-        s->state = SSL3_ST_SW_SESSION_TICKET_B;
-        OPENSSL_free(senc);
-    }
-
-    /* SSL3_ST_SW_SESSION_TICKET_B */
-    return ssl_do_write(s);
- err:
-    if (senc)
-        OPENSSL_free(senc);
-    EVP_CIPHER_CTX_cleanup(&ctx);
-    HMAC_CTX_cleanup(&hctx);
-    s->state = SSL_ST_ERR;
-    return -1;
-}
-
-int ssl3_send_cert_status(SSL *s)
-{
-    if (s->state == SSL3_ST_SW_CERT_STATUS_A) {
-        unsigned char *p;
-        size_t msglen;
-
-        /*-
-         * Grow buffer if need be: the length calculation is as
-         * follows handshake_header_length +
-         * 1 (ocsp response type) + 3 (ocsp response length)
-         * + (ocsp response)
-         */
-        msglen = 4 + s->tlsext_ocsp_resplen;
-        if (!BUF_MEM_grow(s->init_buf, SSL_HM_HEADER_LENGTH(s) + msglen)) {
-            s->state = SSL_ST_ERR;
-            return -1;
-        }
-
-        p = ssl_handshake_start(s);
-
-        /* status type */
-        *(p++) = s->tlsext_status_type;
-        /* length of OCSP response */
-        l2n3(s->tlsext_ocsp_resplen, p);
-        /* actual response */
-        memcpy(p, s->tlsext_ocsp_resp, s->tlsext_ocsp_resplen);
-
-        ssl_set_handshake_header(s, SSL3_MT_CERTIFICATE_STATUS, msglen);
-    }
-
-    /* SSL3_ST_SW_CERT_STATUS_B */
-    return (ssl_do_write(s));
-}
-
-# ifndef OPENSSL_NO_NEXTPROTONEG
-/*
- * ssl3_get_next_proto reads a Next Protocol Negotiation handshake message.
- * It sets the next_proto member in s if found
- */
-int ssl3_get_next_proto(SSL *s)
-{
-    int ok;
-    int proto_len, padding_len;
-    long n;
-    const unsigned char *p;
-
-    /*
-     * Clients cannot send a NextProtocol message if we didn't see the
-     * extension in their ClientHello
-     */
-    if (!s->s3->next_proto_neg_seen) {
-        SSLerr(SSL_F_SSL3_GET_NEXT_PROTO,
-               SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION);
-        s->state = SSL_ST_ERR;
-        return -1;
-    }
-
-    /* See the payload format below */
-    n = s->method->ssl_get_message(s,
-                                   SSL3_ST_SR_NEXT_PROTO_A,
-                                   SSL3_ST_SR_NEXT_PROTO_B,
-                                   SSL3_MT_NEXT_PROTO, 514, &ok);
-
-    if (!ok)
-        return ((int)n);
-
-    /*
-     * s->state doesn't reflect whether ChangeCipherSpec has been received in
-     * this handshake, but s->s3->change_cipher_spec does (will be reset by
-     * ssl3_get_finished).
-     */
-    if (!s->s3->change_cipher_spec) {
-        SSLerr(SSL_F_SSL3_GET_NEXT_PROTO, SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS);
-        s->state = SSL_ST_ERR;
-        return -1;
-    }
-
-    if (n < 2) {
-        s->state = SSL_ST_ERR;
-        return 0;               /* The body must be > 1 bytes long */
-    }
-
-    p = (unsigned char *)s->init_msg;
-
-    /*-
-     * The payload looks like:
-     *   uint8 proto_len;
-     *   uint8 proto[proto_len];
-     *   uint8 padding_len;
-     *   uint8 padding[padding_len];
-     */
-    proto_len = p[0];
-    if (proto_len + 2 > s->init_num) {
-        s->state = SSL_ST_ERR;
-        return 0;
-    }
-    padding_len = p[proto_len + 1];
-    if (proto_len + padding_len + 2 != s->init_num) {
-        s->state = SSL_ST_ERR;
-        return 0;
-    }
-
-    s->next_proto_negotiated = OPENSSL_malloc(proto_len);
-    if (!s->next_proto_negotiated) {
-        SSLerr(SSL_F_SSL3_GET_NEXT_PROTO, ERR_R_MALLOC_FAILURE);
-        s->state = SSL_ST_ERR;
-        return 0;
-    }
-    memcpy(s->next_proto_negotiated, p + 1, proto_len);
-    s->next_proto_negotiated_len = proto_len;
-
-    return 1;
-}
-# endif
-
-#endif
diff --git a/thirdparty/openssl/ssl/ssl_algs.c b/thirdparty/openssl/ssl/ssl_algs.c
deleted file mode 100644
index e6f515ff62..0000000000
--- a/thirdparty/openssl/ssl/ssl_algs.c
+++ /dev/null
@@ -1,155 +0,0 @@
-/* ssl/ssl_algs.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include <openssl/lhash.h>
-#include "ssl_locl.h"
-
-int SSL_library_init(void)
-{
-
-#ifndef OPENSSL_NO_DES
-    EVP_add_cipher(EVP_des_cbc());
-    EVP_add_cipher(EVP_des_ede3_cbc());
-#endif
-#ifndef OPENSSL_NO_IDEA
-    EVP_add_cipher(EVP_idea_cbc());
-#endif
-#ifndef OPENSSL_NO_RC4
-    EVP_add_cipher(EVP_rc4());
-# if !defined(OPENSSL_NO_MD5) && (defined(__x86_64) || defined(__x86_64__))
-    EVP_add_cipher(EVP_rc4_hmac_md5());
-# endif
-#endif
-#ifndef OPENSSL_NO_RC2
-    EVP_add_cipher(EVP_rc2_cbc());
-    /*
-     * Not actually used for SSL/TLS but this makes PKCS#12 work if an
-     * application only calls SSL_library_init().
-     */
-    EVP_add_cipher(EVP_rc2_40_cbc());
-#endif
-#ifndef OPENSSL_NO_AES
-    EVP_add_cipher(EVP_aes_128_cbc());
-    EVP_add_cipher(EVP_aes_192_cbc());
-    EVP_add_cipher(EVP_aes_256_cbc());
-    EVP_add_cipher(EVP_aes_128_gcm());
-    EVP_add_cipher(EVP_aes_256_gcm());
-# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
-    EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
-    EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
-# endif
-# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256)
-    EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256());
-    EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256());
-# endif
-
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-    EVP_add_cipher(EVP_camellia_128_cbc());
-    EVP_add_cipher(EVP_camellia_256_cbc());
-#endif
-
-#ifndef OPENSSL_NO_SEED
-    EVP_add_cipher(EVP_seed_cbc());
-#endif
-
-#ifndef OPENSSL_NO_MD5
-    EVP_add_digest(EVP_md5());
-    EVP_add_digest_alias(SN_md5, "ssl2-md5");
-    EVP_add_digest_alias(SN_md5, "ssl3-md5");
-#endif
-#ifndef OPENSSL_NO_SHA
-    EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
-    EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
-    EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
-#endif
-#ifndef OPENSSL_NO_SHA256
-    EVP_add_digest(EVP_sha224());
-    EVP_add_digest(EVP_sha256());
-#endif
-#ifndef OPENSSL_NO_SHA512
-    EVP_add_digest(EVP_sha384());
-    EVP_add_digest(EVP_sha512());
-#endif
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_DSA)
-    EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
-    EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);
-    EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");
-    EVP_add_digest_alias(SN_dsaWithSHA1, "dss1");
-#endif
-#ifndef OPENSSL_NO_ECDSA
-    EVP_add_digest(EVP_ecdsa());
-#endif
-    /* If you want support for phased out ciphers, add the following */
-#if 0
-    EVP_add_digest(EVP_sha());
-    EVP_add_digest(EVP_dss());
-#endif
-#ifndef OPENSSL_NO_COMP
-    /*
-     * This will initialise the built-in compression algorithms. The value
-     * returned is a STACK_OF(SSL_COMP), but that can be discarded safely
-     */
-    (void)SSL_COMP_get_compression_methods();
-#endif
-    /* initialize cipher/digest methods table */
-    ssl_load_ciphers();
-    return (1);
-}
diff --git a/thirdparty/openssl/ssl/ssl_asn1.c b/thirdparty/openssl/ssl/ssl_asn1.c
deleted file mode 100644
index 499f0e85ad..0000000000
--- a/thirdparty/openssl/ssl/ssl_asn1.c
+++ /dev/null
@@ -1,639 +0,0 @@
-/* ssl/ssl_asn1.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include "ssl_locl.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-typedef struct ssl_session_asn1_st {
-    ASN1_INTEGER version;
-    ASN1_INTEGER ssl_version;
-    ASN1_OCTET_STRING cipher;
-    ASN1_OCTET_STRING comp_id;
-    ASN1_OCTET_STRING master_key;
-    ASN1_OCTET_STRING session_id;
-    ASN1_OCTET_STRING session_id_context;
-    ASN1_OCTET_STRING key_arg;
-#ifndef OPENSSL_NO_KRB5
-    ASN1_OCTET_STRING krb5_princ;
-#endif                          /* OPENSSL_NO_KRB5 */
-    ASN1_INTEGER time;
-    ASN1_INTEGER timeout;
-    ASN1_INTEGER verify_result;
-#ifndef OPENSSL_NO_TLSEXT
-    ASN1_OCTET_STRING tlsext_hostname;
-    ASN1_INTEGER tlsext_tick_lifetime;
-    ASN1_OCTET_STRING tlsext_tick;
-#endif                          /* OPENSSL_NO_TLSEXT */
-#ifndef OPENSSL_NO_PSK
-    ASN1_OCTET_STRING psk_identity_hint;
-    ASN1_OCTET_STRING psk_identity;
-#endif                          /* OPENSSL_NO_PSK */
-#ifndef OPENSSL_NO_SRP
-    ASN1_OCTET_STRING srp_username;
-#endif                          /* OPENSSL_NO_SRP */
-} SSL_SESSION_ASN1;
-
-int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
-{
-#define LSIZE2 (sizeof(long)*2)
-    int v1 = 0, v2 = 0, v3 = 0, v4 = 0, v5 = 0;
-    unsigned char buf[4], ibuf1[LSIZE2], ibuf2[LSIZE2];
-    unsigned char ibuf3[LSIZE2], ibuf4[LSIZE2], ibuf5[LSIZE2];
-#ifndef OPENSSL_NO_TLSEXT
-    int v6 = 0, v9 = 0, v10 = 0;
-    unsigned char ibuf6[LSIZE2];
-#endif
-#ifndef OPENSSL_NO_PSK
-    int v7 = 0, v8 = 0;
-#endif
-#ifndef OPENSSL_NO_COMP
-    unsigned char cbuf;
-    int v11 = 0;
-#endif
-#ifndef OPENSSL_NO_SRP
-    int v12 = 0;
-#endif
-    long l;
-    SSL_SESSION_ASN1 a;
-    M_ASN1_I2D_vars(in);
-
-    if ((in == NULL) || ((in->cipher == NULL) && (in->cipher_id == 0)))
-        return (0);
-
-    /*
-     * Note that I cheat in the following 2 assignments.  I know that if the
-     * ASN1_INTEGER passed to ASN1_INTEGER_set is > sizeof(long)+1, the
-     * buffer will not be re-OPENSSL_malloc()ed. This is a bit evil but makes
-     * things simple, no dynamic allocation to clean up :-)
-     */
-    a.version.length = LSIZE2;
-    a.version.type = V_ASN1_INTEGER;
-    a.version.data = ibuf1;
-    ASN1_INTEGER_set(&(a.version), SSL_SESSION_ASN1_VERSION);
-
-    a.ssl_version.length = LSIZE2;
-    a.ssl_version.type = V_ASN1_INTEGER;
-    a.ssl_version.data = ibuf2;
-    ASN1_INTEGER_set(&(a.ssl_version), in->ssl_version);
-
-    a.cipher.type = V_ASN1_OCTET_STRING;
-    a.cipher.data = buf;
-
-    if (in->cipher == NULL)
-        l = in->cipher_id;
-    else
-        l = in->cipher->id;
-    if (in->ssl_version == SSL2_VERSION) {
-        a.cipher.length = 3;
-        buf[0] = ((unsigned char)(l >> 16L)) & 0xff;
-        buf[1] = ((unsigned char)(l >> 8L)) & 0xff;
-        buf[2] = ((unsigned char)(l)) & 0xff;
-    } else {
-        a.cipher.length = 2;
-        buf[0] = ((unsigned char)(l >> 8L)) & 0xff;
-        buf[1] = ((unsigned char)(l)) & 0xff;
-    }
-
-#ifndef OPENSSL_NO_COMP
-    if (in->compress_meth) {
-        cbuf = (unsigned char)in->compress_meth;
-        a.comp_id.length = 1;
-        a.comp_id.type = V_ASN1_OCTET_STRING;
-        a.comp_id.data = &cbuf;
-    }
-#endif
-
-    a.master_key.length = in->master_key_length;
-    a.master_key.type = V_ASN1_OCTET_STRING;
-    a.master_key.data = in->master_key;
-
-    a.session_id.length = in->session_id_length;
-    a.session_id.type = V_ASN1_OCTET_STRING;
-    a.session_id.data = in->session_id;
-
-    a.session_id_context.length = in->sid_ctx_length;
-    a.session_id_context.type = V_ASN1_OCTET_STRING;
-    a.session_id_context.data = in->sid_ctx;
-
-    a.key_arg.length = in->key_arg_length;
-    a.key_arg.type = V_ASN1_OCTET_STRING;
-    a.key_arg.data = in->key_arg;
-
-#ifndef OPENSSL_NO_KRB5
-    if (in->krb5_client_princ_len) {
-        a.krb5_princ.length = in->krb5_client_princ_len;
-        a.krb5_princ.type = V_ASN1_OCTET_STRING;
-        a.krb5_princ.data = in->krb5_client_princ;
-    }
-#endif                          /* OPENSSL_NO_KRB5 */
-
-    if (in->time != 0L) {
-        a.time.length = LSIZE2;
-        a.time.type = V_ASN1_INTEGER;
-        a.time.data = ibuf3;
-        ASN1_INTEGER_set(&(a.time), in->time);
-    }
-
-    if (in->timeout != 0L) {
-        a.timeout.length = LSIZE2;
-        a.timeout.type = V_ASN1_INTEGER;
-        a.timeout.data = ibuf4;
-        ASN1_INTEGER_set(&(a.timeout), in->timeout);
-    }
-
-    if (in->verify_result != X509_V_OK) {
-        a.verify_result.length = LSIZE2;
-        a.verify_result.type = V_ASN1_INTEGER;
-        a.verify_result.data = ibuf5;
-        ASN1_INTEGER_set(&a.verify_result, in->verify_result);
-    }
-#ifndef OPENSSL_NO_TLSEXT
-    if (in->tlsext_hostname) {
-        a.tlsext_hostname.length = strlen(in->tlsext_hostname);
-        a.tlsext_hostname.type = V_ASN1_OCTET_STRING;
-        a.tlsext_hostname.data = (unsigned char *)in->tlsext_hostname;
-    }
-    if (in->tlsext_tick) {
-        a.tlsext_tick.length = in->tlsext_ticklen;
-        a.tlsext_tick.type = V_ASN1_OCTET_STRING;
-        a.tlsext_tick.data = (unsigned char *)in->tlsext_tick;
-    }
-    if (in->tlsext_tick_lifetime_hint > 0) {
-        a.tlsext_tick_lifetime.length = LSIZE2;
-        a.tlsext_tick_lifetime.type = V_ASN1_INTEGER;
-        a.tlsext_tick_lifetime.data = ibuf6;
-        ASN1_INTEGER_set(&a.tlsext_tick_lifetime,
-                         in->tlsext_tick_lifetime_hint);
-    }
-#endif                          /* OPENSSL_NO_TLSEXT */
-#ifndef OPENSSL_NO_PSK
-    if (in->psk_identity_hint) {
-        a.psk_identity_hint.length = strlen(in->psk_identity_hint);
-        a.psk_identity_hint.type = V_ASN1_OCTET_STRING;
-        a.psk_identity_hint.data = (unsigned char *)(in->psk_identity_hint);
-    }
-    if (in->psk_identity) {
-        a.psk_identity.length = strlen(in->psk_identity);
-        a.psk_identity.type = V_ASN1_OCTET_STRING;
-        a.psk_identity.data = (unsigned char *)(in->psk_identity);
-    }
-#endif                          /* OPENSSL_NO_PSK */
-#ifndef OPENSSL_NO_SRP
-    if (in->srp_username) {
-        a.srp_username.length = strlen(in->srp_username);
-        a.srp_username.type = V_ASN1_OCTET_STRING;
-        a.srp_username.data = (unsigned char *)(in->srp_username);
-    }
-#endif                          /* OPENSSL_NO_SRP */
-
-    M_ASN1_I2D_len(&(a.version), i2d_ASN1_INTEGER);
-    M_ASN1_I2D_len(&(a.ssl_version), i2d_ASN1_INTEGER);
-    M_ASN1_I2D_len(&(a.cipher), i2d_ASN1_OCTET_STRING);
-    M_ASN1_I2D_len(&(a.session_id), i2d_ASN1_OCTET_STRING);
-    M_ASN1_I2D_len(&(a.master_key), i2d_ASN1_OCTET_STRING);
-#ifndef OPENSSL_NO_KRB5
-    if (in->krb5_client_princ_len)
-        M_ASN1_I2D_len(&(a.krb5_princ), i2d_ASN1_OCTET_STRING);
-#endif                          /* OPENSSL_NO_KRB5 */
-    if (in->key_arg_length > 0)
-        M_ASN1_I2D_len_IMP_opt(&(a.key_arg), i2d_ASN1_OCTET_STRING);
-    if (in->time != 0L)
-        M_ASN1_I2D_len_EXP_opt(&(a.time), i2d_ASN1_INTEGER, 1, v1);
-    if (in->timeout != 0L)
-        M_ASN1_I2D_len_EXP_opt(&(a.timeout), i2d_ASN1_INTEGER, 2, v2);
-    if (in->peer != NULL)
-        M_ASN1_I2D_len_EXP_opt(in->peer, i2d_X509, 3, v3);
-    M_ASN1_I2D_len_EXP_opt(&a.session_id_context, i2d_ASN1_OCTET_STRING, 4,
-                           v4);
-    if (in->verify_result != X509_V_OK)
-        M_ASN1_I2D_len_EXP_opt(&(a.verify_result), i2d_ASN1_INTEGER, 5, v5);
-
-#ifndef OPENSSL_NO_TLSEXT
-    if (in->tlsext_tick_lifetime_hint > 0)
-        M_ASN1_I2D_len_EXP_opt(&a.tlsext_tick_lifetime, i2d_ASN1_INTEGER, 9,
-                               v9);
-    if (in->tlsext_tick)
-        M_ASN1_I2D_len_EXP_opt(&(a.tlsext_tick), i2d_ASN1_OCTET_STRING, 10,
-                               v10);
-    if (in->tlsext_hostname)
-        M_ASN1_I2D_len_EXP_opt(&(a.tlsext_hostname), i2d_ASN1_OCTET_STRING, 6,
-                               v6);
-# ifndef OPENSSL_NO_COMP
-    if (in->compress_meth)
-        M_ASN1_I2D_len_EXP_opt(&(a.comp_id), i2d_ASN1_OCTET_STRING, 11, v11);
-# endif
-#endif                          /* OPENSSL_NO_TLSEXT */
-#ifndef OPENSSL_NO_PSK
-    if (in->psk_identity_hint)
-        M_ASN1_I2D_len_EXP_opt(&(a.psk_identity_hint), i2d_ASN1_OCTET_STRING,
-                               7, v7);
-    if (in->psk_identity)
-        M_ASN1_I2D_len_EXP_opt(&(a.psk_identity), i2d_ASN1_OCTET_STRING, 8,
-                               v8);
-#endif                          /* OPENSSL_NO_PSK */
-#ifndef OPENSSL_NO_SRP
-    if (in->srp_username)
-        M_ASN1_I2D_len_EXP_opt(&(a.srp_username), i2d_ASN1_OCTET_STRING, 12,
-                               v12);
-#endif                          /* OPENSSL_NO_SRP */
-
-    M_ASN1_I2D_seq_total();
-
-    M_ASN1_I2D_put(&(a.version), i2d_ASN1_INTEGER);
-    M_ASN1_I2D_put(&(a.ssl_version), i2d_ASN1_INTEGER);
-    M_ASN1_I2D_put(&(a.cipher), i2d_ASN1_OCTET_STRING);
-    M_ASN1_I2D_put(&(a.session_id), i2d_ASN1_OCTET_STRING);
-    M_ASN1_I2D_put(&(a.master_key), i2d_ASN1_OCTET_STRING);
-#ifndef OPENSSL_NO_KRB5
-    if (in->krb5_client_princ_len)
-        M_ASN1_I2D_put(&(a.krb5_princ), i2d_ASN1_OCTET_STRING);
-#endif                          /* OPENSSL_NO_KRB5 */
-    if (in->key_arg_length > 0)
-        M_ASN1_I2D_put_IMP_opt(&(a.key_arg), i2d_ASN1_OCTET_STRING, 0);
-    if (in->time != 0L)
-        M_ASN1_I2D_put_EXP_opt(&(a.time), i2d_ASN1_INTEGER, 1, v1);
-    if (in->timeout != 0L)
-        M_ASN1_I2D_put_EXP_opt(&(a.timeout), i2d_ASN1_INTEGER, 2, v2);
-    if (in->peer != NULL)
-        M_ASN1_I2D_put_EXP_opt(in->peer, i2d_X509, 3, v3);
-    M_ASN1_I2D_put_EXP_opt(&a.session_id_context, i2d_ASN1_OCTET_STRING, 4,
-                           v4);
-    if (in->verify_result != X509_V_OK)
-        M_ASN1_I2D_put_EXP_opt(&a.verify_result, i2d_ASN1_INTEGER, 5, v5);
-#ifndef OPENSSL_NO_TLSEXT
-    if (in->tlsext_hostname)
-        M_ASN1_I2D_put_EXP_opt(&(a.tlsext_hostname), i2d_ASN1_OCTET_STRING, 6,
-                               v6);
-#endif                          /* OPENSSL_NO_TLSEXT */
-#ifndef OPENSSL_NO_PSK
-    if (in->psk_identity_hint)
-        M_ASN1_I2D_put_EXP_opt(&(a.psk_identity_hint), i2d_ASN1_OCTET_STRING,
-                               7, v7);
-    if (in->psk_identity)
-        M_ASN1_I2D_put_EXP_opt(&(a.psk_identity), i2d_ASN1_OCTET_STRING, 8,
-                               v8);
-#endif                          /* OPENSSL_NO_PSK */
-#ifndef OPENSSL_NO_TLSEXT
-    if (in->tlsext_tick_lifetime_hint > 0)
-        M_ASN1_I2D_put_EXP_opt(&a.tlsext_tick_lifetime, i2d_ASN1_INTEGER, 9,
-                               v9);
-    if (in->tlsext_tick)
-        M_ASN1_I2D_put_EXP_opt(&(a.tlsext_tick), i2d_ASN1_OCTET_STRING, 10,
-                               v10);
-#endif                          /* OPENSSL_NO_TLSEXT */
-#ifndef OPENSSL_NO_COMP
-    if (in->compress_meth)
-        M_ASN1_I2D_put_EXP_opt(&(a.comp_id), i2d_ASN1_OCTET_STRING, 11, v11);
-#endif
-#ifndef OPENSSL_NO_SRP
-    if (in->srp_username)
-        M_ASN1_I2D_put_EXP_opt(&(a.srp_username), i2d_ASN1_OCTET_STRING, 12,
-                               v12);
-#endif                          /* OPENSSL_NO_SRP */
-    M_ASN1_I2D_finish();
-}
-
-SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
-                             long length)
-{
-    int ssl_version = 0, i;
-    long id;
-    ASN1_INTEGER ai, *aip;
-    ASN1_OCTET_STRING os, *osp;
-    M_ASN1_D2I_vars(a, SSL_SESSION *, SSL_SESSION_new);
-
-    aip = &ai;
-    osp = &os;
-
-    M_ASN1_D2I_Init();
-    M_ASN1_D2I_start_sequence();
-
-    ai.data = NULL;
-    ai.length = 0;
-    M_ASN1_D2I_get_x(ASN1_INTEGER, aip, d2i_ASN1_INTEGER);
-    if (ai.data != NULL) {
-        OPENSSL_free(ai.data);
-        ai.data = NULL;
-        ai.length = 0;
-    }
-
-    /* we don't care about the version right now :-) */
-    M_ASN1_D2I_get_x(ASN1_INTEGER, aip, d2i_ASN1_INTEGER);
-    ssl_version = (int)ASN1_INTEGER_get(aip);
-    ret->ssl_version = ssl_version;
-    if (ai.data != NULL) {
-        OPENSSL_free(ai.data);
-        ai.data = NULL;
-        ai.length = 0;
-    }
-
-    os.data = NULL;
-    os.length = 0;
-    M_ASN1_D2I_get_x(ASN1_OCTET_STRING, osp, d2i_ASN1_OCTET_STRING);
-    if (ssl_version == SSL2_VERSION) {
-        if (os.length != 3) {
-            c.error = SSL_R_CIPHER_CODE_WRONG_LENGTH;
-            c.line = __LINE__;
-            goto err;
-        }
-        id = 0x02000000L |
-            ((unsigned long)os.data[0] << 16L) |
-            ((unsigned long)os.data[1] << 8L) | (unsigned long)os.data[2];
-    } else if ((ssl_version >> 8) == SSL3_VERSION_MAJOR
-        || (ssl_version >> 8) == DTLS1_VERSION_MAJOR
-        || ssl_version == DTLS1_BAD_VER) {
-        if (os.length != 2) {
-            c.error = SSL_R_CIPHER_CODE_WRONG_LENGTH;
-            c.line = __LINE__;
-            goto err;
-        }
-        id = 0x03000000L |
-            ((unsigned long)os.data[0] << 8L) | (unsigned long)os.data[1];
-    } else {
-        c.error = SSL_R_UNKNOWN_SSL_VERSION;
-        c.line = __LINE__;
-        goto err;
-    }
-
-    ret->cipher = NULL;
-    ret->cipher_id = id;
-
-    M_ASN1_D2I_get_x(ASN1_OCTET_STRING, osp, d2i_ASN1_OCTET_STRING);
-    if ((ssl_version >> 8) >= SSL3_VERSION_MAJOR)
-        i = SSL3_MAX_SSL_SESSION_ID_LENGTH;
-    else                        /* if (ssl_version>>8 == SSL2_VERSION_MAJOR) */
-        i = SSL2_MAX_SSL_SESSION_ID_LENGTH;
-
-    if (os.length > i)
-        os.length = i;
-    if (os.length > (int)sizeof(ret->session_id)) /* can't happen */
-        os.length = sizeof(ret->session_id);
-
-    ret->session_id_length = os.length;
-    OPENSSL_assert(os.length <= (int)sizeof(ret->session_id));
-    memcpy(ret->session_id, os.data, os.length);
-
-    M_ASN1_D2I_get_x(ASN1_OCTET_STRING, osp, d2i_ASN1_OCTET_STRING);
-    if (os.length > SSL_MAX_MASTER_KEY_LENGTH)
-        ret->master_key_length = SSL_MAX_MASTER_KEY_LENGTH;
-    else
-        ret->master_key_length = os.length;
-    memcpy(ret->master_key, os.data, ret->master_key_length);
-
-    os.length = 0;
-
-#ifndef OPENSSL_NO_KRB5
-    os.length = 0;
-    M_ASN1_D2I_get_opt(osp, d2i_ASN1_OCTET_STRING, V_ASN1_OCTET_STRING);
-    if (os.data) {
-        if (os.length > SSL_MAX_KRB5_PRINCIPAL_LENGTH)
-            ret->krb5_client_princ_len = 0;
-        else
-            ret->krb5_client_princ_len = os.length;
-        memcpy(ret->krb5_client_princ, os.data, ret->krb5_client_princ_len);
-        OPENSSL_free(os.data);
-        os.data = NULL;
-        os.length = 0;
-    } else
-        ret->krb5_client_princ_len = 0;
-#endif                          /* OPENSSL_NO_KRB5 */
-
-    M_ASN1_D2I_get_IMP_opt(osp, d2i_ASN1_OCTET_STRING, 0,
-                           V_ASN1_OCTET_STRING);
-    if (os.length > SSL_MAX_KEY_ARG_LENGTH)
-        ret->key_arg_length = SSL_MAX_KEY_ARG_LENGTH;
-    else
-        ret->key_arg_length = os.length;
-    memcpy(ret->key_arg, os.data, ret->key_arg_length);
-    if (os.data != NULL)
-        OPENSSL_free(os.data);
-
-    ai.length = 0;
-    M_ASN1_D2I_get_EXP_opt(aip, d2i_ASN1_INTEGER, 1);
-    if (ai.data != NULL) {
-        ret->time = ASN1_INTEGER_get(aip);
-        OPENSSL_free(ai.data);
-        ai.data = NULL;
-        ai.length = 0;
-    } else
-        ret->time = (unsigned long)time(NULL);
-
-    ai.length = 0;
-    M_ASN1_D2I_get_EXP_opt(aip, d2i_ASN1_INTEGER, 2);
-    if (ai.data != NULL) {
-        ret->timeout = ASN1_INTEGER_get(aip);
-        OPENSSL_free(ai.data);
-        ai.data = NULL;
-        ai.length = 0;
-    } else
-        ret->timeout = 3;
-
-    if (ret->peer != NULL) {
-        X509_free(ret->peer);
-        ret->peer = NULL;
-    }
-    M_ASN1_D2I_get_EXP_opt(ret->peer, d2i_X509, 3);
-
-    os.length = 0;
-    os.data = NULL;
-    M_ASN1_D2I_get_EXP_opt(osp, d2i_ASN1_OCTET_STRING, 4);
-
-    if (os.data != NULL) {
-        if (os.length > SSL_MAX_SID_CTX_LENGTH) {
-            c.error = SSL_R_BAD_LENGTH;
-            c.line = __LINE__;
-            OPENSSL_free(os.data);
-            os.data = NULL;
-            os.length = 0;
-            goto err;
-        } else {
-            ret->sid_ctx_length = os.length;
-            memcpy(ret->sid_ctx, os.data, os.length);
-        }
-        OPENSSL_free(os.data);
-        os.data = NULL;
-        os.length = 0;
-    } else
-        ret->sid_ctx_length = 0;
-
-    ai.length = 0;
-    M_ASN1_D2I_get_EXP_opt(aip, d2i_ASN1_INTEGER, 5);
-    if (ai.data != NULL) {
-        ret->verify_result = ASN1_INTEGER_get(aip);
-        OPENSSL_free(ai.data);
-        ai.data = NULL;
-        ai.length = 0;
-    } else
-        ret->verify_result = X509_V_OK;
-
-#ifndef OPENSSL_NO_TLSEXT
-    os.length = 0;
-    os.data = NULL;
-    M_ASN1_D2I_get_EXP_opt(osp, d2i_ASN1_OCTET_STRING, 6);
-    if (os.data) {
-        ret->tlsext_hostname = BUF_strndup((char *)os.data, os.length);
-        OPENSSL_free(os.data);
-        os.data = NULL;
-        os.length = 0;
-    } else
-        ret->tlsext_hostname = NULL;
-#endif                          /* OPENSSL_NO_TLSEXT */
-
-#ifndef OPENSSL_NO_PSK
-    os.length = 0;
-    os.data = NULL;
-    M_ASN1_D2I_get_EXP_opt(osp, d2i_ASN1_OCTET_STRING, 7);
-    if (os.data) {
-        ret->psk_identity_hint = BUF_strndup((char *)os.data, os.length);
-        OPENSSL_free(os.data);
-        os.data = NULL;
-        os.length = 0;
-    } else
-        ret->psk_identity_hint = NULL;
-
-    os.length = 0;
-    os.data = NULL;
-    M_ASN1_D2I_get_EXP_opt(osp, d2i_ASN1_OCTET_STRING, 8);
-    if (os.data) {
-        ret->psk_identity = BUF_strndup((char *)os.data, os.length);
-        OPENSSL_free(os.data);
-        os.data = NULL;
-        os.length = 0;
-    } else
-        ret->psk_identity = NULL;
-#endif                          /* OPENSSL_NO_PSK */
-
-#ifndef OPENSSL_NO_TLSEXT
-    ai.length = 0;
-    M_ASN1_D2I_get_EXP_opt(aip, d2i_ASN1_INTEGER, 9);
-    if (ai.data != NULL) {
-        ret->tlsext_tick_lifetime_hint = ASN1_INTEGER_get(aip);
-        OPENSSL_free(ai.data);
-        ai.data = NULL;
-        ai.length = 0;
-    } else if (ret->tlsext_ticklen && ret->session_id_length)
-        ret->tlsext_tick_lifetime_hint = -1;
-    else
-        ret->tlsext_tick_lifetime_hint = 0;
-    os.length = 0;
-    os.data = NULL;
-    M_ASN1_D2I_get_EXP_opt(osp, d2i_ASN1_OCTET_STRING, 10);
-    if (os.data) {
-        ret->tlsext_tick = os.data;
-        ret->tlsext_ticklen = os.length;
-        os.data = NULL;
-        os.length = 0;
-    } else
-        ret->tlsext_tick = NULL;
-#endif                          /* OPENSSL_NO_TLSEXT */
-#ifndef OPENSSL_NO_COMP
-    os.length = 0;
-    os.data = NULL;
-    M_ASN1_D2I_get_EXP_opt(osp, d2i_ASN1_OCTET_STRING, 11);
-    if (os.data) {
-        ret->compress_meth = os.data[0];
-        OPENSSL_free(os.data);
-        os.data = NULL;
-    }
-#endif
-
-#ifndef OPENSSL_NO_SRP
-    os.length = 0;
-    os.data = NULL;
-    M_ASN1_D2I_get_EXP_opt(osp, d2i_ASN1_OCTET_STRING, 12);
-    if (os.data) {
-        ret->srp_username = BUF_strndup((char *)os.data, os.length);
-        OPENSSL_free(os.data);
-        os.data = NULL;
-        os.length = 0;
-    } else
-        ret->srp_username = NULL;
-#endif                          /* OPENSSL_NO_SRP */
-
-    M_ASN1_D2I_Finish(a, SSL_SESSION_free, SSL_F_D2I_SSL_SESSION);
-}
diff --git a/thirdparty/openssl/ssl/ssl_cert.c b/thirdparty/openssl/ssl/ssl_cert.c
deleted file mode 100644
index 155728d037..0000000000
--- a/thirdparty/openssl/ssl/ssl_cert.c
+++ /dev/null
@@ -1,1263 +0,0 @@
-/*
- * ! \file ssl/ssl_cert.c
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#include <stdio.h>
-
-#include "e_os.h"
-#ifndef NO_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-
-#include "o_dir.h"
-#include <openssl/objects.h>
-#include <openssl/bio.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#include <openssl/bn.h>
-#include "ssl_locl.h"
-
-int SSL_get_ex_data_X509_STORE_CTX_idx(void)
-{
-    static volatile int ssl_x509_store_ctx_idx = -1;
-    int got_write_lock = 0;
-
-    if (((size_t)&ssl_x509_store_ctx_idx &
-         (sizeof(ssl_x509_store_ctx_idx) - 1))
-        == 0) {                 /* check alignment, practically always true */
-        int ret;
-
-        if ((ret = ssl_x509_store_ctx_idx) < 0) {
-            CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-            if ((ret = ssl_x509_store_ctx_idx) < 0) {
-                ret = ssl_x509_store_ctx_idx =
-                    X509_STORE_CTX_get_ex_new_index(0,
-                                                    "SSL for verify callback",
-                                                    NULL, NULL, NULL);
-            }
-            CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-        }
-
-        return ret;
-    } else {                    /* commonly eliminated */
-
-        CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
-
-        if (ssl_x509_store_ctx_idx < 0) {
-            CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
-            CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-            got_write_lock = 1;
-
-            if (ssl_x509_store_ctx_idx < 0) {
-                ssl_x509_store_ctx_idx =
-                    X509_STORE_CTX_get_ex_new_index(0,
-                                                    "SSL for verify callback",
-                                                    NULL, NULL, NULL);
-            }
-        }
-
-        if (got_write_lock)
-            CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-        else
-            CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
-
-        return ssl_x509_store_ctx_idx;
-    }
-}
-
-void ssl_cert_set_default_md(CERT *cert)
-{
-    /* Set digest values to defaults */
-#ifndef OPENSSL_NO_DSA
-    cert->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_sha1();
-#endif
-#ifndef OPENSSL_NO_RSA
-    cert->pkeys[SSL_PKEY_RSA_SIGN].digest = EVP_sha1();
-    cert->pkeys[SSL_PKEY_RSA_ENC].digest = EVP_sha1();
-#endif
-#ifndef OPENSSL_NO_ECDSA
-    cert->pkeys[SSL_PKEY_ECC].digest = EVP_sha1();
-#endif
-}
-
-CERT *ssl_cert_new(void)
-{
-    CERT *ret;
-
-    ret = (CERT *)OPENSSL_malloc(sizeof(CERT));
-    if (ret == NULL) {
-        SSLerr(SSL_F_SSL_CERT_NEW, ERR_R_MALLOC_FAILURE);
-        return (NULL);
-    }
-    memset(ret, 0, sizeof(CERT));
-
-    ret->key = &(ret->pkeys[SSL_PKEY_RSA_ENC]);
-    ret->references = 1;
-    ssl_cert_set_default_md(ret);
-    return (ret);
-}
-
-CERT *ssl_cert_dup(CERT *cert)
-{
-    CERT *ret;
-    int i;
-
-    ret = (CERT *)OPENSSL_malloc(sizeof(CERT));
-    if (ret == NULL) {
-        SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE);
-        return (NULL);
-    }
-
-    memset(ret, 0, sizeof(CERT));
-
-    ret->references = 1;
-    ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]];
-    /*
-     * or ret->key = ret->pkeys + (cert->key - cert->pkeys), if you find that
-     * more readable
-     */
-
-    ret->valid = cert->valid;
-    ret->mask_k = cert->mask_k;
-    ret->mask_a = cert->mask_a;
-    ret->export_mask_k = cert->export_mask_k;
-    ret->export_mask_a = cert->export_mask_a;
-
-#ifndef OPENSSL_NO_RSA
-    if (cert->rsa_tmp != NULL) {
-        RSA_up_ref(cert->rsa_tmp);
-        ret->rsa_tmp = cert->rsa_tmp;
-    }
-    ret->rsa_tmp_cb = cert->rsa_tmp_cb;
-#endif
-
-#ifndef OPENSSL_NO_DH
-    if (cert->dh_tmp != NULL) {
-        ret->dh_tmp = DHparams_dup(cert->dh_tmp);
-        if (ret->dh_tmp == NULL) {
-            SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_DH_LIB);
-            goto err;
-        }
-        if (cert->dh_tmp->priv_key) {
-            BIGNUM *b = BN_dup(cert->dh_tmp->priv_key);
-            if (!b) {
-                SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
-                goto err;
-            }
-            ret->dh_tmp->priv_key = b;
-        }
-        if (cert->dh_tmp->pub_key) {
-            BIGNUM *b = BN_dup(cert->dh_tmp->pub_key);
-            if (!b) {
-                SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
-                goto err;
-            }
-            ret->dh_tmp->pub_key = b;
-        }
-    }
-    ret->dh_tmp_cb = cert->dh_tmp_cb;
-#endif
-
-#ifndef OPENSSL_NO_ECDH
-    if (cert->ecdh_tmp) {
-        ret->ecdh_tmp = EC_KEY_dup(cert->ecdh_tmp);
-        if (ret->ecdh_tmp == NULL) {
-            SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_EC_LIB);
-            goto err;
-        }
-    }
-    ret->ecdh_tmp_cb = cert->ecdh_tmp_cb;
-    ret->ecdh_tmp_auto = cert->ecdh_tmp_auto;
-#endif
-
-    for (i = 0; i < SSL_PKEY_NUM; i++) {
-        CERT_PKEY *cpk = cert->pkeys + i;
-        CERT_PKEY *rpk = ret->pkeys + i;
-        if (cpk->x509 != NULL) {
-            rpk->x509 = cpk->x509;
-            CRYPTO_add(&rpk->x509->references, 1, CRYPTO_LOCK_X509);
-        }
-
-        if (cpk->privatekey != NULL) {
-            rpk->privatekey = cpk->privatekey;
-            CRYPTO_add(&cpk->privatekey->references, 1, CRYPTO_LOCK_EVP_PKEY);
-        }
-
-        if (cpk->chain) {
-            rpk->chain = X509_chain_up_ref(cpk->chain);
-            if (!rpk->chain) {
-                SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-        }
-        rpk->valid_flags = 0;
-#ifndef OPENSSL_NO_TLSEXT
-        if (cert->pkeys[i].serverinfo != NULL) {
-            /* Just copy everything. */
-            ret->pkeys[i].serverinfo =
-                OPENSSL_malloc(cert->pkeys[i].serverinfo_length);
-            if (ret->pkeys[i].serverinfo == NULL) {
-                SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-            ret->pkeys[i].serverinfo_length =
-                cert->pkeys[i].serverinfo_length;
-            memcpy(ret->pkeys[i].serverinfo,
-                   cert->pkeys[i].serverinfo,
-                   cert->pkeys[i].serverinfo_length);
-        }
-#endif
-    }
-
-    /*
-     * Set digests to defaults. NB: we don't copy existing values as they
-     * will be set during handshake.
-     */
-    ssl_cert_set_default_md(ret);
-    /* Peer sigalgs set to NULL as we get these from handshake too */
-    ret->peer_sigalgs = NULL;
-    ret->peer_sigalgslen = 0;
-    /* Configured sigalgs however we copy across */
-
-    if (cert->conf_sigalgs) {
-        ret->conf_sigalgs = OPENSSL_malloc(cert->conf_sigalgslen);
-        if (!ret->conf_sigalgs)
-            goto err;
-        memcpy(ret->conf_sigalgs, cert->conf_sigalgs, cert->conf_sigalgslen);
-        ret->conf_sigalgslen = cert->conf_sigalgslen;
-    } else
-        ret->conf_sigalgs = NULL;
-
-    if (cert->client_sigalgs) {
-        ret->client_sigalgs = OPENSSL_malloc(cert->client_sigalgslen);
-        if (!ret->client_sigalgs)
-            goto err;
-        memcpy(ret->client_sigalgs, cert->client_sigalgs,
-               cert->client_sigalgslen);
-        ret->client_sigalgslen = cert->client_sigalgslen;
-    } else
-        ret->client_sigalgs = NULL;
-    /* Shared sigalgs also NULL */
-    ret->shared_sigalgs = NULL;
-    /* Copy any custom client certificate types */
-    if (cert->ctypes) {
-        ret->ctypes = OPENSSL_malloc(cert->ctype_num);
-        if (!ret->ctypes)
-            goto err;
-        memcpy(ret->ctypes, cert->ctypes, cert->ctype_num);
-        ret->ctype_num = cert->ctype_num;
-    }
-
-    ret->cert_flags = cert->cert_flags;
-
-    ret->cert_cb = cert->cert_cb;
-    ret->cert_cb_arg = cert->cert_cb_arg;
-
-    if (cert->verify_store) {
-        CRYPTO_add(&cert->verify_store->references, 1,
-                   CRYPTO_LOCK_X509_STORE);
-        ret->verify_store = cert->verify_store;
-    }
-
-    if (cert->chain_store) {
-        CRYPTO_add(&cert->chain_store->references, 1, CRYPTO_LOCK_X509_STORE);
-        ret->chain_store = cert->chain_store;
-    }
-
-    ret->ciphers_raw = NULL;
-
-#ifndef OPENSSL_NO_TLSEXT
-    if (!custom_exts_copy(&ret->cli_ext, &cert->cli_ext))
-        goto err;
-    if (!custom_exts_copy(&ret->srv_ext, &cert->srv_ext))
-        goto err;
-#endif
-
-    return (ret);
-
- err:
-#ifndef OPENSSL_NO_RSA
-    if (ret->rsa_tmp != NULL)
-        RSA_free(ret->rsa_tmp);
-#endif
-#ifndef OPENSSL_NO_DH
-    if (ret->dh_tmp != NULL)
-        DH_free(ret->dh_tmp);
-#endif
-#ifndef OPENSSL_NO_ECDH
-    if (ret->ecdh_tmp != NULL)
-        EC_KEY_free(ret->ecdh_tmp);
-#endif
-
-#ifndef OPENSSL_NO_TLSEXT
-    custom_exts_free(&ret->cli_ext);
-    custom_exts_free(&ret->srv_ext);
-#endif
-
-    ssl_cert_clear_certs(ret);
-    OPENSSL_free(ret);
-
-    return NULL;
-}
-
-/* Free up and clear all certificates and chains */
-
-void ssl_cert_clear_certs(CERT *c)
-{
-    int i;
-    if (c == NULL)
-        return;
-    for (i = 0; i < SSL_PKEY_NUM; i++) {
-        CERT_PKEY *cpk = c->pkeys + i;
-        if (cpk->x509) {
-            X509_free(cpk->x509);
-            cpk->x509 = NULL;
-        }
-        if (cpk->privatekey) {
-            EVP_PKEY_free(cpk->privatekey);
-            cpk->privatekey = NULL;
-        }
-        if (cpk->chain) {
-            sk_X509_pop_free(cpk->chain, X509_free);
-            cpk->chain = NULL;
-        }
-#ifndef OPENSSL_NO_TLSEXT
-        if (cpk->serverinfo) {
-            OPENSSL_free(cpk->serverinfo);
-            cpk->serverinfo = NULL;
-            cpk->serverinfo_length = 0;
-        }
-#endif
-        /* Clear all flags apart from explicit sign */
-        cpk->valid_flags &= CERT_PKEY_EXPLICIT_SIGN;
-    }
-}
-
-void ssl_cert_free(CERT *c)
-{
-    int i;
-
-    if (c == NULL)
-        return;
-
-    i = CRYPTO_add(&c->references, -1, CRYPTO_LOCK_SSL_CERT);
-#ifdef REF_PRINT
-    REF_PRINT("CERT", c);
-#endif
-    if (i > 0)
-        return;
-#ifdef REF_CHECK
-    if (i < 0) {
-        fprintf(stderr, "ssl_cert_free, bad reference count\n");
-        abort();                /* ok */
-    }
-#endif
-
-#ifndef OPENSSL_NO_RSA
-    if (c->rsa_tmp)
-        RSA_free(c->rsa_tmp);
-#endif
-#ifndef OPENSSL_NO_DH
-    if (c->dh_tmp)
-        DH_free(c->dh_tmp);
-#endif
-#ifndef OPENSSL_NO_ECDH
-    if (c->ecdh_tmp)
-        EC_KEY_free(c->ecdh_tmp);
-#endif
-
-    ssl_cert_clear_certs(c);
-    if (c->peer_sigalgs)
-        OPENSSL_free(c->peer_sigalgs);
-    if (c->conf_sigalgs)
-        OPENSSL_free(c->conf_sigalgs);
-    if (c->client_sigalgs)
-        OPENSSL_free(c->client_sigalgs);
-    if (c->shared_sigalgs)
-        OPENSSL_free(c->shared_sigalgs);
-    if (c->ctypes)
-        OPENSSL_free(c->ctypes);
-    if (c->verify_store)
-        X509_STORE_free(c->verify_store);
-    if (c->chain_store)
-        X509_STORE_free(c->chain_store);
-    if (c->ciphers_raw)
-        OPENSSL_free(c->ciphers_raw);
-#ifndef OPENSSL_NO_TLSEXT
-    custom_exts_free(&c->cli_ext);
-    custom_exts_free(&c->srv_ext);
-    if (c->alpn_proposed)
-        OPENSSL_free(c->alpn_proposed);
-#endif
-    OPENSSL_free(c);
-}
-
-int ssl_cert_inst(CERT **o)
-{
-    /*
-     * Create a CERT if there isn't already one (which cannot really happen,
-     * as it is initially created in SSL_CTX_new; but the earlier code
-     * usually allows for that one being non-existant, so we follow that
-     * behaviour, as it might turn out that there actually is a reason for it
-     * -- but I'm not sure that *all* of the existing code could cope with
-     * s->cert being NULL, otherwise we could do without the initialization
-     * in SSL_CTX_new).
-     */
-
-    if (o == NULL) {
-        SSLerr(SSL_F_SSL_CERT_INST, ERR_R_PASSED_NULL_PARAMETER);
-        return (0);
-    }
-    if (*o == NULL) {
-        if ((*o = ssl_cert_new()) == NULL) {
-            SSLerr(SSL_F_SSL_CERT_INST, ERR_R_MALLOC_FAILURE);
-            return (0);
-        }
-    }
-    return (1);
-}
-
-int ssl_cert_set0_chain(CERT *c, STACK_OF(X509) *chain)
-{
-    CERT_PKEY *cpk = c->key;
-    if (!cpk)
-        return 0;
-    if (cpk->chain)
-        sk_X509_pop_free(cpk->chain, X509_free);
-    cpk->chain = chain;
-    return 1;
-}
-
-int ssl_cert_set1_chain(CERT *c, STACK_OF(X509) *chain)
-{
-    STACK_OF(X509) *dchain;
-    if (!chain)
-        return ssl_cert_set0_chain(c, NULL);
-    dchain = X509_chain_up_ref(chain);
-    if (!dchain)
-        return 0;
-    if (!ssl_cert_set0_chain(c, dchain)) {
-        sk_X509_pop_free(dchain, X509_free);
-        return 0;
-    }
-    return 1;
-}
-
-int ssl_cert_add0_chain_cert(CERT *c, X509 *x)
-{
-    CERT_PKEY *cpk = c->key;
-    if (!cpk)
-        return 0;
-    if (!cpk->chain)
-        cpk->chain = sk_X509_new_null();
-    if (!cpk->chain || !sk_X509_push(cpk->chain, x))
-        return 0;
-    return 1;
-}
-
-int ssl_cert_add1_chain_cert(CERT *c, X509 *x)
-{
-    if (!ssl_cert_add0_chain_cert(c, x))
-        return 0;
-    CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
-    return 1;
-}
-
-int ssl_cert_select_current(CERT *c, X509 *x)
-{
-    int i;
-    if (x == NULL)
-        return 0;
-    for (i = 0; i < SSL_PKEY_NUM; i++) {
-        CERT_PKEY *cpk = c->pkeys + i;
-        if (cpk->x509 == x && cpk->privatekey) {
-            c->key = cpk;
-            return 1;
-        }
-    }
-
-    for (i = 0; i < SSL_PKEY_NUM; i++) {
-        CERT_PKEY *cpk = c->pkeys + i;
-        if (cpk->privatekey && cpk->x509 && !X509_cmp(cpk->x509, x)) {
-            c->key = cpk;
-            return 1;
-        }
-    }
-    return 0;
-}
-
-int ssl_cert_set_current(CERT *c, long op)
-{
-    int i, idx;
-    if (!c)
-        return 0;
-    if (op == SSL_CERT_SET_FIRST)
-        idx = 0;
-    else if (op == SSL_CERT_SET_NEXT) {
-        idx = (int)(c->key - c->pkeys + 1);
-        if (idx >= SSL_PKEY_NUM)
-            return 0;
-    } else
-        return 0;
-    for (i = idx; i < SSL_PKEY_NUM; i++) {
-        CERT_PKEY *cpk = c->pkeys + i;
-        if (cpk->x509 && cpk->privatekey) {
-            c->key = cpk;
-            return 1;
-        }
-    }
-    return 0;
-}
-
-void ssl_cert_set_cert_cb(CERT *c, int (*cb) (SSL *ssl, void *arg), void *arg)
-{
-    c->cert_cb = cb;
-    c->cert_cb_arg = arg;
-}
-
-SESS_CERT *ssl_sess_cert_new(void)
-{
-    SESS_CERT *ret;
-
-    ret = OPENSSL_malloc(sizeof *ret);
-    if (ret == NULL) {
-        SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE);
-        return NULL;
-    }
-
-    memset(ret, 0, sizeof *ret);
-    ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]);
-    ret->references = 1;
-
-    return ret;
-}
-
-void ssl_sess_cert_free(SESS_CERT *sc)
-{
-    int i;
-
-    if (sc == NULL)
-        return;
-
-    i = CRYPTO_add(&sc->references, -1, CRYPTO_LOCK_SSL_SESS_CERT);
-#ifdef REF_PRINT
-    REF_PRINT("SESS_CERT", sc);
-#endif
-    if (i > 0)
-        return;
-#ifdef REF_CHECK
-    if (i < 0) {
-        fprintf(stderr, "ssl_sess_cert_free, bad reference count\n");
-        abort();                /* ok */
-    }
-#endif
-
-    /* i == 0 */
-    if (sc->cert_chain != NULL)
-        sk_X509_pop_free(sc->cert_chain, X509_free);
-    for (i = 0; i < SSL_PKEY_NUM; i++) {
-        if (sc->peer_pkeys[i].x509 != NULL)
-            X509_free(sc->peer_pkeys[i].x509);
-#if 0                           /* We don't have the peer's private key.
-                                 * These lines are just * here as a reminder
-                                 * that we're still using a
-                                 * not-quite-appropriate * data structure. */
-        if (sc->peer_pkeys[i].privatekey != NULL)
-            EVP_PKEY_free(sc->peer_pkeys[i].privatekey);
-#endif
-    }
-
-#ifndef OPENSSL_NO_RSA
-    if (sc->peer_rsa_tmp != NULL)
-        RSA_free(sc->peer_rsa_tmp);
-#endif
-#ifndef OPENSSL_NO_DH
-    if (sc->peer_dh_tmp != NULL)
-        DH_free(sc->peer_dh_tmp);
-#endif
-#ifndef OPENSSL_NO_ECDH
-    if (sc->peer_ecdh_tmp != NULL)
-        EC_KEY_free(sc->peer_ecdh_tmp);
-#endif
-
-    OPENSSL_free(sc);
-}
-
-int ssl_set_peer_cert_type(SESS_CERT *sc, int type)
-{
-    sc->peer_cert_type = type;
-    return (1);
-}
-
-int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk)
-{
-    X509 *x;
-    int i;
-    X509_STORE *verify_store;
-    X509_STORE_CTX ctx;
-
-    if (s->cert->verify_store)
-        verify_store = s->cert->verify_store;
-    else
-        verify_store = s->ctx->cert_store;
-
-    if ((sk == NULL) || (sk_X509_num(sk) == 0))
-        return (0);
-
-    x = sk_X509_value(sk, 0);
-    if (!X509_STORE_CTX_init(&ctx, verify_store, x, sk)) {
-        SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN, ERR_R_X509_LIB);
-        return (0);
-    }
-    /* Set suite B flags if needed */
-    X509_STORE_CTX_set_flags(&ctx, tls1_suiteb(s));
-#if 0
-    if (SSL_get_verify_depth(s) >= 0)
-        X509_STORE_CTX_set_depth(&ctx, SSL_get_verify_depth(s));
-#endif
-    X509_STORE_CTX_set_ex_data(&ctx, SSL_get_ex_data_X509_STORE_CTX_idx(), s);
-
-    /*
-     * We need to inherit the verify parameters. These can be determined by
-     * the context: if its a server it will verify SSL client certificates or
-     * vice versa.
-     */
-
-    X509_STORE_CTX_set_default(&ctx, s->server ? "ssl_client" : "ssl_server");
-    /*
-     * Anything non-default in "param" should overwrite anything in the ctx.
-     */
-    X509_VERIFY_PARAM_set1(X509_STORE_CTX_get0_param(&ctx), s->param);
-
-    if (s->verify_callback)
-        X509_STORE_CTX_set_verify_cb(&ctx, s->verify_callback);
-
-    if (s->ctx->app_verify_callback != NULL)
-#if 1                           /* new with OpenSSL 0.9.7 */
-        i = s->ctx->app_verify_callback(&ctx, s->ctx->app_verify_arg);
-#else
-        i = s->ctx->app_verify_callback(&ctx); /* should pass app_verify_arg */
-#endif
-    else {
-#ifndef OPENSSL_NO_X509_VERIFY
-        i = X509_verify_cert(&ctx);
-#else
-        i = 0;
-        ctx.error = X509_V_ERR_APPLICATION_VERIFICATION;
-        SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN, SSL_R_NO_VERIFY_CALLBACK);
-#endif
-    }
-
-    s->verify_result = ctx.error;
-    X509_STORE_CTX_cleanup(&ctx);
-
-    return (i);
-}
-
-static void set_client_CA_list(STACK_OF(X509_NAME) **ca_list,
-                               STACK_OF(X509_NAME) *name_list)
-{
-    if (*ca_list != NULL)
-        sk_X509_NAME_pop_free(*ca_list, X509_NAME_free);
-
-    *ca_list = name_list;
-}
-
-STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk)
-{
-    int i;
-    STACK_OF(X509_NAME) *ret;
-    X509_NAME *name;
-
-    ret = sk_X509_NAME_new_null();
-    for (i = 0; i < sk_X509_NAME_num(sk); i++) {
-        name = X509_NAME_dup(sk_X509_NAME_value(sk, i));
-        if ((name == NULL) || !sk_X509_NAME_push(ret, name)) {
-            sk_X509_NAME_pop_free(ret, X509_NAME_free);
-            return (NULL);
-        }
-    }
-    return (ret);
-}
-
-void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list)
-{
-    set_client_CA_list(&(s->client_CA), name_list);
-}
-
-void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list)
-{
-    set_client_CA_list(&(ctx->client_CA), name_list);
-}
-
-STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx)
-{
-    return (ctx->client_CA);
-}
-
-STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s)
-{
-    if (s->type == SSL_ST_CONNECT) { /* we are in the client */
-        if (((s->version >> 8) == SSL3_VERSION_MAJOR) && (s->s3 != NULL))
-            return (s->s3->tmp.ca_names);
-        else
-            return (NULL);
-    } else {
-        if (s->client_CA != NULL)
-            return (s->client_CA);
-        else
-            return (s->ctx->client_CA);
-    }
-}
-
-static int add_client_CA(STACK_OF(X509_NAME) **sk, X509 *x)
-{
-    X509_NAME *name;
-
-    if (x == NULL)
-        return (0);
-    if ((*sk == NULL) && ((*sk = sk_X509_NAME_new_null()) == NULL))
-        return (0);
-
-    if ((name = X509_NAME_dup(X509_get_subject_name(x))) == NULL)
-        return (0);
-
-    if (!sk_X509_NAME_push(*sk, name)) {
-        X509_NAME_free(name);
-        return (0);
-    }
-    return (1);
-}
-
-int SSL_add_client_CA(SSL *ssl, X509 *x)
-{
-    return (add_client_CA(&(ssl->client_CA), x));
-}
-
-int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x)
-{
-    return (add_client_CA(&(ctx->client_CA), x));
-}
-
-static int xname_cmp(const X509_NAME *const *a, const X509_NAME *const *b)
-{
-    return (X509_NAME_cmp(*a, *b));
-}
-
-#ifndef OPENSSL_NO_STDIO
-/**
- * Load CA certs from a file into a ::STACK. Note that it is somewhat misnamed;
- * it doesn't really have anything to do with clients (except that a common use
- * for a stack of CAs is to send it to the client). Actually, it doesn't have
- * much to do with CAs, either, since it will load any old cert.
- * \param file the file containing one or more certs.
- * \return a ::STACK containing the certs.
- */
-STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file)
-{
-    BIO *in;
-    X509 *x = NULL;
-    X509_NAME *xn = NULL;
-    STACK_OF(X509_NAME) *ret = NULL, *sk;
-
-    sk = sk_X509_NAME_new(xname_cmp);
-
-    in = BIO_new(BIO_s_file_internal());
-
-    if ((sk == NULL) || (in == NULL)) {
-        SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (!BIO_read_filename(in, file))
-        goto err;
-
-    for (;;) {
-        if (PEM_read_bio_X509(in, &x, NULL, NULL) == NULL)
-            break;
-        if (ret == NULL) {
-            ret = sk_X509_NAME_new_null();
-            if (ret == NULL) {
-                SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-        }
-        if ((xn = X509_get_subject_name(x)) == NULL)
-            goto err;
-        /* check for duplicates */
-        xn = X509_NAME_dup(xn);
-        if (xn == NULL)
-            goto err;
-        if (sk_X509_NAME_find(sk, xn) >= 0)
-            X509_NAME_free(xn);
-        else {
-            sk_X509_NAME_push(sk, xn);
-            sk_X509_NAME_push(ret, xn);
-        }
-    }
-
-    if (0) {
- err:
-        if (ret != NULL)
-            sk_X509_NAME_pop_free(ret, X509_NAME_free);
-        ret = NULL;
-    }
-    if (sk != NULL)
-        sk_X509_NAME_free(sk);
-    if (in != NULL)
-        BIO_free(in);
-    if (x != NULL)
-        X509_free(x);
-    if (ret != NULL)
-        ERR_clear_error();
-    return (ret);
-}
-#endif
-
-/**
- * Add a file of certs to a stack.
- * \param stack the stack to add to.
- * \param file the file to add from. All certs in this file that are not
- * already in the stack will be added.
- * \return 1 for success, 0 for failure. Note that in the case of failure some
- * certs may have been added to \c stack.
- */
-
-int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
-                                        const char *file)
-{
-    BIO *in;
-    X509 *x = NULL;
-    X509_NAME *xn = NULL;
-    int ret = 1;
-    int (*oldcmp) (const X509_NAME *const *a, const X509_NAME *const *b);
-
-    oldcmp = sk_X509_NAME_set_cmp_func(stack, xname_cmp);
-
-    in = BIO_new(BIO_s_file_internal());
-
-    if (in == NULL) {
-        SSLerr(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK,
-               ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    if (!BIO_read_filename(in, file))
-        goto err;
-
-    for (;;) {
-        if (PEM_read_bio_X509(in, &x, NULL, NULL) == NULL)
-            break;
-        if ((xn = X509_get_subject_name(x)) == NULL)
-            goto err;
-        xn = X509_NAME_dup(xn);
-        if (xn == NULL)
-            goto err;
-        if (sk_X509_NAME_find(stack, xn) >= 0)
-            X509_NAME_free(xn);
-        else
-            sk_X509_NAME_push(stack, xn);
-    }
-
-    ERR_clear_error();
-
-    if (0) {
- err:
-        ret = 0;
-    }
-    if (in != NULL)
-        BIO_free(in);
-    if (x != NULL)
-        X509_free(x);
-
-    (void)sk_X509_NAME_set_cmp_func(stack, oldcmp);
-
-    return ret;
-}
-
-/**
- * Add a directory of certs to a stack.
- * \param stack the stack to append to.
- * \param dir the directory to append from. All files in this directory will be
- * examined as potential certs. Any that are acceptable to
- * SSL_add_dir_cert_subjects_to_stack() that are not already in the stack will be
- * included.
- * \return 1 for success, 0 for failure. Note that in the case of failure some
- * certs may have been added to \c stack.
- */
-
-int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
-                                       const char *dir)
-{
-    OPENSSL_DIR_CTX *d = NULL;
-    const char *filename;
-    int ret = 0;
-
-    CRYPTO_w_lock(CRYPTO_LOCK_READDIR);
-
-    /* Note that a side effect is that the CAs will be sorted by name */
-
-    while ((filename = OPENSSL_DIR_read(&d, dir))) {
-        char buf[1024];
-        int r;
-
-        if (strlen(dir) + strlen(filename) + 2 > sizeof buf) {
-            SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,
-                   SSL_R_PATH_TOO_LONG);
-            goto err;
-        }
-#ifdef OPENSSL_SYS_VMS
-        r = BIO_snprintf(buf, sizeof buf, "%s%s", dir, filename);
-#else
-        r = BIO_snprintf(buf, sizeof buf, "%s/%s", dir, filename);
-#endif
-        if (r <= 0 || r >= (int)sizeof(buf))
-            goto err;
-        if (!SSL_add_file_cert_subjects_to_stack(stack, buf))
-            goto err;
-    }
-
-    if (errno) {
-        SYSerr(SYS_F_OPENDIR, get_last_sys_error());
-        ERR_add_error_data(3, "OPENSSL_DIR_read(&ctx, '", dir, "')");
-        SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB);
-        goto err;
-    }
-
-    ret = 1;
-
- err:
-    if (d)
-        OPENSSL_DIR_end(&d);
-    CRYPTO_w_unlock(CRYPTO_LOCK_READDIR);
-    return ret;
-}
-
-/* Add a certificate to a BUF_MEM structure */
-
-static int ssl_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x)
-{
-    int n;
-    unsigned char *p;
-
-    n = i2d_X509(x, NULL);
-    if (n < 0 || !BUF_MEM_grow_clean(buf, (int)(n + (*l) + 3))) {
-        SSLerr(SSL_F_SSL_ADD_CERT_TO_BUF, ERR_R_BUF_LIB);
-        return 0;
-    }
-    p = (unsigned char *)&(buf->data[*l]);
-    l2n3(n, p);
-    n = i2d_X509(x, &p);
-    if (n < 0) {
-        /* Shouldn't happen */
-        SSLerr(SSL_F_SSL_ADD_CERT_TO_BUF, ERR_R_BUF_LIB);
-        return 0;
-    }
-    *l += n + 3;
-
-    return 1;
-}
-
-/* Add certificate chain to internal SSL BUF_MEM strcuture */
-int ssl_add_cert_chain(SSL *s, CERT_PKEY *cpk, unsigned long *l)
-{
-    BUF_MEM *buf = s->init_buf;
-    int no_chain;
-    int i;
-
-    X509 *x;
-    STACK_OF(X509) *extra_certs;
-    X509_STORE *chain_store;
-
-    if (cpk)
-        x = cpk->x509;
-    else
-        x = NULL;
-
-    if (s->cert->chain_store)
-        chain_store = s->cert->chain_store;
-    else
-        chain_store = s->ctx->cert_store;
-
-    /*
-     * If we have a certificate specific chain use it, else use parent ctx.
-     */
-    if (cpk && cpk->chain)
-        extra_certs = cpk->chain;
-    else
-        extra_certs = s->ctx->extra_certs;
-
-    if ((s->mode & SSL_MODE_NO_AUTO_CHAIN) || extra_certs)
-        no_chain = 1;
-    else
-        no_chain = 0;
-
-    /* TLSv1 sends a chain with nothing in it, instead of an alert */
-    if (!BUF_MEM_grow_clean(buf, 10)) {
-        SSLerr(SSL_F_SSL_ADD_CERT_CHAIN, ERR_R_BUF_LIB);
-        return 0;
-    }
-    if (x != NULL) {
-        if (no_chain) {
-            if (!ssl_add_cert_to_buf(buf, l, x))
-                return 0;
-        } else {
-            X509_STORE_CTX xs_ctx;
-
-            if (!X509_STORE_CTX_init(&xs_ctx, chain_store, x, NULL)) {
-                SSLerr(SSL_F_SSL_ADD_CERT_CHAIN, ERR_R_X509_LIB);
-                return (0);
-            }
-            X509_verify_cert(&xs_ctx);
-            /* Don't leave errors in the queue */
-            ERR_clear_error();
-            for (i = 0; i < sk_X509_num(xs_ctx.chain); i++) {
-                x = sk_X509_value(xs_ctx.chain, i);
-
-                if (!ssl_add_cert_to_buf(buf, l, x)) {
-                    X509_STORE_CTX_cleanup(&xs_ctx);
-                    return 0;
-                }
-            }
-            X509_STORE_CTX_cleanup(&xs_ctx);
-        }
-    }
-    for (i = 0; i < sk_X509_num(extra_certs); i++) {
-        x = sk_X509_value(extra_certs, i);
-        if (!ssl_add_cert_to_buf(buf, l, x))
-            return 0;
-    }
-
-    return 1;
-}
-
-/* Build a certificate chain for current certificate */
-int ssl_build_cert_chain(CERT *c, X509_STORE *chain_store, int flags)
-{
-    CERT_PKEY *cpk = c->key;
-    X509_STORE_CTX xs_ctx;
-    STACK_OF(X509) *chain = NULL, *untrusted = NULL;
-    X509 *x;
-    int i, rv = 0;
-    unsigned long error;
-
-    if (!cpk->x509) {
-        SSLerr(SSL_F_SSL_BUILD_CERT_CHAIN, SSL_R_NO_CERTIFICATE_SET);
-        goto err;
-    }
-    /* Rearranging and check the chain: add everything to a store */
-    if (flags & SSL_BUILD_CHAIN_FLAG_CHECK) {
-        chain_store = X509_STORE_new();
-        if (!chain_store)
-            goto err;
-        for (i = 0; i < sk_X509_num(cpk->chain); i++) {
-            x = sk_X509_value(cpk->chain, i);
-            if (!X509_STORE_add_cert(chain_store, x)) {
-                error = ERR_peek_last_error();
-                if (ERR_GET_LIB(error) != ERR_LIB_X509 ||
-                    ERR_GET_REASON(error) !=
-                    X509_R_CERT_ALREADY_IN_HASH_TABLE)
-                    goto err;
-                ERR_clear_error();
-            }
-        }
-        /* Add EE cert too: it might be self signed */
-        if (!X509_STORE_add_cert(chain_store, cpk->x509)) {
-            error = ERR_peek_last_error();
-            if (ERR_GET_LIB(error) != ERR_LIB_X509 ||
-                ERR_GET_REASON(error) != X509_R_CERT_ALREADY_IN_HASH_TABLE)
-                goto err;
-            ERR_clear_error();
-        }
-    } else {
-        if (c->chain_store)
-            chain_store = c->chain_store;
-
-        if (flags & SSL_BUILD_CHAIN_FLAG_UNTRUSTED)
-            untrusted = cpk->chain;
-    }
-
-    if (!X509_STORE_CTX_init(&xs_ctx, chain_store, cpk->x509, untrusted)) {
-        SSLerr(SSL_F_SSL_BUILD_CERT_CHAIN, ERR_R_X509_LIB);
-        goto err;
-    }
-    /* Set suite B flags if needed */
-    X509_STORE_CTX_set_flags(&xs_ctx,
-                             c->cert_flags & SSL_CERT_FLAG_SUITEB_128_LOS);
-
-    i = X509_verify_cert(&xs_ctx);
-    if (i <= 0 && flags & SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR) {
-        if (flags & SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR)
-            ERR_clear_error();
-        i = 1;
-        rv = 2;
-    }
-    if (i > 0)
-        chain = X509_STORE_CTX_get1_chain(&xs_ctx);
-    if (i <= 0) {
-        SSLerr(SSL_F_SSL_BUILD_CERT_CHAIN, SSL_R_CERTIFICATE_VERIFY_FAILED);
-        i = X509_STORE_CTX_get_error(&xs_ctx);
-        ERR_add_error_data(2, "Verify error:",
-                           X509_verify_cert_error_string(i));
-
-        X509_STORE_CTX_cleanup(&xs_ctx);
-        goto err;
-    }
-    X509_STORE_CTX_cleanup(&xs_ctx);
-    if (cpk->chain)
-        sk_X509_pop_free(cpk->chain, X509_free);
-    /* Remove EE certificate from chain */
-    x = sk_X509_shift(chain);
-    X509_free(x);
-    if (flags & SSL_BUILD_CHAIN_FLAG_NO_ROOT) {
-        if (sk_X509_num(chain) > 0) {
-            /* See if last cert is self signed */
-            x = sk_X509_value(chain, sk_X509_num(chain) - 1);
-            X509_check_purpose(x, -1, 0);
-            if (x->ex_flags & EXFLAG_SS) {
-                x = sk_X509_pop(chain);
-                X509_free(x);
-            }
-        }
-    }
-    cpk->chain = chain;
-    if (rv == 0)
-        rv = 1;
- err:
-    if (flags & SSL_BUILD_CHAIN_FLAG_CHECK)
-        X509_STORE_free(chain_store);
-
-    return rv;
-}
-
-int ssl_cert_set_cert_store(CERT *c, X509_STORE *store, int chain, int ref)
-{
-    X509_STORE **pstore;
-    if (chain)
-        pstore = &c->chain_store;
-    else
-        pstore = &c->verify_store;
-    if (*pstore)
-        X509_STORE_free(*pstore);
-    *pstore = store;
-    if (ref && store)
-        CRYPTO_add(&store->references, 1, CRYPTO_LOCK_X509_STORE);
-    return 1;
-}
diff --git a/thirdparty/openssl/ssl/ssl_ciph.c b/thirdparty/openssl/ssl/ssl_ciph.c
deleted file mode 100644
index 40021329a9..0000000000
--- a/thirdparty/openssl/ssl/ssl_ciph.c
+++ /dev/null
@@ -1,2093 +0,0 @@
-/* ssl/ssl_ciph.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#ifndef OPENSSL_NO_COMP
-# include <openssl/comp.h>
-#endif
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-#include "ssl_locl.h"
-
-#define SSL_ENC_DES_IDX         0
-#define SSL_ENC_3DES_IDX        1
-#define SSL_ENC_RC4_IDX         2
-#define SSL_ENC_RC2_IDX         3
-#define SSL_ENC_IDEA_IDX        4
-#define SSL_ENC_NULL_IDX        5
-#define SSL_ENC_AES128_IDX      6
-#define SSL_ENC_AES256_IDX      7
-#define SSL_ENC_CAMELLIA128_IDX 8
-#define SSL_ENC_CAMELLIA256_IDX 9
-#define SSL_ENC_GOST89_IDX      10
-#define SSL_ENC_SEED_IDX        11
-#define SSL_ENC_AES128GCM_IDX   12
-#define SSL_ENC_AES256GCM_IDX   13
-#define SSL_ENC_NUM_IDX         14
-
-static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = {
-    NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
-    NULL, NULL
-};
-
-#define SSL_COMP_NULL_IDX       0
-#define SSL_COMP_ZLIB_IDX       1
-#define SSL_COMP_NUM_IDX        2
-
-static STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
-
-#define SSL_MD_MD5_IDX  0
-#define SSL_MD_SHA1_IDX 1
-#define SSL_MD_GOST94_IDX 2
-#define SSL_MD_GOST89MAC_IDX 3
-#define SSL_MD_SHA256_IDX 4
-#define SSL_MD_SHA384_IDX 5
-/*
- * Constant SSL_MAX_DIGEST equal to size of digests array should be defined
- * in the ssl_locl.h
- */
-#define SSL_MD_NUM_IDX  SSL_MAX_DIGEST
-static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX] = {
-    NULL, NULL, NULL, NULL, NULL, NULL
-};
-
-/*
- * PKEY_TYPE for GOST89MAC is known in advance, but, because implementation
- * is engine-provided, we'll fill it only if corresponding EVP_PKEY_METHOD is
- * found
- */
-static int ssl_mac_pkey_id[SSL_MD_NUM_IDX] = {
-    EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC, NID_undef,
-    EVP_PKEY_HMAC, EVP_PKEY_HMAC
-};
-
-static int ssl_mac_secret_size[SSL_MD_NUM_IDX] = {
-    0, 0, 0, 0, 0, 0
-};
-
-static int ssl_handshake_digest_flag[SSL_MD_NUM_IDX] = {
-    SSL_HANDSHAKE_MAC_MD5, SSL_HANDSHAKE_MAC_SHA,
-    SSL_HANDSHAKE_MAC_GOST94, 0, SSL_HANDSHAKE_MAC_SHA256,
-    SSL_HANDSHAKE_MAC_SHA384
-};
-
-#define CIPHER_ADD      1
-#define CIPHER_KILL     2
-#define CIPHER_DEL      3
-#define CIPHER_ORD      4
-#define CIPHER_SPECIAL  5
-
-typedef struct cipher_order_st {
-    const SSL_CIPHER *cipher;
-    int active;
-    int dead;
-    struct cipher_order_st *next, *prev;
-} CIPHER_ORDER;
-
-static const SSL_CIPHER cipher_aliases[] = {
-    /* "ALL" doesn't include eNULL (must be specifically enabled) */
-    {0, SSL_TXT_ALL, 0, 0, 0, ~SSL_eNULL, 0, 0, 0, 0, 0, 0},
-    /* "COMPLEMENTOFALL" */
-    {0, SSL_TXT_CMPALL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0},
-
-    /*
-     * "COMPLEMENTOFDEFAULT" (does *not* include ciphersuites not found in
-     * ALL!)
-     */
-    {0, SSL_TXT_CMPDEF, 0, 0, 0, 0, 0, 0, SSL_NOT_DEFAULT, 0, 0, 0},
-
-    /*
-     * key exchange aliases (some of those using only a single bit here
-     * combine multiple key exchange algs according to the RFCs, e.g. kEDH
-     * combines DHE_DSS and DHE_RSA)
-     */
-    {0, SSL_TXT_kRSA, 0, SSL_kRSA, 0, 0, 0, 0, 0, 0, 0, 0},
-
-    {0, SSL_TXT_kDHr, 0, SSL_kDHr, 0, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_kDHd, 0, SSL_kDHd, 0, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_kDH, 0, SSL_kDHr | SSL_kDHd, 0, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_kEDH, 0, SSL_kEDH, 0, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_kDHE, 0, SSL_kEDH, 0, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_DH, 0, SSL_kDHr | SSL_kDHd | SSL_kEDH, 0, 0, 0, 0, 0, 0, 0,
-     0},
-
-    {0, SSL_TXT_kKRB5, 0, SSL_kKRB5, 0, 0, 0, 0, 0, 0, 0, 0},
-
-    {0, SSL_TXT_kECDHr, 0, SSL_kECDHr, 0, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_kECDHe, 0, SSL_kECDHe, 0, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_kECDH, 0, SSL_kECDHr | SSL_kECDHe, 0, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_kEECDH, 0, SSL_kEECDH, 0, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_kECDHE, 0, SSL_kEECDH, 0, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_ECDH, 0, SSL_kECDHr | SSL_kECDHe | SSL_kEECDH, 0, 0, 0, 0, 0,
-     0, 0, 0},
-
-    {0, SSL_TXT_kPSK, 0, SSL_kPSK, 0, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_kSRP, 0, SSL_kSRP, 0, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_kGOST, 0, SSL_kGOST, 0, 0, 0, 0, 0, 0, 0, 0},
-
-    /* server authentication aliases */
-    {0, SSL_TXT_aRSA, 0, 0, SSL_aRSA, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_aDSS, 0, 0, SSL_aDSS, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_DSS, 0, 0, SSL_aDSS, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_aKRB5, 0, 0, SSL_aKRB5, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_aNULL, 0, 0, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
-    /* no such ciphersuites supported! */
-    {0, SSL_TXT_aDH, 0, 0, SSL_aDH, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_aECDH, 0, 0, SSL_aECDH, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_aECDSA, 0, 0, SSL_aECDSA, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_ECDSA, 0, 0, SSL_aECDSA, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_aPSK, 0, 0, SSL_aPSK, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_aGOST94, 0, 0, SSL_aGOST94, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_aGOST01, 0, 0, SSL_aGOST01, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_aGOST, 0, 0, SSL_aGOST94 | SSL_aGOST01, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_aSRP, 0, 0, SSL_aSRP, 0, 0, 0, 0, 0, 0, 0},
-
-    /* aliases combining key exchange and server authentication */
-    {0, SSL_TXT_EDH, 0, SSL_kEDH, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_DHE, 0, SSL_kEDH, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_EECDH, 0, SSL_kEECDH, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_ECDHE, 0, SSL_kEECDH, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_NULL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_KRB5, 0, SSL_kKRB5, SSL_aKRB5, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_RSA, 0, SSL_kRSA, SSL_aRSA, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_ADH, 0, SSL_kEDH, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_AECDH, 0, SSL_kEECDH, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_PSK, 0, SSL_kPSK, SSL_aPSK, 0, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_SRP, 0, SSL_kSRP, 0, 0, 0, 0, 0, 0, 0, 0},
-
-    /* symmetric encryption aliases */
-    {0, SSL_TXT_DES, 0, 0, 0, SSL_DES, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_3DES, 0, 0, 0, SSL_3DES, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_RC4, 0, 0, 0, SSL_RC4, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_RC2, 0, 0, 0, SSL_RC2, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_IDEA, 0, 0, 0, SSL_IDEA, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_SEED, 0, 0, 0, SSL_SEED, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_eNULL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_AES128, 0, 0, 0, SSL_AES128 | SSL_AES128GCM, 0, 0, 0, 0, 0,
-     0},
-    {0, SSL_TXT_AES256, 0, 0, 0, SSL_AES256 | SSL_AES256GCM, 0, 0, 0, 0, 0,
-     0},
-    {0, SSL_TXT_AES, 0, 0, 0, SSL_AES, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_AES_GCM, 0, 0, 0, SSL_AES128GCM | SSL_AES256GCM, 0, 0, 0, 0,
-     0, 0},
-    {0, SSL_TXT_CAMELLIA128, 0, 0, 0, SSL_CAMELLIA128, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_CAMELLIA256, 0, 0, 0, SSL_CAMELLIA256, 0, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_CAMELLIA, 0, 0, 0, SSL_CAMELLIA128 | SSL_CAMELLIA256, 0, 0, 0,
-     0, 0, 0},
-
-    /* MAC aliases */
-    {0, SSL_TXT_MD5, 0, 0, 0, 0, SSL_MD5, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_SHA1, 0, 0, 0, 0, SSL_SHA1, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_SHA, 0, 0, 0, 0, SSL_SHA1, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_GOST94, 0, 0, 0, 0, SSL_GOST94, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_GOST89MAC, 0, 0, 0, 0, SSL_GOST89MAC, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_SHA256, 0, 0, 0, 0, SSL_SHA256, 0, 0, 0, 0, 0},
-    {0, SSL_TXT_SHA384, 0, 0, 0, 0, SSL_SHA384, 0, 0, 0, 0, 0},
-
-    /* protocol version aliases */
-    {0, SSL_TXT_SSLV2, 0, 0, 0, 0, 0, SSL_SSLV2, 0, 0, 0, 0},
-    {0, SSL_TXT_SSLV3, 0, 0, 0, 0, 0, SSL_SSLV3, 0, 0, 0, 0},
-    {0, SSL_TXT_TLSV1, 0, 0, 0, 0, 0, SSL_TLSV1, 0, 0, 0, 0},
-    {0, SSL_TXT_TLSV1_2, 0, 0, 0, 0, 0, SSL_TLSV1_2, 0, 0, 0, 0},
-
-    /* export flag */
-    {0, SSL_TXT_EXP, 0, 0, 0, 0, 0, 0, SSL_EXPORT, 0, 0, 0},
-    {0, SSL_TXT_EXPORT, 0, 0, 0, 0, 0, 0, SSL_EXPORT, 0, 0, 0},
-
-    /* strength classes */
-    {0, SSL_TXT_EXP40, 0, 0, 0, 0, 0, 0, SSL_EXP40, 0, 0, 0},
-    {0, SSL_TXT_EXP56, 0, 0, 0, 0, 0, 0, SSL_EXP56, 0, 0, 0},
-    {0, SSL_TXT_LOW, 0, 0, 0, 0, 0, 0, SSL_LOW, 0, 0, 0},
-    {0, SSL_TXT_MEDIUM, 0, 0, 0, 0, 0, 0, SSL_MEDIUM, 0, 0, 0},
-    {0, SSL_TXT_HIGH, 0, 0, 0, 0, 0, 0, SSL_HIGH, 0, 0, 0},
-    /* FIPS 140-2 approved ciphersuite */
-    {0, SSL_TXT_FIPS, 0, 0, 0, ~SSL_eNULL, 0, 0, SSL_FIPS, 0, 0, 0},
-    /* "DHE-" aliases to "EDH-" labels (for forward compatibility) */
-    {0, SSL3_TXT_DHE_DSS_DES_40_CBC_SHA, 0,
-     SSL_kDHE, SSL_aDSS, SSL_DES, SSL_SHA1, SSL_SSLV3, SSL_EXPORT | SSL_EXP40,
-     0, 0, 0,},
-    {0, SSL3_TXT_DHE_DSS_DES_64_CBC_SHA, 0,
-     SSL_kDHE, SSL_aDSS, SSL_DES, SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP | SSL_LOW,
-     0, 0, 0,},
-    {0, SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA, 0,
-     SSL_kDHE, SSL_aDSS, SSL_3DES, SSL_SHA1, SSL_SSLV3,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 0, 0, 0,},
-    {0, SSL3_TXT_DHE_RSA_DES_40_CBC_SHA, 0,
-     SSL_kDHE, SSL_aRSA, SSL_DES, SSL_SHA1, SSL_SSLV3, SSL_EXPORT | SSL_EXP40,
-     0, 0, 0,},
-    {0, SSL3_TXT_DHE_RSA_DES_64_CBC_SHA, 0,
-     SSL_kDHE, SSL_aRSA, SSL_DES, SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP | SSL_LOW,
-     0, 0, 0,},
-    {0, SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA, 0,
-     SSL_kDHE, SSL_aRSA, SSL_3DES, SSL_SHA1, SSL_SSLV3,
-     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 0, 0, 0,},
-};
-
-/*
- * Search for public key algorithm with given name and return its pkey_id if
- * it is available. Otherwise return 0
- */
-#ifdef OPENSSL_NO_ENGINE
-
-static int get_optional_pkey_id(const char *pkey_name)
-{
-    const EVP_PKEY_ASN1_METHOD *ameth;
-    int pkey_id = 0;
-    ameth = EVP_PKEY_asn1_find_str(NULL, pkey_name, -1);
-    if (ameth && EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL,
-                                         ameth) > 0) {
-        return pkey_id;
-    }
-    return 0;
-}
-
-#else
-
-static int get_optional_pkey_id(const char *pkey_name)
-{
-    const EVP_PKEY_ASN1_METHOD *ameth;
-    ENGINE *tmpeng = NULL;
-    int pkey_id = 0;
-    ameth = EVP_PKEY_asn1_find_str(&tmpeng, pkey_name, -1);
-    if (ameth) {
-        if (EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL,
-                                    ameth) <= 0)
-            pkey_id = 0;
-    }
-    if (tmpeng)
-        ENGINE_finish(tmpeng);
-    return pkey_id;
-}
-
-#endif
-
-void ssl_load_ciphers(void)
-{
-    ssl_cipher_methods[SSL_ENC_DES_IDX] = EVP_get_cipherbyname(SN_des_cbc);
-    ssl_cipher_methods[SSL_ENC_3DES_IDX] =
-        EVP_get_cipherbyname(SN_des_ede3_cbc);
-    ssl_cipher_methods[SSL_ENC_RC4_IDX] = EVP_get_cipherbyname(SN_rc4);
-    ssl_cipher_methods[SSL_ENC_RC2_IDX] = EVP_get_cipherbyname(SN_rc2_cbc);
-#ifndef OPENSSL_NO_IDEA
-    ssl_cipher_methods[SSL_ENC_IDEA_IDX] = EVP_get_cipherbyname(SN_idea_cbc);
-#else
-    ssl_cipher_methods[SSL_ENC_IDEA_IDX] = NULL;
-#endif
-    ssl_cipher_methods[SSL_ENC_AES128_IDX] =
-        EVP_get_cipherbyname(SN_aes_128_cbc);
-    ssl_cipher_methods[SSL_ENC_AES256_IDX] =
-        EVP_get_cipherbyname(SN_aes_256_cbc);
-    ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] =
-        EVP_get_cipherbyname(SN_camellia_128_cbc);
-    ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] =
-        EVP_get_cipherbyname(SN_camellia_256_cbc);
-    ssl_cipher_methods[SSL_ENC_GOST89_IDX] =
-        EVP_get_cipherbyname(SN_gost89_cnt);
-    ssl_cipher_methods[SSL_ENC_SEED_IDX] = EVP_get_cipherbyname(SN_seed_cbc);
-
-    ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] =
-        EVP_get_cipherbyname(SN_aes_128_gcm);
-    ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] =
-        EVP_get_cipherbyname(SN_aes_256_gcm);
-
-    ssl_digest_methods[SSL_MD_MD5_IDX] = EVP_get_digestbyname(SN_md5);
-    ssl_mac_secret_size[SSL_MD_MD5_IDX] =
-        EVP_MD_size(ssl_digest_methods[SSL_MD_MD5_IDX]);
-    OPENSSL_assert(ssl_mac_secret_size[SSL_MD_MD5_IDX] >= 0);
-    ssl_digest_methods[SSL_MD_SHA1_IDX] = EVP_get_digestbyname(SN_sha1);
-    ssl_mac_secret_size[SSL_MD_SHA1_IDX] =
-        EVP_MD_size(ssl_digest_methods[SSL_MD_SHA1_IDX]);
-    OPENSSL_assert(ssl_mac_secret_size[SSL_MD_SHA1_IDX] >= 0);
-    ssl_digest_methods[SSL_MD_GOST94_IDX] =
-        EVP_get_digestbyname(SN_id_GostR3411_94);
-    if (ssl_digest_methods[SSL_MD_GOST94_IDX]) {
-        ssl_mac_secret_size[SSL_MD_GOST94_IDX] =
-            EVP_MD_size(ssl_digest_methods[SSL_MD_GOST94_IDX]);
-        OPENSSL_assert(ssl_mac_secret_size[SSL_MD_GOST94_IDX] >= 0);
-    }
-    ssl_digest_methods[SSL_MD_GOST89MAC_IDX] =
-        EVP_get_digestbyname(SN_id_Gost28147_89_MAC);
-    ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX] = get_optional_pkey_id("gost-mac");
-    if (ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX]) {
-        ssl_mac_secret_size[SSL_MD_GOST89MAC_IDX] = 32;
-    }
-
-    ssl_digest_methods[SSL_MD_SHA256_IDX] = EVP_get_digestbyname(SN_sha256);
-    ssl_mac_secret_size[SSL_MD_SHA256_IDX] =
-        EVP_MD_size(ssl_digest_methods[SSL_MD_SHA256_IDX]);
-    ssl_digest_methods[SSL_MD_SHA384_IDX] = EVP_get_digestbyname(SN_sha384);
-    ssl_mac_secret_size[SSL_MD_SHA384_IDX] =
-        EVP_MD_size(ssl_digest_methods[SSL_MD_SHA384_IDX]);
-}
-
-#ifndef OPENSSL_NO_COMP
-
-static int sk_comp_cmp(const SSL_COMP *const *a, const SSL_COMP *const *b)
-{
-    return ((*a)->id - (*b)->id);
-}
-
-static void load_builtin_compressions(void)
-{
-    int got_write_lock = 0;
-
-    CRYPTO_r_lock(CRYPTO_LOCK_SSL);
-    if (ssl_comp_methods == NULL) {
-        CRYPTO_r_unlock(CRYPTO_LOCK_SSL);
-        CRYPTO_w_lock(CRYPTO_LOCK_SSL);
-        got_write_lock = 1;
-
-        if (ssl_comp_methods == NULL) {
-            SSL_COMP *comp = NULL;
-
-            MemCheck_off();
-            ssl_comp_methods = sk_SSL_COMP_new(sk_comp_cmp);
-            if (ssl_comp_methods != NULL) {
-                comp = (SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
-                if (comp != NULL) {
-                    comp->method = COMP_zlib();
-                    if (comp->method && comp->method->type == NID_undef)
-                        OPENSSL_free(comp);
-                    else {
-                        comp->id = SSL_COMP_ZLIB_IDX;
-                        comp->name = comp->method->name;
-                        sk_SSL_COMP_push(ssl_comp_methods, comp);
-                    }
-                }
-                sk_SSL_COMP_sort(ssl_comp_methods);
-            }
-            MemCheck_on();
-        }
-    }
-
-    if (got_write_lock)
-        CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
-    else
-        CRYPTO_r_unlock(CRYPTO_LOCK_SSL);
-}
-#endif
-
-int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
-                       const EVP_MD **md, int *mac_pkey_type,
-                       int *mac_secret_size, SSL_COMP **comp)
-{
-    int i;
-    const SSL_CIPHER *c;
-
-    c = s->cipher;
-    if (c == NULL)
-        return (0);
-    if (comp != NULL) {
-        SSL_COMP ctmp;
-#ifndef OPENSSL_NO_COMP
-        load_builtin_compressions();
-#endif
-
-        *comp = NULL;
-        ctmp.id = s->compress_meth;
-        if (ssl_comp_methods != NULL) {
-            i = sk_SSL_COMP_find(ssl_comp_methods, &ctmp);
-            if (i >= 0)
-                *comp = sk_SSL_COMP_value(ssl_comp_methods, i);
-            else
-                *comp = NULL;
-        }
-    }
-
-    if ((enc == NULL) || (md == NULL))
-        return (0);
-
-    switch (c->algorithm_enc) {
-    case SSL_DES:
-        i = SSL_ENC_DES_IDX;
-        break;
-    case SSL_3DES:
-        i = SSL_ENC_3DES_IDX;
-        break;
-    case SSL_RC4:
-        i = SSL_ENC_RC4_IDX;
-        break;
-    case SSL_RC2:
-        i = SSL_ENC_RC2_IDX;
-        break;
-    case SSL_IDEA:
-        i = SSL_ENC_IDEA_IDX;
-        break;
-    case SSL_eNULL:
-        i = SSL_ENC_NULL_IDX;
-        break;
-    case SSL_AES128:
-        i = SSL_ENC_AES128_IDX;
-        break;
-    case SSL_AES256:
-        i = SSL_ENC_AES256_IDX;
-        break;
-    case SSL_CAMELLIA128:
-        i = SSL_ENC_CAMELLIA128_IDX;
-        break;
-    case SSL_CAMELLIA256:
-        i = SSL_ENC_CAMELLIA256_IDX;
-        break;
-    case SSL_eGOST2814789CNT:
-        i = SSL_ENC_GOST89_IDX;
-        break;
-    case SSL_SEED:
-        i = SSL_ENC_SEED_IDX;
-        break;
-    case SSL_AES128GCM:
-        i = SSL_ENC_AES128GCM_IDX;
-        break;
-    case SSL_AES256GCM:
-        i = SSL_ENC_AES256GCM_IDX;
-        break;
-    default:
-        i = -1;
-        break;
-    }
-
-    if ((i < 0) || (i >= SSL_ENC_NUM_IDX))
-        *enc = NULL;
-    else {
-        if (i == SSL_ENC_NULL_IDX)
-            *enc = EVP_enc_null();
-        else
-            *enc = ssl_cipher_methods[i];
-    }
-
-    switch (c->algorithm_mac) {
-    case SSL_MD5:
-        i = SSL_MD_MD5_IDX;
-        break;
-    case SSL_SHA1:
-        i = SSL_MD_SHA1_IDX;
-        break;
-    case SSL_SHA256:
-        i = SSL_MD_SHA256_IDX;
-        break;
-    case SSL_SHA384:
-        i = SSL_MD_SHA384_IDX;
-        break;
-    case SSL_GOST94:
-        i = SSL_MD_GOST94_IDX;
-        break;
-    case SSL_GOST89MAC:
-        i = SSL_MD_GOST89MAC_IDX;
-        break;
-    default:
-        i = -1;
-        break;
-    }
-    if ((i < 0) || (i >= SSL_MD_NUM_IDX)) {
-        *md = NULL;
-        if (mac_pkey_type != NULL)
-            *mac_pkey_type = NID_undef;
-        if (mac_secret_size != NULL)
-            *mac_secret_size = 0;
-        if (c->algorithm_mac == SSL_AEAD)
-            mac_pkey_type = NULL;
-    } else {
-        *md = ssl_digest_methods[i];
-        if (mac_pkey_type != NULL)
-            *mac_pkey_type = ssl_mac_pkey_id[i];
-        if (mac_secret_size != NULL)
-            *mac_secret_size = ssl_mac_secret_size[i];
-    }
-
-    if ((*enc != NULL) &&
-        (*md != NULL || (EVP_CIPHER_flags(*enc) & EVP_CIPH_FLAG_AEAD_CIPHER))
-        && (!mac_pkey_type || *mac_pkey_type != NID_undef)) {
-        const EVP_CIPHER *evp;
-
-        if (s->ssl_version >> 8 != TLS1_VERSION_MAJOR ||
-            s->ssl_version < TLS1_VERSION)
-            return 1;
-
-#ifdef OPENSSL_FIPS
-        if (FIPS_mode())
-            return 1;
-#endif
-
-        if (c->algorithm_enc == SSL_RC4 &&
-            c->algorithm_mac == SSL_MD5 &&
-            (evp = EVP_get_cipherbyname("RC4-HMAC-MD5")))
-            *enc = evp, *md = NULL;
-        else if (c->algorithm_enc == SSL_AES128 &&
-                 c->algorithm_mac == SSL_SHA1 &&
-                 (evp = EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1")))
-            *enc = evp, *md = NULL;
-        else if (c->algorithm_enc == SSL_AES256 &&
-                 c->algorithm_mac == SSL_SHA1 &&
-                 (evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1")))
-            *enc = evp, *md = NULL;
-        else if (c->algorithm_enc == SSL_AES128 &&
-                 c->algorithm_mac == SSL_SHA256 &&
-                 (evp = EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA256")))
-            *enc = evp, *md = NULL;
-        else if (c->algorithm_enc == SSL_AES256 &&
-                 c->algorithm_mac == SSL_SHA256 &&
-                 (evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA256")))
-            *enc = evp, *md = NULL;
-        return (1);
-    } else
-        return (0);
-}
-
-int ssl_get_handshake_digest(int idx, long *mask, const EVP_MD **md)
-{
-    if (idx < 0 || idx >= SSL_MD_NUM_IDX) {
-        return 0;
-    }
-    *mask = ssl_handshake_digest_flag[idx];
-    if (*mask)
-        *md = ssl_digest_methods[idx];
-    else
-        *md = NULL;
-    return 1;
-}
-
-#define ITEM_SEP(a) \
-        (((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ','))
-
-static void ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr,
-                           CIPHER_ORDER **tail)
-{
-    if (curr == *tail)
-        return;
-    if (curr == *head)
-        *head = curr->next;
-    if (curr->prev != NULL)
-        curr->prev->next = curr->next;
-    if (curr->next != NULL)
-        curr->next->prev = curr->prev;
-    (*tail)->next = curr;
-    curr->prev = *tail;
-    curr->next = NULL;
-    *tail = curr;
-}
-
-static void ll_append_head(CIPHER_ORDER **head, CIPHER_ORDER *curr,
-                           CIPHER_ORDER **tail)
-{
-    if (curr == *head)
-        return;
-    if (curr == *tail)
-        *tail = curr->prev;
-    if (curr->next != NULL)
-        curr->next->prev = curr->prev;
-    if (curr->prev != NULL)
-        curr->prev->next = curr->next;
-    (*head)->prev = curr;
-    curr->next = *head;
-    curr->prev = NULL;
-    *head = curr;
-}
-
-static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth,
-                                    unsigned long *enc, unsigned long *mac,
-                                    unsigned long *ssl)
-{
-    *mkey = 0;
-    *auth = 0;
-    *enc = 0;
-    *mac = 0;
-    *ssl = 0;
-
-#ifdef OPENSSL_NO_RSA
-    *mkey |= SSL_kRSA;
-    *auth |= SSL_aRSA;
-#endif
-#ifdef OPENSSL_NO_DSA
-    *auth |= SSL_aDSS;
-#endif
-#ifdef OPENSSL_NO_DH
-    *mkey |= SSL_kDHr | SSL_kDHd | SSL_kEDH;
-    *auth |= SSL_aDH;
-#endif
-#ifdef OPENSSL_NO_KRB5
-    *mkey |= SSL_kKRB5;
-    *auth |= SSL_aKRB5;
-#endif
-#ifdef OPENSSL_NO_ECDSA
-    *auth |= SSL_aECDSA;
-#endif
-#ifdef OPENSSL_NO_ECDH
-    *mkey |= SSL_kECDHe | SSL_kECDHr;
-    *auth |= SSL_aECDH;
-#endif
-#ifdef OPENSSL_NO_PSK
-    *mkey |= SSL_kPSK;
-    *auth |= SSL_aPSK;
-#endif
-#ifdef OPENSSL_NO_SRP
-    *mkey |= SSL_kSRP;
-#endif
-    /*
-     * Check for presence of GOST 34.10 algorithms, and if they do not
-     * present, disable appropriate auth and key exchange
-     */
-    if (!get_optional_pkey_id("gost94")) {
-        *auth |= SSL_aGOST94;
-    }
-    if (!get_optional_pkey_id("gost2001")) {
-        *auth |= SSL_aGOST01;
-    }
-    /*
-     * Disable GOST key exchange if no GOST signature algs are available *
-     */
-    if ((*auth & (SSL_aGOST94 | SSL_aGOST01)) == (SSL_aGOST94 | SSL_aGOST01)) {
-        *mkey |= SSL_kGOST;
-    }
-#ifdef SSL_FORBID_ENULL
-    *enc |= SSL_eNULL;
-#endif
-
-    *enc |= (ssl_cipher_methods[SSL_ENC_DES_IDX] == NULL) ? SSL_DES : 0;
-    *enc |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES : 0;
-    *enc |= (ssl_cipher_methods[SSL_ENC_RC4_IDX] == NULL) ? SSL_RC4 : 0;
-    *enc |= (ssl_cipher_methods[SSL_ENC_RC2_IDX] == NULL) ? SSL_RC2 : 0;
-    *enc |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA : 0;
-    *enc |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES128 : 0;
-    *enc |= (ssl_cipher_methods[SSL_ENC_AES256_IDX] == NULL) ? SSL_AES256 : 0;
-    *enc |=
-        (ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] ==
-         NULL) ? SSL_AES128GCM : 0;
-    *enc |=
-        (ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] ==
-         NULL) ? SSL_AES256GCM : 0;
-    *enc |=
-        (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] ==
-         NULL) ? SSL_CAMELLIA128 : 0;
-    *enc |=
-        (ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] ==
-         NULL) ? SSL_CAMELLIA256 : 0;
-    *enc |=
-        (ssl_cipher_methods[SSL_ENC_GOST89_IDX] ==
-         NULL) ? SSL_eGOST2814789CNT : 0;
-    *enc |= (ssl_cipher_methods[SSL_ENC_SEED_IDX] == NULL) ? SSL_SEED : 0;
-
-    *mac |= (ssl_digest_methods[SSL_MD_MD5_IDX] == NULL) ? SSL_MD5 : 0;
-    *mac |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1 : 0;
-    *mac |= (ssl_digest_methods[SSL_MD_SHA256_IDX] == NULL) ? SSL_SHA256 : 0;
-    *mac |= (ssl_digest_methods[SSL_MD_SHA384_IDX] == NULL) ? SSL_SHA384 : 0;
-    *mac |= (ssl_digest_methods[SSL_MD_GOST94_IDX] == NULL) ? SSL_GOST94 : 0;
-    *mac |= (ssl_digest_methods[SSL_MD_GOST89MAC_IDX] == NULL
-             || ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX] ==
-             NID_undef) ? SSL_GOST89MAC : 0;
-
-}
-
-static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
-                                       int num_of_ciphers,
-                                       unsigned long disabled_mkey,
-                                       unsigned long disabled_auth,
-                                       unsigned long disabled_enc,
-                                       unsigned long disabled_mac,
-                                       unsigned long disabled_ssl,
-                                       CIPHER_ORDER *co_list,
-                                       CIPHER_ORDER **head_p,
-                                       CIPHER_ORDER **tail_p)
-{
-    int i, co_list_num;
-    const SSL_CIPHER *c;
-
-    /*
-     * We have num_of_ciphers descriptions compiled in, depending on the
-     * method selected (SSLv2 and/or SSLv3, TLSv1 etc).
-     * These will later be sorted in a linked list with at most num
-     * entries.
-     */
-
-    /* Get the initial list of ciphers */
-    co_list_num = 0;            /* actual count of ciphers */
-    for (i = 0; i < num_of_ciphers; i++) {
-        c = ssl_method->get_cipher(i);
-        /* drop those that use any of that is not available */
-        if ((c != NULL) && c->valid &&
-#ifdef OPENSSL_FIPS
-            (!FIPS_mode() || (c->algo_strength & SSL_FIPS)) &&
-#endif
-            !(c->algorithm_mkey & disabled_mkey) &&
-            !(c->algorithm_auth & disabled_auth) &&
-            !(c->algorithm_enc & disabled_enc) &&
-            !(c->algorithm_mac & disabled_mac) &&
-            !(c->algorithm_ssl & disabled_ssl)) {
-            co_list[co_list_num].cipher = c;
-            co_list[co_list_num].next = NULL;
-            co_list[co_list_num].prev = NULL;
-            co_list[co_list_num].active = 0;
-            co_list_num++;
-#ifdef KSSL_DEBUG
-            fprintf(stderr, "\t%d: %s %lx %lx %lx\n", i, c->name, c->id,
-                    c->algorithm_mkey, c->algorithm_auth);
-#endif                          /* KSSL_DEBUG */
-            /*
-             * if (!sk_push(ca_list,(char *)c)) goto err;
-             */
-        }
-    }
-
-    /*
-     * Prepare linked list from list entries
-     */
-    if (co_list_num > 0) {
-        co_list[0].prev = NULL;
-
-        if (co_list_num > 1) {
-            co_list[0].next = &co_list[1];
-
-            for (i = 1; i < co_list_num - 1; i++) {
-                co_list[i].prev = &co_list[i - 1];
-                co_list[i].next = &co_list[i + 1];
-            }
-
-            co_list[co_list_num - 1].prev = &co_list[co_list_num - 2];
-        }
-
-        co_list[co_list_num - 1].next = NULL;
-
-        *head_p = &co_list[0];
-        *tail_p = &co_list[co_list_num - 1];
-    }
-}
-
-static void ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list,
-                                       int num_of_group_aliases,
-                                       unsigned long disabled_mkey,
-                                       unsigned long disabled_auth,
-                                       unsigned long disabled_enc,
-                                       unsigned long disabled_mac,
-                                       unsigned long disabled_ssl,
-                                       CIPHER_ORDER *head)
-{
-    CIPHER_ORDER *ciph_curr;
-    const SSL_CIPHER **ca_curr;
-    int i;
-    unsigned long mask_mkey = ~disabled_mkey;
-    unsigned long mask_auth = ~disabled_auth;
-    unsigned long mask_enc = ~disabled_enc;
-    unsigned long mask_mac = ~disabled_mac;
-    unsigned long mask_ssl = ~disabled_ssl;
-
-    /*
-     * First, add the real ciphers as already collected
-     */
-    ciph_curr = head;
-    ca_curr = ca_list;
-    while (ciph_curr != NULL) {
-        *ca_curr = ciph_curr->cipher;
-        ca_curr++;
-        ciph_curr = ciph_curr->next;
-    }
-
-    /*
-     * Now we add the available ones from the cipher_aliases[] table.
-     * They represent either one or more algorithms, some of which
-     * in any affected category must be supported (set in enabled_mask),
-     * or represent a cipher strength value (will be added in any case because algorithms=0).
-     */
-    for (i = 0; i < num_of_group_aliases; i++) {
-        unsigned long algorithm_mkey = cipher_aliases[i].algorithm_mkey;
-        unsigned long algorithm_auth = cipher_aliases[i].algorithm_auth;
-        unsigned long algorithm_enc = cipher_aliases[i].algorithm_enc;
-        unsigned long algorithm_mac = cipher_aliases[i].algorithm_mac;
-        unsigned long algorithm_ssl = cipher_aliases[i].algorithm_ssl;
-
-        if (algorithm_mkey)
-            if ((algorithm_mkey & mask_mkey) == 0)
-                continue;
-
-        if (algorithm_auth)
-            if ((algorithm_auth & mask_auth) == 0)
-                continue;
-
-        if (algorithm_enc)
-            if ((algorithm_enc & mask_enc) == 0)
-                continue;
-
-        if (algorithm_mac)
-            if ((algorithm_mac & mask_mac) == 0)
-                continue;
-
-        if (algorithm_ssl)
-            if ((algorithm_ssl & mask_ssl) == 0)
-                continue;
-
-        *ca_curr = (SSL_CIPHER *)(cipher_aliases + i);
-        ca_curr++;
-    }
-
-    *ca_curr = NULL;            /* end of list */
-}
-
-static void ssl_cipher_apply_rule(unsigned long cipher_id,
-                                  unsigned long alg_mkey,
-                                  unsigned long alg_auth,
-                                  unsigned long alg_enc,
-                                  unsigned long alg_mac,
-                                  unsigned long alg_ssl,
-                                  unsigned long algo_strength, int rule,
-                                  int strength_bits, CIPHER_ORDER **head_p,
-                                  CIPHER_ORDER **tail_p)
-{
-    CIPHER_ORDER *head, *tail, *curr, *next, *last;
-    const SSL_CIPHER *cp;
-    int reverse = 0;
-
-#ifdef CIPHER_DEBUG
-    fprintf(stderr,
-            "Applying rule %d with %08lx/%08lx/%08lx/%08lx/%08lx %08lx (%d)\n",
-            rule, alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl,
-            algo_strength, strength_bits);
-#endif
-
-    if (rule == CIPHER_DEL)
-        reverse = 1;            /* needed to maintain sorting between
-                                 * currently deleted ciphers */
-
-    head = *head_p;
-    tail = *tail_p;
-
-    if (reverse) {
-        next = tail;
-        last = head;
-    } else {
-        next = head;
-        last = tail;
-    }
-
-    curr = NULL;
-    for (;;) {
-        if (curr == last)
-            break;
-
-        curr = next;
-
-        if (curr == NULL)
-            break;
-
-        next = reverse ? curr->prev : curr->next;
-
-        cp = curr->cipher;
-
-        /*
-         * Selection criteria is either the value of strength_bits
-         * or the algorithms used.
-         */
-        if (strength_bits >= 0) {
-            if (strength_bits != cp->strength_bits)
-                continue;
-        } else {
-#ifdef CIPHER_DEBUG
-            fprintf(stderr,
-                    "\nName: %s:\nAlgo = %08lx/%08lx/%08lx/%08lx/%08lx Algo_strength = %08lx\n",
-                    cp->name, cp->algorithm_mkey, cp->algorithm_auth,
-                    cp->algorithm_enc, cp->algorithm_mac, cp->algorithm_ssl,
-                    cp->algo_strength);
-#endif
-#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
-            if (cipher_id && cipher_id != cp->id)
-                continue;
-#endif
-            if (alg_mkey && !(alg_mkey & cp->algorithm_mkey))
-                continue;
-            if (alg_auth && !(alg_auth & cp->algorithm_auth))
-                continue;
-            if (alg_enc && !(alg_enc & cp->algorithm_enc))
-                continue;
-            if (alg_mac && !(alg_mac & cp->algorithm_mac))
-                continue;
-            if (alg_ssl && !(alg_ssl & cp->algorithm_ssl))
-                continue;
-            if ((algo_strength & SSL_EXP_MASK)
-                && !(algo_strength & SSL_EXP_MASK & cp->algo_strength))
-                continue;
-            if ((algo_strength & SSL_STRONG_MASK)
-                && !(algo_strength & SSL_STRONG_MASK & cp->algo_strength))
-                continue;
-            if ((algo_strength & SSL_NOT_DEFAULT)
-                && !(cp->algo_strength & SSL_NOT_DEFAULT))
-                continue;
-        }
-
-#ifdef CIPHER_DEBUG
-        fprintf(stderr, "Action = %d\n", rule);
-#endif
-
-        /* add the cipher if it has not been added yet. */
-        if (rule == CIPHER_ADD) {
-            /* reverse == 0 */
-            if (!curr->active) {
-                ll_append_tail(&head, curr, &tail);
-                curr->active = 1;
-            }
-        }
-        /* Move the added cipher to this location */
-        else if (rule == CIPHER_ORD) {
-            /* reverse == 0 */
-            if (curr->active) {
-                ll_append_tail(&head, curr, &tail);
-            }
-        } else if (rule == CIPHER_DEL) {
-            /* reverse == 1 */
-            if (curr->active) {
-                /*
-                 * most recently deleted ciphersuites get best positions for
-                 * any future CIPHER_ADD (note that the CIPHER_DEL loop works
-                 * in reverse to maintain the order)
-                 */
-                ll_append_head(&head, curr, &tail);
-                curr->active = 0;
-            }
-        } else if (rule == CIPHER_KILL) {
-            /* reverse == 0 */
-            if (head == curr)
-                head = curr->next;
-            else
-                curr->prev->next = curr->next;
-            if (tail == curr)
-                tail = curr->prev;
-            curr->active = 0;
-            if (curr->next != NULL)
-                curr->next->prev = curr->prev;
-            if (curr->prev != NULL)
-                curr->prev->next = curr->next;
-            curr->next = NULL;
-            curr->prev = NULL;
-        }
-    }
-
-    *head_p = head;
-    *tail_p = tail;
-}
-
-static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p,
-                                    CIPHER_ORDER **tail_p)
-{
-    int max_strength_bits, i, *number_uses;
-    CIPHER_ORDER *curr;
-
-    /*
-     * This routine sorts the ciphers with descending strength. The sorting
-     * must keep the pre-sorted sequence, so we apply the normal sorting
-     * routine as '+' movement to the end of the list.
-     */
-    max_strength_bits = 0;
-    curr = *head_p;
-    while (curr != NULL) {
-        if (curr->active && (curr->cipher->strength_bits > max_strength_bits))
-            max_strength_bits = curr->cipher->strength_bits;
-        curr = curr->next;
-    }
-
-    number_uses = OPENSSL_malloc((max_strength_bits + 1) * sizeof(int));
-    if (!number_uses) {
-        SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-    memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int));
-
-    /*
-     * Now find the strength_bits values actually used
-     */
-    curr = *head_p;
-    while (curr != NULL) {
-        if (curr->active)
-            number_uses[curr->cipher->strength_bits]++;
-        curr = curr->next;
-    }
-    /*
-     * Go through the list of used strength_bits values in descending
-     * order.
-     */
-    for (i = max_strength_bits; i >= 0; i--)
-        if (number_uses[i] > 0)
-            ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ORD, i, head_p,
-                                  tail_p);
-
-    OPENSSL_free(number_uses);
-    return (1);
-}
-
-static int ssl_cipher_process_rulestr(const char *rule_str,
-                                      CIPHER_ORDER **head_p,
-                                      CIPHER_ORDER **tail_p,
-                                      const SSL_CIPHER **ca_list)
-{
-    unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl,
-        algo_strength;
-    const char *l, *buf;
-    int j, multi, found, rule, retval, ok, buflen;
-    unsigned long cipher_id = 0;
-    char ch;
-
-    retval = 1;
-    l = rule_str;
-    for (;;) {
-        ch = *l;
-
-        if (ch == '\0')
-            break;              /* done */
-        if (ch == '-') {
-            rule = CIPHER_DEL;
-            l++;
-        } else if (ch == '+') {
-            rule = CIPHER_ORD;
-            l++;
-        } else if (ch == '!') {
-            rule = CIPHER_KILL;
-            l++;
-        } else if (ch == '@') {
-            rule = CIPHER_SPECIAL;
-            l++;
-        } else {
-            rule = CIPHER_ADD;
-        }
-
-        if (ITEM_SEP(ch)) {
-            l++;
-            continue;
-        }
-
-        alg_mkey = 0;
-        alg_auth = 0;
-        alg_enc = 0;
-        alg_mac = 0;
-        alg_ssl = 0;
-        algo_strength = 0;
-
-        for (;;) {
-            ch = *l;
-            buf = l;
-            buflen = 0;
-#ifndef CHARSET_EBCDIC
-            while (((ch >= 'A') && (ch <= 'Z')) ||
-                   ((ch >= '0') && (ch <= '9')) ||
-                   ((ch >= 'a') && (ch <= 'z')) || (ch == '-') || (ch == '.'))
-#else
-            while (isalnum(ch) || (ch == '-') || (ch == '.'))
-#endif
-            {
-                ch = *(++l);
-                buflen++;
-            }
-
-            if (buflen == 0) {
-                /*
-                 * We hit something we cannot deal with,
-                 * it is no command or separator nor
-                 * alphanumeric, so we call this an error.
-                 */
-                SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
-                       SSL_R_INVALID_COMMAND);
-                retval = found = 0;
-                l++;
-                break;
-            }
-
-            if (rule == CIPHER_SPECIAL) {
-                found = 0;      /* unused -- avoid compiler warning */
-                break;          /* special treatment */
-            }
-
-            /* check for multi-part specification */
-            if (ch == '+') {
-                multi = 1;
-                l++;
-            } else
-                multi = 0;
-
-            /*
-             * Now search for the cipher alias in the ca_list. Be careful
-             * with the strncmp, because the "buflen" limitation
-             * will make the rule "ADH:SOME" and the cipher
-             * "ADH-MY-CIPHER" look like a match for buflen=3.
-             * So additionally check whether the cipher name found
-             * has the correct length. We can save a strlen() call:
-             * just checking for the '\0' at the right place is
-             * sufficient, we have to strncmp() anyway. (We cannot
-             * use strcmp(), because buf is not '\0' terminated.)
-             */
-            j = found = 0;
-            cipher_id = 0;
-            while (ca_list[j]) {
-                if (!strncmp(buf, ca_list[j]->name, buflen) &&
-                    (ca_list[j]->name[buflen] == '\0')) {
-                    found = 1;
-                    break;
-                } else
-                    j++;
-            }
-
-            if (!found)
-                break;          /* ignore this entry */
-
-            if (ca_list[j]->algorithm_mkey) {
-                if (alg_mkey) {
-                    alg_mkey &= ca_list[j]->algorithm_mkey;
-                    if (!alg_mkey) {
-                        found = 0;
-                        break;
-                    }
-                } else
-                    alg_mkey = ca_list[j]->algorithm_mkey;
-            }
-
-            if (ca_list[j]->algorithm_auth) {
-                if (alg_auth) {
-                    alg_auth &= ca_list[j]->algorithm_auth;
-                    if (!alg_auth) {
-                        found = 0;
-                        break;
-                    }
-                } else
-                    alg_auth = ca_list[j]->algorithm_auth;
-            }
-
-            if (ca_list[j]->algorithm_enc) {
-                if (alg_enc) {
-                    alg_enc &= ca_list[j]->algorithm_enc;
-                    if (!alg_enc) {
-                        found = 0;
-                        break;
-                    }
-                } else
-                    alg_enc = ca_list[j]->algorithm_enc;
-            }
-
-            if (ca_list[j]->algorithm_mac) {
-                if (alg_mac) {
-                    alg_mac &= ca_list[j]->algorithm_mac;
-                    if (!alg_mac) {
-                        found = 0;
-                        break;
-                    }
-                } else
-                    alg_mac = ca_list[j]->algorithm_mac;
-            }
-
-            if (ca_list[j]->algo_strength & SSL_EXP_MASK) {
-                if (algo_strength & SSL_EXP_MASK) {
-                    algo_strength &=
-                        (ca_list[j]->algo_strength & SSL_EXP_MASK) |
-                        ~SSL_EXP_MASK;
-                    if (!(algo_strength & SSL_EXP_MASK)) {
-                        found = 0;
-                        break;
-                    }
-                } else
-                    algo_strength |= ca_list[j]->algo_strength & SSL_EXP_MASK;
-            }
-
-            if (ca_list[j]->algo_strength & SSL_STRONG_MASK) {
-                if (algo_strength & SSL_STRONG_MASK) {
-                    algo_strength &=
-                        (ca_list[j]->algo_strength & SSL_STRONG_MASK) |
-                        ~SSL_STRONG_MASK;
-                    if (!(algo_strength & SSL_STRONG_MASK)) {
-                        found = 0;
-                        break;
-                    }
-                } else
-                    algo_strength |=
-                        ca_list[j]->algo_strength & SSL_STRONG_MASK;
-            }
-
-            if (ca_list[j]->algo_strength & SSL_NOT_DEFAULT) {
-                algo_strength |= SSL_NOT_DEFAULT;
-            }
-
-            if (ca_list[j]->valid) {
-                /*
-                 * explicit ciphersuite found; its protocol version does not
-                 * become part of the search pattern!
-                 */
-
-                cipher_id = ca_list[j]->id;
-            } else {
-                /*
-                 * not an explicit ciphersuite; only in this case, the
-                 * protocol version is considered part of the search pattern
-                 */
-
-                if (ca_list[j]->algorithm_ssl) {
-                    if (alg_ssl) {
-                        alg_ssl &= ca_list[j]->algorithm_ssl;
-                        if (!alg_ssl) {
-                            found = 0;
-                            break;
-                        }
-                    } else
-                        alg_ssl = ca_list[j]->algorithm_ssl;
-                }
-            }
-
-            if (!multi)
-                break;
-        }
-
-        /*
-         * Ok, we have the rule, now apply it
-         */
-        if (rule == CIPHER_SPECIAL) { /* special command */
-            ok = 0;
-            if ((buflen == 8) && !strncmp(buf, "STRENGTH", 8))
-                ok = ssl_cipher_strength_sort(head_p, tail_p);
-            else
-                SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
-                       SSL_R_INVALID_COMMAND);
-            if (ok == 0)
-                retval = 0;
-            /*
-             * We do not support any "multi" options
-             * together with "@", so throw away the
-             * rest of the command, if any left, until
-             * end or ':' is found.
-             */
-            while ((*l != '\0') && !ITEM_SEP(*l))
-                l++;
-        } else if (found) {
-            ssl_cipher_apply_rule(cipher_id,
-                                  alg_mkey, alg_auth, alg_enc, alg_mac,
-                                  alg_ssl, algo_strength, rule, -1, head_p,
-                                  tail_p);
-        } else {
-            while ((*l != '\0') && !ITEM_SEP(*l))
-                l++;
-        }
-        if (*l == '\0')
-            break;              /* done */
-    }
-
-    return (retval);
-}
-
-#ifndef OPENSSL_NO_EC
-static int check_suiteb_cipher_list(const SSL_METHOD *meth, CERT *c,
-                                    const char **prule_str)
-{
-    unsigned int suiteb_flags = 0, suiteb_comb2 = 0;
-    if (strncmp(*prule_str, "SUITEB128ONLY", 13) == 0) {
-        suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS_ONLY;
-    } else if (strncmp(*prule_str, "SUITEB128C2", 11) == 0) {
-        suiteb_comb2 = 1;
-        suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS;
-    } else if (strncmp(*prule_str, "SUITEB128", 9) == 0) {
-        suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS;
-    } else if (strncmp(*prule_str, "SUITEB192", 9) == 0) {
-        suiteb_flags = SSL_CERT_FLAG_SUITEB_192_LOS;
-    }
-
-    if (suiteb_flags) {
-        c->cert_flags &= ~SSL_CERT_FLAG_SUITEB_128_LOS;
-        c->cert_flags |= suiteb_flags;
-    } else
-        suiteb_flags = c->cert_flags & SSL_CERT_FLAG_SUITEB_128_LOS;
-
-    if (!suiteb_flags)
-        return 1;
-    /* Check version: if TLS 1.2 ciphers allowed we can use Suite B */
-
-    if (!(meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS)) {
-        if (meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)
-            SSLerr(SSL_F_CHECK_SUITEB_CIPHER_LIST,
-                   SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE);
-        else
-            SSLerr(SSL_F_CHECK_SUITEB_CIPHER_LIST,
-                   SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE);
-        return 0;
-    }
-# ifndef OPENSSL_NO_ECDH
-    switch (suiteb_flags) {
-    case SSL_CERT_FLAG_SUITEB_128_LOS:
-        if (suiteb_comb2)
-            *prule_str = "ECDHE-ECDSA-AES256-GCM-SHA384";
-        else
-            *prule_str =
-                "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384";
-        break;
-    case SSL_CERT_FLAG_SUITEB_128_LOS_ONLY:
-        *prule_str = "ECDHE-ECDSA-AES128-GCM-SHA256";
-        break;
-    case SSL_CERT_FLAG_SUITEB_192_LOS:
-        *prule_str = "ECDHE-ECDSA-AES256-GCM-SHA384";
-        break;
-    }
-    /* Set auto ECDH parameter determination */
-    c->ecdh_tmp_auto = 1;
-    return 1;
-# else
-    SSLerr(SSL_F_CHECK_SUITEB_CIPHER_LIST,
-           SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE);
-    return 0;
-# endif
-}
-#endif
-
-STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, STACK_OF(SSL_CIPHER)
-                                             **cipher_list, STACK_OF(SSL_CIPHER)
-                                             **cipher_list_by_id,
-                                             const char *rule_str, CERT *c)
-{
-    int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
-    unsigned long disabled_mkey, disabled_auth, disabled_enc, disabled_mac,
-        disabled_ssl;
-    STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list;
-    const char *rule_p;
-    CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
-    const SSL_CIPHER **ca_list = NULL;
-
-    /*
-     * Return with error if nothing to do.
-     */
-    if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL)
-        return NULL;
-#ifndef OPENSSL_NO_EC
-    if (!check_suiteb_cipher_list(ssl_method, c, &rule_str))
-        return NULL;
-#endif
-
-    /*
-     * To reduce the work to do we only want to process the compiled
-     * in algorithms, so we first get the mask of disabled ciphers.
-     */
-    ssl_cipher_get_disabled(&disabled_mkey, &disabled_auth, &disabled_enc,
-                            &disabled_mac, &disabled_ssl);
-
-    /*
-     * Now we have to collect the available ciphers from the compiled
-     * in ciphers. We cannot get more than the number compiled in, so
-     * it is used for allocation.
-     */
-    num_of_ciphers = ssl_method->num_ciphers();
-#ifdef KSSL_DEBUG
-    fprintf(stderr, "ssl_create_cipher_list() for %d ciphers\n",
-            num_of_ciphers);
-#endif                          /* KSSL_DEBUG */
-    co_list =
-        (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers);
-    if (co_list == NULL) {
-        SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
-        return (NULL);          /* Failure */
-    }
-
-    ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers,
-                               disabled_mkey, disabled_auth, disabled_enc,
-                               disabled_mac, disabled_ssl, co_list, &head,
-                               &tail);
-
-    /* Now arrange all ciphers by preference: */
-
-    /*
-     * Everything else being equal, prefer ephemeral ECDH over other key
-     * exchange mechanisms
-     */
-    ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head,
-                          &tail);
-    ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head,
-                          &tail);
-
-    /* AES is our preferred symmetric cipher */
-    ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0, CIPHER_ADD, -1, &head,
-                          &tail);
-
-    /* Temporarily enable everything else for sorting */
-    ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
-
-    /* Low priority for MD5 */
-    ssl_cipher_apply_rule(0, 0, 0, 0, SSL_MD5, 0, 0, CIPHER_ORD, -1, &head,
-                          &tail);
-
-    /*
-     * Move anonymous ciphers to the end.  Usually, these will remain
-     * disabled. (For applications that allow them, they aren't too bad, but
-     * we prefer authenticated ciphers.)
-     */
-    ssl_cipher_apply_rule(0, 0, SSL_aNULL, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
-                          &tail);
-
-    /* Move ciphers without forward secrecy to the end */
-    ssl_cipher_apply_rule(0, 0, SSL_aECDH, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
-                          &tail);
-    /*
-     * ssl_cipher_apply_rule(0, 0, SSL_aDH, 0, 0, 0, 0, CIPHER_ORD, -1,
-     * &head, &tail);
-     */
-    ssl_cipher_apply_rule(0, SSL_kRSA, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
-                          &tail);
-    ssl_cipher_apply_rule(0, SSL_kPSK, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
-                          &tail);
-    ssl_cipher_apply_rule(0, SSL_kKRB5, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
-                          &tail);
-
-    /* RC4 is sort-of broken -- move the the end */
-    ssl_cipher_apply_rule(0, 0, 0, SSL_RC4, 0, 0, 0, CIPHER_ORD, -1, &head,
-                          &tail);
-
-    /*
-     * Now sort by symmetric encryption strength.  The above ordering remains
-     * in force within each class
-     */
-    if (!ssl_cipher_strength_sort(&head, &tail)) {
-        OPENSSL_free(co_list);
-        return NULL;
-    }
-
-    /* Now disable everything (maintaining the ordering!) */
-    ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail);
-
-    /*
-     * We also need cipher aliases for selecting based on the rule_str.
-     * There might be two types of entries in the rule_str: 1) names
-     * of ciphers themselves 2) aliases for groups of ciphers.
-     * For 1) we need the available ciphers and for 2) the cipher
-     * groups of cipher_aliases added together in one list (otherwise
-     * we would be happy with just the cipher_aliases table).
-     */
-    num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER);
-    num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
-    ca_list = OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max);
-    if (ca_list == NULL) {
-        OPENSSL_free(co_list);
-        SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
-        return (NULL);          /* Failure */
-    }
-    ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
-                               disabled_mkey, disabled_auth, disabled_enc,
-                               disabled_mac, disabled_ssl, head);
-
-    /*
-     * If the rule_string begins with DEFAULT, apply the default rule
-     * before using the (possibly available) additional rules.
-     */
-    ok = 1;
-    rule_p = rule_str;
-    if (strncmp(rule_str, "DEFAULT", 7) == 0) {
-        ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST,
-                                        &head, &tail, ca_list);
-        rule_p += 7;
-        if (*rule_p == ':')
-            rule_p++;
-    }
-
-    if (ok && (strlen(rule_p) > 0))
-        ok = ssl_cipher_process_rulestr(rule_p, &head, &tail, ca_list);
-
-    OPENSSL_free((void *)ca_list); /* Not needed anymore */
-
-    if (!ok) {                  /* Rule processing failure */
-        OPENSSL_free(co_list);
-        return (NULL);
-    }
-
-    /*
-     * Allocate new "cipherstack" for the result, return with error
-     * if we cannot get one.
-     */
-    if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) {
-        OPENSSL_free(co_list);
-        return (NULL);
-    }
-
-    /*
-     * The cipher selection for the list is done. The ciphers are added
-     * to the resulting precedence to the STACK_OF(SSL_CIPHER).
-     */
-    for (curr = head; curr != NULL; curr = curr->next) {
-#ifdef OPENSSL_FIPS
-        if (curr->active
-            && (!FIPS_mode() || curr->cipher->algo_strength & SSL_FIPS))
-#else
-        if (curr->active)
-#endif
-        {
-            sk_SSL_CIPHER_push(cipherstack, curr->cipher);
-#ifdef CIPHER_DEBUG
-            fprintf(stderr, "<%s>\n", curr->cipher->name);
-#endif
-        }
-    }
-    OPENSSL_free(co_list);      /* Not needed any longer */
-
-    tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack);
-    if (tmp_cipher_list == NULL) {
-        sk_SSL_CIPHER_free(cipherstack);
-        return NULL;
-    }
-    if (*cipher_list != NULL)
-        sk_SSL_CIPHER_free(*cipher_list);
-    *cipher_list = cipherstack;
-    if (*cipher_list_by_id != NULL)
-        sk_SSL_CIPHER_free(*cipher_list_by_id);
-    *cipher_list_by_id = tmp_cipher_list;
-    (void)sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,
-                                     ssl_cipher_ptr_id_cmp);
-
-    sk_SSL_CIPHER_sort(*cipher_list_by_id);
-    return (cipherstack);
-}
-
-char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
-{
-    int is_export, pkl, kl;
-    const char *ver, *exp_str;
-    const char *kx, *au, *enc, *mac;
-    unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, alg2;
-#ifdef KSSL_DEBUG
-    static const char *format =
-        "%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx/%lx/%lx/%lx/%lx\n";
-#else
-    static const char *format =
-        "%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n";
-#endif                          /* KSSL_DEBUG */
-
-    alg_mkey = cipher->algorithm_mkey;
-    alg_auth = cipher->algorithm_auth;
-    alg_enc = cipher->algorithm_enc;
-    alg_mac = cipher->algorithm_mac;
-    alg_ssl = cipher->algorithm_ssl;
-
-    alg2 = cipher->algorithm2;
-
-    is_export = SSL_C_IS_EXPORT(cipher);
-    pkl = SSL_C_EXPORT_PKEYLENGTH(cipher);
-    kl = SSL_C_EXPORT_KEYLENGTH(cipher);
-    exp_str = is_export ? " export" : "";
-
-    if (alg_ssl & SSL_SSLV2)
-        ver = "SSLv2";
-    else if (alg_ssl & SSL_SSLV3)
-        ver = "SSLv3";
-    else if (alg_ssl & SSL_TLSV1_2)
-        ver = "TLSv1.2";
-    else
-        ver = "unknown";
-
-    switch (alg_mkey) {
-    case SSL_kRSA:
-        kx = is_export ? (pkl == 512 ? "RSA(512)" : "RSA(1024)") : "RSA";
-        break;
-    case SSL_kDHr:
-        kx = "DH/RSA";
-        break;
-    case SSL_kDHd:
-        kx = "DH/DSS";
-        break;
-    case SSL_kKRB5:
-        kx = "KRB5";
-        break;
-    case SSL_kEDH:
-        kx = is_export ? (pkl == 512 ? "DH(512)" : "DH(1024)") : "DH";
-        break;
-    case SSL_kECDHr:
-        kx = "ECDH/RSA";
-        break;
-    case SSL_kECDHe:
-        kx = "ECDH/ECDSA";
-        break;
-    case SSL_kEECDH:
-        kx = "ECDH";
-        break;
-    case SSL_kPSK:
-        kx = "PSK";
-        break;
-    case SSL_kSRP:
-        kx = "SRP";
-        break;
-    case SSL_kGOST:
-        kx = "GOST";
-        break;
-    default:
-        kx = "unknown";
-    }
-
-    switch (alg_auth) {
-    case SSL_aRSA:
-        au = "RSA";
-        break;
-    case SSL_aDSS:
-        au = "DSS";
-        break;
-    case SSL_aDH:
-        au = "DH";
-        break;
-    case SSL_aKRB5:
-        au = "KRB5";
-        break;
-    case SSL_aECDH:
-        au = "ECDH";
-        break;
-    case SSL_aNULL:
-        au = "None";
-        break;
-    case SSL_aECDSA:
-        au = "ECDSA";
-        break;
-    case SSL_aPSK:
-        au = "PSK";
-        break;
-    case SSL_aSRP:
-        au = "SRP";
-        break;
-    case SSL_aGOST94:
-        au = "GOST94";
-        break;
-    case SSL_aGOST01:
-        au = "GOST01";
-        break;
-    default:
-        au = "unknown";
-        break;
-    }
-
-    switch (alg_enc) {
-    case SSL_DES:
-        enc = (is_export && kl == 5) ? "DES(40)" : "DES(56)";
-        break;
-    case SSL_3DES:
-        enc = "3DES(168)";
-        break;
-    case SSL_RC4:
-        enc = is_export ? (kl == 5 ? "RC4(40)" : "RC4(56)")
-            : ((alg2 & SSL2_CF_8_BYTE_ENC) ? "RC4(64)" : "RC4(128)");
-        break;
-    case SSL_RC2:
-        enc = is_export ? (kl == 5 ? "RC2(40)" : "RC2(56)") : "RC2(128)";
-        break;
-    case SSL_IDEA:
-        enc = "IDEA(128)";
-        break;
-    case SSL_eNULL:
-        enc = "None";
-        break;
-    case SSL_AES128:
-        enc = "AES(128)";
-        break;
-    case SSL_AES256:
-        enc = "AES(256)";
-        break;
-    case SSL_AES128GCM:
-        enc = "AESGCM(128)";
-        break;
-    case SSL_AES256GCM:
-        enc = "AESGCM(256)";
-        break;
-    case SSL_CAMELLIA128:
-        enc = "Camellia(128)";
-        break;
-    case SSL_CAMELLIA256:
-        enc = "Camellia(256)";
-        break;
-    case SSL_SEED:
-        enc = "SEED(128)";
-        break;
-    case SSL_eGOST2814789CNT:
-        enc = "GOST89(256)";
-        break;
-    default:
-        enc = "unknown";
-        break;
-    }
-
-    switch (alg_mac) {
-    case SSL_MD5:
-        mac = "MD5";
-        break;
-    case SSL_SHA1:
-        mac = "SHA1";
-        break;
-    case SSL_SHA256:
-        mac = "SHA256";
-        break;
-    case SSL_SHA384:
-        mac = "SHA384";
-        break;
-    case SSL_AEAD:
-        mac = "AEAD";
-        break;
-    case SSL_GOST89MAC:
-        mac = "GOST89";
-        break;
-    case SSL_GOST94:
-        mac = "GOST94";
-        break;
-    default:
-        mac = "unknown";
-        break;
-    }
-
-    if (buf == NULL) {
-        len = 128;
-        buf = OPENSSL_malloc(len);
-        if (buf == NULL)
-            return ("OPENSSL_malloc Error");
-    } else if (len < 128)
-        return ("Buffer too small");
-
-#ifdef KSSL_DEBUG
-    BIO_snprintf(buf, len, format, cipher->name, ver, kx, au, enc, mac,
-                 exp_str, alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl);
-#else
-    BIO_snprintf(buf, len, format, cipher->name, ver, kx, au, enc, mac,
-                 exp_str);
-#endif                          /* KSSL_DEBUG */
-    return (buf);
-}
-
-char *SSL_CIPHER_get_version(const SSL_CIPHER *c)
-{
-    int i;
-
-    if (c == NULL)
-        return ("(NONE)");
-    i = (int)(c->id >> 24L);
-    if (i == 3)
-        return ("TLSv1/SSLv3");
-    else if (i == 2)
-        return ("SSLv2");
-    else
-        return ("unknown");
-}
-
-/* return the actual cipher being used */
-const char *SSL_CIPHER_get_name(const SSL_CIPHER *c)
-{
-    if (c != NULL)
-        return (c->name);
-    return ("(NONE)");
-}
-
-/* number of bits for symmetric cipher */
-int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits)
-{
-    int ret = 0;
-
-    if (c != NULL) {
-        if (alg_bits != NULL)
-            *alg_bits = c->alg_bits;
-        ret = c->strength_bits;
-    }
-    return (ret);
-}
-
-unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c)
-{
-    return c->id;
-}
-
-SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n)
-{
-    SSL_COMP *ctmp;
-    int i, nn;
-
-    if ((n == 0) || (sk == NULL))
-        return (NULL);
-    nn = sk_SSL_COMP_num(sk);
-    for (i = 0; i < nn; i++) {
-        ctmp = sk_SSL_COMP_value(sk, i);
-        if (ctmp->id == n)
-            return (ctmp);
-    }
-    return (NULL);
-}
-
-#ifdef OPENSSL_NO_COMP
-STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void)
-{
-    return NULL;
-}
-
-STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP)
-                                                      *meths)
-{
-    return NULL;
-}
-
-void SSL_COMP_free_compression_methods(void)
-{
-}
-
-int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
-{
-    return 1;
-}
-
-const char *SSL_COMP_get_name(const COMP_METHOD *comp)
-{
-    return NULL;
-}
-#else
-STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void)
-{
-    load_builtin_compressions();
-    return (ssl_comp_methods);
-}
-
-STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP)
-                                                      *meths)
-{
-    STACK_OF(SSL_COMP) *old_meths = ssl_comp_methods;
-    ssl_comp_methods = meths;
-    return old_meths;
-}
-
-static void cmeth_free(SSL_COMP *cm)
-{
-    OPENSSL_free(cm);
-}
-
-void SSL_COMP_free_compression_methods(void)
-{
-    STACK_OF(SSL_COMP) *old_meths = ssl_comp_methods;
-    ssl_comp_methods = NULL;
-    sk_SSL_COMP_pop_free(old_meths, cmeth_free);
-}
-
-int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
-{
-    SSL_COMP *comp;
-
-    if (cm == NULL || cm->type == NID_undef)
-        return 1;
-
-    /*-
-     * According to draft-ietf-tls-compression-04.txt, the
-     * compression number ranges should be the following:
-     *
-     *   0 to  63:  methods defined by the IETF
-     *  64 to 192:  external party methods assigned by IANA
-     * 193 to 255:  reserved for private use
-     */
-    if (id < 193 || id > 255) {
-        SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,
-               SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE);
-        return 1;
-    }
-
-    MemCheck_off();
-    comp = (SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
-    if (comp == NULL) {
-        MemCheck_on();
-        SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, ERR_R_MALLOC_FAILURE);
-        return 1;
-    }
-    comp->id = id;
-    comp->method = cm;
-    comp->name = cm->name;
-    load_builtin_compressions();
-    if (ssl_comp_methods && sk_SSL_COMP_find(ssl_comp_methods, comp) >= 0) {
-        OPENSSL_free(comp);
-        MemCheck_on();
-        SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,
-               SSL_R_DUPLICATE_COMPRESSION_ID);
-        return (1);
-    } else if ((ssl_comp_methods == NULL)
-               || !sk_SSL_COMP_push(ssl_comp_methods, comp)) {
-        OPENSSL_free(comp);
-        MemCheck_on();
-        SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, ERR_R_MALLOC_FAILURE);
-        return (1);
-    } else {
-        MemCheck_on();
-        return (0);
-    }
-}
-
-const char *SSL_COMP_get_name(const COMP_METHOD *comp)
-{
-    if (comp)
-        return comp->name;
-    return NULL;
-}
-#endif
-/* For a cipher return the index corresponding to the certificate type */
-int ssl_cipher_get_cert_index(const SSL_CIPHER *c)
-{
-    unsigned long alg_k, alg_a;
-
-    alg_k = c->algorithm_mkey;
-    alg_a = c->algorithm_auth;
-
-    if (alg_k & (SSL_kECDHr | SSL_kECDHe)) {
-        /*
-         * we don't need to look at SSL_kEECDH since no certificate is needed
-         * for anon ECDH and for authenticated EECDH, the check for the auth
-         * algorithm will set i correctly NOTE: For ECDH-RSA, we need an ECC
-         * not an RSA cert but for EECDH-RSA we need an RSA cert. Placing the
-         * checks for SSL_kECDH before RSA checks ensures the correct cert is
-         * chosen.
-         */
-        return SSL_PKEY_ECC;
-    } else if (alg_a & SSL_aECDSA)
-        return SSL_PKEY_ECC;
-    else if (alg_k & SSL_kDHr)
-        return SSL_PKEY_DH_RSA;
-    else if (alg_k & SSL_kDHd)
-        return SSL_PKEY_DH_DSA;
-    else if (alg_a & SSL_aDSS)
-        return SSL_PKEY_DSA_SIGN;
-    else if (alg_a & SSL_aRSA)
-        return SSL_PKEY_RSA_ENC;
-    else if (alg_a & SSL_aKRB5)
-        /* VRS something else here? */
-        return -1;
-    else if (alg_a & SSL_aGOST94)
-        return SSL_PKEY_GOST94;
-    else if (alg_a & SSL_aGOST01)
-        return SSL_PKEY_GOST01;
-    return -1;
-}
-
-const SSL_CIPHER *ssl_get_cipher_by_char(SSL *ssl, const unsigned char *ptr)
-{
-    const SSL_CIPHER *c;
-    c = ssl->method->get_cipher_by_char(ptr);
-    if (c == NULL || c->valid == 0)
-        return NULL;
-    return c;
-}
-
-const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr)
-{
-    return ssl->method->get_cipher_by_char(ptr);
-}
diff --git a/thirdparty/openssl/ssl/ssl_conf.c b/thirdparty/openssl/ssl/ssl_conf.c
deleted file mode 100644
index 8d3709d2b6..0000000000
--- a/thirdparty/openssl/ssl/ssl_conf.c
+++ /dev/null
@@ -1,691 +0,0 @@
-/*
- * ! \file ssl/ssl_conf.c \brief SSL configuration functions
- */
-/* ====================================================================
- * Copyright (c) 2012 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifdef REF_CHECK
-# include <assert.h>
-#endif
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/conf.h>
-#include <openssl/objects.h>
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-
-/*
- * structure holding name tables. This is used for pemitted elements in lists
- * such as TLSv1 and single command line switches such as no_tls1
- */
-
-typedef struct {
-    const char *name;
-    int namelen;
-    unsigned int name_flags;
-    unsigned long option_value;
-} ssl_flag_tbl;
-
-/* Sense of name is inverted e.g. "TLSv1" will clear SSL_OP_NO_TLSv1 */
-#define SSL_TFLAG_INV   0x1
-/* Flags refers to cert_flags not options */
-#define SSL_TFLAG_CERT  0x2
-/* Option can only be used for clients */
-#define SSL_TFLAG_CLIENT SSL_CONF_FLAG_CLIENT
-/* Option can only be used for servers */
-#define SSL_TFLAG_SERVER SSL_CONF_FLAG_SERVER
-#define SSL_TFLAG_BOTH (SSL_TFLAG_CLIENT|SSL_TFLAG_SERVER)
-
-#define SSL_FLAG_TBL(str, flag) \
-        {str, (int)(sizeof(str) - 1), SSL_TFLAG_BOTH, flag}
-#define SSL_FLAG_TBL_SRV(str, flag) \
-        {str, (int)(sizeof(str) - 1), SSL_TFLAG_SERVER, flag}
-#define SSL_FLAG_TBL_CLI(str, flag) \
-        {str, (int)(sizeof(str) - 1), SSL_TFLAG_CLIENT, flag}
-#define SSL_FLAG_TBL_INV(str, flag) \
-        {str, (int)(sizeof(str) - 1), SSL_TFLAG_INV|SSL_TFLAG_BOTH, flag}
-#define SSL_FLAG_TBL_SRV_INV(str, flag) \
-        {str, (int)(sizeof(str) - 1), SSL_TFLAG_INV|SSL_TFLAG_SERVER, flag}
-#define SSL_FLAG_TBL_CERT(str, flag) \
-        {str, (int)(sizeof(str) - 1), SSL_TFLAG_CERT|SSL_TFLAG_BOTH, flag}
-
-/*
- * Opaque structure containing SSL configuration context.
- */
-
-struct ssl_conf_ctx_st {
-    /*
-     * Various flags indicating (among other things) which options we will
-     * recognise.
-     */
-    unsigned int flags;
-    /* Prefix and length of commands */
-    char *prefix;
-    size_t prefixlen;
-    /* SSL_CTX or SSL structure to perform operations on */
-    SSL_CTX *ctx;
-    SSL *ssl;
-    /* Pointer to SSL or SSL_CTX options field or NULL if none */
-    unsigned long *poptions;
-    /* Pointer to SSL or SSL_CTX cert_flags or NULL if none */
-    unsigned int *pcert_flags;
-    /* Current flag table being worked on */
-    const ssl_flag_tbl *tbl;
-    /* Size of table */
-    size_t ntbl;
-};
-
-static int ssl_match_option(SSL_CONF_CTX *cctx, const ssl_flag_tbl *tbl,
-                            const char *name, int namelen, int onoff)
-{
-    /* If name not relevant for context skip */
-    if (!(cctx->flags & tbl->name_flags & SSL_TFLAG_BOTH))
-        return 0;
-    if (namelen == -1) {
-        if (strcmp(tbl->name, name))
-            return 0;
-    } else if (tbl->namelen != namelen
-               || strncasecmp(tbl->name, name, namelen))
-        return 0;
-    if (cctx->poptions) {
-        if (tbl->name_flags & SSL_TFLAG_INV)
-            onoff ^= 1;
-        if (tbl->name_flags & SSL_TFLAG_CERT) {
-            if (onoff)
-                *cctx->pcert_flags |= tbl->option_value;
-            else
-                *cctx->pcert_flags &= ~tbl->option_value;
-        } else {
-            if (onoff)
-                *cctx->poptions |= tbl->option_value;
-            else
-                *cctx->poptions &= ~tbl->option_value;
-        }
-    }
-    return 1;
-}
-
-static int ssl_set_option_list(const char *elem, int len, void *usr)
-{
-    SSL_CONF_CTX *cctx = usr;
-    size_t i;
-    const ssl_flag_tbl *tbl;
-    int onoff = 1;
-    /*
-     * len == -1 indicates not being called in list context, just for single
-     * command line switches, so don't allow +, -.
-     */
-    if (elem == NULL)
-        return 0;
-    if (len != -1) {
-        if (*elem == '+') {
-            elem++;
-            len--;
-            onoff = 1;
-        } else if (*elem == '-') {
-            elem++;
-            len--;
-            onoff = 0;
-        }
-    }
-    for (i = 0, tbl = cctx->tbl; i < cctx->ntbl; i++, tbl++) {
-        if (ssl_match_option(cctx, tbl, elem, len, onoff))
-            return 1;
-    }
-    return 0;
-}
-
-/* Single command line switches with no argument e.g. -no_ssl3 */
-static int ctrl_str_option(SSL_CONF_CTX *cctx, const char *cmd)
-{
-    static const ssl_flag_tbl ssl_option_single[] = {
-        SSL_FLAG_TBL("no_ssl2", SSL_OP_NO_SSLv2),
-        SSL_FLAG_TBL("no_ssl3", SSL_OP_NO_SSLv3),
-        SSL_FLAG_TBL("no_tls1", SSL_OP_NO_TLSv1),
-        SSL_FLAG_TBL("no_tls1_1", SSL_OP_NO_TLSv1_1),
-        SSL_FLAG_TBL("no_tls1_2", SSL_OP_NO_TLSv1_2),
-        SSL_FLAG_TBL("bugs", SSL_OP_ALL),
-        SSL_FLAG_TBL("no_comp", SSL_OP_NO_COMPRESSION),
-        SSL_FLAG_TBL_SRV("ecdh_single", SSL_OP_SINGLE_ECDH_USE),
-#ifndef OPENSSL_NO_TLSEXT
-        SSL_FLAG_TBL("no_ticket", SSL_OP_NO_TICKET),
-#endif
-        SSL_FLAG_TBL_SRV("serverpref", SSL_OP_CIPHER_SERVER_PREFERENCE),
-        SSL_FLAG_TBL("legacy_renegotiation",
-                     SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION),
-        SSL_FLAG_TBL_SRV("legacy_server_connect",
-                         SSL_OP_LEGACY_SERVER_CONNECT),
-        SSL_FLAG_TBL_SRV("no_resumption_on_reneg",
-                         SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION),
-        SSL_FLAG_TBL_SRV_INV("no_legacy_server_connect",
-                             SSL_OP_LEGACY_SERVER_CONNECT),
-        SSL_FLAG_TBL_CERT("strict", SSL_CERT_FLAG_TLS_STRICT),
-#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
-        SSL_FLAG_TBL_CERT("debug_broken_protocol",
-                          SSL_CERT_FLAG_BROKEN_PROTOCOL),
-#endif
-    };
-    cctx->tbl = ssl_option_single;
-    cctx->ntbl = sizeof(ssl_option_single) / sizeof(ssl_flag_tbl);
-    return ssl_set_option_list(cmd, -1, cctx);
-}
-
-/* Set supported signature algorithms */
-static int cmd_SignatureAlgorithms(SSL_CONF_CTX *cctx, const char *value)
-{
-    int rv;
-    if (cctx->ssl)
-        rv = SSL_set1_sigalgs_list(cctx->ssl, value);
-    /* NB: ctx == NULL performs syntax checking only */
-    else
-        rv = SSL_CTX_set1_sigalgs_list(cctx->ctx, value);
-    return rv > 0;
-}
-
-/* Set supported client signature algorithms */
-static int cmd_ClientSignatureAlgorithms(SSL_CONF_CTX *cctx,
-                                         const char *value)
-{
-    int rv;
-    if (cctx->ssl)
-        rv = SSL_set1_client_sigalgs_list(cctx->ssl, value);
-    /* NB: ctx == NULL performs syntax checking only */
-    else
-        rv = SSL_CTX_set1_client_sigalgs_list(cctx->ctx, value);
-    return rv > 0;
-}
-
-static int cmd_Curves(SSL_CONF_CTX *cctx, const char *value)
-{
-    int rv;
-    if (cctx->ssl)
-        rv = SSL_set1_curves_list(cctx->ssl, value);
-    /* NB: ctx == NULL performs syntax checking only */
-    else
-        rv = SSL_CTX_set1_curves_list(cctx->ctx, value);
-    return rv > 0;
-}
-
-#ifndef OPENSSL_NO_ECDH
-/* ECDH temporary parameters */
-static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value)
-{
-    int onoff = -1, rv = 1;
-    if (!(cctx->flags & SSL_CONF_FLAG_SERVER))
-        return -2;
-    if (cctx->flags & SSL_CONF_FLAG_FILE) {
-        if (*value == '+') {
-            onoff = 1;
-            value++;
-        }
-        if (*value == '-') {
-            onoff = 0;
-            value++;
-        }
-        if (!strcasecmp(value, "automatic")) {
-            if (onoff == -1)
-                onoff = 1;
-        } else if (onoff != -1)
-            return 0;
-    } else if (cctx->flags & SSL_CONF_FLAG_CMDLINE) {
-        if (!strcmp(value, "auto"))
-            onoff = 1;
-    }
-
-    if (onoff != -1) {
-        if (cctx->ctx)
-            rv = SSL_CTX_set_ecdh_auto(cctx->ctx, onoff);
-        else if (cctx->ssl)
-            rv = SSL_set_ecdh_auto(cctx->ssl, onoff);
-    } else {
-        EC_KEY *ecdh;
-        int nid;
-        nid = EC_curve_nist2nid(value);
-        if (nid == NID_undef)
-            nid = OBJ_sn2nid(value);
-        if (nid == 0)
-            return 0;
-        ecdh = EC_KEY_new_by_curve_name(nid);
-        if (!ecdh)
-            return 0;
-        if (cctx->ctx)
-            rv = SSL_CTX_set_tmp_ecdh(cctx->ctx, ecdh);
-        else if (cctx->ssl)
-            rv = SSL_set_tmp_ecdh(cctx->ssl, ecdh);
-        EC_KEY_free(ecdh);
-    }
-
-    return rv > 0;
-}
-#endif
-static int cmd_CipherString(SSL_CONF_CTX *cctx, const char *value)
-{
-    int rv = 1;
-    if (cctx->ctx)
-        rv = SSL_CTX_set_cipher_list(cctx->ctx, value);
-    if (cctx->ssl)
-        rv = SSL_set_cipher_list(cctx->ssl, value);
-    return rv > 0;
-}
-
-static int cmd_Protocol(SSL_CONF_CTX *cctx, const char *value)
-{
-    static const ssl_flag_tbl ssl_protocol_list[] = {
-        SSL_FLAG_TBL_INV("ALL", SSL_OP_NO_SSL_MASK),
-        SSL_FLAG_TBL_INV("SSLv2", SSL_OP_NO_SSLv2),
-        SSL_FLAG_TBL_INV("SSLv3", SSL_OP_NO_SSLv3),
-        SSL_FLAG_TBL_INV("TLSv1", SSL_OP_NO_TLSv1),
-        SSL_FLAG_TBL_INV("TLSv1.1", SSL_OP_NO_TLSv1_1),
-        SSL_FLAG_TBL_INV("TLSv1.2", SSL_OP_NO_TLSv1_2)
-    };
-    int ret;
-    int sslv2off;
-
-    if (!(cctx->flags & SSL_CONF_FLAG_FILE))
-        return -2;
-    cctx->tbl = ssl_protocol_list;
-    cctx->ntbl = sizeof(ssl_protocol_list) / sizeof(ssl_flag_tbl);
-
-    sslv2off = *cctx->poptions & SSL_OP_NO_SSLv2;
-    ret = CONF_parse_list(value, ',', 1, ssl_set_option_list, cctx);
-    /* Never turn on SSLv2 through configuration */
-    *cctx->poptions |= sslv2off;
-    return ret;
-}
-
-static int cmd_Options(SSL_CONF_CTX *cctx, const char *value)
-{
-    static const ssl_flag_tbl ssl_option_list[] = {
-        SSL_FLAG_TBL_INV("SessionTicket", SSL_OP_NO_TICKET),
-        SSL_FLAG_TBL_INV("EmptyFragments",
-                         SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS),
-        SSL_FLAG_TBL("Bugs", SSL_OP_ALL),
-        SSL_FLAG_TBL_INV("Compression", SSL_OP_NO_COMPRESSION),
-        SSL_FLAG_TBL_SRV("ServerPreference", SSL_OP_CIPHER_SERVER_PREFERENCE),
-        SSL_FLAG_TBL_SRV("NoResumptionOnRenegotiation",
-                         SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION),
-        SSL_FLAG_TBL_SRV("DHSingle", SSL_OP_SINGLE_DH_USE),
-        SSL_FLAG_TBL_SRV("ECDHSingle", SSL_OP_SINGLE_ECDH_USE),
-        SSL_FLAG_TBL("UnsafeLegacyRenegotiation",
-                     SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION),
-    };
-    if (!(cctx->flags & SSL_CONF_FLAG_FILE))
-        return -2;
-    if (value == NULL)
-        return -3;
-    cctx->tbl = ssl_option_list;
-    cctx->ntbl = sizeof(ssl_option_list) / sizeof(ssl_flag_tbl);
-    return CONF_parse_list(value, ',', 1, ssl_set_option_list, cctx);
-}
-
-static int cmd_Certificate(SSL_CONF_CTX *cctx, const char *value)
-{
-    int rv = 1;
-    if (!(cctx->flags & SSL_CONF_FLAG_CERTIFICATE))
-        return -2;
-    if (cctx->ctx)
-        rv = SSL_CTX_use_certificate_chain_file(cctx->ctx, value);
-    if (cctx->ssl)
-        rv = SSL_use_certificate_file(cctx->ssl, value, SSL_FILETYPE_PEM);
-    return rv > 0;
-}
-
-static int cmd_PrivateKey(SSL_CONF_CTX *cctx, const char *value)
-{
-    int rv = 1;
-    if (!(cctx->flags & SSL_CONF_FLAG_CERTIFICATE))
-        return -2;
-    if (cctx->ctx)
-        rv = SSL_CTX_use_PrivateKey_file(cctx->ctx, value, SSL_FILETYPE_PEM);
-    if (cctx->ssl)
-        rv = SSL_use_PrivateKey_file(cctx->ssl, value, SSL_FILETYPE_PEM);
-    return rv > 0;
-}
-
-static int cmd_ServerInfoFile(SSL_CONF_CTX *cctx, const char *value)
-{
-    int rv = 1;
-    if (!(cctx->flags & SSL_CONF_FLAG_CERTIFICATE))
-        return -2;
-    if (!(cctx->flags & SSL_CONF_FLAG_SERVER))
-        return -2;
-    if (cctx->ctx)
-        rv = SSL_CTX_use_serverinfo_file(cctx->ctx, value);
-    return rv > 0;
-}
-
-#ifndef OPENSSL_NO_DH
-static int cmd_DHParameters(SSL_CONF_CTX *cctx, const char *value)
-{
-    int rv = 0;
-    DH *dh = NULL;
-    BIO *in = NULL;
-    if (!(cctx->flags & SSL_CONF_FLAG_CERTIFICATE))
-        return -2;
-    if (cctx->ctx || cctx->ssl) {
-        in = BIO_new(BIO_s_file_internal());
-        if (!in)
-            goto end;
-        if (BIO_read_filename(in, value) <= 0)
-            goto end;
-        dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);
-        if (!dh)
-            goto end;
-    } else
-        return 1;
-    if (cctx->ctx)
-        rv = SSL_CTX_set_tmp_dh(cctx->ctx, dh);
-    if (cctx->ssl)
-        rv = SSL_set_tmp_dh(cctx->ssl, dh);
- end:
-    if (dh)
-        DH_free(dh);
-    if (in)
-        BIO_free(in);
-    return rv > 0;
-}
-#endif
-typedef struct {
-    int (*cmd) (SSL_CONF_CTX *cctx, const char *value);
-    const char *str_file;
-    const char *str_cmdline;
-    unsigned int value_type;
-} ssl_conf_cmd_tbl;
-
-/* Table of supported parameters */
-
-#define SSL_CONF_CMD(name, cmdopt, type) \
-        {cmd_##name, #name, cmdopt, type}
-
-#define SSL_CONF_CMD_STRING(name, cmdopt) \
-        SSL_CONF_CMD(name, cmdopt, SSL_CONF_TYPE_STRING)
-
-static const ssl_conf_cmd_tbl ssl_conf_cmds[] = {
-    SSL_CONF_CMD_STRING(SignatureAlgorithms, "sigalgs"),
-    SSL_CONF_CMD_STRING(ClientSignatureAlgorithms, "client_sigalgs"),
-    SSL_CONF_CMD_STRING(Curves, "curves"),
-#ifndef OPENSSL_NO_ECDH
-    SSL_CONF_CMD_STRING(ECDHParameters, "named_curve"),
-#endif
-    SSL_CONF_CMD_STRING(CipherString, "cipher"),
-    SSL_CONF_CMD_STRING(Protocol, NULL),
-    SSL_CONF_CMD_STRING(Options, NULL),
-    SSL_CONF_CMD(Certificate, "cert", SSL_CONF_TYPE_FILE),
-    SSL_CONF_CMD(PrivateKey, "key", SSL_CONF_TYPE_FILE),
-    SSL_CONF_CMD(ServerInfoFile, NULL, SSL_CONF_TYPE_FILE),
-#ifndef OPENSSL_NO_DH
-    SSL_CONF_CMD(DHParameters, "dhparam", SSL_CONF_TYPE_FILE)
-#endif
-};
-
-static int ssl_conf_cmd_skip_prefix(SSL_CONF_CTX *cctx, const char **pcmd)
-{
-    if (!pcmd || !*pcmd)
-        return 0;
-    /* If a prefix is set, check and skip */
-    if (cctx->prefix) {
-        if (strlen(*pcmd) <= cctx->prefixlen)
-            return 0;
-        if (cctx->flags & SSL_CONF_FLAG_CMDLINE &&
-            strncmp(*pcmd, cctx->prefix, cctx->prefixlen))
-            return 0;
-        if (cctx->flags & SSL_CONF_FLAG_FILE &&
-            strncasecmp(*pcmd, cctx->prefix, cctx->prefixlen))
-            return 0;
-        *pcmd += cctx->prefixlen;
-    } else if (cctx->flags & SSL_CONF_FLAG_CMDLINE) {
-        if (**pcmd != '-' || !(*pcmd)[1])
-            return 0;
-        *pcmd += 1;
-    }
-    return 1;
-}
-
-static const ssl_conf_cmd_tbl *ssl_conf_cmd_lookup(SSL_CONF_CTX *cctx,
-                                                   const char *cmd)
-{
-    const ssl_conf_cmd_tbl *t;
-    size_t i;
-    if (cmd == NULL)
-        return NULL;
-
-    /* Look for matching parameter name in table */
-    for (i = 0, t = ssl_conf_cmds;
-         i < sizeof(ssl_conf_cmds) / sizeof(ssl_conf_cmd_tbl); i++, t++) {
-        if (cctx->flags & SSL_CONF_FLAG_CMDLINE) {
-            if (t->str_cmdline && !strcmp(t->str_cmdline, cmd))
-                return t;
-        }
-        if (cctx->flags & SSL_CONF_FLAG_FILE) {
-            if (t->str_file && !strcasecmp(t->str_file, cmd))
-                return t;
-        }
-    }
-    return NULL;
-}
-
-int SSL_CONF_cmd(SSL_CONF_CTX *cctx, const char *cmd, const char *value)
-{
-    const ssl_conf_cmd_tbl *runcmd;
-    if (cmd == NULL) {
-        SSLerr(SSL_F_SSL_CONF_CMD, SSL_R_INVALID_NULL_CMD_NAME);
-        return 0;
-    }
-
-    if (!ssl_conf_cmd_skip_prefix(cctx, &cmd))
-        return -2;
-
-    runcmd = ssl_conf_cmd_lookup(cctx, cmd);
-
-    if (runcmd) {
-        int rv;
-        if (value == NULL)
-            return -3;
-        rv = runcmd->cmd(cctx, value);
-        if (rv > 0)
-            return 2;
-        if (rv == -2)
-            return -2;
-        if (cctx->flags & SSL_CONF_FLAG_SHOW_ERRORS) {
-            SSLerr(SSL_F_SSL_CONF_CMD, SSL_R_BAD_VALUE);
-            ERR_add_error_data(4, "cmd=", cmd, ", value=", value);
-        }
-        return 0;
-    }
-
-    if (cctx->flags & SSL_CONF_FLAG_CMDLINE) {
-        if (ctrl_str_option(cctx, cmd))
-            return 1;
-    }
-
-    if (cctx->flags & SSL_CONF_FLAG_SHOW_ERRORS) {
-        SSLerr(SSL_F_SSL_CONF_CMD, SSL_R_UNKNOWN_CMD_NAME);
-        ERR_add_error_data(2, "cmd=", cmd);
-    }
-
-    return -2;
-}
-
-int SSL_CONF_cmd_argv(SSL_CONF_CTX *cctx, int *pargc, char ***pargv)
-{
-    int rv;
-    const char *arg = NULL, *argn;
-    if (pargc && *pargc == 0)
-        return 0;
-    if (!pargc || *pargc > 0)
-        arg = **pargv;
-    if (arg == NULL)
-        return 0;
-    if (!pargc || *pargc > 1)
-        argn = (*pargv)[1];
-    else
-        argn = NULL;
-    cctx->flags &= ~SSL_CONF_FLAG_FILE;
-    cctx->flags |= SSL_CONF_FLAG_CMDLINE;
-    rv = SSL_CONF_cmd(cctx, arg, argn);
-    if (rv > 0) {
-        /* Success: update pargc, pargv */
-        (*pargv) += rv;
-        if (pargc)
-            (*pargc) -= rv;
-        return rv;
-    }
-    /* Unknown switch: indicate no arguments processed */
-    if (rv == -2)
-        return 0;
-    /* Some error occurred processing command, return fatal error */
-    if (rv == 0)
-        return -1;
-    return rv;
-}
-
-int SSL_CONF_cmd_value_type(SSL_CONF_CTX *cctx, const char *cmd)
-{
-    if (ssl_conf_cmd_skip_prefix(cctx, &cmd)) {
-        const ssl_conf_cmd_tbl *runcmd;
-        runcmd = ssl_conf_cmd_lookup(cctx, cmd);
-        if (runcmd)
-            return runcmd->value_type;
-    }
-    return SSL_CONF_TYPE_UNKNOWN;
-}
-
-SSL_CONF_CTX *SSL_CONF_CTX_new(void)
-{
-    SSL_CONF_CTX *ret;
-    ret = OPENSSL_malloc(sizeof(SSL_CONF_CTX));
-    if (ret) {
-        ret->flags = 0;
-        ret->prefix = NULL;
-        ret->prefixlen = 0;
-        ret->ssl = NULL;
-        ret->ctx = NULL;
-        ret->poptions = NULL;
-        ret->pcert_flags = NULL;
-        ret->tbl = NULL;
-        ret->ntbl = 0;
-    }
-    return ret;
-}
-
-int SSL_CONF_CTX_finish(SSL_CONF_CTX *cctx)
-{
-    return 1;
-}
-
-void SSL_CONF_CTX_free(SSL_CONF_CTX *cctx)
-{
-    if (cctx) {
-        if (cctx->prefix)
-            OPENSSL_free(cctx->prefix);
-        OPENSSL_free(cctx);
-    }
-}
-
-unsigned int SSL_CONF_CTX_set_flags(SSL_CONF_CTX *cctx, unsigned int flags)
-{
-    cctx->flags |= flags;
-    return cctx->flags;
-}
-
-unsigned int SSL_CONF_CTX_clear_flags(SSL_CONF_CTX *cctx, unsigned int flags)
-{
-    cctx->flags &= ~flags;
-    return cctx->flags;
-}
-
-int SSL_CONF_CTX_set1_prefix(SSL_CONF_CTX *cctx, const char *pre)
-{
-    char *tmp = NULL;
-    if (pre) {
-        tmp = BUF_strdup(pre);
-        if (tmp == NULL)
-            return 0;
-    }
-    if (cctx->prefix)
-        OPENSSL_free(cctx->prefix);
-    cctx->prefix = tmp;
-    if (tmp)
-        cctx->prefixlen = strlen(tmp);
-    else
-        cctx->prefixlen = 0;
-    return 1;
-}
-
-void SSL_CONF_CTX_set_ssl(SSL_CONF_CTX *cctx, SSL *ssl)
-{
-    cctx->ssl = ssl;
-    cctx->ctx = NULL;
-    if (ssl) {
-        cctx->poptions = &ssl->options;
-        cctx->pcert_flags = &ssl->cert->cert_flags;
-    } else {
-        cctx->poptions = NULL;
-        cctx->pcert_flags = NULL;
-    }
-}
-
-void SSL_CONF_CTX_set_ssl_ctx(SSL_CONF_CTX *cctx, SSL_CTX *ctx)
-{
-    cctx->ctx = ctx;
-    cctx->ssl = NULL;
-    if (ctx) {
-        cctx->poptions = &ctx->options;
-        cctx->pcert_flags = &ctx->cert->cert_flags;
-    } else {
-        cctx->poptions = NULL;
-        cctx->pcert_flags = NULL;
-    }
-}
diff --git a/thirdparty/openssl/ssl/ssl_err.c b/thirdparty/openssl/ssl/ssl_err.c
deleted file mode 100644
index a4c17a6bf3..0000000000
--- a/thirdparty/openssl/ssl/ssl_err.c
+++ /dev/null
@@ -1,840 +0,0 @@
-/* ssl/ssl_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2016 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_SSL,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_SSL,0,reason)
-
-static ERR_STRING_DATA SSL_str_functs[] = {
-    {ERR_FUNC(SSL_F_CHECK_SUITEB_CIPHER_LIST), "CHECK_SUITEB_CIPHER_LIST"},
-    {ERR_FUNC(SSL_F_CLIENT_CERTIFICATE), "CLIENT_CERTIFICATE"},
-    {ERR_FUNC(SSL_F_CLIENT_FINISHED), "CLIENT_FINISHED"},
-    {ERR_FUNC(SSL_F_CLIENT_HELLO), "CLIENT_HELLO"},
-    {ERR_FUNC(SSL_F_CLIENT_MASTER_KEY), "CLIENT_MASTER_KEY"},
-    {ERR_FUNC(SSL_F_D2I_SSL_SESSION), "d2i_SSL_SESSION"},
-    {ERR_FUNC(SSL_F_DO_DTLS1_WRITE), "do_dtls1_write"},
-    {ERR_FUNC(SSL_F_DO_SSL3_WRITE), "DO_SSL3_WRITE"},
-    {ERR_FUNC(SSL_F_DTLS1_ACCEPT), "dtls1_accept"},
-    {ERR_FUNC(SSL_F_DTLS1_ADD_CERT_TO_BUF), "DTLS1_ADD_CERT_TO_BUF"},
-    {ERR_FUNC(SSL_F_DTLS1_BUFFER_RECORD), "DTLS1_BUFFER_RECORD"},
-    {ERR_FUNC(SSL_F_DTLS1_CHECK_TIMEOUT_NUM), "dtls1_check_timeout_num"},
-    {ERR_FUNC(SSL_F_DTLS1_CLIENT_HELLO), "dtls1_client_hello"},
-    {ERR_FUNC(SSL_F_DTLS1_CONNECT), "dtls1_connect"},
-    {ERR_FUNC(SSL_F_DTLS1_GET_HELLO_VERIFY), "DTLS1_GET_HELLO_VERIFY"},
-    {ERR_FUNC(SSL_F_DTLS1_GET_MESSAGE), "dtls1_get_message"},
-    {ERR_FUNC(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT),
-     "DTLS1_GET_MESSAGE_FRAGMENT"},
-    {ERR_FUNC(SSL_F_DTLS1_GET_RECORD), "dtls1_get_record"},
-    {ERR_FUNC(SSL_F_DTLS1_HANDLE_TIMEOUT), "dtls1_handle_timeout"},
-    {ERR_FUNC(SSL_F_DTLS1_HEARTBEAT), "dtls1_heartbeat"},
-    {ERR_FUNC(SSL_F_DTLS1_OUTPUT_CERT_CHAIN), "dtls1_output_cert_chain"},
-    {ERR_FUNC(SSL_F_DTLS1_PREPROCESS_FRAGMENT), "DTLS1_PREPROCESS_FRAGMENT"},
-    {ERR_FUNC(SSL_F_DTLS1_PROCESS_BUFFERED_RECORDS),
-     "DTLS1_PROCESS_BUFFERED_RECORDS"},
-    {ERR_FUNC(SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE),
-     "DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE"},
-    {ERR_FUNC(SSL_F_DTLS1_PROCESS_RECORD), "DTLS1_PROCESS_RECORD"},
-    {ERR_FUNC(SSL_F_DTLS1_READ_BYTES), "dtls1_read_bytes"},
-    {ERR_FUNC(SSL_F_DTLS1_READ_FAILED), "dtls1_read_failed"},
-    {ERR_FUNC(SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST),
-     "dtls1_send_certificate_request"},
-    {ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE),
-     "dtls1_send_client_certificate"},
-    {ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE),
-     "dtls1_send_client_key_exchange"},
-    {ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_VERIFY), "dtls1_send_client_verify"},
-    {ERR_FUNC(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST),
-     "DTLS1_SEND_HELLO_VERIFY_REQUEST"},
-    {ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_CERTIFICATE),
-     "dtls1_send_server_certificate"},
-    {ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_HELLO), "dtls1_send_server_hello"},
-    {ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE),
-     "dtls1_send_server_key_exchange"},
-    {ERR_FUNC(SSL_F_DTLS1_WRITE_APP_DATA_BYTES),
-     "dtls1_write_app_data_bytes"},
-    {ERR_FUNC(SSL_F_GET_CLIENT_FINISHED), "GET_CLIENT_FINISHED"},
-    {ERR_FUNC(SSL_F_GET_CLIENT_HELLO), "GET_CLIENT_HELLO"},
-    {ERR_FUNC(SSL_F_GET_CLIENT_MASTER_KEY), "GET_CLIENT_MASTER_KEY"},
-    {ERR_FUNC(SSL_F_GET_SERVER_FINISHED), "GET_SERVER_FINISHED"},
-    {ERR_FUNC(SSL_F_GET_SERVER_HELLO), "GET_SERVER_HELLO"},
-    {ERR_FUNC(SSL_F_GET_SERVER_STATIC_DH_KEY), "GET_SERVER_STATIC_DH_KEY"},
-    {ERR_FUNC(SSL_F_GET_SERVER_VERIFY), "GET_SERVER_VERIFY"},
-    {ERR_FUNC(SSL_F_I2D_SSL_SESSION), "i2d_SSL_SESSION"},
-    {ERR_FUNC(SSL_F_READ_N), "READ_N"},
-    {ERR_FUNC(SSL_F_REQUEST_CERTIFICATE), "REQUEST_CERTIFICATE"},
-    {ERR_FUNC(SSL_F_SERVER_FINISH), "SERVER_FINISH"},
-    {ERR_FUNC(SSL_F_SERVER_HELLO), "SERVER_HELLO"},
-    {ERR_FUNC(SSL_F_SERVER_VERIFY), "SERVER_VERIFY"},
-    {ERR_FUNC(SSL_F_SSL23_ACCEPT), "ssl23_accept"},
-    {ERR_FUNC(SSL_F_SSL23_CLIENT_HELLO), "SSL23_CLIENT_HELLO"},
-    {ERR_FUNC(SSL_F_SSL23_CONNECT), "ssl23_connect"},
-    {ERR_FUNC(SSL_F_SSL23_GET_CLIENT_HELLO), "SSL23_GET_CLIENT_HELLO"},
-    {ERR_FUNC(SSL_F_SSL23_GET_SERVER_HELLO), "SSL23_GET_SERVER_HELLO"},
-    {ERR_FUNC(SSL_F_SSL23_PEEK), "ssl23_peek"},
-    {ERR_FUNC(SSL_F_SSL23_READ), "ssl23_read"},
-    {ERR_FUNC(SSL_F_SSL23_WRITE), "ssl23_write"},
-    {ERR_FUNC(SSL_F_SSL2_ACCEPT), "ssl2_accept"},
-    {ERR_FUNC(SSL_F_SSL2_CONNECT), "ssl2_connect"},
-    {ERR_FUNC(SSL_F_SSL2_ENC_INIT), "ssl2_enc_init"},
-    {ERR_FUNC(SSL_F_SSL2_GENERATE_KEY_MATERIAL),
-     "ssl2_generate_key_material"},
-    {ERR_FUNC(SSL_F_SSL2_PEEK), "ssl2_peek"},
-    {ERR_FUNC(SSL_F_SSL2_READ), "ssl2_read"},
-    {ERR_FUNC(SSL_F_SSL2_READ_INTERNAL), "SSL2_READ_INTERNAL"},
-    {ERR_FUNC(SSL_F_SSL2_SET_CERTIFICATE), "ssl2_set_certificate"},
-    {ERR_FUNC(SSL_F_SSL2_WRITE), "ssl2_write"},
-    {ERR_FUNC(SSL_F_SSL3_ACCEPT), "ssl3_accept"},
-    {ERR_FUNC(SSL_F_SSL3_ADD_CERT_TO_BUF), "SSL3_ADD_CERT_TO_BUF"},
-    {ERR_FUNC(SSL_F_SSL3_CALLBACK_CTRL), "ssl3_callback_ctrl"},
-    {ERR_FUNC(SSL_F_SSL3_CHANGE_CIPHER_STATE), "ssl3_change_cipher_state"},
-    {ERR_FUNC(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM),
-     "ssl3_check_cert_and_algorithm"},
-    {ERR_FUNC(SSL_F_SSL3_CHECK_CLIENT_HELLO), "ssl3_check_client_hello"},
-    {ERR_FUNC(SSL_F_SSL3_CHECK_FINISHED), "SSL3_CHECK_FINISHED"},
-    {ERR_FUNC(SSL_F_SSL3_CLIENT_HELLO), "ssl3_client_hello"},
-    {ERR_FUNC(SSL_F_SSL3_CONNECT), "ssl3_connect"},
-    {ERR_FUNC(SSL_F_SSL3_CTRL), "ssl3_ctrl"},
-    {ERR_FUNC(SSL_F_SSL3_CTX_CTRL), "ssl3_ctx_ctrl"},
-    {ERR_FUNC(SSL_F_SSL3_DIGEST_CACHED_RECORDS),
-     "ssl3_digest_cached_records"},
-    {ERR_FUNC(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC),
-     "ssl3_do_change_cipher_spec"},
-    {ERR_FUNC(SSL_F_SSL3_ENC), "ssl3_enc"},
-    {ERR_FUNC(SSL_F_SSL3_GENERATE_KEY_BLOCK), "SSL3_GENERATE_KEY_BLOCK"},
-    {ERR_FUNC(SSL_F_SSL3_GENERATE_MASTER_SECRET),
-     "ssl3_generate_master_secret"},
-    {ERR_FUNC(SSL_F_SSL3_GET_CERTIFICATE_REQUEST),
-     "ssl3_get_certificate_request"},
-    {ERR_FUNC(SSL_F_SSL3_GET_CERT_STATUS), "ssl3_get_cert_status"},
-    {ERR_FUNC(SSL_F_SSL3_GET_CERT_VERIFY), "ssl3_get_cert_verify"},
-    {ERR_FUNC(SSL_F_SSL3_GET_CLIENT_CERTIFICATE),
-     "ssl3_get_client_certificate"},
-    {ERR_FUNC(SSL_F_SSL3_GET_CLIENT_HELLO), "ssl3_get_client_hello"},
-    {ERR_FUNC(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE),
-     "ssl3_get_client_key_exchange"},
-    {ERR_FUNC(SSL_F_SSL3_GET_FINISHED), "ssl3_get_finished"},
-    {ERR_FUNC(SSL_F_SSL3_GET_KEY_EXCHANGE), "ssl3_get_key_exchange"},
-    {ERR_FUNC(SSL_F_SSL3_GET_MESSAGE), "ssl3_get_message"},
-    {ERR_FUNC(SSL_F_SSL3_GET_NEW_SESSION_TICKET),
-     "ssl3_get_new_session_ticket"},
-    {ERR_FUNC(SSL_F_SSL3_GET_NEXT_PROTO), "ssl3_get_next_proto"},
-    {ERR_FUNC(SSL_F_SSL3_GET_RECORD), "SSL3_GET_RECORD"},
-    {ERR_FUNC(SSL_F_SSL3_GET_SERVER_CERTIFICATE),
-     "ssl3_get_server_certificate"},
-    {ERR_FUNC(SSL_F_SSL3_GET_SERVER_DONE), "ssl3_get_server_done"},
-    {ERR_FUNC(SSL_F_SSL3_GET_SERVER_HELLO), "ssl3_get_server_hello"},
-    {ERR_FUNC(SSL_F_SSL3_HANDSHAKE_MAC), "ssl3_handshake_mac"},
-    {ERR_FUNC(SSL_F_SSL3_NEW_SESSION_TICKET), "SSL3_NEW_SESSION_TICKET"},
-    {ERR_FUNC(SSL_F_SSL3_OUTPUT_CERT_CHAIN), "ssl3_output_cert_chain"},
-    {ERR_FUNC(SSL_F_SSL3_PEEK), "ssl3_peek"},
-    {ERR_FUNC(SSL_F_SSL3_READ_BYTES), "ssl3_read_bytes"},
-    {ERR_FUNC(SSL_F_SSL3_READ_N), "ssl3_read_n"},
-    {ERR_FUNC(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST),
-     "ssl3_send_certificate_request"},
-    {ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE),
-     "ssl3_send_client_certificate"},
-    {ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE),
-     "ssl3_send_client_key_exchange"},
-    {ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_VERIFY), "ssl3_send_client_verify"},
-    {ERR_FUNC(SSL_F_SSL3_SEND_SERVER_CERTIFICATE),
-     "ssl3_send_server_certificate"},
-    {ERR_FUNC(SSL_F_SSL3_SEND_SERVER_HELLO), "ssl3_send_server_hello"},
-    {ERR_FUNC(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE),
-     "ssl3_send_server_key_exchange"},
-    {ERR_FUNC(SSL_F_SSL3_SETUP_KEY_BLOCK), "ssl3_setup_key_block"},
-    {ERR_FUNC(SSL_F_SSL3_SETUP_READ_BUFFER), "ssl3_setup_read_buffer"},
-    {ERR_FUNC(SSL_F_SSL3_SETUP_WRITE_BUFFER), "ssl3_setup_write_buffer"},
-    {ERR_FUNC(SSL_F_SSL3_WRITE_BYTES), "ssl3_write_bytes"},
-    {ERR_FUNC(SSL_F_SSL3_WRITE_PENDING), "ssl3_write_pending"},
-    {ERR_FUNC(SSL_F_SSL_ADD_CERT_CHAIN), "ssl_add_cert_chain"},
-    {ERR_FUNC(SSL_F_SSL_ADD_CERT_TO_BUF), "SSL_ADD_CERT_TO_BUF"},
-    {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT),
-     "ssl_add_clienthello_renegotiate_ext"},
-    {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT),
-     "ssl_add_clienthello_tlsext"},
-    {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT),
-     "ssl_add_clienthello_use_srtp_ext"},
-    {ERR_FUNC(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK),
-     "SSL_add_dir_cert_subjects_to_stack"},
-    {ERR_FUNC(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK),
-     "SSL_add_file_cert_subjects_to_stack"},
-    {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT),
-     "ssl_add_serverhello_renegotiate_ext"},
-    {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT),
-     "ssl_add_serverhello_tlsext"},
-    {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT),
-     "ssl_add_serverhello_use_srtp_ext"},
-    {ERR_FUNC(SSL_F_SSL_BAD_METHOD), "ssl_bad_method"},
-    {ERR_FUNC(SSL_F_SSL_BUILD_CERT_CHAIN), "ssl_build_cert_chain"},
-    {ERR_FUNC(SSL_F_SSL_BYTES_TO_CIPHER_LIST), "ssl_bytes_to_cipher_list"},
-    {ERR_FUNC(SSL_F_SSL_CERT_DUP), "ssl_cert_dup"},
-    {ERR_FUNC(SSL_F_SSL_CERT_INST), "ssl_cert_inst"},
-    {ERR_FUNC(SSL_F_SSL_CERT_INSTANTIATE), "SSL_CERT_INSTANTIATE"},
-    {ERR_FUNC(SSL_F_SSL_CERT_NEW), "ssl_cert_new"},
-    {ERR_FUNC(SSL_F_SSL_CHECK_PRIVATE_KEY), "SSL_check_private_key"},
-    {ERR_FUNC(SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT),
-     "SSL_CHECK_SERVERHELLO_TLSEXT"},
-    {ERR_FUNC(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG),
-     "ssl_check_srvr_ecc_cert_and_alg"},
-    {ERR_FUNC(SSL_F_SSL_CIPHER_PROCESS_RULESTR),
-     "SSL_CIPHER_PROCESS_RULESTR"},
-    {ERR_FUNC(SSL_F_SSL_CIPHER_STRENGTH_SORT), "SSL_CIPHER_STRENGTH_SORT"},
-    {ERR_FUNC(SSL_F_SSL_CLEAR), "SSL_clear"},
-    {ERR_FUNC(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD),
-     "SSL_COMP_add_compression_method"},
-    {ERR_FUNC(SSL_F_SSL_CONF_CMD), "SSL_CONF_cmd"},
-    {ERR_FUNC(SSL_F_SSL_CREATE_CIPHER_LIST), "ssl_create_cipher_list"},
-    {ERR_FUNC(SSL_F_SSL_CTRL), "SSL_ctrl"},
-    {ERR_FUNC(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY), "SSL_CTX_check_private_key"},
-    {ERR_FUNC(SSL_F_SSL_CTX_MAKE_PROFILES), "SSL_CTX_MAKE_PROFILES"},
-    {ERR_FUNC(SSL_F_SSL_CTX_NEW), "SSL_CTX_new"},
-    {ERR_FUNC(SSL_F_SSL_CTX_SET_CIPHER_LIST), "SSL_CTX_set_cipher_list"},
-    {ERR_FUNC(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE),
-     "SSL_CTX_set_client_cert_engine"},
-    {ERR_FUNC(SSL_F_SSL_CTX_SET_PURPOSE), "SSL_CTX_set_purpose"},
-    {ERR_FUNC(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT),
-     "SSL_CTX_set_session_id_context"},
-    {ERR_FUNC(SSL_F_SSL_CTX_SET_SSL_VERSION), "SSL_CTX_set_ssl_version"},
-    {ERR_FUNC(SSL_F_SSL_CTX_SET_TRUST), "SSL_CTX_set_trust"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE), "SSL_CTX_use_certificate"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1),
-     "SSL_CTX_use_certificate_ASN1"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE),
-     "SSL_CTX_use_certificate_chain_file"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE),
-     "SSL_CTX_use_certificate_file"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY), "SSL_CTX_use_PrivateKey"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1),
-     "SSL_CTX_use_PrivateKey_ASN1"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE),
-     "SSL_CTX_use_PrivateKey_file"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT),
-     "SSL_CTX_use_psk_identity_hint"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY), "SSL_CTX_use_RSAPrivateKey"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1),
-     "SSL_CTX_use_RSAPrivateKey_ASN1"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE),
-     "SSL_CTX_use_RSAPrivateKey_file"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_SERVERINFO), "SSL_CTX_use_serverinfo"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_SERVERINFO_FILE),
-     "SSL_CTX_use_serverinfo_file"},
-    {ERR_FUNC(SSL_F_SSL_DO_HANDSHAKE), "SSL_do_handshake"},
-    {ERR_FUNC(SSL_F_SSL_GET_NEW_SESSION), "ssl_get_new_session"},
-    {ERR_FUNC(SSL_F_SSL_GET_PREV_SESSION), "ssl_get_prev_session"},
-    {ERR_FUNC(SSL_F_SSL_GET_SERVER_CERT_INDEX), "SSL_GET_SERVER_CERT_INDEX"},
-    {ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_CERT), "SSL_GET_SERVER_SEND_CERT"},
-    {ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_PKEY), "ssl_get_server_send_pkey"},
-    {ERR_FUNC(SSL_F_SSL_GET_SIGN_PKEY), "ssl_get_sign_pkey"},
-    {ERR_FUNC(SSL_F_SSL_INIT_WBIO_BUFFER), "ssl_init_wbio_buffer"},
-    {ERR_FUNC(SSL_F_SSL_LOAD_CLIENT_CA_FILE), "SSL_load_client_CA_file"},
-    {ERR_FUNC(SSL_F_SSL_NEW), "SSL_new"},
-    {ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT),
-     "ssl_parse_clienthello_renegotiate_ext"},
-    {ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT),
-     "ssl_parse_clienthello_tlsext"},
-    {ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT),
-     "ssl_parse_clienthello_use_srtp_ext"},
-    {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT),
-     "ssl_parse_serverhello_renegotiate_ext"},
-    {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT),
-     "ssl_parse_serverhello_tlsext"},
-    {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT),
-     "ssl_parse_serverhello_use_srtp_ext"},
-    {ERR_FUNC(SSL_F_SSL_PEEK), "SSL_peek"},
-    {ERR_FUNC(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT),
-     "ssl_prepare_clienthello_tlsext"},
-    {ERR_FUNC(SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT),
-     "ssl_prepare_serverhello_tlsext"},
-    {ERR_FUNC(SSL_F_SSL_READ), "SSL_read"},
-    {ERR_FUNC(SSL_F_SSL_RSA_PRIVATE_DECRYPT), "SSL_RSA_PRIVATE_DECRYPT"},
-    {ERR_FUNC(SSL_F_SSL_RSA_PUBLIC_ENCRYPT), "SSL_RSA_PUBLIC_ENCRYPT"},
-    {ERR_FUNC(SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT),
-     "SSL_SCAN_CLIENTHELLO_TLSEXT"},
-    {ERR_FUNC(SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT),
-     "SSL_SCAN_SERVERHELLO_TLSEXT"},
-    {ERR_FUNC(SSL_F_SSL_SESSION_DUP), "ssl_session_dup"},
-    {ERR_FUNC(SSL_F_SSL_SESSION_NEW), "SSL_SESSION_new"},
-    {ERR_FUNC(SSL_F_SSL_SESSION_PRINT_FP), "SSL_SESSION_print_fp"},
-    {ERR_FUNC(SSL_F_SSL_SESSION_SET1_ID_CONTEXT),
-     "SSL_SESSION_set1_id_context"},
-    {ERR_FUNC(SSL_F_SSL_SESS_CERT_NEW), "ssl_sess_cert_new"},
-    {ERR_FUNC(SSL_F_SSL_SET_CERT), "SSL_SET_CERT"},
-    {ERR_FUNC(SSL_F_SSL_SET_CIPHER_LIST), "SSL_set_cipher_list"},
-    {ERR_FUNC(SSL_F_SSL_SET_FD), "SSL_set_fd"},
-    {ERR_FUNC(SSL_F_SSL_SET_PKEY), "SSL_SET_PKEY"},
-    {ERR_FUNC(SSL_F_SSL_SET_PURPOSE), "SSL_set_purpose"},
-    {ERR_FUNC(SSL_F_SSL_SET_RFD), "SSL_set_rfd"},
-    {ERR_FUNC(SSL_F_SSL_SET_SESSION), "SSL_set_session"},
-    {ERR_FUNC(SSL_F_SSL_SET_SESSION_ID_CONTEXT),
-     "SSL_set_session_id_context"},
-    {ERR_FUNC(SSL_F_SSL_SET_SESSION_TICKET_EXT),
-     "SSL_set_session_ticket_ext"},
-    {ERR_FUNC(SSL_F_SSL_SET_TRUST), "SSL_set_trust"},
-    {ERR_FUNC(SSL_F_SSL_SET_WFD), "SSL_set_wfd"},
-    {ERR_FUNC(SSL_F_SSL_SHUTDOWN), "SSL_shutdown"},
-    {ERR_FUNC(SSL_F_SSL_SRP_CTX_INIT), "SSL_SRP_CTX_init"},
-    {ERR_FUNC(SSL_F_SSL_UNDEFINED_CONST_FUNCTION),
-     "ssl_undefined_const_function"},
-    {ERR_FUNC(SSL_F_SSL_UNDEFINED_FUNCTION), "ssl_undefined_function"},
-    {ERR_FUNC(SSL_F_SSL_UNDEFINED_VOID_FUNCTION),
-     "ssl_undefined_void_function"},
-    {ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE), "SSL_use_certificate"},
-    {ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE_ASN1), "SSL_use_certificate_ASN1"},
-    {ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE_FILE), "SSL_use_certificate_file"},
-    {ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY), "SSL_use_PrivateKey"},
-    {ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_ASN1), "SSL_use_PrivateKey_ASN1"},
-    {ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_FILE), "SSL_use_PrivateKey_file"},
-    {ERR_FUNC(SSL_F_SSL_USE_PSK_IDENTITY_HINT), "SSL_use_psk_identity_hint"},
-    {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY), "SSL_use_RSAPrivateKey"},
-    {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1),
-     "SSL_use_RSAPrivateKey_ASN1"},
-    {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE),
-     "SSL_use_RSAPrivateKey_file"},
-    {ERR_FUNC(SSL_F_SSL_VERIFY_CERT_CHAIN), "ssl_verify_cert_chain"},
-    {ERR_FUNC(SSL_F_SSL_WRITE), "SSL_write"},
-    {ERR_FUNC(SSL_F_TLS12_CHECK_PEER_SIGALG), "tls12_check_peer_sigalg"},
-    {ERR_FUNC(SSL_F_TLS1_CERT_VERIFY_MAC), "tls1_cert_verify_mac"},
-    {ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE), "tls1_change_cipher_state"},
-    {ERR_FUNC(SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT),
-     "TLS1_CHECK_SERVERHELLO_TLSEXT"},
-    {ERR_FUNC(SSL_F_TLS1_ENC), "tls1_enc"},
-    {ERR_FUNC(SSL_F_TLS1_EXPORT_KEYING_MATERIAL),
-     "tls1_export_keying_material"},
-    {ERR_FUNC(SSL_F_TLS1_GET_CURVELIST), "TLS1_GET_CURVELIST"},
-    {ERR_FUNC(SSL_F_TLS1_HEARTBEAT), "tls1_heartbeat"},
-    {ERR_FUNC(SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT),
-     "TLS1_PREPARE_CLIENTHELLO_TLSEXT"},
-    {ERR_FUNC(SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT),
-     "TLS1_PREPARE_SERVERHELLO_TLSEXT"},
-    {ERR_FUNC(SSL_F_TLS1_PRF), "tls1_prf"},
-    {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK), "tls1_setup_key_block"},
-    {ERR_FUNC(SSL_F_TLS1_SET_SERVER_SIGALGS), "tls1_set_server_sigalgs"},
-    {ERR_FUNC(SSL_F_WRITE_PENDING), "WRITE_PENDING"},
-    {0, NULL}
-};
-
-static ERR_STRING_DATA SSL_str_reasons[] = {
-    {ERR_REASON(SSL_R_APP_DATA_IN_HANDSHAKE), "app data in handshake"},
-    {ERR_REASON(SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT),
-     "attempt to reuse session in different context"},
-    {ERR_REASON(SSL_R_BAD_ALERT_RECORD), "bad alert record"},
-    {ERR_REASON(SSL_R_BAD_AUTHENTICATION_TYPE), "bad authentication type"},
-    {ERR_REASON(SSL_R_BAD_CHANGE_CIPHER_SPEC), "bad change cipher spec"},
-    {ERR_REASON(SSL_R_BAD_CHECKSUM), "bad checksum"},
-    {ERR_REASON(SSL_R_BAD_DATA), "bad data"},
-    {ERR_REASON(SSL_R_BAD_DATA_RETURNED_BY_CALLBACK),
-     "bad data returned by callback"},
-    {ERR_REASON(SSL_R_BAD_DECOMPRESSION), "bad decompression"},
-    {ERR_REASON(SSL_R_BAD_DH_G_LENGTH), "bad dh g length"},
-    {ERR_REASON(SSL_R_BAD_DH_G_VALUE), "bad dh g value"},
-    {ERR_REASON(SSL_R_BAD_DH_PUB_KEY_LENGTH), "bad dh pub key length"},
-    {ERR_REASON(SSL_R_BAD_DH_PUB_KEY_VALUE), "bad dh pub key value"},
-    {ERR_REASON(SSL_R_BAD_DH_P_LENGTH), "bad dh p length"},
-    {ERR_REASON(SSL_R_BAD_DH_P_VALUE), "bad dh p value"},
-    {ERR_REASON(SSL_R_BAD_DIGEST_LENGTH), "bad digest length"},
-    {ERR_REASON(SSL_R_BAD_DSA_SIGNATURE), "bad dsa signature"},
-    {ERR_REASON(SSL_R_BAD_ECC_CERT), "bad ecc cert"},
-    {ERR_REASON(SSL_R_BAD_ECDSA_SIGNATURE), "bad ecdsa signature"},
-    {ERR_REASON(SSL_R_BAD_ECPOINT), "bad ecpoint"},
-    {ERR_REASON(SSL_R_BAD_HANDSHAKE_LENGTH), "bad handshake length"},
-    {ERR_REASON(SSL_R_BAD_HELLO_REQUEST), "bad hello request"},
-    {ERR_REASON(SSL_R_BAD_LENGTH), "bad length"},
-    {ERR_REASON(SSL_R_BAD_MAC_DECODE), "bad mac decode"},
-    {ERR_REASON(SSL_R_BAD_MAC_LENGTH), "bad mac length"},
-    {ERR_REASON(SSL_R_BAD_MESSAGE_TYPE), "bad message type"},
-    {ERR_REASON(SSL_R_BAD_PACKET_LENGTH), "bad packet length"},
-    {ERR_REASON(SSL_R_BAD_PROTOCOL_VERSION_NUMBER),
-     "bad protocol version number"},
-    {ERR_REASON(SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH),
-     "bad psk identity hint length"},
-    {ERR_REASON(SSL_R_BAD_RESPONSE_ARGUMENT), "bad response argument"},
-    {ERR_REASON(SSL_R_BAD_RSA_DECRYPT), "bad rsa decrypt"},
-    {ERR_REASON(SSL_R_BAD_RSA_ENCRYPT), "bad rsa encrypt"},
-    {ERR_REASON(SSL_R_BAD_RSA_E_LENGTH), "bad rsa e length"},
-    {ERR_REASON(SSL_R_BAD_RSA_MODULUS_LENGTH), "bad rsa modulus length"},
-    {ERR_REASON(SSL_R_BAD_RSA_SIGNATURE), "bad rsa signature"},
-    {ERR_REASON(SSL_R_BAD_SIGNATURE), "bad signature"},
-    {ERR_REASON(SSL_R_BAD_SRP_A_LENGTH), "bad srp a length"},
-    {ERR_REASON(SSL_R_BAD_SRP_B_LENGTH), "bad srp b length"},
-    {ERR_REASON(SSL_R_BAD_SRP_G_LENGTH), "bad srp g length"},
-    {ERR_REASON(SSL_R_BAD_SRP_N_LENGTH), "bad srp n length"},
-    {ERR_REASON(SSL_R_BAD_SRP_PARAMETERS), "bad srp parameters"},
-    {ERR_REASON(SSL_R_BAD_SRP_S_LENGTH), "bad srp s length"},
-    {ERR_REASON(SSL_R_BAD_SRTP_MKI_VALUE), "bad srtp mki value"},
-    {ERR_REASON(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST),
-     "bad srtp protection profile list"},
-    {ERR_REASON(SSL_R_BAD_SSL_FILETYPE), "bad ssl filetype"},
-    {ERR_REASON(SSL_R_BAD_SSL_SESSION_ID_LENGTH),
-     "bad ssl session id length"},
-    {ERR_REASON(SSL_R_BAD_STATE), "bad state"},
-    {ERR_REASON(SSL_R_BAD_VALUE), "bad value"},
-    {ERR_REASON(SSL_R_BAD_WRITE_RETRY), "bad write retry"},
-    {ERR_REASON(SSL_R_BIO_NOT_SET), "bio not set"},
-    {ERR_REASON(SSL_R_BLOCK_CIPHER_PAD_IS_WRONG),
-     "block cipher pad is wrong"},
-    {ERR_REASON(SSL_R_BN_LIB), "bn lib"},
-    {ERR_REASON(SSL_R_CA_DN_LENGTH_MISMATCH), "ca dn length mismatch"},
-    {ERR_REASON(SSL_R_CA_DN_TOO_LONG), "ca dn too long"},
-    {ERR_REASON(SSL_R_CCS_RECEIVED_EARLY), "ccs received early"},
-    {ERR_REASON(SSL_R_CERTIFICATE_VERIFY_FAILED),
-     "certificate verify failed"},
-    {ERR_REASON(SSL_R_CERT_CB_ERROR), "cert cb error"},
-    {ERR_REASON(SSL_R_CERT_LENGTH_MISMATCH), "cert length mismatch"},
-    {ERR_REASON(SSL_R_CHALLENGE_IS_DIFFERENT), "challenge is different"},
-    {ERR_REASON(SSL_R_CIPHER_CODE_WRONG_LENGTH), "cipher code wrong length"},
-    {ERR_REASON(SSL_R_CIPHER_OR_HASH_UNAVAILABLE),
-     "cipher or hash unavailable"},
-    {ERR_REASON(SSL_R_CIPHER_TABLE_SRC_ERROR), "cipher table src error"},
-    {ERR_REASON(SSL_R_CLIENTHELLO_TLSEXT), "clienthello tlsext"},
-    {ERR_REASON(SSL_R_COMPRESSED_LENGTH_TOO_LONG),
-     "compressed length too long"},
-    {ERR_REASON(SSL_R_COMPRESSION_DISABLED), "compression disabled"},
-    {ERR_REASON(SSL_R_COMPRESSION_FAILURE), "compression failure"},
-    {ERR_REASON(SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE),
-     "compression id not within private range"},
-    {ERR_REASON(SSL_R_COMPRESSION_LIBRARY_ERROR),
-     "compression library error"},
-    {ERR_REASON(SSL_R_CONNECTION_ID_IS_DIFFERENT),
-     "connection id is different"},
-    {ERR_REASON(SSL_R_CONNECTION_TYPE_NOT_SET), "connection type not set"},
-    {ERR_REASON(SSL_R_COOKIE_MISMATCH), "cookie mismatch"},
-    {ERR_REASON(SSL_R_DATA_BETWEEN_CCS_AND_FINISHED),
-     "data between ccs and finished"},
-    {ERR_REASON(SSL_R_DATA_LENGTH_TOO_LONG), "data length too long"},
-    {ERR_REASON(SSL_R_DECRYPTION_FAILED), "decryption failed"},
-    {ERR_REASON(SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC),
-     "decryption failed or bad record mac"},
-    {ERR_REASON(SSL_R_DH_KEY_TOO_SMALL), "dh key too small"},
-    {ERR_REASON(SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG),
-     "dh public value length is wrong"},
-    {ERR_REASON(SSL_R_DIGEST_CHECK_FAILED), "digest check failed"},
-    {ERR_REASON(SSL_R_DTLS_MESSAGE_TOO_BIG), "dtls message too big"},
-    {ERR_REASON(SSL_R_DUPLICATE_COMPRESSION_ID), "duplicate compression id"},
-    {ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT),
-     "ecc cert not for key agreement"},
-    {ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_SIGNING), "ecc cert not for signing"},
-    {ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE),
-     "ecc cert should have rsa signature"},
-    {ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE),
-     "ecc cert should have sha1 signature"},
-    {ERR_REASON(SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE),
-     "ecdh required for suiteb mode"},
-    {ERR_REASON(SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER),
-     "ecgroup too large for cipher"},
-    {ERR_REASON(SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST),
-     "empty srtp protection profile list"},
-    {ERR_REASON(SSL_R_ENCRYPTED_LENGTH_TOO_LONG),
-     "encrypted length too long"},
-    {ERR_REASON(SSL_R_ERROR_GENERATING_TMP_RSA_KEY),
-     "error generating tmp rsa key"},
-    {ERR_REASON(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST),
-     "error in received cipher list"},
-    {ERR_REASON(SSL_R_EXCESSIVE_MESSAGE_SIZE), "excessive message size"},
-    {ERR_REASON(SSL_R_EXTRA_DATA_IN_MESSAGE), "extra data in message"},
-    {ERR_REASON(SSL_R_GOT_A_FIN_BEFORE_A_CCS), "got a fin before a ccs"},
-    {ERR_REASON(SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS),
-     "got next proto before a ccs"},
-    {ERR_REASON(SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION),
-     "got next proto without seeing extension"},
-    {ERR_REASON(SSL_R_HTTPS_PROXY_REQUEST), "https proxy request"},
-    {ERR_REASON(SSL_R_HTTP_REQUEST), "http request"},
-    {ERR_REASON(SSL_R_ILLEGAL_PADDING), "illegal padding"},
-    {ERR_REASON(SSL_R_ILLEGAL_SUITEB_DIGEST), "illegal Suite B digest"},
-    {ERR_REASON(SSL_R_INAPPROPRIATE_FALLBACK), "inappropriate fallback"},
-    {ERR_REASON(SSL_R_INCONSISTENT_COMPRESSION), "inconsistent compression"},
-    {ERR_REASON(SSL_R_INVALID_CHALLENGE_LENGTH), "invalid challenge length"},
-    {ERR_REASON(SSL_R_INVALID_COMMAND), "invalid command"},
-    {ERR_REASON(SSL_R_INVALID_COMPRESSION_ALGORITHM),
-     "invalid compression algorithm"},
-    {ERR_REASON(SSL_R_INVALID_NULL_CMD_NAME), "invalid null cmd name"},
-    {ERR_REASON(SSL_R_INVALID_PURPOSE), "invalid purpose"},
-    {ERR_REASON(SSL_R_INVALID_SERVERINFO_DATA), "invalid serverinfo data"},
-    {ERR_REASON(SSL_R_INVALID_SRP_USERNAME), "invalid srp username"},
-    {ERR_REASON(SSL_R_INVALID_STATUS_RESPONSE), "invalid status response"},
-    {ERR_REASON(SSL_R_INVALID_TICKET_KEYS_LENGTH),
-     "invalid ticket keys length"},
-    {ERR_REASON(SSL_R_INVALID_TRUST), "invalid trust"},
-    {ERR_REASON(SSL_R_KEY_ARG_TOO_LONG), "key arg too long"},
-    {ERR_REASON(SSL_R_KRB5), "krb5"},
-    {ERR_REASON(SSL_R_KRB5_C_CC_PRINC), "krb5 client cc principal (no tkt?)"},
-    {ERR_REASON(SSL_R_KRB5_C_GET_CRED), "krb5 client get cred"},
-    {ERR_REASON(SSL_R_KRB5_C_INIT), "krb5 client init"},
-    {ERR_REASON(SSL_R_KRB5_C_MK_REQ), "krb5 client mk_req (expired tkt?)"},
-    {ERR_REASON(SSL_R_KRB5_S_BAD_TICKET), "krb5 server bad ticket"},
-    {ERR_REASON(SSL_R_KRB5_S_INIT), "krb5 server init"},
-    {ERR_REASON(SSL_R_KRB5_S_RD_REQ), "krb5 server rd_req (keytab perms?)"},
-    {ERR_REASON(SSL_R_KRB5_S_TKT_EXPIRED), "krb5 server tkt expired"},
-    {ERR_REASON(SSL_R_KRB5_S_TKT_NYV), "krb5 server tkt not yet valid"},
-    {ERR_REASON(SSL_R_KRB5_S_TKT_SKEW), "krb5 server tkt skew"},
-    {ERR_REASON(SSL_R_LENGTH_MISMATCH), "length mismatch"},
-    {ERR_REASON(SSL_R_LENGTH_TOO_SHORT), "length too short"},
-    {ERR_REASON(SSL_R_LIBRARY_BUG), "library bug"},
-    {ERR_REASON(SSL_R_LIBRARY_HAS_NO_CIPHERS), "library has no ciphers"},
-    {ERR_REASON(SSL_R_MESSAGE_TOO_LONG), "message too long"},
-    {ERR_REASON(SSL_R_MISSING_DH_DSA_CERT), "missing dh dsa cert"},
-    {ERR_REASON(SSL_R_MISSING_DH_KEY), "missing dh key"},
-    {ERR_REASON(SSL_R_MISSING_DH_RSA_CERT), "missing dh rsa cert"},
-    {ERR_REASON(SSL_R_MISSING_DSA_SIGNING_CERT), "missing dsa signing cert"},
-    {ERR_REASON(SSL_R_MISSING_ECDH_CERT), "missing ecdh cert"},
-    {ERR_REASON(SSL_R_MISSING_ECDSA_SIGNING_CERT),
-     "missing ecdsa signing cert"},
-    {ERR_REASON(SSL_R_MISSING_EXPORT_TMP_DH_KEY),
-     "missing export tmp dh key"},
-    {ERR_REASON(SSL_R_MISSING_EXPORT_TMP_RSA_KEY),
-     "missing export tmp rsa key"},
-    {ERR_REASON(SSL_R_MISSING_RSA_CERTIFICATE), "missing rsa certificate"},
-    {ERR_REASON(SSL_R_MISSING_RSA_ENCRYPTING_CERT),
-     "missing rsa encrypting cert"},
-    {ERR_REASON(SSL_R_MISSING_RSA_SIGNING_CERT), "missing rsa signing cert"},
-    {ERR_REASON(SSL_R_MISSING_SRP_PARAM), "can't find SRP server param"},
-    {ERR_REASON(SSL_R_MISSING_TMP_DH_KEY), "missing tmp dh key"},
-    {ERR_REASON(SSL_R_MISSING_TMP_ECDH_KEY), "missing tmp ecdh key"},
-    {ERR_REASON(SSL_R_MISSING_TMP_RSA_KEY), "missing tmp rsa key"},
-    {ERR_REASON(SSL_R_MISSING_TMP_RSA_PKEY), "missing tmp rsa pkey"},
-    {ERR_REASON(SSL_R_MISSING_VERIFY_MESSAGE), "missing verify message"},
-    {ERR_REASON(SSL_R_MULTIPLE_SGC_RESTARTS), "multiple sgc restarts"},
-    {ERR_REASON(SSL_R_NON_SSLV2_INITIAL_PACKET), "non sslv2 initial packet"},
-    {ERR_REASON(SSL_R_NO_CERTIFICATES_RETURNED), "no certificates returned"},
-    {ERR_REASON(SSL_R_NO_CERTIFICATE_ASSIGNED), "no certificate assigned"},
-    {ERR_REASON(SSL_R_NO_CERTIFICATE_RETURNED), "no certificate returned"},
-    {ERR_REASON(SSL_R_NO_CERTIFICATE_SET), "no certificate set"},
-    {ERR_REASON(SSL_R_NO_CERTIFICATE_SPECIFIED), "no certificate specified"},
-    {ERR_REASON(SSL_R_NO_CIPHERS_AVAILABLE), "no ciphers available"},
-    {ERR_REASON(SSL_R_NO_CIPHERS_PASSED), "no ciphers passed"},
-    {ERR_REASON(SSL_R_NO_CIPHERS_SPECIFIED), "no ciphers specified"},
-    {ERR_REASON(SSL_R_NO_CIPHER_LIST), "no cipher list"},
-    {ERR_REASON(SSL_R_NO_CIPHER_MATCH), "no cipher match"},
-    {ERR_REASON(SSL_R_NO_CLIENT_CERT_METHOD), "no client cert method"},
-    {ERR_REASON(SSL_R_NO_CLIENT_CERT_RECEIVED), "no client cert received"},
-    {ERR_REASON(SSL_R_NO_COMPRESSION_SPECIFIED), "no compression specified"},
-    {ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER),
-     "Peer haven't sent GOST certificate, required for selected ciphersuite"},
-    {ERR_REASON(SSL_R_NO_METHOD_SPECIFIED), "no method specified"},
-    {ERR_REASON(SSL_R_NO_PEM_EXTENSIONS), "no pem extensions"},
-    {ERR_REASON(SSL_R_NO_PRIVATEKEY), "no privatekey"},
-    {ERR_REASON(SSL_R_NO_PRIVATE_KEY_ASSIGNED), "no private key assigned"},
-    {ERR_REASON(SSL_R_NO_PROTOCOLS_AVAILABLE), "no protocols available"},
-    {ERR_REASON(SSL_R_NO_PUBLICKEY), "no publickey"},
-    {ERR_REASON(SSL_R_NO_RENEGOTIATION), "no renegotiation"},
-    {ERR_REASON(SSL_R_NO_REQUIRED_DIGEST),
-     "digest requred for handshake isn't computed"},
-    {ERR_REASON(SSL_R_NO_SHARED_CIPHER), "no shared cipher"},
-    {ERR_REASON(SSL_R_NO_SHARED_SIGATURE_ALGORITHMS),
-     "no shared sigature algorithms"},
-    {ERR_REASON(SSL_R_NO_SRTP_PROFILES), "no srtp profiles"},
-    {ERR_REASON(SSL_R_NO_VERIFY_CALLBACK), "no verify callback"},
-    {ERR_REASON(SSL_R_NULL_SSL_CTX), "null ssl ctx"},
-    {ERR_REASON(SSL_R_NULL_SSL_METHOD_PASSED), "null ssl method passed"},
-    {ERR_REASON(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED),
-     "old session cipher not returned"},
-    {ERR_REASON(SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED),
-     "old session compression algorithm not returned"},
-    {ERR_REASON(SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE),
-     "only DTLS 1.2 allowed in Suite B mode"},
-    {ERR_REASON(SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE),
-     "only TLS 1.2 allowed in Suite B mode"},
-    {ERR_REASON(SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE),
-     "only tls allowed in fips mode"},
-    {ERR_REASON(SSL_R_OPAQUE_PRF_INPUT_TOO_LONG),
-     "opaque PRF input too long"},
-    {ERR_REASON(SSL_R_PACKET_LENGTH_TOO_LONG), "packet length too long"},
-    {ERR_REASON(SSL_R_PARSE_TLSEXT), "parse tlsext"},
-    {ERR_REASON(SSL_R_PATH_TOO_LONG), "path too long"},
-    {ERR_REASON(SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE),
-     "peer did not return a certificate"},
-    {ERR_REASON(SSL_R_PEER_ERROR), "peer error"},
-    {ERR_REASON(SSL_R_PEER_ERROR_CERTIFICATE), "peer error certificate"},
-    {ERR_REASON(SSL_R_PEER_ERROR_NO_CERTIFICATE),
-     "peer error no certificate"},
-    {ERR_REASON(SSL_R_PEER_ERROR_NO_CIPHER), "peer error no cipher"},
-    {ERR_REASON(SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE),
-     "peer error unsupported certificate type"},
-    {ERR_REASON(SSL_R_PEM_NAME_BAD_PREFIX), "pem name bad prefix"},
-    {ERR_REASON(SSL_R_PEM_NAME_TOO_SHORT), "pem name too short"},
-    {ERR_REASON(SSL_R_PRE_MAC_LENGTH_TOO_LONG), "pre mac length too long"},
-    {ERR_REASON(SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS),
-     "problems mapping cipher functions"},
-    {ERR_REASON(SSL_R_PROTOCOL_IS_SHUTDOWN), "protocol is shutdown"},
-    {ERR_REASON(SSL_R_PSK_IDENTITY_NOT_FOUND), "psk identity not found"},
-    {ERR_REASON(SSL_R_PSK_NO_CLIENT_CB), "psk no client cb"},
-    {ERR_REASON(SSL_R_PSK_NO_SERVER_CB), "psk no server cb"},
-    {ERR_REASON(SSL_R_PUBLIC_KEY_ENCRYPT_ERROR), "public key encrypt error"},
-    {ERR_REASON(SSL_R_PUBLIC_KEY_IS_NOT_RSA), "public key is not rsa"},
-    {ERR_REASON(SSL_R_PUBLIC_KEY_NOT_RSA), "public key not rsa"},
-    {ERR_REASON(SSL_R_READ_BIO_NOT_SET), "read bio not set"},
-    {ERR_REASON(SSL_R_READ_TIMEOUT_EXPIRED), "read timeout expired"},
-    {ERR_REASON(SSL_R_READ_WRONG_PACKET_TYPE), "read wrong packet type"},
-    {ERR_REASON(SSL_R_RECORD_LENGTH_MISMATCH), "record length mismatch"},
-    {ERR_REASON(SSL_R_RECORD_TOO_LARGE), "record too large"},
-    {ERR_REASON(SSL_R_RECORD_TOO_SMALL), "record too small"},
-    {ERR_REASON(SSL_R_RENEGOTIATE_EXT_TOO_LONG), "renegotiate ext too long"},
-    {ERR_REASON(SSL_R_RENEGOTIATION_ENCODING_ERR),
-     "renegotiation encoding err"},
-    {ERR_REASON(SSL_R_RENEGOTIATION_MISMATCH), "renegotiation mismatch"},
-    {ERR_REASON(SSL_R_REQUIRED_CIPHER_MISSING), "required cipher missing"},
-    {ERR_REASON(SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING),
-     "required compresssion algorithm missing"},
-    {ERR_REASON(SSL_R_REUSE_CERT_LENGTH_NOT_ZERO),
-     "reuse cert length not zero"},
-    {ERR_REASON(SSL_R_REUSE_CERT_TYPE_NOT_ZERO), "reuse cert type not zero"},
-    {ERR_REASON(SSL_R_REUSE_CIPHER_LIST_NOT_ZERO),
-     "reuse cipher list not zero"},
-    {ERR_REASON(SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING),
-     "scsv received when renegotiating"},
-    {ERR_REASON(SSL_R_SERVERHELLO_TLSEXT), "serverhello tlsext"},
-    {ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED),
-     "session id context uninitialized"},
-    {ERR_REASON(SSL_R_SHORT_READ), "short read"},
-    {ERR_REASON(SSL_R_SHUTDOWN_WHILE_IN_INIT), "shutdown while in init"},
-    {ERR_REASON(SSL_R_SIGNATURE_ALGORITHMS_ERROR),
-     "signature algorithms error"},
-    {ERR_REASON(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE),
-     "signature for non signing certificate"},
-    {ERR_REASON(SSL_R_SRP_A_CALC), "error with the srp params"},
-    {ERR_REASON(SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES),
-     "srtp could not allocate profiles"},
-    {ERR_REASON(SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG),
-     "srtp protection profile list too long"},
-    {ERR_REASON(SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE),
-     "srtp unknown protection profile"},
-    {ERR_REASON(SSL_R_SSL23_DOING_SESSION_ID_REUSE),
-     "ssl23 doing session id reuse"},
-    {ERR_REASON(SSL_R_SSL2_CONNECTION_ID_TOO_LONG),
-     "ssl2 connection id too long"},
-    {ERR_REASON(SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT),
-     "ssl3 ext invalid ecpointformat"},
-    {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME),
-     "ssl3 ext invalid servername"},
-    {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE),
-     "ssl3 ext invalid servername type"},
-    {ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_LONG), "ssl3 session id too long"},
-    {ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_SHORT),
-     "ssl3 session id too short"},
-    {ERR_REASON(SSL_R_SSLV3_ALERT_BAD_CERTIFICATE),
-     "sslv3 alert bad certificate"},
-    {ERR_REASON(SSL_R_SSLV3_ALERT_BAD_RECORD_MAC),
-     "sslv3 alert bad record mac"},
-    {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED),
-     "sslv3 alert certificate expired"},
-    {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED),
-     "sslv3 alert certificate revoked"},
-    {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN),
-     "sslv3 alert certificate unknown"},
-    {ERR_REASON(SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE),
-     "sslv3 alert decompression failure"},
-    {ERR_REASON(SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE),
-     "sslv3 alert handshake failure"},
-    {ERR_REASON(SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER),
-     "sslv3 alert illegal parameter"},
-    {ERR_REASON(SSL_R_SSLV3_ALERT_NO_CERTIFICATE),
-     "sslv3 alert no certificate"},
-    {ERR_REASON(SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE),
-     "sslv3 alert unexpected message"},
-    {ERR_REASON(SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE),
-     "sslv3 alert unsupported certificate"},
-    {ERR_REASON(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION),
-     "ssl ctx has no default ssl version"},
-    {ERR_REASON(SSL_R_SSL_HANDSHAKE_FAILURE), "ssl handshake failure"},
-    {ERR_REASON(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS),
-     "ssl library has no ciphers"},
-    {ERR_REASON(SSL_R_SSL_SESSION_ID_CALLBACK_FAILED),
-     "ssl session id callback failed"},
-    {ERR_REASON(SSL_R_SSL_SESSION_ID_CONFLICT), "ssl session id conflict"},
-    {ERR_REASON(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG),
-     "ssl session id context too long"},
-    {ERR_REASON(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH),
-     "ssl session id has bad length"},
-    {ERR_REASON(SSL_R_SSL_SESSION_ID_IS_DIFFERENT),
-     "ssl session id is different"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_ACCESS_DENIED),
-     "tlsv1 alert access denied"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_DECODE_ERROR), "tlsv1 alert decode error"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPTION_FAILED),
-     "tlsv1 alert decryption failed"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPT_ERROR),
-     "tlsv1 alert decrypt error"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION),
-     "tlsv1 alert export restriction"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK),
-     "tlsv1 alert inappropriate fallback"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY),
-     "tlsv1 alert insufficient security"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_INTERNAL_ERROR),
-     "tlsv1 alert internal error"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_NO_RENEGOTIATION),
-     "tlsv1 alert no renegotiation"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_PROTOCOL_VERSION),
-     "tlsv1 alert protocol version"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_RECORD_OVERFLOW),
-     "tlsv1 alert record overflow"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_UNKNOWN_CA), "tlsv1 alert unknown ca"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_USER_CANCELLED),
-     "tlsv1 alert user cancelled"},
-    {ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE),
-     "tlsv1 bad certificate hash value"},
-    {ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE),
-     "tlsv1 bad certificate status response"},
-    {ERR_REASON(SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE),
-     "tlsv1 certificate unobtainable"},
-    {ERR_REASON(SSL_R_TLSV1_UNRECOGNIZED_NAME), "tlsv1 unrecognized name"},
-    {ERR_REASON(SSL_R_TLSV1_UNSUPPORTED_EXTENSION),
-     "tlsv1 unsupported extension"},
-    {ERR_REASON(SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER),
-     "tls client cert req with anon cipher"},
-    {ERR_REASON(SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT),
-     "peer does not accept heartbeats"},
-    {ERR_REASON(SSL_R_TLS_HEARTBEAT_PENDING),
-     "heartbeat request already pending"},
-    {ERR_REASON(SSL_R_TLS_ILLEGAL_EXPORTER_LABEL),
-     "tls illegal exporter label"},
-    {ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST),
-     "tls invalid ecpointformat list"},
-    {ERR_REASON(SSL_R_TOO_MANY_WARN_ALERTS), "too many warn alerts"},
-    {ERR_REASON(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST),
-     "tls peer did not respond with certificate list"},
-    {ERR_REASON(SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG),
-     "tls rsa encrypted value length is wrong"},
-    {ERR_REASON(SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER),
-     "tried to use unsupported cipher"},
-    {ERR_REASON(SSL_R_UNABLE_TO_DECODE_DH_CERTS),
-     "unable to decode dh certs"},
-    {ERR_REASON(SSL_R_UNABLE_TO_DECODE_ECDH_CERTS),
-     "unable to decode ecdh certs"},
-    {ERR_REASON(SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY),
-     "unable to extract public key"},
-    {ERR_REASON(SSL_R_UNABLE_TO_FIND_DH_PARAMETERS),
-     "unable to find dh parameters"},
-    {ERR_REASON(SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS),
-     "unable to find ecdh parameters"},
-    {ERR_REASON(SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS),
-     "unable to find public key parameters"},
-    {ERR_REASON(SSL_R_UNABLE_TO_FIND_SSL_METHOD),
-     "unable to find ssl method"},
-    {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES),
-     "unable to load ssl2 md5 routines"},
-    {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES),
-     "unable to load ssl3 md5 routines"},
-    {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES),
-     "unable to load ssl3 sha1 routines"},
-    {ERR_REASON(SSL_R_UNEXPECTED_MESSAGE), "unexpected message"},
-    {ERR_REASON(SSL_R_UNEXPECTED_RECORD), "unexpected record"},
-    {ERR_REASON(SSL_R_UNINITIALIZED), "uninitialized"},
-    {ERR_REASON(SSL_R_UNKNOWN_ALERT_TYPE), "unknown alert type"},
-    {ERR_REASON(SSL_R_UNKNOWN_CERTIFICATE_TYPE), "unknown certificate type"},
-    {ERR_REASON(SSL_R_UNKNOWN_CIPHER_RETURNED), "unknown cipher returned"},
-    {ERR_REASON(SSL_R_UNKNOWN_CIPHER_TYPE), "unknown cipher type"},
-    {ERR_REASON(SSL_R_UNKNOWN_CMD_NAME), "unknown cmd name"},
-    {ERR_REASON(SSL_R_UNKNOWN_DIGEST), "unknown digest"},
-    {ERR_REASON(SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE),
-     "unknown key exchange type"},
-    {ERR_REASON(SSL_R_UNKNOWN_PKEY_TYPE), "unknown pkey type"},
-    {ERR_REASON(SSL_R_UNKNOWN_PROTOCOL), "unknown protocol"},
-    {ERR_REASON(SSL_R_UNKNOWN_REMOTE_ERROR_TYPE),
-     "unknown remote error type"},
-    {ERR_REASON(SSL_R_UNKNOWN_SSL_VERSION), "unknown ssl version"},
-    {ERR_REASON(SSL_R_UNKNOWN_STATE), "unknown state"},
-    {ERR_REASON(SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED),
-     "unsafe legacy renegotiation disabled"},
-    {ERR_REASON(SSL_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
-    {ERR_REASON(SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM),
-     "unsupported compression algorithm"},
-    {ERR_REASON(SSL_R_UNSUPPORTED_DIGEST_TYPE), "unsupported digest type"},
-    {ERR_REASON(SSL_R_UNSUPPORTED_ELLIPTIC_CURVE),
-     "unsupported elliptic curve"},
-    {ERR_REASON(SSL_R_UNSUPPORTED_PROTOCOL), "unsupported protocol"},
-    {ERR_REASON(SSL_R_UNSUPPORTED_SSL_VERSION), "unsupported ssl version"},
-    {ERR_REASON(SSL_R_UNSUPPORTED_STATUS_TYPE), "unsupported status type"},
-    {ERR_REASON(SSL_R_USE_SRTP_NOT_NEGOTIATED), "use srtp not negotiated"},
-    {ERR_REASON(SSL_R_WRITE_BIO_NOT_SET), "write bio not set"},
-    {ERR_REASON(SSL_R_WRONG_CERTIFICATE_TYPE), "wrong certificate type"},
-    {ERR_REASON(SSL_R_WRONG_CIPHER_RETURNED), "wrong cipher returned"},
-    {ERR_REASON(SSL_R_WRONG_CURVE), "wrong curve"},
-    {ERR_REASON(SSL_R_WRONG_MESSAGE_TYPE), "wrong message type"},
-    {ERR_REASON(SSL_R_WRONG_NUMBER_OF_KEY_BITS), "wrong number of key bits"},
-    {ERR_REASON(SSL_R_WRONG_SIGNATURE_LENGTH), "wrong signature length"},
-    {ERR_REASON(SSL_R_WRONG_SIGNATURE_SIZE), "wrong signature size"},
-    {ERR_REASON(SSL_R_WRONG_SIGNATURE_TYPE), "wrong signature type"},
-    {ERR_REASON(SSL_R_WRONG_SSL_VERSION), "wrong ssl version"},
-    {ERR_REASON(SSL_R_WRONG_VERSION_NUMBER), "wrong version number"},
-    {ERR_REASON(SSL_R_X509_LIB), "x509 lib"},
-    {ERR_REASON(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS),
-     "x509 verification setup problems"},
-    {0, NULL}
-};
-
-#endif
-
-void ERR_load_SSL_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-    if (ERR_func_error_string(SSL_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, SSL_str_functs);
-        ERR_load_strings(0, SSL_str_reasons);
-    }
-#endif
-}
diff --git a/thirdparty/openssl/ssl/ssl_err2.c b/thirdparty/openssl/ssl/ssl_err2.c
deleted file mode 100644
index 14e48221f4..0000000000
--- a/thirdparty/openssl/ssl/ssl_err2.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/* ssl/ssl_err2.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-
-void SSL_load_error_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-    ERR_load_crypto_strings();
-    ERR_load_SSL_strings();
-#endif
-}
diff --git a/thirdparty/openssl/ssl/ssl_lib.c b/thirdparty/openssl/ssl/ssl_lib.c
deleted file mode 100644
index 24be376c9f..0000000000
--- a/thirdparty/openssl/ssl/ssl_lib.c
+++ /dev/null
@@ -1,3580 +0,0 @@
-/*
- * ! \file ssl/ssl_lib.c \brief Version independent SSL functions.
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#ifdef REF_CHECK
-# include <assert.h>
-#endif
-#include <stdio.h>
-#include "ssl_locl.h"
-#include "kssl_lcl.h"
-#include <openssl/objects.h>
-#include <openssl/lhash.h>
-#include <openssl/x509v3.h>
-#include <openssl/rand.h>
-#include <openssl/ocsp.h>
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-
-const char *SSL_version_str = OPENSSL_VERSION_TEXT;
-
-SSL3_ENC_METHOD ssl3_undef_enc_method = {
-    /*
-     * evil casts, but these functions are only called if there's a library
-     * bug
-     */
-    (int (*)(SSL *, int))ssl_undefined_function,
-    (int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
-    ssl_undefined_function,
-    (int (*)(SSL *, unsigned char *, unsigned char *, int))
-        ssl_undefined_function,
-    (int (*)(SSL *, int))ssl_undefined_function,
-    (int (*)(SSL *, const char *, int, unsigned char *))
-        ssl_undefined_function,
-    0,                          /* finish_mac_length */
-    (int (*)(SSL *, int, unsigned char *))ssl_undefined_function,
-    NULL,                       /* client_finished_label */
-    0,                          /* client_finished_label_len */
-    NULL,                       /* server_finished_label */
-    0,                          /* server_finished_label_len */
-    (int (*)(int))ssl_undefined_function,
-    (int (*)(SSL *, unsigned char *, size_t, const char *,
-             size_t, const unsigned char *, size_t,
-             int use_context))ssl_undefined_function,
-};
-
-int SSL_clear(SSL *s)
-{
-
-    if (s->method == NULL) {
-        SSLerr(SSL_F_SSL_CLEAR, SSL_R_NO_METHOD_SPECIFIED);
-        return (0);
-    }
-
-    if (ssl_clear_bad_session(s)) {
-        SSL_SESSION_free(s->session);
-        s->session = NULL;
-    }
-
-    s->error = 0;
-    s->hit = 0;
-    s->shutdown = 0;
-
-#if 0
-    /*
-     * Disabled since version 1.10 of this file (early return not
-     * needed because SSL_clear is not called when doing renegotiation)
-     */
-    /*
-     * This is set if we are doing dynamic renegotiation so keep
-     * the old cipher.  It is sort of a SSL_clear_lite :-)
-     */
-    if (s->renegotiate)
-        return (1);
-#else
-    if (s->renegotiate) {
-        SSLerr(SSL_F_SSL_CLEAR, ERR_R_INTERNAL_ERROR);
-        return 0;
-    }
-#endif
-
-    s->type = 0;
-
-    s->state = SSL_ST_BEFORE | ((s->server) ? SSL_ST_ACCEPT : SSL_ST_CONNECT);
-
-    s->version = s->method->version;
-    s->client_version = s->version;
-    s->rwstate = SSL_NOTHING;
-    s->rstate = SSL_ST_READ_HEADER;
-#if 0
-    s->read_ahead = s->ctx->read_ahead;
-#endif
-
-    if (s->init_buf != NULL) {
-        BUF_MEM_free(s->init_buf);
-        s->init_buf = NULL;
-    }
-
-    ssl_clear_cipher_ctx(s);
-    ssl_clear_hash_ctx(&s->read_hash);
-    ssl_clear_hash_ctx(&s->write_hash);
-
-    s->first_packet = 0;
-#ifndef OPENSSL_NO_TLSEXT
-    if (s->cert != NULL) {
-        if (s->cert->alpn_proposed) {
-            OPENSSL_free(s->cert->alpn_proposed);
-            s->cert->alpn_proposed = NULL;
-        }
-        s->cert->alpn_proposed_len = 0;
-        s->cert->alpn_sent = 0;
-    }
-#endif
-#if 1
-    /*
-     * Check to see if we were changed into a different method, if so, revert
-     * back if we are not doing session-id reuse.
-     */
-    if (!s->in_handshake && (s->session == NULL)
-        && (s->method != s->ctx->method)) {
-        s->method->ssl_free(s);
-        s->method = s->ctx->method;
-        if (!s->method->ssl_new(s))
-            return (0);
-    } else
-#endif
-        s->method->ssl_clear(s);
-    return (1);
-}
-
-/** Used to change an SSL_CTXs default SSL method type */
-int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
-{
-    STACK_OF(SSL_CIPHER) *sk;
-
-    ctx->method = meth;
-
-    sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),
-                                &(ctx->cipher_list_by_id),
-                                meth->version ==
-                                SSL2_VERSION ? "SSLv2" :
-                                SSL_DEFAULT_CIPHER_LIST, ctx->cert);
-    if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
-        SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,
-               SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
-        return (0);
-    }
-    return (1);
-}
-
-SSL *SSL_new(SSL_CTX *ctx)
-{
-    SSL *s;
-
-    if (ctx == NULL) {
-        SSLerr(SSL_F_SSL_NEW, SSL_R_NULL_SSL_CTX);
-        return (NULL);
-    }
-    if (ctx->method == NULL) {
-        SSLerr(SSL_F_SSL_NEW, SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
-        return (NULL);
-    }
-
-    s = (SSL *)OPENSSL_malloc(sizeof(SSL));
-    if (s == NULL)
-        goto err;
-    memset(s, 0, sizeof(SSL));
-
-#ifndef OPENSSL_NO_KRB5
-    s->kssl_ctx = kssl_ctx_new();
-#endif                          /* OPENSSL_NO_KRB5 */
-
-    s->options = ctx->options;
-    s->mode = ctx->mode;
-    s->max_cert_list = ctx->max_cert_list;
-    s->references = 1;
-
-    if (ctx->cert != NULL) {
-        /*
-         * Earlier library versions used to copy the pointer to the CERT, not
-         * its contents; only when setting new parameters for the per-SSL
-         * copy, ssl_cert_new would be called (and the direct reference to
-         * the per-SSL_CTX settings would be lost, but those still were
-         * indirectly accessed for various purposes, and for that reason they
-         * used to be known as s->ctx->default_cert). Now we don't look at the
-         * SSL_CTX's CERT after having duplicated it once.
-         */
-
-        s->cert = ssl_cert_dup(ctx->cert);
-        if (s->cert == NULL)
-            goto err;
-    } else
-        s->cert = NULL;         /* Cannot really happen (see SSL_CTX_new) */
-
-    s->read_ahead = ctx->read_ahead;
-    s->msg_callback = ctx->msg_callback;
-    s->msg_callback_arg = ctx->msg_callback_arg;
-    s->verify_mode = ctx->verify_mode;
-#if 0
-    s->verify_depth = ctx->verify_depth;
-#endif
-    s->sid_ctx_length = ctx->sid_ctx_length;
-    OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
-    memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx));
-    s->verify_callback = ctx->default_verify_callback;
-    s->generate_session_id = ctx->generate_session_id;
-
-    s->param = X509_VERIFY_PARAM_new();
-    if (!s->param)
-        goto err;
-    X509_VERIFY_PARAM_inherit(s->param, ctx->param);
-#if 0
-    s->purpose = ctx->purpose;
-    s->trust = ctx->trust;
-#endif
-    s->quiet_shutdown = ctx->quiet_shutdown;
-    s->max_send_fragment = ctx->max_send_fragment;
-
-    CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
-    s->ctx = ctx;
-#ifndef OPENSSL_NO_TLSEXT
-    s->tlsext_debug_cb = 0;
-    s->tlsext_debug_arg = NULL;
-    s->tlsext_ticket_expected = 0;
-    s->tlsext_status_type = -1;
-    s->tlsext_status_expected = 0;
-    s->tlsext_ocsp_ids = NULL;
-    s->tlsext_ocsp_exts = NULL;
-    s->tlsext_ocsp_resp = NULL;
-    s->tlsext_ocsp_resplen = -1;
-    CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
-    s->initial_ctx = ctx;
-# ifndef OPENSSL_NO_EC
-    if (ctx->tlsext_ecpointformatlist) {
-        s->tlsext_ecpointformatlist =
-            BUF_memdup(ctx->tlsext_ecpointformatlist,
-                       ctx->tlsext_ecpointformatlist_length);
-        if (!s->tlsext_ecpointformatlist)
-            goto err;
-        s->tlsext_ecpointformatlist_length =
-            ctx->tlsext_ecpointformatlist_length;
-    }
-    if (ctx->tlsext_ellipticcurvelist) {
-        s->tlsext_ellipticcurvelist =
-            BUF_memdup(ctx->tlsext_ellipticcurvelist,
-                       ctx->tlsext_ellipticcurvelist_length);
-        if (!s->tlsext_ellipticcurvelist)
-            goto err;
-        s->tlsext_ellipticcurvelist_length =
-            ctx->tlsext_ellipticcurvelist_length;
-    }
-# endif
-# ifndef OPENSSL_NO_NEXTPROTONEG
-    s->next_proto_negotiated = NULL;
-# endif
-
-    if (s->ctx->alpn_client_proto_list) {
-        s->alpn_client_proto_list =
-            OPENSSL_malloc(s->ctx->alpn_client_proto_list_len);
-        if (s->alpn_client_proto_list == NULL)
-            goto err;
-        memcpy(s->alpn_client_proto_list, s->ctx->alpn_client_proto_list,
-               s->ctx->alpn_client_proto_list_len);
-        s->alpn_client_proto_list_len = s->ctx->alpn_client_proto_list_len;
-    }
-#endif
-
-    s->verify_result = X509_V_OK;
-
-    s->method = ctx->method;
-
-    if (!s->method->ssl_new(s))
-        goto err;
-
-    s->server = (ctx->method->ssl_accept == ssl_undefined_function) ? 0 : 1;
-
-    SSL_clear(s);
-
-    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
-
-#ifndef OPENSSL_NO_PSK
-    s->psk_client_callback = ctx->psk_client_callback;
-    s->psk_server_callback = ctx->psk_server_callback;
-#endif
-
-    return (s);
- err:
-    if (s != NULL)
-        SSL_free(s);
-    SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
-    return (NULL);
-}
-
-int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
-                                   unsigned int sid_ctx_len)
-{
-    if (sid_ctx_len > sizeof ctx->sid_ctx) {
-        SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,
-               SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
-        return 0;
-    }
-    ctx->sid_ctx_length = sid_ctx_len;
-    memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len);
-
-    return 1;
-}
-
-int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
-                               unsigned int sid_ctx_len)
-{
-    if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
-        SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,
-               SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
-        return 0;
-    }
-    ssl->sid_ctx_length = sid_ctx_len;
-    memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len);
-
-    return 1;
-}
-
-int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
-{
-    CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-    ctx->generate_session_id = cb;
-    CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-    return 1;
-}
-
-int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
-{
-    CRYPTO_w_lock(CRYPTO_LOCK_SSL);
-    ssl->generate_session_id = cb;
-    CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
-    return 1;
-}
-
-int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
-                                unsigned int id_len)
-{
-    /*
-     * A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how
-     * we can "construct" a session to give us the desired check - ie. to
-     * find if there's a session in the hash table that would conflict with
-     * any new session built out of this id/id_len and the ssl_version in use
-     * by this SSL.
-     */
-    SSL_SESSION r, *p;
-
-    if (id_len > sizeof r.session_id)
-        return 0;
-
-    r.ssl_version = ssl->version;
-    r.session_id_length = id_len;
-    memcpy(r.session_id, id, id_len);
-    /*
-     * NB: SSLv2 always uses a fixed 16-byte session ID, so even if a
-     * callback is calling us to check the uniqueness of a shorter ID, it
-     * must be compared as a padded-out ID because that is what it will be
-     * converted to when the callback has finished choosing it.
-     */
-    if ((r.ssl_version == SSL2_VERSION) &&
-        (id_len < SSL2_SSL_SESSION_ID_LENGTH)) {
-        memset(r.session_id + id_len, 0, SSL2_SSL_SESSION_ID_LENGTH - id_len);
-        r.session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
-    }
-
-    CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
-    p = lh_SSL_SESSION_retrieve(ssl->ctx->sessions, &r);
-    CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
-    return (p != NULL);
-}
-
-int SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
-{
-    return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
-}
-
-int SSL_set_purpose(SSL *s, int purpose)
-{
-    return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
-}
-
-int SSL_CTX_set_trust(SSL_CTX *s, int trust)
-{
-    return X509_VERIFY_PARAM_set_trust(s->param, trust);
-}
-
-int SSL_set_trust(SSL *s, int trust)
-{
-    return X509_VERIFY_PARAM_set_trust(s->param, trust);
-}
-
-int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
-{
-    return X509_VERIFY_PARAM_set1(ctx->param, vpm);
-}
-
-int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
-{
-    return X509_VERIFY_PARAM_set1(ssl->param, vpm);
-}
-
-X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx)
-{
-    return ctx->param;
-}
-
-X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl)
-{
-    return ssl->param;
-}
-
-void SSL_certs_clear(SSL *s)
-{
-    ssl_cert_clear_certs(s->cert);
-}
-
-void SSL_free(SSL *s)
-{
-    int i;
-
-    if (s == NULL)
-        return;
-
-    i = CRYPTO_add(&s->references, -1, CRYPTO_LOCK_SSL);
-#ifdef REF_PRINT
-    REF_PRINT("SSL", s);
-#endif
-    if (i > 0)
-        return;
-#ifdef REF_CHECK
-    if (i < 0) {
-        fprintf(stderr, "SSL_free, bad reference count\n");
-        abort();                /* ok */
-    }
-#endif
-
-    if (s->param)
-        X509_VERIFY_PARAM_free(s->param);
-
-    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
-
-    if (s->bbio != NULL) {
-        /* If the buffering BIO is in place, pop it off */
-        if (s->bbio == s->wbio) {
-            s->wbio = BIO_pop(s->wbio);
-        }
-        BIO_free(s->bbio);
-        s->bbio = NULL;
-    }
-    if (s->rbio != NULL)
-        BIO_free_all(s->rbio);
-    if ((s->wbio != NULL) && (s->wbio != s->rbio))
-        BIO_free_all(s->wbio);
-
-    if (s->init_buf != NULL)
-        BUF_MEM_free(s->init_buf);
-
-    /* add extra stuff */
-    if (s->cipher_list != NULL)
-        sk_SSL_CIPHER_free(s->cipher_list);
-    if (s->cipher_list_by_id != NULL)
-        sk_SSL_CIPHER_free(s->cipher_list_by_id);
-
-    /* Make the next call work :-) */
-    if (s->session != NULL) {
-        ssl_clear_bad_session(s);
-        SSL_SESSION_free(s->session);
-    }
-
-    ssl_clear_cipher_ctx(s);
-    ssl_clear_hash_ctx(&s->read_hash);
-    ssl_clear_hash_ctx(&s->write_hash);
-
-    if (s->cert != NULL)
-        ssl_cert_free(s->cert);
-    /* Free up if allocated */
-
-#ifndef OPENSSL_NO_TLSEXT
-    if (s->tlsext_hostname)
-        OPENSSL_free(s->tlsext_hostname);
-    if (s->initial_ctx)
-        SSL_CTX_free(s->initial_ctx);
-# ifndef OPENSSL_NO_EC
-    if (s->tlsext_ecpointformatlist)
-        OPENSSL_free(s->tlsext_ecpointformatlist);
-    if (s->tlsext_ellipticcurvelist)
-        OPENSSL_free(s->tlsext_ellipticcurvelist);
-# endif                         /* OPENSSL_NO_EC */
-    if (s->tlsext_opaque_prf_input)
-        OPENSSL_free(s->tlsext_opaque_prf_input);
-    if (s->tlsext_ocsp_exts)
-        sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, X509_EXTENSION_free);
-    if (s->tlsext_ocsp_ids)
-        sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
-    if (s->tlsext_ocsp_resp)
-        OPENSSL_free(s->tlsext_ocsp_resp);
-    if (s->alpn_client_proto_list)
-        OPENSSL_free(s->alpn_client_proto_list);
-#endif
-
-    if (s->client_CA != NULL)
-        sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);
-
-    if (s->method != NULL)
-        s->method->ssl_free(s);
-
-    if (s->ctx)
-        SSL_CTX_free(s->ctx);
-
-#ifndef OPENSSL_NO_KRB5
-    if (s->kssl_ctx != NULL)
-        kssl_ctx_free(s->kssl_ctx);
-#endif                          /* OPENSSL_NO_KRB5 */
-
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
-    if (s->next_proto_negotiated)
-        OPENSSL_free(s->next_proto_negotiated);
-#endif
-
-#ifndef OPENSSL_NO_SRTP
-    if (s->srtp_profiles)
-        sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
-#endif
-
-    OPENSSL_free(s);
-}
-
-void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio)
-{
-    /*
-     * If the output buffering BIO is still in place, remove it
-     */
-    if (s->bbio != NULL) {
-        if (s->wbio == s->bbio) {
-            s->wbio = s->wbio->next_bio;
-            s->bbio->next_bio = NULL;
-        }
-    }
-    if ((s->rbio != NULL) && (s->rbio != rbio))
-        BIO_free_all(s->rbio);
-    if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio))
-        BIO_free_all(s->wbio);
-    s->rbio = rbio;
-    s->wbio = wbio;
-}
-
-BIO *SSL_get_rbio(const SSL *s)
-{
-    return (s->rbio);
-}
-
-BIO *SSL_get_wbio(const SSL *s)
-{
-    return (s->wbio);
-}
-
-int SSL_get_fd(const SSL *s)
-{
-    return (SSL_get_rfd(s));
-}
-
-int SSL_get_rfd(const SSL *s)
-{
-    int ret = -1;
-    BIO *b, *r;
-
-    b = SSL_get_rbio(s);
-    r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
-    if (r != NULL)
-        BIO_get_fd(r, &ret);
-    return (ret);
-}
-
-int SSL_get_wfd(const SSL *s)
-{
-    int ret = -1;
-    BIO *b, *r;
-
-    b = SSL_get_wbio(s);
-    r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
-    if (r != NULL)
-        BIO_get_fd(r, &ret);
-    return (ret);
-}
-
-#ifndef OPENSSL_NO_SOCK
-int SSL_set_fd(SSL *s, int fd)
-{
-    int ret = 0;
-    BIO *bio = NULL;
-
-    bio = BIO_new(BIO_s_socket());
-
-    if (bio == NULL) {
-        SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
-        goto err;
-    }
-    BIO_set_fd(bio, fd, BIO_NOCLOSE);
-    SSL_set_bio(s, bio, bio);
-    ret = 1;
- err:
-    return (ret);
-}
-
-int SSL_set_wfd(SSL *s, int fd)
-{
-    int ret = 0;
-    BIO *bio = NULL;
-
-    if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
-        || ((int)BIO_get_fd(s->rbio, NULL) != fd)) {
-        bio = BIO_new(BIO_s_socket());
-
-        if (bio == NULL) {
-            SSLerr(SSL_F_SSL_SET_WFD, ERR_R_BUF_LIB);
-            goto err;
-        }
-        BIO_set_fd(bio, fd, BIO_NOCLOSE);
-        SSL_set_bio(s, SSL_get_rbio(s), bio);
-    } else
-        SSL_set_bio(s, SSL_get_rbio(s), SSL_get_rbio(s));
-    ret = 1;
- err:
-    return (ret);
-}
-
-int SSL_set_rfd(SSL *s, int fd)
-{
-    int ret = 0;
-    BIO *bio = NULL;
-
-    if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
-        || ((int)BIO_get_fd(s->wbio, NULL) != fd)) {
-        bio = BIO_new(BIO_s_socket());
-
-        if (bio == NULL) {
-            SSLerr(SSL_F_SSL_SET_RFD, ERR_R_BUF_LIB);
-            goto err;
-        }
-        BIO_set_fd(bio, fd, BIO_NOCLOSE);
-        SSL_set_bio(s, bio, SSL_get_wbio(s));
-    } else
-        SSL_set_bio(s, SSL_get_wbio(s), SSL_get_wbio(s));
-    ret = 1;
- err:
-    return (ret);
-}
-#endif
-
-/* return length of latest Finished message we sent, copy to 'buf' */
-size_t SSL_get_finished(const SSL *s, void *buf, size_t count)
-{
-    size_t ret = 0;
-
-    if (s->s3 != NULL) {
-        ret = s->s3->tmp.finish_md_len;
-        if (count > ret)
-            count = ret;
-        memcpy(buf, s->s3->tmp.finish_md, count);
-    }
-    return ret;
-}
-
-/* return length of latest Finished message we expected, copy to 'buf' */
-size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
-{
-    size_t ret = 0;
-
-    if (s->s3 != NULL) {
-        ret = s->s3->tmp.peer_finish_md_len;
-        if (count > ret)
-            count = ret;
-        memcpy(buf, s->s3->tmp.peer_finish_md, count);
-    }
-    return ret;
-}
-
-int SSL_get_verify_mode(const SSL *s)
-{
-    return (s->verify_mode);
-}
-
-int SSL_get_verify_depth(const SSL *s)
-{
-    return X509_VERIFY_PARAM_get_depth(s->param);
-}
-
-int (*SSL_get_verify_callback(const SSL *s)) (int, X509_STORE_CTX *) {
-    return (s->verify_callback);
-}
-
-int SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
-{
-    return (ctx->verify_mode);
-}
-
-int SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
-{
-    return X509_VERIFY_PARAM_get_depth(ctx->param);
-}
-
-int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx)) (int, X509_STORE_CTX *) {
-    return (ctx->default_verify_callback);
-}
-
-void SSL_set_verify(SSL *s, int mode,
-                    int (*callback) (int ok, X509_STORE_CTX *ctx))
-{
-    s->verify_mode = mode;
-    if (callback != NULL)
-        s->verify_callback = callback;
-}
-
-void SSL_set_verify_depth(SSL *s, int depth)
-{
-    X509_VERIFY_PARAM_set_depth(s->param, depth);
-}
-
-void SSL_set_read_ahead(SSL *s, int yes)
-{
-    s->read_ahead = yes;
-}
-
-int SSL_get_read_ahead(const SSL *s)
-{
-    return (s->read_ahead);
-}
-
-int SSL_pending(const SSL *s)
-{
-    /*
-     * SSL_pending cannot work properly if read-ahead is enabled
-     * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)), and it is
-     * impossible to fix since SSL_pending cannot report errors that may be
-     * observed while scanning the new data. (Note that SSL_pending() is
-     * often used as a boolean value, so we'd better not return -1.)
-     */
-    return (s->method->ssl_pending(s));
-}
-
-X509 *SSL_get_peer_certificate(const SSL *s)
-{
-    X509 *r;
-
-    if ((s == NULL) || (s->session == NULL))
-        r = NULL;
-    else
-        r = s->session->peer;
-
-    if (r == NULL)
-        return (r);
-
-    CRYPTO_add(&r->references, 1, CRYPTO_LOCK_X509);
-
-    return (r);
-}
-
-STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s)
-{
-    STACK_OF(X509) *r;
-
-    if ((s == NULL) || (s->session == NULL)
-        || (s->session->sess_cert == NULL))
-        r = NULL;
-    else
-        r = s->session->sess_cert->cert_chain;
-
-    /*
-     * If we are a client, cert_chain includes the peer's own certificate; if
-     * we are a server, it does not.
-     */
-
-    return (r);
-}
-
-/*
- * Now in theory, since the calling process own 't' it should be safe to
- * modify.  We need to be able to read f without being hassled
- */
-void SSL_copy_session_id(SSL *t, const SSL *f)
-{
-    CERT *tmp;
-
-    /* Do we need to to SSL locking? */
-    SSL_set_session(t, SSL_get_session(f));
-
-    /*
-     * what if we are setup as SSLv2 but want to talk SSLv3 or vice-versa
-     */
-    if (t->method != f->method) {
-        t->method->ssl_free(t); /* cleanup current */
-        t->method = f->method;  /* change method */
-        t->method->ssl_new(t);  /* setup new */
-    }
-
-    tmp = t->cert;
-    if (f->cert != NULL) {
-        CRYPTO_add(&f->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
-        t->cert = f->cert;
-    } else
-        t->cert = NULL;
-    if (tmp != NULL)
-        ssl_cert_free(tmp);
-    SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length);
-}
-
-/* Fix this so it checks all the valid key/cert options */
-int SSL_CTX_check_private_key(const SSL_CTX *ctx)
-{
-    if ((ctx == NULL) ||
-        (ctx->cert == NULL) || (ctx->cert->key->x509 == NULL)) {
-        SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
-               SSL_R_NO_CERTIFICATE_ASSIGNED);
-        return (0);
-    }
-    if (ctx->cert->key->privatekey == NULL) {
-        SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
-               SSL_R_NO_PRIVATE_KEY_ASSIGNED);
-        return (0);
-    }
-    return (X509_check_private_key
-            (ctx->cert->key->x509, ctx->cert->key->privatekey));
-}
-
-/* Fix this function so that it takes an optional type parameter */
-int SSL_check_private_key(const SSL *ssl)
-{
-    if (ssl == NULL) {
-        SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, ERR_R_PASSED_NULL_PARAMETER);
-        return (0);
-    }
-    if (ssl->cert == NULL) {
-        SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED);
-        return 0;
-    }
-    if (ssl->cert->key->x509 == NULL) {
-        SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED);
-        return (0);
-    }
-    if (ssl->cert->key->privatekey == NULL) {
-        SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_PRIVATE_KEY_ASSIGNED);
-        return (0);
-    }
-    return (X509_check_private_key(ssl->cert->key->x509,
-                                   ssl->cert->key->privatekey));
-}
-
-int SSL_accept(SSL *s)
-{
-    if (s->handshake_func == 0)
-        /* Not properly initialized yet */
-        SSL_set_accept_state(s);
-
-    return (s->method->ssl_accept(s));
-}
-
-int SSL_connect(SSL *s)
-{
-    if (s->handshake_func == 0)
-        /* Not properly initialized yet */
-        SSL_set_connect_state(s);
-
-    return (s->method->ssl_connect(s));
-}
-
-long SSL_get_default_timeout(const SSL *s)
-{
-    return (s->method->get_timeout());
-}
-
-int SSL_read(SSL *s, void *buf, int num)
-{
-    if (s->handshake_func == 0) {
-        SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
-        return -1;
-    }
-
-    if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
-        s->rwstate = SSL_NOTHING;
-        return (0);
-    }
-    return (s->method->ssl_read(s, buf, num));
-}
-
-int SSL_peek(SSL *s, void *buf, int num)
-{
-    if (s->handshake_func == 0) {
-        SSLerr(SSL_F_SSL_PEEK, SSL_R_UNINITIALIZED);
-        return -1;
-    }
-
-    if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
-        return (0);
-    }
-    return (s->method->ssl_peek(s, buf, num));
-}
-
-int SSL_write(SSL *s, const void *buf, int num)
-{
-    if (s->handshake_func == 0) {
-        SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED);
-        return -1;
-    }
-
-    if (s->shutdown & SSL_SENT_SHUTDOWN) {
-        s->rwstate = SSL_NOTHING;
-        SSLerr(SSL_F_SSL_WRITE, SSL_R_PROTOCOL_IS_SHUTDOWN);
-        return (-1);
-    }
-    return (s->method->ssl_write(s, buf, num));
-}
-
-int SSL_shutdown(SSL *s)
-{
-    /*
-     * Note that this function behaves differently from what one might
-     * expect.  Return values are 0 for no success (yet), 1 for success; but
-     * calling it once is usually not enough, even if blocking I/O is used
-     * (see ssl3_shutdown).
-     */
-
-    if (s->handshake_func == 0) {
-        SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
-        return -1;
-    }
-
-    if (!SSL_in_init(s)) {
-        return s->method->ssl_shutdown(s);
-    } else {
-        SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_SHUTDOWN_WHILE_IN_INIT);
-        return -1;
-    }
-}
-
-int SSL_renegotiate(SSL *s)
-{
-    if (s->renegotiate == 0)
-        s->renegotiate = 1;
-
-    s->new_session = 1;
-
-    return (s->method->ssl_renegotiate(s));
-}
-
-int SSL_renegotiate_abbreviated(SSL *s)
-{
-    if (s->renegotiate == 0)
-        s->renegotiate = 1;
-
-    s->new_session = 0;
-
-    return (s->method->ssl_renegotiate(s));
-}
-
-int SSL_renegotiate_pending(SSL *s)
-{
-    /*
-     * becomes true when negotiation is requested; false again once a
-     * handshake has finished
-     */
-    return (s->renegotiate != 0);
-}
-
-long SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
-{
-    long l;
-
-    switch (cmd) {
-    case SSL_CTRL_GET_READ_AHEAD:
-        return (s->read_ahead);
-    case SSL_CTRL_SET_READ_AHEAD:
-        l = s->read_ahead;
-        s->read_ahead = larg;
-        return (l);
-
-    case SSL_CTRL_SET_MSG_CALLBACK_ARG:
-        s->msg_callback_arg = parg;
-        return 1;
-
-    case SSL_CTRL_OPTIONS:
-        return (s->options |= larg);
-    case SSL_CTRL_CLEAR_OPTIONS:
-        return (s->options &= ~larg);
-    case SSL_CTRL_MODE:
-        return (s->mode |= larg);
-    case SSL_CTRL_CLEAR_MODE:
-        return (s->mode &= ~larg);
-    case SSL_CTRL_GET_MAX_CERT_LIST:
-        return (s->max_cert_list);
-    case SSL_CTRL_SET_MAX_CERT_LIST:
-        l = s->max_cert_list;
-        s->max_cert_list = larg;
-        return (l);
-    case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
-        if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
-            return 0;
-        s->max_send_fragment = larg;
-        return 1;
-    case SSL_CTRL_GET_RI_SUPPORT:
-        if (s->s3)
-            return s->s3->send_connection_binding;
-        else
-            return 0;
-    case SSL_CTRL_CERT_FLAGS:
-        return (s->cert->cert_flags |= larg);
-    case SSL_CTRL_CLEAR_CERT_FLAGS:
-        return (s->cert->cert_flags &= ~larg);
-
-    case SSL_CTRL_GET_RAW_CIPHERLIST:
-        if (parg) {
-            if (s->cert->ciphers_raw == NULL)
-                return 0;
-            *(unsigned char **)parg = s->cert->ciphers_raw;
-            return (int)s->cert->ciphers_rawlen;
-        } else
-            return ssl_put_cipher_by_char(s, NULL, NULL);
-    default:
-        return (s->method->ssl_ctrl(s, cmd, larg, parg));
-    }
-}
-
-long SSL_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
-{
-    switch (cmd) {
-    case SSL_CTRL_SET_MSG_CALLBACK:
-        s->msg_callback = (void (*)
-                           (int write_p, int version, int content_type,
-                            const void *buf, size_t len, SSL *ssl,
-                            void *arg))(fp);
-        return 1;
-
-    default:
-        return (s->method->ssl_callback_ctrl(s, cmd, fp));
-    }
-}
-
-LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx)
-{
-    return ctx->sessions;
-}
-
-long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
-{
-    long l;
-    /* For some cases with ctx == NULL perform syntax checks */
-    if (ctx == NULL) {
-        switch (cmd) {
-#ifndef OPENSSL_NO_EC
-        case SSL_CTRL_SET_CURVES_LIST:
-            return tls1_set_curves_list(NULL, NULL, parg);
-#endif
-        case SSL_CTRL_SET_SIGALGS_LIST:
-        case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
-            return tls1_set_sigalgs_list(NULL, parg, 0);
-        default:
-            return 0;
-        }
-    }
-
-    switch (cmd) {
-    case SSL_CTRL_GET_READ_AHEAD:
-        return (ctx->read_ahead);
-    case SSL_CTRL_SET_READ_AHEAD:
-        l = ctx->read_ahead;
-        ctx->read_ahead = larg;
-        return (l);
-
-    case SSL_CTRL_SET_MSG_CALLBACK_ARG:
-        ctx->msg_callback_arg = parg;
-        return 1;
-
-    case SSL_CTRL_GET_MAX_CERT_LIST:
-        return (ctx->max_cert_list);
-    case SSL_CTRL_SET_MAX_CERT_LIST:
-        l = ctx->max_cert_list;
-        ctx->max_cert_list = larg;
-        return (l);
-
-    case SSL_CTRL_SET_SESS_CACHE_SIZE:
-        l = ctx->session_cache_size;
-        ctx->session_cache_size = larg;
-        return (l);
-    case SSL_CTRL_GET_SESS_CACHE_SIZE:
-        return (ctx->session_cache_size);
-    case SSL_CTRL_SET_SESS_CACHE_MODE:
-        l = ctx->session_cache_mode;
-        ctx->session_cache_mode = larg;
-        return (l);
-    case SSL_CTRL_GET_SESS_CACHE_MODE:
-        return (ctx->session_cache_mode);
-
-    case SSL_CTRL_SESS_NUMBER:
-        return (lh_SSL_SESSION_num_items(ctx->sessions));
-    case SSL_CTRL_SESS_CONNECT:
-        return (ctx->stats.sess_connect);
-    case SSL_CTRL_SESS_CONNECT_GOOD:
-        return (ctx->stats.sess_connect_good);
-    case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
-        return (ctx->stats.sess_connect_renegotiate);
-    case SSL_CTRL_SESS_ACCEPT:
-        return (ctx->stats.sess_accept);
-    case SSL_CTRL_SESS_ACCEPT_GOOD:
-        return (ctx->stats.sess_accept_good);
-    case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
-        return (ctx->stats.sess_accept_renegotiate);
-    case SSL_CTRL_SESS_HIT:
-        return (ctx->stats.sess_hit);
-    case SSL_CTRL_SESS_CB_HIT:
-        return (ctx->stats.sess_cb_hit);
-    case SSL_CTRL_SESS_MISSES:
-        return (ctx->stats.sess_miss);
-    case SSL_CTRL_SESS_TIMEOUTS:
-        return (ctx->stats.sess_timeout);
-    case SSL_CTRL_SESS_CACHE_FULL:
-        return (ctx->stats.sess_cache_full);
-    case SSL_CTRL_OPTIONS:
-        return (ctx->options |= larg);
-    case SSL_CTRL_CLEAR_OPTIONS:
-        return (ctx->options &= ~larg);
-    case SSL_CTRL_MODE:
-        return (ctx->mode |= larg);
-    case SSL_CTRL_CLEAR_MODE:
-        return (ctx->mode &= ~larg);
-    case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
-        if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
-            return 0;
-        ctx->max_send_fragment = larg;
-        return 1;
-    case SSL_CTRL_CERT_FLAGS:
-        return (ctx->cert->cert_flags |= larg);
-    case SSL_CTRL_CLEAR_CERT_FLAGS:
-        return (ctx->cert->cert_flags &= ~larg);
-    default:
-        return (ctx->method->ssl_ctx_ctrl(ctx, cmd, larg, parg));
-    }
-}
-
-long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
-{
-    switch (cmd) {
-    case SSL_CTRL_SET_MSG_CALLBACK:
-        ctx->msg_callback = (void (*)
-                             (int write_p, int version, int content_type,
-                              const void *buf, size_t len, SSL *ssl,
-                              void *arg))(fp);
-        return 1;
-
-    default:
-        return (ctx->method->ssl_ctx_callback_ctrl(ctx, cmd, fp));
-    }
-}
-
-int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
-{
-    long l;
-
-    l = a->id - b->id;
-    if (l == 0L)
-        return (0);
-    else
-        return ((l > 0) ? 1 : -1);
-}
-
-int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap,
-                          const SSL_CIPHER *const *bp)
-{
-    long l;
-
-    l = (*ap)->id - (*bp)->id;
-    if (l == 0L)
-        return (0);
-    else
-        return ((l > 0) ? 1 : -1);
-}
-
-/** return a STACK of the ciphers available for the SSL and in order of
- * preference */
-STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s)
-{
-    if (s != NULL) {
-        if (s->cipher_list != NULL) {
-            return (s->cipher_list);
-        } else if ((s->ctx != NULL) && (s->ctx->cipher_list != NULL)) {
-            return (s->ctx->cipher_list);
-        }
-    }
-    return (NULL);
-}
-
-/** return a STACK of the ciphers available for the SSL and in order of
- * algorithm id */
-STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s)
-{
-    if (s != NULL) {
-        if (s->cipher_list_by_id != NULL) {
-            return (s->cipher_list_by_id);
-        } else if ((s->ctx != NULL) && (s->ctx->cipher_list_by_id != NULL)) {
-            return (s->ctx->cipher_list_by_id);
-        }
-    }
-    return (NULL);
-}
-
-/** The old interface to get the same thing as SSL_get_ciphers() */
-const char *SSL_get_cipher_list(const SSL *s, int n)
-{
-    SSL_CIPHER *c;
-    STACK_OF(SSL_CIPHER) *sk;
-
-    if (s == NULL)
-        return (NULL);
-    sk = SSL_get_ciphers(s);
-    if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
-        return (NULL);
-    c = sk_SSL_CIPHER_value(sk, n);
-    if (c == NULL)
-        return (NULL);
-    return (c->name);
-}
-
-/** specify the ciphers to be used by default by the SSL_CTX */
-int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
-{
-    STACK_OF(SSL_CIPHER) *sk;
-
-    sk = ssl_create_cipher_list(ctx->method, &ctx->cipher_list,
-                                &ctx->cipher_list_by_id, str, ctx->cert);
-    /*
-     * ssl_create_cipher_list may return an empty stack if it was unable to
-     * find a cipher matching the given rule string (for example if the rule
-     * string specifies a cipher which has been disabled). This is not an
-     * error as far as ssl_create_cipher_list is concerned, and hence
-     * ctx->cipher_list and ctx->cipher_list_by_id has been updated.
-     */
-    if (sk == NULL)
-        return 0;
-    else if (sk_SSL_CIPHER_num(sk) == 0) {
-        SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
-        return 0;
-    }
-    return 1;
-}
-
-/** specify the ciphers to be used by the SSL */
-int SSL_set_cipher_list(SSL *s, const char *str)
-{
-    STACK_OF(SSL_CIPHER) *sk;
-
-    sk = ssl_create_cipher_list(s->ctx->method, &s->cipher_list,
-                                &s->cipher_list_by_id, str, s->cert);
-    /* see comment in SSL_CTX_set_cipher_list */
-    if (sk == NULL)
-        return 0;
-    else if (sk_SSL_CIPHER_num(sk) == 0) {
-        SSLerr(SSL_F_SSL_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
-        return 0;
-    }
-    return 1;
-}
-
-/* works well for SSLv2, not so good for SSLv3 */
-char *SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
-{
-    char *p;
-    STACK_OF(SSL_CIPHER) *sk;
-    SSL_CIPHER *c;
-    int i;
-
-    if ((s->session == NULL) || (s->session->ciphers == NULL) || (len < 2))
-        return (NULL);
-
-    p = buf;
-    sk = s->session->ciphers;
-
-    if (sk_SSL_CIPHER_num(sk) == 0)
-        return NULL;
-
-    for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
-        int n;
-
-        c = sk_SSL_CIPHER_value(sk, i);
-        n = strlen(c->name);
-        if (n + 1 > len) {
-            if (p != buf)
-                --p;
-            *p = '\0';
-            return buf;
-        }
-        strcpy(p, c->name);
-        p += n;
-        *(p++) = ':';
-        len -= n + 1;
-    }
-    p[-1] = '\0';
-    return (buf);
-}
-
-int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
-                             unsigned char *p,
-                             int (*put_cb) (const SSL_CIPHER *,
-                                            unsigned char *))
-{
-    int i, j = 0;
-    SSL_CIPHER *c;
-    CERT *ct = s->cert;
-    unsigned char *q;
-    int empty_reneg_info_scsv = !s->renegotiate;
-    /* Set disabled masks for this session */
-    ssl_set_client_disabled(s);
-
-    if (sk == NULL)
-        return (0);
-    q = p;
-    if (put_cb == NULL)
-        put_cb = s->method->put_cipher_by_char;
-
-    for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
-        c = sk_SSL_CIPHER_value(sk, i);
-        /* Skip disabled ciphers */
-        if (c->algorithm_ssl & ct->mask_ssl ||
-            c->algorithm_mkey & ct->mask_k || c->algorithm_auth & ct->mask_a)
-            continue;
-#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
-        if (c->id == SSL3_CK_SCSV) {
-            if (!empty_reneg_info_scsv)
-                continue;
-            else
-                empty_reneg_info_scsv = 0;
-        }
-#endif
-        j = put_cb(c, p);
-        p += j;
-    }
-    /*
-     * If p == q, no ciphers; caller indicates an error. Otherwise, add
-     * applicable SCSVs.
-     */
-    if (p != q) {
-        if (empty_reneg_info_scsv) {
-            static SSL_CIPHER scsv = {
-                0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
-            };
-            j = put_cb(&scsv, p);
-            p += j;
-#ifdef OPENSSL_RI_DEBUG
-            fprintf(stderr,
-                    "TLS_EMPTY_RENEGOTIATION_INFO_SCSV sent by client\n");
-#endif
-        }
-        if (s->mode & SSL_MODE_SEND_FALLBACK_SCSV) {
-            static SSL_CIPHER scsv = {
-                0, NULL, SSL3_CK_FALLBACK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
-            };
-            j = put_cb(&scsv, p);
-            p += j;
-        }
-    }
-
-    return (p - q);
-}
-
-STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
-                                               int num,
-                                               STACK_OF(SSL_CIPHER) **skp)
-{
-    const SSL_CIPHER *c;
-    STACK_OF(SSL_CIPHER) *sk;
-    int i, n;
-
-    if (s->s3)
-        s->s3->send_connection_binding = 0;
-
-    n = ssl_put_cipher_by_char(s, NULL, NULL);
-    if (n == 0 || (num % n) != 0) {
-        SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
-               SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
-        return (NULL);
-    }
-    if ((skp == NULL) || (*skp == NULL)) {
-        sk = sk_SSL_CIPHER_new_null(); /* change perhaps later */
-        if(sk == NULL) {
-            SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
-            return NULL;
-        }
-    } else {
-        sk = *skp;
-        sk_SSL_CIPHER_zero(sk);
-    }
-
-    if (s->cert->ciphers_raw)
-        OPENSSL_free(s->cert->ciphers_raw);
-    s->cert->ciphers_raw = BUF_memdup(p, num);
-    if (s->cert->ciphers_raw == NULL) {
-        SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-    s->cert->ciphers_rawlen = (size_t)num;
-
-    for (i = 0; i < num; i += n) {
-        /* Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV */
-        if (s->s3 && (n != 3 || !p[0]) &&
-            (p[n - 2] == ((SSL3_CK_SCSV >> 8) & 0xff)) &&
-            (p[n - 1] == (SSL3_CK_SCSV & 0xff))) {
-            /* SCSV fatal if renegotiating */
-            if (s->renegotiate) {
-                SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
-                       SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
-                ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
-                goto err;
-            }
-            s->s3->send_connection_binding = 1;
-            p += n;
-#ifdef OPENSSL_RI_DEBUG
-            fprintf(stderr, "SCSV received by server\n");
-#endif
-            continue;
-        }
-
-        /* Check for TLS_FALLBACK_SCSV */
-        if ((n != 3 || !p[0]) &&
-            (p[n - 2] == ((SSL3_CK_FALLBACK_SCSV >> 8) & 0xff)) &&
-            (p[n - 1] == (SSL3_CK_FALLBACK_SCSV & 0xff))) {
-            /*
-             * The SCSV indicates that the client previously tried a higher
-             * version. Fail if the current version is an unexpected
-             * downgrade.
-             */
-            if (!SSL_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, 0, NULL)) {
-                SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
-                       SSL_R_INAPPROPRIATE_FALLBACK);
-                if (s->s3)
-                    ssl3_send_alert(s, SSL3_AL_FATAL,
-                                    SSL_AD_INAPPROPRIATE_FALLBACK);
-                goto err;
-            }
-            p += n;
-            continue;
-        }
-
-        c = ssl_get_cipher_by_char(s, p);
-        p += n;
-        if (c != NULL) {
-            if (!sk_SSL_CIPHER_push(sk, c)) {
-                SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
-                goto err;
-            }
-        }
-    }
-
-    if (skp != NULL)
-        *skp = sk;
-    return (sk);
- err:
-    if ((skp == NULL) || (*skp == NULL))
-        sk_SSL_CIPHER_free(sk);
-    return (NULL);
-}
-
-#ifndef OPENSSL_NO_TLSEXT
-/** return a servername extension value if provided in Client Hello, or NULL.
- * So far, only host_name types are defined (RFC 3546).
- */
-
-const char *SSL_get_servername(const SSL *s, const int type)
-{
-    if (type != TLSEXT_NAMETYPE_host_name)
-        return NULL;
-
-    return s->session && !s->tlsext_hostname ?
-        s->session->tlsext_hostname : s->tlsext_hostname;
-}
-
-int SSL_get_servername_type(const SSL *s)
-{
-    if (s->session
-        && (!s->tlsext_hostname ? s->session->
-            tlsext_hostname : s->tlsext_hostname))
-        return TLSEXT_NAMETYPE_host_name;
-    return -1;
-}
-
-/*
- * SSL_select_next_proto implements the standard protocol selection. It is
- * expected that this function is called from the callback set by
- * SSL_CTX_set_next_proto_select_cb. The protocol data is assumed to be a
- * vector of 8-bit, length prefixed byte strings. The length byte itself is
- * not included in the length. A byte string of length 0 is invalid. No byte
- * string may be truncated. The current, but experimental algorithm for
- * selecting the protocol is: 1) If the server doesn't support NPN then this
- * is indicated to the callback. In this case, the client application has to
- * abort the connection or have a default application level protocol. 2) If
- * the server supports NPN, but advertises an empty list then the client
- * selects the first protcol in its list, but indicates via the API that this
- * fallback case was enacted. 3) Otherwise, the client finds the first
- * protocol in the server's list that it supports and selects this protocol.
- * This is because it's assumed that the server has better information about
- * which protocol a client should use. 4) If the client doesn't support any
- * of the server's advertised protocols, then this is treated the same as
- * case 2. It returns either OPENSSL_NPN_NEGOTIATED if a common protocol was
- * found, or OPENSSL_NPN_NO_OVERLAP if the fallback case was reached.
- */
-int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
-                          const unsigned char *server,
-                          unsigned int server_len,
-                          const unsigned char *client,
-                          unsigned int client_len)
-{
-    unsigned int i, j;
-    const unsigned char *result;
-    int status = OPENSSL_NPN_UNSUPPORTED;
-
-    /*
-     * For each protocol in server preference order, see if we support it.
-     */
-    for (i = 0; i < server_len;) {
-        for (j = 0; j < client_len;) {
-            if (server[i] == client[j] &&
-                memcmp(&server[i + 1], &client[j + 1], server[i]) == 0) {
-                /* We found a match */
-                result = &server[i];
-                status = OPENSSL_NPN_NEGOTIATED;
-                goto found;
-            }
-            j += client[j];
-            j++;
-        }
-        i += server[i];
-        i++;
-    }
-
-    /* There's no overlap between our protocols and the server's list. */
-    result = client;
-    status = OPENSSL_NPN_NO_OVERLAP;
-
- found:
-    *out = (unsigned char *)result + 1;
-    *outlen = result[0];
-    return status;
-}
-
-# ifndef OPENSSL_NO_NEXTPROTONEG
-/*
- * SSL_get0_next_proto_negotiated sets *data and *len to point to the
- * client's requested protocol for this connection and returns 0. If the
- * client didn't request any protocol, then *data is set to NULL. Note that
- * the client can request any protocol it chooses. The value returned from
- * this function need not be a member of the list of supported protocols
- * provided by the callback.
- */
-void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
-                                    unsigned *len)
-{
-    *data = s->next_proto_negotiated;
-    if (!*data) {
-        *len = 0;
-    } else {
-        *len = s->next_proto_negotiated_len;
-    }
-}
-
-/*
- * SSL_CTX_set_next_protos_advertised_cb sets a callback that is called when
- * a TLS server needs a list of supported protocols for Next Protocol
- * Negotiation. The returned list must be in wire format.  The list is
- * returned by setting |out| to point to it and |outlen| to its length. This
- * memory will not be modified, but one should assume that the SSL* keeps a
- * reference to it. The callback should return SSL_TLSEXT_ERR_OK if it
- * wishes to advertise. Otherwise, no such extension will be included in the
- * ServerHello.
- */
-void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx,
-                                           int (*cb) (SSL *ssl,
-                                                      const unsigned char
-                                                      **out,
-                                                      unsigned int *outlen,
-                                                      void *arg), void *arg)
-{
-    ctx->next_protos_advertised_cb = cb;
-    ctx->next_protos_advertised_cb_arg = arg;
-}
-
-/*
- * SSL_CTX_set_next_proto_select_cb sets a callback that is called when a
- * client needs to select a protocol from the server's provided list. |out|
- * must be set to point to the selected protocol (which may be within |in|).
- * The length of the protocol name must be written into |outlen|. The
- * server's advertised protocols are provided in |in| and |inlen|. The
- * callback can assume that |in| is syntactically valid. The client must
- * select a protocol. It is fatal to the connection if this callback returns
- * a value other than SSL_TLSEXT_ERR_OK.
- */
-void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx,
-                                      int (*cb) (SSL *s, unsigned char **out,
-                                                 unsigned char *outlen,
-                                                 const unsigned char *in,
-                                                 unsigned int inlen,
-                                                 void *arg), void *arg)
-{
-    ctx->next_proto_select_cb = cb;
-    ctx->next_proto_select_cb_arg = arg;
-}
-# endif
-
-/*
- * SSL_CTX_set_alpn_protos sets the ALPN protocol list on |ctx| to |protos|.
- * |protos| must be in wire-format (i.e. a series of non-empty, 8-bit
- * length-prefixed strings). Returns 0 on success.
- */
-int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
-                            unsigned protos_len)
-{
-    if (ctx->alpn_client_proto_list)
-        OPENSSL_free(ctx->alpn_client_proto_list);
-
-    ctx->alpn_client_proto_list = OPENSSL_malloc(protos_len);
-    if (!ctx->alpn_client_proto_list)
-        return 1;
-    memcpy(ctx->alpn_client_proto_list, protos, protos_len);
-    ctx->alpn_client_proto_list_len = protos_len;
-
-    return 0;
-}
-
-/*
- * SSL_set_alpn_protos sets the ALPN protocol list on |ssl| to |protos|.
- * |protos| must be in wire-format (i.e. a series of non-empty, 8-bit
- * length-prefixed strings). Returns 0 on success.
- */
-int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
-                        unsigned protos_len)
-{
-    if (ssl->alpn_client_proto_list)
-        OPENSSL_free(ssl->alpn_client_proto_list);
-
-    ssl->alpn_client_proto_list = OPENSSL_malloc(protos_len);
-    if (!ssl->alpn_client_proto_list)
-        return 1;
-    memcpy(ssl->alpn_client_proto_list, protos, protos_len);
-    ssl->alpn_client_proto_list_len = protos_len;
-
-    return 0;
-}
-
-/*
- * SSL_CTX_set_alpn_select_cb sets a callback function on |ctx| that is
- * called during ClientHello processing in order to select an ALPN protocol
- * from the client's list of offered protocols.
- */
-void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
-                                int (*cb) (SSL *ssl,
-                                           const unsigned char **out,
-                                           unsigned char *outlen,
-                                           const unsigned char *in,
-                                           unsigned int inlen,
-                                           void *arg), void *arg)
-{
-    ctx->alpn_select_cb = cb;
-    ctx->alpn_select_cb_arg = arg;
-}
-
-/*
- * SSL_get0_alpn_selected gets the selected ALPN protocol (if any) from
- * |ssl|. On return it sets |*data| to point to |*len| bytes of protocol name
- * (not including the leading length-prefix byte). If the server didn't
- * respond with a negotiated protocol then |*len| will be zero.
- */
-void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
-                            unsigned *len)
-{
-    *data = NULL;
-    if (ssl->s3)
-        *data = ssl->s3->alpn_selected;
-    if (*data == NULL)
-        *len = 0;
-    else
-        *len = ssl->s3->alpn_selected_len;
-}
-
-#endif                          /* !OPENSSL_NO_TLSEXT */
-
-int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
-                               const char *label, size_t llen,
-                               const unsigned char *p, size_t plen,
-                               int use_context)
-{
-    if (s->version < TLS1_VERSION && s->version != DTLS1_BAD_VER)
-        return -1;
-
-    return s->method->ssl3_enc->export_keying_material(s, out, olen, label,
-                                                       llen, p, plen,
-                                                       use_context);
-}
-
-static unsigned long ssl_session_hash(const SSL_SESSION *a)
-{
-    const unsigned char *session_id = a->session_id;
-    unsigned long l;
-    unsigned char tmp_storage[4];
-
-    if (a->session_id_length < sizeof(tmp_storage)) {
-        memset(tmp_storage, 0, sizeof(tmp_storage));
-        memcpy(tmp_storage, a->session_id, a->session_id_length);
-        session_id = tmp_storage;
-    }
-
-    l = (unsigned long)
-        ((unsigned long)session_id[0]) |
-        ((unsigned long)session_id[1] << 8L) |
-        ((unsigned long)session_id[2] << 16L) |
-        ((unsigned long)session_id[3] << 24L);
-    return (l);
-}
-
-/*
- * NB: If this function (or indeed the hash function which uses a sort of
- * coarser function than this one) is changed, ensure
- * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on
- * being able to construct an SSL_SESSION that will collide with any existing
- * session with a matching session ID.
- */
-static int ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b)
-{
-    if (a->ssl_version != b->ssl_version)
-        return (1);
-    if (a->session_id_length != b->session_id_length)
-        return (1);
-    return (memcmp(a->session_id, b->session_id, a->session_id_length));
-}
-
-/*
- * These wrapper functions should remain rather than redeclaring
- * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
- * variable. The reason is that the functions aren't static, they're exposed
- * via ssl.h.
- */
-static IMPLEMENT_LHASH_HASH_FN(ssl_session, SSL_SESSION)
-static IMPLEMENT_LHASH_COMP_FN(ssl_session, SSL_SESSION)
-
-SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
-{
-    SSL_CTX *ret = NULL;
-
-    if (meth == NULL) {
-        SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_NULL_SSL_METHOD_PASSED);
-        return (NULL);
-    }
-#ifdef OPENSSL_FIPS
-    if (FIPS_mode() && (meth->version < TLS1_VERSION)) {
-        SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
-        return NULL;
-    }
-#endif
-
-    if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
-        SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
-        goto err;
-    }
-    ret = (SSL_CTX *)OPENSSL_malloc(sizeof(SSL_CTX));
-    if (ret == NULL)
-        goto err;
-
-    memset(ret, 0, sizeof(SSL_CTX));
-
-    ret->method = meth;
-
-    ret->cert_store = NULL;
-    ret->session_cache_mode = SSL_SESS_CACHE_SERVER;
-    ret->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
-    ret->session_cache_head = NULL;
-    ret->session_cache_tail = NULL;
-
-    /* We take the system default */
-    ret->session_timeout = meth->get_timeout();
-
-    ret->new_session_cb = 0;
-    ret->remove_session_cb = 0;
-    ret->get_session_cb = 0;
-    ret->generate_session_id = 0;
-
-    memset((char *)&ret->stats, 0, sizeof(ret->stats));
-
-    ret->references = 1;
-    ret->quiet_shutdown = 0;
-
-/*  ret->cipher=NULL;*/
-/*-
-    ret->s2->challenge=NULL;
-    ret->master_key=NULL;
-    ret->key_arg=NULL;
-    ret->s2->conn_id=NULL; */
-
-    ret->info_callback = NULL;
-
-    ret->app_verify_callback = 0;
-    ret->app_verify_arg = NULL;
-
-    ret->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT;
-    ret->read_ahead = 0;
-    ret->msg_callback = 0;
-    ret->msg_callback_arg = NULL;
-    ret->verify_mode = SSL_VERIFY_NONE;
-#if 0
-    ret->verify_depth = -1;     /* Don't impose a limit (but x509_lu.c does) */
-#endif
-    ret->sid_ctx_length = 0;
-    ret->default_verify_callback = NULL;
-    if ((ret->cert = ssl_cert_new()) == NULL)
-        goto err;
-
-    ret->default_passwd_callback = 0;
-    ret->default_passwd_callback_userdata = NULL;
-    ret->client_cert_cb = 0;
-    ret->app_gen_cookie_cb = 0;
-    ret->app_verify_cookie_cb = 0;
-
-    ret->sessions = lh_SSL_SESSION_new();
-    if (ret->sessions == NULL)
-        goto err;
-    ret->cert_store = X509_STORE_new();
-    if (ret->cert_store == NULL)
-        goto err;
-
-    ssl_create_cipher_list(ret->method,
-                           &ret->cipher_list, &ret->cipher_list_by_id,
-                           meth->version ==
-                           SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST,
-                           ret->cert);
-    if (ret->cipher_list == NULL || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
-        SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS);
-        goto err2;
-    }
-
-    ret->param = X509_VERIFY_PARAM_new();
-    if (!ret->param)
-        goto err;
-
-    if ((ret->rsa_md5 = EVP_get_digestbyname("ssl2-md5")) == NULL) {
-        SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
-        goto err2;
-    }
-    if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) {
-        SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
-        goto err2;
-    }
-    if ((ret->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) {
-        SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
-        goto err2;
-    }
-
-    if ((ret->client_CA = sk_X509_NAME_new_null()) == NULL)
-        goto err;
-
-    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
-
-    ret->extra_certs = NULL;
-    /* No compression for DTLS */
-    if (!(meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS))
-        ret->comp_methods = SSL_COMP_get_compression_methods();
-
-    ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
-
-#ifndef OPENSSL_NO_TLSEXT
-    ret->tlsext_servername_callback = 0;
-    ret->tlsext_servername_arg = NULL;
-    /* Setup RFC4507 ticket keys */
-    if ((RAND_bytes(ret->tlsext_tick_key_name, 16) <= 0)
-        || (RAND_bytes(ret->tlsext_tick_hmac_key, 16) <= 0)
-        || (RAND_bytes(ret->tlsext_tick_aes_key, 16) <= 0))
-        ret->options |= SSL_OP_NO_TICKET;
-
-    ret->tlsext_status_cb = 0;
-    ret->tlsext_status_arg = NULL;
-
-# ifndef OPENSSL_NO_NEXTPROTONEG
-    ret->next_protos_advertised_cb = 0;
-    ret->next_proto_select_cb = 0;
-# endif
-#endif
-#ifndef OPENSSL_NO_PSK
-    ret->psk_identity_hint = NULL;
-    ret->psk_client_callback = NULL;
-    ret->psk_server_callback = NULL;
-#endif
-#ifndef OPENSSL_NO_SRP
-    SSL_CTX_SRP_CTX_init(ret);
-#endif
-#ifndef OPENSSL_NO_BUF_FREELISTS
-    ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT;
-    ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
-    if (!ret->rbuf_freelist)
-        goto err;
-    ret->rbuf_freelist->chunklen = 0;
-    ret->rbuf_freelist->len = 0;
-    ret->rbuf_freelist->head = NULL;
-    ret->wbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
-    if (!ret->wbuf_freelist)
-        goto err;
-    ret->wbuf_freelist->chunklen = 0;
-    ret->wbuf_freelist->len = 0;
-    ret->wbuf_freelist->head = NULL;
-#endif
-#ifndef OPENSSL_NO_ENGINE
-    ret->client_cert_engine = NULL;
-# ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
-#  define eng_strx(x)     #x
-#  define eng_str(x)      eng_strx(x)
-    /* Use specific client engine automatically... ignore errors */
-    {
-        ENGINE *eng;
-        eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
-        if (!eng) {
-            ERR_clear_error();
-            ENGINE_load_builtin_engines();
-            eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
-        }
-        if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng))
-            ERR_clear_error();
-    }
-# endif
-#endif
-    /*
-     * Default is to connect to non-RI servers. When RI is more widely
-     * deployed might change this.
-     */
-    ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
-
-    /*
-     * Disable SSLv2 by default, callers that want to enable SSLv2 will have to
-     * explicitly clear this option via either of SSL_CTX_clear_options() or
-     * SSL_clear_options().
-     */
-    ret->options |= SSL_OP_NO_SSLv2;
-
-    return (ret);
- err:
-    SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);
- err2:
-    if (ret != NULL)
-        SSL_CTX_free(ret);
-    return (NULL);
-}
-
-#if 0
-static void SSL_COMP_free(SSL_COMP *comp)
-{
-    OPENSSL_free(comp);
-}
-#endif
-
-#ifndef OPENSSL_NO_BUF_FREELISTS
-static void ssl_buf_freelist_free(SSL3_BUF_FREELIST *list)
-{
-    SSL3_BUF_FREELIST_ENTRY *ent, *next;
-    for (ent = list->head; ent; ent = next) {
-        next = ent->next;
-        OPENSSL_free(ent);
-    }
-    OPENSSL_free(list);
-}
-#endif
-
-void SSL_CTX_free(SSL_CTX *a)
-{
-    int i;
-
-    if (a == NULL)
-        return;
-
-    i = CRYPTO_add(&a->references, -1, CRYPTO_LOCK_SSL_CTX);
-#ifdef REF_PRINT
-    REF_PRINT("SSL_CTX", a);
-#endif
-    if (i > 0)
-        return;
-#ifdef REF_CHECK
-    if (i < 0) {
-        fprintf(stderr, "SSL_CTX_free, bad reference count\n");
-        abort();                /* ok */
-    }
-#endif
-
-    if (a->param)
-        X509_VERIFY_PARAM_free(a->param);
-
-    /*
-     * Free internal session cache. However: the remove_cb() may reference
-     * the ex_data of SSL_CTX, thus the ex_data store can only be removed
-     * after the sessions were flushed.
-     * As the ex_data handling routines might also touch the session cache,
-     * the most secure solution seems to be: empty (flush) the cache, then
-     * free ex_data, then finally free the cache.
-     * (See ticket [openssl.org #212].)
-     */
-    if (a->sessions != NULL)
-        SSL_CTX_flush_sessions(a, 0);
-
-    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
-
-    if (a->sessions != NULL)
-        lh_SSL_SESSION_free(a->sessions);
-
-    if (a->cert_store != NULL)
-        X509_STORE_free(a->cert_store);
-    if (a->cipher_list != NULL)
-        sk_SSL_CIPHER_free(a->cipher_list);
-    if (a->cipher_list_by_id != NULL)
-        sk_SSL_CIPHER_free(a->cipher_list_by_id);
-    if (a->cert != NULL)
-        ssl_cert_free(a->cert);
-    if (a->client_CA != NULL)
-        sk_X509_NAME_pop_free(a->client_CA, X509_NAME_free);
-    if (a->extra_certs != NULL)
-        sk_X509_pop_free(a->extra_certs, X509_free);
-#if 0                           /* This should never be done, since it
-                                 * removes a global database */
-    if (a->comp_methods != NULL)
-        sk_SSL_COMP_pop_free(a->comp_methods, SSL_COMP_free);
-#else
-    a->comp_methods = NULL;
-#endif
-
-#ifndef OPENSSL_NO_SRTP
-    if (a->srtp_profiles)
-        sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles);
-#endif
-
-#ifndef OPENSSL_NO_PSK
-    if (a->psk_identity_hint)
-        OPENSSL_free(a->psk_identity_hint);
-#endif
-#ifndef OPENSSL_NO_SRP
-    SSL_CTX_SRP_CTX_free(a);
-#endif
-#ifndef OPENSSL_NO_ENGINE
-    if (a->client_cert_engine)
-        ENGINE_finish(a->client_cert_engine);
-#endif
-
-#ifndef OPENSSL_NO_BUF_FREELISTS
-    if (a->wbuf_freelist)
-        ssl_buf_freelist_free(a->wbuf_freelist);
-    if (a->rbuf_freelist)
-        ssl_buf_freelist_free(a->rbuf_freelist);
-#endif
-#ifndef OPENSSL_NO_TLSEXT
-# ifndef OPENSSL_NO_EC
-    if (a->tlsext_ecpointformatlist)
-        OPENSSL_free(a->tlsext_ecpointformatlist);
-    if (a->tlsext_ellipticcurvelist)
-        OPENSSL_free(a->tlsext_ellipticcurvelist);
-# endif                         /* OPENSSL_NO_EC */
-    if (a->alpn_client_proto_list != NULL)
-        OPENSSL_free(a->alpn_client_proto_list);
-#endif
-
-    OPENSSL_free(a);
-}
-
-void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
-{
-    ctx->default_passwd_callback = cb;
-}
-
-void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u)
-{
-    ctx->default_passwd_callback_userdata = u;
-}
-
-void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
-                                      int (*cb) (X509_STORE_CTX *, void *),
-                                      void *arg)
-{
-    ctx->app_verify_callback = cb;
-    ctx->app_verify_arg = arg;
-}
-
-void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
-                        int (*cb) (int, X509_STORE_CTX *))
-{
-    ctx->verify_mode = mode;
-    ctx->default_verify_callback = cb;
-}
-
-void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth)
-{
-    X509_VERIFY_PARAM_set_depth(ctx->param, depth);
-}
-
-void SSL_CTX_set_cert_cb(SSL_CTX *c, int (*cb) (SSL *ssl, void *arg),
-                         void *arg)
-{
-    ssl_cert_set_cert_cb(c->cert, cb, arg);
-}
-
-void SSL_set_cert_cb(SSL *s, int (*cb) (SSL *ssl, void *arg), void *arg)
-{
-    ssl_cert_set_cert_cb(s->cert, cb, arg);
-}
-
-void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
-{
-    CERT_PKEY *cpk;
-    int rsa_enc, rsa_tmp, rsa_sign, dh_tmp, dh_rsa, dh_dsa, dsa_sign;
-    int rsa_enc_export, dh_rsa_export, dh_dsa_export;
-    int rsa_tmp_export, dh_tmp_export, kl;
-    unsigned long mask_k, mask_a, emask_k, emask_a;
-#ifndef OPENSSL_NO_ECDSA
-    int have_ecc_cert, ecdsa_ok, ecc_pkey_size;
-#endif
-#ifndef OPENSSL_NO_ECDH
-    int have_ecdh_tmp, ecdh_ok;
-#endif
-#ifndef OPENSSL_NO_EC
-    X509 *x = NULL;
-    EVP_PKEY *ecc_pkey = NULL;
-    int signature_nid = 0, pk_nid = 0, md_nid = 0;
-#endif
-    if (c == NULL)
-        return;
-
-    kl = SSL_C_EXPORT_PKEYLENGTH(cipher);
-
-#ifndef OPENSSL_NO_RSA
-    rsa_tmp = (c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
-    rsa_tmp_export = (c->rsa_tmp_cb != NULL ||
-                      (rsa_tmp && RSA_size(c->rsa_tmp) * 8 <= kl));
-#else
-    rsa_tmp = rsa_tmp_export = 0;
-#endif
-#ifndef OPENSSL_NO_DH
-    dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
-    dh_tmp_export = (c->dh_tmp_cb != NULL ||
-                     (dh_tmp && DH_size(c->dh_tmp) * 8 <= kl));
-#else
-    dh_tmp = dh_tmp_export = 0;
-#endif
-
-#ifndef OPENSSL_NO_ECDH
-    have_ecdh_tmp = (c->ecdh_tmp || c->ecdh_tmp_cb || c->ecdh_tmp_auto);
-#endif
-    cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]);
-    rsa_enc = cpk->valid_flags & CERT_PKEY_VALID;
-    rsa_enc_export = (rsa_enc && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
-    cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]);
-    rsa_sign = cpk->valid_flags & CERT_PKEY_SIGN;
-    cpk = &(c->pkeys[SSL_PKEY_DSA_SIGN]);
-    dsa_sign = cpk->valid_flags & CERT_PKEY_SIGN;
-    cpk = &(c->pkeys[SSL_PKEY_DH_RSA]);
-    dh_rsa = cpk->valid_flags & CERT_PKEY_VALID;
-    dh_rsa_export = (dh_rsa && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
-    cpk = &(c->pkeys[SSL_PKEY_DH_DSA]);
-/* FIX THIS EAY EAY EAY */
-    dh_dsa = cpk->valid_flags & CERT_PKEY_VALID;
-    dh_dsa_export = (dh_dsa && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
-    cpk = &(c->pkeys[SSL_PKEY_ECC]);
-#ifndef OPENSSL_NO_EC
-    have_ecc_cert = cpk->valid_flags & CERT_PKEY_VALID;
-#endif
-    mask_k = 0;
-    mask_a = 0;
-    emask_k = 0;
-    emask_a = 0;
-
-#ifdef CIPHER_DEBUG
-    fprintf(stderr,
-            "rt=%d rte=%d dht=%d ecdht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n",
-            rsa_tmp, rsa_tmp_export, dh_tmp, have_ecdh_tmp, rsa_enc,
-            rsa_enc_export, rsa_sign, dsa_sign, dh_rsa, dh_dsa);
-#endif
-
-    cpk = &(c->pkeys[SSL_PKEY_GOST01]);
-    if (cpk->x509 != NULL && cpk->privatekey != NULL) {
-        mask_k |= SSL_kGOST;
-        mask_a |= SSL_aGOST01;
-    }
-    cpk = &(c->pkeys[SSL_PKEY_GOST94]);
-    if (cpk->x509 != NULL && cpk->privatekey != NULL) {
-        mask_k |= SSL_kGOST;
-        mask_a |= SSL_aGOST94;
-    }
-
-    if (rsa_enc || (rsa_tmp && rsa_sign))
-        mask_k |= SSL_kRSA;
-    if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc)))
-        emask_k |= SSL_kRSA;
-
-#if 0
-    /* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
-    if ((dh_tmp || dh_rsa || dh_dsa) && (rsa_enc || rsa_sign || dsa_sign))
-        mask_k |= SSL_kEDH;
-    if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
-        (rsa_enc || rsa_sign || dsa_sign))
-        emask_k |= SSL_kEDH;
-#endif
-
-    if (dh_tmp_export)
-        emask_k |= SSL_kEDH;
-
-    if (dh_tmp)
-        mask_k |= SSL_kEDH;
-
-    if (dh_rsa)
-        mask_k |= SSL_kDHr;
-    if (dh_rsa_export)
-        emask_k |= SSL_kDHr;
-
-    if (dh_dsa)
-        mask_k |= SSL_kDHd;
-    if (dh_dsa_export)
-        emask_k |= SSL_kDHd;
-
-    if (mask_k & (SSL_kDHr | SSL_kDHd))
-        mask_a |= SSL_aDH;
-
-    if (rsa_enc || rsa_sign) {
-        mask_a |= SSL_aRSA;
-        emask_a |= SSL_aRSA;
-    }
-
-    if (dsa_sign) {
-        mask_a |= SSL_aDSS;
-        emask_a |= SSL_aDSS;
-    }
-
-    mask_a |= SSL_aNULL;
-    emask_a |= SSL_aNULL;
-
-#ifndef OPENSSL_NO_KRB5
-    mask_k |= SSL_kKRB5;
-    mask_a |= SSL_aKRB5;
-    emask_k |= SSL_kKRB5;
-    emask_a |= SSL_aKRB5;
-#endif
-
-    /*
-     * An ECC certificate may be usable for ECDH and/or ECDSA cipher suites
-     * depending on the key usage extension.
-     */
-#ifndef OPENSSL_NO_EC
-    if (have_ecc_cert) {
-        cpk = &c->pkeys[SSL_PKEY_ECC];
-        x = cpk->x509;
-        /* This call populates extension flags (ex_flags) */
-        X509_check_purpose(x, -1, 0);
-# ifndef OPENSSL_NO_ECDH
-        ecdh_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
-            (x->ex_kusage & X509v3_KU_KEY_AGREEMENT) : 1;
-# endif
-        ecdsa_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
-            (x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) : 1;
-        if (!(cpk->valid_flags & CERT_PKEY_SIGN))
-            ecdsa_ok = 0;
-        ecc_pkey = X509_get_pubkey(x);
-        ecc_pkey_size = (ecc_pkey != NULL) ? EVP_PKEY_bits(ecc_pkey) : 0;
-        EVP_PKEY_free(ecc_pkey);
-        if ((x->sig_alg) && (x->sig_alg->algorithm)) {
-            signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
-            OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
-        }
-# ifndef OPENSSL_NO_ECDH
-        if (ecdh_ok) {
-
-            if (pk_nid == NID_rsaEncryption || pk_nid == NID_rsa) {
-                mask_k |= SSL_kECDHr;
-                mask_a |= SSL_aECDH;
-                if (ecc_pkey_size <= 163) {
-                    emask_k |= SSL_kECDHr;
-                    emask_a |= SSL_aECDH;
-                }
-            }
-
-            if (pk_nid == NID_X9_62_id_ecPublicKey) {
-                mask_k |= SSL_kECDHe;
-                mask_a |= SSL_aECDH;
-                if (ecc_pkey_size <= 163) {
-                    emask_k |= SSL_kECDHe;
-                    emask_a |= SSL_aECDH;
-                }
-            }
-        }
-# endif
-# ifndef OPENSSL_NO_ECDSA
-        if (ecdsa_ok) {
-            mask_a |= SSL_aECDSA;
-            emask_a |= SSL_aECDSA;
-        }
-# endif
-    }
-#endif
-
-#ifndef OPENSSL_NO_ECDH
-    if (have_ecdh_tmp) {
-        mask_k |= SSL_kEECDH;
-        emask_k |= SSL_kEECDH;
-    }
-#endif
-
-#ifndef OPENSSL_NO_PSK
-    mask_k |= SSL_kPSK;
-    mask_a |= SSL_aPSK;
-    emask_k |= SSL_kPSK;
-    emask_a |= SSL_aPSK;
-#endif
-
-    c->mask_k = mask_k;
-    c->mask_a = mask_a;
-    c->export_mask_k = emask_k;
-    c->export_mask_a = emask_a;
-    c->valid = 1;
-}
-
-/* This handy macro borrowed from crypto/x509v3/v3_purp.c */
-#define ku_reject(x, usage) \
-        (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
-
-#ifndef OPENSSL_NO_EC
-
-int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
-{
-    unsigned long alg_k, alg_a;
-    EVP_PKEY *pkey = NULL;
-    int keysize = 0;
-    int signature_nid = 0, md_nid = 0, pk_nid = 0;
-    const SSL_CIPHER *cs = s->s3->tmp.new_cipher;
-
-    alg_k = cs->algorithm_mkey;
-    alg_a = cs->algorithm_auth;
-
-    if (SSL_C_IS_EXPORT(cs)) {
-        /* ECDH key length in export ciphers must be <= 163 bits */
-        pkey = X509_get_pubkey(x);
-        if (pkey == NULL)
-            return 0;
-        keysize = EVP_PKEY_bits(pkey);
-        EVP_PKEY_free(pkey);
-        if (keysize > 163)
-            return 0;
-    }
-
-    /* This call populates the ex_flags field correctly */
-    X509_check_purpose(x, -1, 0);
-    if ((x->sig_alg) && (x->sig_alg->algorithm)) {
-        signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
-        OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
-    }
-    if (alg_k & SSL_kECDHe || alg_k & SSL_kECDHr) {
-        /* key usage, if present, must allow key agreement */
-        if (ku_reject(x, X509v3_KU_KEY_AGREEMENT)) {
-            SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
-                   SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT);
-            return 0;
-        }
-        if ((alg_k & SSL_kECDHe) && TLS1_get_version(s) < TLS1_2_VERSION) {
-            /* signature alg must be ECDSA */
-            if (pk_nid != NID_X9_62_id_ecPublicKey) {
-                SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
-                       SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE);
-                return 0;
-            }
-        }
-        if ((alg_k & SSL_kECDHr) && TLS1_get_version(s) < TLS1_2_VERSION) {
-            /* signature alg must be RSA */
-
-            if (pk_nid != NID_rsaEncryption && pk_nid != NID_rsa) {
-                SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
-                       SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE);
-                return 0;
-            }
-        }
-    }
-    if (alg_a & SSL_aECDSA) {
-        /* key usage, if present, must allow signing */
-        if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE)) {
-            SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
-                   SSL_R_ECC_CERT_NOT_FOR_SIGNING);
-            return 0;
-        }
-    }
-
-    return 1;                   /* all checks are ok */
-}
-
-#endif
-
-static int ssl_get_server_cert_index(const SSL *s)
-{
-    int idx;
-    idx = ssl_cipher_get_cert_index(s->s3->tmp.new_cipher);
-    if (idx == SSL_PKEY_RSA_ENC && !s->cert->pkeys[SSL_PKEY_RSA_ENC].x509)
-        idx = SSL_PKEY_RSA_SIGN;
-    if (idx == -1)
-        SSLerr(SSL_F_SSL_GET_SERVER_CERT_INDEX, ERR_R_INTERNAL_ERROR);
-    return idx;
-}
-
-CERT_PKEY *ssl_get_server_send_pkey(const SSL *s)
-{
-    CERT *c;
-    int i;
-
-    c = s->cert;
-    if (!s->s3 || !s->s3->tmp.new_cipher)
-        return NULL;
-    ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
-
-#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
-    /*
-     * Broken protocol test: return last used certificate: which may mismatch
-     * the one expected.
-     */
-    if (c->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL)
-        return c->key;
-#endif
-
-    i = ssl_get_server_cert_index(s);
-
-    /* This may or may not be an error. */
-    if (i < 0)
-        return NULL;
-
-    /* May be NULL. */
-    return &c->pkeys[i];
-}
-
-EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher,
-                            const EVP_MD **pmd)
-{
-    unsigned long alg_a;
-    CERT *c;
-    int idx = -1;
-
-    alg_a = cipher->algorithm_auth;
-    c = s->cert;
-
-#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
-    /*
-     * Broken protocol test: use last key: which may mismatch the one
-     * expected.
-     */
-    if (c->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL)
-        idx = c->key - c->pkeys;
-    else
-#endif
-
-    if ((alg_a & SSL_aDSS) &&
-            (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
-        idx = SSL_PKEY_DSA_SIGN;
-    else if (alg_a & SSL_aRSA) {
-        if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
-            idx = SSL_PKEY_RSA_SIGN;
-        else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
-            idx = SSL_PKEY_RSA_ENC;
-    } else if ((alg_a & SSL_aECDSA) &&
-               (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
-        idx = SSL_PKEY_ECC;
-    if (idx == -1) {
-        SSLerr(SSL_F_SSL_GET_SIGN_PKEY, ERR_R_INTERNAL_ERROR);
-        return (NULL);
-    }
-    if (pmd)
-        *pmd = c->pkeys[idx].digest;
-    return c->pkeys[idx].privatekey;
-}
-
-#ifndef OPENSSL_NO_TLSEXT
-int ssl_get_server_cert_serverinfo(SSL *s, const unsigned char **serverinfo,
-                                   size_t *serverinfo_length)
-{
-    CERT *c = NULL;
-    int i = 0;
-    *serverinfo_length = 0;
-
-    c = s->cert;
-    i = ssl_get_server_cert_index(s);
-
-    if (i == -1)
-        return 0;
-    if (c->pkeys[i].serverinfo == NULL)
-        return 0;
-
-    *serverinfo = c->pkeys[i].serverinfo;
-    *serverinfo_length = c->pkeys[i].serverinfo_length;
-    return 1;
-}
-#endif
-
-void ssl_update_cache(SSL *s, int mode)
-{
-    int i;
-
-    /*
-     * If the session_id_length is 0, we are not supposed to cache it, and it
-     * would be rather hard to do anyway :-)
-     */
-    if (s->session->session_id_length == 0)
-        return;
-
-    i = s->session_ctx->session_cache_mode;
-    if ((i & mode) && (!s->hit)
-        && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
-            || SSL_CTX_add_session(s->session_ctx, s->session))
-        && (s->session_ctx->new_session_cb != NULL)) {
-        CRYPTO_add(&s->session->references, 1, CRYPTO_LOCK_SSL_SESSION);
-        if (!s->session_ctx->new_session_cb(s, s->session))
-            SSL_SESSION_free(s->session);
-    }
-
-    /* auto flush every 255 connections */
-    if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) && ((i & mode) == mode)) {
-        if ((((mode & SSL_SESS_CACHE_CLIENT)
-              ? s->session_ctx->stats.sess_connect_good
-              : s->session_ctx->stats.sess_accept_good) & 0xff) == 0xff) {
-            SSL_CTX_flush_sessions(s->session_ctx, (unsigned long)time(NULL));
-        }
-    }
-}
-
-const SSL_METHOD *SSL_CTX_get_ssl_method(SSL_CTX *ctx)
-{
-    return ctx->method;
-}
-
-const SSL_METHOD *SSL_get_ssl_method(SSL *s)
-{
-    return (s->method);
-}
-
-int SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth)
-{
-    int conn = -1;
-    int ret = 1;
-
-    if (s->method != meth) {
-        if (s->handshake_func != NULL)
-            conn = (s->handshake_func == s->method->ssl_connect);
-
-        if (s->method->version == meth->version)
-            s->method = meth;
-        else {
-            s->method->ssl_free(s);
-            s->method = meth;
-            ret = s->method->ssl_new(s);
-        }
-
-        if (conn == 1)
-            s->handshake_func = meth->ssl_connect;
-        else if (conn == 0)
-            s->handshake_func = meth->ssl_accept;
-    }
-    return (ret);
-}
-
-int SSL_get_error(const SSL *s, int i)
-{
-    int reason;
-    unsigned long l;
-    BIO *bio;
-
-    if (i > 0)
-        return (SSL_ERROR_NONE);
-
-    /*
-     * Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake etc,
-     * where we do encode the error
-     */
-    if ((l = ERR_peek_error()) != 0) {
-        if (ERR_GET_LIB(l) == ERR_LIB_SYS)
-            return (SSL_ERROR_SYSCALL);
-        else
-            return (SSL_ERROR_SSL);
-    }
-
-    if ((i < 0) && SSL_want_read(s)) {
-        bio = SSL_get_rbio(s);
-        if (BIO_should_read(bio))
-            return (SSL_ERROR_WANT_READ);
-        else if (BIO_should_write(bio))
-            /*
-             * This one doesn't make too much sense ... We never try to write
-             * to the rbio, and an application program where rbio and wbio
-             * are separate couldn't even know what it should wait for.
-             * However if we ever set s->rwstate incorrectly (so that we have
-             * SSL_want_read(s) instead of SSL_want_write(s)) and rbio and
-             * wbio *are* the same, this test works around that bug; so it
-             * might be safer to keep it.
-             */
-            return (SSL_ERROR_WANT_WRITE);
-        else if (BIO_should_io_special(bio)) {
-            reason = BIO_get_retry_reason(bio);
-            if (reason == BIO_RR_CONNECT)
-                return (SSL_ERROR_WANT_CONNECT);
-            else if (reason == BIO_RR_ACCEPT)
-                return (SSL_ERROR_WANT_ACCEPT);
-            else
-                return (SSL_ERROR_SYSCALL); /* unknown */
-        }
-    }
-
-    if ((i < 0) && SSL_want_write(s)) {
-        bio = SSL_get_wbio(s);
-        if (BIO_should_write(bio))
-            return (SSL_ERROR_WANT_WRITE);
-        else if (BIO_should_read(bio))
-            /*
-             * See above (SSL_want_read(s) with BIO_should_write(bio))
-             */
-            return (SSL_ERROR_WANT_READ);
-        else if (BIO_should_io_special(bio)) {
-            reason = BIO_get_retry_reason(bio);
-            if (reason == BIO_RR_CONNECT)
-                return (SSL_ERROR_WANT_CONNECT);
-            else if (reason == BIO_RR_ACCEPT)
-                return (SSL_ERROR_WANT_ACCEPT);
-            else
-                return (SSL_ERROR_SYSCALL);
-        }
-    }
-    if ((i < 0) && SSL_want_x509_lookup(s)) {
-        return (SSL_ERROR_WANT_X509_LOOKUP);
-    }
-
-    if (i == 0) {
-        if (s->version == SSL2_VERSION) {
-            /* assume it is the socket being closed */
-            return (SSL_ERROR_ZERO_RETURN);
-        } else {
-            if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
-                (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
-                return (SSL_ERROR_ZERO_RETURN);
-        }
-    }
-    return (SSL_ERROR_SYSCALL);
-}
-
-int SSL_do_handshake(SSL *s)
-{
-    int ret = 1;
-
-    if (s->handshake_func == NULL) {
-        SSLerr(SSL_F_SSL_DO_HANDSHAKE, SSL_R_CONNECTION_TYPE_NOT_SET);
-        return (-1);
-    }
-
-    s->method->ssl_renegotiate_check(s);
-
-    if (SSL_in_init(s) || SSL_in_before(s)) {
-        ret = s->handshake_func(s);
-    }
-    return (ret);
-}
-
-/*
- * For the next 2 functions, SSL_clear() sets shutdown and so one of these
- * calls will reset it
- */
-void SSL_set_accept_state(SSL *s)
-{
-    s->server = 1;
-    s->shutdown = 0;
-    s->state = SSL_ST_ACCEPT | SSL_ST_BEFORE;
-    s->handshake_func = s->method->ssl_accept;
-    /* clear the current cipher */
-    ssl_clear_cipher_ctx(s);
-    ssl_clear_hash_ctx(&s->read_hash);
-    ssl_clear_hash_ctx(&s->write_hash);
-}
-
-void SSL_set_connect_state(SSL *s)
-{
-    s->server = 0;
-    s->shutdown = 0;
-    s->state = SSL_ST_CONNECT | SSL_ST_BEFORE;
-    s->handshake_func = s->method->ssl_connect;
-    /* clear the current cipher */
-    ssl_clear_cipher_ctx(s);
-    ssl_clear_hash_ctx(&s->read_hash);
-    ssl_clear_hash_ctx(&s->write_hash);
-}
-
-int ssl_undefined_function(SSL *s)
-{
-    SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-    return (0);
-}
-
-int ssl_undefined_void_function(void)
-{
-    SSLerr(SSL_F_SSL_UNDEFINED_VOID_FUNCTION,
-           ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-    return (0);
-}
-
-int ssl_undefined_const_function(const SSL *s)
-{
-    SSLerr(SSL_F_SSL_UNDEFINED_CONST_FUNCTION,
-           ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-    return (0);
-}
-
-SSL_METHOD *ssl_bad_method(int ver)
-{
-    SSLerr(SSL_F_SSL_BAD_METHOD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-    return (NULL);
-}
-
-const char *SSL_get_version(const SSL *s)
-{
-    if (s->version == TLS1_2_VERSION)
-        return ("TLSv1.2");
-    else if (s->version == TLS1_1_VERSION)
-        return ("TLSv1.1");
-    else if (s->version == TLS1_VERSION)
-        return ("TLSv1");
-    else if (s->version == SSL3_VERSION)
-        return ("SSLv3");
-    else if (s->version == SSL2_VERSION)
-        return ("SSLv2");
-    else if (s->version == DTLS1_BAD_VER)
-        return ("DTLSv0.9");
-    else if (s->version == DTLS1_VERSION)
-        return ("DTLSv1");
-    else if (s->version == DTLS1_2_VERSION)
-        return ("DTLSv1.2");
-    else
-        return ("unknown");
-}
-
-SSL *SSL_dup(SSL *s)
-{
-    STACK_OF(X509_NAME) *sk;
-    X509_NAME *xn;
-    SSL *ret;
-    int i;
-
-    if ((ret = SSL_new(SSL_get_SSL_CTX(s))) == NULL)
-        return (NULL);
-
-    ret->version = s->version;
-    ret->type = s->type;
-    ret->method = s->method;
-
-    if (s->session != NULL) {
-        /* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
-        SSL_copy_session_id(ret, s);
-    } else {
-        /*
-         * No session has been established yet, so we have to expect that
-         * s->cert or ret->cert will be changed later -- they should not both
-         * point to the same object, and thus we can't use
-         * SSL_copy_session_id.
-         */
-
-        ret->method->ssl_free(ret);
-        ret->method = s->method;
-        ret->method->ssl_new(ret);
-
-        if (s->cert != NULL) {
-            if (ret->cert != NULL) {
-                ssl_cert_free(ret->cert);
-            }
-            ret->cert = ssl_cert_dup(s->cert);
-            if (ret->cert == NULL)
-                goto err;
-        }
-
-        SSL_set_session_id_context(ret, s->sid_ctx, s->sid_ctx_length);
-    }
-
-    ret->options = s->options;
-    ret->mode = s->mode;
-    SSL_set_max_cert_list(ret, SSL_get_max_cert_list(s));
-    SSL_set_read_ahead(ret, SSL_get_read_ahead(s));
-    ret->msg_callback = s->msg_callback;
-    ret->msg_callback_arg = s->msg_callback_arg;
-    SSL_set_verify(ret, SSL_get_verify_mode(s), SSL_get_verify_callback(s));
-    SSL_set_verify_depth(ret, SSL_get_verify_depth(s));
-    ret->generate_session_id = s->generate_session_id;
-
-    SSL_set_info_callback(ret, SSL_get_info_callback(s));
-
-    ret->debug = s->debug;
-
-    /* copy app data, a little dangerous perhaps */
-    if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL, &ret->ex_data, &s->ex_data))
-        goto err;
-
-    /* setup rbio, and wbio */
-    if (s->rbio != NULL) {
-        if (!BIO_dup_state(s->rbio, (char *)&ret->rbio))
-            goto err;
-    }
-    if (s->wbio != NULL) {
-        if (s->wbio != s->rbio) {
-            if (!BIO_dup_state(s->wbio, (char *)&ret->wbio))
-                goto err;
-        } else
-            ret->wbio = ret->rbio;
-    }
-    ret->rwstate = s->rwstate;
-    ret->in_handshake = s->in_handshake;
-    ret->handshake_func = s->handshake_func;
-    ret->server = s->server;
-    ret->renegotiate = s->renegotiate;
-    ret->new_session = s->new_session;
-    ret->quiet_shutdown = s->quiet_shutdown;
-    ret->shutdown = s->shutdown;
-    ret->state = s->state;      /* SSL_dup does not really work at any state,
-                                 * though */
-    ret->rstate = s->rstate;
-    ret->init_num = 0;          /* would have to copy ret->init_buf,
-                                 * ret->init_msg, ret->init_num,
-                                 * ret->init_off */
-    ret->hit = s->hit;
-
-    X509_VERIFY_PARAM_inherit(ret->param, s->param);
-
-    /* dup the cipher_list and cipher_list_by_id stacks */
-    if (s->cipher_list != NULL) {
-        if ((ret->cipher_list = sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
-            goto err;
-    }
-    if (s->cipher_list_by_id != NULL)
-        if ((ret->cipher_list_by_id = sk_SSL_CIPHER_dup(s->cipher_list_by_id))
-            == NULL)
-            goto err;
-
-    /* Dup the client_CA list */
-    if (s->client_CA != NULL) {
-        if ((sk = sk_X509_NAME_dup(s->client_CA)) == NULL)
-            goto err;
-        ret->client_CA = sk;
-        for (i = 0; i < sk_X509_NAME_num(sk); i++) {
-            xn = sk_X509_NAME_value(sk, i);
-            if (sk_X509_NAME_set(sk, i, X509_NAME_dup(xn)) == NULL) {
-                X509_NAME_free(xn);
-                goto err;
-            }
-        }
-    }
-
-    if (0) {
- err:
-        if (ret != NULL)
-            SSL_free(ret);
-        ret = NULL;
-    }
-    return (ret);
-}
-
-void ssl_clear_cipher_ctx(SSL *s)
-{
-    if (s->enc_read_ctx != NULL) {
-        EVP_CIPHER_CTX_cleanup(s->enc_read_ctx);
-        OPENSSL_free(s->enc_read_ctx);
-        s->enc_read_ctx = NULL;
-    }
-    if (s->enc_write_ctx != NULL) {
-        EVP_CIPHER_CTX_cleanup(s->enc_write_ctx);
-        OPENSSL_free(s->enc_write_ctx);
-        s->enc_write_ctx = NULL;
-    }
-#ifndef OPENSSL_NO_COMP
-    if (s->expand != NULL) {
-        COMP_CTX_free(s->expand);
-        s->expand = NULL;
-    }
-    if (s->compress != NULL) {
-        COMP_CTX_free(s->compress);
-        s->compress = NULL;
-    }
-#endif
-}
-
-X509 *SSL_get_certificate(const SSL *s)
-{
-    if (s->cert != NULL)
-        return (s->cert->key->x509);
-    else
-        return (NULL);
-}
-
-EVP_PKEY *SSL_get_privatekey(const SSL *s)
-{
-    if (s->cert != NULL)
-        return (s->cert->key->privatekey);
-    else
-        return (NULL);
-}
-
-X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx)
-{
-    if (ctx->cert != NULL)
-        return ctx->cert->key->x509;
-    else
-        return NULL;
-}
-
-EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx)
-{
-    if (ctx->cert != NULL)
-        return ctx->cert->key->privatekey;
-    else
-        return NULL;
-}
-
-const SSL_CIPHER *SSL_get_current_cipher(const SSL *s)
-{
-    if ((s->session != NULL) && (s->session->cipher != NULL))
-        return (s->session->cipher);
-    return (NULL);
-}
-
-#ifdef OPENSSL_NO_COMP
-const COMP_METHOD *SSL_get_current_compression(SSL *s)
-{
-    return NULL;
-}
-
-const COMP_METHOD *SSL_get_current_expansion(SSL *s)
-{
-    return NULL;
-}
-#else
-
-const COMP_METHOD *SSL_get_current_compression(SSL *s)
-{
-    if (s->compress != NULL)
-        return (s->compress->meth);
-    return (NULL);
-}
-
-const COMP_METHOD *SSL_get_current_expansion(SSL *s)
-{
-    if (s->expand != NULL)
-        return (s->expand->meth);
-    return (NULL);
-}
-#endif
-
-int ssl_init_wbio_buffer(SSL *s, int push)
-{
-    BIO *bbio;
-
-    if (s->bbio == NULL) {
-        bbio = BIO_new(BIO_f_buffer());
-        if (bbio == NULL)
-            return (0);
-        s->bbio = bbio;
-    } else {
-        bbio = s->bbio;
-        if (s->bbio == s->wbio)
-            s->wbio = BIO_pop(s->wbio);
-    }
-    (void)BIO_reset(bbio);
-/*      if (!BIO_set_write_buffer_size(bbio,16*1024)) */
-    if (!BIO_set_read_buffer_size(bbio, 1)) {
-        SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER, ERR_R_BUF_LIB);
-        return (0);
-    }
-    if (push) {
-        if (s->wbio != bbio)
-            s->wbio = BIO_push(bbio, s->wbio);
-    } else {
-        if (s->wbio == bbio)
-            s->wbio = BIO_pop(bbio);
-    }
-    return (1);
-}
-
-void ssl_free_wbio_buffer(SSL *s)
-{
-    if (s->bbio == NULL)
-        return;
-
-    if (s->bbio == s->wbio) {
-        /* remove buffering */
-        s->wbio = BIO_pop(s->wbio);
-#ifdef REF_CHECK                /* not the usual REF_CHECK, but this avoids
-                                 * adding one more preprocessor symbol */
-        assert(s->wbio != NULL);
-#endif
-    }
-    BIO_free(s->bbio);
-    s->bbio = NULL;
-}
-
-void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode)
-{
-    ctx->quiet_shutdown = mode;
-}
-
-int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
-{
-    return (ctx->quiet_shutdown);
-}
-
-void SSL_set_quiet_shutdown(SSL *s, int mode)
-{
-    s->quiet_shutdown = mode;
-}
-
-int SSL_get_quiet_shutdown(const SSL *s)
-{
-    return (s->quiet_shutdown);
-}
-
-void SSL_set_shutdown(SSL *s, int mode)
-{
-    s->shutdown = mode;
-}
-
-int SSL_get_shutdown(const SSL *s)
-{
-    return (s->shutdown);
-}
-
-int SSL_version(const SSL *s)
-{
-    return (s->version);
-}
-
-SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl)
-{
-    return (ssl->ctx);
-}
-
-SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx)
-{
-    CERT *ocert = ssl->cert;
-    if (ssl->ctx == ctx)
-        return ssl->ctx;
-#ifndef OPENSSL_NO_TLSEXT
-    if (ctx == NULL)
-        ctx = ssl->initial_ctx;
-#endif
-    ssl->cert = ssl_cert_dup(ctx->cert);
-    if (ocert) {
-        /* Preserve any already negotiated parameters */
-        if (ssl->server) {
-            ssl->cert->peer_sigalgs = ocert->peer_sigalgs;
-            ssl->cert->peer_sigalgslen = ocert->peer_sigalgslen;
-            ocert->peer_sigalgs = NULL;
-            ssl->cert->ciphers_raw = ocert->ciphers_raw;
-            ssl->cert->ciphers_rawlen = ocert->ciphers_rawlen;
-            ocert->ciphers_raw = NULL;
-        }
-#ifndef OPENSSL_NO_TLSEXT
-        ssl->cert->alpn_proposed = ocert->alpn_proposed;
-        ssl->cert->alpn_proposed_len = ocert->alpn_proposed_len;
-        ocert->alpn_proposed = NULL;
-        ssl->cert->alpn_sent = ocert->alpn_sent;
-
-        if (!custom_exts_copy_flags(&ssl->cert->srv_ext, &ocert->srv_ext))
-            return NULL;
-#endif
-        ssl_cert_free(ocert);
-    }
-
-    /*
-     * Program invariant: |sid_ctx| has fixed size (SSL_MAX_SID_CTX_LENGTH),
-     * so setter APIs must prevent invalid lengths from entering the system.
-     */
-    OPENSSL_assert(ssl->sid_ctx_length <= sizeof(ssl->sid_ctx));
-
-    /*
-     * If the session ID context matches that of the parent SSL_CTX,
-     * inherit it from the new SSL_CTX as well. If however the context does
-     * not match (i.e., it was set per-ssl with SSL_set_session_id_context),
-     * leave it unchanged.
-     */
-    if ((ssl->ctx != NULL) &&
-        (ssl->sid_ctx_length == ssl->ctx->sid_ctx_length) &&
-        (memcmp(ssl->sid_ctx, ssl->ctx->sid_ctx, ssl->sid_ctx_length) == 0)) {
-        ssl->sid_ctx_length = ctx->sid_ctx_length;
-        memcpy(&ssl->sid_ctx, &ctx->sid_ctx, sizeof(ssl->sid_ctx));
-    }
-
-    CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
-    if (ssl->ctx != NULL)
-        SSL_CTX_free(ssl->ctx); /* decrement reference count */
-    ssl->ctx = ctx;
-
-    return (ssl->ctx);
-}
-
-#ifndef OPENSSL_NO_STDIO
-int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
-{
-    return (X509_STORE_set_default_paths(ctx->cert_store));
-}
-
-int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
-                                  const char *CApath)
-{
-    return (X509_STORE_load_locations(ctx->cert_store, CAfile, CApath));
-}
-#endif
-
-void SSL_set_info_callback(SSL *ssl,
-                           void (*cb) (const SSL *ssl, int type, int val))
-{
-    ssl->info_callback = cb;
-}
-
-/*
- * One compiler (Diab DCC) doesn't like argument names in returned function
- * pointer.
- */
-void (*SSL_get_info_callback(const SSL *ssl)) (const SSL * /* ssl */ ,
-                                               int /* type */ ,
-                                               int /* val */ ) {
-    return ssl->info_callback;
-}
-
-int SSL_state(const SSL *ssl)
-{
-    return (ssl->state);
-}
-
-void SSL_set_state(SSL *ssl, int state)
-{
-    ssl->state = state;
-}
-
-void SSL_set_verify_result(SSL *ssl, long arg)
-{
-    ssl->verify_result = arg;
-}
-
-long SSL_get_verify_result(const SSL *ssl)
-{
-    return (ssl->verify_result);
-}
-
-int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-                         CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
-                                   new_func, dup_func, free_func);
-}
-
-int SSL_set_ex_data(SSL *s, int idx, void *arg)
-{
-    return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
-}
-
-void *SSL_get_ex_data(const SSL *s, int idx)
-{
-    return (CRYPTO_get_ex_data(&s->ex_data, idx));
-}
-
-int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-                             CRYPTO_EX_dup *dup_func,
-                             CRYPTO_EX_free *free_func)
-{
-    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
-                                   new_func, dup_func, free_func);
-}
-
-int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg)
-{
-    return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
-}
-
-void *SSL_CTX_get_ex_data(const SSL_CTX *s, int idx)
-{
-    return (CRYPTO_get_ex_data(&s->ex_data, idx));
-}
-
-int ssl_ok(SSL *s)
-{
-    return (1);
-}
-
-X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx)
-{
-    return (ctx->cert_store);
-}
-
-void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store)
-{
-    if (ctx->cert_store != NULL)
-        X509_STORE_free(ctx->cert_store);
-    ctx->cert_store = store;
-}
-
-int SSL_want(const SSL *s)
-{
-    return (s->rwstate);
-}
-
-/**
- * \brief Set the callback for generating temporary RSA keys.
- * \param ctx the SSL context.
- * \param cb the callback
- */
-
-#ifndef OPENSSL_NO_RSA
-void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb) (SSL *ssl,
-                                                            int is_export,
-                                                            int keylength))
-{
-    SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_RSA_CB, (void (*)(void))cb);
-}
-
-void SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb) (SSL *ssl,
-                                                    int is_export,
-                                                    int keylength))
-{
-    SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_RSA_CB, (void (*)(void))cb);
-}
-#endif
-
-#ifdef DOXYGEN
-/**
- * \brief The RSA temporary key callback function.
- * \param ssl the SSL session.
- * \param is_export \c TRUE if the temp RSA key is for an export ciphersuite.
- * \param keylength if \c is_export is \c TRUE, then \c keylength is the size
- * of the required key in bits.
- * \return the temporary RSA key.
- * \sa SSL_CTX_set_tmp_rsa_callback, SSL_set_tmp_rsa_callback
- */
-
-RSA *cb(SSL *ssl, int is_export, int keylength)
-{
-}
-#endif
-
-/**
- * \brief Set the callback for generating temporary DH keys.
- * \param ctx the SSL context.
- * \param dh the callback
- */
-
-#ifndef OPENSSL_NO_DH
-void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
-                                 DH *(*dh) (SSL *ssl, int is_export,
-                                            int keylength))
-{
-    SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
-}
-
-void SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh) (SSL *ssl, int is_export,
-                                                  int keylength))
-{
-    SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
-}
-#endif
-
-#ifndef OPENSSL_NO_ECDH
-void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,
-                                   EC_KEY *(*ecdh) (SSL *ssl, int is_export,
-                                                    int keylength))
-{
-    SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH_CB,
-                          (void (*)(void))ecdh);
-}
-
-void SSL_set_tmp_ecdh_callback(SSL *ssl,
-                               EC_KEY *(*ecdh) (SSL *ssl, int is_export,
-                                                int keylength))
-{
-    SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH_CB, (void (*)(void))ecdh);
-}
-#endif
-
-#ifndef OPENSSL_NO_PSK
-int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint)
-{
-    if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) {
-        SSLerr(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT,
-               SSL_R_DATA_LENGTH_TOO_LONG);
-        return 0;
-    }
-    if (ctx->psk_identity_hint != NULL)
-        OPENSSL_free(ctx->psk_identity_hint);
-    if (identity_hint != NULL) {
-        ctx->psk_identity_hint = BUF_strdup(identity_hint);
-        if (ctx->psk_identity_hint == NULL)
-            return 0;
-    } else
-        ctx->psk_identity_hint = NULL;
-    return 1;
-}
-
-int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint)
-{
-    if (s == NULL)
-        return 0;
-
-    if (s->session == NULL)
-        return 1;               /* session not created yet, ignored */
-
-    if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) {
-        SSLerr(SSL_F_SSL_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG);
-        return 0;
-    }
-    if (s->session->psk_identity_hint != NULL)
-        OPENSSL_free(s->session->psk_identity_hint);
-    if (identity_hint != NULL) {
-        s->session->psk_identity_hint = BUF_strdup(identity_hint);
-        if (s->session->psk_identity_hint == NULL)
-            return 0;
-    } else
-        s->session->psk_identity_hint = NULL;
-    return 1;
-}
-
-const char *SSL_get_psk_identity_hint(const SSL *s)
-{
-    if (s == NULL || s->session == NULL)
-        return NULL;
-    return (s->session->psk_identity_hint);
-}
-
-const char *SSL_get_psk_identity(const SSL *s)
-{
-    if (s == NULL || s->session == NULL)
-        return NULL;
-    return (s->session->psk_identity);
-}
-
-void SSL_set_psk_client_callback(SSL *s,
-                                 unsigned int (*cb) (SSL *ssl,
-                                                     const char *hint,
-                                                     char *identity,
-                                                     unsigned int
-                                                     max_identity_len,
-                                                     unsigned char *psk,
-                                                     unsigned int
-                                                     max_psk_len))
-{
-    s->psk_client_callback = cb;
-}
-
-void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
-                                     unsigned int (*cb) (SSL *ssl,
-                                                         const char *hint,
-                                                         char *identity,
-                                                         unsigned int
-                                                         max_identity_len,
-                                                         unsigned char *psk,
-                                                         unsigned int
-                                                         max_psk_len))
-{
-    ctx->psk_client_callback = cb;
-}
-
-void SSL_set_psk_server_callback(SSL *s,
-                                 unsigned int (*cb) (SSL *ssl,
-                                                     const char *identity,
-                                                     unsigned char *psk,
-                                                     unsigned int
-                                                     max_psk_len))
-{
-    s->psk_server_callback = cb;
-}
-
-void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
-                                     unsigned int (*cb) (SSL *ssl,
-                                                         const char *identity,
-                                                         unsigned char *psk,
-                                                         unsigned int
-                                                         max_psk_len))
-{
-    ctx->psk_server_callback = cb;
-}
-#endif
-
-void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
-                              void (*cb) (int write_p, int version,
-                                          int content_type, const void *buf,
-                                          size_t len, SSL *ssl, void *arg))
-{
-    SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
-}
-
-void SSL_set_msg_callback(SSL *ssl,
-                          void (*cb) (int write_p, int version,
-                                      int content_type, const void *buf,
-                                      size_t len, SSL *ssl, void *arg))
-{
-    SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
-}
-
-/*
- * Allocates new EVP_MD_CTX and sets pointer to it into given pointer
- * vairable, freeing EVP_MD_CTX previously stored in that variable, if any.
- * If EVP_MD pointer is passed, initializes ctx with this md Returns newly
- * allocated ctx;
- */
-
-EVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md)
-{
-    ssl_clear_hash_ctx(hash);
-    *hash = EVP_MD_CTX_create();
-    if (*hash == NULL || (md && EVP_DigestInit_ex(*hash, md, NULL) <= 0)) {
-        EVP_MD_CTX_destroy(*hash);
-        *hash = NULL;
-        return NULL;
-    }
-    return *hash;
-}
-
-void ssl_clear_hash_ctx(EVP_MD_CTX **hash)
-{
-
-    if (*hash)
-        EVP_MD_CTX_destroy(*hash);
-    *hash = NULL;
-}
-
-void SSL_set_debug(SSL *s, int debug)
-{
-    s->debug = debug;
-}
-
-int SSL_cache_hit(SSL *s)
-{
-    return s->hit;
-}
-
-int SSL_is_server(SSL *s)
-{
-    return s->server;
-}
-
-#if defined(_WINDLL) && defined(OPENSSL_SYS_WIN16)
-# include "../crypto/bio/bss_file.c"
-#endif
-
-IMPLEMENT_STACK_OF(SSL_CIPHER)
-IMPLEMENT_STACK_OF(SSL_COMP)
-IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);
diff --git a/thirdparty/openssl/ssl/ssl_locl.h b/thirdparty/openssl/ssl/ssl_locl.h
deleted file mode 100644
index aeffc00634..0000000000
--- a/thirdparty/openssl/ssl/ssl_locl.h
+++ /dev/null
@@ -1,1497 +0,0 @@
-/* ssl/ssl_locl.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#ifndef HEADER_SSL_LOCL_H
-# define HEADER_SSL_LOCL_H
-# include <stdlib.h>
-# include <time.h>
-# include <string.h>
-# include <errno.h>
-
-# include "e_os.h"
-
-# include <openssl/buffer.h>
-# ifndef OPENSSL_NO_COMP
-#  include <openssl/comp.h>
-# endif
-# include <openssl/bio.h>
-# include <openssl/stack.h>
-# ifndef OPENSSL_NO_RSA
-#  include <openssl/rsa.h>
-# endif
-# ifndef OPENSSL_NO_DSA
-#  include <openssl/dsa.h>
-# endif
-# include <openssl/err.h>
-# include <openssl/ssl.h>
-# include <openssl/symhacks.h>
-
-# ifdef OPENSSL_BUILD_SHLIBSSL
-#  undef OPENSSL_EXTERN
-#  define OPENSSL_EXTERN OPENSSL_EXPORT
-# endif
-
-# undef PKCS1_CHECK
-
-# define c2l(c,l)        (l = ((unsigned long)(*((c)++)))     , \
-                         l|=(((unsigned long)(*((c)++)))<< 8), \
-                         l|=(((unsigned long)(*((c)++)))<<16), \
-                         l|=(((unsigned long)(*((c)++)))<<24))
-
-/* NOTE - c is not incremented as per c2l */
-# define c2ln(c,l1,l2,n) { \
-                        c+=n; \
-                        l1=l2=0; \
-                        switch (n) { \
-                        case 8: l2 =((unsigned long)(*(--(c))))<<24; \
-                        case 7: l2|=((unsigned long)(*(--(c))))<<16; \
-                        case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
-                        case 5: l2|=((unsigned long)(*(--(c))));     \
-                        case 4: l1 =((unsigned long)(*(--(c))))<<24; \
-                        case 3: l1|=((unsigned long)(*(--(c))))<<16; \
-                        case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
-                        case 1: l1|=((unsigned long)(*(--(c))));     \
-                                } \
-                        }
-
-# define l2c(l,c)        (*((c)++)=(unsigned char)(((l)    )&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>24)&0xff))
-
-# define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24, \
-                         l|=((unsigned long)(*((c)++)))<<16, \
-                         l|=((unsigned long)(*((c)++)))<< 8, \
-                         l|=((unsigned long)(*((c)++))))
-
-# define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
-                         *((c)++)=(unsigned char)(((l)    )&0xff))
-
-# define l2n6(l,c)       (*((c)++)=(unsigned char)(((l)>>40)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>32)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>24)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
-                         *((c)++)=(unsigned char)(((l)    )&0xff))
-
-# define l2n8(l,c)       (*((c)++)=(unsigned char)(((l)>>56)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>48)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>40)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>32)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>24)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
-                         *((c)++)=(unsigned char)(((l)    )&0xff))
-
-# define n2l6(c,l)       (l =((BN_ULLONG)(*((c)++)))<<40, \
-                         l|=((BN_ULLONG)(*((c)++)))<<32, \
-                         l|=((BN_ULLONG)(*((c)++)))<<24, \
-                         l|=((BN_ULLONG)(*((c)++)))<<16, \
-                         l|=((BN_ULLONG)(*((c)++)))<< 8, \
-                         l|=((BN_ULLONG)(*((c)++))))
-
-/* NOTE - c is not incremented as per l2c */
-# define l2cn(l1,l2,c,n) { \
-                        c+=n; \
-                        switch (n) { \
-                        case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
-                        case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
-                        case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
-                        case 5: *(--(c))=(unsigned char)(((l2)    )&0xff); \
-                        case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
-                        case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
-                        case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
-                        case 1: *(--(c))=(unsigned char)(((l1)    )&0xff); \
-                                } \
-                        }
-
-# define n2s(c,s)        ((s=(((unsigned int)(c[0]))<< 8)| \
-                            (((unsigned int)(c[1]))    )),c+=2)
-# define s2n(s,c)        ((c[0]=(unsigned char)(((s)>> 8)&0xff), \
-                          c[1]=(unsigned char)(((s)    )&0xff)),c+=2)
-
-# define n2l3(c,l)       ((l =(((unsigned long)(c[0]))<<16)| \
-                             (((unsigned long)(c[1]))<< 8)| \
-                             (((unsigned long)(c[2]))    )),c+=3)
-
-# define l2n3(l,c)       ((c[0]=(unsigned char)(((l)>>16)&0xff), \
-                          c[1]=(unsigned char)(((l)>> 8)&0xff), \
-                          c[2]=(unsigned char)(((l)    )&0xff)),c+=3)
-
-/* LOCAL STUFF */
-
-# define SSL_DECRYPT     0
-# define SSL_ENCRYPT     1
-
-# define TWO_BYTE_BIT    0x80
-# define SEC_ESC_BIT     0x40
-# define TWO_BYTE_MASK   0x7fff
-# define THREE_BYTE_MASK 0x3fff
-
-# define INC32(a)        ((a)=((a)+1)&0xffffffffL)
-# define DEC32(a)        ((a)=((a)-1)&0xffffffffL)
-# define MAX_MAC_SIZE    20     /* up from 16 for SSLv3 */
-
-/*
- * Define the Bitmasks for SSL_CIPHER.algorithms.
- * This bits are used packed as dense as possible. If new methods/ciphers
- * etc will be added, the bits a likely to change, so this information
- * is for internal library use only, even though SSL_CIPHER.algorithms
- * can be publicly accessed.
- * Use the according functions for cipher management instead.
- *
- * The bit mask handling in the selection and sorting scheme in
- * ssl_create_cipher_list() has only limited capabilities, reflecting
- * that the different entities within are mutually exclusive:
- * ONLY ONE BIT PER MASK CAN BE SET AT A TIME.
- */
-
-/* Bits for algorithm_mkey (key exchange algorithm) */
-/* RSA key exchange */
-# define SSL_kRSA                0x00000001L
-/* DH cert, RSA CA cert */
-# define SSL_kDHr                0x00000002L
-/* DH cert, DSA CA cert */
-# define SSL_kDHd                0x00000004L
-/* tmp DH key no DH cert */
-# define SSL_kEDH                0x00000008L
-/* forward-compatible synonym */
-# define SSL_kDHE                SSL_kEDH
-/* Kerberos5 key exchange */
-# define SSL_kKRB5               0x00000010L
-/* ECDH cert, RSA CA cert */
-# define SSL_kECDHr              0x00000020L
-/* ECDH cert, ECDSA CA cert */
-# define SSL_kECDHe              0x00000040L
-/* ephemeral ECDH */
-# define SSL_kEECDH              0x00000080L
-/* forward-compatible synonym */
-# define SSL_kECDHE              SSL_kEECDH
-/* PSK */
-# define SSL_kPSK                0x00000100L
-/* GOST key exchange */
-# define SSL_kGOST       0x00000200L
-/* SRP */
-# define SSL_kSRP        0x00000400L
-
-/* Bits for algorithm_auth (server authentication) */
-/* RSA auth */
-# define SSL_aRSA                0x00000001L
-/* DSS auth */
-# define SSL_aDSS                0x00000002L
-/* no auth (i.e. use ADH or AECDH) */
-# define SSL_aNULL               0x00000004L
-/* Fixed DH auth (kDHd or kDHr) */
-# define SSL_aDH                 0x00000008L
-/* Fixed ECDH auth (kECDHe or kECDHr) */
-# define SSL_aECDH               0x00000010L
-/* KRB5 auth */
-# define SSL_aKRB5               0x00000020L
-/* ECDSA auth*/
-# define SSL_aECDSA              0x00000040L
-/* PSK auth */
-# define SSL_aPSK                0x00000080L
-/* GOST R 34.10-94 signature auth */
-# define SSL_aGOST94                             0x00000100L
-/* GOST R 34.10-2001 signature auth */
-# define SSL_aGOST01                     0x00000200L
-/* SRP auth */
-# define SSL_aSRP                0x00000400L
-
-/* Bits for algorithm_enc (symmetric encryption) */
-# define SSL_DES                 0x00000001L
-# define SSL_3DES                0x00000002L
-# define SSL_RC4                 0x00000004L
-# define SSL_RC2                 0x00000008L
-# define SSL_IDEA                0x00000010L
-# define SSL_eNULL               0x00000020L
-# define SSL_AES128              0x00000040L
-# define SSL_AES256              0x00000080L
-# define SSL_CAMELLIA128         0x00000100L
-# define SSL_CAMELLIA256         0x00000200L
-# define SSL_eGOST2814789CNT     0x00000400L
-# define SSL_SEED                0x00000800L
-# define SSL_AES128GCM           0x00001000L
-# define SSL_AES256GCM           0x00002000L
-
-# define SSL_AES                 (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM)
-# define SSL_CAMELLIA            (SSL_CAMELLIA128|SSL_CAMELLIA256)
-
-/* Bits for algorithm_mac (symmetric authentication) */
-
-# define SSL_MD5                 0x00000001L
-# define SSL_SHA1                0x00000002L
-# define SSL_GOST94      0x00000004L
-# define SSL_GOST89MAC   0x00000008L
-# define SSL_SHA256              0x00000010L
-# define SSL_SHA384              0x00000020L
-/* Not a real MAC, just an indication it is part of cipher */
-# define SSL_AEAD                0x00000040L
-
-/* Bits for algorithm_ssl (protocol version) */
-# define SSL_SSLV2               0x00000001UL
-# define SSL_SSLV3               0x00000002UL
-# define SSL_TLSV1               SSL_SSLV3/* for now */
-# define SSL_TLSV1_2             0x00000004UL
-
-/* Bits for algorithm2 (handshake digests and other extra flags) */
-
-# define SSL_HANDSHAKE_MAC_MD5 0x10
-# define SSL_HANDSHAKE_MAC_SHA 0x20
-# define SSL_HANDSHAKE_MAC_GOST94 0x40
-# define SSL_HANDSHAKE_MAC_SHA256 0x80
-# define SSL_HANDSHAKE_MAC_SHA384 0x100
-# define SSL_HANDSHAKE_MAC_DEFAULT (SSL_HANDSHAKE_MAC_MD5 | SSL_HANDSHAKE_MAC_SHA)
-
-/*
- * When adding new digest in the ssl_ciph.c and increment SSM_MD_NUM_IDX make
- * sure to update this constant too
- */
-# define SSL_MAX_DIGEST 6
-
-# define TLS1_PRF_DGST_MASK      (0xff << TLS1_PRF_DGST_SHIFT)
-
-# define TLS1_PRF_DGST_SHIFT 10
-# define TLS1_PRF_MD5 (SSL_HANDSHAKE_MAC_MD5 << TLS1_PRF_DGST_SHIFT)
-# define TLS1_PRF_SHA1 (SSL_HANDSHAKE_MAC_SHA << TLS1_PRF_DGST_SHIFT)
-# define TLS1_PRF_SHA256 (SSL_HANDSHAKE_MAC_SHA256 << TLS1_PRF_DGST_SHIFT)
-# define TLS1_PRF_SHA384 (SSL_HANDSHAKE_MAC_SHA384 << TLS1_PRF_DGST_SHIFT)
-# define TLS1_PRF_GOST94 (SSL_HANDSHAKE_MAC_GOST94 << TLS1_PRF_DGST_SHIFT)
-# define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1)
-
-/*
- * Stream MAC for GOST ciphersuites from cryptopro draft (currently this also
- * goes into algorithm2)
- */
-# define TLS1_STREAM_MAC 0x04
-
-/*
- * Export and cipher strength information. For each cipher we have to decide
- * whether it is exportable or not. This information is likely to change
- * over time, since the export control rules are no static technical issue.
- *
- * Independent of the export flag the cipher strength is sorted into classes.
- * SSL_EXP40 was denoting the 40bit US export limit of past times, which now
- * is at 56bit (SSL_EXP56). If the exportable cipher class is going to change
- * again (eg. to 64bit) the use of "SSL_EXP*" becomes blurred even more,
- * since SSL_EXP64 could be similar to SSL_LOW.
- * For this reason SSL_MICRO and SSL_MINI macros are included to widen the
- * namespace of SSL_LOW-SSL_HIGH to lower values. As development of speed
- * and ciphers goes, another extension to SSL_SUPER and/or SSL_ULTRA would
- * be possible.
- */
-# define SSL_EXP_MASK            0x00000003L
-# define SSL_STRONG_MASK         0x000001fcL
-
-# define SSL_NOT_EXP             0x00000001L
-# define SSL_EXPORT              0x00000002L
-
-# define SSL_STRONG_NONE         0x00000004L
-# define SSL_EXP40               0x00000008L
-# define SSL_MICRO               (SSL_EXP40)
-# define SSL_EXP56               0x00000010L
-# define SSL_MINI                (SSL_EXP56)
-# define SSL_LOW                 0x00000020L
-# define SSL_MEDIUM              0x00000040L
-# define SSL_HIGH                0x00000080L
-# define SSL_FIPS                0x00000100L
-# define SSL_NOT_DEFAULT         0x00000200L
-
-/* we have used 000003ff - 22 bits left to go */
-
-/*-
- * Macros to check the export status and cipher strength for export ciphers.
- * Even though the macros for EXPORT and EXPORT40/56 have similar names,
- * their meaning is different:
- * *_EXPORT macros check the 'exportable' status.
- * *_EXPORT40/56 macros are used to check whether a certain cipher strength
- *          is given.
- * Since the SSL_IS_EXPORT* and SSL_EXPORT* macros depend on the correct
- * algorithm structure element to be passed (algorithms, algo_strength) and no
- * typechecking can be done as they are all of type unsigned long, their
- * direct usage is discouraged.
- * Use the SSL_C_* macros instead.
- */
-# define SSL_IS_EXPORT(a)        ((a)&SSL_EXPORT)
-# define SSL_IS_EXPORT56(a)      ((a)&SSL_EXP56)
-# define SSL_IS_EXPORT40(a)      ((a)&SSL_EXP40)
-# define SSL_C_IS_EXPORT(c)      SSL_IS_EXPORT((c)->algo_strength)
-# define SSL_C_IS_EXPORT56(c)    SSL_IS_EXPORT56((c)->algo_strength)
-# define SSL_C_IS_EXPORT40(c)    SSL_IS_EXPORT40((c)->algo_strength)
-
-# define SSL_EXPORT_KEYLENGTH(a,s)       (SSL_IS_EXPORT40(s) ? 5 : \
-                                 (a) == SSL_DES ? 8 : 7)
-# define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 512 : 1024)
-# define SSL_C_EXPORT_KEYLENGTH(c)       SSL_EXPORT_KEYLENGTH((c)->algorithm_enc, \
-                                (c)->algo_strength)
-# define SSL_C_EXPORT_PKEYLENGTH(c)      SSL_EXPORT_PKEYLENGTH((c)->algo_strength)
-
-/* Check if an SSL structure is using DTLS */
-# define SSL_IS_DTLS(s)  (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)
-/* See if we need explicit IV */
-# define SSL_USE_EXPLICIT_IV(s)  \
-                (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_EXPLICIT_IV)
-/*
- * See if we use signature algorithms extension and signature algorithm
- * before signatures.
- */
-# define SSL_USE_SIGALGS(s)      \
-                        (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SIGALGS)
-/*
- * Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2: may
- * apply to others in future.
- */
-# define SSL_USE_TLS1_2_CIPHERS(s)       \
-                (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS)
-/*
- * Determine if a client can use TLS 1.2 ciphersuites: can't rely on method
- * flags because it may not be set to correct version yet.
- */
-# define SSL_CLIENT_USE_TLS1_2_CIPHERS(s)        \
-                ((SSL_IS_DTLS(s) && s->client_version <= DTLS1_2_VERSION) || \
-                (!SSL_IS_DTLS(s) && s->client_version >= TLS1_2_VERSION))
-/*
- * Determine if a client should send signature algorithms extension:
- * as with TLS1.2 cipher we can't rely on method flags.
- */
-# define SSL_CLIENT_USE_SIGALGS(s)        \
-    SSL_CLIENT_USE_TLS1_2_CIPHERS(s)
-
-/* Mostly for SSLv3 */
-# define SSL_PKEY_RSA_ENC        0
-# define SSL_PKEY_RSA_SIGN       1
-# define SSL_PKEY_DSA_SIGN       2
-# define SSL_PKEY_DH_RSA         3
-# define SSL_PKEY_DH_DSA         4
-# define SSL_PKEY_ECC            5
-# define SSL_PKEY_GOST94         6
-# define SSL_PKEY_GOST01         7
-# define SSL_PKEY_NUM            8
-
-/*-
- * SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) |
- *          <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN)
- * SSL_kDH  <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN)
- * SSL_kEDH <- RSA_ENC | RSA_SIGN | DSA_SIGN
- * SSL_aRSA <- RSA_ENC | RSA_SIGN
- * SSL_aDSS <- DSA_SIGN
- */
-
-/*-
-#define CERT_INVALID            0
-#define CERT_PUBLIC_KEY         1
-#define CERT_PRIVATE_KEY        2
-*/
-
-# ifndef OPENSSL_NO_EC
-/*
- * From ECC-TLS draft, used in encoding the curve type in ECParameters
- */
-#  define EXPLICIT_PRIME_CURVE_TYPE  1
-#  define EXPLICIT_CHAR2_CURVE_TYPE  2
-#  define NAMED_CURVE_TYPE           3
-# endif                         /* OPENSSL_NO_EC */
-
-typedef struct cert_pkey_st {
-    X509 *x509;
-    EVP_PKEY *privatekey;
-    /* Digest to use when signing */
-    const EVP_MD *digest;
-    /* Chain for this certificate */
-    STACK_OF(X509) *chain;
-# ifndef OPENSSL_NO_TLSEXT
-    /*-
-     * serverinfo data for this certificate.  The data is in TLS Extension
-     * wire format, specifically it's a series of records like:
-     *   uint16_t extension_type; // (RFC 5246, 7.4.1.4, Extension)
-     *   uint16_t length;
-     *   uint8_t data[length];
-     */
-    unsigned char *serverinfo;
-    size_t serverinfo_length;
-# endif
-    /*
-     * Set if CERT_PKEY can be used with current SSL session: e.g.
-     * appropriate curve, signature algorithms etc. If zero it can't be used
-     * at all.
-     */
-    int valid_flags;
-} CERT_PKEY;
-/* Retrieve Suite B flags */
-# define tls1_suiteb(s)  (s->cert->cert_flags & SSL_CERT_FLAG_SUITEB_128_LOS)
-/* Uses to check strict mode: suite B modes are always strict */
-# define SSL_CERT_FLAGS_CHECK_TLS_STRICT \
-        (SSL_CERT_FLAG_SUITEB_128_LOS|SSL_CERT_FLAG_TLS_STRICT)
-
-typedef struct {
-    unsigned short ext_type;
-    /*
-     * Per-connection flags relating to this extension type: not used if
-     * part of an SSL_CTX structure.
-     */
-    unsigned short ext_flags;
-    custom_ext_add_cb add_cb;
-    custom_ext_free_cb free_cb;
-    void *add_arg;
-    custom_ext_parse_cb parse_cb;
-    void *parse_arg;
-} custom_ext_method;
-
-/* ext_flags values */
-
-/*
- * Indicates an extension has been received. Used to check for unsolicited or
- * duplicate extensions.
- */
-# define SSL_EXT_FLAG_RECEIVED   0x1
-/*
- * Indicates an extension has been sent: used to enable sending of
- * corresponding ServerHello extension.
- */
-# define SSL_EXT_FLAG_SENT       0x2
-
-# define MAX_WARN_ALERT_COUNT    5
-
-typedef struct {
-    custom_ext_method *meths;
-    size_t meths_count;
-} custom_ext_methods;
-
-typedef struct cert_st {
-    /* Current active set */
-    /*
-     * ALWAYS points to an element of the pkeys array
-     * Probably it would make more sense to store
-     * an index, not a pointer.
-     */
-    CERT_PKEY *key;
-    /*
-     * For servers the following masks are for the key and auth algorithms
-     * that are supported by the certs below. For clients they are masks of
-     * *disabled* algorithms based on the current session.
-     */
-    int valid;
-    unsigned long mask_k;
-    unsigned long mask_a;
-    unsigned long export_mask_k;
-    unsigned long export_mask_a;
-    /* Client only */
-    unsigned long mask_ssl;
-# ifndef OPENSSL_NO_RSA
-    RSA *rsa_tmp;
-    RSA *(*rsa_tmp_cb) (SSL *ssl, int is_export, int keysize);
-# endif
-# ifndef OPENSSL_NO_DH
-    DH *dh_tmp;
-    DH *(*dh_tmp_cb) (SSL *ssl, int is_export, int keysize);
-# endif
-# ifndef OPENSSL_NO_ECDH
-    EC_KEY *ecdh_tmp;
-    /* Callback for generating ephemeral ECDH keys */
-    EC_KEY *(*ecdh_tmp_cb) (SSL *ssl, int is_export, int keysize);
-    /* Select ECDH parameters automatically */
-    int ecdh_tmp_auto;
-# endif
-    /* Flags related to certificates */
-    unsigned int cert_flags;
-    CERT_PKEY pkeys[SSL_PKEY_NUM];
-    /*
-     * Certificate types (received or sent) in certificate request message.
-     * On receive this is only set if number of certificate types exceeds
-     * SSL3_CT_NUMBER.
-     */
-    unsigned char *ctypes;
-    size_t ctype_num;
-    /*
-     * signature algorithms peer reports: e.g. supported signature algorithms
-     * extension for server or as part of a certificate request for client.
-     */
-    unsigned char *peer_sigalgs;
-    /* Size of above array */
-    size_t peer_sigalgslen;
-    /*
-     * suppported signature algorithms. When set on a client this is sent in
-     * the client hello as the supported signature algorithms extension. For
-     * servers it represents the signature algorithms we are willing to use.
-     */
-    unsigned char *conf_sigalgs;
-    /* Size of above array */
-    size_t conf_sigalgslen;
-    /*
-     * Client authentication signature algorithms, if not set then uses
-     * conf_sigalgs. On servers these will be the signature algorithms sent
-     * to the client in a cerificate request for TLS 1.2. On a client this
-     * represents the signature algortithms we are willing to use for client
-     * authentication.
-     */
-    unsigned char *client_sigalgs;
-    /* Size of above array */
-    size_t client_sigalgslen;
-    /*
-     * Signature algorithms shared by client and server: cached because these
-     * are used most often.
-     */
-    TLS_SIGALGS *shared_sigalgs;
-    size_t shared_sigalgslen;
-    /*
-     * Certificate setup callback: if set is called whenever a certificate
-     * may be required (client or server). the callback can then examine any
-     * appropriate parameters and setup any certificates required. This
-     * allows advanced applications to select certificates on the fly: for
-     * example based on supported signature algorithms or curves.
-     */
-    int (*cert_cb) (SSL *ssl, void *arg);
-    void *cert_cb_arg;
-    /*
-     * Optional X509_STORE for chain building or certificate validation If
-     * NULL the parent SSL_CTX store is used instead.
-     */
-    X509_STORE *chain_store;
-    X509_STORE *verify_store;
-    /* Raw values of the cipher list from a client */
-    unsigned char *ciphers_raw;
-    size_t ciphers_rawlen;
-    /* Custom extension methods for server and client */
-    custom_ext_methods cli_ext;
-    custom_ext_methods srv_ext;
-    int references;             /* >1 only if SSL_copy_session_id is used */
-    /* non-optimal, but here due to compatibility */
-    unsigned char *alpn_proposed;   /* server */
-    unsigned int alpn_proposed_len;
-    int alpn_sent;                  /* client */
-    /* Count of the number of consecutive warning alerts received */
-    unsigned int alert_count;
-} CERT;
-
-typedef struct sess_cert_st {
-    STACK_OF(X509) *cert_chain; /* as received from peer (not for SSL2) */
-    /* The 'peer_...' members are used only by clients. */
-    int peer_cert_type;
-    CERT_PKEY *peer_key;        /* points to an element of peer_pkeys (never
-                                 * NULL!) */
-    CERT_PKEY peer_pkeys[SSL_PKEY_NUM];
-    /*
-     * Obviously we don't have the private keys of these, so maybe we
-     * shouldn't even use the CERT_PKEY type here.
-     */
-# ifndef OPENSSL_NO_RSA
-    RSA *peer_rsa_tmp;          /* not used for SSL 2 */
-# endif
-# ifndef OPENSSL_NO_DH
-    DH *peer_dh_tmp;            /* not used for SSL 2 */
-# endif
-# ifndef OPENSSL_NO_ECDH
-    EC_KEY *peer_ecdh_tmp;
-# endif
-    int references;             /* actually always 1 at the moment */
-} SESS_CERT;
-/* Structure containing decoded values of signature algorithms extension */
-struct tls_sigalgs_st {
-    /* NID of hash algorithm */
-    int hash_nid;
-    /* NID of signature algorithm */
-    int sign_nid;
-    /* Combined hash and signature NID */
-    int signandhash_nid;
-    /* Raw values used in extension */
-    unsigned char rsign;
-    unsigned char rhash;
-};
-
-/*
- * #define MAC_DEBUG
- */
-
-/*
- * #define ERR_DEBUG
- */
-/*
- * #define ABORT_DEBUG
- */
-/*
- * #define PKT_DEBUG 1
- */
-/*
- * #define DES_DEBUG
- */
-/*
- * #define DES_OFB_DEBUG
- */
-/*
- * #define SSL_DEBUG
- */
-/*
- * #define RSA_DEBUG
- */
-/*
- * #define IDEA_DEBUG
- */
-
-# define FP_ICC  (int (*)(const void *,const void *))
-# define ssl_put_cipher_by_char(ssl,ciph,ptr) \
-                ((ssl)->method->put_cipher_by_char((ciph),(ptr)))
-
-/*
- * This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff It is a bit
- * of a mess of functions, but hell, think of it as an opaque structure :-)
- */
-typedef struct ssl3_enc_method {
-    int (*enc) (SSL *, int);
-    int (*mac) (SSL *, unsigned char *, int);
-    int (*setup_key_block) (SSL *);
-    int (*generate_master_secret) (SSL *, unsigned char *, unsigned char *,
-                                   int);
-    int (*change_cipher_state) (SSL *, int);
-    int (*final_finish_mac) (SSL *, const char *, int, unsigned char *);
-    int finish_mac_length;
-    int (*cert_verify_mac) (SSL *, int, unsigned char *);
-    const char *client_finished_label;
-    int client_finished_label_len;
-    const char *server_finished_label;
-    int server_finished_label_len;
-    int (*alert_value) (int);
-    int (*export_keying_material) (SSL *, unsigned char *, size_t,
-                                   const char *, size_t,
-                                   const unsigned char *, size_t,
-                                   int use_context);
-    /* Various flags indicating protocol version requirements */
-    unsigned int enc_flags;
-    /* Handshake header length */
-    unsigned int hhlen;
-    /* Set the handshake header */
-    void (*set_handshake_header) (SSL *s, int type, unsigned long len);
-    /* Write out handshake message */
-    int (*do_write) (SSL *s);
-} SSL3_ENC_METHOD;
-
-# define SSL_HM_HEADER_LENGTH(s) s->method->ssl3_enc->hhlen
-# define ssl_handshake_start(s) \
-        (((unsigned char *)s->init_buf->data) + s->method->ssl3_enc->hhlen)
-# define ssl_set_handshake_header(s, htype, len) \
-        s->method->ssl3_enc->set_handshake_header(s, htype, len)
-# define ssl_do_write(s)  s->method->ssl3_enc->do_write(s)
-
-/* Values for enc_flags */
-
-/* Uses explicit IV for CBC mode */
-# define SSL_ENC_FLAG_EXPLICIT_IV        0x1
-/* Uses signature algorithms extension */
-# define SSL_ENC_FLAG_SIGALGS            0x2
-/* Uses SHA256 default PRF */
-# define SSL_ENC_FLAG_SHA256_PRF         0x4
-/* Is DTLS */
-# define SSL_ENC_FLAG_DTLS               0x8
-/*
- * Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2: may
- * apply to others in future.
- */
-# define SSL_ENC_FLAG_TLS1_2_CIPHERS     0x10
-
-# ifndef OPENSSL_NO_COMP
-/* Used for holding the relevant compression methods loaded into SSL_CTX */
-typedef struct ssl3_comp_st {
-    int comp_id;                /* The identifier byte for this compression
-                                 * type */
-    char *name;                 /* Text name used for the compression type */
-    COMP_METHOD *method;        /* The method :-) */
-} SSL3_COMP;
-# endif
-
-# ifndef OPENSSL_NO_BUF_FREELISTS
-typedef struct ssl3_buf_freelist_st {
-    size_t chunklen;
-    unsigned int len;
-    struct ssl3_buf_freelist_entry_st *head;
-} SSL3_BUF_FREELIST;
-
-typedef struct ssl3_buf_freelist_entry_st {
-    struct ssl3_buf_freelist_entry_st *next;
-} SSL3_BUF_FREELIST_ENTRY;
-# endif
-
-extern SSL3_ENC_METHOD ssl3_undef_enc_method;
-OPENSSL_EXTERN const SSL_CIPHER ssl2_ciphers[];
-OPENSSL_EXTERN SSL_CIPHER ssl3_ciphers[];
-
-SSL_METHOD *ssl_bad_method(int ver);
-
-extern SSL3_ENC_METHOD TLSv1_enc_data;
-extern SSL3_ENC_METHOD TLSv1_1_enc_data;
-extern SSL3_ENC_METHOD TLSv1_2_enc_data;
-extern SSL3_ENC_METHOD SSLv3_enc_data;
-extern SSL3_ENC_METHOD DTLSv1_enc_data;
-extern SSL3_ENC_METHOD DTLSv1_2_enc_data;
-
-# define IMPLEMENT_tls_meth_func(version, func_name, s_accept, s_connect, \
-                                s_get_meth, enc_data) \
-const SSL_METHOD *func_name(void)  \
-        { \
-        static const SSL_METHOD func_name##_data= { \
-                version, \
-                tls1_new, \
-                tls1_clear, \
-                tls1_free, \
-                s_accept, \
-                s_connect, \
-                ssl3_read, \
-                ssl3_peek, \
-                ssl3_write, \
-                ssl3_shutdown, \
-                ssl3_renegotiate, \
-                ssl3_renegotiate_check, \
-                ssl3_get_message, \
-                ssl3_read_bytes, \
-                ssl3_write_bytes, \
-                ssl3_dispatch_alert, \
-                ssl3_ctrl, \
-                ssl3_ctx_ctrl, \
-                ssl3_get_cipher_by_char, \
-                ssl3_put_cipher_by_char, \
-                ssl3_pending, \
-                ssl3_num_ciphers, \
-                ssl3_get_cipher, \
-                s_get_meth, \
-                tls1_default_timeout, \
-                &enc_data, \
-                ssl_undefined_void_function, \
-                ssl3_callback_ctrl, \
-                ssl3_ctx_callback_ctrl, \
-        }; \
-        return &func_name##_data; \
-        }
-
-# define IMPLEMENT_ssl3_meth_func(func_name, s_accept, s_connect, s_get_meth) \
-const SSL_METHOD *func_name(void)  \
-        { \
-        static const SSL_METHOD func_name##_data= { \
-                SSL3_VERSION, \
-                ssl3_new, \
-                ssl3_clear, \
-                ssl3_free, \
-                s_accept, \
-                s_connect, \
-                ssl3_read, \
-                ssl3_peek, \
-                ssl3_write, \
-                ssl3_shutdown, \
-                ssl3_renegotiate, \
-                ssl3_renegotiate_check, \
-                ssl3_get_message, \
-                ssl3_read_bytes, \
-                ssl3_write_bytes, \
-                ssl3_dispatch_alert, \
-                ssl3_ctrl, \
-                ssl3_ctx_ctrl, \
-                ssl3_get_cipher_by_char, \
-                ssl3_put_cipher_by_char, \
-                ssl3_pending, \
-                ssl3_num_ciphers, \
-                ssl3_get_cipher, \
-                s_get_meth, \
-                ssl3_default_timeout, \
-                &SSLv3_enc_data, \
-                ssl_undefined_void_function, \
-                ssl3_callback_ctrl, \
-                ssl3_ctx_callback_ctrl, \
-        }; \
-        return &func_name##_data; \
-        }
-
-# define IMPLEMENT_ssl23_meth_func(func_name, s_accept, s_connect, s_get_meth) \
-const SSL_METHOD *func_name(void)  \
-        { \
-        static const SSL_METHOD func_name##_data= { \
-        TLS1_2_VERSION, \
-        tls1_new, \
-        tls1_clear, \
-        tls1_free, \
-        s_accept, \
-        s_connect, \
-        ssl23_read, \
-        ssl23_peek, \
-        ssl23_write, \
-        ssl_undefined_function, \
-        ssl_undefined_function, \
-        ssl_ok, \
-        ssl3_get_message, \
-        ssl3_read_bytes, \
-        ssl3_write_bytes, \
-        ssl3_dispatch_alert, \
-        ssl3_ctrl, \
-        ssl3_ctx_ctrl, \
-        ssl23_get_cipher_by_char, \
-        ssl23_put_cipher_by_char, \
-        ssl_undefined_const_function, \
-        ssl23_num_ciphers, \
-        ssl23_get_cipher, \
-        s_get_meth, \
-        ssl23_default_timeout, \
-        &TLSv1_2_enc_data, \
-        ssl_undefined_void_function, \
-        ssl3_callback_ctrl, \
-        ssl3_ctx_callback_ctrl, \
-        }; \
-        return &func_name##_data; \
-        }
-
-# define IMPLEMENT_ssl2_meth_func(func_name, s_accept, s_connect, s_get_meth) \
-const SSL_METHOD *func_name(void)  \
-        { \
-        static const SSL_METHOD func_name##_data= { \
-                SSL2_VERSION, \
-                ssl2_new,       /* local */ \
-                ssl2_clear,     /* local */ \
-                ssl2_free,      /* local */ \
-                s_accept, \
-                s_connect, \
-                ssl2_read, \
-                ssl2_peek, \
-                ssl2_write, \
-                ssl2_shutdown, \
-                ssl_ok, /* NULL - renegotiate */ \
-                ssl_ok, /* NULL - check renegotiate */ \
-                NULL, /* NULL - ssl_get_message */ \
-                NULL, /* NULL - ssl_get_record */ \
-                NULL, /* NULL - ssl_write_bytes */ \
-                NULL, /* NULL - dispatch_alert */ \
-                ssl2_ctrl,      /* local */ \
-                ssl2_ctx_ctrl,  /* local */ \
-                ssl2_get_cipher_by_char, \
-                ssl2_put_cipher_by_char, \
-                ssl2_pending, \
-                ssl2_num_ciphers, \
-                ssl2_get_cipher, \
-                s_get_meth, \
-                ssl2_default_timeout, \
-                &ssl3_undef_enc_method, \
-                ssl_undefined_void_function, \
-                ssl2_callback_ctrl,     /* local */ \
-                ssl2_ctx_callback_ctrl, /* local */ \
-        }; \
-        return &func_name##_data; \
-        }
-
-# define IMPLEMENT_dtls1_meth_func(version, func_name, s_accept, s_connect, \
-                                        s_get_meth, enc_data) \
-const SSL_METHOD *func_name(void)  \
-        { \
-        static const SSL_METHOD func_name##_data= { \
-                version, \
-                dtls1_new, \
-                dtls1_clear, \
-                dtls1_free, \
-                s_accept, \
-                s_connect, \
-                ssl3_read, \
-                ssl3_peek, \
-                ssl3_write, \
-                dtls1_shutdown, \
-                ssl3_renegotiate, \
-                ssl3_renegotiate_check, \
-                dtls1_get_message, \
-                dtls1_read_bytes, \
-                dtls1_write_app_data_bytes, \
-                dtls1_dispatch_alert, \
-                dtls1_ctrl, \
-                ssl3_ctx_ctrl, \
-                ssl3_get_cipher_by_char, \
-                ssl3_put_cipher_by_char, \
-                ssl3_pending, \
-                ssl3_num_ciphers, \
-                dtls1_get_cipher, \
-                s_get_meth, \
-                dtls1_default_timeout, \
-                &enc_data, \
-                ssl_undefined_void_function, \
-                ssl3_callback_ctrl, \
-                ssl3_ctx_callback_ctrl, \
-        }; \
-        return &func_name##_data; \
-        }
-
-struct openssl_ssl_test_functions {
-    int (*p_ssl_init_wbio_buffer) (SSL *s, int push);
-    int (*p_ssl3_setup_buffers) (SSL *s);
-    int (*p_tls1_process_heartbeat) (SSL *s);
-    int (*p_dtls1_process_heartbeat) (SSL *s);
-};
-
-# ifndef OPENSSL_UNIT_TEST
-
-void ssl_clear_cipher_ctx(SSL *s);
-int ssl_clear_bad_session(SSL *s);
-CERT *ssl_cert_new(void);
-CERT *ssl_cert_dup(CERT *cert);
-void ssl_cert_set_default_md(CERT *cert);
-int ssl_cert_inst(CERT **o);
-void ssl_cert_clear_certs(CERT *c);
-void ssl_cert_free(CERT *c);
-SESS_CERT *ssl_sess_cert_new(void);
-void ssl_sess_cert_free(SESS_CERT *sc);
-int ssl_set_peer_cert_type(SESS_CERT *c, int type);
-int ssl_get_new_session(SSL *s, int session);
-int ssl_get_prev_session(SSL *s, unsigned char *session, int len,
-                         const unsigned char *limit);
-SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket);
-int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b);
-DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);
-int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap,
-                          const SSL_CIPHER *const *bp);
-STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
-                                               int num,
-                                               STACK_OF(SSL_CIPHER) **skp);
-int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
-                             unsigned char *p,
-                             int (*put_cb) (const SSL_CIPHER *,
-                                            unsigned char *));
-STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
-                                             STACK_OF(SSL_CIPHER) **pref,
-                                             STACK_OF(SSL_CIPHER) **sorted,
-                                             const char *rule_str, CERT *c);
-void ssl_update_cache(SSL *s, int mode);
-int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
-                       const EVP_MD **md, int *mac_pkey_type,
-                       int *mac_secret_size, SSL_COMP **comp);
-int ssl_get_handshake_digest(int i, long *mask, const EVP_MD **md);
-int ssl_cipher_get_cert_index(const SSL_CIPHER *c);
-const SSL_CIPHER *ssl_get_cipher_by_char(SSL *ssl, const unsigned char *ptr);
-int ssl_cert_set0_chain(CERT *c, STACK_OF(X509) *chain);
-int ssl_cert_set1_chain(CERT *c, STACK_OF(X509) *chain);
-int ssl_cert_add0_chain_cert(CERT *c, X509 *x);
-int ssl_cert_add1_chain_cert(CERT *c, X509 *x);
-int ssl_cert_select_current(CERT *c, X509 *x);
-int ssl_cert_set_current(CERT *c, long arg);
-X509 *ssl_cert_get0_next_certificate(CERT *c, int first);
-void ssl_cert_set_cert_cb(CERT *c, int (*cb) (SSL *ssl, void *arg),
-                          void *arg);
-
-int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk);
-int ssl_add_cert_chain(SSL *s, CERT_PKEY *cpk, unsigned long *l);
-int ssl_build_cert_chain(CERT *c, X509_STORE *chain_store, int flags);
-int ssl_cert_set_cert_store(CERT *c, X509_STORE *store, int chain, int ref);
-int ssl_undefined_function(SSL *s);
-int ssl_undefined_void_function(void);
-int ssl_undefined_const_function(const SSL *s);
-CERT_PKEY *ssl_get_server_send_pkey(const SSL *s);
-#  ifndef OPENSSL_NO_TLSEXT
-int ssl_get_server_cert_serverinfo(SSL *s, const unsigned char **serverinfo,
-                                   size_t *serverinfo_length);
-#  endif
-EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *c, const EVP_MD **pmd);
-int ssl_cert_type(X509 *x, EVP_PKEY *pkey);
-void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher);
-STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
-int ssl_verify_alarm_type(long type);
-void ssl_load_ciphers(void);
-int ssl_fill_hello_random(SSL *s, int server, unsigned char *field, int len);
-
-int ssl2_enc_init(SSL *s, int client);
-int ssl2_generate_key_material(SSL *s);
-int ssl2_enc(SSL *s, int send_data);
-void ssl2_mac(SSL *s, unsigned char *mac, int send_data);
-const SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p);
-int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
-int ssl2_part_read(SSL *s, unsigned long f, int i);
-int ssl2_do_write(SSL *s);
-int ssl2_set_certificate(SSL *s, int type, int len,
-                         const unsigned char *data);
-void ssl2_return_error(SSL *s, int reason);
-void ssl2_write_error(SSL *s);
-int ssl2_num_ciphers(void);
-const SSL_CIPHER *ssl2_get_cipher(unsigned int u);
-int ssl2_new(SSL *s);
-void ssl2_free(SSL *s);
-int ssl2_accept(SSL *s);
-int ssl2_connect(SSL *s);
-int ssl2_read(SSL *s, void *buf, int len);
-int ssl2_peek(SSL *s, void *buf, int len);
-int ssl2_write(SSL *s, const void *buf, int len);
-int ssl2_shutdown(SSL *s);
-void ssl2_clear(SSL *s);
-long ssl2_ctrl(SSL *s, int cmd, long larg, void *parg);
-long ssl2_ctx_ctrl(SSL_CTX *s, int cmd, long larg, void *parg);
-long ssl2_callback_ctrl(SSL *s, int cmd, void (*fp) (void));
-long ssl2_ctx_callback_ctrl(SSL_CTX *s, int cmd, void (*fp) (void));
-int ssl2_pending(const SSL *s);
-long ssl2_default_timeout(void);
-
-const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
-int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
-int ssl3_init_finished_mac(SSL *s);
-int ssl3_send_server_certificate(SSL *s);
-int ssl3_send_newsession_ticket(SSL *s);
-int ssl3_send_cert_status(SSL *s);
-int ssl3_get_finished(SSL *s, int state_a, int state_b);
-int ssl3_setup_key_block(SSL *s);
-int ssl3_send_change_cipher_spec(SSL *s, int state_a, int state_b);
-int ssl3_change_cipher_state(SSL *s, int which);
-void ssl3_cleanup_key_block(SSL *s);
-int ssl3_do_write(SSL *s, int type);
-int ssl3_send_alert(SSL *s, int level, int desc);
-int ssl3_generate_master_secret(SSL *s, unsigned char *out,
-                                unsigned char *p, int len);
-int ssl3_get_req_cert_type(SSL *s, unsigned char *p);
-long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
-int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen);
-int ssl3_num_ciphers(void);
-const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
-int ssl3_renegotiate(SSL *ssl);
-int ssl3_renegotiate_check(SSL *ssl);
-int ssl3_dispatch_alert(SSL *s);
-int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
-int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
-int ssl3_final_finish_mac(SSL *s, const char *sender, int slen,
-                          unsigned char *p);
-int ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p);
-void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len);
-int ssl3_enc(SSL *s, int send_data);
-int n_ssl3_mac(SSL *ssl, unsigned char *md, int send_data);
-void ssl3_free_digest_list(SSL *s);
-unsigned long ssl3_output_cert_chain(SSL *s, CERT_PKEY *cpk);
-SSL_CIPHER *ssl3_choose_cipher(SSL *ssl, STACK_OF(SSL_CIPHER) *clnt,
-                               STACK_OF(SSL_CIPHER) *srvr);
-int ssl3_setup_buffers(SSL *s);
-int ssl3_setup_read_buffer(SSL *s);
-int ssl3_setup_write_buffer(SSL *s);
-int ssl3_release_read_buffer(SSL *s);
-int ssl3_release_write_buffer(SSL *s);
-int ssl3_digest_cached_records(SSL *s);
-int ssl3_new(SSL *s);
-void ssl3_free(SSL *s);
-int ssl3_accept(SSL *s);
-int ssl3_connect(SSL *s);
-int ssl3_read(SSL *s, void *buf, int len);
-int ssl3_peek(SSL *s, void *buf, int len);
-int ssl3_write(SSL *s, const void *buf, int len);
-int ssl3_shutdown(SSL *s);
-void ssl3_clear(SSL *s);
-long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg);
-long ssl3_ctx_ctrl(SSL_CTX *s, int cmd, long larg, void *parg);
-long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void));
-long ssl3_ctx_callback_ctrl(SSL_CTX *s, int cmd, void (*fp) (void));
-int ssl3_pending(const SSL *s);
-
-void ssl3_record_sequence_update(unsigned char *seq);
-int ssl3_do_change_cipher_spec(SSL *ssl);
-long ssl3_default_timeout(void);
-
-void ssl3_set_handshake_header(SSL *s, int htype, unsigned long len);
-int ssl3_handshake_write(SSL *s);
-
-int ssl23_num_ciphers(void);
-const SSL_CIPHER *ssl23_get_cipher(unsigned int u);
-int ssl23_read(SSL *s, void *buf, int len);
-int ssl23_peek(SSL *s, void *buf, int len);
-int ssl23_write(SSL *s, const void *buf, int len);
-int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
-const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p);
-long ssl23_default_timeout(void);
-
-long tls1_default_timeout(void);
-int dtls1_do_write(SSL *s, int type);
-int ssl3_read_n(SSL *s, int n, int max, int extend);
-int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
-int ssl3_do_compress(SSL *ssl);
-int ssl3_do_uncompress(SSL *ssl);
-int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
-                       unsigned int len);
-unsigned char *dtls1_set_message_header(SSL *s,
-                                        unsigned char *p, unsigned char mt,
-                                        unsigned long len,
-                                        unsigned long frag_off,
-                                        unsigned long frag_len);
-
-int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf, int len);
-int dtls1_write_bytes(SSL *s, int type, const void *buf, int len);
-
-int dtls1_send_change_cipher_spec(SSL *s, int a, int b);
-int dtls1_read_failed(SSL *s, int code);
-int dtls1_buffer_message(SSL *s, int ccs);
-int dtls1_retransmit_message(SSL *s, unsigned short seq,
-                             unsigned long frag_off, int *found);
-int dtls1_get_queue_priority(unsigned short seq, int is_ccs);
-int dtls1_retransmit_buffered_messages(SSL *s);
-void dtls1_clear_received_buffer(SSL *s);
-void dtls1_clear_sent_buffer(SSL *s);
-void dtls1_get_message_header(unsigned char *data,
-                              struct hm_header_st *msg_hdr);
-void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr);
-void dtls1_reset_seq_numbers(SSL *s, int rw);
-long dtls1_default_timeout(void);
-struct timeval *dtls1_get_timeout(SSL *s, struct timeval *timeleft);
-int dtls1_check_timeout_num(SSL *s);
-int dtls1_handle_timeout(SSL *s);
-const SSL_CIPHER *dtls1_get_cipher(unsigned int u);
-void dtls1_start_timer(SSL *s);
-void dtls1_stop_timer(SSL *s);
-int dtls1_is_timer_expired(SSL *s);
-void dtls1_double_timeout(SSL *s);
-int dtls1_send_newsession_ticket(SSL *s);
-unsigned int dtls1_min_mtu(SSL *s);
-unsigned int dtls1_link_min_mtu(void);
-void dtls1_hm_fragment_free(hm_fragment *frag);
-
-/* some client-only functions */
-int ssl3_client_hello(SSL *s);
-int ssl3_get_server_hello(SSL *s);
-int ssl3_get_certificate_request(SSL *s);
-int ssl3_get_new_session_ticket(SSL *s);
-int ssl3_get_cert_status(SSL *s);
-int ssl3_get_server_done(SSL *s);
-int ssl3_send_client_verify(SSL *s);
-int ssl3_send_client_certificate(SSL *s);
-int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey);
-int ssl3_send_client_key_exchange(SSL *s);
-int ssl3_get_key_exchange(SSL *s);
-int ssl3_get_server_certificate(SSL *s);
-int ssl3_check_cert_and_algorithm(SSL *s);
-#  ifndef OPENSSL_NO_TLSEXT
-#   ifndef OPENSSL_NO_NEXTPROTONEG
-int ssl3_send_next_proto(SSL *s);
-#   endif
-#  endif
-
-int dtls1_client_hello(SSL *s);
-
-/* some server-only functions */
-int ssl3_get_client_hello(SSL *s);
-int ssl3_send_server_hello(SSL *s);
-int ssl3_send_hello_request(SSL *s);
-int ssl3_send_server_key_exchange(SSL *s);
-int ssl3_send_certificate_request(SSL *s);
-int ssl3_send_server_done(SSL *s);
-int ssl3_get_client_certificate(SSL *s);
-int ssl3_get_client_key_exchange(SSL *s);
-int ssl3_get_cert_verify(SSL *s);
-#  ifndef OPENSSL_NO_NEXTPROTONEG
-int ssl3_get_next_proto(SSL *s);
-#  endif
-
-int ssl23_accept(SSL *s);
-int ssl23_connect(SSL *s);
-int ssl23_read_bytes(SSL *s, int n);
-int ssl23_write_bytes(SSL *s);
-
-int tls1_new(SSL *s);
-void tls1_free(SSL *s);
-void tls1_clear(SSL *s);
-long tls1_ctrl(SSL *s, int cmd, long larg, void *parg);
-long tls1_callback_ctrl(SSL *s, int cmd, void (*fp) (void));
-
-int dtls1_new(SSL *s);
-int dtls1_accept(SSL *s);
-int dtls1_connect(SSL *s);
-void dtls1_free(SSL *s);
-void dtls1_clear(SSL *s);
-long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg);
-int dtls1_shutdown(SSL *s);
-
-long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
-int dtls1_get_record(SSL *s);
-int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
-                   unsigned int len, int create_empty_fragement);
-int dtls1_dispatch_alert(SSL *s);
-
-int ssl_init_wbio_buffer(SSL *s, int push);
-void ssl_free_wbio_buffer(SSL *s);
-
-int tls1_change_cipher_state(SSL *s, int which);
-int tls1_setup_key_block(SSL *s);
-int tls1_enc(SSL *s, int snd);
-int tls1_final_finish_mac(SSL *s,
-                          const char *str, int slen, unsigned char *p);
-int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *p);
-int tls1_mac(SSL *ssl, unsigned char *md, int snd);
-int tls1_generate_master_secret(SSL *s, unsigned char *out,
-                                unsigned char *p, int len);
-int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
-                                const char *label, size_t llen,
-                                const unsigned char *p, size_t plen,
-                                int use_context);
-int tls1_alert_code(int code);
-int ssl3_alert_code(int code);
-int ssl_ok(SSL *s);
-
-#  ifndef OPENSSL_NO_ECDH
-int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s);
-#  endif
-
-SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
-
-#  ifndef OPENSSL_NO_EC
-int tls1_ec_curve_id2nid(int curve_id);
-int tls1_ec_nid2curve_id(int nid);
-int tls1_check_curve(SSL *s, const unsigned char *p, size_t len);
-int tls1_shared_curve(SSL *s, int nmatch);
-int tls1_set_curves(unsigned char **pext, size_t *pextlen,
-                    int *curves, size_t ncurves);
-int tls1_set_curves_list(unsigned char **pext, size_t *pextlen,
-                         const char *str);
-#   ifndef OPENSSL_NO_ECDH
-int tls1_check_ec_tmp_key(SSL *s, unsigned long id);
-#   endif                       /* OPENSSL_NO_ECDH */
-#  endif                        /* OPENSSL_NO_EC */
-
-#  ifndef OPENSSL_NO_TLSEXT
-int tls1_shared_list(SSL *s,
-                     const unsigned char *l1, size_t l1len,
-                     const unsigned char *l2, size_t l2len, int nmatch);
-unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
-                                          unsigned char *limit, int *al);
-unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
-                                          unsigned char *limit, int *al);
-int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data,
-                                 unsigned char *limit);
-int tls1_set_server_sigalgs(SSL *s);
-int ssl_check_clienthello_tlsext_late(SSL *s, int *al);
-int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data,
-                                 unsigned char *d, int n);
-int ssl_prepare_clienthello_tlsext(SSL *s);
-int ssl_prepare_serverhello_tlsext(SSL *s);
-
-#   ifndef OPENSSL_NO_HEARTBEATS
-int tls1_heartbeat(SSL *s);
-int dtls1_heartbeat(SSL *s);
-int tls1_process_heartbeat(SSL *s);
-int dtls1_process_heartbeat(SSL *s);
-#   endif
-
-#   ifdef OPENSSL_NO_SHA256
-#    define tlsext_tick_md  EVP_sha1
-#   else
-#    define tlsext_tick_md  EVP_sha256
-#   endif
-int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
-                        const unsigned char *limit, SSL_SESSION **ret);
-
-int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk,
-                         const EVP_MD *md);
-int tls12_get_sigid(const EVP_PKEY *pk);
-const EVP_MD *tls12_get_hash(unsigned char hash_alg);
-
-int tls1_set_sigalgs_list(CERT *c, const char *str, int client);
-int tls1_set_sigalgs(CERT *c, const int *salg, size_t salglen, int client);
-int tls1_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain,
-                     int idx);
-void tls1_set_cert_validity(SSL *s);
-
-#  endif
-EVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md);
-void ssl_clear_hash_ctx(EVP_MD_CTX **hash);
-int ssl_add_serverhello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
-                                        int maxlen);
-int ssl_parse_serverhello_renegotiate_ext(SSL *s, unsigned char *d, int len,
-                                          int *al);
-int ssl_add_clienthello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
-                                        int maxlen);
-int ssl_parse_clienthello_renegotiate_ext(SSL *s, unsigned char *d, int len,
-                                          int *al);
-long ssl_get_algorithm2(SSL *s);
-int tls1_save_sigalgs(SSL *s, const unsigned char *data, int dsize);
-int tls1_process_sigalgs(SSL *s);
-size_t tls12_get_psigalgs(SSL *s, int sent, const unsigned char **psigs);
-int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s,
-                            const unsigned char *sig, EVP_PKEY *pkey);
-void ssl_set_client_disabled(SSL *s);
-
-int ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p, int *len,
-                                     int maxlen);
-int ssl_parse_clienthello_use_srtp_ext(SSL *s, unsigned char *d, int len,
-                                       int *al);
-int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len,
-                                     int maxlen);
-int ssl_parse_serverhello_use_srtp_ext(SSL *s, unsigned char *d, int len,
-                                       int *al);
-
-/* s3_cbc.c */
-void ssl3_cbc_copy_mac(unsigned char *out,
-                       const SSL3_RECORD *rec,
-                       unsigned md_size, unsigned orig_len);
-int ssl3_cbc_remove_padding(const SSL *s,
-                            SSL3_RECORD *rec,
-                            unsigned block_size, unsigned mac_size);
-int tls1_cbc_remove_padding(const SSL *s,
-                            SSL3_RECORD *rec,
-                            unsigned block_size, unsigned mac_size);
-char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);
-int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx,
-                           unsigned char *md_out,
-                           size_t *md_out_size,
-                           const unsigned char header[13],
-                           const unsigned char *data,
-                           size_t data_plus_mac_size,
-                           size_t data_plus_mac_plus_padding_size,
-                           const unsigned char *mac_secret,
-                           unsigned mac_secret_length, char is_sslv3);
-
-void tls_fips_digest_extra(const EVP_CIPHER_CTX *cipher_ctx,
-                           EVP_MD_CTX *mac_ctx, const unsigned char *data,
-                           size_t data_len, size_t orig_len);
-
-int srp_verify_server_param(SSL *s, int *al);
-
-/* t1_ext.c */
-
-void custom_ext_init(custom_ext_methods *meths);
-
-int custom_ext_parse(SSL *s, int server,
-                     unsigned int ext_type,
-                     const unsigned char *ext_data, size_t ext_size, int *al);
-int custom_ext_add(SSL *s, int server,
-                   unsigned char **pret, unsigned char *limit, int *al);
-
-int custom_exts_copy(custom_ext_methods *dst, const custom_ext_methods *src);
-int custom_exts_copy_flags(custom_ext_methods *dst,
-                           const custom_ext_methods *src);
-void custom_exts_free(custom_ext_methods *exts);
-
-# else
-
-#  define ssl_init_wbio_buffer SSL_test_functions()->p_ssl_init_wbio_buffer
-#  define ssl3_setup_buffers SSL_test_functions()->p_ssl3_setup_buffers
-#  define tls1_process_heartbeat SSL_test_functions()->p_tls1_process_heartbeat
-#  define dtls1_process_heartbeat SSL_test_functions()->p_dtls1_process_heartbeat
-
-# endif
-#endif
diff --git a/thirdparty/openssl/ssl/ssl_rsa.c b/thirdparty/openssl/ssl/ssl_rsa.c
deleted file mode 100644
index af03d45c2e..0000000000
--- a/thirdparty/openssl/ssl/ssl_rsa.c
+++ /dev/null
@@ -1,1048 +0,0 @@
-/* ssl/ssl_rsa.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/bio.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-
-static int ssl_set_cert(CERT *c, X509 *x509);
-static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey);
-int SSL_use_certificate(SSL *ssl, X509 *x)
-{
-    if (x == NULL) {
-        SSLerr(SSL_F_SSL_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
-        return (0);
-    }
-    if (!ssl_cert_inst(&ssl->cert)) {
-        SSLerr(SSL_F_SSL_USE_CERTIFICATE, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-    return (ssl_set_cert(ssl->cert, x));
-}
-
-#ifndef OPENSSL_NO_STDIO
-int SSL_use_certificate_file(SSL *ssl, const char *file, int type)
-{
-    int j;
-    BIO *in;
-    int ret = 0;
-    X509 *x = NULL;
-
-    in = BIO_new(BIO_s_file_internal());
-    if (in == NULL) {
-        SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB);
-        goto end;
-    }
-
-    if (BIO_read_filename(in, file) <= 0) {
-        SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB);
-        goto end;
-    }
-    if (type == SSL_FILETYPE_ASN1) {
-        j = ERR_R_ASN1_LIB;
-        x = d2i_X509_bio(in, NULL);
-    } else if (type == SSL_FILETYPE_PEM) {
-        j = ERR_R_PEM_LIB;
-        x = PEM_read_bio_X509(in, NULL, ssl->ctx->default_passwd_callback,
-                              ssl->ctx->default_passwd_callback_userdata);
-    } else {
-        SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
-        goto end;
-    }
-
-    if (x == NULL) {
-        SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, j);
-        goto end;
-    }
-
-    ret = SSL_use_certificate(ssl, x);
- end:
-    if (x != NULL)
-        X509_free(x);
-    if (in != NULL)
-        BIO_free(in);
-    return (ret);
-}
-#endif
-
-int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len)
-{
-    X509 *x;
-    int ret;
-
-    x = d2i_X509(NULL, &d, (long)len);
-    if (x == NULL) {
-        SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB);
-        return (0);
-    }
-
-    ret = SSL_use_certificate(ssl, x);
-    X509_free(x);
-    return (ret);
-}
-
-#ifndef OPENSSL_NO_RSA
-int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
-{
-    EVP_PKEY *pkey;
-    int ret;
-
-    if (rsa == NULL) {
-        SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
-        return (0);
-    }
-    if (!ssl_cert_inst(&ssl->cert)) {
-        SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-    if ((pkey = EVP_PKEY_new()) == NULL) {
-        SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB);
-        return (0);
-    }
-
-    RSA_up_ref(rsa);
-    if (EVP_PKEY_assign_RSA(pkey, rsa) <= 0) {
-        RSA_free(rsa);
-        return 0;
-    }
-
-    ret = ssl_set_pkey(ssl->cert, pkey);
-    EVP_PKEY_free(pkey);
-    return (ret);
-}
-#endif
-
-static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
-{
-    int i;
-    /*
-     * Special case for DH: check two DH certificate types for a match. This
-     * means for DH certificates we must set the certificate first.
-     */
-    if (pkey->type == EVP_PKEY_DH) {
-        X509 *x;
-        i = -1;
-        x = c->pkeys[SSL_PKEY_DH_RSA].x509;
-        if (x && X509_check_private_key(x, pkey))
-            i = SSL_PKEY_DH_RSA;
-        x = c->pkeys[SSL_PKEY_DH_DSA].x509;
-        if (i == -1 && x && X509_check_private_key(x, pkey))
-            i = SSL_PKEY_DH_DSA;
-        ERR_clear_error();
-    } else
-        i = ssl_cert_type(NULL, pkey);
-    if (i < 0) {
-        SSLerr(SSL_F_SSL_SET_PKEY, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
-        return (0);
-    }
-
-    if (c->pkeys[i].x509 != NULL) {
-        EVP_PKEY *pktmp;
-        pktmp = X509_get_pubkey(c->pkeys[i].x509);
-        if (pktmp == NULL) {
-            SSLerr(SSL_F_SSL_SET_PKEY, ERR_R_MALLOC_FAILURE);
-            EVP_PKEY_free(pktmp);
-            return 0;
-        }
-        /*
-         * The return code from EVP_PKEY_copy_parameters is deliberately
-         * ignored. Some EVP_PKEY types cannot do this.
-         */
-        EVP_PKEY_copy_parameters(pktmp, pkey);
-        EVP_PKEY_free(pktmp);
-        ERR_clear_error();
-
-#ifndef OPENSSL_NO_RSA
-        /*
-         * Don't check the public/private key, this is mostly for smart
-         * cards.
-         */
-        if ((pkey->type == EVP_PKEY_RSA) &&
-            (RSA_flags(pkey->pkey.rsa) & RSA_METHOD_FLAG_NO_CHECK)) ;
-        else
-#endif
-        if (!X509_check_private_key(c->pkeys[i].x509, pkey)) {
-            X509_free(c->pkeys[i].x509);
-            c->pkeys[i].x509 = NULL;
-            return 0;
-        }
-    }
-
-    if (c->pkeys[i].privatekey != NULL)
-        EVP_PKEY_free(c->pkeys[i].privatekey);
-    CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
-    c->pkeys[i].privatekey = pkey;
-    c->key = &(c->pkeys[i]);
-
-    c->valid = 0;
-    return (1);
-}
-
-#ifndef OPENSSL_NO_RSA
-# ifndef OPENSSL_NO_STDIO
-int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)
-{
-    int j, ret = 0;
-    BIO *in;
-    RSA *rsa = NULL;
-
-    in = BIO_new(BIO_s_file_internal());
-    if (in == NULL) {
-        SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_BUF_LIB);
-        goto end;
-    }
-
-    if (BIO_read_filename(in, file) <= 0) {
-        SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_SYS_LIB);
-        goto end;
-    }
-    if (type == SSL_FILETYPE_ASN1) {
-        j = ERR_R_ASN1_LIB;
-        rsa = d2i_RSAPrivateKey_bio(in, NULL);
-    } else if (type == SSL_FILETYPE_PEM) {
-        j = ERR_R_PEM_LIB;
-        rsa = PEM_read_bio_RSAPrivateKey(in, NULL,
-                                         ssl->ctx->default_passwd_callback,
-                                         ssl->
-                                         ctx->default_passwd_callback_userdata);
-    } else {
-        SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
-        goto end;
-    }
-    if (rsa == NULL) {
-        SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, j);
-        goto end;
-    }
-    ret = SSL_use_RSAPrivateKey(ssl, rsa);
-    RSA_free(rsa);
- end:
-    if (in != NULL)
-        BIO_free(in);
-    return (ret);
-}
-# endif
-
-int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len)
-{
-    int ret;
-    const unsigned char *p;
-    RSA *rsa;
-
-    p = d;
-    if ((rsa = d2i_RSAPrivateKey(NULL, &p, (long)len)) == NULL) {
-        SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
-        return (0);
-    }
-
-    ret = SSL_use_RSAPrivateKey(ssl, rsa);
-    RSA_free(rsa);
-    return (ret);
-}
-#endif                          /* !OPENSSL_NO_RSA */
-
-int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
-{
-    int ret;
-
-    if (pkey == NULL) {
-        SSLerr(SSL_F_SSL_USE_PRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
-        return (0);
-    }
-    if (!ssl_cert_inst(&ssl->cert)) {
-        SSLerr(SSL_F_SSL_USE_PRIVATEKEY, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-    ret = ssl_set_pkey(ssl->cert, pkey);
-    return (ret);
-}
-
-#ifndef OPENSSL_NO_STDIO
-int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
-{
-    int j, ret = 0;
-    BIO *in;
-    EVP_PKEY *pkey = NULL;
-
-    in = BIO_new(BIO_s_file_internal());
-    if (in == NULL) {
-        SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_BUF_LIB);
-        goto end;
-    }
-
-    if (BIO_read_filename(in, file) <= 0) {
-        SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB);
-        goto end;
-    }
-    if (type == SSL_FILETYPE_PEM) {
-        j = ERR_R_PEM_LIB;
-        pkey = PEM_read_bio_PrivateKey(in, NULL,
-                                       ssl->ctx->default_passwd_callback,
-                                       ssl->
-                                       ctx->default_passwd_callback_userdata);
-    } else if (type == SSL_FILETYPE_ASN1) {
-        j = ERR_R_ASN1_LIB;
-        pkey = d2i_PrivateKey_bio(in, NULL);
-    } else {
-        SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
-        goto end;
-    }
-    if (pkey == NULL) {
-        SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, j);
-        goto end;
-    }
-    ret = SSL_use_PrivateKey(ssl, pkey);
-    EVP_PKEY_free(pkey);
- end:
-    if (in != NULL)
-        BIO_free(in);
-    return (ret);
-}
-#endif
-
-int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d,
-                            long len)
-{
-    int ret;
-    const unsigned char *p;
-    EVP_PKEY *pkey;
-
-    p = d;
-    if ((pkey = d2i_PrivateKey(type, NULL, &p, (long)len)) == NULL) {
-        SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
-        return (0);
-    }
-
-    ret = SSL_use_PrivateKey(ssl, pkey);
-    EVP_PKEY_free(pkey);
-    return (ret);
-}
-
-int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
-{
-    if (x == NULL) {
-        SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
-        return (0);
-    }
-    if (!ssl_cert_inst(&ctx->cert)) {
-        SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-    return (ssl_set_cert(ctx->cert, x));
-}
-
-static int ssl_set_cert(CERT *c, X509 *x)
-{
-    EVP_PKEY *pkey;
-    int i;
-
-    pkey = X509_get_pubkey(x);
-    if (pkey == NULL) {
-        SSLerr(SSL_F_SSL_SET_CERT, SSL_R_X509_LIB);
-        return (0);
-    }
-
-    i = ssl_cert_type(x, pkey);
-    if (i < 0) {
-        SSLerr(SSL_F_SSL_SET_CERT, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
-        EVP_PKEY_free(pkey);
-        return (0);
-    }
-
-    if (c->pkeys[i].privatekey != NULL) {
-        /*
-         * The return code from EVP_PKEY_copy_parameters is deliberately
-         * ignored. Some EVP_PKEY types cannot do this.
-         */
-        EVP_PKEY_copy_parameters(pkey, c->pkeys[i].privatekey);
-        ERR_clear_error();
-
-#ifndef OPENSSL_NO_RSA
-        /*
-         * Don't check the public/private key, this is mostly for smart
-         * cards.
-         */
-        if ((c->pkeys[i].privatekey->type == EVP_PKEY_RSA) &&
-            (RSA_flags(c->pkeys[i].privatekey->pkey.rsa) &
-             RSA_METHOD_FLAG_NO_CHECK)) ;
-        else
-#endif                          /* OPENSSL_NO_RSA */
-        if (!X509_check_private_key(x, c->pkeys[i].privatekey)) {
-            /*
-             * don't fail for a cert/key mismatch, just free current private
-             * key (when switching to a different cert & key, first this
-             * function should be used, then ssl_set_pkey
-             */
-            EVP_PKEY_free(c->pkeys[i].privatekey);
-            c->pkeys[i].privatekey = NULL;
-            /* clear error queue */
-            ERR_clear_error();
-        }
-    }
-
-    EVP_PKEY_free(pkey);
-
-    if (c->pkeys[i].x509 != NULL)
-        X509_free(c->pkeys[i].x509);
-    CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
-    c->pkeys[i].x509 = x;
-    c->key = &(c->pkeys[i]);
-
-    c->valid = 0;
-    return (1);
-}
-
-#ifndef OPENSSL_NO_STDIO
-int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
-{
-    int j;
-    BIO *in;
-    int ret = 0;
-    X509 *x = NULL;
-
-    in = BIO_new(BIO_s_file_internal());
-    if (in == NULL) {
-        SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB);
-        goto end;
-    }
-
-    if (BIO_read_filename(in, file) <= 0) {
-        SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB);
-        goto end;
-    }
-    if (type == SSL_FILETYPE_ASN1) {
-        j = ERR_R_ASN1_LIB;
-        x = d2i_X509_bio(in, NULL);
-    } else if (type == SSL_FILETYPE_PEM) {
-        j = ERR_R_PEM_LIB;
-        x = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback,
-                              ctx->default_passwd_callback_userdata);
-    } else {
-        SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
-        goto end;
-    }
-
-    if (x == NULL) {
-        SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, j);
-        goto end;
-    }
-
-    ret = SSL_CTX_use_certificate(ctx, x);
- end:
-    if (x != NULL)
-        X509_free(x);
-    if (in != NULL)
-        BIO_free(in);
-    return (ret);
-}
-#endif
-
-int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len,
-                                 const unsigned char *d)
-{
-    X509 *x;
-    int ret;
-
-    x = d2i_X509(NULL, &d, (long)len);
-    if (x == NULL) {
-        SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB);
-        return (0);
-    }
-
-    ret = SSL_CTX_use_certificate(ctx, x);
-    X509_free(x);
-    return (ret);
-}
-
-#ifndef OPENSSL_NO_RSA
-int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
-{
-    int ret;
-    EVP_PKEY *pkey;
-
-    if (rsa == NULL) {
-        SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
-        return (0);
-    }
-    if (!ssl_cert_inst(&ctx->cert)) {
-        SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-    if ((pkey = EVP_PKEY_new()) == NULL) {
-        SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB);
-        return (0);
-    }
-
-    RSA_up_ref(rsa);
-    if (EVP_PKEY_assign_RSA(pkey, rsa) <= 0) {
-        RSA_free(rsa);
-        return 0;
-    }
-
-    ret = ssl_set_pkey(ctx->cert, pkey);
-    EVP_PKEY_free(pkey);
-    return (ret);
-}
-
-# ifndef OPENSSL_NO_STDIO
-int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
-{
-    int j, ret = 0;
-    BIO *in;
-    RSA *rsa = NULL;
-
-    in = BIO_new(BIO_s_file_internal());
-    if (in == NULL) {
-        SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, ERR_R_BUF_LIB);
-        goto end;
-    }
-
-    if (BIO_read_filename(in, file) <= 0) {
-        SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, ERR_R_SYS_LIB);
-        goto end;
-    }
-    if (type == SSL_FILETYPE_ASN1) {
-        j = ERR_R_ASN1_LIB;
-        rsa = d2i_RSAPrivateKey_bio(in, NULL);
-    } else if (type == SSL_FILETYPE_PEM) {
-        j = ERR_R_PEM_LIB;
-        rsa = PEM_read_bio_RSAPrivateKey(in, NULL,
-                                         ctx->default_passwd_callback,
-                                         ctx->default_passwd_callback_userdata);
-    } else {
-        SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
-        goto end;
-    }
-    if (rsa == NULL) {
-        SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, j);
-        goto end;
-    }
-    ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa);
-    RSA_free(rsa);
- end:
-    if (in != NULL)
-        BIO_free(in);
-    return (ret);
-}
-# endif
-
-int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d,
-                                   long len)
-{
-    int ret;
-    const unsigned char *p;
-    RSA *rsa;
-
-    p = d;
-    if ((rsa = d2i_RSAPrivateKey(NULL, &p, (long)len)) == NULL) {
-        SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
-        return (0);
-    }
-
-    ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa);
-    RSA_free(rsa);
-    return (ret);
-}
-#endif                          /* !OPENSSL_NO_RSA */
-
-int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
-{
-    if (pkey == NULL) {
-        SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
-        return (0);
-    }
-    if (!ssl_cert_inst(&ctx->cert)) {
-        SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-    return (ssl_set_pkey(ctx->cert, pkey));
-}
-
-#ifndef OPENSSL_NO_STDIO
-int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
-{
-    int j, ret = 0;
-    BIO *in;
-    EVP_PKEY *pkey = NULL;
-
-    in = BIO_new(BIO_s_file_internal());
-    if (in == NULL) {
-        SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_BUF_LIB);
-        goto end;
-    }
-
-    if (BIO_read_filename(in, file) <= 0) {
-        SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB);
-        goto end;
-    }
-    if (type == SSL_FILETYPE_PEM) {
-        j = ERR_R_PEM_LIB;
-        pkey = PEM_read_bio_PrivateKey(in, NULL,
-                                       ctx->default_passwd_callback,
-                                       ctx->default_passwd_callback_userdata);
-    } else if (type == SSL_FILETYPE_ASN1) {
-        j = ERR_R_ASN1_LIB;
-        pkey = d2i_PrivateKey_bio(in, NULL);
-    } else {
-        SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
-        goto end;
-    }
-    if (pkey == NULL) {
-        SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, j);
-        goto end;
-    }
-    ret = SSL_CTX_use_PrivateKey(ctx, pkey);
-    EVP_PKEY_free(pkey);
- end:
-    if (in != NULL)
-        BIO_free(in);
-    return (ret);
-}
-#endif
-
-int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx,
-                                const unsigned char *d, long len)
-{
-    int ret;
-    const unsigned char *p;
-    EVP_PKEY *pkey;
-
-    p = d;
-    if ((pkey = d2i_PrivateKey(type, NULL, &p, (long)len)) == NULL) {
-        SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
-        return (0);
-    }
-
-    ret = SSL_CTX_use_PrivateKey(ctx, pkey);
-    EVP_PKEY_free(pkey);
-    return (ret);
-}
-
-#ifndef OPENSSL_NO_STDIO
-/*
- * Read a file that contains our certificate in "PEM" format, possibly
- * followed by a sequence of CA certificates that should be sent to the peer
- * in the Certificate message.
- */
-int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
-{
-    BIO *in;
-    int ret = 0;
-    X509 *x = NULL;
-
-    ERR_clear_error();          /* clear error stack for
-                                 * SSL_CTX_use_certificate() */
-
-    in = BIO_new(BIO_s_file_internal());
-    if (in == NULL) {
-        SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_BUF_LIB);
-        goto end;
-    }
-
-    if (BIO_read_filename(in, file) <= 0) {
-        SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_SYS_LIB);
-        goto end;
-    }
-
-    x = PEM_read_bio_X509_AUX(in, NULL, ctx->default_passwd_callback,
-                              ctx->default_passwd_callback_userdata);
-    if (x == NULL) {
-        SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_PEM_LIB);
-        goto end;
-    }
-
-    ret = SSL_CTX_use_certificate(ctx, x);
-
-    if (ERR_peek_error() != 0)
-        ret = 0;                /* Key/certificate mismatch doesn't imply
-                                 * ret==0 ... */
-    if (ret) {
-        /*
-         * If we could set up our certificate, now proceed to the CA
-         * certificates.
-         */
-        X509 *ca;
-        int r;
-        unsigned long err;
-
-        SSL_CTX_clear_chain_certs(ctx);
-
-        while ((ca = PEM_read_bio_X509(in, NULL,
-                                       ctx->default_passwd_callback,
-                                       ctx->default_passwd_callback_userdata))
-               != NULL) {
-            r = SSL_CTX_add0_chain_cert(ctx, ca);
-            if (!r) {
-                X509_free(ca);
-                ret = 0;
-                goto end;
-            }
-            /*
-             * Note that we must not free r if it was successfully added to
-             * the chain (while we must free the main certificate, since its
-             * reference count is increased by SSL_CTX_use_certificate).
-             */
-        }
-        /* When the while loop ends, it's usually just EOF. */
-        err = ERR_peek_last_error();
-        if (ERR_GET_LIB(err) == ERR_LIB_PEM
-            && ERR_GET_REASON(err) == PEM_R_NO_START_LINE)
-            ERR_clear_error();
-        else
-            ret = 0;            /* some real error */
-    }
-
- end:
-    if (x != NULL)
-        X509_free(x);
-    if (in != NULL)
-        BIO_free(in);
-    return (ret);
-}
-#endif
-
-#ifndef OPENSSL_NO_TLSEXT
-static int serverinfo_find_extension(const unsigned char *serverinfo,
-                                     size_t serverinfo_length,
-                                     unsigned int extension_type,
-                                     const unsigned char **extension_data,
-                                     size_t *extension_length)
-{
-    *extension_data = NULL;
-    *extension_length = 0;
-    if (serverinfo == NULL || serverinfo_length == 0)
-        return -1;
-    for (;;) {
-        unsigned int type = 0;
-        size_t len = 0;
-
-        /* end of serverinfo */
-        if (serverinfo_length == 0)
-            return 0;           /* Extension not found */
-
-        /* read 2-byte type field */
-        if (serverinfo_length < 2)
-            return -1;          /* Error */
-        type = (serverinfo[0] << 8) + serverinfo[1];
-        serverinfo += 2;
-        serverinfo_length -= 2;
-
-        /* read 2-byte len field */
-        if (serverinfo_length < 2)
-            return -1;          /* Error */
-        len = (serverinfo[0] << 8) + serverinfo[1];
-        serverinfo += 2;
-        serverinfo_length -= 2;
-
-        if (len > serverinfo_length)
-            return -1;          /* Error */
-
-        if (type == extension_type) {
-            *extension_data = serverinfo;
-            *extension_length = len;
-            return 1;           /* Success */
-        }
-
-        serverinfo += len;
-        serverinfo_length -= len;
-    }
-    return 0;                   /* Error */
-}
-
-static int serverinfo_srv_parse_cb(SSL *s, unsigned int ext_type,
-                                   const unsigned char *in,
-                                   size_t inlen, int *al, void *arg)
-{
-
-    if (inlen != 0) {
-        *al = SSL_AD_DECODE_ERROR;
-        return 0;
-    }
-
-    return 1;
-}
-
-static int serverinfo_srv_add_cb(SSL *s, unsigned int ext_type,
-                                 const unsigned char **out, size_t *outlen,
-                                 int *al, void *arg)
-{
-    const unsigned char *serverinfo = NULL;
-    size_t serverinfo_length = 0;
-
-    /* Is there serverinfo data for the chosen server cert? */
-    if ((ssl_get_server_cert_serverinfo(s, &serverinfo,
-                                        &serverinfo_length)) != 0) {
-        /* Find the relevant extension from the serverinfo */
-        int retval = serverinfo_find_extension(serverinfo, serverinfo_length,
-                                               ext_type, out, outlen);
-        if (retval == -1) {
-            *al = SSL_AD_DECODE_ERROR;
-            return -1;          /* Error */
-        }
-        if (retval == 0)
-            return 0;           /* No extension found, don't send extension */
-        return 1;               /* Send extension */
-    }
-    return 0;                   /* No serverinfo data found, don't send
-                                 * extension */
-}
-
-/*
- * With a NULL context, this function just checks that the serverinfo data
- * parses correctly.  With a non-NULL context, it registers callbacks for
- * the included extensions.
- */
-static int serverinfo_process_buffer(const unsigned char *serverinfo,
-                                     size_t serverinfo_length, SSL_CTX *ctx)
-{
-    if (serverinfo == NULL || serverinfo_length == 0)
-        return 0;
-    for (;;) {
-        unsigned int ext_type = 0;
-        size_t len = 0;
-
-        /* end of serverinfo */
-        if (serverinfo_length == 0)
-            return 1;
-
-        /* read 2-byte type field */
-        if (serverinfo_length < 2)
-            return 0;
-        /* FIXME: check for types we understand explicitly? */
-
-        /* Register callbacks for extensions */
-        ext_type = (serverinfo[0] << 8) + serverinfo[1];
-        if (ctx) {
-            int have_ext_cbs = 0;
-            size_t i;
-            custom_ext_methods *exts = &ctx->cert->srv_ext;
-            custom_ext_method *meth = exts->meths;
-
-            for (i = 0; i < exts->meths_count; i++, meth++) {
-                if (ext_type == meth->ext_type) {
-                    have_ext_cbs = 1;
-                    break;
-                }
-            }
-
-            if (!have_ext_cbs && !SSL_CTX_add_server_custom_ext(ctx, ext_type,
-                                                                serverinfo_srv_add_cb,
-                                                                NULL, NULL,
-                                                                serverinfo_srv_parse_cb,
-                                                                NULL))
-                return 0;
-        }
-
-        serverinfo += 2;
-        serverinfo_length -= 2;
-
-        /* read 2-byte len field */
-        if (serverinfo_length < 2)
-            return 0;
-        len = (serverinfo[0] << 8) + serverinfo[1];
-        serverinfo += 2;
-        serverinfo_length -= 2;
-
-        if (len > serverinfo_length)
-            return 0;
-
-        serverinfo += len;
-        serverinfo_length -= len;
-    }
-}
-
-int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo,
-                           size_t serverinfo_length)
-{
-    unsigned char *new_serverinfo;
-
-    if (ctx == NULL || serverinfo == NULL || serverinfo_length == 0) {
-        SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
-    if (!serverinfo_process_buffer(serverinfo, serverinfo_length, NULL)) {
-        SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO, SSL_R_INVALID_SERVERINFO_DATA);
-        return 0;
-    }
-    if (!ssl_cert_inst(&ctx->cert)) {
-        SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    if (ctx->cert->key == NULL) {
-        SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO, ERR_R_INTERNAL_ERROR);
-        return 0;
-    }
-    new_serverinfo = OPENSSL_realloc(ctx->cert->key->serverinfo,
-                                     serverinfo_length);
-    if (new_serverinfo == NULL) {
-        SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO, ERR_R_MALLOC_FAILURE);
-        return 0;
-    }
-    ctx->cert->key->serverinfo = new_serverinfo;
-    memcpy(ctx->cert->key->serverinfo, serverinfo, serverinfo_length);
-    ctx->cert->key->serverinfo_length = serverinfo_length;
-
-    /*
-     * Now that the serverinfo is validated and stored, go ahead and
-     * register callbacks.
-     */
-    if (!serverinfo_process_buffer(serverinfo, serverinfo_length, ctx)) {
-        SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO, SSL_R_INVALID_SERVERINFO_DATA);
-        return 0;
-    }
-    return 1;
-}
-
-# ifndef OPENSSL_NO_STDIO
-int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
-{
-    unsigned char *serverinfo = NULL;
-    size_t serverinfo_length = 0;
-    unsigned char *extension = 0;
-    long extension_length = 0;
-    char *name = NULL;
-    char *header = NULL;
-    char namePrefix[] = "SERVERINFO FOR ";
-    int ret = 0;
-    BIO *bin = NULL;
-    size_t num_extensions = 0;
-    unsigned char *new_serverinfo;
-
-    if (ctx == NULL || file == NULL) {
-        SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
-               ERR_R_PASSED_NULL_PARAMETER);
-        goto end;
-    }
-
-    bin = BIO_new(BIO_s_file_internal());
-    if (bin == NULL) {
-        SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_BUF_LIB);
-        goto end;
-    }
-    if (BIO_read_filename(bin, file) <= 0) {
-        SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_SYS_LIB);
-        goto end;
-    }
-
-    for (num_extensions = 0;; num_extensions++) {
-        if (PEM_read_bio(bin, &name, &header, &extension, &extension_length)
-            == 0) {
-            /*
-             * There must be at least one extension in this file
-             */
-            if (num_extensions == 0) {
-                SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
-                       SSL_R_NO_PEM_EXTENSIONS);
-                goto end;
-            } else              /* End of file, we're done */
-                break;
-        }
-        /* Check that PEM name starts with "BEGIN SERVERINFO FOR " */
-        if (strlen(name) < strlen(namePrefix)) {
-            SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
-                   SSL_R_PEM_NAME_TOO_SHORT);
-            goto end;
-        }
-        if (strncmp(name, namePrefix, strlen(namePrefix)) != 0) {
-            SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
-                   SSL_R_PEM_NAME_BAD_PREFIX);
-            goto end;
-        }
-        /*
-         * Check that the decoded PEM data is plausible (valid length field)
-         */
-        if (extension_length < 4
-            || (extension[2] << 8) + extension[3] != extension_length - 4) {
-            SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_BAD_DATA);
-            goto end;
-        }
-        /* Append the decoded extension to the serverinfo buffer */
-        new_serverinfo =
-            OPENSSL_realloc(serverinfo, serverinfo_length + extension_length);
-        if (new_serverinfo == NULL) {
-            SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_MALLOC_FAILURE);
-            goto end;
-        }
-        serverinfo = new_serverinfo;
-        memcpy(serverinfo + serverinfo_length, extension, extension_length);
-        serverinfo_length += extension_length;
-
-        OPENSSL_free(name);
-        name = NULL;
-        OPENSSL_free(header);
-        header = NULL;
-        OPENSSL_free(extension);
-        extension = NULL;
-    }
-
-    ret = SSL_CTX_use_serverinfo(ctx, serverinfo, serverinfo_length);
- end:
-    /* SSL_CTX_use_serverinfo makes a local copy of the serverinfo. */
-    OPENSSL_free(name);
-    OPENSSL_free(header);
-    OPENSSL_free(extension);
-    OPENSSL_free(serverinfo);
-    if (bin != NULL)
-        BIO_free(bin);
-    return ret;
-}
-# endif                         /* OPENSSL_NO_STDIO */
-#endif                          /* OPENSSL_NO_TLSEXT */
diff --git a/thirdparty/openssl/ssl/ssl_sess.c b/thirdparty/openssl/ssl/ssl_sess.c
deleted file mode 100644
index f50f514212..0000000000
--- a/thirdparty/openssl/ssl/ssl_sess.c
+++ /dev/null
@@ -1,1287 +0,0 @@
-/* ssl/ssl_sess.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include <stdio.h>
-#include <openssl/lhash.h>
-#include <openssl/rand.h>
-#ifndef OPENSSL_NO_ENGINE
-# include <openssl/engine.h>
-#endif
-#include "ssl_locl.h"
-
-static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
-static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s);
-static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck);
-
-SSL_SESSION *SSL_get_session(const SSL *ssl)
-/* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */
-{
-    return (ssl->session);
-}
-
-SSL_SESSION *SSL_get1_session(SSL *ssl)
-/* variant of SSL_get_session: caller really gets something */
-{
-    SSL_SESSION *sess;
-    /*
-     * Need to lock this all up rather than just use CRYPTO_add so that
-     * somebody doesn't free ssl->session between when we check it's non-null
-     * and when we up the reference count.
-     */
-    CRYPTO_w_lock(CRYPTO_LOCK_SSL_SESSION);
-    sess = ssl->session;
-    if (sess)
-        sess->references++;
-    CRYPTO_w_unlock(CRYPTO_LOCK_SSL_SESSION);
-    return (sess);
-}
-
-int SSL_SESSION_get_ex_new_index(long argl, void *argp,
-                                 CRYPTO_EX_new *new_func,
-                                 CRYPTO_EX_dup *dup_func,
-                                 CRYPTO_EX_free *free_func)
-{
-    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION, argl, argp,
-                                   new_func, dup_func, free_func);
-}
-
-int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
-{
-    return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
-}
-
-void *SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx)
-{
-    return (CRYPTO_get_ex_data(&s->ex_data, idx));
-}
-
-SSL_SESSION *SSL_SESSION_new(void)
-{
-    SSL_SESSION *ss;
-
-    ss = (SSL_SESSION *)OPENSSL_malloc(sizeof(SSL_SESSION));
-    if (ss == NULL) {
-        SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);
-        return (0);
-    }
-    memset(ss, 0, sizeof(SSL_SESSION));
-
-    ss->verify_result = 1;      /* avoid 0 (= X509_V_OK) just in case */
-    ss->references = 1;
-    ss->timeout = 60 * 5 + 4;   /* 5 minute timeout by default */
-    ss->time = (unsigned long)time(NULL);
-    ss->prev = NULL;
-    ss->next = NULL;
-    ss->compress_meth = 0;
-#ifndef OPENSSL_NO_TLSEXT
-    ss->tlsext_hostname = NULL;
-# ifndef OPENSSL_NO_EC
-    ss->tlsext_ecpointformatlist_length = 0;
-    ss->tlsext_ecpointformatlist = NULL;
-    ss->tlsext_ellipticcurvelist_length = 0;
-    ss->tlsext_ellipticcurvelist = NULL;
-# endif
-#endif
-    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
-#ifndef OPENSSL_NO_PSK
-    ss->psk_identity_hint = NULL;
-    ss->psk_identity = NULL;
-#endif
-#ifndef OPENSSL_NO_SRP
-    ss->srp_username = NULL;
-#endif
-    return (ss);
-}
-
-/*
- * Create a new SSL_SESSION and duplicate the contents of |src| into it. If
- * ticket == 0 then no ticket information is duplicated, otherwise it is.
- */
-SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
-{
-    SSL_SESSION *dest;
-
-    dest = OPENSSL_malloc(sizeof(*src));
-    if (dest == NULL) {
-        goto err;
-    }
-    memcpy(dest, src, sizeof(*dest));
-
-    /*
-     * Set the various pointers to NULL so that we can call SSL_SESSION_free in
-     * the case of an error whilst halfway through constructing dest
-     */
-#ifndef OPENSSL_NO_PSK
-    dest->psk_identity_hint = NULL;
-    dest->psk_identity = NULL;
-#endif
-    dest->ciphers = NULL;
-#ifndef OPENSSL_NO_TLSEXT
-    dest->tlsext_hostname = NULL;
-# ifndef OPENSSL_NO_EC
-    dest->tlsext_ecpointformatlist = NULL;
-    dest->tlsext_ellipticcurvelist = NULL;
-# endif
-    dest->tlsext_tick = NULL;
-#endif
-#ifndef OPENSSL_NO_SRP
-    dest->srp_username = NULL;
-#endif
-    memset(&dest->ex_data, 0, sizeof(dest->ex_data));
-
-    /* We deliberately don't copy the prev and next pointers */
-    dest->prev = NULL;
-    dest->next = NULL;
-
-    dest->references = 1;
-
-    if (src->sess_cert != NULL)
-        CRYPTO_add(&src->sess_cert->references, 1, CRYPTO_LOCK_SSL_SESS_CERT);
-
-    if (src->peer != NULL)
-        CRYPTO_add(&src->peer->references, 1, CRYPTO_LOCK_X509);
-
-#ifndef OPENSSL_NO_PSK
-    if (src->psk_identity_hint) {
-        dest->psk_identity_hint = BUF_strdup(src->psk_identity_hint);
-        if (dest->psk_identity_hint == NULL) {
-            goto err;
-        }
-    }
-    if (src->psk_identity) {
-        dest->psk_identity = BUF_strdup(src->psk_identity);
-        if (dest->psk_identity == NULL) {
-            goto err;
-        }
-    }
-#endif
-
-    if(src->ciphers != NULL) {
-        dest->ciphers = sk_SSL_CIPHER_dup(src->ciphers);
-        if (dest->ciphers == NULL)
-            goto err;
-    }
-
-    if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL_SESSION,
-                                            &dest->ex_data, &src->ex_data)) {
-        goto err;
-    }
-
-#ifndef OPENSSL_NO_TLSEXT
-    if (src->tlsext_hostname) {
-        dest->tlsext_hostname = BUF_strdup(src->tlsext_hostname);
-        if (dest->tlsext_hostname == NULL) {
-            goto err;
-        }
-    }
-# ifndef OPENSSL_NO_EC
-    if (src->tlsext_ecpointformatlist) {
-        dest->tlsext_ecpointformatlist =
-            BUF_memdup(src->tlsext_ecpointformatlist,
-                       src->tlsext_ecpointformatlist_length);
-        if (dest->tlsext_ecpointformatlist == NULL)
-            goto err;
-    }
-    if (src->tlsext_ellipticcurvelist) {
-        dest->tlsext_ellipticcurvelist =
-            BUF_memdup(src->tlsext_ellipticcurvelist,
-                       src->tlsext_ellipticcurvelist_length);
-        if (dest->tlsext_ellipticcurvelist == NULL)
-            goto err;
-    }
-# endif
-
-    if (ticket != 0) {
-        dest->tlsext_tick = BUF_memdup(src->tlsext_tick, src->tlsext_ticklen);
-        if(dest->tlsext_tick == NULL)
-            goto err;
-    } else {
-        dest->tlsext_tick_lifetime_hint = 0;
-        dest->tlsext_ticklen = 0;
-    }
-#endif
-
-#ifndef OPENSSL_NO_SRP
-    if (src->srp_username) {
-        dest->srp_username = BUF_strdup(src->srp_username);
-        if (dest->srp_username == NULL) {
-            goto err;
-        }
-    }
-#endif
-
-    return dest;
-err:
-    SSLerr(SSL_F_SSL_SESSION_DUP, ERR_R_MALLOC_FAILURE);
-    SSL_SESSION_free(dest);
-    return NULL;
-}
-
-const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,
-                                        unsigned int *len)
-{
-    if (len)
-        *len = s->session_id_length;
-    return s->session_id;
-}
-
-unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s)
-{
-    return s->compress_meth;
-}
-
-/*
- * Even with SSLv2, we have 16 bytes (128 bits) of session ID space.
- * SSLv3/TLSv1 has 32 bytes (256 bits). As such, filling the ID with random
- * gunk repeatedly until we have no conflict is going to complete in one
- * iteration pretty much "most" of the time (btw: understatement). So, if it
- * takes us 10 iterations and we still can't avoid a conflict - well that's a
- * reasonable point to call it quits. Either the RAND code is broken or
- * someone is trying to open roughly very close to 2^128 (or 2^256) SSL
- * sessions to our server. How you might store that many sessions is perhaps
- * a more interesting question ...
- */
-
-#define MAX_SESS_ID_ATTEMPTS 10
-static int def_generate_session_id(const SSL *ssl, unsigned char *id,
-                                   unsigned int *id_len)
-{
-    unsigned int retry = 0;
-    do
-        if (RAND_bytes(id, *id_len) <= 0)
-            return 0;
-    while (SSL_has_matching_session_id(ssl, id, *id_len) &&
-           (++retry < MAX_SESS_ID_ATTEMPTS)) ;
-    if (retry < MAX_SESS_ID_ATTEMPTS)
-        return 1;
-    /* else - woops a session_id match */
-    /*
-     * XXX We should also check the external cache -- but the probability of
-     * a collision is negligible, and we could not prevent the concurrent
-     * creation of sessions with identical IDs since we currently don't have
-     * means to atomically check whether a session ID already exists and make
-     * a reservation for it if it does not (this problem applies to the
-     * internal cache as well).
-     */
-    return 0;
-}
-
-int ssl_get_new_session(SSL *s, int session)
-{
-    /* This gets used by clients and servers. */
-
-    unsigned int tmp;
-    SSL_SESSION *ss = NULL;
-    GEN_SESSION_CB cb = def_generate_session_id;
-
-    if ((ss = SSL_SESSION_new()) == NULL)
-        return (0);
-
-    /* If the context has a default timeout, use it */
-    if (s->session_ctx->session_timeout == 0)
-        ss->timeout = SSL_get_default_timeout(s);
-    else
-        ss->timeout = s->session_ctx->session_timeout;
-
-    if (s->session != NULL) {
-        SSL_SESSION_free(s->session);
-        s->session = NULL;
-    }
-
-    if (session) {
-        if (s->version == SSL2_VERSION) {
-            ss->ssl_version = SSL2_VERSION;
-            ss->session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
-        } else if (s->version == SSL3_VERSION) {
-            ss->ssl_version = SSL3_VERSION;
-            ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
-        } else if (s->version == TLS1_VERSION) {
-            ss->ssl_version = TLS1_VERSION;
-            ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
-        } else if (s->version == TLS1_1_VERSION) {
-            ss->ssl_version = TLS1_1_VERSION;
-            ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
-        } else if (s->version == TLS1_2_VERSION) {
-            ss->ssl_version = TLS1_2_VERSION;
-            ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
-        } else if (s->version == DTLS1_BAD_VER) {
-            ss->ssl_version = DTLS1_BAD_VER;
-            ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
-        } else if (s->version == DTLS1_VERSION) {
-            ss->ssl_version = DTLS1_VERSION;
-            ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
-        } else if (s->version == DTLS1_2_VERSION) {
-            ss->ssl_version = DTLS1_2_VERSION;
-            ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
-        } else {
-            SSLerr(SSL_F_SSL_GET_NEW_SESSION, SSL_R_UNSUPPORTED_SSL_VERSION);
-            SSL_SESSION_free(ss);
-            return (0);
-        }
-#ifndef OPENSSL_NO_TLSEXT
-        /*-
-         * If RFC5077 ticket, use empty session ID (as server).
-         * Note that:
-         * (a) ssl_get_prev_session() does lookahead into the
-         *     ClientHello extensions to find the session ticket.
-         *     When ssl_get_prev_session() fails, s3_srvr.c calls
-         *     ssl_get_new_session() in ssl3_get_client_hello().
-         *     At that point, it has not yet parsed the extensions,
-         *     however, because of the lookahead, it already knows
-         *     whether a ticket is expected or not.
-         *
-         * (b) s3_clnt.c calls ssl_get_new_session() before parsing
-         *     ServerHello extensions, and before recording the session
-         *     ID received from the server, so this block is a noop.
-         */
-        if (s->tlsext_ticket_expected) {
-            ss->session_id_length = 0;
-            goto sess_id_done;
-        }
-#endif
-        /* Choose which callback will set the session ID */
-        CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
-        if (s->generate_session_id)
-            cb = s->generate_session_id;
-        else if (s->session_ctx->generate_session_id)
-            cb = s->session_ctx->generate_session_id;
-        CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
-        /* Choose a session ID */
-        tmp = ss->session_id_length;
-        if (!cb(s, ss->session_id, &tmp)) {
-            /* The callback failed */
-            SSLerr(SSL_F_SSL_GET_NEW_SESSION,
-                   SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
-            SSL_SESSION_free(ss);
-            return (0);
-        }
-        /*
-         * Don't allow the callback to set the session length to zero. nor
-         * set it higher than it was.
-         */
-        if (!tmp || (tmp > ss->session_id_length)) {
-            /* The callback set an illegal length */
-            SSLerr(SSL_F_SSL_GET_NEW_SESSION,
-                   SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
-            SSL_SESSION_free(ss);
-            return (0);
-        }
-        /* If the session length was shrunk and we're SSLv2, pad it */
-        if ((tmp < ss->session_id_length) && (s->version == SSL2_VERSION))
-            memset(ss->session_id + tmp, 0, ss->session_id_length - tmp);
-        else
-            ss->session_id_length = tmp;
-        /* Finally, check for a conflict */
-        if (SSL_has_matching_session_id(s, ss->session_id,
-                                        ss->session_id_length)) {
-            SSLerr(SSL_F_SSL_GET_NEW_SESSION, SSL_R_SSL_SESSION_ID_CONFLICT);
-            SSL_SESSION_free(ss);
-            return (0);
-        }
-#ifndef OPENSSL_NO_TLSEXT
- sess_id_done:
-        if (s->tlsext_hostname) {
-            ss->tlsext_hostname = BUF_strdup(s->tlsext_hostname);
-            if (ss->tlsext_hostname == NULL) {
-                SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
-                SSL_SESSION_free(ss);
-                return 0;
-            }
-        }
-#endif
-    } else {
-        ss->session_id_length = 0;
-    }
-
-    if (s->sid_ctx_length > sizeof ss->sid_ctx) {
-        SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
-        SSL_SESSION_free(ss);
-        return 0;
-    }
-    memcpy(ss->sid_ctx, s->sid_ctx, s->sid_ctx_length);
-    ss->sid_ctx_length = s->sid_ctx_length;
-    s->session = ss;
-    ss->ssl_version = s->version;
-    ss->verify_result = X509_V_OK;
-
-    return (1);
-}
-
-/*-
- * ssl_get_prev attempts to find an SSL_SESSION to be used to resume this
- * connection. It is only called by servers.
- *
- *   session_id: points at the session ID in the ClientHello. This code will
- *       read past the end of this in order to parse out the session ticket
- *       extension, if any.
- *   len: the length of the session ID.
- *   limit: a pointer to the first byte after the ClientHello.
- *
- * Returns:
- *   -1: error
- *    0: a session may have been found.
- *
- * Side effects:
- *   - If a session is found then s->session is pointed at it (after freeing an
- *     existing session if need be) and s->verify_result is set from the session.
- *   - Both for new and resumed sessions, s->tlsext_ticket_expected is set to 1
- *     if the server should issue a new session ticket (to 0 otherwise).
- */
-int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
-                         const unsigned char *limit)
-{
-    /* This is used only by servers. */
-
-    SSL_SESSION *ret = NULL;
-    int fatal = 0;
-    int try_session_cache = 1;
-#ifndef OPENSSL_NO_TLSEXT
-    int r;
-#endif
-
-    if (limit - session_id < len) {
-        fatal = 1;
-        goto err;
-    }
-
-    if (len == 0)
-        try_session_cache = 0;
-
-#ifndef OPENSSL_NO_TLSEXT
-    /* sets s->tlsext_ticket_expected */
-    r = tls1_process_ticket(s, session_id, len, limit, &ret);
-    switch (r) {
-    case -1:                   /* Error during processing */
-        fatal = 1;
-        goto err;
-    case 0:                    /* No ticket found */
-    case 1:                    /* Zero length ticket found */
-        break;                  /* Ok to carry on processing session id. */
-    case 2:                    /* Ticket found but not decrypted. */
-    case 3:                    /* Ticket decrypted, *ret has been set. */
-        try_session_cache = 0;
-        break;
-    default:
-        abort();
-    }
-#endif
-
-    if (try_session_cache &&
-        ret == NULL &&
-        !(s->session_ctx->session_cache_mode &
-          SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) {
-        SSL_SESSION data;
-        data.ssl_version = s->version;
-        data.session_id_length = len;
-        if (len == 0)
-            return 0;
-        memcpy(data.session_id, session_id, len);
-        CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
-        ret = lh_SSL_SESSION_retrieve(s->session_ctx->sessions, &data);
-        if (ret != NULL) {
-            /* don't allow other threads to steal it: */
-            CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_SSL_SESSION);
-        }
-        CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
-        if (ret == NULL)
-            s->session_ctx->stats.sess_miss++;
-    }
-
-    if (try_session_cache &&
-        ret == NULL && s->session_ctx->get_session_cb != NULL) {
-        int copy = 1;
-
-        if ((ret = s->session_ctx->get_session_cb(s, session_id, len, &copy))) {
-            s->session_ctx->stats.sess_cb_hit++;
-
-            /*
-             * Increment reference count now if the session callback asks us
-             * to do so (note that if the session structures returned by the
-             * callback are shared between threads, it must handle the
-             * reference count itself [i.e. copy == 0], or things won't be
-             * thread-safe).
-             */
-            if (copy)
-                CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_SSL_SESSION);
-
-            /*
-             * Add the externally cached session to the internal cache as
-             * well if and only if we are supposed to.
-             */
-            if (!
-                (s->session_ctx->session_cache_mode &
-                 SSL_SESS_CACHE_NO_INTERNAL_STORE))
-                /*
-                 * The following should not return 1, otherwise, things are
-                 * very strange
-                 */
-                SSL_CTX_add_session(s->session_ctx, ret);
-        }
-    }
-
-    if (ret == NULL)
-        goto err;
-
-    /* Now ret is non-NULL and we own one of its reference counts. */
-
-    if (ret->sid_ctx_length != s->sid_ctx_length
-        || memcmp(ret->sid_ctx, s->sid_ctx, ret->sid_ctx_length)) {
-        /*
-         * We have the session requested by the client, but we don't want to
-         * use it in this context.
-         */
-        goto err;               /* treat like cache miss */
-    }
-
-    if ((s->verify_mode & SSL_VERIFY_PEER) && s->sid_ctx_length == 0) {
-        /*
-         * We can't be sure if this session is being used out of context,
-         * which is especially important for SSL_VERIFY_PEER. The application
-         * should have used SSL[_CTX]_set_session_id_context. For this error
-         * case, we generate an error instead of treating the event like a
-         * cache miss (otherwise it would be easy for applications to
-         * effectively disable the session cache by accident without anyone
-         * noticing).
-         */
-
-        SSLerr(SSL_F_SSL_GET_PREV_SESSION,
-               SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
-        fatal = 1;
-        goto err;
-    }
-
-    if (ret->cipher == NULL) {
-        unsigned char buf[5], *p;
-        unsigned long l;
-
-        p = buf;
-        l = ret->cipher_id;
-        l2n(l, p);
-        if ((ret->ssl_version >> 8) >= SSL3_VERSION_MAJOR)
-            ret->cipher = ssl_get_cipher_by_char(s, &(buf[2]));
-        else
-            ret->cipher = ssl_get_cipher_by_char(s, &(buf[1]));
-        if (ret->cipher == NULL)
-            goto err;
-    }
-
-    if (ret->timeout < (long)(time(NULL) - ret->time)) { /* timeout */
-        s->session_ctx->stats.sess_timeout++;
-        if (try_session_cache) {
-            /* session was from the cache, so remove it */
-            SSL_CTX_remove_session(s->session_ctx, ret);
-        }
-        goto err;
-    }
-
-    s->session_ctx->stats.sess_hit++;
-
-    if (s->session != NULL)
-        SSL_SESSION_free(s->session);
-    s->session = ret;
-    s->verify_result = s->session->verify_result;
-    return 1;
-
- err:
-    if (ret != NULL) {
-        SSL_SESSION_free(ret);
-#ifndef OPENSSL_NO_TLSEXT
-        if (!try_session_cache) {
-            /*
-             * The session was from a ticket, so we should issue a ticket for
-             * the new session
-             */
-            s->tlsext_ticket_expected = 1;
-        }
-#endif
-    }
-    if (fatal)
-        return -1;
-    else
-        return 0;
-}
-
-int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
-{
-    int ret = 0;
-    SSL_SESSION *s;
-
-    /*
-     * add just 1 reference count for the SSL_CTX's session cache even though
-     * it has two ways of access: each session is in a doubly linked list and
-     * an lhash
-     */
-    CRYPTO_add(&c->references, 1, CRYPTO_LOCK_SSL_SESSION);
-    /*
-     * if session c is in already in cache, we take back the increment later
-     */
-
-    CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-    s = lh_SSL_SESSION_insert(ctx->sessions, c);
-
-    /*
-     * s != NULL iff we already had a session with the given PID. In this
-     * case, s == c should hold (then we did not really modify
-     * ctx->sessions), or we're in trouble.
-     */
-    if (s != NULL && s != c) {
-        /* We *are* in trouble ... */
-        SSL_SESSION_list_remove(ctx, s);
-        SSL_SESSION_free(s);
-        /*
-         * ... so pretend the other session did not exist in cache (we cannot
-         * handle two SSL_SESSION structures with identical session ID in the
-         * same cache, which could happen e.g. when two threads concurrently
-         * obtain the same session from an external cache)
-         */
-        s = NULL;
-    } else if (s == NULL &&
-               lh_SSL_SESSION_retrieve(ctx->sessions, c) == NULL) {
-        /* s == NULL can also mean OOM error in lh_SSL_SESSION_insert ... */
-
-        /*
-         * ... so take back the extra reference and also don't add
-         * the session to the SSL_SESSION_list at this time
-         */
-        s = c;
-    }
-
-    /* Put at the head of the queue unless it is already in the cache */
-    if (s == NULL)
-        SSL_SESSION_list_add(ctx, c);
-
-    if (s != NULL) {
-        /*
-         * existing cache entry -- decrement previously incremented reference
-         * count because it already takes into account the cache
-         */
-
-        SSL_SESSION_free(s);    /* s == c */
-        ret = 0;
-    } else {
-        /*
-         * new cache entry -- remove old ones if cache has become too large
-         */
-
-        ret = 1;
-
-        if (SSL_CTX_sess_get_cache_size(ctx) > 0) {
-            while (SSL_CTX_sess_number(ctx) >
-                   SSL_CTX_sess_get_cache_size(ctx)) {
-                if (!remove_session_lock(ctx, ctx->session_cache_tail, 0))
-                    break;
-                else
-                    ctx->stats.sess_cache_full++;
-            }
-        }
-    }
-    CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-    return (ret);
-}
-
-int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)
-{
-    return remove_session_lock(ctx, c, 1);
-}
-
-static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
-{
-    SSL_SESSION *r;
-    int ret = 0;
-
-    if ((c != NULL) && (c->session_id_length != 0)) {
-        if (lck)
-            CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-        if ((r = lh_SSL_SESSION_retrieve(ctx->sessions, c)) == c) {
-            ret = 1;
-            r = lh_SSL_SESSION_delete(ctx->sessions, c);
-            SSL_SESSION_list_remove(ctx, c);
-        }
-
-        if (lck)
-            CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-
-        if (ret) {
-            r->not_resumable = 1;
-            if (ctx->remove_session_cb != NULL)
-                ctx->remove_session_cb(ctx, r);
-            SSL_SESSION_free(r);
-        }
-    } else
-        ret = 0;
-    return (ret);
-}
-
-void SSL_SESSION_free(SSL_SESSION *ss)
-{
-    int i;
-
-    if (ss == NULL)
-        return;
-
-    i = CRYPTO_add(&ss->references, -1, CRYPTO_LOCK_SSL_SESSION);
-#ifdef REF_PRINT
-    REF_PRINT("SSL_SESSION", ss);
-#endif
-    if (i > 0)
-        return;
-#ifdef REF_CHECK
-    if (i < 0) {
-        fprintf(stderr, "SSL_SESSION_free, bad reference count\n");
-        abort();                /* ok */
-    }
-#endif
-
-    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
-
-    OPENSSL_cleanse(ss->key_arg, sizeof ss->key_arg);
-    OPENSSL_cleanse(ss->master_key, sizeof ss->master_key);
-    OPENSSL_cleanse(ss->session_id, sizeof ss->session_id);
-    if (ss->sess_cert != NULL)
-        ssl_sess_cert_free(ss->sess_cert);
-    if (ss->peer != NULL)
-        X509_free(ss->peer);
-    if (ss->ciphers != NULL)
-        sk_SSL_CIPHER_free(ss->ciphers);
-#ifndef OPENSSL_NO_TLSEXT
-    if (ss->tlsext_hostname != NULL)
-        OPENSSL_free(ss->tlsext_hostname);
-    if (ss->tlsext_tick != NULL)
-        OPENSSL_free(ss->tlsext_tick);
-# ifndef OPENSSL_NO_EC
-    ss->tlsext_ecpointformatlist_length = 0;
-    if (ss->tlsext_ecpointformatlist != NULL)
-        OPENSSL_free(ss->tlsext_ecpointformatlist);
-    ss->tlsext_ellipticcurvelist_length = 0;
-    if (ss->tlsext_ellipticcurvelist != NULL)
-        OPENSSL_free(ss->tlsext_ellipticcurvelist);
-# endif                         /* OPENSSL_NO_EC */
-#endif
-#ifndef OPENSSL_NO_PSK
-    if (ss->psk_identity_hint != NULL)
-        OPENSSL_free(ss->psk_identity_hint);
-    if (ss->psk_identity != NULL)
-        OPENSSL_free(ss->psk_identity);
-#endif
-#ifndef OPENSSL_NO_SRP
-    if (ss->srp_username != NULL)
-        OPENSSL_free(ss->srp_username);
-#endif
-    OPENSSL_cleanse(ss, sizeof(*ss));
-    OPENSSL_free(ss);
-}
-
-int SSL_set_session(SSL *s, SSL_SESSION *session)
-{
-    int ret = 0;
-    const SSL_METHOD *meth;
-
-    if (session != NULL) {
-        meth = s->ctx->method->get_ssl_method(session->ssl_version);
-        if (meth == NULL)
-            meth = s->method->get_ssl_method(session->ssl_version);
-        if (meth == NULL) {
-            SSLerr(SSL_F_SSL_SET_SESSION, SSL_R_UNABLE_TO_FIND_SSL_METHOD);
-            return (0);
-        }
-
-        if (meth != s->method) {
-            if (!SSL_set_ssl_method(s, meth))
-                return (0);
-        }
-#ifndef OPENSSL_NO_KRB5
-        if (s->kssl_ctx && !s->kssl_ctx->client_princ &&
-            session->krb5_client_princ_len > 0) {
-            s->kssl_ctx->client_princ =
-                (char *)OPENSSL_malloc(session->krb5_client_princ_len + 1);
-            if (s->kssl_ctx->client_princ == NULL) {
-                SSLerr(SSL_F_SSL_SET_SESSION, ERR_R_MALLOC_FAILURE);
-                return 0;
-            }
-            memcpy(s->kssl_ctx->client_princ, session->krb5_client_princ,
-                   session->krb5_client_princ_len);
-            s->kssl_ctx->client_princ[session->krb5_client_princ_len] = '\0';
-        }
-#endif                          /* OPENSSL_NO_KRB5 */
-
-        /* CRYPTO_w_lock(CRYPTO_LOCK_SSL); */
-        CRYPTO_add(&session->references, 1, CRYPTO_LOCK_SSL_SESSION);
-        if (s->session != NULL)
-            SSL_SESSION_free(s->session);
-        s->session = session;
-        s->verify_result = s->session->verify_result;
-        /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL); */
-        ret = 1;
-    } else {
-        if (s->session != NULL) {
-            SSL_SESSION_free(s->session);
-            s->session = NULL;
-        }
-
-        meth = s->ctx->method;
-        if (meth != s->method) {
-            if (!SSL_set_ssl_method(s, meth))
-                return (0);
-        }
-        ret = 1;
-    }
-    return (ret);
-}
-
-long SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
-{
-    if (s == NULL)
-        return (0);
-    s->timeout = t;
-    return (1);
-}
-
-long SSL_SESSION_get_timeout(const SSL_SESSION *s)
-{
-    if (s == NULL)
-        return (0);
-    return (s->timeout);
-}
-
-long SSL_SESSION_get_time(const SSL_SESSION *s)
-{
-    if (s == NULL)
-        return (0);
-    return (s->time);
-}
-
-long SSL_SESSION_set_time(SSL_SESSION *s, long t)
-{
-    if (s == NULL)
-        return (0);
-    s->time = t;
-    return (t);
-}
-
-X509 *SSL_SESSION_get0_peer(SSL_SESSION *s)
-{
-    return s->peer;
-}
-
-int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
-                                unsigned int sid_ctx_len)
-{
-    if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
-        SSLerr(SSL_F_SSL_SESSION_SET1_ID_CONTEXT,
-               SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
-        return 0;
-    }
-    s->sid_ctx_length = sid_ctx_len;
-    if (s->sid_ctx != sid_ctx)
-        memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
-
-    return 1;
-}
-
-long SSL_CTX_set_timeout(SSL_CTX *s, long t)
-{
-    long l;
-    if (s == NULL)
-        return (0);
-    l = s->session_timeout;
-    s->session_timeout = t;
-    return (l);
-}
-
-long SSL_CTX_get_timeout(const SSL_CTX *s)
-{
-    if (s == NULL)
-        return (0);
-    return (s->session_timeout);
-}
-
-#ifndef OPENSSL_NO_TLSEXT
-int SSL_set_session_secret_cb(SSL *s,
-                              int (*tls_session_secret_cb) (SSL *s,
-                                                            void *secret,
-                                                            int *secret_len,
-                                                            STACK_OF(SSL_CIPHER)
-                                                            *peer_ciphers,
-                                                            SSL_CIPHER
-                                                            **cipher,
-                                                            void *arg),
-                              void *arg)
-{
-    if (s == NULL)
-        return (0);
-    s->tls_session_secret_cb = tls_session_secret_cb;
-    s->tls_session_secret_cb_arg = arg;
-    return (1);
-}
-
-int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
-                                  void *arg)
-{
-    if (s == NULL)
-        return (0);
-    s->tls_session_ticket_ext_cb = cb;
-    s->tls_session_ticket_ext_cb_arg = arg;
-    return (1);
-}
-
-int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
-{
-    if (s->version >= TLS1_VERSION) {
-        if (s->tlsext_session_ticket) {
-            OPENSSL_free(s->tlsext_session_ticket);
-            s->tlsext_session_ticket = NULL;
-        }
-
-        s->tlsext_session_ticket =
-            OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
-        if (!s->tlsext_session_ticket) {
-            SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT, ERR_R_MALLOC_FAILURE);
-            return 0;
-        }
-
-        if (ext_data) {
-            s->tlsext_session_ticket->length = ext_len;
-            s->tlsext_session_ticket->data = s->tlsext_session_ticket + 1;
-            memcpy(s->tlsext_session_ticket->data, ext_data, ext_len);
-        } else {
-            s->tlsext_session_ticket->length = 0;
-            s->tlsext_session_ticket->data = NULL;
-        }
-
-        return 1;
-    }
-
-    return 0;
-}
-#endif                          /* OPENSSL_NO_TLSEXT */
-
-typedef struct timeout_param_st {
-    SSL_CTX *ctx;
-    long time;
-    LHASH_OF(SSL_SESSION) *cache;
-} TIMEOUT_PARAM;
-
-static void timeout_doall_arg(SSL_SESSION *s, TIMEOUT_PARAM *p)
-{
-    if ((p->time == 0) || (p->time > (s->time + s->timeout))) { /* timeout */
-        /*
-         * The reason we don't call SSL_CTX_remove_session() is to save on
-         * locking overhead
-         */
-        (void)lh_SSL_SESSION_delete(p->cache, s);
-        SSL_SESSION_list_remove(p->ctx, s);
-        s->not_resumable = 1;
-        if (p->ctx->remove_session_cb != NULL)
-            p->ctx->remove_session_cb(p->ctx, s);
-        SSL_SESSION_free(s);
-    }
-}
-
-static IMPLEMENT_LHASH_DOALL_ARG_FN(timeout, SSL_SESSION, TIMEOUT_PARAM)
-
-void SSL_CTX_flush_sessions(SSL_CTX *s, long t)
-{
-    unsigned long i;
-    TIMEOUT_PARAM tp;
-
-    tp.ctx = s;
-    tp.cache = s->sessions;
-    if (tp.cache == NULL)
-        return;
-    tp.time = t;
-    CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-    i = CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load;
-    CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load = 0;
-    lh_SSL_SESSION_doall_arg(tp.cache, LHASH_DOALL_ARG_FN(timeout),
-                             TIMEOUT_PARAM, &tp);
-    CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load = i;
-    CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-}
-
-int ssl_clear_bad_session(SSL *s)
-{
-    if ((s->session != NULL) &&
-        !(s->shutdown & SSL_SENT_SHUTDOWN) &&
-        !(SSL_in_init(s) || SSL_in_before(s))) {
-        SSL_CTX_remove_session(s->session_ctx, s->session);
-        return (1);
-    } else
-        return (0);
-}
-
-/* locked by SSL_CTX in the calling function */
-static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
-{
-    if ((s->next == NULL) || (s->prev == NULL))
-        return;
-
-    if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail)) {
-        /* last element in list */
-        if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
-            /* only one element in list */
-            ctx->session_cache_head = NULL;
-            ctx->session_cache_tail = NULL;
-        } else {
-            ctx->session_cache_tail = s->prev;
-            s->prev->next = (SSL_SESSION *)&(ctx->session_cache_tail);
-        }
-    } else {
-        if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
-            /* first element in list */
-            ctx->session_cache_head = s->next;
-            s->next->prev = (SSL_SESSION *)&(ctx->session_cache_head);
-        } else {
-            /* middle of list */
-            s->next->prev = s->prev;
-            s->prev->next = s->next;
-        }
-    }
-    s->prev = s->next = NULL;
-}
-
-static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
-{
-    if ((s->next != NULL) && (s->prev != NULL))
-        SSL_SESSION_list_remove(ctx, s);
-
-    if (ctx->session_cache_head == NULL) {
-        ctx->session_cache_head = s;
-        ctx->session_cache_tail = s;
-        s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
-        s->next = (SSL_SESSION *)&(ctx->session_cache_tail);
-    } else {
-        s->next = ctx->session_cache_head;
-        s->next->prev = s;
-        s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
-        ctx->session_cache_head = s;
-    }
-}
-
-void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
-                             int (*cb) (struct ssl_st *ssl,
-                                        SSL_SESSION *sess))
-{
-    ctx->new_session_cb = cb;
-}
-
-int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)) (SSL *ssl, SSL_SESSION *sess) {
-    return ctx->new_session_cb;
-}
-
-void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
-                                void (*cb) (SSL_CTX *ctx, SSL_SESSION *sess))
-{
-    ctx->remove_session_cb = cb;
-}
-
-void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)) (SSL_CTX *ctx,
-                                                  SSL_SESSION *sess) {
-    return ctx->remove_session_cb;
-}
-
-void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
-                             SSL_SESSION *(*cb) (struct ssl_st *ssl,
-                                                 unsigned char *data, int len,
-                                                 int *copy))
-{
-    ctx->get_session_cb = cb;
-}
-
-SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx)) (SSL *ssl,
-                                                       unsigned char *data,
-                                                       int len, int *copy) {
-    return ctx->get_session_cb;
-}
-
-void SSL_CTX_set_info_callback(SSL_CTX *ctx,
-                               void (*cb) (const SSL *ssl, int type, int val))
-{
-    ctx->info_callback = cb;
-}
-
-void (*SSL_CTX_get_info_callback(SSL_CTX *ctx)) (const SSL *ssl, int type,
-                                                 int val) {
-    return ctx->info_callback;
-}
-
-void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
-                                int (*cb) (SSL *ssl, X509 **x509,
-                                           EVP_PKEY **pkey))
-{
-    ctx->client_cert_cb = cb;
-}
-
-int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx)) (SSL *ssl, X509 **x509,
-                                                 EVP_PKEY **pkey) {
-    return ctx->client_cert_cb;
-}
-
-#ifndef OPENSSL_NO_ENGINE
-int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e)
-{
-    if (!ENGINE_init(e)) {
-        SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, ERR_R_ENGINE_LIB);
-        return 0;
-    }
-    if (!ENGINE_get_ssl_client_cert_function(e)) {
-        SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE,
-               SSL_R_NO_CLIENT_CERT_METHOD);
-        ENGINE_finish(e);
-        return 0;
-    }
-    ctx->client_cert_engine = e;
-    return 1;
-}
-#endif
-
-void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
-                                    int (*cb) (SSL *ssl,
-                                               unsigned char *cookie,
-                                               unsigned int *cookie_len))
-{
-    ctx->app_gen_cookie_cb = cb;
-}
-
-void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
-                                  int (*cb) (SSL *ssl, unsigned char *cookie,
-                                             unsigned int cookie_len))
-{
-    ctx->app_verify_cookie_cb = cb;
-}
-
-IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION,
-                 SSL_SESSION)
diff --git a/thirdparty/openssl/ssl/ssl_stat.c b/thirdparty/openssl/ssl/ssl_stat.c
deleted file mode 100644
index 1b9069f978..0000000000
--- a/thirdparty/openssl/ssl/ssl_stat.c
+++ /dev/null
@@ -1,1078 +0,0 @@
-/* ssl/ssl_stat.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-
-const char *SSL_state_string_long(const SSL *s)
-{
-    const char *str;
-
-    switch (s->state) {
-    case SSL_ST_BEFORE:
-        str = "before SSL initialization";
-        break;
-    case SSL_ST_ACCEPT:
-        str = "before accept initialization";
-        break;
-    case SSL_ST_CONNECT:
-        str = "before connect initialization";
-        break;
-    case SSL_ST_OK:
-        str = "SSL negotiation finished successfully";
-        break;
-    case SSL_ST_RENEGOTIATE:
-        str = "SSL renegotiate ciphers";
-        break;
-    case SSL_ST_BEFORE | SSL_ST_CONNECT:
-        str = "before/connect initialization";
-        break;
-    case SSL_ST_OK | SSL_ST_CONNECT:
-        str = "ok/connect SSL initialization";
-        break;
-    case SSL_ST_BEFORE | SSL_ST_ACCEPT:
-        str = "before/accept initialization";
-        break;
-    case SSL_ST_OK | SSL_ST_ACCEPT:
-        str = "ok/accept SSL initialization";
-        break;
-    case SSL_ST_ERR:
-        str = "error";
-        break;
-#ifndef OPENSSL_NO_SSL2
-    case SSL2_ST_CLIENT_START_ENCRYPTION:
-        str = "SSLv2 client start encryption";
-        break;
-    case SSL2_ST_SERVER_START_ENCRYPTION:
-        str = "SSLv2 server start encryption";
-        break;
-    case SSL2_ST_SEND_CLIENT_HELLO_A:
-        str = "SSLv2 write client hello A";
-        break;
-    case SSL2_ST_SEND_CLIENT_HELLO_B:
-        str = "SSLv2 write client hello B";
-        break;
-    case SSL2_ST_GET_SERVER_HELLO_A:
-        str = "SSLv2 read server hello A";
-        break;
-    case SSL2_ST_GET_SERVER_HELLO_B:
-        str = "SSLv2 read server hello B";
-        break;
-    case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
-        str = "SSLv2 write client master key A";
-        break;
-    case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
-        str = "SSLv2 write client master key B";
-        break;
-    case SSL2_ST_SEND_CLIENT_FINISHED_A:
-        str = "SSLv2 write client finished A";
-        break;
-    case SSL2_ST_SEND_CLIENT_FINISHED_B:
-        str = "SSLv2 write client finished B";
-        break;
-    case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
-        str = "SSLv2 write client certificate A";
-        break;
-    case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:
-        str = "SSLv2 write client certificate B";
-        break;
-    case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
-        str = "SSLv2 write client certificate C";
-        break;
-    case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
-        str = "SSLv2 write client certificate D";
-        break;
-    case SSL2_ST_GET_SERVER_VERIFY_A:
-        str = "SSLv2 read server verify A";
-        break;
-    case SSL2_ST_GET_SERVER_VERIFY_B:
-        str = "SSLv2 read server verify B";
-        break;
-    case SSL2_ST_GET_SERVER_FINISHED_A:
-        str = "SSLv2 read server finished A";
-        break;
-    case SSL2_ST_GET_SERVER_FINISHED_B:
-        str = "SSLv2 read server finished B";
-        break;
-    case SSL2_ST_GET_CLIENT_HELLO_A:
-        str = "SSLv2 read client hello A";
-        break;
-    case SSL2_ST_GET_CLIENT_HELLO_B:
-        str = "SSLv2 read client hello B";
-        break;
-    case SSL2_ST_GET_CLIENT_HELLO_C:
-        str = "SSLv2 read client hello C";
-        break;
-    case SSL2_ST_SEND_SERVER_HELLO_A:
-        str = "SSLv2 write server hello A";
-        break;
-    case SSL2_ST_SEND_SERVER_HELLO_B:
-        str = "SSLv2 write server hello B";
-        break;
-    case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
-        str = "SSLv2 read client master key A";
-        break;
-    case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
-        str = "SSLv2 read client master key B";
-        break;
-    case SSL2_ST_SEND_SERVER_VERIFY_A:
-        str = "SSLv2 write server verify A";
-        break;
-    case SSL2_ST_SEND_SERVER_VERIFY_B:
-        str = "SSLv2 write server verify B";
-        break;
-    case SSL2_ST_SEND_SERVER_VERIFY_C:
-        str = "SSLv2 write server verify C";
-        break;
-    case SSL2_ST_GET_CLIENT_FINISHED_A:
-        str = "SSLv2 read client finished A";
-        break;
-    case SSL2_ST_GET_CLIENT_FINISHED_B:
-        str = "SSLv2 read client finished B";
-        break;
-    case SSL2_ST_SEND_SERVER_FINISHED_A:
-        str = "SSLv2 write server finished A";
-        break;
-    case SSL2_ST_SEND_SERVER_FINISHED_B:
-        str = "SSLv2 write server finished B";
-        break;
-    case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
-        str = "SSLv2 write request certificate A";
-        break;
-    case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:
-        str = "SSLv2 write request certificate B";
-        break;
-    case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:
-        str = "SSLv2 write request certificate C";
-        break;
-    case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:
-        str = "SSLv2 write request certificate D";
-        break;
-    case SSL2_ST_X509_GET_SERVER_CERTIFICATE:
-        str = "SSLv2 X509 read server certificate";
-        break;
-    case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
-        str = "SSLv2 X509 read client certificate";
-        break;
-#endif
-
-#ifndef OPENSSL_NO_SSL3
-/* SSLv3 additions */
-    case SSL3_ST_CW_CLNT_HELLO_A:
-        str = "SSLv3 write client hello A";
-        break;
-    case SSL3_ST_CW_CLNT_HELLO_B:
-        str = "SSLv3 write client hello B";
-        break;
-    case SSL3_ST_CR_SRVR_HELLO_A:
-        str = "SSLv3 read server hello A";
-        break;
-    case SSL3_ST_CR_SRVR_HELLO_B:
-        str = "SSLv3 read server hello B";
-        break;
-    case SSL3_ST_CR_CERT_A:
-        str = "SSLv3 read server certificate A";
-        break;
-    case SSL3_ST_CR_CERT_B:
-        str = "SSLv3 read server certificate B";
-        break;
-    case SSL3_ST_CR_KEY_EXCH_A:
-        str = "SSLv3 read server key exchange A";
-        break;
-    case SSL3_ST_CR_KEY_EXCH_B:
-        str = "SSLv3 read server key exchange B";
-        break;
-    case SSL3_ST_CR_CERT_REQ_A:
-        str = "SSLv3 read server certificate request A";
-        break;
-    case SSL3_ST_CR_CERT_REQ_B:
-        str = "SSLv3 read server certificate request B";
-        break;
-    case SSL3_ST_CR_SESSION_TICKET_A:
-        str = "SSLv3 read server session ticket A";
-        break;
-    case SSL3_ST_CR_SESSION_TICKET_B:
-        str = "SSLv3 read server session ticket B";
-        break;
-    case SSL3_ST_CR_SRVR_DONE_A:
-        str = "SSLv3 read server done A";
-        break;
-    case SSL3_ST_CR_SRVR_DONE_B:
-        str = "SSLv3 read server done B";
-        break;
-    case SSL3_ST_CW_CERT_A:
-        str = "SSLv3 write client certificate A";
-        break;
-    case SSL3_ST_CW_CERT_B:
-        str = "SSLv3 write client certificate B";
-        break;
-    case SSL3_ST_CW_CERT_C:
-        str = "SSLv3 write client certificate C";
-        break;
-    case SSL3_ST_CW_CERT_D:
-        str = "SSLv3 write client certificate D";
-        break;
-    case SSL3_ST_CW_KEY_EXCH_A:
-        str = "SSLv3 write client key exchange A";
-        break;
-    case SSL3_ST_CW_KEY_EXCH_B:
-        str = "SSLv3 write client key exchange B";
-        break;
-    case SSL3_ST_CW_CERT_VRFY_A:
-        str = "SSLv3 write certificate verify A";
-        break;
-    case SSL3_ST_CW_CERT_VRFY_B:
-        str = "SSLv3 write certificate verify B";
-        break;
-
-    case SSL3_ST_CW_CHANGE_A:
-    case SSL3_ST_SW_CHANGE_A:
-        str = "SSLv3 write change cipher spec A";
-        break;
-    case SSL3_ST_CW_CHANGE_B:
-    case SSL3_ST_SW_CHANGE_B:
-        str = "SSLv3 write change cipher spec B";
-        break;
-    case SSL3_ST_CW_FINISHED_A:
-    case SSL3_ST_SW_FINISHED_A:
-        str = "SSLv3 write finished A";
-        break;
-    case SSL3_ST_CW_FINISHED_B:
-    case SSL3_ST_SW_FINISHED_B:
-        str = "SSLv3 write finished B";
-        break;
-    case SSL3_ST_CR_CHANGE_A:
-    case SSL3_ST_SR_CHANGE_A:
-        str = "SSLv3 read change cipher spec A";
-        break;
-    case SSL3_ST_CR_CHANGE_B:
-    case SSL3_ST_SR_CHANGE_B:
-        str = "SSLv3 read change cipher spec B";
-        break;
-    case SSL3_ST_CR_FINISHED_A:
-    case SSL3_ST_SR_FINISHED_A:
-        str = "SSLv3 read finished A";
-        break;
-    case SSL3_ST_CR_FINISHED_B:
-    case SSL3_ST_SR_FINISHED_B:
-        str = "SSLv3 read finished B";
-        break;
-
-    case SSL3_ST_CW_FLUSH:
-    case SSL3_ST_SW_FLUSH:
-        str = "SSLv3 flush data";
-        break;
-
-    case SSL3_ST_SR_CLNT_HELLO_A:
-        str = "SSLv3 read client hello A";
-        break;
-    case SSL3_ST_SR_CLNT_HELLO_B:
-        str = "SSLv3 read client hello B";
-        break;
-    case SSL3_ST_SR_CLNT_HELLO_C:
-        str = "SSLv3 read client hello C";
-        break;
-    case SSL3_ST_SW_HELLO_REQ_A:
-        str = "SSLv3 write hello request A";
-        break;
-    case SSL3_ST_SW_HELLO_REQ_B:
-        str = "SSLv3 write hello request B";
-        break;
-    case SSL3_ST_SW_HELLO_REQ_C:
-        str = "SSLv3 write hello request C";
-        break;
-    case SSL3_ST_SW_SRVR_HELLO_A:
-        str = "SSLv3 write server hello A";
-        break;
-    case SSL3_ST_SW_SRVR_HELLO_B:
-        str = "SSLv3 write server hello B";
-        break;
-    case SSL3_ST_SW_CERT_A:
-        str = "SSLv3 write certificate A";
-        break;
-    case SSL3_ST_SW_CERT_B:
-        str = "SSLv3 write certificate B";
-        break;
-    case SSL3_ST_SW_KEY_EXCH_A:
-        str = "SSLv3 write key exchange A";
-        break;
-    case SSL3_ST_SW_KEY_EXCH_B:
-        str = "SSLv3 write key exchange B";
-        break;
-    case SSL3_ST_SW_CERT_REQ_A:
-        str = "SSLv3 write certificate request A";
-        break;
-    case SSL3_ST_SW_CERT_REQ_B:
-        str = "SSLv3 write certificate request B";
-        break;
-    case SSL3_ST_SW_SESSION_TICKET_A:
-        str = "SSLv3 write session ticket A";
-        break;
-    case SSL3_ST_SW_SESSION_TICKET_B:
-        str = "SSLv3 write session ticket B";
-        break;
-    case SSL3_ST_SW_SRVR_DONE_A:
-        str = "SSLv3 write server done A";
-        break;
-    case SSL3_ST_SW_SRVR_DONE_B:
-        str = "SSLv3 write server done B";
-        break;
-    case SSL3_ST_SR_CERT_A:
-        str = "SSLv3 read client certificate A";
-        break;
-    case SSL3_ST_SR_CERT_B:
-        str = "SSLv3 read client certificate B";
-        break;
-    case SSL3_ST_SR_KEY_EXCH_A:
-        str = "SSLv3 read client key exchange A";
-        break;
-    case SSL3_ST_SR_KEY_EXCH_B:
-        str = "SSLv3 read client key exchange B";
-        break;
-    case SSL3_ST_SR_CERT_VRFY_A:
-        str = "SSLv3 read certificate verify A";
-        break;
-    case SSL3_ST_SR_CERT_VRFY_B:
-        str = "SSLv3 read certificate verify B";
-        break;
-#endif
-
-/* SSLv2/v3 compatibility states */
-/* client */
-    case SSL23_ST_CW_CLNT_HELLO_A:
-        str = "SSLv2/v3 write client hello A";
-        break;
-    case SSL23_ST_CW_CLNT_HELLO_B:
-        str = "SSLv2/v3 write client hello B";
-        break;
-    case SSL23_ST_CR_SRVR_HELLO_A:
-        str = "SSLv2/v3 read server hello A";
-        break;
-    case SSL23_ST_CR_SRVR_HELLO_B:
-        str = "SSLv2/v3 read server hello B";
-        break;
-/* server */
-    case SSL23_ST_SR_CLNT_HELLO_A:
-        str = "SSLv2/v3 read client hello A";
-        break;
-    case SSL23_ST_SR_CLNT_HELLO_B:
-        str = "SSLv2/v3 read client hello B";
-        break;
-
-/* DTLS */
-    case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
-        str = "DTLS1 read hello verify request A";
-        break;
-    case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
-        str = "DTLS1 read hello verify request B";
-        break;
-    case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
-        str = "DTLS1 write hello verify request A";
-        break;
-    case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
-        str = "DTLS1 write hello verify request B";
-        break;
-
-    default:
-        str = "unknown state";
-        break;
-    }
-    return (str);
-}
-
-const char *SSL_rstate_string_long(const SSL *s)
-{
-    const char *str;
-
-    switch (s->rstate) {
-    case SSL_ST_READ_HEADER:
-        str = "read header";
-        break;
-    case SSL_ST_READ_BODY:
-        str = "read body";
-        break;
-    case SSL_ST_READ_DONE:
-        str = "read done";
-        break;
-    default:
-        str = "unknown";
-        break;
-    }
-    return (str);
-}
-
-const char *SSL_state_string(const SSL *s)
-{
-    const char *str;
-
-    switch (s->state) {
-    case SSL_ST_BEFORE:
-        str = "PINIT ";
-        break;
-    case SSL_ST_ACCEPT:
-        str = "AINIT ";
-        break;
-    case SSL_ST_CONNECT:
-        str = "CINIT ";
-        break;
-    case SSL_ST_OK:
-        str = "SSLOK ";
-        break;
-    case SSL_ST_ERR:
-        str = "SSLERR";
-        break;
-#ifndef OPENSSL_NO_SSL2
-    case SSL2_ST_CLIENT_START_ENCRYPTION:
-        str = "2CSENC";
-        break;
-    case SSL2_ST_SERVER_START_ENCRYPTION:
-        str = "2SSENC";
-        break;
-    case SSL2_ST_SEND_CLIENT_HELLO_A:
-        str = "2SCH_A";
-        break;
-    case SSL2_ST_SEND_CLIENT_HELLO_B:
-        str = "2SCH_B";
-        break;
-    case SSL2_ST_GET_SERVER_HELLO_A:
-        str = "2GSH_A";
-        break;
-    case SSL2_ST_GET_SERVER_HELLO_B:
-        str = "2GSH_B";
-        break;
-    case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
-        str = "2SCMKA";
-        break;
-    case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
-        str = "2SCMKB";
-        break;
-    case SSL2_ST_SEND_CLIENT_FINISHED_A:
-        str = "2SCF_A";
-        break;
-    case SSL2_ST_SEND_CLIENT_FINISHED_B:
-        str = "2SCF_B";
-        break;
-    case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
-        str = "2SCC_A";
-        break;
-    case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:
-        str = "2SCC_B";
-        break;
-    case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
-        str = "2SCC_C";
-        break;
-    case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
-        str = "2SCC_D";
-        break;
-    case SSL2_ST_GET_SERVER_VERIFY_A:
-        str = "2GSV_A";
-        break;
-    case SSL2_ST_GET_SERVER_VERIFY_B:
-        str = "2GSV_B";
-        break;
-    case SSL2_ST_GET_SERVER_FINISHED_A:
-        str = "2GSF_A";
-        break;
-    case SSL2_ST_GET_SERVER_FINISHED_B:
-        str = "2GSF_B";
-        break;
-    case SSL2_ST_GET_CLIENT_HELLO_A:
-        str = "2GCH_A";
-        break;
-    case SSL2_ST_GET_CLIENT_HELLO_B:
-        str = "2GCH_B";
-        break;
-    case SSL2_ST_GET_CLIENT_HELLO_C:
-        str = "2GCH_C";
-        break;
-    case SSL2_ST_SEND_SERVER_HELLO_A:
-        str = "2SSH_A";
-        break;
-    case SSL2_ST_SEND_SERVER_HELLO_B:
-        str = "2SSH_B";
-        break;
-    case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
-        str = "2GCMKA";
-        break;
-    case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
-        str = "2GCMKA";
-        break;
-    case SSL2_ST_SEND_SERVER_VERIFY_A:
-        str = "2SSV_A";
-        break;
-    case SSL2_ST_SEND_SERVER_VERIFY_B:
-        str = "2SSV_B";
-        break;
-    case SSL2_ST_SEND_SERVER_VERIFY_C:
-        str = "2SSV_C";
-        break;
-    case SSL2_ST_GET_CLIENT_FINISHED_A:
-        str = "2GCF_A";
-        break;
-    case SSL2_ST_GET_CLIENT_FINISHED_B:
-        str = "2GCF_B";
-        break;
-    case SSL2_ST_SEND_SERVER_FINISHED_A:
-        str = "2SSF_A";
-        break;
-    case SSL2_ST_SEND_SERVER_FINISHED_B:
-        str = "2SSF_B";
-        break;
-    case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
-        str = "2SRC_A";
-        break;
-    case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:
-        str = "2SRC_B";
-        break;
-    case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:
-        str = "2SRC_C";
-        break;
-    case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:
-        str = "2SRC_D";
-        break;
-    case SSL2_ST_X509_GET_SERVER_CERTIFICATE:
-        str = "2X9GSC";
-        break;
-    case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
-        str = "2X9GCC";
-        break;
-#endif
-
-#ifndef OPENSSL_NO_SSL3
-/* SSLv3 additions */
-    case SSL3_ST_SW_FLUSH:
-    case SSL3_ST_CW_FLUSH:
-        str = "3FLUSH";
-        break;
-    case SSL3_ST_CW_CLNT_HELLO_A:
-        str = "3WCH_A";
-        break;
-    case SSL3_ST_CW_CLNT_HELLO_B:
-        str = "3WCH_B";
-        break;
-    case SSL3_ST_CR_SRVR_HELLO_A:
-        str = "3RSH_A";
-        break;
-    case SSL3_ST_CR_SRVR_HELLO_B:
-        str = "3RSH_B";
-        break;
-    case SSL3_ST_CR_CERT_A:
-        str = "3RSC_A";
-        break;
-    case SSL3_ST_CR_CERT_B:
-        str = "3RSC_B";
-        break;
-    case SSL3_ST_CR_KEY_EXCH_A:
-        str = "3RSKEA";
-        break;
-    case SSL3_ST_CR_KEY_EXCH_B:
-        str = "3RSKEB";
-        break;
-    case SSL3_ST_CR_CERT_REQ_A:
-        str = "3RCR_A";
-        break;
-    case SSL3_ST_CR_CERT_REQ_B:
-        str = "3RCR_B";
-        break;
-    case SSL3_ST_CR_SRVR_DONE_A:
-        str = "3RSD_A";
-        break;
-    case SSL3_ST_CR_SRVR_DONE_B:
-        str = "3RSD_B";
-        break;
-    case SSL3_ST_CW_CERT_A:
-        str = "3WCC_A";
-        break;
-    case SSL3_ST_CW_CERT_B:
-        str = "3WCC_B";
-        break;
-    case SSL3_ST_CW_CERT_C:
-        str = "3WCC_C";
-        break;
-    case SSL3_ST_CW_CERT_D:
-        str = "3WCC_D";
-        break;
-    case SSL3_ST_CW_KEY_EXCH_A:
-        str = "3WCKEA";
-        break;
-    case SSL3_ST_CW_KEY_EXCH_B:
-        str = "3WCKEB";
-        break;
-    case SSL3_ST_CW_CERT_VRFY_A:
-        str = "3WCV_A";
-        break;
-    case SSL3_ST_CW_CERT_VRFY_B:
-        str = "3WCV_B";
-        break;
-
-    case SSL3_ST_SW_CHANGE_A:
-    case SSL3_ST_CW_CHANGE_A:
-        str = "3WCCSA";
-        break;
-    case SSL3_ST_SW_CHANGE_B:
-    case SSL3_ST_CW_CHANGE_B:
-        str = "3WCCSB";
-        break;
-    case SSL3_ST_SW_FINISHED_A:
-    case SSL3_ST_CW_FINISHED_A:
-        str = "3WFINA";
-        break;
-    case SSL3_ST_SW_FINISHED_B:
-    case SSL3_ST_CW_FINISHED_B:
-        str = "3WFINB";
-        break;
-    case SSL3_ST_SR_CHANGE_A:
-    case SSL3_ST_CR_CHANGE_A:
-        str = "3RCCSA";
-        break;
-    case SSL3_ST_SR_CHANGE_B:
-    case SSL3_ST_CR_CHANGE_B:
-        str = "3RCCSB";
-        break;
-    case SSL3_ST_SR_FINISHED_A:
-    case SSL3_ST_CR_FINISHED_A:
-        str = "3RFINA";
-        break;
-    case SSL3_ST_SR_FINISHED_B:
-    case SSL3_ST_CR_FINISHED_B:
-        str = "3RFINB";
-        break;
-
-    case SSL3_ST_SW_HELLO_REQ_A:
-        str = "3WHR_A";
-        break;
-    case SSL3_ST_SW_HELLO_REQ_B:
-        str = "3WHR_B";
-        break;
-    case SSL3_ST_SW_HELLO_REQ_C:
-        str = "3WHR_C";
-        break;
-    case SSL3_ST_SR_CLNT_HELLO_A:
-        str = "3RCH_A";
-        break;
-    case SSL3_ST_SR_CLNT_HELLO_B:
-        str = "3RCH_B";
-        break;
-    case SSL3_ST_SR_CLNT_HELLO_C:
-        str = "3RCH_C";
-        break;
-    case SSL3_ST_SW_SRVR_HELLO_A:
-        str = "3WSH_A";
-        break;
-    case SSL3_ST_SW_SRVR_HELLO_B:
-        str = "3WSH_B";
-        break;
-    case SSL3_ST_SW_CERT_A:
-        str = "3WSC_A";
-        break;
-    case SSL3_ST_SW_CERT_B:
-        str = "3WSC_B";
-        break;
-    case SSL3_ST_SW_KEY_EXCH_A:
-        str = "3WSKEA";
-        break;
-    case SSL3_ST_SW_KEY_EXCH_B:
-        str = "3WSKEB";
-        break;
-    case SSL3_ST_SW_CERT_REQ_A:
-        str = "3WCR_A";
-        break;
-    case SSL3_ST_SW_CERT_REQ_B:
-        str = "3WCR_B";
-        break;
-    case SSL3_ST_SW_SRVR_DONE_A:
-        str = "3WSD_A";
-        break;
-    case SSL3_ST_SW_SRVR_DONE_B:
-        str = "3WSD_B";
-        break;
-    case SSL3_ST_SR_CERT_A:
-        str = "3RCC_A";
-        break;
-    case SSL3_ST_SR_CERT_B:
-        str = "3RCC_B";
-        break;
-    case SSL3_ST_SR_KEY_EXCH_A:
-        str = "3RCKEA";
-        break;
-    case SSL3_ST_SR_KEY_EXCH_B:
-        str = "3RCKEB";
-        break;
-    case SSL3_ST_SR_CERT_VRFY_A:
-        str = "3RCV_A";
-        break;
-    case SSL3_ST_SR_CERT_VRFY_B:
-        str = "3RCV_B";
-        break;
-#endif
-
-/* SSLv2/v3 compatibility states */
-/* client */
-    case SSL23_ST_CW_CLNT_HELLO_A:
-        str = "23WCHA";
-        break;
-    case SSL23_ST_CW_CLNT_HELLO_B:
-        str = "23WCHB";
-        break;
-    case SSL23_ST_CR_SRVR_HELLO_A:
-        str = "23RSHA";
-        break;
-    case SSL23_ST_CR_SRVR_HELLO_B:
-        str = "23RSHA";
-        break;
-/* server */
-    case SSL23_ST_SR_CLNT_HELLO_A:
-        str = "23RCHA";
-        break;
-    case SSL23_ST_SR_CLNT_HELLO_B:
-        str = "23RCHB";
-        break;
-
-/* DTLS */
-    case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
-        str = "DRCHVA";
-        break;
-    case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
-        str = "DRCHVB";
-        break;
-    case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
-        str = "DWCHVA";
-        break;
-    case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
-        str = "DWCHVB";
-        break;
-
-    default:
-        str = "UNKWN ";
-        break;
-    }
-    return (str);
-}
-
-const char *SSL_alert_type_string_long(int value)
-{
-    value >>= 8;
-    if (value == SSL3_AL_WARNING)
-        return ("warning");
-    else if (value == SSL3_AL_FATAL)
-        return ("fatal");
-    else
-        return ("unknown");
-}
-
-const char *SSL_alert_type_string(int value)
-{
-    value >>= 8;
-    if (value == SSL3_AL_WARNING)
-        return ("W");
-    else if (value == SSL3_AL_FATAL)
-        return ("F");
-    else
-        return ("U");
-}
-
-const char *SSL_alert_desc_string(int value)
-{
-    const char *str;
-
-    switch (value & 0xff) {
-    case SSL3_AD_CLOSE_NOTIFY:
-        str = "CN";
-        break;
-    case SSL3_AD_UNEXPECTED_MESSAGE:
-        str = "UM";
-        break;
-    case SSL3_AD_BAD_RECORD_MAC:
-        str = "BM";
-        break;
-    case SSL3_AD_DECOMPRESSION_FAILURE:
-        str = "DF";
-        break;
-    case SSL3_AD_HANDSHAKE_FAILURE:
-        str = "HF";
-        break;
-    case SSL3_AD_NO_CERTIFICATE:
-        str = "NC";
-        break;
-    case SSL3_AD_BAD_CERTIFICATE:
-        str = "BC";
-        break;
-    case SSL3_AD_UNSUPPORTED_CERTIFICATE:
-        str = "UC";
-        break;
-    case SSL3_AD_CERTIFICATE_REVOKED:
-        str = "CR";
-        break;
-    case SSL3_AD_CERTIFICATE_EXPIRED:
-        str = "CE";
-        break;
-    case SSL3_AD_CERTIFICATE_UNKNOWN:
-        str = "CU";
-        break;
-    case SSL3_AD_ILLEGAL_PARAMETER:
-        str = "IP";
-        break;
-    case TLS1_AD_DECRYPTION_FAILED:
-        str = "DC";
-        break;
-    case TLS1_AD_RECORD_OVERFLOW:
-        str = "RO";
-        break;
-    case TLS1_AD_UNKNOWN_CA:
-        str = "CA";
-        break;
-    case TLS1_AD_ACCESS_DENIED:
-        str = "AD";
-        break;
-    case TLS1_AD_DECODE_ERROR:
-        str = "DE";
-        break;
-    case TLS1_AD_DECRYPT_ERROR:
-        str = "CY";
-        break;
-    case TLS1_AD_EXPORT_RESTRICTION:
-        str = "ER";
-        break;
-    case TLS1_AD_PROTOCOL_VERSION:
-        str = "PV";
-        break;
-    case TLS1_AD_INSUFFICIENT_SECURITY:
-        str = "IS";
-        break;
-    case TLS1_AD_INTERNAL_ERROR:
-        str = "IE";
-        break;
-    case TLS1_AD_USER_CANCELLED:
-        str = "US";
-        break;
-    case TLS1_AD_NO_RENEGOTIATION:
-        str = "NR";
-        break;
-    case TLS1_AD_UNSUPPORTED_EXTENSION:
-        str = "UE";
-        break;
-    case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
-        str = "CO";
-        break;
-    case TLS1_AD_UNRECOGNIZED_NAME:
-        str = "UN";
-        break;
-    case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
-        str = "BR";
-        break;
-    case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
-        str = "BH";
-        break;
-    case TLS1_AD_UNKNOWN_PSK_IDENTITY:
-        str = "UP";
-        break;
-    default:
-        str = "UK";
-        break;
-    }
-    return (str);
-}
-
-const char *SSL_alert_desc_string_long(int value)
-{
-    const char *str;
-
-    switch (value & 0xff) {
-    case SSL3_AD_CLOSE_NOTIFY:
-        str = "close notify";
-        break;
-    case SSL3_AD_UNEXPECTED_MESSAGE:
-        str = "unexpected_message";
-        break;
-    case SSL3_AD_BAD_RECORD_MAC:
-        str = "bad record mac";
-        break;
-    case SSL3_AD_DECOMPRESSION_FAILURE:
-        str = "decompression failure";
-        break;
-    case SSL3_AD_HANDSHAKE_FAILURE:
-        str = "handshake failure";
-        break;
-    case SSL3_AD_NO_CERTIFICATE:
-        str = "no certificate";
-        break;
-    case SSL3_AD_BAD_CERTIFICATE:
-        str = "bad certificate";
-        break;
-    case SSL3_AD_UNSUPPORTED_CERTIFICATE:
-        str = "unsupported certificate";
-        break;
-    case SSL3_AD_CERTIFICATE_REVOKED:
-        str = "certificate revoked";
-        break;
-    case SSL3_AD_CERTIFICATE_EXPIRED:
-        str = "certificate expired";
-        break;
-    case SSL3_AD_CERTIFICATE_UNKNOWN:
-        str = "certificate unknown";
-        break;
-    case SSL3_AD_ILLEGAL_PARAMETER:
-        str = "illegal parameter";
-        break;
-    case TLS1_AD_DECRYPTION_FAILED:
-        str = "decryption failed";
-        break;
-    case TLS1_AD_RECORD_OVERFLOW:
-        str = "record overflow";
-        break;
-    case TLS1_AD_UNKNOWN_CA:
-        str = "unknown CA";
-        break;
-    case TLS1_AD_ACCESS_DENIED:
-        str = "access denied";
-        break;
-    case TLS1_AD_DECODE_ERROR:
-        str = "decode error";
-        break;
-    case TLS1_AD_DECRYPT_ERROR:
-        str = "decrypt error";
-        break;
-    case TLS1_AD_EXPORT_RESTRICTION:
-        str = "export restriction";
-        break;
-    case TLS1_AD_PROTOCOL_VERSION:
-        str = "protocol version";
-        break;
-    case TLS1_AD_INSUFFICIENT_SECURITY:
-        str = "insufficient security";
-        break;
-    case TLS1_AD_INTERNAL_ERROR:
-        str = "internal error";
-        break;
-    case TLS1_AD_USER_CANCELLED:
-        str = "user canceled";
-        break;
-    case TLS1_AD_NO_RENEGOTIATION:
-        str = "no renegotiation";
-        break;
-    case TLS1_AD_UNSUPPORTED_EXTENSION:
-        str = "unsupported extension";
-        break;
-    case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
-        str = "certificate unobtainable";
-        break;
-    case TLS1_AD_UNRECOGNIZED_NAME:
-        str = "unrecognized name";
-        break;
-    case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
-        str = "bad certificate status response";
-        break;
-    case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
-        str = "bad certificate hash value";
-        break;
-    case TLS1_AD_UNKNOWN_PSK_IDENTITY:
-        str = "unknown PSK identity";
-        break;
-    default:
-        str = "unknown";
-        break;
-    }
-    return (str);
-}
-
-const char *SSL_rstate_string(const SSL *s)
-{
-    const char *str;
-
-    switch (s->rstate) {
-    case SSL_ST_READ_HEADER:
-        str = "RH";
-        break;
-    case SSL_ST_READ_BODY:
-        str = "RB";
-        break;
-    case SSL_ST_READ_DONE:
-        str = "RD";
-        break;
-    default:
-        str = "unknown";
-        break;
-    }
-    return (str);
-}
diff --git a/thirdparty/openssl/ssl/ssl_task.c b/thirdparty/openssl/ssl/ssl_task.c
deleted file mode 100644
index fb770753e2..0000000000
--- a/thirdparty/openssl/ssl/ssl_task.c
+++ /dev/null
@@ -1,397 +0,0 @@
-/* ssl/ssl_task.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* VMS */
-/*-
- * DECnet object for servicing SSL.  We accept the inbound and speak a
- * simple protocol for multiplexing the 2 data streams (application and
- * ssl data) over this logical link.
- *
- * Logical names:
- *    SSL_CIPHER        Defines a list of cipher specifications the server
- *                      will support in order of preference.
- *    SSL_SERVER_CERTIFICATE
- *                      Points to PEM (privacy enhanced mail) file that
- *                      contains the server certificate and private password.
- *    SYS$NET           Logical created by netserver.exe as hook for completing
- *                      DECnet logical link.
- *
- * Each NSP message sent over the DECnet link has the following structure:
- *    struct rpc_msg {
- *      char channel;
- *      char function;
- *      short length;
- *      char data[MAX_DATA];
- *    } msg;
- *
- * The channel field designates the virtual data stream this message applies
- * to and is one of:
- *   A - Application data (payload).
- *   R - Remote client connection that initiated the SSL connection.  Encrypted
- *       data is sent over this connection.
- *   G - General data, reserved for future use.
- *
- * The data streams are half-duplex read/write and have following functions:
- *   G - Get, requests that up to msg.length bytes of data be returned.  The
- *       data is returned in the next 'C' function response that matches the
- *       requesting channel.
- *   P - Put, requests that the first msg.length bytes of msg.data be appended
- *       to the designated stream.
- *   C - Confirms a get or put.  Every get and put will get a confirm response,
- *       you cannot initiate another function on a channel until the previous
- *       operation has been confirmed.
- *
- *  The 2 channels may interleave their operations, for example:
- *        Server msg           Client msg
- *         A, Get, 4092          ---->
- *                               <----  R, get, 4092
- *         R, Confirm, {hello}   ---->
- *                               <----  R, put, {srv hello}
- *         R, Confirm, 0         ---->
- *                               .              (SSL handshake completed)
- *                               .              (read first app data).
- *                               <----  A, confirm, {http data}
- *         A, Put, {http data}   ---->
- *                               <----  A, confirm, 0
- *
- *  The length field is not permitted to be larger that 4092 bytes.
- *
- * Author: Dave Jones
- * Date:   22-JUL-1996
- */
-#include <stdlib.h>
-#include <stdio.h>
-#include <iodef.h>              /* VMS IO$_ definitions */
-#include <descrip.h>            /* VMS string descriptors */
-extern int SYS$QIOW(), SYS$ASSIGN();
-int LIB$INIT_TIMER(), LIB$SHOW_TIMER();
-
-#include <string.h>             /* from ssltest.c */
-#include <errno.h>
-
-#include "e_os.h"
-
-#include <openssl/buffer.h>
-#include <openssl/x509.h>
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-
-int MS_CALLBACK verify_callback(int ok, X509 *xs, X509 *xi, int depth,
-                                int error);
-BIO *bio_err = NULL;
-BIO *bio_stdout = NULL;
-BIO_METHOD *BIO_s_rtcp();
-
-static char *cipher = NULL;
-int verbose = 1;
-#ifdef FIONBIO
-static int s_nbio = 0;
-#endif
-#define TEST_SERVER_CERT "SSL_SERVER_CERTIFICATE"
-/*************************************************************************/
-/* Should have member alignment inhibited */
-struct rpc_msg {
-    /* 'A'-app data. 'R'-remote client 'G'-global */
-    char channel;
-    /* 'G'-get, 'P'-put, 'C'-confirm, 'X'-close */
-    char function;
-    /* Amount of data returned or max to return */
-    unsigned short int length;
-    /* variable data */
-    char data[4092];
-};
-#define RPC_HDR_SIZE (sizeof(struct rpc_msg) - 4092)
-
-static $DESCRIPTOR(sysnet, "SYS$NET");
-typedef unsigned short io_channel;
-
-struct io_status {
-    unsigned short status;
-    unsigned short count;
-    unsigned long stsval;
-};
-int doit(io_channel chan, SSL_CTX *s_ctx);
-/*****************************************************************************/
-/*
- * Decnet I/O routines.
- */
-static int get(io_channel chan, char *buffer, int maxlen, int *length)
-{
-    int status;
-    struct io_status iosb;
-    status = SYS$QIOW(0, chan, IO$_READVBLK, &iosb, 0, 0,
-                      buffer, maxlen, 0, 0, 0, 0);
-    if ((status & 1) == 1)
-        status = iosb.status;
-    if ((status & 1) == 1)
-        *length = iosb.count;
-    return status;
-}
-
-static int put(io_channel chan, char *buffer, int length)
-{
-    int status;
-    struct io_status iosb;
-    status = SYS$QIOW(0, chan, IO$_WRITEVBLK, &iosb, 0, 0,
-                      buffer, length, 0, 0, 0, 0);
-    if ((status & 1) == 1)
-        status = iosb.status;
-    return status;
-}
-
-/***************************************************************************/
-/*
- * Handle operations on the 'G' channel.
- */
-static int general_request(io_channel chan, struct rpc_msg *msg, int length)
-{
-    return 48;
-}
-
-/***************************************************************************/
-int main(int argc, char **argv)
-{
-    int status, length;
-    io_channel chan;
-    struct rpc_msg msg;
-
-    char *CApath = NULL, *CAfile = NULL;
-    int badop = 0;
-    int ret = 1;
-    int client_auth = 0;
-    int server_auth = 0;
-    SSL_CTX *s_ctx = NULL;
-    /*
-     * Confirm logical link with initiating client.
-     */
-    LIB$INIT_TIMER();
-    status = SYS$ASSIGN(&sysnet, &chan, 0, 0, 0);
-    printf("status of assign to SYS$NET: %d\n", status);
-    /*
-     * Initialize standard out and error files.
-     */
-    if (bio_err == NULL)
-        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
-            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE);
-    if (bio_stdout == NULL)
-        if ((bio_stdout = BIO_new(BIO_s_file())) != NULL)
-            BIO_set_fp(bio_stdout, stdout, BIO_NOCLOSE);
-    /*
-     * get the preferred cipher list and other initialization
-     */
-    if (cipher == NULL)
-        cipher = getenv("SSL_CIPHER");
-    printf("cipher list: %s\n", cipher ? cipher : "{undefined}");
-
-    SSL_load_error_strings();
-    OpenSSL_add_all_algorithms();
-
-    /*
-     * DRM, this was the original, but there is no such thing as SSLv2()
-     * s_ctx=SSL_CTX_new(SSLv2());
-     */
-    s_ctx = SSL_CTX_new(SSLv2_server_method());
-
-    if (s_ctx == NULL)
-        goto end;
-
-    SSL_CTX_use_certificate_file(s_ctx, TEST_SERVER_CERT, SSL_FILETYPE_PEM);
-    SSL_CTX_use_RSAPrivateKey_file(s_ctx, TEST_SERVER_CERT, SSL_FILETYPE_PEM);
-    printf("Loaded server certificate: '%s'\n", TEST_SERVER_CERT);
-
-    /*
-     * Take commands from client until bad status.
-     */
-    LIB$SHOW_TIMER();
-    status = doit(chan, s_ctx);
-    LIB$SHOW_TIMER();
-    /*
-     * do final cleanup and exit.
-     */
- end:
-    if (s_ctx != NULL)
-        SSL_CTX_free(s_ctx);
-    LIB$SHOW_TIMER();
-    return 1;
-}
-
-int doit(io_channel chan, SSL_CTX *s_ctx)
-{
-    int status, length, link_state;
-    struct rpc_msg msg;
-
-    SSL *s_ssl = NULL;
-    BIO *c_to_s = NULL;
-    BIO *s_to_c = NULL;
-    BIO *c_bio = NULL;
-    BIO *s_bio = NULL;
-    int i;
-    int done = 0;
-
-    s_ssl = SSL_new(s_ctx);
-    if (s_ssl == NULL)
-        goto err;
-
-    c_to_s = BIO_new(BIO_s_rtcp());
-    s_to_c = BIO_new(BIO_s_rtcp());
-    if ((s_to_c == NULL) || (c_to_s == NULL))
-        goto err;
-/*- original, DRM 24-SEP-1997
-    BIO_set_fd ( c_to_s, "", chan );
-    BIO_set_fd ( s_to_c, "", chan );
-*/
-    BIO_set_fd(c_to_s, 0, chan);
-    BIO_set_fd(s_to_c, 0, chan);
-
-    c_bio = BIO_new(BIO_f_ssl());
-    s_bio = BIO_new(BIO_f_ssl());
-    if ((c_bio == NULL) || (s_bio == NULL))
-        goto err;
-
-    SSL_set_accept_state(s_ssl);
-    SSL_set_bio(s_ssl, c_to_s, s_to_c);
-    BIO_set_ssl(s_bio, s_ssl, BIO_CLOSE);
-
-    /* We can always do writes */
-    printf("Begin doit main loop\n");
-    /*
-     * Link states: 0-idle, 1-read pending, 2-write pending, 3-closed.
-     */
-    for (link_state = 0; link_state < 3;) {
-        /*
-         * Wait for remote end to request data action on A channel.
-         */
-        while (link_state == 0) {
-            status = get(chan, (char *)&msg, sizeof(msg), &length);
-            if ((status & 1) == 0) {
-                printf("Error in main loop get: %d\n", status);
-                link_state = 3;
-                break;
-            }
-            if (length < RPC_HDR_SIZE) {
-                printf("Error in main loop get size: %d\n", length);
-                break;
-                link_state = 3;
-            }
-            if (msg.channel != 'A') {
-                printf("Error in main loop, unexpected channel: %c\n",
-                       msg.channel);
-                break;
-                link_state = 3;
-            }
-            if (msg.function == 'G') {
-                link_state = 1;
-            } else if (msg.function == 'P') {
-                link_state = 2; /* write pending */
-            } else if (msg.function == 'X') {
-                link_state = 3;
-            } else {
-                link_state = 3;
-            }
-        }
-        if (link_state == 1) {
-            i = BIO_read(s_bio, msg.data, msg.length);
-            if (i < 0)
-                link_state = 3;
-            else {
-                msg.channel = 'A';
-                msg.function = 'C'; /* confirm */
-                msg.length = i;
-                status = put(chan, (char *)&msg, i + RPC_HDR_SIZE);
-                if ((status & 1) == 0)
-                    break;
-                link_state = 0;
-            }
-        } else if (link_state == 2) {
-            i = BIO_write(s_bio, msg.data, msg.length);
-            if (i < 0)
-                link_state = 3;
-            else {
-                msg.channel = 'A';
-                msg.function = 'C'; /* confirm */
-                msg.length = 0;
-                status = put(chan, (char *)&msg, RPC_HDR_SIZE);
-                if ((status & 1) == 0)
-                    break;
-                link_state = 0;
-            }
-        }
-    }
-    fprintf(stdout, "DONE\n");
- err:
-    /*
-     * We have to set the BIO's to NULL otherwise they will be free()ed
-     * twice.  Once when th s_ssl is SSL_free()ed and again when c_ssl is
-     * SSL_free()ed. This is a hack required because s_ssl and c_ssl are
-     * sharing the same BIO structure and SSL_set_bio() and SSL_free()
-     * automatically BIO_free non NULL entries. You should not normally do
-     * this or be required to do this
-     */
-    s_ssl->rbio = NULL;
-    s_ssl->wbio = NULL;
-
-    if (c_to_s != NULL)
-        BIO_free(c_to_s);
-    if (s_to_c != NULL)
-        BIO_free(s_to_c);
-    if (c_bio != NULL)
-        BIO_free(c_bio);
-    if (s_bio != NULL)
-        BIO_free(s_bio);
-    return (0);
-}
diff --git a/thirdparty/openssl/ssl/ssl_txt.c b/thirdparty/openssl/ssl/ssl_txt.c
deleted file mode 100644
index 45308d8b65..0000000000
--- a/thirdparty/openssl/ssl/ssl_txt.c
+++ /dev/null
@@ -1,262 +0,0 @@
-/* ssl/ssl_txt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include <stdio.h>
-#include <openssl/buffer.h>
-#include "ssl_locl.h"
-
-#ifndef OPENSSL_NO_FP_API
-int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x)
-{
-    BIO *b;
-    int ret;
-
-    if ((b = BIO_new(BIO_s_file_internal())) == NULL) {
-        SSLerr(SSL_F_SSL_SESSION_PRINT_FP, ERR_R_BUF_LIB);
-        return (0);
-    }
-    BIO_set_fp(b, fp, BIO_NOCLOSE);
-    ret = SSL_SESSION_print(b, x);
-    BIO_free(b);
-    return (ret);
-}
-#endif
-
-int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
-{
-    unsigned int i;
-    const char *s;
-
-    if (x == NULL)
-        goto err;
-    if (BIO_puts(bp, "SSL-Session:\n") <= 0)
-        goto err;
-    if (x->ssl_version == SSL2_VERSION)
-        s = "SSLv2";
-    else if (x->ssl_version == SSL3_VERSION)
-        s = "SSLv3";
-    else if (x->ssl_version == TLS1_2_VERSION)
-        s = "TLSv1.2";
-    else if (x->ssl_version == TLS1_1_VERSION)
-        s = "TLSv1.1";
-    else if (x->ssl_version == TLS1_VERSION)
-        s = "TLSv1";
-    else if (x->ssl_version == DTLS1_VERSION)
-        s = "DTLSv1";
-    else if (x->ssl_version == DTLS1_2_VERSION)
-        s = "DTLSv1.2";
-    else if (x->ssl_version == DTLS1_BAD_VER)
-        s = "DTLSv1-bad";
-    else
-        s = "unknown";
-    if (BIO_printf(bp, "    Protocol  : %s\n", s) <= 0)
-        goto err;
-
-    if (x->cipher == NULL) {
-        if (((x->cipher_id) & 0xff000000) == 0x02000000) {
-            if (BIO_printf
-                (bp, "    Cipher    : %06lX\n", x->cipher_id & 0xffffff) <= 0)
-                goto err;
-        } else {
-            if (BIO_printf
-                (bp, "    Cipher    : %04lX\n", x->cipher_id & 0xffff) <= 0)
-                goto err;
-        }
-    } else {
-        if (BIO_printf
-            (bp, "    Cipher    : %s\n",
-             ((x->cipher == NULL) ? "unknown" : x->cipher->name)) <= 0)
-            goto err;
-    }
-    if (BIO_puts(bp, "    Session-ID: ") <= 0)
-        goto err;
-    for (i = 0; i < x->session_id_length; i++) {
-        if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
-            goto err;
-    }
-    if (BIO_puts(bp, "\n    Session-ID-ctx: ") <= 0)
-        goto err;
-    for (i = 0; i < x->sid_ctx_length; i++) {
-        if (BIO_printf(bp, "%02X", x->sid_ctx[i]) <= 0)
-            goto err;
-    }
-    if (BIO_puts(bp, "\n    Master-Key: ") <= 0)
-        goto err;
-    for (i = 0; i < (unsigned int)x->master_key_length; i++) {
-        if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
-            goto err;
-    }
-    if (BIO_puts(bp, "\n    Key-Arg   : ") <= 0)
-        goto err;
-    if (x->key_arg_length == 0) {
-        if (BIO_puts(bp, "None") <= 0)
-            goto err;
-    } else
-        for (i = 0; i < x->key_arg_length; i++) {
-            if (BIO_printf(bp, "%02X", x->key_arg[i]) <= 0)
-                goto err;
-        }
-#ifndef OPENSSL_NO_KRB5
-    if (BIO_puts(bp, "\n    Krb5 Principal: ") <= 0)
-        goto err;
-    if (x->krb5_client_princ_len == 0) {
-        if (BIO_puts(bp, "None") <= 0)
-            goto err;
-    } else
-        for (i = 0; i < x->krb5_client_princ_len; i++) {
-            if (BIO_printf(bp, "%02X", x->krb5_client_princ[i]) <= 0)
-                goto err;
-        }
-#endif                          /* OPENSSL_NO_KRB5 */
-#ifndef OPENSSL_NO_PSK
-    if (BIO_puts(bp, "\n    PSK identity: ") <= 0)
-        goto err;
-    if (BIO_printf(bp, "%s", x->psk_identity ? x->psk_identity : "None") <= 0)
-        goto err;
-    if (BIO_puts(bp, "\n    PSK identity hint: ") <= 0)
-        goto err;
-    if (BIO_printf
-        (bp, "%s", x->psk_identity_hint ? x->psk_identity_hint : "None") <= 0)
-        goto err;
-#endif
-#ifndef OPENSSL_NO_SRP
-    if (BIO_puts(bp, "\n    SRP username: ") <= 0)
-        goto err;
-    if (BIO_printf(bp, "%s", x->srp_username ? x->srp_username : "None") <= 0)
-        goto err;
-#endif
-#ifndef OPENSSL_NO_TLSEXT
-    if (x->tlsext_tick_lifetime_hint) {
-        if (BIO_printf(bp,
-                       "\n    TLS session ticket lifetime hint: %ld (seconds)",
-                       x->tlsext_tick_lifetime_hint) <= 0)
-            goto err;
-    }
-    if (x->tlsext_tick) {
-        if (BIO_puts(bp, "\n    TLS session ticket:\n") <= 0)
-            goto err;
-        if (BIO_dump_indent(bp, (char *)x->tlsext_tick, x->tlsext_ticklen, 4)
-            <= 0)
-            goto err;
-    }
-#endif
-
-#ifndef OPENSSL_NO_COMP
-    if (x->compress_meth != 0) {
-        SSL_COMP *comp = NULL;
-
-        ssl_cipher_get_evp(x, NULL, NULL, NULL, NULL, &comp);
-        if (comp == NULL) {
-            if (BIO_printf(bp, "\n    Compression: %d", x->compress_meth) <=
-                0)
-                goto err;
-        } else {
-            if (BIO_printf
-                (bp, "\n    Compression: %d (%s)", comp->id,
-                 comp->method->name) <= 0)
-                goto err;
-        }
-    }
-#endif
-    if (x->time != 0L) {
-        if (BIO_printf(bp, "\n    Start Time: %ld", x->time) <= 0)
-            goto err;
-    }
-    if (x->timeout != 0L) {
-        if (BIO_printf(bp, "\n    Timeout   : %ld (sec)", x->timeout) <= 0)
-            goto err;
-    }
-    if (BIO_puts(bp, "\n") <= 0)
-        goto err;
-
-    if (BIO_puts(bp, "    Verify return code: ") <= 0)
-        goto err;
-    if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
-                   X509_verify_cert_error_string(x->verify_result)) <= 0)
-        goto err;
-
-    return (1);
- err:
-    return (0);
-}
diff --git a/thirdparty/openssl/ssl/ssl_utst.c b/thirdparty/openssl/ssl/ssl_utst.c
deleted file mode 100644
index 53bdde330d..0000000000
--- a/thirdparty/openssl/ssl/ssl_utst.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/* ssl_utst.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2014 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include "ssl_locl.h"
-
-#ifndef OPENSSL_NO_UNIT_TEST
-
-static const struct openssl_ssl_test_functions ssl_test_functions = {
-    ssl_init_wbio_buffer,
-    ssl3_setup_buffers,
-    tls1_process_heartbeat,
-    dtls1_process_heartbeat
-};
-
-const struct openssl_ssl_test_functions *SSL_test_functions(void)
-{
-    return &ssl_test_functions;
-}
-
-#endif
diff --git a/thirdparty/openssl/ssl/t1_clnt.c b/thirdparty/openssl/ssl/t1_clnt.c
deleted file mode 100644
index 746b4e6b7a..0000000000
--- a/thirdparty/openssl/ssl/t1_clnt.c
+++ /dev/null
@@ -1,90 +0,0 @@
-/* ssl/t1_clnt.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-
-static const SSL_METHOD *tls1_get_client_method(int ver);
-static const SSL_METHOD *tls1_get_client_method(int ver)
-{
-    if (ver == TLS1_2_VERSION)
-        return TLSv1_2_client_method();
-    if (ver == TLS1_1_VERSION)
-        return TLSv1_1_client_method();
-    if (ver == TLS1_VERSION)
-        return TLSv1_client_method();
-    return NULL;
-}
-
-IMPLEMENT_tls_meth_func(TLS1_2_VERSION, TLSv1_2_client_method,
-                        ssl_undefined_function,
-                        ssl3_connect,
-                        tls1_get_client_method, TLSv1_2_enc_data)
-
-    IMPLEMENT_tls_meth_func(TLS1_1_VERSION, TLSv1_1_client_method,
-                        ssl_undefined_function,
-                        ssl3_connect,
-                        tls1_get_client_method, TLSv1_1_enc_data)
-
-    IMPLEMENT_tls_meth_func(TLS1_VERSION, TLSv1_client_method,
-                        ssl_undefined_function,
-                        ssl3_connect, tls1_get_client_method, TLSv1_enc_data)
diff --git a/thirdparty/openssl/ssl/t1_enc.c b/thirdparty/openssl/ssl/t1_enc.c
deleted file mode 100644
index b6d1ee95a5..0000000000
--- a/thirdparty/openssl/ssl/t1_enc.c
+++ /dev/null
@@ -1,1376 +0,0 @@
-/* ssl/t1_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_COMP
-# include <openssl/comp.h>
-#endif
-#include <openssl/evp.h>
-#include <openssl/hmac.h>
-#include <openssl/md5.h>
-#include <openssl/rand.h>
-#ifdef KSSL_DEBUG
-# include <openssl/des.h>
-#endif
-
-/* seed1 through seed5 are virtually concatenated */
-static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
-                       int sec_len,
-                       const void *seed1, int seed1_len,
-                       const void *seed2, int seed2_len,
-                       const void *seed3, int seed3_len,
-                       const void *seed4, int seed4_len,
-                       const void *seed5, int seed5_len,
-                       unsigned char *out, int olen)
-{
-    int chunk;
-    size_t j;
-    EVP_MD_CTX ctx, ctx_tmp, ctx_init;
-    EVP_PKEY *mac_key;
-    unsigned char A1[EVP_MAX_MD_SIZE];
-    size_t A1_len;
-    int ret = 0;
-
-    chunk = EVP_MD_size(md);
-    OPENSSL_assert(chunk >= 0);
-
-    EVP_MD_CTX_init(&ctx);
-    EVP_MD_CTX_init(&ctx_tmp);
-    EVP_MD_CTX_init(&ctx_init);
-    EVP_MD_CTX_set_flags(&ctx_init, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
-    mac_key = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, sec, sec_len);
-    if (!mac_key)
-        goto err;
-    if (!EVP_DigestSignInit(&ctx_init, NULL, md, NULL, mac_key))
-        goto err;
-    if (!EVP_MD_CTX_copy_ex(&ctx, &ctx_init))
-        goto err;
-    if (seed1 && !EVP_DigestSignUpdate(&ctx, seed1, seed1_len))
-        goto err;
-    if (seed2 && !EVP_DigestSignUpdate(&ctx, seed2, seed2_len))
-        goto err;
-    if (seed3 && !EVP_DigestSignUpdate(&ctx, seed3, seed3_len))
-        goto err;
-    if (seed4 && !EVP_DigestSignUpdate(&ctx, seed4, seed4_len))
-        goto err;
-    if (seed5 && !EVP_DigestSignUpdate(&ctx, seed5, seed5_len))
-        goto err;
-    if (!EVP_DigestSignFinal(&ctx, A1, &A1_len))
-        goto err;
-
-    for (;;) {
-        /* Reinit mac contexts */
-        if (!EVP_MD_CTX_copy_ex(&ctx, &ctx_init))
-            goto err;
-        if (!EVP_DigestSignUpdate(&ctx, A1, A1_len))
-            goto err;
-        if (olen > chunk && !EVP_MD_CTX_copy_ex(&ctx_tmp, &ctx))
-            goto err;
-        if (seed1 && !EVP_DigestSignUpdate(&ctx, seed1, seed1_len))
-            goto err;
-        if (seed2 && !EVP_DigestSignUpdate(&ctx, seed2, seed2_len))
-            goto err;
-        if (seed3 && !EVP_DigestSignUpdate(&ctx, seed3, seed3_len))
-            goto err;
-        if (seed4 && !EVP_DigestSignUpdate(&ctx, seed4, seed4_len))
-            goto err;
-        if (seed5 && !EVP_DigestSignUpdate(&ctx, seed5, seed5_len))
-            goto err;
-
-        if (olen > chunk) {
-            if (!EVP_DigestSignFinal(&ctx, out, &j))
-                goto err;
-            out += j;
-            olen -= j;
-            /* calc the next A1 value */
-            if (!EVP_DigestSignFinal(&ctx_tmp, A1, &A1_len))
-                goto err;
-        } else {                /* last one */
-
-            if (!EVP_DigestSignFinal(&ctx, A1, &A1_len))
-                goto err;
-            memcpy(out, A1, olen);
-            break;
-        }
-    }
-    ret = 1;
- err:
-    EVP_PKEY_free(mac_key);
-    EVP_MD_CTX_cleanup(&ctx);
-    EVP_MD_CTX_cleanup(&ctx_tmp);
-    EVP_MD_CTX_cleanup(&ctx_init);
-    OPENSSL_cleanse(A1, sizeof(A1));
-    return ret;
-}
-
-/* seed1 through seed5 are virtually concatenated */
-static int tls1_PRF(long digest_mask,
-                    const void *seed1, int seed1_len,
-                    const void *seed2, int seed2_len,
-                    const void *seed3, int seed3_len,
-                    const void *seed4, int seed4_len,
-                    const void *seed5, int seed5_len,
-                    const unsigned char *sec, int slen,
-                    unsigned char *out1, unsigned char *out2, int olen)
-{
-    int len, i, idx, count;
-    const unsigned char *S1;
-    long m;
-    const EVP_MD *md;
-    int ret = 0;
-
-    /* Count number of digests and partition sec evenly */
-    count = 0;
-    for (idx = 0; ssl_get_handshake_digest(idx, &m, &md); idx++) {
-        if ((m << TLS1_PRF_DGST_SHIFT) & digest_mask)
-            count++;
-    }
-    if (!count) {
-        /* Should never happen */
-        SSLerr(SSL_F_TLS1_PRF, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-    len = slen / count;
-    if (count == 1)
-        slen = 0;
-    S1 = sec;
-    memset(out1, 0, olen);
-    for (idx = 0; ssl_get_handshake_digest(idx, &m, &md); idx++) {
-        if ((m << TLS1_PRF_DGST_SHIFT) & digest_mask) {
-            if (!md) {
-                SSLerr(SSL_F_TLS1_PRF, SSL_R_UNSUPPORTED_DIGEST_TYPE);
-                goto err;
-            }
-            if (!tls1_P_hash(md, S1, len + (slen & 1),
-                             seed1, seed1_len, seed2, seed2_len, seed3,
-                             seed3_len, seed4, seed4_len, seed5, seed5_len,
-                             out2, olen))
-                goto err;
-            S1 += len;
-            for (i = 0; i < olen; i++) {
-                out1[i] ^= out2[i];
-            }
-        }
-    }
-    ret = 1;
- err:
-    return ret;
-}
-
-static int tls1_generate_key_block(SSL *s, unsigned char *km,
-                                   unsigned char *tmp, int num)
-{
-    int ret;
-    ret = tls1_PRF(ssl_get_algorithm2(s),
-                   TLS_MD_KEY_EXPANSION_CONST,
-                   TLS_MD_KEY_EXPANSION_CONST_SIZE, s->s3->server_random,
-                   SSL3_RANDOM_SIZE, s->s3->client_random, SSL3_RANDOM_SIZE,
-                   NULL, 0, NULL, 0, s->session->master_key,
-                   s->session->master_key_length, km, tmp, num);
-#ifdef KSSL_DEBUG
-    fprintf(stderr, "tls1_generate_key_block() ==> %d byte master_key =\n\t",
-            s->session->master_key_length);
-    {
-        int i;
-        for (i = 0; i < s->session->master_key_length; i++) {
-            fprintf(stderr, "%02X", s->session->master_key[i]);
-        }
-        fprintf(stderr, "\n");
-    }
-#endif                          /* KSSL_DEBUG */
-    return ret;
-}
-
-int tls1_change_cipher_state(SSL *s, int which)
-{
-    static const unsigned char empty[] = "";
-    unsigned char *p, *mac_secret;
-    unsigned char *exp_label;
-    unsigned char tmp1[EVP_MAX_KEY_LENGTH];
-    unsigned char tmp2[EVP_MAX_KEY_LENGTH];
-    unsigned char iv1[EVP_MAX_IV_LENGTH * 2];
-    unsigned char iv2[EVP_MAX_IV_LENGTH * 2];
-    unsigned char *ms, *key, *iv;
-    int client_write;
-    EVP_CIPHER_CTX *dd;
-    const EVP_CIPHER *c;
-#ifndef OPENSSL_NO_COMP
-    const SSL_COMP *comp;
-#endif
-    const EVP_MD *m;
-    int mac_type;
-    int *mac_secret_size;
-    EVP_MD_CTX *mac_ctx;
-    EVP_PKEY *mac_key;
-    int is_export, n, i, j, k, exp_label_len, cl;
-    int reuse_dd = 0;
-
-    is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
-    c = s->s3->tmp.new_sym_enc;
-    m = s->s3->tmp.new_hash;
-    mac_type = s->s3->tmp.new_mac_pkey_type;
-#ifndef OPENSSL_NO_COMP
-    comp = s->s3->tmp.new_compression;
-#endif
-
-#ifdef KSSL_DEBUG
-    fprintf(stderr, "tls1_change_cipher_state(which= %d) w/\n", which);
-    fprintf(stderr, "\talg= %ld/%ld, comp= %p\n",
-            s->s3->tmp.new_cipher->algorithm_mkey,
-            s->s3->tmp.new_cipher->algorithm_auth, comp);
-    fprintf(stderr, "\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c);
-    fprintf(stderr, "\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n",
-            c->nid, c->block_size, c->key_len, c->iv_len);
-    fprintf(stderr, "\tkey_block: len= %d, data= ",
-            s->s3->tmp.key_block_length);
-    {
-        int i;
-        for (i = 0; i < s->s3->tmp.key_block_length; i++)
-            fprintf(stderr, "%02x", s->s3->tmp.key_block[i]);
-        fprintf(stderr, "\n");
-    }
-#endif                          /* KSSL_DEBUG */
-
-    if (which & SSL3_CC_READ) {
-        if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
-            s->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM;
-        else
-            s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM;
-
-        if (s->enc_read_ctx != NULL)
-            reuse_dd = 1;
-        else if ((s->enc_read_ctx =
-                  OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
-            goto err;
-        else
-            /*
-             * make sure it's intialized in case we exit later with an error
-             */
-            EVP_CIPHER_CTX_init(s->enc_read_ctx);
-        dd = s->enc_read_ctx;
-        mac_ctx = ssl_replace_hash(&s->read_hash, NULL);
-        if (mac_ctx == NULL)
-            goto err;
-#ifndef OPENSSL_NO_COMP
-        if (s->expand != NULL) {
-            COMP_CTX_free(s->expand);
-            s->expand = NULL;
-        }
-        if (comp != NULL) {
-            s->expand = COMP_CTX_new(comp->method);
-            if (s->expand == NULL) {
-                SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,
-                       SSL_R_COMPRESSION_LIBRARY_ERROR);
-                goto err2;
-            }
-            if (s->s3->rrec.comp == NULL)
-                s->s3->rrec.comp = (unsigned char *)
-                    OPENSSL_malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH);
-            if (s->s3->rrec.comp == NULL)
-                goto err;
-        }
-#endif
-        /*
-         * this is done by dtls1_reset_seq_numbers for DTLS
-         */
-        if (!SSL_IS_DTLS(s))
-            memset(&(s->s3->read_sequence[0]), 0, 8);
-        mac_secret = &(s->s3->read_mac_secret[0]);
-        mac_secret_size = &(s->s3->read_mac_secret_size);
-    } else {
-        if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
-            s->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM;
-        else
-            s->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM;
-        if (s->enc_write_ctx != NULL && !SSL_IS_DTLS(s))
-            reuse_dd = 1;
-        else if ((s->enc_write_ctx = EVP_CIPHER_CTX_new()) == NULL)
-            goto err;
-        dd = s->enc_write_ctx;
-        if (SSL_IS_DTLS(s)) {
-            mac_ctx = EVP_MD_CTX_create();
-            if (mac_ctx == NULL)
-                goto err;
-            s->write_hash = mac_ctx;
-        } else {
-            mac_ctx = ssl_replace_hash(&s->write_hash, NULL);
-            if (mac_ctx == NULL)
-                goto err;
-        }
-#ifndef OPENSSL_NO_COMP
-        if (s->compress != NULL) {
-            COMP_CTX_free(s->compress);
-            s->compress = NULL;
-        }
-        if (comp != NULL) {
-            s->compress = COMP_CTX_new(comp->method);
-            if (s->compress == NULL) {
-                SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,
-                       SSL_R_COMPRESSION_LIBRARY_ERROR);
-                goto err2;
-            }
-        }
-#endif
-        /*
-         * this is done by dtls1_reset_seq_numbers for DTLS
-         */
-        if (!SSL_IS_DTLS(s))
-            memset(&(s->s3->write_sequence[0]), 0, 8);
-        mac_secret = &(s->s3->write_mac_secret[0]);
-        mac_secret_size = &(s->s3->write_mac_secret_size);
-    }
-
-    if (reuse_dd)
-        EVP_CIPHER_CTX_cleanup(dd);
-
-    p = s->s3->tmp.key_block;
-    i = *mac_secret_size = s->s3->tmp.new_mac_secret_size;
-
-    cl = EVP_CIPHER_key_length(c);
-    j = is_export ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ?
-                     cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
-    /* Was j=(exp)?5:EVP_CIPHER_key_length(c); */
-    /* If GCM mode only part of IV comes from PRF */
-    if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE)
-        k = EVP_GCM_TLS_FIXED_IV_LEN;
-    else
-        k = EVP_CIPHER_iv_length(c);
-    if ((which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
-        (which == SSL3_CHANGE_CIPHER_SERVER_READ)) {
-        ms = &(p[0]);
-        n = i + i;
-        key = &(p[n]);
-        n += j + j;
-        iv = &(p[n]);
-        n += k + k;
-        exp_label = (unsigned char *)TLS_MD_CLIENT_WRITE_KEY_CONST;
-        exp_label_len = TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE;
-        client_write = 1;
-    } else {
-        n = i;
-        ms = &(p[n]);
-        n += i + j;
-        key = &(p[n]);
-        n += j + k;
-        iv = &(p[n]);
-        n += k;
-        exp_label = (unsigned char *)TLS_MD_SERVER_WRITE_KEY_CONST;
-        exp_label_len = TLS_MD_SERVER_WRITE_KEY_CONST_SIZE;
-        client_write = 0;
-    }
-
-    if (n > s->s3->tmp.key_block_length) {
-        SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
-        goto err2;
-    }
-
-    memcpy(mac_secret, ms, i);
-
-    if (!(EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER)) {
-        mac_key = EVP_PKEY_new_mac_key(mac_type, NULL,
-                                       mac_secret, *mac_secret_size);
-        if (mac_key == NULL
-                || EVP_DigestSignInit(mac_ctx, NULL, m, NULL, mac_key) <= 0) {
-            EVP_PKEY_free(mac_key);
-            SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
-            goto err2;
-        }
-        EVP_PKEY_free(mac_key);
-    }
-#ifdef TLS_DEBUG
-    printf("which = %04X\nmac key=", which);
-    {
-        int z;
-        for (z = 0; z < i; z++)
-            printf("%02X%c", ms[z], ((z + 1) % 16) ? ' ' : '\n');
-    }
-#endif
-    if (is_export) {
-        /*
-         * In here I set both the read and write key/iv to the same value
-         * since only the correct one will be used :-).
-         */
-        if (!tls1_PRF(ssl_get_algorithm2(s),
-                      exp_label, exp_label_len,
-                      s->s3->client_random, SSL3_RANDOM_SIZE,
-                      s->s3->server_random, SSL3_RANDOM_SIZE,
-                      NULL, 0, NULL, 0,
-                      key, j, tmp1, tmp2, EVP_CIPHER_key_length(c)))
-            goto err2;
-        key = tmp1;
-
-        if (k > 0) {
-            if (!tls1_PRF(ssl_get_algorithm2(s),
-                          TLS_MD_IV_BLOCK_CONST, TLS_MD_IV_BLOCK_CONST_SIZE,
-                          s->s3->client_random, SSL3_RANDOM_SIZE,
-                          s->s3->server_random, SSL3_RANDOM_SIZE,
-                          NULL, 0, NULL, 0, empty, 0, iv1, iv2, k * 2))
-                goto err2;
-            if (client_write)
-                iv = iv1;
-            else
-                iv = &(iv1[k]);
-        }
-    }
-
-    s->session->key_arg_length = 0;
-#ifdef KSSL_DEBUG
-    {
-        int i;
-        fprintf(stderr, "EVP_CipherInit_ex(dd,c,key=,iv=,which)\n");
-        fprintf(stderr, "\tkey= ");
-        for (i = 0; i < c->key_len; i++)
-            fprintf(stderr, "%02x", key[i]);
-        fprintf(stderr, "\n");
-        fprintf(stderr, "\t iv= ");
-        for (i = 0; i < c->iv_len; i++)
-            fprintf(stderr, "%02x", iv[i]);
-        fprintf(stderr, "\n");
-    }
-#endif                          /* KSSL_DEBUG */
-
-    if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) {
-        if (!EVP_CipherInit_ex(dd, c, NULL, key, NULL, (which & SSL3_CC_WRITE))
-            || !EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_GCM_SET_IV_FIXED, k, iv)) {
-            SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
-            goto err2;
-        }
-    } else {
-        if (!EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE))) {
-            SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
-            goto err2;
-        }
-    }
-    /* Needed for "composite" AEADs, such as RC4-HMAC-MD5 */
-    if ((EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER) && *mac_secret_size
-        && !EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_AEAD_SET_MAC_KEY,
-                                *mac_secret_size, mac_secret)) {
-        SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
-        goto err2;
-    }
-#ifdef OPENSSL_SSL_TRACE_CRYPTO
-    if (s->msg_callback) {
-        int wh = which & SSL3_CC_WRITE ? TLS1_RT_CRYPTO_WRITE : 0;
-        if (*mac_secret_size)
-            s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_MAC,
-                            mac_secret, *mac_secret_size,
-                            s, s->msg_callback_arg);
-        if (c->key_len)
-            s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_KEY,
-                            key, c->key_len, s, s->msg_callback_arg);
-        if (k) {
-            if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE)
-                wh |= TLS1_RT_CRYPTO_FIXED_IV;
-            else
-                wh |= TLS1_RT_CRYPTO_IV;
-            s->msg_callback(2, s->version, wh, iv, k, s, s->msg_callback_arg);
-        }
-    }
-#endif
-
-#ifdef TLS_DEBUG
-    printf("which = %04X\nkey=", which);
-    {
-        int z;
-        for (z = 0; z < EVP_CIPHER_key_length(c); z++)
-            printf("%02X%c", key[z], ((z + 1) % 16) ? ' ' : '\n');
-    }
-    printf("\niv=");
-    {
-        int z;
-        for (z = 0; z < k; z++)
-            printf("%02X%c", iv[z], ((z + 1) % 16) ? ' ' : '\n');
-    }
-    printf("\n");
-#endif
-
-    OPENSSL_cleanse(tmp1, sizeof(tmp1));
-    OPENSSL_cleanse(tmp2, sizeof(tmp1));
-    OPENSSL_cleanse(iv1, sizeof(iv1));
-    OPENSSL_cleanse(iv2, sizeof(iv2));
-    return (1);
- err:
-    SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_MALLOC_FAILURE);
- err2:
-    return (0);
-}
-
-int tls1_setup_key_block(SSL *s)
-{
-    unsigned char *p1, *p2 = NULL;
-    const EVP_CIPHER *c;
-    const EVP_MD *hash;
-    int num;
-    SSL_COMP *comp;
-    int mac_type = NID_undef, mac_secret_size = 0;
-    int ret = 0;
-
-#ifdef KSSL_DEBUG
-    fprintf(stderr, "tls1_setup_key_block()\n");
-#endif                          /* KSSL_DEBUG */
-
-    if (s->s3->tmp.key_block_length != 0)
-        return (1);
-
-    if (!ssl_cipher_get_evp
-        (s->session, &c, &hash, &mac_type, &mac_secret_size, &comp)) {
-        SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
-        return (0);
-    }
-
-    s->s3->tmp.new_sym_enc = c;
-    s->s3->tmp.new_hash = hash;
-    s->s3->tmp.new_mac_pkey_type = mac_type;
-    s->s3->tmp.new_mac_secret_size = mac_secret_size;
-    num =
-        EVP_CIPHER_key_length(c) + mac_secret_size + EVP_CIPHER_iv_length(c);
-    num *= 2;
-
-    ssl3_cleanup_key_block(s);
-
-    if ((p1 = (unsigned char *)OPENSSL_malloc(num)) == NULL) {
-        SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-
-    s->s3->tmp.key_block_length = num;
-    s->s3->tmp.key_block = p1;
-
-    if ((p2 = (unsigned char *)OPENSSL_malloc(num)) == NULL) {
-        SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE);
-        goto err;
-    }
-#ifdef TLS_DEBUG
-    printf("client random\n");
-    {
-        int z;
-        for (z = 0; z < SSL3_RANDOM_SIZE; z++)
-            printf("%02X%c", s->s3->client_random[z],
-                   ((z + 1) % 16) ? ' ' : '\n');
-    }
-    printf("server random\n");
-    {
-        int z;
-        for (z = 0; z < SSL3_RANDOM_SIZE; z++)
-            printf("%02X%c", s->s3->server_random[z],
-                   ((z + 1) % 16) ? ' ' : '\n');
-    }
-    printf("pre-master\n");
-    {
-        int z;
-        for (z = 0; z < s->session->master_key_length; z++)
-            printf("%02X%c", s->session->master_key[z],
-                   ((z + 1) % 16) ? ' ' : '\n');
-    }
-#endif
-    if (!tls1_generate_key_block(s, p1, p2, num))
-        goto err;
-#ifdef TLS_DEBUG
-    printf("\nkey block\n");
-    {
-        int z;
-        for (z = 0; z < num; z++)
-            printf("%02X%c", p1[z], ((z + 1) % 16) ? ' ' : '\n');
-    }
-#endif
-
-    if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)
-        && s->method->version <= TLS1_VERSION) {
-        /*
-         * enable vulnerability countermeasure for CBC ciphers with known-IV
-         * problem (http://www.openssl.org/~bodo/tls-cbc.txt)
-         */
-        s->s3->need_empty_fragments = 1;
-
-        if (s->session->cipher != NULL) {
-            if (s->session->cipher->algorithm_enc == SSL_eNULL)
-                s->s3->need_empty_fragments = 0;
-
-#ifndef OPENSSL_NO_RC4
-            if (s->session->cipher->algorithm_enc == SSL_RC4)
-                s->s3->need_empty_fragments = 0;
-#endif
-        }
-    }
-
-    ret = 1;
- err:
-    if (p2) {
-        OPENSSL_cleanse(p2, num);
-        OPENSSL_free(p2);
-    }
-    return (ret);
-}
-
-/*-
- * tls1_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively.
- *
- * Returns:
- *   0: (in non-constant time) if the record is publically invalid (i.e. too
- *       short etc).
- *   1: if the record's padding is valid / the encryption was successful.
- *   -1: if the record's padding/AEAD-authenticator is invalid or, if sending,
- *       an internal error occured.
- */
-int tls1_enc(SSL *s, int send)
-{
-    SSL3_RECORD *rec;
-    EVP_CIPHER_CTX *ds;
-    unsigned long l;
-    int bs, i, j, k, pad = 0, ret, mac_size = 0;
-    const EVP_CIPHER *enc;
-
-    if (send) {
-        if (EVP_MD_CTX_md(s->write_hash)) {
-            int n = EVP_MD_CTX_size(s->write_hash);
-            OPENSSL_assert(n >= 0);
-        }
-        ds = s->enc_write_ctx;
-        rec = &(s->s3->wrec);
-        if (s->enc_write_ctx == NULL)
-            enc = NULL;
-        else {
-            int ivlen;
-            enc = EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
-            /* For TLSv1.1 and later explicit IV */
-            if (SSL_USE_EXPLICIT_IV(s)
-                && EVP_CIPHER_mode(enc) == EVP_CIPH_CBC_MODE)
-                ivlen = EVP_CIPHER_iv_length(enc);
-            else
-                ivlen = 0;
-            if (ivlen > 1) {
-                if (rec->data != rec->input)
-                    /*
-                     * we can't write into the input stream: Can this ever
-                     * happen?? (steve)
-                     */
-                    fprintf(stderr,
-                            "%s:%d: rec->data != rec->input\n",
-                            __FILE__, __LINE__);
-                else if (RAND_bytes(rec->input, ivlen) <= 0)
-                    return -1;
-            }
-        }
-    } else {
-        if (EVP_MD_CTX_md(s->read_hash)) {
-            int n = EVP_MD_CTX_size(s->read_hash);
-            OPENSSL_assert(n >= 0);
-        }
-        ds = s->enc_read_ctx;
-        rec = &(s->s3->rrec);
-        if (s->enc_read_ctx == NULL)
-            enc = NULL;
-        else
-            enc = EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
-    }
-
-#ifdef KSSL_DEBUG
-    fprintf(stderr, "tls1_enc(%d)\n", send);
-#endif                          /* KSSL_DEBUG */
-
-    if ((s->session == NULL) || (ds == NULL) || (enc == NULL)) {
-        memmove(rec->data, rec->input, rec->length);
-        rec->input = rec->data;
-        ret = 1;
-    } else {
-        l = rec->length;
-        bs = EVP_CIPHER_block_size(ds->cipher);
-
-        if (EVP_CIPHER_flags(ds->cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
-            unsigned char buf[EVP_AEAD_TLS1_AAD_LEN], *seq;
-
-            seq = send ? s->s3->write_sequence : s->s3->read_sequence;
-
-            if (SSL_IS_DTLS(s)) {
-                unsigned char dtlsseq[9], *p = dtlsseq;
-
-                s2n(send ? s->d1->w_epoch : s->d1->r_epoch, p);
-                memcpy(p, &seq[2], 6);
-                memcpy(buf, dtlsseq, 8);
-            } else {
-                memcpy(buf, seq, 8);
-                for (i = 7; i >= 0; i--) { /* increment */
-                    ++seq[i];
-                    if (seq[i] != 0)
-                        break;
-                }
-            }
-
-            buf[8] = rec->type;
-            buf[9] = (unsigned char)(s->version >> 8);
-            buf[10] = (unsigned char)(s->version);
-            buf[11] = rec->length >> 8;
-            buf[12] = rec->length & 0xff;
-            pad = EVP_CIPHER_CTX_ctrl(ds, EVP_CTRL_AEAD_TLS1_AAD,
-                                      EVP_AEAD_TLS1_AAD_LEN, buf);
-            if (pad <= 0)
-                return -1;
-            if (send) {
-                l += pad;
-                rec->length += pad;
-            }
-        } else if ((bs != 1) && send) {
-            i = bs - ((int)l % bs);
-
-            /* Add weird padding of upto 256 bytes */
-
-            /* we need to add 'i' padding bytes of value j */
-            j = i - 1;
-            if (s->options & SSL_OP_TLS_BLOCK_PADDING_BUG) {
-                if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
-                    j++;
-            }
-            for (k = (int)l; k < (int)(l + i); k++)
-                rec->input[k] = j;
-            l += i;
-            rec->length += i;
-        }
-#ifdef KSSL_DEBUG
-        {
-            unsigned long ui;
-            fprintf(stderr,
-                    "EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n",
-                    ds, rec->data, rec->input, l);
-            fprintf(stderr,
-                    "\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%lu %lu], %d iv_len\n",
-                    ds->buf_len, ds->cipher->key_len, DES_KEY_SZ,
-                    DES_SCHEDULE_SZ, ds->cipher->iv_len);
-            fprintf(stderr, "\t\tIV: ");
-            for (i = 0; i < ds->cipher->iv_len; i++)
-                fprintf(stderr, "%02X", ds->iv[i]);
-            fprintf(stderr, "\n");
-            fprintf(stderr, "\trec->input=");
-            for (ui = 0; ui < l; ui++)
-                fprintf(stderr, " %02x", rec->input[ui]);
-            fprintf(stderr, "\n");
-        }
-#endif                          /* KSSL_DEBUG */
-
-        if (!send) {
-            if (l == 0 || l % bs != 0)
-                return 0;
-        }
-
-        i = EVP_Cipher(ds, rec->data, rec->input, l);
-        if ((EVP_CIPHER_flags(ds->cipher) & EVP_CIPH_FLAG_CUSTOM_CIPHER)
-            ? (i < 0)
-            : (i == 0))
-            return -1;          /* AEAD can fail to verify MAC */
-        if (EVP_CIPHER_mode(enc) == EVP_CIPH_GCM_MODE && !send) {
-            rec->data += EVP_GCM_TLS_EXPLICIT_IV_LEN;
-            rec->input += EVP_GCM_TLS_EXPLICIT_IV_LEN;
-            rec->length -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
-        }
-#ifdef KSSL_DEBUG
-        {
-            unsigned long i;
-            fprintf(stderr, "\trec->data=");
-            for (i = 0; i < l; i++)
-                fprintf(stderr, " %02x", rec->data[i]);
-            fprintf(stderr, "\n");
-        }
-#endif                          /* KSSL_DEBUG */
-
-        ret = 1;
-        if (EVP_MD_CTX_md(s->read_hash) != NULL)
-            mac_size = EVP_MD_CTX_size(s->read_hash);
-        if ((bs != 1) && !send)
-            ret = tls1_cbc_remove_padding(s, rec, bs, mac_size);
-        if (pad && !send)
-            rec->length -= pad;
-    }
-    return ret;
-}
-
-int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *out)
-{
-    unsigned int ret;
-    EVP_MD_CTX ctx, *d = NULL;
-    int i;
-
-    if (s->s3->handshake_buffer)
-        if (!ssl3_digest_cached_records(s))
-            return 0;
-
-    for (i = 0; i < SSL_MAX_DIGEST; i++) {
-        if (s->s3->handshake_dgst[i]
-            && EVP_MD_CTX_type(s->s3->handshake_dgst[i]) == md_nid) {
-            d = s->s3->handshake_dgst[i];
-            break;
-        }
-    }
-    if (!d) {
-        SSLerr(SSL_F_TLS1_CERT_VERIFY_MAC, SSL_R_NO_REQUIRED_DIGEST);
-        return 0;
-    }
-
-    EVP_MD_CTX_init(&ctx);
-    if (EVP_MD_CTX_copy_ex(&ctx, d) <=0
-            || EVP_DigestFinal_ex(&ctx, out, &ret) <= 0)
-        ret = 0;
-    EVP_MD_CTX_cleanup(&ctx);
-    return ((int)ret);
-}
-
-int tls1_final_finish_mac(SSL *s,
-                          const char *str, int slen, unsigned char *out)
-{
-    unsigned int i;
-    EVP_MD_CTX ctx;
-    unsigned char buf[2 * EVP_MAX_MD_SIZE];
-    unsigned char *q, buf2[12];
-    int idx;
-    long mask;
-    int err = 0;
-    const EVP_MD *md;
-
-    q = buf;
-
-    if (s->s3->handshake_buffer)
-        if (!ssl3_digest_cached_records(s))
-            return 0;
-
-    EVP_MD_CTX_init(&ctx);
-
-    for (idx = 0; ssl_get_handshake_digest(idx, &mask, &md); idx++) {
-        if (mask & ssl_get_algorithm2(s)) {
-            int hashsize = EVP_MD_size(md);
-            EVP_MD_CTX *hdgst = s->s3->handshake_dgst[idx];
-            if (!hdgst || hashsize < 0
-                || hashsize > (int)(sizeof buf - (size_t)(q - buf))) {
-                /*
-                 * internal error: 'buf' is too small for this cipersuite!
-                 */
-                err = 1;
-            } else {
-                if (!EVP_MD_CTX_copy_ex(&ctx, hdgst) ||
-                    !EVP_DigestFinal_ex(&ctx, q, &i) ||
-                    (i != (unsigned int)hashsize))
-                    err = 1;
-                q += hashsize;
-            }
-        }
-    }
-
-    if (!tls1_PRF(ssl_get_algorithm2(s),
-                  str, slen, buf, (int)(q - buf), NULL, 0, NULL, 0, NULL, 0,
-                  s->session->master_key, s->session->master_key_length,
-                  out, buf2, sizeof buf2))
-        err = 1;
-    EVP_MD_CTX_cleanup(&ctx);
-
-    OPENSSL_cleanse(buf, (int)(q - buf));
-    OPENSSL_cleanse(buf2, sizeof(buf2));
-    if (err)
-        return 0;
-    else
-        return sizeof buf2;
-}
-
-int tls1_mac(SSL *ssl, unsigned char *md, int send)
-{
-    SSL3_RECORD *rec;
-    unsigned char *seq;
-    EVP_MD_CTX *hash;
-    size_t md_size, orig_len;
-    int i;
-    EVP_MD_CTX hmac, *mac_ctx;
-    unsigned char header[13];
-    int stream_mac = (send ? (ssl->mac_flags & SSL_MAC_FLAG_WRITE_MAC_STREAM)
-                      : (ssl->mac_flags & SSL_MAC_FLAG_READ_MAC_STREAM));
-    int t;
-
-    if (send) {
-        rec = &(ssl->s3->wrec);
-        seq = &(ssl->s3->write_sequence[0]);
-        hash = ssl->write_hash;
-    } else {
-        rec = &(ssl->s3->rrec);
-        seq = &(ssl->s3->read_sequence[0]);
-        hash = ssl->read_hash;
-    }
-
-    t = EVP_MD_CTX_size(hash);
-    OPENSSL_assert(t >= 0);
-    md_size = t;
-
-    /* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */
-    if (stream_mac) {
-        mac_ctx = hash;
-    } else {
-        if (!EVP_MD_CTX_copy(&hmac, hash))
-            return -1;
-        mac_ctx = &hmac;
-    }
-
-    if (SSL_IS_DTLS(ssl)) {
-        unsigned char dtlsseq[8], *p = dtlsseq;
-
-        s2n(send ? ssl->d1->w_epoch : ssl->d1->r_epoch, p);
-        memcpy(p, &seq[2], 6);
-
-        memcpy(header, dtlsseq, 8);
-    } else
-        memcpy(header, seq, 8);
-
-    /*
-     * kludge: tls1_cbc_remove_padding passes padding length in rec->type
-     */
-    orig_len = rec->length + md_size + ((unsigned int)rec->type >> 8);
-    rec->type &= 0xff;
-
-    header[8] = rec->type;
-    header[9] = (unsigned char)(ssl->version >> 8);
-    header[10] = (unsigned char)(ssl->version);
-    header[11] = (rec->length) >> 8;
-    header[12] = (rec->length) & 0xff;
-
-    if (!send &&
-        EVP_CIPHER_CTX_mode(ssl->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
-        ssl3_cbc_record_digest_supported(mac_ctx)) {
-        /*
-         * This is a CBC-encrypted record. We must avoid leaking any
-         * timing-side channel information about how many blocks of data we
-         * are hashing because that gives an attacker a timing-oracle.
-         */
-        /* Final param == not SSLv3 */
-        if (ssl3_cbc_digest_record(mac_ctx,
-                                   md, &md_size,
-                                   header, rec->input,
-                                   rec->length + md_size, orig_len,
-                                   ssl->s3->read_mac_secret,
-                                   ssl->s3->read_mac_secret_size, 0) <= 0) {
-            if (!stream_mac)
-                EVP_MD_CTX_cleanup(&hmac);
-            return -1;
-        }
-    } else {
-        if (EVP_DigestSignUpdate(mac_ctx, header, sizeof(header)) <= 0
-                || EVP_DigestSignUpdate(mac_ctx, rec->input, rec->length) <= 0
-                || EVP_DigestSignFinal(mac_ctx, md, &md_size) <= 0) {
-            if (!stream_mac)
-                EVP_MD_CTX_cleanup(&hmac);
-            return -1;
-        }
-#ifdef OPENSSL_FIPS
-        if (!send && FIPS_mode())
-            tls_fips_digest_extra(ssl->enc_read_ctx,
-                                  mac_ctx, rec->input, rec->length, orig_len);
-#endif
-    }
-
-    if (!stream_mac)
-        EVP_MD_CTX_cleanup(&hmac);
-#ifdef TLS_DEBUG
-    fprintf(stderr, "seq=");
-    {
-        int z;
-        for (z = 0; z < 8; z++)
-            fprintf(stderr, "%02X ", seq[z]);
-        fprintf(stderr, "\n");
-    }
-    fprintf(stderr, "rec=");
-    {
-        unsigned int z;
-        for (z = 0; z < rec->length; z++)
-            fprintf(stderr, "%02X ", rec->data[z]);
-        fprintf(stderr, "\n");
-    }
-#endif
-
-    if (!SSL_IS_DTLS(ssl)) {
-        for (i = 7; i >= 0; i--) {
-            ++seq[i];
-            if (seq[i] != 0)
-                break;
-        }
-    }
-#ifdef TLS_DEBUG
-    {
-        unsigned int z;
-        for (z = 0; z < md_size; z++)
-            fprintf(stderr, "%02X ", md[z]);
-        fprintf(stderr, "\n");
-    }
-#endif
-    return (md_size);
-}
-
-int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
-                                int len)
-{
-    unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH];
-    const void *co = NULL, *so = NULL;
-    int col = 0, sol = 0;
-
-#ifdef KSSL_DEBUG
-    fprintf(stderr, "tls1_generate_master_secret(%p,%p, %p, %d)\n", s, out, p,
-            len);
-#endif                          /* KSSL_DEBUG */
-
-#ifdef TLSEXT_TYPE_opaque_prf_input
-    if (s->s3->client_opaque_prf_input != NULL
-        && s->s3->server_opaque_prf_input != NULL
-        && s->s3->client_opaque_prf_input_len > 0
-        && s->s3->client_opaque_prf_input_len ==
-        s->s3->server_opaque_prf_input_len) {
-        co = s->s3->client_opaque_prf_input;
-        col = s->s3->server_opaque_prf_input_len;
-        so = s->s3->server_opaque_prf_input;
-        /*
-         * must be same as col (see
-         * draft-rescorla-tls-opaque-prf-input-00.txt, section 3.1)
-         */
-        sol = s->s3->client_opaque_prf_input_len;
-    }
-#endif
-
-    tls1_PRF(ssl_get_algorithm2(s),
-             TLS_MD_MASTER_SECRET_CONST, TLS_MD_MASTER_SECRET_CONST_SIZE,
-             s->s3->client_random, SSL3_RANDOM_SIZE,
-             co, col,
-             s->s3->server_random, SSL3_RANDOM_SIZE,
-             so, sol, p, len, s->session->master_key, buff, sizeof buff);
-    OPENSSL_cleanse(buff, sizeof buff);
-#ifdef SSL_DEBUG
-    fprintf(stderr, "Premaster Secret:\n");
-    BIO_dump_fp(stderr, (char *)p, len);
-    fprintf(stderr, "Client Random:\n");
-    BIO_dump_fp(stderr, (char *)s->s3->client_random, SSL3_RANDOM_SIZE);
-    fprintf(stderr, "Server Random:\n");
-    BIO_dump_fp(stderr, (char *)s->s3->server_random, SSL3_RANDOM_SIZE);
-    fprintf(stderr, "Master Secret:\n");
-    BIO_dump_fp(stderr, (char *)s->session->master_key,
-                SSL3_MASTER_SECRET_SIZE);
-#endif
-
-#ifdef OPENSSL_SSL_TRACE_CRYPTO
-    if (s->msg_callback) {
-        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_PREMASTER,
-                        p, len, s, s->msg_callback_arg);
-        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_CLIENT_RANDOM,
-                        s->s3->client_random, SSL3_RANDOM_SIZE,
-                        s, s->msg_callback_arg);
-        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_SERVER_RANDOM,
-                        s->s3->server_random, SSL3_RANDOM_SIZE,
-                        s, s->msg_callback_arg);
-        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_MASTER,
-                        s->session->master_key,
-                        SSL3_MASTER_SECRET_SIZE, s, s->msg_callback_arg);
-    }
-#endif
-
-#ifdef KSSL_DEBUG
-    fprintf(stderr, "tls1_generate_master_secret() complete\n");
-#endif                          /* KSSL_DEBUG */
-    return (SSL3_MASTER_SECRET_SIZE);
-}
-
-int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
-                                const char *label, size_t llen,
-                                const unsigned char *context,
-                                size_t contextlen, int use_context)
-{
-    unsigned char *buff;
-    unsigned char *val = NULL;
-    size_t vallen, currentvalpos;
-    int rv;
-
-#ifdef KSSL_DEBUG
-    fprintf(stderr, "tls1_export_keying_material(%p,%p,%lu,%s,%lu,%p,%lu)\n",
-            s, out, olen, label, llen, context, contextlen);
-#endif                          /* KSSL_DEBUG */
-
-    buff = OPENSSL_malloc(olen);
-    if (buff == NULL)
-        goto err2;
-
-    /*
-     * construct PRF arguments we construct the PRF argument ourself rather
-     * than passing separate values into the TLS PRF to ensure that the
-     * concatenation of values does not create a prohibited label.
-     */
-    vallen = llen + SSL3_RANDOM_SIZE * 2;
-    if (use_context) {
-        vallen += 2 + contextlen;
-    }
-
-    val = OPENSSL_malloc(vallen);
-    if (val == NULL)
-        goto err2;
-    currentvalpos = 0;
-    memcpy(val + currentvalpos, (unsigned char *)label, llen);
-    currentvalpos += llen;
-    memcpy(val + currentvalpos, s->s3->client_random, SSL3_RANDOM_SIZE);
-    currentvalpos += SSL3_RANDOM_SIZE;
-    memcpy(val + currentvalpos, s->s3->server_random, SSL3_RANDOM_SIZE);
-    currentvalpos += SSL3_RANDOM_SIZE;
-
-    if (use_context) {
-        val[currentvalpos] = (contextlen >> 8) & 0xff;
-        currentvalpos++;
-        val[currentvalpos] = contextlen & 0xff;
-        currentvalpos++;
-        if ((contextlen > 0) || (context != NULL)) {
-            memcpy(val + currentvalpos, context, contextlen);
-        }
-    }
-
-    /*
-     * disallow prohibited labels note that SSL3_RANDOM_SIZE > max(prohibited
-     * label len) = 15, so size of val > max(prohibited label len) = 15 and
-     * the comparisons won't have buffer overflow
-     */
-    if (memcmp(val, TLS_MD_CLIENT_FINISH_CONST,
-               TLS_MD_CLIENT_FINISH_CONST_SIZE) == 0)
-        goto err1;
-    if (memcmp(val, TLS_MD_SERVER_FINISH_CONST,
-               TLS_MD_SERVER_FINISH_CONST_SIZE) == 0)
-        goto err1;
-    if (memcmp(val, TLS_MD_MASTER_SECRET_CONST,
-               TLS_MD_MASTER_SECRET_CONST_SIZE) == 0)
-        goto err1;
-    if (memcmp(val, TLS_MD_KEY_EXPANSION_CONST,
-               TLS_MD_KEY_EXPANSION_CONST_SIZE) == 0)
-        goto err1;
-
-    rv = tls1_PRF(ssl_get_algorithm2(s),
-                  val, vallen,
-                  NULL, 0,
-                  NULL, 0,
-                  NULL, 0,
-                  NULL, 0,
-                  s->session->master_key, s->session->master_key_length,
-                  out, buff, olen);
-    OPENSSL_cleanse(val, vallen);
-    OPENSSL_cleanse(buff, olen);
-
-#ifdef KSSL_DEBUG
-    fprintf(stderr, "tls1_export_keying_material() complete\n");
-#endif                          /* KSSL_DEBUG */
-    goto ret;
- err1:
-    SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL,
-           SSL_R_TLS_ILLEGAL_EXPORTER_LABEL);
-    rv = 0;
-    goto ret;
- err2:
-    SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL, ERR_R_MALLOC_FAILURE);
-    rv = 0;
- ret:
-    if (buff != NULL)
-        OPENSSL_free(buff);
-    if (val != NULL)
-        OPENSSL_free(val);
-    return (rv);
-}
-
-int tls1_alert_code(int code)
-{
-    switch (code) {
-    case SSL_AD_CLOSE_NOTIFY:
-        return (SSL3_AD_CLOSE_NOTIFY);
-    case SSL_AD_UNEXPECTED_MESSAGE:
-        return (SSL3_AD_UNEXPECTED_MESSAGE);
-    case SSL_AD_BAD_RECORD_MAC:
-        return (SSL3_AD_BAD_RECORD_MAC);
-    case SSL_AD_DECRYPTION_FAILED:
-        return (TLS1_AD_DECRYPTION_FAILED);
-    case SSL_AD_RECORD_OVERFLOW:
-        return (TLS1_AD_RECORD_OVERFLOW);
-    case SSL_AD_DECOMPRESSION_FAILURE:
-        return (SSL3_AD_DECOMPRESSION_FAILURE);
-    case SSL_AD_HANDSHAKE_FAILURE:
-        return (SSL3_AD_HANDSHAKE_FAILURE);
-    case SSL_AD_NO_CERTIFICATE:
-        return (-1);
-    case SSL_AD_BAD_CERTIFICATE:
-        return (SSL3_AD_BAD_CERTIFICATE);
-    case SSL_AD_UNSUPPORTED_CERTIFICATE:
-        return (SSL3_AD_UNSUPPORTED_CERTIFICATE);
-    case SSL_AD_CERTIFICATE_REVOKED:
-        return (SSL3_AD_CERTIFICATE_REVOKED);
-    case SSL_AD_CERTIFICATE_EXPIRED:
-        return (SSL3_AD_CERTIFICATE_EXPIRED);
-    case SSL_AD_CERTIFICATE_UNKNOWN:
-        return (SSL3_AD_CERTIFICATE_UNKNOWN);
-    case SSL_AD_ILLEGAL_PARAMETER:
-        return (SSL3_AD_ILLEGAL_PARAMETER);
-    case SSL_AD_UNKNOWN_CA:
-        return (TLS1_AD_UNKNOWN_CA);
-    case SSL_AD_ACCESS_DENIED:
-        return (TLS1_AD_ACCESS_DENIED);
-    case SSL_AD_DECODE_ERROR:
-        return (TLS1_AD_DECODE_ERROR);
-    case SSL_AD_DECRYPT_ERROR:
-        return (TLS1_AD_DECRYPT_ERROR);
-    case SSL_AD_EXPORT_RESTRICTION:
-        return (TLS1_AD_EXPORT_RESTRICTION);
-    case SSL_AD_PROTOCOL_VERSION:
-        return (TLS1_AD_PROTOCOL_VERSION);
-    case SSL_AD_INSUFFICIENT_SECURITY:
-        return (TLS1_AD_INSUFFICIENT_SECURITY);
-    case SSL_AD_INTERNAL_ERROR:
-        return (TLS1_AD_INTERNAL_ERROR);
-    case SSL_AD_USER_CANCELLED:
-        return (TLS1_AD_USER_CANCELLED);
-    case SSL_AD_NO_RENEGOTIATION:
-        return (TLS1_AD_NO_RENEGOTIATION);
-    case SSL_AD_UNSUPPORTED_EXTENSION:
-        return (TLS1_AD_UNSUPPORTED_EXTENSION);
-    case SSL_AD_CERTIFICATE_UNOBTAINABLE:
-        return (TLS1_AD_CERTIFICATE_UNOBTAINABLE);
-    case SSL_AD_UNRECOGNIZED_NAME:
-        return (TLS1_AD_UNRECOGNIZED_NAME);
-    case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
-        return (TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE);
-    case SSL_AD_BAD_CERTIFICATE_HASH_VALUE:
-        return (TLS1_AD_BAD_CERTIFICATE_HASH_VALUE);
-    case SSL_AD_UNKNOWN_PSK_IDENTITY:
-        return (TLS1_AD_UNKNOWN_PSK_IDENTITY);
-    case SSL_AD_INAPPROPRIATE_FALLBACK:
-        return (TLS1_AD_INAPPROPRIATE_FALLBACK);
-#if 0
-        /* not appropriate for TLS, not used for DTLS */
-    case DTLS1_AD_MISSING_HANDSHAKE_MESSAGE:
-        return (DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
-#endif
-    default:
-        return (-1);
-    }
-}
diff --git a/thirdparty/openssl/ssl/t1_ext.c b/thirdparty/openssl/ssl/t1_ext.c
deleted file mode 100644
index 0f4aba0226..0000000000
--- a/thirdparty/openssl/ssl/t1_ext.c
+++ /dev/null
@@ -1,317 +0,0 @@
-/* ssl/t1_ext.c */
-/* ====================================================================
- * Copyright (c) 2014 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* Custom extension utility functions */
-
-#include "ssl_locl.h"
-
-#ifndef OPENSSL_NO_TLSEXT
-
-/* Find a custom extension from the list. */
-static custom_ext_method *custom_ext_find(custom_ext_methods *exts,
-                                          unsigned int ext_type)
-{
-    size_t i;
-    custom_ext_method *meth = exts->meths;
-    for (i = 0; i < exts->meths_count; i++, meth++) {
-        if (ext_type == meth->ext_type)
-            return meth;
-    }
-    return NULL;
-}
-
-/*
- * Initialise custom extensions flags to indicate neither sent nor received.
- */
-void custom_ext_init(custom_ext_methods *exts)
-{
-    size_t i;
-    custom_ext_method *meth = exts->meths;
-    for (i = 0; i < exts->meths_count; i++, meth++)
-        meth->ext_flags = 0;
-}
-
-/* Pass received custom extension data to the application for parsing. */
-int custom_ext_parse(SSL *s, int server,
-                     unsigned int ext_type,
-                     const unsigned char *ext_data, size_t ext_size, int *al)
-{
-    custom_ext_methods *exts = server ? &s->cert->srv_ext : &s->cert->cli_ext;
-    custom_ext_method *meth;
-    meth = custom_ext_find(exts, ext_type);
-    /* If not found return success */
-    if (!meth)
-        return 1;
-    if (!server) {
-        /*
-         * If it's ServerHello we can't have any extensions not sent in
-         * ClientHello.
-         */
-        if (!(meth->ext_flags & SSL_EXT_FLAG_SENT)) {
-            *al = TLS1_AD_UNSUPPORTED_EXTENSION;
-            return 0;
-        }
-    }
-    /* If already present it's a duplicate */
-    if (meth->ext_flags & SSL_EXT_FLAG_RECEIVED) {
-        *al = TLS1_AD_DECODE_ERROR;
-        return 0;
-    }
-    meth->ext_flags |= SSL_EXT_FLAG_RECEIVED;
-    /* If no parse function set return success */
-    if (!meth->parse_cb)
-        return 1;
-
-    return meth->parse_cb(s, ext_type, ext_data, ext_size, al,
-                          meth->parse_arg);
-}
-
-/*
- * Request custom extension data from the application and add to the return
- * buffer.
- */
-int custom_ext_add(SSL *s, int server,
-                   unsigned char **pret, unsigned char *limit, int *al)
-{
-    custom_ext_methods *exts = server ? &s->cert->srv_ext : &s->cert->cli_ext;
-    custom_ext_method *meth;
-    unsigned char *ret = *pret;
-    size_t i;
-
-    for (i = 0; i < exts->meths_count; i++) {
-        const unsigned char *out = NULL;
-        size_t outlen = 0;
-        meth = exts->meths + i;
-
-        if (server) {
-            /*
-             * For ServerHello only send extensions present in ClientHello.
-             */
-            if (!(meth->ext_flags & SSL_EXT_FLAG_RECEIVED))
-                continue;
-            /* If callback absent for server skip it */
-            if (!meth->add_cb)
-                continue;
-        }
-        if (meth->add_cb) {
-            int cb_retval = 0;
-            cb_retval = meth->add_cb(s, meth->ext_type,
-                                     &out, &outlen, al, meth->add_arg);
-            if (cb_retval < 0)
-                return 0;       /* error */
-            if (cb_retval == 0)
-                continue;       /* skip this extension */
-        }
-        if (4 > limit - ret || outlen > (size_t)(limit - ret - 4))
-            return 0;
-        s2n(meth->ext_type, ret);
-        s2n(outlen, ret);
-        if (outlen) {
-            memcpy(ret, out, outlen);
-            ret += outlen;
-        }
-        /*
-         * We can't send duplicates: code logic should prevent this.
-         */
-        OPENSSL_assert(!(meth->ext_flags & SSL_EXT_FLAG_SENT));
-        /*
-         * Indicate extension has been sent: this is both a sanity check to
-         * ensure we don't send duplicate extensions and indicates that it is
-         * not an error if the extension is present in ServerHello.
-         */
-        meth->ext_flags |= SSL_EXT_FLAG_SENT;
-        if (meth->free_cb)
-            meth->free_cb(s, meth->ext_type, out, meth->add_arg);
-    }
-    *pret = ret;
-    return 1;
-}
-
-/* Copy the flags from src to dst for any extensions that exist in both */
-int custom_exts_copy_flags(custom_ext_methods *dst,
-                           const custom_ext_methods *src)
-{
-    size_t i;
-    custom_ext_method *methsrc = src->meths;
-
-    for (i = 0; i < src->meths_count; i++, methsrc++) {
-        custom_ext_method *methdst = custom_ext_find(dst, methsrc->ext_type);
-
-        if (methdst == NULL)
-            continue;
-
-        methdst->ext_flags = methsrc->ext_flags;
-    }
-
-    return 1;
-}
-
-/* Copy table of custom extensions */
-int custom_exts_copy(custom_ext_methods *dst, const custom_ext_methods *src)
-{
-    if (src->meths_count) {
-        dst->meths =
-            BUF_memdup(src->meths,
-                       sizeof(custom_ext_method) * src->meths_count);
-        if (dst->meths == NULL)
-            return 0;
-        dst->meths_count = src->meths_count;
-    }
-    return 1;
-}
-
-void custom_exts_free(custom_ext_methods *exts)
-{
-    if (exts->meths)
-        OPENSSL_free(exts->meths);
-}
-
-/* Set callbacks for a custom extension. */
-static int custom_ext_meth_add(custom_ext_methods *exts,
-                               unsigned int ext_type,
-                               custom_ext_add_cb add_cb,
-                               custom_ext_free_cb free_cb,
-                               void *add_arg,
-                               custom_ext_parse_cb parse_cb, void *parse_arg)
-{
-    custom_ext_method *meth;
-    /*
-     * Check application error: if add_cb is not set free_cb will never be
-     * called.
-     */
-    if (!add_cb && free_cb)
-        return 0;
-    /* Don't add if extension supported internally. */
-    if (SSL_extension_supported(ext_type))
-        return 0;
-    /* Extension type must fit in 16 bits */
-    if (ext_type > 0xffff)
-        return 0;
-    /* Search for duplicate */
-    if (custom_ext_find(exts, ext_type))
-        return 0;
-    meth = OPENSSL_realloc(exts->meths,
-                           (exts->meths_count + 1)
-                           * sizeof(custom_ext_method));
-    if (meth == NULL)
-        return 0;
-
-    exts->meths = meth;
-    meth += exts->meths_count;
-    memset(meth, 0, sizeof(custom_ext_method));
-    meth->parse_cb = parse_cb;
-    meth->add_cb = add_cb;
-    meth->free_cb = free_cb;
-    meth->ext_type = ext_type;
-    meth->add_arg = add_arg;
-    meth->parse_arg = parse_arg;
-    exts->meths_count++;
-    return 1;
-}
-
-/* Application level functions to add custom extension callbacks */
-int SSL_CTX_add_client_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
-                                  custom_ext_add_cb add_cb,
-                                  custom_ext_free_cb free_cb,
-                                  void *add_arg,
-                                  custom_ext_parse_cb parse_cb,
-                                  void *parse_arg)
-{
-    return custom_ext_meth_add(&ctx->cert->cli_ext, ext_type,
-                               add_cb, free_cb, add_arg, parse_cb, parse_arg);
-}
-
-int SSL_CTX_add_server_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
-                                  custom_ext_add_cb add_cb,
-                                  custom_ext_free_cb free_cb,
-                                  void *add_arg,
-                                  custom_ext_parse_cb parse_cb,
-                                  void *parse_arg)
-{
-    return custom_ext_meth_add(&ctx->cert->srv_ext, ext_type,
-                               add_cb, free_cb, add_arg, parse_cb, parse_arg);
-}
-
-int SSL_extension_supported(unsigned int ext_type)
-{
-    switch (ext_type) {
-        /* Internally supported extensions. */
-    case TLSEXT_TYPE_application_layer_protocol_negotiation:
-    case TLSEXT_TYPE_ec_point_formats:
-    case TLSEXT_TYPE_elliptic_curves:
-    case TLSEXT_TYPE_heartbeat:
-# ifndef OPENSSL_NO_NEXTPROTONEG
-    case TLSEXT_TYPE_next_proto_neg:
-# endif
-    case TLSEXT_TYPE_padding:
-    case TLSEXT_TYPE_renegotiate:
-    case TLSEXT_TYPE_server_name:
-    case TLSEXT_TYPE_session_ticket:
-    case TLSEXT_TYPE_signature_algorithms:
-    case TLSEXT_TYPE_srp:
-    case TLSEXT_TYPE_status_request:
-    case TLSEXT_TYPE_use_srtp:
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    case TLSEXT_TYPE_opaque_prf_input:
-# endif
-# ifdef TLSEXT_TYPE_encrypt_then_mac
-    case TLSEXT_TYPE_encrypt_then_mac:
-# endif
-        return 1;
-    default:
-        return 0;
-    }
-}
-#endif
diff --git a/thirdparty/openssl/ssl/t1_lib.c b/thirdparty/openssl/ssl/t1_lib.c
deleted file mode 100644
index 6587e8bb68..0000000000
--- a/thirdparty/openssl/ssl/t1_lib.c
+++ /dev/null
@@ -1,4559 +0,0 @@
-/* ssl/t1_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/hmac.h>
-#ifndef OPENSSL_NO_EC
-#ifdef OPENSSL_NO_EC2M
-# include <openssl/ec.h>
-#endif
-#endif
-#include <openssl/ocsp.h>
-#include <openssl/rand.h>
-#include "ssl_locl.h"
-
-const char tls1_version_str[] = "TLSv1" OPENSSL_VERSION_PTEXT;
-
-#ifndef OPENSSL_NO_TLSEXT
-static int tls_decrypt_ticket(SSL *s, const unsigned char *tick, int ticklen,
-                              const unsigned char *sess_id, int sesslen,
-                              SSL_SESSION **psess);
-static int ssl_check_clienthello_tlsext_early(SSL *s);
-int ssl_check_serverhello_tlsext(SSL *s);
-#endif
-
-#define CHECKLEN(curr, val, limit) \
-    (((curr) >= (limit)) || (size_t)((limit) - (curr)) < (size_t)(val))
-
-SSL3_ENC_METHOD TLSv1_enc_data = {
-    tls1_enc,
-    tls1_mac,
-    tls1_setup_key_block,
-    tls1_generate_master_secret,
-    tls1_change_cipher_state,
-    tls1_final_finish_mac,
-    TLS1_FINISH_MAC_LENGTH,
-    tls1_cert_verify_mac,
-    TLS_MD_CLIENT_FINISH_CONST, TLS_MD_CLIENT_FINISH_CONST_SIZE,
-    TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
-    tls1_alert_code,
-    tls1_export_keying_material,
-    0,
-    SSL3_HM_HEADER_LENGTH,
-    ssl3_set_handshake_header,
-    ssl3_handshake_write
-};
-
-SSL3_ENC_METHOD TLSv1_1_enc_data = {
-    tls1_enc,
-    tls1_mac,
-    tls1_setup_key_block,
-    tls1_generate_master_secret,
-    tls1_change_cipher_state,
-    tls1_final_finish_mac,
-    TLS1_FINISH_MAC_LENGTH,
-    tls1_cert_verify_mac,
-    TLS_MD_CLIENT_FINISH_CONST, TLS_MD_CLIENT_FINISH_CONST_SIZE,
-    TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
-    tls1_alert_code,
-    tls1_export_keying_material,
-    SSL_ENC_FLAG_EXPLICIT_IV,
-    SSL3_HM_HEADER_LENGTH,
-    ssl3_set_handshake_header,
-    ssl3_handshake_write
-};
-
-SSL3_ENC_METHOD TLSv1_2_enc_data = {
-    tls1_enc,
-    tls1_mac,
-    tls1_setup_key_block,
-    tls1_generate_master_secret,
-    tls1_change_cipher_state,
-    tls1_final_finish_mac,
-    TLS1_FINISH_MAC_LENGTH,
-    tls1_cert_verify_mac,
-    TLS_MD_CLIENT_FINISH_CONST, TLS_MD_CLIENT_FINISH_CONST_SIZE,
-    TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
-    tls1_alert_code,
-    tls1_export_keying_material,
-    SSL_ENC_FLAG_EXPLICIT_IV | SSL_ENC_FLAG_SIGALGS | SSL_ENC_FLAG_SHA256_PRF
-        | SSL_ENC_FLAG_TLS1_2_CIPHERS,
-    SSL3_HM_HEADER_LENGTH,
-    ssl3_set_handshake_header,
-    ssl3_handshake_write
-};
-
-long tls1_default_timeout(void)
-{
-    /*
-     * 2 hours, the 24 hours mentioned in the TLSv1 spec is way too long for
-     * http, the cache would over fill
-     */
-    return (60 * 60 * 2);
-}
-
-int tls1_new(SSL *s)
-{
-    if (!ssl3_new(s))
-        return (0);
-    s->method->ssl_clear(s);
-    return (1);
-}
-
-void tls1_free(SSL *s)
-{
-#ifndef OPENSSL_NO_TLSEXT
-    if (s->tlsext_session_ticket) {
-        OPENSSL_free(s->tlsext_session_ticket);
-    }
-#endif                          /* OPENSSL_NO_TLSEXT */
-    ssl3_free(s);
-}
-
-void tls1_clear(SSL *s)
-{
-    ssl3_clear(s);
-    s->version = s->method->version;
-}
-
-#ifndef OPENSSL_NO_EC
-
-static int nid_list[] = {
-    NID_sect163k1,              /* sect163k1 (1) */
-    NID_sect163r1,              /* sect163r1 (2) */
-    NID_sect163r2,              /* sect163r2 (3) */
-    NID_sect193r1,              /* sect193r1 (4) */
-    NID_sect193r2,              /* sect193r2 (5) */
-    NID_sect233k1,              /* sect233k1 (6) */
-    NID_sect233r1,              /* sect233r1 (7) */
-    NID_sect239k1,              /* sect239k1 (8) */
-    NID_sect283k1,              /* sect283k1 (9) */
-    NID_sect283r1,              /* sect283r1 (10) */
-    NID_sect409k1,              /* sect409k1 (11) */
-    NID_sect409r1,              /* sect409r1 (12) */
-    NID_sect571k1,              /* sect571k1 (13) */
-    NID_sect571r1,              /* sect571r1 (14) */
-    NID_secp160k1,              /* secp160k1 (15) */
-    NID_secp160r1,              /* secp160r1 (16) */
-    NID_secp160r2,              /* secp160r2 (17) */
-    NID_secp192k1,              /* secp192k1 (18) */
-    NID_X9_62_prime192v1,       /* secp192r1 (19) */
-    NID_secp224k1,              /* secp224k1 (20) */
-    NID_secp224r1,              /* secp224r1 (21) */
-    NID_secp256k1,              /* secp256k1 (22) */
-    NID_X9_62_prime256v1,       /* secp256r1 (23) */
-    NID_secp384r1,              /* secp384r1 (24) */
-    NID_secp521r1,              /* secp521r1 (25) */
-    NID_brainpoolP256r1,        /* brainpoolP256r1 (26) */
-    NID_brainpoolP384r1,        /* brainpoolP384r1 (27) */
-    NID_brainpoolP512r1         /* brainpool512r1 (28) */
-};
-
-static const unsigned char ecformats_default[] = {
-    TLSEXT_ECPOINTFORMAT_uncompressed,
-    TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime,
-    TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2
-};
-
-/* The client's default curves / the server's 'auto' curves. */
-static const unsigned char eccurves_auto[] = {
-    /* Prefer P-256 which has the fastest and most secure implementations. */
-    0, 23,                      /* secp256r1 (23) */
-    /* Other >= 256-bit prime curves. */
-    0, 25,                      /* secp521r1 (25) */
-    0, 28,                      /* brainpool512r1 (28) */
-    0, 27,                      /* brainpoolP384r1 (27) */
-    0, 24,                      /* secp384r1 (24) */
-    0, 26,                      /* brainpoolP256r1 (26) */
-    0, 22,                      /* secp256k1 (22) */
-# ifndef OPENSSL_NO_EC2M
-    /* >= 256-bit binary curves. */
-    0, 14,                      /* sect571r1 (14) */
-    0, 13,                      /* sect571k1 (13) */
-    0, 11,                      /* sect409k1 (11) */
-    0, 12,                      /* sect409r1 (12) */
-    0, 9,                       /* sect283k1 (9) */
-    0, 10,                      /* sect283r1 (10) */
-# endif
-};
-
-static const unsigned char eccurves_all[] = {
-    /* Prefer P-256 which has the fastest and most secure implementations. */
-    0, 23,                      /* secp256r1 (23) */
-    /* Other >= 256-bit prime curves. */
-    0, 25,                      /* secp521r1 (25) */
-    0, 28,                      /* brainpool512r1 (28) */
-    0, 27,                      /* brainpoolP384r1 (27) */
-    0, 24,                      /* secp384r1 (24) */
-    0, 26,                      /* brainpoolP256r1 (26) */
-    0, 22,                      /* secp256k1 (22) */
-# ifndef OPENSSL_NO_EC2M
-    /* >= 256-bit binary curves. */
-    0, 14,                      /* sect571r1 (14) */
-    0, 13,                      /* sect571k1 (13) */
-    0, 11,                      /* sect409k1 (11) */
-    0, 12,                      /* sect409r1 (12) */
-    0, 9,                       /* sect283k1 (9) */
-    0, 10,                      /* sect283r1 (10) */
-# endif
-    /*
-     * Remaining curves disabled by default but still permitted if set
-     * via an explicit callback or parameters.
-     */
-    0, 20,                      /* secp224k1 (20) */
-    0, 21,                      /* secp224r1 (21) */
-    0, 18,                      /* secp192k1 (18) */
-    0, 19,                      /* secp192r1 (19) */
-    0, 15,                      /* secp160k1 (15) */
-    0, 16,                      /* secp160r1 (16) */
-    0, 17,                      /* secp160r2 (17) */
-# ifndef OPENSSL_NO_EC2M
-    0, 8,                       /* sect239k1 (8) */
-    0, 6,                       /* sect233k1 (6) */
-    0, 7,                       /* sect233r1 (7) */
-    0, 4,                       /* sect193r1 (4) */
-    0, 5,                       /* sect193r2 (5) */
-    0, 1,                       /* sect163k1 (1) */
-    0, 2,                       /* sect163r1 (2) */
-    0, 3,                       /* sect163r2 (3) */
-# endif
-};
-
-static const unsigned char suiteb_curves[] = {
-    0, TLSEXT_curve_P_256,
-    0, TLSEXT_curve_P_384
-};
-
-# ifdef OPENSSL_FIPS
-/* Brainpool not allowed in FIPS mode */
-static const unsigned char fips_curves_default[] = {
-#  ifndef OPENSSL_NO_EC2M
-    0, 14,                      /* sect571r1 (14) */
-    0, 13,                      /* sect571k1 (13) */
-#  endif
-    0, 25,                      /* secp521r1 (25) */
-#  ifndef OPENSSL_NO_EC2M
-    0, 11,                      /* sect409k1 (11) */
-    0, 12,                      /* sect409r1 (12) */
-#  endif
-    0, 24,                      /* secp384r1 (24) */
-#  ifndef OPENSSL_NO_EC2M
-    0, 9,                       /* sect283k1 (9) */
-    0, 10,                      /* sect283r1 (10) */
-#  endif
-    0, 22,                      /* secp256k1 (22) */
-    0, 23,                      /* secp256r1 (23) */
-#  ifndef OPENSSL_NO_EC2M
-    0, 8,                       /* sect239k1 (8) */
-    0, 6,                       /* sect233k1 (6) */
-    0, 7,                       /* sect233r1 (7) */
-#  endif
-    0, 20,                      /* secp224k1 (20) */
-    0, 21,                      /* secp224r1 (21) */
-#  ifndef OPENSSL_NO_EC2M
-    0, 4,                       /* sect193r1 (4) */
-    0, 5,                       /* sect193r2 (5) */
-#  endif
-    0, 18,                      /* secp192k1 (18) */
-    0, 19,                      /* secp192r1 (19) */
-#  ifndef OPENSSL_NO_EC2M
-    0, 1,                       /* sect163k1 (1) */
-    0, 2,                       /* sect163r1 (2) */
-    0, 3,                       /* sect163r2 (3) */
-#  endif
-    0, 15,                      /* secp160k1 (15) */
-    0, 16,                      /* secp160r1 (16) */
-    0, 17,                      /* secp160r2 (17) */
-};
-# endif
-
-int tls1_ec_curve_id2nid(int curve_id)
-{
-    /* ECC curves from RFC 4492 and RFC 7027 */
-    if ((curve_id < 1) || ((unsigned int)curve_id >
-                           sizeof(nid_list) / sizeof(nid_list[0])))
-        return 0;
-    return nid_list[curve_id - 1];
-}
-
-int tls1_ec_nid2curve_id(int nid)
-{
-    /* ECC curves from RFC 4492 and RFC 7027 */
-    switch (nid) {
-    case NID_sect163k1:        /* sect163k1 (1) */
-        return 1;
-    case NID_sect163r1:        /* sect163r1 (2) */
-        return 2;
-    case NID_sect163r2:        /* sect163r2 (3) */
-        return 3;
-    case NID_sect193r1:        /* sect193r1 (4) */
-        return 4;
-    case NID_sect193r2:        /* sect193r2 (5) */
-        return 5;
-    case NID_sect233k1:        /* sect233k1 (6) */
-        return 6;
-    case NID_sect233r1:        /* sect233r1 (7) */
-        return 7;
-    case NID_sect239k1:        /* sect239k1 (8) */
-        return 8;
-    case NID_sect283k1:        /* sect283k1 (9) */
-        return 9;
-    case NID_sect283r1:        /* sect283r1 (10) */
-        return 10;
-    case NID_sect409k1:        /* sect409k1 (11) */
-        return 11;
-    case NID_sect409r1:        /* sect409r1 (12) */
-        return 12;
-    case NID_sect571k1:        /* sect571k1 (13) */
-        return 13;
-    case NID_sect571r1:        /* sect571r1 (14) */
-        return 14;
-    case NID_secp160k1:        /* secp160k1 (15) */
-        return 15;
-    case NID_secp160r1:        /* secp160r1 (16) */
-        return 16;
-    case NID_secp160r2:        /* secp160r2 (17) */
-        return 17;
-    case NID_secp192k1:        /* secp192k1 (18) */
-        return 18;
-    case NID_X9_62_prime192v1: /* secp192r1 (19) */
-        return 19;
-    case NID_secp224k1:        /* secp224k1 (20) */
-        return 20;
-    case NID_secp224r1:        /* secp224r1 (21) */
-        return 21;
-    case NID_secp256k1:        /* secp256k1 (22) */
-        return 22;
-    case NID_X9_62_prime256v1: /* secp256r1 (23) */
-        return 23;
-    case NID_secp384r1:        /* secp384r1 (24) */
-        return 24;
-    case NID_secp521r1:        /* secp521r1 (25) */
-        return 25;
-    case NID_brainpoolP256r1:  /* brainpoolP256r1 (26) */
-        return 26;
-    case NID_brainpoolP384r1:  /* brainpoolP384r1 (27) */
-        return 27;
-    case NID_brainpoolP512r1:  /* brainpool512r1 (28) */
-        return 28;
-    default:
-        return 0;
-    }
-}
-
-/*
- * Get curves list, if "sess" is set return client curves otherwise
- * preferred list.
- * Sets |num_curves| to the number of curves in the list, i.e.,
- * the length of |pcurves| is 2 * num_curves.
- * Returns 1 on success and 0 if the client curves list has invalid format.
- * The latter indicates an internal error: we should not be accepting such
- * lists in the first place.
- * TODO(emilia): we should really be storing the curves list in explicitly
- * parsed form instead. (However, this would affect binary compatibility
- * so cannot happen in the 1.0.x series.)
- */
-static int tls1_get_curvelist(SSL *s, int sess,
-                              const unsigned char **pcurves,
-                              size_t *num_curves)
-{
-    size_t pcurveslen = 0;
-    if (sess) {
-        *pcurves = s->session->tlsext_ellipticcurvelist;
-        pcurveslen = s->session->tlsext_ellipticcurvelist_length;
-    } else {
-        /* For Suite B mode only include P-256, P-384 */
-        switch (tls1_suiteb(s)) {
-        case SSL_CERT_FLAG_SUITEB_128_LOS:
-            *pcurves = suiteb_curves;
-            pcurveslen = sizeof(suiteb_curves);
-            break;
-
-        case SSL_CERT_FLAG_SUITEB_128_LOS_ONLY:
-            *pcurves = suiteb_curves;
-            pcurveslen = 2;
-            break;
-
-        case SSL_CERT_FLAG_SUITEB_192_LOS:
-            *pcurves = suiteb_curves + 2;
-            pcurveslen = 2;
-            break;
-        default:
-            *pcurves = s->tlsext_ellipticcurvelist;
-            pcurveslen = s->tlsext_ellipticcurvelist_length;
-        }
-        if (!*pcurves) {
-# ifdef OPENSSL_FIPS
-            if (FIPS_mode()) {
-                *pcurves = fips_curves_default;
-                pcurveslen = sizeof(fips_curves_default);
-            } else
-# endif
-            {
-                if (!s->server || s->cert->ecdh_tmp_auto) {
-                    *pcurves = eccurves_auto;
-                    pcurveslen = sizeof(eccurves_auto);
-                } else {
-                    *pcurves = eccurves_all;
-                    pcurveslen = sizeof(eccurves_all);
-                }
-            }
-        }
-    }
-    /* We do not allow odd length arrays to enter the system. */
-    if (pcurveslen & 1) {
-        SSLerr(SSL_F_TLS1_GET_CURVELIST, ERR_R_INTERNAL_ERROR);
-        *num_curves = 0;
-        return 0;
-    } else {
-        *num_curves = pcurveslen / 2;
-        return 1;
-    }
-}
-
-/* Check a curve is one of our preferences */
-int tls1_check_curve(SSL *s, const unsigned char *p, size_t len)
-{
-    const unsigned char *curves;
-    size_t num_curves, i;
-    unsigned int suiteb_flags = tls1_suiteb(s);
-    if (len != 3 || p[0] != NAMED_CURVE_TYPE)
-        return 0;
-    /* Check curve matches Suite B preferences */
-    if (suiteb_flags) {
-        unsigned long cid = s->s3->tmp.new_cipher->id;
-        if (p[1])
-            return 0;
-        if (cid == TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) {
-            if (p[2] != TLSEXT_curve_P_256)
-                return 0;
-        } else if (cid == TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384) {
-            if (p[2] != TLSEXT_curve_P_384)
-                return 0;
-        } else                  /* Should never happen */
-            return 0;
-    }
-    if (!tls1_get_curvelist(s, 0, &curves, &num_curves))
-        return 0;
-    for (i = 0; i < num_curves; i++, curves += 2) {
-        if (p[1] == curves[0] && p[2] == curves[1])
-            return 1;
-    }
-    return 0;
-}
-
-/*-
- * Return |nmatch|th shared curve or NID_undef if there is no match.
- * For nmatch == -1, return number of  matches
- * For nmatch == -2, return the NID of the curve to use for
- * an EC tmp key, or NID_undef if there is no match.
- */
-int tls1_shared_curve(SSL *s, int nmatch)
-{
-    const unsigned char *pref, *supp;
-    size_t num_pref, num_supp, i, j;
-    int k;
-    /* Can't do anything on client side */
-    if (s->server == 0)
-        return -1;
-    if (nmatch == -2) {
-        if (tls1_suiteb(s)) {
-            /*
-             * For Suite B ciphersuite determines curve: we already know
-             * these are acceptable due to previous checks.
-             */
-            unsigned long cid = s->s3->tmp.new_cipher->id;
-            if (cid == TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256)
-                return NID_X9_62_prime256v1; /* P-256 */
-            if (cid == TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384)
-                return NID_secp384r1; /* P-384 */
-            /* Should never happen */
-            return NID_undef;
-        }
-        /* If not Suite B just return first preference shared curve */
-        nmatch = 0;
-    }
-    /*
-     * Avoid truncation. tls1_get_curvelist takes an int
-     * but s->options is a long...
-     */
-    if (!tls1_get_curvelist
-        (s, (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) != 0, &supp,
-         &num_supp))
-        /* In practice, NID_undef == 0 but let's be precise. */
-        return nmatch == -1 ? 0 : NID_undef;
-    if (!tls1_get_curvelist
-        (s, !(s->options & SSL_OP_CIPHER_SERVER_PREFERENCE), &pref,
-         &num_pref))
-        return nmatch == -1 ? 0 : NID_undef;
-
-    /*
-     * If the client didn't send the elliptic_curves extension all of them
-     * are allowed.
-     */
-    if (num_supp == 0 && (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) != 0) {
-        supp = eccurves_all;
-        num_supp = sizeof(eccurves_all) / 2;
-    } else if (num_pref == 0 &&
-        (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) == 0) {
-        pref = eccurves_all;
-        num_pref = sizeof(eccurves_all) / 2;
-    }
-
-    k = 0;
-    for (i = 0; i < num_pref; i++, pref += 2) {
-        const unsigned char *tsupp = supp;
-        for (j = 0; j < num_supp; j++, tsupp += 2) {
-            if (pref[0] == tsupp[0] && pref[1] == tsupp[1]) {
-                if (nmatch == k) {
-                    int id = (pref[0] << 8) | pref[1];
-                    return tls1_ec_curve_id2nid(id);
-                }
-                k++;
-            }
-        }
-    }
-    if (nmatch == -1)
-        return k;
-    /* Out of range (nmatch > k). */
-    return NID_undef;
-}
-
-int tls1_set_curves(unsigned char **pext, size_t *pextlen,
-                    int *curves, size_t ncurves)
-{
-    unsigned char *clist, *p;
-    size_t i;
-    /*
-     * Bitmap of curves included to detect duplicates: only works while curve
-     * ids < 32
-     */
-    unsigned long dup_list = 0;
-# ifdef OPENSSL_NO_EC2M
-    EC_GROUP *curve;
-# endif
-
-    clist = OPENSSL_malloc(ncurves * 2);
-    if (!clist)
-        return 0;
-    for (i = 0, p = clist; i < ncurves; i++) {
-        unsigned long idmask;
-        int id;
-        id = tls1_ec_nid2curve_id(curves[i]);
-# ifdef OPENSSL_FIPS
-        /* NB: 25 is last curve ID supported by FIPS module */
-        if (FIPS_mode() && id > 25) {
-            OPENSSL_free(clist);
-            return 0;
-        }
-# endif
-# ifdef OPENSSL_NO_EC2M
-        curve = EC_GROUP_new_by_curve_name(curves[i]);
-        if (!curve || EC_METHOD_get_field_type(EC_GROUP_method_of(curve))
-            == NID_X9_62_characteristic_two_field) {
-            if (curve)
-                EC_GROUP_free(curve);
-            OPENSSL_free(clist);
-            return 0;
-        } else
-            EC_GROUP_free(curve);
-# endif
-        idmask = 1L << id;
-        if (!id || (dup_list & idmask)) {
-            OPENSSL_free(clist);
-            return 0;
-        }
-        dup_list |= idmask;
-        s2n(id, p);
-    }
-    if (*pext)
-        OPENSSL_free(*pext);
-    *pext = clist;
-    *pextlen = ncurves * 2;
-    return 1;
-}
-
-# define MAX_CURVELIST   28
-
-typedef struct {
-    size_t nidcnt;
-    int nid_arr[MAX_CURVELIST];
-} nid_cb_st;
-
-static int nid_cb(const char *elem, int len, void *arg)
-{
-    nid_cb_st *narg = arg;
-    size_t i;
-    int nid;
-    char etmp[20];
-    if (elem == NULL)
-        return 0;
-    if (narg->nidcnt == MAX_CURVELIST)
-        return 0;
-    if (len > (int)(sizeof(etmp) - 1))
-        return 0;
-    memcpy(etmp, elem, len);
-    etmp[len] = 0;
-    nid = EC_curve_nist2nid(etmp);
-    if (nid == NID_undef)
-        nid = OBJ_sn2nid(etmp);
-    if (nid == NID_undef)
-        nid = OBJ_ln2nid(etmp);
-    if (nid == NID_undef)
-        return 0;
-    for (i = 0; i < narg->nidcnt; i++)
-        if (narg->nid_arr[i] == nid)
-            return 0;
-    narg->nid_arr[narg->nidcnt++] = nid;
-    return 1;
-}
-
-/* Set curves based on a colon separate list */
-int tls1_set_curves_list(unsigned char **pext, size_t *pextlen,
-                         const char *str)
-{
-    nid_cb_st ncb;
-    ncb.nidcnt = 0;
-    if (!CONF_parse_list(str, ':', 1, nid_cb, &ncb))
-        return 0;
-    if (pext == NULL)
-        return 1;
-    return tls1_set_curves(pext, pextlen, ncb.nid_arr, ncb.nidcnt);
-}
-
-/* For an EC key set TLS id and required compression based on parameters */
-static int tls1_set_ec_id(unsigned char *curve_id, unsigned char *comp_id,
-                          EC_KEY *ec)
-{
-    int is_prime, id;
-    const EC_GROUP *grp;
-    const EC_METHOD *meth;
-    if (!ec)
-        return 0;
-    /* Determine if it is a prime field */
-    grp = EC_KEY_get0_group(ec);
-    if (!grp)
-        return 0;
-    meth = EC_GROUP_method_of(grp);
-    if (!meth)
-        return 0;
-    if (EC_METHOD_get_field_type(meth) == NID_X9_62_prime_field)
-        is_prime = 1;
-    else
-        is_prime = 0;
-    /* Determine curve ID */
-    id = EC_GROUP_get_curve_name(grp);
-    id = tls1_ec_nid2curve_id(id);
-    /* If we have an ID set it, otherwise set arbitrary explicit curve */
-    if (id) {
-        curve_id[0] = 0;
-        curve_id[1] = (unsigned char)id;
-    } else {
-        curve_id[0] = 0xff;
-        if (is_prime)
-            curve_id[1] = 0x01;
-        else
-            curve_id[1] = 0x02;
-    }
-    if (comp_id) {
-        if (EC_KEY_get0_public_key(ec) == NULL)
-            return 0;
-        if (EC_KEY_get_conv_form(ec) == POINT_CONVERSION_COMPRESSED) {
-            if (is_prime)
-                *comp_id = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
-            else
-                *comp_id = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
-        } else
-            *comp_id = TLSEXT_ECPOINTFORMAT_uncompressed;
-    }
-    return 1;
-}
-
-/* Check an EC key is compatible with extensions */
-static int tls1_check_ec_key(SSL *s,
-                             unsigned char *curve_id, unsigned char *comp_id)
-{
-    const unsigned char *pformats, *pcurves;
-    size_t num_formats, num_curves, i;
-    int j;
-    /*
-     * If point formats extension present check it, otherwise everything is
-     * supported (see RFC4492).
-     */
-    if (comp_id && s->session->tlsext_ecpointformatlist) {
-        pformats = s->session->tlsext_ecpointformatlist;
-        num_formats = s->session->tlsext_ecpointformatlist_length;
-        for (i = 0; i < num_formats; i++, pformats++) {
-            if (*comp_id == *pformats)
-                break;
-        }
-        if (i == num_formats)
-            return 0;
-    }
-    if (!curve_id)
-        return 1;
-    /* Check curve is consistent with client and server preferences */
-    for (j = 0; j <= 1; j++) {
-        if (!tls1_get_curvelist(s, j, &pcurves, &num_curves))
-            return 0;
-        if (j == 1 && num_curves == 0) {
-            /*
-             * If we've not received any curves then skip this check.
-             * RFC 4492 does not require the supported elliptic curves extension
-             * so if it is not sent we can just choose any curve.
-             * It is invalid to send an empty list in the elliptic curves
-             * extension, so num_curves == 0 always means no extension.
-             */
-            break;
-        }
-        for (i = 0; i < num_curves; i++, pcurves += 2) {
-            if (pcurves[0] == curve_id[0] && pcurves[1] == curve_id[1])
-                break;
-        }
-        if (i == num_curves)
-            return 0;
-        /* For clients can only check sent curve list */
-        if (!s->server)
-            return 1;
-    }
-    return 1;
-}
-
-static void tls1_get_formatlist(SSL *s, const unsigned char **pformats,
-                                size_t *num_formats)
-{
-    /*
-     * If we have a custom point format list use it otherwise use default
-     */
-    if (s->tlsext_ecpointformatlist) {
-        *pformats = s->tlsext_ecpointformatlist;
-        *num_formats = s->tlsext_ecpointformatlist_length;
-    } else {
-        *pformats = ecformats_default;
-        /* For Suite B we don't support char2 fields */
-        if (tls1_suiteb(s))
-            *num_formats = sizeof(ecformats_default) - 1;
-        else
-            *num_formats = sizeof(ecformats_default);
-    }
-}
-
-/*
- * Check cert parameters compatible with extensions: currently just checks EC
- * certificates have compatible curves and compression.
- */
-static int tls1_check_cert_param(SSL *s, X509 *x, int set_ee_md)
-{
-    unsigned char comp_id, curve_id[2];
-    EVP_PKEY *pkey;
-    int rv;
-    pkey = X509_get_pubkey(x);
-    if (!pkey)
-        return 0;
-    /* If not EC nothing to do */
-    if (pkey->type != EVP_PKEY_EC) {
-        EVP_PKEY_free(pkey);
-        return 1;
-    }
-    rv = tls1_set_ec_id(curve_id, &comp_id, pkey->pkey.ec);
-    EVP_PKEY_free(pkey);
-    if (!rv)
-        return 0;
-    /*
-     * Can't check curve_id for client certs as we don't have a supported
-     * curves extension.
-     */
-    rv = tls1_check_ec_key(s, s->server ? curve_id : NULL, &comp_id);
-    if (!rv)
-        return 0;
-    /*
-     * Special case for suite B. We *MUST* sign using SHA256+P-256 or
-     * SHA384+P-384, adjust digest if necessary.
-     */
-    if (set_ee_md && tls1_suiteb(s)) {
-        int check_md;
-        size_t i;
-        CERT *c = s->cert;
-        if (curve_id[0])
-            return 0;
-        /* Check to see we have necessary signing algorithm */
-        if (curve_id[1] == TLSEXT_curve_P_256)
-            check_md = NID_ecdsa_with_SHA256;
-        else if (curve_id[1] == TLSEXT_curve_P_384)
-            check_md = NID_ecdsa_with_SHA384;
-        else
-            return 0;           /* Should never happen */
-        for (i = 0; i < c->shared_sigalgslen; i++)
-            if (check_md == c->shared_sigalgs[i].signandhash_nid)
-                break;
-        if (i == c->shared_sigalgslen)
-            return 0;
-        if (set_ee_md == 2) {
-            if (check_md == NID_ecdsa_with_SHA256)
-                c->pkeys[SSL_PKEY_ECC].digest = EVP_sha256();
-            else
-                c->pkeys[SSL_PKEY_ECC].digest = EVP_sha384();
-        }
-    }
-    return rv;
-}
-
-# ifndef OPENSSL_NO_ECDH
-/* Check EC temporary key is compatible with client extensions */
-int tls1_check_ec_tmp_key(SSL *s, unsigned long cid)
-{
-    unsigned char curve_id[2];
-    EC_KEY *ec = s->cert->ecdh_tmp;
-#  ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
-    /* Allow any curve: not just those peer supports */
-    if (s->cert->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL)
-        return 1;
-#  endif
-    /*
-     * If Suite B, AES128 MUST use P-256 and AES256 MUST use P-384, no other
-     * curves permitted.
-     */
-    if (tls1_suiteb(s)) {
-        /* Curve to check determined by ciphersuite */
-        if (cid == TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256)
-            curve_id[1] = TLSEXT_curve_P_256;
-        else if (cid == TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384)
-            curve_id[1] = TLSEXT_curve_P_384;
-        else
-            return 0;
-        curve_id[0] = 0;
-        /* Check this curve is acceptable */
-        if (!tls1_check_ec_key(s, curve_id, NULL))
-            return 0;
-        /* If auto or setting curve from callback assume OK */
-        if (s->cert->ecdh_tmp_auto || s->cert->ecdh_tmp_cb)
-            return 1;
-        /* Otherwise check curve is acceptable */
-        else {
-            unsigned char curve_tmp[2];
-            if (!ec)
-                return 0;
-            if (!tls1_set_ec_id(curve_tmp, NULL, ec))
-                return 0;
-            if (!curve_tmp[0] || curve_tmp[1] == curve_id[1])
-                return 1;
-            return 0;
-        }
-
-    }
-    if (s->cert->ecdh_tmp_auto) {
-        /* Need a shared curve */
-        if (tls1_shared_curve(s, 0))
-            return 1;
-        else
-            return 0;
-    }
-    if (!ec) {
-        if (s->cert->ecdh_tmp_cb)
-            return 1;
-        else
-            return 0;
-    }
-    if (!tls1_set_ec_id(curve_id, NULL, ec))
-        return 0;
-/* Set this to allow use of invalid curves for testing */
-#  if 0
-    return 1;
-#  else
-    return tls1_check_ec_key(s, curve_id, NULL);
-#  endif
-}
-# endif                         /* OPENSSL_NO_ECDH */
-
-#else
-
-static int tls1_check_cert_param(SSL *s, X509 *x, int set_ee_md)
-{
-    return 1;
-}
-
-#endif                          /* OPENSSL_NO_EC */
-
-#ifndef OPENSSL_NO_TLSEXT
-
-/*
- * List of supported signature algorithms and hashes. Should make this
- * customisable at some point, for now include everything we support.
- */
-
-# ifdef OPENSSL_NO_RSA
-#  define tlsext_sigalg_rsa(md) /* */
-# else
-#  define tlsext_sigalg_rsa(md) md, TLSEXT_signature_rsa,
-# endif
-
-# ifdef OPENSSL_NO_DSA
-#  define tlsext_sigalg_dsa(md) /* */
-# else
-#  define tlsext_sigalg_dsa(md) md, TLSEXT_signature_dsa,
-# endif
-
-# ifdef OPENSSL_NO_ECDSA
-#  define tlsext_sigalg_ecdsa(md)
-                                /* */
-# else
-#  define tlsext_sigalg_ecdsa(md) md, TLSEXT_signature_ecdsa,
-# endif
-
-# define tlsext_sigalg(md) \
-                tlsext_sigalg_rsa(md) \
-                tlsext_sigalg_dsa(md) \
-                tlsext_sigalg_ecdsa(md)
-
-static unsigned char tls12_sigalgs[] = {
-# ifndef OPENSSL_NO_SHA512
-    tlsext_sigalg(TLSEXT_hash_sha512)
-        tlsext_sigalg(TLSEXT_hash_sha384)
-# endif
-# ifndef OPENSSL_NO_SHA256
-        tlsext_sigalg(TLSEXT_hash_sha256)
-        tlsext_sigalg(TLSEXT_hash_sha224)
-# endif
-# ifndef OPENSSL_NO_SHA
-        tlsext_sigalg(TLSEXT_hash_sha1)
-# endif
-};
-
-# ifndef OPENSSL_NO_ECDSA
-static unsigned char suiteb_sigalgs[] = {
-    tlsext_sigalg_ecdsa(TLSEXT_hash_sha256)
-        tlsext_sigalg_ecdsa(TLSEXT_hash_sha384)
-};
-# endif
-size_t tls12_get_psigalgs(SSL *s, int sent, const unsigned char **psigs)
-{
-    /*
-     * If Suite B mode use Suite B sigalgs only, ignore any other
-     * preferences.
-     */
-# ifndef OPENSSL_NO_EC
-    switch (tls1_suiteb(s)) {
-    case SSL_CERT_FLAG_SUITEB_128_LOS:
-        *psigs = suiteb_sigalgs;
-        return sizeof(suiteb_sigalgs);
-
-    case SSL_CERT_FLAG_SUITEB_128_LOS_ONLY:
-        *psigs = suiteb_sigalgs;
-        return 2;
-
-    case SSL_CERT_FLAG_SUITEB_192_LOS:
-        *psigs = suiteb_sigalgs + 2;
-        return 2;
-    }
-# endif
-    /* If server use client authentication sigalgs if not NULL */
-    if (s->server == sent && s->cert->client_sigalgs) {
-        *psigs = s->cert->client_sigalgs;
-        return s->cert->client_sigalgslen;
-    } else if (s->cert->conf_sigalgs) {
-        *psigs = s->cert->conf_sigalgs;
-        return s->cert->conf_sigalgslen;
-    } else {
-        *psigs = tls12_sigalgs;
-        return sizeof(tls12_sigalgs);
-    }
-}
-
-/*
- * Check signature algorithm is consistent with sent supported signature
- * algorithms and if so return relevant digest.
- */
-int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s,
-                            const unsigned char *sig, EVP_PKEY *pkey)
-{
-    const unsigned char *sent_sigs;
-    size_t sent_sigslen, i;
-    int sigalg = tls12_get_sigid(pkey);
-    /* Should never happen */
-    if (sigalg == -1)
-        return -1;
-    /* Check key type is consistent with signature */
-    if (sigalg != (int)sig[1]) {
-        SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG, SSL_R_WRONG_SIGNATURE_TYPE);
-        return 0;
-    }
-# ifndef OPENSSL_NO_EC
-    if (pkey->type == EVP_PKEY_EC) {
-        unsigned char curve_id[2], comp_id;
-        /* Check compression and curve matches extensions */
-        if (!tls1_set_ec_id(curve_id, &comp_id, pkey->pkey.ec))
-            return 0;
-        if (!s->server && !tls1_check_ec_key(s, curve_id, &comp_id)) {
-            SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG, SSL_R_WRONG_CURVE);
-            return 0;
-        }
-        /* If Suite B only P-384+SHA384 or P-256+SHA-256 allowed */
-        if (tls1_suiteb(s)) {
-            if (curve_id[0])
-                return 0;
-            if (curve_id[1] == TLSEXT_curve_P_256) {
-                if (sig[0] != TLSEXT_hash_sha256) {
-                    SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG,
-                           SSL_R_ILLEGAL_SUITEB_DIGEST);
-                    return 0;
-                }
-            } else if (curve_id[1] == TLSEXT_curve_P_384) {
-                if (sig[0] != TLSEXT_hash_sha384) {
-                    SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG,
-                           SSL_R_ILLEGAL_SUITEB_DIGEST);
-                    return 0;
-                }
-            } else
-                return 0;
-        }
-    } else if (tls1_suiteb(s))
-        return 0;
-# endif
-
-    /* Check signature matches a type we sent */
-    sent_sigslen = tls12_get_psigalgs(s, 1, &sent_sigs);
-    for (i = 0; i < sent_sigslen; i += 2, sent_sigs += 2) {
-        if (sig[0] == sent_sigs[0] && sig[1] == sent_sigs[1])
-            break;
-    }
-    /* Allow fallback to SHA1 if not strict mode */
-    if (i == sent_sigslen
-        && (sig[0] != TLSEXT_hash_sha1
-            || s->cert->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT)) {
-        SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG, SSL_R_WRONG_SIGNATURE_TYPE);
-        return 0;
-    }
-    *pmd = tls12_get_hash(sig[0]);
-    if (*pmd == NULL) {
-        SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG, SSL_R_UNKNOWN_DIGEST);
-        return 0;
-    }
-    /*
-     * Store the digest used so applications can retrieve it if they wish.
-     */
-    if (s->session && s->session->sess_cert)
-        s->session->sess_cert->peer_key->digest = *pmd;
-    return 1;
-}
-
-/*
- * Get a mask of disabled algorithms: an algorithm is disabled if it isn't
- * supported or doesn't appear in supported signature algorithms. Unlike
- * ssl_cipher_get_disabled this applies to a specific session and not global
- * settings.
- */
-void ssl_set_client_disabled(SSL *s)
-{
-    CERT *c = s->cert;
-    const unsigned char *sigalgs;
-    size_t i, sigalgslen;
-    int have_rsa = 0, have_dsa = 0, have_ecdsa = 0;
-    c->mask_a = 0;
-    c->mask_k = 0;
-    /* Don't allow TLS 1.2 only ciphers if we don't suppport them */
-    if (!SSL_CLIENT_USE_TLS1_2_CIPHERS(s))
-        c->mask_ssl = SSL_TLSV1_2;
-    else
-        c->mask_ssl = 0;
-    /*
-     * Now go through all signature algorithms seeing if we support any for
-     * RSA, DSA, ECDSA. Do this for all versions not just TLS 1.2.
-     */
-    sigalgslen = tls12_get_psigalgs(s, 1, &sigalgs);
-    for (i = 0; i < sigalgslen; i += 2, sigalgs += 2) {
-        switch (sigalgs[1]) {
-# ifndef OPENSSL_NO_RSA
-        case TLSEXT_signature_rsa:
-            have_rsa = 1;
-            break;
-# endif
-# ifndef OPENSSL_NO_DSA
-        case TLSEXT_signature_dsa:
-            have_dsa = 1;
-            break;
-# endif
-# ifndef OPENSSL_NO_ECDSA
-        case TLSEXT_signature_ecdsa:
-            have_ecdsa = 1;
-            break;
-# endif
-        }
-    }
-    /*
-     * Disable auth and static DH if we don't include any appropriate
-     * signature algorithms.
-     */
-    if (!have_rsa) {
-        c->mask_a |= SSL_aRSA;
-        c->mask_k |= SSL_kDHr | SSL_kECDHr;
-    }
-    if (!have_dsa) {
-        c->mask_a |= SSL_aDSS;
-        c->mask_k |= SSL_kDHd;
-    }
-    if (!have_ecdsa) {
-        c->mask_a |= SSL_aECDSA;
-        c->mask_k |= SSL_kECDHe;
-    }
-# ifndef OPENSSL_NO_KRB5
-    if (!kssl_tgt_is_available(s->kssl_ctx)) {
-        c->mask_a |= SSL_aKRB5;
-        c->mask_k |= SSL_kKRB5;
-    }
-# endif
-# ifndef OPENSSL_NO_PSK
-    /* with PSK there must be client callback set */
-    if (!s->psk_client_callback) {
-        c->mask_a |= SSL_aPSK;
-        c->mask_k |= SSL_kPSK;
-    }
-# endif                         /* OPENSSL_NO_PSK */
-# ifndef OPENSSL_NO_SRP
-    if (!(s->srp_ctx.srp_Mask & SSL_kSRP)) {
-        c->mask_a |= SSL_aSRP;
-        c->mask_k |= SSL_kSRP;
-    }
-# endif
-    c->valid = 1;
-}
-
-unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
-                                          unsigned char *limit, int *al)
-{
-    int extdatalen = 0;
-    unsigned char *orig = buf;
-    unsigned char *ret = buf;
-# ifndef OPENSSL_NO_EC
-    /* See if we support any ECC ciphersuites */
-    int using_ecc = 0;
-    if (s->version >= TLS1_VERSION || SSL_IS_DTLS(s)) {
-        int i;
-        unsigned long alg_k, alg_a;
-        STACK_OF(SSL_CIPHER) *cipher_stack = SSL_get_ciphers(s);
-
-        for (i = 0; i < sk_SSL_CIPHER_num(cipher_stack); i++) {
-            SSL_CIPHER *c = sk_SSL_CIPHER_value(cipher_stack, i);
-
-            alg_k = c->algorithm_mkey;
-            alg_a = c->algorithm_auth;
-            if ((alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe)
-                 || (alg_a & SSL_aECDSA))) {
-                using_ecc = 1;
-                break;
-            }
-        }
-    }
-# endif
-
-    /* don't add extensions for SSLv3 unless doing secure renegotiation */
-    if (s->client_version == SSL3_VERSION && !s->s3->send_connection_binding)
-        return orig;
-
-    ret += 2;
-
-    if (ret >= limit)
-        return NULL;            /* this really never occurs, but ... */
-
-    if (s->tlsext_hostname != NULL) {
-        /* Add TLS extension servername to the Client Hello message */
-        size_t size_str;
-
-        /*-
-         * check for enough space.
-         * 4 for the servername type and entension length
-         * 2 for servernamelist length
-         * 1 for the hostname type
-         * 2 for hostname length
-         * + hostname length
-         */
-        size_str = strlen(s->tlsext_hostname);
-        if (CHECKLEN(ret, 9 + size_str, limit))
-            return NULL;
-
-        /* extension type and length */
-        s2n(TLSEXT_TYPE_server_name, ret);
-        s2n(size_str + 5, ret);
-
-        /* length of servername list */
-        s2n(size_str + 3, ret);
-
-        /* hostname type, length and hostname */
-        *(ret++) = (unsigned char)TLSEXT_NAMETYPE_host_name;
-        s2n(size_str, ret);
-        memcpy(ret, s->tlsext_hostname, size_str);
-        ret += size_str;
-    }
-
-    /* Add RI if renegotiating */
-    if (s->renegotiate) {
-        int el;
-
-        if (!ssl_add_clienthello_renegotiate_ext(s, 0, &el, 0)) {
-            SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
-            return NULL;
-        }
-
-        if ((limit - ret - 4 - el) < 0)
-            return NULL;
-
-        s2n(TLSEXT_TYPE_renegotiate, ret);
-        s2n(el, ret);
-
-        if (!ssl_add_clienthello_renegotiate_ext(s, ret, &el, el)) {
-            SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
-            return NULL;
-        }
-
-        ret += el;
-    }
-# ifndef OPENSSL_NO_SRP
-    /* Add SRP username if there is one */
-    if (s->srp_ctx.login != NULL) { /* Add TLS extension SRP username to the
-                                     * Client Hello message */
-
-        size_t login_len = strlen(s->srp_ctx.login);
-        if (login_len > 255 || login_len == 0) {
-            SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
-            return NULL;
-        }
-
-        /*-
-         * check for enough space.
-         * 4 for the srp type type and entension length
-         * 1 for the srp user identity
-         * + srp user identity length
-         */
-        if (CHECKLEN(ret, 5 + login_len, limit))
-            return NULL;
-
-        /* fill in the extension */
-        s2n(TLSEXT_TYPE_srp, ret);
-        s2n(login_len + 1, ret);
-        (*ret++) = (unsigned char)login_len;
-        memcpy(ret, s->srp_ctx.login, login_len);
-        ret += login_len;
-    }
-# endif
-
-# ifndef OPENSSL_NO_EC
-    if (using_ecc) {
-        /*
-         * Add TLS extension ECPointFormats to the ClientHello message
-         */
-        const unsigned char *pcurves, *pformats;
-        size_t num_curves, num_formats, curves_list_len;
-
-        tls1_get_formatlist(s, &pformats, &num_formats);
-
-        if (num_formats > 255) {
-            SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
-            return NULL;
-        }
-        /*-
-         * check for enough space.
-         * 4 bytes for the ec point formats type and extension length
-         * 1 byte for the length of the formats
-         * + formats length
-         */
-        if (CHECKLEN(ret, 5 + num_formats, limit))
-            return NULL;
-
-        s2n(TLSEXT_TYPE_ec_point_formats, ret);
-        /* The point format list has 1-byte length. */
-        s2n(num_formats + 1, ret);
-        *(ret++) = (unsigned char)num_formats;
-        memcpy(ret, pformats, num_formats);
-        ret += num_formats;
-
-        /*
-         * Add TLS extension EllipticCurves to the ClientHello message
-         */
-        pcurves = s->tlsext_ellipticcurvelist;
-        if (!tls1_get_curvelist(s, 0, &pcurves, &num_curves))
-            return NULL;
-
-        if (num_curves > 65532 / 2) {
-            SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
-            return NULL;
-        }
-        curves_list_len = 2 * num_curves;
-        /*-
-         * check for enough space.
-         * 4 bytes for the ec curves type and extension length
-         * 2 bytes for the curve list length
-         * + curve list length
-         */
-        if (CHECKLEN(ret, 6 + curves_list_len, limit))
-            return NULL;
-
-        s2n(TLSEXT_TYPE_elliptic_curves, ret);
-        s2n(curves_list_len + 2, ret);
-        s2n(curves_list_len, ret);
-        memcpy(ret, pcurves, curves_list_len);
-        ret += curves_list_len;
-    }
-# endif                         /* OPENSSL_NO_EC */
-
-    if (!(SSL_get_options(s) & SSL_OP_NO_TICKET)) {
-        size_t ticklen;
-        if (!s->new_session && s->session && s->session->tlsext_tick)
-            ticklen = s->session->tlsext_ticklen;
-        else if (s->session && s->tlsext_session_ticket &&
-                 s->tlsext_session_ticket->data) {
-            ticklen = s->tlsext_session_ticket->length;
-            s->session->tlsext_tick = OPENSSL_malloc(ticklen);
-            if (!s->session->tlsext_tick)
-                return NULL;
-            memcpy(s->session->tlsext_tick,
-                   s->tlsext_session_ticket->data, ticklen);
-            s->session->tlsext_ticklen = ticklen;
-        } else
-            ticklen = 0;
-        if (ticklen == 0 && s->tlsext_session_ticket &&
-            s->tlsext_session_ticket->data == NULL)
-            goto skip_ext;
-        /*
-         * Check for enough room 2 for extension type, 2 for len rest for
-         * ticket
-         */
-        if (CHECKLEN(ret, 4 + ticklen, limit))
-            return NULL;
-        s2n(TLSEXT_TYPE_session_ticket, ret);
-        s2n(ticklen, ret);
-        if (ticklen > 0) {
-            memcpy(ret, s->session->tlsext_tick, ticklen);
-            ret += ticklen;
-        }
-    }
- skip_ext:
-
-    if (SSL_CLIENT_USE_SIGALGS(s)) {
-        size_t salglen;
-        const unsigned char *salg;
-        salglen = tls12_get_psigalgs(s, 1, &salg);
-
-        /*-
-         * check for enough space.
-         * 4 bytes for the sigalgs type and extension length
-         * 2 bytes for the sigalg list length
-         * + sigalg list length
-         */
-        if (CHECKLEN(ret, salglen + 6, limit))
-            return NULL;
-        s2n(TLSEXT_TYPE_signature_algorithms, ret);
-        s2n(salglen + 2, ret);
-        s2n(salglen, ret);
-        memcpy(ret, salg, salglen);
-        ret += salglen;
-    }
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    if (s->s3->client_opaque_prf_input != NULL) {
-        size_t col = s->s3->client_opaque_prf_input_len;
-
-        if ((long)(limit - ret - 6 - col < 0))
-            return NULL;
-        if (col > 0xFFFD)       /* can't happen */
-            return NULL;
-
-        s2n(TLSEXT_TYPE_opaque_prf_input, ret);
-        s2n(col + 2, ret);
-        s2n(col, ret);
-        memcpy(ret, s->s3->client_opaque_prf_input, col);
-        ret += col;
-    }
-# endif
-
-    if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp) {
-        int i;
-        size_t extlen, idlen;
-        int lentmp;
-        OCSP_RESPID *id;
-
-        idlen = 0;
-        for (i = 0; i < sk_OCSP_RESPID_num(s->tlsext_ocsp_ids); i++) {
-            id = sk_OCSP_RESPID_value(s->tlsext_ocsp_ids, i);
-            lentmp = i2d_OCSP_RESPID(id, NULL);
-            if (lentmp <= 0)
-                return NULL;
-            idlen += (size_t)lentmp + 2;
-        }
-
-        if (s->tlsext_ocsp_exts) {
-            lentmp = i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, NULL);
-            if (lentmp < 0)
-                return NULL;
-            extlen = (size_t)lentmp;
-        } else
-            extlen = 0;
-
-        if (extlen + idlen > 0xFFF0)
-            return NULL;
-        /*
-         * 2 bytes for status request type
-         * 2 bytes for status request len
-         * 1 byte for OCSP request type
-         * 2 bytes for length of ids
-         * 2 bytes for length of extensions
-         * + length of ids
-         * + length of extensions
-         */
-        if (CHECKLEN(ret, 9 + idlen + extlen, limit))
-            return NULL;
-
-        s2n(TLSEXT_TYPE_status_request, ret);
-        s2n(extlen + idlen + 5, ret);
-        *(ret++) = TLSEXT_STATUSTYPE_ocsp;
-        s2n(idlen, ret);
-        for (i = 0; i < sk_OCSP_RESPID_num(s->tlsext_ocsp_ids); i++) {
-            /* save position of id len */
-            unsigned char *q = ret;
-            id = sk_OCSP_RESPID_value(s->tlsext_ocsp_ids, i);
-            /* skip over id len */
-            ret += 2;
-            lentmp = i2d_OCSP_RESPID(id, &ret);
-            /* write id len */
-            s2n(lentmp, q);
-        }
-        s2n(extlen, ret);
-        if (extlen > 0)
-            i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, &ret);
-    }
-# ifndef OPENSSL_NO_HEARTBEATS
-    /* Add Heartbeat extension */
-
-    /*-
-     * check for enough space.
-     * 4 bytes for the heartbeat ext type and extension length
-     * 1 byte for the mode
-     */
-    if (CHECKLEN(ret, 5, limit))
-        return NULL;
-
-    s2n(TLSEXT_TYPE_heartbeat, ret);
-    s2n(1, ret);
-    /*-
-     * Set mode:
-     * 1: peer may send requests
-     * 2: peer not allowed to send requests
-     */
-    if (s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_RECV_REQUESTS)
-        *(ret++) = SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
-    else
-        *(ret++) = SSL_TLSEXT_HB_ENABLED;
-# endif
-
-# ifndef OPENSSL_NO_NEXTPROTONEG
-    if (s->ctx->next_proto_select_cb && !s->s3->tmp.finish_md_len) {
-        /*
-         * The client advertises an emtpy extension to indicate its support
-         * for Next Protocol Negotiation
-         */
-
-        /*-
-         * check for enough space.
-         * 4 bytes for the NPN ext type and extension length
-         */
-        if (CHECKLEN(ret, 4, limit))
-            return NULL;
-        s2n(TLSEXT_TYPE_next_proto_neg, ret);
-        s2n(0, ret);
-    }
-# endif
-
-    if (s->alpn_client_proto_list && !s->s3->tmp.finish_md_len) {
-        /*-
-         * check for enough space.
-         * 4 bytes for the ALPN type and extension length
-         * 2 bytes for the ALPN protocol list length
-         * + ALPN protocol list length
-         */
-        if (CHECKLEN(ret, 6 + s->alpn_client_proto_list_len, limit))
-            return NULL;
-        s2n(TLSEXT_TYPE_application_layer_protocol_negotiation, ret);
-        s2n(2 + s->alpn_client_proto_list_len, ret);
-        s2n(s->alpn_client_proto_list_len, ret);
-        memcpy(ret, s->alpn_client_proto_list, s->alpn_client_proto_list_len);
-        ret += s->alpn_client_proto_list_len;
-        s->cert->alpn_sent = 1;
-    }
-# ifndef OPENSSL_NO_SRTP
-    if (SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s)) {
-        int el;
-
-        ssl_add_clienthello_use_srtp_ext(s, 0, &el, 0);
-
-        /*-
-         * check for enough space.
-         * 4 bytes for the SRTP type and extension length
-         * + SRTP profiles length
-         */
-        if (CHECKLEN(ret, 4 + el, limit))
-            return NULL;
-
-        s2n(TLSEXT_TYPE_use_srtp, ret);
-        s2n(el, ret);
-
-        if (ssl_add_clienthello_use_srtp_ext(s, ret, &el, el)) {
-            SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
-            return NULL;
-        }
-        ret += el;
-    }
-# endif
-    custom_ext_init(&s->cert->cli_ext);
-    /* Add custom TLS Extensions to ClientHello */
-    if (!custom_ext_add(s, 0, &ret, limit, al))
-        return NULL;
-
-    /*
-     * Add padding to workaround bugs in F5 terminators. See
-     * https://tools.ietf.org/html/draft-agl-tls-padding-03 NB: because this
-     * code works out the length of all existing extensions it MUST always
-     * appear last.
-     */
-    if (s->options & SSL_OP_TLSEXT_PADDING) {
-        int hlen = ret - (unsigned char *)s->init_buf->data;
-        /*
-         * The code in s23_clnt.c to build ClientHello messages includes the
-         * 5-byte record header in the buffer, while the code in s3_clnt.c
-         * does not.
-         */
-        if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
-            hlen -= 5;
-        if (hlen > 0xff && hlen < 0x200) {
-            hlen = 0x200 - hlen;
-            if (hlen >= 4)
-                hlen -= 4;
-            else
-                hlen = 0;
-
-            /*-
-             * check for enough space. Strictly speaking we know we've already
-             * got enough space because to get here the message size is < 0x200,
-             * but we know that we've allocated far more than that in the buffer
-             * - but for consistency and robustness we're going to check anyway.
-             *
-             * 4 bytes for the padding type and extension length
-             * + padding length
-             */
-            if (CHECKLEN(ret, 4 + hlen, limit))
-                return NULL;
-            s2n(TLSEXT_TYPE_padding, ret);
-            s2n(hlen, ret);
-            memset(ret, 0, hlen);
-            ret += hlen;
-        }
-    }
-
-    if ((extdatalen = ret - orig - 2) == 0)
-        return orig;
-
-    s2n(extdatalen, orig);
-    return ret;
-}
-
-unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
-                                          unsigned char *limit, int *al)
-{
-    int extdatalen = 0;
-    unsigned char *orig = buf;
-    unsigned char *ret = buf;
-# ifndef OPENSSL_NO_NEXTPROTONEG
-    int next_proto_neg_seen;
-# endif
-# ifndef OPENSSL_NO_EC
-    unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-    unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth;
-    int using_ecc = (alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe))
-        || (alg_a & SSL_aECDSA);
-    using_ecc = using_ecc && (s->session->tlsext_ecpointformatlist != NULL);
-# endif
-    /*
-     * don't add extensions for SSLv3, unless doing secure renegotiation
-     */
-    if (s->version == SSL3_VERSION && !s->s3->send_connection_binding)
-        return orig;
-
-    ret += 2;
-    if (ret >= limit)
-        return NULL;            /* this really never occurs, but ... */
-
-    if (!s->hit && s->servername_done == 1
-        && s->session->tlsext_hostname != NULL) {
-        if ((long)(limit - ret - 4) < 0)
-            return NULL;
-
-        s2n(TLSEXT_TYPE_server_name, ret);
-        s2n(0, ret);
-    }
-
-    if (s->s3->send_connection_binding) {
-        int el;
-
-        if (!ssl_add_serverhello_renegotiate_ext(s, 0, &el, 0)) {
-            SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
-            return NULL;
-        }
-
-        /*-
-         * check for enough space.
-         * 4 bytes for the reneg type and extension length
-         * + reneg data length
-         */
-        if (CHECKLEN(ret, 4 + el, limit))
-            return NULL;
-
-        s2n(TLSEXT_TYPE_renegotiate, ret);
-        s2n(el, ret);
-
-        if (!ssl_add_serverhello_renegotiate_ext(s, ret, &el, el)) {
-            SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
-            return NULL;
-        }
-
-        ret += el;
-    }
-# ifndef OPENSSL_NO_EC
-    if (using_ecc) {
-        const unsigned char *plist;
-        size_t plistlen;
-        /*
-         * Add TLS extension ECPointFormats to the ServerHello message
-         */
-
-        tls1_get_formatlist(s, &plist, &plistlen);
-
-        if (plistlen > 255) {
-            SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
-            return NULL;
-        }
-
-        /*-
-         * check for enough space.
-         * 4 bytes for the ec points format type and extension length
-         * 1 byte for the points format list length
-         * + length of points format list
-         */
-        if (CHECKLEN(ret, 5 + plistlen, limit))
-            return NULL;
-
-        s2n(TLSEXT_TYPE_ec_point_formats, ret);
-        s2n(plistlen + 1, ret);
-        *(ret++) = (unsigned char)plistlen;
-        memcpy(ret, plist, plistlen);
-        ret += plistlen;
-
-    }
-    /*
-     * Currently the server should not respond with a SupportedCurves
-     * extension
-     */
-# endif                         /* OPENSSL_NO_EC */
-
-    if (s->tlsext_ticket_expected && !(SSL_get_options(s) & SSL_OP_NO_TICKET)) {
-        /*-
-         * check for enough space.
-         * 4 bytes for the Ticket type and extension length
-         */
-        if (CHECKLEN(ret, 4, limit))
-            return NULL;
-        s2n(TLSEXT_TYPE_session_ticket, ret);
-        s2n(0, ret);
-    } else {
-        /* if we don't add the above TLSEXT, we can't add a session ticket later */
-        s->tlsext_ticket_expected = 0;
-    }
-
-    if (s->tlsext_status_expected) {
-        /*-
-         * check for enough space.
-         * 4 bytes for the Status request type and extension length
-         */
-        if (CHECKLEN(ret, 4, limit))
-            return NULL;
-        s2n(TLSEXT_TYPE_status_request, ret);
-        s2n(0, ret);
-    }
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    if (s->s3->server_opaque_prf_input != NULL) {
-        size_t sol = s->s3->server_opaque_prf_input_len;
-
-        if ((long)(limit - ret - 6 - sol) < 0)
-            return NULL;
-        if (sol > 0xFFFD)       /* can't happen */
-            return NULL;
-
-        s2n(TLSEXT_TYPE_opaque_prf_input, ret);
-        s2n(sol + 2, ret);
-        s2n(sol, ret);
-        memcpy(ret, s->s3->server_opaque_prf_input, sol);
-        ret += sol;
-    }
-# endif
-
-# ifndef OPENSSL_NO_SRTP
-    if (SSL_IS_DTLS(s) && s->srtp_profile) {
-        int el;
-
-        ssl_add_serverhello_use_srtp_ext(s, 0, &el, 0);
-
-        /*-
-         * check for enough space.
-         * 4 bytes for the SRTP profiles type and extension length
-         * + length of the SRTP profiles list
-         */
-        if (CHECKLEN(ret, 4 + el, limit))
-            return NULL;
-
-        s2n(TLSEXT_TYPE_use_srtp, ret);
-        s2n(el, ret);
-
-        if (ssl_add_serverhello_use_srtp_ext(s, ret, &el, el)) {
-            SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
-            return NULL;
-        }
-        ret += el;
-    }
-# endif
-
-    if (((s->s3->tmp.new_cipher->id & 0xFFFF) == 0x80
-         || (s->s3->tmp.new_cipher->id & 0xFFFF) == 0x81)
-        && (SSL_get_options(s) & SSL_OP_CRYPTOPRO_TLSEXT_BUG)) {
-        const unsigned char cryptopro_ext[36] = {
-            0xfd, 0xe8,         /* 65000 */
-            0x00, 0x20,         /* 32 bytes length */
-            0x30, 0x1e, 0x30, 0x08, 0x06, 0x06, 0x2a, 0x85,
-            0x03, 0x02, 0x02, 0x09, 0x30, 0x08, 0x06, 0x06,
-            0x2a, 0x85, 0x03, 0x02, 0x02, 0x16, 0x30, 0x08,
-            0x06, 0x06, 0x2a, 0x85, 0x03, 0x02, 0x02, 0x17
-        };
-
-        /* check for enough space. */
-        if (CHECKLEN(ret, sizeof(cryptopro_ext), limit))
-            return NULL;
-        memcpy(ret, cryptopro_ext, sizeof(cryptopro_ext));
-        ret += sizeof(cryptopro_ext);
-
-    }
-# ifndef OPENSSL_NO_HEARTBEATS
-    /* Add Heartbeat extension if we've received one */
-    if (s->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED) {
-        /*-
-         * check for enough space.
-         * 4 bytes for the Heartbeat type and extension length
-         * 1 byte for the mode
-         */
-        if (CHECKLEN(ret, 5, limit))
-            return NULL;
-        s2n(TLSEXT_TYPE_heartbeat, ret);
-        s2n(1, ret);
-        /*-
-         * Set mode:
-         * 1: peer may send requests
-         * 2: peer not allowed to send requests
-         */
-        if (s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_RECV_REQUESTS)
-            *(ret++) = SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
-        else
-            *(ret++) = SSL_TLSEXT_HB_ENABLED;
-
-    }
-# endif
-
-# ifndef OPENSSL_NO_NEXTPROTONEG
-    next_proto_neg_seen = s->s3->next_proto_neg_seen;
-    s->s3->next_proto_neg_seen = 0;
-    if (next_proto_neg_seen && s->ctx->next_protos_advertised_cb) {
-        const unsigned char *npa;
-        unsigned int npalen;
-        int r;
-
-        r = s->ctx->next_protos_advertised_cb(s, &npa, &npalen,
-                                              s->
-                                              ctx->next_protos_advertised_cb_arg);
-        if (r == SSL_TLSEXT_ERR_OK) {
-            /*-
-             * check for enough space.
-             * 4 bytes for the NPN type and extension length
-             * + length of protocols list
-             */
-            if (CHECKLEN(ret, 4 + npalen, limit))
-                return NULL;
-            s2n(TLSEXT_TYPE_next_proto_neg, ret);
-            s2n(npalen, ret);
-            memcpy(ret, npa, npalen);
-            ret += npalen;
-            s->s3->next_proto_neg_seen = 1;
-        }
-    }
-# endif
-    if (!custom_ext_add(s, 1, &ret, limit, al))
-        return NULL;
-
-    if (s->s3->alpn_selected) {
-        const unsigned char *selected = s->s3->alpn_selected;
-        size_t len = s->s3->alpn_selected_len;
-
-        /*-
-         * check for enough space.
-         * 4 bytes for the ALPN type and extension length
-         * 2 bytes for ALPN data length
-         * 1 byte for selected protocol length
-         * + length of the selected protocol
-         */
-        if (CHECKLEN(ret, 7 + len, limit))
-            return NULL;
-        s2n(TLSEXT_TYPE_application_layer_protocol_negotiation, ret);
-        s2n(3 + len, ret);
-        s2n(1 + len, ret);
-        *ret++ = len;
-        memcpy(ret, selected, len);
-        ret += len;
-    }
-
-    if ((extdatalen = ret - orig - 2) == 0)
-        return orig;
-
-    s2n(extdatalen, orig);
-    return ret;
-}
-
-# ifndef OPENSSL_NO_EC
-/*-
- * ssl_check_for_safari attempts to fingerprint Safari using OS X
- * SecureTransport using the TLS extension block in |d|, of length |n|.
- * Safari, since 10.6, sends exactly these extensions, in this order:
- *   SNI,
- *   elliptic_curves
- *   ec_point_formats
- *
- * We wish to fingerprint Safari because they broke ECDHE-ECDSA support in 10.8,
- * but they advertise support. So enabling ECDHE-ECDSA ciphers breaks them.
- * Sadly we cannot differentiate 10.6, 10.7 and 10.8.4 (which work), from
- * 10.8..10.8.3 (which don't work).
- */
-static void ssl_check_for_safari(SSL *s, const unsigned char *data,
-                                 const unsigned char *limit)
-{
-    unsigned short type, size;
-    static const unsigned char kSafariExtensionsBlock[] = {
-        0x00, 0x0a,             /* elliptic_curves extension */
-        0x00, 0x08,             /* 8 bytes */
-        0x00, 0x06,             /* 6 bytes of curve ids */
-        0x00, 0x17,             /* P-256 */
-        0x00, 0x18,             /* P-384 */
-        0x00, 0x19,             /* P-521 */
-
-        0x00, 0x0b,             /* ec_point_formats */
-        0x00, 0x02,             /* 2 bytes */
-        0x01,                   /* 1 point format */
-        0x00,                   /* uncompressed */
-    };
-
-    /* The following is only present in TLS 1.2 */
-    static const unsigned char kSafariTLS12ExtensionsBlock[] = {
-        0x00, 0x0d,             /* signature_algorithms */
-        0x00, 0x0c,             /* 12 bytes */
-        0x00, 0x0a,             /* 10 bytes */
-        0x05, 0x01,             /* SHA-384/RSA */
-        0x04, 0x01,             /* SHA-256/RSA */
-        0x02, 0x01,             /* SHA-1/RSA */
-        0x04, 0x03,             /* SHA-256/ECDSA */
-        0x02, 0x03,             /* SHA-1/ECDSA */
-    };
-
-    if (limit - data <= 2)
-        return;
-    data += 2;
-
-    if (limit - data < 4)
-        return;
-    n2s(data, type);
-    n2s(data, size);
-
-    if (type != TLSEXT_TYPE_server_name)
-        return;
-
-    if (limit - data < size)
-        return;
-    data += size;
-
-    if (TLS1_get_client_version(s) >= TLS1_2_VERSION) {
-        const size_t len1 = sizeof(kSafariExtensionsBlock);
-        const size_t len2 = sizeof(kSafariTLS12ExtensionsBlock);
-
-        if (limit - data != (int)(len1 + len2))
-            return;
-        if (memcmp(data, kSafariExtensionsBlock, len1) != 0)
-            return;
-        if (memcmp(data + len1, kSafariTLS12ExtensionsBlock, len2) != 0)
-            return;
-    } else {
-        const size_t len = sizeof(kSafariExtensionsBlock);
-
-        if (limit - data != (int)(len))
-            return;
-        if (memcmp(data, kSafariExtensionsBlock, len) != 0)
-            return;
-    }
-
-    s->s3->is_probably_safari = 1;
-}
-# endif                         /* !OPENSSL_NO_EC */
-
-/*
- * tls1_alpn_handle_client_hello is called to save the ALPN extension in a
- * ClientHello.  data: the contents of the extension, not including the type
- * and length.  data_len: the number of bytes in |data| al: a pointer to the
- * alert value to send in the event of a non-zero return.  returns: 0 on
- * success.
- */
-static int tls1_alpn_handle_client_hello(SSL *s, const unsigned char *data,
-                                         unsigned data_len, int *al)
-{
-    unsigned i;
-    unsigned proto_len;
-
-    if (data_len < 2)
-        goto parse_error;
-
-    /*
-     * data should contain a uint16 length followed by a series of 8-bit,
-     * length-prefixed strings.
-     */
-    i = ((unsigned)data[0]) << 8 | ((unsigned)data[1]);
-    data_len -= 2;
-    data += 2;
-    if (data_len != i)
-        goto parse_error;
-
-    if (data_len < 2)
-        goto parse_error;
-
-    for (i = 0; i < data_len;) {
-        proto_len = data[i];
-        i++;
-
-        if (proto_len == 0)
-            goto parse_error;
-
-        if (i + proto_len < i || i + proto_len > data_len)
-            goto parse_error;
-
-        i += proto_len;
-    }
-
-    if (s->cert->alpn_proposed != NULL)
-        OPENSSL_free(s->cert->alpn_proposed);
-    s->cert->alpn_proposed = OPENSSL_malloc(data_len);
-    if (s->cert->alpn_proposed == NULL) {
-        *al = SSL_AD_INTERNAL_ERROR;
-        return -1;
-    }
-    memcpy(s->cert->alpn_proposed, data, data_len);
-    s->cert->alpn_proposed_len = data_len;
-    return 0;
-
- parse_error:
-    *al = SSL_AD_DECODE_ERROR;
-    return -1;
-}
-
-/*
- * Process the ALPN extension in a ClientHello.
- * al: a pointer to the alert value to send in the event of a failure.
- * returns 1 on success, 0 on failure: al set only on failure
- */
-static int tls1_alpn_handle_client_hello_late(SSL *s, int *al)
-{
-    const unsigned char *selected = NULL;
-    unsigned char selected_len = 0;
-
-    if (s->ctx->alpn_select_cb != NULL && s->cert->alpn_proposed != NULL) {
-        int r = s->ctx->alpn_select_cb(s, &selected, &selected_len,
-                                       s->cert->alpn_proposed,
-                                       s->cert->alpn_proposed_len,
-                                       s->ctx->alpn_select_cb_arg);
-
-        if (r == SSL_TLSEXT_ERR_OK) {
-            OPENSSL_free(s->s3->alpn_selected);
-            s->s3->alpn_selected = OPENSSL_malloc(selected_len);
-            if (s->s3->alpn_selected == NULL) {
-                *al = SSL_AD_INTERNAL_ERROR;
-                return 0;
-            }
-            memcpy(s->s3->alpn_selected, selected, selected_len);
-            s->s3->alpn_selected_len = selected_len;
-# ifndef OPENSSL_NO_NEXTPROTONEG
-            /* ALPN takes precedence over NPN. */
-            s->s3->next_proto_neg_seen = 0;
-# endif
-        }
-    }
-
-    return 1;
-}
-
-static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p,
-                                       unsigned char *limit, int *al)
-{
-    unsigned short type;
-    unsigned short size;
-    unsigned short len;
-    unsigned char *data = *p;
-    int renegotiate_seen = 0;
-
-    s->servername_done = 0;
-    s->tlsext_status_type = -1;
-# ifndef OPENSSL_NO_NEXTPROTONEG
-    s->s3->next_proto_neg_seen = 0;
-# endif
-
-    if (s->s3->alpn_selected) {
-        OPENSSL_free(s->s3->alpn_selected);
-        s->s3->alpn_selected = NULL;
-    }
-    s->s3->alpn_selected_len = 0;
-    if (s->cert->alpn_proposed) {
-        OPENSSL_free(s->cert->alpn_proposed);
-        s->cert->alpn_proposed = NULL;
-    }
-    s->cert->alpn_proposed_len = 0;
-# ifndef OPENSSL_NO_HEARTBEATS
-    s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED |
-                             SSL_TLSEXT_HB_DONT_SEND_REQUESTS);
-# endif
-
-# ifndef OPENSSL_NO_EC
-    if (s->options & SSL_OP_SAFARI_ECDHE_ECDSA_BUG)
-        ssl_check_for_safari(s, data, limit);
-# endif                         /* !OPENSSL_NO_EC */
-
-    /* Clear any signature algorithms extension received */
-    if (s->cert->peer_sigalgs) {
-        OPENSSL_free(s->cert->peer_sigalgs);
-        s->cert->peer_sigalgs = NULL;
-    }
-# ifndef OPENSSL_NO_SRP
-    if (s->srp_ctx.login != NULL) {
-        OPENSSL_free(s->srp_ctx.login);
-        s->srp_ctx.login = NULL;
-    }
-# endif
-
-    s->srtp_profile = NULL;
-
-    if (data == limit)
-        goto ri_check;
-
-    if (limit - data < 2)
-        goto err;
-
-    n2s(data, len);
-
-    if (limit - data != len)
-        goto err;
-
-    while (limit - data >= 4) {
-        n2s(data, type);
-        n2s(data, size);
-
-        if (limit - data < size)
-            goto err;
-# if 0
-        fprintf(stderr, "Received extension type %d size %d\n", type, size);
-# endif
-        if (s->tlsext_debug_cb)
-            s->tlsext_debug_cb(s, 0, type, data, size, s->tlsext_debug_arg);
-/*-
- * The servername extension is treated as follows:
- *
- * - Only the hostname type is supported with a maximum length of 255.
- * - The servername is rejected if too long or if it contains zeros,
- *   in which case an fatal alert is generated.
- * - The servername field is maintained together with the session cache.
- * - When a session is resumed, the servername call back invoked in order
- *   to allow the application to position itself to the right context.
- * - The servername is acknowledged if it is new for a session or when
- *   it is identical to a previously used for the same session.
- *   Applications can control the behaviour.  They can at any time
- *   set a 'desirable' servername for a new SSL object. This can be the
- *   case for example with HTTPS when a Host: header field is received and
- *   a renegotiation is requested. In this case, a possible servername
- *   presented in the new client hello is only acknowledged if it matches
- *   the value of the Host: field.
- * - Applications must  use SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
- *   if they provide for changing an explicit servername context for the
- *   session, i.e. when the session has been established with a servername
- *   extension.
- * - On session reconnect, the servername extension may be absent.
- *
- */
-
-        if (type == TLSEXT_TYPE_server_name) {
-            unsigned char *sdata;
-            int servname_type;
-            int dsize;
-
-            if (size < 2)
-                goto err;
-            n2s(data, dsize);
-            size -= 2;
-            if (dsize > size)
-                goto err;
-
-            sdata = data;
-            while (dsize > 3) {
-                servname_type = *(sdata++);
-                n2s(sdata, len);
-                dsize -= 3;
-
-                if (len > dsize)
-                    goto err;
-
-                if (s->servername_done == 0)
-                    switch (servname_type) {
-                    case TLSEXT_NAMETYPE_host_name:
-                        if (!s->hit) {
-                            if (s->session->tlsext_hostname)
-                                goto err;
-
-                            if (len > TLSEXT_MAXLEN_host_name) {
-                                *al = TLS1_AD_UNRECOGNIZED_NAME;
-                                return 0;
-                            }
-                            if ((s->session->tlsext_hostname =
-                                 OPENSSL_malloc(len + 1)) == NULL) {
-                                *al = TLS1_AD_INTERNAL_ERROR;
-                                return 0;
-                            }
-                            memcpy(s->session->tlsext_hostname, sdata, len);
-                            s->session->tlsext_hostname[len] = '\0';
-                            if (strlen(s->session->tlsext_hostname) != len) {
-                                OPENSSL_free(s->session->tlsext_hostname);
-                                s->session->tlsext_hostname = NULL;
-                                *al = TLS1_AD_UNRECOGNIZED_NAME;
-                                return 0;
-                            }
-                            s->servername_done = 1;
-
-                        } else
-                            s->servername_done = s->session->tlsext_hostname
-                                && strlen(s->session->tlsext_hostname) == len
-                                && strncmp(s->session->tlsext_hostname,
-                                           (char *)sdata, len) == 0;
-
-                        break;
-
-                    default:
-                        break;
-                    }
-
-                dsize -= len;
-            }
-            if (dsize != 0)
-                goto err;
-
-        }
-# ifndef OPENSSL_NO_SRP
-        else if (type == TLSEXT_TYPE_srp) {
-            if (size == 0 || ((len = data[0])) != (size - 1))
-                goto err;
-            if (s->srp_ctx.login != NULL)
-                goto err;
-            if ((s->srp_ctx.login = OPENSSL_malloc(len + 1)) == NULL)
-                return -1;
-            memcpy(s->srp_ctx.login, &data[1], len);
-            s->srp_ctx.login[len] = '\0';
-
-            if (strlen(s->srp_ctx.login) != len)
-                goto err;
-        }
-# endif
-
-# ifndef OPENSSL_NO_EC
-        else if (type == TLSEXT_TYPE_ec_point_formats) {
-            unsigned char *sdata = data;
-            int ecpointformatlist_length = *(sdata++);
-
-            if (ecpointformatlist_length != size - 1 ||
-                ecpointformatlist_length < 1)
-                goto err;
-            if (!s->hit) {
-                if (s->session->tlsext_ecpointformatlist) {
-                    OPENSSL_free(s->session->tlsext_ecpointformatlist);
-                    s->session->tlsext_ecpointformatlist = NULL;
-                }
-                s->session->tlsext_ecpointformatlist_length = 0;
-                if ((s->session->tlsext_ecpointformatlist =
-                     OPENSSL_malloc(ecpointformatlist_length)) == NULL) {
-                    *al = TLS1_AD_INTERNAL_ERROR;
-                    return 0;
-                }
-                s->session->tlsext_ecpointformatlist_length =
-                    ecpointformatlist_length;
-                memcpy(s->session->tlsext_ecpointformatlist, sdata,
-                       ecpointformatlist_length);
-            }
-#  if 0
-            fprintf(stderr,
-                    "ssl_parse_clienthello_tlsext s->session->tlsext_ecpointformatlist (length=%i) ",
-                    s->session->tlsext_ecpointformatlist_length);
-            sdata = s->session->tlsext_ecpointformatlist;
-            for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++)
-                fprintf(stderr, "%i ", *(sdata++));
-            fprintf(stderr, "\n");
-#  endif
-        } else if (type == TLSEXT_TYPE_elliptic_curves) {
-            unsigned char *sdata = data;
-            int ellipticcurvelist_length = (*(sdata++) << 8);
-            ellipticcurvelist_length += (*(sdata++));
-
-            if (ellipticcurvelist_length != size - 2 ||
-                ellipticcurvelist_length < 1 ||
-                /* Each NamedCurve is 2 bytes. */
-                ellipticcurvelist_length & 1)
-                    goto err;
-
-            if (!s->hit) {
-                if (s->session->tlsext_ellipticcurvelist)
-                    goto err;
-
-                s->session->tlsext_ellipticcurvelist_length = 0;
-                if ((s->session->tlsext_ellipticcurvelist =
-                     OPENSSL_malloc(ellipticcurvelist_length)) == NULL) {
-                    *al = TLS1_AD_INTERNAL_ERROR;
-                    return 0;
-                }
-                s->session->tlsext_ellipticcurvelist_length =
-                    ellipticcurvelist_length;
-                memcpy(s->session->tlsext_ellipticcurvelist, sdata,
-                       ellipticcurvelist_length);
-            }
-#  if 0
-            fprintf(stderr,
-                    "ssl_parse_clienthello_tlsext s->session->tlsext_ellipticcurvelist (length=%i) ",
-                    s->session->tlsext_ellipticcurvelist_length);
-            sdata = s->session->tlsext_ellipticcurvelist;
-            for (i = 0; i < s->session->tlsext_ellipticcurvelist_length; i++)
-                fprintf(stderr, "%i ", *(sdata++));
-            fprintf(stderr, "\n");
-#  endif
-        }
-# endif                         /* OPENSSL_NO_EC */
-# ifdef TLSEXT_TYPE_opaque_prf_input
-        else if (type == TLSEXT_TYPE_opaque_prf_input) {
-            unsigned char *sdata = data;
-
-            if (size < 2) {
-                *al = SSL_AD_DECODE_ERROR;
-                return 0;
-            }
-            n2s(sdata, s->s3->client_opaque_prf_input_len);
-            if (s->s3->client_opaque_prf_input_len != size - 2) {
-                *al = SSL_AD_DECODE_ERROR;
-                return 0;
-            }
-
-            if (s->s3->client_opaque_prf_input != NULL) {
-                /* shouldn't really happen */
-                OPENSSL_free(s->s3->client_opaque_prf_input);
-            }
-
-            /* dummy byte just to get non-NULL */
-            if (s->s3->client_opaque_prf_input_len == 0)
-                s->s3->client_opaque_prf_input = OPENSSL_malloc(1);
-            else
-                s->s3->client_opaque_prf_input =
-                    BUF_memdup(sdata, s->s3->client_opaque_prf_input_len);
-            if (s->s3->client_opaque_prf_input == NULL) {
-                *al = TLS1_AD_INTERNAL_ERROR;
-                return 0;
-            }
-        }
-# endif
-        else if (type == TLSEXT_TYPE_session_ticket) {
-            if (s->tls_session_ticket_ext_cb &&
-                !s->tls_session_ticket_ext_cb(s, data, size,
-                                              s->tls_session_ticket_ext_cb_arg))
-            {
-                *al = TLS1_AD_INTERNAL_ERROR;
-                return 0;
-            }
-        } else if (type == TLSEXT_TYPE_renegotiate) {
-            if (!ssl_parse_clienthello_renegotiate_ext(s, data, size, al))
-                return 0;
-            renegotiate_seen = 1;
-        } else if (type == TLSEXT_TYPE_signature_algorithms) {
-            int dsize;
-            if (s->cert->peer_sigalgs || size < 2)
-                goto err;
-            n2s(data, dsize);
-            size -= 2;
-            if (dsize != size || dsize & 1 || !dsize)
-                goto err;
-            if (!tls1_save_sigalgs(s, data, dsize))
-                goto err;
-        } else if (type == TLSEXT_TYPE_status_request) {
-
-            if (size < 5)
-                goto err;
-
-            s->tlsext_status_type = *data++;
-            size--;
-            if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp) {
-                const unsigned char *sdata;
-                int dsize;
-                /* Read in responder_id_list */
-                n2s(data, dsize);
-                size -= 2;
-                if (dsize > size)
-                    goto err;
-
-                /*
-                 * We remove any OCSP_RESPIDs from a previous handshake
-                 * to prevent unbounded memory growth - CVE-2016-6304
-                 */
-                sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids,
-                                        OCSP_RESPID_free);
-                if (dsize > 0) {
-                    s->tlsext_ocsp_ids = sk_OCSP_RESPID_new_null();
-                    if (s->tlsext_ocsp_ids == NULL) {
-                        *al = SSL_AD_INTERNAL_ERROR;
-                        return 0;
-                    }
-                } else {
-                    s->tlsext_ocsp_ids = NULL;
-                }
-
-                while (dsize > 0) {
-                    OCSP_RESPID *id;
-                    int idsize;
-                    if (dsize < 4)
-                        goto err;
-                    n2s(data, idsize);
-                    dsize -= 2 + idsize;
-                    size -= 2 + idsize;
-                    if (dsize < 0)
-                        goto err;
-                    sdata = data;
-                    data += idsize;
-                    id = d2i_OCSP_RESPID(NULL, &sdata, idsize);
-                    if (!id)
-                        goto err;
-                    if (data != sdata) {
-                        OCSP_RESPID_free(id);
-                        goto err;
-                    }
-                    if (!sk_OCSP_RESPID_push(s->tlsext_ocsp_ids, id)) {
-                        OCSP_RESPID_free(id);
-                        *al = SSL_AD_INTERNAL_ERROR;
-                        return 0;
-                    }
-                }
-
-                /* Read in request_extensions */
-                if (size < 2)
-                    goto err;
-                n2s(data, dsize);
-                size -= 2;
-                if (dsize != size)
-                    goto err;
-                sdata = data;
-                if (dsize > 0) {
-                    if (s->tlsext_ocsp_exts) {
-                        sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts,
-                                                   X509_EXTENSION_free);
-                    }
-
-                    s->tlsext_ocsp_exts =
-                        d2i_X509_EXTENSIONS(NULL, &sdata, dsize);
-                    if (!s->tlsext_ocsp_exts || (data + dsize != sdata))
-                        goto err;
-                }
-            }
-            /*
-             * We don't know what to do with any other type * so ignore it.
-             */
-            else
-                s->tlsext_status_type = -1;
-        }
-# ifndef OPENSSL_NO_HEARTBEATS
-        else if (type == TLSEXT_TYPE_heartbeat) {
-            switch (data[0]) {
-            case 0x01:         /* Client allows us to send HB requests */
-                s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
-                break;
-            case 0x02:         /* Client doesn't accept HB requests */
-                s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
-                s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
-                break;
-            default:
-                *al = SSL_AD_ILLEGAL_PARAMETER;
-                return 0;
-            }
-        }
-# endif
-# ifndef OPENSSL_NO_NEXTPROTONEG
-        else if (type == TLSEXT_TYPE_next_proto_neg &&
-                 s->s3->tmp.finish_md_len == 0) {
-            /*-
-             * We shouldn't accept this extension on a
-             * renegotiation.
-             *
-             * s->new_session will be set on renegotiation, but we
-             * probably shouldn't rely that it couldn't be set on
-             * the initial renegotation too in certain cases (when
-             * there's some other reason to disallow resuming an
-             * earlier session -- the current code won't be doing
-             * anything like that, but this might change).
-             *
-             * A valid sign that there's been a previous handshake
-             * in this connection is if s->s3->tmp.finish_md_len >
-             * 0.  (We are talking about a check that will happen
-             * in the Hello protocol round, well before a new
-             * Finished message could have been computed.)
-             */
-            s->s3->next_proto_neg_seen = 1;
-        }
-# endif
-
-        else if (type == TLSEXT_TYPE_application_layer_protocol_negotiation &&
-                 s->s3->tmp.finish_md_len == 0) {
-            if (tls1_alpn_handle_client_hello(s, data, size, al) != 0)
-                return 0;
-        }
-
-        /* session ticket processed earlier */
-# ifndef OPENSSL_NO_SRTP
-        else if (SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s)
-                 && type == TLSEXT_TYPE_use_srtp) {
-            if (ssl_parse_clienthello_use_srtp_ext(s, data, size, al))
-                return 0;
-        }
-# endif
-
-        data += size;
-    }
-
-    /* Spurious data on the end */
-    if (data != limit)
-        goto err;
-
-    *p = data;
-
- ri_check:
-
-    /* Need RI if renegotiating */
-
-    if (!renegotiate_seen && s->renegotiate &&
-        !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) {
-        *al = SSL_AD_HANDSHAKE_FAILURE;
-        SSLerr(SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT,
-               SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
-        return 0;
-    }
-
-    return 1;
-err:
-    *al = SSL_AD_DECODE_ERROR;
-    return 0;
-}
-
-/*
- * Parse any custom extensions found.  "data" is the start of the extension data
- * and "limit" is the end of the record. TODO: add strict syntax checking.
- */
-
-static int ssl_scan_clienthello_custom_tlsext(SSL *s,
-                                              const unsigned char *data,
-                                              const unsigned char *limit,
-                                              int *al)
-{
-    unsigned short type, size, len;
-    /* If resumed session or no custom extensions nothing to do */
-    if (s->hit || s->cert->srv_ext.meths_count == 0)
-        return 1;
-
-    if (limit - data <= 2)
-        return 1;
-    n2s(data, len);
-
-    if (limit - data < len)
-        return 1;
-
-    while (limit - data >= 4) {
-        n2s(data, type);
-        n2s(data, size);
-
-        if (limit - data < size)
-            return 1;
-        if (custom_ext_parse(s, 1 /* server */ , type, data, size, al) <= 0)
-            return 0;
-
-        data += size;
-    }
-
-    return 1;
-}
-
-int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p,
-                                 unsigned char *limit)
-{
-    int al = -1;
-    unsigned char *ptmp = *p;
-    /*
-     * Internally supported extensions are parsed first so SNI can be handled
-     * before custom extensions. An application processing SNI will typically
-     * switch the parent context using SSL_set_SSL_CTX and custom extensions
-     * need to be handled by the new SSL_CTX structure.
-     */
-    if (ssl_scan_clienthello_tlsext(s, p, limit, &al) <= 0) {
-        ssl3_send_alert(s, SSL3_AL_FATAL, al);
-        return 0;
-    }
-
-    if (ssl_check_clienthello_tlsext_early(s) <= 0) {
-        SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT, SSL_R_CLIENTHELLO_TLSEXT);
-        return 0;
-    }
-
-    custom_ext_init(&s->cert->srv_ext);
-    if (ssl_scan_clienthello_custom_tlsext(s, ptmp, limit, &al) <= 0) {
-        ssl3_send_alert(s, SSL3_AL_FATAL, al);
-        return 0;
-    }
-
-    return 1;
-}
-
-# ifndef OPENSSL_NO_NEXTPROTONEG
-/*
- * ssl_next_proto_validate validates a Next Protocol Negotiation block. No
- * elements of zero length are allowed and the set of elements must exactly
- * fill the length of the block.
- */
-static char ssl_next_proto_validate(unsigned char *d, unsigned len)
-{
-    unsigned int off = 0;
-
-    while (off < len) {
-        if (d[off] == 0)
-            return 0;
-        off += d[off];
-        off++;
-    }
-
-    return off == len;
-}
-# endif
-
-static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p,
-                                       unsigned char *d, int n, int *al)
-{
-    unsigned short length;
-    unsigned short type;
-    unsigned short size;
-    unsigned char *data = *p;
-    int tlsext_servername = 0;
-    int renegotiate_seen = 0;
-
-# ifndef OPENSSL_NO_NEXTPROTONEG
-    s->s3->next_proto_neg_seen = 0;
-# endif
-    s->tlsext_ticket_expected = 0;
-
-    if (s->s3->alpn_selected) {
-        OPENSSL_free(s->s3->alpn_selected);
-        s->s3->alpn_selected = NULL;
-    }
-# ifndef OPENSSL_NO_HEARTBEATS
-    s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED |
-                             SSL_TLSEXT_HB_DONT_SEND_REQUESTS);
-# endif
-
-    if ((d + n) - data <= 2)
-        goto ri_check;
-
-    n2s(data, length);
-    if ((d + n) - data != length) {
-        *al = SSL_AD_DECODE_ERROR;
-        return 0;
-    }
-
-    while ((d + n) - data >= 4) {
-        n2s(data, type);
-        n2s(data, size);
-
-        if ((d + n) - data < size)
-            goto ri_check;
-
-        if (s->tlsext_debug_cb)
-            s->tlsext_debug_cb(s, 1, type, data, size, s->tlsext_debug_arg);
-
-        if (type == TLSEXT_TYPE_server_name) {
-            if (s->tlsext_hostname == NULL || size > 0) {
-                *al = TLS1_AD_UNRECOGNIZED_NAME;
-                return 0;
-            }
-            tlsext_servername = 1;
-        }
-# ifndef OPENSSL_NO_EC
-        else if (type == TLSEXT_TYPE_ec_point_formats) {
-            unsigned char *sdata = data;
-            int ecpointformatlist_length = *(sdata++);
-
-            if (ecpointformatlist_length != size - 1) {
-                *al = TLS1_AD_DECODE_ERROR;
-                return 0;
-            }
-            if (!s->hit) {
-                s->session->tlsext_ecpointformatlist_length = 0;
-                if (s->session->tlsext_ecpointformatlist != NULL)
-                    OPENSSL_free(s->session->tlsext_ecpointformatlist);
-                if ((s->session->tlsext_ecpointformatlist =
-                     OPENSSL_malloc(ecpointformatlist_length)) == NULL) {
-                    *al = TLS1_AD_INTERNAL_ERROR;
-                    return 0;
-                }
-                s->session->tlsext_ecpointformatlist_length =
-                    ecpointformatlist_length;
-                memcpy(s->session->tlsext_ecpointformatlist, sdata,
-                       ecpointformatlist_length);
-            }
-#  if 0
-            fprintf(stderr,
-                    "ssl_parse_serverhello_tlsext s->session->tlsext_ecpointformatlist ");
-            sdata = s->session->tlsext_ecpointformatlist;
-            for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++)
-                fprintf(stderr, "%i ", *(sdata++));
-            fprintf(stderr, "\n");
-#  endif
-        }
-# endif                         /* OPENSSL_NO_EC */
-
-        else if (type == TLSEXT_TYPE_session_ticket) {
-            if (s->tls_session_ticket_ext_cb &&
-                !s->tls_session_ticket_ext_cb(s, data, size,
-                                              s->tls_session_ticket_ext_cb_arg))
-            {
-                *al = TLS1_AD_INTERNAL_ERROR;
-                return 0;
-            }
-            if ((SSL_get_options(s) & SSL_OP_NO_TICKET)
-                || (size > 0)) {
-                *al = TLS1_AD_UNSUPPORTED_EXTENSION;
-                return 0;
-            }
-            s->tlsext_ticket_expected = 1;
-        }
-# ifdef TLSEXT_TYPE_opaque_prf_input
-        else if (type == TLSEXT_TYPE_opaque_prf_input) {
-            unsigned char *sdata = data;
-
-            if (size < 2) {
-                *al = SSL_AD_DECODE_ERROR;
-                return 0;
-            }
-            n2s(sdata, s->s3->server_opaque_prf_input_len);
-            if (s->s3->server_opaque_prf_input_len != size - 2) {
-                *al = SSL_AD_DECODE_ERROR;
-                return 0;
-            }
-
-            if (s->s3->server_opaque_prf_input != NULL) {
-                /* shouldn't really happen */
-                OPENSSL_free(s->s3->server_opaque_prf_input);
-            }
-            if (s->s3->server_opaque_prf_input_len == 0) {
-                /* dummy byte just to get non-NULL */
-                s->s3->server_opaque_prf_input = OPENSSL_malloc(1);
-            } else {
-                s->s3->server_opaque_prf_input =
-                    BUF_memdup(sdata, s->s3->server_opaque_prf_input_len);
-            }
-
-            if (s->s3->server_opaque_prf_input == NULL) {
-                *al = TLS1_AD_INTERNAL_ERROR;
-                return 0;
-            }
-        }
-# endif
-        else if (type == TLSEXT_TYPE_status_request) {
-            /*
-             * MUST be empty and only sent if we've requested a status
-             * request message.
-             */
-            if ((s->tlsext_status_type == -1) || (size > 0)) {
-                *al = TLS1_AD_UNSUPPORTED_EXTENSION;
-                return 0;
-            }
-            /* Set flag to expect CertificateStatus message */
-            s->tlsext_status_expected = 1;
-        }
-# ifndef OPENSSL_NO_NEXTPROTONEG
-        else if (type == TLSEXT_TYPE_next_proto_neg &&
-                 s->s3->tmp.finish_md_len == 0) {
-            unsigned char *selected;
-            unsigned char selected_len;
-
-            /* We must have requested it. */
-            if (s->ctx->next_proto_select_cb == NULL) {
-                *al = TLS1_AD_UNSUPPORTED_EXTENSION;
-                return 0;
-            }
-            /* The data must be valid */
-            if (!ssl_next_proto_validate(data, size)) {
-                *al = TLS1_AD_DECODE_ERROR;
-                return 0;
-            }
-            if (s->
-                ctx->next_proto_select_cb(s, &selected, &selected_len, data,
-                                          size,
-                                          s->ctx->next_proto_select_cb_arg) !=
-                SSL_TLSEXT_ERR_OK) {
-                *al = TLS1_AD_INTERNAL_ERROR;
-                return 0;
-            }
-            /*
-             * Could be non-NULL if server has sent multiple NPN extensions in
-             * a single Serverhello
-             */
-            OPENSSL_free(s->next_proto_negotiated);
-            s->next_proto_negotiated = OPENSSL_malloc(selected_len);
-            if (!s->next_proto_negotiated) {
-                *al = TLS1_AD_INTERNAL_ERROR;
-                return 0;
-            }
-            memcpy(s->next_proto_negotiated, selected, selected_len);
-            s->next_proto_negotiated_len = selected_len;
-            s->s3->next_proto_neg_seen = 1;
-        }
-# endif
-
-        else if (type == TLSEXT_TYPE_application_layer_protocol_negotiation) {
-            unsigned len;
-
-            /* We must have requested it. */
-            if (!s->cert->alpn_sent) {
-                *al = TLS1_AD_UNSUPPORTED_EXTENSION;
-                return 0;
-            }
-            if (size < 4) {
-                *al = TLS1_AD_DECODE_ERROR;
-                return 0;
-            }
-            /*-
-             * The extension data consists of:
-             *   uint16 list_length
-             *   uint8 proto_length;
-             *   uint8 proto[proto_length];
-             */
-            len = data[0];
-            len <<= 8;
-            len |= data[1];
-            if (len != (unsigned)size - 2) {
-                *al = TLS1_AD_DECODE_ERROR;
-                return 0;
-            }
-            len = data[2];
-            if (len != (unsigned)size - 3) {
-                *al = TLS1_AD_DECODE_ERROR;
-                return 0;
-            }
-            if (s->s3->alpn_selected)
-                OPENSSL_free(s->s3->alpn_selected);
-            s->s3->alpn_selected = OPENSSL_malloc(len);
-            if (!s->s3->alpn_selected) {
-                *al = TLS1_AD_INTERNAL_ERROR;
-                return 0;
-            }
-            memcpy(s->s3->alpn_selected, data + 3, len);
-            s->s3->alpn_selected_len = len;
-        }
-
-        else if (type == TLSEXT_TYPE_renegotiate) {
-            if (!ssl_parse_serverhello_renegotiate_ext(s, data, size, al))
-                return 0;
-            renegotiate_seen = 1;
-        }
-# ifndef OPENSSL_NO_HEARTBEATS
-        else if (type == TLSEXT_TYPE_heartbeat) {
-            switch (data[0]) {
-            case 0x01:         /* Server allows us to send HB requests */
-                s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
-                break;
-            case 0x02:         /* Server doesn't accept HB requests */
-                s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
-                s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
-                break;
-            default:
-                *al = SSL_AD_ILLEGAL_PARAMETER;
-                return 0;
-            }
-        }
-# endif
-# ifndef OPENSSL_NO_SRTP
-        else if (SSL_IS_DTLS(s) && type == TLSEXT_TYPE_use_srtp) {
-            if (ssl_parse_serverhello_use_srtp_ext(s, data, size, al))
-                return 0;
-        }
-# endif
-        /*
-         * If this extension type was not otherwise handled, but matches a
-         * custom_cli_ext_record, then send it to the c callback
-         */
-        else if (custom_ext_parse(s, 0, type, data, size, al) <= 0)
-            return 0;
-
-        data += size;
-    }
-
-    if (data != d + n) {
-        *al = SSL_AD_DECODE_ERROR;
-        return 0;
-    }
-
-    if (!s->hit && tlsext_servername == 1) {
-        if (s->tlsext_hostname) {
-            if (s->session->tlsext_hostname == NULL) {
-                s->session->tlsext_hostname = BUF_strdup(s->tlsext_hostname);
-                if (!s->session->tlsext_hostname) {
-                    *al = SSL_AD_UNRECOGNIZED_NAME;
-                    return 0;
-                }
-            } else {
-                *al = SSL_AD_DECODE_ERROR;
-                return 0;
-            }
-        }
-    }
-
-    *p = data;
-
- ri_check:
-
-    /*
-     * Determine if we need to see RI. Strictly speaking if we want to avoid
-     * an attack we should *always* see RI even on initial server hello
-     * because the client doesn't see any renegotiation during an attack.
-     * However this would mean we could not connect to any server which
-     * doesn't support RI so for the immediate future tolerate RI absence on
-     * initial connect only.
-     */
-    if (!renegotiate_seen && !(s->options & SSL_OP_LEGACY_SERVER_CONNECT)
-        && !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) {
-        *al = SSL_AD_HANDSHAKE_FAILURE;
-        SSLerr(SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT,
-               SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
-        return 0;
-    }
-
-    return 1;
-}
-
-int ssl_prepare_clienthello_tlsext(SSL *s)
-{
-
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    {
-        int r = 1;
-
-        if (s->ctx->tlsext_opaque_prf_input_callback != 0) {
-            r = s->ctx->tlsext_opaque_prf_input_callback(s, NULL, 0,
-                                                         s->
-                                                         ctx->tlsext_opaque_prf_input_callback_arg);
-            if (!r)
-                return -1;
-        }
-
-        if (s->tlsext_opaque_prf_input != NULL) {
-            if (s->s3->client_opaque_prf_input != NULL) {
-                /* shouldn't really happen */
-                OPENSSL_free(s->s3->client_opaque_prf_input);
-            }
-
-            if (s->tlsext_opaque_prf_input_len == 0) {
-                /* dummy byte just to get non-NULL */
-                s->s3->client_opaque_prf_input = OPENSSL_malloc(1);
-            } else {
-                s->s3->client_opaque_prf_input =
-                    BUF_memdup(s->tlsext_opaque_prf_input,
-                               s->tlsext_opaque_prf_input_len);
-            }
-            if (s->s3->client_opaque_prf_input == NULL) {
-                SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,
-                       ERR_R_MALLOC_FAILURE);
-                return -1;
-            }
-            s->s3->client_opaque_prf_input_len =
-                s->tlsext_opaque_prf_input_len;
-        }
-
-        if (r == 2)
-            /*
-             * at callback's request, insist on receiving an appropriate
-             * server opaque PRF input
-             */
-            s->s3->server_opaque_prf_input_len =
-                s->tlsext_opaque_prf_input_len;
-    }
-# endif
-
-    s->cert->alpn_sent = 0;
-    return 1;
-}
-
-int ssl_prepare_serverhello_tlsext(SSL *s)
-{
-    return 1;
-}
-
-static int ssl_check_clienthello_tlsext_early(SSL *s)
-{
-    int ret = SSL_TLSEXT_ERR_NOACK;
-    int al = SSL_AD_UNRECOGNIZED_NAME;
-
-# ifndef OPENSSL_NO_EC
-    /*
-     * The handling of the ECPointFormats extension is done elsewhere, namely
-     * in ssl3_choose_cipher in s3_lib.c.
-     */
-    /*
-     * The handling of the EllipticCurves extension is done elsewhere, namely
-     * in ssl3_choose_cipher in s3_lib.c.
-     */
-# endif
-
-    if (s->ctx != NULL && s->ctx->tlsext_servername_callback != 0)
-        ret =
-            s->ctx->tlsext_servername_callback(s, &al,
-                                               s->ctx->tlsext_servername_arg);
-    else if (s->initial_ctx != NULL
-             && s->initial_ctx->tlsext_servername_callback != 0)
-        ret =
-            s->initial_ctx->tlsext_servername_callback(s, &al,
-                                                       s->
-                                                       initial_ctx->tlsext_servername_arg);
-
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    {
-        /*
-         * This sort of belongs into ssl_prepare_serverhello_tlsext(), but we
-         * might be sending an alert in response to the client hello, so this
-         * has to happen here in ssl_check_clienthello_tlsext_early().
-         */
-
-        int r = 1;
-
-        if (s->ctx->tlsext_opaque_prf_input_callback != 0) {
-            r = s->ctx->tlsext_opaque_prf_input_callback(s, NULL, 0,
-                                                         s->
-                                                         ctx->tlsext_opaque_prf_input_callback_arg);
-            if (!r) {
-                ret = SSL_TLSEXT_ERR_ALERT_FATAL;
-                al = SSL_AD_INTERNAL_ERROR;
-                goto err;
-            }
-        }
-
-        if (s->s3->server_opaque_prf_input != NULL) {
-            /* shouldn't really happen */
-            OPENSSL_free(s->s3->server_opaque_prf_input);
-        }
-        s->s3->server_opaque_prf_input = NULL;
-
-        if (s->tlsext_opaque_prf_input != NULL) {
-            if (s->s3->client_opaque_prf_input != NULL &&
-                s->s3->client_opaque_prf_input_len ==
-                s->tlsext_opaque_prf_input_len) {
-                /*
-                 * can only use this extension if we have a server opaque PRF
-                 * input of the same length as the client opaque PRF input!
-                 */
-
-                if (s->tlsext_opaque_prf_input_len == 0) {
-                    /* dummy byte just to get non-NULL */
-                    s->s3->server_opaque_prf_input = OPENSSL_malloc(1);
-                } else {
-                    s->s3->server_opaque_prf_input =
-                        BUF_memdup(s->tlsext_opaque_prf_input,
-                                   s->tlsext_opaque_prf_input_len);
-                }
-                if (s->s3->server_opaque_prf_input == NULL) {
-                    ret = SSL_TLSEXT_ERR_ALERT_FATAL;
-                    al = SSL_AD_INTERNAL_ERROR;
-                    goto err;
-                }
-                s->s3->server_opaque_prf_input_len =
-                    s->tlsext_opaque_prf_input_len;
-            }
-        }
-
-        if (r == 2 && s->s3->server_opaque_prf_input == NULL) {
-            /*
-             * The callback wants to enforce use of the extension, but we
-             * can't do that with the client opaque PRF input; abort the
-             * handshake.
-             */
-            ret = SSL_TLSEXT_ERR_ALERT_FATAL;
-            al = SSL_AD_HANDSHAKE_FAILURE;
-        }
-    }
-
- err:
-# endif
-    switch (ret) {
-    case SSL_TLSEXT_ERR_ALERT_FATAL:
-        ssl3_send_alert(s, SSL3_AL_FATAL, al);
-        return -1;
-
-    case SSL_TLSEXT_ERR_ALERT_WARNING:
-        ssl3_send_alert(s, SSL3_AL_WARNING, al);
-        return 1;
-
-    case SSL_TLSEXT_ERR_NOACK:
-        s->servername_done = 0;
-    default:
-        return 1;
-    }
-}
-
-int tls1_set_server_sigalgs(SSL *s)
-{
-    int al;
-    size_t i;
-    /* Clear any shared sigtnature algorithms */
-    if (s->cert->shared_sigalgs) {
-        OPENSSL_free(s->cert->shared_sigalgs);
-        s->cert->shared_sigalgs = NULL;
-        s->cert->shared_sigalgslen = 0;
-    }
-    /* Clear certificate digests and validity flags */
-    for (i = 0; i < SSL_PKEY_NUM; i++) {
-        s->cert->pkeys[i].digest = NULL;
-        s->cert->pkeys[i].valid_flags = 0;
-    }
-
-    /* If sigalgs received process it. */
-    if (s->cert->peer_sigalgs) {
-        if (!tls1_process_sigalgs(s)) {
-            SSLerr(SSL_F_TLS1_SET_SERVER_SIGALGS, ERR_R_MALLOC_FAILURE);
-            al = SSL_AD_INTERNAL_ERROR;
-            goto err;
-        }
-        /* Fatal error is no shared signature algorithms */
-        if (!s->cert->shared_sigalgs) {
-            SSLerr(SSL_F_TLS1_SET_SERVER_SIGALGS,
-                   SSL_R_NO_SHARED_SIGATURE_ALGORITHMS);
-            al = SSL_AD_ILLEGAL_PARAMETER;
-            goto err;
-        }
-    } else
-        ssl_cert_set_default_md(s->cert);
-    return 1;
- err:
-    ssl3_send_alert(s, SSL3_AL_FATAL, al);
-    return 0;
-}
-
-/*
- * Upon success, returns 1.
- * Upon failure, returns 0 and sets |al| to the appropriate fatal alert.
- */
-int ssl_check_clienthello_tlsext_late(SSL *s, int *al)
-{
-
-    /*
-     * If status request then ask callback what to do. Note: this must be
-     * called after servername callbacks in case the certificate has changed,
-     * and must be called after the cipher has been chosen because this may
-     * influence which certificate is sent
-     */
-    if ((s->tlsext_status_type != -1) && s->ctx && s->ctx->tlsext_status_cb) {
-        int ret;
-        CERT_PKEY *certpkey;
-        certpkey = ssl_get_server_send_pkey(s);
-        /* If no certificate can't return certificate status */
-        if (certpkey != NULL) {
-            /*
-             * Set current certificate to one we will use so SSL_get_certificate
-             * et al can pick it up.
-             */
-            s->cert->key = certpkey;
-            ret = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
-            switch (ret) {
-                /* We don't want to send a status request response */
-            case SSL_TLSEXT_ERR_NOACK:
-                s->tlsext_status_expected = 0;
-                break;
-                /* status request response should be sent */
-            case SSL_TLSEXT_ERR_OK:
-                if (s->tlsext_ocsp_resp)
-                    s->tlsext_status_expected = 1;
-                break;
-                /* something bad happened */
-            case SSL_TLSEXT_ERR_ALERT_FATAL:
-            default:
-                *al = SSL_AD_INTERNAL_ERROR;
-                return 0;
-            }
-        }
-    }
-
-    if (!tls1_alpn_handle_client_hello_late(s, al)) {
-        return 0;
-    }
-
-    return 1;
-}
-
-int ssl_check_serverhello_tlsext(SSL *s)
-{
-    int ret = SSL_TLSEXT_ERR_NOACK;
-    int al = SSL_AD_UNRECOGNIZED_NAME;
-
-# ifndef OPENSSL_NO_EC
-    /*
-     * If we are client and using an elliptic curve cryptography cipher
-     * suite, then if server returns an EC point formats lists extension it
-     * must contain uncompressed.
-     */
-    unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-    unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth;
-    if ((s->tlsext_ecpointformatlist != NULL)
-        && (s->tlsext_ecpointformatlist_length > 0)
-        && (s->session->tlsext_ecpointformatlist != NULL)
-        && (s->session->tlsext_ecpointformatlist_length > 0)
-        && ((alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe))
-            || (alg_a & SSL_aECDSA))) {
-        /* we are using an ECC cipher */
-        size_t i;
-        unsigned char *list;
-        int found_uncompressed = 0;
-        list = s->session->tlsext_ecpointformatlist;
-        for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++) {
-            if (*(list++) == TLSEXT_ECPOINTFORMAT_uncompressed) {
-                found_uncompressed = 1;
-                break;
-            }
-        }
-        if (!found_uncompressed) {
-            SSLerr(SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT,
-                   SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST);
-            return -1;
-        }
-    }
-    ret = SSL_TLSEXT_ERR_OK;
-# endif                         /* OPENSSL_NO_EC */
-
-    if (s->ctx != NULL && s->ctx->tlsext_servername_callback != 0)
-        ret =
-            s->ctx->tlsext_servername_callback(s, &al,
-                                               s->ctx->tlsext_servername_arg);
-    else if (s->initial_ctx != NULL
-             && s->initial_ctx->tlsext_servername_callback != 0)
-        ret =
-            s->initial_ctx->tlsext_servername_callback(s, &al,
-                                                       s->
-                                                       initial_ctx->tlsext_servername_arg);
-
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    if (s->s3->server_opaque_prf_input_len > 0) {
-        /*
-         * This case may indicate that we, as a client, want to insist on
-         * using opaque PRF inputs. So first verify that we really have a
-         * value from the server too.
-         */
-
-        if (s->s3->server_opaque_prf_input == NULL) {
-            ret = SSL_TLSEXT_ERR_ALERT_FATAL;
-            al = SSL_AD_HANDSHAKE_FAILURE;
-        }
-
-        /*
-         * Anytime the server *has* sent an opaque PRF input, we need to
-         * check that we have a client opaque PRF input of the same size.
-         */
-        if (s->s3->client_opaque_prf_input == NULL ||
-            s->s3->client_opaque_prf_input_len !=
-            s->s3->server_opaque_prf_input_len) {
-            ret = SSL_TLSEXT_ERR_ALERT_FATAL;
-            al = SSL_AD_ILLEGAL_PARAMETER;
-        }
-    }
-# endif
-
-    OPENSSL_free(s->tlsext_ocsp_resp);
-    s->tlsext_ocsp_resp = NULL;
-    s->tlsext_ocsp_resplen = -1;
-    /*
-     * If we've requested certificate status and we wont get one tell the
-     * callback
-     */
-    if ((s->tlsext_status_type != -1) && !(s->tlsext_status_expected)
-        && !(s->hit) && s->ctx && s->ctx->tlsext_status_cb) {
-        int r;
-        /*
-         * Call callback with resp == NULL and resplen == -1 so callback
-         * knows there is no response
-         */
-        r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
-        if (r == 0) {
-            al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
-            ret = SSL_TLSEXT_ERR_ALERT_FATAL;
-        }
-        if (r < 0) {
-            al = SSL_AD_INTERNAL_ERROR;
-            ret = SSL_TLSEXT_ERR_ALERT_FATAL;
-        }
-    }
-
-    switch (ret) {
-    case SSL_TLSEXT_ERR_ALERT_FATAL:
-        ssl3_send_alert(s, SSL3_AL_FATAL, al);
-        return -1;
-
-    case SSL_TLSEXT_ERR_ALERT_WARNING:
-        ssl3_send_alert(s, SSL3_AL_WARNING, al);
-        return 1;
-
-    case SSL_TLSEXT_ERR_NOACK:
-        s->servername_done = 0;
-    default:
-        return 1;
-    }
-}
-
-int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
-                                 int n)
-{
-    int al = -1;
-    if (s->version < SSL3_VERSION)
-        return 1;
-    if (ssl_scan_serverhello_tlsext(s, p, d, n, &al) <= 0) {
-        ssl3_send_alert(s, SSL3_AL_FATAL, al);
-        return 0;
-    }
-
-    if (ssl_check_serverhello_tlsext(s) <= 0) {
-        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT, SSL_R_SERVERHELLO_TLSEXT);
-        return 0;
-    }
-    return 1;
-}
-
-/*-
- * Since the server cache lookup is done early on in the processing of the
- * ClientHello, and other operations depend on the result, we need to handle
- * any TLS session ticket extension at the same time.
- *
- *   session_id: points at the session ID in the ClientHello. This code will
- *       read past the end of this in order to parse out the session ticket
- *       extension, if any.
- *   len: the length of the session ID.
- *   limit: a pointer to the first byte after the ClientHello.
- *   ret: (output) on return, if a ticket was decrypted, then this is set to
- *       point to the resulting session.
- *
- * If s->tls_session_secret_cb is set then we are expecting a pre-shared key
- * ciphersuite, in which case we have no use for session tickets and one will
- * never be decrypted, nor will s->tlsext_ticket_expected be set to 1.
- *
- * Returns:
- *   -1: fatal error, either from parsing or decrypting the ticket.
- *    0: no ticket was found (or was ignored, based on settings).
- *    1: a zero length extension was found, indicating that the client supports
- *       session tickets but doesn't currently have one to offer.
- *    2: either s->tls_session_secret_cb was set, or a ticket was offered but
- *       couldn't be decrypted because of a non-fatal error.
- *    3: a ticket was successfully decrypted and *ret was set.
- *
- * Side effects:
- *   Sets s->tlsext_ticket_expected to 1 if the server will have to issue
- *   a new session ticket to the client because the client indicated support
- *   (and s->tls_session_secret_cb is NULL) but the client either doesn't have
- *   a session ticket or we couldn't use the one it gave us, or if
- *   s->ctx->tlsext_ticket_key_cb asked to renew the client's ticket.
- *   Otherwise, s->tlsext_ticket_expected is set to 0.
- */
-int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
-                        const unsigned char *limit, SSL_SESSION **ret)
-{
-    /* Point after session ID in client hello */
-    const unsigned char *p = session_id + len;
-    unsigned short i;
-
-    *ret = NULL;
-    s->tlsext_ticket_expected = 0;
-
-    /*
-     * If tickets disabled behave as if no ticket present to permit stateful
-     * resumption.
-     */
-    if (SSL_get_options(s) & SSL_OP_NO_TICKET)
-        return 0;
-    if ((s->version <= SSL3_VERSION) || !limit)
-        return 0;
-    if (p >= limit)
-        return -1;
-    /* Skip past DTLS cookie */
-    if (SSL_IS_DTLS(s)) {
-        i = *(p++);
-
-        if (limit - p <= i)
-            return -1;
-
-        p += i;
-    }
-    /* Skip past cipher list */
-    n2s(p, i);
-    if (limit - p <= i)
-        return -1;
-    p += i;
-
-    /* Skip past compression algorithm list */
-    i = *(p++);
-    if (limit - p < i)
-        return -1;
-    p += i;
-
-    /* Now at start of extensions */
-    if (limit - p <= 2)
-        return 0;
-    n2s(p, i);
-    while (limit - p >= 4) {
-        unsigned short type, size;
-        n2s(p, type);
-        n2s(p, size);
-        if (limit - p < size)
-            return 0;
-        if (type == TLSEXT_TYPE_session_ticket) {
-            int r;
-            if (size == 0) {
-                /*
-                 * The client will accept a ticket but doesn't currently have
-                 * one.
-                 */
-                s->tlsext_ticket_expected = 1;
-                return 1;
-            }
-            if (s->tls_session_secret_cb) {
-                /*
-                 * Indicate that the ticket couldn't be decrypted rather than
-                 * generating the session from ticket now, trigger
-                 * abbreviated handshake based on external mechanism to
-                 * calculate the master secret later.
-                 */
-                return 2;
-            }
-            r = tls_decrypt_ticket(s, p, size, session_id, len, ret);
-            switch (r) {
-            case 2:            /* ticket couldn't be decrypted */
-                s->tlsext_ticket_expected = 1;
-                return 2;
-            case 3:            /* ticket was decrypted */
-                return r;
-            case 4:            /* ticket decrypted but need to renew */
-                s->tlsext_ticket_expected = 1;
-                return 3;
-            default:           /* fatal error */
-                return -1;
-            }
-        }
-        p += size;
-    }
-    return 0;
-}
-
-/*-
- * tls_decrypt_ticket attempts to decrypt a session ticket.
- *
- *   etick: points to the body of the session ticket extension.
- *   eticklen: the length of the session tickets extenion.
- *   sess_id: points at the session ID.
- *   sesslen: the length of the session ID.
- *   psess: (output) on return, if a ticket was decrypted, then this is set to
- *       point to the resulting session.
- *
- * Returns:
- *   -1: fatal error, either from parsing or decrypting the ticket.
- *    2: the ticket couldn't be decrypted.
- *    3: a ticket was successfully decrypted and *psess was set.
- *    4: same as 3, but the ticket needs to be renewed.
- */
-static int tls_decrypt_ticket(SSL *s, const unsigned char *etick,
-                              int eticklen, const unsigned char *sess_id,
-                              int sesslen, SSL_SESSION **psess)
-{
-    SSL_SESSION *sess;
-    unsigned char *sdec;
-    const unsigned char *p;
-    int slen, mlen, renew_ticket = 0;
-    unsigned char tick_hmac[EVP_MAX_MD_SIZE];
-    HMAC_CTX hctx;
-    EVP_CIPHER_CTX ctx;
-    SSL_CTX *tctx = s->initial_ctx;
-
-    /* Initialize session ticket encryption and HMAC contexts */
-    HMAC_CTX_init(&hctx);
-    EVP_CIPHER_CTX_init(&ctx);
-    if (tctx->tlsext_ticket_key_cb) {
-        unsigned char *nctick = (unsigned char *)etick;
-        int rv = tctx->tlsext_ticket_key_cb(s, nctick, nctick + 16,
-                                            &ctx, &hctx, 0);
-        if (rv < 0)
-            return -1;
-        if (rv == 0)
-            return 2;
-        if (rv == 2)
-            renew_ticket = 1;
-    } else {
-        /* Check key name matches */
-        if (memcmp(etick, tctx->tlsext_tick_key_name, 16))
-            return 2;
-        if (HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
-                         tlsext_tick_md(), NULL) <= 0
-                || EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
-                                      tctx->tlsext_tick_aes_key,
-                                      etick + 16) <= 0) {
-            goto err;
-       }
-    }
-    /*
-     * Attempt to process session ticket, first conduct sanity and integrity
-     * checks on ticket.
-     */
-    mlen = HMAC_size(&hctx);
-    if (mlen < 0) {
-        goto err;
-    }
-    /* Sanity check ticket length: must exceed keyname + IV + HMAC */
-    if (eticklen <= 16 + EVP_CIPHER_CTX_iv_length(&ctx) + mlen) {
-        HMAC_CTX_cleanup(&hctx);
-        EVP_CIPHER_CTX_cleanup(&ctx);
-        return 2;
-    }
-
-    eticklen -= mlen;
-    /* Check HMAC of encrypted ticket */
-    if (HMAC_Update(&hctx, etick, eticklen) <= 0
-            || HMAC_Final(&hctx, tick_hmac, NULL) <= 0) {
-        goto err;
-    }
-    HMAC_CTX_cleanup(&hctx);
-    if (CRYPTO_memcmp(tick_hmac, etick + eticklen, mlen)) {
-        EVP_CIPHER_CTX_cleanup(&ctx);
-        return 2;
-    }
-    /* Attempt to decrypt session data */
-    /* Move p after IV to start of encrypted ticket, update length */
-    p = etick + 16 + EVP_CIPHER_CTX_iv_length(&ctx);
-    eticklen -= 16 + EVP_CIPHER_CTX_iv_length(&ctx);
-    sdec = OPENSSL_malloc(eticklen);
-    if (sdec == NULL
-            || EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen) <= 0) {
-        EVP_CIPHER_CTX_cleanup(&ctx);
-        OPENSSL_free(sdec);
-        return -1;
-    }
-    if (EVP_DecryptFinal(&ctx, sdec + slen, &mlen) <= 0) {
-        EVP_CIPHER_CTX_cleanup(&ctx);
-        OPENSSL_free(sdec);
-        return 2;
-    }
-    slen += mlen;
-    EVP_CIPHER_CTX_cleanup(&ctx);
-    p = sdec;
-
-    sess = d2i_SSL_SESSION(NULL, &p, slen);
-    slen -= p - sdec;
-    OPENSSL_free(sdec);
-    if (sess) {
-        /* Some additional consistency checks */
-        if (slen != 0 || sess->session_id_length != 0) {
-            SSL_SESSION_free(sess);
-            return 2;
-        }
-        /*
-         * The session ID, if non-empty, is used by some clients to detect
-         * that the ticket has been accepted. So we copy it to the session
-         * structure. If it is empty set length to zero as required by
-         * standard.
-         */
-        if (sesslen)
-            memcpy(sess->session_id, sess_id, sesslen);
-        sess->session_id_length = sesslen;
-        *psess = sess;
-        if (renew_ticket)
-            return 4;
-        else
-            return 3;
-    }
-    ERR_clear_error();
-    /*
-     * For session parse failure, indicate that we need to send a new ticket.
-     */
-    return 2;
-err:
-    EVP_CIPHER_CTX_cleanup(&ctx);
-    HMAC_CTX_cleanup(&hctx);
-    return -1;
-}
-
-/* Tables to translate from NIDs to TLS v1.2 ids */
-
-typedef struct {
-    int nid;
-    int id;
-} tls12_lookup;
-
-static tls12_lookup tls12_md[] = {
-    {NID_md5, TLSEXT_hash_md5},
-    {NID_sha1, TLSEXT_hash_sha1},
-    {NID_sha224, TLSEXT_hash_sha224},
-    {NID_sha256, TLSEXT_hash_sha256},
-    {NID_sha384, TLSEXT_hash_sha384},
-    {NID_sha512, TLSEXT_hash_sha512}
-};
-
-static tls12_lookup tls12_sig[] = {
-    {EVP_PKEY_RSA, TLSEXT_signature_rsa},
-    {EVP_PKEY_DSA, TLSEXT_signature_dsa},
-    {EVP_PKEY_EC, TLSEXT_signature_ecdsa}
-};
-
-static int tls12_find_id(int nid, tls12_lookup *table, size_t tlen)
-{
-    size_t i;
-    for (i = 0; i < tlen; i++) {
-        if (table[i].nid == nid)
-            return table[i].id;
-    }
-    return -1;
-}
-
-static int tls12_find_nid(int id, tls12_lookup *table, size_t tlen)
-{
-    size_t i;
-    for (i = 0; i < tlen; i++) {
-        if ((table[i].id) == id)
-            return table[i].nid;
-    }
-    return NID_undef;
-}
-
-int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk,
-                         const EVP_MD *md)
-{
-    int sig_id, md_id;
-    if (!md)
-        return 0;
-    md_id = tls12_find_id(EVP_MD_type(md), tls12_md,
-                          sizeof(tls12_md) / sizeof(tls12_lookup));
-    if (md_id == -1)
-        return 0;
-    sig_id = tls12_get_sigid(pk);
-    if (sig_id == -1)
-        return 0;
-    p[0] = (unsigned char)md_id;
-    p[1] = (unsigned char)sig_id;
-    return 1;
-}
-
-int tls12_get_sigid(const EVP_PKEY *pk)
-{
-    return tls12_find_id(pk->type, tls12_sig,
-                         sizeof(tls12_sig) / sizeof(tls12_lookup));
-}
-
-const EVP_MD *tls12_get_hash(unsigned char hash_alg)
-{
-    switch (hash_alg) {
-# ifndef OPENSSL_NO_MD5
-    case TLSEXT_hash_md5:
-#  ifdef OPENSSL_FIPS
-        if (FIPS_mode())
-            return NULL;
-#  endif
-        return EVP_md5();
-# endif
-# ifndef OPENSSL_NO_SHA
-    case TLSEXT_hash_sha1:
-        return EVP_sha1();
-# endif
-# ifndef OPENSSL_NO_SHA256
-    case TLSEXT_hash_sha224:
-        return EVP_sha224();
-
-    case TLSEXT_hash_sha256:
-        return EVP_sha256();
-# endif
-# ifndef OPENSSL_NO_SHA512
-    case TLSEXT_hash_sha384:
-        return EVP_sha384();
-
-    case TLSEXT_hash_sha512:
-        return EVP_sha512();
-# endif
-    default:
-        return NULL;
-
-    }
-}
-
-static int tls12_get_pkey_idx(unsigned char sig_alg)
-{
-    switch (sig_alg) {
-# ifndef OPENSSL_NO_RSA
-    case TLSEXT_signature_rsa:
-        return SSL_PKEY_RSA_SIGN;
-# endif
-# ifndef OPENSSL_NO_DSA
-    case TLSEXT_signature_dsa:
-        return SSL_PKEY_DSA_SIGN;
-# endif
-# ifndef OPENSSL_NO_ECDSA
-    case TLSEXT_signature_ecdsa:
-        return SSL_PKEY_ECC;
-# endif
-    }
-    return -1;
-}
-
-/* Convert TLS 1.2 signature algorithm extension values into NIDs */
-static void tls1_lookup_sigalg(int *phash_nid, int *psign_nid,
-                               int *psignhash_nid, const unsigned char *data)
-{
-    int sign_nid = NID_undef, hash_nid = NID_undef;
-    if (!phash_nid && !psign_nid && !psignhash_nid)
-        return;
-    if (phash_nid || psignhash_nid) {
-        hash_nid = tls12_find_nid(data[0], tls12_md,
-                                  sizeof(tls12_md) / sizeof(tls12_lookup));
-        if (phash_nid)
-            *phash_nid = hash_nid;
-    }
-    if (psign_nid || psignhash_nid) {
-        sign_nid = tls12_find_nid(data[1], tls12_sig,
-                                  sizeof(tls12_sig) / sizeof(tls12_lookup));
-        if (psign_nid)
-            *psign_nid = sign_nid;
-    }
-    if (psignhash_nid) {
-        if (sign_nid == NID_undef || hash_nid == NID_undef
-                || OBJ_find_sigid_by_algs(psignhash_nid, hash_nid,
-                                          sign_nid) <= 0)
-            *psignhash_nid = NID_undef;
-    }
-}
-
-/* Given preference and allowed sigalgs set shared sigalgs */
-static int tls12_do_shared_sigalgs(TLS_SIGALGS *shsig,
-                                   const unsigned char *pref, size_t preflen,
-                                   const unsigned char *allow,
-                                   size_t allowlen)
-{
-    const unsigned char *ptmp, *atmp;
-    size_t i, j, nmatch = 0;
-    for (i = 0, ptmp = pref; i < preflen; i += 2, ptmp += 2) {
-        /* Skip disabled hashes or signature algorithms */
-        if (tls12_get_hash(ptmp[0]) == NULL)
-            continue;
-        if (tls12_get_pkey_idx(ptmp[1]) == -1)
-            continue;
-        for (j = 0, atmp = allow; j < allowlen; j += 2, atmp += 2) {
-            if (ptmp[0] == atmp[0] && ptmp[1] == atmp[1]) {
-                nmatch++;
-                if (shsig) {
-                    shsig->rhash = ptmp[0];
-                    shsig->rsign = ptmp[1];
-                    tls1_lookup_sigalg(&shsig->hash_nid,
-                                       &shsig->sign_nid,
-                                       &shsig->signandhash_nid, ptmp);
-                    shsig++;
-                }
-                break;
-            }
-        }
-    }
-    return nmatch;
-}
-
-/* Set shared signature algorithms for SSL structures */
-static int tls1_set_shared_sigalgs(SSL *s)
-{
-    const unsigned char *pref, *allow, *conf;
-    size_t preflen, allowlen, conflen;
-    size_t nmatch;
-    TLS_SIGALGS *salgs = NULL;
-    CERT *c = s->cert;
-    unsigned int is_suiteb = tls1_suiteb(s);
-    if (c->shared_sigalgs) {
-        OPENSSL_free(c->shared_sigalgs);
-        c->shared_sigalgs = NULL;
-        c->shared_sigalgslen = 0;
-    }
-    /* If client use client signature algorithms if not NULL */
-    if (!s->server && c->client_sigalgs && !is_suiteb) {
-        conf = c->client_sigalgs;
-        conflen = c->client_sigalgslen;
-    } else if (c->conf_sigalgs && !is_suiteb) {
-        conf = c->conf_sigalgs;
-        conflen = c->conf_sigalgslen;
-    } else
-        conflen = tls12_get_psigalgs(s, 0, &conf);
-    if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || is_suiteb) {
-        pref = conf;
-        preflen = conflen;
-        allow = c->peer_sigalgs;
-        allowlen = c->peer_sigalgslen;
-    } else {
-        allow = conf;
-        allowlen = conflen;
-        pref = c->peer_sigalgs;
-        preflen = c->peer_sigalgslen;
-    }
-    nmatch = tls12_do_shared_sigalgs(NULL, pref, preflen, allow, allowlen);
-    if (nmatch) {
-        salgs = OPENSSL_malloc(nmatch * sizeof(TLS_SIGALGS));
-        if (!salgs)
-            return 0;
-        nmatch = tls12_do_shared_sigalgs(salgs, pref, preflen, allow, allowlen);
-    } else {
-        salgs = NULL;
-    }
-    c->shared_sigalgs = salgs;
-    c->shared_sigalgslen = nmatch;
-    return 1;
-}
-
-/* Set preferred digest for each key type */
-
-int tls1_save_sigalgs(SSL *s, const unsigned char *data, int dsize)
-{
-    CERT *c = s->cert;
-    /* Extension ignored for inappropriate versions */
-    if (!SSL_USE_SIGALGS(s))
-        return 1;
-    /* Should never happen */
-    if (!c)
-        return 0;
-
-    if (c->peer_sigalgs)
-        OPENSSL_free(c->peer_sigalgs);
-    c->peer_sigalgs = OPENSSL_malloc(dsize);
-    if (!c->peer_sigalgs)
-        return 0;
-    c->peer_sigalgslen = dsize;
-    memcpy(c->peer_sigalgs, data, dsize);
-    return 1;
-}
-
-int tls1_process_sigalgs(SSL *s)
-{
-    int idx;
-    size_t i;
-    const EVP_MD *md;
-    CERT *c = s->cert;
-    TLS_SIGALGS *sigptr;
-    if (!tls1_set_shared_sigalgs(s))
-        return 0;
-
-# ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
-    if (s->cert->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL) {
-        /*
-         * Use first set signature preference to force message digest,
-         * ignoring any peer preferences.
-         */
-        const unsigned char *sigs = NULL;
-        if (s->server)
-            sigs = c->conf_sigalgs;
-        else
-            sigs = c->client_sigalgs;
-        if (sigs) {
-            idx = tls12_get_pkey_idx(sigs[1]);
-            md = tls12_get_hash(sigs[0]);
-            c->pkeys[idx].digest = md;
-            c->pkeys[idx].valid_flags = CERT_PKEY_EXPLICIT_SIGN;
-            if (idx == SSL_PKEY_RSA_SIGN) {
-                c->pkeys[SSL_PKEY_RSA_ENC].valid_flags =
-                    CERT_PKEY_EXPLICIT_SIGN;
-                c->pkeys[SSL_PKEY_RSA_ENC].digest = md;
-            }
-        }
-    }
-# endif
-
-    for (i = 0, sigptr = c->shared_sigalgs;
-         i < c->shared_sigalgslen; i++, sigptr++) {
-        idx = tls12_get_pkey_idx(sigptr->rsign);
-        if (idx > 0 && c->pkeys[idx].digest == NULL) {
-            md = tls12_get_hash(sigptr->rhash);
-            c->pkeys[idx].digest = md;
-            c->pkeys[idx].valid_flags = CERT_PKEY_EXPLICIT_SIGN;
-            if (idx == SSL_PKEY_RSA_SIGN) {
-                c->pkeys[SSL_PKEY_RSA_ENC].valid_flags =
-                    CERT_PKEY_EXPLICIT_SIGN;
-                c->pkeys[SSL_PKEY_RSA_ENC].digest = md;
-            }
-        }
-
-    }
-    /*
-     * In strict mode leave unset digests as NULL to indicate we can't use
-     * the certificate for signing.
-     */
-    if (!(s->cert->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT)) {
-        /*
-         * Set any remaining keys to default values. NOTE: if alg is not
-         * supported it stays as NULL.
-         */
-# ifndef OPENSSL_NO_DSA
-        if (!c->pkeys[SSL_PKEY_DSA_SIGN].digest)
-            c->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_sha1();
-# endif
-# ifndef OPENSSL_NO_RSA
-        if (!c->pkeys[SSL_PKEY_RSA_SIGN].digest) {
-            c->pkeys[SSL_PKEY_RSA_SIGN].digest = EVP_sha1();
-            c->pkeys[SSL_PKEY_RSA_ENC].digest = EVP_sha1();
-        }
-# endif
-# ifndef OPENSSL_NO_ECDSA
-        if (!c->pkeys[SSL_PKEY_ECC].digest)
-            c->pkeys[SSL_PKEY_ECC].digest = EVP_sha1();
-# endif
-    }
-    return 1;
-}
-
-int SSL_get_sigalgs(SSL *s, int idx,
-                    int *psign, int *phash, int *psignhash,
-                    unsigned char *rsig, unsigned char *rhash)
-{
-    const unsigned char *psig = s->cert->peer_sigalgs;
-    if (psig == NULL)
-        return 0;
-    if (idx >= 0) {
-        idx <<= 1;
-        if (idx >= (int)s->cert->peer_sigalgslen)
-            return 0;
-        psig += idx;
-        if (rhash)
-            *rhash = psig[0];
-        if (rsig)
-            *rsig = psig[1];
-        tls1_lookup_sigalg(phash, psign, psignhash, psig);
-    }
-    return s->cert->peer_sigalgslen / 2;
-}
-
-int SSL_get_shared_sigalgs(SSL *s, int idx,
-                           int *psign, int *phash, int *psignhash,
-                           unsigned char *rsig, unsigned char *rhash)
-{
-    TLS_SIGALGS *shsigalgs = s->cert->shared_sigalgs;
-    if (!shsigalgs || idx >= (int)s->cert->shared_sigalgslen)
-        return 0;
-    shsigalgs += idx;
-    if (phash)
-        *phash = shsigalgs->hash_nid;
-    if (psign)
-        *psign = shsigalgs->sign_nid;
-    if (psignhash)
-        *psignhash = shsigalgs->signandhash_nid;
-    if (rsig)
-        *rsig = shsigalgs->rsign;
-    if (rhash)
-        *rhash = shsigalgs->rhash;
-    return s->cert->shared_sigalgslen;
-}
-
-# ifndef OPENSSL_NO_HEARTBEATS
-int tls1_process_heartbeat(SSL *s)
-{
-    unsigned char *p = &s->s3->rrec.data[0], *pl;
-    unsigned short hbtype;
-    unsigned int payload;
-    unsigned int padding = 16;  /* Use minimum padding */
-
-    if (s->msg_callback)
-        s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
-                        &s->s3->rrec.data[0], s->s3->rrec.length,
-                        s, s->msg_callback_arg);
-
-    /* Read type and payload length first */
-    if (1 + 2 + 16 > s->s3->rrec.length)
-        return 0;               /* silently discard */
-    hbtype = *p++;
-    n2s(p, payload);
-    if (1 + 2 + payload + 16 > s->s3->rrec.length)
-        return 0;               /* silently discard per RFC 6520 sec. 4 */
-    pl = p;
-
-    if (hbtype == TLS1_HB_REQUEST) {
-        unsigned char *buffer, *bp;
-        int r;
-
-        /*
-         * Allocate memory for the response, size is 1 bytes message type,
-         * plus 2 bytes payload length, plus payload, plus padding
-         */
-        buffer = OPENSSL_malloc(1 + 2 + payload + padding);
-        if (buffer == NULL)
-            return -1;
-        bp = buffer;
-
-        /* Enter response type, length and copy payload */
-        *bp++ = TLS1_HB_RESPONSE;
-        s2n(payload, bp);
-        memcpy(bp, pl, payload);
-        bp += payload;
-        /* Random padding */
-        if (RAND_bytes(bp, padding) <= 0) {
-            OPENSSL_free(buffer);
-            return -1;
-        }
-
-        r = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buffer,
-                             3 + payload + padding);
-
-        if (r >= 0 && s->msg_callback)
-            s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
-                            buffer, 3 + payload + padding,
-                            s, s->msg_callback_arg);
-
-        OPENSSL_free(buffer);
-
-        if (r < 0)
-            return r;
-    } else if (hbtype == TLS1_HB_RESPONSE) {
-        unsigned int seq;
-
-        /*
-         * We only send sequence numbers (2 bytes unsigned int), and 16
-         * random bytes, so we just try to read the sequence number
-         */
-        n2s(pl, seq);
-
-        if (payload == 18 && seq == s->tlsext_hb_seq) {
-            s->tlsext_hb_seq++;
-            s->tlsext_hb_pending = 0;
-        }
-    }
-
-    return 0;
-}
-
-int tls1_heartbeat(SSL *s)
-{
-    unsigned char *buf, *p;
-    int ret = -1;
-    unsigned int payload = 18;  /* Sequence number + random bytes */
-    unsigned int padding = 16;  /* Use minimum padding */
-
-    /* Only send if peer supports and accepts HB requests... */
-    if (!(s->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED) ||
-        s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS) {
-        SSLerr(SSL_F_TLS1_HEARTBEAT, SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT);
-        return -1;
-    }
-
-    /* ...and there is none in flight yet... */
-    if (s->tlsext_hb_pending) {
-        SSLerr(SSL_F_TLS1_HEARTBEAT, SSL_R_TLS_HEARTBEAT_PENDING);
-        return -1;
-    }
-
-    /* ...and no handshake in progress. */
-    if (SSL_in_init(s) || s->in_handshake) {
-        SSLerr(SSL_F_TLS1_HEARTBEAT, SSL_R_UNEXPECTED_MESSAGE);
-        return -1;
-    }
-
-    /*
-     * Check if padding is too long, payload and padding must not exceed 2^14
-     * - 3 = 16381 bytes in total.
-     */
-    OPENSSL_assert(payload + padding <= 16381);
-
-    /*-
-     * Create HeartBeat message, we just use a sequence number
-     * as payload to distuingish different messages and add
-     * some random stuff.
-     *  - Message Type, 1 byte
-     *  - Payload Length, 2 bytes (unsigned int)
-     *  - Payload, the sequence number (2 bytes uint)
-     *  - Payload, random bytes (16 bytes uint)
-     *  - Padding
-     */
-    buf = OPENSSL_malloc(1 + 2 + payload + padding);
-    if (buf == NULL)
-        return -1;
-    p = buf;
-    /* Message Type */
-    *p++ = TLS1_HB_REQUEST;
-    /* Payload length (18 bytes here) */
-    s2n(payload, p);
-    /* Sequence number */
-    s2n(s->tlsext_hb_seq, p);
-    /* 16 random bytes */
-    if (RAND_bytes(p, 16) <= 0) {
-        SSLerr(SSL_F_TLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-    p += 16;
-    /* Random padding */
-    if (RAND_bytes(p, padding) <= 0) {
-        SSLerr(SSL_F_TLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-
-    ret = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding);
-    if (ret >= 0) {
-        if (s->msg_callback)
-            s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
-                            buf, 3 + payload + padding,
-                            s, s->msg_callback_arg);
-
-        s->tlsext_hb_pending = 1;
-    }
-
-err:
-    OPENSSL_free(buf);
-
-    return ret;
-}
-# endif
-
-# define MAX_SIGALGLEN   (TLSEXT_hash_num * TLSEXT_signature_num * 2)
-
-typedef struct {
-    size_t sigalgcnt;
-    int sigalgs[MAX_SIGALGLEN];
-} sig_cb_st;
-
-static int sig_cb(const char *elem, int len, void *arg)
-{
-    sig_cb_st *sarg = arg;
-    size_t i;
-    char etmp[20], *p;
-    int sig_alg, hash_alg;
-    if (elem == NULL)
-        return 0;
-    if (sarg->sigalgcnt == MAX_SIGALGLEN)
-        return 0;
-    if (len > (int)(sizeof(etmp) - 1))
-        return 0;
-    memcpy(etmp, elem, len);
-    etmp[len] = 0;
-    p = strchr(etmp, '+');
-    if (!p)
-        return 0;
-    *p = 0;
-    p++;
-    if (!*p)
-        return 0;
-
-    if (!strcmp(etmp, "RSA"))
-        sig_alg = EVP_PKEY_RSA;
-    else if (!strcmp(etmp, "DSA"))
-        sig_alg = EVP_PKEY_DSA;
-    else if (!strcmp(etmp, "ECDSA"))
-        sig_alg = EVP_PKEY_EC;
-    else
-        return 0;
-
-    hash_alg = OBJ_sn2nid(p);
-    if (hash_alg == NID_undef)
-        hash_alg = OBJ_ln2nid(p);
-    if (hash_alg == NID_undef)
-        return 0;
-
-    for (i = 0; i < sarg->sigalgcnt; i += 2) {
-        if (sarg->sigalgs[i] == sig_alg && sarg->sigalgs[i + 1] == hash_alg)
-            return 0;
-    }
-    sarg->sigalgs[sarg->sigalgcnt++] = hash_alg;
-    sarg->sigalgs[sarg->sigalgcnt++] = sig_alg;
-    return 1;
-}
-
-/*
- * Set suppored signature algorithms based on a colon separated list of the
- * form sig+hash e.g. RSA+SHA512:DSA+SHA512
- */
-int tls1_set_sigalgs_list(CERT *c, const char *str, int client)
-{
-    sig_cb_st sig;
-    sig.sigalgcnt = 0;
-    if (!CONF_parse_list(str, ':', 1, sig_cb, &sig))
-        return 0;
-    if (c == NULL)
-        return 1;
-    return tls1_set_sigalgs(c, sig.sigalgs, sig.sigalgcnt, client);
-}
-
-int tls1_set_sigalgs(CERT *c, const int *psig_nids, size_t salglen,
-                     int client)
-{
-    unsigned char *sigalgs, *sptr;
-    int rhash, rsign;
-    size_t i;
-    if (salglen & 1)
-        return 0;
-    sigalgs = OPENSSL_malloc(salglen);
-    if (sigalgs == NULL)
-        return 0;
-    for (i = 0, sptr = sigalgs; i < salglen; i += 2) {
-        rhash = tls12_find_id(*psig_nids++, tls12_md,
-                              sizeof(tls12_md) / sizeof(tls12_lookup));
-        rsign = tls12_find_id(*psig_nids++, tls12_sig,
-                              sizeof(tls12_sig) / sizeof(tls12_lookup));
-
-        if (rhash == -1 || rsign == -1)
-            goto err;
-        *sptr++ = rhash;
-        *sptr++ = rsign;
-    }
-
-    if (client) {
-        if (c->client_sigalgs)
-            OPENSSL_free(c->client_sigalgs);
-        c->client_sigalgs = sigalgs;
-        c->client_sigalgslen = salglen;
-    } else {
-        if (c->conf_sigalgs)
-            OPENSSL_free(c->conf_sigalgs);
-        c->conf_sigalgs = sigalgs;
-        c->conf_sigalgslen = salglen;
-    }
-
-    return 1;
-
- err:
-    OPENSSL_free(sigalgs);
-    return 0;
-}
-
-static int tls1_check_sig_alg(CERT *c, X509 *x, int default_nid)
-{
-    int sig_nid;
-    size_t i;
-    if (default_nid == -1)
-        return 1;
-    sig_nid = X509_get_signature_nid(x);
-    if (default_nid)
-        return sig_nid == default_nid ? 1 : 0;
-    for (i = 0; i < c->shared_sigalgslen; i++)
-        if (sig_nid == c->shared_sigalgs[i].signandhash_nid)
-            return 1;
-    return 0;
-}
-
-/* Check to see if a certificate issuer name matches list of CA names */
-static int ssl_check_ca_name(STACK_OF(X509_NAME) *names, X509 *x)
-{
-    X509_NAME *nm;
-    int i;
-    nm = X509_get_issuer_name(x);
-    for (i = 0; i < sk_X509_NAME_num(names); i++) {
-        if (!X509_NAME_cmp(nm, sk_X509_NAME_value(names, i)))
-            return 1;
-    }
-    return 0;
-}
-
-/*
- * Check certificate chain is consistent with TLS extensions and is usable by
- * server. This servers two purposes: it allows users to check chains before
- * passing them to the server and it allows the server to check chains before
- * attempting to use them.
- */
-
-/* Flags which need to be set for a certificate when stict mode not set */
-
-# define CERT_PKEY_VALID_FLAGS \
-        (CERT_PKEY_EE_SIGNATURE|CERT_PKEY_EE_PARAM)
-/* Strict mode flags */
-# define CERT_PKEY_STRICT_FLAGS \
-         (CERT_PKEY_VALID_FLAGS|CERT_PKEY_CA_SIGNATURE|CERT_PKEY_CA_PARAM \
-         | CERT_PKEY_ISSUER_NAME|CERT_PKEY_CERT_TYPE)
-
-int tls1_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain,
-                     int idx)
-{
-    int i;
-    int rv = 0;
-    int check_flags = 0, strict_mode;
-    CERT_PKEY *cpk = NULL;
-    CERT *c = s->cert;
-    unsigned int suiteb_flags = tls1_suiteb(s);
-    /* idx == -1 means checking server chains */
-    if (idx != -1) {
-        /* idx == -2 means checking client certificate chains */
-        if (idx == -2) {
-            cpk = c->key;
-            idx = cpk - c->pkeys;
-        } else
-            cpk = c->pkeys + idx;
-        x = cpk->x509;
-        pk = cpk->privatekey;
-        chain = cpk->chain;
-        strict_mode = c->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT;
-        /* If no cert or key, forget it */
-        if (!x || !pk)
-            goto end;
-# ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
-        /* Allow any certificate to pass test */
-        if (s->cert->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL) {
-            rv = CERT_PKEY_STRICT_FLAGS | CERT_PKEY_EXPLICIT_SIGN |
-                CERT_PKEY_VALID | CERT_PKEY_SIGN;
-            cpk->valid_flags = rv;
-            return rv;
-        }
-# endif
-    } else {
-        if (!x || !pk)
-            return 0;
-        idx = ssl_cert_type(x, pk);
-        if (idx == -1)
-            return 0;
-        cpk = c->pkeys + idx;
-        if (c->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT)
-            check_flags = CERT_PKEY_STRICT_FLAGS;
-        else
-            check_flags = CERT_PKEY_VALID_FLAGS;
-        strict_mode = 1;
-    }
-
-    if (suiteb_flags) {
-        int ok;
-        if (check_flags)
-            check_flags |= CERT_PKEY_SUITEB;
-        ok = X509_chain_check_suiteb(NULL, x, chain, suiteb_flags);
-        if (ok == X509_V_OK)
-            rv |= CERT_PKEY_SUITEB;
-        else if (!check_flags)
-            goto end;
-    }
-
-    /*
-     * Check all signature algorithms are consistent with signature
-     * algorithms extension if TLS 1.2 or later and strict mode.
-     */
-    if (TLS1_get_version(s) >= TLS1_2_VERSION && strict_mode) {
-        int default_nid;
-        unsigned char rsign = 0;
-        if (c->peer_sigalgs)
-            default_nid = 0;
-        /* If no sigalgs extension use defaults from RFC5246 */
-        else {
-            switch (idx) {
-            case SSL_PKEY_RSA_ENC:
-            case SSL_PKEY_RSA_SIGN:
-            case SSL_PKEY_DH_RSA:
-                rsign = TLSEXT_signature_rsa;
-                default_nid = NID_sha1WithRSAEncryption;
-                break;
-
-            case SSL_PKEY_DSA_SIGN:
-            case SSL_PKEY_DH_DSA:
-                rsign = TLSEXT_signature_dsa;
-                default_nid = NID_dsaWithSHA1;
-                break;
-
-            case SSL_PKEY_ECC:
-                rsign = TLSEXT_signature_ecdsa;
-                default_nid = NID_ecdsa_with_SHA1;
-                break;
-
-            default:
-                default_nid = -1;
-                break;
-            }
-        }
-        /*
-         * If peer sent no signature algorithms extension and we have set
-         * preferred signature algorithms check we support sha1.
-         */
-        if (default_nid > 0 && c->conf_sigalgs) {
-            size_t j;
-            const unsigned char *p = c->conf_sigalgs;
-            for (j = 0; j < c->conf_sigalgslen; j += 2, p += 2) {
-                if (p[0] == TLSEXT_hash_sha1 && p[1] == rsign)
-                    break;
-            }
-            if (j == c->conf_sigalgslen) {
-                if (check_flags)
-                    goto skip_sigs;
-                else
-                    goto end;
-            }
-        }
-        /* Check signature algorithm of each cert in chain */
-        if (!tls1_check_sig_alg(c, x, default_nid)) {
-            if (!check_flags)
-                goto end;
-        } else
-            rv |= CERT_PKEY_EE_SIGNATURE;
-        rv |= CERT_PKEY_CA_SIGNATURE;
-        for (i = 0; i < sk_X509_num(chain); i++) {
-            if (!tls1_check_sig_alg(c, sk_X509_value(chain, i), default_nid)) {
-                if (check_flags) {
-                    rv &= ~CERT_PKEY_CA_SIGNATURE;
-                    break;
-                } else
-                    goto end;
-            }
-        }
-    }
-    /* Else not TLS 1.2, so mark EE and CA signing algorithms OK */
-    else if (check_flags)
-        rv |= CERT_PKEY_EE_SIGNATURE | CERT_PKEY_CA_SIGNATURE;
- skip_sigs:
-    /* Check cert parameters are consistent */
-    if (tls1_check_cert_param(s, x, check_flags ? 1 : 2))
-        rv |= CERT_PKEY_EE_PARAM;
-    else if (!check_flags)
-        goto end;
-    if (!s->server)
-        rv |= CERT_PKEY_CA_PARAM;
-    /* In strict mode check rest of chain too */
-    else if (strict_mode) {
-        rv |= CERT_PKEY_CA_PARAM;
-        for (i = 0; i < sk_X509_num(chain); i++) {
-            X509 *ca = sk_X509_value(chain, i);
-            if (!tls1_check_cert_param(s, ca, 0)) {
-                if (check_flags) {
-                    rv &= ~CERT_PKEY_CA_PARAM;
-                    break;
-                } else
-                    goto end;
-            }
-        }
-    }
-    if (!s->server && strict_mode) {
-        STACK_OF(X509_NAME) *ca_dn;
-        int check_type = 0;
-        switch (pk->type) {
-        case EVP_PKEY_RSA:
-            check_type = TLS_CT_RSA_SIGN;
-            break;
-        case EVP_PKEY_DSA:
-            check_type = TLS_CT_DSS_SIGN;
-            break;
-        case EVP_PKEY_EC:
-            check_type = TLS_CT_ECDSA_SIGN;
-            break;
-        case EVP_PKEY_DH:
-        case EVP_PKEY_DHX:
-            {
-                int cert_type = X509_certificate_type(x, pk);
-                if (cert_type & EVP_PKS_RSA)
-                    check_type = TLS_CT_RSA_FIXED_DH;
-                if (cert_type & EVP_PKS_DSA)
-                    check_type = TLS_CT_DSS_FIXED_DH;
-            }
-        }
-        if (check_type) {
-            const unsigned char *ctypes;
-            int ctypelen;
-            if (c->ctypes) {
-                ctypes = c->ctypes;
-                ctypelen = (int)c->ctype_num;
-            } else {
-                ctypes = (unsigned char *)s->s3->tmp.ctype;
-                ctypelen = s->s3->tmp.ctype_num;
-            }
-            for (i = 0; i < ctypelen; i++) {
-                if (ctypes[i] == check_type) {
-                    rv |= CERT_PKEY_CERT_TYPE;
-                    break;
-                }
-            }
-            if (!(rv & CERT_PKEY_CERT_TYPE) && !check_flags)
-                goto end;
-        } else
-            rv |= CERT_PKEY_CERT_TYPE;
-
-        ca_dn = s->s3->tmp.ca_names;
-
-        if (!sk_X509_NAME_num(ca_dn))
-            rv |= CERT_PKEY_ISSUER_NAME;
-
-        if (!(rv & CERT_PKEY_ISSUER_NAME)) {
-            if (ssl_check_ca_name(ca_dn, x))
-                rv |= CERT_PKEY_ISSUER_NAME;
-        }
-        if (!(rv & CERT_PKEY_ISSUER_NAME)) {
-            for (i = 0; i < sk_X509_num(chain); i++) {
-                X509 *xtmp = sk_X509_value(chain, i);
-                if (ssl_check_ca_name(ca_dn, xtmp)) {
-                    rv |= CERT_PKEY_ISSUER_NAME;
-                    break;
-                }
-            }
-        }
-        if (!check_flags && !(rv & CERT_PKEY_ISSUER_NAME))
-            goto end;
-    } else
-        rv |= CERT_PKEY_ISSUER_NAME | CERT_PKEY_CERT_TYPE;
-
-    if (!check_flags || (rv & check_flags) == check_flags)
-        rv |= CERT_PKEY_VALID;
-
- end:
-
-    if (TLS1_get_version(s) >= TLS1_2_VERSION) {
-        if (cpk->valid_flags & CERT_PKEY_EXPLICIT_SIGN)
-            rv |= CERT_PKEY_EXPLICIT_SIGN | CERT_PKEY_SIGN;
-        else if (cpk->digest)
-            rv |= CERT_PKEY_SIGN;
-    } else
-        rv |= CERT_PKEY_SIGN | CERT_PKEY_EXPLICIT_SIGN;
-
-    /*
-     * When checking a CERT_PKEY structure all flags are irrelevant if the
-     * chain is invalid.
-     */
-    if (!check_flags) {
-        if (rv & CERT_PKEY_VALID)
-            cpk->valid_flags = rv;
-        else {
-            /* Preserve explicit sign flag, clear rest */
-            cpk->valid_flags &= CERT_PKEY_EXPLICIT_SIGN;
-            return 0;
-        }
-    }
-    return rv;
-}
-
-/* Set validity of certificates in an SSL structure */
-void tls1_set_cert_validity(SSL *s)
-{
-    tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_RSA_ENC);
-    tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_RSA_SIGN);
-    tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_DSA_SIGN);
-    tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_DH_RSA);
-    tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_DH_DSA);
-    tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_ECC);
-}
-
-/* User level utiity function to check a chain is suitable */
-int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain)
-{
-    return tls1_check_chain(s, x, pk, chain, -1);
-}
-
-#endif
diff --git a/thirdparty/openssl/ssl/t1_meth.c b/thirdparty/openssl/ssl/t1_meth.c
deleted file mode 100644
index 335d57b530..0000000000
--- a/thirdparty/openssl/ssl/t1_meth.c
+++ /dev/null
@@ -1,84 +0,0 @@
-/* ssl/t1_meth.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/objects.h>
-#include "ssl_locl.h"
-
-static const SSL_METHOD *tls1_get_method(int ver)
-{
-    if (ver == TLS1_2_VERSION)
-        return TLSv1_2_method();
-    if (ver == TLS1_1_VERSION)
-        return TLSv1_1_method();
-    if (ver == TLS1_VERSION)
-        return TLSv1_method();
-    return NULL;
-}
-
-IMPLEMENT_tls_meth_func(TLS1_2_VERSION, TLSv1_2_method,
-                        ssl3_accept,
-                        ssl3_connect, tls1_get_method, TLSv1_2_enc_data)
-
-    IMPLEMENT_tls_meth_func(TLS1_1_VERSION, TLSv1_1_method,
-                        ssl3_accept,
-                        ssl3_connect, tls1_get_method, TLSv1_1_enc_data)
-
-    IMPLEMENT_tls_meth_func(TLS1_VERSION, TLSv1_method,
-                        ssl3_accept,
-                        ssl3_connect, tls1_get_method, TLSv1_enc_data)
diff --git a/thirdparty/openssl/ssl/t1_reneg.c b/thirdparty/openssl/ssl/t1_reneg.c
deleted file mode 100644
index b9a35c7fc2..0000000000
--- a/thirdparty/openssl/ssl/t1_reneg.c
+++ /dev/null
@@ -1,292 +0,0 @@
-/* ssl/t1_reneg.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2009 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <stdio.h>
-#include <openssl/objects.h>
-#include "ssl_locl.h"
-
-/* Add the client's renegotiation binding */
-int ssl_add_clienthello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
-                                        int maxlen)
-{
-    if (p) {
-        if ((s->s3->previous_client_finished_len + 1) > maxlen) {
-            SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT,
-                   SSL_R_RENEGOTIATE_EXT_TOO_LONG);
-            return 0;
-        }
-
-        /* Length byte */
-        *p = s->s3->previous_client_finished_len;
-        p++;
-
-        memcpy(p, s->s3->previous_client_finished,
-               s->s3->previous_client_finished_len);
-#ifdef OPENSSL_RI_DEBUG
-        fprintf(stderr, "%s RI extension sent by client\n",
-                s->s3->previous_client_finished_len ? "Non-empty" : "Empty");
-#endif
-    }
-
-    *len = s->s3->previous_client_finished_len + 1;
-
-    return 1;
-}
-
-/*
- * Parse the client's renegotiation binding and abort if it's not right
- */
-int ssl_parse_clienthello_renegotiate_ext(SSL *s, unsigned char *d, int len,
-                                          int *al)
-{
-    int ilen;
-
-    /* Parse the length byte */
-    if (len < 1) {
-        SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,
-               SSL_R_RENEGOTIATION_ENCODING_ERR);
-        *al = SSL_AD_ILLEGAL_PARAMETER;
-        return 0;
-    }
-    ilen = *d;
-    d++;
-
-    /* Consistency check */
-    if ((ilen + 1) != len) {
-        SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,
-               SSL_R_RENEGOTIATION_ENCODING_ERR);
-        *al = SSL_AD_ILLEGAL_PARAMETER;
-        return 0;
-    }
-
-    /* Check that the extension matches */
-    if (ilen != s->s3->previous_client_finished_len) {
-        SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,
-               SSL_R_RENEGOTIATION_MISMATCH);
-        *al = SSL_AD_HANDSHAKE_FAILURE;
-        return 0;
-    }
-
-    if (memcmp(d, s->s3->previous_client_finished,
-               s->s3->previous_client_finished_len)) {
-        SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,
-               SSL_R_RENEGOTIATION_MISMATCH);
-        *al = SSL_AD_HANDSHAKE_FAILURE;
-        return 0;
-    }
-#ifdef OPENSSL_RI_DEBUG
-    fprintf(stderr, "%s RI extension received by server\n",
-            ilen ? "Non-empty" : "Empty");
-#endif
-
-    s->s3->send_connection_binding = 1;
-
-    return 1;
-}
-
-/* Add the server's renegotiation binding */
-int ssl_add_serverhello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
-                                        int maxlen)
-{
-    if (p) {
-        if ((s->s3->previous_client_finished_len +
-             s->s3->previous_server_finished_len + 1) > maxlen) {
-            SSLerr(SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT,
-                   SSL_R_RENEGOTIATE_EXT_TOO_LONG);
-            return 0;
-        }
-
-        /* Length byte */
-        *p = s->s3->previous_client_finished_len +
-            s->s3->previous_server_finished_len;
-        p++;
-
-        memcpy(p, s->s3->previous_client_finished,
-               s->s3->previous_client_finished_len);
-        p += s->s3->previous_client_finished_len;
-
-        memcpy(p, s->s3->previous_server_finished,
-               s->s3->previous_server_finished_len);
-#ifdef OPENSSL_RI_DEBUG
-        fprintf(stderr, "%s RI extension sent by server\n",
-                s->s3->previous_client_finished_len ? "Non-empty" : "Empty");
-#endif
-    }
-
-    *len = s->s3->previous_client_finished_len
-        + s->s3->previous_server_finished_len + 1;
-
-    return 1;
-}
-
-/*
- * Parse the server's renegotiation binding and abort if it's not right
- */
-int ssl_parse_serverhello_renegotiate_ext(SSL *s, unsigned char *d, int len,
-                                          int *al)
-{
-    int expected_len = s->s3->previous_client_finished_len
-        + s->s3->previous_server_finished_len;
-    int ilen;
-
-    /* Check for logic errors */
-    OPENSSL_assert(!expected_len || s->s3->previous_client_finished_len);
-    OPENSSL_assert(!expected_len || s->s3->previous_server_finished_len);
-
-    /* Parse the length byte */
-    if (len < 1) {
-        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
-               SSL_R_RENEGOTIATION_ENCODING_ERR);
-        *al = SSL_AD_ILLEGAL_PARAMETER;
-        return 0;
-    }
-    ilen = *d;
-    d++;
-
-    /* Consistency check */
-    if (ilen + 1 != len) {
-        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
-               SSL_R_RENEGOTIATION_ENCODING_ERR);
-        *al = SSL_AD_ILLEGAL_PARAMETER;
-        return 0;
-    }
-
-    /* Check that the extension matches */
-    if (ilen != expected_len) {
-        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
-               SSL_R_RENEGOTIATION_MISMATCH);
-        *al = SSL_AD_HANDSHAKE_FAILURE;
-        return 0;
-    }
-
-    if (memcmp(d, s->s3->previous_client_finished,
-               s->s3->previous_client_finished_len)) {
-        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
-               SSL_R_RENEGOTIATION_MISMATCH);
-        *al = SSL_AD_HANDSHAKE_FAILURE;
-        return 0;
-    }
-    d += s->s3->previous_client_finished_len;
-
-    if (memcmp(d, s->s3->previous_server_finished,
-               s->s3->previous_server_finished_len)) {
-        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
-               SSL_R_RENEGOTIATION_MISMATCH);
-        *al = SSL_AD_ILLEGAL_PARAMETER;
-        return 0;
-    }
-#ifdef OPENSSL_RI_DEBUG
-    fprintf(stderr, "%s RI extension received by client\n",
-            ilen ? "Non-empty" : "Empty");
-#endif
-    s->s3->send_connection_binding = 1;
-
-    return 1;
-}
diff --git a/thirdparty/openssl/ssl/t1_srvr.c b/thirdparty/openssl/ssl/t1_srvr.c
deleted file mode 100644
index 8c6b3dff2f..0000000000
--- a/thirdparty/openssl/ssl/t1_srvr.c
+++ /dev/null
@@ -1,92 +0,0 @@
-/* ssl/t1_srvr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "ssl_locl.h"
-#include <openssl/buffer.h>
-#include <openssl/rand.h>
-#include <openssl/objects.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-static const SSL_METHOD *tls1_get_server_method(int ver);
-static const SSL_METHOD *tls1_get_server_method(int ver)
-{
-    if (ver == TLS1_2_VERSION)
-        return TLSv1_2_server_method();
-    if (ver == TLS1_1_VERSION)
-        return TLSv1_1_server_method();
-    if (ver == TLS1_VERSION)
-        return TLSv1_server_method();
-    return NULL;
-}
-
-IMPLEMENT_tls_meth_func(TLS1_2_VERSION, TLSv1_2_server_method,
-                        ssl3_accept,
-                        ssl_undefined_function,
-                        tls1_get_server_method, TLSv1_2_enc_data)
-
-    IMPLEMENT_tls_meth_func(TLS1_1_VERSION, TLSv1_1_server_method,
-                        ssl3_accept,
-                        ssl_undefined_function,
-                        tls1_get_server_method, TLSv1_1_enc_data)
-
-    IMPLEMENT_tls_meth_func(TLS1_VERSION, TLSv1_server_method,
-                        ssl3_accept,
-                        ssl_undefined_function,
-                        tls1_get_server_method, TLSv1_enc_data)
diff --git a/thirdparty/openssl/ssl/t1_trce.c b/thirdparty/openssl/ssl/t1_trce.c
deleted file mode 100644
index c5e21df77a..0000000000
--- a/thirdparty/openssl/ssl/t1_trce.c
+++ /dev/null
@@ -1,1266 +0,0 @@
-/* ssl/t1_trce.c */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2012 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include "ssl_locl.h"
-
-#ifndef OPENSSL_NO_SSL_TRACE
-
-/* Packet trace support for OpenSSL */
-
-typedef struct {
-    int num;
-    const char *name;
-} ssl_trace_tbl;
-
-# define ssl_trace_str(val, tbl) \
-        do_ssl_trace_str(val, tbl, sizeof(tbl)/sizeof(ssl_trace_tbl))
-
-# define ssl_trace_list(bio, indent, msg, msglen, value, table) \
-        do_ssl_trace_list(bio, indent, msg, msglen, value, \
-         table, sizeof(table)/sizeof(ssl_trace_tbl))
-
-static const char *do_ssl_trace_str(int val, ssl_trace_tbl *tbl, size_t ntbl)
-{
-    size_t i;
-    for (i = 0; i < ntbl; i++, tbl++) {
-        if (tbl->num == val)
-            return tbl->name;
-    }
-    return "UNKNOWN";
-}
-
-static int do_ssl_trace_list(BIO *bio, int indent,
-                             const unsigned char *msg, size_t msglen,
-                             size_t vlen, ssl_trace_tbl *tbl, size_t ntbl)
-{
-    int val;
-    if (msglen % vlen)
-        return 0;
-    while (msglen) {
-        val = msg[0];
-        if (vlen == 2)
-            val = (val << 8) | msg[1];
-        BIO_indent(bio, indent, 80);
-        BIO_printf(bio, "%s (%d)\n", do_ssl_trace_str(val, tbl, ntbl), val);
-        msg += vlen;
-        msglen -= vlen;
-    }
-    return 1;
-}
-
-/* Version number */
-
-static ssl_trace_tbl ssl_version_tbl[] = {
-    {SSL2_VERSION, "SSL 2.0"},
-    {SSL3_VERSION, "SSL 3.0"},
-    {TLS1_VERSION, "TLS 1.0"},
-    {TLS1_1_VERSION, "TLS 1.1"},
-    {TLS1_2_VERSION, "TLS 1.2"},
-    {DTLS1_VERSION, "DTLS 1.0"},
-    {DTLS1_2_VERSION, "DTLS 1.2"},
-    {DTLS1_BAD_VER, "DTLS 1.0 (bad)"}
-};
-
-static ssl_trace_tbl ssl_content_tbl[] = {
-    {SSL3_RT_CHANGE_CIPHER_SPEC, "ChangeCipherSpec"},
-    {SSL3_RT_ALERT, "Alert"},
-    {SSL3_RT_HANDSHAKE, "Handshake"},
-    {SSL3_RT_APPLICATION_DATA, "ApplicationData"},
-    {TLS1_RT_HEARTBEAT, "HeartBeat"}
-};
-
-/* Handshake types */
-static ssl_trace_tbl ssl_handshake_tbl[] = {
-    {SSL3_MT_HELLO_REQUEST, "HelloRequest"},
-    {SSL3_MT_CLIENT_HELLO, "ClientHello"},
-    {SSL3_MT_SERVER_HELLO, "ServerHello"},
-    {DTLS1_MT_HELLO_VERIFY_REQUEST, "HelloVerifyRequest"},
-    {SSL3_MT_NEWSESSION_TICKET, "NewSessionTicket"},
-    {SSL3_MT_CERTIFICATE, "Certificate"},
-    {SSL3_MT_SERVER_KEY_EXCHANGE, "ServerKeyExchange"},
-    {SSL3_MT_CERTIFICATE_REQUEST, "CertificateRequest"},
-    {SSL3_MT_CLIENT_KEY_EXCHANGE, "ClientKeyExchange"},
-    {SSL3_MT_CERTIFICATE_STATUS, "CertificateStatus"},
-    {SSL3_MT_SERVER_DONE, "ServerHelloDone"},
-    {SSL3_MT_CERTIFICATE_VERIFY, "CertificateVerify"},
-    {SSL3_MT_CLIENT_KEY_EXCHANGE, "ClientKeyExchange"},
-    {SSL3_MT_FINISHED, "Finished"},
-    {SSL3_MT_CERTIFICATE_STATUS, "CertificateStatus"}
-};
-
-/* Cipher suites */
-static ssl_trace_tbl ssl_ciphers_tbl[] = {
-    {0x0000, "SSL_NULL_WITH_NULL_NULL"},
-    {0x0001, "SSL_RSA_WITH_NULL_MD5"},
-    {0x0002, "SSL_RSA_WITH_NULL_SHA"},
-    {0x0003, "SSL_RSA_EXPORT_WITH_RC4_40_MD5"},
-    {0x0004, "SSL_RSA_WITH_RC4_128_MD5"},
-    {0x0005, "SSL_RSA_WITH_RC4_128_SHA"},
-    {0x0006, "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5"},
-    {0x0007, "SSL_RSA_WITH_IDEA_CBC_SHA"},
-    {0x0008, "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA"},
-    {0x0009, "SSL_RSA_WITH_DES_CBC_SHA"},
-    {0x000A, "SSL_RSA_WITH_3DES_EDE_CBC_SHA"},
-    {0x000B, "SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"},
-    {0x000C, "SSL_DH_DSS_WITH_DES_CBC_SHA"},
-    {0x000D, "SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA"},
-    {0x000E, "SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"},
-    {0x000F, "SSL_DH_RSA_WITH_DES_CBC_SHA"},
-    {0x0010, "SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA"},
-    {0x0011, "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"},
-    {0x0012, "SSL_DHE_DSS_WITH_DES_CBC_SHA"},
-    {0x0013, "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"},
-    {0x0014, "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"},
-    {0x0015, "SSL_DHE_RSA_WITH_DES_CBC_SHA"},
-    {0x0016, "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA"},
-    {0x0017, "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5"},
-    {0x0018, "SSL_DH_anon_WITH_RC4_128_MD5"},
-    {0x0019, "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA"},
-    {0x001A, "SSL_DH_anon_WITH_DES_CBC_SHA"},
-    {0x001B, "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA"},
-    {0x001D, "SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA"},
-    {0x001E, "SSL_FORTEZZA_KEA_WITH_RC4_128_SHA"},
-    {0x001F, "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"},
-    {0x0020, "TLS_KRB5_WITH_RC4_128_SHA"},
-    {0x0021, "TLS_KRB5_WITH_IDEA_CBC_SHA"},
-    {0x0022, "TLS_KRB5_WITH_DES_CBC_MD5"},
-    {0x0023, "TLS_KRB5_WITH_3DES_EDE_CBC_MD5"},
-    {0x0024, "TLS_KRB5_WITH_RC4_128_MD5"},
-    {0x0025, "TLS_KRB5_WITH_IDEA_CBC_MD5"},
-    {0x0026, "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA"},
-    {0x0027, "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA"},
-    {0x0028, "TLS_KRB5_EXPORT_WITH_RC4_40_SHA"},
-    {0x0029, "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5"},
-    {0x002A, "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5"},
-    {0x002B, "TLS_KRB5_EXPORT_WITH_RC4_40_MD5"},
-    {0x002F, "TLS_RSA_WITH_AES_128_CBC_SHA"},
-    {0x0030, "TLS_DH_DSS_WITH_AES_128_CBC_SHA"},
-    {0x0031, "TLS_DH_RSA_WITH_AES_128_CBC_SHA"},
-    {0x0032, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"},
-    {0x0033, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"},
-    {0x0034, "TLS_DH_anon_WITH_AES_128_CBC_SHA"},
-    {0x0035, "TLS_RSA_WITH_AES_256_CBC_SHA"},
-    {0x0036, "TLS_DH_DSS_WITH_AES_256_CBC_SHA"},
-    {0x0037, "TLS_DH_RSA_WITH_AES_256_CBC_SHA"},
-    {0x0038, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"},
-    {0x0039, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"},
-    {0x003A, "TLS_DH_anon_WITH_AES_256_CBC_SHA"},
-    {0x003B, "TLS_RSA_WITH_NULL_SHA256"},
-    {0x003C, "TLS_RSA_WITH_AES_128_CBC_SHA256"},
-    {0x003D, "TLS_RSA_WITH_AES_256_CBC_SHA256"},
-    {0x003E, "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"},
-    {0x003F, "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"},
-    {0x0040, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"},
-    {0x0041, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"},
-    {0x0042, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA"},
-    {0x0043, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA"},
-    {0x0044, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"},
-    {0x0045, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"},
-    {0x0046, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA"},
-    {0x0067, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"},
-    {0x0068, "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"},
-    {0x0069, "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"},
-    {0x006A, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"},
-    {0x006B, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"},
-    {0x006C, "TLS_DH_anon_WITH_AES_128_CBC_SHA256"},
-    {0x006D, "TLS_DH_anon_WITH_AES_256_CBC_SHA256"},
-    {0x0084, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"},
-    {0x0085, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"},
-    {0x0086, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"},
-    {0x0087, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"},
-    {0x0088, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"},
-    {0x0089, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA"},
-    {0x008A, "TLS_PSK_WITH_RC4_128_SHA"},
-    {0x008B, "TLS_PSK_WITH_3DES_EDE_CBC_SHA"},
-    {0x008C, "TLS_PSK_WITH_AES_128_CBC_SHA"},
-    {0x008D, "TLS_PSK_WITH_AES_256_CBC_SHA"},
-    {0x008E, "TLS_DHE_PSK_WITH_RC4_128_SHA"},
-    {0x008F, "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"},
-    {0x0090, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"},
-    {0x0091, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"},
-    {0x0092, "TLS_RSA_PSK_WITH_RC4_128_SHA"},
-    {0x0093, "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"},
-    {0x0094, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"},
-    {0x0095, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"},
-    {0x0096, "TLS_RSA_WITH_SEED_CBC_SHA"},
-    {0x0097, "TLS_DH_DSS_WITH_SEED_CBC_SHA"},
-    {0x0098, "TLS_DH_RSA_WITH_SEED_CBC_SHA"},
-    {0x0099, "TLS_DHE_DSS_WITH_SEED_CBC_SHA"},
-    {0x009A, "TLS_DHE_RSA_WITH_SEED_CBC_SHA"},
-    {0x009B, "TLS_DH_anon_WITH_SEED_CBC_SHA"},
-    {0x009C, "TLS_RSA_WITH_AES_128_GCM_SHA256"},
-    {0x009D, "TLS_RSA_WITH_AES_256_GCM_SHA384"},
-    {0x009E, "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"},
-    {0x009F, "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"},
-    {0x00A0, "TLS_DH_RSA_WITH_AES_128_GCM_SHA256"},
-    {0x00A1, "TLS_DH_RSA_WITH_AES_256_GCM_SHA384"},
-    {0x00A2, "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256"},
-    {0x00A3, "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384"},
-    {0x00A4, "TLS_DH_DSS_WITH_AES_128_GCM_SHA256"},
-    {0x00A5, "TLS_DH_DSS_WITH_AES_256_GCM_SHA384"},
-    {0x00A6, "TLS_DH_anon_WITH_AES_128_GCM_SHA256"},
-    {0x00A7, "TLS_DH_anon_WITH_AES_256_GCM_SHA384"},
-    {0x00A8, "TLS_PSK_WITH_AES_128_GCM_SHA256"},
-    {0x00A9, "TLS_PSK_WITH_AES_256_GCM_SHA384"},
-    {0x00AA, "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256"},
-    {0x00AB, "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384"},
-    {0x00AC, "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"},
-    {0x00AD, "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"},
-    {0x00AE, "TLS_PSK_WITH_AES_128_CBC_SHA256"},
-    {0x00AF, "TLS_PSK_WITH_AES_256_CBC_SHA384"},
-    {0x00B0, "TLS_PSK_WITH_NULL_SHA256"},
-    {0x00B1, "TLS_PSK_WITH_NULL_SHA384"},
-    {0x00B2, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"},
-    {0x00B3, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"},
-    {0x00B4, "TLS_DHE_PSK_WITH_NULL_SHA256"},
-    {0x00B5, "TLS_DHE_PSK_WITH_NULL_SHA384"},
-    {0x00B6, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"},
-    {0x00B7, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"},
-    {0x00B8, "TLS_RSA_PSK_WITH_NULL_SHA256"},
-    {0x00B9, "TLS_RSA_PSK_WITH_NULL_SHA384"},
-    {0x00BA, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"},
-    {0x00BB, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"},
-    {0x00BC, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"},
-    {0x00BD, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"},
-    {0x00BE, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"},
-    {0x00BF, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256"},
-    {0x00C0, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"},
-    {0x00C1, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"},
-    {0x00C2, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"},
-    {0x00C3, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"},
-    {0x00C4, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"},
-    {0x00C5, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256"},
-    {0x00FF, "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"},
-    {0xC001, "TLS_ECDH_ECDSA_WITH_NULL_SHA"},
-    {0xC002, "TLS_ECDH_ECDSA_WITH_RC4_128_SHA"},
-    {0xC003, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"},
-    {0xC004, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"},
-    {0xC005, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"},
-    {0xC006, "TLS_ECDHE_ECDSA_WITH_NULL_SHA"},
-    {0xC007, "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA"},
-    {0xC008, "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"},
-    {0xC009, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"},
-    {0xC00A, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"},
-    {0xC00B, "TLS_ECDH_RSA_WITH_NULL_SHA"},
-    {0xC00C, "TLS_ECDH_RSA_WITH_RC4_128_SHA"},
-    {0xC00D, "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"},
-    {0xC00E, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"},
-    {0xC00F, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"},
-    {0xC010, "TLS_ECDHE_RSA_WITH_NULL_SHA"},
-    {0xC011, "TLS_ECDHE_RSA_WITH_RC4_128_SHA"},
-    {0xC012, "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"},
-    {0xC013, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"},
-    {0xC014, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"},
-    {0xC015, "TLS_ECDH_anon_WITH_NULL_SHA"},
-    {0xC016, "TLS_ECDH_anon_WITH_RC4_128_SHA"},
-    {0xC017, "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA"},
-    {0xC018, "TLS_ECDH_anon_WITH_AES_128_CBC_SHA"},
-    {0xC019, "TLS_ECDH_anon_WITH_AES_256_CBC_SHA"},
-    {0xC01A, "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"},
-    {0xC01B, "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"},
-    {0xC01C, "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"},
-    {0xC01D, "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"},
-    {0xC01E, "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"},
-    {0xC01F, "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"},
-    {0xC020, "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"},
-    {0xC021, "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"},
-    {0xC022, "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"},
-    {0xC023, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"},
-    {0xC024, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"},
-    {0xC025, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"},
-    {0xC026, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"},
-    {0xC027, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"},
-    {0xC028, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"},
-    {0xC029, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"},
-    {0xC02A, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"},
-    {0xC02B, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"},
-    {0xC02C, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"},
-    {0xC02D, "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"},
-    {0xC02E, "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"},
-    {0xC02F, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"},
-    {0xC030, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"},
-    {0xC031, "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"},
-    {0xC032, "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"},
-    {0xFEFE, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"},
-    {0xFEFF, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA"},
-};
-
-/* Compression methods */
-static ssl_trace_tbl ssl_comp_tbl[] = {
-    {0x0000, "No Compression"},
-    {0x0001, "Zlib Compression"}
-};
-
-/* Extensions */
-static ssl_trace_tbl ssl_exts_tbl[] = {
-    {TLSEXT_TYPE_server_name, "server_name"},
-    {TLSEXT_TYPE_max_fragment_length, "max_fragment_length"},
-    {TLSEXT_TYPE_client_certificate_url, "client_certificate_url"},
-    {TLSEXT_TYPE_trusted_ca_keys, "trusted_ca_keys"},
-    {TLSEXT_TYPE_truncated_hmac, "truncated_hmac"},
-    {TLSEXT_TYPE_status_request, "status_request"},
-    {TLSEXT_TYPE_user_mapping, "user_mapping"},
-    {TLSEXT_TYPE_client_authz, "client_authz"},
-    {TLSEXT_TYPE_server_authz, "server_authz"},
-    {TLSEXT_TYPE_cert_type, "cert_type"},
-    {TLSEXT_TYPE_elliptic_curves, "elliptic_curves"},
-    {TLSEXT_TYPE_ec_point_formats, "ec_point_formats"},
-    {TLSEXT_TYPE_srp, "srp"},
-    {TLSEXT_TYPE_signature_algorithms, "signature_algorithms"},
-    {TLSEXT_TYPE_use_srtp, "use_srtp"},
-    {TLSEXT_TYPE_heartbeat, "heartbeat"},
-    {TLSEXT_TYPE_session_ticket, "session_ticket"},
-# ifdef TLSEXT_TYPE_opaque_prf_input
-    {TLSEXT_TYPE_opaque_prf_input, "opaque_prf_input"},
-# endif
-    {TLSEXT_TYPE_renegotiate, "renegotiate"},
-    {TLSEXT_TYPE_next_proto_neg, "next_proto_neg"},
-    {TLSEXT_TYPE_padding, "padding"}
-};
-
-static ssl_trace_tbl ssl_curve_tbl[] = {
-    {1, "sect163k1 (K-163)"},
-    {2, "sect163r1"},
-    {3, "sect163r2 (B-163)"},
-    {4, "sect193r1"},
-    {5, "sect193r2"},
-    {6, "sect233k1 (K-233)"},
-    {7, "sect233r1 (B-233)"},
-    {8, "sect239k1"},
-    {9, "sect283k1 (K-283)"},
-    {10, "sect283r1 (B-283)"},
-    {11, "sect409k1 (K-409)"},
-    {12, "sect409r1 (B-409)"},
-    {13, "sect571k1 (K-571)"},
-    {14, "sect571r1 (B-571)"},
-    {15, "secp160k1"},
-    {16, "secp160r1"},
-    {17, "secp160r2"},
-    {18, "secp192k1"},
-    {19, "secp192r1 (P-192)"},
-    {20, "secp224k1"},
-    {21, "secp224r1 (P-224)"},
-    {22, "secp256k1"},
-    {23, "secp256r1 (P-256)"},
-    {24, "secp384r1 (P-384)"},
-    {25, "secp521r1 (P-521)"},
-    {26, "brainpoolP256r1"},
-    {27, "brainpoolP384r1"},
-    {28, "brainpoolP512r1"},
-    {0xFF01, "arbitrary_explicit_prime_curves"},
-    {0xFF02, "arbitrary_explicit_char2_curves"}
-};
-
-static ssl_trace_tbl ssl_point_tbl[] = {
-    {0, "uncompressed"},
-    {1, "ansiX962_compressed_prime"},
-    {2, "ansiX962_compressed_char2"}
-};
-
-static ssl_trace_tbl ssl_md_tbl[] = {
-    {0, "none"},
-    {1, "md5"},
-    {2, "sha1"},
-    {3, "sha224"},
-    {4, "sha256"},
-    {5, "sha384"},
-    {6, "sha512"}
-};
-
-static ssl_trace_tbl ssl_sig_tbl[] = {
-    {0, "anonymous"},
-    {1, "rsa"},
-    {2, "dsa"},
-    {3, "ecdsa"}
-};
-
-static ssl_trace_tbl ssl_hb_tbl[] = {
-    {1, "peer_allowed_to_send"},
-    {2, "peer_not_allowed_to_send"}
-};
-
-static ssl_trace_tbl ssl_hb_type_tbl[] = {
-    {1, "heartbeat_request"},
-    {2, "heartbeat_response"}
-};
-
-static ssl_trace_tbl ssl_ctype_tbl[] = {
-    {1, "rsa_sign"},
-    {2, "dss_sign"},
-    {3, "rsa_fixed_dh"},
-    {4, "dss_fixed_dh"},
-    {5, "rsa_ephemeral_dh"},
-    {6, "dss_ephemeral_dh"},
-    {20, "fortezza_dms"},
-    {64, "ecdsa_sign"},
-    {65, "rsa_fixed_ecdh"},
-    {66, "ecdsa_fixed_ecdh"}
-};
-
-static ssl_trace_tbl ssl_crypto_tbl[] = {
-    {TLS1_RT_CRYPTO_PREMASTER, "Premaster Secret"},
-    {TLS1_RT_CRYPTO_CLIENT_RANDOM, "Client Random"},
-    {TLS1_RT_CRYPTO_SERVER_RANDOM, "Server Random"},
-    {TLS1_RT_CRYPTO_MASTER, "Master Secret"},
-    {TLS1_RT_CRYPTO_MAC | TLS1_RT_CRYPTO_WRITE, "Write Mac Secret"},
-    {TLS1_RT_CRYPTO_MAC | TLS1_RT_CRYPTO_READ, "Read Mac Secret"},
-    {TLS1_RT_CRYPTO_KEY | TLS1_RT_CRYPTO_WRITE, "Write Key"},
-    {TLS1_RT_CRYPTO_KEY | TLS1_RT_CRYPTO_READ, "Read Key"},
-    {TLS1_RT_CRYPTO_IV | TLS1_RT_CRYPTO_WRITE, "Write IV"},
-    {TLS1_RT_CRYPTO_IV | TLS1_RT_CRYPTO_READ, "Read IV"},
-    {TLS1_RT_CRYPTO_FIXED_IV | TLS1_RT_CRYPTO_WRITE, "Write IV (fixed part)"},
-    {TLS1_RT_CRYPTO_FIXED_IV | TLS1_RT_CRYPTO_READ, "Read IV (fixed part)"}
-};
-
-static void ssl_print_hex(BIO *bio, int indent, const char *name,
-                          const unsigned char *msg, size_t msglen)
-{
-    size_t i;
-    BIO_indent(bio, indent, 80);
-    BIO_printf(bio, "%s (len=%d): ", name, (int)msglen);
-    for (i = 0; i < msglen; i++)
-        BIO_printf(bio, "%02X", msg[i]);
-    BIO_puts(bio, "\n");
-}
-
-static int ssl_print_hexbuf(BIO *bio, int indent,
-                            const char *name, size_t nlen,
-                            const unsigned char **pmsg, size_t *pmsglen)
-{
-    size_t blen;
-    const unsigned char *p = *pmsg;
-    if (*pmsglen < nlen)
-        return 0;
-    blen = p[0];
-    if (nlen > 1)
-        blen = (blen << 8) | p[1];
-    if (*pmsglen < nlen + blen)
-        return 0;
-    p += nlen;
-    ssl_print_hex(bio, indent, name, p, blen);
-    *pmsg += blen + nlen;
-    *pmsglen -= blen + nlen;
-    return 1;
-}
-
-static int ssl_print_version(BIO *bio, int indent, const char *name,
-                             const unsigned char **pmsg, size_t *pmsglen)
-{
-    int vers;
-    if (*pmsglen < 2)
-        return 0;
-    vers = ((*pmsg)[0] << 8) | (*pmsg)[1];
-    BIO_indent(bio, indent, 80);
-    BIO_printf(bio, "%s=0x%x (%s)\n",
-               name, vers, ssl_trace_str(vers, ssl_version_tbl));
-    *pmsg += 2;
-    *pmsglen -= 2;
-    return 1;
-}
-
-static int ssl_print_random(BIO *bio, int indent,
-                            const unsigned char **pmsg, size_t *pmsglen)
-{
-    unsigned int tm;
-    const unsigned char *p = *pmsg;
-    if (*pmsglen < 32)
-        return 0;
-    tm = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3];
-    p += 4;
-    BIO_indent(bio, indent, 80);
-    BIO_puts(bio, "Random:\n");
-    BIO_indent(bio, indent + 2, 80);
-    BIO_printf(bio, "gmt_unix_time=0x%08X\n", tm);
-    ssl_print_hex(bio, indent + 2, "random_bytes", p, 28);
-    *pmsg += 32;
-    *pmsglen -= 32;
-    return 1;
-}
-
-static int ssl_print_signature(BIO *bio, int indent, SSL *s,
-                               const unsigned char **pmsg, size_t *pmsglen)
-{
-    if (*pmsglen < 2)
-        return 0;
-    if (SSL_USE_SIGALGS(s)) {
-        const unsigned char *p = *pmsg;
-        BIO_indent(bio, indent, 80);
-        BIO_printf(bio, "Signature Algorithm %s+%s (%d+%d)\n",
-                   ssl_trace_str(p[0], ssl_md_tbl),
-                   ssl_trace_str(p[1], ssl_sig_tbl), p[0], p[1]);
-        *pmsg += 2;
-        *pmsglen -= 2;
-    }
-    return ssl_print_hexbuf(bio, indent, "Signature", 2, pmsg, pmsglen);
-}
-
-static int ssl_print_extension(BIO *bio, int indent, int server, int extype,
-                               const unsigned char *ext, size_t extlen)
-{
-    size_t xlen;
-    BIO_indent(bio, indent, 80);
-    BIO_printf(bio, "extension_type=%s(%d), length=%d\n",
-               ssl_trace_str(extype, ssl_exts_tbl), extype, (int)extlen);
-    switch (extype) {
-    case TLSEXT_TYPE_ec_point_formats:
-        if (extlen < 1)
-            return 0;
-        xlen = ext[0];
-        if (extlen != xlen + 1)
-            return 0;
-        return ssl_trace_list(bio, indent + 2,
-                              ext + 1, xlen, 1, ssl_point_tbl);
-
-    case TLSEXT_TYPE_elliptic_curves:
-        if (extlen < 2)
-            return 0;
-        xlen = (ext[0] << 8) | ext[1];
-        if (extlen != xlen + 2)
-            return 0;
-        return ssl_trace_list(bio, indent + 2,
-                              ext + 2, xlen, 2, ssl_curve_tbl);
-
-    case TLSEXT_TYPE_signature_algorithms:
-
-        if (extlen < 2)
-            return 0;
-        xlen = (ext[0] << 8) | ext[1];
-        if (extlen != xlen + 2)
-            return 0;
-        if (xlen & 1)
-            return 0;
-        ext += 2;
-        while (xlen > 0) {
-            BIO_indent(bio, indent + 2, 80);
-            BIO_printf(bio, "%s+%s (%d+%d)\n",
-                       ssl_trace_str(ext[0], ssl_md_tbl),
-                       ssl_trace_str(ext[1], ssl_sig_tbl), ext[0], ext[1]);
-            xlen -= 2;
-            ext += 2;
-        }
-        break;
-
-    case TLSEXT_TYPE_renegotiate:
-        if (extlen < 1)
-            return 0;
-        xlen = ext[0];
-        if (xlen + 1 != extlen)
-            return 0;
-        ext++;
-        if (xlen) {
-            if (server) {
-                if (xlen & 1)
-                    return 0;
-                xlen >>= 1;
-            }
-            ssl_print_hex(bio, indent + 4, "client_verify_data", ext, xlen);
-            if (server) {
-                ext += xlen;
-                ssl_print_hex(bio, indent + 4,
-                              "server_verify_data", ext, xlen);
-            }
-        } else {
-            BIO_indent(bio, indent + 4, 80);
-            BIO_puts(bio, "<EMPTY>\n");
-        }
-        break;
-
-    case TLSEXT_TYPE_heartbeat:
-        if (extlen != 1)
-            return 0;
-        BIO_indent(bio, indent + 2, 80);
-        BIO_printf(bio, "HeartbeatMode: %s\n",
-                   ssl_trace_str(ext[0], ssl_hb_tbl));
-        break;
-
-    case TLSEXT_TYPE_session_ticket:
-        if (extlen != 0)
-            ssl_print_hex(bio, indent + 4, "ticket", ext, extlen);
-        break;
-
-    default:
-        BIO_dump_indent(bio, (char *)ext, extlen, indent + 2);
-    }
-    return 1;
-}
-
-static int ssl_print_extensions(BIO *bio, int indent, int server,
-                                const unsigned char *msg, size_t msglen)
-{
-    size_t extslen;
-    BIO_indent(bio, indent, 80);
-    if (msglen == 0) {
-        BIO_puts(bio, "No Extensions\n");
-        return 1;
-    }
-    extslen = (msg[0] << 8) | msg[1];
-    if (extslen != msglen - 2)
-        return 0;
-    msg += 2;
-    msglen = extslen;
-    BIO_printf(bio, "extensions, length = %d\n", (int)msglen);
-    while (msglen > 0) {
-        int extype;
-        size_t extlen;
-        if (msglen < 4)
-            return 0;
-        extype = (msg[0] << 8) | msg[1];
-        extlen = (msg[2] << 8) | msg[3];
-        if (msglen < extlen + 4)
-            return 0;
-        msg += 4;
-        if (!ssl_print_extension(bio, indent + 2, server,
-                                 extype, msg, extlen))
-            return 0;
-        msg += extlen;
-        msglen -= extlen + 4;
-    }
-    return 1;
-}
-
-static int ssl_print_client_hello(BIO *bio, SSL *ssl, int indent,
-                                  const unsigned char *msg, size_t msglen)
-{
-    size_t len;
-    unsigned int cs;
-    if (!ssl_print_version(bio, indent, "client_version", &msg, &msglen))
-        return 0;
-    if (!ssl_print_random(bio, indent, &msg, &msglen))
-        return 0;
-    if (!ssl_print_hexbuf(bio, indent, "session_id", 1, &msg, &msglen))
-        return 0;
-    if (SSL_IS_DTLS(ssl)) {
-        if (!ssl_print_hexbuf(bio, indent, "cookie", 1, &msg, &msglen))
-            return 0;
-    }
-    if (msglen < 2)
-        return 0;
-    len = (msg[0] << 8) | msg[1];
-    msg += 2;
-    msglen -= 2;
-    BIO_indent(bio, indent, 80);
-    BIO_printf(bio, "cipher_suites (len=%d)\n", (int)len);
-    if (msglen < len || len & 1)
-        return 0;
-    while (len > 0) {
-        cs = (msg[0] << 8) | msg[1];
-        BIO_indent(bio, indent + 2, 80);
-        BIO_printf(bio, "{0x%02X, 0x%02X} %s\n",
-                   msg[0], msg[1], ssl_trace_str(cs, ssl_ciphers_tbl));
-        msg += 2;
-        msglen -= 2;
-        len -= 2;
-    }
-    if (msglen < 1)
-        return 0;
-    len = msg[0];
-    msg++;
-    msglen--;
-    if (msglen < len)
-        return 0;
-    BIO_indent(bio, indent, 80);
-    BIO_printf(bio, "compression_methods (len=%d)\n", (int)len);
-    while (len > 0) {
-        BIO_indent(bio, indent + 2, 80);
-        BIO_printf(bio, "%s (0x%02X)\n",
-                   ssl_trace_str(msg[0], ssl_comp_tbl), msg[0]);
-        msg++;
-        msglen--;
-        len--;
-    }
-    if (!ssl_print_extensions(bio, indent, 0, msg, msglen))
-        return 0;
-    return 1;
-}
-
-static int dtls_print_hello_vfyrequest(BIO *bio, int indent,
-                                       const unsigned char *msg,
-                                       size_t msglen)
-{
-    if (!ssl_print_version(bio, indent, "server_version", &msg, &msglen))
-        return 0;
-    if (!ssl_print_hexbuf(bio, indent, "cookie", 1, &msg, &msglen))
-        return 0;
-    return 1;
-}
-
-static int ssl_print_server_hello(BIO *bio, int indent,
-                                  const unsigned char *msg, size_t msglen)
-{
-    unsigned int cs;
-    if (!ssl_print_version(bio, indent, "server_version", &msg, &msglen))
-        return 0;
-    if (!ssl_print_random(bio, indent, &msg, &msglen))
-        return 0;
-    if (!ssl_print_hexbuf(bio, indent, "session_id", 1, &msg, &msglen))
-        return 0;
-    if (msglen < 2)
-        return 0;
-    cs = (msg[0] << 8) | msg[1];
-    BIO_indent(bio, indent, 80);
-    BIO_printf(bio, "cipher_suite {0x%02X, 0x%02X} %s\n",
-               msg[0], msg[1], ssl_trace_str(cs, ssl_ciphers_tbl));
-    msg += 2;
-    msglen -= 2;
-    if (msglen < 1)
-        return 0;
-    BIO_indent(bio, indent, 80);
-    BIO_printf(bio, "compression_method: %s (0x%02X)\n",
-               ssl_trace_str(msg[0], ssl_comp_tbl), msg[0]);
-    msg++;
-    msglen--;
-    if (!ssl_print_extensions(bio, indent, 1, msg, msglen))
-        return 0;
-    return 1;
-}
-
-static int ssl_get_keyex(const char **pname, SSL *ssl)
-{
-    unsigned long alg_k = ssl->s3->tmp.new_cipher->algorithm_mkey;
-    if (alg_k & SSL_kRSA) {
-        *pname = "rsa";
-        return SSL_kRSA;
-    }
-    if (alg_k & SSL_kDHr) {
-        *pname = "dh_rsa";
-        return SSL_kDHr;
-    }
-    if (alg_k & SSL_kDHd) {
-        *pname = "dh_dss";
-        return SSL_kDHd;
-    }
-    if (alg_k & SSL_kKRB5) {
-        *pname = "krb5";
-        return SSL_kKRB5;
-    }
-    if (alg_k & SSL_kEDH) {
-        *pname = "edh";
-        return SSL_kEDH;
-    }
-    if (alg_k & SSL_kEECDH) {
-        *pname = "EECDH";
-        return SSL_kEECDH;
-    }
-    if (alg_k & SSL_kECDHr) {
-        *pname = "ECDH RSA";
-        return SSL_kECDHr;
-    }
-    if (alg_k & SSL_kECDHe) {
-        *pname = "ECDH ECDSA";
-        return SSL_kECDHe;
-    }
-    if (alg_k & SSL_kPSK) {
-        *pname = "PSK";
-        return SSL_kPSK;
-    }
-    if (alg_k & SSL_kSRP) {
-        *pname = "SRP";
-        return SSL_kSRP;
-    }
-    if (alg_k & SSL_kGOST) {
-        *pname = "GOST";
-        return SSL_kGOST;
-    }
-    *pname = "UNKNOWN";
-    return 0;
-}
-
-static int ssl_print_client_keyex(BIO *bio, int indent, SSL *ssl,
-                                  const unsigned char *msg, size_t msglen)
-{
-    const char *algname;
-    int id;
-    id = ssl_get_keyex(&algname, ssl);
-    BIO_indent(bio, indent, 80);
-    BIO_printf(bio, "KeyExchangeAlgorithm=%s\n", algname);
-    switch (id) {
-
-    case SSL_kRSA:
-        if (TLS1_get_version(ssl) == SSL3_VERSION) {
-            ssl_print_hex(bio, indent + 2,
-                          "EncyptedPreMasterSecret", msg, msglen);
-        } else {
-            if (!ssl_print_hexbuf(bio, indent + 2,
-                                  "EncyptedPreMasterSecret", 2,
-                                  &msg, &msglen))
-                return 0;
-        }
-        break;
-
-        /* Implicit parameters only allowed for static DH */
-    case SSL_kDHd:
-    case SSL_kDHr:
-        if (msglen == 0) {
-            BIO_indent(bio, indent + 2, 80);
-            BIO_puts(bio, "implicit\n");
-            break;
-        }
-    case SSL_kEDH:
-        if (!ssl_print_hexbuf(bio, indent + 2, "dh_Yc", 2, &msg, &msglen))
-            return 0;
-        break;
-
-    case SSL_kECDHr:
-    case SSL_kECDHe:
-        if (msglen == 0) {
-            BIO_indent(bio, indent + 2, 80);
-            BIO_puts(bio, "implicit\n");
-            break;
-        }
-    case SSL_kEECDH:
-        if (!ssl_print_hexbuf(bio, indent + 2, "ecdh_Yc", 1, &msg, &msglen))
-            return 0;
-        break;
-    }
-
-    return 1;
-}
-
-static int ssl_print_server_keyex(BIO *bio, int indent, SSL *ssl,
-                                  const unsigned char *msg, size_t msglen)
-{
-    const char *algname;
-    int id;
-    id = ssl_get_keyex(&algname, ssl);
-    BIO_indent(bio, indent, 80);
-    BIO_printf(bio, "KeyExchangeAlgorithm=%s\n", algname);
-    switch (id) {
-        /* Should never happen */
-    case SSL_kDHd:
-    case SSL_kDHr:
-    case SSL_kECDHr:
-    case SSL_kECDHe:
-        BIO_indent(bio, indent + 2, 80);
-        BIO_printf(bio, "Unexpected Message\n");
-        break;
-
-    case SSL_kRSA:
-
-        if (!ssl_print_hexbuf(bio, indent + 2, "rsa_modulus", 2,
-                              &msg, &msglen))
-            return 0;
-        if (!ssl_print_hexbuf(bio, indent + 2, "rsa_exponent", 2,
-                              &msg, &msglen))
-            return 0;
-        break;
-
-    case SSL_kEDH:
-        if (!ssl_print_hexbuf(bio, indent + 2, "dh_p", 2, &msg, &msglen))
-            return 0;
-        if (!ssl_print_hexbuf(bio, indent + 2, "dh_g", 2, &msg, &msglen))
-            return 0;
-        if (!ssl_print_hexbuf(bio, indent + 2, "dh_Ys", 2, &msg, &msglen))
-            return 0;
-        break;
-
-    case SSL_kEECDH:
-        if (msglen < 1)
-            return 0;
-        BIO_indent(bio, indent + 2, 80);
-        if (msg[0] == EXPLICIT_PRIME_CURVE_TYPE)
-            BIO_puts(bio, "explicit_prime\n");
-        else if (msg[0] == EXPLICIT_CHAR2_CURVE_TYPE)
-            BIO_puts(bio, "explicit_char2\n");
-        else if (msg[0] == NAMED_CURVE_TYPE) {
-            int curve;
-            if (msglen < 3)
-                return 0;
-            curve = (msg[1] << 8) | msg[2];
-            BIO_printf(bio, "named_curve: %s (%d)\n",
-                       ssl_trace_str(curve, ssl_curve_tbl), curve);
-            msg += 3;
-            msglen -= 3;
-            if (!ssl_print_hexbuf(bio, indent + 2, "point", 1, &msg, &msglen))
-                return 0;
-        }
-        break;
-    }
-    return ssl_print_signature(bio, indent, ssl, &msg, &msglen);
-}
-
-static int ssl_print_certificate(BIO *bio, int indent,
-                                 const unsigned char **pmsg, size_t *pmsglen)
-{
-    size_t msglen = *pmsglen;
-    size_t clen;
-    X509 *x;
-    const unsigned char *p = *pmsg, *q;
-    if (msglen < 3)
-        return 0;
-    clen = (p[0] << 16) | (p[1] << 8) | p[2];
-    if (msglen < clen + 3)
-        return 0;
-    q = p + 3;
-    BIO_indent(bio, indent, 80);
-    BIO_printf(bio, "ASN.1Cert, length=%d", (int)clen);
-    x = d2i_X509(NULL, &q, clen);
-    if (!x)
-        BIO_puts(bio, "<UNPARSEABLE CERTIFICATE>\n");
-    else {
-        BIO_puts(bio, "\n------details-----\n");
-        X509_print_ex(bio, x, XN_FLAG_ONELINE, 0);
-        PEM_write_bio_X509(bio, x);
-        /* Print certificate stuff */
-        BIO_puts(bio, "------------------\n");
-        X509_free(x);
-    }
-    if (q != p + 3 + clen) {
-        BIO_puts(bio, "<TRAILING GARBAGE AFTER CERTIFICATE>\n");
-    }
-    *pmsg += clen + 3;
-    *pmsglen -= clen + 3;
-    return 1;
-}
-
-static int ssl_print_certificates(BIO *bio, int indent,
-                                  const unsigned char *msg, size_t msglen)
-{
-    size_t clen;
-    if (msglen < 3)
-        return 0;
-    clen = (msg[0] << 16) | (msg[1] << 8) | msg[2];
-    if (msglen != clen + 3)
-        return 0;
-    msg += 3;
-    BIO_indent(bio, indent, 80);
-    BIO_printf(bio, "certificate_list, length=%d\n", (int)clen);
-    while (clen > 0) {
-        if (!ssl_print_certificate(bio, indent + 2, &msg, &clen))
-            return 0;
-    }
-    return 1;
-}
-
-static int ssl_print_cert_request(BIO *bio, int indent, SSL *s,
-                                  const unsigned char *msg, size_t msglen)
-{
-    size_t xlen;
-    if (msglen < 1)
-        return 0;
-    xlen = msg[0];
-    if (msglen < xlen + 1)
-        return 0;
-    msg++;
-    BIO_indent(bio, indent, 80);
-    BIO_printf(bio, "certificate_types (len=%d)\n", (int)xlen);
-    if (!ssl_trace_list(bio, indent + 2, msg, xlen, 1, ssl_ctype_tbl))
-        return 0;
-    msg += xlen;
-    msglen -= xlen + 1;
-    if (!SSL_USE_SIGALGS(s))
-        goto skip_sig;
-    if (msglen < 2)
-        return 0;
-    xlen = (msg[0] << 8) | msg[1];
-    if (msglen < xlen + 2 || (xlen & 1))
-        return 0;
-    msg += 2;
-    BIO_indent(bio, indent, 80);
-    BIO_printf(bio, "signature_algorithms (len=%d)\n", (int)xlen);
-    while (xlen > 0) {
-        BIO_indent(bio, indent + 2, 80);
-        BIO_printf(bio, "%s+%s (%d+%d)\n",
-                   ssl_trace_str(msg[0], ssl_md_tbl),
-                   ssl_trace_str(msg[1], ssl_sig_tbl), msg[0], msg[1]);
-        xlen -= 2;
-        msg += 2;
-    }
-    msg += xlen;
-    msglen -= xlen + 2;
-
- skip_sig:
-    xlen = (msg[0] << 8) | msg[1];
-    BIO_indent(bio, indent, 80);
-    if (msglen < xlen + 2)
-        return 0;
-    msg += 2;
-    msglen -= 2;
-    BIO_printf(bio, "certificate_authorities (len=%d)\n", (int)xlen);
-    while (xlen > 0) {
-        size_t dlen;
-        X509_NAME *nm;
-        const unsigned char *p;
-        if (xlen < 2)
-            return 0;
-        dlen = (msg[0] << 8) | msg[1];
-        if (xlen < dlen + 2)
-            return 0;
-        msg += 2;
-        BIO_indent(bio, indent + 2, 80);
-        BIO_printf(bio, "DistinguishedName (len=%d): ", (int)dlen);
-        p = msg;
-        nm = d2i_X509_NAME(NULL, &p, dlen);
-        if (!nm) {
-            BIO_puts(bio, "<UNPARSEABLE DN>\n");
-        } else {
-            X509_NAME_print_ex(bio, nm, 0, XN_FLAG_ONELINE);
-            BIO_puts(bio, "\n");
-            X509_NAME_free(nm);
-        }
-        xlen -= dlen + 2;
-        msg += dlen;
-    }
-    return 1;
-}
-
-static int ssl_print_ticket(BIO *bio, int indent,
-                            const unsigned char *msg, size_t msglen)
-{
-    unsigned int tick_life;
-    if (msglen == 0) {
-        BIO_indent(bio, indent + 2, 80);
-        BIO_puts(bio, "No Ticket\n");
-        return 1;
-    }
-    if (msglen < 4)
-        return 0;
-    tick_life = (msg[0] << 24) | (msg[1] << 16) | (msg[2] << 8) | msg[3];
-    msglen -= 4;
-    msg += 4;
-    BIO_indent(bio, indent + 2, 80);
-    BIO_printf(bio, "ticket_lifetime_hint=%u\n", tick_life);
-    if (!ssl_print_hexbuf(bio, indent + 2, "ticket", 2, &msg, &msglen))
-        return 0;
-    if (msglen)
-        return 0;
-    return 1;
-}
-
-static int ssl_print_handshake(BIO *bio, SSL *ssl,
-                               const unsigned char *msg, size_t msglen,
-                               int indent)
-{
-    size_t hlen;
-    unsigned char htype;
-    if (msglen < 4)
-        return 0;
-    htype = msg[0];
-    hlen = (msg[1] << 16) | (msg[2] << 8) | msg[3];
-    BIO_indent(bio, indent, 80);
-    BIO_printf(bio, "%s, Length=%d\n",
-               ssl_trace_str(htype, ssl_handshake_tbl), (int)hlen);
-    msg += 4;
-    msglen -= 4;
-    if (SSL_IS_DTLS(ssl)) {
-        if (msglen < 8)
-            return 0;
-        BIO_indent(bio, indent, 80);
-        BIO_printf(bio, "message_seq=%d, fragment_offset=%d, "
-                   "fragment_length=%d\n",
-                   (msg[0] << 8) | msg[1],
-                   (msg[2] << 16) | (msg[3] << 8) | msg[4],
-                   (msg[5] << 16) | (msg[6] << 8) | msg[7]);
-        msg += 8;
-        msglen -= 8;
-    }
-    if (msglen < hlen)
-        return 0;
-    switch (htype) {
-    case SSL3_MT_CLIENT_HELLO:
-        if (!ssl_print_client_hello(bio, ssl, indent + 2, msg, msglen))
-            return 0;
-        break;
-
-    case DTLS1_MT_HELLO_VERIFY_REQUEST:
-        if (!dtls_print_hello_vfyrequest(bio, indent + 2, msg, msglen))
-            return 0;
-        break;
-
-    case SSL3_MT_SERVER_HELLO:
-        if (!ssl_print_server_hello(bio, indent + 2, msg, msglen))
-            return 0;
-        break;
-
-    case SSL3_MT_SERVER_KEY_EXCHANGE:
-        if (!ssl_print_server_keyex(bio, indent + 2, ssl, msg, msglen))
-            return 0;
-        break;
-
-    case SSL3_MT_CLIENT_KEY_EXCHANGE:
-        if (!ssl_print_client_keyex(bio, indent + 2, ssl, msg, msglen))
-            return 0;
-        break;
-
-    case SSL3_MT_CERTIFICATE:
-        if (!ssl_print_certificates(bio, indent + 2, msg, msglen))
-            return 0;
-        break;
-
-    case SSL3_MT_CERTIFICATE_VERIFY:
-        if (!ssl_print_signature(bio, indent + 2, ssl, &msg, &msglen))
-            return 0;
-        break;
-
-    case SSL3_MT_CERTIFICATE_REQUEST:
-        if (!ssl_print_cert_request(bio, indent + 2, ssl, msg, msglen))
-            return 0;
-        break;
-
-    case SSL3_MT_FINISHED:
-        ssl_print_hex(bio, indent + 2, "verify_data", msg, msglen);
-        break;
-
-    case SSL3_MT_SERVER_DONE:
-        if (msglen != 0)
-            ssl_print_hex(bio, indent + 2, "unexpected value", msg, msglen);
-        break;
-
-    case SSL3_MT_NEWSESSION_TICKET:
-        if (!ssl_print_ticket(bio, indent + 2, msg, msglen))
-            return 0;
-        break;
-
-    default:
-        BIO_indent(bio, indent + 2, 80);
-        BIO_puts(bio, "Unsupported, hex dump follows:\n");
-        BIO_dump_indent(bio, (char *)msg, msglen, indent + 4);
-    }
-    return 1;
-}
-
-static int ssl_print_heartbeat(BIO *bio, int indent,
-                               const unsigned char *msg, size_t msglen)
-{
-    if (msglen < 3)
-        return 0;
-    BIO_indent(bio, indent, 80);
-    BIO_printf(bio, "HeartBeatMessageType: %s\n",
-               ssl_trace_str(msg[0], ssl_hb_type_tbl));
-    msg++;
-    msglen--;
-    if (!ssl_print_hexbuf(bio, indent, "payload", 2, &msg, &msglen))
-        return 0;
-    ssl_print_hex(bio, indent, "padding", msg, msglen);
-    return 1;
-}
-
-const char *SSL_CIPHER_standard_name(const SSL_CIPHER *c)
-{
-    if (c->algorithm_ssl & SSL_SSLV2)
-        return NULL;
-    return ssl_trace_str(c->id & 0xFFFF, ssl_ciphers_tbl);
-}
-
-void SSL_trace(int write_p, int version, int content_type,
-               const void *buf, size_t msglen, SSL *ssl, void *arg)
-{
-    const unsigned char *msg = buf;
-    BIO *bio = arg;
-
-    if (write_p == 2) {
-        BIO_puts(bio, "Session ");
-        ssl_print_hex(bio, 0,
-                      ssl_trace_str(content_type, ssl_crypto_tbl),
-                      msg, msglen);
-        return;
-    }
-    switch (content_type) {
-    case SSL3_RT_HEADER:
-        {
-            int hvers = msg[1] << 8 | msg[2];
-            BIO_puts(bio, write_p ? "Sent" : "Received");
-            BIO_printf(bio, " Record\nHeader:\n  Version = %s (0x%x)\n",
-                       ssl_trace_str(hvers, ssl_version_tbl), hvers);
-            if (SSL_IS_DTLS(ssl)) {
-                BIO_printf(bio,
-                           "  epoch=%d, sequence_number=%04x%04x%04x\n",
-                           (msg[3] << 8 | msg[4]),
-                           (msg[5] << 8 | msg[6]),
-                           (msg[7] << 8 | msg[8]), (msg[9] << 8 | msg[10]));
-# if 0
-                /*
-                 * Just print handshake type so we can see what is going on
-                 * during fragmentation.
-                 */
-                BIO_printf(bio, "(%s)\n",
-                           ssl_trace_str(msg[msglen], ssl_handshake_tbl));
-# endif
-            }
-
-            BIO_printf(bio, "  Content Type = %s (%d)\n  Length = %d",
-                       ssl_trace_str(msg[0], ssl_content_tbl), msg[0],
-                       msg[msglen - 2] << 8 | msg[msglen - 1]);
-        }
-        break;
-    case SSL3_RT_HANDSHAKE:
-        if (!ssl_print_handshake(bio, ssl, msg, msglen, 4))
-            BIO_printf(bio, "Message length parse error!\n");
-        break;
-
-    case SSL3_RT_CHANGE_CIPHER_SPEC:
-        if (msglen == 1 && msg[0] == 1)
-            BIO_puts(bio, "    change_cipher_spec (1)\n");
-        else
-            ssl_print_hex(bio, 4, "unknown value", msg, msglen);
-        break;
-
-    case SSL3_RT_ALERT:
-        if (msglen != 2)
-            BIO_puts(bio, "    Illegal Alert Length\n");
-        else {
-            BIO_printf(bio, "    Level=%s(%d), description=%s(%d)\n",
-                       SSL_alert_type_string_long(msg[0] << 8),
-                       msg[0], SSL_alert_desc_string_long(msg[1]), msg[1]);
-        }
-    case TLS1_RT_HEARTBEAT:
-        ssl_print_heartbeat(bio, 4, msg, msglen);
-        break;
-
-    }
-
-    BIO_puts(bio, "\n");
-}
-
-#endif
diff --git a/thirdparty/openssl/ssl/tls_srp.c b/thirdparty/openssl/ssl/tls_srp.c
deleted file mode 100644
index bb719ba4cf..0000000000
--- a/thirdparty/openssl/ssl/tls_srp.c
+++ /dev/null
@@ -1,542 +0,0 @@
-/* ssl/tls_srp.c */
-/*
- * Written by Christophe Renou (christophe.renou@edelweb.fr) with the
- * precious help of Peter Sylvester (peter.sylvester@edelweb.fr) for the
- * EdelKey project and contributed to the OpenSSL project 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004-2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SRP
-
-# include <openssl/rand.h>
-# include <openssl/srp.h>
-# include <openssl/err.h>
-
-int SSL_CTX_SRP_CTX_free(struct ssl_ctx_st *ctx)
-{
-    if (ctx == NULL)
-        return 0;
-    OPENSSL_free(ctx->srp_ctx.login);
-    BN_free(ctx->srp_ctx.N);
-    BN_free(ctx->srp_ctx.g);
-    BN_free(ctx->srp_ctx.s);
-    BN_free(ctx->srp_ctx.B);
-    BN_free(ctx->srp_ctx.A);
-    BN_free(ctx->srp_ctx.a);
-    BN_free(ctx->srp_ctx.b);
-    BN_free(ctx->srp_ctx.v);
-    ctx->srp_ctx.TLS_ext_srp_username_callback = NULL;
-    ctx->srp_ctx.SRP_cb_arg = NULL;
-    ctx->srp_ctx.SRP_verify_param_callback = NULL;
-    ctx->srp_ctx.SRP_give_srp_client_pwd_callback = NULL;
-    ctx->srp_ctx.N = NULL;
-    ctx->srp_ctx.g = NULL;
-    ctx->srp_ctx.s = NULL;
-    ctx->srp_ctx.B = NULL;
-    ctx->srp_ctx.A = NULL;
-    ctx->srp_ctx.a = NULL;
-    ctx->srp_ctx.b = NULL;
-    ctx->srp_ctx.v = NULL;
-    ctx->srp_ctx.login = NULL;
-    ctx->srp_ctx.info = NULL;
-    ctx->srp_ctx.strength = SRP_MINIMAL_N;
-    ctx->srp_ctx.srp_Mask = 0;
-    return (1);
-}
-
-int SSL_SRP_CTX_free(struct ssl_st *s)
-{
-    if (s == NULL)
-        return 0;
-    OPENSSL_free(s->srp_ctx.login);
-    BN_free(s->srp_ctx.N);
-    BN_free(s->srp_ctx.g);
-    BN_free(s->srp_ctx.s);
-    BN_free(s->srp_ctx.B);
-    BN_free(s->srp_ctx.A);
-    BN_free(s->srp_ctx.a);
-    BN_free(s->srp_ctx.b);
-    BN_free(s->srp_ctx.v);
-    s->srp_ctx.TLS_ext_srp_username_callback = NULL;
-    s->srp_ctx.SRP_cb_arg = NULL;
-    s->srp_ctx.SRP_verify_param_callback = NULL;
-    s->srp_ctx.SRP_give_srp_client_pwd_callback = NULL;
-    s->srp_ctx.N = NULL;
-    s->srp_ctx.g = NULL;
-    s->srp_ctx.s = NULL;
-    s->srp_ctx.B = NULL;
-    s->srp_ctx.A = NULL;
-    s->srp_ctx.a = NULL;
-    s->srp_ctx.b = NULL;
-    s->srp_ctx.v = NULL;
-    s->srp_ctx.login = NULL;
-    s->srp_ctx.info = NULL;
-    s->srp_ctx.strength = SRP_MINIMAL_N;
-    s->srp_ctx.srp_Mask = 0;
-    return (1);
-}
-
-int SSL_SRP_CTX_init(struct ssl_st *s)
-{
-    SSL_CTX *ctx;
-
-    if ((s == NULL) || ((ctx = s->ctx) == NULL))
-        return 0;
-    s->srp_ctx.SRP_cb_arg = ctx->srp_ctx.SRP_cb_arg;
-    /* set client Hello login callback */
-    s->srp_ctx.TLS_ext_srp_username_callback =
-        ctx->srp_ctx.TLS_ext_srp_username_callback;
-    /* set SRP N/g param callback for verification */
-    s->srp_ctx.SRP_verify_param_callback =
-        ctx->srp_ctx.SRP_verify_param_callback;
-    /* set SRP client passwd callback */
-    s->srp_ctx.SRP_give_srp_client_pwd_callback =
-        ctx->srp_ctx.SRP_give_srp_client_pwd_callback;
-
-    s->srp_ctx.N = NULL;
-    s->srp_ctx.g = NULL;
-    s->srp_ctx.s = NULL;
-    s->srp_ctx.B = NULL;
-    s->srp_ctx.A = NULL;
-    s->srp_ctx.a = NULL;
-    s->srp_ctx.b = NULL;
-    s->srp_ctx.v = NULL;
-    s->srp_ctx.login = NULL;
-    s->srp_ctx.info = ctx->srp_ctx.info;
-    s->srp_ctx.strength = ctx->srp_ctx.strength;
-
-    if (((ctx->srp_ctx.N != NULL) &&
-         ((s->srp_ctx.N = BN_dup(ctx->srp_ctx.N)) == NULL)) ||
-        ((ctx->srp_ctx.g != NULL) &&
-         ((s->srp_ctx.g = BN_dup(ctx->srp_ctx.g)) == NULL)) ||
-        ((ctx->srp_ctx.s != NULL) &&
-         ((s->srp_ctx.s = BN_dup(ctx->srp_ctx.s)) == NULL)) ||
-        ((ctx->srp_ctx.B != NULL) &&
-         ((s->srp_ctx.B = BN_dup(ctx->srp_ctx.B)) == NULL)) ||
-        ((ctx->srp_ctx.A != NULL) &&
-         ((s->srp_ctx.A = BN_dup(ctx->srp_ctx.A)) == NULL)) ||
-        ((ctx->srp_ctx.a != NULL) &&
-         ((s->srp_ctx.a = BN_dup(ctx->srp_ctx.a)) == NULL)) ||
-        ((ctx->srp_ctx.v != NULL) &&
-         ((s->srp_ctx.v = BN_dup(ctx->srp_ctx.v)) == NULL)) ||
-        ((ctx->srp_ctx.b != NULL) &&
-         ((s->srp_ctx.b = BN_dup(ctx->srp_ctx.b)) == NULL))) {
-        SSLerr(SSL_F_SSL_SRP_CTX_INIT, ERR_R_BN_LIB);
-        goto err;
-    }
-    if ((ctx->srp_ctx.login != NULL) &&
-        ((s->srp_ctx.login = BUF_strdup(ctx->srp_ctx.login)) == NULL)) {
-        SSLerr(SSL_F_SSL_SRP_CTX_INIT, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-    s->srp_ctx.srp_Mask = ctx->srp_ctx.srp_Mask;
-
-    return (1);
- err:
-    OPENSSL_free(s->srp_ctx.login);
-    BN_free(s->srp_ctx.N);
-    BN_free(s->srp_ctx.g);
-    BN_free(s->srp_ctx.s);
-    BN_free(s->srp_ctx.B);
-    BN_free(s->srp_ctx.A);
-    BN_free(s->srp_ctx.a);
-    BN_free(s->srp_ctx.b);
-    BN_free(s->srp_ctx.v);
-    return (0);
-}
-
-int SSL_CTX_SRP_CTX_init(struct ssl_ctx_st *ctx)
-{
-    if (ctx == NULL)
-        return 0;
-
-    ctx->srp_ctx.SRP_cb_arg = NULL;
-    /* set client Hello login callback */
-    ctx->srp_ctx.TLS_ext_srp_username_callback = NULL;
-    /* set SRP N/g param callback for verification */
-    ctx->srp_ctx.SRP_verify_param_callback = NULL;
-    /* set SRP client passwd callback */
-    ctx->srp_ctx.SRP_give_srp_client_pwd_callback = NULL;
-
-    ctx->srp_ctx.N = NULL;
-    ctx->srp_ctx.g = NULL;
-    ctx->srp_ctx.s = NULL;
-    ctx->srp_ctx.B = NULL;
-    ctx->srp_ctx.A = NULL;
-    ctx->srp_ctx.a = NULL;
-    ctx->srp_ctx.b = NULL;
-    ctx->srp_ctx.v = NULL;
-    ctx->srp_ctx.login = NULL;
-    ctx->srp_ctx.srp_Mask = 0;
-    ctx->srp_ctx.info = NULL;
-    ctx->srp_ctx.strength = SRP_MINIMAL_N;
-
-    return (1);
-}
-
-/* server side */
-int SSL_srp_server_param_with_username(SSL *s, int *ad)
-{
-    unsigned char b[SSL_MAX_MASTER_KEY_LENGTH];
-    int al;
-
-    *ad = SSL_AD_UNKNOWN_PSK_IDENTITY;
-    if ((s->srp_ctx.TLS_ext_srp_username_callback != NULL) &&
-        ((al =
-          s->srp_ctx.TLS_ext_srp_username_callback(s, ad,
-                                                   s->srp_ctx.SRP_cb_arg)) !=
-         SSL_ERROR_NONE))
-        return al;
-
-    *ad = SSL_AD_INTERNAL_ERROR;
-    if ((s->srp_ctx.N == NULL) ||
-        (s->srp_ctx.g == NULL) ||
-        (s->srp_ctx.s == NULL) || (s->srp_ctx.v == NULL))
-        return SSL3_AL_FATAL;
-
-    if (RAND_bytes(b, sizeof(b)) <= 0)
-        return SSL3_AL_FATAL;
-    s->srp_ctx.b = BN_bin2bn(b, sizeof(b), NULL);
-    OPENSSL_cleanse(b, sizeof(b));
-
-    /* Calculate:  B = (kv + g^b) % N  */
-
-    return ((s->srp_ctx.B =
-             SRP_Calc_B(s->srp_ctx.b, s->srp_ctx.N, s->srp_ctx.g,
-                        s->srp_ctx.v)) !=
-            NULL) ? SSL_ERROR_NONE : SSL3_AL_FATAL;
-}
-
-/*
- * If the server just has the raw password, make up a verifier entry on the
- * fly
- */
-int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass,
-                                const char *grp)
-{
-    SRP_gN *GN = SRP_get_default_gN(grp);
-    if (GN == NULL)
-        return -1;
-    s->srp_ctx.N = BN_dup(GN->N);
-    s->srp_ctx.g = BN_dup(GN->g);
-    if (s->srp_ctx.v != NULL) {
-        BN_clear_free(s->srp_ctx.v);
-        s->srp_ctx.v = NULL;
-    }
-    if (s->srp_ctx.s != NULL) {
-        BN_clear_free(s->srp_ctx.s);
-        s->srp_ctx.s = NULL;
-    }
-    if (!SRP_create_verifier_BN
-        (user, pass, &s->srp_ctx.s, &s->srp_ctx.v, GN->N, GN->g))
-        return -1;
-
-    return 1;
-}
-
-int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g,
-                             BIGNUM *sa, BIGNUM *v, char *info)
-{
-    if (N != NULL) {
-        if (s->srp_ctx.N != NULL) {
-            if (!BN_copy(s->srp_ctx.N, N)) {
-                BN_free(s->srp_ctx.N);
-                s->srp_ctx.N = NULL;
-            }
-        } else
-            s->srp_ctx.N = BN_dup(N);
-    }
-    if (g != NULL) {
-        if (s->srp_ctx.g != NULL) {
-            if (!BN_copy(s->srp_ctx.g, g)) {
-                BN_free(s->srp_ctx.g);
-                s->srp_ctx.g = NULL;
-            }
-        } else
-            s->srp_ctx.g = BN_dup(g);
-    }
-    if (sa != NULL) {
-        if (s->srp_ctx.s != NULL) {
-            if (!BN_copy(s->srp_ctx.s, sa)) {
-                BN_free(s->srp_ctx.s);
-                s->srp_ctx.s = NULL;
-            }
-        } else
-            s->srp_ctx.s = BN_dup(sa);
-    }
-    if (v != NULL) {
-        if (s->srp_ctx.v != NULL) {
-            if (!BN_copy(s->srp_ctx.v, v)) {
-                BN_free(s->srp_ctx.v);
-                s->srp_ctx.v = NULL;
-            }
-        } else
-            s->srp_ctx.v = BN_dup(v);
-    }
-    s->srp_ctx.info = info;
-
-    if (!(s->srp_ctx.N) ||
-        !(s->srp_ctx.g) || !(s->srp_ctx.s) || !(s->srp_ctx.v))
-        return -1;
-
-    return 1;
-}
-
-int SRP_generate_server_master_secret(SSL *s, unsigned char *master_key)
-{
-    BIGNUM *K = NULL, *u = NULL;
-    int ret = -1, tmp_len;
-    unsigned char *tmp = NULL;
-
-    if (!SRP_Verify_A_mod_N(s->srp_ctx.A, s->srp_ctx.N))
-        goto err;
-    if (!(u = SRP_Calc_u(s->srp_ctx.A, s->srp_ctx.B, s->srp_ctx.N)))
-        goto err;
-    if (!
-        (K =
-         SRP_Calc_server_key(s->srp_ctx.A, s->srp_ctx.v, u, s->srp_ctx.b,
-                             s->srp_ctx.N)))
-        goto err;
-
-    tmp_len = BN_num_bytes(K);
-    if ((tmp = OPENSSL_malloc(tmp_len)) == NULL)
-        goto err;
-    BN_bn2bin(K, tmp);
-    ret =
-        s->method->ssl3_enc->generate_master_secret(s, master_key, tmp,
-                                                    tmp_len);
- err:
-    if (tmp) {
-        OPENSSL_cleanse(tmp, tmp_len);
-        OPENSSL_free(tmp);
-    }
-    BN_clear_free(K);
-    BN_clear_free(u);
-    return ret;
-}
-
-/* client side */
-int SRP_generate_client_master_secret(SSL *s, unsigned char *master_key)
-{
-    BIGNUM *x = NULL, *u = NULL, *K = NULL;
-    int ret = -1, tmp_len;
-    char *passwd = NULL;
-    unsigned char *tmp = NULL;
-
-    /*
-     * Checks if b % n == 0
-     */
-    if (SRP_Verify_B_mod_N(s->srp_ctx.B, s->srp_ctx.N) == 0)
-        goto err;
-    if (!(u = SRP_Calc_u(s->srp_ctx.A, s->srp_ctx.B, s->srp_ctx.N)))
-        goto err;
-    if (s->srp_ctx.SRP_give_srp_client_pwd_callback == NULL)
-        goto err;
-    if (!
-        (passwd =
-         s->srp_ctx.SRP_give_srp_client_pwd_callback(s,
-                                                     s->srp_ctx.SRP_cb_arg)))
-        goto err;
-    if (!(x = SRP_Calc_x(s->srp_ctx.s, s->srp_ctx.login, passwd)))
-        goto err;
-    if (!
-        (K =
-         SRP_Calc_client_key(s->srp_ctx.N, s->srp_ctx.B, s->srp_ctx.g, x,
-                             s->srp_ctx.a, u)))
-        goto err;
-
-    tmp_len = BN_num_bytes(K);
-    if ((tmp = OPENSSL_malloc(tmp_len)) == NULL)
-        goto err;
-    BN_bn2bin(K, tmp);
-    ret =
-        s->method->ssl3_enc->generate_master_secret(s, master_key, tmp,
-                                                    tmp_len);
- err:
-    if (tmp) {
-        OPENSSL_cleanse(tmp, tmp_len);
-        OPENSSL_free(tmp);
-    }
-    BN_clear_free(K);
-    BN_clear_free(x);
-    if (passwd) {
-        OPENSSL_cleanse(passwd, strlen(passwd));
-        OPENSSL_free(passwd);
-    }
-    BN_clear_free(u);
-    return ret;
-}
-
-int srp_verify_server_param(SSL *s, int *al)
-{
-    SRP_CTX *srp = &s->srp_ctx;
-    /*
-     * Sanity check parameters: we can quickly check B % N == 0 by checking B
-     * != 0 since B < N
-     */
-    if (BN_ucmp(srp->g, srp->N) >= 0 || BN_ucmp(srp->B, srp->N) >= 0
-        || BN_is_zero(srp->B)) {
-        *al = SSL3_AD_ILLEGAL_PARAMETER;
-        return 0;
-    }
-
-    if (BN_num_bits(srp->N) < srp->strength) {
-        *al = TLS1_AD_INSUFFICIENT_SECURITY;
-        return 0;
-    }
-
-    if (srp->SRP_verify_param_callback) {
-        if (srp->SRP_verify_param_callback(s, srp->SRP_cb_arg) <= 0) {
-            *al = TLS1_AD_INSUFFICIENT_SECURITY;
-            return 0;
-        }
-    } else if (!SRP_check_known_gN_param(srp->g, srp->N)) {
-        *al = TLS1_AD_INSUFFICIENT_SECURITY;
-        return 0;
-    }
-
-    return 1;
-}
-
-int SRP_Calc_A_param(SSL *s)
-{
-    unsigned char rnd[SSL_MAX_MASTER_KEY_LENGTH];
-
-    if (RAND_bytes(rnd, sizeof(rnd)) <= 0)
-        return -1;
-    s->srp_ctx.a = BN_bin2bn(rnd, sizeof(rnd), s->srp_ctx.a);
-    OPENSSL_cleanse(rnd, sizeof(rnd));
-
-    if (!
-        (s->srp_ctx.A = SRP_Calc_A(s->srp_ctx.a, s->srp_ctx.N, s->srp_ctx.g)))
-        return -1;
-
-    return 1;
-}
-
-BIGNUM *SSL_get_srp_g(SSL *s)
-{
-    if (s->srp_ctx.g != NULL)
-        return s->srp_ctx.g;
-    return s->ctx->srp_ctx.g;
-}
-
-BIGNUM *SSL_get_srp_N(SSL *s)
-{
-    if (s->srp_ctx.N != NULL)
-        return s->srp_ctx.N;
-    return s->ctx->srp_ctx.N;
-}
-
-char *SSL_get_srp_username(SSL *s)
-{
-    if (s->srp_ctx.login != NULL)
-        return s->srp_ctx.login;
-    return s->ctx->srp_ctx.login;
-}
-
-char *SSL_get_srp_userinfo(SSL *s)
-{
-    if (s->srp_ctx.info != NULL)
-        return s->srp_ctx.info;
-    return s->ctx->srp_ctx.info;
-}
-
-# define tls1_ctx_ctrl ssl3_ctx_ctrl
-# define tls1_ctx_callback_ctrl ssl3_ctx_callback_ctrl
-
-int SSL_CTX_set_srp_username(SSL_CTX *ctx, char *name)
-{
-    return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_USERNAME, 0, name);
-}
-
-int SSL_CTX_set_srp_password(SSL_CTX *ctx, char *password)
-{
-    return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD, 0, password);
-}
-
-int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength)
-{
-    return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH, strength,
-                         NULL);
-}
-
-int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx,
-                                          int (*cb) (SSL *, void *))
-{
-    return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_SRP_VERIFY_PARAM_CB,
-                                  (void (*)(void))cb);
-}
-
-int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg)
-{
-    return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_SRP_ARG, 0, arg);
-}
-
-int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
-                                      int (*cb) (SSL *, int *, void *))
-{
-    return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB,
-                                  (void (*)(void))cb);
-}
-
-int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx,
-                                        char *(*cb) (SSL *, void *))
-{
-    return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB,
-                                  (void (*)(void))cb);
-}
-
-#endif
diff --git a/thirdparty/openssl/uwp.cpp b/thirdparty/openssl/uwp.cpp
deleted file mode 100644
index e00c9d59db..0000000000
--- a/thirdparty/openssl/uwp.cpp
+++ /dev/null
@@ -1,157 +0,0 @@
-/* Snippets extracted from https://github.com/Microsoft/openssl/blob/ec7e430e06e4e3ac87c183dee33cb216814cf980/ms/winrt.cpp
- * Adapted for Godot definitions
- */
-/* uwp.cpp
- * Copyright 2014 Microsoft Corporation
- * C++/CX Entropy/shims for Windows Phone/Windows Store platform
- * written by Alejandro Jimenez Martinez
- * (aljim@microsoft.com) for the OpenSSL project 2014.
- */
-
-#include <windows.h>
-#if defined(WINAPI_FAMILY)
-extern "C"
-{
-	unsigned entropyRT(BYTE *buffer, unsigned len);
-	void RAND_add(const void *buf,int num,double entropy);
-	int RAND_poll(void);
-}
-#endif
-
-unsigned entropyRT(BYTE *buffer, unsigned len)
-	{
-	using namespace Platform;
-	using namespace Windows::Foundation;
-	using namespace Windows::Foundation::Collections;
-	using namespace Windows::Security::Cryptography;
-	using namespace Windows::Storage::Streams;
-	IBuffer ^buf = CryptographicBuffer::GenerateRandom(len);
-	Array<unsigned char> ^arr;
-	CryptographicBuffer::CopyToByteArray(buf, &arr);
-	unsigned arrayLen = arr->Length;
-
-	// Make sure not to overflow the copy
-	arrayLen = (arrayLen > len) ? len : arrayLen;
-	memcpy(buffer, arr->Data, arrayLen);
-	return arrayLen;
-	}
-
-int RAND_poll(void)
-	{
-	BYTE buf[60];
-	unsigned collected = entropyRT(buf , sizeof(buf));
-	RAND_add(buf, collected, collected);
-	return 1;
-	}
-
-#if defined(UWP_ENABLED)
-extern "C"
-{
-#include<stdio.h>
-#include<string.h>
-#include<stdlib.h>
-
-	void* GetModuleHandle(
-						 _In_opt_  LPCTSTR lpModuleName
-						 )
-		{
-		return NULL;
-		}
-	//no log for phone
-	int RegisterEventSource(
-						   _In_  LPCTSTR lpUNCServerName,
-						   _In_  LPCTSTR lpSourceName
-						   )
-		{
-		return NULL;
-		}
-
-	int ReportEvent(
-				   _In_  HANDLE hEventLog,
-				   _In_  WORD wType,
-				   _In_  WORD wCategory,
-				   _In_  DWORD dwEventID,
-				   _In_  PSID lpUserSid,
-				   _In_  WORD wNumStrings,
-				   _In_  DWORD dwDataSize,
-				   _In_  LPCTSTR *lpStrings,
-				   _In_  LPVOID lpRawData
-				   )
-		{
-		return 0;
-		}
-	int MessageBox(
-				  _In_opt_  HWND hWnd,
-				  _In_opt_  LPCTSTR lpText,
-				  _In_opt_  LPCTSTR lpCaption,
-				  _In_      UINT uType
-				  )
-		{
-		return 0;
-		}
-	int __cdecl GetProcessWindowStation(void)
-		{
-		return NULL;
-		}
-	BOOL __cdecl GetUserObjectInformationW(
-										 _In_       HANDLE hObj,
-										 _In_       int nIndex,
-										 _Out_opt_  PVOID pvInfo,
-										 _In_       DWORD nLength,
-										 _Out_opt_  LPDWORD lpnLengthNeeded
-										 )
-		{
-		return 0;
-		}
-#ifndef STD_ERROR_HANDLE
-	int __cdecl GetStdHandle(
-						   _In_  DWORD nStdHandle
-						   )
-		{
-		return 0;
-		}
-#endif
-	BOOL DeregisterEventSource(
-							  _Inout_  HANDLE hEventLog
-							  )
-		{
-		return 0;
-		}
-	char *getenv(
-					  const char *varname
-					  )
-		{
-		//hardcoded environmental variables used for the appx testing application for store/phone
-		if (!strcmp(varname, "OPENSSL_CONF"))
-			{
-			return "./openssl.cnf";
-			}
-		return 0;
-		}
-	int setenv(const char *envname, const char *envval, int overwrite)
-		{
-		return -1;
-		}
-	int _getch(void)
-		{
-		return 0;
-		}
-	int _kbhit()
-		{
-		return 0;
-		}
-	BOOL __cdecl FlushConsoleInputBuffer(
-									   _In_  HANDLE hConsoleInput
-									   )
-		{
-		return 0;
-		}
-	int uwp_GetTickCount(void)
-		{
-		LARGE_INTEGER t;
-		return(int) (QueryPerformanceCounter(&t) ? t.QuadPart : 0);
-		}
-	void *OPENSSL_UplinkTable [26]= {0};
-} //extern C
-
-#endif /*defined(UWP_ENABLED)*/
diff --git a/thirdparty/tinyexr/tinyexr.h b/thirdparty/tinyexr/tinyexr.h
index 606c19756a..107c22ffb3 100644
--- a/thirdparty/tinyexr/tinyexr.h
+++ b/thirdparty/tinyexr/tinyexr.h
@@ -410,8 +410,8 @@ extern int LoadDeepEXR(DeepImage *out_image, const char *filename,
 // Returns negative value and may set error string in `err` when there's an
 // error
 extern int LoadEXRFromMemory(float **out_rgba, int *width, int *height,
-							 const unsigned char *memory, size_t size,
-							 const char **err);
+                             const unsigned char *memory, size_t size,
+                             const char **err);
 
 #ifdef __cplusplus
 }
@@ -444,7 +444,8 @@ extern int LoadEXRFromMemory(float **out_rgba, int *width, int *height,
 
 #if TINYEXR_USE_MINIZ
 #else
-//  Issue #46. Please include your own zlib-compatible API header before including `tinyexr.h`
+//  Issue #46. Please include your own zlib-compatible API header before
+//  including `tinyexr.h`
 //#include "zlib.h"
 #endif
 
@@ -488,6 +489,12 @@ namespace miniz {
 #if __has_warning("-Wcomma")
 #pragma clang diagnostic ignored "-Wcomma"
 #endif
+#if __has_warning("-Wmacro-redefined")
+#pragma clang diagnostic ignored "-Wmacro-redefined"
+#endif
+#if __has_warning("-Wcast-qual")
+#pragma clang diagnostic ignored "-Wcast-qual"
+#endif
 #endif
 
 /* miniz.c v1.15 - public domain deflate/inflate, zlib-subset, ZIP
@@ -6887,8 +6894,6 @@ void *mz_zip_extract_archive_file_to_heap(const char *pZip_filename,
 #ifdef _MSC_VER
 #pragma warning(pop)
 #endif
-
-
 }
 #else
 
@@ -7079,11 +7084,18 @@ static FP16 float_to_half_full(FP32 f) {
 // #define IMF_B44_COMPRESSION 6
 // #define IMF_B44A_COMPRESSION  7
 
-static const char *ReadString(std::string *s, const char *ptr) {
+static const char *ReadString(std::string *s, const char *ptr, size_t len) {
   // Read untile NULL(\0).
   const char *p = ptr;
   const char *q = ptr;
-  while ((*q) != 0) q++;
+  while ((size_t(q - ptr) < len) && (*q) != 0) {
+    q++;
+  }
+
+  if (size_t(q - ptr) >= len) {
+    (*s) = std::string();
+    return NULL;
+  }
 
   (*s) = std::string(p, q);
 
@@ -7120,6 +7132,10 @@ static bool ReadAttribute(std::string *name, std::string *type,
   memcpy(&data_len, marker, sizeof(uint32_t));
   tinyexr::swap4(reinterpret_cast<unsigned int *>(&data_len));
 
+  if (data_len == 0) {
+    return false;
+  }
+
   marker += sizeof(uint32_t);
   size -= sizeof(uint32_t);
 
@@ -7210,7 +7226,7 @@ typedef struct {
   }
 } HeaderInfo;
 
-static void ReadChannelInfo(std::vector<ChannelInfo> &channels,
+static bool ReadChannelInfo(std::vector<ChannelInfo> &channels,
                             const std::vector<unsigned char> &data) {
   const char *p = reinterpret_cast<const char *>(&data.at(0));
 
@@ -7219,7 +7235,18 @@ static void ReadChannelInfo(std::vector<ChannelInfo> &channels,
       break;
     }
     ChannelInfo info;
-    p = ReadString(&info.name, p);
+
+    tinyexr_int64 data_len = static_cast<tinyexr_int64>(data.size()) - (p - reinterpret_cast<const char *>(data.data()));
+    if (data_len < 0) {
+      return false;
+    }
+
+    p = ReadString(
+        &info.name, p, size_t(data_len));
+    if ((p == NULL) && (info.name.empty())) {
+      // Buffer overrun. Issue #51.
+      return false;
+    }
 
     memcpy(&info.pixel_type, p, sizeof(int));
     p += 4;
@@ -7236,6 +7263,8 @@ static void ReadChannelInfo(std::vector<ChannelInfo> &channels,
 
     channels.push_back(info);
   }
+
+  return true;
 }
 
 static void WriteChannelInfo(std::vector<unsigned char> &data,
@@ -7361,25 +7390,27 @@ static void CompressZip(unsigned char *dst,
   }
 }
 
-static void DecompressZip(unsigned char *dst,
+static bool DecompressZip(unsigned char *dst,
                           unsigned long *uncompressed_size /* inout */,
                           const unsigned char *src, unsigned long src_size) {
   if ((*uncompressed_size) == src_size) {
     // Data is not compressed(Issue 40).
     memcpy(dst, src, src_size);
-    return;
+    return true;
   }
   std::vector<unsigned char> tmpBuf(*uncompressed_size);
 
 #if TINYEXR_USE_MINIZ
   int ret =
       miniz::mz_uncompress(&tmpBuf.at(0), uncompressed_size, src, src_size);
-  assert(ret == miniz::MZ_OK);
-  (void)ret;
+  if (miniz::MZ_OK != ret) {
+    return false;
+  }
 #else
   int ret = uncompress(&tmpBuf.at(0), uncompressed_size, src, src_size);
-  assert(ret == Z_OK);
-  (void)ret;
+  if (Z_OK != ret) {
+    return false;
+  }
 #endif
 
   //
@@ -7419,6 +7450,8 @@ static void DecompressZip(unsigned char *dst,
         break;
     }
   }
+
+  return true;
 }
 
 // RLE code from OpenEXR --------------------------------------
@@ -7443,7 +7476,6 @@ static void DecompressZip(unsigned char *dst,
                                  // conformant name: _strdup.
 #endif
 
-
 const int MIN_RUN_LENGTH = 3;
 const int MAX_RUN_LENGTH = 127;
 
@@ -7673,6 +7705,11 @@ static void DecompressRle(unsigned char *dst,
 #pragma clang diagnostic ignored "-Wsign-conversion"
 #pragma clang diagnostic ignored "-Wc++11-extensions"
 #pragma clang diagnostic ignored "-Wconversion"
+
+#if __has_warning("-Wcast-qual")
+#pragma clang diagnostic ignored "-Wcast-qual"
+#endif
+
 #endif
 
 //
@@ -8934,7 +8971,6 @@ static void applyLut(const unsigned short lut[USHORT_RANGE],
 #pragma warning(pop)
 #endif
 
-
 static bool CompressPiz(unsigned char *outPtr, unsigned int *outSize,
                         const unsigned char *inPtr, size_t inSize,
                         const std::vector<ChannelInfo> &channelInfo,
@@ -9373,7 +9409,7 @@ bool CompressZfp(std::vector<unsigned char> *outBuf, unsigned int *outSize,
 // -----------------------------------------------------------------
 //
 
-static void DecodePixelData(/* out */ unsigned char **out_images,
+static bool DecodePixelData(/* out */ unsigned char **out_images,
                             const int *requested_pixel_types,
                             const unsigned char *data_ptr, size_t data_len,
                             int compression_type, int line_order, int width,
@@ -9509,6 +9545,7 @@ static void DecodePixelData(/* out */ unsigned char **out_images,
     }
 #else
     assert(0 && "PIZ is enabled in this build");
+    return false;
 #endif
 
   } else if (compression_type == TINYEXR_COMPRESSIONTYPE_ZIPS ||
@@ -9520,9 +9557,11 @@ static void DecodePixelData(/* out */ unsigned char **out_images,
 
     unsigned long dstLen = static_cast<unsigned long>(outBuf.size());
     assert(dstLen > 0);
-    tinyexr::DecompressZip(reinterpret_cast<unsigned char *>(&outBuf.at(0)),
+    if (!tinyexr::DecompressZip(reinterpret_cast<unsigned char *>(&outBuf.at(0)),
                            &dstLen, data_ptr,
-                           static_cast<unsigned long>(data_len));
+                           static_cast<unsigned long>(data_len))) {
+      return false;
+    }
 
     // For ZIP_COMPRESSION:
     //   pixel sample data for channel 0 for scanline 0
@@ -9633,6 +9672,7 @@ static void DecodePixelData(/* out */ unsigned char **out_images,
         }
       } else {
         assert(0);
+        return false;
       }
     }
   } else if (compression_type == TINYEXR_COMPRESSIONTYPE_RLE) {
@@ -9756,6 +9796,7 @@ static void DecodePixelData(/* out */ unsigned char **out_images,
         }
       } else {
         assert(0);
+        return false;
       }
     }
   } else if (compression_type == TINYEXR_COMPRESSIONTYPE_ZFP) {
@@ -9764,7 +9805,7 @@ static void DecodePixelData(/* out */ unsigned char **out_images,
     if (!FindZFPCompressionParam(&zfp_compression_param, attributes,
                                  num_attributes)) {
       assert(0);
-      return;
+      return false;
     }
 
     // Allocate original data size.
@@ -9818,6 +9859,7 @@ static void DecodePixelData(/* out */ unsigned char **out_images,
         }
       } else {
         assert(0);
+        return false;
       }
     }
 #else
@@ -9825,6 +9867,7 @@ static void DecodePixelData(/* out */ unsigned char **out_images,
     (void)num_attributes;
     (void)num_channels;
     assert(0);
+    return false;
 #endif
   } else if (compression_type == TINYEXR_COMPRESSIONTYPE_NONE) {
     for (size_t c = 0; c < num_channels; c++) {
@@ -9873,6 +9916,7 @@ static void DecodePixelData(/* out */ unsigned char **out_images,
           }
         } else {
           assert(0);
+          return false;
         }
       } else if (channels[c].pixel_type == TINYEXR_PIXELTYPE_FLOAT) {
         const float *line_ptr = reinterpret_cast<const float *>(
@@ -9913,6 +9957,8 @@ static void DecodePixelData(/* out */ unsigned char **out_images,
       }
     }
   }
+
+  return true;
 }
 
 static void DecodeTiledPixelData(
@@ -10161,7 +10207,12 @@ static int ParseEXRHeader(HeaderInfo *info, bool *empty_header,
       // xSampling: int
       // ySampling: int
 
-      ReadChannelInfo(info->channels, data);
+      if (!ReadChannelInfo(info->channels, data)) {
+        if (err) {
+          (*err) = "Failed to parse channel info.";
+        }
+        return TINYEXR_ERROR_INVALID_DATA;
+      }
 
       if (info->channels.size() < 1) {
         if (err) {
@@ -10173,16 +10224,19 @@ static int ParseEXRHeader(HeaderInfo *info, bool *empty_header,
       has_channels = true;
 
     } else if (attr_name.compare("dataWindow") == 0) {
-      memcpy(&info->data_window[0], &data.at(0), sizeof(int));
-      memcpy(&info->data_window[1], &data.at(4), sizeof(int));
-      memcpy(&info->data_window[2], &data.at(8), sizeof(int));
-      memcpy(&info->data_window[3], &data.at(12), sizeof(int));
-      tinyexr::swap4(reinterpret_cast<unsigned int *>(&info->data_window[0]));
-      tinyexr::swap4(reinterpret_cast<unsigned int *>(&info->data_window[1]));
-      tinyexr::swap4(reinterpret_cast<unsigned int *>(&info->data_window[2]));
-      tinyexr::swap4(reinterpret_cast<unsigned int *>(&info->data_window[3]));
-
-      has_data_window = true;
+      if (data.size() < 16) {
+        // Corrupsed file(Issue #50).
+      } else {
+        memcpy(&info->data_window[0], &data.at(0), sizeof(int));
+        memcpy(&info->data_window[1], &data.at(4), sizeof(int));
+        memcpy(&info->data_window[2], &data.at(8), sizeof(int));
+        memcpy(&info->data_window[3], &data.at(12), sizeof(int));
+        tinyexr::swap4(reinterpret_cast<unsigned int *>(&info->data_window[0]));
+        tinyexr::swap4(reinterpret_cast<unsigned int *>(&info->data_window[1]));
+        tinyexr::swap4(reinterpret_cast<unsigned int *>(&info->data_window[2]));
+        tinyexr::swap4(reinterpret_cast<unsigned int *>(&info->data_window[3]));
+        has_data_window = true;
+      }
     } else if (attr_name.compare("displayWindow") == 0) {
       memcpy(&info->display_window[0], &data.at(0), sizeof(int));
       memcpy(&info->display_window[1], &data.at(4), sizeof(int));
@@ -10268,7 +10322,7 @@ static int ParseEXRHeader(HeaderInfo *info, bool *empty_header,
     }
 
     if (!has_data_window) {
-      ss_err << "\"dataWindow\" attribute not found in the header."
+      ss_err << "\"dataWindow\" attribute not found in the header or invalid."
              << std::endl;
     }
 
@@ -10333,7 +10387,7 @@ static void ConvertHeader(EXRHeader *exr_header, const HeaderInfo &info) {
 #else
     strncpy(exr_header->channels[c].name, info.channels[c].name.c_str(), 255);
 #endif
-	// manually add '\0' for safety.
+    // manually add '\0' for safety.
     exr_header->channels[c].name[255] = '\0';
 
     exr_header->channels[c].pixel_type = info.channels[c].pixel_type;
@@ -10371,7 +10425,7 @@ static void ConvertHeader(EXRHeader *exr_header, const HeaderInfo &info) {
 
 static int DecodeChunk(EXRImage *exr_image, const EXRHeader *exr_header,
                        const std::vector<tinyexr::tinyexr_uint64> &offsets,
-                       const unsigned char *head) {
+                       const unsigned char *head, const size_t size) {
   int num_channels = exr_header->num_channels;
 
   int num_scanline_blocks = 1;
@@ -10412,6 +10466,11 @@ static int DecodeChunk(EXRImage *exr_image, const EXRHeader *exr_header,
       // 16 byte: tile coordinates
       // 4 byte : data size
       // ~      : data(uncompressed or compressed)
+      if (offsets[tile_idx] + sizeof(int) * 5 > size) {
+        return TINYEXR_ERROR_INVALID_DATA;
+      }
+
+      size_t data_size = size - (offsets[tile_idx] + sizeof(int) * 5);
       const unsigned char *data_ptr =
           reinterpret_cast<const unsigned char *>(head + offsets[tile_idx]);
 
@@ -10430,7 +10489,10 @@ static int DecodeChunk(EXRImage *exr_image, const EXRHeader *exr_header,
       memcpy(&data_len, data_ptr + 16,
              sizeof(int));  // 16 = sizeof(tile_coordinates)
       tinyexr::swap4(reinterpret_cast<unsigned int *>(&data_len));
-      assert(data_len >= 4);
+
+      if (data_len < 4 || size_t(data_len) > data_size) {
+        return TINYEXR_ERROR_INVALID_DATA;
+      }
 
       // Move to data addr: 20 = 16 + 4;
       data_ptr += 20;
@@ -10467,11 +10529,18 @@ static int DecodeChunk(EXRImage *exr_image, const EXRHeader *exr_header,
 #endif
     for (int y = 0; y < static_cast<int>(num_blocks); y++) {
       size_t y_idx = static_cast<size_t>(y);
-      const unsigned char *data_ptr =
-          reinterpret_cast<const unsigned char *>(head + offsets[y_idx]);
+
+      if (offsets[y_idx] + sizeof(int) * 2 > size) {
+        return TINYEXR_ERROR_INVALID_DATA;
+      }
+
       // 4 byte: scan line
       // 4 byte: data size
       // ~     : pixel data(uncompressed or compressed)
+      size_t data_size = size - (offsets[y_idx] + sizeof(int) * 2);
+      const unsigned char *data_ptr =
+          reinterpret_cast<const unsigned char *>(head + offsets[y_idx]);
+
       int line_no;
       memcpy(&line_no, data_ptr, sizeof(int));
       int data_len;
@@ -10479,30 +10548,41 @@ static int DecodeChunk(EXRImage *exr_image, const EXRHeader *exr_header,
       tinyexr::swap4(reinterpret_cast<unsigned int *>(&line_no));
       tinyexr::swap4(reinterpret_cast<unsigned int *>(&data_len));
 
+      if (size_t(data_len) > data_size) {
+        return TINYEXR_ERROR_INVALID_DATA;
+      }
+
       int end_line_no = (std::min)(line_no + num_scanline_blocks,
                                    (exr_header->data_window[3] + 1));
 
       int num_lines = end_line_no - line_no;
-      assert(num_lines > 0);
-
-      // Move to data addr: 8 = 4 + 4;
-      data_ptr += 8;
-
-      // Adjust line_no with data_window.bmin.y
-      line_no -= exr_header->data_window[1];
+      //assert(num_lines > 0);
 
-      if (line_no < 0) {
+      if (num_lines <= 0) {
         invalid_data = true;
       } else {
-        tinyexr::DecodePixelData(
-            exr_image->images, exr_header->requested_pixel_types, data_ptr,
-            static_cast<size_t>(data_len), exr_header->compression_type,
-            exr_header->line_order, data_width, data_height, data_width, y,
-            line_no, num_lines, static_cast<size_t>(pixel_data_size),
-            static_cast<size_t>(exr_header->num_custom_attributes),
-            exr_header->custom_attributes,
-            static_cast<size_t>(exr_header->num_channels), exr_header->channels,
-            channel_offset_list);
+
+        // Move to data addr: 8 = 4 + 4;
+        data_ptr += 8;
+
+        // Adjust line_no with data_window.bmin.y
+        line_no -= exr_header->data_window[1];
+
+        if (line_no < 0) {
+          invalid_data = true;
+        } else {
+          if (!tinyexr::DecodePixelData(
+              exr_image->images, exr_header->requested_pixel_types, data_ptr,
+              static_cast<size_t>(data_len), exr_header->compression_type,
+              exr_header->line_order, data_width, data_height, data_width, y,
+              line_no, num_lines, static_cast<size_t>(pixel_data_size),
+              static_cast<size_t>(exr_header->num_custom_attributes),
+              exr_header->custom_attributes,
+              static_cast<size_t>(exr_header->num_channels), exr_header->channels,
+              channel_offset_list)) {
+            invalid_data = true;
+          }
+        }
       }
     }  // omp parallel
   }
@@ -10537,7 +10617,7 @@ static bool ReconstructLineOffsets(
   for (size_t i = 0; i < n; i++) {
     size_t offset = static_cast<size_t>(marker - head);
     // Offset should not exceed whole EXR file/data size.
-    if (offset >= size) {
+    if ((offset + sizeof(tinyexr::tinyexr_uint64)) >= size) {
       return false;
     }
 
@@ -10586,8 +10666,15 @@ static int DecodeEXRImage(EXRImage *exr_image, const EXRHeader *exr_header,
   int data_width = exr_header->data_window[2] - exr_header->data_window[0] + 1;
   int data_height = exr_header->data_window[3] - exr_header->data_window[1] + 1;
 
+  if ((data_width < 0) || (data_height < 0)) {
+    if (err) {
+      (*err) = "Invalid data window value.";
+    }
+    return TINYEXR_ERROR_INVALID_DATA;
+  }
+
   // Read offset tables.
-  size_t num_blocks;
+  size_t num_blocks = 0;
 
   if (exr_header->chunk_count > 0) {
     // Use `chunkCount` attribute.
@@ -10657,7 +10744,7 @@ static int DecodeEXRImage(EXRImage *exr_image, const EXRHeader *exr_header,
     }
   }
 
-  return DecodeChunk(exr_image, exr_header, offsets, head);
+  return DecodeChunk(exr_image, exr_header, offsets, head, size);
 }
 
 }  // namespace tinyexr
@@ -10842,8 +10929,8 @@ int ParseEXRHeaderFromMemory(EXRHeader *exr_header, const EXRVersion *version,
 }
 
 int LoadEXRFromMemory(float **out_rgba, int *width, int *height,
-	const unsigned char *memory, size_t size,
-	const char **err) {
+                      const unsigned char *memory, size_t size,
+                      const char **err) {
   if (out_rgba == NULL || memory == NULL) {
     if (err) {
       (*err) = "Invalid argument.\n";
@@ -10866,13 +10953,13 @@ int LoadEXRFromMemory(float **out_rgba, int *width, int *height,
   if (ret != TINYEXR_SUCCESS) {
     return ret;
   }
-  
+
   // Read HALF channel as FLOAT.
   for (int i = 0; i < exr_header.num_channels; i++) {
     if (exr_header.pixel_types[i] == TINYEXR_PIXELTYPE_HALF) {
       exr_header.requested_pixel_types[i] = TINYEXR_PIXELTYPE_FLOAT;
     }
-  }  
+  }
 
   InitEXRImage(&exr_image);
   ret = LoadEXRImageFromMemory(&exr_image, &exr_header, memory, size, err);
@@ -10923,23 +11010,22 @@ int LoadEXRFromMemory(float **out_rgba, int *width, int *height,
   }
 
   (*out_rgba) = reinterpret_cast<float *>(
-	malloc(4 * sizeof(float) * static_cast<size_t>(exr_image.width) *
-	  static_cast<size_t>(exr_image.height)));
+      malloc(4 * sizeof(float) * static_cast<size_t>(exr_image.width) *
+             static_cast<size_t>(exr_image.height)));
 
   for (int i = 0; i < exr_image.width * exr_image.height; i++) {
-	(*out_rgba)[4 * i + 0] =
-	 reinterpret_cast<float **>(exr_image.images)[idxR][i];
-	(*out_rgba)[4 * i + 1] =
-	 reinterpret_cast<float **>(exr_image.images)[idxG][i];
-	(*out_rgba)[4 * i + 2] =
-	 reinterpret_cast<float **>(exr_image.images)[idxB][i];
-	if (idxA != -1) {
-	 (*out_rgba)[4 * i + 3] =
-	  reinterpret_cast<float **>(exr_image.images)[idxA][i];
-	}
-	else {
-	 (*out_rgba)[4 * i + 3] = 1.0;
-	}
+    (*out_rgba)[4 * i + 0] =
+        reinterpret_cast<float **>(exr_image.images)[idxR][i];
+    (*out_rgba)[4 * i + 1] =
+        reinterpret_cast<float **>(exr_image.images)[idxG][i];
+    (*out_rgba)[4 * i + 2] =
+        reinterpret_cast<float **>(exr_image.images)[idxB][i];
+    if (idxA != -1) {
+      (*out_rgba)[4 * i + 3] =
+          reinterpret_cast<float **>(exr_image.images)[idxA][i];
+    } else {
+      (*out_rgba)[4 * i + 3] = 1.0;
+    }
   }
 
   (*width) = exr_image.width;
@@ -11707,7 +11793,12 @@ int LoadDeepEXR(DeepImage *deep_image, const char *filename, const char **err) {
       // xSampling: int
       // ySampling: int
 
-      tinyexr::ReadChannelInfo(channels, data);
+      if (!tinyexr::ReadChannelInfo(channels, data)) {
+        if (err) {
+          (*err) = "Failed to parse channel info.";
+        }
+        return TINYEXR_ERROR_INVALID_DATA;
+      }
 
       num_channels = static_cast<int>(channels.size());
 
@@ -11844,9 +11935,11 @@ int LoadDeepEXR(DeepImage *deep_image, const char *filename, const char **err) {
     {
       unsigned long dstLen =
           static_cast<unsigned long>(pixelOffsetTable.size() * sizeof(int));
-      tinyexr::DecompressZip(
+      if (!tinyexr::DecompressZip(
           reinterpret_cast<unsigned char *>(&pixelOffsetTable.at(0)), &dstLen,
-          data_ptr + 28, static_cast<unsigned long>(packedOffsetTableSize));
+          data_ptr + 28, static_cast<unsigned long>(packedOffsetTableSize))) {
+        return false;
+      }
 
       assert(dstLen == pixelOffsetTable.size() * sizeof(int));
       for (size_t i = 0; i < static_cast<size_t>(data_width); i++) {
@@ -11861,10 +11954,12 @@ int LoadDeepEXR(DeepImage *deep_image, const char *filename, const char **err) {
     {
       unsigned long dstLen = static_cast<unsigned long>(unpackedSampleDataSize);
       if (dstLen) {
-        tinyexr::DecompressZip(
+        if (!tinyexr::DecompressZip(
             reinterpret_cast<unsigned char *>(&sample_data.at(0)), &dstLen,
             data_ptr + 28 + packedOffsetTableSize,
-            static_cast<unsigned long>(packedSampleDataSize));
+            static_cast<unsigned long>(packedSampleDataSize))) {
+          return false;
+        }
         assert(dstLen == static_cast<unsigned long>(unpackedSampleDataSize));
       }
     }
@@ -12390,7 +12485,7 @@ int LoadEXRMultipartImageFromMemory(EXRImage *exr_images,
     }
 
     int ret = tinyexr::DecodeChunk(&exr_images[i], exr_headers[i], offset_table,
-                                   memory);
+                                   memory, size);
     if (ret != TINYEXR_SUCCESS) {
       return ret;
     }
diff --git a/thirdparty/zstd/common/bitstream.h b/thirdparty/zstd/common/bitstream.h
index 2094823fe2..fcf3843079 100644
--- a/thirdparty/zstd/common/bitstream.h
+++ b/thirdparty/zstd/common/bitstream.h
@@ -167,7 +167,7 @@ MEM_STATIC size_t BIT_readBitsFast(BIT_DStream_t* bitD, unsigned nbBits);
 /*-**************************************************************
 *  Internal functions
 ****************************************************************/
-MEM_STATIC unsigned BIT_highbit32 (register U32 val)
+MEM_STATIC unsigned BIT_highbit32 (U32 val)
 {
     assert(val != 0);
     {
diff --git a/thirdparty/zstd/common/mem.h b/thirdparty/zstd/common/mem.h
index 23335c3146..47d2300177 100644
--- a/thirdparty/zstd/common/mem.h
+++ b/thirdparty/zstd/common/mem.h
@@ -56,8 +56,6 @@ MEM_STATIC void MEM_check(void) { MEM_STATIC_ASSERT((sizeof(size_t)==4) || (size
   typedef   int32_t S32;
   typedef  uint64_t U64;
   typedef   int64_t S64;
-  typedef  intptr_t iPtrDiff;
-  typedef uintptr_t uPtrDiff;
 #else
   typedef unsigned char      BYTE;
   typedef unsigned short      U16;
@@ -66,8 +64,6 @@ MEM_STATIC void MEM_check(void) { MEM_STATIC_ASSERT((sizeof(size_t)==4) || (size
   typedef   signed int        S32;
   typedef unsigned long long  U64;
   typedef   signed long long  S64;
-  typedef ptrdiff_t      iPtrDiff;
-  typedef size_t         uPtrDiff;
 #endif
 
 
@@ -123,20 +119,26 @@ MEM_STATIC void MEM_write64(void* memPtr, U64 value) { *(U64*)memPtr = value; }
 /* currently only defined for gcc and icc */
 #if defined(_MSC_VER) || (defined(__INTEL_COMPILER) && defined(WIN32))
     __pragma( pack(push, 1) )
-    typedef union { U16 u16; U32 u32; U64 u64; size_t st; } unalign;
+    typedef struct { U16 v; } unalign16;
+    typedef struct { U32 v; } unalign32;
+    typedef struct { U64 v; } unalign64;
+    typedef struct { size_t v; } unalignArch;
     __pragma( pack(pop) )
 #else
-    typedef union { U16 u16; U32 u32; U64 u64; size_t st; } __attribute__((packed)) unalign;
+    typedef struct { U16 v; } __attribute__((packed)) unalign16;
+    typedef struct { U32 v; } __attribute__((packed)) unalign32;
+    typedef struct { U64 v; } __attribute__((packed)) unalign64;
+    typedef struct { size_t v; } __attribute__((packed)) unalignArch;
 #endif
 
-MEM_STATIC U16 MEM_read16(const void* ptr) { return ((const unalign*)ptr)->u16; }
-MEM_STATIC U32 MEM_read32(const void* ptr) { return ((const unalign*)ptr)->u32; }
-MEM_STATIC U64 MEM_read64(const void* ptr) { return ((const unalign*)ptr)->u64; }
-MEM_STATIC size_t MEM_readST(const void* ptr) { return ((const unalign*)ptr)->st; }
+MEM_STATIC U16 MEM_read16(const void* ptr) { return ((const unalign16*)ptr)->v; }
+MEM_STATIC U32 MEM_read32(const void* ptr) { return ((const unalign32*)ptr)->v; }
+MEM_STATIC U64 MEM_read64(const void* ptr) { return ((const unalign64*)ptr)->v; }
+MEM_STATIC size_t MEM_readST(const void* ptr) { return ((const unalignArch*)ptr)->v; }
 
-MEM_STATIC void MEM_write16(void* memPtr, U16 value) { ((unalign*)memPtr)->u16 = value; }
-MEM_STATIC void MEM_write32(void* memPtr, U32 value) { ((unalign*)memPtr)->u32 = value; }
-MEM_STATIC void MEM_write64(void* memPtr, U64 value) { ((unalign*)memPtr)->u64 = value; }
+MEM_STATIC void MEM_write16(void* memPtr, U16 value) { ((unalign16*)memPtr)->v = value; }
+MEM_STATIC void MEM_write32(void* memPtr, U32 value) { ((unalign32*)memPtr)->v = value; }
+MEM_STATIC void MEM_write64(void* memPtr, U64 value) { ((unalign64*)memPtr)->v = value; }
 
 #else
 
diff --git a/thirdparty/zstd/common/pool.c b/thirdparty/zstd/common/pool.c
index 1b0fe1035d..98b109e72a 100644
--- a/thirdparty/zstd/common/pool.c
+++ b/thirdparty/zstd/common/pool.c
@@ -11,7 +11,6 @@
 
 /* ======   Dependencies   ======= */
 #include <stddef.h>  /* size_t */
-#include <stdlib.h>  /* malloc, calloc, free */
 #include "pool.h"
 
 /* ======   Compiler specifics   ====== */
@@ -115,7 +114,7 @@ POOL_ctx* POOL_create_advanced(size_t numThreads, size_t queueSize, ZSTD_customM
      * and full queues.
      */
     ctx->queueSize = queueSize + 1;
-    ctx->queue = (POOL_job*) malloc(ctx->queueSize * sizeof(POOL_job));
+    ctx->queue = (POOL_job*)ZSTD_malloc(ctx->queueSize * sizeof(POOL_job), customMem);
     ctx->queueHead = 0;
     ctx->queueTail = 0;
     ctx->numThreadsBusy = 0;
diff --git a/thirdparty/zstd/common/zstd_common.c b/thirdparty/zstd/common/zstd_common.c
index c2041053be..bccc948892 100644
--- a/thirdparty/zstd/common/zstd_common.c
+++ b/thirdparty/zstd/common/zstd_common.c
@@ -31,21 +31,27 @@ const char* ZSTD_versionString(void) { return ZSTD_VERSION_STRING; }
 *  ZSTD Error Management
 ******************************************/
 /*! ZSTD_isError() :
-*   tells if a return value is an error code */
+ *  tells if a return value is an error code */
 unsigned ZSTD_isError(size_t code) { return ERR_isError(code); }
 
 /*! ZSTD_getErrorName() :
-*   provides error code string from function result (useful for debugging) */
+ *  provides error code string from function result (useful for debugging) */
 const char* ZSTD_getErrorName(size_t code) { return ERR_getErrorName(code); }
 
 /*! ZSTD_getError() :
-*   convert a `size_t` function result into a proper ZSTD_errorCode enum */
+ *  convert a `size_t` function result into a proper ZSTD_errorCode enum */
 ZSTD_ErrorCode ZSTD_getErrorCode(size_t code) { return ERR_getErrorCode(code); }
 
 /*! ZSTD_getErrorString() :
-*   provides error code string from enum */
+ *  provides error code string from enum */
 const char* ZSTD_getErrorString(ZSTD_ErrorCode code) { return ERR_getErrorString(code); }
 
+/*! g_debuglog_enable :
+ *  turn on/off debug traces (global switch) */
+#if defined(ZSTD_DEBUG) && (ZSTD_DEBUG >= 2)
+int g_debuglog_enable = 1;
+#endif
+
 
 /*=**************************************************************
 *  Custom allocator
diff --git a/thirdparty/zstd/common/zstd_internal.h b/thirdparty/zstd/common/zstd_internal.h
index e91cd20baa..5d2900eb76 100644
--- a/thirdparty/zstd/common/zstd_internal.h
+++ b/thirdparty/zstd/common/zstd_internal.h
@@ -11,6 +11,10 @@
 #ifndef ZSTD_CCOMMON_H_MODULE
 #define ZSTD_CCOMMON_H_MODULE
 
+/* this module contains definitions which must be identical
+ * across compression, decompression and dictBuilder.
+ * It also contains a few functions useful to at least 2 of them
+ * and which benefit from being inlined */
 
 /*-*************************************
 *  Dependencies
@@ -50,21 +54,26 @@ extern "C" {
 
 #if defined(ZSTD_DEBUG) && (ZSTD_DEBUG>=2)
 #  include <stdio.h>
+extern int g_debuglog_enable;
 /* recommended values for ZSTD_DEBUG display levels :
  * 1 : no display, enables assert() only
- * 2 : reserved for currently active debugging path
- * 3 : events once per object lifetime (CCtx, CDict)
+ * 2 : reserved for currently active debug path
+ * 3 : events once per object lifetime (CCtx, CDict, etc.)
  * 4 : events once per frame
  * 5 : events once per block
  * 6 : events once per sequence (*very* verbose) */
-#  define DEBUGLOG(l, ...) {                         \
-                if (l<=ZSTD_DEBUG) {                 \
-                    fprintf(stderr, __FILE__ ": ");  \
-                    fprintf(stderr, __VA_ARGS__);    \
-                    fprintf(stderr, " \n");          \
+#  define RAWLOG(l, ...) {                                      \
+                if ((g_debuglog_enable) & (l<=ZSTD_DEBUG)) {    \
+                    fprintf(stderr, __VA_ARGS__);               \
+            }   }
+#  define DEBUGLOG(l, ...) {                                    \
+                if ((g_debuglog_enable) & (l<=ZSTD_DEBUG)) {    \
+                    fprintf(stderr, __FILE__ ": " __VA_ARGS__); \
+                    fprintf(stderr, " \n");                     \
             }   }
 #else
-#  define DEBUGLOG(l, ...)      {}    /* disabled */
+#  define RAWLOG(l, ...)      {}    /* disabled */
+#  define DEBUGLOG(l, ...)    {}    /* disabled */
 #endif
 
 
@@ -85,9 +94,7 @@ extern "C" {
 #define ZSTD_OPT_NUM    (1<<12)
 
 #define ZSTD_REP_NUM      3                 /* number of repcodes */
-#define ZSTD_REP_CHECK    (ZSTD_REP_NUM)    /* number of repcodes to check by the optimal parser */
 #define ZSTD_REP_MOVE     (ZSTD_REP_NUM-1)
-#define ZSTD_REP_MOVE_OPT (ZSTD_REP_NUM)
 static const U32 repStartValue[ZSTD_REP_NUM] = { 1, 4, 8 };
 
 #define KB *(1 <<10)
@@ -134,28 +141,40 @@ typedef enum { set_basic, set_rle, set_compressed, set_repeat } symbolEncodingTy
 #define LLFSELog    9
 #define OffFSELog   8
 
-static const U32 LL_bits[MaxLL+1] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-                                      1, 1, 1, 1, 2, 2, 3, 3, 4, 6, 7, 8, 9,10,11,12,
+static const U32 LL_bits[MaxLL+1] = { 0, 0, 0, 0, 0, 0, 0, 0,
+                                      0, 0, 0, 0, 0, 0, 0, 0,
+                                      1, 1, 1, 1, 2, 2, 3, 3,
+                                      4, 6, 7, 8, 9,10,11,12,
                                      13,14,15,16 };
-static const S16 LL_defaultNorm[MaxLL+1] = { 4, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1,
-                                             2, 2, 2, 2, 2, 2, 2, 2, 2, 3, 2, 1, 1, 1, 1, 1,
+static const S16 LL_defaultNorm[MaxLL+1] = { 4, 3, 2, 2, 2, 2, 2, 2,
+                                             2, 2, 2, 2, 2, 1, 1, 1,
+                                             2, 2, 2, 2, 2, 2, 2, 2,
+                                             2, 3, 2, 1, 1, 1, 1, 1,
                                             -1,-1,-1,-1 };
 #define LL_DEFAULTNORMLOG 6  /* for static allocation */
 static const U32 LL_defaultNormLog = LL_DEFAULTNORMLOG;
 
-static const U32 ML_bits[MaxML+1] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-                                      0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-                                      1, 1, 1, 1, 2, 2, 3, 3, 4, 4, 5, 7, 8, 9,10,11,
+static const U32 ML_bits[MaxML+1] = { 0, 0, 0, 0, 0, 0, 0, 0,
+                                      0, 0, 0, 0, 0, 0, 0, 0,
+                                      0, 0, 0, 0, 0, 0, 0, 0,
+                                      0, 0, 0, 0, 0, 0, 0, 0,
+                                      1, 1, 1, 1, 2, 2, 3, 3,
+                                      4, 4, 5, 7, 8, 9,10,11,
                                      12,13,14,15,16 };
-static const S16 ML_defaultNorm[MaxML+1] = { 1, 4, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1,
-                                             1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
-                                             1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,-1,-1,
+static const S16 ML_defaultNorm[MaxML+1] = { 1, 4, 3, 2, 2, 2, 2, 2,
+                                             2, 1, 1, 1, 1, 1, 1, 1,
+                                             1, 1, 1, 1, 1, 1, 1, 1,
+                                             1, 1, 1, 1, 1, 1, 1, 1,
+                                             1, 1, 1, 1, 1, 1, 1, 1,
+                                             1, 1, 1, 1, 1, 1,-1,-1,
                                             -1,-1,-1,-1,-1 };
 #define ML_DEFAULTNORMLOG 6  /* for static allocation */
 static const U32 ML_defaultNormLog = ML_DEFAULTNORMLOG;
 
-static const S16 OF_defaultNorm[DefaultMaxOff+1] = { 1, 1, 1, 1, 1, 1, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1,
-                                                     1, 1, 1, 1, 1, 1, 1, 1,-1,-1,-1,-1,-1 };
+static const S16 OF_defaultNorm[DefaultMaxOff+1] = { 1, 1, 1, 1, 1, 1, 2, 2,
+                                                     2, 1, 1, 1, 1, 1, 1, 1,
+                                                     1, 1, 1, 1, 1, 1, 1, 1,
+                                                    -1,-1,-1,-1,-1 };
 #define OF_DEFAULTNORMLOG 5  /* for static allocation */
 static const U32 OF_defaultNormLog = OF_DEFAULTNORMLOG;
 
@@ -167,7 +186,7 @@ static void ZSTD_copy8(void* dst, const void* src) { memcpy(dst, src, 8); }
 #define COPY8(d,s) { ZSTD_copy8(d,s); d+=8; s+=8; }
 
 /*! ZSTD_wildcopy() :
-*   custom version of memcpy(), can copy up to 7 bytes too many (8 bytes if length==0) */
+ *  custom version of memcpy(), can overwrite up to WILDCOPY_OVERLENGTH bytes (if length==0) */
 #define WILDCOPY_OVERLENGTH 8
 MEM_STATIC void ZSTD_wildcopy(void* dst, const void* src, ptrdiff_t length)
 {
@@ -191,17 +210,14 @@ MEM_STATIC void ZSTD_wildcopy_e(void* dst, const void* src, void* dstEnd)   /* s
 
 
 /*-*******************************************
-*  Private interfaces
+*  Private declarations
 *********************************************/
-typedef struct ZSTD_stats_s ZSTD_stats_t;
-
 typedef struct seqDef_s {
     U32 offset;
     U16 litLength;
     U16 matchLength;
 } seqDef;
 
-
 typedef struct {
     seqDef* sequencesStart;
     seqDef* sequences;
@@ -216,100 +232,8 @@ typedef struct {
     U32   repToConfirm[ZSTD_REP_NUM];
 } seqStore_t;
 
-typedef struct {
-    U32 off;
-    U32 len;
-} ZSTD_match_t;
-
-typedef struct {
-    U32 price;
-    U32 off;
-    U32 mlen;
-    U32 litlen;
-    U32 rep[ZSTD_REP_NUM];
-} ZSTD_optimal_t;
-
-typedef struct {
-    U32* litFreq;
-    U32* litLengthFreq;
-    U32* matchLengthFreq;
-    U32* offCodeFreq;
-    ZSTD_match_t* matchTable;
-    ZSTD_optimal_t* priceTable;
-
-    U32  matchLengthSum;
-    U32  matchSum;
-    U32  litLengthSum;
-    U32  litSum;
-    U32  offCodeSum;
-    U32  log2matchLengthSum;
-    U32  log2matchSum;
-    U32  log2litLengthSum;
-    U32  log2litSum;
-    U32  log2offCodeSum;
-    U32  factor;
-    U32  staticPrices;
-    U32  cachedPrice;
-    U32  cachedLitLength;
-    const BYTE* cachedLiterals;
-} optState_t;
-
-typedef struct {
-    U32 offset;
-    U32 checksum;
-} ldmEntry_t;
-
-typedef struct {
-    ldmEntry_t* hashTable;
-    BYTE* bucketOffsets;    /* Next position in bucket to insert entry */
-    U64 hashPower;          /* Used to compute the rolling hash.
-                             * Depends on ldmParams.minMatchLength */
-} ldmState_t;
-
-typedef struct {
-    U32 enableLdm;          /* 1 if enable long distance matching */
-    U32 hashLog;            /* Log size of hashTable */
-    U32 bucketSizeLog;      /* Log bucket size for collision resolution, at most 8 */
-    U32 minMatchLength;     /* Minimum match length */
-    U32 hashEveryLog;       /* Log number of entries to skip */
-} ldmParams_t;
-
-typedef struct {
-    U32 hufCTable[HUF_CTABLE_SIZE_U32(255)];
-    FSE_CTable offcodeCTable[FSE_CTABLE_SIZE_U32(OffFSELog, MaxOff)];
-    FSE_CTable matchlengthCTable[FSE_CTABLE_SIZE_U32(MLFSELog, MaxML)];
-    FSE_CTable litlengthCTable[FSE_CTABLE_SIZE_U32(LLFSELog, MaxLL)];
-    U32 workspace[HUF_WORKSPACE_SIZE_U32];
-    HUF_repeat hufCTable_repeatMode;
-    FSE_repeat offcode_repeatMode;
-    FSE_repeat matchlength_repeatMode;
-    FSE_repeat litlength_repeatMode;
-} ZSTD_entropyCTables_t;
-
-struct ZSTD_CCtx_params_s {
-    ZSTD_format_e format;
-    ZSTD_compressionParameters cParams;
-    ZSTD_frameParameters fParams;
-
-    int compressionLevel;
-    U32 forceWindow;           /* force back-references to respect limit of
-                                * 1<<wLog, even for dictionary */
-
-    /* Multithreading: used to pass parameters to mtctx */
-    U32 nbThreads;
-    unsigned jobSize;
-    unsigned overlapSizeLog;
-
-    /* Long distance matching parameters */
-    ldmParams_t ldmParams;
-
-    /* For use with createCCtxParams() and freeCCtxParams() only */
-    ZSTD_customMem customMem;
-
-};  /* typedef'd to ZSTD_CCtx_params within "zstd.h" */
-
-const seqStore_t* ZSTD_getSeqStore(const ZSTD_CCtx* ctx);
-void ZSTD_seqToCodes(const seqStore_t* seqStorePtr);
+const seqStore_t* ZSTD_getSeqStore(const ZSTD_CCtx* ctx);   /* compress & dictBuilder */
+void ZSTD_seqToCodes(const seqStore_t* seqStorePtr);   /* compress, dictBuilder, decodeCorpus (shouldn't get its definition from here) */
 
 /* custom memory allocation functions */
 void* ZSTD_malloc(size_t size, ZSTD_customMem customMem);
@@ -317,9 +241,7 @@ void* ZSTD_calloc(size_t size, ZSTD_customMem customMem);
 void ZSTD_free(void* ptr, ZSTD_customMem customMem);
 
 
-/*======  common function  ======*/
-
-MEM_STATIC U32 ZSTD_highbit32(U32 val)
+MEM_STATIC U32 ZSTD_highbit32(U32 val)   /* compress, dictBuilder, decodeCorpus */
 {
     assert(val != 0);
     {
@@ -330,66 +252,25 @@ MEM_STATIC U32 ZSTD_highbit32(U32 val)
 #   elif defined(__GNUC__) && (__GNUC__ >= 3)   /* GCC Intrinsic */
         return 31 - __builtin_clz(val);
 #   else   /* Software version */
-        static const int DeBruijnClz[32] = { 0, 9, 1, 10, 13, 21, 2, 29, 11, 14, 16, 18, 22, 25, 3, 30, 8, 12, 20, 28, 15, 17, 24, 7, 19, 27, 23, 6, 26, 5, 4, 31 };
+        static const U32 DeBruijnClz[32] = { 0, 9, 1, 10, 13, 21, 2, 29, 11, 14, 16, 18, 22, 25, 3, 30, 8, 12, 20, 28, 15, 17, 24, 7, 19, 27, 23, 6, 26, 5, 4, 31 };
         U32 v = val;
-        int r;
         v |= v >> 1;
         v |= v >> 2;
         v |= v >> 4;
         v |= v >> 8;
         v |= v >> 16;
-        r = DeBruijnClz[(U32)(v * 0x07C4ACDDU) >> 27];
-        return r;
+        return DeBruijnClz[(v * 0x07C4ACDDU) >> 27];
 #   endif
     }
 }
 
 
-/* hidden functions */
-
 /* ZSTD_invalidateRepCodes() :
  * ensures next compression will not use repcodes from previous block.
  * Note : only works with regular variant;
  *        do not use with extDict variant ! */
-void ZSTD_invalidateRepCodes(ZSTD_CCtx* cctx);
-
-
-/*! ZSTD_initCStream_internal() :
- *  Private use only. Init streaming operation.
- *  expects params to be valid.
- *  must receive dict, or cdict, or none, but not both.
- *  @return : 0, or an error code */
-size_t ZSTD_initCStream_internal(ZSTD_CStream* zcs,
-                     const void* dict, size_t dictSize,
-                     const ZSTD_CDict* cdict,
-                     ZSTD_CCtx_params  params, unsigned long long pledgedSrcSize);
-
-/*! ZSTD_compressStream_generic() :
- *  Private use only. To be called from zstdmt_compress.c in single-thread mode. */
-size_t ZSTD_compressStream_generic(ZSTD_CStream* zcs,
-                                   ZSTD_outBuffer* output,
-                                   ZSTD_inBuffer* input,
-                                   ZSTD_EndDirective const flushMode);
-
-/*! ZSTD_getCParamsFromCDict() :
- *  as the name implies */
-ZSTD_compressionParameters ZSTD_getCParamsFromCDict(const ZSTD_CDict* cdict);
-
-/* ZSTD_compressBegin_advanced_internal() :
- * Private use only. To be called from zstdmt_compress.c. */
-size_t ZSTD_compressBegin_advanced_internal(ZSTD_CCtx* cctx,
-                                    const void* dict, size_t dictSize,
-                                    ZSTD_dictMode_e dictMode,
-                                    ZSTD_CCtx_params params,
-                                    unsigned long long pledgedSrcSize);
-
-/* ZSTD_compress_advanced_internal() :
- * Private use only. To be called from zstdmt_compress.c. */
-size_t ZSTD_compress_advanced_internal(ZSTD_CCtx* cctx,
-                                       void* dst, size_t dstCapacity,
-                                 const void* src, size_t srcSize,
-                                 const void* dict,size_t dictSize,
-                                 ZSTD_CCtx_params params);
+void ZSTD_invalidateRepCodes(ZSTD_CCtx* cctx);   /* zstdmt, adaptive_compression (shouldn't get this definition from here) */
+
 
 typedef struct {
     blockType_e blockType;
@@ -398,7 +279,8 @@ typedef struct {
 } blockProperties_t;
 
 /*! ZSTD_getcBlockSize() :
-*   Provides the size of compressed block from block header `src` */
+ *  Provides the size of compressed block from block header `src` */
+/* Used by: decompress, fullbench (does not get its definition from here) */
 size_t ZSTD_getcBlockSize(const void* src, size_t srcSize,
                           blockProperties_t* bpPtr);
 
diff --git a/thirdparty/zstd/compress/zstd_compress.c b/thirdparty/zstd/compress/zstd_compress.c
index 2c46c79f1c..8d1629246d 100644
--- a/thirdparty/zstd/compress/zstd_compress.c
+++ b/thirdparty/zstd/compress/zstd_compress.c
@@ -26,7 +26,7 @@
 #include "fse.h"
 #define HUF_STATIC_LINKING_ONLY
 #include "huf.h"
-#include "zstd_compress.h"
+#include "zstd_compress_internal.h"
 #include "zstd_fast.h"
 #include "zstd_double_fast.h"
 #include "zstd_lazy.h"
@@ -43,17 +43,6 @@ size_t ZSTD_compressBound(size_t srcSize) {
 
 
 /*-*************************************
-*  Sequence storage
-***************************************/
-static void ZSTD_resetSeqStore(seqStore_t* ssPtr)
-{
-    ssPtr->lit = ssPtr->litStart;
-    ssPtr->sequences = ssPtr->sequencesStart;
-    ssPtr->longLengthID = 0;
-}
-
-
-/*-*************************************
 *  Context memory management
 ***************************************/
 struct ZSTD_CDict_s {
@@ -78,6 +67,7 @@ ZSTD_CCtx* ZSTD_createCCtx_advanced(ZSTD_customMem customMem)
     if (!cctx) return NULL;
     cctx->customMem = customMem;
     cctx->requestedParams.compressionLevel = ZSTD_CLEVEL_DEFAULT;
+    cctx->requestedParams.fParams.contentSizeFlag = 1;
     ZSTD_STATIC_ASSERT(zcss_init==0);
     ZSTD_STATIC_ASSERT(ZSTD_CONTENTSIZE_UNKNOWN==(0ULL - 1));
     return cctx;
@@ -152,28 +142,34 @@ const seqStore_t* ZSTD_getSeqStore(const ZSTD_CCtx* ctx) { return &(ctx->seqStor
 #define ZSTD_CLEVEL_CUSTOM 999
 
 static ZSTD_compressionParameters ZSTD_getCParamsFromCCtxParams(
-        ZSTD_CCtx_params params, U64 srcSizeHint, size_t dictSize)
+        ZSTD_CCtx_params CCtxParams, U64 srcSizeHint, size_t dictSize)
 {
-    return (params.compressionLevel == ZSTD_CLEVEL_CUSTOM ?
-                    params.cParams :
-                    ZSTD_getCParams(params.compressionLevel, srcSizeHint, dictSize));
+    DEBUGLOG(4, "ZSTD_getCParamsFromCCtxParams: srcSize = %u, dictSize = %u",
+                (U32)srcSizeHint, (U32)dictSize);
+    return (CCtxParams.compressionLevel == ZSTD_CLEVEL_CUSTOM) ?
+                CCtxParams.cParams :
+                ZSTD_getCParams(CCtxParams.compressionLevel, srcSizeHint, dictSize);
 }
 
-static void ZSTD_cLevelToCCtxParams_srcSize(ZSTD_CCtx_params* params, U64 srcSize)
+static void ZSTD_cLevelToCCtxParams_srcSize(ZSTD_CCtx_params* CCtxParams, U64 srcSize)
 {
-    params->cParams = ZSTD_getCParamsFromCCtxParams(*params, srcSize, 0);
-    params->compressionLevel = ZSTD_CLEVEL_CUSTOM;
+    DEBUGLOG(4, "ZSTD_cLevelToCCtxParams_srcSize: srcSize = %u",
+                (U32)srcSize);
+    CCtxParams->cParams = ZSTD_getCParamsFromCCtxParams(*CCtxParams, srcSize, 0);
+    CCtxParams->compressionLevel = ZSTD_CLEVEL_CUSTOM;
 }
 
 static void ZSTD_cLevelToCParams(ZSTD_CCtx* cctx)
 {
+    DEBUGLOG(4, "ZSTD_cLevelToCParams: level=%i", cctx->requestedParams.compressionLevel);
     ZSTD_cLevelToCCtxParams_srcSize(
             &cctx->requestedParams, cctx->pledgedSrcSizePlusOne-1);
 }
 
-static void ZSTD_cLevelToCCtxParams(ZSTD_CCtx_params* params)
+static void ZSTD_cLevelToCCtxParams(ZSTD_CCtx_params* CCtxParams)
 {
-    ZSTD_cLevelToCCtxParams_srcSize(params, 0);
+    DEBUGLOG(4, "ZSTD_cLevelToCCtxParams");
+    ZSTD_cLevelToCCtxParams_srcSize(CCtxParams, ZSTD_CONTENTSIZE_UNKNOWN);
 }
 
 static ZSTD_CCtx_params ZSTD_makeCCtxParamsFromCParams(
@@ -251,6 +247,7 @@ static ZSTD_CCtx_params ZSTD_assignParamsToCCtxParams(
 
 size_t ZSTD_CCtx_setParameter(ZSTD_CCtx* cctx, ZSTD_cParameter param, unsigned value)
 {
+    DEBUGLOG(4, "ZSTD_CCtx_setParameter (%u, %u)", (U32)param, value);
     if (cctx->streamStage != zcss_init) return ERROR(stage_wrong);
 
     switch(param)
@@ -259,7 +256,6 @@ size_t ZSTD_CCtx_setParameter(ZSTD_CCtx* cctx, ZSTD_cParameter param, unsigned v
         return ZSTD_CCtxParam_setParameter(&cctx->requestedParams, param, value);
 
     case ZSTD_p_compressionLevel:
-        if (value == 0) return 0;  /* special value : 0 means "don't change anything" */
         if (cctx->cdict) return ERROR(stage_wrong);
         return ZSTD_CCtxParam_setParameter(&cctx->requestedParams, param, value);
 
@@ -270,9 +266,8 @@ size_t ZSTD_CCtx_setParameter(ZSTD_CCtx* cctx, ZSTD_cParameter param, unsigned v
     case ZSTD_p_minMatch:
     case ZSTD_p_targetLength:
     case ZSTD_p_compressionStrategy:
-        if (value == 0) return 0;  /* special value : 0 means "don't change anything" */
         if (cctx->cdict) return ERROR(stage_wrong);
-        ZSTD_cLevelToCParams(cctx);  /* Can optimize if srcSize is known */
+        if (value>0) ZSTD_cLevelToCParams(cctx);  /* Can optimize if srcSize is known */
         return ZSTD_CCtxParam_setParameter(&cctx->requestedParams, param, value);
 
     case ZSTD_p_contentSizeFlag:
@@ -281,15 +276,12 @@ size_t ZSTD_CCtx_setParameter(ZSTD_CCtx* cctx, ZSTD_cParameter param, unsigned v
         return ZSTD_CCtxParam_setParameter(&cctx->requestedParams, param, value);
 
     case ZSTD_p_forceMaxWindow :  /* Force back-references to remain < windowSize,
-                                   * even when referencing into Dictionary content
+                                   * even when referencing into Dictionary content.
                                    * default : 0 when using a CDict, 1 when using a Prefix */
-        cctx->loadedDictEnd = 0;
         return ZSTD_CCtxParam_setParameter(&cctx->requestedParams, param, value);
 
     case ZSTD_p_nbThreads:
-        if (value==0) return 0;
-        DEBUGLOG(5, " setting nbThreads : %u", value);
-        if (value > 1 && cctx->staticSize) {
+        if ((value > 1) && cctx->staticSize) {
             return ERROR(parameter_unsupported);  /* MT not compatible with static alloc */
         }
         return ZSTD_CCtxParam_setParameter(&cctx->requestedParams, param, value);
@@ -298,22 +290,15 @@ size_t ZSTD_CCtx_setParameter(ZSTD_CCtx* cctx, ZSTD_cParameter param, unsigned v
         return ZSTD_CCtxParam_setParameter(&cctx->requestedParams, param, value);
 
     case ZSTD_p_overlapSizeLog:
-        DEBUGLOG(5, " setting overlap with nbThreads == %u", cctx->requestedParams.nbThreads);
         return ZSTD_CCtxParam_setParameter(&cctx->requestedParams, param, value);
 
     case ZSTD_p_enableLongDistanceMatching:
         if (cctx->cdict) return ERROR(stage_wrong);
-        if (value != 0) {
-            ZSTD_cLevelToCParams(cctx);
-        }
+        if (value>0) ZSTD_cLevelToCParams(cctx);
         return ZSTD_CCtxParam_setParameter(&cctx->requestedParams, param, value);
 
     case ZSTD_p_ldmHashLog:
     case ZSTD_p_ldmMinMatch:
-        if (value == 0) return 0;  /* special value : 0 means "don't change anything" */
-        if (cctx->cdict) return ERROR(stage_wrong);
-        return ZSTD_CCtxParam_setParameter(&cctx->requestedParams, param, value);
-
     case ZSTD_p_ldmBucketSizeLog:
     case ZSTD_p_ldmHashEveryLog:
         if (cctx->cdict) return ERROR(stage_wrong);
@@ -324,160 +309,167 @@ size_t ZSTD_CCtx_setParameter(ZSTD_CCtx* cctx, ZSTD_cParameter param, unsigned v
 }
 
 size_t ZSTD_CCtxParam_setParameter(
-        ZSTD_CCtx_params* params, ZSTD_cParameter param, unsigned value)
+        ZSTD_CCtx_params* CCtxParams, ZSTD_cParameter param, unsigned value)
 {
+    DEBUGLOG(4, "ZSTD_CCtxParam_setParameter (%u, %u)", (U32)param, value);
     switch(param)
     {
     case ZSTD_p_format :
         if (value > (unsigned)ZSTD_f_zstd1_magicless)
             return ERROR(parameter_unsupported);
-        params->format = (ZSTD_format_e)value;
-        return 0;
+        CCtxParams->format = (ZSTD_format_e)value;
+        return (size_t)CCtxParams->format;
 
     case ZSTD_p_compressionLevel :
         if ((int)value > ZSTD_maxCLevel()) value = ZSTD_maxCLevel();
-        if (value == 0) return 0;
-        params->compressionLevel = value;
-        return 0;
+        if (value)  /* 0 : does not change current level */
+            CCtxParams->compressionLevel = value;
+        return CCtxParams->compressionLevel;
 
     case ZSTD_p_windowLog :
-        if (value == 0) return 0;
-        CLAMPCHECK(value, ZSTD_WINDOWLOG_MIN, ZSTD_WINDOWLOG_MAX);
-        ZSTD_cLevelToCCtxParams(params);
-        params->cParams.windowLog = value;
-        return 0;
+        DEBUGLOG(4, "ZSTD_CCtxParam_setParameter: set windowLog=%u", value);
+        if (value) {  /* 0 : does not change current windowLog */
+            CLAMPCHECK(value, ZSTD_WINDOWLOG_MIN, ZSTD_WINDOWLOG_MAX);
+            ZSTD_cLevelToCCtxParams(CCtxParams);
+            CCtxParams->cParams.windowLog = value;
+        }
+        return CCtxParams->cParams.windowLog;
 
     case ZSTD_p_hashLog :
-        if (value == 0) return 0;
-        CLAMPCHECK(value, ZSTD_HASHLOG_MIN, ZSTD_HASHLOG_MAX);
-        ZSTD_cLevelToCCtxParams(params);
-        params->cParams.hashLog = value;
-        return 0;
+        if (value) { /* 0 : does not change current hashLog */
+            CLAMPCHECK(value, ZSTD_HASHLOG_MIN, ZSTD_HASHLOG_MAX);
+            ZSTD_cLevelToCCtxParams(CCtxParams);
+            CCtxParams->cParams.hashLog = value;
+        }
+        return CCtxParams->cParams.hashLog;
 
     case ZSTD_p_chainLog :
-        if (value == 0) return 0;
-        CLAMPCHECK(value, ZSTD_CHAINLOG_MIN, ZSTD_CHAINLOG_MAX);
-        ZSTD_cLevelToCCtxParams(params);
-        params->cParams.chainLog = value;
-        return 0;
+        if (value) { /* 0 : does not change current chainLog */
+            CLAMPCHECK(value, ZSTD_CHAINLOG_MIN, ZSTD_CHAINLOG_MAX);
+            ZSTD_cLevelToCCtxParams(CCtxParams);
+            CCtxParams->cParams.chainLog = value;
+        }
+        return CCtxParams->cParams.chainLog;
 
     case ZSTD_p_searchLog :
-        if (value == 0) return 0;
-        CLAMPCHECK(value, ZSTD_SEARCHLOG_MIN, ZSTD_SEARCHLOG_MAX);
-        ZSTD_cLevelToCCtxParams(params);
-        params->cParams.searchLog = value;
-        return 0;
+        if (value) { /* 0 : does not change current searchLog */
+            CLAMPCHECK(value, ZSTD_SEARCHLOG_MIN, ZSTD_SEARCHLOG_MAX);
+            ZSTD_cLevelToCCtxParams(CCtxParams);
+            CCtxParams->cParams.searchLog = value;
+        }
+        return value;
 
     case ZSTD_p_minMatch :
-        if (value == 0) return 0;
-        CLAMPCHECK(value, ZSTD_SEARCHLENGTH_MIN, ZSTD_SEARCHLENGTH_MAX);
-        ZSTD_cLevelToCCtxParams(params);
-        params->cParams.searchLength = value;
-        return 0;
+        if (value) { /* 0 : does not change current minMatch length */
+            CLAMPCHECK(value, ZSTD_SEARCHLENGTH_MIN, ZSTD_SEARCHLENGTH_MAX);
+            ZSTD_cLevelToCCtxParams(CCtxParams);
+            CCtxParams->cParams.searchLength = value;
+        }
+        return CCtxParams->cParams.searchLength;
 
     case ZSTD_p_targetLength :
-        if (value == 0) return 0;
-        CLAMPCHECK(value, ZSTD_TARGETLENGTH_MIN, ZSTD_TARGETLENGTH_MAX);
-        ZSTD_cLevelToCCtxParams(params);
-        params->cParams.targetLength = value;
-        return 0;
+        if (value) { /* 0 : does not change current sufficient_len */
+            CLAMPCHECK(value, ZSTD_TARGETLENGTH_MIN, ZSTD_TARGETLENGTH_MAX);
+            ZSTD_cLevelToCCtxParams(CCtxParams);
+            CCtxParams->cParams.targetLength = value;
+        }
+        return CCtxParams->cParams.targetLength;
 
     case ZSTD_p_compressionStrategy :
-        if (value == 0) return 0;
-        CLAMPCHECK(value, (unsigned)ZSTD_fast, (unsigned)ZSTD_btultra);
-        ZSTD_cLevelToCCtxParams(params);
-        params->cParams.strategy = (ZSTD_strategy)value;
-        return 0;
+        if (value) { /* 0 : does not change currentstrategy */
+            CLAMPCHECK(value, (unsigned)ZSTD_fast, (unsigned)ZSTD_btultra);
+            ZSTD_cLevelToCCtxParams(CCtxParams);
+            CCtxParams->cParams.strategy = (ZSTD_strategy)value;
+        }
+        return (size_t)CCtxParams->cParams.strategy;
 
     case ZSTD_p_contentSizeFlag :
         /* Content size written in frame header _when known_ (default:1) */
-        DEBUGLOG(5, "set content size flag = %u", (value>0));
-        params->fParams.contentSizeFlag = value > 0;
-        return 0;
+        DEBUGLOG(4, "set content size flag = %u", (value>0));
+        CCtxParams->fParams.contentSizeFlag = value > 0;
+        return CCtxParams->fParams.contentSizeFlag;
 
     case ZSTD_p_checksumFlag :
         /* A 32-bits content checksum will be calculated and written at end of frame (default:0) */
-        params->fParams.checksumFlag = value > 0;
-        return 0;
+        CCtxParams->fParams.checksumFlag = value > 0;
+        return CCtxParams->fParams.checksumFlag;
 
     case ZSTD_p_dictIDFlag : /* When applicable, dictionary's dictID is provided in frame header (default:1) */
-        DEBUGLOG(5, "set dictIDFlag = %u", (value>0));
-        params->fParams.noDictIDFlag = (value == 0);
-        return 0;
+        DEBUGLOG(4, "set dictIDFlag = %u", (value>0));
+        CCtxParams->fParams.noDictIDFlag = (value == 0);
+        return !CCtxParams->fParams.noDictIDFlag;
 
     case ZSTD_p_forceMaxWindow :
-        params->forceWindow = value > 0;
-        return 0;
+        CCtxParams->forceWindow = (value > 0);
+        return CCtxParams->forceWindow;
 
     case ZSTD_p_nbThreads :
-        if (value == 0) return 0;
+        if (value == 0) return CCtxParams->nbThreads;
 #ifndef ZSTD_MULTITHREAD
         if (value > 1) return ERROR(parameter_unsupported);
-        return 0;
+        return 1;
 #else
-        return ZSTDMT_initializeCCtxParameters(params, value);
+        return ZSTDMT_CCtxParam_setNbThreads(CCtxParams, value);
 #endif
 
     case ZSTD_p_jobSize :
 #ifndef ZSTD_MULTITHREAD
         return ERROR(parameter_unsupported);
 #else
-        if (params->nbThreads <= 1) return ERROR(parameter_unsupported);
-        return ZSTDMT_CCtxParam_setMTCtxParameter(params, ZSTDMT_p_sectionSize, value);
+        if (CCtxParams->nbThreads <= 1) return ERROR(parameter_unsupported);
+        return ZSTDMT_CCtxParam_setMTCtxParameter(CCtxParams, ZSTDMT_p_jobSize, value);
 #endif
 
     case ZSTD_p_overlapSizeLog :
 #ifndef ZSTD_MULTITHREAD
         return ERROR(parameter_unsupported);
 #else
-        if (params->nbThreads <= 1) return ERROR(parameter_unsupported);
-        return ZSTDMT_CCtxParam_setMTCtxParameter(params, ZSTDMT_p_overlapSectionLog, value);
+        if (CCtxParams->nbThreads <= 1) return ERROR(parameter_unsupported);
+        return ZSTDMT_CCtxParam_setMTCtxParameter(CCtxParams, ZSTDMT_p_overlapSectionLog, value);
 #endif
 
     case ZSTD_p_enableLongDistanceMatching :
-        if (value != 0) {
-            ZSTD_cLevelToCCtxParams(params);
-            params->cParams.windowLog = ZSTD_LDM_DEFAULT_WINDOW_LOG;
+        if (value) {
+            ZSTD_cLevelToCCtxParams(CCtxParams);
+            CCtxParams->cParams.windowLog = ZSTD_LDM_DEFAULT_WINDOW_LOG;
         }
-        return ZSTD_ldm_initializeParameters(&params->ldmParams, value);
+        return ZSTD_ldm_initializeParameters(&CCtxParams->ldmParams, value);
 
     case ZSTD_p_ldmHashLog :
-        if (value == 0) return 0;
-        CLAMPCHECK(value, ZSTD_HASHLOG_MIN, ZSTD_HASHLOG_MAX);
-        params->ldmParams.hashLog = value;
-        return 0;
+        if (value) { /* 0 : does not change current ldmHashLog */
+            CLAMPCHECK(value, ZSTD_HASHLOG_MIN, ZSTD_HASHLOG_MAX);
+            CCtxParams->ldmParams.hashLog = value;
+        }
+        return CCtxParams->ldmParams.hashLog;
 
     case ZSTD_p_ldmMinMatch :
-        if (value == 0) return 0;
-        CLAMPCHECK(value, ZSTD_LDM_MINMATCH_MIN, ZSTD_LDM_MINMATCH_MAX);
-        params->ldmParams.minMatchLength = value;
-        return 0;
+        if (value) { /* 0 : does not change current ldmMinMatch */
+            CLAMPCHECK(value, ZSTD_LDM_MINMATCH_MIN, ZSTD_LDM_MINMATCH_MAX);
+            CCtxParams->ldmParams.minMatchLength = value;
+        }
+        return CCtxParams->ldmParams.minMatchLength;
 
     case ZSTD_p_ldmBucketSizeLog :
         if (value > ZSTD_LDM_BUCKETSIZELOG_MAX) {
             return ERROR(parameter_outOfBound);
         }
-        params->ldmParams.bucketSizeLog = value;
-        return 0;
+        CCtxParams->ldmParams.bucketSizeLog = value;
+        return value;
 
     case ZSTD_p_ldmHashEveryLog :
         if (value > ZSTD_WINDOWLOG_MAX - ZSTD_HASHLOG_MIN) {
             return ERROR(parameter_outOfBound);
         }
-        params->ldmParams.hashEveryLog = value;
-        return 0;
+        CCtxParams->ldmParams.hashEveryLog = value;
+        return value;
 
     default: return ERROR(parameter_unsupported);
     }
 }
 
-/**
- * This function should be updated whenever ZSTD_CCtx_params is updated.
- * Parameters are copied manually before the dictionary is loaded.
- * The multithreading parameters jobSize and overlapSizeLog are set only if
- * nbThreads > 1.
- *
- * Pledged srcSize is treated as unknown.
+/** ZSTD_CCtx_setParametersUsingCCtxParams() :
+ *  just applies `params` into `cctx`
+ *  no action is performed, parameters are merely stored.
  */
 size_t ZSTD_CCtx_setParametersUsingCCtxParams(
         ZSTD_CCtx* cctx, const ZSTD_CCtx_params* params)
@@ -485,33 +477,14 @@ size_t ZSTD_CCtx_setParametersUsingCCtxParams(
     if (cctx->streamStage != zcss_init) return ERROR(stage_wrong);
     if (cctx->cdict) return ERROR(stage_wrong);
 
-    /* Assume the compression and frame parameters are validated */
-    cctx->requestedParams.cParams = params->cParams;
-    cctx->requestedParams.fParams = params->fParams;
-    cctx->requestedParams.compressionLevel = params->compressionLevel;
-
-    /* Set force window explicitly since it sets cctx->loadedDictEnd */
-    CHECK_F( ZSTD_CCtx_setParameter(
-                   cctx, ZSTD_p_forceMaxWindow, params->forceWindow) );
-
-    /* Set multithreading parameters explicitly */
-    CHECK_F( ZSTD_CCtx_setParameter(cctx, ZSTD_p_nbThreads, params->nbThreads) );
-    if (params->nbThreads > 1) {
-        CHECK_F( ZSTD_CCtx_setParameter(cctx, ZSTD_p_jobSize, params->jobSize) );
-        CHECK_F( ZSTD_CCtx_setParameter(
-                    cctx, ZSTD_p_overlapSizeLog, params->overlapSizeLog) );
-    }
+    cctx->requestedParams = *params;
 
-    /* Copy long distance matching parameters */
-    cctx->requestedParams.ldmParams = params->ldmParams;
-
-    /* customMem is used only for create/free params and can be ignored */
     return 0;
 }
 
 ZSTDLIB_API size_t ZSTD_CCtx_setPledgedSrcSize(ZSTD_CCtx* cctx, unsigned long long pledgedSrcSize)
 {
-    DEBUGLOG(4, " setting pledgedSrcSize to %u", (U32)pledgedSrcSize);
+    DEBUGLOG(4, "ZSTD_CCtx_setPledgedSrcSize to %u bytes", (U32)pledgedSrcSize);
     if (cctx->streamStage != zcss_init) return ERROR(stage_wrong);
     cctx->pledgedSrcSizePlusOne = pledgedSrcSize+1;
     return 0;
@@ -523,14 +496,14 @@ size_t ZSTD_CCtx_loadDictionary_advanced(
 {
     if (cctx->streamStage != zcss_init) return ERROR(stage_wrong);
     if (cctx->staticSize) return ERROR(memory_allocation);  /* no malloc for static CCtx */
-    DEBUGLOG(4, "load dictionary of size %u", (U32)dictSize);
+    DEBUGLOG(4, "ZSTD_CCtx_loadDictionary_advanced (size: %u)", (U32)dictSize);
     ZSTD_freeCDict(cctx->cdictLocal);  /* in case one already exists */
     if (dict==NULL || dictSize==0) {   /* no dictionary mode */
         cctx->cdictLocal = NULL;
         cctx->cdict = NULL;
     } else {
         ZSTD_compressionParameters const cParams =
-                ZSTD_getCParamsFromCCtxParams(cctx->requestedParams, 0, dictSize);
+                ZSTD_getCParamsFromCCtxParams(cctx->requestedParams, cctx->pledgedSrcSizePlusOne-1, dictSize);
         cctx->cdictLocal = ZSTD_createCDict_advanced(
                                 dict, dictSize,
                                 dictLoadMethod, dictMode,
@@ -756,10 +729,7 @@ size_t ZSTD_estimateCStreamSize(int compressionLevel) {
 static U32 ZSTD_equivalentCParams(ZSTD_compressionParameters cParams1,
                                   ZSTD_compressionParameters cParams2)
 {
-    U32 bslog1 = MIN(cParams1.windowLog, ZSTD_BLOCKSIZELOG_MAX);
-    U32 bslog2 = MIN(cParams2.windowLog, ZSTD_BLOCKSIZELOG_MAX);
-    return (bslog1 == bslog2)   /* same block size */
-         & (cParams1.hashLog  == cParams2.hashLog)
+    return (cParams1.hashLog  == cParams2.hashLog)
          & (cParams1.chainLog == cParams2.chainLog)
          & (cParams1.strategy == cParams2.strategy)   /* opt parser space */
          & ((cParams1.searchLength==3) == (cParams2.searchLength==3));  /* hashlog3 space */
@@ -778,12 +748,38 @@ static U32 ZSTD_equivalentLdmParams(ldmParams_t ldmParams1,
             ldmParams1.hashEveryLog == ldmParams2.hashEveryLog);
 }
 
+typedef enum { ZSTDb_not_buffered, ZSTDb_buffered } ZSTD_buffered_policy_e;
+
+/* ZSTD_sufficientBuff() :
+ * check internal buffers exist for streaming if buffPol == ZSTDb_buffered .
+ * Note : they are assumed to be correctly sized if ZSTD_equivalentCParams()==1 */
+static U32 ZSTD_sufficientBuff(size_t bufferSize1, size_t blockSize1,
+                            ZSTD_buffered_policy_e buffPol2,
+                            ZSTD_compressionParameters cParams2,
+                            U64 pledgedSrcSize)
+{
+    size_t const windowSize2 = MAX(1, (size_t)MIN(((U64)1 << cParams2.windowLog), pledgedSrcSize));
+    size_t const blockSize2 = MIN(ZSTD_BLOCKSIZE_MAX, windowSize2);
+    size_t const neededBufferSize2 = (buffPol2==ZSTDb_buffered) ? windowSize2 + blockSize2 : 0;
+    DEBUGLOG(4, "ZSTD_sufficientBuff: windowSize2=%u from wlog=%u",
+                (U32)windowSize2, cParams2.windowLog);
+    DEBUGLOG(4, "ZSTD_sufficientBuff: blockSize2 %u <=? blockSize1 %u",
+                (U32)blockSize2, (U32)blockSize1);
+    return (blockSize2 <= blockSize1) /* seqStore space depends on blockSize */
+         & (neededBufferSize2 <= bufferSize1);
+}
+
 /** Equivalence for resetCCtx purposes */
 static U32 ZSTD_equivalentParams(ZSTD_CCtx_params params1,
-                                 ZSTD_CCtx_params params2)
+                                 ZSTD_CCtx_params params2,
+                                 size_t buffSize1, size_t blockSize1,
+                                 ZSTD_buffered_policy_e buffPol2,
+                                 U64 pledgedSrcSize)
 {
+    DEBUGLOG(4, "ZSTD_equivalentParams: pledgedSrcSize=%u", (U32)pledgedSrcSize);
     return ZSTD_equivalentCParams(params1.cParams, params2.cParams) &&
-           ZSTD_equivalentLdmParams(params1.ldmParams, params2.ldmParams);
+           ZSTD_equivalentLdmParams(params1.ldmParams, params2.ldmParams) &&
+           ZSTD_sufficientBuff(buffSize1, blockSize1, buffPol2, params2.cParams, pledgedSrcSize);
 }
 
 /*! ZSTD_continueCCtx() :
@@ -791,7 +787,11 @@ static U32 ZSTD_equivalentParams(ZSTD_CCtx_params params1,
 static size_t ZSTD_continueCCtx(ZSTD_CCtx* cctx, ZSTD_CCtx_params params, U64 pledgedSrcSize)
 {
     U32 const end = (U32)(cctx->nextSrc - cctx->base);
-    DEBUGLOG(4, "continue mode");
+    size_t const windowSize = MAX(1, (size_t)MIN(((U64)1 << params.cParams.windowLog), pledgedSrcSize));
+    size_t const blockSize = MIN(ZSTD_BLOCKSIZE_MAX, windowSize);
+    DEBUGLOG(4, "ZSTD_continueCCtx");
+
+    cctx->blockSize = blockSize;   /* previous block size could be different even for same windowLog, due to pledgedSrcSize */
     cctx->appliedParams = params;
     cctx->pledgedSrcSizePlusOne = pledgedSrcSize+1;
     cctx->consumedSrcSize = 0;
@@ -812,7 +812,6 @@ static size_t ZSTD_continueCCtx(ZSTD_CCtx* cctx, ZSTD_CCtx_params params, U64 pl
 }
 
 typedef enum { ZSTDcrp_continue, ZSTDcrp_noMemset } ZSTD_compResetPolicy_e;
-typedef enum { ZSTDb_not_buffered, ZSTDb_buffered } ZSTD_buffered_policy_e;
 
 /*! ZSTD_resetCCtx_internal() :
     note : `params` are assumed fully validated at this stage */
@@ -821,13 +820,16 @@ static size_t ZSTD_resetCCtx_internal(ZSTD_CCtx* zc,
                                       ZSTD_compResetPolicy_e const crp,
                                       ZSTD_buffered_policy_e const zbuff)
 {
-    DEBUGLOG(4, "ZSTD_resetCCtx_internal");
+    DEBUGLOG(4, "ZSTD_resetCCtx_internal: pledgedSrcSize=%u, wlog=%u",
+                (U32)pledgedSrcSize, params.cParams.windowLog);
     assert(!ZSTD_isError(ZSTD_checkCParams(params.cParams)));
-    DEBUGLOG(4, "pledgedSrcSize: %u", (U32)pledgedSrcSize);
 
     if (crp == ZSTDcrp_continue) {
-        if (ZSTD_equivalentParams(params, zc->appliedParams)) {
-            DEBUGLOG(4, "ZSTD_equivalentParams()==1");
+        if (ZSTD_equivalentParams(zc->appliedParams, params,
+                                zc->inBuffSize, zc->blockSize,
+                                zbuff, pledgedSrcSize)) {
+            DEBUGLOG(4, "ZSTD_equivalentParams()==1 -> continue mode (wLog1=%u, blockSize1=%u)",
+                        zc->appliedParams.cParams.windowLog, (U32)zc->blockSize);
             assert(!(params.ldmParams.enableLdm &&
                      params.ldmParams.hashEveryLog == ZSTD_LDM_HASHEVERYLOG_NOTSET));
             zc->entropy->hufCTable_repeatMode = HUF_repeat_none;
@@ -836,6 +838,7 @@ static size_t ZSTD_resetCCtx_internal(ZSTD_CCtx* zc,
             zc->entropy->litlength_repeatMode = FSE_repeat_none;
             return ZSTD_continueCCtx(zc, params, pledgedSrcSize);
     }   }
+    DEBUGLOG(4, "ZSTD_equivalentParams()==0 -> reset CCtx");
 
     if (params.ldmParams.enableLdm) {
         /* Adjust long distance matching parameters */
@@ -846,7 +849,8 @@ static size_t ZSTD_resetCCtx_internal(ZSTD_CCtx* zc,
                 ZSTD_ldm_getHashPower(params.ldmParams.minMatchLength);
     }
 
-    {   size_t const blockSize = MIN(ZSTD_BLOCKSIZE_MAX, (size_t)1 << params.cParams.windowLog);
+    {   size_t const windowSize = MAX(1, (size_t)MIN(((U64)1 << params.cParams.windowLog), pledgedSrcSize));
+        size_t const blockSize = MIN(ZSTD_BLOCKSIZE_MAX, windowSize);
         U32    const divider = (params.cParams.searchLength==3) ? 3 : 4;
         size_t const maxNbSeq = blockSize / divider;
         size_t const tokenSpace = blockSize + 11*maxNbSeq;
@@ -858,7 +862,7 @@ static size_t ZSTD_resetCCtx_internal(ZSTD_CCtx* zc,
         size_t const h3Size = ((size_t)1) << hashLog3;
         size_t const tableSpace = (chainSize + hSize + h3Size) * sizeof(U32);
         size_t const buffOutSize = (zbuff==ZSTDb_buffered) ? ZSTD_compressBound(blockSize)+1 : 0;
-        size_t const buffInSize = (zbuff==ZSTDb_buffered) ? ((size_t)1 << params.cParams.windowLog) + blockSize : 0;
+        size_t const buffInSize = (zbuff==ZSTDb_buffered) ? windowSize + blockSize : 0;
         void* ptr;
 
         /* Check if workSpace is large enough, alloc a new one if needed */
@@ -874,11 +878,15 @@ static size_t ZSTD_resetCCtx_internal(ZSTD_CCtx* zc,
                 : 0;
             size_t const neededSpace = entropySpace + optSpace + ldmSpace +
                                        tableSpace + tokenSpace + bufferSpace;
+            DEBUGLOG(4, "Need %uKB workspace, including %uKB for tables, and %uKB for buffers",
+                        (U32)(neededSpace>>10), (U32)(tableSpace>>10), (U32)(bufferSpace>>10));
+            DEBUGLOG(4, "chainSize: %u - hSize: %u - h3Size: %u - windowSize: %u - blockSize: %u",
+                        (U32)chainSize, (U32)hSize, (U32)h3Size, (U32)windowSize, (U32)blockSize);
 
             if (zc->workSpaceSize < neededSpace) {  /* too small : resize */
-                DEBUGLOG(5, "Need to update workSpaceSize from %uK to %uK \n",
-                            (unsigned)zc->workSpaceSize>>10,
-                            (unsigned)neededSpace>>10);
+                DEBUGLOG(4, "Need to update workSpaceSize from %uK to %uK",
+                            (unsigned)(zc->workSpaceSize>>10),
+                            (unsigned)(neededSpace>>10));
                 /* static cctx : no resize, error out */
                 if (zc->staticSize) return ERROR(memory_allocation);
 
@@ -901,7 +909,7 @@ static size_t ZSTD_resetCCtx_internal(ZSTD_CCtx* zc,
         zc->consumedSrcSize = 0;
         if (pledgedSrcSize == ZSTD_CONTENTSIZE_UNKNOWN)
             zc->appliedParams.fParams.contentSizeFlag = 0;
-        DEBUGLOG(5, "pledged content size : %u ; flag : %u",
+        DEBUGLOG(4, "pledged content size : %u ; flag : %u",
             (U32)pledgedSrcSize, zc->appliedParams.fParams.contentSizeFlag);
         zc->blockSize = blockSize;
 
@@ -927,7 +935,7 @@ static size_t ZSTD_resetCCtx_internal(ZSTD_CCtx* zc,
 
         /* opt parser space */
         if ((params.cParams.strategy == ZSTD_btopt) || (params.cParams.strategy == ZSTD_btultra)) {
-            DEBUGLOG(5, "reserving optimal parser space");
+            DEBUGLOG(4, "reserving optimal parser space");
             assert(((size_t)ptr & 3) == 0);  /* ensure ptr is properly aligned */
             zc->optState.litFreq = (U32*)ptr;
             zc->optState.litLengthFreq = zc->optState.litFreq + (1<<Litbits);
@@ -951,6 +959,7 @@ static size_t ZSTD_resetCCtx_internal(ZSTD_CCtx* zc,
         }
 
         /* table Space */
+        DEBUGLOG(4, "reset table : %u", crp!=ZSTDcrp_noMemset);
         if (crp!=ZSTDcrp_noMemset) memset(ptr, 0, tableSpace);   /* reset tables only */
         assert(((size_t)ptr & 3) == 0);  /* ensure ptr is properly aligned */
         zc->hashTable = (U32*)(ptr);
@@ -999,15 +1008,16 @@ void ZSTD_invalidateRepCodes(ZSTD_CCtx* cctx) {
 
 /*! ZSTD_copyCCtx_internal() :
  *  Duplicate an existing context `srcCCtx` into another one `dstCCtx`.
- *  The "context", in this case, refers to the hash and chain tables, entropy
- *  tables, and dictionary offsets.
  *  Only works during stage ZSTDcs_init (i.e. after creation, but before first call to ZSTD_compressContinue()).
- *  pledgedSrcSize=0 means "empty" if fParams.contentSizeFlag=1
- *  @return : 0, or an error code */
+ *  The "context", in this case, refers to the hash and chain tables,
+ *  entropy tables, and dictionary references.
+ * `windowLog` value is enforced if != 0, otherwise value is copied from srcCCtx.
+ * @return : 0, or an error code */
 static size_t ZSTD_copyCCtx_internal(ZSTD_CCtx* dstCCtx,
                             const ZSTD_CCtx* srcCCtx,
+                            unsigned windowLog,
                             ZSTD_frameParameters fParams,
-                            unsigned long long pledgedSrcSize,
+                            U64 pledgedSrcSize,
                             ZSTD_buffered_policy_e zbuff)
 {
     DEBUGLOG(5, "ZSTD_copyCCtx_internal");
@@ -1017,6 +1027,7 @@ static size_t ZSTD_copyCCtx_internal(ZSTD_CCtx* dstCCtx,
     {   ZSTD_CCtx_params params = dstCCtx->requestedParams;
         /* Copy only compression parameters related to tables. */
         params.cParams = srcCCtx->appliedParams.cParams;
+        if (windowLog) params.cParams.windowLog = windowLog;
         params.fParams = fParams;
         ZSTD_resetCCtx_internal(dstCCtx, params, pledgedSrcSize,
                                 ZSTDcrp_noMemset, zbuff);
@@ -1045,6 +1056,12 @@ static size_t ZSTD_copyCCtx_internal(ZSTD_CCtx* dstCCtx,
 
     /* copy entropy tables */
     memcpy(dstCCtx->entropy, srcCCtx->entropy, sizeof(ZSTD_entropyCTables_t));
+    /* copy repcodes */
+    {
+        int i;
+        for (i = 0; i < ZSTD_REP_NUM; ++i)
+            dstCCtx->seqStore.rep[i] = srcCCtx->seqStore.rep[i];
+    }
 
     return 0;
 }
@@ -1059,9 +1076,12 @@ size_t ZSTD_copyCCtx(ZSTD_CCtx* dstCCtx, const ZSTD_CCtx* srcCCtx, unsigned long
     ZSTD_frameParameters fParams = { 1 /*content*/, 0 /*checksum*/, 0 /*noDictID*/ };
     ZSTD_buffered_policy_e const zbuff = (ZSTD_buffered_policy_e)(srcCCtx->inBuffSize>0);
     ZSTD_STATIC_ASSERT((U32)ZSTDb_buffered==1);
-    fParams.contentSizeFlag = pledgedSrcSize>0;
+    if (pledgedSrcSize==0) pledgedSrcSize = ZSTD_CONTENTSIZE_UNKNOWN;
+    fParams.contentSizeFlag = (pledgedSrcSize != ZSTD_CONTENTSIZE_UNKNOWN);
 
-    return ZSTD_copyCCtx_internal(dstCCtx, srcCCtx, fParams, pledgedSrcSize, zbuff);
+    return ZSTD_copyCCtx_internal(dstCCtx, srcCCtx,
+                                0 /*windowLog from srcCCtx*/, fParams, pledgedSrcSize,
+                                zbuff);
 }
 
 
@@ -1238,7 +1258,7 @@ static size_t ZSTD_compressLiterals (ZSTD_entropyCTables_t * entropy,
             ostart[4] = (BYTE)(cLitSize >> 10);
             break;
         }
-    default:   /* not possible : lhSize is {3,4,5} */
+    default:  /* not possible : lhSize is {3,4,5} */
         assert(0);
     }
     return lhSize+cLitSize;
@@ -1247,8 +1267,6 @@ static size_t ZSTD_compressLiterals (ZSTD_entropyCTables_t * entropy,
 
 void ZSTD_seqToCodes(const seqStore_t* seqStorePtr)
 {
-    BYTE const LL_deltaCode = 19;
-    BYTE const ML_deltaCode = 36;
     const seqDef* const sequences = seqStorePtr->sequencesStart;
     BYTE* const llCodeTable = seqStorePtr->llCode;
     BYTE* const ofCodeTable = seqStorePtr->ofCode;
@@ -1258,9 +1276,9 @@ void ZSTD_seqToCodes(const seqStore_t* seqStorePtr)
     for (u=0; u<nbSeq; u++) {
         U32 const llv = sequences[u].litLength;
         U32 const mlv = sequences[u].matchLength;
-        llCodeTable[u] = (llv> 63) ? (BYTE)ZSTD_highbit32(llv) + LL_deltaCode : LL_Code[llv];
+        llCodeTable[u] = (BYTE)ZSTD_LLcode(llv);
         ofCodeTable[u] = (BYTE)ZSTD_highbit32(sequences[u].offset);
-        mlCodeTable[u] = (mlv>127) ? (BYTE)ZSTD_highbit32(mlv) + ML_deltaCode : ML_Code[mlv];
+        mlCodeTable[u] = (BYTE)ZSTD_MLcode(mlv);
     }
     if (seqStorePtr->longLengthID==1)
         llCodeTable[seqStorePtr->longLengthPos] = MaxLL;
@@ -1273,7 +1291,8 @@ typedef enum {
     ZSTD_defaultAllowed = 1
 } ZSTD_defaultPolicy_e;
 
-MEM_STATIC symbolEncodingType_e ZSTD_selectEncodingType(
+MEM_STATIC
+symbolEncodingType_e ZSTD_selectEncodingType(
         FSE_repeat* repeatMode, size_t const mostFrequent, size_t nbSeq,
         U32 defaultNormLog, ZSTD_defaultPolicy_e const isDefaultAllowed)
 {
@@ -1281,6 +1300,7 @@ MEM_STATIC symbolEncodingType_e ZSTD_selectEncodingType(
 #define MAX_SEQ_FOR_STATIC_FSE  1000
     ZSTD_STATIC_ASSERT(ZSTD_defaultDisallowed == 0 && ZSTD_defaultAllowed != 0);
     if ((mostFrequent == nbSeq) && (!isDefaultAllowed || nbSeq > 2)) {
+        DEBUGLOG(5, "Selected set_rle");
         /* Prefer set_basic over set_rle when there are 2 or less symbols,
          * since RLE uses 1 byte, but set_basic uses 5-6 bits per symbol.
          * If basic encoding isn't possible, always choose RLE.
@@ -1288,18 +1308,30 @@ MEM_STATIC symbolEncodingType_e ZSTD_selectEncodingType(
         *repeatMode = FSE_repeat_check;
         return set_rle;
     }
-    if (isDefaultAllowed && (*repeatMode == FSE_repeat_valid) && (nbSeq < MAX_SEQ_FOR_STATIC_FSE)) {
+    if ( isDefaultAllowed
+      && (*repeatMode == FSE_repeat_valid) && (nbSeq < MAX_SEQ_FOR_STATIC_FSE)) {
+        DEBUGLOG(5, "Selected set_repeat");
         return set_repeat;
     }
-    if (isDefaultAllowed && ((nbSeq < MIN_SEQ_FOR_DYNAMIC_FSE) || (mostFrequent < (nbSeq >> (defaultNormLog-1))))) {
-        *repeatMode = FSE_repeat_valid;
+    if ( isDefaultAllowed
+      && ((nbSeq < MIN_SEQ_FOR_DYNAMIC_FSE) || (mostFrequent < (nbSeq >> (defaultNormLog-1)))) ) {
+        DEBUGLOG(5, "Selected set_basic");
+        /* The format allows default tables to be repeated, but it isn't useful.
+         * When using simple heuristics to select encoding type, we don't want
+         * to confuse these tables with dictionaries. When running more careful
+         * analysis, we don't need to waste time checking both repeating tables
+         * and default tables.
+         */
+        *repeatMode = FSE_repeat_none;
         return set_basic;
     }
+    DEBUGLOG(5, "Selected set_compressed");
     *repeatMode = FSE_repeat_check;
     return set_compressed;
 }
 
-MEM_STATIC size_t ZSTD_buildCTable(void* dst, size_t dstCapacity,
+MEM_STATIC
+size_t ZSTD_buildCTable(void* dst, size_t dstCapacity,
         FSE_CTable* CTable, U32 FSELog, symbolEncodingType_e type,
         U32* count, U32 max,
         BYTE const* codeTable, size_t nbSeq,
@@ -1317,7 +1349,7 @@ MEM_STATIC size_t ZSTD_buildCTable(void* dst, size_t dstCapacity,
     case set_repeat:
         return 0;
     case set_basic:
-        CHECK_F(FSE_buildCTable_wksp(CTable, defaultNorm, defaultMax, defaultNormLog, workspace, workspaceSize));
+        CHECK_F(FSE_buildCTable_wksp(CTable, defaultNorm, defaultMax, defaultNormLog, workspace, workspaceSize));  /* note : could be pre-calculated */
         return 0;
     case set_compressed: {
         S16 norm[MaxSeq + 1];
@@ -1339,11 +1371,13 @@ MEM_STATIC size_t ZSTD_buildCTable(void* dst, size_t dstCapacity,
     }
 }
 
-MEM_STATIC size_t ZSTD_encodeSequences(void* dst, size_t dstCapacity,
-    FSE_CTable const* CTable_MatchLength, BYTE const* mlCodeTable,
-    FSE_CTable const* CTable_OffsetBits, BYTE const* ofCodeTable,
-    FSE_CTable const* CTable_LitLength, BYTE const* llCodeTable,
-    seqDef const* sequences, size_t nbSeq, int longOffsets)
+MEM_STATIC
+size_t ZSTD_encodeSequences(
+            void* dst, size_t dstCapacity,
+            FSE_CTable const* CTable_MatchLength, BYTE const* mlCodeTable,
+            FSE_CTable const* CTable_OffsetBits, BYTE const* ofCodeTable,
+            FSE_CTable const* CTable_LitLength, BYTE const* llCodeTable,
+            seqDef const* sequences, size_t nbSeq, int longOffsets)
 {
     BIT_CStream_t blockStream;
     FSE_CState_t  stateMatchLength;
@@ -1380,8 +1414,12 @@ MEM_STATIC size_t ZSTD_encodeSequences(void* dst, size_t dstCapacity,
             BYTE const ofCode = ofCodeTable[n];
             BYTE const mlCode = mlCodeTable[n];
             U32  const llBits = LL_bits[llCode];
-            U32  const ofBits = ofCode;                                     /* 32b*/  /* 64b*/
+            U32  const ofBits = ofCode;
             U32  const mlBits = ML_bits[mlCode];
+            DEBUGLOG(6, "encoding: litlen:%2u - matchlen:%2u - offCode:%7u",
+                        sequences[n].litLength,
+                        sequences[n].matchLength + MINMATCH,
+                        sequences[n].offset);                               /* 32b*/  /* 64b*/
                                                                             /* (7)*/  /* (7)*/
             FSE_encodeSymbol(&blockStream, &stateOffsetBits, ofCode);       /* 15 */  /* 15 */
             FSE_encodeSymbol(&blockStream, &stateMatchLength, mlCode);      /* 24 */  /* 24 */
@@ -1447,14 +1485,18 @@ MEM_STATIC size_t ZSTD_compressSequences_internal(seqStore_t* seqStorePtr,
                 entropy, cParams->strategy, op, dstCapacity, literals, litSize);
         if (ZSTD_isError(cSize))
           return cSize;
+        assert(cSize <= dstCapacity);
         op += cSize;
     }
 
     /* Sequences Header */
-    if ((oend-op) < 3 /*max nbSeq Size*/ + 1 /*seqHead */) return ERROR(dstSize_tooSmall);
-    if (nbSeq < 0x7F) *op++ = (BYTE)nbSeq;
-    else if (nbSeq < LONGNBSEQ) op[0] = (BYTE)((nbSeq>>8) + 0x80), op[1] = (BYTE)nbSeq, op+=2;
-    else op[0]=0xFF, MEM_writeLE16(op+1, (U16)(nbSeq - LONGNBSEQ)), op+=3;
+    if ((oend-op) < 3 /*max nbSeq Size*/ + 1 /*seqHead*/) return ERROR(dstSize_tooSmall);
+    if (nbSeq < 0x7F)
+        *op++ = (BYTE)nbSeq;
+    else if (nbSeq < LONGNBSEQ)
+        op[0] = (BYTE)((nbSeq>>8) + 0x80), op[1] = (BYTE)nbSeq, op+=2;
+    else
+        op[0]=0xFF, MEM_writeLE16(op+1, (U16)(nbSeq - LONGNBSEQ)), op+=3;
     if (nbSeq==0) return op - ostart;
 
     /* seqHead : flags for FSE encoding type */
@@ -1462,9 +1504,10 @@ MEM_STATIC size_t ZSTD_compressSequences_internal(seqStore_t* seqStorePtr,
 
     /* convert length/distances into codes */
     ZSTD_seqToCodes(seqStorePtr);
-    /* CTable for Literal Lengths */
+    /* build CTable for Literal Lengths */
     {   U32 max = MaxLL;
         size_t const mostFrequent = FSE_countFast_wksp(count, &max, llCodeTable, nbSeq, entropy->workspace);
+        DEBUGLOG(5, "Building LL table");
         LLtype = ZSTD_selectEncodingType(&entropy->litlength_repeatMode, mostFrequent, nbSeq, LL_defaultNormLog, ZSTD_defaultAllowed);
         {   size_t const countSize = ZSTD_buildCTable(op, oend - op, CTable_LitLength, LLFSELog, (symbolEncodingType_e)LLtype,
                     count, max, llCodeTable, nbSeq, LL_defaultNorm, LL_defaultNormLog, MaxLL,
@@ -1472,11 +1515,12 @@ MEM_STATIC size_t ZSTD_compressSequences_internal(seqStore_t* seqStorePtr,
             if (ZSTD_isError(countSize)) return countSize;
             op += countSize;
     }   }
-    /* CTable for Offsets */
+    /* build CTable for Offsets */
     {   U32 max = MaxOff;
         size_t const mostFrequent = FSE_countFast_wksp(count, &max, ofCodeTable, nbSeq, entropy->workspace);
         /* We can only use the basic table if max <= DefaultMaxOff, otherwise the offsets are too large */
-        ZSTD_defaultPolicy_e const defaultPolicy = max <= DefaultMaxOff ? ZSTD_defaultAllowed : ZSTD_defaultDisallowed;
+        ZSTD_defaultPolicy_e const defaultPolicy = (max <= DefaultMaxOff) ? ZSTD_defaultAllowed : ZSTD_defaultDisallowed;
+        DEBUGLOG(5, "Building OF table");
         Offtype = ZSTD_selectEncodingType(&entropy->offcode_repeatMode, mostFrequent, nbSeq, OF_defaultNormLog, defaultPolicy);
         {   size_t const countSize = ZSTD_buildCTable(op, oend - op, CTable_OffsetBits, OffFSELog, (symbolEncodingType_e)Offtype,
                     count, max, ofCodeTable, nbSeq, OF_defaultNorm, OF_defaultNormLog, DefaultMaxOff,
@@ -1484,9 +1528,10 @@ MEM_STATIC size_t ZSTD_compressSequences_internal(seqStore_t* seqStorePtr,
             if (ZSTD_isError(countSize)) return countSize;
             op += countSize;
     }   }
-    /* CTable for MatchLengths */
+    /* build CTable for MatchLengths */
     {   U32 max = MaxML;
         size_t const mostFrequent = FSE_countFast_wksp(count, &max, mlCodeTable, nbSeq, entropy->workspace);
+        DEBUGLOG(5, "Building ML table");
         MLtype = ZSTD_selectEncodingType(&entropy->matchlength_repeatMode, mostFrequent, nbSeq, ML_defaultNormLog, ZSTD_defaultAllowed);
         {   size_t const countSize = ZSTD_buildCTable(op, oend - op, CTable_MatchLength, MLFSELog, (symbolEncodingType_e)MLtype,
                     count, max, mlCodeTable, nbSeq, ML_defaultNorm, ML_defaultNormLog, MaxML,
@@ -1497,13 +1542,15 @@ MEM_STATIC size_t ZSTD_compressSequences_internal(seqStore_t* seqStorePtr,
 
     *seqHead = (BYTE)((LLtype<<6) + (Offtype<<4) + (MLtype<<2));
 
-    {   size_t const streamSize = ZSTD_encodeSequences(op, oend - op,
-                CTable_MatchLength, mlCodeTable,
-                CTable_OffsetBits, ofCodeTable,
-                CTable_LitLength, llCodeTable,
-                sequences, nbSeq, longOffsets);
-        if (ZSTD_isError(streamSize)) return streamSize;
-        op += streamSize;
+    {   size_t const bitstreamSize = ZSTD_encodeSequences(
+                                        op, oend - op,
+                                        CTable_MatchLength, mlCodeTable,
+                                        CTable_OffsetBits, ofCodeTable,
+                                        CTable_LitLength, llCodeTable,
+                                        sequences, nbSeq,
+                                        longOffsets);
+        if (ZSTD_isError(bitstreamSize)) return bitstreamSize;
+        op += bitstreamSize;
     }
 
     return op - ostart;
@@ -1517,27 +1564,33 @@ MEM_STATIC size_t ZSTD_compressSequences(seqStore_t* seqStorePtr,
 {
     size_t const cSize = ZSTD_compressSequences_internal(seqStorePtr, entropy, cParams,
                                                          dst, dstCapacity);
-    size_t const minGain = ZSTD_minGain(srcSize);
-    size_t const maxCSize = srcSize - minGain;
     /* If the srcSize <= dstCapacity, then there is enough space to write a
      * raw uncompressed block. Since we ran out of space, the block must not
      * be compressible, so fall back to a raw uncompressed block.
      */
-    int const uncompressibleError = cSize == ERROR(dstSize_tooSmall) && srcSize <= dstCapacity;
-
+    int const uncompressibleError = (cSize == ERROR(dstSize_tooSmall)) && (srcSize <= dstCapacity);
     if (ZSTD_isError(cSize) && !uncompressibleError)
         return cSize;
+    /* We check that dictionaries have offset codes available for the first
+     * block. After the first block, the offcode table might not have large
+     * enough codes to represent the offsets in the data.
+     */
+    if (entropy->offcode_repeatMode == FSE_repeat_valid)
+        entropy->offcode_repeatMode = FSE_repeat_check;
+
     /* Check compressibility */
-    if (cSize >= maxCSize || uncompressibleError) {
-        entropy->hufCTable_repeatMode = HUF_repeat_none;
-        entropy->offcode_repeatMode = FSE_repeat_none;
-        entropy->matchlength_repeatMode = FSE_repeat_none;
-        entropy->litlength_repeatMode = FSE_repeat_none;
-        return 0;
-    }
+    {   size_t const minGain = ZSTD_minGain(srcSize);  /* note : fixed formula, maybe should depend on compression level, or strategy */
+        size_t const maxCSize = srcSize - minGain;
+        if (cSize >= maxCSize || uncompressibleError) {
+            entropy->hufCTable_repeatMode = HUF_repeat_none;
+            entropy->offcode_repeatMode = FSE_repeat_none;
+            entropy->matchlength_repeatMode = FSE_repeat_none;
+            entropy->litlength_repeatMode = FSE_repeat_none;
+            return 0;  /* block not compressed */
+    }   }
     assert(!ZSTD_isError(cSize));
 
-    /* confirm repcodes */
+    /* block is compressed => confirm repcodes in history */
     { int i; for (i=0; i<ZSTD_REP_NUM; i++) seqStorePtr->rep[i] = seqStorePtr->repToConfirm[i]; }
     return cSize;
 }
@@ -1559,9 +1612,9 @@ ZSTD_blockCompressor ZSTD_selectBlockCompressor(ZSTD_strategy strat, int extDict
           ZSTD_compressBlock_btopt_extDict, ZSTD_compressBlock_btultra_extDict }
     };
     ZSTD_STATIC_ASSERT((unsigned)ZSTD_fast == 1);
+
     assert((U32)strat >= (U32)ZSTD_fast);
     assert((U32)strat <= (U32)ZSTD_btultra);
-
     return blockCompressor[extDict!=0][(U32)strat];
 }
 
@@ -1572,30 +1625,38 @@ static void ZSTD_storeLastLiterals(seqStore_t* seqStorePtr,
     seqStorePtr->lit += lastLLSize;
 }
 
+static void ZSTD_resetSeqStore(seqStore_t* ssPtr)
+{
+    ssPtr->lit = ssPtr->litStart;
+    ssPtr->sequences = ssPtr->sequencesStart;
+    ssPtr->longLengthID = 0;
+}
+
 static size_t ZSTD_compressBlock_internal(ZSTD_CCtx* zc, void* dst, size_t dstCapacity, const void* src, size_t srcSize)
 {
-    const BYTE* const base = zc->base;
-    const BYTE* const istart = (const BYTE*)src;
-    const U32 current = (U32)(istart-base);
-    size_t lastLLSize;
-    const BYTE* anchor;
-    U32 const extDict = zc->lowLimit < zc->dictLimit;
-    const ZSTD_blockCompressor blockCompressor =
-        zc->appliedParams.ldmParams.enableLdm
-            ? (extDict ? ZSTD_compressBlock_ldm_extDict : ZSTD_compressBlock_ldm)
-            : ZSTD_selectBlockCompressor(zc->appliedParams.cParams.strategy, extDict);
-
-    if (srcSize < MIN_CBLOCK_SIZE+ZSTD_blockHeaderSize+1) return 0;   /* don't even attempt compression below a certain srcSize */
+    DEBUGLOG(5, "ZSTD_compressBlock_internal : dstCapacity = %u", (U32)dstCapacity);
+    if (srcSize < MIN_CBLOCK_SIZE+ZSTD_blockHeaderSize+1)
+        return 0;   /* don't even attempt compression below a certain srcSize */
     ZSTD_resetSeqStore(&(zc->seqStore));
-    if (current > zc->nextToUpdate + 384)
-        zc->nextToUpdate = current - MIN(192, (U32)(current - zc->nextToUpdate - 384));   /* limited update after finding a very long match */
-
-    lastLLSize = blockCompressor(zc, src, srcSize);
-
-    /* Last literals */
-    anchor = (const BYTE*)src + srcSize - lastLLSize;
-    ZSTD_storeLastLiterals(&zc->seqStore, anchor, lastLLSize);
 
+    /* limited update after a very long match */
+    {   const BYTE* const base = zc->base;
+        const BYTE* const istart = (const BYTE*)src;
+        const U32 current = (U32)(istart-base);
+        if (current > zc->nextToUpdate + 384)
+            zc->nextToUpdate = current - MIN(192, (U32)(current - zc->nextToUpdate - 384));
+    }
+    /* find and store sequences */
+    {   U32 const extDict = zc->lowLimit < zc->dictLimit;
+        const ZSTD_blockCompressor blockCompressor =
+            zc->appliedParams.ldmParams.enableLdm
+                ? (extDict ? ZSTD_compressBlock_ldm_extDict : ZSTD_compressBlock_ldm)
+                : ZSTD_selectBlockCompressor(zc->appliedParams.cParams.strategy, extDict);
+        size_t const lastLLSize = blockCompressor(zc, src, srcSize);
+        const BYTE* const anchor = (const BYTE*)src + srcSize - lastLLSize;
+        ZSTD_storeLastLiterals(&zc->seqStore, anchor, lastLLSize);
+    }
+    /* encode */
     return ZSTD_compressSequences(&zc->seqStore, zc->entropy, &zc->appliedParams.cParams, dst, dstCapacity, srcSize);
 }
 
@@ -1618,13 +1679,14 @@ static size_t ZSTD_compress_frameChunk (ZSTD_CCtx* cctx,
     BYTE* const ostart = (BYTE*)dst;
     BYTE* op = ostart;
     U32 const maxDist = (U32)1 << cctx->appliedParams.cParams.windowLog;
+    assert(cctx->appliedParams.cParams.windowLog <= 31);
 
+    DEBUGLOG(5, "ZSTD_compress_frameChunk (blockSize=%u)", (U32)blockSize);
     if (cctx->appliedParams.fParams.checksumFlag && srcSize)
         XXH64_update(&cctx->xxhState, src, srcSize);
 
     while (remaining) {
         U32 const lastBlock = lastFrameChunk & (blockSize >= remaining);
-        size_t cSize;
 
         if (dstCapacity < ZSTD_blockHeaderSize + MIN_CBLOCK_SIZE)
             return ERROR(dstSize_tooSmall);   /* not enough space to store compressed block */
@@ -1666,34 +1728,39 @@ static size_t ZSTD_compress_frameChunk (ZSTD_CCtx* cctx,
             else cctx->nextToUpdate -= correction;
             DEBUGLOG(4, "Correction of 0x%x bytes to lowLimit=0x%x\n", correction, cctx->lowLimit);
         }
-
+        /* enforce maxDist */
         if ((U32)(ip+blockSize - cctx->base) > cctx->loadedDictEnd + maxDist) {
-            /* enforce maxDist */
             U32 const newLowLimit = (U32)(ip+blockSize - cctx->base) - maxDist;
             if (cctx->lowLimit < newLowLimit) cctx->lowLimit = newLowLimit;
             if (cctx->dictLimit < cctx->lowLimit) cctx->dictLimit = cctx->lowLimit;
         }
 
-        cSize = ZSTD_compressBlock_internal(cctx, op+ZSTD_blockHeaderSize, dstCapacity-ZSTD_blockHeaderSize, ip, blockSize);
-        if (ZSTD_isError(cSize)) return cSize;
-
-        if (cSize == 0) {  /* block is not compressible */
-            U32 const cBlockHeader24 = lastBlock + (((U32)bt_raw)<<1) + (U32)(blockSize << 3);
-            if (blockSize + ZSTD_blockHeaderSize > dstCapacity) return ERROR(dstSize_tooSmall);
-            MEM_writeLE32(op, cBlockHeader24);   /* no pb, 4th byte will be overwritten */
-            memcpy(op + ZSTD_blockHeaderSize, ip, blockSize);
-            cSize = ZSTD_blockHeaderSize+blockSize;
-        } else {
-            U32 const cBlockHeader24 = lastBlock + (((U32)bt_compressed)<<1) + (U32)(cSize << 3);
-            MEM_writeLE24(op, cBlockHeader24);
-            cSize += ZSTD_blockHeaderSize;
-        }
+        {   size_t cSize = ZSTD_compressBlock_internal(cctx,
+                                op+ZSTD_blockHeaderSize, dstCapacity-ZSTD_blockHeaderSize,
+                                ip, blockSize);
+            if (ZSTD_isError(cSize)) return cSize;
+
+            if (cSize == 0) {  /* block is not compressible */
+                U32 const cBlockHeader24 = lastBlock + (((U32)bt_raw)<<1) + (U32)(blockSize << 3);
+                if (blockSize + ZSTD_blockHeaderSize > dstCapacity) return ERROR(dstSize_tooSmall);
+                MEM_writeLE32(op, cBlockHeader24);   /* 4th byte will be overwritten */
+                memcpy(op + ZSTD_blockHeaderSize, ip, blockSize);
+                cSize = ZSTD_blockHeaderSize + blockSize;
+            } else {
+                U32 const cBlockHeader24 = lastBlock + (((U32)bt_compressed)<<1) + (U32)(cSize << 3);
+                MEM_writeLE24(op, cBlockHeader24);
+                cSize += ZSTD_blockHeaderSize;
+            }
 
-        remaining -= blockSize;
-        dstCapacity -= cSize;
-        ip += blockSize;
-        op += cSize;
-    }
+            ip += blockSize;
+            assert(remaining >= blockSize);
+            remaining -= blockSize;
+            op += cSize;
+            assert(dstCapacity >= cSize);
+            dstCapacity -= cSize;
+            DEBUGLOG(5, "ZSTD_compress_frameChunk: adding a block of size %u",
+                        (U32)cSize);
+    }   }
 
     if (lastFrameChunk && (op>ostart)) cctx->stage = ZSTDcs_ending;
     return op-ostart;
@@ -1719,7 +1786,6 @@ static size_t ZSTD_writeFrameHeader(void* dst, size_t dstCapacity,
                 !params.fParams.noDictIDFlag, dictID,  dictIDSizeCode);
 
     if (params.format == ZSTD_f_zstd1) {
-        DEBUGLOG(4, "writing zstd magic number");
         MEM_writeLE32(dst, ZSTD_MAGICNUMBER);
         pos = 4;
     }
@@ -1753,8 +1819,7 @@ static size_t ZSTD_compressContinue_internal (ZSTD_CCtx* cctx,
     const BYTE* const ip = (const BYTE*) src;
     size_t fhSize = 0;
 
-    DEBUGLOG(5, "ZSTD_compressContinue_internal");
-    DEBUGLOG(5, "stage: %u", cctx->stage);
+    DEBUGLOG(5, "ZSTD_compressContinue_internal, stage: %u", cctx->stage);
     if (cctx->stage==ZSTDcs_created) return ERROR(stage_wrong);   /* missing init (ZSTD_compressBegin) */
 
     if (frame && (cctx->stage==ZSTDcs_init)) {
@@ -1766,17 +1831,21 @@ static size_t ZSTD_compressContinue_internal (ZSTD_CCtx* cctx,
         cctx->stage = ZSTDcs_ongoing;
     }
 
+    if (!srcSize) return fhSize;  /* do not generate an empty block if no input */
+
     /* Check if blocks follow each other */
     if (src != cctx->nextSrc) {
         /* not contiguous */
-        ptrdiff_t const delta = cctx->nextSrc - ip;
+        size_t const distanceFromBase = (size_t)(cctx->nextSrc - cctx->base);
         cctx->lowLimit = cctx->dictLimit;
-        cctx->dictLimit = (U32)(cctx->nextSrc - cctx->base);
+        assert(distanceFromBase == (size_t)(U32)distanceFromBase);  /* should never overflow */
+        cctx->dictLimit = (U32)distanceFromBase;
         cctx->dictBase = cctx->base;
-        cctx->base -= delta;
+        cctx->base = ip - distanceFromBase;
         cctx->nextToUpdate = cctx->dictLimit;
         if (cctx->dictLimit - cctx->lowLimit < HASH_READ_SIZE) cctx->lowLimit = cctx->dictLimit;   /* too small extDict */
     }
+    cctx->nextSrc = ip + srcSize;
 
     /* if input and dictionary overlap : reduce dictionary (area presumed modified by input) */
     if ((ip+srcSize > cctx->dictBase + cctx->lowLimit) & (ip < cctx->dictBase + cctx->dictLimit)) {
@@ -1785,17 +1854,14 @@ static size_t ZSTD_compressContinue_internal (ZSTD_CCtx* cctx,
         cctx->lowLimit = lowLimitMax;
     }
 
-    cctx->nextSrc = ip + srcSize;
-
-    if (srcSize) {
-        size_t const cSize = frame ?
+    DEBUGLOG(5, "ZSTD_compressContinue_internal (blockSize=%u)", (U32)cctx->blockSize);
+    {   size_t const cSize = frame ?
                              ZSTD_compress_frameChunk (cctx, dst, dstCapacity, src, srcSize, lastFrameChunk) :
                              ZSTD_compressBlock_internal (cctx, dst, dstCapacity, src, srcSize);
         if (ZSTD_isError(cSize)) return cSize;
         cctx->consumedSrcSize += srcSize;
         return cSize + fhSize;
-    } else
-        return fhSize;
+    }
 }
 
 size_t ZSTD_compressContinue (ZSTD_CCtx* cctx,
@@ -1832,7 +1898,7 @@ static size_t ZSTD_loadDictionaryContent(ZSTD_CCtx* zc, const void* src, size_t
     zc->lowLimit = zc->dictLimit;
     zc->dictLimit = (U32)(zc->nextSrc - zc->base);
     zc->dictBase = zc->base;
-    zc->base += ip - zc->nextSrc;
+    zc->base = ip - zc->dictLimit;
     zc->nextToUpdate = zc->dictLimit;
     zc->loadedDictEnd = zc->appliedParams.forceWindow ? 0 : (U32)(iend - zc->base);
 
@@ -1983,7 +2049,7 @@ static size_t ZSTD_compress_insertDictionary(ZSTD_CCtx* cctx,
                                        const void* dict, size_t dictSize,
                                              ZSTD_dictMode_e dictMode)
 {
-    DEBUGLOG(5, "ZSTD_compress_insertDictionary");
+    DEBUGLOG(4, "ZSTD_compress_insertDictionary (dictSize=%u)", (U32)dictSize);
     if ((dict==NULL) || (dictSize<=8)) return 0;
 
     /* dict restricted modes */
@@ -1992,7 +2058,7 @@ static size_t ZSTD_compress_insertDictionary(ZSTD_CCtx* cctx,
 
     if (MEM_readLE32(dict) != ZSTD_MAGIC_DICTIONARY) {
         if (dictMode == ZSTD_dm_auto) {
-            DEBUGLOG(5, "raw content dictionary detected");
+            DEBUGLOG(4, "raw content dictionary detected");
             return ZSTD_loadDictionaryContent(cctx, dict, dictSize);
         }
         if (dictMode == ZSTD_dm_fullDict)
@@ -2006,21 +2072,22 @@ static size_t ZSTD_compress_insertDictionary(ZSTD_CCtx* cctx,
 
 /*! ZSTD_compressBegin_internal() :
  * @return : 0, or an error code */
-static size_t ZSTD_compressBegin_internal(ZSTD_CCtx* cctx,
+size_t ZSTD_compressBegin_internal(ZSTD_CCtx* cctx,
                              const void* dict, size_t dictSize,
                              ZSTD_dictMode_e dictMode,
                              const ZSTD_CDict* cdict,
-                                   ZSTD_CCtx_params params, U64 pledgedSrcSize,
-                                   ZSTD_buffered_policy_e zbuff)
+                             ZSTD_CCtx_params params, U64 pledgedSrcSize,
+                             ZSTD_buffered_policy_e zbuff)
 {
-    DEBUGLOG(4, "ZSTD_compressBegin_internal");
+    DEBUGLOG(4, "ZSTD_compressBegin_internal: wlog=%u", params.cParams.windowLog);
     /* params are supposed to be fully validated at this point */
     assert(!ZSTD_isError(ZSTD_checkCParams(params.cParams)));
     assert(!((dict) && (cdict)));  /* either dict or cdict, not both */
 
     if (cdict && cdict->dictContentSize>0) {
+        cctx->requestedParams = params;
         return ZSTD_copyCCtx_internal(cctx, cdict->refContext,
-                                      params.fParams, pledgedSrcSize,
+                                      params.cParams.windowLog, params.fParams, pledgedSrcSize,
                                       zbuff);
     }
 
@@ -2029,16 +2096,19 @@ static size_t ZSTD_compressBegin_internal(ZSTD_CCtx* cctx,
     return ZSTD_compress_insertDictionary(cctx, dict, dictSize, dictMode);
 }
 
-size_t ZSTD_compressBegin_advanced_internal(
-                                    ZSTD_CCtx* cctx,
+size_t ZSTD_compressBegin_advanced_internal(ZSTD_CCtx* cctx,
                                     const void* dict, size_t dictSize,
                                     ZSTD_dictMode_e dictMode,
+                                    const ZSTD_CDict* cdict,
                                     ZSTD_CCtx_params params,
                                     unsigned long long pledgedSrcSize)
 {
+    DEBUGLOG(4, "ZSTD_compressBegin_advanced_internal: wlog=%u", params.cParams.windowLog);
     /* compression parameters verification and optimization */
     CHECK_F( ZSTD_checkCParams(params.cParams) );
-    return ZSTD_compressBegin_internal(cctx, dict, dictSize, dictMode, NULL,
+    return ZSTD_compressBegin_internal(cctx,
+                                       dict, dictSize, dictMode,
+                                       cdict,
                                        params, pledgedSrcSize,
                                        ZSTDb_not_buffered);
 }
@@ -2051,9 +2121,10 @@ size_t ZSTD_compressBegin_advanced(ZSTD_CCtx* cctx,
 {
     ZSTD_CCtx_params const cctxParams =
             ZSTD_assignParamsToCCtxParams(cctx->requestedParams, params);
-    return ZSTD_compressBegin_advanced_internal(cctx, dict, dictSize, ZSTD_dm_auto,
-                                                cctxParams,
-                                                pledgedSrcSize);
+    return ZSTD_compressBegin_advanced_internal(cctx,
+                                            dict, dictSize, ZSTD_dm_auto,
+                                            NULL /*cdict*/,
+                                            cctxParams, pledgedSrcSize);
 }
 
 size_t ZSTD_compressBegin_usingDict(ZSTD_CCtx* cctx, const void* dict, size_t dictSize, int compressionLevel)
@@ -2061,8 +2132,9 @@ size_t ZSTD_compressBegin_usingDict(ZSTD_CCtx* cctx, const void* dict, size_t di
     ZSTD_parameters const params = ZSTD_getParams(compressionLevel, 0, dictSize);
     ZSTD_CCtx_params const cctxParams =
             ZSTD_assignParamsToCCtxParams(cctx->requestedParams, params);
+    DEBUGLOG(4, "ZSTD_compressBegin_usingDict");
     return ZSTD_compressBegin_internal(cctx, dict, dictSize, ZSTD_dm_auto, NULL,
-                                       cctxParams, 0, ZSTDb_not_buffered);
+                                       cctxParams, ZSTD_CONTENTSIZE_UNKNOWN, ZSTDb_not_buffered);
 }
 
 size_t ZSTD_compressBegin(ZSTD_CCtx* cctx, int compressionLevel)
@@ -2143,6 +2215,7 @@ static size_t ZSTD_compress_internal (ZSTD_CCtx* cctx,
 {
     ZSTD_CCtx_params const cctxParams =
             ZSTD_assignParamsToCCtxParams(cctx->requestedParams, params);
+    DEBUGLOG(4, "ZSTD_compress_internal");
     return ZSTD_compress_advanced_internal(cctx,
                                           dst, dstCapacity,
                                           src, srcSize,
@@ -2156,6 +2229,7 @@ size_t ZSTD_compress_advanced (ZSTD_CCtx* ctx,
                          const void* dict,size_t dictSize,
                                ZSTD_parameters params)
 {
+    DEBUGLOG(4, "ZSTD_compress_advanced");
     CHECK_F(ZSTD_checkCParams(params.cParams));
     return ZSTD_compress_internal(ctx, dst, dstCapacity, src, srcSize, dict, dictSize, params);
 }
@@ -2168,6 +2242,7 @@ size_t ZSTD_compress_advanced_internal(
         const void* dict,size_t dictSize,
         ZSTD_CCtx_params params)
 {
+    DEBUGLOG(4, "ZSTD_compress_advanced_internal");
     CHECK_F( ZSTD_compressBegin_internal(cctx, dict, dictSize, ZSTD_dm_auto, NULL,
                                          params, srcSize, ZSTDb_not_buffered) );
     return ZSTD_compressEnd(cctx, dst, dstCapacity, src, srcSize);
@@ -2176,8 +2251,10 @@ size_t ZSTD_compress_advanced_internal(
 size_t ZSTD_compress_usingDict(ZSTD_CCtx* ctx, void* dst, size_t dstCapacity, const void* src, size_t srcSize,
                                const void* dict, size_t dictSize, int compressionLevel)
 {
-    ZSTD_parameters params = ZSTD_getParams(compressionLevel, srcSize, dict ? dictSize : 0);
+    ZSTD_parameters params = ZSTD_getParams(compressionLevel, srcSize ? srcSize : 1, dict ? dictSize : 0);
     params.fParams.contentSizeFlag = 1;
+    DEBUGLOG(4, "ZSTD_compress_usingDict (level=%i, srcSize=%u, dictSize=%u)",
+                compressionLevel, (U32)srcSize, (U32)dictSize);
     return ZSTD_compress_internal(ctx, dst, dstCapacity, src, srcSize, dict, dictSize, params);
 }
 
@@ -2234,7 +2311,7 @@ static size_t ZSTD_initCDict_internal(
                     ZSTD_dictMode_e dictMode,
                     ZSTD_compressionParameters cParams)
 {
-    DEBUGLOG(5, "ZSTD_initCDict_internal, mode %u", (U32)dictMode);
+    DEBUGLOG(3, "ZSTD_initCDict_internal, mode %u", (U32)dictMode);
     if ((dictLoadMethod == ZSTD_dlm_byRef) || (!dictBuffer) || (!dictSize)) {
         cdict->dictBuffer = NULL;
         cdict->dictContent = dictBuffer;
@@ -2264,7 +2341,7 @@ ZSTD_CDict* ZSTD_createCDict_advanced(const void* dictBuffer, size_t dictSize,
                                       ZSTD_dictMode_e dictMode,
                                       ZSTD_compressionParameters cParams, ZSTD_customMem customMem)
 {
-    DEBUGLOG(5, "ZSTD_createCDict_advanced, mode %u", (U32)dictMode);
+    DEBUGLOG(3, "ZSTD_createCDict_advanced, mode %u", (U32)dictMode);
     if (!customMem.customAlloc ^ !customMem.customFree) return NULL;
 
     {   ZSTD_CDict* const cdict = (ZSTD_CDict*)ZSTD_malloc(sizeof(ZSTD_CDict), customMem);
@@ -2339,9 +2416,9 @@ ZSTD_CDict* ZSTD_initStaticCDict(void* workspace, size_t workspaceSize,
                             + cctxSize;
     ZSTD_CDict* const cdict = (ZSTD_CDict*) workspace;
     void* ptr;
-    DEBUGLOG(5, "(size_t)workspace & 7 : %u", (U32)(size_t)workspace & 7);
+    DEBUGLOG(4, "(size_t)workspace & 7 : %u", (U32)(size_t)workspace & 7);
     if ((size_t)workspace & 7) return NULL;  /* 8-aligned */
-    DEBUGLOG(5, "(workspaceSize < neededSize) : (%u < %u) => %u",
+    DEBUGLOG(4, "(workspaceSize < neededSize) : (%u < %u) => %u",
         (U32)workspaceSize, (U32)neededSize, (U32)(workspaceSize < neededSize));
     if (workspaceSize < neededSize) return NULL;
 
@@ -2373,11 +2450,11 @@ size_t ZSTD_compressBegin_usingCDict_advanced(
     ZSTD_CCtx* const cctx, const ZSTD_CDict* const cdict,
     ZSTD_frameParameters const fParams, unsigned long long const pledgedSrcSize)
 {
+    DEBUGLOG(4, "ZSTD_compressBegin_usingCDict_advanced");
     if (cdict==NULL) return ERROR(dictionary_wrong);
     {   ZSTD_CCtx_params params = cctx->requestedParams;
         params.cParams = ZSTD_getCParamsFromCDict(cdict);
         params.fParams = fParams;
-        DEBUGLOG(5, "ZSTD_compressBegin_usingCDict_advanced");
         return ZSTD_compressBegin_internal(cctx,
                                            NULL, 0, ZSTD_dm_auto,
                                            cdict,
@@ -2392,7 +2469,7 @@ size_t ZSTD_compressBegin_usingCDict_advanced(
 size_t ZSTD_compressBegin_usingCDict(ZSTD_CCtx* cctx, const ZSTD_CDict* cdict)
 {
     ZSTD_frameParameters const fParams = { 0 /*content*/, 0 /*checksum*/, 0 /*noDictID*/ };
-    DEBUGLOG(5, "ZSTD_compressBegin_usingCDict : dictIDFlag == %u", !fParams.noDictIDFlag);
+    DEBUGLOG(4, "ZSTD_compressBegin_usingCDict : dictIDFlag == %u", !fParams.noDictIDFlag);
     return ZSTD_compressBegin_usingCDict_advanced(cctx, cdict, fParams, 0);
 }
 
@@ -2427,6 +2504,7 @@ size_t ZSTD_compress_usingCDict(ZSTD_CCtx* cctx,
 
 ZSTD_CStream* ZSTD_createCStream(void)
 {
+    DEBUGLOG(3, "ZSTD_createCStream");
     return ZSTD_createCStream_advanced(ZSTD_defaultCMem);
 }
 
@@ -2457,9 +2535,9 @@ size_t ZSTD_CStreamOutSize(void)
 }
 
 static size_t ZSTD_resetCStream_internal(ZSTD_CStream* zcs,
-                    const void* dict, size_t dictSize, ZSTD_dictMode_e dictMode,
-                    const ZSTD_CDict* cdict,
-                    const ZSTD_CCtx_params params, unsigned long long pledgedSrcSize)
+                    const void* const dict, size_t const dictSize, ZSTD_dictMode_e const dictMode,
+                    const ZSTD_CDict* const cdict,
+                    ZSTD_CCtx_params const params, unsigned long long const pledgedSrcSize)
 {
     DEBUGLOG(4, "ZSTD_resetCStream_internal");
     /* params are supposed to be fully validated at this point */
@@ -2467,31 +2545,35 @@ static size_t ZSTD_resetCStream_internal(ZSTD_CStream* zcs,
     assert(!((dict) && (cdict)));  /* either dict or cdict, not both */
 
     CHECK_F( ZSTD_compressBegin_internal(zcs,
-                                        dict, dictSize, dictMode,
-                                        cdict,
-                                        params, pledgedSrcSize,
-                                        ZSTDb_buffered) );
+                                         dict, dictSize, dictMode,
+                                         cdict,
+                                         params, pledgedSrcSize,
+                                         ZSTDb_buffered) );
 
     zcs->inToCompress = 0;
     zcs->inBuffPos = 0;
-    zcs->inBuffTarget = zcs->blockSize;
+    zcs->inBuffTarget = zcs->blockSize
+                      + (zcs->blockSize == pledgedSrcSize);   /* for small input: avoid automatic flush on reaching end of block, since it would require to add a 3-bytes null block to end frame */
     zcs->outBuffContentSize = zcs->outBuffFlushedSize = 0;
     zcs->streamStage = zcss_load;
     zcs->frameEnded = 0;
     return 0;   /* ready to go */
 }
 
+/* ZSTD_resetCStream():
+ * pledgedSrcSize == 0 means "unknown" */
 size_t ZSTD_resetCStream(ZSTD_CStream* zcs, unsigned long long pledgedSrcSize)
 {
     ZSTD_CCtx_params params = zcs->requestedParams;
-    params.fParams.contentSizeFlag = (pledgedSrcSize > 0);
+    DEBUGLOG(4, "ZSTD_resetCStream: pledgedSrcSize = %u", (U32)pledgedSrcSize);
+    if (pledgedSrcSize==0) pledgedSrcSize = ZSTD_CONTENTSIZE_UNKNOWN;
+    params.fParams.contentSizeFlag = 1;
     params.cParams = ZSTD_getCParamsFromCCtxParams(params, pledgedSrcSize, 0);
-    DEBUGLOG(4, "ZSTD_resetCStream");
     return ZSTD_resetCStream_internal(zcs, NULL, 0, ZSTD_dm_auto, zcs->cdict, params, pledgedSrcSize);
 }
 
 /*! ZSTD_initCStream_internal() :
- *  Note : not static, but hidden (not exposed). Used by zstdmt_compress.c
+ *  Note : for lib/compress only. Used by zstdmt_compress.c.
  *  Assumption 1 : params are valid
  *  Assumption 2 : either dict, or cdict, is defined, not both */
 size_t ZSTD_initCStream_internal(ZSTD_CStream* zcs,
@@ -2503,7 +2585,7 @@ size_t ZSTD_initCStream_internal(ZSTD_CStream* zcs,
     assert(!((dict) && (cdict)));  /* either dict or cdict, not both */
 
     if (dict && dictSize >= 8) {
-        DEBUGLOG(5, "loading dictionary of size %u", (U32)dictSize);
+        DEBUGLOG(4, "loading dictionary of size %u", (U32)dictSize);
         if (zcs->staticSize) {   /* static CCtx : never uses malloc */
             /* incompatible with internal cdict creation */
             return ERROR(memory_allocation);
@@ -2516,14 +2598,14 @@ size_t ZSTD_initCStream_internal(ZSTD_CStream* zcs,
         if (zcs->cdictLocal == NULL) return ERROR(memory_allocation);
     } else {
         if (cdict) {
-            params.cParams = ZSTD_getCParamsFromCDict(cdict);  /* cParams are enforced from cdict */
+            params.cParams = ZSTD_getCParamsFromCDict(cdict);  /* cParams are enforced from cdict; it includes windowLog */
         }
         ZSTD_freeCDict(zcs->cdictLocal);
         zcs->cdictLocal = NULL;
         zcs->cdict = cdict;
     }
 
-    params.compressionLevel = ZSTD_CLEVEL_CUSTOM;
+    params.compressionLevel = ZSTD_CLEVEL_CUSTOM; /* enforce usage of cParams, instead of a dynamic derivation from cLevel (but does that happen ?) */
     zcs->requestedParams = params;
 
     return ZSTD_resetCStream_internal(zcs, NULL, 0, ZSTD_dm_auto, zcs->cdict, params, pledgedSrcSize);
@@ -2535,8 +2617,9 @@ size_t ZSTD_initCStream_usingCDict_advanced(ZSTD_CStream* zcs,
                                             const ZSTD_CDict* cdict,
                                             ZSTD_frameParameters fParams,
                                             unsigned long long pledgedSrcSize)
-{   /* cannot handle NULL cdict (does not know what to do) */
-    if (!cdict) return ERROR(dictionary_wrong);
+{
+    DEBUGLOG(4, "ZSTD_initCStream_usingCDict_advanced");
+    if (!cdict) return ERROR(dictionary_wrong); /* cannot handle NULL cdict (does not know what to do) */
     {   ZSTD_CCtx_params params = zcs->requestedParams;
         params.cParams = ZSTD_getCParamsFromCDict(cdict);
         params.fParams = fParams;
@@ -2549,18 +2632,25 @@ size_t ZSTD_initCStream_usingCDict_advanced(ZSTD_CStream* zcs,
 /* note : cdict must outlive compression session */
 size_t ZSTD_initCStream_usingCDict(ZSTD_CStream* zcs, const ZSTD_CDict* cdict)
 {
-    ZSTD_frameParameters const fParams = { 0 /* contentSize */, 0 /* checksum */, 0 /* hideDictID */ };
-    return ZSTD_initCStream_usingCDict_advanced(zcs, cdict, fParams, 0);  /* note : will check that cdict != NULL */
+    ZSTD_frameParameters const fParams = { 0 /* contentSizeFlag */, 0 /* checksum */, 0 /* hideDictID */ };
+    DEBUGLOG(4, "ZSTD_initCStream_usingCDict");
+    return ZSTD_initCStream_usingCDict_advanced(zcs, cdict, fParams, ZSTD_CONTENTSIZE_UNKNOWN);  /* note : will check that cdict != NULL */
 }
 
+/* ZSTD_initCStream_advanced() :
+ * pledgedSrcSize must be correct.
+ * if srcSize is not known at init time, use value ZSTD_CONTENTSIZE_UNKNOWN.
+ * dict is loaded with default parameters ZSTD_dm_auto and ZSTD_dlm_byCopy. */
 size_t ZSTD_initCStream_advanced(ZSTD_CStream* zcs,
                                  const void* dict, size_t dictSize,
                                  ZSTD_parameters params, unsigned long long pledgedSrcSize)
 {
-    ZSTD_CCtx_params const cctxParams =
-            ZSTD_assignParamsToCCtxParams(zcs->requestedParams, params);
+    ZSTD_CCtx_params const cctxParams = ZSTD_assignParamsToCCtxParams(zcs->requestedParams, params);
+    DEBUGLOG(4, "ZSTD_initCStream_advanced: pledgedSrcSize=%u, flag=%u",
+                (U32)pledgedSrcSize, params.fParams.contentSizeFlag);
     CHECK_F( ZSTD_checkCParams(params.cParams) );
-    return ZSTD_initCStream_internal(zcs, dict, dictSize, NULL, cctxParams, pledgedSrcSize);
+    if ((pledgedSrcSize==0) && (params.fParams.contentSizeFlag==0)) pledgedSrcSize = ZSTD_CONTENTSIZE_UNKNOWN;  /* for compatibility with older programs relying on this behavior. Users should now specify ZSTD_CONTENTSIZE_UNKNOWN. This line will be removed in the future. */
+    return ZSTD_initCStream_internal(zcs, dict, dictSize, NULL /*cdict*/, cctxParams, pledgedSrcSize);
 }
 
 size_t ZSTD_initCStream_usingDict(ZSTD_CStream* zcs, const void* dict, size_t dictSize, int compressionLevel)
@@ -2568,21 +2658,21 @@ size_t ZSTD_initCStream_usingDict(ZSTD_CStream* zcs, const void* dict, size_t di
     ZSTD_parameters const params = ZSTD_getParams(compressionLevel, 0, dictSize);
     ZSTD_CCtx_params const cctxParams =
             ZSTD_assignParamsToCCtxParams(zcs->requestedParams, params);
-    return ZSTD_initCStream_internal(zcs, dict, dictSize, NULL, cctxParams, 0);
+    return ZSTD_initCStream_internal(zcs, dict, dictSize, NULL, cctxParams, ZSTD_CONTENTSIZE_UNKNOWN);
 }
 
-size_t ZSTD_initCStream_srcSize(ZSTD_CStream* zcs, int compressionLevel, unsigned long long pledgedSrcSize)
+size_t ZSTD_initCStream_srcSize(ZSTD_CStream* zcs, int compressionLevel, unsigned long long pss)
 {
-    ZSTD_CCtx_params cctxParams;
+    U64 const pledgedSrcSize = (pss==0) ? ZSTD_CONTENTSIZE_UNKNOWN : pss;  /* temporary : 0 interpreted as "unknown" during transition period. Users willing to specify "unknown" **must** use ZSTD_CONTENTSIZE_UNKNOWN. `0` will be interpreted as "empty" in the future */
     ZSTD_parameters const params = ZSTD_getParams(compressionLevel, pledgedSrcSize, 0);
-    cctxParams = ZSTD_assignParamsToCCtxParams(zcs->requestedParams, params);
-    cctxParams.fParams.contentSizeFlag = (pledgedSrcSize>0);
+    ZSTD_CCtx_params const cctxParams = ZSTD_assignParamsToCCtxParams(zcs->requestedParams, params);
     return ZSTD_initCStream_internal(zcs, NULL, 0, NULL, cctxParams, pledgedSrcSize);
 }
 
 size_t ZSTD_initCStream(ZSTD_CStream* zcs, int compressionLevel)
 {
-    return ZSTD_initCStream_srcSize(zcs, compressionLevel, 0);
+    DEBUGLOG(4, "ZSTD_initCStream");
+    return ZSTD_initCStream_srcSize(zcs, compressionLevel, ZSTD_CONTENTSIZE_UNKNOWN);
 }
 
 /*======   Compression   ======*/
@@ -2615,9 +2705,9 @@ size_t ZSTD_compressStream_generic(ZSTD_CStream* zcs,
     /* check expectations */
     DEBUGLOG(5, "ZSTD_compressStream_generic, flush=%u", (U32)flushMode);
     assert(zcs->inBuff != NULL);
-    assert(zcs->inBuffSize>0);
-    assert(zcs->outBuff!= NULL);
-    assert(zcs->outBuffSize>0);
+    assert(zcs->inBuffSize > 0);
+    assert(zcs->outBuff !=  NULL);
+    assert(zcs->outBuffSize > 0);
     assert(output->pos <= output->size);
     assert(input->pos <= input->size);
 
@@ -2757,7 +2847,7 @@ size_t ZSTD_compress_generic (ZSTD_CCtx* cctx,
                               ZSTD_inBuffer* input,
                               ZSTD_EndDirective endOp)
 {
-    DEBUGLOG(5, "ZSTD_compress_generic");
+    DEBUGLOG(5, "ZSTD_compress_generic, endOp=%u ", (U32)endOp);
     /* check conditions */
     if (output->pos > output->size) return ERROR(GENERIC);
     if (input->pos  > input->size)  return ERROR(GENERIC);
@@ -2765,42 +2855,47 @@ size_t ZSTD_compress_generic (ZSTD_CCtx* cctx,
 
     /* transparent initialization stage */
     if (cctx->streamStage == zcss_init) {
-        ZSTD_prefixDict const prefixDict = cctx->prefixDict;
         ZSTD_CCtx_params params = cctx->requestedParams;
-        params.cParams = ZSTD_getCParamsFromCCtxParams(
-                cctx->requestedParams, cctx->pledgedSrcSizePlusOne-1, 0 /*dictSize*/);
+        ZSTD_prefixDict const prefixDict = cctx->prefixDict;
         memset(&cctx->prefixDict, 0, sizeof(cctx->prefixDict));  /* single usage */
         assert(prefixDict.dict==NULL || cctx->cdict==NULL);   /* only one can be set */
         DEBUGLOG(4, "ZSTD_compress_generic : transparent init stage");
+        if (endOp == ZSTD_e_end) cctx->pledgedSrcSizePlusOne = input->size + 1;  /* auto-fix pledgedSrcSize */
+        params.cParams = ZSTD_getCParamsFromCCtxParams(
+                cctx->requestedParams, cctx->pledgedSrcSizePlusOne-1, 0 /*dictSize*/);
 
 #ifdef ZSTD_MULTITHREAD
+        if ((cctx->pledgedSrcSizePlusOne-1) <= ZSTDMT_JOBSIZE_MIN)
+            params.nbThreads = 1; /* do not invoke multi-threading when src size is too small */
         if (params.nbThreads > 1) {
-            if (cctx->mtctx == NULL || cctx->appliedParams.nbThreads != params.nbThreads) {
+            if (cctx->mtctx == NULL || (params.nbThreads != ZSTDMT_getNbThreads(cctx->mtctx))) {
+                DEBUGLOG(4, "ZSTD_compress_generic: creating new mtctx for nbThreads=%u (previous: %u)",
+                            params.nbThreads, ZSTDMT_getNbThreads(cctx->mtctx));
                 ZSTDMT_freeCCtx(cctx->mtctx);
                 cctx->mtctx = ZSTDMT_createCCtx_advanced(params.nbThreads, cctx->customMem);
                 if (cctx->mtctx == NULL) return ERROR(memory_allocation);
             }
             DEBUGLOG(4, "call ZSTDMT_initCStream_internal as nbThreads=%u", params.nbThreads);
             CHECK_F( ZSTDMT_initCStream_internal(
-                             cctx->mtctx,
-                             prefixDict.dict, prefixDict.dictSize, ZSTD_dm_rawContent,
-                             cctx->cdict, params, cctx->pledgedSrcSizePlusOne-1) );
+                        cctx->mtctx,
+                        prefixDict.dict, prefixDict.dictSize, ZSTD_dm_rawContent,
+                        cctx->cdict, params, cctx->pledgedSrcSizePlusOne-1) );
             cctx->streamStage = zcss_load;
             cctx->appliedParams.nbThreads = params.nbThreads;
         } else
 #endif
-        {
-            CHECK_F( ZSTD_resetCStream_internal(
+        {   CHECK_F( ZSTD_resetCStream_internal(
                              cctx, prefixDict.dict, prefixDict.dictSize,
                              prefixDict.dictMode, cctx->cdict, params,
                              cctx->pledgedSrcSizePlusOne-1) );
+            assert(cctx->streamStage == zcss_load);
+            assert(cctx->appliedParams.nbThreads <= 1);
     }   }
 
     /* compression stage */
 #ifdef ZSTD_MULTITHREAD
     if (cctx->appliedParams.nbThreads > 1) {
         size_t const flushMin = ZSTDMT_compressStream_generic(cctx->mtctx, output, input, endOp);
-        DEBUGLOG(5, "ZSTDMT_compressStream_generic result : %u", (U32)flushMin);
         if ( ZSTD_isError(flushMin)
           || (endOp == ZSTD_e_end && flushMin == 0) ) { /* compression completed */
             ZSTD_startNewCompression(cctx);
@@ -2850,8 +2945,7 @@ size_t ZSTD_endStream(ZSTD_CStream* zcs, ZSTD_outBuffer* output)
     {   size_t const lastBlockSize = zcs->frameEnded ? 0 : ZSTD_BLOCKHEADERSIZE;
         size_t const checksumSize = zcs->frameEnded ? 0 : zcs->appliedParams.fParams.checksumFlag * 4;
         size_t const toFlush = zcs->outBuffContentSize - zcs->outBuffFlushedSize + lastBlockSize + checksumSize;
-        DEBUGLOG(5, "ZSTD_endStream : remaining to flush : %u",
-                (unsigned)toFlush);
+        DEBUGLOG(4, "ZSTD_endStream : remaining to flush : %u", (U32)toFlush);
         return toFlush;
     }
 }
@@ -2880,12 +2974,12 @@ static const ZSTD_compressionParameters ZSTD_defaultCParameters[4][ZSTD_MAX_CLEV
     { 22, 20, 22,  5,  5, 16, ZSTD_lazy2   },  /* level 12 */
     { 22, 21, 22,  5,  5, 16, ZSTD_lazy2   },  /* level 13 */
     { 22, 21, 22,  6,  5, 16, ZSTD_lazy2   },  /* level 14 */
-    { 22, 21, 22,  5,  5, 16, ZSTD_btlazy2 },  /* level 15 */
-    { 23, 22, 22,  5,  5, 16, ZSTD_btlazy2 },  /* level 16 */
-    { 23, 22, 22,  4,  5, 24, ZSTD_btopt   },  /* level 17 */
-    { 23, 22, 22,  5,  4, 32, ZSTD_btopt   },  /* level 18 */
-    { 23, 23, 22,  6,  3, 48, ZSTD_btopt   },  /* level 19 */
-    { 25, 25, 23,  7,  3, 64, ZSTD_btultra },  /* level 20 */
+    { 22, 21, 22,  4,  5, 16, ZSTD_btlazy2 },  /* level 15 */
+    { 22, 21, 22,  4,  5, 48, ZSTD_btopt   },  /* level 16 */
+    { 23, 22, 22,  4,  4, 48, ZSTD_btopt   },  /* level 17 */
+    { 23, 22, 22,  5,  3, 64, ZSTD_btopt   },  /* level 18 */
+    { 23, 23, 22,  7,  3,128, ZSTD_btopt   },  /* level 19 */
+    { 25, 25, 23,  7,  3,128, ZSTD_btultra },  /* level 20 */
     { 26, 26, 24,  7,  3,256, ZSTD_btultra },  /* level 21 */
     { 27, 27, 25,  9,  3,512, ZSTD_btultra },  /* level 22 */
 },
@@ -3004,6 +3098,8 @@ ZSTD_compressionParameters ZSTD_getCParams(int compressionLevel, unsigned long l
     }
 #endif
 
+    DEBUGLOG(4, "ZSTD_getCParams: cLevel=%i, srcSize=%u, dictSize=%u => table %u",
+                compressionLevel, (U32)srcSizeHint, (U32)dictSize, tableID);
     if (compressionLevel <= 0) compressionLevel = ZSTD_CLEVEL_DEFAULT;   /* 0 == default; no negative compressionLevel yet */
     if (compressionLevel > ZSTD_MAX_CLEVEL) compressionLevel = ZSTD_MAX_CLEVEL;
     { ZSTD_compressionParameters const cp = ZSTD_defaultCParameters[tableID][compressionLevel];
@@ -3019,5 +3115,6 @@ ZSTD_parameters ZSTD_getParams(int compressionLevel, unsigned long long srcSizeH
     ZSTD_compressionParameters const cParams = ZSTD_getCParams(compressionLevel, srcSizeHint, dictSize);
     memset(&params, 0, sizeof(params));
     params.cParams = cParams;
+    params.fParams.contentSizeFlag = 1;
     return params;
 }
diff --git a/thirdparty/zstd/compress/zstd_compress.h b/thirdparty/zstd/compress/zstd_compress.h
deleted file mode 100644
index 94606edc93..0000000000
--- a/thirdparty/zstd/compress/zstd_compress.h
+++ /dev/null
@@ -1,307 +0,0 @@
-/*
- * Copyright (c) 2016-present, Yann Collet, Facebook, Inc.
- * All rights reserved.
- *
- * This source code is licensed under both the BSD-style license (found in the
- * LICENSE file in the root directory of this source tree) and the GPLv2 (found
- * in the COPYING file in the root directory of this source tree).
- * You may select, at your option, one of the above-listed licenses.
- */
-
-
-#ifndef ZSTD_COMPRESS_H
-#define ZSTD_COMPRESS_H
-
-/*-*************************************
-*  Dependencies
-***************************************/
-#include "zstd_internal.h"
-#ifdef ZSTD_MULTITHREAD
-#  include "zstdmt_compress.h"
-#endif
-
-#if defined (__cplusplus)
-extern "C" {
-#endif
-
-/*-*************************************
-*  Constants
-***************************************/
-static const U32 g_searchStrength = 8;
-#define HASH_READ_SIZE 8
-
-
-/*-*************************************
-*  Context memory management
-***************************************/
-typedef enum { ZSTDcs_created=0, ZSTDcs_init, ZSTDcs_ongoing, ZSTDcs_ending } ZSTD_compressionStage_e;
-typedef enum { zcss_init=0, zcss_load, zcss_flush } ZSTD_cStreamStage;
-
-typedef struct ZSTD_prefixDict_s {
-    const void* dict;
-    size_t dictSize;
-    ZSTD_dictMode_e dictMode;
-} ZSTD_prefixDict;
-
-struct ZSTD_CCtx_s {
-    const BYTE* nextSrc;    /* next block here to continue on current prefix */
-    const BYTE* base;       /* All regular indexes relative to this position */
-    const BYTE* dictBase;   /* extDict indexes relative to this position */
-    U32   dictLimit;        /* below that point, need extDict */
-    U32   lowLimit;         /* below that point, no more data */
-    U32   nextToUpdate;     /* index from which to continue dictionary update */
-    U32   nextToUpdate3;    /* index from which to continue dictionary update */
-    U32   hashLog3;         /* dispatch table : larger == faster, more memory */
-    U32   loadedDictEnd;    /* index of end of dictionary */
-    ZSTD_compressionStage_e stage;
-    U32   dictID;
-    ZSTD_CCtx_params requestedParams;
-    ZSTD_CCtx_params appliedParams;
-    void* workSpace;
-    size_t workSpaceSize;
-    size_t blockSize;
-    U64 pledgedSrcSizePlusOne;  /* this way, 0 (default) == unknown */
-    U64 consumedSrcSize;
-    XXH64_state_t xxhState;
-    ZSTD_customMem customMem;
-    size_t staticSize;
-
-    seqStore_t seqStore;    /* sequences storage ptrs */
-    optState_t optState;
-    ldmState_t ldmState;    /* long distance matching state */
-    U32* hashTable;
-    U32* hashTable3;
-    U32* chainTable;
-    ZSTD_entropyCTables_t* entropy;
-
-    /* streaming */
-    char*  inBuff;
-    size_t inBuffSize;
-    size_t inToCompress;
-    size_t inBuffPos;
-    size_t inBuffTarget;
-    char*  outBuff;
-    size_t outBuffSize;
-    size_t outBuffContentSize;
-    size_t outBuffFlushedSize;
-    ZSTD_cStreamStage streamStage;
-    U32    frameEnded;
-
-    /* Dictionary */
-    ZSTD_CDict* cdictLocal;
-    const ZSTD_CDict* cdict;
-    ZSTD_prefixDict prefixDict;   /* single-usage dictionary */
-
-    /* Multi-threading */
-#ifdef ZSTD_MULTITHREAD
-    ZSTDMT_CCtx* mtctx;
-#endif
-};
-
-
-static const BYTE LL_Code[64] = {  0,  1,  2,  3,  4,  5,  6,  7,
-                                   8,  9, 10, 11, 12, 13, 14, 15,
-                                  16, 16, 17, 17, 18, 18, 19, 19,
-                                  20, 20, 20, 20, 21, 21, 21, 21,
-                                  22, 22, 22, 22, 22, 22, 22, 22,
-                                  23, 23, 23, 23, 23, 23, 23, 23,
-                                  24, 24, 24, 24, 24, 24, 24, 24,
-                                  24, 24, 24, 24, 24, 24, 24, 24 };
-
-static const BYTE ML_Code[128] = { 0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
-                                  16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-                                  32, 32, 33, 33, 34, 34, 35, 35, 36, 36, 36, 36, 37, 37, 37, 37,
-                                  38, 38, 38, 38, 38, 38, 38, 38, 39, 39, 39, 39, 39, 39, 39, 39,
-                                  40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
-                                  41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41,
-                                  42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42,
-                                  42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42 };
-
-/*! ZSTD_storeSeq() :
-    Store a sequence (literal length, literals, offset code and match length code) into seqStore_t.
-    `offsetCode` : distance to match, or 0 == repCode.
-    `matchCode` : matchLength - MINMATCH
-*/
-MEM_STATIC void ZSTD_storeSeq(seqStore_t* seqStorePtr, size_t litLength, const void* literals, U32 offsetCode, size_t matchCode)
-{
-#if defined(ZSTD_DEBUG) && (ZSTD_DEBUG >= 6)
-    static const BYTE* g_start = NULL;
-    U32 const pos = (U32)((const BYTE*)literals - g_start);
-    if (g_start==NULL) g_start = (const BYTE*)literals;
-    if ((pos > 0) && (pos < 1000000000))
-        DEBUGLOG(6, "Cpos %6u :%5u literals & match %3u bytes at distance %6u",
-               pos, (U32)litLength, (U32)matchCode+MINMATCH, (U32)offsetCode);
-#endif
-    /* copy Literals */
-    assert(seqStorePtr->lit + litLength <= seqStorePtr->litStart + 128 KB);
-    ZSTD_wildcopy(seqStorePtr->lit, literals, litLength);
-    seqStorePtr->lit += litLength;
-
-    /* literal Length */
-    if (litLength>0xFFFF) {
-        seqStorePtr->longLengthID = 1;
-        seqStorePtr->longLengthPos = (U32)(seqStorePtr->sequences - seqStorePtr->sequencesStart);
-    }
-    seqStorePtr->sequences[0].litLength = (U16)litLength;
-
-    /* match offset */
-    seqStorePtr->sequences[0].offset = offsetCode + 1;
-
-    /* match Length */
-    if (matchCode>0xFFFF) {
-        seqStorePtr->longLengthID = 2;
-        seqStorePtr->longLengthPos = (U32)(seqStorePtr->sequences - seqStorePtr->sequencesStart);
-    }
-    seqStorePtr->sequences[0].matchLength = (U16)matchCode;
-
-    seqStorePtr->sequences++;
-}
-
-
-/*-*************************************
-*  Match length counter
-***************************************/
-static unsigned ZSTD_NbCommonBytes (register size_t val)
-{
-    if (MEM_isLittleEndian()) {
-        if (MEM_64bits()) {
-#       if defined(_MSC_VER) && defined(_WIN64)
-            unsigned long r = 0;
-            _BitScanForward64( &r, (U64)val );
-            return (unsigned)(r>>3);
-#       elif defined(__GNUC__) && (__GNUC__ >= 4)
-            return (__builtin_ctzll((U64)val) >> 3);
-#       else
-            static const int DeBruijnBytePos[64] = { 0, 0, 0, 0, 0, 1, 1, 2,
-                                                     0, 3, 1, 3, 1, 4, 2, 7,
-                                                     0, 2, 3, 6, 1, 5, 3, 5,
-                                                     1, 3, 4, 4, 2, 5, 6, 7,
-                                                     7, 0, 1, 2, 3, 3, 4, 6,
-                                                     2, 6, 5, 5, 3, 4, 5, 6,
-                                                     7, 1, 2, 4, 6, 4, 4, 5,
-                                                     7, 2, 6, 5, 7, 6, 7, 7 };
-            return DeBruijnBytePos[((U64)((val & -(long long)val) * 0x0218A392CDABBD3FULL)) >> 58];
-#       endif
-        } else { /* 32 bits */
-#       if defined(_MSC_VER)
-            unsigned long r=0;
-            _BitScanForward( &r, (U32)val );
-            return (unsigned)(r>>3);
-#       elif defined(__GNUC__) && (__GNUC__ >= 3)
-            return (__builtin_ctz((U32)val) >> 3);
-#       else
-            static const int DeBruijnBytePos[32] = { 0, 0, 3, 0, 3, 1, 3, 0,
-                                                     3, 2, 2, 1, 3, 2, 0, 1,
-                                                     3, 3, 1, 2, 2, 2, 2, 0,
-                                                     3, 1, 2, 0, 1, 0, 1, 1 };
-            return DeBruijnBytePos[((U32)((val & -(S32)val) * 0x077CB531U)) >> 27];
-#       endif
-        }
-    } else {  /* Big Endian CPU */
-        if (MEM_64bits()) {
-#       if defined(_MSC_VER) && defined(_WIN64)
-            unsigned long r = 0;
-            _BitScanReverse64( &r, val );
-            return (unsigned)(r>>3);
-#       elif defined(__GNUC__) && (__GNUC__ >= 4)
-            return (__builtin_clzll(val) >> 3);
-#       else
-            unsigned r;
-            const unsigned n32 = sizeof(size_t)*4;   /* calculate this way due to compiler complaining in 32-bits mode */
-            if (!(val>>n32)) { r=4; } else { r=0; val>>=n32; }
-            if (!(val>>16)) { r+=2; val>>=8; } else { val>>=24; }
-            r += (!val);
-            return r;
-#       endif
-        } else { /* 32 bits */
-#       if defined(_MSC_VER)
-            unsigned long r = 0;
-            _BitScanReverse( &r, (unsigned long)val );
-            return (unsigned)(r>>3);
-#       elif defined(__GNUC__) && (__GNUC__ >= 3)
-            return (__builtin_clz((U32)val) >> 3);
-#       else
-            unsigned r;
-            if (!(val>>16)) { r=2; val>>=8; } else { r=0; val>>=24; }
-            r += (!val);
-            return r;
-#       endif
-    }   }
-}
-
-
-MEM_STATIC size_t ZSTD_count(const BYTE* pIn, const BYTE* pMatch, const BYTE* const pInLimit)
-{
-    const BYTE* const pStart = pIn;
-    const BYTE* const pInLoopLimit = pInLimit - (sizeof(size_t)-1);
-
-    while (pIn < pInLoopLimit) {
-        size_t const diff = MEM_readST(pMatch) ^ MEM_readST(pIn);
-        if (!diff) { pIn+=sizeof(size_t); pMatch+=sizeof(size_t); continue; }
-        pIn += ZSTD_NbCommonBytes(diff);
-        return (size_t)(pIn - pStart);
-    }
-    if (MEM_64bits()) if ((pIn<(pInLimit-3)) && (MEM_read32(pMatch) == MEM_read32(pIn))) { pIn+=4; pMatch+=4; }
-    if ((pIn<(pInLimit-1)) && (MEM_read16(pMatch) == MEM_read16(pIn))) { pIn+=2; pMatch+=2; }
-    if ((pIn<pInLimit) && (*pMatch == *pIn)) pIn++;
-    return (size_t)(pIn - pStart);
-}
-
-/** ZSTD_count_2segments() :
-*   can count match length with `ip` & `match` in 2 different segments.
-*   convention : on reaching mEnd, match count continue starting from iStart
-*/
-MEM_STATIC size_t ZSTD_count_2segments(const BYTE* ip, const BYTE* match, const BYTE* iEnd, const BYTE* mEnd, const BYTE* iStart)
-{
-    const BYTE* const vEnd = MIN( ip + (mEnd - match), iEnd);
-    size_t const matchLength = ZSTD_count(ip, match, vEnd);
-    if (match + matchLength != mEnd) return matchLength;
-    return matchLength + ZSTD_count(ip+matchLength, iStart, iEnd);
-}
-
-
-/*-*************************************
-*  Hashes
-***************************************/
-static const U32 prime3bytes = 506832829U;
-static U32    ZSTD_hash3(U32 u, U32 h) { return ((u << (32-24)) * prime3bytes)  >> (32-h) ; }
-MEM_STATIC size_t ZSTD_hash3Ptr(const void* ptr, U32 h) { return ZSTD_hash3(MEM_readLE32(ptr), h); } /* only in zstd_opt.h */
-
-static const U32 prime4bytes = 2654435761U;
-static U32    ZSTD_hash4(U32 u, U32 h) { return (u * prime4bytes) >> (32-h) ; }
-static size_t ZSTD_hash4Ptr(const void* ptr, U32 h) { return ZSTD_hash4(MEM_read32(ptr), h); }
-
-static const U64 prime5bytes = 889523592379ULL;
-static size_t ZSTD_hash5(U64 u, U32 h) { return (size_t)(((u  << (64-40)) * prime5bytes) >> (64-h)) ; }
-static size_t ZSTD_hash5Ptr(const void* p, U32 h) { return ZSTD_hash5(MEM_readLE64(p), h); }
-
-static const U64 prime6bytes = 227718039650203ULL;
-static size_t ZSTD_hash6(U64 u, U32 h) { return (size_t)(((u  << (64-48)) * prime6bytes) >> (64-h)) ; }
-static size_t ZSTD_hash6Ptr(const void* p, U32 h) { return ZSTD_hash6(MEM_readLE64(p), h); }
-
-static const U64 prime7bytes = 58295818150454627ULL;
-static size_t ZSTD_hash7(U64 u, U32 h) { return (size_t)(((u  << (64-56)) * prime7bytes) >> (64-h)) ; }
-static size_t ZSTD_hash7Ptr(const void* p, U32 h) { return ZSTD_hash7(MEM_readLE64(p), h); }
-
-static const U64 prime8bytes = 0xCF1BBCDCB7A56463ULL;
-static size_t ZSTD_hash8(U64 u, U32 h) { return (size_t)(((u) * prime8bytes) >> (64-h)) ; }
-static size_t ZSTD_hash8Ptr(const void* p, U32 h) { return ZSTD_hash8(MEM_readLE64(p), h); }
-
-MEM_STATIC size_t ZSTD_hashPtr(const void* p, U32 hBits, U32 mls)
-{
-    switch(mls)
-    {
-    default:
-    case 4: return ZSTD_hash4Ptr(p, hBits);
-    case 5: return ZSTD_hash5Ptr(p, hBits);
-    case 6: return ZSTD_hash6Ptr(p, hBits);
-    case 7: return ZSTD_hash7Ptr(p, hBits);
-    case 8: return ZSTD_hash8Ptr(p, hBits);
-    }
-}
-
-#if defined (__cplusplus)
-}
-#endif
-
-#endif /* ZSTD_COMPRESS_H */
diff --git a/thirdparty/zstd/compress/zstd_compress_internal.h b/thirdparty/zstd/compress/zstd_compress_internal.h
new file mode 100644
index 0000000000..f104fe981e
--- /dev/null
+++ b/thirdparty/zstd/compress/zstd_compress_internal.h
@@ -0,0 +1,462 @@
+/*
+ * Copyright (c) 2016-present, Yann Collet, Facebook, Inc.
+ * All rights reserved.
+ *
+ * This source code is licensed under both the BSD-style license (found in the
+ * LICENSE file in the root directory of this source tree) and the GPLv2 (found
+ * in the COPYING file in the root directory of this source tree).
+ * You may select, at your option, one of the above-listed licenses.
+ */
+
+/* This header contains definitions
+ * that shall **only** be used by modules within lib/compress.
+ */
+
+#ifndef ZSTD_COMPRESS_H
+#define ZSTD_COMPRESS_H
+
+/*-*************************************
+*  Dependencies
+***************************************/
+#include "zstd_internal.h"
+#ifdef ZSTD_MULTITHREAD
+#  include "zstdmt_compress.h"
+#endif
+
+#if defined (__cplusplus)
+extern "C" {
+#endif
+
+/*-*************************************
+*  Constants
+***************************************/
+static const U32 g_searchStrength = 8;
+#define HASH_READ_SIZE 8
+
+
+/*-*************************************
+*  Context memory management
+***************************************/
+typedef enum { ZSTDcs_created=0, ZSTDcs_init, ZSTDcs_ongoing, ZSTDcs_ending } ZSTD_compressionStage_e;
+typedef enum { zcss_init=0, zcss_load, zcss_flush } ZSTD_cStreamStage;
+
+typedef struct ZSTD_prefixDict_s {
+    const void* dict;
+    size_t dictSize;
+    ZSTD_dictMode_e dictMode;
+} ZSTD_prefixDict;
+
+typedef struct {
+    U32 hufCTable[HUF_CTABLE_SIZE_U32(255)];
+    FSE_CTable offcodeCTable[FSE_CTABLE_SIZE_U32(OffFSELog, MaxOff)];
+    FSE_CTable matchlengthCTable[FSE_CTABLE_SIZE_U32(MLFSELog, MaxML)];
+    FSE_CTable litlengthCTable[FSE_CTABLE_SIZE_U32(LLFSELog, MaxLL)];
+    U32 workspace[HUF_WORKSPACE_SIZE_U32];
+    HUF_repeat hufCTable_repeatMode;
+    FSE_repeat offcode_repeatMode;
+    FSE_repeat matchlength_repeatMode;
+    FSE_repeat litlength_repeatMode;
+} ZSTD_entropyCTables_t;
+
+typedef struct {
+    U32 off;
+    U32 len;
+} ZSTD_match_t;
+
+typedef struct {
+    int price;
+    U32 off;
+    U32 mlen;
+    U32 litlen;
+    U32 rep[ZSTD_REP_NUM];
+} ZSTD_optimal_t;
+
+typedef struct {
+    /* All tables are allocated inside cctx->workspace by ZSTD_resetCCtx_internal() */
+    U32* litFreq;               /* table of literals statistics, of size 256 */
+    U32* litLengthFreq;         /* table of litLength statistics, of size (MaxLL+1) */
+    U32* matchLengthFreq;       /* table of matchLength statistics, of size (MaxML+1) */
+    U32* offCodeFreq;           /* table of offCode statistics, of size (MaxOff+1) */
+    ZSTD_match_t* matchTable;   /* list of found matches, of size ZSTD_OPT_NUM+1 */
+    ZSTD_optimal_t* priceTable; /* All positions tracked by optimal parser, of size ZSTD_OPT_NUM+1 */
+
+    U32  litSum;                 /* nb of literals */
+    U32  litLengthSum;           /* nb of litLength codes */
+    U32  matchLengthSum;         /* nb of matchLength codes */
+    U32  offCodeSum;             /* nb of offset codes */
+    /* begin updated by ZSTD_setLog2Prices */
+    U32  log2litSum;             /* pow2 to compare log2(litfreq) to */
+    U32  log2litLengthSum;       /* pow2 to compare log2(llfreq) to */
+    U32  log2matchLengthSum;     /* pow2 to compare log2(mlfreq) to */
+    U32  log2offCodeSum;         /* pow2 to compare log2(offreq) to */
+    /* end : updated by ZSTD_setLog2Prices */
+    U32  staticPrices;           /* prices follow a pre-defined cost structure, statistics are irrelevant */
+} optState_t;
+
+typedef struct {
+    U32 offset;
+    U32 checksum;
+} ldmEntry_t;
+
+typedef struct {
+    ldmEntry_t* hashTable;
+    BYTE* bucketOffsets;    /* Next position in bucket to insert entry */
+    U64 hashPower;          /* Used to compute the rolling hash.
+                             * Depends on ldmParams.minMatchLength */
+} ldmState_t;
+
+typedef struct {
+    U32 enableLdm;          /* 1 if enable long distance matching */
+    U32 hashLog;            /* Log size of hashTable */
+    U32 bucketSizeLog;      /* Log bucket size for collision resolution, at most 8 */
+    U32 minMatchLength;     /* Minimum match length */
+    U32 hashEveryLog;       /* Log number of entries to skip */
+} ldmParams_t;
+
+struct ZSTD_CCtx_params_s {
+    ZSTD_format_e format;
+    ZSTD_compressionParameters cParams;
+    ZSTD_frameParameters fParams;
+
+    int compressionLevel;
+    U32 forceWindow;           /* force back-references to respect limit of
+                                * 1<<wLog, even for dictionary */
+
+    /* Multithreading: used to pass parameters to mtctx */
+    U32 nbThreads;
+    unsigned jobSize;
+    unsigned overlapSizeLog;
+
+    /* Long distance matching parameters */
+    ldmParams_t ldmParams;
+
+    /* For use with createCCtxParams() and freeCCtxParams() only */
+    ZSTD_customMem customMem;
+
+};  /* typedef'd to ZSTD_CCtx_params within "zstd.h" */
+
+struct ZSTD_CCtx_s {
+    const BYTE* nextSrc;    /* next block here to continue on current prefix */
+    const BYTE* base;       /* All regular indexes relative to this position */
+    const BYTE* dictBase;   /* extDict indexes relative to this position */
+    U32   dictLimit;        /* below that point, need extDict */
+    U32   lowLimit;         /* below that point, no more data */
+    U32   nextToUpdate;     /* index from which to continue dictionary update */
+    U32   nextToUpdate3;    /* index from which to continue dictionary update */
+    U32   hashLog3;         /* dispatch table : larger == faster, more memory */
+    U32   loadedDictEnd;    /* index of end of dictionary */
+    ZSTD_compressionStage_e stage;
+    U32   dictID;
+    ZSTD_CCtx_params requestedParams;
+    ZSTD_CCtx_params appliedParams;
+    void* workSpace;
+    size_t workSpaceSize;
+    size_t blockSize;
+    U64 pledgedSrcSizePlusOne;  /* this way, 0 (default) == unknown */
+    U64 consumedSrcSize;
+    XXH64_state_t xxhState;
+    ZSTD_customMem customMem;
+    size_t staticSize;
+
+    seqStore_t seqStore;    /* sequences storage ptrs */
+    optState_t optState;
+    ldmState_t ldmState;    /* long distance matching state */
+    U32* hashTable;
+    U32* hashTable3;
+    U32* chainTable;
+    ZSTD_entropyCTables_t* entropy;
+
+    /* streaming */
+    char*  inBuff;
+    size_t inBuffSize;
+    size_t inToCompress;
+    size_t inBuffPos;
+    size_t inBuffTarget;
+    char*  outBuff;
+    size_t outBuffSize;
+    size_t outBuffContentSize;
+    size_t outBuffFlushedSize;
+    ZSTD_cStreamStage streamStage;
+    U32    frameEnded;
+
+    /* Dictionary */
+    ZSTD_CDict* cdictLocal;
+    const ZSTD_CDict* cdict;
+    ZSTD_prefixDict prefixDict;   /* single-usage dictionary */
+
+    /* Multi-threading */
+#ifdef ZSTD_MULTITHREAD
+    ZSTDMT_CCtx* mtctx;
+#endif
+};
+
+
+MEM_STATIC U32 ZSTD_LLcode(U32 litLength)
+{
+    static const BYTE LL_Code[64] = {  0,  1,  2,  3,  4,  5,  6,  7,
+                                       8,  9, 10, 11, 12, 13, 14, 15,
+                                      16, 16, 17, 17, 18, 18, 19, 19,
+                                      20, 20, 20, 20, 21, 21, 21, 21,
+                                      22, 22, 22, 22, 22, 22, 22, 22,
+                                      23, 23, 23, 23, 23, 23, 23, 23,
+                                      24, 24, 24, 24, 24, 24, 24, 24,
+                                      24, 24, 24, 24, 24, 24, 24, 24 };
+    static const U32 LL_deltaCode = 19;
+    return (litLength > 63) ? ZSTD_highbit32(litLength) + LL_deltaCode : LL_Code[litLength];
+}
+
+/* ZSTD_MLcode() :
+ * note : mlBase = matchLength - MINMATCH;
+ *        because it's the format it's stored in seqStore->sequences */
+MEM_STATIC U32 ZSTD_MLcode(U32 mlBase)
+{
+    static const BYTE ML_Code[128] = { 0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
+                                      16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
+                                      32, 32, 33, 33, 34, 34, 35, 35, 36, 36, 36, 36, 37, 37, 37, 37,
+                                      38, 38, 38, 38, 38, 38, 38, 38, 39, 39, 39, 39, 39, 39, 39, 39,
+                                      40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
+                                      41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41,
+                                      42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42,
+                                      42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42 };
+    static const U32 ML_deltaCode = 36;
+    return (mlBase > 127) ? ZSTD_highbit32(mlBase) + ML_deltaCode : ML_Code[mlBase];
+}
+
+/*! ZSTD_storeSeq() :
+ *  Store a sequence (literal length, literals, offset code and match length code) into seqStore_t.
+ *  `offsetCode` : distance to match + 3 (values 1-3 are repCodes).
+ *  `mlBase` : matchLength - MINMATCH
+*/
+MEM_STATIC void ZSTD_storeSeq(seqStore_t* seqStorePtr, size_t litLength, const void* literals, U32 offsetCode, size_t mlBase)
+{
+#if defined(ZSTD_DEBUG) && (ZSTD_DEBUG >= 6)
+    static const BYTE* g_start = NULL;
+    if (g_start==NULL) g_start = (const BYTE*)literals;  /* note : index only works for compression within a single segment */
+    {   U32 const pos = (U32)((const BYTE*)literals - g_start);
+        DEBUGLOG(6, "Cpos%7u :%3u literals, match%3u bytes at dist.code%7u",
+               pos, (U32)litLength, (U32)mlBase+MINMATCH, (U32)offsetCode);
+    }
+#endif
+    /* copy Literals */
+    assert(seqStorePtr->lit + litLength <= seqStorePtr->litStart + 128 KB);
+    ZSTD_wildcopy(seqStorePtr->lit, literals, litLength);
+    seqStorePtr->lit += litLength;
+
+    /* literal Length */
+    if (litLength>0xFFFF) {
+        assert(seqStorePtr->longLengthID == 0); /* there can only be a single long length */
+        seqStorePtr->longLengthID = 1;
+        seqStorePtr->longLengthPos = (U32)(seqStorePtr->sequences - seqStorePtr->sequencesStart);
+    }
+    seqStorePtr->sequences[0].litLength = (U16)litLength;
+
+    /* match offset */
+    seqStorePtr->sequences[0].offset = offsetCode + 1;
+
+    /* match Length */
+    if (mlBase>0xFFFF) {
+        assert(seqStorePtr->longLengthID == 0); /* there can only be a single long length */
+        seqStorePtr->longLengthID = 2;
+        seqStorePtr->longLengthPos = (U32)(seqStorePtr->sequences - seqStorePtr->sequencesStart);
+    }
+    seqStorePtr->sequences[0].matchLength = (U16)mlBase;
+
+    seqStorePtr->sequences++;
+}
+
+
+/*-*************************************
+*  Match length counter
+***************************************/
+static unsigned ZSTD_NbCommonBytes (size_t val)
+{
+    if (MEM_isLittleEndian()) {
+        if (MEM_64bits()) {
+#       if defined(_MSC_VER) && defined(_WIN64)
+            unsigned long r = 0;
+            _BitScanForward64( &r, (U64)val );
+            return (unsigned)(r>>3);
+#       elif defined(__GNUC__) && (__GNUC__ >= 4)
+            return (__builtin_ctzll((U64)val) >> 3);
+#       else
+            static const int DeBruijnBytePos[64] = { 0, 0, 0, 0, 0, 1, 1, 2,
+                                                     0, 3, 1, 3, 1, 4, 2, 7,
+                                                     0, 2, 3, 6, 1, 5, 3, 5,
+                                                     1, 3, 4, 4, 2, 5, 6, 7,
+                                                     7, 0, 1, 2, 3, 3, 4, 6,
+                                                     2, 6, 5, 5, 3, 4, 5, 6,
+                                                     7, 1, 2, 4, 6, 4, 4, 5,
+                                                     7, 2, 6, 5, 7, 6, 7, 7 };
+            return DeBruijnBytePos[((U64)((val & -(long long)val) * 0x0218A392CDABBD3FULL)) >> 58];
+#       endif
+        } else { /* 32 bits */
+#       if defined(_MSC_VER)
+            unsigned long r=0;
+            _BitScanForward( &r, (U32)val );
+            return (unsigned)(r>>3);
+#       elif defined(__GNUC__) && (__GNUC__ >= 3)
+            return (__builtin_ctz((U32)val) >> 3);
+#       else
+            static const int DeBruijnBytePos[32] = { 0, 0, 3, 0, 3, 1, 3, 0,
+                                                     3, 2, 2, 1, 3, 2, 0, 1,
+                                                     3, 3, 1, 2, 2, 2, 2, 0,
+                                                     3, 1, 2, 0, 1, 0, 1, 1 };
+            return DeBruijnBytePos[((U32)((val & -(S32)val) * 0x077CB531U)) >> 27];
+#       endif
+        }
+    } else {  /* Big Endian CPU */
+        if (MEM_64bits()) {
+#       if defined(_MSC_VER) && defined(_WIN64)
+            unsigned long r = 0;
+            _BitScanReverse64( &r, val );
+            return (unsigned)(r>>3);
+#       elif defined(__GNUC__) && (__GNUC__ >= 4)
+            return (__builtin_clzll(val) >> 3);
+#       else
+            unsigned r;
+            const unsigned n32 = sizeof(size_t)*4;   /* calculate this way due to compiler complaining in 32-bits mode */
+            if (!(val>>n32)) { r=4; } else { r=0; val>>=n32; }
+            if (!(val>>16)) { r+=2; val>>=8; } else { val>>=24; }
+            r += (!val);
+            return r;
+#       endif
+        } else { /* 32 bits */
+#       if defined(_MSC_VER)
+            unsigned long r = 0;
+            _BitScanReverse( &r, (unsigned long)val );
+            return (unsigned)(r>>3);
+#       elif defined(__GNUC__) && (__GNUC__ >= 3)
+            return (__builtin_clz((U32)val) >> 3);
+#       else
+            unsigned r;
+            if (!(val>>16)) { r=2; val>>=8; } else { r=0; val>>=24; }
+            r += (!val);
+            return r;
+#       endif
+    }   }
+}
+
+
+MEM_STATIC size_t ZSTD_count(const BYTE* pIn, const BYTE* pMatch, const BYTE* const pInLimit)
+{
+    const BYTE* const pStart = pIn;
+    const BYTE* const pInLoopLimit = pInLimit - (sizeof(size_t)-1);
+
+    if (pIn < pInLoopLimit) {
+        { size_t const diff = MEM_readST(pMatch) ^ MEM_readST(pIn);
+          if (diff) return ZSTD_NbCommonBytes(diff); }
+        pIn+=sizeof(size_t); pMatch+=sizeof(size_t);
+        while (pIn < pInLoopLimit) {
+            size_t const diff = MEM_readST(pMatch) ^ MEM_readST(pIn);
+            if (!diff) { pIn+=sizeof(size_t); pMatch+=sizeof(size_t); continue; }
+            pIn += ZSTD_NbCommonBytes(diff);
+            return (size_t)(pIn - pStart);
+    }   }
+    if (MEM_64bits() && (pIn<(pInLimit-3)) && (MEM_read32(pMatch) == MEM_read32(pIn))) { pIn+=4; pMatch+=4; }
+    if ((pIn<(pInLimit-1)) && (MEM_read16(pMatch) == MEM_read16(pIn))) { pIn+=2; pMatch+=2; }
+    if ((pIn<pInLimit) && (*pMatch == *pIn)) pIn++;
+    return (size_t)(pIn - pStart);
+}
+
+/** ZSTD_count_2segments() :
+*   can count match length with `ip` & `match` in 2 different segments.
+*   convention : on reaching mEnd, match count continue starting from iStart
+*/
+MEM_STATIC size_t ZSTD_count_2segments(const BYTE* ip, const BYTE* match, const BYTE* iEnd, const BYTE* mEnd, const BYTE* iStart)
+{
+    const BYTE* const vEnd = MIN( ip + (mEnd - match), iEnd);
+    size_t const matchLength = ZSTD_count(ip, match, vEnd);
+    if (match + matchLength != mEnd) return matchLength;
+    return matchLength + ZSTD_count(ip+matchLength, iStart, iEnd);
+}
+
+
+/*-*************************************
+*  Hashes
+***************************************/
+static const U32 prime3bytes = 506832829U;
+static U32    ZSTD_hash3(U32 u, U32 h) { return ((u << (32-24)) * prime3bytes)  >> (32-h) ; }
+MEM_STATIC size_t ZSTD_hash3Ptr(const void* ptr, U32 h) { return ZSTD_hash3(MEM_readLE32(ptr), h); } /* only in zstd_opt.h */
+
+static const U32 prime4bytes = 2654435761U;
+static U32    ZSTD_hash4(U32 u, U32 h) { return (u * prime4bytes) >> (32-h) ; }
+static size_t ZSTD_hash4Ptr(const void* ptr, U32 h) { return ZSTD_hash4(MEM_read32(ptr), h); }
+
+static const U64 prime5bytes = 889523592379ULL;
+static size_t ZSTD_hash5(U64 u, U32 h) { return (size_t)(((u  << (64-40)) * prime5bytes) >> (64-h)) ; }
+static size_t ZSTD_hash5Ptr(const void* p, U32 h) { return ZSTD_hash5(MEM_readLE64(p), h); }
+
+static const U64 prime6bytes = 227718039650203ULL;
+static size_t ZSTD_hash6(U64 u, U32 h) { return (size_t)(((u  << (64-48)) * prime6bytes) >> (64-h)) ; }
+static size_t ZSTD_hash6Ptr(const void* p, U32 h) { return ZSTD_hash6(MEM_readLE64(p), h); }
+
+static const U64 prime7bytes = 58295818150454627ULL;
+static size_t ZSTD_hash7(U64 u, U32 h) { return (size_t)(((u  << (64-56)) * prime7bytes) >> (64-h)) ; }
+static size_t ZSTD_hash7Ptr(const void* p, U32 h) { return ZSTD_hash7(MEM_readLE64(p), h); }
+
+static const U64 prime8bytes = 0xCF1BBCDCB7A56463ULL;
+static size_t ZSTD_hash8(U64 u, U32 h) { return (size_t)(((u) * prime8bytes) >> (64-h)) ; }
+static size_t ZSTD_hash8Ptr(const void* p, U32 h) { return ZSTD_hash8(MEM_readLE64(p), h); }
+
+MEM_STATIC size_t ZSTD_hashPtr(const void* p, U32 hBits, U32 mls)
+{
+    switch(mls)
+    {
+    default:
+    case 4: return ZSTD_hash4Ptr(p, hBits);
+    case 5: return ZSTD_hash5Ptr(p, hBits);
+    case 6: return ZSTD_hash6Ptr(p, hBits);
+    case 7: return ZSTD_hash7Ptr(p, hBits);
+    case 8: return ZSTD_hash8Ptr(p, hBits);
+    }
+}
+
+#if defined (__cplusplus)
+}
+#endif
+
+
+/* ==============================================================
+ * Private declarations
+ * These prototypes shall only be called from within lib/compress
+ * ============================================================== */
+
+/*! ZSTD_initCStream_internal() :
+ *  Private use only. Init streaming operation.
+ *  expects params to be valid.
+ *  must receive dict, or cdict, or none, but not both.
+ *  @return : 0, or an error code */
+size_t ZSTD_initCStream_internal(ZSTD_CStream* zcs,
+                     const void* dict, size_t dictSize,
+                     const ZSTD_CDict* cdict,
+                     ZSTD_CCtx_params  params, unsigned long long pledgedSrcSize);
+
+/*! ZSTD_compressStream_generic() :
+ *  Private use only. To be called from zstdmt_compress.c in single-thread mode. */
+size_t ZSTD_compressStream_generic(ZSTD_CStream* zcs,
+                                   ZSTD_outBuffer* output,
+                                   ZSTD_inBuffer* input,
+                                   ZSTD_EndDirective const flushMode);
+
+/*! ZSTD_getCParamsFromCDict() :
+ *  as the name implies */
+ZSTD_compressionParameters ZSTD_getCParamsFromCDict(const ZSTD_CDict* cdict);
+
+/* ZSTD_compressBegin_advanced_internal() :
+ * Private use only. To be called from zstdmt_compress.c. */
+size_t ZSTD_compressBegin_advanced_internal(ZSTD_CCtx* cctx,
+                                    const void* dict, size_t dictSize,
+                                    ZSTD_dictMode_e dictMode,
+                                    const ZSTD_CDict* cdict,
+                                    ZSTD_CCtx_params params,
+                                    unsigned long long pledgedSrcSize);
+
+/* ZSTD_compress_advanced_internal() :
+ * Private use only. To be called from zstdmt_compress.c. */
+size_t ZSTD_compress_advanced_internal(ZSTD_CCtx* cctx,
+                                       void* dst, size_t dstCapacity,
+                                 const void* src, size_t srcSize,
+                                 const void* dict,size_t dictSize,
+                                 ZSTD_CCtx_params params);
+
+#endif /* ZSTD_COMPRESS_H */
diff --git a/thirdparty/zstd/compress/zstd_double_fast.c b/thirdparty/zstd/compress/zstd_double_fast.c
index 876a36042c..fee5127c35 100644
--- a/thirdparty/zstd/compress/zstd_double_fast.c
+++ b/thirdparty/zstd/compress/zstd_double_fast.c
@@ -8,6 +8,7 @@
  * You may select, at your option, one of the above-listed licenses.
  */
 
+#include "zstd_compress_internal.h"
 #include "zstd_double_fast.h"
 
 
diff --git a/thirdparty/zstd/compress/zstd_double_fast.h b/thirdparty/zstd/compress/zstd_double_fast.h
index 3dba6c7108..75e0415809 100644
--- a/thirdparty/zstd/compress/zstd_double_fast.h
+++ b/thirdparty/zstd/compress/zstd_double_fast.h
@@ -11,12 +11,13 @@
 #ifndef ZSTD_DOUBLE_FAST_H
 #define ZSTD_DOUBLE_FAST_H
 
-#include "zstd_compress.h"
-
 #if defined (__cplusplus)
 extern "C" {
 #endif
 
+#include "mem.h"      /* U32 */
+#include "zstd.h"     /* ZSTD_CCtx, size_t */
+
 void ZSTD_fillDoubleHashTable(ZSTD_CCtx* cctx, const void* end, const U32 mls);
 size_t ZSTD_compressBlock_doubleFast(ZSTD_CCtx* ctx, const void* src, size_t srcSize);
 size_t ZSTD_compressBlock_doubleFast_extDict(ZSTD_CCtx* ctx, const void* src, size_t srcSize);
diff --git a/thirdparty/zstd/compress/zstd_fast.c b/thirdparty/zstd/compress/zstd_fast.c
index 2e057017b9..7b56c3d6ad 100644
--- a/thirdparty/zstd/compress/zstd_fast.c
+++ b/thirdparty/zstd/compress/zstd_fast.c
@@ -8,6 +8,7 @@
  * You may select, at your option, one of the above-listed licenses.
  */
 
+#include "zstd_compress_internal.h"
 #include "zstd_fast.h"
 
 
diff --git a/thirdparty/zstd/compress/zstd_fast.h b/thirdparty/zstd/compress/zstd_fast.h
index 4205141a9a..d8b7771954 100644
--- a/thirdparty/zstd/compress/zstd_fast.h
+++ b/thirdparty/zstd/compress/zstd_fast.h
@@ -11,12 +11,13 @@
 #ifndef ZSTD_FAST_H
 #define ZSTD_FAST_H
 
-#include "zstd_compress.h"
-
 #if defined (__cplusplus)
 extern "C" {
 #endif
 
+#include "mem.h"      /* U32 */
+#include "zstd.h"     /* ZSTD_CCtx, size_t */
+
 void ZSTD_fillHashTable(ZSTD_CCtx* zc, const void* end, const U32 mls);
 size_t ZSTD_compressBlock_fast(ZSTD_CCtx* ctx,
                          const void* src, size_t srcSize);
diff --git a/thirdparty/zstd/compress/zstd_lazy.c b/thirdparty/zstd/compress/zstd_lazy.c
index 2a7f6a0fe2..6d4804961d 100644
--- a/thirdparty/zstd/compress/zstd_lazy.c
+++ b/thirdparty/zstd/compress/zstd_lazy.c
@@ -8,6 +8,7 @@
  * You may select, at your option, one of the above-listed licenses.
  */
 
+#include "zstd_compress_internal.h"
 #include "zstd_lazy.h"
 
 
@@ -15,10 +16,11 @@
 *  Binary Tree search
 ***************************************/
 /** ZSTD_insertBt1() : add one or multiple positions to tree.
-*   ip : assumed <= iend-8 .
-*   @return : nb of positions added */
-static U32 ZSTD_insertBt1(ZSTD_CCtx* zc, const BYTE* const ip, const U32 mls, const BYTE* const iend, U32 nbCompares,
-                          U32 extDict)
+ *  ip : assumed <= iend-8 .
+ * @return : nb of positions added */
+static U32 ZSTD_insertBt1(ZSTD_CCtx* zc,
+                const BYTE* const ip, const BYTE* const iend,
+                U32 nbCompares, U32 const mls, U32 const extDict)
 {
     U32*   const hashTable = zc->hashTable;
     U32    const hashLog = zc->appliedParams.cParams.hashLog;
@@ -40,7 +42,7 @@ static U32 ZSTD_insertBt1(ZSTD_CCtx* zc, const BYTE* const ip, const U32 mls, co
     U32* largerPtr  = smallerPtr + 1;
     U32 dummy32;   /* to be nullified at the end */
     U32 const windowLow = zc->lowLimit;
-    U32 matchEndIdx = current+8;
+    U32 matchEndIdx = current+8+1;
     size_t bestLength = 8;
 #ifdef ZSTD_C_PREDICT
     U32 predictedSmall = *(bt + 2*((current-1)&btMask) + 0);
@@ -49,12 +51,15 @@ static U32 ZSTD_insertBt1(ZSTD_CCtx* zc, const BYTE* const ip, const U32 mls, co
     predictedLarge += (predictedLarge>0);
 #endif /* ZSTD_C_PREDICT */
 
+    DEBUGLOG(8, "ZSTD_insertBt1 (%u)", current);
+
     assert(ip <= iend-8);   /* required for h calculation */
     hashTable[h] = current;   /* Update Hash Table */
 
     while (nbCompares-- && (matchIndex > windowLow)) {
         U32* const nextPtr = bt + 2*(matchIndex & btMask);
         size_t matchLength = MIN(commonLengthSmaller, commonLengthLarger);   /* guaranteed minimum nb of common bytes */
+        assert(matchIndex < current);
 
 #ifdef ZSTD_C_PREDICT   /* note : can create issues when hlog small <= 11 */
         const U32* predictPtr = bt + 2*((matchIndex-1) & btMask);   /* written this way, as bt is a roll buffer */
@@ -76,10 +81,11 @@ static U32 ZSTD_insertBt1(ZSTD_CCtx* zc, const BYTE* const ip, const U32 mls, co
             continue;
         }
 #endif
+
         if ((!extDict) || (matchIndex+matchLength >= dictLimit)) {
+            assert(matchIndex+matchLength >= dictLimit);   /* might be wrong if extDict is incorrectly set to 0 */
             match = base + matchIndex;
-            if (match[matchLength] == ip[matchLength])
-                matchLength += ZSTD_count(ip+matchLength+1, match+matchLength+1, iend) +1;
+            matchLength += ZSTD_count(ip+matchLength, match+matchLength, iend);
         } else {
             match = dictBase + matchIndex;
             matchLength += ZSTD_count_2segments(ip+matchLength, match+matchLength, iend, dictEnd, prefixStart);
@@ -93,16 +99,17 @@ static U32 ZSTD_insertBt1(ZSTD_CCtx* zc, const BYTE* const ip, const U32 mls, co
                 matchEndIdx = matchIndex + (U32)matchLength;
         }
 
-        if (ip+matchLength == iend)   /* equal : no way to know if inf or sup */
+        if (ip+matchLength == iend) {   /* equal : no way to know if inf or sup */
             break;   /* drop , to guarantee consistency ; miss a bit of compression, but other solutions can corrupt tree */
+        }
 
         if (match[matchLength] < ip[matchLength]) {  /* necessarily within buffer */
-            /* match+1 is smaller than current */
+            /* match is smaller than current */
             *smallerPtr = matchIndex;             /* update smaller idx */
             commonLengthSmaller = matchLength;    /* all smaller will now have at least this guaranteed common length */
             if (matchIndex <= btLow) { smallerPtr=&dummy32; break; }   /* beyond tree size, stop searching */
-            smallerPtr = nextPtr+1;               /* new "smaller" => larger of match */
-            matchIndex = nextPtr[1];              /* new matchIndex larger than previous (closer to current) */
+            smallerPtr = nextPtr+1;               /* new "candidate" => larger than match, which was smaller than target */
+            matchIndex = nextPtr[1];              /* new matchIndex, larger than previous and closer to current */
         } else {
             /* match is larger than current */
             *largerPtr = matchIndex;
@@ -114,8 +121,38 @@ static U32 ZSTD_insertBt1(ZSTD_CCtx* zc, const BYTE* const ip, const U32 mls, co
 
     *smallerPtr = *largerPtr = 0;
     if (bestLength > 384) return MIN(192, (U32)(bestLength - 384));   /* speed optimization */
-    if (matchEndIdx > current + 8) return matchEndIdx - (current + 8);
-    return 1;
+    assert(matchEndIdx > current + 8);
+    return matchEndIdx - (current + 8);
+}
+
+FORCE_INLINE_TEMPLATE
+void ZSTD_updateTree_internal(ZSTD_CCtx* zc,
+                const BYTE* const ip, const BYTE* const iend,
+                const U32 nbCompares, const U32 mls, const U32 extDict)
+{
+    const BYTE* const base = zc->base;
+    U32 const target = (U32)(ip - base);
+    U32 idx = zc->nextToUpdate;
+    DEBUGLOG(7, "ZSTD_updateTree_internal, from %u to %u  (extDict:%u)",
+                idx, target, extDict);
+
+    while(idx < target)
+        idx += ZSTD_insertBt1(zc, base+idx, iend, nbCompares, mls, extDict);
+    zc->nextToUpdate = target;
+}
+
+void ZSTD_updateTree(ZSTD_CCtx* zc,
+                const BYTE* const ip, const BYTE* const iend,
+                const U32 nbCompares, const U32 mls)
+{
+    ZSTD_updateTree_internal(zc, ip, iend, nbCompares, mls, 0 /*extDict*/);
+}
+
+void ZSTD_updateTree_extDict(ZSTD_CCtx* zc,
+                const BYTE* const ip, const BYTE* const iend,
+                const U32 nbCompares, const U32 mls)
+{
+    ZSTD_updateTree_internal(zc, ip, iend, nbCompares, mls, 1 /*extDict*/);
 }
 
 
@@ -144,7 +181,7 @@ static size_t ZSTD_insertBtAndFindBestMatch (
     const U32 windowLow = zc->lowLimit;
     U32* smallerPtr = bt + 2*(current&btMask);
     U32* largerPtr  = bt + 2*(current&btMask) + 1;
-    U32 matchEndIdx = current+8;
+    U32 matchEndIdx = current+8+1;
     U32 dummy32;   /* to be nullified at the end */
     size_t bestLength = 0;
 
@@ -158,8 +195,7 @@ static size_t ZSTD_insertBtAndFindBestMatch (
 
         if ((!extDict) || (matchIndex+matchLength >= dictLimit)) {
             match = base + matchIndex;
-            if (match[matchLength] == ip[matchLength])
-                matchLength += ZSTD_count(ip+matchLength+1, match+matchLength+1, iend) +1;
+            matchLength += ZSTD_count(ip+matchLength, match+matchLength, iend);
         } else {
             match = dictBase + matchIndex;
             matchLength += ZSTD_count_2segments(ip+matchLength, match+matchLength, iend, dictEnd, prefixStart);
@@ -172,8 +208,9 @@ static size_t ZSTD_insertBtAndFindBestMatch (
                 matchEndIdx = matchIndex + (U32)matchLength;
             if ( (4*(int)(matchLength-bestLength)) > (int)(ZSTD_highbit32(current-matchIndex+1) - ZSTD_highbit32((U32)offsetPtr[0]+1)) )
                 bestLength = matchLength, *offsetPtr = ZSTD_REP_MOVE + current - matchIndex;
-            if (ip+matchLength == iend)   /* equal : no way to know if inf or sup */
+            if (ip+matchLength == iend) {   /* equal : no way to know if inf or sup */
                 break;   /* drop, to guarantee consistency (miss a little bit of compression) */
+            }
         }
 
         if (match[matchLength] < ip[matchLength]) {
@@ -194,21 +231,12 @@ static size_t ZSTD_insertBtAndFindBestMatch (
 
     *smallerPtr = *largerPtr = 0;
 
-    zc->nextToUpdate = (matchEndIdx > current + 8) ? matchEndIdx - 8 : current+1;
+    assert(matchEndIdx > current+8);
+    zc->nextToUpdate = matchEndIdx - 8;   /* skip repetitive patterns */
     return bestLength;
 }
 
 
-void ZSTD_updateTree(ZSTD_CCtx* zc, const BYTE* const ip, const BYTE* const iend, const U32 nbCompares, const U32 mls)
-{
-    const BYTE* const base = zc->base;
-    const U32 target = (U32)(ip - base);
-    U32 idx = zc->nextToUpdate;
-
-    while(idx < target)
-        idx += ZSTD_insertBt1(zc, base+idx, mls, iend, nbCompares, 0);
-}
-
 /** ZSTD_BtFindBestMatch() : Tree updater, providing best match */
 static size_t ZSTD_BtFindBestMatch (
                         ZSTD_CCtx* zc,
@@ -239,16 +267,6 @@ static size_t ZSTD_BtFindBestMatch_selectMLS (
 }
 
 
-void ZSTD_updateTree_extDict(ZSTD_CCtx* zc, const BYTE* const ip, const BYTE* const iend, const U32 nbCompares, const U32 mls)
-{
-    const BYTE* const base = zc->base;
-    const U32 target = (U32)(ip - base);
-    U32 idx = zc->nextToUpdate;
-
-    while (idx < target) idx += ZSTD_insertBt1(zc, base+idx, mls, iend, nbCompares, 1);
-}
-
-
 /** Tree updater, providing best match */
 static size_t ZSTD_BtFindBestMatch_extDict (
                         ZSTD_CCtx* zc,
@@ -335,14 +353,14 @@ size_t ZSTD_HcFindBestMatch_generic (
     U32 matchIndex = ZSTD_insertAndFindFirstIndex (zc, ip, mls);
 
     for ( ; (matchIndex>lowLimit) & (nbAttempts>0) ; nbAttempts--) {
-        const BYTE* match;
         size_t currentMl=0;
         if ((!extDict) || matchIndex >= dictLimit) {
-            match = base + matchIndex;
+            const BYTE* const match = base + matchIndex;
             if (match[ml] == ip[ml])   /* potentially better */
                 currentMl = ZSTD_count(ip, match, iLimit);
         } else {
-            match = dictBase + matchIndex;
+            const BYTE* const match = dictBase + matchIndex;
+            assert(match+4 <= dictEnd);
             if (MEM_read32(match) == MEM_read32(ip))   /* assumption : matchIndex <= dictLimit-4 (by table construction) */
                 currentMl = ZSTD_count_2segments(ip+4, match+4, iLimit, dictEnd, prefixStart) + 4;
         }
@@ -380,10 +398,10 @@ FORCE_INLINE_TEMPLATE size_t ZSTD_HcFindBestMatch_selectMLS (
 
 
 FORCE_INLINE_TEMPLATE size_t ZSTD_HcFindBestMatch_extDict_selectMLS (
-                        ZSTD_CCtx* zc,
+                        ZSTD_CCtx* const zc,
                         const BYTE* ip, const BYTE* const iLimit,
-                        size_t* offsetPtr,
-                        const U32 maxNbAttempts, const U32 matchLengthSearch)
+                        size_t* const offsetPtr,
+                        U32 const maxNbAttempts, U32 const matchLengthSearch)
 {
     switch(matchLengthSearch)
     {
@@ -502,9 +520,8 @@ size_t ZSTD_compressBlock_lazy_generic(ZSTD_CCtx* ctx,
          */
         /* catch up */
         if (offset) {
-            while ( (start > anchor)
-                 && (start > base+offset-ZSTD_REP_MOVE)
-                 && (start[-1] == (start-offset+ZSTD_REP_MOVE)[-1]) )  /* only search for offset within prefix */
+            while ( ((start > anchor) & (start - (offset-ZSTD_REP_MOVE) > base))
+                 && (start[-1] == (start-(offset-ZSTD_REP_MOVE))[-1]) )  /* only search for offset within prefix */
                 { start--; matchLength++; }
             offset_2 = offset_1; offset_1 = (U32)(offset - ZSTD_REP_MOVE);
         }
@@ -516,9 +533,8 @@ _storeSequence:
         }
 
         /* check immediate repcode */
-        while ( (ip <= ilimit)
-             && ((offset_2>0)
-             & (MEM_read32(ip) == MEM_read32(ip - offset_2)) )) {
+        while ( ((ip <= ilimit) & (offset_2>0))
+             && (MEM_read32(ip) == MEM_read32(ip - offset_2)) ) {
             /* store sequence */
             matchLength = ZSTD_count(ip+4, ip+4-offset_2, iend) + 4;
             offset = offset_2; offset_2 = offset_1; offset_1 = (U32)offset; /* swap repcodes */
diff --git a/thirdparty/zstd/compress/zstd_lazy.h b/thirdparty/zstd/compress/zstd_lazy.h
index a9c4daed25..74e1fd6970 100644
--- a/thirdparty/zstd/compress/zstd_lazy.h
+++ b/thirdparty/zstd/compress/zstd_lazy.h
@@ -11,12 +11,13 @@
 #ifndef ZSTD_LAZY_H
 #define ZSTD_LAZY_H
 
-#include "zstd_compress.h"
-
 #if defined (__cplusplus)
 extern "C" {
 #endif
 
+#include "mem.h"    /* U32 */
+#include "zstd.h"   /* ZSTD_CCtx, size_t */
+
 U32 ZSTD_insertAndFindFirstIndex (ZSTD_CCtx* zc, const BYTE* ip, U32 mls);
 void ZSTD_updateTree(ZSTD_CCtx* zc, const BYTE* const ip, const BYTE* const iend, const U32 nbCompares, const U32 mls);
 void ZSTD_updateTree_extDict(ZSTD_CCtx* zc, const BYTE* const ip, const BYTE* const iend, const U32 nbCompares, const U32 mls);
diff --git a/thirdparty/zstd/compress/zstd_ldm.h b/thirdparty/zstd/compress/zstd_ldm.h
index d6d3d42c33..8f12c677aa 100644
--- a/thirdparty/zstd/compress/zstd_ldm.h
+++ b/thirdparty/zstd/compress/zstd_ldm.h
@@ -10,12 +10,13 @@
 #ifndef ZSTD_LDM_H
 #define ZSTD_LDM_H
 
-#include "zstd_compress.h"
-
 #if defined (__cplusplus)
 extern "C" {
 #endif
 
+#include "zstd_compress_internal.h"   /* ldmParams_t, U32 */
+#include "zstd.h"   /* ZSTD_CCtx, size_t */
+
 /*-*************************************
 *  Long distance matching
 ***************************************/
diff --git a/thirdparty/zstd/compress/zstd_opt.c b/thirdparty/zstd/compress/zstd_opt.c
index c47ce23ad5..7171ff5373 100644
--- a/thirdparty/zstd/compress/zstd_opt.c
+++ b/thirdparty/zstd/compress/zstd_opt.c
@@ -8,36 +8,35 @@
  * You may select, at your option, one of the above-listed licenses.
  */
 
+#include "zstd_compress_internal.h"
 #include "zstd_opt.h"
-#include "zstd_lazy.h"
+#include "zstd_lazy.h"   /* ZSTD_updateTree, ZSTD_updateTree_extDict */
 
 
-#define ZSTD_LITFREQ_ADD    2
-#define ZSTD_FREQ_DIV       4
-#define ZSTD_MAX_PRICE      (1<<30)
+#define ZSTD_LITFREQ_ADD    2   /* scaling factor for litFreq, so that frequencies adapt faster to new stats. Also used for matchSum (?) */
+#define ZSTD_FREQ_DIV       4   /* log factor when using previous stats to init next stats */
+#define ZSTD_MAX_PRICE     (1<<30)
+
 
 /*-*************************************
 *  Price functions for optimal parser
 ***************************************/
 static void ZSTD_setLog2Prices(optState_t* optPtr)
 {
-    optPtr->log2matchLengthSum = ZSTD_highbit32(optPtr->matchLengthSum+1);
-    optPtr->log2litLengthSum = ZSTD_highbit32(optPtr->litLengthSum+1);
     optPtr->log2litSum = ZSTD_highbit32(optPtr->litSum+1);
+    optPtr->log2litLengthSum = ZSTD_highbit32(optPtr->litLengthSum+1);
+    optPtr->log2matchLengthSum = ZSTD_highbit32(optPtr->matchLengthSum+1);
     optPtr->log2offCodeSum = ZSTD_highbit32(optPtr->offCodeSum+1);
-    optPtr->factor = 1 + ((optPtr->litSum>>5) / optPtr->litLengthSum) + ((optPtr->litSum<<1) / (optPtr->litSum + optPtr->matchSum));
 }
 
 
-static void ZSTD_rescaleFreqs(optState_t* optPtr, const BYTE* src, size_t srcSize)
+static void ZSTD_rescaleFreqs(optState_t* const optPtr,
+                              const BYTE* const src, size_t const srcSize)
 {
-    unsigned u;
-
-    optPtr->cachedLiterals = NULL;
-    optPtr->cachedPrice = optPtr->cachedLitLength = 0;
     optPtr->staticPrices = 0;
 
-    if (optPtr->litLengthSum == 0) {
+    if (optPtr->litLengthSum == 0) {  /* first init */
+        unsigned u;
         if (srcSize <= 1024) optPtr->staticPrices = 1;
 
         assert(optPtr->litFreq!=NULL);
@@ -45,44 +44,41 @@ static void ZSTD_rescaleFreqs(optState_t* optPtr, const BYTE* src, size_t srcSiz
             optPtr->litFreq[u] = 0;
         for (u=0; u<srcSize; u++)
             optPtr->litFreq[src[u]]++;
-
         optPtr->litSum = 0;
-        optPtr->litLengthSum = MaxLL+1;
-        optPtr->matchLengthSum = MaxML+1;
-        optPtr->offCodeSum = (MaxOff+1);
-        optPtr->matchSum = (ZSTD_LITFREQ_ADD<<Litbits);
-
         for (u=0; u<=MaxLit; u++) {
-            optPtr->litFreq[u] = 1 + (optPtr->litFreq[u]>>ZSTD_FREQ_DIV);
+            optPtr->litFreq[u] = 1 + (optPtr->litFreq[u] >> ZSTD_FREQ_DIV);
             optPtr->litSum += optPtr->litFreq[u];
         }
+
         for (u=0; u<=MaxLL; u++)
             optPtr->litLengthFreq[u] = 1;
+        optPtr->litLengthSum = MaxLL+1;
         for (u=0; u<=MaxML; u++)
             optPtr->matchLengthFreq[u] = 1;
+        optPtr->matchLengthSum = MaxML+1;
         for (u=0; u<=MaxOff; u++)
             optPtr->offCodeFreq[u] = 1;
+        optPtr->offCodeSum = (MaxOff+1);
+
     } else {
-        optPtr->matchLengthSum = 0;
-        optPtr->litLengthSum = 0;
-        optPtr->offCodeSum = 0;
-        optPtr->matchSum = 0;
-        optPtr->litSum = 0;
+        unsigned u;
 
+        optPtr->litSum = 0;
         for (u=0; u<=MaxLit; u++) {
-            optPtr->litFreq[u] = 1 + (optPtr->litFreq[u]>>(ZSTD_FREQ_DIV+1));
+            optPtr->litFreq[u] = 1 + (optPtr->litFreq[u] >> (ZSTD_FREQ_DIV+1));
             optPtr->litSum += optPtr->litFreq[u];
         }
+        optPtr->litLengthSum = 0;
         for (u=0; u<=MaxLL; u++) {
             optPtr->litLengthFreq[u] = 1 + (optPtr->litLengthFreq[u]>>(ZSTD_FREQ_DIV+1));
             optPtr->litLengthSum += optPtr->litLengthFreq[u];
         }
+        optPtr->matchLengthSum = 0;
         for (u=0; u<=MaxML; u++) {
             optPtr->matchLengthFreq[u] = 1 + (optPtr->matchLengthFreq[u]>>ZSTD_FREQ_DIV);
             optPtr->matchLengthSum += optPtr->matchLengthFreq[u];
-            optPtr->matchSum += optPtr->matchLengthFreq[u] * (u + 3);
         }
-        optPtr->matchSum *= ZSTD_LITFREQ_ADD;
+        optPtr->offCodeSum = 0;
         for (u=0; u<=MaxOff; u++) {
             optPtr->offCodeFreq[u] = 1 + (optPtr->offCodeFreq[u]>>ZSTD_FREQ_DIV);
             optPtr->offCodeSum += optPtr->offCodeFreq[u];
@@ -93,114 +89,146 @@ static void ZSTD_rescaleFreqs(optState_t* optPtr, const BYTE* src, size_t srcSiz
 }
 
 
-static U32 ZSTD_getLiteralPrice(optState_t* optPtr, U32 litLength, const BYTE* literals)
+/* ZSTD_rawLiteralsCost() :
+ * cost of literals (only) in given segment (which length can be null)
+ * does not include cost of literalLength symbol */
+static U32 ZSTD_rawLiteralsCost(const BYTE* const literals, U32 const litLength,
+                                const optState_t* const optPtr)
 {
-    U32 price, u;
-
-    if (optPtr->staticPrices)
-        return ZSTD_highbit32((U32)litLength+1) + (litLength*6);
-
-    if (litLength == 0)
-        return optPtr->log2litLengthSum - ZSTD_highbit32(optPtr->litLengthFreq[0]+1);
+    if (optPtr->staticPrices) return (litLength*6);  /* 6 bit per literal - no statistic used */
+    if (litLength == 0) return 0;
 
     /* literals */
-    if (optPtr->cachedLiterals == literals) {
-        U32 const additional = litLength - optPtr->cachedLitLength;
-        const BYTE* literals2 = optPtr->cachedLiterals + optPtr->cachedLitLength;
-        price = optPtr->cachedPrice + additional * optPtr->log2litSum;
-        for (u=0; u < additional; u++)
-            price -= ZSTD_highbit32(optPtr->litFreq[literals2[u]]+1);
-        optPtr->cachedPrice = price;
-        optPtr->cachedLitLength = litLength;
-    } else {
-        price = litLength * optPtr->log2litSum;
+    {   U32 u;
+        U32 cost = litLength * optPtr->log2litSum;
         for (u=0; u < litLength; u++)
-            price -= ZSTD_highbit32(optPtr->litFreq[literals[u]]+1);
-
-        if (litLength >= 12) {
-            optPtr->cachedLiterals = literals;
-            optPtr->cachedPrice = price;
-            optPtr->cachedLitLength = litLength;
-        }
+            cost -= ZSTD_highbit32(optPtr->litFreq[literals[u]]+1);
+        return cost;
     }
+}
+
+/* ZSTD_litLengthPrice() :
+ * cost of literalLength symbol */
+static U32 ZSTD_litLengthPrice(U32 const litLength, const optState_t* const optPtr)
+{
+    if (optPtr->staticPrices) return ZSTD_highbit32((U32)litLength+1);
 
     /* literal Length */
-    {   const BYTE LL_deltaCode = 19;
-        const BYTE llCode = (litLength>63) ? (BYTE)ZSTD_highbit32(litLength) + LL_deltaCode : LL_Code[litLength];
-        price += LL_bits[llCode] + optPtr->log2litLengthSum - ZSTD_highbit32(optPtr->litLengthFreq[llCode]+1);
+    {   U32 const llCode = ZSTD_LLcode(litLength);
+        U32 const price = LL_bits[llCode] + optPtr->log2litLengthSum - ZSTD_highbit32(optPtr->litLengthFreq[llCode]+1);
+        return price;
     }
+}
 
-    return price;
+/* ZSTD_litLengthPrice() :
+ * cost of the literal part of a sequence,
+ * including literals themselves, and literalLength symbol */
+static U32 ZSTD_fullLiteralsCost(const BYTE* const literals, U32 const litLength,
+                                 const optState_t* const optPtr)
+{
+    return ZSTD_rawLiteralsCost(literals, litLength, optPtr)
+         + ZSTD_litLengthPrice(litLength, optPtr);
+}
+
+/* ZSTD_litLengthContribution() :
+ * @return ( cost(litlength) - cost(0) )
+ * this value can then be added to rawLiteralsCost()
+ * to provide a cost which is directly comparable to a match ending at same position */
+static int ZSTD_litLengthContribution(U32 const litLength, const optState_t* const optPtr)
+{
+    if (optPtr->staticPrices) return ZSTD_highbit32(litLength+1);
+
+    /* literal Length */
+    {   U32 const llCode = ZSTD_LLcode(litLength);
+        int const contribution = LL_bits[llCode]
+                        + ZSTD_highbit32(optPtr->litLengthFreq[0]+1)
+                        - ZSTD_highbit32(optPtr->litLengthFreq[llCode]+1);
+#if 1
+        return contribution;
+#else
+        return MAX(0, contribution); /* sometimes better, sometimes not ... */
+#endif
+    }
 }
 
+/* ZSTD_literalsContribution() :
+ * creates a fake cost for the literals part of a sequence
+ * which can be compared to the ending cost of a match
+ * should a new match start at this position */
+static int ZSTD_literalsContribution(const BYTE* const literals, U32 const litLength,
+                                     const optState_t* const optPtr)
+{
+    int const contribution = ZSTD_rawLiteralsCost(literals, litLength, optPtr)
+                           + ZSTD_litLengthContribution(litLength, optPtr);
+    return contribution;
+}
 
-FORCE_INLINE_TEMPLATE U32 ZSTD_getPrice(optState_t* optPtr, U32 litLength, const BYTE* literals, U32 offset, U32 matchLength, const int ultra)
+/* ZSTD_getMatchPrice() :
+ * Provides the cost of the match part (offset + matchLength) of a sequence
+ * Must be combined with ZSTD_fullLiteralsCost() to get the full cost of a sequence.
+ * optLevel: when <2, favors small offset for decompression speed (improved cache efficiency) */
+FORCE_INLINE_TEMPLATE U32 ZSTD_getMatchPrice(
+                                    U32 const offset, U32 const matchLength,
+                                    const optState_t* const optPtr,
+                                    int const optLevel)
 {
-    /* offset */
     U32 price;
-    BYTE const offCode = (BYTE)ZSTD_highbit32(offset+1);
+    U32 const offCode = ZSTD_highbit32(offset+1);
+    U32 const mlBase = matchLength - MINMATCH;
+    assert(matchLength >= MINMATCH);
 
-    if (optPtr->staticPrices)
-        return ZSTD_getLiteralPrice(optPtr, litLength, literals) + ZSTD_highbit32((U32)matchLength+1) + 16 + offCode;
+    if (optPtr->staticPrices)  /* fixed scheme, do not use statistics */
+        return ZSTD_highbit32((U32)mlBase+1) + 16 + offCode;
 
     price = offCode + optPtr->log2offCodeSum - ZSTD_highbit32(optPtr->offCodeFreq[offCode]+1);
-    if (!ultra && offCode >= 20) price += (offCode-19)*2;
+    if ((optLevel<2) /*static*/ && offCode >= 20) price += (offCode-19)*2; /* handicap for long distance offsets, favor decompression speed */
 
     /* match Length */
-    {   const BYTE ML_deltaCode = 36;
-        const BYTE mlCode = (matchLength>127) ? (BYTE)ZSTD_highbit32(matchLength) + ML_deltaCode : ML_Code[matchLength];
+    {   U32 const mlCode = ZSTD_MLcode(mlBase);
         price += ML_bits[mlCode] + optPtr->log2matchLengthSum - ZSTD_highbit32(optPtr->matchLengthFreq[mlCode]+1);
     }
 
-    return price + ZSTD_getLiteralPrice(optPtr, litLength, literals) + optPtr->factor;
+    DEBUGLOG(8, "ZSTD_getMatchPrice(ml:%u) = %u", matchLength, price);
+    return price;
 }
 
-
-static void ZSTD_updatePrice(optState_t* optPtr, U32 litLength, const BYTE* literals, U32 offset, U32 matchLength)
+static void ZSTD_updateStats(optState_t* const optPtr,
+                             U32 litLength, const BYTE* literals,
+                             U32 offsetCode, U32 matchLength)
 {
-    U32 u;
-
     /* literals */
-    optPtr->litSum += litLength*ZSTD_LITFREQ_ADD;
-    for (u=0; u < litLength; u++)
-        optPtr->litFreq[literals[u]] += ZSTD_LITFREQ_ADD;
+    {   U32 u;
+        for (u=0; u < litLength; u++)
+            optPtr->litFreq[literals[u]] += ZSTD_LITFREQ_ADD;
+        optPtr->litSum += litLength*ZSTD_LITFREQ_ADD;
+    }
 
     /* literal Length */
-    {   const BYTE LL_deltaCode = 19;
-        const BYTE llCode = (litLength>63) ? (BYTE)ZSTD_highbit32(litLength) + LL_deltaCode : LL_Code[litLength];
+    {   U32 const llCode = ZSTD_LLcode(litLength);
         optPtr->litLengthFreq[llCode]++;
         optPtr->litLengthSum++;
     }
 
-    /* match offset */
-    {   BYTE const offCode = (BYTE)ZSTD_highbit32(offset+1);
-        optPtr->offCodeSum++;
+    /* match offset code (0-2=>repCode; 3+=>offset+2) */
+    {   U32 const offCode = ZSTD_highbit32(offsetCode+1);
+        assert(offCode <= MaxOff);
         optPtr->offCodeFreq[offCode]++;
+        optPtr->offCodeSum++;
     }
 
     /* match Length */
-    {   const BYTE ML_deltaCode = 36;
-        const BYTE mlCode = (matchLength>127) ? (BYTE)ZSTD_highbit32(matchLength) + ML_deltaCode : ML_Code[matchLength];
+    {   U32 const mlBase = matchLength - MINMATCH;
+        U32 const mlCode = ZSTD_MLcode(mlBase);
         optPtr->matchLengthFreq[mlCode]++;
         optPtr->matchLengthSum++;
     }
-
-    ZSTD_setLog2Prices(optPtr);
 }
 
 
-#define SET_PRICE(pos, mlen_, offset_, litlen_, price_)   \
-    {                                                 \
-        while (last_pos < pos)  { opt[last_pos+1].price = ZSTD_MAX_PRICE; last_pos++; } \
-        opt[pos].mlen = mlen_;                         \
-        opt[pos].off = offset_;                        \
-        opt[pos].litlen = litlen_;                     \
-        opt[pos].price = price_;                       \
-    }
-
-
-/* function safe only for comparisons */
-static U32 ZSTD_readMINMATCH(const void* memPtr, U32 length)
+/* ZSTD_readMINMATCH() :
+ * function safe only for comparisons
+ * assumption : memPtr must be at least 4 bytes before end of buffer */
+MEM_STATIC U32 ZSTD_readMINMATCH(const void* memPtr, U32 length)
 {
     switch (length)
     {
@@ -216,15 +244,14 @@ static U32 ZSTD_readMINMATCH(const void* memPtr, U32 length)
 
 /* Update hashTable3 up to ip (excluded)
    Assumption : always within prefix (i.e. not within extDict) */
-static
-U32 ZSTD_insertAndFindFirstIndexHash3 (ZSTD_CCtx* zc, const BYTE* ip)
+static U32 ZSTD_insertAndFindFirstIndexHash3 (ZSTD_CCtx* const cctx, const BYTE* const ip)
 {
-    U32* const hashTable3  = zc->hashTable3;
-    U32 const hashLog3  = zc->hashLog3;
-    const BYTE* const base = zc->base;
-    U32 idx = zc->nextToUpdate3;
-    const U32 target = zc->nextToUpdate3 = (U32)(ip - base);
-    const size_t hash3 = ZSTD_hash3Ptr(ip, hashLog3);
+    U32* const hashTable3  = cctx->hashTable3;
+    U32 const hashLog3  = cctx->hashLog3;
+    const BYTE* const base = cctx->base;
+    U32 idx = cctx->nextToUpdate3;
+    U32 const target = cctx->nextToUpdate3 = (U32)(ip - base);
+    size_t const hash3 = ZSTD_hash3Ptr(ip, hashLog3);
 
     while(idx < target) {
         hashTable3[ZSTD_hash3Ptr(base+idx, hashLog3)] = idx;
@@ -238,102 +265,147 @@ U32 ZSTD_insertAndFindFirstIndexHash3 (ZSTD_CCtx* zc, const BYTE* ip)
 /*-*************************************
 *  Binary Tree search
 ***************************************/
-static U32 ZSTD_insertBtAndGetAllMatches (
-                        ZSTD_CCtx* zc,
-                        const BYTE* const ip, const BYTE* const iLimit,
-                        U32 nbCompares, const U32 mls,
-                        U32 extDict, ZSTD_match_t* matches, const U32 minMatchLen)
+FORCE_INLINE_TEMPLATE
+U32 ZSTD_insertBtAndGetAllMatches (
+                    ZSTD_CCtx* zc,
+                    const BYTE* const ip, const BYTE* const iLimit, int const extDict,
+                    U32 nbCompares, U32 const mls, U32 const sufficient_len,
+                    U32 rep[ZSTD_REP_NUM], U32 const ll0,
+                    ZSTD_match_t* matches, const U32 lengthToBeat)
 {
     const BYTE* const base = zc->base;
-    const U32 current = (U32)(ip-base);
-    const U32 hashLog = zc->appliedParams.cParams.hashLog;
-    const size_t h  = ZSTD_hashPtr(ip, hashLog, mls);
+    U32 const current = (U32)(ip-base);
+    U32 const hashLog = zc->appliedParams.cParams.hashLog;
+    U32 const minMatch = (mls==3) ? 3 : 4;
     U32* const hashTable = zc->hashTable;
+    size_t const h  = ZSTD_hashPtr(ip, hashLog, mls);
     U32 matchIndex  = hashTable[h];
     U32* const bt   = zc->chainTable;
-    const U32 btLog = zc->appliedParams.cParams.chainLog - 1;
-    const U32 btMask= (1U << btLog) - 1;
+    U32 const btLog = zc->appliedParams.cParams.chainLog - 1;
+    U32 const btMask= (1U << btLog) - 1;
     size_t commonLengthSmaller=0, commonLengthLarger=0;
     const BYTE* const dictBase = zc->dictBase;
-    const U32 dictLimit = zc->dictLimit;
+    U32 const dictLimit = zc->dictLimit;
     const BYTE* const dictEnd = dictBase + dictLimit;
     const BYTE* const prefixStart = base + dictLimit;
-    const U32 btLow = btMask >= current ? 0 : current - btMask;
-    const U32 windowLow = zc->lowLimit;
+    U32 const btLow = btMask >= current ? 0 : current - btMask;
+    U32 const windowLow = zc->lowLimit;
     U32* smallerPtr = bt + 2*(current&btMask);
     U32* largerPtr  = bt + 2*(current&btMask) + 1;
-    U32 matchEndIdx = current+8;
+    U32 matchEndIdx = current+8+1;   /* farthest referenced position of any match => detects repetitive patterns */
     U32 dummy32;   /* to be nullified at the end */
     U32 mnum = 0;
 
-    const U32 minMatch = (mls == 3) ? 3 : 4;
-    size_t bestLength = minMatchLen-1;
+    size_t bestLength = lengthToBeat-1;
+    DEBUGLOG(7, "ZSTD_insertBtAndGetAllMatches");
+
+    /* check repCode */
+    {   U32 const lastR = ZSTD_REP_NUM + ll0;
+        U32 repCode;
+        for (repCode = ll0; repCode < lastR; repCode++) {
+            U32 const repOffset = (repCode==ZSTD_REP_NUM) ? (rep[0] - 1) : rep[repCode];
+            U32 const repIndex = current - repOffset;
+            U32 repLen = 0;
+            assert(current >= dictLimit);
+            if (repOffset-1 /* intentional overflow, discards 0 and -1 */ < current-dictLimit) {  /* equivalent to `current > repIndex >= dictLimit` */
+                if (ZSTD_readMINMATCH(ip, minMatch) == ZSTD_readMINMATCH(ip - repOffset, minMatch)) {
+                    repLen = (U32)ZSTD_count(ip+minMatch, ip+minMatch-repOffset, iLimit) + minMatch;
+                }
+            } else {  /* repIndex < dictLimit || repIndex >= current */
+                const BYTE* const repMatch = dictBase + repIndex;
+                assert(current >= windowLow);
+                if ( extDict /* this case only valid in extDict mode */
+                  && ( ((repOffset-1) /*intentional overflow*/ < current - windowLow)  /* equivalent to `current > repIndex >= windowLow` */
+                     & (((U32)((dictLimit-1) - repIndex) >= 3) ) /* intentional overflow : do not test positions overlapping 2 memory segments */)
+                  && (ZSTD_readMINMATCH(ip, minMatch) == ZSTD_readMINMATCH(repMatch, minMatch)) ) {
+                    repLen = (U32)ZSTD_count_2segments(ip+minMatch, repMatch+minMatch, iLimit, dictEnd, prefixStart) + minMatch;
+            }   }
+            /* save longer solution */
+            if (repLen > bestLength) {
+                DEBUGLOG(8, "found rep-match %u of length %u",
+                            repCode - ll0, (U32)repLen);
+                bestLength = repLen;
+                matches[mnum].off = repCode - ll0;
+                matches[mnum].len = (U32)repLen;
+                mnum++;
+                if ( (repLen > sufficient_len)
+                   | (ip+repLen == iLimit) ) {  /* best possible */
+                    return mnum;
+    }   }   }   }
 
-    if (minMatch == 3) { /* HC3 match finder */
+    /* HC3 match finder */
+    if ((mls == 3) /*static*/ && (bestLength < mls)) {
         U32 const matchIndex3 = ZSTD_insertAndFindFirstIndexHash3 (zc, ip);
-        if (matchIndex3>windowLow && (current - matchIndex3 < (1<<18))) {
-            const BYTE* match;
-            size_t currentMl=0;
-            if ((!extDict) || matchIndex3 >= dictLimit) {
-                match = base + matchIndex3;
-                if (match[bestLength] == ip[bestLength]) currentMl = ZSTD_count(ip, match, iLimit);
+        if ((matchIndex3 > windowLow)
+          & (current - matchIndex3 < (1<<18)) /*heuristic : longer distance likely too expensive*/ ) {
+            size_t mlen;
+            if ((!extDict) /*static*/ || (matchIndex3 >= dictLimit)) {
+                const BYTE* const match = base + matchIndex3;
+                mlen = ZSTD_count(ip, match, iLimit);
             } else {
-                match = dictBase + matchIndex3;
-                if (ZSTD_readMINMATCH(match, MINMATCH) == ZSTD_readMINMATCH(ip, MINMATCH))    /* assumption : matchIndex3 <= dictLimit-4 (by table construction) */
-                    currentMl = ZSTD_count_2segments(ip+MINMATCH, match+MINMATCH, iLimit, dictEnd, prefixStart) + MINMATCH;
+                const BYTE* const match = dictBase + matchIndex3;
+                mlen = ZSTD_count_2segments(ip, match, iLimit, dictEnd, prefixStart);
             }
 
             /* save best solution */
-            if (currentMl > bestLength) {
-                bestLength = currentMl;
-                matches[mnum].off = ZSTD_REP_MOVE_OPT + current - matchIndex3;
-                matches[mnum].len = (U32)currentMl;
-                mnum++;
-                if (currentMl > ZSTD_OPT_NUM) goto update;
-                if (ip+currentMl == iLimit) goto update; /* best possible, and avoid read overflow*/
-            }
-        }
-    }
+            if (mlen >= mls /* == 3 > bestLength */) {
+                DEBUGLOG(8, "found small match with hlog3, of length %u",
+                            (U32)mlen);
+                bestLength = mlen;
+                assert(current > matchIndex3);
+                assert(mnum==0);  /* no prior solution */
+                matches[0].off = (current - matchIndex3) + ZSTD_REP_MOVE;
+                matches[0].len = (U32)mlen;
+                mnum = 1;
+                if ( (mlen > sufficient_len) |
+                     (ip+mlen == iLimit) ) {  /* best possible length */
+                    zc->nextToUpdate = current+1;  /* skip insertion */
+                    return 1;
+    }   }   }   }
 
     hashTable[h] = current;   /* Update Hash Table */
 
     while (nbCompares-- && (matchIndex > windowLow)) {
-        U32* nextPtr = bt + 2*(matchIndex & btMask);
+        U32* const nextPtr = bt + 2*(matchIndex & btMask);
         size_t matchLength = MIN(commonLengthSmaller, commonLengthLarger);   /* guaranteed minimum nb of common bytes */
         const BYTE* match;
+        assert(current > matchIndex);
 
         if ((!extDict) || (matchIndex+matchLength >= dictLimit)) {
+            assert(matchIndex+matchLength >= dictLimit);  /* ensure the condition is correct when !extDict */
             match = base + matchIndex;
-            if (match[matchLength] == ip[matchLength]) {
-                matchLength += ZSTD_count(ip+matchLength+1, match+matchLength+1, iLimit) +1;
-            }
+            matchLength += ZSTD_count(ip+matchLength, match+matchLength, iLimit);
         } else {
             match = dictBase + matchIndex;
             matchLength += ZSTD_count_2segments(ip+matchLength, match+matchLength, iLimit, dictEnd, prefixStart);
             if (matchIndex+matchLength >= dictLimit)
-                match = base + matchIndex;   /* to prepare for next usage of match[matchLength] */
+                match = base + matchIndex;   /* prepare for match[matchLength] */
         }
 
         if (matchLength > bestLength) {
-            if (matchLength > matchEndIdx - matchIndex) matchEndIdx = matchIndex + (U32)matchLength;
+            DEBUGLOG(8, "found match of length %u at distance %u",
+                    (U32)matchLength, current - matchIndex);
+            assert(matchEndIdx > matchIndex);
+            if (matchLength > matchEndIdx - matchIndex)
+                matchEndIdx = matchIndex + (U32)matchLength;
             bestLength = matchLength;
-            matches[mnum].off = ZSTD_REP_MOVE_OPT + current - matchIndex;
+            matches[mnum].off = (current - matchIndex) + ZSTD_REP_MOVE;
             matches[mnum].len = (U32)matchLength;
             mnum++;
             if (matchLength > ZSTD_OPT_NUM) break;
-            if (ip+matchLength == iLimit)   /* equal : no way to know if inf or sup */
-                break;   /* drop, to guarantee consistency (miss a little bit of compression) */
+            if (ip+matchLength == iLimit) {  /* equal : no way to know if inf or sup */
+                break;   /* drop, to preserve bt consistency (miss a little bit of compression) */
+            }
         }
 
         if (match[matchLength] < ip[matchLength]) {
-            /* match is smaller than current */
+            /* match smaller than current */
             *smallerPtr = matchIndex;             /* update smaller idx */
             commonLengthSmaller = matchLength;    /* all smaller will now have at least this guaranteed common length */
             if (matchIndex <= btLow) { smallerPtr=&dummy32; break; }   /* beyond tree size, stop the search */
-            smallerPtr = nextPtr+1;               /* new "smaller" => larger of match */
-            matchIndex = nextPtr[1];              /* new matchIndex larger than previous (closer to current) */
+            smallerPtr = nextPtr+1;               /* new candidate => larger than match, which was smaller than current */
+            matchIndex = nextPtr[1];              /* new matchIndex, larger than previous, closer to current */
         } else {
-            /* match is larger than current */
             *largerPtr = matchIndex;
             commonLengthLarger = matchLength;
             if (matchIndex <= btLow) { largerPtr=&dummy32; break; }   /* beyond tree size, stop the search */
@@ -343,65 +415,31 @@ static U32 ZSTD_insertBtAndGetAllMatches (
 
     *smallerPtr = *largerPtr = 0;
 
-update:
-    zc->nextToUpdate = (matchEndIdx > current + 8) ? matchEndIdx - 8 : current+1;
+    assert(matchEndIdx > current+8);
+    zc->nextToUpdate = matchEndIdx - 8;  /* skip repetitive patterns */
     return mnum;
 }
 
 
-/** Tree updater, providing best match */
-static U32 ZSTD_BtGetAllMatches (
-                        ZSTD_CCtx* zc,
-                        const BYTE* const ip, const BYTE* const iLimit,
-                        const U32 maxNbAttempts, const U32 mls, ZSTD_match_t* matches, const U32 minMatchLen)
-{
-    if (ip < zc->base + zc->nextToUpdate) return 0;   /* skipped area */
-    ZSTD_updateTree(zc, ip, iLimit, maxNbAttempts, mls);
-    return ZSTD_insertBtAndGetAllMatches(zc, ip, iLimit, maxNbAttempts, mls, 0, matches, minMatchLen);
-}
-
-
-static U32 ZSTD_BtGetAllMatches_selectMLS (
+FORCE_INLINE_TEMPLATE U32 ZSTD_BtGetAllMatches (
                         ZSTD_CCtx* zc,   /* Index table will be updated */
-                        const BYTE* ip, const BYTE* const iHighLimit,
-                        const U32 maxNbAttempts, const U32 matchLengthSearch, ZSTD_match_t* matches, const U32 minMatchLen)
-{
-    switch(matchLengthSearch)
-    {
-    case 3 : return ZSTD_BtGetAllMatches(zc, ip, iHighLimit, maxNbAttempts, 3, matches, minMatchLen);
-    default :
-    case 4 : return ZSTD_BtGetAllMatches(zc, ip, iHighLimit, maxNbAttempts, 4, matches, minMatchLen);
-    case 5 : return ZSTD_BtGetAllMatches(zc, ip, iHighLimit, maxNbAttempts, 5, matches, minMatchLen);
-    case 7 :
-    case 6 : return ZSTD_BtGetAllMatches(zc, ip, iHighLimit, maxNbAttempts, 6, matches, minMatchLen);
-    }
-}
-
-/** Tree updater, providing best match */
-static U32 ZSTD_BtGetAllMatches_extDict (
-                        ZSTD_CCtx* zc,
-                        const BYTE* const ip, const BYTE* const iLimit,
-                        const U32 maxNbAttempts, const U32 mls, ZSTD_match_t* matches, const U32 minMatchLen)
+                        const BYTE* ip, const BYTE* const iHighLimit, int const extDict,
+                        U32 const maxNbAttempts, U32 const matchLengthSearch, U32 const sufficient_len,
+                        U32 rep[ZSTD_REP_NUM], U32 const ll0,
+                        ZSTD_match_t* matches, U32 const lengthToBeat)
 {
+    DEBUGLOG(7, "ZSTD_BtGetAllMatches");
     if (ip < zc->base + zc->nextToUpdate) return 0;   /* skipped area */
-    ZSTD_updateTree_extDict(zc, ip, iLimit, maxNbAttempts, mls);
-    return ZSTD_insertBtAndGetAllMatches(zc, ip, iLimit, maxNbAttempts, mls, 1, matches, minMatchLen);
-}
-
-
-static U32 ZSTD_BtGetAllMatches_selectMLS_extDict (
-                        ZSTD_CCtx* zc,   /* Index table will be updated */
-                        const BYTE* ip, const BYTE* const iHighLimit,
-                        const U32 maxNbAttempts, const U32 matchLengthSearch, ZSTD_match_t* matches, const U32 minMatchLen)
-{
+    if (extDict) ZSTD_updateTree_extDict(zc, ip, iHighLimit, maxNbAttempts, matchLengthSearch);
+    else ZSTD_updateTree(zc, ip, iHighLimit, maxNbAttempts, matchLengthSearch);
     switch(matchLengthSearch)
     {
-    case 3 : return ZSTD_BtGetAllMatches_extDict(zc, ip, iHighLimit, maxNbAttempts, 3, matches, minMatchLen);
+    case 3 : return ZSTD_insertBtAndGetAllMatches(zc, ip, iHighLimit, extDict, maxNbAttempts, 3, sufficient_len, rep, ll0, matches, lengthToBeat);
     default :
-    case 4 : return ZSTD_BtGetAllMatches_extDict(zc, ip, iHighLimit, maxNbAttempts, 4, matches, minMatchLen);
-    case 5 : return ZSTD_BtGetAllMatches_extDict(zc, ip, iHighLimit, maxNbAttempts, 5, matches, minMatchLen);
+    case 4 : return ZSTD_insertBtAndGetAllMatches(zc, ip, iHighLimit, extDict, maxNbAttempts, 4, sufficient_len, rep, ll0, matches, lengthToBeat);
+    case 5 : return ZSTD_insertBtAndGetAllMatches(zc, ip, iHighLimit, extDict, maxNbAttempts, 5, sufficient_len, rep, ll0, matches, lengthToBeat);
     case 7 :
-    case 6 : return ZSTD_BtGetAllMatches_extDict(zc, ip, iHighLimit, maxNbAttempts, 6, matches, minMatchLen);
+    case 6 : return ZSTD_insertBtAndGetAllMatches(zc, ip, iHighLimit, extDict, maxNbAttempts, 6, sufficient_len, rep, ll0, matches, lengthToBeat);
     }
 }
 
@@ -409,534 +447,313 @@ static U32 ZSTD_BtGetAllMatches_selectMLS_extDict (
 /*-*******************************
 *  Optimal parser
 *********************************/
-FORCE_INLINE_TEMPLATE
-size_t ZSTD_compressBlock_opt_generic(ZSTD_CCtx* ctx,
-                                      const void* src, size_t srcSize, const int ultra)
-{
-    seqStore_t* seqStorePtr = &(ctx->seqStore);
-    optState_t* optStatePtr = &(ctx->optState);
-    const BYTE* const istart = (const BYTE*)src;
-    const BYTE* ip = istart;
-    const BYTE* anchor = istart;
-    const BYTE* const iend = istart + srcSize;
-    const BYTE* const ilimit = iend - 8;
-    const BYTE* const base = ctx->base;
-    const BYTE* const prefixStart = base + ctx->dictLimit;
-
-    const U32 maxSearches = 1U << ctx->appliedParams.cParams.searchLog;
-    const U32 sufficient_len = ctx->appliedParams.cParams.targetLength;
-    const U32 mls = ctx->appliedParams.cParams.searchLength;
-    const U32 minMatch = (ctx->appliedParams.cParams.searchLength == 3) ? 3 : 4;
-
-    ZSTD_optimal_t* opt = optStatePtr->priceTable;
-    ZSTD_match_t* matches = optStatePtr->matchTable;
-    const BYTE* inr;
-    U32 offset, rep[ZSTD_REP_NUM];
-
-    /* init */
-    ctx->nextToUpdate3 = ctx->nextToUpdate;
-    ZSTD_rescaleFreqs(optStatePtr, (const BYTE*)src, srcSize);
-    ip += (ip==prefixStart);
-    { U32 i; for (i=0; i<ZSTD_REP_NUM; i++) rep[i]=seqStorePtr->rep[i]; }
-
-    /* Match Loop */
-    while (ip < ilimit) {
-        U32 cur, match_num, last_pos, litlen, price;
-        U32 u, mlen, best_mlen, best_off, litLength;
-        memset(opt, 0, sizeof(ZSTD_optimal_t));
-        last_pos = 0;
-        litlen = (U32)(ip - anchor);
-
-        /* check repCode */
-        {   U32 i, last_i = ZSTD_REP_CHECK + (ip==anchor);
-            for (i=(ip == anchor); i<last_i; i++) {
-                const S32 repCur = (i==ZSTD_REP_MOVE_OPT) ? (rep[0] - 1) : rep[i];
-                if ( (repCur > 0) && (repCur < (S32)(ip-prefixStart))
-                    && (ZSTD_readMINMATCH(ip, minMatch) == ZSTD_readMINMATCH(ip - repCur, minMatch))) {
-                    mlen = (U32)ZSTD_count(ip+minMatch, ip+minMatch-repCur, iend) + minMatch;
-                    if (mlen > sufficient_len || mlen >= ZSTD_OPT_NUM) {
-                        best_mlen = mlen; best_off = i; cur = 0; last_pos = 1;
-                        goto _storeSequence;
-                    }
-                    best_off = i - (ip == anchor);
-                    do {
-                        price = ZSTD_getPrice(optStatePtr, litlen, anchor, best_off, mlen - MINMATCH, ultra);
-                        if (mlen > last_pos || price < opt[mlen].price)
-                            SET_PRICE(mlen, mlen, i, litlen, price);   /* note : macro modifies last_pos */
-                        mlen--;
-                    } while (mlen >= minMatch);
-        }   }   }
-
-        match_num = ZSTD_BtGetAllMatches_selectMLS(ctx, ip, iend, maxSearches, mls, matches, minMatch);
-
-        if (!last_pos && !match_num) { ip++; continue; }
-
-        if (match_num && (matches[match_num-1].len > sufficient_len || matches[match_num-1].len >= ZSTD_OPT_NUM)) {
-            best_mlen = matches[match_num-1].len;
-            best_off = matches[match_num-1].off;
-            cur = 0;
-            last_pos = 1;
-            goto _storeSequence;
-        }
-
-        /* set prices using matches at position = 0 */
-        best_mlen = (last_pos) ? last_pos : minMatch;
-        for (u = 0; u < match_num; u++) {
-            mlen = (u>0) ? matches[u-1].len+1 : best_mlen;
-            best_mlen = matches[u].len;
-            while (mlen <= best_mlen) {
-                price = ZSTD_getPrice(optStatePtr, litlen, anchor, matches[u].off-1, mlen - MINMATCH, ultra);
-                if (mlen > last_pos || price < opt[mlen].price)
-                    SET_PRICE(mlen, mlen, matches[u].off, litlen, price);   /* note : macro modifies last_pos */
-                mlen++;
-        }   }
-
-        if (last_pos < minMatch) { ip++; continue; }
-
-        /* initialize opt[0] */
-        { U32 i ; for (i=0; i<ZSTD_REP_NUM; i++) opt[0].rep[i] = rep[i]; }
-        opt[0].mlen = 1;
-        opt[0].litlen = litlen;
-
-         /* check further positions */
-        for (cur = 1; cur <= last_pos; cur++) {
-           inr = ip + cur;
-
-           if (opt[cur-1].mlen == 1) {
-                litlen = opt[cur-1].litlen + 1;
-                if (cur > litlen) {
-                    price = opt[cur - litlen].price + ZSTD_getLiteralPrice(optStatePtr, litlen, inr-litlen);
-                } else
-                    price = ZSTD_getLiteralPrice(optStatePtr, litlen, anchor);
-           } else {
-                litlen = 1;
-                price = opt[cur - 1].price + ZSTD_getLiteralPrice(optStatePtr, litlen, inr-1);
-           }
-
-           if (cur > last_pos || price <= opt[cur].price)
-                SET_PRICE(cur, 1, 0, litlen, price);
-
-           if (cur == last_pos) break;
-
-           if (inr > ilimit)  /* last match must start at a minimum distance of 8 from oend */
-               continue;
-
-           mlen = opt[cur].mlen;
-           if (opt[cur].off > ZSTD_REP_MOVE_OPT) {
-                opt[cur].rep[2] = opt[cur-mlen].rep[1];
-                opt[cur].rep[1] = opt[cur-mlen].rep[0];
-                opt[cur].rep[0] = opt[cur].off - ZSTD_REP_MOVE_OPT;
-           } else {
-                opt[cur].rep[2] = (opt[cur].off > 1) ? opt[cur-mlen].rep[1] : opt[cur-mlen].rep[2];
-                opt[cur].rep[1] = (opt[cur].off > 0) ? opt[cur-mlen].rep[0] : opt[cur-mlen].rep[1];
-                /* If opt[cur].off == ZSTD_REP_MOVE_OPT, then mlen != 1.
-                 * offset ZSTD_REP_MOVE_OPT is used for the special case
-                 * litLength == 0, where offset 0 means something special.
-                 * mlen == 1 means the previous byte was stored as a literal,
-                 * so they are mutually exclusive.
-                 */
-                assert(!(opt[cur].off == ZSTD_REP_MOVE_OPT && mlen == 1));
-                opt[cur].rep[0] = (opt[cur].off == ZSTD_REP_MOVE_OPT) ? (opt[cur-mlen].rep[0] - 1) : (opt[cur-mlen].rep[opt[cur].off]);
-           }
-
-            best_mlen = minMatch;
-            {   U32 i, last_i = ZSTD_REP_CHECK + (mlen != 1);
-                for (i=(opt[cur].mlen != 1); i<last_i; i++) {  /* check rep */
-                    const S32 repCur = (i==ZSTD_REP_MOVE_OPT) ? (opt[cur].rep[0] - 1) : opt[cur].rep[i];
-                    if ( (repCur > 0) && (repCur < (S32)(inr-prefixStart))
-                       && (ZSTD_readMINMATCH(inr, minMatch) == ZSTD_readMINMATCH(inr - repCur, minMatch))) {
-                       mlen = (U32)ZSTD_count(inr+minMatch, inr+minMatch - repCur, iend) + minMatch;
-
-                       if (mlen > sufficient_len || cur + mlen >= ZSTD_OPT_NUM) {
-                            best_mlen = mlen; best_off = i; last_pos = cur + 1;
-                            goto _storeSequence;
-                       }
-
-                       best_off = i - (opt[cur].mlen != 1);
-                       if (mlen > best_mlen) best_mlen = mlen;
-
-                       do {
-                           if (opt[cur].mlen == 1) {
-                                litlen = opt[cur].litlen;
-                                if (cur > litlen) {
-                                    price = opt[cur - litlen].price + ZSTD_getPrice(optStatePtr, litlen, inr-litlen, best_off, mlen - MINMATCH, ultra);
-                                } else
-                                    price = ZSTD_getPrice(optStatePtr, litlen, anchor, best_off, mlen - MINMATCH, ultra);
-                            } else {
-                                litlen = 0;
-                                price = opt[cur].price + ZSTD_getPrice(optStatePtr, 0, NULL, best_off, mlen - MINMATCH, ultra);
-                            }
-
-                            if (cur + mlen > last_pos || price <= opt[cur + mlen].price)
-                                SET_PRICE(cur + mlen, mlen, i, litlen, price);
-                            mlen--;
-                        } while (mlen >= minMatch);
-            }   }   }
-
-            match_num = ZSTD_BtGetAllMatches_selectMLS(ctx, inr, iend, maxSearches, mls, matches, best_mlen);
-
-            if (match_num > 0 && (matches[match_num-1].len > sufficient_len || cur + matches[match_num-1].len >= ZSTD_OPT_NUM)) {
-                best_mlen = matches[match_num-1].len;
-                best_off = matches[match_num-1].off;
-                last_pos = cur + 1;
-                goto _storeSequence;
-            }
-
-            /* set prices using matches at position = cur */
-            for (u = 0; u < match_num; u++) {
-                mlen = (u>0) ? matches[u-1].len+1 : best_mlen;
-                best_mlen = matches[u].len;
-
-                while (mlen <= best_mlen) {
-                    if (opt[cur].mlen == 1) {
-                        litlen = opt[cur].litlen;
-                        if (cur > litlen)
-                            price = opt[cur - litlen].price + ZSTD_getPrice(optStatePtr, litlen, ip+cur-litlen, matches[u].off-1, mlen - MINMATCH, ultra);
-                        else
-                            price = ZSTD_getPrice(optStatePtr, litlen, anchor, matches[u].off-1, mlen - MINMATCH, ultra);
-                    } else {
-                        litlen = 0;
-                        price = opt[cur].price + ZSTD_getPrice(optStatePtr, 0, NULL, matches[u].off-1, mlen - MINMATCH, ultra);
-                    }
-
-                    if (cur + mlen > last_pos || (price < opt[cur + mlen].price))
-                        SET_PRICE(cur + mlen, mlen, matches[u].off, litlen, price);
+typedef struct repcodes_s {
+    U32 rep[3];
+} repcodes_t;
 
-                    mlen++;
-        }   }   }
-
-        best_mlen = opt[last_pos].mlen;
-        best_off = opt[last_pos].off;
-        cur = last_pos - best_mlen;
-
-        /* store sequence */
-_storeSequence:   /* cur, last_pos, best_mlen, best_off have to be set */
-        opt[0].mlen = 1;
-
-        while (1) {
-            mlen = opt[cur].mlen;
-            offset = opt[cur].off;
-            opt[cur].mlen = best_mlen;
-            opt[cur].off = best_off;
-            best_mlen = mlen;
-            best_off = offset;
-            if (mlen > cur) break;
-            cur -= mlen;
-        }
-
-        for (u = 0; u <= last_pos;) {
-            u += opt[u].mlen;
+repcodes_t ZSTD_updateRep(U32 const rep[3], U32 const offset, U32 const ll0)
+{
+    repcodes_t newReps;
+    if (offset >= ZSTD_REP_NUM) {  /* full offset */
+        newReps.rep[2] = rep[1];
+        newReps.rep[1] = rep[0];
+        newReps.rep[0] = offset - ZSTD_REP_MOVE;
+    } else {   /* repcode */
+        U32 const repCode = offset + ll0;
+        if (repCode > 0) {  /* note : if repCode==0, no change */
+            U32 const currentOffset = (repCode==ZSTD_REP_NUM) ? (rep[0] - 1) : rep[repCode];
+            newReps.rep[2] = (repCode >= 2) ? rep[1] : rep[2];
+            newReps.rep[1] = rep[0];
+            newReps.rep[0] = currentOffset;
+        } else {   /* repCode == 0 */
+            memcpy(&newReps, rep, sizeof(newReps));
         }
+    }
+    return newReps;
+}
 
-        for (cur=0; cur < last_pos; ) {
-            mlen = opt[cur].mlen;
-            if (mlen == 1) { ip++; cur++; continue; }
-            offset = opt[cur].off;
-            cur += mlen;
-            litLength = (U32)(ip - anchor);
-
-            if (offset > ZSTD_REP_MOVE_OPT) {
-                rep[2] = rep[1];
-                rep[1] = rep[0];
-                rep[0] = offset - ZSTD_REP_MOVE_OPT;
-                offset--;
-            } else {
-                if (offset != 0) {
-                    best_off = (offset==ZSTD_REP_MOVE_OPT) ? (rep[0] - 1) : (rep[offset]);
-                    if (offset != 1) rep[2] = rep[1];
-                    rep[1] = rep[0];
-                    rep[0] = best_off;
-                }
-                if (litLength==0) offset--;
-            }
 
-            ZSTD_updatePrice(optStatePtr, litLength, anchor, offset, mlen-MINMATCH);
-            ZSTD_storeSeq(seqStorePtr, litLength, anchor, offset, mlen-MINMATCH);
-            anchor = ip = ip + mlen;
-    }    }   /* for (cur=0; cur < last_pos; ) */
+typedef struct {
+    const BYTE* anchor;
+    U32 litlen;
+    U32 rawLitCost;
+} cachedLiteralPrice_t;
 
-    /* Save reps for next block */
-    { int i; for (i=0; i<ZSTD_REP_NUM; i++) seqStorePtr->repToConfirm[i] = rep[i]; }
+static U32 ZSTD_rawLiteralsCost_cached(
+                            cachedLiteralPrice_t* const cachedLitPrice,
+                            const BYTE* const anchor, U32 const litlen,
+                            const optState_t* const optStatePtr)
+{
+    U32 startCost;
+    U32 remainingLength;
+    const BYTE* startPosition;
+
+    if (anchor == cachedLitPrice->anchor) {
+        startCost = cachedLitPrice->rawLitCost;
+        startPosition = anchor + cachedLitPrice->litlen;
+        assert(litlen >= cachedLitPrice->litlen);
+        remainingLength = litlen - cachedLitPrice->litlen;
+    } else {
+        startCost = 0;
+        startPosition = anchor;
+        remainingLength = litlen;
+    }
 
-    /* Return the last literals size */
-    return iend - anchor;
+    {   U32 const rawLitCost = startCost + ZSTD_rawLiteralsCost(startPosition, remainingLength, optStatePtr);
+        cachedLitPrice->anchor = anchor;
+        cachedLitPrice->litlen = litlen;
+        cachedLitPrice->rawLitCost = rawLitCost;
+        return rawLitCost;
+    }
 }
 
-
-size_t ZSTD_compressBlock_btopt(ZSTD_CCtx* ctx, const void* src, size_t srcSize)
+static U32 ZSTD_fullLiteralsCost_cached(
+                            cachedLiteralPrice_t* const cachedLitPrice,
+                            const BYTE* const anchor, U32 const litlen,
+                            const optState_t* const optStatePtr)
 {
-    return ZSTD_compressBlock_opt_generic(ctx, src, srcSize, 0);
+    return ZSTD_rawLiteralsCost_cached(cachedLitPrice, anchor, litlen, optStatePtr)
+         + ZSTD_litLengthPrice(litlen, optStatePtr);
 }
 
-size_t ZSTD_compressBlock_btultra(ZSTD_CCtx* ctx, const void* src, size_t srcSize)
+static int ZSTD_literalsContribution_cached(
+                            cachedLiteralPrice_t* const cachedLitPrice,
+                            const BYTE* const anchor, U32 const litlen,
+                            const optState_t* const optStatePtr)
 {
-    return ZSTD_compressBlock_opt_generic(ctx, src, srcSize, 1);
+    int const contribution = ZSTD_rawLiteralsCost_cached(cachedLitPrice, anchor, litlen, optStatePtr)
+                           + ZSTD_litLengthContribution(litlen, optStatePtr);
+    return contribution;
 }
 
-
 FORCE_INLINE_TEMPLATE
-size_t ZSTD_compressBlock_opt_extDict_generic(ZSTD_CCtx* ctx,
-                                     const void* src, size_t srcSize, const int ultra)
+size_t ZSTD_compressBlock_opt_generic(ZSTD_CCtx* ctx,
+                                      const void* src, size_t srcSize,
+                                      const int optLevel, const int extDict)
 {
-    seqStore_t* seqStorePtr = &(ctx->seqStore);
-    optState_t* optStatePtr = &(ctx->optState);
+    seqStore_t* const seqStorePtr = &(ctx->seqStore);
+    optState_t* const optStatePtr = &(ctx->optState);
     const BYTE* const istart = (const BYTE*)src;
     const BYTE* ip = istart;
     const BYTE* anchor = istart;
     const BYTE* const iend = istart + srcSize;
     const BYTE* const ilimit = iend - 8;
     const BYTE* const base = ctx->base;
-    const U32 lowestIndex = ctx->lowLimit;
-    const U32 dictLimit = ctx->dictLimit;
-    const BYTE* const prefixStart = base + dictLimit;
-    const BYTE* const dictBase = ctx->dictBase;
-    const BYTE* const dictEnd  = dictBase + dictLimit;
+    const BYTE* const prefixStart = base + ctx->dictLimit;
 
-    const U32 maxSearches = 1U << ctx->appliedParams.cParams.searchLog;
-    const U32 sufficient_len = ctx->appliedParams.cParams.targetLength;
-    const U32 mls = ctx->appliedParams.cParams.searchLength;
-    const U32 minMatch = (ctx->appliedParams.cParams.searchLength == 3) ? 3 : 4;
+    U32 const maxSearches = 1U << ctx->appliedParams.cParams.searchLog;
+    U32 const sufficient_len = MIN(ctx->appliedParams.cParams.targetLength, ZSTD_OPT_NUM -1);
+    U32 const mls = ctx->appliedParams.cParams.searchLength;
+    U32 const minMatch = (ctx->appliedParams.cParams.searchLength == 3) ? 3 : 4;
 
-    ZSTD_optimal_t* opt = optStatePtr->priceTable;
-    ZSTD_match_t* matches = optStatePtr->matchTable;
-    const BYTE* inr;
+    ZSTD_optimal_t* const opt = optStatePtr->priceTable;
+    ZSTD_match_t* const matches = optStatePtr->matchTable;
+    cachedLiteralPrice_t cachedLitPrice;
+    U32 rep[ZSTD_REP_NUM];
 
     /* init */
-    U32 offset, rep[ZSTD_REP_NUM];
-    { U32 i; for (i=0; i<ZSTD_REP_NUM; i++) rep[i]=seqStorePtr->rep[i]; }
-
+    DEBUGLOG(5, "ZSTD_compressBlock_opt_generic");
     ctx->nextToUpdate3 = ctx->nextToUpdate;
     ZSTD_rescaleFreqs(optStatePtr, (const BYTE*)src, srcSize);
     ip += (ip==prefixStart);
+    { int i; for (i=0; i<ZSTD_REP_NUM; i++) rep[i]=seqStorePtr->rep[i]; }
+    memset(&cachedLitPrice, 0, sizeof(cachedLitPrice));
 
     /* Match Loop */
     while (ip < ilimit) {
-        U32 cur, match_num, last_pos, litlen, price;
-        U32 u, mlen, best_mlen, best_off, litLength;
-        U32 current = (U32)(ip-base);
-        memset(opt, 0, sizeof(ZSTD_optimal_t));
-        last_pos = 0;
-        opt[0].litlen = (U32)(ip - anchor);
-
-        /* check repCode */
-        {   U32 i, last_i = ZSTD_REP_CHECK + (ip==anchor);
-            for (i = (ip==anchor); i<last_i; i++) {
-                const S32 repCur = (i==ZSTD_REP_MOVE_OPT) ? (rep[0] - 1) : rep[i];
-                const U32 repIndex = (U32)(current - repCur);
-                const BYTE* const repBase = repIndex < dictLimit ? dictBase : base;
-                const BYTE* const repMatch = repBase + repIndex;
-                if ( (repCur > 0 && repCur <= (S32)current)
-                   && (((U32)((dictLimit-1) - repIndex) >= 3) & (repIndex>lowestIndex))  /* intentional overflow */
-                   && (ZSTD_readMINMATCH(ip, minMatch) == ZSTD_readMINMATCH(repMatch, minMatch)) ) {
-                    /* repcode detected we should take it */
-                    const BYTE* const repEnd = repIndex < dictLimit ? dictEnd : iend;
-                    mlen = (U32)ZSTD_count_2segments(ip+minMatch, repMatch+minMatch, iend, repEnd, prefixStart) + minMatch;
-
-                    if (mlen > sufficient_len || mlen >= ZSTD_OPT_NUM) {
-                        best_mlen = mlen; best_off = i; cur = 0; last_pos = 1;
-                        goto _storeSequence;
-                    }
-
-                    best_off = i - (ip==anchor);
-                    litlen = opt[0].litlen;
-                    do {
-                        price = ZSTD_getPrice(optStatePtr, litlen, anchor, best_off, mlen - MINMATCH, ultra);
-                        if (mlen > last_pos || price < opt[mlen].price)
-                            SET_PRICE(mlen, mlen, i, litlen, price);   /* note : macro modifies last_pos */
-                        mlen--;
-                    } while (mlen >= minMatch);
-        }   }   }
-
-        match_num = ZSTD_BtGetAllMatches_selectMLS_extDict(ctx, ip, iend, maxSearches, mls, matches, minMatch);  /* first search (depth 0) */
-
-        if (!last_pos && !match_num) { ip++; continue; }
-
-        { U32 i; for (i=0; i<ZSTD_REP_NUM; i++) opt[0].rep[i] = rep[i]; }
-        opt[0].mlen = 1;
-
-        if (match_num && (matches[match_num-1].len > sufficient_len || matches[match_num-1].len >= ZSTD_OPT_NUM)) {
-            best_mlen = matches[match_num-1].len;
-            best_off = matches[match_num-1].off;
-            cur = 0;
-            last_pos = 1;
-            goto _storeSequence;
-        }
-
-        best_mlen = (last_pos) ? last_pos : minMatch;
-
-        /* set prices using matches at position = 0 */
-        for (u = 0; u < match_num; u++) {
-            mlen = (u>0) ? matches[u-1].len+1 : best_mlen;
-            best_mlen = matches[u].len;
-            litlen = opt[0].litlen;
-            while (mlen <= best_mlen) {
-                price = ZSTD_getPrice(optStatePtr, litlen, anchor, matches[u].off-1, mlen - MINMATCH, ultra);
-                if (mlen > last_pos || price < opt[mlen].price)
-                    SET_PRICE(mlen, mlen, matches[u].off, litlen, price);
-                mlen++;
-        }   }
-
-        if (last_pos < minMatch) {
-            ip++; continue;
+        U32 cur, last_pos = 0;
+        U32 best_mlen, best_off;
+
+        /* find first match */
+        {   U32 const litlen = (U32)(ip - anchor);
+            U32 const ll0 = !litlen;
+            U32 const nbMatches = ZSTD_BtGetAllMatches(ctx, ip, iend, extDict, maxSearches, mls, sufficient_len, rep, ll0, matches, minMatch);
+            if (!nbMatches) { ip++; continue; }
+
+            /* initialize opt[0] */
+            { U32 i ; for (i=0; i<ZSTD_REP_NUM; i++) opt[0].rep[i] = rep[i]; }
+            opt[0].mlen = 1;
+            opt[0].litlen = litlen;
+
+            /* large match -> immediate encoding */
+            {   U32 const maxML = matches[nbMatches-1].len;
+                DEBUGLOG(7, "found %u matches of maxLength=%u and offset=%u at cPos=%u => start new serie",
+                            nbMatches, maxML, matches[nbMatches-1].off, (U32)(ip-prefixStart));
+
+                if (maxML > sufficient_len) {
+                    best_mlen = maxML;
+                    best_off = matches[nbMatches-1].off;
+                    DEBUGLOG(7, "large match (%u>%u), immediate encoding",
+                                best_mlen, sufficient_len);
+                    cur = 0;
+                    last_pos = 1;
+                    goto _shortestPath;
+            }   }
+
+            /* set prices for first matches starting position == 0 */
+            {   U32 const literalsPrice = ZSTD_fullLiteralsCost_cached(&cachedLitPrice, anchor, litlen, optStatePtr);
+                U32 pos;
+                U32 matchNb;
+                for (pos = 0; pos < minMatch; pos++) {
+                    opt[pos].mlen = 1;
+                    opt[pos].price = ZSTD_MAX_PRICE;
+                }
+                for (matchNb = 0; matchNb < nbMatches; matchNb++) {
+                    U32 const offset = matches[matchNb].off;
+                    U32 const end = matches[matchNb].len;
+                    repcodes_t const repHistory = ZSTD_updateRep(rep, offset, ll0);
+                    for ( ; pos <= end ; pos++ ) {
+                        U32 const matchPrice = literalsPrice + ZSTD_getMatchPrice(offset, pos, optStatePtr, optLevel);
+                        DEBUGLOG(7, "rPos:%u => set initial price : %u",
+                                    pos, matchPrice);
+                        opt[pos].mlen = pos;
+                        opt[pos].off = offset;
+                        opt[pos].litlen = litlen;
+                        opt[pos].price = matchPrice;
+                        memcpy(opt[pos].rep, &repHistory, sizeof(repHistory));
+                }   }
+                last_pos = pos-1;
+            }
         }
 
         /* check further positions */
         for (cur = 1; cur <= last_pos; cur++) {
-            inr = ip + cur;
+            const BYTE* const inr = ip + cur;
+            assert(cur < ZSTD_OPT_NUM);
 
-            if (opt[cur-1].mlen == 1) {
-                litlen = opt[cur-1].litlen + 1;
+            /* Fix current position with one literal if cheaper */
+            {   U32 const litlen = (opt[cur-1].mlen == 1) ? opt[cur-1].litlen + 1 : 1;
+                int price;  /* note : contribution can be negative */
                 if (cur > litlen) {
-                    price = opt[cur - litlen].price + ZSTD_getLiteralPrice(optStatePtr, litlen, inr-litlen);
-                } else
-                    price = ZSTD_getLiteralPrice(optStatePtr, litlen, anchor);
-            } else {
-                litlen = 1;
-                price = opt[cur - 1].price + ZSTD_getLiteralPrice(optStatePtr, litlen, inr-1);
-            }
-
-            if (cur > last_pos || price <= opt[cur].price)
-                SET_PRICE(cur, 1, 0, litlen, price);
+                    price = opt[cur - litlen].price + ZSTD_literalsContribution(inr-litlen, litlen, optStatePtr);
+                } else {
+                    price = ZSTD_literalsContribution_cached(&cachedLitPrice, anchor, litlen, optStatePtr);
+                }
+                assert(price < 1000000000); /* overflow check */
+                if (price <= opt[cur].price) {
+                    DEBUGLOG(7, "rPos:%u : better price (%u<%u) using literal",
+                                cur, price, opt[cur].price);
+                    opt[cur].mlen = 1;
+                    opt[cur].off = 0;
+                    opt[cur].litlen = litlen;
+                    opt[cur].price = price;
+                    memcpy(opt[cur].rep, opt[cur-1].rep, sizeof(opt[cur].rep));
+            }   }
+
+            /* last match must start at a minimum distance of 8 from oend */
+            if (inr > ilimit) continue;
 
             if (cur == last_pos) break;
 
-            if (inr > ilimit)  /* last match must start at a minimum distance of 8 from oend */
-                continue;
-
-            mlen = opt[cur].mlen;
-            if (opt[cur].off > ZSTD_REP_MOVE_OPT) {
-                opt[cur].rep[2] = opt[cur-mlen].rep[1];
-                opt[cur].rep[1] = opt[cur-mlen].rep[0];
-                opt[cur].rep[0] = opt[cur].off - ZSTD_REP_MOVE_OPT;
-            } else {
-                opt[cur].rep[2] = (opt[cur].off > 1) ? opt[cur-mlen].rep[1] : opt[cur-mlen].rep[2];
-                opt[cur].rep[1] = (opt[cur].off > 0) ? opt[cur-mlen].rep[0] : opt[cur-mlen].rep[1];
-                assert(!(opt[cur].off == ZSTD_REP_MOVE_OPT && mlen == 1));
-                opt[cur].rep[0] = (opt[cur].off == ZSTD_REP_MOVE_OPT) ? (opt[cur-mlen].rep[0] - 1) : (opt[cur-mlen].rep[opt[cur].off]);
-            }
+             if ( (optLevel==0) /*static*/
+               && (opt[cur+1].price <= opt[cur].price) )
+                continue;  /* skip unpromising positions; about ~+6% speed, -0.01 ratio */
+
+            {   U32 const ll0 = (opt[cur].mlen != 1);
+                U32 const litlen = (opt[cur].mlen == 1) ? opt[cur].litlen : 0;
+                U32 const previousPrice = (cur > litlen) ? opt[cur-litlen].price : 0;
+                U32 const basePrice = previousPrice + ZSTD_fullLiteralsCost(inr-litlen, litlen, optStatePtr);
+                U32 const nbMatches = ZSTD_BtGetAllMatches(ctx, inr, iend, extDict, maxSearches, mls, sufficient_len, opt[cur].rep, ll0, matches, minMatch);
+                U32 matchNb;
+                if (!nbMatches) continue;
+
+                {   U32 const maxML = matches[nbMatches-1].len;
+                    DEBUGLOG(7, "rPos:%u, found %u matches, of maxLength=%u",
+                                cur, nbMatches, maxML);
+
+                    if ( (maxML > sufficient_len)
+                       | (cur + maxML >= ZSTD_OPT_NUM) ) {
+                        best_mlen = maxML;
+                        best_off = matches[nbMatches-1].off;
+                        last_pos = cur + 1;
+                        goto _shortestPath;
+                    }
+                }
 
-            best_mlen = minMatch;
-            {   U32 i, last_i = ZSTD_REP_CHECK + (mlen != 1);
-                for (i = (mlen != 1); i<last_i; i++) {
-                    const S32 repCur = (i==ZSTD_REP_MOVE_OPT) ? (opt[cur].rep[0] - 1) : opt[cur].rep[i];
-                    const U32 repIndex = (U32)(current+cur - repCur);
-                    const BYTE* const repBase = repIndex < dictLimit ? dictBase : base;
-                    const BYTE* const repMatch = repBase + repIndex;
-                    if ( (repCur > 0 && repCur <= (S32)(current+cur))
-                      && (((U32)((dictLimit-1) - repIndex) >= 3) & (repIndex>lowestIndex))  /* intentional overflow */
-                      && (ZSTD_readMINMATCH(inr, minMatch) == ZSTD_readMINMATCH(repMatch, minMatch)) ) {
-                        /* repcode detected */
-                        const BYTE* const repEnd = repIndex < dictLimit ? dictEnd : iend;
-                        mlen = (U32)ZSTD_count_2segments(inr+minMatch, repMatch+minMatch, iend, repEnd, prefixStart) + minMatch;
-
-                        if (mlen > sufficient_len || cur + mlen >= ZSTD_OPT_NUM) {
-                            best_mlen = mlen; best_off = i; last_pos = cur + 1;
-                            goto _storeSequence;
+                /* set prices using matches found at position == cur */
+                for (matchNb = 0; matchNb < nbMatches; matchNb++) {
+                    U32 const offset = matches[matchNb].off;
+                    repcodes_t const repHistory = ZSTD_updateRep(opt[cur].rep, offset, ll0);
+                    U32 const lastML = matches[matchNb].len;
+                    U32 const startML = (matchNb>0) ? matches[matchNb-1].len+1 : minMatch;
+                    U32 mlen;
+
+                    DEBUGLOG(7, "testing match %u => offCode=%u, mlen=%u, llen=%u",
+                                matchNb, matches[matchNb].off, lastML, litlen);
+
+                    for (mlen = lastML; mlen >= startML; mlen--) {
+                        U32 const pos = cur + mlen;
+                        int const price = basePrice + ZSTD_getMatchPrice(offset, mlen, optStatePtr, optLevel);
+
+                        if ((pos > last_pos) || (price < opt[pos].price)) {
+                            DEBUGLOG(7, "rPos:%u => new better price (%u<%u)",
+                                        pos, price, opt[pos].price);
+                            while (last_pos < pos) { opt[last_pos+1].price = ZSTD_MAX_PRICE; last_pos++; }
+                            opt[pos].mlen = mlen;
+                            opt[pos].off = offset;
+                            opt[pos].litlen = litlen;
+                            opt[pos].price = price;
+                            memcpy(opt[pos].rep, &repHistory, sizeof(repHistory));
+                        } else {
+                            if (optLevel==0) break;  /* gets ~+10% speed for about -0.01 ratio loss */
                         }
-
-                        best_off = i - (opt[cur].mlen != 1);
-                        if (mlen > best_mlen) best_mlen = mlen;
-
-                        do {
-                            if (opt[cur].mlen == 1) {
-                                litlen = opt[cur].litlen;
-                                if (cur > litlen) {
-                                    price = opt[cur - litlen].price + ZSTD_getPrice(optStatePtr, litlen, inr-litlen, best_off, mlen - MINMATCH, ultra);
-                                } else
-                                    price = ZSTD_getPrice(optStatePtr, litlen, anchor, best_off, mlen - MINMATCH, ultra);
-                            } else {
-                                litlen = 0;
-                                price = opt[cur].price + ZSTD_getPrice(optStatePtr, 0, NULL, best_off, mlen - MINMATCH, ultra);
-                            }
-
-                            if (cur + mlen > last_pos || price <= opt[cur + mlen].price)
-                                SET_PRICE(cur + mlen, mlen, i, litlen, price);
-                            mlen--;
-                        } while (mlen >= minMatch);
             }   }   }
-
-            match_num = ZSTD_BtGetAllMatches_selectMLS_extDict(ctx, inr, iend, maxSearches, mls, matches, minMatch);
-
-            if (match_num > 0 && (matches[match_num-1].len > sufficient_len || cur + matches[match_num-1].len >= ZSTD_OPT_NUM)) {
-                best_mlen = matches[match_num-1].len;
-                best_off = matches[match_num-1].off;
-                last_pos = cur + 1;
-                goto _storeSequence;
-            }
-
-            /* set prices using matches at position = cur */
-            for (u = 0; u < match_num; u++) {
-                mlen = (u>0) ? matches[u-1].len+1 : best_mlen;
-                best_mlen = matches[u].len;
-
-                while (mlen <= best_mlen) {
-                    if (opt[cur].mlen == 1) {
-                        litlen = opt[cur].litlen;
-                        if (cur > litlen)
-                            price = opt[cur - litlen].price + ZSTD_getPrice(optStatePtr, litlen, ip+cur-litlen, matches[u].off-1, mlen - MINMATCH, ultra);
-                        else
-                            price = ZSTD_getPrice(optStatePtr, litlen, anchor, matches[u].off-1, mlen - MINMATCH, ultra);
-                    } else {
-                        litlen = 0;
-                        price = opt[cur].price + ZSTD_getPrice(optStatePtr, 0, NULL, matches[u].off-1, mlen - MINMATCH, ultra);
-                    }
-
-                    if (cur + mlen > last_pos || (price < opt[cur + mlen].price))
-                        SET_PRICE(cur + mlen, mlen, matches[u].off, litlen, price);
-
-                    mlen++;
-        }   }   }   /* for (cur = 1; cur <= last_pos; cur++) */
+        }  /* for (cur = 1; cur <= last_pos; cur++) */
 
         best_mlen = opt[last_pos].mlen;
         best_off = opt[last_pos].off;
         cur = last_pos - best_mlen;
 
-        /* store sequence */
-_storeSequence:   /* cur, last_pos, best_mlen, best_off have to be set */
-        opt[0].mlen = 1;
-
-        while (1) {
-            mlen = opt[cur].mlen;
-            offset = opt[cur].off;
-            opt[cur].mlen = best_mlen;
-            opt[cur].off = best_off;
-            best_mlen = mlen;
-            best_off = offset;
-            if (mlen > cur) break;
-            cur -= mlen;
-        }
-
-        for (u = 0; u <= last_pos; ) {
-            u += opt[u].mlen;
-        }
+_shortestPath:   /* cur, last_pos, best_mlen, best_off have to be set */
+        assert(opt[0].mlen == 1);
+
+        /* reverse traversal */
+        DEBUGLOG(7, "start reverse traversal (last_pos:%u, cur:%u)",
+                    last_pos, cur);
+        {   U32 selectedMatchLength = best_mlen;
+            U32 selectedOffset = best_off;
+            U32 pos = cur;
+            while (1) {
+                U32 const mlen = opt[pos].mlen;
+                U32 const off = opt[pos].off;
+                opt[pos].mlen = selectedMatchLength;
+                opt[pos].off = selectedOffset;
+                selectedMatchLength = mlen;
+                selectedOffset = off;
+                if (mlen > pos) break;
+                pos -= mlen;
+        }   }
 
-        for (cur=0; cur < last_pos; ) {
-            mlen = opt[cur].mlen;
-            if (mlen == 1) { ip++; cur++; continue; }
-            offset = opt[cur].off;
-            cur += mlen;
-            litLength = (U32)(ip - anchor);
-
-            if (offset > ZSTD_REP_MOVE_OPT) {
-                rep[2] = rep[1];
-                rep[1] = rep[0];
-                rep[0] = offset - ZSTD_REP_MOVE_OPT;
-                offset--;
-            } else {
-                if (offset != 0) {
-                    best_off = (offset==ZSTD_REP_MOVE_OPT) ? (rep[0] - 1) : (rep[offset]);
-                    if (offset != 1) rep[2] = rep[1];
+        /* save sequences */
+        {   U32 pos;
+            for (pos=0; pos < last_pos; ) {
+                U32 const llen = (U32)(ip - anchor);
+                U32 const mlen = opt[pos].mlen;
+                U32 const offset = opt[pos].off;
+                if (mlen == 1) { ip++; pos++; continue; }  /* literal position => move on */
+                pos += mlen; ip += mlen;
+
+                /* repcodes update : like ZSTD_updateRep(), but update in place */
+                if (offset >= ZSTD_REP_NUM) {  /* full offset */
+                    rep[2] = rep[1];
                     rep[1] = rep[0];
-                    rep[0] = best_off;
+                    rep[0] = offset - ZSTD_REP_MOVE;
+                } else {   /* repcode */
+                    U32 const repCode = offset + (llen==0);
+                    if (repCode) {  /* note : if repCode==0, no change */
+                        U32 const currentOffset = (repCode==ZSTD_REP_NUM) ? (rep[0] - 1) : rep[repCode];
+                        if (repCode >= 2) rep[2] = rep[1];
+                        rep[1] = rep[0];
+                        rep[0] = currentOffset;
+                    }
                 }
 
-                if (litLength==0) offset--;
-            }
-
-            ZSTD_updatePrice(optStatePtr, litLength, anchor, offset, mlen-MINMATCH);
-            ZSTD_storeSeq(seqStorePtr, litLength, anchor, offset, mlen-MINMATCH);
-            anchor = ip = ip + mlen;
-    }    }   /* for (cur=0; cur < last_pos; ) */
+                ZSTD_updateStats(optStatePtr, llen, anchor, offset, mlen);
+                ZSTD_storeSeq(seqStorePtr, llen, anchor, offset, mlen-MINMATCH);
+                anchor = ip;
+        }   }
+        ZSTD_setLog2Prices(optStatePtr);
+    }   /* while (ip < ilimit) */
 
     /* Save reps for next block */
     { int i; for (i=0; i<ZSTD_REP_NUM; i++) seqStorePtr->repToConfirm[i] = rep[i]; }
@@ -946,12 +763,23 @@ _storeSequence:   /* cur, last_pos, best_mlen, best_off have to be set */
 }
 
 
+size_t ZSTD_compressBlock_btopt(ZSTD_CCtx* ctx, const void* src, size_t srcSize)
+{
+    DEBUGLOG(5, "ZSTD_compressBlock_btopt");
+    return ZSTD_compressBlock_opt_generic(ctx, src, srcSize, 0 /*optLevel*/, 0 /*extDict*/);
+}
+
+size_t ZSTD_compressBlock_btultra(ZSTD_CCtx* ctx, const void* src, size_t srcSize)
+{
+    return ZSTD_compressBlock_opt_generic(ctx, src, srcSize, 2 /*optLevel*/, 0 /*extDict*/);
+}
+
 size_t ZSTD_compressBlock_btopt_extDict(ZSTD_CCtx* ctx, const void* src, size_t srcSize)
 {
-    return ZSTD_compressBlock_opt_extDict_generic(ctx, src, srcSize, 0);
+    return ZSTD_compressBlock_opt_generic(ctx, src, srcSize, 0 /*optLevel*/, 1 /*extDict*/);
 }
 
 size_t ZSTD_compressBlock_btultra_extDict(ZSTD_CCtx* ctx, const void* src, size_t srcSize)
 {
-    return ZSTD_compressBlock_opt_extDict_generic(ctx, src, srcSize, 1);
+    return ZSTD_compressBlock_opt_generic(ctx, src, srcSize, 2 /*optLevel*/, 1 /*extDict*/);
 }
diff --git a/thirdparty/zstd/compress/zstd_opt.h b/thirdparty/zstd/compress/zstd_opt.h
index 816a1fabbf..82e810c293 100644
--- a/thirdparty/zstd/compress/zstd_opt.h
+++ b/thirdparty/zstd/compress/zstd_opt.h
@@ -11,12 +11,12 @@
 #ifndef ZSTD_OPT_H
 #define ZSTD_OPT_H
 
-#include "zstd_compress.h"
-
 #if defined (__cplusplus)
 extern "C" {
 #endif
 
+#include "zstd.h"   /* ZSTD_CCtx, size_t */
+
 size_t ZSTD_compressBlock_btopt(ZSTD_CCtx* ctx, const void* src, size_t srcSize);
 size_t ZSTD_compressBlock_btultra(ZSTD_CCtx* ctx, const void* src, size_t srcSize);
 
diff --git a/thirdparty/zstd/compress/zstdmt_compress.c b/thirdparty/zstd/compress/zstdmt_compress.c
index 7831cd3bd8..e51edf124f 100644
--- a/thirdparty/zstd/compress/zstdmt_compress.c
+++ b/thirdparty/zstd/compress/zstdmt_compress.c
@@ -24,7 +24,7 @@
 #include <string.h>      /* memcpy, memset */
 #include "pool.h"        /* threadpool */
 #include "threading.h"   /* mutex */
-#include "zstd_internal.h"  /* MIN, ERROR, ZSTD_*, ZSTD_highbit32 */
+#include "zstd_compress_internal.h"  /* MIN, ERROR, ZSTD_*, ZSTD_highbit32 */
 #include "zstdmt_compress.h"
 
 
@@ -140,9 +140,12 @@ static size_t ZSTDMT_sizeof_bufferPool(ZSTDMT_bufferPool* bufPool)
     return poolSize + totalBufferSize;
 }
 
-static void ZSTDMT_setBufferSize(ZSTDMT_bufferPool* bufPool, size_t bSize)
+static void ZSTDMT_setBufferSize(ZSTDMT_bufferPool* const bufPool, size_t const bSize)
 {
+    ZSTD_pthread_mutex_lock(&bufPool->poolMutex);
+    DEBUGLOG(4, "ZSTDMT_setBufferSize: bSize = %u", (U32)bSize);
     bufPool->bufferSize = bSize;
+    ZSTD_pthread_mutex_unlock(&bufPool->poolMutex);
 }
 
 /** ZSTDMT_getBuffer() :
@@ -150,28 +153,31 @@ static void ZSTDMT_setBufferSize(ZSTDMT_bufferPool* bufPool, size_t bSize)
 static buffer_t ZSTDMT_getBuffer(ZSTDMT_bufferPool* bufPool)
 {
     size_t const bSize = bufPool->bufferSize;
-    DEBUGLOG(5, "ZSTDMT_getBuffer");
+    DEBUGLOG(5, "ZSTDMT_getBuffer: bSize = %u", (U32)bufPool->bufferSize);
     ZSTD_pthread_mutex_lock(&bufPool->poolMutex);
     if (bufPool->nbBuffers) {   /* try to use an existing buffer */
         buffer_t const buf = bufPool->bTable[--(bufPool->nbBuffers)];
         size_t const availBufferSize = buf.size;
         bufPool->bTable[bufPool->nbBuffers] = g_nullBuffer;
-        if ((availBufferSize >= bSize) & (availBufferSize <= 10*bSize)) {
+        if ((availBufferSize >= bSize) & ((availBufferSize>>3) <= bSize)) {
             /* large enough, but not too much */
+            DEBUGLOG(5, "ZSTDMT_getBuffer: provide buffer %u of size %u",
+                        bufPool->nbBuffers, (U32)buf.size);
             ZSTD_pthread_mutex_unlock(&bufPool->poolMutex);
             return buf;
         }
         /* size conditions not respected : scratch this buffer, create new one */
-        DEBUGLOG(5, "existing buffer does not meet size conditions => freeing");
+        DEBUGLOG(5, "ZSTDMT_getBuffer: existing buffer does not meet size conditions => freeing");
         ZSTD_free(buf.start, bufPool->cMem);
     }
     ZSTD_pthread_mutex_unlock(&bufPool->poolMutex);
     /* create new buffer */
-    DEBUGLOG(5, "create a new buffer");
+    DEBUGLOG(5, "ZSTDMT_getBuffer: create a new buffer");
     {   buffer_t buffer;
         void* const start = ZSTD_malloc(bSize, bufPool->cMem);
         buffer.start = start;   /* note : start can be NULL if malloc fails ! */
         buffer.size = (start==NULL) ? 0 : bSize;
+        DEBUGLOG(5, "ZSTDMT_getBuffer: created buffer of size %u", (U32)bSize);
         return buffer;
     }
 }
@@ -184,12 +190,14 @@ static void ZSTDMT_releaseBuffer(ZSTDMT_bufferPool* bufPool, buffer_t buf)
     ZSTD_pthread_mutex_lock(&bufPool->poolMutex);
     if (bufPool->nbBuffers < bufPool->totalBuffers) {
         bufPool->bTable[bufPool->nbBuffers++] = buf;  /* stored for later use */
+        DEBUGLOG(5, "ZSTDMT_releaseBuffer: stored buffer of size %u in slot %u",
+                    (U32)buf.size, (U32)(bufPool->nbBuffers-1));
         ZSTD_pthread_mutex_unlock(&bufPool->poolMutex);
         return;
     }
     ZSTD_pthread_mutex_unlock(&bufPool->poolMutex);
     /* Reached bufferPool capacity (should not happen) */
-    DEBUGLOG(5, "buffer pool capacity reached => freeing ");
+    DEBUGLOG(5, "ZSTDMT_releaseBuffer: pool capacity reached => freeing ");
     ZSTD_free(buf.start, bufPool->cMem);
 }
 
@@ -302,7 +310,7 @@ static void ZSTDMT_releaseCCtx(ZSTDMT_CCtxPool* pool, ZSTD_CCtx* cctx)
 typedef struct {
     buffer_t src;
     const void* srcStart;
-    size_t   dictSize;
+    size_t   prefixSize;
     size_t   srcSize;
     buffer_t dstBuff;
     size_t   cSize;
@@ -324,11 +332,11 @@ typedef struct {
 void ZSTDMT_compressChunk(void* jobDescription)
 {
     ZSTDMT_jobDescription* const job = (ZSTDMT_jobDescription*)jobDescription;
-    ZSTD_CCtx* cctx = ZSTDMT_getCCtx(job->cctxPool);
-    const void* const src = (const char*)job->srcStart + job->dictSize;
+    ZSTD_CCtx* const cctx = ZSTDMT_getCCtx(job->cctxPool);
+    const void* const src = (const char*)job->srcStart + job->prefixSize;
     buffer_t dstBuff = job->dstBuff;
-    DEBUGLOG(5, "job (first:%u) (last:%u) : dictSize %u, srcSize %u",
-                 job->firstChunk, job->lastChunk, (U32)job->dictSize, (U32)job->srcSize);
+    DEBUGLOG(5, "ZSTDMT_compressChunk: job (first:%u) (last:%u) : prefixSize %u, srcSize %u ",
+                 job->firstChunk, job->lastChunk, (U32)job->prefixSize, (U32)job->srcSize);
 
     if (cctx==NULL) {
         job->cSize = ERROR(memory_allocation);
@@ -342,38 +350,48 @@ void ZSTDMT_compressChunk(void* jobDescription)
             goto _endJob;
         }
         job->dstBuff = dstBuff;
+        DEBUGLOG(5, "ZSTDMT_compressChunk: received dstBuff of size %u", (U32)dstBuff.size);
     }
 
-    if (job->cdict) {  /* should only happen for first segment */
-        size_t const initError = ZSTD_compressBegin_usingCDict_advanced(cctx, job->cdict, job->params.fParams, job->fullFrameSize);
-        DEBUGLOG(5, "using CDict");
+    if (job->cdict) {
+        size_t const initError = ZSTD_compressBegin_advanced_internal(cctx, NULL, 0, ZSTD_dm_auto, job->cdict, job->params, job->fullFrameSize);
+        DEBUGLOG(4, "ZSTDMT_compressChunk: init using CDict (windowLog=%u)", job->params.cParams.windowLog);
+        assert(job->firstChunk);  /* only allowed for first job */
         if (ZSTD_isError(initError)) { job->cSize = initError; goto _endJob; }
     } else {  /* srcStart points at reloaded section */
-        if (!job->firstChunk) job->params.fParams.contentSizeFlag = 0;  /* ensure no srcSize control */
-        { ZSTD_CCtx_params jobParams = job->params;
-          size_t const forceWindowError =
-              ZSTD_CCtxParam_setParameter(&jobParams, ZSTD_p_forceMaxWindow, !job->firstChunk);
-          /* Force loading dictionary in "content-only" mode (no header analysis) */
-          size_t const initError = ZSTD_compressBegin_advanced_internal(cctx, job->srcStart, job->dictSize, ZSTD_dm_rawContent, jobParams, job->fullFrameSize);
-            if (ZSTD_isError(initError) || ZSTD_isError(forceWindowError)) {
+        U64 const pledgedSrcSize = job->firstChunk ? job->fullFrameSize : ZSTD_CONTENTSIZE_UNKNOWN;
+        ZSTD_CCtx_params jobParams = job->params;   /* do not modify job->params ! copy it, modify the copy */
+        size_t const forceWindowError = ZSTD_CCtxParam_setParameter(&jobParams, ZSTD_p_forceMaxWindow, !job->firstChunk);
+        if (ZSTD_isError(forceWindowError)) {
+            DEBUGLOG(5, "ZSTD_CCtxParam_setParameter error : %s ", ZSTD_getErrorName(forceWindowError));
+            job->cSize = forceWindowError;
+            goto _endJob;
+        }
+        DEBUGLOG(5, "ZSTDMT_compressChunk: invoking ZSTD_compressBegin_advanced_internal with windowLog = %u ", jobParams.cParams.windowLog);
+        {   size_t const initError = ZSTD_compressBegin_advanced_internal(cctx,
+                                        job->srcStart, job->prefixSize, ZSTD_dm_rawContent, /* load dictionary in "content-only" mode (no header analysis) */
+                                        NULL,
+                                        jobParams, pledgedSrcSize);
+            if (ZSTD_isError(initError)) {
+                DEBUGLOG(5, "ZSTD_compressBegin_advanced_internal error : %s ", ZSTD_getErrorName(initError));
                 job->cSize = initError;
                 goto _endJob;
-            }
-    }   }
-    if (!job->firstChunk) {  /* flush and overwrite frame header when it's not first segment */
+        }   }
+    }
+    if (!job->firstChunk) {  /* flush and overwrite frame header when it's not first job */
         size_t const hSize = ZSTD_compressContinue(cctx, dstBuff.start, dstBuff.size, src, 0);
-        if (ZSTD_isError(hSize)) { job->cSize = hSize; goto _endJob; }
+        if (ZSTD_isError(hSize)) { job->cSize = hSize; /* save error code */ goto _endJob; }
         ZSTD_invalidateRepCodes(cctx);
     }
 
-    DEBUGLOG(5, "Compressing : ");
-    DEBUG_PRINTHEX(4, job->srcStart, 12);
+    DEBUGLOG(5, "Compressing into dstBuff of size %u", (U32)dstBuff.size);
+    DEBUG_PRINTHEX(6, job->srcStart, 12);
     job->cSize = (job->lastChunk) ?
                  ZSTD_compressEnd     (cctx, dstBuff.start, dstBuff.size, src, job->srcSize) :
                  ZSTD_compressContinue(cctx, dstBuff.start, dstBuff.size, src, job->srcSize);
-    DEBUGLOG(5, "compressed %u bytes into %u bytes   (first:%u) (last:%u)",
+    DEBUGLOG(5, "compressed %u bytes into %u bytes   (first:%u) (last:%u) ",
                 (unsigned)job->srcSize, (unsigned)job->cSize, job->firstChunk, job->lastChunk);
-    DEBUGLOG(5, "dstBuff.size : %u ; => %s", (U32)dstBuff.size, ZSTD_getErrorName(job->cSize));
+    DEBUGLOG(5, "dstBuff.size : %u ; => %s ", (U32)dstBuff.size, ZSTD_getErrorName(job->cSize));
 
 _endJob:
     ZSTDMT_releaseCCtx(job->cctxPool, cctx);
@@ -403,13 +421,14 @@ struct ZSTDMT_CCtx_s {
     ZSTDMT_CCtxPool* cctxPool;
     ZSTD_pthread_mutex_t jobCompleted_mutex;
     ZSTD_pthread_cond_t jobCompleted_cond;
+    ZSTD_CCtx_params params;
     size_t targetSectionSize;
     size_t inBuffSize;
     size_t dictSize;
     size_t targetDictSize;
     inBuff_t inBuff;
-    ZSTD_CCtx_params params;
     XXH64_state_t xxhState;
+    unsigned singleThreaded;
     unsigned jobIDMask;
     unsigned doneJobID;
     unsigned nextJobID;
@@ -430,20 +449,32 @@ static ZSTDMT_jobDescription* ZSTDMT_allocJobsTable(U32* nbJobsPtr, ZSTD_customM
                             nbJobs * sizeof(ZSTDMT_jobDescription), cMem);
 }
 
-/* Internal only */
-size_t ZSTDMT_initializeCCtxParameters(ZSTD_CCtx_params* params, unsigned nbThreads)
+/* ZSTDMT_CCtxParam_setNbThreads():
+ * Internal use only */
+size_t ZSTDMT_CCtxParam_setNbThreads(ZSTD_CCtx_params* params, unsigned nbThreads)
 {
+    if (nbThreads > ZSTDMT_NBTHREADS_MAX) nbThreads = ZSTDMT_NBTHREADS_MAX;
+    if (nbThreads < 1) nbThreads = 1;
     params->nbThreads = nbThreads;
     params->overlapSizeLog = ZSTDMT_OVERLAPLOG_DEFAULT;
     params->jobSize = 0;
-    return 0;
+    return nbThreads;
+}
+
+/* ZSTDMT_getNbThreads():
+ * @return nb threads currently active in mtctx.
+ * mtctx must be valid */
+size_t ZSTDMT_getNbThreads(const ZSTDMT_CCtx* mtctx)
+{
+    assert(mtctx != NULL);
+    return mtctx->params.nbThreads;
 }
 
 ZSTDMT_CCtx* ZSTDMT_createCCtx_advanced(unsigned nbThreads, ZSTD_customMem cMem)
 {
     ZSTDMT_CCtx* mtctx;
     U32 nbJobs = nbThreads + 2;
-    DEBUGLOG(3, "ZSTDMT_createCCtx_advanced");
+    DEBUGLOG(3, "ZSTDMT_createCCtx_advanced (nbThreads = %u)", nbThreads);
 
     if (nbThreads < 1) return NULL;
     nbThreads = MIN(nbThreads , ZSTDMT_NBTHREADS_MAX);
@@ -453,7 +484,7 @@ ZSTDMT_CCtx* ZSTDMT_createCCtx_advanced(unsigned nbThreads, ZSTD_customMem cMem)
 
     mtctx = (ZSTDMT_CCtx*) ZSTD_calloc(sizeof(ZSTDMT_CCtx), cMem);
     if (!mtctx) return NULL;
-    ZSTDMT_initializeCCtxParameters(&mtctx->params, nbThreads);
+    ZSTDMT_CCtxParam_setNbThreads(&mtctx->params, nbThreads);
     mtctx->cMem = cMem;
     mtctx->allJobsCompleted = 1;
     mtctx->factory = POOL_create_advanced(nbThreads, 0, cMem);
@@ -545,17 +576,23 @@ size_t ZSTDMT_sizeof_CCtx(ZSTDMT_CCtx* mtctx)
 }
 
 /* Internal only */
-size_t ZSTDMT_CCtxParam_setMTCtxParameter(
-    ZSTD_CCtx_params* params, ZSTDMT_parameter parameter, unsigned value) {
+size_t ZSTDMT_CCtxParam_setMTCtxParameter(ZSTD_CCtx_params* params,
+                                ZSTDMT_parameter parameter, unsigned value) {
+    DEBUGLOG(4, "ZSTDMT_CCtxParam_setMTCtxParameter");
     switch(parameter)
     {
-    case ZSTDMT_p_sectionSize :
+    case ZSTDMT_p_jobSize :
+        DEBUGLOG(4, "ZSTDMT_CCtxParam_setMTCtxParameter : set jobSize to %u", value);
+        if ( (value > 0)  /* value==0 => automatic job size */
+           & (value < ZSTDMT_JOBSIZE_MIN) )
+            value = ZSTDMT_JOBSIZE_MIN;
         params->jobSize = value;
-        return 0;
+        return value;
     case ZSTDMT_p_overlapSectionLog :
+        if (value > 9) value = 9;
         DEBUGLOG(4, "ZSTDMT_p_overlapSectionLog : %u", value);
         params->overlapSizeLog = (value >= 9) ? 9 : value;
-        return 0;
+        return value;
     default :
         return ERROR(parameter_unsupported);
     }
@@ -563,9 +600,10 @@ size_t ZSTDMT_CCtxParam_setMTCtxParameter(
 
 size_t ZSTDMT_setMTCtxParameter(ZSTDMT_CCtx* mtctx, ZSTDMT_parameter parameter, unsigned value)
 {
+    DEBUGLOG(4, "ZSTDMT_setMTCtxParameter");
     switch(parameter)
     {
-    case ZSTDMT_p_sectionSize :
+    case ZSTDMT_p_jobSize :
         return ZSTDMT_CCtxParam_setMTCtxParameter(&mtctx->params, parameter, value);
     case ZSTDMT_p_overlapSectionLog :
         return ZSTDMT_CCtxParam_setMTCtxParameter(&mtctx->params, parameter, value);
@@ -601,7 +639,7 @@ static size_t ZSTDMT_compress_advanced_internal(
     size_t const overlapSize = (overlapRLog>=9) ? 0 : (size_t)1 << (params.cParams.windowLog - overlapRLog);
     unsigned nbChunks = computeNbChunks(srcSize, params.cParams.windowLog, params.nbThreads);
     size_t const proposedChunkSize = (srcSize + (nbChunks-1)) / nbChunks;
-    size_t const avgChunkSize = ((proposedChunkSize & 0x1FFFF) < 0x7FFF) ? proposedChunkSize + 0xFFFF : proposedChunkSize;   /* avoid too small last block */
+    size_t const avgChunkSize = (((proposedChunkSize-1) & 0x1FFFF) < 0x7FFF) ? proposedChunkSize + 0xFFFF : proposedChunkSize;   /* avoid too small last block */
     const char* const srcStart = (const char*)src;
     size_t remainingSrcSize = srcSize;
     unsigned const compressWithinDst = (dstCapacity >= ZSTD_compressBound(srcSize)) ? nbChunks : (unsigned)(dstCapacity / ZSTD_compressBound(avgChunkSize));  /* presumes avgChunkSize >= 256 KB, which should be the case */
@@ -610,7 +648,8 @@ static size_t ZSTDMT_compress_advanced_internal(
     assert(jobParams.nbThreads == 0);
     assert(mtctx->cctxPool->totalCCtx == params.nbThreads);
 
-    DEBUGLOG(4, "nbChunks  : %2u   (chunkSize : %u bytes)   ", nbChunks, (U32)avgChunkSize);
+    DEBUGLOG(4, "ZSTDMT_compress_advanced_internal: nbChunks=%2u (rawSize=%u bytes; fixedSize=%u)  ",
+                nbChunks, (U32)proposedChunkSize, (U32)avgChunkSize);
     if (nbChunks==1) {   /* fallback to single-thread mode */
         ZSTD_CCtx* const cctx = mtctx->cctxPool->cctx[0];
         if (cdict) return ZSTD_compress_usingCDict_advanced(cctx, dst, dstCapacity, src, srcSize, cdict, jobParams.fParams);
@@ -639,9 +678,9 @@ static size_t ZSTDMT_compress_advanced_internal(
 
             mtctx->jobs[u].src = g_nullBuffer;
             mtctx->jobs[u].srcStart = srcStart + frameStartPos - dictSize;
-            mtctx->jobs[u].dictSize = dictSize;
+            mtctx->jobs[u].prefixSize = dictSize;
             mtctx->jobs[u].srcSize = chunkSize;
-            mtctx->jobs[u].cdict = mtctx->nextJobID==0 ? cdict : NULL;
+            mtctx->jobs[u].cdict = (u==0) ? cdict : NULL;
             mtctx->jobs[u].fullFrameSize = srcSize;
             mtctx->jobs[u].params = jobParams;
             /* do not calculate checksum within sections, but write it in header for first section */
@@ -659,7 +698,7 @@ static size_t ZSTDMT_compress_advanced_internal(
                 XXH64_update(&xxh64, srcStart + frameStartPos, chunkSize);
             }
 
-            DEBUGLOG(5, "posting job %u   (%u bytes)", u, (U32)chunkSize);
+            DEBUGLOG(5, "ZSTDMT_compress_advanced_internal: posting job %u  (%u bytes)", u, (U32)chunkSize);
             DEBUG_PRINTHEX(6, mtctx->jobs[u].srcStart, 12);
             POOL_add(mtctx->factory, ZSTDMT_compressChunk, &mtctx->jobs[u]);
 
@@ -753,13 +792,14 @@ size_t ZSTDMT_initCStream_internal(
         const ZSTD_CDict* cdict, ZSTD_CCtx_params params,
         unsigned long long pledgedSrcSize)
 {
-    DEBUGLOG(4, "ZSTDMT_initCStream_internal");
+    DEBUGLOG(4, "ZSTDMT_initCStream_internal (pledgedSrcSize=%u)", (U32)pledgedSrcSize);
     /* params are supposed to be fully validated at this point */
     assert(!ZSTD_isError(ZSTD_checkCParams(params.cParams)));
     assert(!((dict) && (cdict)));  /* either dict or cdict, not both */
     assert(zcs->cctxPool->totalCCtx == params.nbThreads);
+    zcs->singleThreaded = (params.nbThreads==1) | (pledgedSrcSize <= ZSTDMT_JOBSIZE_MIN);  /* do not trigger multi-threading when srcSize is too small */
 
-    if (params.nbThreads==1) {
+    if (zcs->singleThreaded) {
         ZSTD_CCtx_params const singleThreadParams = ZSTDMT_makeJobCCtxParams(params);
         DEBUGLOG(4, "single thread mode");
         assert(singleThreadParams.nbThreads == 0);
@@ -767,6 +807,7 @@ size_t ZSTDMT_initCStream_internal(
                                          dict, dictSize, cdict,
                                          singleThreadParams, pledgedSrcSize);
     }
+    DEBUGLOG(4, "multi-threading mode (%u threads)", params.nbThreads);
 
     if (zcs->allJobsCompleted == 0) {   /* previous compression not correctly finished */
         ZSTDMT_waitForAllJobsCompleted(zcs);
@@ -777,7 +818,6 @@ size_t ZSTDMT_initCStream_internal(
     zcs->params = params;
     zcs->frameContentSize = pledgedSrcSize;
     if (dict) {
-        DEBUGLOG(4,"cdictLocal: %08X", (U32)(size_t)zcs->cdictLocal);
         ZSTD_freeCDict(zcs->cdictLocal);
         zcs->cdictLocal = ZSTD_createCDict_advanced(dict, dictSize,
                                                     ZSTD_dlm_byCopy, dictMode, /* note : a loadPrefix becomes an internal CDict */
@@ -785,20 +825,20 @@ size_t ZSTDMT_initCStream_internal(
         zcs->cdict = zcs->cdictLocal;
         if (zcs->cdictLocal == NULL) return ERROR(memory_allocation);
     } else {
-        DEBUGLOG(4,"cdictLocal: %08X", (U32)(size_t)zcs->cdictLocal);
         ZSTD_freeCDict(zcs->cdictLocal);
         zcs->cdictLocal = NULL;
         zcs->cdict = cdict;
     }
 
+    assert(params.overlapSizeLog <= 9);
     zcs->targetDictSize = (params.overlapSizeLog==0) ? 0 : (size_t)1 << (params.cParams.windowLog - (9 - params.overlapSizeLog));
-    DEBUGLOG(4, "overlapLog : %u ", params.overlapSizeLog);
-    DEBUGLOG(4, "overlap Size : %u KB", (U32)(zcs->targetDictSize>>10));
+    DEBUGLOG(4, "overlapLog=%u => %u KB", params.overlapSizeLog, (U32)(zcs->targetDictSize>>10));
     zcs->targetSectionSize = params.jobSize ? params.jobSize : (size_t)1 << (params.cParams.windowLog + 2);
-    zcs->targetSectionSize = MAX(ZSTDMT_SECTION_SIZE_MIN, zcs->targetSectionSize);
-    zcs->targetSectionSize = MAX(zcs->targetDictSize, zcs->targetSectionSize);
-    DEBUGLOG(4, "Section Size : %u KB", (U32)(zcs->targetSectionSize>>10));
+    if (zcs->targetSectionSize < ZSTDMT_JOBSIZE_MIN) zcs->targetSectionSize = ZSTDMT_JOBSIZE_MIN;
+    if (zcs->targetSectionSize < zcs->targetDictSize) zcs->targetSectionSize = zcs->targetDictSize;  /* job size must be >= overlap size */
+    DEBUGLOG(4, "Job Size : %u KB (note : set to %u)", (U32)(zcs->targetSectionSize>>10), params.jobSize);
     zcs->inBuffSize = zcs->targetDictSize + zcs->targetSectionSize;
+    DEBUGLOG(4, "inBuff Size : %u KB", (U32)(zcs->inBuffSize>>10));
     ZSTDMT_setBufferSize(zcs->bufPool, MAX(zcs->inBuffSize, ZSTD_compressBound(zcs->targetSectionSize)) );
     zcs->inBuff.buffer = g_nullBuffer;
     zcs->dictSize = 0;
@@ -816,7 +856,7 @@ size_t ZSTDMT_initCStream_advanced(ZSTDMT_CCtx* mtctx,
                                    unsigned long long pledgedSrcSize)
 {
     ZSTD_CCtx_params cctxParams = mtctx->params;
-    DEBUGLOG(5, "ZSTDMT_initCStream_advanced");
+    DEBUGLOG(5, "ZSTDMT_initCStream_advanced (pledgedSrcSize=%u)", (U32)pledgedSrcSize);
     cctxParams.cParams = params.cParams;
     cctxParams.fParams = params.fParams;
     return ZSTDMT_initCStream_internal(mtctx, dict, dictSize, ZSTD_dm_auto, NULL,
@@ -838,9 +878,12 @@ size_t ZSTDMT_initCStream_usingCDict(ZSTDMT_CCtx* mtctx,
 
 
 /* ZSTDMT_resetCStream() :
- * pledgedSrcSize is optional and can be zero == unknown */
+ * pledgedSrcSize can be zero == unknown (for the time being)
+ * prefer using ZSTD_CONTENTSIZE_UNKNOWN,
+ * as `0` might mean "empty" in the future */
 size_t ZSTDMT_resetCStream(ZSTDMT_CCtx* zcs, unsigned long long pledgedSrcSize)
 {
+    if (!pledgedSrcSize) pledgedSrcSize = ZSTD_CONTENTSIZE_UNKNOWN;
     if (zcs->params.nbThreads==1)
         return ZSTD_resetCStream(zcs->cctxPool->cctx[0], pledgedSrcSize);
     return ZSTDMT_initCStream_internal(zcs, NULL, 0, ZSTD_dm_auto, 0, zcs->params,
@@ -852,7 +895,7 @@ size_t ZSTDMT_initCStream(ZSTDMT_CCtx* zcs, int compressionLevel) {
     ZSTD_CCtx_params cctxParams = zcs->params;
     cctxParams.cParams = params.cParams;
     cctxParams.fParams = params.fParams;
-    return ZSTDMT_initCStream_internal(zcs, NULL, 0, ZSTD_dm_auto, NULL, cctxParams, 0);
+    return ZSTDMT_initCStream_internal(zcs, NULL, 0, ZSTD_dm_auto, NULL, cctxParams, ZSTD_CONTENTSIZE_UNKNOWN);
 }
 
 
@@ -860,12 +903,12 @@ static size_t ZSTDMT_createCompressionJob(ZSTDMT_CCtx* zcs, size_t srcSize, unsi
 {
     unsigned const jobID = zcs->nextJobID & zcs->jobIDMask;
 
-    DEBUGLOG(4, "preparing job %u to compress %u bytes with %u preload ",
+    DEBUGLOG(5, "ZSTDMT_createCompressionJob: preparing job %u to compress %u bytes with %u preload ",
                 zcs->nextJobID, (U32)srcSize, (U32)zcs->dictSize);
     zcs->jobs[jobID].src = zcs->inBuff.buffer;
     zcs->jobs[jobID].srcStart = zcs->inBuff.buffer.start;
     zcs->jobs[jobID].srcSize = srcSize;
-    zcs->jobs[jobID].dictSize = zcs->dictSize;
+    zcs->jobs[jobID].prefixSize = zcs->dictSize;
     assert(zcs->inBuff.filled >= srcSize + zcs->dictSize);
     zcs->jobs[jobID].params = zcs->params;
     /* do not calculate checksum within sections, but write it in header for first section */
@@ -911,7 +954,7 @@ static size_t ZSTDMT_createCompressionJob(ZSTDMT_CCtx* zcs, size_t srcSize, unsi
             zcs->params.fParams.checksumFlag = 0;
     }   }
 
-    DEBUGLOG(4, "posting job %u : %u bytes  (end:%u) (note : doneJob = %u=>%u)",
+    DEBUGLOG(5, "ZSTDMT_createCompressionJob: posting job %u : %u bytes  (end:%u) (note : doneJob = %u=>%u)",
                 zcs->nextJobID,
                 (U32)zcs->jobs[jobID].srcSize,
                 zcs->jobs[jobID].lastChunk,
@@ -930,6 +973,7 @@ static size_t ZSTDMT_createCompressionJob(ZSTDMT_CCtx* zcs, size_t srcSize, unsi
 static size_t ZSTDMT_flushNextJob(ZSTDMT_CCtx* zcs, ZSTD_outBuffer* output, unsigned blockToFlush)
 {
     unsigned const wJobID = zcs->doneJobID & zcs->jobIDMask;
+    DEBUGLOG(5, "ZSTDMT_flushNextJob");
     if (zcs->doneJobID == zcs->nextJobID) return 0;   /* all flushed ! */
     ZSTD_PTHREAD_MUTEX_LOCK(&zcs->jobCompleted_mutex);
     while (zcs->jobs[wJobID].jobCompleted==0) {
@@ -942,7 +986,8 @@ static size_t ZSTDMT_flushNextJob(ZSTDMT_CCtx* zcs, ZSTD_outBuffer* output, unsi
     {   ZSTDMT_jobDescription job = zcs->jobs[wJobID];
         if (!job.jobScanned) {
             if (ZSTD_isError(job.cSize)) {
-                DEBUGLOG(5, "compression error detected ");
+                DEBUGLOG(5, "job %u : compression error detected : %s",
+                            zcs->doneJobID, ZSTD_getErrorName(job.cSize));
                 ZSTDMT_waitForAllJobsCompleted(zcs);
                 ZSTDMT_releaseAllJobResources(zcs);
                 return job.cSize;
@@ -991,15 +1036,18 @@ size_t ZSTDMT_compressStream_generic(ZSTDMT_CCtx* mtctx,
 {
     size_t const newJobThreshold = mtctx->dictSize + mtctx->targetSectionSize;
     unsigned forwardInputProgress = 0;
+    DEBUGLOG(5, "ZSTDMT_compressStream_generic ");
     assert(output->pos <= output->size);
     assert(input->pos  <= input->size);
+
+    if (mtctx->singleThreaded) {  /* delegate to single-thread (synchronous) */
+        return ZSTD_compressStream_generic(mtctx->cctxPool->cctx[0], output, input, endOp);
+    }
+
     if ((mtctx->frameEnded) && (endOp==ZSTD_e_continue)) {
         /* current frame being ended. Only flush/end are allowed */
         return ERROR(stage_wrong);
     }
-    if (mtctx->params.nbThreads==1) {  /* delegate to single-thread (synchronous) */
-        return ZSTD_compressStream_generic(mtctx->cctxPool->cctx[0], output, input, endOp);
-    }
 
     /* single-pass shortcut (note : synchronous-mode) */
     if ( (mtctx->nextJobID == 0)     /* just started */
@@ -1068,32 +1116,34 @@ size_t ZSTDMT_compressStream(ZSTDMT_CCtx* zcs, ZSTD_outBuffer* output, ZSTD_inBu
 }
 
 
-static size_t ZSTDMT_flushStream_internal(ZSTDMT_CCtx* zcs, ZSTD_outBuffer* output, unsigned endFrame)
+static size_t ZSTDMT_flushStream_internal(ZSTDMT_CCtx* mtctx, ZSTD_outBuffer* output, unsigned endFrame)
 {
-    size_t const srcSize = zcs->inBuff.filled - zcs->dictSize;
+    size_t const srcSize = mtctx->inBuff.filled - mtctx->dictSize;
+    DEBUGLOG(5, "ZSTDMT_flushStream_internal");
 
-    if ( ((srcSize > 0) || (endFrame && !zcs->frameEnded))
-       && (zcs->nextJobID <= zcs->doneJobID + zcs->jobIDMask) ) {
-        CHECK_F( ZSTDMT_createCompressionJob(zcs, srcSize, endFrame) );
+    if ( ((srcSize > 0) || (endFrame && !mtctx->frameEnded))
+       && (mtctx->nextJobID <= mtctx->doneJobID + mtctx->jobIDMask) ) {
+           DEBUGLOG(5, "ZSTDMT_flushStream_internal : create a new job");
+        CHECK_F( ZSTDMT_createCompressionJob(mtctx, srcSize, endFrame) );
     }
 
     /* check if there is any data available to flush */
-    return ZSTDMT_flushNextJob(zcs, output, 1 /* blockToFlush */);
+    return ZSTDMT_flushNextJob(mtctx, output, 1 /* blockToFlush */);
 }
 
 
-size_t ZSTDMT_flushStream(ZSTDMT_CCtx* zcs, ZSTD_outBuffer* output)
+size_t ZSTDMT_flushStream(ZSTDMT_CCtx* mtctx, ZSTD_outBuffer* output)
 {
     DEBUGLOG(5, "ZSTDMT_flushStream");
-    if (zcs->params.nbThreads==1)
-        return ZSTD_flushStream(zcs->cctxPool->cctx[0], output);
-    return ZSTDMT_flushStream_internal(zcs, output, 0 /* endFrame */);
+    if (mtctx->singleThreaded)
+        return ZSTD_flushStream(mtctx->cctxPool->cctx[0], output);
+    return ZSTDMT_flushStream_internal(mtctx, output, 0 /* endFrame */);
 }
 
-size_t ZSTDMT_endStream(ZSTDMT_CCtx* zcs, ZSTD_outBuffer* output)
+size_t ZSTDMT_endStream(ZSTDMT_CCtx* mtctx, ZSTD_outBuffer* output)
 {
     DEBUGLOG(4, "ZSTDMT_endStream");
-    if (zcs->params.nbThreads==1)
-        return ZSTD_endStream(zcs->cctxPool->cctx[0], output);
-    return ZSTDMT_flushStream_internal(zcs, output, 1 /* endFrame */);
+    if (mtctx->singleThreaded)
+        return ZSTD_endStream(mtctx->cctxPool->cctx[0], output);
+    return ZSTDMT_flushStream_internal(mtctx, output, 1 /* endFrame */);
 }
diff --git a/thirdparty/zstd/compress/zstdmt_compress.h b/thirdparty/zstd/compress/zstdmt_compress.h
index 8c59c684f1..d12f0adb8d 100644
--- a/thirdparty/zstd/compress/zstdmt_compress.h
+++ b/thirdparty/zstd/compress/zstdmt_compress.h
@@ -50,7 +50,7 @@ ZSTDLIB_API size_t ZSTDMT_compressCCtx(ZSTDMT_CCtx* mtctx,
 /* ===   Streaming functions   === */
 
 ZSTDLIB_API size_t ZSTDMT_initCStream(ZSTDMT_CCtx* mtctx, int compressionLevel);
-ZSTDLIB_API size_t ZSTDMT_resetCStream(ZSTDMT_CCtx* mtctx, unsigned long long pledgedSrcSize);    /**< pledgedSrcSize is optional and can be zero == unknown */
+ZSTDLIB_API size_t ZSTDMT_resetCStream(ZSTDMT_CCtx* mtctx, unsigned long long pledgedSrcSize);  /**< if srcSize is not known at reset time, use ZSTD_CONTENTSIZE_UNKNOWN. Note: for compatibility with older programs, 0 means the same as ZSTD_CONTENTSIZE_UNKNOWN, but it may change in the future, to mean "empty" */
 
 ZSTDLIB_API size_t ZSTDMT_compressStream(ZSTDMT_CCtx* mtctx, ZSTD_outBuffer* output, ZSTD_inBuffer* input);
 
@@ -60,8 +60,8 @@ ZSTDLIB_API size_t ZSTDMT_endStream(ZSTDMT_CCtx* mtctx, ZSTD_outBuffer* output);
 
 /* ===   Advanced functions and parameters  === */
 
-#ifndef ZSTDMT_SECTION_SIZE_MIN
-#  define ZSTDMT_SECTION_SIZE_MIN (1U << 20)   /* 1 MB - Minimum size of each compression job */
+#ifndef ZSTDMT_JOBSIZE_MIN
+#  define ZSTDMT_JOBSIZE_MIN (1U << 20)   /* 1 MB - Minimum size of each compression job */
 #endif
 
 ZSTDLIB_API size_t ZSTDMT_compress_advanced(ZSTDMT_CCtx* mtctx,
@@ -84,13 +84,13 @@ ZSTDLIB_API size_t ZSTDMT_initCStream_usingCDict(ZSTDMT_CCtx* mtctx,
 /* ZSTDMT_parameter :
  * List of parameters that can be set using ZSTDMT_setMTCtxParameter() */
 typedef enum {
-    ZSTDMT_p_sectionSize,        /* size of input "section". Each section is compressed in parallel. 0 means default, which is dynamically determined within compression functions */
-    ZSTDMT_p_overlapSectionLog   /* Log of overlapped section; 0 == no overlap, 6(default) == use 1/8th of window, >=9 == use full window */
+    ZSTDMT_p_jobSize,           /* Each job is compressed in parallel. By default, this value is dynamically determined depending on compression parameters. Can be set explicitly here. */
+    ZSTDMT_p_overlapSectionLog  /* Each job may reload a part of previous job to enhance compressionr ratio; 0 == no overlap, 6(default) == use 1/8th of window, >=9 == use full window */
 } ZSTDMT_parameter;
 
 /* ZSTDMT_setMTCtxParameter() :
  * allow setting individual parameters, one at a time, among a list of enums defined in ZSTDMT_parameter.
- * The function must be called typically after ZSTD_createCCtx().
+ * The function must be called typically after ZSTD_createCCtx() but __before ZSTDMT_init*() !__
  * Parameters not explicitly reset by ZSTDMT_init*() remain the same in consecutive compression sessions.
  * @return : 0, or an error code (which can be tested using ZSTD_isError()) */
 ZSTDLIB_API size_t ZSTDMT_setMTCtxParameter(ZSTDMT_CCtx* mtctx, ZSTDMT_parameter parameter, unsigned value);
@@ -112,7 +112,15 @@ ZSTDLIB_API size_t ZSTDMT_compressStream_generic(ZSTDMT_CCtx* mtctx,
 
 size_t ZSTDMT_CCtxParam_setMTCtxParameter(ZSTD_CCtx_params* params, ZSTDMT_parameter parameter, unsigned value);
 
-size_t ZSTDMT_initializeCCtxParameters(ZSTD_CCtx_params* params, unsigned nbThreads);
+/* ZSTDMT_CCtxParam_setNbThreads()
+ * Set nbThreads, and clamp it correctly,
+ * also reset jobSize and overlapLog */
+size_t ZSTDMT_CCtxParam_setNbThreads(ZSTD_CCtx_params* params, unsigned nbThreads);
+
+/* ZSTDMT_getNbThreads():
+ * @return nb threads currently active in mtctx.
+ * mtctx must be valid */
+size_t ZSTDMT_getNbThreads(const ZSTDMT_CCtx* mtctx);
 
 /*! ZSTDMT_initCStream_internal() :
  *  Private use only. Init streaming operation.
diff --git a/thirdparty/zstd/decompress/zstd_decompress.c b/thirdparty/zstd/decompress/zstd_decompress.c
index 96fc609089..a59d944112 100644
--- a/thirdparty/zstd/decompress/zstd_decompress.c
+++ b/thirdparty/zstd/decompress/zstd_decompress.c
@@ -827,9 +827,9 @@ typedef struct {
     FSE_DState_t stateOffb;
     FSE_DState_t stateML;
     size_t prevOffset[ZSTD_REP_NUM];
-    const BYTE* base;
+    const BYTE* prefixStart;
+    const BYTE* dictEnd;
     size_t pos;
-    uPtrDiff gotoDict;
 } seqState_t;
 
 
@@ -1224,8 +1224,9 @@ seq_t ZSTD_decodeSequenceLong(seqState_t* seqState, ZSTD_longOffset_e const long
         BIT_reloadDStream(&seqState->DStream);
 
     {   size_t const pos = seqState->pos + seq.litLength;
-        seq.match = seqState->base + pos - seq.offset;    /* single memory segment */
-        if (seq.offset > pos) seq.match += seqState->gotoDict;   /* separate memory segment */
+        const BYTE* const matchBase = (seq.offset > pos) ? seqState->dictEnd : seqState->prefixStart;
+        seq.match = matchBase + pos - seq.offset;  /* note : this operation can overflow when seq.offset is really too large, which can only happen when input is corrupted.
+                                                    * No consequence though : no memory access will occur, overly large offset will be detected in ZSTD_execSequenceLong() */
         seqState->pos = pos + seq.matchLength;
     }
 
@@ -1243,7 +1244,7 @@ HINT_INLINE
 size_t ZSTD_execSequenceLong(BYTE* op,
                              BYTE* const oend, seq_t sequence,
                              const BYTE** litPtr, const BYTE* const litLimit,
-                             const BYTE* const base, const BYTE* const vBase, const BYTE* const dictEnd)
+                             const BYTE* const prefixStart, const BYTE* const dictStart, const BYTE* const dictEnd)
 {
     BYTE* const oLitEnd = op + sequence.litLength;
     size_t const sequenceLength = sequence.litLength + sequence.matchLength;
@@ -1253,21 +1254,21 @@ size_t ZSTD_execSequenceLong(BYTE* op,
     const BYTE* match = sequence.match;
 
     /* check */
-    if (oMatchEnd>oend) return ERROR(dstSize_tooSmall); /* last match must start at a minimum distance of WILDCOPY_OVERLENGTH from oend */
+    if (oMatchEnd > oend) return ERROR(dstSize_tooSmall); /* last match must start at a minimum distance of WILDCOPY_OVERLENGTH from oend */
     if (iLitEnd > litLimit) return ERROR(corruption_detected);   /* over-read beyond lit buffer */
-    if (oLitEnd>oend_w) return ZSTD_execSequenceLast7(op, oend, sequence, litPtr, litLimit, base, vBase, dictEnd);
+    if (oLitEnd > oend_w) return ZSTD_execSequenceLast7(op, oend, sequence, litPtr, litLimit, prefixStart, dictStart, dictEnd);
 
     /* copy Literals */
-    ZSTD_copy8(op, *litPtr);
+    ZSTD_copy8(op, *litPtr);  /* note : op <= oLitEnd <= oend_w == oend - 8 */
     if (sequence.litLength > 8)
         ZSTD_wildcopy(op+8, (*litPtr)+8, sequence.litLength - 8);   /* note : since oLitEnd <= oend-WILDCOPY_OVERLENGTH, no risk of overwrite beyond oend */
     op = oLitEnd;
     *litPtr = iLitEnd;   /* update for next sequence */
 
     /* copy Match */
-    if (sequence.offset > (size_t)(oLitEnd - base)) {
+    if (sequence.offset > (size_t)(oLitEnd - prefixStart)) {
         /* offset beyond prefix */
-        if (sequence.offset > (size_t)(oLitEnd - vBase)) return ERROR(corruption_detected);
+        if (sequence.offset > (size_t)(oLitEnd - dictStart)) return ERROR(corruption_detected);
         if (match + sequence.matchLength <= dictEnd) {
             memmove(oLitEnd, match, sequence.matchLength);
             return sequenceLength;
@@ -1277,7 +1278,7 @@ size_t ZSTD_execSequenceLong(BYTE* op,
             memmove(oLitEnd, match, length1);
             op = oLitEnd + length1;
             sequence.matchLength -= length1;
-            match = base;
+            match = prefixStart;
             if (op > oend_w || sequence.matchLength < MINMATCH) {
               U32 i;
               for (i = 0; i < sequence.matchLength; ++i) op[i] = match[i];
@@ -1331,8 +1332,8 @@ static size_t ZSTD_decompressSequencesLong(
     BYTE* op = ostart;
     const BYTE* litPtr = dctx->litPtr;
     const BYTE* const litEnd = litPtr + dctx->litSize;
-    const BYTE* const base = (const BYTE*) (dctx->base);
-    const BYTE* const vBase = (const BYTE*) (dctx->vBase);
+    const BYTE* const prefixStart = (const BYTE*) (dctx->base);
+    const BYTE* const dictStart = (const BYTE*) (dctx->vBase);
     const BYTE* const dictEnd = (const BYTE*) (dctx->dictEnd);
     int nbSeq;
 
@@ -1353,9 +1354,9 @@ static size_t ZSTD_decompressSequencesLong(
         int seqNb;
         dctx->fseEntropy = 1;
         { U32 i; for (i=0; i<ZSTD_REP_NUM; i++) seqState.prevOffset[i] = dctx->entropy.rep[i]; }
-        seqState.base = base;
-        seqState.pos = (size_t)(op-base);
-        seqState.gotoDict = (uPtrDiff)dictEnd - (uPtrDiff)base; /* cast to avoid undefined behaviour */
+        seqState.prefixStart = prefixStart;
+        seqState.pos = (size_t)(op-prefixStart);
+        seqState.dictEnd = dictEnd;
         CHECK_E(BIT_initDStream(&seqState.DStream, ip, iend-ip), corruption_detected);
         FSE_initDState(&seqState.stateLL, &seqState.DStream, dctx->LLTptr);
         FSE_initDState(&seqState.stateOffb, &seqState.DStream, dctx->OFTptr);
@@ -1370,9 +1371,9 @@ static size_t ZSTD_decompressSequencesLong(
         /* decode and decompress */
         for ( ; (BIT_reloadDStream(&(seqState.DStream)) <= BIT_DStream_completed) && seqNb<nbSeq ; seqNb++) {
             seq_t const sequence = ZSTD_decodeSequenceLong(&seqState, isLongOffset);
-            size_t const oneSeqSize = ZSTD_execSequenceLong(op, oend, sequences[(seqNb-ADVANCED_SEQS) & STOSEQ_MASK], &litPtr, litEnd, base, vBase, dictEnd);
+            size_t const oneSeqSize = ZSTD_execSequenceLong(op, oend, sequences[(seqNb-ADVANCED_SEQS) & STOSEQ_MASK], &litPtr, litEnd, prefixStart, dictStart, dictEnd);
             if (ZSTD_isError(oneSeqSize)) return oneSeqSize;
-            PREFETCH(sequence.match);
+            PREFETCH(sequence.match);  /* note : it's safe to invoke PREFETCH() on any memory address, including invalid ones */
             sequences[seqNb&STOSEQ_MASK] = sequence;
             op += oneSeqSize;
         }
@@ -1381,7 +1382,7 @@ static size_t ZSTD_decompressSequencesLong(
         /* finish queue */
         seqNb -= seqAdvance;
         for ( ; seqNb<nbSeq ; seqNb++) {
-            size_t const oneSeqSize = ZSTD_execSequenceLong(op, oend, sequences[seqNb&STOSEQ_MASK], &litPtr, litEnd, base, vBase, dictEnd);
+            size_t const oneSeqSize = ZSTD_execSequenceLong(op, oend, sequences[seqNb&STOSEQ_MASK], &litPtr, litEnd, prefixStart, dictStart, dictEnd);
             if (ZSTD_isError(oneSeqSize)) return oneSeqSize;
             op += oneSeqSize;
         }
@@ -2450,14 +2451,16 @@ size_t ZSTD_decompressStream(ZSTD_DStream* zds, ZSTD_outBuffer* output, ZSTD_inB
                         return ZSTD_decompressLegacyStream(zds->legacyContext, legacyVersion, output, input);
                     }
 #endif
-                    return hSize; /* error */
+                    return hSize;   /* error */
                 }
                 if (hSize != 0) {   /* need more input */
                     size_t const toLoad = hSize - zds->lhSize;   /* if hSize!=0, hSize > zds->lhSize */
-                    if (toLoad > (size_t)(iend-ip)) {   /* not enough input to load full header */
-                        if (iend-ip > 0) {
-                            memcpy(zds->headerBuffer + zds->lhSize, ip, iend-ip);
-                            zds->lhSize += iend-ip;
+                    size_t const remainingInput = (size_t)(iend-ip);
+                    assert(iend >= ip);
+                    if (toLoad > remainingInput) {   /* not enough input to load full header */
+                        if (remainingInput > 0) {
+                            memcpy(zds->headerBuffer + zds->lhSize, ip, remainingInput);
+                            zds->lhSize += remainingInput;
                         }
                         input->pos = input->size;
                         return (MAX(ZSTD_frameHeaderSize_min, hSize) - zds->lhSize) + ZSTD_blockHeaderSize;   /* remaining header bytes + next block header */
@@ -2472,8 +2475,10 @@ size_t ZSTD_decompressStream(ZSTD_DStream* zds, ZSTD_outBuffer* output, ZSTD_inB
                 && (U64)(size_t)(oend-op) >= zds->fParams.frameContentSize) {
                 size_t const cSize = ZSTD_findFrameCompressedSize(istart, iend-istart);
                 if (cSize <= (size_t)(iend-istart)) {
+                    /* shortcut : using single-pass mode */
                     size_t const decompressedSize = ZSTD_decompress_usingDDict(zds, op, oend-op, istart, cSize, zds->ddict);
                     if (ZSTD_isError(decompressedSize)) return decompressedSize;
+                    DEBUGLOG(4, "shortcut to single-pass ZSTD_decompress_usingDDict()")
                     ip = istart + cSize;
                     op += decompressedSize;
                     zds->expected = 0;
@@ -2496,8 +2501,9 @@ size_t ZSTD_decompressStream(ZSTD_DStream* zds, ZSTD_outBuffer* output, ZSTD_inB
             }
 
             /* control buffer memory usage */
-            DEBUGLOG(4, "Control max buffer memory usage (max %u KB)",
-                        (U32)(zds->maxWindowSize >> 10));
+            DEBUGLOG(4, "Control max memory usage (%u KB <= max %u KB)",
+                        (U32)(zds->fParams.windowSize >>10),
+                        (U32)(zds->maxWindowSize >> 10) );
             zds->fParams.windowSize = MAX(zds->fParams.windowSize, 1U << ZSTD_WINDOWLOG_ABSOLUTEMIN);
             if (zds->fParams.windowSize > zds->maxWindowSize) return ERROR(frameParameter_windowTooLarge);
 
@@ -2555,17 +2561,21 @@ size_t ZSTD_decompressStream(ZSTD_DStream* zds, ZSTD_outBuffer* output, ZSTD_inB
             /* fall-through */
         case zdss_load:
             {   size_t const neededInSize = ZSTD_nextSrcSizeToDecompress(zds);
-                size_t const toLoad = neededInSize - zds->inPos;   /* should always be <= remaining space within inBuff */
+                size_t const toLoad = neededInSize - zds->inPos;
+                int const isSkipFrame = ZSTD_isSkipFrame(zds);
                 size_t loadedSize;
-                if (toLoad > zds->inBuffSize - zds->inPos) return ERROR(corruption_detected);   /* should never happen */
-                loadedSize = ZSTD_limitCopy(zds->inBuff + zds->inPos, toLoad, ip, iend-ip);
+                if (isSkipFrame) {
+                    loadedSize = MIN(toLoad, (size_t)(iend-ip));
+                } else {
+                    if (toLoad > zds->inBuffSize - zds->inPos) return ERROR(corruption_detected);   /* should never happen */
+                    loadedSize = ZSTD_limitCopy(zds->inBuff + zds->inPos, toLoad, ip, iend-ip);
+                }
                 ip += loadedSize;
                 zds->inPos += loadedSize;
                 if (loadedSize < toLoad) { someMoreWork = 0; break; }   /* not enough input, wait for more */
 
                 /* decode loaded input */
-                {  const int isSkipFrame = ZSTD_isSkipFrame(zds);
-                   size_t const decodedSize = ZSTD_decompressContinue(zds,
+                {   size_t const decodedSize = ZSTD_decompressContinue(zds,
                         zds->outBuff + zds->outStart, zds->outBuffSize - zds->outStart,
                         zds->inBuff, neededInSize);
                     if (ZSTD_isError(decodedSize)) return decodedSize;
diff --git a/thirdparty/zstd/zstd.h b/thirdparty/zstd/zstd.h
index 2194a3b23d..9ac0a73dce 100644
--- a/thirdparty/zstd/zstd.h
+++ b/thirdparty/zstd/zstd.h
@@ -59,7 +59,7 @@ extern "C" {
 /*------   Version   ------*/
 #define ZSTD_VERSION_MAJOR    1
 #define ZSTD_VERSION_MINOR    3
-#define ZSTD_VERSION_RELEASE  2
+#define ZSTD_VERSION_RELEASE  3
 
 #define ZSTD_VERSION_NUMBER  (ZSTD_VERSION_MAJOR *100*100 + ZSTD_VERSION_MINOR *100 + ZSTD_VERSION_RELEASE)
 ZSTDLIB_API unsigned ZSTD_versionNumber(void);   /**< useful to check dll version */
@@ -131,7 +131,7 @@ ZSTDLIB_API unsigned long long ZSTD_getDecompressedSize(const void* src, size_t
 
 
 /*======  Helper functions  ======*/
-#define ZSTD_COMPRESSBOUND(srcSize)   ((srcSize) + ((srcSize)>>8) + (((srcSize) < 128 KB) ? ((128 KB - (srcSize)) >> 11) /* margin, from 64 to 0 */ : 0))  /* this formula ensures that bound(A) + bound(B) <= bound(A+B) as long as A and B >= 128 KB */
+#define ZSTD_COMPRESSBOUND(srcSize)   ((srcSize) + ((srcSize)>>8) + (((srcSize) < (128<<10)) ? (((128<<10) - (srcSize)) >> 11) /* margin, from 64 to 0 */ : 0))  /* this formula ensures that bound(A) + bound(B) <= bound(A+B) as long as A and B >= 128 KB */
 ZSTDLIB_API size_t      ZSTD_compressBound(size_t srcSize); /*!< maximum compressed size in worst case scenario */
 ZSTDLIB_API unsigned    ZSTD_isError(size_t code);          /*!< tells if a `size_t` function result is an error code */
 ZSTDLIB_API const char* ZSTD_getErrorName(size_t code);     /*!< provides readable string from an error code */
@@ -432,12 +432,12 @@ typedef struct {
 
 typedef struct ZSTD_CCtx_params_s ZSTD_CCtx_params;
 
-/*= Custom memory allocation functions */
+/*--- Custom memory allocation functions ---*/
 typedef void* (*ZSTD_allocFunction) (void* opaque, size_t size);
 typedef void  (*ZSTD_freeFunction) (void* opaque, void* address);
 typedef struct { ZSTD_allocFunction customAlloc; ZSTD_freeFunction customFree; void* opaque; } ZSTD_customMem;
 /* use this constant to defer to stdlib's functions */
-static const ZSTD_customMem ZSTD_defaultCMem = { NULL, NULL, NULL };
+static ZSTD_customMem const ZSTD_defaultCMem = { NULL, NULL, NULL };
 
 
 /***************************************
@@ -446,7 +446,7 @@ static const ZSTD_customMem ZSTD_defaultCMem = { NULL, NULL, NULL };
 
 /*! ZSTD_findFrameCompressedSize() :
  *  `src` should point to the start of a ZSTD encoded frame or skippable frame
- *  `srcSize` must be at least as large as the frame
+ *  `srcSize` must be >= first frame size
  *  @return : the compressed size of the first frame starting at `src`,
  *            suitable to pass to `ZSTD_decompress` or similar,
  *            or an error code if input is invalid */
@@ -557,7 +557,8 @@ ZSTDLIB_API ZSTD_CCtx* ZSTD_createCCtx_advanced(ZSTD_customMem customMem);
  *             It must outlive context usage.
  *  workspaceSize: Use ZSTD_estimateCCtxSize() or ZSTD_estimateCStreamSize()
  *                 to determine how large workspace must be to support scenario.
- * @return : pointer to ZSTD_CCtx*, or NULL if error (size too small)
+ * @return : pointer to ZSTD_CCtx* (same address as workspace, but different type),
+ *           or NULL if error (typically size too small)
  *  Note : zstd will never resize nor malloc() when using a static cctx.
  *         If it needs more memory than available, it will simply error out.
  *  Note 2 : there is no corresponding "free" function.
@@ -587,7 +588,7 @@ ZSTDLIB_API ZSTD_CDict* ZSTD_createCDict_advanced(const void* dict, size_t dictS
                                                   ZSTD_compressionParameters cParams,
                                                   ZSTD_customMem customMem);
 
-/*! ZSTD_initStaticCDict_advanced() :
+/*! ZSTD_initStaticCDict() :
  *  Generate a digested dictionary in provided memory area.
  *  workspace: The memory area to emplace the dictionary into.
  *             Provided pointer must 8-bytes aligned.
@@ -596,7 +597,8 @@ ZSTDLIB_API ZSTD_CDict* ZSTD_createCDict_advanced(const void* dict, size_t dictS
  *                 to determine how large workspace must be.
  *  cParams : use ZSTD_getCParams() to transform a compression level
  *            into its relevants cParams.
- * @return : pointer to ZSTD_CDict*, or NULL if error (size too small)
+ * @return : pointer to ZSTD_CDict* (same address as workspace, but different type),
+ *           or NULL if error (typically, size too small).
  *  Note : there is no corresponding "free" function.
  *         Since workspace was allocated externally, it must be freed externally.
  */
@@ -613,7 +615,7 @@ ZSTDLIB_API ZSTD_compressionParameters ZSTD_getCParams(int compressionLevel, uns
 
 /*! ZSTD_getParams() :
 *   same as ZSTD_getCParams(), but @return a full `ZSTD_parameters` object instead of sub-component `ZSTD_compressionParameters`.
-*   All fields of `ZSTD_frameParameters` are set to default (0) */
+*   All fields of `ZSTD_frameParameters` are set to default : contentSize=1, checksum=0, noDictID=0 */
 ZSTDLIB_API ZSTD_parameters ZSTD_getParams(int compressionLevel, unsigned long long estimatedSrcSize, size_t dictSize);
 
 /*! ZSTD_checkCParams() :
@@ -660,7 +662,8 @@ ZSTDLIB_API ZSTD_DCtx* ZSTD_createDCtx_advanced(ZSTD_customMem customMem);
  *             It must outlive context usage.
  *  workspaceSize: Use ZSTD_estimateDCtxSize() or ZSTD_estimateDStreamSize()
  *                 to determine how large workspace must be to support scenario.
- * @return : pointer to ZSTD_DCtx*, or NULL if error (size too small)
+ * @return : pointer to ZSTD_DCtx* (same address as workspace, but different type),
+ *           or NULL if error (typically size too small)
  *  Note : zstd will never resize nor malloc() when using a static dctx.
  *         If it needs more memory than available, it will simply error out.
  *  Note 2 : static dctx is incompatible with legacy support
@@ -731,20 +734,22 @@ ZSTDLIB_API unsigned ZSTD_getDictID_fromFrame(const void* src, size_t srcSize);
 /*=====   Advanced Streaming compression functions  =====*/
 ZSTDLIB_API ZSTD_CStream* ZSTD_createCStream_advanced(ZSTD_customMem customMem);
 ZSTDLIB_API ZSTD_CStream* ZSTD_initStaticCStream(void* workspace, size_t workspaceSize);    /**< same as ZSTD_initStaticCCtx() */
-ZSTDLIB_API size_t ZSTD_initCStream_srcSize(ZSTD_CStream* zcs, int compressionLevel, unsigned long long pledgedSrcSize);   /**< pledgedSrcSize must be correct, a size of 0 means unknown.  for a frame size of 0 use initCStream_advanced */
+ZSTDLIB_API size_t ZSTD_initCStream_srcSize(ZSTD_CStream* zcs, int compressionLevel, unsigned long long pledgedSrcSize);   /**< pledgedSrcSize must be correct. If it is not known at init time, use ZSTD_CONTENTSIZE_UNKNOWN. Note that, for compatibility with older programs, "0" also disables frame content size field. It may be enabled in the future. */
 ZSTDLIB_API size_t ZSTD_initCStream_usingDict(ZSTD_CStream* zcs, const void* dict, size_t dictSize, int compressionLevel); /**< creates of an internal CDict (incompatible with static CCtx), except if dict == NULL or dictSize < 8, in which case no dict is used. Note: dict is loaded with ZSTD_dm_auto (treated as a full zstd dictionary if it begins with ZSTD_MAGIC_DICTIONARY, else as raw content) and ZSTD_dlm_byCopy.*/
 ZSTDLIB_API size_t ZSTD_initCStream_advanced(ZSTD_CStream* zcs, const void* dict, size_t dictSize,
-                                             ZSTD_parameters params, unsigned long long pledgedSrcSize);  /**< pledgedSrcSize is optional and can be 0 (meaning unknown). note: if the contentSizeFlag is set, pledgedSrcSize == 0 means the source size is actually 0. dict is loaded with ZSTD_dm_auto and ZSTD_dlm_byCopy. */
+                                             ZSTD_parameters params, unsigned long long pledgedSrcSize);  /**< pledgedSrcSize must be correct. If srcSize is not known at init time, use value ZSTD_CONTENTSIZE_UNKNOWN. dict is loaded with ZSTD_dm_auto and ZSTD_dlm_byCopy. */
 ZSTDLIB_API size_t ZSTD_initCStream_usingCDict(ZSTD_CStream* zcs, const ZSTD_CDict* cdict);  /**< note : cdict will just be referenced, and must outlive compression session */
-ZSTDLIB_API size_t ZSTD_initCStream_usingCDict_advanced(ZSTD_CStream* zcs, const ZSTD_CDict* cdict, ZSTD_frameParameters fParams, unsigned long long pledgedSrcSize);  /**< same as ZSTD_initCStream_usingCDict(), with control over frame parameters */
+ZSTDLIB_API size_t ZSTD_initCStream_usingCDict_advanced(ZSTD_CStream* zcs, const ZSTD_CDict* cdict, ZSTD_frameParameters fParams, unsigned long long pledgedSrcSize);  /**< same as ZSTD_initCStream_usingCDict(), with control over frame parameters. pledgedSrcSize must be correct. If srcSize is not known at init time, use value ZSTD_CONTENTSIZE_UNKNOWN. */
 
 /*! ZSTD_resetCStream() :
  *  start a new compression job, using same parameters from previous job.
  *  This is typically useful to skip dictionary loading stage, since it will re-use it in-place..
  *  Note that zcs must be init at least once before using ZSTD_resetCStream().
- *  pledgedSrcSize==0 means "srcSize unknown".
+ *  If pledgedSrcSize is not known at reset time, use macro ZSTD_CONTENTSIZE_UNKNOWN.
  *  If pledgedSrcSize > 0, its value must be correct, as it will be written in header, and controlled at the end.
- *  @return : 0, or an error code (which can be tested using ZSTD_isError()) */
+ *  For the time being, pledgedSrcSize==0 is interpreted as "srcSize unknown" for compatibility with older programs,
+ *  but it may change to mean "empty" in some future version, so prefer using macro ZSTD_CONTENTSIZE_UNKNOWN.
+ * @return : 0, or an error code (which can be tested using ZSTD_isError()) */
 ZSTDLIB_API size_t ZSTD_resetCStream(ZSTD_CStream* zcs, unsigned long long pledgedSrcSize);
 
 
@@ -800,10 +805,10 @@ ZSTDLIB_API size_t ZSTD_resetDStream(ZSTD_DStream* zds);  /**< re-use decompress
 /*=====   Buffer-less streaming compression functions  =====*/
 ZSTDLIB_API size_t ZSTD_compressBegin(ZSTD_CCtx* cctx, int compressionLevel);
 ZSTDLIB_API size_t ZSTD_compressBegin_usingDict(ZSTD_CCtx* cctx, const void* dict, size_t dictSize, int compressionLevel);
-ZSTDLIB_API size_t ZSTD_compressBegin_advanced(ZSTD_CCtx* cctx, const void* dict, size_t dictSize, ZSTD_parameters params, unsigned long long pledgedSrcSize); /**< pledgedSrcSize is optional and can be 0 (meaning unknown). note: if the contentSizeFlag is set, pledgedSrcSize == 0 means the source size is actually 0 */
+ZSTDLIB_API size_t ZSTD_compressBegin_advanced(ZSTD_CCtx* cctx, const void* dict, size_t dictSize, ZSTD_parameters params, unsigned long long pledgedSrcSize); /**< pledgedSrcSize : If srcSize is not known at init time, use ZSTD_CONTENTSIZE_UNKNOWN */
 ZSTDLIB_API size_t ZSTD_compressBegin_usingCDict(ZSTD_CCtx* cctx, const ZSTD_CDict* cdict); /**< note: fails if cdict==NULL */
-ZSTDLIB_API size_t ZSTD_compressBegin_usingCDict_advanced(ZSTD_CCtx* const cctx, const ZSTD_CDict* const cdict, ZSTD_frameParameters const fParams, unsigned long long const pledgedSrcSize);   /* compression parameters are already set within cdict. pledgedSrcSize=0 means null-size */
-ZSTDLIB_API size_t ZSTD_copyCCtx(ZSTD_CCtx* cctx, const ZSTD_CCtx* preparedCCtx, unsigned long long pledgedSrcSize); /**<  note: if pledgedSrcSize can be 0, indicating unknown size.  if it is non-zero, it must be accurate.  for 0 size frames, use compressBegin_advanced */
+ZSTDLIB_API size_t ZSTD_compressBegin_usingCDict_advanced(ZSTD_CCtx* const cctx, const ZSTD_CDict* const cdict, ZSTD_frameParameters const fParams, unsigned long long const pledgedSrcSize);   /* compression parameters are already set within cdict. pledgedSrcSize must be correct. If srcSize is not known, use macro ZSTD_CONTENTSIZE_UNKNOWN */
+ZSTDLIB_API size_t ZSTD_copyCCtx(ZSTD_CCtx* cctx, const ZSTD_CCtx* preparedCCtx, unsigned long long pledgedSrcSize); /**<  note: if pledgedSrcSize is not known, use ZSTD_CONTENTSIZE_UNKNOWN */
 
 ZSTDLIB_API size_t ZSTD_compressContinue(ZSTD_CCtx* cctx, void* dst, size_t dstCapacity, const void* src, size_t srcSize);
 ZSTDLIB_API size_t ZSTD_compressEnd(ZSTD_CCtx* cctx, void* dst, size_t dstCapacity, const void* src, size_t srcSize);
@@ -1000,18 +1005,19 @@ typedef enum {
                               * Special: value 0 means "do not change strategy". */
 
     /* frame parameters */
-    ZSTD_p_contentSizeFlag=200, /* Content size is written into frame header _whenever known_ (default:1)
-                              * note that content size must be known at the beginning,
-                              * it is sent using ZSTD_CCtx_setPledgedSrcSize() */
+    ZSTD_p_contentSizeFlag=200, /* Content size will be written into frame header _whenever known_ (default:1)
+                              * Content size must be known at the beginning of compression,
+                              * it is provided using ZSTD_CCtx_setPledgedSrcSize() */
     ZSTD_p_checksumFlag,     /* A 32-bits checksum of content is written at end of frame (default:0) */
-    ZSTD_p_dictIDFlag,       /* When applicable, dictID of dictionary is provided in frame header (default:1) */
+    ZSTD_p_dictIDFlag,       /* When applicable, dictionary's ID is written into frame header (default:1) */
 
     /* multi-threading parameters */
     ZSTD_p_nbThreads=400,    /* Select how many threads a compression job can spawn (default:1)
                               * More threads improve speed, but also increase memory usage.
                               * Can only receive a value > 1 if ZSTD_MULTITHREAD is enabled.
                               * Special: value 0 means "do not change nbThreads" */
-    ZSTD_p_jobSize,          /* Size of a compression job. Each compression job is completed in parallel.
+    ZSTD_p_jobSize,          /* Size of a compression job. This value is only enforced in streaming (non-blocking) mode.
+                              * Each compression job is completed in parallel, so indirectly controls the nb of active threads.
                               * 0 means default, which is dynamically determined based on compression parameters.
                               * Job size must be a minimum of overlapSize, or 1 KB, whichever is largest
                               * The minimum size is automatically and transparently enforced */
@@ -1057,7 +1063,8 @@ typedef enum {
 /*! ZSTD_CCtx_setParameter() :
  *  Set one compression parameter, selected by enum ZSTD_cParameter.
  *  Note : when `value` is an enum, cast it to unsigned for proper type checking.
- *  @result : 0, or an error code (which can be tested with ZSTD_isError()). */
+ *  @result : informational value (typically, the one being set, possibly corrected),
+ *            or an error code (which can be tested with ZSTD_isError()). */
 ZSTDLIB_API size_t ZSTD_CCtx_setParameter(ZSTD_CCtx* cctx, ZSTD_cParameter param, unsigned value);
 
 /*! ZSTD_CCtx_setPledgedSrcSize() :
@@ -1066,7 +1073,7 @@ ZSTDLIB_API size_t ZSTD_CCtx_setParameter(ZSTD_CCtx* cctx, ZSTD_cParameter param
  * @result : 0, or an error code (which can be tested with ZSTD_isError()).
  *  Note 1 : 0 means zero, empty.
  *           In order to mean "unknown content size", pass constant ZSTD_CONTENTSIZE_UNKNOWN.
- *           Note that ZSTD_CONTENTSIZE_UNKNOWN is default value for new compression jobs.
+ *           ZSTD_CONTENTSIZE_UNKNOWN is default value for any new compression job.
  *  Note 2 : If all data is provided and consumed in a single round,
  *           this value is overriden by srcSize instead. */
 ZSTDLIB_API size_t ZSTD_CCtx_setPledgedSrcSize(ZSTD_CCtx* cctx, unsigned long long pledgedSrcSize);
@@ -1138,13 +1145,19 @@ typedef enum {
  *  - Compression parameters cannot be changed once compression is started.
  *  - outpot->pos must be <= dstCapacity, input->pos must be <= srcSize
  *  - outpot->pos and input->pos will be updated. They are guaranteed to remain below their respective limit.
- *  - @return provides the minimum amount of data still to flush from internal buffers
+ *  - In single-thread mode (default), function is blocking : it completed its job before returning to caller.
+ *  - In multi-thread mode, function is non-blocking : it just acquires a copy of input, and distribute job to internal worker threads,
+ *                                                     and then immediately returns, just indicating that there is some data remaining to be flushed.
+ *                                                     The function nonetheless guarantees forward progress : it will return only after it reads or write at least 1+ byte.
+ *  - Exception : in multi-threading mode, if the first call requests a ZSTD_e_end directive, it is blocking : it will complete compression before giving back control to caller.
+ *  - @return provides the minimum amount of data remaining to be flushed from internal buffers
  *            or an error code, which can be tested using ZSTD_isError().
- *            if @return != 0, flush is not fully completed, there is some data left within internal buffers.
- *  - after a ZSTD_e_end directive, if internal buffer is not fully flushed,
+ *            if @return != 0, flush is not fully completed, there is still some data left within internal buffers.
+ *            This is useful to determine if a ZSTD_e_flush or ZSTD_e_end directive is completed.
+ *  - after a ZSTD_e_end directive, if internal buffer is not fully flushed (@return != 0),
  *            only ZSTD_e_end or ZSTD_e_flush operations are allowed.
- *            It is necessary to fully flush internal buffers
- *            before starting a new compression job, or changing compression parameters.
+ *            Before starting a new compression job, or changing compression parameters,
+ *            it is required to fully flush internal buffers.
  */
 ZSTDLIB_API size_t ZSTD_compress_generic (ZSTD_CCtx* cctx,
                                           ZSTD_outBuffer* output,